feat: improve i18n

.github/workflows/codeql.yml

@@ -41,7 +41,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -50,7 +50,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+        uses: github/codeql-action/init@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -63,7 +63,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+        uses: github/codeql-action/autobuild@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -76,6 +76,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+        uses: github/codeql-action/analyze@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/nodejs.yml

@@ -18,13 +18,13 @@ jobs:
       fail-fast: false
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
         with:
           node-version: ${{ matrix.node-version }}
       - name: Install dependencies
@@ -34,4 +34,4 @@ jobs:
       - name: Run tests
         run: npm run coverage
       - name: Send coverage report to Codecov
-        uses: codecov/codecov-action@428cda1b1c731be3e8bfa389049c3f276d572ffb # v4.0.0-beta.3
+        uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 # v4.0.1

.github/workflows/scorecards.yml

@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
@@ -64,14 +64,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8
+        uses: github/codeql-action/upload-sarif@379614612a29c9e28f31f39a59013eb8012a51f0 # v3.24.3
         with:
           sarif_file: results.sarif

.github/workflows/size-satisfies.yml

@@ -21,13 +21,13 @@ jobs:
       fail-fast: false
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@128a63446a954579617e875aaab7d2978154e969 # v2.4.0
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c # v3.6.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
         with:
           node-version: ${{ matrix.node-version }}
       - name: Install dependencies

.github/workflows/vis-network.yml

@@ -22,13 +22,13 @@ jobs:
       fail-fast: false
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1
+        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
         with:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Use Node.js ${{ matrix.node-version }}
-        uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
         with:
           node-version: ${{ matrix.node-version }}
       - name: Install dependencies

LICENSE

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2022 NodeSecure
+Copyright (c) 2022-2024 NodeSecure
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

bin/index.js

@@ -91,7 +91,7 @@ prog
 prog
   .command("scorecard [repository]")
   .describe(i18n.getTokenSync("cli.commands.scorecard.desc"))
-  .option("--vcs", "Version control platform (GitHub, GitLab", "github")
+  .option("--vcs", i18n.getTokenSync("cli.commands.scorecard.option_vcs"), "github")
   .action(commands.scorecard.main);
 
 prog
@@ -101,13 +101,13 @@ prog
 
 prog
   .command("config create [configuration]")
-  .option("-c, --cwd", "create config file at the cwd", false)
-  .describe("Init your Nodesecure config file")
+  .option("-c, --cwd", i18n.getTokenSync("cli.commands.configCreate.option_cwd"), false)
+  .describe(i18n.getTokenSync("cli.commands.configCreate.desc"))
   .action(commands.config.createConfigFile);
 
 prog
   .command("config")
-  .describe("Edit your nodesecure config file")
+  .describe(i18n.getTokenSync("cli.commands.config.desc"))
   .action(commands.config.editConfigFile);
 
 prog.parse(process.argv);
@@ -117,7 +117,7 @@ function defaultScannerCommand(name, options = {}) {
 
   const cmd = prog.command(name)
     .option("-d, --depth", i18n.getTokenSync("cli.commands.option_depth"), 4)
-    .option("--silent", "enable silent mode which disable CLI spinners", false);
+    .option("--silent", i18n.getTokenSync("cli.commands.option_silent"), false);
 
   if (includeOutput) {
     cmd.option("-o, --output", i18n.getTokenSync("cli.commands.option_output"), "nsecure-result");
@@ -134,7 +134,7 @@ function checkNodeSecureToken() {
     const varEnvName = kleur.yellow().bold("NODE_SECURE_TOKEN");
 
     console.log(
-      kleur.red().bold(`Environment variable ${varEnvName} is missing!\n`)
+      kleur.red().bold(`${i18n.getTokenSync("cli.missingEnv", varEnvName)}\n`)
     );
   }
 }

i18n/english.js

@@ -1,26 +1,150 @@
 /* eslint-disable max-len */
+// Import Third-party Dependencies
 import { taggedString as tS } from "@nodesecure/i18n";
 
