securenow 5.15.0 → 5.15.2

package/NPM_README.md

@@ -241,6 +241,9 @@ npx securenow notifications read-all
 ```bash
 # View alert rules, channels, and history
 npx securenow alerts rules
+npx securenow alerts rules show <rule-id>
+npx securenow alerts rules update <rule-id> --applications-all
+npx securenow alerts rules update <rule-id> --apps key1,key2
 npx securenow alerts channels
 npx securenow alerts history --limit 20
 ```
@@ -394,7 +397,9 @@ fi
 | | `notifications unread` | Unread count |
 | | `notifications read <id>` | Mark read |
 | | `notifications read-all` | Mark all read |
-| | `alerts rules` | Alert rules |
+| | `alerts rules` | List rules (status, apps, schedule) |
+| | `alerts rules show <id>` | Rule detail |
+| | `alerts rules update <id> --applications-all` / `--apps k1,k2` | Application scope |
 | | `alerts channels` | Alert channels |
 | | `alerts history` | Alert history |
 | **Investigate** | `ip <addr>` | IP intelligence |

package/README.md

@@ -300,7 +300,10 @@ Most users won't need this — just add `-r securenow/register` to your existing
 | `securenow notifications unread` | Show unread count |
 | `securenow notifications read <id>` | Mark notification as read |
 | `securenow notifications read-all` | Mark all as read |
-| `securenow alerts rules` | List alert rules |
+| `securenow alerts rules` | List alert rules (status, applications, schedule) |
+| `securenow alerts rules show <id>` | Show one rule (includes all-apps vs explicit apps) |
+| `securenow alerts rules update <id> --applications-all` | Set rule to all current & future apps |
+| `securenow alerts rules update <id> --apps k1,k2` | Scope rule to specific app keys |
 | `securenow alerts channels` | List alert channels |
 | `securenow alerts history` | View alert history |
 

package/SKILL-CLI.md

@@ -174,7 +174,10 @@ securenow notifications unread               # unread count
 
 ```bash
 securenow alerts                             # list alert rules (default)
-securenow alerts rules                       # list alert rules
+securenow alerts rules                       # list alert rules (columns: Status, Applications, Schedule)
+securenow alerts rules show <id>            # one rule; JSON: --json
+securenow alerts rules update <id> --applications-all   # all current & future apps
+securenow alerts rules update <id> --apps key1,key2     # explicit app keys only
 securenow alerts channels                    # list alert channels (Slack, email, etc.)
 securenow alerts history [--limit N]         # past triggered alerts
 ```

package/cli/security.js

@@ -10,6 +10,39 @@ function resolveApp(flags) {
 
 // ── Alert Rules ──
 
+function formatRuleApplicationsCell(rule) {
+  if (rule.applicationsAll) {
+    return ui.c.cyan('all apps');
+  }
+  const keys = rule.applications || [];
+  if (keys.length === 0) return ui.c.dim('—');
+  const joined = keys.join(', ');
+  return joined.length > 48 ? `${joined.slice(0, 45)}…` : joined;
+}
+
+function ruleStatusBadge(rule) {
+  const st = rule.status || (rule.enabled !== false ? 'Active' : 'Disabled');
+  if (st === 'Active') return ui.statusBadge('active');
+  if (st === 'Disabled') return ui.statusBadge('disabled');
+  if (st === 'Paused') return ui.statusBadge('paused');
+  return st;
+}
+
+/** Dispatch: list | show <id> | update <id> ... */
+async function alertRulesRoute(args, flags) {
+  const sub = args[0];
+  if (sub === 'show') {
+    return alertRuleShow(args.slice(1), flags);
+  }
+  if (sub === 'update') {
+    return alertRuleUpdate(args.slice(1), flags);
+  }
+  if (sub === 'list') {
+    return alertRulesList(args.slice(1), flags);
+  }
+  return alertRulesList(args, flags);
+}
+
 async function alertRulesList(args, flags) {
   requireAuth();
   const s = ui.spinner('Fetching alert rules');
@@ -21,15 +54,16 @@ async function alertRulesList(args, flags) {
     if (flags.json) { ui.json(rules); return; }
 
     console.log('');
-    const rows = rules.map(r => [
+    const rows = rules.map((r) => [
       ui.c.dim(ui.truncate(r._id, 12)),
-      r.name || r.type || '—',
-      ui.statusBadge(r.enabled !== false ? 'enabled' : 'disabled'),
-      r.severity ? ui.statusBadge(r.severity) : '—',
-      r.type || '—',
-      r.serviceName || ui.c.dim('all'),
+      r.name || '—',
+      ruleStatusBadge(r),
+      formatRuleApplicationsCell(r),
+      r.schedule?.enabled === false ? ui.c.dim('off') : (r.schedule?.description || r.schedule?.cronExpression || '—'),
     ]);
-    ui.table(['ID', 'Name', 'Status', 'Severity', 'Type', 'App'], rows);
+    ui.table(['ID', 'Name', 'Status', 'Applications', 'Schedule'], rows);
+    console.log('');
+    console.log(ui.c.dim('  Applications: "all apps" = all current & future active apps.  show <id>  ·  update <id> --applications-all  ·  --apps k1,k2'));
     console.log('');
   } catch (err) {
     s.fail('Failed to fetch alert rules');
@@ -37,6 +71,105 @@ async function alertRulesList(args, flags) {
   }
 }
 
