codeslick-cli 1.5.2 → 1.5.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/codeslick.cjs +4 -185
- package/build.mjs +70 -0
- package/dist/codeslick-bundle.cjs +52342 -0
- package/package.json +10 -11
- package/src/cli-entry.ts +178 -0
- package/src/commands/scan.ts +58 -2
package/bin/codeslick.cjs
CHANGED
|
@@ -1,188 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
|
-
|
|
3
2
|
/**
|
|
4
|
-
* CodeSlick CLI
|
|
5
|
-
*
|
|
6
|
-
* This
|
|
7
|
-
* It handles command routing and error handling for all CLI commands.
|
|
8
|
-
*
|
|
9
|
-
* Usage:
|
|
10
|
-
* codeslick init - Initialize CodeSlick in repository
|
|
11
|
-
* codeslick scan - Scan staged files for vulnerabilities
|
|
12
|
-
* codeslick config - Manage configuration
|
|
13
|
-
* codeslick auth - Authenticate CLI (login, logout, whoami)
|
|
14
|
-
*
|
|
15
|
-
* Short alias: Use 'cs' instead of 'codeslick' for faster typing
|
|
16
|
-
* cs init - Same as 'codeslick init'
|
|
17
|
-
* cs scan - Same as 'codeslick scan'
|
|
18
|
-
*
|
|
19
|
-
* @see https://codeslick.dev/docs/cli for full documentation
|
|
3
|
+
* CodeSlick CLI entry shim.
|
|
4
|
+
* All logic is bundled in dist/codeslick-bundle.cjs via esbuild.
|
|
5
|
+
* This shim exists only to provide the #!/usr/bin/env node line and the bin path.
|
|
20
6
|
*/
|
|
21
|
-
|
|
22
|
-
const yargs = require('yargs');
|
|
23
|
-
const { hideBin } = require('yargs/helpers');
|
|
24
|
-
const { scanCommand } = require('../dist/packages/cli/src/commands/scan');
|
|
25
|
-
const { initCommand } = require('../dist/packages/cli/src/commands/init');
|
|
26
|
-
const { configCommand } = require('../dist/packages/cli/src/commands/config');
|
|
27
|
-
const { loginCommand, logoutCommand, whoamiCommand } = require('../dist/packages/cli/src/commands/auth');
|
|
28
|
-
const { startBackgroundUpdateCheck } = require('../dist/packages/cli/src/utils/version-check');
|
|
29
|
-
const { version } = require('../package.json');
|
|
30
|
-
|
|
31
|
-
// Start version check in background (non-blocking)
|
|
32
|
-
// Will print notification at the end if update is available
|
|
33
|
-
void startBackgroundUpdateCheck();
|
|
34
|
-
|
|
35
|
-
// Detect if running as 'cs' or 'codeslick'
|
|
36
|
-
const scriptName = process.argv[1].includes('/cs') ? 'cs' : 'codeslick';
|
|
37
|
-
|
|
38
|
-
// Main CLI application
|
|
39
|
-
yargs(hideBin(process.argv))
|
|
40
|
-
.scriptName(scriptName)
|
|
41
|
-
.usage('$0 <command> [options]')
|
|
42
|
-
.command(
|
|
43
|
-
'init',
|
|
44
|
-
'Initialize CodeSlick in your repository',
|
|
45
|
-
(yargs) => {
|
|
46
|
-
return yargs
|
|
47
|
-
.option('force', {
|
|
48
|
-
alias: 'f',
|
|
49
|
-
type: 'boolean',
|
|
50
|
-
description: 'Force re-initialization (overwrite existing config)',
|
|
51
|
-
default: false,
|
|
52
|
-
})
|
|
53
|
-
.option('severity', {
|
|
54
|
-
alias: 's',
|
|
55
|
-
type: 'string',
|
|
56
|
-
description: 'Default severity threshold (critical|high|medium|low)',
|
|
57
|
-
default: 'critical',
|
|
58
|
-
choices: ['critical', 'high', 'medium', 'low'],
|
|
59
|
-
});
|
|
60
|
-
},
|
|
61
|
-
initCommand
|
|
62
|
-
)
|
|
63
|
-
.command(
|
|
64
|
-
'scan [files..]',
|
|
65
|
-
'Scan files for security vulnerabilities',
|
|
66
|
-
(yargs) => {
|
|
67
|
-
return yargs
|
|
68
|
-
.positional('files', {
|
|
69
|
-
type: 'string',
