laxy-verify 1.1.32 → 1.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +322 -322
- package/dist/audit/broken-links.d.ts +21 -21
- package/dist/audit/broken-links.js +86 -86
- package/dist/auth.d.ts +11 -6
- package/dist/auth.js +222 -188
- package/dist/cli.js +806 -724
- package/dist/comment.d.ts +21 -21
- package/dist/comment.js +134 -131
- package/dist/crawler.d.ts +36 -35
- package/dist/crawler.js +357 -356
- package/dist/e2e.d.ts +49 -49
- package/dist/e2e.js +565 -539
- package/dist/entitlement.d.ts +11 -11
- package/dist/entitlement.js +90 -88
- package/dist/init.js +87 -87
- package/dist/multi-viewport.d.ts +31 -31
- package/dist/multi-viewport.js +298 -298
- package/dist/playwright-runner.d.ts +16 -16
- package/dist/playwright-runner.js +208 -208
- package/dist/report-markdown.d.ts +39 -39
- package/dist/report-markdown.js +386 -386
- package/dist/security-audit.d.ts +9 -9
- package/dist/security-audit.js +64 -64
- package/dist/serve.d.ts +13 -13
- package/dist/serve.js +249 -246
- package/dist/trend.d.ts +50 -49
- package/dist/trend.js +148 -147
- package/dist/verification-core/index.d.ts +3 -3
- package/dist/verification-core/index.js +19 -19
- package/dist/verification-core/report.d.ts +14 -14
- package/dist/verification-core/report.js +409 -404
- package/dist/verification-core/tier-policy.d.ts +13 -13
- package/dist/verification-core/tier-policy.js +60 -60
- package/dist/verification-core/types.d.ts +108 -108
- package/dist/verification-core/types.js +2 -2
- package/dist/visual-diff.d.ts +26 -26
- package/dist/visual-diff.js +178 -178
- package/package.json +67 -67
package/dist/security-audit.d.ts
CHANGED
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
export interface SecurityAuditResult {
|
|
2
|
-
totalVulnerabilities: number;
|
|
3
|
-
critical: number;
|
|
4
|
-
high: number;
|
|
5
|
-
moderate: number;
|
|
6
|
-
low: number;
|
|
7
|
-
summary: string;
|
|
8
|
-
}
|
|
9
|
-
export declare function runSecurityAudit(cwd: string, timeoutMs?: number): Promise<SecurityAuditResult>;
|
|
1
|
+
export interface SecurityAuditResult {
|
|
2
|
+
totalVulnerabilities: number;
|
|
3
|
+
critical: number;
|
|
4
|
+
high: number;
|
|
5
|
+
moderate: number;
|
|
6
|
+
low: number;
|
|
7
|
+
summary: string;
|
|
8
|
+
}
|
|
9
|
+
export declare function runSecurityAudit(cwd: string, timeoutMs?: number): Promise<SecurityAuditResult>;
|
package/dist/security-audit.js
CHANGED
|
@@ -1,64 +1,64 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
-
exports.runSecurityAudit = runSecurityAudit;
|
|
4
|
-
/**
|
|
5
|
-
* npm audit wrapper for Pro/Pro+ security scanning.
|
|
6
|
-
*
|
|
7
|
-
* Runs `npm audit --json` in the project directory and extracts
|
|
8
|
-
* severity counts + a short summary for the verification report.
