kramscan 0.1.1 → 0.3.0

package/dist/core/config.js

@@ -32,16 +32,30 @@ var __importStar = (this && this.__importStar) || (function () {
         return result;
     };
 })();
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
 Object.defineProperty(exports, "__esModule", { value: true });
+exports.validateScanProfile = exports.validateConfig = exports.scanProfiles = void 0;
 exports.isDebugEnabled = isDebugEnabled;
 exports.getConfigStore = getConfigStore;
 exports.getConfig = getConfig;
 exports.getConfigValue = getConfigValue;
 exports.setConfigValue = setConfigValue;
 exports.setConfig = setConfig;
+exports.getScanProfile = getScanProfile;
+exports.addScanProfile = addScanProfile;
 const fs = __importStar(require("fs"));
 const path = __importStar(require("path"));
 const os = __importStar(require("os"));
+const config_schema_1 = require("./config-schema");
+const theme_1 = require("../utils/theme");
+var config_schema_2 = require("./config-schema");
+Object.defineProperty(exports, "scanProfiles", { enumerable: true, get: function () { return config_schema_2.defaultScanProfiles; } });
+Object.defineProperty(exports, "validateConfig", { enumerable: true, get: function () { return config_schema_2.validateConfig; } });
+Object.defineProperty(exports, "validateScanProfile", { enumerable: true, get: function () { return config_schema_2.validateScanProfile; } });
+// Re-export errors for convenience
+__exportStar(require("./errors"), exports);
 const defaults = {
     ai: {
         provider: "openai",
@@ -50,28 +64,30 @@ const defaults = {
         enabled: false,
     },
     scan: {
-        defaultTimeout: 60,
+        defaultTimeout: 30000,
         maxThreads: 5,
-        userAgent: "KramScan/0.1.0",
+        userAgent: `KramScan/${theme_1.CLI_VERSION}`,
         followRedirects: true,
         verifySSL: true,
         rateLimitPerSecond: 5,
-        strictScope: true
+        strictScope: true,
+        profiles: config_schema_1.defaultScanProfiles,
+        defaultProfile: "balanced",
     },
     report: {
         defaultFormat: "word",
         companyName: "Your Company",
         includeScreenshots: false,
-        severityThreshold: "low"
+        severityThreshold: "low",
     },
     skills: {
-        sqli: { enabled: true, timeout: 120 },
-        xss: { enabled: true, timeout: 90 },
+        sqli: { enabled: true, timeout: 120000 },
+        xss: { enabled: true, timeout: 90000 },
         headers: { enabled: true },
         csrf: { enabled: true },
         idor: { enabled: true },
-        jwt: { enabled: true }
-    }
+        jwt: { enabled: true },
+    },
 };
 function isDebugEnabled() {
     return process.env.KRAMSCAN_DEBUG === "true" || process.env.KRAMSCAN_DEBUG === "1";
@@ -230,7 +246,13 @@ class ConfigStore {
         if (fs.existsSync(this.configPath)) {
             try {
                 const raw = fs.readFileSync(this.configPath, "utf-8");
-                this.data = { ...defaultConfig, ...JSON.parse(raw) };
+                const parsed = JSON.parse(raw);
+                // Validate and merge with defaults
+                this.data = { ...defaultConfig, ...parsed };
+                // Ensure profiles are merged properly
+                if (parsed.scan?.profiles) {
+                    this.data.scan.profiles = { ...defaultConfig.scan.profiles, ...parsed.scan.profiles };
+                }
             }
             catch {
                 this.data = JSON.parse(JSON.stringify(defaultConfig));
@@ -246,6 +268,14 @@ class ConfigStore {
         if (storedKey) {
             this.data.ai.apiKey = storedKey;
         }
+        // Validate config on initialization
+        try {
+            this.data = (0, config_schema_1.validateConfig)(this.data);
+        }
+        catch (error) {
+            console.warn("Invalid config detected, using defaults:", error.message);
+            this.data = JSON.parse(JSON.stringify(defaults));
+        }
     }
     get store() {
         return this.data;
@@ -274,8 +304,13 @@ class ConfigStore {
         }
         current[keys[keys.length - 1]] = value;
         // If setting API key, store it securely
-        if (key === "ai.apiKey" && typeof value === "string" && value) {
-            await this.credentialManager.setPassword("apiKey", value);
+        if (key === "ai.apiKey" && typeof value === "string") {
+            if (value) {
+                await this.credentialManager.setPassword("apiKey", value);
+            }
+            else {
+                await this.credentialManager.deletePassword("apiKey");
+            }
         }
         await this.save();
     }
@@ -291,14 +326,28 @@ class ConfigStore {
         fs.writeFileSync(this.configPath, JSON.stringify(configToSave, null, 2), "utf-8");
     }
     async setConfig(config) {
-        Object.assign(this.data, config);
+        // Validate before setting
+        const validated = (0, config_schema_1.validateConfig)(config);
+        Object.assign(this.data, validated);
         // Save API key securely if present
-        if (config.ai?.apiKey) {
-            await this.credentialManager.setPassword("apiKey", config.ai.apiKey);
+        if (typeof config.ai?.apiKey === "string") {
+            if (config.ai.apiKey) {
+                await this.credentialManager.setPassword("apiKey", config.ai.apiKey);
+            }
+            else {
+                await this.credentialManager.deletePassword("apiKey");
+            }
             this.data.ai.apiKey = config.ai.apiKey;
         }
         await this.save();
     }
+    getScanProfile(name) {
+        return this.data.scan.profiles[name];
+    }
+    async addScanProfile(name, profile) {
+        this.data.scan.profiles[name] = profile;
+        await this.save();
+    }
 }
 const store = new ConfigStore("kramscan", defaults);
 // Initialize async
@@ -328,3 +377,11 @@ async function setConfig(config) {
     await ensureInitialized();
     await store.setConfig(config);
 }
+async function getScanProfile(name) {
+    await ensureInitialized();
+    return store.getScanProfile(name);
+}
+async function addScanProfile(name, profile) {
+    await ensureInitialized();
+    await store.addScanProfile(name, profile);
+}

