verification-layer 0.24.4 → 0.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -2
- package/dist/ai/cache.js +2 -2
- package/dist/ai/cache.js.map +1 -1
- package/dist/ai/config.d.ts +1 -1
- package/dist/ai/config.js +1 -1
- package/dist/ai/config.js.map +1 -1
- package/dist/ai/rules/prompts/audit-logging.js +1 -1
- package/dist/ai/rules/rule-runner.d.ts.map +1 -1
- package/dist/ai/rules/rule-runner.js.map +1 -1
- package/dist/ai/rules/triage.d.ts.map +1 -1
- package/dist/ai/rules/triage.js +1 -1
- package/dist/ai/rules/triage.js.map +1 -1
- package/dist/ai/scanner.d.ts.map +1 -1
- package/dist/ai/scanner.js +1 -1
- package/dist/ai/scanner.js.map +1 -1
- package/dist/cli.js +77 -13
- package/dist/cli.js.map +1 -1
- package/dist/exclusions.d.ts +13 -0
- package/dist/exclusions.d.ts.map +1 -0
- package/dist/exclusions.js +27 -0
- package/dist/exclusions.js.map +1 -0
- package/dist/index.d.ts +0 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/dist/marketplace/installer.d.ts.map +1 -1
- package/dist/marketplace/installer.js +3 -3
- package/dist/marketplace/installer.js.map +1 -1
- package/dist/marketplace/registry.d.ts.map +1 -1
- package/dist/marketplace/registry.js +3 -1
- package/dist/marketplace/registry.js.map +1 -1
- package/dist/reporters/auditor-report.d.ts +2 -1
- package/dist/reporters/auditor-report.d.ts.map +1 -1
- package/dist/reporters/auditor-report.js +203 -16
- package/dist/reporters/auditor-report.js.map +1 -1
- package/dist/reporters/branding.d.ts +39 -0
- package/dist/reporters/branding.d.ts.map +1 -0
- package/dist/reporters/branding.js +124 -0
- package/dist/reporters/branding.js.map +1 -0
- package/dist/reporters/finding-presentation.d.ts +74 -0
- package/dist/reporters/finding-presentation.d.ts.map +1 -0
- package/dist/reporters/finding-presentation.js +172 -0
- package/dist/reporters/finding-presentation.js.map +1 -0
- package/dist/reporters/index.d.ts.map +1 -1
- package/dist/reporters/index.js +50 -40
- package/dist/reporters/index.js.map +1 -1
- package/dist/reporters/scan-pdf-report.d.ts +23 -0
- package/dist/reporters/scan-pdf-report.d.ts.map +1 -0
- package/dist/reporters/scan-pdf-report.js +326 -0
- package/dist/reporters/scan-pdf-report.js.map +1 -0
- package/dist/scan.d.ts +11 -0
- package/dist/scan.d.ts.map +1 -1
- package/dist/scan.js +46 -1
- package/dist/scan.js.map +1 -1
- package/dist/scanners/api-security/index.js +2 -2
- package/dist/scanners/api-security/index.js.map +1 -1
- package/dist/scanners/authentication/index.d.ts.map +1 -1
- package/dist/scanners/authentication/index.js +32 -27
- package/dist/scanners/authentication/index.js.map +1 -1
- package/dist/scanners/configuration/index.js +2 -2
- package/dist/scanners/configuration/index.js.map +1 -1
- package/dist/scanners/credentials/index.d.ts.map +1 -1
- package/dist/scanners/credentials/index.js +9 -4
- package/dist/scanners/credentials/index.js.map +1 -1
- package/dist/scanners/credentials/index.test.js +3 -3
- package/dist/scanners/credentials/patterns.d.ts.map +1 -1
- package/dist/scanners/credentials/patterns.js +4 -4
- package/dist/scanners/credentials/patterns.js.map +1 -1
- package/dist/scanners/errors/index.js +2 -2
- package/dist/scanners/errors/index.js.map +1 -1
- package/dist/scanners/hipaa2026/index.d.ts.map +1 -1
- package/dist/scanners/hipaa2026/index.js +8 -20
- package/dist/scanners/hipaa2026/index.js.map +1 -1
- package/dist/scanners/hipaa2026/index.test.js +2 -2
- package/dist/scanners/hipaa2026/patterns.d.ts.map +1 -1
- package/dist/scanners/hipaa2026/patterns.js +18 -5
- package/dist/scanners/hipaa2026/patterns.js.map +1 -1
- package/dist/scanners/operational/index.d.ts.map +1 -1
- package/dist/scanners/operational/index.js +27 -27
- package/dist/scanners/operational/index.js.map +1 -1
- package/dist/scanners/rbac/index.js +2 -2
- package/dist/scanners/rbac/index.js.map +1 -1
- package/dist/scanners/rbac/index.test.js +3 -0
- package/dist/scanners/rbac/index.test.js.map +1 -1
- package/dist/scanners/rbac/patterns.d.ts.map +1 -1
- package/dist/scanners/rbac/patterns.js +10 -3
- package/dist/scanners/rbac/patterns.js.map +1 -1
- package/dist/scanners/revocation/index.js +2 -2
- package/dist/scanners/revocation/index.js.map +1 -1
- package/dist/scanners/sanitization/index.d.ts.map +1 -1
- package/dist/scanners/sanitization/index.js +2 -3
- package/dist/scanners/sanitization/index.js.map +1 -1
- package/dist/scanners/skills/index.js +1 -1
- package/dist/scanners/skills/index.js.map +1 -1
- package/dist/scanners/skills/patterns.js +3 -3
- package/dist/scanners/skills/patterns.js.map +1 -1
- package/dist/scanners/utils.d.ts +44 -0
- package/dist/scanners/utils.d.ts.map +1 -0
- package/dist/scanners/utils.js +77 -0
- package/dist/scanners/utils.js.map +1 -0
- package/dist/training/index.js +1 -1
- package/dist/training/index.js.map +1 -1
- package/dist/types.d.ts +38 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/utils/scan-history.js +2 -2
