fivosense 0.1.3 → 0.1.5

package/vscode-extension/package.json

@@ -0,0 +1,94 @@
+{
+  "name": "fivosense-vscode",
+  "displayName": "FivoSense Security Scanner",
+  "description": "Real-time security vulnerability detection with AI-powered taint analysis",
+  "version": "0.1.0",
+  "publisher": "fivosense",
+  "engines": {
+    "vscode": "^1.80.0"
+  },
+  "categories": [
+    "Linters",
+    "Programming Languages",
+    "Other"
+  ],
+  "keywords": [
+    "security",
+    "vulnerability",
+    "sql injection",
+    "xss",
+    "taint analysis",
+    "code scanner"
+  ],
+  "activationEvents": [
+    "onLanguage:javascript",
+    "onLanguage:typescript",
+    "onLanguage:javascriptreact",
+    "onLanguage:typescriptreact"
+  ],
+  "main": "./dist/extension.js",
+  "contributes": {
+    "commands": [
+      {
+        "command": "fivosense.scanFile",
+        "title": "FivoSense: Scan Current File"
+      },
+      {
+        "command": "fivosense.scanWorkspace",
+        "title": "FivoSense: Scan Workspace"
+      },
+      {
+        "command": "fivosense.roast",
+        "title": "FivoSense: Roast Mode 🔥"
+      },
+      {
+        "command": "fivosense.badge",
+        "title": "FivoSense: Get Security Badge"
+      }
+    ],
+    "configuration": {
+      "title": "FivoSense",
+      "properties": {
+        "fivosense.enableRealTime": {
+          "type": "boolean",
+          "default": true,
+          "description": "Enable real-time security scanning as you type"
+        },
+        "fivosense.scanOnSave": {
+          "type": "boolean",
+          "default": true,
+          "description": "Automatically scan files on save"
+        },
+        "fivosense.severity": {
+          "type": "string",
+          "enum": ["all", "critical", "high", "medium"],
+          "default": "all",
+          "description": "Minimum severity level to report"
+        }
+      }
+    }
+  },
+  "scripts": {
+    "vscode:prepublish": "npm run compile",
+    "compile": "tsc -p ./",
+    "watch": "tsc -watch -p ./",
+    "package": "vsce package"
+  },
+  "devDependencies": {
+    "@types/node": "^20.11.0",
+    "@types/vscode": "^1.80.0",
+    "@vscode/vsce": "^2.22.0",
+    "typescript": "^5.3.3"
+  },
+  "dependencies": {
+    "fivosense": "^0.1.3"
+  },
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/itsvinsoni/sense.git"
+  },
+  "bugs": {
+    "url": "https://github.com/itsvinsoni/sense/issues"
+  },
+  "license": "MIT"
+}