|
|
9
|
-
*/
|
|
10
|
-
const node_child_process_1 = require("node:child_process");
|
|
11
|
-
async function runSecurityAudit(cwd, timeoutMs = 30000) {
|
|
12
|
-
console.log(" Running security audit (npm audit)...");
|
|
13
|
-
return new Promise((resolve) => {
|
|
14
|
-
const chunks = [];
|
|
15
|
-
const proc = process.platform === "win32"
|
|
16
|
-
? (0, node_child_process_1.spawn)(process.env.ComSpec || "cmd.exe", ["/d", "/c", "npm audit --json"], {
|
|
17
|
-
stdio: ["ignore", "pipe", "pipe"],
|
|
18
|
-
cwd,
|
|
19
|
-
})
|
|
20
|
-
: (0, node_child_process_1.spawn)("npm", ["audit", "--json"], {
|
|
21
|
-
shell: true,
|
|
22
|
-
stdio: ["ignore", "pipe", "pipe"],
|
|
23
|
-
cwd,
|
|
24
|
-
});
|
|
25
|
-
const timer = setTimeout(() => {
|
|
26
|
-
try {
|
|
27
|
-
proc.kill();
|
|
28
|
-
}
|
|
29
|
-
catch { }
|
|
30
|
-
resolve({ totalVulnerabilities: 0, critical: 0, high: 0, moderate: 0, low: 0, summary: "Audit timed out" });
|
|
31
|
-
}, timeoutMs);
|
|
32
|
-
proc.stdout?.on("data", (chunk) => chunks.push(chunk.toString()));
|
|
33
|
-
proc.stderr?.on("data", () => { }); // ignore stderr
|
|
34
|
-
proc.on("exit", () => {
|
|
35
|
-
clearTimeout(timer);
|
|
36
|
-
const raw = chunks.join("");
|
|
37
|
-
try {
|
|
38
|
-
const json = JSON.parse(raw);
|
|
39
|
-
// npm audit v2 format
|
|
40
|
-
const meta = json.metadata?.vulnerabilities ?? json.vulnerabilities ?? {};
|
|
41
|
-
const critical = meta.critical ?? 0;
|
|
42
|
-
const high = meta.high ?? 0;
|
|
43
|
-
const moderate = meta.moderate ?? 0;
|
|
44
|
-
const low = meta.low ?? 0;
|
|
45
|
-
const total = critical + high + moderate + low;
|
|
46
|
-
const parts = [];
|
|
47
|
-
if (critical > 0)
|
|
48
|
-
parts.push(`${critical} critical`);
|
|
49
|
-
if (high > 0)
|
|
50
|
-
parts.push(`${high} high`);
|
|
51
|
-
if (moderate > 0)
|
|
52
|
-
parts.push(`${moderate} moderate`);
|
|
53
|
-
if (low > 0)
|
|
54
|
-
parts.push(`${low} low`);
|
|
55
|
-
const summary = total === 0 ? "No known vulnerabilities" : parts.join(", ");
|
|
56
|
-
console.log(` Security: ${summary}`);
|
|
57
|
-
resolve({ totalVulnerabilities: total, critical, high, moderate, low, summary });
|
|
58
|
-
}
|
|
59
|
-
catch {
|
|
60
|
-
resolve({ totalVulnerabilities: 0, critical: 0, high: 0, moderate: 0, low: 0, summary: "Audit parse failed" });
|
|
61
|
-
}
|
|
62
|
-
});
|
|
63
|
-
});
|
|
64
|
-
}
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.runSecurityAudit = runSecurityAudit;
|
|
4
|
+
/**
|
|
5
|
+
* npm audit wrapper for Pro/Pro+ security scanning.
|
|
6
|
+
*
|
|
7
|
+
* Runs `npm audit --json` in the project directory and extracts
|
|
8
|
+
* severity counts + a short summary for the verification report.