- package/dist/utils/scan-history.js.map +1 -1
- package/package.json +2 -2
- package/dist/scan-code.d.ts +0 -12
- package/dist/scan-code.d.ts.map +0 -1
- package/dist/scan-code.js +0 -34
- package/dist/scan-code.js.map +0 -1
package/README.md
CHANGED
|
@@ -10,7 +10,9 @@
|
|
|
10
10
|
|
|
11
11
|
---
|
|
12
12
|
|
|
13
|
-
|
|
13
|
+
**[Start Here in 2 Minutes](docs/start-here.md)** — Get your first scan running with zero setup.
|
|
14
|
+
|
|
15
|
+
## Quick Start
|
|
14
16
|
|
|
15
17
|
```bash
|
|
16
18
|
# Install globally
|
|
@@ -182,6 +184,7 @@ vlayer scan <path> -f html -o report.html # HTML report
|
|
|
182
184
|
vlayer scan <path> -f markdown -o report.md # Markdown report
|
|
183
185
|
vlayer scan <path> --fix # Auto-fix issues
|
|
184
186
|
vlayer scan <path> -c phi-exposure encryption # Specific categories
|
|
187
|
+
vlayer scan <path> --include-own-artifacts # Also scan vlayer's own reports/baseline/samples (excluded by default)
|
|
185
188
|
|
|
186
189
|
# Compliance Score
|
|
187
190
|
vlayer score <path> # Calculate compliance score (0-100)
|
|
@@ -192,10 +195,15 @@ vlayer watch <path> # Watch for changes
|
|
|
192
195
|
vlayer watch <path> -c phi-exposure # Watch specific categories
|
|
193
196
|
|
|
194
197
|
# Audit Reports
|
|
195
|
-
vlayer report <path> # Generate auditor-ready report
|
|
198
|
+
vlayer report <path> # Generate auditor-ready report (HTML)
|
|
199
|
+
vlayer report <path> -f pdf # Generate as PDF
|
|
196
200
|
vlayer report <path> -o report.html # Custom output path
|
|
197
201
|
vlayer report <path> --org "Company" # Set organization name
|
|
198
202
|
|
|
203
|
+
# White-label branding (agencies / resellers)
|
|
204
|
+
vlayer report <path> --brand-name "Acme Health" --brand-logo ./logo.png
|
|
205
|
+
vlayer scan <path> -f html --brand-name "Acme Health" --brand-logo ./logo.svg
|
|
206
|
+
|
|
199
207
|
# Training
|
|
200
208
|
vlayer train # Start interactive training
|
|
201
209
|
vlayer train --module 2 # Specific module
|
|
@@ -336,12 +344,44 @@ Create `.vlayerrc.json` in your project root:
|
|
|
336
344
|
"enabled": true,
|
|
337
345
|
"enableTriage": true,
|
|
338
346
|
"budgetCents": 50
|
|
347
|
+
},
|
|
348
|
+
"branding": {
|
|
349
|
+
"name": "Acme Health Devs",
|
|
350
|
+
"logo": "./assets/logo.png"
|
|
339
351
|
}
|
|
340
352
|
}
|
|
341
353
|
```
|
|
342
354
|
|
|
343
355
|
---
|
|
344
356
|
|
|
357
|
+
## 🏷️ White-Label Reports
|
|
358
|
+
|
|
359
|
+
Agencies and resellers can put **their own brand** on the HTML and PDF reports.
|
|
360
|
+
|
|
361
|
+
```bash
|
|
362
|
+
vlayer report ./src --brand-name "Acme Health Devs" --brand-logo ./logo.png
|
|
363
|
+
vlayer report ./src -f pdf --brand-name "Acme Health Devs" --brand-logo ./logo.png
|
|
364
|
+
vlayer scan ./src -f html --brand-name "Acme Health Devs" --brand-logo ./logo.svg
|
|
365
|
+
```
|
|
366
|
+
|
|
367
|
+
Or set it once in `.vlayerrc.json`:
|
|
368
|
+
|
|
369
|
+
```json
|
|
370
|
+
{ "branding": { "name": "Acme Health Devs", "logo": "./logo.png" } }
|
|
371
|
+
```
|
|
372
|
+
|
|
373
|
+
Behavior:
|
|
374
|
+
|
|
375
|
+
- **Cover / header**: your logo on top, your name shown as **"Prepared by …"**.
|
|
376
|
+
- **Page footer**: `Prepared by {brand} · Powered by VLayer` (repeats on every printed/PDF page).
|
|
377
|
+
- **Precedence**: CLI flags (`--brand-name`, `--brand-logo`) override the config block.
|
|
378
|
+
- **Logos**: `.png`, `.jpg`/`.jpeg`, `.svg` are accepted (PDF embeds PNG/JPG; SVG is used in HTML only).
|
|
379
|
+
- **Safe by default**: a missing or unsupported logo prints a warning and the report
|
|
380
|
+
still generates without it — the scan never breaks. Brand names are HTML-escaped.
|
|
381
|
+
- **No branding** → reports render exactly as before (default VLayer presentation).
