@dxworks/insider 2.9.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (385) hide show
  1. package/.github/workflows/build.yml +19 -0
  2. package/.github/workflows/release-docs.yml +15 -0
  3. package/.github/workflows/release-voyager.yml +57 -0
  4. package/.github/workflows/release.yml +102 -0
  5. package/Dockerfile +8 -0
  6. package/README.md +89 -0
  7. package/TODO.txt +7 -0
  8. package/bin/insider.bat +1 -0
  9. package/bin/insider.sh +1 -0
  10. package/build.gradle +55 -0
  11. package/config/.ignore +4 -0
  12. package/config/comments.json +71 -0
  13. package/config/fingerprints/_anomalies-full.json +116 -0
  14. package/config/fingerprints/_extLibs.json +2555 -0
  15. package/config/fingerprints/code_smells.json +94 -0
  16. package/config/fingerprints/generated_code.json +17 -0
  17. package/config/fingerprints/libraries.json +4667 -0
  18. package/config/ignoredImports.txt +0 -0
  19. package/config/insider-conf.properties +3 -0
  20. package/config/rules/cloud_services/ad_networks.json +50 -0
  21. package/config/rules/cloud_services/bigdata.json +21 -0
  22. package/config/rules/cloud_services/cloud_hosting.json +398 -0
  23. package/config/rules/cloud_services/data_storage.json +291 -0
  24. package/config/rules/cloud_services/ecommerce.json +45 -0
  25. package/config/rules/cloud_services/socialmedia.json +82 -0
  26. package/config/rules/cloud_services/web_analytics.json +108 -0
  27. package/config/rules/components/active_content.json +157 -0
  28. package/config/rules/components/load_dll.json +66 -0
  29. package/config/rules/cryptography/algorithm_implementation.json +62 -0
  30. package/config/rules/cryptography/certificate.json +199 -0
  31. package/config/rules/cryptography/ciphers.json +174 -0
  32. package/config/rules/cryptography/crypto_currency.json +32 -0
  33. package/config/rules/cryptography/encoding.json +20 -0
  34. package/config/rules/cryptography/extended.json +220 -0
  35. package/config/rules/cryptography/external_libraries.json +141 -0
  36. package/config/rules/cryptography/hash_algorithm.json +98 -0
  37. package/config/rules/cryptography/key_derivation.json +65 -0
  38. package/config/rules/cryptography/protocol.json +156 -0
  39. package/config/rules/cryptography/random.json +97 -0
  40. package/config/rules/cryptography/weakssl.json +206 -0
  41. package/config/rules/data_handling/compressed_files.json +18 -0
  42. package/config/rules/data_handling/database.json +361 -0
  43. package/config/rules/data_handling/deserialization.json +296 -0
  44. package/config/rules/data_handling/json_parsing.json +49 -0
  45. package/config/rules/data_handling/media_parsing.json +33 -0
  46. package/config/rules/data_handling/pastebin.json +18 -0
  47. package/config/rules/data_handling/xml_parsing.json +168 -0
  48. package/config/rules/data_types/financial.json +106 -0
  49. package/config/rules/data_types/media.json +48 -0
  50. package/config/rules/data_types/secrets.json +91 -0
  51. package/config/rules/data_types/sensitive.json +176 -0
  52. package/config/rules/device_permissions/IOSPermissions.json +240 -0
  53. package/config/rules/device_permissions/UWP.json +221 -0
  54. package/config/rules/device_permissions/android_intents.json +599 -0
  55. package/config/rules/frameworks/PHP.json +172 -0
  56. package/config/rules/frameworks/build.json +189 -0
  57. package/config/rules/frameworks/c.json +45 -0
  58. package/config/rules/frameworks/csharp-nonMS.json +19 -0
  59. package/config/rules/frameworks/java.json +291 -0
  60. package/config/rules/frameworks/javascript.json +318 -0
  61. package/config/rules/frameworks/logging.json +103 -0
  62. package/config/rules/frameworks/microsoft.json +257 -0
