npm - proof-of-commitment - Versions diffs - 1.6.0 → 1.7.0 - Mend

proof-of-commitment 1.6.0 → 1.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -1,78 +1,58 @@
-# proof-of-commitment
+# Proof of Commitment
-> Supply chain risk scorer for npm, PyPI, Cargo (Rust), and Go modules. Behavioral signals that can't be faked.
+[![Commitment Score](https://poc-backend.amdal-dev.workers.dev/badge/npm/proof-of-commitment)](https://getcommit.dev/audit?packages=proof-of-commitment)
-```
-npx proof-of-commitment axios zod chalk
-```
+> **Stars lie. Behavioral signals don't.**
-```
-──────────────────────────────────────────────────────────────────────────
-Package               Risk            Score    Publishers   Downloads     Age
-──────────────────────────────────────────────────────────────────────────
-axios                 🔴 CRITICAL      89       1            102.0M/wk     11.6y
-  ↳ 30+ GitHub contributors — publish-access concentration risk despite active community
-  └ longevity=25 momentum=25 releases=20 publishers=4 github=15
-zod                   🔴 CRITICAL      83       1            154.0M/wk     6.1y
-  ↳ 30+ GitHub contributors — publish-access concentration risk despite active community
-  └ longevity=25 momentum=25 releases=18 publishers=4 github=11
-chalk                 🔴 CRITICAL      75       1            414.6M/wk     12.7y
-  ↳ 30+ GitHub contributors — publish-access concentration risk despite active community
-  └ longevity=25 momentum=22 releases=13 publishers=4 github=11
-──────────────────────────────────────────────────────────────────────────
-⚠  3 CRITICAL packages found.
-   CRITICAL = sole npm publisher + >10M weekly downloads (publish-access concentration risk)
-   Full breakdown: https://getcommit.dev/audit?packages=axios,zod,chalk
-```
+An MCP server and web tool that scores npm packages, PyPI packages, Rust crates, Go modules, and GitHub repos on **behavioral commitment** — signals that are harder to fake than stars, READMEs, or download counts.
-## What this does
+## The supply chain problem
-`npm audit` finds *known* CVEs — vulnerabilities already catalogued in a database. This scores *structural risk before it becomes a CVE*.
+26 of the 91 npm packages with >10M weekly downloads have a **single npm publisher**. Together they account for over 3 billion downloads per week. `npm audit` doesn't surface this. Stars don't either.
-The axios attack on April 1st, 2026: `npm audit` showed zero issues beforehand. Proof of Commitment flagged axios as CRITICAL (1 npm publisher, 96M downloads/week) — the exact publish-access concentration profile that made it a high-value target.
+Four packages in a typical Node.js project are CRITICAL right now:
+- **chalk** — 413M downloads/week, **1 npm publisher**
+- **zod** — 163M downloads/week, **1 npm publisher** (30+ GitHub contributors)
+- **lodash** — 145M downloads/week, **1 npm publisher**
+- **axios** — 99M downloads/week, **1 npm publisher** (attacked March 30, 2026)
-**Score dimensions:**
-- **Longevity** (25 pts) — years in production
-- **Download Momentum** (25 pts) — weekly download trend
-- **Release Consistency** (20 pts) — days since last release
-- **Publisher Depth** (15 pts) — npm publish-access holders
-- **GitHub Backing** (15 pts) — organization/team support
+They won't appear in your `package.json` either — but these are in almost every project:
+- **minimatch** — 562M downloads/week, **1 npm publisher**
+- **glob** — 333M downloads/week, **1 npm publisher**
+- **cross-spawn** — 190M downloads/week, **1 npm publisher**
-**CRITICAL** = sole npm publisher + >10M weekly downloads (publish-access concentration risk)
+Behavioral signals surface this. Stars and READMEs don't.
-## Usage
+## Try it now
+**Terminal (zero install):**
 ```bash
-# Score npm packages
-npx proof-of-commitment axios zod chalk lodash express
-# Score PyPI packages
-npx proof-of-commitment --pypi litellm langchain requests numpy
-# Score Rust crates
+npx proof-of-commitment axios zod chalk
+# scan your own project:
+npx proof-of-commitment --file package.json
+# scan ALL transitive dependencies via lock file (finds the hidden CRITICAL packages):
+npx proof-of-commitment --file package-lock.json   # npm
+npx proof-of-commitment --file yarn.lock           # yarn
+npx proof-of-commitment --file pnpm-lock.yaml      # pnpm
+# pnpm monorepo — scans all workspace packages, deduplicates:
+npx proof-of-commitment --file pnpm-workspace.yaml  # pnpm workspaces
+# JSON output for CI/CD pipelines (exits 1 if CRITICAL found):
+npx proof-of-commitment --file package-lock.json --json | jq '.criticalCount'
+# PyPI too:
+npx proof-of-commitment --pypi litellm langchain requests
+# Cargo (Rust) via CLI:
 npx proof-of-commitment --cargo serde tokio reqwest
-# Score Go modules (full module path required — host/owner/repo)
+# Go modules via CLI (full module path required):
 npx proof-of-commitment --golang github.com/gin-gonic/gin golang.org/x/net
-# Auto-detect from manifest / lock / module file
-npx proof-of-commitment --file package.json       # npm
-npx proof-of-commitment --file package-lock.json  # full transitive
-npx proof-of-commitment --file requirements.txt   # PyPI
-npx proof-of-commitment --file Cargo.toml         # Rust direct deps
-npx proof-of-commitment --file go.mod             # Go direct + indirect
-npx proof-of-commitment --file go.sum             # Go full transitive set
-# Short alias
-npx poc axios zod chalk
+# Or scan a go.mod / go.sum file directly:
+npx proof-of-commitment --file go.mod
+npx proof-of-commitment --file go.sum    # full transitive set
 ```
-**Go modules note:** Go has no centralized download counter and no publisher registry. Scoring is GitHub-primary: longevity, release cadence, GitHub contributor count, OpenSSF Scorecard, and stars (popularity proxy). The "publishers" column in Go output shows GitHub push-access contributors — the closest equivalent to npm publishers.
