@greenarmor/ges 0.3.5 → 0.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (7) hide show
  1. package/dist/cli.js +2 -0
  2. package/dist/commands/audit.js +44 -4
  3. package/dist/commands/badge.d.ts +2 -0
  4. package/dist/commands/badge.js +42 -0
  5. package/dist/commands/compliance.js +4 -1
  6. package/dist/commands/score.js +3 -12
  7. package/package.json +12 -12
package/dist/cli.js CHANGED
@@ -12,6 +12,7 @@ import { generateCommand } from "./commands/generate.js";
12
12
  import { policyCommand } from "./commands/policy.js";
13
13
  import { updateCommand } from "./commands/update.js";
14
14
  import { mcpCommand } from "./commands/mcp.js";
15
+ import { badgeCommand } from "./commands/badge.js";
15
16
  import { GESF_VERSION } from "@greenarmor/ges-core";
16
17
  const program = new Command();
17
18
  program
@@ -30,4 +31,5 @@ program.addCommand(generateCommand);
30
31
  program.addCommand(policyCommand);
31
32
  program.addCommand(updateCommand);
32
33
  program.addCommand(mcpCommand);
34
+ program.addCommand(badgeCommand);
33
35
  program.parse();
package/dist/commands/audit.js CHANGED
@@ -1,9 +1,10 @@
1
1
  import { Command } from "commander";
2
2
  import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
3
- import { getAllPacks } from "@greenarmor/ges-policy-engine";
3
+ import { getPacksForProjectType, getAllPacks } from "@greenarmor/ges-policy-engine";
4
4
  import { generateScoreFile, formatScoreOutput } from "@greenarmor/ges-scoring-engine";
5
5
  import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
6
6
  import { showNextStepsMenu } from "../utils/next-steps.js";
7
+ import * as fs from "node:fs";
7
8
  import * as path from "node:path";
8
9
  export const auditCommand = new Command("audit")
9
10
  .description("Run a compliance audit on the project")
@@ -19,14 +20,29 @@ export const auditCommand = new Command("audit")
19
20
  const findings = deduplicateFindings(rawFindings);
20
21
  console.log(` Scanned ${scannedFiles} files\n`);
21
22
  const frameworks = (config?.frameworks || ["GDPR", "OWASP"]);
22
- const controls = getAllPacks().flatMap(p => p.controls);
23
- const updatedControls = updateControlsFromFindings(controls, findings);
24
- const scoreData = generateScoreFile(updatedControls, frameworks);
23
+ const projectPacks = getPacksForProjectType(config?.project_type || "generic-web-application");
24
+ const packIds = new Set(projectPacks.map(p => p.id));
25
+ const fwLower = new Set(frameworks.map(f => f.toLowerCase()));
26
+ const allPacks = getAllPacks();
27
+ for (const p of allPacks) {
28
+ if (fwLower.has(p.id))
29
+ packIds.add(p.id);
30
+ }
31
+ const controls = allPacks.filter(p => packIds.has(p.id)).flatMap(p => p.controls);
32
+ const overrides = loadControlOverrides(root);
33
+ const updatedControls = applyControlOverrides(controls, overrides);
34
+ const auditedControls = updateControlsFromFindings(updatedControls, findings);
35
+ const scoreData = generateScoreFile(auditedControls, frameworks, findings);
25
36
  writeJsonFile(path.join(root, ".ges", "score.json"), scoreData);
26
37
  const critical = findings.filter(f => f.severity === "critical");
27
38
  const high = findings.filter(f => f.severity === "high");
28
39
  const medium = findings.filter(f => f.severity === "medium");
29
40
  const low = findings.filter(f => f.severity === "low");
41
+ if (overrides.length > 0) {
42
+ const naCount = overrides.filter(o => o.status === "not-applicable").length;
43
+ const passCount = overrides.filter(o => o.status === "pass").length;
44
+ console.log(` Control overrides: ${naCount} not-applicable, ${passCount} pre-verified\n`);
