subto 2.0.2 → 3.0.0

package/README.md

@@ -1,209 +1,16 @@
-# Subto.One
+# Subto CLI
 
-Comprehensive Website Analysis & AI Code Surgery - 100% Free Forever
+Install:
 
-## Features
-
-- **Deep Runtime Analysis**: Full Playwright-based crawling with JavaScript execution
-- **Network Interception**: Captures all requests, responses, and timing data
-- **Interaction Simulation**: Programmatically tests buttons, inputs, and interactive elements
-- **Lighthouse Integration**: Performance, accessibility, SEO, and best practices scoring
-- **SEO & Markup Validation**: W3C Validator, Google Mobile-Friendly Test integration
-- **Performance Testing**: Google PageSpeed, WebPageTest, GTmetrix integration
-- **Security Audit**: Mozilla Observatory, Security Headers, SSL Labs, Safe Browsing integration
-- **Malware Detection**: VirusTotal, Hybrid Analysis, URLScan.io support
-- **AI API Selection**: Ask AI to choose the best scanning API for your needs
-- **No-JS Differential**: Compares JS-enabled vs disabled behavior
-- **AI Code Surgeon**: Upload your code and get AI-powered fixes
-
-## Quick Start
-
-### Prerequisites
-
-- Node.js 18+
-- npm or yarn
-
-### Installation
-
-```bash
-# Install dependencies
-npm install
-
-# Install Playwright browsers
-npx playwright install chromium
-
-# Copy environment variables
-cp .env.example .env
-```
-
-### Configuration
-
-Edit `.env` and add your OpenRouter API key for AI features:
-
-```
-OPENROUTER_API_KEY=your_key_here
-```
-
-Get a free API key at [OpenRouter](https://openrouter.ai)
-
-### Optional API Keys
-
-Add these to your `.env` for enhanced scanning capabilities (all have generous free tiers):
-
-```
-# Performance & Speed (Scalable Free Options)
-GOOGLE_PAGESPEED_API_KEY=your_key      # Google PageSpeed Insights
-WEBPAGETEST_API_KEY=your_key           # WebPageTest (public instance available)
-GOOGLE_MOBILE_FRIENDLY_API_KEY=your_key # Google Mobile-Friendly Test
-
-# SEO & Markup Validation
-# W3C Markup Validator (no key needed)  # HTML validation for SEO
-
-# Security & Malware (No/Low Limits)
-VIRUSTOTAL_API_KEY=your_key            # VirusTotal (500 requests/day free)
-GOOGLE_SAFE_BROWSING_API_KEY=your_key  # Google Safe Browsing
-URLSCAN_API_KEY=your_key               # URLScan.io (free tier)
-HYBRID_ANALYSIS_API_KEY=your_key       # Hybrid Analysis (free tier)
-
-# Always Free (No API Keys Needed)
-# Mozilla Observatory, Security Headers, SSL Labs
-```
-
-All APIs have free tiers. See `.env.example` for details.
-
-### Running
-
-```bash
-# Development
-npm run dev
-
-# Production
-npm start
-```
-
-Visit `http://localhost:3000`
-
-## Architecture
-
-```
-quantumreasoning/
-├── public/                 # Frontend assets
-│   ├── index.html         # Single-page app
-│   ├── styles.css         # Exact styling spec
-│   └── app.js             # Frontend logic
-├── server/
-│   ├── index.js           # Express server + WebSocket
-│   └── modules/
-│       ├── scan-pipeline.js   # 7-phase analysis engine
-│       ├── ai-analyzer.js     # OpenRouter AI integration
-│       ├── file-manager.js    # Upload/ZIP handling
-│       └── data-store.js      # In-memory storage
-├── package.json
-└── .env.example
 ```
-
-## Scan Pipeline
-
-1. **Fetch Initial HTML** - Loads page with Playwright
-2. **Execute JavaScript Runtime** - Captures all JS files and builds AST
-3. **Intercept Network Requests** - Records all network activity
-4. **Simulate Interactions** - Hovers, clicks, types on interactive elements
-5. **Run Lighthouse** - Google PageSpeed Insights API
-6. **Audit Security** - Mozilla Observatory + OWASP checks
-7. **No-JS Differential** - Compares behavior without JavaScript
-
-## API Endpoints
-
-### Scan
-
-```
-POST /api/v1/scan
-Body: { "url": "https://subto.one" }
-Response: { "scanId": "uuid", "status": "started" }
-```
-
-Notes on queuing and rate limiting:
-
-- Concurrency limit: the server allows up to `MAX_CONCURRENT_SCANS` (default 50) scans to run concurrently.
-- If the server is at capacity, API clients can opt into an automatic queue by sending the header `X-Accept-Queue: true` with the POST request. In that case the request will be accepted and queued; the response will be `202 Accepted` with JSON `{ scanId, status: 'queued', queuePosition }`.
-- If the client does not opt into queuing and the server is at capacity, the API will return `429 Too Many Requests` with a short message instructing the client to retry or set `X-Accept-Queue: true`.
-- The UI automatically sets `X-Accept-Queue: true` and displays `Queuing` plus the user's position (e.g., `You are #3 in queue`).
-
-
-### Get Results
-
-```
-GET /api/v1/scan/:scanId
-Response: Full scan data
+npm install -g subto
 ```
 