package/vscode-extension/src/extension.ts

@@ -0,0 +1,289 @@
+import * as vscode from 'vscode';
+import { auditFile } from 'fivosense';
+
+let diagnosticCollection: vscode.DiagnosticCollection;
+let statusBarItem: vscode.StatusBarItem;
+
+/**
+ * Extension activation
+ */
+export function activate(context: vscode.ExtensionContext) {
+  console.log('FivoSense extension activated');
+
+  // Create diagnostic collection
+  diagnosticCollection = vscode.languages.createDiagnosticCollection('fivosense');
+  context.subscriptions.push(diagnosticCollection);
+
+  // Create status bar item
+  statusBarItem = vscode.window.createStatusBarItem(vscode.StatusBarAlignment.Left, 100);
+  statusBarItem.text = '$(shield) FivoSense';
+  statusBarItem.tooltip = 'FivoSense Security Scanner';
+  statusBarItem.show();
+  context.subscriptions.push(statusBarItem);
+
+  // Register commands
+  context.subscriptions.push(
+    vscode.commands.registerCommand('fivosense.scanFile', scanCurrentFile),
+    vscode.commands.registerCommand('fivosense.scanWorkspace', scanWorkspace),
+    vscode.commands.registerCommand('fivosense.roast', roastMode),
+    vscode.commands.registerCommand('fivosense.badge', showBadge)
+  );
+
+  // Register event handlers
+  const config = vscode.workspace.getConfiguration('fivosense');
+  
+  if (config.get('scanOnSave')) {
+    context.subscriptions.push(
+      vscode.workspace.onDidSaveTextDocument(document => {
+        if (shouldScanDocument(document)) {
+          scanDocument(document);
+        }
+      })
+    );
+  }
+
+  if (config.get('enableRealTime')) {
+    context.subscriptions.push(
+      vscode.workspace.onDidChangeTextDocument(event => {
+        if (shouldScanDocument(event.document)) {
+          // Debounce real-time scanning
+          debounce(() => scanDocument(event.document), 1000);
+        }
+      })
+    );
+  }
+
+  // Scan active editor on start
+  if (vscode.window.activeTextEditor) {
+    scanDocument(vscode.window.activeTextEditor.document);
+  }
+}
+
+/**
+ * Extension deactivation
+ */
+export function deactivate() {
+  if (diagnosticCollection) {
+    diagnosticCollection.dispose();
+  }
+  if (statusBarItem) {
+    statusBarItem.dispose();
+  }
+}
+
+/**
+ * Check if document should be scanned
+ */
+function shouldScanDocument(document: vscode.TextDocument): boolean {
+  const supportedLanguages = ['javascript', 'typescript', 'javascriptreact', 'typescriptreact'];
+  return supportedLanguages.includes(document.languageId) && 
+         document.uri.scheme === 'file';
+}
+
+/**
+ * Scan a document
+ */
+async function scanDocument(document: vscode.TextDocument) {
+  try {
+    statusBarItem.text = '$(sync~spin) Scanning...';
+    
+    const result = await auditFile(document.uri.fsPath);
+    const diagnostics: vscode.Diagnostic[] = [];
+
+    // Convert findings to VS Code diagnostics
+    const allFindings = [...result.vulnerabilities, ...result.secrets, ...result.destructive];
+    for (const finding of allFindings) {
+      const severity = getSeverity(finding.severity);
+      const range = new vscode.Range(
+        finding.line - 1, 0,
+        finding.line - 1, 1000
+      );
+
+      const diagnostic = new vscode.Diagnostic(
+        range,
+        `[${finding.type}] ${finding.message}\n${finding.evidence}`,
+        severity
+      );
+
+      diagnostic.code = finding.cwe;
+      diagnostic.source = 'FivoSense';
+      
+      // Add fix as code action
+      if (finding.fix) {
+        diagnostic.relatedInformation = [
+          new vscode.DiagnosticRelatedInformation(
+            new vscode.Location(document.uri, range),
+            `Fix: ${finding.fix}`
+          )
+        ];
+      }
+
+      diagnostics.push(diagnostic);
+    }
+
+    diagnosticCollection.set(document.uri, diagnostics);
+
+    // Update status bar
+    const { critical, high, medium } = result.summary;
+    if (result.summary.total === 0) {
+      statusBarItem.text = '$(shield-check) FivoSense: Clean';
+      statusBarItem.backgroundColor = undefined;
+    } else if (critical > 0) {
+      statusBarItem.text = `$(shield-x) FivoSense: ${critical} Critical`;
+      statusBarItem.backgroundColor = new vscode.ThemeColor('statusBarItem.errorBackground');
+    } else if (high > 0) {
+      statusBarItem.text = `$(warning) FivoSense: ${high} High`;
+      statusBarItem.backgroundColor = new vscode.ThemeColor('statusBarItem.warningBackground');
+    } else {
+      statusBarItem.text = `$(info) FivoSense: ${medium} Issues`;
+      statusBarItem.backgroundColor = undefined;
