npm - @j-schreiber/sf-cli-security-audit - Versions diffs - 0.18.2 → 0.19.1 - Mend

@j-schreiber/sf-cli-security-audit 0.18.2 → 0.19.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

package/lib/libs/audit-engine/registry/shape/auditConfigShape.js CHANGED Viewed

@@ -1,10 +1,15 @@
-import { PermissionsClassificationFileSchema, PermissionSetsClassificationFileSchema, PolicyFileSchema, ProfilesClassificationFileSchema, UserClassificationFileSchema, UserPolicyFileSchema, } from './schema.js';
+import { PermissionsClassificationFileSchema, PermissionSetsClassificationFileSchema, PolicyFileSchema, ProfilesClassificationFileSchema, RoleDefinitionsFileSchema, UserClassificationFileSchema, UserPolicyFileSchema, } from './schema.js';
 /**
  * The shape defines the directory structure and schema files to
  * parse YAML files. It is the foundation to derive the runtime type of
  * the audit config that is used by rules and policies.
  */
 export const BaseAuditConfigShape = {
+    definitions: {
+        files: {
+            roles: { schema: RoleDefinitionsFileSchema },
+        },
+    },
     classifications: {
         files: {
             userPermissions: {

package/lib/libs/audit-engine/registry/shape/auditConfigShape.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auditConfigShape.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/auditConfigShape.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mCAAmC,EACnC,sCAAsC,EACtC,gBAAgB,EAChB,gCAAgC,EAChC,4BAA4B,EAC5B,oBAAoB,GACrB,MAAM,aAAa,CAAC;AAErB;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,eAAe,EAAE;QACf,KAAK,EAAE;YACL,eAAe,EAAE;gBACf,MAAM,EAAE,mCAAmC;gBAC3C,QAAQ,EAAE,aAAa;aACxB;YACD,iBAAiB,EAAE;gBACjB,MAAM,EAAE,mCAAmC;gBAC3C,QAAQ,EAAE,aAAa;aACxB;YACD,QAAQ,EAAE;gBACR,MAAM,EAAE,gCAAgC;gBACxC,QAAQ,EAAE,UAAU;aACrB;YACD,cAAc,EAAE;gBACd,MAAM,EAAE,sCAAsC;gBAC9C,QAAQ,EAAE,gBAAgB;aAC3B;YACD,KAAK,EAAE;gBACL,MAAM,EAAE,4BAA4B;gBACpC,QAAQ,EAAE,OAAO;aAClB;SACF;KACF;IACD,QAAQ,EAAE;QACR,KAAK,EAAE;YACL,QAAQ,EAAE;gBACR,MAAM,EAAE,gBAAgB;gBACxB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,SAAS,EAAE,2CAA2C,EAAE;iBACzG;aACF;YACD,cAAc,EAAE;gBACd,MAAM,EAAE,gBAAgB;gBACxB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,SAAS,EAAE,2CAA2C,EAAE;iBACzG;aACF;YACD,aAAa,EAAE;gBACb,MAAM,EAAE,gBAAgB;aACzB;YACD,KAAK,EAAE;gBACL,MAAM,EAAE,oBAAoB;aAC7B;YACD,QAAQ,EAAE;gBACR,MAAM,EAAE,gBAAgB;aACzB;SACF;KACF;CACF,CAAC"}
1	+ {"version":3,"file":"auditConfigShape.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/auditConfigShape.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mCAAmC,EACnC,sCAAsC,EACtC,gBAAgB,EAChB,gCAAgC,EAChC,yBAAyB,EACzB,4BAA4B,EAC5B,oBAAoB,GACrB,MAAM,aAAa,CAAC;AAErB;;;;GAIG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,WAAW,EAAE;QACX,KAAK,EAAE;YACL,KAAK,EAAE,EAAE,MAAM,EAAE,yBAAyB,EAAE;SAC7C;KACF;IACD,eAAe,EAAE;QACf,KAAK,EAAE;YACL,eAAe,EAAE;gBACf,MAAM,EAAE,mCAAmC;gBAC3C,QAAQ,EAAE,aAAa;aACxB;YACD,iBAAiB,EAAE;gBACjB,MAAM,EAAE,mCAAmC;gBAC3C,QAAQ,EAAE,aAAa;aACxB;YACD,QAAQ,EAAE;gBACR,MAAM,EAAE,gCAAgC;gBACxC,QAAQ,EAAE,UAAU;aACrB;YACD,cAAc,EAAE;gBACd,MAAM,EAAE,sCAAsC;gBAC9C,QAAQ,EAAE,gBAAgB;aAC3B;YACD,KAAK,EAAE;gBACL,MAAM,EAAE,4BAA4B;gBACpC,QAAQ,EAAE,OAAO;aAClB;SACF;KACF;IACD,QAAQ,EAAE;QACR,KAAK,EAAE;YACL,QAAQ,EAAE;gBACR,MAAM,EAAE,gBAAgB;gBACxB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,SAAS,EAAE,2CAA2C,EAAE;iBACzG;aACF;YACD,cAAc,EAAE;gBACd,MAAM,EAAE,gBAAgB;gBACxB,YAAY,EAAE;oBACZ,EAAE,IAAI,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC,EAAE,SAAS,EAAE,2CAA2C,EAAE;iBACzG;aACF;YACD,aAAa,EAAE;gBACb,MAAM,EAAE,gBAAgB;aACzB;YACD,KAAK,EAAE;gBACL,MAAM,EAAE,oBAAoB;aAC7B;YACD,QAAQ,EAAE;gBACR,MAAM,EAAE,gBAAgB;aACzB;SACF;KACF;CACF,CAAC"}

