forge-solana-sdk 2.2.5 ā 3.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +179 -1
- package/dist/cli.js +123 -7
- package/dist/cli.js.map +1 -1
- package/dist/commands/analytics.d.ts +2 -0
- package/dist/commands/analytics.d.ts.map +1 -0
- package/dist/commands/analytics.js +51 -0
- package/dist/commands/analytics.js.map +1 -0
- package/dist/commands/audit.d.ts +1 -1
- package/dist/commands/audit.d.ts.map +1 -1
- package/dist/commands/audit.js +60 -2
- package/dist/commands/audit.js.map +1 -1
- package/dist/commands/ci.d.ts +2 -0
- package/dist/commands/ci.d.ts.map +1 -0
- package/dist/commands/ci.js +107 -0
- package/dist/commands/ci.js.map +1 -0
- package/dist/commands/cost.d.ts +2 -0
- package/dist/commands/cost.d.ts.map +1 -0
- package/dist/commands/cost.js +53 -0
- package/dist/commands/cost.js.map +1 -0
- package/dist/commands/docs.d.ts +2 -0
- package/dist/commands/docs.d.ts.map +1 -0
- package/dist/commands/docs.js +85 -0
- package/dist/commands/docs.js.map +1 -0
- package/dist/commands/init.d.ts +2 -1
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +88 -1
- package/dist/commands/init.js.map +1 -1
- package/dist/commands/interactive.d.ts +2 -0
- package/dist/commands/interactive.d.ts.map +1 -0
- package/dist/commands/interactive.js +51 -0
- package/dist/commands/interactive.js.map +1 -0
- package/dist/commands/keypair.d.ts +2 -0
- package/dist/commands/keypair.d.ts.map +1 -0
- package/dist/commands/keypair.js +54 -0
- package/dist/commands/keypair.js.map +1 -0
- package/dist/commands/migrate.d.ts +2 -0
- package/dist/commands/migrate.d.ts.map +1 -0
- package/dist/commands/migrate.js +15 -0
- package/dist/commands/migrate.js.map +1 -0
- package/dist/commands/monitor.d.ts +2 -0
- package/dist/commands/monitor.d.ts.map +1 -0
- package/dist/commands/monitor.js +49 -0
- package/dist/commands/monitor.js.map +1 -0
- package/dist/commands/network.d.ts +2 -0
- package/dist/commands/network.d.ts.map +1 -0
- package/dist/commands/network.js +58 -0
- package/dist/commands/network.js.map +1 -0
- package/dist/commands/profile.d.ts +2 -0
- package/dist/commands/profile.d.ts.map +1 -0
- package/dist/commands/profile.js +41 -0
- package/dist/commands/profile.js.map +1 -0
- package/dist/commands/quality.d.ts +2 -0
- package/dist/commands/quality.d.ts.map +1 -0
- package/dist/commands/quality.js +58 -0
- package/dist/commands/quality.js.map +1 -0
- package/dist/commands/search.d.ts +2 -0
- package/dist/commands/search.d.ts.map +1 -0
- package/dist/commands/search.js +26 -0
- package/dist/commands/search.js.map +1 -0
- package/dist/commands/upgrade.d.ts +2 -0
- package/dist/commands/upgrade.d.ts.map +1 -0
- package/dist/commands/upgrade.js +136 -0
- package/dist/commands/upgrade.js.map +1 -0
- package/dist/cpi.d.ts +1 -1
- package/dist/cpi.d.ts.map +1 -1
- package/dist/cpi.js +14 -0
- package/dist/cpi.js.map +1 -1
- package/dist/templates/index.d.ts +16 -0
- package/dist/templates/index.d.ts.map +1 -0
- package/dist/templates/index.js +81 -0
- package/dist/templates/index.js.map +1 -0
- package/dist/templates/token-program.d.ts +3 -0
- package/dist/templates/token-program.d.ts.map +1 -0
- package/dist/templates/token-program.js +158 -0
- package/dist/templates/token-program.js.map +1 -0
- package/package.json +2 -2
package/README.md
CHANGED
|
@@ -24,9 +24,18 @@ forge init my-project
|
|
|
24
24
|
# With intent-driven CPI generation
|
|
25
25
|
forge init my-project --intent "transfer 100 tokens safely"
|
|
26
26
|
|
|
27
|
+
# With program template
|
|
28
|
+
forge init my-token --template token-program
|
|
29
|
+
|
|
27
30
|
# With specific Anchor version
|
|
28
31
|
forge init my-project --anchor-version 0.31.0
|
|
29
32
|
|
|
33
|
+
# Interactive setup wizard
|
|
34
|
+
forge interactive
|
|
35
|
+
|
|
36
|
+
# List available templates
|
|
37
|
+
forge list-templates
|
|
38
|
+
|
|
30
39
|
cd my-project
|
|
31
40
|
```
|
|
32
41
|
|
|
@@ -119,6 +128,162 @@ forge verify
|
|
|
119
128
|
- ā
Generate Solana Explorer verification links
|
|
120
129
|
- ā
Save local verification record
|
|
121
130
|
|
|
131
|
+
### Program Templates
|
|
132
|
+
```bash
|
|
133
|
+
# List all available templates
|
|
134
|
+
forge list-templates
|
|
135
|
+
|
|
136
|
+
# Create project from template
|
|
137
|
+
forge init my-token --template token-program
|
|
138
|
+
forge init my-nft --template nft-marketplace
|
|
139
|
+
forge init my-dao --template dao-governance
|
|
140
|
+
```
|
|
141
|
+
|
|
142
|
+
**Available Templates:**
|
|
143
|
+
- šŖ **token-program**: Complete SPL token with mint/transfer/burn
