@sublime13/security v1.0.0

@codepulse/security

Security automation and scanning for CodePulse projects.

Features

• Vulnerability Scanning: Scan your codebase for security vulnerabilities
• Dependency Audit: Check for vulnerable dependencies
• Auto-fix: Automatically fix security issues where possible
• Custom Rules: Define custom security rules in your project
• Integration: Works with Snyk and npm audit

Installation

npm install @codepulse/security --save-dev

Usage

Basic Scanning

npx codepulse-security scan

Dependency Audit

npx codepulse-security audit

Fix Security Issues

# Interactive fix
npx codepulse-security fix

# Auto-fix
npx codepulse-security fix --auto

Configuration

Create a .codepulse-security.json file in your project root:

{
  "rules": {
    "vulnerability_scanning": {
      "enabled": true,
      "severity_threshold": "high",
      "ignore_patterns": [
        "**/node_modules/**",
        "**/dist/**",
        "**/build/**"
      ]
    },
    "dependency_audit": {
      "enabled": true,
      "check_frequency": "daily",
      "auto_update": {
        "enabled": true,
        "level": "patch"
      }
    }
  }
}

Integration

GitHub Actions

Add this to your workflow:

- name: Security Scan
  uses: codepulse/security@v1
  with:
    directory: ${{ github.workspace }}

VS Code

Install the CodePulse Security extension for real-time security feedback.

Contributing

1. Fork the repository
2. Create your feature branch (git checkout -b feature/amazing-feature)
3. Commit your changes (git commit -m 'Add some amazing feature')
4. Push to the branch (git push origin feature/amazing-feature)
5. Open a Pull Request

License

MIT