@zerothreatai/cli 1.0.0

package/.env.prod

@@ -0,0 +1,2 @@
+LICENSE_API=http://localhost:3201/api/license
+CLOUD_API=https://api.zerothreat.ai/api/on-prem/license

package/LICENSE

@@ -0,0 +1,28 @@
+BSD 3-Clause License
+
+Copyright (c) 2025, zerothreatai
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+   list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+   this list of conditions and the following disclaimer in the documentation
+   and/or other materials provided with the distribution.
+
+3. Neither the name of the copyright holder nor the names of its
+   contributors may be used to endorse or promote products derived from
+   this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

package/README.md

@@ -0,0 +1,3 @@
+# zerothreat-installer-cli
+
+This is the on_prem installer cli project

package/dist/index.js

@@ -0,0 +1,28 @@
+#!/usr/bin/env node
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const commander_1 = require("commander");
+const menu_js_1 = __importDefault(require("./src/menu.js"));
+const start_setup_js_1 = require("./src/commands/start-setup.js");
+const dotenv_1 = require("dotenv");
+(0, dotenv_1.config)({
+    path: !process.env.WORKING_ENVIRONMENT ? `.env.prod` : `.env`
+});
+commander_1.program
+    .name("zt")
+    .description("ZEROTHREAT AI CLI")
+    .version("1.0.0");
+commander_1.program
+    .command("menu")
+    .description("Show main menu")
+    .action(menu_js_1.default);
+commander_1.program.command("start-setup").action(start_setup_js_1.startSetup);
+if (!process.argv.slice(2).length) {
+    (0, menu_js_1.default)();
+}
+else {
+    commander_1.program.parse(process.argv);
+}

