@herodevs/cli 2.0.0-beta.4 → 2.0.0-beta.5

package/dist/service/display.svc.d.ts

@@ -0,0 +1,22 @@
+import type { ComponentStatus, EolReport } from '@herodevs/eol-shared';
+/**
+ * Formats status row text with appropriate color and icon
+ */
+export declare const getStatusRowText: Record<ComponentStatus, (text: string) => string>;
+export type ComponentCounts = Record<ComponentStatus, number> & {
+    NES_AVAILABLE: number;
+    TOTAL: number;
+    ECOSYSTEMS: string[];
+};
+/**
+ * Counts components by their status, including NES remediation availability
+ */
+export declare function countComponentsByStatus(report: EolReport): ComponentCounts;
+/**
+ * Formats scan results for console display
+ */
+export declare function formatScanResults(report: EolReport): string[];
+/**
+ * Formats web report URL for console display
+ */
+export declare function formatWebReportUrl(id: string, reportCardUrl: string): string[];

package/dist/service/display.svc.js

@@ -0,0 +1,72 @@
+import { deriveComponentStatus } from '@herodevs/eol-shared';
+import { ux } from '@oclif/core';
+import terminalLink from 'terminal-link';
+const STATUS_COLORS = {
+    EOL: 'red',
+    UNKNOWN: 'default',
+    OK: 'green',
+    EOL_UPCOMING: 'yellow',
+};
+/**
+ * Formats status row text with appropriate color and icon
+ */
+export const getStatusRowText = {
+    EOL: (text) => ux.colorize(STATUS_COLORS.EOL, `✗ ${text}`),
+    UNKNOWN: (text) => ux.colorize(STATUS_COLORS.UNKNOWN, `• ${text}`),
+    OK: (text) => ux.colorize(STATUS_COLORS.OK, `✔ ${text}`),
+    EOL_UPCOMING: (text) => ux.colorize(STATUS_COLORS.EOL_UPCOMING, `! ${text}`),
+};
+/**
+ * Counts components by their status, including NES remediation availability
+ */
+export function countComponentsByStatus(report) {
+    const grouped = {
+        UNKNOWN: 0,
+        OK: 0,
+        EOL_UPCOMING: 0,
+        EOL: 0,
+        NES_AVAILABLE: 0,
+        ECOSYSTEMS: [],
+        TOTAL: report.components.length,
+    };
+    const ecosystems = new Set();
+    for (const component of report.components) {
+        const status = deriveComponentStatus(component.metadata);
+        grouped[status]++;
+        if (component.nesRemediation?.remediations?.length) {
+            grouped.NES_AVAILABLE++;
+        }
+        const ecosystem = component.purl.match(/^pkg:([^/]+)\//)?.[1];
+        if (ecosystem) {
+            ecosystems.add(ecosystem);
+        }
+    }
+    grouped.ECOSYSTEMS = Array.from(ecosystems);
+    return grouped;
+}
+/**
+ * Formats scan results for console display
+ */
+export function formatScanResults(report) {
+    const { UNKNOWN, OK, EOL_UPCOMING, EOL, NES_AVAILABLE } = countComponentsByStatus(report);
+    if (!UNKNOWN && !OK && !EOL_UPCOMING && !EOL) {
+        return [ux.colorize('yellow', 'No components found in scan.')];
+    }
+    return [
+        ux.colorize('bold', 'Scan results:'),
+        ux.colorize('bold', '-'.repeat(40)),
+        ux.colorize('bold', `${report.components.length.toLocaleString()} total packages scanned`),
+        getStatusRowText.EOL(`${EOL.toLocaleString().padEnd(5)} End-of-Life (EOL)`),
+        getStatusRowText.EOL_UPCOMING(`${EOL_UPCOMING.toLocaleString().padEnd(5)} EOL Upcoming`),
+        getStatusRowText.OK(`${OK.toLocaleString().padEnd(5)} Not End-of-Life`),
+        getStatusRowText.UNKNOWN(`${UNKNOWN.toLocaleString().padEnd(5)} Unknown Status`),
+        getStatusRowText.UNKNOWN(`${NES_AVAILABLE.toLocaleString().padEnd(5)} HeroDevs NES Remediation${NES_AVAILABLE !== 1 ? 's' : ''} Available`),
+    ];
+}
+/**
+ * Formats web report URL for console display
+ */
+export function formatWebReportUrl(id, reportCardUrl) {
+    const url = ux.colorize('blue', terminalLink(new URL(reportCardUrl).hostname, `${reportCardUrl}/${id}`, { fallback: (_, url) => url }));
+    return [ux.colorize('bold', '-'.repeat(40)), `🌐 View your full EOL report at: ${url}\n`];
+}

