trusta 0.1.0 → 0.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/api.d.ts +4 -0
- package/dist/api.d.ts.map +1 -1
- package/dist/api.js +4 -0
- package/dist/api.js.map +1 -1
- package/dist/auth.d.ts +11 -0
- package/dist/auth.d.ts.map +1 -0
- package/dist/auth.js +215 -0
- package/dist/auth.js.map +1 -0
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +52 -9
- package/dist/commands/init.js.map +1 -1
- package/package.json +6 -1
package/dist/api.d.ts
CHANGED
|
@@ -45,6 +45,10 @@ export declare function registerProjectRepo(transport: CliApiTransport, projectI
|
|
|
45
45
|
repoUrl: string;
|
|
46
46
|
createdAt: string;
|
|
47
47
|
}>;
|
|
48
|
+
export declare function updateProject(transport: CliApiTransport, projectId: string, input: {
|
|
49
|
+
privacyPolicyUrl?: string | null;
|
|
50
|
+
securityContactEmail?: string | null;
|
|
51
|
+
}): Promise<void>;
|
|
48
52
|
export declare function getMe(transport: CliApiTransport): Promise<{
|
|
49
53
|
user: {
|
|
50
54
|
id: string;
|
package/dist/api.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB;AAmCD,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3C,OAAO,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;CACrD;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;CAC3B;AAED,wBAAsB,kBAAkB,CACtC,SAAS,EAAE,eAAe,EAC1B,KAAK,EAAE;IAAE,aAAa,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,GACpD,OAAO,CAAC,eAAe,CAAC,CAQ1B;AAED,wBAAsB,eAAe,CACnC,SAAS,EAAE,eAAe,EAC1B,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,eAAe,CAAC,CAK1B;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;CACjC;AAED,wBAAsB,cAAc,CAClC,kBAAkB,EAAE,eAAe,EACnC,KAAK,EAAE,mBAAmB,GACzB,OAAO,CAAC;IAAE,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CAOvC;AAED,wBAAsB,mBAAmB,CACvC,SAAS,EAAE,eAAe,EAC1B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAC,CAEhF;AAED,wBAAsB,KAAK,CACzB,SAAS,EAAE,eAAe,GACzB,OAAO,CAAC;IAAE,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAAC,CAEjD"}
|
|
1
|
+
{"version":3,"file":"api.d.ts","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,KAAK,EAAE,MAAM,CAAC;CACxB;AAmCD,MAAM,WAAW,eAAe;IAC9B,YAAY,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAC3C,OAAO,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;CACrD;AAED,MAAM,WAAW,eAAe;IAC9B,SAAS,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC;CAC3B;AAED,wBAAsB,kBAAkB,CACtC,SAAS,EAAE,eAAe,EAC1B,KAAK,EAAE;IAAE,aAAa,EAAE,MAAM,CAAC;IAAC,WAAW,EAAE,MAAM,CAAA;CAAE,GACpD,OAAO,CAAC,eAAe,CAAC,CAQ1B;AAED,wBAAsB,eAAe,CACnC,SAAS,EAAE,eAAe,EAC1B,SAAS,EAAE,MAAM,EACjB,IAAI,EAAE,MAAM,GACX,OAAO,CAAC,eAAe,CAAC,CAK1B;AAED,MAAM,WAAW,mBAAmB;IAClC,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,YAAY,EAAE,MAAM,CAAC;IAC9B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;IAC5B,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC;CACjC;AAED,wBAAsB,cAAc,CAClC,kBAAkB,EAAE,eAAe,EACnC,KAAK,EAAE,mBAAmB,GACzB,OAAO,CAAC;IAAE,gBAAgB,EAAE,MAAM,CAAA;CAAE,CAAC,CAOvC;AAED,wBAAsB,mBAAmB,CACvC,SAAS,EAAE,eAAe,EAC1B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,SAAS,EAAE,MAAM,CAAA;CAAE,CAAC,CAEhF;AAED,wBAAsB,aAAa,CACjC,SAAS,EAAE,eAAe,EAC1B,SAAS,EAAE,MAAM,EACjB,KAAK,EAAE;IACL,gBAAgB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACjC,oBAAoB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;CACtC,GACA,OAAO,CAAC,IAAI,CAAC,CAEf;AAED,wBAAsB,KAAK,CACzB,SAAS,EAAE,eAAe,GACzB,OAAO,CAAC;IAAE,IAAI,EAAE;QAAE,EAAE,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAA;CAAE,CAAC,CAEjD"}
|
package/dist/api.js
CHANGED
|
@@ -4,6 +4,7 @@ exports.bootstrapWorkspace = bootstrapWorkspace;
|
|
|
4
4
|
exports.createCollector = createCollector;
|
|
5
5
|
exports.ingestEvidence = ingestEvidence;
|
|
6
6
|
exports.registerProjectRepo = registerProjectRepo;
|
|
7
|
+
exports.updateProject = updateProject;
|
|
7
8
|
exports.getMe = getMe;
|
|
8
9
|
async function apiRequest(transport, method, path, body) {
|
|
9
10
|
const init = {
|
|
@@ -41,6 +42,9 @@ async function ingestEvidence(collectorTransport, input) {
|
|
|
41
42
|
