@herodevs/cli 2.0.0-beta.8 → 2.0.0

package/dist/service/file.svc.js

@@ -1,10 +1,70 @@
 import fs from 'node:fs';
 import path, { join, resolve } from 'node:path';
-import { isCdxBom } from '@herodevs/eol-shared';
+import { isCdxBom, isSpdxBom, spdxToCdxBom } from '@herodevs/eol-shared';
 import { filenamePrefix } from "../config/constants.js";
 import { getErrorMessage } from "./log.svc.js";
 /**
- * Reads an SBOM from a file path
+ * Computes an absolute output path using either a provided path or the base directory and default name.
+ */
+function resolveOutputPath(baseDir, defaultFilename, customPath) {
+    const defaultOutput = resolve(join(baseDir, defaultFilename));
+    if (!customPath) {
+        return { fileName: defaultFilename, fullPath: defaultOutput };
+    }
+    const resolvedCustomPath = resolve(customPath);
+    let targetPath = resolvedCustomPath;
+    const hasTrailingSeparator = /[\\/]$/.test(customPath);
+    const customIsDirectory = fs.existsSync(resolvedCustomPath) && fs.statSync(resolvedCustomPath).isDirectory();
+    if (hasTrailingSeparator || customIsDirectory) {
+        targetPath = join(resolvedCustomPath, defaultFilename);
+    }
+    return { fileName: path.basename(targetPath), fullPath: targetPath };
+}
+/**
+ * Ensures the output directory for a given path exists, is a directory, and is writable.
+ */
+function ensureOutputDirectory(fullPath, fileName) {
+    const targetDir = path.dirname(fullPath);
+    if (!fs.existsSync(targetDir)) {
+        throw new Error(`Unable to save ${fileName}`);
+    }
+    const stats = fs.statSync(targetDir);
+    if (!stats.isDirectory()) {
+        throw new Error(`Unable to save ${fileName}`);
+    }
+    try {
+        fs.accessSync(targetDir, fs.constants.W_OK);
+    }
+    catch {
+        throw new Error(`Unable to save ${fileName}`);
+    }
+}
+/**
+ * Writes JSON to disk after validating directory constraints and formats the payload for readability.
+ */
+function writeJsonFile(fullPath, fileName, payload, failureLabel) {
+    ensureOutputDirectory(fullPath, fileName);
+    try {
+        fs.writeFileSync(fullPath, JSON.stringify(payload, null, 2));
+        return fullPath;
+    }
+    catch (error) {
+        const fileError = error;
+        switch (fileError.code) {
+            case 'EACCES':
+                throw new Error(`Permission denied. Unable to save ${fileName}`);
+            case 'ENOSPC':
+                throw new Error(`No space left on device. Unable to save ${fileName}`);
+            case 'ENOENT':
+            case 'ENOTDIR':
+                throw new Error(`Unable to save ${fileName}`);
+        }
+        throw new Error(`Failed to save ${failureLabel}: ${getErrorMessage(error)}`);
+    }
+}
+/**
+ * Reads an SBOM from a file path and converts it to CycloneDX format
+ * Supports both SPDX 2.3 and CycloneDX formats
  */
 export function readSbomFromFile(filePath) {
     const file = resolve(filePath);
@@ -13,11 +73,14 @@ export function readSbomFromFile(filePath) {
     }
     try {
         const fileContent = fs.readFileSync(file, 'utf8');
-        const sbom = JSON.parse(fileContent);
-        if (!isCdxBom(sbom)) {
-            throw new Error(`Invalid SBOM file: ${file}`);
+        const jsonContent = JSON.parse(fileContent);
+        if (isSpdxBom(jsonContent)) {
+            return spdxToCdxBom(jsonContent);
+        }
+        if (isCdxBom(jsonContent)) {
+            return jsonContent;
         }
-        return sbom;
+        throw new Error(`Invalid SBOM file format. Expected SPDX 2.3 or CycloneDX format.`);
     }
     catch (error) {
         throw new Error(`Failed to read SBOM file: ${getErrorMessage(error)}`);
@@ -36,36 +99,17 @@ export function validateDirectory(dirPath) {
         throw new Error(`Path is not a directory: ${dir}`);
     }
 }
+const artifactFilenames = {
+    sbom: `${filenamePrefix}.sbom.json`,
+    sbomTrimmed: `${filenamePrefix}.sbom-trimmed.json`,
+    report: `${filenamePrefix}.report.json`,
+};
 /**
- * Saves an SBOM to a file in the specified directory
+ * Saves an SBOM, trimmed SBOM, or report to disk using the correct default filename.
  */
-export function saveSbomToFile(dir, sbom) {
-    const outputPath = join(dir, `${filenamePrefix}.sbom.json`);
-    try {
-        fs.writeFileSync(outputPath, JSON.stringify(sbom, null, 2));
-        return outputPath;
-    }
-    catch (error) {
-        throw new Error(`Failed to save SBOM: ${getErrorMessage(error)}`);
-    }
-}
-/**
- * Saves an EOL report to a file in the specified directory
- */
-export function saveReportToFile(dir, report) {
-    const reportPath = path.join(dir, `${filenamePrefix}.report.json`);
-    try {
-        fs.writeFileSync(reportPath, JSON.stringify(report, null, 2));
-        return reportPath;
-    }
-    catch (error) {
-        const fileError = error;
-        if (fileError.code === 'EACCES') {
-            throw new Error(`Permission denied. Unable to save report to ${filenamePrefix}.report.json`);
-        }
-        if (fileError.code === 'ENOSPC') {
-            throw new Error(`No space left on device. Unable to save report to ${filenamePrefix}.report.json`);
-        }
-        throw new Error(`Failed to save report: ${getErrorMessage(error)}`);
-    }
+export function saveArtifactToFile(dir, request) {
+    const defaultFilename = artifactFilenames[request.kind];
+    const customOutputPath = 'outputPath' in request ? request.outputPath : undefined;
+    const { fileName, fullPath } = resolveOutputPath(dir, defaultFilename, customOutputPath);
+    return writeJsonFile(fullPath, fileName, request.payload, fileName);
 }