package/dist/src/actions/license-service.js

@@ -0,0 +1,128 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.firstIgnition = firstIgnition;
+exports.licenseDeactivate = licenseDeactivate;
+const get_mac_1 = require("../utils/get-mac");
+const path_1 = __importDefault(require("path"));
+const child_process_1 = require("child_process");
+const fs_1 = __importDefault(require("fs"));
+const js_yaml_1 = __importDefault(require("js-yaml"));
+const dockerode_1 = __importDefault(require("dockerode"));
+const license_api_service_1 = __importDefault(require("../services/license-api-service"));
+const acr_token_service_1 = __importDefault(require("../services/acr-token-service"));
+const ask_que_1 = require("../utils/ask-que");
+const chalk_1 = __importDefault(require("chalk"));
+const cli_table3_1 = __importDefault(require("cli-table3"));
+const app_constants_1 = require("../constants/app-constants");
+let COMPOSE_FILE = "";
+const PROJECT = "zerothreat";
+const NETWORK = "zerothreat-onprem-nw";
+let auth = {
+    username: "",
+    password: "",
+    serveraddress: "",
+};
+const docker = new dockerode_1.default();
+async function ensureNetwork() {
+    const existing = await docker.listNetworks({ filters: { name: [NETWORK] } });
+    if (existing.length === 0) {
+        await docker.createNetwork({ Name: NETWORK, CheckDuplicate: true });
+        console.log(`Network created: ${NETWORK}`);
+    }
+}
+async function pullImages() {
+    const doc = js_yaml_1.default.load(fs_1.default.readFileSync(COMPOSE_FILE, "utf8"));
+    const images = Object.values(doc.services || {}).map(s => s.image);
+    console.log(`Pulling ${images.length} images in parallel...`);
+    await Promise.all(images.map(image => new Promise((resolve, reject) => {
+        docker.pull(image, { authconfig: auth }, (err, stream) => {
+            if (err)
+                return reject(err);
+            if (!stream)
+                return reject(new Error("No stream received"));
+            docker.modem.followProgress(stream, err => (err ? reject(err) : resolve()), () => process.stdout.write("."));
+        });
+    }).then(() => console.log(`\nDone: ${image}`))));
+    console.log("All images pulled!");
+}
+async function runCompose(args) {
+    return new Promise((resolve, reject) => {
+        const child = (0, child_process_1.spawn)("docker", ["compose", "-f", COMPOSE_FILE, "-p", PROJECT, ...args], {
+            stdio: "inherit",
+        });
+        child.on("close", code => (code === 0 ? resolve() : reject(new Error("compose failed"))));
+    });
+}
+async function firstIgnition(licenseKey, emailId) {
+    console.log(">> Running first docker setup ...");
+    let token = '';
+    const acrTokenService = new acr_token_service_1.default();
+    const machineId = (0, get_mac_1.getMachineId)();
+    try {
+        const { dockerAuth, activationToken } = await acrTokenService.getAcrToken(licenseKey, emailId, machineId);
+        auth = dockerAuth;
+        token = activationToken;
+        if (app_constants_1.dockerComposeAcr) {
+            COMPOSE_FILE = app_constants_1.dockerComposeAcr;
+        }
+        await ensureNetwork();
+        await pullImages();
+        await runCompose(["up", "-d"]);
+        //sleep for 30 seconds to allow sql server to start
+        console.log("Waiting for SQL Server to start...");
+        await new Promise(resolve => setTimeout(resolve, 30000));
+    }
+    catch (error) {
+        throw error;
+    }
+    finally {
+        if (app_constants_1.dockerComposeAcr) {
+            const tempDir = path_1.default.dirname(app_constants_1.dockerComposeAcr);
+            fs_1.default.rmSync(tempDir, { recursive: true, force: true });
+        }
+    }
+    return token;
+}
+async function licenseDeactivate() {
+    console.log(chalk_1.default.dim("License deactivation initiated.. \n"));
+    try {
+        const deactivationToken = await (0, ask_que_1.ask)(chalk_1.default.yellow.bold("🗝️ Enter Deactivation Token: "));
+        const machineId = (0, get_mac_1.getMachineId)();
+        const licenseApi = new license_api_service_1.default();
+        const table = new cli_table3_1.default({
+            chars: {
+                "top": "═",
+                "top-left": "╔",
+                "top-right": "╗",
+                "bottom": "═",
+                "bottom-left": "╚",
+                "bottom-right": "╝",
+                "left": "║",
+                "right": "║",
+            },
+        });
+        try {
+            const res = await licenseApi.deactivateLicense(machineId, deactivationToken);
+            if (res.status) {
+                table.options.style.border = ['green'];
+                table.push([chalk_1.default.bold.green(res.message)]);
+                console.log(table.toString());
+            }
+            else {
+                table.push([chalk_1.default.bold.green(res.message)]);
+                console.log(table.toString());
+            }
+        }
+        catch (error) {
+            table.options.style.border = ['red'];
+            table.push([chalk_1.default.bold.red(`DeactivateLicense error:${error.message}`)]);
+            console.log(table.toString());
+        }
+    }
+    catch (err) {
+        console.log(chalk_1.default.redBright(`DeactivateLicense error: ${err.message}`));
+    }
+}

package/dist/src/commands/activate.js

@@ -0,0 +1,56 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const license_api_service_1 = __importDefault(require("../services/license-api-service"));
+const license_table_1 = require("../utils/license-table");
+const chalk_1 = __importDefault(require("chalk"));
+const cli_table3_1 = __importDefault(require("cli-table3"));
+exports.default = async (token) => {
+    console.log(chalk_1.default.blue("\n🚀 Opening Activation Page...\n"));
+    const licenseService = new license_api_service_1.default();
+    const response = await licenseService.activateLicense(token);
+    if (response.status) {
+        // Celebration header
+        const table = new cli_table3_1.default({
+            style: {
+                border: ["blue"],
+                head: [],
+                compact: false,
+            },
+            chars: {
+                "top": chalk_1.default.green("═"),
+                "top-left": chalk_1.default.green("╔"),
+                "top-right": chalk_1.default.green("╗"),
+                "bottom": chalk_1.default.green("═"),
+                "bottom-left": chalk_1.default.green("╚"),
+                "bottom-right": chalk_1.default.green("╝"),
+                "left": chalk_1.default.green("║"),
+                "right": chalk_1.default.green("║"),
+            },
+        });
+        table.push([chalk_1.default.bold.green('  🎉 CONGRATULATIONS! LICENSE ACTIVATED! 🎉')]);
+        console.log(table.toString());
+        console.log(chalk_1.default.green.bold('\n✨ Welcome to ZeroThreatAI Web Vulnerability Scan Platform! ✨'));
+        console.log(chalk_1.default.gray('Your license has been successfully activated and is ready to use.\n'));
+        (0, license_table_1.displayLicenseTable)(response);
+    }
+    else {
+        console.log(chalk_1.default.red.bold('\n🚫 License Activation Failed\n'));
+        console.log(chalk_1.default.gray('We were unable to connect to the ZeroThreatAI servers to complete the'));
+        console.log(chalk_1.default.gray('license activation. Please check the possible causes and try again.\n'));
+        console.log(chalk_1.default.bold('Reasons'));
+        console.log(chalk_1.default.red('📄 Reason'));
+        console.log(chalk_1.default.gray(`   ${response.message}\n`));
+        console.log(chalk_1.default.bold('Possible Causes'));
+        console.log(chalk_1.default.magenta('📶 Internet Connection'));
+        console.log(chalk_1.default.gray('   Your device may have lost its connection to the internet.\n'));
+        console.log(chalk_1.default.magenta('💥 System Crash'));
+        console.log(chalk_1.default.gray('   Your computer may have shut down unexpectedly during the process.\n'));
+        console.log(chalk_1.default.magenta('🛡️  Firewall or Proxy'));
+        console.log(chalk_1.default.gray('   Network security settings may be blocking the connection.\n'));
+        console.log(chalk_1.default.bold('Next Steps'));
+        console.log(chalk_1.default.gray('You can retry the activation process or contact our support team for assistance.\n'));
+    }
+};

