vantaverse-ai-reviewer 0.1.5 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +55 -15
- package/dist/ai/agent.d.ts +1 -1
- package/dist/ai/agent.d.ts.map +1 -1
- package/dist/ai/agent.js +23 -11
- package/dist/ai/agent.js.map +1 -1
- package/dist/commands/scan.d.ts +7 -2
- package/dist/commands/scan.d.ts.map +1 -1
- package/dist/commands/scan.js +209 -27
- package/dist/commands/scan.js.map +1 -1
- package/dist/core/diff-analyzer.d.ts +22 -0
- package/dist/core/diff-analyzer.d.ts.map +1 -0
- package/dist/core/diff-analyzer.js +71 -0
- package/dist/core/diff-analyzer.js.map +1 -0
- package/dist/core/framework-detector.d.ts.map +1 -1
- package/dist/core/framework-detector.js +48 -17
- package/dist/core/framework-detector.js.map +1 -1
- package/dist/core/security-scanner.d.ts +36 -0
- package/dist/core/security-scanner.d.ts.map +1 -0
- package/dist/core/security-scanner.js +130 -0
- package/dist/core/security-scanner.js.map +1 -0
- package/dist/index.js +7 -0
- package/dist/index.js.map +1 -1
- package/dist/utils/interactive-logger.d.ts +49 -0
- package/dist/utils/interactive-logger.d.ts.map +1 -0
- package/dist/utils/interactive-logger.js +190 -0
- package/dist/utils/interactive-logger.js.map +1 -0
- package/dist/utils/token-estimator.d.ts +26 -0
- package/dist/utils/token-estimator.d.ts.map +1 -0
- package/dist/utils/token-estimator.js +92 -0
- package/dist/utils/token-estimator.js.map +1 -0
- package/package.json +1 -1
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Diff Analyzer - Git-based change detection for token optimization
|
|
3
|
+
*/
|
|
4
|
+
import { executeCommand } from './executor.js';
|
|
5
|
+
import path from 'path';
|
|
6
|
+
/**
|
|
7
|
+
* Get list of changed files compared to a base branch
|
|
8
|
+
*/
|
|
9
|
+
export async function getChangedFiles(repoRoot, baseBranch = 'main') {
|
|
10
|
+
// Try to get diff against base branch
|
|
11
|
+
let result = await executeCommand('git', ['diff', '--name-only', baseBranch], repoRoot);
|
|
12
|
+
// If base branch doesn't exist, try 'master'
|
|
13
|
+
if (!result.success && baseBranch === 'main') {
|
|
14
|
+
result = await executeCommand('git', ['diff', '--name-only', 'master'], repoRoot);
|
|
15
|
+
if (result.success) {
|
|
16
|
+
baseBranch = 'master';
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
// Fallback: get uncommitted changes
|
|
20
|
+
if (!result.success) {
|
|
21
|
+
result = await executeCommand('git', ['diff', '--name-only', 'HEAD'], repoRoot);
|
|
22
|
+
baseBranch = 'HEAD';
|
|
23
|
+
}
|
|
24
|
+
// Also include staged changes
|
|
25
|
+
const stagedResult = await executeCommand('git', ['diff', '--name-only', '--cached'], repoRoot);
|
|
26
|
+
const changedFiles = new Set();
|
|
27
|
+
if (result.success) {
|
|
28
|
+
result.stdout.split('\n')
|
|
29
|
+
.filter(f => f.trim())
|
|
30
|
+
.forEach(f => changedFiles.add(f));
|
|
31
|
+
}
|
|
32
|
+
if (stagedResult.success) {
|
|
33
|
+
stagedResult.stdout.split('\n')
|
|
34
|
+
.filter(f => f.trim())
|
|
35
|
+
.forEach(f => changedFiles.add(f));
|
|
36
|
+
}
|
|
37
|
+
const files = Array.from(changedFiles);
|
|
38
|
+
return {
|
|
39
|
+
changedFiles: files,
|
|
40
|
+
baseBranch,
|
|
41
|
+
hasChanges: files.length > 0,
|
|
42
|
+
summary: files.length > 0
|
|
43
|
+
? `${files.length} files changed since ${baseBranch}`
|
|
44
|
+
: 'No changes detected'
|
|
45
|
+
};
|
|
46
|
+
}
|
|
47
|
+
/**
|
|
48
|
+
* Get files that import/depend on changed files
|
|
49
|
+
*/
|
|
50
|
+
export async function getRelatedFiles(repoRoot, changedFiles) {
|
|
51
|
+
const related = new Set();
|
|
52
|
+
for (const file of changedFiles) {
|
|
53
|
+
const basename = path.basename(file, path.extname(file));
|
|
54
|
+
// Search for files that import this module
|
|
55
|
+
const result = await executeCommand('git', ['grep', '-l', `from.*['"].*${basename}['"]`], repoRoot);
|
|
56
|
+
if (result.success) {
|
|
57
|
+
result.stdout.split('\n')
|
|
58
|
+
.filter(f => f.trim() && !changedFiles.includes(f))
|
|
59
|
+
.forEach(f => related.add(f));
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
return Array.from(related).slice(0, 10); // Limit to 10 related files
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Get the actual diff content for a file
|
|
66
|
+
*/
|
|
67
|
+
export async function getFileDiff(repoRoot, filePath, baseBranch = 'main') {
|
|
68
|
+
const result = await executeCommand('git', ['diff', baseBranch, '--', filePath], repoRoot);
|
|
69
|
+
return result.success ? result.stdout : '';
|
|
70
|
+
}
|
|
71
|
+
