npm - securenow - Versions diffs - 5.2.1 → 5.3.0 - Mend

securenow 5.2.1 → 5.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/cli.js CHANGED Viewed

@@ -1,267 +1,389 @@
 #!/usr/bin/env node
 'use strict';
-/**
- * SecureNow CLI
- *
- * Usage: npx securenow init [options]
- */
+const ui = require('./cli/ui');
-const fs = require('fs');
-const path = require('path');
+// ── Argument Parser ──
-const commands = {
-  init: initCommand,
-  help: helpCommand,
-  version: versionCommand,
-};
-// Templates
-const templates = {
-  typescript: `import { registerSecureNow } from 'securenow/nextjs';
-export function register() {
-  registerSecureNow();
-}
+function parseArgs(argv) {
+  const positional = [];
+  const flags = {};
-/**
- * Configuration via .env.local:
- *
- * Required:
- *   SECURENOW_APPID=my-nextjs-app
- *
- * Optional:
- *   SECURENOW_INSTANCE=http://your-otlp-backend:4318
- *   OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-key"
- *   OTEL_LOG_LEVEL=info
- */
-`,
-  javascript: `const { registerSecureNow } = require('securenow/nextjs');
+  for (let i = 0; i < argv.length; i++) {
+    const arg = argv[i];
+    if (arg.startsWith('--')) {
+      const eqIdx = arg.indexOf('=');
+      if (eqIdx !== -1) {
+        flags[arg.slice(2, eqIdx)] = arg.slice(eqIdx + 1);
+      } else {
+        const next = argv[i + 1];
+        if (next && !next.startsWith('-')) {
+          flags[arg.slice(2)] = next;
+          i++;
+        } else {
+          flags[arg.slice(2)] = true;
+        }
+      }
+    } else if (arg.startsWith('-') && arg.length === 2) {
+      const shortMap = { f: 'force', y: 'yes', v: 'verbose', j: 'json' };
+      const long = shortMap[arg[1]] || arg[1];
+      flags[long] = true;
+    } else {
+      positional.push(arg);
+    }
+  }
-export function register() {
-  registerSecureNow();
+  return { positional, flags };
 }
-/**
- * Configuration via .env.local:
- *
- * Required:
- *   SECURENOW_APPID=my-nextjs-app
- *
- * Optional:
- *   SECURENOW_INSTANCE=http://your-otlp-backend:4318
- *   OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-key"
- *   OTEL_LOG_LEVEL=info
- */
-`,
-  env: `# SecureNow Configuration
-# Required: Your application identifier
-SECURENOW_APPID=my-nextjs-app
-# Optional: Your OTLP-compatible backend / collector endpoint
-# Default: https://freetrial.securenow.ai:4318
-SECURENOW_INSTANCE=http://your-otlp-backend:4318
+// ── Command Registry ──
+const COMMANDS = {
+  login: {
+    desc: 'Authenticate with SecureNow',
+    usage: 'securenow login [--token <TOKEN>]',
+    flags: { token: 'Authenticate with a token directly' },
+    run: (a, f) => require('./cli/auth').login(a, f),
+  },
+  logout: {
+    desc: 'Clear stored credentials',
+    usage: 'securenow logout',
+    run: () => require('./cli/auth').logout(),
+  },
+  whoami: {
+    desc: 'Show current session info',
+    usage: 'securenow whoami',
+    run: () => require('./cli/auth').whoami(),
+  },
+  apps: {
+    desc: 'Manage applications',
+    usage: 'securenow apps <subcommand> [options]',
+    sub: {
+      list: { desc: 'List all applications', run: (a, f) => require('./cli/apps').list(a, f) },
+      create: { desc: 'Create a new application', usage: 'securenow apps create <name> [--hosts host1,host2] [--instance <id>]', run: (a, f) => require('./cli/apps').create(a, f) },
+      info: { desc: 'Show application details', usage: 'securenow apps info <id>', run: (a, f) => require('./cli/apps').info(a, f) },
+      delete: { desc: 'Delete an application', usage: 'securenow apps delete <id> [--force]', run: (a, f) => require('./cli/apps').remove(a, f) },