|
|
144
|
+
- š¼ļø **nft-marketplace**: NFT marketplace with royalties
|
|
145
|
+
- š³ļø **dao-governance**: DAO with proposals and voting
|
|
146
|
+
- š **staking-rewards**: Token staking with rewards
|
|
147
|
+
- š **escrow-swap**: Trustless token swap
|
|
148
|
+
- ā° **token-vesting**: Time-based vesting schedules
|
|
149
|
+
- š **moonshot-fair-launch**: Moonshot-compatible bonding curve
|
|
150
|
+
- š **pumpfun-launch**: Standard Pump.fun meme token
|
|
151
|
+
|
|
152
|
+
### Program Upgrade & Migration
|
|
153
|
+
```bash
|
|
154
|
+
# Upgrade to latest Anchor version
|
|
155
|
+
forge upgrade
|
|
156
|
+
|
|
157
|
+
# Upgrade to specific version
|
|
158
|
+
forge upgrade 0.32.1
|
|
159
|
+
|
|
160
|
+
# Migration assistant (with additional checks)
|
|
161
|
+
forge migrate 0.32.1
|
|
162
|
+
```
|
|
163
|
+
|
|
164
|
+
### Performance Analysis
|
|
165
|
+
```bash
|
|
166
|
+
forge profile
|
|
167
|
+
```
|
|
168
|
+
|
|
169
|
+
**Performance Insights:**
|
|
170
|
+
- ā” Compute unit usage analysis
|
|
171
|
+
- š° Cost estimation per transaction
|
|
172
|
+
- šÆ Optimization suggestions
|
|
173
|
+
- š Gas usage reports
|
|
174
|
+
|
|
175
|
+
### Program Monitoring
|
|
176
|
+
```bash
|
|
177
|
+
forge monitor
|
|
178
|
+
```
|
|
179
|
+
|
|
180
|
+
**Monitoring Features:**
|
|
181
|
+
- š Real-time transaction volume
|
|
182
|
+
- š Error rate tracking
|
|
183
|
+
- š„ Active user analytics
|
|
184
|
+
- š Account growth metrics
|
|
185
|
+
|
|
186
|
+
### Interactive Setup
|
|
187
|
+
```bash
|
|
188
|
+
forge interactive
|
|
189
|
+
```
|
|
190
|
+
|
|
191
|
+
**Guided Wizard:**
|
|
192
|
+
- š¦ Project name selection
|
|
193
|
+
- š Template selection
|
|
194
|
+
- š” Intent-driven generation
|
|
195
|
+
- š§ Anchor version configuration
|
|
196
|
+
|
|
197
|
+
### Documentation Generation
|
|
198
|
+
```bash
|
|
199
|
+
forge docs
|
|
200
|
+
```
|
|
201
|
+
|
|
202
|
+
**Auto-Generated Docs:**
|
|
203
|
+
- š API documentation from IDL
|
|
204
|
+
- š Instruction reference
|
|
205
|
+
- šļø Account structure docs
|
|
206
|
+
- š Integration examples
|
|
207
|
+
|
|
208
|
+
### Code Quality Analysis
|
|
209
|
+
```bash
|
|
210
|
+
forge quality
|
|
211
|
+
```
|
|
212
|
+
|
|
213
|
+
**Quality Metrics:**
|
|
214
|
+
- š Code complexity scoring
|
|
215
|
+
- š Function/struct counts
|
|
216
|
+
- ā
Maintainability assessment
|
|
217
|
+
- š” Refactoring recommendations
|
|
218
|
+
|
|
219
|
+
### Cost Calculator
|
|
220
|
+
```bash
|
|
221
|
+
forge cost
|
|
222
|
+
```
|
|
223
|
+
|
|
224
|
+
**Cost Analysis:**
|
|
225
|
+
- š¾ Deployment costs (~2.5 SOL)
|
|
226
|
+
- ā” Per-transaction fees
|
|
227
|
+
- š Monthly operation estimates
|
|
228
|
+
- š” Optimization tips
|
|
229
|
+
|
|
230
|
+
### Keypair Management
|
|
231
|
+
```bash
|
|
232
|
+
# Generate new keypair
|
|
233
|
+
forge keypair generate
|
|
234
|
+
|
|
235
|
+
# Generate to specific path
|
|
236
|
+
forge keypair generate ./my-keypair.json
|
|
237
|
+
|
|
238
|
+
# Import keypair
|
|
239
|
+
forge keypair import ./keypair.json
|
|
240
|
+
|
|
241
|
+
# Show keypair info
|
|
242
|
+
forge keypair info
|
|
243
|
+
```
|
|
244
|
+
|
|
245
|
+
### Network Management
|
|
246
|
+
```bash
|
|
247
|
+
# Switch network
|
|
248
|
+
forge network switch devnet
|
|
249
|
+
forge network switch mainnet-beta
|
|
250
|
+
|
|
251
|
+
# Check network status
|
|
252
|
+
forge network status
|
|
253
|
+
|
|
254
|
+
# Test RPC connection
|
|
255
|
+
forge network test
|
|
256
|
+
```
|
|
257
|
+
|
|
258
|
+
### Program Search
|
|
259
|
+
```bash
|
|
260
|
+
# Search for programs
|
|
261
|
+
forge search token program
|
|
262
|
+
forge search nft marketplace
|
|
263
|
+
```
|
|
264
|
+
|
|
265
|
+
### Analytics Dashboard
|
|
266
|
+
```bash
|
|
267
|
+
forge analytics
|
|
268
|
+
```
|
|
269
|
+
|
|
270
|
+
**Analytics Links:**
|
|
271
|
+
- š Solana Explorer integration
|
|
272
|
+
- š Transaction volume tracking
|
|
273
|
+
- š User activity metrics
|
|
274
|
+
|
|
275
|
+
### CI/CD Integration
|
|
276
|
+
```bash
|
|
277
|
+
# Generate GitHub Actions workflow
|
|
278
|
+
forge ci github
|
|
279
|
+
```
|
|
280
|
+
|
|
281
|
+
**Generated Workflow:**
|
|
282
|
+
- ā
Auto-test on push/PR
|
|
283
|
+
- ā
Security audit checks
|
|
284
|
+
- ā
Code quality validation
|
|
285
|
+
- ā
Auto-deploy to devnet
|
|
286
|
+
|
|
122
287
|
### Update FORGE
|
|
123
288
|
```bash
|
|
124
289
|
forge update
|
|
@@ -145,10 +310,23 @@ FORGE transforms natural language intents into production-ready Solana programs.
