npm - securenow - Versions diffs - 5.3.0 → 5.3.2 - Mend

securenow 5.3.0 → 5.3.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (8) hide show

package/NPM_README.md CHANGED Viewed

@@ -16,6 +16,7 @@ OpenTelemetry instrumentation library for Node.js applications. Send distributed
 - [Installation](#installation)
 - [Quick Start](#quick-start)
+- [CLI — Command Line Interface](#cli--command-line-interface)
 - [Framework-Specific Setup](#framework-specific-setup)
   - [Express.js](#expressjs)
   - [Next.js](#nextjs)
@@ -96,6 +97,286 @@ You'll see confirmation in the console:
 ---
+## CLI — Command Line Interface
+The `securenow` CLI gives you full access to the SecureNow platform from the terminal — no browser required for day-to-day workflows. Zero additional dependencies.
+### Getting Started
+```bash
+# Log in (opens browser for OAuth)
+npx securenow login
+# Or use a token for CI/headless environments
+npx securenow login --token <YOUR_JWT>
+# Check who you're logged in as
+npx securenow whoami
+```
+### Managing Applications
+```bash
+# List all applications
+npx securenow apps
+# Create a new application
+npx securenow apps create my-production-app --hosts api.example.com,app.example.com
+# Get application details (including the app key)
+npx securenow apps info <app-id>
+# Set a default app so you don't need --app on every command
+npx securenow apps default <app-key>
+# Delete an application
+npx securenow apps delete <app-id> --force
+```
+### Viewing Traces
+```bash
+# List recent traces (uses default app, or specify --app)
+npx securenow traces
+npx securenow traces --app <key> --limit 50
+# Show detailed spans for a trace
+npx securenow traces show <traceId>
+# AI-powered security analysis of a trace
+npx securenow traces analyze <traceId>
+```
+### Viewing Logs
+```bash
+# List recent logs
+npx securenow logs
+npx securenow logs --app <key> --minutes 30 --level error
+# Show logs for a specific trace
+npx securenow logs trace <traceId>
+```
+### Security Issues
+```bash
+# List all issues
+npx securenow issues
+npx securenow issues --status open
+# Show issue details with AI analysis
+npx securenow issues show <issue-id>
+# Resolve an issue
+npx securenow issues resolve <issue-id>
+```
+### Notifications
+```bash
+# List notifications
+npx securenow notifications
+# Check unread count
+npx securenow notifications unread
+# Mark as read
+npx securenow notifications read <id>
+npx securenow notifications read-all
+```
+### Alerting
+```bash
+# View alert rules, channels, and history
+npx securenow alerts rules
+npx securenow alerts channels
+npx securenow alerts history --limit 20
+```
+### IP Intelligence & Blocklist
+```bash
+# Look up any IP — geo, abuse score, verdict, risk factors
+npx securenow ip 203.0.113.42
+# Show traces from a specific IP
+npx securenow ip traces 203.0.113.42
+# Manage the blocklist
+npx securenow blocklist
+npx securenow blocklist add 203.0.113.42 --reason "Brute force scanner"
+npx securenow blocklist remove <id>
+npx securenow blocklist stats
+# Manage trusted IPs
+npx securenow trusted
+npx securenow trusted add 10.0.0.1 --label "Office VPN"
+npx securenow trusted remove <id>
+```
+### Forensic Queries
+Ask questions in plain English — the AI translates them to SQL and runs them against your data.
+```bash
+# Run a forensic query
+npx securenow forensics "show top 10 attacking IPs in the last hour"
+npx securenow forensics "which endpoints had 5xx errors today"
+# Browse the saved query library
+npx securenow forensics library
+```
+### API Map
+```bash
+# View all discovered API endpoints
+npx securenow api-map
+# API map statistics
+npx securenow api-map stats
+```
+### Analytics & Dashboard
+```bash
+# Response code analytics
+npx securenow analytics --app <key>
+# Full dashboard overview (apps, protection status, unread alerts)
+npx securenow status
+```
+### Instances
+```bash
+# List ClickHouse instances
+npx securenow instances
+# Test an instance connection
+npx securenow instances test <id>
+```
+### Configuration
+```bash
+# View all config
+npx securenow config get
+# Set values
+npx securenow config set apiUrl https://custom-api.example.com
+npx securenow config set defaultApp <app-key>
+npx securenow config set format json
+# Show config file paths
+npx securenow config path
+```
+Config files are stored in `~/.securenow/`:
+| File | Description |
+|------|-------------|
+| `config.json` | API URL, default app, output format |
+| `credentials.json` | Auth token (file permissions: 0600) |
+### Initialize Instrumentation
+```bash
+# Interactive setup — creates instrumentation files for Next.js
+npx securenow init
+npx securenow init --ts --src --force
+```
+### Global Flags
+Every command supports these flags:
+| Flag | Short | Description |
+|------|-------|-------------|
+| `--json` | `-j` | Output as JSON for scripting and CI/CD |
+| `--help` | | Show help for the command |
+| `--app <key>` | | Override the default application key |
+### Environment Variables
+| Variable | Description |
+|----------|-------------|
+| `SECURENOW_API_URL` | Override the API base URL |
+| `SECURENOW_DEBUG` | Show stack traces on errors |
+| `NO_COLOR` | Disable colored output |
+### CI/CD Integration
+```bash
+# Authenticate with a token in CI
+npx securenow login --token $SECURENOW_TOKEN
+# Use --json for machine-readable output
+npx securenow issues --json | jq '.[] | select(.severity == "critical")'
+# Check for critical issues in a pipeline
+ISSUES=$(npx securenow issues --json --status open)
+CRITICAL=$(echo "$ISSUES" | jq '[.[] | select(.severity == "critical")] | length')
+if [ "$CRITICAL" -gt "0" ]; then
+  echo "Found $CRITICAL critical issues!"
