sandstream-kit 1.5.0 โ 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +26 -0
- package/dist/bumblebee.js +23 -7
- package/dist/bumblebee.js.map +1 -1
- package/dist/cli.js +97 -7
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts +5 -0
- package/dist/config.js +7 -1
- package/dist/config.js.map +1 -1
- package/dist/findings-track.d.ts +23 -0
- package/dist/findings-track.js +45 -0
- package/dist/findings-track.js.map +1 -0
- package/dist/heal.d.ts +53 -0
- package/dist/heal.js +119 -0
- package/dist/heal.js.map +1 -0
- package/dist/memory/db.d.ts +10 -0
- package/dist/memory/db.js +17 -1
- package/dist/memory/db.js.map +1 -1
- package/dist/memory/pal.d.ts +28 -0
- package/dist/memory/pal.js +51 -1
- package/dist/memory/pal.js.map +1 -1
- package/dist/service-registry.d.ts +54 -0
- package/dist/service-registry.js +248 -0
- package/dist/service-registry.js.map +1 -0
- package/dist/stack-detector.js +176 -55
- package/dist/stack-detector.js.map +1 -1
- package/dist/toml-generator.d.ts +4 -0
- package/dist/toml-generator.js +55 -99
- package/dist/toml-generator.js.map +1 -1
- package/dist/vault-meta.d.ts +7 -0
- package/dist/vault-meta.js +13 -0
- package/dist/vault-meta.js.map +1 -1
- package/package.json +2 -1
package/README.md
CHANGED
|
@@ -6,6 +6,8 @@ For AI agents and humans. Manages tools, auth, secrets, and project setup. Zero
|
|
|
6
6
|
|
|
7
7
|
๐ [sandstre.am/kit](https://sandstre.am/kit)
|
|
8
8
|
|
|
9
|
+
[](https://buymeacoffee.com/sandstream)
|
|
10
|
+
|
|
9
11
|
## Quick start
|
|
10
12
|
|
|
11
13
|
**Prerequisites:** Node.js 22+, git, and [mise](https://mise.jdx.dev) for installing tools (`brew install mise`, or `curl https://mise.run | sh`).
|
|
@@ -21,6 +23,26 @@ npm i -g sandstream-kit
|
|
|
21
23
|
# echo 'export PATH="$HOME/.npm-global/bin:$PATH"' >> ~/.zshrc && source ~/.zshrc
|
|
22
24
|
```
|
|
23
25
|
|
|
26
|
+
### Run via Docker
|
|
27
|
+
|
|
28
|
+
Prefer a container (no local Node or mise)? The CLI ships as a signed image on
|
|
29
|
+
Docker Hub. Mount your project and point the workdir at it:
|
|
30
|
+
|
|
31
|
+
```bash
|
|
32
|
+
docker run --rm sandstream/kit:latest --version
|
|
33
|
+
docker run --rm -v "$PWD":/work -w /work sandstream/kit:latest check
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
Each release publishes `sandstream/kit` (version + `latest` tags), keyless-signed
|
|
37
|
+
with cosign and shipped with a CycloneDX SBOM. Verify the signature before
|
|
38
|
+
trusting an image:
|
|
39
|
+
|
|
40
|
+
```bash
|
|
41
|
+
cosign verify sandstream/kit:latest \
|
|
42
|
+
--certificate-identity-regexp 'https://github.com/sandstream/kit/\.github/workflows/docker-build\.yml@.*' \
|
|
43
|
+
--certificate-oidc-issuer https://token.actions.githubusercontent.com
|
|
44
|
+
```
|
|
45
|
+
|
|
24
46
|
Then, in a repo:
|
|
25
47
|
|
|
26
48
|
```bash
|
|
@@ -708,6 +730,10 @@ For Cline, add the same config to your `cline_mcp_settings.json`.
|
|
|
708
730
|
- ๐ **Issues**: [github.com/sandstream/kit/issues](https://github.com/sandstream/kit/issues)
|
|
709
731
|
- ๐ค **Contributing**: [CONTRIBUTING.md](CONTRIBUTING.md), [COMMUNITY.md](COMMUNITY.md)
|
|
710
732
|
|
|
733
|
+
### Support
|
|
734
|
+
|
|
735
|
+
kit is free and MIT-licensed. If it saved you setup time or caught a leak before it shipped, you can [buy me a coffee](https://buymeacoffee.com/sandstream). It funds development time and keeps kit free and open.
|
|
736
|
+
|
|
711
737
|
### Code of Conduct
|
|
712
738
|
|
|
713
739
|
See [CODE_OF_CONDUCT.md](CODE_OF_CONDUCT.md).