|
|
|
145
310
|
|
|
146
311
|
### Core Features
|
|
147
312
|
- ā
**Intent-Driven Generation**: `"transfer 100 tokens safely"` ā Modern CPI code
|
|
313
|
+
- ā
**Program Templates Library**: 6 battle-tested templates (Token, NFT, DAO, Staking, Escrow, Vesting)
|
|
148
314
|
- ā
**Automated Testing Framework**: Comprehensive test suites with security validation
|
|
149
315
|
- ā
**Contract Verification**: Source code transparency on Solana Explorer
|
|
150
316
|
- ā
**Multi-Environment Deployment**: Deploy to devnet/mainnet/localnet with safety checks
|
|
151
|
-
- ā
**Security Audit Tools**: Automated security analysis
|
|
317
|
+
- ā
**Security Audit Tools**: Automated security analysis (--deep for advanced checks)
|
|
318
|
+
- ā
**Program Upgrade System**: Version management and migration assistance
|
|
319
|
+
- ā
**Performance Profiler**: Compute unit analysis and optimization suggestions
|
|
320
|
+
- ā
**Program Monitoring**: Real-time analytics and activity tracking
|
|
321
|
+
- ā
**Interactive CLI**: Guided project setup wizard
|
|
322
|
+
- ā
**Documentation Generator**: Auto-generate API docs from IDL
|
|
323
|
+
- ā
**Code Quality Metrics**: Complexity analysis and maintainability scoring
|
|
324
|
+
- ā
**Cost Calculator**: Deployment and operation cost estimation
|
|
325
|
+
- ā
**Keypair Management**: Secure keypair generation and import utilities
|
|
326
|
+
- ā
**Network Utilities**: Switch between networks, test connections
|
|
327
|
+
- ā
**Program Search**: Find verified programs and best practices
|
|
328
|
+
- ā
**CI/CD Integration**: GitHub Actions workflow generation
|
|
329
|
+
- ā
**Fair-Launch Support**: Integrated Moonshot & Pump.fun launching
|
|
152
330
|
- ā
**Complete Anchor Workspace**: Ready-to-build projects with proper structure
|
|
153
331
|
- ā
**Client SDK Generation**: Auto-generated TypeScript SDK for program interaction
|
|
154
332
|
- ā
**Modern CPI Helpers**: `transfer_checked`, `mint_to`, PDA signers with `ctx.bumps`
|
package/dist/cli.js
CHANGED
|
@@ -10,18 +10,38 @@ const generate_sdk_js_1 = require("./commands/generate-sdk.js");
|
|
|
10
10
|
const audit_js_1 = require("./commands/audit.js");
|
|
11
11
|
const test_js_1 = require("./commands/test.js");
|
|
12
12
|
const verify_js_1 = require("./commands/verify.js");
|
|
13
|
+
const upgrade_js_1 = require("./commands/upgrade.js");
|
|
14
|
+
const profile_js_1 = require("./commands/profile.js");
|
|
15
|
+
const monitor_js_1 = require("./commands/monitor.js");
|
|
16
|
+
const interactive_js_1 = require("./commands/interactive.js");
|
|
17
|
+
const docs_js_1 = require("./commands/docs.js");
|
|
18
|
+
const migrate_js_1 = require("./commands/migrate.js");
|
|
19
|
+
const quality_js_1 = require("./commands/quality.js");
|
|
20
|
+
const cost_js_1 = require("./commands/cost.js");
|
|
21
|
+
const keypair_js_1 = require("./commands/keypair.js");
|
|
22
|
+
const network_js_1 = require("./commands/network.js");
|
|
23
|
+
const search_js_1 = require("./commands/search.js");
|
|
24
|
+
const analytics_js_1 = require("./commands/analytics.js");
|
|
25
|
+
const ci_js_1 = require("./commands/ci.js");
|
|
13
26
|
const program = new commander_1.Command();
|
|
14
27
|
program
|
|
15
28
|
.name('forge')
|
|
16
29
|
.description('FORGE - Intent-driven app assembly on Solana')
|
|
17
|
-
.version('
|
|
30
|
+
.version('3.0.0');
|
|
18
31
|
program
|
|
19
32
|
.command('init [projectName]')
|
|
20
33
|
.description('Initialize a new FORGE project')
|
|
21
34
|
.option('-i, --intent <intent>', 'Describe what the program should do (enables CPI generation)')
|
|
22
35
|
.option('-a, --anchor-version <version>', 'Specify Anchor version (default: 0.32.1)', '0.32.1')
|
|
36
|
+
.option('-t, --template <template>', 'Use a program template (token-program, nft-marketplace, dao-governance, staking-rewards, escrow-swap, token-vesting)')
|
|
23
37
|
.action(async (projectName, options) => {
|
|
24
|
-
await (0, init_js_1.initCommand)(projectName, options.intent, options.anchorVersion);
|
|
38
|
+
await (0, init_js_1.initCommand)(projectName, options.intent, options.anchorVersion, options.template);
|
|
39
|
+
});
|
|
40
|
+
program
|
|
41
|
+
.command('list-templates')
|
|
42
|
+
.description('List available program templates')
|
|
43
|
+
.action(async () => {
|
|
44
|
+
await (0, init_js_1.listTemplatesCommand)();
|
|
25
45
|
});
|
|
26
46
|
program
|
|
27
47
|
.command('deploy')
|
|
@@ -33,8 +53,9 @@ program
|
|
|
33
53
|
program
|
|
34
54
|
.command('audit')
|
|
35
55
|
.description('Run security audit on Anchor program')
|
|
36
|
-
.
|
|
37
|
-
|
|
56
|
+
.option('--deep', 'Run deep security analysis with advanced checks')
|
|
57
|
+
.action(async (options) => {
|
|
58
|
+
await (0, audit_js_1.auditCommand)(options.deep);
|
|
38
59
|
});
|
|
39
60
|
program
|
|
40
61
|
.command('test')
|
|
@@ -48,6 +69,84 @@ program
|
|
|
48
69
|
.action(async () => {
|
|
49
70
|
await (0, verify_js_1.verifyCommand)();
|
|
50
71
|
});
|
|
72
|
+
program
|
|
73
|
+
.command('upgrade [version]')
|
|
74
|
+
.description('Upgrade Anchor program to a new version')
|
|
75
|
+
.action(async (version) => {
|
|
76
|
+
await (0, upgrade_js_1.upgradeCommand)(version);
|
|
77
|
+
});
|
|
78
|
+
program
|
|
79
|
+
.command('profile')
|
|
80
|
+
.description('Analyze program performance and compute unit usage')
|
|
81
|
+
.action(async () => {
|
|
82
|
+
await (0, profile_js_1.profileCommand)();
|
|
83
|
+
});
|
|
84
|
+
program
|
|
85
|
+
.command('monitor')
|
|
86
|
+
.description('Monitor program activity and analytics')
|
|
87
|
+
.action(async () => {
|
|
88
|
+
await (0, monitor_js_1.monitorCommand)();
|
|
89
|
+
});
|
|
90
|
+
program
|
|
91
|
+
.command('interactive')
|
|
92
|
+
.description('Interactive project setup wizard')
|
|
93
|
+
.action(async () => {
|
|
94
|
+
await (0, interactive_js_1.interactiveCommand)();
|
|
95
|
+
});
|
|
96
|
+
program
|
|
97
|
+
.command('docs')
|
|
98
|
+
.description('Generate API documentation from IDL')
|
|
99
|
+
.action(async () => {
|
|
100
|
+
await (0, docs_js_1.docsCommand)();
|
|
101
|
+
});
|
|
102
|
+
program
|
|
103
|
+
.command('migrate [version]')
|
|
104
|
+
.description('Migrate program between Anchor versions')
|
|
105
|
+
.action(async (version) => {
|
|
106
|
+
await (0, migrate_js_1.migrateCommand)(version);
|
|
107
|
+
});
|
|
108
|
+
program
|
|
109
|
+
.command('quality')
|
|
110
|
+
.description('Analyze code quality metrics')
|
|
111
|
+
.action(async () => {
|
|
112
|
+
await (0, quality_js_1.qualityCommand)();
|
|
113
|
+
});
|
|
114
|
+
program
|
|
115
|
+
.command('cost')
|
|
116
|
+
.description('Calculate deployment and operation costs')
|
|
117
|
+
.action(async () => {
|
|
118
|
+
await (0, cost_js_1.costCommand)();
|
|
119
|
+
});
|
|
120
|
+
program
|
|
121
|
+
.command('keypair [action] [path]')
|
|
122
|
+
.description('Manage keypairs (generate, import, info)')
|
|
123
|
+
.action(async (action, path) => {
|
|
124
|
+
await (0, keypair_js_1.keypairCommand)(action, path);
|
|
125
|
+
});
|
|
126
|
+
program
|
|
127
|
+
.command('network [action] [network]')
|
|
128
|
+
.description('Manage Solana network connections (switch, status, test)')
|
|
129
|
+
.action(async (action, network) => {
|
|
130
|
+
await (0, network_js_1.networkCommand)(action, network);
|
|
131
|
+
});
|
|
132
|
+
program
|
|
133
|
+
.command('search [query]')
|
|
134
|
+
.description('Search for verified Solana programs')
|
|
135
|
+
.action(async (query) => {
|
|
136
|
+
await (0, search_js_1.searchCommand)(query);
|
|
137
|
+
});
|
|
138
|
+
program
|
|
139
|
+
.command('analytics')
|
|
140
|
+
.description('View program analytics and metrics')
|
|
141
|
+
.action(async () => {
|
|
142
|
+
await (0, analytics_js_1.analyticsCommand)();
|
|
143
|
+
});
|
|
144
|
+
program
|
|
145
|
+
.command('ci [platform]')
|
|
146
|
+
.description('Generate CI/CD workflows (github)')
|
|
147
|
+
.action(async (platform) => {
|
|
148
|
+
await (0, ci_js_1.ciCommand)(platform);
|
|
149
|
+
});
|
|
51
150
|
program
|
|
52
151
|
.command('generate-sdk [outputDir]')
|
|
53
152
|
.description('Generate TypeScript SDK from Anchor program')
|
|
@@ -69,13 +168,30 @@ program
|
|
|
69
168
|
// Show logo on help
|
|
70
169
|
program.on('--help', () => {
|
|
71
170
|
console.log(ascii_js_1.logo);
|
|
72
|
-
console.log('\
|
|
171
|
+
console.log('\nCore Commands:');
|
|
73
172
|
console.log(' init Create new Anchor projects');
|
|
74
|
-
console.log('
|
|
173
|
+
console.log(' interactive Interactive project setup wizard');
|
|
174
|
+
console.log(' list-templates List available program templates');
|
|
175
|
+
console.log('\nDevelopment:');
|
|
75
176
|
console.log(' test Generate and run comprehensive tests');
|
|
177
|
+
console.log(' audit Run security audit (--deep for advanced)');
|
|
178
|
+
console.log(' quality Analyze code quality metrics');
|
|
179
|
+
console.log(' profile Analyze performance and compute units');
|
|
180
|
+
console.log(' docs Generate API documentation');
|
|
181
|
+
console.log('\nDeployment:');
|
|
182
|
+
console.log(' deploy Deploy to Solana (--env: devnet/mainnet)');
|
|
76
183
|
console.log(' verify Verify contract on Solana Explorer');
|
|
77
|
-
console.log('
|
|
184
|
+
console.log(' upgrade Upgrade Anchor program version');
|
|
185
|
+
console.log(' migrate Migrate between Anchor versions');
|
|
186
|
+
console.log('\nUtilities:');
|
|
78
187
|
console.log(' generate-sdk Generate TypeScript SDK from program');
|
|
188
|
+
console.log(' monitor Monitor program activity');
|
|
189
|
+
console.log(' analytics View program analytics');
|
|
190
|
+
console.log(' cost Calculate deployment costs');
|
|
191
|
+
console.log(' keypair Manage keypairs (generate/import/info)');
|
|
192
|
+
console.log(' network Manage network connections');
|
|
193
|
+
console.log(' search Search verified Solana programs');
|
|
194
|
+
console.log(' ci Generate CI/CD workflows');
|
|
79
195
|
console.log(' status Check environment & versions');
|
|
80
196
|
console.log(' update Update FORGE to latest version');
|
|
81
197
|
