@wakastellar/ui 2.1.2 → 2.3.2

package/src/components/waka-security-scan-result/index.tsx

@@ -0,0 +1,473 @@
+"use client"
+
+import * as React from "react"
+import { cn } from "../../utils/cn"
+import { Badge } from "../badge"
+import { Button } from "../button"
+import { Progress } from "../progress"
+import { ScrollArea } from "../scroll-area"
+import { Input } from "../input"
+import {
+  Shield,
+  ShieldAlert,
+  ShieldCheck,
+  AlertTriangle,
+  AlertCircle,
+  Info,
+  Search,
+  ExternalLink,
+  ChevronDown,
+  ChevronRight,
+  Package,
+  FileCode,
+  Link,
+  Clock,
+} from "lucide-react"
+
+export type VulnerabilitySeverity = "critical" | "high" | "medium" | "low" | "info"
+export type ScanType = "sast" | "dast" | "sca" | "secret" | "container"
+
+export interface Vulnerability {
+  id: string
+  title: string
+  description: string
+  severity: VulnerabilitySeverity
+  type: ScanType
+  cveId?: string
+  cweId?: string
+  cvssScore?: number
+  package?: string
+  version?: string
+  fixedVersion?: string
+  file?: string
+  line?: number
+  url?: string
+  remediation?: string
+}
+
+export interface ScanSummary {
+  critical: number
+  high: number
+  medium: number
+  low: number
+  info: number
+  total: number
+}
+
+export interface WakaSecurityScanResultProps {
+  /** List of vulnerabilities */
+  vulnerabilities: Vulnerability[]
+  /** Scan type */
+  scanType?: ScanType | "all"
+  /** Scan timestamp */
+  scannedAt?: Date
+  /** Callback when clicking on a vulnerability */
+  onVulnerabilityClick?: (vuln: Vulnerability) => void
+  /** Callback when viewing CVE details */
+  onViewCVE?: (cveId: string) => void
+  /** Title */
+  title?: string
+  /** Custom class name */
+  className?: string
+}
+
+const severityConfig: Record<VulnerabilitySeverity, { icon: React.ElementType; color: string; bgColor: string; label: string; score: string }> = {
+  critical: { icon: ShieldAlert, color: "text-red-600", bgColor: "bg-red-500", label: "Critical", score: "9.0-10.0" },
+  high: { icon: AlertCircle, color: "text-orange-500", bgColor: "bg-orange-500", label: "High", score: "7.0-8.9" },
+  medium: { icon: AlertTriangle, color: "text-yellow-500", bgColor: "bg-yellow-500", label: "Medium", score: "4.0-6.9" },
+  low: { icon: Info, color: "text-blue-500", bgColor: "bg-blue-500", label: "Low", score: "0.1-3.9" },
+  info: { icon: Info, color: "text-gray-500", bgColor: "bg-gray-500", label: "Info", score: "0" },
+}
+
+const scanTypeConfig: Record<ScanType, { icon: React.ElementType; label: string; description: string }> = {
+  sast: { icon: FileCode, label: "SAST", description: "Static Application Security Testing" },
+  dast: { icon: Link, label: "DAST", description: "Dynamic Application Security Testing" },
+  sca: { icon: Package, label: "SCA", description: "Software Composition Analysis" },
+  secret: { icon: Shield, label: "Secrets", description: "Secret Detection" },
+  container: { icon: Package, label: "Container", description: "Container Image Scanning" },
+}
+
+function SeverityBadge({ severity }: { severity: VulnerabilitySeverity }) {
+  const config = severityConfig[severity]
+  return (
+    <Badge className={cn("text-white", config.bgColor)}>
+      {config.label}
+    </Badge>
+  )
+}
+
+function VulnerabilityCard({
+  vulnerability,
+  isExpanded,
+  onToggle,
+  onViewCVE,
+}: {
+  vulnerability: Vulnerability
+  isExpanded: boolean
+  onToggle: () => void
+  onViewCVE?: (cveId: string) => void
+}) {
+  const sevConfig = severityConfig[vulnerability.severity]
+  const typeConfig = scanTypeConfig[vulnerability.type]
+  const SevIcon = sevConfig.icon
+  const TypeIcon = typeConfig.icon
+
+  return (
+    <div
+      className={cn(
+        "border rounded-lg overflow-hidden",
+        vulnerability.severity === "critical" && "border-red-500/50",
+        vulnerability.severity === "high" && "border-orange-500/50"
+      )}
+    >
+      <button
+        className={cn(
+          "w-full flex items-start gap-3 p-4 text-left hover:bg-muted/50 transition-colors",
+          vulnerability.severity === "critical" && "bg-red-500/5",
+          vulnerability.severity === "high" && "bg-orange-500/5"
+        )}
+        onClick={onToggle}
+      >
+        {isExpanded ? (
+          <ChevronDown className="h-4 w-4 mt-1 text-muted-foreground shrink-0" />
+        ) : (
