@feiyoug/skill-lab 0.0.1 → 0.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -21
- package/esm/analyzer/astgrep/client.d.ts +20 -8
- package/esm/analyzer/astgrep/client.d.ts.map +1 -1
- package/esm/analyzer/astgrep/client.js +58 -31
- package/esm/analyzer/config/default.d.ts +8 -0
- package/esm/analyzer/config/default.d.ts.map +1 -0
- package/esm/analyzer/config/default.js +91 -0
- package/esm/analyzer/config/helpers.d.ts +8 -0
- package/esm/analyzer/config/helpers.d.ts.map +1 -0
- package/esm/analyzer/config/helpers.js +72 -0
- package/esm/analyzer/config/mod.d.ts +4 -0
- package/esm/analyzer/config/mod.d.ts.map +1 -0
- package/esm/analyzer/config/mod.js +3 -0
- package/esm/analyzer/config/types.d.ts +58 -0
- package/esm/analyzer/config/types.d.ts.map +1 -0
- package/esm/analyzer/{config.js → config/types.js} +0 -28
- package/esm/analyzer/logging.d.ts +3 -0
- package/esm/analyzer/logging.d.ts.map +1 -0
- package/esm/analyzer/logging.js +6 -0
- package/esm/analyzer/mod.d.ts +12 -5
- package/esm/analyzer/mod.d.ts.map +1 -1
- package/esm/analyzer/mod.js +25 -12
- package/esm/analyzer/result.d.ts +35 -0
- package/esm/analyzer/result.d.ts.map +1 -0
- package/esm/analyzer/result.js +311 -0
- package/esm/analyzer/rules/bash/commands/mod.d.ts +1 -0
- package/esm/analyzer/rules/bash/commands/mod.d.ts.map +1 -1
- package/esm/analyzer/rules/bash/commands/mod.js +3 -0
- package/esm/analyzer/rules/bash/commands/pip.d.ts +3 -0
- package/esm/analyzer/rules/bash/commands/pip.d.ts.map +1 -0
- package/esm/analyzer/rules/bash/commands/pip.js +14 -0
- package/esm/analyzer/rules/bash/extractFileRefs.d.ts +1 -1
- package/esm/analyzer/rules/bash/extractFileRefs.d.ts.map +1 -1
- package/esm/analyzer/rules/bash/extractFileRefs.js +2 -2
- package/esm/analyzer/rules/bash/inline-command-classifier.d.ts +1 -1
- package/esm/analyzer/rules/bash/inline-command-classifier.d.ts.map +1 -1
- package/esm/analyzer/rules/bash/inline-command-classifier.js +4 -4
- package/esm/analyzer/rules/javascript/extractFileRefs.d.ts +3 -4
- package/esm/analyzer/rules/javascript/extractFileRefs.d.ts.map +1 -1
- package/esm/analyzer/rules/javascript/extractFileRefs.js +3 -4
- package/esm/analyzer/rules/markdown/extractCodeBlocks.d.ts.map +1 -1
- package/esm/analyzer/rules/markdown/extractCodeBlocks.js +6 -3
- package/esm/analyzer/rules/markdown/extractFileRefs.d.ts.map +1 -1
- package/esm/analyzer/rules/markdown/extractFileRefs.js +2 -0
- package/esm/analyzer/rules/python/extractFileRefs.d.ts +1 -1
- package/esm/analyzer/rules/python/extractFileRefs.d.ts.map +1 -1
- package/esm/analyzer/rules/python/extractFileRefs.js +2 -2
- package/esm/analyzer/steps/001-discovery/discover-files.d.ts +4 -0
- package/esm/analyzer/steps/001-discovery/discover-files.d.ts.map +1 -1
- package/esm/analyzer/steps/001-discovery/discover-files.js +18 -2
- package/esm/analyzer/steps/001-discovery/mod.d.ts.map +1 -1
- package/esm/analyzer/steps/001-discovery/mod.js +39 -9
- package/esm/analyzer/steps/002-permissions/mod.d.ts.map +1 -1
- package/esm/analyzer/steps/002-permissions/mod.js +156 -73
- package/esm/analyzer/steps/002-permissions/scan-file.d.ts +1 -1
- package/esm/analyzer/steps/002-permissions/scan-file.d.ts.map +1 -1
- package/esm/analyzer/steps/002-permissions/scan-file.js +40 -5
- package/esm/analyzer/steps/002-permissions/seed-frontmatter.js +2 -2
- package/esm/analyzer/steps/003-risks/dep-risks.d.ts +3 -0
- package/esm/analyzer/steps/003-risks/dep-risks.d.ts.map +1 -0
- package/esm/analyzer/steps/003-risks/dep-risks.js +74 -0
- package/esm/analyzer/steps/003-risks/helpers.d.ts +1 -0
- package/esm/analyzer/steps/003-risks/helpers.d.ts.map +1 -1
- package/esm/analyzer/steps/003-risks/helpers.js +1 -0
- package/esm/analyzer/steps/003-risks/mod.d.ts +3 -2
- package/esm/analyzer/steps/003-risks/mod.d.ts.map +1 -1
- package/esm/analyzer/steps/003-risks/mod.js +41 -4
- package/esm/analyzer/steps/003-risks/policy.d.ts +7 -0
- package/esm/analyzer/steps/003-risks/policy.d.ts.map +1 -0
- package/esm/analyzer/steps/003-risks/policy.js +23 -0
- package/esm/analyzer/steps/003-risks/rule-mapped.d.ts +2 -2
- package/esm/analyzer/steps/003-risks/rule-mapped.d.ts.map +1 -1
- package/esm/analyzer/steps/003-risks/rule-mapped.js +83 -2
- package/esm/analyzer/steps/003-risks/scoring.d.ts +9 -1
- package/esm/analyzer/steps/003-risks/scoring.d.ts.map +1 -1
- package/esm/analyzer/steps/003-risks/scoring.js +55 -42
- package/esm/analyzer/treesitter/client.d.ts +31 -0
- package/esm/analyzer/treesitter/client.d.ts.map +1 -0
- package/esm/analyzer/{treesiter → treesitter}/client.js +43 -39
- package/esm/analyzer/treesitter/registry.d.ts +73 -0
- package/esm/analyzer/treesitter/registry.d.ts.map +1 -0
- package/esm/analyzer/treesitter/registry.js +165 -0
- package/esm/analyzer/types.d.ts +14 -28
- package/esm/analyzer/types.d.ts.map +1 -1
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts +3 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts.map +1 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/deps.js +3 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts +93 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts.map +1 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/mod.js +297 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts +84 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts.map +1 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/multi.js +268 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts +18 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts.map +1 -0
- package/esm/deps/jsr.io/@deno-library/progress/1.5.1/time.js +45 -0
- package/esm/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts +700 -0
- package/esm/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts.map +1 -0
- package/esm/deps/jsr.io/@std/fmt/1.0.3/colors.js +903 -0
- package/esm/deps/jsr.io/@std/io/0.225.0/types.d.ts +146 -0
- package/esm/deps/jsr.io/@std/io/0.225.0/types.d.ts.map +1 -0
- package/esm/deps/jsr.io/@std/io/0.225.0/types.js +15 -0
- package/esm/deps/jsr.io/@std/io/0.225.0/write_all.d.ts +51 -0
- package/esm/deps/jsr.io/@std/io/0.225.0/write_all.d.ts.map +1 -0
- package/esm/deps/jsr.io/@std/io/0.225.0/write_all.js +61 -0
- package/esm/shared/deep_merge.d.ts +12 -0
- package/esm/shared/deep_merge.d.ts.map +1 -0
- package/esm/shared/deep_merge.js +49 -0
- package/esm/shared/mod.d.ts +1 -0
- package/esm/shared/mod.d.ts.map +1 -1
- package/esm/shared/mod.js +1 -0
- package/esm/shared/types/filetypes.d.ts +2 -2
- package/esm/shared/types/filetypes.d.ts.map +1 -1
- package/esm/shared/types/permissions.d.ts +1 -1
- package/esm/shared/types/permissions.d.ts.map +1 -1
- package/esm/shared/types/risks.d.ts +4 -1
- package/esm/shared/types/risks.d.ts.map +1 -1
- package/esm/skillreader/types.d.ts +2 -2
- package/esm/skillreader/types.d.ts.map +1 -1
- package/esm/skillreader/types.js +2 -2
- package/package.json +1 -1
- package/script/analyzer/astgrep/client.d.ts +20 -8
- package/script/analyzer/astgrep/client.d.ts.map +1 -1
- package/script/analyzer/astgrep/client.js +58 -64
- package/script/analyzer/config/default.d.ts +8 -0
- package/script/analyzer/config/default.d.ts.map +1 -0
- package/script/analyzer/config/default.js +94 -0
- package/script/analyzer/config/helpers.d.ts +8 -0
- package/script/analyzer/config/helpers.d.ts.map +1 -0
- package/script/analyzer/config/helpers.js +76 -0
- package/script/analyzer/config/mod.d.ts +4 -0
- package/script/analyzer/config/mod.d.ts.map +1 -0
- package/script/analyzer/config/mod.js +21 -0
- package/script/analyzer/config/types.d.ts +58 -0
- package/script/analyzer/config/types.d.ts.map +1 -0