-### AI Analysis
+Usage:
 
 ```
-POST /api/v1/ai/analyze
-Body: { "scanId": "uuid", "files": [...] }
-Response: { "summary": "...", "changes": [...] }
-```
-
-## File Upload
-
-### Supported Types
-- JavaScript: `.js`, `.ts`, `.jsx`, `.tsx`
-- Styles: `.css`, `.scss`
-- Markup: `.html`, `.vue`, `.svelte`
-- Data: `.json`, `.env`, `.md`
-
-### Limits
-- Single file: 50 MB max
-- Total upload: 250 MB max
-- File count: 5,000 files max
-
-### Excluded Folders
-- `node_modules/`
-- `.git/`
-- `.next/`, `dist/`, `build/`
-
-## AI Models (Free Tier)
-
-- **Default**: `deepseek/deepseek-r1:free`
-- **Code Analysis**: `qwen/qwen3-coder:free`
-- **Security**: `mistralai/devstral-small:free`
-
-### Rate Limits
-- 5 seconds between requests
-- 50 requests per day
-
-## Data Retention
-
-All scan data is automatically deleted after 24 hours. No user accounts required.
-
-## Security
-
-- No binary file uploads
-- Server-side validation even if client-side passes
-- Streaming uploads to disk, not memory
-- Directory traversal prevention
-- MIME type validation
-
-## License
-
-MIT
-
-## Deployment (Docker + nginx reverse-proxy)
-
-This repo includes a simple production-ready scaffold under `deploy/` that runs the Node app behind an nginx reverse-proxy which terminates TLS and forwards requests (including WebSocket upgrades) to the app.
-
-Quick local test (self-signed cert):
-
-```bash
-cd deploy
-./mk-self-signed.sh        # creates deploy/certs/fullchain.pem and privkey.pem
-docker compose up --build
+subto login      # store API key
+subto scan <url> # request a scan
 ```
 
-Production notes:
-- Use Node.js 22+ in your runtime (required by Lighthouse v13).
-- Terminate TLS at your load balancer (Cloud Load Balancer, nginx, etc.) and forward plain HTTP to the Node container.
-- Ensure WebSocket upgrades are forwarded by the proxy.
-- Provide secrets via environment variables or your hosting secret manager (do NOT commit secrets).
-
+This package is a production CLI; it intentionally omits development instructions.

package/bin/subto.js

@@ -0,0 +1,18 @@
+#!/usr/bin/env node
+/* CLI executable that runs the package's `run` function */
+try {
+  const mod = require('../index.js');
+  if (mod && typeof mod.run === 'function') {
+    // pass process.argv (node, script, ...user args)
+    mod.run(process.argv).catch(err => {
+      console.error('Error:', err && err.message ? err.message : String(err));
+      process.exit(1);
+    });
+  } else {
+    console.error('subto: CLI entrypoint not found.');
+    process.exit(1);
+  }
+} catch (err) {
+  console.error('subto: failed to start:', err && err.message ? err.message : String(err));
+  process.exit(1);
+}

