guardvibe 0.6.3 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +93 -156
- package/build/data/rules/auth.d.ts +3 -0
- package/build/data/rules/auth.d.ts.map +1 -0
- package/build/data/rules/auth.js +100 -0
- package/build/data/rules/auth.js.map +1 -0
- package/build/data/rules/core.js +11 -11
- package/build/data/rules/core.js.map +1 -1
- package/build/data/rules/database.d.ts +3 -0
- package/build/data/rules/database.d.ts.map +1 -0
- package/build/data/rules/database.js +100 -0
- package/build/data/rules/database.js.map +1 -0
- package/build/data/rules/deployment.d.ts +3 -0
- package/build/data/rules/deployment.d.ts.map +1 -0
- package/build/data/rules/deployment.js +192 -0
- package/build/data/rules/deployment.js.map +1 -0
- package/build/data/rules/index.d.ts.map +1 -1
- package/build/data/rules/index.js +8 -6
- package/build/data/rules/index.js.map +1 -1
- package/build/data/rules/nextjs.d.ts +3 -0
- package/build/data/rules/nextjs.d.ts.map +1 -0
- package/build/data/rules/nextjs.js +148 -0
- package/build/data/rules/nextjs.js.map +1 -0
- package/build/index.js +36 -19
- package/build/index.js.map +1 -1
- package/build/tools/check-code.d.ts +3 -2
- package/build/tools/check-code.d.ts.map +1 -1
- package/build/tools/check-code.js +25 -4
- package/build/tools/check-code.js.map +1 -1
- package/build/tools/check-package-health.d.ts +29 -0
- package/build/tools/check-package-health.d.ts.map +1 -0
- package/build/tools/check-package-health.js +142 -0
- package/build/tools/check-package-health.js.map +1 -0
- package/build/tools/check-project.d.ts +1 -1
- package/build/tools/check-project.d.ts.map +1 -1
- package/build/tools/check-project.js +24 -5
- package/build/tools/check-project.js.map +1 -1
- package/build/tools/compliance-report.d.ts +1 -1
- package/build/tools/compliance-report.d.ts.map +1 -1
- package/build/tools/compliance-report.js +33 -9
- package/build/tools/compliance-report.js.map +1 -1
- package/build/tools/export-sarif.d.ts.map +1 -1
- package/build/tools/export-sarif.js +7 -7
- package/build/tools/export-sarif.js.map +1 -1
- package/build/tools/scan-dependencies.d.ts +1 -1
- package/build/tools/scan-dependencies.d.ts.map +1 -1
- package/build/tools/scan-dependencies.js +25 -2
- package/build/tools/scan-dependencies.js.map +1 -1
- package/build/tools/scan-directory.d.ts +1 -1
- package/build/tools/scan-directory.d.ts.map +1 -1
- package/build/tools/scan-directory.js +33 -11
- package/build/tools/scan-directory.js.map +1 -1
- package/build/tools/scan-secrets.d.ts +1 -1
- package/build/tools/scan-secrets.d.ts.map +1 -1
- package/build/tools/scan-secrets.js +110 -57
- package/build/tools/scan-secrets.js.map +1 -1
- package/build/tools/scan-staged.d.ts +1 -1
- package/build/tools/scan-staged.d.ts.map +1 -1
- package/build/tools/scan-staged.js +29 -10
- package/build/tools/scan-staged.js.map +1 -1
- package/build/utils/config.d.ts.map +1 -1
- package/build/utils/config.js +19 -11
- package/build/utils/config.js.map +1 -1
- package/build/utils/manifest-parser.d.ts.map +1 -1
- package/build/utils/manifest-parser.js +93 -68
- package/build/utils/manifest-parser.js.map +1 -1
- package/build/utils/osv-client.d.ts.map +1 -1
- package/build/utils/osv-client.js +3 -2
- package/build/utils/osv-client.js.map +1 -1
- package/build/utils/typosquat.d.ts +9 -0
- package/build/utils/typosquat.d.ts.map +1 -0
- package/build/utils/typosquat.js +101 -0
- package/build/utils/typosquat.js.map +1 -0
- package/package.json +4 -5
- package/build/data/rules/java.d.ts +0 -3
- package/build/data/rules/java.d.ts.map +0 -1
- package/build/data/rules/java.js +0 -70
- package/build/data/rules/java.js.map +0 -1
- package/build/data/rules/php.d.ts +0 -3
- package/build/data/rules/php.d.ts.map +0 -1
- package/build/data/rules/php.js +0 -59
- package/build/data/rules/php.js.map +0 -1
- package/build/data/rules/ruby.d.ts +0 -3
- package/build/data/rules/ruby.d.ts.map +0 -1