- package/script/analyzer/{config.js → config/types.js} +1 -29
- package/script/analyzer/logging.d.ts +3 -0
- package/script/analyzer/logging.d.ts.map +1 -0
- package/script/analyzer/logging.js +9 -0
- package/script/analyzer/mod.d.ts +12 -5
- package/script/analyzer/mod.d.ts.map +1 -1
- package/script/analyzer/mod.js +35 -20
- package/script/analyzer/result.d.ts +35 -0
- package/script/analyzer/result.d.ts.map +1 -0
- package/script/analyzer/result.js +315 -0
- package/script/analyzer/rules/bash/commands/mod.d.ts +1 -0
- package/script/analyzer/rules/bash/commands/mod.d.ts.map +1 -1
- package/script/analyzer/rules/bash/commands/mod.js +3 -0
- package/script/analyzer/rules/bash/commands/pip.d.ts +3 -0
- package/script/analyzer/rules/bash/commands/pip.d.ts.map +1 -0
- package/script/analyzer/rules/bash/commands/pip.js +17 -0
- package/script/analyzer/rules/bash/extractFileRefs.d.ts +1 -1
- package/script/analyzer/rules/bash/extractFileRefs.d.ts.map +1 -1
- package/script/analyzer/rules/bash/extractFileRefs.js +2 -2
- package/script/analyzer/rules/bash/inline-command-classifier.d.ts +1 -1
- package/script/analyzer/rules/bash/inline-command-classifier.d.ts.map +1 -1
- package/script/analyzer/rules/bash/inline-command-classifier.js +4 -4
- package/script/analyzer/rules/javascript/extractFileRefs.d.ts +3 -4
- package/script/analyzer/rules/javascript/extractFileRefs.d.ts.map +1 -1
- package/script/analyzer/rules/javascript/extractFileRefs.js +3 -4
- package/script/analyzer/rules/markdown/extractCodeBlocks.d.ts.map +1 -1
- package/script/analyzer/rules/markdown/extractCodeBlocks.js +6 -3
- package/script/analyzer/rules/markdown/extractFileRefs.d.ts.map +1 -1
- package/script/analyzer/rules/markdown/extractFileRefs.js +2 -0
- package/script/analyzer/rules/python/extractFileRefs.d.ts +1 -1
- package/script/analyzer/rules/python/extractFileRefs.d.ts.map +1 -1
- package/script/analyzer/rules/python/extractFileRefs.js +2 -2
- package/script/analyzer/steps/001-discovery/discover-files.d.ts +4 -0
- package/script/analyzer/steps/001-discovery/discover-files.d.ts.map +1 -1
- package/script/analyzer/steps/001-discovery/discover-files.js +18 -2
- package/script/analyzer/steps/001-discovery/mod.d.ts.map +1 -1
- package/script/analyzer/steps/001-discovery/mod.js +77 -11
- package/script/analyzer/steps/002-permissions/mod.d.ts.map +1 -1
- package/script/analyzer/steps/002-permissions/mod.js +194 -75
- package/script/analyzer/steps/002-permissions/scan-file.d.ts +1 -1
- package/script/analyzer/steps/002-permissions/scan-file.d.ts.map +1 -1
- package/script/analyzer/steps/002-permissions/scan-file.js +40 -5
- package/script/analyzer/steps/002-permissions/seed-frontmatter.js +3 -3
- package/script/analyzer/steps/003-risks/dep-risks.d.ts +3 -0
- package/script/analyzer/steps/003-risks/dep-risks.d.ts.map +1 -0
- package/script/analyzer/steps/003-risks/dep-risks.js +77 -0
- package/script/analyzer/steps/003-risks/helpers.d.ts +1 -0
- package/script/analyzer/steps/003-risks/helpers.d.ts.map +1 -1
- package/script/analyzer/steps/003-risks/helpers.js +1 -0
- package/script/analyzer/steps/003-risks/mod.d.ts +3 -2
- package/script/analyzer/steps/003-risks/mod.d.ts.map +1 -1
- package/script/analyzer/steps/003-risks/mod.js +77 -4
- package/script/analyzer/steps/003-risks/policy.d.ts +7 -0
- package/script/analyzer/steps/003-risks/policy.d.ts.map +1 -0
- package/script/analyzer/steps/003-risks/policy.js +29 -0
- package/script/analyzer/steps/003-risks/rule-mapped.d.ts +2 -2
- package/script/analyzer/steps/003-risks/rule-mapped.d.ts.map +1 -1
- package/script/analyzer/steps/003-risks/rule-mapped.js +83 -2
- package/script/analyzer/steps/003-risks/scoring.d.ts +9 -1
- package/script/analyzer/steps/003-risks/scoring.d.ts.map +1 -1
- package/script/analyzer/steps/003-risks/scoring.js +55 -42
- package/script/analyzer/treesitter/client.d.ts +31 -0
- package/script/analyzer/treesitter/client.d.ts.map +1 -0
- package/script/analyzer/treesitter/client.js +136 -0
- package/script/analyzer/treesitter/registry.d.ts +73 -0
- package/script/analyzer/treesitter/registry.d.ts.map +1 -0
- package/script/analyzer/treesitter/registry.js +206 -0
- package/script/analyzer/types.d.ts +14 -28
- package/script/analyzer/types.d.ts.map +1 -1
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts +3 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/deps.d.ts.map +1 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/deps.js +10 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts +93 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/mod.d.ts.map +1 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/mod.js +334 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts +84 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/multi.d.ts.map +1 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/multi.js +305 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts +18 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/time.d.ts.map +1 -0
- package/script/deps/jsr.io/@deno-library/progress/1.5.1/time.js +48 -0
- package/script/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts +700 -0
- package/script/deps/jsr.io/@std/fmt/1.0.3/colors.d.ts.map +1 -0
- package/script/deps/jsr.io/@std/fmt/1.0.3/colors.js +986 -0
- package/script/deps/jsr.io/@std/io/0.225.0/types.d.ts +146 -0
- package/script/deps/jsr.io/@std/io/0.225.0/types.d.ts.map +1 -0
- package/script/deps/jsr.io/@std/io/0.225.0/types.js +18 -0
- package/script/deps/jsr.io/@std/io/0.225.0/write_all.d.ts +51 -0
- package/script/deps/jsr.io/@std/io/0.225.0/write_all.d.ts.map +1 -0
- package/script/deps/jsr.io/@std/io/0.225.0/write_all.js +65 -0
- package/script/shared/deep_merge.d.ts +12 -0
- package/script/shared/deep_merge.d.ts.map +1 -0
- package/script/shared/deep_merge.js +53 -0
- package/script/shared/mod.d.ts +1 -0
- package/script/shared/mod.d.ts.map +1 -1
- package/script/shared/mod.js +1 -0
- package/script/shared/types/filetypes.d.ts +2 -2
- package/script/shared/types/filetypes.d.ts.map +1 -1
- package/script/shared/types/permissions.d.ts +1 -1
- package/script/shared/types/permissions.d.ts.map +1 -1
- package/script/shared/types/risks.d.ts +4 -1
- package/script/shared/types/risks.d.ts.map +1 -1
- package/script/skillreader/types.d.ts +2 -2
- package/script/skillreader/types.d.ts.map +1 -1
- package/script/skillreader/types.js +2 -2
- package/src/_dnt.polyfills.ts +27 -0
- package/src/_dnt.shims.ts +64 -0
- package/src/analyzer/astgrep/client.ts +184 -0
- package/src/analyzer/astgrep/mod.ts +2 -0
- package/src/analyzer/config/default.ts +98 -0
- package/src/analyzer/config/helpers.ts +107 -0
- package/src/analyzer/config/mod.ts +3 -0
- package/src/analyzer/config/types.ts +103 -0
- package/src/analyzer/logging.ts +8 -0
- package/src/analyzer/mod.ts +118 -0
- package/src/analyzer/result.ts +393 -0
- package/src/analyzer/rules/bash/astTypes.ts +5 -0
- package/src/analyzer/rules/bash/commands/bd.ts +23 -0
- package/src/analyzer/rules/bash/commands/cron.ts +21 -0
- package/src/analyzer/rules/bash/commands/docker.ts +37 -0
- package/src/analyzer/rules/bash/commands/eval.ts +52 -0
- package/src/analyzer/rules/bash/commands/generic.ts +16 -0
- package/src/analyzer/rules/bash/commands/gh.ts +21 -0
- package/src/analyzer/rules/bash/commands/git.ts +28 -0
- package/src/analyzer/rules/bash/commands/mod.ts +38 -0
- package/src/analyzer/rules/bash/commands/node.ts +64 -0
- package/src/analyzer/rules/bash/commands/openspec.ts +16 -0
- package/src/analyzer/rules/bash/commands/pip.ts +16 -0
- package/src/analyzer/rules/bash/commands/sudo.ts +21 -0
