toolip 1.0.5 → 1.0.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/dist/src/commands/alternatives.d.ts +0 -2
- package/dist/src/commands/alternatives.js +0 -17
- package/dist/src/commands/alternatives.js.map +0 -1
- package/dist/src/commands/compare.d.ts +0 -2
- package/dist/src/commands/compare.js +0 -19
- package/dist/src/commands/compare.js.map +0 -1
- package/dist/src/commands/doctor.d.ts +0 -2
- package/dist/src/commands/doctor.js +0 -42
- package/dist/src/commands/doctor.js.map +0 -1
- package/dist/src/commands/git-audit.d.ts +0 -2
- package/dist/src/commands/git-audit.js +0 -37
- package/dist/src/commands/git-audit.js.map +0 -1
- package/dist/src/commands/hook.d.ts +0 -2
- package/dist/src/commands/hook.js +0 -16
- package/dist/src/commands/hook.js.map +0 -1
- package/dist/src/commands/inspect.d.ts +0 -2
- package/dist/src/commands/inspect.js +0 -24
- package/dist/src/commands/inspect.js.map +0 -1
- package/dist/src/commands/learn.d.ts +0 -2
- package/dist/src/commands/learn.js +0 -42
- package/dist/src/commands/learn.js.map +0 -1
- package/dist/src/commands/licenses.d.ts +0 -2
- package/dist/src/commands/licenses.js +0 -40
- package/dist/src/commands/licenses.js.map +0 -1
- package/dist/src/commands/pre-commit.d.ts +0 -2
- package/dist/src/commands/pre-commit.js +0 -37
- package/dist/src/commands/pre-commit.js.map +0 -1
- package/dist/src/commands/profile.d.ts +0 -2
- package/dist/src/commands/profile.js +0 -18
- package/dist/src/commands/profile.js.map +0 -1
- package/dist/src/commands/scan.d.ts +0 -2
- package/dist/src/commands/scan.js +0 -48
- package/dist/src/commands/scan.js.map +0 -1
- package/dist/src/commands/score.d.ts +0 -2
- package/dist/src/commands/score.js +0 -24
- package/dist/src/commands/score.js.map +0 -1
- package/dist/src/commands/self-test.d.ts +0 -2
- package/dist/src/commands/self-test.js +0 -63
- package/dist/src/commands/self-test.js.map +0 -1
- package/dist/src/commands/tree.d.ts +0 -2
- package/dist/src/commands/tree.js +0 -21
- package/dist/src/commands/tree.js.map +0 -1
- package/dist/src/commands/vault.d.ts +0 -2
- package/dist/src/commands/vault.js +0 -86
- package/dist/src/commands/vault.js.map +0 -1
- package/dist/src/config/version.d.ts +0 -6
- package/dist/src/config/version.js +0 -7
- package/dist/src/config/version.js.map +0 -1
- package/dist/src/core/alternatives.d.ts +0 -8
- package/dist/src/core/alternatives.js +0 -35
- package/dist/src/core/alternatives.js.map +0 -1
- package/dist/src/core/analyze-package.d.ts +0 -2
- package/dist/src/core/analyze-package.js +0 -49
- package/dist/src/core/analyze-package.js.map +0 -1
- package/dist/src/core/compare-packages.d.ts +0 -7
- package/dist/src/core/compare-packages.js +0 -19
- package/dist/src/core/compare-packages.js.map +0 -1
- package/dist/src/core/dependency-scan.d.ts +0 -17
- package/dist/src/core/dependency-scan.js +0 -70
- package/dist/src/core/dependency-scan.js.map +0 -1
- package/dist/src/core/dependency-tree.d.ts +0 -16
- package/dist/src/core/dependency-tree.js +0 -19
- package/dist/src/core/dependency-tree.js.map +0 -1
- package/dist/src/core/dependency-types.d.ts +0 -17
- package/dist/src/core/dependency-types.js +0 -2
- package/dist/src/core/dependency-types.js.map +0 -1
- package/dist/src/core/file-walker.d.ts +0 -6
- package/dist/src/core/file-walker.js +0 -27
- package/dist/src/core/file-walker.js.map +0 -1
- package/dist/src/core/git-audit.d.ts +0 -12
- package/dist/src/core/git-audit.js +0 -111
- package/dist/src/core/git-audit.js.map +0 -1
- package/dist/src/core/hooks.d.ts +0 -1
- package/dist/src/core/hooks.js +0 -14
- package/dist/src/core/hooks.js.map +0 -1
- package/dist/src/core/learn.d.ts +0 -11
- package/dist/src/core/learn.js +0 -163
- package/dist/src/core/learn.js.map +0 -1
- package/dist/src/core/license-analysis.d.ts +0 -18
- package/dist/src/core/license-analysis.js +0 -98
- package/dist/src/core/license-analysis.js.map +0 -1
- package/dist/src/core/load-toolip-ignore.d.ts +0 -5
- package/dist/src/core/load-toolip-ignore.js +0 -35
- package/dist/src/core/load-toolip-ignore.js.map +0 -1
- package/dist/src/core/npm-registry.d.ts +0 -3
- package/dist/src/core/npm-registry.js +0 -5
- package/dist/src/core/npm-registry.js.map +0 -1
- package/dist/src/core/pre-commit.d.ts +0 -11
- package/dist/src/core/pre-commit.js +0 -22
- package/dist/src/core/pre-commit.js.map +0 -1
- package/dist/src/core/profile-project.d.ts +0 -23
- package/dist/src/core/profile-project.js +0 -119
- package/dist/src/core/profile-project.js.map +0 -1
- package/dist/src/core/read-dependencies.d.ts +0 -2
- package/dist/src/core/read-dependencies.js +0 -24
- package/dist/src/core/read-dependencies.js.map +0 -1
- package/dist/src/core/report-writer.d.ts +0 -5
- package/dist/src/core/report-writer.js +0 -61
- package/dist/src/core/report-writer.js.map +0 -1
- package/dist/src/core/report.d.ts +0 -34
- package/dist/src/core/report.js +0 -26
- package/dist/src/core/report.js.map +0 -1
- package/dist/src/core/risk-score.d.ts +0 -5
- package/dist/src/core/risk-score.js +0 -14
- package/dist/src/core/risk-score.js.map +0 -1
- package/dist/src/core/scanner-context.d.ts +0 -12
- package/dist/src/core/scanner-context.js +0 -27
- package/dist/src/core/scanner-context.js.map +0 -1
- package/dist/src/core/score.d.ts +0 -13
- package/dist/src/core/score.js +0 -44
- package/dist/src/core/score.js.map +0 -1
- package/dist/src/core/security-doctor.d.ts +0 -12
- package/dist/src/core/security-doctor.js +0 -106
- package/dist/src/core/security-doctor.js.map +0 -1
- package/dist/src/core/security-patterns.d.ts +0 -14
- package/dist/src/core/security-patterns.js +0 -130
- package/dist/src/core/security-patterns.js.map +0 -1
- package/dist/src/core/typosquat.d.ts +0 -6
- package/dist/src/core/typosquat.js +0 -50
- package/dist/src/core/typosquat.js.map +0 -1
- package/dist/src/core/vault.d.ts +0 -48
- package/dist/src/core/vault.js +0 -127
- package/dist/src/core/vault.js.map +0 -1
- package/dist/src/errors/toolip-error.d.ts +0 -8
- package/dist/src/errors/toolip-error.js +0 -11
- package/dist/src/errors/toolip-error.js.map +0 -1
- package/dist/src/index.d.ts +0 -2
- package/dist/src/index.js +0 -51
- package/dist/src/index.js.map +0 -1
- package/dist/src/utils/error-handler.d.ts +0 -1
- package/dist/src/utils/error-handler.js +0 -24
- package/dist/src/utils/error-handler.js.map +0 -1
- package/dist/src/utils/output.d.ts +0 -6
- package/dist/src/utils/output.js +0 -72
- package/dist/src/utils/output.js.map +0 -1
- package/dist/src/utils/package-output.d.ts +0 -4
- package/dist/src/utils/package-output.js +0 -40
- package/dist/src/utils/package-output.js.map +0 -1
|
@@ -1,86 +0,0 @@
|
|
|
1
|
-
import chalk from 'chalk';
|
|
2
|
-
import { deleteSecret, exportEnv, getSecret, initVault, listSecrets, setSecret } from '../core/vault.js';
|
|
3
|
-
export function registerVaultCommand(program) {
|
|
4
|
-
const vault = program
|
|
5
|
-
.command('vault')
|
|
6
|
-
.description('Manage encrypted local secrets with Toolip Vault.');
|
|
7
|
-
vault
|
|
8
|
-
.command('init')
|
|
9
|
-
.description('Initialize an encrypted local vault.')
