ai-trust 0.2.1 → 0.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +91 -61
- package/dist/api/client.d.ts.map +1 -1
- package/dist/api/client.js +4 -0
- package/dist/api/client.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/output/formatter.d.ts.map +1 -1
- package/dist/output/formatter.js +47 -3
- package/dist/output/formatter.js.map +1 -1
- package/dist/telemetry/opt-in.d.ts +21 -17
- package/dist/telemetry/opt-in.d.ts.map +1 -1
- package/dist/telemetry/opt-in.js +122 -68
- package/dist/telemetry/opt-in.js.map +1 -1
- package/package.json +6 -1
package/README.md
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless
|
|
1
|
+
> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent) · Registry (April 2026)
|
|
2
2
|
|
|
3
3
|
# ai-trust
|
|
4
4
|
|
|
@@ -25,6 +25,38 @@ Or run directly with npx:
|
|
|
25
25
|
npx ai-trust check @modelcontextprotocol/server-filesystem
|
|
26
26
|
```
|
|
27
27
|
|
|
28
|
+
For a full security dashboard covering trust, credentials, shadow AI, and more:
|
|
29
|
+
|
|
30
|
+
```bash
|
|
31
|
+
npx opena2a-cli review
|
|
32
|
+
```
|
|
33
|
+
|
|
34
|
+
## Quick Start
|
|
35
|
+
|
|
36
|
+
```bash
|
|
37
|
+
ai-trust check @modelcontextprotocol/server-filesystem
|
|
38
|
+
```
|
|
39
|
+
|
|
40
|
+
Expected output:
|
|
41
|
+
|
|
42
|
+
```
|
|
43
|
+
@modelcontextprotocol/server-filesystem
|
|
44
|
+
Trust Level: 4 (Verified)
|
|
45
|
+
Verdict: safe
|
|
46
|
+
Scanned: 2026-03-01
|
|
47
|
+
Findings: 0 critical, 0 high, 2 medium
|
|
48
|
+
```
|
|
49
|
+
|
|
50
|
+
## Built-in Help
|
|
51
|
+
|
|
52
|
+
```bash
|
|
53
|
+
ai-trust --help # All commands and flags
|
|
54
|
+
ai-trust --version # Current version
|
|
55
|
+
ai-trust [command] -h # Help for a specific command
|
|
56
|
+
```
|
|
57
|
+
|
|
58
|
+
---
|
|
59
|
+
|
|
28
60
|
## Commands
|
|
29
61
|
|
|
30
62
|
### check
|
|
@@ -33,17 +65,30 @@ Look up the trust verdict for a single package.
|
|
|
33
65
|
|
|
34
66
|
```bash
|
|
35
67
|
ai-trust check @modelcontextprotocol/server-filesystem
|
|
68
|
+
ai-trust check my-agent --type a2a_agent
|
|
69
|
+
ai-trust check express --json # JSON output for scripting
|
|
36
70
|
```
|
|
37
71
|
|
|
38
|
-
|
|
72
|
+
### MCP Server Trust
|
|
73
|
+
|
|
74
|
+
MCP servers are the most common trust query. Use shorthand to skip the full package name:
|
|
39
75
|
|
|
40
76
|
```bash
|
|
41
|
-
|
|
77
|
+
# These are equivalent:
|
|
78
|
+
ai-trust check server-filesystem
|
|
79
|
+
ai-trust check @modelcontextprotocol/server-filesystem
|
|
80
|
+
|
|
81
|
+
# Other MCP servers:
|
|
82
|
+
ai-trust check mcp-server-fetch
|
|
83
|
+
ai-trust check server-github
|
|
84
|
+
ai-trust check server-postgres
|
|
42
85
|
```
|
|
43
86
|
|
|
87
|
+
Shorthand rules: `server-*` and `mcp-server-*` automatically resolve to `@modelcontextprotocol/server-*`.
|
|
88
|
+
|
|
44
89
|
#### Scan on demand
|
|
45
90
|
|
|
46
|
-
When a package
|
|
91
|
+
When a package is not in the registry, ai-trust can download and scan it locally using [HackMyAgent](https://github.com/opena2a-org/hackmyagent). In interactive mode, you will be prompted. In CI, use flags:
|
|
47
92
|
|
|
48
93
|
```bash
|
|
49
94
|
# Auto-scan unknown packages, contribute results to the community registry
|
|
@@ -56,41 +101,15 @@ ai-trust check server-filesystem --rescan
|
|
|
56
101
|
ai-trust check server-filesystem --no-scan
|
|
57
102
|
```
|
|
58
103
|
|
|
59
|
-
#### Community contribution
|
|
60
|
-
|
|
61
|
-
Scan results can be shared with the OpenA2A Registry as anonymized telemetry (check pass/fail and severity only -- no file paths, source code, or descriptions).
|
|
62
|
-
|
|
63
|
-
On first scan, ai-trust asks whether you'd like to contribute. Your choice is saved in `~/.opena2a/config.json` and shared across all OpenA2A tools (opena2a-cli, hackmyagent).
|
|
64
|
-
|
|
65
|
-
```bash
|
|
66
|
-
# Contribute for this scan (non-interactive / CI)
|
|
67
|
-
ai-trust check chalk --rescan --contribute
|
|
68
|
-
|
|
69
|
-
# Configure globally via opena2a-cli
|
|
70
|
-
opena2a config set contribute true # opt in
|
|
71
|
-
opena2a config set contribute false # opt out
|
|
72
|
-
```
|
|
73
|
-
|
|
74
104
|
### audit
|
|
75
105
|
|
|
76
|
-
Parse dependency files and batch-query all dependencies. Supports any `.json` file (package.json format) or `.txt` file (requirements.txt format).
|
|
106
|
+
Parse dependency files and batch-query all dependencies. Supports any `.json` file (package.json format) or `.txt` file (requirements.txt format).
|
|
77
107
|
|
|
78
108
|
```bash
|
|
79
109
|
ai-trust audit package.json
|
|
80
110
|
ai-trust audit requirements.txt
|
|
81
|
-
ai-trust audit
|
|
82
|
-
|
|
83
|
-
|
|
84
|
-
Set a minimum trust level threshold (default: 3):
|
|
85
|
-
|
|
86
|
-
```bash
|
|
87
|
-
ai-trust audit package.json --min-trust 2
|
|
88
|
-
```
|
|
89
|
-
|
|
90
|
-
Scan dependencies not found in the registry:
|
|
91
|
-
|
|
92
|
-
```bash
|
|
93
|
-
ai-trust audit package.json --scan-missing --contribute
|
|
111
|
+
ai-trust audit package.json --min-trust 2 # set minimum trust threshold (default: 3)
|
|
112
|
+
ai-trust audit package.json --scan-missing --contribute # scan deps not in registry
|
|
94
113
|
```
|
|
95
114
|
|
|
96
115
|
### batch
|
|
@@ -99,42 +118,40 @@ Look up trust verdicts for multiple packages at once.
|
|
|
99
118
|
|
|
100
119
|
```bash
|
|
101
120
|
ai-trust batch express lodash chalk commander
|
|
102
|
-
```
|
|
103
|
-
|
|
104
|
-
Filter by package type (packages that don't match are excluded):
|
|
105
|
-
|
|
106
|
-
```bash
|
|
107
121
|
ai-trust batch my-server-a my-server-b --type mcp_server
|
|
108
122
|
```
|
|
109
123
|
|
|
110
|
-
|
|
124
|
+
---
|
|
111
125
|
|
|
112
|
-
|
|
126
|
+
## Output Options
|
|
113
127
|
|
|
114
128
|
```bash
|
|
115
|
-
ai-trust check express --json
|
|
116
|
-
ai-trust audit package.json --json
|
|
129
|
+
ai-trust check express --json # JSON output for scripting
|
|
130
|
+
ai-trust audit package.json --json # JSON audit output
|
|
131
|
+
ai-trust check express --no-color # disable colored output
|
|
132
|
+
ai-trust check express --registry-url http://localhost:8080 # custom registry
|
|
117
133
|
```
|
|
118
134
|
|
|
119
|
-
|
|
135
|
+
---
|
|
120
136
|
|
|
121
|
-
|
|
122
|
-
ai-trust check express --registry-url http://localhost:8080
|
|
123
|
-
```
|
|
137
|
+
## Community Contribution
|
|
124
138
|
|
|
125
|
-
|
|
139
|
+
Every scan you run can improve trust data for the entire community. Scan results are shared as anonymized telemetry (check pass/fail and severity only -- no file paths, source code, or descriptions).
