ferret-scan 2.1.2 → 2.3.0

package/dist/__tests__/htmlReporter.extra.test.js

@@ -0,0 +1,126 @@
+/**
+ * Additional HTML Reporter Tests
+ */
+import { generateHtmlReport, formatHtmlReport } from '../reporters/HtmlReporter.js';
+function makeFinding(overrides = {}) {
+    return {
+        ruleId: 'INJ-001',
+        ruleName: 'Injection Rule',
+        severity: 'HIGH',
+        category: 'injection',
+        file: '/project/test.md',
+        relativePath: 'test.md',
+        line: 5,
+        match: 'IGNORE <script>alert(1)</script>',
+        context: [
+            { lineNumber: 4, content: 'previous line', isMatch: false },
+            { lineNumber: 5, content: 'IGNORE PREVIOUS', isMatch: true },
+        ],
+        remediation: 'Remove injection attempt',
+        timestamp: new Date(),
+        riskScore: 75,
+        ...overrides,
+    };
+}
+function makeScanResult(findings = [], overrides = {}) {
+    return {
+        success: true,
+        startTime: new Date(),
+        endTime: new Date(),
+        duration: 1500,
+        scannedPaths: ['/project'],
+        totalFiles: 10,
+        analyzedFiles: 8,
+        skippedFiles: 2,
+        findings,
+        findingsBySeverity: {
+            CRITICAL: findings.filter(f => f.severity === 'CRITICAL'),
+            HIGH: findings.filter(f => f.severity === 'HIGH'),
+            MEDIUM: findings.filter(f => f.severity === 'MEDIUM'),
+            LOW: findings.filter(f => f.severity === 'LOW'),
+            INFO: findings.filter(f => f.severity === 'INFO'),
+        },
+        findingsByCategory: {},
+        overallRiskScore: 65,
+        summary: {
+            critical: findings.filter(f => f.severity === 'CRITICAL').length,
+            high: findings.filter(f => f.severity === 'HIGH').length,
+            medium: findings.filter(f => f.severity === 'MEDIUM').length,
+            low: findings.filter(f => f.severity === 'LOW').length,
+            info: 0,
+            total: findings.length,
+        },
+        errors: [],
+        ...overrides,
+    };
+}
+describe('generateHtmlReport', () => {
+    it('generates valid HTML with no findings', () => {
+        const html = generateHtmlReport(makeScanResult());
+        expect(typeof html).toBe('string');
+        expect(html).toContain('<!DOCTYPE html>');
+        expect(html).toContain('<html');
+        expect(html).toContain('</html>');
+    });
+    it('escapes HTML in finding content', () => {
+        const finding = makeFinding({
+            match: '<script>alert("xss")</script>',
+        });
+        const html = generateHtmlReport(makeScanResult([finding]));
+        expect(html).not.toContain('<script>alert("xss")</script>');
+        expect(html).toContain('&lt;script&gt;');
+    });
+    it('includes custom title', () => {
+        const html = generateHtmlReport(makeScanResult(), { title: 'My Security Report' });
+        expect(html).toContain('My Security Report');
+    });
+    it('supports dark mode option', () => {
+        const lightHtml = generateHtmlReport(makeScanResult(), { darkMode: false });
+        const darkHtml = generateHtmlReport(makeScanResult(), { darkMode: true });
+        expect(lightHtml).not.toBe(darkHtml);
+    });
+    it('includes findings in report', () => {
+        const finding = makeFinding({ severity: 'CRITICAL' });
+        const html = generateHtmlReport(makeScanResult([finding]));
+        expect(html).toContain('INJ-001');
+        expect(html).toContain('CRITICAL');
+    });
+    it('includes context lines in report', () => {
+        const finding = makeFinding({
+            context: [
+                { lineNumber: 4, content: 'previous line content', isMatch: false },
+                { lineNumber: 5, content: 'IGNORE PREVIOUS', isMatch: true },
+            ],
+        });
+        const html = generateHtmlReport(makeScanResult([finding]), { includeContext: true });
+        expect(html).toContain('previous line content');
+    });
+    it('includes scan duration in report', () => {
+        const html = generateHtmlReport(makeScanResult());
+        // Duration should be formatted
+        expect(html).toContain('1.50'); // 1500ms = 1.50s
+    });
+    it('generates report with multiple severity levels', () => {
+        const findings = [
+            makeFinding({ severity: 'CRITICAL' }),
+            makeFinding({ severity: 'HIGH' }),
+            makeFinding({ severity: 'MEDIUM' }),
+            makeFinding({ severity: 'LOW' }),
+            makeFinding({ severity: 'INFO' }),
+        ];
+        const html = generateHtmlReport(makeScanResult(findings));
+        expect(html).toContain('CRITICAL');
+        expect(html).toContain('HIGH');
+        expect(html).toContain('MEDIUM');
+        expect(html).toContain('LOW');
+        expect(html).toContain('INFO');
+    });
+});
+describe('formatHtmlReport', () => {
+    it('returns same as generateHtmlReport', () => {
+        const result = makeScanResult([makeFinding()]);
+        const options = { title: 'Test Report' };
+        expect(formatHtmlReport(result, options)).toBe(generateHtmlReport(result, options));
+    });
+});
+//# sourceMappingURL=htmlReporter.extra.test.js.map