async function registerProjectRepo(transport, projectId, repoUrl) {
|
|
42
43
|
return apiRequest(transport, 'POST', `/projects/${projectId}/repos`, { repoUrl });
|
|
43
44
|
}
|
|
45
|
+
async function updateProject(transport, projectId, input) {
|
|
46
|
+
await apiRequest(transport, 'PATCH', `/projects/${projectId}`, input);
|
|
47
|
+
}
|
|
44
48
|
async function getMe(transport) {
|
|
45
49
|
return apiRequest(transport, 'GET', '/me');
|
|
46
50
|
}
|
package/dist/api.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"api.js","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":";;AAgDA,gDAWC;AAED,0CASC;AAYD,wCAUC;AAED,kDAMC;AAED,sBAIC;
|
|
1
|
+
{"version":3,"file":"api.js","sourceRoot":"","sources":["../src/api.ts"],"names":[],"mappings":";;AAgDA,gDAWC;AAED,0CASC;AAYD,wCAUC;AAED,kDAMC;AAED,sCASC;AAED,sBAIC;AA5GD,KAAK,UAAU,UAAU,CACvB,SAA0B,EAC1B,MAAgC,EAChC,IAAY,EACZ,IAAc;IAEd,MAAM,IAAI,GAAgB;QACxB,MAAM;QACN,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,aAAa,EAAE,UAAU,SAAS,CAAC,KAAK,EAAE;SAC3C;KACF,CAAC;IACF,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IACnC,CAAC;IACD,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,SAAS,CAAC,OAAO,GAAG,IAAI,EAAE,EAAE,IAAI,CAAC,CAAC;IAElE,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAiB,CAAC;IAErD,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,SAAS,GAAG,IAAgB,CAAC;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,KAAK,EAAE,OAAO,IAAI,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;QACtE,MAAM,IAAI,KAAK,CAAC,OAAO,CAAC,CAAC;IAC3B,CAAC;IAED,OAAO,IAAS,CAAC;AACnB,CAAC;AAYM,KAAK,UAAU,kBAAkB,CACtC,SAA0B,EAC1B,KAAqD;IAErD,MAAM,MAAM,GAAG,MAAM,UAAU,CAC7B,SAAS,EACT,MAAM,EACN,uBAAuB,EACvB,KAAK,CACN,CAAC;IACF,OAAO,MAAM,CAAC;AAChB,CAAC;AAEM,KAAK,UAAU,eAAe,CACnC,SAA0B,EAC1B,SAAiB,EACjB,IAAY;IAEZ,OAAO,UAAU,CAAkB,SAAS,EAAE,MAAM,EAAE,aAAa,SAAS,aAAa,EAAE;QACzF,IAAI;QACJ,cAAc,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;KACtD,CAAC,CAAC;AACL,CAAC;AAYM,KAAK,UAAU,cAAc,CAClC,kBAAmC,EACnC,KAA0B;IAE1B,OAAO,UAAU,CACf,kBAAkB,EAClB,MAAM,EACN,kBAAkB,EAClB,KAAK,CACN,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,mBAAmB,CACvC,SAA0B,EAC1B,SAAiB,EACjB,OAAe;IAEf,OAAO,UAAU,CAAC,SAAS,EAAE,MAAM,EAAE,aAAa,SAAS,QAAQ,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;AACpF,CAAC;AAEM,KAAK,UAAU,aAAa,CACjC,SAA0B,EAC1B,SAAiB,EACjB,KAGC;IAED,MAAM,UAAU,CAAC,SAAS,EAAE,OAAO,EAAE,aAAa,SAAS,EAAE,EAAE,KAAK,CAAC,CAAC;AACxE,CAAC;AAEM,KAAK,UAAU,KAAK,CACzB,SAA0B;IAE1B,OAAO,UAAU,CAAyC,SAAS,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;AACrF,CAAC"}
|
package/dist/auth.d.ts
ADDED
|
@@ -0,0 +1,11 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Resolves a valid Trusta API token for use in CLI commands.
|
|
3
|
+
*
|
|
4
|
+
* Priority:
|
|
5
|
+
* 1. TRUSTA_API_TOKEN env var (headless/CI escape hatch)
|
|
6
|
+
* 2. Stored token in ~/.trusta/config.json (if not expired)
|
|
7
|
+
* 3. Silent refresh via stored refresh token
|
|
8
|
+
* 4. Browser-based OAuth login flow
|
|
9
|
+
*/
|
|
10
|
+
export declare function resolveToken(): Promise<string>;
|
|
11
|
+
//# sourceMappingURL=auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.d.ts","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":"AAoOA;;;;;;;;GAQG;AACH,wBAAsB,YAAY,IAAI,OAAO,CAAC,MAAM,CAAC,CAkCpD"}
|
package/dist/auth.js
ADDED
|
@@ -0,0 +1,215 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.resolveToken = resolveToken;
|
|
4
|
+
const node_crypto_1 = require("node:crypto");
|
|
5
|
+
const node_fs_1 = require("node:fs");
|
|
6
|
+
const node_http_1 = require("node:http");
|
|
7
|
+
const node_os_1 = require("node:os");
|
|
8
|
+
const node_path_1 = require("node:path");
|
|
9
|
+
const node_child_process_1 = require("node:child_process");
|
|
10
|
+
const AUTH_CALLBACK_PORT = 7429;
|
|
11
|
+
const AUTH_CALLBACK_URI = `http://localhost:${AUTH_CALLBACK_PORT}/callback`;
|
|
12
|
+
const DEFAULT_AUTH_DOMAIN = 'https://auth.trusta.dev';
|
|
13
|
+
// Filled in after CDK AuthStack deploy — override with TRUSTA_COGNITO_CLI_CLIENT_ID for local dev.