|
|
140
|
+
|
|
141
|
+
On first scan, ai-trust asks whether you want to contribute. Your choice is saved in `~/.opena2a/config.json` and shared across all OpenA2A tools (opena2a-cli, hackmyagent).
|
|
126
142
|
|
|
127
143
|
```bash
|
|
128
|
-
|
|
144
|
+
# Contribute for this scan (non-interactive / CI)
|
|
145
|
+
ai-trust check chalk --rescan --contribute
|
|
146
|
+
|
|
147
|
+
# Configure globally via opena2a-cli
|
|
148
|
+
opena2a config set contribute true # opt in
|
|
149
|
+
opena2a config set contribute false # opt out
|
|
129
150
|
```
|
|
130
151
|
|
|
131
|
-
|
|
152
|
+
The more scans contributed, the faster packages move from "Listed" to "Scanned" trust level, reducing risk for everyone.
|
|
132
153
|
|
|
133
|
-
|
|
134
|
-
|------|---------|
|
|
135
|
-
| 0 | All queried packages are safe / meet the trust threshold |
|
|
136
|
-
| 1 | Operational error (network failure, file not found, server error) |
|
|
137
|
-
| 2 | Policy signal: one or more packages have warning/blocked verdict or fall below `--min-trust` |
|
|
154
|
+
---
|
|
138
155
|
|
|
139
156
|
## Trust Levels
|
|
140
157
|
|
|
@@ -146,6 +163,16 @@ ai-trust check express --no-color
|
|
|
146
163
|
| 3 | Scanned | Package has been scanned by HackMyAgent |
|
|
147
164
|
| 4 | Verified | Package is verified by the publisher |
|
|
148
165
|
|
|
166
|
+
## Exit Codes
|
|
167
|
+
|
|
168
|
+
| Code | Meaning |
|
|
169
|
+
|------|---------|
|
|
170
|
+
| 0 | All queried packages are safe / meet the trust threshold |
|
|
171
|
+
| 1 | Operational error (network failure, file not found, server error) |
|
|
172
|
+
| 2 | Policy signal: one or more packages have warning/blocked verdict or fall below `--min-trust` |
|
|
173
|
+
|
|
174
|
+
---
|
|
175
|
+
|
|
149
176
|
## Requirements
|
|
150
177
|
|
|
151
178
|
- Node.js 18 or later
|
|
@@ -155,16 +182,19 @@ ai-trust check express --no-color
|
|
|
155
182
|
|
|
156
183
|
```bash
|
|
157
184
|
git clone https://github.com/opena2a-org/ai-trust.git
|
|
158
|
-
cd ai-trust
|
|
159
|
-
|
|
160
|
-
npm run build
|
|
185
|
+
cd ai-trust && npm install && npm run build
|
|
186
|
+
node dist/index.js check express # run locally without installing
|
|
161
187
|
```
|
|
162
188
|
|
|
163
|
-
|
|
189
|
+
## Use Cases
|
|
164
190
|
|
|
165
|
-
|
|
166
|
-
|
|
167
|
-
|
|
191
|
+
Step-by-step guides for common workflows:
|
|
192
|
+
|
|
193
|
+
- [Check if a package is safe before installing](docs/use-cases/check-before-install.md)
|
|
194
|
+
- [Verify an MCP server's trust score](docs/use-cases/check-mcp-server.md)
|
|
195
|
+
- [Contribute trust data to the community](docs/use-cases/contribute-scans.md)
|
|
196
|
+
|
|
197
|
+
See [docs/USE-CASES.md](docs/USE-CASES.md) for the full index.
|
|
168
198
|
|
|
169
199
|
## Links
|
|
170
200
|
|
package/dist/api/client.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAQH,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,cAAc,CAAC;IAE9B,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,qBAAqB,CAAC;CACrC;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,WAAW,EAAE,CAAC;IACvB,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;CACH;AAQD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,8DAA8D;IAC9D,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,qCAAqC;IACrC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qEAAqE;IACrE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,oBAAqB,SAAQ,KAAK;IAC7C,SAAgB,WAAW,EAAE,MAAM,CAAC;gBAExB,IAAI,EAAE,MAAM;CAKzB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAS;gBAEZ,WAAW,EAAE,MAAM;IAIzB,UAAU,CACd,IAAI,EAAE,MAAM,EACZ,IAAI,CAAC,EAAE,MAAM,GACZ,OAAO,CAAC,WAAW,CAAC;IAmCjB,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"client.d.ts","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAQH,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,cAAc,CAAC;IAE9B,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,CAAC,EAAE,qBAAqB,CAAC;CACrC;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,WAAW,EAAE,CAAC;IACvB,IAAI,EAAE;QACJ,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;CACH;AAQD,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,8DAA8D;IAC9D,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,qCAAqC;IACrC,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,OAAO,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,qEAAqE;IACrE,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,qBAAa,oBAAqB,SAAQ,KAAK;IAC7C,SAAgB,WAAW,EAAE,MAAM,CAAC;gBAExB,IAAI,EAAE,MAAM;CAKzB;AAED,qBAAa,cAAc;IACzB,OAAO,CAAC,OAAO,CAAS;gBAEZ,WAAW,EAAE,MAAM;IAIzB,UAAU,CACd,IAAI,EAAE,MAAM,EACZ,IAAI,CAAC,EAAE,MAAM,GACZ,OAAO,CAAC,WAAW,CAAC;IAmCjB,UAAU,CAAC,QAAQ,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC;IAuClE;;OAEG;IACG,WAAW,CACf,UAAU,EAAE,cAAc,GACzB,OAAO,CAAC,eAAe,CAAC;CAqB5B"}
|
package/dist/api/client.js
CHANGED
|
@@ -61,6 +61,10 @@ export class RegistryClient {
|
|
|
61
61
|
const body = await response.text();
|
|
62
62
|
throw new Error(`Registry API returned ${response.status}: ${body}`);
|
|
63
63
|
}
|
|
64
|
+
// Known issue: The batch endpoint may return different trust scores and
|
|
65
|
+
// package classifications (e.g., express classified as "ai_tool") compared
|
|
66
|
+
// to the single-query endpoint. This is a server-side inconsistency in the
|
|
67
|
+
// registry API, not a client-side bug.
