relsec 0.1.0

package/dist/interactive.js

@@ -0,0 +1,698 @@
+import { exec } from 'node:child_process';
+import { readdirSync, statSync } from 'node:fs';
+import { mkdir, readFile, readdir, writeFile } from 'node:fs/promises';
+import { homedir } from 'node:os';
+import path from 'node:path';
+import readline from 'node:readline/promises';
+import { stdin as input, stdout as output } from 'node:process';
+import { listAdvisories } from './advisories.js';
+import { migrateConfig } from './config.js';
+import { analyzeCveRelevance } from './engine.js';
+import { scanIocsInLogs } from './ioc.js';
+import { renderMarkdownReport } from './report.js';
+import { scanAuth, scanCloudTrail, scanExposure, scanSbom, scanSecrets, scanSigma, scanYara } from './security-modules.js';
+import { prompt, renderBanner, renderError, renderHelp, renderIocSummary, renderOk, renderOptions, renderResultCard, renderSet, renderStatus } from './theme.js';
+const CLEAR_SCREEN = '\x1b[2J\x1b[3J\x1b[H';
+const ROOT_COMMANDS = ['help', 'clear', 'cls', 'status', 'set', 'use', 'show', 'run', 'back', 'cve', 'scan', 'check', 'ioc', 'iocs', 'explain', 'evidence', 'actions', 'export', 'config', 'profile', 'workspace', 'sessions', 'session', 'exit', 'quit'];
+const MODULES = ['cve', 'ioc', 'exposure', 'sbom', 'secrets', 'cloudtrail', 'auth', 'yara', 'sigma', 'asset', 'vuln', 'hunt'];
+const SETTINGS = ['workspace', 'inventory', 'indicators', 'advisories', 'format', 'cve', 'logs', 'logdir', 'logglob', 'target', 'rule'];
+const FORMATS = ['text', 'json', 'markdown'];
+const DEFAULT_LOG_GLOB = '*.log';
+export function createInteractiveSession(options = {}) {
+    return {
+        workspace: path.resolve(options.workspace ?? '.'),
+        inventory: options.inventory ? path.resolve(options.inventory) : undefined,
+        indicators: options.indicators ? path.resolve(options.indicators) : undefined,
+        advisories: options.advisories ? path.resolve(options.advisories) : undefined,
+        format: options.format ?? 'text',
+        configPath: options.configPath ?? path.resolve('.relevant.json'),
+        historyPath: options.historyPath ?? path.resolve('.relevant_history'),
+        logs: [],
+        logglob: DEFAULT_LOG_GLOB,
+        sessions: [],
+        profiles: {},
+        workspaces: {},
+        shouldExit: false,
+        shellRunner: options.shellRunner ?? runShell
+    };
+}
+export async function executeInteractiveCommand(session, line) {
+    const trimmed = line.trim();
+    if (!trimmed)
+        return '';
+    if (trimmed === 'exit' || trimmed === 'quit' || trimmed === '/exit') {
+        session.shouldExit = true;
+        return renderOk('bye');
+    }
+    if (trimmed === 'clear' || trimmed === 'cls')
+        return CLEAR_SCREEN;
+    if (trimmed === 'help' || trimmed === '?' || trimmed === '/help')
+        return renderHelp();
+    if (trimmed === 'status')
+        return status(session);
+    if (trimmed.startsWith('!'))