package/lib/libs/audit-engine/registry/shape/schema.d.ts CHANGED Viewed

@@ -38,17 +38,22 @@ declare const PermissionClassifications: z.ZodRecord<z.ZodString, z.ZodObject<{
     classification: z.ZodEnum<typeof PermissionRiskLevel>;
 }, z.z.core.$strip>>;
 declare const PermSetMap: z.ZodRecord<z.ZodString, z.ZodObject<{
-    role: z.ZodEnum<typeof UserPrivilegeLevel>;
+    role: z.ZodString;
 }, z.z.core.$strict>>;
 declare const ProfilesMap: z.ZodRecord<z.ZodString, z.ZodObject<{
-    role: z.ZodEnum<typeof UserPrivilegeLevel>;
+    role: z.ZodString;
     allowedLoginIps: z.ZodOptional<z.ZodArray<z.ZodObject<{
         from: z.ZodString;
         to: z.ZodString;
     }, z.z.core.$strip>>>;
 }, z.z.core.$strict>>;
 declare const UsersMap: z.ZodRecord<z.ZodString, z.ZodObject<{
-    role: z.ZodEnum<typeof UserPrivilegeLevel>;
+    role: z.ZodString;
+}, z.z.core.$strip>>;
+export declare const RoleDefinitionsFileSchema: z.ZodRecord<z.ZodString, z.ZodObject<{
+    allowedClassifications: z.ZodOptional<z.ZodArray<z.ZodEnum<typeof PermissionRiskLevel>>>;
+    allowedPermissions: z.ZodOptional<z.ZodArray<z.ZodString>>;
+    deniedPermissions: z.ZodOptional<z.ZodArray<z.ZodString>>;
 }, z.z.core.$strip>>;
 export declare const PermissionsClassificationFileSchema: z.ZodObject<{
     permissions: z.ZodRecord<z.ZodString, z.ZodObject<{
@@ -59,7 +64,7 @@ export declare const PermissionsClassificationFileSchema: z.ZodObject<{
 }, z.z.core.$strip>;
 export declare const ProfilesClassificationFileSchema: z.ZodObject<{
     profiles: z.ZodRecord<z.ZodString, z.ZodObject<{
-        role: z.ZodEnum<typeof UserPrivilegeLevel>;
+        role: z.ZodString;
         allowedLoginIps: z.ZodOptional<z.ZodArray<z.ZodObject<{
             from: z.ZodString;
             to: z.ZodString;
@@ -68,12 +73,12 @@ export declare const ProfilesClassificationFileSchema: z.ZodObject<{
 }, z.z.core.$strip>;
 export declare const PermissionSetsClassificationFileSchema: z.ZodObject<{
     permissionSets: z.ZodRecord<z.ZodString, z.ZodObject<{
-        role: z.ZodEnum<typeof UserPrivilegeLevel>;
+        role: z.ZodString;
     }, z.z.core.$strict>>;
 }, z.z.core.$strip>;
 export declare const UserClassificationFileSchema: z.ZodObject<{
     users: z.ZodRecord<z.ZodString, z.ZodObject<{
-        role: z.ZodEnum<typeof UserPrivilegeLevel>;
+        role: z.ZodString;
     }, z.z.core.$strip>>;
 }, z.z.core.$strip>;
 export declare const PolicyFileSchema: z.ZodObject<{
@@ -91,7 +96,7 @@ export declare const UserPolicyFileSchema: z.ZodObject<{
         options: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodUnknown>>;
     }, z.z.core.$strip>>>;
     options: z.ZodObject<{
-        defaultRoleForMissingUsers: z.ZodDefault<z.ZodEnum<typeof UserPrivilegeLevel>>;
+        defaultRoleForMissingUsers: z.ZodDefault<z.ZodString>;
         analyseLastNDaysOfLoginHistory: z.ZodOptional<z.ZodNumber>;
     }, z.z.core.$strict>;
 }, z.z.core.$strip>;
@@ -112,4 +117,6 @@ export type UserClassifications = z.infer<typeof UsersMap>;
 export type PolicyConfig = z.infer<typeof PolicyFileSchema>;
 export type UserPolicyConfig = z.infer<typeof UserPolicyFileSchema>;
 export type AcceptedRuleRisks = z.infer<typeof AcceptedRisksSchema>;
+export type RoleDefinitions = z.infer<typeof RoleDefinitionsFileSchema>;
+export type RoledEntityMap = z.infer<typeof PermSetMap>;
 export {};

package/lib/libs/audit-engine/registry/shape/schema.js CHANGED Viewed

@@ -50,19 +50,26 @@ const PolicyRuleConfigSchema = z.object({
 });
 const RuleMapSchema = z.record(z.string(), PolicyRuleConfigSchema);
 const PermSetConfig = z.strictObject({
-    role: z.enum(UserPrivilegeLevel),
+    role: z.string(),
 });
 const ProfileConfig = PermSetConfig.extend({
     allowedLoginIps: z.array(z.object({ from: z.string().regex(IP4RegExp), to: z.string().regex(IP4RegExp) })).optional(),
 });
 const PermSetMap = z.record(z.string(), PermSetConfig);
 const ProfilesMap = z.record(z.string(), ProfileConfig);
-const UserConfig = z.object({ role: z.enum(UserPrivilegeLevel) });
+const UserConfig = z.object({ role: z.string() });
 const UsersMap = z.record(z.string(), UserConfig);
 const UsersPolicyOptions = z.strictObject({
-    defaultRoleForMissingUsers: z.enum(UserPrivilegeLevel).default(UserPrivilegeLevel.STANDARD_USER),
+    defaultRoleForMissingUsers: z.string().default(UserPrivilegeLevel.STANDARD_USER),
     analyseLastNDaysOfLoginHistory: z.number().optional(),
 });
+const RoleDefinition = z.object({
+    allowedClassifications: z.array(z.enum(PermissionRiskLevel)).optional(),
+    allowedPermissions: z.array(z.string()).optional(),
+    deniedPermissions: z.array(z.string()).optional(),
+});
+// Definition File Schemata
+export const RoleDefinitionsFileSchema = z.record(z.string(), RoleDefinition);
 // Classification File Schemata
 export const PermissionsClassificationFileSchema = z.object({
     permissions: PermissionClassifications,