+**Web demo (no install):** [getcommit.dev/audit](https://getcommit.dev/audit) — paste your packages, see risk scores in seconds.
-## Zero-install MCP server (for Claude, Cursor, Windsurf)
+**MCP server (zero install):**
-Add to your AI tool's config:
 ```json
 {
   "mcpServers": {
@@ -84,20 +64,236 @@ Add to your AI tool's config:
 }
 ```
-Then ask: *"Audit the dependencies in my package.json"* or *"What's the risk profile of vercel/ai?"*
+Add to Claude Desktop, Cursor, Windsurf, or any MCP-compatible AI tool. Then ask:
+> "Audit my package.json for supply chain risk"
+> "Score axios, zod, chalk, lodash — which is highest risk?"
+> "Is vercel/ai actively maintained?"
 ## GitHub Action
-Posts audit results directly on your PR:
+Add supply chain auditing to any CI pipeline in 30 seconds — auto-detects packages from `package.json` or `requirements.txt`, **posts results as a PR comment**, writes to GitHub Step Summary, and optionally fails on CRITICAL packages.
+Use the dedicated action at [piiiico/commit-action](https://github.com/piiiico/commit-action):
 ```yaml
-- uses: piiiico/proof-of-commitment@main
-  with:
-    fail-on-critical: false
-    comment-on-pr: true
+# .github/workflows/supply-chain.yml
+name: Supply Chain Audit
+on:
+  pull_request:
+    paths: ['package.json', 'package-lock.json', 'bun.lock']
+jobs:
+  audit:
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+    steps:
+      - uses: actions/checkout@v4
+      - uses: piiiico/commit-action@v1
+        with:
+          fail-on-critical: true   # blocks merges on CRITICAL packages
+          comment-on-pr: true      # posts results as a PR comment
+```
+When `comment-on-pr: true` (default), the action automatically posts the audit table as a comment on the pull request — and **updates the same comment** on re-run, so you don't get comment spam. Reviewers see the risk table without leaving the PR.
+**Inputs:**
+| Input | Default | Description |
+|-------|---------|-------------|
+| `packages` | _(auto)_ | Comma-separated package names (auto-detected from `package.json`/`requirements.txt` if not set) |
+| `packages-file` | _(auto)_ | Path to `package.json` or `requirements.txt` (default: auto-detect in workspace root) |
+| `fail-on-critical` | `true` | Fail the workflow if CRITICAL packages are found |
+| `max-packages` | `20` | Max packages to audit when auto-detecting |
+| `include-dev-dependencies` | `false` | Include `devDependencies` from `package.json` |
+| `comment-on-pr` | `true` | Post audit results as a PR comment (requires `pull-requests: write` permission) |
+| `api-key` | _(none)_ | [Commit Pro](https://getcommit.dev/pricing) API key — enables batch requests and 10K requests/month |
+| `api-url` | _(prod)_ | Override API endpoint (useful for self-hosting) |
+**Outputs:** `has-critical`, `critical-count`, `audit-summary` (markdown table, also written to Step Summary).
+**Free vs Pro:** Without an API key, packages are audited one at a time (with delays to respect rate limits). With a Pro API key, all packages are audited in a single batch request — faster and with higher monthly limits.
+Example PR comment / Step Summary output:
+```
+| Package | Risk        | Score | Publishers | Downloads/wk | Age   |
+|---------|-------------|-------|------------|--------------|-------|
+| chalk   | 🔴 CRITICAL | 75    | 1          | 380M         | 12.7y |
+| zod     | 🔴 CRITICAL | 83    | 1          | 133M         | 6.1y  |
+| axios   | 🔴 CRITICAL | 89    | 1          | 93M          | 11.6y |
+```
+## README Badges
+Add a Commit Trust badge to any npm package you maintain or depend on:
+```markdown
+![Commit Trust](https://poc-backend.amdal-dev.workers.dev/badge/YOUR-PACKAGE)
+```
+Examples:
+| Package | Badge URL |
+|---------|-----------|
+| chalk | `![Commit Trust](https://poc-backend.amdal-dev.workers.dev/badge/chalk)` |
+| react | `![Commit Trust](https://poc-backend.amdal-dev.workers.dev/badge/react)` |
+| express | `![Commit Trust](https://poc-backend.amdal-dev.workers.dev/badge/express)` |
+| @babel/core | `![Commit Trust](https://poc-backend.amdal-dev.workers.dev/badge/@babel/core)` |
+Grades: 🟢 OK (75+) · 🟠 WARNING (40–74) · 🔴 CRITICAL (<40 or sole npm publisher with 10M+ weekly downloads)
+Badges are cached 1 hour. No API key needed.
