UNPKG

@brightsec/cli

Version:

Bright CLI is a CLI tool that can initialize, stop, poll and maintain scans in Bright solutions.

github.com/NeuraLegion/bright-cli

NeuraLegion/bright-cli

2 lines 286 kB
1
2
#!/usr/bin/env node (()=>{"use strict";var e={6805:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.Archives=t.SpecType=void 0,function(e){e.HAR="HAR",e.OPENAPI="OpenAPI",e.POSTMAN="Postman"}(t.SpecType||(t.SpecType={})),t.Archives=Symbol("Archives")},1825:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.BaseParser=void 0;const r=i(1455),o=i(2613),s=i(6928);t.BaseParser=class BaseParser{constructor(e){this.validator=e,this.FILE_SIZE_LIMIT=524288e3}async parse(e){await this.access(e);if((await(0,r.stat)(e)).size>this.FILE_SIZE_LIMIT)throw new Error("There is not enough storage space to save this file");const t=await(0,r.readFile)(e,"utf8"),i=(0,s.extname)(e);let o;try{o=await this.deserialize(t,{ext:i})}catch(e){throw new Error(`File is invalid. ${e.message}`)}return await this.validator.validate(o),{content:t,filename:(0,s.basename)(e),contentType:this.contentType(i)}}deserialize(e,t){return JSON.parse(e)}contentType(e){switch(e){case".yml":case".yaml":return"application/yaml";default:return"application/json"}}async access(e){(0,o.ok)(e,"The path is invalid.");try{await(0,r.access)(e,r.constants.F_OK)}catch(t){throw new Error(`${(0,s.basename)(e)} file doesn't found.`)}}}},7511:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DefaultParserFactory=void 0;const r=i(5584),o=i(6805),s=i(3898),n=i(1825),a=i(8093),c=i(8641);let p=class DefaultParserFactory{constructor(e,t,i){this.harValidator=e,this.oasValidator=t,this.postmanValidator=i}create(e){switch(e){case o.SpecType.HAR:return new n.BaseParser(this.harValidator);case o.SpecType.OPENAPI:return new a.OasParser(this.oasValidator);case o.SpecType.POSTMAN:return new n.BaseParser(this.postmanValidator);default:throw new Error("Incorrect a specification type")}}};p=r.__decorate([(0,c.injectable)(),r.__metadata("design:paramtypes",[s.HarValidator,s.OasValidator,s.PostmanValidator])],p),t.DefaultParserFactory=p},8093:function(e,t,i){var r=this&&this.__createBinding||(Object.create?function(e,t,i,r){void 0===r&&(r=i);var o=Object.getOwnPropertyDescriptor(t,i);o&&!("get"in o?!t.__esModule:o.writable||o.configurable)||(o={enumerable:!0,get:function(){return t[i]}}),Object.defineProperty(e,r,o)}:function(e,t,i,r){void 0===r&&(r=i),e[r]=t[i]}),o=this&&this.__setModuleDefault||(Object.create?function(e,t){Object.defineProperty(e,"default",{enumerable:!0,value:t})}:function(e,t){e.default=t}),s=this&&this.__importStar||function(e){if(e&&e.__esModule)return e;var t={};if(null!=e)for(var i in e)"default"!==i&&Object.prototype.hasOwnProperty.call(e,i)&&r(t,e,i);return o(t,e),t};Object.defineProperty(t,"__esModule",{value:!0}),t.OasParser=void 0;const n=i(1825);class OasParser extends n.BaseParser{constructor(e){super(e)}async deserialize(e,t){return".yml"===t.ext||".yaml"===t.ext?(await Promise.resolve().then((()=>s(i(7089))))).load(e):JSON.parse(e)}}t.OasParser=OasParser},6780:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0})},6500:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.ParserFactory=void 0,t.ParserFactory=Symbol("ParserFactory")},207:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0});const r=i(5584);r.__exportStar(i(8093),t),r.__exportStar(i(1825),t),r.__exportStar(i(6780),t),r.__exportStar(i(7511),t),r.__exportStar(i(6500),t)},7351:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.RestArchives=t.RestArchivesOptions=void 0;const r=i(5584),o=i(6805),s=i(1879),n=i(8641),a=r.__importDefault(i(8938)),c=r.__importDefault(i(2305)),p=i(4589),l=r.__importDefault(i(4708)),d=r.__importDefault(i(7067));t.RestArchivesOptions=Symbol("RestArchivesOptions");let u=class RestArchives{constructor(e,{baseURL:t,apiKey:i,proxyURL:r,insecure:s,timeout:n=1e4}){this.proxyFactory=e,this.ALLOWED_SPECS=[o.SpecType.OPENAPI,o.SpecType.POSTMAN,o.SpecType.HAR];const{httpAgent:c=new d.default.Agent,httpsAgent:p=new l.default.Agent({rejectUnauthorized:!s})}=r?this.proxyFactory.createProxy({proxyUrl:r,rejectUnauthorized:!s}):{};this.client=a.default.create({baseURL:t,timeout:n,httpAgent:c,httpsAgent:p,responseType:"json",headers:{authorization:`Api-Key ${i}`}})}async upload(e){(0,p.ok)(this.ALLOWED_SPECS.includes(e.type),`Invalid specification type. Allowed: ${this.ALLOWED_SPECS}`);const{discard:t,headers:i,variables:r,projectId:o}=e,s=this.castToFile(e),n=new c.default;n.append("file",s.value,s.options),n.append("projectId",o),n.append("headers",JSON.stringify(null!=i?i:{})),n.append("variables",JSON.stringify(null!=r?r:{}));return(await this.client.post("/api/v1/files",n,{params:{discard:t}})).data.id}castToFile({filename:e,content:t,contentType:i="application/json"}){return{options:{filename:e,contentType:i},value:Buffer.from(t)}}};u=r.__decorate([(0,n.injectable)(),r.__param(0,(0,n.inject)(s.ProxyFactory)),r.__param(1,(0,n.inject)(t.RestArchivesOptions)),r.__metadata("design:paramtypes",[Object,Object])],u),t.RestArchives=u},3455:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.HarValidator=void 0;const r=i(5584),o=i(1879),s=r.__importDefault(i(9864)),n=r.__importDefault(i(5711)),a=r.__importDefault(i(9280)),c=i(8641);let p=class HarValidator{constructor(){this.ajv=new n.default({allErrors:!0,async:!0,jsonPointers:!0,extendRefs:!0}),this.ajv.addSchema(s.default)}async validate(e){const t=this.ajv.getSchema("har");if(!await t(e))throw o.logger.error((0,a.default)(t.schema,e,t.errors,{indent:2})),new Error("The HAR file is corrupted.");if(!this.entriesAreValid(e.log.entries))throw new Error("HAR is empty or contains none of request.")}entriesAreValid(e){if(!e)return!1;const t=e.map(this.parseEntry,this).filter((e=>!!e));return 0!==[...new Set(t)].length}parseEntry(e){const{host:t,protocol:i}=new URL(e.request.url);if(t&&i&&"chrome-extension:"!==i)return e.request.url}};p=r.__decorate([(0,c.injectable)(),r.