cryptoserve 0.2.0 → 0.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/lib/client.mjs +3 -3
  2. package/lib/init.mjs +2 -2
  3. package/lib/pqc-engine.mjs +1 -1
  4. package/lib/scanner.mjs +3 -2
  5. package/package.json +1 -1
package/lib/client.mjs CHANGED
@@ -120,12 +120,12 @@ export async function login(serverUrl = DEFAULT_SERVER) {
120
120
  const authUrl = `${server}/auth/cli?redirect=http://localhost:${CALLBACK_PORT}/callback`;
121
121
  console.log(`\nOpen this URL to log in:\n ${authUrl}\n`);
122
122
 
123
- // Try to open browser
124
- const { exec } = import('node:child_process').then(m => {
123
+ // Try to open browser (use spawn with array args to prevent command injection)
124
+ import('node:child_process').then(m => {
125
125
  const cmd = process.platform === 'darwin' ? 'open'
126
126
  : process.platform === 'win32' ? 'start'
127
127
  : 'xdg-open';
128
- m.exec(`${cmd} "${authUrl}"`);
128
+ m.spawn(cmd, [authUrl], { stdio: 'ignore', detached: true }).unref();
129
129
  });
130
130
  });
131
131
 
package/lib/init.mjs CHANGED
@@ -142,13 +142,13 @@ function protectAider(projectDir, result) {
142
142
  }
143
143
 
144
144
  function addInstructions(filePath, result) {
145
- let content = existsSync(filePath) ? readFileSync(filePath, 'utf-8') : '';
145
+ const existed = existsSync(filePath);
146
+ let content = existed ? readFileSync(filePath, 'utf-8') : '';
146
147
  if (content.includes(MARKER)) return;
147
148
 
148
149
  content += buildSecretlessInstructions();
149
150
  writeFileSync(filePath, content);
150
151
 
151
- const existed = existsSync(filePath);
152
152
  if (existed) {
153
153
  result.filesModified.push(filePath);
154
154
  } else {
package/lib/pqc-engine.mjs CHANGED
@@ -531,7 +531,7 @@ function calculateQuantumScore(libraries, classifications) {
531
531
  // Score by individual algorithm classifications, not library count.
532
532
  // A project with 5 symmetric + 1 asymmetric algorithm is mostly ready, not 0%.
533
533
  const safe = classifications.filter(
534
- c => c.category !== 'asymmetric' || c.category === 'pqc'
534
+ c => c.category !== 'asymmetric'
535
535
  ).length;
536
536
  const vulnerable = classifications.filter(
537
537
  c => c.category === 'asymmetric'
package/lib/scanner.mjs CHANGED
@@ -214,8 +214,9 @@ export function scanProject(projectDir, options = {}) {
214
214
 
215
215
  const langResult = scanSourceFile(filePath, content, language);
216
216
  for (const algo of langResult.algorithms) {
217
- if (!seenSourceAlgos.has(algo.algorithm)) {
218
- seenSourceAlgos.add(algo.algorithm);
217
+ const sourceAlgoKey = `${algo.algorithm}:${language}`;
218
+ if (!seenSourceAlgos.has(sourceAlgoKey)) {
219
+ seenSourceAlgos.add(sourceAlgoKey);
219
220
  const dbEntry = lookupAlgorithm(algo.algorithm);
220
221
  results.sourceAlgorithms.push({
221
222
  algorithm: algo.algorithm,
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "cryptoserve",
3
- "version": "0.2.0",
3
+ "version": "0.2.1",
4
4
  "description": "CryptoServe CLI - Cryptographic scanning, PQC analysis, encryption, and local key management",
5
5
  "type": "module",
6
6
  "bin": {