+  exit 1
+fi
+```
+### Complete Command Reference
+| Category | Command | Description |
+|----------|---------|-------------|
+| **Auth** | `login` | Authenticate via browser or `--token` |
+| | `logout` | Clear credentials |
+| | `whoami` | Show session info |
+| **Apps** | `apps` | List applications |
+| | `apps create <name>` | Create application |
+| | `apps info <id>` | Application details |
+| | `apps delete <id>` | Delete application |
+| | `apps default <key>` | Set default app |
+| **Observe** | `traces` | List traces |
+| | `traces show <id>` | Trace details |
+| | `traces analyze <id>` | AI trace analysis |
+| | `logs` | List logs |
+| | `logs trace <id>` | Logs for a trace |
+| | `analytics` | Response analytics |
+| | `status` | Dashboard overview |
+| **Detect** | `issues` | List issues |
+| | `issues show <id>` | Issue details |
+| | `issues resolve <id>` | Resolve issue |
+| | `notifications` | List notifications |
+| | `notifications unread` | Unread count |
+| | `notifications read <id>` | Mark read |
+| | `notifications read-all` | Mark all read |
+| | `alerts rules` | Alert rules |
+| | `alerts channels` | Alert channels |
+| | `alerts history` | Alert history |
+| **Investigate** | `ip <addr>` | IP intelligence |
+| | `ip traces <addr>` | Traces from IP |
+| | `forensics "<query>"` | NL forensic query |
+| | `forensics library` | Saved queries |
+| | `api-map` | API endpoints |
+| | `api-map stats` | API stats |
+| **Remediate** | `blocklist` | Blocked IPs |
+| | `blocklist add <ip>` | Block IP |
+| | `blocklist remove <id>` | Unblock IP |
+| | `blocklist stats` | Block stats |
+| | `trusted` | Trusted IPs |
+| | `trusted add <ip>` | Add trusted IP |
+| | `trusted remove <id>` | Remove trusted |
+| **Settings** | `instances` | List instances |
+| | `instances test <id>` | Test connection |
+| | `config get` | Show config |
+| | `config set <k> <v>` | Set config value |
+| | `config path` | Config file paths |
+| | `init` | Setup instrumentation |
+| | `version` | Show version |
+---
 ## Framework-Specific Setup
 ### Express.js

package/README.md CHANGED Viewed

@@ -36,7 +36,37 @@ SECURENOW_INSTANCE=http://your-otlp-collector:4318
 npx securenow init
 ```
-**Done!** 🎉 See [Next.js Complete Guide](./docs/NEXTJS-GUIDE.md) for details.
+**Done!** See [Next.js Complete Guide](./docs/NEXTJS-GUIDE.md) for details.
+---
+### CLI — Manage Everything from the Terminal
+```bash
+# Authenticate
+npx securenow login
+# Create an app and get the key
+npx securenow apps create my-app
+# Set it as default so you don't need --app every time
+npx securenow config set defaultApp <key>
+# View traces, logs, issues
+npx securenow traces
+npx securenow logs
+npx securenow issues
+# IP intelligence, forensic queries, blocklist
+npx securenow ip 1.2.3.4
+npx securenow forensics "show top attacking IPs in the last hour"
+npx securenow blocklist add 1.2.3.4 --reason "scanner"
+# Full dashboard overview
+npx securenow status
+```
+Run `npx securenow help` for all commands. See the [CLI Reference](#cli-reference) below.
 ---
@@ -173,7 +203,113 @@ SecureNow automatically instruments:
 ---
-## 🆘 Support
+## CLI Reference
+After installing the package, the `securenow` CLI is available via `npx securenow` or globally after `npm install -g securenow`.
+### Authentication
+| Command | Description |
+|---------|-------------|
+| `securenow login` | Log in via browser (opens OAuth flow) |
+| `securenow login --token <TOKEN>` | Log in with a token (for CI/headless) |
+| `securenow logout` | Clear stored credentials |
+| `securenow whoami` | Show current session info |
+### Applications
+| Command | Description |
+|---------|-------------|
+| `securenow apps` | List all applications |
+| `securenow apps create <name>` | Create app and get the app key |
+| `securenow apps info <id>` | Show application details |
+| `securenow apps delete <id>` | Delete an application |
+| `securenow apps default <key>` | Set default app for all commands |
+### Observability
+| Command | Description |
+|---------|-------------|
+| `securenow traces --app <key>` | List recent traces |
+| `securenow traces show <traceId>` | Show trace spans |
+| `securenow traces analyze <traceId>` | AI security analysis of a trace |
+| `securenow logs --app <key>` | View logs (with `--minutes`, `--level`) |
+| `securenow logs trace <traceId>` | View logs for a specific trace |
+| `securenow analytics` | Response code analytics overview |
+| `securenow status` | Full dashboard summary |
+### Detect & Respond
+| Command | Description |
+|---------|-------------|
+| `securenow issues` | List security issues |
+| `securenow issues show <id>` | Show issue details and AI analysis |
+| `securenow issues resolve <id>` | Mark an issue as resolved |
+| `securenow notifications` | List notifications |
+| `securenow notifications unread` | Show unread count |
+| `securenow notifications read <id>` | Mark notification as read |
+| `securenow notifications read-all` | Mark all as read |
+| `securenow alerts rules` | List alert rules |
+| `securenow alerts channels` | List alert channels |
+| `securenow alerts history` | View alert history |
+### Investigate
+| Command | Description |
+|---------|-------------|
+| `securenow ip <address>` | IP intelligence lookup (geo, abuse score, verdict) |
