ship-safe 6.1.0 → 6.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +735 -594
- package/cli/agents/api-fuzzer.js +345 -345
- package/cli/agents/auth-bypass-agent.js +348 -348
- package/cli/agents/base-agent.js +272 -272
- package/cli/agents/cicd-scanner.js +236 -201
- package/cli/agents/config-auditor.js +521 -521
- package/cli/agents/deep-analyzer.js +6 -2
- package/cli/agents/git-history-scanner.js +170 -170
- package/cli/agents/html-reporter.js +40 -4
- package/cli/agents/index.js +84 -84
- package/cli/agents/injection-tester.js +500 -500
- package/cli/agents/llm-redteam.js +251 -251
- package/cli/agents/mobile-scanner.js +231 -231
- package/cli/agents/orchestrator.js +322 -322
- package/cli/agents/pii-compliance-agent.js +301 -301
- package/cli/agents/scoring-engine.js +248 -248
- package/cli/agents/supabase-rls-agent.js +154 -154
- package/cli/agents/supply-chain-agent.js +650 -507
- package/cli/bin/ship-safe.js +452 -426
- package/cli/commands/agent.js +608 -608
- package/cli/commands/audit.js +986 -979
- package/cli/commands/baseline.js +193 -193
- package/cli/commands/ci.js +342 -342
- package/cli/commands/deps.js +516 -516
- package/cli/commands/doctor.js +159 -159
- package/cli/commands/fix.js +218 -218
- package/cli/commands/hooks.js +268 -0
- package/cli/commands/init.js +407 -407
- package/cli/commands/mcp.js +304 -304
- package/cli/commands/red-team.js +7 -1
- package/cli/commands/remediate.js +798 -798
- package/cli/commands/rotate.js +571 -571
- package/cli/commands/scan.js +569 -567
- package/cli/commands/score.js +449 -448
- package/cli/commands/watch.js +281 -281
- package/cli/hooks/patterns.js +313 -0
- package/cli/hooks/post-tool-use.js +140 -0
- package/cli/hooks/pre-tool-use.js +186 -0
- package/cli/index.js +73 -69
- package/cli/providers/llm-provider.js +397 -287
- package/cli/utils/autofix-rules.js +74 -74
- package/cli/utils/cache-manager.js +311 -311
- package/cli/utils/output.js +1 -0
- package/cli/utils/patterns.js +1121 -1121
- package/cli/utils/pdf-generator.js +94 -94
- package/package.json +69 -68
- package/cli/__tests__/agents.test.js +0 -1301
- package/configs/supabase/rls-templates.sql +0 -242
package/cli/index.js
CHANGED
|
@@ -1,69 +1,73 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Ship Safe CLI - Module Entry Point
|
|
3
|
-
* ===================================
|
|
4
|
-
*
|
|
5
|
-
* This file exports the CLI commands and agents for programmatic use.
|
|
6
|
-
* For normal CLI usage, run: npx ship-safe
|
|
7
|
-
*/
|
|
8
|
-
|
|
9
|
-
// ── Core Commands ─────────────────────────────────────────────────────────────
|
|
10
|
-
export { scanCommand } from './commands/scan.js';
|
|
11
|
-
export { checklistCommand } from './commands/checklist.js';
|
|
12
|
-
export { initCommand } from './commands/init.js';
|
|
13
|
-
export { agentCommand } from './commands/agent.js';
|
|
14
|
-
export { depsCommand, runDepsAudit } from './commands/deps.js';
|
|
15
|
-
export { scoreCommand } from './commands/score.js';
|
|
16
|
-
|
|
17
|
-
// ── v4.0 Commands ─────────────────────────────────────────────────────────────
|
|
18
|
-
export { auditCommand } from './commands/audit.js';
|
|
19
|
-
export { redTeamCommand } from './commands/red-team.js';
|
|
20
|
-
export { watchCommand } from './commands/watch.js';
|
|
21
|
-
|
|
22
|
-
// ── v4.2 Commands ─────────────────────────────────────────────────────────────
|
|
23
|
-
export { doctorCommand } from './commands/doctor.js';
|
|
24
|
-
|
|
25
|
-
// ── v4.3 Commands ─────────────────────────────────────────────────────────────
|
|
26
|
-
export { baselineCommand } from './commands/baseline.js';
|
|
27
|
-
|
|
28
|
-
// ── v6.0 Commands ─────────────────────────────────────────────────────────────
|
|
29
|
-
export { diffCommand } from './commands/diff.js';
|
|
30
|
-
export { vibeCheckCommand } from './commands/vibe-check.js';
|
|
31
|
-
export { benchmarkCommand } from './commands/benchmark.js';
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
export {
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
export {
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
export {
|
|
43
|
-
export {
|
|
44
|
-
|
|
45
|
-
|
|
46
|
-
export {
|
|
47
|
-
export {
|
|
48
|
-
export {
|
|
49
|
-
export {
|
|
50
|
-
export {
|
|
51
|
-
export {
|
|
52
|
-
export {
|
|
53
|
-
export {
|
|
54
|
-
export {
|
|
55
|
-
export {
|
|
56
|
-
export {
|
|
57
|
-
export {
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
export {
|
|
61
|
-
export {
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
export {
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
1
|
+
/**
|
|
2
|
+
* Ship Safe CLI - Module Entry Point
|
|
3
|
+
* ===================================
|
|
4
|
+
*
|
|
5
|
+
* This file exports the CLI commands and agents for programmatic use.
