@gitguard/cli 1.1.0

package/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2025 GitGuard
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

package/README.md

@@ -0,0 +1,356 @@
+# GitGuard CLI
+
+🛡️ **Security scanning for developers** - Find vulnerabilities in your code before they reach production.
+
+[![NPM Version](https://img.shields.io/npm/v/@gitguard/cli.svg)](https://www.npmjs.com/package/@gitguard/cli)
+[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)
+
+## Features
+
+- 🔍 **Comprehensive Security Scanning** - Detect SQL injection, XSS, CSRF, and 50+ vulnerability patterns
+- ⚡ **Fast & Easy** - Scan your code in seconds with a single command
+- 🎯 **CI/CD Ready** - Perfect for pre-commit hooks and automated pipelines
+- 🔐 **Privacy First** - Scans run securely through GitGuard's API with enterprise-grade security
+- 📊 **Subscription Tiers** - Free tier for unlimited scans with unlimited AI analysis for Premier users
+
+## Quick Start
+
+```bash
+# Install globally
+npm install -g @gitguard/cli
+
+# Login to GitGuard
+gitguard login
+
+# Scan your code
+gitguard scan
+```
+
+## Installation
+
+### NPM
+
+```bash
+npm install -g @gitguard/cli
+```
+
+### Yarn
+
+```bash
+yarn global add @gitguard/cli
+```
+
+## Usage
+
+### Authentication
+
+Before scanning, authenticate with your GitGuard account:
+
+```bash
+gitguard login
+```
+
+If you don't have an account, sign up at [gitguard.net](https://www.gitguard.net).
+
+### Scanning Code
+
+**The CLI automatically uses your web app preferences!** If you have AI scanning enabled in your GitGuard account, the CLI will use it by default.
+
+Scan the current directory (uses your default settings):
+
+```bash
+gitguard scan
+```
+
+Scan a specific directory:
+
+```bash
+gitguard scan --dir ./src
+```
+
+Scan a single file:
+
+```bash
+gitguard scan --file ./src/api/auth.ts
+```
+
+**Override your default settings:**
+
+Force enable AI analysis (even if disabled in your account):
+
+```bash
+gitguard scan --ai
+```
+
+Disable AI analysis (even if enabled in your account):
+
+```bash
+gitguard scan --no-ai
+```
+
+Enable/disable specific features:
+
+```bash
+gitguard scan --dependencies --no-ai  # Dependencies: yes, AI: no
+gitguard scan --secrets --no-dependencies  # Secrets: yes, Dependencies: no
+```
+
+Output JSON for CI/CD:
+
+```bash
+gitguard scan --json
+```
+
+### Check Your Account
+
+View your subscription and usage limits:
+
+```bash
+gitguard whoami
+```
+
+### Logout
+
+```bash
+gitguard logout
+```
+
+## Commands
+
+| Command | Description |
+|---------|-------------|
+| `gitguard login` | Authenticate with GitGuard |
+| `gitguard logout` | Log out of your account |
+| `gitguard scan` | Scan code for vulnerabilities |
+| `gitguard whoami` | Show current user and subscription info |
+| `gitguard --help` | Show help |
+
+## Scan Options
+
+| Option | Description |
+|--------|-------------|
+| `-d, --dir <path>` | Directory to scan (default: current directory) |
+| `-f, --file <path>` | Scan a specific file |
+| `--ai` | Force enable AI-powered analysis |
+| `--no-ai` | Disable AI-powered analysis |
+| `--dependencies` | Force enable dependency scanning |
+| `--no-dependencies` | Disable dependency scanning |
+| `--secrets` | Force enable secret detection |
+| `--no-secrets` | Disable secret detection |
+| `--json` | Output results as JSON |
+
+**Note:** By default, the CLI uses your web app preferences. Override flags (`--ai`, `--dependencies`, `--secrets`) force-enable features. Disable flags (`--no-ai`, `--no-dependencies`, `--no-secrets`) force-disable them.
+
+## Subscription Tiers
+
+### Free
+- Unlimited scans per day
+- Basic vulnerability detection (50+ patterns)
+- JSON export for CI/CD
+- Public repository scanning
+
+### Pro
+- Everything in Free
+- **AI-powered vulnerability analysis** (enabled by default)
+- Private repository scanning
+- Priority support
+
+### Premier
+- Everything in Pro
+- **All scan features enabled by default:**
+  - AI-powered vulnerability analysis ✓
+  - Dependency scanning ✓
+  - Secret detection ✓
+  - License compliance checking ✓
+- Unlimited team members
+- SLA guarantee
+
+[View full pricing](https://www.gitguard.net/pricing)
+
+## CI/CD Integration
+
+### GitHub Actions
+
+```yaml
+name: Security Scan
+
