@vainplex/shieldapi-cli 1.2.2 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/commands/password.js +18 -7
- package/src/index.js +2 -2
package/package.json
CHANGED
package/src/commands/password.js
CHANGED
|
@@ -13,11 +13,15 @@ import { exitCodeFromResult, exitCodeFromError, EXIT } from '../lib/exit.js';
|
|
|
13
13
|
function readStdin() {
|
|
14
14
|
return new Promise((resolve, reject) => {
|
|
15
15
|
let data = '';
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
|
|
20
|
-
setTimeout(() => {
|
|
16
|
+
process.stdin.setEncoding('utf8');
|
|
17
|
+
process.stdin.on('data', (chunk) => { data += chunk; });
|
|
18
|
+
process.stdin.on('end', () => resolve(data.trim()));
|
|
19
|
+
process.stdin.on('error', reject);
|
|
20
|
+
setTimeout(() => {
|
|
21
|
+
process.stdin.destroy();
|
|
22
|
+
if (data) resolve(data.trim());
|
|
23
|
+
else reject(new Error('Stdin timeout — no input received'));
|
|
24
|
+
}, 10000);
|
|
21
25
|
});
|
|
22
26
|
}
|
|
23
27
|
|
|
@@ -31,8 +35,8 @@ export async function passwordCommand(password, opts) {
|
|
|
31
35
|
try {
|
|
32
36
|
let hash;
|
|
33
37
|
|
|
34
|
-
// --stdin: read password from stdin
|
|
35
38
|
if (opts.stdin) {
|
|
39
|
+
// --stdin: read password from stdin, ignore positional argument
|
|
36
40
|
if (!opts.quiet) {
|
|
37
41
|
process.stderr.write(chalk.gray('Reading password from stdin...\n'));
|
|
38
42
|
}
|
|
@@ -43,6 +47,13 @@ export async function passwordCommand(password, opts) {
|
|
|
43
47
|
return;
|
|
44
48
|
}
|
|
45
49
|
hash = createHash('sha1').update(stdinPassword).digest('hex').toUpperCase();
|
|
50
|
+
} else if (!password) {
|
|
51
|
+
// No password argument and no --stdin
|
|
52
|
+
process.stderr.write(chalk.red('Error: Provide a password argument or use --stdin.\n'));
|
|
53
|
+
process.stderr.write(chalk.gray(' shieldapi password "mypassword" --demo\n'));
|
|
54
|
+
process.stderr.write(chalk.gray(' echo -n "mypassword" | shieldapi password --stdin --demo\n'));
|
|
55
|
+
process.exitCode = EXIT.USAGE;
|
|
56
|
+
return;
|
|
46
57
|
} else if (opts.hash) {
|
|
47
58
|
// --hash: treat input as pre-computed SHA-1
|
|
48
59
|
hash = password.toUpperCase();
|
|
@@ -56,7 +67,7 @@ export async function passwordCommand(password, opts) {
|
|
|
56
67
|
hash = createHash('sha1').update(password).digest('hex').toUpperCase();
|
|
57
68
|
|
|
58
69
|
// Shell history warning (SR-5)
|
|
59
|
-
if (!opts.quiet && process.
|
|
70
|
+
if (!opts.quiet && process.stderr.isTTY) {
|
|
60
71
|
process.stderr.write(
|
|
61
72
|
chalk.yellow('⚠ Password may appear in shell history. Use --stdin for sensitive passwords.\n')
|
|
62
73
|
);
|
package/src/index.js
CHANGED
|
@@ -14,7 +14,7 @@ export function run(argv) {
|
|
|
14
14
|
program
|
|
15
15
|
.name('shieldapi')
|
|
16
16
|
.description('🛡️ ShieldAPI CLI — Security intelligence from your terminal. Pay-per-request with USDC.')
|
|
17
|
-
.version('1.
|
|
17
|
+
.version('1.3.0')
|
|
18
18
|
.option('--wallet <key>', 'Private key for x402 payments (or set SHIELDAPI_WALLET_KEY)')
|
|
19
19
|
.option('--json', 'Output raw JSON instead of formatted output')
|
|
20
20
|
.option('--no-color', 'Disable colors')
|
|
@@ -24,7 +24,7 @@ export function run(argv) {
|
|
|
24
24
|
program
|
|
25
25
|
.command('password')
|
|
26
26
|
.description('Check a password against breach databases')
|
|
27
|
-
.argument('
|
|
27
|
+
.argument('[password]', 'Password to check (hashed locally with SHA-1)')
|
|
28
28
|
.option('--demo', 'Use demo mode (free, no wallet needed)')
|
|
29
29
|
.option('--stdin', 'Read password from stdin (avoids shell history)')
|
|
30
30
|
.option('--hash', 'Treat input as pre-computed SHA-1 hash')
|