@clear-capabilities/agentic-security-scanner 0.79.0 → 0.80.0

package/src/posture/sca-upgrade.js

@@ -0,0 +1,259 @@
+// SCA upgrade engine: dry-run plan + worktree-isolated apply.
+//
+// Phase 3 / Item 5 of the SCA improvement plan. The MCP `apply_fix` path
+// refuses to write manifest files (package.json, *-lock.*, poetry.lock,
+// Cargo.lock, etc.) for safety. SCA findings need a separate path that:
+//   1. Generates an upgrade *plan* via the ecosystem's native dry-run
+//      command (npm install --dry-run, pip install --dry-run, etc.).
+//   2. Applies the upgrade via the package manager itself, with a backup
+//      + test-gate so a peer-dep break or test regression rolls back.
+//
+// Caller pattern: plan first (read-only), inspect the breaking-change
+// flag / peer warnings, then apply with confirm:true.
+
+import * as fs from 'node:fs';
+import * as fsp from 'node:fs/promises';
+import * as path from 'node:path';
+import * as crypto from 'node:crypto';
+import { execFile } from 'node:child_process';
+import { promisify } from 'node:util';
+import { statePath } from './state-dir.js';
+
+const execFileAsync = promisify(execFile);
+
+// Per-ecosystem command/manifest map. Add ecosystems by extending this
+// table — every other place in the module reads it.
+const ECOSYSTEM = {
+  npm: {
+    manifests: ['package.json', 'package-lock.json'],
+    altManifests: [['yarn.lock'], ['pnpm-lock.yaml']],
+    dryRun: (pkg, ver) => ({ cmd: 'npm', args: ['install', `${pkg}@${ver}`, '--dry-run', '--json'] }),
+    apply:  (pkg, ver) => ({ cmd: 'npm', args: ['install', `${pkg}@${ver}`, '--save'] }),
+    parseDryRun(stdout) {
+      try {
+        const j = JSON.parse(stdout);
+        const peerDeps = Array.isArray(j.warnings) ? j.warnings.filter(w => /peer dep/i.test(w)) : [];
+        const transitiveImpact = (j.added || []).length + (j.updated || []).length + (j.removed || []).length;
+        return { peerDeps, transitiveImpact, rawSummary: { added: (j.added || []).length, updated: (j.updated || []).length, removed: (j.removed || []).length } };
+      } catch { return { peerDeps: [], transitiveImpact: 0, rawSummary: null }; }
+    },
+  },
+  pypi: {
+    manifests: ['requirements.txt', 'pyproject.toml'],
+    altManifests: [['poetry.lock'], ['Pipfile.lock']],
+    dryRun: (pkg, ver) => ({ cmd: 'pip', args: ['install', '--dry-run', `${pkg}==${ver}`] }),
+    apply:  (pkg, ver) => ({ cmd: 'pip', args: ['install', '--upgrade', `${pkg}==${ver}`] }),
+    parseDryRun() {
+      // pip --dry-run output is human-readable; we don't parse it for v1.
+      return { peerDeps: [], transitiveImpact: 0, rawSummary: null };
+    },
+  },
+  cargo: {
+    manifests: ['Cargo.toml', 'Cargo.lock'],
+    altManifests: [],
+    dryRun: (pkg, _ver) => ({ cmd: 'cargo', args: ['update', '--package', pkg, '--dry-run'] }),
+    apply:  (pkg, _ver) => ({ cmd: 'cargo', args: ['update', '--package', pkg] }),
+    parseDryRun() { return { peerDeps: [], transitiveImpact: 0, rawSummary: null }; },
+  },
+  golang: {
+    manifests: ['go.mod', 'go.sum'],
+    altManifests: [],
+    dryRun: (_pkg, _ver) => null,   // `go get` has no dry-run flag; we skip dry-run in v1.
+    apply:  (pkg, ver) => ({ cmd: 'go', args: ['get', `${pkg}@v${ver}`] }),
+    parseDryRun() { return { peerDeps: [], transitiveImpact: 0, rawSummary: null }; },
+  },
+  // Other ecosystems (rubygems, packagist, pub, maven) return a structured
+  // "manual" plan in v1 — no native dry-run + the install side-effects
+  // (gem build artifacts, composer cache) are easier for the user to
+  // confirm interactively.