|
|
382
|
+
|
|
383
|
+
---
|
|
384
|
+
|
|
345
385
|
## 🏗️ Auto-Fix
|
|
346
386
|
|
|
347
387
|
Automatically remediate common vulnerabilities:
|
package/dist/ai/cache.js
CHANGED
|
@@ -16,7 +16,7 @@ export class AICache {
|
|
|
16
16
|
try {
|
|
17
17
|
await fs.mkdir(this.cacheDir, { recursive: true });
|
|
18
18
|
}
|
|
19
|
-
catch
|
|
19
|
+
catch {
|
|
20
20
|
// Directory might already exist
|
|
21
21
|
}
|
|
22
22
|
}
|
|
@@ -45,7 +45,7 @@ export class AICache {
|
|
|
45
45
|
}
|
|
46
46
|
return entry.result;
|
|
47
47
|
}
|
|
48
|
-
catch
|
|
48
|
+
catch {
|
|
49
49
|
return null;
|
|
50
50
|
}
|
|
51
51
|
}
|
package/dist/ai/cache.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/ai/cache.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAUxC,MAAM,OAAO,OAAO;IACV,QAAQ,CAAS;IACjB,KAAK,CAAS;IAEtB;QACE,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC;QAC1C,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,CAAC;QAAC,
|
|
1
|
+
{"version":3,"file":"cache.js","sourceRoot":"","sources":["../../src/ai/cache.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,MAAM,MAAM,QAAQ,CAAC;AACjC,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AAUxC,MAAM,OAAO,OAAO;IACV,QAAQ,CAAS;IACjB,KAAK,CAAS;IAEtB;QACE,IAAI,CAAC,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC;QAC1C,IAAI,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,QAAQ,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;IACzD,CAAC;IAED,KAAK,CAAC,cAAc;QAClB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,gCAAgC;QAClC,CAAC;IACH,CAAC;IAED,WAAW,CAAC,OAAe;QACzB,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACnE,CAAC;IAED,WAAW,CAAC,QAAgB,EAAE,MAAc;QAC1C,OAAO,GAAG,QAAQ,IAAI,MAAM,OAAO,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,GAAG,CACP,WAAmB,EACnB,MAAc;QAEd,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAErD,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,KAAK,GAAe,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAE3C,4BAA4B;YAC5B,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,SAAS,CAAC;YACzC,IAAI,GAAG,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;gBACrB,MAAM,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,uBAAuB;gBACnD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC,MAAM,CAAC;QACtB,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,GAAG,CACP,WAAmB,EACnB,MAAc,EACd,MAAW;QAEX,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YAC7B,OAAO;QACT,CAAC;QAED,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QACpD,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAErD,MAAM,KAAK,GAAe;YACxB,QAAQ;YACR,MAAM;YACN,MAAM;YACN,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,GAAG,EAAE,IAAI,CAAC,KAAK;SAChB,CAAC;QAEF,MAAM,EAAE,CAAC,SAAS,CAAC,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;IACzE,CAAC;IAED,KAAK,CAAC,KAAK;QACT,MAAM,IAAI,CAAC,cAAc,EAAE,CAAC;QAC5B,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9C,MAAM,OAAO,CAAC,GAAG,CACf,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,CAC/D,CAAC;IACJ,CAAC;CACF"}
|
package/dist/ai/config.d.ts
CHANGED
package/dist/ai/config.js
CHANGED
package/dist/ai/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/ai/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/ai/config.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,CAAC,MAAM,SAAS,GAAG;IACvB,KAAK,EAAE,mBAA4B;IACnC,SAAS,EAAE,IAAI;IACf,WAAW,EAAE,GAAG,EAAE,6BAA6B;IAC/C,gBAAgB,EAAE,MAAM,EAAE,0BAA0B;IACpD,kBAAkB,EAAE,CAAC;IACrB,SAAS,EAAE;QACT,iBAAiB,EAAE,EAAE;QACrB,eAAe,EAAE,EAAE;KACpB;IACD,MAAM,EAAE;QACN,sBAAsB,EAAE,EAAE,EAAE,gBAAgB;QAC5C,oBAAoB,EAAE,GAAG,EAAE,+BAA+B;KAC3D;IACD,KAAK,EAAE;QACL,OAAO,EAAE,IAAI;QACb,SAAS,EAAE,kBAAkB;QAC7B,QAAQ,EAAE,EAAE;KACb;IACD,OAAO,EAAE;QACP,+CAA+C;QAC/C,mBAAmB,EAAE,GAAG;QACxB,oBAAoB,EAAE,IAAI;KAC3B;CACO,CAAC"}
|
|
@@ -52,7 +52,7 @@ Respond in JSON:
|
|
|
52
52
|
"line": number,
|
|
53
53
|
"severity": "high" | "medium",
|
|
54
54
|
"message": "Brief description of the violation",
|
|
55
|
-
"suggestion": "How to fix (be specific - e.g., 'Add auditLog.record({ userId, action:
|
|
55
|
+
"suggestion": "How to fix (be specific - e.g., 'Add auditLog.record({ userId, action: "PHI_READ", resourceId: patientId })')",
|
|
56
56
|
"hipaaReference": "§164.308(a)(1)(ii)(D) - Audit Controls",
|
|
57
57
|
"confidence": 0.0-1.0
|
|
58
58