|
package/dist/bumblebee.js
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
import { execFile } from "node:child_process";
|
|
14
14
|
import { promisify } from "node:util";
|
|
15
15
|
import { createHash } from "node:crypto";
|
|
16
|
-
import { writeFile, mkdir, mkdtemp, rm, chmod, access, rename, readdir, stat, } from "node:fs/promises";
|
|
16
|
+
import { writeFile, readFile, mkdir, mkdtemp, rm, chmod, access, rename, readdir, stat, } from "node:fs/promises";
|
|
17
17
|
import { homedir } from "node:os";
|
|
18
18
|
import { join } from "node:path";
|
|
19
19
|
const exec = promisify(execFile);
|
|
@@ -82,7 +82,9 @@ async function pathExists(p) {
|
|
|
82
82
|
}
|
|
83
83
|
}
|
|
84
84
|
function cacheParent() {
|
|
85
|
-
|
|
85
|
+
// KIT_BUMBLEBEE_CACHE overrides the cache root (test isolation + CI sandboxes).
|
|
86
|
+
const override = process.env.KIT_BUMBLEBEE_CACHE;
|
|
87
|
+
return override && override.length > 0 ? override : join(homedir(), ".kit", "tools", "bumblebee");
|
|
86
88
|
}
|
|
87
89
|
function cacheRoot(version = BUMBLEBEE_VERSION) {
|
|
88
90
|
return join(cacheParent(), version);
|
|
@@ -133,15 +135,22 @@ export async function ensureBumblebee(opts = {}) {
|
|
|
133
135
|
const root = cacheRoot();
|
|
134
136
|
const binPath = join(root, "bumblebee");
|
|
135
137
|
const catalogDir = join(root, "threat_intel");
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
//
|
|
138
|
+
const sidecarPath = join(root, "bumblebee.sha256");
|
|
139
|
+
if ((await pathExists(binPath)) && (await pathExists(catalogDir)) && (await pathExists(sidecarPath))) {
|
|
140
|
+
// F3 โ re-verify the cached binary against the hash recorded at trusted
|
|
141
|
+
// INSTALL time (the sidecar), NOT the tarball checksum. The pinned
|
|
142
|
+
// TARBALL_CHECKSUMS gate the DOWNLOAD (authoritative supply-chain anchor);
|
|
143
|
+
// the sidecar gates CACHE reuse, catching corruption/tampering of the
|
|
144
|
+
// cached binary since install. (A prior version compared the extracted
|
|
145
|
+
// binary to the *tarball* digest โ different artifacts, so it mismatched on
|
|
146
|
+
// every reuse and silently disabled the scanner after first download.)
|
|
139
147
|
try {
|
|
148
|
+
const expected = (await readFile(sidecarPath, "utf8")).trim();
|
|
140
149
|
const actual = await sha256File(binPath);
|
|
141
|
-
if (actual !==
|
|
150
|
+
if (actual !== expected) {
|
|
142
151
|
return {
|
|
143
152
|
kind: "integrity",
|
|
144
|
-
reason: `cached binary checksum mismatch (expected ${
|
|
153
|
+
reason: `cached binary checksum mismatch (expected ${expected}, got ${actual}); clear ~/.kit/tools/bumblebee and retry`,
|
|
145
154
|
};
|
|
146
155
|
}
|
|
147
156
|
}
|
|
@@ -153,6 +162,8 @@ export async function ensureBumblebee(opts = {}) {
|
|
|
153
162
|
}
|
|
154
163
|
return { install: { binPath, catalogDir } };
|
|
155
164
|
}
|
|
165
|
+
// A cached binary with no sidecar is a legacy cache (pre-fix): fall through and
|
|
166
|
+
// re-download to re-establish trust via the pinned tarball checksum.
|
|
156
167
|
if (opts.allowDownload === false) {
|
|
157
168
|
return {
|
|
158
169
|
kind: "network",
|
|
@@ -218,6 +229,11 @@ async function downloadAndInstall(target, root, timeoutMs) {
|
|
|
218
229
|
throw new Error("extracted archive is missing threat_intel catalogs");
|
|
219
230
|
}
|
|
220
231
|
await chmod(stagedBin, 0o755);
|
|
232
|
+
// Record the extracted binary's own SHA-256 so cache reuse (F3) can verify
|
|
233
|
+
// the BINARY โ the tarball is discarded after extraction. Authenticity was
|
|
234
|
+
// already proven by the pinned tarball checksum above; this anchors the
|
|
235
|
+
// cached binary to that trusted install.
