@pensar/apex 0.0.111 → 0.0.112

package/build/multipart-parser-r38qdp5v.js

@@ -0,0 +1,350 @@
+import {
+  FormData,
+  file_default,
+  init_esm_min,
+  init_from
+} from "./cli-49cd9yfk.js";
+import {
+  __esm
+} from "./cli-8rxa073f.js";
+
+// node_modules/node-fetch/src/utils/multipart-parser.js
+class MultipartParser {
+  constructor(boundary) {
+    this.index = 0;
+    this.flags = 0;
+    this.onHeaderEnd = noop;
+    this.onHeaderField = noop;
+    this.onHeadersEnd = noop;
+    this.onHeaderValue = noop;
+    this.onPartBegin = noop;
+    this.onPartData = noop;
+    this.onPartEnd = noop;
+    this.boundaryChars = {};
+    boundary = `\r
+--` + boundary;
+    const ui8a = new Uint8Array(boundary.length);
+    for (let i = 0;i < boundary.length; i++) {
+      ui8a[i] = boundary.charCodeAt(i);
+      this.boundaryChars[ui8a[i]] = true;
+    }
+    this.boundary = ui8a;
+    this.lookbehind = new Uint8Array(this.boundary.length + 8);
+    this.state = S.START_BOUNDARY;
+  }
+  write(data) {
+    let i = 0;
+    const length_ = data.length;
+    let previousIndex = this.index;
+    let { lookbehind, boundary, boundaryChars, index, state, flags } = this;
+    const boundaryLength = this.boundary.length;
+    const boundaryEnd = boundaryLength - 1;
+    const bufferLength = data.length;
+    let c;
+    let cl;
+    const mark = (name) => {
+      this[name + "Mark"] = i;
+    };
+    const clear = (name) => {
+      delete this[name + "Mark"];
+    };
+    const callback = (callbackSymbol, start, end, ui8a) => {
+      if (start === undefined || start !== end) {
+        this[callbackSymbol](ui8a && ui8a.subarray(start, end));
+      }
+    };
+    const dataCallback = (name, clear2) => {
+      const markSymbol = name + "Mark";
+      if (!(markSymbol in this)) {
+        return;
+      }
+      if (clear2) {
+        callback(name, this[markSymbol], i, data);
+        delete this[markSymbol];
+      } else {
+        callback(name, this[markSymbol], data.length, data);
+        this[markSymbol] = 0;
+      }
+    };
+    for (i = 0;i < length_; i++) {
+      c = data[i];
+      switch (state) {
+        case S.START_BOUNDARY:
+          if (index === boundary.length - 2) {
+            if (c === HYPHEN) {
+              flags |= F.LAST_BOUNDARY;
+            } else if (c !== CR) {
+              return;
+            }
+            index++;
+            break;
+          } else if (index - 1 === boundary.length - 2) {
+            if (flags & F.LAST_BOUNDARY && c === HYPHEN) {
+              state = S.END;
+              flags = 0;
+            } else if (!(flags & F.LAST_BOUNDARY) && c === LF) {
+              index = 0;
+              callback("onPartBegin");
+              state = S.HEADER_FIELD_START;
+            } else {
+              return;
+            }
+            break;
+          }
+          if (c !== boundary[index + 2]) {
+            index = -2;
+          }
+          if (c === boundary[index + 2]) {
+            index++;
+          }
+          break;
+        case S.HEADER_FIELD_START:
+          state = S.HEADER_FIELD;
+          mark("onHeaderField");
+          index = 0;
+        case S.HEADER_FIELD:
+          if (c === CR) {
+            clear("onHeaderField");
+            state = S.HEADERS_ALMOST_DONE;
+            break;
+          }
+          index++;
+          if (c === HYPHEN) {
+            break;
+          }
+          if (c === COLON) {
+            if (index === 1) {
+              return;
