coverme-scanner 4.0.1 → 4.0.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/dist/prompts/coverme-command.md +22 -22
  2. package/package.json +1 -1
package/dist/prompts/coverme-command.md CHANGED
@@ -566,47 +566,47 @@ Return ONLY: "done"
566
566
 
567
567
  ---
568
568
 
569
- ## Phase 3: Aggregate Results
569
+ ## Phase 3: Aggregate Results (FAST)
570
570
 
571
- **CRITICAL: Use Write tool directly, NOT bash heredoc**
571
+ **SPEED IS CRITICAL - Do this quickly:**
572
572
 
573
- 1. List agent files:
573
+ 1. Read agent files in PARALLEL:
574
574
  ```bash
575
- ls .coverme/agents/*.json 2>/dev/null | head -30
575
+ cat .coverme/agents/*.json 2>/dev/null | head -500
576
576
  ```
577
577
 
578
- 2. Read each agent JSON file using the Read tool (in parallel if possible)
579
-
580
- 3. **Use the Write tool** to save `.coverme/scan.json` with this structure:
578
+ 2. Build a MINIMAL scan.json with only essential fields:
581
579
  ```json
582
580
  {
583
- "projectName": "from package.json or folder name",
584
- "scanDate": "ISO timestamp",
585
- "filesScanned": N,
586
- "linesOfCode": N,
587
- "findings": [merged from all agent files, deduplicated],
588
- "positiveObservations": [from POSITIVE.json],
581
+ "projectName": "PROJECT_NAME",
582
+ "scanDate": "DATE",
583
+ "findings": [/* max 30 findings, critical/high first */],
589
584
  "summary": {"critical":N,"high":N,"medium":N,"low":N}
590
585
  }
591
586
  ```
592
587
 
593
- **IMPORTANT**:
594
- - Use Write tool, not bash echo/cat
595
- - Keep max 50 findings (prioritize by severity)
596
- - Max 3 code snippets per finding
588
+ 3. **Write scan.json using Write tool** - keep it under 50KB!
589
+ - Max 30 findings total
590
+ - Max 100 chars per code snippet
591
+ - No duplicate findings
597
592
 
598
593
  ---
599
594
 
600
- ## Phase 4: Generate Report
595
+ ## Phase 4: Generate PDF Report
596
+
597
+ **Run this IMMEDIATELY after writing scan.json:**
598
+
599
+ ```bash
600
+ coverme .coverme/scan.json security-report-$(date +%Y-%m-%d).pdf && open security-report-$(date +%Y-%m-%d).pdf
601
+ ```
601
602
 
603
+ If that fails, try:
602
604
  ```bash
603
- TIMESTAMP=$(date +%Y-%m-%d_%H-%M-%S)
604
- npx coverme-scanner report .coverme/scan.json -f html -o ".coverme/report_$TIMESTAMP.html"
605
- open ".coverme/report_$TIMESTAMP.html"
605
+ npx coverme-scanner .coverme/scan.json security-report.pdf && open security-report.pdf
606
606
  ```
607
607
 
608
608
  ---
609
609
 
610
610
  ## DONE
611
611
 
612
- Tell user: "Scan complete! Report opened."
612
+ Tell user: "Scan complete! PDF report opened."
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "coverme-scanner",
3
- "version": "4.0.1",
3
+ "version": "4.0.2",
4
4
  "description": "AI-powered security scanner with 33 agents including AI-generated code detection. STRIDE/DREAD scoring, adversarial review, professional PDF reports.",
5
5
  "main": "dist/index.js",
6
6
  "types": "dist/index.d.ts",