package/dist/src/commands/deactivate.js

@@ -0,0 +1,7 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+const license_service_1 = require("../actions/license-service");
+exports.default = async () => {
+    console.log("\nLicense Deactivation\n");
+    await (0, license_service_1.licenseDeactivate)();
+};

package/dist/src/commands/start-setup.js

@@ -0,0 +1,61 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.startSetup = startSetup;
+const license_service_1 = require("../actions/license-service");
+const ask_que_1 = require("../utils/ask-que");
+const chalk_1 = __importDefault(require("chalk"));
+const activate_1 = __importDefault(require("./activate"));
+const acr_error_1 = __importDefault(require("../utils/acr-error"));
+const validateEmail = (email) => {
+    const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
+    return emailRegex.test(email);
+};
+const validateLicenseKey = (key) => {
+    const licenseRegex = /^[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}$/;
+    return licenseRegex.test(key);
+};
+async function startSetup() {
+    console.log("\nActivating License...\n");
+    let email;
+    do {
+        email = await (0, ask_que_1.ask)(chalk_1.default.yellow.bold("📧 Enter Email: "));
+        if (!validateEmail(email)) {
+            console.log("Invalid email format. Please try again.");
+        }
+    } while (!validateEmail(email));
+    let licenseKey;
+    do {
+        licenseKey = await (0, ask_que_1.ask)(chalk_1.default.yellow.bold("🗝️ Enter License Key (XXXX-XXXX-XXXX-XXXX): "));
+        if (!validateLicenseKey(licenseKey)) {
+            console.log("Invalid license key format. Must be XXXX-XXXX-XXXX-XXXX where X is a number.");
+        }
+    } while (!validateLicenseKey(licenseKey));
+    // Docker Setup
+    let token = '';
+    try {
+        token = await (0, license_service_1.firstIgnition)(licenseKey, email);
+    }
+    catch (err) {
+        if (err instanceof acr_error_1.default) {
+            console.log(chalk_1.default.red(`Error : ${err.message}`));
+            return;
+        }
+        console.error(chalk_1.default.redBright(`Error : ${err.message}`));
+        console.error(chalk_1.default.yellowBright(`Please Retry.`));
+        return;
+    }
+    // License Activation call
+    try {
+        console.log("Setting up your license ...");
+        await (0, activate_1.default)(token);
+        return;
+    }
+    catch (err) {
+        console.error(chalk_1.default.redBright(err));
+        return;
+    }
+}
+;

package/dist/src/config/api-config.js

@@ -0,0 +1,10 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.API_CONFIG = void 0;
+const API_CONFIG = () => {
+    return {
+        licenseApi: process.env.LICENSE_API,
+        onPremLicenseCloudeApi: process.env.CLOUD_API,
+    };
+};
+exports.API_CONFIG = API_CONFIG;

