ai-trust 0.2.7 → 0.2.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAyBzC,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAwH3D"}
|
package/dist/commands/audit.js
CHANGED
|
@@ -8,7 +8,7 @@ import { parseDependencyFile } from "../utils/parser.js";
|
|
|
8
8
|
import { formatBatchResults, formatJson, } from "../output/formatter.js";
|
|
9
9
|
import { isHmaAvailable, scanPackage } from "../scanner/index.js";
|
|
10
10
|
import { confirm } from "../utils/prompt.js";
|
|
11
|
-
import { isContributeEnabled, queueScanResult, flushQueue, recordScanAndMaybeShowTip, } from "../telemetry/index.js";
|
|
11
|
+
import { isContributeEnabled, queueScanResult, flushQueue, recordScanAndMaybeShowTip, saveContributeChoice, } from "../telemetry/index.js";
|
|
12
12
|
export function registerAuditCommand(program) {
|
|
13
13
|
program
|
|
14
14
|
.command("audit <file>")
|
|
@@ -134,21 +134,45 @@ async function scanMissingPackages(notFound, allResults, opts, registryUrl) {
|
|
|
134
134
|
* Follows the same opt-in flow as check: queue + flush.
|
|
135
135
|
*/
|
|
136
136
|
async function handleAuditContribution(scannedResults, opts, registryUrl) {
|
|
137
|
-
|
|
137
|
+
const alreadyEnabled = opts.contribute || isContributeEnabled() === true;
|
|
138
|
+
// These are first scans of missing packages — proactively encourage sharing
|
|
139
|
+
if (!alreadyEnabled) {
|
|
140
|
+
if (process.stdin.isTTY) {
|
|
141
|
+
const { confirm } = await import("../utils/prompt.js");
|
|
142
|
+
console.error("");
|
|
143
|
+
console.error(chalk.bold(` You just scanned ${scannedResults.length} package(s) with no community trust data.`));
|
|
144
|
+
console.error(chalk.gray(" Sharing anonymized results helps other developers make informed decisions."));
|
|
145
|
+
console.error("");
|
|
146
|
+
const wantsToShare = await confirm("Share these scans with the community?", true);
|
|
147
|
+
// Persist the choice so we never ask again
|
|
148
|
+
saveContributeChoice(wantsToShare);
|
|
149
|
+
if (wantsToShare) {
|
|
150
|
+
console.error(chalk.gray(" (Future scans will auto-share. Change: opena2a config contribute off)"));
|
|
151
|
+
}
|
|
152
|
+
else {
|
|
153
|
+
return;
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
else {
|
|
157
|
+
// Non-interactive: show call-to-action
|
|
158
|
+
console.error("");
|
|
159
|
+
console.error(chalk.gray(` ${scannedResults.length} package(s) scanned for the first time. Share with the community:`));
|
|
160
|
+
console.error(chalk.cyan(" ai-trust audit <file> --scan-missing --contribute"));
|
|
161
|
+
return;
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
// Show standard tip for scan count tracking
|
|
138
165
|
const tip = recordScanAndMaybeShowTip();
|
|
139
166
|
if (tip) {
|
|
140
167
|
process.stderr.write(tip + "\n");
|
|
141
168
|
}
|
|
142
|
-
const shouldContribute = opts.contribute || isContributeEnabled() === true;
|
|
143
|
-
if (!shouldContribute)
|
|
144
|
-
return;
|
|
145
169
|
try {
|
|
146
170
|
for (const { name, scanResult } of scannedResults) {
|
|
147
171
|
queueScanResult(name, scanResult.scan.findings);
|
|
148
172
|
}
|
|
149
173
|
const ok = await flushQueue(registryUrl);
|
|
150
174
|
if (ok) {
|
|
151
|
-
console.error(chalk.green(`
|
|
175
|
+
console.error(chalk.green(` Scan data shared for ${scannedResults.length} package(s). Thank you for building trust in AI.`));
|
|
152
176
|
}
|
|
153
177
|
}
|
|
154
178
|
catch {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAElD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EACL,kBAAkB,EAClB,UAAU,GACX,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,
|
|
1
|
+
