@preflight-agent/cli 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/checks/api.js +66 -0
- package/dist/checks/auth.js +71 -0
- package/dist/checks/database.js +47 -0
- package/dist/checks/graphql.js +73 -0
- package/dist/checks/index.js +21 -0
- package/dist/checks/payments.js +76 -0
- package/dist/checks/realtime.js +79 -0
- package/dist/checks/security.js +69 -0
- package/dist/checks/vulnerabilities.js +161 -0
- package/dist/checks/web.js +61 -0
- package/dist/index.js +20 -0
- package/dist/reporter.js +45 -0
- package/dist/scan.js +107 -0
- package/package.json +27 -0
- package/src/checks/api.ts +74 -0
- package/src/checks/auth.ts +76 -0
- package/src/checks/database.ts +48 -0
- package/src/checks/graphql.ts +87 -0
- package/src/checks/index.ts +9 -0
- package/src/checks/payments.ts +92 -0
- package/src/checks/realtime.ts +96 -0
- package/src/checks/security.ts +70 -0
- package/src/checks/vulnerabilities.ts +196 -0
- package/src/checks/web.ts +65 -0
- package/src/index.ts +23 -0
- package/src/reporter.ts +47 -0
- package/src/scan.ts +135 -0
- package/tsconfig.json +13 -0
package/src/scan.ts
ADDED
|
@@ -0,0 +1,135 @@
|
|
|
1
|
+
import path from 'path';
|
|
2
|
+
import ora from 'ora';
|
|
3
|
+
import { runSecurityChecks } from './checks/security';
|
|
4
|
+
import { runAuthChecks } from './checks/auth';
|
|
5
|
+
import { runPaymentChecks } from './checks/payments';
|
|
6
|
+
import { runDatabaseChecks } from './checks/database';
|
|
7
|
+
import { runApiChecks } from './checks/api';
|
|
8
|
+
import { runWebChecks } from './checks/web';
|
|
9
|
+
import { runGraphqlChecks } from './checks/graphql';
|
|
10
|
+
import { runRealtimeChecks } from './checks/realtime';
|
|
11
|
+
import { runVulnerabilityChecks } from './checks/vulnerabilities';
|
|
12
|
+
import { renderReport } from './reporter';
|
|
13
|
+
|
|
14
|
+
export interface CheckResult {
|
|
15
|
+
status: 'pass' | 'fail' | 'warn';
|
|
16
|
+
message: string;
|
|
17
|
+
file?: string;
|
|
18
|
+
line?: number;
|
|
19
|
+
}
|
|
20
|
+
|
|
21
|
+
export interface CategoryResult {
|
|
22
|
+
name: string;
|
|
23
|
+
checks: CheckResult[];
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
export interface ScanOptions {
|
|
27
|
+
json?: boolean;
|
|
28
|
+
strict?: boolean;
|
|
29
|
+
only?: string;
|
|
30
|
+
}
|
|
31
|
+
|
|
32
|
+
export async function runScan(dir: string, options: ScanOptions) {
|
|
33
|
+
const absoluteDir = path.resolve(process.cwd(), dir);
|
|
34
|
+
|
|
35
|
+
const spinner = ora(`Scanning: ${absoluteDir}`).start();
|
|
36
|
+
|
|
37
|
+
try {
|
|
38
|
+
const categories: CategoryResult[] = [];
|
|
39
|
+
|
|
40
|
+
const shouldRun = (name: string) =>
|
|
41
|
+
!options.only || options.only.toLowerCase() === name;
|
|
42
|
+
|
|
43
|
+
if (shouldRun('security')) {
|
|
44
|
+
spinner.text = 'Checking security...';
|
|
45
|
+
categories.push({
|
|
46
|
+
name: 'Security',
|
|
47
|
+
checks: await runSecurityChecks(absoluteDir),
|
|
48
|
+
});
|
|
49
|
+
}
|
|
50
|
+
|
|
51
|
+
if (shouldRun('auth')) {
|
|
52
|
+
spinner.text = 'Checking authentication...';
|
|
53
|
+
categories.push({
|
|
54
|
+
name: 'Authentication',
|
|
55
|
+
checks: await runAuthChecks(absoluteDir),
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
|
|
59
|
+
if (shouldRun('payments')) {
|
|
60
|
+
spinner.text = 'Checking payments...';
|
|
61
|
+
categories.push({
|
|
62
|
+
name: 'Payments',
|
|
63
|
+
checks: await runPaymentChecks(absoluteDir),
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
if (shouldRun('database')) {
|
|
68
|
+
spinner.text = 'Checking database...';
|
|
69
|
+
categories.push({
|
|
70
|
+
name: 'Database',
|
|
71
|
+
checks: await runDatabaseChecks(absoluteDir),
|
|
72
|
+
});
|
|
73
|
+
}
|
|
74
|
+
|
|
75
|
+
if (shouldRun('api')) {
|
|
76
|
+
spinner.text = 'Checking API & Validation...';
|
|
77
|
+
categories.push({
|
|
78
|
+
name: 'API & Validation',
|
|
79
|
+
checks: await runApiChecks(absoluteDir),
|
|
80
|
+
});
|
|
81
|
+
}
|
|
82
|
+
|
|
83
|
+
if (shouldRun('web')) {
|
|
84
|
+
spinner.text = 'Checking web security...';
|
|
85
|
+
categories.push({
|
|
86
|
+
name: 'Web Security',
|
|
87
|
+
checks: await runWebChecks(absoluteDir),
|
|
88
|
+
});
|
|
89
|
+
}
|
|
90
|
+
|
|
91
|
+
if (shouldRun('graphql')) {
|
|
92
|
+
spinner.text = 'Checking GraphQL...';
|
|
93
|
+
categories.push({
|
|
94
|
+
name: 'GraphQL',
|
|
95
|
+
checks: await runGraphqlChecks(absoluteDir),
|
|
96
|
+
});
|
|
97
|
+
}
|
|
98
|
+
|
|
99
|
+
if (shouldRun('realtime')) {
|
|
100
|
+
spinner.text = 'Checking real-time connections...';
|
|
101
|
+
categories.push({
|
|
102
|
+
name: 'Real-Time',
|
|
103
|
+
checks: await runRealtimeChecks(absoluteDir),
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
|
|
107
|
+
if (shouldRun('vulnerabilities')) {
|
|
108
|
+
spinner.text = 'Checking for web vulnerabilities...';
|
|
109
|
+
categories.push({
|
|
110
|
+
name: 'Vulnerabilities',
|
|
111
|
+
checks: await runVulnerabilityChecks(absoluteDir),
|
|
112
|
+
});
|
|
113
|
+
}
|
|
114
|
+
|
|
115
|
+
spinner.stop();
|
|
116
|
+
|
|
117
|
+
if (options.json) {
|
|
118
|
+
console.log(JSON.stringify(categories, null, 2));
|
|
119
|
+
} else {
|
|
120
|
+
renderReport(absoluteDir, categories);
|
|
121
|
+
}
|
|
122
|
+
|
|
123
|
+
const hasFail = categories
|
|
124
|
+
.flatMap((c) => c.checks)
|
|
125
|
+
.some((c) => c.status === 'fail');
|
|
126
|
+
|
|
127
|
+
if (options.strict && hasFail) {
|
|
128
|
+
process.exit(1);
|
|
129
|
+
}
|
|
130
|
+
} catch (err) {
|
|
131
|
+
spinner.fail('Scan failed');
|
|
132
|
+
console.error(err);
|
|
133
|
+
process.exit(1);
|
|
134
|
+
}
|
|
135
|
+
}
|
package/tsconfig.json
ADDED