+on: [push, pull_request]
+
+jobs:
+  security:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Install GitGuard CLI
+        run: npm install -g @gitguard/cli
+      - name: Run security scan
+        env:
+          GITGUARD_API_TOKEN: ${{ secrets.GITGUARD_API_TOKEN }}
+        run: |
+          echo "$GITGUARD_API_TOKEN" | gitguard login --token
+          gitguard scan --json > scan-results.json
+      - name: Upload scan results
+        uses: actions/upload-artifact@v3
+        with:
+          name: security-scan
+          path: scan-results.json
+```
+
+### Pre-commit Hook
+
+Add to `.git/hooks/pre-commit`:
+
+```bash
+#!/bin/sh
+
+# Run GitGuard scan on staged files
+gitguard scan --dir .
+
+if [ $? -ne 0 ]; then
+  echo "Security issues found! Fix them or use --no-verify to bypass."
+  exit 1
+fi
+```
+
+Make it executable:
+
+```bash
+chmod +x .git/hooks/pre-commit
+```
+
+## Exit Codes
+
+- `0` - No critical or high severity vulnerabilities found
+- `1` - Critical or high severity vulnerabilities found, or scan error
+
+Perfect for failing CI/CD pipelines on security issues!
+
+## What Gets Scanned?
+
+The CLI automatically scans these file types:
+
+- **Web**: TypeScript, JavaScript (`.ts`, `.tsx`, `.js`, `.jsx`)
+- **Backend**: Python (`.py`), Ruby (`.rb`), PHP (`.php`), Go (`.go`)
+- **Mobile**: Swift (`.swift`), Kotlin (`.kt`)
+- **Systems**: Rust (`.rs`), C/C++ (`.c`, `.cpp`), C# (`.cs`)
+- **JVM**: Java (`.java`), Scala (`.scala`)
+
+**Smart Exclusions:**
+- Automatically respects your `.gitignore` file (if present)
+- Falls back to excluding: `node_modules`, `dist`, `build`, `.git`, `.next`, `coverage`, `__pycache__`, `vendor`
+- Skips hidden directories (unless explicitly included in your project)
+
+## Detected Vulnerabilities
+
+GitGuard detects 50+ vulnerability patterns including:
+
+- **Injection Attacks**: SQL injection, Command injection, LDAP injection
+- **XSS**: Reflected, Stored, DOM-based
+- **Authentication**: Weak passwords, Insecure session management
+- **Cryptography**: Weak algorithms, Hardcoded secrets
+- **SSRF**: Server-side request forgery
+- **Path Traversal**: Directory traversal attacks
+- **CSRF**: Cross-site request forgery
+
+... and many more!
+
+## Examples
+
+### Simple Scan
+
+```bash
+$ gitguard scan
+
+✓ Collecting files...
+ℹ Found 47 file(s), sending to GitGuard...
+
+Scan Results
+Files scanned: 47
+Duration: 2.3s
+
+Found 3 issue(s):
+  HIGH: 2
+  MEDIUM: 1
+
+HIGH    SQL Injection
+  src/api/users.ts:45
+  Unsanitized user input in SQL query
+
+HIGH    XSS Vulnerability
+  components/Form.tsx:23
+  Unescaped user input in HTML
+
+MEDIUM  Weak Cryptography
+  lib/crypto.ts:12
+  Using MD5 for hashing (use bcrypt instead)
+```
+
+### CI/CD JSON Output
+
+```bash
+$ gitguard scan --json
+
+{
+  "scanId": "scan_abc123",
+  "status": "completed",
+  "filesScanned": 47,
+  "duration": 2300,
+  "summary": {
+    "total": 3,
+    "critical": 0,
+    "high": 2,
+    "medium": 1,
+    "low": 0,
+    "info": 0
+  },
+  "vulnerabilities": [...]
+}
+```
+
+## Troubleshooting
+
+### Authentication Failed
+
+If you see "Authentication expired", log in again:
+
+```bash
+gitguard logout
+gitguard login
+```
+
+### Rate Limit Exceeded
+
+Free tier has generous limits. If you hit the limit:
+
+1. Wait for the daily reset (shown in `gitguard whoami`)
+2. Or upgrade to Pro/Premier for unlimited scans
+
+### No Files Found
+
+Make sure you're in a directory with code files. The CLI only scans supported file types (see "What Gets Scanned?" above).
+
+## Privacy & Security
+
+- Your code is transmitted securely over HTTPS
+- Scans are processed server-side and deleted after completion
+- No code is stored permanently
+- API tokens are stored locally in `~/.gitguard/config.json` (chmod 600)
+- View our [Privacy Policy](https://www.gitguard.net/privacy)
+
+## Support
+
+- 📖 [Documentation](https://github.com/git-guard)
+- 🐛 [Report Issues](https://github.com/git-guard/gitguard-cli/issues)
+- 📧 [Email Support](mailto:support@gitguard.net)
+
+## Contributing
+
+We welcome contributions! Please see [CONTRIBUTING.md](CONTRIBUTING.md) for details.
+
+## License
+
+MIT © GitGuard
+
+---
+
+Made with ❤️ by the [Creative Lid LLC](https://www.creativelid.com) - [GitGuard](https://www.gitguard.net) team

