@panguard-ai/threat-cloud 1.4.1 → 1.5.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/dist/admin-dashboard.js +5 -5
- package/dist/audit-logger.d.ts +1 -1
- package/dist/audit-logger.d.ts.map +1 -1
- package/dist/audit-logger.js.map +1 -1
- package/dist/badge-api.d.ts +58 -0
- package/dist/badge-api.d.ts.map +1 -0
- package/dist/badge-api.js +248 -0
- package/dist/badge-api.js.map +1 -0
- package/dist/cli.js +1 -1
- package/dist/cli.js.map +1 -1
- package/dist/database.d.ts +254 -2
- package/dist/database.d.ts.map +1 -1
- package/dist/database.js +769 -72
- package/dist/database.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/llm-reviewer-tools.d.ts +110 -0
- package/dist/llm-reviewer-tools.d.ts.map +1 -0
- package/dist/llm-reviewer-tools.js +446 -0
- package/dist/llm-reviewer-tools.js.map +1 -0
- package/dist/llm-reviewer.d.ts +54 -0
- package/dist/llm-reviewer.d.ts.map +1 -1
- package/dist/llm-reviewer.js +708 -64
- package/dist/llm-reviewer.js.map +1 -1
- package/dist/migrations.d.ts.map +1 -1
- package/dist/migrations.js +215 -0
- package/dist/migrations.js.map +1 -1
- package/dist/migrator-crystallization.d.ts +80 -0
- package/dist/migrator-crystallization.d.ts.map +1 -0
- package/dist/migrator-crystallization.js +108 -0
- package/dist/migrator-crystallization.js.map +1 -0
- package/dist/server.d.ts +75 -2
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +1249 -130
- package/dist/server.js.map +1 -1
- package/dist/types.d.ts +33 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +15 -12
package/LICENSE
ADDED
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
MIT License
|
|
2
|
+
|
|
3
|
+
Copyright (c) 2025-2026 Panguard AI Team
|
|
4
|
+
|
|
5
|
+
Permission is hereby granted, free of charge, to any person obtaining a copy
|
|
6
|
+
of this software and associated documentation files (the "Software"), to deal
|
|
7
|
+
in the Software without restriction, including without limitation the rights
|
|
8
|
+
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
|
9
|
+
copies of the Software, and to permit persons to whom the Software is
|
|
10
|
+
furnished to do so, subject to the following conditions:
|
|
11
|
+
|
|
12
|
+
The above copyright notice and this permission notice shall be included in all
|
|
13
|
+
copies or substantial portions of the Software.
|
|
14
|
+
|
|
15
|
+
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
|
16
|
+
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
|
17
|
+
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
|
18
|
+
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
|
19
|
+
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
|
20
|
+
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
|
21
|
+
SOFTWARE.
|
package/dist/admin-dashboard.js
CHANGED
|
@@ -466,14 +466,14 @@ function renderProposals(){
|
|
|
466
466
|
proposals.forEach(function(p,idx){
|
|
467
467
|
const status=p.status||p.llm_verdict||'pending';
|
|
468
468
|
const cls=status==='approved'?'low':status==='rejected'?'critical':'medium';
|
|
469
|
-
html+='<tr style="cursor:pointer" onclick="var el=document.getElementById(
|
|
469
|
+
html+='<tr style="cursor:pointer" onclick="var el=document.getElementById(\\'proposal-detail-'+idx+'\\');el.style.display=el.style.display===\\'none\\'?\\'table-row\\':\\'none\\'">';
|
|
470
470
|
html+='<td title="'+h(p.pattern_hash)+'">'+h((p.pattern_hash||'').slice(0,16))+'...</td>';
|
|
471
471
|
html+='<td>'+badge(status,cls)+'</td>';
|
|
472
472
|
html+='<td>'+num(p.confirmation_count||0)+'</td>';
|
|
473
473
|
html+='<td>'+(p.llm_verdict?badge(p.llm_verdict,p.llm_verdict==='approve'?'low':'critical'):'<span style="color:var(--dim)">pending</span>')+'</td>';
|
|
474
474
|
html+='<td>'+timeAgo(p.created_at)+'</td>';
|
|
475
|
-
html+='<td><button style="padding:4px 10px;background:var(--green);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600;margin-right:4px" onclick="event.stopPropagation();approveProposal(
|
|
476
|
-
html+='<button style="padding:4px 10px;background:var(--red);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600" onclick="event.stopPropagation();rejectProposal(
|
|
475
|
+
html+='<td><button style="padding:4px 10px;background:var(--green);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600;margin-right:4px" onclick="event.stopPropagation();approveProposal(\\''+h(p.pattern_hash)+'\\')">Approve</button>';
|
|
476
|
+
html+='<button style="padding:4px 10px;background:var(--red);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600" onclick="event.stopPropagation();rejectProposal(\\''+h(p.pattern_hash)+'\\')">Reject</button></td>';
|
|
477
477
|
html+='</tr>';
|
|
478
478
|
html+='<tr id="proposal-detail-'+idx+'" style="display:none"><td colspan="6"><pre style="background:var(--bg);padding:12px;border-radius:6px;overflow-x:auto;font-size:12px;white-space:pre-wrap;max-height:300px;overflow-y:auto">'+h(p.rule_content||p.ruleContent||p.pattern||'No rule content available')+'</pre></td></tr>';
|
|
479
479
|
});
|
|
@@ -539,7 +539,7 @@ function renderBlacklist(){
|
|
|
539
539
|