- package/src/analyzer/rules/bash/destructive.ts +28 -0
- package/src/analyzer/rules/bash/extractFileRefs.ts +101 -0
- package/src/analyzer/rules/bash/filesystem.ts +50 -0
- package/src/analyzer/rules/bash/injection.ts +21 -0
- package/src/analyzer/rules/bash/inline-command-classifier.ts +94 -0
- package/src/analyzer/rules/bash/mod.ts +23 -0
- package/src/analyzer/rules/bash/network.ts +64 -0
- package/src/analyzer/rules/bash/secret-detection.ts +43 -0
- package/src/analyzer/rules/javascript/astTypes.ts +8 -0
- package/src/analyzer/rules/javascript/extractFileRefs.ts +131 -0
- package/src/analyzer/rules/javascript/filesystem.ts +28 -0
- package/src/analyzer/rules/javascript/injection.ts +21 -0
- package/src/analyzer/rules/javascript/mod.ts +26 -0
- package/src/analyzer/rules/javascript/network.ts +27 -0
- package/src/analyzer/rules/javascript/secret-detection.ts +68 -0
- package/src/analyzer/rules/javascript/subprocess.ts +16 -0
- package/src/analyzer/rules/markdown/astTypes.ts +35 -0
- package/src/analyzer/rules/markdown/extractCodeBlocks.ts +101 -0
- package/src/analyzer/rules/markdown/extractFileRefs.ts +179 -0
- package/src/analyzer/rules/markdown/mod.ts +12 -0
- package/src/analyzer/rules/mod.ts +77 -0
- package/src/analyzer/rules/python/astTypes.ts +9 -0
- package/src/analyzer/rules/python/extractFileRefs.ts +92 -0
- package/src/analyzer/rules/python/mod.ts +15 -0
- package/src/analyzer/rules/python/network.ts +26 -0
- package/src/analyzer/rules/python/secret-detection.ts +30 -0
- package/src/analyzer/rules/shared/file-refs.ts +38 -0
- package/src/analyzer/rules/shared/network-evaluators.ts +107 -0
- package/src/analyzer/rules/shared/prompt-injection.ts +48 -0
- package/src/analyzer/rules/shared/secret-evaluators.ts +13 -0
- package/src/analyzer/rules/text/mod.ts +12 -0
- package/src/analyzer/rules/typescript/mod.ts +7 -0
- package/src/analyzer/steps/001-discovery/discover-files.ts +211 -0
- package/src/analyzer/steps/001-discovery/filter-files.ts +72 -0
- package/src/analyzer/steps/001-discovery/mod.ts +103 -0
- package/src/analyzer/steps/002-permissions/mod.ts +329 -0
- package/src/analyzer/steps/002-permissions/scan-file.ts +258 -0
- package/src/analyzer/steps/002-permissions/seed-frontmatter.ts +66 -0
- package/src/analyzer/steps/002-permissions/synthesize.ts +42 -0
- package/src/analyzer/steps/003-risks/dep-risks.ts +89 -0
- package/src/analyzer/steps/003-risks/helpers.ts +41 -0
- package/src/analyzer/steps/003-risks/mod.ts +86 -0
- package/src/analyzer/steps/003-risks/policy.ts +38 -0
- package/src/analyzer/steps/003-risks/rule-mapped.ts +206 -0
- package/src/analyzer/steps/003-risks/scoring.ts +117 -0
- package/src/analyzer/steps/mod.ts +3 -0
- package/src/analyzer/treesitter/client.ts +120 -0
- package/src/analyzer/treesitter/registry.ts +198 -0
- package/src/analyzer/types.ts +78 -0
- package/src/analyzer/utils/code-block-path.ts +33 -0
- package/src/analyzer/utils/id-generator.ts +59 -0
- package/src/analyzer/utils/secret-validator.ts +29 -0
- package/src/analyzer/utils/url-parser.ts +25 -0
- package/src/deps/jsr.io/@deno-library/progress/1.5.1/deps.ts +3 -0
- package/src/deps/jsr.io/@deno-library/progress/1.5.1/mod.ts +265 -0
- package/src/deps/jsr.io/@deno-library/progress/1.5.1/multi.ts +250 -0
- package/src/deps/jsr.io/@deno-library/progress/1.5.1/time.ts +69 -0
- package/src/deps/jsr.io/@std/fmt/1.0.3/colors.ts +1004 -0
- package/src/deps/jsr.io/@std/internal/1.0.12/_os.ts +15 -0
- package/src/deps/jsr.io/@std/internal/1.0.12/os.ts +7 -0
- package/src/deps/jsr.io/@std/io/0.225.0/types.ts +157 -0
- package/src/deps/jsr.io/@std/io/0.225.0/write_all.ts +65 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/assert_path.ts +10 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/basename.ts +53 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/common.ts +26 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/constants.ts +49 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/dirname.ts +9 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/format.ts +25 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/from_file_url.ts +12 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/glob_to_reg_exp.ts +295 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/normalize.ts +9 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/normalize_string.ts +74 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/relative.ts +10 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/strip_trailing_separators.ts +25 -0
- package/src/deps/jsr.io/@std/path/1.1.4/_common/to_file_url.ts +17 -0
- package/src/deps/jsr.io/@std/path/1.1.4/basename.ts +37 -0
- package/src/deps/jsr.io/@std/path/1.1.4/common.ts +35 -0
- package/src/deps/jsr.io/@std/path/1.1.4/constants.ts +18 -0
- package/src/deps/jsr.io/@std/path/1.1.4/dirname.ts +30 -0
- package/src/deps/jsr.io/@std/path/1.1.4/extname.ts +29 -0
- package/src/deps/jsr.io/@std/path/1.1.4/format.ts +30 -0
- package/src/deps/jsr.io/@std/path/1.1.4/from_file_url.ts +30 -0
- package/src/deps/jsr.io/@std/path/1.1.4/glob_to_regexp.ts +94 -0
- package/src/deps/jsr.io/@std/path/1.1.4/is_absolute.ts +30 -0
- package/src/deps/jsr.io/@std/path/1.1.4/is_glob.ts +49 -0
- package/src/deps/jsr.io/@std/path/1.1.4/join.ts +31 -0
- package/src/deps/jsr.io/@std/path/1.1.4/join_globs.ts +42 -0
- package/src/deps/jsr.io/@std/path/1.1.4/mod.ts +217 -0
- package/src/deps/jsr.io/@std/path/1.1.4/normalize.ts +33 -0
- package/src/deps/jsr.io/@std/path/1.1.4/normalize_glob.ts +45 -0
- package/src/deps/jsr.io/@std/path/1.1.4/parse.ts +44 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/_util.ts +10 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/basename.ts +62 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/constants.ts +15 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/dirname.ts +72 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/extname.ts +96 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/format.ts +31 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/from_file_url.ts +25 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/glob_to_regexp.ts +94 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/is_absolute.ts +25 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/join.ts +46 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/join_globs.ts +45 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/normalize.ts +63 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/normalize_glob.ts +43 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/parse.ts +121 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/relative.ts +103 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/resolve.ts +71 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/to_file_url.ts +32 -0
- package/src/deps/jsr.io/@std/path/1.1.4/posix/to_namespaced_path.ts +21 -0
- package/src/deps/jsr.io/@std/path/1.1.4/relative.ts +32 -0
- package/src/deps/jsr.io/@std/path/1.1.4/resolve.ts +32 -0
- package/src/deps/jsr.io/@std/path/1.1.4/to_file_url.ts +30 -0
- package/src/deps/jsr.io/@std/path/1.1.4/to_namespaced_path.ts +31 -0