+Also supports PyPI, Cargo, Go modules, and the full ecosystem-specific format:
+```markdown
+![commit score](https://poc-backend.amdal-dev.workers.dev/api/badge/npm/YOUR-PACKAGE)
+![commit score](https://poc-backend.amdal-dev.workers.dev/api/badge/pypi/YOUR-PACKAGE)
+![commit score](https://poc-backend.amdal-dev.workers.dev/api/badge/cargo/YOUR-CRATE)
+![commit score](https://poc-backend.amdal-dev.workers.dev/api/badge/golang/github.com/owner/repo)
 ```
-## Links
+## REST API
-- **Web demo:** https://getcommit.dev/audit
-- **Live watchlist:** https://getcommit.dev/watchlist (top 25 npm packages by structural risk)
-- **GitHub:** https://github.com/piiiico/proof-of-commitment
+No API key. No install.
+```bash
+curl https://poc-backend.amdal-dev.workers.dev/api/audit \
+  -X POST \
+  -H "Content-Type: application/json" \
+  -d '{"packages": ["axios", "zod", "chalk", "lodash", "express"]}'
+```
+```json
+{
+  "count": 5,
+  "results": [
+    {
+      "name": "chalk",
+      "ecosystem": "npm",
+      "score": 75,
+      "maintainers": 1,
+      "weeklyDownloads": 398397580,
+      "ageYears": 12.7,
+      "trend": "stable",
+      "riskFlags": ["CRITICAL"],
+      "scorecardScore": 3.6,        // null if no GitHub repo
+      "hasDangerousWorkflow": false  // null if no Scorecard data
+    },
+    ...
+  ]
+}
+```
+## 9 MCP tools
+| Tool | Description |
+|------|-------------|
+| `audit_dependencies` | Batch risk audit for up to 20 npm/PyPI/Cargo/Go packages |
+| `lookup_npm_package` | Single npm package behavioral profile |
+| `lookup_pypi_package` | Single PyPI package behavioral profile |
+| `lookup_cargo_crate` | Single Rust crate behavioral profile (crates.io) |
+| `lookup_go_module` | Single Go module behavioral profile (proxy.golang.org + GitHub) |
+| `lookup_github_repo` | GitHub repo commitment score (longevity, commit frequency, contributor depth) |
+| `lookup_business` | Norwegian business register — operating years, employees, financials |
+| `lookup_business_by_org` | Same, by org number |
+| `query_commitment` | Browser extension behavioral data (unique verified visitors, repeat rate) |
+## What the score measures
+Each package is scored 0–100 across:
+- **Longevity** — How long has the package existed? Abandoned packages get reactivated for attacks.
+- **Publisher depth** — Single npm publisher + millions of weekly downloads = the attack surface LiteLLM exploited. (Publisher = person with npm publish access, distinct from GitHub contributors.)
+- **Release consistency** — Regular releases signal active oversight. Long gaps = vulnerability accumulation.
+- **Download trend** — Growing packages attract more scrutiny (and attacks). Stable = lower profile.
+- **OpenSSF Scorecard** — Process security (code review enforcement, branch protection, CI/CD safety). Separate from behavioral signals. High Scorecard ≠ safe from credential theft attacks.
+> Both axios (8.1/10 Scorecard) and chalk (3.6/10 Scorecard) score CRITICAL on behavioral signals. They measure different attack surfaces — Scorecard catches process gaps, behavioral signals catch publisher concentration.
+**Risk flags:**
+- `CRITICAL` — single npm publisher + >10M weekly downloads (exact LiteLLM/axios attack profile)
+- `HIGH` — package <1yr old + rapid adoption
+- `WARN` — no release in 12+ months
+## Real data points
+```
+# packages you know about:
+chalk       — score 75, 1 publisher, 413M/week  ⚑ CRITICAL
+zod         — score 86, 1 publisher, 163M/week  ⚑ CRITICAL  (30+ GitHub contributors)
+lodash      — score 81, 1 publisher, 145M/week  ⚑ CRITICAL
+axios       — score 86, 1 publisher,  99M/week  ⚑ CRITICAL  (attacked Mar 30 2026)
+express     — score 90, 5 publishers, 95M/week
+# packages probably not in your package.json, definitely in your lock file:
+minimatch   — score 78, 1 publisher, 562M/week  ⚑ CRITICAL
+glob        — score 80, 1 publisher, 333M/week  ⚑ CRITICAL
+cross-spawn — score 72, 1 publisher, 190M/week  ⚑ CRITICAL
+# post-attack:
+litellm     — score 74, 1 publisher            ⚑ CRITICAL  (supply chain attack Mar 2026)
+# Rust crates (new in v1.3.0):
+serde       — score 78, 1 owner,  13M/week  ⚑ CRITICAL  (dtolnay sole owner)
+tokio       — score 89, 2 owners, 10M/week
+reqwest     — score 85, 1 owner,   8M/week  ⚑ HIGH
+```
+## Why behavioral signals
+The LiteLLM attack (March 2026) and axios attack (March 30, 2026) followed the same pattern: stolen credentials → malicious package pushed → 97M+ machines exposed. Both packages scored CRITICAL by these metrics *before* the attacks.
