@pensar/apex 1.8.0 → 2.0.0-canary.241920ad

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (70) hide show
  1. package/README.md +31 -0
  2. package/build/agent-7866ka7b.js +218 -0
  3. package/build/agent-aj7jpehp.js +25 -0
  4. package/build/agent-mjyx1amj.js +19 -0
  5. package/build/apps-hse35c2d.js +443 -0
  6. package/build/{auth-dxjgy41e.js → auth-15rkvgam.js} +47 -13
  7. package/build/authentication-b8p1afqq.js +19 -0
  8. package/build/blackboxAgent-z1h2cgyg.js +19 -0
  9. package/build/{blackboxPentest-8ps4yvbk.js → blackboxPentest-vmtnnp5d.js} +16 -17
  10. package/build/{cli-y61d9433.js → cli-0svsmc2c.js} +147 -38
  11. package/build/{cli-nr1cjfr9.js → cli-23xtyah8.js} +26 -7
  12. package/build/{cli-tp1tqn3k.js → cli-4dpc999m.js} +12 -2
  13. package/build/{cli-k4hrygff.js → cli-4ez6yssj.js} +9 -5
  14. package/build/{cli-k0tckznm.js → cli-5h1kv0v4.js} +38781 -29336
  15. package/build/{cli-m788e4f3.js → cli-6gge86w5.js} +586 -33
  16. package/build/{cli-dqt80sw3.js → cli-78s9w64j.js} +199 -68
  17. package/build/cli-8xknm7d9.js +204 -0
  18. package/build/cli-9fsre5pt.js +0 -0
  19. package/build/{cli-3y0dgy56.js → cli-c8131c4q.js} +2 -2
  20. package/build/cli-cbw2rmv7.js +7236 -0
  21. package/build/{cli-jg7r7y5n.js → cli-demg7sj2.js} +30 -2
  22. package/build/cli-e08r86zk.js +24 -0
  23. package/build/{cli-0ghkg3w6.js → cli-e6rgwtpb.js} +19950 -18556
  24. package/build/cli-ft17f9nh.js +501 -0
  25. package/build/{cli-3w2syxpv.js → cli-gtepvg8s.js} +106582 -109180
  26. package/build/cli-k1vsv3qh.js +197 -0
  27. package/build/{cli-pkdjamer.js → cli-mb837pv4.js} +15 -5
  28. package/build/{authentication-e30mfzbe.js → cli-r0s5br0a.js} +20 -20
  29. package/build/cli-rtbry75t.js +22 -0
  30. package/build/cli-zyk3xsth.js +52 -0
  31. package/build/cli.js +420 -289
  32. package/build/config-bb6q79q0.js +188 -0
  33. package/build/{doctor-8tva8j99.js → doctor-tkz0a0g4.js} +8 -1
  34. package/build/{fixes-q5bhgxhc.js → fixes-krvbkbey.js} +20 -4
  35. package/build/{index-wfeb2gcc.js → index-4gk224ac.js} +9 -11
  36. package/build/index-a9ea9c1q.js +181 -0
  37. package/build/index-ah3cm7hf.js +12 -0
  38. package/build/{index-y5xpp21a.js → index-pamhzcx3.js} +86 -111
  39. package/build/index-tknvj68q.js +33 -0
  40. package/build/{index-pfee23kv.js → index-v4sz6cee.js} +19304 -19000
  41. package/build/{index-dw1xbhfn.js → index-vc29b21w.js} +161 -26
  42. package/build/{index-e898mdyh.js → index-wsp4kqtm.js} +4 -2
  43. package/build/{issues-qbmdneej.js → issues-m2me70rs.js} +30 -9
  44. package/build/{logs-xm5vbymy.js → logs-rxf1a0be.js} +20 -4
  45. package/build/{main-3d7dfdvs.js → main-3zneyg7p.js} +93 -17
  46. package/build/{offesecAgent-re6kt2ff.js → offesecAgent-hmxcpch7.js} +11 -11
  47. package/build/parse-15kqmy2v.js +207 -0
  48. package/build/pentest-r6hfzf8n.js +28 -0
  49. package/build/{pentests-e3rj5845.js → pentests-201vfsn6.js} +33 -17
  50. package/build/{targetedPentest-fs0v570s.js → targetedPentest-85b1dndy.js} +12 -12
  51. package/build/threatModel-hbpz15y7.js +26 -0
  52. package/build/{uninstall-qb2xbh2t.js → uninstall-qa8jvrj1.js} +6 -4
  53. package/build/{upload-7wtbr768.js → upload-p58nxxvf.js} +8 -1
  54. package/build/{utils-jf52rmrb.js → utils-hsde107p.js} +10 -9
  55. package/package.json +86 -88
  56. package/build/agent-4d8j2jsw.js +0 -278
  57. package/build/agent-z2s6h7n2.js +0 -19
