kramscan 0.1.1 → 0.3.0

package/dist/utils/logger.js

@@ -3,25 +3,97 @@ var __importDefault = (this && this.__importDefault) || function (mod) {
     return (mod && mod.__esModule) ? mod : { "default": mod };
 };
 Object.defineProperty(exports, "__esModule", { value: true });
-exports.logger = void 0;
+exports.structuredLogger = exports.logger = exports.LogLevel = void 0;
+exports.createChildLogger = createChildLogger;
 const chalk_1 = __importDefault(require("chalk"));
 const ora_1 = __importDefault(require("ora"));
+var LogLevel;
+(function (LogLevel) {
+    LogLevel[LogLevel["DEBUG"] = 0] = "DEBUG";
+    LogLevel[LogLevel["INFO"] = 1] = "INFO";
+    LogLevel[LogLevel["SUCCESS"] = 2] = "SUCCESS";
+    LogLevel[LogLevel["WARN"] = 3] = "WARN";
+    LogLevel[LogLevel["ERROR"] = 4] = "ERROR";
+})(LogLevel || (exports.LogLevel = LogLevel = {}));
+function getLogLevel() {
+    const envLevel = process.env.LOG_LEVEL?.toUpperCase();
+    switch (envLevel) {
+        case "DEBUG":
+            return LogLevel.DEBUG;
+        case "INFO":
+            return LogLevel.INFO;
+        case "WARN":
+        case "WARNING":
+            return LogLevel.WARN;
+        case "ERROR":
+            return LogLevel.ERROR;
+        default:
+            return process.env.KRAMSCAN_DEBUG === "1" || process.env.KRAMSCAN_DEBUG === "true"
+                ? LogLevel.DEBUG
+                : LogLevel.INFO;
+    }
+}
+function debugEnabled() {
+    return getLogLevel() <= LogLevel.DEBUG;
+}
+function isJsonOutput() {
+    return process.env.LOG_JSON === "1" || process.env.LOG_JSON === "true";
+}
+function shouldLog(level) {
+    return level >= getLogLevel();
+}
+function formatLogEntry(level, message, context) {
+    return {
+        timestamp: new Date().toISOString(),
+        level,
+        message,
+        context,
+    };
+}
+function outputLog(entry) {
+    if (isJsonOutput()) {
+        console.log(JSON.stringify(entry));
+    }
+    else {
+        const { timestamp, level, message, ...rest } = entry;
+        let output = message;
+        if (process.env.LOG_INCLUDE_CONTEXT === "true" && Object.keys(rest).length > 0) {
+            output += ` ${JSON.stringify(rest)}`;
+        }
+        console.log(output);
+    }
+}
+// Simple human-readable logger (original behavior)
 exports.logger = {
     info: (message) => {
-        console.log(chalk_1.default.blue("ℹ"), message);
+        if (shouldLog(LogLevel.INFO)) {
+            console.log(chalk_1.default.blue("i"), message);
+        }
     },
     success: (message) => {
-        console.log(chalk_1.default.green("✓"), message);
+        if (shouldLog(LogLevel.SUCCESS)) {
+            console.log(chalk_1.default.green("✓"), message);
+        }
     },
     warn: (message) => {
-        console.log(chalk_1.default.yellow("⚠"), message);
+        if (shouldLog(LogLevel.WARN)) {
+            console.log(chalk_1.default.yellow("⚠"), message);
+        }
     },
     error: (message) => {
-        console.log(chalk_1.default.red("✗"), message);
+        if (shouldLog(LogLevel.ERROR)) {
+            console.log(chalk_1.default.red("✗"), message);
+        }
     },
-    debug: (message) => {
-        if (process.env.DEBUG) {
-            console.log(chalk_1.default.gray("→"), message);
+    debug: (message, context) => {
+        if (debugEnabled()) {
+            if (isJsonOutput()) {
+                const entry = formatLogEntry("DEBUG", message, context);
+                console.log(JSON.stringify(entry));
+            }
+            else {
+                console.log(chalk_1.default.gray("→"), message, context ? JSON.stringify(context) : "");
+            }
         }
     },
     spinner: (text) => {
@@ -32,3 +104,50 @@ exports.logger = {
         }).start();
     },
 };
+// Structured JSON logger for log aggregation systems
+exports.structuredLogger = {
+    debug: (message, context) => {
+        if (shouldLog(LogLevel.DEBUG)) {
+            outputLog(formatLogEntry("DEBUG", message, context));
+        }
+    },
+    info: (message, context) => {
+        if (shouldLog(LogLevel.INFO)) {
+            outputLog(formatLogEntry("INFO", message, context));
+        }
+    },
+    warn: (message, context) => {
+        if (shouldLog(LogLevel.WARN)) {
+            outputLog(formatLogEntry("WARN", message, context));
+        }
+    },
+    error: (message, context) => {
+        if (shouldLog(LogLevel.ERROR)) {
+            outputLog(formatLogEntry("ERROR", message, context));
+        }
+    },
+    // Log with custom level
+    log: (level, message, context) => {
+        if (shouldLog(level)) {
+            const levelName = LogLevel[level];
+            outputLog(formatLogEntry(levelName, message, context));
+        }
+    },
+};
+// Convenience function to create a child logger with additional context
+function createChildLogger(defaultContext) {
+    return {
+        debug: (message, context) => {
+            exports.structuredLogger.debug(message, { ...defaultContext, ...context });
+        },
+        info: (message, context) => {
+            exports.structuredLogger.info(message, { ...defaultContext, ...context });
+        },
+        warn: (message, context) => {
+            exports.structuredLogger.warn(message, { ...defaultContext, ...context });
+        },
+        error: (message, context) => {
+            exports.structuredLogger.error(message, { ...defaultContext, ...context });
+        },
+    };
+}

