opena2a-cli 0.1.0

package/dist/util/format.js

@@ -0,0 +1,49 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.severityColor = severityColor;
+exports.severityLabel = severityLabel;
+exports.formatCount = formatCount;
+exports.formatDuration = formatDuration;
+exports.table = table;
+const colors_js_1 = require("./colors.js");
+function severityColor(severity) {
+    switch (severity) {
+        case 'critical': return colors_js_1.red;
+        case 'high': return colors_js_1.red;
+        case 'medium': return colors_js_1.yellow;
+        case 'low': return colors_js_1.cyan;
+        default: return colors_js_1.gray;
+    }
+}
+function severityLabel(severity) {
+    return severityColor(severity)(severity.toUpperCase());
+}
+function formatCount(count, label) {
+    if (count === 0)
+        return (0, colors_js_1.green)(`0 ${label}`);
+    return (0, colors_js_1.bold)(`${count} ${label}`);
+}
+function formatDuration(ms) {
+    if (ms < 1000)
+        return `${ms}ms`;
+    if (ms < 60000)
+        return `${(ms / 1000).toFixed(1)}s`;
+    const mins = Math.floor(ms / 60000);
+    const secs = Math.floor((ms % 60000) / 1000);
+    return `${mins}m ${secs}s`;
+}
+function table(rows, headers) {
+    const allRows = headers ? [headers, ...rows] : rows;
+    const colWidths = allRows[0].map((_, i) => Math.max(...allRows.map(row => (row[i] ?? '').length)));
+    const lines = [];
+    for (let r = 0; r < allRows.length; r++) {
+        const row = allRows[r];
+        const cells = row.map((cell, i) => cell.padEnd(colWidths[i]));
+        lines.push(cells.join('  '));
+        if (r === 0 && headers) {
+            lines.push(colWidths.map(w => '-'.repeat(w)).join('  '));
+        }
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=format.js.map