|
|
10
|
-
.requiredOption('--password <password>', 'Master password.')
|
|
11
|
-
.action(async (options) => {
|
|
12
|
-
await initVault(options.password);
|
|
13
|
-
console.log(`${chalk.green('✓')} Toolip Vault initialized.`);
|
|
14
|
-
});
|
|
15
|
-
vault
|
|
16
|
-
.command('set <key> <value>')
|
|
17
|
-
.description('Store or update a secret.')
|
|
18
|
-
.option('--env <env>', 'Secret environment.', 'development')
|
|
19
|
-
.requiredOption('--password <password>', 'Master password.')
|
|
20
|
-
.action(async (key, value, options) => {
|
|
21
|
-
await setSecret({
|
|
22
|
-
key,
|
|
23
|
-
value,
|
|
24
|
-
env: options.env,
|
|
25
|
-
masterPassword: options.password
|
|
26
|
-
});
|
|
27
|
-
console.log(`${chalk.green('✓')} Stored ${key} for ${options.env}.`);
|
|
28
|
-
});
|
|
29
|
-
vault
|
|
30
|
-
.command('get <key>')
|
|
31
|
-
.description('Retrieve a secret value.')
|
|
32
|
-
.option('--env <env>', 'Secret environment.', 'development')
|
|
33
|
-
.requiredOption('--password <password>', 'Master password.')
|
|
34
|
-
.action(async (key, options) => {
|
|
35
|
-
const secret = await getSecret({
|
|
36
|
-
key,
|
|
37
|
-
env: options.env,
|
|
38
|
-
masterPassword: options.password
|
|
39
|
-
});
|
|
40
|
-
console.log(secret.value);
|
|
41
|
-
});
|
|
42
|
-
vault
|
|
43
|
-
.command('list')
|
|
44
|
-
.description('List secret names without revealing values.')
|
|
45
|
-
.option('--env <env>', 'Filter by environment.')
|
|
46
|
-
.requiredOption('--password <password>', 'Master password.')
|
|
47
|
-
.action(async (options) => {
|
|
48
|
-
const secrets = await listSecrets({
|
|
49
|
-
env: options.env,
|
|
50
|
-
masterPassword: options.password
|
|
51
|
-
});
|
|
52
|
-
if (secrets.length === 0) {
|
|
53
|
-
console.log(chalk.yellow('No secrets found.'));
|
|
54
|
-
return;
|
|
55
|
-
}
|
|
56
|
-
for (const secret of secrets) {
|
|
57
|
-
console.log(`${chalk.green('✓')} ${secret.key} ${chalk.dim(`(${secret.env})`)}`);
|
|
58
|
-
}
|
|
59
|
-
});
|
|
60
|
-
vault
|
|
61
|
-
.command('delete <key>')
|
|
62
|
-
.description('Delete a secret.')
|
|
63
|
-
.option('--env <env>', 'Secret environment.', 'development')
|
|
64
|
-
.requiredOption('--password <password>', 'Master password.')
|
|
65
|
-
.action(async (key, options) => {
|
|
66
|
-
const deleted = await deleteSecret({
|
|
67
|
-
key,
|
|
68
|
-
env: options.env,
|
|
69
|
-
masterPassword: options.password
|
|
70
|
-
});
|
|
71
|
-
console.log(deleted ? `${chalk.green('✓')} Deleted ${key}.` : chalk.yellow(`No secret found for ${key}.`));
|
|
72
|
-
});
|
|
73
|
-
vault
|
|
74
|
-
.command('export')
|
|
75
|
-
.description('Export secrets as shell-compatible environment lines.')
|
|
76
|
-
.option('--env <env>', 'Filter by environment.')
|
|
77
|
-
.requiredOption('--password <password>', 'Master password.')