console.log('\nFORGE does not:');
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;AAEA,yCAAoC;AACpC,yCAAkC;AAClC,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";;;AAEA,yCAAoC;AACpC,yCAAkC;AAClC,gDAAuE;AACvE,oDAAqD;AACrD,oDAAoE;AACpE,gEAAgE;AAChE,kDAAmD;AACnD,gDAAiD;AACjD,oDAAqD;AACrD,sDAAuD;AACvD,sDAAuD;AACvD,sDAAuD;AACvD,8DAA+D;AAC/D,gDAAiD;AACjD,sDAAuD;AACvD,sDAAuD;AACvD,gDAAiD;AACjD,sDAAuD;AACvD,sDAAuD;AACvD,oDAAqD;AACrD,0DAA2D;AAC3D,4CAA6C;AAE7C,MAAM,OAAO,GAAG,IAAI,mBAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,OAAO,CAAC;KACb,WAAW,CAAC,8CAA8C,CAAC;KAC3D,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,oBAAoB,CAAC;KAC7B,WAAW,CAAC,gCAAgC,CAAC;KAC7C,MAAM,CAAC,uBAAuB,EAAE,8DAA8D,CAAC;KAC/F,MAAM,CAAC,gCAAgC,EAAE,0CAA0C,EAAE,QAAQ,CAAC;KAC9F,MAAM,CAAC,2BAA2B,EAAE,sHAAsH,CAAC;KAC3J,MAAM,CAAC,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,EAAE;IACrC,MAAM,IAAA,qBAAW,EAAC,WAAW,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,aAAa,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;AAC1F,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,gBAAgB,CAAC;KACzB,WAAW,CAAC,kCAAkC,CAAC;KAC/C,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,8BAAoB,GAAE,CAAC;AAC/B,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,0BAA0B,CAAC;KACvC,MAAM,CAAC,yBAAyB,EAAE,sEAAsE,EAAE,QAAQ,CAAC;KACnH,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,IAAA,yBAAa,EAAC,OAAO,CAAC,GAAG,CAAC,CAAC;AACnC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,sCAAsC,CAAC;KACnD,MAAM,CAAC,QAAQ,EAAE,iDAAiD,CAAC;KACnE,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,IAAA,uBAAY,EAAC,OAAO,CAAC,IAAI,CAAC,CAAC;AACnC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,2CAA2C,CAAC;KACxD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,qBAAW,GAAE,CAAC;AACtB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,gDAAgD,CAAC;KAC7D,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,yBAAa,GAAE,CAAC;AACxB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,mBAAmB,CAAC;KAC5B,WAAW,CAAC,yCAAyC,CAAC;KACtD,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,IAAA,2BAAc,EAAC,OAAO,CAAC,CAAC;AAChC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,oDAAoD,CAAC;KACjE,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,2BAAc,GAAE,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,2BAAc,GAAE,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,aAAa,CAAC;KACtB,WAAW,CAAC,kCAAkC,CAAC;KAC/C,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,mCAAkB,GAAE,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,qCAAqC,CAAC;KAClD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,qBAAW,GAAE,CAAC;AACtB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,mBAAmB,CAAC;KAC5B,WAAW,CAAC,yCAAyC,CAAC;KACtD,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;IACxB,MAAM,IAAA,2BAAc,EAAC,OAAO,CAAC,CAAC;AAChC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,8BAA8B,CAAC;KAC3C,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,2BAAc,GAAE,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,0CAA0C,CAAC;KACvD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,qBAAW,GAAE,CAAC;AACtB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,yBAAyB,CAAC;KAClC,WAAW,CAAC,0CAA0C,CAAC;KACvD,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE;IAC7B,MAAM,IAAA,2BAAc,EAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AACrC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,4BAA4B,CAAC;KACrC,WAAW,CAAC,0DAA0D,CAAC;KACvE,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE;IAChC,MAAM,IAAA,2BAAc,EAAC,MAAM,EAAE,OAAO,CAAC,CAAC;AACxC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,gBAAgB,CAAC;KACzB,WAAW,CAAC,qCAAqC,CAAC;KAClD,MAAM,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;IACtB,MAAM,IAAA,yBAAa,EAAC,KAAK,CAAC,CAAC;AAC7B,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,WAAW,CAAC;KACpB,WAAW,CAAC,oCAAoC,CAAC;KACjD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,+BAAgB,GAAE,CAAC;AAC3B,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,eAAe,CAAC;KACxB,WAAW,CAAC,mCAAmC,CAAC;KAChD,MAAM,CAAC,KAAK,EAAE,QAAQ,EAAE,EAAE;IACzB,MAAM,IAAA,iBAAS,EAAC,QAAQ,CAAC,CAAC;AAC5B,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,0BAA0B,CAAC;KACnC,WAAW,CAAC,6CAA6C,CAAC;KAC1D,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,EAAE;IAC1B,MAAM,IAAA,oCAAkB,EAAC,SAAS,CAAC,CAAC;AACtC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,oCAAoC,CAAC;KACjD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,yBAAa,GAAE,CAAC;AACxB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,oCAAoC,CAAC;KACjD,MAAM,CAAC,KAAK,IAAI,EAAE;IACjB,MAAM,IAAA,yBAAa,GAAE,CAAC;AACxB,CAAC,CAAC,CAAC;AAEL,oBAAoB;AACpB,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;IACxB,OAAO,CAAC,GAAG,CAAC,eAAI,CAAC,CAAC;IAClB,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAChC,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC9B,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;IACxE,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACrE,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IAC7B,OAAO,CAAC,GAAG,CAAC,0DAA0D,CAAC,CAAC;IACxE,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC;IAC5B,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,wCAAwC,CAAC,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;IACtE,OAAO,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC;IAC1D,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;IAC9D,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACjC,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAChC,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;IAClC,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;AAC/C,CAAC,CAAC,CAAC;AAEH,kBAAkB;AAClB,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"analytics.d.ts","sourceRoot":"","sources":["../../src/commands/analytics.ts"],"names":[],"mappings":"AAEA,wBAAsB,gBAAgB,IAAI,OAAO,CAAC,IAAI,CAAC,CAwCtD"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.analyticsCommand = analyticsCommand;