__metadata("design:paramtypes",[])],p),t.HarValidator=p},9641:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.OasValidator=void 0;const r=i(5584),o=i(1879),s=r.__importDefault(i(9550)),n=r.__importDefault(i(3447)),a=r.__importDefault(i(5711)),c=r.__importDefault(i(8064)),p=r.__importDefault(i(9280)),l=r.__importDefault(i(6410)),d=r.__importDefault(i(6132)),u=i(8641),h=i(4589);let f=class OasValidator{constructor(){this.MIN_ALLOWED_VERSION="2.0.0",this.VERSION_SCHEMA_MAP=new Map([[2,"http://swagger.io/v2/schema.json#"],[3,"https://spec.openapis.org/oas/3.0/schema/2019-04-02"]]),this.SCHEMAS=[s.default,n.default],this.ajv=new a.default({allErrors:!0,$data:!0,jsonPointers:!0,extendRefs:!0,async:!0,schemaId:"auto"}),this.ajv.addFormat("uriref",l.default.full["uri-reference"]),this.ajv.addMetaSchema(d.default),this.ajv._refs["http://json-schema.org/schema"]="http://json-schema.org/draft-04/schema",this.SCHEMAS.forEach((e=>this.ajv.addSchema(e)))}async validate(e){const t=this.getVersion(e),i=c.default.major(t),r=this.VERSION_SCHEMA_MAP.get(i);(0,h.ok)(r,"Cannot determine version of schema. Schema ID is missed."),this.validateVersion(e);const s=this.ajv.getSchema(r);if(!await s(e))throw o.logger.error((0,p.default)(s.schema,e,s.errors,{indent:2})),new Error("The OAS file is corrupted.")}validateVersion(e){const t=this.getVersion(e);if(!c.default.gte(t,this.MIN_ALLOWED_VERSION))throw new Error("Swagger v1 are not supported. If you are using an older format, convert it to v2 and try again.")}getVersion(e){let t=(e.openapi||e.swagger||"").trim();return(0,h.ok)(t,"Cannot determine version of specification."),!c.default.valid(t)&&this.MIN_ALLOWED_VERSION.startsWith(t)&&(t=this.MIN_ALLOWED_VERSION),t}};f=r.__decorate([(0,u.injectable)(),r.__metadata("design:paramtypes",[])],f),t.OasValidator=f},3316:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PostmanValidator=void 0;const r=i(5584),o=i(1879),s=r.__importDefault(i(7925)),n=r.__importDefault(i(9088)),a=r.__importDefault(i(4900)),c=r.__importDefault(i(3025)),p=r.__importDefault(i(5711)),l=r.__importDefault(i(9280)),d=r.__importDefault(i(6132)),u=r.__importDefault(i(6763)),h=i(8641),f=i(4589),m=i(6760);let y=class PostmanValidator{constructor(){this.ALLOWED_SCHEMAS=["https://schema.getpostman.com/json/draft-07/collection/v2.0.0/","https://schema.getpostman.com/json/draft-07/collection/v2.1.0/","https://schema.getpostman.com/json/collection/v2.0.0/","https://schema.getpostman.com/json/collection/v2.1.0/"],this.META_SCHEMAS=[d.default,u.default],this.SCHEMAS=[s.default,n.default,a.default,c.default],this.ajv=new p.default({allErrors:!0,async:!0,meta:!1,schemaId:"auto"}),[].concat(this.META_SCHEMAS,this.SCHEMAS).forEach((e=>this.ajv.addMetaSchema(e))),this.ajv._refs["http://json-schema.org/schema"]="http://json-schema.org/draft-04/schema"}async validate(e){(0,f.ok)(e,"Postman collection is not provided."),(0,f.ok)(e.info,'"info" section is missed in the collection.');const t=e.info.schema?(0,m.parse)(e.info.schema).dir+"/":"";if(!this.ALLOWED_SCHEMAS.includes(t.trim()))throw new Error("Postman v1 collections are not supported. If you are using an older format, convert it to v2 and try again.");const i=this.ajv.getSchema(t);if(!i)throw new Error("Cannot determine version of schema. Schema ID is missed.");if(!await i(e))throw o.logger.error((0,l.default)(i.schema,e,i.errors,{indent:2})),new Error("The Postman Collection file is corrupted.")}};y=r.__decorate([(0,h.injectable)(),r.__metadata("design:paramtypes",[])],y),t.PostmanValidator=y},9840:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0})},3898:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0});const r=i(5584);r.__exportStar(i(3455),t),r.__exportStar(i(9641),t),r.__exportStar(i(3316),t),r.__exportStar(i(9840),t)},6412:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DefaultParserFactory=t.ParserFactory=void 0;const r=i(5584);r.__exportStar(i(6805),t),r.__exportStar(i(7351),t);var o=i(207);Object.defineProperty(t,"ParserFactory",{enumerable:!0,get:function(){return o.ParserFactory}}),Object.defineProperty(t,"DefaultParserFactory",{enumerable:!0,get:function(){return o.DefaultParserFactory}})},5832:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.Configure=void 0;const r=i(5584),o=i(1879),s=i(5721),n=r.__importDefault(i(9490));class Configure{constructor(){this.command="configure [options]",this.describe="Start a configuration wizard"}static getMapEntryOrThrow(e,t){try{return[e,new URL(t)]}catch(t){throw new Error(`Invalid value for ${e} testing endpoint`)}}builder(e){return e.option(s.TestType.HTTP,{hidden:!0,requiresArg:!0,describe:"Bright application base URL"}).option(s.TestType.AUTH,{hidden:!0,requiresArg:!0,describe:"Bright event message authentication endpoint"}).option("ping",{boolean:!0,describe:"Start network tests."}).option("traceroute",{boolean:!0,describe:"Start treceroute to a local recource."}).option("max-ttl",{number:!0,requiresArg:!0,describe:"Set the max time-to-live (max number of hops) used in outgoing probe packets.",default:64}).option("probes",{alias:"p",number:!0,requiresArg:!0,describe:"Set the number of probes per 'ttl'.",default:3}).group(["max-ttl","probes"],"Traceroute Options").conflicts("ping","traceroute").middleware((e=>{var t,i;n.default.register(s.Options,{useValue:{traceroute:{maxTTL:isNaN(+e.maxTtl)?void 0:+e.maxTtl,probes:isNaN(+e.probes)?void 0:+e.probes}}}).register(s.ConnectivityUrls,{useValue:new Map([Configure.getMapEntryOrThrow(s.TestType.HTTP,null!==(t=e[s.TestType.HTTP])&&void 0!==t?t:e.api),Configure.getMapEntryOrThrow(s.TestType.AUTH,null!==(i=e[s.TestType.AUTH])&&void 0!==i?i:e.api)])})}))}async handler(e){try{const t=n.default.resolve(s.Platform),stop=async()=>{await t.stop(),process.exit(0)};process.on("SIGTERM",stop).on("SIGINT",stop).on("SIGHUP",stop),await t.start({ping:!!e.ping,traceroute:!!e.traceroute})}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"configure"})),process.exit(1)}}}t.Configure=Configure},4191:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.EntryPointsUpdateHost=void 0;const r=i(1879),o=i(8224),s=i(8641);t.EntryPointsUpdateHost=class EntryPointsUpdateHost{constructor(){this.command="entrypoints:update-host [options]",this.describe="Bulk update target entry points host."