postquant 0.2.0 → 0.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +165 -14
- package/dist/commands/analyze.d.ts.map +1 -1
- package/dist/commands/analyze.js +15 -5
- package/dist/commands/analyze.js.map +1 -1
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -1
- package/dist/output/json-code.d.ts.map +1 -1
- package/dist/output/json-code.js +12 -0
- package/dist/output/json-code.js.map +1 -1
- package/dist/output/sarif.d.ts.map +1 -1
- package/dist/output/sarif.js +27 -2
- package/dist/output/sarif.js.map +1 -1
- package/dist/output/terminal-code.d.ts +1 -0
- package/dist/output/terminal-code.d.ts.map +1 -1
- package/dist/output/terminal-code.js +66 -6
- package/dist/output/terminal-code.js.map +1 -1
- package/dist/scanner/classifier.js +1 -1
- package/dist/scanner/classifier.js.map +1 -1
- package/dist/scanner/code/grader.d.ts.map +1 -1
- package/dist/scanner/code/grader.js +75 -21
- package/dist/scanner/code/grader.js.map +1 -1
- package/dist/scanner/code/matcher.d.ts +11 -2
- package/dist/scanner/code/matcher.d.ts.map +1 -1
- package/dist/scanner/code/matcher.js +3 -2
- package/dist/scanner/code/matcher.js.map +1 -1
- package/dist/scanner/code/risk-assessor.d.ts +25 -0
- package/dist/scanner/code/risk-assessor.d.ts.map +1 -0
- package/dist/scanner/code/risk-assessor.js +412 -0
- package/dist/scanner/code/risk-assessor.js.map +1 -0
- package/dist/scanner/openssl.d.ts +25 -0
- package/dist/scanner/openssl.d.ts.map +1 -0
- package/dist/scanner/openssl.js +113 -0
- package/dist/scanner/openssl.js.map +1 -0
- package/dist/scanner/tls.d.ts.map +1 -1
- package/dist/scanner/tls.js +43 -1
- package/dist/scanner/tls.js.map +1 -1
- package/dist/types/index.d.ts +21 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js +4 -1
- package/dist/types/index.js.map +1 -1
- package/package.json +4 -1
package/README.md
CHANGED
|
@@ -1,12 +1,108 @@
|
|
|
1
1
|
# PostQuant
|
|
2
2
|
|
|
3
|
-
**
|
|
3
|
+
**Scan your TLS endpoints and source code for quantum-vulnerable cryptography. Get a letter grade. Know your risk. Plan your migration.**
|
|
4
4
|
|
|
5
5
|
[](LICENSE)
|
|
6
6
|
[](https://www.npmjs.com/package/postquant)
|
|
7
7
|
|
|
8
8
|
PostQuant scans TLS connections and source code, reports which algorithms are vulnerable to quantum attacks, grades them A+ through F, and tells you what to migrate to. Supports Python, JavaScript/TypeScript, Go, and Java.
|
|
9
9
|
|
|
10
|
+
## What's New in v0.4.0
|
|
11
|
+
|
|
12
|
+
v0.4.0 detects hybrid post-quantum key exchanges (X25519MLKEM768) via OpenSSL probing. Cloudflare and Google both negotiate hybrid PQC — PostQuant now sees it.
|
|
13
|
+
|
|
14
|
+
## What Makes v0.3.0 Different
|
|
15
|
+
|
|
16
|
+
PostQuant doesn't just find algorithms — it understands context.
|
|
17
|
+
|
|
18
|
+
A naive scanner flags `uuid` for using MD5 and calls it critical. PostQuant reads the surrounding code, sees it's generating RFC 4122 checksums (not securing passwords), and adjusts the risk to low. The grade? **A**.
|
|
19
|
+
|
|
20
|
+
Django's `auth/hashers.py` also uses MD5 — but for password hashing. PostQuant sees the `password` and `authenticate` signals, keeps the risk at critical, and grades it **D+**.
|
|
21
|
+
|
|
22
|
+
Same algorithm. Different context. Different risk. That distinction matters.
|
|
23
|
+
|
|
24
|
+
## TLS Scan Results
|
|
25
|
+
|
|
26
|
+
We scanned major sites with PostQuant v0.4.0. Cloudflare and Google now negotiate hybrid PQC key exchange:
|
|
27
|
+
|
|
28
|
+
| Site | Grade | Certificate | Key Exchange | Cipher | Hash |
|
|
29
|
+
|------|-------|-------------|--------------|--------|------|
|
|
30
|
+
| google.com | **C+** | RSA-2048 | X25519MLKEM768 | AES-256 | SHA-384 |
|
|
31
|
+
| cloudflare.com | **C+** | ECDSA P-256 | X25519MLKEM768 | AES-256 | SHA-384 |
|
|
32
|
+
| stripe.com | **C+** | ECDSA P-256 | X25519 | AES-256 | SHA-384 |
|
|
33
|
+
| github.com | **C** | ECDSA P-256 | X25519 | AES-256 | SHA-256 |
|
|
34
|
+
|
|
35
|
+
> Scanned with PostQuant v0.4.0 on March 4, 2026. Hybrid PQC key exchange (X25519MLKEM768) is now detected via OpenSSL probing. Grade remains C+ because certificates still use classical algorithms (RSA/ECDSA) — no CA supports PQC certificates yet.
|
|
36
|
+
|
|
37
|
+
## Framework Scan Results
|
|
38
|
+
|
|
39
|
+
We scanned popular open-source frameworks with PostQuant v0.3.0:
|
|
40
|
+
|
|
41
|
+
| Project | Language | Grade | Critical | What We Found |
|
|
42
|
+
|---------|----------|-------|----------|---------------|
|
|
43
|
+
| Django | Python | **D+** | 2 | MD5 in auth hashers, SHA-1 in file uploads |
|
|
44
|
+
| FastAPI | Python | **A** | 0 | No quantum-vulnerable crypto detected |
|
|
45
|
+
| Express | JS | **A** | 0 | No quantum-vulnerable crypto detected |
|
|
46
|
+
| Gin | Go | **A** | 0 | No quantum-vulnerable crypto detected |
|
|
47
|
+
|
|
48
|
+
> Scanned with PostQuant v0.3.0 on March 3, 2026. Run `npx postquant analyze <path>` to scan your own projects.