package/dist/__tests__/interactiveTui.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Interactive TUI Tests
+ * Tests for displayFindings and other TUI utility functions
+ */
+export {};
+//# sourceMappingURL=interactiveTui.test.d.ts.map

package/dist/__tests__/interactiveTui.test.js

@@ -0,0 +1,180 @@
+/**
+ * Interactive TUI Tests
+ * Tests for displayFindings and other TUI utility functions
+ */
+import interactiveTuiDefault from '../features/interactiveTui.js';
+import { displayFindings } from '../features/interactiveTui.js';
+const { formatFinding, formatSummary } = interactiveTuiDefault;
+function makeFinding(overrides = {}) {
+    return {
+        ruleId: 'INJ-001',
+        ruleName: 'Injection Test Rule',
+        severity: 'HIGH',
+        category: 'injection',
+        file: '/project/test.md',
+        relativePath: 'test.md',
+        line: 5,
+        match: 'IGNORE PREVIOUS',
+        context: [
+            { lineNumber: 4, content: 'previous line', isMatch: false },
+            { lineNumber: 5, content: 'IGNORE PREVIOUS', isMatch: true },
+            { lineNumber: 6, content: 'next line', isMatch: false },
+        ],
+        remediation: 'Remove the injection attempt',
+        timestamp: new Date(),
+        riskScore: 75,
+        ...overrides,
+    };
+}
+function makeScanResult(findings = []) {
+    return {
+        success: true,
+        startTime: new Date(),
+        endTime: new Date(),
+        duration: 1500,
+        scannedPaths: ['/project'],
+        totalFiles: 10,
+        analyzedFiles: 8,
+        skippedFiles: 2,
+        findings,
+        findingsBySeverity: {
+            CRITICAL: findings.filter(f => f.severity === 'CRITICAL'),
+            HIGH: findings.filter(f => f.severity === 'HIGH'),
+            MEDIUM: findings.filter(f => f.severity === 'MEDIUM'),
+            LOW: findings.filter(f => f.severity === 'LOW'),
+            INFO: findings.filter(f => f.severity === 'INFO'),
+        },
+        findingsByCategory: {},
+        overallRiskScore: 65,
+        summary: {
+            critical: findings.filter(f => f.severity === 'CRITICAL').length,
+            high: findings.filter(f => f.severity === 'HIGH').length,
+            medium: findings.filter(f => f.severity === 'MEDIUM').length,
+            low: findings.filter(f => f.severity === 'LOW').length,
+            info: 0,
+            total: findings.length,
+        },
+        errors: [],
+    };
+}
+describe('formatFinding', () => {
+    it('formats a finding as a string', () => {
+        const finding = makeFinding();
+        const result = formatFinding(finding, 0, 1);
+        expect(typeof result).toBe('string');
+        expect(result.length).toBeGreaterThan(0);
+        expect(result).toContain('INJ-001');
+        expect(result).toContain('HIGH');
+        expect(result).toContain('injection');
+        expect(result).toContain('test.md');
+        expect(result).toContain('IGNORE PREVIOUS');
+    });
+    it('includes context when present', () => {
+        const finding = makeFinding();
+        const result = formatFinding(finding, 0, 1);
+        expect(result).toContain('Context:');
+        expect(result).toContain('IGNORE PREVIOUS');
+    });
+    it('includes remediation', () => {
+        const finding = makeFinding();
+        const result = formatFinding(finding, 0, 1);
+        expect(result).toContain('Remove the injection attempt');
+    });
+    it('handles finding without context', () => {
+        const finding = makeFinding({ context: [] });
+        const result = formatFinding(finding, 0, 5);
+        expect(result).not.toContain('Context:');
+    });
+    it('handles finding without remediation', () => {
+        const finding = makeFinding({ remediation: '' });
