@j-schreiber/sf-cli-security-audit 0.6.0 → 0.7.1

package/messages/org.audit.run.md

@@ -1,10 +1,10 @@
 # summary
 
-Audit your org.
+Audit your org with an existing config.
 
 # description
 
-Loads a given audit config (a set of classifications and policies) and runs the policies against the target org. The audit run creates a comprehensive report that lists all executed policies and all resolved entities that were audited.
+Loads an existing audit config from the source directory and audits the target org. The audit run always creates a comprehensive report in JSON format.
 
 # flags.target-org.summary
 
@@ -12,7 +12,7 @@ The org that is audited.
 
 # flags.source-dir.summary
 
-Location of the audit config.
+Source directory of the audit config to run.
 
 # flags.source-dir.description
 
@@ -47,3 +47,11 @@ The "Profiles" policy requires at least userPermissions to be initialised, but n
 # UserPermClassificationRequiredForPermSets
 
 The "Permission Sets" policy requires at least userPermissions to be initialised, but none were found at the target directory.
+
+# error.InvalidConfigFileSchema
+
+Failed to parse %s: %s.
+
+# error.InvalidConfigFileSchema.actions
+
+Verify that your config matches the expected schema.

package/messages/org.scan.user-perms.md

@@ -1,18 +1,18 @@
 # summary
 
-Performs a quick scan to check permission sets and profiles for user permissions.
+Performs a quick scan for specific user permissions.
 
 # description
 
-The quick scan does not need an audit config and does not create reports. The target org is scanned "in memory" and simply outputs information, where the searched user permissions
+The target org is scanned "in memory" and searches Profiles and Permission Sets for the named user permissions. This command does not need an audit config and does not create a report file.
 
 # flags.name.summary
 
-One or more permissions to be scanned.
+One or more permissions to be searched for.
 
 # flags.name.description
 
-You can specify any valid user permission on your org, such as "AuthorApex", "CustomizeApplication" or "ViewSetup". If you are unsure what permissions are available on your org, initialise a new audit config and check the created userPermissions.yml.
+You can specify any valid user permission on your org, such as "AuthorApex", "CustomizeApplication" or "ViewSetup". If you are unsure what permissions are available on your org, initialise a new audit config and check the created userPermissions.yml. Currently, the names are not validated: If you have a typo (such as "AutorApex", the scan will retun 0 results).
 
 # flags.target-org.summary
 
@@ -20,12 +20,10 @@ The target org to scan.
 
 # examples
 
-- <%= config.bin %> <%= command.id %>
+- Search for multiple permissions on MyTargetOrg
 
-# success.profiles-count
+  <%= config.bin %> <%= command.id %> -o MyTargetOrg -n AuthorApex -n ModifyMetadata
 
-Scanned %s profiles.
+# success.scanned-entities-count
 
-# success.permissionsets-count
-
-Scanned %s permission sets.
+Scanned %s profiles and %s permission sets.

package/messages/policies.general.md

@@ -10,6 +10,10 @@ Org did not return valid metadata for the profile. Entity cannot be processed.
 
 %ss with preset UNKNOWN are ignored.
 
+# user-with-role-unknown
+
+Users with role UNKNOWN are ignored. To apply the default role, remove them from config.
+
 # skip-reason.rule-not-enabled
 
 Rule was disabled in policy config.

package/messages/rules.users.md

@@ -0,0 +1,11 @@
+# violations.no-other-apex-api-logins
+
+Has %s logins with "Other Apex API", which is a deprecated and insecure login type.
+
+# violations.inactive-since-n-days
+
+User is inactive for %s days (last login was %s).
+
+# violations.has-never-logged-in
+
+User was created %s (%s days ago), but never logged in.

