@xrift/cli 0.11.1 → 0.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/commands/check.d.ts +4 -0
- package/dist/commands/check.d.ts.map +1 -0
- package/dist/commands/check.js +20 -0
- package/dist/commands/check.js.map +1 -0
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/lib/__tests__/check.test.d.ts +2 -0
- package/dist/lib/__tests__/check.test.d.ts.map +1 -0
- package/dist/lib/__tests__/check.test.js +131 -0
- package/dist/lib/__tests__/check.test.js.map +1 -0
- package/dist/lib/check.d.ts +30 -0
- package/dist/lib/check.d.ts.map +1 -0
- package/dist/lib/check.js +161 -0
- package/dist/lib/check.js.map +1 -0
- package/package.json +2 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAGpC,eAAO,MAAM,YAAY,SACM,CAAC;AAiBhC,eAAe,YAAY,CAAC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import { Command } from 'commander';
|
|
2
|
+
import { checkWorld } from '../lib/check.js';
|
|
3
|
+
export const checkCommand = new Command('check')
|
|
4
|
+
.description('セキュリティチェックを実行');
|
|
5
|
+
checkCommand
|
|
6
|
+
.command('world')
|
|
7
|
+
.description('ワールドのビルド成果物をセキュリティチェック')
|
|
8
|
+
.option('--build', 'チェック前にビルドコマンドを実行')
|
|
9
|
+
.option('--ignore-warnings', '警告を無視しREJECTのみで失敗')
|
|
10
|
+
.option('--json', '結果をJSON形式で出力')
|
|
11
|
+
.action(async (options) => {
|
|
12
|
+
const exitCode = await checkWorld({
|
|
13
|
+
build: options.build,
|
|
14
|
+
ignoreWarnings: options.ignoreWarnings,
|
|
15
|
+
json: options.json,
|
|
16
|
+
});
|
|
17
|
+
process.exit(exitCode);
|
|
18
|
+
});
|
|
19
|
+
export default checkCommand;
|
|
20
|
+
//# sourceMappingURL=check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE7C,MAAM,CAAC,MAAM,YAAY,GAAG,IAAI,OAAO,CAAC,OAAO,CAAC;KAC7C,WAAW,CAAC,eAAe,CAAC,CAAC;AAEhC,YAAY;KACT,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,wBAAwB,CAAC;KACrC,MAAM,CAAC,SAAS,EAAE,kBAAkB,CAAC;KACrC,MAAM,CAAC,mBAAmB,EAAE,mBAAmB,CAAC;KAChD,MAAM,CAAC,QAAQ,EAAE,cAAc,CAAC;KAChC,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC;QAChC,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,IAAI,EAAE,OAAO,CAAC,IAAI;KACnB,CAAC,CAAC;IACH,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,eAAe,YAAY,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -8,6 +8,7 @@ import { loginCommand } from './commands/login.js';
|
|
|
8
8
|
import { logoutCommand } from './commands/logout.js';
|
|
9
9
|
import { whoamiCommand } from './commands/whoami.js';
|
|
10
10
|
import { uploadCommand } from './commands/upload.js';
|
|
11
|
+
import { checkCommand } from './commands/check.js';
|
|
11
12
|
import { checkForUpdates } from './lib/version-check.js';
|
|
12
13
|
import { setVerbose } from './lib/logger.js';
|
|
13
14
|
// package.json からバージョンを読み込む
|
|
@@ -31,6 +32,7 @@ program.addCommand(loginCommand);
|
|
|
31
32
|
program.addCommand(logoutCommand);
|
|
32
33
|
program.addCommand(whoamiCommand);
|
|
33
34
|
program.addCommand(uploadCommand);
|
|
35
|
+
program.addCommand(checkCommand);
|
|
34
36
|
// バージョンチェックを実行(非同期、エラーは無視)
|
|
35
37
|
// キャッシュがある場合は即座に通知、ない場合はバックグラウンドで取得
|
|
36
38
|
checkForUpdates(packageJson.version).catch(() => {
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE7C,4BAA4B;AAC5B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAC5B,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,iBAAiB,CAAC,EAAE,OAAO,CAAC,CAC1D,CAAC;AAEF,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,OAAO,CAAC;KACb,WAAW,CAAC,gDAAgD,CAAC;KAC7D,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,eAAe,EAAE,UAAU,CAAC;KACzD,UAAU,CAAC,YAAY,EAAE,QAAQ,CAAC;KAClC,MAAM,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;AAElC,qBAAqB;AACrB,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;IACvC,UAAU,CAAC,IAAI,CAAC,CAAC;AACnB,CAAC;AAED,oBAAoB;AACpB,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AACrD,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE7C,4BAA4B;AAC5B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;AACtC,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAC5B,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,iBAAiB,CAAC,EAAE,OAAO,CAAC,CAC1D,CAAC;AAEF,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,OAAO,CAAC;KACb,WAAW,CAAC,gDAAgD,CAAC;KAC7D,OAAO,CAAC,WAAW,CAAC,OAAO,EAAE,eAAe,EAAE,UAAU,CAAC;KACzD,UAAU,CAAC,YAAY,EAAE,QAAQ,CAAC;KAClC,MAAM,CAAC,WAAW,EAAE,SAAS,CAAC,CAAC;AAElC,qBAAqB;AACrB,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;IACvC,UAAU,CAAC,IAAI,CAAC,CAAC;AACnB,CAAC;AAED,oBAAoB;AACpB,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AACjC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,aAAa,CAAC,CAAC;AAClC,OAAO,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC;AAEjC,2BAA2B;AAC3B,oCAAoC;AACpC,eAAe,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE;IAC9C,SAAS;AACX,CAAC,CAAC,CAAC;AAEH,gBAAgB;AAChB,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"check.test.d.ts","sourceRoot":"","sources":["../../../src/lib/__tests__/check.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,131 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, afterEach } from '@jest/globals';
|
|
2
|
+
import fs from 'node:fs/promises';
|
|
3
|
+
import path from 'node:path';
|
|
4
|
+
import os from 'node:os';
|
|
5
|
+
// chalk / ora は ESM 専用モジュールのため、check.ts を直接 import すると
|
|
6
|
+
// Jest のトランスフォームで問題が起きる。runSecurityCheck のみを個別テストする。
|
|
7
|
+
// check.ts 全体の mock ではなく、依存関係を直接使ってテストする。
|
|
8
|
+
import { CodeSecurityService, determineFileContext, getSecurityVerdict, } from '@xrift/code-security';
|
|
9
|
+
describe('check - セキュリティチェックのコアロジック', () => {
|
|
10
|
+
let testDir;
|
|
11
|
+
let distDir;
|
|
12
|
+
beforeEach(async () => {
|
|
13
|
+
testDir = path.join(os.tmpdir(), `xrift-check-test-${Date.now()}`);
|
|
14
|
+
distDir = path.join(testDir, 'dist');
|
|
15
|
+
await fs.mkdir(distDir, { recursive: true });
|
|
16
|
+
});
|
|
17
|
+
afterEach(async () => {
|
|
18
|
+
try {
|
|
19
|
+
await fs.rm(testDir, { recursive: true, force: true });
|
|
20
|
+
}
|
|
21
|
+
catch {
|
|
22
|
+
// 削除失敗は無視
|
|
23
|
+
}
|
|
24
|
+
});
|
|
25
|
+
describe('CodeSecurityService.validate', () => {
|
|
26
|
+
it('安全なコードは低スコアを返す', () => {
|
|
27
|
+
const service = new CodeSecurityService();
|
|
28
|
+
const result = service.validate({
|
|
29
|
+
code: 'const x = 1 + 2;\nconsole.log(x);',
|
|
30
|
+
packageJson: { dependencies: {} },
|
|
31
|
+
});
|
|
32
|
+
expect(result.securityScore).toBeLessThan(50);
|
|
33
|
+
expect(result.violations.critical).toHaveLength(0);
|
|
34
|
+
});
|
|
35
|
+
it('eval()を含むコードはcritical違反を検出する', () => {
|
|
36
|
+
const service = new CodeSecurityService();
|
|
37
|
+
const result = service.validate({
|
|
38
|
+
code: 'const code = "alert(1)";\neval(code);',
|
|
39
|
+
packageJson: { dependencies: {} },
|
|
40
|
+
});
|
|
41
|
+
expect(result.securityScore).toBeGreaterThan(0);
|
|
42
|
+
const evalViolation = result.violations.critical.find((v) => v.rule === 'no-eval');
|
|
43
|
+
expect(evalViolation).toBeDefined();
|
|
44
|
+
});
|
|
45
|
+
it('fileContextを指定してチェックできる', () => {
|
|
46
|
+
const service = new CodeSecurityService();
|
|
47
|
+
const fileContext = determineFileContext('__federation_expose_World.js');
|
|
48
|
+
const result = service.validate({
|
|
49
|
+
code: 'const x = 1;',
|
|
50
|
+
packageJson: { dependencies: {} },
|
|
51
|
+
fileContext,
|
|
52
|
+
});
|
|
53
|
+
expect(result).toHaveProperty('securityScore');
|
|
54
|
+
expect(result).toHaveProperty('violations');
|
|
55