+        return session.shellRunner(trimmed.slice(1).trim());
+    const parts = splitCommand(trimmed);
+    const [command, ...args] = parts;
+    if (!command)
+        return '';
+    if (command === 'set')
+        return setValue(session, args);
+    if (command === 'use')
+        return useModule(session, args);
+    if (command === 'show')
+        return showCommand(session, args);
+    if (command === 'profile')
+        return profileCommand(session, args);
+    if (command === 'workspace')
+        return workspaceCommand(session, args);
+    if (command === 'sessions')
+        return renderSessions(session);
+    if (command === 'session')
+        return showSession(session, args);
+    if (command === 'run')
+        return runModule(session);
+    if (command === 'back') {
+        session.module = undefined;
+        return renderOk('module cleared');
+    }
+    if (command === 'config')
+        return configCommand(session, args);
+    if (command === 'cve' || command === 'scan' || command === 'check')
+        return runCve(session, args);
+    if (command === 'ioc' || command === 'iocs')
+        return runIoc(session, args);
+    if (command === 'explain')
+        return requireLast(session).summary;
+    if (command === 'evidence')
+        return requireLast(session).evidence.map((item) => `- ${item}`).join('\n');
+    if (command === 'actions')
+        return requireLast(session).recommendedActions.map((item) => `- ${item}`).join('\n');
+    if (command === 'export')
+        return exportLast(session, args);
+    throw new Error(`Unknown interactive command: ${command}. Type help for commands.`);
+}
+export async function startInteractive(session = createInteractiveSession()) {
+    output.write(`${renderBanner(session)}\n`);
+    const rl = readline.createInterface({
+        input,
+        output,
+        prompt: prompt(session.module),
+        completer: createCyclingCompleter(session)
+    });
+    rl.prompt();
+    for await (const line of rl) {
+        try {
+            await recordHistory(session, line);
+            const result = await executeInteractiveCommand(session, line);
+            if (result)
+                output.write(`${result}\n\n`);
+            if (session.shouldExit)
+                break;
+        }
+        catch (error) {
+            output.write(`${renderError(error.message)}\n\n`);
+        }
+        rl.setPrompt(prompt(session.module));
+        rl.prompt();
+    }
+    rl.close();
+}
+function setValue(session, args) {
+    const [key, ...valueParts] = args;
+    const value = valueParts.join(' ');
+    if (!key || !value)
+        return 'usage: set workspace <path> | set inventory <path> | set indicators <path> | set format <text|json|markdown>';
+    if (key === 'workspace') {
+        session.workspace = path.resolve(value);
+        return renderSet('workspace', session.workspace);
+    }
+    if (key === 'inventory') {
+        session.inventory = path.resolve(value);
+        return renderSet('inventory', session.inventory);
+    }
+    if (key === 'indicators') {
+        session.indicators = path.resolve(value);
+        return renderSet('indicators', session.indicators);
+    }
+    if (key === 'advisories') {
+        session.advisories = path.resolve(value);
+        return renderSet('advisories', session.advisories);
+    }
+    if (key === 'format') {
+        if (value !== 'text' && value !== 'json' && value !== 'markdown')
+            throw new Error(`Unsupported format: ${value}`);
+        session.format = value;
+        return renderSet('format', session.format);
+    }
+    if (key === 'cve') {
+        session.cve = value;
+        return renderSet('cve', session.cve);
+    }
+    if (key === 'logs') {
+        session.logs = value.split(',').map((entry) => path.resolve(unquote(entry.trim()))).filter(Boolean);
+        return renderSet('logs', session.logs.join(', '));
+    }
+    if (key === 'logdir') {
+        session.logdir = path.resolve(value);
+        return renderSet('logdir', session.logdir);
+    }
+    if (key === 'logglob') {
+        session.logglob = value;
+        return renderSet('logglob', session.logglob);
+    }
+    if (key === 'target') {
+        session.target = path.resolve(value);
+        return renderSet('target', session.target);
+    }
+    if (key === 'rule') {
