qodfy 0.2.3 → 0.2.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.js +31 -4
- package/package.json +2 -2
package/dist/index.js
CHANGED
|
@@ -13,7 +13,7 @@ import {
|
|
|
13
13
|
} from "@qodfy/core";
|
|
14
14
|
var DEFAULT_MAX_ISSUES = 5;
|
|
15
15
|
var program = new Command();
|
|
16
|
-
program.name("qodfy").description("Launch readiness scanner for AI-built apps.").version("0.2.
|
|
16
|
+
program.name("qodfy").description("Launch readiness scanner for AI-built apps.").version("0.2.4");
|
|
17
17
|
program.command("scan").description("Scan a project for launch readiness issues.").option("-p, --path <path>", "Project path to scan", process.cwd()).option("--max-issues <number>", "Maximum number of issues to display", String(DEFAULT_MAX_ISSUES)).option("--prompts", "Show safe copy-paste fix prompts for displayed issues").option("--prompt <issue-id>", "Show the safe AI fix prompt for one issue").option("--checks <checks>", "Comma-separated checks to run").option("--all", "Run all checks without prompting").option("--no-interactive", "Skip interactive prompts and run the recommended scan").action(async (options) => {
|
|
18
18
|
const pathResult = await resolveProjectPath(options.path);
|
|
19
19
|
if (!pathResult.ok) {
|
|
@@ -463,13 +463,17 @@ function printGroupedIssues(issues, showPrompts, showDetails, projectPath) {
|
|
|
463
463
|
}
|
|
464
464
|
function printIssue(issue, showPrompts, showDetails, projectPath) {
|
|
465
465
|
console.log("");
|
|
466
|
-
console.log(`${pc.dim(`[${issue.id}]`)} ${getSeverityLabel(issue.severity)} ${pc.bold(issue.title)}
|
|
466
|
+
console.log(`${pc.dim(`[${issue.id}]`)} ${getSeverityLabel(issue.severity)} ${pc.bold(issue.title)}`);
|
|
467
|
+
console.log(pc.dim(`Confidence: ${issue.confidence}`));
|
|
467
468
|
if (issue.file) {
|
|
468
469
|
console.log(pc.dim(`File: ${issue.file}`));
|
|
469
470
|
}
|
|
470
471
|
if (showDetails || showPrompts) {
|
|
471
472
|
console.log(issue.message);
|
|
472
473
|
}
|
|
474
|
+
if ((showDetails || showPrompts) && issue.evidence && issue.evidence.length > 0) {
|
|
475
|
+
printEvidence(issue.evidence);
|
|
476
|
+
}
|
|
473
477
|
if ((showDetails || showPrompts) && issue.suggestion) {
|
|
474
478
|
console.log(pc.dim(`Suggestion: ${issue.suggestion}`));
|
|
475
479
|
}
|
|
@@ -484,13 +488,25 @@ function printIssue(issue, showPrompts, showDetails, projectPath) {
|
|
|
484
488
|
function printFixPrompt(issue) {
|
|
485
489
|
console.log(pc.bold("Qodfy Fix Prompt"));
|
|
486
490
|
console.log("");
|
|
487
|
-
console.log(`${pc.dim(`[${issue.id}]`)} ${getSeverityLabel(issue.severity)} ${pc.bold(issue.title)}
|
|
491
|
+
console.log(`${pc.dim(`[${issue.id}]`)} ${getSeverityLabel(issue.severity)} ${pc.bold(issue.title)}`);
|
|
492
|
+
console.log(pc.dim(`Confidence: ${issue.confidence}`));
|
|
488
493
|
if (issue.file) {
|
|
489
494
|
console.log(pc.dim(`File: ${issue.file}`));
|
|
490
495
|
}
|
|
496
|
+
if (issue.evidence && issue.evidence.length > 0) {
|
|
497
|
+
printEvidence(issue.evidence);
|
|
498
|
+
}
|
|
491
499
|
console.log("");
|
|
492
500
|
console.log(issue.fixPrompt);
|
|
493
501
|
}
|
|
502
|
+
function printEvidence(evidence) {
|
|
503
|
+
console.log("");
|
|
504
|
+
console.log(pc.bold("Evidence:"));
|
|
505
|
+
for (const item of evidence) {
|
|
506
|
+
const detail = item.detail ? ` ${item.detail}` : "";
|
|
507
|
+
console.log(pc.dim(`- ${item.label}${detail}`));
|
|
508
|
+
}
|
|
509
|
+
}
|
|
494
510
|
function printPromptFromReport(report, issueId) {
|
|
495
511
|
const issue = report.issues.find((scanIssue) => scanIssue.id === issueId);
|
|
496
512
|
if (!issue) {
|
|
@@ -566,9 +582,20 @@ function getTopPriorities(issues) {
|
|
|
566
582
|
message: "Move possible server-only secrets out of client-side code."
|
|
567
583
|
},
|
|
568
584
|
{
|
|
569
|
-
ruleIds: [
|
|
585
|
+
ruleIds: [
|
|
586
|
+
"sensitive-api-route-missing-auth",
|
|
587
|
+
"api-mutation-route-review-auth"
|
|
588
|
+
],
|
|
570
589
|
message: "Review API routes that may be missing authentication."
|
|
571
590
|
},
|
|
591
|
+
{
|
|
592
|
+
ruleIds: ["internal-route-missing-protection"],
|
|
593
|
+
message: "Protect internal or operational API routes before launch."
|
|
594
|
+
},
|
|
595
|
+
{
|
|
596
|
+
ruleIds: ["public-form-missing-abuse-protection"],
|
|
597
|
+
message: "Add abuse protection to public form routes."
|
|
598
|
+
},
|
|
572
599
|
{
|
|
573
600
|
ruleIds: [
|
|
574
601
|
"environment-missing-env-example",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "qodfy",
|
|
3
|
-
"version": "0.2.
|
|
3
|
+
"version": "0.2.4",
|
|
4
4
|
"description": "Open-source launch readiness scanner for AI-built apps.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"qodfy",
|
|
@@ -52,7 +52,7 @@
|
|
|
52
52
|
"@inquirer/prompts": "^8.4.3",
|
|
53
53
|
"commander": "^14.0.3",
|
|
54
54
|
"picocolors": "^1.1.1",
|
|
55
|
-
"@qodfy/core": "^0.2.
|
|
55
|
+
"@qodfy/core": "^0.2.4"
|
|
56
56
|
},
|
|
57
57
|
"devDependencies": {
|
|
58
58
|
"@types/node": "^25.7.0",
|