@fortressjs/cli 0.1.0 → 0.1.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/README.md +70 -0
  2. package/dist/index.d.ts +1 -1
  3. package/dist/index.js +33 -6
  4. package/package.json +7 -6
package/README.md ADDED
@@ -0,0 +1,70 @@
1
+ # @fortressjs/cli
2
+
3
+ Security auditing CLI for Express applications.
4
+
5
+ Analyze Express projects and identify missing security protections such as rate limiting, request validation, security headers, and threat detection.
6
+
7
+ ## Installation
8
+
9
+ ### Global Installation
10
+
11
+ ```bash
12
+ npm install -g @fortressjs/cli
13
+ ```
14
+
15
+ ### Run Without Installation
16
+
17
+ ```bash
18
+ npx @fortressjs/cli audit
19
+ ```
20
+
21
+ ## Usage
22
+
23
+ Audit the current project:
24
+
25
+ ```bash
26
+ fortress audit
27
+ ```
28
+
29
+ ## Example Output
30
+
31
+ ```text
32
+ 🛡️ FortressJS Security Audit CLI
33
+
34
+ Security Score: 70/100
35
+
36
+ Missing Protections:
37
+ ✗ Threat Intelligence Engine
38
+ ✗ HTTPS Enforcement / HSTS
39
+
40
+ Recommendations:
41
+ • Add fortress.threatDetector()
42
+ • Configure strict transport security
43
+ ```
44
+
45
+ ## What It Checks
46
+
47
+ * Content Security Policy (CSP)
48
+ * Security Headers
49
+ * Rate Limiting
50
+ * Request Size Limiting
51
+ * Security Logging
52
+ * Threat Detection
53
+ * HTTPS / HSTS Configuration
54
+
55
+ ## Roadmap
56
+
57
+ Planned improvements:
58
+
59
+ * File and directory path support
60
+ * AST-based code analysis
61
+ * More advanced security checks
62
+ * Framework-specific auditing
63
+
64
+ ## Repository
65
+
66
+ https://github.com/davanesh/fortressjs
67
+
68
+ ## License
69
+
70
+ MIT
package/dist/index.d.ts CHANGED
@@ -1 +1 @@
1
- export declare function runAudit(): void;
1
+ export declare function runAudit(targetPath?: string): void;
package/dist/index.js CHANGED
@@ -17,6 +17,20 @@ const C = {
17
17
  yellow: "\x1b[33m",
18
18
  cyan: "\x1b[36m"
19
19
  };
20
+ function getTargetFiles(targetPath) {
21
+ if (!fs_1.default.existsSync(targetPath)) {
22
+ throw new Error(`Path does not exist: ${targetPath}`);
23
+ }
24
+ const stat = fs_1.default.statSync(targetPath);
25
+ if (stat.isFile()) {
26
+ if (targetPath.endsWith(".ts") ||
27
+ targetPath.endsWith(".js")) {
28
+ return [targetPath];
29
+ }
30
+ return [];
31
+ }
32
+ return getFilesRecursively(targetPath);
33
+ }
20
34
  function getFilesRecursively(dir, fileList = []) {
21
35
  if (!fs_1.default.existsSync(dir))
22
36
  return fileList;
@@ -44,15 +58,23 @@ function getFilesRecursively(dir, fileList = []) {
44
58
  }
45
59
  return fileList;
46
60
  }
47
- function runAudit() {
61
+ function runAudit(targetPath) {
48
62
  console.log(`\n${C.bold}${C.cyan}🛡️ FortressJS Security Audit CLI${C.reset}`);
49
63
  console.log(`${C.dim}=========================================${C.reset}\n`);
50
- const cwd = process.cwd();
51
- const files = getFilesRecursively(cwd);
64
+ const target = path_1.default.resolve(targetPath || process.cwd());
65
+ let files;
66
+ try {
67
+ files = getTargetFiles(target);
68
+ }
69
+ catch (error) {
70
+ console.error(`${C.red}${error.message}${C.reset}`);
71
+ process.exit(1);
72
+ }
52
73
  if (files.length === 0) {
53
- console.log(`${C.yellow}No JavaScript or TypeScript files found to scan in: ${cwd}${C.reset}`);
74
+ console.log(`${C.yellow}No JavaScript or TypeScript files found to scan in: ${target}${C.reset}`);
54
75
  return;
55
76
  }
77
+ console.log(`${C.dim}Target: ${target}${C.reset}`);
56
78
  console.log(`${C.dim}Scanning ${files.length} file(s)...${C.reset}`);
57
79
  const scanner = new scanner_1.RegexScanner();
58
80
  // Aggregate results across all files in the project
@@ -144,9 +166,14 @@ function runAudit() {
144
166
  // CLI entry point
145
167
  const args = process.argv.slice(2);
146
168
  if (args[0] === "audit") {
147
- runAudit();
169
+ const target = args[1];
170
+ runAudit(target);
148
171
  }
149
172
  else {
150
173
  console.log(`\n${C.bold}FortressJS CLI${C.reset}`);
151
- console.log(`${C.dim}Usage: npx fortress audit${C.reset}\n`);
174
+ console.log(`${C.dim}Usage:${C.reset}`);
175
+ console.log(` fortress audit`);
176
+ console.log(` fortress audit .`);
177
+ console.log(` fortress audit ./src`);
178
+ console.log(` fortress audit ./src/app.ts\n`);
152
179
  }
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "@fortressjs/cli",
3
- "version": "0.1.0",
4
- "description": "Security auditing CLI for FortressJS and Express applications",
3
+ "version": "0.1.2",
4
+ "description": "Security audit CLI for Express applications. Detect missing security headers, rate limits, request validation, and threat protection.",
5
5
  "license": "MIT",
6
6
  "author": "Davanesh Saminathan",
7
7
  "homepage": "https://github.com/davanesh/fortressjs",
@@ -26,21 +26,22 @@
26
26
  "node": ">=18"
27
27
  },
28
28
  "bin": {
29
- "fortress": "./bin/fortress.js"
29
+ "fortress": "bin/fortress.js"
30
30
  },
31
31
  "main": "dist/index.js",
32
32
  "types": "dist/index.d.ts",
33
33
  "files": [
34
34
  "dist",
35
- "bin"
35
+ "bin",
36
+ "README.md"
36
37
  ],
37
38
  "scripts": {
38
39
  "build": "tsc"
39
40
  },
40
41
  "dependencies": {
41
- "@fortressjs/core": "0.1.0"
42
+ "@fortressjs/core": "^0.1.2"
42
43
  },
43
44
  "devDependencies": {
44
45
  "typescript": "^5.0.0"
45
46
  }
46
- }
47
+ }