codeant-cli 0.1.1 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (10) hide show
  1. package/README.md +45 -0
  2. package/package.json +1 -1
  3. package/src/commands/securityAnalysis.js +284 -0
  4. package/src/commands/staticAnalysis.js +405 -0
  5. package/src/components/Welcome.js +143 -0
  6. package/src/index.js +92 -25
  7. package/src/utils/commonApiHelper.js +84 -0
  8. package/src/utils/secretsApiHelper.js +15 -73
  9. package/src/utils/securityAnalysisApiHelper.js +118 -0
  10. package/src/utils/staticAnalysisApiHelper.js +118 -0
package/src/utils/commonApiHelper.js ADDED
@@ -0,0 +1,84 @@
1
+ import GitDiffHelper from './gitDiffHelper.js';
2
+
3
+ /**
4
+ * Common base class for API helpers that transform git diff data
5
+ * Contains shared functionality for filtering and retrieving files
6
+ */
7
+ class CommonApiHelper {
8
+ constructor(workspacePath) {
9
+ this.workspacePath = workspacePath;
10
+ this.gitHelper = new GitDiffHelper(workspacePath);
11
+ }
12
+
13
+ async init() {
14
+ await this.gitHelper.init();
15
+ }
16
+
17
+ /**
18
+ * Get staged files formatted for the API
19
+ * This is used for pre-commit hooks
20
+ */
21
+ async getStagedFilesForApi() {
22
+ const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'staged-only' });
23
+ return this._transformDiffsToApiFormat(diffs);
24
+ }
25
+
26
+ /**
27
+ * Get all changed files formatted for the API
28
+ */
29
+ async getChangedFilesForApi() {
30
+ const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'branch-diff' });
31
+ return this._transformDiffsToApiFormat(diffs);
32
+ }
33
+
34
+ /**
35
+ * Get uncommitted files formatted for the API
36
+ */
37
+ async getUncommittedFilesForApi() {
38
+ const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'uncommitted' });
39
+ return this._transformDiffsToApiFormat(diffs);
40
+ }
41
+
42
+ /**
43
+ * Get last commit files formatted for the API
44
+ */
45
+ async getLastCommitFilesForApi() {
46
+ const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'last-commit' });
47
+ return this._transformDiffsToApiFormat(diffs);
48
+ }
49
+
50
+ /**
51
+ * Transform diff info array to API format
52
+ * Must be implemented by subclasses
53
+ */
54
+ _transformDiffsToApiFormat(diffs) {
55
+ throw new Error('_transformDiffsToApiFormat must be implemented by subclass');
56
+ }
57
+
58
+
59
+ /**
60
+ * Get files based on scan type
61
+ * Returns the raw array - child classes handle filtering and wrapping
62
+ * @param {string} type - Type of scan (staged-only, branch-diff, etc.)
63
+ */
64
+ async getFilesForType(type = 'staged-only') {
65
+ switch (type) {
66
+ case 'staged-only':
67
+ return await this.getStagedFilesForApi();
68
+ case 'branch-diff':
69
+ return await this.getChangedFilesForApi();
70
+ case 'uncommitted':
71
+ return await this.getUncommittedFilesForApi();
72
+ case 'last-commit':
73
+ return await this.getLastCommitFilesForApi();
74
+ default:
75
+ return await this.getStagedFilesForApi();
76
+ }
77
+ }
78
+
79
+ getGitRoot() {
80
+ return this.gitHelper.getGitRoot();
81
+ }
82
+ }
83
+
84
+ export default CommonApiHelper;
package/src/utils/secretsApiHelper.js CHANGED
@@ -1,4 +1,4 @@
1
- import GitDiffHelper from './gitDiffHelper.js';
1
+ import CommonApiHelper from './commonApiHelper.js';
2
2
  import { minimatch } from 'minimatch';
3
3
 