|
|
236
|
+
await writeFile(join(staging, "bumblebee.sha256"), `${await sha256File(stagedBin)}\n`);
|
|
221
237
|
await rm(tarPath, { force: true });
|
|
222
238
|
await rm(root, { recursive: true, force: true });
|
|
223
239
|
await rename(staging, root);
|
package/dist/bumblebee.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bumblebee.js","sourceRoot":"","sources":["../src/bumblebee.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,SAAS,EACT,KAAK,EACL,OAAO,EACP,EAAE,EACF,KAAK,EACL,MAAM,EACN,MAAM,EACN,OAAO,EACP,IAAI,GACL,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAEjC,yFAAyF;AACzF,MAAM,OAAO,cAAe,SAAQ,KAAK;IACvC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAWD;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAEzC,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA2B;IACvD,qCAAqC,EACnC,kEAAkE;IACpE,qCAAqC,EACnC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;CACrE,CAAC;AASF;;;GAGG;AACH,MAAM,UAAU,aAAa,CAC3B,WAA4B,OAAO,CAAC,QAAQ,EAC5C,OAAe,OAAO,CAAC,IAAI,EAC3B,UAAkB,iBAAiB;IAEnC,MAAM,EAAE,GACN,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3E,MAAM,CAAC,GAAG,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IACvE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,SAAS,GAAG,aAAa,OAAO,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;IAC3D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC9C,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,IAAyB;IAC9C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzD,CAAC;AAED,gFAAgF;AAChF,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IACrD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,MAAM,EAAE,EAAE;QACzC,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxD,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,CAAS;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,CAAC,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;AACvD,CAAC;AAED,SAAS,SAAS,CAAC,OAAO,GAAG,iBAAiB;IAC5C,OAAO,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,IAAI,GAAG,WAAW,EAAE,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAClC,CAAC;IACD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAsB,EAAE;IAExB,mEAAmE;IACnE,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC7C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,OAAO;gBACL,IAAI,EAAE,QAAQ;gBACd,MAAM,EAAE,+CAA+C,MAAM,EAAE;aAChE,CAAC;QACJ,CAAC;QACD,MAAM,UAAU,GACd,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,IAAI,CAAC,SAAS,EAAE,EAAE,cAAc,CAAC,CAAC;QACzE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,yBAAyB,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,IAAI,gDAAgD;SAClH,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAE9C,IAAI,CAAC,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClE,yEAAyE;QACzE,2EAA2E;QAC3E,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YACzC,IAAI,MAAM,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC/B,OAAO;oBACL,IAAI,EAAE,WAAW;oBACjB,MAAM,EAAE,6CAA6C,MAAM,CAAC,QAAQ,SAAS,MAAM,2CAA2C;iBAC/H,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,+CAA+C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;aAC1G,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAED,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACjC,OAAO;YACL,IAAI,EAAE,SAAS;YACf,MAAM,EACJ,iEAAiE;SACpE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAC9E,MAAM,CACJ,oDAAoD,iBAAiB,cAAc,CACpF,CAAC;QACF,MAAM,kBAAkB,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,CAAC;QAClE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6EAA6E;QAC7E,+EAA+E;QAC/E,MAAM,WAAW,GAAG,GAAG,YAAY,cAAc,CAAC;QAClD,OAAO;YACL,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iBAAiB,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;SAC7H,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,MAAsB,EACtB,IAAY,EACZ,SAAiB;IAEjB,MAAM,GAAG,GAAG,GAAG,gBAAgB,KAAK,iBAAiB,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;IAE5E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;IAC9D,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;QACxD,CAAC;QACD,0EAA0E;QAC1E,kEAAkE;QAClE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,oDAAoD,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;QACD,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7C,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3B,IAAI,MAAM,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,cAAc,CACtB,yBAAyB,MAAM,CAAC,SAAS,cAAc,MAAM,CAAC,QAAQ,SAAS,MAAM,EAAE,CACxF,CAAC;IACJ,CAAC;IAED,yEAAyE;IACzE,4EAA4E;IAC5E,8CAA8C;IAC9C,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC9B,oFAAoF;QACpF,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAEzE,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC9B,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEnC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