npm - grepleaks - Versions diffs - 1.0.2 → 1.0.4 - Mend

grepleaks 1.0.2 → 1.0.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/bin/grepleaks.js +70 -35
package/package.json +1 -1

package/bin/grepleaks.js CHANGED Viewed

@@ -9,7 +9,7 @@ const readline = require('readline');
 const { exec } = require('child_process');
 const archiver = require('archiver');
-const VERSION = '1.0.2';
+const VERSION = '1.0.4';
 const API_URL = 'https://grepleaks.com/api/v1';
 const WEB_URL = 'https://grepleaks.com';
 const CONFIG_DIR = path.join(os.homedir(), '.grepleaks');
@@ -491,18 +491,46 @@ function generateMarkdownReport(result) {
   const score = result.security_score || 0;
   const grade = result.grade_level || 'N/A';
   const projectName = result.project_name || 'Unknown Project';
+  const lang = getLang();
-  const dateStr = new Date().toLocaleDateString(getLang() === 'fr' ? 'fr-FR' : 'en-US');
+  const dateStr = new Date().toLocaleDateString(lang === 'fr' ? 'fr-FR' : 'en-US', {
+    year: 'numeric',
+    month: 'long',
+    day: 'numeric'
+  });
-  let md = `# ${t('reportTitle')} - ${projectName}\n\n`;
-  md += `**${t('reportDate')}** ${dateStr}\n`;
-  md += `**${t('reportScore')}** ${score}/100 (${grade})\n`;
-  md += `**${t('reportVulns')}** ${vulns.length}\n\n`;
+  // Count by severity
+  const counts = { critical: 0, high: 0, medium: 0, low: 0 };
+  for (const v of vulns) {
+    const sev = (v.severity || 'low').toLowerCase();
+    if (counts[sev] !== undefined) counts[sev]++;
+  }
+  // Header
+  let md = `# ${t('reportTitle')}\n\n`;
+  md += `> **${projectName}** | ${dateStr}\n\n`;
+  // Score card
+  const scoreEmoji = score >= 90 ? '🛡️' : score >= 75 ? '✅' : score >= 50 ? '⚠️' : '🚨';
+  md += `## ${scoreEmoji} ${lang === 'fr' ? 'Score de Sécurité' : 'Security Score'}: ${score}/100 (${grade})\n\n`;
+  // Summary table
+  if (vulns.length > 0) {
+    md += `| ${lang === 'fr' ? 'Sévérité' : 'Severity'} | ${lang === 'fr' ? 'Nombre' : 'Count'} |\n`;
+    md += `|----------|-------|\n`;
+    if (counts.critical > 0) md += `| 🔴 Critical | ${counts.critical} |\n`;
+    if (counts.high > 0) md += `| 🟠 High | ${counts.high} |\n`;
+    if (counts.medium > 0) md += `| 🟡 Medium | ${counts.medium} |\n`;
+    if (counts.low > 0) md += `| 🟢 Low | ${counts.low} |\n`;
+    md += `\n`;
+  }
+  // Vulnerabilities
   if (vulns.length === 0) {
-    md += `## ${t('reportNoVulns')}\n\n`;
+    md += `## ✅ ${t('reportNoVulns')}\n\n`;
     md += `${t('reportCongrats')}\n`;
   } else {
+    md += `---\n\n`;
     md += `## ${t('reportVulnsDetected')}\n\n`;
     const bySeverity = { CRITICAL: [], HIGH: [], MEDIUM: [], LOW: [] };
@@ -518,64 +546,71 @@ function generateMarkdownReport(result) {
                     severity === 'HIGH' ? '🟠' :
                     severity === 'MEDIUM' ? '🟡' : '🟢';
-      md += `### ${emoji} ${severity} (${items.length})\n\n`;
+      const severityLabel = lang === 'fr'
+        ? { CRITICAL: 'Critique', HIGH: 'Élevée', MEDIUM: 'Moyenne', LOW: 'Faible' }[severity]
+        : severity.charAt(0) + severity.slice(1).toLowerCase();
-      for (const v of items) {
-        // Title: use rule_id or description snippet
-        const title = v.rule_id || (v.description ? v.description.substring(0, 50) + '...' : 'Vulnerability');
