securenow 8.5.0 → 8.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/challenge.js +273 -0
- package/cli/challenges.js +253 -0
- package/cli/security.js +80 -8
- package/cli.js +42 -4
- package/firewall.js +952 -702
- package/nextjs-auto-capture.js +274 -195
- package/nextjs-middleware.js +268 -185
- package/nextjs-wrapper.js +234 -155
- package/nextjs.js +768 -685
- package/nuxt-server-plugin.mjs +506 -426
- package/package.json +5 -1
- package/tracing.js +844 -758
package/cli.js
CHANGED
|
@@ -255,8 +255,8 @@ const COMMANDS = {
|
|
|
255
255
|
usage: 'securenow alerts <subcommand> [options]',
|
|
256
256
|
sub: {
|
|
257
257
|
rules: {
|
|
258
|
-
desc: 'Create, list, show, update, set-sql, validate, delete, test, or tune alert rules',
|
|
259
|
-
usage: 'securenow alerts rules <list|create|show|update|set-sql|validate|delete|test|dry-run-query|tune-query|exclusions> [options]',
|
|
258
|
+
desc: 'Create, list, show, update, promote/demote, set-sql, validate, delete, test, or tune alert rules',
|
|
259
|
+
usage: 'securenow alerts rules <list|create|show|update|promote|demote|set-sql|validate|delete|test|dry-run-query|tune-query|exclusions> [options]',
|
|
260
260
|
flags: {
|
|
261
261
|
json: 'Output as JSON',
|
|
262
262
|
name: 'With create: rule name',
|
|
@@ -275,7 +275,14 @@ const COMMANDS = {
|
|
|
275
275
|
'no-applications-all': 'With update: scope to explicit --apps list',
|
|
276
276
|
apps: 'Comma-separated app keys (with create/update)',
|
|
277
277
|
app: 'Application key for rule tests',
|
|
278
|
-
mode: '
|
|
278
|
+
mode: 'With test: dry_run | live. With list/update: lifecycle test | prod (test = detect-only, no mitigation)',
|
|
279
|
+
status: 'With update: Active | Disabled | Paused. With list: filter by status',
|
|
280
|
+
enable: 'With update: shortcut for --status Active',
|
|
281
|
+
disable: 'With update: shortcut for --status Disabled',
|
|
282
|
+
pause: 'With update: shortcut for --status Paused',
|
|
283
|
+
active: 'With list: filter active (true) or non-active (false)',
|
|
284
|
+
system: 'With list: only system rules',
|
|
285
|
+
user: 'With list: only user (non-system) rules',
|
|
279
286
|
wait: 'Wait for rule test completion',
|
|
280
287
|
sql: 'Detection/candidate/replacement SQL, @file, or - for stdin (create, set-sql, update, validate, dry-run-query, tune-query)',
|
|
281
288
|
query: 'Alias for --sql',
|
|
@@ -389,6 +396,37 @@ const COMMANDS = {
|
|
|
389
396
|
},
|
|
390
397
|
defaultSub: 'list',
|
|
391
398
|
},
|
|
399
|
+
challenge: {
|
|
400
|
+
desc: 'Manage CAPTCHA / proof-of-work challenge remediation rules',
|
|
401
|
+
usage: 'securenow challenge <list|add|show|test|enable|disable|remove> [options]',
|
|
402
|
+
flags: {
|
|
403
|
+
app: 'Scope to app key (defaults to logged-in app)',
|
|
404
|
+
env: 'Scope to environment (default for create/test: production)',
|
|
405
|
+
environment: 'Alias for --env',
|
|
406
|
+
json: 'Output as JSON',
|
|
407
|
+
difficulty: 'Proof-of-work strength in leading zero bits (4-28, default 14)',
|
|
408
|
+
clearance: 'How long a solve clears, e.g. 30m, 1h (default 30m)',
|
|
409
|
+
route: 'Path pattern such as /login',
|
|
410
|
+
path: 'Alias for --route',
|
|
411
|
+
mode: 'Path mode: exact, prefix, or regex',
|
|
412
|
+
method: 'HTTP method, or ALL',
|
|
413
|
+
duration: 'Rule expiry, e.g. 24h or 7d',
|
|
414
|
+
reason: 'Reason note',
|
|
415
|
+
'escalate-to-block': 'Promote to a hard block after repeated failures',
|
|
416
|
+
'fail-threshold': 'Failures before escalation (default 10)',
|
|
417
|
+
'block-ttl-hours': 'Block duration when escalating (default 24)',
|
|
418
|
+
},
|
|
419
|
+
sub: {
|
|
420
|
+
list: { desc: 'List challenge remediation rules', run: (a, f) => require('./cli/challenges').list(a, f) },
|
|
421
|
+
add: { desc: 'Create a challenge rule', usage: 'securenow challenge add [ip] --route /login --difficulty 16 --clearance 30m', run: (a, f) => require('./cli/challenges').add(a, f) },
|
|
422
|
+
show: { desc: 'Show one challenge rule', usage: 'securenow challenge show <id>', run: (a, f) => require('./cli/challenges').show(a, f) },
|
|
423
|
+
test: { desc: 'Check whether a request would be challenged', usage: 'securenow challenge test <ip> --path /login --method GET', run: (a, f) => require('./cli/challenges').test(a, f) },
|
|
424
|
+
enable: { desc: 'Enable a challenge rule', usage: 'securenow challenge enable <id>', run: (a, f) => require('./cli/challenges').enable(a, f) },
|
|
425
|
+
disable: { desc: 'Disable a challenge rule', usage: 'securenow challenge disable <id>', run: (a, f) => require('./cli/challenges').disable(a, f) },
|
|
426
|
+
remove: { desc: 'Remove a challenge rule', usage: 'securenow challenge remove <id> [--reason "..."]', run: (a, f) => require('./cli/challenges').remove(a, f) },
|
|
427
|
+
},
|
|
428
|
+
defaultSub: 'list',
|
|
429
|
+
},
|
|
392
430
|
automation: {
|
|
393
431
|
desc: 'Manage automation rules for blocklist actions',
|
|
394
432
|
usage: 'securenow automation <list|defaults|show|create|update|dry-run|execute|delete> [rule-id] [options]',
|
|
@@ -724,7 +762,7 @@ function showHelp(commandName) {
|
|
|
724
762
|
'Detect & Respond': ['human', 'notifications', 'alerts', 'fp'],
|
|
725
763
|
'Investigate': ['ip', 'forensics'],
|
|
726
764
|
'Firewall': ['firewall'],
|
|
727
|
-
'Remediation': ['automation', 'ratelimit', 'blocklist', 'revoke', 'allowlist', 'trusted'],
|
|
765
|
+
'Remediation': ['automation', 'ratelimit', 'challenge', 'blocklist', 'revoke', 'allowlist', 'trusted'],
|
|
728
766
|
'Telemetry': ['log', 'event', 'test-span'],
|
|
729
767
|
'Utilities': ['redact', 'cidr', 'doctor', 'env', 'mcp'],
|
|
730
768
|
'Settings': ['instances', 'config', 'version'],
|