@nugehs/bouncer 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (22) hide show
  1. package/CHANGELOG.md +32 -0
  2. package/LICENSE +21 -0
  3. package/README.md +147 -0
  4. package/package.json +54 -0
  5. package/src/cli.js +143 -0
  6. package/src/lib/adapters/next.js +67 -0
  7. package/src/lib/adapters/react-native.js +61 -0
  8. package/src/lib/args.js +73 -0
  9. package/src/lib/brand.js +22 -0
  10. package/src/lib/config.js +51 -0
  11. package/src/lib/doctor.js +49 -0
  12. package/src/lib/engine.js +229 -0
  13. package/src/lib/init.js +20 -0
  14. package/src/lib/mcp.js +195 -0
  15. package/src/lib/output.js +49 -0
  16. package/src/lib/packs.js +169 -0
  17. package/src/lib/reporters/html.js +156 -0
  18. package/src/lib/reporters/human.js +72 -0
  19. package/src/lib/reporters/json.js +5 -0
  20. package/src/lib/walk.js +109 -0
  21. package/src/packs/uk-aadc.json +109 -0
  22. package/src/packs/uk-osa.json +99 -0
package/src/packs/uk-osa.json ADDED
@@ -0,0 +1,99 @@
1
+ {
2
+ "id": "uk-osa",
3
+ "title": "UK Online Safety Act 2023",
4
+ "authority": "Ofcom",
5
+ "url": "https://www.ofcom.org.uk/online-safety/",
6
+ "rules": [
7
+ {
8
+ "id": "osa.age-assurance-highly-effective",
9
+ "standard": "Children's safety duties — highly effective age assurance",
10
+ "severity": "high",
11
+ "surface": "signup",
12
+ "intent": "Where a service can be accessed by children and carries content harmful to them, 'highly effective' age assurance is required — self-declaration alone does not meet the bar.",
13
+ "fix": "Integrate a recognised age-assurance method (age estimation, ID/age verification, or equivalent) on the access path.",
14
+ "assert": {
15
+ "find": "age[_-]?(assurance|verification|estimation)|id[_-]?verification|\\bkyc\\b|yoti|onfido|veriff|persona|stripe[_-]?identity",
16
+ "in": ["signup", "auth", "any"],
17
+ "expect": "present"
18
+ }
19
+ },
20
+ {
21
+ "id": "osa.report-mechanism-ugc",
22
+ "standard": "Illegal content duties — reporting & complaints",
23
+ "severity": "high",
24
+ "surface": "ugc",
25
+ "intent": "Users must be able to easily report illegal content and content harmful to children on user-to-user surfaces (chat, livestream, profiles).",
26
+ "fix": "Add a report/flag affordance to every user-generated-content surface, wired to a complaints workflow.",
27
+ "assert": {
28
+ "find": "(report|flag)[^\\n]{0,25}(content|message|user|post|abuse|stream|comment)|reportContent|onReport|report[_-]?reason|flagContent",
29
+ "in": ["ugc"],
30
+ "expect": "present"
31
+ }
32
+ },
33
+ {
34
+ "id": "osa.block-mechanism-ugc",
35
+ "standard": "Children's safety duties — user controls",
36
+ "severity": "high",
37
+ "surface": "ugc",
38
+ "intent": "Users (especially children) must be able to block and mute other users on interactive surfaces.",
39
+ "fix": "Provide block/mute controls on chat, livestream, and profile surfaces.",
40
+ "assert": {
41
+ "find": "(block|mute)[^\\n]{0,15}(user|member|participant|sender)|blockUser|onBlock|muteUser|toggleBlock",
42
+ "in": ["ugc"],
43
+ "expect": "present"
44
+ }
45
+ },
46
+ {
47
+ "id": "osa.content-moderation-present",
48
+ "standard": "Illegal content duties — proactive measures",
49
+ "severity": "medium",
50
+ "surface": "ugc",
51
+ "intent": "Proportionate content-moderation measures should be applied to user-generated content (filtering, profanity/abuse detection, or moderation hooks).",
52
+ "fix": "Add moderation hooks (profanity/abuse filtering, content classification, or a moderation queue) to UGC surfaces.",
53
+ "assert": {
54
+ "find": "moderat|profanity|content[_-]?filter|banned[_-]?words|blocklist|toxicity|safetyFilter",
55
+ "in": ["ugc"],
56
+ "expect": "present"
57
+ }
58
+ },
59
+ {
60
+ "id": "osa.illegal-content-risk-assessment",
61
+ "standard": "Illegal content risk assessment duty",
62
+ "severity": "high",
63
+ "surface": "governance",
64
+ "intent": "Services must carry out and keep up to date an illegal-content risk assessment (and, where in scope, a children's access/risk assessment).",
65
+ "fix": "Add an illegal-content (and children's) risk assessment artifact to the repo or link it from governance docs.",
66
+ "assert": {
67
+ "find": "illegal[_-]?content[_-]?risk|risk assessment|children'?s? (access|risk) assessment",
68
+ "in": ["governance", "any"],
69
+ "expect": "present"
70
+ }
71
+ },
72
+ {
73
+ "id": "osa.csam-reporting-route",
74
+ "standard": "Illegal content — CSEA priority offences",
75
+ "severity": "high",
76
+ "surface": "governance",
77
+ "intent": "There must be a route to detect, remove, and report child sexual abuse material (CSEA), e.g. referral to NCMEC/IWF.",
78
+ "fix": "Document and implement a CSAM detection/escalation route (NCMEC/IWF referral or equivalent) for UGC.",
79
+ "assert": {
80
+ "find": "\\bcsam\\b|\\bcsea\\b|child sexual|\\bncmec\\b|\\biwf\\b",
81
+ "in": ["governance", "ugc", "any"],
82
+ "expect": "present"
83
+ }
84
+ },
85
+ {
86
+ "id": "osa.terms-prohibit-illegal-content",
87
+ "standard": "Terms of service — clarity duty",
88
+ "severity": "low",
89
+ "surface": "governance",
90
+ "intent": "Terms of service / community guidelines must clearly prohibit illegal content and set out enforcement.",
91
+ "fix": "Add community guidelines / acceptable-use terms that prohibit illegal content and describe enforcement.",
92
+ "assert": {
93
+ "find": "prohibited content|illegal content|community guidelines|acceptable use|content policy",
94
+ "in": ["governance", "any"],
95
+ "expect": "present"
96
+ }
97
+ }
98
+ ]
99
+ }