clawsec 0.0.1

package/dist/src/approval/webhook.d.ts

@@ -0,0 +1,170 @@
+/**
+ * Webhook Approval Client
+ * Handles approval requests via external webhooks (Slack, Discord, custom APIs, etc.)
+ */
+import type { Detection } from '../engine/types.js';
+import type { ApprovalResult, ApprovalStore, PendingApprovalRecord } from './types.js';
+import type { WebhookApproval } from '../config/schema.js';
+/**
+ * Request sent to the webhook endpoint
+ */
+export interface WebhookApprovalRequest {
+    /** Unique identifier for this approval request */
+    id: string;
+    /** The detection that triggered this approval request */
+    detection: Detection;
+    /** Information about the tool call */
+    toolCall: {
+        name: string;
+        input: Record<string, unknown>;
+    };
+    /** Timestamp when the request was created (ms since epoch) */
+    timestamp: number;
+    /** Timestamp when the approval expires (ms since epoch) */
+    expiresAt: number;
+    /** Optional callback URL for async approval */
+    callbackUrl?: string;
+}
+/**
+ * Response from the webhook endpoint
+ */
+export interface WebhookApprovalResponse {
+    /** Whether the action was approved */
+    approved: boolean;
+    /** Who approved/denied the action */
+    approvedBy?: string;
+    /** Reason for the decision */
+    reason?: string;
+}
+/**
+ * Result of a webhook approval request
+ */
+export interface WebhookApprovalResult {
+    /** Whether the webhook request was successful */
+    success: boolean;
+    /** Response from the webhook (if successful) */
+    response?: WebhookApprovalResponse;
+    /** Error message (if unsuccessful) */
+    error?: string;
+    /** True if waiting for async callback (202 response) */
+    waitingForCallback: boolean;
+}
+/**
+ * Interface for the webhook approval client
+ */
+export interface WebhookApprovalClient {
+    /** Send approval request to external system */
+    requestApproval(request: WebhookApprovalRequest): Promise<WebhookApprovalResult>;
+    /** Handle callback from external system */
+    handleCallback(id: string, response: WebhookApprovalResponse): ApprovalResult;
+    /** Check if webhook approval is enabled */
+    isEnabled(): boolean;
+}
+/**
+ * HTTP client interface for making requests (allows mocking in tests)
+ */
+export interface HttpClient {
+    /** Make a POST request */
+    post(url: string, body: unknown, options: {
+        headers?: Record<string, string>;
+        timeoutMs?: number;
+    }): Promise<HttpResponse>;
+}
+/**
+ * HTTP response interface
+ */
+export interface HttpResponse {
+    /** HTTP status code */
+    status: number;
+    /** Response body (parsed JSON) */
+    body: unknown;
+}
+/**
+ * Configuration for the webhook approval client
+ */
+export interface WebhookApprovalClientConfig {
+    /** Webhook configuration from clawsec config */
+    webhookConfig: WebhookApproval;
+    /** Optional custom HTTP client (for testing) */
+    httpClient?: HttpClient;
+    /** Approval store to use */
+    store?: ApprovalStore;
+    /** Optional callback URL template (use {id} as placeholder) */
+    callbackUrlTemplate?: string;
+}
+/**
+ * Default HTTP client implementation using fetch
+ */
+export declare class FetchHttpClient implements HttpClient {
+    post(url: string, body: unknown, options: {
+        headers?: Record<string, string>;
+        timeoutMs?: number;
+    }): Promise<HttpResponse>;
+}
+/**
+ * Default webhook approval client implementation
+ */
+export declare class DefaultWebhookApprovalClient implements WebhookApprovalClient {
+    private config;
+    private httpClient;
+    private store;
+    private callbackUrlTemplate?;
+    constructor(config: WebhookApprovalClientConfig);
+    /**
+     * Check if webhook approval is enabled
+     */
+    isEnabled(): boolean;
+    /**
+     * Send approval request to external system
+     */
+    requestApproval(request: WebhookApprovalRequest): Promise<WebhookApprovalResult>;