4
4
  /**
@@ -15,49 +15,7 @@ import { minimatch } from 'minimatch';
15
15
  * ]
16
16
  * }
17
17
  */
18
- class SecretsApiHelper {
19
- constructor(workspacePath) {
20
- this.workspacePath = workspacePath;
21
- this.gitHelper = new GitDiffHelper(workspacePath);
22
- }
23
-
24
- async init() {
25
- await this.gitHelper.init();
26
- }
27
-
28
- /**
29
- * Get staged files formatted for the secrets API
30
- * This is used for pre-commit hooks
31
- */
32
- async getStagedFilesForApi() {
33
- const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'staged-only' });
34
- return this._transformDiffsToApiFormat(diffs);
35
- }
36
-
37
- /**
38
- * Get all changed files formatted for the secrets API
39
- */
40
- async getChangedFilesForApi() {
41
- const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'branch-diff' });
42
- return this._transformDiffsToApiFormat(diffs);
43
- }
44
-
45
- /**
46
- * Get uncommitted files formatted for the secrets API
47
- */
48
- async getUncommittedFilesForApi() {
49
- const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'uncommitted' });
50
- return this._transformDiffsToApiFormat(diffs);
51
- }
52
-
53
- /**
54
- * Get last commit files formatted for the secrets API
55
- */
56
- async getLastCommitFilesForApi() {
57
- const diffs = await this.gitHelper.getDiffBasedOnReviewConfig({ type: 'last-commit' });
58
- return this._transformDiffsToApiFormat(diffs);
59
- }
60
-
18
+ class SecretsApiHelper extends CommonApiHelper {
61
19
  /**
62
20
  * Transform diff info array to API format
63
21
  * Groups by file and extracts diff ranges
@@ -69,6 +27,11 @@ class SecretsApiHelper {
69
27
  for (const diff of diffs) {
70
28
  const filePath = diff.filename_str;
71
29
 
30
+ // Skip diffs with missing or invalid filename
31
+ if (!filePath) {
32
+ continue;
33
+ }
34
+
72
35
  if (!fileMap.has(filePath)) {
73
36
  fileMap.set(filePath, {
74
37
  file_path: filePath,
@@ -96,24 +59,21 @@ class SecretsApiHelper {
96
59
 
97
60
  /**
98
61
  * Filter files based on include and exclude glob patterns
99
- * @param {Array} files - Array of file objects with file_path property
62
+ * @param {Array} files - Array of file objects with 'file_path' property
100
63
  * @param {Array} includePatterns - Array of glob pattern strings to include
101
64
  * @param {Array} excludePatterns - Array of glob pattern strings to exclude
102
- * @returns {Array} Filtered array of files
103
65
  */
104
66
  _filterFiles(files, includePatterns = [], excludePatterns = []) {
105
- return files.filter(file => {
106
- const filePath = file.file_path;
67
+ return files.filter(fileObj => {
68
+ const filePath = fileObj.file_path;
107
69
 
108
70
  // If include patterns are specified, file must match at least one
109
71
  if (includePatterns.length > 0) {
110
72
  const matchesInclude = includePatterns.some(pattern => {
111
73
  try {
112
- // If pattern is a RegExp, test it directly against the file path.
113
74
  if (pattern instanceof RegExp) {
114
75
  return pattern.test(filePath);
115
76
  }
116
- // Use matchBase option to match basename patterns like '*.js' for glob strings
117
77
  return minimatch(filePath, pattern, { matchBase: true });
118
78
  } catch (e) {
119
79
  console.warn(`Invalid include pattern: ${pattern}`, e.message);
@@ -130,11 +90,9 @@ class SecretsApiHelper {
130
90
  if (excludePatterns.length > 0) {
131
91
  const matchesExclude = excludePatterns.some(pattern => {
132
92
  try {
133
- // If pattern is a RegExp, test it directly against the file path.
134
93
  if (pattern instanceof RegExp) {
135
94
  return pattern.test(filePath);
136
95
  }
137
- // Use matchBase option to match basename patterns like '*.js' for glob strings
138
96
  return minimatch(filePath, pattern, { matchBase: true });
139
97
  } catch (e) {
140
98
  console.warn(`Invalid exclude pattern: ${pattern}`, e.message);
@@ -158,23 +116,11 @@ class SecretsApiHelper {
158
116
  * @param {Array} excludePatterns - Optional array of glob patterns to exclude files
159
117
  */
160
118
  async buildSecretsApiRequest(type = 'staged-only', includePatterns = [], excludePatterns = []) {
161
- let files;
162
-
163
- switch (type) {
164
- case 'staged-only':
165
- files = await this.getStagedFilesForApi();
166
- break;
167
- case 'branch-diff':
168
- files = await this.getChangedFilesForApi();
169
- break;
170
- case 'uncommitted':
171
- files = await this.getUncommittedFilesForApi();
172
- break;
173
- case 'last-commit':
174
- files = await this.getLastCommitFilesForApi();
175
- break;
176
- default:
177
- files = await this.getStagedFilesForApi();
119
+ let files = await this.getFilesForType(type);
120
+
121
+ // Handle null/undefined return
122
+ if (!files || !Array.isArray(files)) {
123
+ files = [];
178
124
  }
179
125
 
