depguard-cli 1.3.1 → 1.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +116 -2
- package/dist/audit.d.ts.map +1 -1
- package/dist/audit.js +14 -6
- package/dist/audit.js.map +1 -1
- package/dist/cli.js +75 -2
- package/dist/cli.js.map +1 -1
- package/dist/guard.d.ts +29 -0
- package/dist/guard.d.ts.map +1 -0
- package/dist/guard.js +233 -0
- package/dist/guard.js.map +1 -0
- package/dist/index.d.ts +3 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/license.d.ts.map +1 -1
- package/dist/license.js +54 -1
- package/dist/license.js.map +1 -1
- package/dist/mcp.js +65 -1
- package/dist/mcp.js.map +1 -1
- package/dist/scorer.d.ts.map +1 -1
- package/dist/scorer.js +55 -14
- package/dist/scorer.js.map +1 -1
- package/dist/semver.d.ts +3 -1
- package/dist/semver.d.ts.map +1 -1
- package/dist/semver.js +24 -5
- package/dist/semver.js.map +1 -1
- package/dist/sweep.d.ts +53 -0
- package/dist/sweep.d.ts.map +1 -0
- package/dist/sweep.js +639 -0
- package/dist/sweep.js.map +1 -0
- package/dist/tokens.d.ts.map +1 -1
- package/dist/tokens.js +31 -0
- package/dist/tokens.js.map +1 -1
- package/dist/types.d.ts +69 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +2 -2
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"guard.js","sourceRoot":"","sources":["../src/guard.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAA;AAC5C,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AAEnC;;;GAGG;AACH,MAAM,gBAAgB,GAAa;IACjC,iBAAiB;IACjB,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IACnD,WAAW;IACX,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ;IACzD,WAAW,EAAE,cAAc,EAAE,aAAa;IAC1C,YAAY;IACZ,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ;IACvE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ;IACnC,OAAO;IACP,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,YAAY,EAAE,SAAS;IACrD,MAAM;IACN,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM;IACpE,cAAc;IACd,SAAS,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO;IACzD,YAAY,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS;IACjE,UAAU;IACV,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY;IAChE,WAAW,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI;IAC9D,uBAAuB;IACvB,QAAQ,EAAE,UAAU,EAAE,WAAW;IACjC,WAAW;IACX,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ;IAClE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,gBAAgB,EAAE,SAAS;IAC1D,aAAa;IACb,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK;IAC1B,kBAAkB;IAClB,UAAU,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM;IAClE,UAAU;IACV,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ;IACrC,iBAAiB;IACjB,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM;IACnE,SAAS,EAAE,KAAK,EAAE,cAAc;IAChC,aAAa;IACb,aAAa,EAAE,eAAe,EAAE,aAAa,EAAE,QAAQ;IACvD,kBAAkB;IAClB,YAAY,EAAE,WAAW,EAAE,IAAI;IAC/B,mBAAmB;IACnB,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM;IACrD,MAAM;IACN,aAAa,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,cAAc;IACxD,UAAU;IACV,SAAS,EAAE,eAAe;IAC1B,OAAO;IACP,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI;IAC/D,QAAQ,EAAE,KAAK;CAChB,CAAA;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,CAAS,EAAE,CAAS;IAC9C,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAA;IAClB,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,CAAA;IAClB,MAAM,EAAE,GAAe,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAC5D,KAAK,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CACzE,CAAA;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5B,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBAC9B,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;gBAClB,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;QAChE,CAAC;IACH,CAAC;IACD,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,mBAAmB,CAAC,IAAY,EAAE,WAAW,GAAG,CAAC;IAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAA;IAChC,gEAAgE;IAChE,IAAI,gBAAgB,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,CAAA;IAE/C,MAAM,OAAO,GAA8C,EAAE,CAAA;IAC7D,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;QACnC,wDAAwD;QACxD,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,GAAG,WAAW;YAAE,SAAQ;QAC/D,MAAM,IAAI,GAAG,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QACpC,IAAI,IAAI,GAAG,CAAC,IAAI,IAAI,IAAI,WAAW,EAAE,CAAC;YACpC,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;QAC7C,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAA;IAC/C,OAAO,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,MAAM,CAC1B,WAAmB,EACnB,UAAyB,EAAE;IAE3B,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,UAAU,CAAC,KAAK,CAAA;IACnD,MAAM,SAAS,GAAG,mBAAmB,CAAC,WAAW,CAAC,CAAA;IAClD,MAAM,iBAAiB,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC,CAAA;IAE9C,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAA;IAEpD,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,OAAO;YACL,OAAO,EAAE,WAAW;YACpB,MAAM,EAAE,KAAK;YACb,iBAAiB;YACjB,SAAS;YACT,WAAW,EAAE,IAAI;YACjB,OAAO,EAAE,IAAI;SACd,CAAA;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,MAAM,EAAE,IAAI;QACZ,iBAAiB;QACjB,SAAS;QACT,WAAW,EAAE,GAAG,CAAC,WAAW,IAAI,IAAI;QACpC,OAAO,EAAE,GAAG,CAAC,WAAW,CAAC,EAAE,MAAM,IAAI,IAAI;KAC1C,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CACzB,WAAmB,EACnB,UAAwB,EAAE;IAE1B,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,EAAE,CAAA;IACzC,MAAM,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,KAAK,CAAA;IACpD,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,IAAI,KAAK,CAAA;IACxC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,IAAI,UAAU,CAAC,KAAK,CAAA;IAEnD,MAAM,OAAO,GAAa,EAAE,CAAA;IAC5B,IAAI,QAAQ,GAA4B,OAAO,CAAA;IAE/C,iDAAiD;IACjD,MAAM,YAAY,GAAG,MAAM,MAAM,CAAC,WAAW,EAAE,EAAE,OAAO,EAAE,CAAC,CAAA;IAE3D,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC,2DAA2D,CAAC,CAAA;QACzE,IAAI,YAAY,CAAC,iBAAiB,EAAE,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC,0BAA0B,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAC7E,CAAC;QACD,OAAO;YACL,OAAO,EAAE,WAAW;YACpB,QAAQ,EAAE,OAAO;YACjB,MAAM,EAAE,KAAK;YACb,iBAAiB,EAAE,YAAY,CAAC,iBAAiB;YACjD,SAAS,EAAE,YAAY,CAAC,SAAS;YACjC,KAAK,EAAE,IAAI;YACX,OAAO;YACP,YAAY,EAAE,IAAI;SACnB,CAAA;IACH,CAAC;IAED,kFAAkF;IAClF,IAAI,YAAY,CAAC,iBAAiB,EAAE,CAAC;QACnC,OAAO,CAAC,IAAI,CAAC,0BAA0B,YAAY,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QAC3E,QAAQ,GAAG,MAAM,CAAA;IACnB,CAAC;IAED,8BAA8B;IAC9B,IAAI,WAAW,GAAkB,IAAI,CAAA;IACrC,IAAI,YAAY,GAAgC,IAAI,CAAA;IAEpD,IAAI,CAAC;QACH,MAAM,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACnD,KAAK,CAAC,WAAW,EAAE,aAAa,EAAE,OAAO,CAAC;YAC1C,KAAK,CAAC,WAAW,EAAE,EAAE,aAAa,EAAE,OAAO,EAAE,CAAC;SAC/C,CAAC,CAAA;QAEF,WAAW,GAAG,WAAW,CAAC,KAAK,CAAA;QAC/B,YAAY,GAAG;YACb,eAAe,EAAE,WAAW,CAAC,eAAe,CAAC,KAAK;YAClD,QAAQ,EAAE,WAAW,CAAC,eAAe,CAAC,QAAQ;YAC9C,IAAI,EAAE,WAAW,CAAC,eAAe,CAAC,IAAI;YACtC,UAAU,EAAE,WAAW,CAAC,UAAU;YAClC,iBAAiB,EAAE,WAAW,CAAC,iBAAiB;YAChD,wBAAwB,EAAE,WAAW,CAAC,cAAc,CAAC,UAAU;YAC/D,OAAO,EAAE,WAAW,CAAC,OAAO;SAC7B,CAAA;QAED,wCAAwC;QACxC,IAAI,WAAW,CAAC,eAAe,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,eAAe,CAAC,QAAQ,2BAA2B,CAAC,CAAA;YAChF,QAAQ,GAAG,MAAM,CAAA;QACnB,CAAC;QACD,IAAI,WAAW,CAAC,eAAe,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YACzC,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,eAAe,CAAC,IAAI,gCAAgC,CAAC,CAAA;YACjF,QAAQ,GAAG,MAAM,CAAA;QACnB,CAAC;QACD,IAAI,WAAW,CAAC,UAAU,EAAE,CAAC;YAC3B,OAAO,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAA;YACrC,QAAQ,GAAG,MAAM,CAAA;QACnB,CAAC;QACD,IAAI,WAAW,CAAC,cAAc