//# sourceMappingURL=diff-analyzer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"diff-analyzer.js","sourceRoot":"","sources":["../../src/core/diff-analyzer.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,IAAI,MAAM,MAAM,CAAC;AASxB;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACjC,QAAgB,EAChB,aAAqB,MAAM;IAE3B,sCAAsC;IACtC,IAAI,MAAM,GAAG,MAAM,cAAc,CAC7B,KAAK,EACL,CAAC,MAAM,EAAE,aAAa,EAAE,UAAU,CAAC,EACnC,QAAQ,CACX,CAAC;IAEF,6CAA6C;IAC7C,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;QAC3C,MAAM,GAAG,MAAM,cAAc,CACzB,KAAK,EACL,CAAC,MAAM,EAAE,aAAa,EAAE,QAAQ,CAAC,EACjC,QAAQ,CACX,CAAC;QACF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,UAAU,GAAG,QAAQ,CAAC;QAC1B,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QAClB,MAAM,GAAG,MAAM,cAAc,CACzB,KAAK,EACL,CAAC,MAAM,EAAE,aAAa,EAAE,MAAM,CAAC,EAC/B,QAAQ,CACX,CAAC;QACF,UAAU,GAAG,MAAM,CAAC;IACxB,CAAC;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG,MAAM,cAAc,CACrC,KAAK,EACL,CAAC,MAAM,EAAE,aAAa,EAAE,UAAU,CAAC,EACnC,QAAQ,CACX,CAAC;IAEF,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IAEvC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACjB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;aACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACrB,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC;IAED,IAAI,YAAY,CAAC,OAAO,EAAE,CAAC;QACvB,YAAY,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;aAC1B,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;aACrB,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3C,CAAC;IAED,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAEvC,OAAO;QACH,YAAY,EAAE,KAAK;QACnB,UAAU;QACV,UAAU,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;QAC5B,OAAO,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;YACrB,CAAC,CAAC,GAAG,KAAK,CAAC,MAAM,wBAAwB,UAAU,EAAE;YACrD,CAAC,CAAC,qBAAqB;KAC9B,CAAC;AACN,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACjC,QAAgB,EAChB,YAAsB;IAEtB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAU,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAC9B,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QAEzD,2CAA2C;QAC3C,MAAM,MAAM,GAAG,MAAM,cAAc,CAC/B,KAAK,EACL,CAAC,MAAM,EAAE,IAAI,EAAE,eAAe,QAAQ,MAAM,CAAC,EAC7C,QAAQ,CACX,CAAC;QAEF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACjB,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC;iBACpB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;iBAClD,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACtC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,4BAA4B;AACzE,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC7B,QAAgB,EAChB,QAAgB,EAChB,aAAqB,MAAM;IAE3B,MAAM,MAAM,GAAG,MAAM,cAAc,CAC/B,KAAK,EACL,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,CAAC,EACpC,QAAQ,CACX,CAAC;IAEF,OAAO,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC;AAC/C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"framework-detector.d.ts","sourceRoot":"","sources":["../../src/core/framework-detector.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,MAAM,MAAM,SAAS,GACf,QAAQ,GACR,OAAO,GACP,MAAM,GACN,SAAS,GACT,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,SAAS,GACT,QAAQ,GACR,SAAS,CAAC;AAEhB,MAAM,WAAW,aAAa;IAC1B,IAAI,EAAE,SAAS,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;CACvB;AAuED;;GAEG;AACH,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,
|
|
1
|
+
{"version":3,"file":"framework-detector.d.ts","sourceRoot":"","sources":["../../src/core/framework-detector.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,MAAM,MAAM,SAAS,GACf,QAAQ,GACR,OAAO,GACP,MAAM,GACN,SAAS,GACT,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,SAAS,GACT,QAAQ,GACR,SAAS,CAAC;AAEhB,MAAM,WAAW,aAAa;IAC1B,IAAI,EAAE,SAAS,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;CACvB;AAuED;;GAEG;AACH,wBAAsB,eAAe,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CA0G9E;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,SAAS,EAAE,SAAS,GAAG,MAAM,CAgB9D"}
|
|
@@ -84,7 +84,16 @@ export async function detectFramework(repoRoot) {
|
|
|
84
84
|
return false;
|
|
85
85
|
}
|
|
86
86
|
};
|
|
87
|
-
|
|
87
|
+
const readPackageJson = async () => {
|
|
88
|
+
try {
|
|
89
|
+
const content = await fs.promises.readFile(path.join(repoRoot, 'package.json'), 'utf-8');
|
|
90
|
+
return JSON.parse(content);
|
|
91
|
+
}
|
|
92
|
+
catch {
|
|
93
|
+
return null;
|
|
94
|
+
}
|
|
95
|
+
};
|
|
96
|
+
// Check for Next.js (config files or package.json)
|
|
88
97
|
if (await exists('next.config.js') || await exists('next.config.ts') || await exists('next.config.mjs')) {
|
|
89
98
|
return { name: 'nextjs', ...FRAMEWORK_CONFIGS.nextjs };
|
|
90
99
|
}
|
|
@@ -92,15 +101,15 @@ export async function detectFramework(repoRoot) {
|
|
|
92
101
|
if (await exists('angular.json')) {
|
|
93
102
|
return { name: 'angular', ...FRAMEWORK_CONFIGS.angular };
|
|
94
103
|
}
|
|
95
|
-
// Check for Vue
|
|
104
|
+
// Check for Vue/Nuxt
|
|
96
105
|
if (await exists('vue.config.js') || await exists('nuxt.config.js') || await exists('nuxt.config.ts')) {
|
|
97
106
|
return { name: 'vue', ...FRAMEWORK_CONFIGS.vue };
|
|
98
107
|
}
|
|
99
|
-
// Check for Svelte
|
|
108
|
+
// Check for Svelte/SvelteKit