|
+
});
|
|
56
|
+
});
|
|
57
|
+
describe('getSecurityVerdict', () => {
|
|
58
|
+
it('スコア70以上はREJECT', () => {
|
|
59
|
+
expect(getSecurityVerdict(70)).toBe('REJECT');
|
|
60
|
+
expect(getSecurityVerdict(100)).toBe('REJECT');
|
|
61
|
+
});
|
|
62
|
+
it('スコア50-69はREVIEW', () => {
|
|
63
|
+
expect(getSecurityVerdict(50)).toBe('REVIEW');
|
|
64
|
+
expect(getSecurityVerdict(69)).toBe('REVIEW');
|
|
65
|
+
});
|
|
66
|
+
it('スコア50未満はAPPROVE', () => {
|
|
67
|
+
expect(getSecurityVerdict(0)).toBe('APPROVE');
|
|
68
|
+
expect(getSecurityVerdict(49)).toBe('APPROVE');
|
|
69
|
+
});
|
|
70
|
+
});
|
|
71
|
+
describe('determineFileContext', () => {
|
|
72
|
+
it('__federation_expose_World-xxx はユーザーコードと判定', () => {
|
|
73
|
+
const ctx = determineFileContext('__federation_expose_World-abc123.js');
|
|
74
|
+
expect(ctx.isUserCode).toBe(true);
|
|
75
|
+
});
|
|
76
|
+
it('__federation_shared_ は共有ライブラリと判定', () => {
|
|
77
|
+
const ctx = determineFileContext('__federation_shared_react.js');
|
|
78
|
+
expect(ctx.isSharedLibrary).toBe(true);
|
|
79
|
+
});
|
|
80
|
+
it('通常のファイルはバンドル依存と判定', () => {
|
|
81
|
+
const ctx = determineFileContext('vendor.js');
|
|
82
|
+
expect(ctx.isBundledDependency).toBe(true);
|
|
83
|
+
});
|
|
84
|
+
});
|
|
85
|
+
describe('runSecurityCheck 相当のインテグレーションテスト', () => {
|
|
86
|
+
it('複数ファイルをチェックして結果を集約できる', async () => {
|
|
87
|
+
// ファイルを準備
|
|
88
|
+
const safeFile = path.join(distDir, 'safe.js');
|
|
89
|
+
const dangerousFile = path.join(distDir, 'dangerous.js');
|
|
90
|
+
await fs.writeFile(safeFile, 'const x = 1;');
|
|
91
|
+
await fs.writeFile(dangerousFile, 'const code = "alert(1)";\neval(code);');
|
|
92
|
+
const service = new CodeSecurityService();
|
|
93
|
+
const files = [safeFile, dangerousFile];
|
|
94
|
+
const results = [];
|
|
95
|
+
for (const filePath of files) {
|
|
96
|
+
const code = await fs.readFile(filePath, 'utf-8');
|
|
97
|
+
const relativePath = path.relative(distDir, filePath);
|
|
98
|
+
const fileContext = determineFileContext(relativePath);
|
|
99
|
+
const response = service.validate({
|
|
100
|
+
code,
|
|
101
|
+
packageJson: { dependencies: {} },
|
|
102
|
+
fileContext,
|
|
103
|
+
});
|
|
104
|
+
const verdict = getSecurityVerdict(response.securityScore);
|
|
105
|
+
results.push({
|
|
106
|
+
file: relativePath,
|
|
107
|
+
score: response.securityScore,
|
|
108
|
+
verdict,
|
|
109
|
+
violations: response.violations,
|
|
110
|
+
});
|
|
111
|
+
}
|
|
112
|
+
expect(results).toHaveLength(2);
|
|
113
|
+
const safeResult = results.find((r) => r.file === 'safe.js');
|
|
114
|
+
expect(safeResult?.verdict).toBe('APPROVE');
|
|
115
|
+
const dangerousResult = results.find((r) => r.file === 'dangerous.js');
|
|
116
|
+
expect(dangerousResult?.score).toBeGreaterThan(0);
|
|
117
|
+
});
|
|
118
|
+
it('.mjs ファイルもチェックできる', async () => {
|
|
119
|
+
const mjsFile = path.join(distDir, 'module.mjs');
|
|
120
|
+
await fs.writeFile(mjsFile, 'export const value = 42;');
|
|
121
|
+
const code = await fs.readFile(mjsFile, 'utf-8');
|
|
122
|
+
const service = new CodeSecurityService();
|
|
123
|
+
const result = service.validate({
|
|
124
|
+
code,
|
|
125
|
+
packageJson: { dependencies: {} },
|
|
126
|
+
});
|
|
127
|
+
expect(result.securityScore).toBeLessThan(50);
|
|
128
|
+
});
|
|
129
|
+
});
|
|
130
|
+
});
|
|
131
|
+
