cdk-insights 1.42.4 → 1.43.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (19) hide show
  1. package/dist/cli/types/cli.types.d.ts +8 -1
  2. package/dist/entry.js +214 -212
  3. package/dist/helpers/calibrateFinding/calibrateFinding.d.ts +23 -0
  4. package/dist/helpers/calibrateFinding/calibrateFinding.test.d.ts +1 -0
  5. package/dist/helpers/issueSuppressions/issueSuppressions.d.ts +14 -0
  6. package/dist/helpers/issueSuppressions/suppressionReason.test.d.ts +1 -0
  7. package/dist/helpers/resourceOntology/resourceOntology.d.ts +12 -0
  8. package/dist/helpers/resourceOntology/resourceOntology.test.d.ts +1 -0
  9. package/dist/helpers/sanitizeCodeSnippet/sanitizeCodeSnippet.d.ts +17 -0
  10. package/dist/helpers/sanitizeCodeSnippet/sanitizeCodeSnippet.test.d.ts +1 -0
  11. package/dist/helpers/stableOrdering/stableOrdering.d.ts +13 -0
  12. package/dist/helpers/validateFindings/validateFindings.d.ts +21 -0
  13. package/dist/helpers/validateFindings/validateFindings.test.d.ts +1 -0
  14. package/dist/helpers/writeAnalysisReport/writeAnalysisReport.d.ts +2 -0
  15. package/dist/index.d.ts +10 -2
  16. package/dist/index.js +143 -141
  17. package/dist/shared/promptSchemaVersion.d.ts +1 -1
  18. package/dist/types/analysis.types.d.ts +93 -0
  19. package/package.json +1 -1
package/dist/cli/types/cli.types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { Issue, ServiceName } from '../../types/analysis.types';
1
+ import type { FindingClass, Issue, ServiceName } from '../../types/analysis.types';
2
2
  export type OutputFormat = 'json' | 'table' | 'markdown' | 'summary' | 'sarif' | 'github-actions' | 'pdf';
3
3
  export interface AnalyzeCommandArgs {
4
4
  stackName?: string;
@@ -11,8 +11,11 @@ export interface AnalyzeCommandArgs {
11
11
  yes?: boolean;
12
12
  reset?: boolean;
13
13
  failOnCritical?: boolean;
14
+ /** Finding classes that should fail the run regardless of severity. */
15
+ failOnClass?: FindingClass[];
14
16
  ruleFilter?: string[];
15
17
  ignoreRules?: string[];
18
+ ignoreRuleReasons?: Record<string, string>;
16
19
  ignorePaths?: string[];
17
20
  github?: boolean;
18
21
  redact?: boolean;
@@ -70,6 +73,8 @@ export interface SensitiveDataDetectionConfig {
70
73
  /** Project-level user configuration */
71
74
  export interface UserConfig {
72
75
  failOnCritical?: boolean;
76
+ /** Finding classes that should fail the run regardless of severity. */
77
+ failOnClass?: FindingClass[];
73
78
  stackName?: string;
74
79
  output?: OutputFormat;
75
80
  services?: ServiceName[];
@@ -95,6 +100,8 @@ export interface UserConfig {
95
100
  * instead of patching each call site.
96
101
  */
97
102
  ignoreRules?: string[];
103
+ /** Per-rule justification, keyed by rule id (from object-form ignoreRules). */
104
+ ignoreRuleReasons?: Record<string, string>;
98
105
  /**
99
106
  * Resource paths (CDK construct paths or logical IDs) to skip entirely.
100
107
  * Matched against the resource's `aws:cdk:path` Metadata and its