|
|
64
68
|
const raw = (await response.json());
|
|
65
69
|
const NULL_UUID = "00000000-0000-0000-0000-000000000000";
|
|
66
70
|
for (const r of raw.results) {
|
package/dist/api/client.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAC1C,MAAM,UAAU,GAAG,YAAY,GAAG,CAAC,OAAO,EAAE,CAAC;AAuF7C,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAC7B,WAAW,CAAS;IAEpC,YAAY,IAAY;QACtB,KAAK,CAAC,YAAY,IAAI,sCAAsC,CAAC,CAAC;QAC9D,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;QACnC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,cAAc;IACjB,OAAO,CAAS;IAExB,YAAY,WAAmB;QAC7B,IAAI,CAAC,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,UAAU,CACd,IAAY,EACZ,IAAa;QAEb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,IAAI;YACJ,cAAc,EAAE,MAAM;YACtB,WAAW,EAAE,MAAM;SACpB,CAAC,CAAC;QAEH,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,uBAAuB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QACtE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,UAAU;aACzB;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC;YACvC,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,yBAAyB,QAAQ,CAAC,MAAM,KAAK,IAAI,EAAE,CACpD,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgB,CAAC;QACpD,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAAwB;QACvC,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,qBAAqB,CAAC;QACjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,UAAU;aACzB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;SACnC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,yBAAyB,QAAQ,CAAC,MAAM,KAAK,IAAI,EAAE,CACpD,CAAC;QACJ,CAAC;QAED,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAqB,CAAC;QACxD,MAAM,SAAS,GAAG,sCAAsC,CAAC;QACzD,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAC5B,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC;QACvD,CAAC;QACD,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC;QACxD,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,IAAI,EAAE;gBACJ,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,KAAK;gBACL,QAAQ,EAAE,GAAG,CAAC,KAAK,GAAG,KAAK;aAC5B;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CACf,UAA0B;QAE1B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,uBAAuB,CAAC;QACnD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,UAAU;aACzB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC;SACjC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,4BAA4B,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CACxD,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;IACpD,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"client.js","sourceRoot":"","sources":["../../src/api/client.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAC1C,MAAM,UAAU,GAAG,YAAY,GAAG,CAAC,OAAO,EAAE,CAAC;AAuF7C,MAAM,OAAO,oBAAqB,SAAQ,KAAK;IAC7B,WAAW,CAAS;IAEpC,YAAY,IAAY;QACtB,KAAK,CAAC,YAAY,IAAI,sCAAsC,CAAC,CAAC;QAC9D,IAAI,CAAC,IAAI,GAAG,sBAAsB,CAAC;QACnC,IAAI,CAAC,WAAW,GAAG,IAAI,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,cAAc;IACjB,OAAO,CAAS;IAExB,YAAY,WAAmB;QAC7B,IAAI,CAAC,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,KAAK,CAAC,UAAU,CACd,IAAY,EACZ,IAAa;QAEb,MAAM,MAAM,GAAG,IAAI,eAAe,CAAC;YACjC,IAAI;YACJ,cAAc,EAAE,MAAM;YACtB,WAAW,EAAE,MAAM;SACpB,CAAC,CAAC;QAEH,IAAI,IAAI,EAAE,CAAC;YACT,MAAM,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QAC3B,CAAC;QAED,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,uBAAuB,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC;QACtE,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE;gBACP,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,UAAU;aACzB;SACF,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,MAAM,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC;YACvC,CAAC;YACD,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,yBAAyB,QAAQ,CAAC,MAAM,KAAK,IAAI,EAAE,CACpD,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAgB,CAAC;QACpD,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC;QAC9B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,UAAU,CAAC,QAAwB;QACvC,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,qBAAqB,CAAC;QACjD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,UAAU;aACzB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;SACnC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,yBAAyB,QAAQ,CAAC,MAAM,KAAK,IAAI,EAAE,CACpD,CAAC;QACJ,CAAC;QAED,wEAAwE;QACxE,2EAA2E;QAC3E,2EAA2E;QAC3E,uCAAuC;QACvC,MAAM,GAAG,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAqB,CAAC;QACxD,MAAM,SAAS,GAAG,sCAAsC,CAAC;QACzD,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;YAC5B,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,KAAK,SAAS,CAAC;QACvD,CAAC;QACD,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC;QACxD,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,IAAI,EAAE;gBACJ,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,KAAK;gBACL,QAAQ,EAAE,GAAG,CAAC,KAAK,GAAG,KAAK;aAC5B;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CACf,UAA0B;QAE1B,MAAM,GAAG,GAAG,GAAG,IAAI,CAAC,OAAO,uBAAuB,CAAC;QACnD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,kBAAkB;gBAC5B,YAAY,EAAE,UAAU;aACzB;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC;SACjC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CACb,4BAA4B,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CACxD,CAAC;QACJ,CAAC;QAED,OAAO,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;IACpD,CAAC;CACF"}
|
package/dist/index.js
CHANGED
|
@@ -15,7 +15,7 @@ const pkg = require("../package.json");
|
|
|
15
15
|
const program = new Command();
|
|
16
16
|
program
|
|
17
17
|
.name("ai-trust")
|
|
18
|
-
.description("
|
|
18
|
+
.description("Check security trust scores for AI agents and MCP servers before installing them")
|
|
19
19
|
.version(pkg.version, "-v, --version")
|
|
20
20
|
.option("--registry-url <url>", "registry base URL", "https://api.oa2a.org")
|
|
21
21
|
.option("--json", "output raw JSON", false)
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,UAAU,CAAC;KAChB,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AAEvC,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,UAAU,CAAC;KAChB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,eAAe,CAAC;KACrC,MAAM,CACL,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,CACvB;KACA,MAAM,CAAC,QAAQ,EAAE,iBAAiB,EAAE,KAAK,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC;AAElD,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAE9B,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"formatter.d.ts","sourceRoot":"","sources":["../../src/output/formatter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"formatter.d.ts","sourceRoot":"","sources":["../../src/output/formatter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACnE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AAyCtD,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,WAAW,GAAG,MAAM,CA2D7D;AAED,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,aAAa,EACvB,QAAQ,EAAE,MAAM,GACf,MAAM,CAmHR;AAED,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAyE3D;AAED,wBAAgB,UAAU,CAAC,IAAI,EAAE,OAAO,GAAG,MAAM,CAEhD"}
|
package/dist/output/formatter.js
CHANGED
|
@@ -38,6 +38,7 @@ function trustLevelColor(level) {
|
|
|
38
38
|
return chalk.yellow;
|
|
39
39
|
return chalk.red;
|
|
40
40
|
}
|
|
41
|
+
const TRUST_LEVEL_LEGEND = " Trust levels: Blocked (0) < Warning (1) < Listed (2) < Scanned (3) < Verified (4)";
|
|
41
42
|
export function formatCheckResult(answer) {
|
|
42
43
|
if (!answer.found) {
|
|
43
44
|
return [
|
|
@@ -54,7 +55,7 @@ export function formatCheckResult(answer) {
|
|
|
54
55
|
` Type: ${answer.packageType || "unknown"}`,
|
|
55
56
|
` Verdict: ${colorVerdict(answer.verdict.toUpperCase())}`,
|
