opena2a-cli 0.8.8 → 0.8.10
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -4
- package/dist/commands/atp-types.d.ts +12 -1
- package/dist/commands/atp-types.d.ts.map +1 -1
- package/dist/commands/baselines.d.ts.map +1 -1
- package/dist/commands/baselines.js +14 -6
- package/dist/commands/baselines.js.map +1 -1
- package/dist/commands/claim.d.ts.map +1 -1
- package/dist/commands/claim.js +17 -7
- package/dist/commands/claim.js.map +1 -1
- package/dist/commands/detect.js +1 -1
- package/dist/commands/detect.js.map +1 -1
- package/dist/commands/gcp-sm-migration.js +1 -1
- package/dist/commands/gcp-sm-migration.js.map +1 -1
- package/dist/commands/identity.d.ts.map +1 -1
- package/dist/commands/identity.js +41 -2
- package/dist/commands/identity.js.map +1 -1
- package/dist/commands/onepassword-migration.js +1 -1
- package/dist/commands/onepassword-migration.js.map +1 -1
- package/dist/commands/protect.js +3 -3
- package/dist/commands/protect.js.map +1 -1
- package/dist/commands/review.d.ts +23 -1
- package/dist/commands/review.d.ts.map +1 -1
- package/dist/commands/review.js +85 -16
- package/dist/commands/review.js.map +1 -1
- package/dist/commands/runtime.js +1 -1
- package/dist/commands/runtime.js.map +1 -1
- package/dist/commands/self-register.d.ts.map +1 -1
- package/dist/commands/self-register.js +14 -6
- package/dist/commands/self-register.js.map +1 -1
- package/dist/commands/trust.d.ts +5 -0
- package/dist/commands/trust.d.ts.map +1 -1
- package/dist/commands/trust.js +118 -11
- package/dist/commands/trust.js.map +1 -1
- package/dist/commands/vault-migration.js +1 -1
- package/dist/commands/vault-migration.js.map +1 -1
- package/dist/commands/verify.d.ts.map +1 -1
- package/dist/commands/verify.js +13 -5
- package/dist/commands/verify.js.map +1 -1
- package/dist/index.js +1 -1
- package/dist/index.js.map +1 -1
- package/dist/report/review-html.d.ts +1 -1
- package/dist/report/review-html.d.ts.map +1 -1
- package/dist/report/review-html.js +9 -10
- package/dist/report/review-html.js.map +1 -1
- package/dist/util/advisories.d.ts.map +1 -1
- package/dist/util/advisories.js +2 -0
- package/dist/util/advisories.js.map +1 -1
- package/dist/util/registry-enrichment.d.ts.map +1 -1
- package/dist/util/registry-enrichment.js +2 -0
- package/dist/util/registry-enrichment.js.map +1 -1
- package/dist/util/report-submission.d.ts.map +1 -1
- package/dist/util/report-submission.js +7 -2
- package/dist/util/report-submission.js.map +1 -1
- package/dist/util/validate-registry-url.d.ts +15 -0
- package/dist/util/validate-registry-url.d.ts.map +1 -0
- package/dist/util/validate-registry-url.js +36 -0
- package/dist/util/validate-registry-url.js.map +1 -0
- package/package.json +1 -1
- package/dist/lib/registry-client.d.ts +0 -59
- package/dist/lib/registry-client.d.ts.map +0 -1
- package/dist/lib/registry-client.js +0 -169
- package/dist/lib/registry-client.js.map +0 -1
- package/dist/util/drift-liveness.d.ts +0 -37
- package/dist/util/drift-liveness.d.ts.map +0 -1
- package/dist/util/drift-liveness.js +0 -114
- package/dist/util/drift-liveness.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"advisories.js","sourceRoot":"","sources":["../../src/util/advisories.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"advisories.js","sourceRoot":"","sources":["../../src/util/advisories.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+KH,0CAmDC;AAID,sDAwBC;AA5PD,4CAA8B;AAC9B,gDAAkC;AAClC,2CAAmE;AACnE,yEAAiE;AA2CjE,gBAAgB;AAEhB,MAAM,SAAS,GAAG,gBAAgB,CAAC;AACnC,MAAM,UAAU,GAAG,iBAAiB,CAAC;AACrC,MAAM,YAAY,GAAG,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,YAAY;AAOhD,SAAS,YAAY,CAAC,GAAW;IAC/B,OAAO,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;AAC/C,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IACpC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAChD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAqB,CAAC;QACnD,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC,SAAS,GAAG,YAAY,EAAE,CAAC;YACjD,OAAO,MAAM,CAAC;QAChB,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,kBAAkB;IACpB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,GAAW,EAAE,IAAsB;IACrD,MAAM,SAAS,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACzC,IAAI,CAAC;QACH,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5C,EAAE,CAAC,aAAa,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC;YACzC,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,IAAI;SACe,CAAC,EAAE,OAAO,CAAC,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,sCAAsC;IACxC,CAAC;AACH,CAAC;AAED,gBAAgB;AAEhB,KAAK,UAAU,eAAe,CAAC,WAAmB;IAChD,IAAI,CAAC;QACH,IAAA,8CAAmB,EAAC,WAAW,CAAC,CAAC;QACjC,yCAAyC;QACzC,MAAM,KAAK,GAAG,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QAC1F,MAAM,GAAG,GAAG,GAAG,WAAW,kCAAkC,KAAK,YAAY,CAAC;QAC9E,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE,QAAQ,EAAE,kBAAkB,EAAE;YACzC,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC;SACnC,CAAC,CAAC;QAEH,IAAI,CAAC,QAAQ,CAAC,EAAE;YAAE,OAAO,IAAI,CAAC;QAC9B,OAAO,MAAM,QAAQ,CAAC,IAAI,EAAsB,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,4BAA4B;AAE5B,SAAS,qBAAqB,CAAC,GAAW;IACxC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,iCAAiC;IACjC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;IAC/C,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;YAC1D,MAAM,IAAI,GAAG;gBACX,GAAG,GAAG,CAAC,YAAY;gBACnB,GAAG,GAAG,CAAC,eAAe;gBACtB,GAAG,GAAG,CAAC,oBAAoB;aAC5B,CAAC;YACF,QAAQ,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,uBAAuB;QACzB,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAC3C,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACpD,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAC/D,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,KAAK,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC1C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;oBACzB,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;oBAC5C,IAAI,KAAK;wBAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,iBAAiB;QACnB,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,kBAAkB,CAAC,CAAC;IACnD,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAClD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC5B,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAChD,IAAI,IAAI;wBAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,2BAA2B;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,qBAAqB;AAEd,KAAK,UAAU,eAAe,CACnC,GAAW,EACX,WAAoB;IAEpB,MAAM,GAAG,GAAG,WAAW,IAAI,EAAE,CAAC;IAE9B,oBAAoB;IACpB,MAAM,MAAM,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC;IAC9B,IAAI,IAAsB,CAAC;IAC3B,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;QACnB,SAAS,GAAG,IAAI,CAAC;IACnB,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;QAC7E,CAAC;QACD,IAAI,GAAG,OAAO,CAAC;QACf,UAAU,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IACxB,CAAC;IAED,IAAI,IAAI,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,OAAO,EAAE,UAAU,EAAE,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC;IACtE,CAAC;IAED,4CAA4C;IAC5C,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5D,MAAM,OAAO,GAAe,EAAE,CAAC;IAC/B,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;QACvC,KAAK,MAAM,QAAQ,IAAI,QAAQ,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;YAC/C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,EAAE,IAAI,CAAC;YACvC,IAAI,OAAO,IAAI,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACvB,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBACpC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC7B,CAAC;gBACD,MAAM;YACR,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,UAAU,EAAE,OAAO;QACnB,eAAe,EAAE,YAAY;QAC7B,KAAK,EAAE,IAAI,CAAC,KAAK;QACjB,SAAS;KACV,CAAC;AACJ,CAAC;AAED,iBAAiB;AAEjB,SAAgB,qBAAqB,CAAC,KAAoB;IACxD,IAAI,KAAK,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE1C,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,IAAA,gBAAI,EAAC,uBAAuB,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAChE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IAExD,KAAK,MAAM,QAAQ,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;QACxC,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,SAAS,CAAC;QAC5D,MAAM,aAAa,GAAG,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,eAAG;YACjD,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,kBAAM;gBAC9B,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,kBAAM;oBAClC,CAAC,CAAC,eAAG,CAAC;QAER,MAAM,QAAQ,GAAG,CAAC,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAErF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,aAAa,CAAC,IAAI,QAAQ,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,QAAQ,CAAC,OAAO,IAAI,CAAC,CAAC;QAC7F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,IAAA,eAAG,EAAC,OAAO,QAAQ,CAAC,EAAE,eAAe,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;IAC/G,CAAC;IAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,IAAI,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;IACxD,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAA,kBAAM,EAAC,GAAG,KAAK,CAAC,UAAU,CAAC,MAAM,gBAAgB,CAAC,cAAc,IAAA,gBAAI,EAAC,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC;IACtI,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,uDAAuD,CAAC,CAAC,CAAC;IACnF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"registry-enrichment.d.ts","sourceRoot":"","sources":["../../src/util/registry-enrichment.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;
