dotenv-diff 2.4.10 → 2.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +30 -4
- package/README.md +2 -2
- package/dist/src/cli/run.js +2 -1
- package/dist/src/cli/run.js.map +1 -1
- package/dist/src/commands/compare.d.ts.map +1 -1
- package/dist/src/commands/compare.js +9 -43
- package/dist/src/commands/compare.js.map +1 -1
- package/dist/src/commands/ensureFilesOrPrompt.d.ts +6 -0
- package/dist/src/commands/ensureFilesOrPrompt.d.ts.map +1 -1
- package/dist/src/commands/ensureFilesOrPrompt.js +1 -1
- package/dist/src/commands/ensureFilesOrPrompt.js.map +1 -1
- package/dist/src/commands/scanUsage.js +1 -1
- package/dist/src/commands/scanUsage.js.map +1 -1
- package/dist/src/config/types.d.ts +18 -0
- package/dist/src/config/types.d.ts.map +1 -1
- package/dist/src/core/compare/calculateStats.d.ts +19 -0
- package/dist/src/core/compare/calculateStats.d.ts.map +1 -0
- package/dist/src/core/compare/calculateStats.js +27 -0
- package/dist/src/core/compare/calculateStats.js.map +1 -0
- package/dist/src/core/compare/parseAndFilterEnv.d.ts +20 -0
- package/dist/src/core/compare/parseAndFilterEnv.d.ts.map +1 -0
- package/dist/src/core/compare/parseAndFilterEnv.js +22 -0
- package/dist/src/core/compare/parseAndFilterEnv.js.map +1 -0
- package/dist/src/core/compare/updateTotals.d.ts +22 -0
- package/dist/src/core/compare/updateTotals.d.ts.map +1 -0
- package/dist/src/core/compare/updateTotals.js +37 -0
- package/dist/src/core/compare/updateTotals.js.map +1 -0
- package/dist/src/core/defaultExcludeKeys.d.ts +7 -0
- package/dist/src/core/defaultExcludeKeys.d.ts.map +1 -0
- package/dist/src/core/diffEnv.d.ts +9 -0
- package/dist/src/core/diffEnv.d.ts.map +1 -1
- package/dist/src/core/diffEnv.js +2 -2
- package/dist/src/core/diffEnv.js.map +1 -1
- package/dist/src/core/filterIgnoredKeys.d.ts +5 -0
- package/dist/src/core/filterIgnoredKeys.d.ts.map +1 -1
- package/dist/src/core/filterIgnoredKeys.js +14 -1
- package/dist/src/core/filterIgnoredKeys.js.map +1 -1
- package/dist/src/core/fixEnv.d.ts +6 -0
- package/dist/src/core/fixEnv.d.ts.map +1 -1
- package/dist/src/core/fixEnv.js.map +1 -1
- package/dist/src/core/frameworks/nextJsRules.js +2 -2
- package/dist/src/core/frameworks/nextJsRules.js.map +1 -1
- package/dist/src/core/frameworks/sveltekitRules.d.ts.map +1 -1
- package/dist/src/core/frameworks/sveltekitRules.js +44 -14
- package/dist/src/core/frameworks/sveltekitRules.js.map +1 -1
- package/dist/src/core/parseAndFilterEnv.d.ts +20 -0
- package/dist/src/core/parseAndFilterEnv.d.ts.map +1 -0
- package/dist/src/core/parseAndFilterEnv.js +22 -0
- package/dist/src/core/parseAndFilterEnv.js.map +1 -0
- package/dist/src/core/patterns.d.ts +4 -0
- package/dist/src/core/patterns.d.ts.map +1 -1
- package/dist/src/core/patterns.js +4 -1
- package/dist/src/core/patterns.js.map +1 -1
- package/dist/src/core/scan/compareScan.d.ts +10 -0
- package/dist/src/core/scan/compareScan.d.ts.map +1 -0
- package/dist/src/core/scan/compareScan.js +19 -0
- package/dist/src/core/scan/compareScan.js.map +1 -0
- package/dist/src/core/scan/computeHealthScore.d.ts +8 -0
- package/dist/src/core/scan/computeHealthScore.d.ts.map +1 -0
- package/dist/src/core/scan/computeHealthScore.js +35 -0
- package/dist/src/core/scan/computeHealthScore.js.map +1 -0
- package/dist/src/core/scan/determineComparisonFile.d.ts +13 -0
- package/dist/src/core/scan/determineComparisonFile.d.ts.map +1 -0
- package/dist/src/core/scan/determineComparisonFile.js +33 -0
- package/dist/src/core/scan/determineComparisonFile.js.map +1 -0
- package/dist/src/core/scan/scanFile.d.ts +10 -0
- package/dist/src/core/scan/scanFile.d.ts.map +1 -0
- package/dist/src/core/scan/scanFile.js +65 -0
- package/dist/src/core/scan/scanFile.js.map +1 -0
- package/dist/src/core/security/secretDetectors.d.ts +3 -0
- package/dist/src/core/security/secretDetectors.d.ts.map +1 -1
- package/dist/src/core/security/secretDetectors.js +14 -36
- package/dist/src/core/security/secretDetectors.js.map +1 -1
- package/dist/src/services/envDiscovery.d.ts.map +1 -1
- package/dist/src/services/envDiscovery.js +9 -1
- package/dist/src/services/envDiscovery.js.map +1 -1
- package/dist/src/services/printScanResult.js +1 -1
- package/dist/src/services/printScanResult.js.map +1 -1
- package/dist/src/services/processComparisonFile.d.ts +3 -0
- package/dist/src/services/processComparisonFile.d.ts.map +1 -1
- package/dist/src/services/processComparisonFile.js +1 -1
- package/dist/src/services/processComparisonFile.js.map +1 -1
- package/dist/src/services/scanCodebase.js +1 -1
- package/dist/src/services/scanCodebase.js.map +1 -1
- package/dist/src/ui/scan/printHeader.js +1 -1
- package/dist/src/ui/scan/printHeader.js.map +1 -1
- package/dist/src/ui/scan/scanJsonOutput.js +1 -1
- package/dist/src/ui/scan/scanJsonOutput.js.map +1 -1
- package/package.json +1 -1
|
@@ -1,9 +1,18 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Result of comparing two .env files.