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",string:!0,requiresArg:!0,demandOption:!0}).option("project",{alias:"p",describe:"ID of the project",string:!0,requiresArg:!0,demandOption:!0}).option("old-hostname",{alias:"o",describe:"Old hostname of entrypoints.",string:!0,requiresArg:!0,demandOption:!0}).option("new-hostname",{alias:"n",describe:"New hostname of entrypoints.",string:!0,requiresArg:!0,demandOption:!0}).option("entrypoint-ids",{alias:"e",describe:"IDs of entrypoints to update.",string:!0,requiresArg:!0,array:!0}).middleware((e=>{var t;return s.container.register(o.RestProjectsOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(o.EntryPoints),i=e.project,{taskId:r}=await t.updateHost({projectId:i,entryPointIds:e.entrypointIds,newHostname:e.newHostname,oldHostname:e.oldHostname});console.log(r),process.exitCode=0}catch(e){r.logger.error(r.ErrorMessageFactory.genericCommandError({error:e,command:"entrypoints:update-host"})),process.exitCode=1}}}},7653:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.GetEntryPoints=void 0;const r=i(8224),o=i(1879),s=i(8641);t.GetEntryPoints=class GetEntryPoints{constructor(){this.command="entrypoints:list [options]",this.describe="get all entrypoints of the project."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("project",{alias:"p",describe:"ID of the project",requiresArg:!0,demandOption:!0}).option("verbose",{describe:"Enable verbose mode",boolean:!0,default:!1}).option("limit",{describe:"Limit the number of entrypoints",default:10}).option("pretty",{describe:"Pretty print the output",boolean:!0,default:!1}).option("connectivity",{describe:"Filter by connectivity",array:!0,choices:["ok","unreachable","problem","skipped","unauthorized","unavailable"]}).option("status",{describe:"Filter by status",array:!0,choices:["new","changed","tested","vulnerable"]}).middleware((e=>{var t;return s.container.register(r.RestProjectsOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){const t=s.container.resolve(r.EntryPoints);try{const i=await t.entrypoints({projectId:e.project,limit:e.limit,connectivity:e.connectivity,status:e.status}),r=e.verbose?i:i.map((e=>({id:e.id,method:e.method,url:e.url})));console.log(e.pretty?JSON.stringify(r,null,2):JSON.stringify(r)),process.exitCode=0}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"entrypoints:list"})),process.exitCode=1}}}},8287:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PollingDiscoveryStatus=void 0;const r=i(512),o=i(2297),s=i(1879),n=i(8641);t.PollingDiscoveryStatus=class PollingDiscoveryStatus{constructor(){this.command="discovery:polling [options] <discoveryId>",this.describe="Allows to configure a polling of discovery status."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("project",{alias:"p",describe:"ID of the project",string:!0,requiresArg:!0,demandOption:!0}).option("interval",{requiresArg:!0,describe:'The sampling interval between status checks. Eg: 60, "2min", "10h", "7d". A numeric value is interpreted as a milliseconds count.',default:5e3}).option("timeout",{requiresArg:!0,describe:'Period of time between the end of a timeout period or completion of a discovery status request, and the next request for status. Eg: 60, "2min", "10h", "7d". A numeric value is interpreted as a milliseconds count.'}).positional("discoveryId",{describe:"ID of an existing discovery.",demandOption:!0,type:"string"}).middleware((e=>{var t;return n.container.register(r.RestDiscoveryOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=n.container.resolve(o.DiscoveryPollingFactory).create({discoveryId:e.discoveryId,projectId:e.project,timeout:e.timeout,interval:e.interval});await t.start(),process.exit(0)}catch(e){s.logger.error(s.ErrorMessageFactory.genericCommandError({error:e,command:"discovery:polling"})),process.exit(1)}}}},3567:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PollingHostUpdateJobStatus=void 0;const r=i(1879),o=i(7035),s=i(8224),n=i(8641);t.PollingHostUpdateJobStatus=class PollingHostUpdateJobStatus{constructor(){this.command="entrypoints:update-host-polling [options] <jobId>",this.describe="Allows to configure a polling of host update job status."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("interval",{requiresArg:!0,describe:'Period of time between the end of a timeout period or completion of a host update job status request, and the next request for status. Eg: 60, "2min", "10h", "7d". A numeric value is interpreted as a milliseconds count.',default:5e3}).option("timeout",{requiresArg:!0,describe:'Period of time between the end of a timeout period or completion of a host update job status request, and the next request for status. Eg: 60, "2min", "10h", "7d". A numeric value is interpreted as a milliseconds count.'}).option("project",{alias:"p",describe:"ID of the project",string:!0,requiresArg:!0,demandOption:!0}).positional("jobId",{describe:"ID of an existing update host job which you want to check.",type:"string",demandOption:!0}).middleware((e=>{var t;return n.container.register(s.RestProjectsOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=n.container.resolve(o.HostUpdateJobStatusPollingFactory).create({timeout:e.timeout,interval:e.interval,jobId:e.jobId,projectId:e.project});await t.start(),process.exit(0)}catch(e){r.logger.error(r.ErrorMessageFactory.genericCommandError({error:e,command:"entrypoints:update-host-polling"})),process.exit(1)}}}},9520:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.PollingScanStatus=void 0;const r=i(523),o=i(1879),s=i(8641);t.PollingScanStatus=class PollingScanStatus{constructor(){this.command="scan:polling [options] <scanId>",this.describe="Allows to configure a polling of scan status."