  63. package/config/rules/frameworks/python.json +274 -0
  64. package/config/rules/frameworks/ruby.json +53 -0
  65. package/config/rules/frameworks/rust.json +77 -0
  66. package/config/rules/general/OSS_license.json +146 -0
  67. package/config/rules/general/code_metrics.json +132 -0
  68. package/config/rules/general/dependencies.json +199 -0
  69. package/config/rules/general/hygiene.json +47 -0
  70. package/config/rules/general/platforms.json +283 -0
  71. package/config/rules/general/solutioninfo.json +378 -0
  72. package/config/rules/infrastructure/hashicorp_packers_tmpl.json +18 -0
  73. package/config/rules/infrastructure/hashicorp_terraform_tmpl.json +19 -0
  74. package/config/rules/infrastructure/microsoft_arm_tmpl.json +198 -0
  75. package/config/rules/networkcomms/outbound_network.json +429 -0
  76. package/config/rules/os/acl.json +250 -0
  77. package/config/rules/os/dynamic_execution.json +359 -0
  78. package/config/rules/os/file_io.json +468 -0
  79. package/config/rules/os/process.json +179 -0
  80. package/config/rules/os/setenv.json +270 -0
  81. package/config/rules/os/system_registry.json +237 -0
  82. package/config/rules/os/user_accts.json +34 -0
  83. package/config/rules/security_feature/authentication.json +387 -0
  84. package/config/rules/security_feature/authorization.json +148 -0
  85. package/config/rules/test_frameworks/cpp_testing.json +194 -0
  86. package/config/rules/test_frameworks/go_testing.json +18 -0
  87. package/config/rules/test_frameworks/java_testing.json +720 -0
  88. package/config/rules/test_frameworks/javascript_testing.json +724 -0
  89. package/config/rules/test_frameworks/objectiveC_testing.json +146 -0
  90. package/config/rules/test_frameworks/php_testing.json +156 -0
  91. package/config/rules/test_frameworks/powershell_testing.json +17 -0
  92. package/config/rules/test_frameworks/python_testing.json +108 -0
  93. package/config/rules/test_frameworks/ruby_testing.json +114 -0
  94. package/config/rules/tools/pipeline.json +195 -0
  95. package/config/rules/webapp/comms.json +89 -0
  96. package/config/rules/webapp/headers.json +178 -0
  97. package/config/rules/webapp/media.json +56 -0
  98. package/config/rules/webapp/sessions.json +228 -0
  99. package/config/rules/webapp/storage.json +215 -0
  100. package/dist/config/.ignore +4 -0
  101. package/dist/config/comments.json +71 -0
  102. package/dist/config/fingerprints/_anomalies-full.json +116 -0
  103. package/dist/config/fingerprints/_extLibs.json +2555 -0
  104. package/dist/config/fingerprints/code_smells.json +94 -0
  105. package/dist/config/fingerprints/generated_code.json +17 -0
  106. package/dist/config/fingerprints/libraries.json +4667 -0
  107. package/dist/config/ignoredImports.txt +0 -0
  108. package/dist/config/insider-conf.properties +3 -0
  109. package/dist/config/rules/cloud_services/ad_networks.json +50 -0
  110. package/dist/config/rules/cloud_services/bigdata.json +21 -0
  111. package/dist/config/rules/cloud_services/cloud_hosting.json +398 -0
  112. package/dist/config/rules/cloud_services/data_storage.json +291 -0
  113. package/dist/config/rules/cloud_services/ecommerce.json +45 -0
  114. package/dist/config/rules/cloud_services/socialmedia.json +82 -0
  115. package/dist/config/rules/cloud_services/web_analytics.json +108 -0
  116. package/dist/config/rules/components/active_content.json +157 -0
  117. package/dist/config/rules/components/load_dll.json +66 -0
  118. package/dist/config/rules/cryptography/algorithm_implementation.json +62 -0
  119. package/dist/config/rules/cryptography/certificate.json +199 -0
  120. package/dist/config/rules/cryptography/ciphers.json +174 -0