package/dist/package/README.md

@@ -0,0 +1,108 @@
+# Subto CLI
+
+This folder contains the Subto command-line client which is a thin wrapper around the Subto.One API.
+
+Installation
+
+- Global (recommended via npm):
+
+```bash
+npm install -g subto-cli
+```
+
+- Or run locally from the `cli` folder during development:
+
+```bash
+cd cli
+npm install
+node bin/subto.js --help
+```
+
+Local testing (before publishing)
+
+- Link the package locally and test the installed command:
+
+```bash
+cd cli
+npm link
+subto --help
+```
+
+Commands
+
+- `subto login`
+  - Prompts for your API key and stores it in `~/.subto/config.json`.
+
+- `subto scan <url>`
+  - Requests a scan for `<url>` from the Subto API. Example body:
+
+```json
+{
+  "url": "https://example.com",
+  "source": "cli",
+  "client": { "name": "subto-cli", "version": "3.0.0" }
+}
+```
+
+Notes
+
+- The CLI calls the remote API and respects server-side rate limiting. If a rate limit is encountered the CLI prints a friendly message like:
+
+```
+Rate limit reached. Try again in X seconds.
+```
+
+- The API key is stored at `~/.subto/config.json` with restrictive permissions (0600).
+- The CLI never logs or prints API keys or other secrets.
+- The CLI never performs website scanning locally — it only calls the remote API.
+
+- `--wait` flag: block and poll until the scan completes
+
+Example:
+
+```bash
+subto scan https://example.com --wait
+```
+
+This will poll the server every 5 seconds (respecting `Retry-After`) and display queue position, progress percentage and stages as provided by the API, then print the full JSON result when finished.
+
+Default behavior
+
+- By default the CLI will automatically poll when the server immediately returns a queued/started response. If you prefer to return immediately, use `--no-wait`.
+
+Example (do not wait):
+
+```bash
+subto scan https://example.com --no-wait
+```
+
+Publishing the CLI
+
+Exact steps to publish (do not run automatically):
+
+```bash
+npm login
+npm publish
+```
+
+Pre-publish check
+
+The package runs a `prepublishOnly` script which verifies `bin/subto.js` exists and that the `bin` mapping is correct. The script also attempts to set the executable bit on the entry file.
+
+API docs section (link)
+
+See the bundled API docs excerpt for the Subto CLI in `./docs/cli-section.md`.
+
+Download
+
+After publishing or packing, a distributable tarball will be available under `./dist/` e.g.:
+
+```
+./dist/subto-3.0.0.tgz
+```
+
+You can download that file directly and install locally with:
+
+```bash
+npm install -g ./dist/subto-3.0.0.tgz
+```

package/dist/package/docs/cli-section.md

@@ -0,0 +1,27 @@
+## Subto CLI
+
+Installation
+
+- Install via npm:
+
+```
+npm install -g subto-cli
+```
+
+Commands
+
+- `subto login`
+  - Prompts for your API key and stores it in `~/.subto/config.json`.
+
+- `subto scan <url>`
+  - Requests a scan for `<url>` from the Subto API.
+
+Notes
+
+- The CLI calls the remote API and respects server-side rate limiting. If a rate limit is encountered the CLI prints a friendly message like:
+
+```
+Rate limit reached. Try again in X seconds.
+```
+
+- For more information and installation help see `/cli/README.md` in this repository.