  58. package/build/blackboxAgent-j9pczwym.js +0 -19
  59. package/build/cli-03z6pswp.js +0 -1423
  60. package/build/cli-0fy9j5dw.js +0 -61
  61. package/build/cli-asyas1xb.js +0 -110
  62. package/build/cli-dj1dgw2n.js +0 -190
  63. package/build/cli-g8t710ew.js +0 -663
  64. package/build/cli-q7r2sth7.js +0 -103
  65. package/build/cli-vkwch0bc.js +0 -1207
  66. package/build/cli-wr7g9qcr.js +0 -645
  67. package/build/index-bz6f8jry.js +0 -32
  68. package/build/pentest-mfm4hake.js +0 -29
  69. package/build/projects-qk22qcbt.js +0 -35
  70. package/build/threatModel-xfvc6cch.js +0 -67
@@ -0,0 +1,443 @@
1
+ #!/usr/bin/env bun
2
+ import {
3
+ createApp,
4
+ createEndpoint,
5
+ deleteApp,
6
+ deleteEndpoint,
7
+ getApp,
8
+ getEndpoint,
9
+ listApps,
10
+ listEndpoints,
11
+ searchApps,
12
+ searchEndpoints,
13
+ updateApp,
14
+ updateEndpoint
15
+ } from "./cli-6gge86w5.js";
16
+ import"./cli-cbw2rmv7.js";
17
+ import"./cli-4ez6yssj.js";
18
+ import"./cli-0svsmc2c.js";
19
+ import"./cli-r0s5br0a.js";
20
+ import"./cli-demg7sj2.js";
21
+ import"./cli-ft17f9nh.js";
22
+ import"./cli-9fsre5pt.js";
23
+ import"./cli-zyk3xsth.js";
24
+ import"./cli-gtepvg8s.js";
25
+ import"./cli-4dpc999m.js";
26
+ import"./cli-fw5r7pfj.js";
27
+ import"./cli-c8131c4q.js";
28
+ import"./cli-5h1kv0v4.js";
29
+ import"./cli-78s9w64j.js";
30
+ import"./cli-e6rgwtpb.js";
31
+ import"./cli-gpnb45ck.js";
32
+ import"./cli-rtbry75t.js";
33
+ import"./cli-23xtyah8.js";
34
+ import"./cli-k1vsv3qh.js";
35
+ import"./cli-8rxa073f.js";
36
+
37
+ // src/cli/apps.ts
38
+ var APPLICATION_TYPES = [
39
+ "ui",
40
+ "api-service",
41
+ "web-application",
42
+ "full-stack",
43
+ "domain",
44
+ "subdomain",
45
+ "database",
46
+ "cloud-resource",
47
+ "storage"
48
+ ];
49
+ var ENDPOINT_TYPES = [
50
+ "api-endpoint",
51
+ "web-endpoint",
52
+ "auth-endpoint",
53
+ "database",
54
+ "file-storage",
55
+ "asset"
56
+ ];
57
+ function getFlag(flag, argv) {
58
+ const idx = argv.indexOf(flag);
59
+ return idx !== -1 && idx + 1 < argv.length ? argv[idx + 1] : undefined;
60
+ }
61
+ function getAllFlags(flag, argv) {
62
+ const values = [];
63
+ for (let i = 0;i < argv.length; i++) {
64
+ const next = argv[i + 1];
65
+ if (argv[i] === flag && next !== undefined) {
66
+ values.push(next);
67
+ }
68
+ }
69
+ return values;
70
+ }
71
+ function hasFlag(flag, argv) {
72
+ return argv.includes(flag);
73
+ }
74
+ function parseAppType(value) {
75
+ if (value === undefined)
76
+ return;
77
+ if (!APPLICATION_TYPES.includes(value)) {
78
+ throw new Error(`Invalid --type "${value}". Must be one of: ${APPLICATION_TYPES.join(", ")}`);
79
+ }
80
+ return value;
81
+ }
82
+ function parseEndpointType(value) {
83
+ if (value === undefined)
84
+ return;
85
+ if (!ENDPOINT_TYPES.includes(value)) {
86
+ throw new Error(`Invalid --type "${value}". Must be one of: ${ENDPOINT_TYPES.join(", ")}`);
87
+ }
88
+ return value;
89
+ }
90
+ function parseInteger(flag, value) {
91
+ if (value === undefined)
92
+ return;
93
+ const n = Number(value);
94
+ if (!Number.isFinite(n) || !Number.isInteger(n)) {
95
+ throw new Error(`${flag} must be an integer (got "${value}")`);
96
+ }
97
+ return n;
98
+ }
99
+ function parseNumber(flag, value) {
100
+ if (value === undefined)
101
+ return;
102
+ const n = Number(value);
103
+ if (!Number.isFinite(n)) {
104
+ throw new Error(`${flag} must be a number (got "${value}")`);
