npm - @sentriflow/core - Versions diffs - 0.1.8 → 0.1.9 - Mend

@sentriflow/core 0.1.8 → 0.1.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/package.json +1 -1
package/src/json-rules/schema.json +35 -5
package/src/types/IRule.ts +27 -6

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@sentriflow/core",
-  "version": "0.1.8",
+  "version": "0.1.9",
   "description": "SentriFlow core engine for network configuration validation",
   "license": "Apache-2.0",
   "module": "src/index.ts",

package/src/json-rules/schema.json CHANGED Viewed

@@ -135,6 +135,41 @@
         },
         "security": {
           "$ref": "#/definitions/SecurityMetadata"
+        },
+        "tags": {
+          "type": "array",
+          "items": { "$ref": "#/definitions/Tag" },
+          "description": "Typed tags for multi-dimensional rule categorization"
+        }
+      }
+    },
+    "TagType": {
+      "type": "string",
+      "enum": ["security", "operational", "compliance", "general"],
+      "description": "Tag classification type"
+    },
+    "Tag": {
+      "type": "object",
+      "required": ["type", "label"],
+      "additionalProperties": false,
+      "properties": {
+        "type": {
+          "$ref": "#/definitions/TagType"
+        },
+        "label": {
+          "type": "string",
+          "minLength": 1,
+          "description": "Short identifier/label for the tag"
+        },
+        "text": {
+          "type": "string",
+          "description": "Optional extended description"
+        },
+        "score": {
+          "type": "number",
+          "minimum": 0,
+          "maximum": 10,
+          "description": "Optional severity/priority score (0-10 range)"
         }
       }
     },
@@ -156,11 +191,6 @@
         "cvssVector": {
           "type": "string",
           "description": "CVSS v3.1 vector string"
-        },
-        "tags": {
-          "type": "array",
-          "items": { "type": "string" },
-          "description": "Security-related tags"
         }
       }
     },

package/src/types/IRule.ts CHANGED Viewed

@@ -179,9 +179,34 @@ export interface RulePack extends RulePackMetadata {
     disables?: PackDisableConfig;
 }
+/**
+ * Tag type classification for rule categorization.
+ * Allows multi-dimensional tagging beyond security-only metadata.
+ */
+export type TagType = 'security' | 'operational' | 'compliance' | 'general';
+/**
+ * A typed classification object for categorizing rules.
+ * Replaces the simpler string-based security tags with structured metadata.
+ */
+export interface Tag {
+    /** Tag classification type */
+    type: TagType;
+    /** Short identifier/label for the tag (e.g., "vlan-hopping", "access-control") */
+    label: string;
+    /** Optional extended description */
+    text?: string;
+    /** Optional severity/priority score (0-10 range) */
+    score?: number;
+}
 /**
  * SEC-007: Security metadata for SARIF integration.
  * Provides CWE mappings and CVSS scores for security-related rules.
+ * Note: tags field has been moved to RuleMetadata.tags for generalization.
  */
 export interface SecurityMetadata {
     /**
@@ -201,12 +226,6 @@ export interface SecurityMetadata {
      * Example: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'
      */
     cvssVector?: string;
-    /**
-     * Security-related tags for categorization.
-     * Example: ['authentication', 'hardcoded-credentials', 'encryption']
-     */
-    tags?: string[];
 }
 /**
@@ -226,6 +245,8 @@ export interface RuleMetadata {
     remediation?: string;
     /** SEC-007: Optional security metadata for SARIF integration */
     security?: SecurityMetadata;
+    /** Typed tags for multi-dimensional rule categorization */
+    tags?: Tag[];
 }
 /**