package/dist/service/file.svc.d.ts

@@ -0,0 +1,20 @@
+import type { CdxBom, EolReport } from '@herodevs/eol-shared';
+export interface FileError extends Error {
+    code?: string;
+}
+/**
+ * Reads an SBOM from a file path
+ */
+export declare function readSbomFromFile(filePath: string): CdxBom;
+/**
+ * Validates that a directory path exists and is actually a directory
+ */
+export declare function validateDirectory(dirPath: string): void;
+/**
+ * Saves an SBOM to a file in the specified directory
+ */
+export declare function saveSbomToFile(dir: string, sbom: CdxBom): string;
+/**
+ * Saves an EOL report to a file in the specified directory
+ */
+export declare function saveReportToFile(dir: string, report: EolReport): string;

package/dist/service/file.svc.js

@@ -0,0 +1,71 @@
+import fs from 'node:fs';
+import path, { join, resolve } from 'node:path';
+import { isCdxBom } from '@herodevs/eol-shared';
+import { filenamePrefix } from "../config/constants.js";
+import { getErrorMessage } from "./log.svc.js";
+/**
+ * Reads an SBOM from a file path
+ */
+export function readSbomFromFile(filePath) {
+    const file = resolve(filePath);
+    if (!fs.existsSync(file)) {
+        throw new Error(`SBOM file not found: ${file}`);
+    }
+    try {
+        const fileContent = fs.readFileSync(file, 'utf8');
+        const sbom = JSON.parse(fileContent);
+        if (!isCdxBom(sbom)) {
+            throw new Error(`Invalid SBOM file: ${file}`);
+        }
+        return sbom;
+    }
+    catch (error) {
+        throw new Error(`Failed to read SBOM file: ${getErrorMessage(error)}`);
+    }
+}
+/**
+ * Validates that a directory path exists and is actually a directory
+ */
+export function validateDirectory(dirPath) {
+    const dir = resolve(dirPath);
+    if (!fs.existsSync(dir)) {
+        throw new Error(`Directory not found: ${dir}`);
+    }
+    const stats = fs.statSync(dir);
+    if (!stats.isDirectory()) {
+        throw new Error(`Path is not a directory: ${dir}`);
+    }
+}
+/**
+ * Saves an SBOM to a file in the specified directory
+ */
+export function saveSbomToFile(dir, sbom) {
+    const outputPath = join(dir, `${filenamePrefix}.sbom.json`);
+    try {
+        fs.writeFileSync(outputPath, JSON.stringify(sbom, null, 2));
+        return outputPath;
+    }
+    catch (error) {
+        throw new Error(`Failed to save SBOM: ${getErrorMessage(error)}`);
+    }
+}
+/**
+ * Saves an EOL report to a file in the specified directory
+ */
+export function saveReportToFile(dir, report) {
+    const reportPath = path.join(dir, `${filenamePrefix}.report.json`);
+    try {
+        fs.writeFileSync(reportPath, JSON.stringify(report, null, 2));
+        return reportPath;
+    }
+    catch (error) {
+        const fileError = error;
+        if (fileError.code === 'EACCES') {
+            throw new Error(`Permission denied. Unable to save report to ${filenamePrefix}.report.json`);
+        }
+        if (fileError.code === 'ENOSPC') {
+            throw new Error(`No space left on device. Unable to save report to ${filenamePrefix}.report.json`);
+        }
+        throw new Error(`Failed to save report: ${getErrorMessage(error)}`);
+    }
+}

package/dist/service/log.svc.d.ts

@@ -5,3 +5,4 @@ import debug from 'debug';
  * All user-facing output should be handled by commands.
  */
 export declare const debugLogger: debug.Debugger;
+export declare function getErrorMessage(error: unknown): string;

