shipcheck-cli 0.2.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +73 -4
- package/dist/src/cli.js +4 -4
- package/dist/src/cli.js.map +1 -1
- package/dist/src/format.d.ts +2 -1
- package/dist/src/format.js +70 -0
- package/dist/src/format.js.map +1 -1
- package/package.json +9 -1
package/README.md
CHANGED
|
@@ -6,15 +6,17 @@ Release-readiness and AI-app exposure scanner for JavaScript and TypeScript repo
|
|
|
6
6
|
|
|
7
7
|
It also checks the failure points that show up in AI-built apps made with Lovable, Bolt, Replit, Cursor, v0, Base44, Supabase, Firebase, Stripe, and AI API integrations: exposed private keys, public frontend env vars that look private, unsigned Stripe webhooks, missing Firebase rules, undocumented Supabase RLS, debug API routes, and missing AI usage guardrails.
|
|
8
8
|
|
|
9
|
+
Tool page: https://tatelyman.github.io/tate-web-services/shipcheck.html
|
|
10
|
+
|
|
9
11
|
## Install
|
|
10
12
|
|
|
11
|
-
Run from
|
|
13
|
+
Run from npm:
|
|
12
14
|
|
|
13
15
|
```bash
|
|
14
|
-
npx --yes
|
|
16
|
+
npx --yes shipcheck-cli .
|
|
15
17
|
```
|
|
16
18
|
|
|
17
|
-
|
|
19
|
+
Or install/build locally:
|
|
18
20
|
|
|
19
21
|
```bash
|
|
20
22
|
npm install
|
|
@@ -36,7 +38,7 @@ shipcheck ../my-app --format markdown
|
|
|
36
38
|
## Usage
|
|
37
39
|
|
|
38
40
|
```bash
|
|
39
|
-
shipcheck [path] [--format text|markdown|json] [--fail-on info|low|medium|high] [--strict]
|
|
41
|
+
shipcheck [path] [--format text|markdown|json|sarif] [--fail-on info|low|medium|high] [--strict]
|
|
40
42
|
```
|
|
41
43
|
|
|
42
44
|
Examples:
|
|
@@ -45,8 +47,39 @@ Examples:
|
|
|
45
47
|
shipcheck
|
|
46
48
|
shipcheck ../client-app --format markdown
|
|
47
49
|
shipcheck . --strict --fail-on medium
|
|
50
|
+
shipcheck . --format sarif > shipcheck.sarif
|
|
51
|
+
```
|
|
52
|
+
|
|
53
|
+
## GitHub Action
|
|
54
|
+
|
|
55
|
+
Marketplace listing: https://github.com/marketplace/actions/shipcheck-ai-app-scanner
|
|
56
|
+
|
|
57
|
+
Action repo: https://github.com/TateLyman/shipcheck-action
|
|
58
|
+
|
|
59
|
+
Add Shipcheck as a release gate in any JS/TS repo:
|
|
60
|
+
|
|
61
|
+
```yaml
|
|
62
|
+
name: shipcheck
|
|
63
|
+
|
|
64
|
+
on:
|
|
65
|
+
pull_request:
|
|
66
|
+
push:
|
|
67
|
+
branches:
|
|
68
|
+
- main
|
|
69
|
+
|
|
70
|
+
jobs:
|
|
71
|
+
shipcheck:
|
|
72
|
+
runs-on: ubuntu-latest
|
|
73
|
+
steps:
|
|
74
|
+
- uses: actions/checkout@v4
|
|
75
|
+
- uses: TateLyman/shipcheck-action@v1
|
|
76
|
+
with:
|
|
77
|
+
fail-on: medium
|
|
78
|
+
strict: true
|
|
48
79
|
```
|
|
49
80
|
|
|
81
|
+
The action runs the npm package with `npx`, so target repos do not need to add Shipcheck as a dependency.
