vibe-guard
Version:
██ Vibe-Guard Security Scanner - 28 essential security rules to catch vulnerabilities before they catch you! Zero dependencies, instant setup, works everywhere, optimized performance. Detects SQL injection, XSS, exposed secrets, CSRF, CORS issues, contain
372 lines (370 loc) • 21.1 kB
JavaScript
;
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
var desc = Object.getOwnPropertyDescriptor(m, k);
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
desc = { enumerable: true, get: function() { return m[k]; } };
}
Object.defineProperty(o, k2, desc);
}) : (function(o, m, k, k2) {
if (k2 === undefined) k2 = k;
o[k2] = m[k];
}));
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
Object.defineProperty(o, "default", { enumerable: true, value: v });
}) : function(o, v) {
o["default"] = v;
});
var __importStar = (this && this.__importStar) || (function () {
var ownKeys = function(o) {
ownKeys = Object.getOwnPropertyNames || function (o) {
var ar = [];
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
return ar;
};
return ownKeys(o);
};
return function (mod) {
if (mod && mod.__esModule) return mod;
var result = {};
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
__setModuleDefault(result, mod);
return result;
};
})();
var __importDefault = (this && this.__importDefault) || function (mod) {
return (mod && mod.__esModule) ? mod : { "default": mod };
};
Object.defineProperty(exports, "__esModule", { value: true });
const commander_1 = require("commander");
const chalk_1 = __importDefault(require("chalk"));
const index_1 = __importDefault(require("../index"));
const version_1 = require("../types/version");
const program = new commander_1.Command();
// ASCII Art Logo
function displayLogo() {
// Professional blue gradient effect
const logo = [
'██╗ ██╗██╗██████╗ ███████╗ ██████╗ ██╗ ██╗ █████╗ ██████╗ ██████╗ ',
'╚██╗ ██╔╝██║██╔══██╗██╔════╝ ██╔════╝ ██║ ██║██╔══██╗██╔══██╗██╔══██╗',
' ╚████╔╝ ██║██████╔╝█████╗ ██║ ███╗██║ ██║███████║██████╔╝██║ ██║',
' ╚██╔╝ ██║██╔══██╗██╔══╝ ██║ ██║██║ ██║██╔══██║██╔══██╗██║ ██║',
' ██║ ██║██████╔╝███████╗ ╚██████╔╝╚██████╔╝██║ ██║██║ ██║██████╔╝',
' ╚═╝ ╚═╝╚═════╝ ╚══════╝ ╚═════╝ ╚═════╝ ╚═╝ ╚═╝╚═╝ ╚═╝╚═════╝ '
];
// Subtle gradient from dark blue to lighter blue
logo.forEach((line, index) => {
let color;
switch (index) {
case 0:
color = chalk_1.default.blue;
break;
case 1:
color = chalk_1.default.blueBright;
break;
case 2:
color = chalk_1.default.cyan;
break;
case 3:
color = chalk_1.default.cyanBright;
break;
case 4:
color = chalk_1.default.blueBright;
break;
case 5:
color = chalk_1.default.blue;
break;
default: color = chalk_1.default.blue;
}
console.log(color.bold(line));
});
// Clean subtitle with subtle accent
console.log(chalk_1.default.blue.bold(' ██ SECURITY SCANNER ██\n'));
}
program
.name('vibe-guard')
.description('██ Vibe-Guard Security Scanner - Catch security issues before they catch you!')