+        session.rule = path.resolve(value);
+        return renderSet('rule', session.rule);
+    }
+    throw new Error(`Unknown setting: ${key}`);
+}
+function useModule(session, args) {
+    const moduleName = args[0];
+    if (!isModule(moduleName))
+        return `usage: use ${MODULES.join(' | ')}`;
+    session.module = moduleName;
+    return renderSet('module', moduleName);
+}
+function showCommand(session, args) {
+    if (args[0] === 'modules')
+        return [
+            'Modules',
+            '  cve         assess dependency CVE relevance',
+            '  ioc         scan logs for indicators',
+            '  exposure    list externally exposed services',
+            '  sbom        inventory package manifests',
+            '  secrets     find obvious local secrets',
+            '  cloudtrail  triage AWS CloudTrail logs',
+            '  auth        triage identity/auth logs',
+            '  yara        apply simple YARA literal rules',
+            '  sigma       apply simple Sigma keyword rules',
+            '  asset/vuln/hunt aliases for exposure/cve/ioc workflows'
+        ].join('\n');
+    if (args[0] === 'advisories')
+        return listAdvisories().map((advisory) => `${advisory.id}  ${advisory.packageName}  ${advisory.title}`).join('\n');
+    if (args[0] !== 'options')
+        return 'usage: show options | show modules | show advisories';
+    return renderOptions(session);
+}
+async function runModule(session) {
+    if (session.module === 'cve') {
+        if (!session.cve)
+            return 'set cve <CVE-ID> first';
+        return runCve(session, [session.cve]);
+    }
+    if (session.module === 'ioc') {
+        const logs = await currentLogs(session);
+        if (logs.length === 0)
+            return 'set logs <path>[,<path>...] or set logdir <dir> first';
+        return runIoc(session, logs);
+    }
+    if (session.module === 'asset')
+        return captureOutput(session, 'asset', 'exposure', await scanExposure(moduleInput(session)));
+    if (session.module === 'vuln')
+        return session.cve ? runCve(session, [session.cve]) : 'set cve <CVE-ID> first';
+    if (session.module === 'hunt')
+        return captureOutput(session, 'hunt', 'ioc hunt', await scanAuth({ ...moduleInput(session), logs: await currentLogs(session) }));
+    if (session.module === 'exposure')
+        return captureOutput(session, 'exposure', 'exposure', await scanExposure(moduleInput(session)));
+    if (session.module === 'sbom')
+        return captureOutput(session, 'sbom', 'sbom', await scanSbom(moduleInput(session)));
+    if (session.module === 'secrets')
+        return captureOutput(session, 'secrets', 'secrets', await scanSecrets(moduleInput(session)));
+    if (session.module === 'cloudtrail')
+        return captureOutput(session, 'cloudtrail', 'cloudtrail', await scanCloudTrail({ ...moduleInput(session), logs: await currentLogs(session) }));
+    if (session.module === 'auth')
+        return captureOutput(session, 'auth', 'auth', await scanAuth({ ...moduleInput(session), logs: await currentLogs(session) }));
+    if (session.module === 'yara')
+        return captureOutput(session, 'yara', 'yara', await scanYara({ ...moduleInput(session), logs: await currentLogs(session) }));
+    if (session.module === 'sigma')
+        return captureOutput(session, 'sigma', 'sigma', await scanSigma({ ...moduleInput(session), logs: await currentLogs(session) }));
+    return 'use cve or use ioc first';
+}
+async function runCve(session, args) {
+    const cveId = args[0];
+    if (!cveId)
+        return 'usage: cve <CVE-ID>';
+    const result = await analyzeCveRelevance({
+        workspace: session.workspace,
+        cveId,
+        inventoryPath: session.inventory,
+        advisoryPath: session.advisories
+    });
+    session.lastResult = result;
+    return captureOutput(session, 'cve', result.subject, formatResult(result, session.format));
+}
+async function runIoc(session, args) {
+    const indicators = session.indicators;
+    if (!indicators)
+        return 'usage: set indicators <path>, then ioc <log> [more logs...]';
+    if (args.length === 0)
+        return 'usage: ioc <log> [more logs...]';
+    const result = await scanIocsInLogs({
+        indicatorsPath: indicators,
+        logPaths: args.map((entry) => path.resolve(entry))
+    });
+    if (session.format === 'json')