|
|
49
|
+
|
|
50
|
+
## Package Scan Results
|
|
51
|
+
|
|
52
|
+
We scanned popular npm and PyPI packages. Context-aware risk assessment separates real threats from protocol compliance:
|
|
53
|
+
|
|
54
|
+
### npm Packages
|
|
55
|
+
|
|
56
|
+
| Package | Grade | Raw Findings | Adjusted Risk | What We Found |
|
|
57
|
+
|---------|-------|-------------|---------------|---------------|
|
|
58
|
+
| uuid | **A** | 4 critical | 4 low | MD5/SHA-1 for RFC 4122 checksums — not security |
|
|
59
|
+
| express-session | **A** | 2 critical | 2 low | SHA-1 for integrity checks — not auth |
|
|
60
|
+
| node-forge | **C+** | 4 critical | 4 critical | RSA in encryption — intentional crypto library |
|
|
61
|
+
| pg | **D+** | 4 critical | 4 critical | MD5 in PostgreSQL auth protocol |
|
|
62
|
+
| mysql2 | **D+** | 2 critical | 2 high | SHA-1 in MySQL auth_41 protocol |
|
|
63
|
+
| ssh2 | **D+** | 18 critical | 12 critical | DH, ECDH, Ed25519 in SSH key exchange |
|
|
64
|
+
|
|
65
|
+
### Python Packages
|
|
66
|
+
|
|
67
|
+
| Package | Grade | Raw Findings | Adjusted Risk | What We Found |
|
|
68
|
+
|---------|-------|-------------|---------------|---------------|
|
|
69
|
+
| requests | **A** | 5 critical | 3 low | MD5/SHA-1 in HTTP digest auth checksums |
|
|
70
|
+
| boto3 | **A** | 1 critical | 1 informational | MD5 for S3 protocol compliance |
|
|
71
|
+
| werkzeug | **C+** | 1 critical | 1 high | RSA in dev server TLS certificate |
|
|
72
|
+
| aiohttp | **D+** | 3 critical | 2 critical | Crypto usage in client fingerprinting |
|
|
73
|
+
| django | **D+** | 2 critical | 2 critical | MD5 in auth hashers, SHA-1 in uploads |
|
|
74
|
+
| paramiko | **D-** | 10 critical | 10 critical | ECDSA, X25519, DH throughout SSH protocol |
|
|
75
|
+
|
|
76
|
+
> Scanned with PostQuant v0.3.0 on March 3, 2026. "Raw Findings" = pattern matching only. "Adjusted Risk" = after context analysis.
|
|
77
|
+
|
|
78
|
+
## Risk Assessment
|
|
79
|
+
|
|
80
|
+
PostQuant v0.3.0 introduces context-aware risk assessment. Instead of blindly flagging every MD5 or SHA-1 as critical, the scanner reads surrounding code to understand *how* the algorithm is being used.
|
|
81
|
+
|
|
82
|
+
**How it works:**
|
|
83
|
+
|
|
84
|
+
1. **Pattern matching** finds cryptographic algorithm usage (MD5, SHA-1, RSA, ECDSA, etc.)
|
|
85
|
+
2. **Context analysis** examines the surrounding code — file paths, variable names, function calls, API patterns
|
|
86
|
+
3. **Risk adjustment** raises or lowers the finding's severity based on context signals
|
|
87
|
+
|
|
88
|
+
**Context signals that decrease risk:**
|
|
89
|
+
- Nearby code references `checksum`, `digest`, `fingerprint`, `uuid`
|
|
90
|
+
- File paths suggest test fixtures or protocol compliance
|
|
91
|
+
- API patterns match known non-security uses (e.g., PostgreSQL MD5 auth marked as legacy-support)
|
|
92
|
+
|
|
93
|
+
**Context signals that increase risk:**
|
|
94
|
+
- Nearby code references `password`, `authenticate`, `encrypt`, `secret`
|
|
95
|
+
- File paths contain `auth/`, `security/`, `crypto/`
|
|
96
|
+
- Algorithm used for digital signatures, key exchange, or session management
|
|
97
|
+
|
|
98
|
+
**Result:** `uuid` using MD5 for checksums scores **A**. Django using MD5 for password hashing scores **D+**. Same algorithm, different risk.
|
|
99
|
+
|
|
100
|
+
To disable context analysis and use raw pattern matching only:
|
|
101
|
+
|
|
102
|
+
```bash
|
|
103
|
+
npx postquant analyze . --no-context
|
|
104
|
+
```
|
|
105
|
+
|
|
10
106
|
## Why
|
|
11
107
|
|
|
12
108
|
NIST will **deprecate** RSA, ECC, and other quantum-vulnerable algorithms by **2030** and **disallow** them by **2035**. Adversaries are already harvesting encrypted traffic to decrypt later with quantum computers.
|
|
@@ -15,6 +111,8 @@ PostQuant shows you what's exposed.
|
|
|
15
111
|
|
|
16
112
|
## Quick Start
|
|
17
113
|
|
|
114
|
+
### TLS Scanning
|
|
115
|
+
|
|
18
116
|
```bash
|
|
19
117
|
npx postquant scan example.com
|
|
20
118
|
```
|
|
@@ -36,13 +134,45 @@ Output:
|
|
|
36
134
|
|
|
37
135
|
Most sites today score C+ or C. That's expected — almost nobody has deployed post-quantum cryptography yet.
|
|
38
136
|
|
|
39
|
-
###
|
|
137
|
+
### Code Scanner
|
|
138
|
+
|
|
139
|
+
Scan source code for quantum-vulnerable cryptographic patterns. 54 detection patterns across 4 languages (Python, JavaScript/TypeScript, Go, Java) with context-aware risk assessment.
|
|
40
140
|
|
|
41
141
|
```bash
|
|
42
|
-
|
|
142
|
+
# Scan your project
|
|
143
|
+
npx postquant analyze .
|
|
144
|
+
|
|
145
|
+
# Show all findings including low-risk ones
|
|
146
|
+
npx postquant analyze . --show-all
|
|
147
|
+
|
|
148
|
+
# Skip context analysis, raw pattern matching only
|
|
149
|
+
npx postquant analyze . --no-context
|
|
150
|
+
|
|
151
|
+
# SARIF output for GitHub Code Scanning
|
|
152
|
+
npx postquant analyze ./src --format sarif
|
|
153
|
+
|
|
154
|
+
# CycloneDX CBOM for compliance
|
|
155
|
+
npx postquant analyze . --format cbom
|
|
156
|
+
```
|
|
157
|
+
|
|
158
|
+
Output with context labels:
|
|
159
|
+
|
|
43
160
|
```
|
|
161
|
+
Overall Grade: D+
|
|
162
|
+
|
|
163
|
+
Findings
|
|
164
|
+
|
|
165
|
+
django/contrib/auth/hashers.py (python)
|
|
166
|
+
L669: MD5 🔴 Critical — authentication
|
|
44
167
|
|
|
45
|
-
|
|
168
|
+
tests/file_uploads/tests.py (python)
|
|
169
|
+
L120: SHA-1 🔴 Critical — digital signature
|
|
170
|
+
|
|
171
|
+
Adjusted Risk (with context)
|
|
172
|
+
🔴 2 critical
|
|
173
|
+
🟢 4 low
|
|
174
|
+
🟢 2 informational
|
|
175
|
+
```
|
|
46
176
|
|
|
47
177
|
## Usage
|
|
48
178
|
|
|
@@ -95,7 +225,13 @@ postquant analyze . --ignore "vendor/**" --ignore "test/**"
|
|
|
95
225
|
# Set fail threshold for CI
|
|
96
226
|
postquant analyze ./src --fail-grade D
|
|
97
227
|
|
|
98
|
-
# Show all findings including
|
|
228
|
+
# Show all findings including low and informational risk
|
|
229
|
+
postquant analyze ./src --show-all
|
|
230
|
+
|
|
231
|
+
# Skip context analysis, use raw pattern matching only
|
|
232
|
+
postquant analyze ./src --no-context
|
|
233
|
+
|
|
234
|
+
# Show all findings including safe ones (legacy)
|
|
99
235
|
postquant analyze ./src --verbose
|
|
100
236
|
```
|
|
101
237
|
|
|
@@ -114,16 +250,28 @@ postquant analyze ./src --verbose
|
|
|
114
250
|
|
|
115
251
|
+/- modifiers reflect classical crypto hygiene within each grade band.