.version(version_1.VERSION)
.hook('preAction', () => {
displayLogo();
});
const fs = __importStar(require("fs"));
async function handleScan(target, options) {
try {
console.log(chalk_1.default.blue.bold('╔══════════════════════════════════════════════════════════════════════════════╗'));
console.log(chalk_1.default.blue.bold('║ STARTING VIBE-GUARD SECURITY SCAN ║'));
console.log(chalk_1.default.blue.bold('║ THREAT DETECTION ACTIVE ║'));
console.log(chalk_1.default.blue.bold('╚══════════════════════════════════════════════════════════════════════════════╝\n'));
// Validate severity level if provided
if (options.severity && !['critical', 'high', 'medium', 'low'].includes(options.severity)) {
console.error(chalk_1.default.red.bold('❌ Error: Invalid severity level. Must be one of: critical, high, medium, low'));
process.exit(1);
}
const scanOptions = {
target,
format: options.format,
verbose: options.verbose,
exclude: options.exclude,
include: options.include
};
// Add optional properties only when they have values
if (options.severity)
scanOptions.severity = options.severity;
if (options.config)
scanOptions.config = options.config;
if (options.parallel)
scanOptions.parallel = options.parallel;
if (options.maxFiles)
scanOptions.maxFiles = parseInt(options.maxFiles);
const vibeGuard = new index_1.default();
const output = await vibeGuard.scanAndFormat(scanOptions);
if (options.outputFile) {
fs.writeFileSync(options.outputFile, output);
console.log(chalk_1.default.green(`✅ Results written to: ${options.outputFile}`));
}
else {
console.log(output);
}
const result = await vibeGuard.scan(scanOptions);
if (result.issuesFound > 0) {
process.exit(1);
}
}
catch (error) {
console.error(chalk_1.default.red.bold('❌ Error:'), error instanceof Error ? error.message : 'Unknown error');
process.exit(1);
}
}
program
.command('scan')
.description('Scan files or directories for security issues')
.argument('<target>', 'File or directory to scan')
.option('-f, --format <format>', 'Output format (table, json, sarif, html)')
.option('-o, --output-file <file>', 'Write output to file')
.option('-v, --verbose', 'Verbose output', false)
.option('-s, --severity <level>', 'Minimum severity level (critical, high, medium, low)')
.option('-c, --config <file>', 'Path to configuration file')
.option('--parallel', 'Enable parallel processing for better performance')
.option('--max-files <number>', 'Maximum files to process concurrently')
.option('--exclude <patterns...>', 'Exclude patterns')
.option('--include <patterns...>', 'Include patterns')
.action(handleScan);
program
.command('rules')
.description('List all available security rules')
.action(() => {
const vibeGuard = new index_1.default();
const rules = vibeGuard.getRules();
console.log(chalk_1.default.blue.bold('╔══════════════════════════════════════════════════════════════════════════════╗'));
console.log(chalk_1.default.blue.bold('║ AVAILABLE SECURITY RULES ║'));
console.log(chalk_1.default.blue.bold('║ THREAT DETECTION MATRIX ║'));
console.log(chalk_1.default.blue.bold('╚══════════════════════════════════════════════════════════════════════════════╝\n'));
rules.forEach(rule => {
const severityColor = rule.severity === 'critical' ? chalk_1.default.red.bold :
rule.severity === 'high' ? chalk_1.default.red :
rule.severity === 'medium' ? chalk_1.default.yellow :
chalk_1.default.blue;
console.log(`${chalk_1.default.bold(rule.name)} ${severityColor(`[${rule.severity.toUpperCase()}]`)}`);
console.log(` ${chalk_1.default.gray(rule.description)}\n`);
});
});
program
.command('version')
.description('Show version information')
.action(() => {
console.log(chalk_1.default.blue.bold('╔══════════════════════════════════════════════════════════════════════════════╗'));
console.log(chalk_1.default.blue.bold('║ VIBE-GUARD SECURITY SCANNER ║'));
console.log(chalk_1.default.blue.bold('║ THREAT DETECTION ENGINE ║'));
console.log(chalk_1.default.blue.bold('╚══════════════════════════════════════════════════════════════════════════════╝'));
const vibeGuard = new index_1.default();
console.log(chalk_1.default.blue.bold(`\nVERSION: ${vibeGuard.getVersion()}`));
console.log(chalk_1.default.gray('Built for developers who code fast and need security that keeps up! 🚀'));
console.log(chalk_1.default.gray('TypeScript-powered, zero-dependency security scanning'));
});
program