//# sourceMappingURL=check.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"check.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/check.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC5E,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAEzB,uDAAuD;AACvD,qDAAqD;AACrD,0CAA0C;AAE1C,OAAO,EACL,mBAAmB,EACnB,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,sBAAsB,CAAC;AAG9B,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,IAAI,OAAe,CAAC;IACpB,IAAI,OAAe,CAAC;IAEpB,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,oBAAoB,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACnE,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QACrC,MAAM,EAAE,CAAC,KAAK,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;QAAC,MAAM,CAAC;YACP,UAAU;QACZ,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,EAAE,CAAC,gBAAgB,EAAE,GAAG,EAAE;YACxB,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC9B,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE;aAClC,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;YAC9C,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC9B,IAAI,EAAE,uCAAuC;gBAC7C,WAAW,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE;aAClC,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAChD,MAAM,aAAa,GAAG,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CACnD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAC5B,CAAC;YACF,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,WAAW,GAAG,oBAAoB,CAAC,8BAA8B,CAAC,CAAC;YACzE,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC9B,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE;gBACjC,WAAW;aACZ,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,eAAe,CAAC,CAAC;YAC/C,MAAM,CAAC,MAAM,CAAC,CAAC,cAAc,CAAC,YAAY,CAAC,CAAC;QAC9C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,gBAAgB,EAAE,GAAG,EAAE;YACxB,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC9C,MAAM,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iBAAiB,EAAE,GAAG,EAAE;YACzB,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC9C,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iBAAiB,EAAE,GAAG,EAAE;YACzB,MAAM,CAAC,kBAAkB,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC9C,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,GAAG,GAAG,oBAAoB,CAAC,qCAAqC,CAAC,CAAC;YACxE,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,GAAG,GAAG,oBAAoB,CAAC,8BAA8B,CAAC,CAAC;YACjE,MAAM,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mBAAmB,EAAE,GAAG,EAAE;YAC3B,MAAM,GAAG,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;YAC9C,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAChD,EAAE,CAAC,uBAAuB,EAAE,KAAK,IAAI,EAAE;YACrC,UAAU;YACV,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;YAC/C,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;YACzD,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;YAC7C,MAAM,EAAE,CAAC,SAAS,CAAC,aAAa,EAAE,uCAAuC,CAAC,CAAC;YAE3E,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;YACxC,MAAM,OAAO,GAAG,EAAE,CAAC;YAEnB,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;gBAC7B,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAClD,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;gBACtD,MAAM,WAAW,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;gBACvD,MAAM,QAAQ,GAAyB,OAAO,CAAC,QAAQ,CAAC;oBACtD,IAAI;oBACJ,WAAW,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE;oBACjC,WAAW;iBACZ,CAAC,CAAC;gBACH,MAAM,OAAO,GAAG,kBAAkB,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAC3D,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,YAAY;oBAClB,KAAK,EAAE,QAAQ,CAAC,aAAa;oBAC7B,OAAO;oBACP,UAAU,EAAE,QAAQ,CAAC,UAAU;iBAChC,CAAC,CAAC;YACL,CAAC;YAED,MAAM,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAEhC,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;YAC7D,MAAM,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAE5C,MAAM,eAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC;YACvE,MAAM,CAAC,eAAe,EAAE,KAAK,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mBAAmB,EAAE,KAAK,IAAI,EAAE;YACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;YACjD,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,0BAA0B,CAAC,CAAC;YAExD,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACjD,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,MAAM,GAAG,OAAO,CAAC,QAAQ,CAAC;gBAC9B,IAAI;gBACJ,WAAW,EAAE,EAAE,YAAY,EAAE,EAAE,EAAE;aAClC,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import type { Violation } from '@xrift/code-security';
