ship-safe 6.1.0 → 6.2.0

package/cli/utils/pdf-generator.js

@@ -1,94 +1,94 @@
-/**
- * PDF Generator
- * ==============
- *
- * Zero-dependency PDF generation via Chrome/Chromium headless mode.
- * Falls back to generating a print-optimized HTML file if Chrome is not found.
- */
-
-import fs from 'fs';
-import path from 'path';
-import { execFileSync } from 'child_process';
-
-/**
- * Well-known Chrome/Chromium paths by platform.
- */
-function findChrome() {
-  const candidates = process.platform === 'win32'
-    ? [
-        process.env.CHROME_PATH,
-        'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe',
-        'C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe',
-        process.env.LOCALAPPDATA && path.join(process.env.LOCALAPPDATA, 'Google\\Chrome\\Application\\chrome.exe'),
-      ]
-    : process.platform === 'darwin'
-    ? [
-        process.env.CHROME_PATH,
-        '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',
-        '/Applications/Chromium.app/Contents/MacOS/Chromium',
-      ]
-    : [
-        process.env.CHROME_PATH,
-        '/usr/bin/google-chrome',
-        '/usr/bin/google-chrome-stable',
-        '/usr/bin/chromium',
-        '/usr/bin/chromium-browser',
-        '/snap/bin/chromium',
-      ];
-
-  for (const c of candidates) {
-    if (c && fs.existsSync(c)) return c;
-  }
-  return null;
-}
-
-/**
- * Check if Chrome is available.
- */
-export function isChromeAvailable() {
-  return findChrome() !== null;
-}
-
-/**
- * Generate PDF from an HTML file using Chrome headless.
- * Returns the output path, or null if Chrome is not available.
- */
-export function generatePDF(htmlPath, outputPath) {
-  const chrome = findChrome();
-  if (!chrome) return null;
-
-  try {
-    const args = [
-      '--headless',
-      '--disable-gpu',
-      '--no-sandbox',
-      `--print-to-pdf=${outputPath}`,
-      '--print-to-pdf-no-header',
-      htmlPath,
-    ];
-    execFileSync(chrome, args, { timeout: 30000, stdio: 'pipe' }); // ship-safe-ignore — execFileSync with fixed chrome binary path; no user input in command
-    return outputPath;
-  } catch {
-    return null;
-  }
-}
-
-/**
- * Generate a print-optimized HTML file as PDF fallback.
- */
-export function generatePrintHTML(htmlPath, outputPath) {
-  let html = fs.readFileSync(htmlPath, 'utf-8');
-  // Add print-optimized styles
-  const printCSS = `
-<style media="print">
-  body { background: #fff !important; color: #1e293b !important; }
-  .score-card, .stat, .summary-card, .toc { background: #f8fafc !important; border: 1px solid #e2e8f0 !important; }
-  table, th, td { border: 1px solid #e2e8f0 !important; }
-  code { background: #f1f5f9 !important; color: #0f172a !important; }
-  pre { background: #f1f5f9 !important; }
-  a { color: #0369a1 !important; }
-</style>`;
-  html = html.replace('</head>', printCSS + '\n</head>');
-  fs.writeFileSync(outputPath, html);
-  return outputPath;
-}
+/**
+ * PDF Generator
+ * ==============
+ *
+ * Zero-dependency PDF generation via Chrome/Chromium headless mode.
+ * Falls back to generating a print-optimized HTML file if Chrome is not found.
+ */
+
+import fs from 'fs';
+import path from 'path';
+import { execFileSync } from 'child_process';
+
+/**
+ * Well-known Chrome/Chromium paths by platform.
+ */
+function findChrome() {
+  const candidates = process.platform === 'win32'
+    ? [
+        process.env.CHROME_PATH,
+        'C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe',
+        'C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe',
+        process.env.LOCALAPPDATA && path.join(process.env.LOCALAPPDATA, 'Google\\Chrome\\Application\\chrome.exe'),
+      ]
+    : process.platform === 'darwin'
+    ? [
+        process.env.CHROME_PATH,
+        '/Applications/Google Chrome.app/Contents/MacOS/Google Chrome',
+        '/Applications/Chromium.app/Contents/MacOS/Chromium',
+      ]
+    : [
+        process.env.CHROME_PATH,
+        '/usr/bin/google-chrome',
+        '/usr/bin/google-chrome-stable',
+        '/usr/bin/chromium',
+        '/usr/bin/chromium-browser',
+        '/snap/bin/chromium',
+      ];
+
+  for (const c of candidates) {
+    if (c && fs.existsSync(c)) return c;
+  }
+  return null;
+}
+
+/**
+ * Check if Chrome is available.
+ */
+export function isChromeAvailable() {
+  return findChrome() !== null;
+}
+
+/**
+ * Generate PDF from an HTML file using Chrome headless.
+ * Returns the output path, or null if Chrome is not available.
+ */
+export function generatePDF(htmlPath, outputPath) {
+  const chrome = findChrome();
+  if (!chrome) return null;
+
+  try {
+    const args = [
+      '--headless',
+      '--disable-gpu',
+      '--no-sandbox',
+      `--print-to-pdf=${outputPath}`,
+      '--print-to-pdf-no-header',
+      htmlPath,
+    ];
+    execFileSync(chrome, args, { timeout: 30000, stdio: 'pipe' }); // ship-safe-ignore — execFileSync with fixed chrome binary path; no user input in command
+    return outputPath;
+  } catch {
+    return null;
+  }
+}
+
+/**
+ * Generate a print-optimized HTML file as PDF fallback.
+ */
+export function generatePrintHTML(htmlPath, outputPath) {
+  let html = fs.readFileSync(htmlPath, 'utf-8');
+  // Add print-optimized styles
+  const printCSS = `
+<style media="print">
+  body { background: #fff !important; color: #1e293b !important; }
+  .score-card, .stat, .summary-card, .toc { background: #f8fafc !important; border: 1px solid #e2e8f0 !important; }
+  table, th, td { border: 1px solid #e2e8f0 !important; }
+  code { background: #f1f5f9 !important; color: #0f172a !important; }
+  pre { background: #f1f5f9 !important; }
+  a { color: #0369a1 !important; }
+</style>`;
+  html = html.replace('</head>', printCSS + '\n</head>');
+  fs.writeFileSync(outputPath, html);
+  return outputPath;
+}