|
|
100
109
|
if (await exists('svelte.config.js') || await exists('svelte.config.ts')) {
|
|
101
110
|
return { name: 'svelte', ...FRAMEWORK_CONFIGS.svelte };
|
|
102
111
|
}
|
|
103
|
-
// Check for Vite
|
|
112
|
+
// Check for Vite
|
|
104
113
|
if (await exists('vite.config.js') || await exists('vite.config.ts')) {
|
|
105
114
|
return { name: 'vite', ...FRAMEWORK_CONFIGS.vite };
|
|
106
115
|
}
|
|
@@ -112,23 +121,45 @@ export async function detectFramework(repoRoot) {
|
|
|
112
121
|
if (await exists('manage.py')) {
|
|
113
122
|
return { name: 'django', ...FRAMEWORK_CONFIGS.django };
|
|
114
123
|
}
|
|
115
|
-
// Check for Flask
|
|
124
|
+
// Check for Flask
|
|
116
125
|
if (await exists('app.py') || await exists('wsgi.py')) {
|
|
117
126
|
return { name: 'flask', ...FRAMEWORK_CONFIGS.flask };
|
|
118
127
|
}
|
|
119
|
-
// Check for
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
}
|
|
126
|
-
if (pkg.dependencies?.react || pkg.devDependencies?.react) {
|
|
127
|
-
return { name: 'react', ...FRAMEWORK_CONFIGS.react };
|
|
128
|
-
}
|
|
128
|
+
// Check package.json for dependencies
|
|
129
|
+
const pkg = await readPackageJson();
|
|
130
|
+
if (pkg) {
|
|
131
|
+
const deps = { ...pkg.dependencies, ...pkg.devDependencies };
|
|
132
|
+
// Next.js via package.json
|
|
133
|
+
if (deps['next']) {
|
|
134
|
+
return { name: 'nextjs', ...FRAMEWORK_CONFIGS.nextjs };
|
|
129
135
|
}
|
|
130
|
-
|
|
131
|
-
|
|
136
|
+
// NestJS via package.json
|
|
137
|
+
if (deps['@nestjs/core']) {
|
|
138
|
+
return { name: 'nestjs', ...FRAMEWORK_CONFIGS.nestjs };
|
|
139
|
+
}
|
|
140
|
+
// Vue via package.json
|
|
141
|
+
if (deps['vue'] || deps['nuxt']) {
|
|
142
|
+
return { name: 'vue', ...FRAMEWORK_CONFIGS.vue };
|
|
143
|
+
}
|
|
144
|
+
// Angular via package.json
|
|
145
|
+
if (deps['@angular/core']) {
|
|
146
|
+
return { name: 'angular', ...FRAMEWORK_CONFIGS.angular };
|
|
147
|
+
}
|
|
148
|
+
// Svelte via package.json
|
|
149
|
+
if (deps['svelte']) {
|
|
150
|
+
return { name: 'svelte', ...FRAMEWORK_CONFIGS.svelte };
|
|
151
|
+
}
|
|
152
|
+
// Express
|
|
153
|
+
if (deps['express']) {
|
|
154
|
+
return { name: 'express', ...FRAMEWORK_CONFIGS.express };
|
|
155
|
+
}
|
|
156
|
+
// React (check after more specific frameworks)
|
|
157
|
+
if (deps['react']) {
|
|
158
|
+
return { name: 'react', ...FRAMEWORK_CONFIGS.react };
|
|
159
|
+
}
|
|
160
|
+
// Vite
|
|
161
|
+
if (deps['vite']) {
|
|
162
|
+
return { name: 'vite', ...FRAMEWORK_CONFIGS.vite };
|
|
132
163
|
}
|
|
133
164
|
}
|
|
134
165
|
return { name: 'unknown', ...FRAMEWORK_CONFIGS.unknown };
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"framework-detector.js","sourceRoot":"","sources":["../../src/core/framework-detector.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAuBxB,MAAM,iBAAiB,GAAmD;IACtE,MAAM,EAAE;QACJ,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,8BAA8B;QAC3C,YAAY,EAAE,CAAC,0BAA0B,EAAE,4BAA4B,EAAE,iCAAiC,CAAC;QAC3G,cAAc,EAAE,CAAC,UAAU,EAAE,iBAAiB,CAAC;KAClD;IACD,KAAK,EAAE;QACH,WAAW,EAAE,OAAO;QACpB,WAAW,EAAE,WAAW;QACxB,YAAY,EAAE,CAAC,0BAA0B,EAAE,iCAAiC,CAAC;QAC7E,cAAc,EAAE,CAAC,UAAU,EAAE,iBAAiB,CAAC;KAClD;IACD,IAAI,EAAE;QACF,WAAW,EAAE,MAAM;QACnB,WAAW,EAAE,uBAAuB;QACpC,YAAY,EAAE,CAAC,qCAAqC,CAAC;QACrD,cAAc,EAAE,CAAC,SAAS,EAAE,iBAAiB,CAAC;KACjD;IACD,OAAO,EAAE;QACL,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,mBAAmB;QAChC,YAAY,EAAE,CAAC,6BAA6B,CAAC;QAC7C,cAAc,EAAE,CAAC,SAAS,EAAE,iBAAiB,EAAE,aAAa,CAAC;KAChE;IACD,GAAG,EAAE;QACD,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,kBAAkB;QAC/B,YAAY,EAAE,CAAC,sBAAsB,CAAC;QACtC,cAAc,EAAE,CAAC,SAAS,EAAE,iBAAiB,CAAC;KACjD;IACD,MAAM,EAAE;QACJ,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,kBAAkB;QAC/B,YAAY,EAAE,CAAC,yBAAyB,CAAC;QACzC,cAAc,EAAE,CAAC,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,CAAC;KACpE;IACD,MAAM,EAAE;QACJ,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,yBAAyB;QACtC,YAAY,EAAE,CAAC,SAAS,EAAE,wBAAwB,CAAC;QACnD,cAAc,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,OAAO,EAAE,eAAe,CAAC;KAC1E;IACD,KAAK,EAAE;QACH,WAAW,EAAE,OAAO;QACpB,WAAW,EAAE,wBAAwB;QACrC,YAAY,EAAE,CAAC,SAAS,EAAE,qBAAqB,CAAC;QAChD,cAAc,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,OAAO,CAAC;KACzD;IACD,OAAO,EAAE;QACL,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,yBAAyB;QACtC,YAAY,EAAE,CAAC,cAAc,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;QACjF,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC;KACjD;IACD,MAAM,EAAE;QACJ,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,0BAA0B;QACvC,YAAY,EAAE,CAAC,aAAa,CAAC;QAC7B,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC;KACjD;IACD,OAAO,EAAE;QACL,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,iBAAiB;QAC9B,YAAY,EAAE,CAAC,oCAAoC,CAAC;QACpD,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,gBAAgB,CAAC;KAC1F;CACJ,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,QAAgB;IAClD,MAAM,MAAM,GAAG,KAAK,EAAE,IAAY,EAAE,EAAE;QAClC,IAAI,CAAC;YACD,MAAM,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,KAAK,CAAC;QACjB,CAAC;IACL,CAAC,CAAC;IAEF,