html+='<td>'+num(s.reportCount)+'</td>';
|
|
540
540
|
html+='<td>'+timeAgo(s.firstReported)+'</td>';
|
|
541
541
|
html+='<td>'+timeAgo(s.lastReported)+'</td>';
|
|
542
|
-
html+='<td><button style="padding:4px 10px;background:var(--red);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600" onclick="removeFromBlacklist(
|
|
542
|
+
html+='<td><button style="padding:4px 10px;background:var(--red);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600" onclick="removeFromBlacklist(\\''+h(s.skillHash||s.skill_hash||'')+'\\')">× Remove</button></td></tr>';
|
|
543
543
|
});
|
|
544
544
|
html+='</table>';
|
|
545
545
|
}
|
|
@@ -602,7 +602,7 @@ function renderFeeds(){
|
|
|
602
602
|
html+='<tr><td>'+h(sName)+'</td>';
|
|
603
603
|
html+='<td>'+num(s.report_count||s.reportCount||0)+'</td>';
|
|
604
604
|
html+='<td title="'+h(s.fingerprint_hash||'')+'">'+h((s.fingerprint_hash||'-').slice(0,16))+'</td>';
|
|
605
|
-
html+='<td><button style="padding:4px 10px;background:var(--red);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600" onclick="removeFromWhitelist(
|
|
605
|
+
html+='<td><button style="padding:4px 10px;background:var(--red);color:var(--bg);border:none;border-radius:4px;cursor:pointer;font-size:12px;font-weight:600" onclick="removeFromWhitelist(\\''+h(sName)+'\\')">× Remove</button></td></tr>';
|
|
606
606
|
});
|
|
607
607
|
html+='</table>';
|
|
608
608
|
}
|
package/dist/audit-logger.d.ts
CHANGED
|
@@ -9,7 +9,7 @@
|
|
|
9
9
|
*/
|
|
10
10
|
import type Database from 'better-sqlite3';
|
|
11
11
|
/** Valid audit action types / 有效的審計動作類型 */
|
|
12
|
-
export type AuditAction = 'rule.create' | 'rule.delete' | 'proposal.approve' | 'proposal.reject' | 'threat.submit' | 'skill_threat.submit' | 'scan_event.submit' | 'admin.login';
|
|
12
|
+
export type AuditAction = 'rule.create' | 'rule.sync' | 'rule.delete' | 'rule.bulk-delete' | 'proposal.approve' | 'proposal.reject' | 'threat.submit' | 'skill_threat.submit' | 'scan_event.submit' | 'admin.login' | 'client_key.register' | 'client_key.revoke' | 'partner_key.issue';
|
|
13
13
|
/** An entry from the audit_log table / audit_log 資料表的條目 */
|
|
14
14
|
export interface AuditLogEntry {
|
|
15
15
|
id: number;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-logger.d.ts","sourceRoot":"","sources":["../src/audit-logger.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,2CAA2C;AAC3C,MAAM,MAAM,WAAW,GACnB,aAAa,GACb,aAAa,GACb,kBAAkB,GAClB,iBAAiB,GACjB,eAAe,GACf,qBAAqB,GACrB,mBAAmB,GACnB,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"audit-logger.d.ts","sourceRoot":"","sources":["../src/audit-logger.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAE3C,2CAA2C;AAC3C,MAAM,MAAM,WAAW,GACnB,aAAa,GACb,WAAW,GACX,aAAa,GACb,kBAAkB,GAClB,kBAAkB,GAClB,iBAAiB,GACjB,eAAe,GACf,qBAAqB,GACrB,mBAAmB,GACnB,aAAa,GACb,qBAAqB,GACrB,mBAAmB,GACnB,mBAAmB,CAAC;AAExB,2DAA2D;AAC3D,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;IAC1B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,IAAI,CAAC;IACxC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAcD;;;;;;;GAOG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAoB;gBAE3B,EAAE,EAAE,QAAQ,CAAC,QAAQ;IAIjC;;;;;;;;;;OAUG;IACH,SAAS,CACP,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,WAAW,EACnB,YAAY,EAAE,MAAM,EACpB,UAAU,CAAC,EAAE,MAAM,EACnB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACjC,SAAS,CAAC,EAAE,MAAM,GACjB,IAAI;IAaP;;;;;;;OAOG;IACH,WAAW,CAAC,KAAK,GAAE,MAAY,EAAE,MAAM,GAAE,MAAU,GAAG,aAAa,EAAE;IAwBrE;;;OAGG;IACH,gBAAgB,IAAI,MAAM;CAO3B"}
|
package/dist/audit-logger.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit-logger.js","sourceRoot":"","sources":["../src/audit-logger.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;
|
|
1
|
+
{"version":3,"file":"audit-logger.js","sourceRoot":"","sources":["../src/audit-logger.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AA4CH;;;;;;;GAOG;AACH,MAAM,OAAO,WAAW;IACL,EAAE,CAAoB;IAEvC,YAAY,EAAqB;QAC/B,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC;IACf,CAAC;IAED;;;;;;;;;;OAUG;IACH,SAAS,CACP,KAAa,EACb,MAAmB,EACnB,YAAoB,EACpB,UAAmB,EACnB,OAAiC,EACjC,SAAkB;QAElB,MAAM,WAAW,GAAG,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;QAE3E,IAAI,CAAC,EAAE;aACJ,OAAO,CACN;;;OAGD,CACA;aACA,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,IAAI,IAAI,EAAE,WAAW,EAAE,SAAS,IAAI,IAAI,CAAC,CAAC;IAC1F,CAAC;IAED;;;;;;;OAOG;IACH,WAAW,CAAC,QAAgB,GAAG,EAAE,SAAiB,CAAC;QACjD,MAAM,IAAI,GAAG,IAAI,CAAC,EAAE;aACjB,OAAO,CACN;;;;;OAKD,CACA;aACA,GAAG,CAAC,KAAK,EAAE,MAAM,CAAkB,CAAC;QAEvC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,YAAY,EAAE,GAAG,CAAC,aAAa;YAC/B,UAAU,EAAE,GAAG,CAAC,WAAW;YAC3B,OAAO,EAAE,GAAG,CAAC,OAAO,KAAK,IAAI,CAAC,CAAC,CAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAA6B,CAAC,CAAC,CAAC,IAAI;YAC3F,SAAS,EAAE,GAAG,CAAC,UAAU;SAC1B,CAAC,CAAC,CAAC;IACN,CAAC;IAED;;;OAGG;IACH,gBAAgB;QACd,OACE,IAAI,CAAC,EAAE,CAAC,OAAO,CAAC,yCAAyC,CAAC,CAAC,GAAG,EAG/D,CAAC,KAAK,CAAC;IACV,CAAC;CACF"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ATR Scanned Badge API
|
|
3
|
+
* Generates shields.io-style SVG badges for AI skills scanned by ATR.