package/dist/util/format.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"format.js","sourceRoot":"","sources":["../../src/util/format.ts"],"names":[],"mappings":";;AAEA,sCAQC;AAED,sCAEC;AAED,kCAGC;AAED,wCAMC;AAED,sBAiBC;AA9CD,2CAAmE;AAEnE,SAAgB,aAAa,CAAC,QAAgB;IAC5C,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU,CAAC,CAAC,OAAO,eAAG,CAAC;QAC5B,KAAK,MAAM,CAAC,CAAC,OAAO,eAAG,CAAC;QACxB,KAAK,QAAQ,CAAC,CAAC,OAAO,kBAAM,CAAC;QAC7B,KAAK,KAAK,CAAC,CAAC,OAAO,gBAAI,CAAC;QACxB,OAAO,CAAC,CAAC,OAAO,gBAAI,CAAC;IACvB,CAAC;AACH,CAAC;AAED,SAAgB,aAAa,CAAC,QAAgB;IAC5C,OAAO,aAAa,CAAC,QAAQ,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;AACzD,CAAC;AAED,SAAgB,WAAW,CAAC,KAAa,EAAE,KAAa;IACtD,IAAI,KAAK,KAAK,CAAC;QAAE,OAAO,IAAA,iBAAK,EAAC,KAAK,KAAK,EAAE,CAAC,CAAC;IAC5C,OAAO,IAAA,gBAAI,EAAC,GAAG,KAAK,IAAI,KAAK,EAAE,CAAC,CAAC;AACnC,CAAC;AAED,SAAgB,cAAc,CAAC,EAAU;IACvC,IAAI,EAAE,GAAG,IAAI;QAAE,OAAO,GAAG,EAAE,IAAI,CAAC;IAChC,IAAI,EAAE,GAAG,KAAK;QAAE,OAAO,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC;IACpD,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7C,OAAO,GAAG,IAAI,KAAK,IAAI,GAAG,CAAC;AAC7B,CAAC;AAED,SAAgB,KAAK,CAAC,IAAgB,EAAE,OAAkB;IACxD,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACpD,MAAM,SAAS,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACxC,IAAI,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CACvD,CAAC;IAEF,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACvB,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC9D,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7B,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,EAAE,CAAC;YACvB,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/util/report-submission.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Scan report submission -- shares detailed scan findings with the OpenA2A Registry
+ * when the user has opted in via `opena2a config contribute on`.
+ *
+ * This enables the community intelligence loop:
+ * 1. User scans a tool with HMA
+ * 2. Findings are shared (opt-in) with the registry
+ * 3. Registry aggregates data and generates advisories
+ * 4. Other users see advisories via `opena2a init` and `opena2a verify`
+ *
+ * Contribution prompting is delayed until after the user has run 3+ scans,
+ * so they see value before being asked to share.
+ */
+export interface ScanFinding {
+    findingId: string;
+    severity: string;
+    category: string;
+    title: string;
+    description?: string;
+    cweId?: number;
+    filePath?: string;
+    lineNumber?: number;
+    autoFixable?: boolean;
+}
+export interface ScanReport {
+    /** Package name being scanned */
+    packageName: string;
+    /** Package version */
+    packageVersion?: string;
+    /** Package type (npm, pypi, go, mcp_server, a2a_agent) */
+    packageType?: string;
+    /** Scanner name */
+    scannerName: string;
+    /** Scanner version */
+    scannerVersion: string;
+    /** Overall score (0-100) */
+    overallScore: number;
+    /** Scan duration in ms */
+    scanDurationMs: number;
+    /** Finding counts by severity */
+    criticalCount: number;
+    highCount: number;
+    mediumCount: number;
+    lowCount: number;
+    infoCount: number;
+    /** Overall verdict */
+    verdict: string;
+    /** Detailed findings */
+    findings: ScanFinding[];
+    /** MCP tool names detected */
+    mcpTools?: string[];
+    /** A2A agent card fields detected */
+    a2aCapabilities?: string[];
+}
+export declare function submitScanReport(registryUrl: string, report: ScanReport, verbose?: boolean): Promise<boolean>;
+export declare function isContributeEnabled(): Promise<boolean>;
+export declare function getRegistryUrl(): Promise<string>;
+/**
+ * Record that a scan was completed and conditionally show the contribute prompt.
+ * Only prompts after 3+ scans, and not if the user already opted in or recently
+ * dismissed the prompt. This lets us demonstrate value first.
+ */
+export declare function recordScanAndMaybePrompt(): Promise<void>;
+//# sourceMappingURL=report-submission.d.ts.map

package/dist/util/report-submission.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"report-submission.d.ts","sourceRoot":"","sources":["../../src/util/report-submission.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAMH,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,sBAAsB;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,0DAA0D;IAC1D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mBAAmB;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,4BAA4B;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,0BAA0B;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,iCAAiC;IACjC,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,sBAAsB;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,wBAAwB;IACxB,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,8BAA8B;IAC9B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,qCAAqC;IACrC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B;AAID,wBAAsB,gBAAgB,CACpC,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,UAAU,EAClB,OAAO,CAAC,EAAE,OAAO,GAChB,OAAO,CAAC,OAAO,CAAC,CAqClB;AASD,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC,CAO5D;AAED,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAQtD;AAED;;;;GAIG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC,CAa9D"}