.command('init')
.description('Create a default vibe-guard.json configuration file')
.action(() => {
const vibeGuard = new index_1.default();
vibeGuard.createConfigFile();
});
program
.command('start')
.description('Start interactive Vibe-Guard session')
.action(async () => {
console.log(chalk_1.default.blue.bold('╔══════════════════════════════════════════════════════════════════════════════╗'));
console.log(chalk_1.default.blue.bold('║ WELCOME TO VIBE-GUARD INTERACTIVE ║'));
console.log(chalk_1.default.blue.bold('║ INTERACTIVE SECURITY SCANNING ║'));
console.log(chalk_1.default.blue.bold('╚══════════════════════════════════════════════════════════════════════════════╝\n'));
console.log(chalk_1.default.cyan.bold('Choose an option:\n'));
console.log(chalk_1.default.white('1. 🔍 Scan a file or directory'));
console.log(chalk_1.default.white('2. 📋 View all security rules'));
console.log(chalk_1.default.white('3. ⚙️ Create configuration file'));
console.log(chalk_1.default.white('4. 📊 Show sample configuration'));
console.log(chalk_1.default.white('5. ℹ️ About Vibe-Guard'));
console.log(chalk_1.default.white('6. 🚪 Exit\n'));
// For now, just show the menu and exit
// In a full implementation, you'd use a library like 'inquirer' for interactive prompts
console.log(chalk_1.default.yellow('💡 Tip: Use specific commands for direct access:'));
console.log(chalk_1.default.gray(' vibe-guard scan <target> - Scan files/directories'));
console.log(chalk_1.default.gray(' vibe-guard rules - View security rules'));
console.log(chalk_1.default.gray(' vibe-guard init - Create config file'));
console.log(chalk_1.default.gray(' vibe-guard config - Show sample config'));
console.log(chalk_1.default.gray(' vibe-guard version - Show version info\n'));
console.log(chalk_1.default.blue.bold('╔══════════════════════════════════════════════════════════════════════════════╗'));
console.log(chalk_1.default.blue.bold('║ THANK YOU FOR USING VIBE-GUARD ║'));
console.log(chalk_1.default.blue.bold('║ STAY SECURE! 🚀 ║'));
console.log(chalk_1.default.blue.bold('╚══════════════════════════════════════════════════════════════════════════════╝'));
});
program
.command('config')
.description('Show sample configuration')
.action(() => {
const vibeGuard = new index_1.default();
console.log(chalk_1.default.blue.bold('📝 Sample vibe-guard.json Configuration:\n'));
console.log(vibeGuard.generateConfig());
});
program
.command('learn')
.description('Learn about security concepts and vulnerabilities')
.argument('[topic]', 'Security topic to learn about (xss, sql-injection, csrf, etc.)')
.action((topic) => {
const vibeGuard = new index_1.default();
if (topic) {
const rule = vibeGuard.getRuleByName(topic);
if (rule) {
console.log(chalk_1.default.blue.bold(`📚 Learning about: ${rule.name}\n`));
console.log(chalk_1.default.white(rule.description));
console.log(chalk_1.default.yellow(`\nSeverity: ${rule.severity.toUpperCase()}`));
console.log(chalk_1.default.gray(`\nThis rule helps detect ${rule.name.toLowerCase()} vulnerabilities.`));
}
else {
console.log(chalk_1.default.red(`❌ Unknown topic: ${topic}`));
console.log(chalk_1.default.gray('Use "vibe-guard rules" to see available topics.'));
}
}
else {
console.log(chalk_1.default.blue.bold('📚 Vibe-Guard Security Learning Center\n'));
console.log(chalk_1.default.white('Learn about security vulnerabilities and how to prevent them.\n'));
console.log(chalk_1.default.yellow('Available topics:'));
const rules = vibeGuard.getRules();
rules.forEach(rule => {
console.log(` • ${rule.name.toLowerCase().replace(/-/g, ' ')}`);
});
console.log(chalk_1.default.gray('\nExample: vibe-guard learn xss-detection'));
}
});
program
.command('demo')
.description('Run security scan on demo files to see how it works')
.action(async () => {
console.log(chalk_1.default.blue.bold('🎯 Vibe-Guard Security Demo\n'));
console.log(chalk_1.default.white('Creating demo files with security vulnerabilities...\n'));
const demoDir = './vibe-guard-demo';
if (!fs.existsSync(demoDir)) {
fs.mkdirSync(demoDir);
}
const xssDemo = `${demoDir}/vulnerable-app.js`;
fs.writeFileSync(xssDemo, `
// Demo file with XSS vulnerability
app.get('/user', (req, res) => {
const userInput = req.query.name;
res.send('<h1>Hello ' + userInput + '</h1>'); // XSS vulnerability
});
// SQL Injection demo
app.get('/users', (req, res) => {
