@guava-parity/guard-scanner 15.0.0 → 16.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +208 -42
- package/README_ja.md +252 -0
- package/SKILL.md +40 -11
- package/dist/cli.cjs +5997 -0
- package/dist/cli.d.mts +1 -0
- package/dist/cli.d.ts +1 -0
- package/dist/cli.mjs +6003 -0
- package/dist/index.cjs +4825 -0
- package/dist/index.d.mts +17 -0
- package/dist/index.d.ts +17 -0
- package/dist/index.mjs +4798 -0
- package/dist/mcp-server.cjs +4756 -0
- package/dist/mcp-server.d.mts +1 -0
- package/dist/mcp-server.d.ts +1 -0
- package/dist/mcp-server.mjs +4767 -0
- package/dist/openclaw-plugin.cjs +4863 -0
- package/dist/openclaw-plugin.d.mts +11 -0
- package/dist/openclaw-plugin.d.ts +11 -0
- package/dist/openclaw-plugin.mjs +4847 -34
- package/dist/types.cjs +18 -0
- package/dist/types.d.mts +215 -0
- package/dist/types.d.ts +215 -0
- package/dist/types.mjs +1 -0
- package/docs/data/benchmark-ledger.json +1428 -0
- package/docs/data/corpus-metrics.json +3 -3
- package/docs/data/fp-ledger.json +18 -0
- package/docs/data/quality-contract.json +36 -0
- package/docs/generated/openclaw-upstream-status.json +13 -13
- package/docs/openclaw-compatibility-audit.md +3 -2
- package/docs/openclaw-continuous-compatibility-plan.md +2 -1
- package/docs/spec/capabilities.json +137 -5
- package/docs/spec/plugin-trust.json +11 -0
- package/hooks/{context.js → context.ts} +1 -0
- package/openclaw-plugin.mts +21 -5
- package/openclaw.plugin.json +2 -2
- package/package.json +58 -20
- package/src/asset-auditor.js +0 -508
- package/src/ci-reporter.js +0 -135
- package/src/cli.js +0 -434
- package/src/core/content-loader.js +0 -42
- package/src/core/inventory.js +0 -73
- package/src/core/report-adapters.js +0 -171
- package/src/core/risk-engine.js +0 -93
- package/src/core/rule-registry.js +0 -73
- package/src/core/semantic-validators.js +0 -85
- package/src/finding-schema.js +0 -191
- package/src/hooks/context.ts +0 -49
- package/src/html-template.js +0 -239
- package/src/ioc-db.js +0 -54
- package/src/mcp-server.js +0 -653
- package/src/openclaw-upstream.js +0 -128
- package/src/patterns.js +0 -629
- package/src/policy-engine.js +0 -32
- package/src/quarantine.js +0 -41
- package/src/runtime-guard.js +0 -384
- package/src/scanner.js +0 -1042
- package/src/skill-crawler.js +0 -254
- package/src/threat-model.js +0 -50
- package/src/validation-layer.js +0 -39
- package/src/vt-client.js +0 -202
- package/src/watcher.js +0 -170
package/src/openclaw-upstream.js
DELETED
|
@@ -1,128 +0,0 @@
|
|
|
1
|
-
const https = require('node:https');
|
|
2
|
-
|
|
3
|
-
function parseVersion(version) {
|
|
4
|
-
const [stable, prerelease = ''] = String(version).split('-', 2);
|
|
5
|
-
const parts = stable.split('.').map((value) => Number.parseInt(value, 10));
|
|
6
|
-
while (parts.length < 3) parts.push(0);
|
|
7
|
-
|
|
8
|
-
return {
|
|
9
|
-
raw: version,
|
|
10
|
-
parts,
|
|
11
|
-
prerelease,
|
|
12
|
-
};
|
|
13
|
-
}
|
|
14
|
-
|
|
15
|
-
function compareOpenClawVersions(left, right) {
|
|
16
|
-
const a = parseVersion(left);
|
|
17
|
-
const b = parseVersion(right);
|
|
18
|
-
|
|
19
|
-
for (let index = 0; index < 3; index += 1) {
|
|
20
|
-
if (a.parts[index] > b.parts[index]) return 1;
|
|
21
|
-
if (a.parts[index] < b.parts[index]) return -1;
|
|
22
|
-
}
|
|
23
|
-
|
|
24
|
-
if (!a.prerelease && b.prerelease) return 1;
|
|
25
|
-
if (a.prerelease && !b.prerelease) return -1;
|
|
26
|
-
if (a.prerelease > b.prerelease) return 1;
|
|
27
|
-
if (a.prerelease < b.prerelease) return -1;
|
|
28
|
-
return 0;
|
|
29
|
-
}
|
|
30
|
-
|
|
31
