CodeScoring
diff --git a/‎.gitlab-ci.yml‎
Lines changed: 1 addition & 1 deletion b/‎.gitlab-ci.yml‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎docs/assets/demo/fstec-sbom-demo.en.html‎
Lines changed: 104 additions & 0 deletions b/‎docs/assets/demo/fstec-sbom-demo.en.html‎
Lines changed: 104 additions & 0 deletions
diff --git a/‎docs/assets/demo/fstec-sbom-demo.html‎
Lines changed: 104 additions & 0 deletions b/‎docs/assets/demo/fstec-sbom-demo.html‎
Lines changed: 104 additions & 0 deletions
@@ -113,7 +113,7 @@ lint_markdown:
       done
 
       # URLs
-      IGNORED_DOMAINS='https://download.pytorch.org`|bdu.fstec.ru|{osa-proxy-url}|artifactory.domain.ru|{REGISTRY_URL}/repository/helm|index.codescoring.ru|index-proxy:8000|webhook|atlassian|nuget|pypi|npmjs|maven|registry|mycompany|k8s|example|gitflic\.ru|localhost|127\.0\.0\.1|tip\.kaspersky\.com|JFROG_URL|host|jfrog\.my\.domain|docs\.alpinelinux\.org|github\.com|spdx\.github\.io|docs\.python\.org|dev\.azure\.com/<organisation|https://<organisation|REGISTRY_USERNAME|REGISTRY_PASSWORD|REGISTRY_URL'
+      IGNORED_DOMAINS='https://download.pytorch.org`|bdu.fstec.ru|{osa-proxy-url}|artifactory.domain.ru|{REGISTRY_URL}/repository/helm|index.codescoring.ru|index-proxy:8000|webhook|atlassian|nuget|pypi|npmjs|maven|registry|mycompany|k8s|example|gitflic\.ru|localhost|127\.0\.0\.1|tip\.kaspersky\.com|JFROG_URL|host|jfrog\.my\.domain|docs\.alpinelinux\.org|github\.com|spdx\.github\.io|docs\.python\.org|dev\.azure\.com/<organisation|https://<organisation|REGISTRY_USERNAME|REGISTRY_PASSWORD|REGISTRY_URL|drive\.google\.com|gitlab\.com|gitlab\.community\.ispras\.ru'
       if command -v wget >/dev/null; then
         for file in $FILES; do
           URLS=$(grep -oP '(?:\[.*?\]\(\Khttp[s]?://[^\s)]+|(?<!\]\()http[s]?://[^\s>]+)' "$file" | sed 's/]\+$//' | grep -Ev "$IGNORED_DOMAINS" || true)
 
@@ -0,0 +1,104 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>FSTEC SBOM demo</title>
+  <link rel="stylesheet" href="/assets/demo/tutorial-terminal-demo.css">
+</head>
+<body>
+  <div class="demo-shell">
+    <div class="demo-terminal" id="tutorial-terminal-demo">
+      <div class="demo-titlebar">
+        <span class="demo-dot red"></span>
+        <span class="demo-dot yellow"></span>
+        <span class="demo-dot green"></span>
+        <span class="demo-title" id="demo-title"></span>
+      </div>
+      <div class="demo-body" id="demo-body"></div>
+      <div class="demo-controls">
+        <div class="demo-progress">
+          <div class="demo-progress-fill" id="demo-progress-fill"></div>
+        </div>
+        <div class="demo-buttons">
+          <button class="demo-button demo-button--primary" id="demo-start" onclick="startTutorialTerminalDemo()">Start</button>
+          <button class="demo-button" id="demo-pause" onclick="toggleTutorialTerminalDemoPause()">Pause</button>
+          <span class="demo-speed" id="demo-speed"></span>
+          <button class="demo-button" id="demo-speed-button" onclick="cycleTutorialTerminalDemoSpeed()">Speed</button>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  <script>
+    window.TUTORIAL_TERMINAL_DEMO = {
+      title: "local-user@fstec-python-app ~ zsh",
+      promptUser: "local-user",
+      promptPath: "fstec-python-app",
+      startSpeed: 0.5,
+      autoStart: false,
+      labels: {
+        start: "Start",
+        restart: "Restart",
+        pause: "Pause",
+        resume: "Resume",
+        speed: "Speed",
+        idleTitle: "Interactive demo",
+        idleBody: "Click <strong>“Start”</strong> to see why a local run with <code>resolve</code> helps build a full component inventory."