|
|
3
|
+
*/
|
|
1
4
|
export type DiffResult = {
|
|
5
|
+
/** Keys present in the example file but missing from the current file */
|
|
2
6
|
missing: string[];
|
|
7
|
+
/** Keys present in the current file but not defined in the example file */
|
|
3
8
|
extra: string[];
|
|
9
|
+
/** Keys that exist in both files but have mismatched values */
|
|
4
10
|
valueMismatches: {
|
|
11
|
+
/** The environment variable key */
|
|
5
12
|
key: string;
|
|
13
|
+
/** Expected value from the example file */
|
|
6
14
|
expected: string;
|
|
15
|
+
/** Actual value from the current file */
|
|
7
16
|
actual: string;
|
|
8
17
|
}[];
|
|
9
18
|
};
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"diffEnv.d.ts","sourceRoot":"","sources":["../../../src/core/diffEnv.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG;IACvB,OAAO,EAAE,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"diffEnv.d.ts","sourceRoot":"","sources":["../../../src/core/diffEnv.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,yEAAyE;IACzE,OAAO,EAAE,MAAM,EAAE,CAAC;IAElB,2EAA2E;IAC3E,KAAK,EAAE,MAAM,EAAE,CAAC;IAEhB,+DAA+D;IAC/D,eAAe,EAAE;QACf,mCAAmC;QACnC,GAAG,EAAE,MAAM,CAAC;QACZ,2CAA2C;QAC3C,QAAQ,EAAE,MAAM,CAAC;QACjB,yCAAyC;QACzC,MAAM,EAAE,MAAM,CAAC;KAChB,EAAE,CAAC;CACL,CAAC;AAEF;;;;;;;GAOG;AACH,wBAAgB,OAAO,CACrB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,EAC/B,WAAW,UAAQ,GAClB,UAAU,CA2BZ"}
|
package/dist/src/core/diffEnv.js
CHANGED
|
@@ -22,8 +22,8 @@ export function diffEnv(current, example, checkValues = false) {
|
|
|
22
22
|
})
|
|
23
23
|
.map((key) => ({
|
|
24
24
|
key,
|
|
25
|
-
expected: example[key]
|
|
26
|
-
actual: current[key]
|
|
25
|
+
expected: example[key],
|
|
26
|
+
actual: current[key],
|
|
27
27
|
}));
|
|
28
28
|
}
|
|
29
29
|
return { missing, extra, valueMismatches };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"diffEnv.js","sourceRoot":"","sources":["../../../src/core/diffEnv.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"diffEnv.js","sourceRoot":"","sources":["../../../src/core/diffEnv.ts"],"names":[],"mappings":"AAqBA;;;;;;;GAOG;AACH,MAAM,UAAU,OAAO,CACrB,OAA+B,EAC/B,OAA+B,EAC/B,WAAW,GAAG,KAAK;IAEnB,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzC,MAAM,WAAW,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAEzC,MAAM,OAAO,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IACxE,MAAM,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;IAEtE,IAAI,eAAe,GAAkC,EAAE,CAAC;IAExD,IAAI,WAAW,EAAE,CAAC;QAChB,eAAe,GAAG,WAAW;aAC1B,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE;YACd,OAAO,CACL,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC;gBACzB,OAAO,OAAO,CAAC,GAAG,CAAC,KAAK,QAAQ;gBAChC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE;gBAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,GAAG,CAAC,CAC9B,CAAC;QACJ,CAAC,CAAC;aACD,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;YACb,GAAG;YACH,QAAQ,EAAE,OAAO,CAAC,GAAG,CAAE;YACvB,MAAM,EAAE,OAAO,CAAC,GAAG,CAAE;SACtB,CAAC,CAAC,CAAC;IACR,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;AAC7C,CAAC"}
|
|
@@ -1,3 +1,8 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* default exclude environment variable keys (not expected in .env files)
|
|
3
|
+
* But may be used in code.
|
|
4
|
+
*/
|
|
5
|
+
export declare const DEFAULT_EXCLUDE_KEYS: string[];
|
|
1
6
|
/**
|
|
2
7
|
* Filters out keys that are in the ignore list or match any of the ignore regex patterns.
|
|
3
8
|
* @param keys - The list of keys to filter.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"filterIgnoredKeys.d.ts","sourceRoot":"","sources":["../../../src/core/filterIgnoredKeys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,MAAM,EAAE,EACd,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,MAAM,EAAE,GACpB,MAAM,EAAE,CAIV"}
|
|
1
|
+
{"version":3,"file":"filterIgnoredKeys.d.ts","sourceRoot":"","sources":["../../../src/core/filterIgnoredKeys.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,eAAO,MAAM,oBAAoB,UAQhC,CAAC;AAEF;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,MAAM,EAAE,EACd,MAAM,EAAE,MAAM,EAAE,EAChB,WAAW,EAAE,MAAM,EAAE,GACpB,MAAM,EAAE,CAIV"}
|
|
@@ -1,3 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* default exclude environment variable keys (not expected in .env files)
|
|
3
|
+
* But may be used in code.
|
|
4
|
+
*/
|
|
5
|
+
export const DEFAULT_EXCLUDE_KEYS = [
|
|
6
|
+
'NODE_ENV',
|
|
7
|
+
'VITE_MODE',
|
|
8
|
+
'MODE',
|
|
9
|
+
'BASE_URL',
|
|
10
|
+
'PROD',
|
|
11
|
+
'DEV',
|
|
12
|
+
'SSR',
|
|
13
|
+
];
|
|
1
14
|
/**
|
|
2
15
|
* Filters out keys that are in the ignore list or match any of the ignore regex patterns.
|
|
3
16
|
* @param keys - The list of keys to filter.
|
|
@@ -6,6 +19,6 @@
|
|
|
6
19
|
* @returns The filtered list of keys.