const id = req.query.id;
const query = 'SELECT * FROM users WHERE id = ' + id; // SQL injection
db.query(query);
});
// Hardcoded secrets
const API_KEY = 'sk-1234567890abcdef'; // Exposed secret
const PASSWORD = 'admin123'; // Hardcoded password
`);
console.log(chalk_1.default.green('✅ Created demo files with security vulnerabilities'));
console.log(chalk_1.default.gray(`Location: ${demoDir}`));
console.log(chalk_1.default.white('\nRunning security scan...\n'));
try {
const vibeGuard = new index_1.default();
const output = await vibeGuard.scanAndFormat({
target: demoDir,
format: 'table',
verbose: true
});
console.log(output);
console.log(chalk_1.default.blue('\n🎓 What you learned:'));
console.log(chalk_1.default.white('• XSS vulnerabilities in user input'));
console.log(chalk_1.default.white('• SQL injection in database queries'));
console.log(chalk_1.default.white('• Exposed secrets and hardcoded credentials'));
console.log(chalk_1.default.gray('\nClean up: rm -rf vibe-guard-demo'));
}
catch (error) {
console.error(chalk_1.default.red('Error running demo:', error));
}
});
program
.command('community')
.description('Join the Vibe-Guard community and contribute')
.action(() => {
console.log(chalk_1.default.blue.bold('🤝 Vibe-Guard Community\n'));
console.log(chalk_1.default.white('Join us in making the web more secure!\n'));
console.log(chalk_1.default.yellow('📚 Learn:'));
console.log(chalk_1.default.white(' • vibe-guard learn [topic] - Learn about security concepts'));
console.log(chalk_1.default.white(' • vibe-guard demo - Try the tool with demo files\n'));
console.log(chalk_1.default.yellow('🔧 Contribute:'));
console.log(chalk_1.default.white(' • GitHub: https://github.com/Devjosef/vibe-guard'));
console.log(chalk_1.default.white(' • Issues: https://github.com/Devjosef/vibe-guard/issues'));
console.log(chalk_1.default.white(' • Discussions: https://github.com/Devjosef/vibe-guard/discussions\n'));
console.log(chalk_1.default.yellow('📖 Resources:'));
console.log(chalk_1.default.white(' • Documentation: https://devjosef.github.io/vibe-guard/'));
console.log(chalk_1.default.white(' • Security Rules: vibe-guard rules'));
console.log(chalk_1.default.white(' • Examples: vibe-guard demo\n'));
console.log(chalk_1.default.gray('Built for developers who code fast and need security that keeps up!'));
});
program
.command('stats')
.description('Show Vibe-Guard usage statistics and impact')
.action(() => {
console.log(chalk_1.default.blue.bold('📊 Vibe-Guard Impact Statistics\n'));
console.log(chalk_1.default.white('Your security scanning impact:\n'));
console.log(chalk_1.default.yellow('██ Security Rules: 25'));
console.log(chalk_1.default.white(' • Covers OWASP Top 10'));
console.log(chalk_1.default.white(' • Modern web vulnerabilities'));
console.log(chalk_1.default.white(' • AI/ML security concerns\n'));
console.log(chalk_1.default.yellow('🌍 Global Reach:'));
console.log(chalk_1.default.white(' • Cross-platform (Linux, macOS, Windows)'));
console.log(chalk_1.default.white(' • Multiple package managers'));
console.log(chalk_1.default.white(' • Zero dependencies\n'));
console.log(chalk_1.default.yellow('🎯 Use Cases:'));
console.log(chalk_1.default.white(' • CI/CD security scanning'));
console.log(chalk_1.default.white(' • Pre-commit hooks'));
console.log(chalk_1.default.white(' • Security audits'));
console.log(chalk_1.default.white(' • Educational tool\n'));
console.log(chalk_1.default.gray('Every scan makes the web a little more secure! 🚀'));
});
process.on('unhandledRejection', (reason, promise) => {
console.error(chalk_1.default.red.bold('❌ Unhandled Rejection at:'), promise, chalk_1.default.red('reason:'), reason);
process.exit(1);
});
process.on('uncaughtException', (error) => {
console.error(chalk_1.default.red.bold('❌ Uncaught Exception:'), error);
process.exit(1);
});
program
.argument('[target]', 'File or directory to scan')
.option('-f, --format <format>', 'Output format (table, json, sarif, html)')
.option('-o, --output-file <file>', 'Write output to file')
.option('-v, --verbose', 'Verbose output', false)
.option('--exclude <patterns...>', 'Exclude patterns')
.option('--include <patterns...>', 'Include patterns')
.action((target, options) => {
if (target) {
handleScan(target, options);
}
else {
program.help();
}
});
program.parse();
//# sourceMappingURL=vibe-guard.js.map