|
|
1
|
+
{"version":3,"file":"registry-enrichment.d.ts","sourceRoot":"","sources":["../../src/util/registry-enrichment.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAQH,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,mBAAmB,EAAE,CAAC;IAC/B,KAAK,EAAE,MAAM,CAAC;CACf;AAaD;;;;;;;;;;GAUG;AACH,wBAAsB,kBAAkB,CACtC,MAAM,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,EAAE,EACxC,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,CAAC,CAwD1C;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAEtD;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,UAAU,EAAE,kBAAkB,GAAG,SAAS,GAAG,MAAM,CAenF"}
|
|
@@ -10,6 +10,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
10
10
|
exports.enrichFromRegistry = enrichFromRegistry;
|
|
11
11
|
exports.formatTrustScore = formatTrustScore;
|
|
12
12
|
exports.formatTrustLabel = formatTrustLabel;
|
|
13
|
+
const validate_registry_url_js_1 = require("./validate-registry-url.js");
|
|
13
14
|
// ---------------------------------------------------------------------------
|
|
14
15
|
// Constants
|
|
15
16
|
// ---------------------------------------------------------------------------
|
|
@@ -35,6 +36,7 @@ async function enrichFromRegistry(assets, registryBaseUrl) {
|
|
|
35
36
|
return enrichments;
|
|
36
37
|
}
|
|
37
38
|
const baseUrl = (registryBaseUrl || DEFAULT_REGISTRY_BASE).replace(/\/+$/, '');
|
|
39
|
+
(0, validate_registry_url_js_1.validateRegistryUrl)(baseUrl);
|
|
38
40
|
const batchUrl = `${baseUrl}/api/v1/trust/batch`;
|
|
39
41
|
try {
|
|
40
42
|
const controller = new AbortController();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"registry-enrichment.js","sourceRoot":"","sources":["../../src/util/registry-enrichment.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;
|
|
1
|
+
{"version":3,"file":"registry-enrichment.js","sourceRoot":"","sources":["../../src/util/registry-enrichment.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA2DH,gDA2DC;AAKD,4CAEC;AAQD,4CAeC;AAlJD,yEAAiE;AAmCjE,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,MAAM,mBAAmB,GAAG,IAAI,CAAC;AACjC,MAAM,qBAAqB,GAAG,sBAAsB,CAAC;AAErD,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E;;;;;;;;;;GAUG;AACI,KAAK,UAAU,kBAAkB,CACtC,MAAwC,EACxC,eAAwB;IAExB,MAAM,WAAW,GAAG,IAAI,GAAG,EAA8B,CAAC;IAE1D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,MAAM,OAAO,GAAG,CAAC,eAAe,IAAI,qBAAqB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC/E,IAAA,8CAAmB,EAAC,OAAO,CAAC,CAAC;IAC7B,MAAM,QAAQ,GAAG,GAAG,OAAO,qBAAqB,CAAC;IAEjD,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,mBAAmB,CAAC,CAAC;QAE1E,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;YAC1B,QAAQ,EAAE,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;SAC9D,CAAC,CAAC;QAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,QAAQ,EAAE;YACrC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE,EAAE,cAAc,EAAE,kBAAkB,EAAE;YAC/C,IAAI;YACJ,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,YAAY,CAAC,OAAO,CAAC,CAAC;QAEtB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA0B,CAAC;QAE9D,IAAI,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAClD,OAAO,WAAW,CAAC;QACrB,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YAClC,MAAM,GAAG,GAAG,GAAG,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;YACnD,WAAW,CAAC,GAAG,CAAC,GAAG,EAAE;gBACnB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,WAAW,EAAE,MAAM,CAAC,WAAW;gBAC/B,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,cAAc,EAAE,MAAM,CAAC,cAAc;gBACrC,QAAQ,EAAE,MAAM,CAAC,OAAO,KAAK,UAAU,IAAI,MAAM,CAAC,UAAU,IAAI,CAAC;gBACjE,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,2EAA2E;IAC7E,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,KAAa;IAC5C,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC;AAC1C,CAAC;AAED;;;;;GAKG;AACH,SAAgB,gBAAgB,CAAC,UAA0C;IACzE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,kBAAkB,CAAC;IAC5B,CAAC;IAED,MAAM,KAAK,GAAG,gBAAgB,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;IACtD,MAAM,KAAK,GAAG,CAAC,UAAU,KAAK,EAAE,CAAC,CAAC;IAElC,IAAI,UAAU,CAAC,cAAc,GAAG,CAAC,EAAE,CAAC;QAClC,KAAK,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,cAAc,kBAAkB,UAAU,CAAC,cAAc,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IACzG,CAAC;SAAM,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AAC3B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report-submission.d.ts","sourceRoot":"","sources":["../../src/util/report-submission.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;
|
|
1
|
+
{"version":3,"file":"report-submission.d.ts","sourceRoot":"","sources":["../../src/util/report-submission.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAOH,MAAM,WAAW,WAAW;IAC1B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,UAAU;IACzB,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,sBAAsB;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,0DAA0D;IAC1D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,mBAAmB;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IACvB,4BAA4B;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,0BAA0B;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,iCAAiC;IACjC,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,sBAAsB;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,wBAAwB;IACxB,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,8BAA8B;IAC9B,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,qCAAqC;IACrC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B;AAID;;;GAGG;AACH,wBAAgB,yBAAyB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,UAAU,GAAG,IAAI,CAgEzF;AAID,wBAAsB,gBAAgB,CACpC,WAAW,EAAE,MAAM,EACnB,MAAM,EAAE,UAAU,EAClB,OAAO,CAAC,EAAE,OAAO,GAChB,OAAO,CAAC,OAAO,CAAC,CAsClB;AASD,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,OAAO,CAAC,CAO5D;AAED,wBAAsB,cAAc,IAAI,OAAO,CAAC,MAAM,CAAC,CAUtD;AAED;;;;GAIG;AACH,wBAAsB,wBAAwB,IAAI,OAAO,CAAC,IAAI,CAAC,CAa9D;AAID;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,OAAO,EAAE;QAAE,eAAe,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,CAAC;QAAC,SAAS,EAAE,MAAM,CAAA;KAAE,CAAC;IACjG,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,gBAAgB,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACvE,UAAU,EAAE;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,EAAE,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACvE,QAAQ,EAAE;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,YAAY,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACxF,aAAa,EAAE,MAAM,CAAC;CACvB,GAAG,UAAU,CA6Cb"}
|
|
@@ -20,6 +20,7 @@ exports.getRegistryUrl = getRegistryUrl;
|
|
|
20
20
|
exports.recordScanAndMaybePrompt = recordScanAndMaybePrompt;
|
|
21
21
|
exports.normalizeDetectReport = normalizeDetectReport;
|
|
22
22
|
const colors_js_1 = require("./colors.js");
|
|
23
|
+
const validate_registry_url_js_1 = require("./validate-registry-url.js");
|
|
23
24
|
// --- Governance scan normalization ---
|
|
24
25
|
/**
|
|
25
26
|
* Normalize a scan-soul governance result into the ScanReport format.