package/dist/service/log.svc.js

@@ -5,3 +5,12 @@ import debug from 'debug';
  * All user-facing output should be handled by commands.
  */
 export const debugLogger = debug('oclif:herodevs-debug');
+export function getErrorMessage(error) {
+    if (error instanceof Error) {
+        return error.message;
+    }
+    if (error && typeof error === 'object') {
+        return JSON.stringify(error);
+    }
+    return String(error) || 'Unknown error';
+}

package/dist/service/{eol/sbom.worker.js → sbom.worker.js}

@@ -1,7 +1,7 @@
 import { writeFileSync } from 'node:fs';
 import { join } from 'node:path';
 import { createBom } from '@cyclonedx/cdxgen';
-import { filenamePrefix } from "../../config/constants.js";
+import { filenamePrefix } from "../config/constants.js";
 import { SBOM_DEFAULT__OPTIONS } from "./cdx.svc.js";
 process.on('uncaughtException', (err) => {
     console.error('Uncaught exception:', err.message);

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "2.0.0-beta.4",
+  "version": "2.0.0-beta.5",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -23,12 +23,14 @@
     "format": "biome format --write",
     "lint": "biome lint --write",
     "postpack": "shx rm -f oclif.manifest.json",
+    "prepare": "npm run build",
     "prepack": "oclif manifest && oclif readme",
     "pretest": "npm run lint && npm run typecheck",
     "readme": "npm run ci:fix && npm run build && npm exec oclif readme",
-    "test": "globstar -- node --import tsx --test \"test/**/*.test.ts\"",
+    "test": "globstar -- node --import tsx --test --experimental-test-module-mocks \"test/**/*.test.ts\"",
     "test:e2e": "globstar -- node --import tsx --test \"e2e/**/*.test.ts\"",
-    "typecheck": "tsc --noEmit"
+    "typecheck": "tsc --noEmit",
+    "version": "oclif manifest && npm run readme"
   },
   "keywords": [
     "herodevs",
@@ -36,30 +38,34 @@
     "herodevs cli"
   ],
   "dependencies": {
+    "@amplitude/analytics-node": "^1.5.5",
     "@apollo/client": "^3.13.8",
-    "@cyclonedx/cdxgen": "^11.4.1",
-    "@oclif/core": "^4.4.0",
-    "@oclif/plugin-help": "^6.2.29",
-    "@oclif/plugin-update": "^4.6.45",
+    "@cyclonedx/cdxgen": "~11.4.4",
+    "@herodevs/eol-shared": "github:herodevs/eol-shared#v0.1.10",
+    "@oclif/core": "^4.5.2",
+    "@oclif/plugin-help": "^6.2.32",
+    "@oclif/plugin-update": "^4.7.4",
     "graphql": "^16.11.0",
+    "node-machine-id": "^1.1.12",
+    "ora": "^8.2.0",
     "packageurl-js": "^2.0.1",
     "terminal-link": "^4.0.0",
     "update-notifier": "^7.3.1"
   },
   "devDependencies": {
-    "@biomejs/biome": "^1.9.4",
+    "@biomejs/biome": "^2.2.2",
     "@oclif/test": "^4.1.13",
-    "@types/inquirer": "^9.0.8",
-    "@types/node": "^22.15.32",
+    "@types/inquirer": "^9.0.9",
+    "@types/node": "^24.3.0",
     "@types/sinon": "^17.0.4",
     "@types/update-notifier": "^6.0.8",
     "globstar": "^1.0.0",
-    "oclif": "^4.20.1",
+    "oclif": "^4.22.14",
     "shx": "^0.4.0",
-    "sinon": "^20.0.0",
+    "sinon": "^21.0.0",
     "ts-node": "^10.9.2",
-    "tsx": "^4.20.3",
-    "typescript": "^5.8.3"
+    "tsx": "^4.20.5",
+    "typescript": "^5.9.2"
   },
   "engines": {
     "node": ">=20.0.0"
@@ -82,7 +88,8 @@
     ],
     "hooks": {
       "init": "./dist/hooks/npm-update-notifier.js",
-      "prerun": "./dist/hooks/prerun.js"
+      "prerun": "./dist/hooks/prerun.js",
+      "finally": "./dist/hooks/finally.js"
     },
     "topicSeparator": " ",
     "macos": {