+};
+
+function _majorVersion(v) {
+  const m = String(v || '').match(/^(\d+)/);
+  return m ? parseInt(m[1], 10) : null;
+}
+
+function _detectTestCommand(scanRoot) {
+  try {
+    const pkg = path.join(scanRoot, 'package.json');
+    if (fs.existsSync(pkg)) {
+      const j = JSON.parse(fs.readFileSync(pkg, 'utf8'));
+      if (j.scripts?.test && !/no test specified/i.test(j.scripts.test)) {
+        return { cmd: 'npm', args: ['test'] };
+      }
+    }
+  } catch {}
+  if (fs.existsSync(path.join(scanRoot, 'Cargo.toml'))) return { cmd: 'cargo', args: ['test'] };
+  if (fs.existsSync(path.join(scanRoot, 'go.mod'))) return { cmd: 'go', args: ['test', './...'] };
+  if (fs.existsSync(path.join(scanRoot, 'pyproject.toml'))) return { cmd: 'pytest', args: [] };
+  return null;
+}
+
+// Produce a structured upgrade plan WITHOUT modifying anything on disk.
+// Safe to call repeatedly; runs the ecosystem's --dry-run command.
+export async function planScaUpgrade({ scanRoot, finding }) {
+  if (!finding || finding.type !== 'vulnerable_dep') {
+    return { ok: false, reason: 'not a vulnerable_dep finding' };
+  }
+  const eco = ECOSYSTEM[finding.ecosystem];
+  if (!eco) {
+    return {
+      ok: true,
+      mode: 'manual',
+      reason: `ecosystem '${finding.ecosystem}' has no automated upgrade in v1`,
+      package: finding.name, currentVersion: finding.version,
+      targetVersion: (finding.fixedVersions && finding.fixedVersions[0]) || null,
+      command: null,
+    };
+  }
+  const target = (finding.fixedVersions && finding.fixedVersions[0]) || null;
+  if (!target) {
+    return { ok: false, reason: 'no fixed version in OSV record' };
+  }
+  const isBreaking = (_majorVersion(target) ?? 0) > (_majorVersion(finding.version) ?? 0);
+  const apply = eco.apply(finding.name, target);
+  const dryRunSpec = eco.dryRun(finding.name, target);
+  let peerDeps = [], transitiveImpact = 0, rawSummary = null, dryRunOk = null;
+  if (dryRunSpec) {
+    try {
+      const r = await execFileAsync(dryRunSpec.cmd, dryRunSpec.args, {
+        cwd: scanRoot, timeout: 60_000, maxBuffer: 8 * 1024 * 1024,
+      });
+      const parsed = eco.parseDryRun(r.stdout);
+      peerDeps = parsed.peerDeps;
+      transitiveImpact = parsed.transitiveImpact;
+      rawSummary = parsed.rawSummary;
+      dryRunOk = true;
+    } catch (e) {
+      // Dry-run failed (e.g. peer-dep resolution conflict). Surface the
+      // error structurally so the caller can decide whether to proceed.
+      dryRunOk = false;
+      const stderr = (e && e.stderr) || (e && e.message) || '';
+      peerDeps = /peer dep/i.test(stderr) ? [String(stderr).slice(0, 500)] : [];
+    }
+  }
+  return {
+    ok: true,
+    mode: 'auto',
+    ecosystem: finding.ecosystem,
+    package: finding.name,
+    currentVersion: finding.version,
+    targetVersion: target,
+    isBreaking,
+    command: `${apply.cmd} ${apply.args.join(' ')}`,
+    manifestFiles: eco.manifests,
+    dryRun: { ok: dryRunOk, command: dryRunSpec ? `${dryRunSpec.cmd} ${dryRunSpec.args.join(' ')}` : null, peerDeps, transitiveImpact, rawSummary },
+    testCommand: (() => { const t = _detectTestCommand(scanRoot); return t ? `${t.cmd} ${t.args.join(' ')}` : null; })(),
+  };
+}
+
+// Apply the upgrade. Backs up affected manifests, runs the install, runs
+// the project's test command if detected, and ROLLS BACK on failure.
+// Audit-logged via the MCP audit layer at the call site.