package/dist/core/diff-engine.d.ts

@@ -0,0 +1,12 @@
+import { Vulnerability, ScanResult } from "./vulnerability-detector";
+export interface ScanDiff {
+    newVulnerabilities: Vulnerability[];
+    resolvedVulnerabilities: Vulnerability[];
+    unchangedCount: number;
+    previousTotal: number;
+    currentTotal: number;
+}
+/**
+ * Compares two scan results and produces a diff of new and resolved vulnerabilities.
+ */
+export declare function diffScanResults(previous: ScanResult, current: ScanResult): ScanDiff;

package/dist/core/diff-engine.js

@@ -0,0 +1,47 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.diffScanResults = diffScanResults;
+/**
+ * Creates a unique fingerprint for a vulnerability to enable comparison.
+ */
+function vulnFingerprint(v) {
+    return `${v.type}:${v.severity}:${v.title}:${new URL(v.url).pathname}`;
+}
+/**
+ * Compares two scan results and produces a diff of new and resolved vulnerabilities.
+ */
+function diffScanResults(previous, current) {
+    const prevFingerprints = new Map();
+    const currFingerprints = new Map();
+    for (const v of previous.vulnerabilities) {
+        prevFingerprints.set(vulnFingerprint(v), v);
+    }
+    for (const v of current.vulnerabilities) {
+        currFingerprints.set(vulnFingerprint(v), v);
+    }
+    const newVulnerabilities = [];
+    const resolvedVulnerabilities = [];
+    let unchangedCount = 0;
+    // Find new vulnerabilities (in current but not in previous)
+    for (const [fp, vuln] of currFingerprints) {
+        if (!prevFingerprints.has(fp)) {
+            newVulnerabilities.push(vuln);
+        }
+        else {
+            unchangedCount++;
+        }
+    }
+    // Find resolved vulnerabilities (in previous but not in current)
+    for (const [fp, vuln] of prevFingerprints) {
+        if (!currFingerprints.has(fp)) {
+            resolvedVulnerabilities.push(vuln);
+        }
+    }
+    return {
+        newVulnerabilities,
+        resolvedVulnerabilities,
+        unchangedCount,
+        previousTotal: previous.vulnerabilities.length,
+        currentTotal: current.vulnerabilities.length,
+    };
+}