|
|
4
|
+
const fs_1 = require("fs");
|
|
5
|
+
async function analyticsCommand() {
|
|
6
|
+
console.log('š FORGE Program Analytics\n');
|
|
7
|
+
try {
|
|
8
|
+
if (!(0, fs_1.existsSync)('Anchor.toml')) {
|
|
9
|
+
console.error('ā Not in an Anchor project directory');
|
|
10
|
+
process.exit(1);
|
|
11
|
+
}
|
|
12
|
+
const programId = getProgramId();
|
|
13
|
+
if (!programId) {
|
|
14
|
+
console.error('ā Could not find program ID');
|
|
15
|
+
process.exit(1);
|
|
16
|
+
}
|
|
17
|
+
console.log(`š Analytics for: ${programId}\n`);
|
|
18
|
+
console.log('š Analytics Dashboard:');
|
|
19
|
+
console.log(` Solana Explorer: https://explorer.solana.com/address/${programId}`);
|
|
20
|
+
console.log(` Solscan: https://solscan.io/account/${programId}`);
|
|
21
|
+
console.log(` Helius: https://helius.dev (requires API key)`);
|
|
22
|
+
console.log('\nš Available Metrics:');
|
|
23
|
+
console.log(' ā¢ Transaction volume');
|
|
24
|
+
console.log(' ā¢ Unique users');
|
|
25
|
+
console.log(' ā¢ Error rate');
|
|
26
|
+
console.log(' ā¢ Compute unit usage');
|
|
27
|
+
console.log(' ā¢ Account growth');
|
|
28
|
+
console.log('\nš” Integration Options:');
|
|
29
|
+
console.log(' 1. Use Solana Explorer for basic metrics');
|
|
30
|
+
console.log(' 2. Integrate Helius API for advanced analytics');
|
|
31
|
+
console.log(' 3. Use QuickNode for real-time monitoring');
|
|
32
|
+
console.log(' 4. Build custom dashboard with RPC calls');
|
|
33
|
+
}
|
|
34
|
+
catch (error) {
|
|
35
|
+
console.error('ā Analytics setup failed');
|
|
36
|
+
console.error(`Error: ${error.message}`);
|
|
37
|
+
process.exit(1);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
function getProgramId() {
|
|
41
|
+
try {
|
|
42
|
+
const { readFileSync } = require('fs');
|
|
43
|
+
const anchorToml = readFileSync('Anchor.toml', 'utf8');
|
|
44
|
+
const match = anchorToml.match(/\[programs\.localnet\]\s*([^=]+)\s*=\s*"([^"]+)"/);
|
|
45
|
+
return match ? match[2] : null;
|
|
46
|
+
}
|
|
47
|
+
catch {
|
|
48
|
+
return null;
|
|
49
|
+
}
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=analytics.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"analytics.js","sourceRoot":"","sources":["../../src/commands/analytics.ts"],"names":[],"mappings":";;AAEA,4CAwCC;AA1CD,2BAAgC;AAEzB,KAAK,UAAU,gBAAgB;IACpC,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;IAE5C,IAAI,CAAC;QACH,IAAI,CAAC,IAAA,eAAU,EAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;YACtD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;QACjC,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,qBAAqB,SAAS,IAAI,CAAC,CAAC;QAEhD,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,2DAA2D,SAAS,EAAE,CAAC,CAAC;QACpF,OAAO,CAAC,GAAG,CAAC,0CAA0C,SAAS,EAAE,CAAC,CAAC;QACnE,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAEhE,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QAEnC,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;QAC5D,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;IAE7D,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAC1C,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,SAAS,YAAY;IACnB,IAAI,CAAC;QACH,MAAM,EAAE,YAAY,EAAE,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;QACvC,MAAM,UAAU,GAAG,YAAY,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QACvD,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,kDAAkD,CAAC,CAAC;QACnF,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC"}
|
package/dist/commands/audit.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare function auditCommand(): Promise<void>;
|
|
1
|
+
export declare function auditCommand(deep?: boolean): Promise<void>;
|
|
2
2
|
//# sourceMappingURL=audit.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAWA,wBAAsB,YAAY,IAAI,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"audit.d.ts","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":"AAWA,wBAAsB,YAAY,CAAC,IAAI,GAAE,OAAe,GAAG,OAAO,CAAC,IAAI,CAAC,CA4CvE"}
|
package/dist/commands/audit.js
CHANGED
|
@@ -2,8 +2,8 @@
|
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.auditCommand = auditCommand;
|
|
4
4
|
const fs_1 = require("fs");
|
|
5
|
-
async function auditCommand() {
|
|
6
|
-
console.log(
|
|
5
|
+
async function auditCommand(deep = false) {
|
|
6
|
+
console.log(`š Running FORGE Security Audit${deep ? ' (Deep Analysis)' : ''}...\n`);
|
|
7
7
|
const results = [];
|
|
8
8
|
try {
|
|
9
9
|
// Check if we're in an Anchor project
|
|
@@ -25,6 +25,10 @@ async function auditCommand() {
|
|
|
25
25
|
results.push(...await checkPerformanceIssues());
|
|
26
26
|
console.log('š”ļø Checking access control...');
|
|
27
27
|
results.push(...await checkAccessControl());
|
|
28
|
+
if (deep) {
|
|
29
|
+
console.log('š¬ Running deep analysis...');
|
|
30
|
+
results.push(...await deepAnalysis());
|
|
31
|
+
}
|
|
28
32
|
// Display results
|
|
29
33
|
displayResults(results);
|
|
30
34
|
}
|
|
@@ -196,6 +200,60 @@ async function checkAccessControl() {
|
|
|
196
200
|
}
|
|
197
201
|
return results;
|
|
198
202
|
}
|
|
203
|
+
async function deepAnalysis() {
|
|