|
|
78
|
-
.action(async (options) => {
|
|
79
|
-
const output = await exportEnv({
|
|
80
|
-
env: options.env,
|
|
81
|
-
masterPassword: options.password
|
|
82
|
-
});
|
|
83
|
-
console.log(output);
|
|
84
|
-
});
|
|
85
|
-
}
|
|
86
|
-
//# sourceMappingURL=vault.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"vault.js","sourceRoot":"","sources":["../../../src/commands/vault.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EACL,YAAY,EACZ,SAAS,EACT,SAAS,EACT,SAAS,EACT,WAAW,EACX,SAAS,EACV,MAAM,kBAAkB,CAAC;AAE1B,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,MAAM,KAAK,GAAG,OAAO;SAClB,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,mDAAmD,CAAC,CAAC;IAEpE,KAAK;SACF,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,sCAAsC,CAAC;SACnD,cAAc,CAAC,uBAAuB,EAAE,kBAAkB,CAAC;SAC3D,MAAM,CAAC,KAAK,EAAE,OAA6B,EAAE,EAAE;QAC9C,MAAM,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEL,KAAK;SACF,OAAO,CAAC,mBAAmB,CAAC;SAC5B,WAAW,CAAC,2BAA2B,CAAC;SACxC,MAAM,CAAC,aAAa,EAAE,qBAAqB,EAAE,aAAa,CAAC;SAC3D,cAAc,CAAC,uBAAuB,EAAE,kBAAkB,CAAC;SAC3D,MAAM,CAAC,KAAK,EAAE,GAAW,EAAE,KAAa,EAAE,OAA0C,EAAE,EAAE;QACvF,MAAM,SAAS,CAAC;YACd,GAAG;YACH,KAAK;YACL,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,cAAc,EAAE,OAAO,CAAC,QAAQ;SACjC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,GAAG,QAAQ,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC;IACvE,CAAC,CAAC,CAAC;IAEL,KAAK;SACF,OAAO,CAAC,WAAW,CAAC;SACpB,WAAW,CAAC,0BAA0B,CAAC;SACvC,MAAM,CAAC,aAAa,EAAE,qBAAqB,EAAE,aAAa,CAAC;SAC3D,cAAc,CAAC,uBAAuB,EAAE,kBAAkB,CAAC;SAC3D,MAAM,CAAC,KAAK,EAAE,GAAW,EAAE,OAA0C,EAAE,EAAE;QACxE,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC;YAC7B,GAAG;YACH,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,cAAc,EAAE,OAAO,CAAC,QAAQ;SACjC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEL,KAAK;SACF,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,6CAA6C,CAAC;SAC1D,MAAM,CAAC,aAAa,EAAE,wBAAwB,CAAC;SAC/C,cAAc,CAAC,uBAAuB,EAAE,kBAAkB,CAAC;SAC3D,MAAM,CAAC,KAAK,EAAE,OAA2C,EAAE,EAAE;QAC5D,MAAM,OAAO,GAAG,MAAM,WAAW,CAAC;YAChC,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,cAAc,EAAE,OAAO,CAAC,QAAQ;SACjC,CAAC,CAAC;QAEH,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC;YAC/C,OAAO;QACT,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;QACnF,CAAC;IACH,CAAC,CAAC,CAAC;IAEL,KAAK;SACF,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,kBAAkB,CAAC;SAC/B,MAAM,CAAC,aAAa,EAAE,qBAAqB,EAAE,aAAa,CAAC;SAC3D,cAAc,CAAC,uBAAuB,EAAE,kBAAkB,CAAC;SAC3D,MAAM,CAAC,KAAK,EAAE,GAAW,EAAE,OAA0C,EAAE,EAAE;QACxE,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC;YACjC,GAAG;YACH,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,cAAc,EAAE,OAAO,CAAC,QAAQ;SACjC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,uBAAuB,GAAG,GAAG,CAAC,CAAC,CAAC;IAC7G,CAAC,CAAC,CAAC;IAEL,KAAK;SACF,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,uDAAuD,CAAC;SACpE,MAAM,CAAC,aAAa,EAAE,wBAAwB,CAAC;SAC/C,cAAc,CAAC,uBAAuB,EAAE,kBAAkB,CAAC;SAC3D,MAAM,CAAC,KAAK,EAAE,OAA2C,EAAE,EAAE;QAC5D,MAAM,MAAM,GAAG,MAAM,SAAS,CAAC;YAC7B,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,cAAc,EAAE,OAAO,CAAC,QAAQ;SACjC,CAAC,CAAC;QAEH,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC,CAAC,CAAC;AACP,CAAC"}
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"version.js","sourceRoot":"","sources":["../../../src/config/version.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,cAAc,GAAG,OAAO,CAAC;AAEtC,MAAM,CAAC,MAAM,aAAa,GAAG;IAC3B,IAAI,EAAE,qBAAqB;IAC3B,MAAM,EAAE,QAAQ;IAChB,MAAM,EAAE,2BAA2B;CACpC,CAAC"}
|
|
@@ -1,35 +0,0 @@
|
|
|
1
|
-
const alternativeMap = {
|
|
2
|
-
request: [
|
|
3
|
-
{ name: 'got', reason: 'Modern HTTP client with active maintenance and strong Node.js support.' },
|
|
4
|
-
{ name: 'undici', reason: 'Fast official Node.js HTTP client maintained under the Node.js project.' },
|
|
5
|
-
{ name: 'axios', reason: 'Popular promise-based HTTP client with broad ecosystem adoption.' }
|
|
6
|
-
],
|
|
7
|
-
'node-fetch': [
|
|
8
|
-
{ name: 'undici', reason: 'Native fetch-compatible HTTP client for modern Node.js.' },
|
|
9
|
-
{ name: 'ky', reason: 'Small fetch-based client for browser and modern JavaScript workflows.' }
|
|
10
|
-
],
|
|
11
|
-
moment: [
|
|
12
|
-
{ name: 'dayjs', reason: 'Small Moment-compatible API with lower bundle size.' },
|
|
13
|
-
{ name: 'date-fns', reason: 'Modular date utilities with tree-shaking support.' },
|
|
14
|
-
{ name: 'luxon', reason: 'Modern date-time library from the Moment maintainers.' }
|
|
15
|
-
],
|
|
16
|
-
lodash: [
|
|
17
|
-
{ name: 'lodash-es', reason: 'ES module build with better tree-shaking.' },
|
|
18
|
-
{ name: 'radash', reason: 'Modern utility library with TypeScript-friendly APIs.' }
|
|
19
|
-
],
|
|
20
|
-
uuid: [
|
|
21
|
-
{ name: 'crypto.randomUUID', reason: 'Built into modern Node.js and avoids an extra dependency where suitable.' }
|
|
22
|
-
]
|
|
23
|
-
};
|
|
24
|
-
export function findAlternatives(packageName) {
|
|
25
|
-
return {
|
|
26
|
-
package: packageName,
|
|
27
|
-
alternatives: alternativeMap[packageName] ?? [
|
|
28
|
-
{
|
|
29
|
-
name: 'No curated alternative yet',
|
|
30
|
-
reason: 'Toolip does not have a curated replacement for this package yet. Inspect maintenance, license, downloads, and dependency count manually.'