+        return JSON.stringify(result, null, 2);
+    return captureOutput(session, 'ioc', `IOC matches: ${result.totalMatches}`, renderIocSummary(result));
+}
+async function configCommand(session, args) {
+    const [action] = args;
+    if (action === 'save') {
+        await mkdir(path.dirname(session.configPath), { recursive: true });
+        await writeFile(session.configPath, JSON.stringify({
+            schemaVersion: 1,
+            workspace: session.workspace,
+            inventory: session.inventory,
+            indicators: session.indicators,
+            format: session.format,
+            profiles: session.profiles,
+            workspaces: session.workspaces
+        }, null, 2));
+        return renderOk(`config saved to ${session.configPath}`);
+    }
+    if (action === 'show') {
+        return status(session);
+    }
+    return 'usage: config save | config show';
+}
+async function profileCommand(session, args) {
+    const [action, name] = args;
+    if (action === 'save' && name) {
+        session.profiles[name] = snapshotProfile(session);
+        await persistConsoleConfig(session);
+        return renderOk(`profile saved: ${name}`);
+    }
+    if (action === 'use' && name) {
+        await loadConsoleConfig(session);
+        const profile = session.profiles[name];
+        if (!profile)
+            throw new Error(`Unknown profile: ${name}`);
+        applyProfile(session, profile);
+        return renderSet('profile', name);
+    }
+    if (action === 'list') {
+        await loadConsoleConfig(session);
+        const names = Object.keys(session.profiles);
+        return ['Profiles', ...(names.length > 0 ? names.map((item) => `- ${item}`) : ['- none'])].join('\n');
+    }
+    return 'usage: profile save <name> | profile use <name> | profile list';
+}
+async function workspaceCommand(session, args) {
+    const [action, name, ...valueParts] = args;
+    const value = valueParts.join(' ');
+    if (action === 'add' && name && value) {
+        session.workspaces[name] = path.resolve(value);
+        await persistConsoleConfig(session);
+        return renderOk(`workspace saved: ${name}`);
+    }
+    if (action === 'use' && name) {
+        await loadConsoleConfig(session);
+        const workspace = session.workspaces[name];
+        if (!workspace)
+            throw new Error(`Unknown workspace: ${name}`);
+        session.workspace = workspace;
+        return renderSet('workspace', session.workspace);
+    }
+    if (action === 'list') {
+        await loadConsoleConfig(session);
+        const rows = Object.entries(session.workspaces).map(([key, value]) => `- ${key} ${value}`);
+        return ['Workspaces', ...(rows.length > 0 ? rows : ['- none'])].join('\n');
+    }
+    return 'usage: workspace add <name> <path> | workspace use <name> | workspace list';
+}
+async function exportLast(session, args) {
+    const [format, target] = args;
+    if (!target || (format !== 'json' && format !== 'markdown' && format !== 'text')) {
+        return 'usage: export markdown <file> | export json <file> | export text <file>';
+    }
+    const result = requireLast(session);
+    const body = formatResult(result, format);
+    await mkdir(path.dirname(path.resolve(target)), { recursive: true });
+    await writeFile(target, body);
+    return renderOk(`exported ${format} to ${target}`);
+}
+function formatResult(result, format) {
+    if (format === 'json')
+        return JSON.stringify(result, null, 2);
+    if (format === 'markdown')
+        return renderMarkdownReport(result);
+    return renderResultCard(result);
+}
+function requireLast(session) {
+    if (!session.lastResult)
+        throw new Error('No last result. Run cve <CVE-ID> first.');
+    return session.lastResult;
+}
+function status(session) {
+    return renderStatus(session);
+}
+export async function recordHistory(session, line) {
+    const trimmed = line.trim();
+    if (!trimmed)
+        return;
+    let existing = [];
+    try {
+        existing = (await readFile(session.historyPath, 'utf8')).split(/\r?\n/).filter(Boolean);
+    }
+    catch {
+        // no history yet
+    }
+    const next = [...existing.filter((entry) => entry !== trimmed), trimmed].slice(-500);
+    await mkdir(path.dirname(session.historyPath), { recursive: true });
+    await writeFile(session.historyPath, `${next.join('\n')}\n`);