204
|
+
const results = [];
|
|
205
|
+
try {
|
|
206
|
+
const { glob } = require('glob');
|
|
207
|
+
const rustFiles = await glob('programs/**/*.rs');
|
|
208
|
+
for (const file of rustFiles) {
|
|
209
|
+
const content = (0, fs_1.readFileSync)(file, 'utf8');
|
|
210
|
+
// Reentrancy detection
|
|
211
|
+
if (content.includes('invoke') && content.includes('invoke_signed')) {
|
|
212
|
+
results.push({
|
|
213
|
+
severity: 'high',
|
|
214
|
+
title: 'Potential Reentrancy Risk',
|
|
215
|
+
description: 'Multiple invoke calls detected - potential reentrancy vulnerability',
|
|
216
|
+
location: file,
|
|
217
|
+
recommendation: 'Use checks-effects-interactions pattern and add reentrancy guards'
|
|
218
|
+
});
|
|
219
|
+
}
|
|
220
|
+
// Integer overflow in loops
|
|
221
|
+
if (content.includes('for') && content.includes('+') && !content.includes('checked_')) {
|
|
222
|
+
results.push({
|
|
223
|
+
severity: 'medium',
|
|
224
|
+
title: 'Potential Loop Overflow',
|
|
225
|
+
description: 'Loop counter may overflow without checks',
|
|
226
|
+
location: file,
|
|
227
|
+
recommendation: 'Add bounds checking for loop iterations'
|
|
228
|
+
});
|
|
229
|
+
}
|
|
230
|
+
// Missing error handling
|
|
231
|
+
if (content.includes('unwrap()') || content.includes('expect(')) {
|
|
232
|
+
results.push({
|
|
233
|
+
severity: 'medium',
|
|
234
|
+
title: 'Unsafe Error Handling',
|
|
235
|
+
description: 'Using unwrap() or expect() may cause program to panic',
|
|
236
|
+
location: file,
|
|
237
|
+
recommendation: 'Use proper error handling with Result types'
|
|
238
|
+
});
|
|
239
|
+
}
|
|
240
|
+
// Direct account data manipulation
|
|
241
|
+
if (content.includes('try_borrow_mut') && !content.includes('require!')) {
|
|
242
|
+
results.push({
|
|
243
|
+
severity: 'high',
|
|
244
|
+
title: 'Unvalidated Account Mutation',
|
|
245
|
+
description: 'Account data mutated without validation',
|
|
246
|
+
location: file,
|
|
247
|
+
recommendation: 'Add validation checks before mutating account data'
|
|
248
|
+
});
|
|
249
|
+
}
|
|
250
|
+
}
|
|
251
|
+
}
|
|
252
|
+
catch (error) {
|
|
253
|
+
// Ignore glob errors
|
|
254
|
+
}
|
|
255
|
+
return results;
|
|
256
|
+
}
|
|
199
257
|
function displayResults(results) {
|
|
200
258
|
if (results.length === 0) {
|
|
201
259
|
console.log('\nā
No security issues found!');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":";;AAWA,
|
|
1
|
+
{"version":3,"file":"audit.js","sourceRoot":"","sources":["../../src/commands/audit.ts"],"names":[],"mappings":";;AAWA,oCA4CC;AAvDD,2BAA8C;AAWvC,KAAK,UAAU,YAAY,CAAC,OAAgB,KAAK;IACtD,OAAO,CAAC,GAAG,CAAC,kCAAkC,IAAI,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IAErF,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,sCAAsC;QACtC,IAAI,CAAC,IAAA,eAAU,EAAC,aAAa,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;YACtD,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;YAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,0BAA0B;QAC1B,IAAI,CAAC,IAAA,eAAU,EAAC,UAAU,CAAC,EAAE,CAAC;YAC5B,OAAO,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,qBAAqB,EAAE,CAAC,CAAC;QAE/C,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,CAAC;QACjD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,qBAAqB,EAAE,CAAC,CAAC;QAE/C,OAAO,CAAC,GAAG,CAAC,yCAAyC,CAAC,CAAC;QACvD,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,sBAAsB,EAAE,CAAC,CAAC;QAEhD,OAAO,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;QAC/C,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,kBAAkB,EAAE,CAAC,CAAC;QAE5C,IAAI,IAAI,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,YAAY,EAAE,CAAC,CAAC;QACxC,CAAC;QAED,kBAAkB;QAClB,cAAc,CAAC,OAAO,CAAC,CAAC;IAE1B,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAChC,OAAO,CAAC,KAAK,CAAC,UAAU,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACzC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,qBAAqB;IAClC,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,kCAAkC;QAClC,MAAM,UAAU,GAAG,IAAA,iBAAY,EAAC,aAAa,EAAE,MAAM,CAAC,CAAC;QAEvD,iCAAiC;QACjC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,QAAQ;gBAClB,KAAK,EAAE,8BAA8B;gBACrC,WAAW,EAAE,yCAAyC;gBACtD,cAAc,EAAE,+DAA+D;aAChF,CAAC,CAAC;QACL,CAAC;QAED,yCAAyC;QACzC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACtC,OAAO,CAAC,IAAI,CAAC;gBACX,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,uBAAuB;gBAC9B,WAAW,EAAE,qCAAqC;gBAClD,cAAc,EAAE,8CAA8C;aAC/D,CAAC,CAAC;QACL,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC;YACX,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wBAAwB;YAC/B,WAAW,EAAE,0CAA0C;YACvD,cAAc,EAAE,qDAAqD;SACtE,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,qBAAqB;IAClC,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,0BAA0B;QAC1B,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAEjD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAE3C,wBAAwB;YACxB,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/B,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,sBAAsB;oBAC7B,WAAW,EAAE,mCAAmC;oBAChD,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,oDAAoD;iBACrE,CAAC,CAAC;YACL,CAAC;YAED,qCAAqC;YACrC,IAAI,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC1G,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,UAAU;oBACpB,KAAK,EAAE,8BAA8B;oBACrC,WAAW,EAAE,4CAA4C;oBACzD,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,iEAAiE;iBAClF,CAAC,CAAC;YACL,CAAC;YAED,yCAAyC;YACzC,IAAI,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxE,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,yBAAyB;