|
|
31
|
-
}
|
|
32
|
-
]
|
|
33
|
-
};
|
|
34
|
-
}
|
|
35
|
-
//# sourceMappingURL=alternatives.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"alternatives.js","sourceRoot":"","sources":["../../../src/core/alternatives.ts"],"names":[],"mappings":"AAQA,MAAM,cAAc,GAAuD;IACzE,OAAO,EAAE;QACP,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,EAAE,wEAAwE,EAAE;QACjG,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,yEAAyE,EAAE;QACrG,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,kEAAkE,EAAE;KAC9F;IACD,YAAY,EAAE;QACZ,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,yDAAyD,EAAE;QACrF,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,uEAAuE,EAAE;KAChG;IACD,MAAM,EAAE;QACN,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,qDAAqD,EAAE;QAChF,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,mDAAmD,EAAE;QACjF,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,uDAAuD,EAAE;KACnF;IACD,MAAM,EAAE;QACN,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,EAAE,2CAA2C,EAAE;QAC1E,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,uDAAuD,EAAE;KACpF;IACD,IAAI,EAAE;QACJ,EAAE,IAAI,EAAE,mBAAmB,EAAE,MAAM,EAAE,0EAA0E,EAAE;KAClH;CACF,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,WAAmB;IAClD,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,YAAY,EAAE,cAAc,CAAC,WAAW,CAAC,IAAI;YAC3C;gBACE,IAAI,EAAE,4BAA4B;gBAClC,MAAM,EAAE,0IAA0I;aACnJ;SACF;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1,49 +0,0 @@
|
|
|
1
|
-
import semver from 'semver';
|
|
2
|
-
import { fetchPackageManifest } from './npm-registry.js';
|
|
3
|
-
import { calculateRiskScore } from './risk-score.js';
|
|
4
|
-
function cleanInstalledVersion(version) {
|
|
5
|
-
if (version === 'latest')
|
|
6
|
-
return null;
|
|
7
|
-
return semver.coerce(version)?.version ?? null;
|
|
8
|
-
}
|
|
9
|
-
function isOutdated(installedVersion, latestVersion) {
|
|
10
|
-
const cleanedInstalledVersion = cleanInstalledVersion(installedVersion);
|
|
11
|
-
if (!cleanedInstalledVersion || !latestVersion) {
|
|
12
|
-
return false;
|
|
13
|
-
}
|
|
14
|
-
const cleanedLatestVersion = semver.coerce(latestVersion)?.version;
|
|
15
|
-
if (!cleanedLatestVersion) {
|
|
16
|
-
return false;
|
|
17
|
-
}
|
|
18
|
-
return semver.lt(cleanedInstalledVersion, cleanedLatestVersion);
|
|
19
|
-
}
|
|
20
|
-
export async function analyzePackage(dependency) {
|
|
21
|
-
const manifest = await fetchPackageManifest(dependency.name);
|
|
22
|
-
const latestVersion = typeof manifest.version === 'string' ? manifest.version : null;
|
|
23
|
-
const publishedDate = manifest.time && latestVersion ? manifest.time[latestVersion] ?? null : null;
|
|
24
|
-
const ageInDays = publishedDate
|
|
25
|
-
? Math.floor((Date.now() - new Date(publishedDate).getTime()) /
|
|
26
|
-
(1000 * 60 * 60 * 24))
|
|
27
|
-
: null;
|
|
28
|
-
const maintainers = Array.isArray(manifest.maintainers)
|
|
29
|
-
? manifest.maintainers.length
|
|
30
|
-
: 0;
|
|
31
|
-
const deprecated = Boolean(manifest.deprecated);
|
|
32
|
-
return {
|
|
33
|
-
name: dependency.name,
|
|
34
|
-
installedVersion: dependency.version,
|
|
35
|
-
latestVersion,
|
|
36
|
-
outdated: isOutdated(dependency.version, latestVersion),
|
|
37
|
-
deprecated,
|
|
38
|
-
maintainers,
|
|
39
|
-
publishedAt: publishedDate,
|
|
40
|
-
ageInDays,
|
|
41
|
-
downloads: null,
|
|
42
|
-
riskScore: calculateRiskScore({
|
|
43
|
-
deprecated,
|
|
44
|
-
maintainers,
|
|
45
|
-
ageInDays
|
|
46
|
-
})
|
|
47
|
-
};
|
|
48
|
-
}
|
|
49
|
-
//# sourceMappingURL=analyze-package.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"analyze-package.js","sourceRoot":"","sources":["../../../src/core/analyze-package.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AACzD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAGrD,SAAS,qBAAqB,CAAC,OAAe;IAC5C,IAAI,OAAO,KAAK,QAAQ;QAAE,OAAO,IAAI,CAAC;IACtC,OAAO,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,OAAO,IAAI,IAAI,CAAC;AACjD,CAAC;AAED,SAAS,UAAU,CAAC,gBAAwB,EAAE,aAA4B;IACxE,MAAM,uBAAuB,GAAG,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;IAExE,IAAI,CAAC,uBAAuB,IAAI,CAAC,aAAa,EAAE,CAAC;QAC/C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,oBAAoB,GAAG,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,OAAO,CAAC;IAEnE,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,MAAM,CAAC,EAAE,CAAC,uBAAuB,EAAE,oBAAoB,CAAC,CAAC;AAClE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,UAA0B;IAE1B,MAAM,QAAQ,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,OAAO,QAAQ,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IAErF,MAAM,aAAa,GACjB,QAAQ,CAAC,IAAI,IAAI,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;IAE/E,MAAM,SAAS,GAAG,aAAa;QAC7B,CAAC,CAAC,IAAI,CAAC,KAAK,CACR,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC;YAC9C,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CACxB;QACH,CAAC,CAAC,IAAI,CAAC;IAET,MAAM,WAAW,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;QACrD,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,MAAM;QAC7B,CAAC,CAAC,CAAC,CAAC;IAEN,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAEhD,OAAO;QACL,IAAI,EAAE,UAAU,CAAC,IAAI;QACrB,gBAAgB,EAAE,UAAU,CAAC,OAAO;QACpC,aAAa;QACb,QAAQ,EAAE,UAAU,CAAC,UAAU,CAAC,OAAO,EAAE,aAAa,CAAC;QACvD,UAAU;QACV,WAAW;QACX,WAAW,EAAE,aAAa;QAC1B,SAAS;QACT,SAAS,EAAE,IAAI;QACf,SAAS,EAAE,kBAAkB,CAAC;YAC5B,UAAU;YACV,WAAW;YACX,SAAS;SACV,CAAC;KACH,CAAC;AACJ,CAAC"}
|
|
@@ -1,7 +0,0 @@
|
|
|
1
|
-
import type { PackageHealth } from './dependency-types.js';
|
|
2
|
-
export type PackageComparison = {
|
|
3
|
-
packages: PackageHealth[];
|
|
4
|
-
safest: PackageHealth | null;
|
|
5
|
-