+            }
+            dataCallback("onHeaderField", true);
+            state = S.HEADER_VALUE_START;
+            break;
+          }
+          cl = lower(c);
+          if (cl < A || cl > Z) {
+            return;
+          }
+          break;
+        case S.HEADER_VALUE_START:
+          if (c === SPACE) {
+            break;
+          }
+          mark("onHeaderValue");
+          state = S.HEADER_VALUE;
+        case S.HEADER_VALUE:
+          if (c === CR) {
+            dataCallback("onHeaderValue", true);
+            callback("onHeaderEnd");
+            state = S.HEADER_VALUE_ALMOST_DONE;
+          }
+          break;
+        case S.HEADER_VALUE_ALMOST_DONE:
+          if (c !== LF) {
+            return;
+          }
+          state = S.HEADER_FIELD_START;
+          break;
+        case S.HEADERS_ALMOST_DONE:
+          if (c !== LF) {
+            return;
+          }
+          callback("onHeadersEnd");
+          state = S.PART_DATA_START;
+          break;
+        case S.PART_DATA_START:
+          state = S.PART_DATA;
+          mark("onPartData");
+        case S.PART_DATA:
+          previousIndex = index;
+          if (index === 0) {
+            i += boundaryEnd;
+            while (i < bufferLength && !(data[i] in boundaryChars)) {
+              i += boundaryLength;
+            }
+            i -= boundaryEnd;
+            c = data[i];
+          }
+          if (index < boundary.length) {
+            if (boundary[index] === c) {
+              if (index === 0) {
+                dataCallback("onPartData", true);
+              }
+              index++;
+            } else {
+              index = 0;
+            }
+          } else if (index === boundary.length) {
+            index++;
+            if (c === CR) {
+              flags |= F.PART_BOUNDARY;
+            } else if (c === HYPHEN) {
+              flags |= F.LAST_BOUNDARY;
+            } else {
+              index = 0;
+            }
+          } else if (index - 1 === boundary.length) {
+            if (flags & F.PART_BOUNDARY) {
+              index = 0;
+              if (c === LF) {
+                flags &= ~F.PART_BOUNDARY;
+                callback("onPartEnd");
+                callback("onPartBegin");
+                state = S.HEADER_FIELD_START;
+                break;
+              }
+            } else if (flags & F.LAST_BOUNDARY) {
+              if (c === HYPHEN) {
+                callback("onPartEnd");
+                state = S.END;
+                flags = 0;
+              } else {
+                index = 0;
+              }
+            } else {
+              index = 0;
+            }
+          }
+          if (index > 0) {
+            lookbehind[index - 1] = c;
+          } else if (previousIndex > 0) {
+            const _lookbehind = new Uint8Array(lookbehind.buffer, lookbehind.byteOffset, lookbehind.byteLength);
+            callback("onPartData", 0, previousIndex, _lookbehind);
+            previousIndex = 0;
+            mark("onPartData");
+            i--;
+          }
+          break;
+        case S.END:
+          break;
+        default:
+          throw new Error(`Unexpected state entered: ${state}`);
+      }
+    }
+    dataCallback("onHeaderField");
+    dataCallback("onHeaderValue");
+    dataCallback("onPartData");
+    this.index = index;
+    this.state = state;
+    this.flags = flags;
+  }
+  end() {
+    if (this.state === S.HEADER_FIELD_START && this.index === 0 || this.state === S.PART_DATA && this.index === this.boundary.length) {