package/dist/util/report-submission.js

@@ -0,0 +1,109 @@
+"use strict";
+/**
+ * Scan report submission -- shares detailed scan findings with the OpenA2A Registry
+ * when the user has opted in via `opena2a config contribute on`.
+ *
+ * This enables the community intelligence loop:
+ * 1. User scans a tool with HMA
+ * 2. Findings are shared (opt-in) with the registry
+ * 3. Registry aggregates data and generates advisories
+ * 4. Other users see advisories via `opena2a init` and `opena2a verify`
+ *
+ * Contribution prompting is delayed until after the user has run 3+ scans,
+ * so they see value before being asked to share.
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.submitScanReport = submitScanReport;
+exports.isContributeEnabled = isContributeEnabled;
+exports.getRegistryUrl = getRegistryUrl;
+exports.recordScanAndMaybePrompt = recordScanAndMaybePrompt;
+const colors_js_1 = require("./colors.js");
+// --- Submission ---
+async function submitScanReport(registryUrl, report, verbose) {
+    try {
+        const url = `${registryUrl}/api/v1/trust/scan-report`;
+        const response = await fetch(url, {
+            method: 'POST',
+            headers: {
+                'Content-Type': 'application/json',
+                'Accept': 'application/json',
+            },
+            body: JSON.stringify({
+                ...report,
+                submittedAt: new Date().toISOString(),
+                clientVersion: '0.1.0',
+            }),
+            signal: AbortSignal.timeout(10_000),
+        });
+        if (response.ok) {
+            if (verbose) {
+                process.stderr.write((0, colors_js_1.dim)('Scan report shared with OpenA2A community.\n'));
+            }
+            return true;
+        }
+        // If the endpoint doesn't exist yet (404), that's fine
+        if (response.status === 404) {
+            if (verbose) {
+                process.stderr.write((0, colors_js_1.dim)('Registry scan-report endpoint not available yet.\n'));
+            }
+            return false;
+        }
+        return false;
+    }
+    catch {
+        // Network errors are non-critical
+        return false;
+    }
+}
+// --- Config helpers (dynamic import to avoid circular deps) ---
+async function loadShared() {
+    const shared = await Function('return import("@opena2a/shared")')();
+    return 'default' in shared ? shared.default : shared;
+}
+async function isContributeEnabled() {
+    try {
+        const mod = await loadShared();
+        return mod.isContributeEnabled();
+    }
+    catch {
+        return false;
+    }
+}
+async function getRegistryUrl() {
+    try {
+        const mod = await loadShared();
+        const config = mod.loadUserConfig();
+        return config.registry?.url ?? 'https://registry.opena2a.org';
+    }
+    catch {
+        return 'https://registry.opena2a.org';
+    }
+}
+/**
+ * Record that a scan was completed and conditionally show the contribute prompt.
+ * Only prompts after 3+ scans, and not if the user already opted in or recently
+ * dismissed the prompt. This lets us demonstrate value first.
+ */
+async function recordScanAndMaybePrompt() {
+    try {
+        const mod = await loadShared();
+        mod.incrementScanCount();
+        if (mod.shouldPromptContribute()) {
+            printContributePrompt();
+            // Mark as shown so it doesn't repeat every scan
+            mod.dismissContributePrompt();
+        }
+    }
+    catch {
+        // Non-critical
+    }
+}
+function printContributePrompt() {
+    process.stderr.write('\n');
+    process.stderr.write((0, colors_js_1.cyan)('  Your scans help the community detect unsafe tools.\n'));
+    process.stderr.write((0, colors_js_1.dim)('  Share anonymized scan reports with the OpenA2A registry?\n'));
+    process.stderr.write((0, colors_js_1.dim)('  Enable:  ') + (0, colors_js_1.yellow)('opena2a config contribute on') + '\n');
+    process.stderr.write((0, colors_js_1.dim)('  Details: https://opena2a.org/telemetry\n'));
+    process.stderr.write('\n');
+}
+//# sourceMappingURL=report-submission.js.map