+      },
+      scenes: [
+        {
+          type: "card",
+          title: "Comparing two runs",
+          body: "The demo first shows a manifest-only scan and then a run with <code>--pip-resolve</code> and an explicit <code>pip</code> path. The output is shortened to the key fragments of a real run."
+        },
+        {
+          type: "command",
+          command: "./johnny scan dir . --api_token $CODESCORING_API_TOKEN --api_url $CODESCORING_API_URL --project \"ppk-fstec-demo\" --save-results --create-project --localization en --bom-path bom-manifest.json",
+          output: [
+            "Scanning project: /Users/demo/fstec-python-app",
+            "Project name: ppk-fstec-demo",
+            "SBOM file: /Users/demo/fstec-python-app/bom-manifest.json",
+            "",
+            "Manifests:",
+            "- requirements.txt"
+          ],
+          outputDelay: 28,
+          afterOutputDelay: 380
+        },
+        {
+          type: "card",
+          title: "A manifest-only run may be incomplete",
+          body: "If the manifest does not expose transitive dependencies, this run does not provide the full component list. A complete inventory requires either a lock file or dependency resolution in a prepared project environment."
+        },
+        {
+          type: "command",
+          command: "./johnny scan dir . --api_token $CODESCORING_API_TOKEN --api_url $CODESCORING_API_URL --project \"ppk-fstec-demo\" --save-results --create-project --localization en --pip-resolve --pip-path /usr/local/bin/pip3 --bom-path bom-local.json",
+          output: [
+            "pip 25.0 from /usr/local/lib/python3.13/site-packages/pip (python 3.13)",
+            "certifi==2025.1.31",
+            "cffi==1.17.1",
+            "pycparser==2.22",
+            "",
+            "Scanning project: /Users/demo/fstec-python-app",
+            "Project name: ppk-fstec-demo",
+            "SBOM file: /Users/demo/fstec-python-app/bom-local.json",
+            "",
+            "Manifests:",
+            "- codescoring_pip_for_freeze",
+            "- requirements.txt"
+          ],
+          outputDelay: 20,
+          afterOutputDelay: 420
+        },
+        {
+          type: "card",
+          title: "What changed after resolve",
+          body: "The agent used the specified <code>pip</code>, added the dependency resolution result as <code>codescoring_pip_for_freeze</code>, saved the scan to a CLI project, and produced a local <code>bom-local.json</code>. This mode should be run only in a controlled project environment, otherwise extra packages can end up in the SBOM."
