depwire-cli 0.9.25 → 0.9.27
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +32 -2
- package/dist/{chunk-QHVWDUSX.js → chunk-DA5LWNJ4.js} +1484 -16
- package/dist/{chunk-ORGAO3HT.js → chunk-RGD3YJYQ.js} +79 -13
- package/dist/index.js +232 -39
- package/dist/mcpb-entry.js +2 -2
- package/dist/sdk.d.ts +49 -1
- package/dist/sdk.js +3 -1
- package/package.json +6 -6
package/dist/sdk.d.ts
CHANGED
|
@@ -222,6 +222,54 @@ declare class SimulationEngine {
|
|
|
222
222
|
private computeHealthScore;
|
|
223
223
|
}
|
|
224
224
|
|
|
225
|
+
type Severity = 'critical' | 'high' | 'medium' | 'low' | 'info';
|
|
226
|
+
type VulnerabilityClass = 'dependency-cve' | 'shell-injection' | 'code-injection' | 'secrets' | 'path-traversal' | 'auth' | 'input-validation' | 'information-disclosure' | 'architecture' | 'cryptography' | 'supply-chain' | 'frontend-xss';
|
|
227
|
+
interface SecurityFinding {
|
|
228
|
+
id: string;
|
|
229
|
+
severity: Severity;
|
|
230
|
+
vulnerabilityClass: VulnerabilityClass;
|
|
231
|
+
file: string;
|
|
232
|
+
line?: number;
|
|
233
|
+
symbol?: string;
|
|
234
|
+
title: string;
|
|
235
|
+
description: string;
|
|
236
|
+
attackScenario: string;
|
|
237
|
+
suggestedFix: string;
|
|
238
|
+
graphReachability?: {
|
|
239
|
+
entryPoints: string[];
|
|
240
|
+
reachableFrom: number;
|
|
241
|
+
elevatedBy: string;
|
|
242
|
+
};
|
|
243
|
+
}
|
|
244
|
+
interface SecurityScanResult {
|
|
245
|
+
scannedAt: string;
|
|
246
|
+
projectRoot: string;
|
|
247
|
+
filesScanned: number;
|
|
248
|
+
findings: SecurityFinding[];
|
|
249
|
+
summary: {
|
|
250
|
+
critical: number;
|
|
251
|
+
high: number;
|
|
252
|
+
medium: number;
|
|
253
|
+
low: number;
|
|
254
|
+
info: number;
|
|
255
|
+
total: number;
|
|
256
|
+
};
|
|
257
|
+
dependencyAudit: {
|
|
258
|
+
ran: boolean;
|
|
259
|
+
packageManager: string | null;
|
|
260
|
+
rawOutput: string;
|
|
261
|
+
};
|
|
262
|
+
}
|
|
263
|
+
interface SecurityScanOptions {
|
|
264
|
+
target?: string;
|
|
265
|
+
classes?: VulnerabilityClass[];
|
|
266
|
+
format?: 'table' | 'json' | 'sarif';
|
|
267
|
+
failOn?: Severity;
|
|
268
|
+
graphAware?: boolean;
|
|
269
|
+
}
|
|
270
|
+
|
|
271
|
+
declare function scanSecurity(projectRoot: string, graph: DirectedGraph, options?: SecurityScanOptions): Promise<SecurityScanResult>;
|
|
272
|
+
|
|
225
273
|
/**
|
|
226
274
|
* depwire-cli SDK — Public API Surface
|
|
227
275
|
*
|
|
@@ -234,4 +282,4 @@ declare class SimulationEngine {
|
|
|
234
282
|
/** Current SDK version — matches depwire-cli npm version */
|
|
235
283
|
declare const DepwireSDKVersion: string;
|
|
236
284
|
|
|
237
|
-
export { type BrokenImport, DepwireSDKVersion, type GraphDiff, type HealthDelta, type SimulationAction, SimulationEngine, type SimulationResult, analyzeDeadCode, buildGraph, calculateHealthScore, generateDocs, getArchitectureSummary, getImpact, parseProject, searchSymbols };
|
|
285
|
+
export { type BrokenImport, DepwireSDKVersion, type GraphDiff, type HealthDelta, type SecurityFinding, type SecurityScanOptions, type SecurityScanResult, type Severity, type SimulationAction, SimulationEngine, type SimulationResult, type VulnerabilityClass, analyzeDeadCode, buildGraph, calculateHealthScore, generateDocs, getArchitectureSummary, getImpact, parseProject, scanSecurity, searchSymbols };
|
package/dist/sdk.js
CHANGED
|
@@ -7,8 +7,9 @@ import {
|
|
|
7
7
|
getArchitectureSummary,
|
|
8
8
|
getImpact,
|
|
9
9
|
parseProject,
|
|
10
|
+
scanSecurity,
|
|
10
11
|
searchSymbols
|
|
11
|
-
} from "./chunk-
|
|
12
|
+
} from "./chunk-DA5LWNJ4.js";
|
|
12
13
|
|
|
13
14
|
// src/sdk.ts
|
|
14
15
|
import { readFileSync } from "fs";
|
|
@@ -28,5 +29,6 @@ export {
|
|
|
28
29
|
getArchitectureSummary,
|
|
29
30
|
getImpact,
|
|
30
31
|
parseProject,
|
|
32
|
+
scanSecurity,
|
|
31
33
|
searchSymbols
|
|
32
34
|
};
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "depwire-cli",
|
|
3
|
-
"version": "0.9.
|
|
4
|
-
"description": "Dependency graph +
|
|
3
|
+
"version": "0.9.27",
|
|
4
|
+
"description": "Dependency graph + 17 MCP tools for AI coding assistants. Impact analysis, health scoring, security scanner.",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"bin": {
|
|
7
7
|
"depwire": "dist/index.js"
|
|
@@ -63,16 +63,16 @@
|
|
|
63
63
|
},
|
|
64
64
|
"dependencies": {
|
|
65
65
|
"@modelcontextprotocol/sdk": "1.26.0",
|
|
66
|
-
"chalk": "
|
|
66
|
+
"chalk": "5.6.2",
|
|
67
67
|
"chokidar": "5.0.0",
|
|
68
68
|
"commander": "14.0.3",
|
|
69
69
|
"express": "5.2.1",
|
|
70
70
|
"graphology": "0.26.0",
|
|
71
71
|
"graphology-types": "0.24.8",
|
|
72
|
-
"minimatch": "
|
|
72
|
+
"minimatch": "10.2.4",
|
|
73
73
|
"open": "11.0.0",
|
|
74
|
-
"simple-git": "
|
|
75
|
-
"web-tree-sitter": "
|
|
74
|
+
"simple-git": "3.35.2",
|
|
75
|
+
"web-tree-sitter": "0.26.6",
|
|
76
76
|
"ws": "8.19.0",
|
|
77
77
|
"zod": "4.3.6"
|
|
78
78
|
},
|