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAElD,OAAO,EAAE,mBAAmB,EAAE,MAAM,oBAAoB,CAAC;AACzD,OAAO,EACL,kBAAkB,EAClB,UAAU,GACX,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,EACzB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAQ/B,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CACV,0DAA0D,CAC3D;SACA,MAAM,CACL,qBAAqB,EACrB,qCAAqC,EACrC,GAAG,CACJ;SACA,MAAM,CACL,gBAAgB,EAChB,+CAA+C,CAChD;SACA,MAAM,CACL,cAAc,EACd,+CAA+C,CAChD;SACA,MAAM,CAAC,KAAK,EAAE,IAAY,EAAE,IAAkB,EAAE,EAAE;QACjD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAG9B,CAAC;QAEF,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;QAC7C,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,QAAQ,GAAG,CAAC,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;YACpD,OAAO,CAAC,KAAK,CAAC,qDAAqD,CAAC,CAAC;YACrE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QAED,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAEjD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;gBAC5D,OAAO;YACT,CAAC;YAED,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;gBAC1B,OAAO,CAAC,KAAK,CACX,iCAAiC,QAAQ,CAAC,MAAM,kEAAkE,CACnH,CAAC;gBACF,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACrB,OAAO;YACT,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;YAC1D,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YAEnD,qCAAqC;YACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YAC1D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;gBAC5C,MAAM,mBAAmB,CACvB,QAAQ,EACR,QAAQ,CAAC,OAAO,EAChB,IAAI,EACJ,UAAU,CAAC,WAAW,CACvB,CAAC;YACJ,CAAC;iBAAM,IACL,QAAQ,CAAC,MAAM,GAAG,CAAC;gBACnB,CAAC,IAAI,CAAC,WAAW;gBACjB,OAAO,CAAC,KAAK,CAAC,KAAK,EACnB,CAAC;gBACD,6BAA6B;gBAC7B,MAAM,UAAU,GAAG,MAAM,OAAO,CAC9B,GAAG,QAAQ,CAAC,MAAM,4CAA4C,EAC9D,KAAK,CACN,CAAC;gBACF,IAAI,UAAU,EAAE,CAAC;oBACf,IAAI,CAAC,CAAC,MAAM,cAAc,EAAE,CAAC,EAAE,CAAC;wBAC9B,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;wBACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;oBAChD,CAAC;yBAAM,CAAC;wBACN,MAAM,mBAAmB,CACvB,QAAQ,EACR,QAAQ,CAAC,OAAO,EAChB,IAAI,EACJ,UAAU,CAAC,WAAW,CACvB,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;YAED,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;YACpC,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;YACtD,CAAC;YAED,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,UAAU,GAAG,QAAQ,CAC1C,CAAC;YACF,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;YAC3D,IAAI,cAAc,IAAI,WAAW,EAAE,CAAC;gBAClC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,OAAe,CAAC;YACpB,IACE,GAAG,YAAY,KAAK;gBACpB,MAAM,IAAI,GAAG;gBACZ,GAA6B,CAAC,IAAI,KAAK,QAAQ,EAChD,CAAC;gBACD,OAAO,GAAG,mBAAmB,IAAI,EAAE,CAAC;YACtC,CAAC;iBAAM,CAAC;gBACN,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YAC7D,CAAC;YAED,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;YACpD,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;YACrC,CAAC;YACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAChC,QAAuB,EACvB,UAAyB,EACzB,IAAkB,EAClB,WAAmB;IAEnB,MAAM,SAAS,GAAG,MAAM,cAAc,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,QAAQ,CAAC,MAAM,wBAAwB,CAAC,CAChE,CAAC;IAEF,MAAM,cAAc,GAA+C,EAAE,CAAC;IAEtE,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC;YACvD,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YAE/C,6BAA6B;YAC7B,MAAM,GAAG,GAAG,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,CAAC;YAC7D,IAAI,GAAG,KAAK,CAAC,CAAC,EAAE,CAAC;gBACf,UAAU,CAAC,GAAG,CAAC,GAAG;oBAChB,GAAG,UAAU,CAAC,GAAG,CAAC;oBAClB,KAAK,EAAE,IAAI;oBACX,UAAU,EAAE,UAAU,CAAC,UAAU;oBACjC,UAAU,EAAE,UAAU,CAAC,UAAU;oBACjC,OAAO,EAAE,UAAU,CAAC,OAAO;oBAC3B,UAAU,EAAE,OAAO;iBACpB,CAAC;YACJ,CAAC;YAED,cAAc,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;QACtD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,MAAM,CAAC,oBAAoB,GAAG,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC,CACzD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,yDAAyD;IACzD,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,uBAAuB,CAC3B,cAAc,EACd,IAAI,EACJ,WAAW,CACZ,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