|
|
7
20
|
*/
|
|
8
21
|
export function filterIgnoredKeys(keys, ignore, ignoreRegex) {
|
|
9
|
-
return keys.filter((k) => !ignore.includes(k) && !ignoreRegex.some((rx) => rx.test(k)));
|
|
22
|
+
return keys.filter((k) => !ignore.includes(k) && !DEFAULT_EXCLUDE_KEYS.includes(k) && !ignoreRegex.some((rx) => rx.test(k)));
|
|
10
23
|
}
|
|
11
24
|
//# sourceMappingURL=filterIgnoredKeys.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"filterIgnoredKeys.js","sourceRoot":"","sources":["../../../src/core/filterIgnoredKeys.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAC/B,IAAc,EACd,MAAgB,EAChB,WAAqB;IAErB,OAAO,IAAI,CAAC,MAAM,CAChB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"filterIgnoredKeys.js","sourceRoot":"","sources":["../../../src/core/filterIgnoredKeys.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,UAAU;IACV,WAAW;IACX,MAAM;IACN,UAAU;IACV,MAAM;IACN,KAAK;IACL,KAAK;CACN,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAC/B,IAAc,EACd,MAAgB,EAChB,WAAqB;IAErB,OAAO,IAAI,CAAC,MAAM,CAChB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CACzG,CAAC;AACJ,CAAC"}
|
|
@@ -1,3 +1,6 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Options for applying fixes to environment files
|
|
3
|
+
*/
|
|
1
4
|
interface ApplyFixesOptions {
|
|
2
5
|
envPath: string;
|
|
3
6
|
examplePath: string;
|
|
@@ -5,6 +8,9 @@ interface ApplyFixesOptions {
|
|
|
5
8
|
duplicateKeys: string[];
|
|
6
9
|
ensureGitignore?: boolean;
|
|
7
10
|
}
|
|
11
|
+
/**
|
|
12
|
+
* Result of applying fixes to environment files
|
|
13
|
+
*/
|
|
8
14
|
interface FixResult {
|
|
9
15
|
removedDuplicates: string[];
|
|
10
16
|
addedEnv: string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fixEnv.d.ts","sourceRoot":"","sources":["../../../src/core/fixEnv.ts"],"names":[],"mappings":"AAKA,UAAU,iBAAiB;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED,UAAU,SAAS;IACjB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,iBAAiB,GAAG;IACtD,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,SAAS,CAAC;CACnB,CA0FA"}
|
|
1
|
+
{"version":3,"file":"fixEnv.d.ts","sourceRoot":"","sources":["../../../src/core/fixEnv.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,UAAU,iBAAiB;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,UAAU,SAAS;IACjB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,gBAAgB,EAAE,OAAO,CAAC;CAC3B;AAED;;;;;;;;;;;GAWG;AACH,wBAAgB,UAAU,CAAC,OAAO,EAAE,iBAAiB,GAAG;IACtD,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,SAAS,CAAC;CACnB,CA0FA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"fixEnv.js","sourceRoot":"","sources":["../../../src/core/fixEnv.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"fixEnv.js","sourceRoot":"","sources":["../../../src/core/fixEnv.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAC/E,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAC;AAuBxE;;;;;;;;;;;GAWG;AACH,MAAM,UAAU,UAAU,CAAC,OAA0B;IAInD,MAAM,EACJ,OAAO,EACP,WAAW,EACX,WAAW,GAAG,EAAE,EAChB,aAAa,GAAG,EAAE,EAClB,eAAe,GAAG,KAAK,GACxB,GAAG,OAAO,CAAC;IAEZ,MAAM,MAAM,GAAc;QACxB,iBAAiB,EAAE,EAAE;QACrB,QAAQ,EAAE,EAAE;QACZ,YAAY,EAAE,EAAE;QAChB,gBAAgB,EAAE,KAAK;KACxB,CAAC;IAEF,4BAA4B;IAC5B,IAAI,aAAa,CAAC,MAAM,EAAE,CAAC;QACzB,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,CAAC;QAE5C,MAAM,KAAK,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC5D,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAC/B,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,sDAAsD;QACtD,KAAK,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,IAAI,KAAK,SAAS;gBAAE,SAAS;YAEjC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;YAC9C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC3B,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;oBAC1B,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;wBAAE,SAAS,CAAC,iBAAiB;oBAC9C,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAChB,CAAC;YACH,CAAC;YACD,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QACzB,CAAC;QAED,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/C,MAAM,CAAC,iBAAiB,GAAG,aAAa,CAAC;IAC3C,CAAC;IAED,mCAAmC;IACnC,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACvB,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,UAAU,GACd,OAAO;YACP,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;YACpC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YAC1C,IAAI,CAAC;QACP,EAAE,CAAC,aAAa,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACtC,MAAM,CAAC,QAAQ,GAAG,WAAW,CAAC;IAChC,CAAC;IAED,2CAA2C;IAC3C,IAAI,WAAW,IAAI,WAAW,CAAC,MAAM,EAAE,CAAC;QACtC,MAAM,SAAS,GAAG,EAAE,CAAC,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QACxD,MAAM,cAAc,GAAG,IAAI,GAAG,CAC5B,SAAS;aACN,KAAK,CAAC,IAAI,CAAC;aACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;aAClC,MAAM,CAAC,OAAO,CAAC,CACnB,CAAC;QACF,MAAM,cAAc,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAEzE,IAAI,cAAc,CAAC,MAAM,EAAE,CAAC;YAC1B,MAAM,YAAY,GAChB,SAAS;gBACT,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;gBACtC,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC;gBACzB,IAAI,CAAC;YACP,EAAE,CAAC,aAAa,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;YAC5C,MAAM,CAAC,YAAY,GAAG,cAAc,CAAC;QACvC,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,CAAC,gBAAgB,GAAG,qBAAqB,CAAC,OAAO,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,OAAO,GACX,MAAM,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC;QACnC,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;QAC1B,MAAM,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC;QAC9B,MAAM,CAAC,gBAAgB,CAAC;IAE1B,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAC7B,CAAC;AAED;;;;;;GAMG;AACH,SAAS,qBAAqB,CAAC,OAAe;IAC5C,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACvC,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;QAEtC,IAAI,CAAC,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,EAAE,CAAC;YACpC,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QACvD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,OAAO,GAAG,iBAAiB,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC,CAAC;QAE1E,2BAA2B;QAC3B,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,uBAAuB;QACvB,MAAM,QAAQ,GAAG,8BAA8B,CAAC;QAEhD,IAAI,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YACjC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;YACvD,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YAElE,MAAM,eAAe,GAAG,QAAQ,CAAC,MAAM,CACrC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC9C,CAAC;YAEF,IAAI,eAAe,CAAC,MAAM,EAAE,CAAC;gBAC3B,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;gBACxF,EAAE,CAAC,cAAc,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;gBAC3C,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;aAAM,CAAC;YACN,wBAAwB;YACxB,EAAE,CAAC,aAAa,CAAC,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,CAAC;YAC5D,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACP,8BAA8B;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
|
@@ -52,10 +52,10 @@ export function applyNextJsRules(u, warnings, fileContentMap) {