package/{cli → dist/package}/index.js

@@ -1,4 +1,3 @@
-#!/usr/bin/env node
 /* Subto CLI implementation */
 const { Command } = require('commander');
 const fs = require('fs').promises;
@@ -12,83 +11,7 @@ const chalk = (_chalk && _chalk.default) ? _chalk.default : _chalk;
 const CONFIG_DIR = path.join(os.homedir(), '.subto');
 const CONFIG_PATH = path.join(CONFIG_DIR, 'config.json');
 const DEFAULT_API_BASE = 'https://subto.one';
-const CLIENT_META = { name: 'subto-cli', version: '0.1.6' };
-
-// Simple terminal UI helper (no extra deps) for polished spinner/progress
-class TerminalUI {
-  constructor() {
-    this.frames = ['⠋','⠙','⠹','⠸','⠼','⠴','⠦','⠧','⠇','⠏'];
-    this.i = 0;
-    this.timer = null;
-    this.visible = false;
-    this.lastRenderLines = 0;
-  }
-
-  start(message) {
-    if (!process.stdout.isTTY) { console.log(message); return; }
-    this.visible = true;
-    this.message = message || '';
-    this._render();
-    this.timer = setInterval(() => { this.i = (this.i + 1) % this.frames.length; this._render(); }, 80);
-  }
-
-  update(state) {
-    this.state = Object.assign({}, this.state, state);
-    if (this.visible) this._render();
-  }
-
-  stop() {
-    if (this.timer) clearInterval(this.timer);
-    this.timer = null;
-    if (this.visible && process.stdout.isTTY) {
-      // clear previous render
-      for (let j = 0; j < this.lastRenderLines; j++) {
-        readline.clearLine(process.stdout, 0);
-        readline.cursorTo(process.stdout, 0);
-        if (j < this.lastRenderLines - 1) process.stdout.write('\u001b[1A');
-      }
-      this.visible = false;
-    }
-  }
-
-  _render() {
-    const out = [];
-    const spin = this.frames[this.i];
-    const title = this.message || '';
-    const status = this.state && this.state.status ? String(this.state.status) : '';
-    const stage = this.state && this.state.stage ? String(this.state.stage) : '';
-    const qpos = this.state && (this.state.queuePosition !== undefined) ? `Queue: ${this.state.queuePosition}` : '';
-    const progress = (this.state && (this.state.progress !== undefined)) ? Number(this.state.progress) : null;
-
-    // Build a compact progress bar
-    let bar = '';
-    if (progress !== null && !Number.isNaN(progress)) {
-      const pct = Math.max(0, Math.min(100, Math.round(progress)));
-      const width = 30;
-      const filled = Math.round((pct / 100) * width);
-      bar = '[' + chalk.cyan('='.repeat(filled)) + chalk.dim('-'.repeat(width - filled)) + `] ${pct}%`;
-    }
-
-    out.push(`${chalk.bold.cyan(spin)} ${chalk.bold(title)}`);
-    if (status) out.push(`${chalk.green('Status:')} ${status}`);
-    if (stage) out.push(`${chalk.dim('Stage:')} ${stage}`);
-    if (qpos) out.push(chalk.magenta(qpos));
-    if (bar) out.push(bar);
-
-    // Erase previous
-    if (process.stdout.isTTY) {
-      for (let j = 0; j < this.lastRenderLines; j++) {
-        readline.clearLine(process.stdout, 0);
-        readline.cursorTo(process.stdout, 0);
-        process.stdout.write('\u001b[1A');
-      }
-    }
-
-    const payload = out.join('\n') + '\n';
-    process.stdout.write(payload);
-    this.lastRenderLines = payload.split('\n').length;
-  }
-}
+const CLIENT_META = { name: 'subto-cli', version: '3.0.0' };
 
 function configFilePath() { return CONFIG_PATH; }
 
@@ -148,7 +71,7 @@ async function postScan(url, apiKey) {
   const body = { url, source: 'cli', client: CLIENT_META };
   const fetchFn = global.fetch;
   if (typeof fetchFn !== 'function') throw new Error('Global fetch() is not available in this Node runtime. Use Node 18+');
-  const res = await fetchFn(endpoint, { method: 'POST', headers: { 'Content-Type': 'application/json', 'Accept': 'application/json', 'Authorization': `Bearer ${apiKey}`, 'User-Agent': `${CLIENT_META.name}/${CLIENT_META.version}` }, body: JSON.stringify(body) });
+  const res = await fetchFn(endpoint, { method: 'POST', headers: { 'Content-Type': 'application/json', 'Authorization': `Bearer ${apiKey}`, 'User-Agent': `${CLIENT_META.name}/${CLIENT_META.version}` }, body: JSON.stringify(body) });
   const text = await res.text();
   let data = null; try { data = text ? JSON.parse(text) : null; } catch (e) { data = text; }
   return { status: res.status, headers: res.headers, body: data };
@@ -156,26 +79,19 @@ async function postScan(url, apiKey) {
 
