@codethreat/appsec-cli
Version:
CodeThreat AppSec CLI for CI/CD integration and automated security scanning
283 lines (280 loc) • 7.35 kB
TypeScript
#!/usr/bin/env node
interface ApiResponse<T = any> {
success: boolean;
data?: T;
error?: {
code: string;
message: string;
details?: any;
};
}
interface User {
id: string;
email: string;
name: string;
}
interface Organization {
id: string;
name: string;
slug: string;
planType: string;
isPersonal: boolean;
usageBalance?: number;
}
interface AuthValidationResponse {
valid: boolean;
user: User;
organizations?: Organization[];
permissions?: string[];
usage?: {
currentBalance: number;
planType: string;
};
authenticatedAt: string;
}
interface Repository {
id: string;
name: string;
fullName: string;
url: string;
defaultBranch: string;
isPrivate: boolean;
provider: string;
}
interface RepositoryImportResponse {
repository: Repository;
alreadyExists: boolean;
scan: {
id: string;
status: string;
types: string[];
branch: string;
} | null;
}
interface Scan {
id: string;
repositoryId: string;
branch: string;
status: 'PENDING' | 'SCANNING' | 'COMPLETED' | 'FAILED';
types: string[];
startedAt: string;
completedAt?: string;
scanDuration?: number;
securityScore?: number;
}
interface ScanRunResponse {
scan: Scan;
synchronous: boolean;
results?: {
total: number;
critical: number;
high: number;
medium: number;
low: number;
};
duration?: number;
}
interface ScanStatusResponse {
scan: Scan & {
repository: {
id: string;
name: string;
fullName: string;
};
};
progress: {
percentage: number;
currentPhase: string;
estimatedCompletion: string | null;
};
results: {
violationCount: number;
summary: {
critical: number;
high: number;
medium: number;
low: number;
};
byType: Record<string, number>;
};
logs?: Array<{
step: string;
status: string;
startedAt?: string;
completedAt?: string;
error?: string;
}>;
}
interface ScanResultsResponse {
scan: Scan & {
repository: Repository;
};
format: string;
results: any;
summary: {
total: number;
critical: number;
high: number;
medium: number;
low: number;
};
exportedAt: string;
}
interface Violation {
id: string;
type: string;
severity: 'critical' | 'high' | 'medium' | 'low' | 'info';
title: string;
description: string;
location?: string;
lineNumber?: number;
codeSnippet?: string;
ruleId?: string;
cwe?: string;
cve?: string;
status: string;
createdAt: string;
updatedAt: string;
}
interface OrganizationConfig {
organization: {
id: string;
name: string;
slug: string;
planType: string;
usageBalance: number;
};
capabilities: {
scanTypes: {
sast: boolean;
sca: boolean;
secrets: boolean;
iac: boolean;
};
features: {
repositoryImport: boolean;
synchronousScanning: boolean;
multiFormatExport: boolean;
batchOperations: boolean;
privateRepositories: boolean;
aiAnalysis: boolean;
prReviews: boolean;
};
};
limits: {
traditionalScans: {
limit: number;
currentCount: number;
canPerform: boolean;
resetDate: string;
};
prReviews: {
limit: number;
currentCount: number;
canPerform: boolean;
resetDate: string;
};
};
usage: {
currentBalance: number;
usedThisMonth: number;
billingPeriod: string;
};
supportedFormats: string[];
supportedProviders: string[];
}
interface CLIInfo {
cli: {
name: string;
version: string;
supportedPlatforms: string[];
supportedArchitectures: string[];
};
api: {
version: string;
baseUrl: string;
endpoints: {
repositories: string;
scans: string;
organizations: string;
};
};
supportedFormats: string[];
supportedProviders: string[];
capabilities?: OrganizationConfig['capabilities'];
}
type ExportFormat = 'json' | 'sarif' | 'csv' | 'xml' | 'junit';
type ScanType = 'sast' | 'sca' | 'secrets' | 'iac' | 'scan';
type Provider = 'github' | 'gitlab' | 'bitbucket' | 'azure_devops';
type ScanTrigger = 'manual' | 'ci/cd' | 'api';
declare class CodeThreatApiClient {
private client;
private config;
constructor();
validateAuth(options?: {
includePermissions?: boolean;
includeOrganizations?: boolean;
includeUsage?: boolean;
}): Promise<AuthValidationResponse>;
getCLIInfo(): Promise<CLIInfo>;
importRepository(options: {
url: string;
organizationSlug?: string;
name?: string;
provider?: Provider;
branch?: string;
autoScan?: boolean;
scanTypes?: ScanType[];
isPrivate?: boolean;
description?: string;
}): Promise<RepositoryImportResponse>;
getRepositoryStatus(repositoryId: string): Promise<any>;
runScan(options: {
repositoryId: string;
organizationSlug?: string;
branch?: string;
scanTypes: ScanType[];
wait?: boolean;
timeout?: number;
pollInterval?: number;
scanTrigger?: ScanTrigger;
pullRequestId?: string;
commitSha?: string;
metadata?: Record<string, string>;
}): Promise<ScanRunResponse>;
getScanStatus(scanId: string, includeLogs?: boolean): Promise<ScanStatusResponse>;
exportScanResults(options: {
scanId: string;
format?: ExportFormat;
severity?: string[];
scanTypes?: ScanType[];
includeFixed?: boolean;
includeSuppressed?: boolean;
includeMetadata?: boolean;
ruleIds?: string[];
}): Promise<ScanResultsResponse>;
getOrganizationConfig(organizationId: string): Promise<OrganizationConfig>;
listRepositories(options?: {
page?: number;
limit?: number;
search?: string;
provider?: Provider;
status?: string;
sortBy?: string;
sortOrder?: 'asc' | 'desc';
}): Promise<any>;
listScans(options?: {
page?: number;
limit?: number;
repositoryId?: string;
status?: string;
sortBy?: string;
sortOrder?: 'asc' | 'desc';
}): Promise<any>;
private handleResponse;
private handleApiError;
testConnection(): Promise<boolean>;
setApiKey(apiKey: string): void;
setServerUrl(serverUrl: string): void;
}
export { type ApiResponse, type AuthValidationResponse, type CLIInfo, CodeThreatApiClient, type ExportFormat, type Organization, type OrganizationConfig, type Provider, type Repository, type RepositoryImportResponse, type Scan, type ScanResultsResponse, type ScanRunResponse, type ScanStatusResponse, type ScanTrigger, type ScanType, type User, type Violation };