@socketsecurity/cli 0.9.3 → 0.10.1

package/lib/commands/scan/create.js

@@ -0,0 +1,245 @@
+/* eslint-disable no-console */
+
+import { stdin as inputText, stdout as output } from 'node:process'
+import * as readline from 'node:readline/promises'
+
+import chalk from 'chalk'
+import meow from 'meow'
+import open from 'open'
+import ora from 'ora'
+import { ErrorWithCause } from 'pony-cause'
+
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { prepareFlags } from '../../utils/flags.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { createDebugLogger } from '../../utils/misc.js'
+import { getPackageFilesFullScans } from '../../utils/path-resolve.js'
+import { getDefaultKey, setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
+export const create = {
+  description: 'Create a scan',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' create'
+
+    const input = await setupCommand(name, create.description, argv, importMeta)
+    if (input) {
+      const spinnerText = 'Creating a scan... \n'
+      const spinner = ora(spinnerText).start()
+
+      await createFullScan(input, spinner)
+    }
+  }
+}
+
+const createFullScanFlags = prepareFlags({
+  repo: {
+    type: 'string',
+    shortFlag: 'r',
+    default: '',
+    description: 'Repository name',
+  },
+  branch: {
+    type: 'string',
+    shortFlag: 'b',
+    default: '',
+    description: 'Branch name',
+  },
+  commitMessage: {
+    type: 'string',
+    shortFlag: 'm',
+    default: '',
+    description: 'Commit message',
+  },
+  commitHash: {
+    type: 'string',
+    shortFlag: 'ch',
+    default: '',
+    description: 'Commit hash',
+  },
+  pullRequest: {
+    type: 'number',
+    shortFlag: 'pr',
+    description: 'Commit hash',
+  },
+  committers: {
+    type: 'string',
+    shortFlag: 'c',
+    default: '',
+    description: 'Committers',
+  },
+  defaultBranch: {
+    type: 'boolean',
+    shortFlag: 'db',
+    default: false,
+    description: 'Make default branch',
+  },
+  pendingHead: {
+    type: 'boolean',
+    shortFlag: 'ph',
+    default: false,
+    description: 'Set as pending head',
+  },
+  tmp: {
+    type: 'boolean',
+    shortFlag: 't',
+    default: false,
+    description: 'Set the visibility (true/false) of the scan in your dashboard',
+  }
+})
+
+// Internal functions
+
+/**
+ * @typedef CommandContext
+ * @property {string} orgSlug
+ * @property {string} repoName
+ * @property {string} branchName
+ * @property {string} committers
+ * @property {string} commitMessage
+ * @property {string} commitHash
+ * @property {number | undefined} pullRequest
+ * @property {boolean} defaultBranch
+ * @property {boolean} pendingHead
+ * @property {boolean} tmp
+ * @property {string[]} packagePaths
+ */
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {Promise<void|CommandContext>}
+ */
+async function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...createFullScanFlags
+  }
+
+  const cli = meow(`
+    Usage
+      $ ${name} [...options]
+
+    Options
+      ${printFlagList(flags, 6)}
+
+    Examples
+      $ ${name} --org=FakeOrg --repo=test-repo --branch=main ./package.json
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags
+  })
+
+  const {
+    repo: repoName,
+    branch: branchName,
+    commitMessage,
+    defaultBranch,
+    pendingHead,
+    tmp,
+    committers,
+    commitHash,
+    pullRequest
+  } = cli.flags
+
+  if (!cli.input[0]) {
+    cli.showHelp()
+    return
+  }
+
+  const [orgSlug = ''] = cli.input
+
+  const cwd = process.cwd()
+  const socketSdk = await setupSdk()
+  const supportedFiles = await socketSdk.getReportSupportedFiles()
+  .then(res => {
+    if (!res.success) handleUnsuccessfulApiResponse('getReportSupportedFiles', res, ora())
+    return res.data
+  }).catch(
+    /** @type {(cause: Error) => never} */
+    (cause) => {
+      throw new ErrorWithCause('Failed getting supported files for report', { cause })
+    })
+  const debugLog = createDebugLogger(false)
+  const packagePaths = await getPackageFilesFullScans(cwd, cli.input, supportedFiles, debugLog)
+
+  if (!repoName || !branchName || !packagePaths.length) {
+    console.error(`${chalk.bgRed('Input error')}: Please provide the required fields: \n 
+- Repository name using --repo, \n
+- Branch name using --branch \n
+- At least one file path (e.g. ./package.json) .\n`)
+    cli.showHelp()
+    return
+  }
+
+  return {
+    orgSlug,
+    repoName,
+    branchName,
+    commitMessage,
+    defaultBranch,
+    pendingHead,
+    tmp,
+    packagePaths,
+    commitHash,
+    committers,
+    pullRequest
+  }
+}
+
+/**
+ * @typedef FullScanData
+ * @property {import('@socketsecurity/sdk').SocketSdkReturnType<'CreateOrgFullScan'>["data"]} data
+ */
+
+/**
+ * @param {CommandContext} input
+ * @param {import('ora').Ora} spinner
+ * @returns {Promise<void|FullScanData>}
+ */
+async function createFullScan (input, spinner) {
+  const socketSdk = await setupSdk(getDefaultKey())
+  const {
+    orgSlug,
+    repoName,
+    branchName,
+    commitMessage,
+    defaultBranch,
+    pendingHead,
+    tmp,
+    packagePaths
+  } = input
+
+  const result = await handleApiCall(socketSdk.createOrgFullScan(orgSlug, {
+    repo: repoName,
+    branch: branchName,
+    commit_message: commitMessage,
+    make_default_branch: defaultBranch,
+    set_as_pending_head: pendingHead,
+    tmp
+  }, packagePaths), 'Creating scan')
+
+  if (!result.success) {
+    return handleUnsuccessfulApiResponse('CreateOrgFullScan', result, spinner)
+  }
+  spinner.stop()
+
+  console.log('\n✅ Scan created successfully \n')
+  const link = chalk.hex('#00FFFF').underline(`${result.data.html_report_url}`)
+  console.log(`Available at: ${link} \n`)
+
+  const rl = readline.createInterface({ input: inputText, output })
+
+  const answer = await rl.question('Would you like to open it in your browser? (y/n) ')
+
+  answer.toLowerCase() === 'y' && open(`${result.data.html_report_url}`)
+
+  rl.close()
+
+  return {
+    data: result.data
+  }
+}