,MAAM,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACpE,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAuBD,SAAS,GAAG,CAAC,GAA4B,EAAE,GAAW;IACpD,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACnB,OAAO,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,GAAG,CAAC,CAAU;IACrB,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,MAAc;IAC5C,MAAM,OAAO,GAAgB;QAC3B,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,KAAK;QAClB,QAAQ,EAAE,EAAE;QACZ,eAAe,EAAE,CAAC;KACnB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,IAAI,GAA4B,CAAC;QACjC,IAAI,CAAC;YACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACpB,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,SAAS;gBAC3C,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC;gBACjC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC;gBACrC,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC;gBAChC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC;gBACpE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;gBAC5B,UAAU,EAAE,GAAG,CAAC,GAAG,EAAE,aAAa,CAAC;gBACnC,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,CAAC,WAAW,KAAK,cAAc,EAAE,CAAC;YAC9C,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;YAC3B,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,SAAS,CAAC;YACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,SAAS,KAAK,IAAI,CAAC;YAC1C,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACjD,MAAM,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,GAAG,CAAC,MAA6C,CAAC;YACjE,OAAO,CAAC,eAAe;gBACrB,OAAO,GAAG,UAAU,IAAI,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,QAA4B;IACtD,IAAI,IAAI,GAAkB,IAAI,CAAC;IAC/B,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAI,IAAI,GAAG,QAAQ,EAAE,CAAC;YACpB,QAAQ,GAAG,IAAI,CAAC;YAChB,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAOD,gFAAgF;AAChF,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAE3C,iGAAiG;AACjG,MAAM,UAAU,cAAc,CAC5B,aAAqB,EACrB,KAAa,EACb,gBAAwB,wBAAwB;IAEhD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,aAAa,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC;IAC9E,OAAO,EAAE,KAAK,EAAE,OAAO,GAAG,aAAa,EAAE,OAAO,EAAE,CAAC;AACrD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,GAAkB,IAAI,CAAC;IACjC,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,SAAS;QACtC,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;YACtC,IAAI,MAAM,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,GAAG,MAAM;gBAAE,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAcD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,GAAgB;IAEhB,MAAM,IAAI,GAAG;QACX,MAAM;QACN,UAAU;QACV,GAAG,CAAC,OAAO;QACX,mBAAmB;QACnB,GAAG,CAAC,OAAO,CAAC,UAAU;QACtB,gBAAgB;QAChB,SAAS;QACT,QAAQ;QACR,eAAe;QACf,GAAG,CAAC,WAAW,IAAI,KAAK;KACzB,CAAC;IACF,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE;YACvD,OAAO,EAAE,GAAG,CAAC,SAAS,IAAI,OAAO;YACjC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,2EAA2E;QAC3E,+CAA+C;QAC/C,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,QAAQ,IAAI,GAAG,EAAE,CAAC;YACtD,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAE,GAA4B,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;YACpF,IAAI,OAAO,CAAC,WAAW;gBAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QAC9C,CAAC;QACD,OAAO;YACL,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"bumblebee.js","sourceRoot":"","sources":["../src/bumblebee.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,SAAS,EACT,QAAQ,EACR,KAAK,EACL,OAAO,EACP,EAAE,EACF,KAAK,EACL,MAAM,EACN,MAAM,EACN,OAAO,EACP,IAAI,GACL,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAEjC,yFAAyF;AACzF,MAAM,OAAO,cAAe,SAAQ,KAAK;IACvC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAWD;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAEzC,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA2B;IACvD,qCAAqC,EACnC,kEAAkE;IACpE,qCAAqC,EACnC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;CACrE,CAAC;AASF;;;GAGG;AACH,MAAM,UAAU,aAAa,CAC3B,WAA4B,OAAO,CAAC,QAAQ,EAC5C,OAAe,OAAO,CAAC,IAAI,EAC3B,UAAkB,iBAAiB;IAEnC,MAAM,EAAE,GACN,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3E,MAAM,CAAC,GAAG,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IACvE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,SAAS,GAAG,aAAa,OAAO,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;IAC3D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC9C,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,IAAyB;IAC9C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzD,CAAC;AAED,gFAAgF;AAChF,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IACrD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,MAAM,EAAE,EAAE;QACzC,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxD,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,CAAS;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