@greenarmor/ges 0.4.0 → 0.5.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/dist/commands/audit.js +44 -4
  2. package/dist/commands/badge.js +4 -3
  3. package/package.json +12 -12
package/dist/commands/audit.js CHANGED
@@ -1,9 +1,10 @@
1
1
  import { Command } from "commander";
2
2
  import { ensureGESInitialized, readJsonFile, writeJsonFile } from "../utils/project.js";
3
- import { getAllPacks } from "@greenarmor/ges-policy-engine";
3
+ import { getPacksForProjectType, getAllPacks } from "@greenarmor/ges-policy-engine";
4
4
  import { generateScoreFile, formatScoreOutput } from "@greenarmor/ges-scoring-engine";
5
5
  import { runAudit, deduplicateFindings } from "@greenarmor/ges-audit-engine";
6
6
  import { showNextStepsMenu } from "../utils/next-steps.js";
7
+ import * as fs from "node:fs";
7
8
  import * as path from "node:path";
8
9
  export const auditCommand = new Command("audit")
9
10
  .description("Run a compliance audit on the project")
@@ -19,14 +20,29 @@ export const auditCommand = new Command("audit")
19
20
  const findings = deduplicateFindings(rawFindings);
20
21
  console.log(` Scanned ${scannedFiles} files\n`);
21
22
  const frameworks = (config?.frameworks || ["GDPR", "OWASP"]);
22
- const controls = getAllPacks().flatMap(p => p.controls);
23
- const updatedControls = updateControlsFromFindings(controls, findings);
24
- const scoreData = generateScoreFile(updatedControls, frameworks, findings);
23
+ const projectPacks = getPacksForProjectType(config?.project_type || "generic-web-application");
24
+ const packIds = new Set(projectPacks.map(p => p.id));
25
+ const fwLower = new Set(frameworks.map(f => f.toLowerCase()));
26
+ const allPacks = getAllPacks();
27
+ for (const p of allPacks) {
28
+ if (fwLower.has(p.id))
29
+ packIds.add(p.id);
30
+ }
31
+ const controls = allPacks.filter(p => packIds.has(p.id)).flatMap(p => p.controls);
32
+ const overrides = loadControlOverrides(root);
33
+ const updatedControls = applyControlOverrides(controls, overrides);
34
+ const auditedControls = updateControlsFromFindings(updatedControls, findings);
35
+ const scoreData = generateScoreFile(auditedControls, frameworks, findings);
25
36
  writeJsonFile(path.join(root, ".ges", "score.json"), scoreData);
26
37
  const critical = findings.filter(f => f.severity === "critical");
27
38
  const high = findings.filter(f => f.severity === "high");
28
39
  const medium = findings.filter(f => f.severity === "medium");
29
40
  const low = findings.filter(f => f.severity === "low");
41
+ if (overrides.length > 0) {
42
+ const naCount = overrides.filter(o => o.status === "not-applicable").length;
43
+ const passCount = overrides.filter(o => o.status === "pass").length;
44
+ console.log(` Control overrides: ${naCount} not-applicable, ${passCount} pre-verified\n`);
45
+ }
30
46
  if (options.json) {
31
47
  console.log(JSON.stringify({ findings, score: scoreData }, null, 2));
32
48
  if (options.ci && critical.length > 0)
@@ -67,8 +83,32 @@ export const auditCommand = new Command("audit")
67
83
  }
68
84
  await showNextStepsMenu("audit");
69
85
  });
86
+ function loadControlOverrides(root) {
87
+ const overridePath = path.join(root, ".ges", "control-overrides.json");
88
+ if (!fs.existsSync(overridePath))
89
+ return [];
90
+ const overrides = readJsonFile(overridePath);
91
+ return Array.isArray(overrides) ? overrides : [];
92
+ }
93
+ function applyControlOverrides(controls, overrides) {
94
+ if (overrides.length === 0)
95
+ return controls;
96
+ const overrideMap = new Map(overrides.map(o => [o.control_id, o]));
97
+ return controls.map(control => {
98
+ const override = overrideMap.get(control.id);
99
+ if (!override)
100
+ return control;
101
+ return {
102
+ ...control,
103
+ status: override.status,
104
+ checks: control.checks.map(check => ({ ...check, status: override.status })),
105
+ };
106
+ });
107
+ }
70
108
