ferret-scan 2.0.0 → 2.1.0

package/CHANGELOG.md

@@ -16,6 +16,30 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - REST API for third-party integrations
 - SIEM/SOAR integrations
 
+## [2.1.0] - 2026-02-16
+
+### Added
+- **NO_COLOR support**: Respects the `NO_COLOR` environment variable per no-color.org standard. Chalk auto-detects terminal capabilities and disables color output when `NO_COLOR` is set
+- **SSRF protection for custom rules**: Remote URLs in `--custom-rules` are now blocked by default. Use the new `--allow-remote-rules` flag to opt in to loading rules from URLs
+- **SIGINT handler**: Graceful shutdown on Ctrl+C during scan with cleanup message and exit code 130
+- **Interactive baseline removal**: `ferret baseline remove` now prompts for confirmation interactively instead of requiring `--yes`
+- **Dockerfile updated**: Multi-stage build with Node.js 20, non-root user, proper signal handling, and minimal image size
+- **npm-shrinkwrap.json**: Deterministic dependency installs for reproducible builds
+- **ESM exports map**: Added `"exports"` field to package.json for proper ESM module resolution
+- **Version command changelog link**: `ferret version` now includes a link to the changelog
+- **Comprehensive test suite**: 244 tests covering rule matching (positive/negative cases for all 9 categories), config loading, reporter output, exit codes, and SARIF validation
+
+### Changed
+- **Chalk replaces raw ANSI codes**: ConsoleReporter now uses chalk consistently instead of raw ANSI escape sequences. This automatically supports `NO_COLOR`, `FORCE_COLOR`, and terminal capability detection
+- **Invalid input warnings**: Unknown `--severity` and `--category` values now produce a warning instead of being silently dropped
+- **typescript moved to devDependencies**: Saves ~60MB on production installs
+
+### Security
+- **SSRF protection**: Custom rules from remote URLs require explicit opt-in via `--allow-remote-rules` to prevent server-side request forgery
+
+### Fixed
+- Missing `allowRemoteRules` field in MarketplaceScanner config
+
 ## [2.0.0] - 2026-02-15
 
 ### Added

package/README.md

@@ -95,37 +95,34 @@ AI CLI configurations are a **new attack surface**. Traditional security scanner
 
 Ferret understands AI CLI structures and catches **AI-specific threats** that generic scanners miss.
 
-## ✨ New: Advanced Features (v2.0)
+## What's New in v2.1.0
 
-**🔌 IDE Integrations**
+- **NO_COLOR support**: Respects the `NO_COLOR` environment variable per [no-color.org](https://no-color.org)
+- **SSRF protection**: Remote custom rules URLs blocked by default; use `--allow-remote-rules` to opt in
+- **SIGINT handler**: Graceful shutdown on Ctrl+C during scan
+- **Interactive baseline removal**: `ferret baseline remove` prompts for confirmation
+- **244 tests**: Comprehensive test suite covering rules, config, reporters, and exit codes
+- **npm-shrinkwrap.json**: Deterministic dependency installs
+
+## Advanced Features
+
+**IDE Integration**
 - **VS Code Extension**: Real-time security scanning with inline diagnostics and quick fixes
-- **Language Server Protocol**: IDE-agnostic security analysis for Neovim, Emacs, and more
-- **IntelliJ Plugin**: Enterprise-grade support for Java/Kotlin teams
-
-**📊 Behavior Analysis**
-- **Runtime Monitoring**: Track agent execution patterns and resource usage
-- **Anomaly Detection**: Identify unusual behavior and potential security incidents
-- **Cross-Agent Communication**: Monitor interactions between AI agents
-
-**🏪 Marketplace Security**
-- **Plugin Scanning**: Analyze Claude Skills, Cursor extensions, and community plugins
-- **Permission Analysis**: Detect dangerous capability combinations
-- **Risk Assessment**: Automated threat scoring and recommendations
-
-**🤖 AI-Powered Rules**
-- **Automated Rule Generation**: Create security rules from threat intelligence using LLM
-- **Community Platform**: Share and import security rules from the community
-- **Adaptive Detection**: Rules that evolve with the threat landscape
-
-**🔒 Sandboxing Integration**
-- **Pre-execution Validation**: Security checks before agent code runs
-- **Runtime Constraints**: Enforce resource limits and access controls
-- **Capability Boundaries**: Verify and restrict agent capabilities
-
-**✅ Compliance Frameworks**
-- **SOC2 Compliance**: Automated control assessment and reporting
-- **ISO 27001**: Security standard mapping and evidence collection
-- **GDPR**: Privacy impact assessment for AI agents
+
+**Analysis Engines**
+- **MITRE ATLAS mapping**: Every finding mapped to ATLAS adversary techniques
+- **LLM-assisted analysis**: Optional AI-powered threat detection (OpenAI-compatible APIs)
+- **Semantic analysis**: TypeScript AST-based code analysis
+- **Cross-file correlation**: Detect multi-file attack chains
+- **Entropy analysis**: Secret detection via Shannon entropy
+- **Threat intelligence**: Local indicator database matching
+
+**Planned Features**
+- Language Server Protocol (LSP) for universal IDE support
+- IntelliJ plugin
+- Runtime behavior monitoring
+- Compliance framework assessments (SOC2, ISO 27001, GDPR)
+- Community rule sharing platform
 