package/dist/src/constants/app-constants.js

@@ -0,0 +1,13 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.setDockerComposeAcr = exports.setLicenseClaimed = exports.dockerComposeAcr = exports.isLicenseClaimed = void 0;
+exports.isLicenseClaimed = false;
+exports.dockerComposeAcr = '';
+const setLicenseClaimed = (value) => {
+    exports.isLicenseClaimed = value;
+};
+exports.setLicenseClaimed = setLicenseClaimed;
+const setDockerComposeAcr = (value) => {
+    exports.dockerComposeAcr = value;
+};
+exports.setDockerComposeAcr = setDockerComposeAcr;

package/dist/src/menu.js

@@ -0,0 +1,106 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = showMenu;
+const inquirer_1 = __importDefault(require("inquirer"));
+const chalk_1 = __importDefault(require("chalk"));
+const start_setup_1 = require("./commands/start-setup");
+const deactivate_1 = __importDefault(require("./commands/deactivate"));
+async function showMenu() {
+    console.clear();
+    // Header with description
+    console.log(chalk_1.default.gray('╔' + '═'.repeat(78) + '╗'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.bold.magenta('                        ZEROTHREAT ON-PREM INSTALLER                          ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('╠' + '═'.repeat(78) + '╣'));
+    console.log(chalk_1.default.gray('║') + ' '.repeat(78) + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.bold.white('  AppSec without Noise or Complexity                                          ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.white('  Continuous Pentesting for Web Apps & APIs at Dev Speed                      ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + ' '.repeat(78) + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.gray('  Ship 10× faster with audit-ready compliance. ZeroThreat protects            ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.gray('  modern web apps & APIs through continuous pentesting, actionable            ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.gray('  insights, and coverage for 40,000+ vulnerabilities.                         ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + ' '.repeat(78) + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + chalk_1.default.bold.green('  🛡️  On-Premise Installation Tool CLI                                         ') + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('║') + ' '.repeat(78) + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('╚' + '═'.repeat(78) + '╝'));
+    console.log();
+    // Menu options box
+    console.log(chalk_1.default.gray('╔═ ' + chalk_1.default.bold.white('MAIN MENU') + ' ═' + '═'.repeat(65) + '╗'));
+    console.log(chalk_1.default.gray('║  ') + ' '.repeat(76) + chalk_1.default.gray('║'));
+    const { action } = await inquirer_1.default.prompt([
+        {
+            type: "list",
+            name: "action",
+            message: chalk_1.default.bold.cyan("Select an action:"),
+            choices: [
+                {
+                    name: chalk_1.default.green("🔑 Activate License & Setup"),
+                    value: "Start Setup"
+                },
+                {
+                    name: chalk_1.default.redBright("⛔ Deassociate License & System"),
+                    value: "Deactivate License"
+                },
+                {
+                    name: chalk_1.default.yellow("🔄 Update License") + chalk_1.default.gray(" (Coming Soon)"),
+                    value: "Update License (Coming Soon)",
+                },
+                {
+                    name: chalk_1.default.white("❌ Exit"),
+                    value: "Exit"
+                },
+            ],
+            loop: false,
+            prefix: "║",
+        },
+    ]);
+    console.log(chalk_1.default.gray('║') + ' '.repeat(78) + chalk_1.default.gray('║'));
+    console.log(chalk_1.default.gray('╚' + '═'.repeat(78) + '╝'));
+    switch (action) {
+        case "Start Setup":
+            await (0, start_setup_1.startSetup)();
+            break;
+        case "Deactivate License":
+            await (0, deactivate_1.default)();
+            break;
+        default:
+            console.log("Exiting...");
+            console.clear();
+            process.exit(0);
+    }
+    // Status separator
+    console.log();
+    console.log((0, chalk_1.default)('-'.repeat(80)));
+    console.log();
+    // Navigation box
+    console.log(chalk_1.default.gray('╔═ ' + chalk_1.default.bold.white('NEXT') + ' ═' + '═'.repeat(60) + '╗'));
+    console.log(chalk_1.default.gray('║  ') + ' '.repeat(66) + chalk_1.default.gray('║'));
+    const { close } = await inquirer_1.default.prompt([
+        {
+            type: "list",
+            name: "close",
+            message: " ",
+            choices: [
+                { name: chalk_1.default.white("🏠 Main Menu"), value: "menu" },
+                { name: chalk_1.default.red("🚪 Exit Application"), value: "Exit" }
+            ],
+            theme: {
+                style: {
+                    highlight: chalk_1.default.bgBlue.white
+                }
+            }
+        },
+    ]);
+    console.log(chalk_1.default.green('└' + '─'.repeat(74) + '┘'));
+    switch (close) {
+        case "menu":
+            await showMenu();
+            break;
+        default:
+            console.log("Exiting...");
+            console.clear();
+            process.exit(0);
+    }
+}