+      default: { desc: 'Set default application', usage: 'securenow apps default <key>', run: (a, f) => require('./cli/apps').setDefault(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  traces: {
+    desc: 'View and analyze traces',
+    usage: 'securenow traces <subcommand> [options]',
+    sub: {
+      list: { desc: 'List recent traces', flags: { app: 'App key', limit: 'Max results', start: 'Start time', end: 'End time' }, run: (a, f) => require('./cli/monitor').tracesList(a, f) },
+      show: { desc: 'Show trace details', usage: 'securenow traces show <traceId>', run: (a, f) => require('./cli/monitor').tracesShow(a, f) },
+      analyze: { desc: 'AI-analyze a trace', usage: 'securenow traces analyze <traceId>', run: (a, f) => require('./cli/monitor').tracesAnalyze(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  logs: {
+    desc: 'View application logs',
+    usage: 'securenow logs [options]',
+    sub: {
+      list: { desc: 'List recent logs', flags: { app: 'App key', limit: 'Max results', minutes: 'Time window in minutes', level: 'Filter by level' }, run: (a, f) => require('./cli/monitor').logsList(a, f) },
+      trace: { desc: 'Show logs for a trace', usage: 'securenow logs trace <traceId>', run: (a, f) => require('./cli/monitor').logsTrace(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  issues: {
+    desc: 'Manage security issues',
+    usage: 'securenow issues <subcommand> [options]',
+    sub: {
+      list: { desc: 'List issues', flags: { app: 'App key', status: 'Filter by status' }, run: (a, f) => require('./cli/monitor').issuesList(a, f) },
+      show: { desc: 'Show issue details', usage: 'securenow issues show <id>', run: (a, f) => require('./cli/monitor').issuesShow(a, f) },
+      resolve: { desc: 'Resolve an issue', usage: 'securenow issues resolve <id>', run: (a, f) => require('./cli/monitor').issuesResolve(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  notifications: {
+    desc: 'Manage notifications',
+    usage: 'securenow notifications <subcommand> [options]',
+    sub: {
+      list: { desc: 'List notifications', flags: { limit: 'Max results', page: 'Page number' }, run: (a, f) => require('./cli/monitor').notificationsList(a, f) },
+      read: { desc: 'Mark notification as read', usage: 'securenow notifications read <id>', run: (a, f) => require('./cli/monitor').notificationsRead(a, f) },
+      'read-all': { desc: 'Mark all as read', run: () => require('./cli/monitor').notificationsReadAll() },
+      unread: { desc: 'Show unread count', run: () => require('./cli/monitor').notificationsUnread() },
+    },
+    defaultSub: 'list',
+  },
+  alerts: {
+    desc: 'Manage alerting',
+    usage: 'securenow alerts <subcommand> [options]',
+    sub: {
+      rules: { desc: 'List alert rules', run: (a, f) => require('./cli/security').alertRulesList(a, f) },
+      channels: { desc: 'List alert channels', run: (a, f) => require('./cli/security').alertChannelsList(a, f) },
+      history: { desc: 'View alert history', flags: { limit: 'Max results' }, run: (a, f) => require('./cli/security').alertHistoryList(a, f) },
+    },
+    defaultSub: 'rules',
+  },
+  blocklist: {
+    desc: 'Manage IP blocklist',
+    usage: 'securenow blocklist <subcommand> [options]',
+    sub: {
+      list: { desc: 'List blocked IPs', run: (a, f) => require('./cli/security').blocklistList(a, f) },
+      add: { desc: 'Block an IP', usage: 'securenow blocklist add <ip> [--reason <reason>]', run: (a, f) => require('./cli/security').blocklistAdd(a, f) },
+      remove: { desc: 'Unblock an IP', usage: 'securenow blocklist remove <id>', run: (a, f) => require('./cli/security').blocklistRemove(a, f) },
+      stats: { desc: 'Blocklist statistics', run: (a, f) => require('./cli/security').blocklistStats(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  trusted: {
