securesync
Version:
Intelligent dependency security scanner with auto-fix
277 lines (260 loc) • 8.29 kB
TypeScript
import { ReleaseType } from 'semver';
interface Vulnerability {
id: string;
severity: 'low' | 'moderate' | 'high' | 'critical';
package: string;
version: string;
patched: string[];
description: string;
references: string[];
cvss: number;
epss?: number;
isTransitive?: boolean;
path?: string[];
}
interface DependencyTree {
name: string;
version: string;
dependencies: Map<string, DependencyNode>;
packages: PackageInfo[];
}
interface DependencyNode {
name: string;
version: string;
resolved: string;
dependencies?: Map<string, DependencyNode>;
}
interface PackageInfo {
name: string;
version: string;
isDevDependency: boolean;
isDirect: boolean;
}
interface ScanResult {
vulnerabilities: Vulnerability[];
totalPackages: number;
scannedAt: Date;
dependencies: DependencyTree;
summary: {
critical: number;
high: number;
moderate: number;
low: number;
};
}
interface ScanOptions {
projectPath: string;
includeDevDependencies?: boolean;
analyzeReachability?: boolean;
enhanceWithOSV?: boolean;
}
declare function scanNpmProject(projectPath: string, options?: Partial<ScanOptions>): Promise<ScanResult>;
interface APIChange {
type: 'breaking' | 'feature' | 'fix';
category: 'removed' | 'renamed' | 'signature' | 'behavior';
symbol: string;
before: string;
after: string;
migration?: string;
confidence: number;
source: 'typescript' | 'changelog' | 'commit' | 'runtime';
}
interface BreakingChangeAnalysis {
packageName: string;
fromVersion: string;
toVersion: string;
changes: APIChange[];
hasBreakingChanges: boolean;
riskLevel: 'low' | 'medium' | 'high';
analyzedAt: Date;
}
interface ChangelogEntry {
version: string;
date?: string;
changes: {
breaking: string[];
features: string[];
fixes: string[];
other: string[];
};
}
interface VersionDiff {
fromVersion: string;
toVersion: string;
diffType: ReleaseType | null;
isUpgrade: boolean;
isDowngrade: boolean;
expectedBreakingChanges: boolean;
}
declare function analyzeVersionDiff(fromVersion: string, toVersion: string): VersionDiff;
declare function parseChangelog(changelogContent: string): Promise<ChangelogEntry[]>;
declare function analyzeBreakingChanges(packageName: string, fromVersion: string, toVersion: string): Promise<BreakingChangeAnalysis>;
interface CodeChange {
line: number;
column: number;
old: string;
new: string;
applied?: boolean;
}
interface Migration {
file: string;
changes: CodeChange[];
script: string;
safe: boolean;
}
interface TestResult {
passed: boolean;
output: string;
duration: number;
failedTests?: string[];
exitCode?: number;
}
interface UpdateResult {
success: boolean;
reason?: string;
failedTests?: string[];
migrations?: Migration[];
rolledBack?: boolean;
}
interface RemediationOptions {
autoApply?: boolean;
runTests?: boolean;
createBackup?: boolean;
interactive?: boolean;
}
declare function generateMigration(projectPath: string, packageName: string, changes: APIChange[]): Promise<Migration[]>;
declare function testDrivenUpdate(projectPath: string, packageName: string, newVersion: string, migrations: Migration[], options?: RemediationOptions): Promise<UpdateResult>;
declare function runTests(projectPath: string): Promise<TestResult>;
interface Alternative {
name: string;
description: string;
downloads: number;
lastPublish: Date;
stars: number;
issues: number;
maintainers: number;
vulnerabilities: number;
compatibility: number;
migrationEffort: 'low' | 'medium' | 'high';
score: number;
}
interface SearchCriteria {
minDownloads?: number;
maxAge?: number;
minStars?: number;
zeroVulnerabilities?: boolean;
minCompatibility?: number;
}
interface PackageMetadata {
name: string;
description: string;
version: string;
downloads: number;
lastPublish: Date;
