@hatem427/code-guard-ci 1.0.5 ā 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +17 -8
- package/dist/scripts/cli.js +15 -4
- package/dist/scripts/cli.js.map +1 -1
- package/dist/scripts/precommit-check.d.ts.map +1 -1
- package/dist/scripts/precommit-check.js +32 -15
- package/dist/scripts/precommit-check.js.map +1 -1
- package/dist/scripts/utils/security-check.d.ts +12 -0
- package/dist/scripts/utils/security-check.d.ts.map +1 -0
- package/dist/scripts/utils/security-check.js +126 -0
- package/dist/scripts/utils/security-check.js.map +1 -0
- package/package.json +1 -1
- package/scripts/cli.ts +16 -4
- package/scripts/precommit-check.ts +38 -14
- package/scripts/utils/security-check.ts +108 -0
package/README.md
CHANGED
|
@@ -14,13 +14,16 @@ Automatically enforce your team's coding standards with pre-commit hooks, featur
|
|
|
14
14
|
# Install in your project
|
|
15
15
|
npm install --save-dev @hatem427/code-guard-ci
|
|
16
16
|
|
|
17
|
-
# Or with yarn
|
|
18
|
-
yarn add -D @hatem427/code-guard-ci
|
|
19
|
-
|
|
20
17
|
# Initialize in your project
|
|
21
18
|
npx code-guard init
|
|
19
|
+
|
|
20
|
+
# š SECURITY: Change default passwords immediately!
|
|
21
|
+
npm run set-bypass-password
|
|
22
|
+
npm run set-admin-password
|
|
22
23
|
```
|
|
23
24
|
|
|
25
|
+
ā ļø **CRITICAL SECURITY STEP**: Default passwords are publicly known. Change them immediately or commits will be blocked!
|
|
26
|
+
|
|
24
27
|
### Option 2: Copy Files Directly
|
|
25
28
|
|
|
26
29
|
```bash
|
|
@@ -416,6 +419,10 @@ const data: any = {}; // code-guardian-disable no-any-type
|
|
|
416
419
|
## šÆ NPM Scripts Reference
|
|
417
420
|
|
|
418
421
|
```bash
|
|
422
|
+
# š SECURITY SETUP (RUN FIRST!)
|
|
423
|
+
npm run set-bypass-password # REQUIRED: Set developer bypass password
|
|
424
|
+
npm run set-admin-password # REQUIRED: Set admin password (log deletion)
|
|
425
|
+
|
|
419
426
|
# Pre-commit check (runs automatically via Husky)
|
|
420
427
|
npm run precommit-check
|
|
421
428
|
|
|
@@ -423,9 +430,7 @@ npm run precommit-check
|
|
|
423
430
|
npm run auto-fix # Fix all violations
|
|
424
431
|
npm run auto-fix -- --dry-run # Preview fixes without changing files
|
|
425
432
|
|
|
426
|
-
#
|
|
427
|
-
npm run set-bypass-password # Set developer bypass password
|
|
428
|
-
npm run set-admin-password # Set admin password (log deletion)
|
|
433
|
+
# Bypass Log Management
|
|
429
434
|
npm run view-bypass-log # View all bypass attempts
|
|
430
435
|
npm run delete-bypass-logs # Delete bypass logs (requires admin password)
|
|
431
436
|
|
|
@@ -465,10 +470,13 @@ Every bypass attempt is automatically logged with:
|
|
|
465
470
|
|
|
466
471
|
### Two-Level Security
|
|
467
472
|
|
|
473
|
+
ā ļø **CRITICAL**: Default passwords are PUBLICLY KNOWN in the source code!
|
|
474
|
+
|
|
468
475
|
#### 1. Bypass Password (Developer Access)
|
|
469
476
|
- Allows bypassing pre-commit checks when necessary
|
|
470
477
|
- Share with authorized developers
|
|
471
|
-
- Default: `bypass123`
|
|
478
|
+
- Default: `bypass123` š“ **SECURITY RISK - CHANGE IMMEDIATELY**
|
|
479
|
+
- Anyone who can see your code can use this!
|
|
472
480
|
|
|
473
481
|
```bash
|
|
474
482
|
# Set bypass password
|
|
@@ -478,7 +486,8 @@ npm run set-bypass-password
|
|
|
478
486
|
#### 2. Admin Password (Restricted Access)
|
|
479
487
|
- Required to delete bypass log entries
|
|
480
488
|
- Share only with team leads and security officers
|
|
481
|
-
- Default: `admin123`
|
|
489
|
+
- Default: `admin123` š“ **SECURITY RISK - CHANGE IMMEDIATELY**
|
|
490
|
+
- Protects audit trail from unauthorized deletion
|
|
482
491
|
|
|
483
492
|
```bash
|
|
484
493
|
# Set admin password
|
package/dist/scripts/cli.js
CHANGED
|
@@ -282,11 +282,22 @@ exit $?
|
|
|
282
282
|
console.warn(' 2. Create .husky/pre-commit with the hook content');
|
|
283
283
|
}
|
|
284
284
|
console.log('\nā
Code Guardian initialized successfully!\n');
|
|
285
|
+
// Security warning
|
|
286
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā');
|
|
287
|
+
console.log('ā š SECURITY SETUP REQUIRED š ā');
|
|
288
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
289
|
+
console.log('ā ļø CRITICAL: Change default passwords immediately!\n');
|
|
290
|
+
console.log('Default passwords are publicly known. Anyone can bypass checks!\n');
|
|
291
|
+
console.log('Required commands:');
|
|
292
|
+
console.log(' 1. npm run set-bypass-password');
|
|
293
|
+
console.log(' 2. npm run set-admin-password\n');
|
|
294
|
+
console.log('š For security details, see: SECURITY.md\n');
|
|
295
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
285
296
|
console.log('Next steps:');
|
|
286
|
-
console.log('
|
|
287
|
-
console.log('
|
|
288
|
-
console.log('
|
|
289
|
-
console.log('
|
|
297
|
+
console.log(' 3. Review config files in ./config/');
|
|
298
|
+
console.log(' 4. Customize rules for your team');
|
|
299
|
+
console.log(' 5. Make a commit to test the pre-commit hook');
|
|
300
|
+
console.log(' 6. Run "npm run generate-doc -- --name=test --type=ui"\n');
|
|
290
301
|
}
|
|
291
302
|
/**
|
|
292
303
|
* Run pre-commit checks manually.
