UNPKG

@cosmstack/blackshield

Version:

A developer-first security toolkit for React/Next.js applications

55 lines (53 loc) 1.8 kB
#!/usr/bin/env node // src/cli/init.ts import { promises as fs } from "fs"; var DEFAULT_CONFIG = { envValidation: { allowedPublicVars: ["NEXT_PUBLIC_APP_URL", "NEXT_PUBLIC_API_URL", "NEXT_PUBLIC_VERCEL_URL"] }, xssProtection: { autoSanitize: true, customRules: {} }, boundaryProtection: { validateServerProps: true, customValidators: {} } }; var ESLINT_CONFIG = { extends: ["next/core-web-vitals"], plugins: ["@cosmstack/blackshield/eslint-plugin"], rules: { "@cosmstack/blackshield/no-public-sensitive-env": "error", "@cosmstack/blackshield/no-unsafe-html": "error" } }; async function initializeConfig(force = false) { const configPath = ".blackshieldrc.json"; const eslintPath = ".eslintrc.blackshield.json"; try { if (!force) { try { await fs.access(configPath); console.log("\u26A0\uFE0F Configuration file already exists. Use --force to overwrite."); return; } catch { } } await fs.writeFile(configPath, JSON.stringify(DEFAULT_CONFIG, null, 2), "utf-8"); console.log("\u2705 Created .blackshieldrc.json"); await fs.writeFile(eslintPath, JSON.stringify(ESLINT_CONFIG, null, 2), "utf-8"); console.log("\u2705 Created .eslintrc.blackshield.json (example ESLint config)"); console.log("\n\u{1F6E1}\uFE0F Blackshield initialized successfully!"); console.log("\nNext steps:"); console.log("1. Review and customize .blackshieldrc.json"); console.log("2. Merge .eslintrc.blackshield.json with your existing ESLint config"); console.log('3. Run "npx @cosmstack/blackshield check" to analyze your project'); } catch (error) { console.error("\u274C Failed to initialize configuration:", error); process.exit(1); } } export { initializeConfig };