|
|
4
|
+
*
|
|
5
|
+
* Endpoints:
|
|
6
|
+
* - GET /api/badge/:author/:skillName - SVG badge for a specific skill
|
|
7
|
+
* - GET /api/badge/stats - JSON summary statistics
|
|
8
|
+
*
|
|
9
|
+
* @module @panguard-ai/threat-cloud/badge-api
|
|
10
|
+
*/
|
|
11
|
+
import type { ServerResponse } from 'node:http';
|
|
12
|
+
/** Severity level for a scanned skill */
|
|
13
|
+
type BadgeLevel = 'clean' | 'issues' | 'critical' | 'not-scanned';
|
|
14
|
+
/** Parsed row from the ecosystem-report CSV */
|
|
15
|
+
interface ScanRecord {
|
|
16
|
+
readonly author: string;
|
|
17
|
+
readonly skillName: string;
|
|
18
|
+
readonly riskLevel: string;
|
|
19
|
+
readonly topFindingSeverity: string;
|
|
20
|
+
}
|
|
21
|
+
/** Badge stats returned by /api/badge/stats */
|
|
22
|
+
interface BadgeStats {
|
|
23
|
+
readonly totalSkills: number;
|
|
24
|
+
readonly uniqueAuthors: number;
|
|
25
|
+
readonly clean: number;
|
|
26
|
+
readonly issues: number;
|
|
27
|
+
readonly critical: number;
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* Estimate text width using approximate character widths for Verdana 11px.
|
|
31
|
+
* This avoids external font measurement dependencies.
|
|
32
|
+
*/
|
|
33
|
+
declare function estimateTextWidth(text: string): number;
|
|
34
|
+
/** Generate a flat-style SVG badge */
|
|
35
|
+
declare function generateBadgeSvg(level: BadgeLevel): string;
|
|
36
|
+
/** Parse a single CSV line respecting quoted fields */
|
|
37
|
+
declare function parseCsvLine(line: string): readonly string[];
|
|
38
|
+
/**
|
|
39
|
+
* Parse the ecosystem-report CSV into a lookup map.
|
|
40
|
+
* Key: "author/skillName" (lowercased), Value: ScanRecord.
|
|
41
|
+
* Deduplicates rows by keeping the one with the highest severity.
|
|
42
|
+
*/
|
|
43
|
+
declare function parseCsv(csvContent: string): ReadonlyMap<string, ScanRecord>;
|
|
44
|
+
export interface BadgeRouter {
|
|
45
|
+
/**
|
|
46
|
+
* Handle an incoming request for badge endpoints.
|
|
47
|
+
* Returns true if the request was handled, false if the path did not match.
|
|
48
|
+
*/
|
|
49
|
+
handleRequest(pathname: string, method: string, res: ServerResponse): boolean;
|
|
50
|
+
}
|
|
51
|
+
/**
|
|
52
|
+
* Create a badge router that reads scan data from the given CSV path.
|
|
53
|
+
* The CSV is loaded lazily on first request and cached in memory.
|
|
54
|
+
*/
|
|
55
|
+
export declare function createBadgeRouter(csvPath: string): BadgeRouter;
|
|
56
|
+
export { generateBadgeSvg, parseCsv, parseCsvLine, estimateTextWidth };
|
|
57
|
+
export type { BadgeLevel, ScanRecord, BadgeStats };
|
|
58
|
+
//# sourceMappingURL=badge-api.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"badge-api.d.ts","sourceRoot":"","sources":["../src/badge-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAMhD,yCAAyC;AACzC,KAAK,UAAU,GAAG,OAAO,GAAG,QAAQ,GAAG,UAAU,GAAG,aAAa,CAAC;AAElE,+CAA+C;AAC/C,UAAU,UAAU;IAClB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,kBAAkB,EAAE,MAAM,CAAC;CACrC;AAED,+CAA+C;AAC/C,UAAU,UAAU;IAClB,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC;IAC7B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;CAC3B;AAeD;;;GAGG;AACH,iBAAS,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAe/C;AAED,sCAAsC;AACtC,iBAAS,gBAAgB,CAAC,KAAK,EAAE,UAAU,GAAG,MAAM,CA2BnD;AAMD,uDAAuD;AACvD,iBAAS,YAAY,CAAC,IAAI,EAAE,MAAM,GAAG,SAAS,MAAM,EAAE,CAkBrD;AAED;;;;GAIG;AACH,iBAAS,QAAQ,CAAC,UAAU,EAAE,MAAM,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,CAAC,CAsCrE;AAMD,MAAM,WAAW,WAAW;IAC1B;;;OAGG;IACH,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,cAAc,GAAG,OAAO,CAAC;CAC/E;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,GAAG,WAAW,CAwH9D;AAGD,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,YAAY,EAAE,iBAAiB,EAAE,CAAC;AACvE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC"}
|
|
@@ -0,0 +1,248 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* ATR Scanned Badge API
|
|
3
|
+
* Generates shields.io-style SVG badges for AI skills scanned by ATR.