package/lib/commands/scan/delete.js

@@ -0,0 +1,112 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+
+import { outputFlags } from '../../flags/index.js'
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { getDefaultKey, setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
+export const del = {
+  description: 'Delete a scan',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' del'
+
+    const input = setupCommand(name, del.description, argv, importMeta)
+    if (input) {
+      const spinnerText = 'Deleting scan...'
+      const spinner = ora(spinnerText).start()
+      await deleteOrgFullScan(input.orgSlug, input.fullScanId, spinner)
+    }
+  }
+}
+
+// Internal functions
+
+/**
+ * @typedef CommandContext
+ * @property {boolean} outputJson
+ * @property {boolean} outputMarkdown
+ * @property {string} orgSlug
+ * @property {string} fullScanId
+ */
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|CommandContext}
+ */
+function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...outputFlags
+  }
+
+  const cli = meow(`
+    Usage
+      $ ${name} <org slug> <scan ID>
+
+    Options
+      ${printFlagList(flags, 6)}
+
+    Examples
+      $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags
+  })
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  if (cli.input.length < 2) {
+    console.error(`${chalk.bgRed('Input error')}: Please specify an organization slug and a scan ID.\n`)
+    cli.showHelp()
+    return
+  }
+
+  const [orgSlug = '', fullScanId = ''] = cli.input
+
+  return {
+    outputJson,
+    outputMarkdown,
+    orgSlug,
+    fullScanId
+  }
+}
+
+/**
+ * @typedef FullScanData
+ * @property {import('@socketsecurity/sdk').SocketSdkReturnType<'deleteOrgFullScan'>["data"]} data
+ */
+
+/**
+ * @param {string} orgSlug
+ * @param {string} fullScanId
+ * @param {import('ora').Ora} spinner
+ * @returns {Promise<void|FullScanData>}
+ */
+async function deleteOrgFullScan (orgSlug, fullScanId, spinner) {
+  const socketSdk = await setupSdk(getDefaultKey())
+  const result = await handleApiCall(socketSdk.deleteOrgFullScan(orgSlug, fullScanId), 'Deleting scan')
+
+  if (!result.success) {
+    return handleUnsuccessfulApiResponse('deleteOrgFullScan', result, spinner)
+  }
+
+  console.log('\n ✅ Scan deleted successfully. \n')
+
+  spinner.stop()
+
+  return {
+    data: result.data
+  }
+}