105
+ }
106
+ return n;
107
+ }
108
+ function showHelp() {
109
+ console.log(`pensar apps — Manage the workspace attack surface (apps & endpoints)
110
+
111
+ All commands operate on the selected workspace (set via \`pensar login\`).
112
+
113
+ Usage:
114
+ pensar apps List apps in the workspace
115
+ pensar apps get <appId> Show app details
116
+ pensar apps create [options] Create an app
117
+ pensar apps update <appId> [options] Update an app
118
+ pensar apps delete <appId> Delete an app
119
+ pensar apps endpoints <appId> [filters] List endpoints
120
+ pensar apps endpoint <endpointId> Show endpoint details
121
+ pensar apps endpoint-create <appId> [options] Create an endpoint
122
+ pensar apps endpoint-update <endpointId> [options] Update an endpoint
123
+ pensar apps endpoint-delete <endpointId> Delete an endpoint
124
+ pensar apps search <query> [options] Substring-search apps
125
+ pensar apps search-endpoints <query> [options] Substring-search endpoints
126
+
127
+ App fields (create requires --name and --description):
128
+ --name <text> Application name
129
+ --description <text> Application description
130
+ --type <type> One of: ${APPLICATION_TYPES.join(", ")}
131
+ --framework <text> Framework / runtime hint
132
+ --domain <id> Linked domain UUID
133
+ --disallowed-actions <text> Free-form disallowed actions notes
134
+
135
+ List pagination (for "apps" and "endpoints <appId>"):
136
+ --limit <n> Page size (default 100, max 200)
137
+ --offset <n> Page offset (default 0)
138
+ Responses include { ..., hasMore, limit, offset }; iterate by
139
+ incrementing --offset by --limit until hasMore is false.
140
+
141
+ Endpoint filters (for "endpoints"):
142
+ --type <type> One of: ${ENDPOINT_TYPES.join(", ")}
143
+ --min-risk <score> Minimum risk score (0–10)
144
+
145
+ Search options (scoped to the workspace):
146
+ --app <id> search-endpoints only: scope to a single app
147
+ --type <type> Filter by application or endpoint type
148
+ --min-risk <score> Endpoint search only: minimum risk score
149
+ --auth-required Endpoint search only: only auth-required endpoints
150
+ --no-auth-required Endpoint search only: only public endpoints
151
+ --limit <n> Page size (default 50, max 200)
152
+ --offset <n> Page offset
153
+
154
+ Endpoint fields (create requires --endpoint and --description):
155
+ --endpoint <text> Endpoint path / URL / route
156
+ --description <text> Endpoint description
157
+ --type <type> One of: ${ENDPOINT_TYPES.join(", ")}
158
+ --location <text> Source file (whitebox)
159
+ --start-line <n> Start line number
160
+ --end-line <n> End line number
161
+ --objective <text> Repeatable: testing objective for the endpoint
162
+ --auth-required Mark endpoint as authentication-required
163
+ --no-auth-required Mark endpoint as not requiring auth
164
+ --auth-details <text> Free-form auth details
165
+ --business-logic <text> Business-logic notes
166
+ --threat-model <text> Per-endpoint threat model notes
167
+
168
+ Options:
169
+ -h, --help Show this help message`);
170
+ }
171
+ function parseAppCreateOptions(argv) {
172
+ const name = getFlag("--name", argv);
173
+ const description = getFlag("--description", argv);
174
+ if (!name)
175
+ throw new Error("--name is required");
176
+ if (description === undefined)
177
+ throw new Error("--description is required");
178