|
|
|
52
52
|
}
|
|
53
53
|
// Warn if NEXT_PUBLIC_ contains sensitive keywords
|
|
54
54
|
if (u.variable.startsWith('NEXT_PUBLIC_') &&
|
|
55
|
-
/SECRET|PRIVATE|
|
|
55
|
+
/SECRET|PRIVATE|PASSWORD/.test(u.variable)) {
|
|
56
56
|
warnings.push({
|
|
57
57
|
variable: u.variable,
|
|
58
|
-
reason: '
|
|
58
|
+
reason: 'Potential sensitive environment variable exposed to the browser',
|
|
59
59
|
file: normalizedFile,
|
|
60
60
|
line: u.line,
|
|
61
61
|
framework: 'nextjs',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"nextJsRules.js","sourceRoot":"","sources":["../../../../src/core/frameworks/nextJsRules.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAC9B,CAAW,EACX,QAA4B,EAC5B,cAAoC;IAEpC,2DAA2D;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE7C,sBAAsB;IACtB,IAAI,cAAc,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,6DAA6D;IAC7D,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAC9B,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,mDAAmD;YACnD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnE,iBAAiB;gBACf,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC;oBACrC,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IACD,wDAAwD;IACxD,MAAM,uBAAuB,GAC3B,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC;QACpC,CAAC,oBAAoB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE7C,iBAAiB,KAAK,uBAAuB,CAAC;IAE9C,iDAAiD;IACjD,IAAI,iBAAiB,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QAChE,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,gDAAgD;YACxD,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;IAED,oCAAoC;IACpC,IAAI,CAAC,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,6DAA6D;YACrE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;IAED,mDAAmD;IACnD,IACE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC;QACrC,
|
|
1
|
+
{"version":3,"file":"nextJsRules.js","sourceRoot":"","sources":["../../../../src/core/frameworks/nextJsRules.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAC9B,CAAW,EACX,QAA4B,EAC5B,cAAoC;IAEpC,2DAA2D;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE7C,sBAAsB;IACtB,IAAI,cAAc,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,6DAA6D;IAC7D,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAC9B,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,WAAW,EAAE,CAAC;YAChB,mDAAmD;YACnD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnE,iBAAiB;gBACf,oBAAoB,CAAC,IAAI,CAAC,UAAU,CAAC;oBACrC,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IACD,wDAAwD;IACxD,MAAM,uBAAuB,GAC3B,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC;QACpC,CAAC,oBAAoB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE7C,iBAAiB,KAAK,uBAAuB,CAAC;IAE9C,iDAAiD;IACjD,IAAI,iBAAiB,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QAChE,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,gDAAgD;YACxD,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;IAED,oCAAoC;IACpC,IAAI,CAAC,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,6DAA6D;YACrE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;IAED,mDAAmD;IACnD,IACE,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,CAAC;QACrC,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAC1C,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,iEAAiE;YACzE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,QAAQ;SACpB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sveltekitRules.d.ts","sourceRoot":"","sources":["../../../../src/core/frameworks/sveltekitRules.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAGxE;;;;GAIG;AACH,wBAAgB,mBAAmB,CACjC,CAAC,EAAE,QAAQ,EACX,QAAQ,EAAE,gBAAgB,EAAE,GAC3B,IAAI,
|
|
1
|
+
{"version":3,"file":"sveltekitRules.d.ts","sourceRoot":"","sources":["../../../../src/core/frameworks/sveltekitRules.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAGxE;;;;GAIG;AACH,wBAAgB,mBAAmB,CACjC,CAAC,EAAE,QAAQ,EACX,QAAQ,EAAE,gBAAgB,EAAE,GAC3B,IAAI,CA0JN"}
|
|
@@ -24,6 +24,7 @@ export function applySvelteKitRules(u, warnings) {
|
|
|
24
24
|
normalizedFile.includes('/+page.') ||
|
|
25
25
|
normalizedFile.includes('/+layout.'));
|
|
26
26
|
const isSvelteFile = /\.svelte$/.test(normalizedFile);
|
|
27
|
+
// import.meta.env
|
|
27
28
|
if (u.pattern === 'import.meta.env' && !u.variable.startsWith('VITE_')) {
|
|
28
29
|
warnings.push({
|
|
29
30
|
variable: u.variable,
|
|
@@ -34,6 +35,7 @@ export function applySvelteKitRules(u, warnings) {
|
|
|
34
35
|
});
|
|
35
36
|
return; // Stop processing other rules for this usage
|
|
36
37
|
}
|
|
38
|
+
// process.env
|
|
37
39
|
if (u.pattern === 'process.env') {
|
|
38
40
|
if (!isServerFile) {
|
|
39
41
|
warnings.push({
|
|
@@ -46,12 +48,38 @@ export function applySvelteKitRules(u, warnings) {
|
|
|
46
48
|
return;
|
|
47
49
|
}
|
|
48
50
|
}
|
|
51
|
+
// $env/dynamic/private
|
|
49
52
|
if (u.pattern === 'sveltekit' &&
|
|
50
53
|
u.imports?.includes('$env/dynamic/private') &&
|
|
51
54
|
(isSvelteFile || isClientFile)) {
|
|
52
55
|
warnings.push({
|
|
53
56
|
variable: u.variable,
|
|
54
|
-
reason: `$env/dynamic/private cannot be used in client
|
|
57
|
+
reason: `$env/dynamic/private cannot be used in client-side code`,
|
|
58
|
+
file: normalizedFile,
|
|
59
|
+
line: u.line,
|
|
60
|
+
framework: 'sveltekit',
|
|
61
|
+
});
|
|
62
|
+
return;
|
|
63
|
+
}
|
|
64
|
+
if (u.pattern === 'sveltekit' &&
|
|
65
|
+
u.imports?.includes('$env/dynamic/private') &&
|
|
66
|
+
u.variable.startsWith('PUBLIC_')) {
|
|
67
|
+
warnings.push({
|
|
68
|
+
variable: u.variable,
|
|
69
|
+
reason: `$env/dynamic/private variables must not start with "PUBLIC_"`,
|
|
70
|
+
file: normalizedFile,
|
|
71
|
+
line: u.line,
|
|
72
|
+
framework: 'sveltekit',
|
|
73
|
+
});
|
|
74
|
+
return;
|
|
75
|
+
}
|
|
76
|
+
//$env/dynamic/public
|
|
77
|
+
if (u.pattern === 'sveltekit' &&
|
|
78
|
+
u.imports?.includes('$env/dynamic/public') &&
|
|
79
|
+
!u.variable.startsWith('PUBLIC_')) {
|
|
80
|
+
warnings.push({
|
|
81
|
+
variable: u.variable,
|
|
82
|
+
reason: `$env/dynamic/public variables must start with "PUBLIC_"`,
|
|
55
83
|
file: normalizedFile,
|
|
56
84
|
line: u.line,
|
|
57
85
|
framework: 'sveltekit',
|
|
@@ -60,10 +88,10 @@ export function applySvelteKitRules(u, warnings) {
|
|
|
60
88
|
}
|
|
61
89
|
// $env/static/private
|
|
62
90
|
if (u.pattern === 'sveltekit' && u.imports?.includes('$env/static/private')) {
|
|
63
|
-
if (u.variable.startsWith('
|
|
91
|
+
if (u.variable.startsWith('PUBLIC_')) {
|
|
64
92
|
warnings.push({
|
|
65
93
|
variable: u.variable,
|
|
66
|
-
reason: `$env/static/private variables must not start with "PUBLIC_"
|
|
94
|
+
reason: `$env/static/private variables must not start with "PUBLIC_"`,
|
|
67
95
|
file: normalizedFile,
|
|
68
96
|
line: u.line,
|
|
69
97
|
framework: 'sveltekit',
|
|
@@ -73,17 +101,7 @@ export function applySvelteKitRules(u, warnings) {
|
|
|
73
101
|
if (isSvelteFile || isClientFile) {
|
|
74
102
|
warnings.push({
|
|
75
103
|
variable: u.variable,