|
56
57
|
` Trust Level: ${colorTrust(trustLevelLabel(answer.trustLevel))} (${answer.trustLevel}/4)`,
|
|
57
|
-
` Trust Score: ${answer.trustScore
|
|
58
|
+
` Trust Score: ${Math.round(answer.trustScore * 100)}/100`,
|
|
58
59
|
` Scan Status: ${answer.scanStatus || "unknown"}`,
|
|
59
60
|
];
|
|
60
61
|
if (answer.dependencies && answer.dependencies.totalDeps > 0) {
|
|
@@ -65,6 +66,24 @@ export function formatCheckResult(answer) {
|
|
|
65
66
|
lines.push(` Vulnerable: ${deps.vulnerableDeps > 0 ? chalk.red(String(deps.vulnerableDeps)) : chalk.green("0")}`);
|
|
66
67
|
lines.push(` Min Trust: ${deps.minTrustLevel}/4`);
|
|
67
68
|
}
|
|
69
|
+
// Trust level legend (only when not already at the highest level)
|
|
70
|
+
if (answer.trustLevel < 4) {
|
|
71
|
+
lines.push(chalk.gray(TRUST_LEVEL_LEGEND));
|
|
72
|
+
lines.push("");
|
|
73
|
+
}
|
|
74
|
+
// Contextual next steps
|
|
75
|
+
const nextSteps = [];
|
|
76
|
+
if (answer.verdict === "blocked" || answer.verdict === "warning") {
|
|
77
|
+
nextSteps.push(` Run a local security scan: ai-trust check ${answer.name} --scan-if-missing`);
|
|
78
|
+
}
|
|
79
|
+
else if (answer.trustLevel <= 2) {
|
|
80
|
+
nextSteps.push(` Trust data is limited. Run a local scan to improve: ai-trust check ${answer.name} --scan-if-missing`);
|
|
81
|
+
}
|
|
82
|
+
nextSteps.push(" For a full project audit: ai-trust audit package.json");
|
|
83
|
+
lines.push(chalk.bold(" Next steps"));
|
|
84
|
+
for (const step of nextSteps) {
|
|
85
|
+
lines.push(chalk.gray(step));
|
|
86
|
+
}
|
|
68
87
|
lines.push("");
|
|
69
88
|
return lines.join("\n");
|
|
70
89
|
}
|
|
@@ -98,7 +117,7 @@ export function formatBatchResults(response, minTrust) {
|
|
|
98
117
|
(result.packageType || "-").padEnd(typeWidth) +
|
|
99
118
|
colorVerdict(result.verdict.toUpperCase().padEnd(verdictWidth)) +
|
|
100
119
|
colorTrust(trustLevelLabel(result.trustLevel).padEnd(levelWidth)) +
|
|
101
|
-
(result.found ? result.trustScore
|
|
120
|
+
(result.found ? `${Math.round(result.trustScore * 100)}/100` : "-").padEnd(scoreWidth) +
|
|
102
121
|
(result.scanStatus || "-").padEnd(scanWidth));
|
|
103
122
|
}
|
|
104
123
|
// Summary
|
|
@@ -120,6 +139,19 @@ export function formatBatchResults(response, minTrust) {
|
|
|
120
139
|
if (belowThreshold.length === 0 && notFound.length === 0) {
|
|
121
140
|
lines.push(chalk.green(` All ${response.meta.found} packages meet minimum trust level ${minTrust}.`));
|
|
122
141
|
}
|
|
142
|
+
// Trust level legend (show if any package is below Verified)
|
|
143
|
+
const hasNonVerified = response.results.some((r) => r.found && r.trustLevel < 4);
|
|
144
|
+
if (hasNonVerified) {
|
|
145
|
+
lines.push("");
|
|
146
|
+
lines.push(chalk.gray(TRUST_LEVEL_LEGEND));
|
|
147
|
+
}
|
|
148
|
+
// Contextual next steps
|
|
149
|
+
lines.push("");
|
|
150
|
+
lines.push(chalk.bold(" Next steps"));
|
|
151
|
+
if (belowThreshold.length > 0) {
|
|
152
|
+
lines.push(chalk.gray(` Run ai-trust check <name> for details on flagged packages`));
|
|
153
|
+
}
|
|
154
|
+
lines.push(chalk.gray(" For full security scanning: npx hackmyagent secure"));
|
|
123
155
|
lines.push("");
|
|
124
156
|
return lines.join("\n");
|
|
125
157
|
}
|
|
@@ -131,7 +163,7 @@ export function formatScanResult(result) {
|
|
|
131
163
|
chalk.gray(" (local scan)"),
|
|
132
164
|
` Verdict: ${colorVerdict(result.verdict.toUpperCase())}`,
|
|
133
165
|
` Trust Level: ${colorTrust(trustLevelLabel(result.trustLevel))} (${result.trustLevel}/4)`,
|
|
134
|
-
` Trust Score: ${result.trustScore
|
|
166
|
+
` Trust Score: ${Math.round(result.trustScore * 100)}/100`,
|
|
135
167
|
` HMA Score: ${result.scan.score}/${result.scan.maxScore}`,
|
|
136
168
|
];
|
|
137
169
|
const failed = result.scan.findings.filter((f) => !f.passed);
|
|
@@ -164,6 +196,18 @@ export function formatScanResult(result) {
|
|
|
164
196
|
lines.push("");
|
|
165
197
|
lines.push(chalk.green(" No security findings."));
|
|
166
198
|
}
|
|
199
|
+
// Trust level legend (only when not already at the highest level)
|
|
200
|
+
if (result.trustLevel < 4) {
|
|
201
|
+
lines.push("");
|
|
202
|
+
lines.push(chalk.gray(TRUST_LEVEL_LEGEND));
|
|
203
|
+
}
|
|
204
|
+
// Contextual next steps
|
|
205
|
+
lines.push("");
|
|
206
|
+
lines.push(chalk.bold(" Next steps"));
|
|
207
|
+
if (result.verdict === "warning" || result.verdict === "blocked") {
|
|
208
|
+
lines.push(chalk.gray(` Review findings above and remediate before installing`));
|
|
209
|
+
}
|
|
210
|
+
lines.push(chalk.gray(" For a full project audit: ai-trust audit package.json"));
|
|
167
211
|
lines.push("");
|
|
168
212
|
return lines.join("\n");
|
|
169
213
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"formatter.js","sourceRoot":"","sources":["../../src/output/formatter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,SAAS,YAAY,CAAC,OAAe;IACnC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,KAAK,CAAC;QACrB,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB;YACE,OAAO,KAAK,CAAC,IAAI,CAAC;IACtB,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,CAAC;YACJ,OAAO,SAAS,CAAC;QACnB,KAAK,CAAC;YACJ,OAAO,SAAS,CAAC;QACnB,KAAK,CAAC;YACJ,OAAO,QAAQ,CAAC;QAClB,KAAK,CAAC;YACJ,OAAO,SAAS,CAAC;QACnB,KAAK,CAAC;YACJ,OAAO,UAAU,CAAC;QACpB;YACE,OAAO,YAAY,KAAK,GAAG,CAAC;IAChC,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC,KAAK,CAAC;IACnC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC,MAAM,CAAC;IACpC,OAAO,KAAK,CAAC,GAAG,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,MAAmB;IACnD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO;YACL,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,WAAW,IAAI,SAAS,EAAE,CAAC;YACxD,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC;YAC7C,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtD,MAAM,KAAK,GAAa;QACtB,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC;QAC9B,qBAAqB,MAAM,CAAC,WAAW,IAAI,SAAS,EAAE;QACtD,qBAAqB,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE;QACjE,qBAAqB,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,KAAK,MAAM,CAAC,UAAU,KAAK;QAC9F,qBAAqB,
|
|
1
|
+
{"version":3,"file":"formatter.js","sourceRoot":"","sources":["../../src/output/formatter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,SAAS,YAAY,CAAC,OAAe;IACnC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,KAAK,CAAC;QACrB,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC,GAAG,CAAC;QACnB;YACE,OAAO,KAAK,CAAC,IAAI,CAAC;IACtB,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,CAAC;YACJ,OAAO,SAAS,CAAC;QACnB,KAAK,CAAC;YACJ,OAAO,SAAS,CAAC;QACnB,KAAK,CAAC;YACJ,OAAO,QAAQ,CAAC;QAClB,KAAK,CAAC;YACJ,OAAO,SAAS,CAAC;QACnB,KAAK,CAAC;YACJ,OAAO,UAAU,CAAC;QACpB;YACE,OAAO,YAAY,KAAK,GAAG,CAAC;IAChC,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,KAAa;IACpC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC,KAAK,CAAC;IACnC,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC,MAAM,CAAC;IACpC,OAAO,KAAK,CAAC,GAAG,CAAC;AACnB,CAAC;AAED,MAAM,kBAAkB,GACtB,qFAAqF,CAAC;AAExF,MAAM,UAAU,iBAAiB,CAAC,MAAmB;IACnD,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;QAClB,OAAO;YACL,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,WAAW,IAAI,SAAS,EAAE,CAAC;YACxD,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC;YAC7C,EAAE;SACH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtD,MAAM,KAAK,GAAa;QACtB,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC;QAC9B,qBAAqB,MAAM,CAAC,WAAW,IAAI,SAAS,EAAE;QACtD,qBAAqB,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE;QACjE,qBAAqB,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,KAAK,MAAM,CAAC,UAAU,KAAK;QAC9F,qBAAqB