|
|
14
|
+
const DEFAULT_CLI_CLIENT_ID = 'REPLACE_AFTER_CDK_DEPLOY';
|
|
15
|
+
const LOGIN_TIMEOUT_MS = 120_000;
|
|
16
|
+
function getConfigPath() {
|
|
17
|
+
return (0, node_path_1.join)((0, node_os_1.homedir)(), '.trusta', 'config.json');
|
|
18
|
+
}
|
|
19
|
+
function loadStoredAuth() {
|
|
20
|
+
const configPath = getConfigPath();
|
|
21
|
+
if (!(0, node_fs_1.existsSync)(configPath)) {
|
|
22
|
+
return null;
|
|
23
|
+
}
|
|
24
|
+
try {
|
|
25
|
+
return JSON.parse((0, node_fs_1.readFileSync)(configPath, 'utf8'));
|
|
26
|
+
}
|
|
27
|
+
catch {
|
|
28
|
+
return null;
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
function saveStoredAuth(auth) {
|
|
32
|
+
const configPath = getConfigPath();
|
|
33
|
+
(0, node_fs_1.mkdirSync)((0, node_path_1.join)((0, node_os_1.homedir)(), '.trusta'), { recursive: true });
|
|
34
|
+
(0, node_fs_1.writeFileSync)(configPath, JSON.stringify(auth, null, 2) + '\n', 'utf8');
|
|
35
|
+
}
|
|
36
|
+
function hasExpired(auth) {
|
|
37
|
+
return Date.parse(auth.idTokenExpiresAt) <= Date.now() + 60_000;
|
|
38
|
+
}
|
|
39
|
+
function parseJwtExp(token) {
|
|
40
|
+
const [, payload] = token.split('.');
|
|
41
|
+
if (!payload) {
|
|
42
|
+
return new Date(Date.now() + 3600 * 1000).toISOString();
|
|
43
|
+
}
|
|
44
|
+
try {
|
|
45
|
+
const decoded = JSON.parse(Buffer.from(payload, 'base64url').toString('utf8'));
|
|
46
|
+
if (typeof decoded['exp'] === 'number') {
|
|
47
|
+
return new Date(decoded['exp'] * 1000).toISOString();
|
|
48
|
+
}
|
|
49
|
+
}
|
|
50
|
+
catch {
|
|
51
|
+
// fall through
|
|
52
|
+
}
|
|
53
|
+
return new Date(Date.now() + 3600 * 1000).toISOString();
|
|
54
|
+
}
|
|
55
|
+
function openBrowser(url) {
|
|
56
|
+
const platform = process.platform;
|
|
57
|
+
if (platform === 'darwin') {
|
|
58
|
+
(0, node_child_process_1.spawn)('open', [url], { detached: true, stdio: 'ignore' }).unref();
|
|
59
|
+
}
|
|
60
|
+
else if (platform === 'win32') {
|
|
61
|
+
(0, node_child_process_1.spawn)('cmd', ['/c', 'start', '', url], {
|
|
62
|
+
detached: true,
|
|
63
|
+
stdio: 'ignore',
|
|
64
|
+
}).unref();
|
|
65
|
+
}
|
|
66
|
+
else {
|
|
67
|
+
(0, node_child_process_1.spawn)('xdg-open', [url], { detached: true, stdio: 'ignore' }).unref();
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
async function exchangeCodeForTokens(authDomain, clientId, code, codeVerifier) {
|
|
71
|
+
const body = new URLSearchParams({
|
|
72
|
+
grant_type: 'authorization_code',
|
|
73
|
+
client_id: clientId,
|
|
74
|
+
code,
|
|
75
|
+
redirect_uri: AUTH_CALLBACK_URI,
|
|
76
|
+
code_verifier: codeVerifier,
|
|
77
|
+
});
|
|
78
|
+
const response = await fetch(`${authDomain}/oauth2/token`, {
|
|
79
|
+
method: 'POST',
|
|
80
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
81
|
+
body: body.toString(),
|
|
82
|
+
});
|
|
83
|
+
if (!response.ok) {
|
|
84
|
+
const text = await response.text();
|
|
85
|
+
throw new Error(`Token exchange failed (${response.status}): ${text}`);
|
|
86
|
+
}
|
|
87
|
+
const tokens = (await response.json());
|
|
88
|
+
const idToken = tokens['id_token'];
|
|
89
|
+
const refreshToken = tokens['refresh_token'] ?? null;
|
|
90
|
+
return {
|
|
91
|
+
idToken,
|
|
92
|
+
idTokenExpiresAt: parseJwtExp(idToken),
|
|
93
|
+
refreshToken,
|
|
94
|
+
};
|
|
95
|
+
}
|
|
96
|
+
async function refreshIdToken(authDomain, clientId, refreshToken) {
|
|
97
|
+
const body = new URLSearchParams({
|
|
98
|
+
grant_type: 'refresh_token',
|
|
99
|
+
client_id: clientId,
|
|
100
|
+
refresh_token: refreshToken,
|
|
101
|
+
});
|
|
102
|
+
const response = await fetch(`${authDomain}/oauth2/token`, {
|
|
103
|
+
method: 'POST',
|
|
104
|
+
headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
|
|
105
|
+
body: body.toString(),
|
|
106
|
+
});
|
|
107
|
+
if (!response.ok) {
|
|
108
|
+
const text = await response.text();
|
|
109
|
+
throw new Error(`Token refresh failed (${response.status}): ${text}`);
|
|
110
|
+
}
|
|
111
|
+
const tokens = (await response.json());
|
|
112
|
+
const idToken = tokens['id_token'];
|
|
113
|
+
// Cognito does not return a new refresh token on refresh — reuse the existing one
|
|
114
|
+
return {
|
|
115
|
+
idToken,
|
|
116
|
+
idTokenExpiresAt: parseJwtExp(idToken),
|
|
117
|
+
refreshToken,
|
|
118
|
+
};
|
|
119
|
+
}
|
|
120
|
+
async function browserLoginFlow(authDomain, clientId) {
|
|
121
|
+
const codeVerifier = (0, node_crypto_1.randomBytes)(32).toString('base64url');
|
|
122
|
+
const codeChallenge = (0, node_crypto_1.createHash)('sha256')
|
|
123
|
+
.update(codeVerifier)
|
|
124
|
+
.digest('base64url');
|
|
125
|
+
const state = (0, node_crypto_1.randomBytes)(16).toString('base64url');
|
|
126
|
+
const authUrl = `${authDomain}/oauth2/authorize` +
|
|
127
|
+
`?response_type=code` +
|
|
128
|
+
`&client_id=${encodeURIComponent(clientId)}` +
|
|
129
|
+