+          <ChevronRight className="h-4 w-4 mt-1 text-muted-foreground shrink-0" />
+        )}
+
+        <SevIcon className={cn("h-5 w-5 mt-0.5 shrink-0", sevConfig.color)} />
+
+        <div className="flex-1 min-w-0">
+          <div className="flex items-center gap-2 flex-wrap">
+            <span className="font-medium">{vulnerability.title}</span>
+            <SeverityBadge severity={vulnerability.severity} />
+            <Badge variant="outline" className="text-xs">
+              <TypeIcon className="h-3 w-3 mr-1" />
+              {typeConfig.label}
+            </Badge>
+          </div>
+
+          <p className="text-sm text-muted-foreground mt-1 line-clamp-2">
+            {vulnerability.description}
+          </p>
+
+          <div className="flex items-center gap-3 mt-2 text-xs text-muted-foreground">
+            {vulnerability.cveId && (
+              <button
+                className="text-primary hover:underline flex items-center gap-1"
+                onClick={(e) => {
+                  e.stopPropagation()
+                  onViewCVE?.(vulnerability.cveId!)
+                }}
+              >
+                {vulnerability.cveId}
+                <ExternalLink className="h-3 w-3" />
+              </button>
+            )}
+            {vulnerability.cvssScore && (
+              <span>CVSS: {vulnerability.cvssScore.toFixed(1)}</span>
+            )}
+            {vulnerability.package && (
+              <span className="flex items-center gap-1">
+                <Package className="h-3 w-3" />
+                {vulnerability.package}@{vulnerability.version}
+              </span>
+            )}
+            {vulnerability.file && (
+              <span className="truncate max-w-[200px]">{vulnerability.file}:{vulnerability.line}</span>
+            )}
+          </div>
+        </div>
+      </button>
+
+      {isExpanded && (
+        <div className="border-t bg-muted/20 p-4 space-y-4">
+          <div className="grid grid-cols-1 md:grid-cols-2 gap-4 text-sm">
+            {vulnerability.cveId && (
+              <div>
+                <span className="text-muted-foreground">CVE ID:</span>{" "}
+                <span className="font-mono">{vulnerability.cveId}</span>
+              </div>
+            )}
+            {vulnerability.cweId && (
+              <div>
+                <span className="text-muted-foreground">CWE ID:</span>{" "}
+                <span className="font-mono">{vulnerability.cweId}</span>
+              </div>
+            )}
+            {vulnerability.cvssScore && (
+              <div>
+                <span className="text-muted-foreground">CVSS Score:</span>{" "}
+                <span className="font-medium">{vulnerability.cvssScore.toFixed(1)}</span>
+              </div>
+            )}
+            {vulnerability.package && (
+              <div>
+                <span className="text-muted-foreground">Package:</span>{" "}
+                <span className="font-mono">{vulnerability.package}@{vulnerability.version}</span>
+              </div>
+            )}
+            {vulnerability.fixedVersion && (
+              <div>
+                <span className="text-muted-foreground">Fixed in:</span>{" "}
+                <span className="font-mono text-green-500">{vulnerability.fixedVersion}</span>
+              </div>
+            )}
+            {vulnerability.file && (
+              <div>
+                <span className="text-muted-foreground">Location:</span>{" "}
+                <span className="font-mono">{vulnerability.file}:{vulnerability.line}</span>
+              </div>
+            )}
+          </div>
+
+          {vulnerability.remediation && (
+            <div>
+              <div className="text-sm font-medium mb-1">Remediation</div>
+              <p className="text-sm text-muted-foreground">{vulnerability.remediation}</p>
+            </div>
+          )}
+
+          {vulnerability.url && (
+            <Button
+              variant="outline"
+              size="sm"
+              onClick={() => window.open(vulnerability.url, "_blank")}
+            >
+              <ExternalLink className="h-4 w-4 mr-2" />
+              Learn More
+            </Button>
+          )}
+        </div>
+      )}
+    </div>
+  )
+}
+
+export function WakaSecurityScanResult({
+  vulnerabilities,
+  scanType = "all",
+  scannedAt,