|
|
@@ -86,6 +87,7 @@ function normalizeGovernanceReport(raw) {
|
|
|
86
87
|
// --- Submission ---
|
|
87
88
|
async function submitScanReport(registryUrl, report, verbose) {
|
|
88
89
|
try {
|
|
90
|
+
(0, validate_registry_url_js_1.validateRegistryUrl)(registryUrl);
|
|
89
91
|
const url = `${registryUrl}/api/v1/trust/scan-report`;
|
|
90
92
|
const response = await fetch(url, {
|
|
91
93
|
method: 'POST',
|
|
@@ -122,7 +124,7 @@ async function submitScanReport(registryUrl, report, verbose) {
|
|
|
122
124
|
}
|
|
123
125
|
// --- Config helpers (dynamic import to avoid circular deps) ---
|
|
124
126
|
async function loadShared() {
|
|
125
|
-
const shared = await
|
|
127
|
+
const shared = await import('@opena2a/shared');
|
|
126
128
|
return 'default' in shared ? shared.default : shared;
|
|
127
129
|
}
|
|
128
130
|
async function isContributeEnabled() {
|
|
@@ -138,7 +140,10 @@ async function getRegistryUrl() {
|
|
|
138
140
|
try {
|
|
139
141
|
const mod = await loadShared();
|
|
140
142
|
const config = mod.loadUserConfig();
|
|
141
|
-
|
|
143
|
+
const url = config.registry?.url ?? '';
|
|
144
|
+
if (url)
|
|
145
|
+
(0, validate_registry_url_js_1.validateRegistryUrl)(url);
|
|
146
|
+
return url;
|
|
142
147
|
}
|
|
143
148
|
catch {
|
|
144
149
|
return ''; // registry not yet available
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report-submission.js","sourceRoot":"","sources":["../../src/util/report-submission.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;
|
|
1
|
+
{"version":3,"file":"report-submission.js","sourceRoot":"","sources":["../../src/util/report-submission.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;AAyDH,8DAgEC;AAID,4CA0CC;AASD,kDAOC;AAED,wCAUC;AAOD,4DAaC;AAWD,sDAmDC;AAnRD,2CAAgD;AAChD,yEAAiE;AAgDjE,wCAAwC;AAExC;;;GAGG;AACH,SAAgB,yBAAyB,CAAC,GAA4B;IACpE,0EAA0E;IAC1E,IAAI,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,GAAG,CAAC,KAAK;QAAE,OAAO,IAAI,CAAC;IAE5C,MAAM,KAAK,GAAI,GAAG,CAAC,KAAgB,IAAI,CAAC,CAAC;IACzC,MAAM,KAAK,GAAI,GAAG,CAAC,KAAgB,IAAI,iBAAiB,CAAC;IACzD,MAAM,OAAO,GAAG,GAAG,CAAC,OAKlB,CAAC;IAEH,MAAM,QAAQ,GAAkB,EAAE,CAAC;IACnC,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,kEAAkE;IAClE,MAAM,WAAW,GAA2B;QAC1C,aAAa,EAAE,UAAU,EAAE,aAAa,EAAE,UAAU;QACpD,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM;QACnE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM,EAAE,aAAa,EAAE,MAAM;QACnE,aAAa,EAAE,MAAM;KACtB,CAAC;IAEF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACpB,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,QAAQ,CAAC;gBACrD,IAAI,QAAQ,KAAK,UAAU;oBAAE,aAAa,EAAE,CAAC;qBACxC,IAAI,QAAQ,KAAK,MAAM;oBAAE,SAAS,EAAE,CAAC;qBACrC,IAAI,QAAQ,KAAK,QAAQ;oBAAE,WAAW,EAAE,CAAC;;oBACzC,QAAQ,EAAE,CAAC;gBAEhB,QAAQ,CAAC,IAAI,CAAC;oBACZ,SAAS,EAAE,OAAO,CAAC,EAAE;oBACrB,QAAQ;oBACR,QAAQ,EAAE,YAAY;oBACtB,KAAK,EAAE,GAAG,OAAO,CAAC,IAAI,gBAAgB;oBACtC,WAAW,EAAE,WAAW,OAAO,CAAC,EAAE,KAAK,OAAO,CAAC,IAAI,sDAAsD,MAAM,CAAC,MAAM,GAAG;iBAC1H,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC;IAEzE,OAAO;QACL,WAAW,EAAG,GAAG,CAAC,IAAe,IAAI,SAAS;QAC9C,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,aAAa;QAC1B,cAAc,EAAE,OAAO;QACvB,YAAY,EAAE,KAAK;QACnB,cAAc,EAAE,CAAC;QACjB,aAAa;QACb,SAAS;QACT,WAAW;QACX,QAAQ;QACR,SAAS,EAAE,CAAC;QACZ,OAAO;QACP,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,qBAAqB;AAEd,KAAK,UAAU,gBAAgB,CACpC,WAAmB,EACnB,MAAkB,EAClB,OAAiB;IAEjB,IAAI,CAAC;QACH,IAAA,8CAAmB,EAAC,WAAW,CAAC,CAAC;QACjC,MAAM,GAAG,GAAG,GAAG,WAAW,2BAA2B,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE;YAChC,MAAM,EAAE,MAAM;YACd,OAAO,EAAE;gBACP,cAAc,EAAE,kBAAkB;gBAClC,QAAQ,EAAE,kBAAkB;aAC7B;YACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gBACnB,GAAG,MAAM;gBACT,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACrC,aAAa,EAAE,OAAO;aACvB,CAAC;YACF,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;SACpC,CAAC,CAAC;QAEH,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;YAChB,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,8CAA8C,CAAC,CAAC,CAAC;YAC5E,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,uDAAuD;QACvD,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,oDAAoD,CAAC,CAAC,CAAC;YAClF,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAAC,MAAM,CAAC;QACP,kCAAkC;QAClC,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,iEAAiE;AAEjE,KAAK,UAAU,UAAU;IACvB,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAQ,CAAC;IACtD,OAAO,SAAS,IAAI,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;AACvD,CAAC;AAEM,KAAK,UAAU,mBAAmB;IACvC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,EAAE,CAAC;QAC/B,OAAO,GAAG,CAAC,mBAAmB,EAAE,CAAC;IACnC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAEM,KAAK,UAAU,cAAc;IAClC,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,GAAG,CAAC,cAAc,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,EAAE,GAAG,IAAI,EAAE,CAAC;QACvC,IAAI,GAAG;YAAE,IAAA,8CAAmB,EAAC,GAAG,CAAC,CAAC;QAClC,OAAO,GAAG,CAAC;IACb,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC,CAAC,6BAA6B;IAC1C,CAAC;AACH,CAAC;AAED;;;;GAIG;AACI,KAAK,UAAU,wBAAwB;IAC5C,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,UAAU,EAAE,CAAC;QAC/B,GAAG,CAAC,kBAAkB,EAAE,CAAC;QAEzB,IAAI,GAAG,CAAC,sBAAsB,EAAE,EAAE,CAAC;YACjC,qBAAqB,EAAE,CAAC;YACxB,gDAAgD;YAChD,GAAG,CAAC,uBAAuB,EAAE,CAAC;QAChC,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,eAAe;IACjB,CAAC;AACH,CAAC;AAED,oCAAoC;AAEpC;;;;;;GAMG;AACH,SAAgB,qBAAqB,CAAC,MAMrC;IACC,MAAM,KAAK,GAAG,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC;IAC7C,IAAI,aAAa,GAAG,CAAC,CAAC;IACtB,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,IAAI,QAAQ,GAAG,CAAC,CAAC;IAEjB,MAAM,QAAQ,GAAkB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC3D,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU;YAAE,aAAa,EAAE,CAAC;aAC1C,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM;YAAE,SAAS,EAAE,CAAC;aACvC,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;YAAE,WAAW,EAAE,CAAC;;YAC3C,QAAQ,EAAE,CAAC;QAEhB,OAAO;YACL,SAAS,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACjF,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,WAAW,EAAE,CAAC,CAAC,YAAY;SAC5B,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,oDAAoD;IACpD,MAAM,QAAQ,GAAG,MAAM,CAAC,UAAU;SAC/B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;SAC3C,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAEpB,MAAM,OAAO,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC;IAEzE,OAAO;QACL,WAAW,EAAE,iBAAiB;QAC9B,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,gBAAgB;QAC7B,cAAc,EAAE,OAAO;QACvB,YAAY,EAAE,KAAK;QACnB,cAAc,EAAE,CAAC;QACjB,aAAa;QACb,SAAS;QACT,WAAW;QACX,QAAQ;QACR,SAAS,EAAE,CAAC;QACZ,OAAO;QACP,QAAQ;QACR,QAAQ,EAAE,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;KACrD,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB;IAC5B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC3B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,gBAAI,EAAC,wDAAwD,CAAC,CAAC,CAAC;IACrF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,8DAA8D,CAAC,CAAC,CAAC;IAC1F,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,aAAa,CAAC,GAAG,IAAA,kBAAM,EAAC,8BAA8B,CAAC,GAAG,IAAI,CAAC,CAAC;IACzF,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAA,eAAG,EAAC,4CAA4C,CAAC,CAAC,CAAC;IACxE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAC7B,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Registry URL validation -- enforces HTTPS for all registry URLs
|
|
3
|
+
* except localhost (for local development).
|
|
4
|
+
*
|
|
5
|
+
* OA2A-001: Prevents MITM attacks by rejecting plain HTTP registry URLs.
|
|
6
|
+
*/
|
|
7
|
+
/**
|
|
8
|
+
* Validates that a registry URL uses HTTPS.
|
|
9
|
+
* Allows http://localhost and http://127.0.0.1 for local development.
|
|
10
|
+
*
|
|
11
|
+
* @param url The registry URL to validate
|
|
12
|
+
* @throws Error if the URL uses plain HTTP (non-localhost)
|
|
13
|
+
*/
|
|
14
|
+
export declare function validateRegistryUrl(url: string): void;
|
|
15
|
+
//# sourceMappingURL=validate-registry-url.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate-registry-url.d.ts","sourceRoot":"","sources":["../../src/util/validate-registry-url.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;;;;;GAMG;AACH,wBAAgB,mBAAmB,CAAC,GAAG,EAAE,MAAM,GAAG,IAAI,CAsBrD"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Registry URL validation -- enforces HTTPS for all registry URLs
|
|
4
|
+
* except localhost (for local development).
|
|
5
|
+
*
|
|
6
|
+
* OA2A-001: Prevents MITM attacks by rejecting plain HTTP registry URLs.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.validateRegistryUrl = validateRegistryUrl;
|
|
10
|
+
/**
|
|
11
|
+
* Validates that a registry URL uses HTTPS.
|
|
12
|
+
* Allows http://localhost and http://127.0.0.1 for local development.
|
|
13
|
+
*
|
|
14
|
+
* @param url The registry URL to validate
|
|
15
|
+
* @throws Error if the URL uses plain HTTP (non-localhost)
|
|
16
|
+
*/
|
|
17
|
+
function validateRegistryUrl(url) {
|
|
18
|
+
if (!url)
|
|
19
|
+
return;
|
|
20
|
+
let parsed;
|
|
21
|
+
try {
|
|
22
|
+
parsed = new URL(url);
|
|
23
|
+
}
|
|
24
|
+
catch {
|
|
25
|
+
throw new Error(`Invalid registry URL: ${url}`);
|
|
26
|
+
}
|
|
27
|
+
const isLocalhost = parsed.hostname === 'localhost' ||
|
|
28
|
+
parsed.hostname === '127.0.0.1' ||
|
|
29
|
+
parsed.hostname === '::1';
|
|
30
|
+
if (parsed.protocol === 'http:' && !isLocalhost) {
|
|
31
|
+
throw new Error(`Registry URL must use HTTPS: ${url}\n` +
|
|
32
|
+
'Plain HTTP is only allowed for localhost development.\n' +
|
|
33
|
+
'Use https:// or http://localhost for local testing.');
|
|
34
|
+
}
|
|
35
|
+
}
|
|
36
|
+
//# sourceMappingURL=validate-registry-url.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"validate-registry-url.js","sourceRoot":"","sources":["../../src/util/validate-registry-url.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AASH,kDAsBC;AA7BD;;;;;;GAMG;AACH,SAAgB,mBAAmB,CAAC,GAAW;IAC7C,IAAI,CAAC,GAAG;QAAE,OAAO;IAEjB,IAAI,MAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACxB,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,EAAE,CAAC,CAAC;IAClD,CAAC;IAED,MAAM,WAAW,GACf,MAAM,CAAC,QAAQ,KAAK,WAAW;QAC/B,MAAM,CAAC,QAAQ,KAAK,WAAW;QAC/B,MAAM,CAAC,QAAQ,KAAK,KAAK,CAAC;IAE5B,IAAI,MAAM,CAAC,QAAQ,KAAK,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CACb,gCAAgC,GAAG,IAAI;YACvC,yDAAyD;YACzD,qDAAqD,CACtD,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,59 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Registry client -- queries the OpenA2A Registry API for trust data
|
|
3
|
-
* about discovered AI assets.
|
|
4
|
-
*
|
|
5
|
-
* Used by `opena2a detect --registry` to enrich local scan results with
|
|
6
|
-
* trust levels, publisher info, and vulnerability counts from the registry.