package/dist/core/errors.d.ts

@@ -0,0 +1,71 @@
+/**
+ * Custom Error Types for KramScan
+ * Provides structured error handling with error codes
+ */
+export declare enum ErrorCode {
+    SCN_INIT_FAILED = "SCN_INIT_FAILED",
+    SCN_CRAWL_FAILED = "SCN_CRAWL_FAILED",
+    SCN_TIMEOUT = "SCN_TIMEOUT",
+    SCN_INVALID_URL = "SCN_INVALID_URL",
+    SCN_SCOPE_VIOLATION = "SCN_SCOPE_VIOLATION",
+    SCN_BROWSER_ERROR = "SCN_BROWSER_ERROR",
+    PLG_INIT_FAILED = "PLG_INIT_FAILED",
+    PLG_EXECUTION_FAILED = "PLG_EXECUTION_FAILED",
+    PLG_NOT_FOUND = "PLG_NOT_FOUND",
+    PLG_DISABLED = "PLG_DISABLED",
+    PLG_TIMEOUT = "PLG_TIMEOUT",
+    CFG_INVALID = "CFG_INVALID",
+    CFG_NOT_FOUND = "CFG_NOT_FOUND",
+    CFG_WRITE_FAILED = "CFG_WRITE_FAILED",
+    NET_REQUEST_FAILED = "NET_REQUEST_FAILED",
+    NET_RATE_LIMITED = "NET_RATE_LIMITED",
+    NET_SSL_ERROR = "NET_SSL_ERROR",
+    AI_INIT_FAILED = "AI_INIT_FAILED",
+    AI_REQUEST_FAILED = "AI_REQUEST_FAILED",
+    AI_QUOTA_EXCEEDED = "AI_QUOTA_EXCEEDED",
+    RPT_GENERATION_FAILED = "RPT_GENERATION_FAILED",
+    RPT_INVALID_FORMAT = "RPT_INVALID_FORMAT"
+}
+export interface KramScanErrorOptions {
+    code: ErrorCode;
+    statusCode?: number;
+    retryable?: boolean;
+    context?: Record<string, unknown>;
+}
+export declare class KramScanError extends Error {
+    readonly code: ErrorCode;
+    readonly statusCode?: number;
+    readonly retryable: boolean;
+    readonly context?: Record<string, unknown>;
+    readonly timestamp: string;
+    constructor(message: string, options: KramScanErrorOptions);
+    toJSON(): Record<string, unknown>;
+}
+export declare class ScannerError extends KramScanError {
+    constructor(message: string, code?: ErrorCode, context?: Record<string, unknown>);
+}
+export declare class PluginError extends KramScanError {
+    constructor(message: string, code?: ErrorCode, context?: Record<string, unknown>);
+}
+export declare class ConfigError extends KramScanError {
+    constructor(message: string, code?: ErrorCode, context?: Record<string, unknown>);
+}
+export declare class NetworkError extends KramScanError {
+    constructor(message: string, code?: ErrorCode, context?: Record<string, unknown>);
+}
+export declare class AiError extends KramScanError {
+    constructor(message: string, code?: ErrorCode, context?: Record<string, unknown>);
+}
+export declare class ReportError extends KramScanError {
+    constructor(message: string, code?: ErrorCode, context?: Record<string, unknown>);
+}
+export interface ErrorHandlerConfig {
+    maxRetries: number;
+    baseDelay: number;
+    maxDelay: number;
+    retryableCodes: ErrorCode[];
+}
+export declare function isRetryable(error: KramScanError, config?: ErrorHandlerConfig): boolean;
+export declare function shouldRetry(error: KramScanError, attempt: number, config?: ErrorHandlerConfig): boolean;
+export declare function getRetryDelay(error: KramScanError, attempt: number, config?: ErrorHandlerConfig): number;
+export declare function setupGlobalErrorHandlers(): void;