-        md += `#### ${title}\n\n`;
+      md += `### ${emoji} ${severityLabel}\n\n`;
-        // Location (file/line)
-        if (v.location) {
-          md += `- **${t('reportFile')}** \`${v.location}\`\n`;
+      for (let i = 0; i < items.length; i++) {
+        const v = items[i];
+        // Title from description (first sentence or truncated)
+        let title = v.description || 'Security Issue';
+        const firstSentence = title.match(/^[^.!?]+[.!?]/);
+        if (firstSentence) {
+          title = firstSentence[0];
+        } else if (title.length > 80) {
+          title = title.substring(0, 77) + '...';
         }
-        // Scanner source
-        if (v.source) {
-          md += `- **${t('reportScanner')}** ${v.source}\n`;
+        md += `#### ${i + 1}. ${title}\n\n`;
+        // Location
+        if (v.location) {
+          md += `- **${lang === 'fr' ? 'Fichier' : 'File'}:** \`${v.location}\`\n`;
         }
-        // CVE if available
+        // CVE
         if (v.cve) {
-          md += `- **CVE:** ${v.cve}\n`;
+          md += `- **CVE:** [${v.cve}](https://nvd.nist.gov/vuln/detail/${v.cve})\n`;
         }
-        // Package info (for Trivy findings)
+        // Package info
         if (v.package_name) {
-          md += `- **Package:** ${v.package_name}`;
-          if (v.current_version) md += ` (${v.current_version})`;
+          md += `- **Package:** \`${v.package_name}\``;
+          if (v.current_version) md += ` v${v.current_version}`;
           md += `\n`;
           if (v.fixed_version) {
-            md += `- **Fix:** Upgrade to ${v.fixed_version}\n`;
+            md += `- **${lang === 'fr' ? 'Correction' : 'Fix'}:** ${lang === 'fr' ? 'Mettre à jour vers' : 'Upgrade to'} v${v.fixed_version}\n`;
           }
         }
-        // Description
-        if (v.description) {
-          md += `\n${v.description}\n`;
-        }
+        md += `\n`;
         // Code snippet
         if (v.code_snippet) {
-          md += `\n\`\`\`\n${v.code_snippet}\n\`\`\`\n`;
+          md += `**${lang === 'fr' ? 'Code concerné' : 'Affected code'}:**\n\`\`\`\n${v.code_snippet}\n\`\`\`\n\n`;
         }
         // Recommendation
-        if (v.recommendation || v.llm_recommendation) {
-          md += `\n**${t('reportRecommendation')}** ${v.llm_recommendation || v.recommendation}\n`;
+        const rec = v.llm_recommendation || v.recommendation;
+        if (rec) {
+          md += `**${t('reportRecommendation')}:** ${rec}\n\n`;
         }
-        // Reference URL
+        // Reference
         if (v.reference_url) {
-          md += `\n**Reference:** ${v.reference_url}\n`;
+          md += `[${lang === 'fr' ? 'Plus d\'informations' : 'Learn more'}](${v.reference_url})\n\n`;
         }
-        md += `\n---\n\n`;
+        md += `---\n\n`;
       }
     }
   }
-  md += `\n---\n*${t('reportGeneratedBy')} [grepleaks](https://grepleaks.com)*\n`;
+  // Footer
+  md += `*${t('reportGeneratedBy')} [grepleaks](https://grepleaks.com)*\n`;
   return md;
 }

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "grepleaks",
-  "version": "1.0.2",
+  "version": "1.0.4",
   "description": "Security scanner for your code - detect vulnerabilities, secrets, and misconfigurations",
   "main": "bin/grepleaks.js",
   "bin": {