|
|
116
252
|
|
|
117
|
-
|
|
253
|
+
## GitHub Actions
|
|
254
|
+
|
|
255
|
+
Add quantum vulnerability scanning to your CI/CD pipeline:
|
|
118
256
|
|
|
119
257
|
```yaml
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
258
|
+
name: PostQuant Scan
|
|
259
|
+
on: [push, pull_request]
|
|
260
|
+
jobs:
|
|
261
|
+
quantum-check:
|
|
262
|
+
runs-on: ubuntu-latest
|
|
263
|
+
permissions:
|
|
264
|
+
security-events: write
|
|
265
|
+
steps:
|
|
266
|
+
- uses: actions/checkout@v4
|
|
267
|
+
- run: npx postquant analyze . --format sarif > postquant.sarif
|
|
268
|
+
- uses: github/codeql-action/upload-sarif@v3
|
|
269
|
+
with:
|
|
270
|
+
sarif_file: postquant.sarif
|
|
125
271
|
```
|
|
126
272
|
|
|
273
|
+
Results appear directly in GitHub's **Security > Code scanning alerts** tab.
|
|
274
|
+
|
|
127
275
|
## Development
|
|
128
276
|
|
|
129
277
|
```bash
|
|
@@ -138,10 +286,13 @@ npm run dev -- analyze ./src # Code scan from source
|
|
|
138
286
|
|
|
139
287
|
| Phase | Target | Status |
|
|
140
288
|
|-------|--------|--------|
|
|
141
|
-
| TLS scanner CLI | March 2026 | v0.
|
|
142
|
-
| Code scanner
|
|
289
|
+
| TLS scanner CLI | March 2026 | v0.3.0 |
|
|
290
|
+
| Code scanner + CBOM | March 2026 | v0.3.0 |
|
|
291
|
+
| Context-aware risk assessment | March 2026 | v0.3.0 |
|
|
292
|
+
| Hybrid PQC detection (OpenSSL probe) | March 2026 | v0.4.0 |
|
|
143
293
|
| Migration playbook engine | April 2026 | Planned |
|
|
144
|
-
| Web dashboard | May 2026 | Planned |
|
|
294
|
+
| Web dashboard + Enterprise tier | May 2026 | Planned |
|
|
295
|
+
| GitHub Actions Marketplace + CI/CD | June 2026 | Planned |
|
|
145
296
|
|
|
146
297
|
See [docs/ROADMAP.md](docs/ROADMAP.md) for details.
|
|
147
298
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../src/commands/analyze.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../src/commands/analyze.ts"],"names":[],"mappings":"AAYA,OAAO,KAAK,EAAE,cAAc,EAAyB,KAAK,EAAE,MAAM,mBAAmB,CAAC;AAmBtF,UAAU,aAAa;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,EAAE,KAAK,GAAG,IAAI,CAAC;CACrB;AAED,wBAAsB,cAAc,CAClC,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,cAAc,GACtB,OAAO,CAAC,aAAa,CAAC,CA2GxB"}
|
package/dist/commands/analyze.js
CHANGED
|
@@ -4,6 +4,7 @@ import chalk from 'chalk';
|
|
|
4
4
|
import { discoverFiles } from '../scanner/code/discovery.js';
|
|
5
5
|
import { matchFile } from '../scanner/code/matcher.js';
|
|
6
6
|
import { classifyCodeFindings } from '../scanner/code/classifier.js';
|
|
7
|
+
import { assessFindings } from '../scanner/code/risk-assessor.js';
|
|
7
8
|
import { gradeCodeScan, shouldFailForCodeGrade } from '../scanner/code/grader.js';
|
|
8
9
|
import { formatCodeTerminal } from '../output/terminal-code.js';
|
|
9
10
|
import { formatCodeJson } from '../output/json-code.js';
|
|
@@ -40,18 +41,21 @@ export async function analyzeCommand(targetPath, options) {
|
|
|
40
41
|
}
|
|
41
42
|
const startTime = Date.now();
|
|
42
43
|
const allFindings = [];
|
|
44
|
+
const fileContents = new Map();
|
|
43
45
|
let filesScanned = 0;
|
|
44
46
|
if (fileStat.isFile()) {
|
|
45
47
|
// Single file mode
|
|
46
48
|
const ext = extname(absPath);
|
|
47
49
|
const lang = EXTENSION_MAP[ext];
|
|
48
50
|
if (lang && (!options.language || options.language === lang)) {
|
|
49
|
-
const findings = await matchFile(absPath, lang);
|
|
51
|
+
const { findings, content } = await matchFile(absPath, lang);
|
|
52
|
+
const normalizedName = basename(absPath);
|
|
50
53
|
// Normalize file paths to be relative-ish (just the basename for single files)
|
|
51
54
|
for (const f of findings) {
|
|
52
|
-
f.file =
|
|
55
|
+
f.file = normalizedName;
|
|
53
56
|
}
|
|
54
57
|
allFindings.push(...findings);
|
|
58
|
+
fileContents.set(normalizedName, content);
|
|
55
59
|
filesScanned = 1;
|
|
56
60
|
}
|
|
57
61
|
else {
|
|
@@ -70,12 +74,13 @@ export async function analyzeCommand(targetPath, options) {
|
|
|
70
74
|
for (const file of discovered) {
|
|
71
75
|
const fullPath = join(absPath, file.path);
|
|
72
76
|
try {
|
|
73
|
-
const findings = await matchFile(fullPath, file.language);
|
|
77
|
+
const { findings, content } = await matchFile(fullPath, file.language);
|
|
74
78
|
// Normalize to relative path from scan root
|
|
75
79
|
for (const f of findings) {
|
|
76
80
|
f.file = file.path;
|
|
77
81
|
}
|
|
78
82
|
allFindings.push(...findings);
|
|
83
|
+
fileContents.set(file.path, content);
|
|
79
84
|
}
|
|
80
85
|
catch {
|
|
81
86
|
// Skip files that can't be read
|
|
@@ -84,9 +89,13 @@ export async function analyzeCommand(targetPath, options) {
|
|
|
84
89
|
}
|
|
85
90
|
const durationMs = Date.now() - startTime;
|
|
86
91
|
const scanRoot = fileStat.isFile() ? absPath : absPath;
|
|
87
|
-
// Pipeline: classify → grade → format
|
|
92
|
+
// Pipeline: classify → assess → grade → format
|
|
88
93
|
const classified = classifyCodeFindings(allFindings, scanRoot, filesScanned, durationMs);
|
|
89
|
-
|
|
94
|
+
let gradingFindings = classified.findings;
|
|
95
|
+
if (!options.noContext) {
|
|
96
|
+
gradingFindings = assessFindings(classified.findings, fileContents);
|
|
97
|
+
}
|
|
98
|
+
const graded = gradeCodeScan({ ...classified, findings: gradingFindings });
|
|
90
99
|
// Format output
|
|
91
100
|
let output;
|
|
92
101
|
switch (options.format) {
|
|
@@ -104,6 +113,7 @@ export async function analyzeCommand(targetPath, options) {
|
|
|
104
113
|
output = formatCodeTerminal(graded, {
|
|
105
114
|
verbose: options.verbose,
|
|
106
115
|
noMigration: options.noMigration,
|
|
116
|
+
showAll: options.showAll,
|
|
107
117
|
});
|
|
108
118
|
break;
|
|
109
119