+ const type = parseAppType(getFlag("--type", argv));
179
+ const framework = getFlag("--framework", argv);
180
+ const domainId = getFlag("--domain", argv);
181
+ const disallowedActions = getFlag("--disallowed-actions", argv);
182
+ return {
183
+ name,
184
+ description,
185
+ ...type !== undefined ? { type } : {},
186
+ ...framework !== undefined ? { framework } : {},
187
+ ...domainId !== undefined ? { domainId } : {},
188
+ ...disallowedActions !== undefined ? { disallowedActions } : {}
189
+ };
190
+ }
191
+ function parseAppUpdateOptions(argv) {
192
+ const update = {};
193
+ const name = getFlag("--name", argv);
194
+ if (name !== undefined)
195
+ update.name = name;
196
+ const description = getFlag("--description", argv);
197
+ if (description !== undefined)
198
+ update.description = description;
199
+ const type = parseAppType(getFlag("--type", argv));
200
+ if (type !== undefined)
201
+ update.type = type;
202
+ const framework = getFlag("--framework", argv);
203
+ if (framework !== undefined)
204
+ update.framework = framework;
205
+ const domain = getFlag("--domain", argv);
206
+ if (domain !== undefined)
207
+ update.domainId = domain;
208
+ const disallowed = getFlag("--disallowed-actions", argv);
209
+ if (disallowed !== undefined)
210
+ update.disallowedActions = disallowed;
211
+ return update;
212
+ }
213
+ function parseAuthenticationRequiredFlag(argv) {
214
+ const yes = hasFlag("--auth-required", argv);
215
+ const no = hasFlag("--no-auth-required", argv);
216
+ const details = getFlag("--auth-details", argv);
217
+ if (!yes && !no && details === undefined)
218
+ return;
219
+ if (yes && no) {
220
+ throw new Error("--auth-required and --no-auth-required are mutually exclusive");
221
+ }
222
+ return {
223
+ required: yes,
224
+ ...details !== undefined ? { details } : {}
225
+ };
226
+ }
227
+ function parseEndpointCreateOptions(argv) {
228
+ const endpoint = getFlag("--endpoint", argv);
229
+ const description = getFlag("--description", argv);
230
+ if (!endpoint)
231
+ throw new Error("--endpoint is required");
232
+ if (description === undefined)
233
+ throw new Error("--description is required");
234
+ const type = parseEndpointType(getFlag("--type", argv));
235
+ const location = getFlag("--location", argv);
236
+ const startLineNumber = parseInteger("--start-line", getFlag("--start-line", argv));
237
+ const endLineNumber = parseInteger("--end-line", getFlag("--end-line", argv));
238
+ const objectives = getAllFlags("--objective", argv);
239
+ const authenticationRequired = parseAuthenticationRequiredFlag(argv);
240
+ const businessLogic = getFlag("--business-logic", argv);
241
+ const threatModel = getFlag("--threat-model", argv);
242
+ return {
243
+ endpoint,
244
+ description,
245
+ ...type !== undefined ? { type } : {},
246
+ ...location !== undefined ? { location } : {},
247
+ ...startLineNumber !== undefined ? { startLineNumber } : {},
248
+ ...endLineNumber !== undefined ? { endLineNumber } : {},
249
+ ...objectives.length > 0 ? { objectives } : {},
250
+ ...authenticationRequired !== undefined ? { authenticationRequired } : {},
251
+ ...businessLogic !== undefined ? { businessLogic } : {},
252
+ ...threatModel !== undefined ? { threatModel } : {}
253
+ };
254
+ }
255
+ function parseEndpointUpdateOptions(argv) {
256
+ const update = {};
257
+ const endpoint = getFlag("--endpoint", argv);
258
+ if (endpoint !== undefined)