|
-
function evaluateOpenClawBaseline({ pinnedVersion, latestVersion, latestPublishedAt, source }) {
|
|
32
|
-
const comparison = compareOpenClawVersions(pinnedVersion, latestVersion);
|
|
33
|
-
|
|
34
|
-
return {
|
|
35
|
-
pinnedVersion,
|
|
36
|
-
latestVersion,
|
|
37
|
-
latestPublishedAt,
|
|
38
|
-
source,
|
|
39
|
-
upToDate: comparison === 0,
|
|
40
|
-
ahead: comparison > 0,
|
|
41
|
-
behind: comparison < 0,
|
|
42
|
-
};
|
|
43
|
-
}
|
|
44
|
-
|
|
45
|
-
function normalizeGitHubReleaseVersion(tagName) {
|
|
46
|
-
return String(tagName).replace(/^v/i, '');
|
|
47
|
-
}
|
|
48
|
-
|
|
49
|
-
function evaluateOpenClawSourceParity({ npmLatestVersion, githubLatestVersion }) {
|
|
50
|
-
const normalizedGitHubVersion = normalizeGitHubReleaseVersion(githubLatestVersion);
|
|
51
|
-
return {
|
|
52
|
-
npmLatestVersion,
|
|
53
|
-
githubLatestVersion: normalizedGitHubVersion,
|
|
54
|
-
inParity: compareOpenClawVersions(npmLatestVersion, normalizedGitHubVersion) === 0,
|
|
55
|
-
};
|
|
56
|
-
}
|
|
57
|
-
|
|
58
|
-
function httpGetJson(url) {
|
|
59
|
-
return new Promise((resolve, reject) => {
|
|
60
|
-
https
|
|
61
|
-
.get(
|
|
62
|
-
url,
|
|
63
|
-
{
|
|
64
|
-
headers: {
|
|
65
|
-
'user-agent': 'guard-scanner-openclaw-upstream-check',
|
|
66
|
-
accept: 'application/json',
|
|
67
|
-
},
|
|
68
|
-
},
|
|
69
|
-
(response) => {
|
|
70
|
-
let body = '';
|
|
71
|
-
response.setEncoding('utf8');
|
|
72
|
-
response.on('data', (chunk) => {
|
|
73
|
-
body += chunk;
|
|
74
|
-
});
|
|
75
|
-
response.on('end', () => {
|
|
76
|
-
if (response.statusCode && response.statusCode >= 400) {
|
|
77
|
-
reject(new Error(`GET ${url} failed with status ${response.statusCode}`));
|
|
78
|
-
return;
|
|
79
|
-
}
|
|
80
|
-
try {
|
|
81
|
-
resolve(JSON.parse(body));
|
|
82
|
-
} catch (error) {
|
|
83
|
-
reject(error);
|
|
84
|
-
}
|
|
85
|
-
});
|
|
86
|
-
},
|
|
87
|
-
)
|
|
88
|
-
.on('error', reject);
|
|
89
|
-
});
|
|
90
|
-
}
|
|
91
|
-
|
|
92
|
-
async function fetchLatestOpenClawRelease(fetchJson = httpGetJson) {
|
|
93
|
-
const npmMeta = await fetchJson('https://registry.npmjs.org/openclaw');
|
|
94
|
-
const latestVersion = npmMeta['dist-tags']?.latest;
|
|
95
|
-
if (!latestVersion) {
|
|
96
|
-
throw new Error('npm registry metadata missing dist-tags.latest for openclaw');
|
|
97
|
-
}
|
|
98
|
-
|
|
99
|
-
const githubRelease = await fetchJson('https://api.github.com/repos/openclaw/openclaw/releases/latest');
|
|
100
|
-
const githubLatestVersion = normalizeGitHubReleaseVersion(githubRelease.tag_name || '');
|
|
101
|
-
if (!githubLatestVersion) {
|
|
102
|
-
throw new Error('GitHub releases/latest missing tag_name for openclaw/openclaw');
|
|
103
|
-
}
|
|
104
|
-
|
|
105
|
-
const parity = evaluateOpenClawSourceParity({
|
|
106
|
-
npmLatestVersion: latestVersion,
|
|
107
|
-
githubLatestVersion,
|
|
108
|
-
});
|
|
109
|
-
|
|
110
|
-
return {
|
|
111
|
-
latestVersion,
|
|
112
|
-
latestPublishedAt: npmMeta.time?.[latestVersion] ?? null,
|
|
113
|
-
source: 'npm',
|
|
114
|
-
registryModifiedAt: npmMeta.time?.modified ?? null,
|
|
115
|
-
githubLatestVersion,
|
|
116
|
-
githubPublishedAt: githubRelease.published_at ?? null,
|
|
117
|
-
githubUrl: githubRelease.html_url ?? null,
|
|
118
|
-
sourceParity: parity,
|
|
119
|
-
};
|
|
120
|
-
}
|
|
121
|
-
|
|
122
|
-
module.exports = {
|
|
123
|
-
compareOpenClawVersions,
|
|
124
|
-
evaluateOpenClawBaseline,
|
|
125
|
-
evaluateOpenClawSourceParity,
|
|
126
|
-
fetchLatestOpenClawRelease,
|
|
127
|
-
normalizeGitHubReleaseVersion,
|
|
128
|
-
};
|