f407d04eef
* feat(security): add core security command for vulnerability alerts Adds `core security` command area to expose GitHub security data: - `core security alerts` - aggregated view of all security alerts - `core security deps` - Dependabot vulnerability alerts with upgrade paths - `core security scan` - CodeQL and code scanning alerts - `core security secrets` - secret scanning alerts Features: - Filter by --repo, --severity (critical,high,medium,low) - JSON output with --json for AI agent consumption - Aggregated summary with severity breakdown - Shows patched versions for easy upgrades Closes #48 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): address CodeRabbit review feedback - Remove unused flattened fields from DependabotAlert struct - Add Unknown field to AlertSummary for unrecognized severities - Add doc comments for exported Add and String methods - Use cli.Wrap for contextual error wrapping - Fix secret scanning summary counting after filter - Remove unused --vulnerable flag from deps command - Fix JSON output to only include open alerts in secrets command Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): handle json.MarshalIndent errors Address CodeRabbit review feedback by properly handling errors from json.MarshalIndent in all security subcommands instead of ignoring them. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
435 lines
19 KiB
JSON
435 lines
19 KiB
JSON
{
|
|
"gram": {
|
|
"verb": {
|
|
"be": { "base": "be", "past": "was", "gerund": "being" },
|
|
"go": { "base": "go", "past": "went", "gerund": "going" },
|
|
"do": { "base": "do", "past": "did", "gerund": "doing" },
|
|
"have": { "base": "have", "past": "had", "gerund": "having" },
|
|
"make": { "base": "make", "past": "made", "gerund": "making" },
|
|
"get": { "base": "get", "past": "got", "gerund": "getting" },
|
|
"run": { "base": "run", "past": "ran", "gerund": "running" },
|
|
"write": { "base": "write", "past": "wrote", "gerund": "writing" },
|
|
"build": { "base": "build", "past": "built", "gerund": "building" },
|
|
"send": { "base": "send", "past": "sent", "gerund": "sending" },
|
|
"find": { "base": "find", "past": "found", "gerund": "finding" },
|
|
"take": { "base": "take", "past": "took", "gerund": "taking" },
|
|
"begin": { "base": "begin", "past": "began", "gerund": "beginning" },
|
|
"keep": { "base": "keep", "past": "kept", "gerund": "keeping" },
|
|
"hold": { "base": "hold", "past": "held", "gerund": "holding" },
|
|
"bring": { "base": "bring", "past": "brought", "gerund": "bringing" },
|
|
"think": { "base": "think", "past": "thought", "gerund": "thinking" },
|
|
"buy": { "base": "buy", "past": "bought", "gerund": "buying" },
|
|
"catch": { "base": "catch", "past": "caught", "gerund": "catching" },
|
|
"choose": { "base": "choose", "past": "chose", "gerund": "choosing" },
|
|
"lose": { "base": "lose", "past": "lost", "gerund": "losing" },
|
|
"win": { "base": "win", "past": "won", "gerund": "winning" },
|
|
"meet": { "base": "meet", "past": "met", "gerund": "meeting" },
|
|
"lead": { "base": "lead", "past": "led", "gerund": "leading" },
