NodeSecure
diff --git a/‎package.json‎
Lines changed: 2 additions & 1 deletion b/‎package.json‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎workspaces/js-x-ray-ai/CHANGELOG.md‎ b/‎workspaces/js-x-ray-ai/CHANGELOG.md‎
diff --git a/‎workspaces/js-x-ray-ai/LICENSE‎
Lines changed: 21 additions & 0 deletions b/‎workspaces/js-x-ray-ai/LICENSE‎
Lines changed: 21 additions & 0 deletions
diff --git a/‎workspaces/js-x-ray-ai/README.md‎
Lines changed: 104 additions & 0 deletions b/‎workspaces/js-x-ray-ai/README.md‎
Lines changed: 104 additions & 0 deletions
@@ -14,7 +14,8 @@
     "workspaces/sec-literal",
     "workspaces/ts-source-parser",
     "workspaces/tracer",
-    "workspaces/js-x-ray"
+    "workspaces/js-x-ray",
+    "workspaces/js-x-ray-ai"
   ],
   "author": "GENTILHOMME Thomas <[email protected]>",
   "license": "MIT",
 
@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2023-2024 NodeSecure
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
@@ -0,0 +1,104 @@
+<p align="center">
+  <h1 align="center">
+    @nodesecure/js-x-ray-ai
+  </h1>
+</p>
+
+<p align="center">
+  JavaScript AST analysis powered by AI
+</p>
+
+## Getting Started
+
+This package is available in the Node Package Repository and can be easily installed with [npm](https://docs.npmjs.com/getting-started/what-is-npm) or [yarn](https://yarnpkg.com).
+
+```bash
+$ npm i @nodesecure/js-x-ray-ai
+# or
+$ yarn add @nodesecure/js-x-ray-ai
+```
+
+## Usage example
+
+```javascript
+import { AiAstAnalyser } from "@nodesecure/js-x-ray-ai";
+
+async function main() {
+  const analyzer = new AiAstAnalyser({
+    provider: "openai",
+    apiKey: process.env.API_KEY
+  });
+
+  const code = `
+  const http = require("http");
+  http.get("http://example.com");
+  `;
+
+  const { llm, jsXRay } = await analyzer.analyze(code, "gpt-5");
+
+  console.log(llm);
+  console.log(jsXRay);
+}
+main().catch(console.error);
+```
+
+## API
+
+```ts
+export type Indicator = {
+  id: string;
+  type: string;
+  description: string;
+  evidence: string;
+  severity: "Critical" | "High" | "Medium" | "Low";
+};
+
+export type LlmReport = {
+  tldr: string;
+  behavior: string;
+  indicators: Indicator[];
+  impact: string;
+  remediation: string;
+  remediationSummary: string;
+  confidence: "High" | "Medium" | "Low";
+  confidenceReason: string;
+  metadata: {
+    linesReferenced: string;
+    redactedSecrets: {
+      label: string;
+      hash: string;
+    };
+  };
+};
+
+export type Analyses = {
+  llm: LlmReport;
+  jsXRay: Report; // from @nodesecure/js-x-ray
+};
+
+export type AiAstAnalyzerOptions = {
+  model: string;
+  runtimeOptions?: RuntimeOptions; // from @nodesecure/js-x-ray
+};
+
+export type LlmOptions = {
+  provider: "google" | "openai";
+  apiKey: string;
+};
+
+export class AiAstAnalyser {
+  constructor(
+    llmOptions: LlmOptions,
+    astAnalyzerOptions?: AiAstAnalyzerOptions
+  );
+  analyze(
+    code: string,
+    model: string,
+    options?: RuntimeOptions // from @nodesecure/js-x-ray
+  ): Promise<Analyses>;
+}
+```
+
+## License
+
+MIT