+    }
+
+  } catch (error: any) {
+    statusBarItem.text = '$(shield-x) FivoSense: Error';
+    vscode.window.showErrorMessage(`FivoSense scan failed: ${error.message}`);
+  }
+}
+
+/**
+ * Convert severity to VS Code diagnostic severity
+ */
+function getSeverity(severity: string): vscode.DiagnosticSeverity {
+  switch (severity.toLowerCase()) {
+    case 'critical':
+    case 'high':
+      return vscode.DiagnosticSeverity.Error;
+    case 'medium':
+      return vscode.DiagnosticSeverity.Warning;
+    case 'low':
+      return vscode.DiagnosticSeverity.Information;
+    default:
+      return vscode.DiagnosticSeverity.Hint;
+  }
+}
+
+/**
+ * Scan current file command
+ */
+async function scanCurrentFile() {
+  const editor = vscode.window.activeTextEditor;
+  if (!editor) {
+    vscode.window.showWarningMessage('No active editor');
+    return;
+  }
+
+  if (!shouldScanDocument(editor.document)) {
+    vscode.window.showWarningMessage('File type not supported');
+    return;
+  }
+
+  await scanDocument(editor.document);
+  vscode.window.showInformationMessage('FivoSense scan completed');
+}
+
+/**
+ * Scan workspace command
+ */
+async function scanWorkspace() {
+  const files = await vscode.workspace.findFiles('**/*.{js,ts,jsx,tsx}', '**/node_modules/**');
+  
+  let totalFindings = 0;
+  let criticalCount = 0;
+
+  await vscode.window.withProgress({
+    location: vscode.ProgressLocation.Notification,
+    title: 'FivoSense: Scanning workspace...',
+    cancellable: false
+  }, async (progress) => {
+    for (let i = 0; i < files.length; i++) {
+      progress.report({ 
+        increment: (100 / files.length),
+        message: `${i + 1}/${files.length} files`
+      });
+
+      const document = await vscode.workspace.openTextDocument(files[i]);
+      const result = await auditFile(document.uri.fsPath);
+      
+      totalFindings += result.summary.total;
+      criticalCount += result.summary.critical;
+
+      if (result.summary.total > 0) {
+        await scanDocument(document);
+      }
+    }
+  });
+
+  vscode.window.showInformationMessage(
+    `FivoSense: Scanned ${files.length} files. Found ${totalFindings} issues (${criticalCount} critical)`
+  );
+}
+
+/**
+ * Roast mode command
+ */
+async function roastMode() {
+  const editor = vscode.window.activeTextEditor;
+  if (!editor) {
+    vscode.window.showWarningMessage('No active editor');
+    return;
+  }
+
+  const result = await auditFile(editor.document.uri.fsPath);
+  
+  let roast = '';
+  if (result.summary.total === 0) {
+    roast = '🎉 Your code is cleaner than your browser history!';
+  } else if (result.summary.critical > 0) {
+    roast = '🔥 Even script kiddies are embarrassed for you. This code has more holes than Swiss cheese!';
+  } else if (result.summary.high > 0) {
+    roast = '😬 Living dangerously, I see. Your security posture is... creative.';
+  } else {
+    roast = '🤔 Not terrible, but I\'ve seen better security at a lemonade stand.';
+  }
+
+  vscode.window.showInformationMessage(roast, { modal: true });
+}
+
+/**
+ * Show security badge command
+ */
+async function showBadge() {
+  const editor = vscode.window.activeTextEditor;
+  if (!editor) {
+    vscode.window.showWarningMessage('No active editor');
+    return;
+  }
+
+  const result = await auditFile(editor.document.uri.fsPath);
+  
+  // Calculate grade
+  let grade = 'A+';
+  let score = 100;
+  
+  if (result.summary.critical > 0) {
+    grade = 'F';
+    score = 40;
+  } else if (result.summary.high > 0) {
+    grade = 'D';
+    score = 60;
+  } else if (result.summary.medium > 0) {
+    grade = 'B';
+    score = 80;
+  }
+
+  const message = `🛡️ Security Grade: ${grade}\nScore: ${score}/100\n\nFindings:\n` +
+    `Critical: ${result.summary.critical}\n` +
+    `High: ${result.summary.high}\n` +
+    `Medium: ${result.summary.medium}`;
+
+  vscode.window.showInformationMessage(message, { modal: true });
+}
+
+/**
+ * Debounce utility
+ */
+let debounceTimer: NodeJS.Timeout;
+function debounce(func: Function, delay: number) {
+  clearTimeout(debounceTimer);
+  debounceTimer = setTimeout(() => func(), delay);
+}

package/vscode-extension/tsconfig.json

@@ -0,0 +1,15 @@
+{
+  "compilerOptions": {
+    "module": "commonjs",
+    "target": "ES2020",
+    "outDir": "dist",
+    "lib": ["ES2020"],
+    "sourceMap": true,
+    "rootDir": "src",
+    "strict": true,
+    "esModuleInterop": true,
+    "skipLibCheck": true,
+    "forceConsistentCasingInFileNames": true
+  },
+  "exclude": ["node_modules", ".vscode-test"]
+}