- package/build/data/rules/ruby.js +0 -59
- package/build/data/rules/ruby.js.map +0 -1
|
@@ -1,7 +1,15 @@
|
|
|
1
|
-
import { readdirSync, readFileSync, statSync } from "fs";
|
|
2
|
-
import {
|
|
1
|
+
import { existsSync, readdirSync, readFileSync, statSync } from "fs";
|
|
2
|
+
import { basename, dirname, extname, join, relative, resolve } from "path";
|
|
3
3
|
import { secretPatterns, calculateEntropy } from "../data/secret-patterns.js";
|
|
4
4
|
import { loadConfig } from "../utils/config.js";
|
|
5
|
+
const DEFAULT_SECRET_EXCLUDES = new Set(["node_modules", ".git", "build", "dist"]);
|
|
6
|
+
const SOURCE_FILE_EXTENSIONS = new Set([
|
|
7
|
+
".js", ".jsx", ".mjs", ".cjs",
|
|
8
|
+
".ts", ".tsx", ".mts", ".cts",
|
|
9
|
+
".py", ".go", ".html", ".sql",
|
|
10
|
+
".sh", ".bash", ".yml", ".yaml", ".tf",
|
|
11
|
+
]);
|
|
12
|
+
const CONFIG_FILE_EXTENSIONS = new Set([".yml", ".yaml", ".toml", ".json", ".cfg", ".ini", ".conf"]);
|
|
5
13
|
export function scanContent(content, filename) {
|
|
6
14
|
const findings = [];
|
|
7
15
|
for (const sp of secretPatterns) {
|
|
@@ -20,7 +28,6 @@ export function scanContent(content, filename) {
|
|
|
20
28
|
});
|
|
21
29
|
}
|
|
22
30
|
}
|
|
23
|
-
// Entropy-based detection for .env files
|
|
24
31
|
if (basename(filename).startsWith(".env")) {
|
|
25
32
|
const lines = content.split("\n");
|
|
26
33
|
for (let i = 0; i < lines.length; i++) {
|
|
@@ -32,7 +39,7 @@ export function scanContent(content, filename) {
|
|
|
32
39
|
continue;
|
|
33
40
|
const value = line.substring(eqIdx + 1).replace(/^['"]|['"]$/g, "");
|
|
34
41
|
if (value.length >= 20 && calculateEntropy(value) > 4.5) {
|
|
35
|
-
const alreadyFound = findings.some(
|
|
42
|
+
const alreadyFound = findings.some((finding) => finding.line === i + 1);
|
|
36
43
|
if (!alreadyFound) {
|
|
37
44
|
findings.push({
|
|
38
45
|
provider: "High-Entropy Secret",
|
|
@@ -48,8 +55,7 @@ export function scanContent(content, filename) {
|
|
|
48
55
|
}
|
|
49
56
|
return findings;
|
|
50
57
|
}
|
|
51
|
-
|
|
52
|
-
function walkForSecrets(dir, recursive, results, excludes = DEFAULT_SECRET_EXCLUDES) {
|
|
58
|
+
function walkForSecrets(dir, recursive, results, excludes) {
|
|
53
59
|
let entries;
|
|
54
60
|
try {
|
|
55
61
|
entries = readdirSync(dir, { withFileTypes: true });
|
|
@@ -63,91 +69,138 @@ function walkForSecrets(dir, recursive, results, excludes = DEFAULT_SECRET_EXCLU
|
|
|
63
69
|
const fullPath = join(dir, entry.name);
|
|
64
70
|
if (entry.isDirectory() && recursive) {
|
|
65
71
|
walkForSecrets(fullPath, recursive, results, excludes);
|
|
72
|
+
continue;
|
|
66
73
|
}
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
72
|
-
|
|
74
|
+
if (!entry.isFile())
|
|
75
|
+
continue;
|
|
76
|
+
const name = entry.name;
|
|
77
|
+
const ext = extname(name).toLowerCase();
|
|
78
|
+
if (name.startsWith(".env") || CONFIG_FILE_EXTENSIONS.has(ext) || SOURCE_FILE_EXTENSIONS.has(ext)) {
|
|
79
|
+
results.push(fullPath);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
function findGitRoot(startDir) {
|
|
84
|
+
let current = resolve(startDir);
|
|
85
|
+
while (true) {
|
|
86
|
+
if (existsSync(join(current, ".git")))
|
|
87
|
+
return current;
|
|
88
|
+
const parent = dirname(current);
|
|
89
|
+
if (parent === current)
|
|
90
|
+
return null;
|
|
91
|
+
current = parent;
|
|
92
|
+
}
|
|
93
|
+
}
|
|
94
|
+
function collectGitignoreEntries(startDir) {
|
|
95
|
+
const entries = [];
|
|
96
|
+
const gitRoot = findGitRoot(startDir);
|
|
97
|
+
let current = resolve(startDir);
|
|
98
|
+
while (true) {
|
|
99
|
+
const gitignorePath = join(current, ".gitignore");
|
|
100
|
+
if (existsSync(gitignorePath)) {
|
|
101
|
+
try {
|
|
102
|
+
entries.push({ baseDir: current, content: readFileSync(gitignorePath, "utf-8") });
|
|
73
103
|
}
|
|
74
|
-
|
|
75
|
-
|
|
76
|
-
results.push(fullPath);
|
|
104
|
+
catch {
|
|
105
|
+
// Ignore unreadable .gitignore files.