|
|
"leave": { "base": "leave", "past": "left", "gerund": "leaving" },
|
|
"spend": { "base": "spend", "past": "spent", "gerund": "spending" },
|
|
"pay": { "base": "pay", "past": "paid", "gerund": "paying" },
|
|
"sell": { "base": "sell", "past": "sold", "gerund": "selling" },
|
|
"commit": { "base": "commit", "past": "committed", "gerund": "committing" },
|
|
"stop": { "base": "stop", "past": "stopped", "gerund": "stopping" },
|
|
"scan": { "base": "scan", "past": "scanned", "gerund": "scanning" },
|
|
"format": { "base": "format", "past": "formatted", "gerund": "formatting" },
|
|
"set": { "base": "set", "past": "set", "gerund": "setting" },
|
|
"put": { "base": "put", "past": "put", "gerund": "putting" },
|
|
"cut": { "base": "cut", "past": "cut", "gerund": "cutting" },
|
|
"hit": { "base": "hit", "past": "hit", "gerund": "hitting" },
|
|
"sit": { "base": "sit", "past": "sat", "gerund": "sitting" },
|
|
"split": { "base": "split", "past": "split", "gerund": "splitting" },
|
|
"shut": { "base": "shut", "past": "shut", "gerund": "shutting" }
|
|
},
|
|
"noun": {
|
|
"file": { "one": "file", "other": "files" },
|
|
"repo": { "one": "repo", "other": "repos" },
|
|
"repository": { "one": "repository", "other": "repositories" },
|
|
"commit": { "one": "commit", "other": "commits" },
|
|
"branch": { "one": "branch", "other": "branches" },
|
|
"change": { "one": "change", "other": "changes" },
|
|
"item": { "one": "item", "other": "items" },
|
|
"issue": { "one": "issue", "other": "issues" },
|
|
"task": { "one": "task", "other": "tasks" },
|
|
"person": { "one": "person", "other": "people" },
|
|
"child": { "one": "child", "other": "children" },
|
|
"package": { "one": "package", "other": "packages" },
|
|
"artifact": { "one": "artifact", "other": "artifacts" },
|
|
"vulnerability": { "one": "vulnerability", "other": "vulnerabilities" },
|
|
"dependency": { "one": "dependency", "other": "dependencies" },
|
|
"directory": { "one": "directory", "other": "directories" },
|
|
"category": { "one": "category", "other": "categories" },
|
|
"query": { "one": "query", "other": "queries" }
|
|
},
|
|
"article": {
|
|
"indefinite": { "default": "a", "vowel": "an" },
|
|
"definite": "the"
|
|
},
|
|
"word": {
|
|
"url": "URL",
|
|
"id": "ID",
|
|
"ok": "OK",
|
|
"ci": "CI",
|
|
"qa": "QA",
|
|
"php": "PHP",
|
|
"sdk": "SDK",
|
|
"html": "HTML",
|
|
"cgo": "CGO",
|
|
"pid": "PID",
|
|
"cpus": "CPUs",
|
|
"ssh": "SSH",
|
|
"ssl": "SSL",
|
|
"api": "API",
|
|
"pr": "PR",
|
|
"vite": "Vite",
|
|
"pnpm": "pnpm",
|
|
"app_url": "app URL",
|
|
"blocked_by": "blocked by",
|
|
"claimed_by": "claimed by",
|
|
"related_files": "related files",
|
|
"up_to_date": "up to date",
|
|
"dry_run": "dry run",
|
|
"go_mod": "go.mod"
|
|
},
|
|
"punct": {
|
|
"label": ":",
|
|
"progress": "..."
|
|
},
|
|
"number": {
|
|
"thousands": ",",
|
|
"decimal": ".",
|
|
"percent": "%s%%"
|
|
}
|
|
},
|
|
"prompt": {
|
|
"yes": "y",
|
|
"no": "n",
|
|
"continue": "Continue?",
|
|
"proceed": "Proceed?",
|
|
"confirm": "Are you sure?",
|
|
"overwrite": "Overwrite?",
|
|
"discard": "Discard changes?"