+    desc: 'Manage trusted IPs',
+    usage: 'securenow trusted <subcommand> [options]',
+    sub: {
+      list: { desc: 'List trusted IPs', run: (a, f) => require('./cli/security').trustedList(a, f) },
+      add: { desc: 'Add trusted IP', usage: 'securenow trusted add <ip> [--label <label>]', run: (a, f) => require('./cli/security').trustedAdd(a, f) },
+      remove: { desc: 'Remove trusted IP', usage: 'securenow trusted remove <id>', run: (a, f) => require('./cli/security').trustedRemove(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  ip: {
+    desc: 'IP intelligence lookup',
+    usage: 'securenow ip <ip-address>',
+    sub: {
+      lookup: { desc: 'Look up IP intelligence', run: (a, f) => require('./cli/security').ipLookup(a, f) },
+      traces: { desc: 'Show traces for an IP', usage: 'securenow ip traces <ip>', run: (a, f) => require('./cli/security').ipTraces(a, f) },
+    },
+    defaultAction: (a, f) => require('./cli/security').ipLookup(a, f),
+  },
+  forensics: {
+    desc: 'Run forensic queries (natural language → SQL)',
+    usage: 'securenow forensics <query>',
+    sub: {
+      query: { desc: 'Run a forensic query', run: (a, f) => require('./cli/security').forensicsQuery(a, f) },
+      library: { desc: 'View saved queries', run: (a, f) => require('./cli/security').forensicsLibrary(a, f) },
+    },
+    defaultAction: (a, f) => require('./cli/security').forensicsQuery(a, f),
+  },
+  'api-map': {
+    desc: 'View API map',
+    usage: 'securenow api-map [stats]',
+    sub: {
+      list: { desc: 'List discovered API endpoints', run: (a, f) => require('./cli/security').apiMapList(a, f) },
+      stats: { desc: 'API map statistics', run: (a, f) => require('./cli/security').apiMapStats(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  instances: {
+    desc: 'Manage ClickHouse instances',
+    usage: 'securenow instances <subcommand> [options]',
+    sub: {
+      list: { desc: 'List instances', run: (a, f) => require('./cli/security').instancesList(a, f) },
+      test: { desc: 'Test instance connection', usage: 'securenow instances test <id>', run: (a, f) => require('./cli/security').instancesTest(a, f) },
+    },
+    defaultSub: 'list',
+  },
+  analytics: {
+    desc: 'View response analytics',
+    usage: 'securenow analytics [--app <key>]',
+    run: (a, f) => require('./cli/security').analytics(a, f),
+  },
+  status: {
+    desc: 'Dashboard overview',
+    usage: 'securenow status [--app <key>]',
+    run: (a, f) => require('./cli/monitor').status(a, f),
+  },
+  config: {
+    desc: 'Manage CLI configuration',
+    usage: 'securenow config <set|get> [key] [value]',
+    sub: {
+      set: {
+        desc: 'Set a config value',
+        usage: 'securenow config set <key> <value>',
+        run: (a) => {
+          const conf = require('./cli/config');
+          const [key, ...rest] = a;
+          const value = rest.join(' ');
+          if (!key || !value) { ui.error('Usage: securenow config set <key> <value>'); process.exit(1); }
+          conf.setConfigValue(key, value);
+          ui.success(`${key} = ${value}`);
+        },
+      },
+      get: {
+        desc: 'Get a config value',
+        usage: 'securenow config get [key]',
+        run: (a) => {
+          const conf = require('./cli/config');
+          const key = a[0];
+          if (key) {
+            const val = conf.getConfigValue(key);
+            console.log(val != null ? val : ui.c.dim('(not set)'));
+          } else {
+            const all = conf.loadConfig();
+            console.log('');
+            ui.keyValue(Object.entries(all).map(([k, v]) => [k, v != null ? String(v) : ui.c.dim('(not set)')]));
