codeslick-cli 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +458 -0
- package/__tests__/cli-reporter.test.ts +86 -0
- package/__tests__/config-loader.test.ts +247 -0
- package/__tests__/local-scanner.test.ts +245 -0
- package/bin/codeslick.cjs +153 -0
- package/dist/packages/cli/src/commands/auth.d.ts +36 -0
- package/dist/packages/cli/src/commands/auth.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/auth.js +226 -0
- package/dist/packages/cli/src/commands/auth.js.map +1 -0
- package/dist/packages/cli/src/commands/config.d.ts +37 -0
- package/dist/packages/cli/src/commands/config.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/config.js +196 -0
- package/dist/packages/cli/src/commands/config.js.map +1 -0
- package/dist/packages/cli/src/commands/init.d.ts +32 -0
- package/dist/packages/cli/src/commands/init.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/init.js +171 -0
- package/dist/packages/cli/src/commands/init.js.map +1 -0
- package/dist/packages/cli/src/commands/scan.d.ts +40 -0
- package/dist/packages/cli/src/commands/scan.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/scan.js +204 -0
- package/dist/packages/cli/src/commands/scan.js.map +1 -0
- package/dist/packages/cli/src/config/config-loader.d.ts +67 -0
- package/dist/packages/cli/src/config/config-loader.d.ts.map +1 -0
- package/dist/packages/cli/src/config/config-loader.js +146 -0
- package/dist/packages/cli/src/config/config-loader.js.map +1 -0
- package/dist/packages/cli/src/reporters/cli-reporter.d.ts +69 -0
- package/dist/packages/cli/src/reporters/cli-reporter.d.ts.map +1 -0
- package/dist/packages/cli/src/reporters/cli-reporter.js +244 -0
- package/dist/packages/cli/src/reporters/cli-reporter.js.map +1 -0
- package/dist/packages/cli/src/scanner/local-scanner.d.ts +92 -0
- package/dist/packages/cli/src/scanner/local-scanner.d.ts.map +1 -0
- package/dist/packages/cli/src/scanner/local-scanner.js +221 -0
- package/dist/packages/cli/src/scanner/local-scanner.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts +88 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js +371 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts +63 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.js +95 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts +59 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.js +231 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.js +129 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js +221 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.js +84 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js +161 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js +163 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts +24 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js +178 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.js +179 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts +17 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.js +67 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.js +396 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js +123 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts +23 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js +201 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.js +121 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.js +89 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js +309 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js +114 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/java-analyzer.d.ts +209 -0
- package/dist/src/lib/analyzers/java-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java-analyzer.js +1720 -0
- package/dist/src/lib/analyzers/java-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js +123 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts +44 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js +224 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts +50 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js +284 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js +86 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts +32 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js +44 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts +22 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.js +168 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js +232 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js +222 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js +176 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js +113 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js +227 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts +32 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js +260 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts +26 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js +164 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js +775 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts +25 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js +168 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js +108 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js +143 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts +53 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js +144 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts +72 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js +314 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts +36 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js +70 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts +29 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js +55 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/javascript-analyzer.d.ts +95 -0