- package/src/deps/jsr.io/@std/path/1.1.4/types.ts +40 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/_util.ts +28 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/basename.ts +54 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/constants.ts +15 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/dirname.ts +118 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/extname.ts +90 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/format.ts +31 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/from_file_url.ts +34 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/glob_to_regexp.ts +92 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/is_absolute.ts +40 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/join.ts +78 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/join_globs.ts +46 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/normalize.ts +136 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/normalize_glob.ts +43 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/parse.ts +184 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/relative.ts +128 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/resolve.ts +178 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/to_file_url.ts +38 -0
- package/src/deps/jsr.io/@std/path/1.1.4/windows/to_namespaced_path.ts +60 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_chars.ts +55 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_dumper_state.ts +841 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_loader_state.ts +1780 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_schema.ts +183 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/binary.ts +127 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/bool.ts +37 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/float.ts +112 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/int.ts +174 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/map.ts +17 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/merge.ts +13 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/nil.ts +27 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/omap.ts +30 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/pairs.ts +22 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/regexp.ts +33 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/seq.ts +13 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/set.ts +17 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/str.ts +12 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/timestamp.ts +101 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type/undefined.ts +23 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_type.ts +49 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/_utils.ts +16 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/mod.ts +54 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/parse.ts +128 -0
- package/src/deps/jsr.io/@std/yaml/1.0.11/stringify.ts +118 -0
- package/src/shared/deep_merge.ts +73 -0
- package/src/shared/mod.ts +2 -0
- package/src/shared/types/filetypes.ts +101 -0
- package/src/shared/types/findings.ts +7 -0
- package/src/shared/types/mod.ts +6 -0
- package/src/shared/types/permissions.ts +17 -0
- package/src/shared/types/references.ts +62 -0
- package/src/shared/types/risks.ts +72 -0
- package/src/shared/types/syntaxNode.ts +7 -0
- package/src/skillreader/cloudStorage/mod.ts +170 -0
- package/src/skillreader/factory.ts +71 -0
- package/src/skillreader/fs/git.ts +153 -0
- package/src/skillreader/fs/mod.ts +84 -0
- package/src/skillreader/github/base.ts +162 -0
- package/src/skillreader/github/githubApi.ts +40 -0
- package/src/skillreader/github/githubRaw.ts +24 -0
- package/src/skillreader/github/mod.ts +45 -0
- package/src/skillreader/github/utils.ts +40 -0
- package/src/skillreader/manifest.ts +67 -0
- package/src/skillreader/mod.ts +26 -0
- package/src/skillreader/types.ts +150 -0
- package/src/skillreader/utils/frontmatter-parser.ts +72 -0
- package/src/skillreader/utils/http-range.ts +38 -0
- package/src/skillreader/utils/mod.ts +12 -0
- package/esm/analyzer/astgrep/registry.d.ts +0 -18
- package/esm/analyzer/astgrep/registry.d.ts.map +0 -1
- package/esm/analyzer/astgrep/registry.js +0 -71
- package/esm/analyzer/config.d.ts +0 -27
- package/esm/analyzer/config.d.ts.map +0 -1
- package/esm/analyzer/steps/003-risks/output.d.ts +0 -3
- package/esm/analyzer/steps/003-risks/output.d.ts.map +0 -1
- package/esm/analyzer/steps/003-risks/output.js +0 -16
- package/esm/analyzer/treesiter/client.d.ts +0 -26
- package/esm/analyzer/treesiter/client.d.ts.map +0 -1
- package/script/analyzer/astgrep/registry.d.ts +0 -18
- package/script/analyzer/astgrep/registry.d.ts.map +0 -1
- package/script/analyzer/astgrep/registry.js +0 -109
- package/script/analyzer/config.d.ts +0 -27
- package/script/analyzer/config.d.ts.map +0 -1
- package/script/analyzer/steps/003-risks/output.d.ts +0 -3
- package/script/analyzer/steps/003-risks/output.d.ts.map +0 -1
- package/script/analyzer/steps/003-risks/output.js +0 -19
- package/script/analyzer/treesiter/client.d.ts +0 -26
- package/script/analyzer/treesiter/client.d.ts.map +0 -1
- package/script/analyzer/treesiter/client.js +0 -165
|
@@ -0,0 +1,150 @@
|
|
|
1
|
+
import { parse as parseYaml } from "../deps/jsr.io/@std/yaml/1.0.11/mod.js";
|
|
2
|
+
import { extractFrontmatter } from "./utils/frontmatter-parser.js";
|
|
3
|
+
import { FileType } from "../shared/mod.js";
|
|
4
|
+
|
|
5
|
+
export type SkillFile = {
|
|
6
|
+
path: string;
|
|
7
|
+
size?: number;
|
|
8
|
+
contentType: FileType;
|
|
9
|
+
};
|
|
10
|
+
|
|
11
|
+
export type SkillFileManifest = {
|
|
12
|
+
version: 1;
|
|
13
|
+
generatedAt: string;
|
|
14
|
+
files: SkillFile[];
|
|
15
|
+
};
|
|
16
|
+
|
|
17
|
+
export type ZipManifestFile = {
|
|
18
|
+
path: string;
|
|
19
|
+
size: number;
|
|
20
|
+
offset: number;
|
|
21
|
+
compressedSize: number;
|
|
22
|
+
compressionMethod: number;
|
|
23
|
+
signature: number;
|
|
24
|
+
};
|
|
25
|
+
|
|
26
|
+
export type SkillZipManifest = {
|
|
27
|
+
version: 2;
|
|
28
|
+
storage_method: "zip";
|
|
29
|
+
compression: "deflate" | "store";
|
|
30
|
+
skill_version_id: string;
|
|
31
|
+
repo_url: string;
|
|
32
|
+
commit_hash: string;
|
|
33
|
+
dir: string | null;
|
|
34
|
+
created_at: string;
|
|
35
|
+
checksum: string;
|
|
36
|
+
files: ZipManifestFile[];
|
|
37
|
+
};
|
|
38
|
+
|
|
39
|
+
export type SkillManifest = SkillFileManifest | SkillZipManifest;
|
|
40
|
+
|
|
41
|
+
export type SkillFrontmatter = {
|
|
42
|
+
startLineNumber?: number;
|
|
43
|
+
endLineNumber?: number;
|
|
44
|
+
|
|
45
|
+
name: string;
|
|
46
|
+
description: string;
|
|
47
|
+
license?: string;
|
|
48
|
+
compatibility?: string;
|
|
49
|
+
metadata?: Record<string, unknown>;
|
|
50
|
+
"allowed-tools"?: string;
|
|
51
|
+
[key: string]: unknown;
|
|
52
|
+
};
|
|
53
|
+
|
|
54
|
+
export abstract class SkillReader {
|
|
55
|
+
/**
|
|
56
|
+
* A cached path to the root SKILL.md file in this skill repository
|
|
57
|
+
*/
|
|
58
|
+
private skillMdPatah: string | undefined = undefined;
|
|
59
|
+
|
|
60
|
+
/**
|
|
61
|
+
* A cached list of files in this skill repository.
|
|
62
|
+
*/
|
|
63
|
+
private files: SkillFile[] | undefined = undefined;
|
|
64
|
+
|
|
65
|
+
/**
|
|
66
|
+
* A cached parsed SKILL.md frontmatter.
|
|
67
|
+
*/
|
|
68
|
+
private skillFrontMatter: SkillFrontmatter | undefined = undefined;
|
|
69
|
+
|
|
70
|
+
abstract retrieveFiles(dir?: string): Promise<SkillFile[]>;
|
|
71
|
+
abstract readTextFile(path: string): Promise<string | null>;
|
|
72
|
+
abstract readFile(path: string): Promise<ReadableStream<Uint8Array> | null>;
|
|
73
|
+
abstract readManifest(): Promise<SkillManifest | null>;
|
|
74
|
+
|
|
75
|
+
public async listFiles(): Promise<SkillFile[]> {
|
|
76
|
+
if (!this.files) {
|
|
77
|
+
this.files = await this.retrieveFiles();
|
|
78
|
+
}
|
|
79
|
+
return this.files;
|
|
80
|
+
}
|
|
81
|
+
|
|
82
|
+
/**
|
|
83
|
+
* Return the path to SKILL.md if it exists, or throw if not.
