kastell 2.2.6 → 2.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/plugin.json +5 -3
- package/CHANGELOG.md +112 -0
- package/README.md +34 -6
- package/README.tr.md +6 -6
- package/dist/commands/audit.d.ts +3 -2
- package/dist/commands/audit.d.ts.map +1 -1
- package/dist/commands/audit.js +88 -47
- package/dist/commands/audit.js.map +1 -1
- package/dist/commands/auth.d.ts.map +1 -1
- package/dist/commands/auth.js +14 -1
- package/dist/commands/auth.js.map +1 -1
- package/dist/commands/domain.d.ts.map +1 -1
- package/dist/commands/domain.js +18 -1
- package/dist/commands/domain.js.map +1 -1
- package/dist/commands/evidence.d.ts.map +1 -1
- package/dist/commands/evidence.js +2 -1
- package/dist/commands/evidence.js.map +1 -1
- package/dist/commands/fix.d.ts.map +1 -1
- package/dist/commands/fix.js +12 -4
- package/dist/commands/fix.js.map +1 -1
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +2 -1
- package/dist/commands/init.js.map +1 -1
- package/dist/commands/lock.d.ts.map +1 -1
- package/dist/commands/lock.js +7 -2
- package/dist/commands/lock.js.map +1 -1
- package/dist/commands/maintain.d.ts.map +1 -1
- package/dist/commands/maintain.js +13 -0
- package/dist/commands/maintain.js.map +1 -1
- package/dist/commands/plugin.d.ts.map +1 -1
- package/dist/commands/plugin.js +5 -4
- package/dist/commands/plugin.js.map +1 -1
- package/dist/commands/snapshot.d.ts.map +1 -1
- package/dist/commands/snapshot.js +16 -0
- package/dist/commands/snapshot.js.map +1 -1
- package/dist/commands/status.d.ts.map +1 -1
- package/dist/commands/status.js +2 -0
- package/dist/commands/status.js.map +1 -1
- package/dist/commands/update.d.ts.map +1 -1
- package/dist/commands/update.js +30 -10
- package/dist/commands/update.js.map +1 -1
- package/dist/core/audit/commands.d.ts +4 -1
- package/dist/core/audit/commands.d.ts.map +1 -1
- package/dist/core/audit/commands.js +7 -3
- package/dist/core/audit/commands.js.map +1 -1
- package/dist/core/audit/diff.d.ts +31 -0
- package/dist/core/audit/diff.d.ts.map +1 -1
- package/dist/core/audit/diff.js +43 -0
- package/dist/core/audit/diff.js.map +1 -1
- package/dist/core/audit/errors.d.ts +4 -0
- package/dist/core/audit/errors.d.ts.map +1 -0
- package/dist/core/audit/errors.js +4 -0
- package/dist/core/audit/errors.js.map +1 -0
- package/dist/core/audit/fix-history.d.ts.map +1 -1
- package/dist/core/audit/fix-history.js +3 -5
- package/dist/core/audit/fix-history.js.map +1 -1
- package/dist/core/audit/fix.d.ts.map +1 -1
- package/dist/core/audit/fix.js +16 -18
- package/dist/core/audit/fix.js.map +1 -1
- package/dist/core/audit/history.d.ts +8 -0
- package/dist/core/audit/history.d.ts.map +1 -1
- package/dist/core/audit/history.js +67 -5
- package/dist/core/audit/history.js.map +1 -1
- package/dist/core/audit/index.d.ts.map +1 -1
- package/dist/core/audit/index.js +24 -12
- package/dist/core/audit/index.js.map +1 -1
- package/dist/core/audit/listChecks.d.ts.map +1 -1
- package/dist/core/audit/listChecks.js +2 -1
- package/dist/core/audit/listChecks.js.map +1 -1
- package/dist/core/audit/pluginAudit.d.ts +10 -0
- package/dist/core/audit/pluginAudit.d.ts.map +1 -1
- package/dist/core/audit/pluginAudit.js +59 -23
- package/dist/core/audit/pluginAudit.js.map +1 -1
- package/dist/core/audit/pluginFix.d.ts +22 -1
- package/dist/core/audit/pluginFix.d.ts.map +1 -1
- package/dist/core/audit/pluginFix.js +27 -10
- package/dist/core/audit/pluginFix.js.map +1 -1
- package/dist/core/audit/regression.d.ts +1 -0
- package/dist/core/audit/regression.d.ts.map +1 -1
- package/dist/core/audit/regression.js +7 -5
- package/dist/core/audit/regression.js.map +1 -1
- package/dist/core/audit/snapshot.d.ts.map +1 -1
- package/dist/core/audit/snapshot.js +3 -4
- package/dist/core/audit/snapshot.js.map +1 -1
- package/dist/core/audit/types.d.ts +2 -2
- package/dist/core/audit/types.d.ts.map +1 -1
- package/dist/core/completions.d.ts.map +1 -1
- package/dist/core/completions.js +71 -47
- package/dist/core/completions.js.map +1 -1
- package/dist/core/configRepair.d.ts.map +1 -1
- package/dist/core/configRepair.js +5 -12
- package/dist/core/configRepair.js.map +1 -1
- package/dist/core/doctor.d.ts +2 -1
- package/dist/core/doctor.d.ts.map +1 -1
- package/dist/core/doctor.js +4 -5
- package/dist/core/doctor.js.map +1 -1
- package/dist/core/evidence.d.ts.map +1 -1
- package/dist/core/evidence.js +4 -7
- package/dist/core/evidence.js.map +1 -1
- package/dist/core/fleet.d.ts +5 -2
- package/dist/core/fleet.d.ts.map +1 -1
- package/dist/core/fleet.js +34 -22
- package/dist/core/fleet.js.map +1 -1
- package/dist/core/notify.d.ts.map +1 -1
- package/dist/core/notify.js +13 -24
- package/dist/core/notify.js.map +1 -1
- package/dist/core/plugin/audit.d.ts +25 -0
- package/dist/core/plugin/audit.d.ts.map +1 -0
- package/dist/core/plugin/audit.js +43 -0
- package/dist/core/plugin/audit.js.map +1 -0
- package/dist/core/plugin.d.ts +19 -6
- package/dist/core/plugin.d.ts.map +1 -1
- package/dist/core/plugin.js +40 -19
- package/dist/core/plugin.js.map +1 -1
- package/dist/core/provision.d.ts +25 -1
- package/dist/core/provision.d.ts.map +1 -1
- package/dist/core/provision.js +127 -12
- package/dist/core/provision.js.map +1 -1
- package/dist/core/scheduleManager.d.ts.map +1 -1
- package/dist/core/scheduleManager.js +7 -8
- package/dist/core/scheduleManager.js.map +1 -1
- package/dist/core/tokens.d.ts +1 -1
- package/dist/core/tokens.d.ts.map +1 -1
- package/dist/core/tokens.js +12 -11
- package/dist/core/tokens.js.map +1 -1
- package/dist/index.js +2 -0
- package/dist/index.js.map +1 -1
- package/dist/mcp/index.js +2 -2
- package/dist/mcp/index.js.map +1 -1
- package/dist/mcp/server.d.ts +14 -0
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +118 -96
- package/dist/mcp/server.js.map +1 -1
- package/dist/mcp/startupDiagnostic.d.ts +6 -0
- package/dist/mcp/startupDiagnostic.d.ts.map +1 -0
- package/dist/mcp/startupDiagnostic.js +7 -0
- package/dist/mcp/startupDiagnostic.js.map +1 -0
- package/dist/mcp/tools/serverAudit.d.ts +2 -1
- package/dist/mcp/tools/serverAudit.d.ts.map +1 -1
- package/dist/mcp/tools/serverAudit.js.map +1 -1
- package/dist/mcp/tools/serverBackup.handlers.d.ts.map +1 -1
- package/dist/mcp/tools/serverBackup.handlers.js +1 -0
- package/dist/mcp/tools/serverBackup.handlers.js.map +1 -1
- package/dist/mcp/tools/serverCompare.d.ts +13 -14
- package/dist/mcp/tools/serverCompare.d.ts.map +1 -1
- package/dist/mcp/tools/serverCompare.js +20 -15
- package/dist/mcp/tools/serverCompare.js.map +1 -1
- package/dist/mcp/tools/serverFix.d.ts +61 -17
- package/dist/mcp/tools/serverFix.d.ts.map +1 -1
- package/dist/mcp/tools/serverFix.js +67 -78
- package/dist/mcp/tools/serverFix.js.map +1 -1
- package/dist/mcp/tools/serverGuard.d.ts.map +1 -1
- package/dist/mcp/tools/serverGuard.js +4 -1
- package/dist/mcp/tools/serverGuard.js.map +1 -1
- package/dist/mcp/tools/serverInfo.d.ts +11 -3
- package/dist/mcp/tools/serverInfo.d.ts.map +1 -1
- package/dist/mcp/tools/serverInfo.js +11 -3
- package/dist/mcp/tools/serverInfo.js.map +1 -1
- package/dist/mcp/tools/serverLogs.d.ts.map +1 -1
- package/dist/mcp/tools/serverLogs.js +2 -1
- package/dist/mcp/tools/serverLogs.js.map +1 -1
- package/dist/mcp/tools/serverMaintain.d.ts +4 -2