|
|
1
|
+
{"version":3,"file":"framework-detector.js","sourceRoot":"","sources":["../../src/core/framework-detector.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AAuBxB,MAAM,iBAAiB,GAAmD;IACtE,MAAM,EAAE;QACJ,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,8BAA8B;QAC3C,YAAY,EAAE,CAAC,0BAA0B,EAAE,4BAA4B,EAAE,iCAAiC,CAAC;QAC3G,cAAc,EAAE,CAAC,UAAU,EAAE,iBAAiB,CAAC;KAClD;IACD,KAAK,EAAE;QACH,WAAW,EAAE,OAAO;QACpB,WAAW,EAAE,WAAW;QACxB,YAAY,EAAE,CAAC,0BAA0B,EAAE,iCAAiC,CAAC;QAC7E,cAAc,EAAE,CAAC,UAAU,EAAE,iBAAiB,CAAC;KAClD;IACD,IAAI,EAAE;QACF,WAAW,EAAE,MAAM;QACnB,WAAW,EAAE,uBAAuB;QACpC,YAAY,EAAE,CAAC,qCAAqC,CAAC;QACrD,cAAc,EAAE,CAAC,SAAS,EAAE,iBAAiB,CAAC;KACjD;IACD,OAAO,EAAE;QACL,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,mBAAmB;QAChC,YAAY,EAAE,CAAC,6BAA6B,CAAC;QAC7C,cAAc,EAAE,CAAC,SAAS,EAAE,iBAAiB,EAAE,aAAa,CAAC;KAChE;IACD,GAAG,EAAE;QACD,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,kBAAkB;QAC/B,YAAY,EAAE,CAAC,sBAAsB,CAAC;QACtC,cAAc,EAAE,CAAC,SAAS,EAAE,iBAAiB,CAAC;KACjD;IACD,MAAM,EAAE;QACJ,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,kBAAkB;QAC/B,YAAY,EAAE,CAAC,yBAAyB,CAAC;QACzC,cAAc,EAAE,CAAC,UAAU,EAAE,gBAAgB,EAAE,iBAAiB,CAAC;KACpE;IACD,MAAM,EAAE;QACJ,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,yBAAyB;QACtC,YAAY,EAAE,CAAC,SAAS,EAAE,wBAAwB,CAAC;QACnD,cAAc,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,OAAO,EAAE,eAAe,CAAC;KAC1E;IACD,KAAK,EAAE;QACH,WAAW,EAAE,OAAO;QACpB,WAAW,EAAE,wBAAwB;QACrC,YAAY,EAAE,CAAC,SAAS,EAAE,qBAAqB,CAAC;QAChD,cAAc,EAAE,CAAC,SAAS,EAAE,gBAAgB,EAAE,OAAO,CAAC;KACzD;IACD,OAAO,EAAE;QACL,WAAW,EAAE,YAAY;QACzB,WAAW,EAAE,yBAAyB;QACtC,YAAY,EAAE,CAAC,cAAc,EAAE,qBAAqB,EAAE,0BAA0B,CAAC;QACjF,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC;KACjD;IACD,MAAM,EAAE;QACJ,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,0BAA0B;QACvC,YAAY,EAAE,CAAC,aAAa,CAAC;QAC7B,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,CAAC;KACjD;IACD,OAAO,EAAE;QACL,WAAW,EAAE,SAAS;QACtB,WAAW,EAAE,iBAAiB;QAC9B,YAAY,EAAE,CAAC,oCAAoC,CAAC;QACpD,cAAc,EAAE,CAAC,iBAAiB,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,gBAAgB,CAAC;KAC1F;CACJ,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,QAAgB;IAClD,MAAM,MAAM,GAAG,KAAK,EAAE,IAAY,EAAE,EAAE;QAClC,IAAI,CAAC;YACD,MAAM,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,CAAC;QAChB,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,KAAK,CAAC;QACjB,CAAC;IACL,CAAC,CAAC;IAEF,MAAM,eAAe,GAAG,KAAK,IAAkB,EAAE;QAC7C,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,EAAE,OAAO,CAAC,CAAC;YACzF,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC/B,CAAC;QAAC,MAAM,CAAC;YACL,OAAO,IAAI,CAAC;QAChB,CAAC;IACL,CAAC,CAAC;IAEF,mDAAmD;IACnD,IAAI,MAAM,MAAM,CAAC,gBAAgB,CAAC,IAAI,MAAM,MAAM,CAAC,gBAAgB,CAAC,IAAI,MAAM,MAAM,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACtG,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;IAC3D,CAAC;IAED,oBAAoB;IACpB,IAAI,MAAM,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QAC/B,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,iBAAiB,CAAC,OAAO,EAAE,CAAC;IAC7D,CAAC;IAED,qBAAqB;IACrB,IAAI,MAAM,MAAM,CAAC,eAAe,CAAC,IAAI,MAAM,MAAM,CAAC,gBAAgB,CAAC,IAAI,MAAM,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACpG,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,iBAAiB,CAAC,GAAG,EAAE,CAAC;IACrD,CAAC;IAED,6BAA6B;IAC7B,IAAI,MAAM,MAAM,CAAC,kBAAkB,CAAC,IAAI,MAAM,MAAM,CAAC,kBAAkB,CAAC,EAAE,CAAC;QACvE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;IAC3D,CAAC;IAED,iBAAiB;IACjB,IAAI,MAAM,MAAM,CAAC,gBAAgB,CAAC,IAAI,MAAM,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACnE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAAC,IAAI,EAAE,CAAC;IACvD,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;QAChC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;IAC3D,CAAC;IAED,mBAAmB;IACnB,IAAI,MAAM,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;QAC5B,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;IAC3D,CAAC;IAED,kBAAkB;IAClB,IAAI,MAAM,MAAM,CAAC,QAAQ,CAAC,IAAI,MAAM,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC;QACpD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC,KAAK,EAAE,CAAC;IACzD,CAAC;IAED,sCAAsC;IACtC,MAAM,GAAG,GAAG,MAAM,eAAe,EAAE,CAAC;IACpC,IAAI,GAAG,EAAE,CAAC;QACN,MAAM,IAAI,GAAG,EAAE,GAAG,GAAG,CAAC,YAAY,EAAE,GAAG,GAAG,CAAC,eAAe,EAAE,CAAC;QAE7D,2BAA2B;QAC3B,IAAI,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACf,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC3D,CAAC;QAED,0BAA0B;QAC1B,IAAI,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YACvB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC3D,CAAC;QAED,uBAAuB;QACvB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