package/dist/commands/login.d.ts

@@ -0,0 +1,2 @@
+export declare function loginCommand(): Promise<void>;
+//# sourceMappingURL=login.d.ts.map

package/dist/commands/login.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.d.ts","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":"AASA,wBAAsB,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC,CAuFlD"}

package/dist/commands/login.js

@@ -0,0 +1,135 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.loginCommand = loginCommand;
+const open_1 = __importDefault(require("open"));
+const readline_1 = __importDefault(require("readline"));
+const config_1 = require("../lib/config");
+const api_client_1 = require("../lib/api-client");
+const reporter_1 = require("../lib/reporter");
+const POLL_INTERVAL = 2000;
+const MAX_POLL_TIME = 600000;
+async function loginCommand() {
+    const config = new config_1.ConfigManager();
+    const reporter = new reporter_1.Reporter(config);
+    if (process.env.GITGUARD_API_URL) {
+        config.set({ apiUrl: process.env.GITGUARD_API_URL });
+        reporter.info(`Using API URL: ${process.env.GITGUARD_API_URL}`);
+    }
+    const apiClient = new api_client_1.APIClient(config);
+    try {
+        reporter.info('Initializing authentication...');
+        const { requestCode, authUrl } = await apiClient.requestAuth();
+        reporter.info('\nIMPORTANT: You must be logged into GitGuard in your browser first!');
+        reporter.info('If you don\'t have an account, visit the web app to sign up.\n');
+        reporter.info('Please authenticate in your browser.');
+        reporter.info(`Opening: ${authUrl}\n`);
+        reporter.info('If the browser does not open automatically, please visit the URL above.\n');
+        await (0, open_1.default)(authUrl);
+        reporter.info('Waiting for authentication...');
+        let token;
+        try {
+            token = await pollForToken(apiClient, requestCode, reporter);
+        }
+        catch (pollError) {
+            if (pollError.message === 'Authentication timeout' || pollError.message === 'Authentication expired') {
+                reporter.warning('\nAutomatic authentication failed.');
+                reporter.info('If you see your token in the browser, you can paste it below:\n');
+                const manualToken = await promptForToken();
+                if (manualToken && manualToken.startsWith('gg_')) {
+                    token = manualToken;
+                    reporter.info('Token received manually.');
+                }
+                else {
+                    throw pollError;
+                }
+            }
+            else {
+                throw pollError;
+            }
+        }
+        config.setApiToken(token, 'temp@email.com');
+        const profile = await apiClient.getProfile();
+        config.setApiToken(token, profile.email);
+        config.setUserProfile(profile.subscription, profile.preferences);
+        reporter.success(`\nSuccessfully logged in as ${profile.email}`);
+        reporter.info(`Subscription: ${profile.subscription}`);
+        reporter.info(`Daily scans remaining: ${profile.limits.scansRemaining}/${profile.limits.dailyScans}`);
+        if (profile.subscription !== 'free') {
+            reporter.info('\nDefault scan features:');
+            if (profile.preferences.aiScanEnabled && (profile.subscription === 'pro' || profile.subscription === 'premier')) {
+                reporter.info('  ✓ AI-powered analysis enabled');
+            }
+            if (profile.preferences.dependencyScanEnabled && profile.subscription === 'premier') {
+                reporter.info('  ✓ Dependency scanning enabled');
+            }
+            if (profile.preferences.secretScanEnabled && profile.subscription === 'premier') {
+                reporter.info('  ✓ Secret detection enabled');
+            }
+            reporter.info('\nUse --no-ai, --no-dependencies, or --no-secrets to disable specific features.');
+        }
+    }
+    catch (error) {
+        if (error.message === 'Authentication timeout') {
+            reporter.error('Authentication timed out. Please try again.');
+        }
+        else if (error.message === 'Authentication expired') {
+            reporter.error('Authentication request expired. Please try again.');
+        }
+        else if (error.response?.data?.message) {
+            reporter.error(error.response.data.message);
+        }
+        else {
+            reporter.error('Login failed. Please try again.');
+            if (error.message) {
+                reporter.error(`Error: ${error.message}`);
+            }
+        }
+        process.exit(1);
+    }
+}
+async function pollForToken(apiClient, requestCode, reporter) {
+    const startTime = Date.now();
+    let attempts = 0;
+    while (Date.now() - startTime < MAX_POLL_TIME) {
+        try {
+            const result = await apiClient.pollAuth(requestCode);
+            if (result.status === 'completed' && result.token) {
+                return result.token;
+            }
+            if (result.status === 'expired') {
+                throw new Error('Authentication expired');
+            }
+            attempts++;
+            if (attempts % 5 === 0) {
+                reporter.info('Still waiting for authentication...');
+            }
+            await sleep(POLL_INTERVAL);
+        }
+        catch (error) {
+            if (error.response?.status === 410) {
+                throw new Error('Authentication expired');
+            }
+            throw error;
+        }
+    }
+    throw new Error('Authentication timeout');
+}
+function sleep(ms) {
+    return new Promise((resolve) => setTimeout(resolve, ms));
+}
+function promptForToken() {
+    const rl = readline_1.default.createInterface({
+        input: process.stdin,
+        output: process.stdout,
+    });
+    return new Promise((resolve) => {
+        rl.question('Paste your token: ', (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+    });
+}
+//# sourceMappingURL=login.js.map