- package/dist/mcp/tools/serverMaintain.d.ts.map +1 -1
- package/dist/mcp/tools/serverMaintain.js +4 -2
- package/dist/mcp/tools/serverMaintain.js.map +1 -1
- package/dist/mcp/tools/serverPlugin.js +2 -2
- package/dist/mcp/tools/serverPlugin.js.map +1 -1
- package/dist/mcp/tools/serverProvision.d.ts +8 -0
- package/dist/mcp/tools/serverProvision.d.ts.map +1 -1
- package/dist/mcp/tools/serverProvision.js +31 -3
- package/dist/mcp/tools/serverProvision.js.map +1 -1
- package/dist/mcp/tools/serverSecure.actions.d.ts +21 -0
- package/dist/mcp/tools/serverSecure.actions.d.ts.map +1 -0
- package/dist/mcp/tools/serverSecure.actions.js +22 -0
- package/dist/mcp/tools/serverSecure.actions.js.map +1 -0
- package/dist/mcp/tools/serverSecure.d.ts +23 -1
- package/dist/mcp/tools/serverSecure.d.ts.map +1 -1
- package/dist/mcp/tools/serverSecure.js +16 -9
- package/dist/mcp/tools/serverSecure.js.map +1 -1
- package/dist/mcp/utils/parseMetrics.d.ts +27 -0
- package/dist/mcp/utils/parseMetrics.d.ts.map +1 -0
- package/dist/mcp/utils/parseMetrics.js +35 -0
- package/dist/mcp/utils/parseMetrics.js.map +1 -0
- package/dist/mcp/utils.d.ts +9 -0
- package/dist/mcp/utils.d.ts.map +1 -1
- package/dist/mcp/utils.js +1 -2
- package/dist/mcp/utils.js.map +1 -1
- package/dist/mcp-bundle.mjs +5862 -4939
- package/dist/plugin/loader.js +3 -2
- package/dist/plugin/loader.js.map +1 -1
- package/dist/plugin/registry.d.ts +26 -5
- package/dist/plugin/registry.d.ts.map +1 -1
- package/dist/plugin/registry.js +46 -18
- package/dist/plugin/registry.js.map +1 -1
- package/dist/plugin/sdk/constants.d.ts +2 -0
- package/dist/plugin/sdk/constants.d.ts.map +1 -1
- package/dist/plugin/sdk/constants.js +1 -0
- package/dist/plugin/sdk/constants.js.map +1 -1
- package/dist/plugin/sdk/types.d.ts +18 -4
- package/dist/plugin/sdk/types.d.ts.map +1 -1
- package/dist/plugin/sdk/types.js +1 -1
- package/dist/plugin/sdk/types.js.map +1 -1
- package/dist/plugin/validate.d.ts.map +1 -1
- package/dist/plugin/validate.js +17 -8
- package/dist/plugin/validate.js.map +1 -1
- package/dist/types/severity.d.ts +3 -0
- package/dist/types/severity.d.ts.map +1 -0
- package/dist/types/severity.js +2 -0
- package/dist/types/severity.js.map +1 -0
- package/dist/utils/atomicWrite.d.ts +23 -0
- package/dist/utils/atomicWrite.d.ts.map +1 -0
- package/dist/utils/atomicWrite.js +44 -0
- package/dist/utils/atomicWrite.js.map +1 -0
- package/dist/utils/concurrency.d.ts +17 -0
- package/dist/utils/concurrency.d.ts.map +1 -0
- package/dist/utils/concurrency.js +38 -0
- package/dist/utils/concurrency.js.map +1 -0
- package/dist/utils/config.d.ts +1 -0
- package/dist/utils/config.d.ts.map +1 -1
- package/dist/utils/config.js +44 -33
- package/dist/utils/config.js.map +1 -1
- package/dist/utils/encryption.d.ts.map +1 -1
- package/dist/utils/encryption.js +7 -2
- package/dist/utils/encryption.js.map +1 -1
- package/dist/utils/exitCode.d.ts +2 -0
- package/dist/utils/exitCode.d.ts.map +1 -0
- package/dist/utils/exitCode.js +4 -0
- package/dist/utils/exitCode.js.map +1 -0
- package/dist/utils/fileLock.d.ts.map +1 -1
- package/dist/utils/fileLock.js +177 -30
- package/dist/utils/fileLock.js.map +1 -1
- package/dist/utils/fsMtime.d.ts +32 -0
- package/dist/utils/fsMtime.d.ts.map +1 -0
- package/dist/utils/fsMtime.js +61 -0
- package/dist/utils/fsMtime.js.map +1 -0
- package/dist/utils/fsRetry.d.ts +20 -0
- package/dist/utils/fsRetry.d.ts.map +1 -0
- package/dist/utils/fsRetry.js +56 -0
- package/dist/utils/fsRetry.js.map +1 -0
- package/dist/utils/logger.d.ts +1 -1
- package/dist/utils/logger.d.ts.map +1 -1
- package/dist/utils/logger.js +8 -3
- package/dist/utils/logger.js.map +1 -1
- package/dist/utils/openBrowser.d.ts.map +1 -1
- package/dist/utils/openBrowser.js +3 -2
- package/dist/utils/openBrowser.js.map +1 -1
- package/dist/utils/platform.d.ts +2 -0
- package/dist/utils/platform.d.ts.map +1 -0
- package/dist/utils/platform.js +2 -0
- package/dist/utils/platform.js.map +1 -0
- package/dist/utils/secureWrite.d.ts +1 -0
- package/dist/utils/secureWrite.d.ts.map +1 -1
- package/dist/utils/secureWrite.js +8 -2
- package/dist/utils/secureWrite.js.map +1 -1
- package/dist/utils/securityLogger.d.ts.map +1 -1
- package/dist/utils/securityLogger.js +16 -4
- package/dist/utils/securityLogger.js.map +1 -1
- package/dist/utils/ssh.d.ts +2 -1
- package/dist/utils/ssh.d.ts.map +1 -1
- package/dist/utils/ssh.js +14 -4
- package/dist/utils/ssh.js.map +1 -1
- package/dist/utils/version.d.ts +5 -0
- package/dist/utils/version.d.ts.map +1 -1
- package/dist/utils/version.js +26 -0
- package/dist/utils/version.js.map +1 -1
- package/dist/utils/webhookSecurity.d.ts +13 -0
- package/dist/utils/webhookSecurity.d.ts.map +1 -0
- package/dist/utils/webhookSecurity.js +130 -0
- package/dist/utils/webhookSecurity.js.map +1 -0
- package/kastell-plugin/.claude-plugin/plugin.json +2 -2
- package/kastell-plugin/README.md +6 -0
- package/package.json +3 -4
|
@@ -4,18 +4,32 @@
|
|
|
4
4
|
* History entries are validated with Zod .strict() to prevent bloat.
|
|
5
5
|
* detectTrend is version-aware: cross-methodology comparisons return "methodology-change".
|
|
6
6
|
*/
|
|
7
|
-
import { readFileSync, existsSync,
|
|
7
|
+
import { readFileSync, existsSync, } from "fs";
|
|
8
8
|
import { join } from "path";
|
|
9
9
|
import { z } from "zod";
|
|
10
10
|
import { KASTELL_DIR } from "../../utils/paths.js";
|
|
11
11
|
import { withFileLock } from "../../utils/fileLock.js";
|
|
12
|
-
import {
|
|
12
|
+
import { secureMkdirSync } from "../../utils/secureWrite.js";
|
|
13
|
+
import { atomicWriteFileSync } from "../../utils/atomicWrite.js";
|
|
13
14
|
import { MS_PER_DAY } from "../../utils/dates.js";
|
|
15
|
+
import { memoizeOnStat } from "../../utils/fsMtime.js";
|
|
14
16
|
const HISTORY_FILENAME = "audit-history.json";
|
|
17
|
+
/**
|
|
18
|
+
* LRU cap for latestAuditCache. Prevents unbounded growth as fleet scale grows
|
|
19
|
+
* (key = filePath::serverIp, so each distinct server occupies one entry).
|
|
20
|
+
* 100 = generous headroom for current <50-server fleets, bounded for the long tail.
|
|
21
|
+
*/
|
|
22
|
+
const MAX_LATEST_AUDIT_CACHE_SIZE = 100;
|
|
23
|
+
/** mtime-based cache for loadLatestAudit (key: filePath::serverIp) */
|
|
24
|
+
const latestAuditCache = new Map();
|
|
15
25
|
/** Get history file path lazily to support testing */
|
|
16
26
|
function getHistoryPath() {
|
|
17
27
|
return join(KASTELL_DIR, HISTORY_FILENAME);
|
|
18
28
|
}
|
|
29
|
+
/** Clear the latest-audit cache (exported for test isolation) */
|
|
30
|
+
export function clearAuditCache() {
|
|
31
|
+
latestAuditCache.clear();
|
|
32
|
+
}
|
|
19
33
|
/** Max history entries per server to prevent unbounded growth */
|
|
20
34
|
const MAX_ENTRIES_PER_SERVER = 50;
|
|
21
35
|
/**
|
|
@@ -53,6 +67,56 @@ export function loadAuditHistory(serverIp) {
|
|
|
53
67
|
return [];
|
|
54
68
|
}
|
|
55
69
|
}
|
|
70
|
+
/**
|
|
71
|
+
* Read history file and return the LAST entry matching serverIp.
|
|
72
|
+
* Validates only the matching entry with Zod (O(1) on cache miss for the target server,
|
|
73
|
+
* full file still O(n) for the walk). Skips malformed entries mid-file by checking
|
|
74
|
+
* schema validity per entry.