|
package/dist/scripts/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../scripts/cli.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,iDAAyC;AAEzC,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB,+EAA+E;AAE/E,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AAExB,+EAA+E;AAE/E,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC;sBACQ,OAAO;;;;;;;;;;;;;;;;;;;;GAoB1B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEpD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAEvD,+BAA+B;IAC/B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,4EAA4E;IAC5E,qEAAqE;IACrE,6DAA6D;IAC7D,yEAAyE;IACzE,mFAAmF;IACnF,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAQ,uBAAuB;IAC1E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,kBAAkB;IAEvE,MAAM,gBAAgB,GAAG;QACvB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC;KAChC,CAAC;IAEF,MAAM,kBAAkB,GAAG;QACzB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC;KACnC,CAAC;IAEF,oBAAoB;IACpB,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,WAAW,GAAG,CAAC,sBAAsB,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;IACzG,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,mEAAmE;QACnE,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;YACnC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IACjD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,aAAa,GAAG,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,wBAAwB,CAAC,CAAC;IAC5F,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;QACjC,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;YACrC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;IACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACtD,CAAC;IAED,8BAA8B;IAC9B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1E,WAAW,CAAC,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;IAChD,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,kBAAkB,CAAC;IAC5D,WAAW,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAC;IACvD,WAAW,CAAC,OAAO,CAAC,uBAAuB,CAAC,GAAG,sBAAsB,CAAC;IACtE,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC;IAEzC,qFAAqF;IACrF,MAAM,WAAW,GAAG,yBAAyB,CAAC,CAAC,oBAAoB;IACnE,WAAW,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,4BAA4B,WAAW,iCAAiC,CAAC;IACtH,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,4BAA4B,WAAW,gCAAgC,CAAC;IACpH,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,4BAA4B,WAAW,gCAAgC,CAAC;IACpH,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,4BAA4B,WAAW,6BAA6B,CAAC;IAC9G,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,4BAA4B,WAAW,sBAAsB,CAAC;IAEhG,EAAE,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,+BAA+B;QAC/B,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC1C,MAAM,kBAAkB,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAEpD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9C,CAAC;YAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACvC,EAAE,CAAC,SAAS,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACxD,CAAC;YAED,kBAAkB;YAClB,MAAM,cAAc,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoC5B,CAAC;YACI,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAAE,cAAc,CAAC,CAAC;YAC5E,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAAE,KAAK,CAAC,CAAC;QACjE,CAAC;QAED,yBAAyB;QACzB,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2BzB,CAAC;QAEE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC1C,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACxD,EAAE,CAAC,aAAa,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAC/C,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAEnC,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,IAAI,CAAC,2BAA2B,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,OAAO,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../scripts/cli.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;GAaG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,iDAAyC;AAEzC,MAAM,OAAO,GAAG,OAAO,CAAC;AAExB,+EAA+E;AAE/E,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACnC,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;AAExB,+EAA+E;AAE/E,SAAS,QAAQ;IACf,OAAO,CAAC,GAAG,CAAC;sBACQ,OAAO;;;;;;;;;;;;;;;;;;;;GAoB1B,CAAC,CAAC;AACL,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,kBAAkB,OAAO,EAAE,CAAC,CAAC;AAC3C,CAAC;AAED;;;GAGG;AACH,SAAS,WAAW;IAClB,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEpD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAC1B,MAAM,eAAe,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAEvD,+BAA+B;IAC/B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QACpC,OAAO,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACtE,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;QAC7D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,4EAA4E;IAC5E,qEAAqE;IACrE,6DAA6D;IAC7D,yEAAyE;IACzE,mFAAmF;IACnF,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAQ,uBAAuB;IAC1E,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC,kBAAkB;IAEvE,MAAM,gBAAgB,GAAG;QACvB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC5B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,QAAQ,CAAC;KAChC,CAAC;IAEF,MAAM,kBAAkB,GAAG;QACzB,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC;QAC/B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC;KACnC,CAAC;IAEF,oBAAoB;IACpB,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC3C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC9B,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/C,CAAC;IAED,MAAM,WAAW,GAAG,CAAC,sBAAsB,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;IACzG,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,mEAAmE;QACnE,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;YACnC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC;QACxC,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;IACjD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QACjC,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,aAAa,GAAG,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,wBAAwB,CAAC,CAAC;IAC5F,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;QACjC,IAAI,GAAG,GAAkB,IAAI,CAAC;QAC9B,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;YACrC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACvC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC7B,GAAG,GAAG,SAAS,CAAC;gBAChB,MAAM;YACR,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;QAC3C,IAAI,GAAG,EAAE,CAAC;YACR,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,iCAAiC;IACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;IACnD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