package/dist/src/services/acr-token-service.js

@@ -0,0 +1,65 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const axios_1 = __importDefault(require("axios"));
+const https_1 = __importDefault(require("https"));
+const fs_1 = __importDefault(require("fs"));
+const path_1 = __importDefault(require("path"));
+const os_1 = __importDefault(require("os"));
+const crypto_1 = __importDefault(require("crypto"));
+const acr_error_1 = __importDefault(require("../utils/acr-error"));
+const app_constants_1 = require("../constants/app-constants");
+const api_config_1 = require("../config/api-config");
+const api_service_1 = __importDefault(require("./api-service"));
+class AcrTokenService extends api_service_1.default {
+    constructor() {
+        super({
+            baseURL: (0, api_config_1.API_CONFIG)().onPremLicenseCloudeApi,
+            timeout: 15000,
+        });
+    }
+    async getAcrToken(licenseKey, emailId, systemId) {
+        try {
+            const httpsAgent = new https_1.default.Agent({
+                keepAlive: true,
+                family: 4,
+                rejectUnauthorized: false,
+            });
+            const api = axios_1.default.create({
+                httpsAgent,
+                timeout: 15000,
+                headers: { "Content-Type": "application/json" },
+            });
+            const response = await this.post('/acr-token', {
+                licenseKey,
+                emailId,
+                systemId
+            });
+            const { registry, username, password } = response.tokenInfo;
+            if (response.dockerComposeAcr) {
+                const decodedDockerComposeAcr = Buffer.from(response.dockerComposeAcr, 'base64').toString('utf-8');
+                const randomDir = crypto_1.default.randomBytes(8).toString('hex');
+                const randomFileName = crypto_1.default.randomBytes(8).toString('hex') + '.yml';
+                const tempDir = path_1.default.join(os_1.default.tmpdir(), randomDir);
+                fs_1.default.mkdirSync(tempDir, { recursive: true });
+                const filePath = path_1.default.join(tempDir, randomFileName);
+                fs_1.default.writeFileSync(filePath, decodedDockerComposeAcr);
+                (0, app_constants_1.setDockerComposeAcr)(filePath);
+            }
+            return {
+                dockerAuth: {
+                    username,
+                    password,
+                    serveraddress: registry,
+                },
+                activationToken: response.activationToken
+            };
+        }
+        catch (error) {
+            throw new acr_error_1.default(`${error.message}`);
+        }
+    }
+}
+exports.default = AcrTokenService;

package/dist/src/services/api-service.js

@@ -0,0 +1,50 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const axios_1 = __importDefault(require("axios"));
+const https_1 = __importDefault(require("https"));
+class ApiService {
+    client;
+    constructor(config) {
+        this.client = axios_1.default.create({
+            baseURL: config.baseURL,
+            timeout: config.timeout || 10000,
+            headers: {
+                'Content-Type': 'application/json',
+            },
+            httpsAgent: new https_1.default.Agent({
+                rejectUnauthorized: false,
+            }),
+        });
+    }
+    async post(endpoint, data) {
+        try {
+            const response = await this.client.post(endpoint, data);
+            return response.data;
+        }
+        catch (error) {
+            throw this.handleError(error);
+        }
+    }
+    async get(endpoint) {
+        try {
+            const response = await this.client.get(endpoint);
+            return response.data;
+        }
+        catch (error) {
+            throw this.handleError(error);
+        }
+    }
+    handleError(error) {
+        if (error.response) {
+            return new Error(`${error.response.data?.message || 'Unknown error'}`);
+        }
+        if (error.request) {
+            return new Error('Network Error: No response received');
+        }
+        return new Error(`Request Error: ${error.message}`);
+    }
+}
+exports.default = ApiService;