|
|
75
|
+
*/
|
|
76
|
+
function readLastEntryForServer(historyFile, serverIp) {
|
|
77
|
+
let raw;
|
|
78
|
+
try {
|
|
79
|
+
raw = readFileSync(historyFile, "utf-8");
|
|
80
|
+
}
|
|
81
|
+
catch {
|
|
82
|
+
return null;
|
|
83
|
+
}
|
|
84
|
+
let parsed;
|
|
85
|
+
try {
|
|
86
|
+
parsed = JSON.parse(raw);
|
|
87
|
+
}
|
|
88
|
+
catch {
|
|
89
|
+
return null;
|
|
90
|
+
}
|
|
91
|
+
if (!Array.isArray(parsed)) {
|
|
92
|
+
return null;
|
|
93
|
+
}
|
|
94
|
+
// Walk backwards to find the last matching entry; validate only that one
|
|
95
|
+
for (let i = parsed.length - 1; i >= 0; i--) {
|
|
96
|
+
const candidate = parsed[i];
|
|
97
|
+
if (candidate !== null &&
|
|
98
|
+
typeof candidate === "object" &&
|
|
99
|
+
candidate.serverIp === serverIp) {
|
|
100
|
+
const result = auditHistoryEntrySchema.safeParse(candidate);
|
|
101
|
+
if (result.success) {
|
|
102
|
+
return result.data;
|
|
103
|
+
}
|
|
104
|
+
// Malformed entry — continue searching backwards (defensive)
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
return null;
|
|
108
|
+
}
|
|
109
|
+
/**
|
|
110
|
+
* Load the most recent audit entry for a given server IP.
|
|
111
|
+
* Uses mtime-based cache to avoid repeated file reads when the history file hasn't changed.
|
|
112
|
+
* Returns null if no history exists.
|
|
113
|
+
*/
|
|
114
|
+
export function loadLatestAudit(serverIp) {
|
|
115
|
+
const historyFile = getHistoryPath();
|
|
116
|
+
// Per-server cache: composite key ensures server IP A's result is not
|
|
117
|
+
// returned for server IP B (the file is shared, but entries are per-IP).
|
|
118
|
+
return memoizeOnStat(latestAuditCache, `${historyFile}::${serverIp}`, historyFile, () => readLastEntryForServer(historyFile, serverIp), { maxSize: MAX_LATEST_AUDIT_CACHE_SIZE });
|
|
119
|
+
}
|
|
56
120
|
/**
|
|
57
121
|
* Save audit result to history file.
|
|
58
122
|
* Appends to existing history, caps at MAX_ENTRIES_PER_SERVER per server.
|
|
@@ -106,9 +170,7 @@ export async function saveAuditHistory(result) {
|
|
|
106
170
|
entries = entries.filter((e) => e.serverIp !== result.serverIp || !toRemove.has(e));
|
|
107
171
|
}
|
|
108
172
|
// Write atomically via temp file + rename
|
|
109
|
-
|
|
110
|
-
secureWriteFileSync(tmpFile, JSON.stringify(entries, null, 2), { encoding: "utf-8" });
|
|
111
|
-
renameSync(tmpFile, historyFile);
|
|
173
|
+
atomicWriteFileSync(historyFile, JSON.stringify(entries, null, 2), { encoding: "utf-8" });
|
|
112
174
|
});
|
|
113
175
|
}
|
|
114
176
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"history.js","sourceRoot":"","sources":["../../../src/core/audit/history.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,YAAY,EACZ,UAAU,
|
|
1
|
+
{"version":3,"file":"history.js","sourceRoot":"","sources":["../../../src/core/audit/history.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,YAAY,EACZ,UAAU,GACX,MAAM,IAAI,CAAC;AACZ,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,YAAY,EAAE,MAAM,yBAAyB,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACjE,OAAO,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAClD,OAAO,EAAE,aAAa,EAAsB,MAAM,wBAAwB,CAAC;AAS3E,MAAM,gBAAgB,GAAG,oBAAoB,CAAC;AAE9C;;;;GAIG;AACH,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAExC,sEAAsE;AACtE,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAmD,CAAC;AAEpF,sDAAsD;AACtD,SAAS,cAAc;IACrB,OAAO,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC;AAC7C,CAAC;AAED,iEAAiE;AACjE,MAAM,UAAU,eAAe;IAC7B,gBAAgB,CAAC,KAAK,EAAE,CAAC;AAC3B,CAAC;AAED,iEAAiE;AACjE,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAElC;;;;GAIG;AACH,MAAM,uBAAuB,GAAG,CAAC,CAAC,MAAM,CAAC;IACvC,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE;IACpB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE;IACrB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;IACxB,cAAc,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;IAChD,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACpC,CAAC,CAAC,MAAM,EAAE,CAAC;AAEZ,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;AAE3D;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAgB;IAC/C,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;QACrC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,MAAM,IAAI,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,iBAAiB,CAAC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7D,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACpB,OAAO,EAAE,CAAC;QACZ,CAAC;QACD,OAAO,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,sBAAsB,CAC7B,WAAmB,EACnB,QAAgB;IAEhB,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAC3C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,yEAAyE;IACzE,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAC5B,IACE,SAAS,KAAK,IAAI;YAClB,OAAO,SAAS,KAAK,QAAQ;YAC5B,SAAqC,CAAC,QAAQ,KAAK,QAAQ,EAC5D,CAAC;YACD,MAAM,MAAM,GAAG,uBAAuB,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAC5D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;gBACnB,OAAO,MAAM,CAAC,IAAI,CAAC;YACrB,CAAC;YACD,6DAA6D;QAC/D,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,QAAgB;IAC9C,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,sEAAsE;IACtE,yEAAyE;IACzE,OAAO,aAAa,CAClB,gBAAgB,EAChB,GAAG,WAAW,KAAK,QAAQ,EAAE,EAC7B,WAAW,EACX,GAAG,EAAE,CAAC,sBAAsB,CAAC,WAAW,EAAE,QAAQ,CAAC,EACnD,EAAE,OAAO,EAAE,2BAA2B,EAAE,CACzC,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,MAAmB;IACxD,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,MAAM,YAAY,CAAC,WAAW,EAAE,GAAG,EAAE;QACnC,iCAAiC;QACjC,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7B,eAAe,CAAC,WAAW,CAAC,CAAC;QAC/B,CAAC;QAED,wBAAwB;QACxB,IAAI,OAAO,GAAwB,EAAE,CAAC;QACtC,IAAI,CAAC;YACH,IAAI,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC5B,MAAM,IAAI,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;gBAChD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAChC,MAAM,SAAS,GAAG,iBAAiB,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;gBACtD,IAAI,SAAS,CAAC,OAAO,EAAE,CAAC;oBACtB,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC;gBAC3B,CAAC;gBACD,8DAA8D;YAChE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,yBAAyB;YACzB,OAAO,GAAG,EAAE,CAAC;QACf,CAAC;QAED,8BAA8B;QAC9B,MAAM,cAAc,GAA2B,EAAE,CAAC;QAClD,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;YACpC,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC;QACvC,CAAC;QAED,MAAM,QAAQ,GAAsB;YAClC,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,cAAc;YACd,YAAY,EAAE,MAAM,CAAC,YAAY;SAClC,CAAC;QAEF,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAEvB,0DAA0D;QAC1D,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC5E,IAAI,aAAa,CAAC,MAAM,GAAG,sBAAsB,EAAE,CAAC;YAClD,6CAA6C;YAC7C,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;YACrE,MAAM,QAAQ,GAAG,IAAI,GAAG,CACtB,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,aAAa,CAAC,MAAM,GAAG,sBAAsB,CAAC,CACtE,CAAC;YACF,OAAO,GAAG,OAAO,CAAC,MAAM,CACtB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAC1D,CAAC;QACJ,CAAC;QAED,0CAA0C;QAC1C,mBAAmB,CAAC,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC;IAC5F,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,SAAS,cAAc,CACrB,MAA8B,EAC9B,KAA6B;IAE7B,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,MAAM,GAAqB,EAAE,CAAC;IAEpC,KAAK,MAAM,QAAQ,IAAI,aAAa,EAAE,CAAC;QACrC,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,UAAU,GAAG,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACxC,MAAM,KAAK,GAAG,UAAU,GAAG,WAAW,CAAC;QACvC,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC;IAC7D,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,YAAY,CAC1B,OAA4B,EAC5B,OAA2B;IAE3B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,UAAU,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACvD,CAAC;IAED,mEAAmE;IACnE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;IAE5C,IAAI,QAAQ,GAAG,CAAC,GAAG,OAAO,CAAC,CAAC;IAE5B,oBAAoB;IACpB,IAAI,OAAO,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,IAAI,GAAG,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QAC9E,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,IAAI,MAAM,CAAC,CAAC;IAC3D,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IAC/C,CAAC;IAED,oCAAoC;IACpC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC;IAEhE,MAAM,OAAO,GAAiB,QAAQ,CAAC,GAAG,CAAC,CAAC,KAAK,EAAE,KAAK,EAAE,EAAE;QAC1D,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;YAChB,OAAO;gBACL,SAAS,EAAE,KAAK,CAAC,SAAS;gBAC1B,KAAK,EAAE,KAAK,CAAC,YAAY;gBACzB,KAAK,EAAE,IAAI;gBACX,SAAS,EAAE,EAAE;aACd,CAAC;QACJ,CAAC;QAED,MAAM,IAAI,GAAG,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QACjC,MAAM,KAAK,GAAG,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,YAAY,CAAC;QACrD,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,cAAc,EAAE,KAAK,CAAC,cAAc,CAAC,CAAC;QAE5E,OAAO;YACL,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,KAAK,CAAC,YAAY;YACzB,KAAK;YACL,SAAS;SACV,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,CAAC;AAC3C,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CACzB,YAAoB,EACpB,cAAsB,EACtB,OAA4B;IAE5B,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,OAAO,CAAC,MAAM,CAChC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,IAAI,OAAO,CAAC,KAAK,cAAc,CACtD,CAAC;IAEF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,oBAAoB,CAAC;IAC9B,CAAC;IAED,IAAI,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,IAAI,WAAW,CAAC,CAAC,CAAC,CAAC,SAAS,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;YAChD,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,YAAY,CAAC;IACtC,MAAM,IAAI,GAAG,YAAY,GAAG,SAAS,CAAC;IAEtC,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;QACb,OAAO,IAAI,IAAI,cAAc,CAAC;IAChC,CAAC;SAAM,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;QACpB,OAAO,GAAG,IAAI,aAAa,CAAC;IAC9B,CAAC;IACD,OAAO,WAAW,CAAC;AACrB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/core/audit/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/core/audit/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAmB7D;;;;GAIG;AACH,wBAAgB,uBAAuB,CAAC,UAAU,EAAE,aAAa,EAAE,GAAG,MAAM,EAAE,CAU7E;AAED;;;;;;;;GAQG;AACH,wBAAsB,QAAQ,CAC5B,EAAE,EAAE,MAAM,EACV,UAAU,EAAE,MAAM,EAClB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC,CAwGrC"}
|
package/dist/core/audit/index.js
CHANGED
|
@@ -13,7 +13,7 @@ import { calculateQuickWins } from "./quickwin.js";
|
|
|
13
13
|
import { extractVpsType, applyVpsAdjustments } from "./vps.js";
|
|
14
14
|
import { AUDIT_VERSION } from "../../constants.js";
|
|
15
15
|
import { getPluginRegistry } from "../../plugin/registry.js";
|
|
16
|
-
import { parsePluginBatchOutput } from "./pluginAudit.js";
|
|
16
|
+
import { getSkippedMutatingPluginWarnings, hasLoadedPluginChecks, isMutatingPluginAuditCurrentValue, parsePluginBatchOutput, } from "./pluginAudit.js";
|
|
17
17
|
/**
|
|
18
18
|
* Detect categories where all checks have "not installed" or "N/A" currentValue.