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rule-runner.d.ts","sourceRoot":"","sources":["../../../src/ai/rules/rule-runner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAmB,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"rule-runner.d.ts","sourceRoot":"","sources":["../../../src/ai/rules/rule-runner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AACjD,OAAO,KAAK,EAAE,SAAS,EAAmB,MAAM,YAAY,CAAC;AAE7D,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,CAAC,aAAa,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,KAAK,MAAM,CAAC;CACzE;AAED,qBAAa,UAAU;IACrB,OAAO,CAAC,KAAK,CAAU;IACvB,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,WAAW,CAAc;gBAG/B,WAAW,EAAE,WAAW,EACxB,KAAK,CAAC,EAAE,OAAO,EACf,WAAW,CAAC,EAAE,WAAW;IAOrB,OAAO,CACX,IAAI,EAAE,OAAO,EACb,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,SAAS,EAAE,CAAC;IA4EvB,OAAO,CAAC,mBAAmB;IAgCrB,cAAc,CAClB,KAAK,EAAE,OAAO,EAAE,EAChB,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,SAAS,EAAE,CAAC;IAmBvB,QAAQ;;;;;;;;;;;;CAMT"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rule-runner.js","sourceRoot":"","sources":["../../../src/ai/rules/rule-runner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErD,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"rule-runner.js","sourceRoot":"","sources":["../../../src/ai/rules/rule-runner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAC1D,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErD,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AACtC,OAAO,EAAE,WAAW,EAAE,MAAM,oBAAoB,CAAC;AAWjD,MAAM,OAAO,UAAU;IACb,KAAK,CAAU;IACf,WAAW,CAAc;IACzB,WAAW,CAAc;IAEjC,YACE,WAAwB,EACxB,KAAe,EACf,WAAyB;QAEzB,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,IAAI,CAAC,KAAK,GAAG,KAAK,IAAI,IAAI,OAAO,EAAE,CAAC;QACpC,IAAI,CAAC,WAAW,GAAG,WAAW,IAAI,IAAI,WAAW,EAAE,CAAC;IACtD,CAAC;IAED,KAAK,CAAC,OAAO,CACX,IAAa,EACb,WAAmB,EACnB,QAAgB;QAEhB,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;YACrB,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,oBAAoB;QACpB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE,CAAC,CAAC;QAC1D,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1D,CAAC;QAED,mBAAmB;QACnB,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,CAAC;QAEtC,eAAe;QACf,IAAI,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,CAAC;YACpC,OAAO,CAAC,IAAI,CACV,2BAA2B,IAAI,CAAC,WAAW,CAAC,qBAAqB,EAAE,sBAAsB,IAAI,CAAC,IAAI,EAAE,CACrG,CAAC;YACF,OAAO,EAAE,CAAC;QACZ,CAAC;QAED,sCAAsC;QACtC,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,kBAAkB,CAC9D,WAAW,EACX,QAAQ,CACT,CAAC;QAEF,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,sBAAsB,QAAQ,EAAE,CAAC,CAAC;QACvE,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC;QACpD,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,WAAW,EAAE,CAAC;YAC7B,MAAM,UAAU,GAAG,IAAI,CAAC,kBAAkB,CAAC,aAAa,EAAE,QAAQ,CAAC,CAAC;YAEpE,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,CAAC;YAE9B,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;gBAC5C,KAAK,EAAE,SAAS,CAAC,KAAK;gBACtB,UAAU,EAAE,SAAS,CAAC,SAAS;gBAC/B,WAAW,EAAE,SAAS,CAAC,WAAW;gBAClC,MAAM,EAAE,IAAI,CAAC,YAAY;gBACzB,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;aAClD,CAAC,CAAC;YAEH,aAAa;YACb,IAAI,CAAC,WAAW,CAAC,UAAU,CACzB,QAAQ,CAAC,KAAK,CAAC,YAAY,EAC3B,QAAQ,CAAC,KAAK,CAAC,aAAa,CAC7B,CAAC;YAEF,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;YACpC,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAC5B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAC1D,CAAC;YAED,MAAM,MAAM,GAAoB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAEzD,mBAAmB;YACnB,MAAM,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,EAAE,IAAI,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;YAEnD,OAAO,IAAI,CAAC,mBAAmB,CAAC,MAAM,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC1D,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CACX,0BAA0B,IAAI,CAAC,IAAI,GAAG,EACtC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAC/C,CAAC;YACF,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAEO,mBAAmB,CACzB,MAAuB,EACvB,QAAgB,EAChB,IAAa;QAEb,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,EAAE;YACtC,gDAAgD;YAChD,IAAI,UAAU,GAA8B,QAAQ,CAAC;YACrD,IAAI,CAAC,CAAC,UAAU,IAAI,GAAG,EAAE,CAAC;gBACxB,UAAU,GAAG,MAAM,CAAC;YACtB,CAAC;iBAAM,IAAI,CAAC,CAAC,UAAU,IAAI,GAAG,EAAE,CAAC;gBAC/B,UAAU,GAAG,QAAQ,CAAC;YACxB,CAAC;iBAAM,CAAC;gBACN,UAAU,GAAG,KAAK,CAAC;YACrB,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,QAAQ,IAAI,CAAC,CAAC,IAAI,IAAI,KAAK,EAAE;gBAC/C,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,IAAI,CAAC,QAAe;gBAC9B,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,GAAG,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,OAAO,EAAE;gBACnC,WAAW,EAAE,CAAC,CAAC,OAAO;gBACtB,cAAc,EAAE,CAAC,CAAC,UAAU;gBAC5B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,MAAM,EAAE,IAAa;gBACrB,UAAU;aACX,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,cAAc,CAClB,KAAgB,EAChB,WAAmB,EACnB,QAAgB;QAEhB,MAAM,WAAW,GAAgB,EAAE,CAAC;QAEpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;YACjE,WAAW,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;YAE9B,sBAAsB;YACtB,IAAI,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,EAAE,CAAC;gBACpC,OAAO,CAAC,IAAI,CACV,qCAAqC,WAAW,CAAC,MAAM,mBAAmB,CAC3E,CAAC;gBACF,MAAM;YACR,CAAC;QACH,CAAC;QAED,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,QAAQ;QACN,OAAO;YACL,IAAI,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE;YACjC,SAAS,EAAE,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE;SACvC,CAAC;IACJ,CAAC;CACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"triage.d.ts","sourceRoot":"","sources":["../../../src/ai/rules/triage.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"triage.d.ts","sourceRoot":"","sources":["../../../src/ai/rules/triage.ts"],"names":[],"mappings":"AAAA;;GAEG;AAKH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,KAAK,EAAkB,cAAc,EAAE,MAAM,YAAY,CAAC;AAkBjE,wBAAsB,aAAa,CACjC,OAAO,EAAE,OAAO,EAChB,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,GACf,OAAO,CAAC,cAAc,CAAC,CAmEzB;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,QAAQ,EAAE,OAAO,EAAE,EACnB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,OAAO,CAAC,cAAc,EAAE,CAAC,CAsB3B"}