- package/dist/src/lib/analyzers/javascript-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript-analyzer.js +2141 -0
- package/dist/src/lib/analyzers/javascript-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts +21 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.js +305 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js +242 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js +207 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts +27 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.js +206 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js +113 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js +129 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts +19 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.js +90 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.js +68 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts +25 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.js +180 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js +127 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.js +120 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.js +143 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts +28 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js +174 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.js +160 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.js +121 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js +248 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js +375 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js +160 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.js +117 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/python-analyzer.d.ts +111 -0
- package/dist/src/lib/analyzers/python-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python-analyzer.js +1600 -0
- package/dist/src/lib/analyzers/python-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts +14 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js +47 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts +13 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js +36 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts +12 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js +45 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts +14 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js +47 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts +13 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js +36 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.js +32 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts +16 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.js +79 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.js +58 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts +88 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.js +162 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts +56 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.js +199 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts +56 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js +102 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.d.ts +38 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.js +125 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts +46 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.js +92 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/react-security.d.ts +49 -0
- package/dist/src/lib/analyzers/security-checks/react-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/react-security.js +125 -0
- package/dist/src/lib/analyzers/security-checks/react-security.js.map +1 -0
- package/dist/src/lib/analyzers/types.d.ts +92 -0
- package/dist/src/lib/analyzers/types.d.ts.map +1 -0
- package/dist/src/lib/analyzers/types.js +3 -0
- package/dist/src/lib/analyzers/types.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.js +210 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js +242 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts +28 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.js +357 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts +26 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js +380 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js +109 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts +21 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js +153 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js +146 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js +187 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js +97 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts +29 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js +319 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts +21 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js +121 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts +27 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js +213 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.js +59 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/type-checker.d.ts +17 -0
- package/dist/src/lib/analyzers/typescript/type-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/type-checker.js +515 -0