|
|
70
|
-
array: true,
|
|
71
|
-
description: 'Files or patterns to scan (default: staged files)',
|
|
72
|
-
})
|
|
73
|
-
.option('staged', {
|
|
74
|
-
type: 'boolean',
|
|
75
|
-
description: 'Scan only staged files (git) - this is the default',
|
|
76
|
-
default: true,
|
|
77
|
-
})
|
|
78
|
-
.option('all', {
|
|
79
|
-
alias: 'a',
|
|
80
|
-
type: 'boolean',
|
|
81
|
-
description: 'Scan all files in repository (overrides --staged)',
|
|
82
|
-
default: false,
|
|
83
|
-
})
|
|
84
|
-
.option('quick', {
|
|
85
|
-
alias: 'q',
|
|
86
|
-
type: 'boolean',
|
|
87
|
-
description: 'Quick scan - skip deep TypeScript type checking for speed',
|
|
88
|
-
default: false,
|
|
89
|
-
})
|
|
90
|
-
.option('verbose', {
|
|
91
|
-
alias: 'v',
|
|
92
|
-
type: 'boolean',
|
|
93
|
-
description: 'Show detailed results for all files (default: top 10 only)',
|
|
94
|
-
default: false,
|
|
95
|
-
})
|
|
96
|
-
.option('severity', {
|
|
97
|
-
alias: 's',
|
|
98
|
-
type: 'string',
|
|
99
|
-
description: 'Severity threshold (critical|high|medium|low)',
|
|
100
|
-
choices: ['critical', 'high', 'medium', 'low'],
|
|
101
|
-
})
|
|
102
|
-
.option('fix', {
|
|
103
|
-
type: 'boolean',
|
|
104
|
-
description: 'Auto-apply fixes (where possible)',
|
|
105
|
-
default: false,
|
|
106
|
-
})
|
|
107
|
-
.option('json', {
|
|
108
|
-
type: 'boolean',
|
|
109
|
-
description: 'Output results as JSON',
|
|
110
|
-
default: false,
|
|
111
|
-
})
|
|
112
|
-
.option('verify', {
|
|
113
|
-
type: 'boolean',
|
|
114
|
-
description: 'Run tests after security scan (combined pass/fail)',
|
|
115
|
-
default: false,
|
|
116
|
-
})
|
|
117
|
-
.option('test-command', {
|
|
118
|
-
type: 'string',
|
|
119
|
-
description: 'Custom test command (e.g., "npm test", "pytest")',
|
|
120
|
-
});
|
|
121
|
-
},
|
|
122
|
-
scanCommand
|
|
123
|
-
)
|
|
124
|
-
.command(
|
|
125
|
-
'config <action> [key] [value]',
|
|
126
|
-
'Manage CodeSlick configuration',
|
|
127
|
-
(yargs) => {
|
|
128
|
-
return yargs
|
|
129
|
-
.positional('action', {
|
|
130
|
-
type: 'string',
|
|
131
|
-
description: 'Action to perform (get|set|list)',
|
|
132
|
-
choices: ['get', 'set', 'list'],
|
|
133
|
-
})
|
|
134
|
-
.positional('key', {
|
|
135
|
-
type: 'string',
|
|
136
|
-
description: 'Configuration key',
|
|
137
|
-
})
|
|
138
|
-
.positional('value', {
|
|
139
|
-
type: 'string',
|
|
140
|
-
description: 'Configuration value',
|
|
141
|
-
});
|
|
142
|
-
},
|
|
143
|
-
configCommand
|
|
144
|
-
)
|
|
145
|
-
.command(
|
|
146
|
-
'auth <action>',
|
|
147
|
-
'Manage CLI authentication',
|
|
148
|
-
(yargs) => {
|
|
149
|
-
return yargs
|
|
150
|
-
.positional('action', {
|
|
151
|
-
type: 'string',
|
|
152
|
-
description: 'Action to perform (login|logout|whoami)',
|
|
153
|
-
choices: ['login', 'logout', 'whoami'],
|
|
154
|
-
});
|
|
155
|
-
},
|
|
156
|
-
async (argv) => {
|
|
157
|
-
switch (argv.action) {
|
|
158
|
-
case 'login':
|
|
159
|
-
await loginCommand();
|
|
160
|
-
break;
|
|
161
|
-
case 'logout':
|
|
162
|
-
await logoutCommand();
|
|
163
|
-
break;
|
|
164
|
-
case 'whoami':
|
|
165
|
-
await whoamiCommand();
|
|
166
|
-
break;
|
|
167
|
-
}
|
|
168
|
-
}
|
|
169
|
-
)
|
|
170
|
-
.example('$0 init', 'Initialize CodeSlick in your repository')
|
|
171
|
-
.example('$0 scan', 'Scan all staged files')
|