,CAAC,UAAU,EAAE,CAAC;YAC1C,OAAO,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAA;YACnD,QAAQ,GAAG,MAAM,CAAA;QACnB,CAAC;QAED,+CAA+C;QAC/C,IAAI,WAAW,GAAG,SAAS,GAAG,EAAE,EAAE,CAAC;YACjC,OAAO,CAAC,IAAI,CAAC,SAAS,WAAW,sCAAsC,SAAS,EAAE,CAAC,CAAA;YACnF,QAAQ,GAAG,OAAO,CAAA;QACpB,CAAC;aAAM,IAAI,WAAW,GAAG,SAAS,EAAE,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC,SAAS,WAAW,2BAA2B,SAAS,EAAE,CAAC,CAAA;YACxE,IAAI,QAAQ,KAAK,OAAO;gBAAE,QAAQ,GAAG,MAAM,CAAA;QAC7C,CAAC;aAAM,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAChC,OAAO,CAAC,IAAI,CAAC,SAAS,WAAW,wBAAwB,CAAC,CAAA;QAC5D,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,CAAC,IAAI,CAAC,oDAAoD,CAAC,CAAA;QAClE,IAAI,QAAQ,KAAK,OAAO;YAAE,QAAQ,GAAG,MAAM,CAAA;IAC7C,CAAC;IAED,mDAAmD;IACnD,IAAI,SAAS,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;QACrC,QAAQ,GAAG,OAAO,CAAA;IACpB,CAAC;IAED,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,QAAQ;QACR,MAAM,EAAE,IAAI;QACZ,iBAAiB,EAAE,YAAY,CAAC,iBAAiB;QACjD,SAAS,EAAE,YAAY,CAAC,SAAS;QACjC,KAAK,EAAE,WAAW;QAClB,OAAO;QACP,YAAY;KACb,CAAA;AACH,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -5,10 +5,12 @@ export { auditBulk, auditProject } from './bulk.js';
|
|
|
5
5
|
export { search } from './search.js';
|
|
6
6
|
export { score } from './scorer.js';
|
|
7
7
|
export { shouldUse } from './advisor.js';
|
|
8
|
+
export { guard, verify, levenshtein } from './guard.js';
|
|
9
|
+
export { sweep, extractImports, collectSourceFiles } from './sweep.js';
|
|
8
10
|
export { checkLicenseCompatibility, knownLicenses } from './license.js';
|
|
9
11
|
export { clearCache, fetchGitHubAdvisories } from './registry.js';
|
|
10
12
|
export { calculateSavings, estimateTokens } from './tokens.js';
|
|
11
|
-
export type { AdvisorOptions, AuditReport, CacheEntry, FetchFn, GitHubAdvisory, LicenseCompatibility, NpmAdvisory, ScriptAnalysis, ScriptRisk, NpmDownloadsResponse, NpmPackageData, NpmSearchResult, NpmVersionData, Recommendation, ScoreResult, ScoreWeights, SearchEntry, SearchOptions, VulnerabilitySummary, } from './types.js';
|
|
13
|
+
export type { AdvisorOptions, AuditReport, CacheEntry, DepUsageReason, FetchFn, GitHubAdvisory, GuardDecision, GuardOptions, GuardResult, LicenseCompatibility, NpmAdvisory, ScriptAnalysis, ScriptRisk, NpmDownloadsResponse, NpmPackageData, NpmSearchResult, NpmVersionData, Recommendation, ScoreResult, ScoreWeights, SearchEntry, SearchOptions, SweepDepResult, SweepOptions, SweepResult, VerifyOptions, VerifyResult, VulnerabilitySummary, } from './types.js';
|
|
12
14
|
export type { TokenSavings } from './tokens.js';
|
|
13
15
|
export type { BulkAuditReport, BulkAuditOptions, ProjectAuditOptions } from './bulk.js';
|
|
14
16
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAA;AAChE,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACvE,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AACjE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9D,YAAY,EACV,cAAc,EACd,WAAW,EACX,UAAU,EACV,OAAO,EACP,cAAc,EACd,oBAAoB,EACpB,WAAW,EACX,cAAc,EACd,UAAU,EACV,oBAAoB,EACpB,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,WAAW,EACX,YAAY,EACZ,WAAW,EACX,aAAa,EACb,oBAAoB,GACrB,MAAM,YAAY,CAAA;AACnB,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAC/C,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAA;AAChE,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AACvD,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AACtE,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACvE,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AACjE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA;AAC9D,YAAY,EACV,cAAc,EACd,WAAW,EACX,UAAU,EACV,cAAc,EACd,OAAO,EACP,cAAc,EACd,aAAa,EACb,YAAY,EACZ,WAAW,EACX,oBAAoB,EACpB,WAAW,EACX,cAAc,EACd,UAAU,EACV,oBAAoB,EACpB,cAAc,EACd,eAAe,EACf,cAAc,EACd,cAAc,EACd,WAAW,EACX,YAAY,EACZ,WAAW,EACX,aAAa,EACb,cAAc,EACd,YAAY,EACZ,WAAW,EACX,aAAa,EACb,YAAY,EACZ,oBAAoB,GACrB,MAAM,YAAY,CAAA;AACnB,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAA;AAC/C,YAAY,EAAE,eAAe,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,MAAM,WAAW,CAAA"}
|
package/dist/index.js
CHANGED
|
@@ -5,6 +5,8 @@ export { auditBulk, auditProject } from './bulk.js';
|
|
|
5
5
|
export { search } from './search.js';
|
|
6
6
|
export { score } from './scorer.js';
|
|
7
7
|
export { shouldUse } from './advisor.js';
|
|
8
|
+
export { guard, verify, levenshtein } from './guard.js';
|
|
9
|
+
export { sweep, extractImports, collectSourceFiles } from './sweep.js';
|
|
8
10
|
export { checkLicenseCompatibility, knownLicenses } from './license.js';
|
|
9
11
|
export { clearCache, fetchGitHubAdvisories } from './registry.js';
|
|
10
12
|
export { calculateSavings, estimateTokens } from './tokens.js';
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAA;AAChE,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACvE,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AACjE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAA;AACrD,OAAO,EAAE,qBAAqB,EAAE,MAAM,0BAA0B,CAAA;AAChE,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,YAAY,CAAA;AACvD,OAAO,EAAE,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAA;AACtE,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAA;AACvE,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAA;AACjE,OAAO,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,aAAa,CAAA"}
|
package/dist/license.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"license.d.ts","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAA;AA2FtD;;;;;GAKG;AACH,wBAAgB,yBAAyB,CACvC,UAAU,EAAE,MAAM,GAAG,IAAI,GAAG,SAAS,EACrC,aAAa,EAAE,MAAM,GACpB,oBAAoB,CAwGtB;AAED,wCAAwC;AACxC,wBAAgB,aAAa,IAAI,MAAM,EAAE,CAExC"}
|
package/dist/license.js
CHANGED
|
@@ -7,6 +7,7 @@ const LICENSE_CATEGORIES = {
|
|
|
7
7
|
'Unlicense': 0,
|
|
8
8
|
'CC0-1.0': 0,
|
|
9
9
|
'0BSD': 0,
|
|
10
|
+
'WTFPL': 0,
|
|
10
11
|
// Permissive
|
|
11
12
|
'MIT': 1,
|
|
12
13
|
'ISC': 1,
|
|
@@ -14,6 +15,9 @@ const LICENSE_CATEGORIES = {
|
|
|
14
15
|
'BSD-3-Clause': 1,
|
|
15
16
|
'Apache-2.0': 1,
|
|
16
17
|
'Zlib': 1,
|
|
18
|
+
'BSL-1.0': 1, // Boost Software License
|
|
19
|
+
'PSF-2.0': 1, // Python Software Foundation
|
|
20
|
+
'CC-BY-4.0': 1, // Creative Commons Attribution
|
|
17
21
|
// Weak copyleft
|
|
18
22
|
'LGPL-2.1': 2,
|
|
19
23
|
'LGPL-2.1-only': 2,
|
|
@@ -23,6 +27,8 @@ const LICENSE_CATEGORIES = {
|
|
|
23
27
|
'LGPL-3.0-or-later': 2,
|
|
24
28
|
'MPL-2.0': 2,
|
|
25
29
|
'EPL-2.0': 2,
|
|
30
|
+
'CC-BY-SA-4.0': 2, // Creative Commons ShareAlike
|
|
31
|
+
'OSL-3.0': 2, // Open Software License
|
|
26
32
|
// Strong copyleft
|
|
27
33
|
'GPL-2.0': 3,
|
|
28
34
|
'GPL-2.0-only': 3,
|
|
@@ -34,6 +40,11 @@ const LICENSE_CATEGORIES = {
|
|
|
34
40
|
'AGPL-3.0': 4,
|
|
35
41
|
'AGPL-3.0-only': 4,
|
|
36
42
|
'AGPL-3.0-or-later': 4,
|
|
43
|
+
// Source-available / restrictive (not open source — incompatible with most projects)
|
|
44
|
+
'SSPL-1.0': 5, // Server Side Public License (MongoDB)
|
|
45
|
+
'Elastic-2.0': 5, // Elastic License
|
|
46
|
+
'BUSL-1.1': 5, // Business Source License (HashiCorp)
|
|
47
|
+
'Commons-Clause': 5, // Commons Clause (restricts commercial use)
|
|
37
48
|
};
|
|
38
49
|
/** Normalize common license strings to SPDX identifiers */
|
|
39
50
|
function normalizeLicense(raw) {
|
|
@@ -82,8 +93,50 @@ export function checkLicenseCompatibility(depLicense, targetLicense) {
|
|
|
82
93
|
