autoremediator 0.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (3) hide show
  1. package/README.md +6 -0
  2. package/llms.txt +12 -0
  3. package/package.json +112 -0
package/README.md ADDED
@@ -0,0 +1,6 @@
1
+ # autoremediator (core package)
2
+
3
+ This directory contains the publishable npm package for Autoremediator.
4
+
5
+ For full project docs, see the repository root README and docs site:
6
+ - https://rawlings.github.io/autoremediator/
package/llms.txt ADDED
@@ -0,0 +1,12 @@
1
+ # autoremediator
2
+
3
+ > Agentic CVE remediation for Node.js projects - MCP tool server, OpenAPI HTTP API, and CLI.
4
+
5
+ ## What it does
6
+
7
+ autoremediator takes a CVE ID (or a scanner output file) and autonomously:
8
+ 1. Looks up the CVE in OSV + GitHub Advisory databases
9
+ 2. Scans the project's installed packages for vulnerable versions
10
+ 3. Finds the lowest safe upgrade version from the npm registry
11
+ 4. Applies a package.json version bump and runs the resolved package manager install command
12
+ 5. Falls back to generating and applying a unified diff .patch file when no safe upgrade exists
package/package.json ADDED
@@ -0,0 +1,112 @@
1
+ {
2
+ "name": "autoremediator",
3
+ "version": "0.1.0",
4
+ "description": "AI-first CVE remediation for Node.js dependencies with CLI, SDK, MCP server, OpenAPI server, and scanner input support (npm-audit, yarn-audit, SARIF)",
5
+ "keywords": [
6
+ "cve",
7
+ "vulnerability",
8
+ "security",
9
+ "dependency",
10
+ "remediation",
11
+ "auto-remediation",
12
+ "npm-audit",
13
+ "yarn-audit",
14
+ "sarif",
15
+ "supply-chain",
16
+ "agentic",
17
+ "ai",
18
+ "llm",
19
+ "mcp",
20
+ "openapi",
21
+ "osv",
22
+ "ghsa",
23
+ "pnpm",
24
+ "npm",
25
+ "yarn"
26
+ ],
27
+ "author": "",
28
+ "license": "MIT",
29
+ "homepage": "https://github.com/Rawlings/autoremediator#readme",
30
+ "repository": {
31
+ "type": "git",
32
+ "url": "git+https://github.com/Rawlings/autoremediator.git"
33
+ },
34
+ "bugs": {
35
+ "url": "https://github.com/Rawlings/autoremediator/issues"
36
+ },
37
+ "funding": {
38
+ "type": "github",
39
+ "url": "https://github.com/Rawlings"
40
+ },
41
+ "type": "module",
42
+ "bin": {
43
+ "autoremediator": "./dist/cli.js",
44
+ "autoremediator-mcp": "./dist/mcp/server.js"
45
+ },
46
+ "main": "./dist/index.js",
47
+ "types": "./dist/index.d.ts",
48
+ "files": [
49
+ "dist",
50
+ "README.md",
51
+ "llms.txt"
52
+ ],
53
+ "exports": {
54
+ ".": {
55
+ "import": "./dist/index.js",
56
+ "types": "./dist/index.d.ts"
57
+ },
58
+ "./cli": {
59
+ "import": "./dist/cli.js"
60
+ },
61
+ "./mcp": {
62
+ "import": "./dist/mcp/server.js"
63
+ },
64
+ "./openapi": {
65
+ "import": "./dist/openapi/server.js"
66
+ },
67
+ "./package.json": "./package.json"
68
+ },
69
+ "publishConfig": {
70
+ "access": "public"
71
+ },
72
+ "scripts": {
73
+ "build": "tsup",
74
+ "dev": "tsup --watch",
75
+ "typecheck": "tsc --noEmit",
76
+ "test": "vitest run",
77
+ "test:watch": "vitest"
78
+ },
79
+ "dependencies": {
80
+ "@modelcontextprotocol/sdk": "^1.0.0",
81
+ "ai": "^4.3.16",
82
+ "chalk": "^5.4.1",
83
+ "commander": "^13.1.0",
84
+ "execa": "^9.5.2",
85
+ "semver": "^7.7.1",
86
+ "zod": "^3.24.2"
87
+ },
88
+ "peerDependencies": {
89
+ "@ai-sdk/anthropic": "^1.0.0",
90
+ "@ai-sdk/openai": "^1.0.0"
91
+ },
92
+ "peerDependenciesMeta": {
93
+ "@ai-sdk/openai": {
94
+ "optional": true
95
+ },
96
+ "@ai-sdk/anthropic": {
97
+ "optional": true
98
+ }
99
+ },
100
+ "devDependencies": {
101
+ "@ai-sdk/anthropic": "^1.2.12",
102
+ "@ai-sdk/openai": "^1.3.22",
103
+ "@types/node": "^22.13.14",
104
+ "@types/semver": "^7.7.0",
105
+ "tsup": "^8.4.0",
106
+ "typescript": "^5.8.2",
107
+ "vitest": "^3.0.9"
108
+ },
109
+ "engines": {
110
+ "node": ">=22.0.0"
111
+ }
112
+ }