npm - @xcelera/cli - Versions diffs - 2.3.1 → 2.4.0 - Mend

@xcelera/cli 2.3.1 → 2.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (6) hide show

package/dist/cli.js CHANGED Viewed

@@ -9338,13 +9338,88 @@ async function inferBuildContext() {
     };
 }
+function readNetscapeCookieFileSync(filePath, now = new Date()) {
+    try {
+        const contents = readFileSync(filePath, 'utf8');
+        return parseNetscapeCookieFileContents(contents, filePath, now);
+    }
+    catch (error) {
+        const message = error instanceof Error ? error.message : String(error);
+        throw new Error(`Unable to read cookie file "${filePath}": ${message}`);
+    }
+}
+function parseNetscapeCookieFileContents(contents, sourceLabel = 'cookie file', now = new Date()) {
+    const cookies = [];
+    const expiredCookieNames = [];
+    const nowEpochSeconds = Math.floor(now.getTime() / 1000);
+    const lines = contents.split(/\r?\n/);
+    for (let index = 0; index < lines.length; index++) {
+        const rawLine = lines[index];
+        const line = rawLine.trim();
+        if (!line) {
+            continue;
+        }
+        if (line.startsWith('#') && !line.startsWith('#HttpOnly_')) {
+            continue;
+        }
+        const fields = line.split('\t');
+        if (fields.length !== 7) {
+            throw new Error(`Invalid Netscape cookie line ${index + 1} in ${sourceLabel}: expected 7 tab-separated fields`);
+        }
+        let domain = fields[0];
+        const path = fields[2] || undefined;
+        const secure = toBool(fields[3]);
+        const expiresEpochSeconds = parseEpochSeconds(fields[4], index + 1, sourceLabel);
+        const name = fields[5];
+        const value = fields[6] ?? '';
+        let httpOnly;
+        if (domain.startsWith('#HttpOnly_')) {
+            httpOnly = true;
+            domain = domain.slice('#HttpOnly_'.length);
+        }
+        const isExpired = expiresEpochSeconds > 0 && expiresEpochSeconds < nowEpochSeconds;
+        if (isExpired) {
+            expiredCookieNames.push(name);
+            continue;
+        }
+        const cookie = {
+            name,
+            value,
+            ...(domain && { domain }),
+            ...(path && { path }),
+            ...(secure && { secure: true }),
+            ...(httpOnly && { httpOnly: true })
+        };
+        cookies.push(cookie);
+    }
+    const warnings = [];
+    if (expiredCookieNames.length > 0) {
+        const preview = expiredCookieNames.slice(0, 5).join(', ');
+        const suffix = expiredCookieNames.length > 5 ? ', …' : '';
+        warnings.push(`⚠️ Dropped ${expiredCookieNames.length} expired cookie(s) from ${sourceLabel}: ${preview}${suffix}`);
+    }
+    return { cookies, warnings };
+}
+function toBool(value) {
+    return value.trim().toUpperCase() === 'TRUE';
+}
+function parseEpochSeconds(value, lineNumber, sourceLabel) {
+    const trimmed = value.trim();
+    const num = Number.parseInt(trimmed, 10);
+    if (Number.isNaN(num)) {
+        throw new Error(`Invalid expiration epoch seconds at line ${lineNumber} in ${sourceLabel}`);
+    }
+    return num;
+}
 async function runAuditCommand(url, token, authOptions) {
     const output = [];
     const errors = [];
     try {
         const buildContext = await inferBuildContext();
         output.push(...formatBuildContext(buildContext));
-        const auth = parseAuthCredentials(authOptions);
+        const { auth, warnings } = parseAuthCredentials(authOptions);
+        errors.push(...warnings);
         if (auth) {
             output.push('🔐 Authentication credentials detected');
             output.push('');
@@ -9442,35 +9517,26 @@ function formatGitHubIntegrationStatus(context) {
     return { output, errors };
 }
 function parseAuthCredentials(options) {
-    const envAuth = process.env.XCELERA_AUTH;
-    if (envAuth) {
-        try {