 function printScanSummary(obj) {
   if (!obj || typeof obj !== 'object') { console.log(obj); return; }
-  const rows = [];
-  if (obj.id) rows.push(['ID', obj.id]);
-  if (obj.url) rows.push(['URL', obj.url]);
-  if (obj.status) rows.push(['Status', obj.status]);
-  if (obj.createdAt) rows.push(['Created', obj.createdAt]);
-  if (obj.summary) rows.push(['Summary', obj.summary]);
-  const extra = Object.keys(obj).filter(k => !['id','url','status','createdAt','summary'].includes(k));
-  if (extra.length) rows.push(['Additional', extra.join(', ')]);
-
-  const labelWidth = Math.max(...rows.map(r => r[0].length), 0);
-  console.log(chalk.bgBlue.black(' SCAN ') + ' ' + chalk.bold('Summary'));
-  for (const [label, value] of rows) {
-    const padded = label.padEnd(labelWidth);
-    console.log(chalk.green(` ${padded}:`) + ' ' + chalk.white(String(value)));
-  }
+  console.log(chalk.bold('Scan result:'));
+  if (obj.id) console.log(chalk.green('  ID:') + ' ' + obj.id);
+  if (obj.url) console.log(chalk.green('  URL:') + ' ' + obj.url);
+  if (obj.status) console.log(chalk.green('  Status:') + ' ' + obj.status);
+  if (obj.createdAt) console.log(chalk.green('  Created:') + ' ' + obj.createdAt);
+  if (obj.summary) console.log(chalk.green('  Summary:') + ' ' + obj.summary);
+  const keys = Object.keys(obj).filter(k => !['id','url','status','createdAt','summary'].includes(k));
+  if (keys.length) console.log(chalk.dim('  Additional keys: ' + keys.join(', ')));
 }
 
 async function run(argv) {
   const program = new Command();
-  program.name('subto').description('Subto CLI — wrapper around Subto.One API').version(CLIENT_META.version || '0.1.0');
+  program.name('subto').description('Subto CLI — wrapper around Subto.One API').version(CLIENT_META.version || '3.0.0');
 
   program.command('login').description('Store your API key in ~/.subto/config.json').action(async () => {
     try {
@@ -191,7 +107,6 @@ async function run(argv) {
     .command('scan <url>')
     .description('Request a scan for <url> via the Subto API')
     .option('--json', 'Output raw JSON')
-    .option('--full', 'When available, fetch offloaded large results (GCS) and print them')
     .option('--wait', 'Poll for completion and show progress')
     .option('--no-wait', 'Do not poll; return immediately')
     .action(async (url, opts) => {
@@ -222,16 +137,6 @@ async function run(argv) {
           return;
         }
 
-        // If server already returned full structured results (not HTML), show them
-        if (!shouldPoll && resp.body && typeof resp.body === 'object') {
-          // Heuristic: if response contains detailed scan fields, print full JSON
-          const hasDetailed = resp.body.results || resp.body.audits || resp.body.performance || resp.body.overview || resp.body.summary;
-          if (hasDetailed) {
-            console.log(JSON.stringify(resp.body, null, 2));
-            return;
-          }
-        }
-
         // If we should poll, poll the scan resource until completion and print progress.
         if (shouldPoll) {
           const scanId = (resp.body && (resp.body.scanId || resp.body.id || resp.body.scan_id));
@@ -246,8 +151,7 @@ async function run(argv) {
 
           const sleep = ms => new Promise(r => setTimeout(r, ms));
           let interval = 5000;
-          const ui = new TerminalUI();
-          ui.start('Queued scan. Polling for progress...');
+          console.log(chalk.blue('Queued scan. Polling for progress...'));
 
           let recheckedAfterTerminal = false;
           while (true) {
@@ -266,14 +170,14 @@ async function run(argv) {
             try { data = await r.json(); } catch (e) { data = null; }
 
             if (data) {
-              ui.update({
-                queuePosition: data.queuePosition,
-                progress: data.progress !== undefined ? data.progress : (data.lastProgress || data.progress),
-                status: data.status || '',
-                stage: data.stage || ''
-              });
+              if (data.queuePosition !== undefined) console.log(chalk.cyan('Queue position:'), data.queuePosition);
+              if (data.progress !== undefined) console.log(chalk.cyan('Progress:'), String(data.progress) + '%');
+              const rawStatus = data.status !== undefined && data.status !== null ? String(data.status) : '';
+              const displayStatus = rawStatus.trim();
+              if (displayStatus) console.log(chalk.cyan('Status:'), displayStatus);
+              if (data.stage) console.log(chalk.dim('Stage:'), data.stage);
             } else {
-              ui.update({ status: 'waiting for server...' });
+              console.log(chalk.dim('Waiting for server response...'));
             }
 