package/lib/libs/audit-engine/registry/shape/schema.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/schema.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,KAAK,CAAC;AAEpB,MAAM,SAAS,GAAG,2CAA2C,CAAC;AAE9D;;GAEG;AACH,MAAM,CAAN,IAAY,mBAaX;AAbD,WAAY,mBAAmB;IAC7B,+EAA+E;IAC/E,0CAAmB,CAAA;IACnB,6DAA6D;IAC7D,4CAAqB,CAAA;IACrB,sEAAsE;IACtE,oCAAa,CAAA;IACb,yDAAyD;IACzD,wCAAiB,CAAA;IACjB,qEAAqE;IACrE,kCAAW,CAAA;IACX,kFAAkF;IAClF,0CAAmB,CAAA;AACrB,CAAC,EAbW,mBAAmB,KAAnB,mBAAmB,QAa9B;AAED;;;GAGG;AACH,MAAM,CAAN,IAAY,kBAWX;AAXD,WAAY,kBAAkB;IAC5B,0CAA0C;IAC1C,6CAAuB,CAAA;IACvB,sCAAsC;IACtC,qCAAe,CAAA;IACf,wCAAwC;IACxC,+CAAyB,CAAA;IACzB,oCAAoC;IACpC,qDAA+B,CAAA;IAC/B,qCAAqC;IACrC,yCAAmB,CAAA;AACrB,CAAC,EAXW,kBAAkB,KAAlB,kBAAkB,QAW7B;AAED,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,eAAe;IACf,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,4DAA4D;IAC5D,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,yCAAyC;IACzC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC;CAC5C,CAAC,CAAC;AAEH,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,kBAAkB,CAAC,CAAC;AAE3E,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACnC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,sBAAsB,CAAC,CAAC;AAEnE,MAAM,aAAa,GAAG,CAAC,CAAC,YAAY,CAAC;IACnC,IAAI,EAAE,CAAC,CAAC,~~IAAI~~,~~CAAC,kBAAkB,CAAC~~;~~CACjC~~,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,aAAa,CAAC,MAAM,CAAC;IACzC,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE;CACtH,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC;AAEvD,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC;AAExD,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,~~IAAI~~,~~CAAC~~,~~kBAAkB,CAAC,~~EAAE,CAAC,CAAC;~~AAElE~~,MAAM,QAAQ,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,UAAU,CAAC,CAAC;AAElD,MAAM,kBAAkB,GAAG,CAAC,CAAC,YAAY,CAAC;IACxC,0BAA0B,EAAE,CAAC,CAAC,~~IAAI~~,CAAC,kBAAkB,CAAC,CAAC,~~OAAO~~,CAAC,kBAAkB,CAAC,~~aAAa~~,CAAC;~~IAChG~~,~~8BAA8B~~,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;~~CACtD~~,CAAC,CAAC;AAEH,+BAA+B;AAE/B,MAAM,CAAC,MAAM,mCAAmC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1D,WAAW,EAAE,yBAAyB;CACvC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gCAAgC,GAAG,CAAC,CAAC,MAAM,CAAC;IACvD,QAAQ,EAAE,WAAW;CACtB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,sCAAsC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7D,cAAc,EAAE,UAAU;CAC3B,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IACnD,KAAK,EAAE,QAAQ;CAChB,CAAC,CAAC;AAEH,uBAAuB;AAEvB,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAClC,KAAK,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;IAChC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,MAAM,CAAC;IAC1D,OAAO,EAAE,kBAAkB;CAC5B,CAAC,CAAC;AAUH,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAE3D;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAA+B,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CACzE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAC,CAAC,CACxE,CAAC"}
1	+ {"version":3,"file":"schema.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/schema.ts"],"names":[],"mappings":"AAAA,OAAO,CAAC,MAAM,KAAK,CAAC;AAEpB,MAAM,SAAS,GAAG,2CAA2C,CAAC;AAE9D;;GAEG;AACH,MAAM,CAAN,IAAY,mBAaX;AAbD,WAAY,mBAAmB;IAC7B,+EAA+E;IAC/E,0CAAmB,CAAA;IACnB,6DAA6D;IAC7D,4CAAqB,CAAA;IACrB,sEAAsE;IACtE,oCAAa,CAAA;IACb,yDAAyD;IACzD,wCAAiB,CAAA;IACjB,qEAAqE;IACrE,kCAAW,CAAA;IACX,kFAAkF;IAClF,0CAAmB,CAAA;AACrB,CAAC,EAbW,mBAAmB,KAAnB,mBAAmB,QAa9B;AAED;;;GAGG;AACH,MAAM,CAAN,IAAY,kBAWX;AAXD,WAAY,kBAAkB;IAC5B,0CAA0C;IAC1C,6CAAuB,CAAA;IACvB,sCAAsC;IACtC,qCAAe,CAAA;IACf,wCAAwC;IACxC,+CAAyB,CAAA;IACzB,oCAAoC;IACpC,qDAA+B,CAAA;IAC/B,qCAAqC;IACrC,yCAAmB,CAAA;AACrB,CAAC,EAXW,kBAAkB,KAAlB,kBAAkB,QAW7B;AAED,MAAM,kBAAkB,GAAG,CAAC,CAAC,MAAM,CAAC;IAClC,eAAe;IACf,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,4DAA4D;IAC5D,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC7B,yCAAyC;IACzC,cAAc,EAAE,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC;CAC5C,CAAC,CAAC;AAEH,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,kBAAkB,CAAC,CAAC;AAE3E,MAAM,sBAAsB,GAAG,CAAC,CAAC,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;IACnC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,sBAAsB,CAAC,CAAC;AAEnE,MAAM,aAAa,GAAG,CAAC,CAAC,YAAY,CAAC;IACnC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;CACjB,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,aAAa,CAAC,MAAM,CAAC;IACzC,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE;CACtH,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC;AAEvD,MAAM,WAAW,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC;AAExD,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAElD,MAAM,QAAQ,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,UAAU,CAAC,CAAC;AAElD,MAAM,kBAAkB,GAAG,CAAC,CAAC,YAAY,CAAC;IACxC,0BAA0B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,OAAO,CAAC,kBAAkB,CAAC,aAAa,CAAC;IAChF,8BAA8B,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEH,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IAC9B,sBAAsB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC,QAAQ,EAAE;IACvE,kBAAkB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IAClD,iBAAiB,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;CAClD,CAAC,CAAC;AAEH,2BAA2B;AAE3B,MAAM,CAAC,MAAM,yBAAyB,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,cAAc,CAAC,CAAC;AAE9E,+BAA+B;AAE/B,MAAM,CAAC,MAAM,mCAAmC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC1D,WAAW,EAAE,yBAAyB;CACvC,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,gCAAgC,GAAG,CAAC,CAAC,MAAM,CAAC;IACvD,QAAQ,EAAE,WAAW;CACtB,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,sCAAsC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7D,cAAc,EAAE,UAAU;CAC3B,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,CAAC,MAAM,CAAC;IACnD,KAAK,EAAE,QAAQ;CAChB,CAAC,CAAC;AAEH,uBAAuB;AAEvB,MAAM,CAAC,MAAM,gBAAgB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC;IAClC,KAAK,EAAE,aAAa,CAAC,OAAO,CAAC,EAAE,CAAC;IAChC,OAAO,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,EAAE;CACtD,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,MAAM,CAAC;IAC1D,OAAO,EAAE,kBAAkB;CAC5B,CAAC,CAAC;AAUH,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;AAE3D;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAA+B,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CACzE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,iBAAiB,EAAE,mBAAmB,CAAC,CAAC,CAAC,CACxE,CAAC"}