package/dist/api/client.d.ts

@@ -1,12 +0,0 @@
-import * as apollo from '@apollo/client/core/index.js';
-export interface ApolloHelper {
-    mutate<T, V extends apollo.OperationVariables>(mutation: apollo.DocumentNode, variables?: V): Promise<apollo.FetchResult<T>>;
-    query<T, V extends apollo.OperationVariables | undefined = undefined>(query: apollo.DocumentNode, variables?: V): Promise<apollo.ApolloQueryResult<T>>;
-}
-export declare const createApollo: (url: string) => apollo.ApolloClient<apollo.NormalizedCacheObject>;
-export declare class ApolloClient implements ApolloHelper {
-    #private;
-    constructor(url: string);
-    mutate<T, V extends apollo.OperationVariables>(mutation: apollo.DocumentNode, variables?: V): Promise<apollo.FetchResult<T>>;
-    query<T, V extends apollo.OperationVariables | undefined>(query: apollo.DocumentNode, variables?: V): Promise<apollo.ApolloQueryResult<T>>;
-}

package/dist/api/client.js

@@ -1,43 +0,0 @@
-import * as apollo from '@apollo/client/core/index.js';
-import { ApolloError } from "../service/error.svc.js";
-export const createApollo = (url) => new apollo.ApolloClient({
-    cache: new apollo.InMemoryCache({
-        addTypename: false,
-    }),
-    headers: {
-        'User-Agent': `hdcli/${process.env.npm_package_version ?? 'unknown'}`,
-    },
-    link: apollo.ApolloLink.from([
-        new apollo.HttpLink({
-            uri: url,
-        }),
-    ]),
-});
-export class ApolloClient {
-    #apollo;
-    constructor(url) {
-        this.#apollo = createApollo(url);
-    }
-    async mutate(mutation, variables) {
-        try {
-            return await this.#apollo.mutate({
-                mutation,
-                variables,
-            });
-        }
-        catch (error) {
-            throw new ApolloError('GraphQL mutation failed', error);
-        }
-    }
-    async query(query, variables) {
-        try {
-            return await this.#apollo.query({
-                query,
-                variables,
-            });
-        }
-        catch (error) {
-            throw new ApolloError('GraphQL query failed', error);
-        }
-    }
-}

package/dist/api/nes/nes.client.d.ts

@@ -1,24 +0,0 @@
-import type * as apollo from '@apollo/client/core/index.js';
-import type { InsightsEolScanInput, InsightsEolScanResult } from '../../api/types/nes.types.ts';
-import { type ProcessBatchOptions, type ScanInputOptions, type ScanResult } from '../types/hd-cli.types.ts';
-export interface NesClient {
-    scan: {
-        purls: (purls: string[], options: ScanInputOptions) => Promise<InsightsEolScanResult>;
-    };
-}
-export declare class NesApolloClient implements NesClient {
-    #private;
-    scan: {
-        purls: (purls: string[], options: ScanInputOptions) => Promise<InsightsEolScanResult>;
-    };
-    constructor(url: string);
-    mutate<T, V extends Record<string, unknown>>(mutation: apollo.DocumentNode, variables?: V): Promise<apollo.FetchResult<T>>;
-    query<T, V extends Record<string, unknown> | undefined>(query: apollo.DocumentNode, variables?: V): Promise<apollo.ApolloQueryResult<T>>;
-}
-export declare const batchSubmitPurls: (purls: string[], options?: ScanInputOptions, batchSize?: number) => Promise<ScanResult>;
-export declare const dedupeAndEncodePurls: (purls: string[]) => string[];
-export declare const createBatches: (items: string[], batchSize: number) => string[][];
-export declare const processBatch: ({ batch, index, totalPages, scanOptions, previousScanId, }: ProcessBatchOptions) => Promise<InsightsEolScanResult>;
-export declare const processBatches: (batches: string[][], scanOptions: ScanInputOptions) => Promise<InsightsEolScanResult[]>;
-export declare const handleBatchResults: (results: InsightsEolScanResult[]) => ScanResult;
-export declare const buildInsightsEolScanInput: (purls: string[], options: ScanInputOptions) => InsightsEolScanInput;