+        const result = formatFinding(finding, 0, 1);
+        expect(typeof result).toBe('string');
+    });
+    it('shows correct index and total', () => {
+        const finding = makeFinding();
+        const result = formatFinding(finding, 2, 10);
+        expect(result).toContain('3/10');
+    });
+    it('formats CRITICAL severity', () => {
+        const finding = makeFinding({ severity: 'CRITICAL' });
+        const result = formatFinding(finding, 0, 1);
+        expect(result).toContain('CRITICAL');
+    });
+    it('formats MEDIUM severity', () => {
+        const finding = makeFinding({ severity: 'MEDIUM' });
+        const result = formatFinding(finding, 0, 1);
+        expect(result).toContain('MEDIUM');
+    });
+    it('formats LOW severity', () => {
+        const finding = makeFinding({ severity: 'LOW' });
+        const result = formatFinding(finding, 0, 1);
+        expect(result).toContain('LOW');
+    });
+    it('formats INFO severity', () => {
+        const finding = makeFinding({ severity: 'INFO' });
+        const result = formatFinding(finding, 0, 1);
+        expect(result).toContain('INFO');
+    });
+});
+describe('formatSummary', () => {
+    it('formats a scan summary as a string', () => {
+        const result = makeScanResult([makeFinding()]);
+        const summary = formatSummary(result);
+        expect(typeof summary).toBe('string');
+        expect(summary).toContain('Scan Summary');
+        expect(summary).toContain('Files Scanned');
+        expect(summary).toContain('Risk Score');
+    });
+    it('includes findings count', () => {
+        const findings = [
+            makeFinding({ severity: 'CRITICAL' }),
+            makeFinding({ severity: 'HIGH' }),
+            makeFinding({ severity: 'MEDIUM' }),
+        ];
+        const result = makeScanResult(findings);
+        const summary = formatSummary(result);
+        expect(summary).toContain('CRITICAL');
+        expect(summary).toContain('HIGH');
+        expect(summary).toContain('MEDIUM');
+    });
+    it('handles empty scan result', () => {
+        const result = makeScanResult([]);
+        const summary = formatSummary(result);
+        expect(summary).toContain('Scan Summary');
+        expect(typeof summary).toBe('string');
+    });
+});
+describe('displayFindings', () => {
+    let consoleSpy;
+    beforeEach(() => {
+        consoleSpy = jest.spyOn(console, 'log').mockImplementation(() => { });
+    });
+    afterEach(() => {
+        consoleSpy.mockRestore();
+    });
+    it('displays a list of findings', () => {
+        const findings = [makeFinding(), makeFinding({ ruleId: 'CRED-001', line: 10 })];
+        displayFindings(findings);
+        expect(consoleSpy).toHaveBeenCalled();
+    });
+    it('respects maxDisplay limit', () => {
+        const findings = Array.from({ length: 20 }, (_, i) => makeFinding({ line: i + 1 }));
+        displayFindings(findings, { maxDisplay: 5 });
+        // Should show "and X more findings" message
+        const calls = consoleSpy.mock.calls.flat().join('');
+        expect(calls).toContain('more findings');
+    });
+    it('handles empty findings array', () => {
+        displayFindings([]);
+        expect(consoleSpy).toHaveBeenCalled();
+        const calls = consoleSpy.mock.calls.flat().join('');
+        expect(calls).toContain('0 total');
+    });
+    it('does not show "more" message when findings fit in maxDisplay', () => {
+        const findings = [makeFinding()];
+        displayFindings(findings, { maxDisplay: 10 });
+        const calls = consoleSpy.mock.calls.flat().join('');
+        expect(calls).not.toContain('more findings');
+    });
+});
+//# sourceMappingURL=interactiveTui.test.js.map