package/dist/src/services/license-api-service.js

@@ -0,0 +1,72 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LicenseType = exports.LicenseStatus = void 0;
+const api_service_1 = __importDefault(require("./api-service"));
+const api_config_1 = require("../config/api-config");
+var LicenseStatus;
+(function (LicenseStatus) {
+    LicenseStatus[LicenseStatus["Active"] = 1] = "Active";
+    LicenseStatus[LicenseStatus["Expired"] = 2] = "Expired";
+    LicenseStatus[LicenseStatus["InActive"] = 3] = "InActive";
+    LicenseStatus[LicenseStatus["ClaimRequested"] = 4] = "ClaimRequested";
+    LicenseStatus[LicenseStatus["Revoked"] = 5] = "Revoked";
+})(LicenseStatus || (exports.LicenseStatus = LicenseStatus = {}));
+var LicenseType;
+(function (LicenseType) {
+    LicenseType[LicenseType["FreeCreditUniversal"] = 0] = "FreeCreditUniversal";
+    LicenseType[LicenseType["FreeCreditHostnameSpecific"] = 1] = "FreeCreditHostnameSpecific";
+    LicenseType[LicenseType["PaidCredit"] = 2] = "PaidCredit";
+    LicenseType[LicenseType["SubscriptionCredit"] = 3] = "SubscriptionCredit";
+})(LicenseType || (exports.LicenseType = LicenseType = {}));
+class LicenseApiService extends api_service_1.default {
+    constructor() {
+        super({
+            baseURL: (0, api_config_1.API_CONFIG)().licenseApi,
+            timeout: 15000,
+        });
+    }
+    //remove
+    async setupLicense(encryptedMachineId) {
+        return this.post(`/setup/${encryptedMachineId}`);
+    }
+    async getSystem() {
+        try {
+            const result = await this.get(`/system`);
+            return result;
+        }
+        catch (exception) {
+            return { id: '' };
+        }
+    }
+    async activateLicense(token) {
+        return this.post("/activate", { token });
+    }
+    async deactivateLicense(encryptedMachineId, deactivationToken) {
+        try {
+            const res = await this.post('/deassociate', {
+                machineId: encryptedMachineId,
+                token: deactivationToken,
+            });
+            return res;
+        }
+        catch (error) {
+            if (error.code === 'ECONNREFUSED') {
+                const fallbackService = new api_service_1.default({
+                    baseURL: (0, api_config_1.API_CONFIG)().onPremLicenseCloudeApi,
+                    timeout: 15000,
+                });
+                const res = await fallbackService.post('/deassociate', {
+                    data: "",
+                    machineId: encryptedMachineId,
+                    token: deactivationToken,
+                });
+                return res;
+            }
+            throw error;
+        }
+    }
+}
+exports.default = LicenseApiService;