 ---
 
@@ -404,6 +401,9 @@ npx -p ferret-scan ferret scan .
 # Or install locally
 npm install --save-dev ferret-scan
 npx ferret scan .
+
+# Or run via Docker (no Node.js required)
+docker run --rm -v $(pwd):/workspace:ro ghcr.io/fubak/ferret-scan scan /workspace
 ```
 
 ## Quick Start
@@ -464,13 +464,19 @@ GROQ_API_KEY="..." ferret scan . --thorough \
   --llm-model llama-3.1-8b-instant \
   --mitre-atlas-catalog
 
-# Load custom rules (file paths or URLs)
+# Load custom rules (local files)
 ferret scan . --custom-rules ./.ferret/rules.yml
+
+# Load custom rules from remote URLs (requires opt-in)
+ferret scan . --custom-rules https://example.com/rules.yml --allow-remote-rules
+
+# Disable color output
+NO_COLOR=1 ferret scan .
 ```
 
 ## What It Detects
 
-Ferret includes **80 enabled rules** (as of `v1.0.10`) across these categories. Run `ferret rules stats` for the latest counts.
+Ferret includes **80+ enabled rules** across these categories. Run `ferret rules stats` for the latest counts.
 
 | Category | Rules | What It Finds |
 |----------|-------|---------------|
@@ -612,59 +618,6 @@ ferret intel search "jailbreak"        # Search indicators
 ferret intel add --type pattern --value "malicious" --severity high
 ```
 
-### `ferret marketplace` (NEW)
-
-Scan AI agent marketplaces and plugins:
-
-```bash
-ferret marketplace scan claude         # Scan Claude Skills marketplace
-ferret marketplace scan cursor         # Scan Cursor extensions
-ferret marketplace analyze <plugin-id> # Analyze specific plugin
-ferret marketplace list --risky        # Show high-risk plugins
-```
-
-### `ferret monitor` (NEW)
-
-Runtime behavior monitoring:
-
-```bash
-ferret monitor start                   # Start monitoring agent behavior
-ferret monitor status                  # Check monitoring status
-ferret monitor report                  # Generate behavior report
-ferret monitor stop                    # Stop monitoring
-```
-
-### `ferret sandbox` (NEW)
-
-Sandbox integration and validation:
-
-```bash
-ferret sandbox validate <command>      # Pre-execution security check
-ferret sandbox enforce --config <file> # Apply runtime constraints
-ferret sandbox test <agent-config>     # Test agent in sandbox
-```
-
-### `ferret compliance` (NEW)
-
-Compliance framework assessment:
-
-```bash
-ferret compliance assess soc2          # SOC2 compliance assessment
-ferret compliance assess iso27001      # ISO 27001 assessment
-ferret compliance assess gdpr          # GDPR privacy impact assessment
-ferret compliance report --format pdf  # Generate compliance report
-```
-
-### `ferret rules generate` (NEW)
-
-AI-powered rule generation:
-
-```bash
-ferret rules generate --from-threat <report.json>  # Generate from threat intel
-ferret rules generate --community                  # Browse community rules
-ferret rules validate <rule-file>                  # Validate custom rules
-ferret rules publish <rule-file>                   # Share with community
-```
 
 ## CI/CD Integration
 
@@ -697,10 +650,10 @@ security_scan:
   stage: test
   image: node:20
   script:
-    - npx -p ferret-scan ferret scan . --ci --format json -o ferret-results.json
+    - npx -p ferret-scan ferret scan . --ci --format sarif -o ferret-results.sarif
   artifacts:
     reports:
-      sast: ferret-results.json
+      sast: ferret-results.sarif
 ```
 
