@pactosigna/trace 0.1.5 → 0.1.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +14 -4
- package/dist/index.js +10 -3
- package/package.json +1 -1
package/dist/cli.js
CHANGED
|
@@ -111,7 +111,10 @@ var RiskGapCodeSchema = z.enum([
|
|
|
111
111
|
]);
|
|
112
112
|
var RiskGapSeveritySchema = z.enum(["error", "warning"]);
|
|
113
113
|
var MitigationSchema = z.object({
|
|
114
|
-
control: z.string().min(1)
|
|
114
|
+
control: z.string().min(1).regex(
|
|
115
|
+
/^[A-Z][A-Z0-9-]+(#[\w-]+)?$/,
|
|
116
|
+
"control must be a document ID reference (e.g. SRS-DOC-001, SDP-001#4-2-stage-gates), not prose"
|
|
117
|
+
),
|
|
115
118
|
iso_category: IsoCategorySchema,
|
|
116
119
|
reduces: ReducesTargetSchema
|
|
117
120
|
});
|
|
@@ -771,6 +774,10 @@ function detectArchitectureNoParent(documents) {
|
|
|
771
774
|
function isApprovedOrEffective(doc) {
|
|
772
775
|
return doc.status === "approved" || doc.status === "effective";
|
|
773
776
|
}
|
|
777
|
+
function extractDocumentId(ref) {
|
|
778
|
+
const hashIndex = ref.indexOf("#");
|
|
779
|
+
return hashIndex === -1 ? ref : ref.slice(0, hashIndex);
|
|
780
|
+
}
|
|
774
781
|
function buildGap(doc, code, severity, message) {
|
|
775
782
|
return {
|
|
776
783
|
code,
|
|
@@ -925,7 +932,7 @@ function detectRiskControlNoVerification(documents, links) {
|
|
|
925
932
|
}
|
|
926
933
|
}
|
|
927
934
|
for (const control of controls) {
|
|
928
|
-
if (!verifiedDocIds.has(control)) {
|
|
935
|
+
if (!verifiedDocIds.has(extractDocumentId(control))) {
|
|
929
936
|
gaps.push(
|
|
930
937
|
buildGap(
|
|
931
938
|
doc,
|
|
@@ -1027,7 +1034,7 @@ function collectAllHarms(doc) {
|
|
|
1027
1034
|
function detectMitigationGaps(doc, docById, mitigations) {
|
|
1028
1035
|
const gaps = [];
|
|
1029
1036
|
for (const mitigation of mitigations) {
|
|
1030
|
-
const controlDoc = docById.get(mitigation.control);
|
|
1037
|
+
const controlDoc = docById.get(extractDocumentId(mitigation.control));
|
|
1031
1038
|
if (!controlDoc) {
|
|
1032
1039
|
gaps.push(
|
|
1033
1040
|
buildGap(
|
|
@@ -4125,7 +4132,10 @@ var RiskGapCodeSchema2 = z33.enum([
|
|
|
4125
4132
|
]);
|
|
4126
4133
|
var RiskGapSeveritySchema2 = z33.enum(["error", "warning"]);
|
|
4127
4134
|
var MitigationSchema2 = z33.object({
|
|
4128
|
-
control: z33.string().min(1)
|
|
4135
|
+
control: z33.string().min(1).regex(
|
|
4136
|
+
/^[A-Z][A-Z0-9-]+(#[\w-]+)?$/,
|
|
4137
|
+
"control must be a document ID reference (e.g. SRS-DOC-001, SDP-001#4-2-stage-gates), not prose"
|
|
4138
|
+
),
|
|
4129
4139
|
iso_category: IsoCategorySchema2,
|
|
4130
4140
|
reduces: ReducesTargetSchema2
|
|
4131
4141
|
});
|
package/dist/index.js
CHANGED
|
@@ -1077,7 +1077,10 @@ var RiskGapCodeSchema = z.enum([
|
|
|
1077
1077
|
]);
|
|
1078
1078
|
var RiskGapSeveritySchema = z.enum(["error", "warning"]);
|
|
1079
1079
|
var MitigationSchema = z.object({
|
|
1080
|
-
control: z.string().min(1)
|
|
1080
|
+
control: z.string().min(1).regex(
|
|
1081
|
+
/^[A-Z][A-Z0-9-]+(#[\w-]+)?$/,
|
|
1082
|
+
"control must be a document ID reference (e.g. SRS-DOC-001, SDP-001#4-2-stage-gates), not prose"
|
|
1083
|
+
),
|
|
1081
1084
|
iso_category: IsoCategorySchema,
|
|
1082
1085
|
reduces: ReducesTargetSchema
|
|
1083
1086
|
});
|
|
@@ -1737,6 +1740,10 @@ function detectArchitectureNoParent(documents) {
|
|
|
1737
1740
|
function isApprovedOrEffective(doc) {
|
|
1738
1741
|
return doc.status === "approved" || doc.status === "effective";
|
|
1739
1742
|
}
|
|
1743
|
+
function extractDocumentId(ref) {
|
|
1744
|
+
const hashIndex = ref.indexOf("#");
|
|
1745
|
+
return hashIndex === -1 ? ref : ref.slice(0, hashIndex);
|
|
1746
|
+
}
|
|
1740
1747
|
function buildGap(doc, code, severity, message) {
|
|
1741
1748
|
return {
|
|
1742
1749
|
code,
|
|
@@ -1891,7 +1898,7 @@ function detectRiskControlNoVerification(documents, links) {
|
|
|
1891
1898
|
}
|
|
1892
1899
|
}
|
|
1893
1900
|
for (const control of controls) {
|
|
1894
|
-
if (!verifiedDocIds.has(control)) {
|
|
1901
|
+
if (!verifiedDocIds.has(extractDocumentId(control))) {
|
|
1895
1902
|
gaps.push(
|
|
1896
1903
|
buildGap(
|
|
1897
1904
|
doc,
|
|
@@ -1944,7 +1951,7 @@ function collectAllHarms(doc) {
|
|
|
1944
1951
|
function detectMitigationGaps(doc, docById, mitigations) {
|
|
1945
1952
|
const gaps = [];
|
|
1946
1953
|
for (const mitigation of mitigations) {
|
|
1947
|
-
const controlDoc = docById.get(mitigation.control);
|
|
1954
|
+
const controlDoc = docById.get(extractDocumentId(mitigation.control));
|
|
1948
1955
|
if (!controlDoc) {
|
|
1949
1956
|
gaps.push(
|
|
1950
1957
|
buildGap(
|