i18ntk 2.1.0 → 2.2.0

package/scripts/prepublish-dev.js

@@ -1,221 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * DEVELOPMENT-ONLY Prepublish Script
- * This script is for development use only and should NEVER be included in production packages
- * It provides additional development validation and cleanup functionality
- */
-
-const fs = require('fs');
-const path = require('path');
-const SecurityUtils = require('../utils/security');
-
-class DevelopmentPrepublishCleaner {
- constructor() {
- this.projectRoot = path.join(__dirname, '..');
- this.directories = [
- 'scripts/debug/logs',
- 'scripts/debug/reports',
- 'settings/backups',
- 'i18ntk-reports',
- 'reports',
- 'tests/temp'
- ];
- this.files = [
- 'settings/.i18n-admin-config.json',
- 'test-*.json',
- 'debug-*.log',
- 'npm-debug.log',
- 'yarn-error.log',
- '.env',
- '.env.test'
- ];
- 
- // Essential files that must exist for development
- this.essentialFiles = [
- 'package.json',
- 'main/manage/index.js',
- 'main/i18ntk-init.js',
- 'main/i18ntk-analyze.js',
- 'main/i18ntk-validate.js',
- 'utils/security.js'
- ];
- }
-
- log(message) {
- console.log(`[Prepublish-Dev] ${message}`);
- }
-
- async clean() {
- this.log('Starting development pre-publish validation...');
- 
- // Validate essential files exist
- await this.validateEssentialFiles();
- 
- // Clean directories
- for (const dir of this.directories) {
- await this.cleanDirectory(path.join(this.projectRoot, dir));
- }
- 
- // Clean files
- for (const file of this.files) {
- await this.cleanFile(file);
- }
- 
- // Development-specific validations
- await this.devValidations();
- 
- this.log('Development pre-publish validation completed successfully!');
- }
-
- async cleanDirectory(dirPath) {
- const validatedPath = SecurityUtils.validatePath(dirPath, this.projectRoot);
- if (!validatedPath || !SecurityUtils.safeExistsSync(validatedPath)) {
- return;
- }
-
- try {
- const files = SecurityUtils.safeReaddirSync(validatedPath, this.projectRoot);
- let deletedCount = 0;
-
- for (const file of files) {
- const filePath = path.join(validatedPath, file);
- const validatedFilePath = SecurityUtils.validatePath(filePath, this.projectRoot);
- if (!validatedFilePath) continue;
-
- const stat = SecurityUtils.safeStatSync(validatedFilePath, this.projectRoot);
- if (!stat) continue;
-
- if (stat.isFile()) {
- if (SecurityUtils.safeExistsSync(validatedFilePath)) {
- fs.unlinkSync(validatedFilePath);
- deletedCount++;
- }
- } else if (stat.isDirectory()) {
- // Recursively clean subdirectories
- await this.cleanDirectory(validatedFilePath);
- // Remove empty directories
- try {
- fs.rmdirSync(validatedFilePath);
- } catch (e) {
- // Directory not empty, skip
- }
- }
- }
-
- if (deletedCount > 0) {
- this.log(`Cleaned ${deletedCount} files from ${path.relative(this.projectRoot, validatedPath)}`);
- }
- } catch (error) {
- this.log(`Warning: Could not clean ${dirPath}: ${error.message}`);
- }
- }
-
- async cleanFile(pattern) {
- const searchPath = path.join(this.projectRoot, pattern);
- const validatedSearchPath = SecurityUtils.validatePath(searchPath, this.projectRoot);
- if (!validatedSearchPath) return;
-
- if (pattern.includes('*')) {
- // Handle glob patterns
- const dir = path.dirname(validatedSearchPath);
- const filenamePattern = path.basename(validatedSearchPath);
- const validatedDir = SecurityUtils.validatePath(dir, this.projectRoot);
- if (!validatedDir) return;
-
- if (SecurityUtils.safeExistsSync(validatedDir)) {
- const files = SecurityUtils.safeReaddirSync(validatedDir, this.projectRoot);
- const regex = new RegExp(filenamePattern.replace('*', '.*'));
-
- for (const file of files) {
- if (regex.test(file)) {