|
|
76
|
-
reason:
|
|
77
|
-
file: normalizedFile,
|
|
78
|
-
line: u.line,
|
|
79
|
-
framework: 'sveltekit',
|
|
80
|
-
});
|
|
81
|
-
return;
|
|
82
|
-
}
|
|
83
|
-
if (u.variable.startsWith('PUBLIC_')) {
|
|
84
|
-
warnings.push({
|
|
85
|
-
variable: u.variable,
|
|
86
|
-
reason: `$env/static/private variables must not start with "PUBLIC_"`,
|
|
104
|
+
reason: `$env/static/private variables cannot be used in client-side code`,
|
|
87
105
|
file: normalizedFile,
|
|
88
106
|
line: u.line,
|
|
89
107
|
framework: 'sveltekit',
|
|
@@ -104,5 +122,17 @@ export function applySvelteKitRules(u, warnings) {
|
|
|
104
122
|
});
|
|
105
123
|
return;
|
|
106
124
|
}
|
|
125
|
+
// Warn if PUBLIC_ or VITE_ contains sensitive keywords
|
|
126
|
+
if ((u.variable.startsWith('PUBLIC_') || u.variable.startsWith('VITE_')) &&
|
|
127
|
+
/SECRET|PRIVATE|PASSWORD/.test(u.variable)) {
|
|
128
|
+
warnings.push({
|
|
129
|
+
variable: u.variable,
|
|
130
|
+
reason: 'Potential sensitive environment variable exposed to the browser',
|
|
131
|
+
file: normalizedFile,
|
|
132
|
+
line: u.line,
|
|
133
|
+
framework: 'sveltekit',
|
|
134
|
+
});
|
|
135
|
+
return; // Stop processing other rules for this usage
|
|
136
|
+
}
|
|
107
137
|
}
|
|
108
138
|
//# sourceMappingURL=sveltekitRules.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sveltekitRules.js","sourceRoot":"","sources":["../../../../src/core/frameworks/sveltekitRules.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,CAAW,EACX,QAA4B;IAE5B,2DAA2D;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE7C,sBAAsB;IACtB,IAAI,cAAc,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,MAAM,YAAY;IAChB,+BAA+B;IAC/B,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC;QACpC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC;QACnC,0CAA0C;QAC1C,oCAAoC,CAAC,IAAI,CAAC,cAAc,CAAC;QACzD,6BAA6B;QAC7B,oBAAoB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE5C,MAAM,YAAY,GAChB,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC;QACpC,CAAC,cAAc,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACxC,cAAc,CAAC,QAAQ,CAAC,SAAS,CAAC;YAClC,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;IAE1C,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAEtD,IAAI,CAAC,CAAC,OAAO,KAAK,iBAAiB,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACvE,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,oEAAoE;YAC5E,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;IAED,IAAI,CAAC,CAAC,OAAO,KAAK,aAAa,EAAE,CAAC;QAChC,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,iDAAiD;gBACzD,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,SAAS,EAAE,WAAW;aACvB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;QACzB,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,sBAAsB,CAAC;QAC3C,CAAC,YAAY,IAAI,YAAY,CAAC,EAC9B,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"sveltekitRules.js","sourceRoot":"","sources":["../../../../src/core/frameworks/sveltekitRules.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAE9D;;;;GAIG;AACH,MAAM,UAAU,mBAAmB,CACjC,CAAW,EACX,QAA4B;IAE5B,2DAA2D;IAC3D,MAAM,cAAc,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAE7C,sBAAsB;IACtB,IAAI,cAAc,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAC9C,OAAO;IACT,CAAC;IAED,MAAM,YAAY;IAChB,+BAA+B;IAC/B,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC;QACpC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC;QACnC,0CAA0C;QAC1C,oCAAoC,CAAC,IAAI,CAAC,cAAc,CAAC;QACzD,6BAA6B;QAC7B,oBAAoB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE5C,MAAM,YAAY,GAChB,CAAC,cAAc,CAAC,QAAQ,CAAC,UAAU,CAAC;QACpC,CAAC,cAAc,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YACxC,cAAc,CAAC,QAAQ,CAAC,SAAS,CAAC;YAClC,cAAc,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;IAE1C,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAEtD,kBAAkB;IAClB,IAAI,CAAC,CAAC,OAAO,KAAK,iBAAiB,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACvE,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,oEAAoE;YAC5E,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;IAED,cAAc;IACd,IAAI,CAAC,CAAC,OAAO,KAAK,aAAa,EAAE,CAAC;QAChC,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,iDAAiD;gBACzD,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,SAAS,EAAE,WAAW;aACvB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,uBAAuB;IACvB,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;QACzB,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,sBAAsB,CAAC;QAC3C,CAAC,YAAY,IAAI,YAAY,CAAC,EAC9B,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,yDAAyD;YACjE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;QACzB,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,sBAAsB,CAAC;QAC3C,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAChC,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,8DAA8D;YACtE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,qBAAqB;IACrB,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;QACzB,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,qBAAqB,CAAC;QAC1C,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EACjC,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,yDAAyD;YACjE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,CAAC,CAAC,OAAO,KAAK,WAAW,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;QAC5E,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;YACrC,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,6DAA6D;gBACrE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,SAAS,EAAE,WAAW;aACvB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;QAED,IAAI,YAAY,IAAI,YAAY,EAAE,CAAC;YACjC,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,kEAAkE;gBAC1E,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,SAAS,EAAE,WAAW;aACvB,CAAC,CAAC;YACH,OAAO;QACT,CAAC;IACH,CAAC;IAED,qBAAqB;IACrB,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;QACzB,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,oBAAoB,CAAC;QACzC,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EACjC,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,wDAAwD;YAChE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,uDAAuD;IACrD,IACA,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QACpE,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,EAC1C,CAAC;QACD,QAAQ,CAAC,IAAI,CAAC;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,MAAM,EAAE,iEAAiE;YACzE,IAAI,EAAE,cAAc;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,SAAS,EAAE,WAAW;SACvB,CAAC,CAAC;QACH,OAAO,CAAC,6CAA6C;IACvD,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import type { ComparisonOptions } from '../config/types.js';
|
|
2
|
+
/**
|
|
3
|
+
* Result of parsing and filtering environment files
|
|
4
|
+
*/
|
|
5
|
+
interface ParsedAndFilteredEnv {
|
|
6
|
+
current: Record<string, string>;
|
|
7
|
+
example: Record<string, string>;
|
|
8
|
+
currentKeys: string[];
|
|
9
|
+
exampleKeys: string[];
|
|
10
|
+
}
|
|
11
|
+
/**
|
|
12
|
+
* Parses and filters the environment and example files.