|
|
},
|
|
"time": {
|
|
"just_now": "just now",
|
|
"ago": {
|
|
"second": { "one": "{{.Count}} second ago", "other": "{{.Count}} seconds ago" },
|
|
"minute": { "one": "{{.Count}} minute ago", "other": "{{.Count}} minutes ago" },
|
|
"hour": { "one": "{{.Count}} hour ago", "other": "{{.Count}} hours ago" },
|
|
"day": { "one": "{{.Count}} day ago", "other": "{{.Count}} days ago" },
|
|
"week": { "one": "{{.Count}} week ago", "other": "{{.Count}} weeks ago" }
|
|
}
|
|
},
|
|
"cmd": {
|
|
"ai": {
|
|
"short": "AI agent task management",
|
|
"claude.short": "Claude Code integration",
|
|
"task.short": "Show task details or auto-select a task",
|
|
"task.id_required": "task ID required (or use --auto)",
|
|
"task.no_pending": "No pending tasks available.",
|
|
"tasks.short": "List available tasks from core-agentic",
|
|
"task_commit.short": "Auto-commit changes with task reference",
|
|
"task_commit.no_changes": "No uncommitted changes to commit.",
|
|
"task_complete.short": "Mark a task as completed",
|
|
"task_pr.short": "Create a pull request for a task",
|
|
"task_pr.branch_error": "cannot create PR from {{.Branch}} branch; create a feature branch first",
|
|
"task_update.short": "Update task status or progress"
|
|
},
|
|
"build": {
|
|
"short": "Build projects with auto-detection and cross-compilation",
|
|
"error.invalid_target": "invalid target format \"{{.Target}}\", expected OS/arch (e.g., linux/amd64)",
|
|
"error.no_project_type": "no supported project type detected in {{.Dir}}\nSupported types: go (go.mod), wails (wails.json), node (package.json), php (composer.json)",
|
|
"from_path.short": "Build from a local directory",
|
|
"pwa.short": "Build from a live PWA URL",
|
|
"sdk.short": "Generate API SDKs from OpenAPI spec"
|
|
},
|
|
"ci": {
|
|
"short": "Publish releases (dry-run by default)",
|
|
"dry_run_hint": "(dry-run) use --we-are-go-for-launch to publish",
|
|
"go_for_launch": "GO FOR LAUNCH",
|
|
"init.short": "Initialize release configuration",
|
|
"changelog.short": "Generate changelog",
|
|
"version.short": "Show or set version"
|
|
},
|
|
"dev": {
|
|
"short": "Multi-repo development workflow",
|
|
"no_changes": "No uncommitted changes found.",
|
|
"no_git_repos": "No git repositories found.",
|
|
"confirm_claude_commit": "Have Claude commit these repos?",
|
|
"health.short": "Quick health check across all repos",
|
|
"health.long": "Shows a summary of repository health across all repos in the workspace.",
|
|
"health.flag.verbose": "Show detailed breakdown",
|
|
"health.repos": "repos",
|
|
"health.to_push": "to push",
|
|
"health.to_pull": "to pull",
|
|
"health.errors": "errors",
|
|
"health.more": "+{{.Count}} more",
|
|
"health.dirty_label": "Dirty:",
|
|
"health.ahead_label": "Ahead:",
|
|
"health.behind_label": "Behind:",
|
|
"health.errors_label": "Errors:",
|
|
"status.clean": "clean",
|
|
"commit.short": "Claude-assisted commits across repos",
|
|
"push.short": "Push commits across all repos",
|
|
"push.diverged": "branch has diverged from remote",
|
|
"push.diverged_help": "Some repos have diverged (local and remote have different commits).",
|
|
"push.uncommitted_changes_commit": "You have uncommitted changes. Commit with Claude first?",
|
|
"pull.short": "Pull updates across all repos",
|
|
"work.short": "Multi-repo git operations",
|
|
"work.use_commit_flag": "Use --commit to have Claude create commits",
|
|
"issues.short": "List open issues across all repos",
|
|
"reviews.short": "List PRs needing review across all repos",
|
|
"ci.short": "Check CI status across all repos",
|
|
"impact.short": "Show impact of changing a repo",
|
|
"impact.requires_registry": "impact analysis requires repos.yaml with dependency information",
|
|
"sync.short": "Synchronizes public service APIs with internal implementations",