+export async function applyScaUpgrade({ scanRoot, finding, runTests = true }) {
+  const plan = await planScaUpgrade({ scanRoot, finding });
+  if (!plan.ok) return { applied: false, reason: plan.reason };
+  if (plan.mode === 'manual') {
+    return { applied: false, reason: plan.reason, plan };
+  }
+  const eco = ECOSYSTEM[finding.ecosystem];
+  const target = plan.targetVersion;
+
+  // Backup pass — record original contents of every relevant manifest so
+  // we can restore on test failure. node_modules / vendor dirs are NOT
+  // backed up (too big); they'll be rebuilt by re-running the install on
+  // restore.
+  const stateDir = statePath(scanRoot, 'sca-upgrade-history');
+  fs.mkdirSync(stateDir, { recursive: true });
+  const upgradeId = crypto.randomBytes(8).toString('hex');
+  const backups = {};
+  for (const mf of eco.manifests) {
+    const abs = path.join(scanRoot, mf);
+    if (!fs.existsSync(abs)) continue;
+    const content = await fsp.readFile(abs, 'utf8');
+    const backupPath = path.join(stateDir, `${upgradeId}-${mf.replace(/[\/\\]/g, '_')}.bak`);
+    await fsp.writeFile(backupPath, content);
+    backups[mf] = { abs, backupPath };
+  }
+  if (!Object.keys(backups).length) {
+    return { applied: false, reason: `no ${finding.ecosystem} manifest files found in scan root` };
+  }
+
+  // Run the install.
+  const apply = eco.apply(finding.name, target);
+  let installOutput = '';
+  try {
+    const r = await execFileAsync(apply.cmd, apply.args, {
+      cwd: scanRoot, timeout: 300_000, maxBuffer: 16 * 1024 * 1024,
+    });
+    installOutput = (r.stdout || '') + (r.stderr || '');
+  } catch (e) {
+    // Install failed; restore backups (manifests may have been touched).
+    for (const { abs, backupPath } of Object.values(backups)) {
+      try { await fsp.copyFile(backupPath, abs); } catch {}
+    }
+    return {
+      applied: false,
+      reason: `install failed: ${(e && e.message) || e}`.slice(0, 600),
+      installOutput: ((e && e.stdout) || '').slice(0, 1500),
+      restored: true,
+      upgradeId,
+    };
+  }
+
+  // Optionally run the project's test command. On failure, restore.
+  let testResult = null;
+  if (runTests) {
+    const test = _detectTestCommand(scanRoot);
+    if (test) {
+      try {
+        const r = await execFileAsync(test.cmd, test.args, {
+          cwd: scanRoot, timeout: 600_000, maxBuffer: 16 * 1024 * 1024,
+        });
+        testResult = { ok: true, command: `${test.cmd} ${test.args.join(' ')}`, output: ((r.stdout || '') + (r.stderr || '')).slice(0, 2000) };
+      } catch (e) {
+        // Tests failed — restore manifests so the working tree is clean.
+        for (const { abs, backupPath } of Object.values(backups)) {
+          try { await fsp.copyFile(backupPath, abs); } catch {}
+        }
+        return {
+          applied: false,
+          reason: `tests failed after upgrade: ${(e && e.message) || e}`.slice(0, 300),
+          testOutput: ((e && e.stdout) || '').slice(0, 2000),
+          restored: true,
+          upgradeId,
+        };
+      }
+    }
+  }
+
+  // Success path — write a log entry so the user can audit / undo.
+  const logEntry = {
+    id: upgradeId,
+    timestamp: new Date().toISOString(),
+    ecosystem: finding.ecosystem,
+    package: finding.name,
+    from: finding.version,
+    to: target,
+    backups: Object.fromEntries(Object.entries(backups).map(([k, v]) => [k, v.backupPath])),
+    testResult,
+    isBreaking: plan.isBreaking,
+    finding: { id: finding.id, osvId: finding.osvId, cveAliases: finding.cveAliases },
+  };
+  const logFp = path.join(stateDir, 'log.json');
+  let log = [];
+  try { log = JSON.parse(fs.readFileSync(logFp, 'utf8')); } catch {}
+  log.push(logEntry);
+  fs.writeFileSync(logFp, JSON.stringify(log, null, 2));
+
+  return {
+    applied: true,
+    upgradeId,
+    package: finding.name,
+    from: finding.version,
+    to: target,
+    isBreaking: plan.isBreaking,
+    testResult,
+    installOutput: installOutput.slice(0, 1500),
+  };
+}

package/src/posture/threat-model-auto.js

@@ -0,0 +1,268 @@
+// Auto-generated threat model — Recommendation #2 of the world-class+2 plan.