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("interval",{requiresArg:!0,describe:'Period of time between the end of a timeout period or completion of a scan status request, and the next request for status. Eg: 60, "2min", "10h", "7d". A numeric value is interpreted as a milliseconds count.',default:5e3}).option("timeout",{requiresArg:!0,describe:'Period of time between the end of a timeout period or completion of a scan status request, and the next request for status. Eg: 60, "2min", "10h", "7d". A numeric value is interpreted as a milliseconds count.'}).option("breakpoint",{alias:"b",choices:o.Helpers.toArray(r.BreakpointType),string:!0,describe:"A conditional breakpoint that allows to finish the process with exit code 50 only after fulfilling the predefined condition.",requiresArg:!0,default:r.BreakpointType.ANY}).positional("scanId",{describe:"ID of an existing scan which you want to check.",type:"string",demandOption:!0}).middleware((e=>{var t;return s.container.register(r.RestScansOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(r.PollingFactory).create({scanId:e.scanId,timeout:e.timeout,interval:e.interval,breakpoint:e.breakpoint});await t.start(),process.exit(0)}catch(e){e instanceof r.BreakpointException&&(o.logger.error("The breakpoint has been hit during polling."),o.logger.error(`Breakpoint: ${e.message}`),process.exit(50)),o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"scan:polling"})),process.exit(1)}}}},1718:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.RerunDiscovery=void 0;const r=i(512),o=i(1879),s=i(8641);t.RerunDiscovery=class RerunDiscovery{constructor(){this.command="discovery:rerun [options] <discoveryId>",this.describe="Request to start a new discovery using the same configuration as an existing discovery, by discovery ID."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",string:!0,requiresArg:!0,demandOption:!0}).positional("discoveryId",{describe:"ID of an existing discovery which you want to re-run.",requiresArg:!0,demandOption:!0,type:"string"}).option("project",{alias:"p",describe:"ID of the project",string:!0,requiresArg:!0,demandOption:!0}).middleware((e=>{var t;return s.container.register(r.RestDiscoveryOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(r.Discoveries),i=e.project,o=e.discoveryId,n=await t.rerun(i,o);console.log(n),process.exit(0)}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"discovery:rerun"})),process.exit(1)}}}},3986:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.RetestScan=void 0;const r=i(523),o=i(1879),s=i(8641);t.RetestScan=class RetestScan{constructor(){this.command="scan:retest [options] <scanId>",this.describe="Request to start a new scan using the same configuration as an existing scan, by scan ID."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).positional("scanId",{describe:"ID of an existing scan which you want to re-run.",type:"string",demandOption:!0}).middleware((e=>{var t;return s.container.register(r.RestScansOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(r.Scans),i=await t.retest(e.scanId);console.log(i),process.exit(0)}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"scan:retest"})),process.exit(1)}}}},35:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.RunDiscovery=void 0;const r=i(512),o=i(1879),s=i(6768),n=i(8641);t.RunDiscovery=class RunDiscovery{constructor(){this.command="discovery:run [options]",this.describe="Start a new discovery for the received configuration."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",string:!0,requiresArg:!0,demandOption:!0}).option("project",{alias:"p",describe:"ID of the project",string:!0,requiresArg:!0,demandOption:!0}).option("name",{alias:"n",describe:"Name of the discovery.",string:!0,requiresArg:!0,demandOption:!0}).option("auth",{alias:"o",describe:"Auth object ID.",string:!0,requiresArg:!0}).option("repeater",{alias:"agent",requiresArg:!0,array:!0,describe:"ID of any repeaters connected with the discovery."}).option("archive",{alias:"a",normalize:!0,requiresArg:!0,describe:"A collection of your app's http/websockets logs into HAR file. Usually you can use browser dev tools or our browser web extension"}).option("crawler",{alias:"c",requiresArg:!0,array:!0,describe:"A list of specific urls that should be included into crawler."}).conflicts("archive","crawler").check((e=>{if(e.archive&&e.crawler)throw new Error("Arguments --archive and --crawler are mutually exclusive");if(!e.archive&&!e.crawler)throw new Error("Either --archive or --crawler must be specified");return!0})).option("host-filter",{alias:"F",requiresArg:!0,array:!0,describe:"A list of specific hosts that should be included into scan."}).option("header",{alias:"H",requiresArg:!0,array:!0,describe:"A list of specific headers that should be included into request."}).option("smart",{boolean:!0,describe:"Use automatic smart decisions such as: parameter skipping, detection phases, etc. to minimize scan time."}).option("crawl-parent-subdomains",{boolean:!0,describe:"Crawl parent path folders and subdomains",default:!1}).option("concurrency",{number:!0,default:10,describe:"Number of maximum concurrent requests allowed to be sent to the target, can range between 1 to 50 (default: 10).",requiresArg:!0}).option("interactions-depth",{number:!0,default:3,describe:"Number of maximum interactions with nested objects, can range between 1 to 5 (default: 3).",requiresArg:!0}).middleware((e=>{var t;return n.container.register(s.RestDiscoveryOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=n.container.resolve(r.Discoveries),i=e.project,{id:s,warnings:a}=await t.create(i,{name:e.name,authObjectId:e.auth,hostsFilter:e.hostFilter,crawlerUrls:e.crawler,fileId:e.archive,repeaters:e.repeater,optimizedCrawler:e.smart,poolSize:e.concurrency,maxInteractionsChainLength:e.interactionsDepth,subdomainsCrawl:e.crawlParentSubdomains,headers:e.header});console.log(s),(null==a?void 0:a.length)&&o.logger.warn(`${a.map((e=>e.message)).join("\n")}\n`),process.exit(0)}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"discovery:run"})),process.exit(1)}}}},9773:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.RunRepeater=void 0;const r=i(5584),o=i(2046),s=i(1879),n=r.