|
|
19
19
|
* Empty categories (0 checks) are not considered skipped.
|
|
@@ -42,7 +42,7 @@ export function detectSkippedCategories(categories) {
|
|
|
42
42
|
export async function runAudit(ip, serverName, platform) {
|
|
43
43
|
try {
|
|
44
44
|
const pluginRegistry = getPluginRegistry();
|
|
45
|
-
const batches = buildAuditBatchCommands(platform, pluginRegistry);
|
|
45
|
+
const batches = buildAuditBatchCommands({ platform, pluginRegistry });
|
|
46
46
|
const batchOutputs = [];
|
|
47
47
|
const batchErrors = [];
|
|
48
48
|
// Execute each batch with its tier-specific timeout
|
|
@@ -67,21 +67,30 @@ export async function runAudit(ip, serverName, platform) {
|
|
|
67
67
|
// VPS detection: extract type from batch outputs, adjust severity before scoring
|
|
68
68
|
const vpsType = extractVpsType(batchOutputs);
|
|
69
69
|
const { categories: adjustedCategories, adjustedCount } = applyVpsAdjustments(categories, vpsType);
|
|
70
|
-
const pluginCategories =
|
|
71
|
-
? parsePluginBatchOutput(batchOutputs[3] ?? "", pluginRegistry)
|
|
70
|
+
const pluginCategories = hasLoadedPluginChecks(pluginRegistry)
|
|
71
|
+
? parsePluginBatchOutput(batches.length === 4 ? batchOutputs[3] ?? "" : "", pluginRegistry)
|
|
72
72
|
: [];
|
|
73
73
|
for (const cat of pluginCategories) {
|
|
74
74
|
adjustedCategories.push(cat);
|
|
75
75
|
}
|
|
76
|
-
//
|
|
77
|
-
//
|
|
78
|
-
//
|
|
79
|
-
//
|
|
80
|
-
// only triggers when an actual SSH batch failure occurred.
|
|
76
|
+
// Read checks that are "Unable to determine" or empty indicate the batch
|
|
77
|
+
// never ran. Mutating-skip checks are excluded since they are skipped by
|
|
78
|
+
// design, not because of a batch failure — an all-mutating category must
|
|
79
|
+
// not be flagged as connectionError even when the plugin batch failed.
|
|
81
80
|
if (batchErrors.length > 0) {
|
|
82
81
|
for (const cat of adjustedCategories) {
|
|
83
|
-
|
|
84
|
-
|
|
82
|
+
let hasReadCheck = false;
|
|
83
|
+
let allReadUndetermined = true;
|
|
84
|
+
for (const c of cat.checks) {
|
|
85
|
+
if (isMutatingPluginAuditCurrentValue(c.currentValue))
|
|
86
|
+
continue;
|
|
87
|
+
hasReadCheck = true;
|
|
88
|
+
if (c.passed || (c.currentValue !== "Unable to determine" && c.currentValue !== "")) {
|
|
89
|
+
allReadUndetermined = false;
|
|
90
|
+
break;
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
if (hasReadCheck && allReadUndetermined) {
|
|
85
94
|
cat.connectionError = true;
|
|
86
95
|
}
|
|
87
96
|
}
|
|
@@ -98,7 +107,10 @@ export async function runAudit(ip, serverName, platform) {
|
|
|
98
107
|
const overallScore = calculateOverallScore(finalCategories);
|
|
99
108
|
const skippedCategories = detectSkippedCategories(finalCategories);
|
|
100
109
|
// Build warnings from batch errors
|
|
101
|
-
const warnings =
|
|
110
|
+
const warnings = [
|
|
111
|
+
...batchErrors.map((e) => `SSH ${e.tier} batch failed: ${e.error}`),
|
|
112
|
+
...getSkippedMutatingPluginWarnings(pluginRegistry),
|
|
113
|
+
];
|
|
102
114
|
const auditResult = {
|
|
103
115
|
serverName,
|
|
104
116
|
serverIp: ip,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/core/audit/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACxE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,GAAG,EAAE,MAAM,2BAA2B,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/core/audit/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EAAE,uBAAuB,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AACxE,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,cAAc,CAAC;AAC7E,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,mBAAmB,CAAC;AACxE,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,GAAG,EAAE,MAAM,2BAA2B,CAAC;AAChD,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,MAAM,UAAU,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,oBAAoB,CAAC;AACnD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EACL,gCAAgC,EAChC,qBAAqB,EACrB,iCAAiC,EACjC,sBAAsB,GACvB,MAAM,kBAAkB,CAAC;AAE1B;;;;GAIG;AACH,MAAM,UAAU,uBAAuB,CAAC,UAA2B;IACjE,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS,CAAE,qCAAqC;QAC7E,MAAM,UAAU,GAAG,GAAG,CAAC,MAAM,CAAC,KAAK,CACjC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,YAAY,KAAK,KAAK,CAC5E,CAAC;QACF,IAAI,UAAU;YAAE,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,EAAU,EACV,UAAkB,EAClB,QAAgB;IAEhB,IAAI,CAAC;QACH,MAAM,cAAc,GAAG,iBAAiB,EAAE,CAAC;QAC3C,MAAM,OAAO,GAAG,uBAAuB,CAAC,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC;QACtE,MAAM,YAAY,GAAa,EAAE,CAAC;QAClC,MAAM,WAAW,GAA2C,EAAE,CAAC;QAE/D,oDAAoD;QACpD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,EAAE,EAAE,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE;oBACnD,SAAS,EAAE,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC;oBACrC,QAAQ,EAAE,IAAI;iBACf,CAAC,CAAC;gBACH,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;YAAC,OAAO,QAAQ,EAAE,CAAC;gBAClB,mCAAmC;gBACnC,MAAM,GAAG,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;gBACtC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC;gBACnD,YAAY,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;QAED,4EAA4E;QAC5E,MAAM,aAAa,GAAG,cAAc,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;QACzE,MAAM,UAAU,GAAG,mBAAmB,CAAC,aAAa,EAAE,cAAc,CAAC,CAAC;QAEtE,iFAAiF;QACjF,MAAM,OAAO,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;QAC7C,MAAM,EAAE,UAAU,EAAE,kBAAkB,EAAE,aAAa,EAAE,GAAG,mBAAmB,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAEnG,MAAM,gBAAgB,GAAG,qBAAqB,CAAC,cAAc,CAAC;YAC5D,CAAC,CAAC,sBAAsB,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,cAAc,CAAC;YAC3F,CAAC,CAAC,EAAE,CAAC;QACP,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;YACnC,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC/B,CAAC;QAED,yEAAyE;QACzE,yEAAyE;QACzE,yEAAyE;QACzE,uEAAuE;QACvE,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,KAAK,MAAM,GAAG,IAAI,kBAAkB,EAAE,CAAC;gBACrC,IAAI,YAAY,GAAG,KAAK,CAAC;gBACzB,IAAI,mBAAmB,GAAG,IAAI,CAAC;gBAC/B,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,EAAE,CAAC;oBAC3B,IAAI,iCAAiC,CAAC,CAAC,CAAC,YAAY,CAAC;wBAAE,SAAS;oBAChE,YAAY,GAAG,IAAI,CAAC;oBACpB,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,YAAY,KAAK,qBAAqB,IAAI,CAAC,CAAC,YAAY,KAAK,EAAE,CAAC,EAAE,CAAC;wBACpF,mBAAmB,GAAG,KAAK,CAAC;wBAC5B,MAAM;oBACR,CAAC;gBACH,CAAC;gBACD,IAAI,YAAY,IAAI,mBAAmB,EAAE,CAAC;oBACvC,GAAqB,CAAC,eAAe,GAAG,IAAI,CAAC;gBAChD,CAAC;YACH,CAAC;QACH,CAAC;QAED,4EAA4E;QAC5E,MAAM,eAAe,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;YACrD,mDAAmD;YACnD,IAAI,GAAG,CAAC,eAAe,EAAE,CAAC;gBACxB,OAAO,EAAE,GAAG,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;YAC3C,CAAC;YACD,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,sBAAsB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC/D,OAAO,EAAE,GAAG,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,MAAM,YAAY,GAAG,qBAAqB,CAAC,eAAe,CAAC,CAAC;QAC5D,MAAM,iBAAiB,GAAG,uBAAuB,CAAC,eAAe,CAAC,CAAC;QAEnE,mCAAmC;QACnC,MAAM,QAAQ,GAAa;YACzB,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,IAAI,kBAAkB,CAAC,CAAC,KAAK,EAAE,CAAC;YACnE,GAAG,gCAAgC,CAAC,cAAc,CAAC;SACpD,CAAC;QAEF,MAAM,WAAW,GAAgB;YAC/B,UAAU;YACV,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,QAAmC;YAC7C,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,YAAY,EAAE,aAAa;YAC3B,UAAU,EAAE,eAAe;YAC3B,YAAY;YACZ,SAAS,EAAE,EAAE;YACb,GAAG,CAAC,iBAAiB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9D,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAChE,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7C,CAAC;QAEF,WAAW,CAAC,SAAS,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;QAExD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,WAAW,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC;QACrC,OAAO;YACL,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,iBAAiB,OAAO,EAAE;YACjC,IAAI,EAAE,yDAAyD;SAChE,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"listChecks.d.ts","sourceRoot":"","sources":["../../../src/core/audit/listChecks.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"listChecks.d.ts","sourceRoot":"","sources":["../../../src/core/audit/listChecks.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAI1D,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,QAAQ,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,aAAa,EAAE,CAAC;CACjC;AAED,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,QAAQ,CAAC;CACrB;AAED;;;GAGG;AACH;gFACgF;AAChF,eAAO,MAAM,uBAAuB,QAOxB,CAAC;AAEb,wBAAgB,aAAa,CAAC,MAAM,CAAC,EAAE,gBAAgB,GAAG,iBAAiB,EAAE,CAiD5E;AAqBD;;;GAGG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAyB5E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAExE"}