+//
+// Builds a STRIDE threat model from the scan's findings + IR + privacy
+// taint. Outputs Mermaid diagrams + per-asset attack trees grounded in
+// actual scanner evidence. The model is "live" — regenerated every scan
+// so it can't bit-rot.
+//
+// Pipeline:
+//   1. Identify external entities — every route, message-queue consumer,
+//      file ingest, S3 listener, etc.
+//   2. Identify trust boundaries — entity → handler boundary, internal-
+//      service → external-service boundary
+//   3. Identify assets — every PII/PHI/PCI field, every credential, every
+//      authoritative DB/cache, every secret-bearing service
+//   4. Apply STRIDE per (entity, asset) pair using template-driven rules
+//   5. Generate attack trees rooted at each high-value asset with leaves
+//      grounded in actual scanner findings
+//
+// Output:
+//   { entities, boundaries, assets, threats, attackTrees, mermaid }
+//
+// Persisted to .agentic-security/threat-model.json (machine-readable) and
+// .agentic-security/threat-model.md (human-readable).
+
+import * as fs from 'node:fs';
+import * as path from 'node:path';
+
+// STRIDE category descriptors
+const STRIDE = {
+  S: { label: 'Spoofing',         control: 'Authentication / Identity' },
+  T: { label: 'Tampering',        control: 'Integrity / Authorization' },
+  R: { label: 'Repudiation',      control: 'Audit logs / Non-repudiation' },
+  I: { label: 'Information Disclosure', control: 'Confidentiality / Encryption' },
+  D: { label: 'Denial of Service',control: 'Availability / Rate limiting' },
+  E: { label: 'Elevation of Privilege', control: 'Authorization / Least privilege' },
+};
+
+// Map CWE → STRIDE categories. Multi-mapping is allowed.
+const CWE_TO_STRIDE = {
+  'CWE-22':  ['I'],            // path-traversal
+  'CWE-78':  ['E', 'T'],       // command-injection
+  'CWE-79':  ['T'],            // xss
+  'CWE-89':  ['T', 'I'],       // sql-injection
+  'CWE-90':  ['T'],            // ldap-injection
+  'CWE-94':  ['E'],            // code-injection
+  'CWE-113': ['T'],            // header injection
+  'CWE-134': ['I'],            // format-string
+  'CWE-200': ['I'],            // information-exposure
+  'CWE-287': ['S'],            // improper authentication
+  'CWE-307': ['S'],            // brute-force
+  'CWE-327': ['I'],            // weak-crypto
+  'CWE-330': ['S'],            // weak-rng
+  'CWE-352': ['T'],            // csrf
+  'CWE-359': ['I'],            // private-info exposure
+  'CWE-415': ['D', 'E'],       // double-free
+  'CWE-416': ['D', 'E'],       // use-after-free
+  'CWE-434': ['E'],            // file upload
+  'CWE-502': ['E'],            // insecure-deserialization
+  'CWE-601': ['T'],            // open-redirect
+  'CWE-611': ['I'],            // xxe
+  'CWE-639': ['E'],            // IDOR
+  'CWE-643': ['T'],            // xpath injection
+  'CWE-798': ['I', 'S'],       // hardcoded-secret
+  'CWE-918': ['I', 'E'],       // ssrf
+  'CWE-1004':['I'],            // missing cookie hardening
+  'CWE-1321':['T', 'E'],       // prototype-pollution
+  'CWE-1333':['D'],            // ReDoS
+  'CWE-1427':['T'],            // prompt injection
+};
+
+function _stridesForFinding(f) {
+  const c = f.cwe || '';
+  if (CWE_TO_STRIDE[c]) return CWE_TO_STRIDE[c];
+  // Family-based fallback
+  if (f.family === 'sql-injection') return ['T', 'I'];
+  if (f.family === 'command-injection') return ['E', 'T'];
+  if (f.family === 'xss') return ['T'];
+  if (f.family === 'hardcoded-secret') return ['I'];
+  return ['T'];
+}
+
+/**
+ * Build the threat-model graph. `scan` is the engine's scan result
+ * structure (findings + routes + supplyChain).