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM;QAC9D,qBAAqB,MAAM,CAAC,UAAU,IAAI,SAAS,EAAE;KACtD,CAAC;IAEF,IAAI,MAAM,CAAC,YAAY,IAAI,MAAM,CAAC,YAAY,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;QAC7D,MAAM,IAAI,GAAG,MAAM,CAAC,YAAY,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;QACzC,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC;QAClD,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QACvH,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,aAAa,IAAI,CAAC,CAAC;IAC1D,CAAC;IAED,kEAAkE;IAClE,IAAI,MAAM,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAa,EAAE,CAAC;IAC/B,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACjE,SAAS,CAAC,IAAI,CACZ,+CAA+C,MAAM,CAAC,IAAI,oBAAoB,CAC/E,CAAC;IACJ,CAAC;SAAM,IAAI,MAAM,CAAC,UAAU,IAAI,CAAC,EAAE,CAAC;QAClC,SAAS,CAAC,IAAI,CACZ,wEAAwE,MAAM,CAAC,IAAI,oBAAoB,CACxG,CAAC;IACJ,CAAC;IACD,SAAS,CAAC,IAAI,CACZ,yDAAyD,CAC1D,CAAC;IAEF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,QAAuB,EACvB,QAAgB;IAEhB,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,IAAI,CACR,kBAAkB,QAAQ,CAAC,IAAI,CAAC,KAAK,sBAAsB,QAAQ,CAAC,IAAI,CAAC,KAAK,WAAW,QAAQ,CAAC,IAAI,CAAC,QAAQ,YAAY,CAC5H,CACF,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,eAAe;IACf,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,SAAS,GAAG,EAAE,CAAC;IACrB,MAAM,YAAY,GAAG,EAAE,CAAC;IACxB,MAAM,UAAU,GAAG,EAAE,CAAC;IACtB,MAAM,UAAU,GAAG,CAAC,CAAC;IACrB,MAAM,SAAS,GAAG,EAAE,CAAC;IAErB,KAAK,CAAC,IAAI,CACR,IAAI;QACF,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC;QAC3B,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC;QACxB,SAAS,CAAC,MAAM,CAAC,YAAY,CAAC;QAC9B,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;QAC1B,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC;QAC1B,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAC3B,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,GAAG,SAAS,GAAG,YAAY,GAAG,UAAU,GAAG,UAAU,GAAG,SAAS,CAAC,CAAC,CAAC;IAE1G,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;QACtC,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAEtD,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,SAAS,GAAG,CAAC;YAC7C,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,GAAG,KAAK;YACjD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC;QAEhB,KAAK,CAAC,IAAI,CACR,IAAI;YACF,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC;YACtB,CAAC,MAAM,CAAC,WAAW,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC;YAC7C,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAC/D,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;YACjE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC;YACtF,CAAC,MAAM,CAAC,UAAU,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,CAC/C,CAAC;IACJ,CAAC;IAED,UAAU;IACV,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAC5C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,UAAU,GAAG,QAAQ,CAC1C,CAAC;IACF,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;IAE1D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,MAAM,CACV,SAAS,cAAc,CAAC,MAAM,yCAAyC,QAAQ,GAAG,CACnF,CACF,CAAC;QACF,KAAK,MAAM,GAAG,IAAI,cAAc,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,MAAM,CACV,WAAW,GAAG,CAAC,IAAI,iBAAiB,GAAG,CAAC,UAAU,cAAc,GAAG,CAAC,OAAO,GAAG,CAC/E,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,IAAI,CACR,SAAS,QAAQ,CAAC,MAAM,oCAAoC,CAC7D,CACF,CAAC;QACF,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;YAC3B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,WAAW,GAAG,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzD,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,KAAK,CACT,SAAS,QAAQ,CAAC,IAAI,CAAC,KAAK,sCAAsC,QAAQ,GAAG,CAC9E,CACF,CAAC;IACJ,CAAC;IAED,6DAA6D;IAC7D,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,UAAU,GAAG,CAAC,CACnC,CAAC;IACF,IAAI,cAAc,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,wBAAwB;IACxB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;IACvC,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,IAAI,CACR,6DAA6D,CAC9D,CACF,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,IAAI,CAAC,sDAAsD,CAAC,CACnE,CAAC;IAEF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,MAAkB;IACjD,MAAM,YAAY,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAEtD,MAAM,KAAK,GAAa;QACtB,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,WAAW,EAAE,CAAC;YACnC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC;QAC9B,qBAAqB,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,EAAE;QACjE,qBAAqB,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC,KAAK,MAAM,CAAC,UAAU,KAAK;QAC9F,qBAAqB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,UAAU,GAAG,GAAG,CAAC,MAAM;QAC9D,qBAAqB,MAAM,CAAC,IAAI,CAAC,KAAK,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,EAAE;KACjE,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;IAC7D,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;QAErC,MAAM,UAAU,GAAG;YACjB,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;YACzD,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;YACjD,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC;YACrD,GAAG,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC;SAChD,CAAC;QAEF,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,EAAE,CAAC;YACtD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YACjC,MAAM,OAAO,GACX,GAAG,KAAK,UAAU;gBAChB,CAAC,CAAC,KAAK,CAAC,GAAG;gBACX,CAAC,CAAC,GAAG,KAAK,MAAM;oBACd,CAAC,CAAC,KAAK,CAAC,MAAM;oBACd,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC;YACnB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,KAAK,CAAC,IAAI,CACR,KAAK,OAAO,CAAC,IAAI,GAAG,CAAC,WAAW,EAAE,GAAG,CAAC,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,EAAE,CACvE,CAAC;gBACF,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;oBACrB,KAAK,CAAC,IAAI,CACR,KAAK,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAC/F,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,kEAAkE;IAClE,IAAI,MAAM,CAAC,UAAU,GAAG,CAAC,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,wBAAwB;IACxB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC;IACvC,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACjE,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,IAAI,CACR,yDAAyD,CAC1D,CACF,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,IAAI,CACR,yDAAyD,CAC1D,CACF,CAAC;IAEF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,IAAa;IACtC,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACvC,CAAC"}
|
|
@@ -2,37 +2,34 @@
|
|
|
2
2
|
* Contribution Opt-In Prompt
|
|
3
3
|
*
|
|
4
4
|
* Handles the user's consent to share anonymized scan findings
|
|
5
|
-
* with the OpenA2A Registry.
|
|
6
|
-
* scan #10, then never again.
|
|
5
|
+
* with the OpenA2A Registry.
|
|
7
6
|
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
7
|
+
* Config/counting is delegated to @opena2a/shared (the canonical
|
|
8
|
+
* source for ~/.opena2a/config.json). If @opena2a/shared is not
|
|
9
|
+
* available at runtime, falls back to a local implementation.
|
|
10
10
|
*/
|
|
11
11
|
/**
|
|
12
12
|
* Check whether the contribution setting is enabled.
|
|
13
13
|
*
|
|
14
14
|
* Returns:
|
|
15
|
-
* true - user explicitly opted in
|
|
16
|
-
* false - user explicitly opted out
|
|
17
|
-
* undefined - not yet configured (
|
|
15
|
+
* true - user explicitly opted in
|
|
16
|
+
* false - user explicitly opted out (or default in shared backend)
|
|
17
|
+
* undefined - not yet configured (local fallback only; shared backend
|
|
18
|
+
* defaults to false, so callers should rely on
|
|
19
|
+
* shouldPromptContribute() for prompt logic)
|
|
18
20
|
*/
|
|
19
21
|
export declare function isContributeEnabled(): boolean | undefined;
|
|
20
22
|
/**
|
|
21
23
|
* Check whether we should show the contribution prompt.