  121. package/dist/config/rules/cryptography/crypto_currency.json +32 -0
  122. package/dist/config/rules/cryptography/encoding.json +20 -0
  123. package/dist/config/rules/cryptography/extended.json +220 -0
  124. package/dist/config/rules/cryptography/external_libraries.json +141 -0
  125. package/dist/config/rules/cryptography/hash_algorithm.json +98 -0
  126. package/dist/config/rules/cryptography/key_derivation.json +65 -0
  127. package/dist/config/rules/cryptography/protocol.json +156 -0
  128. package/dist/config/rules/cryptography/random.json +97 -0
  129. package/dist/config/rules/cryptography/weakssl.json +206 -0
  130. package/dist/config/rules/data_handling/compressed_files.json +18 -0
  131. package/dist/config/rules/data_handling/database.json +361 -0
  132. package/dist/config/rules/data_handling/deserialization.json +296 -0
  133. package/dist/config/rules/data_handling/json_parsing.json +49 -0
  134. package/dist/config/rules/data_handling/media_parsing.json +33 -0
  135. package/dist/config/rules/data_handling/pastebin.json +18 -0
  136. package/dist/config/rules/data_handling/xml_parsing.json +168 -0
  137. package/dist/config/rules/data_types/financial.json +106 -0
  138. package/dist/config/rules/data_types/media.json +48 -0
  139. package/dist/config/rules/data_types/secrets.json +91 -0
  140. package/dist/config/rules/data_types/sensitive.json +176 -0
  141. package/dist/config/rules/device_permissions/IOSPermissions.json +240 -0
  142. package/dist/config/rules/device_permissions/UWP.json +221 -0
  143. package/dist/config/rules/device_permissions/android_intents.json +599 -0
  144. package/dist/config/rules/frameworks/PHP.json +172 -0
  145. package/dist/config/rules/frameworks/build.json +189 -0
  146. package/dist/config/rules/frameworks/c.json +45 -0
  147. package/dist/config/rules/frameworks/csharp-nonMS.json +19 -0
  148. package/dist/config/rules/frameworks/java.json +291 -0
  149. package/dist/config/rules/frameworks/javascript.json +318 -0
  150. package/dist/config/rules/frameworks/logging.json +103 -0
  151. package/dist/config/rules/frameworks/microsoft.json +257 -0
  152. package/dist/config/rules/frameworks/python.json +274 -0
  153. package/dist/config/rules/frameworks/ruby.json +53 -0
  154. package/dist/config/rules/frameworks/rust.json +77 -0
  155. package/dist/config/rules/general/OSS_license.json +146 -0
  156. package/dist/config/rules/general/code_metrics.json +132 -0
  157. package/dist/config/rules/general/dependencies.json +199 -0
  158. package/dist/config/rules/general/hygiene.json +47 -0
  159. package/dist/config/rules/general/platforms.json +283 -0
  160. package/dist/config/rules/general/solutioninfo.json +378 -0
  161. package/dist/config/rules/infrastructure/hashicorp_packers_tmpl.json +18 -0
  162. package/dist/config/rules/infrastructure/hashicorp_terraform_tmpl.json +19 -0
  163. package/dist/config/rules/infrastructure/microsoft_arm_tmpl.json +198 -0
  164. package/dist/config/rules/networkcomms/outbound_network.json +429 -0
  165. package/dist/config/rules/os/acl.json +250 -0
  166. package/dist/config/rules/os/dynamic_execution.json +359 -0
  167. package/dist/config/rules/os/file_io.json +468 -0
  168. package/dist/config/rules/os/process.json +179 -0
  169. package/dist/config/rules/os/setenv.json +270 -0
  170. package/dist/config/rules/os/system_registry.json +237 -0
  171. package/dist/config/rules/os/user_accts.json +34 -0
  172. package/dist/config/rules/security_feature/authentication.json +387 -0
  173. package/dist/config/rules/security_feature/authorization.json +148 -0
  174. package/dist/config/rules/test_frameworks/cpp_testing.json +194 -0
  175. package/dist/config/rules/test_frameworks/go_testing.json +18 -0