,uBAAuB,CACpC,cAA0D,EAC1D,IAAkB,EAClB,WAAmB;IAEnB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,EAAE,KAAK,IAAI,CAAC;IAEzE,4EAA4E;IAC5E,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACxB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;YACvD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,sBAAsB,cAAc,CAAC,MAAM,2CAA2C,CACvF,CACF,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,8EAA8E,CAC/E,CACF,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,YAAY,GAAG,MAAM,OAAO,CAChC,uCAAuC,EACvC,IAAI,CACL,CAAC;YAEF,2CAA2C;YAC3C,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAEnC,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,yEAAyE,CAAC,CACtF,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,OAAO;YACT,CAAC;QACH,CAAC;aAAM,CAAC;YACN,uCAAuC;YACvC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,KAAK,cAAc,CAAC,MAAM,mEAAmE,CAC9F,CACF,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,uDAAuD,CACxD,CACF,CAAC;YACF,OAAO;QACT,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC;QACH,KAAK,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,IAAI,cAAc,EAAE,CAAC;YAClD,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,KAAK,CACT,0BAA0B,cAAc,CAAC,MAAM,kDAAkD,CAClG,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,YAAY;IACd,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA8BzC,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAgF3D"}
|
package/dist/commands/check.js
CHANGED
|
@@ -10,7 +10,7 @@ import { formatCheckResult, formatScanResult, formatJson, } from "../output/form
|
|
|
10
10
|
import { resolveAndLog } from "../utils/resolve.js";
|
|
11
11
|
import { isHmaAvailable, scanPackage } from "../scanner/index.js";
|
|
12
12
|
import { confirm } from "../utils/prompt.js";
|
|
13
|
-
import { isContributeEnabled, queueScanResult, flushQueue, recordScanAndMaybeShowTip, } from "../telemetry/index.js";
|
|
13
|
+
import { isContributeEnabled, queueScanResult, flushQueue, recordScanAndMaybeShowTip, saveContributeChoice, } from "../telemetry/index.js";
|
|
14
14
|
export function registerCheckCommand(program) {
|
|
15
15
|
program
|
|
16
16
|
.command("check <name>")
|
|
@@ -69,7 +69,7 @@ export function registerCheckCommand(program) {
|
|
|
69
69
|
async function handleNotFound(name, client, globalOpts, opts) {
|
|
70
70
|
// Non-interactive mode with --scan-if-missing
|
|
71
71
|
if (opts.scanIfMissing) {
|
|
72
|
-
await handleScanFlow(name, client, globalOpts, opts, `Package "${name}" not found in registry. Scanning...`);
|
|
72
|
+
await handleScanFlow(name, client, globalOpts, { ...opts, _firstScan: true }, `Package "${name}" not found in registry. Scanning...`);
|
|
73
73
|
return;
|
|
74
74
|
}
|
|
75
75
|
// Non-TTY: report not found with actionable next steps
|
|
@@ -105,7 +105,7 @@ async function handleNotFound(name, client, globalOpts, opts) {
|
|
|
105
105
|
process.exitCode = 1;
|
|
106
106
|
return;
|
|
107
107
|
}
|
|
108
|
-
await handleScanFlow(name, client, globalOpts, opts, "Scanning...");
|
|
108
|
+
await handleScanFlow(name, client, globalOpts, { ...opts, _firstScan: true }, "Scanning...");
|
|
109
109
|
}
|
|
110
110
|
async function handleScanFlow(name, client, globalOpts, opts, statusMessage) {
|
|
111
111
|
if (!(await checkHmaReady()))
|
|
@@ -140,28 +140,57 @@ async function handleScanFlow(name, client, globalOpts, opts, statusMessage) {
|
|
|
140
140
|
// Community contribution flow
|
|
141
141
|
await handleContribute(name, scanResult, globalOpts, opts);
|
|
142
142
|
}
|
|
143
|
+
let _shownCiContributeTip = false;
|
|
143
144
|
async function handleContribute(name, scanResult, globalOpts, opts) {
|
|
144
|
-
|
|
145
|
+
const alreadyEnabled = opts.contribute || isContributeEnabled() === true;
|
|
146
|
+
// For first scans of missing packages, be more proactive about contribution.