package/oclif.manifest.json

@@ -3,7 +3,7 @@
     "org:audit:init": {
       "aliases": [],
       "args": {},
-      "description": "Exports permissions (standard and custom), permission sets, profiles, users, etc from the target org. All classifications are initialised with sane defaults that you can customize later.",
+      "description": "Uses your org's configuration to set up a new audit config at the target destination. This creates the basic classification and policy files that make up an audit config. You can select from presets to initialise risk levels with default values. After initialisation, you can customize the files to suit your needs.",
       "examples": [
         "Initialise audit policies at the root directory\n<%= config.bin %> <%= command.id %> -o MyTargetOrg",
         "Initialise audit config at custom directory with preset\n<%= config.bin %> <%= command.id %> -o MyTargetOrg -d my_dir -p loose"
@@ -48,7 +48,7 @@
           "char": "p",
           "description": "The selected preset is applied before any other default mechanisms (such as template configs). This means, values from a selected template override the preset. Consult the documentation to learn more about the rationale behind the default risk levels. The risk levels interact with the configured preset on profiles and permission sets and essentially control, if a permission is allowed in a certain profile / permission set.",
           "name": "preset",
-          "summary": "Select a preset to initialise permission classifications (risk levels).",
+          "summary": "Preset to initialise defaults for permission risk levels.",
           "default": "strict",
           "hasDynamicHelp": false,
           "multiple": false,
@@ -74,7 +74,7 @@
       "pluginName": "@j-schreiber/sf-cli-security-audit",
       "pluginType": "core",
       "strict": true,
-      "summary": "Initialises classifications and policies for a security audit.",
+      "summary": "Initialise a new audit config.",
       "enableJsonFlag": true,
       "isESM": true,
       "relativePath": [
@@ -97,7 +97,7 @@
     "org:audit:run": {
       "aliases": [],
       "args": {},
-      "description": "Loads a given audit config (a set of classifications and policies) and runs the policies against the target org. The audit run creates a comprehensive report that lists all executed policies and all resolved entities that were audited.",
+      "description": "Loads an existing audit config from the source directory and audits the target org. The audit run always creates a comprehensive report in JSON format.",
       "examples": [
         "Audit the org MyTargetOrg with the config in configs/prod\n<%= config.bin %> <%= command.id %> -o MyTargetOrg -d configs/prod"
       ],
@@ -131,7 +131,7 @@
           "char": "d",
           "name": "source-dir",
           "required": false,
-          "summary": "Location of the audit config.",
+          "summary": "Source directory of the audit config to run.",
           "default": "",
           "hasDynamicHelp": false,
           "multiple": false,
@@ -152,7 +152,7 @@
       "pluginName": "@j-schreiber/sf-cli-security-audit",
       "pluginType": "core",
       "strict": true,
-      "summary": "Audit your org.",
+      "summary": "Audit your org with an existing config.",
       "enableJsonFlag": true,
       "isESM": true,
       "relativePath": [
@@ -175,9 +175,9 @@
     "org:scan:user-perms": {
       "aliases": [],
       "args": {},
-      "description": "The quick scan does not need an audit config and does not create reports. The target org is scanned \"in memory\" and simply outputs information, where the searched user permissions",
+      "description": "The target org is scanned \"in memory\" and searches Profiles and Permission Sets for the named user permissions. This command does not need an audit config and does not create a report file.",
       "examples": [
-        "<%= config.bin %> <%= command.id %>"
+        "Search for multiple permissions on MyTargetOrg\n<%= config.bin %> <%= command.id %> -o MyTargetOrg -n AuthorApex -n ModifyMetadata"
       ],
       "flags": {
         "json": {
@@ -197,10 +197,10 @@
         },
         "name": {
           "char": "n",
-          "description": "You can specify any valid user permission on your org, such as \"AuthorApex\", \"CustomizeApplication\" or \"ViewSetup\". If you are unsure what permissions are available on your org, initialise a new audit config and check the created userPermissions.yml.",
+          "description": "You can specify any valid user permission on your org, such as \"AuthorApex\", \"CustomizeApplication\" or \"ViewSetup\". If you are unsure what permissions are available on your org, initialise a new audit config and check the created userPermissions.yml. Currently, the names are not validated: If you have a typo (such as \"AutorApex\", the scan will retun 0 results).",
           "name": "name",
           "required": true,
-          "summary": "One or more permissions to be scanned.",
+          "summary": "One or more permissions to be searched for.",
           "hasDynamicHelp": false,
           "multiple": true,
           "type": "option"
@@ -230,7 +230,7 @@
       "pluginName": "@j-schreiber/sf-cli-security-audit",
       "pluginType": "core",
       "strict": true,
-      "summary": "Performs a quick scan to check permission sets and profiles for user permissions.",
+      "summary": "Performs a quick scan for specific user permissions.",
       "enableJsonFlag": true,
       "isESM": true,
       "relativePath": [
@@ -251,5 +251,5 @@
       ]
     }
   },
-  "version": "0.6.0"
+  "version": "0.7.1"
 }