+| `securenow ip traces <address>` | Show traces originating from an IP |
+| `securenow forensics "<query>"` | Natural language forensic query (NL to SQL) |
+| `securenow forensics library` | View saved query library |
+| `securenow api-map` | View discovered API endpoints |
+| `securenow api-map stats` | API map statistics |
+### Remediation
+| Command | Description |
+|---------|-------------|
+| `securenow blocklist` | List blocked IPs |
+| `securenow blocklist add <ip>` | Block an IP (`--reason <reason>`) |
+| `securenow blocklist remove <id>` | Remove from blocklist |
+| `securenow blocklist stats` | Blocklist statistics |
+| `securenow trusted` | List trusted IPs |
+| `securenow trusted add <ip>` | Add trusted IP (`--label <label>`) |
+| `securenow trusted remove <id>` | Remove trusted IP |
+### Settings
+| Command | Description |
+|---------|-------------|
+| `securenow instances` | List ClickHouse instances |
+| `securenow instances test <id>` | Test instance connection |
+| `securenow config get` | Show all config values |
+| `securenow config set <key> <value>` | Set a config value |
+| `securenow config path` | Show config file locations |
+| `securenow init` | Initialize instrumentation files |
+| `securenow version` | Show CLI version |
+### Global Flags
+| Flag | Description |
+|------|-------------|
+| `--json` | Output as JSON (works on every command) |
+| `--help` | Show help for any command |
+| `--app <key>` | Specify app key (or set default with `config set defaultApp`) |
+### Configuration
+Credentials and settings are stored in `~/.securenow/`:
+| File | Purpose |
+|------|---------|
+| `~/.securenow/config.json` | API URL, default app, preferences |
+| `~/.securenow/credentials.json` | Auth token (restricted permissions) |
+Override the API URL with `securenow config set apiUrl <url>` or the `SECURENOW_API_URL` environment variable.
+---
+## Support
 - **Website:** [securenow.ai](http://securenow.ai/)
 - **Issues:** Report bugs and request features
@@ -181,6 +317,6 @@ SecureNow automatically instruments:
 ---
-## 📄 License
+## License
 ISC

package/cli/apps.js CHANGED Viewed

@@ -9,7 +9,8 @@ async function list(args, flags) {
   const s = ui.spinner('Fetching applications');
   try {
-    const apps = await api.get('/applications');
+    const data = await api.get('/applications');
+    const apps = data.applications || [];
     s.stop(`Found ${apps.length} application${apps.length !== 1 ? 's' : ''}`);
     console.log('');
@@ -101,7 +102,8 @@ async function info(args, flags) {
   const s = ui.spinner('Fetching application details');
   try {
-    const app = await api.get(`/applications/${id}`);
+    const data = await api.get(`/applications/${id}`);
+    const app = data.application || data;
     s.stop('Application details loaded');
     if (flags.json) {

package/cli/client.js CHANGED Viewed

@@ -60,7 +60,9 @@ function request(method, endpoint, { body, query, token, raw } = {}) {
         }
         if (res.statusCode >= 400) {
           const msg = parsed?.error || parsed?.message || `Request failed (HTTP ${res.statusCode})`;
-          reject(new CLIError(msg, res.statusCode));
+          const details = parsed?.details || parsed?.unauthorizedKeys;
+          const err = new CLIError(details ? `${msg} — ${details}` : msg, res.statusCode);
+          reject(err);
           return;
         }

package/cli/monitor.js CHANGED Viewed

@@ -21,14 +21,14 @@ async function tracesList(args, flags) {
   const s = ui.spinner('Fetching traces');
   try {
     const query = {
-      serviceName: appKey,
+      appKeys: appKey,
       limit: flags.limit || 20,
     };
-    if (flags.start) query.start = flags.start;
-    if (flags.end) query.end = flags.end;
+    if (flags.start) query.from = flags.start;
+    if (flags.end) query.to = flags.end;
-    const data = await api.get('/traces/recent', { query });
-    const traces = Array.isArray(data) ? data : data.traces || [];
+    const data = await api.get('/traces', { query });
+    const traces = data.traces || [];
     s.stop(`Found ${traces.length} trace${traces.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(traces); return; }
@@ -37,7 +37,7 @@ async function tracesList(args, flags) {
     const rows = traces.map(t => [
       ui.c.dim(ui.truncate(t.traceID || t.traceId || t._id, 16)),
       t.operationName || t.name || t.serviceName || '—',
-      ui.httpStatusColor(t.statusCode || t.httpStatusCode || '—'),
+      ui.httpStatusColor(t.statusCode || t.httpStatusCode || t.responseStatusCode || '—'),
       ui.durationColor(t.durationNano ? t.durationNano / 1e6 : t.duration),
       t.httpMethod || t.method || '—',
       ui.truncate(t.httpUrl || t.url || t.httpRoute || '', 40),
@@ -62,37 +62,31 @@ async function tracesShow(args, flags) {
   const s = ui.spinner('Fetching trace details');
   try {
-    const data = await api.get(`/traces/${traceId}`);
+    const appKey = resolveApp(flags);
+    const traceQuery = appKey ? { appKeys: appKey } : {};
+    const data = await api.get(`/traces/${traceId}`, { query: traceQuery });
     s.stop('Trace loaded');
     if (flags.json) { ui.json(data); return; }
-    const trace = data.trace || data;
-    console.log('');
-    ui.heading(`Trace ${traceId}`);
+    const spans = data.spans || [];
     console.log('');
+    ui.heading(`Trace ${data.traceId || traceId}`);
-    if (trace.spans && trace.spans.length) {
-      ui.subheading(`Spans (${trace.spans.length})`);
+    if (spans.length) {
+      ui.subheading(`Spans (${spans.length})`);
       console.log('');
-      const rows = trace.spans.map(span => [
+      const rows = spans.map(span => [
         ui.c.dim(ui.truncate(span.spanID || span.spanId, 16)),
         span.operationName || span.name || '—',
-        ui.httpStatusColor(span.statusCode || '—'),
+        ui.httpStatusColor(span.statusCode || span.responseStatusCode || '—'),
         ui.durationColor(span.durationNano ? span.durationNano / 1e6 : span.duration),
         span.kind || '—',
       ]);
       ui.table(['Span ID', 'Operation', 'Status', 'Duration', 'Kind'], rows);
-    }
-    if (trace.rootSpan || trace.serviceName) {
+    } else {
       console.log('');
-      ui.keyValue([
-        ['Service', trace.serviceName || '—'],
-        ['Root Operation', trace.rootOperationName || trace.rootSpan?.operationName || '—'],
-        ['Duration', trace.durationMs ? `${trace.durationMs}ms` : '—'],
-        ['Timestamp', trace.startTime ? new Date(trace.startTime).toLocaleString() : '—'],
-      ]);
+      ui.info('No spans found for this trace.');
     }
     console.log('');
   } catch (err) {
@@ -116,11 +110,39 @@ async function tracesAnalyze(args, flags) {
     if (flags.json) { ui.json(result); return; }
+    const analysis = result.analysis;
     console.log('');
     ui.heading('AI Trace Analysis');
     console.log('');
-    console.log(result.analysis || result.message || JSON.stringify(result, null, 2));
-    console.log('');
+    if (typeof analysis === 'object' && analysis !== null) {
+      if (analysis.summary) {
+        ui.subheading('Summary');
+        console.log(`\n  ${analysis.summary}\n`);
+      }
+      if (analysis.riskLevel) {
+        console.log(`  ${ui.c.bold('Risk Level:')} ${ui.statusBadge(analysis.riskLevel)}\n`);
+      }
+      if (analysis.securityIssues?.length) {
+        ui.subheading('Security Issues');
+        console.log('');
+        analysis.securityIssues.forEach((issue, i) => {
+          console.log(`  ${i + 1}. ${typeof issue === 'string' ? issue : issue.description || JSON.stringify(issue)}`);
+        });
+        console.log('');
+      }
+      if (analysis.recommendations?.length) {
+        ui.subheading('Recommendations');
+        console.log('');
+        analysis.recommendations.forEach((rec, i) => {
+          console.log(`  ${i + 1}. ${typeof rec === 'string' ? rec : rec.description || JSON.stringify(rec)}`);
+        });
+        console.log('');
+      }
+    } else {
+      console.log(analysis || JSON.stringify(result, null, 2));
+      console.log('');
+    }
   } catch (err) {
     s.fail('Analysis failed');
     throw err;
@@ -142,15 +164,15 @@ async function logsList(args, flags) {
     const minutes = parseInt(flags.minutes || '60', 10);
     const now = Date.now();
     const query = {
-      serviceName: appKey,
+      appKeys: appKey,
       limit: flags.limit || 50,
-      start: flags.start || new Date(now - minutes * 60 * 1000).toISOString(),
-      end: flags.end || new Date(now).toISOString(),
+      from: flags.start || new Date(now - minutes * 60 * 1000).toISOString(),
+      to: flags.end || new Date(now).toISOString(),
     };
-    if (flags.level) query.level = flags.level;
+    if (flags.level) query.severity = flags.level;
     const data = await api.get('/logs', { query });
-    const logs = Array.isArray(data) ? data : data.logs || [];
+    const logs = data.logs || [];
     s.stop(`Found ${logs.length} log${logs.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(logs); return; }
@@ -190,7 +212,7 @@ async function logsTrace(args, flags) {
   const s = ui.spinner('Fetching logs for trace');
   try {
     const data = await api.get(`/logs/trace/${traceId}`);
-    const logs = Array.isArray(data) ? data : data.logs || [];
+    const logs = data.logs || [];
     s.stop(`Found ${logs.length} log${logs.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(logs); return; }
@@ -225,10 +247,10 @@ async function issuesList(args, flags) {
     if (flags.status) query.status = flags.status;
     const data = await api.get('/issues', { query });
-    const issues = Array.isArray(data) ? data : data.issues || [];
+    const issues = data.issues || [];
     s.stop(`Found ${issues.length} issue${issues.length !== 1 ? 's' : ''}`);
-    if (flags.json) { ui.json(issues); return; }
+    if (flags.json) { ui.json(data); return; }
     console.log('');
     const rows = issues.map(i => [
@@ -242,6 +264,9 @@ async function issuesList(args, flags) {
     ]);
     ui.table(['ID', 'Severity', 'Status', 'Title', 'App', 'Count', 'Last Seen'], rows);
+    if (data.total != null) {
+      console.log(ui.c.dim(`  Total: ${data.total}`));
+    }
     console.log('');
   } catch (err) {
     s.fail('Failed to fetch issues');
@@ -259,7 +284,8 @@ async function issuesShow(args, flags) {
   const s = ui.spinner('Fetching issue');
   try {
-    const issue = await api.get(`/issues/${id}`);
+    const data = await api.get(`/issues/${id}`);
+    const issue = data.issue || data;
     s.stop('Issue loaded');
     if (flags.json) { ui.json(issue); return; }