package/dist/core/errors.js

@@ -0,0 +1,162 @@
+"use strict";
+/**
+ * Custom Error Types for KramScan
+ * Provides structured error handling with error codes
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ReportError = exports.AiError = exports.NetworkError = exports.ConfigError = exports.PluginError = exports.ScannerError = exports.KramScanError = exports.ErrorCode = void 0;
+exports.isRetryable = isRetryable;
+exports.shouldRetry = shouldRetry;
+exports.getRetryDelay = getRetryDelay;
+exports.setupGlobalErrorHandlers = setupGlobalErrorHandlers;
+var ErrorCode;
+(function (ErrorCode) {
+    // Scanner errors (SCN-xxx)
+    ErrorCode["SCN_INIT_FAILED"] = "SCN_INIT_FAILED";
+    ErrorCode["SCN_CRAWL_FAILED"] = "SCN_CRAWL_FAILED";
+    ErrorCode["SCN_TIMEOUT"] = "SCN_TIMEOUT";
+    ErrorCode["SCN_INVALID_URL"] = "SCN_INVALID_URL";
+    ErrorCode["SCN_SCOPE_VIOLATION"] = "SCN_SCOPE_VIOLATION";
+    ErrorCode["SCN_BROWSER_ERROR"] = "SCN_BROWSER_ERROR";
+    // Plugin errors (PLG-xxx)
+    ErrorCode["PLG_INIT_FAILED"] = "PLG_INIT_FAILED";
+    ErrorCode["PLG_EXECUTION_FAILED"] = "PLG_EXECUTION_FAILED";
+    ErrorCode["PLG_NOT_FOUND"] = "PLG_NOT_FOUND";
+    ErrorCode["PLG_DISABLED"] = "PLG_DISABLED";
+    ErrorCode["PLG_TIMEOUT"] = "PLG_TIMEOUT";
+    // Config errors (CFG-xxx)
+    ErrorCode["CFG_INVALID"] = "CFG_INVALID";
+    ErrorCode["CFG_NOT_FOUND"] = "CFG_NOT_FOUND";
+    ErrorCode["CFG_WRITE_FAILED"] = "CFG_WRITE_FAILED";
+    // Network errors (NET-xxx)
+    ErrorCode["NET_REQUEST_FAILED"] = "NET_REQUEST_FAILED";
+    ErrorCode["NET_RATE_LIMITED"] = "NET_RATE_LIMITED";
+    ErrorCode["NET_SSL_ERROR"] = "NET_SSL_ERROR";
+    // AI errors (AI-xxx)
+    ErrorCode["AI_INIT_FAILED"] = "AI_INIT_FAILED";
+    ErrorCode["AI_REQUEST_FAILED"] = "AI_REQUEST_FAILED";
+    ErrorCode["AI_QUOTA_EXCEEDED"] = "AI_QUOTA_EXCEEDED";
+    // Report errors (RPT-xxx)
+    ErrorCode["RPT_GENERATION_FAILED"] = "RPT_GENERATION_FAILED";
+    ErrorCode["RPT_INVALID_FORMAT"] = "RPT_INVALID_FORMAT";
+})(ErrorCode || (exports.ErrorCode = ErrorCode = {}));
+class KramScanError extends Error {
+    code;
+    statusCode;
+    retryable;
+    context;
+    timestamp;
+    constructor(message, options) {
+        super(message);
+        this.name = "KramScanError";
+        this.code = options.code;
+        this.statusCode = options.statusCode;
+        this.retryable = options.retryable ?? false;
+        this.context = options.context;
+        this.timestamp = new Date().toISOString();
+        // Maintains proper stack trace in V8 environments
+        if (Error.captureStackTrace) {
+            Error.captureStackTrace(this, KramScanError);
+        }
+    }
+    toJSON() {
+        return {
+            name: this.name,
+            message: this.message,
+            code: this.code,
+            statusCode: this.statusCode,
+            retryable: this.retryable,
+            context: this.context,
+            timestamp: this.timestamp,
+            stack: this.stack,
+        };
+    }
+}
+exports.KramScanError = KramScanError;
+// Convenience error classes for common scenarios