3C,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QACrD,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACtD,CAAC;IAED,8BAA8B;IAC9B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,eAAe,EAAE,OAAO,CAAC,CAAC,CAAC;IAE1E,WAAW,CAAC,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,EAAE,CAAC;IAChD,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,kBAAkB,CAAC;IAC5D,WAAW,CAAC,OAAO,CAAC,cAAc,CAAC,GAAG,gBAAgB,CAAC;IACvD,WAAW,CAAC,OAAO,CAAC,uBAAuB,CAAC,GAAG,sBAAsB,CAAC;IACtE,WAAW,CAAC,OAAO,CAAC,SAAS,CAAC,GAAG,OAAO,CAAC;IAEzC,qFAAqF;IACrF,MAAM,WAAW,GAAG,yBAAyB,CAAC,CAAC,oBAAoB;IACnE,WAAW,CAAC,OAAO,CAAC,qBAAqB,CAAC,GAAG,4BAA4B,WAAW,iCAAiC,CAAC;IACtH,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,4BAA4B,WAAW,gCAAgC,CAAC;IACpH,WAAW,CAAC,OAAO,CAAC,oBAAoB,CAAC,GAAG,4BAA4B,WAAW,gCAAgC,CAAC;IACpH,WAAW,CAAC,OAAO,CAAC,iBAAiB,CAAC,GAAG,4BAA4B,WAAW,6BAA6B,CAAC;IAC9G,WAAW,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,4BAA4B,WAAW,sBAAsB,CAAC;IAEhG,EAAE,CAAC,aAAa,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;IACxC,IAAI,CAAC;QACH,+BAA+B;QAC/B,IAAI,CAAC;YACH,IAAA,wBAAQ,EAAC,gBAAgB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC1C,MAAM,kBAAkB,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;YAEpD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC9C,CAAC;YAED,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACvC,EAAE,CAAC,SAAS,CAAC,kBAAkB,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACxD,CAAC;YAED,kBAAkB;YAClB,MAAM,cAAc,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAoC5B,CAAC;YACI,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAAE,cAAc,CAAC,CAAC;YAC5E,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,UAAU,CAAC,EAAE,KAAK,CAAC,CAAC;QACjE,CAAC;QAED,yBAAyB;QACzB,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2BzB,CAAC;QAEE,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;QAC1C,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACxD,EAAE,CAAC,aAAa,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QAC/C,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAEnC,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,IAAI,CAAC,2BAA2B,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC5C,OAAO,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;IACzE,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;IAE7D,mBAAmB;IACnB,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;IAC/E,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACrE,OAAO,CAAC,GAAG,CAAC,mEAAmE,CAAC,CAAC;IACjF,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;IACjD,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC3B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;AAC5E,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ;IACf,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,oBAAoB,CAAC,CAAC;IAC9D,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,UAAU,CAAC,CAAC;IACtB,CAAC;SAAM,CAAC;QACN,mCAAmC;QACnC,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,oBAAoB,CAAC,CAAC;QACjF,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,IAAA,wBAAQ,EAAC,eAAe,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAChE,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;YACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,WAAW;IAClB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE3C,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,IAAA,wBAAQ,EAAC,QAAQ,UAAU,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IACrE,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,iBAAiB,CAAC,CAAC;QAC9E,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,IAAA,wBAAQ,EAAC,eAAe,YAAY,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;YAC9D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB;IACxB,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,0BAA0B,CAAC,CAAC;IACpE,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAE3C,IAAI,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC9B,IAAA,wBAAQ,EAAC,QAAQ,UAAU,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IACrE,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,0BAA0B,CAAC,CAAC;QACvF,IAAI,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;YAChC,IAAA,wBAAQ,EAAC,eAAe,YAAY,IAAI,UAAU,EAAE,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAC9E,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,uDAAuD,CAAC,CAAC;YACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E,QAAQ,OAAO,EAAE,CAAC;IAChB,KAAK,MAAM;QACT,WAAW,EAAE,CAAC;QACd,MAAM;IAER,KAAK,OAAO;QACV,QAAQ,EAAE,CAAC;QACX,MAAM;IAER,KAAK,KAAK;QACR,WAAW,EAAE,CAAC;QACd,MAAM;IAER,KAAK,WAAW;QACd,iBAAiB,EAAE,CAAC;QACpB,MAAM;IAER,KAAK,SAAS,CAAC;IACf,KAAK,WAAW,CAAC;IACjB,KAAK,IAAI;QACP,WAAW,EAAE,CAAC;QACd,MAAM;IAER,KAAK,MAAM,CAAC;IACZ,KAAK,QAAQ,CAAC;IACd,KAAK,IAAI,CAAC;IACV,KAAK,SAAS;QACZ,QAAQ,EAAE,CAAC;QACX,MAAM;IAER;QACE,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,EAAE,CAAC,CAAC;QAC/C,OAAO,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;QACjE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACpB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"precommit-check.d.ts","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;
|
|
1
|
+
{"version":3,"file":"precommit-check.d.ts","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAkBH,OAAO,0BAA0B,CAAC;AAClC,OAAO,wBAAwB,CAAC;AAChC,OAAO,yBAAyB,CAAC"}
|
|
@@ -172,14 +172,19 @@ function runEslint(stagedFiles) {
|
|
|
172
172
|
}
|
|
173
173
|
logger.info(`Running ESLint on ${lintableFiles.length} file(s)...`);
|
|
174
174
|
try {
|
|
175
|
-
|
|
176
|
-
|
|
175
|
+
// Security: Use array args to prevent command injection
|
|
176
|
+
const { spawnSync } = require('child_process');
|
|
177
|
+
const result = spawnSync('npx', ['eslint', ...lintableFiles, '--max-warnings', '0'], {
|
|
177
178
|
stdio: 'inherit',
|
|
178
179
|
encoding: 'utf-8',
|
|
179
|
-
cwd: process.cwd(),
|
|
180
|
+
cwd: process.cwd(),
|
|
180
181
|
});
|
|
181
|
-
|
|
182
|
-
|
|
182
|
+
if (result.status === 0) {
|
|
183
|
+
logger.success('ESLint passed.');
|
|
184
|
+
return true;
|
|
185
|
+
}
|
|
186
|
+
logger.error('ESLint found issues. Fix them before committing.');
|
|
187
|
+
return false;
|
|
183
188
|
}
|
|
184
189
|
catch (error) {
|
|
185
190
|
// Check if ESLint config is missing
|
|
@@ -208,35 +213,47 @@ function runPrettier(stagedFiles) {
|
|
|
208
213
|
}
|
|
209
214
|
logger.info(`Running Prettier on ${formattableFiles.length} file(s)...`);
|
|
210
215
|
try {
|
|
211
|
-
|
|
212
|
-
|
|
216