package/lib/commands/scan/index.js

@@ -0,0 +1,30 @@
+import { create } from './create.js'
+import { del } from './delete.js'
+import { list } from './list.js'
+import { metadata } from './metadata.js'
+import { stream } from './stream.js'
+import { meowWithSubcommands } from '../../utils/meow-with-subcommands.js'
+
+const description = 'Scans related commands'
+
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
+export const scan = {
+  description,
+  run: async (argv, importMeta, { parentName }) => {
+    await meowWithSubcommands(
+      {
+        create,
+        stream,
+        list,
+        del,
+        metadata
+      },
+      {
+        argv,
+        description,
+        importMeta,
+        name: parentName + ' scan',
+      }
+    )
+  }
+}

package/lib/commands/scan/list.js

@@ -0,0 +1,192 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+// @ts-ignore
+import chalkTable from 'chalk-table'
+import meow from 'meow'
+import ora from 'ora'
+
+import { outputFlags } from '../../flags/index.js'
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { prepareFlags } from '../../utils/flags.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { getDefaultKey, setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
+export const list = {
+  description: 'List scans for an organization',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' list'
+
+    const input = setupCommand(name, list.description, argv, importMeta)
+    if (input) {
+      const spinnerText = 'Listing scans... \n'
+      const spinner = ora(spinnerText).start()
+      await listOrgFullScan(input.orgSlug, input, spinner)
+    }
+  }
+}
+
+const listFullScanFlags = prepareFlags({
+  sort: {
+    type: 'string',
+    shortFlag: 's',
+    default: 'created_at',
+    description: 'Sorting option (`name` or `created_at`) - default is `created_at`',
+  },
+  direction: {
+    type: 'string',
+    shortFlag: 'd',
+    default: 'desc',
+    description: 'Direction option (`desc` or `asc`) - Default is `desc`',
+  },
+  perPage: {
+    type: 'number',
+    shortFlag: 'pp',
+    default: 30,
+    description: 'Results per page - Default is 30',
+  },
+  page: {
+    type: 'number',
+    shortFlag: 'p',
+    default: 1,
+    description: 'Page number - Default is 1',
+  },
+  fromTime: {
+    type: 'string',
+    shortFlag: 'f',
+    default: '',
+    description: 'From time - as a unix timestamp',
+  },
+  untilTime: {
+    type: 'string',
+    shortFlag: 'u',
+    default: '',
+    description: 'Until time - as a unix timestamp',
+  }
+})
+
+// Internal functions
+
+/**
+ * @typedef CommandContext
+ * @property {boolean} outputJson
+ * @property {boolean} outputMarkdown
+ * @property {string} orgSlug
+ * @property {string} sort
+ * @property {string} direction
+ * @property {number} per_page
+ * @property {number} page
+ * @property {string} from_time
+ * @property {string} until_time
+ */
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|CommandContext}
+ */
+function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...outputFlags,
+    ...listFullScanFlags
+  }
+
+  const cli = meow(`
+    Usage
+      $ ${name} <org slug>
+
+    Options
+      ${printFlagList(flags, 6)}
+
+    Examples
+      $ ${name} FakeOrg
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags
+  })
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+    sort,
+    direction,
+    perPage,
+    page,
+    fromTime,
+    untilTime
+  } = cli.flags
+
+  if (!cli.input[0]) {
+    console.error(`${chalk.bgRed('Input error')}: Please specify an organization slug.\n`)
+    cli.showHelp()
+    return
+  }
+
+  const [orgSlug = ''] = cli.input
+
+  return {
+    outputJson,
+    outputMarkdown,
+    orgSlug,
+    sort,
+    direction,
+    per_page: perPage,
+    page,
+    from_time: fromTime,
+    until_time: untilTime
+  }
+}
+
+/**
+ * @typedef FullScansData
+ * @property {import('@socketsecurity/sdk').SocketSdkReturnType<'getOrgFullScanList'>["data"]} data
+ */
+
+/**
+ * @param {string} orgSlug
+ * @param {CommandContext} input
+ * @param {import('ora').Ora} spinner
+ * @returns {Promise<void|FullScansData>}
+ */
+async function listOrgFullScan (orgSlug, input, spinner) {
+  const socketSdk = await setupSdk(getDefaultKey())
+  const result = await handleApiCall(socketSdk.getOrgFullScanList(orgSlug, input), 'Listing scans')
+
+  if (!result.success) {
+    return handleUnsuccessfulApiResponse('getOrgFullScanList', result, spinner)
+  }
+  spinner.stop()
+
+  console.log(`\n Listing scans for: ${orgSlug} \n`)
+
+  const options = {
+    columns: [
+      { field: 'id', name: chalk.magenta('ID') },
+      { field: 'report_url', name: chalk.magenta('Scan URL') },
+      { field: 'branch', name: chalk.magenta('Branch') },
+      { field: 'created_at', name: chalk.magenta('Created at') }
+    ]
+  }
+
+  const formattedResults = result.data.results.map(d => {
+    return {
+      id: d.id,
+      report_url: chalk.underline(`${d.html_report_url}`),
+      created_at: d.created_at ? new Date(d.created_at).toLocaleDateString('en-us', { year: 'numeric', month: 'numeric', day: 'numeric' }) : '',
+      branch: d.branch
+    }
+  })
+
+  const table = chalkTable(options, formattedResults)
+
+  console.log(table, '\n')
+
+  return {
+    data: result.data
+  }
+}

