@pactosigna/records 0.1.4 → 0.1.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +41 -5
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -1996,7 +1996,15 @@ var RiskGapCodeSchema = z29.enum([
|
|
|
1996
1996
|
"unacceptable_no_benefit",
|
|
1997
1997
|
"preliminary_not_analyzed",
|
|
1998
1998
|
"missing_body_rationale",
|
|
1999
|
-
"orphaned_body_section"
|
|
1999
|
+
"orphaned_body_section",
|
|
2000
|
+
"architecture_no_risk_analysis",
|
|
2001
|
+
"security_hazard_no_asset_ref",
|
|
2002
|
+
"high_cia_no_security_hazard",
|
|
2003
|
+
"hazard_no_software_item",
|
|
2004
|
+
"detailed_design_missing_for_unit",
|
|
2005
|
+
"unit_no_verification",
|
|
2006
|
+
"risk_control_no_verification",
|
|
2007
|
+
"architecture_no_asset_types"
|
|
2000
2008
|
]);
|
|
2001
2009
|
var RiskGapSeveritySchema = z29.enum(["error", "warning"]);
|
|
2002
2010
|
var MitigationSchema = z29.object({
|
|
@@ -2066,7 +2074,9 @@ var HazardSoftwareFrontmatterSchema = z29.object({
|
|
|
2066
2074
|
leads_to: z29.array(z29.string()).optional(),
|
|
2067
2075
|
hazard_category: z29.string().optional(),
|
|
2068
2076
|
detection_score: z29.number().int().min(1).max(5).optional(),
|
|
2069
|
-
detection_method: z29.string().optional()
|
|
2077
|
+
detection_method: z29.string().optional(),
|
|
2078
|
+
/** Reference to the HLD/SDD software item this hazard applies to (IEC 62304 §7.1) */
|
|
2079
|
+
software_item: z29.string().min(1).optional()
|
|
2070
2080
|
});
|
|
2071
2081
|
var HazardSecurityFrontmatterSchema = z29.object({
|
|
2072
2082
|
type: z29.literal("haz_soe_security"),
|
|
@@ -2078,7 +2088,9 @@ var HazardSecurityFrontmatterSchema = z29.object({
|
|
|
2078
2088
|
approvers: z29.array(z29.string()).optional(),
|
|
2079
2089
|
preliminary: z29.boolean().default(false),
|
|
2080
2090
|
leads_to: z29.array(z29.string()).optional(),
|
|
2081
|
-
hazard_category: z29.string().optional()
|
|
2091
|
+
hazard_category: z29.string().optional(),
|
|
2092
|
+
/** Reference to the HLD/SDD software item this security hazard applies to (IEC 62304 §7.1, IEC 81001-5-1) */
|
|
2093
|
+
software_item: z29.string().min(1).optional()
|
|
2082
2094
|
});
|
|
2083
2095
|
var HazardFrontmatterSchema = z29.discriminatedUnion("type", [
|
|
2084
2096
|
HazardSoftwareFrontmatterSchema,
|
|
@@ -2220,6 +2232,22 @@ var SoftwareTestPlanFrontmatterSchema = z52.object({
|
|
|
2220
2232
|
approvers: z52.array(z52.string()).optional()
|
|
2221
2233
|
});
|
|
2222
2234
|
var SoftwareItemTypeSchema = z62.enum(["system", "subsystem", "component", "unit"]);
|
|
2235
|
+
var AssetTypeSchema = z62.enum([
|
|
2236
|
+
"data_store",
|
|
2237
|
+
"api_endpoint",
|
|
2238
|
+
"background_worker",
|
|
2239
|
+
"auth_provider",
|
|
2240
|
+
"external_service",
|
|
2241
|
+
"user_interface",
|
|
2242
|
+
"message_queue",
|
|
2243
|
+
"network_boundary"
|
|
2244
|
+
]);
|
|
2245
|
+
var CiaImpactLevelSchema = z62.enum(["low", "medium", "high"]);
|
|
2246
|
+
var CiaImpactSchema = z62.object({
|
|
2247
|
+
confidentiality: CiaImpactLevelSchema.optional(),
|
|
2248
|
+
integrity: CiaImpactLevelSchema.optional(),
|
|
2249
|
+
availability: CiaImpactLevelSchema.optional()
|
|
2250
|
+
});
|
|
2223
2251
|
var SegregationSchema = z62.object({
|
|
2224
2252
|
mechanism: z62.string().min(1),
|
|
2225
2253
|
rationale: z62.string().min(1)
|
|
@@ -2242,7 +2270,11 @@ var ArchitectureFrontmatterSchema = z62.object({
|
|
|
2242
2270
|
/** Approver list — required for all regulated document types */
|
|
2243
2271
|
approvers: z62.array(z62.string()).min(1),
|
|
2244
2272
|
/** SRS requirement IDs this architecture item implements (IEC 62304 §5.3.1) */
|
|
2245
|
-
implements: z62.array(z62.string().min(1)).optional()
|
|
2273
|
+
implements: z62.array(z62.string().min(1)).optional(),
|
|
2274
|
+
/** IEC 81001-5-1 asset classification for this software item (optional, enables security gap detection) */
|
|
2275
|
+
asset_types: z62.array(AssetTypeSchema).optional(),
|
|
2276
|
+
/** CIA impact assessment — enables automated detection of high-value assets missing security analysis */
|
|
2277
|
+
cia_impact: CiaImpactSchema.optional()
|
|
2246
2278
|
});
|
|
2247
2279
|
var DetailedDesignFrontmatterSchema = z62.object({
|
|
2248
2280
|
id: z62.string().min(1),
|
|
@@ -2262,7 +2294,11 @@ var DetailedDesignFrontmatterSchema = z62.object({
|
|
|
2262
2294
|
/** Approver list — required for all regulated document types */
|
|
2263
2295
|
approvers: z62.array(z62.string()).min(1),
|
|
2264
2296
|
/** SRS requirement IDs this design item implements (IEC 62304 §5.4.2) */
|
|
2265
|
-
implements: z62.array(z62.string().min(1)).optional()
|
|
2297
|
+
implements: z62.array(z62.string().min(1)).optional(),
|
|
2298
|
+
/** IEC 81001-5-1 asset classification for this software item (optional, enables security gap detection) */
|
|
2299
|
+
asset_types: z62.array(AssetTypeSchema).optional(),
|
|
2300
|
+
/** CIA impact assessment — enables automated detection of high-value assets missing security analysis */
|
|
2301
|
+
cia_impact: CiaImpactSchema.optional()
|
|
2266
2302
|
});
|
|
2267
2303
|
var AnomalyCategorySchema = z72.enum([
|
|
2268
2304
|
"bug",
|