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../../src/commands/analyze.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7D,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAClF,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAG/C,qFAAqF;AACrF,MAAM,aAAa,GAA6B;IAC9C,KAAK,EAAE,QAAQ;IACf,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,MAAM;CAChB,CAAC;AAQF,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,UAAkB,EAClB,OAAuB;IAEvB,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAEpC,IAAI,QAAQ,CAAC;IACb,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,+BAA+B,UAAU,EAAE,CAAC;YAC9D,KAAK,EAAE,IAAI;SACZ,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,WAAW,GAAkB,EAAE,CAAC;IACtC,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,IAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QACtB,mBAAmB;QACnB,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7B,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,EAAE,CAAC;YAC7D,MAAM,QAAQ,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"analyze.js","sourceRoot":"","sources":["../../src/commands/analyze.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7D,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,aAAa,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,+BAA+B,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,kCAAkC,CAAC;AAClE,OAAO,EAAE,aAAa,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAClF,OAAO,EAAE,kBAAkB,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAG/C,qFAAqF;AACrF,MAAM,aAAa,GAA6B;IAC9C,KAAK,EAAE,QAAQ;IACf,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,QAAQ;IAChB,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,MAAM;CAChB,CAAC;AAQF,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,UAAkB,EAClB,OAAuB;IAEvB,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IAEpC,IAAI,QAAQ,CAAC;IACb,IAAI,CAAC;QACH,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,QAAQ,EAAE,CAAC;YACX,MAAM,EAAE,KAAK,CAAC,GAAG,CAAC,+BAA+B,UAAU,EAAE,CAAC;YAC9D,KAAK,EAAE,IAAI;SACZ,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,WAAW,GAAkB,EAAE,CAAC;IACtC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC/C,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,IAAI,QAAQ,CAAC,MAAM,EAAE,EAAE,CAAC;QACtB,mBAAmB;QACnB,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC;QAC7B,MAAM,IAAI,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;QAChC,IAAI,IAAI,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,IAAI,CAAC,EAAE,CAAC;YAC7D,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC7D,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;YACzC,+EAA+E;YAC/E,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;gBACzB,CAAC,CAAC,IAAI,GAAG,cAAc,CAAC;YAC1B,CAAC;YACD,WAAW,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;YAC9B,YAAY,CAAC,GAAG,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;YAC1C,YAAY,GAAG,CAAC,CAAC;QACnB,CAAC;aAAM,CAAC;YACN,YAAY,GAAG,CAAC,CAAC;QACnB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,iBAAiB;QACjB,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE;YAC9C,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;SAC3B,CAAC,CAAC;QAEH,YAAY,GAAG,UAAU,CAAC,MAAM,CAAC;QAEjC,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;YAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1C,IAAI,CAAC;gBACH,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;gBACvE,4CAA4C;gBAC5C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;oBACzB,CAAC,CAAC,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;gBACrB,CAAC;gBACD,WAAW,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;gBAC9B,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACvC,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAC1C,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC;IAEvD,+CAA+C;IAC/C,MAAM,UAAU,GAAG,oBAAoB,CAAC,WAAW,EAAE,QAAQ,EAAE,YAAY,EAAE,UAAU,CAAC,CAAC;IAEzF,IAAI,eAAe,GAAG,UAAU,CAAC,QAAQ,CAAC;IAC1C,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;QACvB,eAAe,GAAG,cAAc,CAAC,UAAU,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACtE,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,CAAC,EAAE,GAAG,UAAU,EAAE,QAAQ,EAAE,eAAe,EAAE,CAAC,CAAC;IAE3E,gBAAgB;IAChB,IAAI,MAAc,CAAC;IACnB,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;QACvB,KAAK,MAAM;YACT,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;YAChC,MAAM;QACR,KAAK,OAAO;YACV,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;YAC7B,MAAM;QACR,KAAK,MAAM;YACT,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;YAC5B,MAAM;QACR,KAAK,UAAU,CAAC;QAChB;YACE,MAAM,GAAG,kBAAkB,CAAC,MAAM,EAAE;gBAClC,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,WAAW,EAAE,OAAO,CAAC,WAAW;gBAChC,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC,CAAC;YACH,MAAM;IACV,CAAC;IAED,sBAAsB;IACtB,MAAM,UAAU,GAAG,sBAAsB,CAAC,MAAM,CAAC,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC;IAC/E,MAAM,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAEpC,OAAO;QACL,QAAQ;QACR,MAAM;QACN,KAAK,EAAE,MAAM,CAAC,KAAK;KACpB,CAAC;AACJ,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -51,6 +51,8 @@ program
|
|
|
51
51
|
.option('--max-files <count>', 'Maximum files to scan', '10000')
|
|
52
52
|
.option('--verbose', 'Show all findings including safe ones', false)
|
|
53
53
|
.option('--no-migration', 'Hide migration recommendations')
|
|
54
|
+
.option('--show-all', 'Show all findings including low and informational risk')
|
|
55
|
+
.option('--no-context', 'Skip risk assessment, use raw pattern matching only')
|
|
54
56
|
.action(async (targetPath, opts) => {
|
|
55
57
|
const format = opts.format;
|
|
56
58
|
if (!VALID_ANALYZE_FORMATS.includes(format)) {
|
|
@@ -75,6 +77,8 @@ program
|
|
|
75
77
|
maxFiles: parseInt(opts.maxFiles, 10),
|
|
76
78
|
verbose: opts.verbose,
|
|
77
79
|
noMigration: !opts.migration,
|
|
80
|
+
showAll: opts.showAll ?? false,
|
|
81
|
+
noContext: !opts.context,
|
|
78
82
|
});
|
|
79
83
|
console.log(output);
|
|
80
84
|
process.exit(exitCode);