|
+
// Security: Use array args to prevent command injection
|
|
217
|
+
const { spawnSync } = require('child_process');
|
|
218
|
+
const checkResult = spawnSync('npx', ['prettier', '--check', ...formattableFiles], {
|
|
213
219
|
stdio: 'pipe',
|
|
214
220
|
encoding: 'utf-8',
|
|
215
221
|
});
|
|
216
|
-
|
|
217
|
-
|
|
218
|
-
|
|
219
|
-
|
|
222
|
+
if (checkResult.status === 0) {
|
|
223
|
+
logger.success('Prettier check passed.');
|
|
224
|
+
return true;
|
|
225
|
+
}
|
|
220
226
|
logger.warn('Prettier found formatting issues ā auto-fixing...');
|
|
221
227
|
try {
|
|
222
|
-
const
|
|
223
|
-
(0, child_process_1.execSync)(`npx prettier --write ${fileList}`, {
|
|
228
|
+
const writeResult = spawnSync('npx', ['prettier', '--write', ...formattableFiles], {
|
|
224
229
|
stdio: 'inherit',
|
|
225
230
|
encoding: 'utf-8',
|
|
226
231
|
});
|
|
232
|
+
if (writeResult.status !== 0) {
|
|
233
|
+
logger.error('Prettier auto-fix failed.');
|
|
234
|
+
return false;
|
|
235
|
+
}
|
|
227
236
|
// Re-stage the auto-formatted files
|
|
228
|
-
|
|
237
|
+
const gitResult = spawnSync('git', ['add', ...formattableFiles], {
|
|
229
238
|
stdio: 'inherit',
|
|
230
239
|
encoding: 'utf-8',
|
|
231
240
|
});
|
|
241
|
+
if (gitResult.status !== 0) {
|
|
242
|
+
logger.error('Failed to re-stage auto-formatted files.');
|
|
243
|
+
return false;
|
|
244
|
+
}
|
|
232
245
|
logger.success('Prettier auto-fixed and re-staged files.');
|
|
233
246
|
return true;
|
|
234
247
|
}
|
|
235
|
-
catch {
|
|
248
|
+
catch (error) {
|
|
236
249
|
logger.error('Prettier auto-fix failed.');
|
|
237
250
|
return false;
|
|
238
251
|
}
|
|
239
252
|
}
|
|
253
|
+
catch (error) {
|
|
254
|
+
logger.error('Prettier check failed.');
|
|
255
|
+
return false;
|
|
256
|
+
}
|
|
240
257
|
}
|
|
241
258
|
// āā Feature doc detection āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
242
259
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"precommit-check.js","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,iDAAyC;AACzC,2CAA6B;AAE7B,+EAA+E;AAE/E,+DAAsE;AACtE,uDAAyF;AACzF,mEAAiE;AACjE,qDAAkF;AAClF,uDAAyC;AACzC,2DAA4E;
|
|
1
|
+
{"version":3,"file":"precommit-check.js","sourceRoot":"","sources":["../../scripts/precommit-check.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;GAkBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,iDAAyC;AACzC,2CAA6B;AAE7B,+EAA+E;AAE/E,+DAAsE;AACtE,uDAAyF;AACzF,mEAAiE;AACjE,qDAAkF;AAClF,uDAAyC;AACzC,2DAA4E;AAE5E,mDAAqC;AAErC,+EAA+E;AAE/E,oCAAkC;AAClC,kCAAgC;AAChC,mCAAiC;AAEjC,+EAA+E;AAE/E,0DAA0D;AAC1D,MAAM,kBAAkB,GAAG,eAAe,CAAC;AAE3C,gDAAgD;AAChD,MAAM,cAAc,GAAG,cAAc,CAAC;AAEtC,gDAAgD;AAChD,MAAM,mBAAmB,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;AAE9E,oDAAoD;AACpD,MAAM,oBAAoB,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;AAE/F,+EAA+E;AAE/E;;GAEG;AACH,SAAS,UAAU,CAAC,QAAgB,EAAE,SAAkB,KAAK;IAC3D,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,EAAE,GAAG,QAAQ,CAAC,eAAe,CAAC;YAClC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAE,OAAO,CAAC,MAAM;SACvB,CAAC,CAAC;QAEH,IAAI,MAAM,EAAE,CAAC;YACX,sBAAsB;YACtB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAY,CAAC;YACnC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;YAEvB,IAAI,QAAQ,GAAG,EAAE,CAAC;YAClB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAE/B,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE;gBAChC,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;gBAEnC,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,IAAI,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;oBACrD,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;oBACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAC3B,EAAE,CAAC,KAAK,EAAE,CAAC;oBACX,OAAO,CAAC,QAAQ,CAAC,CAAC;gBACpB,CAAC;qBAAM,IAAI,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC5B,SAAS;oBACT,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;gBAClB,CAAC;qBAAM,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;oBAC5C,YAAY;oBACZ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBACxB,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;wBACjC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;oBAChC,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,QAAQ,IAAI,GAAG,CAAC;oBAChB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC5B,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,MAAM,EAAE,EAAE;gBAC/B,EAAE,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,CAAC,MAAM,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;GAMG;AACH,KAAK,UAAU,YAAY,CAAC,aAAqB;IAC/C,gEAAgE;IAChE,IAAI,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,WAAW,EAAE,KAAK,MAAM,EAAE,CAAC;QAC1D,6DAA6D;QAC7D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,YAAY,IAAI,2CAA2C,CAAC;QAC3E,IAAA,6BAAY,EAAC,MAAM,EAAE,aAAa,EAAE,cAAc,CAAC,CAAC;QACpD,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,wBAAwB,cAAc,OAAO,EAAE,MAAM,EAAE,cAAc,EAAE,CAAC;IAC3G,CAAC;IAED,gDAAgD;IAChD,IAAI,aAAa,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,4CAA4C,kBAAkB,GAAG,CAAC,CAAC;QAC/E,MAAM,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;QAEnD,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,4BAA4B,EAAE,IAAI,CAAC,CAAC;QAEtE,IAAI,IAAA,qCAAoB,EAAC,QAAQ,CAAC,EAAE,CAAC;YACnC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,wBAAwB,EAAE,KAAK,CAAC,CAAC;YACjE,IAAA,6BAAY,EAAC,MAAM,IAAI,oBAAoB,EAAE,aAAa,EAAE,gBAAgB,CAAC,CAAC;YAC9E,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,4BAA4B,kBAAkB,mBAAmB,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACjI,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;YACnD,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,gBAAgB,EAAE,CAAC;AACnE,CAAC;AAED,+EAA+E;AAE/E;;GAEG;AACH,SAAS,SAAS,CAAC,WAAqB;IACtC,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7C,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC/C,OAAO,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;QACzD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,qBAAqB,aAAa,CAAC,MAAM,aAAa,CAAC,CAAC;IAEpE,IAAI,CAAC;QACH,wDAAwD;QACxD,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,GAAG,aAAa,EAAE,gBAAgB,EAAE,GAAG,CAAC,EAAE;YACnF,KAAK,EAAE,SAAS;YAChB,QAAQ,EAAE,OAAO;YACjB,GAAG,EAAE,OAAO,CAAC,GAAG,EAAE;SACnB,CAAC,CAAC;QAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC;YACjC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,oCAAoC;QACpC,IAAI,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC,MAAM,EAAE,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;YACvF,