|
|
22
24
|
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
25
|
-
*
|
|
26
|
-
*
|
|
27
|
-
* Returns false if:
|
|
28
|
-
* - contribute.enabled is explicitly set (true or false)
|
|
29
|
-
* - Non-interactive environment (no TTY)
|
|
30
|
-
* - Already prompted at scan #10
|
|
25
|
+
* ai-trust-specific: also checks for TTY (non-interactive environments
|
|
26
|
+
* should never prompt). The backend handles scan-count thresholds
|
|
27
|
+
* and cooldown/dismiss logic.
|
|
31
28
|
*/
|
|
32
29
|
export declare function shouldPromptContribute(): boolean;
|
|
33
30
|
/**
|
|
34
|
-
* Increment the scan count
|
|
35
|
-
*
|
|
31
|
+
* Increment the scan count. Called after each scan completes,
|
|
32
|
+
* regardless of contribution setting.
|
|
36
33
|
*/
|
|
37
34
|
export declare function incrementScanCount(): void;
|
|
38
35
|
/**
|
|
@@ -46,4 +43,11 @@ export declare function saveContributeChoice(enabled: boolean): void;
|
|
|
46
43
|
* Returns true if the user opted in, false otherwise.
|
|
47
44
|
*/
|
|
48
45
|
export declare function showContributePrompt(): Promise<boolean>;
|
|
46
|
+
/**
|
|
47
|
+
* Reset the backend (for testing).
|
|
48
|
+
* When forceLocal is true, skips @opena2a/shared resolution and uses the
|
|
49
|
+
* local file-based backend. This allows tests to control config via
|
|
50
|
+
* OPENA2A_HOME without the shared backend ignoring that env var.
|
|
51
|
+
*/
|
|
52
|
+
export declare function _resetBackend(forceLocal?: boolean): void;
|
|
49
53
|
//# sourceMappingURL=opt-in.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"opt-in.d.ts","sourceRoot":"","sources":["../../src/telemetry/opt-in.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;
|
|
1
|
+
{"version":3,"file":"opt-in.d.ts","sourceRoot":"","sources":["../../src/telemetry/opt-in.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAoJH;;;;;;;;;GASG;AACH,wBAAgB,mBAAmB,IAAI,OAAO,GAAG,SAAS,CAEzD;AAED;;;;;;GAMG;AACH,wBAAgB,sBAAsB,IAAI,OAAO,CAGhD;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CAEzC;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAK3D;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,IAAI,OAAO,CAAC,OAAO,CAAC,CA6B7D;AAsCD;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,UAAU,UAAQ,GAAG,IAAI,CAKtD"}
|
package/dist/telemetry/opt-in.js
CHANGED
|
@@ -2,25 +2,51 @@
|
|
|
2
2
|
* Contribution Opt-In Prompt
|
|
3
3
|
*
|
|
4
4
|
* Handles the user's consent to share anonymized scan findings
|
|
5
|
-
* with the OpenA2A Registry.
|
|
6
|
-
* scan #10, then never again.
|
|
5
|
+
* with the OpenA2A Registry.
|
|
7
6
|
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
7
|
+
* Config/counting is delegated to @opena2a/shared (the canonical
|
|
8
|
+
* source for ~/.opena2a/config.json). If @opena2a/shared is not
|
|
9
|
+
* available at runtime, falls back to a local implementation.
|
|
10
10
|
*/
|
|
11
11
|
import { existsSync, mkdirSync, readFileSync, writeFileSync } from "fs";
|
|
12
|
-
import {
|
|
13
|
-
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
|
|
12
|
+
import { join } from "path";
|
|
13
|
+
/** Resolved backend -- lazy-initialized on first call. */
|
|
14
|
+
let _backend;
|
|
15
|
+
function resolveBackend() {
|
|
16
|
+
if (_backend)
|
|
17
|
+
return _backend;
|
|
18
|
+
try {
|
|
19
|
+
// eslint-disable-next-line @typescript-eslint/no-require-imports
|
|
20
|
+
const shared = require("@opena2a/shared");
|
|
21
|
+
if (typeof shared.isContributeEnabled === "function" &&
|
|
22
|
+
typeof shared.setContributeEnabled === "function" &&
|
|
23
|
+
typeof shared.incrementScanCount === "function" &&
|
|
24
|
+
typeof shared.shouldPromptContribute === "function" &&
|
|
25
|
+
typeof shared.dismissContributePrompt === "function") {
|
|
26
|
+
_backend = {
|
|
27
|
+
// Shared returns boolean (false when not configured).
|
|
28
|
+
// ai-trust callers expect undefined for "not yet configured",
|
|
29
|
+
// but shouldPromptContribute() handles that distinction via
|
|
30
|
+
// scan-count thresholds, so returning false here is acceptable.
|
|
31
|
+
isContributeEnabled: shared.isContributeEnabled,
|
|
32
|
+
setContributeEnabled: shared.setContributeEnabled,
|
|
33
|
+
incrementScanCount: shared.incrementScanCount,
|
|
34
|
+
shouldPromptContribute: shared.shouldPromptContribute,
|
|
35
|
+
dismissContributePrompt: shared.dismissContributePrompt,
|
|
36
|
+
};
|
|
37
|
+
return _backend;
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
catch {
|
|
41
|
+
// @opena2a/shared not installed -- fall through to local backend
|
|
42
|
+
}
|
|
43
|
+
_backend = createLocalBackend();
|
|
44
|
+
return _backend;
|
|
45
|
+
}
|
|
17
46
|
function getConfigPath() {
|
|
18
|
-
const home = process.env.OPENA2A_HOME || join(homedir(), ".opena2a");
|
|
47
|
+
const home = process.env.OPENA2A_HOME || join(require("os").homedir(), ".opena2a");
|
|
19
48
|
return join(home, "config.json");
|
|
20
49
|
}
|
|
21
|
-
/**
|
|
22
|
-
* Read the OpenA2A config file. Returns empty object if missing or invalid.
|
|
23
|
-
*/
|
|
24
50
|
function readConfig() {
|
|
25
51
|
const configPath = getConfigPath();
|
|
26
52
|
try {
|
|
@@ -29,95 +55,111 @@ function readConfig() {
|
|
|
29
55
|
}
|
|
30
56
|
}
|
|
31
57
|
catch {
|
|
32
|
-
// Corrupt config
|
|
58
|
+
// Corrupt config -- treat as empty
|
|
33
59
|
}
|
|
34
60
|
return {};
|
|
35
61
|
}
|
|
36
|
-
/**
|
|
37
|
-
* Write the OpenA2A config file, preserving existing fields.