+async function alertRuleShow(args, flags) {
+  requireAuth();
+  const id = args[0];
+  if (!id) {
+    ui.error('Usage: securenow alerts rules show <rule-id>');
+    process.exit(1);
+  }
+  const s = ui.spinner('Fetching alert rule');
+  try {
+    const data = await api.get(`/alert-rules/${id}`);
+    const r = data.alertRule;
+    s.stop('');
+
+    if (flags.json) {
+      ui.json(r);
+      return;
+    }
+
+    console.log('');
+    ui.heading(r.name || 'Alert rule');
+    console.log('');
+    const appLine = r.applicationsAll
+      ? 'All applications (current & future)'
+      : (r.applications && r.applications.length > 0 ? r.applications.join(', ') : '—');
+    ui.keyValue([
+      ['ID', r._id || r.id || id],
+      ['Status', r.status || '—'],
+      ['System rule', r.isSystem ? 'yes' : 'no'],
+      ['Applications', appLine],
+      ['Schedule', r.schedule?.enabled === false ? 'disabled' : (r.schedule?.description || r.schedule?.cronExpression || '—')],
+      ['Throttle', r.throttle?.enabled ? `${r.throttle.minutes} min` : 'off'],
+      ['Query', r.queryMappingId?.name || '—'],
+    ]);
+    console.log('');
+  } catch (err) {
+    s.fail('Failed to fetch alert rule');
+    throw err;
+  }
+}
+
+async function alertRuleUpdate(args, flags) {
+  requireAuth();
+  const id = args[0];
+  if (!id) {
+    ui.error('Usage: securenow alerts rules update <rule-id> (--applications-all | --apps <k1,k2>)');
+    process.exit(1);
+  }
+
+  const hasAll =
+    flags['applications-all'] === true ||
+    flags['applications-all'] === 'true';
+  const hasNoAll =
+    flags['no-applications-all'] === true ||
+    flags['no-applications-all'] === 'true';
+  const appsStr = flags.apps;
+
+  if (hasAll && hasNoAll) {
+    ui.error('Use only one of --applications-all or --no-applications-all');
+    process.exit(1);
+  }
+  if (hasAll && appsStr) {
+    ui.error('Cannot combine --applications-all with --apps');
+    process.exit(1);
+  }
+
+  const body = {};
+  if (hasAll) {
+    body.applicationsAll = true;
+    body.applications = [];
+  } else if (hasNoAll || appsStr) {
+    body.applicationsAll = false;
+    if (!appsStr) {
+      ui.error('Pass --apps key1,key2 when using --no-applications-all, or omit --no-applications-all and use --apps only');
+      process.exit(1);
+    }
+    body.applications = String(appsStr)
+      .split(',')
+      .map((x) => x.trim())
+      .filter(Boolean);
+    if (body.applications.length === 0) {
+      ui.error('No application keys parsed from --apps');
+      process.exit(1);
+    }
+  } else {
+    ui.error('Nothing to update. Use --applications-all or --apps key1,key2');
+    process.exit(1);
+  }
+
+  const s = ui.spinner('Updating alert rule');
+  try {
+    await api.put(`/alert-rules/${id}`, body);
+    s.stop('Updated');
+    ui.success('Alert rule updated');
+  } catch (err) {
+    s.fail('Failed to update alert rule');
+    throw err;
+  }
+}
+
 // ── Alert Channels ──
 
 async function alertChannelsList(args, flags) {
@@ -901,7 +1034,10 @@ async function analytics(args, flags) {
 }
 
 module.exports = {
+  alertRulesRoute,
   alertRulesList,
+  alertRuleShow,
+  alertRuleUpdate,
   alertChannelsList,
   alertHistoryList,
   blocklistList,

package/cli/ui.js

@@ -302,6 +302,7 @@ function statusBadge(status) {
     trusted: c.green('■ trusted'),
     enabled: c.green('● enabled'),
     disabled: c.dim('○ disabled'),
+    paused: c.yellow('◆ paused'),
     critical: c.red('▲ critical'),
     high: c.red('▲ high'),
     medium: c.yellow('▲ medium'),