package/package.json

@@ -1,7 +1,7 @@
 {
   "name": "@j-schreiber/sf-cli-security-audit",
   "description": "Salesforce CLI plugin to automate highly configurable security audits",
-  "version": "0.6.0",
+  "version": "0.7.1",
   "repository": {
     "type": "https",
     "url": "https://github.com/j-schreiber/js-sf-cli-security-audit"

package/lib/libs/policies/auditRun.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"auditRun.js","sourceRoot":"","sources":["../../../src/libs/policies/auditRun.ts"],"names":[],"mappings":"AAAA,4BAA4B;AAC5B,OAAO,YAAY,MAAM,aAAa,CAAC;AAIvC,OAAO,EAAE,eAAe,EAAE,MAAM,6CAA6C,CAAC;AAC9E,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAE/C,OAAO,mBAAmB,MAAM,0BAA0B,CAAC;AAC3D,OAAO,kBAAkB,MAAM,yBAAyB,CAAC;AAKzD,MAAM,UAAU,aAAa,CAAC,aAAqB;IACjD,MAAM,IAAI,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IAC5C,OAAO,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAQD;;GAEG;AACH,MAAM,CAAC,OAAO,OAAO,QAAS,SAAQ,YAAY;IAGtB;IAFlB,kBAAkB,CAAa;IAEvC,YAA0B,OAAuB;QAC/C,KAAK,EAAE,CAAC;QADgB,YAAO,GAAP,OAAO,CAAgB;IAEjD,CAAC;IAED;;;;OAIG;IACI,KAAK,CAAC,OAAO,CAAC,mBAA+B;QAClD,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;YAC5B,OAAO,IAAI,CAAC,kBAAkB,CAAC;QACjC,CAAC;QACD,IAAI,CAAC,kBAAkB,GAAG,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1D,MAAM,qBAAqB,GAAwC,EAAE,CAAC;QACtE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,CAAC,UAAU,EAAE,EAAE;YAC5D,qBAAqB,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC;QAC1E,CAAC,CAAC,CAAC;QACH,MAAM,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACzC,OAAO,IAAI,CAAC,kBAAkB,CAAC;IACjC,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,OAAO,CAAC,SAAqB;QACxC,IAAI,CAAC,kBAAkB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;QACxD,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC,IAAI,CAAC,kBAAkB,EAAE,SAAS,CAAC,CAAC;QACtE,OAAO;YACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,WAAW,CAAC,OAAO,CAAC;YACjC,QAAQ,EAAE,OAAO;SAClB,CAAC;IACJ,CAAC;IAEO,YAAY,CAAC,MAAsB;QACzC,MAAM,IAAI,GAAc,EAAE,CAAC;QAC3B,IAAI,MAAM,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;YAC7B,IAAI,CAAC,QAAQ,GAAG,IAAI,aAAa,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC9E,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,CAAC,cAAc,EAAE,CAAC;YACnC,IAAI,CAAC,cAAc,GAAG,IAAI,mBAAmB,CAAC,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAChG,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,CAAC,aAAa,EAAE,CAAC;YAClC,IAAI,CAAC,aAAa,GAAG,IAAI,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAC7F,CAAC;QACD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,EAAE;YACpD,MAAM,CAAC,WAAW,CAAC,eAAe,EAAE,CAAC,YAAoD,EAAE,EAAE;gBAC3F,IAAI,CAAC,IAAI,CAAC,iBAAiB,UAAU,EAAE,EAAE,EAAE,UAAU,EAAE,GAAG,YAAY,EAAE,CAAC,CAAC;YAC5E,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QACH,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,SAAS,WAAW,CAAC,OAAmB;IACtC,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACpC,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC,OAAO,IAAI,UAAU,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;AACtG,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAmB,EAAE,mBAA+B;IAC7E,MAAM,YAAY,GAAsC,EAAE,CAAC;IAC3D,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE;QAC3D,YAAY,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QAC7B,YAAY,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,mBAAmB,EAAE,CAAC,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IACH,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IACpD,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,WAAW,CAAC,OAAO,CAAC,CAAC,YAAY,EAAE,EAAE;QACnC,MAAM,SAAS,GAAG,YAAY,CAAC,WAAW,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC;QAClE,OAAO,CAAC,SAAS,CAAC,GAAG,YAAY,CAAC;IACpC,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/lib/libs/policies/connectedAppPolicy.d.ts

