xploitscan 1.1.1 → 1.1.3

package/dist/index.js

@@ -18,9 +18,9 @@ import {
   uploadScanResults
 } from "./chunk-WGENFXRJ.js";
 
-// ../../node_modules/.pnpm/@babel+parser@7.29.2/node_modules/@babel/parser/lib/index.js
+// ../../node_modules/.pnpm/@babel+parser@7.29.3/node_modules/@babel/parser/lib/index.js
 var require_lib = __commonJS({
-  "../../node_modules/.pnpm/@babel+parser@7.29.2/node_modules/@babel/parser/lib/index.js"(exports) {
+  "../../node_modules/.pnpm/@babel+parser@7.29.3/node_modules/@babel/parser/lib/index.js"(exports) {
     "use strict";
     Object.defineProperty(exports, "__esModule", {
       value: true
@@ -1971,7 +1971,7 @@ var require_lib = __commonJS({
       }
       flowParseDeclareVariable(node) {
         this.next();
-        node.id = this.flowParseTypeAnnotatableIdentifier(true);
+        node.id = this.flowParseTypeAnnotatableIdentifier();
         this.scope.declareName(node.id.name, 5, node.id.loc.start);
         this.semicolon();
         return this.finishNode(node, "DeclareVariable");
@@ -2145,9 +2145,14 @@ var require_lib = __commonJS({
           reservedType: word
         });
       }
-      flowParseRestrictedIdentifier(liberal, declaration) {
+      flowParseRestrictedIdentifierName(liberal, declaration) {
         this.checkReservedType(this.state.value, this.state.startLoc, declaration);
-        return this.parseIdentifier(liberal);
+        return this.parseIdentifierName(liberal);
+      }
+      flowParseRestrictedIdentifier(liberal, declaration) {
+        const node = this.startNode();
+        const name = this.flowParseRestrictedIdentifierName(liberal, declaration);
+        return this.createIdentifier(node, name);
       }
       flowParseTypeAlias(node) {
         node.id = this.flowParseRestrictedIdentifier(false, true);
@@ -2181,14 +2186,21 @@ var require_lib = __commonJS({
         this.semicolon();
         return this.finishNode(node, "OpaqueType");
       }
+      flowParseTypeParameterBound() {
+        if (this.match(14) || this.isContextual(81)) {
+          const node = this.startNode();
+          this.next();
+          node.typeAnnotation = this.flowParseType();
+          return this.finishNode(node, "TypeAnnotation");
+        }
+      }
       flowParseTypeParameter(requireDefault = false) {
         const nodeStartLoc = this.state.startLoc;
         const node = this.startNode();
         const variance = this.flowParseVariance();
-        const ident = this.flowParseTypeAnnotatableIdentifier();
-        node.name = ident.name;
+        node.name = this.flowParseRestrictedIdentifierName();
         node.variance = variance;
-        node.bound = ident.typeAnnotation;
+        node.bound = this.flowParseTypeParameterBound();
         if (this.match(29)) {
           this.eat(29);
           node.default = this.flowParseType();
@@ -2883,13 +2895,13 @@ var require_lib = __commonJS({
         node.typeAnnotation = this.flowParseTypeInitialiser();
         return this.finishNode(node, "TypeAnnotation");
       }
-      flowParseTypeAnnotatableIdentifier(allowPrimitiveOverride) {
-        const ident = allowPrimitiveOverride ? this.parseIdentifier() : this.flowParseRestrictedIdentifier();
+      flowParseTypeAnnotatableIdentifier() {
+        const node = this.startNode();
+        const name = this.parseIdentifierName();
         if (this.match(14)) {
-          ident.typeAnnotation = this.flowParseTypeAnnotation();
-          this.resetEndLocation(ident);
+          node.typeAnnotation = this.flowParseTypeAnnotation();
         }
-        return ident;
+        return this.createIdentifier(node, name);
       }
       typeCastToParameter(node) {
         node.expression.typeAnnotation = node.typeAnnotation;
@@ -5106,6 +5118,7 @@ var require_lib = __commonJS({
                 adjustInnerComments(node, node.properties, commentWS);
                 break;
               case "CallExpression":
+              case "NewExpression":