  176. package/dist/config/rules/test_frameworks/java_testing.json +720 -0
  177. package/dist/config/rules/test_frameworks/javascript_testing.json +724 -0
  178. package/dist/config/rules/test_frameworks/objectiveC_testing.json +146 -0
  179. package/dist/config/rules/test_frameworks/php_testing.json +156 -0
  180. package/dist/config/rules/test_frameworks/powershell_testing.json +17 -0
  181. package/dist/config/rules/test_frameworks/python_testing.json +108 -0
  182. package/dist/config/rules/test_frameworks/ruby_testing.json +114 -0
  183. package/dist/config/rules/tools/pipeline.json +195 -0
  184. package/dist/config/rules/webapp/comms.json +89 -0
  185. package/dist/config/rules/webapp/headers.json +178 -0
  186. package/dist/config/rules/webapp/media.json +56 -0
  187. package/dist/config/rules/webapp/sessions.json +228 -0
  188. package/dist/config/rules/webapp/storage.json +215 -0
  189. package/dist/index.js +13 -0
  190. package/dist/insider.jar +0 -0
  191. package/dist/insider.js +7 -0
  192. package/dist/lib.js +21 -0
  193. package/docs/config/config.md +3 -0
  194. package/docs/config/ignore.md +3 -0
  195. package/docs/config/languages.md +3 -0
  196. package/docs/index.md +58 -0
  197. package/dxworks-site.json +13 -0
  198. package/gradle.properties +0 -0
  199. package/gradlew +240 -0
  200. package/gradlew.bat +91 -0
  201. package/insider/README.md +89 -0
  202. package/insider/config/.ignore +4 -0
  203. package/insider/config/comments.json +71 -0
  204. package/insider/config/fingerprints/_anomalies-full.json +116 -0
  205. package/insider/config/fingerprints/_extLibs.json +2555 -0
  206. package/insider/config/fingerprints/code_smells.json +94 -0
  207. package/insider/config/fingerprints/generated_code.json +17 -0
  208. package/insider/config/fingerprints/libraries.json +4667 -0
  209. package/insider/config/ignoredImports.txt +0 -0
  210. package/insider/config/insider-conf.properties +3 -0
  211. package/insider/config/rules/cloud_services/ad_networks.json +50 -0
  212. package/insider/config/rules/cloud_services/bigdata.json +21 -0
  213. package/insider/config/rules/cloud_services/cloud_hosting.json +398 -0
  214. package/insider/config/rules/cloud_services/data_storage.json +291 -0
  215. package/insider/config/rules/cloud_services/ecommerce.json +45 -0
  216. package/insider/config/rules/cloud_services/socialmedia.json +82 -0
  217. package/insider/config/rules/cloud_services/web_analytics.json +108 -0
  218. package/insider/config/rules/components/active_content.json +157 -0
  219. package/insider/config/rules/components/load_dll.json +66 -0
  220. package/insider/config/rules/cryptography/algorithm_implementation.json +62 -0
  221. package/insider/config/rules/cryptography/certificate.json +199 -0
  222. package/insider/config/rules/cryptography/ciphers.json +174 -0
  223. package/insider/config/rules/cryptography/crypto_currency.json +32 -0
  224. package/insider/config/rules/cryptography/encoding.json +20 -0
  225. package/insider/config/rules/cryptography/extended.json +220 -0
  226. package/insider/config/rules/cryptography/external_libraries.json +141 -0
  227. package/insider/config/rules/cryptography/hash_algorithm.json +98 -0
  228. package/insider/config/rules/cryptography/key_derivation.json +65 -0
  229. package/insider/config/rules/cryptography/protocol.json +156 -0
  230. package/insider/config/rules/cryptography/random.json +97 -0
  231. package/insider/config/rules/cryptography/weakssl.json +206 -0
  232. package/insider/config/rules/data_handling/compressed_files.json +18 -0
  233. package/insider/config/rules/data_handling/database.json +361 -0
