@cosmstack/blackshield
Version:
A developer-first security toolkit for React/Next.js applications
55 lines (53 loc) • 1.8 kB
JavaScript
// src/cli/init.ts
import { promises as fs } from "fs";
var DEFAULT_CONFIG = {
envValidation: {
allowedPublicVars: ["NEXT_PUBLIC_APP_URL", "NEXT_PUBLIC_API_URL", "NEXT_PUBLIC_VERCEL_URL"]
},
xssProtection: {
autoSanitize: true,
customRules: {}
},
boundaryProtection: {
validateServerProps: true,
customValidators: {}
}
};
var ESLINT_CONFIG = {
extends: ["next/core-web-vitals"],
plugins: ["@cosmstack/blackshield/eslint-plugin"],
rules: {
"@cosmstack/blackshield/no-public-sensitive-env": "error",
"@cosmstack/blackshield/no-unsafe-html": "error"
}
};
async function initializeConfig(force = false) {
const configPath = ".blackshieldrc.json";
const eslintPath = ".eslintrc.blackshield.json";
try {
if (!force) {
try {
await fs.access(configPath);
console.log("\u26A0\uFE0F Configuration file already exists. Use --force to overwrite.");
return;
} catch {
}
}
await fs.writeFile(configPath, JSON.stringify(DEFAULT_CONFIG, null, 2), "utf-8");
console.log("\u2705 Created .blackshieldrc.json");
await fs.writeFile(eslintPath, JSON.stringify(ESLINT_CONFIG, null, 2), "utf-8");
console.log("\u2705 Created .eslintrc.blackshield.json (example ESLint config)");
console.log("\n\u{1F6E1}\uFE0F Blackshield initialized successfully!");
console.log("\nNext steps:");
console.log("1. Review and customize .blackshieldrc.json");
console.log("2. Merge .eslintrc.blackshield.json with your existing ESLint config");
console.log('3. Run "npx @cosmstack/blackshield check" to analyze your project');
} catch (error) {
console.error("\u274C Failed to initialize configuration:", error);
process.exit(1);
}
}
export {
initializeConfig
};