+class ScannerError extends KramScanError {
+    constructor(message, code = ErrorCode.SCN_CRAWL_FAILED, context) {
+        super(message, { code, retryable: true, context });
+        this.name = "ScannerError";
+    }
+}
+exports.ScannerError = ScannerError;
+class PluginError extends KramScanError {
+    constructor(message, code = ErrorCode.PLG_EXECUTION_FAILED, context) {
+        super(message, { code, retryable: false, context });
+        this.name = "PluginError";
+    }
+}
+exports.PluginError = PluginError;
+class ConfigError extends KramScanError {
+    constructor(message, code = ErrorCode.CFG_INVALID, context) {
+        super(message, { code, retryable: false, context });
+        this.name = "ConfigError";
+    }
+}
+exports.ConfigError = ConfigError;
+class NetworkError extends KramScanError {
+    constructor(message, code = ErrorCode.NET_REQUEST_FAILED, context) {
+        super(message, { code, retryable: true, context });
+        this.name = "NetworkError";
+    }
+}
+exports.NetworkError = NetworkError;
+class AiError extends KramScanError {
+    constructor(message, code = ErrorCode.AI_REQUEST_FAILED, context) {
+        super(message, { code, retryable: true, context });
+        this.name = "AiError";
+    }
+}
+exports.AiError = AiError;
+class ReportError extends KramScanError {
+    constructor(message, code = ErrorCode.RPT_GENERATION_FAILED, context) {
+        super(message, { code, retryable: false, context });
+        this.name = "ReportError";
+    }
+}
+exports.ReportError = ReportError;
+const defaultErrorHandlerConfig = {
+    maxRetries: 3,
+    baseDelay: 1000,
+    maxDelay: 10000,
+    retryableCodes: [
+        ErrorCode.SCN_CRAWL_FAILED,
+        ErrorCode.SCN_TIMEOUT,
+        ErrorCode.SCN_BROWSER_ERROR,
+        ErrorCode.NET_REQUEST_FAILED,
+        ErrorCode.PLG_EXECUTION_FAILED,
+        ErrorCode.AI_REQUEST_FAILED,
+    ],
+};
+function isRetryable(error, config = defaultErrorHandlerConfig) {
+    if (!error.retryable)
+        return false;
+    return config.retryableCodes.includes(error.code);
+}
+function shouldRetry(error, attempt, config = defaultErrorHandlerConfig) {
+    return attempt < config.maxRetries && isRetryable(error, config);
+}
+function getRetryDelay(error, attempt, config = defaultErrorHandlerConfig) {
+    const delay = Math.min(config.baseDelay * Math.pow(2, attempt), config.maxDelay);
+    // Add jitter to prevent thundering herd
+    const jitter = Math.random() * 0.3 * delay;
+    return Math.floor(delay + jitter);
+}
+// Global error handler for uncaught errors
+function setupGlobalErrorHandlers() {
+    process.on("uncaughtException", (error) => {
+        console.error("[FATAL] Uncaught Exception:");
+        console.error(error.message);
+        if (error.stack) {
+            console.error(error.stack);
+        }
+        process.exit(1);
+    });
+    process.on("unhandledRejection", (reason, promise) => {
+        console.error("[FATAL] Unhandled Promise Rejection:");
+        console.error("Reason:", reason);
+        console.error("Promise:", promise);
+        process.exit(1);
+    });
+}