package/dist/api/nes/nes.client.js

@@ -1,127 +0,0 @@
-import { PackageURL } from 'packageurl-js';
-import { ApolloClient } from "../../api/client.js";
-import { config } from "../../config/constants.js";
-import { debugLogger } from "../../service/log.svc.js";
-import { SbomScanner, buildScanResult } from "../../service/nes/nes.svc.js";
-import { DEFAULT_SCAN_BATCH_SIZE, DEFAULT_SCAN_INPUT_OPTIONS, } from "../types/hd-cli.types.js";
-export class NesApolloClient {
-    scan = {
-        purls: SbomScanner(this),
-    };
-    #apollo;
-    constructor(url) {
-        this.#apollo = new ApolloClient(url);
-    }
-    mutate(mutation, variables) {
-        return this.#apollo.mutate(mutation, variables);
-    }
-    query(query, variables) {
-        return this.#apollo.query(query, variables);
-    }
-}
-/**
- * Submit a scan for a list of purls after they've been batched by batchSubmitPurls
- */
-function submitScan(purls, options) {
-    const host = config.graphqlHost;
-    const path = config.graphqlPath;
-    const url = host + path;
-    debugLogger('Submitting scan to %s', url);
-    const client = new NesApolloClient(url);
-    return client.scan.purls(purls, options);
-}
-export const batchSubmitPurls = async (purls, options = DEFAULT_SCAN_INPUT_OPTIONS, batchSize = DEFAULT_SCAN_BATCH_SIZE) => {
-    try {
-        const dedupedAndEncodedPurls = dedupeAndEncodePurls(purls);
-        const batches = createBatches(dedupedAndEncodedPurls, batchSize);
-        debugLogger('Processing %d batches', batches.length);
-        if (batches.length === 0) {
-            return {
-                components: new Map(),
-                message: 'No batches to process',
-                success: true,
-                warnings: [],
-                scanId: undefined,
-                createdOn: undefined,
-            };
-        }
-        const results = await processBatches(batches, options);
-        return handleBatchResults(results);
-    }
-    catch (error) {
-        debugLogger('Fatal error in batchSubmitPurls: %s', error);
-        throw new Error(`Failed to process purls: ${error instanceof Error ? error.message : String(error)}`);
-    }
-};
-export const dedupeAndEncodePurls = (purls) => {
-    const dedupedAndEncodedPurls = new Set();
-    for (const purl of purls) {
-        try {
-            // The PackageURL.fromString method encodes each part of the purl
-            const encodedPurl = PackageURL.fromString(purl).toString();
-            if (!dedupedAndEncodedPurls.has(encodedPurl)) {
-                dedupedAndEncodedPurls.add(encodedPurl);
-            }
-        }
-        catch (error) {
-            debugLogger('Error encoding purl: %s', error);
-        }
-    }
-    return Array.from(dedupedAndEncodedPurls);
-};
-export const createBatches = (items, batchSize) => {
-    const numberOfBatches = Math.ceil(items.length / batchSize);
-    return Array.from({ length: numberOfBatches }, (_, index) => {
-        const startIndex = index * batchSize;
-        const endIndex = startIndex + batchSize;
-        return items.slice(startIndex, endIndex);
-    });
-};
-export const processBatch = async ({ batch, index, totalPages, scanOptions, previousScanId, }) => {
-    const page = index + 1;
-    if (page > totalPages) {
-        throw new Error('Total pages exceeded');
-    }
-    debugLogger('Processing batch %d of %d', page, totalPages);
-    debugLogger('ScanID: %s', previousScanId);
-    const result = await submitScan(batch, {
-        ...scanOptions,
-        page,
-        totalPages,
-        scanId: previousScanId,
-    });
-    return result;
-};
-export const processBatches = async (batches, scanOptions) => {
-    const totalPages = batches.length;
-    const results = [];
-    for (const [index, batch] of batches.entries()) {
-        const previousScanId = results[index - 1]?.scanId;
-        const result = await processBatch({
-            batch,
-            index,
-            totalPages,
-            scanOptions,
-            previousScanId,
-        });
-        results.push(result);
-    }
-    return results;
-};
-export const handleBatchResults = (results) => {
-    if (results.length === 0) {
-        throw new Error('No results to process');
-    }
-    // The API returns placeholders for each batch except the last one.
-    const finalResult = results[results.length - 1];
-    return buildScanResult(finalResult);
-};
-export const buildInsightsEolScanInput = (purls, options) => {
-    const { type, page, totalPages } = options;
-    return {
-        components: purls,
-        type,
-        page,
-        totalPages,
-    };
-};