package/dist/commands/login.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"login.js","sourceRoot":"","sources":["../../src/commands/login.ts"],"names":[],"mappings":";;;;;AASA,oCAuFC;AAhGD,gDAAwB;AACxB,wDAAgC;AAChC,0CAA8C;AAC9C,kDAA8C;AAC9C,8CAA2C;AAE3C,MAAM,aAAa,GAAG,IAAI,CAAC;AAC3B,MAAM,aAAa,GAAG,MAAM,CAAC;AAEtB,KAAK,UAAU,YAAY;IAChC,MAAM,MAAM,GAAG,IAAI,sBAAa,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,mBAAQ,CAAC,MAAM,CAAC,CAAC;IAEtC,IAAI,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACjC,MAAM,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,GAAG,CAAC,gBAAgB,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,sBAAS,CAAC,MAAM,CAAC,CAAC;IAExC,IAAI,CAAC;QACH,QAAQ,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QAEhD,MAAM,EAAE,WAAW,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;QAE/D,QAAQ,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;QACtF,QAAQ,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;QAChF,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACtD,QAAQ,CAAC,IAAI,CAAC,YAAY,OAAO,IAAI,CAAC,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;QAE3F,MAAM,IAAA,cAAI,EAAC,OAAO,CAAC,CAAC;QAEpB,QAAQ,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAE/C,IAAI,KAAa,CAAC;QAElB,IAAI,CAAC;YACH,KAAK,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;QAC/D,CAAC;QAAC,OAAO,SAAc,EAAE,CAAC;YACxB,IAAI,SAAS,CAAC,OAAO,KAAK,wBAAwB,IAAI,SAAS,CAAC,OAAO,KAAK,wBAAwB,EAAE,CAAC;gBACrG,QAAQ,CAAC,OAAO,CAAC,oCAAoC,CAAC,CAAC;gBACvD,QAAQ,CAAC,IAAI,CAAC,iEAAiE,CAAC,CAAC;gBAEjF,MAAM,WAAW,GAAG,MAAM,cAAc,EAAE,CAAC;gBAE3C,IAAI,WAAW,IAAI,WAAW,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;oBACjD,KAAK,GAAG,WAAW,CAAC;oBACpB,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;gBAC5C,CAAC;qBAAM,CAAC;oBACN,MAAM,SAAS,CAAC;gBAClB,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,SAAS,CAAC;YAClB,CAAC;QACH,CAAC;QAED,MAAM,CAAC,WAAW,CAAC,KAAK,EAAE,gBAAgB,CAAC,CAAC;QAE5C,MAAM,OAAO,GAAG,MAAM,SAAS,CAAC,UAAU,EAAE,CAAC;QAE7C,MAAM,CAAC,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QACzC,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,YAAY,EAAE,OAAO,CAAC,WAAW,CAAC,CAAC;QAEjE,QAAQ,CAAC,OAAO,CAAC,+BAA+B,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QACjE,QAAQ,CAAC,IAAI,CAAC,iBAAiB,OAAO,CAAC,YAAY,EAAE,CAAC,CAAC;QACvD,QAAQ,CAAC,IAAI,CAAC,0BAA0B,OAAO,CAAC,MAAM,CAAC,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QAEtG,IAAI,OAAO,CAAC,YAAY,KAAK,MAAM,EAAE,CAAC;YACpC,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;YAC1C,IAAI,OAAO,CAAC,WAAW,CAAC,aAAa,IAAI,CAAC,OAAO,CAAC,YAAY,KAAK,KAAK,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,CAAC,EAAE,CAAC;gBAChH,QAAQ,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YACnD,CAAC;YACD,IAAI,OAAO,CAAC,WAAW,CAAC,qBAAqB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBACpF,QAAQ,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;YACnD,CAAC;YACD,IAAI,OAAO,CAAC,WAAW,CAAC,iBAAiB,IAAI,OAAO,CAAC,YAAY,KAAK,SAAS,EAAE,CAAC;gBAChF,QAAQ,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAChD,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC,iFAAiF,CAAC,CAAC;QACnG,CAAC;IACH,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,IAAI,KAAK,CAAC,OAAO,KAAK,wBAAwB,EAAE,CAAC;YAC/C,QAAQ,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAChE,CAAC;aAAM,IAAI,KAAK,CAAC,OAAO,KAAK,wBAAwB,EAAE,CAAC;YACtD,QAAQ,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACtE,CAAC;aAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;YACzC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YAClD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBAClB,QAAQ,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,SAAoB,EACpB,WAAmB,EACnB,QAAkB;IAElB,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,OAAO,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,GAAG,aAAa,EAAE,CAAC;QAC9C,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;YAErD,IAAI,MAAM,CAAC,MAAM,KAAK,WAAW,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;gBAClD,OAAO,MAAM,CAAC,KAAK,CAAC;YACtB,CAAC;YAED,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAChC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;YAC5C,CAAC;YAED,QAAQ,EAAE,CAAC;YACX,IAAI,QAAQ,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;YACvD,CAAC;YAED,MAAM,KAAK,CAAC,aAAa,CAAC,CAAC;QAC7B,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;gBACnC,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;YAC5C,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,MAAM,IAAI,KAAK,CAAC,wBAAwB,CAAC,CAAC;AAC5C,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,EAAE,GAAG,kBAAQ,CAAC,eAAe,CAAC;QAClC,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,MAAM,EAAE,OAAO,CAAC,MAAM;KACvB,CAAC,CAAC;IAEH,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,EAAE,CAAC,QAAQ,CAAC,oBAAoB,EAAE,CAAC,MAAM,EAAE,EAAE;YAC3C,EAAE,CAAC,KAAK,EAAE,CAAC;YACX,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QACzB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/commands/logout.d.ts