|
|
84
|
+
*/
|
|
85
|
+
public async getSkillMdPath(): Promise<string> {
|
|
86
|
+
if (this.skillMdPatah) return this.skillMdPatah;
|
|
87
|
+
|
|
88
|
+
const files = await this.retrieveFiles();
|
|
89
|
+
const rootPath = files.find((file) => file.path.toLowerCase() === "skill.md");
|
|
90
|
+
|
|
91
|
+
if (!rootPath?.path) {
|
|
92
|
+
throw new Error("Invalid skill repository: SKILL.md not found");
|
|
93
|
+
}
|
|
94
|
+
|
|
95
|
+
this.skillMdPatah = rootPath.path;
|
|
96
|
+
return this.skillMdPatah;
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
/**
|
|
100
|
+
* Returns full SKILL.md content, or throws when the repository is not a valid skill.
|
|
101
|
+
*/
|
|
102
|
+
public async getSkillMdContent(): Promise<string> {
|
|
103
|
+
const skillMdPath = await this.getSkillMdPath();
|
|
104
|
+
const content = await this.readTextFile(skillMdPath);
|
|
105
|
+
if (!content) {
|
|
106
|
+
throw new Error("Invalid skill repository: SKILL.md is unreadable");
|
|
107
|
+
}
|
|
108
|
+
return content;
|
|
109
|
+
}
|
|
110
|
+
|
|
111
|
+
/**
|
|
112
|
+
* Parses SKILL.md frontmatter and guarantees required fields.
|
|
113
|
+
*/
|
|
114
|
+
public async getSkillMdFrontmatter(): Promise<SkillFrontmatter> {
|
|
115
|
+
if (this.skillFrontMatter) return this.skillFrontMatter;
|
|
116
|
+
|
|
117
|
+
const content = await this.getSkillMdContent();
|
|
118
|
+
const frontmatter = await extractFrontmatter(content);
|
|
119
|
+
if (!frontmatter) {
|
|
120
|
+
throw new Error("Invalid skill repository: SKILL.md missing YAML frontmatter");
|
|
121
|
+
}
|
|
122
|
+
let parsed: SkillFrontmatter;
|
|
123
|
+
try {
|
|
124
|
+
parsed = (parseYaml(frontmatter.content) as SkillFrontmatter) ??
|
|
125
|
+
({} as SkillFrontmatter);
|
|
126
|
+
} catch (error) {
|
|
127
|
+
const message = error instanceof Error ? error.message : String(error);
|
|
128
|
+
throw new Error(`Invalid skill repository: YAML frontmatter parse failed: ${message}`);
|
|
129
|
+
}
|
|
130
|
+
if (!parsed.name || !parsed.description) {
|
|
131
|
+
throw new Error("Invalid skill repository: frontmatter requires name and description");
|
|
132
|
+
}
|
|
133
|
+
|
|
134
|
+
parsed.startLineNumber = frontmatter.startLine;
|
|
135
|
+
parsed.endLineNumber = frontmatter.endLine;
|
|
136
|
+
|
|
137
|
+
this.skillFrontMatter = parsed;
|
|
138
|
+
return this.skillFrontMatter;
|
|
139
|
+
}
|
|
140
|
+
|
|
141
|
+
public async validate(): Promise<{ ok: boolean; reason?: string }> {
|
|
142
|
+
try {
|
|
143
|
+
await this.getSkillMdFrontmatter();
|
|
144
|
+
return { ok: true };
|
|
145
|
+
} catch (error) {
|
|
146
|
+
const message = error instanceof Error ? error.message : String(error);
|
|
147
|
+
return { ok: false, reason: message };
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
}
|
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
type SyntaxNodeLike = {
|
|
2
|
+
type: string;
|
|
3
|
+
text: string;
|
|
4
|
+
startPosition: { row: number };
|
|
5
|
+
endPosition: { row: number };
|
|
6
|
+
children: SyntaxNodeLike[];
|
|
7
|
+
};
|
|
8
|
+
|
|
9
|
+
export type FrontmatterInfo = {
|
|
10
|
+
content: string;
|
|
11
|
+
startLine: number;
|
|
12
|
+
endLine: number;
|
|
13
|
+
};
|
|
14
|
+
|
|
15
|
+
let parserInstance: {
|
|
16
|
+
parse: (input: string) => { rootNode: SyntaxNodeLike };
|
|
17
|
+
} | null = null;
|
|
18
|
+
|
|
19
|
+
export async function extractFrontmatter(content: string): Promise<FrontmatterInfo | null> {
|
|
20
|
+
try {
|
|
21
|
+
const parser = await getParser();
|
|
22
|
+
const tree = parser.parse(content);
|
|
23
|
+
const frontmatterNode = findFrontmatterNode(tree.rootNode);
|
|
24
|
+
if (!frontmatterNode) return null;
|
|
25
|
+
|
|
26
|
+
const matched = frontmatterNode.text.match(/^---\n([\s\S]*?)\n---/);
|
|
27
|
+
if (!matched) return null;
|
|
28
|
+
|
|
29
|
+
return {
|
|
30
|
+
content: matched[1],
|
|
31
|
+
startLine: frontmatterNode.startPosition.row + 1,
|
|
32
|
+
endLine: frontmatterNode.endPosition.row + 1,
|
|
33
|
+
};
|
|
34
|
+
} catch {
|
|
35
|
+
const matched = content.match(/^---\n([\s\S]*?)\n---/);
|
|
36
|
+
if (!matched) return null;
|
|
37
|
+
return {
|
|
38
|
+
content: matched[1],
|
|
39
|
+
startLine: 1,
|
|
40
|
+
endLine: matched[0].split("\n").length,
|
|
41
|
+
};
|
|
42
|
+
}
|
|
43
|
+
}
|
|
44
|
+
|
|
45
|
+
function findFrontmatterNode(node: SyntaxNodeLike): SyntaxNodeLike | null {
|
|
46
|
+
if (node.type.includes("yaml") && node.startPosition.row === 0) {
|
|
47
|
+
return node;
|
|
48
|
+
}
|
|
49
|
+
for (const child of node.children) {
|
|
50
|
+
const found = findFrontmatterNode(child);
|
|
51
|
+
if (found) return found;
|
|
52
|
+
}
|
|
53
|
+
return null;
|
|
54
|
+
}
|
|
55
|
+
|
|
56
|
+
async function getParser(): Promise<{ parse: (input: string) => { rootNode: SyntaxNodeLike } }> {
|
|
57
|
+
if (parserInstance) return parserInstance;
|
|
58
|
+
|
|
59
|
+
const [{ default: Parser }, markdownModule] = await Promise.all([
|
|
60
|
+
import("tree-sitter"),
|
|
61
|
+
import("@tree-sitter-grammars/tree-sitter-markdown"),
|
|
62
|
+
]);
|
|
63
|
+
|
|
64
|
+
const parser = new Parser();
|
|
65
|
+
parser.setLanguage(
|
|
66
|
+
((markdownModule as { default?: unknown }).default ?? markdownModule) as Parameters<
|
|
67
|
+
typeof parser.setLanguage
|
|
68
|
+
>[0],
|
|
69
|
+
);
|
|
70
|
+
parserInstance = parser;
|
|
71
|
+
return parser;
|
|
72
|
+
}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
import { Readable as NodeReadable } from "node:stream";
|
|
2
|
+
import type { ReadableStream as NodeReadableStream } from "node:stream/web";
|
|
3
|
+
import { createInflateRaw } from "node:zlib";
|
|
4
|
+
|
|
5
|
+
export async function fetchContentLength(url: string): Promise<number> {
|
|
6
|
+
const res = await fetch(url, { method: "HEAD" });
|
|
7
|
+
if (!res.ok) {
|
|
8
|
+
throw new Error(`HEAD ${url} failed: ${res.status} ${res.statusText}`);
|
|
9
|
+
}
|
|
10
|
+
const len = res.headers.get("content-length");
|
|
11
|
+
if (!len) throw new Error("No content-length header");
|
|
12
|
+
const size = Number.parseInt(len, 10);
|
|
13
|
+
if (Number.isNaN(size)) throw new Error(`Invalid content-length: ${len}`);
|
|
14
|
+
return size;
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
export async function fetchRangeStream(
|
|
18
|
+
url: string,
|
|
19
|
+
start: number,
|
|
20
|
+
length: number,
|
|
21
|
+
): Promise<ReadableStream<Uint8Array>> {
|
|
22
|
+
const end = start + length - 1;
|
|
23
|
+
const range = `bytes=${start}-${end}`;
|
|
24
|
+
const res = await fetch(url, { headers: { Range: range } });
|
|
25
|
+
if (!res.ok || !res.body) {
|
|
26
|
+
throw new Error(`Range read failed: ${res.status} ${res.statusText}`);
|
|
27
|
+
}
|
|
28
|
+
return res.body;
|
|
29
|
+
}
|
|
30
|
+
|
|
31
|
+