|
|
4
|
+
*
|
|
5
|
+
* Endpoints:
|
|
6
|
+
* - GET /api/badge/:author/:skillName - SVG badge for a specific skill
|
|
7
|
+
* - GET /api/badge/stats - JSON summary statistics
|
|
8
|
+
*
|
|
9
|
+
* @module @panguard-ai/threat-cloud/badge-api
|
|
10
|
+
*/
|
|
11
|
+
import { readFileSync } from 'node:fs';
|
|
12
|
+
// ---------------------------------------------------------------------------
|
|
13
|
+
// SVG generation
|
|
14
|
+
// ---------------------------------------------------------------------------
|
|
15
|
+
const BADGE_CONFIG = {
|
|
16
|
+
clean: { label: 'No Issues', color: '#4c1' },
|
|
17
|
+
issues: { label: 'Issues Found', color: '#dfb317' },
|
|
18
|
+
critical: { label: 'CRITICAL', color: '#e05d44' },
|
|
19
|
+
'not-scanned': { label: 'Not Yet Scanned', color: '#9f9f9f' },
|
|
20
|
+
};
|
|
21
|
+
const BADGE_PREFIX = 'ATR Scanned';
|
|
22
|
+
/**
|
|
23
|
+
* Estimate text width using approximate character widths for Verdana 11px.
|
|
24
|
+
* This avoids external font measurement dependencies.
|
|
25
|
+
*/
|
|
26
|
+
function estimateTextWidth(text) {
|
|
27
|
+
// Average character widths for Verdana ~11px (simplified)
|
|
28
|
+
let width = 0;
|
|
29
|
+
for (const ch of text) {
|
|
30
|
+
if (ch === ' ') {
|
|
31
|
+
width += 3.4;
|
|
32
|
+
}
|
|
33
|
+
else if (ch >= 'A' && ch <= 'Z') {
|
|
34
|
+
width += 7.5;
|
|
35
|
+
}
|
|
36
|
+
else if (ch >= 'a' && ch <= 'z') {
|
|
37
|
+
width += 6.2;
|
|
38
|
+
}
|
|
39
|
+
else {
|
|
40
|
+
width += 6.5;
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
return width;
|
|
44
|
+
}
|
|
45
|
+
/** Generate a flat-style SVG badge */
|
|
46
|
+
function generateBadgeSvg(level) {
|
|
47
|
+
const { label, color } = BADGE_CONFIG[level];
|
|
48
|
+
const prefixWidth = Math.round(estimateTextWidth(BADGE_PREFIX)) + 12;
|
|
49
|
+
const labelWidth = Math.round(estimateTextWidth(label)) + 12;
|
|
50
|
+
const totalWidth = prefixWidth + labelWidth;
|
|
51
|
+
return [
|
|
52
|
+
`<svg xmlns="http://www.w3.org/2000/svg" width="${totalWidth}" height="20" role="img" aria-label="${BADGE_PREFIX}: ${label}">`,
|
|
53
|
+
' <title>' + BADGE_PREFIX + ': ' + label + '</title>',
|
|
54
|
+
' <linearGradient id="s" x2="0" y2="100%">',
|
|
55
|
+
' <stop offset="0" stop-color="#bbb" stop-opacity=".1"/>',
|
|
56
|
+
' <stop offset="1" stop-opacity=".1"/>',
|
|
57
|
+
' </linearGradient>',
|
|
58
|
+
` <clipPath id="r"><rect width="${totalWidth}" height="20" rx="3" fill="#fff"/></clipPath>`,
|
|
59
|
+
' <g clip-path="url(#r)">',
|
|
60
|
+
` <rect width="${prefixWidth}" height="20" fill="#555"/>`,
|
|
61
|
+
` <rect x="${prefixWidth}" width="${labelWidth}" height="20" fill="${color}"/>`,
|
|
62
|
+
` <rect width="${totalWidth}" height="20" fill="url(#s)"/>`,
|
|
63
|
+
' </g>',
|
|
64
|
+
' <g fill="#fff" text-anchor="middle" font-family="Verdana,Geneva,DejaVu Sans,sans-serif" text-rendering="geometricPrecision" font-size="11">',
|
|
65
|
+
` <text aria-hidden="true" x="${prefixWidth / 2}" y="15" fill="#010101" fill-opacity=".3">${BADGE_PREFIX}</text>`,
|
|
66
|
+
` <text x="${prefixWidth / 2}" y="14">${BADGE_PREFIX}</text>`,
|
|
67
|
+
` <text aria-hidden="true" x="${prefixWidth + labelWidth / 2}" y="15" fill="#010101" fill-opacity=".3">${label}</text>`,
|
|
68
|
+
` <text x="${prefixWidth + labelWidth / 2}" y="14">${label}</text>`,
|
|
69
|
+
' </g>',
|
|
70
|
+
'</svg>',
|
|
71
|
+
].join('\n');
|
|
72
|
+
}
|
|
73
|
+
// ---------------------------------------------------------------------------
|
|
74
|
+
// CSV parsing
|
|
75
|
+
// ---------------------------------------------------------------------------
|
|
76
|
+
/** Parse a single CSV line respecting quoted fields */
|
|
77
|
+
function parseCsvLine(line) {
|
|
78
|
+
const fields = [];
|
|
79
|
+
let current = '';
|
|
80
|
+
let inQuotes = false;
|
|
81
|
+
for (let i = 0; i < line.length; i++) {
|
|
82
|
+
const ch = line[i];
|
|
83
|
+
if (ch === '"') {
|
|
84
|
+
inQuotes = !inQuotes;
|
|
85
|
+
}
|
|
86
|
+
else if (ch === ',' && !inQuotes) {
|
|
87
|
+
fields.push(current);
|
|
88
|
+
current = '';
|
|
89
|
+
}
|
|
90
|
+
else {
|
|
91
|
+
current += ch;
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
fields.push(current);
|
|
95
|
+
return fields;
|
|
96
|
+
}
|
|
97
|
+
/**
|
|
98
|
+
* Parse the ecosystem-report CSV into a lookup map.