package/dist/utils/theme.d.ts

@@ -0,0 +1,56 @@
+export declare const CLI_VERSION: string;
+export declare const theme: {
+    brand: import("chalk").ChalkInstance;
+    error: import("chalk").ChalkInstance;
+    success: import("chalk").ChalkInstance;
+    warning: import("chalk").ChalkInstance;
+    info: import("chalk").ChalkInstance;
+    dim: import("chalk").ChalkInstance;
+    gray: import("chalk").ChalkInstance;
+    white: import("chalk").ChalkInstance;
+    cyan: import("chalk").ChalkInstance;
+    brightWhite: import("chalk").ChalkInstance;
+    brightCyan: import("chalk").ChalkInstance;
+    brightMagenta: import("chalk").ChalkInstance;
+    brightBlue: import("chalk").ChalkInstance;
+    brightGreen: import("chalk").ChalkInstance;
+    brightYellow: import("chalk").ChalkInstance;
+    brightRed: import("chalk").ChalkInstance;
+    critical: import("chalk").ChalkInstance;
+    high: import("chalk").ChalkInstance;
+    medium: import("chalk").ChalkInstance;
+    low: import("chalk").ChalkInstance;
+    infoSeverity: import("chalk").ChalkInstance;
+    yellow: import("chalk").ChalkInstance;
+    green: import("chalk").ChalkInstance;
+};
+export declare function printBanner(): void;
+export declare function printInfo(): void;
+export declare function getSeverityColor(severity: string): (text: string) => string;
+export declare function displayScanSummary(result: {
+    target: string;
+    duration: number;
+    metadata: {
+        crawledUrls: number;
+        testedForms: number;
+        requestsMade: number;
+    };
+    summary: {
+        total: number;
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+        info: number;
+    };
+    score: number;
+    vulnerabilities: Array<{
+        severity: string;
+        title: string;
+        url: string;
+        description: string;
+    }>;
+    filepath: string;
+    pdfPath?: string | null;
+}): void;
+export default theme;