`&redirect_uri=${encodeURIComponent(AUTH_CALLBACK_URI)}` +
|
|
130
|
+
`&scope=${encodeURIComponent('openid email profile')}` +
|
|
131
|
+
`&state=${encodeURIComponent(state)}` +
|
|
132
|
+
`&code_challenge=${encodeURIComponent(codeChallenge)}` +
|
|
133
|
+
`&code_challenge_method=S256`;
|
|
134
|
+
return new Promise((resolve, reject) => {
|
|
135
|
+
const server = (0, node_http_1.createServer)((req, res) => {
|
|
136
|
+
const url = new URL(req.url ?? '/', `http://localhost:${AUTH_CALLBACK_PORT}`);
|
|
137
|
+
if (url.pathname !== '/callback') {
|
|
138
|
+
res.writeHead(404);
|
|
139
|
+
res.end();
|
|
140
|
+
return;
|
|
141
|
+
}
|
|
142
|
+
const code = url.searchParams.get('code');
|
|
143
|
+
const returnedState = url.searchParams.get('state');
|
|
144
|
+
const error = url.searchParams.get('error');
|
|
145
|
+
if (error) {
|
|
146
|
+
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
147
|
+
res.end('<html><body><h2>Login failed.</h2><p>You can close this tab.</p></body></html>');
|
|
148
|
+
server.close();
|
|
149
|
+
reject(new Error(`OAuth error: ${error}`));
|
|
150
|
+
return;
|
|
151
|
+
}
|
|
152
|
+
if (!code || returnedState !== state) {
|
|
153
|
+
res.writeHead(400, { 'Content-Type': 'text/html' });
|
|
154
|
+
res.end('<html><body><h2>Invalid callback.</h2><p>You can close this tab.</p></body></html>');
|
|
155
|
+
server.close();
|
|
156
|
+
reject(new Error('Invalid OAuth callback — state mismatch or missing code.'));
|
|
157
|
+
return;
|
|
158
|
+
}
|
|
159
|
+
res.writeHead(200, { 'Content-Type': 'text/html' });
|
|
160
|
+
res.end('<html><body><h2>Login successful!</h2><p>You can close this tab and return to the terminal.</p></body></html>');
|
|
161
|
+
server.close();
|
|
162
|
+
exchangeCodeForTokens(authDomain, clientId, code, codeVerifier)
|
|
163
|
+
.then(resolve)
|
|
164
|
+
.catch(reject);
|
|
165
|
+
});
|
|
166
|
+
server.listen(AUTH_CALLBACK_PORT, '127.0.0.1', () => {
|
|
167
|
+
process.stdout.write(`\n Opening browser for login...\n If nothing opens, visit:\n ${authUrl}\n\n`);
|
|
168
|
+
openBrowser(authUrl);
|
|
169
|
+
});
|
|
170
|
+
server.on('error', (err) => {
|
|
171
|
+
reject(new Error(`Could not start local auth server: ${err.message}`));
|
|
172
|
+
});
|
|
173
|
+
const timeout = setTimeout(() => {
|
|
174
|
+
server.close();
|
|
175
|
+
reject(new Error('Login timed out after 120 seconds.'));
|
|
176
|
+
}, LOGIN_TIMEOUT_MS);
|
|
177
|
+
// Ensure the timeout doesn't keep the process alive if something else resolves first
|
|
178
|
+
timeout.unref();
|
|
179
|
+
});
|
|
180
|
+
}
|
|
181
|
+
/**
|
|
182
|
+
* Resolves a valid Trusta API token for use in CLI commands.
|
|
183
|
+
*
|
|
184
|
+
* Priority:
|
|
185
|
+
* 1. TRUSTA_API_TOKEN env var (headless/CI escape hatch)
|
|
186
|
+
* 2. Stored token in ~/.trusta/config.json (if not expired)
|
|
187
|
+
* 3. Silent refresh via stored refresh token
|
|
188
|
+
* 4. Browser-based OAuth login flow
|
|
189
|
+
*/
|
|
190
|
+
async function resolveToken() {
|
|
191
|
+
const envToken = process.env['TRUSTA_API_TOKEN'];
|
|
192
|
+
if (envToken) {
|
|
193
|
+
return envToken;
|
|
194
|
+
}
|
|
195
|
+
const authDomain = process.env['TRUSTA_AUTH_DOMAIN'] ?? DEFAULT_AUTH_DOMAIN;
|
|
196
|
+
const clientId = process.env['TRUSTA_COGNITO_CLI_CLIENT_ID'] ?? DEFAULT_CLI_CLIENT_ID;
|
|
197
|
+
const stored = loadStoredAuth();
|
|
198
|
+
if (stored && !hasExpired(stored)) {
|
|
199
|
+
return stored.idToken;
|
|
200
|
+
}
|
|
201
|
+
if (stored?.refreshToken) {
|
|
202
|
+
try {
|
|
203
|
+
const refreshed = await refreshIdToken(authDomain, clientId, stored.refreshToken);
|
|
204
|
+
saveStoredAuth(refreshed);
|
|
205
|
+
return refreshed.idToken;
|
|
206
|
+
}
|
|
207
|
+
catch {
|
|
208
|
+
// Refresh failed — fall through to browser login
|
|
209
|
+
}
|
|
210
|
+
}
|
|
211
|
+
const fresh = await browserLoginFlow(authDomain, clientId);
|
|
212
|
+
saveStoredAuth(fresh);
|
|
213
|
+
return fresh.idToken;
|
|
214
|
+
}
|
|
215
|
+
//# sourceMappingURL=auth.js.map
|
package/dist/auth.js.map
ADDED
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"auth.js","sourceRoot":"","sources":["../src/auth.ts"],"names":[],"mappings":";;AA6OA,oCAkCC;AA/QD,6CAAsD;AACtD,qCAA6E;AAC7E,yCAAyC;AACzC,qCAAkC;AAClC,yCAAiC;AACjC,2DAA2C;AAE3C,MAAM,kBAAkB,GAAG,IAAI,CAAC;AAChC,MAAM,iBAAiB,GAAG,oBAAoB,kBAAkB,WAAW,CAAC;AAC5E,MAAM,mBAAmB,GAAG,yBAAyB,CAAC;AACtD,mGAAmG;AACnG,MAAM,qBAAqB,GAAG,0BAA0B,CAAC;AACzD,MAAM,gBAAgB,GAAG,OAAO,CAAC;AAQjC,SAAS,aAAa;IACpB,OAAO,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,cAAc;IACrB,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,IAAI,CAAC,IAAA,oBAAU,EAAC,UAAU,CAAC,EAAE,CAAC;QAC5B,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAA,sBAAY,EAAC,UAAU,EAAE,MAAM,CAAC,CAAe,CAAC;IACpE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,IAAgB;IACtC,MAAM,UAAU,GAAG,aAAa,EAAE,CAAC;IACnC,IAAA,