npxconfuse 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +462 -0
- package/bin/cli.js +280 -0
- package/package.json +47 -0
- package/src/analyzer.js +167 -0
- package/src/extractors/js-bundle.js +147 -0
- package/src/extractors/package-json.js +162 -0
- package/src/formatters/csv.js +39 -0
- package/src/formatters/json.js +11 -0
- package/src/formatters/table.js +144 -0
- package/src/registries/npm.js +185 -0
- package/src/sources/github.js +142 -0
- package/src/sources/local.js +117 -0
- package/src/sources/web.js +182 -0
- package/src/utils/constants.js +181 -0
- package/src/utils/http.js +179 -0
- package/src/utils/logger.js +83 -0
|
@@ -0,0 +1,83 @@
|
|
|
1
|
+
import chalk from "chalk";
|
|
2
|
+
|
|
3
|
+
/**
|
|
4
|
+
* Structured logger with leveled output and color coding.
|
|
5
|
+
*/
|
|
6
|
+
|
|
7
|
+
let verboseEnabled = false;
|
|
8
|
+
|
|
9
|
+
export function setVerbose(enabled) {
|
|
10
|
+
verboseEnabled = enabled;
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
export function isVerbose() {
|
|
14
|
+
return verboseEnabled;
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
const logger = {
|
|
18
|
+
/**
|
|
19
|
+
* Debug-level message, only shown when --verbose is set
|
|
20
|
+
*/
|
|
21
|
+
debug(...args) {
|
|
22
|
+
if (verboseEnabled) {
|
|
23
|
+
console.error(chalk.gray("[DEBUG]"), ...args);
|
|
24
|
+
}
|
|
25
|
+
},
|
|
26
|
+
|
|
27
|
+
/**
|
|
28
|
+
* Informational message
|
|
29
|
+
*/
|
|
30
|
+
info(...args) {
|
|
31
|
+
console.error(chalk.blue("ℹ"), ...args);
|
|
32
|
+
},
|
|
33
|
+
|
|
34
|
+
/**
|
|
35
|
+
* Success message
|
|
36
|
+
*/
|
|
37
|
+
success(...args) {
|
|
38
|
+
console.error(chalk.green("✔"), ...args);
|
|
39
|
+
},
|
|
40
|
+
|
|
41
|
+
/**
|
|
42
|
+
* Warning message
|
|
43
|
+
*/
|
|
44
|
+
warn(...args) {
|
|
45
|
+
console.error(chalk.yellow("⚠"), ...args);
|
|
46
|
+
},
|
|
47
|
+
|
|
48
|
+
/**
|
|
49
|
+
* Error message
|
|
50
|
+
*/
|
|
51
|
+
error(...args) {
|
|
52
|
+
console.error(chalk.red("✖"), ...args);
|
|
53
|
+
},
|
|
54
|
+
|
|
55
|
+
/**
|
|
56
|
+
* Styled banner for tool startup
|
|
57
|
+
*/
|
|
58
|
+
banner() {
|
|
59
|
+
const banner = `
|
|
60
|
+
${chalk.red("┌──────────────────────────────────────────────────┐")}
|
|
61
|
+
${chalk.red("│")} ${chalk.bold.white("npxconfuse")} ${chalk.gray("— npx confusion vulnerability scanner")} ${chalk.red("│")}
|
|
62
|
+
${chalk.red("│")} ${chalk.gray("Based on Lupin & Holmes research (2024-2026)")} ${chalk.red("│")}
|
|
63
|
+
${chalk.red("└──────────────────────────────────────────────────┘")}`;
|
|
64
|
+
console.error(banner);
|
|
65
|
+
},
|
|
66
|
+
|
|
67
|
+
/**
|
|
68
|
+
* Section header
|
|
69
|
+
*/
|
|
70
|
+
section(title) {
|
|
71
|
+
console.error("");
|
|
72
|
+
console.error(chalk.bold.underline(title));
|
|
73
|
+
},
|
|
74
|
+
|
|
75
|
+
/**
|
|
76
|
+
* Dimmed helper text
|
|
77
|
+
*/
|
|
78
|
+
dim(...args) {
|
|
79
|
+
console.error(chalk.dim(...args));
|
|
80
|
+
},
|
|
81
|
+
};
|
|
82
|
+
|
|
83
|
+
export default logger;
|