zammy 1.2.0 → 1.3.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +328 -214
- package/SECURITY.md +57 -0
- package/assets/zammy.gif +0 -0
- package/dist/index.js +3257 -450
- package/package.json +10 -3
- package/packages/plugins/docker/README.md +141 -0
- package/packages/plugins/docker/dist/index.d.ts +46 -0
- package/packages/plugins/docker/dist/index.d.ts.map +1 -0
- package/packages/plugins/docker/dist/index.js +402 -0
- package/packages/plugins/docker/dist/index.js.map +1 -0
- package/packages/plugins/docker/package.json +28 -0
- package/packages/plugins/docker/zammy-plugin.json +16 -0
- package/packages/plugins/faker/README.md +65 -0
- package/packages/plugins/faker/dist/index.d.ts +43 -0
- package/packages/plugins/faker/dist/index.d.ts.map +1 -0
- package/packages/plugins/faker/dist/index.js +349 -0
- package/packages/plugins/faker/dist/index.js.map +1 -0
- package/packages/plugins/faker/package.json +28 -0
- package/packages/plugins/faker/zammy-plugin.json +14 -0
- package/packages/plugins/network/README.md +126 -0
- package/packages/plugins/network/dist/index.d.ts +45 -0
- package/packages/plugins/network/dist/index.d.ts.map +1 -0
- package/packages/plugins/network/dist/index.js +406 -0
- package/packages/plugins/network/dist/index.js.map +1 -0
- package/packages/plugins/network/package.json +28 -0
- package/packages/plugins/network/zammy-plugin.json +17 -0
- package/packages/plugins/port/README.md +74 -0
- package/packages/plugins/port/dist/index.d.ts +47 -0
- package/packages/plugins/port/dist/index.d.ts.map +1 -0
- package/packages/plugins/port/dist/index.js +331 -0
- package/packages/plugins/port/dist/index.js.map +1 -0
- package/packages/plugins/port/package.json +28 -0
- package/packages/plugins/port/zammy-plugin.json +16 -0
package/SECURITY.md
ADDED
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
# Security Policy
|
|
2
|
+
|
|
3
|
+
## Supported Versions
|
|
4
|
+
|
|
5
|
+
| Version | Supported |
|
|
6
|
+
| ------- | ------------------ |
|
|
7
|
+
| 1.2.x | :white_check_mark: |
|
|
8
|
+
|
|
9
|
+
## Reporting a Vulnerability
|
|
10
|
+
|
|
11
|
+
I take security seriously and appreciate your help in keeping Zammy CLI safe for everyone.
|
|
12
|
+
|
|
13
|
+
This is a solo project, and I'm always glad to hear from the community. If you discover a security vulnerability, please don't hesitate to report it—no matter how small it may seem. I won't judge or dismiss your findings, and I genuinely appreciate the time you take to help improve this project.
|
|
14
|
+
|
|
15
|
+
### How to Report
|
|
16
|
+
|
|
17
|
+
1. **Please do not open a public GitHub issue** for security vulnerabilities, as this could put other users at risk
|
|
18
|
+
2. Instead, use [GitHub's private security advisory](https://github.com/aayushadhikari7/zammy-cli/security/advisories/new) to report the issue securely
|
|
19
|
+
3. Include whatever details you can:
|
|
20
|
+
- Description of the vulnerability
|
|
21
|
+
- Steps to reproduce (if known)
|
|
22
|
+
- Potential impact
|
|
23
|
+
- Suggested fix (optional, but welcome!)
|
|
24
|
+
|
|
25
|
+
Don't worry if you're unsure about the severity or if your report is "good enough"—I'd rather hear about a potential issue than miss a real one.
|
|
26
|
+
|
|
27
|
+
### What to Expect
|
|
28
|
+
|
|
29
|
+
- **Acknowledgment** within 48 hours
|
|
30
|
+
- **Regular updates** on the fix progress
|
|
31
|
+
- **Credit** in the release notes (unless you prefer to remain anonymous)
|
|
32
|
+
- **No legal action** for responsible disclosure—I'm grateful for your help
|
|
33
|
+
|
|
34
|
+
### Scope
|
|
35
|
+
|
|
36
|
+
This security policy applies to:
|
|
37
|
+
- The `zammy` npm package
|
|
38
|
+
- This GitHub repository
|
|
39
|
+
|
|
40
|
+
## Security Overview
|
|
41
|
+
|
|
42
|
+
For transparency, here's what Zammy CLI does and doesn't do:
|
|
43
|
+
|
|
44
|
+
**Does NOT:**
|
|
45
|
+
- Collect telemetry or analytics
|
|
46
|
+
- Store or transmit personal data
|
|
47
|
+
- Make network requests without explicit user commands
|
|
48
|
+
- Execute code without user input
|
|
49
|
+
|
|
50
|
+
**Does:**
|
|
51
|
+
- Require explicit user input for all shell commands
|
|
52
|
+
- Use timeouts on all external operations
|
|
53
|
+
- Respect your local environment and working directory
|
|
54
|
+
|
|
55
|
+
---
|
|
56
|
+
|
|
57
|
+
Thank you for helping keep Zammy CLI secure. Community feedback—whether it's bug reports, feature ideas, or security concerns—is always welcome and appreciated.
|
package/assets/zammy.gif
ADDED
|
Binary file
|