,CAAC,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW;IAClB,gFAAgF;IAChF,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IACjD,OAAO,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;AACpG,CAAC;AAED,SAAS,SAAS,CAAC,OAAO,GAAG,iBAAiB;IAC5C,OAAO,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,IAAI,GAAG,WAAW,EAAE,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAClC,CAAC;IACD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAsB,EAAE;IAExB,mEAAmE;IACnE,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC7C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,OAAO;gBACL,IAAI,EAAE,QAAQ;gBACd,MAAM,EAAE,+CAA+C,MAAM,EAAE;aAChE,CAAC;QACJ,CAAC;QACD,MAAM,UAAU,GACd,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,IAAI,CAAC,SAAS,EAAE,EAAE,cAAc,CAAC,CAAC;QACzE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,yBAAyB,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,IAAI,gDAAgD;SAClH,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAE9C,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IACnD,IAAI,CAAC,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACrG,wEAAwE;QACxE,mEAAmE;QACnE,2EAA2E;QAC3E,sEAAsE;QACtE,uEAAuE;QACvE,4EAA4E;QAC5E,uEAAuE;QACvE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC9D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YACzC,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;gBACxB,OAAO;oBACL,IAAI,EAAE,WAAW;oBACjB,MAAM,EAAE,6CAA6C,QAAQ,SAAS,MAAM,2CAA2C;iBACxH,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,+CAA+C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;aAC1G,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IACD,gFAAgF;IAChF,qEAAqE;IAErE,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACjC,OAAO;YACL,IAAI,EAAE,SAAS;YACf,MAAM,EACJ,iEAAiE;SACpE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAC9E,MAAM,CACJ,oDAAoD,iBAAiB,cAAc,CACpF,CAAC;QACF,MAAM,kBAAkB,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,CAAC;QAClE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6EAA6E;QAC7E,+EAA+E;QAC/E,MAAM,WAAW,GAAG,GAAG,YAAY,cAAc,CAAC;QAClD,OAAO;YACL,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iBAAiB,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;SAC7H,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,MAAsB,EACtB,IAAY,EACZ,SAAiB;IAEjB,MAAM,GAAG,GAAG,GAAG,gBAAgB,KAAK,iBAAiB,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;IAE5E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;IAC9D,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;QACxD,CAAC;QACD,0EAA0E;QAC1E,kEAAkE;QAClE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,oDAAoD,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;QACD,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7C,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3B,IAAI,MAAM,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,cAAc,CACtB,yBAAyB,MAAM,CAAC,SAAS,cAAc,MAAM,CAAC,QAAQ,SAAS,MAAM,EAAE,CACxF,CAAC;IACJ,CAAC;IAED,yEAAyE;IACzE,4EAA4E;IAC5E,8CAA8C;IAC9C,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC9B,oFAAoF;QACpF,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAEzE,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC9B,2EAA2E;QAC3E,2EAA2E;QAC3E,wEAAwE;QACxE,yCAAyC;QACzC,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,kBAAkB,CAAC,EAAE,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACvF,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEnC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,MAAM,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACpE,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAuBD,SAAS,GAAG,CAAC,GAA4B,EAAE,GAAW;IACpD,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACnB,OAAO,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,GAAG,CAAC,CAAU;IACrB,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,MAAc;IAC5C,MAAM,OAAO,GAAgB;QAC3B,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,KAAK;QAClB,QAAQ,EAAE,EAAE;QACZ,eAAe,EAAE,CAAC;KACnB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,IAAI,GAA4B,CAAC;QACjC,IAAI,CAAC;YACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACpB,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,SAAS;gBAC3C,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC;gBACjC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC;gBACrC,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC;gBAChC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC;gBACpE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;gBAC5B,UAAU,EAAE,GAAG,CAAC,GAAG,EAAE,aAAa,CAAC;gBACnC,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,CAAC,WAAW,KAAK,cAAc,EAAE,CAAC;YAC9C,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;YAC3B,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,SAAS,CAAC;YACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,SAAS,KAAK,IAAI,CAAC;YAC1C,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACjD,MAAM,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,GAAG,CAAC,MAA6C,CAAC;YACjE,OAAO,CAAC,eAAe;gBACrB,OAAO,GAAG,UAAU,IAAI,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,QAA4B;IACtD,IAAI,IAAI,GAAkB,IAAI,CAAC;IAC/B,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAI,IAAI,GAAG,QAAQ,EAAE,CAAC;YACpB,QAAQ,GAAG,IAAI,CAAC;YAChB,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAOD,gFAAgF;AAChF,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAE3C,iGAAiG;AACjG,MAAM,UAAU,cAAc,CAC5B,aAAqB,EACrB,KAAa,EACb,gBAAwB,wBAAwB;IAEhD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,aAAa,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC;IAC9E,OAAO,EAAE,KAAK,EAAE,OAAO,GAAG,aAAa,EAAE,OAAO,EAAE,CAAC;AACrD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,GAAkB,IAAI,CAAC;IACjC,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,SAAS;QACtC,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;YACtC,IAAI,MAAM,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,GAAG,MAAM;gBAAE,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAcD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,GAAgB;IAEhB,MAAM,IAAI,GAAG;QACX,MAAM;QACN,UAAU;QACV,GAAG,CAAC,OAAO;QACX,mBAAmB;QACnB,GAAG,CAAC,OAAO,CAAC,UAAU;QACtB,gBAAgB;QAChB,SAAS;QACT,QAAQ;QACR,eAAe;QACf,GAAG,CAAC,WAAW,IAAI,KAAK;KACzB,CAAC;IACF,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE;YACvD,OAAO,EAAE,GAAG,CAAC,SAAS,IAAI,OAAO;YACjC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,2EAA2E;QAC3E,+CAA+C;QAC/C,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,QAAQ,IAAI,GAAG,EAAE,CAAC;YACtD,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAE,GAA4B,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;YACpF,IAAI,OAAO,CAAC,WAAW;gBAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QAC9C,CAAC;QACD,OAAO;YACL,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -8,6 +8,7 @@ import { checkTools } from "./check-tools.js";
|
|
|
8
8
|
import { checkServices } from "./check-services.js";
|
|
9
9
|
import { checkSecrets } from "./check-secrets.js";
|
|
10
10
|
import { checkSecurity } from "./check-security.js";
|
|
11
|
+
import { syncSecurityFindings } from "./findings-track.js";
|
|
11
12
|
import { checkWebSearch } from "./check-web-search.js";
|
|
12
13
|
import { installTools } from "./install.js";
|
|
13
14
|
import { loginServices } from "./login.js";
|
|
@@ -65,8 +66,8 @@ import { cmdHooks } from "./commands/hooks.js";
|
|
|
65
66
|
import { resolveAllAuth } from "./service-auth.js";
|
|
66
67
|
import { runDoctor } from "./doctor.js";
|
|
67
68
|
import { detectStack } from "./stack-detector.js";
|
|
68
|
-
import { generateToml } from "./toml-generator.js";
|
|
69
|
-
import { vaultMeta } from "./vault-meta.js";
|
|
69
|
+
import { generateToml, parseEnvTemplateKeys } from "./toml-generator.js";
|
|
70
|
+
import { vaultMeta, detectSecretStore } from "./vault-meta.js";
|
|
70
71
|
import { vaultCliInstalled } from "./secret-backends.js";
|
|
71
72
|
import { createPlugin } from "./create-plugin.js";
|
|
72
73
|
import { cmdPlugin } from "./plugins-cli.js";
|
|
@@ -79,6 +80,60 @@ import { parsePkgSpec, installPkg } from "./pkg.js";
|
|
|
79
80
|
import { cmdMemory } from "./commands/memory.js";
|
|
80
81
|
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
81
82
|
const KIT_VERSION = JSON.parse(readFileSync(join(__dirname, "..", "package.json"), "utf-8")).version;
|
|
83
|
+
/** Map a security finding to a short, actionable PAL title/detail. */
|
|
84
|
+
async function cmdHeal() {
|
|
85
|
+
const dryRun = hasFlag(process.argv, "--dry-run");
|
|
86
|
+
const agent = hasFlag(process.argv, "--agent");
|
|
87
|
+
console.log(`${c.bold}${c.cyan}kit heal${c.reset}${dryRun ? `${c.dim} (dry-run)${c.reset}` : ""}`);
|
|
88
|
+
console.log(`${c.dim}${"โ".repeat(50)}${c.reset}\n`);
|
|
89
|
+
const { runHeal } = await import("./heal.js");
|
|
90
|
+
const res = await runHeal({ dryRun });
|
|
91
|
+
if (dryRun) {
|
|
92
|
+
if (res.plannedSafe.length > 0) {
|
|
93
|
+
console.log(`${c.bold}Would auto-fix (safe):${c.reset}`);
|
|
94
|
+
for (const k of res.plannedSafe)
|
|
95
|
+
console.log(` ${c.green}โ${c.reset} ${k}`);
|
|
96
|
+
}
|
|
97
|
+
else {
|
|
98
|
+
console.log(`${c.dim}Nothing to auto-fix.${c.reset}`);
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
else if (res.healed.length > 0) {
|
|
102
|
+
console.log(`${c.green}${c.bold}Healed ${res.healed.length}:${c.reset}`);
|
|
103
|
+
for (const k of res.healed)
|
|
104
|
+
console.log(` ${c.green}โ${c.reset} ${k}`);
|
|
105
|
+
}
|
|
106
|
+
// FAIL-CLOSED โ loud, never auto-healed.