259
+ update.endpoint = endpoint;
260
+ const description = getFlag("--description", argv);
261
+ if (description !== undefined)
262
+ update.description = description;
263
+ const type = parseEndpointType(getFlag("--type", argv));
264
+ if (type !== undefined)
265
+ update.type = type;
266
+ const location = getFlag("--location", argv);
267
+ if (location !== undefined)
268
+ update.location = location;
269
+ const startLine = parseInteger("--start-line", getFlag("--start-line", argv));
270
+ if (startLine !== undefined)
271
+ update.startLineNumber = startLine;
272
+ const endLine = parseInteger("--end-line", getFlag("--end-line", argv));
273
+ if (endLine !== undefined)
274
+ update.endLineNumber = endLine;
275
+ const objectives = getAllFlags("--objective", argv);
276
+ if (objectives.length > 0)
277
+ update.objectives = objectives;
278
+ const auth = parseAuthenticationRequiredFlag(argv);
279
+ if (auth !== undefined)
280
+ update.authenticationRequired = auth;
281
+ const businessLogic = getFlag("--business-logic", argv);
282
+ if (businessLogic !== undefined)
283
+ update.businessLogic = businessLogic;
284
+ const threatModel = getFlag("--threat-model", argv);
285
+ if (threatModel !== undefined)
286
+ update.threatModel = threatModel;
287
+ return update;
288
+ }
289
+ async function main() {
290
+ const args = process.argv.slice(2);
291
+ const sub = args[0];
292
+ if (sub === "--help" || sub === "-h" || sub === "help") {
293
+ showHelp();
294
+ return;
295
+ }
296
+ try {
297
+ if (sub === "get") {
298
+ const appId = args[1];
299
+ if (!appId) {
300
+ console.error("Error: app ID is required");
301
+ console.error("Usage: pensar apps get <appId>");
302
+ process.exit(1);
303
+ }
304
+ const app = await getApp(appId);
305
+ console.log(JSON.stringify(app, null, 2));
306
+ } else if (sub === "create") {
307
+ const opts = parseAppCreateOptions(args);
308
+ const result = await createApp(opts);
309
+ console.log(JSON.stringify(result, null, 2));
310
+ } else if (sub === "update") {
311
+ const appId = args[1];
312
+ if (!appId) {
313
+ console.error("Error: app ID is required");
314
+ console.error("Usage: pensar apps update <appId> [options]");
315
+ process.exit(1);
316
+ }
317
+ const opts = parseAppUpdateOptions(args);
318
+ const result = await updateApp(appId, opts);
319
+ console.log(JSON.stringify(result, null, 2));
320
+ } else if (sub === "delete") {
321
+ const appId = args[1];
322
+ if (!appId) {
323
+ console.error("Error: app ID is required");
324
+ console.error("Usage: pensar apps delete <appId>");
325
+ process.exit(1);
326
+ }
327
+ const result = await deleteApp(appId);
328
+ console.log(JSON.stringify(result, null, 2));
329
+ } else if (sub === "endpoints") {
330
+ const appId = args[1];
331
+ if (!appId) {
332
+ console.error("Error: app ID is required");
333
+ console.error("Usage: pensar apps endpoints <appId> [filters]");
334
+ process.exit(1);
335
+ }
336
+ const type = parseEndpointType(getFlag("--type", args));
337
+ const minRiskScore = parseNumber("--min-risk", getFlag("--min-risk", args));
338
+ const limit = parseInteger("--limit", getFlag("--limit", args));
339
+ const offset = parseInteger("--offset", getFlag("--offset", args));
340
+ const filters = {
341
+ ...type !== undefined ? { type } : {},
342
+ ...minRiskScore !== undefined ? { minRiskScore } : {},
343
+ ...limit !== undefined ? { limit } : {},