  234. package/insider/config/rules/data_handling/deserialization.json +296 -0
  235. package/insider/config/rules/data_handling/json_parsing.json +49 -0
  236. package/insider/config/rules/data_handling/media_parsing.json +33 -0
  237. package/insider/config/rules/data_handling/pastebin.json +18 -0
  238. package/insider/config/rules/data_handling/xml_parsing.json +168 -0
  239. package/insider/config/rules/data_types/financial.json +106 -0
  240. package/insider/config/rules/data_types/media.json +48 -0
  241. package/insider/config/rules/data_types/secrets.json +91 -0
  242. package/insider/config/rules/data_types/sensitive.json +176 -0
  243. package/insider/config/rules/device_permissions/IOSPermissions.json +240 -0
  244. package/insider/config/rules/device_permissions/UWP.json +221 -0
  245. package/insider/config/rules/device_permissions/android_intents.json +599 -0
  246. package/insider/config/rules/frameworks/PHP.json +172 -0
  247. package/insider/config/rules/frameworks/build.json +189 -0
  248. package/insider/config/rules/frameworks/c.json +45 -0
  249. package/insider/config/rules/frameworks/csharp-nonMS.json +19 -0
  250. package/insider/config/rules/frameworks/java.json +291 -0
  251. package/insider/config/rules/frameworks/javascript.json +318 -0
  252. package/insider/config/rules/frameworks/logging.json +103 -0
  253. package/insider/config/rules/frameworks/microsoft.json +257 -0
  254. package/insider/config/rules/frameworks/python.json +274 -0
  255. package/insider/config/rules/frameworks/ruby.json +53 -0
  256. package/insider/config/rules/frameworks/rust.json +77 -0
  257. package/insider/config/rules/general/OSS_license.json +146 -0
  258. package/insider/config/rules/general/code_metrics.json +132 -0
  259. package/insider/config/rules/general/dependencies.json +199 -0
  260. package/insider/config/rules/general/hygiene.json +47 -0
  261. package/insider/config/rules/general/platforms.json +283 -0
  262. package/insider/config/rules/general/solutioninfo.json +378 -0
  263. package/insider/config/rules/infrastructure/hashicorp_packers_tmpl.json +18 -0
  264. package/insider/config/rules/infrastructure/hashicorp_terraform_tmpl.json +19 -0
  265. package/insider/config/rules/infrastructure/microsoft_arm_tmpl.json +198 -0
  266. package/insider/config/rules/networkcomms/outbound_network.json +429 -0
  267. package/insider/config/rules/os/acl.json +250 -0
  268. package/insider/config/rules/os/dynamic_execution.json +359 -0
  269. package/insider/config/rules/os/file_io.json +468 -0
  270. package/insider/config/rules/os/process.json +179 -0
  271. package/insider/config/rules/os/setenv.json +270 -0
  272. package/insider/config/rules/os/system_registry.json +237 -0
  273. package/insider/config/rules/os/user_accts.json +34 -0
  274. package/insider/config/rules/security_feature/authentication.json +387 -0
  275. package/insider/config/rules/security_feature/authorization.json +148 -0
  276. package/insider/config/rules/test_frameworks/cpp_testing.json +194 -0
  277. package/insider/config/rules/test_frameworks/go_testing.json +18 -0
  278. package/insider/config/rules/test_frameworks/java_testing.json +720 -0
  279. package/insider/config/rules/test_frameworks/javascript_testing.json +724 -0
  280. package/insider/config/rules/test_frameworks/objectiveC_testing.json +146 -0
  281. package/insider/config/rules/test_frameworks/php_testing.json +156 -0
  282. package/insider/config/rules/test_frameworks/powershell_testing.json +17 -0
  283. package/insider/config/rules/test_frameworks/python_testing.json +108 -0
  284. package/insider/config/rules/test_frameworks/ruby_testing.json +114 -0
  285. package/insider/config/rules/tools/pipeline.json +195 -0