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAGvD,MAAM,YAAY,GAAgB,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AAClE,MAAM,qBAAqB,GAA0B,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAC3F,MAAM,eAAe,GAAe,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAE3E,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,wEAAwE,CAAC;KACrF,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,sDAAsD,CAAC;KACnE,QAAQ,CAAC,YAAY,EAAE,yCAAyC,CAAC;KACjE,MAAM,CAAC,uBAAuB,EAAE,gCAAgC,EAAE,UAAU,CAAC;KAC7E,MAAM,CAAC,eAAe,EAAE,qCAAqC,CAAC;KAC9D,MAAM,CAAC,gBAAgB,EAAE,oCAAoC,EAAE,OAAO,CAAC;KACvE,MAAM,CAAC,WAAW,EAAE,gCAAgC,EAAE,KAAK,CAAC;KAC5D,MAAM,CACL,sBAAsB,EACtB,sCAAsC,EACtC,GAAG,CACJ;KACA,MAAM,CAAC,KAAK,EAAE,KAAe,EAAE,IAAI,EAAE,EAAE;IACtC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAsB,CAAC;IAC3C,IAAI,MAAM,KAAK,UAAU,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/C,OAAO,CAAC,KAAK,CAAC,mBAAmB,MAAM,6BAA6B,CAAC,CAAC;QACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAsB,CAAC;IAC9C,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,CAAC,KAAK,CACX,uBAAuB,SAAS,iBAAiB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC3E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE;QACxC,MAAM;QACN,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;QACnC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,SAAS;QACT,IAAI,EAAE,IAAI,CAAC,IAAI;KAChB,CAAC,CAAC;IAEH,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,sDAAsD,CAAC;KACnE,QAAQ,CAAC,QAAQ,EAAE,2BAA2B,CAAC;KAC/C,MAAM,CAAC,uBAAuB,EAAE,6CAA6C,EAAE,UAAU,CAAC;KAC1F,MAAM,CAAC,2BAA2B,EAAE,mDAAmD,CAAC;KACxF,MAAM,CAAC,sBAAsB,EAAE,sCAAsC,EAAE,GAAG,CAAC;KAC3E,MAAM,CAAC,wBAAwB,EAAE,0BAA0B,CAAC;KAC5D,MAAM,CAAC,sBAAsB,EAAE,2BAA2B,EAAE,kBAAkB,CAAC;KAC/E,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,EAAE,OAAO,CAAC;KAC/D,MAAM,CAAC,WAAW,EAAE,uCAAuC,EAAE,KAAK,CAAC;KACnE,MAAM,CAAC,gBAAgB,EAAE,gCAAgC,CAAC;KAC1D,MAAM,CAAC,KAAK,EAAE,UAAkB,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,MAAM,GAAG,IAAI,CAAC,MAA6B,CAAC;IAClD,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CACX,mBAAmB,MAAM,iBAAiB,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC7E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAoB,CAAC,EAAE,CAAC;QAC1E,OAAO,CAAC,KAAK,CACX,qBAAqB,IAAI,CAAC,QAAQ,iBAAiB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAsB,CAAC;IAC9C,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,CAAC,KAAK,CACX,uBAAuB,SAAS,iBAAiB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC3E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE;QAC5D,MAAM;QACN,QAAQ,EAAE,IAAI,CAAC,QAAgC;QAC/C,SAAS;QACT,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE;QACzB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACrC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,WAAW,EAAE,CAAC,IAAI,CAAC,SAAS;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,uBAAuB,CAAC;AAGvD,MAAM,YAAY,GAAgB,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,CAAC,CAAC;AAClE,MAAM,qBAAqB,GAA0B,CAAC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;AAC3F,MAAM,eAAe,GAAe,CAAC,QAAQ,EAAE,YAAY,EAAE,IAAI,EAAE,MAAM,CAAC,CAAC;AAE3E,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,WAAW,CAAC;KACjB,WAAW,CAAC,wEAAwE,CAAC;KACrF,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,sDAAsD,CAAC;KACnE,QAAQ,CAAC,YAAY,EAAE,yCAAyC,CAAC;KACjE,MAAM,CAAC,uBAAuB,EAAE,gCAAgC,EAAE,UAAU,CAAC;KAC7E,MAAM,CAAC,eAAe,EAAE,qCAAqC,CAAC;KAC9D,MAAM,CAAC,gBAAgB,EAAE,oCAAoC,EAAE,OAAO,CAAC;KACvE,MAAM,CAAC,WAAW,EAAE,gCAAgC,EAAE,KAAK,CAAC;KAC5D,MAAM,CACL,sBAAsB,EACtB,sCAAsC,EACtC,GAAG,CACJ;KACA,MAAM,CAAC,KAAK,EAAE,KAAe,EAAE,IAAI,EAAE,EAAE;IACtC,MAAM,MAAM,GAAG,IAAI,CAAC,MAAsB,CAAC;IAC3C,IAAI,MAAM,KAAK,UAAU,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/C,OAAO,CAAC,KAAK,CAAC,mBAAmB,MAAM,6BAA6B,CAAC,CAAC;QACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAsB,CAAC;IAC9C,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,CAAC,KAAK,CACX,uBAAuB,SAAS,iBAAiB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC3E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,WAAW,CAAC,KAAK,EAAE;QACxC,MAAM;QACN,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,CAAC;QACnC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,SAAS;QACT,IAAI,EAAE,IAAI,CAAC,IAAI;KAChB,CAAC,CAAC;IAEH,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,sDAAsD,CAAC;KACnE,QAAQ,CAAC,QAAQ,EAAE,2BAA2B,CAAC;KAC/C,MAAM,CAAC,uBAAuB,EAAE,6CAA6C,EAAE,UAAU,CAAC;KAC1F,MAAM,CAAC,2BAA2B,EAAE,mDAAmD,CAAC;KACxF,MAAM,CAAC,sBAAsB,EAAE,sCAAsC,EAAE,GAAG,CAAC;KAC3E,MAAM,CAAC,wBAAwB,EAAE,0BAA0B,CAAC;KAC5D,MAAM,CAAC,sBAAsB,EAAE,2BAA2B,EAAE,kBAAkB,CAAC;KAC/E,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,EAAE,OAAO,CAAC;KAC/D,MAAM,CAAC,WAAW,EAAE,uCAAuC,EAAE,KAAK,CAAC;KACnE,MAAM,CAAC,gBAAgB,EAAE,gCAAgC,CAAC;KAC1D,MAAM,CAAC,YAAY,EAAE,wDAAwD,CAAC;KAC9E,MAAM,CAAC,cAAc,EAAE,qDAAqD,CAAC;KAC7E,MAAM,CAAC,KAAK,EAAE,UAAkB,EAAE,IAAI,EAAE,EAAE;IACzC,MAAM,MAAM,GAAG,IAAI,CAAC,MAA6B,CAAC;IAClD,IAAI,CAAC,qBAAqB,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CACX,mBAAmB,MAAM,iBAAiB,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC7E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,IAAI,CAAC,QAAQ,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAoB,CAAC,EAAE,CAAC;QAC1E,OAAO,CAAC,KAAK,CACX,qBAAqB,IAAI,CAAC,QAAQ,iBAAiB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,SAAS,GAAG,IAAI,CAAC,SAAsB,CAAC;IAC9C,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;QACtC,OAAO,CAAC,KAAK,CACX,uBAAuB,SAAS,iBAAiB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAC3E,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,GAAG,MAAM,cAAc,CAAC,UAAU,EAAE;QAC5D,MAAM;QACN,QAAQ,EAAE,IAAI,CAAC,QAAgC;QAC/C,SAAS;QACT,MAAM,EAAE,IAAI,CAAC,MAAM,IAAI,EAAE;QACzB,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,QAAQ,EAAE,QAAQ,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,CAAC;QACrC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,WAAW,EAAE,CAAC,IAAI,CAAC,SAAS;QAC5B,OAAO,EAAE,IAAI,CAAC,OAAO,IAAI,KAAK;QAC9B,SAAS,EAAE,CAAC,IAAI,CAAC,OAAO;KACzB,CAAC,CAAC;IAEH,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACpB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACzB,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"json-code.d.ts","sourceRoot":"","sources":["../../src/output/json-code.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"json-code.d.ts","sourceRoot":"","sources":["../../src/output/json-code.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAmB,MAAM,mBAAmB,CAAC;AAe3E,wBAAgB,cAAc,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,CA4B/D"}