|
|
2
|
+
export interface CheckWorldOptions {
|
|
3
|
+
build?: boolean;
|
|
4
|
+
ignoreWarnings?: boolean;
|
|
5
|
+
json?: boolean;
|
|
6
|
+
}
|
|
7
|
+
export interface FileCheckResult {
|
|
8
|
+
file: string;
|
|
9
|
+
score: number;
|
|
10
|
+
verdict: 'APPROVE' | 'REVIEW' | 'REJECT';
|
|
11
|
+
violations: {
|
|
12
|
+
critical: Violation[];
|
|
13
|
+
warnings: Violation[];
|
|
14
|
+
};
|
|
15
|
+
}
|
|
16
|
+
export interface SecurityCheckResult {
|
|
17
|
+
results: FileCheckResult[];
|
|
18
|
+
hasReject: boolean;
|
|
19
|
+
hasReview: boolean;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* 独立コマンド用: セキュリティチェックを実行し結果を表示
|
|
23
|
+
* @returns 終了コード (0: 成功, 1: 失敗)
|
|
24
|
+
*/
|
|
25
|
+
export declare function checkWorld(options?: CheckWorldOptions, cwd?: string): Promise<number>;
|
|
26
|
+
/**
|
|
27
|
+
* upload 連携用: セキュリティチェックを実行し結果オブジェクトのみ返す
|
|
28
|
+
*/
|
|
29
|
+
export declare function runSecurityCheck(files: string[], distDir: string): Promise<SecurityCheckResult>;
|
|
30
|
+
//# sourceMappingURL=check.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/lib/check.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAwB,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAO5E,MAAM,WAAW,iBAAiB;IAChC,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,SAAS,GAAG,QAAQ,GAAG,QAAQ,CAAC;IACzC,UAAU,EAAE;QACV,QAAQ,EAAE,SAAS,EAAE,CAAC;QACtB,QAAQ,EAAE,SAAS,EAAE,CAAC;KACvB,CAAC;CACH;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,eAAe,EAAE,CAAC;IAC3B,SAAS,EAAE,OAAO,CAAC;IACnB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAC9B,OAAO,GAAE,iBAAsB,EAC/B,GAAG,GAAE,MAAsB,GAC1B,OAAO,CAAC,MAAM,CAAC,CAoEjB;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CACpC,KAAK,EAAE,MAAM,EAAE,EACf,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,mBAAmB,CAAC,CAyC9B"}
|
|
@@ -0,0 +1,161 @@
|
|
|
1
|
+
import path from 'node:path';
|
|
2
|
+
import fs from 'node:fs/promises';
|
|
3
|
+
import chalk from 'chalk';
|
|
4
|
+
import ora from 'ora';
|
|
5
|
+
import { CodeSecurityService, determineFileContext, getSecurityVerdict, } from '@xrift/code-security';
|
|
6
|
+
import { loadProjectConfig, validateDistDir, scanDirectory, } from './project-config.js';
|
|
7
|
+
/**
|
|
8
|
+
* 独立コマンド用: セキュリティチェックを実行し結果を表示
|
|
9
|
+
* @returns 終了コード (0: 成功, 1: 失敗)
|
|
10
|
+
*/
|
|
11
|
+
export async function checkWorld(options = {}, cwd = process.cwd()) {
|
|
12
|
+
if (!options.json) {
|
|
13
|
+
console.log(chalk.blue('🔒 セキュリティチェックを開始します\n'));
|
|
14
|
+
}
|
|
15
|
+
try {
|
|
16
|
+
// 1. 設定読み込み
|
|
17
|
+
const spinner = !options.json ? ora('設定を読み込み中...').start() : null;
|
|
18
|
+
const config = await loadProjectConfig(cwd);
|
|
19
|
+
const distDir = path.resolve(cwd, config.world.distDir);
|
|
20
|
+
spinner?.succeed(chalk.green(`設定を読み込みました: distDir=${config.world.distDir}`));
|
|
21
|
+
// 2. ビルドコマンド実行
|
|
22
|
+
if (options.build && config.world.buildCommand) {
|
|
23
|
+
if (!options.json) {
|
|
24
|
+
console.log(chalk.blue(`\n🔨 ビルドコマンドを実行: ${config.world.buildCommand}\n`));
|
|
25
|
+
}
|
|
26
|
+
const { execSync } = await import('node:child_process');
|
|
27
|
+
execSync(config.world.buildCommand, { cwd, stdio: options.json ? 'ignore' : 'inherit' });
|
|
28
|
+
if (!options.json) {
|
|
29
|
+
console.log(chalk.green('\n✓ ビルドが完了しました\n'));
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