- const filePath = path.join(validatedDir, file);
- const validatedFilePath = SecurityUtils.validatePath(filePath, this.projectRoot);
- if (validatedFilePath && SecurityUtils.safeExistsSync(validatedFilePath)) {
- fs.unlinkSync(validatedFilePath);
- this.log(`Deleted ${path.relative(this.projectRoot, validatedFilePath)}`);
- }
- }
- }
- }
- } else {
- // Handle exact files
- const validatedFilePath = SecurityUtils.validatePath(searchPath, this.projectRoot);
- if (validatedFilePath && SecurityUtils.safeExistsSync(validatedFilePath)) {
- fs.unlinkSync(validatedFilePath);
- this.log(`Deleted ${path.relative(this.projectRoot, validatedFilePath)}`);
- }
- }
- }
-
- async validateEssentialFiles() {
- this.log('Validating essential development files...');
-
- let missingFiles = [];
- for (const file of this.essentialFiles) {
- const filePath = path.join(this.projectRoot, file);
- const validatedPath = SecurityUtils.validatePath(filePath, this.projectRoot);
- if (!validatedPath || !SecurityUtils.safeExistsSync(validatedPath)) {
- missingFiles.push(file);
- } else {
- const stat = SecurityUtils.safeStatSync(validatedPath, this.projectRoot);
- if (!stat || !stat.isFile()) {
- this.log(`❌ ${file} is not a file`);
- process.exit(1);
- }
- }
- }
-
- if (missingFiles.length > 0) {
- this.log(`❌ Missing essential files: ${missingFiles.join(', ')}`);
- process.exit(1);
- }
-
- this.log('✅ All essential development files present');
- }
-
- async devValidations() {
- this.log('Running development-specific validations...');
- 
- // Check for test files
- const testFiles = [
- 'tests/security.test.js',
- 'tests/config-system.test.js',
- 'tests/comprehensive-test.js'
- ];
-
- for (const testFile of testFiles) {
- const testPath = path.join(this.projectRoot, testFile);
- const validatedPath = SecurityUtils.validatePath(testPath, this.projectRoot);
- if (!validatedPath || !SecurityUtils.safeExistsSync(validatedPath)) {
- this.log(`⚠️ Missing test file: ${testFile}`);
- }
- }
- 
- // Check for development tools
- const devTools = [
- '.vscode/',
- '.idea/',
- 'node_modules/'
- ];
-
- for (const tool of devTools) {
- const toolPath = path.join(this.projectRoot, tool);
- const validatedPath = SecurityUtils.validatePath(toolPath, this.projectRoot);
- if (validatedPath && SecurityUtils.safeExistsSync(validatedPath)) {
- this.log(`ℹ️ Development tool found: ${tool}`);
- }
- }
- }
-}
-
-// Run if called directly
-if (require.main === module) {
- const cleaner = new DevelopmentPrepublishCleaner();
- cleaner.clean().catch(error => {
- console.error('Error during development cleanup:', error);
- process.exit(1);
- });
-}
-
-module.exports = DevelopmentPrepublishCleaner;

package/scripts/prepublish.js

@@ -1,362 +0,0 @@
-#!/usr/bin/env node
-
-/**
- * Prepublish Script
- * Cleans up development artifacts before npm publish
- * Ensures fresh config and settings for public package
- * version 2.0.5
- */
-
-const fs = require('fs');
-const path = require('path');
-const SecurityUtils = require('../utils/security');
-
-class PrepublishCleaner {
-    constructor() {
-        this.projectRoot = path.join(__dirname, '..');
-        this.directories = [
-            'scripts/debug/logs',
-            'scripts/debug/reports',
-            'settings/backups',
-            'i18ntk-reports',
-            'reports'
-        ];
-        this.files = [
-            'settings/.i18n-admin-config.json',
-            'test-*.json',
-            'debug-*.log',
-            'npm-debug.log',
-            'yarn-error.log'
-        ];
-        
-        // Essential files that must exist for release
-        this.essentialFiles = [
-            'package.json',
-            'main/manage/index.js',