YAC9B,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,iBAAiB,CAAC,GAAG,EAAE,CAAC;QACrD,CAAC;QAED,2BAA2B;QAC3B,IAAI,IAAI,CAAC,eAAe,CAAC,EAAE,CAAC;YACxB,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,iBAAiB,CAAC,OAAO,EAAE,CAAC;QAC7D,CAAC;QAED,0BAA0B;QAC1B,IAAI,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YACjB,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,GAAG,iBAAiB,CAAC,MAAM,EAAE,CAAC;QAC3D,CAAC;QAED,UAAU;QACV,IAAI,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;YAClB,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,iBAAiB,CAAC,OAAO,EAAE,CAAC;QAC7D,CAAC;QAED,+CAA+C;QAC/C,IAAI,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAChB,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,iBAAiB,CAAC,KAAK,EAAE,CAAC;QACzD,CAAC;QAED,OAAO;QACP,IAAI,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;YACf,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,iBAAiB,CAAC,IAAI,EAAE,CAAC;QACvD,CAAC;IACL,CAAC;IAED,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,iBAAiB,CAAC,OAAO,EAAE,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,SAAoB;IAClD,MAAM,KAAK,GAA8B;QACrC,MAAM,EAAE,+FAA+F;QACvG,KAAK,EAAE,2FAA2F;QAClG,IAAI,EAAE,+EAA+E;QACrF,OAAO,EAAE,+EAA+E;QACxF,GAAG,EAAE,+EAA+E;QACpF,MAAM,EAAE,4EAA4E;QACpF,MAAM,EAAE,iFAAiF;QACzF,KAAK,EAAE,4EAA4E;QACnF,OAAO,EAAE,gFAAgF;QACzF,MAAM,EAAE,6EAA6E;QACrF,OAAO,EAAE,+BAA+B;KAC3C,CAAC;IAEF,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC;AAC5B,CAAC"}
|
|
@@ -0,0 +1,36 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Security Scanner - Free local security checks (zero token cost)
|
|
3
|
+
*/
|
|
4
|
+
import type { ScannedFile } from './scanner.js';
|
|
5
|
+
export interface SecretFinding {
|
|
6
|
+
file: string;
|
|
7
|
+
line: number;
|
|
8
|
+
type: string;
|
|
9
|
+
match: string;
|
|
10
|
+
severity: 'critical' | 'high' | 'medium';
|
|
11
|
+
}
|
|
12
|
+
export interface VulnerabilityInfo {
|
|
13
|
+
name: string;
|
|
14
|
+
severity: string;
|
|
15
|
+
description: string;
|
|
16
|
+
fixAvailable: boolean;
|
|
17
|
+
}
|
|
18
|
+
export interface SecurityScanResult {
|
|
19
|
+
secrets: SecretFinding[];
|
|
20
|
+
vulnerabilities: VulnerabilityInfo[];
|
|
21
|
+
hasIssues: boolean;
|
|
22
|
+
summary: string;
|
|
23
|
+
}
|
|
24
|
+
/**
|
|
25
|
+
* Scan files for secrets using regex patterns
|
|
26
|
+
*/
|
|
27
|
+
export declare function scanForSecrets(files: ScannedFile[], repoRoot: string): Promise<SecretFinding[]>;
|
|
28
|
+
/**
|
|
29
|
+
* Run npm audit for vulnerability detection
|
|
30
|
+
*/
|
|
31
|
+
export declare function runNpmAudit(repoRoot: string): Promise<VulnerabilityInfo[]>;
|
|
32
|
+
/**
|
|
33
|
+
* Run full security scan (secrets + npm audit)
|
|
34
|
+
*/
|
|
35
|
+
export declare function runSecurityScan(files: ScannedFile[], repoRoot: string): Promise<SecurityScanResult>;
|
|
36
|
+
//# sourceMappingURL=security-scanner.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-scanner.d.ts","sourceRoot":"","sources":["../../src/core/security-scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAEhD,MAAM,WAAW,aAAa;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;CAC5C;AAED,MAAM,WAAW,iBAAiB;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,kBAAkB;IAC/B,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,eAAe,EAAE,iBAAiB,EAAE,CAAC;IACrC,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;CACnB;AAmCD;;GAEG;AACH,wBAAsB,cAAc,CAChC,KAAK,EAAE,WAAW,EAAE,EACpB,QAAQ,EAAE,MAAM,GACjB,OAAO,CAAC,aAAa,EAAE,CAAC,CA4C1B;AAED;;GAEG;AACH,wBAAsB,WAAW,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAiChF;AAED;;GAEG;AACH,wBAAsB,eAAe,CACjC,KAAK,EAAE,WAAW,EAAE,EACpB,QAAQ,EAAE,MAAM,GACjB,OAAO,CAAC,kBAAkB,CAAC,CA4B7B"}
|
|
@@ -0,0 +1,130 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Security Scanner - Free local security checks (zero token cost)
|
|
3
|
+
*/
|
|
4
|
+
import { executeCommand } from './executor.js';
|
|
5
|
+
import { safeReadFile } from './security.js';
|
|
6
|
+
/**
|
|
7
|
+
* Secret detection patterns (regex-based, zero cost)
|
|
8
|
+
*/
|
|
9
|
+
const SECRET_PATTERNS = [
|
|
10
|
+
// AWS
|
|
11
|
+
{ pattern: /AKIA[0-9A-Z]{16}/g, type: 'AWS Access Key', severity: 'critical' },
|
|
12
|
+
{ pattern: /aws[_-]?secret[_-]?access[_-]?key['":\s=]+['"]?([A-Za-z0-9/+=]{40})['"]?/gi, type: 'AWS Secret Key', severity: 'critical' },
|
|
13
|
+
// Generic API Keys
|
|
14
|
+
{ pattern: /(?:api[_-]?key|apikey)['":\s=]+['"]?([A-Za-z0-9_-]{20,})['"]?/gi, type: 'API Key', severity: 'high' },
|
|
15
|
+
{ pattern: /(?:secret|token)['":\s=]+['"]?([A-Za-z0-9_-]{20,})['"]?/gi, type: 'Secret/Token', severity: 'high' },
|
|
16
|
+
// JWT Tokens
|
|
17
|
+
{ pattern: /eyJ[A-Za-z0-9-_]+\.eyJ[A-Za-z0-9-_]+\.[A-Za-z0-9-_.+/=]*/g, type: 'JWT Token', severity: 'medium' },
|
|
18
|
+
// GitHub
|
|
19
|
+
{ pattern: /ghp_[A-Za-z0-9]{36}/g, type: 'GitHub Personal Token', severity: 'critical' },