|
|
@@ -3,6 +3,7 @@
|
|
|
3
3
|
* No SSH connection required — enumerates checks from CHECK_REGISTRY using "bare" platform.
|
|
4
4
|
*/
|
|
5
5
|
import chalk from "chalk";
|
|
6
|
+
import { PLUGIN_STATUS_LOADED } from "../../plugin/registry.js";
|
|
6
7
|
import { CHECK_REGISTRY } from "./checks/index.js";
|
|
7
8
|
import { COMPLIANCE_MAP } from "./compliance/mapper.js";
|
|
8
9
|
import { getPluginRegistry } from "../../plugin/registry.js";
|
|
@@ -47,7 +48,7 @@ export function listAllChecks(filter) {
|
|
|
47
48
|
? filter.category.split(",").map((c) => c.trim().toLowerCase())
|
|
48
49
|
: undefined;
|
|
49
50
|
for (const [, entry] of getPluginRegistry()) {
|
|
50
|
-
if (entry.status ===
|
|
51
|
+
if (entry.status === PLUGIN_STATUS_LOADED) {
|
|
51
52
|
for (const check of entry.checks) {
|
|
52
53
|
const pluginEntry = {
|
|
53
54
|
id: check.id,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"listChecks.js","sourceRoot":"","sources":["../../../src/core/audit/listChecks.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAExD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAgB3D;;;GAGG;AACH;gFACgF;AAChF,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,kBAAkB;IAClB,iBAAiB;IACjB,4BAA4B;IAC5B,kBAAkB;IAClB,sBAAsB;CACvB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAEb,MAAM,UAAU,aAAa,CAAC,MAAyB;IACrD,MAAM,OAAO,GAAwB,cAAc,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACpE,yFAAyF;QACzF,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,KAAK,WAAW,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/E,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,KAAK,CAAC,IAAI;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE;YACxB,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE;SAC3C,CAAC,CAAC,CAAC;IACN,CAAC,CAAC,CAAC;IAEH,IAAI,MAAM,GAAG,OAAO,CAAC;IAErB,IAAI,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;QAC3E,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACzE,CAAC;IAED,IAAI,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,EAAE,QAAQ,KAAK,SAAS;QAC/C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC;IAEd,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC,IAAI,iBAAiB,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,CAAC,MAAM,KAAK,
|
|
1
|
+
{"version":3,"file":"listChecks.js","sourceRoot":"","sources":["../../../src/core/audit/listChecks.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AACnD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AAExD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAgB3D;;;GAGG;AACH;gFACgF;AAChF,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,kBAAkB;IAClB,iBAAiB;IACjB,4BAA4B;IAC5B,kBAAkB;IAClB,sBAAsB;CACvB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAEb,MAAM,UAAU,aAAa,CAAC,MAAyB;IACrD,MAAM,OAAO,GAAwB,cAAc,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;QACpE,yFAAyF;QACzF,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,KAAK,WAAW,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/E,MAAM,MAAM,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC3C,OAAO,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxB,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,KAAK,CAAC,IAAI;YACpB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE;YACxB,cAAc,EAAE,cAAc,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE;SAC3C,CAAC,CAAC,CAAC;IACN,CAAC,CAAC,CAAC;IAEH,IAAI,MAAM,GAAG,OAAO,CAAC;IAErB,IAAI,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;QAC3E,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACzE,CAAC;IAED,IAAI,MAAM,EAAE,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,EAAE,QAAQ,KAAK,SAAS;QAC/C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;QAC/D,CAAC,CAAC,SAAS,CAAC;IAEd,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC,IAAI,iBAAiB,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;YAC1C,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjC,MAAM,WAAW,GAAsB;oBACrC,EAAE,EAAE,KAAK,CAAC,EAAE;oBACZ,QAAQ,EAAE,KAAK,CAAC,QAAQ;oBACxB,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,QAAQ,EAAE,KAAK,CAAC,QAAoB;oBACpC,OAAO,EAAE,KAAK,CAAC,OAAO,IAAI,EAAE;oBAC5B,cAAc,EAAE,uBAAuB,CAAC,KAAK,CAAC,cAAc,CAAC;iBAC9D,CAAC;gBACF,IAAI,UAAU,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;oBAAE,SAAS;gBACrF,IAAI,MAAM,EAAE,QAAQ,IAAI,WAAW,CAAC,QAAQ,KAAK,MAAM,CAAC,QAAQ;oBAAE,SAAS;gBAC3E,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;YAC3B,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,0CAA0C;AAC1C,SAAS,aAAa,CAAC,QAAkB;IACvC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU;YACb,OAAO,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAC1B,KAAK,SAAS;YACZ,OAAO,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAC7B,KAAK,MAAM;YACT,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC7B,CAAC;AACH,CAAC;AAED,2EAA2E;AAC3E,SAAS,gBAAgB,CAAC,IAAqB;IAC7C,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IAC3E,OAAO,IAAI,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;AACjC,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,wBAAwB,CAAC,MAA2B;IAClE,MAAM,UAAU,GAAG,IAAI,GAAG,EAA+B,CAAC;IAC1D,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAClD,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACjB,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IACvC,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,MAAM,CAAC,QAAQ,EAAE,cAAc,CAAC,IAAI,UAAU,EAAE,CAAC;QACpD,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,cAAc,CAAC,MAAM,UAAU,CAAC,CAAC;QAC/E,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;YACnC,MAAM,EAAE,GAAG,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC/B,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC5C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,gBAAgB,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;YAC1D,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,KAAK,IAAI,OAAO,IAAI,UAAU,EAAE,CAAC,CAAC;QAC1D,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,IAAI,CAAC;IACtC,KAAK,CAAC,IAAI,CAAC,YAAY,MAAM,CAAC,MAAM,kBAAkB,aAAa,aAAa,CAAC,CAAC;IAElF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,MAA2B;IAC9D,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC"}
|
|
@@ -1,8 +1,18 @@
|
|
|
1
1
|
import type { PluginRegistryEntry } from "../../plugin/registry.js";
|
|
2
|
+
import type { PluginCheck } from "../../plugin/sdk/types.js";
|
|
2
3
|
import type { AuditCategory, ComplianceRef } from "./types.js";
|
|
3
4
|
export declare function mapPluginComplianceRefs(refs?: Array<{
|
|
4
5
|
framework: string;
|
|
5
6
|
ref: string;
|
|
6
7
|
}>): ComplianceRef[];
|
|
8
|
+
export declare function mutatingPluginAuditCurrentValue(kind: PluginCheck["checkCommand"]["kind"]): string;
|
|
9
|
+
export declare function isMutatingPluginAuditCurrentValue(value: string): boolean;
|
|
10
|
+
export declare function getSkippedMutatingPluginWarnings(registry: ReadonlyMap<string, PluginRegistryEntry>): string[];
|
|
11
|
+
/**
|
|
12
|
+
* Gates runAudit's plugin-batch parse: a mutating-only plugin produces no
|
|
13
|
+
* batch (buildPluginBatchSection returns null) but parsePluginBatchOutput
|
|
14
|
+
* must still surface its skipped checks for visibility.