+ */
+export function buildThreatModel(scan, opts = {}) {
+  const entities = [];   // external entities: routes, queue consumers, file ingest
+  const boundaries = []; // trust boundary edges
+  const assets = [];     // valuables: PII, credentials, DBs
+  const threats = [];    // (entity, asset, stride) tuples
+
+  // Step 1: external entities — routes
+  for (const r of (scan.routes || [])) {
+    entities.push({
+      kind: 'http-route',
+      id: `route:${r.method || 'ANY'}:${r.path || r.file + ':' + r.line}`,
+      method: r.method || 'ANY',
+      path: r.path || null,
+      file: r.file, line: r.line,
+      requiresAuth: !!r.requiresAuth,
+    });
+  }
+  // External entities — message queues / consumers / file ingest (best-effort
+  // heuristic from findings).
+  for (const f of (scan.findings || [])) {
+    if (/kafka|sqs|sns|rabbit|pubsub|kinesis/i.test(f.snippet || '')) {
+      entities.push({ kind: 'queue-consumer', id: `queue:${f.file}:${f.line}`, file: f.file, line: f.line });
+    }
+  }
+
+  // Step 2: assets — PII / credentials / DBs
+  for (const f of (scan.findings || [])) {
+    if (f.family === 'hardcoded-secret') {
+      assets.push({ kind: 'credential', id: `cred:${f.file}:${f.line}`, file: f.file, line: f.line, name: (f.vuln||'').slice(0, 80) });
+    }
+    if (f.family === 'pii-exposure') {
+      assets.push({ kind: 'pii', id: `pii:${f.file}:${f.line}`, file: f.file, line: f.line, classes: f.piiClass || [] });
+    }
+  }
+  // DB-shaped assets: routes that touch SQL.
+  const dbAsset = { kind: 'datastore', id: 'datastore:default', name: 'Application Database' };
+  let hasDbFinding = false;
+  for (const f of (scan.findings || [])) {
+    if (f.family === 'sql-injection' || /SqlCommand|prepareStatement|EntityManager/i.test(f.snippet || '')) {
+      hasDbFinding = true; break;
+    }
+  }
+  if (hasDbFinding) assets.push(dbAsset);
+
+  // Step 3: trust boundaries
+  for (const e of entities) {
+    boundaries.push({ from: 'external', to: e.id, kind: 'trust-boundary', requiresAuth: e.requiresAuth });
+  }
+  for (const a of assets) {
+    boundaries.push({ from: 'application', to: a.id, kind: 'asset-boundary' });
+  }
+
+  // Step 4: STRIDE per finding (each finding implies one or more threats)
+  for (const f of (scan.findings || [])) {
+    const sts = _stridesForFinding(f);
+    for (const st of sts) {
+      threats.push({
+        stride: st,
+        strideLabel: STRIDE[st]?.label || st,
+        cwe: f.cwe || null,
+        family: f.family,
+        severity: f.severity,
+        file: f.file, line: f.line,
+        vuln: f.vuln,
+        finding_id: f.id,
+        affectsAsset: assets.find(a =>
+          (a.kind === 'credential' && f.family === 'hardcoded-secret') ||
+          (a.kind === 'pii' && f.family === 'pii-exposure') ||
+          (a.kind === 'datastore' && (f.family === 'sql-injection' || f.family === 'insecure-deserialization'))
+        )?.id || null,
+        atEntity: entities.find(e => e.file === f.file && Math.abs((e.line||0) - (f.line||0)) <= 50)?.id || null,
+      });
+    }
+  }
+
+  // Step 5: attack trees — per high-value asset
+  const attackTrees = assets.map(a => {
+    const leaves = threats
+      .filter(t => t.affectsAsset === a.id)
+      .map(t => ({
+        label: `${t.strideLabel} via ${t.family} (${t.cwe || '—'})`,
+        severity: t.severity,
+        file: t.file, line: t.line,
+        finding_id: t.finding_id,
+      }));
+    return {
+      root: `Compromise ${a.kind}: ${a.name || a.id}`,
+      asset_id: a.id,
+      leaves,
+      severity: leaves.some(l => l.severity === 'critical') ? 'critical'
+              : leaves.some(l => l.severity === 'high')     ? 'high' : 'medium',
+    };
+  });
+
+  return { entities, boundaries, assets, threats, attackTrees };
+}
+
+/**
+ * Render the model as a Mermaid flowchart for visual review.
