agentaudit 3.13.0 → 3.13.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/cli.mjs +39 -0
- package/package.json +1 -1
package/cli.mjs
CHANGED
|
@@ -4152,6 +4152,7 @@ async function checkPackage(name) {
|
|
|
4152
4152
|
if (!jsonMode) {
|
|
4153
4153
|
console.log(` ${c.yellow}Not found${c.reset} — package "${name}" hasn't been audited yet.`);
|
|
4154
4154
|
console.log(` ${c.dim}Run: agentaudit audit <repo-url> for a deep LLM audit${c.reset}`);
|
|
4155
|
+
await suggestSimilarPackages(name);
|
|
4155
4156
|
}
|
|
4156
4157
|
return null;
|
|
4157
4158
|
}
|
|
@@ -4592,6 +4593,31 @@ function renderSearchTab(searchState, width) {
|
|
|
4592
4593
|
return lines;
|
|
4593
4594
|
}
|
|
4594
4595
|
|
|
4596
|
+
async function suggestSimilarPackages(slug) {
|
|
4597
|
+
if (jsonMode || quietMode) return;
|
|
4598
|
+
try {
|
|
4599
|
+
const res = await fetch(`${REGISTRY_URL}/api/lookup?hash=${encodeURIComponent(slug)}`, {
|
|
4600
|
+
signal: AbortSignal.timeout(5_000),
|
|
4601
|
+
});
|
|
4602
|
+
if (!res.ok) return;
|
|
4603
|
+
const data = await res.json();
|
|
4604
|
+
// API returns { reports: [...], findings: [...], total_matches }
|
|
4605
|
+
const reports = data.reports || [];
|
|
4606
|
+
if (reports.length === 0) return;
|
|
4607
|
+
console.log();
|
|
4608
|
+
console.log(` ${c.dim}Did you mean one of these?${c.reset}`);
|
|
4609
|
+
const shown = reports.slice(0, 5);
|
|
4610
|
+
for (const p of shown) {
|
|
4611
|
+
const name = p.skill_slug || p.slug || '?';
|
|
4612
|
+
const risk = p.risk_score ?? 0;
|
|
4613
|
+
const badge = risk === 0 ? `${c.green}safe${c.reset}` : risk <= 25 ? `${c.green}score ${100 - risk}${c.reset}` : risk <= 50 ? `${c.yellow}score ${100 - risk}${c.reset}` : `${c.red}score ${100 - risk}${c.reset}`;
|
|
4614
|
+
console.log(` ${c.cyan}${name}${c.reset} ${badge}`);
|
|
4615
|
+
}
|
|
4616
|
+
if (data.total_matches > 5) console.log(` ${c.dim}...and ${data.total_matches - 5} more${c.reset}`);
|
|
4617
|
+
console.log(` ${c.dim}Use: ${c.cyan}agentaudit search <query>${c.dim} to find packages${c.reset}`);
|
|
4618
|
+
} catch { /* ignore */ }
|
|
4619
|
+
}
|
|
4620
|
+
|
|
4595
4621
|
async function searchCommand(args) {
|
|
4596
4622
|
const query = args.filter(a => !a.startsWith('--')).join(' ').trim();
|
|
4597
4623
|
|
|
@@ -5564,9 +5590,22 @@ async function main() {
|
|
|
5564
5590
|
} else {
|
|
5565
5591
|
console.log(` ${c.red}API error (HTTP ${res.status})${c.reset}`);
|
|
5566
5592
|
}
|
|
5593
|
+
// Suggest similar packages via search
|
|
5594
|
+
await suggestSimilarPackages(slug);
|
|
5567
5595
|
return;
|
|
5568
5596
|
}
|
|
5569
5597
|
const data = await res.json();
|
|
5598
|
+
|
|
5599
|
+
// Check if package actually has any reports
|
|
5600
|
+
if ((!data.total_reports && data.total_reports !== undefined) || (data.total_reports === 0 && (!data.findings || data.findings.length === 0))) {
|
|
5601
|
+
if (jsonMode) { console.log(JSON.stringify(data, null, 2)); return; }
|
|
5602
|
+
console.log(` ${c.yellow}No reports found${c.reset} — "${slug}" hasn't been audited yet.`);
|
|
5603
|
+
console.log(` ${c.dim}Run: ${c.cyan}agentaudit audit <repo-url>${c.dim} to create the first audit${c.reset}`);
|
|
5604
|
+
// Suggest similar packages
|
|
5605
|
+
await suggestSimilarPackages(slug);
|
|
5606
|
+
return;
|
|
5607
|
+
}
|
|
5608
|
+
|
|
5570
5609
|
if (jsonMode) { console.log(JSON.stringify(data, null, 2)); return; }
|
|
5571
5610
|
|
|
5572
5611
|
console.log();
|