@@ -1,9 +0,0 @@
-import { AuditRunConfig, BasePolicyFileContent } from '../core/file-mgmt/schema.js';
-import { AuditContext } from '../core/registries/types.js';
-import Policy, { ResolveEntityResult } from './policy.js';
-export default class ConnectedAppPolicy extends Policy {
-    config: BasePolicyFileContent;
-    auditConfig: AuditRunConfig;
-    constructor(config: BasePolicyFileContent, auditConfig: AuditRunConfig, registry?: import("../core/registries/connectedApps.js").default);
-    protected resolveEntities(context: AuditContext): Promise<ResolveEntityResult>;
-}

package/lib/libs/policies/connectedAppPolicy.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"connectedAppPolicy.js","sourceRoot":"","sources":["../../../src/libs/policies/connectedAppPolicy.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,oBAAoB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAC/E,OAAO,EAAgB,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAE3E,OAAO,KAAK,MAAM,iCAAiC,CAAC;AACpD,OAAO,MAAM,EAAE,EAAE,QAAQ,EAAuB,MAAM,aAAa,CAAC;AAGpE,MAAM,CAAC,OAAO,OAAO,kBAAmB,SAAQ,MAAM;IAE3C;IACA;IAFT,YACS,MAA6B,EAC7B,WAA2B,EAClC,QAAQ,GAAG,cAAc,CAAC,aAAa;QAEvC,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;QAJ9B,WAAM,GAAN,MAAM,CAAuB;QAC7B,gBAAW,GAAX,WAAW,CAAgB;IAIpC,CAAC;IAED,kDAAkD;IACxC,KAAK,CAAC,eAAe,CAAC,OAAqB;QACnD,MAAM,oBAAoB,GAAyC,EAAE,CAAC;QACtE,MAAM,eAAe,GAAuC,EAAE,CAAC;QAC/D,MAAM,WAAW,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QAC3D,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,CAAC;YACR,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,MAAM,aAAa,GAAG,MAAM,OAAO,CAAC,mBAAmB,CAAC,KAAK,CAAe,oBAAoB,CAAC,CAAC;QAClG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,aAAa,CAAC,SAAS;YAC9B,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,YAAY,EAAE,EAAE;YAC7C,oBAAoB,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG;gBACxC,IAAI,EAAE,YAAY,CAAC,IAAI;gBACvB,MAAM,EAAE,WAAW;gBACnB,6BAA6B,EAAE,YAAY,CAAC,kCAAkC;gBAC9E,2BAA2B,EAAE,KAAK;gBAClC,QAAQ,EAAE,CAAC;gBACX,KAAK,EAAE,EAAE;aACV,CAAC;QACJ,CAAC,CAAC,CAAC;QACH,MAAM,eAAe,GAAG,MAAM,OAAO,CAAC,mBAAmB,CAAC,KAAK,CAAa,iBAAiB,CAAC,CAAC;QAC/F,eAAe,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;YACxC,IAAI,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,SAAS,EAAE,CAAC;gBACtD,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG;oBACpC,IAAI,EAAE,KAAK,CAAC,OAAO;oBACnB,MAAM,EAAE,YAAY;oBACpB,6BAA6B,EAAE,KAAK;oBACpC,2BAA2B,EAAE,KAAK;oBAClC,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,KAAK,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;iBAC7B,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC;gBAC/D,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC7E,oBAAoB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QACH,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC,MAAM;YAC/C,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,IAAI,2BAA2B,GAAG,KAAK,CAAC;QACxC,MAAM,wBAAwB,GAAG,MAAM,WAAW,CAAC,gBAAgB,CAAC,sBAAsB,CAAC,CAAC;QAC5F,IAAI,wBAAwB,IAAI,wBAAwB,CAAC,2BAA2B,EAAE,CAAC;YACrF,2BAA2B,GAAG,IAAI,CAAC;QACrC,CAAC;QACD,MAAM,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;YACrD,6CAA6C;YAC7C,MAAM,CAAC,2BAA2B,GAAG,2BAA2B,CAAC;QACnE,CAAC,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;QAC3G,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC;YACvB,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC;SAC3B,CAAC,CAAC;QACH,8DAA8D;QAC9D,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/lib/libs/policies/permissionSetPolicy.d.ts