|
package/dist/output/json-code.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { readFileSync } from 'node:fs';
|
|
2
2
|
import { fileURLToPath } from 'node:url';
|
|
3
3
|
import { dirname, join } from 'node:path';
|
|
4
|
+
import { isAssessedFinding } from '../types/index.js';
|
|
4
5
|
function getVersion() {
|
|
5
6
|
try {
|
|
6
7
|
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
@@ -12,6 +13,7 @@ function getVersion() {
|
|
|
12
13
|
}
|
|
13
14
|
}
|
|
14
15
|
export function formatCodeJson(result) {
|
|
16
|
+
const hasAssessment = result.findings.some(f => isAssessedFinding(f));
|
|
15
17
|
const output = {
|
|
16
18
|
version: getVersion(),
|
|
17
19
|
timestamp: new Date().toISOString(),
|
|
@@ -24,6 +26,16 @@ export function formatCodeJson(result) {
|
|
|
24
26
|
migrationNotes: result.migrationNotes,
|
|
25
27
|
fileBreakdown: result.fileBreakdown,
|
|
26
28
|
};
|
|
29
|
+
if (hasAssessment) {
|
|
30
|
+
const adjCounts = { critical: 0, high: 0, medium: 0, low: 0, informational: 0, total: 0 };
|
|
31
|
+
for (const f of result.findings) {
|
|
32
|
+
if (isAssessedFinding(f)) {
|
|
33
|
+
adjCounts[f.riskContext.adjustedRisk]++;
|
|
34
|
+
adjCounts.total++;
|
|
35
|
+
}
|
|
36
|
+
}
|
|
37
|
+
output.adjustedSummary = adjCounts;
|
|
38
|
+
}
|
|
27
39
|
return JSON.stringify(output, null, 2);
|
|
28
40
|
}
|
|
29
41
|
//# sourceMappingURL=json-code.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"json-code.js","sourceRoot":"","sources":["../../src/output/json-code.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"json-code.js","sourceRoot":"","sources":["../../src/output/json-code.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CACpB,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CACnE,CAAC;QACF,OAAO,GAAG,CAAC,OAAO,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,cAAc,CAAC,MAAwB;IACrD,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC;IAEtE,MAAM,MAAM,GAA4B;QACtC,OAAO,EAAE,UAAU,EAAE;QACrB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,cAAc,EAAE,MAAM,CAAC,cAAc;QACrC,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC;IAEF,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,SAAS,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;QAC1F,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAChC,IAAI,iBAAiB,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzB,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC,EAAE,CAAC;gBACxC,SAAS,CAAC,KAAK,EAAE,CAAC;YACpB,CAAC;QACH,CAAC;QACD,MAAM,CAAC,eAAe,GAAG,SAAS,CAAC;IACrC,CAAC;IAED,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sarif.d.ts","sourceRoot":"","sources":["../../src/output/sarif.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"sarif.d.ts","sourceRoot":"","sources":["../../src/output/sarif.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAyE,MAAM,mBAAmB,CAAC;AA8NjI,wBAAgB,WAAW,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,CAwE5D"}
|
package/dist/output/sarif.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { readFileSync } from 'node:fs';
|
|
2
2
|
import { fileURLToPath } from 'node:url';
|
|
3
3
|
import { dirname, join } from 'node:path';
|
|
4
|
+
import { isAssessedFinding } from '../types/index.js';
|
|
4
5
|
function getVersion() {
|
|
5
6
|
try {
|
|
6
7
|
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
@@ -182,15 +183,36 @@ function riskToLevel(risk) {
|
|
|
182
183
|
return 'note';
|
|
183
184
|
}
|
|
184
185
|
}
|
|
186
|
+
/** Map adjusted risk to SARIF level. */
|
|
187
|
+
function adjustedRiskToLevel(risk) {
|
|
188
|
+
switch (risk) {
|
|
189
|
+
case 'critical':
|
|
190
|
+
case 'high':
|
|
191
|
+
return 'error';
|
|
192
|
+
case 'medium':
|
|
193
|
+
return 'warning';
|
|
194
|
+
case 'low':
|
|
195
|
+
case 'informational':
|
|
196
|
+
return 'note';
|
|
197
|
+
}
|
|
198
|
+
}
|
|
185
199
|
// --- Public API ---
|
|
186
200
|
export function formatSarif(result) {
|
|
187
201
|
const sarifResults = result.findings.map((f) => {
|
|
188
202
|
const ruleId = mapToRuleId(f);
|
|
203
|
+
const assessed = isAssessedFinding(f);
|
|
204
|
+
const level = assessed
|
|
205
|
+
? adjustedRiskToLevel(f.riskContext.adjustedRisk)
|
|
206
|
+
: riskToLevel(f.risk);
|
|
207
|
+
let messageText = `${f.algorithm} detected. ${f.reason}.${f.migration ? ` ${f.migration}.` : ''}`;
|
|
208
|
+
if (assessed) {
|
|
209
|
+
messageText += ` [Usage: ${f.riskContext.usageContext}, Adjusted risk: ${f.riskContext.adjustedRisk}]`;
|
|
210
|
+
}
|
|
189
211
|
const entry = {
|
|
190
212
|
ruleId,
|
|
191
|
-
level
|
|
213
|
+
level,
|
|
192
214
|
message: {
|
|
193
|
-
text:
|
|
215
|
+
text: messageText,
|
|
194
216
|
},
|
|
195
217
|
locations: [
|
|
196
218
|
{
|
|
@@ -207,6 +229,9 @@ export function formatSarif(result) {
|
|
|
207
229
|
},
|
|
208
230
|
],
|
|
209
231
|
};
|
|
232
|
+
if (assessed && (f.riskContext.adjustedRisk === 'informational')) {
|
|
233
|
+
entry.kind = 'informational';
|
|
234
|
+
}
|
|
210
235
|
if (f.migration) {
|
|
211
236
|
entry.fixes = [
|
|
212
237
|
{
|
