npm - ship18ion - Versions diffs - 1.1.3 → 1.2.1 - Mend

ship18ion 1.1.3 → 1.2.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/CONTRIBUTING.md +60 -0
package/LICENSE +21 -0
package/README.md +16 -0
package/dist/cli/index.d.ts +2 -0
package/dist/engine/ast.d.ts +6 -0
package/dist/engine/config.d.ts +12 -0
package/dist/engine/detector.d.ts +2 -0
package/dist/engine/runner.d.ts +3 -0
package/dist/engine/runner.js +9 -0
package/dist/engine/scanner.d.ts +1 -0
package/dist/engine/secrets.d.ts +6 -0
package/{src/engine/types.ts → dist/engine/types.d.ts} +15 -17
package/dist/reporters/console.d.ts +2 -0
package/dist/reporters/console.js +3 -0
package/dist/rules/build.d.ts +3 -0
package/dist/rules/env.d.ts +2 -0
package/dist/rules/frameworks/nextjs.d.ts +2 -0
package/dist/rules/git.d.ts +2 -0
package/dist/rules/hygiene.d.ts +2 -0
package/dist/rules/hygiene.js +47 -0
package/dist/rules/packages.d.ts +2 -0
package/dist/rules/packages.js +32 -0
package/dist/rules/secrets.d.ts +2 -0
package/dist/rules/security.d.ts +2 -0
package/package.json +9 -3
package/SHIPPING.md +0 -57
package/src/cli/index.ts +0 -56
package/src/engine/ast.ts +0 -84
package/src/engine/config.ts +0 -28
package/src/engine/detector.ts +0 -27
package/src/engine/runner.ts +0 -53
package/src/engine/scanner.ts +0 -22
package/src/engine/secrets.ts +0 -26
package/src/reporters/console.ts +0 -66
package/src/rules/build.ts +0 -77
package/src/rules/env.ts +0 -99
package/src/rules/frameworks/nextjs.ts +0 -33
package/src/rules/git.ts +0 -95
package/src/rules/secrets.ts +0 -53
package/src/rules/security.ts +0 -55
package/tests/fixtures/leaky-app/.env +0 -3
package/tests/fixtures/leaky-app/package.json +0 -7
package/tests/fixtures/leaky-app/src/index.js +0 -21
package/tsconfig.json +0 -15
package/walkthrough.md +0 -51

package/walkthrough.md DELETED Viewed

@@ -1,51 +0,0 @@
-ship18ion - Production Readiness Inspector
-I have successfully built ship18ion, a CLI tool to check for production readiness.
-Features Implemented
-1. Environment Variable Safety
-Unused Variable Detection: Scans
-.env
- files and code to find variables defined but never used.
-Missing Variable Detection: Identifies process.env.VAR usages that lack a corresponding definition in
-.env
- (or config).
-Format Support: Supports
-.env
-, .env.production files.
-Robust AST Parsing: Correctly detects process.env.VAR, import.meta.env.VAR (Vite), and process.env["VAR"].
-2. Secrets Detection
-Pattern Matching: Detects AWS Keys, Google API Keys, Stripe Keys, and generic private keys.
-Entropy Heuristics: Detects potential high-entropy strings assigned to "secret" or "key" variables.
-3. Framework & Security Checks
-Next.js Safety: Scans for NEXT_PUBLIC_ variables that appear to contain secrets (e.g. NEXT_PUBLIC_SECRET_KEY).
-Git Safety: Warns if deploying from a dirty working directory or a non-production branch.
-Debug Mode: Alerts on debug: true.
-CORS Wildcards: Fails if origin: '*' is detected.
-Database Credentials: Detects hardcoded connection strings.
-4. Dependency & Build Safety
-Dev Dependencies: Warns if eslint or other dev tools are in dependencies.
-Build Artifacts: Alerts if source maps (.map) or
-.env
- files are found in build directories.
-Usage
-# In your project root
-npx ship18ion check
-# CI Mode (minimal output)
-npx ship18ion check --ci
-How to Ship & Share
-See
-SHIPPING.md
- for detailed instructions on:
-Local Testing: Using npm link to test on your other projects instantly.
-Publishing: Pushing to NPM so anyone can use npx ship18ion.
-Architecture
-CLI: Built with commander.
-Engine: TypeScript-based rule engine.
-Parsing: Babel-based AST parsing.
-Config: ship18ion.config.json support.