 ### Pre-commit Hook
@@ -718,6 +671,15 @@ fi
 echo "✅ Security scan passed"
 ```
 
+## Environment Variables
+
+| Variable | Description |
+|----------|-------------|
+| `NO_COLOR` | Disable all color output ([no-color.org](https://no-color.org)) |
+| `FERRET_EXIT_SUCCESS` | Override success exit code (default: 0) |
+| `FERRET_EXIT_FINDINGS` | Override findings exit code (default: 1) |
+| `FERRET_EXIT_ERROR` | Override error exit code (default: 3) |
+
 ## Configuration
 
 Ferret will auto-load config from (first found walking up from CWD):
@@ -775,17 +737,26 @@ Optional: keep MITRE ATLAS technique metadata up to date (downloads STIX bundle
 
 ## Docker
 
+No Node.js required. The image runs as a non-root user with minimal dependencies.
+
 ```bash
+# Build the image
+docker build -t ferret-scan .
+
 # Basic scan
 docker run --rm -v $(pwd):/workspace:ro \
-  ghcr.io/fubak/ferret-scan scan /workspace
+  ferret-scan scan /workspace
 
 # With output file
 docker run --rm \
   -v $(pwd):/workspace:ro \
   -v $(pwd)/results:/output:rw \
-  ghcr.io/fubak/ferret-scan scan /workspace \
+  ferret-scan scan /workspace \
   --format html -o /output/report.html
+
+# CI mode
+docker run --rm -v $(pwd):/workspace:ro \
+  ferret-scan scan /workspace --ci --fail-on high
 ```
 
 ## Advanced Features
@@ -858,8 +829,11 @@ rules:
 You can also pass sources explicitly (file paths or URLs):
 
 ```bash
+# Local rules files
 ferret scan . --custom-rules ./.ferret/rules.yml
-ferret scan . --custom-rules https://example.com/ferret-rules.yml
+
+# Remote rules require --allow-remote-rules (SSRF protection)
+ferret scan . --custom-rules https://example.com/ferret-rules.yml --allow-remote-rules
 ```
 
 ### Thorough Mode
@@ -876,6 +850,13 @@ ferret scan . --thorough --format atlas -o atlas-layer.json
 
 ## Planned Features
 
+- Language Server Protocol (LSP) for Neovim, Emacs, Sublime Text
+- IntelliJ plugin for JetBrains IDEs
+- Runtime behavior monitoring and anomaly detection
+- Compliance framework assessments (SOC2, ISO 27001, GDPR)
+- Community rule sharing platform
+- CI/CD plugins for Jenkins, Azure DevOps
+- REST API for third-party integrations
 - Threat intel updates from external sources
 - More LLM providers and local-first presets
 
@@ -883,7 +864,7 @@ ferret scan . --thorough --format atlas -o atlas-layer.json
 
 ### VS Code Extension
 
-Install from VS Code Marketplace or build from source:
+Build from source:
 