+  onVulnerabilityClick,
+  onViewCVE,
+  title = "Security Scan Results",
+  className,
+}: WakaSecurityScanResultProps) {
+  const [searchQuery, setSearchQuery] = React.useState("")
+  const [severityFilter, setSeverityFilter] = React.useState<VulnerabilitySeverity | "all">("all")
+  const [expandedIds, setExpandedIds] = React.useState<Set<string>>(new Set())
+
+  const toggleExpand = (id: string) => {
+    setExpandedIds((prev) => {
+      const next = new Set(prev)
+      if (next.has(id)) {
+        next.delete(id)
+      } else {
+        next.add(id)
+      }
+      return next
+    })
+  }
+
+  // Calculate summary
+  const summary: ScanSummary = React.useMemo(() => {
+    return vulnerabilities.reduce(
+      (acc, vuln) => {
+        acc[vuln.severity]++
+        acc.total++
+        return acc
+      },
+      { critical: 0, high: 0, medium: 0, low: 0, info: 0, total: 0 }
+    )
+  }, [vulnerabilities])
+
+  // Filter vulnerabilities
+  const filteredVulns = React.useMemo(() => {
+    return vulnerabilities.filter((vuln) => {
+      if (severityFilter !== "all" && vuln.severity !== severityFilter) return false
+      if (searchQuery) {
+        const query = searchQuery.toLowerCase()
+        return (
+          vuln.title.toLowerCase().includes(query) ||
+          vuln.description.toLowerCase().includes(query) ||
+          vuln.cveId?.toLowerCase().includes(query) ||
+          vuln.package?.toLowerCase().includes(query)
+        )
+      }
+      return true
+    })
+  }, [vulnerabilities, severityFilter, searchQuery])
+
+  // Security score (simple calculation)
+  const securityScore = React.useMemo(() => {
+    const weights = { critical: 40, high: 20, medium: 5, low: 1, info: 0 }
+    const penalty = Object.entries(summary).reduce((acc, [key, count]) => {
+      if (key === "total") return acc
+      return acc + (weights[key as VulnerabilitySeverity] || 0) * count
+    }, 0)
+    return Math.max(0, 100 - penalty)
+  }, [summary])
+
+  const scoreColor = securityScore >= 80 ? "text-green-500" : securityScore >= 50 ? "text-yellow-500" : "text-red-500"
+
+  return (
+    <div className={cn("flex flex-col border rounded-lg bg-background", className)}>
+      {/* Header */}
+      <div className="flex items-center justify-between gap-4 p-3 border-b">
+        <div className="flex items-center gap-3">
+          {summary.critical > 0 || summary.high > 0 ? (
+            <ShieldAlert className="h-5 w-5 text-red-500" />
+          ) : (
+            <ShieldCheck className="h-5 w-5 text-green-500" />
+          )}
+          <h3 className="font-semibold">{title}</h3>
+        </div>
+
+        <div className="flex items-center gap-3">
+          <div className="text-right">
+            <div className={cn("text-2xl font-bold", scoreColor)}>{securityScore}</div>
+            <div className="text-xs text-muted-foreground">Security Score</div>
+          </div>
+        </div>
+      </div>
+
+      {/* Summary */}
+      <div className="grid grid-cols-5 gap-2 p-3 border-b bg-muted/30">
+        {(["critical", "high", "medium", "low", "info"] as VulnerabilitySeverity[]).map((severity) => {
+          const config = severityConfig[severity]
+          const count = summary[severity]
+          return (
+            <button
+              key={severity}
+              className={cn(
+                "flex flex-col items-center p-2 rounded-lg transition-colors",
+                severityFilter === severity ? "bg-background ring-1 ring-primary" : "hover:bg-background/50",
+                count > 0 && severity === "critical" && "bg-red-500/10",
+                count > 0 && severity === "high" && "bg-orange-500/10"
+              )}
+              onClick={() => setSeverityFilter(severityFilter === severity ? "all" : severity)}
+            >
+              <span className={cn("text-2xl font-bold", config.color)}>{count}</span>
+              <span className="text-xs text-muted-foreground capitalize">{severity}</span>
+            </button>
+          )
+        })}
+      </div>
+
+      {/* Toolbar */}
+      <div className="flex items-center gap-2 p-2 border-b">
+        <div className="relative flex-1 max-w-sm">
+          <Search className="absolute left-2.5 top-1/2 -translate-y-1/2 h-4 w-4 text-muted-foreground" />
+          <Input
+            placeholder="Search vulnerabilities..."