package/dist/api/queries/nes/sbom.d.ts

@@ -1,3 +0,0 @@
-export declare const M_SCAN: {
-    gql: import("graphql/language/ast.js").DocumentNode;
-};

package/dist/api/queries/nes/sbom.js

@@ -1,39 +0,0 @@
-import { gql } from '@apollo/client/core/core.cjs';
-export const M_SCAN = {
-    gql: gql `
-    mutation EolScan($input: InsightsEolScanInput!) {
-      insights {
-        scan {
-          eol(input: $input) {
-            components {
-              purl
-              info {
-                isEol
-                isUnsafe
-                eolAt
-                daysEol
-                status
-                vulnCount
-              }
-              remediation {
-                id
-              }
-            }
-            diagnostics
-            message
-            scanId
-            createdOn
-            success
-            warnings {
-              purl
-              type
-              message
-              error
-              diagnostics
-            }
-          }
-        }
-      }
-    }
-  `,
-};

package/dist/api/queries/nes/telemetry.d.ts

@@ -1,2 +0,0 @@
-export declare const TELEMETRY_INITIALIZE_MUTATION: import("graphql/language/ast.js").DocumentNode;
-export declare const TELEMETRY_REPORT_MUTATION: import("graphql/language/ast.js").DocumentNode;

package/dist/api/queries/nes/telemetry.js

@@ -1,24 +0,0 @@
-import { gql } from '@apollo/client/core/core.cjs';
-export const TELEMETRY_INITIALIZE_MUTATION = gql `
-  mutation Telemetry($clientName: String!) {
-    telemetry {
-      initialize(input: { context: { client: { id: $clientName } } }) {
-        success
-        oid
-        message
-      }
-    }
-  }
-`;
-export const TELEMETRY_REPORT_MUTATION = gql `
-  mutation Report($key: String!, $report: JSON!, $metadata: JSON) {
-    telemetry {
-      report(input: { key: $key, report: $report, metadata: $metadata }) {
-        txId
-        success
-        message
-        diagnostics
-      }
-    }
-  }
-`;

package/dist/api/types/hd-cli.types.d.ts

@@ -1,30 +0,0 @@
-import { type ComponentStatus, type InsightsEolScanComponent, type ScanWarning } from './nes.types.ts';
-export declare const isValidComponentStatus: (status: string) => status is ComponentStatus;
-export interface ScanInputOptions {
-    type: 'SBOM' | 'OTHER';
-    page: number;
-    totalPages: number;
-    scanId?: string;
-}
-export declare const DEFAULT_SCAN_BATCH_SIZE = 1000;
-export declare const DEFAULT_SCAN_INPUT_OPTIONS: ScanInputOptions;
-export type ScanInput = {
-    components: string[];
-    options: ScanInputOptions;
-};
-export interface ScanResult {
-    components: Map<string, InsightsEolScanComponent>;
-    createdOn?: string;
-    diagnostics?: Record<string, unknown>;
-    message: string;
-    success: boolean;
-    warnings: ScanWarning[];
-    scanId: string | undefined;
-}
-export interface ProcessBatchOptions {
-    batch: string[];
-    index: number;
-    totalPages: number;
-    scanOptions: ScanInputOptions;
-    previousScanId?: string;
-}

package/dist/api/types/hd-cli.types.js

@@ -1,10 +0,0 @@
-import { VALID_STATUSES } from "./nes.types.js";
-export const isValidComponentStatus = (status) => {
-    return VALID_STATUSES.includes(status);
-};
-export const DEFAULT_SCAN_BATCH_SIZE = 1000;
-export const DEFAULT_SCAN_INPUT_OPTIONS = {
-    type: 'SBOM',
-    page: 1,
-    totalPages: 1,
-};