|
|
20
|
+
{ pattern: /github_pat_[A-Za-z0-9]{22}_[A-Za-z0-9]{59}/g, type: 'GitHub PAT', severity: 'critical' },
|
|
21
|
+
// Private Keys
|
|
22
|
+
{ pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/g, type: 'Private Key', severity: 'critical' },
|
|
23
|
+
// Database URLs
|
|
24
|
+
{ pattern: /(?:mongodb|postgres|mysql|redis):\/\/[^'"\\s]+:[^'"\\s]+@[^'"\\s]+/gi, type: 'Database URL with Credentials', severity: 'critical' },
|
|
25
|
+
// Slack
|
|
26
|
+
{ pattern: /xox[baprs]-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24}/g, type: 'Slack Token', severity: 'high' },
|
|
27
|
+
// Stripe
|
|
28
|
+
{ pattern: /sk_live_[A-Za-z0-9]{24,}/g, type: 'Stripe Secret Key', severity: 'critical' },
|
|
29
|
+
{ pattern: /pk_live_[A-Za-z0-9]{24,}/g, type: 'Stripe Publishable Key', severity: 'medium' },
|
|
30
|
+
];
|
|
31
|
+
/**
|
|
32
|
+
* Scan files for secrets using regex patterns
|
|
33
|
+
*/
|
|
34
|
+
export async function scanForSecrets(files, repoRoot) {
|
|
35
|
+
const findings = [];
|
|
36
|
+
for (const file of files) {
|
|
37
|
+
// Skip binary and non-code files
|
|
38
|
+
const ext = file.extension.toLowerCase();
|
|
39
|
+
if (['png', 'jpg', 'jpeg', 'gif', 'ico', 'woff', 'woff2', 'ttf', 'eot'].includes(ext)) {
|
|
40
|
+
continue;
|
|
41
|
+
}
|
|
42
|
+
try {
|
|
43
|
+
const content = await safeReadFile(file.path, repoRoot, 500 * 1024);
|
|
44
|
+
const lines = content.split('\n');
|
|
45
|
+
for (let i = 0; i < lines.length; i++) {
|
|
46
|
+
const line = lines[i];
|
|
47
|
+
for (const { pattern, type, severity } of SECRET_PATTERNS) {
|
|
48
|
+
// Reset regex state
|
|
49
|
+
pattern.lastIndex = 0;
|
|
50
|
+
let match;
|
|
51
|
+
while ((match = pattern.exec(line)) !== null) {
|
|
52
|
+
// Mask the secret for display
|
|
53
|
+
const maskedMatch = match[0].length > 10
|
|
54
|
+
? match[0].substring(0, 6) + '...' + match[0].substring(match[0].length - 4)
|
|
55
|
+
: '***';
|
|
56
|
+
findings.push({
|
|
57
|
+
file: file.relativePath,
|
|
58
|
+
line: i + 1,
|
|
59
|
+
type,
|
|
60
|
+
match: maskedMatch,
|
|
61
|
+
severity
|
|
62
|
+
});
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
catch {
|
|
68
|
+
// Skip files that can't be read
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
return findings;
|
|
72
|
+
}
|
|
73
|
+
/**
|
|
74
|
+
* Run npm audit for vulnerability detection
|
|
75
|
+
*/
|
|
76
|
+
export async function runNpmAudit(repoRoot) {
|
|
77
|
+
const result = await executeCommand('npm', ['audit', '--json'], repoRoot, { timeout: 60000 });
|
|
78
|
+
if (!result.success && !result.stdout) {
|
|
79
|
+
return [];
|
|
80
|
+
}
|
|
81
|
+
try {
|
|
82
|
+
const audit = JSON.parse(result.stdout);
|
|
83
|
+
const vulnerabilities = [];
|
|
84
|
+
// Parse npm audit JSON format
|
|
85
|
+
if (audit.vulnerabilities) {
|
|
86
|
+
for (const [name, info] of Object.entries(audit.vulnerabilities)) {
|
|
87
|
+
const vulnInfo = info;
|
|
88
|
+
vulnerabilities.push({
|
|
89
|
+
name,
|
|
90
|
+
severity: vulnInfo.severity || 'unknown',
|
|
91
|
+
description: vulnInfo.via?.[0]?.title || vulnInfo.via?.[0] || 'No description',
|
|
92
|
+
fixAvailable: vulnInfo.fixAvailable || false
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
return vulnerabilities.slice(0, 20); // Limit to 20 most important
|
|
97
|
+
}
|
|
98
|
+
catch {
|
|
99
|
+
return [];
|
|
100
|
+
}
|
|
101
|
+
}
|
|
102
|
+
/**
|
|
103
|
+
* Run full security scan (secrets + npm audit)
|
|
104
|
+
*/
|
|
105
|
+
export async function runSecurityScan(files, repoRoot) {
|
|
106
|
+
const [secrets, vulnerabilities] = await Promise.all([
|
|
107
|
+
scanForSecrets(files, repoRoot),
|
|
108
|
+
runNpmAudit(repoRoot)
|
|
109
|
+
]);
|
|
110
|
+
const criticalSecrets = secrets.filter(s => s.severity === 'critical');
|
|
111
|
+
const criticalVulns = vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high');
|
|
112
|
+
const hasIssues = secrets.length > 0 || criticalVulns.length > 0;
|
|
113
|
+
let summary = '';
|
|
114
|
+
if (secrets.length > 0) {
|
|
115
|
+
summary += `🔴 ${secrets.length} potential secrets found. `;
|
|
116
|
+
}
|
|
117
|
+
if (criticalVulns.length > 0) {
|
|
118
|
+
summary += `⚠️ ${criticalVulns.length} critical/high vulnerabilities. `;
|
|
119
|
+
}
|
|
120
|
+
if (!hasIssues) {
|
|
121
|
+
summary = '✅ No secrets or critical vulnerabilities detected.';
|
|
122
|
+
}
|
|
123
|
+
return {
|
|
124
|
+
secrets,
|
|
125
|
+
vulnerabilities,
|
|
126
|
+
hasIssues,
|
|
127
|
+
summary
|
|
128
|
+
};
|
|
129
|
+
}
|
|
130
|
+
