cdk-insights 1.42.4 → 1.44.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (20) hide show
  1. package/dist/cli/types/cli.types.d.ts +18 -1
  2. package/dist/entry.js +210 -208
  3. package/dist/helpers/calibrateFinding/calibrateFinding.d.ts +23 -0
  4. package/dist/helpers/calibrateFinding/calibrateFinding.test.d.ts +1 -0
  5. package/dist/helpers/generateOutput/generateOutput.d.ts +18 -0
  6. package/dist/helpers/issueSuppressions/issueSuppressions.d.ts +14 -0
  7. package/dist/helpers/issueSuppressions/suppressionReason.test.d.ts +1 -0
  8. package/dist/helpers/resourceOntology/resourceOntology.d.ts +12 -0
  9. package/dist/helpers/resourceOntology/resourceOntology.test.d.ts +1 -0
  10. package/dist/helpers/sanitizeCodeSnippet/sanitizeCodeSnippet.d.ts +17 -0
  11. package/dist/helpers/sanitizeCodeSnippet/sanitizeCodeSnippet.test.d.ts +1 -0
  12. package/dist/helpers/stableOrdering/stableOrdering.d.ts +13 -0
  13. package/dist/helpers/validateFindings/validateFindings.d.ts +21 -0
  14. package/dist/helpers/validateFindings/validateFindings.test.d.ts +1 -0
  15. package/dist/helpers/writeAnalysisReport/writeAnalysisReport.d.ts +2 -0
  16. package/dist/index.d.ts +17 -2
  17. package/dist/index.js +143 -141
  18. package/dist/shared/promptSchemaVersion.d.ts +1 -1
  19. package/dist/types/analysis.types.d.ts +93 -0
  20. package/package.json +1 -1
package/dist/cli/types/cli.types.d.ts CHANGED
@@ -1,4 +1,4 @@
1
- import type { Issue, ServiceName } from '../../types/analysis.types';
1
+ import type { FindingClass, Issue, ServiceName } from '../../types/analysis.types';
2
2
  export type OutputFormat = 'json' | 'table' | 'markdown' | 'summary' | 'sarif' | 'github-actions' | 'pdf';
3
3
  export interface AnalyzeCommandArgs {
4
4
  stackName?: string;
@@ -11,8 +11,19 @@ export interface AnalyzeCommandArgs {
11
11
  yes?: boolean;
12
12
  reset?: boolean;
13
13
  failOnCritical?: boolean;
14
+ /** Finding classes that should fail the run regardless of severity. */
15
+ failOnClass?: FindingClass[];
16
+ /**
17
+ * Additional report-file formats to write to disk in a single analysis
18
+ * pass, alongside (and independently of) the primary `--format`/`--output`
19
+ * rendering. Lets CI integrations produce e.g. JSON + SARIF + Markdown
20
+ * from one scan instead of re-running the CLI once per format. Only the
21
+ * file-backed formats are honoured: `json`, `sarif`, `markdown`.
22
+ */
23
+ reports?: string[];
14
24
  ruleFilter?: string[];
15
25
  ignoreRules?: string[];
26
+ ignoreRuleReasons?: Record<string, string>;
16
27
  ignorePaths?: string[];
17
28
  github?: boolean;
18
29
  redact?: boolean;
@@ -70,6 +81,10 @@ export interface SensitiveDataDetectionConfig {
70
81
  /** Project-level user configuration */
71
82
  export interface UserConfig {
72
83
  failOnCritical?: boolean;
84
+ /** Finding classes that should fail the run regardless of severity. */
85
+ failOnClass?: FindingClass[];
86
+ /** Default extra report-file formats to write (json | sarif | markdown). */
87
+ reports?: string[];
73
88
  stackName?: string;
74
89
  output?: OutputFormat;
75
90
  services?: ServiceName[];
@@ -95,6 +110,8 @@ export interface UserConfig {
95
110
  * instead of patching each call site.
96
111
  */
97
112
  ignoreRules?: string[];
113
+ /** Per-rule justification, keyed by rule id (from object-form ignoreRules). */
114
+ ignoreRuleReasons?: Record<string, string>;
98
115
  /**
99
116
  * Resource paths (CDK construct paths or logical IDs) to skip entirely.
100
117
  * Matched against the resource's `aws:cdk:path` Metadata and its