|
|
77
106
|
}
|
|
78
107
|
}
|
|
108
|
+
if (current === gitRoot)
|
|
109
|
+
break;
|
|
110
|
+
const parent = dirname(current);
|
|
111
|
+
if (parent === current)
|
|
112
|
+
break;
|
|
113
|
+
current = parent;
|
|
79
114
|
}
|
|
115
|
+
return entries;
|
|
80
116
|
}
|
|
81
|
-
|
|
82
|
-
const
|
|
83
|
-
|
|
117
|
+
function isEnvCoveredByGitignore(envFile, gitignoreEntries) {
|
|
118
|
+
const envName = basename(envFile);
|
|
119
|
+
return gitignoreEntries.some(({ baseDir, content }) => {
|
|
120
|
+
const relativePath = relative(baseDir, envFile).replace(/\\/g, "/");
|
|
121
|
+
return (content.includes(envName) ||
|
|
122
|
+
content.includes(relativePath) ||
|
|
123
|
+
content.includes(`/${relativePath}`) ||
|
|
124
|
+
content.includes(".env*") ||
|
|
125
|
+
content.includes(".env"));
|
|
126
|
+
});
|
|
127
|
+
}
|
|
128
|
+
export function scanSecrets(path, recursive = true, format = "markdown") {
|
|
129
|
+
const targetPath = resolve(path);
|
|
84
130
|
const filePaths = [];
|
|
131
|
+
let targetStat;
|
|
85
132
|
try {
|
|
86
|
-
|
|
87
|
-
if (stat.isFile()) {
|
|
88
|
-
filePaths.push(path);
|
|
89
|
-
}
|
|
90
|
-
else {
|
|
91
|
-
walkForSecrets(path, recursive, filePaths, excludes);
|
|
92
|
-
}
|
|
133
|
+
targetStat = statSync(targetPath);
|
|
93
134
|
}
|
|
94
135
|
catch {
|
|
95
136
|
return `# GuardVibe Secret Scan Report\n\nError: Could not access path: ${path}`;
|
|
96
137
|
}
|
|
138
|
+
const scanRoot = targetStat.isDirectory() ? targetPath : dirname(targetPath);
|
|
139
|
+
const config = loadConfig(scanRoot);
|
|
140
|
+
const excludes = new Set([...DEFAULT_SECRET_EXCLUDES, ...config.scan.exclude]);
|
|
141
|
+
if (targetStat.isFile()) {
|
|
142
|
+
filePaths.push(targetPath);
|
|
143
|
+
}
|
|
144
|
+
else {
|
|
145
|
+
walkForSecrets(targetPath, recursive, filePaths, excludes);
|
|
146
|
+
}
|
|
97
147
|
const uniquePaths = [...new Set(filePaths)];
|
|
98
148
|
const allFindings = [];
|
|
99
149
|
for (const filePath of uniquePaths) {
|
|
100
150
|
try {
|
|
101
151
|
const stat = statSync(filePath);
|
|
102
|
-
if (stat.size >
|
|
152
|
+
if (stat.size > config.scan.maxFileSize)
|
|
103
153
|
continue;
|
|
104
154
|
const content = readFileSync(filePath, "utf-8");
|
|
105
|
-
|
|
106
|
-
|
|
155
|
+
allFindings.push(...scanContent(content, filePath));
|
|
156
|
+
}
|
|
157
|
+
catch {
|
|
158
|
+
// Skip unreadable files.
|
|
107
159
|
}
|
|
108
|
-
catch { /* skip */ }
|
|
109
|
-
}
|
|
110
|
-
// Check .gitignore for .env coverage
|
|
111
|
-
let gitignoreContent = "";
|
|
112
|
-
try {
|
|
113
|
-
const gitignorePath = statSync(path).isDirectory() ? join(path, ".gitignore") : ".gitignore";
|
|
114
|
-
gitignoreContent = readFileSync(gitignorePath, "utf-8");
|
|
115
160
|
}
|
|
116
|
-
|
|
117
|
-
const envFiles = uniquePaths.filter(f => basename(f).startsWith(".env"));
|
|
161
|
+
const envFiles = uniquePaths.filter((filePath) => basename(filePath).startsWith(".env"));
|
|
118
162
|
for (const envFile of envFiles) {
|
|
163
|
+
const gitignoreEntries = collectGitignoreEntries(dirname(envFile));
|
|
164
|
+
if (isEnvCoveredByGitignore(envFile, gitignoreEntries))
|
|
165
|
+
continue;
|
|
119
166
|
const envName = basename(envFile);
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
167
|
+
allFindings.push({
|
|
168
|
+
provider: ".env not in .gitignore",
|
|
169
|
+
severity: "critical",
|
|
170
|
+
file: envFile,
|
|
171
|
+
line: 0,
|
|
172
|
+
match: `${envName} is not listed in .gitignore`,
|
|
173
|
+
fix: `Add '${envName}' or '.env*' to .gitignore immediately.`,
|
|
174
|
+
});
|
|
175
|
+
}
|
|
176
|
+
if (format === "json") {
|
|
177
|
+
const critCount = allFindings.filter(f => f.severity === "critical").length;
|
|
178
|
+
const highCount = allFindings.filter(f => f.severity === "high").length;
|
|
179
|
+
const medCount = allFindings.length - critCount - highCount;
|
|
180
|
+
return JSON.stringify({
|
|
181
|
+
summary: { total: allFindings.length, critical: critCount, high: highCount, medium: medCount, blocked: critCount > 0 || highCount > 0 },
|
|
182
|
+
findings: allFindings.map(f => ({ provider: f.provider, severity: f.severity, file: f.file, line: f.line, match: f.match, fix: f.fix })),
|
|
183
|
+
});
|
|
130
184
|
}
|
|
131
|
-
// Format report
|
|
132
185
|
const lines = [
|
|
133
|
-
|
|
134
|
-
|
|
186
|
+
"# GuardVibe Secret Scan Report",
|
|
187
|
+
"",
|
|
135
188
|
`Files scanned: ${uniquePaths.length}`,
|
|
136
189
|
`Secrets found: ${allFindings.length}`,
|
|
137
190
|
];
|
|
138
191
|
if (allFindings.length > 0) {
|
|
139
|
-
const critCount = allFindings.filter(
|
|
140
|
-
const highCount = allFindings.filter(
|
|
192
|
+
const critCount = allFindings.filter((finding) => finding.severity === "critical").length;
|
|
193
|
+