 ```bash
 cd extensions/vscode
@@ -909,40 +890,13 @@ npm run compile
 }
 ```
 
-### Language Server Protocol (LSP)
-
-Universal IDE support through LSP:
-
-```bash
-cd lsp/server
-npm install
-npm run build
-node dist/server.js --stdio
-```
-
-**Supported Editors:**
-- Neovim (via nvim-lspconfig)
-- Emacs (via lsp-mode)
-- Sublime Text (via LSP package)
-- Atom (via atom-languageclient)
-
-### IntelliJ Plugin
-
-Enterprise-grade support for JetBrains IDEs:
-
-```bash
-cd plugins/intellij
-./gradlew build
-# Install: Settings -> Plugins -> Install from disk
-```
-
 ## Performance
 
 | Metric | Value |
 |--------|-------|
 | **Speed** | Fast deterministic scanning; optional analyzers (semantic/correlation/deps/LLM) add cost |
 | **Memory** | Depends on enabled analyzers (semantic analysis uses the TypeScript compiler) |
-| **Rules** | 80 enabled rules (as of `v1.0.10`) + optional custom rules |
+| **Rules** | 80+ enabled rules + optional custom rules |
 
 ## Documentation
 

package/bin/ferret.js

@@ -122,10 +122,22 @@ program
   .option('--auto-fix', 'Automatically apply safe fixes after scanning')
   .option('--config <file>', 'Path to configuration file')
   .option('--custom-rules <sources>', 'Custom rule sources (comma-separated file paths or URLs)')
+  .option('--allow-remote-rules', 'Allow loading custom rules from remote URLs (required for URL sources)')
   .option('--baseline <file>', 'Path to baseline file for filtering known findings')
   .option('--ignore-baseline', 'Ignore baseline file and show all findings')
   .action(async (path, options, command) => {
     try {
+      // SIGINT handler for graceful shutdown
+      let aborted = false;
+      const sigintHandler = () => {
+        if (!aborted) {
+          aborted = true;
+          console.error('\nScan interrupted. Cleaning up...');
+          process.exit(130);
+        }
+      };
+      process.on('SIGINT', sigintHandler);
+
       // Configure logger
       logger.configure({
         verbose: options.verbose,
@@ -219,6 +231,7 @@ program
         llmMinConfidence: options.llmMinConfidence,
         thorough: options.thorough,
         autoRemediation: options.autoRemediation,
+        allowRemoteRules: options.allowRemoteRules,
         config: options.config,
       });
 
@@ -573,10 +586,16 @@ baselineCmd
       }
 
       if (!options.yes) {
-        // Simple confirmation (in a real implementation, you'd use a proper prompt library)
-        console.log(`This will delete the baseline at: ${baselinePath}`);
-        console.log('Use --yes to confirm');
-        process.exit(1);
+        const { createInterface } = await import('node:readline');
+        const rl = createInterface({ input: process.stdin, output: process.stdout });
+        const answer = await new Promise((resolve) => {
+          rl.question(`Remove baseline at ${baselinePath}? [y/N] `, resolve);
+        });
+        rl.close();
+        if (String(answer).trim().toLowerCase() !== 'y') {
+          console.log('Cancelled.');
+          process.exit(0);
+        }
       }
 
       const { unlinkSync } = await import('node:fs');
@@ -949,6 +968,7 @@ program
   .action(() => {
     console.log(`Ferret v${packageJson.version}`);
     console.log('Security scanner for AI CLI configurations');
+    console.log(`Changelog: https://github.com/fubak/ferret-scan/blob/main/CHANGELOG.md`);
   });
 
 // Git hooks commands

package/dist/__tests__/config.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Configuration Loading Tests
+ * Tests parseSeverities, parseCategories, loadConfig, and default values
+ */
+export {};
+//# sourceMappingURL=config.test.d.ts.map

package/dist/__tests__/config.test.js

@@ -0,0 +1,270 @@
+/**
+ * Configuration Loading Tests
+ * Tests parseSeverities, parseCategories, loadConfig, and default values
+ */
+import { loadConfig } from '../utils/config.js';
+import { DEFAULT_CONFIG } from '../types.js';
+// ---------------------------------------------------------------------------
+// Since parseSeverities and parseCategories are not exported directly,
+// we test them indirectly through loadConfig, which calls them internally.
+// We also test loadConfig behavior directly for defaults and overrides.