|
package/dist/ai/rules/triage.js
CHANGED
|
@@ -22,7 +22,7 @@ Be conservative - when in doubt, classify as "likely" rather than "false_positiv
|
|
|
22
22
|
export async function triageFinding(finding, fileContent, filePath) {
|
|
23
23
|
const client = getAIClient();
|
|
24
24
|
// Sanitize code before sending
|
|
25
|
-
const { sanitizedCode
|
|
25
|
+
const { sanitizedCode } = sanitizeCodeForLLM(fileContent, filePath);
|
|
26
26
|
// Get context around the finding (±10 lines)
|
|
27
27
|
const lines = sanitizedCode.split('\n');
|
|
28
28
|
const line = finding.line || 1;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"triage.js","sourceRoot":"","sources":["../../../src/ai/rules/triage.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAIrD,MAAM,oBAAoB,GAAG;;;;;;;;;;;;;;oFAcuD,CAAC;AAErF,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAgB,EAChB,WAAmB,EACnB,QAAgB;IAEhB,MAAM,MAAM,GAAG,WAAW,EAAE,CAAC;IAE7B,+BAA+B;IAC/B,MAAM,EAAE,aAAa,EAAE,
|
|
1
|
+
{"version":3,"file":"triage.js","sourceRoot":"","sources":["../../../src/ai/rules/triage.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAIrD,MAAM,oBAAoB,GAAG;;;;;;;;;;;;;;oFAcuD,CAAC;AAErF,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,OAAgB,EAChB,WAAmB,EACnB,QAAgB;IAEhB,MAAM,MAAM,GAAG,WAAW,EAAE,CAAC;IAE7B,+BAA+B;IAC/B,MAAM,EAAE,aAAa,EAAE,GAAG,kBAAkB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAEpE,6CAA6C;IAC7C,MAAM,KAAK,GAAG,aAAa,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IACxC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC;IAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;IACrD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEjE,MAAM,UAAU,GAAG;QACb,QAAQ;QACR,OAAO,CAAC,IAAI;YACR,OAAO,CAAC,QAAQ;YAChB,OAAO,CAAC,QAAQ;SACnB,OAAO,CAAC,KAAK;eACP,OAAO,CAAC,WAAW;;sBAEZ,YAAY,GAAG,CAAC,IAAI,UAAU,GAAG,CAAC;;EAEtD,OAAO;;;;;;;;;EASP,CAAC;IAED,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC5C,KAAK,EAAE,SAAS,CAAC,KAAK;YACtB,UAAU,EAAE,SAAS,CAAC,SAAS;YAC/B,WAAW,EAAE,SAAS,CAAC,WAAW;YAClC,MAAM,EAAE,oBAAoB;YAC5B,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,CAAC;SAClD,CAAC,CAAC;QAEH,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;QACpC,IAAI,OAAO,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,sCAAsC,CAAC,CAAC;QAC1D,CAAC;QAED,MAAM,YAAY,GAAmB,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAE9D,OAAO;YACL,GAAG,OAAO;YACV,gBAAgB,EAAE,YAAY,CAAC,cAAc;YAC7C,YAAY,EAAE,YAAY,CAAC,UAAU;YACrC,WAAW,EAAE,YAAY,CAAC,SAAS;YACnC,MAAM,EAAE,QAAQ;SACjB,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,qDAAqD;QACrD,OAAO;YACL,GAAG,OAAO;YACV,gBAAgB,EAAE,QAAQ;YAC1B,YAAY,EAAE,GAAG;YACjB,WAAW,EAAE,kBAAkB,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,EAAE;YACzF,MAAM,EAAE,QAAQ;SACjB,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,QAAmB,EACnB,YAAiC;IAEjC,MAAM,OAAO,GAAqB,EAAE,CAAC;IAErC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,YAAY,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,2CAA2C;YAC3C,OAAO,CAAC,IAAI,CAAC;gBACX,GAAG,OAAO;gBACV,gBAAgB,EAAE,QAAQ;gBAC1B,YAAY,EAAE,GAAG;gBACjB,WAAW,EAAE,uCAAuC;gBACpD,MAAM,EAAE,QAAQ;aACjB,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QAED,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAC3E,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC/B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/dist/ai/scanner.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/ai/scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,OAAO,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAE3C,MAAM,WAAW,aAAa;IAC5B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,SAAS,EAAE,CAAC;IACxB,eAAe,EAAE,cAAc,EAAE,CAAC;IAClC,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,kBAAkB,EAAE,MAAM,CAAC;KAC5B,CAAC;CACH;AAED;;GAEG;AACH,wBAAsB,SAAS,CAC7B,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE,aAAkB,GAC1B,OAAO,CAAC,YAAY,CAAC,