+    /**
+     * Handle callback from external system
+     */
+    handleCallback(id: string, response: WebhookApprovalResponse): ApprovalResult;
+    /**
+     * Handle HTTP response
+     */
+    private handleResponse;
+    /**
+     * Handle HTTP errors
+     */
+    private handleError;
+    /**
+     * Validate that the response is a valid approval response
+     */
+    private isValidApprovalResponse;
+    /**
+     * Extract error message from response body
+     */
+    private extractErrorMessage;
+    /**
+     * Format approval message
+     */
+    private formatApprovalMessage;
+    /**
+     * Format denial message
+     */
+    private formatDenialMessage;
+}
+/**
+ * Create a webhook approval client with the given configuration
+ */
+export declare function createWebhookApprovalClient(config: WebhookApprovalClientConfig): DefaultWebhookApprovalClient;
+/**
+ * Get the default webhook approval client singleton
+ */
+export declare function getDefaultWebhookApprovalClient(): DefaultWebhookApprovalClient;
+/**
+ * Set the default webhook approval client configuration
+ */
+export declare function configureDefaultWebhookApprovalClient(config: WebhookApprovalClientConfig): DefaultWebhookApprovalClient;
+/**
+ * Reset the default client (mainly for testing)
+ */
+export declare function resetDefaultWebhookApprovalClient(): void;
+/**
+ * Create a webhook approval request from a pending approval record
+ */
+export declare function createWebhookRequest(record: PendingApprovalRecord, callbackUrl?: string): WebhookApprovalRequest;
+//# sourceMappingURL=webhook.d.ts.map

package/dist/src/approval/webhook.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook.d.ts","sourceRoot":"","sources":["../../../src/approval/webhook.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,EAAE,cAAc,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AACvF,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAG3D;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,kDAAkD;IAClD,EAAE,EAAE,MAAM,CAAC;IACX,yDAAyD;IACzD,SAAS,EAAE,SAAS,CAAC;IACrB,sCAAsC;IACtC,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KAChC,CAAC;IACF,8DAA8D;IAC9D,SAAS,EAAE,MAAM,CAAC;IAClB,2DAA2D;IAC3D,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,sCAAsC;IACtC,QAAQ,EAAE,OAAO,CAAC;IAClB,qCAAqC;IACrC,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,8BAA8B;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,iDAAiD;IACjD,OAAO,EAAE,OAAO,CAAC;IACjB,gDAAgD;IAChD,QAAQ,CAAC,EAAE,uBAAuB,CAAC;IACnC,sCAAsC;IACtC,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,wDAAwD;IACxD,kBAAkB,EAAE,OAAO,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,+CAA+C;IAC/C,eAAe,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC,CAAC;IACjF,2CAA2C;IAC3C,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,uBAAuB,GAAG,cAAc,CAAC;IAC9E,2CAA2C;IAC3C,SAAS,IAAI,OAAO,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,0BAA0B;IAC1B,IAAI,CACF,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,OAAO,EACb,OAAO,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAChE,OAAO,CAAC,YAAY,CAAC,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,uBAAuB;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,kCAAkC;IAClC,IAAI,EAAE,OAAO,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,2BAA2B;IAC1C,gDAAgD;IAChD,aAAa,EAAE,eAAe,CAAC;IAC/B,gDAAgD;IAChD,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,4BAA4B;IAC5B,KAAK,CAAC,EAAE,aAAa,CAAC;IACtB,+DAA+D;IAC/D,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,qBAAa,eAAgB,YAAW,UAAU;IAC1C,IAAI,CACR,GAAG,EAAE,MAAM,EACX,IAAI,EAAE,OAAO,EACb,OAAO,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAAC,SAAS,CAAC,EAAE,MAAM,CAAA;KAAE,GAChE,OAAO,CAAC,YAAY,CAAC;CAmCzB;AAED;;GAEG;AACH,qBAAa,4BAA6B,YAAW,qBAAqB;IACxE,OAAO,CAAC,MAAM,CAAkB;IAChC,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,KAAK,CAAgB;IAC7B,OAAO,CAAC,mBAAmB,CAAC,CAAS;gBAEzB,MAAM,EAAE,2BAA2B;IAO/C;;OAEG;IACH,SAAS,IAAI,OAAO;IAIpB;;OAEG;IACG,eAAe,CAAC,OAAO,EAAE,sBAAsB,GAAG,OAAO,CAAC,qBAAqB,CAAC;IAqCtF;;OAEG;IACH,cAAc,CAAC,EAAE,EAAE,MAAM,EAAE,QAAQ,EAAE,uBAAuB,GAAG,cAAc;IA2E7E;;OAEG;IACH,OAAO,CAAC,cAAc;IAyDtB;;OAEG;IACH,OAAO,CAAC,WAAW;IAkCnB;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAS/B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAsB3B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAQ7B;;OAEG;IACH,OAAO,CAAC,mBAAmB;CAO5B;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,2BAA2B,GAClC,4BAA4B,CAE9B;AAiBD;;GAEG;AACH,wBAAgB,+BAA+B,IAAI,4BAA4B,CAO9E;AAED;;GAEG;AACH,wBAAgB,qCAAqC,CACnD,MAAM,EAAE,2BAA2B,GAClC,4BAA4B,CAG9B;AAED;;GAEG;AACH,wBAAgB,iCAAiC,IAAI,IAAI,CAExD;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,MAAM,EAAE,qBAAqB,EAC7B,WAAW,CAAC,EAAE,MAAM,GACnB,sBAAsB,CAYxB"}

package/dist/src/approval/webhook.js

@@ -0,0 +1,362 @@
+/**
+ * Webhook Approval Client
+ * Handles approval requests via external webhooks (Slack, Discord, custom APIs, etc.)
+ */
+import { getDefaultApprovalStore } from './store.js';
+/**
+ * Default HTTP client implementation using fetch
+ */
+export class FetchHttpClient {
+    async post(url, body, options) {
+        const controller = new AbortController();
+        const timeoutId = options.timeoutMs
+            ? setTimeout(() => controller.abort(), options.timeoutMs)
+            : undefined;
+        try {
+            const response = await fetch(url, {
+                method: 'POST',
+                headers: {
+                    'Content-Type': 'application/json',
+                    ...options.headers,
+                },
+                body: JSON.stringify(body),
+                signal: controller.signal,
+            });
+            let responseBody;
+            const contentType = response.headers.get('content-type');
+            if (contentType && contentType.includes('application/json')) {
+                responseBody = await response.json();
+            }
+            else {
+                responseBody = await response.text();
+            }
+            return {
+                status: response.status,
+                body: responseBody,
+            };
+        }
+        finally {
+            if (timeoutId) {
+                clearTimeout(timeoutId);
+            }
+        }
+    }
+}
+/**
+ * Default webhook approval client implementation
+ */
+export class DefaultWebhookApprovalClient {
+    config;
+    httpClient;
+    store;
+    callbackUrlTemplate;
+    constructor(config) {
+        this.config = config.webhookConfig;
+        this.httpClient = config.httpClient ?? new FetchHttpClient();
+        this.store = config.store ?? getDefaultApprovalStore();
+        this.callbackUrlTemplate = config.callbackUrlTemplate;
+    }
+    /**
+     * Check if webhook approval is enabled
+     */
+    isEnabled() {
+        return this.config.enabled && !!this.config.url;
+    }
+    /**
+     * Send approval request to external system
+     */
+    async requestApproval(request) {
+        // Check if enabled
+        if (!this.isEnabled()) {
+            return {
+                success: false,
+                error: 'Webhook approval is not enabled or URL is not configured',
+                waitingForCallback: false,
+            };
+        }
+        // Build callback URL if template is provided
+        const callbackUrl = this.callbackUrlTemplate
+            ? this.callbackUrlTemplate.replace('{id}', request.id)
+            : request.callbackUrl;
+        // Build the request payload
+        const payload = {
+            ...request,
+            callbackUrl,
+        };
+        try {
+            const response = await this.httpClient.post(this.config.url, payload, {
+                headers: this.config.headers ?? {},
+                timeoutMs: this.config.timeout * 1000,
+            });
+            return this.handleResponse(response);
+        }
+        catch (error) {
+            return this.handleError(error);
+        }
+    }
+    /**