180
126
  // Apply include/exclude filters
@@ -182,10 +128,6 @@ class SecretsApiHelper {
182
128
 
183
129
  return { files };
184
130
  }
185
-
186
- getGitRoot() {
187
- return this.gitHelper.getGitRoot();
188
- }
189
131
  }
190
132
 
191
133
  export default SecretsApiHelper;
package/src/utils/securityAnalysisApiHelper.js ADDED
@@ -0,0 +1,118 @@
1
+ import CommonApiHelper from './commonApiHelper.js';
2
+ import { minimatch } from 'minimatch';
3
+
4
+ /**
5
+ * Transforms git diff data into the format expected by the static analysis API
6
+ *
7
+ * API Input Format:
8
+ * {
9
+ * "filesData": [
10
+ * {
11
+ * "file": str,
12
+ * "code": str
13
+ * }
14
+ * ]
15
+ * }
16
+ */
17
+ class SecurityAnalysisApiHelper extends CommonApiHelper {
18
+ /**
19
+ * Transform diff info array to API format
20
+ * Groups by file (without diff ranges for static analysis)
21
+ */
22
+ _transformDiffsToApiFormat(diffs) {
23
+ // Group diffs by filename
24
+ const fileMap = new Map();
25
+
26
+ for (const diff of diffs) {
27
+ const filePath = diff.filename_str;
28
+
29
+ // Skip diffs with missing or invalid filename
30
+ if (!filePath) {
31
+ continue;
32
+ }
33
+
34
+ if (!fileMap.has(filePath)) {
35
+ fileMap.set(filePath, {
36
+ file_path: filePath,
37
+ code: diff.head_file_str || ''
38
+ });
39
+ }
40
+ }
41
+
42
+ return Array.from(fileMap.values());
43
+ }
44
+
45
+ /**
46
+ * Filter files based on include and exclude glob patterns
47
+ * @param {Array} files - Array of file objects with 'file' property
48
+ * @param {Array} includePatterns - Array of glob pattern strings to include
49
+ * @param {Array} excludePatterns - Array of glob pattern strings to exclude
50
+ */
51
+ _filterFiles(files, includePatterns = [], excludePatterns = []) {
52
+ return files.filter(fileObj => {
53
+ const filePath = fileObj.file;
54
+
55
+ // If include patterns are specified, file must match at least one
56
+ if (includePatterns.length > 0) {
57
+ const matchesInclude = includePatterns.some(pattern => {
58
+ try {
59
+ if (pattern instanceof RegExp) {
60
+ return pattern.test(filePath);
61
+ }
62
+ return minimatch(filePath, pattern, { matchBase: true });
63
+ } catch (e) {
64
+ console.warn(`Invalid include pattern: ${pattern}`, e.message);
65
+ return false;
66
+ }
67
+ });
68
+
69
+ if (!matchesInclude) {
70
+ return false;
71
+ }
72
+ }
73
+
74
+ // If exclude patterns are specified, file must not match any
75
+ if (excludePatterns.length > 0) {
76
+ const matchesExclude = excludePatterns.some(pattern => {
77
+ try {
78
+ if (pattern instanceof RegExp) {
79
+ return pattern.test(filePath);
80
+ }
81
+ return minimatch(filePath, pattern, { matchBase: true });
82
+ } catch (e) {
83
+ console.warn(`Invalid exclude pattern: ${pattern}`, e.message);
84
+ return false;
85
+ }
86
+ });
87
+
88
+ if (matchesExclude) {
89
+ return false;
90
+ }
91
+ }
92
+
93
+ return true;
94
+ });
95
+ }
96
+
97
+ /**
98
+ * Build the complete request body for the static analysis API
99
+ * @param {string} type - Type of scan (staged-only, branch-diff, etc.)
100
+ * @param {Array} includePatterns - Optional array of glob patterns to include files
101
+ * @param {Array} excludePatterns - Optional array of glob patterns to exclude files
102
+ */
103
+ async buildSecurityAnalysisApiRequest(type = 'staged-only', includePatterns = [], excludePatterns = []) {
104
+ let files = await this.getFilesForType(type);
105
+
106
+ // Handle null/undefined return
107
+ if (!files || !Array.isArray(files)) {
108
+ files = [];
109
+ }
110
+
111
+ // Apply include/exclude filters
112