const highCount = allFindings.filter((finding) => finding.severity === "high").length;
|
|
141
194
|
lines.push(`Risk Level: ${critCount > 0 ? "Critical" : highCount > 0 ? "High" : "Medium"}`);
|
|
142
|
-
lines.push(
|
|
195
|
+
lines.push("", "---", "", "## Findings", "");
|
|
143
196
|
const order = { critical: 0, high: 1, medium: 2 };
|
|
144
|
-
allFindings.sort((
|
|
145
|
-
for (const
|
|
146
|
-
lines.push(`### [${
|
|
197
|
+
allFindings.sort((left, right) => order[left.severity] - order[right.severity]);
|
|
198
|
+
for (const finding of allFindings) {
|
|
199
|
+
lines.push(`### [${finding.severity.toUpperCase()}] ${finding.provider}`, `**File:** ${finding.file}${finding.line > 0 ? `:${finding.line}` : ""}`, `**Match:** \`${finding.match}\``, `**Fix:** ${finding.fix}`, "");
|
|
147
200
|
}
|
|
148
201
|
}
|
|
149
202
|
else {
|
|
150
|
-
lines.push(
|
|
203
|
+
lines.push("Risk Level: None", "", "No secrets detected. Good job keeping your code clean!");
|
|
151
204
|
}
|
|
152
205
|
return lines.join("\n");
|
|
153
206
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-secrets.js","sourceRoot":"","sources":["../../src/tools/scan-secrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;
|
|
1
|
+
{"version":3,"file":"scan-secrets.js","sourceRoot":"","sources":["../../src/tools/scan-secrets.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACrE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAC9E,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAgBhD,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC,CAAC,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;AACnF,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC;IACrC,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC7B,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC7B,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM;IAC7B,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK;CACvC,CAAC,CAAC;AACH,MAAM,sBAAsB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAErG,MAAM,UAAU,WAAW,CAAC,OAAe,EAAE,QAAgB;IAC3D,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,MAAM,EAAE,IAAI,cAAc,EAAE,CAAC;QAChC,EAAE,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QACzB,IAAI,KAAK,CAAC;QACV,OAAO,CAAC,KAAK,GAAG,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAClD,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,QAAQ,EAAE,EAAE,CAAC,QAAQ;gBACrB,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,UAAU;gBAChB,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtE,GAAG,EAAE,EAAE,CAAC,GAAG;aACZ,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC7B,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;gBAAE,SAAS;YAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAChC,IAAI,KAAK,KAAK,CAAC,CAAC;gBAAE,SAAS;YAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;YACpE,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE,IAAI,gBAAgB,CAAC,KAAK,CAAC,GAAG,GAAG,EAAE,CAAC;gBACxD,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;gBACxE,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,qBAAqB;wBAC/B,QAAQ,EAAE,MAAM;wBAChB,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,CAAC,GAAG,CAAC;wBACX,KAAK,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK;wBACpC,GAAG,EAAE,6EAA6E;qBACnF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,cAAc,CAAC,GAAW,EAAE,SAAkB,EAAE,OAAiB,EAAE,QAAqB;IAC/F,IAAI,OAAO,CAAC;IACZ,IAAI,CAAC;QACH,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAEvC,IAAI,KAAK,CAAC,WAAW,EAAE,IAAI,SAAS,EAAE,CAAC;YACrC,cAAc,CAAC,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;YACvD,SAAS;QACX,CAAC;QAED,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE;YAAE,SAAS;QAE9B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC;QACxB,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAExC,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,sBAAsB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,sBAAsB,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YAClG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB;IACnC,IAAI,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhC,OAAO,IAAI,EAAE,CAAC;QACZ,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YAAE,OAAO,OAAO,CAAC;QACtD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,MAAM,KAAK,OAAO;YAAE,OAAO,IAAI,CAAC;QACpC,OAAO,GAAG,MAAM,CAAC;IACnB,CAAC;AACH,CAAC;AAED,SAAS,uBAAuB,CAAC,QAAgB;IAC/C,MAAM,OAAO,GAAqB,EAAE,CAAC;IACrC,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACtC,IAAI,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;IAEhC,OAAO,IAAI,EAAE,CAAC;QACZ,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC;QAClD,IAAI,UAAU,CAAC,aAAa,CAAC,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,OAAO,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,CAAC,aAAa,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;YACpF,CAAC;YAAC,MAAM,CAAC;gBACP,sCAAsC;YACxC,CAAC;QACH,CAAC;QAED,IAAI,OAAO,KAAK,OAAO;YAAE,MAAM;QAE/B,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAChC,IAAI,MAAM,KAAK,OAAO;YAAE,MAAM;QAC9B,OAAO,GAAG,MAAM,CAAC;IACnB,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,uBAAuB,CAAC,OAAe,EAAE,gBAAkC;IAClF,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IAElC,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE;QACpD,MAAM,YAAY,GAAG,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QACpE,OAAO,CACL,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;YACzB,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;YAC9B,OAAO,CAAC,QAAQ,CAAC,IAAI,YAAY,EAAE,CAAC;YACpC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;YACzB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CACzB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,IAAY,EAAE,YAAqB,IAAI,EAAE,SAA8B,UAAU;IAC3G,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IACjC,MAAM,SAAS,GAAa,EAAE,CAAC;IAE/B,IAAI,UAAU,CAAC;IACf,IAAI,CAAC;QACH,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IACpC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,mEAAmE,IAAI,EAAE,CAAC;IACnF,CAAC;IAED,MAAM,QAAQ,GAAG,UAAU,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAC7E,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,uBAAuB,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAE/E,IAAI,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC;QACxB,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,cAAc,CAAC,UAAU,EAAE,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;IAC7D,CAAC;IAED,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC;IAC5C,MAAM,WAAW,GAAoB,EAAE,CAAC;IAExC,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;QACnC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW;gBAAE,SAAS;YAClD,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAChD,WAAW,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC;QACtD,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;QAC3B,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IACzF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;QACnE,IAAI,uBAAuB,CAAC,OAAO,EAAE,gBAAgB,CAAC;YAAE,SAAS;QAEjE,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;QAClC,WAAW,CAAC,IAAI,CAAC;YACf,QAAQ,EAAE,wBAAwB;YAClC,QAAQ,EAAE,UAAU;YACpB,IAAI,EAAE,OAAO;YACb,IAAI,EAAE,CAAC;YACP,KAAK,EAAE,GAAG,OAAO,8BAA8B;YAC/C,GAAG,EAAE,QAAQ,OAAO,yCAAyC;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;QAC5E,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;QACxE,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;QAC5D,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,OAAO,EAAE,EAAE,KAAK,EAAE,WAAW,CAAC,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC,EAAE;YACvI,QAAQ,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;SACzI,CAAC,CAAC;IACL,CAAC;IAED,MAAM,KAAK,GAAa;QACtB,gCAAgC;QAChC,EAAE;QACF,kBAAkB,WAAW,CAAC,MAAM,EAAE;QACtC,kBAAkB,WAAW,CAAC,MAAM,EAAE;KACvC,CAAC;IAEF,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;QAC1F,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;QACtF,KAAK,CAAC,IAAI,CAAC,eAAe,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC5F,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,aAAa,EAAE,EAAE,CAAC,CAAC;QAE7C,MAAM,KAAK,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;QAC1E,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEhF,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CACR,QAAQ,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,QAAQ,EAAE,EAC7D,aAAa,OAAO,CAAC,IAAI,GAAG,OAAO,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EACxE,gBAAgB,OAAO,CAAC,KAAK,IAAI,EACjC,YAAY,OAAO,CAAC,GAAG,EAAE,EACzB,EAAE,CACH,CAAC;QACJ,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,EAAE,wDAAwD,CAAC,CAAC;IAC/F,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare function scanStaged(): string;
|
|
1
|
+
export declare function scanStaged(cwd?: string, format?: "markdown" | "json"): string;
|
|
2
2
|
//# sourceMappingURL=scan-staged.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-staged.d.ts","sourceRoot":"","sources":["../../src/tools/scan-staged.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"scan-staged.d.ts","sourceRoot":"","sources":["../../src/tools/scan-staged.ts"],"names":[],"mappings":"AAgEA,wBAAgB,UAAU,CAAC,GAAG,GAAE,MAAsB,EAAE,MAAM,GAAE,UAAU,GAAG,MAAmB,GAAG,MAAM,CAiGxG"}
|
|
@@ -1,17 +1,29 @@
|
|
|
1
1
|
import { execFileSync } from "child_process";
|
|
2
2
|
import { extname, basename } from "path";
|
|
3
|
-
import { analyzeCode } from "./check-code.js";
|
|
3
|
+
import { analyzeCode, formatFindingsJson } from "./check-code.js";
|
|
4
4
|
const EXTENSION_MAP = {
|
|
5
5
|
".js": "javascript", ".jsx": "javascript", ".mjs": "javascript", ".cjs": "javascript",
|
|
6
6
|
".ts": "typescript", ".tsx": "typescript", ".mts": "typescript", ".cts": "typescript",
|
|
7
|
-
".py": "python", ".go": "go", ".