@@ -1,10 +0,0 @@
-import { AuditRunConfig, PermSetsPolicyFileContent } from '../core/file-mgmt/schema.js';
-import { AuditContext } from '../core/registries/types.js';
-import Policy, { ResolveEntityResult } from './policy.js';
-export default class PermissionSetPolicy extends Policy {
-    config: PermSetsPolicyFileContent;
-    auditContext: AuditRunConfig;
-    private totalEntities;
-    constructor(config: PermSetsPolicyFileContent, auditContext: AuditRunConfig, registry?: import("../core/registries/permissionSets.js").default);
-    protected resolveEntities(context: AuditContext): Promise<ResolveEntityResult>;
-}

package/lib/libs/policies/permissionSetPolicy.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"permissionSetPolicy.js","sourceRoot":"","sources":["../../../src/libs/policies/permissionSetPolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,KAAK,MAAM,iCAAiC,CAAC;AAEpD,OAAO,EAAgB,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC3E,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAG7D,OAAO,MAAM,EAAE,EAAE,QAAQ,EAAuB,MAAM,aAAa,CAAC;AAEpE,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,kBAAkB,CAAC,CAAC;AAEjG,MAAM,CAAC,OAAO,OAAO,mBAAoB,SAAQ,MAAM;IAG5C;IACA;IAHD,aAAa,CAAS;IAC9B,YACS,MAAiC,EACjC,YAA4B,EACnC,QAAQ,GAAG,cAAc,CAAC,cAAc;QAExC,KAAK,CAAC,MAAM,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;QAJ/B,WAAM,GAAN,MAAM,CAA2B;QACjC,iBAAY,GAAZ,YAAY,CAAgB;QAInC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACvG,CAAC;IAES,KAAK,CAAC,eAAe,CAAC,OAAqB;QACnD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,aAAa;YACzB,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,MAAM,oBAAoB,GAA0C,EAAE,CAAC;QACvE,MAAM,UAAU,GAAuC,EAAE,CAAC;QAC1D,MAAM,SAAS,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACzD,MAAM,gBAAgB,GAAG,MAAM,SAAS,CAAC,OAAO,CAC9C,eAAe,EACf,yBAAyB,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CACtD,CAAC;QACF,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,EAAE;YAChE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACvC,IAAI,QAAQ,EAAE,CAAC;gBACb,oBAAoB,CAAC,GAAG,CAAC,GAAG;oBAC1B,QAAQ,EAAE,QAAQ;oBAClB,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,MAAM;oBAC9C,IAAI,EAAE,GAAG;iBACV,CAAC;YACJ,CAAC;iBAAM,IAAI,oBAAoB,CAAC,GAAG,CAAC,KAAK,SAAS,EAAE,CAAC;gBACnD,IAAI,GAAG,CAAC,MAAM,KAAK,kBAAkB,CAAC,OAAO,EAAE,CAAC;oBAC9C,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,gBAAgB,EAAE,CAAC,gBAAgB,CAAC,CAAC,EAAE,CAAC;gBACtG,CAAC;qBAAM,CAAC;oBACN,UAAU,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBACpF,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;QACtG,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,aAAa;YACzB,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC;SAC3B,CAAC,CAAC;QACH,OAAO,MAAM,CAAC;IAChB,CAAC;CACF;AAED,SAAS,yBAAyB,CAAC,QAA8B;IAC/D,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,GAAG,CAAC,EAAE,EAAE;QAC9C,IAAI,GAAG,CAAC,MAAM,KAAK,kBAAkB,CAAC,OAAO,EAAE,CAAC;YAC9C,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,aAAa,CAAC;AACvB,CAAC"}