//# sourceMappingURL=security-scanner.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security-scanner.js","sourceRoot":"","sources":["../../src/core/security-scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,cAAc,EAAE,MAAM,eAAe,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAyB7C;;GAEG;AACH,MAAM,eAAe,GAAkF;IACnG,MAAM;IACN,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC9E,EAAE,OAAO,EAAE,4EAA4E,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEvI,mBAAmB;IACnB,EAAE,OAAO,EAAE,iEAAiE,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjH,EAAE,OAAO,EAAE,2DAA2D,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE;IAEhH,aAAa;IACb,EAAE,OAAO,EAAE,2DAA2D,EAAE,IAAI,EAAE,WAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAE/G,SAAS;IACT,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxF,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEpG,eAAe;IACf,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE;IAExG,gBAAgB;IAChB,EAAE,OAAO,EAAE,sEAAsE,EAAE,IAAI,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAU,EAAE;IAEhJ,QAAQ;IACR,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE;IAE3G,SAAS;IACT,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACzF,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,wBAAwB,EAAE,QAAQ,EAAE,QAAQ,EAAE;CAC/F,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAChC,KAAoB,EACpB,QAAgB;IAEhB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,iCAAiC;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,CAAC,WAAW,EAAE,CAAC;QACzC,IAAI,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACpF,SAAS;QACb,CAAC;QAED,IAAI,CAAC;YACD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;YACpE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACpC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAEtB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,eAAe,EAAE,CAAC;oBACxD,oBAAoB;oBACpB,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;oBAEtB,IAAI,KAAK,CAAC;oBACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC3C,8BAA8B;wBAC9B,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE;4BACpC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;4BAC5E,CAAC,CAAC,KAAK,CAAC;wBAEZ,QAAQ,CAAC,IAAI,CAAC;4BACV,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,IAAI;4BACJ,KAAK,EAAE,WAAW;4BAClB,QAAQ;yBACX,CAAC,CAAC;oBACP,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACL,gCAAgC;QACpC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAgB;IAC9C,MAAM,MAAM,GAAG,MAAM,cAAc,CAC/B,KAAK,EACL,CAAC,OAAO,EAAE,QAAQ,CAAC,EACnB,QAAQ,EACR,EAAE,OAAO,EAAE,KAAK,EAAE,CACrB,CAAC;IAEF,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC;QACpC,OAAO,EAAE,CAAC;IACd,CAAC;IAED,IAAI,CAAC;QACD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACxC,MAAM,eAAe,GAAwB,EAAE,CAAC;QAEhD,8BAA8B;QAC9B,IAAI,KAAK,CAAC,eAAe,EAAE,CAAC;YACxB,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;gBAC/D,MAAM,QAAQ,GAAG,IAAW,CAAC;gBAC7B,eAAe,CAAC,IAAI,CAAC;oBACjB,IAAI;oBACJ,QAAQ,EAAE,QAAQ,CAAC,QAAQ,IAAI,SAAS;oBACxC,WAAW,EAAE,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,IAAI,QAAQ,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,gBAAgB;oBAC9E,YAAY,EAAE,QAAQ,CAAC,YAAY,IAAI,KAAK;iBAC/C,CAAC,CAAC;YACP,CAAC;QACL,CAAC;QAED,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,6BAA6B;IACtE,CAAC;IAAC,MAAM,CAAC;QACL,OAAO,EAAE,CAAC;IACd,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACjC,KAAoB,EACpB,QAAgB;IAEhB,MAAM,CAAC,OAAO,EAAE,eAAe,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACjD,cAAc,CAAC,KAAK,EAAE,QAAQ,CAAC;QAC/B,WAAW,CAAC,QAAQ,CAAC;KACxB,CAAC,CAAC;IAEH,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;IACvE,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAEtG,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC;IAEjE,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,IAAI,MAAM,OAAO,CAAC,MAAM,4BAA4B,CAAC;IAChE,CAAC;IACD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,IAAI,MAAM,aAAa,CAAC,MAAM,kCAAkC,CAAC;IAC5E,CAAC;IACD,IAAI,CAAC,SAAS,EAAE,CAAC;QACb,OAAO,GAAG,oDAAoD,CAAC;IACnE,CAAC;IAED,OAAO;QACH,OAAO;QACP,eAAe;QACf,SAAS;QACT,OAAO;KACV,CAAC;AACN,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -19,6 +19,13 @@ program
|
|
|
19
19
|
.option('-j, --json', 'Also generate JSON output')
|
|
20
20
|
.option('-t, --types <types>', 'Analysis types (comma-separated): overview,security,codeQuality,accessibility,uiux,testing')
|
|
21
21
|
.option('-v, --verbose', 'Verbose output')
|
|
22
|
+
// Phase 2: Token optimization flags
|
|
23
|
+
.option('-d, --diff', 'Only analyze changed files (uses git diff)')
|
|
24
|
+
.option('-b, --base <branch>', 'Base branch for diff comparison', 'main')
|
|
25
|
+
.option('--budget <usd>', 'Maximum cost budget in USD', parseFloat)
|
|
26
|
+
.option('--full', 'Force full repository scan (override --diff)')
|
|
27
|
+
// Phase 3: Security
|
|
28
|
+
.option('--no-security', 'Skip free security checks')
|
|
22
29
|
.action(async (opts) => {
|
|
23
30
|
await scan(opts);
|
|
24
31
|
});