mBAAS,EAAC,IAAA,gBAAI,EAAC,IAAA,iBAAO,GAAE,EAAE,SAAS,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,IAAA,uBAAa,EAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,MAAM,CAAC,CAAC;AAC1E,CAAC;AAED,SAAS,UAAU,CAAC,IAAgB;IAClC,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,IAAI,CAAC,GAAG,EAAE,GAAG,MAAM,CAAC;AAClE,CAAC;AAED,SAAS,WAAW,CAAC,KAAa;IAChC,MAAM,CAAC,EAAE,OAAO,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACrC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;IAC1D,CAAC;IACD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CACxB,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CACxB,CAAC;QAC7B,IAAI,OAAO,OAAO,CAAC,KAAK,CAAC,KAAK,QAAQ,EAAE,CAAC;YACvC,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QACvD,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,eAAe;IACjB,CAAC;IACD,OAAO,IAAI,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,GAAG,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;AAC1D,CAAC;AAED,SAAS,WAAW,CAAC,GAAW;IAC9B,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAClC,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QAC1B,IAAA,0BAAK,EAAC,MAAM,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC;IACpE,CAAC;SAAM,IAAI,QAAQ,KAAK,OAAO,EAAE,CAAC;QAChC,IAAA,0BAAK,EAAC,KAAK,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,GAAG,CAAC,EAAE;YACrC,QAAQ,EAAE,IAAI;YACd,KAAK,EAAE,QAAQ;SAChB,CAAC,CAAC,KAAK,EAAE,CAAC;IACb,CAAC;SAAM,CAAC;QACN,IAAA,0BAAK,EAAC,UAAU,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC;IACxE,CAAC;AACH,CAAC;AAED,KAAK,UAAU,qBAAqB,CAClC,UAAkB,EAClB,QAAgB,EAChB,IAAY,EACZ,YAAoB;IAEpB,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,oBAAoB;QAChC,SAAS,EAAE,QAAQ;QACnB,IAAI;QACJ,YAAY,EAAE,iBAAiB;QAC/B,aAAa,EAAE,YAAY;KAC5B,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,eAAe,EAAE;QACzD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;IAClE,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAW,CAAC;IAC7C,MAAM,YAAY,GAAI,MAAM,CAAC,eAAe,CAAwB,IAAI,IAAI,CAAC;IAE7E,OAAO;QACL,OAAO;QACP,gBAAgB,EAAE,WAAW,CAAC,OAAO,CAAC;QACtC,YAAY;KACb,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,UAAkB,EAClB,QAAgB,EAChB,YAAoB;IAEpB,MAAM,IAAI,GAAG,IAAI,eAAe,CAAC;QAC/B,UAAU,EAAE,eAAe;QAC3B,SAAS,EAAE,QAAQ;QACnB,aAAa,EAAE,YAAY;KAC5B,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,UAAU,eAAe,EAAE;QACzD,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,EAAE,cAAc,EAAE,mCAAmC,EAAE;QAChE,IAAI,EAAE,IAAI,CAAC,QAAQ,EAAE;KACtB,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnC,MAAM,IAAI,KAAK,CAAC,yBAAyB,QAAQ,CAAC,MAAM,MAAM,IAAI,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,MAAM,MAAM,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAA4B,CAAC;IAClE,MAAM,OAAO,GAAG,MAAM,CAAC,UAAU,CAAW,CAAC;IAC7C,kFAAkF;IAClF,OAAO;QACL,OAAO;QACP,gBAAgB,EAAE,WAAW,CAAC,OAAO,CAAC;QACtC,YAAY;KACb,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,UAAkB,EAClB,QAAgB;IAEhB,MAAM,YAAY,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAC3D,MAAM,aAAa,GAAG,IAAA,wBAAU,EAAC,QAAQ,CAAC;SACvC,MAAM,CAAC,YAAY,CAAC;SACpB,MAAM,CAAC,WAAW,CAAC,CAAC;IACvB,MAAM,KAAK,GAAG,IAAA,yBAAW,EAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;IAEpD,MAAM,OAAO,GACX,GAAG,UAAU,mBAAmB;QAChC,qBAAqB;QACrB,cAAc,kBAAkB,CAAC,QAAQ,CAAC,EAAE;QAC5C,iBAAiB,kBAAkB,CAAC,iBAAiB,CAAC,EAAE;QACxD,UAAU,kBAAkB,CAAC,sBAAsB,CAAC,EAAE;QACtD,UAAU,kBAAkB,CAAC,KAAK,CAAC,EAAE;QACrC,mBAAmB,kBAAkB,CAAC,aAAa,CAAC,EAAE;QACtD,6BAA6B,CAAC;IAEhC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,MAAM,GAAG,IAAA,wBAAY,EAAC,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE;YACvC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,GAAG,IAAI,GAAG,EAAE,oBAAoB,kBAAkB,EAAE,CAAC,CAAC;YAE9E,IAAI,GAAG,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;gBACjC,GAAG,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC;gBACnB,GAAG,CAAC,GAAG,EAAE,CAAC;gBACV,OAAO;YACT,CAAC;YAED,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,aAAa,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACpD,MAAM,KAAK,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAE5C,IAAI,KAAK,EAAE,CAAC;gBACV,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,gFAAgF,CAAC,CAAC;gBAC1F,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,IAAI,KAAK,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC,CAAC;gBAC3C,OAAO;YACT,CAAC;YAED,IAAI,CAAC,IAAI,IAAI,aAAa,KAAK,KAAK,EAAE,CAAC;gBACrC,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;gBACpD,GAAG,CAAC,GAAG,CAAC,oFAAoF,CAAC,CAAC;gBAC9F,MAAM,CAAC,KAAK,EAAE,CAAC;gBACf,MAAM,CAAC,IAAI,KAAK,CAAC,0DAA0D,CAAC,CAAC,CAAC;gBAC9E,OAAO;YACT,CAAC;YAED,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE,EAAE,cAAc,EAAE,WAAW,EAAE,CAAC,CAAC;YACpD,GAAG,CAAC,GAAG,CACL,+GAA+G,CAChH,CAAC;YACF,MAAM,CAAC,KAAK,EAAE,CAAC;YAEf,qBAAqB,CAAC,UAAU,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,CAAC;iBAC5D,IAAI,CAAC,OAAO,CAAC;iBACb,KAAK,CAAC,MAAM,CAAC,CAAC;QACnB,