|
|
99
|
+
* Key: "author/skillName" (lowercased), Value: ScanRecord.
|
|
100
|
+
* Deduplicates rows by keeping the one with the highest severity.
|
|
101
|
+
*/
|
|
102
|
+
function parseCsv(csvContent) {
|
|
103
|
+
const lines = csvContent.split('\n').filter((l) => l.trim().length > 0);
|
|
104
|
+
if (lines.length < 2)
|
|
105
|
+
return new Map();
|
|
106
|
+
const severityRank = {
|
|
107
|
+
critical: 4,
|
|
108
|
+
high: 3,
|
|
109
|
+
medium: 2,
|
|
110
|
+
low: 1,
|
|
111
|
+
info: 0,
|
|
112
|
+
};
|
|
113
|
+
const result = new Map();
|
|
114
|
+
for (let i = 1; i < lines.length; i++) {
|
|
115
|
+
const fields = parseCsvLine(lines[i]);
|
|
116
|
+
if (fields.length < 7)
|
|
117
|
+
continue;
|
|
118
|
+
const author = (fields[0] ?? '').trim().toLowerCase();
|
|
119
|
+
const skillName = (fields[1] ?? '').trim().toLowerCase();
|
|
120
|
+
const riskLevel = (fields[4] ?? '').trim().toUpperCase();
|
|
121
|
+
const topFindingSeverity = (fields[6] ?? '').trim().toLowerCase();
|
|
122
|
+
if (!author || !skillName)
|
|
123
|
+
continue;
|
|
124
|
+
const key = `${author}/${skillName}`;
|
|
125
|
+
const existing = result.get(key);
|
|
126
|
+
// Keep the row with the highest severity
|
|
127
|
+
const existingRank = existing ? (severityRank[existing.topFindingSeverity] ?? 0) : -1;
|
|
128
|
+
const newRank = severityRank[topFindingSeverity] ?? 0;
|
|
129
|
+
if (newRank > existingRank) {
|
|
130
|
+
result.set(key, { author, skillName, riskLevel, topFindingSeverity });
|
|
131
|
+
}
|
|
132
|
+
}
|
|
133
|
+
return result;
|
|
134
|
+
}
|
|
135
|
+
/**
|
|
136
|
+
* Create a badge router that reads scan data from the given CSV path.
|
|
137
|
+
* The CSV is loaded lazily on first request and cached in memory.
|
|
138
|
+
*/
|
|
139
|
+
export function createBadgeRouter(csvPath) {
|
|
140
|
+
let scanData = null;
|
|
141
|
+
let loadError = null;
|
|
142
|
+
function ensureLoaded() {
|
|
143
|
+
if (scanData !== null)
|
|
144
|
+
return scanData;
|
|
145
|
+
try {
|
|
146
|
+
const content = readFileSync(csvPath, 'utf-8');
|
|
147
|
+
scanData = parseCsv(content);
|
|
148
|
+
loadError = null;
|
|
149
|
+
}
|
|
150
|
+
catch (err) {
|
|
151
|
+
loadError = err instanceof Error ? err.message : String(err);
|
|
152
|
+
scanData = new Map();
|
|
153
|
+
}
|
|
154
|
+
return scanData;
|
|
155
|
+
}
|
|
156
|
+
function determineBadgeLevel(record) {
|
|
157
|
+
const severity = record.topFindingSeverity;
|
|
158
|
+
const riskLevel = record.riskLevel;
|
|
159
|
+
if (severity === 'critical' || riskLevel === 'CRITICAL') {
|
|
160
|
+
return 'critical';
|
|
161
|
+
}
|
|
162
|
+
if (severity === 'high' || riskLevel === 'HIGH') {
|
|
163
|
+
return 'issues';
|
|
164
|
+
}
|
|
165
|
+
return 'clean';
|
|
166
|
+
}
|
|
167
|
+
function computeStats(data) {
|
|
168
|
+
const authors = new Set();
|
|
169
|
+
let clean = 0;
|
|
170
|
+
let issues = 0;
|
|
171
|
+
let critical = 0;
|
|
172
|
+
for (const record of data.values()) {
|
|
173
|
+
authors.add(record.author);
|
|
174
|
+
const level = determineBadgeLevel(record);
|
|
175
|
+
if (level === 'clean')
|
|
176
|
+
clean++;
|
|
177
|
+
else if (level === 'issues')
|
|
178
|
+
issues++;
|
|
179
|
+
else if (level === 'critical')
|
|
180
|
+
critical++;
|
|
181
|
+
}
|
|
182
|
+
return {
|
|
183
|
+
totalSkills: data.size,
|
|
184
|
+
uniqueAuthors: authors.size,
|
|
185
|
+
clean,
|
|
186
|
+
issues,
|
|
187
|
+
critical,
|
|
188
|
+
};
|
|
189
|
+
}
|
|
190
|
+
function sendSvg(res, svg) {
|
|
191
|
+
res.setHeader('Content-Type', 'image/svg+xml');
|
|
192
|
+
res.setHeader('Cache-Control', 'public, max-age=3600, s-maxage=3600');
|
|
193
|
+
res.setHeader('X-Content-Type-Options', 'nosniff');
|
|
194
|
+
res.writeHead(200);
|
|
195
|
+
res.end(svg);
|
|
196
|
+
}
|
|
197
|
+
function sendJson(res, status, data) {
|
|
198
|
+
res.setHeader('Content-Type', 'application/json');
|
|
199
|
+
res.setHeader('Cache-Control', 'public, max-age=3600, s-maxage=3600');
|
|
200
|
+
res.writeHead(status);
|
|
201
|
+
res.end(JSON.stringify(data));
|
|
202
|
+
}
|
|
203
|
+
const BADGE_PREFIX_PATH = '/api/badge/';
|
|
204
|
+
return {
|
|
205
|
+
handleRequest(pathname, method, res) {
|
|
206
|
+
if (!pathname.startsWith(BADGE_PREFIX_PATH))
|
|
207
|
+
return false;
|
|
208
|
+
if (method !== 'GET') {
|
|
209
|
+
sendJson(res, 405, { ok: false, error: 'Method not allowed' });