- package/dist/src/lib/analyzers/typescript/type-checker.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/typescript-analyzer.d.ts +116 -0
- package/dist/src/lib/analyzers/typescript-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript-analyzer.js +1660 -0
- package/dist/src/lib/analyzers/typescript-analyzer.js.map +1 -0
- package/dist/src/lib/security/compliance-mapping.d.ts +29 -0
- package/dist/src/lib/security/compliance-mapping.d.ts.map +1 -0
- package/dist/src/lib/security/compliance-mapping.js +1342 -0
- package/dist/src/lib/security/compliance-mapping.js.map +1 -0
- package/dist/src/lib/security/severity-scoring.d.ts +47 -0
- package/dist/src/lib/security/severity-scoring.d.ts.map +1 -0
- package/dist/src/lib/security/severity-scoring.js +965 -0
- package/dist/src/lib/security/severity-scoring.js.map +1 -0
- package/dist/src/lib/standards/references.d.ts +16 -0
- package/dist/src/lib/standards/references.d.ts.map +1 -0
- package/dist/src/lib/standards/references.js +1161 -0
- package/dist/src/lib/standards/references.js.map +1 -0
- package/dist/src/lib/types/index.d.ts +167 -0
- package/dist/src/lib/types/index.d.ts.map +1 -0
- package/dist/src/lib/types/index.js +3 -0
- package/dist/src/lib/types/index.js.map +1 -0
- package/dist/src/lib/utils/code-cleaner.d.ts +59 -0
- package/dist/src/lib/utils/code-cleaner.d.ts.map +1 -0
- package/dist/src/lib/utils/code-cleaner.js +283 -0
- package/dist/src/lib/utils/code-cleaner.js.map +1 -0
- package/package.json +51 -0
- package/src/commands/auth.ts +308 -0
- package/src/commands/config.ts +226 -0
- package/src/commands/init.ts +202 -0
- package/src/commands/scan.ts +238 -0
- package/src/config/config-loader.ts +175 -0
- package/src/reporters/cli-reporter.ts +282 -0
- package/src/scanner/local-scanner.ts +250 -0
- package/tsconfig.json +24 -0
- package/tsconfig.tsbuildinfo +1 -0
|
@@ -0,0 +1,247 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Configuration Loader Tests
|
|
3
|
+
*
|
|
4
|
+
* Tests for loading, saving, and updating .codeslick.json configuration.
|
|
5
|
+
*
|
|
6
|
+
* Coverage:
|
|
7
|
+
* - Default configuration
|
|
8
|
+
* - Loading configuration from file
|
|
9
|
+
* - Saving configuration to file
|
|
10
|
+
* - Updating specific configuration values
|
|
11
|
+
* - Validation of configuration values
|
|
12
|
+
* - Error handling for invalid JSON
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
|
|
16
|
+
import { mkdtempSync, rmSync } from 'fs';
|
|
17
|
+
import { join } from 'path';
|
|
18
|
+
import { tmpdir } from 'os';
|
|
19
|
+
import {
|
|
20
|
+
loadConfig,
|
|
21
|
+
saveConfig,
|
|
22
|
+
updateConfig,
|
|
23
|
+
configExists,
|
|
24
|
+
getConfigPath,
|
|
25
|
+
DEFAULT_CONFIG,
|
|
26
|
+
type CodeSlickConfig,
|
|
27
|
+
} from '../src/config/config-loader';
|
|
28
|
+
|
|
29
|
+
describe('Configuration Loader', () => {
|
|
30
|
+
let tempDir: string;
|
|
31
|
+
|
|
32
|
+
beforeEach(() => {
|
|
33
|
+
// Create temporary directory for each test
|
|
34
|
+
tempDir = mkdtempSync(join(tmpdir(), 'codeslick-test-'));
|
|
35
|
+
});
|
|
36
|
+
|
|
37
|
+
afterEach(() => {
|
|
38
|
+
// Clean up temporary directory
|
|
39
|
+
if (tempDir) {
|
|
40
|
+
rmSync(tempDir, { recursive: true, force: true });
|
|
41
|
+
}
|
|
42
|
+
});
|
|
43
|
+
|
|
44
|
+
describe('Configuration Path', () => {
|
|
45
|
+
it('should return correct config path', () => {
|
|
46
|
+
const path = getConfigPath(tempDir);
|
|
47
|
+
expect(path).toBe(join(tempDir, '.codeslick.json'));
|
|
48
|
+
});
|
|
49
|
+
|
|
50
|
+
it('should use process.cwd() by default', () => {
|
|
51
|
+
const path = getConfigPath();
|
|
52
|
+
expect(path).toContain('.codeslick.json');
|
|
53
|
+
});
|
|
54
|
+
});
|
|
55
|
+
|
|
56
|
+
describe('Configuration Existence Check', () => {
|
|
57
|
+
it('should return false when config does not exist', () => {
|
|
58
|
+
expect(configExists(tempDir)).toBe(false);
|
|
59
|
+
});
|
|
60
|
+
|
|
61
|
+
it('should return true when config exists', async () => {
|
|
62
|
+
await saveConfig(DEFAULT_CONFIG, tempDir);
|
|
63
|
+
expect(configExists(tempDir)).toBe(true);
|
|
64
|
+
});
|
|
65
|
+
});
|
|
66
|
+
|
|
67
|
+
describe('Load Configuration', () => {
|
|
68
|
+
it('should return default config when file does not exist', async () => {
|
|
69
|
+
const config = await loadConfig(tempDir);
|
|
70
|
+
expect(config).toEqual(DEFAULT_CONFIG);
|
|
71
|
+
});
|
|
72
|
+
|
|
73
|
+
it('should load config from file', async () => {
|
|
74
|
+
const customConfig: CodeSlickConfig = {
|
|
75
|
+
...DEFAULT_CONFIG,
|
|
76
|
+
severity: 'high',
|
|
77
|
+
autofix: true,
|
|
78
|
+
};
|
|
79
|
+
|
|
80
|
+
await saveConfig(customConfig, tempDir);
|
|
81
|
+
const loaded = await loadConfig(tempDir);
|
|
82
|
+
|
|
83
|
+
expect(loaded.severity).toBe('high');
|
|
84
|
+
expect(loaded.autofix).toBe(true);
|
|
85
|
+
});
|
|
86
|
+
|
|
87
|
+
it('should merge with defaults for missing fields', async () => {
|
|
88
|
+
// Create partial config (missing some fields)
|
|
89
|
+
const partialConfig = {
|
|
90
|
+
version: '1.0',
|
|
91
|
+
severity: 'high',
|
|
92
|
+
};
|
|
93
|
+
|
|
94
|
+
// Write partial config directly
|
|
95
|
+
const configPath = getConfigPath(tempDir);
|
|
96
|
+
const fs = await import('fs/promises');
|
|
97
|
+
await fs.writeFile(configPath, JSON.stringify(partialConfig), 'utf-8');
|
|
98
|
+
|
|
99
|
+
// Load should merge with defaults
