lockhawk 0.2.7 → 0.2.9

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/dist/index.js CHANGED
@@ -1,4 +1,4 @@
1
1
  #!/usr/bin/env node
2
- import{Command as c,Option as n}from"commander";var t=new c;t.name("lockhawk").description("Fast, free, accurate npm dependency vulnerability scanner (local + CI/CD), powered by OSV.dev").version("0.2.6");var a=["none","low","medium","high","critical"];t.command("scan",{isDefault:!0}).description("Scan a project for vulnerable dependencies").argument("[path]","project directory to scan",".").addOption(new n("-f, --format <format>","output format").choices(["table","json","sarif","html","junit"]).default("table")).option("-o, --output <file>","write the report to a file instead of stdout").addOption(new n("--severity-threshold <level>","minimum severity to report").choices(a)).addOption(new n("--fail-on <level>","minimum severity that causes a non-zero exit").choices(a).default("high")).option("--offline","use only the local offline database (no network)").option("--online","force live OSV.dev queries").option("--strict-network","fail the scan on network errors instead of degrading gracefully").option("--prod-only","ignore dev dependencies").option("--ignore <ids...>","advisory ids to suppress").option("--ignore-file <path>","path to a .lockhawkignore file").option("--cache-dir <dir>","override the cache directory").option("--cache-ttl <hours>","cache freshness window in hours",e=>Number(e)).option("--no-cache","bypass the on-disk cache").option("--concurrency <n>","max concurrent OSV requests",e=>Number(e)).action((e,o)=>import("./scan-X3WQY53T.js").then(i=>i.runScan(e,o)));var r=t.command("db").description("Manage the offline OSV database");r.command("update").description("Download or refresh the offline npm advisory database").option("--cache-dir <dir>","override the cache directory").option("--force","ignore conditional caching and re-download").action(e=>import("./db-FFGMJJW7.js").then(o=>o.runDbUpdate(e)));r.command("status").description("Show offline database freshness").option("--cache-dir <dir>","override the cache directory").action(e=>import("./db-FFGMJJW7.js").then(o=>o.runDbStatus(e)));r.command("path").description("Print the offline database directory").option("--cache-dir <dir>","override the cache directory").action(e=>import("./db-FFGMJJW7.js").then(o=>o.runDbPath(e)));t.command("report").description("Re-render a saved JSON result into another format").requiredOption("-i, --input <file>","path to a JSON scan result").addOption(new n("-f, --format <format>","output format").choices(["table","json","sarif","html","junit"]).default("html")).option("-o, --output <file>","write the report to a file instead of stdout").action(e=>import("./report-O5PRSFAL.js").then(o=>o.runReport(e)));t.command("serve").description("Run a scan and open an interactive dashboard locally").argument("[path]","project directory to scan",".").option("-i, --input <file>","serve a saved JSON result instead of scanning").option("-p, --port <port>","port to listen on",e=>Number(e),7777).option("--no-open","do not open the browser automatically").option("--offline","use only the local offline database").option("--online","force live OSV.dev queries").action((e,o)=>import("./serve-WIIUVGR4.js").then(i=>i.runServe(e,o)));t.parseAsync().catch(e=>{process.stderr.write(`lockhawk: ${e instanceof Error?e.message:String(e)}
2