@@ -0,0 +1,2 @@
+export declare function logoutCommand(): Promise<void>;
+//# sourceMappingURL=logout.d.ts.map

package/dist/commands/logout.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logout.d.ts","sourceRoot":"","sources":["../../src/commands/logout.ts"],"names":[],"mappings":"AAIA,wBAAsB,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC,CAsBnD"}

package/dist/commands/logout.js

@@ -0,0 +1,26 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logoutCommand = logoutCommand;
+const config_1 = require("../lib/config");
+const api_client_1 = require("../lib/api-client");
+const reporter_1 = require("../lib/reporter");
+async function logoutCommand() {
+    const config = new config_1.ConfigManager();
+    const reporter = new reporter_1.Reporter(config);
+    const apiClient = new api_client_1.APIClient(config);
+    if (!config.isAuthenticated()) {
+        reporter.warning('Not logged in');
+        return;
+    }
+    const email = config.get().email;
+    try {
+        await apiClient.revokeToken();
+        reporter.info('Token revoked on server');
+    }
+    catch (error) {
+        reporter.warning('Could not revoke token on server (continuing with local logout)');
+    }
+    config.clearAuth();
+    reporter.success(`Logged out ${email || ''}`);
+}
+//# sourceMappingURL=logout.js.map

package/dist/commands/logout.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logout.js","sourceRoot":"","sources":["../../src/commands/logout.ts"],"names":[],"mappings":";;AAIA,sCAsBC;AA1BD,0CAA8C;AAC9C,kDAA8C;AAC9C,8CAA2C;AAEpC,KAAK,UAAU,aAAa;IACjC,MAAM,MAAM,GAAG,IAAI,sBAAa,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,mBAAQ,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,IAAI,sBAAS,CAAC,MAAM,CAAC,CAAC;IAExC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC;QAC9B,QAAQ,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAClC,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,KAAK,CAAC;IAEjC,IAAI,CAAC;QACH,MAAM,SAAS,CAAC,WAAW,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAC3C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,QAAQ,CAAC,OAAO,CAAC,iEAAiE,CAAC,CAAC;IACtF,CAAC;IAED,MAAM,CAAC,SAAS,EAAE,CAAC;IAEnB,QAAQ,CAAC,OAAO,CAAC,cAAc,KAAK,IAAI,EAAE,EAAE,CAAC,CAAC;AAChD,CAAC"}

package/dist/commands/scan.d.ts

@@ -0,0 +1,14 @@
+interface ScanOptions {
+    dir?: string;
+    file?: string;
+    ai?: boolean;
+    noAi?: boolean;
+    dependencies?: boolean;
+    noDependencies?: boolean;
+    secrets?: boolean;
+    noSecrets?: boolean;
+    json?: boolean;
+}
+export declare function scanCommand(options: ScanOptions): Promise<void>;
+export {};
+//# sourceMappingURL=scan.d.ts.map

package/dist/commands/scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../src/commands/scan.ts"],"names":[],"mappings":"AAMA,UAAU,WAAW;IACnB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,wBAAsB,WAAW,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAmFrE"}

package/dist/commands/scan.js

@@ -0,0 +1,85 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.scanCommand = scanCommand;
+const config_1 = require("../lib/config");
+const api_client_1 = require("../lib/api-client");
+const reporter_1 = require("../lib/reporter");