package/package.json

@@ -1,68 +1,69 @@
-{
-  "name": "ship-safe",
-  "version": "6.1.0",
-  "description": "AI-powered multi-agent security platform. 18 agents scan 80+ attack classes with LLM-powered deep analysis. Red team your code before attackers do.",
-  "main": "cli/index.js",
-  "bin": {
-    "ship-safe": "cli/bin/ship-safe.js"
-  },
-  "type": "module",
-  "scripts": {
-    "test": "node --test cli/__tests__/*.test.js",
-    "lint": "eslint cli/",
-    "ship-safe": "node cli/bin/ship-safe.js"
-  },
-  "keywords": [
-    "security",
-    "secrets",
-    "scanner",
-    "sast",
-    "devsecops",
-    "red-team",
-    "penetration-testing",
-    "vulnerability-scanner",
-    "sbom",
-    "owasp",
-    "sql-injection",
-    "xss",
-    "ssrf",
-    "supply-chain",
-    "llm-security",
-    "prompt-injection",
-    "api-security",
-    "docker-security",
-    "kubernetes",
-    "cicd-security",
-    "mobile-security",
-    "jwt",
-    "cors",
-    "cli"
-  ],
-  "author": "ship-safe contributors",
-  "license": "MIT",
-  "repository": {
-    "type": "git",
-    "url": "git+https://github.com/asamassekou10/ship-safe.git"
-  },
-  "bugs": {
-    "url": "https://github.com/asamassekou10/ship-safe/issues"
-  },
-  "homepage": "https://github.com/asamassekou10/ship-safe#readme",
-  "engines": {
-    "node": ">=18.0.0"
-  },
-  "files": [
-    "cli/",
-    "checklists/",
-    "configs/",
-    "snippets/",
-    "ai-defense/"
-  ],
-  "dependencies": {
-    "chalk": "^5.3.0",
-    "commander": "^12.1.0",
-    "fast-glob": "^3.3.3",
-    "ora": "^8.0.1",
-    "write-file-atomic": "^7.0.0"
-  }
-}
+{
+  "name": "ship-safe",
+  "version": "6.2.0",
+  "description": "AI-powered multi-agent security platform. 18 agents scan 80+ attack classes with LLM-powered deep analysis. Red team your code before attackers do.",
+  "main": "cli/index.js",
+  "bin": {
+    "ship-safe": "cli/bin/ship-safe.js"
+  },
+  "type": "module",
+  "scripts": {
+    "test": "node --test cli/__tests__/*.test.js",
+    "lint": "eslint cli/",
+    "ship-safe": "node cli/bin/ship-safe.js"
+  },
+  "keywords": [
+    "security",
+    "secrets",
+    "scanner",
+    "sast",
+    "devsecops",
+    "red-team",
+    "penetration-testing",
+    "vulnerability-scanner",
+    "sbom",
+    "owasp",
+    "sql-injection",
+    "xss",
+    "ssrf",
+    "supply-chain",
+    "llm-security",
+    "prompt-injection",
+    "api-security",
+    "docker-security",
+    "kubernetes",
+    "cicd-security",
+    "mobile-security",
+    "jwt",
+    "cors",
+    "cli"
+  ],
+  "author": "ship-safe contributors",
+  "license": "MIT",
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/asamassekou10/ship-safe.git"
+  },
+  "bugs": {
+    "url": "https://github.com/asamassekou10/ship-safe/issues"
+  },
+  "homepage": "https://github.com/asamassekou10/ship-safe#readme",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "files": [
+    "cli/",
+    "!cli/__tests__/",
+    "checklists/",
+    "configs/",
+    "snippets/",
+    "ai-defense/"
+  ],
+  "dependencies": {
+    "chalk": "^5.3.0",
+    "commander": "^12.1.0",
+    "fast-glob": "^3.3.3",
+    "ora": "^8.0.1",
+    "write-file-atomic": "^7.0.0"
+  }
+}