package/dist/utils/theme.js

@@ -0,0 +1,201 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.theme = exports.CLI_VERSION = void 0;
+exports.printBanner = printBanner;
+exports.printInfo = printInfo;
+exports.getSeverityColor = getSeverityColor;
+exports.displayScanSummary = displayScanSummary;
+const chalk_1 = __importDefault(require("chalk"));
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+// Read version from package.json (single source of truth)
+function getPackageVersion() {
+    try {
+        const pkgPath = path.resolve(__dirname, "..", "..", "package.json");
+        const pkg = JSON.parse(fs.readFileSync(pkgPath, "utf-8"));
+        return pkg.version || "0.0.0";
+    }
+    catch {
+        return "0.0.0";
+    }
+}
+exports.CLI_VERSION = getPackageVersion();
+exports.theme = {
+    // Colors
+    brand: chalk_1.default.hex("#00D1FF"),
+    error: chalk_1.default.red.bold,
+    success: chalk_1.default.green,
+    warning: chalk_1.default.yellow,
+    info: chalk_1.default.blue,
+    dim: chalk_1.default.gray,
+    gray: chalk_1.default.gray,
+    white: chalk_1.default.white,
+    cyan: chalk_1.default.cyan,
+    brightWhite: chalk_1.default.white.bold,
+    brightCyan: chalk_1.default.cyan.bold,
+    brightMagenta: chalk_1.default.magenta.bold,
+    brightBlue: chalk_1.default.blue.bold,
+    brightGreen: chalk_1.default.green.bold,
+    brightYellow: chalk_1.default.yellow.bold,
+    brightRed: chalk_1.default.red.bold,
+    // Severity colors
+    critical: chalk_1.default.red.bold,
+    high: chalk_1.default.red,
+    medium: chalk_1.default.yellow,
+    low: chalk_1.default.blue,
+    infoSeverity: chalk_1.default.gray,
+    yellow: chalk_1.default.yellow,
+    green: chalk_1.default.green,
+};
+// ─── ASCII Art Banner ──────────────────────────────────────────────
+function printBanner() {
+    const lines = [
+        `██╗  ██╗██████╗  █████╗ ███╗   ███╗███████╗ ██████╗ █████╗ ███╗   ██╗`,
+        `██║ ██╔╝██╔══██╗██╔══██╗████╗ ████║██╔════╝██╔════╝██╔══██╗████╗  ██║`,
+        `█████╔╝ ██████╔╝███████║██╔████╔██║███████╗██║     ███████║██╔██╗ ██║`,
+        `██╔═██╗ ██╔══██╗██╔══██║██║╚██╔╝██║╚════██║██║     ██╔══██║██║╚██╗██║`,
+        `██║  ██╗██║  ██║██║  ██║██║ ╚═╝ ██║███████║╚██████╗██║  ██║██║ ╚████║`,
+        `╚═╝  ╚═╝╚═╝  ╚═╝╚═╝  ╚═╝╚═╝     ╚═╝╚══════╝ ╚═════╝╚═╝  ╚═╝╚═╝  ╚═══╝`,
+    ];
+    console.log("");
+    lines.forEach((line, i) => {
+        const shade = i % 2 === 0 ? exports.theme.brightWhite : exports.theme.dim;
+        console.log(`  ${shade(line)}`);
+    });
+    console.log("");
+}
+// ─── Dashboard Info ────────────────────────────────────────────────
+function printInfo() {
+    console.log(`  ${exports.theme.dim("───────────────────────────────────────────────────────")}`);
+    console.log(`  ${exports.theme.brightWhite(" KramScan")} ${exports.theme.gray(`v${exports.CLI_VERSION}`)}  ${exports.theme.dim("|")}  ${exports.theme.cyan("AI-Powered Web Security Scanner")}`);
+    console.log(`  ${exports.theme.dim("───────────────────────────────────────────────────────")}`);
+    console.log("");
+    console.log(`  ${exports.theme.brightYellow("Tips for getting started:")}`);
+    console.log(`  ${exports.theme.white("1.")} ${exports.theme.gray("Run")} ${exports.theme.cyan("kramscan onboard")} ${exports.theme.gray("to configure your API keys.")}`);
+    console.log(`  ${exports.theme.white("2.")} ${exports.theme.gray("Run")} ${exports.theme.cyan("kramscan scan <url>")} ${exports.theme.gray("to scan a target.")}`);
+    console.log(`  ${exports.theme.white("3.")} ${exports.theme.gray("Run")} ${exports.theme.cyan("kramscan --help")} ${exports.theme.gray("for all commands.")}`);
+    console.log("");
+}
+// ─── Severity Color Helper ─────────────────────────────────────────
+function getSeverityColor(severity) {
+    const s = severity.toLowerCase();
+    if (s === "critical")
+        return exports.theme.critical;
+    if (s === "high")
+        return exports.theme.high;
+    if (s === "medium")
+        return exports.theme.medium;
+    if (s === "low")
+        return exports.theme.low;
+    return exports.theme.infoSeverity;
+}
+// ─── Scan Summary Display ──────────────────────────────────────────
+function displayScanSummary(result) {
+    const { target, duration, metadata, summary, vulnerabilities, filepath, pdfPath, score } = result;
+    // Scan Summary
+    console.log("");
+    console.log(exports.theme.brightWhite.bold("📊 Scan Summary"));
+    console.log(exports.theme.gray("─".repeat(50)));
+    console.log("");
+    console.log(exports.theme.white("Target:"), exports.theme.cyan(target));