MAAM,CAAC,IAAI,CAAC,wDAAwD,CAAC,CAAC;YACtE,MAAM,CAAC,IAAI,CAAC,sEAAsE,CAAC,CAAC;YACpF,OAAO,IAAI,CAAC,CAAC,iDAAiD;QAChE,CAAC;QACD,MAAM,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACjE,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E;;;GAGG;AACH,SAAS,WAAW,CAAC,WAAqB;IACxC,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QAChD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAC/C,OAAO,mBAAmB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAC3C,CAAC,CAAC,CAAC;IAEH,IAAI,gBAAgB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,uBAAuB,gBAAgB,CAAC,MAAM,aAAa,CAAC,CAAC;IAEzE,IAAI,CAAC;QACH,wDAAwD;QACxD,MAAM,EAAE,SAAS,EAAE,GAAG,OAAO,CAAC,eAAe,CAAC,CAAC;QAC/C,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,GAAG,gBAAgB,CAAC,EAAE;YACjF,KAAK,EAAE,MAAM;YACb,QAAQ,EAAE,OAAO;SAClB,CAAC,CAAC;QAEH,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,MAAM,CAAC,OAAO,CAAC,wBAAwB,CAAC,CAAC;YACzC,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAEjE,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,GAAG,gBAAgB,CAAC,EAAE;gBACjF,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,OAAO;aAClB,CAAC,CAAC;YAEH,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC7B,MAAM,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;gBAC1C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,oCAAoC;YACpC,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,GAAG,gBAAgB,CAAC,EAAE;gBAC/D,KAAK,EAAE,SAAS;gBAChB,QAAQ,EAAE,OAAO;aAClB,CAAC,CAAC;YAEH,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC3B,MAAM,CAAC,KAAK,CAAC,0CAA0C,CAAC,CAAC;gBACzD,OAAO,KAAK,CAAC;YACf,CAAC;YAED,MAAM,CAAC,OAAO,CAAC,0CAA0C,CAAC,CAAC;YAC3D,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1C,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QACvC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E;;;GAGG;AACH,SAAS,wBAAwB;IAC/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAA,wBAAQ,EAAC,iCAAiC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QAEzF,IAAI,MAAM,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAChE,MAAM,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAC;YAC5D,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,GAAG,WAAW,KAAK,CAAC,CAAC;YAEnE,MAAM,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;YACzB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5B,MAAM,CAAC,IAAI,CACT,6BAA6B,MAAM,KAAK;oBACxC,gCAAgC,OAAO,IAAI;oBAC3C,6CAA6C,WAAW,aAAa,CACtE,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;IACnC,CAAC;AACH,CAAC;AAED,+EAA+E;AAE/E,KAAK,UAAU,IAAI;IACjB,MAAM,CAAC,MAAM,CAAC,uCAAuC,CAAC,CAAC;IAEvD,2BAA2B;IAC3B,MAAM,aAAa,GAAG,IAAA,+BAAgB,GAAE,CAAC;IAEzC,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,aAAa,CAAC,CAAC;IACjD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACpB,MAAM,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACjD,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QACrE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,8BAA8B;IAC9B,MAAM,OAAO,GAAG,IAAA,gCAAa,GAAE,CAAC;IAChC,MAAM,CAAC,IAAI,CAAC,qBAAqB,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;IAElD,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC/B,MAAM,CAAC,IAAI,CACT,qEAAqE;YACrE,mFAAmF,CACpF,CAAC;IACJ,CAAC;IAED,2BAA2B;IAC3B,MAAM,WAAW,GAAG,IAAA,6BAAc,GAAE,CAAC;IACrC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,SAAS,WAAW,CAAC,MAAM,kBAAkB,CAAC,CAAC;IAE3D,6BAA6B;IAC7B,MAAM,KAAK,GAAG,IAAA,8BAAe,EAAC,oBAAoB,CAAC,CAAC;IACpD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;IAED,iCAAiC;IACjC,IAAI,MAAM,GAAqB;QAC7B,UAAU,EAAE,EAAE;QACd,UAAU,EAAE,CAAC;QACb,YAAY,EAAE,CAAC;QACf,SAAS,EAAE,CAAC;QACZ,YAAY,EAAE,CAAC;QACf,aAAa,EAAE,CAAC;QAChB,QAAQ,EAAE,KAAK;KAChB,CAAC;IAEF,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,MAAM,KAAK,GAAG,IAAA,sCAAkB,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,UAAU,KAAK,CAAC,MAAM,gBAAgB,OAAO,CAAC,KAAK,GAAG,CAAC,CAAC;QAEpE,MAAM,GAAG,IAAA,0BAAY,EAAC,KAAK,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;QAC1C,IAAA,yBAAW,EAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,qBAAqB;IACrB,MAAM,YAAY,GAAG,SAAS,CAAC,WAAW,CAAC,CAAC;IAE5C,uCAAuC;IACvC,MAAM,cAAc,GAAG,WAAW,CAAC,WAAW,CAAC,CAAC;IAEhD,iCAAiC;IACjC,wBAAwB,EAAE,CAAC;IAE3B,wBAAwB;IACxB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,IAAI,MAAM,CAAC,UAAU,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QAC3C,MAAM,CAAC,KAAK,CAAC,wDAAwD,CAAC,CAAC;QACvE,MAAM,CAAC,GAAG,CAAC,qBAAqB,kBAAkB,8BAA8B,cAAc,OAAO,CAAC,CAAC;QAEvG,mEAAmE;QACnE,0DAA0D;QAC1D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,MAAM,CAAC,YAAY,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QAC/C,MAAM,CAAC,IAAI,CAAC,6DAA6D,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,CAAC,OAAO,CAAC,uCAAuC,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;IACnB,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,OAAO,IAAI,GAAG,EAAE,CAAC,CAAC;IACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* ============================================================================
|
|
4
|
+
* first-run-check.ts ā Force password change on first use
|
|
5
|
+
* ============================================================================
|
|
6
|
+
*/
|
|
7
|
+
/**
|
|
8
|
+
* Main security check with skip option
|
|
9
|
+
*/
|
|
10
|
+
declare function performSecurityCheck(): boolean;
|
|
11
|
+
export { performSecurityCheck as checkSecurity };
|
|
12
|
+
//# sourceMappingURL=security-check.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-check.d.ts","sourceRoot":"","sources":["../../../scripts/utils/security-check.ts"],"names":[],"mappings":";AACA;;;;GAIG;AAiFH;;GAEG;AACH,iBAAS,oBAAoB,IAAI,OAAO,CAQvC;AAGD,OAAO,EAAE,oBAAoB,IAAI,aAAa,EAAE,CAAC"}
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
"use strict";
|
|
3
|
+
/**
|
|
4
|
+
* ============================================================================
|
|
5
|
+
* first-run-check.ts ā Force password change on first use
|
|
6
|
+
* ============================================================================
|
|
7
|
+
*/
|
|
8
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
9
|
+
if (k2 === undefined) k2 = k;
|
|
10
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
11
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
12
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
13
|
+
}
|
|
14
|
+
Object.defineProperty(o, k2, desc);
|
|
15
|
+
}) : (function(o, m, k, k2) {
|
|
16
|
+
if (k2 === undefined) k2 = k;
|
|
17
|
+
o[k2] = m[k];
|
|
18
|
+
}));
|
|
19