package/lib/libs/audit-engine/registry/shape/shapeValidation.d.ts ADDED Viewed

@@ -0,0 +1,3 @@
+import { ExtractAuditConfigTypes, RefineError } from '../../file-manager/fileManager.types.js';
+import { BaseAuditConfigShape } from './auditConfigShape.js';
+export declare const validator: (parseResult: ExtractAuditConfigTypes<typeof BaseAuditConfigShape>) => RefineError[];

package/lib/libs/audit-engine/registry/shape/shapeValidation.js ADDED Viewed

@@ -0,0 +1,37 @@
+import { Messages } from '@salesforce/core';
+Messages.importMessagesDirectoryFromMetaUrl(import.meta.url);
+const messages = Messages.loadMessages('@j-schreiber/sf-cli-security-audit', 'auditShapeValidation');
+export const validator = (parseResult) => {
+    const errors = [];
+    if (parseResult.definitions.roles) {
+        if (parseResult.classifications.profiles) {
+            errors.push(...validateRoledEntity(parseResult.definitions.roles, parseResult.classifications.profiles.profiles, 'profiles'));
+        }
+        if (parseResult.classifications.permissionSets) {
+            errors.push(...validateRoledEntity(parseResult.definitions.roles, parseResult.classifications.permissionSets.permissionSets, 'permissionSets'));
+        }
+        if (parseResult.classifications.users) {
+            errors.push(...validateRoledEntity(parseResult.definitions.roles, parseResult.classifications.users.users, 'users'));
+        }
+    }
+    if (!parseResult.policies || Object.keys(parseResult.policies).length === 0) {
+        errors.push({
+            message: messages.getMessage('NoAuditConfigFound'),
+            path: ['policies'],
+        });
+    }
+    return errors;
+};
+function validateRoledEntity(roles, entries, entityName) {
+    const errors = [];
+    for (const [identifier, entity] of Object.entries(entries)) {
+        if (!roles[entity.role]) {
+            errors.push({
+                message: messages.getMessage('RoleNotInDefinition', [entity.role]),
+                path: [entityName, identifier],
+            });
+        }
+    }
+    return errors;
+}
+//# sourceMappingURL=shapeValidation.js.map

package/lib/libs/audit-engine/registry/shape/shapeValidation.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"shapeValidation.js","sourceRoot":"","sources":["../../../../../src/libs/audit-engine/registry/shape/shapeValidation.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAK5C,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,sBAAsB,CAAC,CAAC;AAErG,MAAM,CAAC,MAAM,SAAS,GAAG,CAAC,WAAiE,EAAiB,EAAE;IAC5G,MAAM,MAAM,GAAkB,EAAE,CAAC;IACjC,IAAI,WAAW,CAAC,WAAW,CAAC,KAAK,EAAE,CAAC;QAClC,IAAI,WAAW,CAAC,eAAe,CAAC,QAAQ,EAAE,CAAC;YACzC,MAAM,CAAC,IAAI,CACT,GAAG,mBAAmB,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,eAAe,CAAC,QAAQ,CAAC,QAAQ,EAAE,UAAU,CAAC,CACjH,CAAC;QACJ,CAAC;QACD,IAAI,WAAW,CAAC,eAAe,CAAC,cAAc,EAAE,CAAC;YAC/C,MAAM,CAAC,IAAI,CACT,GAAG,mBAAmB,CACpB,WAAW,CAAC,WAAW,CAAC,KAAK,EAC7B,WAAW,CAAC,eAAe,CAAC,cAAc,CAAC,cAAc,EACzD,gBAAgB,CACjB,CACF,CAAC;QACJ,CAAC;QACD,IAAI,WAAW,CAAC,eAAe,CAAC,KAAK,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CACT,GAAG,mBAAmB,CAAC,WAAW,CAAC,WAAW,CAAC,KAAK,EAAE,WAAW,CAAC,eAAe,CAAC,KAAK,CAAC,KAAK,EAAE,OAAO,CAAC,CACxG,CAAC;QACJ,CAAC;IACH,CAAC;IACD,IAAI,CAAC,WAAW,CAAC,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5E,MAAM,CAAC,IAAI,CAAC;YACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,oBAAoB,CAAC;YAClD,IAAI,EAAE,CAAC,UAAU,CAAC;SACnB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC,CAAC;AAEF,SAAS,mBAAmB,CAAC,KAAsB,EAAE,OAAuB,EAAE,UAAkB;IAC9F,MAAM,MAAM,GAAkB,EAAE,CAAC;IACjC,KAAK,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3D,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACxB,MAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,qBAAqB,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;gBAClE,IAAI,EAAE,CAAC,UAAU,EAAE,UAAU,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}

