coverme-security-scanner 3.1.0 → 3.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/bin/install-command.js +65 -11
- package/commands/coverme.md +8 -4
- package/package.json +1 -1
package/bin/install-command.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
|
|
3
|
-
import { mkdirSync, copyFileSync, existsSync } from 'fs';
|
|
3
|
+
import { mkdirSync, copyFileSync, existsSync, readFileSync, writeFileSync } from 'fs';
|
|
4
4
|
import { join, dirname } from 'path';
|
|
5
5
|
import { fileURLToPath } from 'url';
|
|
6
6
|
import { homedir } from 'os';
|
|
@@ -8,29 +8,83 @@ import { homedir } from 'os';
|
|
|
8
8
|
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
9
9
|
|
|
10
10
|
// Determine target directory
|
|
11
|
-
const
|
|
12
|
-
|
|
13
|
-
|
|
11
|
+
const isGlobal = process.argv[2] === '--global';
|
|
12
|
+
const claudeDir = isGlobal
|
|
13
|
+
? join(homedir(), '.claude')
|
|
14
|
+
: join(process.cwd(), '.claude');
|
|
15
|
+
|
|
16
|
+
const commandsDir = join(claudeDir, 'commands');
|
|
14
17
|
|
|
15
18
|
// Source file
|
|
16
19
|
const sourceFile = join(__dirname, '..', 'commands', 'coverme.md');
|
|
17
20
|
|
|
18
|
-
// Create directory if needed
|
|
19
|
-
if (!existsSync(
|
|
20
|
-
mkdirSync(
|
|
21
|
-
console.log(`Created directory: ${
|
|
21
|
+
// Create commands directory if needed
|
|
22
|
+
if (!existsSync(commandsDir)) {
|
|
23
|
+
mkdirSync(commandsDir, { recursive: true });
|
|
24
|
+
console.log(`Created directory: ${commandsDir}`);
|
|
22
25
|
}
|
|
23
26
|
|
|
24
27
|
// Copy the command file
|
|
25
|
-
const targetFile = join(
|
|
28
|
+
const targetFile = join(commandsDir, 'coverme.md');
|
|
26
29
|
copyFileSync(sourceFile, targetFile);
|
|
30
|
+
console.log(`Installed /coverme command`);
|
|
31
|
+
|
|
32
|
+
// Add permissions to settings.json
|
|
33
|
+
const settingsFile = join(claudeDir, 'settings.json');
|
|
34
|
+
let settings = {};
|
|
35
|
+
|
|
36
|
+
if (existsSync(settingsFile)) {
|
|
37
|
+
try {
|
|
38
|
+
settings = JSON.parse(readFileSync(settingsFile, 'utf-8'));
|
|
39
|
+
} catch (e) {
|
|
40
|
+
// Invalid JSON, start fresh
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
|
|
44
|
+
// Ensure permissions structure exists
|
|
45
|
+
if (!settings.permissions) {
|
|
46
|
+
settings.permissions = {};
|
|
47
|
+
}
|
|
48
|
+
if (!Array.isArray(settings.permissions.allow)) {
|
|
49
|
+
settings.permissions.allow = [];
|
|
50
|
+
}
|
|
51
|
+
|
|
52
|
+
// Required permissions for coverme to run without prompts
|
|
53
|
+
const requiredPermissions = [
|
|
54
|
+
"Bash(find:*)",
|
|
55
|
+
"Bash(cat:*)",
|
|
56
|
+
"Bash(head:*)",
|
|
57
|
+
"Bash(tail:*)",
|
|
58
|
+
"Bash(wc:*)",
|
|
59
|
+
"Bash(ls:*)",
|
|
60
|
+
"Bash(git:*)",
|
|
61
|
+
"Bash(grep:*)",
|
|
62
|
+
"Bash(rg:*)"
|
|
63
|
+
];
|
|
64
|
+
|
|
65
|
+
// Add missing permissions
|
|
66
|
+
let addedCount = 0;
|
|
67
|
+
for (const perm of requiredPermissions) {
|
|
68
|
+
if (!settings.permissions.allow.includes(perm)) {
|
|
69
|
+
settings.permissions.allow.push(perm);
|
|
70
|
+
addedCount++;
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
|
|
74
|
+
if (addedCount > 0) {
|
|
75
|
+
writeFileSync(settingsFile, JSON.stringify(settings, null, 2));
|
|
76
|
+
console.log(`Added ${addedCount} permissions to ${settingsFile}`);
|
|
77
|
+
}
|
|
27
78
|
|
|
28
79
|
console.log(`
|
|
29
|
-
|
|
80
|
+
CoverMe Security Scanner installed successfully!
|
|
30
81
|
|
|
31
82
|
Usage:
|
|
32
83
|
Open Claude Code in your project directory and run:
|
|
33
84
|
/coverme
|
|
34
85
|
|
|
35
|
-
|
|
86
|
+
The scanner will run automatically without permission prompts.
|
|
87
|
+
A PDF report will be generated at the end.
|
|
88
|
+
|
|
89
|
+
Location: ${targetFile}
|
|
36
90
|
`);
|
package/commands/coverme.md
CHANGED
|
@@ -297,12 +297,14 @@ After all agents complete, compile their findings into a JSON file with this enh
|
|
|
297
297
|
|
|
298
298
|
### Step 5: Generate PDF
|
|
299
299
|
|
|
300
|
-
Save the JSON to
|
|
300
|
+
Save the JSON to `.coverme/scan.json` in the project root, then generate the PDF:
|
|
301
301
|
|
|
302
302
|
```bash
|
|
303
|
-
npx coverme-
|
|
303
|
+
npx coverme-security-scanner .coverme/scan.json security-assessment-$(date +%Y-%m-%d).pdf && open security-assessment-$(date +%Y-%m-%d).pdf
|
|
304
304
|
```
|
|
305
305
|
|
|
306
|
+
**IMPORTANT:** You MUST run this command to generate and open the PDF. Do not skip this step.
|
|
307
|
+
|
|
306
308
|
### Quality Checklist
|
|
307
309
|
|
|
308
310
|
Before generating the PDF, verify:
|
|
@@ -318,9 +320,11 @@ Before generating the PDF, verify:
|
|
|
318
320
|
### Output
|
|
319
321
|
|
|
320
322
|
The final deliverable is:
|
|
321
|
-
1.
|
|
322
|
-
2. `security-assessment-YYYY-MM-DD.pdf` - Professional PDF report
|
|
323
|
+
1. `.coverme/scan.json` - Enhanced findings data with attack chains
|
|
324
|
+
2. `security-assessment-YYYY-MM-DD.pdf` - Professional PDF report (auto-opened)
|
|
323
325
|
|
|
324
326
|
---
|
|
325
327
|
|
|
326
328
|
Now begin the security assessment. Launch all 7 agents in parallel.
|
|
329
|
+
|
|
330
|
+
**CRITICAL REMINDER:** After completing the scan and saving scan.json, you MUST run the PDF generation command in Step 5. The assessment is NOT complete until the PDF is generated and opened.
|