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
20
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
21
|
+
}) : function(o, v) {
|
|
22
|
+
o["default"] = v;
|
|
23
|
+
});
|
|
24
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
25
|
+
var ownKeys = function(o) {
|
|
26
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
27
|
+
var ar = [];
|
|
28
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
29
|
+
return ar;
|
|
30
|
+
};
|
|
31
|
+
return ownKeys(o);
|
|
32
|
+
};
|
|
33
|
+
return function (mod) {
|
|
34
|
+
if (mod && mod.__esModule) return mod;
|
|
35
|
+
var result = {};
|
|
36
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
37
|
+
__setModuleDefault(result, mod);
|
|
38
|
+
return result;
|
|
39
|
+
};
|
|
40
|
+
})();
|
|
41
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
42
|
+
exports.checkSecurity = performSecurityCheck;
|
|
43
|
+
const fs = __importStar(require("fs"));
|
|
44
|
+
const path = __importStar(require("path"));
|
|
45
|
+
const BYPASS_DIR = '.code-guardian';
|
|
46
|
+
const PASSWORD_FILE = 'bypass-password.hash';
|
|
47
|
+
const ADMIN_FILE = 'admin-credentials.hash';
|
|
48
|
+
const SETUP_COMPLETE_FILE = 'setup-complete';
|
|
49
|
+
const DEFAULT_PASSWORD_HASH = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92';
|
|
50
|
+
const DEFAULT_ADMIN_PASSWORD_HASH = '240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9';
|
|
51
|
+
function checkSecurity() {
|
|
52
|
+
const dir = path.join(process.cwd(), BYPASS_DIR);
|
|
53
|
+
const setupFile = path.join(dir, SETUP_COMPLETE_FILE);
|
|
54
|
+
// If setup already complete, skip
|
|
55
|
+
if (fs.existsSync(setupFile)) {
|
|
56
|
+
return true;
|
|
57
|
+
}
|
|
58
|
+
const passwordPath = path.join(dir, PASSWORD_FILE);
|
|
59
|
+
const adminPath = path.join(dir, ADMIN_FILE);
|
|
60
|
+
// Check if still using default passwords
|
|
61
|
+
const usingDefaultBypass = !fs.existsSync(passwordPath) ||
|
|
62
|
+
fs.readFileSync(passwordPath, 'utf-8').trim() === DEFAULT_PASSWORD_HASH;
|
|
63
|
+
const usingDefaultAdmin = !fs.existsSync(adminPath) ||
|
|
64
|
+
fs.readFileSync(adminPath, 'utf-8').trim() === DEFAULT_ADMIN_PASSWORD_HASH;
|
|
65
|
+
if (usingDefaultBypass || usingDefaultAdmin) {
|
|
66
|
+
console.error(`
|
|
67
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
68
|
+
ā š CRITICAL SECURITY WARNING š ā
|
|
69
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
70
|
+
|
|
71
|
+
ā ļø You are using DEFAULT PASSWORDS! This is a SECURITY RISK!
|
|
72
|
+
|
|
73
|
+
Default passwords are publicly known and published in the source code:
|
|
74
|
+
- Bypass password: "bypass123"
|
|
75
|
+
- Admin password: "admin123"
|
|
76
|
+
|
|
77
|
+
Anyone who can see your repository can bypass ALL security checks!
|
|
78
|
+
|
|
79
|
+
š REQUIRED ACTIONS (Run both commands):
|
|
80
|
+
|
|
81
|
+
1. Set bypass password:
|
|
82
|
+
npm run set-bypass-password
|
|
83
|
+
|
|
84
|
+
2. Set admin password:
|
|
85
|
+
npm run set-admin-password
|
|
86
|
+
|
|
87
|
+
ā ALL COMMITS ARE BLOCKED until you change these passwords.
|
|
88
|
+
|
|
89
|
+
š” To skip this check temporarily (NOT RECOMMENDED):
|
|
90
|
+
SKIP_SECURITY_CHECK=true git commit -m "message"
|
|
91
|
+
|
|
92
|
+
`);
|
|
93
|
+
return false;
|
|
94
|
+
}
|
|
95
|
+
// Mark setup as complete
|
|
96
|
+
if (!fs.existsSync(dir)) {
|
|
97
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
98
|
+
}
|
|
99
|
+
fs.writeFileSync(setupFile, new Date().toISOString());
|
|
100
|
+
console.log('ā
Security check passed - passwords have been changed from defaults.\n');
|
|
101
|
+
return true;
|
|
102
|
+
}
|
|
103
|
+
/**
|
|
104
|
+
* Allow skipping security check with env var (for emergencies)
|
|
105
|
+
*/
|
|
106
|
+
function shouldSkipSecurityCheck() {
|
|
107
|
+
return process.env.SKIP_SECURITY_CHECK === 'true';
|
|
108
|
+
}
|
|
109
|
+
/**
|
|
110
|
+
* Main security check with skip option
|
|
111
|
+
*/
|
|
112
|
+
function performSecurityCheck() {
|
|
113
|
+
// Allow skip in CI/CD or emergencies
|
|
114
|
+
if (shouldSkipSecurityCheck()) {
|
|
115
|
+
console.warn('ā ļø Security check skipped via SKIP_SECURITY_CHECK env var');
|
|
116
|
+
return true;
|
|
117
|
+
}
|
|
118
|
+
return checkSecurity();
|
|
119
|
+
}
|
|
120
|
+
// Run if called directly
|
|
121
|
+
if (require.main === module) {
|
|
122
|
+
if (!performSecurityCheck()) {
|
|
123
|
+
process.exit(1);
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
//# sourceMappingURL=security-check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-check.js","sourceRoot":"","sources":["../../../scripts/utils/security-check.ts"],"names":[],"mappings":";;AACA;;;;GAIG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+F8B,6CAAa;AA7F9C,uCAAyB;AACzB,2CAA6B;AAE7B,MAAM,UAAU,GAAG,gBAAgB,CAAC;AACpC,MAAM,aAAa,GAAG,sBAAsB,CAAC;AAC7C,MAAM,UAAU,GAAG,wBAAwB,CAAC;AAC5C,MAAM,mBAAmB,GAAG,gBAAgB,CAAC;AAE7C,MAAM,qBAAqB,GAAG,kEAAkE,CAAC;AACjG,MAAM,2BAA2B,GAAG,kEAAkE,CAAC;AAEvG,SAAS,aAAa;IACpB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,UAAU,CAAC,CAAC;IACjD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,mBAAmB,CAAC,CAAC;IAEtD,kCAAkC;IAClC,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,aAAa,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IAE7C,yCAAyC;IACzC,MAAM,kBAAkB,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC;QACrD,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,qBAAqB,CAAC;IAE1E,MAAM,iBAAiB,GAAG,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;QACjD,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,2BAA2B,CAAC;IAE7E,IAAI,kBAAkB,IAAI,iBAAiB,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;CA0BjB,CAAC,CAAC;QACC,OAAO,KAAK,CAAC;IACf,CAAC;IAED,yBAAyB;IACzB,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACxB,EAAE,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;IAEtD,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;IAEtF,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB;IAC9B,OAAO,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,MAAM,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB;IAC3B,qCAAqC;IACrC,IAAI,uBAAuB,EAAE,EAAE,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;QAC3E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,aAAa,EAAE,CAAC;AACzB,CAAC;AAKD,yBAAyB;AACzB,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;IAC5B,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
package/scripts/cli.ts
CHANGED
|
@@ -277,11 +277,23 @@ exit $?