+Declarative signals (stars, README quality, CI badges) don't capture this risk. Behavioral commitment does.
+## Stack
+| Layer | Technology |
+|-------|-----------|
+| Backend | Cloudflare Workers + D1 |
+| MCP | Model Context Protocol SDK |
+| Data | npm registry, PyPI, crates.io, proxy.golang.org, deps.dev, GitHub API, Brønnøysund (NO) |
+| Landing | Astro + Cloudflare Pages |
+## Roadmap
+Planned, not promised. The project is early-stage — contributions welcome on any of these.
+| Feature | Status | Notes |
+|---------|--------|-------|
+| **Cargo (Rust) registry support** | ✅ Live | MCP tool, REST API, badge endpoint — `ecosystem: "cargo"` |
+| **Go modules support** | ✅ Live | proxy.golang.org + deps.dev + GitHub-primary scoring — `ecosystem: "golang"` |
+| **Score breakdown visualization** | Planned | Chart component for the 5 dimensions on getcommit.dev/audit |
+| **`--json` flag for CLI** | ✅ Live | `npx proof-of-commitment --file package-lock.json --json \| jq '.criticalCount'` |
+| **pnpm workspace monorepo support** | ✅ Live | `--file pnpm-workspace.yaml` or auto-detected from `pnpm-lock.yaml` |
+| **Historical score tracking** | Planned | Trend charts — was this package getting riskier over time? |
+| **Org-level dashboards** | Planned | Aggregate risk view across all repos in a GitHub org |
+See [open issues](https://github.com/piiiico/proof-of-commitment/issues) for things you can help with today.
+## The broader vision
+Supply chain auditing is the first tool. The underlying primitive is a **commitment graph** — behavioral signals that replace content-based trust across any domain.
+When content is free to fake (reviews, stars, READMEs), commitment becomes the signal. A publisher who has shipped 847 releases over 12 years is a different kind of commitment than one who published once in 2023.
+The same logic applies to websites, businesses, and AI agents. Two card networks have independently named this gap: Mastercard Verifiable Intent §9.2 explicitly lists behavioral trust as "not covered." Visa TAP identifies agents without answering whether to trust them.
+Proof of Commitment is the trust layer they're pointing at.
+→ [getcommit.dev](https://getcommit.dev)
+## Run locally
+```bash
+bun install
+bun run dev:backend     # local server with SQLite
+bun run test:e2e        # E2E test with mock World ID
+```
+Deploy:
+```bash
+bun run deploy          # deploys to Cloudflare Workers
+```

package/index.js CHANGED Viewed

@@ -1,7 +1,7 @@
 #!/usr/bin/env node
 /**
- * proof-of-commitment CLI
- * Scores npm/PyPI packages on behavioral commitment signals.
+ * proof-of-commitment CLI v1.7.0
+ * Scores npm/PyPI/Cargo/Go packages on behavioral commitment signals.
  * Usage: npx proof-of-commitment [packages...] [options]
  */
@@ -20,6 +20,7 @@ const c = {
   white: '\x1b[37m',
   bgRed: '\x1b[41m',
   bgYellow: '\x1b[43m',
+  magenta: '\x1b[35m',
 };
 const NO_COLOR = process.env.NO_COLOR || !process.stdout.isTTY;
@@ -29,15 +30,20 @@ function clr(code, text) {
   return `${code}${text}${c.reset}`;
 }
+/** Check if riskFlags array contains a CRITICAL-level flag (handles both "CRITICAL" and "CRITICAL: ..." formats) */
+function hasCritical(flags) {
+  return flags && flags.some(f => typeof f === 'string' && f.startsWith('CRITICAL'));
+}
 function riskColor(flags, score) {
-  if (flags && flags.includes('CRITICAL')) return c.red + c.bold;
+  if (hasCritical(flags)) return c.red + c.bold;
   if (score < 40) return c.yellow + c.bold;
   if (score < 60) return c.yellow;
   return c.green;
 }
 function riskLabel(flags, score) {
-  if (flags && flags.includes('CRITICAL')) return '🔴 CRITICAL';
+  if (hasCritical(flags)) return '🔴 CRITICAL';
   if (score < 40) return '🟠 HIGH';
   if (score < 60) return '🟡 MODERATE';
   if (score < 75) return '🟡 GOOD';
@@ -57,20 +63,28 @@ function padEnd(str, len) {
 }
 function printTable(results, { totalScanned, totalCritical, lockfile } = {}) {
+  const isNpm = !results[0] || results[0].ecosystem !== 'golang';
   const COL = {
-    name: 20, risk: 14, score: 7, maintainers: 12, downloads: 12, age: 8,
+    name: 20, risk: 14, score: 7, maintainers: 12, downloads: 12, age: 8, provenance: 10,
   };
-  const header = [
+  const headerParts = [
     padEnd(clr(c.bold, 'Package'), COL.name),
     padEnd(clr(c.bold, 'Risk'), COL.risk),
     padEnd(clr(c.bold, 'Score'), COL.score),
     padEnd(clr(c.bold, 'Publishers'), COL.maintainers),