package/dist/util/report-submission.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"report-submission.js","sourceRoot":"","sources":["../../src/util/report-submission.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;AAmDH,4CAyCC;AASD,kDAOC;AAED,wCAQC;AAOD,4DAaC;AAxID,2CAAgD;AA+ChD,qBAAqB;AAEd,KAAK,UAAU,gBAAgB,CACpC,WAAmB,EACnB,MAAkB,EAClB,OAAiB;IAEjB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,GAAG,WAAW,2BAA2B,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,kBAAkB;aAC7B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,GAAG,MAAM;gBACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACrC,aAAa,EAAE,OAAO;aACvB,CAAC;YACF,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;SACpC,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,8CAA8C,CAAC,CAAC,CAAC;YAC5E,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uDAAuD;QACvD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,oDAAoD,CAAC,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACP,kCAAkC;QAClC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,iEAAiE;AAEjE,KAAK,UAAU,UAAU;IACvB,MAAM,MAAM,GAAG,MAAO,QAAQ,CAAC,kCAAkC,CAAC,EAAmB,CAAC;IACtF,OAAO,SAAS,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;AACvD,CAAC;AAEM,KAAK,UAAU,mBAAmB;IACvC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,EAAE,CAAC;QAC/B,OAAO,GAAG,CAAC,mBAAmB,EAAE,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,cAAc;IAClC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,GAAG,CAAC,cAAc,EAAE,CAAC;QACpC,OAAO,MAAM,CAAC,QAAQ,EAAE,GAAG,IAAI,8BAA8B,CAAC;IAChE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,8BAA8B,CAAC;IACxC,CAAC;AACH,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,wBAAwB;IAC5C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,EAAE,CAAC;QAC/B,GAAG,CAAC,kBAAkB,EAAE,CAAC;QAEzB,IAAI,GAAG,CAAC,sBAAsB,EAAE,EAAE,CAAC;YACjC,qBAAqB,EAAE,CAAC;YACxB,gDAAgD;YAChD,GAAG,CAAC,uBAAuB,EAAE,CAAC;QAChC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,eAAe;IACjB,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB;IAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,gBAAI,EAAC,wDAAwD,CAAC,CAAC,CAAC;IACrF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,8DAA8D,CAAC,CAAC,CAAC;IAC1F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,aAAa,CAAC,GAAG,IAAA,kBAAM,EAAC,8BAA8B,CAAC,GAAG,IAAI,CAAC,CAAC;IACzF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,4CAA4C,CAAC,CAAC,CAAC;IACxE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC"}

package/dist/util/spinner.d.ts

@@ -0,0 +1,10 @@
+export declare class Spinner {
+    private intervalId;
+    private frameIndex;
+    private message;
+    constructor(message: string);
+    start(): void;
+    stop(finalMessage?: string): void;
+    update(message: string): void;
+}
+//# sourceMappingURL=spinner.d.ts.map

package/dist/util/spinner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"spinner.d.ts","sourceRoot":"","sources":["../../src/util/spinner.ts"],"names":[],"mappings":"AAEA,qBAAa,OAAO;IAClB,OAAO,CAAC,UAAU,CAA+C;IACjE,OAAO,CAAC,UAAU,CAAK;IACvB,OAAO,CAAC,OAAO,CAAS;gBAEZ,OAAO,EAAE,MAAM;IAI3B,KAAK,IAAI,IAAI;IASb,IAAI,CAAC,YAAY,CAAC,EAAE,MAAM,GAAG,IAAI;IAajC,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI;CAG9B"}

package/dist/util/spinner.js

@@ -0,0 +1,38 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Spinner = void 0;
+const FRAMES = ['|', '/', '-', '\\'];
+class Spinner {
+    intervalId = null;
+    frameIndex = 0;
+    message;
+    constructor(message) {
+        this.message = message;
+    }
+    start() {
+        if (!process.stderr.isTTY)
+            return;
+        this.intervalId = setInterval(() => {
+            const frame = FRAMES[this.frameIndex % FRAMES.length];
+            process.stderr.write(`\r${frame} ${this.message}`);
+            this.frameIndex++;
+        }, 100);
+    }
+    stop(finalMessage) {
+        if (this.intervalId) {
+            clearInterval(this.intervalId);
+            this.intervalId = null;
+        }
+        if (process.stderr.isTTY) {
+            process.stderr.write('\r' + ' '.repeat(this.message.length + 4) + '\r');
+        }
+        if (finalMessage) {
+            process.stderr.write(finalMessage + '\n');
+        }
+    }
+    update(message) {
+        this.message = message;
+    }
+}
+exports.Spinner = Spinner;
+//# sourceMappingURL=spinner.js.map