+ files = this._filterFiles(files, includePatterns, excludePatterns);
113
+
114
+ return { files };
115
+ }
116
+ }
117
+
118
+ export default SecurityAnalysisApiHelper;
package/src/utils/staticAnalysisApiHelper.js ADDED
@@ -0,0 +1,118 @@
1
+ import CommonApiHelper from './commonApiHelper.js';
2
+ import { minimatch } from 'minimatch';
3
+
4
+ /**
5
+ * Transforms git diff data into the format expected by the static analysis API
6
+ *
7
+ * API Input Format:
8
+ * {
9
+ * "filesData": [
10
+ * {
11
+ * "file": str,
12
+ * "code": str
13
+ * }
14
+ * ]
15
+ * }
16
+ */
17
+ class StaticAnalysisApiHelper extends CommonApiHelper {
18
+ /**
19
+ * Transform diff info array to API format
20
+ * Groups by file (without diff ranges for static analysis)
21
+ */
22
+ _transformDiffsToApiFormat(diffs) {
23
+ // Group diffs by filename
24
+ const fileMap = new Map();
25
+
26
+ for (const diff of diffs) {
27
+ const filePath = diff.filename_str;
28
+
29
+ // Skip diffs with missing or invalid filename
30
+ if (!filePath) {
31
+ continue;
32
+ }
33
+
34
+ if (!fileMap.has(filePath)) {
35
+ fileMap.set(filePath, {
36
+ file: filePath,
37
+ code: diff.head_file_str || ''
38
+ });
39
+ }
40
+ }
41
+
42
+ return Array.from(fileMap.values());
43
+ }
44
+
45
+ /**
46
+ * Filter files based on include and exclude glob patterns
47
+ * @param {Array} files - Array of file objects with 'file' property
48
+ * @param {Array} includePatterns - Array of glob pattern strings to include
49
+ * @param {Array} excludePatterns - Array of glob pattern strings to exclude
50
+ */
51
+ _filterFiles(files, includePatterns = [], excludePatterns = []) {
52
+ return files.filter(fileObj => {
53
+ const filePath = fileObj.file;
54
+
55
+ // If include patterns are specified, file must match at least one
56
+ if (includePatterns.length > 0) {
57
+ const matchesInclude = includePatterns.some(pattern => {
58
+ try {
59
+ if (pattern instanceof RegExp) {
60
+ return pattern.test(filePath);
61
+ }
62
+ return minimatch(filePath, pattern, { matchBase: true });
63
+ } catch (e) {
64
+ console.warn(`Invalid include pattern: ${pattern}`, e.message);
65
+ return false;
66
+ }
67
+ });
68
+
69
+ if (!matchesInclude) {
70
+ return false;
71
+ }
72
+ }
73
+
74
+ // If exclude patterns are specified, file must not match any
75
+ if (excludePatterns.length > 0) {
76
+ const matchesExclude = excludePatterns.some(pattern => {
77
+ try {
78
+ if (pattern instanceof RegExp) {
79
+ return pattern.test(filePath);
80
+ }
81
+ return minimatch(filePath, pattern, { matchBase: true });
82
+ } catch (e) {
83
+ console.warn(`Invalid exclude pattern: ${pattern}`, e.message);
84
+ return false;
85
+ }
86
+ });
87
+
88
+ if (matchesExclude) {
89
+ return false;
90
+ }
91
+ }
92
+
93
+ return true;
94
+ });
95
+ }
96
+
97
+ /**
98
+ * Build the complete request body for the static analysis API
99
+ * @param {string} type - Type of scan (staged-only, branch-diff, etc.)
100
+ * @param {Array} includePatterns - Optional array of glob patterns to include files
101
+ * @param {Array} excludePatterns - Optional array of glob patterns to exclude files
102
+ */
103
+ async buildStaticAnalysisApiRequest(type = 'staged-only', includePatterns = [], excludePatterns = []) {
104
+ let files = await this.getFilesForType(type);
105
+
106
+ // Handle null/undefined return
107
+ if (!files || !Array.isArray(files)) {
108
+ files = [];
109
+ }
110
+
111
+ // Apply include/exclude filters
112
+ files = this._filterFiles(files, includePatterns, excludePatterns);
113
+
114
+ return { filesData: files };
115
+ }
116
+ }
117
+
118
+ export default StaticAnalysisApiHelper;