@aegis-scan/core 0.18.2 → 0.18.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (2) hide show
  1. package/package.json +1 -1
  2. package/sbom.cdx.json +1 -1
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@aegis-scan/core",
3
- "version": "0.18.2",
3
+ "version": "0.18.3",
4
4
  "description": "AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.",
5
5
  "license": "MIT",
6
6
  "author": "RideMatch1 <230386010+RideMatch1@users.noreply.github.com>",
package/sbom.cdx.json CHANGED
@@ -1 +1 @@
1
- {"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:18bf68ae-a1ca-4c63-a4e4-2152273fd8b0","version":1,"metadata":{"timestamp":"2026-05-07T09:07:43Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"core","group":"@aegis-scan","version":"0.18.2","description":"AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.","purl":"pkg:npm/%40aegis-scan/core@0.18.2","bom-ref":"pkg:npm/@aegis-scan/core@0.18.2","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/core/node_modules/@types/node/package.json\\npackages/core/node_modules/@types/picomatch/package.json\\npackages/core/node_modules/ignore/package.json\\npackages/core/node_modules/picomatch/package.json\\npackages/core/node_modules/typescript/package.json\\npackages/core/node_modules/undici/package.json\\npackages/core/node_modules/vitest/package.json\\npackages/core/node_modules/zod/package.json"}]},"components":[{"authors":[{"name":"Colin McDonnell <zod@colinhacks.com>"}],"group":"","name":"zod","version":"3.25.76","description":"TypeScript-first schema declaration and validation library with static type inference","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/zod@3.25.76","externalReferences":[{"type":"website","url":"https://zod.dev"},{"type":"vcs","url":"git+https://github.com/colinhacks/zod.git"}],"type":"library","bom-ref":"pkg:npm/zod@3.25.76","properties":[{"name":"SrcFile","value":"packages/core/node_modules/zod/package.json"},{"name":"ImportedModules","value":"zod,zod/z"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/zod/package.json"}],"concludedValue":"packages/core/node_modules/zod/package.json"}],"occurrences":[{"location":"dist/manipulation-resistance/response-validator.js#23"},{"location":"dist/roe/types.js#24"},{"location":"dist/runtime/state.js#32"},{"location":"src/manipulation-resistance/response-validator.ts#23"},{"location":"src/roe/types.ts#24"},{"location":"src/runtime/state.ts#32"}]},"tags":["validation"]},{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/core/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/vitest/package.json"}],"concludedValue":"packages/core/node_modules/vitest/package.json"}]},"tags":["framework"]},{"group":"","name":"undici","version":"7.25.0","description":"An HTTP/1.1 client, written from scratch for Node.js","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/undici@7.25.0","externalReferences":[{"type":"website","url":"https://undici.nodejs.org"},{"type":"vcs","url":"git+https://github.com/nodejs/undici.git"}],"type":"library","bom-ref":"pkg:npm/undici@7.25.0","properties":[{"name":"SrcFile","value":"packages/core/node_modules/undici/package.json"},{"name":"ImportedModules","value":"undici,getGlobalDispatcher,undici/getGlobalDispatcher,setGlobalDispatcher,undici/setGlobalDispatcher,ProxyAgent,undici/ProxyAgent,Dispatcher,undici/Dispatcher"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/undici/package.json"}],"concludedValue":"packages/core/node_modules/undici/package.json"}],"occurrences":[{"location":"dist/runtime/opsec.js#1"},{"location":"src/runtime/opsec.ts#1"}]}},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/core/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/typescript/package.json"}],"concludedValue":"packages/core/node_modules/typescript/package.json"}]}},{"authors":[{"name":"Jon Schlinkert (https://github.com/jonschlinkert)"}],"group":"","name":"picomatch","version":"4.0.4","description":"Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/picomatch@4.0.4","externalReferences":[{"type":"vcs","url":"https://github.com/micromatch/picomatch"}],"type":"library","bom-ref":"pkg:npm/picomatch@4.0.4","properties":[{"name":"SrcFile","value":"packages/core/node_modules/picomatch/package.json"},{"name":"ImportedModules","value":"picomatch"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/picomatch/package.json"}],"concludedValue":"packages/core/node_modules/picomatch/package.json"}],"occurrences":[{"location":"dist/utils.js#5"},{"location":"src/utils.ts#5"}]}},{"authors":[{"name":"kael"}],"group":"","name":"ignore","version":"7.0.5","description":"Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/ignore@7.0.5","type":"library","bom-ref":"pkg:npm/ignore@7.0.5","properties":[{"name":"SrcFile","value":"packages/core/node_modules/ignore/package.json"},{"name":"ImportedModules","value":"ignore"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/ignore/package.json"}],"concludedValue":"packages/core/node_modules/ignore/package.json"}],"occurrences":[{"location":"dist/utils.js#4"},{"location":"src/utils.ts#4"}]}},{"group":"@types","name":"picomatch","version":"3.0.2","description":"TypeScript definitions for picomatch","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/picomatch@3.0.2","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/picomatch"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/picomatch@3.0.2","properties":[{"name":"SrcFile","value":"packages/core/node_modules/@types/picomatch/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/@types/picomatch/package.json"}],"concludedValue":"packages/core/node_modules/@types/picomatch/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/core/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/@types/node/package.json"}],"concludedValue":"packages/core/node_modules/@types/node/package.json"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/core@0.18.2"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-05-07T09:07:43Z","text":"This Software Bill-of-Materials (SBOM) document was created on Thursday, May 7, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'core' with version '0.18.2'. The package type in this SBOM is npm with a single purl namespace '@types' described under components. The components were identified from 8 source files."}]}
