UNPKG

@re-shell/cli

Version:

Full-stack development platform uniting microservices and microfrontends. Build complete applications with .NET (ASP.NET Core Web API, Minimal API), Java (Spring Boot, Quarkus, Micronaut, Vert.x), Rust (Actix-Web, Warp, Rocket, Axum), Python (FastAPI, Dja

github.com/Re-Shell/cli

Re-Shell/cli

106 lines (105 loc) 3.52 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
import { EventEmitter } from 'events'; import { PluginPermission, PluginRegistration } from './plugin-system'; export declare enum SecurityLevel { TRUSTED = "trusted", VERIFIED = "verified", SANDBOXED = "sandboxed", RESTRICTED = "restricted", BLOCKED = "blocked" } export interface SecurityPolicy { allowNetworkAccess: boolean; allowFileSystemAccess: boolean; allowProcessExecution: boolean; allowEnvironmentAccess: boolean; allowWorkspaceAccess: boolean; maxMemoryUsage: number; maxExecutionTime: number; trustedSources: string[]; blockedSources: string[]; requiredSignatures: boolean; } export interface SecurityViolation { type: 'permission' | 'resource' | 'signature' | 'sandbox' | 'malware'; severity: 'low' | 'medium' | 'high' | 'critical'; description: string; source: string; recommendation: string; blocked: boolean; } export interface SecurityScanResult { plugin: string; securityLevel: SecurityLevel; violations: SecurityViolation[]; permissions: PluginPermission[]; signature?: SecuritySignature; reputation?: PluginReputation; sandboxRequired: boolean; approved: boolean; warnings: string[]; } export interface SecuritySignature { algorithm: string; signature: string; publicKey: string; timestamp: number; verified: boolean; issuer?: string; } export interface PluginReputation { downloads: number; rating: number; reviews: number; lastUpdated: number; maintainer: string; verified: boolean; communityTrust: number; } export interface SandboxConfig { isolateFileSystem: boolean; isolateNetwork: boolean; isolateProcesses: boolean; memoryLimit: number; timeoutLimit: number; allowedPaths: string[]; blockedPaths: string[]; allowedNetworks: string[]; blockedNetworks: string[]; } export declare class PluginSecurityValidator extends EventEmitter { private securityPolicy; private trustedPublicKeys; private pluginReputations; private securityCache; constructor(policy?: Partial<SecurityPolicy>); scanPlugin(registration: PluginRegistration): Promise<SecurityScanResult>; private validatePermissions; private checkPermissionViolation; private scanForMaliciousCode; private verifySignature; private checkReputation; private analyzeSourceTrust; private determinePluginSource; private determineSecurityLevel; private generateSecurityRecommendations; createSandboxConfig(registration: PluginRegistration, securityResult: SecurityScanResult): SandboxConfig; addTrustedPublicKey(publicKey: string): void; updatePluginReputation(pluginName: string, reputation: PluginReputation): void; clearCache(): void; private getCacheKey; getSecurityStats(): any; } export declare class PluginSandbox extends EventEmitter { private config; private activeProcesses; constructor(config: SandboxConfig); executeInSandbox(pluginFunction: Function, context: any, timeout?: number): Promise<any>; private createSandboxedContext; private createSandboxedFS; private createSandboxedProcess; private isPathAllowed; monitorResourceUsage(): void; } export declare function createSecurityValidator(policy?: Partial<SecurityPolicy>): PluginSecurityValidator; export declare function createPluginSandbox(config: SandboxConfig): PluginSandbox; export declare function getDefaultSecurityPolicy(): SecurityPolicy;