riskiest: PackageHealth | null;
|
|
6
|
-
};
|
|
7
|
-
export declare function comparePackages(packageNames: string[]): Promise<PackageComparison>;
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
import { analyzePackage } from './analyze-package.js';
|
|
2
|
-
function asDependency(packageName) {
|
|
3
|
-
return {
|
|
4
|
-
name: packageName,
|
|
5
|
-
version: 'latest',
|
|
6
|
-
type: 'dependency'
|
|
7
|
-
};
|
|
8
|
-
}
|
|
9
|
-
export async function comparePackages(packageNames) {
|
|
10
|
-
const uniqueNames = [...new Set(packageNames.map((name) => name.trim()).filter(Boolean))];
|
|
11
|
-
const packages = await Promise.all(uniqueNames.map((packageName) => analyzePackage(asDependency(packageName))));
|
|
12
|
-
const sortedByRisk = [...packages].sort((a, b) => a.riskScore - b.riskScore);
|
|
13
|
-
return {
|
|
14
|
-
packages,
|
|
15
|
-
safest: sortedByRisk[0] ?? null,
|
|
16
|
-
riskiest: sortedByRisk.at(-1) ?? null
|
|
17
|
-
};
|
|
18
|
-
}
|
|
19
|
-
//# sourceMappingURL=compare-packages.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"compare-packages.js","sourceRoot":"","sources":["../../../src/core/compare-packages.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAStD,SAAS,YAAY,CAAC,WAAmB;IACvC,OAAO;QACL,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,QAAQ;QACjB,IAAI,EAAE,YAAY;KACnB,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,YAAsB;IAC1D,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IAE1F,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAChC,WAAW,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC,cAAc,CAAC,YAAY,CAAC,WAAW,CAAC,CAAC,CAAC,CAC5E,CAAC;IAEF,MAAM,YAAY,GAAG,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;IAE7E,OAAO;QACL,QAAQ;QACR,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,IAAI;QAC/B,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI;KACtC,CAAC;AACJ,CAAC"}
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
import type { PackageHealth } from './dependency-types.js';
|
|
2
|
-
import type { ToolipFinding } from './report.js';
|
|
3
|
-
export type DependencyScanResult = {
|
|
4
|
-
packages: PackageHealth[];
|
|
5
|
-
findings: ToolipFinding[];
|
|
6
|
-
summary: {
|
|
7
|
-
totalDependencies: number;
|
|
8
|
-
outdated: number;
|
|
9
|
-
deprecated: number;
|
|
10
|
-
highRisk: number;
|
|
11
|
-
mediumRisk: number;
|
|
12
|
-
lowRisk: number;
|
|
13
|
-
averageRiskScore: number;
|
|
14
|
-
};
|
|
15
|
-
};
|
|
16
|
-
export declare function scanDependencies(root: string): Promise<DependencyScanResult>;
|
|
17
|
-
export declare function packageToFindings(pkg: PackageHealth): ToolipFinding[];
|
|
@@ -1,70 +0,0 @@
|
|
|
1
|
-
import { readDependencies } from './read-dependencies.js';
|
|
2
|
-
import { analyzePackage } from './analyze-package.js';
|
|
3
|
-
export async function scanDependencies(root) {
|
|
4
|
-
const dependencies = await readDependencies(root);
|
|
5
|
-
const packages = await Promise.all(dependencies.map((dependency) => analyzePackage(dependency)));
|
|
6
|
-
const findings = packages.flatMap(packageToFindings);
|
|
7
|
-
return {
|
|
8
|
-
packages,
|
|
9
|
-
findings,
|
|
10
|
-
summary: {
|
|
11
|
-
totalDependencies: packages.length,
|
|
12
|
-
outdated: packages.filter((pkg) => pkg.outdated).length,
|
|
13
|
-
deprecated: packages.filter((pkg) => pkg.deprecated).length,
|
|
14
|
-
highRisk: packages.filter((pkg) => pkg.riskScore >= 70).length,
|
|
15
|
-
mediumRisk: packages.filter((pkg) => pkg.riskScore >= 40 && pkg.riskScore < 70).length,
|
|
16
|
-
lowRisk: packages.filter((pkg) => pkg.riskScore > 0 && pkg.riskScore < 40).length,
|
|
17
|
-
averageRiskScore: packages.length === 0
|
|
18
|
-
? 0
|
|
19
|
-
: Math.round(packages.reduce((total, pkg) => total + pkg.riskScore, 0) / packages.length)
|
|
20
|
-
}
|
|
21
|
-
};
|
|
22
|
-
}
|
|
23
|
-
export function packageToFindings(pkg) {
|
|
24
|
-
const findings = [];
|
|
25
|
-
if (pkg.deprecated) {
|
|
26
|
-
findings.push({
|
|
27
|
-
id: `TOOLIP-DEP-DEPRECATED-${pkg.name.toUpperCase().replaceAll(/[^A-Z0-9]/g, '-')}`,
|
|
28
|
-
title: `Deprecated package: ${pkg.name}`,
|
|
29
|
-
severity: 'high',
|
|
30
|
-
category: 'supply-chain',
|
|
31
|
-
message: `${pkg.name} is marked as deprecated on the npm registry.`,
|
|
32
|
-
recommendation: 'Replace deprecated packages with maintained alternatives and review migration notes.',
|
|
33
|
-
evidence: pkg.latestVersion ?? undefined
|
|
34
|
-
});
|
|
35
|
-
}
|
|
36
|
-
if (pkg.outdated) {
|
|
37
|
-
findings.push({
|
|
38
|
-
id: `TOOLIP-DEP-OUTDATED-${pkg.name.toUpperCase().replaceAll(/[^A-Z0-9]/g, '-')}`,
|
|
39
|
-
title: `Outdated package: ${pkg.name}`,
|
|
40
|
-
severity: 'medium',
|
|
41
|
-
category: 'supply-chain',
|
|
42
|
-
message: `${pkg.name} appears outdated. Installed: ${pkg.installedVersion}. Latest: ${pkg.latestVersion ?? 'unknown'}.`,
|
|
43
|
-
recommendation: 'Upgrade the package after checking changelogs, breaking changes, and test coverage.',
|
|
44
|
-
evidence: `${pkg.installedVersion} -> ${pkg.latestVersion ?? 'unknown'}`
|
|
45
|
-
});
|
|
46
|
-
}
|
|
47
|
-
if (pkg.maintainers === 0) {
|
|
48
|
-
findings.push({
|
|
49
|
-
id: `TOOLIP-DEP-NO-MAINTAINERS-${pkg.name.toUpperCase().replaceAll(/[^A-Z0-9]/g, '-')}`,
|
|
50
|
-
title: `No visible maintainers: ${pkg.name}`,
|
|
51
|
-
severity: 'medium',
|
|
52
|
-
category: 'supply-chain',
|
|
53
|
-
message: `${pkg.name} has no visible maintainer metadata from the registry response.`,
|
|
54
|
-
recommendation: 'Review package ownership, repository activity, and whether a better-maintained alternative exists.'
