UNPKG

dependency-guardian

Version:

A powerful dependency management and analysis tool for Node.js projects

github.com/1oridevs/Dep-Guard

1oridevs/Dep-Guard

232 lines (209 loc) 7.25 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
const ora = require('ora'); const chalk = require('chalk'); const inquirer = require('inquirer'); const fs = require('fs').promises; const logger = require('../utils/logger'); async function policyCommand(program) { program .command('policy') .description('Manage dependency policies') .option('init', 'Create a new policy file') .option('check', 'Check compliance with current policy') .option('add <rule>', 'Add a new policy rule') .option('remove <rule>', 'Remove a policy rule') .option('list', 'List all policy rules') .option('--format <type>', 'Output format (table|json)', 'table') .action(async (cmd) => { try { if (cmd.init) { await initializePolicy(); } else if (cmd.check) { await checkPolicy(); } else if (cmd.add) { await addPolicyRule(cmd.add); } else if (cmd.remove) { await removePolicyRule(cmd.remove); } else if (cmd.list) { await listPolicyRules(cmd.format); } else { program.help(); } } catch (error) { logger.error('Policy command failed:', error); process.exit(1); } }); } async function initializePolicy() { const questions = [ { type: 'checkbox', name: 'policyTypes', message: 'Select policy types to configure:', choices: [ { name: 'Security policies', value: 'security', checked: true }, { name: 'License policies', value: 'license', checked: true }, { name: 'Version policies', value: 'version', checked: true }, { name: 'Size policies', value: 'size', checked: false } ] }, { type: 'list', name: 'securityLevel', message: 'Default security level:', choices: ['strict', 'moderate', 'relaxed'], when: (answers) => answers.policyTypes.includes('security') }, // ... more policy questions ... ]; const answers = await inquirer.prompt(questions); const policy = generatePolicyFromAnswers(answers); await savePolicyFile(policy); } async function checkPolicy() { const spinner = ora('Checking policy compliance...').start(); try { const policy = await loadPolicyFile(); const violations = await checkPolicyCompliance(policy); spinner.succeed('Policy check complete'); if (violations.length > 0) { console.log(chalk.red('\nPolicy violations found:')); violations.forEach(v => { console.log(chalk.red(`■ ${v.type}: ${v.message}`)); }); process.exit(1); } else { console.log(chalk.green('\n✓ All policies are satisfied')); } } catch (error) { spinner.fail('Policy check failed'); throw error; } } async function addPolicyRule(rule) { try { const policy = await loadPolicyFile(); const [type, ...ruleParts] = rule.split(':'); const ruleContent = ruleParts.join(':'); switch (type) { case 'security': await addSecurityRule(policy, ruleContent); break; case 'license': await addLicenseRule(policy, ruleContent); break; case 'version': await addVersionRule(policy, ruleContent); break; case 'size': await addSizeRule(policy, ruleContent); break; default: throw new Error(`Unknown policy type: ${type}`); } await savePolicyFile(policy); console.log(chalk.green(`✓ Added ${type} rule: ${ruleContent}`)); } catch (error) { throw new Error(`Failed to add policy rule: ${error.message}`); } } async function removePolicyRule(rule) { try { const policy = await loadPolicyFile(); const [type, id] = rule.split(':'); let removed = false; if (policy[type] && policy[type].rules) { policy[type].rules = policy[type].rules.filter(r => r.id !== id); removed = true; } if (removed) { await savePolicyFile(policy); console.log(chalk.green(`✓ Removed ${type} rule: ${id}`)); } else { console.log(chalk.yellow(`Rule not found: ${type}:${id}`)); } } catch (error) { throw new Error(`Failed to remove policy rule: ${error.message}`); } } async function listPolicyRules(format) { try { const policy = await loadPolicyFile(); if (format === 'json') { console.log(JSON.stringify(policy, null, 2)); return; } // Display as table console.log('\nCurrent Policy Rules:\n'); Object.entries(policy).forEach(([type, config]) => { console.log(chalk.blue(`\n${type.toUpperCase()} RULES:`)); if (config.rules && config.rules.length > 0) { config.rules.forEach(rule => { console.log(chalk.cyan(`■ [${rule.id}] ${rule.description}`)); if (rule.conditions) { Object.entries(rule.conditions).forEach(([key, value]) => { console.log(` - ${key}: ${value}`); }); } }); } else { console.log(chalk.gray(' No rules configured')); } }); } catch (error) { throw new Error(`Failed to list policy rules: ${error.message}`); } } async function loadPolicyFile() { try { const content = await fs.readFile('.dependency-guardian-policy.json', 'utf8'); return JSON.parse(content); } catch (error) { if (error.code === 'ENOENT') { throw new Error('No policy file found. Run "dependency-guardian policy init" to create one.'); } throw error; } } async function savePolicyFile(policy) { await fs.writeFile( '.dependency-guardian-policy.json', JSON.stringify(policy, null, 2) ); } function generatePolicyFromAnswers(answers) { return { security: answers.policyTypes.includes('security') ? { level: answers.securityLevel, rules: getDefaultSecurityRules(answers.securityLevel) } : undefined, license: answers.policyTypes.includes('license') ? { rules: getDefaultLicenseRules() } : undefined, version: answers.policyTypes.includes('version') ? { rules: getDefaultVersionRules() } : undefined, size: answers.policyTypes.includes('size') ? { rules: getDefaultSizeRules() } : undefined }; } // Helper functions for specific rule types function getDefaultSecurityRules(level) { const rules = { strict: [ { id: 'sec001', description: 'No critical vulnerabilities', severity: 'critical', action: 'block' }, { id: 'sec002', description: 'No high vulnerabilities', severity: 'high', action: 'block' } ], moderate: [ { id: 'sec001', description: 'No critical vulnerabilities', severity: 'critical', action: 'block' }, { id: 'sec002', description: 'High vulnerabilities require review', severity: 'high', action: 'warn' } ], relaxed: [ { id: 'sec001', description: 'Critical vulnerabilities require review', severity: 'critical', action: 'warn' } ] }; return rules[level] || rules.moderate; } // ... similar helper functions for other rule types ... module.exports = policyCommand;