|
|
82
|
+
|
|
50
83
|
## What It Checks
|
|
51
84
|
|
|
52
85
|
- `package.json` exists and has repeatable `test` and `build` scripts
|
|
@@ -90,6 +123,42 @@ JSON output is designed for automation:
|
|
|
90
123
|
shipcheck . --format json
|
|
91
124
|
```
|
|
92
125
|
|
|
126
|
+
SARIF output is designed for GitHub code scanning upload:
|
|
127
|
+
|
|
128
|
+
```bash
|
|
129
|
+
shipcheck . --format sarif > shipcheck.sarif
|
|
130
|
+
```
|
|
131
|
+
|
|
132
|
+
Use it with the Marketplace action and GitHub's SARIF uploader:
|
|
133
|
+
|
|
134
|
+
```yaml
|
|
135
|
+
permissions:
|
|
136
|
+
contents: read
|
|
137
|
+
security-events: write
|
|
138
|
+
|
|
139
|
+
jobs:
|
|
140
|
+
shipcheck:
|
|
141
|
+
runs-on: ubuntu-latest
|
|
142
|
+
steps:
|
|
143
|
+
- uses: actions/checkout@v4
|
|
144
|
+
- uses: TateLyman/shipcheck-action@v1
|
|
145
|
+
with:
|
|
146
|
+
format: sarif
|
|
147
|
+
output: shipcheck.sarif
|
|
148
|
+
fail-on: medium
|
|
149
|
+
strict: true
|
|
150
|
+
- uses: github/codeql-action/upload-sarif@v3
|
|
151
|
+
if: always()
|
|
152
|
+
with:
|
|
153
|
+
sarif_file: shipcheck.sarif
|
|
154
|
+
```
|
|
155
|
+
|
|
156
|
+
## Manual Review
|
|
157
|
+
|
|
158
|
+
Shipcheck is the first pass. If the report finds a blocker in an app you own or are authorized to inspect, you can request a manual review from the tool page.
|
|
159
|
+
|
|
160
|
+
Manual reviews focus on auth, data rules, env boundaries, Stripe/webhooks, deploy config, and the first paid user flow.
|
|
161
|
+
|
|
93
162
|
## Exit Codes
|
|
94
163
|
|
|
95
164
|
By default, `shipcheck` exits with code `1` only when a `high` finding is present.
|
package/dist/src/cli.js
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
#!/usr/bin/env node
|
|
2
2
|
import { formatReport } from "./format.js";
|
|
3
3
|
import { scanRepository, shouldFail } from "./index.js";
|
|
4
|
-
const validFormats = new Set(["text", "markdown", "json"]);
|
|
4
|
+
const validFormats = new Set(["text", "markdown", "json", "sarif"]);
|
|
5
5
|
const validSeverities = new Set(["info", "low", "medium", "high"]);
|
|
6
6
|
async function main() {
|
|
7
7
|
const args = parseArgs(process.argv.slice(2));
|
|
@@ -10,7 +10,7 @@ async function main() {
|
|
|
10
10
|
return;
|
|
11
11
|
}
|
|
12
12
|
if (args.version) {
|
|
13
|
-
console.log("0.
|
|
13
|
+
console.log("0.3.0");
|
|
14
14
|
return;
|
|
15
15
|
}
|
|
16
16
|
const report = await scanRepository({
|
|
@@ -52,7 +52,7 @@ function parseArgs(argv) {
|
|
|
52
52
|
if (arg === "--format") {
|
|
53
53
|
const value = argv[index + 1];
|
|
54
54
|
if (!value || !validFormats.has(value)) {
|
|
55
|
-
throw new Error("--format must be one of: text, markdown, json");
|
|
55
|
+
throw new Error("--format must be one of: text, markdown, json, sarif");
|
|
56
56
|
}
|
|
57
57
|
parsed.format = value;
|
|
58
58
|
index += 1;
|
|
@@ -79,7 +79,7 @@ function helpText() {
|
|
|
79
79
|
"shipcheck - release-readiness and AI-app exposure scanner for JavaScript and TypeScript repos",
|
|
80
80
|
"",
|
|
81
81
|
"Usage:",
|
|
82
|
-
" shipcheck [path] [--format text|markdown|json] [--fail-on info|low|medium|high] [--strict]",
|
|
82
|
+
" shipcheck [path] [--format text|markdown|json|sarif] [--fail-on info|low|medium|high] [--strict]",
|
|
83
83
|
"",
|
|
84
84
|
"Examples:",
|
|
85
85
|
" shipcheck",
|
package/dist/src/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,YAAY,
