@lowwattlabs/clawsec 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/cli/clawsec.py +6 -1
  2. package/lib/intel-sync/sources/osv.sh +7 -5
  3. package/lib/intel-sync/sync.sh +8 -0
  4. package/package.json +1 -1
package/cli/clawsec.py CHANGED
@@ -19,7 +19,7 @@ import sys
19
19
  import time
20
20
  from pathlib import Path
21
21
 
22
- VERSION = "2.0.0"
22
+ VERSION = "2.0.1"
23
23
  CLAWSEC_DIR = os.environ.get("CLAWSEC_HOME", os.path.expanduser("~/.clawsec"))
24
24
  INTEL_DIR = os.environ.get("CLAWSEC_INTEL_DIR", os.path.join(CLAWSEC_DIR, "intel"))
25
25
  REPORTS_DIR = os.environ.get("CLAWSEC_REPORTS_DIR", os.path.join(CLAWSEC_DIR, "reports"))
@@ -91,6 +91,11 @@ def cmd_scan(args):
91
91
 
92
92
  def cmd_sync(args):
93
93
  """Run intel sync."""
94
+ # Ensure intel directories exist
95
+ intel_dirs = ['cisa-kev', 'osv', 'osv/npm', 'osv/PyPI', 'epss', 'malwarebazaar', 'urlhaus', 'threatfox', 'feodo', 'yara-rules', 'semgrep-rules']
96
+ for d in intel_dirs:
97
+ os.makedirs(os.path.join(INTEL_DIR, d), exist_ok=True)
98
+ os.makedirs(REPORTS_DIR, exist_ok=True)
94
99
  sync_sh = os.path.join(PKG_ROOT, "lib", "intel-sync", "sync.sh")
95
100
  if not os.path.exists(sync_sh):
96
101
  sync_sh = os.path.join(CLAWSEC_DIR, "lib", "intel-sync", "sync.sh")
package/lib/intel-sync/sources/osv.sh CHANGED
@@ -59,9 +59,11 @@ for eco in "${ECOSYSTEMS[@]}"; do
59
59
 
60
60
  if [[ -d "$eco_dir" ]]; then
61
61
  # Build index using Python for speed
62
- python3 -c "
62
+ # Pass both eco_dir and index_file as arguments to avoid bash-in-Python variable scoping
63
+ index_count=$(python3 -c "
63
64
  import json, os, sys
64
65
  eco_dir = sys.argv[1]
66
+ index_path = sys.argv[2]
65
67
  index = {}
66
68
  for fname in os.listdir(eco_dir):
67
69
  if not fname.endswith('.json') or fname == 'index.json':
@@ -81,12 +83,12 @@ for fname in os.listdir(eco_dir):
81
83
  except (json.JSONDecodeError, KeyError, OSError):
82
84
  continue
83
85
  # Write index atomically
84
- tmp = index_file + '.new'
86
+ tmp = index_path + '.new'
85
87
  with open(tmp, 'w') as f:
86
88
  json.dump(index, f)
87
- os.rename(tmp, index_file)
88
- " "$eco_dir"
89
- index_count=$(python3 -c "import json; print(len(json.load(open('$index_file'))))" 2>/dev/null || echo "?")
89
+ os.rename(tmp, index_path)
90
+ print(len(index))
91
+ " "$eco_dir" "$index_file")
90
92
  log_info "OSV $eco index: $index_count packages"
91
93
  fi
92
94
  done
package/lib/intel-sync/sync.sh CHANGED
@@ -29,6 +29,14 @@ usage() {
29
29
  }
30
30
 
31
31
  ALL_SOURCES=(cisa-kev osv epss malwarebazaar urlhaus threatfox feodo yara-rules semgrep-rules)
32
+
33
+ # Ensure intel directories exist
34
+ INTEL_DIR=
35
+ for src in ; do
36
+ mkdir -p /
37
+ done
38
+ mkdir -p /osv/npm /osv/PyPI
39
+ mkdir -p
32
40
  requested_sources=()
33
41
  json_output=0
34
42
 
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@lowwattlabs/clawsec",
3
- "version": "2.0.0",
3
+ "version": "2.0.1",
4
4
  "description": "ClawSec - Security Verification for ClawHub Skills",
5
5
  "bin": {
6
6
  "clawsec": "./bin/clawsec.js",