+const file_scanner_1 = require("../lib/file-scanner");
+const repo_detector_1 = require("../lib/repo-detector");
+async function scanCommand(options) {
+    const config = new config_1.ConfigManager();
+    const reporter = new reporter_1.Reporter(config);
+    const apiClient = new api_client_1.APIClient(config);
+    if (!config.isAuthenticated()) {
+        reporter.error('Not authenticated');
+        reporter.info('Run "gitguard login" to authenticate');
+        process.exit(1);
+    }
+    try {
+        reporter.info('Collecting files...');
+        const fileScanner = new file_scanner_1.FileScanner();
+        const scanDir = options.file ? process.cwd() : (options.dir || process.cwd());
+        let files;
+        if (options.file) {
+            files = await fileScanner.scanSingleFile(options.file);
+        }
+        else {
+            files = await fileScanner.collectFiles(scanDir);
+        }
+        const fileCount = Object.keys(files).length;
+        if (fileCount === 0) {
+            reporter.warning('No code files found to scan');
+            return;
+        }
+        // Detect repository name from .git/config or package.json
+        const repository = repo_detector_1.RepoDetector.detectRepositoryName(scanDir);
+        reporter.info(`Found ${fileCount} file(s), sending to GitGuard...`);
+        const preferences = config.getPreferences();
+        const subscription = config.getSubscription() || 'free';
+        const includeAI = options.noAi ? false : (options.ai || preferences.aiScanEnabled);
+        const includeDependencies = options.noDependencies ? false : (options.dependencies || preferences.dependencyScanEnabled);
+        const includeSecrets = options.noSecrets ? false : (options.secrets || preferences.secretScanEnabled);
+        const result = await apiClient.scan({
+            files,
+            repository,
+            options: {
+                includeAI,
+                includeDependencies,
+                includeSecrets,
+            },
+        });
+        if (options.json) {
+            console.log(JSON.stringify(result, null, 2));
+        }
+        else {
+            reporter.reportScan(result);
+        }
+        const hasCriticalOrHigh = result.summary.critical > 0 || result.summary.high > 0;
+        if (hasCriticalOrHigh) {
+            process.exit(1);
+        }
+    }
+    catch (error) {
+        if (error.response?.status === 401) {
+            reporter.error('Authentication expired. Please login again.');
+            config.clearAuth();
+        }
+        else if (error.response?.status === 429) {
+            reporter.error('Rate limit exceeded');
+            if (error.response.data?.message) {
+                reporter.info(error.response.data.message);
+            }
+        }
+        else if (error.response?.data?.message) {
+            reporter.error(error.response.data.message);
+        }
+        else {
+            reporter.error('Scan failed. Please try again.');
+            if (error.message) {
+                console.error(error.message);
+            }
+        }
+        process.exit(1);
+    }
+}
+//# sourceMappingURL=scan.js.map