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,YAAY,EAAqB,MAAM,aAAa,CAAC;AAC9D,OAAO,EAAE,cAAc,EAAE,UAAU,EAAiB,MAAM,YAAY,CAAC;AAWvE,MAAM,YAAY,GAAG,IAAI,GAAG,CAAe,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAClF,MAAM,eAAe,GAAG,IAAI,GAAG,CAAW,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;AAE7E,KAAK,UAAU,IAAI;IACjB,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAE9C,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC;QACxB,OAAO;IACT,CAAC;IAED,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC;QAClC,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,MAAM,EAAE,IAAI,CAAC,MAAM;KACpB,CAAC,CAAC;IAEH,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;IAE/C,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,IAAc;IAC/B,MAAM,MAAM,GAAe;QACzB,IAAI,EAAE,OAAO,CAAC,GAAG,EAAE;QACnB,MAAM,EAAE,MAAM;QACd,MAAM,EAAE,KAAK;QACb,MAAM,EAAE,MAAM;QACd,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,KAAK;KACf,CAAC;IAEF,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;QAExB,IAAI,CAAC,GAAG,EAAE,CAAC;YACT,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACrC,MAAM,CAAC,IAAI,GAAG,IAAI,CAAC;YACnB,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,WAAW,IAAI,GAAG,KAAK,IAAI,EAAE,CAAC;YACxC,MAAM,CAAC,OAAO,GAAG,IAAI,CAAC;YACtB,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,UAAU,EAAE,CAAC;YACvB,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC;YACrB,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,UAAU,EAAE,CAAC;YACvB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,CAAC,KAAK,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,KAAqB,CAAC,EAAE,CAAC;gBACvD,MAAM,IAAI,KAAK,CAAC,sDAAsD,CAAC,CAAC;YAC1E,CAAC;YAED,MAAM,CAAC,MAAM,GAAG,KAAqB,CAAC;YACtC,KAAK,IAAI,CAAC,CAAC;YACX,SAAS;QACX,CAAC;QAED,IAAI,GAAG,KAAK,WAAW,EAAE,CAAC;YACxB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC9B,IAAI,CAAC,KAAK,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,KAAiB,CAAC,EAAE,CAAC;gBACtD,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;YACvE,CAAC;YAED,MAAM,CAAC,MAAM,GAAG,KAAiB,CAAC;YAClC,KAAK,IAAI,CAAC,CAAC;YACX,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,mBAAmB,GAAG,EAAE,CAAC,CAAC;QAC5C,CAAC;QAED,MAAM,CAAC,IAAI,GAAG,GAAG,CAAC;IACpB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,QAAQ;IACf,OAAO;QACL,+FAA+F;QAC/F,EAAE;QACF,QAAQ;QACR,oGAAoG;QACpG,EAAE;QACF,WAAW;QACX,aAAa;QACb,yCAAyC;QACzC,yCAAyC;QACzC,EAAE;QACF,UAAU;QACV,iDAAiD;QACjD,uFAAuF;QACvF,yEAAyE;QACzE,wCAAwC;QACxC,sCAAsC;KACvC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAc,EAAE,EAAE;IAC9B,OAAO,CAAC,KAAK,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;IACtE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC"}
|
package/dist/src/format.d.ts
CHANGED
|
@@ -1,2 +1,3 @@
|
|
|
1
1
|
import type { ScanReport } from "./index.js";
|
|
2
|
-
export
|
|
2
|
+
export type ReportFormat = "text" | "markdown" | "json" | "sarif";
|
|
3
|
+
export declare function formatReport(report: ScanReport, format: ReportFormat): string;
|
package/dist/src/format.js
CHANGED
|
@@ -4,10 +4,19 @@ const severityLabel = {
|
|
|
4
4
|
low: "Low",
|
|
5
5
|
info: "Info"
|
|
6
6
|
};
|
|
7
|
+
const sarifLevel = {
|
|
8
|
+
high: "error",
|
|
9
|
+
medium: "warning",
|
|
10
|
+
low: "warning",
|
|
11
|
+
info: "note"
|
|
12
|
+
};
|
|
7
13
|
export function formatReport(report, format) {
|
|
8
14
|
if (format === "json") {
|
|
9
15
|
return JSON.stringify(report, null, 2);
|
|
10
16
|
}
|
|
17
|
+
if (format === "sarif") {
|
|
18
|
+
return formatSarif(report);
|
|
19
|
+
}
|
|
11
20
|
if (format === "markdown") {
|
|
12
21
|
return formatMarkdown(report);
|
|
13
22
|
}
|
|
@@ -59,6 +68,67 @@ function formatMarkdown(report) {