45
+ }
30
46
  if (options.json) {
31
47
  console.log(JSON.stringify({ findings, score: scoreData }, null, 2));
32
48
  if (options.ci && critical.length > 0)
@@ -67,8 +83,32 @@ export const auditCommand = new Command("audit")
67
83
  }
68
84
  await showNextStepsMenu("audit");
69
85
  });
86
+ function loadControlOverrides(root) {
87
+ const overridePath = path.join(root, ".ges", "control-overrides.json");
88
+ if (!fs.existsSync(overridePath))
89
+ return [];
90
+ const overrides = readJsonFile(overridePath);
91
+ return Array.isArray(overrides) ? overrides : [];
92
+ }
93
+ function applyControlOverrides(controls, overrides) {
94
+ if (overrides.length === 0)
95
+ return controls;
96
+ const overrideMap = new Map(overrides.map(o => [o.control_id, o]));
97
+ return controls.map(control => {
98
+ const override = overrideMap.get(control.id);
99
+ if (!override)
100
+ return control;
101
+ return {
102
+ ...control,
103
+ status: override.status,
104
+ checks: control.checks.map(check => ({ ...check, status: override.status })),
105
+ };
106
+ });
107
+ }
70
108
  function updateControlsFromFindings(controls, findings) {
71
109
  return controls.map(control => {
110
+ if (control.status === "pass" || control.status === "not-applicable")
111
+ return control;
72
112
  const relevantFindings = findings.filter(f => f.controlIds.includes(control.id));
73
113
  if (relevantFindings.length === 0)
74
114
  return control;
package/dist/commands/badge.d.ts ADDED
@@ -0,0 +1,2 @@
1
+ import { Command } from "commander";
2
+ export declare const badgeCommand: Command;
package/dist/commands/badge.js ADDED
@@ -0,0 +1,42 @@
1
+ import { Command } from "commander";
2
+ import { ensureGESInitialized, readJsonFile } from "../utils/project.js";
3
+ import { generateBadgeSvg, injectBadgeIntoReadme, computeGrade } from "@greenarmor/ges-scoring-engine";
4
+ import { showNextStepsMenu } from "../utils/next-steps.js";
5
+ import * as fs from "node:fs";
6
+ import * as path from "node:path";
7
+ export const badgeCommand = new Command("badge")
8
+ .description("Generate compliance score badge for README")
9
+ .option("-o, --output <path>", "Output path for badge SVG", "badge.svg")
10
+ .option("--readme <path>", "README file to inject badge into", "README.md")
11
+ .option("--no-readme", "Do not inject badge into README")
12
+ .action(async (options) => {
13
+ const root = ensureGESInitialized();
14
+ const scorePath = path.join(root, ".ges", "score.json");
15
+ const score = readJsonFile(scorePath);
16
+ if (!score || !score.frameworks || Object.keys(score.frameworks).length === 0) {
17
+ console.log("\n No compliance score available. Run 'ges audit' first.\n");
18
+ await showNextStepsMenu("badge");
19
+ return;
20
+ }
21
+ const svg = generateBadgeSvg(score);
22
+ const outputPath = path.resolve(root, options.output);
23
+ fs.mkdirSync(path.dirname(outputPath), { recursive: true });
24
+ fs.writeFileSync(outputPath, svg);
25
+ console.log(`\n Badge generated: ${options.output}`);
26
+ console.log(` Score: ${score.overall}% (${score.overall_grade ?? computeGrade(score.overall)})`);
27
+ if (options.readme !== false) {
28
+ const readmePath = path.resolve(root, options.readme);
29
+ if (fs.existsSync(readmePath)) {
30
+ const readmeContent = fs.readFileSync(readmePath, "utf-8");
31
+ const relativeBadgePath = path.relative(path.dirname(readmePath), outputPath);
32
+ const updated = injectBadgeIntoReadme(readmeContent, relativeBadgePath);
33
+ fs.writeFileSync(readmePath, updated);
34
+ console.log(` Badge injected into ${options.readme}`);
35
+ }
36
+ else {
37