|
|
210
|
+
return true;
|
|
211
|
+
}
|
|
212
|
+
const subPath = pathname.slice(BADGE_PREFIX_PATH.length);
|
|
213
|
+
// Stats endpoint
|
|
214
|
+
if (subPath === 'stats') {
|
|
215
|
+
const data = ensureLoaded();
|
|
216
|
+
const stats = computeStats(data);
|
|
217
|
+
sendJson(res, 200, {
|
|
218
|
+
ok: true,
|
|
219
|
+
data: {
|
|
220
|
+
...stats,
|
|
221
|
+
...(loadError ? { warning: `CSV load error: ${loadError}` } : {}),
|
|
222
|
+
},
|
|
223
|
+
});
|
|
224
|
+
return true;
|
|
225
|
+
}
|
|
226
|
+
// Badge endpoint: /api/badge/:author/:skillName
|
|
227
|
+
const parts = subPath.split('/');
|
|
228
|
+
if (parts.length !== 2 || !parts[0] || !parts[1]) {
|
|
229
|
+
sendJson(res, 400, {
|
|
230
|
+
ok: false,
|
|
231
|
+
error: 'Invalid badge path. Use /api/badge/:author/:skillName',
|
|
232
|
+
});
|
|
233
|
+
return true;
|
|
234
|
+
}
|
|
235
|
+
const author = decodeURIComponent(parts[0]).toLowerCase();
|
|
236
|
+
const skillName = decodeURIComponent(parts[1]).toLowerCase();
|
|
237
|
+
const data = ensureLoaded();
|
|
238
|
+
const key = `${author}/${skillName}`;
|
|
239
|
+
const record = data.get(key);
|
|
240
|
+
const level = record ? determineBadgeLevel(record) : 'not-scanned';
|
|
241
|
+
sendSvg(res, generateBadgeSvg(level));
|
|
242
|
+
return true;
|
|
243
|
+
},
|
|
244
|
+
};
|
|
245
|
+
}
|
|
246
|
+
// Exported for testing
|
|
247
|
+
export { generateBadgeSvg, parseCsv, parseCsvLine, estimateTextWidth };
|
|
248
|
+
//# sourceMappingURL=badge-api.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"badge-api.js","sourceRoot":"","sources":["../src/badge-api.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AA2BvC,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,MAAM,YAAY,GAAyD;IACzE,KAAK,EAAE,EAAE,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,MAAM,EAAE;IAC5C,MAAM,EAAE,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,SAAS,EAAE;IACnD,QAAQ,EAAE,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE;IACjD,aAAa,EAAE,EAAE,KAAK,EAAE,iBAAiB,EAAE,KAAK,EAAE,SAAS,EAAE;CACrD,CAAC;AAEX,MAAM,YAAY,GAAG,aAAa,CAAC;AAEnC;;;GAGG;AACH,SAAS,iBAAiB,CAAC,IAAY;IACrC,0DAA0D;IAC1D,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,EAAE,IAAI,IAAI,EAAE,CAAC;QACtB,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,KAAK,IAAI,GAAG,CAAC;QACf,CAAC;aAAM,IAAI,EAAE,IAAI,GAAG,IAAI,EAAE,IAAI,GAAG,EAAE,CAAC;YAClC,KAAK,IAAI,GAAG,CAAC;QACf,CAAC;aAAM,IAAI,EAAE,IAAI,GAAG,IAAI,EAAE,IAAI,GAAG,EAAE,CAAC;YAClC,KAAK,IAAI,GAAG,CAAC;QACf,CAAC;aAAM,CAAC;YACN,KAAK,IAAI,GAAG,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,sCAAsC;AACtC,SAAS,gBAAgB,CAAC,KAAiB;IACzC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,YAAY,CAAC,CAAC,GAAG,EAAE,CAAC;IACrE,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,iBAAiB,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC;IAC7D,MAAM,UAAU,GAAG,WAAW,GAAG,UAAU,CAAC;IAE5C,OAAO;QACL,kDAAkD,UAAU,wCAAwC,YAAY,KAAK,KAAK,IAAI;QAC9H,WAAW,GAAG,YAAY,GAAG,IAAI,GAAG,KAAK,GAAG,UAAU;QACtD,4CAA4C;QAC5C,4DAA4D;QAC5D,0CAA0C;QAC1C,qBAAqB;QACrB,mCAAmC,UAAU,+CAA+C;QAC5F,2BAA2B;QAC3B,oBAAoB,WAAW,6BAA6B;QAC5D,gBAAgB,WAAW,YAAY,UAAU,uBAAuB,KAAK,KAAK;QAClF,oBAAoB,UAAU,gCAAgC;QAC9D,QAAQ;QACR,+IAA+I;QAC/I,mCAAmC,WAAW,GAAG,CAAC,6CAA6C,YAAY,SAAS;QACpH,gBAAgB,WAAW,GAAG,CAAC,YAAY,YAAY,SAAS;QAChE,mCAAmC,WAAW,GAAG,UAAU,GAAG,CAAC,6CAA6C,KAAK,SAAS;QAC1H,gBAAgB,WAAW,GAAG,UAAU,GAAG,CAAC,YAAY,KAAK,SAAS;QACtE,QAAQ;QACR,QAAQ;KACT,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,8EAA8E;AAC9E,cAAc;AACd,8EAA8E;AAE9E,uDAAuD;AACvD,SAAS,YAAY,CAAC,IAAY;IAChC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,EAAE,GAAG,IAAI,CAAC,CAAC,CAAE,CAAC;QACpB,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,QAAQ,GAAG,CAAC,QAAQ,CAAC;QACvB,CAAC;aAAM,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrB,OAAO,GAAG,EAAE,CAAC;QACf,CAAC;aAAM,CAAC;YACN,OAAO,IAAI,EAAE,CAAC;QAChB,CAAC;IACH,CAAC;IACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACrB,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,SAAS,QAAQ,CAAC,UAAkB;IAClC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IACxE,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,GAAG,EAAE,CAAC;IAEvC,MAAM,YAAY,GAA2B;QAC3C,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAsB,CAAC;IAE7C,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC,CAAE,CAAC,CAAC;QACvC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC;YAAE,SAAS;QAEhC,MAAM,MAAM,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACtD,MAAM,SAAS,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACzD,MAAM,SAAS,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QACzD,MAAM,kBAAkB,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAElE,IAAI,CAAC,MAAM,IAAI,CAAC,SAAS;YAAE,SAAS;QAEpC,MAAM,GAAG,GAAG,GAAG,MAAM,IAAI,SAAS,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEjC,yCAAyC;QACzC,MAAM,YAAY,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACtF,MAAM,OAAO,GAAG,YAAY,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC;QAEtD,IAAI,OAAO,GAAG,YAAY,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,SAAS,EAAE,SAAS,EAAE,kBAAkB,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAcD;;;GAGG;AACH,MAAM,UAAU,iBAAiB,CAAC,OAAe;IAC/C,IAAI,QAAQ,GAA2C,IAAI,CAAC;IAC5D,IAAI,SAAS,GAAkB,IAAI,CAAC;IAEpC,SAAS,YAAY;QACnB,IAAI,QAAQ,KAAK,IAAI;YAAE,OAAO,QAAQ,CAAC;QAEvC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAC/C,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;YAC7B,SAAS,GAAG,IAAI,CAAC;QACnB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,SAAS,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,QAAQ,GAAG,IAAI,GAAG,EAAE,CAAC;QACvB,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,SAAS,mBAAmB,CAAC,MAAkB;QAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,kBAAkB,CAAC;QAC3C,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,CAAC;QAEnC,IAAI,QAAQ,KAAK,UAAU,IAAI,SAAS,KAAK,UAAU,EAAE,CAAC;YACxD,OAAO,UAAU,CAAC;QACpB,CAAC;QACD,IAAI,QAAQ,KAAK,MAAM,IAAI,SAAS,KAAK,MAAM,EAAE,CAAC;YAChD,OAAO,QAAQ,CAAC;QAClB,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,SAAS,YAAY,CAAC,IAAqC;QACzD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;QAClC,IAAI,KAAK,GAAG,CAAC,CAAC;QACd,IAAI,MAAM,GAAG,CAAC,CAAC;QACf,IAAI,QAAQ,GAAG,CAAC,CAAC;QAEjB,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YAC3B,MAAM,KAAK,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;YAC1C,IAAI,KAAK,KAAK,OAAO;gBAAE,KAAK,EAAE,CAAC;iBAC1B,IAAI,KAAK,KAAK,QAAQ;gBAAE,MAAM,EAAE,CAAC;iBACjC,IAAI,KAAK,KAAK,UAAU;gBAAE,QAAQ,EAAE,CAAC;QAC5C,CAAC;QAED,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,IAAI;YACtB,aAAa,EAAE,OAAO,CAAC,IAAI;YAC3B,KAAK;YACL,MAAM;YACN,QAAQ;SACT,CAAC;IACJ,CAAC;IAED,SAAS,OAAO,CAAC,GAAmB,EAAE,GAAW;QAC/C,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,eAAe,CAAC,CAAC;QAC/C,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,qCAAqC,CAAC,CAAC;QACtE,GAAG,CAAC,SAAS,CAAC,wBAAwB,EAAE,SAAS,CAAC,CAAC;QACnD,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;QACnB,GAAG,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IAED,SAAS,QAAQ,CAAC,GAAmB,EAAE,MAAc,EAAE,IAAa;QAClE,GAAG,CAAC,SAAS,CAAC,cAAc,EAAE,kBAAkB,CAAC,CAAC;QAClD,GAAG,CAAC,SAAS,CAAC,eAAe,EAAE,qCAAqC,CAAC,CAAC;QACtE,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACtB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;IAChC,CAAC;IAED,MAAM,iBAAiB,GAAG,aAAa,CAAC;IAExC,OAAO;QACL,aAAa,CAAC,QAAgB,EAAE,MAAc,EAAE,GAAmB;YACjE,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,iBAAiB,CAAC;gBAAE,OAAO,KAAK,CAAC;YAE1D,IAAI,MAAM,KAAK,KAAK,EAAE,CAAC;gBACrB,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,oBAAoB,EAAE,CAAC,CAAC;gBAC/D,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAEzD,iBAAiB;YACjB,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;gBACxB,MAAM,IAAI,GAAG,YAAY,EAAE,CAAC;gBAC5B,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;gBACjC,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;oBACjB,EAAE,EAAE,IAAI;oBACR,IAAI,EAAE;wBACJ,GAAG,KAAK;wBACR,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,mBAAmB,SAAS,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;qBAClE;iBACF,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC;YACd,CAAC;YAED,gDAAgD;YAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACjC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACjD,QAAQ,CAAC,GAAG,EAAE,GAAG,EAAE;oBACjB,EAAE,EAAE,KAAK;oBACT,KAAK,EAAE,uDAAuD;iBAC/D,CAAC,CAAC;gBACH,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YAC1D,MAAM,SAAS,GAAG,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YAE7D,MAAM,IAAI,GAAG,YAAY,EAAE,CAAC;YAC5B,MAAM,GAAG,GAAG,GAAG,MAAM,IAAI,SAAS,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YAE7B,MAAM,KAAK,GAAe,MAAM,CAAC,CAAC,CAAC,mBAAmB,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;YAE/E,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;YACtC,OAAO,IAAI,CAAC;QACd,CAAC;KACF,CAAC;AACJ,CAAC;AAED,uBAAuB;AACvB,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,YAAY,EAAE,iBAAiB,EAAE,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -55,7 +55,7 @@ async function main() {