reason: 'No license specified — cannot determine compatibility',
|
|
83
94
|
};
|
|
84
95
|
}
|
|
85
|
-
const normalizedDep = normalizeLicense(depLicense);
|
|
86
96
|
const normalizedTarget = normalizeLicense(targetLicense);
|
|
97
|
+
// Handle dual/compound licenses: "MIT OR GPL-3.0", "(MIT OR Apache-2.0)"
|
|
98
|
+
const cleanLicense = depLicense.replace(/[()]/g, '').trim();
|
|
99
|
+
if (cleanLicense.includes(' OR ')) {
|
|
100
|
+
const options = cleanLicense.split(/\s+OR\s+/i);
|
|
101
|
+
// With OR, the package offers a choice — compatible if ANY option is compatible
|
|
102
|
+
for (const option of options) {
|
|
103
|
+
const result = checkLicenseCompatibility(option.trim(), targetLicense);
|
|
104
|
+
if (result.compatible) {
|
|
105
|
+
return {
|
|
106
|
+
...result,
|
|
107
|
+
license: cleanLicense,
|
|
108
|
+
reason: `"${option.trim()}" (from "${cleanLicense}") is compatible with "${normalizedTarget}"`,
|
|
109
|
+
};
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
return {
|
|
113
|
+
compatible: false,
|
|
114
|
+
license: cleanLicense,
|
|
115
|
+
targetLicense: normalizedTarget,
|
|
116
|
+
reason: `None of the license options in "${cleanLicense}" are compatible with "${normalizedTarget}"`,
|
|
117
|
+
};
|
|
118
|
+
}
|
|
119
|
+
if (cleanLicense.includes(' AND ')) {
|
|
120
|
+
const parts = cleanLicense.split(/\s+AND\s+/i);
|
|
121
|
+
// With AND, ALL licenses must be compatible
|
|
122
|
+
for (const part of parts) {
|
|
123
|
+
const result = checkLicenseCompatibility(part.trim(), targetLicense);
|
|
124
|
+
if (!result.compatible) {
|
|
125
|
+
return {
|
|
126
|
+
...result,
|
|
127
|
+
license: cleanLicense,
|
|
128
|
+
reason: `"${part.trim()}" (from "${cleanLicense}") is not compatible with "${normalizedTarget}"`,
|
|
129
|
+
};
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
return {
|
|
133
|
+
compatible: true,
|
|
134
|
+
license: cleanLicense,
|
|
135
|
+
targetLicense: normalizedTarget,
|
|
136
|
+
reason: `All licenses in "${cleanLicense}" are compatible with "${normalizedTarget}"`,
|
|
137
|
+
};
|
|
138
|
+
}
|
|
139
|
+
const normalizedDep = normalizeLicense(depLicense);
|
|
87
140
|
if (normalizedDep === 'UNLICENSED') {
|
|
88
141
|
return {
|
|
89
142
|
compatible: false,
|
package/dist/license.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"license.js","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,kBAAkB,GAA2B;IACjD,mCAAmC;IACnC,WAAW,EAAE,CAAC;IACd,SAAS,EAAE,CAAC;IACZ,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"license.js","sourceRoot":"","sources":["../src/license.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,MAAM,kBAAkB,GAA2B;IACjD,mCAAmC;IACnC,WAAW,EAAE,CAAC;IACd,SAAS,EAAE,CAAC;IACZ,MAAM,EAAE,CAAC;IACT,OAAO,EAAE,CAAC;IAEV,aAAa;IACb,KAAK,EAAE,CAAC;IACR,KAAK,EAAE,CAAC;IACR,cAAc,EAAE,CAAC;IACjB,cAAc,EAAE,CAAC;IACjB,YAAY,EAAE,CAAC;IACf,MAAM,EAAE,CAAC;IACT,SAAS,EAAE,CAAC,EAAI,yBAAyB;IACzC,SAAS,EAAE,CAAC,EAAI,6BAA6B;IAC7C,WAAW,EAAE,CAAC,EAAE,+BAA+B;IAE/C,gBAAgB;IAChB,UAAU,EAAE,CAAC;IACb,eAAe,EAAE,CAAC;IAClB,mBAAmB,EAAE,CAAC;IACtB,UAAU,EAAE,CAAC;IACb,eAAe,EAAE,CAAC;IAClB,mBAAmB,EAAE,CAAC;IACtB,SAAS,EAAE,CAAC;IACZ,SAAS,EAAE,CAAC;IACZ,cAAc,EAAE,CAAC,EAAE,8BAA8B;IACjD,SAAS,EAAE,CAAC,EAAO,wBAAwB;IAE3C,kBAAkB;IAClB,SAAS,EAAE,CAAC;IACZ,cAAc,EAAE,CAAC;IACjB,kBAAkB,EAAE,CAAC;IACrB,SAAS,EAAE,CAAC;IACZ,cAAc,EAAE,CAAC;IACjB,kBAAkB,EAAE,CAAC;IAErB,mBAAmB;IACnB,UAAU,EAAE,CAAC;IACb,eAAe,EAAE,CAAC;IAClB,mBAAmB,EAAE,CAAC;IAEtB,qFAAqF;IACrF,UAAU,EAAE,CAAC,EAAU,uCAAuC;IAC9D,aAAa,EAAE,CAAC,EAAO,kBAAkB;IACzC,UAAU,EAAE,CAAC,EAAU,sCAAsC;IAC7D,gBAAgB,EAAE,CAAC,EAAI,4CAA4C;CACpE,CAAA;AAED,2DAA2D;AAC3D,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAA;IAE1B,MAAM,OAAO,GAA2B;QACtC,KAAK,EAAE,KAAK;QACZ,KAAK,EAAE,KAAK;QACZ,KAAK,EAAE,cAAc;QACrB,OAAO,EAAE,cAAc;QACvB,OAAO,EAAE,cAAc;QACvB,YAAY,EAAE,YAAY;QAC1B,SAAS,EAAE,YAAY;QACvB,UAAU,EAAE,YAAY;QACxB,OAAO,EAAE,SAAS;QAClB,OAAO,EAAE,SAAS;QAClB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,WAAW,EAAE,WAAW;QACxB,YAAY,EAAE,YAAY;KAC3B,CAAA;IAED,mDAAmD;IACnD,IAAI,OAAO,IAAI,kBAAkB;QAAE,OAAO,OAAO,CAAA;IAEjD,mCAAmC;IACnC,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAA;IACnC,KAAK,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,IAAI,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK;YAAE,OAAO,IAAI,CAAA;IAChD,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,yBAAyB,CACvC,UAAqC,EACrC,aAAqB;IAErB,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,IAAI;YACb,aAAa;YACb,MAAM,EAAE,uDAAuD;SAChE,CAAA;IACH,CAAC;IAED,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,aAAa,CAAC,CAAA;IAExD,yEAAyE;IACzE,MAAM,YAAY,GAAG,UAAU,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAA;IAC3D,IAAI,YAAY,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAClC,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QAC/C,gFAAgF;QAChF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAG,yBAAyB,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,aAAa,CAAC,CAAA;YACtE,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;gBACtB,OAAO;oBACL,GAAG,MAAM;oBACT,OAAO,EAAE,YAAY;oBACrB,MAAM,EAAE,IAAI,MAAM,CAAC,IAAI,EAAE,YAAY,YAAY,0BAA0B,gBAAgB,GAAG;iBAC/F,CAAA;YACH,CAAC;QACH,CAAC;QACD,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,YAAY;YACrB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,mCAAmC,YAAY,0BAA0B,gBAAgB,GAAG;SACrG,CAAA;IACH,CAAC;IAED,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,YAAY,CAAC,CAAA;QAC9C,4CAA4C;QAC5C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,yBAAyB,CAAC,IAAI,CAAC,IAAI,EAAE,EAAE,aAAa,CAAC,CAAA;YACpE,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBACvB,OAAO;oBACL,GAAG,MAAM;oBACT,OAAO,EAAE,YAAY;oBACrB,MAAM,EAAE,IAAI,IAAI,CAAC,IAAI,EAAE,YAAY,YAAY,8BAA8B,gBAAgB,GAAG;iBACjG,CAAA;YACH,CAAC;QACH,CAAC;QACD,OAAO;YACL,UAAU,EAAE,IAAI;YAChB,OAAO,EAAE,YAAY;YACrB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,oBAAoB,YAAY,0BAA0B,gBAAgB,GAAG;SACtF,CAAA;IACH,CAAC;IAED,MAAM,aAAa,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAA;IAElD,IAAI,aAAa,KAAK,YAAY,EAAE,CAAC;QACnC,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,kDAAkD;SAC3D,CAAA;IACH,CAAC;IAED,MAAM,WAAW,GAAG,kBAAkB,CAAC,aAAa,CAAC,CAAA;IACrD,MAAM,cAAc,GAAG,kBAAkB,CAAC,gBAAgB,CAAC,CAAA;IAE3D,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,oBAAoB,aAAa,4BAA4B;SACtE,CAAA;IACH,CAAC;IAED,IAAI,cAAc,KAAK,SAAS,EAAE,CAAC;QACjC,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,2BAA2B,gBAAgB,4BAA4B;SAChF,CAAA;IACH,CAAC;IAED,0EAA0E;IAC1E,IAAI,WAAW,IAAI,cAAc,EAAE,CAAC;QAClC,OAAO;YACL,UAAU,EAAE,IAAI;YAChB,OAAO,EAAE,aAAa;YACtB,aAAa,EAAE,gBAAgB;YAC/B,MAAM,EAAE,IAAI,aAAa,yBAAyB,gBAAgB,GAAG;SACtE,CAAA;IACH,CAAC;IAED,OAAO;QACL,UAAU,EAAE,KAAK;QACjB,OAAO,EAAE,aAAa;QACtB,aAAa,EAAE,gBAAgB;QAC/B,MAAM,EAAE,IAAI,aAAa,+BAA+B,gBAAgB,GAAG;KAC5E,CAAA;AACH,CAAC;AAED,wCAAwC;AACxC,MAAM,UAAU,aAAa;IAC3B,OAAO,MAAM,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAA;AACxC,CAAC"}
|
package/dist/mcp.js
CHANGED
|
@@ -13,10 +13,12 @@ import { auditBulk, auditProject } from './bulk.js';
|
|
|
13
13
|
import { search } from './search.js';
|
|
14
14
|
import { score } from './scorer.js';
|
|
15
15
|
import { shouldUse } from './advisor.js';
|
|
16
|
+
import { guard, verify } from './guard.js';
|
|
17
|
+
import { sweep } from './sweep.js';
|
|
16
18
|
import { calculateSavings } from './tokens.js';
|
|
17
19
|
const SERVER_INFO = {
|
|
18
20
|
name: 'depguard',
|
|
19
|
-
version: '1.