+// ---------------------------------------------------------------------------
+// Spy on logger.warn to verify warning behavior
+let warnSpy;
+beforeEach(() => {
+    // eslint-disable-next-line @typescript-eslint/no-require-imports, @typescript-eslint/no-unsafe-assignment, @typescript-eslint/no-unsafe-member-access
+    const logger = require('../utils/logger.js').default;
+    // eslint-disable-next-line @typescript-eslint/no-empty-function
+    warnSpy = jest.spyOn(logger, 'warn').mockImplementation(() => { });
+});
+afterEach(() => {
+    warnSpy?.mockRestore();
+});
+// ---------------------------------------------------------------------------
+// parseSeverities (tested through loadConfig)
+// ---------------------------------------------------------------------------
+describe('parseSeverities behavior via loadConfig', () => {
+    it('should accept valid severity values', () => {
+        const config = loadConfig({ severity: 'HIGH,CRITICAL' });
+        expect(config.severities).toEqual(['HIGH', 'CRITICAL']);
+    });
+    it('should be case-insensitive for severity parsing', () => {
+        const config = loadConfig({ severity: 'high,medium' });
+        expect(config.severities).toEqual(['HIGH', 'MEDIUM']);
+    });
+    it('should warn and ignore unknown severity values', () => {
+        const config = loadConfig({ severity: 'HIGH,BOGUS,LOW' });
+        expect(config.severities).toEqual(['HIGH', 'LOW']);
+        expect(warnSpy).toHaveBeenCalledWith(expect.stringContaining('Ignoring unknown severity "BOGUS"'));
+    });
+    it('should keep defaults when all severities are invalid', () => {
+        const config = loadConfig({ severity: 'INVALID,NOPE' });
+        // When parseSeverities returns undefined (no valid values), defaults remain
+        expect(config.severities).toEqual(DEFAULT_CONFIG.severities);
+    });
+    it('should keep defaults when severity option is not provided', () => {
+        const config = loadConfig({});
+        expect(config.severities).toEqual(DEFAULT_CONFIG.severities);
+    });
+});
+// ---------------------------------------------------------------------------
+// parseCategories (tested through loadConfig)
+// ---------------------------------------------------------------------------
+describe('parseCategories behavior via loadConfig', () => {
+    it('should accept valid category values', () => {
+        const config = loadConfig({ categories: 'injection,backdoors' });
+        expect(config.categories).toEqual(['injection', 'backdoors']);
+    });
+    it('should be case-insensitive for category parsing', () => {
+        const config = loadConfig({ categories: 'INJECTION,EXFILTRATION' });
+        expect(config.categories).toEqual(['injection', 'exfiltration']);
+    });
+    it('should warn and ignore unknown category values', () => {
+        const config = loadConfig({ categories: 'injection,fakecategory' });
+        expect(config.categories).toEqual(['injection']);
+        expect(warnSpy).toHaveBeenCalledWith(expect.stringContaining('Ignoring unknown category "fakecategory"'));
+    });
+    it('should keep defaults when all categories are invalid', () => {
+        const config = loadConfig({ categories: 'invalid,nope' });
+        expect(config.categories).toEqual(DEFAULT_CONFIG.categories);
+    });
+    it('should keep defaults when categories option is not provided', () => {
+        const config = loadConfig({});
+        expect(config.categories).toEqual(DEFAULT_CONFIG.categories);
+    });
+    it('should handle all valid categories', () => {
+        const all = 'exfiltration,credentials,injection,backdoors,supply-chain,permissions,persistence,obfuscation,ai-specific,advanced-hiding,behavioral';
+        const config = loadConfig({ categories: all });
+        expect(config.categories).toHaveLength(11);
+    });
+});
+// ---------------------------------------------------------------------------
+// loadConfig defaults
+// ---------------------------------------------------------------------------
+describe('loadConfig defaults', () => {
+    it('should return sensible defaults with minimal options', () => {
+        const config = loadConfig({});