|
|
100
|
+
const loaded = await loadConfig(tempDir);
|
|
101
|
+
|
|
102
|
+
expect(loaded.severity).toBe('high');
|
|
103
|
+
expect(loaded.autofix).toBe(DEFAULT_CONFIG.autofix);
|
|
104
|
+
expect(loaded.exclude).toEqual(DEFAULT_CONFIG.exclude);
|
|
105
|
+
expect(loaded.languages).toEqual(DEFAULT_CONFIG.languages);
|
|
106
|
+
});
|
|
107
|
+
|
|
108
|
+
it('should throw error for invalid JSON', async () => {
|
|
109
|
+
const configPath = getConfigPath(tempDir);
|
|
110
|
+
const fs = await import('fs/promises');
|
|
111
|
+
await fs.writeFile(configPath, 'invalid json{', 'utf-8');
|
|
112
|
+
|
|
113
|
+
await expect(loadConfig(tempDir)).rejects.toThrow('Failed to parse .codeslick.json');
|
|
114
|
+
});
|
|
115
|
+
});
|
|
116
|
+
|
|
117
|
+
describe('Save Configuration', () => {
|
|
118
|
+
it('should save config to file', async () => {
|
|
119
|
+
await saveConfig(DEFAULT_CONFIG, tempDir);
|
|
120
|
+
|
|
121
|
+
const fs = await import('fs/promises');
|
|
122
|
+
const configPath = getConfigPath(tempDir);
|
|
123
|
+
const content = await fs.readFile(configPath, 'utf-8');
|
|
124
|
+
const parsed = JSON.parse(content);
|
|
125
|
+
|
|
126
|
+
expect(parsed).toEqual(DEFAULT_CONFIG);
|
|
127
|
+
});
|
|
128
|
+
|
|
129
|
+
it('should format JSON with 2-space indentation', async () => {
|
|
130
|
+
await saveConfig(DEFAULT_CONFIG, tempDir);
|
|
131
|
+
|
|
132
|
+
const fs = await import('fs/promises');
|
|
133
|
+
const configPath = getConfigPath(tempDir);
|
|
134
|
+
const content = await fs.readFile(configPath, 'utf-8');
|
|
135
|
+
|
|
136
|
+
// Check formatting (should have newlines and indentation)
|
|
137
|
+
expect(content).toContain('\n');
|
|
138
|
+
expect(content).toMatch(/^{\n "version"/);
|
|
139
|
+
});
|
|
140
|
+
|
|
141
|
+
it('should overwrite existing config', async () => {
|
|
142
|
+
// Save initial config
|
|
143
|
+
await saveConfig(DEFAULT_CONFIG, tempDir);
|
|
144
|
+
|
|
145
|
+
// Save modified config
|
|
146
|
+
const modified: CodeSlickConfig = {
|
|
147
|
+
...DEFAULT_CONFIG,
|
|
148
|
+
severity: 'high',
|
|
149
|
+
};
|
|
150
|
+
await saveConfig(modified, tempDir);
|
|
151
|
+
|
|
152
|
+
// Load and verify
|
|
153
|
+
const loaded = await loadConfig(tempDir);
|
|
154
|
+
expect(loaded.severity).toBe('high');
|
|
155
|
+
});
|
|
156
|
+
});
|
|
157
|
+
|
|
158
|
+
describe('Update Configuration', () => {
|
|
159
|
+
beforeEach(async () => {
|
|
160
|
+
// Create initial config file
|
|
161
|
+
await saveConfig(DEFAULT_CONFIG, tempDir);
|
|
162
|
+
});
|
|
163
|
+
|
|
164
|
+
it('should update severity', async () => {
|
|
165
|
+
await updateConfig('severity', 'high', tempDir);
|
|
166
|
+
|
|
167
|
+
const loaded = await loadConfig(tempDir);
|
|
168
|
+
expect(loaded.severity).toBe('high');
|
|
169
|
+
});
|
|
170
|
+
|
|
171
|
+
it('should reject invalid severity', async () => {
|
|
172
|
+
await expect(
|
|
173
|
+
updateConfig('severity', 'invalid', tempDir)
|
|
174
|
+
).rejects.toThrow('Invalid severity value');
|
|
175
|
+
});
|
|
176
|
+
|
|
177
|
+
it('should update autofix', async () => {
|
|
178
|
+
await updateConfig('autofix', true, tempDir);
|
|
179
|
+
|
|
180
|
+
const loaded = await loadConfig(tempDir);
|
|
181
|
+
expect(loaded.autofix).toBe(true);
|
|
182
|
+
});
|
|
183
|
+
|
|
184
|
+
it('should reject invalid autofix value', async () => {
|
|
185
|
+
await expect(
|
|
186
|
+
updateConfig('autofix', 'yes', tempDir)
|
|
187
|
+
).rejects.toThrow('Invalid autofix value');
|
|
188
|
+
});
|
|
189
|
+
|
|
190
|
+
it('should update exclude patterns', async () => {
|
|
191
|
+
const newPatterns = ['test/**', '*.min.js'];
|
|
192
|
+
await updateConfig('exclude', newPatterns, tempDir);
|
|
193
|
+
|
|
194
|
+
const loaded = await loadConfig(tempDir);
|
|
195
|
+
expect(loaded.exclude).toEqual(newPatterns);
|
|
196
|
+
});
|
|
197
|
+
|
|
198
|
+
it('should reject non-array exclude value', async () => {
|
|
199
|
+
await expect(
|
|
200
|
+
updateConfig('exclude', 'not-an-array', tempDir)
|
|
201
|
+
).rejects.toThrow('Invalid exclude value');
|
|
202
|
+
});
|
|
203
|
+
|
|
204
|
+
it('should update languages', async () => {
|
|
205
|
+
const newLanguages = ['javascript', 'python'];
|
|
206
|
+
await updateConfig('languages', newLanguages, tempDir);
|
|
207
|
+
|
|
208
|
+
const loaded = await loadConfig(tempDir);
|
|
209
|
+
expect(loaded.languages).toEqual(newLanguages);
|
|
210
|
+
});
|
|
211
|
+
|
|
212
|
+
it('should reject invalid language', async () => {
|
|
213
|
+
await expect(
|
|
214
|
+
updateConfig('languages', ['javascript', 'ruby'], tempDir)
|
|
215
|
+
).rejects.toThrow('Invalid language(s): ruby');
|
|
216
|
+
});
|
|
217
|
+
|
|
218
|
+
it('should reject unknown configuration key', async () => {
|
|
219
|
+
await expect(
|
|
220
|
+
updateConfig('unknown' as any, 'value', tempDir)
|
|
221
|
+
).rejects.toThrow('Unknown configuration key');
|
|
222
|
+
});
|
|
223
|
+
});
|
|
224
|
+
|
|
225
|
+
describe('Default Configuration', () => {
|
|
226
|
+
it('should have correct default values', () => {
|
|
227
|
+
expect(DEFAULT_CONFIG.version).toBe('1.0');
|
|
228
|
+
expect(DEFAULT_CONFIG.severity).toBe('critical');
|
|
229
|
+
expect(DEFAULT_CONFIG.autofix).toBe(false);
|
|
230
|
+
expect(Array.isArray(DEFAULT_CONFIG.exclude)).toBe(true);
|
|
231
|
+
expect(Array.isArray(DEFAULT_CONFIG.languages)).toBe(true);
|
|
232
|
+
});
|
|
233
|
+
|
|
234
|
+