+     * Handle callback from external system
+     */
+    handleCallback(id, response) {
+        // Validate ID
+        if (!id || typeof id !== 'string' || id.trim() === '') {
+            return {
+                success: false,
+                message: 'Invalid approval ID: ID cannot be empty',
+            };
+        }
+        const trimmedId = id.trim();
+        // Get the record
+        const record = this.store.get(trimmedId);
+        if (!record) {
+            return {
+                success: false,
+                message: `Approval not found: No pending approval with ID "${trimmedId}"`,
+            };
+        }
+        // Check if expired
+        if (record.status === 'expired') {
+            return {
+                success: false,
+                message: `Approval expired: The approval "${trimmedId}" has expired`,
+                record,
+            };
+        }
+        // Check if already processed
+        if (record.status !== 'pending') {
+            return {
+                success: false,
+                message: `Approval already ${record.status}: The approval "${trimmedId}" was already ${record.status}`,
+                record,
+            };
+        }
+        // Process the response
+        if (response.approved) {
+            const success = this.store.approve(trimmedId, response.approvedBy ?? 'webhook');
+            if (!success) {
+                return {
+                    success: false,
+                    message: `Failed to approve: Unable to approve "${trimmedId}"`,
+                    record: this.store.get(trimmedId),
+                };
+            }
+            const approvedRecord = this.store.get(trimmedId);
+            return {
+                success: true,
+                message: this.formatApprovalMessage(approvedRecord, response),
+                record: approvedRecord,
+            };
+        }
+        else {
+            const success = this.store.deny(trimmedId);
+            if (!success) {
+                return {
+                    success: false,
+                    message: `Failed to deny: Unable to deny "${trimmedId}"`,
+                    record: this.store.get(trimmedId),
+                };
+            }
+            const deniedRecord = this.store.get(trimmedId);
+            return {
+                success: true,
+                message: this.formatDenialMessage(deniedRecord, response),
+                record: deniedRecord,
+            };
+        }
+    }
+    /**
+     * Handle HTTP response
+     */
+    handleResponse(response) {
+        // Handle 202 Accepted (async approval)
+        if (response.status === 202) {
+            return {
+                success: true,
+                waitingForCallback: true,
+            };
+        }
+        // Handle success (200)
+        if (response.status === 200) {
+            const body = response.body;
+            // Validate response format
+            if (!this.isValidApprovalResponse(body)) {
+                return {
+                    success: false,
+                    error: 'Invalid response format: expected { approved: boolean }',
+                    waitingForCallback: false,
+                };
+            }
+            return {
+                success: true,
+                response: body,
+                waitingForCallback: false,
+            };
+        }
+        // Handle client errors (4xx)
+        if (response.status >= 400 && response.status < 500) {
+            const errorMessage = this.extractErrorMessage(response.body);
+            return {
+                success: false,
+                error: `Client error (${response.status}): ${errorMessage}`,
+                waitingForCallback: false,
+            };
+        }
+        // Handle server errors (5xx)
+        if (response.status >= 500) {
+            const errorMessage = this.extractErrorMessage(response.body);
+            return {