+        expect(config.severities).toEqual(DEFAULT_CONFIG.severities);
+        expect(config.categories).toEqual(DEFAULT_CONFIG.categories);
+        expect(config.failOn).toBe('HIGH');
+        expect(config.format).toBe('console');
+        expect(config.contextLines).toBe(3);
+        expect(config.maxFileSize).toBe(10 * 1024 * 1024);
+        expect(config.verbose).toBe(false);
+        expect(config.ci).toBe(false);
+        expect(config.watch).toBe(false);
+        expect(config.configOnly).toBe(false);
+        expect(config.docDampening).toBe(true);
+        expect(config.redact).toBe(false);
+        expect(config.ignoreComments).toBe(true);
+        expect(config.mitreAtlas).toBe(true);
+    });
+    it('should default allowRemoteRules to false', () => {
+        const config = loadConfig({});
+        expect(config.allowRemoteRules).toBe(false);
+    });
+    it('should default analysis features to false', () => {
+        const config = loadConfig({});
+        expect(config.threatIntel).toBe(false);
+        expect(config.semanticAnalysis).toBe(false);
+        expect(config.correlationAnalysis).toBe(false);
+        expect(config.entropyAnalysis).toBe(false);
+        expect(config.mcpValidation).toBe(false);
+        expect(config.dependencyAnalysis).toBe(false);
+        expect(config.dependencyAudit).toBe(false);
+        expect(config.capabilityMapping).toBe(false);
+        expect(config.llmAnalysis).toBe(false);
+        expect(config.autoRemediation).toBe(false);
+    });
+    it('should default ignore patterns to node_modules and .git', () => {
+        const config = loadConfig({});
+        expect(config.ignore).toContain('**/node_modules/**');
+        expect(config.ignore).toContain('**/.git/**');
+    });
+    it('should default customRules to an empty array', () => {
+        const config = loadConfig({});
+        expect(config.customRules).toEqual([]);
+    });
+    it('should default LLM config with sensible values', () => {
+        const config = loadConfig({});
+        expect(config.llm.provider).toBe('openai-compatible');
+        expect(config.llm.model).toBe('gpt-4o-mini');
+        expect(config.llm.temperature).toBe(0);
+        expect(config.llm.maxRetries).toBe(2);
+        expect(config.llm.onlyIfFindings).toBe(true);
+        expect(config.llm.minConfidence).toBe(0.6);
+    });
+    it('should default MITRE ATLAS catalog to disabled', () => {
+        const config = loadConfig({});
+        expect(config.mitreAtlasCatalog.enabled).toBe(false);
+        expect(config.mitreAtlasCatalog.autoUpdate).toBe(true);
+    });
+});
+// ---------------------------------------------------------------------------
+// loadConfig CLI overrides
+// ---------------------------------------------------------------------------
+describe('loadConfig CLI overrides', () => {
+    it('should override format from CLI', () => {
+        const config = loadConfig({ format: 'json' });
+        expect(config.format).toBe('json');
+    });
+    it('should override failOn from CLI', () => {
+        const config = loadConfig({ failOn: 'CRITICAL' });
+        expect(config.failOn).toBe('CRITICAL');
+    });
+    it('should override failOn case-insensitively', () => {
+        const config = loadConfig({ failOn: 'medium' });
+        expect(config.failOn).toBe('MEDIUM');
+    });
+    it('should override verbose from CLI', () => {
+        const config = loadConfig({ verbose: true });
+        expect(config.verbose).toBe(true);
+    });
+    it('should override ci from CLI', () => {
+        const config = loadConfig({ ci: true });
+        expect(config.ci).toBe(true);
+    });
+    it('should override watch from CLI', () => {
+        const config = loadConfig({ watch: true });
+        expect(config.watch).toBe(true);
+    });
+    it('should override configOnly from CLI', () => {
+        const config = loadConfig({ configOnly: true });
+        expect(config.configOnly).toBe(true);
+    });
+    it('should override docDampening from CLI', () => {
+        const config = loadConfig({ docDampening: false });
+        expect(config.docDampening).toBe(false);
+    });
+    it('should override redact from CLI', () => {
+        const config = loadConfig({ redact: true });