export function decompressDeflateStream(
|
|
32
|
+
stream: ReadableStream<Uint8Array>,
|
|
33
|
+
): ReadableStream<Uint8Array> {
|
|
34
|
+
const nodeStream = NodeReadable.fromWeb(stream as unknown as NodeReadableStream);
|
|
35
|
+
const inflater = createInflateRaw();
|
|
36
|
+
const decompressed = nodeStream.pipe(inflater);
|
|
37
|
+
return NodeReadable.toWeb(decompressed) as ReadableStream<Uint8Array>;
|
|
38
|
+
}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
export function isProbablyText(bytes: Uint8Array): boolean {
|
|
2
|
+
const sample = bytes.subarray(0, Math.min(bytes.length, 2048));
|
|
3
|
+
let controlCount = 0;
|
|
4
|
+
for (const byte of sample) {
|
|
5
|
+
if (byte === 0) return false;
|
|
6
|
+
if (byte < 9 || (byte > 13 && byte < 32)) controlCount += 1;
|
|
7
|
+
}
|
|
8
|
+
return controlCount / Math.max(sample.length, 1) < 0.1;
|
|
9
|
+
}
|
|
10
|
+
|
|
11
|
+
export * from "./frontmatter-parser.js";
|
|
12
|
+
export * from "./http-range.js";
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
export type AstGrepGrammar = "javascript" | "typescript" | "python" | "bash" | "markdown";
|
|
2
|
-
export type DynamicLangRegistration = {
|
|
3
|
-
libraryPath: string;
|
|
4
|
-
extensions: string[];
|
|
5
|
-
languageSymbol?: string;
|
|
6
|
-
metaVarChar?: string;
|
|
7
|
-
expandoChar?: string;
|
|
8
|
-
};
|
|
9
|
-
type AstGrepLanguageSpec = {
|
|
10
|
-
parserFileName: string;
|
|
11
|
-
parserTarballUrl: string;
|
|
12
|
-
developmentRegistration: DynamicLangRegistration;
|
|
13
|
-
};
|
|
14
|
-
export declare const AST_GREP_LANGUAGE_SPECS: Record<AstGrepGrammar, AstGrepLanguageSpec>;
|
|
15
|
-
export declare function buildDevRegistrations(): Record<AstGrepGrammar, DynamicLangRegistration>;
|
|
16
|
-
export declare function buildBundledRegistrations(resourceDir: string): Record<AstGrepGrammar, DynamicLangRegistration>;
|
|
17
|
-
export {};
|
|
18
|
-
//# sourceMappingURL=registry.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../../src/analyzer/astgrep/registry.ts"],"names":[],"mappings":"AAQA,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG,YAAY,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE1F,MAAM,MAAM,uBAAuB,GAAG;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,mBAAmB,GAAG;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,uBAAuB,EAAE,uBAAuB,CAAC;CACpD,CAAC;AAEF,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAAC,cAAc,EAAE,mBAAmB,CAgC/E,CAAC;AAEF,wBAAgB,qBAAqB,IAAI,MAAM,CAAC,cAAc,EAAE,uBAAuB,CAAC,CAMvF;AAED,wBAAgB,yBAAyB,CACrC,WAAW,EAAE,MAAM,GACpB,MAAM,CAAC,cAAc,EAAE,uBAAuB,CAAC,CAwBjD"}
|
|
@@ -1,71 +0,0 @@
|
|
|
1
|
-
import * as dntShim from "../../_dnt.shims.js";
|
|
2
|
-
import * as bashRegistration from "@ast-grep/lang-bash";
|
|
3
|
-
import * as javascriptRegistration from "@ast-grep/lang-javascript";
|
|
4
|
-
import * as markdownRegistration from "@ast-grep/lang-markdown";
|
|
5
|
-
import * as pythonRegistration from "@ast-grep/lang-python";
|
|
6
|
-
import * as typescriptRegistration from "@ast-grep/lang-typescript";
|
|
7
|
-
import { join } from "../../deps/jsr.io/@std/path/1.1.4/mod.js";
|
|
8
|
-
export const AST_GREP_LANGUAGE_SPECS = {
|
|
9
|
-
bash: {
|
|
10
|
-
parserFileName: "bash-parser.so",
|
|
11
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-bash/-/lang-bash-0.0.7.tgz",
|
|
12
|
-
developmentRegistration: bashRegistration.default,
|
|
13
|
-
},
|
|
14
|
-
javascript: {
|
|
15
|
-
parserFileName: "javascript-parser.so",
|
|
16
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-javascript/-/lang-javascript-0.0.6.tgz",
|
|
17
|
-
developmentRegistration: javascriptRegistration
|
|
18
|
-
.default,
|
|
19
|
-
},
|
|
20
|
-
markdown: {
|
|
21
|
-
parserFileName: "markdown-parser.so",
|
|
22
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-markdown/-/lang-markdown-0.0.5.tgz",
|
|
23
|
-
developmentRegistration: markdownRegistration.default,
|
|
24
|
-
},
|
|
25
|
-
python: {
|
|
26
|
-
parserFileName: "python-parser.so",
|
|
27
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-python/-/lang-python-0.0.5.tgz",
|
|
28
|
-
developmentRegistration: pythonRegistration.default,
|
|
29
|
-
},
|
|
30
|
-
typescript: {
|
|
31
|
-
parserFileName: "typescript-parser.so",
|
|
32
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-typescript/-/lang-typescript-0.0.6.tgz",
|
|
33
|
-
developmentRegistration: typescriptRegistration
|
|
34
|
-
.default,
|
|
35
|
-
},
|
|
36
|
-
};
|
|
37
|
-
export function buildDevRegistrations() {
|
|
38
|
-
const registrations = {};
|
|
39
|
-
for (const grammar of Object.keys(AST_GREP_LANGUAGE_SPECS)) {
|
|
40
|
-
registrations[grammar] = AST_GREP_LANGUAGE_SPECS[grammar].developmentRegistration;
|
|
41
|
-
}
|
|
42
|
-
return registrations;
|
|
43
|
-
}
|
|
44
|
-
export function buildBundledRegistrations(resourceDir) {
|
|
45
|
-
const registrations = {};
|
|
46
|
-
for (const grammar of Object.keys(AST_GREP_LANGUAGE_SPECS)) {
|
|
47
|
-
const spec = AST_GREP_LANGUAGE_SPECS[grammar];
|
|
48
|
-
const devRegistration = spec.developmentRegistration;
|
|
49
|
-
const libraryPath = join(resourceDir, spec.parserFileName);
|
|
50
|
-
if (!fileExists(libraryPath)) {
|
|
51
|
-
throw new Error(`Missing ast-grep parser for ${grammar}: ${libraryPath}. Reinstall the CLI release artifact for your platform.`);
|
|
52
|
-
}
|
|
53
|
-
registrations[grammar] = {
|
|
54
|
-
libraryPath,
|
|
55
|
-
extensions: [...devRegistration.extensions],
|
|
56
|
-
languageSymbol: devRegistration.languageSymbol,
|
|
57
|
-
expandoChar: devRegistration.expandoChar,
|
|
58
|
-
metaVarChar: devRegistration.metaVarChar,
|
|
59
|
-
};
|
|
60
|
-
}
|
|
61
|
-
return registrations;
|
|
62
|
-
}
|
|
63
|
-
function fileExists(path) {
|
|
64
|
-
try {
|
|
65
|
-
const stat = dntShim.Deno.statSync(path);
|
|
66
|
-
return stat.isFile;
|
|
67
|
-
}
|
|
68
|
-
catch {
|
|
69
|
-
return false;
|
|
70
|
-
}
|
|
71
|
-
}
|
package/esm/analyzer/config.d.ts
DELETED
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
import { PermissionScope, Severity } from "../shared/mod.js";
|
|
2
|
-
import type { AnalyzerConfig } from "./types.js";
|
|
3
|
-
export declare const DEFAULT_SKILL_VERSION = "0.0.1";
|
|
4
|
-
export declare const DEFAULT_CONFIG: AnalyzerConfig;
|
|
5
|
-
export declare const ALLOWED_TOOLS_MAPPING: Record<string, {
|
|
6
|
-
tool: string;
|
|
7
|
-
scope: PermissionScope;
|
|
8
|
-
permission: string;
|
|
9
|
-
}>;
|
|
10
|
-
export declare const TOOLS_MAPPING: Record<string, {
|
|
11
|
-
scope: PermissionScope;
|
|
12
|
-
permission: string;
|
|
13
|
-
}>;
|
|
14
|
-
export declare const SCORING: {
|
|
15
|
-
severity: Record<Severity, number>;
|
|
16
|
-
permissions: Record<string, number>;
|
|
17
|
-
scopeWildcard: number;
|
|
18
|
-
uplift: {
|
|
19
|
-
externalPost: number;