package/dist/service/jwt.svc.d.ts

@@ -0,0 +1 @@
+export declare function decodeJwtPayload(token: string | undefined): Record<string, unknown> | undefined;

package/dist/service/jwt.svc.js

@@ -0,0 +1,19 @@
+export function decodeJwtPayload(token) {
+    if (!token) {
+        return;
+    }
+    try {
+        const parts = token.split('.');
+        if (parts.length < 2 || !parts[1]) {
+            return;
+        }
+        const payload = JSON.parse(Buffer.from(parts[1], 'base64url').toString('utf8'));
+        if (!payload || typeof payload !== 'object' || Array.isArray(payload)) {
+            return;
+        }
+        return payload;
+    }
+    catch {
+        return;
+    }
+}

package/dist/service/tracker.svc.d.ts

@@ -0,0 +1,58 @@
+import { type TrackerCategoryDefinition, type TrackerConfig } from '../config/tracker.config.ts';
+export type GitLastCommit = {
+    hash: string;
+    timestamp: string;
+    author: string;
+};
+export type FilesStats = {
+    total: number;
+    source: number;
+    comment: number;
+    single: number;
+    block: number;
+    mixed: number;
+    empty: number;
+    todo: number;
+    blockEmpty: number;
+    [k: string]: number | string | boolean;
+};
+export type CategoryStatsResult = {
+    name: string;
+    totals: FilesStats;
+    errors: string[];
+    fileTypes: string[];
+};
+export type CategorySavedResult = {
+    timestamp: string;
+    hash: string;
+    categories: CategoryStatsResult[];
+};
+export declare const INITIAL_FILES_STATS: FilesStats;
+export declare const getRootDir: (path: string) => string;
+export declare const getConfiguration: (path: string, folderName: string, fileName: string) => TrackerConfig;
+export declare const createTrackerConfig: (rootPath: string, config: TrackerConfig, overwrite?: boolean) => Promise<void>;
+export declare const getFilesFromCategory: (category: TrackerCategoryDefinition, options: {
+    rootDir: string;
+    ignorePatterns?: string[];
+}) => string[];
+export declare const getFileStats: (path: string, options: {
+    rootDir: string;
+}) => {
+    source: number;
+    total: number;
+    comment: number;
+    single: number;
+    block: number;
+    mixed: number;
+    empty: number;
+    todo: number;
+    blockEmpty: number;
+    path: string;
+    fileType: string;
+    error?: undefined;
+} | {
+    path: string;
+    fileType: string;
+    error: boolean;
+};
+export declare const saveResults: (categoriesResult: CategoryStatsResult[], rootDir: string, outputDir: string, git: GitLastCommit) => string;