  function updateControlsFromFindings(controls, findings) {
71
109
  return controls.map(control => {
110
+ if (control.status === "pass" || control.status === "not-applicable")
111
+ return control;
72
112
  const relevantFindings = findings.filter(f => f.controlIds.includes(control.id));
73
113
  if (relevantFindings.length === 0)
74
114
  return control;
package/dist/commands/badge.js CHANGED
@@ -1,12 +1,12 @@
1
1
  import { Command } from "commander";
2
2
  import { ensureGESInitialized, readJsonFile } from "../utils/project.js";
3
- import { generateBadgeSvg, injectBadgeIntoReadme, computeGrade } from "@greenarmor/ges-scoring-engine";
3
+ import { generateBadgeSvg, injectBadgeIntoReadme, computeGrade, generateScoreExplainer } from "@greenarmor/ges-scoring-engine";
4
4
  import { showNextStepsMenu } from "../utils/next-steps.js";
5
5
  import * as fs from "node:fs";
6
6
  import * as path from "node:path";
7
7
  export const badgeCommand = new Command("badge")
8
8
  .description("Generate compliance score badge for README")
9
- .option("-o, --output <path>", "Output path for badge SVG", ".ges/badge.svg")
9
+ .option("-o, --output <path>", "Output path for badge SVG", "badge.svg")
10
10
  .option("--readme <path>", "README file to inject badge into", "README.md")
11
11
  .option("--no-readme", "Do not inject badge into README")
12
12
  .action(async (options) => {
@@ -22,6 +22,7 @@ export const badgeCommand = new Command("badge")
22
22
  const outputPath = path.resolve(root, options.output);
23
23
  fs.mkdirSync(path.dirname(outputPath), { recursive: true });
24
24
  fs.writeFileSync(outputPath, svg);
25
+ const explainer = generateScoreExplainer(score);
25
26
  console.log(`\n Badge generated: ${options.output}`);
26
27
  console.log(` Score: ${score.overall}% (${score.overall_grade ?? computeGrade(score.overall)})`);
27
28
  if (options.readme !== false) {
@@ -29,7 +30,7 @@ export const badgeCommand = new Command("badge")
29
30
  if (fs.existsSync(readmePath)) {
30
31
  const readmeContent = fs.readFileSync(readmePath, "utf-8");
31
32
  const relativeBadgePath = path.relative(path.dirname(readmePath), outputPath);
32
- const updated = injectBadgeIntoReadme(readmeContent, relativeBadgePath);
33
+ const updated = injectBadgeIntoReadme(readmeContent, relativeBadgePath, explainer);
33
34
  fs.writeFileSync(readmePath, updated);
34
35
  console.log(` Badge injected into ${options.readme}`);
35
36
  }
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@greenarmor/ges",
3
- "version": "0.4.0",
3
+ "version": "0.5.1",
4
4
  "description": "Green Engineering Standard Framework - Compliance-as-Code CLI",
5
5
  "type": "module",
6
6
  "main": "./dist/index.js",
@@ -13,17 +13,17 @@
13
13
  ],
14
14
  "dependencies": {
15
15
  "commander": "^13.0.0",
16
- "@greenarmor/ges-audit-engine": "0.4.0",
17
- "@greenarmor/ges-cicd-generator": "0.4.0",
18
- "@greenarmor/ges-policy-engine": "0.4.0",
19
- "@greenarmor/ges-core": "0.4.0",
20
- "@greenarmor/ges-report-generator": "0.4.0",
21
- "@greenarmor/ges-compliance-engine": "0.4.0",
22
- "@greenarmor/ges-scanner-integration": "0.4.0",
23
- "@greenarmor/ges-scoring-engine": "0.4.0",
24
- "@greenarmor/ges-rules-engine": "0.4.0",
25
- "@greenarmor/ges-mcp-server": "0.4.0",
26
- "@greenarmor/ges-doc-generator": "0.4.0"
16
+ "@greenarmor/ges-audit-engine": "0.5.1",
17
+ "@greenarmor/ges-cicd-generator": "0.5.1",
18
+ "@greenarmor/ges-compliance-engine": "0.5.1",
19
+ "@greenarmor/ges-doc-generator": "0.5.1",
20
+ "@greenarmor/ges-policy-engine": "0.5.1",
21
+ "@greenarmor/ges-report-generator": "0.5.1",
22
+ "@greenarmor/ges-rules-engine": "0.5.1",
23
+ "@greenarmor/ges-scanner-integration": "0.5.1",
24
+ "@greenarmor/ges-scoring-engine": "0.5.1",
25
+ "@greenarmor/ges-mcp-server": "0.5.1",
26
+ "@greenarmor/ges-core": "0.5.1"
27
27
  },
28
28
  "devDependencies": {
29
29
  "@types/node": "^22.0.0",