|
|
|
277
277
|
}
|
|
278
278
|
|
|
279
279
|
console.log('\nā
Code Guardian initialized successfully!\n');
|
|
280
|
+
|
|
281
|
+
// Security warning
|
|
282
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā');
|
|
283
|
+
console.log('ā š SECURITY SETUP REQUIRED š ā');
|
|
284
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
285
|
+
console.log('ā ļø CRITICAL: Change default passwords immediately!\n');
|
|
286
|
+
console.log('Default passwords are publicly known. Anyone can bypass checks!\n');
|
|
287
|
+
console.log('Required commands:');
|
|
288
|
+
console.log(' 1. npm run set-bypass-password');
|
|
289
|
+
console.log(' 2. npm run set-admin-password\n');
|
|
290
|
+
console.log('š For security details, see: SECURITY.md\n');
|
|
291
|
+
console.log('āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā\n');
|
|
280
292
|
console.log('Next steps:');
|
|
281
|
-
console.log('
|
|
282
|
-
console.log('
|
|
283
|
-
console.log('
|
|
284
|
-
console.log('
|
|
293
|
+
console.log(' 3. Review config files in ./config/');
|
|
294
|
+
console.log(' 4. Customize rules for your team');
|
|
295
|
+
console.log(' 5. Make a commit to test the pre-commit hook');
|
|
296
|
+
console.log(' 6. Run "npm run generate-doc -- --name=test --type=ui"\n');
|
|
285
297
|
}
|
|
286
298
|
|
|
287
299
|
/**
|
|
@@ -29,6 +29,7 @@ import { getRulesForProject } from '../config/guidelines.config';
|
|
|
29
29
|
import { executeRules, printReport, RuleEngineReport } from './utils/rule-engine';
|
|
30
30
|
import * as logger from './utils/logger';
|
|
31
31
|
import { verifyBypassPassword, recordBypass } from './utils/bypass-manager';
|
|
32
|
+
import { checkSecurity } from './utils/security-check';
|
|
32
33
|
import * as readline from 'readline';
|
|
33
34
|
|
|
34
35
|
// āā Load all project-type configs (side-effect: registers rules) āāāāāāāāāāāā
|
|
@@ -158,14 +159,21 @@ function runEslint(stagedFiles: string[]): boolean {
|
|
|
158
159
|
logger.info(`Running ESLint on ${lintableFiles.length} file(s)...`);
|
|
159
160
|
|
|
160
161
|
try {
|
|
161
|
-
|
|
162
|
-
|
|
162
|
+
// Security: Use array args to prevent command injection
|
|
163
|
+
const { spawnSync } = require('child_process');
|
|
164
|
+
const result = spawnSync('npx', ['eslint', ...lintableFiles, '--max-warnings', '0'], {
|
|
163
165
|
stdio: 'inherit',
|
|
164
166
|
encoding: 'utf-8',
|
|
165
|
-
cwd: process.cwd(),
|
|
167
|
+
cwd: process.cwd(),
|
|
166
168
|
});
|
|
167
|
-
|
|
168
|
-
|
|
169
|
+
|
|
170
|
+
if (result.status === 0) {
|
|
171
|
+
logger.success('ESLint passed.');
|
|
172
|
+
return true;
|
|
173
|
+
}
|
|
174
|
+
|
|
175
|
+
logger.error('ESLint found issues. Fix them before committing.');
|
|
176
|
+
return false;
|
|
169
177
|
} catch (error: any) {
|
|
170
178
|
// Check if ESLint config is missing
|
|
171
179
|
if (error.stdout?.includes('eslint.config') || error.stderr?.includes('eslint.config')) {
|
|
@@ -198,35 +206,51 @@ function runPrettier(stagedFiles: string[]): boolean {
|
|
|
198
206
|
logger.info(`Running Prettier on ${formattableFiles.length} file(s)...`);
|
|
199
207
|
|
|
200
208
|
try {
|
|
201
|
-
|
|
202
|
-
|
|
209
|
+
// Security: Use array args to prevent command injection
|
|
210
|
+
const { spawnSync } = require('child_process');
|
|
211
|
+
const checkResult = spawnSync('npx', ['prettier', '--check', ...formattableFiles], {
|
|
203
212
|
stdio: 'pipe',
|
|
204
213
|
encoding: 'utf-8',
|
|
205
214
|
});
|
|
206
|
-
|
|
207
|
-
|
|
208
|
-
|
|
215
|
+
|
|
216
|
+
if (checkResult.status === 0) {
|
|
217
|
+
logger.success('Prettier check passed.');
|
|
218
|
+
return true;
|
|
219
|
+
}
|
|
220
|
+
|
|
209
221
|
logger.warn('Prettier found formatting issues ā auto-fixing...');
|
|
210
222
|
|
|
211
223
|
try {
|
|
212
|
-
const
|
|
213
|
-
execSync(`npx prettier --write ${fileList}`, {
|
|
224
|
+
const writeResult = spawnSync('npx', ['prettier', '--write', ...formattableFiles], {
|
|
214
225
|
stdio: 'inherit',
|
|
215
226
|
encoding: 'utf-8',
|
|
216
227
|
});
|
|
217
228
|
|
|
229
|
+
if (writeResult.status !== 0) {
|
|
230
|
+
logger.error('Prettier auto-fix failed.');
|
|
231
|
+
return false;
|
|
232
|
+
}
|
|
233
|
+
|
|
218
234
|
// Re-stage the auto-formatted files
|
|
219
|
-
|
|
235
|
+
const gitResult = spawnSync('git', ['add', ...formattableFiles], {
|
|
220
236
|
stdio: 'inherit',
|
|
221
237
|
encoding: 'utf-8',
|
|
222
238
|
});
|
|
223
239
|
|
|
240
|
+
if (gitResult.status !== 0) {
|
|
241
|
+
logger.error('Failed to re-stage auto-formatted files.');
|
|
242
|
+
return false;
|
|
243
|
+
}
|
|
244
|
+
|