package/dist/service/tracker.svc.js

@@ -0,0 +1,101 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { writeFile } from 'node:fs/promises';
+import { extname, join, resolve } from 'node:path';
+import { globSync } from 'glob'; // replace with node:fs globSync as soon as v22 is minimum supported version
+import sloc from 'sloc';
+import { DEFAULT_TRACKER_RUN_DATA_FILE } from '../config/constants.js';
+import { TRACKER_ROOT_FILE } from "../config/tracker.config.js";
+export const INITIAL_FILES_STATS = {
+    total: 0,
+    block: 0,
+    blockEmpty: 0,
+    comment: 0,
+    empty: 0,
+    mixed: 0,
+    single: 0,
+    source: 0,
+    todo: 0,
+};
+export const getRootDir = (path) => {
+    if (existsSync(join(path, TRACKER_ROOT_FILE))) {
+        return path;
+    }
+    else if (path === join(path, '..')) {
+        throw new Error(`Couldn't find root directory for the project`);
+    }
+    return getRootDir(resolve(join(path, '..')));
+};
+export const getConfiguration = (path, folderName, fileName) => {
+    const filePath = join(path, folderName, fileName);
+    if (!existsSync(filePath)) {
+        throw new Error(`Couldn't find configuration ${fileName} file in ${path}. If you haven't, run tracker init command to create the configuration file. If you have a custom folder and configuration file, use the flags -d (directory) and -f (filename) to specify it`);
+    }
+    const stringConfiguration = readFileSync(filePath, {
+        encoding: 'utf-8',
+    });
+    try {
+        return JSON.parse(stringConfiguration);
+    }
+    catch (_err) {
+        throw new Error(`A configuration file was found, but it's contents are not valid. Review your configuration file and fix any errors, or run tracker init -o to overwrite the file`);
+    }
+};
+export const createTrackerConfig = async (rootPath, config, overwrite = false) => {
+    const { outputDir } = config;
+    const configDir = join(rootPath, outputDir);
+    const configFile = join(configDir, config.configFile);
+    const doesConfigFileExists = existsSync(configFile);
+    if (!existsSync(configDir)) {
+        mkdirSync(configDir);
+    }
+    if (doesConfigFileExists && !overwrite) {
+        throw new Error(`Configuration file already exists for this repo. If you want to overwrite it, run the command again with the --overwrite flag`);
+    }
+    await writeFile(join(configDir, config.configFile), JSON.stringify(config, null, 2));
+};
+export const getFilesFromCategory = (category, options) => {
+    const { fileTypes, includes } = category;
+    const { rootDir, ignorePatterns } = options;
+    // if no includes folder or no specific file type is set, we ignore the category
+    if (fileTypes.length === 0 || includes.length === 0) {
+        return [];
+    }
+    const patterns = includes.flatMap((include) => fileTypes.map((type) => `*${include.replace('./', '')}/**/*.${type}`));
+    return globSync(patterns, {
+        cwd: rootDir,
+        ignore: ignorePatterns?.map((ignore) => `${ignore}`) ?? [],
+    });
+};
+export const getFileStats = (path, options) => {
+    const fileType = extname(path).replace(/\./g, '');
+    try {
+        const stats = sloc(readFileSync(join(options.rootDir, path), 'utf8'), fileType);
+        return {
+            path,
+            fileType,
+            ...stats,
+        };
+    }
+    catch (_err) {
+        return {
+            path,
+            fileType,
+            error: true,
+        };
+    }
+};
+export const saveResults = (categoriesResult, rootDir, outputDir, git) => {
+    const dataResults = [];
+    const dataFile = join(rootDir, outputDir, DEFAULT_TRACKER_RUN_DATA_FILE);
+    try {
+        const savedOutput = readFileSync(dataFile).toString('utf8');
+        dataResults.push(...JSON.parse(savedOutput));
+    }
+    catch (_err) { }
+    dataResults.push({
+        ...git,
+        categories: categoriesResult,
+    });
+    writeFileSync(dataFile, JSON.stringify(dataResults, null, 2));
+    return `${dataFile}`;
+};

package/dist/types/auth.d.ts

@@ -0,0 +1,9 @@
+export interface TokenResponse {
+    access_token: string;
+    refresh_token?: string;
+    expires_in?: number;
+    refresh_expires_in?: number;
+    token_type?: string;
+    scope?: string;
+    id_token?: string;
+}

package/dist/utils/open-in-browser.d.ts

@@ -0,0 +1 @@
+export declare function openInBrowser(url: string): Promise<void>;

package/dist/utils/open-in-browser.js

@@ -0,0 +1,21 @@
+import { exec } from 'node:child_process';
+import { platform } from 'node:os';
+export function openInBrowser(url) {
+    return new Promise((resolve, reject) => {
+        const escapedUrl = `"${url.replace(/"/g, '\\"')}"`;
+        const command = (() => {
+            const plat = platform();
+            if (plat === 'darwin')
+                return `open ${escapedUrl}`; // macOS
+            if (plat === 'win32')
+                return `start "" ${escapedUrl}`; // Windows
+            return `xdg-open ${escapedUrl}`; // Linux
+        })();
+        exec(command, (err) => {
+            if (err)
+                reject(new Error(`Failed to open browser: ${err.message}`));
+            else
+                resolve();
+        });
+    });
+}