+}
+function splitCommand(inputLine) {
+    const parts = [];
+    const pattern = /"([^"]*)"|'([^']*)'|(\S+)/g;
+    for (const match of inputLine.matchAll(pattern)) {
+        parts.push(match[1] ?? match[2] ?? match[3] ?? '');
+    }
+    return parts;
+}
+export function completeInteractiveLine(session, line) {
+    const trimmedLeft = line.trimStart();
+    const leading = line.slice(0, line.length - trimmedLeft.length);
+    const endsWithSpace = /\s$/.test(line);
+    const parts = splitCommand(trimmedLeft);
+    const command = parts[0] ?? '';
+    if (parts.length === 0 || (parts.length === 1 && !endsWithSpace)) {
+        return [ROOT_COMMANDS.filter((candidate) => candidate.startsWith(command)).map((candidate) => leading + candidate), line];
+    }
+    if (command === 'use') {
+        const prefix = parts[1] ?? '';
+        return [MODULES.filter((moduleName) => moduleName.startsWith(prefix)).map((moduleName) => `${leading}use ${moduleName}`), line];
+    }
+    if (command === 'show')
+        return [filterFull(['show options', 'show modules', 'show advisories'], line), line];
+    if (command === 'set') {
+        const key = parts[1] ?? '';
+        if (parts.length === 1 && endsWithSpace)
+            return [SETTINGS.map((candidate) => `${leading}set ${candidate}`), line];
+        if (parts.length === 2 && !endsWithSpace)
+            return [SETTINGS.filter((candidate) => candidate.startsWith(key)).map((candidate) => `${leading}set ${candidate}`), line];
+        if (key === 'format')
+            return [FORMATS.map((format) => `${leading}set format ${format}`), line];
+        if (key === 'inventory' || key === 'indicators' || key === 'advisories' || key === 'workspace' || key === 'logs' || key === 'logdir' || key === 'target' || key === 'rule')
+            return [completePath(line), line];
+        return [[], line];
+    }
+    if (command === 'cve' || command === 'scan' || command === 'check') {
+        const prefix = parts[1] ?? '';
+        return [
+            listAdvisories()
+                .map((advisory) => advisory.id)
+                .filter((id) => id.startsWith(prefix.toUpperCase()))
+                .map((id) => `${leading}${command} ${id}`),
+            line
+        ];
+    }
+    if (command === 'ioc' || command === 'iocs' || command === 'export')
+        return [completePath(line), line];
+    if (command === 'config')
+        return [filterFull(['config save', 'config show'], line), line];
+    if (command === 'profile')
+        return [filterFull(['profile save', 'profile use', 'profile list'], line), line];
+    if (command === 'workspace')
+        return [filterFull(['workspace add', 'workspace use', 'workspace list'], line), line];
+    if (command === 'session')
+        return [filterFull(['session show'], line), line];
+    return [[], line];
+}
+export function createCyclingCompleter(session) {
+    let previous;
+    return (line) => {
+        const source = previous?.candidates[previous.index] === line ? previous.source : line;
+        const [candidates] = completeInteractiveLine(session, source);
+        if (candidates.length === 0) {
+            previous = undefined;
+            return [[], line];
+        }
+        const index = previous?.source === source && previous.candidates[previous.index] === line
+            ? (previous.index + 1) % candidates.length
+            : 0;
+        previous = { source, candidates, index };
+        return [[candidates[index] ?? line], line];
+    };
+}
+function filterFull(candidates, line) {
+    return candidates.filter((candidate) => candidate.startsWith(line.trimStart()));
+}
+function completePath(line) {
+    const token = currentPathToken(line);
+    const searchPartial = expandHome(token.partial);
+    const dir = searchPartial.endsWith('/') || searchPartial.endsWith('\\') ? searchPartial : path.dirname(searchPartial);
+    const base = searchPartial.endsWith('/') || searchPartial.endsWith('\\') ? '' : path.basename(searchPartial);
+    const searchDir = dir === '.' ? '.' : dir;
+    let entries;
+    try {
+        entries = readdirSync(searchDir);
+    }
+    catch {
+        return [];
+    }
+    return entries
+        .filter((entry) => entry.toLowerCase().startsWith(base.toLowerCase()))
+        .filter((entry) => base.startsWith('.') || !entry.startsWith('.'))