-            'main/i18ntk-init.js',
-            'main/i18ntk-analyze.js',
-            'main/i18ntk-validate.js',
-            'main/i18ntk-usage.js',
-            'main/i18ntk-summary.js',
-            'main/i18ntk-sizing.js',
-            'main/i18ntk-complete.js',
-            'main/i18ntk-ui.js',
-            'main/i18ntk-autorun.js',
-            'utils/i18n-helper.js',
-            'utils/security.js',
-            'settings/settings-manager.js',
-            'settings/settings-cli.js',
-            'settings/i18ntk-config.json'
-        ];
-        
-        // Essential locale files
-        this.essentialLocales = [
-            'resources/i18n/ui-locales/en.json',
-            'resources/i18n/ui-locales/es.json',
-            'resources/i18n/ui-locales/fr.json',
-            'resources/i18n/ui-locales/de.json',
-            'resources/i18n/ui-locales/ja.json',
-            'resources/i18n/ui-locales/ru.json',
-            'resources/i18n/ui-locales/zh.json'
-        ];
-    }
-
-    log(message) {
-        console.log(`[Prepublish] ${message}`);
-    }
-
-    async clean() {
-        this.log('Starting comprehensive pre-publish validation...');
-        
-        // Validate essential files exist
-        await this.validateEssentialFiles();
-        
-        // Validate locale files
-        await this.validateLocaleFiles();
-        
-        // Validate package.json
-        await this.validatePackageJson();
-        
-        // Clean directories
-        for (const dir of this.directories) {
-            await this.cleanDirectory(path.join(this.projectRoot, dir));
-        }
-        
-        // Clean files
-        for (const file of this.files) {
-            await this.cleanFile(file);
-        }
-        
-        // Reset security settings
-        await this.resetSecuritySettings();
-        
-        // Final validation
-        await this.finalValidation();
-        
-        this.log('Pre-publish validation completed successfully!');
-    }
-
-    async cleanDirectory(dirPath) {
-    const validatedPath = SecurityUtils.validatePath(dirPath, this.projectRoot);
-    if (!validatedPath || !SecurityUtils.safeExistsSync(validatedPath)) {
-    return;
-    }
-    
-    try {
-    const files = SecurityUtils.safeReaddirSync(validatedPath, this.projectRoot);
-    let deletedCount = 0;
-    
-    for (const file of files) {
-    const filePath = path.join(validatedPath, file);
-    const validatedFilePath = SecurityUtils.validatePath(filePath, this.projectRoot);
-    if (!validatedFilePath) continue;
-    
-    const stat = SecurityUtils.safeStatSync(validatedFilePath, this.projectRoot);
-    if (!stat) continue;
-    
-    if (stat.isFile()) {
-    if (SecurityUtils.safeExistsSync(validatedFilePath)) {
-    fs.unlinkSync(validatedFilePath);
-    deletedCount++;
-    }
-    } else if (stat.isDirectory()) {
-    // Recursively clean subdirectories
-    await this.cleanDirectory(validatedFilePath);
-    // Remove empty directories
-    try {
-    fs.rmdirSync(validatedFilePath);
-    } catch (e) {
-    // Directory not empty, skip
-    }
-    }
-    }
-    
-    if (deletedCount > 0) {
-    this.log(`Cleaned ${deletedCount} files from ${path.relative(this.projectRoot, validatedPath)}`);
-    }
-    } catch (error) {
-    this.log(`Warning: Could not clean ${dirPath}: ${error.message}`);
-    }
-    }
-
-    async cleanFile(pattern) {
-    const searchPath = path.join(this.projectRoot, pattern);
-    const validatedSearchPath = SecurityUtils.validatePath(searchPath, this.projectRoot);
-    if (!validatedSearchPath) return;
-    
-    if (pattern.includes('*')) {
-    // Handle glob patterns
