@soluto-asurion/kamus-cli - npm Package Compare versions

Comparing version 0.2.1 to 0.2.2

lib/actions/encrypt.js

 const bluebird = require('bluebird');
 const opn = require('opn');
+const os = require('os');
 const url = require('url');
 const fs = require('fs');
+const Confirm = require('prompt-confirm');
 const request = require('request');
@@ -43,5 +45,19 @@ const { promisify } = require('util');
 
-const encrypt = async ({ secret, file, serviceAccount, namespace, kamusUrl, certFingerprint, fileEncoding }, token = null) => {
+const checkForNewlines = async (secret) => {
+    const eolIndex = secret.indexOf(os.EOL);
+    
+    if (eolIndex !== -1) {
+        const newlinesDetectedPrompt = new Confirm(`Secret contains newlines at index ${eolIndex}. Continue encrypting this secret?`);
+        const response = await newlinesDetectedPrompt.run();
+        
+        if (!response) {
+            throw new Error('Aborted secret encryption');
+        }
+    }
+};
+
+const encrypt = async ({ secret, secretFile, serviceAccount, namespace, kamusUrl, certFingerprint, fileEncoding }, token = null) => {
     // eslint-disable-next-line security/detect-non-literal-fs-filename
-    const data = file ? fs.readFileSync(file, { encoding: fileEncoding || DEFAULT_ENCODING }) : secret;
+    const data = secretFile ? fs.readFileSync(secretFile, { encoding: fileEncoding || DEFAULT_ENCODING }) : secret;
+    await checkForNewlines(data);
     const response = await performEncryptRequestAsync(data, serviceAccount, namespace, kamusUrl, certFingerprint, token);
@@ -54,8 +70,8 @@ if (response && response.statusCode >= 300) {
 
-const validateArguments = ({ secret, file, kamusUrl, allowInsecureUrl }) => {
-    if (!secret && !file) {
+const validateArguments = ({ secret, secretFile, kamusUrl, allowInsecureUrl }) => {
+    if (!secret && !secretFile) {
         throw new Error('Neither secret nor secret-file options were set.');
     }
 
-    if (secret && file) {
+    if (secret && secretFile) {
         throw new Error('Both secret nor secret-file options were set.');
@@ -62,0 +78,0 @@ }

package.json

 {
   "name": "@soluto-asurion/kamus-cli",
-  "version": "0.2.1",
+  "version": "0.2.2",
   "description": "CLI Tool to encrypt secrets for kamus",
@@ -36,2 +36,3 @@ "main": "index.js",
     "opn": "^5.4.0",
+    "prompt-confirm": "^2.0.4",
     "request": "^2.88.0"
@@ -43,2 +44,4 @@ },
     "eslint-plugin-security": "^1.4.0",
+    "husky": "^1.3.1",
+    "lint-staged": "^8.1.0",
     "mocha": "^5.2.0",
@@ -52,3 +55,17 @@ "mock-fs": "^4.7.0",
     "yarn.lock"
-  ]
+  ],
+  "husky": {
+    "hooks": {
+      "pre-commit": "lint-staged",
+      "pre-push": "yarn test --reporter min"
+    }
+  },
+  "lint-staged": {
+    "linters": {
+      "*.js": [
+        "eslint",
+        "git add"
+      ]
+    }
+  }
 }

README.md

@@ -49,1 +49,2 @@ [![npm version](https://badge.fury.io/js/%40soluto-asurion%2Fkamus-cli.svg)](https://badge.fury.io/js/%40soluto-asurion%2Fkamus-cli)
 | --log-encoding <encoding> | false | specify the log file's encoding.
+| --secret or --secret-file         |   true        |  the secret to encrypt, or the file containing it                  |               |

Fixed alerts

Major refactor

Supply chain risk

Package has recently undergone a major refactor. It may be unstable or indicate significant internal changes. Use caution when updating to versions that include significant changes.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

159818

increased by78.2%

Lines of code

203

increased by6.84%

Number of medium supply chain risk alerts

0

decreased by-100%

Worsened metrics

Dependency count

8

increased by14.29%

Dev dependency count

9

increased by28.57%

Dependency changes

• + Addedprompt-confirm@^2.0.4

• + Addedansi-bgblack@0.1.1(transitive)

• + Addedansi-bgblue@0.1.1(transitive)

• + Addedansi-bgcyan@0.1.1(transitive)

• + Addedansi-bggreen@0.1.1(transitive)

• + Addedansi-bgmagenta@0.1.1(transitive)

• + Addedansi-bgred@0.1.1(transitive)