@@ -320,8 +346,9 @@ async function notificationsList(args, flags) {
   try {
     const query = { limit: flags.limit || 20, page: flags.page || 1 };
     const data = await api.get('/notifications', { query });
-    const notifications = Array.isArray(data) ? data : data.notifications || data.data || [];
-    s.stop(`Found ${notifications.length} notification${notifications.length !== 1 ? 's' : ''}`);
+    const notifications = data.notifications || [];
+    const pagination = data.pagination;
+    s.stop(`Found ${notifications.length} notification${notifications.length !== 1 ? 's' : ''}${pagination ? ` (page ${pagination.page}/${pagination.totalPages})` : ''}`);
     if (flags.json) { ui.json(data); return; }
@@ -353,7 +380,7 @@ async function notificationsRead(args, flags) {
   const s = ui.spinner('Marking as read');
   try {
-    await api.put(`/notifications/${id}`, { read: true });
+    await api.put(`/notifications/${id}/read`);
     s.stop('Notification marked as read');
   } catch (err) {
     s.fail('Failed to mark notification');
@@ -377,7 +404,7 @@ async function notificationsUnread() {
   requireAuth();
   try {
     const data = await api.get('/notifications/unread-count');
-    const count = data.count ?? data.unreadCount ?? data;
+    const count = data.count ?? 0;
     console.log(`\n  ${ui.c.bold(String(count))} unread notification${count !== 1 ? 's' : ''}\n`);
   } catch (err) {
     throw err;
@@ -390,11 +417,12 @@ async function status(args, flags) {
   requireAuth();
   const s = ui.spinner('Fetching dashboard overview');
   try {
-    const [apps, unread] = await Promise.all([
+    const [appsData, unreadData] = await Promise.all([
       api.get('/applications'),
       api.get('/notifications/unread-count').catch(() => ({ count: 0 })),
     ]);
+    const apps = appsData.applications || [];
     s.stop('Dashboard loaded');
     console.log('');
@@ -403,7 +431,7 @@ async function status(args, flags) {
     ui.keyValue([
       ['Applications', String(apps.length)],
-      ['Unread Alerts', String(unread.count ?? unread.unreadCount ?? 0)],
+      ['Unread Alerts', String(unreadData.count ?? 0)],
     ]);
     if (apps.length > 0) {
@@ -420,16 +448,18 @@ async function status(args, flags) {
     const appKey = resolveApp(flags);
     if (appKey) {
       try {
-        const protectionData = await api.get('/applications/protection-status', { query: { serviceName: appKey } });
-        if (protectionData) {
-          ui.subheading(`Protection Status (${appKey})`);
+        const protectionData = await api.get('/applications/protection-status');
+        const statuses = protectionData.statuses;
+        if (statuses && Object.keys(statuses).length > 0) {
+          ui.subheading('Protection Status');
           console.log('');
-          const status = protectionData.status || protectionData;
-          if (typeof status === 'object') {
-            ui.keyValue(Object.entries(status).map(([k, v]) => [k, String(v)]));
-          } else {
-            console.log(`  ${status}`);
-          }
+          const rows = Object.entries(statuses).map(([id, s]) => [
+            ui.c.dim(ui.truncate(id, 12)),
+            s.protected ? ui.c.green('● protected') : ui.c.red('○ unprotected'),
+            String(s.traceCount || 0),
+            s.lastTrace ? ui.timeAgo(s.lastTrace) : ui.c.dim('—'),
+          ]);
+          ui.table(['App ID', 'Status', 'Traces (15m)', 'Last Trace'], rows);
         }
       } catch {}
     }

package/cli/security.js CHANGED Viewed

@@ -15,7 +15,7 @@ async function alertRulesList(args, flags) {
   const s = ui.spinner('Fetching alert rules');
   try {
     const data = await api.get('/alert-rules');
-    const rules = Array.isArray(data) ? data : data.rules || [];
+    const rules = data.alertRules || [];
     s.stop(`Found ${rules.length} rule${rules.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(rules); return; }
@@ -44,7 +44,7 @@ async function alertChannelsList(args, flags) {
   const s = ui.spinner('Fetching alert channels');
   try {
     const data = await api.get('/alert-channels');
-    const channels = Array.isArray(data) ? data : data.channels || [];
+    const channels = data.alertChannels || [];
     s.stop(`Found ${channels.length} channel${channels.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(channels); return; }
@@ -73,10 +73,10 @@ async function alertHistoryList(args, flags) {
   try {
     const query = { limit: flags.limit || 20 };
     const data = await api.get('/alert-history', { query });
-    const history = Array.isArray(data) ? data : data.alerts || data.history || [];
-    s.stop(`Found ${history.length} alert${history.length !== 1 ? 's' : ''}`);
+    const history = data.alerts || [];
+    s.stop(`Found ${history.length} alert${history.length !== 1 ? 's' : ''}${data.totalItems ? ` (${data.totalItems} total)` : ''}`);
-    if (flags.json) { ui.json(history); return; }
+    if (flags.json) { ui.json(data); return; }
     console.log('');
     const rows = history.map(h => [
@@ -102,10 +102,10 @@ async function blocklistList(args, flags) {
   const s = ui.spinner('Fetching blocklist');
   try {
     const data = await api.get('/blocklist');
-    const items = Array.isArray(data) ? data : data.blocklist || data.items || [];