  286. package/insider/config/rules/webapp/comms.json +89 -0
  287. package/insider/config/rules/webapp/headers.json +178 -0
  288. package/insider/config/rules/webapp/media.json +56 -0
  289. package/insider/config/rules/webapp/sessions.json +228 -0
  290. package/insider/config/rules/webapp/storage.json +215 -0
  291. package/insider/insider.bat +1 -0
  292. package/insider/insider.jar +0 -0
  293. package/insider/insider.sh +1 -0
  294. package/insider/languages.yml +3988 -0
  295. package/instrument.yml +37 -0
  296. package/languages.yml +3988 -0
  297. package/lib/index.js +13 -0
  298. package/lib/insider.js +7 -0
  299. package/lib/lib.js +21 -0
  300. package/lombok.config +2 -0
  301. package/mkdocs.yml +18 -0
  302. package/package.json +51 -0
  303. package/releaseNotes/v2.6.0.md +1 -0
  304. package/releaseNotes/v2.7.1.md +1 -0
  305. package/settings.gradle +2 -0
  306. package/src/main/java/org/dxworks/insider/ChronosTag.java +14 -0
  307. package/src/main/java/org/dxworks/insider/Insider.java +214 -0
  308. package/src/main/java/org/dxworks/insider/InsiderAnalysis.java +7 -0
  309. package/src/main/java/org/dxworks/insider/InsiderFile.java +125 -0
  310. package/src/main/java/org/dxworks/insider/InsiderOptions.java +78 -0
  311. package/src/main/java/org/dxworks/insider/InsiderResult.java +15 -0
  312. package/src/main/java/org/dxworks/insider/application/inspector/CodeRuleExtractor.java +14 -0
  313. package/src/main/java/org/dxworks/insider/application/inspector/CommentRuleExtractor.java +14 -0
  314. package/src/main/java/org/dxworks/insider/application/inspector/FileRuleExtractor.java +14 -0
  315. package/src/main/java/org/dxworks/insider/application/inspector/RuleExtractor.java +11 -0
  316. package/src/main/java/org/dxworks/insider/application/inspector/dtos/Comment.java +18 -0
  317. package/src/main/java/org/dxworks/insider/application/inspector/dtos/CommentPattern.java +44 -0
  318. package/src/main/java/org/dxworks/insider/application/inspector/dtos/Condition.java +15 -0
  319. package/src/main/java/org/dxworks/insider/application/inspector/dtos/InsiderPattern.java +149 -0
  320. package/src/main/java/org/dxworks/insider/application/inspector/dtos/PatternMatch.java +23 -0
  321. package/src/main/java/org/dxworks/insider/application/inspector/dtos/Rule.java +61 -0
  322. package/src/main/java/org/dxworks/insider/application/inspector/services/CommentService.java +165 -0
  323. package/src/main/java/org/dxworks/insider/application/inspector/services/RuleService.java +54 -0
  324. package/src/main/java/org/dxworks/insider/commands/AddCommand.java +125 -0
  325. package/src/main/java/org/dxworks/insider/commands/AllFilesCommand.java +4 -0
  326. package/src/main/java/org/dxworks/insider/commands/ConvertCommand.java +55 -0
  327. package/src/main/java/org/dxworks/insider/commands/DetectCommand.java +42 -0
  328. package/src/main/java/org/dxworks/insider/commands/DiagnoseCommand.java +74 -0
  329. package/src/main/java/org/dxworks/insider/commands/ExtractCommand.java +35 -0
  330. package/src/main/java/org/dxworks/insider/commands/FindCommand.java +102 -0
  331. package/src/main/java/org/dxworks/insider/commands/HelpCommand.java +56 -0
  332. package/src/main/java/org/dxworks/insider/commands/IndentationCount.java +69 -0
  333. package/src/main/java/org/dxworks/insider/commands/InsiderCommand.java +71 -0
  334. package/src/main/java/org/dxworks/insider/commands/InspectCommand.java +98 -0
  335. package/src/main/java/org/dxworks/insider/commands/MeasureCommand.java +47 -0
  336. package/src/main/java/org/dxworks/insider/commands/NoFilesCommand.java +4 -0
  337. package/src/main/java/org/dxworks/insider/commands/VersionCommand.java +34 -0