// 3. distディレクトリ検証
|
|
33
|
+
await validateDistDir(distDir);
|
|
34
|
+
// 4. JSファイルをスキャン
|
|
35
|
+
const scanSpinner = !options.json ? ora('ファイルをスキャン中...').start() : null;
|
|
36
|
+
const allFiles = await scanDirectory(distDir, config.world.ignore);
|
|
37
|
+
const jsFiles = allFiles.filter((f) => /\.(js|mjs)$/.test(f));
|
|
38
|
+
if (jsFiles.length === 0) {
|
|
39
|
+
scanSpinner?.succeed(chalk.yellow('チェック対象のJSファイルがありません'));
|
|
40
|
+
if (options.json) {
|
|
41
|
+
console.log(JSON.stringify({ results: [], hasReject: false, hasReview: false }));
|
|
42
|
+
}
|
|
43
|
+
return 0;
|
|
44
|
+
}
|
|
45
|
+
scanSpinner?.succeed(chalk.green(`${jsFiles.length}個のJSファイルを検出しました`));
|
|
46
|
+
// 5. セキュリティチェック実行
|
|
47
|
+
const checkResult = await runSecurityCheck(jsFiles, distDir);
|
|
48
|
+
// 6. 結果表示
|
|
49
|
+
if (options.json) {
|
|
50
|
+
console.log(JSON.stringify(checkResult, null, 2));
|
|
51
|
+
}
|
|
52
|
+
else {
|
|
53
|
+
printResults(checkResult);
|
|
54
|
+
}
|
|
55
|
+
// 7. 終了コード判定
|
|
56
|
+
if (checkResult.hasReject) {
|
|
57
|
+
return 1;
|
|
58
|
+
}
|
|
59
|
+
if (checkResult.hasReview && !options.ignoreWarnings) {
|
|
60
|
+
return 0;
|
|
61
|
+
}
|
|
62
|
+
return 0;
|
|
63
|
+
}
|
|
64
|
+
catch (error) {
|
|
65
|
+
if (options.json) {
|
|
66
|
+
console.log(JSON.stringify({ error: error instanceof Error ? error.message : String(error) }));
|
|
67
|
+
}
|
|
68
|
+
else if (error instanceof Error) {
|
|
69
|
+
console.error(chalk.red(`\n❌ ${error.message}`));
|
|
70
|
+
}
|
|
71
|
+
return 1;
|
|
72
|
+
}
|
|
73
|
+
}
|
|
74
|
+
/**
|
|
75
|
+
* upload 連携用: セキュリティチェックを実行し結果オブジェクトのみ返す
|
|
76
|
+
*/
|
|
77
|
+
export async function runSecurityCheck(files, distDir) {
|
|
78
|
+
const service = new CodeSecurityService();
|
|
79
|
+
const results = [];
|
|
80
|
+
// package.json を読み込み(存在しない場合は空の dependencies を使用)
|
|
81
|
+
let packageJsonDeps = {};
|
|
82
|
+
try {
|
|
83
|
+
const pkgPath = path.join(distDir, '..', 'package.json');
|
|
84
|
+
const pkgContent = await fs.readFile(pkgPath, 'utf-8');
|
|
85
|
+
const pkg = JSON.parse(pkgContent);
|
|
86
|
+
packageJsonDeps = pkg.dependencies || {};
|
|
87
|
+
}
|
|
88
|
+
catch {
|
|
89
|
+
// package.json がない場合は空で続行
|
|
90
|
+
}
|
|
91
|
+
for (const filePath of files) {
|
|
92
|
+
const code = await fs.readFile(filePath, 'utf-8');
|
|
93
|
+
const relativePath = path.relative(distDir, filePath);
|
|
94
|
+
const fileContext = determineFileContext(relativePath);
|
|
95
|
+
const response = service.validate({
|
|
96
|
+
code,
|
|
97
|
+
packageJson: { dependencies: packageJsonDeps },
|
|
98
|
+
fileContext,
|
|
99
|
+
});
|
|
100
|
+
const verdict = getSecurityVerdict(response.securityScore);
|
|
101
|
+
results.push({
|
|
102
|
+
file: relativePath,
|
|
103
|
+
score: response.securityScore,
|
|
104
|
+
verdict,
|
|
105
|
+
violations: response.violations,
|
|
106
|
+
});
|
|
107
|
+
}
|
|
108
|
+
return {
|
|
109
|
+
results,
|
|
110
|
+
hasReject: results.some((r) => r.verdict === 'REJECT'),
|
|
111
|
+
hasReview: results.some((r) => r.verdict === 'REVIEW'),
|
|
112
|
+
};
|
|
113
|
+
}
|
|
114
|
+
/**
|
|
115
|
+
* 結果をコンソールに表示
|
|
116
|
+
*/
|
|
117
|
+
function printResults(checkResult) {
|
|
118
|
+
console.log('');
|
|
119
|
+
for (const result of checkResult.results) {
|
|
120
|
+
const verdictColor = result.verdict === 'APPROVE'
|
|
121
|
+
? chalk.green
|
|
122
|
+
: result.verdict === 'REVIEW'
|
|
123
|
+
? chalk.yellow
|
|
124
|
+
: chalk.red;
|
|
125
|
+
console.log(chalk.gray(`━━━ ${result.file} ${'━'.repeat(Math.max(0, 40 - result.file.length))}`));
|
|
126
|
+
console.log(` スコア: ${result.score} 判定: ${verdictColor(result.verdict)}`);
|
|
127
|
+