+ import{Command as c,Option as n}from"commander";var t=new c;t.name("lockhawk").description("Fast, free, accurate npm dependency vulnerability scanner (local + CI/CD), powered by OSV.dev").version("0.2.8");var a=["none","low","medium","high","critical"];t.command("scan",{isDefault:!0}).description("Scan a project for vulnerable dependencies").argument("[path]","project directory to scan",".").addOption(new n("-f, --format <format>","output format").choices(["table","json","sarif","html","junit"]).default("table")).option("-o, --output <file>","write the report to a file instead of stdout").addOption(new n("--severity-threshold <level>","minimum severity to report").choices(a)).addOption(new n("--fail-on <level>","minimum severity that causes a non-zero exit").choices(a).default("high")).option("--offline","use only the local offline database (no network)").option("--online","force live OSV.dev queries").option("--strict-network","fail the scan on network errors instead of degrading gracefully").option("--prod-only","ignore dev dependencies").option("--ignore <ids...>","advisory ids to suppress").option("--ignore-file <path>","path to a .lockhawkignore file").option("--cache-dir <dir>","override the cache directory").option("--cache-ttl <hours>","cache freshness window in hours",e=>Number(e)).option("--no-cache","bypass the on-disk cache").option("--concurrency <n>","max concurrent OSV requests",e=>Number(e)).action((e,o)=>import("./scan-X3WQY53T.js").then(i=>i.runScan(e,o)));var r=t.command("db").description("Manage the offline OSV database");r.command("update").description("Download or refresh the offline npm advisory database").option("--cache-dir <dir>","override the cache directory").option("--force","ignore conditional caching and re-download").action(e=>import("./db-FFGMJJW7.js").then(o=>o.runDbUpdate(e)));r.command("status").description("Show offline database freshness").option("--cache-dir <dir>","override the cache directory").action(e=>import("./db-FFGMJJW7.js").then(o=>o.runDbStatus(e)));r.command("path").description("Print the offline database directory").option("--cache-dir <dir>","override the cache directory").action(e=>import("./db-FFGMJJW7.js").then(o=>o.runDbPath(e)));t.command("report").description("Re-render a saved JSON result into another format").requiredOption("-i, --input <file>","path to a JSON scan result").addOption(new n("-f, --format <format>","output format").choices(["table","json","sarif","html","junit"]).default("html")).option("-o, --output <file>","write the report to a file instead of stdout").action(e=>import("./report-O5PRSFAL.js").then(o=>o.runReport(e)));t.command("serve").description("Run a scan and open an interactive dashboard locally").argument("[path]","project directory to scan",".").option("-i, --input <file>","serve a saved JSON result instead of scanning").option("-p, --port <port>","port to listen on",e=>Number(e),7777).option("--no-open","do not open the browser automatically").option("--offline","use only the local offline database").option("--online","force live OSV.dev queries").option("--cache-dir <dir>","override the cache directory").option("--cache-ttl <hours>","cache freshness window in hours",e=>Number(e)).option("--cache","reuse the on-disk OSV cache (serve scans fresh by default)").option("--no-cache","scan fresh, bypassing the on-disk cache (the default)").action((e,o)=>import("./serve-XUY7WB73.js").then(i=>i.runServe(e,o)));t.parseAsync().catch(e=>{process.stderr.write(`lockhawk: ${e instanceof Error?e.message:String(e)}
3
3
  `),process.exitCode=3});
4
4
  //# sourceMappingURL=index.js.map
@@ -0,0 +1,8 @@
1
+ #!/usr/bin/env node
2
+ import{a as s}from"./chunk-IJMHOVBV.js";import{createServer as l}from"http";import{readFileSync as p}from"fs";import{resolve as u}from"path";import m from"open";import{scan as d,toHtml as f,toJson as h}from"@lockhawk/core";function g(o,e){let t=e.offline?"offline":e.online?"online":"auto";return{path:u(o||"."),mode:t,cacheDir:e.cacheDir,cacheTtlHours:e.cacheTtl,noCache:e.cache!==!0}}async function O(o,e){let t;e.input?t=JSON.parse(p(e.input,"utf8")):(process.stderr.write(`Scanning\u2026
3
+ `),t=await d(g(o,e)));let n=f(t,await s()),r=h(t),c=l(S(n,r)),a=e.port??7777;c.listen(a,"127.0.0.1",()=>{let i=`http://localhost:${a}`;process.stderr.write(`
4
+ lockhawk dashboard running at ${i}
5
+ ${$(t)}
6
+ Press Ctrl+C to stop.