+        .filter((entry) => !['node_modules', '.git', 'dist'].includes(entry))
+        .sort((a, b) => {
+        const aDir = isDirectory(path.join(searchDir, a));
+        const bDir = isDirectory(path.join(searchDir, b));
+        if (aDir !== bDir)
+            return aDir ? -1 : 1;
+        return a.localeCompare(b);
+    })
+        .map((entry) => {
+        const full = path.join(searchDir, entry).replaceAll('\\', '/');
+        const suffix = isDirectory(full) ? '/' : '';
+        const completed = `${full}${suffix}`;
+        return `${token.prefix}${formatCompletedPath(completed, token.quote)}`;
+    });
+}
+function isModule(value) {
+    return MODULES.includes(value);
+}
+function captureOutput(session, kind, subject, outputText) {
+    session.lastOutput = outputText;
+    session.sessions.push({ id: session.sessions.length + 1, kind, subject, output: outputText });
+    return outputText;
+}
+function renderSessions(session) {
+    return ['Sessions', ...(session.sessions.length > 0
+            ? session.sessions.map((entry) => `#${entry.id} ${entry.kind} ${entry.subject}`)
+            : ['- none'])].join('\n');
+}
+function showSession(session, args) {
+    if (args[0] !== 'show' || !args[1])
+        return 'usage: session show <id>';
+    const item = session.sessions.find((entry) => entry.id === Number(args[1]));
+    if (!item)
+        throw new Error(`Unknown session: ${args[1]}`);
+    return item.output;
+}
+function moduleInput(session) {
+    return {
+        workspace: session.workspace,
+        inventory: session.inventory,
+        logs: session.logs,
+        target: session.target,
+        rule: session.rule
+    };
+}
+async function currentLogs(session) {
+    if (session.logs.length > 0)
+        return session.logs;
+    if (!session.logdir)
+        return [];
+    let entries;
+    try {
+        entries = await collectLogEntries(session.logdir);
+    }
+    catch {
+        return [];
+    }
+    const pattern = globToRegExp(session.logglob);
+    return entries
+        .filter((entry) => pattern.test(entry.replaceAll('\\', '/')))
+        .map((entry) => path.join(session.logdir ?? '', entry));
+}
+async function collectLogEntries(root, prefix = '') {
+    const entries = await readdir(path.join(root, prefix), { withFileTypes: true });
+    const results = [];
+    for (const entry of entries) {
+        const relative = prefix ? path.join(prefix, entry.name) : entry.name;
+        if (entry.isDirectory()) {
+            results.push(...await collectLogEntries(root, relative));
+        }
+        else if (entry.isFile()) {
+            results.push(relative);
+        }
+    }
+    return results;
+}
+function globToRegExp(glob) {
+    let source = '';
+    for (let i = 0; i < glob.length; i++) {
+        const ch = glob[i];
+        const next = glob[i + 1];
+        const afterNext = glob[i + 2];
+        if (ch === '*' && next === '*' && (afterNext === '/' || afterNext === '\\')) {
+            source += '(?:.*/)?';
+            i += 2;
+        }
+        else if (ch === '*') {
+            source += '[^/\\\\]*';
+        }
+        else if (ch === '?') {
+            source += '[^/\\\\]';
+        }
+        else if (ch === '/' || ch === '\\') {
+            source += '[/\\\\]';
+        }
+        else {
+            source += escapeRegExp(ch);
+        }
+    }
+    return new RegExp(`^${source}$`);
+}
+function escapeRegExp(value) {
+    return value.replace(/[.+^${}()|[\]\\]/g, '\\$&');
+}
+function snapshotProfile(session) {
+    return {
+        workspace: session.workspace,
+        inventory: session.inventory,
+        indicators: session.indicators,
+        advisories: session.advisories,
+        format: session.format,
+        logs: session.logs,
+        logdir: session.logdir,
+        logglob: session.logglob
+    };
+}
+function applyProfile(session, profile) {
+    session.workspace = profile.workspace;
+    session.inventory = profile.inventory;
+    session.indicators = profile.indicators;
+    session.advisories = profile.advisories;
+    session.format = profile.format;
+    session.logs = profile.logs ?? [];
+    session.logdir = profile.logdir;