+            value={searchQuery}
+            onChange={(e) => setSearchQuery(e.target.value)}
+            className="pl-8 h-8"
+          />
+        </div>
+
+        {scannedAt && (
+          <span className="text-xs text-muted-foreground flex items-center gap-1">
+            <Clock className="h-3 w-3" />
+            Scanned {scannedAt.toLocaleString()}
+          </span>
+        )}
+      </div>
+
+      {/* Vulnerabilities list */}
+      <ScrollArea className="flex-1 max-h-[500px]">
+        <div className="p-3 space-y-2">
+          {filteredVulns.length === 0 ? (
+            <div className="flex flex-col items-center justify-center h-32 text-muted-foreground">
+              <ShieldCheck className="h-8 w-8 mb-2 text-green-500" />
+              <span>No vulnerabilities found</span>
+            </div>
+          ) : (
+            filteredVulns.map((vuln) => (
+              <VulnerabilityCard
+                key={vuln.id}
+                vulnerability={vuln}
+                isExpanded={expandedIds.has(vuln.id)}
+                onToggle={() => toggleExpand(vuln.id)}
+                onViewCVE={onViewCVE}
+              />
+            ))
+          )}
+        </div>
+      </ScrollArea>
+
+      {/* Footer */}
+      <div className="flex items-center justify-between px-3 py-2 border-t bg-muted/30 text-sm">
+        <span className="text-muted-foreground">
+          {filteredVulns.length} of {vulnerabilities.length} vulnerabilities
+        </span>
+        {summary.critical > 0 && (
+          <span className="text-red-500 font-medium">
+            {summary.critical} critical issues require immediate attention
+          </span>
+        )}
+      </div>
+    </div>
+  )
+}
+
+// Default sample vulnerabilities for demo
+export const defaultVulnerabilities: Vulnerability[] = [
+  {
+    id: "1",
+    title: "SQL Injection in login endpoint",
+    description: "User input is directly concatenated into SQL query without proper sanitization, allowing attackers to execute arbitrary SQL commands.",
+    severity: "critical",
+    type: "sast",
+    cweId: "CWE-89",
+    cvssScore: 9.8,
+    file: "src/auth/login.ts",
+    line: 45,
+    remediation: "Use parameterized queries or prepared statements to prevent SQL injection attacks.",
+  },
+  {
+    id: "2",
+    title: "Prototype Pollution in lodash",
+    description: "Versions of lodash prior to 4.17.21 are vulnerable to prototype pollution via the template function.",
+    severity: "high",
+    type: "sca",
+    cveId: "CVE-2021-23337",
+    cvssScore: 7.2,
+    package: "lodash",
+    version: "4.17.19",
+    fixedVersion: "4.17.21",
+    url: "https://nvd.nist.gov/vuln/detail/CVE-2021-23337",
+    remediation: "Upgrade lodash to version 4.17.21 or later.",
+  },
+  {
+    id: "3",
+    title: "Hardcoded API Key",
+    description: "AWS API key found hardcoded in source code. This exposes the key to anyone with access to the repository.",
+    severity: "high",
+    type: "secret",
+    file: "config/aws.ts",
+    line: 12,
+    remediation: "Remove the hardcoded key and use environment variables or a secrets manager.",
+  },
+  {
+    id: "4",
+    title: "Cross-Site Scripting (XSS)",
+    description: "User-provided content is rendered without proper escaping, allowing script injection.",
+    severity: "medium",
+    type: "dast",
+    cweId: "CWE-79",
+    cvssScore: 6.1,
+    url: "https://owasp.org/www-community/attacks/xss/",
+    remediation: "Sanitize and escape all user-provided content before rendering.",
+  },
+  {
+    id: "5",
+    title: "Outdated base image",
+    description: "Container uses node:14 base image which has known vulnerabilities.",
+    severity: "low",
+    type: "container",
+    package: "node",
+    version: "14.0.0",
+    fixedVersion: "18.0.0",
+    remediation: "Update to a more recent Node.js LTS version.",
+  },
+]

package/src/components/waka-server-rack/index.tsx

@@ -49,26 +49,27 @@ export interface WakaServerRackProps {
 // Constants
 // ============================================================================
 
+// Status colors using CSS variables for theme support
 const STATUS_COLORS = {
   online: {
-    led: "#22c55e",
-    glow: "rgba(34, 197, 94, 0.6)",
-    bg: "rgba(34, 197, 94, 0.1)",
+    led: "hsl(var(--success))",
+    glow: "hsl(var(--success) / 0.6)",
+    bg: "hsl(var(--success) / 0.1)",
   },
   warning: {
-    led: "#eab308",
-    glow: "rgba(234, 179, 8, 0.6)",
-    bg: "rgba(234, 179, 8, 0.1)",