+      this.onPartEnd();
+    } else if (this.state !== S.END) {
+      throw new Error("MultipartParser.end(): stream ended unexpectedly");
+    }
+  }
+}
+function _fileName(headerValue) {
+  const m = headerValue.match(/\bfilename=("(.*?)"|([^()<>@,;:\\"/[\]?={}\s\t]+))($|;\s)/i);
+  if (!m) {
+    return;
+  }
+  const match = m[2] || m[3] || "";
+  let filename = match.slice(match.lastIndexOf("\\") + 1);
+  filename = filename.replace(/%22/g, '"');
+  filename = filename.replace(/&#(\d{4});/g, (m2, code) => {
+    return String.fromCharCode(code);
+  });
+  return filename;
+}
+async function toFormData(Body, ct) {
+  if (!/multipart/i.test(ct)) {
+    throw new TypeError("Failed to fetch");
+  }
+  const m = ct.match(/boundary=(?:"([^"]+)"|([^;]+))/i);
+  if (!m) {
+    throw new TypeError("no or bad content-type header, no multipart boundary");
+  }
+  const parser = new MultipartParser(m[1] || m[2]);
+  let headerField;
+  let headerValue;
+  let entryValue;
+  let entryName;
+  let contentType;
+  let filename;
+  const entryChunks = [];
+  const formData = new FormData;
+  const onPartData = (ui8a) => {
+    entryValue += decoder.decode(ui8a, { stream: true });
+  };
+  const appendToFile = (ui8a) => {
+    entryChunks.push(ui8a);
+  };
+  const appendFileToFormData = () => {
+    const file = new file_default(entryChunks, filename, { type: contentType });
+    formData.append(entryName, file);
+  };
+  const appendEntryToFormData = () => {
+    formData.append(entryName, entryValue);
+  };
+  const decoder = new TextDecoder("utf-8");
+  decoder.decode();
+  parser.onPartBegin = function() {
+    parser.onPartData = onPartData;
+    parser.onPartEnd = appendEntryToFormData;
+    headerField = "";
+    headerValue = "";
+    entryValue = "";
+    entryName = "";
+    contentType = "";
+    filename = null;
+    entryChunks.length = 0;
+  };
+  parser.onHeaderField = function(ui8a) {
+    headerField += decoder.decode(ui8a, { stream: true });
+  };
+  parser.onHeaderValue = function(ui8a) {
+    headerValue += decoder.decode(ui8a, { stream: true });
+  };
+  parser.onHeaderEnd = function() {
+    headerValue += decoder.decode();
+    headerField = headerField.toLowerCase();
+    if (headerField === "content-disposition") {
+      const m2 = headerValue.match(/\bname=("([^"]*)"|([^()<>@,;:\\"/[\]?={}\s\t]+))/i);
+      if (m2) {
+        entryName = m2[2] || m2[3] || "";
+      }
+      filename = _fileName(headerValue);
+      if (filename) {
+        parser.onPartData = appendToFile;
+        parser.onPartEnd = appendFileToFormData;
+      }
+    } else if (headerField === "content-type") {
+      contentType = headerValue;
+    }
+    headerValue = "";
+    headerField = "";
+  };
+  for await (const chunk of Body) {
+    parser.write(chunk);
+  }
+  parser.end();
+  return formData;
+}
+var s = 0, S, f = 1, F, LF = 10, CR = 13, SPACE = 32, HYPHEN = 45, COLON = 58, A = 97, Z = 122, lower = (c) => c | 32, noop = () => {};
+var init_multipart_parser = __esm(() => {
+  init_from();
+  init_esm_min();
+  S = {
+    START_BOUNDARY: s++,
+    HEADER_FIELD_START: s++,
+    HEADER_FIELD: s++,
+    HEADER_VALUE_START: s++,
+    HEADER_VALUE: s++,
+    HEADER_VALUE_ALMOST_DONE: s++,
+    HEADERS_ALMOST_DONE: s++,
+    PART_DATA_START: s++,
+    PART_DATA: s++,
+    END: s++
+  };
+  F = {
+    PART_BOUNDARY: f,
+    LAST_BOUNDARY: f *= 2
+  };
+});
+init_multipart_parser();
+
+export {
+  toFormData
+};

