@polarityinc/paragon 0.0.12 → 0.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/scripts/npm-install.js +195 -77
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@polarityinc/paragon",
3
- "version": "0.0.12",
3
+ "version": "0.0.13",
4
4
  "description": "Paragon is the First AI QA Engineer and the Worlds best code reviewer.",
5
5
  "author": "Polarity Inc.",
6
6
  "private": false,
package/scripts/npm-install.js CHANGED
@@ -81,6 +81,16 @@ function downloadFile(url, dest) {
81
81
  });
82
82
  }
83
83
 
84
+ // Check if a command exists
85
+ function commandExists(cmd) {
86
+ try {
87
+ execSync(`which ${cmd}`, { stdio: 'ignore' });
88
+ return true;
89
+ } catch (e) {
90
+ return false;
91
+ }
92
+ }
93
+
84
94
  // Check for ripgrep
85
95
  function checkRipgrep() {
86
96
  try {
@@ -91,79 +101,189 @@ function checkRipgrep() {
91
101
  }
92
102
  }
93
103
 
94
- // Install ripgrep automatically
95
- function installRipgrep() {
96
- console.log('Installing ripgrep...');
104
+ // Check if Homebrew is available
105
+ function hasHomebrew() {
106
+ try {
107
+ execSync('brew --version', { stdio: 'ignore' });
108
+ return true;
109
+ } catch (e) {
110
+ return false;
111
+ }
112
+ }
113
+
114
+ // Check if pip/pipx is available
115
+ function hasPipx() {
116
+ try {
117
+ execSync('pipx --version', { stdio: 'ignore' });
118
+ return true;
119
+ } catch (e) {
120
+ return false;
121
+ }
122
+ }
97
123
 