for (const v of result.violations.critical) {
|
|
128
|
+
const loc = v.location ? ` (line ${v.location.line})` : '';
|
|
129
|
+
console.log(chalk.red(` ✗ ${v.message}${loc}`));
|
|
130
|
+
}
|
|
131
|
+
for (const v of result.violations.warnings) {
|
|
132
|
+
const loc = v.location ? ` (line ${v.location.line})` : '';
|
|
133
|
+
console.log(chalk.yellow(` ⚠ ${v.message}${loc}`));
|
|
134
|
+
}
|
|
135
|
+
console.log('');
|
|
136
|
+
}
|
|
137
|
+
// サマリー
|
|
138
|
+
const total = checkResult.results.length;
|
|
139
|
+
const approveCount = checkResult.results.filter((r) => r.verdict === 'APPROVE').length;
|
|
140
|
+
const reviewCount = checkResult.results.filter((r) => r.verdict === 'REVIEW').length;
|
|
141
|
+
const rejectCount = checkResult.results.filter((r) => r.verdict === 'REJECT').length;
|
|
142
|
+
console.log(chalk.gray('━'.repeat(40)));
|
|
143
|
+
let summary = `結果: ${total}ファイル`;
|
|
144
|
+
if (approveCount > 0)
|
|
145
|
+
summary += ` ${chalk.green(`APPROVE: ${approveCount}`)}`;
|
|
146
|
+
if (reviewCount > 0)
|
|
147
|
+
summary += ` ${chalk.yellow(`REVIEW: ${reviewCount}`)}`;
|
|
148
|
+
if (rejectCount > 0)
|
|
149
|
+
summary += ` ${chalk.red(`REJECT: ${rejectCount}`)}`;
|
|
150
|
+
console.log(summary);
|
|
151
|
+
if (checkResult.hasReject) {
|
|
152
|
+
console.log(chalk.red('\n❌ セキュリティチェックに失敗しました'));
|
|
153
|
+
}
|
|
154
|
+
else if (checkResult.hasReview) {
|
|
155
|
+
console.log(chalk.yellow('\n⚠ レビューが必要な項目があります'));
|
|
156
|
+
}
|
|
157
|
+
else {
|
|
158
|
+
console.log(chalk.green('\n✅ セキュリティチェックに合格しました'));
|
|
159
|
+
}
|
|
160
|
+
}
|
|
161
|
+
//# sourceMappingURL=check.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/lib/check.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,GAAG,MAAM,KAAK,CAAC;AACtB,OAAO,EACL,mBAAmB,EACnB,oBAAoB,EACpB,kBAAkB,GACnB,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,aAAa,GACd,MAAM,qBAAqB,CAAC;AAwB7B;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,UAA6B,EAAE,EAC/B,MAAc,OAAO,CAAC,GAAG,EAAE;IAE3B,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,IAAI,CAAC;QACH,YAAY;QACZ,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QAClE,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QACxD,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,uBAAuB,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QAE7E,eAAe;QACf,IAAI,OAAO,CAAC,KAAK,IAAI,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;YAC/C,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,KAAK,CAAC,YAAY,IAAI,CAAC,CAAC,CAAC;YAC7E,CAAC;YACD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;YACxD,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;YACzF,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAClB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,kBAAkB;QAClB,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC;QAE/B,iBAAiB;QACjB,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;QACxE,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnE,MAAM,OAAO,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,WAAW,EAAE,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAC;YAC1D,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;gBACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;YACnF,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC;QAED,WAAW,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,OAAO,CAAC,MAAM,iBAAiB,CAAC,CAAC,CAAC;QAEtE,kBAAkB;QAClB,MAAM,WAAW,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAE7D,UAAU;QACV,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,WAAW,CAAC,CAAC;QAC5B,CAAC;QAED,aAAa;QACb,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;YAC1B,OAAO,CAAC,CAAC;QACX,CAAC;QACD,IAAI,WAAW,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