+            console.log('');
+          }
+        },
+      },
+      path: {
+        desc: 'Show config file path',
+        run: () => {
+          const conf = require('./cli/config');
+          console.log(`Config:      ${conf.CONFIG_FILE}`);
+          console.log(`Credentials: ${conf.CREDENTIALS_FILE}`);
+        },
+      },
+    },
+  },
+  init: {
+    desc: 'Initialize SecureNow instrumentation',
+    usage: 'securenow init [--ts|--js] [--src|--root] [--force]',
+    flags: { typescript: 'Force TypeScript', javascript: 'Force JavaScript', src: 'Create in src/', root: 'Create in root', force: 'Overwrite existing' },
+    run: (a, f) => require('./cli/init').init(a, f),
+  },
+  version: {
+    desc: 'Show CLI version',
+    run: () => {
+      try {
+        const pkg = require('./package.json');
+        console.log(`securenow v${pkg.version}`);
+      } catch {
+        console.log('securenow (version unknown)');
+      }
+    },
+  },
+};
-# Optional: API key or authentication headers
-# OTEL_EXPORTER_OTLP_HEADERS="x-api-key=your-api-key-here"
+// ── Help System ──
-# Optional: Log level (debug|info|warn|error)
-# OTEL_LOG_LEVEL=info
-`,
-};
+function showBanner() {
+  console.log('');
+  console.log(`  ${ui.c.bold(ui.c.cyan('SecureNow CLI'))} ${ui.c.dim('— Security observability from the terminal')}`);
+  console.log('');
+}
-function initCommand(args) {
-  const flags = parseFlags(args);
-  const cwd = process.cwd();
-  console.log('\n🚀 SecureNow Setup\n');
-  // Check if Next.js project
-  const isNextJs = isNextJsProject(cwd);
-  if (!isNextJs && !flags.force) {
-    console.log('⚠️  This doesn\'t appear to be a Next.js project.');
-    console.log('   If you want to proceed anyway, use: npx securenow init --force\n');
-    process.exit(1);
-  }
-  // Determine TypeScript or JavaScript
-  const useTypeScript = flags.typescript ||
-                        (!flags.javascript && fs.existsSync(path.join(cwd, 'tsconfig.json')));
-  // Determine if using src folder
-  const useSrc = flags.src ||
-                 (!flags.root && fs.existsSync(path.join(cwd, 'src')));
-  // Construct file paths
-  const fileName = useTypeScript ? 'instrumentation.ts' : 'instrumentation.js';
-  const filePath = useSrc
-    ? path.join(cwd, 'src', fileName)
-    : path.join(cwd, fileName);
-  // Check if file already exists
-  if (fs.existsSync(filePath) && !flags.force) {
-    console.log(`❌ ${useSrc ? 'src/' : ''}${fileName} already exists`);
-    console.log('   Use --force to overwrite\n');
-    process.exit(1);
-  }
-  // Create instrumentation file
-  try {
-    const template = useTypeScript ? templates.typescript : templates.javascript;
-    // Ensure src directory exists if needed
-    if (useSrc) {
-      fs.mkdirSync(path.join(cwd, 'src'), { recursive: true });
+function showHelp(commandName) {
+  if (commandName && COMMANDS[commandName]) {
+    const cmd = COMMANDS[commandName];
+    showBanner();
+    console.log(`  ${ui.c.bold(commandName)} — ${cmd.desc}`);
+    console.log('');
+    if (cmd.usage) {
+      console.log(`  ${ui.c.bold('USAGE')}`);
+      console.log(`    ${cmd.usage}`);
+      console.log('');
     }
-    fs.writeFileSync(filePath, template, 'utf8');
-    console.log(`✅ Created ${useSrc ? 'src/' : ''}${fileName}`);
-  } catch (error) {
-    console.error(`❌ Failed to create instrumentation file: ${error.message}\n`);
-    process.exit(1);
-  }
-  // Create .env.local if it doesn't exist
-  const envPath = path.join(cwd, '.env.local');
-  if (!fs.existsSync(envPath) || flags.force) {
-    try {
-      fs.writeFileSync(envPath, templates.env, 'utf8');
-      console.log('✅ Created .env.local template');