+                success: false,
+                error: `Server error (${response.status}): ${errorMessage}`,
+                waitingForCallback: false,
+            };
+        }
+        // Handle other status codes
+        return {
+            success: false,
+            error: `Unexpected status code: ${response.status}`,
+            waitingForCallback: false,
+        };
+    }
+    /**
+     * Handle HTTP errors
+     */
+    handleError(error) {
+        // Handle timeout (AbortError)
+        if (error instanceof Error) {
+            if (error.name === 'AbortError') {
+                return {
+                    success: false,
+                    error: `Request timeout: Webhook did not respond within ${this.config.timeout} seconds`,
+                    waitingForCallback: false,
+                };
+            }
+            // Handle network errors
+            if (error.message.includes('fetch') || error.message.includes('network')) {
+                return {
+                    success: false,
+                    error: `Network error: ${error.message}`,
+                    waitingForCallback: false,
+                };
+            }
+            return {
+                success: false,
+                error: `Request failed: ${error.message}`,
+                waitingForCallback: false,
+            };
+        }
+        return {
+            success: false,
+            error: 'Unknown error occurred while making webhook request',
+            waitingForCallback: false,
+        };
+    }
+    /**
+     * Validate that the response is a valid approval response
+     */
+    isValidApprovalResponse(body) {
+        if (!body || typeof body !== 'object') {
+            return false;
+        }
+        const response = body;
+        return typeof response.approved === 'boolean';
+    }
+    /**
+     * Extract error message from response body
+     */
+    extractErrorMessage(body) {
+        if (!body) {
+            return 'No error details provided';
+        }
+        if (typeof body === 'string') {
+            return body;
+        }
+        if (typeof body === 'object') {
+            const obj = body;
+            if (typeof obj.error === 'string') {
+                return obj.error;
+            }
+            if (typeof obj.message === 'string') {
+                return obj.message;
+            }
+        }
+        return 'Unknown error';
+    }
+    /**
+     * Format approval message
+     */
+    formatApprovalMessage(record, response) {
+        const toolName = record.toolCall.toolName;
+        const approver = response.approvedBy ? ` by ${response.approvedBy}` : ' via webhook';
+        const reason = response.reason ? ` (${response.reason})` : '';
+        return `Approved${approver}: The action using tool "${toolName}" has been approved${reason}`;
+    }
+    /**
+     * Format denial message
+     */
+    formatDenialMessage(record, response) {
+        const toolName = record.toolCall.toolName;
+        const denier = response.approvedBy ? ` by ${response.approvedBy}` : ' via webhook';
+        const reason = response.reason ? ` (${response.reason})` : '';
+        return `Denied${denier}: The action using tool "${toolName}" has been denied${reason}`;
+    }
+}
+/**
+ * Create a webhook approval client with the given configuration
+ */
+export function createWebhookApprovalClient(config) {
+    return new DefaultWebhookApprovalClient(config);
+}
+/**
+ * Default webhook config (disabled)
+ */
+const DEFAULT_WEBHOOK_CONFIG = {
+    enabled: false,
+    url: undefined,
+    timeout: 30,
+    headers: {},
+};
+/**
+ * Default singleton client instance
+ */
+let defaultClient = null;
+/**
+ * Get the default webhook approval client singleton
+ */
+export function getDefaultWebhookApprovalClient() {
+    if (!defaultClient) {
+        defaultClient = createWebhookApprovalClient({
+            webhookConfig: DEFAULT_WEBHOOK_CONFIG,
+        });
+    }