__importDefault(i(9490)),a=i(8914),c=i(6436),p=i(6760),l=r.__importDefault(i(1708));t.RunRepeater=class RunRepeater{constructor(){this.command="repeater [options]",this.describe="Starts an on-prem agent."}builder(e){var t;return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("id",{alias:"agent",describe:"ID of an existing repeater which you want to use to run a new scan.",type:"string",requiresArg:!0,demandOption:!0}).option("scripts",{alias:"S",requiresArg:!0,string:!0,describe:'JSON string which contains script list, which is initially empty and consists of zero or more host and path pairs. Example: {"*.example.com": "./hmac.js"}',coerce:e=>JSON.parse(e)}).option("timeout",{number:!0,requiresArg:!0,default:3e4,describe:"Time to wait for a server to send response headers (and start the response body) before aborting the request."}).option("header",{alias:"H",requiresArg:!0,conflicts:["headers"],array:!0,describe:"A list of specific headers that should be included into request.",coerce:e=>Array.isArray(e)?s.Helpers.parseHeaders(e):{}}).option("headers",{requiresArg:!0,deprecated:"Use --header instead.",string:!0,conflicts:["header"],describe:'JSON string which contains header list, which is initially empty and consists of zero or more name and value pairs. Example: {"x-slack-signature": "Z2dFIHJldHNhRQ"}',coerce:e=>JSON.parse(e)}).option("cacert",{default:!1,requiresArg:!0,describe:"The path to file which may contain multiple CA certificates. Example: /etc/ssl/certs/ca-certificates.crt",coerce:e=>("string"==typeof e||"boolean"==typeof e)&&e}).option("cert",{requiresArg:!0,array:!0,string:!0,describe:'The certificate must be in PKCS, or PEM format. Example: {"hostname": "example.com", "path": "./example.pem", "passphrase": "pa$$word", "port": "1234"}.',coerce:e=>e.map((e=>JSON.parse(e))).map((({path:e,hostname:t,passphrase:i,port:r})=>(e||(s.logger.error('Error during "repeater": Specify the path to your client certificate file.'),l.default.exit(1)),t||(s.logger.error('Error during "repeater": Specify the hostname (without protocol and port) of the request URL for which you want to use the certificate.'),l.default.exit(1)),{hostname:t,passphrase:i,path:(0,p.normalize)(e),port:r})))}).option("experimental-connection-reuse",{deprecated:"Use --ntlm instead",boolean:!0,describe:"Configure ntlm support (enables TCP connection reuse)"}).option("ntlm",{boolean:!0,describe:"Configure ntlm support (enables TCP connection reuse)"}).option("daemon",{requiresArg:!1,alias:"d",describe:"Run as repeater in daemon mode"}).option("run",{requiresArg:!1,hidden:!0}).option("remove-daemon",{requiresArg:!1,alias:["rm","remove"],describe:"Stop and remove repeater daemon"}).option("proxy-domains",{requiresArg:!0,array:!0,describe:"Space-separated list of domains that should be routed through the proxy. This option is only applicable when using the --proxy option",coerce(e){if(void 0!==e[0])return 1===e.length&&e[0].includes(" ")?e[0].trim().split(" "):e}}).option("proxy-domains-bypass",{requiresArg:!0,array:!0,default:null===(t=l.default.env.NO_PROXY)||void 0===t?void 0:t.trim().split(",").map((e=>e.trim())),describe:"Space-separated list of domains that should not be routed through the proxy. This option is only applicable when using the --proxy option",coerce(e){if(1===e.length){if(void 0===e[0])return;return e[0].includes(" ")?e[0].trim().split(" "):e}return e}}).conflicts({daemon:"remove-daemon",ntlm:["proxy","experimental-connection-reuse"]}).conflicts("proxy-domains","proxy-domains-bypass").env("REPEATER").middleware((e=>{Object.hasOwnProperty.call(e,"")&&delete e[""]}),!0).exitProcess(!1).check((e=>{var t,i;const r=e.id;if(!s.Helpers.isShortUUID(r)&&!s.Helpers.isUUID(r))throw new Error("Option --id has wrong value. Please ensure that --id option has a valid ID.");const o=null!==(t=e.proxyDomains)&&void 0!==t?t:[];for(const e of o)if(e.includes(","))throw new Error("Option --proxy-domains has a wrong value.Please ensure that --proxy-domains option has space separated list of domain values");const n=null!==(i=e.proxyDomainsBypass)&&void 0!==i?i:[];for(const e of n)if(e.includes(","))throw new Error("Option --proxy-domain-bypass has wrong value.Please ensure that --proxy-domain-bypass option has space separated list of domain values");return!0})).middleware((e=>{var t,i,r;n.default.register(o.RequestExecutorOptions,{useValue:{headers:null!==(t=e.header)&&void 0!==t?t:e.headers,timeout:e.timeout,proxyUrl:null!==(i=e.proxyTarget)&&void 0!==i?i:e.proxy,certs:e.cert,maxBodySize:1/0,maxContentLength:100,reuseConnection:!!e.ntlm||!!e.experimentalConnectionReuse,whitelistMimes:[{type:"text/html",allowTruncation:!1},{type:"text/plain",allowTruncation:!0},{type:"text/css",allowTruncation:!1},{type:"text/javascript",allowTruncation:!1},{type:"text/markdown",allowTruncation:!0},{type:"text/xml",allowTruncation:!1},{type:"application/javascript",allowTruncation:!1},{type:"application/x-javascript",allowTruncation:!1},{type:"application/json",allowTruncation:!1},{type:"application/xml",allowTruncation:!1},{type:"application/x-www-form-urlencoded",allowTruncation:!1},{type:"application/msgpack",allowTruncation:!1},{type:"application/ld+json",allowTruncation:!1},{type:"application/graphql",allowTruncation:!1}],proxyDomains:e.proxyDomains,proxyDomainsBypass:e.proxyDomainsBypass}}).register(a.DefaultRepeaterServerOptions,{useValue:{uri:e.repeaterServer,token:e.token,connectTimeout:e.timeout,proxyUrl:null!==(r=e.proxyBright)&&void 0!