|
|
21
|
+
version: '1.4.0',
|
|
20
22
|
};
|
|
21
23
|
const TOOLS = [
|
|
22
24
|
{
|
|
@@ -100,6 +102,42 @@ const TOOLS = [
|
|
|
100
102
|
required: ['intent'],
|
|
101
103
|
},
|
|
102
104
|
},
|
|
105
|
+
{
|
|
106
|
+
name: 'depguard_guard',
|
|
107
|
+
description: 'Pre-install guardian: verify a package exists on npm, check for AI hallucination and typosquatting, run quick security audit, and return allow/warn/block decision. Use this BEFORE installing any package.',
|
|
108
|
+
inputSchema: {
|
|
109
|
+
type: 'object',
|
|
110
|
+
properties: {
|
|
111
|
+
name: { type: 'string', description: 'npm package name to check before installing' },
|
|
112
|
+
threshold: { type: 'number', description: 'Score threshold for allow decision (default: 60)' },
|
|
113
|
+
targetLicense: { type: 'string', description: 'Project license for compatibility check (default: MIT)' },
|
|
114
|
+
},
|
|
115
|
+
required: ['name'],
|
|
116
|
+
},
|
|
117
|
+
},
|
|
118
|
+
{
|
|
119
|
+
name: 'depguard_verify',
|
|
120
|
+
description: 'AI hallucination guard: verify if an npm package name actually exists on the registry. Also checks for possible typosquatting against 100+ popular packages using Levenshtein distance.',
|
|
121
|
+
inputSchema: {
|
|
122
|
+
type: 'object',
|
|
123
|
+
properties: {
|
|
124
|
+
name: { type: 'string', description: 'npm package name to verify' },
|
|
125
|
+
},
|
|
126
|
+
required: ['name'],
|
|
127
|
+
},
|
|
128
|
+
},
|
|
129
|
+
{
|
|
130
|
+
name: 'depguard_sweep',
|
|
131
|
+
description: 'Dead dependency detection: scan a project for npm packages in package.json that are not actually imported or used in source code. Reports unused deps with estimated size savings.',
|
|
132
|
+
inputSchema: {
|
|
133
|
+
type: 'object',
|
|
134
|
+
properties: {
|
|
135
|
+
path: { type: 'string', description: 'Absolute path to project root (must contain package.json)' },
|
|
136
|
+
includeDevDependencies: { type: 'boolean', description: 'Include devDependencies in scan (default: false)' },
|
|
137
|
+
},
|
|
138
|
+
required: ['path'],
|
|
139
|
+
},
|
|
140
|
+
},
|
|
103
141
|
];
|
|
104
142
|
function success(id, result) {
|
|
105
143
|
return { jsonrpc: '2.0', id, result };
|
|
@@ -197,6 +235,32 @@ async function handleRequest(req) {
|
|
|
197
235
|
});
|
|
198
236
|
return success(req.id, toolResult('depguard_should_use', result, limit));
|
|
199
237
|
}
|
|
238
|
+
case 'depguard_guard': {
|
|
239
|
+
const name = args.name;
|
|
240
|
+
if (!name)
|
|
241
|
+
return error(req.id, -32602, 'name is required');
|
|
242
|
+
const result = await guard(name, {
|
|
243
|
+
threshold: args.threshold ?? 60,
|
|
244
|
+
targetLicense: args.targetLicense ?? 'MIT',
|
|
245
|
+
});
|
|
246
|
+
return success(req.id, toolResult('depguard_guard', result));
|
|
247
|
+
}
|
|
248
|
+
case 'depguard_verify': {
|
|
249
|
+
const name = args.name;
|
|
250
|
+
if (!name)
|
|
251
|
+
return error(req.id, -32602, 'name is required');
|
|
252
|
+
const result = await verify(name);
|
|
253
|
+
return success(req.id, toolResult('depguard_verify', result));
|
|
254
|
+
}
|
|
255
|
+
case 'depguard_sweep': {
|
|
256
|
+
const filePath = args.path;
|
|
257
|
+
if (!filePath)
|
|
258
|
+
return error(req.id, -32602, 'path is required');
|
|
259
|
+
const result = await sweep(filePath, {
|
|
260
|
+
includeDevDependencies: args.includeDevDependencies ?? false,
|
|
261
|
+
});
|
|
262
|
+
return success(req.id, toolResult('depguard_sweep', result));
|
|
263
|
+
}
|
|
200
264
|
default:
|
|
201
265
|
return error(req.id, -32601, `Unknown tool: ${params.name}`);
|
|
202
266
|
}
|
package/dist/mcp.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"mcp.js","sourceRoot":"","sources":["../src/mcp.ts"],"names":[],"mappings":";AAEA;;;;;;;GAOG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAE9C,MAAM,WAAW,GAAG;IAClB,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,CAAA;AAED,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gIAAgI;QAC7I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBACzD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qEAAqE;QAClF,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE;gBAC5D,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;gBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;aACrF;YACD,QAAQ,EAAE,CAAC,UAAU,CAAC;SACvB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,iGAAiG;QAC9G,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBACzD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,0LAA0L;QACvM,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,WAAW,EAAE,oHAAoH;oBACjI,KAAK,EAAE;wBACL,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;wBAC5C,EAAE,IAAI,EAAE,QAAQ,EAAE;qBACnB;iBACF;gBACD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,UAAU,CAAC;SACvB;KACF;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,6HAA6H;QAC1I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,oCAAoC,EAAE;gBAC3E,sBAAsB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,mDAAmD,EAAE;gBAC7G,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sFAAsF,EAAE;aACvI;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,+HAA+H;QAC5I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qEAAqE,EAAE;gBAC9G,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0DAA0D,EAAE;gBACtG,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;KACF;CACF,CAAA;AAgBD,SAAS,OAAO,CAAC,EAAmB,EAAE,MAAe;IACnD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAA;AACvC,CAAC;AAED,SAAS,KAAK,CAAC,EAA0B,EAAE,IAAY,EAAE,OAAe;IACtE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,CAAA;AACzD,CAAC;AAED,SAAS,UAAU,CAAC,QAAgB,EAAE,OAAgB,EAAE,QAAiB;IACvE,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IACrD,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,QAAQ,GAAG,EAAE,GAAI,OAAmC,EAAE,YAAY,EAAE,OAAO,EAAE,CAAA;IACnF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACrE,CAAA;AACH,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,GAAmB;IAC9C,QAAQ,GAAG,CAAC,MAAM,EAAE,CAAC;QACnB,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;gBACrB,eAAe,EAAE,YAAY;gBAC7B,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;gBAC3B,UAAU,EAAE,WAAW;aACxB,CAAC,CAAA;QAEJ,KAAK,2BAA2B;YAC9B,iEAAiE;YACjE,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAE5B,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;QAE1C,KAAK,YAAY,CAAC,CAAC,CAAC;YAClB,MAAM,MAAM,GAAG,GAAG,CAAC,MAA2E,CAAA;YAC9F,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;gBAClB,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAA;YACnD,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,CAAA;YAEnC,IAAI,CAAC;gBACH,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;oBACpB,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,MAAM,GAAG,MAAM,KAAK,CACxB,IAAI,CAAC,IAAc,EAClB,IAAI,CAAC,aAAwB,IAAI,KAAK,CACxC,CAAA;wBACD,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,iBAAiB,CAAC,CAAC,CAAC;wBACvB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,QAAkB,EAAE;4BACnD,KAAK,EAAG,IAAI,CAAC,KAAgB,IAAI,EAAE;4BACnC,QAAQ,EAAG,IAAI,CAAC,QAAmB,IAAI,CAAC;yBACzC,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC/D,CAAC;oBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAc,EAAE;4BAC9C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,qBAAqB,CAAC,CAAC,CAAC;wBAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAA;wBACzB,2DAA2D;wBAC3D,MAAM,YAAY,GAAa,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;4BAC/C,CAAC,CAAC,GAAe;4BACjB,CAAC,CAAC,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI;gCACvC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC;gCAC7C,CAAC,CAAC,EAAE,CAAA;wBAER,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC9B,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,2DAA2D,CAAC,CAAA;wBAC3F,CAAC;wBAED,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,YAAY,EAAE;4BAC3C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAA;oBACxF,CAAC;oBAED,KAAK,wBAAwB,CAAC,CAAC,CAAC;wBAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAc,CAAA;wBACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;4BACd,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAA;wBAClD,CAAC;wBACD,IAAI,CAAC;4BACH,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,EAAE;gCAC1C,sBAAsB,EAAG,IAAI,CAAC,sBAAkC,IAAI,KAAK;gCACzE,aAAa,EAAE,IAAI,CAAC,aAAmC;6BACxD,CAAC,CAAA;4BACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;wBACjF,CAAC;wBAAC,OAAO,GAAG,EAAE,CAAC;4BACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,6BAA6B,CAAA;4BAC9E,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;gCACrB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,EAAE,EAAE,CAAC;gCAClD,OAAO,EAAE,IAAI;6BACd,CAAC,CAAA;wBACJ,CAAC;oBACH,CAAC;oBAED,KAAK,qBAAqB,CAAC,CAAC,CAAC;wBAC3B,MAAM,KAAK,GAAI,IAAI,CAAC,KAAgB,IAAI,CAAC,CAAA;wBACzC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,MAAgB,EAAE;4BACpD,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,EAAE;4BAC3C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAA;oBAC1E,CAAC;oBAED;wBACE,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,iBAAiB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAA;gBAChE,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;oBACrB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,OAAO,EAAE,EAAE,CAAC;oBACtD,OAAO,EAAE,IAAI;iBACd,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED;YACE,mEAAmE;YACnE,IAAI,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC5C,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;YAC5B,CAAC;YACD,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,qBAAqB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;IACnE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,0CAA0C;IAC1C,gBAAgB,EAAE,CAAA;IAElB,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAA;IAEzD,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAA;IAEpD,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAC3B,IAAI,CAAC,OAAO;YAAE,SAAQ;QAEtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAA;YAEjD,mDAAmD;YACnD,IAAI,GAAG,CAAC,EAAE,KAAK,SAAS,IAAI,GAAG,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC5C,qEAAqE;gBACrE,MAAM,aAAa,CAAC,EAAE,GAAG,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAA;gBACtC,SAAQ;YACV,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;YACzC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAA;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAA;YACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;IACjB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,OAAO,IAAI,CAAC,CAAA;IAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAA"}
|
|
1
|
+