|
|
15
|
+
*/
|
|
16
|
+
export declare function hasLoadedPluginChecks(registry: ReadonlyMap<string, PluginRegistryEntry>): boolean;
|
|
7
17
|
export declare function parsePluginBatchOutput(stdout: string, registry: ReadonlyMap<string, PluginRegistryEntry>): AuditCategory[];
|
|
8
18
|
//# sourceMappingURL=pluginAudit.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pluginAudit.d.ts","sourceRoot":"","sources":["../../../src/core/audit/pluginAudit.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"pluginAudit.d.ts","sourceRoot":"","sources":["../../../src/core/audit/pluginAudit.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,0BAA0B,CAAC;AACpE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,KAAK,EAAE,aAAa,EAAiC,aAAa,EAAE,MAAM,YAAY,CAAC;AAO9F,wBAAgB,uBAAuB,CAAC,IAAI,CAAC,EAAE,KAAK,CAAC;IAAE,SAAS,EAAE,MAAM,CAAC;IAAC,GAAG,EAAE,MAAM,CAAA;CAAE,CAAC,GAAG,aAAa,EAAE,CASzG;AAED,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,WAAW,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,GAAG,MAAM,CAEjG;AAED,wBAAgB,iCAAiC,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAExE;AAED,wBAAgB,gCAAgC,CAC9C,QAAQ,EAAE,WAAW,CAAC,MAAM,EAAE,mBAAmB,CAAC,GACjD,MAAM,EAAE,CAWV;AAED;;;;GAIG;AACH,wBAAgB,qBAAqB,CACnC,QAAQ,EAAE,WAAW,CAAC,MAAM,EAAE,mBAAmB,CAAC,GACjD,OAAO,CAKT;AA+ED,wBAAgB,sBAAsB,CACpC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,WAAW,CAAC,MAAM,EAAE,mBAAmB,CAAC,GACjD,aAAa,EAAE,CA2DjB"}
|
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
import { debugLog } from "../../utils/logger.js";
|
|
2
|
+
import { PLUGIN_STATUS_LOADED } from "../../plugin/registry.js";
|
|
2
3
|
import { getShortName } from "../../plugin/registry.js";
|
|
4
|
+
// Sentinel for mutating plugin checks that audit never runs. Consumer uses the
|
|
5
|
+
// regex below to detect this value; drift between the two helpers silently
|
|
6
|
+
// breaks runAudit's connectionError heuristic.
|
|
7
|
+
const MUTATING_SKIP_PATTERN = /^Not run by kastell audit \(mutating kind: .+\)$/;
|
|
3
8
|
export function mapPluginComplianceRefs(refs) {
|
|
4
9
|
if (!refs || refs.length === 0)
|
|
5
10
|
return [];
|
|
@@ -11,6 +16,37 @@ export function mapPluginComplianceRefs(refs) {
|
|
|
11
16
|
coverage: "partial",
|
|
12
17
|
}));
|
|
13
18
|
}
|
|
19
|
+
export function mutatingPluginAuditCurrentValue(kind) {
|
|
20
|
+
return `Not run by kastell audit (mutating kind: ${kind})`;
|
|
21
|
+
}
|
|
22
|
+
export function isMutatingPluginAuditCurrentValue(value) {
|
|
23
|
+
return MUTATING_SKIP_PATTERN.test(value);
|
|
24
|
+
}
|
|
25
|
+
export function getSkippedMutatingPluginWarnings(registry) {
|
|
26
|
+
const warnings = [];
|
|
27
|
+
for (const [pluginName, entry] of registry) {
|
|
28
|
+
if (entry.status !== PLUGIN_STATUS_LOADED)
|
|
29
|
+
continue;
|
|
30
|
+
for (const check of entry.checks) {
|
|
31
|
+
if (check.checkCommand.kind !== "read") {
|
|
32
|
+
warnings.push(`Plugin ${pluginName} check ${check.id} is ${check.checkCommand.kind} and is not run by kastell audit`);
|
|
33
|
+
}
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
return warnings;
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Gates runAudit's plugin-batch parse: a mutating-only plugin produces no
|
|
40
|
+
* batch (buildPluginBatchSection returns null) but parsePluginBatchOutput
|
|
41
|
+
* must still surface its skipped checks for visibility.
|
|
42
|
+
*/
|
|
43
|
+
export function hasLoadedPluginChecks(registry) {
|
|
44
|
+
for (const entry of registry.values()) {
|
|
45
|
+
if (entry.status === PLUGIN_STATUS_LOADED && entry.checks.length > 0)
|
|
46
|
+
return true;
|
|
47
|
+
}
|
|
48
|
+
return false;
|
|
49
|
+
}
|
|
14
50
|
function evaluateCheck(output, check) {
|
|
15
51
|
if (check.failPattern && new RegExp(check.failPattern).test(output))
|
|
16
52
|
return false;
|
|
@@ -58,12 +94,8 @@ function splitSections(stdout) {
|
|
|
58
94
|
for (const line of lines) {
|
|
59
95
|
if (line.startsWith(SECTION_PREFIX) && line.endsWith("---")) {
|
|
60
96
|
const header = line.slice(SECTION_PREFIX.length, line.length - 3);
|
|
97
|
+
// SECTION_PREFIX contains ':' so header always has at least one colon.
|
|
61
98
|
const colonIdx = header.lastIndexOf(":");
|
|
62
|
-
if (colonIdx === -1) {
|
|
63
|
-
flush();
|
|
64
|
-
current = null;
|
|
65
|
-
continue;
|
|
66
|
-
}
|
|
67
99
|
flush();
|
|
68
100
|
current = {
|
|
69
101
|
pluginName: header.slice(0, colonIdx),
|
|
@@ -80,10 +112,10 @@ function splitSections(stdout) {
|
|
|
80
112
|
}
|
|
81
113
|
export function parsePluginBatchOutput(stdout, registry) {
|
|
82
114
|
const sections = stdout ? splitSections(stdout) : [];
|
|
83
|
-
const
|
|
115
|
+
const sectionsByPluginCheck = new Map();
|
|
84
116
|
for (const section of sections) {
|
|
85
117
|
const entry = registry.get(section.pluginName);
|
|
86
|
-
if (!entry || entry.status !==
|
|
118
|
+
if (!entry || entry.status !== PLUGIN_STATUS_LOADED) {
|
|
87
119
|
debugLog?.(`Plugin batch: unknown plugin "${section.pluginName}", section ignored`);
|
|
88
120
|
continue;
|
|
89
121
|
}
|
|
@@ -92,30 +124,34 @@ export function parsePluginBatchOutput(stdout, registry) {
|
|
|
92
124
|
debugLog?.(`Plugin batch: unknown check id "${section.checkId}" for plugin "${section.pluginName}"`);
|
|
93
125
|
continue;
|
|
94
126
|
}
|
|
95
|
-
|
|
96
|
-
const auditCheck = buildAuditCheck(checkDef, { passed, currentValue: section.body }, entry);
|
|
97
|
-
let pluginChecks = byPlugin.get(section.pluginName);
|
|
98
|
-
if (!pluginChecks) {
|
|
99
|
-
pluginChecks = [];
|
|
100
|
-
byPlugin.set(section.pluginName, pluginChecks);
|
|
101
|
-
}
|
|
102
|
-
pluginChecks.push(auditCheck);
|
|
127
|
+
sectionsByPluginCheck.set(`${section.pluginName}:${section.checkId}`, section);
|
|
103
128
|
}
|
|
104
|
-
|
|
105
|
-
// allUndetermined heuristic can flag plugin categories on batch failure.
|
|
129
|
+
const byPlugin = new Map();
|
|
106
130
|
for (const [pluginName, entry] of registry) {
|
|
107
|
-
if (entry.status !==
|
|
131
|
+
if (entry.status !== PLUGIN_STATUS_LOADED)
|
|
108
132
|
continue;
|
|
109
133
|
if (entry.checks.length === 0)
|
|
110
134
|
continue;
|
|
111
|
-
const
|
|
112
|
-
const haveIds = new Set(existing.map((c) => c.id));
|
|
135
|
+
const checks = [];
|
|
113
136
|
for (const checkDef of entry.checks) {
|
|
114
|
-
|
|
115
|
-
|
|
137
|
+
const section = sectionsByPluginCheck.get(`${pluginName}:${checkDef.id}`);
|
|
138
|
+
if (section) {
|
|
139
|
+
const passed = evaluateCheck(section.body, checkDef);
|
|
140
|
+
checks.push(buildAuditCheck(checkDef, { passed, currentValue: section.body }, entry));
|
|
141
|
+
}
|
|
142
|
+
else if (checkDef.checkCommand.kind !== "read") {
|
|
143
|
+
checks.push(buildAuditCheck(checkDef, {
|
|
144
|
+
passed: false,
|
|
145
|
+
currentValue: mutatingPluginAuditCurrentValue(checkDef.checkCommand.kind),
|
|
146
|
+
}));
|
|
147
|
+
}
|
|
148
|
+
else {
|
|
149
|
+
// Missing read section — runAudit's allUndetermined heuristic flags
|
|
150
|
+
// this plugin category as a batch failure.