package/lib/libs/conf-init/auditConfig.js CHANGED Viewed

@@ -13,7 +13,7 @@ export default class AuditConfig {
      * @param con
      */
     static async init(targetCon, opts) {
-        const conf = { classifications: {}, policies: {}, acceptedRisks: {} };
+        const conf = { classifications: {}, policies: {}, acceptedRisks: {}, definitions: {} };
         for (const [className, classInitDef] of Object.entries(ClassificationInitDefinitions)) {
             // eslint-disable-next-line no-await-in-loop
             const defaultClassification = await classInitDef.initialiser(targetCon, opts?.preset);

package/lib/libs/conf-init/auditConfig.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"auditConfig.js","sourceRoot":"","sources":["../../../src/libs/conf-init/auditConfig.ts"],"names":[],"mappings":"AAGA,OAAO,EAGL,YAAY,EAGZ,iBAAiB,GAClB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAAE,6BAA6B,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AAYhE;;;GAGG;AACH,MAAM,CAAC,OAAO,OAAO,WAAW;IAC9B;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAqB,EAAE,IAAuB;QACrE,MAAM,IAAI,GAAmB,EAAE,eAAe,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC;~~QACtF~~,KAAK,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,6BAA6B,CAAC,EAAE,CAAC;YACtF,4CAA4C;YAC5C,MAAM,qBAAqB,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YACtF,IAAI,qBAAqB,EAAE,CAAC;gBAC1B,IAAI,CAAC,eAAe,CAAC,SAA4B,CAAC,GAAG,qBAA4B,CAAC;YACpF,CAAC;QACH,CAAC;QACD,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACxD,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAsB,CAAC,CAAC;YACxD,IAAI,CAAC,QAAQ,CAAC,UAAsB,CAAC,GAAG,MAAa,CAAC;QACxD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,MAAM,UAAU,gBAAgB,CAAqB,UAAa;IAChE,MAAM,GAAG,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAiB,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IAC3D,KAAK,MAAM,SAAS,IAAI,QAAQ,CAAC,eAAe,EAAE,EAAE,CAAC;QACnD,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG;YACzB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IACD,IAAI,wBAAwB,CAAC,UAAU,CAAC,EAAE,CAAC;QACzC,OAAO,EAAE,GAAG,OAAO,EAAE,GAAG,wBAAwB,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;IACnE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}
1	+ {"version":3,"file":"auditConfig.js","sourceRoot":"","sources":["../../../src/libs/conf-init/auditConfig.ts"],"names":[],"mappings":"AAGA,OAAO,EAGL,YAAY,EAGZ,iBAAiB,GAClB,MAAM,0BAA0B,CAAC;AAElC,OAAO,EAAE,6BAA6B,EAAE,MAAM,6BAA6B,CAAC;AAC5E,OAAO,EAAE,wBAAwB,EAAE,MAAM,sBAAsB,CAAC;AAYhE;;;GAGG;AACH,MAAM,CAAC,OAAO,OAAO,WAAW;IAC9B;;;;;OAKG;IACI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAqB,EAAE,IAAuB;QACrE,MAAM,IAAI,GAAmB,EAAE,eAAe,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC;QACvG,KAAK,MAAM,CAAC,SAAS,EAAE,YAAY,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,6BAA6B,CAAC,EAAE,CAAC;YACtF,4CAA4C;YAC5C,MAAM,qBAAqB,GAAG,MAAM,YAAY,CAAC,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;YACtF,IAAI,qBAAqB,EAAE,CAAC;gBAC1B,IAAI,CAAC,eAAe,CAAC,SAA4B,CAAC,GAAG,qBAA4B,CAAC;YACpF,CAAC;QACH,CAAC;QACD,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACxD,MAAM,MAAM,GAAG,gBAAgB,CAAC,UAAsB,CAAC,CAAC;YACxD,IAAI,CAAC,QAAQ,CAAC,UAAsB,CAAC,GAAG,MAAa,CAAC;QACxD,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,MAAM,UAAU,gBAAgB,CAAqB,UAAa;IAChE,MAAM,GAAG,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,OAAO,GAAiB,EAAE,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;IAC3D,KAAK,MAAM,SAAS,IAAI,QAAQ,CAAC,eAAe,EAAE,EAAE,CAAC;QACnD,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,GAAG;YACzB,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IACD,IAAI,wBAAwB,CAAC,UAAU,CAAC,EAAE,CAAC;QACzC,OAAO,EAAE,GAAG,OAAO,EAAE,GAAG,wBAAwB,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC;IACnE,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/lib/salesforce/repositories/connected-apps/connected-apps.js CHANGED Viewed

@@ -70,16 +70,17 @@ export default class ConnectedApps extends EventEmitter {
         return apps;
     }
     async setOverrideByApiAccess(apps) {
+        const nonExternalClientApps = apps.filter((app) => app.type !== 'ExternalClientApp');
         this.emit('entityresolve', {
             total: apps.length,
-            resolved: apps.filter((app) => app.type !== 'ConnectedApp').length,
+            resolved: apps.length - nonExternalClientApps.length,
         });
         let overrideByApiSecurityAccess = false;
         const apiSecurityAccessSetting = await this.mdapi.resolveSingleton('ConnectedAppSettings');
         if (apiSecurityAccessSetting?.enableAdminApprovedAppsOnly) {
             overrideByApiSecurityAccess = true;
         }
-        for (const app of apps.filter((a) => a.type === 'ConnectedApp')) {
+        for (const app of nonExternalClientApps) {
             app.overrideByApiSecurityAccess = overrideByApiSecurityAccess;
         }
     }