|
|
55
|
-
});
|
|
56
|
-
}
|
|
57
|
-
if (pkg.ageInDays !== null && pkg.ageInDays > 730) {
|
|
58
|
-
findings.push({
|
|
59
|
-
id: `TOOLIP-DEP-STALE-${pkg.name.toUpperCase().replaceAll(/[^A-Z0-9]/g, '-')}`,
|
|
60
|
-
title: `Possibly stale package: ${pkg.name}`,
|
|
61
|
-
severity: 'low',
|
|
62
|
-
category: 'supply-chain',
|
|
63
|
-
message: `${pkg.name} has not had a detected latest publish in more than two years.`,
|
|
64
|
-
recommendation: 'Confirm whether the package is intentionally stable or abandoned before relying on it.',
|
|
65
|
-
evidence: `${pkg.ageInDays} days`
|
|
66
|
-
});
|
|
67
|
-
}
|
|
68
|
-
return findings;
|
|
69
|
-
}
|
|
70
|
-
//# sourceMappingURL=dependency-scan.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"dependency-scan.js","sourceRoot":"","sources":["../../../src/core/dependency-scan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAkBtD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,IAAY;IACjD,MAAM,YAAY,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,GAAG,CAChC,YAAY,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC,CAC7D,CAAC;IAEF,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,CAAC,iBAAiB,CAAC,CAAC;IAErD,OAAO;QACL,QAAQ;QACR,QAAQ;QACR,OAAO,EAAE;YACP,iBAAiB,EAAE,QAAQ,CAAC,MAAM;YAClC,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,MAAM;YACvD,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,MAAM;YAC3D,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,MAAM;YAC9D,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,IAAI,EAAE,IAAI,GAAG,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC,MAAM;YACtF,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,SAAS,GAAG,CAAC,IAAI,GAAG,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC,MAAM;YACjF,gBAAgB,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;gBACrC,CAAC,CAAC,CAAC;gBACH,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,CAAC,KAAK,GAAG,GAAG,CAAC,SAAS,EAAE,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,CAAC;SAC5F;KACF,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,iBAAiB,CAAC,GAAkB;IAClD,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,IAAI,GAAG,CAAC,UAAU,EAAE,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,yBAAyB,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;YACnF,KAAK,EAAE,uBAAuB,GAAG,CAAC,IAAI,EAAE;YACxC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,+CAA+C;YACnE,cAAc,EAAE,sFAAsF;YACtG,QAAQ,EAAE,GAAG,CAAC,aAAa,IAAI,SAAS;SACzC,CAAC,CAAC;IACL,CAAC;IAED,IAAI,GAAG,CAAC,QAAQ,EAAE,CAAC;QACjB,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,uBAAuB,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;YACjF,KAAK,EAAE,qBAAqB,GAAG,CAAC,IAAI,EAAE;YACtC,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,iCAAiC,GAAG,CAAC,gBAAgB,aAAa,GAAG,CAAC,aAAa,IAAI,SAAS,GAAG;YACvH,cAAc,EAAE,qFAAqF;YACrG,QAAQ,EAAE,GAAG,GAAG,CAAC,gBAAgB,OAAO,GAAG,CAAC,aAAa,IAAI,SAAS,EAAE;SACzE,CAAC,CAAC;IACL,CAAC;IAED,IAAI,GAAG,CAAC,WAAW,KAAK,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,6BAA6B,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;YACvF,KAAK,EAAE,2BAA2B,GAAG,CAAC,IAAI,EAAE;YAC5C,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,iEAAiE;YACrF,cAAc,EAAE,oGAAoG;SACrH,CAAC,CAAC;IACL,CAAC;IAED,IAAI,GAAG,CAAC,SAAS,KAAK,IAAI,IAAI,GAAG,CAAC,SAAS,GAAG,GAAG,EAAE,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,oBAAoB,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;YAC9E,KAAK,EAAE,2BAA2B,GAAG,CAAC,IAAI,EAAE;YAC5C,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,GAAG,GAAG,CAAC,IAAI,gEAAgE;YACpF,cAAc,EAAE,wFAAwF;YACxG,QAAQ,EAAE,GAAG,GAAG,CAAC,SAAS,OAAO;SAClC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1,16 +0,0 @@
|
|
|
1
|
-
export type DependencyTreeNode = {
|
|
2
|
-
name: string;
|
|
3
|
-
version: string;
|
|
4
|
-
type: 'dependency' | 'devDependency';
|
|
5
|
-
children: DependencyTreeNode[];
|
|
6
|
-
};
|
|
7
|
-
export type DependencyTree = {
|
|
8
|
-
root: string;
|
|
9
|
-
dependencies: DependencyTreeNode[];
|
|
10
|
-
summary: {
|
|
11
|
-
direct: number;
|
|
12
|
-
transitive: number;
|
|
13
|
-
maxDepth: number;
|
|
14
|
-
};
|
|
15
|
-
};
|
|
16
|
-
export declare function buildDependencyTree(root: string): Promise<DependencyTree>;
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
import { readDependencies } from './read-dependencies.js';
|
|
2
|
-
export async function buildDependencyTree(root) {
|
|
3
|
-
const dependencies = await readDependencies(root);
|
|
4
|
-
return {
|
|
5
|
-
root,
|
|
6
|
-
dependencies: dependencies.map((dependency) => ({
|
|
7
|
-
name: dependency.name,
|
|
8
|
-
version: dependency.version,
|
|
9
|
-
type: dependency.type,
|
|
10
|
-
children: []
|
|
11
|
-
})),
|
|
12
|
-
summary: {
|
|
13
|
-
direct: dependencies.length,
|
|
14
|
-
transitive: 0,
|
|
15
|
-
maxDepth: dependencies.length > 0 ? 1 : 0
|
|
16
|
-
}
|
|
17
|
-
};
|
|
18
|
-
}
|
|
19
|
-
//# sourceMappingURL=dependency-tree.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"dependency-tree.js","sourceRoot":"","sources":["../../../src/core/dependency-tree.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAmB1D,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,IAAY;IACpD,MAAM,YAAY,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAElD,OAAO;QACL,IAAI;QACJ,YAAY,EAAE,YAAY,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;YAC9C,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,OAAO,EAAE,UAAU,CAAC,OAAO;YAC3B,IAAI,EAAE,UAAU,CAAC,IAAI;YACrB,QAAQ,EAAE,EAAE;SACb,CAAC,CAAC;QACH,OAAO,EAAE;YACP,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,UAAU,EAAE,CAAC;YACb,QAAQ,EAAE,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;SAC1C;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1,17 +0,0 @@
|
|
|
1
|
-
export type DependencyInfo = {
|
|
2
|
-
name: string;
|
|
3
|
-
version: string;
|
|
4
|
-
type: 'dependency' | 'devDependency';
|
|
5
|
-
};
|
|
6
|
-
export type PackageHealth = {
|
|
7
|
-
name: string;
|
|
8
|
-
latestVersion: string | null;
|
|
9
|
-
installedVersion: string;
|
|
10
|
-
outdated: boolean;
|
|
11
|
-
deprecated: boolean;
|
|
12
|
-
maintainers: number;
|
|
13
|
-
publishedAt: string | null;
|
|
14
|
-
ageInDays: number | null;
|
|
15
|
-
downloads: number | null;
|
|
16
|
-
riskScore: number;
|
|
17
|
-
};
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"dependency-types.js","sourceRoot":"","sources":["../../../src/core/dependency-types.ts"],"names":[],"mappings":""}
|
|
@@ -1,27 +0,0 @@
|
|
|
1
|
-
import path from 'node:path';