|
|
6
|
+
* For normal CLI usage, run: npx ship-safe
|
|
7
|
+
*/
|
|
8
|
+
|
|
9
|
+
// ── Core Commands ─────────────────────────────────────────────────────────────
|
|
10
|
+
export { scanCommand } from './commands/scan.js';
|
|
11
|
+
export { checklistCommand } from './commands/checklist.js';
|
|
12
|
+
export { initCommand } from './commands/init.js';
|
|
13
|
+
export { agentCommand } from './commands/agent.js';
|
|
14
|
+
export { depsCommand, runDepsAudit } from './commands/deps.js';
|
|
15
|
+
export { scoreCommand } from './commands/score.js';
|
|
16
|
+
|
|
17
|
+
// ── v4.0 Commands ─────────────────────────────────────────────────────────────
|
|
18
|
+
export { auditCommand } from './commands/audit.js';
|
|
19
|
+
export { redTeamCommand } from './commands/red-team.js';
|
|
20
|
+
export { watchCommand } from './commands/watch.js';
|
|
21
|
+
|
|
22
|
+
// ── v4.2 Commands ─────────────────────────────────────────────────────────────
|
|
23
|
+
export { doctorCommand } from './commands/doctor.js';
|
|
24
|
+
|
|
25
|
+
// ── v4.3 Commands ─────────────────────────────────────────────────────────────
|
|
26
|
+
export { baselineCommand } from './commands/baseline.js';
|
|
27
|
+
|
|
28
|
+
// ── v6.0 Commands ─────────────────────────────────────────────────────────────
|
|
29
|
+
export { diffCommand } from './commands/diff.js';
|
|
30
|
+
export { vibeCheckCommand } from './commands/vibe-check.js';
|
|
31
|
+
export { benchmarkCommand } from './commands/benchmark.js';
|
|
32
|
+
export { openclawCommand } from './commands/openclaw.js';
|
|
33
|
+
export { scanSkillCommand } from './commands/scan-skill.js';
|
|
34
|
+
export { abomCommand } from './commands/abom.js';
|
|
35
|
+
export { updateIntelCommand } from './commands/update-intel.js';
|
|
36
|
+
|
|
37
|
+
// ── Patterns ──────────────────────────────────────────────────────────────────
|
|
38
|
+
export { SECRET_PATTERNS, SECURITY_PATTERNS, SKIP_DIRS, SKIP_EXTENSIONS, SKIP_FILENAMES } from './utils/patterns.js';
|
|
39
|
+
|
|
40
|
+
// ── Agent Framework ───────────────────────────────────────────────────────────
|
|
41
|
+
export { BaseAgent, createFinding } from './agents/base-agent.js';
|
|
42
|
+
export { Orchestrator } from './agents/orchestrator.js';
|
|
43
|
+
export { buildOrchestrator } from './agents/index.js';
|
|
44
|
+
|
|
45
|
+
// ── Individual Agents ─────────────────────────────────────────────────────────
|
|
46
|
+
export { ReconAgent } from './agents/recon-agent.js';
|
|
47
|
+
export { InjectionTester } from './agents/injection-tester.js';
|
|
48
|
+
export { AuthBypassAgent } from './agents/auth-bypass-agent.js';
|
|
49
|
+
export { SSRFProber } from './agents/ssrf-prober.js';
|
|
50
|
+
export { SupplyChainAudit } from './agents/supply-chain-agent.js';
|
|
51
|
+
export { ConfigAuditor } from './agents/config-auditor.js';
|
|
52
|
+
export { LLMRedTeam } from './agents/llm-redteam.js';
|
|
53
|
+
export { MobileScanner } from './agents/mobile-scanner.js';
|
|
54
|
+
export { GitHistoryScanner } from './agents/git-history-scanner.js';
|
|
55
|
+
export { CICDScanner } from './agents/cicd-scanner.js';
|
|
56
|
+
export { APIFuzzer } from './agents/api-fuzzer.js';
|
|
57
|
+
export { SupabaseRLSAgent } from './agents/supabase-rls-agent.js';
|
|
58
|
+
export { VibeCodingAgent } from './agents/vibe-coding-agent.js';
|
|
59
|
+
export { ExceptionHandlerAgent } from './agents/exception-handler-agent.js';
|
|
60
|
+
export { AgentConfigScanner } from './agents/agent-config-scanner.js';
|
|
61
|
+
export { ABOMGenerator } from './agents/abom-generator.js';
|
|
62
|
+
|
|
63
|
+
// ── Supporting Modules ────────────────────────────────────────────────────────
|
|
64
|
+
export { ScoringEngine, GRADES, CATEGORIES } from './agents/scoring-engine.js';
|
|
65
|
+
export { SBOMGenerator } from './agents/sbom-generator.js';
|
|
66
|
+
export { PolicyEngine } from './agents/policy-engine.js';
|
|
67
|
+
export { HTMLReporter } from './agents/html-reporter.js';
|
|
68
|
+
|
|
69
|
+
// ── Caching ──────────────────────────────────────────────────────────────────
|
|
70
|
+
export { CacheManager } from './utils/cache-manager.js';
|
|
71
|
+
|
|
72
|
+
// ── LLM Providers ─────────────────────────────────────────────────────────────
|
|
73
|
+
export { createProvider, autoDetectProvider } from './providers/llm-provider.js';
|