|
|
107
|
+
if (res.failClosed.length > 0) {
|
|
108
|
+
console.log(`\n${c.red}${c.bold}โ FAIL-CLOSED โ not auto-healed (possible tampering):${c.reset}`);
|
|
109
|
+
for (const r of res.failClosed) {
|
|
110
|
+
console.log(` ${c.red}โ${c.reset} ${r.name}: ${r.detail}`);
|
|
111
|
+
if (r.suggestion)
|
|
112
|
+
console.log(` ${c.dim}${r.suggestion}${c.reset}`);
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
// GATED โ proposed, never auto-run by kit.
|
|
116
|
+
if (res.gated.length > 0) {
|
|
117
|
+
console.log(`\n${c.yellow}${c.bold}Gated โ needs you (kit won't auto-run these):${c.reset}`);
|
|
118
|
+
for (const g of res.gated) {
|
|
119
|
+
console.log(` ${c.yellow}!${c.reset} ${g.name}: ${g.issue}`);
|
|
120
|
+
console.log(` ${c.dim}โ ${g.action}${c.reset}`);
|
|
121
|
+
}
|
|
122
|
+
if (agent) {
|
|
123
|
+
console.log(`\n${c.dim}# agent: each command below still hits the elevation gate + audit log${c.reset}`);
|
|
124
|
+
for (const g of res.gated)
|
|
125
|
+
console.log(g.action);
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
const green = res.failClosed.length === 0 && res.gated.length === 0;
|
|
129
|
+
console.log();
|
|
130
|
+
if (!dryRun) {
|
|
131
|
+
console.log(green
|
|
132
|
+
? `${c.green}${c.bold}All findings healed or clean โ${c.reset}`
|
|
133
|
+
: `${c.yellow}Auto-heal done; items above need you.${c.reset}`);
|
|
134
|
+
}
|
|
135
|
+
return green;
|
|
136
|
+
}
|
|
82
137
|
async function cmdCheck() {
|
|
83
138
|
const jsonMode = hasFlag(process.argv, "--json");
|
|
84
139
|
const enforceTests = hasFlag(process.argv, "--enforce-tests");
|
|
@@ -134,6 +189,19 @@ async function cmdCheck() {
|
|
|
134
189
|
securityOk &&
|
|
135
190
|
testsOk &&
|
|
136
191
|
lockOk;
|
|
192
|
+
// Track security findings in the PAL ledger (cross-session reminders +
|
|
193
|
+
// auto-close on a clean re-scan). Opt out with [memory] track_findings = false.
|
|
194
|
+
if (config.memory?.track_findings !== false) {
|
|
195
|
+
const r = await syncSecurityFindings(securityResults);
|
|
196
|
+
if (!jsonMode && r && (r.added || r.closed.length || r.reopened)) {
|
|
197
|
+
const parts = [`+${r.added} tracked`];
|
|
198
|
+
if (r.reopened)
|
|
199
|
+
parts.push(`${r.reopened} reopened`);
|
|
200
|
+
if (r.closed.length)
|
|
201
|
+
parts.push(`โ${r.closed.length} auto-closed`);
|
|
202
|
+
console.log(`${c.dim}PAL: ${parts.join(" ยท ")}${c.reset}`);
|
|
203
|
+
}
|
|
204
|
+
}
|
|
137
205
|
if (jsonMode) {
|
|
138
206
|
const checks = [
|
|
139
207
|
...toolResults.map((t) => ({
|
|
@@ -1035,10 +1103,16 @@ async function generateConfigFile(configPath, nonInteractive) {
|
|
|
1035
1103
|
`${c.bold}kit secrets migrate${c.reset}${c.yellow} after.${c.reset}\n`);
|
|
1036
1104
|
}
|
|
1037
1105
|
// โโ Secret-backend choice (interactive) โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
|
|
1038
|
-
|
|
1106
|
+
// Respect a backend the repo is already bound to (.infisical.json / doppler.yaml);
|
|
1107
|
+
// it becomes the default (and the non-interactive choice) instead of 1Password.