|
|
|
59
68
|
}
|
|
60
69
|
return lines.join("\n").trimEnd();
|
|
61
70
|
}
|
|
71
|
+
function formatSarif(report) {
|
|
72
|
+
const rules = new Map();
|
|
73
|
+
for (const finding of report.findings) {
|
|
74
|
+
if (!rules.has(finding.id)) {
|
|
75
|
+
rules.set(finding.id, {
|
|
76
|
+
id: finding.id,
|
|
77
|
+
name: finding.title,
|
|
78
|
+
shortDescription: {
|
|
79
|
+
text: finding.title
|
|
80
|
+
},
|
|
81
|
+
fullDescription: {
|
|
82
|
+
text: finding.message
|
|
83
|
+
},
|
|
84
|
+
help: {
|
|
85
|
+
text: finding.remediation
|
|
86
|
+
},
|
|
87
|
+
properties: {
|
|
88
|
+
shipcheckSeverity: finding.severity
|
|
89
|
+
}
|
|
90
|
+
});
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
const sarif = {
|
|
94
|
+
$schema: "https://json.schemastore.org/sarif-2.1.0.json",
|
|
95
|
+
version: "2.1.0",
|
|
96
|
+
runs: [
|
|
97
|
+
{
|
|
98
|
+
tool: {
|
|
99
|
+
driver: {
|
|
100
|
+
name: "Shipcheck",
|
|
101
|
+
informationUri: "https://tatelyman.github.io/tate-web-services/shipcheck.html",
|
|
102
|
+
rules: [...rules.values()]
|
|
103
|
+
}
|
|
104
|
+
},
|
|
105
|
+
results: report.findings.map((finding) => ({
|
|
106
|
+
ruleId: finding.id,
|
|
107
|
+
level: sarifLevel[finding.severity],
|
|
108
|
+
message: {
|
|
109
|
+
text: `${finding.message} Fix: ${finding.remediation}`
|
|
110
|
+
},
|
|
111
|
+
locations: [
|
|
112
|
+
{
|
|
113
|
+
physicalLocation: {
|
|
114
|
+
artifactLocation: {
|
|
115
|
+
uri: finding.file ?? "."
|
|
116
|
+
},
|
|
117
|
+
region: {
|
|
118
|
+
startLine: 1
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
}
|
|
122
|
+
],
|
|
123
|
+
properties: {
|
|
124
|
+
shipcheckSeverity: finding.severity
|
|
125
|
+
}
|
|
126
|
+
}))
|
|
127
|
+
}
|
|
128
|
+
]
|
|
129
|
+
};
|
|
130
|
+
return JSON.stringify(sarif, null, 2);
|
|
131
|
+
}
|
|
62
132
|
function renderTextFinding(finding) {
|
|
63
133
|
const lines = [
|
|
64
134
|
`[${finding.severity.toUpperCase()}] ${finding.title}`,
|
package/dist/src/format.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"format.js","sourceRoot":"","sources":["../../src/format.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"format.js","sourceRoot":"","sources":["../../src/format.ts"],"names":[],"mappings":"AAIA,MAAM,aAAa,GAA6B;IAC9C,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;IACV,IAAI,EAAE,MAAM;CACb,CAAC;AAEF,MAAM,UAAU,GAAmD;IACjE,IAAI,EAAE,OAAO;IACb,MAAM,EAAE,SAAS;IACjB,GAAG,EAAE,SAAS;IACd,IAAI,EAAE,MAAM;CACb,CAAC;AAEF,MAAM,UAAU,YAAY,CAAC,MAAkB,EAAE,MAAoB;IACnE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;IAED,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;QACvB,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,MAAM,KAAK,UAAU,EAAE,CAAC;QAC1B,OAAO,cAAc,CAAC,MAAM,CAAC,CAAC;IAChC,CAAC;IAED,OAAO,UAAU,CAAC,MAAM,CAAC,CAAC;AAC5B,CAAC;AAED,SAAS,UAAU,CAAC,MAAkB;IACpC,MAAM,KAAK,GAAG;QACZ,qBAAqB,MAAM,CAAC,IAAI,EAAE;QAClC,UAAU,MAAM,CAAC,KAAK,MAAM;QAC5B,WAAW,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,oBAAoB,MAAM,CAAC,MAAM,GAAG,EAAE;QACtE,aAAa,OAAO,CAAC,MAAM,CAAC,EAAE;QAC9B,EAAE;KACH,CAAC;IAEF,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QAChF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;AACpC,CAAC;AAED,SAAS,cAAc,CAAC,MAAkB;IACxC,MAAM,KAAK,GAAG;QACZ,oBAAoB;QACpB,EAAE;QACF,uBAAuB,MAAM,CAAC,IAAI,IAAI;QACtC,gBAAgB,MAAM,CAAC,KAAK,MAAM;QAClC,iBAAiB,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,aAAa,MAAM,CAAC,MAAM,cAAc,EAAE;QAChF,mBAAmB,OAAO,CAAC,MAAM,CAAC,EAAE;QACpC,EAAE;KACH,CAAC;IAEF,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