-    const dir = path.dirname(validatedSearchPath);
-    const filenamePattern = path.basename(validatedSearchPath);
-    const validatedDir = SecurityUtils.validatePath(dir, this.projectRoot);
-    if (!validatedDir) return;
-    
-    if (SecurityUtils.safeExistsSync(validatedDir)) {
-    const files = SecurityUtils.safeReaddirSync(validatedDir, this.projectRoot);
-    const regex = new RegExp(filenamePattern.replace('*', '.*'));
-    
-    for (const file of files) {
-    if (regex.test(file)) {
-    const filePath = path.join(validatedDir, file);
-    const validatedFilePath = SecurityUtils.validatePath(filePath, this.projectRoot);
-    if (validatedFilePath && SecurityUtils.safeExistsSync(validatedFilePath)) {
-    fs.unlinkSync(validatedFilePath);
-    this.log(`Deleted ${path.relative(this.projectRoot, validatedFilePath)}`);
-    }
-    }
-    }
-    }
-    } else {
-    // Handle exact files
-    const validatedFilePath = SecurityUtils.validatePath(searchPath, this.projectRoot);
-    if (validatedFilePath && SecurityUtils.safeExistsSync(validatedFilePath)) {
-    fs.unlinkSync(validatedFilePath);
-    this.log(`Deleted ${path.relative(this.projectRoot, validatedFilePath)}`);
-    }
-    }
-    }
-
-    async validateEssentialFiles() {
-    this.log('Validating essential files...');
-    
-    let missingFiles = [];
-    for (const file of this.essentialFiles) {
-    const filePath = path.join(this.projectRoot, file);
-    const validatedPath = SecurityUtils.validatePath(filePath, this.projectRoot);
-    if (!validatedPath || !SecurityUtils.safeExistsSync(validatedPath)) {
-    missingFiles.push(file);
-    } else {
-    const stat = SecurityUtils.safeStatSync(validatedPath, this.projectRoot);
-    if (!stat || !stat.isFile()) {
-    this.log(`❌ ${file} is not a file`);
-    process.exit(1);
-    }
-    }
-    }
-        
-        if (missingFiles.length > 0) {
-            this.log(`❌ Missing essential files: ${missingFiles.join(', ')}`);
-            process.exit(1);
-        }
-        
-        this.log('✅ All essential files present');
-    }
-    
-    async validateLocaleFiles() {
-    this.log('Validating locale files...');
-    
-    let invalidFiles = [];
-    for (const localeFile of this.essentialLocales) {
-    const filePath = path.join(this.projectRoot, localeFile);
-    const validatedPath = SecurityUtils.validatePath(filePath, this.projectRoot);
-    if (!validatedPath || !SecurityUtils.safeExistsSync(validatedPath)) {
-    invalidFiles.push(localeFile);
-    continue;
-    }
-    
-    try {
-    const content = SecurityUtils.safeReadFileSync(validatedPath, this.projectRoot, 'utf8');
-                
-                // Validate structure
-                if (typeof parsed !== 'object' || parsed === null) {
-                    invalidFiles.push(`${localeFile}: Invalid structure`);
-                }
-                
-                // Check for required keys
-                if (!parsed.settings || !parsed.settings.title) {
-                    invalidFiles.push(`${localeFile}: Missing required keys`);
-                }
-                
-            } catch (e) {
-                invalidFiles.push(`${localeFile}: ${e.message}`);
-            }
-        }
-        
-        if (invalidFiles.length > 0) {
-            this.log(`❌ Invalid locale files: ${invalidFiles.join(', ')}`);
-            process.exit(1);
-        }
-        
-        this.log('✅ All locale files valid');
-    }
-    
-    async validatePackageJson() {
-    this.log('Validating package.json...');
-    
-    const packagePath = path.join(this.projectRoot, 'package.json');
-    const validatedPath = SecurityUtils.validatePath(packagePath, this.projectRoot);