• + Addedansi-bgwhite@0.1.1(transitive)

• + Addedansi-bgyellow@0.1.1(transitive)

• + Addedansi-black@0.1.1(transitive)

• + Addedansi-blue@0.1.1(transitive)

• + Addedansi-bold@0.1.1(transitive)

• + Addedansi-colors@0.2.0(transitive)

• + Addedansi-cyan@0.1.1(transitive)

• + Addedansi-dim@0.1.1(transitive)

• + Addedansi-gray@0.1.1(transitive)

• + Addedansi-green@0.1.1(transitive)

• + Addedansi-grey@0.1.1(transitive)

• + Addedansi-hidden@0.1.1(transitive)

• + Addedansi-inverse@0.1.1(transitive)

• + Addedansi-italic@0.1.1(transitive)

• + Addedansi-magenta@0.1.1(transitive)

• + Addedansi-red@0.1.1(transitive)

• + Addedansi-reset@0.1.1(transitive)

• + Addedansi-strikethrough@0.1.1(transitive)

• + Addedansi-underline@0.1.1(transitive)

• + Addedansi-white@0.1.1(transitive)

• + Addedansi-wrap@0.1.0(transitive)

• + Addedansi-yellow@0.1.1(transitive)

• + Addedarr-flatten@1.1.0(transitive)

• + Addedarr-swap@1.0.1(transitive)

• + Addedchoices-separator@2.0.0(transitive)

• + Addedclone-deep@1.0.04.0.1(transitive)

• + Addedcollection-visit@1.0.0(transitive)

• + Addedcomponent-emitter@1.3.1(transitive)

• + Addedcopy-descriptor@0.1.1(transitive)

• + Addeddebug@3.2.7(transitive)

• + Addeddefine-property@0.2.51.0.02.0.2(transitive)

• + Addederror-symbol@0.1.0(transitive)

• + Addedextend-shallow@2.0.1(transitive)

• + Addedfor-in@0.1.81.0.2(transitive)

• + Addedfor-own@1.0.0(transitive)

• + Addedfunction-bind@1.1.2(transitive)

• + Addedhasown@2.0.2(transitive)

• + Addedinfo-symbol@0.1.0(transitive)

• + Addedis-accessor-descriptor@1.0.1(transitive)

• + Addedis-buffer@1.1.6(transitive)

• + Addedis-data-descriptor@1.0.1(transitive)

• + Addedis-descriptor@0.1.71.0.3(transitive)

• + Addedis-extendable@0.1.1(transitive)

• + Addedis-number@3.0.06.0.0(transitive)

• + Addedis-plain-object@2.0.4(transitive)

• + Addedis-windows@1.0.2(transitive)

• + Addedisobject@3.0.1(transitive)

• + Addedkind-of@3.2.25.1.06.0.3(transitive)

• + Addedkoalas@1.0.2(transitive)

• + Addedlazy-cache@2.0.2(transitive)

• + Addedlog-ok@0.1.1(transitive)

• + Addedlog-utils@0.2.1(transitive)

• + Addedmap-visit@1.0.0(transitive)

• + Addedmixin-object@2.0.1(transitive)

• + Addedms@2.1.3(transitive)

• + Addedmute-stream@0.0.7(transitive)

• + Addedobject-copy@0.1.0(transitive)

• + Addedobject-visit@1.0.1(transitive)

• + Addedpointer-symbol@1.0.0(transitive)

• + Addedprompt-actions@3.0.2(transitive)

• + Addedprompt-base@4.1.0(transitive)

• + Addedprompt-choices@4.1.0(transitive)

• + Addedprompt-confirm@2.0.4(transitive)

• + Addedprompt-question@5.0.2(transitive)

• + Addedradio-symbol@2.0.0(transitive)

• + Addedreadline-ui@2.2.3(transitive)

• + Addedreadline-utils@2.2.3(transitive)

• + Addedset-getter@0.1.1(transitive)

• + Addedset-value@3.0.3(transitive)

• + Addedshallow-clone@1.0.03.0.1(transitive)

• + Addedstatic-extend@0.1.2(transitive)

• + Addedstrip-color@0.1.0(transitive)

• + Addedsuccess-symbol@0.1.0(transitive)

• + Addedterminal-paginator@2.0.2(transitive)

• + Addedtime-stamp@1.1.0(transitive)

• + Addedto-object-path@0.3.0(transitive)

• + Addedtoggle-array@1.0.1(transitive)

• + Addedwarning-symbol@0.1.0(transitive)

• + Addedwindow-size@1.1.1(transitive)