|
|
7
|
-
*/
|
|
8
|
-
export interface RegistryPackage {
|
|
9
|
-
name: string;
|
|
10
|
-
trustLevel: number;
|
|
11
|
-
status: string;
|
|
12
|
-
publisherName: string;
|
|
13
|
-
vulnerabilityCount: number;
|
|
14
|
-
}
|
|
15
|
-
export interface RegistrySearchResponse {
|
|
16
|
-
packages: RegistryPackage[];
|
|
17
|
-
}
|
|
18
|
-
export interface RegistryAssetResult {
|
|
19
|
-
name: string;
|
|
20
|
-
type: string;
|
|
21
|
-
registered: boolean;
|
|
22
|
-
trustLevel: number;
|
|
23
|
-
trustLabel: string;
|
|
24
|
-
publisher: string;
|
|
25
|
-
vulnerabilities: number;
|
|
26
|
-
status: string;
|
|
27
|
-
timedOut?: boolean;
|
|
28
|
-
}
|
|
29
|
-
/**
|
|
30
|
-
* Clear the in-memory lookup cache.
|
|
31
|
-
* Primarily for testing; in production the cache lives for the scan duration.
|
|
32
|
-
*/
|
|
33
|
-
export declare function clearCache(): void;
|
|
34
|
-
/**
|
|
35
|
-
* Look up a single asset in the OpenA2A Registry.
|
|
36
|
-
*
|
|
37
|
-
* Returns a result with `registered: false` if the asset is not found,
|
|
38
|
-
* or `timedOut: true` if the lookup took longer than 3 seconds.
|
|
39
|
-
*/
|
|
40
|
-
export declare function lookupAsset(name: string, type: string, registryBaseUrl?: string): Promise<RegistryAssetResult>;
|
|
41
|
-
/**
|
|
42
|
-
* Batch-query the registry for multiple assets.
|
|
43
|
-
*
|
|
44
|
-
* Runs lookups concurrently (all in parallel) and returns a Map
|
|
45
|
-
* keyed by "name:type".
|
|
46
|
-
*
|
|
47
|
-
* @param assets Array of { name, type } to query
|
|
48
|
-
* @param registryBaseUrl Base URL of the registry
|
|
49
|
-
* @param onProgress Optional callback invoked with (completed, total)
|
|
50
|
-
*/
|
|
51
|
-
export declare function batchLookup(assets: {
|
|
52
|
-
name: string;
|
|
53
|
-
type: string;
|
|
54
|
-
}[], registryBaseUrl?: string, onProgress?: (completed: number, total: number) => void): Promise<Map<string, RegistryAssetResult>>;
|
|
55
|
-
/**
|
|
56
|
-
* Map asset category strings to registry-compatible type values.
|
|
57
|
-
*/
|
|
58
|
-
export declare function assetTypeForRegistry(category: string): string;
|
|
59
|
-
//# sourceMappingURL=registry-client.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"registry-client.d.ts","sourceRoot":"","sources":["../../src/lib/registry-client.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,CAAC;IACtB,kBAAkB,EAAE,MAAM,CAAC;CAC5B;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAED,MAAM,WAAW,mBAAmB;IAClC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,CAAC;IACxB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AA2BD;;;GAGG;AACH,wBAAgB,UAAU,IAAI,IAAI,CAEjC;AAED;;;;;GAKG;AACH,wBAAsB,WAAW,CAC/B,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,eAAe,CAAC,EAAE,MAAM,GACvB,OAAO,CAAC,mBAAmB,CAAC,CAmF9B;AAED;;;;;;;;;GASG;AACH,wBAAsB,WAAW,CAC/B,MAAM,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,EAAE,EACxC,eAAe,CAAC,EAAE,MAAM,EACxB,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,KAAK,IAAI,GACtD,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,mBAAmB,CAAC,CAAC,CA0B3C;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM,CAa7D"}
|
|
@@ -1,169 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* Registry client -- queries the OpenA2A Registry API for trust data
|
|
4
|
-
* about discovered AI assets.
|
|
5
|
-
*
|
|
6
|
-
* Used by `opena2a detect --registry` to enrich local scan results with
|
|
7
|
-
* trust levels, publisher info, and vulnerability counts from the registry.
|
|
8
|
-
*/
|
|
9
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
10
|
-
exports.clearCache = clearCache;
|
|
11
|
-
exports.lookupAsset = lookupAsset;
|
|
12
|
-
exports.batchLookup = batchLookup;
|
|
13
|
-
exports.assetTypeForRegistry = assetTypeForRegistry;
|
|
14
|
-
// ---------------------------------------------------------------------------
|
|
15
|
-
// Constants
|
|
16
|
-
// ---------------------------------------------------------------------------
|
|
17
|
-
const PER_ASSET_TIMEOUT_MS = 3000;
|
|
18
|
-
const DEFAULT_REGISTRY_BASE = 'https://api.oa2a.org';
|
|
19
|
-
const TRUST_LABELS = {
|
|
20
|
-
0: 'Blocked',
|
|
21
|
-
1: 'Warning',
|
|
22
|
-
2: 'Listed',
|
|
23
|
-
3: 'Scanned',
|
|
24
|
-
4: 'Verified',
|
|
25
|
-
};
|
|
26
|
-
// ---------------------------------------------------------------------------
|
|
27
|
-
// Internal cache
|
|
28
|
-
// ---------------------------------------------------------------------------
|
|
29
|
-
const lookupCache = new Map();
|
|
30
|
-
// ---------------------------------------------------------------------------
|
|
31
|
-
// Public API
|
|
32
|
-
// ---------------------------------------------------------------------------
|
|
33
|
-
/**
|
|
34
|
-
* Clear the in-memory lookup cache.
|
|
35
|
-
* Primarily for testing; in production the cache lives for the scan duration.
|
|
36
|
-
*/
|
|
37
|
-
function clearCache() {
|
|
38
|
-
lookupCache.clear();
|
|
39
|
-
}
|
|
40
|
-
/**
|
|
41
|
-
* Look up a single asset in the OpenA2A Registry.
|
|
42
|
-
*
|
|
43
|
-
* Returns a result with `registered: false` if the asset is not found,
|
|
44
|
-
* or `timedOut: true` if the lookup took longer than 3 seconds.