it('should exclude common directories by default', () => {
|
|
235
|
+
expect(DEFAULT_CONFIG.exclude).toContain('node_modules/**');
|
|
236
|
+
expect(DEFAULT_CONFIG.exclude).toContain('dist/**');
|
|
237
|
+
expect(DEFAULT_CONFIG.exclude).toContain('build/**');
|
|
238
|
+
});
|
|
239
|
+
|
|
240
|
+
it('should support all languages by default', () => {
|
|
241
|
+
expect(DEFAULT_CONFIG.languages).toContain('javascript');
|
|
242
|
+
expect(DEFAULT_CONFIG.languages).toContain('typescript');
|
|
243
|
+
expect(DEFAULT_CONFIG.languages).toContain('python');
|
|
244
|
+
expect(DEFAULT_CONFIG.languages).toContain('java');
|
|
245
|
+
});
|
|
246
|
+
});
|
|
247
|
+
});
|
|
@@ -0,0 +1,245 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Local Scanner Tests
|
|
3
|
+
*
|
|
4
|
+
* Tests for the local scanner module that handles offline security analysis.
|
|
5
|
+
*
|
|
6
|
+
* Coverage:
|
|
7
|
+
* - Language detection
|
|
8
|
+
* - File exclusion patterns
|
|
9
|
+
* - Vulnerability counting
|
|
10
|
+
* - Single file scanning
|
|
11
|
+
* - Multiple file scanning
|
|
12
|
+
* - Threshold checking
|
|
13
|
+
*/
|
|
14
|
+
|
|
15
|
+
import { describe, it, expect } from 'vitest';
|
|
16
|
+
import {
|
|
17
|
+
detectLanguage,
|
|
18
|
+
shouldExclude,
|
|
19
|
+
countVulnerabilities,
|
|
20
|
+
exceedsThreshold,
|
|
21
|
+
type FileScanResult,
|
|
22
|
+
} from '../src/scanner/local-scanner';
|
|
23
|
+
import type { AnalysisResult, SecurityVulnerability } from '../../../src/lib/types';
|
|
24
|
+
|
|
25
|
+
describe('Local Scanner - Language Detection', () => {
|
|
26
|
+
it('should detect JavaScript from .js extension', () => {
|
|
27
|
+
expect(detectLanguage('src/index.js')).toBe('javascript');
|
|
28
|
+
expect(detectLanguage('app.jsx')).toBe('javascript');
|
|
29
|
+
});
|
|
30
|
+
|
|
31
|
+
it('should detect TypeScript from .ts extension', () => {
|
|
32
|
+
expect(detectLanguage('src/index.ts')).toBe('typescript');
|
|
33
|
+
expect(detectLanguage('component.tsx')).toBe('typescript');
|
|
34
|
+
});
|
|
35
|
+
|
|
36
|
+
it('should detect Python from .py extension', () => {
|
|
37
|
+
expect(detectLanguage('script.py')).toBe('python');
|
|
38
|
+
expect(detectLanguage('src/main.py')).toBe('python');
|
|
39
|
+
});
|
|
40
|
+
|
|
41
|
+
it('should detect Java from .java extension', () => {
|
|
42
|
+
expect(detectLanguage('Main.java')).toBe('java');
|
|
43
|
+
expect(detectLanguage('src/com/example/App.java')).toBe('java');
|
|
44
|
+
});
|
|
45
|
+
|
|
46
|
+
it('should return null for unsupported extensions', () => {
|
|
47
|
+
expect(detectLanguage('README.md')).toBe(null);
|
|
48
|
+
expect(detectLanguage('config.json')).toBe(null);
|
|
49
|
+
expect(detectLanguage('style.css')).toBe(null);
|
|
50
|
+
});
|
|
51
|
+
|
|
52
|
+
it('should be case-insensitive', () => {
|
|
53
|
+
expect(detectLanguage('App.JS')).toBe('javascript');
|
|
54
|
+
expect(detectLanguage('Main.JAVA')).toBe('java');
|
|
55
|
+
});
|
|
56
|
+
});
|
|
57
|
+
|
|
58
|
+
describe('Local Scanner - File Exclusion', () => {
|
|
59
|
+
it('should exclude node_modules', () => {
|
|
60
|
+
const patterns = ['node_modules/**'];
|
|
61
|
+
expect(shouldExclude('node_modules/package/index.js', patterns)).toBe(true);
|
|
62
|
+
expect(shouldExclude('src/index.js', patterns)).toBe(false);
|
|
63
|
+
});
|
|
64
|
+
|
|
65
|
+
it('should exclude dist and build directories', () => {
|
|
66
|
+
const patterns = ['dist/**', 'build/**'];
|
|
67
|
+
expect(shouldExclude('dist/bundle.js', patterns)).toBe(true);
|
|
68
|
+
expect(shouldExclude('build/app.js', patterns)).toBe(true);
|
|
69
|
+
expect(shouldExclude('src/app.js', patterns)).toBe(false);
|
|
70
|
+
});
|
|
71
|
+
|
|
72
|
+
it('should exclude test files', () => {
|
|
73
|
+
const patterns = ['**/*.test.js', '**/*.spec.ts'];
|
|
74
|
+
expect(shouldExclude('src/app.test.js', patterns)).toBe(true);
|
|
75
|
+
expect(shouldExclude('tests/unit.spec.ts', patterns)).toBe(true);
|
|
76
|
+
expect(shouldExclude('src/app.js', patterns)).toBe(false);
|
|
77
|
+
});
|
|
78
|
+
|
|
79
|
+
it('should handle multiple patterns', () => {
|
|
80
|
+
const patterns = ['node_modules/**', 'dist/**', '**/*.test.js'];
|
|
81
|
+
expect(shouldExclude('node_modules/lib/index.js', patterns)).toBe(true);
|
|
82
|
+
expect(shouldExclude('dist/bundle.js', patterns)).toBe(true);
|
|
83
|
+
expect(shouldExclude('src/app.test.js', patterns)).toBe(true);
|
|
84
|
+
expect(shouldExclude('src/app.js', patterns)).toBe(false);
|
|
85
|
+
});
|
|
86
|
+
|
|
87
|
+
it('should handle wildcard patterns correctly', () => {
|
|
88
|
+
const patterns = ['**/test/**', '**/*.min.js'];
|
|
89
|
+
expect(shouldExclude('src/test/helper.js', patterns)).toBe(true);
|
|
90
|
+
expect(shouldExclude('lib/jquery.min.js', patterns)).toBe(true);
|
|
91
|
+
expect(shouldExclude('src/app.js', patterns)).toBe(false);
|
|
92
|
+
});
|
|
93
|
+
});
|
|
94
|
+
|
|
95
|
+
describe('Local Scanner - Vulnerability Counting', () => {
|
|
96
|
+
it('should count vulnerabilities by severity', () => {
|
|
97
|
+
const result: AnalysisResult = {
|
|
98
|
+
language: 'javascript',
|
|
99
|
+
syntax: { isValid: true, errors: [] },
|
|
100
|
+
security: {
|
|
101
|
+
vulnerabilities: [
|
|
102
|
+
{ severity: 'CRITICAL', message: 'SQL injection', line: 1 } as SecurityVulnerability,
|
|
103
|
+
{ severity: 'CRITICAL', message: 'XSS', line: 2 } as SecurityVulnerability,
|
|
104
|
+