     padEnd(clr(c.bold, 'Downloads'), COL.downloads),
     padEnd(clr(c.bold, 'Age'), COL.age),
-  ].join('  ');
+  ];
-  const divider = '─'.repeat(COL.name + COL.risk + COL.score + COL.maintainers + COL.downloads + COL.age + 10);
+  // Show Provenance column for npm packages
+  if (isNpm) {
+    headerParts.push(padEnd(clr(c.bold, 'Provenance'), COL.provenance));
+  }
+  const header = headerParts.join('  ');
+  const divWidth = COL.name + COL.risk + COL.score + COL.maintainers + COL.downloads + COL.age + (isNpm ? COL.provenance + 2 : 0) + 10;
+  const divider = '─'.repeat(divWidth);
   console.log('\n' + divider);
   if (lockfile && totalScanned && results.length < totalScanned) {
@@ -81,41 +95,46 @@ function printTable(results, { totalScanned, totalCritical, lockfile } = {}) {
   console.log(divider);
   let criticalInDisplay = 0;
+  let provenanceCount = 0;
   for (const pkg of results) {
     const rc = riskColor(pkg.riskFlags, pkg.score);
     const label = riskLabel(pkg.riskFlags, pkg.score);
-    if (pkg.riskFlags && pkg.riskFlags.includes('CRITICAL')) criticalInDisplay++;
+    if (hasCritical(pkg.riskFlags)) criticalInDisplay++;
+    if (pkg.hasProvenance) provenanceCount++;
-    // Go modules have no download data — show "—" instead. The maintainers
-    // column for Go shows GitHub contributor count (the closest equivalent
-    // to publish access since Go has no centralized publisher concept).
+    // Go modules have no download data
     const isGo = pkg.ecosystem === 'golang';
-    const dlDisplay = isGo
-      ? '—'
-      : fmtDownloads(pkg.weeklyDownloads || 0);
-    const maintDisplay = pkg.maintainers === 35
-      ? '30+'
-      : String(pkg.maintainers || '?');
-    const row = [
+    const dlDisplay = isGo ? '—' : fmtDownloads(pkg.weeklyDownloads || 0);
+    const maintDisplay = pkg.maintainers === 35 ? '30+' : String(pkg.maintainers || '?');
+    // Provenance indicator
+    const provDisplay = pkg.hasProvenance
+      ? clr(c.green, '🔐 verified')
+      : clr(c.dim, '—');
+    const rowParts = [
       padEnd(pkg.name, COL.name),
       padEnd(clr(rc, label), COL.risk),
       padEnd(String(pkg.score), COL.score),
       padEnd(maintDisplay, COL.maintainers),
       padEnd(dlDisplay, COL.downloads),
       padEnd((pkg.ageYears || '?').toString().replace(/(\.\d).*/, '$1') + 'y', COL.age),
-    ].join('  ');
+    ];
+    if (isNpm) {
+      rowParts.push(padEnd(provDisplay, COL.provenance));
+    }
-    console.log(row);
+    console.log(rowParts.join('  '));
     // Show GitHub contributor context for CRITICAL packages with active communities
-    if (pkg.riskFlags && pkg.riskFlags.includes('CRITICAL') && pkg.githubContributors && pkg.githubContributors > 1) {
+    if (hasCritical(pkg.riskFlags) && pkg.githubContributors && pkg.githubContributors > 1) {
       const ghCount = pkg.githubContributors === 35 ? '30+' : pkg.githubContributors;
       console.log(clr(c.dim, `  ↳ ${ghCount} GitHub contributors — publish-access concentration risk despite active community`));
     }
-    // Score breakdown if available — keys differ across ecosystems
+    // Score breakdown if available
     if (pkg.scoreBreakdown) {
       const b = pkg.scoreBreakdown;
       const breakdown = isGo
@@ -125,7 +144,8 @@ function printTable(results, { totalScanned, totalCritical, lockfile } = {}) {
           )
         : clr(c.dim,
             `  └ longevity=${b.longevity} momentum=${b.downloadMomentum} ` +
-            `releases=${b.releaseConsistency} publishers=${b.maintainerDepth} github=${b.githubBacking}`
+            `releases=${b.releaseConsistency} publishers=${b.maintainerDepth} github=${b.githubBacking}` +
+            (b.trustedPublishing ? ` provenance=${b.trustedPublishing}` : '')
           );
       console.log(breakdown);
     }
@@ -138,20 +158,24 @@ function printTable(results, { totalScanned, totalCritical, lockfile } = {}) {
     const suffix = totalScanned ? ` (in ${totalScanned} packages scanned)` : '';
     console.log('\n' + clr(c.red + c.bold, `⚠  ${effectiveCritical} CRITICAL package${effectiveCritical > 1 ? 's' : ''} found${suffix}.`));
     console.log(clr(c.dim, '   CRITICAL = sole npm publisher + >10M weekly downloads (publish-access concentration risk)'));
+    if (provenanceCount > 0 && provenanceCount < results.length) {
+      console.log(clr(c.cyan, `   🔐 ${provenanceCount}/${results.length} use Trusted Publishing (OIDC provenance) — partial mitigation`));