package/lib/salesforce/repositories/connected-apps/connected-apps.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"connected-apps.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/connected-apps/connected-apps.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;AAEvC,OAAO,KAAK,MAAM,sBAAsB,CAAC;AACzC,OAAO,EAGL,wBAAwB,GAIzB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,oBAAoB,EAAE,0BAA0B,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AAC5G,OAAO,WAAW,MAAM,mBAAmB,CAAC;AAQ5C,MAAM,CAAC,OAAO,OAAO,aAAc,SAAQ,YAAY;IAIjB;IAHnB,KAAK,CAAQ;IACb,cAAc,CAAc;IAE7C,YAAoC,GAAe;QACjD,KAAK,EAAE,CAAC;QAD0B,QAAG,GAAH,GAAG,CAAY;QAEjD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,cAAc,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAClD,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,OAAO,CAAC,IAAkC;QACrD,MAAM,cAAc,GAAG,wBAAwB,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,CAAC;YACR,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,cAAc,CAAC,cAAc,EAAE,CAAC;YAClC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;YAC7D,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;gBACtC,MAAM,MAAM,GACV,OAAO,CAAC,WAAW,EAAE,aAAa,IAAI,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC;oBACnF,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC;oBACjD,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBAChC,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;oBACpC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAClD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAC3C,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;wBACxB,IAAI,EAAE,OAAO,CAAC,OAAO;wBACrB,MAAM,EAAE,YAAY;wBACpB,IAAI,EAAE,SAAS;wBACf,6BAA6B,EAAE,KAAK;wBACpC,2BAA2B,EAAE,KAAK;wBAClC,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,KAAK,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;qBAC/B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;gBACzB,KAAK,EAAE,IAAI,CAAC,IAAI;gBAChB,QAAQ,EAAE,CAAC;aACZ,CAAC,CAAC;QACL,CAAC;QACD,MAAM,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC7D,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,QAAQ,EAAE,IAAI,CAAC,IAAI;SACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAAC,IAAoB;QACvD,IAAI,CAAC,~~IAAI~~,CAAC,~~eAAe~~,EAAE~~;YACzB~~,~~KAAK,~~EAAE,~~IAAI~~,CAAC,~~MAAM;YAClB~~,~~QAAQ~~,~~EAAE~~,~~IAAI~~,CAAC,~~MAAM~~,CAAC,CAAC,~~GAAG~~,EAAE,EAAE,CAAC,~~GAAG~~,~~CAAC~~,IAAI,~~KAAK~~,~~cAAc~~,~~CAAC~~,CAAC,MAAM;~~SACnE~~,CAAC,CAAC;QACH,IAAI,2BAA2B,GAAG,KAAK,CAAC;QACxC,MAAM,wBAAwB,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC;QAC3F,IAAI,wBAAwB,EAAE,2BAA2B,EAAE,CAAC;YAC1D,2BAA2B,GAAG,IAAI,CAAC;QACrC,CAAC;QACD,KAAK,MAAM,GAAG,IAAI,~~IAAI~~,~~CAAC,MAAM,CAAC,CAAC,CAAC,~~EAAE,~~EAAE,~~CAAC~~,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,EAAE,CAAC~~;~~YAChE~~,GAAG,CAAC,2BAA2B,GAAG,2BAA2B,CAAC;QAChE,CAAC;IACH,CAAC;CACF;AAED,KAAK,UAAU,qBAAqB,CAAC,GAAe;IAClD,MAAM,cAAc,GAAG;QACrB,GAAG,CAAC,KAAK,CAAiB,oBAAoB,CAAC;QAC/C,GAAG,CAAC,KAAK,CAAsB,0BAA0B,CAAC;QAC1D,GAAG,CAAC,KAAK,CAA2B,0BAA0B,CAAC;KAChE,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAClD,OAAO;QACL,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAA2B;QACrD,kBAAkB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAAgC;QAC/D,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAAqC;KAC3E,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAoB;IAC5C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC7C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE;YACtB,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,MAAM,EAAE,WAAW;YACnB,IAAI,EAAE,cAAc;YACpB,6BAA6B,EAAE,QAAQ,CAAC,kCAAkC;YAC1E,2BAA2B,EAAE,KAAK;YAClC,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,EAAE;SACV,CAAC,CAAC;IACL,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAoC,CAAC;IAC7D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,wBAAwB,EAAE,CAAC;QAClD,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;IACrD,CAAC;IACD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QACjD,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE;YAC7B,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,IAAI,EAAE,QAAQ,CAAC,WAAW;YAC1B,MAAM,EAAE,QAAQ,CAAC,iBAAiB,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW;YACtE,IAAI,EAAE,mBAAmB;YACzB,6BAA6B,EAC3B,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,wBAAwB,KAAK,4BAA4B;YACtF,2BAA2B,EAAE,KAAK;YAClC,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,EAAE;SACV,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,eAAe,CAAC,IAA+B;IACtD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC7C,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;YACX,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
1	+ {"version":3,"file":"connected-apps.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/connected-apps/connected-apps.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;AAEvC,OAAO,KAAK,MAAM,sBAAsB,CAAC;AACzC,OAAO,EAGL,wBAAwB,GAIzB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EAAE,oBAAoB,EAAE,0BAA0B,EAAE,0BAA0B,EAAE,MAAM,cAAc,CAAC;AAC5G,OAAO,WAAW,MAAM,mBAAmB,CAAC;AAQ5C,MAAM,CAAC,OAAO,OAAO,aAAc,SAAQ,YAAY;IAIjB;IAHnB,KAAK,CAAQ;IACb,cAAc,CAAc;IAE7C,YAAoC,GAAe;QACjD,KAAK,EAAE,CAAC;QAD0B,QAAG,GAAH,GAAG,CAAY;QAEjD,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,cAAc,GAAG,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAClD,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,OAAO,CAAC,IAAkC;QACrD,MAAM,cAAc,GAAG,wBAAwB,CAAC,KAAK,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,CAAC;YACR,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,cAAc,CAAC,cAAc,EAAE,CAAC;YAClC,MAAM,eAAe,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;YAC7D,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;gBACtC,MAAM,MAAM,GACV,OAAO,CAAC,WAAW,EAAE,aAAa,IAAI,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC;oBACnF,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,aAAa,CAAC;oBACjD,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;gBAChC,IAAI,MAAM,EAAE,CAAC;oBACX,MAAM,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,CAAC;oBACpC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;wBAClD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBAC3C,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE;wBACxB,IAAI,EAAE,OAAO,CAAC,OAAO;wBACrB,MAAM,EAAE,YAAY;wBACpB,IAAI,EAAE,SAAS;wBACf,6BAA6B,EAAE,KAAK;wBACpC,2BAA2B,EAAE,KAAK;wBAClC,QAAQ,EAAE,OAAO,CAAC,QAAQ;wBAC1B,KAAK,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC;qBAC/B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YACD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;gBACzB,KAAK,EAAE,IAAI,CAAC,IAAI;gBAChB,QAAQ,EAAE,CAAC;aACZ,CAAC,CAAC;QACL,CAAC;QACD,MAAM,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC7D,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,QAAQ,EAAE,IAAI,CAAC,IAAI;SACpB,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;IAEO,KAAK,CAAC,sBAAsB,CAAC,IAAoB;QACvD,MAAM,qBAAqB,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,KAAK,mBAAmB,CAAC,CAAC;QACrF,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,MAAM;YAClB,QAAQ,EAAE,IAAI,CAAC,MAAM,GAAG,qBAAqB,CAAC,MAAM;SACrD,CAAC,CAAC;QACH,IAAI,2BAA2B,GAAG,KAAK,CAAC;QACxC,MAAM,wBAAwB,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC;QAC3F,IAAI,wBAAwB,EAAE,2BAA2B,EAAE,CAAC;YAC1D,2BAA2B,GAAG,IAAI,CAAC;QACrC,CAAC;QACD,KAAK,MAAM,GAAG,IAAI,qBAAqB,EAAE,CAAC;YACxC,GAAG,CAAC,2BAA2B,GAAG,2BAA2B,CAAC;QAChE,CAAC;IACH,CAAC;CACF;AAED,KAAK,UAAU,qBAAqB,CAAC,GAAe;IAClD,MAAM,cAAc,GAAG;QACrB,GAAG,CAAC,KAAK,CAAiB,oBAAoB,CAAC;QAC/C,GAAG,CAAC,KAAK,CAAsB,0BAA0B,CAAC;QAC1D,GAAG,CAAC,KAAK,CAA2B,0BAA0B,CAAC;KAChE,CAAC;IACF,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAClD,OAAO;QACL,aAAa,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAA2B;QACrD,kBAAkB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAAgC;QAC/D,wBAAwB,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,OAAqC;KAC3E,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAoB;IAC5C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC7C,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,aAAa,EAAE,CAAC;QAC5C,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE;YACtB,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,MAAM,EAAE,WAAW;YACnB,IAAI,EAAE,cAAc;YACpB,6BAA6B,EAAE,QAAQ,CAAC,kCAAkC;YAC1E,2BAA2B,EAAE,KAAK;YAClC,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,EAAE;SACV,CAAC,CAAC;IACL,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAoC,CAAC;IAC7D,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,wBAAwB,EAAE,CAAC;QAClD,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,2BAA2B,EAAE,GAAG,CAAC,CAAC;IACrD,CAAC;IACD,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,kBAAkB,EAAE,CAAC;QACjD,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE;YAC7B,EAAE,EAAE,QAAQ,CAAC,EAAE;YACf,IAAI,EAAE,QAAQ,CAAC,WAAW;YAC1B,MAAM,EAAE,QAAQ,CAAC,iBAAiB,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW;YACtE,IAAI,EAAE,mBAAmB;YACzB,6BAA6B,EAC3B,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,wBAAwB,KAAK,4BAA4B;YACtF,2BAA2B,EAAE,KAAK;YAClC,QAAQ,EAAE,CAAC;YACX,KAAK,EAAE,EAAE;SACV,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,eAAe,CAAC,IAA+B;IACtD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAwB,CAAC;IAC7C,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC;YACX,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}