package/lib/commands/scan/metadata.js

@@ -0,0 +1,113 @@
+/* eslint-disable no-console */
+
+import chalk from 'chalk'
+import meow from 'meow'
+import ora from 'ora'
+
+import { outputFlags } from '../../flags/index.js'
+import { handleApiCall, handleUnsuccessfulApiResponse } from '../../utils/api-helpers.js'
+import { printFlagList } from '../../utils/formatting.js'
+import { getDefaultKey, setupSdk } from '../../utils/sdk.js'
+
+/** @type {import('../../utils/meow-with-subcommands.js').CliSubcommand} */
+export const metadata = {
+  description: 'Get a scan\'s metadata',
+  async run (argv, importMeta, { parentName }) {
+    const name = parentName + ' metadata'
+
+    const input = setupCommand(name, metadata.description, argv, importMeta)
+    if (input) {
+      const spinnerText = 'Getting scan\'s metadata... \n'
+      const spinner = ora(spinnerText).start()
+      await getOrgScanMetadata(input.orgSlug, input.scanID, spinner)
+    }
+  }
+}
+
+// Internal functions
+
+/**
+ * @typedef CommandContext
+ * @property {boolean} outputJson
+ * @property {boolean} outputMarkdown
+ * @property {string} orgSlug
+ * @property {string} scanID
+ */
+
+/**
+ * @param {string} name
+ * @param {string} description
+ * @param {readonly string[]} argv
+ * @param {ImportMeta} importMeta
+ * @returns {void|CommandContext}
+ */
+function setupCommand (name, description, argv, importMeta) {
+  const flags = {
+    ...outputFlags,
+  }
+
+  const cli = meow(`
+    Usage
+      $ ${name} <org slug> <scan id>
+
+    Options
+      ${printFlagList(flags, 6)}
+
+    Examples
+      $ ${name} FakeOrg 000aaaa1-0000-0a0a-00a0-00a0000000a0
+  `, {
+    argv,
+    description,
+    importMeta,
+    flags
+  })
+
+  const {
+    json: outputJson,
+    markdown: outputMarkdown,
+  } = cli.flags
+
+  if (cli.input.length < 2) {
+    console.error(`${chalk.bgRed('Input error')}: Please specify an organization slug and a scan ID.\n`)
+    cli.showHelp()
+    return
+  }
+
+  const [orgSlug = '', scanID = ''] = cli.input
+
+  return {
+    outputJson,
+    outputMarkdown,
+    orgSlug,
+    scanID
+  }
+}
+
+/**
+ * @typedef FullScansData
+ * @property {import('@socketsecurity/sdk').SocketSdkReturnType<'getOrgFullScanMetadata'>["data"]} data
+ */
+
+/**
+ * @param {string} orgSlug
+ * @param {string} scanId
+ * @param {import('ora').Ora} spinner
+ * @returns {Promise<void|FullScansData>}
+ */
+async function getOrgScanMetadata (orgSlug, scanId, spinner) {
+  const socketSdk = await setupSdk(getDefaultKey())
+  const result = await handleApiCall(socketSdk.getOrgFullScanMetadata(orgSlug, scanId), 'Listing scans')
+
+  if (!result.success) {
+    return handleUnsuccessfulApiResponse('getOrgFullScanMetadata', result, spinner)
+  }
+  spinner.stop()
+
+  console.log('\nScan metadata: \n')
+
+  console.log(result.data)
+
+  return {
+    data: result.data
+  }
+}