package/dist/utils/retry.d.ts

@@ -0,0 +1,11 @@
+export type RetryOptions = {
+    attempts: number;
+    baseDelayMs: number;
+    onRetry?: (info: {
+        attempt: number;
+        delayMs: number;
+        error: unknown;
+    }) => void;
+    finalErrorMessage?: string;
+};
+export declare function withRetries<T>(operation: string, fn: () => Promise<T>, options: RetryOptions): Promise<T>;

package/dist/utils/retry.js

@@ -0,0 +1,29 @@
+import { debugLogger } from "../service/log.svc.js";
+const sleep = (ms) => new Promise((resolve) => setTimeout(resolve, ms));
+export async function withRetries(operation, fn, options) {
+    const { attempts, baseDelayMs, onRetry, finalErrorMessage } = options;
+    let lastError;
+    for (let attempt = 1; attempt <= attempts; attempt += 1) {
+        try {
+            return await fn();
+        }
+        catch (error) {
+            lastError = error;
+            if (attempt === attempts) {
+                break;
+            }
+            const delayMs = baseDelayMs * attempt;
+            if (onRetry) {
+                onRetry({ attempt, delayMs, error });
+            }
+            else {
+                debugLogger('Retry (%s) attempt %d/%d after %dms: %o', operation, attempt, attempts, delayMs, error);
+            }
+            await sleep(delayMs);
+        }
+    }
+    const message = finalErrorMessage ??
+        (lastError instanceof Error ? lastError.message : null) ??
+        'Please contact support@herodevs.com.';
+    throw new Error(message);
+}

package/dist/utils/strip-typename.d.ts

@@ -0,0 +1 @@
+export declare function stripTypename<T>(obj: T): T;