package/dist/commands/scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../src/commands/scan.ts"],"names":[],"mappings":";;AAkBA,kCAmFC;AArGD,0CAA8C;AAC9C,kDAA8C;AAC9C,8CAA2C;AAC3C,sDAAkD;AAClD,wDAAoD;AAc7C,KAAK,UAAU,WAAW,CAAC,OAAoB;IACpD,MAAM,MAAM,GAAG,IAAI,sBAAa,EAAE,CAAC;IACnC,MAAM,QAAQ,GAAG,IAAI,mBAAQ,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,IAAI,sBAAS,CAAC,MAAM,CAAC,CAAC;IAExC,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,EAAE,CAAC;QAC9B,QAAQ,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAErC,MAAM,WAAW,GAAG,IAAI,0BAAW,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;QAC9E,IAAI,KAA6B,CAAC;QAElC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,KAAK,GAAG,MAAM,WAAW,CAAC,cAAc,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACzD,CAAC;aAAM,CAAC;YACN,KAAK,GAAG,MAAM,WAAW,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC;QAClD,CAAC;QAED,MAAM,SAAS,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC;QAE5C,IAAI,SAAS,KAAK,CAAC,EAAE,CAAC;YACpB,QAAQ,CAAC,OAAO,CAAC,6BAA6B,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,0DAA0D;QAC1D,MAAM,UAAU,GAAG,4BAAY,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAE9D,QAAQ,CAAC,IAAI,CAAC,SAAS,SAAS,kCAAkC,CAAC,CAAC;QAEpE,MAAM,WAAW,GAAG,MAAM,CAAC,cAAc,EAAE,CAAC;QAC5C,MAAM,YAAY,GAAG,MAAM,CAAC,eAAe,EAAE,IAAI,MAAM,CAAC;QAExD,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,IAAI,WAAW,CAAC,aAAa,CAAC,CAAC;QACnF,MAAM,mBAAmB,GAAG,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,YAAY,IAAI,WAAW,CAAC,qBAAqB,CAAC,CAAC;QACzH,MAAM,cAAc,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,IAAI,WAAW,CAAC,iBAAiB,CAAC,CAAC;QAEtG,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC;YAClC,KAAK;YACL,UAAU;YACV,OAAO,EAAE;gBACP,SAAS;gBACT,mBAAmB;gBACnB,cAAc;aACf;SACF,CAAC,CAAC;QAEH,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;QAC9B,CAAC;QAED,MAAM,iBAAiB,GAAG,MAAM,CAAC,OAAO,CAAC,QAAQ,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC;QAEjF,IAAI,iBAAiB,EAAE,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;YACnC,QAAQ,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC9D,MAAM,CAAC,SAAS,EAAE,CAAC;QACrB,CAAC;aAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,MAAM,KAAK,GAAG,EAAE,CAAC;YAC1C,QAAQ,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACtC,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;gBACjC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC;aAAM,IAAI,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;YACzC,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC9C,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;YACjD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBAClB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}

package/dist/commands/whoami.d.ts

@@ -0,0 +1,2 @@
+export declare function whoamiCommand(): Promise<void>;
+//# sourceMappingURL=whoami.d.ts.map