package/dist/__tests__/interactiveTuiCommands.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * Interactive TUI Command Handler Tests
+ * Tests for all commands in startInteractiveSession
+ */
+export {};
+//# sourceMappingURL=interactiveTuiCommands.test.d.ts.map

package/dist/__tests__/interactiveTuiCommands.test.js

@@ -0,0 +1,187 @@
+/**
+ * Interactive TUI Command Handler Tests
+ * Tests for all commands in startInteractiveSession
+ */
+import { EventEmitter } from 'events';
+// Mock readline interface
+const mockRlInstance = new EventEmitter();
+jest.mock('node:readline', () => ({
+    createInterface: jest.fn().mockReturnValue(mockRlInstance),
+}));
+import { startInteractiveSession } from '../features/interactiveTui.js';
+function makeFinding(overrides = {}) {
+    return {
+        ruleId: 'INJ-001',
+        ruleName: 'Injection Rule',
+        severity: 'HIGH',
+        category: 'injection',
+        file: '/project/test.md',
+        relativePath: 'test.md',
+        line: 5,
+        match: 'IGNORE PREVIOUS',
+        context: [],
+        remediation: 'Remove',
+        timestamp: new Date(),
+        riskScore: 75,
+        ...overrides,
+    };
+}
+function makeScanResult(findings = []) {
+    return {
+        success: true,
+        startTime: new Date(),
+        endTime: new Date(),
+        duration: 1000,
+        scannedPaths: ['/project'],
+        totalFiles: 5,
+        analyzedFiles: 4,
+        skippedFiles: 1,
+        findings,
+        findingsBySeverity: {
+            CRITICAL: findings.filter(f => f.severity === 'CRITICAL'),
+            HIGH: findings.filter(f => f.severity === 'HIGH'),
+            MEDIUM: findings.filter(f => f.severity === 'MEDIUM'),
+            LOW: findings.filter(f => f.severity === 'LOW'),
+            INFO: [],
+        },
+        findingsByCategory: {},
+        overallRiskScore: 50,
+        summary: {
+            critical: 0,
+            high: findings.filter(f => f.severity === 'HIGH').length,
+            medium: 0, low: 0, info: 0,
+            total: findings.length,
+        },
+        errors: [],
+    };
+}
+async function runCommandSequence(scanResult, commands) {
+    const outputs = [];
+    const consoleSpy = jest.spyOn(console, 'log').mockImplementation((msg) => {
+        outputs.push(msg ?? '');
+    });
+    let callCount = 0;
+    mockRlInstance.question = jest.fn((_prompt, cb) => {
+        const cmd = commands[callCount++] ?? 'quit';
+        cb(cmd);
+    });
+    mockRlInstance.close = jest.fn(() => {
+        mockRlInstance.emit('close');
+    });
+    try {
+        await startInteractiveSession(scanResult);
+    }
+    finally {
+        consoleSpy.mockRestore();
+    }
+    return outputs;
+}
+describe('startInteractiveSession - command handlers', () => {
+    beforeEach(() => {
+        jest.clearAllMocks();
+    });
+    it('handles summary command with scan result', async () => {
+        const result = makeScanResult([makeFinding()]);
+        const outputs = await runCommandSequence(result, ['summary', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('Scan Summary');
+    });
+    it('handles summary command without scan result', async () => {
+        const outputs = await runCommandSequence(null, ['summary', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('No scan results');
+    });
+    it('handles list command with findings', async () => {
+        const findings = [
+            makeFinding({ severity: 'CRITICAL', ruleId: 'INJ-001' }),
+            makeFinding({ severity: 'HIGH', ruleId: 'CRED-001' }),
+        ];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['list', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('Findings');
+    });