|
|
2
|
-
import fg from 'fast-glob';
|
|
3
|
-
import { loadToolipIgnore } from './load-toolip-ignore.js';
|
|
4
|
-
export async function walkProjectFiles(root) {
|
|
5
|
-
const absoluteRoot = path.resolve(root);
|
|
6
|
-
const toolipIgnore = await loadToolipIgnore(absoluteRoot);
|
|
7
|
-
const entries = await fg(['**/*'], {
|
|
8
|
-
cwd: absoluteRoot,
|
|
9
|
-
dot: true,
|
|
10
|
-
onlyFiles: true,
|
|
11
|
-
unique: true,
|
|
12
|
-
followSymbolicLinks: false,
|
|
13
|
-
ignore: toolipIgnore.patterns
|
|
14
|
-
});
|
|
15
|
-
return entries
|
|
16
|
-
.map((entry) => {
|
|
17
|
-
const absolutePath = path.join(absoluteRoot, entry);
|
|
18
|
-
return {
|
|
19
|
-
absolutePath,
|
|
20
|
-
relativePath: entry.replaceAll('\\', '/'),
|
|
21
|
-
extension: path.extname(entry).replace('.', '').toLowerCase()
|
|
22
|
-
};
|
|
23
|
-
})
|
|
24
|
-
.filter((file) => !toolipIgnore.ignores(file.absolutePath))
|
|
25
|
-
.sort((a, b) => a.relativePath.localeCompare(b.relativePath));
|
|
26
|
-
}
|
|
27
|
-
//# sourceMappingURL=file-walker.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"file-walker.js","sourceRoot":"","sources":["../../../src/core/file-walker.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,WAAW,CAAC;AAC3B,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAQ3D,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,IAAY;IACjD,MAAM,YAAY,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,YAAY,GAAG,MAAM,gBAAgB,CAAC,YAAY,CAAC,CAAC;IAE1D,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,CAAC,MAAM,CAAC,EAAE;QACjC,GAAG,EAAE,YAAY;QACjB,GAAG,EAAE,IAAI;QACT,SAAS,EAAE,IAAI;QACf,MAAM,EAAE,IAAI;QACZ,mBAAmB,EAAE,KAAK;QAC1B,MAAM,EAAE,YAAY,CAAC,QAAQ;KAC9B,CAAC,CAAC;IAEH,OAAO,OAAO;SACX,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE;QACb,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,KAAK,CAAC,CAAC;QACpD,OAAO;YACL,YAAY;YACZ,YAAY,EAAE,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,GAAG,CAAC;YACzC,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE;SAC9D,CAAC;IACJ,CAAC,CAAC;SACD,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,YAAY,CAAC,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;SAC1D,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,aAAa,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC;AAClE,CAAC"}
|
|
@@ -1,12 +0,0 @@
|
|
|
1
|
-
import type { ToolipFinding } from './report.js';
|
|
2
|
-
export type GitAuditResult = {
|
|
3
|
-
findings: ToolipFinding[];
|
|
4
|
-
summary: {
|
|
5
|
-
filesChecked: number;
|
|
6
|
-
dangerousFiles: number;
|
|
7
|
-
gitignorePresent: boolean;
|
|
8
|
-
envIgnored: boolean;
|
|
9
|
-
pemIgnored: boolean;
|
|
10
|
-
};
|
|
11
|
-
};
|
|
12
|
-
export declare function runGitAudit(root: string): Promise<GitAuditResult>;
|
|
@@ -1,111 +0,0 @@
|
|
|
1
|
-
import { access, readFile } from 'node:fs/promises';
|
|
2
|
-
import path from 'node:path';
|
|
3
|
-
import { walkProjectFiles } from './file-walker.js';
|
|
4
|
-
const dangerousFilePatterns = [
|
|
5
|
-
{
|
|
6
|
-
id: 'ENV-FILE',
|
|
7
|
-
regex: /(^|\/)\.env(\.|$|\/)?/i,
|
|
8
|
-
title: '.env file present',
|
|
9
|
-
severity: 'high',
|
|
10
|
-
message: 'A .env-style file exists in the project tree.',
|
|
11
|
-
recommendation: 'Keep .env files local, ensure they are ignored, and never commit real secrets.'
|
|
12
|
-
},
|
|
13
|
-
{
|
|
14
|
-
id: 'PEM-FILE',
|
|
15
|
-
regex: /\.pem$/i,
|
|
16
|
-
title: 'PEM file present',
|
|
17
|
-
severity: 'critical',
|
|
18
|
-
message: 'A PEM key file exists in the project tree.',
|
|
19
|
-
recommendation: 'Remove private key files from the repository and rotate affected credentials.'
|
|
20
|
-
},
|
|
21
|
-
{
|
|
22
|
-
id: 'KEY-FILE',
|
|
23
|
-
regex: /\.(key|p12|pfx)$/i,
|
|
24
|
-
title: 'Key/certificate file present',
|
|
25
|
-
severity: 'critical',
|
|
26
|
-
message: 'A key or certificate-like file exists in the project tree.',
|
|
27
|
-
recommendation: 'Do not store key material in source repositories.'
|
|
28
|
-
}
|
|
29
|
-
];
|
|
30
|
-
export async function runGitAudit(root) {
|
|
31
|
-
const files = await walkProjectFiles(root);
|
|
32
|
-
const relativePaths = files.map((file) => file.relativePath);
|
|
33
|
-
const gitignorePath = path.join(root, '.gitignore');
|
|
34
|
-
const gitignorePresent = await exists(gitignorePath);
|
|
35
|
-
const gitignoreContent = gitignorePresent ? await readFile(gitignorePath, 'utf8') : '';
|
|
36
|
-
const findings = [];
|
|
37
|
-
for (const file of relativePaths) {
|
|
38
|
-
for (const pattern of dangerousFilePatterns) {
|
|
39
|
-
if (!pattern.regex.test(file))
|
|
40
|
-
continue;
|
|
41
|
-
findings.push({
|
|
42
|
-
id: `TOOLIP-GIT-${pattern.id}-${file.toUpperCase().replaceAll(/[^A-Z0-9]/g, '-')}`,
|
|
43
|
-
title: pattern.title,
|
|
44
|
-
severity: pattern.severity,
|
|
45
|
-
category: 'git-security',
|
|
46
|
-
message: pattern.message,
|
|
47
|
-
recommendation: pattern.recommendation,
|
|
48
|
-
file
|
|
49
|
-
});
|
|
50
|
-
}
|
|
51
|
-
}
|
|
52
|
-
const envIgnored = ignoresPattern(gitignoreContent, '.env') || ignoresPattern(gitignoreContent, '.env.*');
|
|
53
|
-
const pemIgnored = ignoresPattern(gitignoreContent, '*.pem') || ignoresPattern(gitignoreContent, '.pem');
|
|
54
|
-
if (!gitignorePresent) {
|
|
55
|
-
findings.push({
|
|
56
|
-
id: 'TOOLIP-GIT-MISSING-GITIGNORE',
|
|
57
|
-
title: 'Missing .gitignore',
|
|
58
|
-
severity: 'medium',
|
|
59
|
-
category: 'git-security',
|
|
60
|
-
message: 'No .gitignore file was found.',
|
|
61
|
-
recommendation: 'Add a .gitignore file that excludes secrets, build output, dependencies, and local machine files.'
|
|
62
|
-
});
|
|
63
|
-
}
|
|
64
|
-
if (gitignorePresent && !envIgnored) {
|
|
65
|
-
findings.push({
|
|
66
|
-
id: 'TOOLIP-GIT-ENV-NOT-IGNORED',
|
|
67
|
-
title: '.env files may not be ignored',
|
|
68
|
-
severity: 'high',
|
|
69
|
-
category: 'git-security',
|
|
70
|
-
message: '.gitignore does not appear to ignore .env files.',
|
|
71
|
-
recommendation: 'Add .env and .env.* to .gitignore while allowing a safe .env.example.'
|
|
72
|
-
});
|
|
73
|
-
}
|
|
74
|
-
if (gitignorePresent && !pemIgnored) {
|
|
75
|
-
findings.push({
|
|
76
|
-
id: 'TOOLIP-GIT-PEM-NOT-IGNORED',
|
|
77
|
-
title: 'PEM files may not be ignored',
|
|
78
|
-
severity: 'medium',
|
|
79
|
-
category: 'git-security',
|
|
80
|
-
message: '.gitignore does not appear to ignore PEM files.',
|
|
81
|
-
recommendation: 'Add *.pem and other key material patterns to .gitignore.'