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,MAAM,CAAC,kBAAkB,EAAE,WAAW,EAAE,GAAG,EAAE;YAClD,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,mEAAmE,OAAO,MAAM,CACjF,CAAC;YACF,WAAW,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC,CAAC,CAAC;QAEH,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,GAAG,EAAE,EAAE;YACzB,MAAM,CAAC,IAAI,KAAK,CAAC,sCAAsC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;QACzE,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,EAAE;YAC9B,MAAM,CAAC,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,IAAI,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAC;QAC1D,CAAC,EAAE,gBAAgB,CAAC,CAAC;QAErB,qFAAqF;QACrF,OAAO,CAAC,KAAK,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;;;;;GAQG;AACI,KAAK,UAAU,YAAY;IAChC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IACjD,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,UAAU,GACd,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,IAAI,mBAAmB,CAAC;IAC3D,MAAM,QAAQ,GACZ,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,IAAI,qBAAqB,CAAC;IAEvE,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAEhC,IAAI,MAAM,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QAClC,OAAO,MAAM,CAAC,OAAO,CAAC;IACxB,CAAC;IAED,IAAI,MAAM,EAAE,YAAY,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,MAAM,cAAc,CACpC,UAAU,EACV,QAAQ,EACR,MAAM,CAAC,YAAY,CACpB,CAAC;YACF,cAAc,CAAC,SAAS,CAAC,CAAC;YAC1B,OAAO,SAAS,CAAC,OAAO,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,iDAAiD;QACnD,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;IAC3D,cAAc,CAAC,KAAK,CAAC,CAAC;IACtB,OAAO,KAAK,CAAC,OAAO,CAAC;AACvB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"init.d.ts","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":"AA2BA,wBAAsB,IAAI,kBAyMzB"}
|
package/dist/commands/init.js
CHANGED
|
@@ -1,8 +1,11 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.init = init;
|
|
4
|
+
const node_fs_1 = require("node:fs");
|
|
5
|
+
const node_path_1 = require("node:path");
|
|
4
6
|
const detect_1 = require("../detect");
|
|
5
7
|
const api_1 = require("../api");
|
|
8
|
+
const auth_1 = require("../auth");
|
|
6
9
|
const scanner_1 = require("../scanner");
|
|
7
10
|
const output_1 = require("../output");
|
|
8
11
|
const prompt_1 = require("../prompt");
|
|
@@ -16,15 +19,10 @@ async function init() {
|
|
|
16
19
|
// Resolve API base URL
|
|
17
20
|
const apiUrl = (process.env['TRUSTA_API_URL'] ?? DEFAULT_API_URL).replace(/\/$/, '');
|
|
18
21
|
const appUrl = (process.env['TRUSTA_APP_URL'] ?? DEFAULT_APP_URL).replace(/\/$/, '');
|
|
19
|
-
// Resolve API token
|
|
20
|
-
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
token = await prompter.ask('Paste your API token');
|
|
24
|
-
if (!token) {
|
|
25
|
-
throw new Error('API token is required. Set TRUSTA_API_TOKEN or enter it when prompted.');
|
|
26
|
-
}
|
|
27
|
-
}
|
|
22
|
+
// Resolve API token — browser login flow, silent refresh, or TRUSTA_API_TOKEN env override
|
|
23
|
+
(0, output_1.printStep)('Authenticating...');
|
|
24
|
+
const token = await (0, auth_1.resolveToken)();
|
|
25
|
+
(0, output_1.printSuccess)('Authenticated.');
|
|
28
26
|
const transport = { baseUrl: apiUrl, token };
|
|
29
27
|
// Workspace name
|
|
30
28
|
const defaultWorkspaceName = detection.projectName
|
|
@@ -106,6 +104,51 @@ async function init() {
|
|
|
106
104
|
catch {
|
|
107
105
|
(0, output_1.printWarning)('Security scan could not complete — you can trigger one from the dashboard.');
|
|
108
106
|
}
|
|
107
|
+
// Collect trust attestations
|
|
108
|
+
(0, output_1.printDivider)();
|
|
109
|
+
(0, output_1.printStep)('Declare trust attestations (improves your trust score — press enter to skip any).');
|
|
110
|
+
const privacyPolicyUrl = await prompter.ask('Privacy policy URL');
|
|
111
|
+
const securityContactEmail = await prompter.ask('Security contact email');
|
|
112
|
+
const subProcessors = [];
|
|
113
|
+
const addSp = await prompter.ask('Declare sub-processors (third-party services that process user data)? [y/N]');
|
|
114
|
+
if (addSp.toLowerCase() === 'y') {
|
|
115
|
+
let addingMore = true;
|
|
116
|
+
while (addingMore) {
|
|
117
|
+
const name = await prompter.ask(' Sub-processor name (e.g. Stripe)');
|
|
118
|
+
if (!name)
|
|
119
|
+
break;
|
|
120
|
+
const purpose = await prompter.ask(' Purpose (e.g. Payment processing)');
|
|
121
|
+
const location = await prompter.ask(' Location (e.g. United States)');
|
|
122
|
+
if (name && purpose && location) {
|
|
123
|
+
subProcessors.push({ name, purpose, location });
|
|
124
|
+
(0, output_1.printSuccess)(`Added: ${name}`);
|
|
125
|
+
}
|
|
126
|
+
const another = await prompter.ask(' Add another? [y/N]');
|
|
127
|
+
addingMore = another.toLowerCase() === 'y';
|
|
128
|
+
}
|
|
129
|
+
}
|
|
130
|
+
// Persist attestations
|
|
131
|
+
const attestationUpdate = {};
|
|
132
|
+
if (privacyPolicyUrl)
|
|
133
|