|
|
151
|
+
checks.push(buildAuditCheck(checkDef, { passed: false, currentValue: "Unable to determine" }));
|
|
116
152
|
}
|
|
117
153
|
}
|
|
118
|
-
byPlugin.set(pluginName,
|
|
154
|
+
byPlugin.set(pluginName, checks);
|
|
119
155
|
}
|
|
120
156
|
const categories = [];
|
|
121
157
|
for (const [pluginName, checks] of byPlugin) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pluginAudit.js","sourceRoot":"","sources":["../../../src/core/audit/pluginAudit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAKxD,MAAM,UAAU,uBAAuB,CAAC,IAAgD;IACtF,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC1C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtB,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,SAAS,EAAE,CAAC,CAAC,GAAG;QAChB,OAAO,EAAE,KAAK;QACd,WAAW,EAAE,CAAC,CAAC,GAAG;QAClB,QAAQ,EAAE,SAAkB;KAC7B,CAAC,CAAC,CAAC;AACN,CAAC;AAED,SAAS,aAAa,CAAC,MAAc,EAAE,KAAkB;IACvD,IAAI,KAAK,CAAC,WAAW,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,KAAK,CAAC;IAClF,IAAI,KAAK,CAAC,WAAW;QAAE,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,eAAe,CACtB,QAAqB,EACrB,KAAgD,EAChD,KAA2B;IAE3B,MAAM,KAAK,GAAe;QACxB,EAAE,EAAE,QAAQ,CAAC,EAAE;QACf,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ,EAAE,QAAQ,CAAC,QAAoB;QACvC,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,aAAa,EAAE,QAAQ,CAAC,WAAW,IAAI,MAAM;QAC7C,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,aAAa,EAAE,QAAQ,CAAC,aAAoC;QAC5D,OAAO,EAAE,QAAQ,CAAC,OAAgC;QAClD,cAAc,EAAE,uBAAuB,CAAC,QAAQ,CAAC,cAAc,CAAC;KACjE,CAAC;IAEF,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACrD,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,CAAC,aAAa,GAAG,MAAM,CAAC,IAAe,CAAC;YAC7C,KAAK,CAAC,UAAU,GAAG,UAAU,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACvE,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,cAAc,GAAG,oBAAoB,CAAC;AAQ5C,SAAS,aAAa,CAAC,MAAc;IACnC,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjC,IAAI,OAAO,GAAwE,IAAI,CAAC;IAExF,MAAM,KAAK,GAAG,GAAS,EAAE;QACvB,IAAI,OAAO,EAAE,CAAC;YACZ,QAAQ,CAAC,IAAI,CAAC;gBACZ,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,IAAI,EAAE,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAClE,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACzC,
|
|
1
|
+
{"version":3,"file":"pluginAudit.js","sourceRoot":"","sources":["../../../src/core/audit/pluginAudit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AACjD,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAKxD,+EAA+E;AAC/E,2EAA2E;AAC3E,+CAA+C;AAC/C,MAAM,qBAAqB,GAAG,kDAAkD,CAAC;AAEjF,MAAM,UAAU,uBAAuB,CAAC,IAAgD;IACtF,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAC1C,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACtB,SAAS,EAAE,CAAC,CAAC,SAAS;QACtB,SAAS,EAAE,CAAC,CAAC,GAAG;QAChB,OAAO,EAAE,KAAK;QACd,WAAW,EAAE,CAAC,CAAC,GAAG;QAClB,QAAQ,EAAE,SAAkB;KAC7B,CAAC,CAAC,CAAC;AACN,CAAC;AAED,MAAM,UAAU,+BAA+B,CAAC,IAAyC;IACvF,OAAO,4CAA4C,IAAI,GAAG,CAAC;AAC7D,CAAC;AAED,MAAM,UAAU,iCAAiC,CAAC,KAAa;IAC7D,OAAO,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3C,CAAC;AAED,MAAM,UAAU,gCAAgC,CAC9C,QAAkD;IAElD,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,QAAQ,EAAE,CAAC;QAC3C,IAAI,KAAK,CAAC,MAAM,KAAK,oBAAoB;YAAE,SAAS;QACpD,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACjC,IAAI,KAAK,CAAC,YAAY,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBACvC,QAAQ,CAAC,IAAI,CAAC,UAAU,UAAU,UAAU,KAAK,CAAC,EAAE,OAAO,KAAK,CAAC,YAAY,CAAC,IAAI,kCAAkC,CAAC,CAAC;YACxH,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,qBAAqB,CACnC,QAAkD;IAElD,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QACtC,IAAI,KAAK,CAAC,MAAM,KAAK,oBAAoB,IAAI,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,IAAI,CAAC;IACpF,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,aAAa,CAAC,MAAc,EAAE,KAAkB;IACvD,IAAI,KAAK,CAAC,WAAW,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,KAAK,CAAC;IAClF,IAAI,KAAK,CAAC,WAAW;QAAE,OAAO,IAAI,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACzE,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,eAAe,CACtB,QAAqB,EACrB,KAAgD,EAChD,KAA2B;IAE3B,MAAM,KAAK,GAAe;QACxB,EAAE,EAAE,QAAQ,CAAC,EAAE;QACf,QAAQ,EAAE,QAAQ,CAAC,QAAQ;QAC3B,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ,EAAE,QAAQ,CAAC,QAAoB;QACvC,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,YAAY,EAAE,KAAK,CAAC,YAAY;QAChC,aAAa,EAAE,QAAQ,CAAC,WAAW,IAAI,MAAM;QAC7C,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,aAAa,EAAE,QAAQ,CAAC,aAAoC;QAC5D,OAAO,EAAE,QAAQ,CAAC,OAAgC;QAClD,cAAc,EAAE,uBAAuB,CAAC,QAAQ,CAAC,cAAc,CAAC;KACjE,CAAC;IAEF,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,KAAK,EAAE,CAAC;QAC3B,MAAM,MAAM,GAAG,KAAK,CAAC,cAAc,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACrD,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,CAAC,aAAa,GAAG,MAAM,CAAC,IAAe,CAAC;YAC7C,KAAK,CAAC,UAAU,GAAG,UAAU,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACvE,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,cAAc,GAAG,oBAAoB,CAAC;AAQ5C,SAAS,aAAa,CAAC,MAAc;IACnC,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACjC,IAAI,OAAO,GAAwE,IAAI,CAAC;IAExF,MAAM,KAAK,GAAG,GAAS,EAAE;QACvB,IAAI,OAAO,EAAE,CAAC;YACZ,QAAQ,CAAC,IAAI,CAAC;gBACZ,UAAU,EAAE,OAAO,CAAC,UAAU;gBAC9B,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,IAAI,EAAE,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE;aAC1C,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAClE,uEAAuE;YACvE,MAAM,QAAQ,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;YACzC,KAAK,EAAE,CAAC;YACR,OAAO,GAAG;gBACR,UAAU,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC;gBACrC,OAAO,EAAE,MAAM,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACnC,SAAS,EAAE,EAAE;aACd,CAAC;QACJ,CAAC;aAAM,IAAI,OAAO,EAAE,CAAC;YACnB,OAAO,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IACD,KAAK,EAAE,CAAC;IACR,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,MAAc,EACd,QAAkD;IAElD,MAAM,QAAQ,GAAG,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAErD,MAAM,qBAAqB,GAAG,IAAI,GAAG,EAAyB,CAAC;IAC/D,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;QAC/C,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,KAAK,oBAAoB,EAAE,CAAC;YACpD,QAAQ,EAAE,CAAC,iCAAiC,OAAO,CAAC,UAAU,oBAAoB,CAAC,CAAC;YACpF,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACvD,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,QAAQ,EAAE,CAAC,mCAAmC,OAAO,CAAC,OAAO,iBAAiB,OAAO,CAAC,UAAU,GAAG,CAAC,CAAC;YACrG,SAAS;QACX,CAAC;QACD,qBAAqB,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,UAAU,IAAI,OAAO,CAAC,OAAO,EAAE,EAAE,OAAO,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAwB,CAAC;IACjD,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,QAAQ,EAAE,CAAC;QAC3C,IAAI,KAAK,CAAC,MAAM,KAAK,oBAAoB;YAAE,SAAS;QACpD,IAAI,KAAK,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAExC,MAAM,MAAM,GAAiB,EAAE,CAAC;QAChC,KAAK,MAAM,QAAQ,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,GAAG,UAAU,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1E,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,MAAM,GAAG,aAAa,CAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;gBACrD,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,KAAK,CAAC,CAAC,CAAC;YACxF,CAAC;iBAAM,IAAI,QAAQ,CAAC,YAAY,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBACjD,MAAM,CAAC,IAAI,CACT,eAAe,CAAC,QAAQ,EAAE;oBACxB,MAAM,EAAE,KAAK;oBACb,YAAY,EAAE,+BAA+B,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,CAAC;iBAC1E,CAAC,CACH,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,oEAAoE;gBACpE,2CAA2C;gBAC3C,MAAM,CAAC,IAAI,CACT,eAAe,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,qBAAqB,EAAE,CAAC,CAClF,CAAC;YACJ,CAAC;QACH,CAAC;QACD,QAAQ,CAAC,GAAG,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,MAAM,UAAU,GAAoB,EAAE,CAAC;IACvC,KAAK,MAAM,CAAC,UAAU,EAAE,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QAC5C,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAClC,MAAM,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAE,CAAC;QACxC,UAAU,CAAC,IAAI,CAAC;YACd,IAAI,EAAE,WAAW,YAAY,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE;YACpD,MAAM;YACN,KAAK,EAAE,CAAC;YACR,QAAQ,EAAE,CAAC;SACZ,CAAC,CAAC;IACL,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC"}
|
|
@@ -1,5 +1,15 @@
|
|
|
1
1
|
import type { FixExecutionLogEntry } from "./types.js";
|
|
2
|
+
export declare function tryParsePluginFixCommand(cmd: string | undefined): {
|
|
3
|
+
pluginName: string;
|
|
4
|
+
handlerPath: string;
|
|
5
|
+
} | null;
|
|
6
|
+
/**
|
|
7
|
+
* @deprecated Use tryParsePluginFixCommand instead. This function is kept for backwards compatibility.