344
+ ...offset !== undefined ? { offset } : {}
345
+ };
346
+ const result = await listEndpoints(appId, filters);
347
+ console.log(JSON.stringify(result, null, 2));
348
+ } else if (sub === "endpoint") {
349
+ const endpointId = args[1];
350
+ if (!endpointId) {
351
+ console.error("Error: endpoint ID is required");
352
+ console.error("Usage: pensar apps endpoint <endpointId>");
353
+ process.exit(1);
354
+ }
355
+ const result = await getEndpoint(endpointId);
356
+ console.log(JSON.stringify(result, null, 2));
357
+ } else if (sub === "endpoint-create") {
358
+ const appId = args[1];
359
+ if (!appId) {
360
+ console.error("Error: app ID is required");
361
+ console.error("Usage: pensar apps endpoint-create <appId> --endpoint E --description D");
362
+ process.exit(1);
363
+ }
364
+ const opts = parseEndpointCreateOptions(args);
365
+ const result = await createEndpoint(appId, opts);
366
+ console.log(JSON.stringify(result, null, 2));
367
+ } else if (sub === "endpoint-update") {
368
+ const endpointId = args[1];
369
+ if (!endpointId) {
370
+ console.error("Error: endpoint ID is required");
371
+ console.error("Usage: pensar apps endpoint-update <endpointId> [options]");
372
+ process.exit(1);
373
+ }
374
+ const opts = parseEndpointUpdateOptions(args);
375
+ const result = await updateEndpoint(endpointId, opts);
376
+ console.log(JSON.stringify(result, null, 2));
377
+ } else if (sub === "endpoint-delete") {
378
+ const endpointId = args[1];
379
+ if (!endpointId) {
380
+ console.error("Error: endpoint ID is required");
381
+ console.error("Usage: pensar apps endpoint-delete <endpointId>");
382
+ process.exit(1);
383
+ }
384
+ const result = await deleteEndpoint(endpointId);
385
+ console.log(JSON.stringify(result, null, 2));
386
+ } else if (sub === "search") {
387
+ const query = args[1];
388
+ if (!query || query.startsWith("--")) {
389
+ console.error("Error: search query is required");
390
+ console.error("Usage: pensar apps search <query> [options]");
391
+ process.exit(1);
392
+ }
393
+ const type = parseAppType(getFlag("--type", args));
394
+ const limit = parseInteger("--limit", getFlag("--limit", args));
395
+ const offset = parseInteger("--offset", getFlag("--offset", args));
396
+ const result = await searchApps(query, {
397
+ ...type !== undefined ? { type } : {},
398
+ ...limit !== undefined ? { limit } : {},
399
+ ...offset !== undefined ? { offset } : {}
400
+ });
401
+ console.log(JSON.stringify(result, null, 2));
402
+ } else if (sub === "search-endpoints") {
403
+ const query = args[1];
404
+ if (!query || query.startsWith("--")) {
405
+ console.error("Error: search query is required");
406
+ console.error("Usage: pensar apps search-endpoints <query> [options]");
407
+ process.exit(1);
408
+ }
409
+ const applicationId = getFlag("--app", args);
410
+ const type = parseEndpointType(getFlag("--type", args));
411
+ const minRiskScore = parseNumber("--min-risk", getFlag("--min-risk", args));
412
+ const authRequired = hasFlag("--auth-required", args) ? true : hasFlag("--no-auth-required", args) ? false : undefined;
413
+ const limit = parseInteger("--limit", getFlag("--limit", args));
414
+ const offset = parseInteger("--offset", getFlag("--offset", args));
415
+ const result = await searchEndpoints(query, {
416
+ ...applicationId !== undefined ? { applicationId } : {},
417
+ ...type !== undefined ? { type } : {},