;YACrD,OAAO,CAAC,CAAC;QACX,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;QACjG,CAAC;aAAM,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAClC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACnD,CAAC;QACD,OAAO,CAAC,CAAC;IACX,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,KAAe,EACf,OAAe;IAEf,MAAM,OAAO,GAAG,IAAI,mBAAmB,EAAE,CAAC;IAC1C,MAAM,OAAO,GAAsB,EAAE,CAAC;IAEtC,kDAAkD;IAClD,IAAI,eAAe,GAA2B,EAAE,CAAC;IACjD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QACzD,MAAM,UAAU,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACnC,eAAe,GAAG,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,0BAA0B;IAC5B,CAAC;IAED,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC7B,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACtD,MAAM,WAAW,GAAG,oBAAoB,CAAC,YAAY,CAAC,CAAC;QAEvD,MAAM,QAAQ,GAAyB,OAAO,CAAC,QAAQ,CAAC;YACtD,IAAI;YACJ,WAAW,EAAE,EAAE,YAAY,EAAE,eAAe,EAAE;YAC9C,WAAW;SACZ,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,kBAAkB,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;QAE3D,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,YAAY;YAClB,KAAK,EAAE,QAAQ,CAAC,aAAa;YAC7B,OAAO;YACP,UAAU,EAAE,QAAQ,CAAC,UAAU;SAChC,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,OAAO;QACP,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC;QACtD,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC;KACvD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,WAAgC;IACpD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,OAAO,EAAE,CAAC;QACzC,MAAM,YAAY,GAChB,MAAM,CAAC,OAAO,KAAK,SAAS;YAC1B,CAAC,CAAC,KAAK,CAAC,KAAK;YACb,CAAC,CAAC,MAAM,CAAC,OAAO,KAAK,QAAQ;gBAC3B,CAAC,CAAC,KAAK,CAAC,MAAM;gBACd,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC;QAElB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,MAAM,CAAC,IAAI,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QAClG,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,CAAC,KAAK,SAAS,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAE3E,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YAC3C,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QACnD,CAAC;QACD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC;YAC3C,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC,CAAC,CAAC;QACtD,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,OAAO;IACP,MAAM,KAAK,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;IACzC,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;IACvF,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACrF,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IAErF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,IAAI,OAAO,GAAG,OAAO,KAAK,MAAM,CAAC;IACjC,IAAI,YAAY,GAAG,CAAC;QAAE,OAAO,IAAI,KAAK,KAAK,CAAC,KAAK,CAAC,YAAY,YAAY,EAAE,CAAC,EAAE,CAAC;IAChF,IAAI,WAAW,GAAG,CAAC;QAAE,OAAO,IAAI,KAAK,KAAK,CAAC,MAAM,CAAC,WAAW,WAAW,EAAE,CAAC,EAAE,CAAC;IAC9E,IAAI,WAAW,GAAG,CAAC;QAAE,OAAO,IAAI,KAAK,KAAK,CAAC,GAAG,CAAC,WAAW,WAAW,EAAE,CAAC,EAAE,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IAErB,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC,CAAC;IAClD,CAAC;SAAM,IAAI,WAAW,CAAC,SAAS,EAAE,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAC;IACnD,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC;IACpD,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@xrift/cli",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.12.0",
|
|
4
4
|
"description": "XRift CLI tool for world and avatar uploads",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"main": "dist/index.js",
|
|
@@ -43,6 +43,7 @@
|
|
|
43
43
|
"LICENSE"
|
|
44
44
|
],
|
|
45
45
|
"dependencies": {
|
|
46
|
+
"@xrift/code-security": "^0.1.0",
|
|
46
47
|
"axios": "^1.7.9",
|
|
47
48
|
"chalk": "^5.3.0",
|
|
48
49
|
"cli-progress": "^3.12.0",
|