{ severity: 'HIGH', message: 'Auth bypass', line: 3 } as SecurityVulnerability,
|
|
105
|
+
{ severity: 'MEDIUM', message: 'Weak crypto', line: 4 } as SecurityVulnerability,
|
|
106
|
+
{ severity: 'LOW', message: 'Info disclosure', line: 5 } as SecurityVulnerability,
|
|
107
|
+
],
|
|
108
|
+
},
|
|
109
|
+
quality: { score: 80, issues: [] },
|
|
110
|
+
performance: { score: 90, suggestions: [] },
|
|
111
|
+
metrics: {
|
|
112
|
+
linesOfCode: 100,
|
|
113
|
+
complexity: 5,
|
|
114
|
+
maintainability: 80,
|
|
115
|
+
},
|
|
116
|
+
};
|
|
117
|
+
|
|
118
|
+
const counts = countVulnerabilities(result);
|
|
119
|
+
|
|
120
|
+
expect(counts.critical).toBe(2);
|
|
121
|
+
expect(counts.high).toBe(1);
|
|
122
|
+
expect(counts.medium).toBe(1);
|
|
123
|
+
expect(counts.low).toBe(1);
|
|
124
|
+
});
|
|
125
|
+
|
|
126
|
+
it('should return zero counts for no vulnerabilities', () => {
|
|
127
|
+
const result: AnalysisResult = {
|
|
128
|
+
language: 'javascript',
|
|
129
|
+
syntax: { isValid: true, errors: [] },
|
|
130
|
+
security: { vulnerabilities: [] },
|
|
131
|
+
quality: { score: 100, issues: [] },
|
|
132
|
+
performance: { score: 100, suggestions: [] },
|
|
133
|
+
metrics: { linesOfCode: 50, complexity: 2, maintainability: 90 },
|
|
134
|
+
};
|
|
135
|
+
|
|
136
|
+
const counts = countVulnerabilities(result);
|
|
137
|
+
|
|
138
|
+
expect(counts.critical).toBe(0);
|
|
139
|
+
expect(counts.high).toBe(0);
|
|
140
|
+
expect(counts.medium).toBe(0);
|
|
141
|
+
expect(counts.low).toBe(0);
|
|
142
|
+
});
|
|
143
|
+
|
|
144
|
+
it('should handle missing security object', () => {
|
|
145
|
+
const result: AnalysisResult = {
|
|
146
|
+
language: 'javascript',
|
|
147
|
+
syntax: { isValid: true, errors: [] },
|
|
148
|
+
quality: { score: 100, issues: [] },
|
|
149
|
+
performance: { score: 100, suggestions: [] },
|
|
150
|
+
metrics: { linesOfCode: 50, complexity: 2, maintainability: 90 },
|
|
151
|
+
};
|
|
152
|
+
|
|
153
|
+
const counts = countVulnerabilities(result);
|
|
154
|
+
|
|
155
|
+
expect(counts.critical).toBe(0);
|
|
156
|
+
expect(counts.high).toBe(0);
|
|
157
|
+
expect(counts.medium).toBe(0);
|
|
158
|
+
expect(counts.low).toBe(0);
|
|
159
|
+
});
|
|
160
|
+
});
|
|
161
|
+
|
|
162
|
+
describe('Local Scanner - Threshold Checking', () => {
|
|
163
|
+
const mockResults: FileScanResult[] = [
|
|
164
|
+
{
|
|
165
|
+
filePath: '/path/to/file1.js',
|
|
166
|
+
relativePath: 'file1.js',
|
|
167
|
+
language: 'javascript',
|
|
168
|
+
result: {} as AnalysisResult,
|
|
169
|
+
critical: 2,
|
|
170
|
+
high: 1,
|
|
171
|
+
medium: 3,
|
|
172
|
+
low: 5,
|
|
173
|
+
},
|
|
174
|
+
{
|
|
175
|
+
filePath: '/path/to/file2.js',
|
|
176
|
+
relativePath: 'file2.js',
|
|
177
|
+
language: 'javascript',
|
|
178
|
+
result: {} as AnalysisResult,
|
|
179
|
+
critical: 0,
|
|
180
|
+
high: 2,
|
|
181
|
+
medium: 1,
|
|
182
|
+
low: 0,
|
|
183
|
+
},
|
|
184
|
+
];
|
|
185
|
+
|
|
186
|
+
it('should detect CRITICAL threshold exceeded', () => {
|
|
187
|
+
expect(exceedsThreshold(mockResults, 'critical')).toBe(true);
|
|
188
|
+
});
|
|
189
|
+
|
|
190
|
+
it('should detect HIGH threshold exceeded', () => {
|
|
191
|
+
expect(exceedsThreshold(mockResults, 'high')).toBe(true);
|
|
192
|
+
});
|
|
193
|
+
|
|
194
|
+
it('should detect MEDIUM threshold exceeded', () => {
|
|
195
|
+
expect(exceedsThreshold(mockResults, 'medium')).toBe(true);
|
|
196
|
+
});
|
|
197
|
+
|
|
198
|
+
it('should detect LOW threshold exceeded', () => {
|
|
199
|
+
expect(exceedsThreshold(mockResults, 'low')).toBe(true);
|
|
200
|
+
});
|
|
201
|
+
|
|
202
|
+
it('should return false when no CRITICAL issues exist', () => {
|
|
203
|
+
const cleanResults: FileScanResult[] = [
|
|
204
|
+
{
|
|
205
|
+
filePath: '/path/to/file.js',
|
|
206
|
+
relativePath: 'file.js',
|
|
207
|
+
language: 'javascript',
|
|
208
|
+
result: {} as AnalysisResult,
|
|
209
|
+
critical: 0,
|
|
210
|
+
high: 1,
|
|
211
|
+
medium: 2,
|
|
212
|
+
low: 3,
|
|
213
|
+
},
|
|
214
|
+
];
|
|
215
|
+
|
|
216
|
+
expect(exceedsThreshold(cleanResults, 'critical')).toBe(false);
|
|
217
|
+
});
|
|
218
|
+
|
|
219
|
+
it('should return false when no issues at all', () => {
|
|
220
|
+
const cleanResults: FileScanResult[] = [
|
|
221
|
+
{
|
|
222
|
+
filePath: '/path/to/file.js',
|
|
223
|
+
relativePath: 'file.js',
|
|
224
|
+
language: 'javascript',
|
|
225
|
+
result: {} as AnalysisResult,
|
|
226
|
+
critical: 0,
|
|
227
|
+
high: 0,
|
|
228
|
+
medium: 0,
|
|
229
|
+
low: 0,
|
|
230
|
+
},
|
|
231
|
+
];
|
|
232
|
+
|
|
233
|
+
expect(exceedsThreshold(cleanResults, 'critical')).toBe(false);
|
|
234
|
+
expect(exceedsThreshold(cleanResults, 'high')).toBe(false);
|
|
235
|
+
expect(exceedsThreshold(cleanResults, 'medium')).toBe(false);
|
|
236
|
+
expect(exceedsThreshold(cleanResults, 'low')).toBe(false);
|
|
237
|
+
});
|
|
238
|
+
|
|
239
|
+
it('should handle empty results array', () => {
|
|
240
|
+
expect(exceedsThreshold([], 'critical')).toBe(false);
|
|
241
|
+
expect(exceedsThreshold([], 'high')).toBe(false);
|
|
242
|
+
expect(exceedsThreshold([], 'medium')).toBe(false);
|
|
243
|
+
expect(exceedsThreshold([], 'low')).toBe(false);
|
|
244
|
+
});
|
|
245
|
+
});
|
|
@@ -0,0 +1,153 @@
|
|
|
1
|
+
#!/usr/bin/env node
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* CodeSlick CLI - Pre-commit Security Scanner
|
|
5
|
+
*
|
|
6
|
+
* This is the main entry point for the CodeSlick CLI tool.
