npm - korext - Versions diffs - 0.9.11 → 1.0.0 - Mend

korext 0.9.11 → 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,6 +1,8 @@
-# Korext CLI
+# KOREXT CLI
-Enforce compliance on AI-generated code from the command line and CI/CD pipelines. 478 rules across 44 policy packs with real detection logic. Every violation mapped to specific regulatory clauses. SARIF output for CI scanner integration.
+AI Code Governance for your terminal and CI/CD pipelines.
+Enforce compliance policies on human written and AI generated code. 72 policy packs. 532 detection rules. 13 languages. Cryptographically signed proof bundles.
 ## Install
@@ -11,115 +13,127 @@ npm install -g korext
 ## Quick Start
 ```bash
+# Sign in
 korext login
-korext enforce ./src --pack web-platform-v2
+# Initialize your project
+korext init
+# Enforce policies on your code
+korext enforce .
+# Enforce with specific packs
+korext enforce . --pack web,pci-dss-v1
+# Enforce with a specific region
+korext enforce . --region eu --pack web
+# Generate a signed proof bundle
+korext enforce . --pack web --sign
 ```
 ## Commands
 | Command | Description |
 |---------|-------------|
-| `korext login [token]` | Save API token |
-| `korext status` | Check connection and subscription |
-| `korext enforce [dir]` | Scan files for violations |
-| `korext policy init` | Initialize a policy document |
-| `korext policy extract` | AI rule extraction from documents |
-| `korext policy review` | Review extracted rules |
-| `korext rules sync` | Cache rules for offline use |
-### Enforce Options
-| Flag | Description |
-|------|-------------|
-| `--pack <id>` | Select a policy pack |
-| `--format text\|json\|sarif` | Output format |
-| `--offline` | Use cached rules only |
-| `--sync-rules` | Download rule cache before scan |
+| `korext login` | Sign in to your KOREXT account |
+| `korext init` | Initialize a project with korext.json |
+| `korext enforce <path>` | Run policy enforcement on files |
+| `korext packs list` | List all available policy packs |
+| `korext industries` | List industries and their packs |
+| `korext bundle list` | List your recent proof bundles |
+| `korext bundle export <id>` | Download a proof bundle as PDF |
+| `korext bundle verify <id>` | Verify a proof bundle signature |
+| `korext status` | Show current configuration and region |
+## Enforce Options
+| Flag | Description | Default |
+|------|-------------|---------|
+| `--pack <ids>` | Comma separated pack IDs | web |
+| `--region <name>` | Data region (us, eu, apac) | us |
+| `--format <type>` | Output format (text, json, sarif) | text |
+| `--sign` | Request signed proof bundle | false |
+| `--industry <name>` | Select packs by industry | (none) |
+| `--offline` | Run with local engine only | false |
+## Output Formats
+**Text** (default): Human readable violation list with governance context.
+**JSON**: Machine readable output with full violation details, confidence scores, and proof bundle metadata.
+**SARIF**: Static Analysis Results Interchange Format for CI/CD integration. Compatible with GitHub Code Scanning, Azure DevOps, and other SARIF consumers.
 ## CI/CD Integration
 ### GitHub Actions
 ```yaml
-- name: Korext Compliance Check
-  run: |
-    npm install -g korext
-    korext enforce ./src \
-      --pack cmmc-level2-v1 \
-      --format sarif
+- uses: korext/enforce-action@v3
+  with:
+    pack: web,pci-dss-v1
+    region: eu
   env:
     KOREXT_API_TOKEN: ${{ secrets.KOREXT_API_TOKEN }}
 ```
-### Exit Codes
-| Code | Meaning |
-|------|---------|