124
+ function hasPip() {
98
125
  try {
126
+ execSync('pip3 --version', { stdio: 'ignore' });
127
+ return true;
128
+ } catch (e) {
129
+ return false;
130
+ }
131
+ }
132
+
133
+ // Install a tool using available package manager
134
+ function installTool(toolName, brewName, pipxName, aptName) {
135
+ if (commandExists(toolName)) {
136
+ console.log(` ✓ ${toolName} already installed`);
137
+ return true;
138
+ }
139
+
140
+ console.log(` Installing ${toolName}...`);
141
+
142
+ // Try Homebrew first (macOS and Linux)
143
+ if (hasHomebrew()) {
144
+ try {
145
+ execSync(`brew install ${brewName || toolName}`, { stdio: 'inherit' });
146
+ console.log(` ✓ ${toolName} installed via Homebrew`);
147
+ return true;
148
+ } catch (e) {
149
+ console.log(` ⚠ Failed to install ${toolName} via Homebrew`);
150
+ }
151
+ }
152
+
153
+ // Try pipx for Python-based tools
154
+ if (pipxName && hasPipx()) {
155
+ try {
156
+ execSync(`pipx install ${pipxName}`, { stdio: 'inherit' });
157
+ console.log(` ✓ ${toolName} installed via pipx`);
158
+ return true;
159
+ } catch (e) {
160
+ console.log(` ⚠ Failed to install ${toolName} via pipx`);
161
+ }
162
+ }
163
+
164
+ // Try pip for Python-based tools
165
+ if (pipxName && hasPip()) {
166
+ try {
167
+ execSync(`pip3 install ${pipxName}`, { stdio: 'inherit' });
168
+ console.log(` ✓ ${toolName} installed via pip`);
169
+ return true;
170
+ } catch (e) {
171
+ console.log(` ⚠ Failed to install ${toolName} via pip`);
172
+ }
173
+ }
174
+
175
+ // Linux: try apt
176
+ if (platform === 'linux' && aptName) {
177
+ try {
178
+ // Check if apt is available
179
+ execSync('apt --version', { stdio: 'ignore' });
180
+ console.log(` Attempting apt install (may require sudo)...`);
181
+ execSync(`sudo apt update && sudo apt install -y ${aptName}`, { stdio: 'inherit' });
182
+ console.log(` ✓ ${toolName} installed via apt`);
183
+ return true;
184
+ } catch (e) {
185
+ // apt not available or failed
186
+ }
187
+ }
188
+
189
+ return false;
190
+ }
191
+
192
+ // Show manual installation instructions for security tools
193
+ function showSecurityToolInstructions(toolName) {
194
+ console.log(`\n⚠️ ${toolName} could not be auto-installed`);
195
+ console.log(`\nPlease install it manually:\n`);
196
+
197
+ if (toolName === 'trivy') {
99
198
  if (platform === 'darwin') {
100
- // macOS - try brew
101
- try {
102
- execSync('brew --version', { stdio: 'ignore' });
103
- console.log('Installing ripgrep via Homebrew...');
104
- execSync('brew install ripgrep', { stdio: 'inherit' });
105
- return true;
106
- } catch (e) {
107
- console.error('✗ Homebrew not found. Please install Homebrew first: https://brew.sh');
108
- return false;
109
- }
199
+ console.log(' macOS (Homebrew):');
200
+ console.log(' brew install trivy\n');
110
201
  } else if (platform === 'linux') {
111
- // Linux - try various package managers
112
- // Try apt (Debian/Ubuntu)
113
- try {
114
- execSync('apt --version', { stdio: 'ignore' });
115
- console.log('Installing ripgrep via apt...');
116
- execSync('sudo apt update && sudo apt install -y ripgrep', { stdio: 'inherit' });
117
- return true;
118
- } catch (e) {
119
- // Try dnf (Fedora)
120
- try {
121
- execSync('dnf --version', { stdio: 'ignore' });
122
- console.log('Installing ripgrep via dnf...');
123
- execSync('sudo dnf install -y ripgrep', { stdio: 'inherit' });
124
- return true;
125
- } catch (e2) {
126
- // Try yum (RHEL/CentOS)
127
- try {
128
- execSync('yum --version', { stdio: 'ignore' });
129
- console.log('Installing ripgrep via yum...');
130
- execSync('sudo yum install -y ripgrep', { stdio: 'inherit' });
131
- return true;
132
- } catch (e3) {
133
- console.error('✗ No supported package manager found (apt/dnf/yum)');
134
- console.error('Please install ripgrep manually: https://github.com/BurntSushi/ripgrep');
135
- return false;
136
- }
137
- }
138
- }
139
- } else if (platform === 'windows') {
140
- // Windows - try choco first, then scoop
141
- try {
142
- execSync('choco --version', { stdio: 'ignore' });
143
- console.log('Installing ripgrep via Chocolatey...');
144
- execSync('choco install ripgrep -y', { stdio: 'inherit' });
145
- return true;
146
- } catch (e) {
147
- try {
148
- execSync('scoop --version', { stdio: 'ignore' });
149
- console.log('Installing ripgrep via Scoop...');
150
- execSync('scoop install ripgrep', { stdio: 'inherit' });
151
- return true;
152
- } catch (e2) {
153
- console.error('✗ No supported package manager found (choco/scoop)');
154
- console.error('Please install Chocolatey or Scoop first');
155
- return false;
156
- }
157
- }
202
+ console.log(' Debian/Ubuntu:');
203
+ console.log(' sudo apt-get install wget apt-transport-https gnupg lsb-release');
204
+ console.log(' wget -qO - https://aquasecurity.github.io/trivy-repo/deb/public.key | sudo apt-key add -');
205
+ console.log(' echo deb https://aquasecurity.github.io/trivy-repo/deb $(lsb_release -sc) main | sudo tee -a /etc/apt/sources.list.d/trivy.list');
206
+ console.log(' sudo apt-get update && sudo apt-get install trivy\n');
207
+ }
208
+ console.log(' Or visit: https://aquasecurity.github.io/trivy/latest/getting-started/installation/\n');
209
+ } else if (toolName === 'semgrep') {
210
+ console.log(' Using pip/pipx:');
211
+ console.log(' pipx install semgrep');
212
+ console.log(' # or: pip3 install semgrep\n');
213
+ if (platform === 'darwin') {
214
+ console.log(' macOS (Homebrew):');
215
+ console.log(' brew install semgrep\n');
216
+ }
217
+ console.log(' Or visit: https://semgrep.dev/docs/getting-started/\n');
218
+ } else if (toolName === 'gitleaks') {
219
+ if (platform === 'darwin') {
220
+ console.log(' macOS (Homebrew):');
221
+ console.log(' brew install gitleaks\n');
222
+ } else if (platform === 'linux') {
223
+ console.log(' Download from GitHub releases:');
224
+ console.log(' https://github.com/gitleaks/gitleaks/releases\n');
225
+ }
226
+ console.log(' Or visit: https://github.com/gitleaks/gitleaks#installing\n');
227
+ }
228
+ }
229
+
230
+ // Install security scanning tools
231
+ function installSecurityTools() {
232
+ console.log('\n🔒 Installing security scanning tools...\n');
233
+
234
+ const tools = [
235
+ { name: 'trivy', brew: 'trivy', pipx: null, apt: null },
236
+ { name: 'semgrep', brew: 'semgrep', pipx: 'semgrep', apt: null },
237
+ { name: 'gitleaks', brew: 'gitleaks', pipx: null, apt: null },
238
+ ];
239
+
240
+ const failed = [];
241
+
242
+ for (const tool of tools) {
243
+ const success = installTool(tool.name, tool.brew, tool.pipx, tool.apt);
244
+ if (!success) {
245
+ failed.push(tool.name);
158
246
  }
159
- } catch (err) {
160
- console.error('✗ Failed to install ripgrep:', err.message);
161
- return false;
162
247
  }
248
+
249
+ if (failed.length > 0) {
250
+ console.log('\n━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
251
+ for (const toolName of failed) {
252
+ showSecurityToolInstructions(toolName);
253
+ }
254
+ } else {
255
+ console.log('\n✓ All security tools installed successfully!\n');
256
+ }
257
+ }
258
+
259
+ // Show instructions for installing ripgrep
260
+ function showRipgrepInstructions() {
261
+ console.log('\n⚠️ ripgrep is required but not found on your system');
262
+ console.log('\nPlease install it using your package manager:\n');
263
+
264
+ if (platform === 'darwin') {
265
+ console.log(' macOS (Homebrew):');
266
+ console.log(' brew install ripgrep\n');
267
+ } else if (platform === 'linux') {
268
+ console.log(' Debian/Ubuntu:');
269
+ console.log(' sudo apt update && sudo apt install ripgrep\n');
270
+ console.log(' Fedora:');
271
+ console.log(' sudo dnf install ripgrep\n');
272
+ console.log(' RHEL/CentOS:');
273
+ console.log(' sudo yum install ripgrep\n');
274
+ } else if (platform === 'windows') {
275
+ console.log(' Chocolatey:');
276
+ console.log(' choco install ripgrep\n');
277
+ console.log(' Scoop:');
278
+ console.log(' scoop install ripgrep\n');
279
+ }
280
+
281
+ console.log(' Or download from: https://github.com/BurntSushi/ripgrep#installation\n');
282
+ return false;
163
283
  }
164
284
 