+
attestationUpdate.privacyPolicyUrl = privacyPolicyUrl;
|
|
134
|
+
if (securityContactEmail)
|
|
135
|
+
attestationUpdate.securityContactEmail = securityContactEmail;
|
|
136
|
+
if (Object.keys(attestationUpdate).length > 0) {
|
|
137
|
+
try {
|
|
138
|
+
await (0, api_1.updateProject)(transport, project.id, attestationUpdate);
|
|
139
|
+
(0, output_1.printSuccess)('Trust attestations saved.');
|
|
140
|
+
}
|
|
141
|
+
catch {
|
|
142
|
+
(0, output_1.printWarning)('Could not save attestations — update them in the dashboard.');
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
if (subProcessors.length > 0) {
|
|
146
|
+
const trustaDir = (0, node_path_1.join)(cwd, '.trusta');
|
|
147
|
+
(0, node_fs_1.mkdirSync)(trustaDir, { recursive: true });
|
|
148
|
+
const spPath = (0, node_path_1.join)(trustaDir, 'sub-processors.json');
|
|
149
|
+
(0, node_fs_1.writeFileSync)(spPath, JSON.stringify(subProcessors, null, 2) + '\n');
|
|
150
|
+
(0, output_1.printSuccess)(`Written .trusta/sub-processors.json (${subProcessors.length} sub-processor${subProcessors.length === 1 ? '' : 's'}) — commit this file to your repo.`);
|
|
151
|
+
}
|
|
109
152
|
// Output summary
|
|
110
153
|
const trustUrl = `${DEFAULT_APP_URL}/trust/${project.slug}`;
|
|
111
154
|
(0, output_1.printSuccess)('Setup complete!');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"init.js","sourceRoot":"","sources":["../../src/commands/init.ts"],"names":[],"mappings":";;AA2BA,oBAyMC;AApOD,qCAAmD;AACnD,yCAAiC;AACjC,sCAA0C;AAC1C,gCAOgB;AAChB,kCAAuC;AACvC,wCAAgD;AAChD,sCAQmB;AACnB,sCAA2C;AAE3C,MAAM,eAAe,GAAG,wBAAwB,CAAC;AACjD,MAAM,eAAe,GAAG,wBAAwB,CAAC;AAE1C,KAAK,UAAU,IAAI;IACxB,IAAA,oBAAW,GAAE,CAAC;IAEd,MAAM,SAAS,GAAG,IAAA,sBAAa,GAAE,CAAC;IAClC,MAAM,QAAQ,GAAG,IAAA,uBAAc,GAAE,CAAC;IAElC,IAAI,CAAC;QACH,uBAAuB;QACvB,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,eAAe,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACrF,MAAM,MAAM,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,IAAI,eAAe,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAErF,2FAA2F;QAC3F,IAAA,kBAAS,EAAC,mBAAmB,CAAC,CAAC;QAC/B,MAAM,KAAK,GAAG,MAAM,IAAA,mBAAY,GAAE,CAAC;QACnC,IAAA,qBAAY,EAAC,gBAAgB,CAAC,CAAC;QAE/B,MAAM,SAAS,GAAoB,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;QAE9D,iBAAiB;QACjB,MAAM,oBAAoB,GAAG,SAAS,CAAC,WAAW;YAChD,CAAC,CAAC,WAAW,CAAC,SAAS,CAAC,WAAW,CAAC;YACpC,CAAC,CAAC,SAAS,CAAC;QACd,IAAA,kBAAS,EAAC,iDAAiD,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,gBAAgB,EAAE,oBAAoB,CAAC,CAAC;QACjF,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,MAAM,IAAI,KAAK,CAAC,6BAA6B,CAAC,CAAC;QACjD,CAAC;QAED,eAAe;QACf,MAAM,kBAAkB,GAAG,SAAS,CAAC,WAAW,IAAI,SAAS,CAAC;QAC9D,MAAM,WAAW,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,oBAAoB,EAAE,kBAAkB,CAAC,CAAC;QACjF,IAAI,CAAC,WAAW,EAAE,CAAC;YACjB,MAAM,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC;QAC/C,CAAC;QAED,IAAA,qBAAY,GAAE,CAAC;QAEf,gCAAgC;QAChC,IAAA,kBAAS,EAAC,mCAAmC,CAAC,CAAC;QAC/C,MAAM,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,MAAM,IAAA,wBAAkB,EAAC,SAAS,EAAE;YACpE,aAAa;YACb,WAAW;SACZ,CAAC,CAAC;QACH,IAAA,qBAAY,EAAC,cAAc,YAAY,CAAC,IAAI,WAAW,CAAC,CAAC;QACzD,IAAA,qBAAY,EAAC,YAAY,OAAO,CAAC,IAAI,WAAW,CAAC,CAAC;QAElD,kCAAkC;QAClC,IAAA,kBAAS,EAAC,qDAAqD,CAAC,CAAC;QACjE,MAAM,SAAS,GAAG,MAAM,IAAA,qBAAe,EAAC,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,gBAAgB,CAAC,CAAC;QACjF,IAAA,qBAAY,EAAC,oCAAoC,CAAC,CAAC;QAEnD,wEAAwE;QACxE,IAAI,SAAS,CAAC,aAAa,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,MAAM,IAAA,yBAAmB,EAAC,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,SAAS,CAAC,aAAa,CAAC,CAAC;gBAC1E,IAAA,qBAAY,EAAC,uBAAuB,SAAS,CAAC,aAAa,EAAE,CAAC,CAAC;YACjE,CAAC;YAAC,MAAM,CAAC;gBACP,IAAA,qBAAY,EAAC,qEAAqE,CAAC,CAAC;YACtF,CAAC;QACH,CAAC;QAED,IAAA,qBAAY,GAAE,CAAC;QAEf,wDAAwD;QACxD,IAAA,kBAAS,EAAC,6CAA6C,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAC1B,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,MAAM,IAAA,4BAAkB,EAAC,GAAG,CAAC,CAAC;YACjD,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,UAAU,CAAC;YAEzC,2DAA2D;YAC3D,MAAM,kBAAkB,GAAoB;gBAC1C,OAAO,EAAE,MAAM;gBACf,KAAK,EAAE,SAAS,CAAC,MAAM,CAAC,KAAK;aAC9B,CAAC;YAEF,MAAM,IAAA,oBAAc,EAAC,kBAAkB,EAAE;gBACvC,SAAS,EAAE,OAAO,CAAC,EAAE;gBACrB,YAAY,EAAE,eAAe;gBAC7B,UAAU,EAAE,UAAU;gBACtB,SAAS,EAAE,GAAG;gBACd,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACpC,OAAO,EAAE,EAAE,QAAQ,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,mBAAmB;gBAClE,YAAY,EAAE,OAAO;aACtB,CAAC,CAAC;YAEH,qBAAqB;YACrB,IAAI,OAAO,CAAC,aAAa,GAAG,CAAC,IAAI,OAAO,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;gBACvD,IAAA,qBAAY,EACV,uBAAuB,OAAO,CAAC,aAAa,cAAc,OAAO,CAAC,SAAS,SAAS;oBACpF,GAAG,OAAO,CAAC,WAAW,yBAAyB,OAAO,CAAC,YAAY,SAAS,CAC7E,CAAC;gBACF,MAAM,WAAW,GAAG,QAAQ;qBACzB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;qBACjE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;gBACf,