|
|
1108
|
+
const detectedStore = await detectSecretStore(async (p) => existsSync(resolve(process.cwd(), p)));
|
|
1109
|
+
let chosenStore = detectedStore ?? "1password";
|
|
1110
|
+
if (detectedStore) {
|
|
1111
|
+
console.log(` ${c.green}โ${c.reset} Detected ${c.bold}${detectedStore}${c.reset} config in repo โ using it as the secret backend.\n`);
|
|
1112
|
+
}
|
|
1039
1113
|
if (!nonInteractive) {
|
|
1040
|
-
|
|
1041
|
-
{ value: "1password", label: "1Password", hint: "interactive signin via op CLI"
|
|
1114
|
+
const opts = [
|
|
1115
|
+
{ value: "1password", label: "1Password", hint: "interactive signin via op CLI" },
|
|
1042
1116
|
{ value: "infisical", label: "Infisical", hint: "self-hosted or cloud, token-based" },
|
|
1043
1117
|
{ value: "vault", label: "HashiCorp Vault", hint: "KV v2 paths" },
|
|
1044
1118
|
{ value: "aws-sm", label: "AWS Secrets Manager", hint: "IAM credentials required" },
|
|
@@ -1047,7 +1121,8 @@ async function generateConfigFile(configPath, nonInteractive) {
|
|
|
1047
1121
|
{ value: "doppler", label: "Doppler", hint: "doppler login required" },
|
|
1048
1122
|
{ value: "bitwarden", label: "Bitwarden", hint: "bw login + unlock required" },
|
|
1049
1123
|
{ value: "env", label: "env (no vault)", hint: "not recommended โ use only for local dev" },
|
|
1050
|
-
]));
|
|
1124
|
+
].map((o) => ({ ...o, recommended: o.value === chosenStore }));
|
|
1125
|
+
chosenStore = (await promptSelect("Secret backend?", opts));
|
|
1051
1126
|
console.log();
|
|
1052
1127
|
}
|
|
1053
1128
|
// Detect a Dockerfile so generateToml can provision the trivy container/IaC
|
|
@@ -1055,7 +1130,20 @@ async function generateConfigFile(configPath, nonInteractive) {
|
|
|
1055
1130
|
const hasDockerfile = existsSync(resolve(process.cwd(), "Dockerfile")) ||
|
|
1056
1131
|
existsSync(resolve(process.cwd(), "docker-compose.yml")) ||
|
|
1057
1132
|
existsSync(resolve(process.cwd(), "compose.yml"));
|
|
1058
|
-
|
|
1133
|
+
// Seed [secrets.keys] from an existing .env example so the project's real
|
|
1134
|
+
// secret contract isn't lost to just the detected services' template keys.
|
|
1135
|
+
let extraSecretKeys = [];
|
|
1136
|
+
for (const f of [".env.example", ".env.template", ".env.sample"]) {
|
|
1137
|
+
const p = resolve(process.cwd(), f);
|
|
1138
|
+
if (existsSync(p)) {
|
|
1139
|
+
extraSecretKeys = parseEnvTemplateKeys(readFileSync(p, "utf-8"));
|
|
1140
|
+
if (extraSecretKeys.length > 0) {
|
|
1141
|
+
console.log(` ${c.green}โ${c.reset} Seeded ${extraSecretKeys.length} key(s) from ${c.bold}${f}${c.reset}\n`);
|
|
1142
|
+
}
|
|
1143
|
+
break;
|
|
1144
|
+
}
|
|
1145
|
+
}
|
|
1146
|
+
const tomlContent = generateToml(stack, { secretsStore: chosenStore, hasDockerfile, extraSecretKeys });
|
|
1059
1147
|
// Show diff preview
|
|
1060
1148
|
console.log(`${c.bold}Preview โ .kit.toml${c.reset}\n`);
|
|
1061
1149
|
for (const line of tomlContent.split("\n")) {
|
|
@@ -3226,6 +3314,7 @@ const COMMAND_HELP = {
|
|
|
3226
3314
|
setup: "Full pipeline: install โ login โ secrets โ agent config โ verify",
|
|
3227
3315
|
"setup --recommended": "Opinionated profile: setup + memory hooks + git secret-scan/context-check gates",
|
|
3228
3316
|
fix: "Auto-fix what is possible",
|
|
3317
|
+
heal: "Loop: auto-fix safe findings, re-scan until green; gate destructive, fail-closed on tamper (--dry-run, --agent)",
|
|
3229
3318
|
escalate: "List what needs human action",
|
|
3230
3319
|
governance: "View governance status and agent access controls",
|
|
3231
3320
|
skills: "Check status of agent skills",
|
|
@@ -3759,6 +3848,7 @@ async function main() {
|
|
|
3759
3848
|
setup: cmdSetup,
|
|
3760
3849
|
skills: cmdSkills,
|
|
3761
3850
|
fix: cmdFix,
|
|
3851
|
+
heal: cmdHeal,
|
|
3762
3852
|
escalate: cmdEscalate,
|
|
3763
3853
|
governance: cmdGovernance,
|
|
3764
3854
|
"agent-config": cmdAgentConfig,
|