|
|
7
|
+
* It handles command routing and error handling for all CLI commands.
|
|
8
|
+
*
|
|
9
|
+
* Usage:
|
|
10
|
+
* codeslick init - Initialize CodeSlick in repository
|
|
11
|
+
* codeslick scan - Scan staged files for vulnerabilities
|
|
12
|
+
* codeslick config - Manage configuration
|
|
13
|
+
* codeslick auth - Authenticate CLI (login, logout, whoami)
|
|
14
|
+
*
|
|
15
|
+
* Short alias: Use 'cs' instead of 'codeslick' for faster typing
|
|
16
|
+
* cs init - Same as 'codeslick init'
|
|
17
|
+
* cs scan - Same as 'codeslick scan'
|
|
18
|
+
*
|
|
19
|
+
* @see https://codeslick.dev/docs/cli for full documentation
|
|
20
|
+
*/
|
|
21
|
+
|
|
22
|
+
const yargs = require('yargs');
|
|
23
|
+
const { hideBin } = require('yargs/helpers');
|
|
24
|
+
const { scanCommand } = require('../dist/packages/cli/src/commands/scan');
|
|
25
|
+
const { initCommand } = require('../dist/packages/cli/src/commands/init');
|
|
26
|
+
const { configCommand } = require('../dist/packages/cli/src/commands/config');
|
|
27
|
+
const { loginCommand, logoutCommand, whoamiCommand } = require('../dist/packages/cli/src/commands/auth');
|
|
28
|
+
|
|
29
|
+
// Detect if running as 'cs' or 'codeslick'
|
|
30
|
+
const scriptName = process.argv[1].includes('/cs') ? 'cs' : 'codeslick';
|
|
31
|
+
|
|
32
|
+
// Main CLI application
|
|
33
|
+
yargs(hideBin(process.argv))
|
|
34
|
+
.scriptName(scriptName)
|
|
35
|
+
.usage('$0 <command> [options]')
|
|
36
|
+
.command(
|
|
37
|
+
'init',
|
|
38
|
+
'Initialize CodeSlick in your repository',
|
|
39
|
+
(yargs) => {
|
|
40
|
+
return yargs
|
|
41
|
+
.option('force', {
|
|
42
|
+
alias: 'f',
|
|
43
|
+
type: 'boolean',
|
|
44
|
+
description: 'Force re-initialization (overwrite existing config)',
|
|
45
|
+
default: false,
|
|
46
|
+
})
|
|
47
|
+
.option('severity', {
|
|
48
|
+
alias: 's',
|
|
49
|
+
type: 'string',
|
|
50
|
+
description: 'Default severity threshold (critical|high|medium|low)',
|
|
51
|
+
default: 'critical',
|
|
52
|
+
choices: ['critical', 'high', 'medium', 'low'],
|
|
53
|
+
});
|
|
54
|
+
},
|
|
55
|
+
initCommand
|
|
56
|
+
)
|
|
57
|
+
.command(
|
|
58
|
+
'scan [files..]',
|
|
59
|
+
'Scan files for security vulnerabilities',
|
|
60
|
+
(yargs) => {
|
|
61
|
+
return yargs
|
|
62
|
+
.positional('files', {
|
|
63
|
+
type: 'string',
|
|
64
|
+
array: true,
|
|
65
|
+
description: 'Files or patterns to scan (default: staged files)',
|
|
66
|
+
})
|
|
67
|
+
.option('staged', {
|
|
68
|
+
type: 'boolean',
|
|
69
|
+
description: 'Scan only staged files (git)',
|
|
70
|
+
default: false,
|
|
71
|
+
})
|
|
72
|
+
.option('severity', {
|
|
73
|
+
alias: 's',
|
|
74
|
+
type: 'string',
|
|
75
|
+
description: 'Severity threshold (critical|high|medium|low)',
|
|
76
|
+
choices: ['critical', 'high', 'medium', 'low'],
|
|
77
|
+
})
|
|
78
|
+
.option('fix', {
|
|
79
|
+
type: 'boolean',
|
|
80
|
+
description: 'Auto-apply fixes (where possible)',
|
|
81
|
+
default: false,
|
|
82
|
+
})
|
|
83
|
+
.option('json', {
|
|
84
|
+
type: 'boolean',
|
|
85
|
+
description: 'Output results as JSON',
|
|
86
|
+
default: false,
|
|
87
|
+
});
|
|
88
|
+
},
|
|
89
|
+
scanCommand
|
|
90
|
+
)
|
|
91
|
+
.command(
|
|
92
|
+
'config <action> [key] [value]',
|
|
93
|
+
'Manage CodeSlick configuration',
|
|
94
|
+
(yargs) => {
|
|
95
|
+
return yargs
|
|
96
|
+
.positional('action', {
|
|
97
|
+
type: 'string',
|
|
98
|
+
description: 'Action to perform (get|set|list)',
|
|
99
|
+
choices: ['get', 'set', 'list'],
|
|
100
|
+
})
|
|
101