-    s.stop(`Found ${items.length} blocked IP${items.length !== 1 ? 's' : ''}`);
+    const items = data.blockedIps || [];
+    s.stop(`Found ${items.length} blocked IP${items.length !== 1 ? 's' : ''}${data.total ? ` (${data.total} total)` : ''}`);
-    if (flags.json) { ui.json(items); return; }
+    if (flags.json) { ui.json(data); return; }
     console.log('');
     const rows = items.map(b => [
@@ -174,7 +174,8 @@ async function blocklistStats(args, flags) {
   requireAuth();
   const s = ui.spinner('Fetching blocklist stats');
   try {
-    const stats = await api.get('/blocklist/stats');
+    const data = await api.get('/blocklist/stats');
+    const stats = data.stats || data;
     s.stop('Stats loaded');
     if (flags.json) { ui.json(stats); return; }
@@ -182,8 +183,13 @@ async function blocklistStats(args, flags) {
     console.log('');
     ui.heading('Blocklist Statistics');
     console.log('');
-    const pairs = Object.entries(stats).map(([k, v]) => [k, String(v)]);
-    ui.keyValue(pairs);
+    ui.keyValue([
+      ['Total Active', String(stats.totalActive ?? '—')],
+      ['Total Removed', String(stats.totalRemoved ?? '—')],
+      ['Manual Blocks', String(stats.manualCount ?? '—')],
+      ['Automation Blocks', String(stats.automationCount ?? '—')],
+      ['Active Rules', String(stats.activeAutomationRules ?? '—')],
+    ]);
     console.log('');
   } catch (err) {
     s.fail('Failed to fetch stats');
@@ -198,7 +204,7 @@ async function trustedList(args, flags) {
   const s = ui.spinner('Fetching trusted IPs');
   try {
     const data = await api.get('/trusted-ips');
-    const items = Array.isArray(data) ? data : data.trustedIps || data.items || [];
+    const items = data.trustedIps || [];
     s.stop(`Found ${items.length} trusted IP${items.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(items); return; }
@@ -278,17 +284,40 @@ async function forensicsQuery(args, flags) {
     const body = { query };
     if (flags.instance) body.instanceId = flags.instance;
-    const job = await api.post('/forensics/jobs', body);
-    const jobId = job.jobId || job._id || job.id;
+    const job = await api.post('/forensics/query', body);
+    const jobId = job.jobId;
+    if (!jobId) {
+      s.stop('Query complete');
+      if (flags.json) { ui.json(job); return; }
+      if (job.result) {
+        console.log('');
+        if (job.sqlquery) {
+          ui.subheading('Generated SQL');
+          console.log(`\n  ${ui.c.dim(job.sqlquery)}\n`);
+        }
+        const data = job.result;
+        if (Array.isArray(data) && data.length > 0) {
+          const headers = Object.keys(data[0]);
+          const rows = data.map(row => headers.map(h => String(row[h] ?? '')));
+          ui.table(headers, rows);
+        } else {
+          ui.json(data);
+        }
+        console.log('');
+      }
+      return;
+    }
     s.update('Processing query...');
     let result;
     const maxAttempts = 60;
     for (let i = 0; i < maxAttempts; i++) {
       await new Promise(r => setTimeout(r, 2000));
-      result = await api.get(`/forensics/jobs/${jobId}`);
+      result = await api.get(`/forensics/query/status/${jobId}`);
       if (result.status === 'completed' || result.status === 'failed') break;
-      s.update(`Processing query... (${i * 2}s)`);
+      s.update(`Processing query... (${(i + 1) * 2}s)`);
     }
     if (result.status === 'failed') {
@@ -308,14 +337,14 @@ async function forensicsQuery(args, flags) {
     if (flags.json) { ui.json(result); return; }
     console.log('');
-    if (result.sql) {
+    if (result.sqlquery) {
       ui.subheading('Generated SQL');
-      console.log(`\n  ${ui.c.dim(result.sql)}\n`);
+      console.log(`\n  ${ui.c.dim(result.sqlquery)}\n`);
     }
-    if (result.results || result.data) {
-      const data = result.results || result.data;
-      ui.subheading(`Results (${Array.isArray(data) ? data.length : '?'} rows)`);
+    if (result.result) {
+      const data = result.result;
+      ui.subheading(`Results (${result.rowCount ?? (Array.isArray(data) ? data.length : '?')} rows)`);
       console.log('');
       if (Array.isArray(data) && data.length > 0) {
@@ -326,11 +355,6 @@ async function forensicsQuery(args, flags) {
         ui.json(data);
       }
     }
-    if (result.explanation) {
-      ui.subheading('Explanation');
-      console.log(`\n  ${result.explanation}\n`);
-    }
     console.log('');
   } catch (err) {
     s.fail('Forensic query failed');
@@ -343,7 +367,7 @@ async function forensicsLibrary(args, flags) {
   const s = ui.spinner('Fetching query library');
   try {
     const data = await api.get('/forensics/query-library');
-    const queries = Array.isArray(data) ? data : data.queries || [];
+    const queries = data.data || [];
     s.stop(`Found ${queries.length} saved quer${queries.length !== 1 ? 'ies' : 'y'}`);
     if (flags.json) { ui.json(queries); return; }
@@ -381,46 +405,42 @@ async function ipLookup(args, flags) {
     if (flags.json) { ui.json(data); return; }
     console.log('');
-    ui.heading(`IP Intelligence: ${ip}`);
+    ui.heading(`IP Intelligence: ${data.ip || ip}`);
     console.log('');
-    const info = data.ipData || data.intel || data;
     const pairs = [];
-    if (info.country) pairs.push(['Country', info.country]);