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;oBAClC,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,MAAM,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,MAAM,OAAO,CAAC,MAAM,IAAI,CACxG,CAAC;gBACJ,CAAC;gBACD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,aAAa,QAAQ,CAAC,MAAM,GAAG,CAAC,qCAAqC,CAAC,CAAC;gBAC9F,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,IAAA,qBAAY,EACV,0BAA0B,OAAO,CAAC,YAAY,0BAA0B,OAAO,CAAC,aAAa,MAAM,CACpG,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,IAAA,qBAAY,EAAC,4EAA4E,CAAC,CAAC;QAC7F,CAAC;QAED,6BAA6B;QAC7B,IAAA,qBAAY,GAAE,CAAC;QACf,IAAA,kBAAS,EACP,mFAAmF,CACpF,CAAC;QAEF,MAAM,gBAAgB,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAC;QAClE,MAAM,oBAAoB,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAC;QAO1E,MAAM,aAAa,GAAwB,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,GAAG,CAC9B,6EAA6E,CAC9E,CAAC;QACF,IAAI,KAAK,CAAC,WAAW,EAAE,KAAK,GAAG,EAAE,CAAC;YAChC,IAAI,UAAU,GAAG,IAAI,CAAC;YACtB,OAAO,UAAU,EAAE,CAAC;gBAClB,MAAM,IAAI,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,oCAAoC,CAAC,CAAC;gBACtE,IAAI,CAAC,IAAI;oBAAE,MAAM;gBACjB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;gBAC1E,MAAM,QAAQ,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC;gBACvE,IAAI,IAAI,IAAI,OAAO,IAAI,QAAQ,EAAE,CAAC;oBAChC,aAAa,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAC,CAAC;oBAChD,IAAA,qBAAY,EAAC,UAAU,IAAI,EAAE,CAAC,CAAC;gBACjC,CAAC;gBACD,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;gBAC3D,UAAU,GAAG,OAAO,CAAC,WAAW,EAAE,KAAK,GAAG,CAAC;YAC7C,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,MAAM,iBAAiB,GAGnB,EAAE,CAAC;QACP,IAAI,gBAAgB;YAAE,iBAAiB,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;QAC5E,IAAI,oBAAoB;YAAE,iBAAiB,CAAC,oBAAoB,GAAG,oBAAoB,CAAC;QAExF,IAAI,MAAM,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9C,IAAI,CAAC;gBACH,MAAM,IAAA,mBAAa,EAAC,SAAS,EAAE,OAAO,CAAC,EAAE,EAAE,iBAAiB,CAAC,CAAC;gBAC9D,IAAA,qBAAY,EAAC,2BAA2B,CAAC,CAAC;YAC5C,CAAC;YAAC,MAAM,CAAC;gBACP,IAAA,qBAAY,EAAC,6DAA6D,CAAC,CAAC;YAC9E,CAAC;QACH,CAAC;QAED,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,IAAA,gBAAI,EAAC,GAAG,EAAE,SAAS,CAAC,CAAC;YACvC,IAAA,mBAAS,EAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC1C,MAAM,MAAM,GAAG,IAAA,gBAAI,EAAC,SAAS,EAAE,qBAAqB,CAAC,CAAC;YACtD,IAAA,uBAAa,EAAC,MAAM,EAAE,IAAI,CAAC,SAAS,CAAC,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;YACrE,IAAA,qBAAY,EACV,wCAAwC,aAAa,CAAC,MAAM,iBAAiB,aAAa,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,oCAAoC,CACvJ,CAAC;QACJ,CAAC;QAED,iBAAiB;QACjB,MAAM,QAAQ,GAAG,GAAG,eAAe,UAAU,OAAO,CAAC,IAAI,EAAE,CAAC;QAE5D,IAAA,qBAAY,EAAC,iBAAiB,CAAC,CAAC;QAChC,IAAA,qBAAY,GAAE,CAAC;QAEf,IAAA,kBAAS,EAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;QACnC,IAAA,kBAAS,EAAC,YAAY,EAAE,GAAG,MAAM,MAAM,CAAC,CAAC;QACzC,IAAA,qBAAY,GAAE,CAAC;QAEf,8BAA8B;QAC9B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACtE,IAAA,kBAAS,EAAC,sBAAsB,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,EAAE,SAAS,CAAC,aAAa,IAAI,SAAS,CAAC,CAAC,CAAC;QAEpH,qBAAqB;QACrB,IAAI,SAAS,CAAC,SAAS,EAAE,CAAC;YACxB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,yBAAyB,SAAS,CAAC,SAAS,MAAM,CAAC,CAAC;QAC3E,CAAC;QAED,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,2EAA2E,CAAC,CAAC;QAClG,IAAA,kBAAS,EAAC,gBAAgB,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;QAExE,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,4FAA4F,CAC7F,CAAC;IACJ,CAAC;YAAS,CAAC;QACT,QAAQ,CAAC,KAAK,EAAE,CAAC;IACnB,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,IAAY;IAC/B,OAAO,IAAI;SACR,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC;SACrB,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,sBAAsB,CAC7B,MAAc,EACd,MAAc,EACd,SAAiB,EACjB,OAAgB;IAEhB,MAAM,QAAQ,GAAG,OAAO,CAAC,CAAC,CAAC,sBAAsB,OAAO,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;IACnE,OAAO;;;gBAGO,MAAM;mBACH,SAAS;EAC1B,QAAQ;;;QAGF,MAAM,EAAE,CAAC;AACjB,CAAC;AAED,SAAS,gBAAgB,CAAC,MAAc,EAAE,MAAc,EAAE,SAAiB;IACzE,OAAO;WACE,MAAM;cACH,SAAS;oBACH,MAAM;8BACI,MAAM;iBACnB,MAAM,mDAAmD,CAAC;AAC3E,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "trusta",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.3.0",
|
|
4
4
|
"description": "Generate your trust page in minutes — npx trusta init",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"bin": {
|
|
@@ -32,10 +32,15 @@
|
|
|
32
32
|
},
|
|
33
33
|
"homepage": "https://trusta.dev",
|
|
34
34
|
"devDependencies": {
|
|
35
|
+
"@semantic-release/changelog": "^6.0.3",
|
|
36
|
+
"@semantic-release/git": "^10.0.1",
|
|
37
|
+
"@semantic-release/github": "^12.0.6",
|
|
38
|
+
"@semantic-release/npm": "^13.1.5",
|
|
35
39
|
"@types/node": "^22.0.0",
|
|
36
40
|
"@typescript-eslint/eslint-plugin": "^8.0.0",
|
|
37
41
|
"@typescript-eslint/parser": "^8.0.0",
|
|
38
42
|
"eslint": "^9.0.0",
|
|
43
|
+
"semantic-release": "^25.0.3",
|
|
39
44
|
"typescript": "^5.5.0"
|
|
40
45
|
}
|
|
41
46
|
}
|