{"version":3,"file":"mcp.js","sourceRoot":"","sources":["../src/mcp.ts"],"names":[],"mappings":";AAEA;;;;;;;GAOG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAA;AAClD,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,WAAW,CAAA;AACnD,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EAAE,KAAK,EAAE,MAAM,aAAa,CAAA;AACnC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAA;AACxC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,YAAY,CAAA;AAC1C,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAClC,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAA;AAE9C,MAAM,WAAW,GAAG;IAClB,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,CAAA;AAED,MAAM,KAAK,GAAG;IACZ;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gIAAgI;QAC7I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBACzD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qEAAqE;QAClF,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE;gBAC5D,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE;gBACnE,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,yCAAyC,EAAE;aACrF;YACD,QAAQ,EAAE,CAAC,UAAU,CAAC;SACvB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,iGAAiG;QAC9G,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE;gBACzD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,0LAA0L;QACvM,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,WAAW,EAAE,oHAAoH;oBACjI,KAAK,EAAE;wBACL,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;wBAC5C,EAAE,IAAI,EAAE,QAAQ,EAAE;qBACnB;iBACF;gBACD,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,UAAU,CAAC;SACvB;KACF;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,6HAA6H;QAC1I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,oCAAoC,EAAE;gBAC3E,sBAAsB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,mDAAmD,EAAE;gBAC7G,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,sFAAsF,EAAE;aACvI;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,+HAA+H;QAC5I,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,qEAAqE,EAAE;gBAC9G,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,0DAA0D,EAAE;gBACtG,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,QAAQ,CAAC;SACrB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,6MAA6M;QAC1N,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,6CAA6C,EAAE;gBACpF,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,kDAAkD,EAAE;gBAC9F,aAAa,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,wDAAwD,EAAE;aACzG;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,yLAAyL;QACtM,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE;aACpE;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,oLAAoL;QACjM,WAAW,EAAE;YACX,IAAI,EAAE,QAAiB;YACvB,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE;gBAClG,sBAAsB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,WAAW,EAAE,kDAAkD,EAAE;aAC7G;YACD,QAAQ,EAAE,CAAC,MAAM,CAAC;SACnB;KACF;CACF,CAAA;AAgBD,SAAS,OAAO,CAAC,EAAmB,EAAE,MAAe;IACnD,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,CAAA;AACvC,CAAC;AAED,SAAS,KAAK,CAAC,EAA0B,EAAE,IAAY,EAAE,OAAe;IACtE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,CAAA;AACzD,CAAC;AAED,SAAS,UAAU,CAAC,QAAgB,EAAE,OAAgB,EAAE,QAAiB;IACvE,MAAM,YAAY,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IACrD,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAA;IAClE,MAAM,QAAQ,GAAG,EAAE,GAAI,OAAmC,EAAE,YAAY,EAAE,OAAO,EAAE,CAAA;IACnF,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,CAAC;KACrE,CAAA;AACH,CAAC;AAED,KAAK,UAAU,aAAa,CAAC,GAAmB;IAC9C,QAAQ,GAAG,CAAC,MAAM,EAAE,CAAC;QACnB,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;gBACrB,eAAe,EAAE,YAAY;gBAC7B,YAAY,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;gBAC3B,UAAU,EAAE,WAAW;aACxB,CAAC,CAAA;QAEJ,KAAK,2BAA2B;YAC9B,iEAAiE;YACjE,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;QAE5B,KAAK,YAAY;YACf,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAA;QAE1C,KAAK,YAAY,CAAC,CAAC,CAAC;YAClB,MAAM,MAAM,GAAG,GAAG,CAAC,MAA2E,CAAA;YAC9F,IAAI,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC;gBAClB,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,mBAAmB,CAAC,CAAA;YACnD,CAAC;YAED,MAAM,IAAI,GAAG,MAAM,CAAC,SAAS,IAAI,EAAE,CAAA;YAEnC,IAAI,CAAC;gBACH,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;oBACpB,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,MAAM,GAAG,MAAM,KAAK,CACxB,IAAI,CAAC,IAAc,EAClB,IAAI,CAAC,aAAwB,IAAI,KAAK,CACxC,CAAA;wBACD,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,iBAAiB,CAAC,CAAC,CAAC;wBACvB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,QAAkB,EAAE;4BACnD,KAAK,EAAG,IAAI,CAAC,KAAgB,IAAI,EAAE;4BACnC,QAAQ,EAAG,IAAI,CAAC,QAAmB,IAAI,CAAC;yBACzC,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC/D,CAAC;oBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,IAAc,EAAE;4BAC9C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,qBAAqB,CAAC,CAAC,CAAC;wBAC3B,MAAM,GAAG,GAAG,IAAI,CAAC,QAAQ,CAAA;wBACzB,2DAA2D;wBAC3D,MAAM,YAAY,GAAa,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;4BAC/C,CAAC,CAAC,GAAe;4BACjB,CAAC,CAAC,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI;gCACvC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,GAA8B,CAAC;gCAC7C,CAAC,CAAC,EAAE,CAAA;wBAER,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;4BAC9B,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,2DAA2D,CAAC,CAAA;wBAC3F,CAAC;wBAED,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,YAAY,EAAE;4BAC3C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC,CAAA;oBACxF,CAAC;oBAED,KAAK,wBAAwB,CAAC,CAAC,CAAC;wBAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAc,CAAA;wBACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;4BACd,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAA;wBAClD,CAAC;wBACD,IAAI,CAAC;4BACH,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,QAAQ,EAAE;gCAC1C,sBAAsB,EAAG,IAAI,CAAC,sBAAkC,IAAI,KAAK;gCACzE,aAAa,EAAE,IAAI,CAAC,aAAmC;6BACxD,CAAC,CAAA;4BACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;wBACjF,CAAC;wBAAC,OAAO,GAAG,EAAE,CAAC;4BACb,MAAM,GAAG,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,6BAA6B,CAAA;4BAC9E,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;gCACrB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,GAAG,EAAE,EAAE,CAAC;gCAClD,OAAO,EAAE,IAAI;6BACd,CAAC,CAAA;wBACJ,CAAC;oBACH,CAAC;oBAED,KAAK,qBAAqB,CAAC,CAAC,CAAC;wBAC3B,MAAM,KAAK,GAAI,IAAI,CAAC,KAAgB,IAAI,CAAC,CAAA;wBACzC,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,MAAgB,EAAE;4BACpD,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,EAAE;4BAC3C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,qBAAqB,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC,CAAA;oBAC1E,CAAC;oBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAc,CAAA;wBAChC,IAAI,CAAC,IAAI;4BAAE,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAA;wBAC3D,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE;4BAC/B,SAAS,EAAG,IAAI,CAAC,SAAoB,IAAI,EAAE;4BAC3C,aAAa,EAAG,IAAI,CAAC,aAAwB,IAAI,KAAK;yBACvD,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED,KAAK,iBAAiB,CAAC,CAAC,CAAC;wBACvB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAc,CAAA;wBAChC,IAAI,CAAC,IAAI;4BAAE,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAA;wBAC3D,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAA;wBACjC,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC/D,CAAC;oBAED,KAAK,gBAAgB,CAAC,CAAC,CAAC;wBACtB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAc,CAAA;wBACpC,IAAI,CAAC,QAAQ;4BAAE,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,kBAAkB,CAAC,CAAA;wBAC/D,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;4BACnC,sBAAsB,EAAG,IAAI,CAAC,sBAAkC,IAAI,KAAK;yBAC1E,CAAC,CAAA;wBACF,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,UAAU,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC,CAAA;oBAC9D,CAAC;oBAED;wBACE,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,iBAAiB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAA;gBAChE,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAA;gBACpE,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE;oBACrB,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,UAAU,OAAO,EAAE,EAAE,CAAC;oBACtD,OAAO,EAAE,IAAI;iBACd,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED;YACE,mEAAmE;YACnE,IAAI,GAAG,CAAC,MAAM,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBAC5C,OAAO,OAAO,CAAC,GAAG,CAAC,EAAE,EAAE,EAAE,CAAC,CAAA;YAC5B,CAAC;YACD,OAAO,KAAK,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,KAAK,EAAE,qBAAqB,GAAG,CAAC,MAAM,EAAE,CAAC,CAAA;IACnE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,0CAA0C;IAC1C,gBAAgB,EAAE,CAAA;IAElB,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAA;IAEzD,MAAM,EAAE,GAAG,eAAe,CAAC,EAAE,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,CAAC,CAAA;IAEpD,IAAI,KAAK,EAAE,MAAM,IAAI,IAAI,EAAE,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAA;QAC3B,IAAI,CAAC,OAAO;YAAE,SAAQ;QAEtB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAmB,CAAA;YAEjD,mDAAmD;YACnD,IAAI,GAAG,CAAC,EAAE,KAAK,SAAS,IAAI,GAAG,CAAC,EAAE,KAAK,IAAI,EAAE,CAAC;gBAC5C,qEAAqE;gBACrE,MAAM,aAAa,CAAC,EAAE,GAAG,GAAG,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,CAAA;gBACtC,SAAQ;YACV,CAAC;YAED,MAAM,QAAQ,GAAG,MAAM,aAAa,CAAC,GAAG,CAAC,CAAA;YACzC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,CAAA;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,KAAK,EAAE,aAAa,CAAC,CAAA;YACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAA;QAC1D,CAAC;IACH,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE;IACjB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,qBAAqB,GAAG,CAAC,OAAO,IAAI,CAAC,CAAA;IAC1D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;AACjB,CAAC,CAAC,CAAA"}
|
package/dist/scorer.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scorer.d.ts","sourceRoot":"","sources":["../src/scorer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAe,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAWjF;;;GAGG;AACH,wBAAsB,KAAK,CACzB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE;IACP,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IAC/B,OAAO,CAAC,EAAE,OAAO,CAAA;CACb,GACL,OAAO,CAAC,WAAW,CAAC,
|
|
1
|
+
{"version":3,"file":"scorer.d.ts","sourceRoot":"","sources":["../src/scorer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAe,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,YAAY,CAAA;AAWjF;;;GAGG;AACH,wBAAsB,KAAK,CACzB,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE;IACP,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAA;IAC/B,OAAO,CAAC,EAAE,OAAO,CAAA;CACb,GACL,OAAO,CAAC,WAAW,CAAC,CAwCtB"}
|
package/dist/scorer.js
CHANGED
|
@@ -23,11 +23,17 @@ export async function score(name, options = {}) {
|
|
|
23
23
|
};
|
|
24
24
|
const totalWeight = weights.security + weights.maintenance + weights.popularity +
|
|
25
25
|
weights.license + weights.dependencies;
|
|
26
|
-
|
|
26
|
+
let total = Math.round((breakdown.security * weights.security +
|
|
27
27
|
breakdown.maintenance * weights.maintenance +
|
|
28
28
|
breakdown.popularity * weights.popularity +
|
|
29
29
|
breakdown.license * weights.license +
|
|
30
30
|
breakdown.dependencies * weights.dependencies) / totalWeight);
|
|
31
|
+
// Hard ceiling: packages with critical/high security scores cannot score above thresholds
|
|
32
|
+
// regardless of how good other dimensions are. Security is non-negotiable.