package/dist/utils/strip-typename.js

@@ -0,0 +1,16 @@
+export function stripTypename(obj) {
+    if (Array.isArray(obj)) {
+        return obj.map(stripTypename);
+    }
+    if (obj !== null && typeof obj === 'object') {
+        const result = {};
+        for (const key of Object.keys(obj)) {
+            if (key === '__typename')
+                continue;
+            const value = obj[key];
+            result[key] = stripTypename(value);
+        }
+        return result;
+    }
+    return obj;
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@herodevs/cli",
-  "version": "2.0.0-beta.8",
+  "version": "2.0.0",
   "author": "HeroDevs, Inc",
   "bin": {
     "hd": "./bin/run.js"
@@ -11,7 +11,7 @@
     "url": "https://github.com/herodevs/cli"
   },
   "homepage": "https://github.com/herodevs/cli",
-  "bugs": "https://github.com/@herodevs/cli/issues",
+  "bugs": "https://github.com/herodevs/cli/issues",
   "scripts": {
     "build": "shx rm -rf dist && tsc -b",
     "ci": "biome ci",
@@ -20,17 +20,21 @@
     "clean:files": "shx rm -f herodevs.**.csv herodevs.**.json herodevs.**.txt",
     "dev": "npm run build && ./bin/dev.js",
     "dev:debug": "npm run build && DEBUG=oclif:* ./bin/dev.js",
+    "dev:auth:local": "OAUTH_CONNECT_URL='http://localhost:6040/realms/herodevs_local/protocol/openid-connect' npm run dev auth login",
+    "dev:auth:logout": "npm run dev auth logout",
     "format": "biome format --write",
     "lint": "biome lint --write",
     "postpack": "shx rm -f oclif.manifest.json",
     "prepare": "shx test -d dist || npm run build",
     "prepack": "oclif manifest",
     "pretest": "npm run lint && npm run typecheck",
-    "readme": "npm run ci:fix && npm run build && npm exec oclif readme",
-    "test": "globstar -- node --import tsx --test --experimental-test-module-mocks \"test/**/*.test.ts\"",
-    "test:e2e": "globstar -- node --import tsx --test \"e2e/**/*.test.ts\"",
+    "readme": "npm run ci:fix && npm run build && oclif readme && sed -i '' 's|/plugin-help/blob/v|/plugin-help/blob/|; s|/plugin-update/blob/v|/plugin-update/blob/|' README.md",
+    "test": "vitest run",
+    "test:watch": "vitest watch",
+    "test:e2e": "globstar -- node --import tsx --import ./e2e/setup/register-mock-auth.mjs --test \"e2e/**/*.test.ts\"",
     "typecheck": "tsc --noEmit",
-    "version": "oclif manifest"
+    "version": "oclif manifest",
+    "postversion": "node scripts/update-install-script-version.js && git add README.md"
   },
   "keywords": [
     "herodevs",
@@ -38,34 +42,49 @@
     "herodevs cli"
   ],
   "dependencies": {
-    "@amplitude/analytics-node": "^1.5.5",
-    "@apollo/client": "^3.13.8",
-    "@cyclonedx/cdxgen": "~11.4.4",
-    "@herodevs/eol-shared": "github:herodevs/eol-shared#v0.1.11",
-    "@oclif/core": "^4.5.2",
+    "@amplitude/analytics-node": "^1.5.26",
+    "@apollo/client": "^4.0.9",
+    "@cyclonedx/cdxgen": "^12.1.1",
+    "@herodevs/eol-shared": "github:herodevs/eol-shared#v0.1.18",
+    "@inquirer/prompts": "^8.0.2",
+    "@oclif/core": "^4.8.0",
     "@oclif/plugin-help": "^6.2.32",
-    "@oclif/plugin-update": "^4.7.4",
+    "@oclif/plugin-update": "^4.7.16",
+    "@oclif/table": "^0.5.1",
+    "cli-progress": "^3.12.0",
+    "conf": "^15.1.0",
+    "date-fns": "^4.1.0",
+    "glob": "^13.0.0",
     "graphql": "^16.11.0",
     "node-machine-id": "^1.1.12",
-    "ora": "^8.2.0",
+    "ora": "^9.0.0",
     "packageurl-js": "^2.0.1",
-    "terminal-link": "^4.0.0",
+    "sloc": "^0.3.2",
+    "terminal-link": "^5.0.0",
     "update-notifier": "^7.3.1"
   },
   "devDependencies": {
-    "@biomejs/biome": "^2.2.2",
-    "@oclif/test": "^4.1.13",
+    "@biomejs/biome": "^2.3.8",
+    "@oclif/test": "^4.1.15",
+    "@types/cli-progress": "^3.11.6",
+    "@types/debug": "^4.1.12",
     "@types/inquirer": "^9.0.9",
-    "@types/node": "^24.3.0",
-    "@types/sinon": "^17.0.4",
+    "@types/mock-fs": "^4.13.4",
+    "@types/node": "^24.10.1",
+    "@types/ora": "^3.1.0",
+    "@types/sinon": "^21.0.0",
+    "@types/sloc": "^0.2.3",
+    "@types/terminal-link": "^1.1.0",
     "@types/update-notifier": "^6.0.8",
     "globstar": "^1.0.0",
-    "oclif": "^4.22.14",
+    "mock-fs": "^5.5.0",
+    "oclif": "^4.22.47",
     "shx": "^0.4.0",
     "sinon": "^21.0.0",
     "ts-node": "^10.9.2",
-    "tsx": "^4.20.5",
-    "typescript": "^5.9.2"
+    "tsx": "^4.21.0",
+    "typescript": "^5.9.3",
+    "vitest": "^4.0.16"
   },
   "engines": {
     "node": ">=20.0.0"
@@ -83,7 +102,6 @@
     "commands": "./dist/commands",
     "plugins": [
       "@oclif/plugin-help",
-      "@oclif/plugin-plugins",
       "@oclif/plugin-update"
     ],
     "hooks": {

package/dist/service/sbom.worker.js

@@ -1,26 +0,0 @@
-import { writeFileSync } from 'node:fs';
-import { join } from 'node:path';
-import { createBom } from '@cyclonedx/cdxgen';
-import { filenamePrefix } from "../config/constants.js";
-import { SBOM_DEFAULT__OPTIONS } from "./cdx.svc.js";
-process.on('uncaughtException', (err) => {
-    console.error('Uncaught exception:', err.message);
-    process.exit(1);
-});
-process.on('unhandledRejection', (reason) => {
-    console.error('Unhandled rejection:', reason);
-    process.exit(1);
-});
-try {
-    console.log('Sbom worker started');
-    const options = JSON.parse(process.argv[2]);
-    const { path, opts } = options;
-    const { bomJson } = await createBom(path, { ...SBOM_DEFAULT__OPTIONS, ...opts });
-    const outputPath = join(path, `${filenamePrefix}.sbom.json`);
-    writeFileSync(outputPath, JSON.stringify(bomJson, null, 2));
-    process.exit(0);
-}
-catch (error) {
-    console.error('Error creating SBOM', error.message);
-    process.exit(1);
-}