+ */
+export function renderMermaid(model) {
+  const lines = ['flowchart TB'];
+  lines.push('  subgraph External');
+  for (const e of model.entities.slice(0, 30)) {
+    lines.push(`    ${_mid(e.id)}["${e.kind}: ${e.method || ''} ${e.path || (e.file||'') + ':' + (e.line||'')}"]`);
+  }
+  lines.push('  end');
+  lines.push('  subgraph Application');
+  for (const a of model.assets.slice(0, 30)) {
+    lines.push(`    ${_mid(a.id)}{{"${a.kind}: ${a.name || a.id}"}}`);
+  }
+  lines.push('  end');
+  for (const b of model.boundaries.slice(0, 100)) {
+    if (b.kind === 'trust-boundary') {
+      lines.push(`  External --> ${_mid(b.to)}`);
+    } else if (b.kind === 'asset-boundary') {
+      lines.push(`  ${_mid(b.from)} -.-> ${_mid(b.to)}`);
+    }
+  }
+  return lines.join('\n');
+}
+
+function _mid(id) { return String(id).replace(/[^A-Za-z0-9]/g, '_').slice(0, 60); }
+
+/**
+ * Persist threat model to disk: JSON for tooling, Markdown for review.
+ */
+export function persistThreatModel(scanRoot, model) {
+  const dir = path.join(scanRoot, '.agentic-security');
+  try { fs.mkdirSync(dir, { recursive: true }); } catch {}
+  try { fs.writeFileSync(path.join(dir, 'threat-model.json'), JSON.stringify(model, null, 2)); } catch {}
+  try { fs.writeFileSync(path.join(dir, 'threat-model.md'), renderMarkdown(model)); } catch {}
+}
+
+function renderMarkdown(model) {
+  const lines = [];
+  lines.push('# Threat Model (auto-generated)');
+  lines.push('');
+  lines.push(`Generated by agentic-security on ${new Date().toISOString().slice(0,10)}.`);
+  lines.push('');
+  lines.push('This threat model is derived from static analysis of the current codebase and is regenerated on every scan. It is intended as a working artifact, not a finished compliance document.');
+  lines.push('');
+  lines.push('## Entities + boundaries');
+  lines.push('');
+  lines.push('```mermaid');
+  lines.push(renderMermaid(model));
+  lines.push('```');
+  lines.push('');
+  lines.push('## Assets');
+  lines.push('');
+  for (const a of model.assets.slice(0, 100)) {
+    lines.push(`- **${a.kind}**: ${a.name || a.id} — at \`${a.file || '(global)'}${a.line ? ':'+a.line : ''}\``);
+  }
+  lines.push('');
+  lines.push('## STRIDE threats');
+  lines.push('');
+  const byStride = {};
+  for (const t of model.threats) (byStride[t.stride] ||= []).push(t);
+  for (const [st, threats] of Object.entries(byStride)) {
+    lines.push(`### ${STRIDE[st]?.label || st} (${threats.length})`);
+    lines.push('');
+    for (const t of threats.slice(0, 25)) {
+      lines.push(`- [${t.severity}] **${t.family}** (${t.cwe || '—'}) at \`${t.file}:${t.line}\` — ${t.vuln}`);
+    }
+    if (threats.length > 25) lines.push(`- … and ${threats.length - 25} more`);
+    lines.push('');
+  }
+  lines.push('## Attack trees');
+  lines.push('');
+  for (const tree of model.attackTrees) {
+    lines.push(`### ${tree.root}`);
+    lines.push(`Severity rollup: **${tree.severity}**`);
+    lines.push('');
+    for (const leaf of tree.leaves.slice(0, 20)) {
+      lines.push(`- [${leaf.severity}] ${leaf.label} — \`${leaf.file}:${leaf.line}\``);
+    }
+    if (tree.leaves.length > 20) lines.push(`- … and ${tree.leaves.length - 20} more leaves`);
+    lines.push('');
+  }
+  return lines.join('\n');
+}
+
+export const _internals = { STRIDE, CWE_TO_STRIDE };