+    }
   } else {
     const suffix = totalScanned ? ` (${totalScanned} packages scanned)` : '';
     console.log('\n' + clr(c.green, `✓  No CRITICAL packages found${suffix}.`));
   }
-  // Always show the web URL with top critical packages first
+  // Footer with web link + CI integration CTA
   const topPkgs = results.slice(0, 10).map(r => r.name).join(',');
-  console.log(clr(c.dim, `\n🔗 Web view: ${WEB}?packages=${encodeURIComponent(topPkgs)}`));
+  console.log(clr(c.cyan, `\n  🔗 Full report: ${WEB}?packages=${encodeURIComponent(topPkgs)}`));
+  console.log(clr(c.cyan, `  🤖 GitHub Action: github.com/piiiico/commit-action — block CRITICAL packages in CI`));
   console.log();
 }
 function printHelp() {
   console.log(`
-${clr(c.bold, 'proof-of-commitment')} — supply chain risk scorer
+${clr(c.bold, 'proof-of-commitment')} v1.7.0 — supply chain risk scorer
 ${clr(c.bold, 'Usage:')}
   npx proof-of-commitment [packages...]              Score npm packages
@@ -184,39 +208,42 @@ ${clr(c.bold, 'Examples:')}
   npx proof-of-commitment axios chalk --json | jq '.criticalCount'
 ${clr(c.bold, 'Score meaning:')}
-  🔴 CRITICAL  Sole npm publisher + >10M downloads/wk (publish-access concentration risk)
+  🔴 CRITICAL  Sole publisher + >10M downloads/wk (publish-access concentration risk)
   🟠 HIGH      Score < 40
   🟡 MODERATE  Score 40–59
   🟡 GOOD      Score 60–74
   🟢 HEALTHY   Score 75+
-${clr(c.bold, 'Score dimensions (npm/PyPI/Cargo):')} longevity · download momentum · release consistency · publisher depth · GitHub backing
-${clr(c.bold, 'Score dimensions (Go):')} longevity · release consistency · maintainer depth · GitHub backing · stars (Go has no centralized download counter)
+${clr(c.bold, 'Provenance (npm):')}
+  🔐 verified  Package uses Trusted Publishing (OIDC provenance from CI — not a human credential)
+  —            No provenance attestation detected
+${clr(c.bold, 'Score dimensions (npm/PyPI/Cargo):')} longevity · download momentum · release consistency · publisher depth · GitHub backing · provenance
+${clr(c.bold, 'Score dimensions (Go):')} longevity · release consistency · maintainer depth · GitHub backing · stars
+${clr(c.bold, 'CI integration:')}
+  GitHub Action: ${clr(c.cyan, 'github.com/piiiico/commit-action')} — fails PRs on CRITICAL packages
+  MCP server:   Add to Claude Desktop / Cursor for AI-assisted auditing
 ${clr(c.bold, 'Web:')}  ${WEB}
-${clr(c.bold, 'MCP:')}  ${clr(c.dim, 'Add to Claude Desktop / Cursor for AI-assisted auditing')}
   `);
 }
 /**
  * Parse package-lock.json (npm lockfileVersion 2 or 3)
- * Returns all package names found in the lock file.
  */
 function parseLockNpm(content) {
   const lock = JSON.parse(content);
   const pkgs = new Set();
   if (lock.packages) {
-    // lockfileVersion 2+: keys are "node_modules/pkg" or "node_modules/@scope/pkg"
     for (const key of Object.keys(lock.packages)) {
-      if (!key || key === '') continue; // root package
-      // Strip "node_modules/" prefix, handle nested paths like "node_modules/foo/node_modules/bar"
+      if (!key || key === '') continue;
       const parts = key.split('node_modules/');
       const pkgPath = parts[parts.length - 1];
       if (pkgPath) pkgs.add(pkgPath);
     }
   } else if (lock.dependencies) {
-    // lockfileVersion 1: flat dependencies object
     for (const name of Object.keys(lock.dependencies)) {
       pkgs.add(name);
     }
@@ -227,11 +254,9 @@ function parseLockNpm(content) {
 /**
  * Parse yarn.lock (v1 format)
- * Returns all unique package names.
  */
 function parseLockYarn(content) {
   const pkgs = new Set();
-  // Each block starts with "name@version:" or "name@range1, name@range2:"
   const headerRe = /^"?(@?[^@\s"]+)@/gm;
   let match;
   while ((match = headerRe.exec(content)) !== null) {
@@ -242,11 +267,9 @@ function parseLockYarn(content) {
 /**
  * Parse pnpm-lock.yaml (v6+)
- * Returns all unique package names.
  */
 function parseLockPnpm(content) {
   const pkgs = new Set();
-  // packages section has entries like "  /chalk@5.3.0:" or "  chalk@5.3.0:"
   const pkgRe = /^\s+\/?(@?[^@\s/]+(?:\/[^@\s]+)?)@/gm;
   let match;
   while ((match = pkgRe.exec(content)) !== null) {
@@ -255,12 +278,74 @@ function parseLockPnpm(content) {
   return [...pkgs];
 }
+/**
+ * Parse pnpm-workspace.yaml — find all workspace packages and aggregate their deps.