1
+ {"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:906d2122-5311-434d-bbca-2f017e0f160e","version":1,"metadata":{"timestamp":"2026-05-07T09:41:53Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"core","group":"@aegis-scan","version":"0.18.3","description":"AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.","purl":"pkg:npm/%40aegis-scan/core@0.18.3","bom-ref":"pkg:npm/@aegis-scan/core@0.18.3","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/core/node_modules/@types/node/package.json\\npackages/core/node_modules/@types/picomatch/package.json\\npackages/core/node_modules/ignore/package.json\\npackages/core/node_modules/picomatch/package.json\\npackages/core/node_modules/typescript/package.json\\npackages/core/node_modules/undici/package.json\\npackages/core/node_modules/vitest/package.json\\npackages/core/node_modules/zod/package.json"}]},"components":[{"authors":[{"name":"Colin McDonnell <zod@colinhacks.com>"}],"group":"","name":"zod","version":"3.25.76","description":"TypeScript-first schema declaration and validation library with static type inference","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/zod@3.25.76","externalReferences":[{"type":"website","url":"https://zod.dev"},{"type":"vcs","url":"git+https://github.com/colinhacks/zod.git"}],"type":"library","bom-ref":"pkg:npm/zod@3.25.76","properties":[{"name":"SrcFile","value":"packages/core/node_modules/zod/package.json"},{"name":"ImportedModules","value":"zod,zod/z"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/zod/package.json"}],"concludedValue":"packages/core/node_modules/zod/package.json"}],"occurrences":[{"location":"dist/manipulation-resistance/response-validator.js#23"},{"location":"dist/roe/types.js#24"},{"location":"dist/runtime/state.js#32"},{"location":"src/manipulation-resistance/response-validator.ts#23"},{"location":"src/roe/types.ts#24"},{"location":"src/runtime/state.ts#32"}]},"tags":["validation"]},{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/core/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/vitest/package.json"}],"concludedValue":"packages/core/node_modules/vitest/package.json"}]},"tags":["framework"]},{"group":"","name":"undici","version":"7.25.0","description":"An HTTP/1.1 client, written from scratch for Node.js","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/undici@7.25.0","externalReferences":[{"type":"website","url":"https://undici.nodejs.org"},{"type":"vcs","url":"git+https://github.com/nodejs/undici.git"}],"type":"library","bom-ref":"pkg:npm/undici@7.25.0","properties":[{"name":"SrcFile","value":"packages/core/node_modules/undici/package.json"},{"name":"ImportedModules","value":"undici,getGlobalDispatcher,undici/getGlobalDispatcher,setGlobalDispatcher,undici/setGlobalDispatcher,ProxyAgent,undici/ProxyAgent,Dispatcher,undici/Dispatcher"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/undici/package.json"}],"concludedValue":"packages/core/node_modules/undici/package.json"}],"occurrences":[{"location":"dist/runtime/opsec.js#1"},{"location":"src/runtime/opsec.ts#1"}]}},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/core/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/typescript/package.json"}],"concludedValue":"packages/core/node_modules/typescript/package.json"}]}},{"authors":[{"name":"Jon Schlinkert (https://github.com/jonschlinkert)"}],"group":"","name":"picomatch","version":"4.0.4","description":"Blazing fast and accurate glob matcher written in JavaScript, with no dependencies and full support for standard and extended Bash glob features, including braces, extglobs, POSIX brackets, and regular expressions.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/picomatch@4.0.4","externalReferences":[{"type":"vcs","url":"https://github.com/micromatch/picomatch"}],"type":"library","bom-ref":"pkg:npm/picomatch@4.0.4","properties":[{"name":"SrcFile","value":"packages/core/node_modules/picomatch/package.json"},{"name":"ImportedModules","value":"picomatch"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/picomatch/package.json"}],"concludedValue":"packages/core/node_modules/picomatch/package.json"}],"occurrences":[{"location":"dist/utils.js#5"},{"location":"src/utils.ts#5"}]}},{"authors":[{"name":"kael"}],"group":"","name":"ignore","version":"7.0.5","description":"Ignore is a manager and filter for .gitignore rules, the one used by eslint, gitbook and many others.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/ignore@7.0.5","type":"library","bom-ref":"pkg:npm/ignore@7.0.5","properties":[{"name":"SrcFile","value":"packages/core/node_modules/ignore/package.json"},{"name":"ImportedModules","value":"ignore"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/ignore/package.json"}],"concludedValue":"packages/core/node_modules/ignore/package.json"}],"occurrences":[{"location":"dist/utils.js#4"},{"location":"src/utils.ts#4"}]}},{"group":"@types","name":"picomatch","version":"3.0.2","description":"TypeScript definitions for picomatch","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/picomatch@3.0.2","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/picomatch"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/picomatch@3.0.2","properties":[{"name":"SrcFile","value":"packages/core/node_modules/@types/picomatch/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/@types/picomatch/package.json"}],"concludedValue":"packages/core/node_modules/@types/picomatch/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/core/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/core/node_modules/@types/node/package.json"}],"concludedValue":"packages/core/node_modules/@types/node/package.json"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/core@0.18.3"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-05-07T09:41:53Z","text":"This Software Bill-of-Materials (SBOM) document was created on Thursday, May 7, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'core' with version '0.18.3'. The package type in this SBOM is npm with a single purl namespace '@types' described under components. The components were identified from 8 source files."}]}