tops-bmad
Version:
CLI tool to install BMAD workflow files into any project with integrated Shai-Hulud 2.0 security scanning
70 lines (56 loc) ā¢ 2.06 kB
JavaScript
/**
* TOPS BMAD Security Scanner CLI
*
* Usage:
* npx tops-bmad security-scan [project-path] [options]
* npx tops-bmad security-scan --help
*/
import { resolve, dirname } from 'path';
import { fileURLToPath } from 'url';
import { spawn } from 'child_process';
const __filename = fileURLToPath(import.meta.url);
const __dirname = dirname(__filename);
const PROJECT_ROOT = resolve(__dirname, '..');
const SCAN_SCRIPT = resolve(PROJECT_ROOT, 'security-tools', 'scripts', 'scan-workspace.js');
// Parse arguments
const args = process.argv.slice(2);
// Show help
if (args.includes('--help') || args.includes('-h')) {
console.log(`
š”ļø TOPS BMAD Security Scanner
Usage:
npx tops-bmad security-scan [project-path] [options]
Options:
<project-path> Project path to scan (default: current directory)
--recursive Scan all projects in workspace
--output-format <format> Output format: text, json, or sarif (default: text)
--scan-lockfiles Scan lockfiles (default: true)
--no-scan-lockfiles Skip lockfile scanning
--fail-on-critical Exit with error on critical findings
--fail-on-high Exit with error on high/critical findings
--fail-on-any Exit with error on any findings
--help, -h Show this help message
Examples:
npx tops-bmad security-scan
npx tops-bmad security-scan ./my-project
npx tops-bmad security-scan --recursive
npx tops-bmad security-scan . --output-format json --fail-on-critical
Other Commands:
npx tops-bmad security-update Update package database
npx tops-bmad security-dashboard Generate security dashboard
`);
process.exit(0);
}
// Spawn the scan script
const scanProcess = spawn('node', [SCAN_SCRIPT, ...args], {
stdio: 'inherit',
cwd: PROJECT_ROOT
});
scanProcess.on('close', (code) => {
process.exit(code || 0);
});
scanProcess.on('error', (error) => {
console.error('ā Error running security scan:', error.message);
process.exit(1);
});