|
|
38
|
-
*/
|
|
39
62
|
function writeConfig(config) {
|
|
40
63
|
const configPath = getConfigPath();
|
|
41
|
-
const dir = dirname(configPath);
|
|
64
|
+
const dir = require("path").dirname(configPath);
|
|
42
65
|
mkdirSync(dir, { recursive: true });
|
|
43
66
|
writeFileSync(configPath, JSON.stringify(config, null, 2) + "\n", {
|
|
44
67
|
mode: 0o600,
|
|
45
68
|
});
|
|
46
69
|
}
|
|
70
|
+
function createLocalBackend() {
|
|
71
|
+
return {
|
|
72
|
+
isContributeEnabled() {
|
|
73
|
+
const config = readConfig();
|
|
74
|
+
if (config.contribute?.enabled === true)
|
|
75
|
+
return true;
|
|
76
|
+
if (config.contribute?.enabled === false)
|
|
77
|
+
return false;
|
|
78
|
+
return undefined;
|
|
79
|
+
},
|
|
80
|
+
setContributeEnabled(enabled) {
|
|
81
|
+
const config = readConfig();
|
|
82
|
+
if (!config.contribute)
|
|
83
|
+
config.contribute = {};
|
|
84
|
+
config.contribute.enabled = enabled;
|
|
85
|
+
const scanCount = config.contribute.scanCount ?? 0;
|
|
86
|
+
if (scanCount >= 9)
|
|
87
|
+
config.contribute.promptedAtTen = true;
|
|
88
|
+
writeConfig(config);
|
|
89
|
+
},
|
|
90
|
+
incrementScanCount() {
|
|
91
|
+
const config = readConfig();
|
|
92
|
+
if (!config.contribute)
|
|
93
|
+
config.contribute = {};
|
|
94
|
+
config.contribute.scanCount = (config.contribute.scanCount ?? 0) + 1;
|
|
95
|
+
writeConfig(config);
|
|
96
|
+
return config.contribute.scanCount;
|
|
97
|
+
},
|
|
98
|
+
shouldPromptContribute() {
|
|
99
|
+
const config = readConfig();
|
|
100
|
+
if (config.contribute?.enabled === true ||
|
|
101
|
+
config.contribute?.enabled === false) {
|
|
102
|
+
return false;
|
|
103
|
+
}
|
|
104
|
+
const scanCount = config.contribute?.scanCount ?? 0;
|
|
105
|
+
if (scanCount === 0)
|
|
106
|
+
return true;
|
|
107
|
+
if (scanCount >= 9 && !config.contribute?.promptedAtTen)
|
|
108
|
+
return true;
|
|
109
|
+
return false;
|
|
110
|
+
},
|
|
111
|
+
dismissContributePrompt() {
|
|
112
|
+
const config = readConfig();
|
|
113
|
+
if (!config.contribute)
|
|
114
|
+
config.contribute = {};
|
|
115
|
+
config.contribute.promptedAtTen = true;
|
|
116
|
+
writeConfig(config);
|
|
117
|
+
},
|
|
118
|
+
};
|
|
119
|
+
}
|
|
120
|
+
// ---------------------------------------------------------------------------
|
|
121
|
+
// Public API (signatures preserved for backward compatibility)
|
|
122
|
+
// ---------------------------------------------------------------------------
|
|
47
123
|
/**
|
|
48
124
|
* Check whether the contribution setting is enabled.
|
|
49
125
|
*
|
|
50
126
|
* Returns:
|
|
51
|
-
* true - user explicitly opted in
|
|
52
|
-
* false - user explicitly opted out
|
|
53
|
-
* undefined - not yet configured (
|
|
127
|
+
* true - user explicitly opted in
|
|
128
|
+
* false - user explicitly opted out (or default in shared backend)
|
|
129
|
+
* undefined - not yet configured (local fallback only; shared backend
|
|
130
|
+
* defaults to false, so callers should rely on
|
|
131
|
+
* shouldPromptContribute() for prompt logic)
|
|
54
132
|
*/
|
|
55
133
|
export function isContributeEnabled() {
|
|
56
|
-
|
|
57
|
-
if (config.contribute?.enabled === true)
|
|
58
|
-
return true;
|
|
59
|
-
if (config.contribute?.enabled === false)
|
|
60
|
-
return false;
|
|
61
|
-
return undefined;
|
|
134
|
+
return resolveBackend().isContributeEnabled();
|
|
62
135
|
}
|
|
63
136
|
/**
|
|
64
137
|
* Check whether we should show the contribution prompt.
|
|
65
138
|
*
|
|
66
|
-
*
|
|
67
|
-
*
|
|
68
|
-
*
|
|
69
|
-
*
|
|
70
|
-
* Returns false if:
|
|
71
|
-
* - contribute.enabled is explicitly set (true or false)
|
|
72
|
-
* - Non-interactive environment (no TTY)
|
|
73
|
-
* - Already prompted at scan #10
|
|
139
|
+
* ai-trust-specific: also checks for TTY (non-interactive environments
|
|
140
|
+
* should never prompt). The backend handles scan-count thresholds
|
|
141
|
+
* and cooldown/dismiss logic.
|
|
74
142
|
*/
|
|
75
143
|
export function shouldPromptContribute() {
|
|
76
|
-
// Never prompt in non-interactive environments
|
|
77
144
|
if (!process.stdin.isTTY || !process.stdout.isTTY)
|
|
78
145
|
return false;
|
|
79
|
-
|
|
80
|
-
// Already configured -- never prompt
|
|
81
|
-
if (config.contribute?.enabled === true ||
|
|
82
|
-
config.contribute?.enabled === false) {
|
|
83
|
-
return false;
|
|
84
|
-
}
|
|
85
|
-
const scanCount = config.contribute?.scanCount ?? 0;
|
|
86
|
-
// First scan (scanCount === 0): prompt
|
|
87
|
-
if (scanCount === 0)
|
|
88
|
-
return true;
|
|
89
|
-
// Tenth scan: prompt once more (second chance)
|
|
90
|
-
if (scanCount >= 9 && !config.contribute?.promptedAtTen)
|
|
91
|
-
return true;
|
|
92
|
-
return false;
|
|
146
|
+
return resolveBackend().shouldPromptContribute();
|
|
93
147
|
}
|
|
94
148
|
/**
|
|
95
|
-
* Increment the scan count
|
|
96
|
-
*
|
|
149
|
+
* Increment the scan count. Called after each scan completes,
|
|
150
|
+
* regardless of contribution setting.
|
|
97
151
|
*/
|
|
98
152
|
export function incrementScanCount() {
|
|
99
|
-
|
|
100
|
-
if (!config.contribute) {
|
|
101
|
-
config.contribute = {};
|
|
102
|
-
}
|
|
103
|
-
config.contribute.scanCount = (config.contribute.scanCount ?? 0) + 1;
|
|
104
|
-
writeConfig(config);
|
|
153
|
+
resolveBackend().incrementScanCount();
|
|
105
154
|
}
|
|
106
155
|
/**
|
|
107
156
|
* Save the user's contribution choice to the config file.
|
|
108
157
|
*/
|
|
109
158
|
export function saveContributeChoice(enabled) {
|
|
110
|
-
|
|
111
|
-
if (!
|
|
112
|
-
|
|
113
|
-
}
|
|
114
|
-
config.contribute.enabled = enabled;
|
|
115
|
-
// Track that we prompted at scan #10 so we don't ask again
|
|
116
|
-
const scanCount = config.contribute.scanCount ?? 0;
|
|
117
|
-
if (scanCount >= 9) {
|
|
118
|
-
config.contribute.promptedAtTen = true;
|
|
159
|
+
resolveBackend().setContributeEnabled(enabled);
|
|
160
|
+
if (!enabled) {
|
|
161
|
+
resolveBackend().dismissContributePrompt();
|
|
119
162
|
}
|
|
120
|
-
writeConfig(config);
|
|
121
163
|
}
|
|
122
164
|
/**
|
|
123
165
|
* Display the contribution opt-in prompt and return the user's choice.
|
|
@@ -181,4 +223,16 @@ function readSingleKey() {
|
|
|
181
223
|
stdin.once("data", onData);
|
|
182
224
|
});
|
|
183
225
|
}
|
|
226
|
+
/**
|
|
227
|
+
* Reset the backend (for testing).
|
|
228
|
+
* When forceLocal is true, skips @opena2a/shared resolution and uses the
|
|
229
|
+
* local file-based backend. This allows tests to control config via
|
|
230
|
+
* OPENA2A_HOME without the shared backend ignoring that env var.