+    session.logglob = profile.logglob ?? DEFAULT_LOG_GLOB;
+}
+async function loadConsoleConfig(session) {
+    try {
+        const parsed = migrateConfig(JSON.parse(await readFile(session.configPath, 'utf8')));
+        session.profiles = normalizeProfiles(parsed.profiles) ?? session.profiles;
+        session.workspaces = parsed.workspaces ?? session.workspaces;
+    }
+    catch {
+        // config is optional
+    }
+}
+async function persistConsoleConfig(session) {
+    await mkdir(path.dirname(session.configPath), { recursive: true });
+    await writeFile(session.configPath, JSON.stringify({
+        schemaVersion: 1,
+        workspace: session.workspace,
+        inventory: session.inventory,
+        indicators: session.indicators,
+        advisories: session.advisories,
+        format: session.format,
+        profiles: session.profiles,
+        workspaces: session.workspaces
+    }, null, 2));
+}
+function normalizeProfiles(value) {
+    if (typeof value !== 'object' || value === null || Array.isArray(value))
+        return undefined;
+    const profiles = {};
+    for (const [name, profile] of Object.entries(value)) {
+        if (typeof profile !== 'object' || profile === null || Array.isArray(profile))
+            continue;
+        const candidate = profile;
+        if (typeof candidate.workspace !== 'string')
+            continue;
+        profiles[name] = {
+            workspace: candidate.workspace,
+            inventory: typeof candidate.inventory === 'string' ? candidate.inventory : undefined,
+            indicators: typeof candidate.indicators === 'string' ? candidate.indicators : undefined,
+            advisories: typeof candidate.advisories === 'string' ? candidate.advisories : undefined,
+            format: candidate.format === 'json' || candidate.format === 'markdown' || candidate.format === 'text' ? candidate.format : 'text',
+            logs: Array.isArray(candidate.logs) ? candidate.logs.filter((item) => typeof item === 'string') : [],
+            logdir: typeof candidate.logdir === 'string' ? candidate.logdir : undefined,
+            logglob: typeof candidate.logglob === 'string' ? candidate.logglob : DEFAULT_LOG_GLOB
+        };
+    }
+    return profiles;
+}
+function currentPathToken(line) {
+    let activeQuote;
+    let tokenStart = 0;
+    for (let i = 0; i < line.length; i++) {
+        const ch = line[i];
+        if (activeQuote) {
+            if (ch === activeQuote)
+                activeQuote = undefined;
+            continue;
+        }
+        if (ch === '"' || ch === "'") {
+            activeQuote = ch;
+            continue;
+        }
+        if (/\s/.test(ch ?? ''))
+            tokenStart = i + 1;
+    }
+    const rawToken = line.slice(tokenStart);
+    const quote = rawToken[0] === '"' || rawToken[0] === "'" ? rawToken[0] : undefined;
+    return {
+        prefix: line.slice(0, tokenStart),
+        partial: quote ? rawToken.slice(1) : rawToken,
+        quote
+    };
+}
+function expandHome(value) {
+    if (value === '~')
+        return homedir();
+    if (value.startsWith('~/') || value.startsWith('~\\'))
+        return path.join(homedir(), value.slice(2));
+    return value;
+}
+function formatCompletedPath(value, quote) {
+    if (quote)
+        return `${quote}${value}${quote}`;
+    return quoteIfNeeded(value);
+}
+function isDirectory(target) {
+    try {
+        return statSync(target).isDirectory();
+    }
+    catch {
+        return false;
+    }
+}
+function quoteIfNeeded(value) {
+    return /\s/.test(value) ? `"${value}"` : value;
+}
+function unquote(value) {
+    if ((value.startsWith('"') && value.endsWith('"')) || (value.startsWith("'") && value.endsWith("'")))
+        return value.slice(1, -1);
+    return value;
+}
+function runShell(command) {
+    return new Promise((resolve, reject) => {
+        exec(command, { cwd: process.cwd() }, (error, stdout, stderr) => {
+            if (error) {
+                reject(new Error(stderr.trim() || error.message));
+            }
+            else {
+                resolve(stdout.trimEnd());
+            }
+        });
+    });
+}
+//# sourceMappingURL=interactive.js.map