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/ai/scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAWH,OAAO,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClE,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAE3C,MAAM,WAAW,aAAa;IAC5B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,cAAc,CAAC,EAAE,OAAO,CAAC;IACzB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,SAAS,EAAE,CAAC;IACxB,eAAe,EAAE,cAAc,EAAE,CAAC;IAClC,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,SAAS,EAAE,MAAM,CAAC;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,kBAAkB,EAAE,MAAM,CAAC;KAC5B,CAAC;CACH;AAED;;GAEG;AACH,wBAAsB,SAAS,CAC7B,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE,aAAkB,GAC1B,OAAO,CAAC,YAAY,CAAC,CA8EvB;AAED;;GAEG;AACH,wBAAsB,sBAAsB,CAC1C,QAAQ,EAAE,OAAO,EAAE,EACnB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,OAAO,CAAC,cAAc,EAAE,CAAC,CAwB3B"}
|
package/dist/ai/scanner.js
CHANGED
|
@@ -14,7 +14,7 @@ import { triageFindings } from './rules/triage.js';
|
|
|
14
14
|
* Run AI-powered HIPAA scanning on target files
|
|
15
15
|
*/
|
|
16
16
|
export async function runAIScan(targetDir, options = {}) {
|
|
17
|
-
const {
|
|
17
|
+
const { enableLLMRules = true, budgetCents = AI_CONFIG.budget.defaultMaxCentsPerScan, targetFiles = [], } = options;
|
|
18
18
|
if (!isAIAvailable()) {
|
|
19
19
|
console.warn('⚠️ AI scanning disabled: ANTHROPIC_API_KEY or VLAYER_AI_KEY not found');
|
|
20
20
|
return {
|
package/dist/ai/scanner.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/ai/scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAuBnD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,SAAiB,EACjB,UAAyB,EAAE;IAE3B,MAAM,EACJ,
|
|
1
|
+
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/ai/scanner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AACrC,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAuBnD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,SAAiB,EACjB,UAAyB,EAAE;IAE3B,MAAM,EACJ,cAAc,GAAG,IAAI,EACrB,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC,sBAAsB,EACrD,WAAW,GAAG,EAAE,GACjB,GAAG,OAAO,CAAC;IAEZ,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CACV,wEAAwE,CACzE,CAAC;QACF,OAAO;YACL,UAAU,EAAE,EAAE;YACd,eAAe,EAAE,EAAE;YACnB,KAAK,EAAE;gBACL,YAAY,EAAE,CAAC;gBACf,WAAW,EAAE,CAAC;gBACd,SAAS,EAAE,CAAC;gBACZ,SAAS,EAAE,CAAC;gBACZ,kBAAkB,EAAE,CAAC;aACtB;SACF,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IAEpD,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,WAAW,CAAC,CAAC;IACjD,MAAM,KAAK,GAAG,IAAI,OAAO,EAAE,CAAC;IAC5B,MAAM,WAAW,GAAG,IAAI,WAAW,EAAE,CAAC;IACtC,MAAM,UAAU,GAAG,IAAI,UAAU,CAAC,WAAW,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;IAEnE,MAAM,UAAU,GAAgB,EAAE,CAAC;IACnC,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,gBAAgB;IAChB,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,cAAc,QAAQ,CAAC,MAAM,uBAAuB,CAAC,CAAC;QAElE,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBAChD,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAEzD,MAAM,QAAQ,GAAG,MAAM,UAAU,CAAC,cAAc,CAC9C,QAAQ,EACR,WAAW,EACX,QAAQ,CACT,CAAC;gBAEF,UAAU,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,CAAC;gBAC7B,YAAY,EAAE,CAAC;gBAEf,IAAI,WAAW,CAAC,YAAY,EAAE,EAAE,CAAC;oBAC/B,OAAO,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;oBAC1D,MAAM;gBACR,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,kBAAkB,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG,UAAU,CAAC,QAAQ,EAAE,CAAC;IACpC,OAAO,CAAC,GAAG,CACT,uBAAuB,YAAY,WAAW,UAAU,CAAC,MAAM,cAAc,KAAK,CAAC,IAAI,CAAC,aAAa,GAAG,CACzG,CAAC;IAEF,OAAO;QACL,UAAU;QACV,eAAe,EAAE,EAAE;QACnB,KAAK,EAAE;YACL,YAAY;YACZ,WAAW,EAAE,KAAK,CAAC,SAAS,CAAC,UAAU;YACvC,SAAS,EAAE,KAAK,CAAC,IAAI,CAAC,aAAa;YACnC,SAAS,EAAE,CAAC,EAAE,yBAAyB;YACvC,kBAAkB,EAAE,CAAC,EAAE,+BAA+B;SACvD;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAC1C,QAAmB,EACnB,YAAiC;IAEjC,IAAI,CAAC,aAAa,EAAE,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,2CAA2C,CAAC,CAAC;QAC1D,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1B,GAAG,CAAC;YACJ,gBAAgB,EAAE,QAAiB;YACnC,YAAY,EAAE,GAAG;YACjB,WAAW,EAAE,kBAAkB;YAC/B,MAAM,EAAE,QAAiB;SAC1B,CAAC,CAAC,CAAC;IACN,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,MAAM,cAAc,CAAC,CAAC;IAC1D,MAAM,OAAO,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAE7D,MAAM,cAAc,GAAG,OAAO,CAAC,MAAM,CACnC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,gBAAgB,KAAK,gBAAgB,CAC/C,CAAC,MAAM,CAAC;IAET,OAAO,CAAC,GAAG,CACT,sBAAsB,cAAc,2BAA2B,CAChE,CAAC;IAEF,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -12,7 +12,25 @@ import { generateAuditReport, generateTextAuditReport } from './reporters/audit-
|
|
|
12
12
|
import { loadCustomRules, validateRulesFile } from './rules/index.js';
|
|
13
13
|
import { formatScore, getScoreColor } from './compliance-score.js';
|
|
14
14
|
import { generateAuditorReport } from './reporters/auditor-report.js';
|
|
15
|
+
import { generateScanPdf } from './reporters/scan-pdf-report.js';
|
|
16
|
+
import { loadConfig } from './config.js';
|
|
17
|
+
import { resolveBranding } from './reporters/branding.js';
|
|
15
18
|
import { writeFile } from 'fs/promises';
|
|
19
|
+
/**
|
|
20
|
+
* Build branding from CLI flags (precedence) + config, and print any warnings
|
|
21
|
+
* (missing/invalid logo) without aborting. Returns undefined when nothing was
|
|
22
|
+
* supplied, so reports keep their default VLayer presentation.