|
|
8
|
+
*/
|
|
2
9
|
export declare function isPluginFixCommand(fixCommand: string | undefined): boolean;
|
|
10
|
+
/**
|
|
11
|
+
* @deprecated Use tryParsePluginFixCommand instead. This function is kept for backwards compatibility.
|
|
12
|
+
*/
|
|
3
13
|
export declare function parsePluginFixCommand(fixCommand: string): {
|
|
4
14
|
pluginName: string;
|
|
5
15
|
handlerPath: string;
|
|
@@ -10,7 +20,18 @@ export declare function getPluginFixMetadata(failedCheckIds: string[], appliedCh
|
|
|
10
20
|
};
|
|
11
21
|
export declare function getPluginBackupPaths(failedCheckIds: string[]): string[];
|
|
12
22
|
export declare function getAppliedPluginNames(appliedCheckIds: string[]): string[];
|
|
13
|
-
export declare function
|
|
23
|
+
export declare function buildFixHistorySource(names: string[]): {
|
|
24
|
+
source: "fix" | "plugin";
|
|
25
|
+
pluginName?: string;
|
|
26
|
+
};
|
|
27
|
+
export interface PluginFixOptions {
|
|
28
|
+
ip: string;
|
|
29
|
+
checkId: string;
|
|
30
|
+
pluginName: string;
|
|
31
|
+
handlerPath: string;
|
|
32
|
+
dryRun: boolean;
|
|
33
|
+
}
|
|
34
|
+
export declare function executePluginFix(opts: PluginFixOptions): Promise<{
|
|
14
35
|
success: boolean;
|
|
15
36
|
error?: string;
|
|
16
37
|
modifiedFiles?: string[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pluginFix.d.ts","sourceRoot":"","sources":["../../../src/core/audit/pluginFix.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"pluginFix.d.ts","sourceRoot":"","sources":["../../../src/core/audit/pluginFix.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,YAAY,CAAC;AAOvD,wBAAgB,wBAAwB,CAAC,GAAG,EAAE,MAAM,GAAG,SAAS,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAQpH;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,UAAU,EAAE,MAAM,GAAG,SAAS,GAAG,OAAO,CAE1E;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,UAAU,EAAE,MAAM,GAAG;IAAE,UAAU,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAE5G;AAED,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,MAAM,EAAE,EAAE,eAAe,EAAE,MAAM,EAAE,GAAG;IAAE,WAAW,EAAE,MAAM,EAAE,CAAC;IAAC,WAAW,EAAE,MAAM,EAAE,CAAA;CAAE,CAkB1I;AAED,wBAAgB,oBAAoB,CAAC,cAAc,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAEvE;AAED,wBAAgB,qBAAqB,CAAC,eAAe,EAAE,MAAM,EAAE,GAAG,MAAM,EAAE,CAEzE;AAED,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG;IAAE,MAAM,EAAE,KAAK,GAAG,QAAQ,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,CAAA;CAAE,CAGxG;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,wBAAsB,gBAAgB,CACpC,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC;IAAE,OAAO,EAAE,OAAO,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,YAAY,CAAC,EAAE,oBAAoB,CAAA;CAAE,CAAC,CA2E9G"}
|
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import { sshExec } from "../../utils/ssh.js";
|
|
2
|
+
import { PLUGIN_STATUS_LOADED } from "../../plugin/registry.js";
|
|
2
3
|
import { raw } from "../../utils/sshCommand.js";
|
|
3
4
|
import { debugLog } from "../../utils/logger.js";
|
|
4
5
|
import { isSafeMode } from "../../utils/safeMode.js";
|
|
@@ -7,13 +8,10 @@ import { getPluginRegistry } from "../../plugin/registry.js";
|
|
|
7
8
|
import { resolvePluginHandler } from "../../plugin/handlerResolver.js";
|
|
8
9
|
import { join } from "path";
|
|
9
10
|
const PLUGIN_FIX_PREFIX = "plugin:";
|
|
10
|
-
export function
|
|
11
|
-
|
|
12
|
-
}
|
|
13
|
-
export function parsePluginFixCommand(fixCommand) {
|
|
14
|
-
if (!fixCommand.startsWith(PLUGIN_FIX_PREFIX))
|
|
11
|
+
export function tryParsePluginFixCommand(cmd) {
|
|
12
|
+
if (typeof cmd !== "string" || !cmd.startsWith(PLUGIN_FIX_PREFIX))
|
|
15
13
|
return null;
|
|
16
|
-
const parts =
|
|
14
|
+
const parts = cmd.split(":");
|
|
17
15
|
if (parts.length < 3)
|
|
18
16
|
return null;
|
|
19
17
|
const pluginName = parts[1];
|
|
@@ -22,6 +20,18 @@ export function parsePluginFixCommand(fixCommand) {
|
|
|
22
20
|
return null;
|
|
23
21
|
return { pluginName, handlerPath };
|
|
24
22
|
}
|
|
23
|
+
/**
|
|
24
|
+
* @deprecated Use tryParsePluginFixCommand instead. This function is kept for backwards compatibility.
|
|
25
|
+
*/
|
|
26
|
+
export function isPluginFixCommand(fixCommand) {
|
|
27
|
+
return typeof fixCommand === "string" && fixCommand.startsWith(PLUGIN_FIX_PREFIX);
|
|
28
|
+
}
|
|
29
|
+
/**
|
|
30
|
+
* @deprecated Use tryParsePluginFixCommand instead. This function is kept for backwards compatibility.
|
|
31
|
+
*/
|
|
32
|
+
export function parsePluginFixCommand(fixCommand) {
|
|
33
|
+
return tryParsePluginFixCommand(fixCommand);
|
|
34
|
+
}
|
|
25
35
|
export function getPluginFixMetadata(failedCheckIds, appliedCheckIds) {
|
|
26
36
|
const registry = getPluginRegistry();
|
|
27
37
|
const failedSet = new Set(failedCheckIds);
|
|
@@ -29,7 +39,7 @@ export function getPluginFixMetadata(failedCheckIds, appliedCheckIds) {
|
|
|
29
39
|
const backupPaths = [];
|
|
30
40
|
const pluginNames = new Set();
|
|
31
41
|
for (const [, entry] of registry) {
|
|
32
|
-
if (entry.status !==
|
|
42
|
+
if (entry.status !== PLUGIN_STATUS_LOADED || !entry.manifest.fixes)
|
|
33
43
|
continue;
|
|
34
44
|
for (const fix of entry.manifest.fixes) {
|
|
35
45
|
if (failedSet.has(fix.checkId) && fix.backupPaths) {
|
|
@@ -48,7 +58,13 @@ export function getPluginBackupPaths(failedCheckIds) {
|
|
|
48
58
|
export function getAppliedPluginNames(appliedCheckIds) {
|
|
49
59
|
return getPluginFixMetadata([], appliedCheckIds).pluginNames;
|
|
50
60
|
}
|
|
51
|
-
export
|
|
61
|
+
export function buildFixHistorySource(names) {
|
|
62
|
+
if (names.length === 0)
|
|
63
|
+
return { source: "fix" };
|
|
64
|
+
return { source: "plugin", pluginName: names[0] };
|
|
65
|
+
}
|
|
66
|
+
export async function executePluginFix(opts) {
|
|
67
|
+
const { ip, checkId, pluginName, handlerPath, dryRun } = opts;
|
|
52
68
|
const startMs = Date.now();
|
|
53
69
|
if (isSafeMode()) {
|
|
54
70
|
return { success: false, error: "SAFE_MODE active — plugin fix blocked" };
|
|
@@ -58,7 +74,7 @@ export async function executePluginFix(ip, checkId, pluginName, handlerPath, dry
|
|
|
58
74
|
}
|
|
59
75
|
const registry = getPluginRegistry();
|
|
60
76
|
const entry = registry.get(pluginName);
|
|
61
|
-
if (!entry || entry.status !==
|
|
77
|
+
if (!entry || entry.status !== PLUGIN_STATUS_LOADED) {
|
|
62
78
|
return { success: false, error: `Plugin "${pluginName}" not found or failed to load` };
|
|
63
79
|
}
|
|
64
80
|
const pluginDir = join(PLUGINS_NODE_MODULES, pluginName);
|
|
@@ -80,7 +96,8 @@ export async function executePluginFix(ip, checkId, pluginName, handlerPath, dry
|
|
|
80
96
|
console.log(`[plugin-fix:${pluginName}] ${msg}`); },
|
|
81
97
|
warn: (msg) => { if (debugLog)
|
|
82
98
|
console.log(`[plugin-fix:${pluginName}] WARN: ${msg}`); },
|
|
83
|
-
error: (msg) =>
|
|
99
|
+
error: (msg) => { if (debugLog)
|
|
100
|
+
console.error(`[plugin-fix:${pluginName}] ERROR: ${msg}`); },
|
|
84
101
|
},
|
|
85
102
|
dryRun,
|
|
86
103
|
manifest: entry.manifest,
|