|
|
"vm.short": "Dev environment commands",
|
|
"vm.not_installed": "dev environment not installed (run 'core dev install' first)",
|
|
"vm.not_running": "Dev environment is not running"
|
|
},
|
|
"docs": {
|
|
"short": "Documentation management",
|
|
"list.short": "List documentation across repos",
|
|
"sync.short": "Sync documentation to core-php/docs/packages/"
|
|
},
|
|
"doctor": {
|
|
"short": "Check development environment",
|
|
"ready": "Doctor: Environment ready",
|
|
"no_repos_yaml": "No repos.yaml found (run from workspace directory)",
|
|
"install_missing": "Install missing tools:",
|
|
"install_macos": "brew install git gh php composer node pnpm docker",
|
|
"ssh_missing": "SSH key missing - run: ssh-keygen && gh ssh-key add"
|
|
},
|
|
"go": {
|
|
"short": "Go development tools",
|
|
"test.short": "Run Go tests",
|
|
"cov.short": "Run tests with coverage report",
|
|
"fmt.short": "Format Go code",
|
|
"lint.short": "Run golangci-lint",
|
|
"install.short": "Install Go binary",
|
|
"mod.short": "Module management",
|
|
"work.short": "Workspace management"
|
|
},
|
|
"php": {
|
|
"short": "Laravel/PHP development tools",
|
|
"dev.short": "Start Laravel development environment",
|
|
"dev.press_ctrl_c": "Press Ctrl+C to stop all services",
|
|
"test.short": "Run PHP tests (PHPUnit/Pest)",
|
|
"fmt.short": "Format PHP code with Laravel Pint",
|
|
"analyse.short": "Run PHPStan static analysis",
|
|
"audit.short": "Security audit for dependencies",
|
|
"psalm.short": "Run Psalm static analysis",
|
|
"rector.short": "Automated code refactoring",
|
|
"infection.short": "Mutation testing for test quality",
|
|
"security.short": "Security vulnerability scanning",
|
|
"qa.short": "Run full QA pipeline",
|
|
"build.short": "Build Docker or LinuxKit image",
|
|
"deploy.short": "Deploy to Coolify",
|
|
"serve.short": "Run production container",
|
|
"ssl.short": "Setup SSL certificates with mkcert",
|
|
"packages.short": "Manage local PHP packages"
|
|
},
|
|
"pkg": {
|
|
"short": "Package management for core-* repos",
|
|
"install.short": "Clone a package from GitHub",
|
|
"list.short": "List installed packages",
|
|
"update.short": "Update installed packages",
|
|
"outdated.short": "Check for outdated packages",
|
|
"search.short": "Search GitHub for packages",
|
|
"error.invalid_repo_format": "invalid repo format: use org/repo (e.g., host-uk/core-php)"
|
|
},
|
|
"sdk": {
|
|
"short": "SDK validation and API compatibility tools",
|
|
"diff.short": "Check for breaking API changes",
|
|
"validate.short": "Validate OpenAPI spec"
|
|
},
|
|
"setup": {
|
|
"short": "Bootstrap workspace or clone packages from registry",
|
|
"complete": "Setup complete",
|
|
"bootstrap_mode": "Bootstrap mode (no repos.yaml found)",
|
|
"nothing_to_clone": "Nothing to clone.",
|
|
"wizard.select_packages": "Select packages to clone",
|
|
"wizard.what_to_do": "What would you like to do?",
|
|
"github.short": "Configure GitHub repos with org standards",
|
|
"github.long": "Configure GitHub repositories with organisation standards including labels, webhooks, branch protection, and security settings.",
|
|
"github.flag.repo": "Specific repo to setup",
|
|
"github.flag.all": "Setup all repos in registry",
|
|
"github.flag.labels": "Only sync labels",
|
|
"github.flag.webhooks": "Only sync webhooks",
|
|
"github.flag.protection": "Only sync branch protection",
|
|
"github.flag.security": "Only sync security settings",
|
|
"github.flag.check": "Dry-run: show what would change",
|
|
"github.flag.config": "Path to github.yaml config",
|
|
"github.dry_run_mode": "(dry run) no changes will be made",
|
|
"github.no_repos_specified": "No repos specified.",
|
|
"github.usage_hint": "Use --repo <name> for a single repo, or --all for all repos",