-| `0` | Clean (no critical or high violations) |
-| `1` | Violations found |
-| `2` | Error |
-Writes GitHub Actions Step Summary via `GITHUB_STEP_SUMMARY` when detected.
-## SARIF Output
+### Pre-commit Hook
 ```bash
-korext enforce ./src --format sarif > results.sarif
+# .husky/pre-commit
+korext enforce . --pack web
 ```
-Generates OASIS SARIF 2.1.0 for CI scanner integration (GitHub Code Scanning, Azure DevOps, etc.).
-## Offline Mode
+### Generic CI
 ```bash
-korext rules sync
-korext enforce ./src --offline
+npm install -g korext
+korext login --token $KOREXT_API_TOKEN
+korext enforce . --pack web --format sarif --sign
 ```
-Cached rules enforce locally with zero network calls. Status output shows "Offline (local rules only)".
+## Exit Codes
+| Code | Meaning |
+|------|---------|
+| 0 | PASS (no violations) |
+| 1 | BLOCK (violations found) |
+| 2 | ERROR (invalid input, network, auth) |
-## Supported Compliance Frameworks
+CI pipelines should fail on exit code 1 to block non-compliant code from merging.
-OWASP Top 10 | PCI-DSS | HIPAA | GDPR | SOC 2 | NIST SP 800-53 | NIST SP 800-171 | CMMC Level 2/3 | FedRAMP | ISO 27001 | DORA | NIS2 | CIS Benchmarks | UK DPA | Australian Privacy Act | APPI (Japan) | PDPA (Singapore, Taiwan) | and 25+ more
+## Configuration
-## Key Features
+### korext.json
-- 478 rules across 44 policy packs
-- Three-layer governance: regulatory, technical standards (CWE, OWASP), security intelligence (MITRE ATT&CK)
-- 9 jurisdiction coverage (US, EU, UK, Canada, Australia, New Zealand, Japan, Taiwan, Singapore)
-- SARIF 2.1.0 output for CI scanner integration
-- GitHub Actions Step Summary generation
-- Offline mode with cached rules
-- Custom policy packs from uploaded documents
+```json
+{
+  "project": "my-app",
+  "targetPacks": ["web", "pci-dss-v1"],
+  "region": "eu",
+  "industry": "finance"
+}
+```
-## Environment Variables
+### Environment Variables
 | Variable | Description |
 |----------|-------------|
-| `KOREXT_API_TOKEN` | API authentication token (recommended) |
-| `KOREXT_TOKEN` | Deprecated alias (shows warning) |
-## Changelog
+| `KOREXT_API_TOKEN` | API token for CI/CD (from dashboard) |
-### v0.9.5
+## Data Sovereignty
-Fixed
-- Watch mode now detects file changes correctly and scans on startup
-- Enforcing a nonexistent directory now prints an error and exits with code 2 instead of silently passing
-- Offline enforcement prints how many rules are available versus how many require server analysis
-- Policy commands now default to the production API instead of localhost
+Choose your data processing region: US, EU, or Asia Pacific. Set via `--region` flag, `korext.json`, or `korext init`. All enforcement data stays in your chosen region.
 ## Links
-- Website: [korext.com](https://www.korext.com)
-- Dashboard: [app.korext.com](https://app.korext.com)
-- VS Code Extension: [marketplace.visualstudio.com](https://marketplace.visualstudio.com/items?itemName=Korext.korext)
-- LinkedIn: [linkedin.com/company/korext](https://www.linkedin.com/company/korext)
-- GitHub: [github.com/Korext](https://github.com/Korext)
-- Support: support@korext.com
+- [Website](https://korext.com)
+- [Dashboard](https://app.korext.com)
+- [Documentation](https://korext.com/docs)
+- [GitHub Action](https://github.com/marketplace/actions/korext-enforce)
+- [VS Code Extension](https://marketplace.visualstudio.com/items?itemName=Korext.korext)
----
+## License
-**Publisher**: Korext
-**License**: Proprietary
-**Version**: 0.9.5
+Proprietary. See [Terms of Service](https://korext.com/legal).