|
|
33
|
+
if (breakdown.security <= 15)
|
|
34
|
+
total = Math.min(total, 30); // Critical vulns → max 30
|
|
35
|
+
else if (breakdown.security <= 40)
|
|
36
|
+
total = Math.min(total, 50); // High vulns → max 50
|
|
31
37
|
return {
|
|
32
38
|
name,
|
|
33
39
|
total,
|
|
@@ -35,27 +41,55 @@ export async function score(name, options = {}) {
|
|
|
35
41
|
warnings: report.warnings,
|
|
36
42
|
};
|
|
37
43
|
}
|
|
38
|
-
/**
|
|
44
|
+
/**
|
|
45
|
+
* Security: 100 = no vulns.
|
|
46
|
+
* Uses exponential decay — any critical vuln caps the score at 15 max.
|
|
47
|
+
* CVSS scores used when available for more accurate severity weighting.
|
|
48
|
+
*/
|
|
39
49
|
function computeSecurityScore(report) {
|
|
40
50
|
const v = report.vulnerabilities;
|
|
51
|
+
if (v.total === 0)
|
|
52
|
+
return 100;
|
|
53
|
+
// Critical vulns are a hard ceiling — no package with a critical vuln scores above 15
|
|
54
|
+
if (v.critical > 0)
|
|
55
|
+
return Math.max(0, 15 - (v.critical - 1) * 5);
|
|
56
|
+
// High vulns cap at 40
|
|
57
|
+
if (v.high > 0)
|
|
58
|
+
return Math.max(0, 40 - (v.high - 1) * 10);
|
|
59
|
+
// Use CVSS scores when available for more granular scoring
|
|
60
|
+
let maxCvss = 0;
|
|
61
|
+
for (const adv of v.advisories) {
|
|
62
|
+
if (adv.cvss?.score && adv.cvss.score > maxCvss) {
|
|
63
|
+
maxCvss = adv.cvss.score;
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
// If we have CVSS, use it (0-10 scale → inverted to 0-100)
|
|
67
|
+
if (maxCvss > 0) {
|
|
68
|
+
return Math.max(0, Math.round(100 - maxCvss * 10));
|
|
69
|
+
}
|
|
70
|
+
// Fallback: moderate and low deductions
|
|
41
71
|
let s = 100;
|
|
42
|
-
s -= v.
|
|
43
|
-
s -= v.high * 20;
|
|
44
|
-
s -= v.moderate * 10;
|
|
72
|
+
s -= v.moderate * 15;
|
|
45
73
|
s -= v.low * 5;
|
|
46
74
|
return Math.max(0, s);
|
|
47
75
|
}
|
|
48
|
-
/**
|
|
76
|
+
/**
|
|
77
|
+
* Maintenance: based on recency, version history, and deprecation.
|
|
78
|
+
* Stable packages with many versions get a maturity bonus to avoid
|
|
79
|
+
* penalizing well-maintained LTS packages like lodash or express.
|
|
80
|
+
*/
|
|
49
81
|
function computeMaintenanceScore(report) {
|
|
50
82
|
if (!report.lastPublish)
|
|
51
83
|
return 0;
|
|
52
84
|
const daysSincePublish = Math.floor((Date.now() - new Date(report.lastPublish).getTime()) / (1000 * 60 * 60 * 24));
|
|
53
|
-
// Recency score: 100 if published today, 0 if >2 years
|
|
54
|
-
let recency = 100 - Math.min(100, Math.floor(daysSincePublish /
|
|
55
|
-
//
|
|
85
|
+
// Recency score: 100 if published today, 0 if >3 years ago (was 2 years — too aggressive)
|
|
86
|
+
let recency = 100 - Math.min(100, Math.floor(daysSincePublish / 11));
|
|
87
|
+
// Maturity bonus — packages with many versions are stable, not abandoned
|
|
56
88
|
if (report.versionCount >= 10)
|
|
57
|
-
recency = Math.min(100, recency +
|
|
89
|
+
recency = Math.min(100, recency + 15);
|
|
58
90
|
if (report.versionCount >= 50)
|
|
91
|
+
recency = Math.min(100, recency + 15);
|
|
92
|
+
if (report.versionCount >= 100)
|
|
59
93
|
recency = Math.min(100, recency + 10);
|
|
60
94
|
// Penalty for deprecation
|
|
61
95
|
if (report.deprecated)
|
|
@@ -74,19 +108,26 @@ function computePopularityScore(report) {
|
|
|
74
108
|
function computeLicenseScore(report) {
|
|
75
109
|
return report.licenseCompatibility.compatible ? 100 : 0;
|
|
76
110
|
}
|
|
77
|
-
/**
|
|
111
|
+
/**
|
|
112
|
+
* Dependencies: fewer direct deps = smaller attack surface.
|
|
113
|
+
* Install scripts are penalized in security scoring (scriptAnalysis),
|
|
114
|
+
* so we only penalize dependency count here to avoid double-counting.