|
|
147
|
+
// Ask once and remember the choice — never spam on repeated scans.
|
|
148
|
+
if (opts._firstScan && !alreadyEnabled) {
|
|
149
|
+
if (process.stdin.isTTY) {
|
|
150
|
+
// Interactive: ask directly after first scan of a missing package
|
|
151
|
+
console.error("");
|
|
152
|
+
console.error(chalk.bold(" You just scanned a package with no community trust data."));
|
|
153
|
+
console.error(chalk.gray(" Sharing anonymized results helps other developers"));
|
|
154
|
+
console.error(chalk.gray(" make informed security decisions about AI packages."));
|
|
155
|
+
console.error("");
|
|
156
|
+
const wantsToShare = await confirm("Share this scan with the community?", true);
|
|
157
|
+
// Persist the choice so we never ask again
|
|
158
|
+
saveContributeChoice(wantsToShare);
|
|
159
|
+
if (wantsToShare) {
|
|
160
|
+
console.error(chalk.gray(" (Future scans will auto-share. Change: opena2a config contribute off)"));
|
|
161
|
+
await submitContribution(name, scanResult, globalOpts.registryUrl);
|
|
162
|
+
return;
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
else {
|
|
166
|
+
// Non-interactive: show a clear call-to-action (once per session, don't repeat)
|
|
167
|
+
if (!_shownCiContributeTip) {
|
|
168
|
+
_shownCiContributeTip = true;
|
|
169
|
+
console.error("");
|
|
170
|
+
console.error(chalk.gray(" This is the first scan of this package. Share it with the community:"));
|
|
171
|
+
console.error(chalk.cyan(` ai-trust check ${name} --scan-if-missing --contribute`));
|
|
172
|
+
}
|
|
173
|
+
}
|
|
174
|
+
}
|
|
175
|
+
// Standard contribution flow (tip after 3rd scan, or auto-contribute if enabled)
|
|
145
176
|
const tip = recordScanAndMaybeShowTip();
|
|
146
177
|
if (tip) {
|
|
147
178
|
process.stderr.write(tip + "\n");
|
|
148
179
|
}
|
|
149
|
-
|
|
150
|
-
// 1. --contribute flag: always contribute anonymized telemetry
|
|
151
|
-
// 2. Config enabled: auto-contribute anonymized telemetry
|
|
152
|
-
// 3. Not configured or disabled: skip
|
|
153
|
-
const shouldContribute = opts.contribute || isContributeEnabled() === true;
|
|
154
|
-
if (!shouldContribute)
|
|
180
|
+
if (!alreadyEnabled)
|
|
155
181
|
return;
|
|
182
|
+
await submitContribution(name, scanResult, globalOpts.registryUrl);
|
|
183
|
+
}
|
|
184
|
+
async function submitContribution(name, scanResult, registryUrl) {
|
|
156
185
|
try {
|
|
157
186
|
queueScanResult(name, scanResult.scan.findings);
|
|
158
|
-
const ok = await flushQueue(
|
|
187
|
+
const ok = await flushQueue(registryUrl);
|
|
159
188
|
if (ok) {
|
|
160
|
-
console.error(chalk.green("
|
|
189
|
+
console.error(chalk.green(" Scan shared with the community. Thank you for building trust in AI."));
|
|
161
190
|
}
|
|
162
191
|
}
|
|
163
192
|
catch {
|
|
164
|
-
// Non-fatal:
|
|
193
|
+
// Non-fatal: contribution should never crash the scan
|
|
165
194
|
}
|
|
166
195
|
}
|
|
167
196
|
function handleNoScanNotFound(name, globalOpts) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,GACX,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,
|
|
1
|
+
{"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,GACX,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,EACzB,oBAAoB,GACrB,MAAM,uBAAuB,CAAC;AAa/B,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,gDAAgD,CAAC;SAC7D,MAAM,CACL,mBAAmB,EACnB,4DAA4D,CAC7D;SACA,MAAM,CACL,mBAAmB,EACnB,sDAAsD,CACvD;SACA,MAAM,CACL,cAAc,EACd,oDAAoD,CACrD;SACA,MAAM,CAAC,WAAW,EAAE,iCAAiC,CAAC;SACtD,MAAM,CAAC,UAAU,EAAE,mCAAmC,CAAC;SACvD,MAAM,CACL,kBAAkB,EAClB,kCAAkC,EAClC,IAAI,CACL;SACA,MAAM,CAAC,KAAK,EAAE,OAAe,EAAE,IAAkB,EAAE,EAAE;QACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAG9B,CAAC;QAEF,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC;QAE1D,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAExD,uBAAuB;YACvB,IAAI,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChC,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,IAAI,EACJ,gBAAgB,CACjB,CAAC;gBACF,OAAO;YACT,CAAC;YAED,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;YAClC,