+    led: "hsl(var(--warning))",
+    glow: "hsl(var(--warning) / 0.6)",
+    bg: "hsl(var(--warning) / 0.1)",
   },
   offline: {
-    led: "#ef4444",
-    glow: "rgba(239, 68, 68, 0.6)",
-    bg: "rgba(239, 68, 68, 0.1)",
+    led: "hsl(var(--destructive))",
+    glow: "hsl(var(--destructive) / 0.6)",
+    bg: "hsl(var(--destructive) / 0.1)",
   },
   maintenance: {
-    led: "#3b82f6",
-    glow: "rgba(59, 130, 246, 0.6)",
-    bg: "rgba(59, 130, 246, 0.1)",
+    led: "hsl(var(--info))",
+    glow: "hsl(var(--info) / 0.6)",
+    bg: "hsl(var(--info) / 0.1)",
   },
 }
 
@@ -87,8 +88,8 @@ interface MetricBarProps {
 
 function MetricBar({ value, label, color, animated }: MetricBarProps) {
   const getBarColor = () => {
-    if (value >= 90) return "#ef4444"
-    if (value >= 70) return "#eab308"
+    if (value >= 90) return "hsl(var(--destructive))"
+    if (value >= 70) return "hsl(var(--warning))"
     return color
   }
 
@@ -245,20 +246,20 @@ function ServerUnitRow({
                 <MetricBar
                   value={server.cpu}
                   label="CPU"
-                  color="#3b82f6"
+                  color="hsl(var(--chart-1))"
                   animated={animated}
                 />
                 <MetricBar
                   value={server.ram}
                   label="RAM"
-                  color="#8b5cf6"
+                  color="hsl(var(--chart-3))"
                   animated={animated}
                 />
                 {server.height >= 3 && (
                   <MetricBar
                     value={server.disk}
                     label="DSK"
-                    color="#06b6d4"
+                    color="hsl(var(--info))"
                     animated={animated}
                   />
                 )}
@@ -279,8 +280,8 @@ function ServerUnitRow({
           <div className="flex items-center gap-0.5">
             {server.network && (
               <div className="flex flex-col items-end mr-2 text-[7px] font-mono text-zinc-500">
-                <span className="text-green-500">{"\u25B2"} {server.network.out}</span>
-                <span className="text-blue-400">{"\u25BC"} {server.network.in}</span>
+                <span className="text-success">{"\u25B2"} {server.network.out}</span>
+                <span className="text-info">{"\u25BC"} {server.network.in}</span>
               </div>
             )}
             {/* Drive activity indicators */}
@@ -344,21 +345,21 @@ function ServerUnitRow({
               <span className="font-mono">{server.height}U</span>
             </div>
             <div className="border-t border-zinc-700 my-2" />
-            <MetricBar value={server.cpu} label="CPU" color="#3b82f6" />
-            <MetricBar value={server.ram} label="RAM" color="#8b5cf6" />
-            <MetricBar value={server.disk} label="DSK" color="#06b6d4" />
+            <MetricBar value={server.cpu} label="CPU" color="hsl(var(--chart-1))" />
+            <MetricBar value={server.ram} label="RAM" color="hsl(var(--chart-3))" />
+            <MetricBar value={server.disk} label="DSK" color="hsl(var(--info))" />
             {server.network && (
               <>
                 <div className="border-t border-zinc-700 my-2" />
                 <div className="flex justify-between text-zinc-400">
                   <span>Network In</span>
-                  <span className="font-mono text-blue-400">
+                  <span className="font-mono text-info">
                     {server.network.in} Mbps
                   </span>
                 </div>
                 <div className="flex justify-between text-zinc-400">
                   <span>Network Out</span>
-                  <span className="font-mono text-green-500">
+                  <span className="font-mono text-success">
                     {server.network.out} Mbps
                   </span>
                 </div>
@@ -626,10 +627,10 @@ export function WakaServerRack({
         style={{
           background: `radial-gradient(ellipse at center, ${
             servers.some((s) => s.status === "offline")
-              ? "rgba(239,68,68,0.05)"
+              ? "hsl(var(--destructive) / 0.05)"
               : servers.some((s) => s.status === "warning")
-                ? "rgba(234,179,8,0.05)"
-                : "rgba(34,197,94,0.03)"
+                ? "hsl(var(--warning) / 0.05)"
+                : "hsl(var(--success) / 0.03)"
           } 0%, transparent 70%)`,
           filter: "blur(20px)",
         }}