-    if (!validatedPath) {
-    this.log('❌ package.json not found or invalid path');
-    process.exit(1);
-    }
-    try {
-    const pkg = JSON.parse(SecurityUtils.safeReadFileSync(validatedPath, this.projectRoot, 'utf8'));
-            
-            // Validate required fields
-            const requiredFields = ['name', 'version', 'description', 'main', 'bin', 'files'];
-            for (const field of requiredFields) {
-                if (!pkg[field]) {
-                    this.log(`❌ package.json missing required field: ${field}`);
-                    process.exit(1);
-                }
-            }
-            
-            // Validate version format
-            if (!/^\d+\.\d+\.\d+/.test(pkg.version)) {
-                this.log('❌ Invalid version format');
-                process.exit(1);
-            }
-            
-            // Validate bin entries
-            const requiredBinEntries = [
-                'i18ntk', 'i18ntk-init', 'i18ntk-analyze', 'i18ntk-validate',
-                'i18ntk-usage', 'i18ntk-summary', 'i18ntk-sizing', 'i18ntk-complete',
-                'i18ntk-ui', 'i18ntk-autorun'
-            ];
-            
-            for (const bin of requiredBinEntries) {
-                if (!pkg.bin || !pkg.bin[bin]) {
-                    this.log(`❌ Missing bin entry: ${bin}`);
-                    process.exit(1);
-                }
-                
-                const binPath = path.join(this.projectRoot, pkg.bin[bin]);
-                if (!SecurityUtils.safeExistsSync(binPath)) {
-                    this.log(`❌ Missing bin script: ${pkg.bin[bin]}`);
-                    process.exit(1);
-                }
-            }
-            
-            this.log('✅ package.json validated');
-        } catch (e) {
-            this.log(`❌ Invalid package.json: ${e.message}`);
-            process.exit(1);
-        }
-    }
-    
-    async finalValidation() {
-    this.log('Running final validation checks...');
-    
-    // Check for development artifacts
-    const devArtifacts = [
-    'dev/debug',
-    'benchmarks',
-    '.github',
-    'test-usage-fix.html',
-    '.i18ntk'
-    ];
-    
-    for (const artifact of devArtifacts) {
-    const artifactPath = path.join(this.projectRoot, artifact);
-    const validatedPath = SecurityUtils.validatePath(artifactPath, this.projectRoot);
-    if (validatedPath && SecurityUtils.safeExistsSync(validatedPath)) {
-    this.log(`⚠️ Development artifact found: ${artifact}`);
-    }
-    }
-        
-        // Validate file permissions for executable scripts
-        const scripts = [
-        'main/manage/index.js',
-        'main/i18ntk-init.js',
-        'main/i18ntk-analyze.js',
-        'main/i18ntk-validate.js',
-        'main/i18ntk-usage.js',
-        'main/i18ntk-summary.js',
-        'main/i18ntk-sizing.js',
-        'main/i18ntk-complete.js',
-        'main/i18ntk-ui.js',
-        'main/i18ntk-autorun.js'
-        ];
-        
-        for (const script of scripts) {
-        const scriptPath = path.join(this.projectRoot, script);
-        const validatedPath = SecurityUtils.validatePath(scriptPath, this.projectRoot);
-        if (validatedPath && SecurityUtils.safeExistsSync(validatedPath)) {
-        try {
-        fs.accessSync(validatedPath, fs.constants.X_OK);
-        } catch (e) {
-        this.log(`⚠️ Script not executable: ${script}`);
-        }
-        }
-        }
-        
-        this.log('✅ Final validation complete');
-    }
-    
-    async resetSecuritySettings() {
-    // Remove security settings reset to prevent disabling security during publish
-    // This script should not modify security configurations