+        }
+      ]
+    };
+  </script>
+  <script src="/assets/demo/tutorial-terminal-demo.js"></script>
+</body>
+</html>
@@ -0,0 +1,104 @@
+<!DOCTYPE html>
+<html lang="ru">
+<head>
+  <meta charset="UTF-8">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  <title>FSTEC SBOM demo</title>
+  <link rel="stylesheet" href="/assets/demo/tutorial-terminal-demo.css">
+</head>
+<body>
+  <div class="demo-shell">
+    <div class="demo-terminal" id="tutorial-terminal-demo">
+      <div class="demo-titlebar">
+        <span class="demo-dot red"></span>
+        <span class="demo-dot yellow"></span>
+        <span class="demo-dot green"></span>
+        <span class="demo-title" id="demo-title"></span>
+      </div>
+      <div class="demo-body" id="demo-body"></div>
+      <div class="demo-controls">
+        <div class="demo-progress">
+          <div class="demo-progress-fill" id="demo-progress-fill"></div>
+        </div>
+        <div class="demo-buttons">
+          <button class="demo-button demo-button--primary" id="demo-start" onclick="startTutorialTerminalDemo()">Запустить</button>
+          <button class="demo-button" id="demo-pause" onclick="toggleTutorialTerminalDemoPause()">Пауза</button>
+          <span class="demo-speed" id="demo-speed"></span>
+          <button class="demo-button" id="demo-speed-button" onclick="cycleTutorialTerminalDemoSpeed()">Скорость</button>
+        </div>
+      </div>
+    </div>
+  </div>
+
+  <script>
+    window.TUTORIAL_TERMINAL_DEMO = {
+      title: "local-user@fstec-python-app ~ zsh",
+      promptUser: "local-user",
+      promptPath: "fstec-python-app",
+      startSpeed: 0.5,
+      autoStart: false,
+      labels: {
+        start: "Запустить",
+        restart: "Сначала",
+        pause: "Пауза",
+        resume: "Продолжить",
+        speed: "Скорость",
+        idleTitle: "Интерактивное демо",
+        idleBody: "Нажмите <strong>«Запустить»</strong>, чтобы посмотреть, почему для полного ППК полезно сначала локально запустить агент с <code>resolve</code>."
+      },
+      scenes: [
+        {
+          type: "card",
+          title: "Сравнение двух запусков",
+          body: "Сначала показан обычный запуск по манифесту, затем — запуск с <code>--pip-resolve</code> и явным путем к <code>pip</code>. Демо сокращено до ключевых фрагментов реального вывода."
+        },
+        {
+          type: "command",
+          command: "./johnny scan dir . --api_token $CODESCORING_API_TOKEN --api_url $CODESCORING_API_URL --project \"ppk-fstec-demo\" --save-results --create-project --localization ru --bom-path bom-manifest.json",
+          output: [
+            "Scanning project: /Users/demo/fstec-python-app",
+            "Project name: ppk-fstec-demo",
+            "SBOM file: /Users/demo/fstec-python-app/bom-manifest.json",
+            "",
+            "Manifests:",
+            "- requirements.txt"
+          ],
+          outputDelay: 28,
+          afterOutputDelay: 380
+        },
+        {
+          type: "card",
+          title: "Обычного запуска может быть недостаточно",
+          body: "Если манифест не раскрывает транзитивные зависимости, такой запуск не даёт полного перечня компонентов. Для качественного инвентаря нужен либо lock-файл, либо запуск с разрешением зависимостей в подготовленном окружении проекта."
+        },
+        {
+          type: "command",
+          command: "./johnny scan dir . --api_token $CODESCORING_API_TOKEN --api_url $CODESCORING_API_URL --project \"ppk-fstec-demo\" --save-results --create-project --localization ru --pip-resolve --pip-path /usr/local/bin/pip3 --bom-path bom-local.json",
+          output: [
+            "pip 25.0 from /usr/local/lib/python3.13/site-packages/pip (python 3.13)",
+            "certifi==2025.1.31",
+            "cffi==1.17.1",
+            "pycparser==2.22",
+            "",
+            "Scanning project: /Users/demo/fstec-python-app",
+            "Project name: ppk-fstec-demo",
+            "SBOM file: /Users/demo/fstec-python-app/bom-local.json",
+            "",
+            "Manifests:",
+            "- codescoring_pip_for_freeze",
+            "- requirements.txt"
+          ],
+          outputDelay: 20,
+          afterOutputDelay: 420
+        },
+        {
+          type: "card",
+          title: "Что изменилось после resolve",
+          body: "Агент использовал <code>pip</code> по указанному пути, добавил результат разрешения зависимостей как <code>codescoring_pip_for_freeze</code>, сохранил анализ в CLI-проекте и сформировал локальный <code>bom-local.json</code>. Такой режим стоит запускать только в контролируемом окружении проекта, иначе в SBOM могут попасть лишние пакеты."
+        }
+      ]
+    };
+  </script>
+  <script src="/assets/demo/tutorial-terminal-demo.js"></script>
+</body>
+</html>