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,IAAI,EAAoB,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,MAAM,EAAsB,MAAM,sBAAsB,CAAC;AAElE,eAAe;AACf,MAAM,OAAO,GAAG,OAAO,CAAC;AACxB,MAAM,IAAI,GAAG,aAAa,CAAC;AAE3B,OAAO;KACF,IAAI,CAAC,IAAI,CAAC;KACV,WAAW,CAAC,sEAAsE,CAAC;KACnF,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB,8BAA8B;AAC9B,OAAO;KACF,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,qBAAqB,EAAE,kBAAkB,EAAE,qBAAqB,CAAC;KACxE,MAAM,CAAC,YAAY,EAAE,2BAA2B,CAAC;KACjD,MAAM,CAAC,qBAAqB,EAAE,4FAA4F,CAAC;KAC3H,MAAM,CAAC,eAAe,EAAE,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,IAAI,EAAoB,MAAM,oBAAoB,CAAC;AAC5D,OAAO,EAAE,MAAM,EAAsB,MAAM,sBAAsB,CAAC;AAElE,eAAe;AACf,MAAM,OAAO,GAAG,OAAO,CAAC;AACxB,MAAM,IAAI,GAAG,aAAa,CAAC;AAE3B,OAAO;KACF,IAAI,CAAC,IAAI,CAAC;KACV,WAAW,CAAC,sEAAsE,CAAC;KACnF,OAAO,CAAC,OAAO,CAAC,CAAC;AAEtB,8BAA8B;AAC9B,OAAO;KACF,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,wCAAwC,CAAC;KACrD,MAAM,CAAC,qBAAqB,EAAE,kBAAkB,EAAE,qBAAqB,CAAC;KACxE,MAAM,CAAC,YAAY,EAAE,2BAA2B,CAAC;KACjD,MAAM,CAAC,qBAAqB,EAAE,4FAA4F,CAAC;KAC3H,MAAM,CAAC,eAAe,EAAE,gBAAgB,CAAC;IAC1C,oCAAoC;KACnC,MAAM,CAAC,YAAY,EAAE,4CAA4C,CAAC;KAClE,MAAM,CAAC,qBAAqB,EAAE,iCAAiC,EAAE,MAAM,CAAC;KACxE,MAAM,CAAC,gBAAgB,EAAE,4BAA4B,EAAE,UAAU,CAAC;KAClE,MAAM,CAAC,QAAQ,EAAE,8CAA8C,CAAC;IACjE,oBAAoB;KACnB,MAAM,CAAC,eAAe,EAAE,2BAA2B,CAAC;KACpD,MAAM,CAAC,KAAK,EAAE,IAAiB,EAAE,EAAE;IAChC,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC;AACrB,CAAC,CAAC,CAAC;AAEP,iBAAiB;AACjB,OAAO;KACF,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,kCAAkC,CAAC;KAC/C,MAAM,CAAC,uBAAuB,EAAE,4BAA4B,EAAE,MAAM,CAAC;KACrE,MAAM,CAAC,KAAK,EAAE,IAAmB,EAAE,EAAE;IAClC,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;AACvB,CAAC,CAAC,CAAC;AAEP,mCAAmC;AACnC,OAAO;KACF,MAAM,CAAC,KAAK,IAAI,EAAE;IACf,MAAM,IAAI,CAAC,EAAE,CAAC,CAAC;AACnB,CAAC,CAAC,CAAC;AAEP,gBAAgB;AAChB,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Interactive Logger - Agentic CLI output with motivating messages
|
|
3
|
+
*/
|
|
4
|
+
import { type Ora } from 'ora';
|
|
5
|
+
declare const AGENTIC_MESSAGES: {
|
|
6
|
+
scanning: string[];
|
|
7
|
+
security: string[];
|
|
8
|
+
codeQuality: string[];
|
|
9
|
+
accessibility: string[];
|
|
10
|
+
uiux: string[];
|
|
11
|
+
testing: string[];
|
|
12
|
+
overview: string[];
|
|
13
|
+
};
|
|
14
|
+
/**
|
|
15
|
+
* Create an interactive spinner with rotating agentic messages
|
|
16
|
+
*/
|
|
17
|
+
export declare function createAgenticSpinner(initialText: string): {
|
|
18
|
+
spinner: Ora;
|
|
19
|
+
updatePhase: (phase: keyof typeof AGENTIC_MESSAGES) => void;
|
|
20
|
+
updateFile: (fileName: string, action: string) => void;
|
|
21
|
+
showThinking: () => void;
|
|
22
|
+
stop: () => void;
|
|
23
|
+
};
|
|
24
|
+
/**
|
|
25
|
+
* Display file scanning progress
|
|
26
|
+
*/
|
|
27
|
+
export declare function showFileScanProgress(files: string[], onFile?: (file: string) => void): void;
|
|
28
|
+
/**
|
|
29
|
+
* Show analysis phase header with agentic messaging
|
|
30
|
+
*/
|
|
31
|
+
export declare function showAnalysisPhase(phase: string, fileCount: number): void;
|
|
32
|
+
/**
|
|
33
|
+
* Show analysis complete for a phase
|
|
34
|
+
*/
|
|
35
|
+
export declare function showAnalysisComplete(phase: string, duration: number, findings: number): void;
|
|
36
|
+
/**
|
|
37
|
+
* Show real-time AI thinking indicator
|
|
38
|
+
*/
|
|
39
|
+
export declare function showAIThinking(message: string): void;
|
|
40
|
+
/**
|
|
41
|
+
* Display test file detection
|
|
42
|
+
*/
|
|
43
|
+
export declare function showTestFileSearch(pattern: string): void;
|
|
44
|
+
/**
|
|
45
|
+
* Create boxed status display
|
|
46
|
+
*/
|
|
47
|
+
export declare function showStatusBox(items: Record<string, string | number>): void;
|
|
48
|
+
export {};
|
|
49
|
+
//# sourceMappingURL=interactive-logger.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"interactive-logger.d.ts","sourceRoot":"","sources":["../../src/utils/interactive-logger.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAY,EAAE,KAAK,GAAG,EAAE,MAAM,KAAK,CAAC;AAGpC,QAAA,MAAM,gBAAgB;;;;;;;;CAkDrB,CAAC;AAgBF;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG;IACvD,OAAO,EAAE,GAAG,CAAC;IACb,WAAW,EAAE,CAAC,KAAK,EAAE,MAAM,OAAO,gBAAgB,KAAK,IAAI,CAAC;IAC5D,UAAU,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,KAAK,IAAI,CAAC;IACvD,YAAY,EAAE,MAAM,IAAI,CAAC;IACzB,IAAI,EAAE,MAAM,IAAI,CAAC;CACpB,CA6CA;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAChC,KAAK,EAAE,MAAM,EAAE,EACf,MAAM,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,GAChC,IAAI,CAQN;AA2BD;;GAEG;AACH,wBAAgB,iBAAiB,CAC7B,KAAK,EAAE,MAAM,EACb,SAAS,EAAE,MAAM,GAClB,IAAI,CAIN;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAChC,KAAK,EAAE,MAAM,EACb,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,MAAM,GACjB,IAAI,CAIN;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAEpD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAExD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,CAAC,GAAG,IAAI,CAS1E"}
|