package/build/pentest-zzebnfa0.js

@@ -0,0 +1,25 @@
+import {
+  DEFAULT_CONCURRENCY,
+  runPentestSwarm,
+  runPentestWorkflow
+} from "./cli-f9shhcxf.js";
+import"./cli-e20q3hqz.js";
+import"./cli-w04ggbe4.js";
+import"./cli-2ckm5es2.js";
+import"./cli-hmrzx8am.js";
+import"./cli-6gtnyaqf.js";
+import"./cli-r8r90gka.js";
+import"./cli-jh38b6zv.js";
+import"./cli-kqtgcdzn.js";
+import"./cli-j66pect7.js";
+import"./cli-bp6d08sg.js";
+import"./cli-jb0gcnrs.js";
+import"./cli-yj3dy0vg.js";
+import"./cli-15vxn9zj.js";
+import"./cli-7ckctq7a.js";
+import"./cli-8rxa073f.js";
+export {
+  runPentestWorkflow,
+  runPentestSwarm,
+  DEFAULT_CONCURRENCY
+};

package/build/pentests-s9fwd71b.js

@@ -0,0 +1,70 @@
+#!/usr/bin/env bun
+import {
+  dispatchPentest,
+  getScan,
+  listScans
+} from "./cli-x1msjf55.js";
+import"./cli-bp6d08sg.js";
+import"./cli-jb0gcnrs.js";
+import"./cli-yj3dy0vg.js";
+import"./cli-8rxa073f.js";
+
+// src/cli/pentests.ts
+function getFlag(flag, argv) {
+  const idx = argv.indexOf(flag);
+  return idx !== -1 && idx + 1 < argv.length ? argv[idx + 1] : undefined;
+}
+function showHelp() {
+  console.log(`pensar pentests — Manage pentests via the Pensar API
+
+Usage:
+  pensar pentests <projectId>                     List pentests for a project
+  pensar pentests get <pentestId>                  Get pentest details
+  pensar pentests dispatch <projectId> [options]   Dispatch a new pentest
+
+dispatch options:
+  --branch <branch>     Target branch to scan
+  --level <level>       Scan depth: priority (default), full
+
+Options:
+  -h, --help            Show this help message`);
+}
+async function main() {
+  const args = process.argv.slice(2);
+  const sub = args[0];
+  if (!sub || sub === "--help" || sub === "-h" || sub === "help") {
+    showHelp();
+    return;
+  }
+  try {
+    if (sub === "get") {
+      const pentestId = args[1];
+      if (!pentestId) {
+        console.error("Error: pentest ID is required");
+        console.error("Usage: pensar pentests get <pentestId>");
+        process.exit(1);
+      }
+      const scan = await getScan(pentestId);
+      console.log(JSON.stringify(scan, null, 2));
+    } else if (sub === "dispatch") {
+      const projectId = args[1];
+      if (!projectId) {
+        console.error("Error: project ID is required");
+        console.error("Usage: pensar pentests dispatch <projectId> [--branch <branch>] [--level <priority|full>]");
+        process.exit(1);
+      }
+      const branch = getFlag("--branch", args);
+      const scanLevel = getFlag("--level", args);
+      const result = await dispatchPentest(projectId, { branch, scanLevel });
+      console.log(JSON.stringify(result, null, 2));
+    } else {
+      const scans = await listScans(sub);
+      console.log(JSON.stringify(scans, null, 2));
+    }
+  } catch (err) {
+    console.error(`
+Error: ${err instanceof Error ? err.message : String(err)}`);
+    process.exit(1);
+  }
+}
+main();

package/build/projects-tr719twv.js

@@ -0,0 +1,35 @@
+#!/usr/bin/env bun
+import {
+  listProjects
+} from "./cli-x1msjf55.js";
+import"./cli-bp6d08sg.js";
+import"./cli-jb0gcnrs.js";
+import"./cli-yj3dy0vg.js";
+import"./cli-8rxa073f.js";
+
+// src/cli/projects.ts
+function showHelp() {
+  console.log(`pensar projects — List workspace projects
+
+Usage:
+  pensar projects              List all projects
+
+Options:
+  -h, --help                   Show this help message`);
+}
+async function main() {
+  const args = process.argv.slice(2);
+  if (args.includes("--help") || args.includes("-h")) {
+    showHelp();
+    return;
+  }
+  try {
+    const projects = await listProjects();
+    console.log(JSON.stringify(projects, null, 2));
+  } catch (err) {
+    console.error(`
+Error: ${err instanceof Error ? err.message : String(err)}`);
+    process.exit(1);
+  }
+}
+main();