7
+ `),e.open!==!1&&m(i).catch(()=>{})})}function S(o,e){return(t,n)=>{if(n.setHeader("cache-control","no-store, max-age=0"),n.setHeader("x-content-type-options","nosniff"),!v(t.headers?.host)){n.statusCode=403,n.end("Forbidden");return}if(((t.url??"").split("?")[0]??"")==="/api/result"){n.setHeader("content-type","application/json"),n.end(e);return}n.setHeader("content-type","text/html; charset=utf-8"),n.end(o)}}function v(o){if(!o)return!1;let e=o.replace(/:\d+$/,"").toLowerCase();return e==="localhost"||e==="127.0.0.1"||e==="[::1]"||e==="::1"}function $(o){let e=o.stats.uniquePackages,t=`across ${e} ${e===1?"package":"packages"}`,n=o.summary;return n.total===0?`\u2713 No known vulnerabilities found ${t}.`:`${n.total} findings ${t} \u2014 ${n.critical} critical, ${n.high} high, ${n.medium} medium, ${n.low} low.`}export{S as createDashboardHandler,v as isLoopbackHost,O as runServe,g as serveScanOptions,$ as summaryLine};
8
+ //# sourceMappingURL=serve-XUY7WB73.js.map
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "lockhawk",
3
- "version": "0.2.7",
3
+ "version": "0.2.9",
4
4
  "description": "Fast, free, accurate npm dependency vulnerability scanner for local + CI/CD with an interactive HTML dashboard and SARIF/JUnit output, powered by OSV.dev",
5
5
  "license": "MIT",
6
6
  "type": "module",
@@ -63,7 +63,7 @@
63
63
  "cosmiconfig": "^9.0.0",
64
64
  "open": "^10.1.0",
65
65
  "ora": "^8.1.1",
66
- "@lockhawk/core": "0.2.7"
66
+ "@lockhawk/core": "0.2.9"
67
67
  },
68
68
  "devDependencies": {
69
69
  "@types/node": "^22.10.2",
@@ -1,8 +0,0 @@
1
- #!/usr/bin/env node
2
- import{a as s}from"./chunk-IJMHOVBV.js";import{createServer as l}from"http";import{readFileSync as p}from"fs";import{resolve as u}from"path";import m from"open";import{scan as d,toHtml as f,toJson as h}from"@lockhawk/core";async function k(t,e){let o;if(e.input)o=JSON.parse(p(e.input,"utf8"));else{let r=e.offline?"offline":e.online?"online":"auto";process.stderr.write(`Scanning\u2026
3
- `),o=await d({path:u(t||"."),mode:r})}let n=f(o,await s()),i=h(o),c=l(g(n,i)),a=e.port??7777;c.listen(a,"127.0.0.1",()=>{let r=`http://localhost:${a}`;process.stderr.write(`
4
- lockhawk dashboard running at ${r}
5
- ${v(o)}
6
- Press Ctrl+C to stop.
7
- `),e.open!==!1&&m(r).catch(()=>{})})}function g(t,e){return(o,n)=>{if(n.setHeader("cache-control","no-store, max-age=0"),n.setHeader("x-content-type-options","nosniff"),!S(o.headers?.host)){n.statusCode=403,n.end("Forbidden");return}if(((o.url??"").split("?")[0]??"")==="/api/result"){n.setHeader("content-type","application/json"),n.end(e);return}n.setHeader("content-type","text/html; charset=utf-8"),n.end(t)}}function S(t){if(!t)return!1;let e=t.replace(/:\d+$/,"").toLowerCase();return e==="localhost"||e==="127.0.0.1"||e==="[::1]"||e==="::1"}function v(t){let e=t.summary;return e.total===0?"\u2713 No known vulnerabilities found.":`${e.total} findings \u2014 ${e.critical} critical, ${e.high} high, ${e.medium} medium, ${e.low} low.`}export{g as createDashboardHandler,S as isLoopbackHost,k as runServe};
8
- //# sourceMappingURL=serve-WIIUVGR4.js.map