+        expect(config.redact).toBe(true);
+    });
+    it('should override allowRemoteRules from CLI', () => {
+        const config = loadConfig({ allowRemoteRules: true });
+        expect(config.allowRemoteRules).toBe(true);
+    });
+    it('should override analysis features from CLI', () => {
+        const config = loadConfig({
+            threatIntel: true,
+            semanticAnalysis: true,
+            correlationAnalysis: true,
+            entropyAnalysis: true,
+            mcpValidation: true,
+            dependencyAnalysis: true,
+            capabilityMapping: true,
+        });
+        expect(config.threatIntel).toBe(true);
+        expect(config.semanticAnalysis).toBe(true);
+        expect(config.correlationAnalysis).toBe(true);
+        expect(config.entropyAnalysis).toBe(true);
+        expect(config.mcpValidation).toBe(true);
+        expect(config.dependencyAnalysis).toBe(true);
+        expect(config.capabilityMapping).toBe(true);
+    });
+    it('should override marketplace mode from CLI', () => {
+        const config = loadConfig({ marketplace: 'all' });
+        expect(config.marketplaceMode).toBe('all');
+    });
+    it('should warn on invalid marketplace mode', () => {
+        loadConfig({ marketplace: 'invalid' });
+        expect(warnSpy).toHaveBeenCalledWith(expect.stringContaining('Invalid --marketplace mode'));
+    });
+    it('should override LLM settings from CLI', () => {
+        const config = loadConfig({
+            llmAnalysis: true,
+            llmProvider: 'custom-provider',
+            llmModel: 'custom-model',
+            llmBaseUrl: 'https://custom.com/api',
+            llmApiKeyEnv: 'MY_KEY',
+            llmTimeoutMs: 60000,
+            llmMaxInputChars: 5000,
+            llmCacheDir: '/tmp/cache',
+            llmOnlyIfFindings: false,
+            llmMaxFiles: 10,
+            llmMinConfidence: 0.8,
+        });
+        expect(config.llmAnalysis).toBe(true);
+        expect(config.llm.provider).toBe('custom-provider');
+        expect(config.llm.model).toBe('custom-model');
+        expect(config.llm.baseUrl).toBe('https://custom.com/api');
+        expect(config.llm.apiKeyEnv).toBe('MY_KEY');
+        expect(config.llm.timeoutMs).toBe(60000);
+        expect(config.llm.maxInputChars).toBe(5000);
+        expect(config.llm.cacheDir).toBe('/tmp/cache');
+        expect(config.llm.onlyIfFindings).toBe(false);
+        expect(config.llm.maxFiles).toBe(10);
+        expect(config.llm.minConfidence).toBe(0.8);
+    });
+});
+// ---------------------------------------------------------------------------
+// Thorough mode
+// ---------------------------------------------------------------------------
+describe('loadConfig thorough mode', () => {
+    it('should enable all analysis features when thorough is set', () => {
+        const config = loadConfig({ thorough: true });
+        expect(config.threatIntel).toBe(true);
+        expect(config.semanticAnalysis).toBe(true);
+        expect(config.correlationAnalysis).toBe(true);
+        expect(config.entropyAnalysis).toBe(true);
+        expect(config.mcpValidation).toBe(true);
+        expect(config.dependencyAnalysis).toBe(true);
+        expect(config.capabilityMapping).toBe(true);
+        expect(config.ignoreComments).toBe(true);
+        expect(config.mitreAtlas).toBe(true);
+    });
+});
+// ---------------------------------------------------------------------------
+// Output file
+// ---------------------------------------------------------------------------
+describe('loadConfig output file', () => {
+    it('should set outputFile from CLI', () => {
+        const config = loadConfig({ output: '/tmp/report.json' });
+        expect(config.outputFile).toBe('/tmp/report.json');
+    });
+    it('should not set outputFile by default', () => {
+        const config = loadConfig({});
+        expect(config.outputFile).toBeUndefined();
+    });
+});
+//# sourceMappingURL=config.test.js.map

package/dist/__tests__/exitCodes.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Exit Code Tests
+ * Tests getExitCode from Scanner.ts for various finding/config combinations
+ */
+export {};
+//# sourceMappingURL=exitCodes.test.d.ts.map