|
|
115
|
+
*/
|
|
78
116
|
function computeDependencyScore(report) {
|
|
79
117
|
let s = 100;
|
|
80
|
-
//
|
|
118
|
+
// Graduated deduction for dependency count
|
|
81
119
|
if (report.dependencyCount > 5)
|
|
82
120
|
s -= 10;
|
|
83
121
|
if (report.dependencyCount > 15)
|
|
84
122
|
s -= 15;
|
|
85
123
|
if (report.dependencyCount > 30)
|
|
86
124
|
s -= 25;
|
|
87
|
-
|
|
125
|
+
if (report.dependencyCount > 50)
|
|
126
|
+
s -= 20;
|
|
127
|
+
// Install scripts add risk but are already scored in security dimension
|
|
128
|
+
// Only a mild flag here for awareness
|
|
88
129
|
if (report.hasInstallScripts)
|
|
89
|
-
s -=
|
|
130
|
+
s -= 10;
|
|
90
131
|
return Math.max(0, s);
|
|
91
132
|
}
|
|
92
133
|
//# sourceMappingURL=scorer.js.map
|
package/dist/scorer.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scorer.js","sourceRoot":"","sources":["../src/scorer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAElC,MAAM,eAAe,GAAiB;IACpC,QAAQ,EAAE,EAAE;IACZ,WAAW,EAAE,EAAE;IACf,UAAU,EAAE,EAAE;IACd,OAAO,EAAE,EAAE;IACX,YAAY,EAAE,EAAE;CACjB,CAAA;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CACzB,IAAY,EACZ,UAII,EAAE;IAEN,MAAM,EACJ,aAAa,GAAG,KAAK,EACrB,OAAO,EAAE,aAAa,EACtB,OAAO,GAAG,UAAU,CAAC,KAAK,GAC3B,GAAG,OAAO,CAAA;IAEX,MAAM,OAAO,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,CAAA;IACxD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,CAAA;IAExD,MAAM,SAAS,GAAG;QAChB,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC;QACtC,WAAW,EAAE,uBAAuB,CAAC,MAAM,CAAC;QAC5C,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC;QAC1C,OAAO,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACpC,YAAY,EAAE,sBAAsB,CAAC,MAAM,CAAC;KAC7C,CAAA;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,UAAU;QAC7E,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,YAAY,CAAA;IAExC,
|
|
1
|
+
{"version":3,"file":"scorer.js","sourceRoot":"","sources":["../src/scorer.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,EAAE,MAAM,YAAY,CAAA;AAElC,MAAM,eAAe,GAAiB;IACpC,QAAQ,EAAE,EAAE;IACZ,WAAW,EAAE,EAAE;IACf,UAAU,EAAE,EAAE;IACd,OAAO,EAAE,EAAE;IACX,YAAY,EAAE,EAAE;CACjB,CAAA;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,KAAK,CACzB,IAAY,EACZ,UAII,EAAE;IAEN,MAAM,EACJ,aAAa,GAAG,KAAK,EACrB,OAAO,EAAE,aAAa,EACtB,OAAO,GAAG,UAAU,CAAC,KAAK,GAC3B,GAAG,OAAO,CAAA;IAEX,MAAM,OAAO,GAAG,EAAE,GAAG,eAAe,EAAE,GAAG,aAAa,EAAE,CAAA;IACxD,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,IAAI,EAAE,aAAa,EAAE,OAAO,CAAC,CAAA;IAExD,MAAM,SAAS,GAAG;QAChB,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC;QACtC,WAAW,EAAE,uBAAuB,CAAC,MAAM,CAAC;QAC5C,UAAU,EAAE,sBAAsB,CAAC,MAAM,CAAC;QAC1C,OAAO,EAAE,mBAAmB,CAAC,MAAM,CAAC;QACpC,YAAY,EAAE,sBAAsB,CAAC,MAAM,CAAC;KAC7C,CAAA;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,GAAG,OAAO,CAAC,WAAW,GAAG,OAAO,CAAC,UAAU;QAC7E,OAAO,CAAC,OAAO,GAAG,OAAO,CAAC,YAAY,CAAA;IAExC,IAAI,KAAK,GAAG,IAAI,CAAC,KAAK,CACpB,CAAC,SAAS,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ;QACpC,SAAS,CAAC,WAAW,GAAG,OAAO,CAAC,WAAW;QAC3C,SAAS,CAAC,UAAU,GAAG,OAAO,CAAC,UAAU;QACzC,SAAS,CAAC,OAAO,GAAG,OAAO,CAAC,OAAO;QACnC,SAAS,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY,CAAC,GAAG,WAAW,CAC/D,CAAA;IAED,0FAA0F;IAC1F,2EAA2E;IAC3E,IAAI,SAAS,CAAC,QAAQ,IAAI,EAAE;QAAE,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA,CAAE,0BAA0B;SAChF,IAAI,SAAS,CAAC,QAAQ,IAAI,EAAE;QAAE,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA,CAAE,sBAAsB;IAEtF,OAAO;QACL,IAAI;QACJ,KAAK;QACL,SAAS;QACT,QAAQ,EAAE,MAAM,CAAC,QAAQ;KAC1B,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,MAAmB;IAC/C,MAAM,CAAC,GAAG,MAAM,CAAC,eAAe,CAAA;IAChC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC;QAAE,OAAO,GAAG,CAAA;IAE7B,sFAAsF;IACtF,IAAI,CAAC,CAAC,QAAQ,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;IAEjE,uBAAuB;IACvB,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAA;IAE1D,2DAA2D;IAC3D,IAAI,OAAO,GAAG,CAAC,CAAA;IACf,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC,UAAU,EAAE,CAAC;QAC/B,IAAI,GAAG,CAAC,IAAI,EAAE,KAAK,IAAI,GAAG,CAAC,IAAI,CAAC,KAAK,GAAG,OAAO,EAAE,CAAC;YAChD,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAA;QAC1B,CAAC;IACH,CAAC;IAED,2DAA2D;IAC3D,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,OAAO,GAAG,EAAE,CAAC,CAAC,CAAA;IACpD,CAAC;IAED,wCAAwC;IACxC,IAAI,CAAC,GAAG,GAAG,CAAA;IACX,CAAC,IAAI,CAAC,CAAC,QAAQ,GAAG,EAAE,CAAA;IACpB,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC,CAAA;IACd,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;AACvB,CAAC;AAED;;;;GAIG;AACH,SAAS,uBAAuB,CAAC,MAAmB;IAClD,IAAI,CAAC,MAAM,CAAC,WAAW;QAAE,OAAO,CAAC,CAAA;IAEjC,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CACjC,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAC9E,CAAA;IAED,0FAA0F;IAC1F,IAAI,OAAO,GAAG,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAC,CAAA;IAEpE,yEAAyE;IACzE,IAAI,MAAM,CAAC,YAAY,IAAI,EAAE;QAAE,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,EAAE,CAAC,CAAA;IACpE,IAAI,MAAM,CAAC,YAAY,IAAI,EAAE;QAAE,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,EAAE,CAAC,CAAA;IACpE,IAAI,MAAM,CAAC,YAAY,IAAI,GAAG;QAAE,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,GAAG,EAAE,CAAC,CAAA;IAErE,0BAA0B;IAC1B,IAAI,MAAM,CAAC,UAAU;QAAE,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,GAAG,CAAC,CAAA;IAE1D,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,CAAA;AAC7B,CAAC;AAED,8DAA8D;AAC9D,SAAS,sBAAsB,CAAC,MAAmB;IACjD,IAAI,MAAM,CAAC,eAAe,IAAI,CAAC;QAAE,OAAO,CAAC,CAAA;IAEzC,+EAA+E;IAC/E,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,CAAA;IACvD,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,KAAK,CAAC,YAAY,GAAG,EAAE,CAAC,CAAC,CAAA;AACrD,CAAC;AAED,2CAA2C;AAC3C,SAAS,mBAAmB,CAAC,MAAmB;IAC9C,OAAO,MAAM,CAAC,oBAAoB,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAA;AACzD,CAAC;AAED;;;;GAIG;AACH,SAAS,sBAAsB,CAAC,MAAmB;IACjD,IAAI,CAAC,GAAG,GAAG,CAAA;IAEX,2CAA2C;IAC3C,IAAI,MAAM,CAAC,eAAe,GAAG,CAAC;QAAE,CAAC,IAAI,EAAE,CAAA;IACvC,IAAI,MAAM,CAAC,eAAe,GAAG,EAAE;QAAE,CAAC,IAAI,EAAE,CAAA;IACxC,IAAI,MAAM,CAAC,eAAe,GAAG,EAAE;QAAE,CAAC,IAAI,EAAE,CAAA;IACxC,IAAI,MAAM,CAAC,eAAe,GAAG,EAAE;QAAE,CAAC,IAAI,EAAE,CAAA;IAExC,wEAAwE;IACxE,sCAAsC;IACtC,IAAI,MAAM,CAAC,iBAAiB;QAAE,CAAC,IAAI,EAAE,CAAA;IAErC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;AACvB,CAAC"}
|
package/dist/semver.d.ts
CHANGED
|
@@ -2,9 +2,11 @@
|
|
|
2
2
|
* Minimal semver range checker — zero dependencies.
|
|
3
3
|
* Supports common version range patterns from GitHub advisories:
|
|
4
4
|
* "< 4.0.0", ">= 1.0.0, < 2.0.0", "<= 3.5.0", "= 1.2.3"
|
|
5
|
+
* ">= 1.0.0, < 2.0.0 || >= 3.0.0, < 3.5.0" (OR clauses)
|
|
5
6
|
*
|
|
6
|
-
* Does NOT support:
|
|
7
|
+
* Does NOT support: ~, ^, *, x, pre-release comparison, build metadata.
|
|
7
8
|
* This is intentional — advisory ranges use simple comparators.
|
|
9
|
+
* Unknown ranges are treated as vulnerable (safe default).
|
|
8
10
|
*/
|
|
9
11
|
/**
|
|
10
12
|
* Check if a version satisfies a vulnerability range string.
|
package/dist/semver.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"semver.d.ts","sourceRoot":"","sources":["../src/semver.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"semver.d.ts","sourceRoot":"","sources":["../src/semver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAwCH;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,OAAO,CAiBtE"}
|
package/dist/semver.js
CHANGED
|
@@ -2,9 +2,11 @@
|
|
|
2
2
|
* Minimal semver range checker — zero dependencies.
|
|
3
3
|
* Supports common version range patterns from GitHub advisories:
|
|
4
4
|
* "< 4.0.0", ">= 1.0.0, < 2.0.0", "<= 3.5.0", "= 1.2.3"
|
|
5
|
+
* ">= 1.0.0, < 2.0.0 || >= 3.0.0, < 3.5.0" (OR clauses)
|
|
5
6
|
*
|
|
6
|
-
* Does NOT support:
|
|
7
|
+
* Does NOT support: ~, ^, *, x, pre-release comparison, build metadata.
|
|
7
8
|
* This is intentional — advisory ranges use simple comparators.
|
|
9
|
+
* Unknown ranges are treated as vulnerable (safe default).