|
|
20
|
-
pipeToShell: number;
|
|
21
|
-
multipleCritical: number;
|
|
22
|
-
secretsInRequest: number;
|
|
23
|
-
};
|
|
24
|
-
};
|
|
25
|
-
export declare const UNSUPPORTED_SKILL_FRONTMATTER_FIELDS: readonly ["argument-hint", "disable-model-invocation", "user-invocable", "model", "context", "agent", "hooks"];
|
|
26
|
-
export declare const FRONTMATTER_SUPPORTED_FIELDS: readonly ["name", "description", "license", "compatibility", "metadata", "allowed-tools"];
|
|
27
|
-
//# sourceMappingURL=config.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/analyzer/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC7D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD,eAAO,MAAM,qBAAqB,UAAU,CAAC;AAE7C,eAAO,MAAM,cAAc,EAAE,cAI5B,CAAC;AAEF,eAAO,MAAM,qBAAqB,EAAE,MAAM,CACtC,MAAM,EACN;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,eAAe,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAS/D,CAAC;AAEF,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE;IAAE,KAAK,EAAE,eAAe,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAaxF,CAAC;AAEF,eAAO,MAAM,OAAO;cAKX,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC;iBASxB,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;;;;;;;;CAQ9B,CAAC;AAEF,eAAO,MAAM,oCAAoC,gHAQvC,CAAC;AAEX,eAAO,MAAM,4BAA4B,2FAO/B,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"output.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/output.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAGpE,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CAcrE"}
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
import { scoreState } from "./scoring.js";
|
|
2
|
-
export function toAnalyzerResult(state) {
|
|
3
|
-
const { score, riskLevel, summary } = scoreState(state);
|
|
4
|
-
return {
|
|
5
|
-
analyzedAt: new Date().toISOString(),
|
|
6
|
-
skillId: state.skillId,
|
|
7
|
-
skillVersionId: state.skillVersionId,
|
|
8
|
-
permissions: state.permissions,
|
|
9
|
-
risks: state.risks,
|
|
10
|
-
score,
|
|
11
|
-
riskLevel,
|
|
12
|
-
summary,
|
|
13
|
-
warnings: state.warnings,
|
|
14
|
-
metadata: state.metadata,
|
|
15
|
-
};
|
|
16
|
-
}
|
|
@@ -1,26 +0,0 @@
|
|
|
1
|
-
import type Parser from "tree-sitter";
|
|
2
|
-
type TreesitterGrammer = "markdown" | "markdown-inline";
|
|
3
|
-
export declare class TreesitterClient {
|
|
4
|
-
private PARSER_BY_GRAMMAR;
|
|
5
|
-
private LANG_BY_GRAMMAR;
|
|
6
|
-
private QUERY_CACHE;
|
|
7
|
-
private ROOT_NODE_CACHE_BY_GRAMMAR;
|
|
8
|
-
private GRAMMER_LIB_BY_LANGUAGE;
|
|
9
|
-
getParser(grammar: TreesitterGrammer): Promise<Parser>;
|
|
10
|
-
/**
|
|
11
|
-
* Creates (and caches) a tree-sitter Query for the given grammar and S-expression query string.
|
|
12
|
-
*/
|
|
13
|
-
createQuery(grammar: TreesitterGrammer, queryString: string): Promise<Parser.Query>;
|
|
14
|
-
/**
|
|
15
|
-
* Parses content into a tree-sitter Tree with memoization.
|
|
16
|
-
*
|
|
17
|
-
* Cache key strategy:
|
|
18
|
-
* - first level: content length
|
|
19
|
-
* - second level: fast non-cryptographic hash of content
|
|
20
|
-
*/
|
|
21
|
-
parse(grammar: TreesitterGrammer, content: string): Promise<Parser.Tree>;
|
|
22
|
-
private getTreeCache;
|
|
23
|
-
private hashContent;
|
|
24
|
-
}
|
|
25
|
-
export {};
|
|
26
|
-
//# sourceMappingURL=client.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../../src/analyzer/treesiter/client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,MAAM,aAAa,CAAC;AAEtC,KAAK,iBAAiB,GAChB,UAAU,GACV,iBAAiB,CAAC;AAQxB,qBAAa,gBAAgB;IACzB,OAAO,CAAC,iBAAiB,CAAkD;IAC3E,OAAO,CAAC,eAAe,CAA2D;IAClF,OAAO,CAAC,WAAW,CAAmC;IACtD,OAAO,CAAC,0BAA0B,CAG3B;IAEP,OAAO,CAAC,uBAAuB,CAS7B;IAEW,SAAS,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,MAAM,CAAC;IAuCnE;;OAEG;IACU,WAAW,CACpB,OAAO,EAAE,iBAAiB,EAC1B,WAAW,EAAE,MAAM,GACpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;IAcxB;;;;;;OAMG;IACU,KAAK,CAAC,OAAO,EAAE,iBAAiB,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC;IAqBrF,OAAO,CAAC,YAAY;IAOpB,OAAO,CAAC,WAAW;CAStB"}
|
|
@@ -1,18 +0,0 @@
|
|
|
1
|
-
export type AstGrepGrammar = "javascript" | "typescript" | "python" | "bash" | "markdown";
|
|
2
|
-
export type DynamicLangRegistration = {
|
|
3
|
-
libraryPath: string;
|
|
4
|
-
extensions: string[];
|
|
5
|
-
languageSymbol?: string;
|
|
6
|
-
metaVarChar?: string;
|
|
7
|
-
expandoChar?: string;
|
|
8
|
-
};
|
|
9
|
-
type AstGrepLanguageSpec = {
|
|
10
|
-
parserFileName: string;
|
|
11
|
-
parserTarballUrl: string;
|
|
12
|
-
developmentRegistration: DynamicLangRegistration;
|
|
13
|
-
};
|
|
14
|
-
export declare const AST_GREP_LANGUAGE_SPECS: Record<AstGrepGrammar, AstGrepLanguageSpec>;
|
|
15
|
-
export declare function buildDevRegistrations(): Record<AstGrepGrammar, DynamicLangRegistration>;
|
|
16
|
-
export declare function buildBundledRegistrations(resourceDir: string): Record<AstGrepGrammar, DynamicLangRegistration>;
|
|
17
|
-
export {};
|
|
18
|
-
//# sourceMappingURL=registry.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"registry.d.ts","sourceRoot":"","sources":["../../../src/analyzer/astgrep/registry.ts"],"names":[],"mappings":"AAQA,MAAM,MAAM,cAAc,GAAG,YAAY,GAAG,YAAY,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE1F,MAAM,MAAM,uBAAuB,GAAG;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,CAAC;CACxB,CAAC;AAEF,KAAK,mBAAmB,GAAG;IACvB,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE,MAAM,CAAC;IACzB,uBAAuB,EAAE,uBAAuB,CAAC;CACpD,CAAC;AAEF,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAAC,cAAc,EAAE,mBAAmB,CAgC/E,CAAC;AAEF,wBAAgB,qBAAqB,IAAI,MAAM,CAAC,cAAc,EAAE,uBAAuB,CAAC,CAMvF;AAED,wBAAgB,yBAAyB,CACrC,WAAW,EAAE,MAAM,GACpB,MAAM,CAAC,cAAc,EAAE,uBAAuB,CAAC,CAwBjD"}
|
|
@@ -1,109 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
3
|
-
if (k2 === undefined) k2 = k;
|
|
4
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
5
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
6
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
7
|
-
}
|
|
8
|
-
Object.defineProperty(o, k2, desc);
|
|
9
|
-
}) : (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
o[k2] = m[k];
|
|
12
|
-
}));
|
|
13
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
14
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
15
|
-
}) : function(o, v) {
|
|
16
|
-
o["default"] = v;
|
|
17
|
-
});
|
|
18
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
19
|
-
var ownKeys = function(o) {
|
|
20
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
21
|
-
var ar = [];
|
|
22
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
23
|
-
return ar;
|
|
24
|
-
};
|
|
25
|
-
return ownKeys(o);
|
|
26
|
-
};
|
|
27
|
-
return function (mod) {
|
|
28
|
-
if (mod && mod.__esModule) return mod;
|
|
29
|
-
var result = {};
|
|
30
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
31
|
-
__setModuleDefault(result, mod);
|