|
+
.positional('key', {
|
|
102
|
+
type: 'string',
|
|
103
|
+
description: 'Configuration key',
|
|
104
|
+
})
|
|
105
|
+
.positional('value', {
|
|
106
|
+
type: 'string',
|
|
107
|
+
description: 'Configuration value',
|
|
108
|
+
});
|
|
109
|
+
},
|
|
110
|
+
configCommand
|
|
111
|
+
)
|
|
112
|
+
.command(
|
|
113
|
+
'auth <action>',
|
|
114
|
+
'Manage CLI authentication',
|
|
115
|
+
(yargs) => {
|
|
116
|
+
return yargs
|
|
117
|
+
.positional('action', {
|
|
118
|
+
type: 'string',
|
|
119
|
+
description: 'Action to perform (login|logout|whoami)',
|
|
120
|
+
choices: ['login', 'logout', 'whoami'],
|
|
121
|
+
});
|
|
122
|
+
},
|
|
123
|
+
async (argv) => {
|
|
124
|
+
switch (argv.action) {
|
|
125
|
+
case 'login':
|
|
126
|
+
await loginCommand();
|
|
127
|
+
break;
|
|
128
|
+
case 'logout':
|
|
129
|
+
await logoutCommand();
|
|
130
|
+
break;
|
|
131
|
+
case 'whoami':
|
|
132
|
+
await whoamiCommand();
|
|
133
|
+
break;
|
|
134
|
+
}
|
|
135
|
+
}
|
|
136
|
+
)
|
|
137
|
+
.example('$0 init', 'Initialize CodeSlick in your repository')
|
|
138
|
+
.example('$0 scan', 'Scan all staged files')
|
|
139
|
+
.example('$0 scan src/**/*.js', 'Scan specific files')
|
|
140
|
+
.example('$0 scan --staged --severity high', 'Scan staged files, block on HIGH+')
|
|
141
|
+
.example('$0 config set severity critical', 'Set severity threshold')
|
|
142
|
+
.example('$0 config list', 'List all configuration')
|
|
143
|
+
.example('$0 auth login', 'Authenticate CLI via browser')
|
|
144
|
+
.example('$0 auth whoami', 'Show current user and quota')
|
|
145
|
+
.example('$0 auth logout', 'Remove local credentials')
|
|
146
|
+
.demandCommand(1, 'You must provide a command')
|
|
147
|
+
.help()
|
|
148
|
+
.alias('help', 'h')
|
|
149
|
+
.version('1.0.0')
|
|
150
|
+
.alias('version', 'v')
|
|
151
|
+
.epilog('For more information, visit https://codeslick.dev/docs/cli')
|
|
152
|
+
.strict()
|
|
153
|
+
.parse();
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CLI Authentication Commands
|
|
3
|
+
* Phase 1.5 Week 10 - CLI Authentication System
|
|
4
|
+
*
|
|
5
|
+
* Commands:
|
|
6
|
+
* - login: Browser-based OAuth authentication
|
|
7
|
+
* - logout: Remove local credentials
|
|
8
|
+
* - whoami: Display current user info and quota
|
|
9
|
+
*/
|
|
10
|
+
interface AuthConfig {
|
|
11
|
+
accessToken: string;
|
|
12
|
+
email: string;
|
|
13
|
+
plan: string;
|
|
14
|
+
expiresAt?: string;
|
|
15
|
+
}
|
|
16
|
+
/**
|
|
17
|
+
* Login Command
|
|
18
|
+
* Opens browser for authentication and polls for validation
|
|
19
|
+
*/
|
|
20
|
+
export declare function loginCommand(): Promise<void>;
|
|
21
|
+
/**
|
|
22
|
+
* Logout Command
|
|
23
|
+
* Removes local credentials
|
|
24
|
+
*/
|
|
25
|
+
export declare function logoutCommand(): Promise<void>;
|
|
26
|
+
/**
|
|
27
|
+
* Whoami Command
|
|
28
|
+
* Displays current user info and quota
|
|
29
|
+
*/
|
|
30
|
+
export declare function whoamiCommand(): Promise<void>;
|
|
31
|
+
/**
|
|
32
|
+
* Load authentication config from disk
|
|
33
|
+
*/
|
|
34
|
+
export declare function loadAuth(): AuthConfig | null;
|
|
35
|
+
export {};
|
|
36
|
+
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../../../../../src/commands/auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAeH,UAAU,UAAU;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAiCD;;;GAGG;AACH,wBAAsB,YAAY,kBA0GjC;AAED;;;GAGG;AACH,wBAAsB,aAAa,kBAiBlC;AAED;;;GAGG;AACH,wBAAsB,aAAa,kBAuDlC;AAaD;;GAEG;AACH,wBAAgB,QAAQ,IAAI,UAAU,GAAG,IAAI,CAW5C"}
|