               case "OptionalCallExpression":
                 adjustInnerComments(node, node.arguments, commentWS);
                 break;
@@ -5118,6 +5131,7 @@ var require_lib = __commonJS({
               case "ObjectMethod":
               case "ClassMethod":
               case "ClassPrivateMethod":
+              case "TSTypeParameterDeclaration":
                 adjustInnerComments(node, node.params, commentWS);
                 break;
               case "ArrayExpression":
@@ -5134,6 +5148,9 @@ var require_lib = __commonJS({
               case "TSEnumBody":
                 adjustInnerComments(node, node.members, commentWS);
                 break;
+              case "TSInterfaceBody":
+                adjustInnerComments(node, node.body, commentWS);
+                break;
               default: {
                 if (node.type === "RecordExpression") {
                   adjustInnerComments(node, node.properties, commentWS);
@@ -47843,6 +47860,7 @@ import { execFile as execFile3 } from "child_process";
 import chalk3 from "chalk";
 import ora2 from "ora";
 var CLERK_PUBLISHABLE_KEY = process.env.CLERK_PUBLISHABLE_KEY ?? "";
+var WEB_BASE = process.env.XPLOITSCAN_WEB_BASE ?? "https://xploitscan.com";
 async function loginCommand() {
   const existing = getStoredToken();
   if (existing) {
@@ -47931,19 +47949,28 @@ async function waitForBrowserLogin() {
           res.end("Missing parameters");
         }
       } else if (url.pathname === "/login") {
-        const callbackUrl = `http://localhost:${server.address().port}/callback`;
-        res.writeHead(200, { "Content-Type": "text/html" });
-        res.end(`
-            <html>
-              <body style="font-family: system-ui; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background: #0a0a0f; color: #e0e0e0;">
-                <div style="text-align: center;">
-                  <h1 style="color: #00d4ff;">xploitscan</h1>
-                  <p>Redirecting to login...</p>
-                  <p style="color: #888; font-size: 0.85rem;">If not redirected, <a href="#" style="color: #00d4ff;">click here</a>.</p>
-                </div>
-              </body>
-            </html>
-          `);
+        const port = server.address().port;
+        const callbackUrl = `http://localhost:${port}/callback`;
+        const cliLoginUrl = `${WEB_BASE}/auth/cli-login?callback=${encodeURIComponent(callbackUrl)}&state=${encodeURIComponent(expectedState)}`;
+        res.writeHead(302, { Location: cliLoginUrl, "Content-Type": "text/html" });
+        res.end(`<!doctype html>
+<html>
+  <head>
+    <meta charset="utf-8" />
+    <meta http-equiv="refresh" content="0; url=${cliLoginUrl}" />
+    <title>xploitscan login</title>
+  </head>
+  <body style="font-family: system-ui; display: flex; justify-content: center; align-items: center; height: 100vh; margin: 0; background: #0a0a0f; color: #e0e0e0;">
+    <div style="text-align: center;">
+      <h1 style="color: #00d4ff;">xploitscan</h1>
+      <p>Redirecting to login...</p>
+      <p style="color: #888; font-size: 0.85rem;">
+        If not redirected, <a href="${cliLoginUrl}" style="color: #00d4ff;">click here</a>.
+      </p>
+    </div>
+    <script>window.location.replace(${JSON.stringify(cliLoginUrl)});</script>
+  </body>
+</html>`);
       } else {
         res.writeHead(302, { Location: "/login" });
         res.end();
@@ -48155,7 +48182,7 @@ async function cursorInstallCommand(opts = {}) {
 var program = new Command();
 program.name("xploitscan").description(
   "AI security scanner for vibe-coded apps. Find vulnerabilities before attackers do."
-).version("1.1.1");
+).version("1.1.3");
 program.command("scan").description("Scan a directory for security vulnerabilities").argument("[directory]", "Directory to scan", ".").option("--no-ai", "Skip AI-powered analysis").option(
   "-f, --format <format>",
   "Output format: terminal, json, sarif, splunk-hec, elastic-ecs, datadog-logs",