package/cli.js

@@ -1,4 +1,4 @@
-#!/usr/bin/env node
+#!/usr/bin/env node
 'use strict';
 
 const ui = require('./cli/ui');
@@ -119,7 +119,16 @@ const COMMANDS = {
     desc: 'Manage alerting',
     usage: 'securenow alerts <subcommand> [options]',
     sub: {
-      rules: { desc: 'List alert rules', run: (a, f) => require('./cli/security').alertRulesList(a, f) },
+      rules: {
+        desc: 'List, show, or update alert rules',
+        flags: {
+          json: 'Output as JSON',
+          'applications-all': 'With update: scope rule to all apps',
+          'no-applications-all': 'With update: scope to explicit --apps list',
+          apps: 'Comma-separated app keys (with update)',
+        },
+        run: (a, f) => require('./cli/security').alertRulesRoute(a, f),
+      },
       channels: { desc: 'List alert channels', run: (a, f) => require('./cli/security').alertChannelsList(a, f) },
       history: { desc: 'View alert history', flags: { limit: 'Max results' }, run: (a, f) => require('./cli/security').alertHistoryList(a, f) },
     },

package/docs/ALL-FRAMEWORKS-QUICKSTART.md

@@ -805,6 +805,9 @@ The SecureNow CLI is your terminal command center. Below is every command organi
 | `securenow issues show <id>` | Full issue detail + AI analysis |
 | `securenow issues resolve <id>` | Mark issue as resolved |
 | `securenow alerts rules` | List alert rules |
+| `securenow alerts rules show <id>` | One rule (all-apps vs explicit keys) |
+| `securenow alerts rules update <id> --applications-all` | All current & future apps |
+| `securenow alerts rules update <id> --apps k1,k2` | Explicit app keys only |
 | `securenow alerts channels` | List alert channels (email, webhook, Slack) |
 | `securenow alerts history --limit 50` | View past triggered alerts |
 | `securenow notifications` | List notifications |
@@ -1171,6 +1174,11 @@ Configure alert rules and channels from the [dashboard](https://app.securenow.ai
 # List your alert rules
 npx securenow alerts rules
 
+# Show one rule / set application scope (all apps vs explicit keys)
+npx securenow alerts rules show <rule-id>
+npx securenow alerts rules update <rule-id> --applications-all
+npx securenow alerts rules update <rule-id> --apps key1,key2
+
 # List alert channels (email, Slack, webhook)
 npx securenow alerts channels
 

package/docs/API-KEYS-GUIDE.md

@@ -87,6 +87,8 @@ Restrict an API key to specific applications. When set, the key can only access
 
 Leave empty to allow access to all applications on your account.
 
+**Alert rules:** Keys that are scoped to specific applications **cannot** create or update alert rules with **`applicationsAll: true`** (“all applications”). Use explicit app keys on each rule instead. Unscoped keys may use all-apps mode.
+
 ---
 
 ## IP Allowlisting

package/firewall.js

@@ -395,6 +395,7 @@ p{font-size:.9rem;line-height:1.7;color:#a1a1aa;margin-bottom:.5rem}
 .contact a{color:#f87171;text-decoration:none;font-weight:500}
 .contact a:hover{text-decoration:underline}
 .footer{margin-top:2rem;font-size:.7rem;color:#3f3f46}
+.powered{margin-top:1.5rem;font-size:.75rem;color:#52525b}.powered a{color:#a1a1aa;text-decoration:none;font-weight:600;transition:color .2s}.powered a:hover{color:#f87171;text-decoration:underline}
 </style>
 </head>
 <body>
@@ -408,6 +409,7 @@ p{font-size:.9rem;line-height:1.7;color:#a1a1aa;margin-bottom:.5rem}
 <div class="divider"></div>
 <p class="contact">If you believe this is a mistake, please contact us at<br><a href="mailto:contact@securenow.ai?subject=Blocked%20IP%20Appeal%20-%20${encodeURIComponent(maskedIp)}&body=IP:%20${encodeURIComponent(maskedIp)}%0ATimestamp:%20${encodeURIComponent(new Date().toISOString())}%0A%0APlease%20describe%20why%20you%20believe%20this%20block%20is%20incorrect:">contact@securenow.ai</a><br>Include your IP address and the time of this incident.</p>
 <p class="footer">Ref: ${maskedIp} &mdash; ${new Date().toISOString()} &mdash; HTTP 403</p>
+<p class="powered">Protected by <a href="https://securenow.ai" rel="dofollow" target="_blank">SecureNow</a></p>
 </div>
 </body>
 </html>`;

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "5.15.0",
+  "version": "5.15.2",
   "description": "OpenTelemetry instrumentation for Node.js, Next.js, and Nuxt - Send traces and logs to any OTLP-compatible backend",
   "type": "commonjs",
   "main": "register.js",