|
|
9
|
+
*/
|
|
10
|
+
const node_child_process_1 = require("node:child_process");
|
|
11
|
+
async function runSecurityAudit(cwd, timeoutMs = 30000) {
|
|
12
|
+
console.log(" Running security audit (npm audit)...");
|
|
13
|
+
return new Promise((resolve) => {
|
|
14
|
+
const chunks = [];
|
|
15
|
+
const proc = process.platform === "win32"
|
|
16
|
+
? (0, node_child_process_1.spawn)(process.env.ComSpec || "cmd.exe", ["/d", "/c", "npm audit --json"], {
|
|
17
|
+
stdio: ["ignore", "pipe", "pipe"],
|
|
18
|
+
cwd,
|
|
19
|
+
})
|
|
20
|
+
: (0, node_child_process_1.spawn)("npm", ["audit", "--json"], {
|
|
21
|
+
shell: true,
|
|
22
|
+
stdio: ["ignore", "pipe", "pipe"],
|
|
23
|
+
cwd,
|
|
24
|
+
});
|
|
25
|
+
const timer = setTimeout(() => {
|
|
26
|
+
try {
|
|
27
|
+
proc.kill();
|
|
28
|
+
}
|
|
29
|
+
catch { }
|
|
30
|
+
resolve({ totalVulnerabilities: 0, critical: 0, high: 0, moderate: 0, low: 0, summary: "Audit timed out" });
|
|
31
|
+
}, timeoutMs);
|
|
32
|
+
proc.stdout?.on("data", (chunk) => chunks.push(chunk.toString()));
|
|
33
|
+
proc.stderr?.on("data", () => { }); // ignore stderr
|
|
34
|
+
proc.on("exit", () => {
|
|
35
|
+
clearTimeout(timer);
|
|
36
|
+
const raw = chunks.join("");
|
|
37
|
+
try {
|
|
38
|
+
const json = JSON.parse(raw);
|
|
39
|
+
// npm audit v2 format
|
|
40
|
+
const meta = json.metadata?.vulnerabilities ?? json.vulnerabilities ?? {};
|
|
41
|
+
const critical = meta.critical ?? 0;
|
|
42
|
+
const high = meta.high ?? 0;
|
|
43
|
+
const moderate = meta.moderate ?? 0;
|
|
44
|
+
const low = meta.low ?? 0;
|
|
45
|
+
const total = critical + high + moderate + low;
|
|
46
|
+
const parts = [];
|
|
47
|
+
if (critical > 0)
|
|
48
|
+
parts.push(`${critical} critical`);
|
|
49
|
+
if (high > 0)
|
|
50
|
+
parts.push(`${high} high`);
|
|
51
|
+
if (moderate > 0)
|
|
52
|
+
parts.push(`${moderate} moderate`);
|
|
53
|
+
if (low > 0)
|
|
54
|
+
parts.push(`${low} low`);
|
|
55
|
+
const summary = total === 0 ? "No known vulnerabilities" : parts.join(", ");
|
|
56
|
+
console.log(` Security: ${summary}`);
|
|
57
|
+
resolve({ totalVulnerabilities: total, critical, high, moderate, low, summary });
|
|
58
|
+
}
|
|
59
|
+
catch {
|
|
60
|
+
resolve({ totalVulnerabilities: 0, critical: 0, high: 0, moderate: 0, low: 0, summary: "Audit parse failed" });
|
|
61
|
+
}
|
|
62
|
+
});
|
|
63
|
+
});
|
|
64
|
+
}
|
package/dist/serve.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
|
-
export declare class PortConflictError extends Error {
|
|
2
|
-
constructor(port: number);
|
|
3
|
-
}
|
|
4
|
-
export declare class DevServerTimeoutError extends Error {
|
|
5
|
-
constructor(port: number, timeoutSec: number);
|
|
6
|
-
}
|
|
7
|
-
export interface ServeResult {
|
|
8
|
-
pid: number;
|
|
9
|
-
port: number;
|
|
10
|
-
}
|
|
11
|
-
export declare function probeServerStatus(port: number): Promise<number | null>;
|
|
12
|
-
export declare function startDevServer(command: string, port: number, timeoutSec: number, cwd?: string): Promise<ServeResult>;
|
|
13
|
-
export declare function stopDevServer(pid: number): Promise<void>;
|
|
1
|
+
export declare class PortConflictError extends Error {
|
|
2
|
+
constructor(port: number);
|
|
3
|
+
}
|
|
4
|
+
export declare class DevServerTimeoutError extends Error {
|
|
5
|
+
constructor(port: number, timeoutSec: number);
|
|
6
|
+
}
|
|
7
|
+
export interface ServeResult {
|
|
8
|
+
pid: number;
|
|
9
|
+
port: number;
|
|
10
|
+
}
|
|
11
|
+
export declare function probeServerStatus(port: number): Promise<number | null>;
|
|
12
|
+
export declare function startDevServer(command: string, port: number, timeoutSec: number, cwd?: string): Promise<ServeResult>;
|
|
13
|
+
export declare function stopDevServer(pid: number): Promise<void>;
|