418
+ ...minRiskScore !== undefined ? { minRiskScore } : {},
419
+ ...authRequired !== undefined ? { authRequired } : {},
420
+ ...limit !== undefined ? { limit } : {},
421
+ ...offset !== undefined ? { offset } : {}
422
+ });
423
+ console.log(JSON.stringify(result, null, 2));
424
+ } else if (!sub || sub === "list" || sub.startsWith("--")) {
425
+ const limit = parseInteger("--limit", getFlag("--limit", args));
426
+ const offset = parseInteger("--offset", getFlag("--offset", args));
427
+ const result = await listApps({
428
+ ...limit !== undefined ? { limit } : {},
429
+ ...offset !== undefined ? { offset } : {}
430
+ });
431
+ console.log(JSON.stringify(result, null, 2));
432
+ } else {
433
+ console.error(`Error: Unknown subcommand "${sub}"`);
434
+ showHelp();
435
+ process.exit(1);
436
+ }
437
+ } catch (err) {
438
+ console.error(`
439
+ Error: ${err instanceof Error ? err.message : String(err)}`);
440
+ process.exit(1);
441
+ }
442
+ }
443
+ main();
@@ -1,30 +1,50 @@
1
1
  #!/usr/bin/env bun
2
+ import"./cli-6gge86w5.js";
3
+ import"./cli-cbw2rmv7.js";
4
+ import"./cli-4ez6yssj.js";
5
+ import"./cli-0svsmc2c.js";
6
+ import"./cli-r0s5br0a.js";
7
+ import"./cli-demg7sj2.js";
8
+ import"./cli-ft17f9nh.js";
9
+ import"./cli-9fsre5pt.js";
10
+ import"./cli-zyk3xsth.js";
11
+ import"./cli-gtepvg8s.js";
12
+ import"./cli-4dpc999m.js";
13
+ import"./cli-fw5r7pfj.js";
14
+ import"./cli-c8131c4q.js";
15
+ import"./cli-5h1kv0v4.js";
2
16
  import {
3
17
  disconnect,
4
18
  fetchWorkspaces,
19
+ getPensarApiUrl,
20
+ getPensarConsoleUrl,
21
+ init_auth,
5
22
  isConnected,
6
23
  pollForWorkspaceCreation,
7
24
  pollLegacyToken,
8
25
  pollWorkOSToken,
9
26
  selectWorkspace,
10
27
  startDeviceFlow
11
- } from "./cli-dqt80sw3.js";
28
+ } from "./cli-78s9w64j.js";
29
+ import"./cli-e6rgwtpb.js";
30
+ import"./cli-gpnb45ck.js";
12
31
  import {
13
32
  config,
14
- getPensarApiUrl,
15
- getPensarConsoleUrl
16
- } from "./cli-asyas1xb.js";
17
- import"./cli-nr1cjfr9.js";
18
- import"./cli-dj1dgw2n.js";
33
+ init_config
34
+ } from "./cli-rtbry75t.js";
35
+ import"./cli-23xtyah8.js";
36
+ import"./cli-k1vsv3qh.js";
19
37
  import {
20
38
  __require
21
39
  } from "./cli-8rxa073f.js";
22
40
 
23
41
  // src/cli/auth.ts
24
- import * as readline from "readline";
42
+ import * as readline from "node:readline";
43
+ init_auth();
44
+ init_config();
25
45
  function openUrl(url) {
26
46
  try {
27
- const { spawn } = __require("child_process");
47
+ const { spawn } = __require("node:child_process");
28
48
  const platform = process.platform;
29
49
  let cmd;
30
50
  if (platform === "darwin") {
@@ -59,11 +79,16 @@ Select a workspace:
59
79
  const answer = await prompt(`
60
80
  Enter number (1-${workspaces.length}): `);
61
81
  const index = parseInt(answer, 10) - 1;
62
- if (isNaN(index) || index < 0 || index >= workspaces.length) {
82
+ if (Number.isNaN(index) || index < 0 || index >= workspaces.length) {
63
83
  console.error("Invalid selection.");
64
84
  process.exit(1);
65
85
  }
66
- return workspaces[index];
86
+ const workspace = workspaces[index];
87
+ if (!workspace) {
88
+ console.error("Invalid selection.");
89
+ process.exit(1);
90
+ }
91
+ return workspace;
67
92
  }
68
93
  async function login() {
69
94
  const appConfig = await config.get();
@@ -121,10 +146,15 @@ Waiting for browser authorization...`);
121
146