package/lib/libs/policies/policy.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"policy.js","sourceRoot":"","sources":["../../../src/libs/policies/policy.ts"],"names":[],"mappings":"AAAA,OAAO,YAAY,MAAM,aAAa,CAAC;AAUvC,MAAM,CAAC,OAAO,OAAgB,MAAO,SAAQ,YAAY;IAK9C;IACA;IACG;IANF,aAAa,CAA4B;IACzC,QAAQ,CAAuB;IAEzC,YACS,MAA6B,EAC7B,WAA2B,EACxB,QAAsB;QAEhC,KAAK,EAAE,CAAC;QAJD,WAAM,GAAN,MAAM,CAAuB;QAC7B,gBAAW,GAAX,WAAW,CAAgB;QACxB,aAAQ,GAAR,QAAQ,CAAc;QAGhC,IAAI,CAAC,aAAa,GAAG,QAAQ,CAAC,YAAY,CAAC,MAAM,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;IACxE,CAAC;IAED;;OAEG;IACI,KAAK,CAAC,OAAO,CAAC,OAAqB;QACxC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,IAAI,CAAC,QAAQ,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,CAAC;QACtD,CAAC;QACD,OAAO,IAAI,CAAC,QAAQ,CAAC;IACvB,CAAC;IAED;;;;;;OAMG;IACI,KAAK,CAAC,GAAG,CAAC,OAAqB;QACpC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO;gBACL,WAAW,EAAE,IAAI;gBACjB,OAAO,EAAE,KAAK;gBACd,aAAa,EAAE,EAAE;gBACjB,YAAY,EAAE,EAAE;gBAChB,eAAe,EAAE,EAAE;gBACnB,eAAe,EAAE,EAAE;aACpB,CAAC;QACJ,CAAC;QACD,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,kBAAkB,GAAG,KAAK,EAAoC,CAAC;QACrE,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,aAAa,CAAC,YAAY,EAAE,CAAC;YACnD,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,GAAG,OAAO,EAAE,gBAAgB,EAAE,aAAa,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC;QACtG,CAAC;QACD,MAAM,WAAW,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAC1D,MAAM,aAAa,GAA8C,EAAE,CAAC;QACpE,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;YACrC,MAAM,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,GAAG,oBAAoB,CAAC,UAAU,EAAE,aAAa,CAAC,CAAC;YAChG,aAAa,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG;gBACnC,GAAG,UAAU;gBACb,WAAW,EAAE,UAAU,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;gBAC/C,iBAAiB;gBACjB,gBAAgB;aACjB,CAAC;QACJ,CAAC;QACD,OAAO;YACL,WAAW,EAAE,WAAW,CAAC,aAAa,CAAC;YACvC,OAAO,EAAE,IAAI;YACb,aAAa;YACb,YAAY,EAAE,IAAI,CAAC,aAAa,CAAC,YAAY;YAC7C,eAAe,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC;YAC5D,eAAe,EAAE,aAAa,CAAC,eAAe;SAC/C,CAAC;IACJ,CAAC;CAGF;AAED,SAAS,WAAW,CAAC,WAAsD;IACzE,MAAM,IAAI,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACxC,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,IAAI,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC,OAAO,IAAI,UAAU,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC;AACtG,CAAC;AAED,SAAS,oBAAoB,CAC3B,UAAmC,EACnC,QAA6B;IAE7B,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC3C,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,GAAG,EAAE,EAAE;QACpC,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,gBAAgB,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAC,gBAAgB,EAAE,EAAE;QAClE,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAC5C,iBAAiB,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC,CAAC,CAAC;IACH,OAAO,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,CAAC;AAC/E,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,aAAkC;IACzD,MAAM,aAAa,GAAG,aAAa,CAAC,gBAAgB,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,gBAAgB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9G,MAAM,YAAY,GAAG,aAAa,CAAC,eAAe,CAAC,CAAC,CAAC,aAAa,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAC9F,OAAO,aAAa,GAAG,YAAY,CAAC;AACtC,CAAC"}