-    } catch (error) {
-      console.warn(`⚠️  Could not create .env.local: ${error.message}`);
+    if (cmd.sub) {
+      console.log(`  ${ui.c.bold('SUBCOMMANDS')}`);
+      const entries = Object.entries(cmd.sub);
+      const maxLen = entries.reduce((m, [k]) => Math.max(m, k.length), 0);
+      for (const [name, sub] of entries) {
+        console.log(`    ${ui.c.cyan(name.padEnd(maxLen + 2))} ${sub.desc}`);
+      }
+      console.log('');
     }
-  } else {
-    console.log('ℹ️  .env.local already exists (skipped)');
+    if (cmd.flags) {
+      console.log(`  ${ui.c.bold('FLAGS')}`);
+      for (const [flag, desc] of Object.entries(cmd.flags)) {
+        console.log(`    --${ui.c.cyan(flag.padEnd(16))} ${desc}`);
+      }
+      console.log('');
+    }
+    console.log(`  ${ui.c.bold('GLOBAL FLAGS')}`);
+    console.log(`    --${ui.c.cyan('json'.padEnd(16))} Output as JSON`);
+    console.log(`    --${ui.c.cyan('help'.padEnd(16))} Show help`);
+    console.log('');
+    return;
   }
-  // Success message
-  console.log('\n┌─────────────────────────────────────────────────┐');
-  console.log('│  🎉 Setup Complete!                             │');
-  console.log('│                                                 │');
-  console.log('│  Next steps:                                    │');
-  console.log('│                                                 │');
-  console.log('│  1. Edit .env.local and configure:             │');
-  console.log('│     SECURENOW_APPID=your-app-name              │');
-  console.log('│     SECURENOW_INSTANCE=http://your-otlp-backend:4318 │');
-  console.log('│                                                 │');
-  console.log('│  2. Start your Next.js app: npm run dev        │');
-  console.log('│                                                 │');
-  console.log('│  3. Check SecureNow dashboard for traces!      │');
-  console.log('│                                                 │');
-  console.log('│  📚 Documentation:                              │');
-  console.log('│     node_modules/securenow/NEXTJS-GUIDE.md     │');
-  console.log('└─────────────────────────────────────────────────┘\n');
-}
-function helpCommand() {
-  console.log(`
-SecureNow CLI - OpenTelemetry instrumentation for Next.js
-USAGE:
-  npx securenow <command> [options]
-COMMANDS:
-  init        Initialize SecureNow in your Next.js project
-  help        Show this help message
-  version     Show package version
-OPTIONS:
-  --typescript, --ts    Force TypeScript (creates instrumentation.ts)
-  --javascript, --js    Force JavaScript (creates instrumentation.js)
-  --src                 Create file in src/ folder
-  --root                Create file in project root
-  --force, -f           Overwrite existing files
-EXAMPLES:
-  # Auto-detect and setup
-  npx securenow init
-  # Force TypeScript in src folder
-  npx securenow init --typescript --src
-  # Force JavaScript in root
-  npx securenow init --javascript --root
-  # Overwrite existing files
-  npx securenow init --force
+  showBanner();
+  const groups = {
+    'Authentication': ['login', 'logout', 'whoami'],
+    'Applications': ['apps', 'init', 'status'],
+    'Observe': ['traces', 'logs', 'analytics'],
+    'Detect & Respond': ['issues', 'notifications', 'alerts'],
+    'Investigate': ['ip', 'forensics', 'api-map'],
+    'Remediation': ['blocklist', 'trusted'],
+    'Settings': ['instances', 'config', 'version'],
+  };
+  for (const [group, cmds] of Object.entries(groups)) {
+    console.log(`  ${ui.c.bold(group)}`);
+    for (const name of cmds) {
+      const cmd = COMMANDS[name];
+      if (cmd) {
+        console.log(`    ${ui.c.cyan(name.padEnd(18))} ${cmd.desc}`);
+      }
+    }