|
|
"github.no_changes": "no changes needed",
|
|
"github.repos_checked": "Repos checked",
|
|
"github.repos_with_changes": "Repos with changes",
|
|
"github.all_up_to_date": "All repos are up to date",
|
|
"github.to_create": "To create",
|
|
"github.to_update": "To update",
|
|
"github.to_delete": "To delete",
|
|
"github.run_without_check": "Run without --check to apply changes",
|
|
"github.error.not_authenticated": "GitHub CLI not authenticated. Run: gh auth login",
|
|
"github.error.config_not_found": "GitHub config file not found",
|
|
"github.error.conflicting_flags": "Cannot use --repo and --all together"
|
|
},
|
|
"security": {
|
|
"short": "Security alerts and vulnerability scanning",
|
|
"long": "View security alerts from Dependabot, code scanning, and secret scanning across repositories.",
|
|
"alerts.short": "List all security alerts across repos",
|
|
"alerts.long": "List security alerts from Dependabot, code scanning, and secret scanning. Aggregates alerts across all repos in the registry.",
|
|
"deps.short": "List Dependabot vulnerability alerts",
|
|
"deps.long": "List vulnerable dependencies detected by Dependabot with upgrade recommendations.",
|
|
"deps.flag.vulnerable": "Show only vulnerable dependencies",
|
|
"scan.short": "List code scanning alerts",
|
|
"scan.long": "List code scanning alerts from tools like CodeQL, Semgrep, etc.",
|
|
"scan.flag.tool": "Filter by tool name (e.g., codeql, semgrep)",
|
|
"secrets.short": "List exposed secrets",
|
|
"secrets.long": "List secrets detected by GitHub secret scanning.",
|
|
"flag.repo": "Specific repo to check",
|
|
"flag.severity": "Filter by severity (critical,high,medium,low)"
|
|
},
|
|
"qa": {
|
|
"short": "Quality assurance workflows",
|
|
"long": "Quality assurance commands for verifying work - CI status, reviews, issues.",
|
|
"watch.short": "Watch GitHub Actions after a push",
|
|
"watch.long": "Monitor GitHub Actions workflow runs triggered by a commit, showing live progress and actionable failure details.",
|
|
"watch.flag.repo": "Repository to watch (default: current)",
|
|
"watch.flag.commit": "Commit SHA to watch (default: HEAD)",
|
|
"watch.flag.timeout": "Timeout duration (default: 10m)",
|
|
"watch.commit": "Commit:",
|
|
"watch.waiting_for_workflows": "Waiting for workflows to start...",
|
|
"watch.timeout": "Timeout after {{.Duration}} waiting for workflows",
|
|
"watch.workflows_failed": "{{.Count}} workflow(s) failed",
|
|
"watch.all_passed": "All workflows passed",
|
|
"watch.error.not_git_repo": "Not in a git repository",
|
|
"watch.error.repo_format": "Invalid repo format. Use --repo org/name or run from a git repo",
|
|
"review.short": "Check PR review status",
|
|
"review.long": "Show PR review status with actionable next steps. Answers: What do I need to do to get my PRs merged? What reviews am I blocking?",
|
|
"review.flag.mine": "Show only your open PRs",
|
|
"review.flag.requested": "Show only PRs where your review is requested",
|
|
"review.flag.repo": "Specific repository (default: current)",
|
|
"review.your_prs": "Your PRs",
|
|
"review.review_requested": "Review Requested",
|
|
"review.no_prs": "No open PRs",
|
|
"review.no_reviews": "No reviews requested",
|
|
"review.error.no_repo": "Not in a git repository. Use --repo to specify one",
|
|
"health.short": "Aggregate CI health across all repos",
|
|
"health.long": "Shows CI health summary across all repos with focus on problems that need attention.",
|
|
"health.flag.problems": "Show only repos with problems",
|
|
"health.summary": "CI Health",
|
|
"health.all_healthy": "All repos are healthy",
|
|
"health.passing": "Passing",
|
|
"health.tests_failing": "Tests failing",
|
|
"health.running": "Running",
|
|
"health.cancelled": "Cancelled",