|
|
|
55
55
|
port: args.port ?? Number(process.env['PORT'] ?? '8080'),
|
|
56
56
|
host: args.host ?? process.env['TC_HOST'] ?? process.env['HOST'] ?? '127.0.0.1',
|
|
57
57
|
dbPath: args.dbPath ?? process.env['TC_DB_PATH'] ?? process.env['DB_PATH'] ?? './threat-cloud.db',
|
|
58
|
-
apiKeyRequired: args.apiKeyRequired ??
|
|
58
|
+
apiKeyRequired: args.apiKeyRequired ?? process.env['NODE_ENV'] === 'production',
|
|
59
59
|
apiKeys: args.apiKeys ?? process.env['TC_API_KEYS']?.split(',') ?? [],
|
|
60
60
|
rateLimitPerMinute: Number(process.env['TC_RATE_LIMIT'] ?? '120'),
|
|
61
61
|
anthropicApiKey: args.anthropicApiKey ?? process.env['ANTHROPIC_API_KEY'],
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;GAKG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGhD,SAAS,SAAS,CAAC,IAAc;IAC/B,MAAM,MAAM,GAA0B,EAAE,CAAC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,QAAQ,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YAChB,KAAK,QAAQ;gBACX,MAAM,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;gBAChC,MAAM;YACR,KAAK,QAAQ;gBACX,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBACxB,MAAM;YACR,KAAK,MAAM;gBACT,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC1B,MAAM;YACR,KAAK,WAAW;gBACd,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;gBAC7B,MAAM,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC9C,MAAM;YACR,KAAK,qBAAqB;gBACxB,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBACnC,MAAM;YACR,KAAK,iBAAiB;gBACpB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/B,MAAM;YACR,KAAK,QAAQ;gBACX,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAanB,CAAC,CAAC;gBACK,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,MAAM,MAAM,GAAiB;QAC3B,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC;QACxD,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,WAAW;QAC/E,MAAM,EACJ,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,mBAAmB;QAC3F,cAAc,EAAE,IAAI,CAAC,cAAc,IAAI,KAAK;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;;;;GAKG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,aAAa,CAAC;AAGhD,SAAS,SAAS,CAAC,IAAc;IAC/B,MAAM,MAAM,GAA0B,EAAE,CAAC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,QAAQ,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;YAChB,KAAK,QAAQ;gBACX,MAAM,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;gBAChC,MAAM;YACR,KAAK,QAAQ;gBACX,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBACxB,MAAM;YACR,KAAK,MAAM;gBACT,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC1B,MAAM;YACR,KAAK,WAAW;gBACd,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;gBAC7B,MAAM,CAAC,OAAO,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC9C,MAAM;YACR,KAAK,qBAAqB;gBACxB,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBACnC,MAAM;YACR,KAAK,iBAAiB;gBACpB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;gBAC/B,MAAM;YACR,KAAK,QAAQ;gBACX,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;CAanB,CAAC,CAAC;gBACK,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,MAAM,MAAM,GAAiB;QAC3B,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC;QACxD,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,WAAW;QAC/E,MAAM,EACJ,IAAI,CAAC,MAAM,IAAI,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,mBAAmB;QAC3F,cAAc,EAAE,IAAI,CAAC,cAAc,IAAI,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,YAAY;QAC/E,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,EAAE;QACrE,kBAAkB,EAAE,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC;QACjE,eAAe,EAAE,IAAI,CAAC,eAAe,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;QACzE,WAAW,EAAE,IAAI,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC;KACjE,CAAC;IAEF,MAAM,MAAM,GAAG,IAAI,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAE7C,MAAM,QAAQ,GAAG,KAAK,IAAI,EAAE;QAC1B,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;QACtD,MAAM,MAAM,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC,CAAC;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,EAAE,CAAC,CAAC;IAC5C,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE,CAAC,KAAK,QAAQ,EAAE,CAAC,CAAC;IAE7C,MAAM,MAAM,CAAC,KAAK,EAAE,CAAC;AACvB,CAAC;AAED,KAAK,IAAI,EAAE,CAAC"}
|