|
172
|
-
.example('$0 scan src/**/*.js', 'Scan specific files')
|
|
173
|
-
.example('$0 scan --staged --severity high', 'Scan staged files, block on HIGH+')
|
|
174
|
-
.example('$0 scan --verify', 'Scan files AND run tests (combined pass/fail)')
|
|
175
|
-
.example('$0 scan --verify --test-command "pytest"', 'Scan + run custom test command')
|
|
176
|
-
.example('$0 config set severity critical', 'Set severity threshold')
|
|
177
|
-
.example('$0 config list', 'List all configuration')
|
|
178
|
-
.example('$0 auth login', 'Authenticate CLI via browser')
|
|
179
|
-
.example('$0 auth whoami', 'Show current user and quota')
|
|
180
|
-
.example('$0 auth logout', 'Remove local credentials')
|
|
181
|
-
.demandCommand(1, 'You must provide a command')
|
|
182
|
-
.help()
|
|
183
|
-
.alias('help', 'h')
|
|
184
|
-
.version(version)
|
|
185
|
-
.alias('version', 'v')
|
|
186
|
-
.epilog('For more information, visit https://codeslick.dev/docs/cli')
|
|
187
|
-
.strict()
|
|
188
|
-
.parse();
|
|
7
|
+
require('../dist/codeslick-bundle.cjs');
|
package/build.mjs
ADDED
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CLI Bundle Script
|
|
3
|
+
*
|
|
4
|
+
* Bundles the CLI and all internal dependencies into a single CJS file.
|
|
5
|
+
* This permanently solves the "missing module" class of bugs that occur
|
|
6
|
+
* when internal monorepo packages (@codeslick/*, acorn) aren't published.
|
|
7
|
+
*
|
|
8
|
+
* Externals (NOT bundled — must be present in node_modules at runtime):
|
|
9
|
+
* - typescript: compiler API requires dynamic file resolution
|
|
10
|
+
* - glob, chalk, ora, cli-table3, yargs, yargs/helpers: declared in package.json
|
|
11
|
+
* - All node:* built-ins
|
|
12
|
+
*/
|
|
13
|
+
|
|
14
|
+
import esbuild from 'esbuild';
|
|
15
|
+
import { mkdirSync, existsSync } from 'fs';
|
|
16
|
+
|
|
17
|
+
console.log('[build] Bundling codeslick-cli...');
|
|
18
|
+
|
|
19
|
+
if (!existsSync('./dist')) mkdirSync('./dist', { recursive: true });
|
|
20
|
+
|
|
21
|
+
await esbuild.build({
|
|
22
|
+
entryPoints: ['src/cli-entry.ts'],
|
|
23
|
+
bundle: true,
|
|
24
|
+
platform: 'node',
|
|
25
|
+
target: 'node18',
|
|
26
|
+
format: 'cjs',
|
|
27
|
+
outfile: 'dist/codeslick-bundle.cjs',
|
|
28
|
+
sourcemap: false, // keep published output clean
|
|
29
|
+
minify: false, // readable for debugging
|
|
30
|
+
|
|
31
|
+
external: [
|
|
32
|
+
// Runtime deps — declared in package.json, installed by npm
|
|
33
|
+
'typescript',
|
|
34
|
+
'glob',
|
|
35
|
+
'chalk',
|
|
36
|
+
'ora',
|
|
37
|
+
'cli-table3',
|
|
38
|
+
'yargs',
|
|
39
|
+
'yargs/helpers',
|
|
40
|
+
// Node.js built-ins
|
|
41
|
+
'child_process',
|
|
42
|
+
'fs',
|
|
43
|
+
'fs/promises',
|
|
44
|
+
'path',
|
|
45
|
+
'os',
|
|
46
|
+
'crypto',
|
|
47
|
+
'util',
|
|
48
|
+
'readline',
|
|
49
|
+
'stream',
|
|
50
|
+
'url',
|
|
51
|
+
'http',
|
|
52
|
+
'https',
|
|
53
|
+
'net',
|
|
54
|
+
'tls',
|
|
55
|
+
'buffer',
|
|
56
|
+
'events',
|
|
57
|
+
'module',
|
|
58
|
+
'perf_hooks',
|
|
59
|
+
'vm',
|
|
60
|
+
'assert',
|
|
61
|
+
'tty',
|
|
62
|
+
'zlib',
|
|
63
|
+
],
|
|
64
|
+
|
|
65
|
+
}).then(() => {
|
|
66
|
+
console.log('[build] Done → dist/codeslick-bundle.cjs');
|
|
67
|
+
}).catch(err => {
|
|
68
|
+
console.error('[build] Failed:', err.message);
|
|
69
|
+
process.exit(1);
|
|
70
|
+
});
|