package/lib/salesforce/repositories/users/queries.d.ts CHANGED Viewed

@@ -1,5 +1,4 @@
 export declare const USERS_QUERY: string;
-export declare const buildPermsetAssignmentsQuery: (userIds: string[]) => string;
 /**
  * Builds aggregate query for login history. Query is expected to
  * throw an exception, if too many rows are returned. The chunking

package/lib/salesforce/repositories/users/queries.js CHANGED Viewed

@@ -1,7 +1,5 @@
 import { joinToSoqlIN } from '../../utils.js';
 export const USERS_QUERY = buildUsersQuery();
-// DYNAMIC QUERIES
-export const buildPermsetAssignmentsQuery = (userIds) => `${USERS_PERMSET_ASSIGNMENTS_QUERY} AND AssigneeId IN (${userIds.map((userId) => `'${userId}'`).join(',')})`;
 /**
  * Builds aggregate query for login history. Query is expected to
  * throw an exception, if too many rows are returned. The chunking
@@ -32,5 +30,4 @@ function buildUsersQuery() {
 }
 // BASE QUERIES
 const USERS_LOGIN_HISTORY_QUERY = 'SELECT LoginType,Application,UserId,COUNT(Id)LoginCount,MAX(LoginTime)LastLogin FROM LoginHistory';
-const USERS_PERMSET_ASSIGNMENTS_QUERY = 'SELECT AssigneeId,PermissionSet.Name FROM PermissionSetAssignment WHERE PermissionSet.IsOwnedByProfile = FALSE AND PermissionSet.NamespacePrefix = NULL';
 //# sourceMappingURL=queries.js.map