==r?r:e.proxy,insecure:e.insecure}})}))}async handler(e){const t=n.default.resolve(a.RepeaterLauncher);if(e.cacert&&await t.loadCerts("string"==typeof e.cacert?e.cacert:void 0),e.scripts&&await t.loadScripts(e.scripts),e.remove)return await t.uninstall(),void(l.default.exitCode=0);if(e.daemon)return await t.install(),void(l.default.exitCode=0);try{["SIGTERM","SIGINT","SIGHUP"].forEach((e=>l.default.on(e,(async()=>{await t.close(),l.default.exitCode=0})))),await t.run(e.id,e.run)}catch(e){(0,c.captureException)(e),s.logger.error(s.ErrorMessageFactory.genericCommandError({error:e,command:"repeater"})),await t.close(),l.default.exitCode=1}}}},2536:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.RunScan=void 0;const r=i(523),o=i(1879),s=i(8641),n=i(8161);class RunScan{constructor(){this.command="scan:run [options]",this.describe="Start a new scan for the received configuration."}static excludeEntryPoint(e){return e.map((e=>JSON.parse(e))).map((({methods:e=[],patterns:t=[]})=>{const i=t.filter((e=>!!e));return i.length||(o.logger.error(o.ErrorMessageFactory.genericCommandError({command:"scan:run",error:"please make sure that patterns contain at least one regexp"})),process.exit(1)),{methods:[...new Set(e)],patterns:[...new Set(i)]}}))}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("name",{alias:"n",describe:"Name of the scan.",requiresArg:!0,demandOption:!0}).option("auth",{alias:"o",describe:"Auth object ID.",requiresArg:!0}).option("repeater",{alias:"agent",requiresArg:!0,array:!0,describe:"ID of any repeaters connected with the scan."}).option("archive",{alias:"a",normalize:!0,requiresArg:!0,describe:"A collection your app's http/websockets logs into HAR file. Usually you can use browser dev tools or our browser web extension"}).option("crawler",{alias:"c",requiresArg:!0,array:!0,describe:"A list of specific urls that should be included into crawler."}).option("test",{array:!0,describe:`A list of tests to run during a scan. If no tests are specified, the default tests will be run.${n.EOL}For more information on the default tests, refer to the documentation: https://docs.brightsec.com/docs/running-a-scan${n.EOL}Additional details about available tests can be found here: https://docs.brightsec.com/docs/vulnerability-guide`}).option("bucket",{array:!0,describe:"A list of test buckets which you want to run during a scan."}).option("project",{alias:"p",requiresArg:!0,string:!0,describe:"ID of the project"}).option("template",{alias:"tp",requiresArg:!1,string:!0,describe:"Scan template ID"}).option("module",{default:r.Module.DAST,requiresArg:!0,choices:o.Helpers.toArray(r.Module),describe:"The dast module tests for specific scenarios, mainly OWASP top 10 and other common scenarios. The fuzzer module generates various scenarios to test for unknown vulnerabilities, providing automated AI led fuzzing testing. This module can be coupled with the repeater to find additional vulnerabilities."}).option("host-filter",{alias:"F",requiresArg:!0,array:!0,describe:"A list of specific hosts that should be included into scan."}).option("header",{alias:"H",requiresArg:!0,array:!0,describe:"A list of specific headers that should be included into request."}).option("exclude-param",{requiresArg:!0,array:!0,string:!0,describe:'A list of regex patterns for parameter names you would like to ignore during the tests. Example: "Id$"'}).option("exclude-entry-point",{array:!0,describe:'A list of JSON strings that contain patterns for entry points you would like to ignore during the tests. Pass an empty string to remove default exclusions. To apply patterns for all HTTP methods, you can set an empty array to "methods". Example: \'{ "methods": [], "patterns": ["users\\/?$"] }\'',coerce:RunScan.excludeEntryPoint}).option("smart",{boolean:!0,describe:"Use automatic smart decisions such as: parameter skipping, detection phases, etc. to minimize scan time."}).option("concurrency",{number:!0,default:10,requiresArg:!0,describe:"Number of maximum concurrent requests allowed to be sent to the target, can range between 1 to 50 (default: 10)."}).option("param",{array:!0,defaultDescription:`[${r.ATTACK_PARAM_LOCATIONS_DEFAULT.map((e=>`"${e}"`)).join(",")}]`,requiresArg:!0,choices:o.Helpers.toArray(r.AttackParamLocation),describe:"Defines which part of the request to attack."}).option("entrypoint",{array:!0,alias:"e",describe:"List entrypoint IDs to scan specific entrypoints. If no IDs are provided, the scan will run on the first 2000 project-level entrypoints. This option requires to specify the project ID using the --project option."}).conflicts("entrypoint",["crawler","archive"]).check((e=>{if(e.entrypoint&&e.archive&&e.crawler)throw new Error("Arguments --entrypoint, --archive and --crawler are mutually exclusive");if(!e.entrypoint&&!e.archive&&!e.crawler)throw new Error("When --entrypoint is not provided, either --archive or --crawler must be specified");return!0})).group(["archive","crawler"],"Discovery Options").group(["host-filter","header","module","repeater","test","smart"],"Additional Options").middleware((e=>{var t;return s.container.register(r.RestScansOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(r.Scans),{id:i,warnings:n=[]}=await t.create({tests:e.test,name:e.name,module:e.module,authObjectId:e.auth,projectId:e.project,templateId:e.template,buckets:e.bucket,hostsFilter:e.hostFilter,headers:o.Helpers.parseHeaders(e.header),crawlerUrls:e.crawler,fileId:e.archive,repeaters:e.repeater,smart:e.smart,attackParamLocations:e.param,poolSize:e.concurrency,exclusions:{requests:e.excludeEntryPoint,params:e.excludeParam},entryPointIds:e.entrypoint});console.log(i),n.length&&o.logger.warn(`${n.map((e=>e.message)).join("\n")}\n`),process.exit(0)}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"scan:run"})),process.exit(1)}}}t.RunScan=RunScan},1294:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.StopDiscovery=void 0;const r=i(512),o=i(1879),s=i(8641);t.StopDiscovery=class StopDiscovery{constructor(){this.command="discovery:stop [options] <discoveryId>",this.describe="Stop discovery by id."