  apiUrl,
122
147
  deviceCode: deviceInfo.deviceCode,
123
148
  interval: deviceInfo.interval,
124
- expiresIn: deviceInfo.expiresIn
149
+ expiresIn: deviceInfo.expiresIn,
150
+ clientId: flowInfo.clientId
125
151
  });
152
+ const apiKey = data.apiKey;
153
+ if (!apiKey) {
154
+ throw new Error("Pensar Console did not return an API key");
155
+ }
126
156
  await config.update({
127
- pensarAPIKey: data.apiKey,
157
+ pensarAPIKey: apiKey,
128
158
  gatewaySigningKey: data.signingKey ?? null
129
159
  });
130
160
  if (data.workspace) {
@@ -158,7 +188,11 @@ If the browser didn't open, visit: ${consoleUrl}/create-workspace?redirect=/cred
158
188
  }
159
189
  let workspace;
160
190
  if (workspaces.length === 1) {
161
- workspace = workspaces[0];
191
+ const onlyWorkspace = workspaces[0];
192
+ if (!onlyWorkspace) {
193
+ throw new Error("No workspace available after workspace lookup");
194
+ }
195
+ workspace = onlyWorkspace;
162
196
  } else {
163
197
  workspace = await promptWorkspaceSelection(workspaces);
164
198
  }
@@ -0,0 +1,19 @@
1
+ import {
2
+ runAuthenticationAgent
3
+ } from "./cli-r0s5br0a.js";
4
+ import"./cli-9fsre5pt.js";
5
+ import"./cli-zyk3xsth.js";
6
+ import"./cli-gtepvg8s.js";
7
+ import"./cli-4dpc999m.js";
8
+ import"./cli-c8131c4q.js";
9
+ import"./cli-5h1kv0v4.js";
10
+ import"./cli-78s9w64j.js";
11
+ import"./cli-e6rgwtpb.js";
12
+ import"./cli-gpnb45ck.js";
13
+ import"./cli-rtbry75t.js";
14
+ import"./cli-23xtyah8.js";
15
+ import"./cli-k1vsv3qh.js";
16
+ import"./cli-8rxa073f.js";
17
+ export {
18
+ runAuthenticationAgent
19
+ };
@@ -0,0 +1,19 @@
1
+ import {
2
+ BlackboxAttackSurfaceAgent
3
+ } from "./cli-4ez6yssj.js";
4
+ import"./cli-9fsre5pt.js";
5
+ import"./cli-zyk3xsth.js";
6
+ import"./cli-gtepvg8s.js";
7
+ import"./cli-4dpc999m.js";
8
+ import"./cli-c8131c4q.js";
9
+ import"./cli-5h1kv0v4.js";
10
+ import"./cli-78s9w64j.js";
11
+ import"./cli-e6rgwtpb.js";
12
+ import"./cli-gpnb45ck.js";
13
+ import"./cli-rtbry75t.js";
14
+ import"./cli-23xtyah8.js";
15
+ import"./cli-k1vsv3qh.js";
16
+ import"./cli-8rxa073f.js";
17
+ export {
18
+ BlackboxAttackSurfaceAgent
19
+ };
@@ -1,24 +1,23 @@
1
1
  import {
2
2
  runPentestWorkflow
3
- } from "./cli-vkwch0bc.js";
4
- import"./cli-wr7g9qcr.js";
5
- import"./cli-y61d9433.js";
6
- import"./cli-0fy9j5dw.js";
7
- import"./cli-k4hrygff.js";
3
+ } from "./cli-cbw2rmv7.js";
4
+ import"./cli-4ez6yssj.js";
5
+ import"./cli-0svsmc2c.js";
6
+ import"./cli-demg7sj2.js";
7
+ import"./cli-ft17f9nh.js";
8
+ import"./cli-9fsre5pt.js";
9
+ import"./cli-zyk3xsth.js";
10
+ import"./cli-gtepvg8s.js";
11
+ import"./cli-4dpc999m.js";
8
12
  import"./cli-fw5r7pfj.js";
9
- import"./cli-jg7r7y5n.js";
10
- import"./cli-3w2syxpv.js";
11
- import"./cli-tp1tqn3k.js";
12
- import"./cli-g8t710ew.js";
13
- import"./cli-3y0dgy56.js";
14
- import"./cli-k0tckznm.js";
15
- import"./cli-0ghkg3w6.js";
16
- import"./cli-dqt80sw3.js";
17
- import"./cli-asyas1xb.js";
13
+ import"./cli-c8131c4q.js";
14
+ import"./cli-5h1kv0v4.js";
15
+ import"./cli-78s9w64j.js";
16
+ import"./cli-e6rgwtpb.js";
18
17
  import"./cli-gpnb45ck.js";
19
- import"./cli-nr1cjfr9.js";
20
- import"./cli-dj1dgw2n.js";
21
- import"./cli-03z6pswp.js";
18
+ import"./cli-rtbry75t.js";
19
+ import"./cli-23xtyah8.js";
20
+ import"./cli-k1vsv3qh.js";
22
21
  import"./cli-8rxa073f.js";
23
22
 
24
23
  // src/core/api/blackboxPentest.ts