npm - @hatem427/code-guard-ci - Versions diffs - 1.0.6 → 1.1.0 - Mend

@hatem427/code-guard-ci 1.0.6 → 1.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (25) hide show

package/README.md +20 -0
package/dist/scripts/setup-supabase.d.ts +8 -0
package/dist/scripts/setup-supabase.d.ts.map +1 -0
package/dist/scripts/setup-supabase.js +172 -0
package/dist/scripts/setup-supabase.js.map +1 -0
package/dist/scripts/test-remote-db.d.ts +8 -0
package/dist/scripts/test-remote-db.d.ts.map +1 -0
package/dist/scripts/test-remote-db.js +15 -0
package/dist/scripts/test-remote-db.js.map +1 -0
package/dist/scripts/utils/bypass-manager.d.ts +1 -1
package/dist/scripts/utils/bypass-manager.d.ts.map +1 -1
package/dist/scripts/utils/bypass-manager.js +29 -1
package/dist/scripts/utils/bypass-manager.js.map +1 -1
package/dist/scripts/utils/remote-logger.d.ts +49 -0
package/dist/scripts/utils/remote-logger.d.ts.map +1 -0
package/dist/scripts/utils/remote-logger.js +251 -0
package/dist/scripts/utils/remote-logger.js.map +1 -0
package/dist/scripts/view-bypass-log.js +35 -2
package/dist/scripts/view-bypass-log.js.map +1 -1
package/package.json +5 -1
package/scripts/setup-supabase.ts +158 -0
package/scripts/test-remote-db.ts +14 -0
package/scripts/utils/bypass-manager.ts +30 -2
package/scripts/utils/remote-logger.ts +256 -0
package/scripts/view-bypass-log.ts +37 -2

package/scripts/utils/remote-logger.ts ADDED Viewed

@@ -0,0 +1,256 @@
+#!/usr/bin/env node
+/**
+ * ============================================================================
+ * remote-logger.ts — Remote database logging with Supabase
+ * ============================================================================
+ * Provides secure, tamper-proof logging by storing bypass records in Supabase.
+ * Falls back to local storage if remote DB is unavailable.
+ */
+import { createClient, SupabaseClient } from '@supabase/supabase-js';
+import * as fs from 'fs';
+import * as path from 'path';
+// Load environment variables
+import dotenv from 'dotenv';
+dotenv.config();
+export interface BypassEntry {
+  id?: string;
+  timestamp: string;
+  author: {
+    name: string;
+    email: string;
+  };
+  reason: string;
+  commitMessage: string;
+  branch: string;
+  files: string[];
+  method: 'commit-message' | 'env-variable' | 'password';
+  projectId: string;
+}
+export interface RemoteLoggerConfig {
+  supabaseUrl?: string;
+  supabaseKey?: string;
+  projectId?: string;
+  enabled: boolean;
+}
+let supabase: SupabaseClient | null = null;
+/**
+ * Get configuration from environment variables
+ */
+function getConfig(): RemoteLoggerConfig {
+  return {
+    supabaseUrl: process.env.CODE_GUARD_SUPABASE_URL,
+    supabaseKey: process.env.CODE_GUARD_SUPABASE_KEY,
+    projectId: process.env.CODE_GUARD_PROJECT_ID || getDefaultProjectId(),
+    enabled: !!(process.env.CODE_GUARD_SUPABASE_URL && process.env.CODE_GUARD_SUPABASE_KEY),
+  };
+}
+/**
+ * Get default project ID from package.json or directory name
+ */
+function getDefaultProjectId(): string {
+  try {
+    const packagePath = path.join(process.cwd(), 'package.json');
+    if (fs.existsSync(packagePath)) {
+      const pkg = JSON.parse(fs.readFileSync(packagePath, 'utf-8'));
+      return pkg.name || path.basename(process.cwd());
+    }
+  } catch {
+    // Ignore errors
+  }
+  return path.basename(process.cwd());
+}
+/**
+ * Initialize Supabase client
+ */
+function getSupabaseClient(): SupabaseClient | null {
+  if (supabase) return supabase;
+  const config = getConfig();
+  if (!config.enabled || !config.supabaseUrl || !config.supabaseKey) {
+    return null;
+  }
+  try {
+    supabase = createClient(config.supabaseUrl, config.supabaseKey);
+    return supabase;
+  } catch (error) {
+    console.error('Failed to initialize Supabase client:', error);
+    return null;
+  }
+}
+/**
+ * Record bypass to remote database
+ */
+export async function recordBypassRemote(entry: BypassEntry): Promise<boolean> {
+  const client = getSupabaseClient();
+  const config = getConfig();
+  if (!client || !config.enabled) {
+    console.log('📝 Remote logging disabled - using local storage only');
+    return false;
+  }
+  try {
+    const { data, error } = await client
+      .from('bypass_logs')
+      .insert([
+        {
+          timestamp: entry.timestamp,
+          author_name: entry.author.name,
+          author_email: entry.author.email,
+          reason: entry.reason,
+          commit_message: entry.commitMessage,
+          branch: entry.branch,
+          files: entry.files,
+          method: entry.method,
+          project_id: config.projectId,
+        },
+      ])
+      .select();
+    if (error) {
+      console.error('❌ Failed to record bypass to remote DB:', error.message);
+      return false;
+    }
+    console.log('✅ Bypass recorded to remote database (ID: ' + data[0]?.id + ')');
+    return true;
+  } catch (error: any) {
+    console.error('❌ Remote logging error:', error.message);
+    return false;
+  }
+}
+/**
+ * Fetch all bypass logs from remote database
+ */
+export async function fetchBypassLogs(projectId?: string): Promise<BypassEntry[]> {
+  const client = getSupabaseClient();
+  const config = getConfig();
+  if (!client || !config.enabled) {
+    console.error('❌ Remote database not configured');
+    return [];
+  }
+  try {
+    const query = client
+      .from('bypass_logs')
+      .select('*')
+      .order('timestamp', { ascending: false });
+    // Filter by project if specified
+    if (projectId || config.projectId) {
+      query.eq('project_id', projectId || config.projectId);
+    }
+    const { data, error } = await query;
+    if (error) {
+      console.error('❌ Failed to fetch logs from remote DB:', error.message);
+      return [];
+    }
+    // Transform to BypassEntry format
+    return (data || []).map((row: any) => ({
+      id: row.id,
+      timestamp: row.timestamp,
+      author: {
+        name: row.author_name,
+        email: row.author_email,
+      },
+      reason: row.reason,
+      commitMessage: row.commit_message,
+      branch: row.branch,
+      files: row.files,
+      method: row.method,
+      projectId: row.project_id,
+    }));
+  } catch (error: any) {
+    console.error('❌ Error fetching remote logs:', error.message);
+    return [];
+  }
+}
+/**
+ * Delete bypass logs from remote database (admin only)
+ */
+export async function deleteBypassLogsRemote(
+  ids: string[],
+  adminPassword: string
+): Promise<boolean> {
+  const client = getSupabaseClient();
+  const config = getConfig();
+  if (!client || !config.enabled) {
+    console.error('❌ Remote database not configured');
+    return false;
+  }
+  try {
+    // Verify admin password via RPC or custom logic
+    // For now, we'll just delete directly (add auth logic as needed)
+    const { error } = await client.from('bypass_logs').delete().in('id', ids);
+    if (error) {
+      console.error('❌ Failed to delete logs from remote DB:', error.message);
+      return false;
+    }
+    console.log(`✅ Deleted ${ids.length} log(s) from remote database`);
+    return true;
+  } catch (error: any) {
+    console.error('❌ Error deleting remote logs:', error.message);
+    return false;
+  }
+}
+/**
+ * Test remote database connection
+ */
+export async function testConnection(): Promise<boolean> {
+  const client = getSupabaseClient();
+  const config = getConfig();
+  if (!client || !config.enabled) {
+    console.log('❌ Remote database not configured');
+    console.log('\nTo enable remote logging, add to your .env file:');
+    console.log('  CODE_GUARD_SUPABASE_URL=https://your-project.supabase.co');
+    console.log('  CODE_GUARD_SUPABASE_KEY=your-anon-key');
+    console.log('  CODE_GUARD_PROJECT_ID=your-project-name\n');
+    return false;
+  }
+  try {
+    const { error } = await client.from('bypass_logs').select('count', { count: 'exact', head: true });
+    if (error) {
+      console.error('❌ Connection test failed:', error.message);
+      return false;
+    }
+    console.log('✅ Remote database connection successful');
+    console.log(`📊 Project ID: ${config.projectId}`);
+    return true;
+  } catch (error: any) {
+    console.error('❌ Connection error:', error.message);
+    return false;
+  }
+}
+/**
+ * Check if remote logging is enabled
+ */
+export function isRemoteLoggingEnabled(): boolean {
+  const config = getConfig();
+  return config.enabled;
+}