package/dist/output/sarif.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sarif.js","sourceRoot":"","sources":["../../src/output/sarif.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"sarif.js","sourceRoot":"","sources":["../../src/output/sarif.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAE1C,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1D,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CACpB,YAAY,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CACnE,CAAC;QACF,OAAO,GAAG,CAAC,OAAO,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAeD,MAAM,KAAK,GAAgB;IACzB;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,sBAAsB;QAC5B,gBAAgB,EAAE,EAAE,IAAI,EAAE,6BAA6B,EAAE;QACzD,eAAe,EAAE;YACf,IAAI,EAAE,sJAAsJ;SAC7J;QACD,OAAO,EAAE,yCAAyC;QAClD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,wBAAwB;QAC9B,gBAAgB,EAAE,EAAE,IAAI,EAAE,0CAA0C,EAAE;QACtE,eAAe,EAAE;YACf,IAAI,EAAE,wEAAwE;SAC/E;QACD,OAAO,EAAE,2CAA2C;QACpD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,uBAAuB;QAC7B,gBAAgB,EAAE,EAAE,IAAI,EAAE,qCAAqC,EAAE;QACjE,eAAe,EAAE;YACf,IAAI,EAAE,2FAA2F;SAClG;QACD,OAAO,EAAE,0CAA0C;QACnD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,qBAAqB;QAC3B,gBAAgB,EAAE,EAAE,IAAI,EAAE,8CAA8C,EAAE;QAC1E,eAAe,EAAE;YACf,IAAI,EAAE,qEAAqE;SAC5E;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,sBAAsB;QAC5B,gBAAgB,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE;QAClD,eAAe,EAAE;YACf,IAAI,EAAE,yGAAyG;SAChH;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,kBAAkB;QACxB,gBAAgB,EAAE,EAAE,IAAI,EAAE,qDAAqD,EAAE;QACjF,eAAe,EAAE;YACf,IAAI,EAAE,sFAAsF;SAC7F;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;QAC1C,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QAC7E,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,YAAY;QAClB,gBAAgB,EAAE,EAAE,IAAI,EAAE,kCAAkC,EAAE;QAC9D,eAAe,EAAE;YACf,IAAI,EAAE,qGAAqG;SAC5G;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,cAAc,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QAClE,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,cAAc;QACpB,gBAAgB,EAAE,EAAE,IAAI,EAAE,6BAA6B,EAAE;QACzD,eAAe,EAAE;YACf,IAAI,EAAE,iEAAiE;SACxE;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,cAAc,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QAClE,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,sBAAsB;QAC5B,gBAAgB,EAAE,EAAE,IAAI,EAAE,8CAA8C,EAAE;QAC1E,eAAe,EAAE;YACf,IAAI,EAAE,8JAA8J;SACrK;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,wBAAwB;QAC9B,gBAAgB,EAAE,EAAE,IAAI,EAAE,gCAAgC,EAAE;QAC5D,eAAe,EAAE;YACf,IAAI,EAAE,wFAAwF;SAC/F;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,OAAO,EAAE;QACxC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,SAAS,EAAE;QACpF,aAAa,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,sBAAsB;QAC5B,gBAAgB,EAAE,EAAE,IAAI,EAAE,+CAA+C,EAAE;QAC3E,eAAe,EAAE;YACf,IAAI,EAAE,iFAAiF;SACxF;QACD,oBAAoB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE;QACvC,UAAU,EAAE,EAAE,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,cAAc,EAAE,KAAK,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE;KAC9E;CACF,CAAC;AAEF,qCAAqC;AAErC,+DAA+D;AAC/D,SAAS,WAAW,CAAC,OAAoB;IACvC,wBAAwB;IACxB,IAAI,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,OAAO,CAAC;IAEtD,6EAA6E;IAC7E,IACE,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;QACrC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC;QACnC,OAAO,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,EACnC,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,yBAAyB;IACzB,MAAM,WAAW,GAA2B;QAC1C,uBAAuB,EAAE,OAAO;QAChC,mBAAmB,EAAE,OAAO;QAC5B,cAAc,EAAE,OAAO;QACvB,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,OAAO;QACpB,eAAe,EAAE,OAAO;QACxB,gBAAgB,EAAE,OAAO;QACzB,WAAW,EAAE,OAAO;QACpB,eAAe,EAAE,OAAO;KACzB,CAAC;IAEF,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC7C,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,sDAAsD;IACtD,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;IAClD,IAAI,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC;IAC9E,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,OAAO,CAAC;IAE5E,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,qCAAqC;AACrC,SAAS,WAAW,CAAC,IAAe;IAClC,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,UAAU;YACb,OAAO,OAAO,CAAC;QACjB,KAAK,UAAU;YACb,OAAO,SAAS,CAAC;QACnB,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;IAClB,CAAC;AACH,CAAC;AAED,wCAAwC;AACxC,SAAS,mBAAmB,CAAC,IAAkB;IAC7C,QAAQ,IAAI,EAAE,CAAC;QACb,KAAK,UAAU,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,OAAO,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,SAAS,CAAC;QACnB,KAAK,KAAK,CAAC;QACX,KAAK,eAAe;YAClB,OAAO,MAAM,CAAC;IAClB,CAAC;AACH,CAAC;AAED,qBAAqB;AAErB,MAAM,UAAU,WAAW,CAAC,MAAwB;IAClD,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QAC7C,MAAM,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;QACtC,MAAM,KAAK,GAAG,QAAQ;YACpB,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,WAAW,CAAC,YAAY,CAAC;YACjD,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;QAExB,IAAI,WAAW,GAAG,GAAG,CAAC,CAAC,SAAS,cAAc,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;QAClG,IAAI,QAAQ,EAAE,CAAC;YACb,WAAW,IAAI,YAAY,CAAC,CAAC,WAAW,CAAC,YAAY,oBAAoB,CAAC,CAAC,WAAW,CAAC,YAAY,GAAG,CAAC;QACzG,CAAC;QAED,MAAM,KAAK,GAA4B;YACrC,MAAM;YACN,KAAK;YACL,OAAO,EAAE;gBACP,IAAI,EAAE,WAAW;aAClB;YACD,SAAS,EAAE;gBACT;oBACE,gBAAgB,EAAE;wBAChB,gBAAgB,EAAE;4BAChB,GAAG,EAAE,CAAC,CAAC,IAAI;4BACX,SAAS,EAAE,WAAW;yBACvB;wBACD,MAAM,EAAE;4BACN,SAAS,EAAE,CAAC,CAAC,IAAI;4BACjB,WAAW,EAAE,CAAC;yBACf;qBACF;iBACF;aACF;SACF,CAAC;QAEF,IAAI,QAAQ,IAAI,CAAC,CAAC,CAAC,WAAW,CAAC,YAAY,KAAK,eAAe,CAAC,EAAE,CAAC;YACjE,KAAK,CAAC,IAAI,GAAG,eAAe,CAAC;QAC/B,CAAC;QAED,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC;YAChB,KAAK,CAAC,KAAK,GAAG;gBACZ;oBACE,WAAW,EAAE;wBACX,IAAI,EAAE,CAAC,CAAC,SAAS;qBAClB;iBACF;aACF,CAAC;QACJ,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;IAEH,MAAM,KAAK,GAAG;QACZ,OAAO,EACL,gGAAgG;QAClG,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACJ;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,WAAW;wBACjB,OAAO,EAAE,UAAU,EAAE;wBACrB,cAAc,EAAE,uBAAuB;wBACvC,KAAK,EAAE,KAAK;qBACb;iBACF;gBACD,OAAO,EAAE,YAAY;aACtB;SACF;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC"}
