cdk-insights 1.43.0 → 1.44.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli/commands/analyse.d.ts +12 -0
- package/dist/cli/commands/analyse.recoverStackName.test.d.ts +1 -0
- package/dist/cli/types/cli.types.d.ts +10 -0
- package/dist/entry.js +199 -199
- package/dist/helpers/generateOutput/generateOutput.d.ts +18 -0
- package/dist/index.d.ts +8 -1
- package/dist/index.js +135 -135
- package/package.json +1 -1
|
@@ -1,6 +1,18 @@
|
|
|
1
1
|
import type { CommandModule } from 'yargs';
|
|
2
2
|
import type { IssueGroup } from '../../types/analysis.types';
|
|
3
3
|
import type { AnalyzeCommandArgs } from '../types/cli.types';
|
|
4
|
+
/**
|
|
5
|
+
* Recover a stack name passed after the `--` separator.
|
|
6
|
+
*
|
|
7
|
+
* yargs 17 routes tokens after `--` into `argv._` but does NOT bind them to a
|
|
8
|
+
* named positional, so `scan -- MyStack` (the injection-safe form the GitHub
|
|
9
|
+
* Action and the usual CLI convention use) leaves `stackName` undefined — and
|
|
10
|
+
* in CI that silently falls back to scanning every stack. When the positional
|
|
11
|
+
* didn't bind and exactly one extra token sits in `argv._` (besides the `scan`
|
|
12
|
+
* command word), treat it as the stack name. Anything ambiguous (zero or
|
|
13
|
+
* multiple leftover tokens) is left alone.
|
|
14
|
+
*/
|
|
15
|
+
export declare const recoverPositionalStackName: (stackName: string | undefined, underscore: ReadonlyArray<string | number>) => string | undefined;
|
|
4
16
|
export declare function runStackAnalysis(finalConfig: AnalyzeCommandArgs, fingerprint?: string, authToken?: string, licenseInfo?: any, usageData?: any, _project?: string, licenseKey?: string, forceLocal?: boolean, sensitiveDataConfig?: {
|
|
5
17
|
enabled?: boolean;
|
|
6
18
|
warnOnly?: boolean;
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -13,6 +13,14 @@ export interface AnalyzeCommandArgs {
|
|
|
13
13
|
failOnCritical?: boolean;
|
|
14
14
|
/** Finding classes that should fail the run regardless of severity. */
|
|
15
15
|
failOnClass?: FindingClass[];
|
|
16
|
+
/**
|
|
17
|
+
* Additional report-file formats to write to disk in a single analysis
|
|
18
|
+
* pass, alongside (and independently of) the primary `--format`/`--output`
|
|
19
|
+
* rendering. Lets CI integrations produce e.g. JSON + SARIF + Markdown
|
|
20
|
+
* from one scan instead of re-running the CLI once per format. Only the
|
|
21
|
+
* file-backed formats are honoured: `json`, `sarif`, `markdown`.
|
|
22
|
+
*/
|
|
23
|
+
reports?: string[];
|
|
16
24
|
ruleFilter?: string[];
|
|
17
25
|
ignoreRules?: string[];
|
|
18
26
|
ignoreRuleReasons?: Record<string, string>;
|
|
@@ -75,6 +83,8 @@ export interface UserConfig {
|
|
|
75
83
|
failOnCritical?: boolean;
|
|
76
84
|
/** Finding classes that should fail the run regardless of severity. */
|
|
77
85
|
failOnClass?: FindingClass[];
|
|
86
|
+
/** Default extra report-file formats to write (json | sarif | markdown). */
|
|
87
|
+
reports?: string[];
|
|
78
88
|
stackName?: string;
|
|
79
89
|
output?: OutputFormat;
|
|
80
90
|
services?: ServiceName[];
|