package/dist/util/spinner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"spinner.js","sourceRoot":"","sources":["../../src/util/spinner.ts"],"names":[],"mappings":";;;AAAA,MAAM,MAAM,GAAG,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC;AAErC,MAAa,OAAO;IACV,UAAU,GAA0C,IAAI,CAAC;IACzD,UAAU,GAAG,CAAC,CAAC;IACf,OAAO,CAAS;IAExB,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,KAAK;QACH,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK;YAAE,OAAO;QAClC,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE;YACjC,MAAM,KAAK,GAAG,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;YACtD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,KAAK,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YACnD,IAAI,CAAC,UAAU,EAAE,CAAC;QACpB,CAAC,EAAE,GAAG,CAAC,CAAC;IACV,CAAC;IAED,IAAI,CAAC,YAAqB;QACxB,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/B,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACzB,CAAC;QACD,IAAI,OAAO,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACzB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,MAAM,CAAC,OAAe;QACpB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;CACF;AAlCD,0BAkCC"}

package/dist/util/version.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Read the CLI version from package.json. Result is cached after first call.
+ */
+export declare function getVersion(): string;
+//# sourceMappingURL=version.d.ts.map

package/dist/util/version.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../../src/util/version.ts"],"names":[],"mappings":"AAKA;;GAEG;AACH,wBAAgB,UAAU,IAAI,MAAM,CAWnC"}

package/dist/util/version.js

@@ -0,0 +1,24 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getVersion = getVersion;
+const node_fs_1 = require("node:fs");
+const node_path_1 = require("node:path");
+let cached = null;
+/**
+ * Read the CLI version from package.json. Result is cached after first call.
+ */
+function getVersion() {
+    if (cached)
+        return cached;
+    try {
+        // From dist/util/ or src/util/, walk up to the package root
+        const pkgPath = (0, node_path_1.resolve)(__dirname, '..', '..', 'package.json');
+        const pkg = JSON.parse((0, node_fs_1.readFileSync)(pkgPath, 'utf-8'));
+        cached = pkg.version ?? '0.0.0';
+    }
+    catch {
+        cached = '0.0.0';
+    }
+    return cached;
+}
+//# sourceMappingURL=version.js.map

package/dist/util/version.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.js","sourceRoot":"","sources":["../../src/util/version.ts"],"names":[],"mappings":";;AAQA,gCAWC;AAnBD,qCAAuC;AACvC,yCAAoC;AAEpC,IAAI,MAAM,GAAkB,IAAI,CAAC;AAEjC;;GAEG;AACH,SAAgB,UAAU;IACxB,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAC1B,IAAI,CAAC;QACH,4DAA4D;QAC5D,MAAM,OAAO,GAAG,IAAA,mBAAO,EAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QAC/D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,IAAA,sBAAY,EAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;QACvD,MAAM,GAAG,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,GAAG,OAAO,CAAC;IACnB,CAAC;IACD,OAAO,MAAO,CAAC;AACjB,CAAC"}

package/package.json

@@ -0,0 +1,47 @@
+{
+  "name": "opena2a-cli",
+  "version": "0.1.0",
+  "description": "Unified CLI for the OpenA2A security platform",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "opena2a": "dist/index.js"
+  },
+  "scripts": {
+    "build": "tsc && cp src/semantic/command-index.json dist/semantic/",
+    "test": "vitest run",
+    "lint": "tsc --noEmit",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist",
+    "dev": "tsc --watch"
+  },
+  "dependencies": {
+    "@opena2a/shared": "0.1.0",
+    "commander": "^13.1.0",
+    "@inquirer/prompts": "^7.0.0"
+  },
+  "devDependencies": {
+    "typescript": "^5.7.0",
+    "vitest": "^3.0.0",
+    "@types/node": "^22.0.0"
+  },
+  "files": ["dist"],
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "license": "Apache-2.0",
+  "repository": {
+    "type": "git",
+    "url": "https://github.com/opena2a-org/opena2a.git",
+    "directory": "packages/cli"
+  },
+  "keywords": [
+    "ai",
+    "agent",
+    "security",
+    "scanner",
+    "mcp",
+    "credentials",
+    "identity"
+  ]
+}