|
|
@@ -2,6 +2,7 @@ import type { CodeGradedResult } from '../types/index.js';
|
|
|
2
2
|
export interface CodeTerminalOptions {
|
|
3
3
|
verbose?: boolean;
|
|
4
4
|
noMigration?: boolean;
|
|
5
|
+
showAll?: boolean;
|
|
5
6
|
}
|
|
6
7
|
export declare function formatCodeTerminal(result: CodeGradedResult, options?: CodeTerminalOptions): string;
|
|
7
8
|
//# sourceMappingURL=terminal-code.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"terminal-code.d.ts","sourceRoot":"","sources":["../../src/output/terminal-code.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,
|
|
1
|
+
{"version":3,"file":"terminal-code.d.ts","sourceRoot":"","sources":["../../src/output/terminal-code.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,gBAAgB,EAAkE,MAAM,mBAAmB,CAAC;AAe1H,MAAM,WAAW,mBAAmB;IAClC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAsCD,wBAAgB,kBAAkB,CAChC,MAAM,EAAE,gBAAgB,EACxB,OAAO,GAAE,mBAAwB,GAChC,MAAM,CA8IR"}
|
|
@@ -2,6 +2,7 @@ import { readFileSync } from 'node:fs';
|
|
|
2
2
|
import { fileURLToPath } from 'node:url';
|
|
3
3
|
import { dirname, join } from 'node:path';
|
|
4
4
|
import chalk from 'chalk';
|
|
5
|
+
import { isAssessedFinding } from '../types/index.js';
|
|
5
6
|
function getVersion() {
|
|
6
7
|
try {
|
|
7
8
|
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
@@ -22,6 +23,23 @@ function riskIcon(risk) {
|
|
|
22
23
|
return chalk.green('🟢 Quantum Safe');
|
|
23
24
|
}
|
|
24
25
|
}
|
|
26
|
+
function adjustedRiskIcon(risk) {
|
|
27
|
+
switch (risk) {
|
|
28
|
+
case 'critical':
|
|
29
|
+
return chalk.red('🔴 Critical');
|
|
30
|
+
case 'high':
|
|
31
|
+
return chalk.red('🔴 High');
|
|
32
|
+
case 'medium':
|
|
33
|
+
return chalk.yellow('🟡 Medium');
|
|
34
|
+
case 'low':
|
|
35
|
+
return chalk.green('🟢 Low');
|
|
36
|
+
case 'informational':
|
|
37
|
+
return chalk.green('🟢 Info');
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
function usageContextLabel(context) {
|
|
41
|
+
return context.replace(/-/g, ' ');
|
|
42
|
+
}
|
|
25
43
|
function gradeColor(g) {
|
|
26
44
|
if (g.startsWith('A'))
|
|
27
45
|
return chalk.green.bold(g);
|
|
@@ -30,7 +48,7 @@ function gradeColor(g) {
|
|
|
30
48
|
return chalk.red.bold(g);
|
|
31
49
|
}
|
|
32
50
|
export function formatCodeTerminal(result, options = {}) {
|
|
33
|
-
const { verbose = false, noMigration = false } = options;
|
|
51
|
+
const { verbose = false, noMigration = false, showAll = false } = options;
|
|
34
52
|
const lines = [];
|
|
35
53
|
const bar = '━'.repeat(48);
|
|
36
54
|
lines.push('');
|
|
@@ -60,9 +78,36 @@ export function formatCodeTerminal(result, options = {}) {
|
|
|
60
78
|
if (result.summary.total === 0) {
|
|
61
79
|
lines.push(chalk.green(' No quantum-vulnerable cryptography detected.'));
|
|
62
80
|
}
|
|
81
|
+
// Adjusted risk summary when findings have risk context
|
|
82
|
+
const hasAssessment = result.findings.some(f => isAssessedFinding(f));
|
|
83
|
+
if (hasAssessment) {
|
|
84
|
+
const adjCounts = { critical: 0, high: 0, medium: 0, low: 0, informational: 0 };
|
|
85
|
+
for (const f of result.findings) {
|
|
86
|
+
if (isAssessedFinding(f)) {
|
|
87
|
+
adjCounts[f.riskContext.adjustedRisk]++;
|
|
88
|
+
}
|
|
89
|
+
}
|
|
90
|
+
lines.push('');
|
|
91
|
+
lines.push(' Adjusted Risk (with context)');
|
|
92
|
+
if (adjCounts.critical > 0) {
|
|
93
|
+
lines.push(chalk.red(` 🔴 ${adjCounts.critical} critical`));
|
|
94
|
+
}
|
|
95
|
+
if (adjCounts.high > 0) {
|
|
96
|
+
lines.push(chalk.red(` 🔴 ${adjCounts.high} high`));
|
|
97
|
+
}
|
|
98
|
+
if (adjCounts.medium > 0) {
|
|
99
|
+
lines.push(chalk.yellow(` 🟡 ${adjCounts.medium} medium`));
|
|
100
|
+
}
|
|
101
|
+
if (adjCounts.low > 0) {
|
|
102
|
+
lines.push(chalk.green(` 🟢 ${adjCounts.low} low`));
|
|
103
|
+
}
|
|
104
|
+
if (adjCounts.informational > 0) {
|
|
105
|
+
lines.push(chalk.green(` 🟢 ${adjCounts.informational} informational`));
|
|
106
|
+
}
|
|
107
|
+
}
|
|
63
108
|
lines.push('');
|
|
64
109
|
// Per-file breakdown
|
|
65
|
-
const filesToShow = verbose
|
|
110
|
+
const filesToShow = (verbose || showAll)
|
|
66
111
|
? result.fileBreakdown
|
|
67
112
|
: result.fileBreakdown.filter((fb) => fb.criticalCount > 0 || fb.moderateCount > 0);
|
|
68
113
|
if (filesToShow.length > 0) {
|
|
@@ -70,11 +115,26 @@ export function formatCodeTerminal(result, options = {}) {
|
|
|
70
115
|
lines.push('');
|
|
71
116
|
for (const fb of filesToShow) {
|
|
72
117
|
lines.push(` ${chalk.bold(fb.file)} ${chalk.dim(`(${fb.language})`)}`);
|
|
73
|
-
const findingsToShow =
|
|
74
|
-
|
|
75
|
-
|
|
118
|
+
const findingsToShow = fb.findings.filter((f) => {
|
|
119
|
+
if (isAssessedFinding(f)) {
|
|
120
|
+
const adj = f.riskContext.adjustedRisk;
|
|
121
|
+
if ((adj === 'low' || adj === 'informational') && !showAll)
|
|
122
|
+
return false;
|
|
123
|
+
return true;
|
|
124
|
+
}
|
|
125
|
+
// Raw findings: same logic as before
|
|
126
|
+
if (!verbose && f.risk === 'safe')
|
|
127
|
+
return false;
|
|
128
|
+
return true;
|
|
129
|
+
});
|
|
76
130
|
for (const f of findingsToShow) {
|
|
77
|
-
|
|
131
|
+
if (isAssessedFinding(f)) {
|
|
132
|
+
const ctxLabel = usageContextLabel(f.riskContext.usageContext);
|
|
133
|
+
lines.push(` L${f.line}: ${f.algorithm.padEnd(16)} ${adjustedRiskIcon(f.riskContext.adjustedRisk)} ${chalk.dim(`— ${ctxLabel}`)}`);
|
|
134
|
+
}
|
|
135
|
+
else {
|
|
136
|
+
lines.push(` L${f.line}: ${f.algorithm.padEnd(16)} ${riskIcon(f.risk)}`);
|
|
137
|
+
}
|
|
78
138
|
}
|
|
79
139
|
lines.push('');
|
|
80
140
|
}
|