package/lib/salesforce/repositories/users/queries.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"queries.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/users/queries.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,EAAE,CAAC;AAE7C~~,kBAAkB;AAClB,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,OAAiB,EAAU,EAAE,CACxE,GAAG,+BAA+B,uBAAuB,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,IAAI,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;AAE/G~~;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,OAAiB,EAAE,cAAuB,EAAU,EAAE;IACjG,MAAM,OAAO,GAAG,8BAA8B,CAAC;IAC/C,MAAM,KAAK,GAAG,cAAc;QAC1B,CAAC,CAAC,cAAc,YAAY,CAAC,OAAO,CAAC,kCAAkC,cAAc,EAAE;QACvF,CAAC,CAAC,cAAc,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC;IAC3C,OAAO,GAAG,yBAAyB,UAAU,KAAK,aAAa,OAAO,EAAE,CAAC;AAC3E,CAAC,CAAC;AAEF,SAAS,eAAe;IACtB,MAAM,aAAa,GAAG;QACpB,IAAI;QACJ,UAAU;QACV,cAAc;QACd,aAAa;QACb,eAAe;QACf,UAAU;QACV,iJAAiJ;KAClJ,CAAC;IACF,OAAO,UAAU,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,2CAA2C,CAAC;AACtF,CAAC;AAED,eAAe;AACf,MAAM,yBAAyB,GAC7B,mGAAmG,CAAC~~;AACtG,MAAM,+BAA+B,GACnC,yJAAyJ,CAAC~~"}
1	+ {"version":3,"file":"queries.js","sourceRoot":"","sources":["../../../../src/salesforce/repositories/users/queries.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAE9C,MAAM,CAAC,MAAM,WAAW,GAAG,eAAe,EAAE,CAAC;AAE7C;;;;;;;;GAQG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAG,CAAC,OAAiB,EAAE,cAAuB,EAAU,EAAE;IACjG,MAAM,OAAO,GAAG,8BAA8B,CAAC;IAC/C,MAAM,KAAK,GAAG,cAAc;QAC1B,CAAC,CAAC,cAAc,YAAY,CAAC,OAAO,CAAC,kCAAkC,cAAc,EAAE;QACvF,CAAC,CAAC,cAAc,YAAY,CAAC,OAAO,CAAC,GAAG,CAAC;IAC3C,OAAO,GAAG,yBAAyB,UAAU,KAAK,aAAa,OAAO,EAAE,CAAC;AAC3E,CAAC,CAAC;AAEF,SAAS,eAAe;IACtB,MAAM,aAAa,GAAG;QACpB,IAAI;QACJ,UAAU;QACV,cAAc;QACd,aAAa;QACb,eAAe;QACf,UAAU;QACV,iJAAiJ;KAClJ,CAAC;IACF,OAAO,UAAU,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,2CAA2C,CAAC;AACtF,CAAC;AAED,eAAe;AACf,MAAM,yBAAyB,GAC7B,mGAAmG,CAAC"}

package/messages/auditShapeValidation.md ADDED Viewed

@@ -0,0 +1,11 @@
+# RoleNotInDefinition
+%s is not a valid role for audit config.
+# FailedToParseAuditConfig
+Failed to parse audit config at location %s: %s (%s).
+# NoAuditConfigFound
+Directory is empty or no valid audit config was found. A valid audit config must contain at least one policy.

package/messages/org.audit.run.md CHANGED Viewed

@@ -52,10 +52,6 @@ Audit config has %s accepted risks documented. %s violations were muted.
 Full report was written to: %s.
-# NoAuditConfigFound
-The target directory %s is empty or no valid audit config was found. A valid audit config must contain at least one policy.
 # UserPermClassificationRequiredForProfiles
 The "Profiles" policy requires at least userPermissions to be initialised, but none were found at the target directory.
@@ -76,6 +72,10 @@ Failed to parse %s: %s.
 Verify that your config matches the expected schema.
+# error.FailedToValidateAuditConfig
+Failed to validate audit config at location %s: Error "%s" at %s.
 # info.RemovedViolationRows
 %s out of %s violations shown. See report for full results or use --verbose flag.

package/messages/rules.enforceClassificationPresets.md CHANGED Viewed

@@ -1,3 +1,11 @@
+# DuplicateRoleAfterNormalization
+Duplicate role identifier after normalization found: %s was already defined, %s will be ignored.
+# TriedToAccessRoleThatDoesNotExist
+Tried to access a role that does not exist: %s.
 # violations.classification-preset-mismatch
 Permission is classified as "%s" and not allowed in role "%s".
@@ -21,3 +29,7 @@ Profile assigns the permission, but it was not found in classification. Refresh
 # warnings.permission-not-classified-in-permission-set
 PermissionSet assigns the permission, but it was not found in classification. Refresh or add manually.
+# error.failed-to-resolve-role
+The assigned role "%s" was not valid for this audit. Check your role definitions.

package/messages/rules.users.md CHANGED Viewed

@@ -14,6 +14,10 @@ User was created %s (%s days ago), but never logged in.
 %s is used, but classified as UNKNOWN. Cannot audit user role.
+# violations.invalid-entity-role
+%s is classified with invalid role "%s". Cannot audit user role.
 # violations.entity-not-classified-but-used
 %s is used, but not classified in %ss policy.

package/oclif.manifest.json CHANGED Viewed

@@ -278,5 +278,5 @@
       ]
     }
   },
-  "version": "0.18.2"
+  "version": "0.19.1"
 }

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@j-schreiber/sf-cli-security-audit",
   "description": "Salesforce CLI plugin to automate highly configurable security audits",
-  "version": "0.18.2",
+  "version": "0.19.1",
   "repository": {
     "type": "git",
     "url": "git+https://github.com/j-schreiber/js-sf-cli-security-audit"
@@ -92,6 +92,7 @@
     "test:nuts": "nyc mocha \"**/*.nut.ts\" --slow 4500 --timeout 600000 --parallel",
     "test:api:nuts": "nyc mocha \"**/salesforce-apis.nut.ts\" --slow 4500 --timeout 600000 --parallel",
     "debug:nuts": "yarn build && nyc mocha \"**/*.nut.ts\" --slow 4500 --timeout 600000 --inspect-brk",
+    "debug:audit-run:nuts": "yarn build && nyc mocha \"**/org.audit.nut.ts\" --slow 4500 --timeout 600000 --inspect-brk",
     "debug:api:nuts": "yarn build && nyc mocha \"**/salesforce-apis.nut.ts\" --slow 4500 --timeout 600000 --inspect-brk",
     "test:only": "wireit",
     "readme": "wireit",