package/lib/libs/policies/profilePolicy.d.ts

@@ -1,10 +0,0 @@
-import { AuditRunConfig, ProfilesPolicyFileContent } from '../core/file-mgmt/schema.js';
-import { AuditContext } from '../core/registries/types.js';
-import Policy, { ResolveEntityResult } from './policy.js';
-export default class ProfilePolicy extends Policy {
-    config: ProfilesPolicyFileContent;
-    auditConfig: AuditRunConfig;
-    private totalEntities;
-    constructor(config: ProfilesPolicyFileContent, auditConfig: AuditRunConfig, registry?: import("../core/registries/profiles.js").default);
-    protected resolveEntities(context: AuditContext): Promise<ResolveEntityResult>;
-}

package/lib/libs/policies/profilePolicy.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"profilePolicy.js","sourceRoot":"","sources":["../../../src/libs/policies/profilePolicy.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAG5C,OAAO,KAAK,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAgB,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC3E,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAE7D,OAAO,MAAM,EAAE,EAAE,QAAQ,EAAuB,MAAM,aAAa,CAAC;AAEpE,QAAQ,CAAC,kCAAkC,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC7D,MAAM,QAAQ,GAAG,QAAQ,CAAC,YAAY,CAAC,oCAAoC,EAAE,kBAAkB,CAAC,CAAC;AAEjG,MAAM,CAAC,OAAO,OAAO,aAAc,SAAQ,MAAM;IAGtC;IACA;IAHD,aAAa,CAAS;IAC9B,YACS,MAAiC,EACjC,WAA2B,EAClC,QAAQ,GAAG,cAAc,CAAC,QAAQ;QAElC,KAAK,CAAC,MAAM,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;QAJ9B,WAAM,GAAN,MAAM,CAA2B;QACjC,gBAAW,GAAX,WAAW,CAAgB;QAIlC,IAAI,CAAC,aAAa,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3F,CAAC;IAES,KAAK,CAAC,eAAe,CAAC,OAAqB;QACnD,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,aAAa;YACzB,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;QACH,MAAM,oBAAoB,GAAoC,EAAE,CAAC;QACjE,MAAM,eAAe,GAAuC,EAAE,CAAC;QAC/D,MAAM,kBAAkB,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;QACtD,MAAM,kBAAkB,GAAa,EAAE,CAAC;QACxC,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,WAAW,EAAE,UAAU,CAAC,EAAE,EAAE;YACvE,IAAI,UAAU,CAAC,MAAM,KAAK,kBAAkB,CAAC,OAAO,EAAE,CAAC;gBACrD,eAAe,CAAC,WAAW,CAAC,GAAG;oBAC7B,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,gBAAgB,EAAE,CAAC,SAAS,CAAC,CAAC;iBAC5D,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,kBAAkB,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YACvC,CAAC;QACH,CAAC,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;QACrD,MAAM,gBAAgB,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;QAC5E,kBAAkB,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,EAAE;YACzC,MAAM,eAAe,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACtD,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,eAAe,CAAC,WAAW,CAAC,GAAG;oBAC7B,IAAI,EAAE,WAAW;oBACjB,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,kBAAkB,CAAC;iBACjD,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,oBAAoB,CAAC,WAAW,CAAC,GAAG;oBAClC,IAAI,EAAE,WAAW;oBACjB,MAAM,EAAE,kBAAkB,CAAC,WAAW,CAAC,CAAC,MAAM;oBAC9C,QAAQ,EAAE,eAAe;iBAC1B,CAAC;YACJ,CAAC;QACH,CAAC,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,EAAE,gBAAgB,EAAE,oBAAoB,EAAE,eAAe,EAAE,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;QAC3G,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE;YACzB,KAAK,EAAE,IAAI,CAAC,aAAa;YACzB,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC;SAC3B,CAAC,CAAC;QACH,OAAO,MAAM,CAAC;IAChB,CAAC;CACF"}

package/lib/libs/policies/salesforceStandardTypes.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"salesforceStandardTypes.js","sourceRoot":"","sources":["../../../src/libs/policies/salesforceStandardTypes.ts"],"names":[],"mappings":""}