-    if (info.city) pairs.push(['City', info.city]);
-    if (info.region) pairs.push(['Region', info.region]);
-    if (info.org || info.organization) pairs.push(['Organization', info.org || info.organization]);
-    if (info.isp) pairs.push(['ISP', info.isp]);
-    if (info.asn) pairs.push(['ASN', String(info.asn)]);
-    if (info.abuseScore != null) pairs.push(['Abuse Score', `${info.abuseScore}/100`]);
-    if (info.isVpn != null) pairs.push(['VPN', info.isVpn ? ui.c.yellow('Yes') : 'No']);
-    if (info.isTor != null) pairs.push(['Tor', info.isTor ? ui.c.red('Yes') : 'No']);
-    if (info.isProxy != null) pairs.push(['Proxy', info.isProxy ? ui.c.yellow('Yes') : 'No']);
-    if (info.isBot != null) pairs.push(['Bot', info.isBot ? ui.c.red('Yes') : 'No']);
-    if (info.isCrawler != null) pairs.push(['Crawler', info.isCrawler ? ui.c.yellow('Yes') : 'No']);
-    if (info.threatLevel) pairs.push(['Threat Level', ui.statusBadge(info.threatLevel)]);
-    if (info.riskLevel) pairs.push(['Risk Level', ui.statusBadge(info.riskLevel)]);
+    if (data.countryName || data.countryCode) pairs.push(['Country', `${data.countryName || ''} ${data.countryCode ? `(${data.countryCode})` : ''}`.trim()]);
+    if (data.domain) pairs.push(['Domain', data.domain]);
+    if (data.isp) pairs.push(['ISP', data.isp]);
+    if (data.usageType) pairs.push(['Usage Type', data.usageType]);
+    if (data.abuseConfidenceScore != null) pairs.push(['Abuse Score', `${data.abuseConfidenceScore}/100`]);
+    if (data.securenowScore != null) pairs.push(['SecureNow Score', String(data.securenowScore)]);
+    if (data.verdict) pairs.push(['Verdict', data.verdict]);
+    if (data.isMalicious != null) pairs.push(['Malicious', data.isMalicious ? ui.c.red('Yes') : ui.c.green('No')]);
+    if (data.isBot != null) pairs.push(['Bot', data.isBot ? ui.c.yellow('Yes') : 'No']);
+    if (data.activityType) pairs.push(['Activity', data.activityType]);
+    if (data.totalReports != null) pairs.push(['Total Reports', String(data.totalReports)]);
+    if (data.lastReportedAt) pairs.push(['Last Reported', new Date(data.lastReportedAt).toLocaleString()]);
     if (pairs.length) {
       ui.keyValue(pairs);
-    } else {
-      ui.keyValue(Object.entries(info).slice(0, 20).map(([k, v]) => [k, String(v)]));
     }
-    if (data.traces || data.recentActivity) {
-      const activity = data.traces || data.recentActivity;
-      if (Array.isArray(activity) && activity.length > 0) {
-        ui.subheading(`Recent Activity (${activity.length})`);
-        console.log('');
-        const rows = activity.slice(0, 10).map(a => [
-          a.method || '—',
-          ui.httpStatusColor(a.statusCode || '—'),
-          ui.truncate(a.url || a.path || '', 40),
-          ui.timeAgo(a.timestamp),
-        ]);
-        ui.table(['Method', 'Status', 'URL', 'Time'], rows);
-      }
+    if (data.riskFactors?.length) {
+      ui.subheading('Risk Factors');
+      console.log('');
+      data.riskFactors.forEach(f => console.log(`  • ${f}`));
+    }
+    if (data.attackTypes?.length) {
+      ui.subheading('Attack Types');
+      console.log('');
+      data.attackTypes.forEach(a => console.log(`  • ${a}`));
+    }
+    if (data.summary) {
+      ui.subheading('Summary');
+      console.log(`\n  ${data.summary}`);
     }
     console.log('');
   } catch (err) {
@@ -440,16 +460,16 @@ async function ipTraces(args, flags) {
   const s = ui.spinner(`Fetching traces for ${ip}`);
   try {
     const data = await api.get(`/ip/${ip}/traces`);
-    const traces = Array.isArray(data) ? data : data.traces || [];
+    const traces = data.traces || [];
     s.stop(`Found ${traces.length} trace${traces.length !== 1 ? 's' : ''}`);
-    if (flags.json) { ui.json(traces); return; }
+    if (flags.json) { ui.json(data); return; }
     console.log('');
     const rows = traces.map(t => [
       ui.c.dim(ui.truncate(t.traceID || t.traceId, 16)),
       t.httpMethod || t.method || '—',
-      ui.httpStatusColor(t.statusCode || t.httpStatusCode || '—'),
+      ui.httpStatusColor(t.statusCode || t.httpStatusCode || t.responseStatusCode || '—'),
       ui.truncate(t.httpUrl || t.url || '', 40),
       ui.durationColor(t.durationNano ? t.durationNano / 1e6 : t.duration),
       ui.timeAgo(t.timestamp),
@@ -469,22 +489,40 @@ async function apiMapList(args, flags) {
   const s = ui.spinner('Fetching API map');
   try {
     const data = await api.get('/api-map');
-    const endpoints = Array.isArray(data) ? data : data.endpoints || data.apiMap || [];
-    s.stop(`Found ${endpoints.length} endpoint${endpoints.length !== 1 ? 's' : ''}`);
+    const apiMap = data.apiMap;
+    s.stop('API map loaded');
     if (flags.json) { ui.json(data); return; }
+    if (!apiMap) {
+      console.log('');
+      ui.info(data.message || 'No API map discovered yet. Run discovery from the dashboard.');
+      console.log('');
+      return;
+    }
     console.log('');
-    const rows = endpoints.map(e => [
-      e.method || '—',
-      e.path || e.route || e.url || '—',
-      e.serviceName || e.app || '—',
-      e.requestCount != null ? String(e.requestCount) : '—',
-      e.avgDuration != null ? ui.durationColor(e.avgDuration) : '—',
-      e.errorRate != null ? (e.errorRate > 5 ? ui.c.red(`${e.errorRate}%`) : `${e.errorRate}%`) : '—',