+    return defaultClient;
+}
+/**
+ * Set the default webhook approval client configuration
+ */
+export function configureDefaultWebhookApprovalClient(config) {
+    defaultClient = createWebhookApprovalClient(config);
+    return defaultClient;
+}
+/**
+ * Reset the default client (mainly for testing)
+ */
+export function resetDefaultWebhookApprovalClient() {
+    defaultClient = null;
+}
+/**
+ * Create a webhook approval request from a pending approval record
+ */
+export function createWebhookRequest(record, callbackUrl) {
+    return {
+        id: record.id,
+        detection: record.detection,
+        toolCall: {
+            name: record.toolCall.toolName,
+            input: record.toolCall.toolInput,
+        },
+        timestamp: record.createdAt,
+        expiresAt: record.expiresAt,
+        callbackUrl,
+    };
+}
+//# sourceMappingURL=webhook.js.map

package/dist/src/approval/webhook.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"webhook.js","sourceRoot":"","sources":["../../../src/approval/webhook.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAE,uBAAuB,EAAE,MAAM,YAAY,CAAC;AAiGrD;;GAEG;AACH,MAAM,OAAO,eAAe;IAC1B,KAAK,CAAC,IAAI,CACR,GAAW,EACX,IAAa,EACb,OAAiE;QAEjE,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS;YACjC,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,OAAO,CAAC,SAAS,CAAC;YACzD,CAAC,CAAC,SAAS,CAAC;QAEd,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;gBAChC,MAAM,EAAE,MAAM;gBACd,OAAO,EAAE;oBACP,cAAc,EAAE,kBAAkB;oBAClC,GAAG,OAAO,CAAC,OAAO;iBACnB;gBACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBAC1B,MAAM,EAAE,UAAU,CAAC,MAAM;aAC1B,CAAC,CAAC;YAEH,IAAI,YAAqB,CAAC;YAC1B,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;YACzD,IAAI,WAAW,IAAI,WAAW,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC5D,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACvC,CAAC;iBAAM,CAAC;gBACN,YAAY,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;YACvC,CAAC;YAED,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,IAAI,EAAE,YAAY;aACnB,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,IAAI,SAAS,EAAE,CAAC;gBACd,YAAY,CAAC,SAAS,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;IACH,CAAC;CACF;AAED;;GAEG;AACH,MAAM,OAAO,4BAA4B;IAC/B,MAAM,CAAkB;IACxB,UAAU,CAAa;IACvB,KAAK,CAAgB;IACrB,mBAAmB,CAAU;IAErC,YAAY,MAAmC;QAC7C,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC,aAAa,CAAC;QACnC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,UAAU,IAAI,IAAI,eAAe,EAAE,CAAC;QAC7D,IAAI,CAAC,KAAK,GAAG,MAAM,CAAC,KAAK,IAAI,uBAAuB,EAAE,CAAC;QACvD,IAAI,CAAC,mBAAmB,GAAG,MAAM,CAAC,mBAAmB,CAAC;IACxD,CAAC;IAED;;OAEG;IACH,SAAS;QACP,OAAO,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC;IAClD,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,eAAe,CAAC,OAA+B;QACnD,mBAAmB;QACnB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,EAAE,CAAC;YACtB,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,0DAA0D;gBACjE,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,6CAA6C;QAC7C,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB;YAC1C,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;YACtD,CAAC,CAAC,OAAO,CAAC,WAAW,CAAC;QAExB,4BAA4B;QAC5B,MAAM,OAAO,GAA2B;YACtC,GAAG,OAAO;YACV,WAAW;SACZ,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,IAAI,CACzC,IAAI,CAAC,MAAM,CAAC,GAAI,EAChB,OAAO,EACP;gBACE,OAAO,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE;gBAClC,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,GAAG,IAAI;aACtC,CACF,CAAC;YAEF,OAAO,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;QACvC,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,EAAU,EAAE,QAAiC;QAC1D,cAAc;QACd,IAAI,CAAC,EAAE,IAAI,OAAO,EAAE,KAAK,QAAQ,IAAI,EAAE,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC;YACtD,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,yCAAyC;aACnD,CAAC;QACJ,CAAC;QAED,MAAM,SAAS,GAAG,EAAE,CAAC,IAAI,EAAE,CAAC;QAE5B,iBAAiB;QACjB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QAEzC,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,oDAAoD,SAAS,GAAG;aAC1E,CAAC;QACJ,CAAC;QAED,mBAAmB;QACnB,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,mCAAmC,SAAS,eAAe;gBACpE,MAAM;aACP,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,MAAM,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAChC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,oBAAoB,MAAM,CAAC,MAAM,mBAAmB,SAAS,iBAAiB,MAAM,CAAC,MAAM,EAAE;gBACtG,MAAM;aACP,CAAC;QACJ,CAAC;QAED,uBAAuB;QACvB,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,UAAU,IAAI,SAAS,CAAC,CAAC;YAChF,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,yCAAyC,SAAS,GAAG;oBAC9D,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC;iBAClC,CAAC;YACJ,CAAC;YAED,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACjD,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI,CAAC,qBAAqB,CAAC,cAAe,EAAE,QAAQ,CAAC;gBAC9D,MAAM,EAAE,cAAc;aACvB,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,OAAO,EAAE,mCAAmC,SAAS,GAAG;oBACxD,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC;iBAClC,CAAC;YACJ,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YAC/C,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,OAAO,EAAE,IAAI,CAAC,mBAAmB,CAAC,YAAa,EAAE,QAAQ,CAAC;gBAC1D,MAAM,EAAE,YAAY;aACrB,CAAC;QACJ,CAAC;IACH,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,QAAsB;QAC3C,uCAAuC;QACvC,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,kBAAkB,EAAE,IAAI;aACzB,CAAC;QACJ,CAAC;QAED,uBAAuB;QACvB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YAE3B,2BAA2B;YAC3B,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,yDAAyD;oBAChE,kBAAkB,EAAE,KAAK;iBAC1B,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,QAAQ,EAAE,IAA+B;gBACzC,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,IAAI,QAAQ,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACpD,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC7D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,iBAAiB,QAAQ,CAAC,MAAM,MAAM,YAAY,EAAE;gBAC3D,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,6BAA6B;QAC7B,IAAI,QAAQ,CAAC,MAAM,IAAI,GAAG,EAAE,CAAC;YAC3B,MAAM,YAAY,GAAG,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC7D,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,iBAAiB,QAAQ,CAAC,MAAM,MAAM,YAAY,EAAE;gBAC3D,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,4BAA4B;QAC5B,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,2BAA2B,QAAQ,CAAC,MAAM,EAAE;YACnD,kBAAkB,EAAE,KAAK;SAC1B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,KAAc;QAChC,8BAA8B;QAC9B,IAAI,KAAK,YAAY,KAAK,EAAE,CAAC;YAC3B,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;gBAChC,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,mDAAmD,IAAI,CAAC,MAAM,CAAC,OAAO,UAAU;oBACvF,kBAAkB,EAAE,KAAK;iBAC1B,CAAC;YACJ,CAAC;YAED,wBAAwB;YACxB,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBACzE,OAAO;oBACL,OAAO,EAAE,KAAK;oBACd,KAAK,EAAE,kBAAkB,KAAK,CAAC,OAAO,EAAE;oBACxC,kBAAkB,EAAE,KAAK;iBAC1B,CAAC;YACJ,CAAC;YAED,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,mBAAmB,KAAK,CAAC,OAAO,EAAE;gBACzC,kBAAkB,EAAE,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,qDAAqD;YAC5D,kBAAkB,EAAE,KAAK;SAC1B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,IAAa;QAC3C,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YACtC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,QAAQ,GAAG,IAA+B,CAAC;QACjD,OAAO,OAAO,QAAQ,CAAC,QAAQ,KAAK,SAAS,CAAC;IAChD,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,IAAa;QACvC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,OAAO,2BAA2B,CAAC;QACrC,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;YAC7B,MAAM,GAAG,GAAG,IAA+B,CAAC;YAC5C,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAClC,OAAO,GAAG,CAAC,KAAK,CAAC;YACnB,CAAC;YACD,IAAI,OAAO,GAAG,CAAC,OAAO,KAAK,QAAQ,EAAE,CAAC;gBACpC,OAAO,GAAG,CAAC,OAAO,CAAC;YACrB,CAAC;QACH,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,MAA6B,EAAE,QAAiC;QAC5F,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC1C,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC;QACrF,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAE9D,OAAO,WAAW,QAAQ,4BAA4B,QAAQ,sBAAsB,MAAM,EAAE,CAAC;IAC/F,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,MAA6B,EAAE,QAAiC;QAC1F,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC1C,MAAM,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,cAAc,CAAC;QACnF,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAE9D,OAAO,SAAS,MAAM,4BAA4B,QAAQ,oBAAoB,MAAM,EAAE,CAAC;IACzF,CAAC;CACF;AAED;;GAEG;AACH,MAAM,UAAU,2BAA2B,CACzC,MAAmC;IAEnC,OAAO,IAAI,4BAA4B,CAAC,MAAM,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,MAAM,sBAAsB,GAAoB;IAC9C,OAAO,EAAE,KAAK;IACd,GAAG,EAAE,SAAS;IACd,OAAO,EAAE,EAAE;IACX,OAAO,EAAE,EAAE;CACZ,CAAC;AAEF;;GAEG;AACH,IAAI,aAAa,GAAwC,IAAI,CAAC;AAE9D;;GAEG;AACH,MAAM,UAAU,+BAA+B;IAC7C,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,aAAa,GAAG,2BAA2B,CAAC;YAC1C,aAAa,EAAE,sBAAsB;SACtC,CAAC,CAAC;IACL,CAAC;IACD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qCAAqC,CACnD,MAAmC;IAEnC,aAAa,GAAG,2BAA2B,CAAC,MAAM,CAAC,CAAC;IACpD,OAAO,aAAa,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iCAAiC;IAC/C,aAAa,GAAG,IAAI,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAClC,MAA6B,EAC7B,WAAoB;IAEpB,OAAO;QACL,EAAE,EAAE,MAAM,CAAC,EAAE;QACb,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,QAAQ,EAAE;YACR,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;YAC9B,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,SAAS;SACjC;QACD,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,WAAW;KACZ,CAAC;AACJ,CAAC"}

package/dist/src/cli/commands/audit.d.ts

@@ -0,0 +1,43 @@
+/**
+ * Audit Command
+ * View and manage the audit log of detections
+ */
+import type { ThreatCategory } from '../../engine/index.js';
+import type { Severity } from '../../config/index.js';
+import type { AuditEntry, AuditOptions, AuditResult } from './types.js';
+/**
+ * Add an entry to the audit log
+ *
+ * @param entry - The audit entry to add
+ */
+export declare function addAuditEntry(entry: Omit<AuditEntry, 'timestamp'>): void;
+/**
+ * Clear all audit log entries
+ * Primarily used for testing
+ */
+export declare function clearAuditLog(): void;
+/**
+ * Get the raw audit log (for testing)
+ */
+export declare function getAuditLog(): ReadonlyArray<AuditEntry>;
+/**
+ * Execute the audit command
+ *
+ * @param options - Audit options for filtering and limiting results
+ * @returns Audit result with filtered entries
+ */
+export declare function auditCommand(options?: AuditOptions): Promise<AuditResult>;
+/**
+ * Format audit result for console output
+ *
+ * @param result - Audit result to format
+ * @param options - The options used for the query
+ * @returns Formatted string for display
+ */
+export declare function formatAuditResult(result: AuditResult, options?: AuditOptions): string;
+/**
+ * Helper function to create an audit entry from detection data
+ * This is used by the action handlers to log detections
+ */
+export declare function createAuditEntry(toolName: string, category: ThreatCategory, severity: Severity, action: string, reason: string, metadata?: Record<string, unknown>): void;
+//# sourceMappingURL=audit.d.ts.map

package/dist/src/cli/commands/audit.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../../../src/cli/commands/audit.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAC5D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACtD,OAAO,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAQxE;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,UAAU,EAAE,WAAW,CAAC,GAAG,IAAI,CAKxE;AAED;;;GAGG;AACH,wBAAgB,aAAa,IAAI,IAAI,CAEpC;AAED;;GAEG;AACH,wBAAgB,WAAW,IAAI,aAAa,CAAC,UAAU,CAAC,CAEvD;AAED;;;;;GAKG;AACH,wBAAsB,YAAY,CAAC,OAAO,GAAE,YAAiB,GAAG,OAAO,CAAC,WAAW,CAAC,CAmBnF;AAuBD;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,WAAW,EAAE,OAAO,GAAE,YAAiB,GAAG,MAAM,CAuBzF;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,cAAc,EACxB,QAAQ,EAAE,QAAQ,EAClB,MAAM,EAAE,MAAM,EACd,MAAM,EAAE,MAAM,EACd,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACjC,IAAI,CASN"}