|
|
23
|
+
*/
|
|
24
|
+
async function buildBranding(targetPath, configFile, flags) {
|
|
25
|
+
const config = await loadConfig(resolve(targetPath), configFile);
|
|
26
|
+
const branding = resolveBranding({ name: flags.brandName, logo: flags.brandLogo }, config.branding, resolve(targetPath));
|
|
27
|
+
for (const warning of branding.warnings) {
|
|
28
|
+
console.warn(chalk.yellow(`⚠ ${warning}`));
|
|
29
|
+
}
|
|
30
|
+
if (!branding.name && !branding.logoPath)
|
|
31
|
+
return undefined;
|
|
32
|
+
return branding;
|
|
33
|
+
}
|
|
16
34
|
const program = new Command();
|
|
17
35
|
program
|
|
18
36
|
.name('vlayer')
|
|
@@ -25,7 +43,7 @@ program
|
|
|
25
43
|
.option('-c, --categories <categories...>', 'Compliance categories to check')
|
|
26
44
|
.option('-e, --exclude <patterns>', 'Glob patterns to exclude (comma-separated or space-separated)')
|
|
27
45
|
.option('-o, --output <path>', 'Output file path for the report')
|
|
28
|
-
.option('-f, --format <format>', 'Report format: json, html, markdown', 'json')
|
|
46
|
+
.option('-f, --format <format>', 'Report format: json, html, markdown, pdf', 'json')
|
|
29
47
|
.option('--config <path>', 'Path to configuration file')
|
|
30
48
|
.option('--rules <path>', 'Path to custom rules YAML file')
|
|
31
49
|
.option('--baseline <path>', 'Path to baseline file for comparison')
|
|
@@ -34,6 +52,9 @@ program
|
|
|
34
52
|
.option('--no-ai', 'Disable AI-powered triage and analysis')
|
|
35
53
|
.option('--audit', 'Run npm audit and include dependency vulnerabilities in report')
|
|
36
54
|
.option('--verbose', 'Show all individual findings instead of grouped summary')
|
|
55
|
+
.option('--brand-name <name>', 'White-label: name shown as report author (html/pdf reports)')
|
|
56
|
+
.option('--brand-logo <path>', 'White-label: logo image (png/jpg/svg) for cover and header')
|
|
57
|
+
.option('--include-own-artifacts', "Also scan vlayer's own outputs (reports, baseline, samples/) — excluded by default")
|
|
37
58
|
.action(async (path, options) => {
|
|
38
59
|
const spinner = ora('Scanning repository...').start();
|
|
39
60
|
const absolutePath = resolve(path);
|
|
@@ -70,6 +91,7 @@ program
|
|
|
70
91
|
configFile: options.config,
|
|
71
92
|
baselineFile: options.baseline,
|
|
72
93
|
minConfidence: options.minConfidence,
|
|
94
|
+
includeOwnArtifacts: options.includeOwnArtifacts,
|
|
73
95
|
});
|
|
74
96
|
spinner.succeed(`Scan complete. Found ${result.groupedFindings.length} unique issues (${result.rawFindingsCount} total occurrences).`);
|
|
75
97
|
// Run npm audit if --audit flag is provided
|
|
@@ -107,11 +129,16 @@ program
|
|
|
107
129
|
const comparison = result.complianceScore
|
|
108
130
|
? compareScan(result.complianceScore.score, result.findings, previousScan)
|
|
109
131
|
: null;
|
|
132
|
+
// Branding only affects the rendered html/pdf reports.