165
- // Uninstall brew version if it exists
166
- function uninstallBrewPolarity() {
285
+ // Check for brew version conflict
286
+ function checkBrewPolarity() {
167
287
  if (platform !== 'darwin') {
168
288
  return; // Only relevant for macOS
169
289
  }
@@ -175,9 +295,9 @@ function uninstallBrewPolarity() {
175
295
  // Check if polarity is installed via brew
176
296
  try {
177
297
  execSync('brew list polarity', { stdio: 'ignore' });
178
- console.log('Found existing Homebrew installation of polarity, uninstalling...');
179
- execSync('brew uninstall polarity', { stdio: 'inherit' });
180
- console.log(' Homebrew polarity uninstalled successfully\n');
298
+ console.log('⚠️ Warning: Homebrew version of polarity is installed');
299
+ console.log('This may conflict with the npm version.');
300
+ console.log('Consider uninstalling it with: brew uninstall polarity\n');
181
301
  } catch (e) {
182
302
  // polarity not installed via brew, which is fine
183
303
  }
@@ -186,8 +306,8 @@ function uninstallBrewPolarity() {
186
306
  }
187
307
  }
188
308
 
189
- // Uninstall brew version before installing npm version
190
- uninstallBrewPolarity();
309
+ // Check for potential brew conflicts
310
+ checkBrewPolarity();
191
311
 
192
312
  downloadFile(GITHUB_RELEASE_URL, binPath)
193
313
  .then(() => {
@@ -207,16 +327,14 @@ downloadFile(GITHUB_RELEASE_URL, binPath)
207
327
  console.log('\n The Best Code Review Agent in the World\n');
208
328
  console.log('✓ Paragon installed successfully!\n');
209
329
 
210
- // Check and install ripgrep if needed
330
+ // Check for ripgrep
211
331
  if (!checkRipgrep()) {
212
- if (!installRipgrep()) {
213
- console.log('⚠️ Could not auto-install ripgrep');
214
- console.log('Please install it manually: https://github.com/BurntSushi/ripgrep#installation\n');
215
- } else {
216
- console.log('✓ ripgrep installed automatically!\n');
217
- }
332
+ showRipgrepInstructions();
218
333
  }
219
334
 
335
+ // Install security scanning tools (trivy, semgrep, gitleaks)
336
+ installSecurityTools();
337
+
220
338
  console.log('━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━');
221
339
  console.log('\n📝 Next Steps:\n');
222
340
  console.log(' 1. Authenticate with Polarity:');