package/scripts/view-bypass-log.ts CHANGED Viewed

@@ -11,6 +11,7 @@
  */
 import { generateBypassReport, getBypassesByAuthor, getRecentBypasses } from './utils/bypass-manager';
+import { fetchBypassLogs, isRemoteLoggingEnabled } from './utils/remote-logger';
 import * as logger from './utils/logger';
 function parseArgs(): { author?: string; days?: number } {
@@ -34,10 +35,41 @@ function parseArgs(): { author?: string; days?: number } {
   return opts;
 }
-function main() {
+async function main() {
   logger.header('📊 Code Guardian — Bypass Audit Log');
   const opts = parseArgs();
+  const remoteEnabled = isRemoteLoggingEnabled();
+  // Try remote logs first
+  if (remoteEnabled) {
+    try {
+      console.log('📡 Fetching from remote database...\n');
+      const remoteLogs = await fetchBypassLogs();
+      if (remoteLogs.length === 0) {
+        console.log('✅ No bypasses recorded.\n');
+        return;
+      }
+      console.log(`Found ${remoteLogs.length} bypass(es):\n`);
+      remoteLogs.forEach((entry: any, idx: number) => {
+        const date = new Date(entry.timestamp).toLocaleString();
+        console.log(`━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━`);
+        console.log(`${idx + 1}. ${entry.author.name} <${entry.author.email}>`);
+        console.log(`   📅 ${date}`);
+        console.log(`   📝 ${entry.reason}`);
+        console.log(`   🌿 ${entry.branch}`);
+        console.log(`   🔑 ${entry.method}`);
+        console.log(`   📁 ${entry.files.length} file(s)`);
+        console.log('');
+      });
+      return;
+    } catch (error: any) {
+      console.warn('⚠️  Failed to fetch remote logs:', error.message);
+      console.log('Falling back to local logs...\n');
+    }
+  }
   if (opts.author) {
     logger.info(`Filtering by author: ${opts.author}`);
@@ -89,4 +121,7 @@ function main() {
   }
 }
-main();
+main().catch((err) => {
+  console.error('❌ Error:', err.message);
+  process.exit(1);
+});