npm - @securitychecks/cli - Versions diffs - 0.1.1 → 0.2.0 - Mend

@securitychecks/cli 0.1.1 → 0.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/lib.d.ts CHANGED Viewed

@@ -905,4 +905,26 @@ type InvariantLike = {
 declare function getStaffQuestion(invariantId: string): string | null;
 declare function generateTestSkeleton(invariant: InvariantLike | null | undefined, framework: TestFramework, context?: string): string;
-export { type AggregateCalibrationConfig, type AggregateCalibrationData, type AggregateCalibrationResult, type AttackPath, type AttackStep, type AuditOptions, BASELINE_SCHEMA_VERSION, type BaselineEntry, type BaselineFile, CLIError, type CategorizationResult, type CategorizedFinding, type CloudEvaluateOptions, type CloudEvaluateResult, type CompoundingEffect, type CorrelatedFinding, type CorrelationResult, type CorrelationStats, type CorrelationTelemetryConfig, type ErrorCode, ErrorCodes, ErrorMessages, ErrorRemediation, type EvaluationProgressCallback, type FrameworkBaseline, type InvariantLike, type InvariantStats, type PatternStats, SUPPORTED_SCHEMA_RANGE, type ScanTelemetry, type SchemaValidationResult, type SharedContext, type TelemetryConfig, type TestFramework, WAIVER_SCHEMA_VERSION, type WaiverEntry, type WaiverFile, addToBaseline, addWaiver, attachFindingId, attachFindingIds, audit, buildTelemetry, calculateRelativeSeverity, categorizeFindings, checkCloudHealth, clearAggregateCache, correlateFindings, evaluateCloud, extractIdentityPayload, fetchAggregateCalibration, formatAggregateCalibrationSummary, formatCorrelatedFinding, formatCorrelationStats, generateFindingId, generateTestSkeleton, getCIExitCode, getCISummary, getCloudInvariants, getCurrentSchemaVersion, getExpiringWaivers, getFrameworkBaseline, getSkippedPatterns, getStaffQuestion, getValidWaiver, getVerifiedCorrelations, hasCollisions, isAggregateCalibrationDisabled, isCLIError, isCloudEvalAvailable, isInBaseline, isTelemetryDisabled, loadBaseline, loadWaivers, pruneBaseline, pruneExpiredWaivers, reportCorrelationFeedback, reportCorrelations, reportTelemetry, resolveCollisions, saveBaseline, saveWaivers, shouldSkipPattern, validateSchemaVersion, wrapError };
+type Grade = 'A' | 'B' | 'C' | 'F';
+interface ReadinessScore {
+    score: number;
+    grade: Grade;
+    total: number;
+    passed: number;
+    failed: number;
+    hasP0: boolean;
+}
+declare function getScoreGrade(score: number): Grade;
+declare function computeReadinessScore(summary: {
+    total: number;
+    passed: number;
+    failed: number;
+    byPriority: {
+        P0: number;
+        P1: number;
+        P2: number;
+    };
+}): ReadinessScore;
+declare function formatScoreForCli(rs: ReadinessScore): string;
+export { type AggregateCalibrationConfig, type AggregateCalibrationData, type AggregateCalibrationResult, type AttackPath, type AttackStep, type AuditOptions, BASELINE_SCHEMA_VERSION, type BaselineEntry, type BaselineFile, CLIError, type CategorizationResult, type CategorizedFinding, type CloudEvaluateOptions, type CloudEvaluateResult, type CompoundingEffect, type CorrelatedFinding, type CorrelationResult, type CorrelationStats, type CorrelationTelemetryConfig, type ErrorCode, ErrorCodes, ErrorMessages, ErrorRemediation, type EvaluationProgressCallback, type FrameworkBaseline, type Grade, type InvariantLike, type InvariantStats, type PatternStats, type ReadinessScore, SUPPORTED_SCHEMA_RANGE, type ScanTelemetry, type SchemaValidationResult, type SharedContext, type TelemetryConfig, type TestFramework, WAIVER_SCHEMA_VERSION, type WaiverEntry, type WaiverFile, addToBaseline, addWaiver, attachFindingId, attachFindingIds, audit, buildTelemetry, calculateRelativeSeverity, categorizeFindings, checkCloudHealth, clearAggregateCache, computeReadinessScore, correlateFindings, evaluateCloud, extractIdentityPayload, fetchAggregateCalibration, formatAggregateCalibrationSummary, formatCorrelatedFinding, formatCorrelationStats, formatScoreForCli, generateFindingId, generateTestSkeleton, getCIExitCode, getCISummary, getCloudInvariants, getCurrentSchemaVersion, getExpiringWaivers, getFrameworkBaseline, getScoreGrade, getSkippedPatterns, getStaffQuestion, getValidWaiver, getVerifiedCorrelations, hasCollisions, isAggregateCalibrationDisabled, isCLIError, isCloudEvalAvailable, isInBaseline, isTelemetryDisabled, loadBaseline, loadWaivers, pruneBaseline, pruneExpiredWaivers, reportCorrelationFeedback, reportCorrelations, reportTelemetry, resolveCollisions, saveBaseline, saveWaivers, shouldSkipPattern, validateSchemaVersion, wrapError };