;QAChF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;IAC9B,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG;YACf,OAAO,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,OAAO,CAAC,KAAK,EAAE;YAC1D,EAAE;YACF,eAAe,OAAO,CAAC,EAAE,IAAI;YAC7B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,iBAAiB,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,SAAS;YAC5D,kBAAkB,OAAO,CAAC,OAAO,EAAE;YACnC,cAAc,OAAO,CAAC,WAAW,EAAE;YACnC,EAAE;SACH,CAAC,MAAM,CAAC,CAAC,IAAI,EAAkB,EAAE,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;QAEvD,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;AACpC,CAAC;AAED,SAAS,WAAW,CAAC,MAAkB;IACrC,MAAM,KAAK,GAAG,IAAI,GAAG,EAOjB,CAAC;IAEL,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC;YAC3B,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,EAAE;gBACpB,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,IAAI,EAAE,OAAO,CAAC,KAAK;gBACnB,gBAAgB,EAAE;oBAChB,IAAI,EAAE,OAAO,CAAC,KAAK;iBACpB;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,OAAO,CAAC,OAAO;iBACtB;gBACD,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO,CAAC,WAAW;iBAC1B;gBACD,UAAU,EAAE;oBACV,iBAAiB,EAAE,OAAO,CAAC,QAAQ;iBACpC;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,OAAO,EAAE,+CAA+C;QACxD,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACJ;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,WAAW;wBACjB,cAAc,EAAE,8DAA8D;wBAC9E,KAAK,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;qBAC3B;iBACF;gBACD,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBACzC,MAAM,EAAE,OAAO,CAAC,EAAE;oBAClB,KAAK,EAAE,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC;oBACnC,OAAO,EAAE;wBACP,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,SAAS,OAAO,CAAC,WAAW,EAAE;qBACvD;oBACD,SAAS,EAAE;wBACT;4BACE,gBAAgB,EAAE;gCAChB,gBAAgB,EAAE;oCAChB,GAAG,EAAE,OAAO,CAAC,IAAI,IAAI,GAAG;iCACzB;gCACD,MAAM,EAAE;oCACN,SAAS,EAAE,CAAC;iCACb;6BACF;yBACF;qBACF;oBACD,UAAU,EAAE;wBACV,iBAAiB,EAAE,OAAO,CAAC,QAAQ;qBACpC;iBACF,CAAC,CAAC;aACJ;SACF;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC;AAED,SAAS,iBAAiB,CAAC,OAAgB;IACzC,MAAM,KAAK,GAAG;QACZ,IAAI,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,KAAK,EAAE;QACtD,SAAS,OAAO,CAAC,EAAE,EAAE;KACtB,CAAC;IAEF,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,KAAK,CAAC,IAAI,CAAC,WAAW,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACxC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC;IAC5C,KAAK,CAAC,IAAI,CAAC,UAAU,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;IAC5C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,OAAO,CAAC,MAAkB;IACjC,OAAO;QACL,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,OAAO;QAC5B,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,SAAS;QAChC,GAAG,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM;QAC1B,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,OAAO;KAC7B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,8 +1,16 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "shipcheck-cli",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"description": "Release-readiness and AI-app exposure scanner for JavaScript and TypeScript repositories.",
|
|
5
5
|
"type": "module",
|
|
6
|
+
"homepage": "https://tatelyman.github.io/tate-web-services/shipcheck.html",
|
|
7
|
+
"repository": {
|
|
8
|
+
"type": "git",
|
|
9
|
+
"url": "git+https://github.com/TateLyman/shipcheck-cli.git"
|
|
10
|
+
},
|
|
11
|
+
"bugs": {
|
|
12
|
+
"url": "https://github.com/TateLyman/shipcheck-cli/issues"
|
|
13
|
+
},
|
|
6
14
|
"bin": {
|
|
7
15
|
"shipcheck": "dist/src/cli.js"
|
|
8
16
|
},
|