|
|
133
|
+
const branding = options.format === 'html' || options.format === 'pdf'
|
|
134
|
+
? await buildBranding(path, options.config, options)
|
|
135
|
+
: undefined;
|
|
110
136
|
const reportOptions = {
|
|
111
137
|
format: options.format,
|
|
112
138
|
outputPath: options.output,
|
|
113
139
|
vulnerabilities,
|
|
114
140
|
scanComparison: comparison,
|
|
141
|
+
branding,
|
|
115
142
|
};
|
|
116
143
|
await generateReport(result, path, reportOptions);
|
|
117
144
|
// Save current scan to history
|
|
@@ -682,7 +709,8 @@ program
|
|
|
682
709
|
.command('report')
|
|
683
710
|
.description('Generate auditor-ready compliance report with SHA256 hash')
|
|
684
711
|
.argument('<path>', 'Path to the repository')
|
|
685
|
-
.option('-o, --output <path>', 'Output file path
|
|
712
|
+
.option('-o, --output <path>', 'Output file path (default: vlayer-audit-report.<html|pdf>)')
|
|
713
|
+
.option('-f, --format <format>', 'Report format: html, pdf', 'html')
|
|
686
714
|
.option('--org <name>', 'Organization name for the report')
|
|
687
715
|
.option('--period <period>', 'Report period (e.g., "January 2024")')
|
|
688
716
|
.option('--auditor <name>', 'Auditor name')
|
|
@@ -691,7 +719,15 @@ program
|
|
|
691
719
|
.option('--config <path>', 'Path to configuration file')
|
|
692
720
|
.option('--baseline <path>', 'Path to baseline file')
|
|
693
721
|
.option('--include-baseline', 'Include baseline comparison in report')
|
|
722
|
+
.option('--brand-name <name>', 'White-label: name shown as report author')
|
|
723
|
+
.option('--brand-logo <path>', 'White-label: logo image (png/jpg/svg) for cover and header')
|
|
724
|
+
.option('--include-own-artifacts', "Also scan vlayer's own outputs (reports, baseline, samples/) — excluded by default")
|
|
694
725
|
.action(async (path, options) => {
|
|
726
|
+
const format = (options.format || 'html').toLowerCase();
|
|
727
|
+
if (format !== 'html' && format !== 'pdf') {
|
|
728
|
+
console.error(chalk.red(`Invalid format "${options.format}". Use "html" or "pdf".`));
|
|
729
|
+
process.exit(1);
|
|
730
|
+
}
|
|
695
731
|
const spinner = ora('Generating auditor report...').start();
|
|
696
732
|
try {
|
|
697
733
|
const categories = options.categories;
|
|
@@ -713,21 +749,44 @@ program
|
|
|
713
749
|
exclude: excludePatterns,
|
|
714
750
|
configFile: options.config,
|
|
715
751
|
baselineFile: options.baseline,
|
|
752
|
+
includeOwnArtifacts: options.includeOwnArtifacts,
|
|
716
753
|
});
|
|
717
754
|
if (!result.complianceScore) {
|
|
718
755
|
spinner.fail('Failed to calculate compliance score');
|
|
719
756
|
process.exit(1);
|
|
720
757
|
}
|
|
721
|
-
const
|
|
722
|
-
|
|
723
|
-
|
|
724
|
-
|
|
725
|
-
|
|
726
|
-
|
|
727
|
-
|
|
728
|
-
|
|
758
|
+
const branding = await buildBranding(path, options.config, options);
|
|
759
|
+
const outputPath = options.output || (format === 'pdf' ? 'vlayer-audit-report.pdf' : 'vlayer-audit-report.html');
|
|
760
|
+
let hash;
|
|
761
|
+
if (format === 'pdf') {
|
|
762
|
+
const pdf = await generateScanPdf(result, path, {
|
|
763
|
+
organizationName: options.org,
|
|
764
|
+
reportPeriod: options.period,
|
|
765
|
+
auditorName: options.auditor,
|
|
766
|
+
includeBaseline: options.includeBaseline,
|
|
767
|
+
branding,
|
|
768
|
+
});
|
|
769
|
+
await writeFile(outputPath, pdf.buffer);
|
|
770
|
+
hash = pdf.hash;
|
|
771
|
+
}
|
|
772
|
+
else {
|
|
773
|
+
const report = generateAuditorReport(result, path, {
|
|
774
|
+
organizationName: options.org,
|
|
775
|
+
reportPeriod: options.period,
|
|
776
|
+
auditorName: options.auditor,
|
|
777
|
+
includeBaseline: options.includeBaseline,
|
|
778
|
+
branding,
|
|
779
|
+
});
|
|
780
|
+
await writeFile(outputPath, report.html, 'utf-8');
|
|
781
|
+
hash = report.hash;
|
|
782
|
+
}
|
|
783
|
+
spinner.succeed(`Auditor report generated: ${outputPath}`);
|
|
729
784
|
console.log(chalk.bold('\n📄 Report Details:\n'));
|
|
730
|
-
console.log(`${chalk.cyan('Location:')} ${
|
|
785
|
+
console.log(`${chalk.cyan('Location:')} ${outputPath}`);
|
|
786
|
+
console.log(`${chalk.cyan('Format:')} ${format.toUpperCase()}`);
|
|
787
|
+
if (branding?.name) {
|
|
788
|
+
console.log(`${chalk.cyan('Prepared by:')} ${branding.name}`);
|
|
789
|
+
}
|
|
731
790
|
console.log(`${chalk.cyan('SHA256 Hash:')} ${chalk.gray(hash)}`);
|
|
732
791
|
console.log(`${chalk.cyan('Compliance Score:')} ${formatScore(result.complianceScore)}`);
|
|
733
792
|
console.log(`${chalk.cyan('Total Findings:')} ${result.complianceScore.breakdown.total}`);
|
|
@@ -738,7 +797,12 @@ program
|
|
|
738
797
|
console.log(chalk.gray(' • Detailed findings with HIPAA references'));
|
|
739
798
|
console.log(chalk.gray(' • Suppression and acknowledgment audit trails'));
|
|
740
799
|
console.log(chalk.gray(' • SHA256 hash for document integrity verification'));
|
|
741
|
-
|
|
800
|
+
if (format === 'html') {
|
|
801
|
+
console.log(chalk.gray(' • Print-friendly CSS for PDF export\n'));
|
|
802
|
+
}
|
|
803
|
+
else {
|
|
804
|
+
console.log('');
|
|
805
|
+
}
|
|
742
806
|
}
|
|
743
807
|
catch (error) {
|
|
744
808
|
spinner.fail('Report generation failed');
|
|
@@ -1091,7 +1155,7 @@ marketplaceCommand
|
|
|
1091
1155
|
.command('update')
|
|
1092
1156
|
.description('Update installed rules to latest versions')
|
|
1093
1157
|
.option('--dry-run', 'Show what would be updated without installing')
|
|
1094
|
-
.action(async (
|
|
1158
|
+
.action(async (_options) => {
|
|
1095
1159
|
const spinner = ora('Checking for updates...').start();
|
|
1096
1160
|
try {
|
|
1097
1161
|
const { RulesInstaller } = await import('./marketplace/index.js');
|