|
|
13
|
+
* @param envPath The path to the .env file
|
|
14
|
+
* @param examplePath The path to the .env.example file
|
|
15
|
+
* @param opts Comparison options
|
|
16
|
+
* @returns An object containing the parsed and filtered environment variables
|
|
17
|
+
*/
|
|
18
|
+
export declare function parseAndFilterEnv(envPath: string, examplePath: string, opts: ComparisonOptions): ParsedAndFilteredEnv;
|
|
19
|
+
export {};
|
|
20
|
+
//# sourceMappingURL=parseAndFilterEnv.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parseAndFilterEnv.d.ts","sourceRoot":"","sources":["../../../src/core/parseAndFilterEnv.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAE5D;;GAEG;AACH,UAAU,oBAAoB;IAC5B,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAChC,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED;;;;;;GAMG;AACH,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,EACnB,IAAI,EAAE,iBAAiB,GACtB,oBAAoB,CA0BtB"}
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
import { parseEnvFile } from './parseEnv.js';
|
|
2
|
+
import { filterIgnoredKeys } from './filterIgnoredKeys.js';
|
|
3
|
+
/**
|
|
4
|
+
* Parses and filters the environment and example files.
|
|
5
|
+
* @param envPath The path to the .env file
|
|
6
|
+
* @param examplePath The path to the .env.example file
|
|
7
|
+
* @param opts Comparison options
|
|
8
|
+
* @returns An object containing the parsed and filtered environment variables
|
|
9
|
+
*/
|
|
10
|
+
export function parseAndFilterEnv(envPath, examplePath, opts) {
|
|
11
|
+
const currentFull = parseEnvFile(envPath);
|
|
12
|
+
const exampleFull = parseEnvFile(examplePath);
|
|
13
|
+
const currentKeys = filterIgnoredKeys(Object.keys(currentFull), opts.ignore, opts.ignoreRegex);
|
|
14
|
+
const exampleKeys = filterIgnoredKeys(Object.keys(exampleFull), opts.ignore, opts.ignoreRegex);
|
|
15
|
+
return {
|
|
16
|
+
current: Object.fromEntries(currentKeys.map((k) => [k, currentFull[k] ?? ''])),
|
|
17
|
+
example: Object.fromEntries(exampleKeys.map((k) => [k, exampleFull[k] ?? ''])),
|
|
18
|
+
currentKeys,
|
|
19
|
+
exampleKeys,
|
|
20
|
+
};
|
|
21
|
+
}
|
|
22
|
+
//# sourceMappingURL=parseAndFilterEnv.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"parseAndFilterEnv.js","sourceRoot":"","sources":["../../../src/core/parseAndFilterEnv.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAa3D;;;;;;GAMG;AACH,MAAM,UAAU,iBAAiB,CAC/B,OAAe,EACf,WAAmB,EACnB,IAAuB;IAEvB,MAAM,WAAW,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;IAE9C,MAAM,WAAW,GAAG,iBAAiB,CACnC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EACxB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,WAAW,CACjB,CAAC;IAEF,MAAM,WAAW,GAAG,iBAAiB,CACnC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,EACxB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,WAAW,CACjB,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,WAAW,CACzB,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAClD;QACD,OAAO,EAAE,MAAM,CAAC,WAAW,CACzB,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAClD;QACD,WAAW;QACX,WAAW;KACZ,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/core/patterns.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/core/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,eAAO,MAAM,YAAY;;;;;;;;;IA4CxB,CAAC;AAGF,eAAO,MAAM,0BAA0B,UAStC,CAAC;AAGF,eAAO,MAAM,wBAAwB,UAiBpC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/core/patterns.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/core/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,MAAM,CAAC,MAAM,YAAY,GAAG;IAC1B,gBAAgB;IAChB;QACE,IAAI,EAAE,aAAsB;QAC5B,KAAK,EAAE,mCAAmC;KAC3C;IAED,oBAAoB;IACpB;QACE,IAAI,EAAE,iBAA0B;QAChC,KAAK,EAAE,wCAAwC;KAChD;IAED,iCAAiC;IACjC,gDAAgD;IAChD,mDAAmD;IACnD;QACE,IAAI,EAAE,WAAoB;QAC1B,KAAK,EACH,2FAA2F;KAC9F;IAED,+BAA+B;IAC/B,uEAAuE;IACvE;QACE,IAAI,EAAE,WAAoB;QAC1B,KAAK,EAAE,oCAAoC;KAC5C;IAED,oDAAoD;IACpD,8CAA8C;IAC9C;QACE,IAAI,EAAE,WAAoB;QAC1B,KAAK,EACH,4FAA4F;KAC/F;IAED,8DAA8D;IAC9D,iCAAiC;IACjC;QACE,IAAI,EAAE,WAAoB;QAC1B,KAAK,EACH,6FAA6F;KAChG;CACF,CAAC;AAEF,8CAA8C;AAC9C,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,KAAK;IACL,KAAK;IACL,MAAM;IACN,MAAM;IACN,MAAM;IACN,SAAS;IACT,MAAM;IACN,MAAM;CACP,CAAC;AAEF,yCAAyC;AACzC,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,cAAc;IACd,YAAY;IACZ,aAAa;IACb,UAAU;IACV,MAAM;IACN,OAAO;IACP,OAAO;IACP,OAAO;IACP,UAAU;IACV,MAAM;IACN,SAAS;IACT,OAAO;IACP,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,WAAW;CACZ,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { ScanResult } from '../../config/types.js';
|
|
2
|
+
/**
|
|
3
|
+
* Compares the scan result with the environment variables.
|
|
4
|
+
* This function identifies missing and unused environment variables.
|
|
5
|
+
* @param scanResult - The result of the scan.
|
|
6
|
+
* @param envVariables - The environment variables to compare against.
|
|
7
|
+
* @returns The comparison result.
|
|
8
|
+
*/
|
|
9
|
+
export declare function compareWithEnvFiles(scanResult: ScanResult, envVariables: Record<string, string | undefined>): ScanResult;
|
|
10
|
+
//# sourceMappingURL=compareScan.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compareScan.d.ts","sourceRoot":"","sources":["../../../../src/core/scan/compareScan.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAExD;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CACjC,UAAU,EAAE,UAAU,EACtB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,GAC/C,UAAU,CAYZ"}
|
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Compares the scan result with the environment variables.
|
|
3
|
+
* This function identifies missing and unused environment variables.
|
|
4
|
+
* @param scanResult - The result of the scan.
|
|
5
|
+
* @param envVariables - The environment variables to compare against.
|
|
6
|
+
* @returns The comparison result.