-    ]);
-    ui.table(['Method', 'Path', 'App', 'Requests', 'Avg Duration', 'Error Rate'], rows);
-    console.log('');
+    if (apiMap.apps && typeof apiMap.apps === 'object') {
+      for (const [appName, appData] of Object.entries(apiMap.apps)) {
+        ui.subheading(appName);
+        console.log('');
+        const endpoints = appData.endpoints || [];
+        if (endpoints.length) {
+          const rows = endpoints.map(e => [
+            e.method || '—',
+            e.path || e.route || '—',
+            e.requestCount != null ? String(e.requestCount) : '—',
+            e.description || ui.c.dim('—'),
+          ]);
+          ui.table(['Method', 'Path', 'Requests', 'Description'], rows);
+        } else {
+          ui.info('No endpoints discovered for this app.');
+        }
+        console.log('');
+      }
+    } else {
+      ui.json(apiMap);
+    }
   } catch (err) {
     s.fail('Failed to fetch API map');
     throw err;
@@ -495,15 +533,30 @@ async function apiMapStats(args, flags) {
   requireAuth();
   const s = ui.spinner('Fetching API map stats');
   try {
-    const stats = await api.get('/api-map/stats');
+    const data = await api.get('/api-map/stats');
+    const stats = data.stats;
     s.stop('Stats loaded');
     if (flags.json) { ui.json(stats); return; }
+    if (!stats) {
+      console.log('');
+      ui.info('No API map stats available.');
+      console.log('');
+      return;
+    }
     console.log('');
     ui.heading('API Map Statistics');
     console.log('');
-    ui.keyValue(Object.entries(stats).map(([k, v]) => [k, String(v)]));
+    ui.keyValue([
+      ['Total Apps', String(stats.totalApps ?? '—')],
+      ['Total Endpoints', String(stats.totalEndpoints ?? '—')],
+      ['Total Requests', String(stats.totalRequests ?? '—')],
+      ['Discovery Status', stats.discoveryStatus || '—'],
+      ['Last Discovered', stats.lastDiscoveredAt ? new Date(stats.lastDiscoveredAt).toLocaleString() : '—'],
+      ['Version', String(stats.version ?? '—')],
+    ]);
     console.log('');
   } catch (err) {
     s.fail('Failed to fetch stats');
@@ -518,7 +571,7 @@ async function instancesList(args, flags) {
   const s = ui.spinner('Fetching instances');
   try {
     const data = await api.get('/instances');
-    const instances = Array.isArray(data) ? data : data.instances || [];
+    const instances = data.instances || [];
     s.stop(`Found ${instances.length} instance${instances.length !== 1 ? 's' : ''}`);
     if (flags.json) { ui.json(instances); return; }
@@ -529,10 +582,10 @@ async function instancesList(args, flags) {
       inst.name || inst.host || '—',
       inst.host || '—',
       inst.port != null ? String(inst.port) : '—',
-      ui.statusBadge(inst.status || 'active'),
+      inst.linkedApps != null ? String(inst.linkedApps) : '—',
       ui.timeAgo(inst.createdAt),
     ]);
-    ui.table(['ID', 'Name', 'Host', 'Port', 'Status', 'Added'], rows);
+    ui.table(['ID', 'Name', 'Host', 'Port', 'Linked Apps', 'Added'], rows);
     console.log('');
   } catch (err) {
     s.fail('Failed to fetch instances');
@@ -551,11 +604,10 @@ async function instancesTest(args, flags) {
   const s = ui.spinner('Testing instance connection');
   try {
     const result = await api.post(`/instances/${id}/test`);
-    if (result.success || result.connected) {
-      s.stop('Instance connection successful');
+    if (result.success) {
+      s.stop(`Connection successful${result.storageGb ? ` (${result.storageGb} GB storage)` : ''}`);
     } else {
-      s.fail('Instance connection failed');
-      if (result.error) ui.error(result.error);
+      s.fail(result.message || 'Connection failed');
     }
     if (flags.json) ui.json(result);
@@ -569,11 +621,10 @@ async function instancesTest(args, flags) {
 async function analytics(args, flags) {
   requireAuth();
-  const appKey = resolveApp(flags);
   const s = ui.spinner('Fetching analytics');
   try {
     const query = {};
-    if (appKey) query.serviceName = appKey;
+    const appKey = resolveApp(flags);
     if (flags.instance) query.instanceId = flags.instance;
     const endpoints = ['2xx-responses', '3xx-responses', '4xx-responses', '5xx-responses', '500-errors'];
@@ -596,7 +647,7 @@ async function analytics(args, flags) {
     const pairs = endpoints.map((ep, i) => {
       const val = results[i];
-      const count = val?.count ?? val?.total ?? (typeof val === 'number' ? val : '—');
+      const count = val?.meta?.count ?? '—';
       return [ep, String(count)];
     });
     ui.keyValue(pairs);

package/cli.js CHANGED Viewed

@@ -377,13 +377,11 @@ async function main() {
 }
 main().catch((err) => {
-  if (err.name === 'CLIError') {
-    ui.error(err.message);
-  } else {
+  if (err.name !== 'CLIError') {
     ui.error(err.message || 'An unexpected error occurred');
-    if (process.env.SECURENOW_DEBUG) {
-      console.error(err.stack);
-    }
+  }
+  if (process.env.SECURENOW_DEBUG) {
+    console.error(err.stack || err);
   }
   process.exit(1);
 });

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "securenow",
-  "version": "5.3.0",
+  "version": "5.3.2",
   "description": "OpenTelemetry instrumentation for Node.js and Next.js - Send traces and logs to any OTLP-compatible backend",
   "type": "commonjs",
   "main": "register.js",