|
|
45
|
-
*/
|
|
46
|
-
async function lookupAsset(name, type, registryBaseUrl) {
|
|
47
|
-
const cacheKey = `${name}:${type}`;
|
|
48
|
-
const cached = lookupCache.get(cacheKey);
|
|
49
|
-
if (cached)
|
|
50
|
-
return cached;
|
|
51
|
-
const baseUrl = (registryBaseUrl || DEFAULT_REGISTRY_BASE).replace(/\/+$/, '');
|
|
52
|
-
const searchUrl = `${baseUrl}/api/v1/registry/packages?search=${encodeURIComponent(name)}&type=${encodeURIComponent(type)}`;
|
|
53
|
-
const notRegistered = {
|
|
54
|
-
name,
|
|
55
|
-
type,
|
|
56
|
-
registered: false,
|
|
57
|
-
trustLevel: -1,
|
|
58
|
-
trustLabel: 'Not registered',
|
|
59
|
-
publisher: '',
|
|
60
|
-
vulnerabilities: 0,
|
|
61
|
-
status: '',
|
|
62
|
-
};
|
|
63
|
-
try {
|
|
64
|
-
const controller = new AbortController();
|
|
65
|
-
const timeout = setTimeout(() => controller.abort(), PER_ASSET_TIMEOUT_MS);
|
|
66
|
-
const response = await fetch(searchUrl, {
|
|
67
|
-
method: 'GET',
|
|
68
|
-
headers: { Accept: 'application/json' },
|
|
69
|
-
signal: controller.signal,
|
|
70
|
-
});
|
|
71
|
-
clearTimeout(timeout);
|
|
72
|
-
if (!response.ok) {
|
|
73
|
-
lookupCache.set(cacheKey, notRegistered);
|
|
74
|
-
return notRegistered;
|
|
75
|
-
}
|
|
76
|
-
const data = (await response.json());
|
|
77
|
-
if (!data.packages || !Array.isArray(data.packages) || data.packages.length === 0) {
|
|
78
|
-
lookupCache.set(cacheKey, notRegistered);
|
|
79
|
-
return notRegistered;
|
|
80
|
-
}
|
|
81
|
-
// Find exact name match (case-insensitive), fall back to first result
|
|
82
|
-
const exactMatch = data.packages.find((p) => p.name.toLowerCase() === name.toLowerCase());
|
|
83
|
-
const pkg = exactMatch || data.packages[0];
|
|
84
|
-
const result = {
|
|
85
|
-
name,
|
|
86
|
-
type,
|
|
87
|
-
registered: true,
|
|
88
|
-
trustLevel: pkg.trustLevel,
|
|
89
|
-
trustLabel: TRUST_LABELS[pkg.trustLevel] ?? `Level ${pkg.trustLevel}`,
|
|
90
|
-
publisher: pkg.publisherName || '',
|
|
91
|
-
vulnerabilities: pkg.vulnerabilityCount ?? 0,
|
|
92
|
-
status: pkg.status || '',
|
|
93
|
-
};
|
|
94
|
-
lookupCache.set(cacheKey, result);
|
|
95
|
-
return result;
|
|
96
|
-
}
|
|
97
|
-
catch (err) {
|
|
98
|
-
if (err instanceof DOMException && err.name === 'AbortError') {
|
|
99
|
-
const timedOutResult = {
|
|
100
|
-
name,
|
|
101
|
-
type,
|
|
102
|
-
registered: false,
|
|
103
|
-
trustLevel: -1,
|
|
104
|
-
trustLabel: 'Lookup timed out',
|
|
105
|
-
publisher: '',
|
|
106
|
-
vulnerabilities: 0,
|
|
107
|
-
status: '',
|
|
108
|
-
timedOut: true,
|
|
109
|
-
};
|
|
110
|
-
lookupCache.set(cacheKey, timedOutResult);
|
|
111
|
-
return timedOutResult;
|
|
112
|
-
}
|
|
113
|
-
// Network error or other failure -- treat as not registered
|
|
114
|
-
lookupCache.set(cacheKey, notRegistered);
|
|
115
|
-
return notRegistered;
|
|
116
|
-
}
|
|
117
|
-
}
|
|
118
|
-
/**
|
|
119
|
-
* Batch-query the registry for multiple assets.
|
|
120
|
-
*
|
|
121
|
-
* Runs lookups concurrently (all in parallel) and returns a Map
|
|
122
|
-
* keyed by "name:type".
|
|
123
|
-
*
|
|
124
|
-
* @param assets Array of { name, type } to query
|
|
125
|
-
* @param registryBaseUrl Base URL of the registry
|
|
126
|
-
* @param onProgress Optional callback invoked with (completed, total)
|
|
127
|
-
*/
|
|
128
|
-
async function batchLookup(assets, registryBaseUrl, onProgress) {
|
|
129
|
-
const results = new Map();
|
|
130
|
-
if (assets.length === 0)
|
|
131
|
-
return results;
|
|
132
|
-
// Deduplicate by key
|
|
133
|
-
const unique = new Map();
|
|
134
|
-
for (const asset of assets) {
|
|
135
|
-
const key = `${asset.name}:${asset.type}`;
|
|
136
|
-
if (!unique.has(key)) {
|
|
137
|
-
unique.set(key, asset);
|
|
138
|
-
}
|
|
139
|
-
}
|
|
140
|
-
const entries = Array.from(unique.entries());
|
|
141
|
-
let completed = 0;
|
|
142
|
-
const promises = entries.map(async ([key, asset]) => {
|
|
143
|
-
const result = await lookupAsset(asset.name, asset.type, registryBaseUrl);
|
|
144
|
-
results.set(key, result);
|
|
145
|
-
completed++;
|
|
146
|
-
if (onProgress)
|
|
147
|
-
onProgress(completed, entries.length);
|
|
148
|
-
});
|
|
149
|
-
await Promise.all(promises);
|
|
150
|
-
return results;
|
|
151
|
-
}
|
|
152
|
-
/**
|
|
153
|
-
* Map asset category strings to registry-compatible type values.
|
|
154
|
-
*/
|
|
155
|
-
function assetTypeForRegistry(category) {
|
|
156
|
-
switch (category) {
|
|
157
|
-
case 'ai-assistant':
|
|
158
|
-
case 'local-llm':
|
|
159
|
-
case 'ai-plugin':
|
|
160
|
-
return 'agent';
|
|
161
|
-
case 'mcp_server':
|
|
162
|
-
return 'mcp_server';
|
|
163
|
-
case 'ai-config':
|
|
164
|
-
return 'config';
|
|
165
|
-
default:
|
|
166
|
-
return category;
|
|
167
|
-
}
|
|
168
|
-
}
|
|
169
|
-
//# sourceMappingURL=registry-client.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"registry-client.js","sourceRoot":"","sources":["../../src/lib/registry-client.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA2DH,gCAEC;AAQD,kCAuFC;AAYD,kCA8BC;AAKD,oDAaC;AA1LD,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,MAAM,oBAAoB,GAAG,IAAI,CAAC;AAClC,MAAM,qBAAqB,GAAG,sBAAsB,CAAC;AAErD,MAAM,YAAY,GAA2B;IAC3C,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,QAAQ;IACX,CAAC,EAAE,SAAS;IACZ,CAAC,EAAE,UAAU;CACd,CAAC;AAEF,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E,MAAM,WAAW,GAAG,IAAI,GAAG,EAA+B,CAAC;AAE3D,8EAA8E;AAC9E,aAAa;AACb,8EAA8E;AAE9E;;;GAGG;AACH,SAAgB,UAAU;IACxB,WAAW,CAAC,KAAK,EAAE,CAAC;AACtB,CAAC;AAED;;;;;GAKG;AACI,KAAK,UAAU,WAAW,CAC/B,IAAY,EACZ,IAAY,EACZ,eAAwB;IAExB,MAAM,QAAQ,GAAG,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC;IACnC,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACzC,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,MAAM,OAAO,GAAG,CAAC,eAAe,IAAI,qBAAqB,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IAC/E,MAAM,SAAS,GAAG,GAAG,OAAO,oCAAoC,kBAAkB,CAAC,IAAI,CAAC,SAAS,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;IAE5H,MAAM,aAAa,GAAwB;QACzC,IAAI;QACJ,IAAI;QACJ,UAAU,EAAE,KAAK;QACjB,UAAU,EAAE,CAAC,CAAC;QACd,UAAU,EAAE,gBAAgB;QAC5B,SAAS,EAAE,EAAE;QACb,eAAe,EAAE,CAAC;QAClB,MAAM,EAAE,EAAE;KACX,CAAC;IAEF,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;QACzC,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,oBAAoB,CAAC,CAAC;QAE3E,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,SAAS,EAAE;YACtC,MAAM,EAAE,KAAK;YACb,OAAO,EAAE,EAAE,MAAM,EAAE,kBAAkB,EAAE;YACvC,MAAM,EAAE,UAAU,CAAC,MAAM;SAC1B,CAAC,CAAC;QAEH,YAAY,CAAC,OAAO,CAAC,CAAC;QAEtB,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;YACjB,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;YACzC,OAAO,aAAa,CAAC;QACvB,CAAC;QAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA2B,CAAC;QAE/D,IAAI,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClF,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;YACzC,OAAO,aAAa,CAAC;QACvB,CAAC;QAED,sEAAsE;QACtE,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,WAAW,EAAE,CACnD,CAAC;QACF,MAAM,GAAG,GAAG,UAAU,IAAI,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAE3C,MAAM,MAAM,GAAwB;YAClC,IAAI;YACJ,IAAI;YACJ,UAAU,EAAE,IAAI;YAChB,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,UAAU,EAAE,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,IAAI,SAAS,GAAG,CAAC,UAAU,EAAE;YACrE,SAAS,EAAE,GAAG,CAAC,aAAa,IAAI,EAAE;YAClC,eAAe,EAAE,GAAG,CAAC,kBAAkB,IAAI,CAAC;YAC5C,MAAM,EAAE,GAAG,CAAC,MAAM,IAAI,EAAE;SACzB,CAAC;QAEF,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAClC,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,IAAI,GAAG,YAAY,YAAY,IAAI,GAAG,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YAC7D,MAAM,cAAc,GAAwB;gBAC1C,IAAI;gBACJ,IAAI;gBACJ,UAAU,EAAE,KAAK;gBACjB,UAAU,EAAE,CAAC,CAAC;gBACd,UAAU,EAAE,kBAAkB;gBAC9B,SAAS,EAAE,EAAE;gBACb,eAAe,EAAE,CAAC;gBAClB,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE,IAAI;aACf,CAAC;YACF,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;YAC1C,OAAO,cAAc,CAAC;QACxB,CAAC;QAED,4DAA4D;QAC5D,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;QACzC,OAAO,aAAa,CAAC;IACvB,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACI,KAAK,UAAU,WAAW,CAC/B,MAAwC,EACxC,eAAwB,EACxB,UAAuD;IAEvD,MAAM,OAAO,GAAG,IAAI,GAAG,EAA+B,CAAC;IAEvD,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAExC,qBAAqB;IACrB,MAAM,MAAM,GAAG,IAAI,GAAG,EAA0C,CAAC;IACjE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,GAAG,GAAG,GAAG,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QAC1C,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;IAC7C,IAAI,SAAS,GAAG,CAAC,CAAC;IAElB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,GAAG,EAAE,KAAK,CAAC,EAAE,EAAE;QAClD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,KAAK,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QACzB,SAAS,EAAE,CAAC;QACZ,IAAI,UAAU;YAAE,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAC5B,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,QAAgB;IACnD,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,cAAc,CAAC;QACpB,KAAK,WAAW,CAAC;QACjB,KAAK,WAAW;YACd,OAAO,OAAO,CAAC;QACjB,KAAK,YAAY;YACf,OAAO,YAAY,CAAC;QACtB,KAAK,WAAW;YACd,OAAO,QAAQ,CAAC;QAClB;YACE,OAAO,QAAQ,CAAC;IACpB,CAAC;AACH,CAAC"}
|
|
@@ -1,37 +0,0 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Drift liveness verification — confirms whether a detected credential
|
|
3
|
-
* actually grants access to AI/ML services (scope drift).
|
|
4
|
-
*
|
|
5
|
-
* DRIFT-001: Google API Key -> Gemini Generative Language API
|
|
6
|
-
* DRIFT-002: AWS Access Key -> no liveness check (requires secret key)
|
|
7
|
-
*/
|
|
8
|
-
export interface LivenessResult {
|
|
9
|
-
/** Whether the credential confirmed access to the AI service */
|
|
10
|
-
confirmed: boolean;
|
|
11
|
-
/** HTTP status code from the verification request */
|
|
12
|
-
statusCode?: number;
|
|
13
|
-
/** Human-readable detail (e.g., model names found) */
|
|
14
|
-
details?: string;
|
|
15
|
-
/** Error message if the check failed to complete */
|
|
16
|
-
error?: string;
|
|
17
|
-
}
|
|
18
|
-
/** Timeout for each liveness HTTP request (ms) */
|
|
19
|
-
export declare const LIVENESS_TIMEOUT = 5000;
|
|
20
|
-
/** Delay between consecutive liveness checks to avoid rate limiting (ms) */
|
|
21
|
-
export declare const LIVENESS_DELAY = 500;
|
|
22
|
-
/** Maximum number of liveness checks per scan run */
|
|
23
|
-
export declare const MAX_LIVENESS_CHECKS = 5;
|
|
24
|
-
/**
|
|
25
|
-
* Verify whether a Google API key grants access to the Gemini Generative
|
|
26
|
-
* Language API by listing available models.
|
|
27
|
-
*
|
|
28
|
-
* GET {baseUrl}/v1beta/models?key={KEY}
|
|
29
|
-
* - 200 with model list -> confirmed (scope drift to AI)
|
|
30
|
-
* - 401/403 -> not confirmed (key restricted)
|
|
31
|
-
* - timeout/error -> not confirmed (inconclusive)
|
|
32
|
-
*
|
|
33
|
-
* @param apiKey The Google API key value
|
|
34
|
-
* @param baseUrl Override for testing (default: generativelanguage.googleapis.com)
|
|
35
|
-
*/
|
|
36
|
-
export declare function verifyGeminiAccess(apiKey: string, baseUrl?: string): Promise<LivenessResult>;
|
|
37
|
-
//# sourceMappingURL=drift-liveness.d.ts.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"drift-liveness.d.ts","sourceRoot":"","sources":["../../src/util/drift-liveness.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAOH,MAAM,WAAW,cAAc;IAC7B,gEAAgE;IAChE,SAAS,EAAE,OAAO,CAAC;IACnB,qDAAqD;IACrD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sDAAsD;IACtD,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oDAAoD;IACpD,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAID,kDAAkD;AAClD,eAAO,MAAM,gBAAgB,OAAO,CAAC;AAErC,4EAA4E;AAC5E,eAAO,MAAM,cAAc,MAAM,CAAC;AAElC,qDAAqD;AACrD,eAAO,MAAM,mBAAmB,IAAI,CAAC;AAIrC;;;;;;;;;;;GAWG;AACH,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,MAAM,EACd,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,cAAc,CAAC,CAmDzB"}
|
|
@@ -1,114 +0,0 @@
|
|
|
1
|
-
"use strict";
|
|
2
|
-
/**
|
|
3
|
-
* Drift liveness verification — confirms whether a detected credential
|
|
4
|
-
* actually grants access to AI/ML services (scope drift).