|
|
8
|
-
".php": "php", ".rb": "ruby", ".html": "html",
|
|
7
|
+
".py": "python", ".go": "go", ".html": "html",
|
|
9
8
|
".sql": "sql", ".sh": "shell", ".bash": "shell",
|
|
10
|
-
".yml": "yaml", ".yaml": "yaml",
|
|
9
|
+
".yml": "yaml", ".yaml": "yaml", ".tf": "terraform",
|
|
10
|
+
".toml": "toml",
|
|
11
11
|
};
|
|
12
|
-
|
|
12
|
+
const CONFIG_FILE_MAP = {
|
|
13
|
+
"vercel.json": "vercel-config",
|
|
14
|
+
"next.config.js": "nextjs-config",
|
|
15
|
+
"next.config.mjs": "nextjs-config",
|
|
16
|
+
"next.config.ts": "nextjs-config",
|
|
17
|
+
"docker-compose.yml": "docker-compose",
|
|
18
|
+
"docker-compose.yaml": "docker-compose",
|
|
19
|
+
"fly.toml": "fly-config",
|
|
20
|
+
"render.yaml": "render-config",
|
|
21
|
+
"netlify.toml": "netlify-config",
|
|
22
|
+
};
|
|
23
|
+
function getStagedFiles(cwd) {
|
|
13
24
|
try {
|
|
14
25
|
const output = execFileSync("git", ["diff", "--cached", "--name-only"], {
|
|
26
|
+
cwd,
|
|
15
27
|
encoding: "utf-8",
|
|
16
28
|
timeout: 5000,
|
|
17
29
|
});
|
|
@@ -21,9 +33,10 @@ function getStagedFiles() {
|
|
|
21
33
|
return [];
|
|
22
34
|
}
|
|
23
35
|
}
|
|
24
|
-
function getStagedContent(filePath) {
|
|
36
|
+
function getStagedContent(filePath, cwd) {
|
|
25
37
|
try {
|
|
26
38
|
return execFileSync("git", ["show", `:${filePath}`], {
|
|
39
|
+
cwd,
|
|
27
40
|
encoding: "utf-8",
|
|
28
41
|
timeout: 5000,
|
|
29
42
|
});
|
|
@@ -38,10 +51,13 @@ function detectLanguage(filePath) {
|
|
|
38
51
|
return EXTENSION_MAP[ext];
|
|
39
52
|
if (basename(filePath).startsWith("Dockerfile") || ext === ".dockerfile")
|
|
40
53
|
return "dockerfile";
|
|
54
|
+
const configLang = CONFIG_FILE_MAP[basename(filePath)];
|
|
55
|
+
if (configLang)
|
|
56
|
+
return configLang;
|
|
41
57
|
return null;
|
|
42
58
|
}
|
|
43
|
-
export function scanStaged() {
|
|
44
|
-
const stagedFiles = getStagedFiles();
|
|
59
|
+
export function scanStaged(cwd = process.cwd(), format = "markdown") {
|
|
60
|
+
const stagedFiles = getStagedFiles(cwd);
|
|
45
61
|
if (stagedFiles.length === 0) {
|
|
46
62
|
return [
|
|
47
63
|
"# GuardVibe Pre-Commit Report",
|
|
@@ -57,12 +73,12 @@ export function scanStaged() {
|
|
|
57
73
|
skippedFiles.push(filePath);
|
|
58
74
|
continue;
|
|
59
75
|
}
|
|
60
|
-
const content = getStagedContent(filePath);
|
|
76
|
+
const content = getStagedContent(filePath, cwd);
|
|
61
77
|
if (!content) {
|
|
62
78
|
skippedFiles.push(filePath);
|
|
63
79
|
continue;
|
|
64
80
|
}
|
|
65
|
-
const findings = analyzeCode(content, language, undefined, filePath);
|
|
81
|
+
const findings = analyzeCode(content, language, undefined, filePath, cwd);
|
|
66
82
|
if (findings.length > 0) {
|
|
67
83
|
results.push({ path: filePath, findings });
|
|
68
84
|
}
|
|
@@ -75,6 +91,9 @@ export function scanStaged() {
|
|
|
75
91
|
const totalIssues = totalCritical + totalHigh + totalMedium;
|
|
76
92
|
const score = Math.max(0, Math.min(100, 100 - totalCritical * 25 - totalHigh * 10 - totalMedium * 5));
|
|
77
93
|
const grade = score >= 90 ? "A" : score >= 75 ? "B" : score >= 60 ? "C" : score >= 40 ? "D" : "F";
|
|
94
|
+
if (format === "json") {
|
|
95
|
+
return formatFindingsJson(allFindings, { grade, score });
|
|
96
|
+
}
|
|
78
97
|
const lines = [
|
|
79
98
|
"# GuardVibe Pre-Commit Report",
|
|
80
99
|
"",
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-staged.js","sourceRoot":"","sources":["../../src/tools/scan-staged.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,MAAM,CAAC;AACzC,OAAO,EAAE,WAAW,EAAgB,MAAM,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"scan-staged.js","sourceRoot":"","sources":["../../src/tools/scan-staged.