|
|
"health.skipped": "Skipped",
|
|
"health.no_ci_configured": "No CI configured",
|
|
"health.workflow_disabled": "Workflow disabled",
|
|
"health.fetch_error": "Failed to fetch status",
|
|
"health.parse_error": "Failed to parse response",
|
|
"health.count_passing": "Passing",
|
|
"health.count_failing": "Failing",
|
|
"health.count_pending": "Pending",
|
|
"health.count_no_ci": "No CI",
|
|
"health.count_disabled": "Disabled",
|
|
"issues.short": "Intelligent issue triage",
|
|
"issues.long": "Show prioritised, actionable issues across all repos. Groups by: needs response, ready to work, blocked, and needs triage.",
|
|
"issues.flag.mine": "Show only issues assigned to you",
|
|
"issues.flag.triage": "Show only issues needing triage",
|
|
"issues.flag.blocked": "Show only blocked issues",
|
|
"issues.flag.limit": "Maximum issues per repo",
|
|
"issues.fetching": "Fetching...",
|
|
"issues.no_issues": "No open issues found",
|
|
"issues.category.needs_response": "Needs Response",
|
|
"issues.category.ready": "Ready to Work",
|
|
"issues.category.blocked": "Blocked",
|
|
"issues.category.triage": "Needs Triage",
|
|
"issues.hint.needs_response": "commented recently",
|
|
"issues.hint.blocked": "Waiting on dependency",
|
|
"issues.hint.triage": "Add labels and assignee"
|
|
},
|
|
"test": {
|
|
"short": "Run Go tests with coverage"
|
|
},
|
|
"vm": {
|
|
"short": "LinuxKit VM management",
|
|
"run.short": "Run a LinuxKit image or template",
|
|
"ps.short": "List running VMs",
|
|
"stop.short": "Stop a running VM",
|
|
"logs.short": "View VM logs",
|
|
"exec.short": "Execute a command in a VM",
|
|
"templates.short": "Manage LinuxKit templates"
|
|
},
|
|
"monitor": {
|
|
"short": "Aggregate security findings from GitHub",
|
|
"long": "Monitor GitHub Security Tab, Dependabot, and secret scanning for actionable findings. Aggregates results from free tier scanners (Semgrep, Trivy, Gitleaks, OSV-Scanner, Checkov, CodeQL).",
|
|
"flag.repo": "Specific repository to scan",
|
|
"flag.severity": "Filter by severity (critical, high, medium, low)",
|
|
"flag.json": "Output as JSON for piping to other tools",
|
|
"flag.all": "Scan all repos in registry",
|
|
"scanning": "Scanning",
|
|
"found": "Found",
|
|
"no_findings": "No security findings",
|
|
"error.no_repos": "No repositories to scan. Use --repo, --all, or run from a git repo",
|
|
"error.not_git_repo": "Not in a git repository. Use --repo to specify one"
|
|
}
|
|
},
|
|
"common": {
|
|
"status": {
|
|
"dirty": "dirty",
|
|
"clean": "clean",
|
|
"synced": "synced",
|
|
"up_to_date": "up to date"
|
|
},
|
|
"label": {
|
|
"done": "Done",
|
|
"error": "Error",
|
|
"warning": "Warning",
|
|
"info": "Info",
|
|
"fix": "Fix:",
|
|
"install": "Install:",
|
|
"summary": "Summary:",
|
|
"setup": "Setup:",
|
|
"config": "Config:",
|
|
"repo": "Repo:"
|
|
},
|
|
"flag": {
|
|
"fix": "Auto-fix issues where possible",
|
|
"diff": "Show diff of changes",
|
|
"json": "Output as JSON",
|
|
"verbose": "Show detailed output",
|
|
"registry": "Path to repos.yaml registry file"
|
|
},
|
|
"progress": {
|
|
"running": "Running {{.Task}}...",
|
|
"checking": "Checking {{.Item}}..."
|
|
},
|
|
"result": {
|
|
"no_issues": "No issues found"
|
|
},
|
|
"success": {
|
|
"completed": "{{.Action}} successfully"
|
|
},
|
|
"error": {
|
|
"failed": "Failed to {{.Action}}"
|
|
},
|
|
"hint": {
|
|
"fix_deps": "Update dependencies to fix vulnerabilities"
|
|
}
|
|
},
|
|
"error": {
|
|
"gh_not_found": "'gh' CLI not found. Install from https://cli.github.com/",
|
|
"registry_not_found": "No repos.yaml found",
|
|
"repo_not_found": "Repository '{{.Name}}' not found"
|
|
},
|
|
"lang": {
|
|
"de": "German",
|
|
"en": "English",
|
|
"es": "Spanish",
|
|
"fr": "French",
|
|
"zh": "Chinese"
|
|
}
|
|
}
|