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",string:!0,requiresArg:!0,demandOption:!0}).option("project",{alias:"p",requiresArg:!0,string:!0,describe:"ID of the project",demandOption:!0}).positional("discoveryId",{describe:"ID of an existing discovery which you want to stop.",requiresArg:!0,demandOption:!0,type:"string"}).middleware((e=>{var t;return s.container.register(r.RestDiscoveryOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(r.Discoveries);await t.stop(e.project,e.discoveryId),process.exit(0)}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"discovery:stop"})),process.exit(1)}}}},5527:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.StopScan=void 0;const r=i(523),o=i(1879),s=i(8641);t.StopScan=class StopScan{constructor(){this.command="scan:stop [options] <scanId>",this.describe="Stop scan by id."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).positional("scanId",{describe:"ID of an existing scan which you want to stop.",requiresArg:!0,demandOption:!0,type:"string"}).middleware((e=>{var t;return s.container.register(r.RestScansOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=s.container.resolve(r.Scans);await t.stop(e.scanId),process.exit(0)}catch(e){o.logger.error(o.ErrorMessageFactory.genericCommandError({error:e,command:"scan:stop"})),process.exit(1)}}}},4457:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.UploadArchive=void 0;const r=i(5584),o=i(6412),s=i(1879),n=r.__importDefault(i(9490));t.UploadArchive=class UploadArchive{constructor(){this.command="archive:upload [options] <file>",this.describe="Uploads a archive to Bright."}builder(e){return e.option("token",{alias:"t",describe:"Bright API-key",requiresArg:!0,demandOption:!0}).option("type",{alias:"T",requiresArg:!0,describe:"The specification type",choices:[o.SpecType.OPENAPI,o.SpecType.HAR,o.SpecType.POSTMAN].map((e=>e.toLowerCase())),default:o.SpecType.HAR.toLowerCase(),demandOption:!0}).option("discard",{alias:"d",default:!0,boolean:!0,describe:"Indicates if archive should be remove or not after scan running. Enabled by default."}).option("project",{alias:["p","projectId"],describe:"ID of the project for uploading file (Optional for transition period, will be mandatory in future)In case project-level API key project ID determined from that API key"}).option("header",{alias:"H",default:[],deprecated:"Use --header when running a scan using the scan:run command.",requiresArg:!0,array:!0,describe:"A list of specific headers that should be included into request.",coerce:e=>Array.isArray(e)?s.Helpers.parseHeaders(e):{}}).option("variable",{alias:"V",default:[],deprecated:"Directly integrate variables into the file. For updated guidelines on managing variables effectively, refer to https://learning.postman.com/docs/sending-requests/variables/variables/#variable-scopes",requiresArg:!0,array:!0,describe:"A list of specific variables that should be included into request. Only for Postman",coerce:e=>Array.isArray(e)?s.Helpers.parseHeaders(e):{}}).positional("file",{describe:"A collection your app's http/websockets logs into HAR file. Usually you can use browser dev tools or our browser web extension",type:"string",demandOption:!0,normalize:!0}).group(["header"],"OAS Options").group(["header","variable"],"Postman Options").middleware((e=>{var t;n.default.register(o.RestArchivesOptions,{useValue:{insecure:e.insecure,baseURL:e.api,apiKey:e.token,proxyURL:null!==(t=e.proxyBright)&&void 0!==t?t:e.proxy,timeout:e.timeout}})}))}async handler(e){try{const t=n.default.resolve(o.ParserFactory),i=n.default.resolve(o.Archives),r=s.Helpers.selectEnumValue(o.SpecType,e.type),a=t.create(r),c={...await a.parse(e.file),type:r,discard:e.discard,projectId:e.project,headers:e.header,variables:e.variable};console.log(await i.upload(c)),process.exit(0)}catch(e){s.logger.error(s.ErrorMessageFactory.genericCommandError({error:e,command:"archive:upload"})),process.exit(1)}}}},2887:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.VersionCommand=void 0;const r=i(1879),o=i(5317);class VersionCommand{constructor(){this.command="version",this.describe="Prints Bright CLI version this project uses."}static executeCommand(e){return new Promise(((t,i)=>{(0,o.exec)(e,((e,r,o)=>r?t(r):o?t(o):e?i(e):void t("")))}))}async handler(){const e=(await VersionCommand.executeCommand("npm list --depth=0")).match(/ @brightsec\/cli@(.*)\n/),t=(e&&e[1]?e[1]:"").replace(/"invalid"/gi,"").trim(),i=(await VersionCommand.executeCommand("npm list -g --depth=0")).match(/ @brightsec\/cli@(.*)\n/),o=(i&&i[1]?i[1]:"").replace(/"invalid"/gi,"").trim();t?r.logger.log("Local installed version:",t):r.logger.warn("No local installed Bright CLI was found."),o?r.logger.log("Global installed Bright CLI version:",o):r.logger.warn("No global installed was found."),t&&o&&t!==o&&r.logger.warn("To avoid issues with CLI please make sure your global and local Bright CLI versions match, or you are using locally installed Bright CLI instead of global one.")}}t.VersionCommand=VersionCommand},6572:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.GetEntryPoints=t.Configure=t.RunRepeater=t.PollingScanStatus=t.StopScan=t.RetestScan=t.UploadArchive=t.RunScan=t.VersionCommand=void 0;var r=i(2887);Object.defineProperty(t,"VersionCommand",{enumerable:!0,get:function(){return r.VersionCommand}});var o=i(2536);Object.defineProperty(t,"RunScan",{enumerable:!0,get:function(){return o.RunScan}});var s=i(4457);Object.defineProperty(t,"UploadArchive",{enumerable:!0,get:function(){return s.UploadArchive}});var n=i(3986);Object.defineProperty(t,"RetestScan",{enumerable:!0,get:function(){return n.RetestScan}});var a=i(5527);Object.defineProperty(t,"StopScan",{enumerable:!0,get:function(){return a.StopScan}});var c=i(9520);Object.defineProperty(t,"PollingScanStatus",{enumerable:!0,get:function(){return c.PollingScanStatus}});var p=i(9773);Object.defineProperty(t,"RunRepeater",{enumerable:!0,get:function(){return p.RunRepeater}});var l=i(5832);Object.defineProperty(t,"Configure",{enumerable:!0,get:function(){return l.Configure}});var d=i(7653);Object.defineProperty(t,"GetEntryPoints",{enumerable:!0,get:function(){return d.GetEntryPoints}})},2675:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.CliBuilder=void 0;const r=i(5584),o=i(1879),s=i(9654),n=i(6436),a=r.