package/dist/src/tools/crypto-service.js

@@ -0,0 +1,79 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+const crypto_1 = __importDefault(require("crypto"));
+class InstallerAppCryptoService {
+    IV_LEN = 12;
+    TAG_LEN = 16;
+    KEY_LEN = 32;
+    K1;
+    K2;
+    K3;
+    K4;
+    K5;
+    keys;
+    constructor() {
+        this.K1 = this.normalizeKey("3jv8_Ve3yTNwJjhSiMftBXpAkFtJLxSNaoJcBGztvUI");
+        this.K2 = this.normalizeKey("ZEl9PKemmf4w6wYcK3uFiFYrya9FJMA9UI_B0k_217A");
+        this.K3 = this.normalizeKey("ZDjIlSq44RcZHAdZFRpCRYtayxVkadiEEUZ6TmeP7jU");
+        this.K4 = this.normalizeKey("ucnRjVn7WghWSXnn4XpDjIEyzJ9ChPUUojrx4g7giWM");
+        this.K5 = this.normalizeKey("C0p4tWA7EJF6c2hdgiV3VDZbfRzXUWjPhesycqsA0aM");
+        this.keys = [this.K1, this.K2, this.K3, this.K4, this.K5];
+    }
+    encrypt(plain) {
+        const key = this.keys[Math.floor(Math.random() * this.keys.length)];
+        const iv = crypto_1.default.randomBytes(this.IV_LEN);
+        const cipher = crypto_1.default.createCipheriv("aes-256-gcm", key, iv, { authTagLength: this.TAG_LEN });
+        const ct = Buffer.concat([cipher.update(Buffer.from(plain, "utf8")), cipher.final()]);
+        const tag = cipher.getAuthTag();
+        return this.b64uEnc(Buffer.concat([iv, tag, ct]));
+    }
+    decrypt(token) {
+        let data;
+        try {
+            data = this.b64uDec(token);
+        }
+        catch {
+            throw new Error("Invalid token");
+        }
+        if (data.length <= this.IV_LEN + this.TAG_LEN)
+            throw new Error("Corrupt token");
+        const iv = data.slice(0, this.IV_LEN);
+        const tag = data.slice(this.IV_LEN, this.IV_LEN + this.TAG_LEN);
+        const ct = data.slice(this.IV_LEN + this.TAG_LEN);
+        for (const key of this.keys) {
+            try {
+                const decipher = crypto_1.default.createDecipheriv("aes-256-gcm", key, iv, { authTagLength: this.TAG_LEN });
+                decipher.setAuthTag(tag);
+                const pt = Buffer.concat([decipher.update(ct), decipher.final()]);
+                return pt.toString("utf8");
+            }
+            catch {
+                // try next key
+            }
+        }
+        throw new Error("Unable to decrypt with any key");
+    }
+    generateKey() {
+        return this.b64uEnc(crypto_1.default.randomBytes(this.KEY_LEN));
+    }
+    b64uEnc(buf) {
+        return buf.toString("base64").replace(/\+/g, "-").replace(/\//g, "_").replace(/=+$/, "");
+    }
+    b64uDec(s) {
+        s = s.replace(/-/g, "+").replace(/_/g, "/");
+        const pad = 4 - (s.length % 4);
+        if (pad !== 4)
+            s += "=".repeat(pad);
+        return Buffer.from(s, "base64");
+    }
+    normalizeKey(k) {
+        const buf = Buffer.isBuffer(k) ? k : this.b64uDec(k);
+        if (buf.length !== this.KEY_LEN)
+            throw new Error("Key must be 32 bytes.");
+        return buf;
+    }
+}
+exports.default = InstallerAppCryptoService;

package/dist/src/utils/acr-error.js

@@ -0,0 +1,9 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+class AcrTokenError extends Error {
+    constructor(message) {
+        super(message);
+        Object.setPrototypeOf(this, new.target.prototype);
+    }
+}
+exports.default = AcrTokenError;

package/dist/src/utils/ask-que.js

@@ -0,0 +1,24 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ask = ask;
+const readline_1 = __importDefault(require("readline"));
+function ask(question) {
+    return new Promise((resolve) => {
+        const rl = readline_1.default.createInterface({
+            input: process.stdin,
+            output: process.stdout,
+        });
+        rl.question(question, (answer) => {
+            rl.close();
+            resolve(answer.trim());
+        });
+        rl.on('SIGINT', () => {
+            rl.close();
+            console.log('\nExiting...');
+            process.exit(0);
+        });
+    });
+}

package/dist/src/utils/get-mac.js

@@ -0,0 +1,8 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getMachineId = void 0;
+const node_machine_id_1 = require("node-machine-id");
+const getMachineId = () => {
+    return (0, node_machine_id_1.machineIdSync)(true);
+};
+exports.getMachineId = getMachineId;