+    it('handles list command without scan result', async () => {
+        const outputs = await runCommandSequence(null, ['list', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('No scan results');
+    });
+    it('handles show command for specific index', async () => {
+        const findings = [makeFinding({ ruleId: 'INJ-001' }), makeFinding({ ruleId: 'CRED-001' })];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['show 1', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput.length).toBeGreaterThan(0);
+    });
+    it('handles show with invalid index', async () => {
+        const findings = [makeFinding()];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['show 999', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('Invalid index');
+    });
+    it('handles show with no findings', async () => {
+        const result = makeScanResult([]);
+        const outputs = await runCommandSequence(result, ['show', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('No findings');
+    });
+    it('handles next command', async () => {
+        const findings = [makeFinding({ ruleId: 'INJ-001' }), makeFinding({ ruleId: 'CRED-001' })];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['next', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput.length).toBeGreaterThan(0);
+    });
+    it('handles prev command', async () => {
+        const findings = [makeFinding()];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['prev', 'quit']);
+        expect(outputs.length).toBeGreaterThan(0);
+    });
+    it('handles filter command by severity', async () => {
+        const findings = [
+            makeFinding({ severity: 'HIGH' }),
+            makeFinding({ severity: 'CRITICAL' }),
+        ];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['filter severity HIGH', 'quit']);
+        expect(outputs.length).toBeGreaterThan(0);
+    });
+    it('handles sort command', async () => {
+        const findings = [makeFinding(), makeFinding({ ruleId: 'CRED-001', severity: 'CRITICAL' })];
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['sort file', 'quit']);
+        expect(outputs.length).toBeGreaterThan(0);
+    });
+    it('handles quit command via alias q', async () => {
+        const result = makeScanResult();
+        const outputs = await runCommandSequence(result, ['q']);
+        expect(outputs.length).toBeGreaterThan(0);
+    });
+    it('handles exit command', async () => {
+        const result = makeScanResult();
+        const outputs = await runCommandSequence(result, ['exit']);
+        expect(outputs.length).toBeGreaterThan(0);
+    });
+    it('handles help with alias h', async () => {
+        const result = makeScanResult();
+        const outputs = await runCommandSequence(result, ['h', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('Commands');
+    });
+    it('handles h alias', async () => {
+        const result = makeScanResult();
+        const outputs = await runCommandSequence(result, ['?', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('Commands');
+    });
+    it('handles list with limit argument', async () => {
+        const findings = Array.from({ length: 30 }, (_, i) => makeFinding({ line: i + 1 }));
+        const result = makeScanResult(findings);
+        const outputs = await runCommandSequence(result, ['list 5', 'quit']);
+        const allOutput = outputs.join('');
+        expect(allOutput).toContain('more');
+    });
+});
+//# sourceMappingURL=interactiveTuiCommands.test.js.map

package/dist/__tests__/interactiveTuiMore.test.d.ts

@@ -0,0 +1,6 @@
+/**
+ * More Interactive TUI Command Tests
+ * Tests for files, export, clear, filter variations, and sort variations
+ */
+export {};
+//# sourceMappingURL=interactiveTuiMore.test.d.ts.map