+    console.log('');
+  }
-DOCUMENTATION:
-  Quick Start: node_modules/securenow/NEXTJS-QUICKSTART.md
-  Full Guide:  node_modules/securenow/NEXTJS-GUIDE.md
-  Examples:    node_modules/securenow/examples/
-`);
+  console.log(`  ${ui.c.bold('GLOBAL FLAGS')}`);
+  console.log(`    --${ui.c.cyan('json'.padEnd(16))} Output as JSON`);
+  console.log(`    --${ui.c.cyan('help'.padEnd(16))} Show help for a command`);
+  console.log('');
+  console.log(`  ${ui.c.dim('Run')} securenow help <command> ${ui.c.dim('for detailed usage')}`);
+  console.log('');
 }
-function versionCommand() {
-  try {
-    const packageJson = require('./package.json');
-    console.log(`securenow v${packageJson.version}`);
-  } catch (error) {
-    console.log('securenow (version unknown)');
-  }
-}
+// ── Main Router ──
-// Utility functions
-function parseFlags(args) {
-  const flags = {};
-  for (let i = 0; i < args.length; i++) {
-    const arg = args[i];
-    if (arg === '--typescript' || arg === '--ts') {
-      flags.typescript = true;
-    } else if (arg === '--javascript' || arg === '--js') {
-      flags.javascript = true;
-    } else if (arg === '--src') {
-      flags.src = true;
-    } else if (arg === '--root') {
-      flags.root = true;
-    } else if (arg === '--force' || arg === '-f') {
-      flags.force = true;
-    }
-  }
-  return flags;
-}
+async function main() {
+  const { positional, flags } = parseArgs(process.argv.slice(2));
+  const cmdName = positional[0] || 'help';
-function isNextJsProject(dir) {
-  try {
-    const packageJsonPath = path.join(dir, 'package.json');
-    if (!fs.existsSync(packageJsonPath)) return false;
-    const packageJson = JSON.parse(fs.readFileSync(packageJsonPath, 'utf8'));
-    const deps = { ...packageJson.dependencies, ...packageJson.devDependencies };
-    return !!deps.next;
-  } catch (error) {
-    return false;
+  if (cmdName === 'help' || flags.help) {
+    showHelp(flags.help === true ? positional[0] : flags.help || positional[1] || (cmdName !== 'help' ? cmdName : null));
+    return;
   }
-}
-// Main
-function main() {
-  const args = process.argv.slice(2);
-  const command = args[0] || 'help';
-  const commandFn = commands[command];
-  if (!commandFn) {
-    console.error(`Unknown command: ${command}`);
-    console.log('Run "npx securenow help" for usage\n');
+  const cmd = COMMANDS[cmdName];
+  if (!cmd) {
+    ui.error(`Unknown command: ${cmdName}`);
+    ui.info('Run `securenow help` for a list of commands.');
     process.exit(1);
   }
-  commandFn(args.slice(1));
-}
-if (require.main === module) {
-  main();
-}
-module.exports = { main };
+  if (cmd.run && !cmd.sub) {
+    await cmd.run(positional.slice(1), flags);
+    return;
+  }
+  if (cmd.sub) {
+    let subName = positional[1];
+    let subArgs = positional.slice(2);
+    if (subName && cmd.sub[subName]) {
+      if (flags.help) {
+        showHelp(cmdName);
+        return;
+      }
+      await cmd.sub[subName].run(subArgs, flags);
+      return;
+    }
+    if (cmd.defaultAction) {
+      const allArgs = subName ? [subName, ...subArgs] : [];
+      await cmd.defaultAction(allArgs, flags);
+      return;
+    }
+    if (cmd.defaultSub) {
+      const allArgs = subName ? [subName, ...subArgs] : [];
+      await cmd.sub[cmd.defaultSub].run(allArgs, flags);
+      return;
+    }
+    showHelp(cmdName);
+    return;
+  }
+  if (cmd.run) {
+    await cmd.run(positional.slice(1), flags);
+  }
+}
+main().catch((err) => {
+  if (err.name === 'CLIError') {
+    ui.error(err.message);
+  } else {
+    ui.error(err.message || 'An unexpected error occurred');
+    if (process.env.SECURENOW_DEBUG) {
+      console.error(err.stack);
+    }
+  }
+  process.exit(1);
+});