             const statusStr = data && data.status ? String(data.status).toLowerCase().trim() : '';
@@ -287,85 +191,13 @@ async function run(argv) {
               const hasPayload = payloadKeys.length > 0;
               if (!hasPayload && !recheckedAfterTerminal) {
                 recheckedAfterTerminal = true;
-                ui.update({ status: 'finalizing results...' });
+                console.log(chalk.yellow('Status is terminal but results not yet available — rechecking shortly...'));
                 await new Promise(r => setTimeout(r, 2000));
                 continue; // loop will fetch again
               }
-              // render final state then stop UI
-              ui.update({ status: 'completed', progress: 100 });
-              ui.stop();
-
-              console.log('\n' + chalk.bgGreen.black(' DONE ') + ' ' + chalk.bold('Scan finished. Full results:') + '\n');
-
-              // If user asked for full and results were offloaded to GCS, try fetching that
-              if (opts.full && data && (data.resultsGcsPath || (data.results && data.results.resultsGcsPath))) {
-                try {
-                  const gcsPath = data.resultsGcsPath || (data.results && data.results.resultsGcsPath);
-                  const publicUrl = (gcsPath || '').replace(/^gs:\/\//, 'https://storage.googleapis.com/');
-                  console.log(chalk.cyan('Fetching offloaded results from:'), publicUrl);
-                  const r2 = await fetchFn(publicUrl, { headers: { 'User-Agent': `${CLIENT_META.name}/${CLIENT_META.version}` } });
-                  if (r2.ok) {
-                    const txt = await r2.text();
-                    try { const parsed = JSON.parse(txt); console.log(JSON.stringify(parsed, null, 2)); } catch (e) { console.log(txt); }
-                    return;
-                  } else {
-                    console.log(chalk.yellow('Could not fetch offloaded results; status:'), r2.status);
-                  }
-                } catch (e) {
-                  console.log(chalk.yellow('Failed to fetch offloaded results:'), e && e.message ? e.message : e);
-                }
-              }
-
-              // Print video URL if present (prefer a canonical URL)
-              try {
-                const vid = (data && data.results && data.results.videoUrl) || data.videoUrl || (data && data.video);
-                if (vid && typeof vid === 'string' && vid.startsWith('http')) {
-                  console.log(chalk.cyan('Video URL:'), vid);
-                }
-              } catch (e) {}
-
-              // Sanitize large HTML blobs from output and print a concise summary.
-              function sanitize(obj) {
-                try {
-                  const cloned = JSON.parse(JSON.stringify(obj));
-                  const htmlKeys = ['html','mainHtml','pageHtml','fullHtml','renderedHtml','fetchedHtml','documentHtml','bodyHtml','responseBody'];
-                  const walk = (o) => {
-                    if (!o || typeof o !== 'object') return;
-                    for (const k of Object.keys(o)) {
-                      const v = o[k];
-                      if (typeof v === 'string') {
-                        const lowered = k.toLowerCase();
-                        if (htmlKeys.includes(lowered) || (v.length > 1024 && /<\/?html|<!doctype html/i.test(v))) {
-                          o[k] = `-- omitted HTML (length: ${v.length}) --`;
-                        } else if (v.length > 2000) {
-                          o[k] = v.slice(0, 2000) + `... (truncated, total ${v.length} chars)`;
-                        }
-                      } else if (typeof v === 'object') {
-                        walk(v);
-                      }
-                    }
-                  };
-                  walk(cloned);
-                  return cloned;
-                } catch (e) { return obj; }
-              }
-
-              // Attempt to print a short human-friendly summary if available
-              try {
-                const summaryParts = [];
-                const results = data && (data.results || data); // support both shapes
-                if (results.performance || results.perf || results.performanceScore) {
-                  const p = results.performance || results.perf || results.performanceScore;
-                  summaryParts.push(`Performance: ${p}`);
-                }
-                if (results.accessibility) summaryParts.push(`Accessibility: ${results.accessibility}`);
-                if (results.seo) summaryParts.push(`SEO: ${results.seo}`);
-                if (results.bestPractices || results.best_practices) summaryParts.push(`Best Practices: ${results.bestPractices || results.best_practices}`);
-                if (results.security || results.securityGrade) summaryParts.push(`Security: ${results.security || results.securityGrade}`);
-                if (summaryParts.length) console.log(chalk.bold('Summary:'), summaryParts.join(' • '));
-              } catch (e) {}
 
-              console.log(JSON.stringify(sanitize(data), null, 2));
+              console.log(chalk.green('Scan finished. Full results:'));
+              console.log(JSON.stringify(data, null, 2));
               return;
             }