package/bin/korext.js CHANGED Viewed

@@ -296,13 +296,22 @@ async function fetchAndCacheRules() {
  * Mirrors korext-core/src/engine/localEngine.ts analyzeLocally().
  */
 function analyzeLocally(code, packId, definitions) {
-  const pack = definitions.packs[packId];
-  if (!pack) return [];
+  // Normalize packId to array to support multi-pack (e.g. ["web", "pci-dss-v1"])
+  const packIdList = Array.isArray(packId) ? packId : [packId];
+  // Merge rules from all requested packs via Set
+  const mergedRuleIds = new Set();
+  for (const pid of packIdList) {
+    const pack = definitions.packs[pid];
+    if (pack && pack.rules) {
+      for (const rid of pack.rules) mergedRuleIds.add(rid);
+    }
+  }
+  if (mergedRuleIds.size === 0) return [];
   const violations = [];
   const lines = code.split('\n');
-  for (const ruleId of pack.rules) {
+  for (const ruleId of mergedRuleIds) {
     const rule = definitions.rules[ruleId];
     if (!rule) continue;
     if (rule.checkMode === 'server-only') continue;
@@ -576,6 +585,7 @@ program
   .command('init')
   .description('Initialize a korext.json configuration file for your project')
   .option('--non-interactive', 'Skip prompts and use defaults', false)
+  .option('--region <region>', 'Data processing region (us, eu, apac)')
   .action(async (options) => {
     console.log(chalk.bold.hex('#F27D26')('\n\u25b2 KOREXT PROJECT INIT'));
     console.log(chalk.dim('=======================================\n'));
@@ -604,13 +614,15 @@ program
     const taxonomy = buildTaxonomyFromPacks(defs.packs);
     if (options.nonInteractive) {
-      // Non-interactive: default to web pack
+      // Non-interactive: default to web pack, optionally with region
       const config = {
         targetPacks: ['web'],
+        ...(options.region && { region: options.region }),
         exclude: ['node_modules', 'dist', 'build', '.next']
       };
       fs.writeFileSync(outputPath, JSON.stringify(config, null, 2));
-      console.log(chalk.green(`Created ${outputPath} with default pack: web\n`));
+      const regionNote = options.region ? ` (region: ${options.region})` : '';
+      console.log(chalk.green(`Created ${outputPath} with default pack: web${regionNote}\n`));
       process.exit(0);
     }
@@ -1030,7 +1042,14 @@ program
         console.log(chalk.yellow('\n⚡ Offline mode: using local rule engine (regex-based analysis)'));
         console.log(chalk.dim(`   Cached rules: v${localDefinitions.version} · ${localDefinitions.ruleCount} rules · ${localDefinitions.packCount} packs`));
         // Show rule coverage breakdown
-        const packRules = localDefinitions.packs?.[pack]?.rules || [];
+        // Merge rules from all packs for coverage display
+        const coveragePackList = Array.isArray(pack) ? pack : [pack];
+        const allPackRuleIds = new Set();
+        for (const pid of coveragePackList) {
+          const pr = localDefinitions.packs?.[pid]?.rules || [];
+          for (const rid of pr) allPackRuleIds.add(rid);
+        }
+        const packRules = [...allPackRuleIds];
         const availableCount = packRules.filter(r => localDefinitions.rules?.[r]).length;
         const serverOnlyCount = packRules.length - availableCount;
         console.log(chalk.dim(`   Offline mode: ${availableCount} of ${packRules.length} rules available. ${serverOnlyCount} rules require server analysis.`));

package/package.json CHANGED Viewed

@@ -1,15 +1,15 @@
 {
   "name": "korext",
-  "version": "0.9.11",
+  "version": "1.0.0",
   "mcpName": "io.github.Korext/governance",
-  "description": "Korext Command Line Interface",
+  "description": "KOREXT CLI. AI Code Governance. Enforce compliance policies on human written and AI generated code. 72 policy packs. 532 rules. 13 languages. Signed proof bundles.",
   "type": "module",
   "main": "bin/korext.js",
   "bin": {
     "korext": "bin/korext.js"
   },
-  "author": "Korext <support@korext.com>",
-  "license": "ISC",
+  "author": "Korext <tombruno@korext.com> (https://korext.com)",
+  "license": "SEE LICENSE IN LICENSE",
   "dependencies": {
     "chalk": "^4.1.2",
     "commander": "^14.0.3",
@@ -19,24 +19,35 @@
     "ora": "^5.4.1"
   },
   "files": [
-    "bin/"
+    "bin/",
+    "README.md",
+    "LICENSE"
   ],
-  "homepage": "https://www.korext.com",
+  "homepage": "https://korext.com",
+  "repository": {
+    "type": "git",
+    "url": "https://korext.com"
+  },
   "bugs": {
+    "url": "https://korext.com/support",
     "email": "support@korext.com"
   },
+  "engines": {
+    "node": ">=18.0.0"
+  },
   "keywords": [
     "governance",
     "compliance",
     "security",
-    "cli",
-    "cicd",
-    "sarif",
+    "SAST",
+    "linter",
+    "code-quality",
     "AI",
-    "code review",
+    "policy",
     "PCI-DSS",
     "HIPAA",
-    "OWASP",
-    "korext"
+    "GDPR",
+    "proof-bundle",
+    "sovereignty"
   ]
 }