__importDefault(i(2736)),c=r.__importDefault(i(1708));t.CliBuilder=class CliBuilder{constructor(e){this._options=e}get options(){return this._options}build({commands:e}){const{configReader:t,info:r}=this.options,s=i(8314).option("config",{requiresArg:!0,describe:"Path to the file with configuration",config:!0,default:t.discovery(r.cwd),configParser:e=>t.load(e).toJSON()}).option("log-level",{requiresArg:!0,choices:Object.keys(o.LogLevel).map((e=>isNaN(+e)?e.toLowerCase():+e)),default:o.LogLevel.NOTICE,describe:"What level of logs to report. Any logs of a higher level than the setting are shown."}).option("log-file",{requiresArg:!0,type:"string",describe:"File path to write logs to. If specified, logs will be written to this file"}).implies({"log-max-size":"log-file","log-max-files":"log-file","log-rotate-interval":"log-file","log-compress":"log-file"}).group(["log-max-size","log-max-files","log-rotate-interval","log-compress"],"Log Rotation Options (requires --log-file):").option("log-max-size",{requiresArg:!0,type:"string",describe:'Maximum size of log file before rotation (e.g., "10MB", "1GB"). Default: 10MB'}).option("log-max-files",{requiresArg:!0,type:"number",describe:"Maximum number of rotated log files to keep. Default: 5"}).option("log-rotate-interval",{requiresArg:!0,type:"string",describe:'Time interval to rotate log files (e.g., "1d", "12h", "7d"). Default: 1d'}).option("log-compress",{type:"boolean",describe:"Compress rotated log files using gzip. Default: true"}).option("cluster",{deprecated:"Use --hostname instead",requiresArg:!0,describe:"Bright application name (domain name). [default: app.brightsec.com]"}).option("hostname",{requiresArg:!0,describe:"Bright application name (domain name). [default: app.brightsec.com]"}).option("insecure",{boolean:!0,default:!1,description:"Allows CLI to proceed and operate even for server connections otherwise considered insecure."}).option("proxy",{requiresArg:!0,default:c.default.env.PROXY,describe:"Specify a proxy URL to route all traffic through. This should be an HTTP(S), SOCKS4, or SOCKS5 URL. By default, if you specify SOCKS://<URL>, then SOCKS5h is applied."}).option("proxy-bright",{requiresArg:!0,describe:"Specify a proxy URL to route all outbound traffic through. For more information, see the --proxy option."}).option("proxy-target",{requiresArg:!0,describe:"Specify a proxy URL to route all inbound traffic through. For more information, see the --proxy option."}).option("timeout",{describe:"Request timeout in seconds or a duration string (e.g. 10s, 1m, 1h, 10h, 1y).",default:30,coerce:e=>isNaN(+e)?(0,a.default)(e):1e3*+e}).conflicts({proxy:["proxy-bright","proxy-target"],hostname:"cluster"}).middleware((e=>{const{api:t,repeaterServer:i}=o.Helpers.getClusterUrls(e);if(e.api=t,e.repeaterServer=i,e.logFile){const t={maxSize:e["log-max-size"],maxFiles:e["log-max-files"],interval:e["log-rotate-interval"],compress:!1===e["log-compress"]?void 0:"gzip"};o.Logger.configure(e.logLevel,e.logFile,t)}})).middleware((e=>(o.logger.logLevel=e["log-level"],e["log-file"]&&(o.logger.logFile=e["log-file"]),e))).middleware((e=>{var t;return o.logger.logLevel=isNaN(+e.logLevel)?o.LogLevel[null===(t=e.logLevel)||void 0===t?void 0:t.toString().toUpperCase()]:+e.logLevel})).usage("Usage: $0 <command> [options] [<file | scan>]").pkgConf("bright",r.cwd).example("$0 archive:generate --mockfile=.mockfile --name=archive.har","output har file on base your mock requests");return e.reduce(((e,t)=>e.command(this.wrapWithSentry(t))),s).recommendCommands().demandCommand(1).strict(!0).version(r.version).alias("v","version").help("help").alias("h","help").wrap(null)}wrapWithSentry(e){const t=e.handler.bind(e);return e.handler=async e=>{const i=new s.SystemConfigManager(e.api),r=await i.read();return(0,n.runWithAsyncContext)((()=>(this.initSentry(r.sentryDsn),(0,n.setContext)("args",e),i.enableBackgroundRotation((e=>{this.initSentry(e.sentryDsn)})),t(e))))},e}initSentry(e){(0,n.init)({dsn:e,attachStacktrace:!0,release:c.default.env.VERSION,beforeSend:e=>(e.contexts.args&&(e.contexts.args={...e.contexts.args,t:e.contexts.args.t&&"[Filtered]",token:e.contexts.args.token&&"[Filtered]"}),e)})}}},9750:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.CliInfo=void 0;const r=i(5584),o=i(4199),s=r.__importDefault(i(6760)),n=i(3024);t.CliInfo=class CliInfo{constructor(e){var t,i;const r=this.getPackagePath(e),o=this.getPackageData(r);this.cwd=r?s.default.dirname(r):e,this.version=null!==(t="13.7.0")?t:null==o?void 0:o.version,this.distribution=null===(i=null==o?void 0:o.brightCli)||void 0===i?void 0:i.distribution}getPackageData(e){try{const t=(0,n.readFileSync)(e,"utf8");return JSON.parse(t)}catch{}}getPackagePath(e){return(0,o.sync)("package.json",{cwd:e||process.env.BRIGHT_CWD||process.cwd()})}}},2815:(e,t)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.ConfigReader=void 0,t.ConfigReader=Symbol("ConfigReader")},6712:(e,t,i)=>{Object.defineProperty(t,"__esModule",{value:!0}),t.DefaultConfigReader=void 0;const r=i(1879),o=i(4199),s=i(7089),n=i(6760),a=i(3024),c=i(714);t.DefaultConfigReader=class DefaultConfigReader{constructor(){this.rcOptions=[".brightrc",".brightrc.json",".brightrc.yml",".brightrc.yaml","bright.config.js",".nexploitrc",".nexploitrc.json",".nexploitrc.yml",".nexploitrc.yaml","nexploit.config.js"],this.config=new Map}discovery(e){return(0,o.sync)(this.rcOptions,{cwd:e})}load(e){const t=(0,n.extname)(e.toLowerCase());return".js"===t?this.configure(this.loadCommonJsModule(e)):".yml"===t||".yaml"===t?this.configure((0,s.load)((0,a.readFileSync)(e,"utf8"))):this.configure(JSON.parse((0,a.readFileSync)(e,"utf-8"))),this}get(e){return this.config.get(e)}has(e){return this.config.has(e)}toJSON(){return[...this.config