|
224
245
|
logger.success('Prettier auto-fixed and re-staged files.');
|
|
225
246
|
return true;
|
|
226
|
-
} catch {
|
|
247
|
+
} catch (error) {
|
|
227
248
|
logger.error('Prettier auto-fix failed.');
|
|
228
249
|
return false;
|
|
229
250
|
}
|
|
251
|
+
} catch (error) {
|
|
252
|
+
logger.error('Prettier check failed.');
|
|
253
|
+
return false;
|
|
230
254
|
}
|
|
231
255
|
}
|
|
232
256
|
|
|
@@ -0,0 +1,108 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
/**
|
|
3
|
+
* ============================================================================
|
|
4
|
+
* first-run-check.ts ā Force password change on first use
|
|
5
|
+
* ============================================================================
|
|
6
|
+
*/
|
|
7
|
+
|
|
8
|
+
import * as fs from 'fs';
|
|
9
|
+
import * as path from 'path';
|
|
10
|
+
|
|
11
|
+
const BYPASS_DIR = '.code-guardian';
|
|
12
|
+
const PASSWORD_FILE = 'bypass-password.hash';
|
|
13
|
+
const ADMIN_FILE = 'admin-credentials.hash';
|
|
14
|
+
const SETUP_COMPLETE_FILE = 'setup-complete';
|
|
15
|
+
|
|
16
|
+
const DEFAULT_PASSWORD_HASH = '8d969eef6ecad3c29a3a629280e686cf0c3f5d5a86aff3ca12020c923adc6c92';
|
|
17
|
+
const DEFAULT_ADMIN_PASSWORD_HASH = '240be518fabd2724ddb6f04eeb1da5967448d7e831c08c8fa822809f74c720a9';
|
|
18
|
+
|
|
19
|
+
function checkSecurity(): boolean {
|
|
20
|
+
const dir = path.join(process.cwd(), BYPASS_DIR);
|
|
21
|
+
const setupFile = path.join(dir, SETUP_COMPLETE_FILE);
|
|
22
|
+
|
|
23
|
+
// If setup already complete, skip
|
|
24
|
+
if (fs.existsSync(setupFile)) {
|
|
25
|
+
return true;
|
|
26
|
+
}
|
|
27
|
+
|
|
28
|
+
const passwordPath = path.join(dir, PASSWORD_FILE);
|
|
29
|
+
const adminPath = path.join(dir, ADMIN_FILE);
|
|
30
|
+
|
|
31
|
+
// Check if still using default passwords
|
|
32
|
+
const usingDefaultBypass = !fs.existsSync(passwordPath) ||
|
|
33
|
+
fs.readFileSync(passwordPath, 'utf-8').trim() === DEFAULT_PASSWORD_HASH;
|
|
34
|
+
|
|
35
|
+
const usingDefaultAdmin = !fs.existsSync(adminPath) ||
|
|
36
|
+
fs.readFileSync(adminPath, 'utf-8').trim() === DEFAULT_ADMIN_PASSWORD_HASH;
|
|
37
|
+
|
|
38
|
+
if (usingDefaultBypass || usingDefaultAdmin) {
|
|
39
|
+
console.error(`
|
|
40
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
41
|
+
ā š CRITICAL SECURITY WARNING š ā
|
|
42
|
+
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
|
|
43
|
+
|
|
44
|
+
ā ļø You are using DEFAULT PASSWORDS! This is a SECURITY RISK!
|
|
45
|
+
|
|
46
|
+
Default passwords are publicly known and published in the source code:
|
|
47
|
+
- Bypass password: "bypass123"
|
|
48
|
+
- Admin password: "admin123"
|
|
49
|
+
|
|
50
|
+
Anyone who can see your repository can bypass ALL security checks!
|
|
51
|
+
|
|
52
|
+
š REQUIRED ACTIONS (Run both commands):
|
|
53
|
+
|
|
54
|
+
1. Set bypass password:
|
|
55
|
+
npm run set-bypass-password
|
|
56
|
+
|
|
57
|
+
2. Set admin password:
|
|
58
|
+
npm run set-admin-password
|
|
59
|
+
|
|
60
|
+
ā ALL COMMITS ARE BLOCKED until you change these passwords.
|
|
61
|
+
|
|
62
|
+
š” To skip this check temporarily (NOT RECOMMENDED):
|
|
63
|
+
SKIP_SECURITY_CHECK=true git commit -m "message"
|
|
64
|
+
|
|
65
|
+
`);
|
|
66
|
+
return false;
|
|
67
|
+
}
|
|
68
|
+
|
|
69
|
+
// Mark setup as complete
|
|
70
|
+
if (!fs.existsSync(dir)) {
|
|
71
|
+
fs.mkdirSync(dir, { recursive: true });
|
|
72
|
+
}
|
|
73
|
+
fs.writeFileSync(setupFile, new Date().toISOString());
|
|
74
|
+
|
|
75
|
+
console.log('ā
Security check passed - passwords have been changed from defaults.\n');
|
|
76
|
+
|
|
77
|
+
return true;
|
|
78
|
+
}
|
|
79
|
+
|
|
80
|
+
/**
|
|
81
|
+
* Allow skipping security check with env var (for emergencies)
|
|
82
|
+
*/
|
|
83
|
+
function shouldSkipSecurityCheck(): boolean {
|
|
84
|
+
return process.env.SKIP_SECURITY_CHECK === 'true';
|
|
85
|
+
}
|
|
86
|
+
|
|
87
|
+
/**
|
|
88
|
+
* Main security check with skip option
|
|
89
|
+
*/
|
|
90
|
+
function performSecurityCheck(): boolean {
|
|
91
|
+
// Allow skip in CI/CD or emergencies
|
|
92
|
+
if (shouldSkipSecurityCheck()) {
|
|
93
|
+
console.warn('ā ļø Security check skipped via SKIP_SECURITY_CHECK env var');
|
|
94
|
+
return true;
|
|
95
|
+
}
|
|
96
|
+
|
|
97
|
+
return checkSecurity();
|
|
98
|
+
}
|
|
99
|
+
|
|
100
|
+
// Export for use in precommit-check
|
|
101
|
+
export { performSecurityCheck as checkSecurity };
|
|
102
|
+
|
|
103
|
+
// Run if called directly
|
|
104
|
+
if (require.main === module) {
|
|
105
|
+
if (!performSecurityCheck()) {
|
|
106
|
+
process.exit(1);
|
|
107
|
+
}
|
|
108
|
+
}
|