repository?: string;
homepage?: string;
keywords: string[];
license?: string;
}
interface GitHubMetadata {
stars: number;
forks: number;
issues: number;
lastCommit: Date;
contributors: number;
}
declare function findAlternatives(packageName: string, criteria?: SearchCriteria): Promise<Alternative[]>;
declare function scoreAlternative(alternative: PackageMetadata, _originalPackage: string): Promise<number>;
interface GraphNode {
id: string;
name: string;
version: string;
depth: number;
parent?: string;
children: string[];
vulnerabilities: number;
isDevDependency: boolean;
}
interface DependencyGraph {
nodes: Map<string, GraphNode>;
edges: Array<{
from: string;
to: string;
}>;
roots: string[];
}
declare function buildGraph(depTree: DependencyTree): DependencyGraph;
declare function findDependencyPath(graph: DependencyGraph, packageName: string): string[][];
declare function getDepth(graph: DependencyGraph, nodeId: string): number;
declare function getDirectDependencies(graph: DependencyGraph): GraphNode[];
declare function getTransitiveDependencies(graph: DependencyGraph): GraphNode[];
interface VisualizationOptions {
format: 'tree' | 'dot' | 'json';
maxDepth?: number;
showVersions?: boolean;
highlightVulnerabilities?: boolean;
}
declare function visualize(graph: DependencyGraph, options?: VisualizationOptions): string;
declare function printSummary(graph: DependencyGraph): string;
interface SecureSyncOptions {
projectPath: string;
autoFix?: boolean;
testBeforeUpdate?: boolean;
createBackup?: boolean;
}
declare class SecureSync {
private options;
constructor(options: SecureSyncOptions);
/**
* Scan project dependencies for vulnerabilities
*/
scan(scanOptions?: Partial<ScanOptions>): Promise<ScanResult>;
/**
* Analyze breaking changes for a package update
*/
analyzeBreakingChanges(packageName: string, fromVersion: string, toVersion: string): Promise<BreakingChangeAnalysis>;
/**
* Generate migration scripts for breaking changes
*/
generateMigrations(packageName: string, changes: BreakingChangeAnalysis): Promise<Migration[]>;
/**
* Auto-fix vulnerabilities with optional test-driven approach
*/
fix(options?: {
maxSeverity?: 'low' | 'moderate' | 'high' | 'critical';
breakingChanges?: 'skip' | 'warn' | 'allow';
dryRun?: boolean;
}): Promise<FixReport>;
/**
* Find alternative packages
*/
findAlternatives(packageName: string, criteria?: SearchCriteria): Promise<Alternative[]>;
/**
* Build and visualize dependency graph
*/
visualizeDependencies(options?: VisualizationOptions): Promise<string>;
/**
* Get dependency graph
*/
getDependencyGraph(): Promise<DependencyGraph>;
}
interface FixResult {
package: string;
success: boolean;
reason?: string;
fromVersion?: string;
toVersion?: string;
migrations?: Migration[];
breakingChanges?: BreakingChangeAnalysis;
failedTests?: string[];
rolledBack?: boolean;
dryRun?: boolean;
}
interface FixReport {
totalVulnerabilities: number;
vulnerabilitiesFixed: number;
packagesUpdated: number;
packagesFailed: number;
results: FixResult[];
}
export { type APIChange, type Alternative, type BreakingChangeAnalysis, type ChangelogEntry, type CodeChange, type DependencyGraph, type DependencyNode, type DependencyTree, type FixReport, type FixResult, type GitHubMetadata, type GraphNode, type Migration, type PackageInfo, type PackageMetadata, type RemediationOptions, type ScanOptions, type ScanResult, type SearchCriteria, SecureSync, type SecureSyncOptions, type TestResult, type UpdateResult, type VisualizationOptions, type Vulnerability, analyzeBreakingChanges, analyzeVersionDiff, buildGraph, findAlternatives, findDependencyPath, generateMigration, getDepth, getDirectDependencies, getTransitiveDependencies, parseChangelog, printSummary, runTests, scanNpmProject, scoreAlternative, testDrivenUpdate, visualize };