korext 0.9.2 → 0.9.4

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/bin/korext.js +38 -19
  2. package/package.json +1 -1
package/bin/korext.js CHANGED
@@ -172,8 +172,11 @@ program
172
172
  .action((tokenArg) => {
173
173
  let token = tokenArg;
174
174
  if (!token) {
175
- console.log(`\nPlease generate an API token at ${chalk.cyan('https://app.korext.com/settings/tokens')}`);
176
- console.log(`Then run: ${chalk.green('korext login <your-token>')}\n`);
175
+ console.log(`\nTo authenticate, sign in at ${chalk.cyan('https://app.korext.com')} and use your session token.`);
176
+ console.log(`Long-lived API tokens for CI/CD are coming soon.`);
177
+ console.log(`\nFor CI/CD, Korext works in anonymous mode (20 requests per hour).`);
178
+ console.log(`Set ${chalk.green('KOREXT_API_TOKEN')} for higher limits.`);
179
+ console.log(`\nThen run: ${chalk.green('korext login <your-token>')}\n`);
177
180
  process.exit(1);
178
181
  }
179
182
  const config = getConfig();
@@ -234,7 +237,7 @@ program
234
237
  console.log(chalk.dim('======================================='));
235
238
  if (data.packs && data.packs.length > 0) {
236
239
  data.packs.forEach((p) => {
237
- console.log(`${chalk.bold(p.id)} - ${p.name || p.id} ${p.isEnterprise ? chalk.bgRed.white(' ENTERPRISE ') : ''}`);
240
+ console.log(`${chalk.bold(p.packId)} - ${p.packName || p.packId} ${p.isEnterprise ? chalk.bgRed.white(' ENTERPRISE ') : ''}`);
238
241
  console.log(chalk.dim(` ${p.description || 'No description provided'}\n`));
239
242
  });
240
243
  } else {
@@ -331,9 +334,12 @@ program
331
334
 
332
335
  let usedLocalEngine = false;
333
336
 
337
+ const resolvedDir = path.resolve(dir);
338
+
334
339
  for (let i = 0; i < files.length; i++) {
335
340
  const file = files[i];
336
341
  const displayPath = path.relative(process.cwd(), file);
342
+ const sarifPath = path.relative(resolvedDir, file);
337
343
 
338
344
  let fileSpinner = null;
339
345
  if (isText) fileSpinner = ora(`Analyzing ${displayPath} (${i + 1}/${files.length})...`).start();
@@ -369,7 +375,8 @@ program
369
375
  language,
370
376
  fileName: file,
371
377
  packId: pack,
372
- requestSignature: false
378
+ requestSignature: false,
379
+ asyncExplanations: false
373
380
  })
374
381
  });
375
382
 
@@ -432,39 +439,51 @@ program
432
439
  }
433
440
  storedV.push(v);
434
441
  }
435
- report.results.push({ file: displayPath, violations: storedV });
442
+ report.results.push({ file: displayPath, sarifFile: sarifPath, violations: storedV });
436
443
  } else {
437
444
  if (fileSpinner) fileSpinner.stop();
438
- report.results.push({ file: displayPath, violations: [] });
445
+ report.results.push({ file: displayPath, sarifFile: sarifPath, violations: [] });
439
446
  }
440
447
  }
441
448
 
442
449
  if (format === 'json') {
443
450
  console.log(JSON.stringify(report, null, 2));
444
451
  } else if (format === 'sarif') {
445
- const sarif = {
446
- version: "2.1.0",
447
- $schema: "https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/schemas/sarif-schema-2.1.0.json",
448
- runs: [{
449
- tool: { driver: { name: "Korext", version } },
450
- results: []
451
- }]
452
- };
452
+ // Build SARIF results
453
+ const sarifResults = [];
453
454
  for (const res of report.results) {
454
455
  for (const v of res.violations) {
455
- sarif.runs[0].results.push({
456
- ruleId: v.ruleName,
456
+ const messageText = v.explanation
457
+ || (v.ruleName ? v.ruleName + ': ' + (v.message || 'violation detected') : (v.ruleId || 'unknown') + ' violation detected');
458
+ sarifResults.push({
459
+ ruleId: v.ruleName || v.ruleId || 'unknown',
457
460
  level: v.severity === 'critical' || v.severity === 'high' ? "error" : v.severity === 'medium' ? "warning" : "note",
458
- message: { text: v.explanation },
461
+ message: { text: messageText },
459
462
  locations: [{
460
463
  physicalLocation: {
461
- artifactLocation: { uri: res.file },
464
+ artifactLocation: { uri: res.sarifFile || res.file },
462
465
  region: { startLine: v.line, startColumn: v.column || 1 }
463
466
  }
464
467
  }]
465
468
  });
466
469
  }
467
470
  }
471
+
472
+ // Build driver.rules from unique ruleIds
473
+ const ruleIds = [...new Set(sarifResults.map(r => r.ruleId))];
474
+ const rules = ruleIds.map(id => ({
475
+ id,
476
+ shortDescription: { text: id.replace(/-/g, ' ') }
477
+ }));
478
+
479
+ const sarif = {
480
+ version: "2.1.0",
481
+ $schema: "https://docs.oasis-open.org/sarif/sarif/v2.1.0/errata01/os/schemas/sarif-schema-2.1.0.json",
482
+ runs: [{
483
+ tool: { driver: { name: "Korext", version, rules } },
484
+ results: sarifResults
485
+ }]
486
+ };
468
487
  console.log(JSON.stringify(sarif, null, 2));
469
488
  } else {
470
489
  console.log('\n' + chalk.dim('======================================='));
@@ -1249,7 +1268,7 @@ program
1249
1268
  'Content-Type': 'application/json',
1250
1269
  ...(token && { 'Authorization': `Bearer ${token}` })
1251
1270
  },
1252
- body: JSON.stringify({ fileContent, language, fileName: filePath, packId: pack, requestSignature: false })
1271
+ body: JSON.stringify({ fileContent, language, fileName: filePath, packId: pack, requestSignature: false, asyncExplanations: false })
1253
1272
  });
1254
1273
  if (res.ok) {
1255
1274
  const result = await res.json();
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "korext",
3
- "version": "0.9.2",
3
+ "version": "0.9.4",
4
4
  "description": "Korext Command Line Interface",
5
5
  "type": "module",
6
6
  "main": "bin/korext.js",