|
|
5
|
-
*
|
|
6
|
-
* DRIFT-001: Google API Key -> Gemini Generative Language API
|
|
7
|
-
* DRIFT-002: AWS Access Key -> no liveness check (requires secret key)
|
|
8
|
-
*/
|
|
9
|
-
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
10
|
-
if (k2 === undefined) k2 = k;
|
|
11
|
-
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
12
|
-
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
13
|
-
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
14
|
-
}
|
|
15
|
-
Object.defineProperty(o, k2, desc);
|
|
16
|
-
}) : (function(o, m, k, k2) {
|
|
17
|
-
if (k2 === undefined) k2 = k;
|
|
18
|
-
o[k2] = m[k];
|
|
19
|
-
}));
|
|
20
|
-
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
21
|
-
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
22
|
-
}) : function(o, v) {
|
|
23
|
-
o["default"] = v;
|
|
24
|
-
});
|
|
25
|
-
var __importStar = (this && this.__importStar) || (function () {
|
|
26
|
-
var ownKeys = function(o) {
|
|
27
|
-
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
28
|
-
var ar = [];
|
|
29
|
-
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
30
|
-
return ar;
|
|
31
|
-
};
|
|
32
|
-
return ownKeys(o);
|
|
33
|
-
};
|
|
34
|
-
return function (mod) {
|
|
35
|
-
if (mod && mod.__esModule) return mod;
|
|
36
|
-
var result = {};
|
|
37
|
-
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
38
|
-
__setModuleDefault(result, mod);
|
|
39
|
-
return result;
|
|
40
|
-
};
|
|
41
|
-
})();
|
|
42
|
-
Object.defineProperty(exports, "__esModule", { value: true });
|
|
43
|
-
exports.MAX_LIVENESS_CHECKS = exports.LIVENESS_DELAY = exports.LIVENESS_TIMEOUT = void 0;
|
|
44
|
-
exports.verifyGeminiAccess = verifyGeminiAccess;
|
|
45
|
-
const https = __importStar(require("node:https"));
|
|
46
|
-
const http = __importStar(require("node:http"));
|
|
47
|
-
// --- Constants ---
|
|
48
|
-
/** Timeout for each liveness HTTP request (ms) */
|
|
49
|
-
exports.LIVENESS_TIMEOUT = 5000;
|
|
50
|
-
/** Delay between consecutive liveness checks to avoid rate limiting (ms) */
|
|
51
|
-
exports.LIVENESS_DELAY = 500;
|
|
52
|
-
/** Maximum number of liveness checks per scan run */
|
|
53
|
-
exports.MAX_LIVENESS_CHECKS = 5;
|
|
54
|
-
// --- Gemini liveness ---
|
|
55
|
-
/**
|
|
56
|
-
* Verify whether a Google API key grants access to the Gemini Generative
|
|
57
|
-
* Language API by listing available models.
|
|
58
|
-
*
|
|
59
|
-
* GET {baseUrl}/v1beta/models?key={KEY}
|
|
60
|
-
* - 200 with model list -> confirmed (scope drift to AI)
|
|
61
|
-
* - 401/403 -> not confirmed (key restricted)
|
|
62
|
-
* - timeout/error -> not confirmed (inconclusive)
|
|
63
|
-
*
|
|
64
|
-
* @param apiKey The Google API key value
|
|
65
|
-
* @param baseUrl Override for testing (default: generativelanguage.googleapis.com)
|
|
66
|
-
*/
|
|
67
|
-
function verifyGeminiAccess(apiKey, baseUrl) {
|
|
68
|
-
const host = baseUrl ?? 'https://generativelanguage.googleapis.com';
|
|
69
|
-
const url = `${host}/v1beta/models?key=${apiKey}`;
|
|
70
|
-
return new Promise((resolve) => {
|
|
71
|
-
const transport = url.startsWith('https') ? https : http;
|
|
72
|
-
const req = transport.get(url, { timeout: exports.LIVENESS_TIMEOUT }, (res) => {
|
|
73
|
-
const chunks = [];
|
|
74
|
-
res.on('data', (chunk) => chunks.push(chunk));
|
|
75
|
-
res.on('end', () => {
|
|
76
|
-
const statusCode = res.statusCode ?? 0;
|
|
77
|
-
if (statusCode === 200) {
|
|
78
|
-
try {
|
|
79
|
-
const body = JSON.parse(Buffer.concat(chunks).toString('utf-8'));
|
|
80
|
-
const models = (body.models ?? [])
|
|
81
|
-
.slice(0, 3)
|
|
82
|
-
.map((m) => m.name ?? 'unknown');
|
|
83
|
-
resolve({
|
|
84
|
-
confirmed: true,
|
|
85
|
-
statusCode,
|
|
86
|
-
details: `Active Gemini access: ${models.join(', ')}`,
|
|
87
|
-
});
|
|
88
|
-
}
|
|
89
|
-
catch {
|
|
90
|
-
resolve({
|
|
91
|
-
confirmed: true,
|
|
92
|
-
statusCode,
|
|
93
|
-
details: 'Active Gemini access (response parsed partially)',
|
|
94
|
-
});
|
|
95
|
-
}
|
|
96
|
-
}
|
|
97
|
-
else {
|
|
98
|
-
resolve({
|
|
99
|
-
confirmed: false,
|
|
100
|
-
statusCode,
|
|
101
|
-
});
|
|
102
|
-
}
|
|
103
|
-
});
|
|
104
|
-
});
|
|
105
|
-
req.on('timeout', () => {
|
|
106
|
-
req.destroy();
|
|
107
|
-
resolve({ confirmed: false, error: 'Liveness check timed out' });
|
|
108
|
-
});
|
|
109
|
-
req.on('error', (err) => {
|
|
110
|
-
resolve({ confirmed: false, error: err.message });
|
|
111
|
-
});
|
|
112
|
-
});
|
|
113
|
-
}
|
|
114
|
-
//# sourceMappingURL=drift-liveness.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"drift-liveness.js","sourceRoot":"","sources":["../../src/util/drift-liveness.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA2CH,gDAsDC;AA/FD,kDAAoC;AACpC,gDAAkC;AAelC,oBAAoB;AAEpB,kDAAkD;AACrC,QAAA,gBAAgB,GAAG,IAAI,CAAC;AAErC,4EAA4E;AAC/D,QAAA,cAAc,GAAG,GAAG,CAAC;AAElC,qDAAqD;AACxC,QAAA,mBAAmB,GAAG,CAAC,CAAC;AAErC,0BAA0B;AAE1B;;;;;;;;;;;GAWG;AACH,SAAgB,kBAAkB,CAChC,MAAc,EACd,OAAgB;IAEhB,MAAM,IAAI,GAAG,OAAO,IAAI,2CAA2C,CAAC;IACpE,MAAM,GAAG,GAAG,GAAG,IAAI,sBAAsB,MAAM,EAAE,CAAC;IAElD,OAAO,IAAI,OAAO,CAAiB,CAAC,OAAO,EAAE,EAAE;QAC7C,MAAM,SAAS,GAAG,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAEzD,MAAM,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,wBAAgB,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE;YACpE,MAAM,MAAM,GAAa,EAAE,CAAC;YAE5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;YAEtD,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;gBACjB,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,IAAI,CAAC,CAAC;gBAEvC,IAAI,UAAU,KAAK,GAAG,EAAE,CAAC;oBACvB,IAAI,CAAC;wBACH,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;wBACjE,MAAM,MAAM,GAAa,CAAC,IAAI,CAAC,MAAM,IAAI,EAAE,CAAC;6BACzC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;6BACX,GAAG,CAAC,CAAC,CAAoB,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,SAAS,CAAC,CAAC;wBACtD,OAAO,CAAC;4BACN,SAAS,EAAE,IAAI;4BACf,UAAU;4BACV,OAAO,EAAE,yBAAyB,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;yBACtD,CAAC,CAAC;oBACL,CAAC;oBAAC,MAAM,CAAC;wBACP,OAAO,CAAC;4BACN,SAAS,EAAE,IAAI;4BACf,UAAU;4BACV,OAAO,EAAE,kDAAkD;yBAC5D,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC;wBACN,SAAS,EAAE,KAAK;wBAChB,UAAU;qBACX,CAAC,CAAC;gBACL,CAAC;YACH,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;YACrB,GAAG,CAAC,OAAO,EAAE,CAAC;YACd,OAAO,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,0BAA0B,EAAE,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;QAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAU,EAAE,EAAE;YAC7B,OAAO,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC"}
|