-            return JSON.parse(envAuth);
-        }
-        catch {
-            throw new Error('XCELERA_AUTH environment variable contains invalid JSON');
-        }
+    const warnings = [];
+    const cookies = [];
+    if (options?.cookieFile) {
+        const parsed = readNetscapeCookieFileSync(options.cookieFile);
+        warnings.push(...parsed.warnings);
+        cookies.push(...parsed.cookies);
     }
-    // Check for --auth JSON option
-    if (options?.authJson) {
-        try {
-            return JSON.parse(options.authJson);
-        }
-        catch {
-            throw new Error('--auth option contains invalid JSON');
-        }
+    if (options?.cookies && options.cookies.length > 0) {
+        cookies.push(...options.cookies.map(parseCookie));
     }
-    // Build auth from --cookie and --header options
-    const hasCookies = options?.cookies && options.cookies.length > 0;
     const hasHeaders = options?.headers && options.headers.length > 0;
+    const hasCookies = cookies.length > 0;
     if (!hasCookies && !hasHeaders) {
-        return undefined;
+        return { auth: undefined, warnings };
     }
     const auth = {};
-    if (hasCookies && options.cookies) {
-        auth.cookies = options.cookies.map(parseCookie);
+    if (hasCookies) {
+        auth.cookies = cookies;
     }
-    if (hasHeaders && options.headers) {
+    if (hasHeaders && options?.headers) {
         auth.headers = {};
         for (const header of options.headers) {
             const colonIndex = header.indexOf(':');
@@ -9482,7 +9548,7 @@ function parseAuthCredentials(options) {
             auth.headers[name] = value;
         }
     }
-    return auth;
+    return { auth, warnings };
 }
 function parseCookie(cookie) {
     const equalsIndex = cookie.indexOf('=');
@@ -9506,7 +9572,7 @@ const options = {
         required: true,
         default: process.env.XCELERA_TOKEN
     },
-    auth: {
+    'cookie-file': {
         type: 'string'
     },
     cookie: {
@@ -9538,7 +9604,8 @@ if (command !== 'audit') {
     printHelp();
     process.exit(1);
 }
-const { url, token, auth, cookie, header } = values;
+const { url, token, cookie, header } = values;
+const cookieFile = values['cookie-file'];
 if (!url) {
     console.error('URL is required. Use --url <url> to specify the URL to audit.');
     process.exit(1);
@@ -9548,7 +9615,7 @@ if (!token) {
     process.exit(1);
 }
 const result = await runAuditCommand(url, token, {
-    authJson: auth,
+    cookieFile,
     cookies: cookie,
     headers: header
 });
@@ -9568,8 +9635,8 @@ function printHelp() {
     console.log('                     Can be specified multiple times.');
     console.log('  --header <header>  Header in "Name: Value" format.');
     console.log('                     Can be specified multiple times.');
-    console.log('  --auth <json>      Full auth config as JSON.');
-    console.log('                     Can also be set with XCELERA_AUTH env var.');
+    console.log('  --cookie-file <path> Netscape cookie file (cookies.txt).');
+    console.log('                     Expired cookies are ignored with a warning.');
     console.log('');
     console.log('Examples:');
     console.log('  # Basic audit');
@@ -9586,9 +9653,8 @@ function printHelp() {
     console.log('  xcelera audit --url https://myapp.com/dashboard \\');
     console.log('    --cookie "session=abc123" --cookie "csrf=xyz"');
     console.log('');
-    console.log('  # Full auth JSON (multiple cookies and headers)');
-    console.log('  xcelera audit --url https://myapp.com/dashboard \\');
-    console.log('    --auth \'{"cookies":[{"name":"session","value":"abc123"}],"headers":{"X-Custom":"value"}}\'');
+    console.log('  # With cookie file (Netscape cookies.txt format)');
+    console.log('  xcelera audit --url https://myapp.com/dashboard --cookie-file ./cookies.txt');
     console.log('');
 }
 //# sourceMappingURL=cli.js.map