|
|
7
|
+
*/
|
|
8
|
+
export function compareWithEnvFiles(scanResult, envVariables) {
|
|
9
|
+
const usedVariables = new Set(scanResult.used.map((u) => u.variable));
|
|
10
|
+
const envKeys = new Set(Object.keys(envVariables));
|
|
11
|
+
const missing = [...usedVariables].filter((v) => !envKeys.has(v));
|
|
12
|
+
const unused = [...envKeys].filter((v) => !usedVariables.has(v));
|
|
13
|
+
return {
|
|
14
|
+
...scanResult,
|
|
15
|
+
missing,
|
|
16
|
+
unused,
|
|
17
|
+
};
|
|
18
|
+
}
|
|
19
|
+
//# sourceMappingURL=compareScan.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"compareScan.js","sourceRoot":"","sources":["../../../../src/core/scan/compareScan.ts"],"names":[],"mappings":"AAEA;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,UAAsB,EACtB,YAAgD;IAEhD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IACtE,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;IAEnD,MAAM,OAAO,GAAG,CAAC,GAAG,aAAa,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAClE,MAAM,MAAM,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAEjE,OAAO;QACL,GAAG,UAAU;QACb,OAAO;QACP,MAAM;KACP,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { ScanResult } from '../../config/types.js';
|
|
2
|
+
/**
|
|
3
|
+
* Computes a health score based on the scan results.
|
|
4
|
+
* @param scan - The result of the scan.
|
|
5
|
+
* @returns The computed health score as a number between 0 and 100.
|
|
6
|
+
*/
|
|
7
|
+
export declare function computeHealthScore(scan: ScanResult): number;
|
|
8
|
+
//# sourceMappingURL=computeHealthScore.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"computeHealthScore.d.ts","sourceRoot":"","sources":["../../../../src/core/scan/computeHealthScore.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,uBAAuB,CAAC;AAExD;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM,CAwC3D"}
|
|
@@ -0,0 +1,35 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Computes a health score based on the scan results.
|
|
3
|
+
* @param scan - The result of the scan.
|
|
4
|
+
* @returns The computed health score as a number between 0 and 100.
|
|
5
|
+
*/
|
|
6
|
+
export function computeHealthScore(scan) {
|
|
7
|
+
let score = 100;
|
|
8
|
+
// === 1. Secrets detected ===
|
|
9
|
+
const highSecrets = scan.secrets?.filter((s) => s.severity === 'high') ?? [];
|
|
10
|
+
const medSecrets = scan.secrets?.filter((s) => s.severity === 'medium') ?? [];
|
|
11
|
+
score -= highSecrets.length * 20;
|
|
12
|
+
score -= medSecrets.length * 10;
|
|
13
|
+
// === 2. Missing environment variables ===
|
|
14
|
+
score -= scan.missing.length * 20;
|
|
15
|
+
// === 3. Uppercase naming issues ===
|
|
16
|
+
score -= (scan.uppercaseWarnings?.length ?? 0) * 2;
|
|
17
|
+
// === 4. Console logging ===
|
|
18
|
+
score -= (scan.logged?.length ?? 0) * 10;
|
|
19
|
+
// === 5. Unused vars (less important) ===
|
|
20
|
+
score -= (scan.unused?.length ?? 0) * 1;
|
|
21
|
+
// === 6. Framework warnings ===
|
|
22
|
+
score -= (scan.frameworkWarnings?.length ?? 0) * 5;
|
|
23
|
+
// === 7. Example secrets ===
|
|
24
|
+
score -= (scan.exampleWarnings?.length ?? 0) * 10;
|
|
25
|
+
// === 8. Expiration warnings ===
|
|
26
|
+
score -= (scan.expireWarnings?.length ?? 0) * 5;
|
|
27
|
+
// === 9. Inconsistent naming warnings ===
|
|
28
|
+
score -= (scan.inconsistentNamingWarnings?.length ?? 0) * 3;
|
|
29
|
+
// === 10. Duplicate definitions ===
|
|
30
|
+
score -= (scan.duplicates?.env?.length ?? 0) * 10;
|
|
31
|
+
score -= (scan.duplicates?.example?.length ?? 0) * 10;
|
|
32
|
+
// Never go below 0 or above 100
|
|
33
|
+
return Math.max(0, Math.min(100, score));
|
|
34
|
+
}
|
|
35
|
+
//# sourceMappingURL=computeHealthScore.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"computeHealthScore.js","sourceRoot":"","sources":["../../../../src/core/scan/computeHealthScore.ts"],"names":[],"mappings":"AAEA;;;;GAIG;AACH,MAAM,UAAU,kBAAkB,CAAC,IAAgB;IACjD,IAAI,KAAK,GAAG,GAAG,CAAC;IAEhB,8BAA8B;IAC9B,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,IAAI,EAAE,CAAC;IAC7E,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,IAAI,EAAE,CAAC;IAE9E,KAAK,IAAI,WAAW,CAAC,MAAM,GAAG,EAAE,CAAC;IACjC,KAAK,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE,CAAC;IAEhC,2CAA2C;IAC3C,KAAK,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,EAAE,CAAC;IAElC,qCAAqC;IACrC,KAAK,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAEnD,6BAA6B;IAC7B,KAAK,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;IAEzC,0CAA0C;IAC1C,KAAK,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAExC,gCAAgC;IAChC,KAAK,IAAI,CAAC,IAAI,CAAC,iBAAiB,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAEnD,6BAA6B;IAC7B,KAAK,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;IAElD,iCAAiC;IACjC,KAAK,IAAI,CAAC,IAAI,CAAC,cAAc,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAEhD,0CAA0C;IAC1C,KAAK,IAAI,CAAC,IAAI,CAAC,0BAA0B,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IAE5D,oCAAoC;IACpC,KAAK,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,GAAG,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;IAClD,KAAK,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;IAEtD,gCAAgC;IAChC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC;AAC3C,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { ScanUsageOptions } from '../../config/types.js';
|
|
2
|
+
type ComparisonFile = {
|
|
3
|
+
path: string;
|
|
4
|
+
name: string;
|
|
5
|
+
};
|
|
6
|
+
/**
|
|
7
|
+
* Determines which file to use for comparison based on provided options
|
|
8
|
+
* @param {ScanUsageOptions} opts - Scan configuration options
|
|
9
|
+
* @returns Comparison file info with absolute path and basename, or undefined if not found
|
|
10
|
+
*/
|
|
11
|
+
export declare function determineComparisonFile(opts: ScanUsageOptions): ComparisonFile | undefined;
|
|
12
|
+
export {};
|
|
13
|
+
//# sourceMappingURL=determineComparisonFile.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"determineComparisonFile.d.ts","sourceRoot":"","sources":["../../../../src/core/scan/determineComparisonFile.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AAI9D,KAAK,cAAc,GAAG;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd,CAAC;AAEF;;;;GAIG;AACH,wBAAgB,uBAAuB,CACrC,IAAI,EAAE,gBAAgB,GACrB,cAAc,GAAG,SAAS,CA0B5B"}