+ console.log(` ${options.readme} not found — skipping badge injection`);
38
+ }
39
+ }
40
+ console.log("");
41
+ await showNextStepsMenu("badge");
42
+ });
package/dist/commands/compliance.js CHANGED
@@ -25,7 +25,10 @@ export const complianceCommand = new Command("compliance")
25
25
  const controls = readJsonFile(controlsFile);
26
26
  const total = controls?.length || 0;
27
27
  const passed = controls?.filter(c => c.status === "pass").length || 0;
28
- console.log(` ${pack.id.padEnd(15)} ${passed}/${total} controls passed`);
28
+ const failed = controls?.filter(c => c.status === "fail").length || 0;
29
+ const criticalFailed = controls?.filter(c => c.status === "fail" && c.severity === "critical").length || 0;
30
+ const statusTag = criticalFailed > 0 ? " ⚠" : "";
31
+ console.log(` ${pack.id.padEnd(15)} ${passed}/${total} passed ${failed} failed${statusTag}`);
29
32
  }
30
33
  }
31
34
  console.log("");
package/dist/commands/score.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import { Command } from "commander";
2
2
  import { ensureGESInitialized, readJsonFile } from "../utils/project.js";
3
+ import { formatScoreOutput } from "@greenarmor/ges-scoring-engine";
3
4
  import { showNextStepsMenu } from "../utils/next-steps.js";
4
5
  import * as path from "node:path";
5
6
  export const scoreCommand = new Command("score")
@@ -18,18 +19,8 @@ export const scoreCommand = new Command("score")
18
19
  console.log(JSON.stringify(score, null, 2));
19
20
  }
20
21
  else {
21
- const lines = [""];
22
- for (const [fw, data] of Object.entries(score.frameworks)) {
23
- const padding = Math.max(1, 20 - fw.length);
24
- const dots = ".".repeat(padding);
25
- lines.push(` ${fw} ${dots} ${data.score}%`);
26
- }
27
- const overallPadding = Math.max(1, 20 - "Overall".length);
28
- lines.push(` Overall ${".".repeat(overallPadding)} ${score.overall}%`);
29
- lines.push("");
30
- lines.push(` Last evaluated: ${score.evaluated_at}`);
31
- lines.push("");
32
- console.log(lines.join("\n"));
22
+ console.log(formatScoreOutput(score));
23
+ console.log(` Last evaluated: ${score.evaluated_at}\n`);
33
24
  }
34
25
  await showNextStepsMenu("score");
35
26
  });
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@greenarmor/ges",
3
- "version": "0.3.5",
3
+ "version": "0.5.0",
4
4
  "description": "Green Engineering Standard Framework - Compliance-as-Code CLI",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -13,17 +13,17 @@
13
13
  ],
14
14
  "dependencies": {
15
15
  "commander": "^13.0.0",
16
- "@greenarmor/ges-audit-engine": "0.3.5",
17
- "@greenarmor/ges-cicd-generator": "0.3.5",
18
- "@greenarmor/ges-core": "0.3.5",
19
- "@greenarmor/ges-compliance-engine": "0.3.5",
20
- "@greenarmor/ges-report-generator": "0.3.5",
21
- "@greenarmor/ges-rules-engine": "0.3.5",
22
- "@greenarmor/ges-policy-engine": "0.3.5",
23
- "@greenarmor/ges-scoring-engine": "0.3.5",
24
- "@greenarmor/ges-scanner-integration": "0.3.5",
25
- "@greenarmor/ges-doc-generator": "0.3.5",
26
- "@greenarmor/ges-mcp-server": "0.3.5"
16
+ "@greenarmor/ges-audit-engine": "0.5.0",
17
+ "@greenarmor/ges-doc-generator": "0.5.0",
18
+ "@greenarmor/ges-cicd-generator": "0.5.0",
19
+ "@greenarmor/ges-compliance-engine": "0.5.0",
20
+ "@greenarmor/ges-policy-engine": "0.5.0",
21
+ "@greenarmor/ges-rules-engine": "0.5.0",
22
+ "@greenarmor/ges-report-generator": "0.5.0",
23
+ "@greenarmor/ges-scanner-integration": "0.5.0",
24
+ "@greenarmor/ges-scoring-engine": "0.5.0",
25
+ "@greenarmor/ges-mcp-server": "0.5.0",
26
+ "@greenarmor/ges-core": "0.5.0"
27
27
  },
28
28
  "devDependencies": {
29
29
  "@types/node": "^22.0.0",