+ * Expects format:
+ *   packages:
+ *     - "packages/*"
+ *     - "apps/*"
+ */
+async function parsePnpmWorkspace(content, filePath) {
+  const fs = await import('fs');
+  const path = await import('path');
+  const dir = path.dirname(filePath);
+  const pkgs = new Set();
+  // Extract glob patterns from YAML
+  const patterns = [];
+  const lines = content.split('\n');
+  let inPackages = false;
+  for (const raw of lines) {
+    const line = raw.trim();
+    if (line === 'packages:') { inPackages = true; continue; }
+    if (inPackages && line.startsWith('-')) {
+      const pattern = line.replace(/^-\s*["']?/, '').replace(/["']?\s*$/, '');
+      patterns.push(pattern);
+    } else if (inPackages && !line.startsWith('#') && line !== '') {
+      break;
+    }
+  }
+  // For each pattern, look for package.json files
+  for (const pattern of patterns) {
+    const globDir = path.join(dir, pattern.replace('/*', '').replace('/**', ''));
+    try {
+      const entries = fs.readdirSync(globDir, { withFileTypes: true });
+      for (const entry of entries) {
+        if (!entry.isDirectory()) continue;
+        const pkgJsonPath = path.join(globDir, entry.name, 'package.json');
+        try {
+          const pkgContent = fs.readFileSync(pkgJsonPath, 'utf-8');
+          const pkg = JSON.parse(pkgContent);
+          const deps = { ...pkg.dependencies, ...pkg.devDependencies };
+          for (const name of Object.keys(deps)) pkgs.add(name);
+        } catch {}
+      }
+    } catch {}
+  }
+  // Also check root package.json
+  try {
+    const rootPkg = JSON.parse(fs.readFileSync(path.join(dir, 'package.json'), 'utf-8'));
+    const deps = { ...rootPkg.dependencies, ...rootPkg.devDependencies };
+    for (const name of Object.keys(deps)) pkgs.add(name);
+  } catch {}
+  return [...pkgs];
+}
 async function readPackagesFromFile(filePath) {
   const fs = await import('fs');
   const path = await import('path');
   const content = fs.readFileSync(filePath, 'utf-8');
   const basename = path.basename(filePath).toLowerCase();
+  // pnpm-workspace.yaml
+  if (basename === 'pnpm-workspace.yaml' || basename === 'pnpm-workspace.yml') {
+    const pkgs = await parsePnpmWorkspace(content, filePath);
+    return { packages: pkgs, ecosystem: 'npm', lockfile: false, totalInFile: pkgs.length };
+  }
   // package-lock.json
   if (basename === 'package-lock.json') {
     const pkgs = parseLockNpm(content);
@@ -302,30 +387,27 @@ async function readPackagesFromFile(filePath) {
   // Cargo.toml
   if (basename === 'cargo.toml') {
-    // Crude TOML parse — extract [dependencies] section keys
     const pkgs = parseCargoToml(content);
     return { packages: pkgs, ecosystem: 'cargo', lockfile: false };
   }
-  // go.mod — Go module file
+  // go.mod
   if (basename === 'go.mod') {
     const pkgs = parseGoMod(content);
     return { packages: pkgs, ecosystem: 'golang', lockfile: false, totalInFile: pkgs.length };
   }
-  // go.sum — Go module checksum file (lockfile-equivalent — captures full transitive set)
+  // go.sum
   if (basename === 'go.sum') {
     const pkgs = parseGoSum(content);
     return { packages: pkgs, ecosystem: 'golang', lockfile: true, totalInFile: pkgs.length };
   }
-  throw new Error(`Unsupported file: ${basename}. Supported: package.json, package-lock.json, yarn.lock, pnpm-lock.yaml, requirements.txt, Cargo.toml, go.mod, go.sum`);
+  throw new Error(`Unsupported file: ${basename}. Supported: package.json, package-lock.json, yarn.lock, pnpm-lock.yaml, pnpm-workspace.yaml, requirements.txt, Cargo.toml, go.mod, go.sum`);
 }
 /**
- * Parse a Cargo.toml — extract direct deps from [dependencies] / [dev-dependencies].
- * Crude — only handles the common "name = version" / "name = { ... }" lines under
- * [dependencies] / [dev-dependencies]. Doesn't expand workspace members.
+ * Parse Cargo.toml
  */
 function parseCargoToml(content) {
   const pkgs = new Set();
@@ -345,13 +427,7 @@ function parseCargoToml(content) {
 }
 /**
- * Parse a go.mod file — extract direct + indirect dependencies from require blocks.
- * Format:
- *   require (
- *       github.com/gin-gonic/gin v1.9.1
- *       golang.org/x/net v0.20.0 // indirect
- *   )
- *   require github.com/foo/bar v1.0.0
+ * Parse go.mod
  */
 function parseGoMod(content) {
   const pkgs = new Set();
@@ -362,7 +438,6 @@ function parseGoMod(content) {
     const line = raw.trim();
     if (!line || line.startsWith('//')) continue;
-    // Block-form require: "require ("
     if (/^require\s*\(\s*$/.test(line)) {
       inRequireBlock = true;
       continue;
@@ -372,14 +447,12 @@ function parseGoMod(content) {
       continue;
     }
-    // Inside a block: "<modulepath> <version>" optionally followed by comments
     if (inRequireBlock) {
       const match = line.match(/^([^\s]+)\s+v[^\s]+/);
       if (match) pkgs.add(match[1]);
       continue;
     }
-    // Single-line require: "require <modulepath> <version>"
     const single = line.match(/^require\s+([^\s]+)\s+v[^\s]+/);
     if (single) pkgs.add(single[1]);
   }
@@ -388,8 +461,7 @@ function parseGoMod(content) {
 }
 /**
- * Parse a go.sum file — module path is the first column, version + suffix follow.