package/dist/src/utils/license-table.js

@@ -0,0 +1,54 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.displayLicenseTable = displayLicenseTable;
+const chalk_1 = __importDefault(require("chalk"));
+const cli_table3_1 = __importDefault(require("cli-table3"));
+function displayLicenseTable(response) {
+    const getStatusText = (status) => {
+        const map = {
+            1: 'Active',
+            2: 'Expired',
+            3: 'Inactive',
+            4: 'Revoked',
+            5: 'Claim Requested',
+        };
+        return map[status] || '❓ Unknown';
+    };
+    const getTypeText = (type) => {
+        const map = {
+            0: 'Free Credit Universal',
+            1: 'Free Credit Hostname',
+            2: 'Paid Credit',
+            3: 'Subscription'
+        };
+        return map[type] || '❓ Unknown';
+    };
+    const table = new cli_table3_1.default({
+        head: [chalk_1.default.bold('Property'), chalk_1.default.bold('Value')],
+        style: {
+            border: ['gray'],
+            head: [],
+            compact: false
+        },
+        chars: { 'top': '═', 'top-mid': '╤', 'top-left': '╔', 'top-right': '╗',
+            'bottom': '═', 'bottom-mid': '╧', 'bottom-left': '╚', 'bottom-right': '╝',
+            'left': '║', 'left-mid': '╟', 'mid': '─', 'mid-mid': '┼',
+            'right': '║', 'right-mid': '╢', 'middle': '│' }
+    });
+    table.push([chalk_1.default.cyan.bold('📄 License Name'), chalk_1.default.white(response.license.licenseName)], [chalk_1.default.cyan.bold('🔑 License Key'), chalk_1.default.white(response.license.licenseKey)], [chalk_1.default.cyan.bold('🏢 Organization'), chalk_1.default.white(response.organizationName)], [chalk_1.default.cyan.bold('🟢 Status'), chalk_1.default.green(getStatusText(response.license.licenseStatus))], [chalk_1.default.cyan.bold('📊 Plan Type'), chalk_1.default.white(getTypeText(response.license.licenseType))], [chalk_1.default.cyan.bold('📅 Expires At'), chalk_1.default.white(new Date(response.license.expiresAt).toLocaleDateString())]);
+    if (response.license.scanCredits > 0) {
+        table.push(['🔍 Scan Credits', chalk_1.default.yellow.bold(response.license.scanCredits.toString())]);
+    }
+    if (response.license.creditTargets > 0) {
+        table.push(['🎯 Target Credits', chalk_1.default.yellow.bold(response.license.creditTargets.toString())]);
+    }
+    if (response.license.freeCredits > 0) {
+        table.push(['🎁 Free Credits', chalk_1.default.yellow.bold(response.license.freeCredits.toString())]);
+    }
+    console.log(chalk_1.default.bold.blue('\n📊 LICENSE DETAILS'));
+    console.log(table.toString());
+    console.log(chalk_1.default.gray('➤ You can now start using ZeroThreat security features.\n'));
+}

package/dist/src/utils/open-browser.js

@@ -0,0 +1,29 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.default = openBrowser;
+const child_process_1 = require("child_process");
+async function openBrowser(url) {
+    let chromePath;
+    switch (process.platform) {
+        case "win32":
+            chromePath = "C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe";
+            break;
+        case "darwin":
+            chromePath = "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome";
+            break;
+        case "linux":
+            chromePath = "/usr/bin/google-chrome";
+            break;
+        default:
+            throw new Error("Unsupported OS");
+    }
+    await new Promise((resolve, reject) => {
+        const child = (0, child_process_1.spawn)(chromePath, [url]);
+        child.on('error', (err) => {
+            reject(err);
+        });
+        child.on('exit', (code, signal) => {
+            resolve({ code, signal });
+        });
+    });
+}

package/package.json

@@ -0,0 +1,49 @@
+{
+  "name": "@zerothreatai/cli",
+  "version": "1.0.0",
+  "main": "dist/index.js",
+  "scripts": {
+    "build": "node build.js",
+    "start": "cross-env WORKING_ENVIRONMENT=DEV node dist/index.js",
+    "dev": "node build.js && cross-env WORKING_ENVIRONMENT=DEV node dist/index.js",
+    "link": "npm run build && npm link"
+  },
+  "keywords": [],
+  "author": "",
+  "license": "ISC",
+  "description": "",
+  "dependencies": {
+    "axios": "^0.27.2",
+    "chalk": "^4.1.2",
+    "cli-table3": "^0.6.5",
+    "commander": "^14.0.2",
+    "cross-env": "^10.1.0",
+    "dockerode": "^4.0.2",
+    "dotenv": "^17.2.3",
+    "figlet": "^1.9.4",
+    "inquirer": "^8.2.5",
+    "js-yaml": "^4.1.1",
+    "node-machine-id": "^1.1.12"
+  },
+  "files": [
+    "dist",
+    ".env.prod"
+  ],
+  "bin": {
+    "zt": "./dist/index.js"
+  },
+  "devDependencies": {
+    "@types/chalk": "^2.2.4",
+    "@types/commander": "^2.12.5",
+    "@types/dockerode": "^3.3.46",
+    "@types/figlet": "^1.5.0",
+    "@types/inquirer": "^9.0.9",
+    "@types/js-yaml": "^4.0.0",
+    "@types/node": "^24.10.1",
+    "@types/ora": "^3.2.0",
+    "@types/prompt-sync": "^4.2.3",
+    "@types/readline-sync": "^1.4.8",
+    "ts-node": "^10.9.2",
+    "typescript": "^5.9.3"
+  }
+}