package/dist/lib.js CHANGED Viewed

@@ -5,6 +5,7 @@ import { homedir } from 'os';
 import { join, dirname } from 'path';
 import { gzipSync } from 'zlib';
 import { randomUUID, createHash } from 'crypto';
+import pc from 'picocolors';
 // src/audit.ts
 var CONFIG_DIR = join(homedir(), ".securitychecks");
@@ -1069,7 +1070,7 @@ function createEmptyWaiverFile(version = "0.0.0") {
     entries: {}
   };
 }
-var CLI_VERSION = "0.1.1";
+var CLI_VERSION = "0.2.0";
 var SCHECK_DIR = ".scheck";
 var BASELINE_FILE = "baseline.json";
 var WAIVER_FILE = "waivers.json";
@@ -1718,7 +1719,7 @@ function toObservation(correlation, framework) {
       signals: correlation.compoundingEffect.signals
     },
     meta: {
-      clientVersion: "0.1.1",
+      clientVersion: "0.2.0",
       requestId: randomUUID(),
       timestamp: (/* @__PURE__ */ new Date()).toISOString()
     }
@@ -1736,7 +1737,7 @@ async function reportCorrelations(result, config, framework) {
       correlations: observations,
       summary: result.stats,
       meta: {
-        clientVersion: "0.1.1",
+        clientVersion: "0.2.0",
         framework
       }
     };
@@ -1748,7 +1749,7 @@ async function reportCorrelations(result, config, framework) {
         headers: {
           "Content-Type": "application/json",
           ...config.apiKey && { Authorization: `Bearer ${config.apiKey}` },
-          "X-Client-Version": "0.1.1"
+          "X-Client-Version": "0.2.0"
         },
         body: JSON.stringify(payload),
         signal: controller.signal
@@ -1824,7 +1825,7 @@ function buildTelemetry(result, options) {
     } : void 0,
     meta: {
       duration: result.duration,
-      clientVersion: "0.1.1",
+      clientVersion: "0.2.0",
       mode: options.mode ?? (ciProvider ? "ci" : "manual"),
       ciProvider
     },
@@ -2181,7 +2182,36 @@ function indent(text, spaces) {
 function escapeString(text) {
   return text.replace(/\\/g, "\\\\").replace(/'/g, "\\'");
 }
+function getScoreGrade(score) {
+  if (score >= 90) return "A";
+  if (score >= 70) return "B";
+  if (score >= 50) return "C";
+  return "F";
+}
+function computeReadinessScore(summary) {
+  const { total, passed, failed, byPriority } = summary;
+  const hasP0 = byPriority.P0 > 0;
+  if (total === 0) {
+    return { score: 100, grade: "A", total: 0, passed: 0, failed: 0, hasP0: false };
+  }
+  let score = Math.round(100 * passed / total);
+  if (hasP0 && score > 49) {
+    score = 49;
+  }
+  return {
+    score,
+    grade: getScoreGrade(score),
+    total,
+    passed,
+    failed,
+    hasP0
+  };
+}
+function formatScoreForCli(rs) {
+  const gradeColor = rs.grade === "A" ? pc.green : rs.grade === "B" ? pc.yellow : rs.grade === "C" ? pc.red : pc.red;
+  return gradeColor(`Score: ${rs.score}/100 (${rs.grade})`);
+}
-export { BASELINE_SCHEMA_VERSION, CLIError, ErrorCodes, ErrorMessages, ErrorRemediation, SUPPORTED_SCHEMA_RANGE, WAIVER_SCHEMA_VERSION, addToBaseline, addWaiver, attachFindingId, attachFindingIds, audit, buildTelemetry, calculateRelativeSeverity, categorizeFindings, checkCloudHealth, clearAggregateCache, correlateFindings, evaluateCloud, extractIdentityPayload, fetchAggregateCalibration, formatAggregateCalibrationSummary, formatCorrelatedFinding, formatCorrelationStats, generateFindingId, generateTestSkeleton, getCIExitCode, getCISummary, getCloudInvariants, getCurrentSchemaVersion, getExpiringWaivers, getFrameworkBaseline, getSkippedPatterns, getStaffQuestion, getValidWaiver, getVerifiedCorrelations, hasCollisions, isAggregateCalibrationDisabled, isCLIError, isCloudEvalAvailable, isInBaseline, isTelemetryDisabled, loadBaseline, loadWaivers, pruneBaseline, pruneExpiredWaivers, reportCorrelationFeedback, reportCorrelations, reportTelemetry, resolveCollisions, saveBaseline, saveWaivers, shouldSkipPattern, validateSchemaVersion, wrapError };
+export { BASELINE_SCHEMA_VERSION, CLIError, ErrorCodes, ErrorMessages, ErrorRemediation, SUPPORTED_SCHEMA_RANGE, WAIVER_SCHEMA_VERSION, addToBaseline, addWaiver, attachFindingId, attachFindingIds, audit, buildTelemetry, calculateRelativeSeverity, categorizeFindings, checkCloudHealth, clearAggregateCache, computeReadinessScore, correlateFindings, evaluateCloud, extractIdentityPayload, fetchAggregateCalibration, formatAggregateCalibrationSummary, formatCorrelatedFinding, formatCorrelationStats, formatScoreForCli, generateFindingId, generateTestSkeleton, getCIExitCode, getCISummary, getCloudInvariants, getCurrentSchemaVersion, getExpiringWaivers, getFrameworkBaseline, getScoreGrade, getSkippedPatterns, getStaffQuestion, getValidWaiver, getVerifiedCorrelations, hasCollisions, isAggregateCalibrationDisabled, isCLIError, isCloudEvalAvailable, isInBaseline, isTelemetryDisabled, loadBaseline, loadWaivers, pruneBaseline, pruneExpiredWaivers, reportCorrelationFeedback, reportCorrelations, reportTelemetry, resolveCollisions, saveBaseline, saveWaivers, shouldSkipPattern, validateSchemaVersion, wrapError };
 //# sourceMappingURL=lib.js.map
 //# sourceMappingURL=lib.js.map