+    console.log(exports.theme.white("Duration:"), exports.theme.cyan(`${(duration / 1000).toFixed(2)}s`));
+    console.log(exports.theme.white("URLs Crawled:"), exports.theme.cyan(metadata.crawledUrls));
+    console.log(exports.theme.white("Forms Tested:"), exports.theme.cyan(metadata.testedForms));
+    console.log(exports.theme.white("Requests Made:"), exports.theme.cyan(metadata.requestsMade));
+    // Security Score Display
+    const scoreColor = score > 80 ? exports.theme.success : (score > 50 ? exports.theme.warning : exports.theme.error);
+    const scoreLabel = score > 80 ? "EXCELLENT" : (score > 50 ? "FAIR" : "POOR");
+    console.log("");
+    console.log(`  ${exports.theme.white("Security Score:")} ${scoreColor.bold(score + "/100")} ${exports.theme.gray(`(${scoreLabel})`)}`);
+    console.log(`  ${scoreColor("█".repeat(Math.round(score / 5)) + exports.theme.dim("█".repeat(20 - Math.round(score / 5))))}`);
+    console.log("");
+    // Vulnerability summary
+    console.log(exports.theme.brightWhite.bold("🛡️  Vulnerabilities Found"));
+    console.log(exports.theme.gray("─".repeat(50)));
+    console.log("");
+    if (summary.total === 0) {
+        console.log(exports.theme.success("✓ No vulnerabilities found!"));
+    }
+    else {
+        if (summary.critical > 0)
+            console.log(exports.theme.critical(`  ${summary.critical} Critical`), exports.theme.gray("- Immediate action required"));
+        if (summary.high > 0)
+            console.log(exports.theme.high(`  ${summary.high} High`), exports.theme.gray("- Should be fixed soon"));
+        if (summary.medium > 0)
+            console.log(exports.theme.medium(`  ${summary.medium} Medium`), exports.theme.gray("- Fix when possible"));
+        if (summary.low > 0)
+            console.log(exports.theme.low(`  ${summary.low} Low`), exports.theme.gray("- Minor issues"));
+        if (summary.info > 0)
+            console.log(exports.theme.infoSeverity(`  ${summary.info} Info`), exports.theme.gray("- Informational"));
+    }
+    console.log("");
+    console.log(exports.theme.gray("Results saved to:"), exports.theme.white(filepath));
+    if (pdfPath) {
+        console.log(exports.theme.gray("PDF report saved to:"), exports.theme.white(pdfPath));
+    }
+    console.log("");
+    // Show top vulnerabilities
+    if (vulnerabilities.length > 0) {
+        console.log(exports.theme.brightWhite.bold("🔴 Top Findings"));
+        console.log(exports.theme.gray("─".repeat(50)));
+        console.log("");
+        const topVulns = vulnerabilities
+            .sort((a, b) => {
+            const severityOrder = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+            return severityOrder[a.severity] - severityOrder[b.severity];
+        })
+            .slice(0, 5);
+        for (const vuln of topVulns) {
+            const severityColor = getSeverityColor(vuln.severity);
+            console.log(severityColor(`[${vuln.severity.toUpperCase()}]`), exports.theme.brightWhite.bold(vuln.title));
+            console.log(exports.theme.gray(`  ${vuln.url}`));
+            console.log(exports.theme.white(`  ${vuln.description}`));
+            console.log("");
+        }
+        if (vulnerabilities.length > 5) {
+            console.log(exports.theme.gray(`  ... and ${vulnerabilities.length - 5} more`));
+            console.log("");
+        }
+    }
+    console.log(exports.theme.cyan("💡 Next steps:"));
+    console.log(exports.theme.white(`  1. Run ${exports.theme.cyan(`kramscan analyze ${filepath}`)} for AI-powered insights`));
+    console.log(exports.theme.white("  2. PDF report is generated automatically after the scan"));
+    console.log("");
+}
+exports.default = exports.theme;

package/package.json

@@ -1,8 +1,8 @@
 {
   "name": "kramscan",
-  "version": "0.1.1",
+  "version": "0.3.0",
   "description": "KramScan CLI — AI-powered web app security testing",
-  "author": "Akram Shaikh <akramshaikh.me>",
+  "author": "Akram Shaikh (https://akramshaikh.me)",
   "license": "MIT",
   "keywords": [
     "security",
@@ -13,6 +13,9 @@
     "web-security",
     "analysis"
   ],
+  "publishConfig": {
+    "access": "public"
+  },
   "repository": {
     "type": "git",
     "url": "https://github.com/shaikhakramshakil/kramscan.git"
@@ -45,7 +48,7 @@
     "lint": "eslint src --ext .ts",
     "lint:fix": "eslint src --ext .ts --fix",
     "format": "prettier --write \"src/**/*.ts\"",
-    "prepublishOnly": "npm run clean && npm run build"
+    "prepublishOnly": "npm test && npm run clean && npm run build"
   },
   "dependencies": {
     "@anthropic-ai/sdk": "^0.31.0",