|
|
@@ -0,0 +1,33 @@
|
|
|
1
|
+
import fs from 'fs';
|
|
2
|
+
import path from 'path';
|
|
3
|
+
import { resolveFromCwd } from '../helpers/resolveFromCwd.js';
|
|
4
|
+
import { DEFAULT_ENV_CANDIDATES } from '../../config/constants.js';
|
|
5
|
+
/**
|
|
6
|
+
* Determines which file to use for comparison based on provided options
|
|
7
|
+
* @param {ScanUsageOptions} opts - Scan configuration options
|
|
8
|
+
* @returns Comparison file info with absolute path and basename, or undefined if not found
|
|
9
|
+
*/
|
|
10
|
+
export function determineComparisonFile(opts) {
|
|
11
|
+
// Priority: explicit flags first, then auto-discovery
|
|
12
|
+
if (opts.examplePath) {
|
|
13
|
+
const p = resolveFromCwd(opts.cwd, opts.examplePath);
|
|
14
|
+
if (fs.existsSync(p)) {
|
|
15
|
+
return { path: p, name: path.basename(opts.examplePath) };
|
|
16
|
+
}
|
|
17
|
+
}
|
|
18
|
+
if (opts.envPath) {
|
|
19
|
+
const p = resolveFromCwd(opts.cwd, opts.envPath);
|
|
20
|
+
if (fs.existsSync(p)) {
|
|
21
|
+
return { path: p, name: path.basename(opts.envPath) };
|
|
22
|
+
}
|
|
23
|
+
}
|
|
24
|
+
// Auto-discovery: look for common env files relative to cwd
|
|
25
|
+
for (const candidate of DEFAULT_ENV_CANDIDATES) {
|
|
26
|
+
const fullPath = path.resolve(opts.cwd, candidate);
|
|
27
|
+
if (fs.existsSync(fullPath)) {
|
|
28
|
+
return { path: fullPath, name: candidate };
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
return undefined;
|
|
32
|
+
}
|
|
33
|
+
//# sourceMappingURL=determineComparisonFile.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"determineComparisonFile.js","sourceRoot":"","sources":["../../../../src/core/scan/determineComparisonFile.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAOnE;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CACrC,IAAsB;IAEtB,sDAAsD;IAEtD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QACrD,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YACrB,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,MAAM,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,CAAC;QACjD,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC;YACrB,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACxD,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,KAAK,MAAM,SAAS,IAAI,sBAAsB,EAAE,CAAC;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;QACnD,IAAI,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { EnvUsage, ScanOptions } from '../../config/types.js';
|
|
2
|
+
/**
|
|
3
|
+
* Scans a file for environment variable usage.
|
|
4
|
+
* @param filePath - The path to the file being scanned.
|
|
5
|
+
* @param content - The content of the file.
|
|
6
|
+
* @param opts - The scan options.
|
|
7
|
+
* @returns An array of environment variable usages found in the file.
|
|
8
|
+
*/
|
|
9
|
+
export declare function scanFile(filePath: string, content: string, opts: ScanOptions): EnvUsage[];
|
|
10
|
+
//# sourceMappingURL=scanFile.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scanFile.d.ts","sourceRoot":"","sources":["../../../../src/core/scan/scanFile.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAKnE;;;;;;GAMG;AACH,wBAAgB,QAAQ,CACtB,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,IAAI,EAAE,WAAW,GAChB,QAAQ,EAAE,CAsEZ"}
|
|
@@ -0,0 +1,65 @@
|
|
|
1
|
+
import path from 'path';
|
|
2
|
+
import { ENV_PATTERNS } from '../patterns.js';
|
|
3
|
+
import { hasIgnoreComment } from '../security/secretDetectors.js';
|
|
4
|
+
import { normalizePath } from '../helpers/normalizePath.js';
|
|
5
|
+
/**
|
|
6
|
+
* Scans a file for environment variable usage.
|
|
7
|
+
* @param filePath - The path to the file being scanned.
|
|
8
|
+
* @param content - The content of the file.
|
|
9
|
+
* @param opts - The scan options.
|
|
10
|
+
* @returns An array of environment variable usages found in the file.
|
|
11
|
+
*/
|
|
12
|
+
export function scanFile(filePath, content, opts) {
|
|
13
|
+
const usages = [];
|
|
14
|
+
const lines = content.split('\n');
|
|
15
|
+
// Get relative path from cwd corss-platform compatible
|
|
16
|
+
const relativePath = normalizePath(path.relative(opts.cwd, filePath));
|
|
17
|
+
// Collect all $env imports used in this file
|
|
18
|
+
const envImports = [];
|
|
19
|
+
const importRegex = /import\s+(?:\{[^}]*\}|\w+)\s+from\s+['"](\$env\/(?:static|dynamic)\/(?:private|public))['"]/g;
|
|
20
|
+
let importMatch;
|
|
21
|
+
while ((importMatch = importRegex.exec(content)) !== null) {
|
|
22
|
+
if (importMatch[1]) {
|
|
23
|
+
envImports.push(importMatch[1]);
|
|
24
|
+
}
|
|
25
|
+
}
|
|
26
|
+
for (const pattern of ENV_PATTERNS) {
|
|
27
|
+
let match;
|
|
28
|
+
const regex = new RegExp(pattern.regex.source, pattern.regex.flags);
|
|
29
|
+
while ((match = regex.exec(content)) !== null) {
|
|
30
|
+
const variable = match[1];
|
|
31
|
+
if (!variable)
|
|
32
|
+
continue;
|
|
33
|
+
const matchIndex = match.index;
|
|
34
|
+
// Find line and column
|
|
35
|
+
const beforeMatch = content.substring(0, matchIndex);
|
|
36
|
+
const lineNumber = beforeMatch.split('\n').length;
|
|
37
|
+
const lastNewlineIndex = beforeMatch.lastIndexOf('\n');
|
|
38
|
+
const column = lastNewlineIndex === -1
|
|
39
|
+
? matchIndex + 1
|
|
40
|
+
: matchIndex - lastNewlineIndex;
|
|
41
|
+
// Get the context (the actual line)
|
|
42
|
+
const contextLine = lines[lineNumber - 1] ?? '';
|
|
43
|
+
// Determine previous line for ignore detection
|
|
44
|
+
const prevLine = lines[lineNumber - 2] ?? '';
|
|
45
|
+
const isIgnored = hasIgnoreComment(contextLine) || hasIgnoreComment(prevLine);
|
|
46
|
+
// If usage is ignored, skip it entirely
|
|
47
|
+
if (isIgnored)
|
|
48
|
+
continue;
|
|
49
|
+
// Check if console.log
|
|
50
|
+
const isLogged = /\bconsole\.(log|error|warn|info|debug)\s*\(/.test(contextLine);
|
|
51
|
+
usages.push({
|
|
52
|
+
variable,
|
|
53
|
+
file: relativePath,
|
|
54
|
+
line: lineNumber,
|
|
55
|
+
column,
|
|
56
|
+
pattern: pattern.name,
|
|
57
|
+
imports: envImports,
|
|
58
|
+
context: contextLine,
|
|
59
|
+
isLogged,
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
return usages;
|
|
64
|
+
}
|
|
65
|
+
//# sourceMappingURL=scanFile.js.map
|