oBAChC,WAAW,EAAE,gCAAgC;oBAC7C,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,2CAA2C;iBAC5D,CAAC,CAAC;YACL,CAAC;YAED,uCAAuC;YACvC,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,KAAK,KAAK,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBACxH,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,4BAA4B;oBACnC,WAAW,EAAE,+CAA+C;oBAC5D,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,+DAA+D;iBAChF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,CAAC,IAAI,CAAC;YACX,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,qBAAqB;YAC5B,WAAW,EAAE,uCAAuC;YACpD,cAAc,EAAE,qDAAqD;SACtE,CAAC,CAAC;IACL,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,sBAAsB;IACnC,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAEjD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAE3C,yDAAyD;YACzD,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;gBACpE,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,kCAAkC;oBACzC,WAAW,EAAE,2DAA2D;oBACxE,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,qEAAqE;iBACtF,CAAC,CAAC;YACL,CAAC;YAED,qCAAqC;YACrC,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC7D,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,KAAK;oBACf,KAAK,EAAE,oBAAoB;oBAC3B,WAAW,EAAE,gEAAgE;oBAC7E,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,6DAA6D;iBAC9E,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,qBAAqB;IACvB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,kBAAkB;IAC/B,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAEjD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAE3C,+BAA+B;YAC/B,IAAI,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC9F,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,4BAA4B;oBACnC,WAAW,EAAE,kDAAkD;oBAC/D,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,uEAAuE;iBACxF,CAAC,CAAC;YACL,CAAC;YAED,mCAAmC;YACnC,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC3D,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,kBAAkB;oBACzB,WAAW,EAAE,+CAA+C;oBAC5D,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,2CAA2C;iBAC5D,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,qBAAqB;IACvB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,KAAK,UAAU,YAAY;IACzB,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,IAAI,CAAC;QACH,MAAM,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAEjD,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAE3C,uBAAuB;YACvB,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;gBACpE,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,2BAA2B;oBAClC,WAAW,EAAE,qEAAqE;oBAClF,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,mEAAmE;iBACpF,CAAC,CAAC;YACL,CAAC;YAED,4BAA4B;YAC5B,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACtF,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,yBAAyB;oBAChC,WAAW,EAAE,0CAA0C;oBACvD,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,yCAAyC;iBAC1D,CAAC,CAAC;YACL,CAAC;YAED,yBAAyB;YACzB,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAChE,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,QAAQ;oBAClB,KAAK,EAAE,uBAAuB;oBAC9B,WAAW,EAAE,uDAAuD;oBACpE,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,6CAA6C;iBAC9D,CAAC,CAAC;YACL,CAAC;YAED,mCAAmC;YACnC,IAAI,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBACxE,OAAO,CAAC,IAAI,CAAC;oBACX,QAAQ,EAAE,MAAM;oBAChB,KAAK,EAAE,8BAA8B;oBACrC,WAAW,EAAE,yCAAyC;oBACtD,QAAQ,EAAE,IAAI;oBACd,cAAc,EAAE,oDAAoD;iBACrE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,qBAAqB;IACvB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,cAAc,CAAC,OAAsB;IAC5C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;QACvE,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,OAAO,CAAC,MAAM,mBAAmB,CAAC,CAAC;IAEtE,oBAAoB;IACpB,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,MAAM,EAAE,EAAE;QAC7C,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC;YAAE,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,EAAE,CAAC;QACrD,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAClC,OAAO,GAAG,CAAC;IACb,CAAC,EAAE,EAAmC,CAAC,CAAC;IAExC,MAAM,aAAa,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC5D,MAAM,cAAc,GAA2B;QAC7C,QAAQ,EAAE,IAAI;QACd,IAAI,EAAE,IAAI;QACV,MAAM,EAAE,IAAI;QACZ,GAAG,EAAE,IAAI;KACV,CAAC;IAEF,KAAK,MAAM,QAAQ,IAAI,aAAa,EAAE,CAAC;QACrC,IAAI,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,GAAG,cAAc,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,QAAQ,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;YAEpG,OAAO,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,EAAE;gBAC1C,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,GAAG,CAAC,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,QAAQ,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;gBAC1C,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CAAC,kBAAkB,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;gBACnD,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,cAAc,IAAI,CAAC,CAAC;YACpD,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,UAAU;IACV,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,EAAE,MAAM,IAAI,CAAC,CAAC;IACpD,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,EAAE,MAAM,IAAI,CAAC,CAAC;IAE5C,IAAI,aAAa,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,iFAAiF,CAAC,CAAC;IACjG,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,mFAAmF,CAAC,CAAC;IACnG,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ci.d.ts","sourceRoot":"","sources":["../../src/commands/ci.ts"],"names":[],"mappings":"AAGA,wBAAsB,SAAS,CAAC,QAAQ,GAAE,MAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CA4B1E"}
|