-    this.log('Skipping security settings reset to maintain security posture');
-    }
-}
-
-// Run if called directly
-if (require.main === module) {
-    const cleaner = new PrepublishCleaner();
-    cleaner.clean().catch(error => {
-        console.error('Error during cleanup:', error);
-        process.exit(1);
-    });
-}
-
-module.exports = PrepublishCleaner;

package/scripts/security-check.js

@@ -1,117 +0,0 @@
-#!/usr/bin/env node
-/**
- * Security Check Script
- * Validates that no child_process usage exists in production code
- */
-
-const fs = require('fs');
-const path = require('path');
-
-class SecurityCheck {
-  constructor() {
-    this.productionDirs = ['main', 'utils', 'settings', 'scripts'];
-    this.forbiddenPatterns = [
-      /require\(['"]child_process['"]\)/,
-      /import.*child_process/,
-      /execSync\(/,
-      /spawnSync\(/,
-      /execFileSync\(/,
-      /spawn\(/,
-      /exec\(/,
-      /execFile\(/ 
-    ];
-    this.allowedFiles = [
-      'dev/',           // Development files allowed to use child_process
-      'benchmarks/',    // Benchmark scripts
-      'test/',          // Test files
-      'scripts/deprecate-versions.js', // Allowed to use child_process for npm commands
-      'verify-package.js' // Package verification (development)
-    ];
-    this.violations = [];
-  }
-
-  async run() {
-    console.log('🔒 i18ntk Security Check - Production Code Validation');
-    console.log('═'.repeat(55));
-    
-    for (const dir of this.productionDirs) {
-      await this.checkDirectory(dir);
-    }
-    
-    if (this.violations.length > 0) {
-      console.error('\n❌ SECURITY VIOLATIONS FOUND:');
-      this.violations.forEach(violation => {
-        console.error(`   ${violation.file}:${violation.line} - ${violation.pattern}`);
-      });
-      console.error('\n💡 Production code must not use child_process');
-      process.exit(1);
-    } else {
-      console.log('\n✅ All security checks passed - no child_process usage in production code');
-    }
-  }
-
-  async checkDirectory(dir) {
-    const dirPath = path.join(process.cwd(), dir);
-    
-    if (!SecurityUtils.safeExistsSync(dirPath)) {
-      return;
-    }
-
-    const files = this.getAllFiles(dirPath);
-    
-    for (const file of files) {
-      await this.checkFile(file);
-    }
-  }
-
-  getAllFiles(dirPath) {
-    const files = [];
-    const entries = fs.readdirSync(dirPath, { withFileTypes: true });
-    
-    for (const entry of entries) {
-      const fullPath = path.join(dirPath, entry.name);
-      
-      if (entry.isDirectory()) {
-        files.push(...this.getAllFiles(fullPath));
-      } else if (entry.isFile() && entry.name.endsWith('.js')) {
-        files.push(fullPath);
-      }
-    }
-    
-    return files;
-  }
-
-  async checkFile(filePath) {
-    const relativePath = path.relative(process.cwd(), filePath).replace(/\\/g, '/');
-
-    for (const allowed of this.allowedFiles) {
-      if (relativePath.startsWith(allowed)) {
-        return;
-      }
-    }
-
-    const content = SecurityUtils.safeReadFileSync(filePath, path.dirname(filePath), 'utf8');
-    const lines = content.split('\n');
-    
-    for (let i = 0; i < lines.length; i++) {
-      const line = lines[i];
-      
-      for (const pattern of this.forbiddenPatterns) {
-        if (pattern.test(line)) {
-          this.violations.push({
-            file: relativePath,
-            line: i + 1,
-            pattern: pattern.toString()
-          });
-        }
-      }
-    }
-  }
-}
-
-if (require.main === module) {
-  const check = new SecurityCheck();
-  check.run().catch(console.error);
-}
-
-module.exports = SecurityCheck;