 const cli = {
+  executing_at: "Executing node-secure at",
+  min_nodejs_version: tS`node-secure requires at least Node.js ${0} to work! Please upgrade your Node.js version.`,
+  no_dep_to_proceed: "No dependencies to proceed!",
+  successfully_written_json: tS`Successfully written results file at: ${0}`,
+  http_server_started: "HTTP Server started on:",
+  missingEnv: tS`Environment variable ${0} is missing!`,
+  commands: {
+    option_depth: "Maximum dependencies depth to fetch",
+    option_output: "Json file output name",
+    option_silent: "enable silent mode which disable CLI spinners",
+    strategy: "Vulnerabilities source to use",
+    hydrate_db: {
+      desc: "Hydrate the vulnerabilities db",
+      running: tS`Hydrating local vulnerabilities with the '${0}' database...`,
+      success: tS`Successfully hydrated vulnerabilities database in ${0}`
+    },
+    cwd: {
+      desc: "Run security analysis on the current working dir",
+      option_nolock: "Disable usage of package-lock.json",
+      option_full: "Enable full analysis of packages in the package-lock.json file"
+    },
+    from: {
+      desc: "Run security analysis on a given package from npm registry",
+      searching: tS`Searching for '${0}' manifest in the npm registry...`,
+      fetched: tS`Fetched ${0} manifest from npm in ${1}`
+    },
+    auto: {
+      desc: "Run security analysis on cwd or a given package and automatically open the web interface",
+      option_keep: "Keep the nsecure-result.json file on the system after execution"
+    },
+    open: {
+      desc: "Run an HTTP Server with a given nsecure JSON file",
+      option_port: "Define the running port"
+    },
+    verify: {
+      desc: "Run a complete advanced analysis for a given npm package",
+      option_json: "Stdout the analysis payload"
+    },
+    summary: {
+      desc: "Display your analysis results",
+      warnings: "Warnings"
+    },
+    lang: {
+      desc: "Configure the CLI default language",
+      question_text: "What language do you want to use?",
+      new_selection: tS`'${0}' has been selected as the new CLI language!`
+    },
+    scorecard: {
+      desc: "Display the OSSF Scorecard for a given repository or the current working directory (Github only, e.g. fastify/fastify)",
+      option_vcs: "Version control platform (GitHub, GitLab)"
+    },
+    config: {
+      desc: "Edit your NodeSecure config file"
+    },
+    configCreate: {
+      desc: "Init your Nodesecure config file",
+      option_cwd: "Create config file at the cwd"
+    }
+  },
   startHttp: {
     invalidScannerVersion: tS`the payload has been scanned with version '${0}' and do not satisfies the required CLI range '${1}'`,
     regenerate: "please re-generate a new JSON payload using the CLI"
   }
 };
 
 const ui = {
+  stats: {
+    title: "Global Stats",
+    total_packages: "Total of packages",
+    total_size: "Total size",
+    indirect_deps: "Packages with indirect dependencies",
+    extensions: "Extensions",
+    licenses: "Licenses",
+    maintainers: "Maintainers"
+  },
+  package_info: {
+    navigation: {
+      overview: "overview",
+      files: "files",
+      dependencies: "scripts & dependencies",
+      warnings: "threats in source code",
+      vulnerabilities: "vulnerabilities (CVE)",
+      licenses: "licenses conformance (SPDX)"
+    },
+    title: {
+      maintainers: "maintainers",
+      releases: "releases",
+      files: "files",
+      files_extensions: "files extensions",
+      unused_deps: "unused dependencies",
+      missing_deps: "missing dependencies",
+      minified_files: "minified files",
+      node_deps: "node.js dependencies",
+      third_party_deps: "third-party dependencies",
+      required_files: "required files",
+      used_by: "used by",
+      openSsfScorecard: "Security Scorecard"
+    },
+    overview: {
+      homepage: "Homepage",
+      author: "Author",
+      size: "Size on system",
+      dependencies: "Number of dependencies",
+      files: "Number of files",
+      tsTypings: "TS Typings",
+      node: "Node.js Compatibility",
+      npm: "NPM Compatibility",
+      lastReleaseVersion: "Last release version",
+      lastReleaseDate: "Last release date",
+      publishedReleases: "Number of published releases",
+      numberPublishers: "Number of publisher(s)"
+    },
+    helpers: {
+      warnings: "Learn more about warnings in the",
+      spdx: "Learn more about the SPDX project",
+      here: "here",
+      openSsf: "Learn more about the OpenSSF Scorecards",
+      thirdPartyTools: "Third-party tools"
+    }
+  },
+  searchbar_placeholder: "Search",
+  loading_nodes: "... Loading nodes ...",
+  please_wait: "(Please wait)",
   popup: {
     maintainer: {
       intree: "packages in the dependency tree"
     }
   },
   home: {
     overview: {
-      title: "Overview"
+      title: "Overview",
+      dependencies: "dependencies",
+      totalSize: "total size",
+      directDeps: "direct deps",
+      transitiveDeps: "transitive deps",
+      downloadsLastWeek: "downloads last week"
     },
     watch: "Packages in the dependency tree requiring greater attention",
     criticalWarnings: "Critical Warnings",
-    maintainers: "Maintainers"
+    maintainers: "Maintainers",
+    showMore: "show more",
+    showLess: "show less"
   },
   settings: {
     general: {
@@ -37,6 +161,19 @@ const ui = {
       openCloseWiki: "Open/Close wiki",
       lock: "Lock/Unlock network"
     }
+  },
+  network: {
+    childOf: "child of",
+    parentOf: "parent of",
+    unlocked: "unlocked",
+    locked: "locked"
+  },
+  search: {
+    "File extensions": "File extensions",
+    "Node.js core modules": "Node.js core modules",
+    "Available licenses": "Available licenses",
+    "Available flags": "Available flags",
+    default: "Search options"
   }
 };