|
|
231
|
+
*/
|
|
232
|
+
export function _resetBackend(forceLocal = false) {
|
|
233
|
+
_backend = undefined;
|
|
234
|
+
if (forceLocal) {
|
|
235
|
+
_backend = createLocalBackend();
|
|
236
|
+
}
|
|
237
|
+
}
|
|
184
238
|
//# sourceMappingURL=opt-in.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"opt-in.js","sourceRoot":"","sources":["../../src/telemetry/opt-in.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"opt-in.js","sourceRoot":"","sources":["../../src/telemetry/opt-in.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,IAAI,CAAC;AACxE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAc5B,0DAA0D;AAC1D,IAAI,QAAmC,CAAC;AAExC,SAAS,cAAc;IACrB,IAAI,QAAQ;QAAE,OAAO,QAAQ,CAAC;IAE9B,IAAI,CAAC;QACH,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;QAC1C,IACE,OAAO,MAAM,CAAC,mBAAmB,KAAK,UAAU;YAChD,OAAO,MAAM,CAAC,oBAAoB,KAAK,UAAU;YACjD,OAAO,MAAM,CAAC,kBAAkB,KAAK,UAAU;YAC/C,OAAO,MAAM,CAAC,sBAAsB,KAAK,UAAU;YACnD,OAAO,MAAM,CAAC,uBAAuB,KAAK,UAAU,EACpD,CAAC;YACD,QAAQ,GAAG;gBACT,sDAAsD;gBACtD,8DAA8D;gBAC9D,4DAA4D;gBAC5D,gEAAgE;gBAChE,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,oBAAoB,EAAE,MAAM,CAAC,oBAAoB;gBACjD,kBAAkB,EAAE,MAAM,CAAC,kBAAkB;gBAC7C,sBAAsB,EAAE,MAAM,CAAC,sBAAsB;gBACrD,uBAAuB,EAAE,MAAM,CAAC,uBAAuB;aACxD,CAAC;YACF,OAAO,QAAQ,CAAC;QAClB,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,iEAAiE;IACnE,CAAC;IAED,QAAQ,GAAG,kBAAkB,EAAE,CAAC;IAChC,OAAO,QAAQ,CAAC;AAClB,CAAC;AAgBD,SAAS,aAAa;IACpB,MAAM,IAAI,GACR,OAAO,CAAC,GAAG,CAAC,YAAY,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,UAAU,CAAC,CAAC;IACxE,OAAO,IAAI,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;AACnC,CAAC;AAED,SAAS,UAAU;IACjB,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,IAAI,CAAC;QACH,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YAC3B,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,mCAAmC;IACrC,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,WAAW,CAAC,MAAqB;IACxC,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,MAAM,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAChD,SAAS,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACpC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE;QAChE,IAAI,EAAE,KAAK;KACZ,CAAC,CAAC;AACL,CAAC;AAED,SAAS,kBAAkB;IACzB,OAAO;QACL,mBAAmB;YACjB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;YAC5B,IAAI,MAAM,CAAC,UAAU,EAAE,OAAO,KAAK,IAAI;gBAAE,OAAO,IAAI,CAAC;YACrD,IAAI,MAAM,CAAC,UAAU,EAAE,OAAO,KAAK,KAAK;gBAAE,OAAO,KAAK,CAAC;YACvD,OAAO,SAAS,CAAC;QACnB,CAAC;QAED,oBAAoB,CAAC,OAAgB;YACnC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,MAAM,CAAC,UAAU;gBAAE,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC;YAC/C,MAAM,CAAC,UAAU,CAAC,OAAO,GAAG,OAAO,CAAC;YACpC,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,CAAC,SAAS,IAAI,CAAC,CAAC;YACnD,IAAI,SAAS,IAAI,CAAC;gBAAE,MAAM,CAAC,UAAU,CAAC,aAAa,GAAG,IAAI,CAAC;YAC3D,WAAW,CAAC,MAAM,CAAC,CAAC;QACtB,CAAC;QAED,kBAAkB;YAChB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,MAAM,CAAC,UAAU;gBAAE,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC;YAC/C,MAAM,CAAC,UAAU,CAAC,SAAS,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,SAAS,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YACrE,WAAW,CAAC,MAAM,CAAC,CAAC;YACpB,OAAO,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC;QACrC,CAAC;QAED,sBAAsB;YACpB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;YAC5B,IACE,MAAM,CAAC,UAAU,EAAE,OAAO,KAAK,IAAI;gBACnC,MAAM,CAAC,UAAU,EAAE,OAAO,KAAK,KAAK,EACpC,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,SAAS,GAAG,MAAM,CAAC,UAAU,EAAE,SAAS,IAAI,CAAC,CAAC;YACpD,IAAI,SAAS,KAAK,CAAC;gBAAE,OAAO,IAAI,CAAC;YACjC,IAAI,SAAS,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,aAAa;gBAAE,OAAO,IAAI,CAAC;YACrE,OAAO,KAAK,CAAC;QACf,CAAC;QAED,uBAAuB;YACrB,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,MAAM,CAAC,UAAU;gBAAE,MAAM,CAAC,UAAU,GAAG,EAAE,CAAC;YAC/C,MAAM,CAAC,UAAU,CAAC,aAAa,GAAG,IAAI,CAAC;YACvC,WAAW,CAAC,MAAM,CAAC,CAAC;QACtB,CAAC;KACF,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,+DAA+D;AAC/D,8EAA8E;AAE9E;;;;;;;;;GASG;AACH,MAAM,UAAU,mBAAmB;IACjC,OAAO,cAAc,EAAE,CAAC,mBAAmB,EAAE,CAAC;AAChD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB;IACpC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK;QAAE,OAAO,KAAK,CAAC;IAChE,OAAO,cAAc,EAAE,CAAC,sBAAsB,EAAE,CAAC;AACnD,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,kBAAkB;IAChC,cAAc,EAAE,CAAC,kBAAkB,EAAE,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,cAAc,EAAE,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;IAC/C,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,cAAc,EAAE,CAAC,uBAAuB,EAAE,CAAC;IAC7C,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB;IACxC,MAAM,KAAK,GAAG;QACZ,EAAE;QACF,mDAAmD;QACnD,EAAE;QACF,2DAA2D;QAC3D,iEAAiE;QACjE,8DAA8D;QAC9D,EAAE;QACF,qCAAqC;KACtC,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,CAAC;IACpC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,aAAa,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC;IAC7C,oBAAoB,CAAC,OAAO,CAAC,CAAC;IAE9B,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,wFAAwF,CACzF,CAAC;IACJ,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;GAGG;AACH,SAAS,aAAa;IACpB,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC;QAC5B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC;QAE3B,6CAA6C;QAC7C,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE;YAC5B,OAAO,EAAE,CAAC;YACV,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC,EAAE,MAAM,CAAC,CAAC;QAEX,SAAS,OAAO;YACd,YAAY,CAAC,KAAK,CAAC,CAAC;YACpB,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;gBAC3B,KAAK,CAAC,UAAU,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC;YACpC,CAAC;YACD,KAAK,CAAC,KAAK,EAAE,CAAC;QAChB,CAAC;QAED,SAAS,MAAM,CAAC,IAAY;YAC1B,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAClD,OAAO,EAAE,CAAC;YACV,OAAO,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC;QACvB,CAAC;QAED,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;QACvB,KAAK,CAAC,MAAM,EAAE,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,aAAa,CAAC,UAAU,GAAG,KAAK;IAC9C,QAAQ,GAAG,SAAS,CAAC;IACrB,IAAI,UAAU,EAAE,CAAC;QACf,QAAQ,GAAG,kBAAkB,EAAE,CAAC;IAClC,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,7 +1,11 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "ai-trust",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.3",
|
|
4
4
|
"description": "Trust verification CLI for AI packages — check MCP servers, A2A agents, and AI tools before you install",
|
|
5
|
+
"repository": {
|
|
6
|
+
"type": "git",
|
|
7
|
+
"url": "https://github.com/opena2a-org/ai-trust.git"
|
|
8
|
+
},
|
|
5
9
|
"type": "module",
|
|
6
10
|
"main": "dist/index.js",
|
|
7
11
|
"bin": {
|
|
@@ -33,6 +37,7 @@
|
|
|
33
37
|
"author": "OpenA2A",
|
|
34
38
|
"license": "Apache-2.0",
|
|
35
39
|
"dependencies": {
|
|
40
|
+
"@opena2a/shared": "^0.1.0",
|
|
36
41
|
"chalk": "^5.3.0",
|
|
37
42
|
"commander": "^12.1.0"
|
|
38
43
|
},
|