|
|
82
|
-
});
|
|
83
|
-
}
|
|
84
|
-
return {
|
|
85
|
-
findings,
|
|
86
|
-
summary: {
|
|
87
|
-
filesChecked: files.length,
|
|
88
|
-
dangerousFiles: findings.filter((finding) => finding.file).length,
|
|
89
|
-
gitignorePresent,
|
|
90
|
-
envIgnored,
|
|
91
|
-
pemIgnored
|
|
92
|
-
}
|
|
93
|
-
};
|
|
94
|
-
}
|
|
95
|
-
async function exists(filePath) {
|
|
96
|
-
try {
|
|
97
|
-
await access(filePath);
|
|
98
|
-
return true;
|
|
99
|
-
}
|
|
100
|
-
catch {
|
|
101
|
-
return false;
|
|
102
|
-
}
|
|
103
|
-
}
|
|
104
|
-
function ignoresPattern(gitignore, pattern) {
|
|
105
|
-
return gitignore
|
|
106
|
-
.split('\n')
|
|
107
|
-
.map((line) => line.trim())
|
|
108
|
-
.filter(Boolean)
|
|
109
|
-
.some((line) => line === pattern || line.includes(pattern));
|
|
110
|
-
}
|
|
111
|
-
//# sourceMappingURL=git-audit.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"git-audit.js","sourceRoot":"","sources":["../../../src/core/git-audit.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAcpD,MAAM,qBAAqB,GAAG;IAC5B;QACE,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,wBAAwB;QAC/B,KAAK,EAAE,mBAAmB;QAC1B,QAAQ,EAAE,MAAe;QACzB,OAAO,EAAE,+CAA+C;QACxD,cAAc,EAAE,gFAAgF;KACjG;IACD;QACE,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,SAAS;QAChB,KAAK,EAAE,kBAAkB;QACzB,QAAQ,EAAE,UAAmB;QAC7B,OAAO,EAAE,4CAA4C;QACrD,cAAc,EAAE,+EAA+E;KAChG;IACD;QACE,EAAE,EAAE,UAAU;QACd,KAAK,EAAE,mBAAmB;QAC1B,KAAK,EAAE,8BAA8B;QACrC,QAAQ,EAAE,UAAmB;QAC7B,OAAO,EAAE,4DAA4D;QACrE,cAAc,EAAE,mDAAmD;KACpE;CACF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,IAAY;IAC5C,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC3C,MAAM,aAAa,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC7D,MAAM,aAAa,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACpD,MAAM,gBAAgB,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;IACrD,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,CAAC,CAAC,MAAM,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEvF,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;QACjC,KAAK,MAAM,OAAO,IAAI,qBAAqB,EAAE,CAAC;YAC5C,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,SAAS;YAExC,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,cAAc,OAAO,CAAC,EAAE,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,YAAY,EAAE,GAAG,CAAC,EAAE;gBAClF,KAAK,EAAE,OAAO,CAAC,KAAK;gBACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,cAAc;gBACxB,OAAO,EAAE,OAAO,CAAC,OAAO;gBACxB,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,IAAI;aACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAAG,cAAc,CAAC,gBAAgB,EAAE,MAAM,CAAC,IAAI,cAAc,CAAC,gBAAgB,EAAE,QAAQ,CAAC,CAAC;IAC1G,MAAM,UAAU,GAAG,cAAc,CAAC,gBAAgB,EAAE,OAAO,CAAC,IAAI,cAAc,CAAC,gBAAgB,EAAE,MAAM,CAAC,CAAC;IAEzG,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,8BAA8B;YAClC,KAAK,EAAE,oBAAoB;YAC3B,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,+BAA+B;YACxC,cAAc,EAAE,mGAAmG;SACpH,CAAC,CAAC;IACL,CAAC;IAED,IAAI,gBAAgB,IAAI,CAAC,UAAU,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,4BAA4B;YAChC,KAAK,EAAE,+BAA+B;YACtC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,kDAAkD;YAC3D,cAAc,EAAE,uEAAuE;SACxF,CAAC,CAAC;IACL,CAAC;IAED,IAAI,gBAAgB,IAAI,CAAC,UAAU,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,4BAA4B;YAChC,KAAK,EAAE,8BAA8B;YACrC,QAAQ,EAAE,QAAQ;YAClB,QAAQ,EAAE,cAAc;YACxB,OAAO,EAAE,iDAAiD;YAC1D,cAAc,EAAE,0DAA0D;SAC3E,CAAC,CAAC;IACL,CAAC;IAED,OAAO;QACL,QAAQ;QACR,OAAO,EAAE;YACP,YAAY,EAAE,KAAK,CAAC,MAAM;YAC1B,cAAc,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,MAAM;YACjE,gBAAgB;YAChB,UAAU;YACV,UAAU;SACX;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,MAAM,CAAC,QAAgB;IACpC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,QAAQ,CAAC,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,SAAiB,EAAE,OAAe;IACxD,OAAO,SAAS;SACb,KAAK,CAAC,IAAI,CAAC;SACX,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;SAC1B,MAAM,CAAC,OAAO,CAAC;SACf,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,KAAK,OAAO,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;AAChE,CAAC"}
|
package/dist/src/core/hooks.d.ts
DELETED
|
@@ -1 +0,0 @@
|
|
|
1
|
-
export declare function installPreCommitHook(root: string): Promise<string>;
|
package/dist/src/core/hooks.js
DELETED
|
@@ -1,14 +0,0 @@
|
|
|
1
|
-
import { mkdir, writeFile, chmod } from 'node:fs/promises';
|
|
2
|
-
import path from 'node:path';
|
|
3
|
-
export async function installPreCommitHook(root) {
|
|
4
|
-
const hooksDir = path.join(root, '.git', 'hooks');
|
|
5
|
-
const hookPath = path.join(hooksDir, 'pre-commit');
|
|
6
|
-
await mkdir(hooksDir, { recursive: true });
|
|
7
|
-
await writeFile(hookPath, `#!/bin/sh
|
|
8
|
-
echo "Running Toolip pre-commit checks..."
|
|
9
|
-
npx toolip pre-commit
|
|
10
|
-
`, 'utf8');
|
|
11
|
-
await chmod(hookPath, 0o755);
|
|
12
|
-
return hookPath;
|
|
13
|
-
}
|
|
14
|
-
//# sourceMappingURL=hooks.js.map
|
|
@@ -1 +0,0 @@
|
|
|
1
|
-
{"version":3,"file":"hooks.js","sourceRoot":"","sources":["../../../src/core/hooks.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,IAAY;IACrD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAClD,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAEnD,MAAM,KAAK,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAE3C,MAAM,SAAS,CACb,QAAQ,EACR;;;CAGH,EACG,MAAM,CACP,CAAC;IAEF,MAAM,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAE7B,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
package/dist/src/core/learn.d.ts
DELETED
|
@@ -1,11 +0,0 @@
|
|
|
1
|
-
export type LearnTopic = {
|
|
2
|
-
id: string;
|
|
3
|
-
title: string;
|
|
4
|
-
explanation: string;
|
|
5
|
-
risks: string[];
|
|
6
|
-
mistakes: string[];
|
|
7
|
-
secureExamples: string[];
|
|
8
|
-
bestPractices: string[];
|
|
9
|
-
};
|
|
10
|
-
export declare function listLearnTopics(): LearnTopic[];
|
|
11
|
-
export declare function getLearnTopic(topic: string): LearnTopic | null;
|