- * Each module appears multiple times (once per artifact); dedupe.
+ * Parse go.sum
  */
 function parseGoSum(content) {
   const pkgs = new Set();
@@ -404,7 +476,6 @@ function parseGoSum(content) {
 /**
  * Audit packages in batches of 20, in parallel.
- * Returns all results sorted by risk score (highest risk first).
  */
 async function auditBatched(packages, ecosystem, { onProgress } = {}) {
   const BATCH_SIZE = 20;
@@ -434,10 +505,10 @@ async function auditBatched(packages, ecosystem, { onProgress } = {}) {
   const all = results.flat();
-  // Sort: CRITICAL first, then by score ascending (lower score = higher risk)
+  // Sort: CRITICAL first, then by score ascending
   all.sort((a, b) => {
-    const aCrit = a.riskFlags?.includes('CRITICAL') ? 1 : 0;
-    const bCrit = b.riskFlags?.includes('CRITICAL') ? 1 : 0;
+    const aCrit = hasCritical(a.riskFlags) ? 1 : 0;
+    const bCrit = hasCritical(b.riskFlags) ? 1 : 0;
     if (aCrit !== bCrit) return bCrit - aCrit;
     return (a.score || 100) - (b.score || 100);
   });
@@ -503,7 +574,6 @@ async function main() {
   let allResults;
   if (packages.length <= 20) {
-    // Single batch — existing behavior
     if (!jsonOutput) process.stdout.write(clr(c.dim, `Scoring ${packages.length} ${ecosystem} package${packages.length > 1 ? 's' : ''}...`));
     try {
@@ -527,7 +597,6 @@ async function main() {
     if (!jsonOutput) process.stdout.write(clr(c.dim, ` done in ${elapsed}s\n`));
   } else {
-    // Multi-batch for lock files
     const batches = Math.ceil(packages.length / 20);
     if (!jsonOutput) process.stdout.write(clr(c.dim, `Scanning ${packages.length} packages (${batches} batches in parallel)...`));
@@ -550,28 +619,29 @@ async function main() {
     const elapsed = ((Date.now() - t0) / 1000).toFixed(1);
     if (!jsonOutput) process.stdout.write(clr(c.dim, ` done in ${elapsed}s\n`));
-    // JSON output: emit all results with summary
     if (jsonOutput) {
-      const criticalCount = allResults.filter(r => r.riskFlags?.includes('CRITICAL')).length;
+      const criticalCount = allResults.filter(r => hasCritical(r.riskFlags)).length;
+      const provenanceCount = allResults.filter(r => r.hasProvenance).length;
       console.log(JSON.stringify({
         totalScanned: allResults.length,
         criticalCount,
+        provenanceCount,
         results: allResults,
       }, null, 2));
       process.exit(criticalCount > 0 ? 1 : 0);
     }
-    // For lock files: show top 25 highest-risk packages
+    // Lock files: show top 25 highest-risk
     const MAX_DISPLAY = 25;
     const displayed = allResults.slice(0, MAX_DISPLAY);
-    const criticalTotal = allResults.filter(r => r.riskFlags?.includes('CRITICAL')).length;
+    const criticalTotal = allResults.filter(r => hasCritical(r.riskFlags)).length;
     printTable(displayed, { totalScanned: allResults.length, totalCritical: criticalTotal, lockfile: true });
     return;
   }
   if (!allResults || allResults.length === 0) {
     if (jsonOutput) {
-      console.log(JSON.stringify({ totalScanned: 0, criticalCount: 0, results: [] }, null, 2));
+      console.log(JSON.stringify({ totalScanned: 0, criticalCount: 0, provenanceCount: 0, results: [] }, null, 2));
     } else {
       console.log('No results returned. Check package names and try again.');
     }
@@ -579,10 +649,12 @@ async function main() {
   }
   if (jsonOutput) {
-    const criticalCount = allResults.filter(r => r.riskFlags?.includes('CRITICAL')).length;
+    const criticalCount = allResults.filter(r => hasCritical(r.riskFlags)).length;
+    const provenanceCount = allResults.filter(r => r.hasProvenance).length;
     console.log(JSON.stringify({
       totalScanned: allResults.length,
       criticalCount,
+      provenanceCount,
       results: allResults,
     }, null, 2));
     process.exit(criticalCount > 0 ? 1 : 0);

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "proof-of-commitment",
-  "version": "1.6.0",
+  "version": "1.7.0",
   "description": "Supply chain risk scorer for npm, PyPI, Cargo, and Go packages — behavioral signals that can't be faked",
   "type": "module",
   "bin": {
@@ -28,7 +28,9 @@
     "behavioral",
     "commitment",
     "maintainer",
-    "publisher"
+    "publisher",
+    "provenance",
+    "trusted-publishing"
   ],
   "author": "piiiico",
   "license": "MIT",