|
|
8
10
|
*/
|
|
9
11
|
function parse(version) {
|
|
10
12
|
// Strip leading 'v' and any pre-release/build suffix
|
|
@@ -52,20 +54,37 @@ export function satisfiesRange(version, range) {
|
|
|
52
54
|
return true; // If we can't parse, assume vulnerable (safe default)
|
|
53
55
|
if (!range || range === '*')
|
|
54
56
|
return true;
|
|
55
|
-
//
|
|
56
|
-
|
|
57
|
+
// Support OR clauses: "< 2.0.0 || >= 3.0.0, < 3.5.0"
|
|
58
|
+
// Vulnerable if ANY OR clause matches
|
|
59
|
+
const orClauses = range.split('||').map(s => s.trim()).filter(Boolean);
|
|
60
|
+
for (const clause of orClauses) {
|
|
61
|
+
if (satisfiesAndClause(ver, clause)) {
|
|
62
|
+
return true; // Vulnerable — matches at least one OR clause
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
return false; // Not vulnerable — doesn't match any OR clause
|
|
66
|
+
}
|
|
67
|
+
/**
|
|
68
|
+
* Check if a version satisfies ALL conditions in an AND clause.
|
|
69
|
+
* AND clauses are comma-separated: ">= 1.0.0, < 2.0.0"
|
|
70
|
+
*/
|
|
71
|
+
function satisfiesAndClause(ver, clause) {
|
|
72
|
+
const parts = clause.split(',').map(s => s.trim()).filter(Boolean);
|
|
73
|
+
let hadValidPart = false;
|
|
57
74
|
for (const part of parts) {
|
|
58
75
|
const match = part.match(/^(>=|<=|>|<|=)\s*(.+)$/);
|
|
59
76
|
if (!match)
|
|
60
77
|
continue;
|
|
78
|
+
hadValidPart = true;
|
|
61
79
|
const op = match[1];
|
|
62
80
|
const target = parse(match[2]);
|
|
63
81
|
if (!target)
|
|
64
82
|
continue;
|
|
65
83
|
if (!matchComparator(ver, op, target)) {
|
|
66
|
-
return false; // One condition not met → not in
|
|
84
|
+
return false; // One condition not met → not in this clause's range
|
|
67
85
|
}
|
|
68
86
|
}
|
|
69
|
-
|
|
87
|
+
// If no valid parts were parsed, treat as vulnerable (safe default)
|
|
88
|
+
return hadValidPart || true;
|
|
70
89
|
}
|
|
71
90
|
//# sourceMappingURL=semver.js.map
|
package/dist/semver.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"semver.js","sourceRoot":"","sources":["../src/semver.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"semver.js","sourceRoot":"","sources":["../src/semver.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAQH,SAAS,KAAK,CAAC,OAAe;IAC5B,qDAAqD;IACrD,MAAM,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAA;IACrE,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,IAAI,CAAA;IAEjC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACpC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;IACpC,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;IAE5D,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAC7D,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,CAAA;AAChC,CAAC;AAED,SAAS,OAAO,CAAC,CAAS,EAAE,CAAS;IACnC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,KAAK;QAAE,OAAO,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAA;IACjD,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,KAAK;QAAE,OAAO,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAA;IACjD,OAAO,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAA;AAC1B,CAAC;AAED,SAAS,eAAe,CAAC,OAAe,EAAE,EAAU,EAAE,MAAc;IAClE,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,EAAE,MAAM,CAAC,CAAA;IACpC,QAAQ,EAAE,EAAE,CAAC;QACX,KAAK,GAAG,CAAC,CAAC,OAAO,GAAG,GAAG,CAAC,CAAA;QACxB,KAAK,IAAI,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,CAAA;QAC1B,KAAK,GAAG,CAAC,CAAC,OAAO,GAAG,GAAG,CAAC,CAAA;QACxB,KAAK,IAAI,CAAC,CAAC,OAAO,GAAG,IAAI,CAAC,CAAA;QAC1B,KAAK,GAAG,CAAC,CAAC,OAAO,GAAG,KAAK,CAAC,CAAA;QAC1B,OAAO,CAAC,CAAC,OAAO,GAAG,KAAK,CAAC,CAAA;IAC3B,CAAC;AACH,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc,CAAC,OAAe,EAAE,KAAa;IAC3D,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,CAAA;IAC1B,IAAI,CAAC,GAAG;QAAE,OAAO,IAAI,CAAA,CAAC,sDAAsD;IAE5E,IAAI,CAAC,KAAK,IAAI,KAAK,KAAK,GAAG;QAAE,OAAO,IAAI,CAAA;IAExC,qDAAqD;IACrD,sCAAsC;IACtC,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAEtE,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;QAC/B,IAAI,kBAAkB,CAAC,GAAG,EAAE,MAAM,CAAC,EAAE,CAAC;YACpC,OAAO,IAAI,CAAA,CAAC,8CAA8C;QAC5D,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA,CAAC,+CAA+C;AAC9D,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,GAAW,EAAE,MAAc;IACrD,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAA;IAClE,IAAI,YAAY,GAAG,KAAK,CAAA;IAExB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAA;QAClD,IAAI,CAAC,KAAK;YAAE,SAAQ;QAEpB,YAAY,GAAG,IAAI,CAAA;QACnB,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACnB,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;QAC9B,IAAI,CAAC,MAAM;YAAE,SAAQ;QAErB,IAAI,CAAC,eAAe,CAAC,GAAG,EAAE,EAAE,EAAE,MAAM,CAAC,EAAE,CAAC;YACtC,OAAO,KAAK,CAAA,CAAC,qDAAqD;QACpE,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,OAAO,YAAY,IAAI,IAAI,CAAA;AAC7B,CAAC"}
|
package/dist/sweep.d.ts
ADDED
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dead dependency detection.
|
|
3
|
+
*
|
|
4
|
+
* Scans a project's source files for import/require statements and
|
|
5
|
+
* cross-references with package.json to find unused dependencies.
|
|
6
|
+
*
|
|
7
|
+
* Purely filesystem-based — zero network calls.
|
|
8
|
+
* Zero dependencies — only Node.js built-ins.
|
|
9
|
+
*/
|
|
10
|
+
import type { SweepResult, SweepOptions, DepUsageReason } from './types.js';
|
|
11
|
+
/**
|
|
12
|
+
* Normalize a module specifier to a package name.
|
|
13
|
+
* `@scope/pkg/sub/path` → `@scope/pkg`
|
|
14
|
+
* `pkg/sub/path` → `pkg`
|
|
15
|
+
* `pkg` → `pkg`
|
|
16
|
+
*/
|
|
17
|
+
export declare function normalizeToPackageName(specifier: string): string;
|
|
18
|
+
/**
|
|
19
|
+
* Extract package names from import/require/re-export statements in source code.
|
|
20
|
+
* Returns a Set of normalized package names (excludes relative imports).
|
|
21
|
+
*/
|
|
22
|
+
export declare function extractImports(source: string): Set<string>;
|
|
23
|
+
/**
|
|
24
|
+
* Recursively collect source files matching the given extensions.
|
|
25
|
+
* Excludes directories in the exclude set.
|
|
26
|
+
*/
|
|
27
|
+
export declare function collectSourceFiles(dir: string, extensions?: Set<string>, excludeDirs?: Set<string>): string[];
|
|
28
|
+
/**
|
|
29
|
+
* Check config files in the project root for tool-dependency references.
|
|
30
|
+
* Returns a map of package name → usage reason.
|
|
31
|
+
*/
|
|
32
|
+
export declare function findConfigDependencies(projectPath: string): Map<string, DepUsageReason>;
|
|
33
|
+
/**
|
|
34
|
+
* Check npm scripts in package.json for binary references.
|
|
35
|
+
* Returns a map of package name → usage reason.
|
|
36
|
+
*/
|
|
37
|
+
export declare function findScriptDependencies(scripts: Record<string, string>, projectPath: string): Map<string, DepUsageReason>;
|
|
38
|
+
/**
|
|
39
|
+
* Estimate the installed size of a package in KB.
|
|
40
|
+
* Does a shallow directory size estimation (not recursive into node_modules).
|
|
41
|
+
*/
|
|
42
|
+
export declare function estimatePackageSize(projectPath: string, packageName: string): number | null;
|
|
43
|
+
/**
|
|
44
|
+
* Extract package names from stylesheet @use/@import statements.
|
|
45
|
+
* Handles SCSS @use 'pkg', @import 'pkg', and Less @import 'pkg'.
|
|
46
|
+
*/
|
|
47
|
+
export declare function extractStyleImports(source: string): Set<string>;
|
|
48
|
+
/**
|
|
49
|
+
* Detect unused dependencies in a project.
|
|
50
|
+
* Purely filesystem-based — no network calls.
|
|
51
|
+
*/
|
|
52
|
+
export declare function sweep(projectPath: string, options?: SweepOptions): Promise<SweepResult>;
|
|
53
|
+
//# sourceMappingURL=sweep.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sweep.d.ts","sourceRoot":"","sources":["../src/sweep.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAIH,OAAO,KAAK,EAAE,WAAW,EAAE,YAAY,EAAkB,cAAc,EAAE,MAAM,YAAY,CAAA;AAmE3F;;;;;GAKG;AACH,wBAAgB,sBAAsB,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CAShE;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CA6B1D;AAED;;;GAGG;AACH,wBAAgB,kBAAkB,CAChC,GAAG,EAAE,MAAM,EACX,UAAU,GAAE,GAAG,CAAC,MAAM,CAAqB,EAC3C,WAAW,GAAE,GAAG,CAAC,MAAM,CAAgB,GACtC,MAAM,EAAE,CA6BV;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,WAAW,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CA4CvF;AAgCD;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,WAAW,EAAE,MAAM,GAClB,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CA2D7B;AAwBD;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,WAAW,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAoB3F;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,MAAM,EAAE,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,CAgB/D;AAyED;;;GAGG;AACH,wBAAsB,KAAK,CACzB,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,YAAiB,GACzB,OAAO,CAAC,WAAW,CAAC,CAsOtB"}
|