|
32
|
-
return result;
|
|
33
|
-
};
|
|
34
|
-
})();
|
|
35
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
36
|
-
exports.AST_GREP_LANGUAGE_SPECS = void 0;
|
|
37
|
-
exports.buildDevRegistrations = buildDevRegistrations;
|
|
38
|
-
exports.buildBundledRegistrations = buildBundledRegistrations;
|
|
39
|
-
const dntShim = __importStar(require("../../_dnt.shims.js"));
|
|
40
|
-
const bashRegistration = __importStar(require("@ast-grep/lang-bash"));
|
|
41
|
-
const javascriptRegistration = __importStar(require("@ast-grep/lang-javascript"));
|
|
42
|
-
const markdownRegistration = __importStar(require("@ast-grep/lang-markdown"));
|
|
43
|
-
const pythonRegistration = __importStar(require("@ast-grep/lang-python"));
|
|
44
|
-
const typescriptRegistration = __importStar(require("@ast-grep/lang-typescript"));
|
|
45
|
-
const mod_js_1 = require("../../deps/jsr.io/@std/path/1.1.4/mod.js");
|
|
46
|
-
exports.AST_GREP_LANGUAGE_SPECS = {
|
|
47
|
-
bash: {
|
|
48
|
-
parserFileName: "bash-parser.so",
|
|
49
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-bash/-/lang-bash-0.0.7.tgz",
|
|
50
|
-
developmentRegistration: bashRegistration.default,
|
|
51
|
-
},
|
|
52
|
-
javascript: {
|
|
53
|
-
parserFileName: "javascript-parser.so",
|
|
54
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-javascript/-/lang-javascript-0.0.6.tgz",
|
|
55
|
-
developmentRegistration: javascriptRegistration
|
|
56
|
-
.default,
|
|
57
|
-
},
|
|
58
|
-
markdown: {
|
|
59
|
-
parserFileName: "markdown-parser.so",
|
|
60
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-markdown/-/lang-markdown-0.0.5.tgz",
|
|
61
|
-
developmentRegistration: markdownRegistration.default,
|
|
62
|
-
},
|
|
63
|
-
python: {
|
|
64
|
-
parserFileName: "python-parser.so",
|
|
65
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-python/-/lang-python-0.0.5.tgz",
|
|
66
|
-
developmentRegistration: pythonRegistration.default,
|
|
67
|
-
},
|
|
68
|
-
typescript: {
|
|
69
|
-
parserFileName: "typescript-parser.so",
|
|
70
|
-
parserTarballUrl: "https://registry.npmjs.org/@ast-grep/lang-typescript/-/lang-typescript-0.0.6.tgz",
|
|
71
|
-
developmentRegistration: typescriptRegistration
|
|
72
|
-
.default,
|
|
73
|
-
},
|
|
74
|
-
};
|
|
75
|
-
function buildDevRegistrations() {
|
|
76
|
-
const registrations = {};
|
|
77
|
-
for (const grammar of Object.keys(exports.AST_GREP_LANGUAGE_SPECS)) {
|
|
78
|
-
registrations[grammar] = exports.AST_GREP_LANGUAGE_SPECS[grammar].developmentRegistration;
|
|
79
|
-
}
|
|
80
|
-
return registrations;
|
|
81
|
-
}
|
|
82
|
-
function buildBundledRegistrations(resourceDir) {
|
|
83
|
-
const registrations = {};
|
|
84
|
-
for (const grammar of Object.keys(exports.AST_GREP_LANGUAGE_SPECS)) {
|
|
85
|
-
const spec = exports.AST_GREP_LANGUAGE_SPECS[grammar];
|
|
86
|
-
const devRegistration = spec.developmentRegistration;
|
|
87
|
-
const libraryPath = (0, mod_js_1.join)(resourceDir, spec.parserFileName);
|
|
88
|
-
if (!fileExists(libraryPath)) {
|
|
89
|
-
throw new Error(`Missing ast-grep parser for ${grammar}: ${libraryPath}. Reinstall the CLI release artifact for your platform.`);
|
|
90
|
-
}
|
|
91
|
-
registrations[grammar] = {
|
|
92
|
-
libraryPath,
|
|
93
|
-
extensions: [...devRegistration.extensions],
|
|
94
|
-
languageSymbol: devRegistration.languageSymbol,
|
|
95
|
-
expandoChar: devRegistration.expandoChar,
|
|
96
|
-
metaVarChar: devRegistration.metaVarChar,
|
|
97
|
-
};
|
|
98
|
-
}
|
|
99
|
-
return registrations;
|
|
100
|
-
}
|
|
101
|
-
function fileExists(path) {
|
|
102
|
-
try {
|
|
103
|
-
const stat = dntShim.Deno.statSync(path);
|
|
104
|
-
return stat.isFile;
|
|
105
|
-
}
|
|
106
|
-
catch {
|
|
107
|
-
return false;
|
|
108
|
-
}
|
|
109
|
-
}
|
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
import { PermissionScope, Severity } from "../shared/mod.js";
|
|
2
|
-
import type { AnalyzerConfig } from "./types.js";
|
|
3
|
-
export declare const DEFAULT_SKILL_VERSION = "0.0.1";
|
|
4
|
-
export declare const DEFAULT_CONFIG: AnalyzerConfig;
|
|
5
|
-
export declare const ALLOWED_TOOLS_MAPPING: Record<string, {
|
|
6
|
-
tool: string;
|
|
7
|
-
scope: PermissionScope;
|
|
8
|
-
permission: string;
|
|
9
|
-
}>;
|
|
10
|
-
export declare const TOOLS_MAPPING: Record<string, {
|
|
11
|
-
scope: PermissionScope;
|
|
12
|
-
permission: string;
|
|
13
|
-
}>;
|
|
14
|
-
export declare const SCORING: {
|
|
15
|
-
severity: Record<Severity, number>;
|
|
16
|
-
permissions: Record<string, number>;
|
|
17
|
-
scopeWildcard: number;
|
|
18
|
-
uplift: {
|
|
19
|
-
externalPost: number;
|
|
20
|
-
pipeToShell: number;
|
|
21
|
-
multipleCritical: number;
|
|
22
|
-
secretsInRequest: number;
|
|
23
|
-
};
|
|
24
|
-
};
|
|
25
|
-
export declare const UNSUPPORTED_SKILL_FRONTMATTER_FIELDS: readonly ["argument-hint", "disable-model-invocation", "user-invocable", "model", "context", "agent", "hooks"];
|
|
26
|
-
export declare const FRONTMATTER_SUPPORTED_FIELDS: readonly ["name", "description", "license", "compatibility", "metadata", "allowed-tools"];
|
|
27
|
-
//# sourceMappingURL=config.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/analyzer/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC7D,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD,eAAO,MAAM,qBAAqB,UAAU,CAAC;AAE7C,eAAO,MAAM,cAAc,EAAE,cAI5B,CAAC;AAEF,eAAO,MAAM,qBAAqB,EAAE,MAAM,CACtC,MAAM,EACN;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,eAAe,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAS/D,CAAC;AAEF,eAAO,MAAM,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE;IAAE,KAAK,EAAE,eAAe,CAAC;IAAC,UAAU,EAAE,MAAM,CAAA;CAAE,CAaxF,CAAC;AAEF,eAAO,MAAM,OAAO;cAKX,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC;iBASxB,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;;;;;;;;CAQ9B,CAAC;AAEF,eAAO,MAAM,oCAAoC,gHAQvC,CAAC;AAEX,eAAO,MAAM,4BAA4B,2FAO/B,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"output.d.ts","sourceRoot":"","sources":["../../../../src/analyzer/steps/003-risks/output.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAGpE,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CAcrE"}
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.toAnalyzerResult = toAnalyzerResult;
|
|
4
|
-
const scoring_js_1 = require("./scoring.js");
|
|
5
|
-
function toAnalyzerResult(state) {
|
|
6
|
-
const { score, riskLevel, summary } = (0, scoring_js_1.scoreState)(state);
|
|
7
|
-
return {
|
|
8
|
-
analyzedAt: new Date().toISOString(),
|
|
9
|
-
skillId: state.skillId,
|
|
10
|
-
skillVersionId: state.skillVersionId,
|
|
11
|
-
permissions: state.permissions,
|
|
12
|
-
risks: state.risks,
|
|
13
|
-
score,
|
|
14
|
-
riskLevel,
|
|
15
|
-
summary,
|
|
16
|
-
warnings: state.warnings,
|
|
17
|
-
metadata: state.metadata,
|
|
18
|
-
};
|
|
19
|
-
}
|