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,MAAM,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAgB,MAAM,iBAAiB,CAAC;AAEhF,MAAM,aAAa,GAA2B;IAC5C,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM;IAC7C,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IAC/C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW;IACnD,OAAO,EAAE,MAAM;CAChB,CAAC;AAEF,MAAM,eAAe,GAA2B;IAC9C,aAAa,EAAE,eAAe;IAC9B,gBAAgB,EAAE,eAAe;IACjC,iBAAiB,EAAE,eAAe;IAClC,gBAAgB,EAAE,eAAe;IACjC,oBAAoB,EAAE,gBAAgB;IACtC,qBAAqB,EAAE,gBAAgB;IACvC,UAAU,EAAE,YAAY;IACxB,aAAa,EAAE,eAAe;IAC9B,cAAc,EAAE,gBAAgB;CACjC,CAAC;AAOF,SAAS,cAAc,CAAC,GAAW;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,YAAY,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,UAAU,EAAE,aAAa,CAAC,EAAE;YACtE,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,QAAgB,EAAE,GAAW;IACrD,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC,EAAE;YACnD,GAAG;YACH,QAAQ,EAAE,OAAO;YACjB,OAAO,EAAE,IAAI;SACd,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB;IACtC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5C,IAAI,aAAa,CAAC,GAAG,CAAC;QAAE,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;IAClD,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,aAAa;QAAE,OAAO,YAAY,CAAC;IAC9F,MAAM,UAAU,GAAG,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;IACvD,IAAI,UAAU;QAAE,OAAO,UAAU,CAAC;IAClC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAc,OAAO,CAAC,GAAG,EAAE,EAAE,SAA8B,UAAU;IAC9F,MAAM,WAAW,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IAExC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO;YACL,+BAA+B;YAC/B,EAAE;YACF,0DAA0D;SAC3D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACf,CAAC;IAED,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;QACnC,MAAM,QAAQ,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;QAC1C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QAED,MAAM,OAAO,GAAG,gBAAgB,CAAC,QAAQ,EAAE,GAAG,CAAC,CAAC;QAChD,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QAED,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC;QAC1E,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC;IAC9D,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACrF,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC7E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,aAAa,GAAG,SAAS,GAAG,WAAW,CAAC;IAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,GAAG,EAAE,GAAG,SAAS,GAAG,EAAE,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC;IACtG,MAAM,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IAElG,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,kBAAkB,CAAC,WAAW,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,MAAM,KAAK,GAAa;QACtB,+BAA+B;QAC/B,EAAE;QACF,yBAAyB,YAAY,EAAE;QACvC,iBAAiB,WAAW,EAAE;QAC9B,mBAAmB,KAAK,KAAK,KAAK,OAAO;QACzC,EAAE;KACH,CAAC;IAEF,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,EAAE,sBAAsB,EAAE,sBAAsB,CAAC,CAAC;QAC7E,IAAI,aAAa,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,aAAa,QAAQ,CAAC,CAAC;QACzE,IAAI,SAAS,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,SAAS,QAAQ,CAAC,CAAC;QACjE,IAAI,WAAW,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,WAAW,QAAQ,CAAC,CAAC;QACrE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACnG,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CACpC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACnB,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG;YACrF,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE;SAC5C,CAAC,CAAC,CACJ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEjD,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5B,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;QAE1B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,KAAK,CAAC,IAAI,CAAC,YAAY,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,QAAQ,CAAC,MAAM,UAAU,EAAE,EAAE,CAAC,CAAC;YAC7E,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAChC,KAAK,CAAC,IAAI,CACR,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,EACtE,cAAc,CAAC,CAAC,IAAI,mBAAmB,CAAC,CAAC,KAAK,IAAI,EAClD,CAAC,CAAC,IAAI,CAAC,WAAW,EAClB,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,EACxB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EACjF,EAAE,CACH,CAAC;YACJ,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,eAAe,EAAE,EAAE,EAAE,OAAO,YAAY,uDAAuD,CAAC,CAAC;IAC9G,CAAC;IAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,YAAY,CAAC,MAAM,sCAAsC,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/utils/config.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE;QACL,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAClC,CAAC;IACF,IAAI,EAAE;QACJ,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/utils/config.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE;QACL,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAClC,CAAC;IACF,IAAI,EAAE;QACJ,OAAO,EAAE,MAAM,EAAE,CAAC;QAClB,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAgBD,wBAAgB,UAAU,CAAC,GAAG,CAAC,EAAE,MAAM,GAAG,eAAe,CA4BxD;AAED,wBAAgB,gBAAgB,IAAI,IAAI,CAEvC"}