package/build/targetedPentest-w2c85whf.js

@@ -0,0 +1,32 @@
+import {
+  TargetedPentestAgent
+} from "./cli-e20q3hqz.js";
+import"./cli-r8r90gka.js";
+import"./cli-jh38b6zv.js";
+import"./cli-kqtgcdzn.js";
+import"./cli-j66pect7.js";
+import"./cli-bp6d08sg.js";
+import"./cli-jb0gcnrs.js";
+import"./cli-yj3dy0vg.js";
+import"./cli-15vxn9zj.js";
+import"./cli-7ckctq7a.js";
+import"./cli-8rxa073f.js";
+
+// src/core/api/targetedPentest.ts
+async function runTargetedPentestAgent(input) {
+  const agent = new TargetedPentestAgent(input);
+  const { findings, findingsPath, pocsPath } = await agent.consume({
+    onTextDelta: (d) => process.stdout.write(d.text),
+    onToolCall: (d) => console.log(`→ calling ${d.toolName}`),
+    onToolResult: (d) => console.log(`✓ ${d.toolName} completed`),
+    onError: (e) => console.error("Agent error:", e)
+  });
+  console.log(`
+Found ${findings.length} vulnerabilities`);
+  console.log(`Findings: ${findingsPath}`);
+  console.log(`POCs: ${pocsPath}`);
+  return { findings, findingsPath, pocsPath };
+}
+export {
+  runTargetedPentestAgent
+};

package/build/token-6x6aavpc.js

@@ -0,0 +1,58 @@
+import {
+  require_token_util
+} from "./cli-va4y0089.js";
+import {
+  require_token_error
+} from "./cli-7ckctq7a.js";
+import {
+  __commonJS
+} from "./cli-8rxa073f.js";
+
+// node_modules/@vercel/oidc/dist/token.js
+var require_token = __commonJS((exports, module) => {
+  var __defProp = Object.defineProperty;
+  var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
+  var __getOwnPropNames = Object.getOwnPropertyNames;
+  var __hasOwnProp = Object.prototype.hasOwnProperty;
+  var __export = (target, all) => {
+    for (var name in all)
+      __defProp(target, name, { get: all[name], enumerable: true });
+  };
+  var __copyProps = (to, from, except, desc) => {
+    if (from && typeof from === "object" || typeof from === "function") {
+      for (let key of __getOwnPropNames(from))
+        if (!__hasOwnProp.call(to, key) && key !== except)
+          __defProp(to, key, { get: () => from[key], enumerable: !(desc = __getOwnPropDesc(from, key)) || desc.enumerable });
+    }
+    return to;
+  };
+  var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
+  var token_exports = {};
+  __export(token_exports, {
+    refreshToken: () => refreshToken
+  });
+  module.exports = __toCommonJS(token_exports);
+  var import_token_error = require_token_error();
+  var import_token_util = require_token_util();
+  async function refreshToken() {
+    const { projectId, teamId } = (0, import_token_util.findProjectInfo)();
+    let maybeToken = (0, import_token_util.loadToken)(projectId);
+    if (!maybeToken || (0, import_token_util.isExpired)((0, import_token_util.getTokenPayload)(maybeToken.token))) {
+      const authToken = await (0, import_token_util.getVercelCliToken)();
+      if (!authToken) {
+        throw new import_token_error.VercelOidcTokenError("Failed to refresh OIDC token: Log in to Vercel CLI and link your project with `vc link`");
+      }
+      if (!projectId) {
+        throw new import_token_error.VercelOidcTokenError("Failed to refresh OIDC token: Try re-linking your project with `vc link`");
+      }
+      maybeToken = await (0, import_token_util.getVercelOidcToken)(authToken, projectId, teamId);
+      if (!maybeToken) {
+        throw new import_token_error.VercelOidcTokenError("Failed to refresh OIDC token");
+      }
+      (0, import_token_util.saveToken)(maybeToken, projectId);
+    }
+    process.env.VERCEL_OIDC_TOKEN = maybeToken.token;
+    return;
+  }
+});
+export default require_token();

package/build/token-util-na95bqjj.js

@@ -0,0 +1,6 @@
+import {
+  require_token_util
+} from "./cli-va4y0089.js";
+import"./cli-7ckctq7a.js";
+import"./cli-8rxa073f.js";
+export default require_token_util();