cryptoserve 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/lib/client.mjs +3 -3
- package/lib/init.mjs +2 -2
- package/lib/pqc-engine.mjs +1 -1
- package/lib/scanner.mjs +3 -2
- package/package.json +1 -1
package/lib/client.mjs
CHANGED
|
@@ -120,12 +120,12 @@ export async function login(serverUrl = DEFAULT_SERVER) {
|
|
|
120
120
|
const authUrl = `${server}/auth/cli?redirect=http://localhost:${CALLBACK_PORT}/callback`;
|
|
121
121
|
console.log(`\nOpen this URL to log in:\n ${authUrl}\n`);
|
|
122
122
|
|
|
123
|
-
// Try to open browser
|
|
124
|
-
|
|
123
|
+
// Try to open browser (use spawn with array args to prevent command injection)
|
|
124
|
+
import('node:child_process').then(m => {
|
|
125
125
|
const cmd = process.platform === 'darwin' ? 'open'
|
|
126
126
|
: process.platform === 'win32' ? 'start'
|
|
127
127
|
: 'xdg-open';
|
|
128
|
-
m.
|
|
128
|
+
m.spawn(cmd, [authUrl], { stdio: 'ignore', detached: true }).unref();
|
|
129
129
|
});
|
|
130
130
|
});
|
|
131
131
|
|
package/lib/init.mjs
CHANGED
|
@@ -142,13 +142,13 @@ function protectAider(projectDir, result) {
|
|
|
142
142
|
}
|
|
143
143
|
|
|
144
144
|
function addInstructions(filePath, result) {
|
|
145
|
-
|
|
145
|
+
const existed = existsSync(filePath);
|
|
146
|
+
let content = existed ? readFileSync(filePath, 'utf-8') : '';
|
|
146
147
|
if (content.includes(MARKER)) return;
|
|
147
148
|
|
|
148
149
|
content += buildSecretlessInstructions();
|
|
149
150
|
writeFileSync(filePath, content);
|
|
150
151
|
|
|
151
|
-
const existed = existsSync(filePath);
|
|
152
152
|
if (existed) {
|
|
153
153
|
result.filesModified.push(filePath);
|
|
154
154
|
} else {
|
package/lib/pqc-engine.mjs
CHANGED
|
@@ -531,7 +531,7 @@ function calculateQuantumScore(libraries, classifications) {
|
|
|
531
531
|
// Score by individual algorithm classifications, not library count.
|
|
532
532
|
// A project with 5 symmetric + 1 asymmetric algorithm is mostly ready, not 0%.
|
|
533
533
|
const safe = classifications.filter(
|
|
534
|
-
c => c.category !== 'asymmetric'
|
|
534
|
+
c => c.category !== 'asymmetric'
|
|
535
535
|
).length;
|
|
536
536
|
const vulnerable = classifications.filter(
|
|
537
537
|
c => c.category === 'asymmetric'
|
package/lib/scanner.mjs
CHANGED
|
@@ -214,8 +214,9 @@ export function scanProject(projectDir, options = {}) {
|
|
|
214
214
|
|
|
215
215
|
const langResult = scanSourceFile(filePath, content, language);
|
|
216
216
|
for (const algo of langResult.algorithms) {
|
|
217
|
-
|
|
218
|
-
|
|
217
|
+
const sourceAlgoKey = `${algo.algorithm}:${language}`;
|
|
218
|
+
if (!seenSourceAlgos.has(sourceAlgoKey)) {
|
|
219
|
+
seenSourceAlgos.add(sourceAlgoKey);
|
|
219
220
|
const dbEntry = lookupAlgorithm(algo.algorithm);
|
|
220
221
|
results.sourceAlgorithms.push({
|
|
221
222
|
algorithm: algo.algorithm,
|