|
package/build/utils/config.js
CHANGED
|
@@ -1,18 +1,27 @@
|
|
|
1
1
|
import { readFileSync } from "fs";
|
|
2
|
-
import { join } from "path";
|
|
2
|
+
import { join, resolve } from "path";
|
|
3
3
|
const DEFAULT_CONFIG = {
|
|
4
4
|
rules: { disable: [], severity: {} },
|
|
5
5
|
scan: { exclude: [], maxFileSize: 500 * 1024 },
|
|
6
6
|
};
|
|
7
|
-
|
|
7
|
+
const configCache = new Map();
|
|
8
|
+
function cloneDefaultConfig() {
|
|
9
|
+
return {
|
|
10
|
+
rules: { disable: [...DEFAULT_CONFIG.rules.disable], severity: { ...DEFAULT_CONFIG.rules.severity } },
|
|
11
|
+
scan: { exclude: [...DEFAULT_CONFIG.scan.exclude], maxFileSize: DEFAULT_CONFIG.scan.maxFileSize },
|
|
12
|
+
};
|
|
13
|
+
}
|
|
8
14
|
export function loadConfig(dir) {
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
15
|
+
const configDir = resolve(dir || process.cwd());
|
|
16
|
+
const cached = configCache.get(configDir);
|
|
17
|
+
if (cached)
|
|
18
|
+
return cached;
|
|
19
|
+
const configPath = join(configDir, ".guardviberc");
|
|
20
|
+
let resolvedConfig = cloneDefaultConfig();
|
|
12
21
|
try {
|
|
13
22
|
const content = readFileSync(configPath, "utf-8");
|
|
14
23
|
const parsed = JSON.parse(content);
|
|
15
|
-
|
|
24
|
+
resolvedConfig = {
|
|
16
25
|
rules: {
|
|
17
26
|
disable: Array.isArray(parsed.rules?.disable) ? parsed.rules.disable : [],
|
|
18
27
|
severity: typeof parsed.rules?.severity === "object" && parsed.rules.severity !== null
|
|
@@ -25,12 +34,11 @@ export function loadConfig(dir) {
|
|
|
25
34
|
},
|
|
26
35
|
};
|
|
27
36
|
}
|
|
28
|
-
catch {
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
return cachedConfig;
|
|
37
|
+
catch { }
|
|
38
|
+
configCache.set(configDir, resolvedConfig);
|
|
39
|
+
return resolvedConfig;
|
|
32
40
|
}
|
|
33
41
|
export function resetConfigCache() {
|
|
34
|
-
|
|
42
|
+
configCache.clear();
|
|
35
43
|
}
|
|
36
44
|
//# sourceMappingURL=config.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/utils/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/utils/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAarC,MAAM,cAAc,GAAoB;IACtC,KAAK,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;IACpC,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,WAAW,EAAE,GAAG,GAAG,IAAI,EAAE;CAC/C,CAAC;AAEF,MAAM,WAAW,GAAG,IAAI,GAAG,EAA2B,CAAC;AAEvD,SAAS,kBAAkB;IACzB,OAAO;QACL,KAAK,EAAE,EAAE,OAAO,EAAE,CAAC,GAAG,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,QAAQ,EAAE,EAAE,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE;QACrG,IAAI,EAAE,EAAE,OAAO,EAAE,CAAC,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,WAAW,EAAE,cAAc,CAAC,IAAI,CAAC,WAAW,EAAE;KAClG,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,GAAY;IACrC,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC1C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,MAAM,UAAU,GAAG,IAAI,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;IACnD,IAAI,cAAc,GAAG,kBAAkB,EAAE,CAAC;IAE1C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAClD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAEnC,cAAc,GAAG;YACf,KAAK,EAAE;gBACL,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACzE,QAAQ,EAAE,OAAO,MAAM,CAAC,KAAK,EAAE,QAAQ,KAAK,QAAQ,IAAI,MAAM,CAAC,KAAK,CAAC,QAAQ,KAAK,IAAI;oBACpF,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE;aAC/B;YACD,IAAI,EAAE;gBACJ,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACvE,WAAW,EAAE,OAAO,MAAM,CAAC,IAAI,EAAE,WAAW,KAAK,QAAQ;oBACvD,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,WAAW;aAC9D;SACF,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC,CAAA,CAAC;IAEV,WAAW,CAAC,GAAG,CAAC,SAAS,EAAE,cAAc,CAAC,CAAC;IAC3C,OAAO,cAAc,CAAC;AACxB,CAAC;AAED,MAAM,UAAU,gBAAgB;IAC9B,WAAW,CAAC,KAAK,EAAE,CAAC;AACtB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"manifest-parser.d.ts","sourceRoot":"","sources":["../../src/utils/manifest-parser.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;
|
|
1
|
+
{"version":3,"file":"manifest-parser.d.ts","sourceRoot":"","sources":["../../src/utils/manifest-parser.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAID,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,aAAa,EAAE,CAShF"}
|