package/dist/core/scan-index.d.ts

@@ -0,0 +1,20 @@
+export interface ScanIndexEntry {
+    id: string;
+    target: string;
+    hostname: string;
+    timestamp: string;
+    jsonPath: string;
+    pdfPath?: string;
+    summary: {
+        total: number;
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+        info: number;
+    };
+    score?: number;
+}
+export declare function addScanToIndex(entry: Omit<ScanIndexEntry, "id">): Promise<ScanIndexEntry>;
+export declare function listScans(limit?: number): Promise<ScanIndexEntry[]>;
+export declare function getLatestScan(): Promise<ScanIndexEntry | null>;

package/dist/core/scan-index.js

@@ -0,0 +1,52 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.addScanToIndex = addScanToIndex;
+exports.listScans = listScans;
+exports.getLatestScan = getLatestScan;
+const promises_1 = __importDefault(require("fs/promises"));
+const os_1 = __importDefault(require("os"));
+const path_1 = __importDefault(require("path"));
+function getIndexPath() {
+    return path_1.default.join(os_1.default.homedir(), ".kramscan", "scans", "index.json");
+}
+async function readIndex() {
+    const indexPath = getIndexPath();
+    try {
+        const raw = await promises_1.default.readFile(indexPath, "utf-8");
+        const parsed = JSON.parse(raw);
+        if (Array.isArray(parsed)) {
+            return parsed;
+        }
+        return [];
+    }
+    catch {
+        return [];
+    }
+}
+async function writeIndex(entries) {
+    const indexPath = getIndexPath();
+    await promises_1.default.mkdir(path_1.default.dirname(indexPath), { recursive: true });
+    await promises_1.default.writeFile(indexPath, JSON.stringify(entries, null, 2), "utf-8");
+}
+async function addScanToIndex(entry) {
+    const hostname = entry.hostname || "unknown";
+    const id = `${new Date(entry.timestamp).getTime()}-${hostname}-${Math.random().toString(36).slice(2, 8)}`;
+    const full = { ...entry, id };
+    const existing = await readIndex();
+    const merged = [full, ...existing]
+        .filter((e, idx, arr) => arr.findIndex((x) => x.jsonPath === e.jsonPath) === idx)
+        .slice(0, 500);
+    await writeIndex(merged);
+    return full;
+}
+async function listScans(limit = 20) {
+    const entries = await readIndex();
+    return entries.slice(0, Math.max(1, limit));
+}
+async function getLatestScan() {
+    const entries = await readIndex();
+    return entries.length > 0 ? entries[0] : null;
+}

package/dist/core/scan-storage.d.ts

@@ -0,0 +1,11 @@
+export interface ResolvedScanFile {
+    filepath: string;
+    filename: string;
+    isLatest: boolean;
+}
+export declare function getKramScanHome(): string;
+export declare function getScansDirectory(): string;
+export declare function getReportsDirectory(): string;
+export declare function ensureScansDirectory(): Promise<string>;
+export declare function ensureReportsDirectory(): Promise<string>;
+export declare function resolveScanFile(scanFile?: string): Promise<ResolvedScanFile>;

package/dist/core/scan-storage.js

@@ -0,0 +1,69 @@
+"use strict";
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getKramScanHome = getKramScanHome;
+exports.getScansDirectory = getScansDirectory;
+exports.getReportsDirectory = getReportsDirectory;
+exports.ensureScansDirectory = ensureScansDirectory;
+exports.ensureReportsDirectory = ensureReportsDirectory;
+exports.resolveScanFile = resolveScanFile;
+const promises_1 = __importDefault(require("fs/promises"));
+const os_1 = __importDefault(require("os"));
+const path_1 = __importDefault(require("path"));
+function getKramScanHome() {
+    return path_1.default.join(os_1.default.homedir(), ".kramscan");
+}
+function getScansDirectory() {
+    return path_1.default.join(getKramScanHome(), "scans");
+}
+function getReportsDirectory() {
+    return path_1.default.join(getKramScanHome(), "reports");
+}
+async function ensureScansDirectory() {
+    const scanDir = getScansDirectory();
+    await promises_1.default.mkdir(scanDir, { recursive: true });
+    return scanDir;
+}
+async function ensureReportsDirectory() {
+    const reportsDir = getReportsDirectory();
+    await promises_1.default.mkdir(reportsDir, { recursive: true });
+    return reportsDir;
+}
+async function resolveScanFile(scanFile) {
+    if (scanFile) {
+        const filepath = path_1.default.isAbsolute(scanFile)
+            ? scanFile
+            : path_1.default.join(process.cwd(), scanFile);
+        return {
+            filepath,
+            filename: path_1.default.basename(filepath),
+            isLatest: false,
+        };
+    }
+    const scanDir = await ensureScansDirectory();
+    const entries = await promises_1.default.readdir(scanDir, { withFileTypes: true });
+    const files = entries
+        .filter((entry) => entry.isFile() && entry.name.endsWith(".json"))
+        .map((entry) => entry.name);
+    if (files.length === 0) {
+        throw new Error("No scan results found. Run 'kramscan scan <url>' first.");
+    }
+    const filesWithStats = await Promise.all(files.map(async (filename) => {
+        const filepath = path_1.default.join(scanDir, filename);
+        const stats = await promises_1.default.stat(filepath);
+        return {
+            filename,
+            filepath,
+            mtimeMs: stats.mtimeMs,
+        };
+    }));
+    filesWithStats.sort((a, b) => b.mtimeMs - a.mtimeMs);
+    const latest = filesWithStats[0];
+    return {
+        filepath: latest.filepath,
+        filename: latest.filename,
+        isLatest: true,
+    };
+}