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;YACzC,CAAC;YAED,IACE,MAAM,CAAC,KAAK;gBACZ,CAAC,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,IAAI,MAAM,CAAC,OAAO,KAAK,QAAQ,CAAC,EAC9H,CAAC;gBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,oBAAoB,EAAE,CAAC;gBACxC,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;oBACxB,4DAA4D;oBAC5D,oBAAoB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;qBAAM,CAAC;oBACN,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;gBACvD,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CACT,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CACnD,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,8CAA8C;IAC9C,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAC7B,YAAY,IAAI,sCAAsC,CACvD,CAAC;QACF,OAAO;IACT,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;gBACrB,IAAI;gBACJ,KAAK,EAAE,KAAK;gBACZ,KAAK,EAAE,YAAY,IAAI,sCAAsC;gBAC7D,SAAS,EAAE;oBACT,kBAAkB,IAAI,oBAAoB;oBAC1C,sCAAsC;iBACvC;aACF,CAAC,CAAC,CAAC;QACN,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,YAAY,IAAI,wCAAwC,CAAC,CAAC;YACxE,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,sBAAsB,IAAI,oBAAoB,CAAC,CAAC;YAC9D,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,iCAAiC;IACjC,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,sCAAsC,CAAC,CACnE,CAAC;IAEF,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,iCAAiC,EAAE,KAAK,CAAC,CAAC;IAC3E,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC;AAC/F,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB,EAClB,aAAqB;IAErB,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAEzC,IAAI,UAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,WAAW,CAAC,IAAI,CAAC,CAAC;IACvC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;QAClE,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IACtC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,2EAA2E;IAC3E,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,8BAA8B;IAC9B,MAAM,gBAAgB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,qBAAqB,GAAG,KAAK,CAAC;AAElC,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,UAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,EAAE,KAAK,IAAI,CAAC;IAEzE,6EAA6E;IAC7E,mEAAmE;IACnE,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,cAAc,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACxB,kEAAkE;YAClE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,4DAA4D,CAAC,CACzE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAClE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,uDAAuD,CAAC,CACpE,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,YAAY,GAAG,MAAM,OAAO,CAChC,qCAAqC,EACrC,IAAI,CACL,CAAC;YAEF,2CAA2C;YAC3C,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAEnC,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,yEAAyE,CAAC,CACtF,CAAC;gBACF,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC;gBACnE,OAAO;YACT,CAAC;QACH,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,wEAAwE,CACzE,CACF,CAAC;gBACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,sBAAsB,IAAI,iCAAiC,CAC5D,CACF,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,cAAc;QAAE,OAAO;IAE5B,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,CAAC,CAAC;AACrE,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,UAAsB,EACtB,WAAmB;IAEnB,IAAI,CAAC;QACH,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,KAAK,CAAC,uEAAuE,CAAC,CACrF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAC3B,IAAY,EACZ,UAAkD;IAElD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,IAAI;YACJ,KAAK,EAAE,KAAK;YACZ,KAAK,EAAE,YAAY,IAAI,sCAAsC;YAC7D,SAAS,EAAE;gBACT,kBAAkB,IAAI,oBAAoB;gBAC1C,sCAAsC;aACvC;SACF,CAAC,CAAC,CAAC;IACN,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,sCAAsC,CAAC,CACnE,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC;QAC9D,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,sBAAsB,IAAI,oBAAoB,CAAC,CAC3D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC,CAAC;IAC5D,CAAC;IACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,SAAS,GAAG,MAAM,cAAc,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
|
package/package.json
CHANGED