  338. package/src/main/java/org/dxworks/insider/configuration/InsiderConfiguration.java +123 -0
  339. package/src/main/java/org/dxworks/insider/constants/InsiderConstants.java +19 -0
  340. package/src/main/java/org/dxworks/insider/depext/AbstractImportsProcessor.java +57 -0
  341. package/src/main/java/org/dxworks/insider/depext/CPPImportsProcessor.java +55 -0
  342. package/src/main/java/org/dxworks/insider/depext/CSharpImportsProcessor.java +53 -0
  343. package/src/main/java/org/dxworks/insider/depext/DependencyExtractor.java +105 -0
  344. package/src/main/java/org/dxworks/insider/depext/ImportItem.java +19 -0
  345. package/src/main/java/org/dxworks/insider/depext/ImportResult.java +32 -0
  346. package/src/main/java/org/dxworks/insider/depext/JavastackImportsProcessor.java +88 -0
  347. package/src/main/java/org/dxworks/insider/depext/VBImportsProcessor.java +41 -0
  348. package/src/main/java/org/dxworks/insider/exceptions/InsiderException.java +7 -0
  349. package/src/main/java/org/dxworks/insider/library/detector/C_ImportsContainer.java +73 -0
  350. package/src/main/java/org/dxworks/insider/library/detector/ImportsContainer.java +122 -0
  351. package/src/main/java/org/dxworks/insider/library/detector/JavaImportsContainer.java +63 -0
  352. package/src/main/java/org/dxworks/insider/library/detector/LibraryDetector.java +150 -0
  353. package/src/main/java/org/dxworks/insider/library/detector/LibraryDetectorLanguage.java +6 -0
  354. package/src/main/java/org/dxworks/insider/library/detector/model/PackagingUnit.java +26 -0
  355. package/src/main/java/org/dxworks/insider/technology/finder/LinguistService.java +79 -0
  356. package/src/main/java/org/dxworks/insider/technology/finder/converters/XmlToJsonConverter.java +41 -0
  357. package/src/main/java/org/dxworks/insider/technology/finder/exceptions/FingerprintParseException.java +7 -0
  358. package/src/main/java/org/dxworks/insider/technology/finder/model/Technology.java +73 -0
  359. package/src/main/java/org/dxworks/insider/technology/finder/model/json/JsonConfigurationDTO.java +14 -0
  360. package/src/main/java/org/dxworks/insider/technology/finder/model/json/TechnologyJsonDTO.java +66 -0
  361. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/CategoryXmlDTO.java +21 -0
  362. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/ConfigurationDataXmlDTO.java +17 -0
  363. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/FingerprintXmlDTO.java +17 -0
  364. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/LanguageXmlDTO.java +20 -0
  365. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/LanguagesXmlDTO.java +18 -0
  366. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/TechnologyXmlDTO.java +19 -0
  367. package/src/main/java/org/dxworks/insider/technology/finder/model/xml/old/XmlConfigurationDTO.java +17 -0
  368. package/src/main/java/org/dxworks/insider/technology/finder/parsers/FingerprintsParser.java +14 -0
  369. package/src/main/java/org/dxworks/insider/technology/finder/parsers/FingerprintsXmlParser.java +57 -0
  370. package/src/main/java/org/dxworks/insider/technology/finder/parsers/JavaLibrariesCsvParser.java +71 -0
  371. package/src/main/java/org/dxworks/insider/technology/finder/parsers/JsonFingerprintParser.java +58 -0
  372. package/src/main/java/org/dxworks/insider/utils/FileUtils.java +45 -0
  373. package/src/main/java/org/dxworks/insider/utils/ImportUtils.java +21 -0
  374. package/src/main/java/org/dxworks/insider/utils/LibraryImport.java +17 -0
  375. package/src/main/java/org/dxworks/insider/utils/LibraryImportInOtherTechnology.java +30 -0
  376. package/src/main/java/org/dxworks/insider/utils/MapUtils.java +19 -0
  377. package/src/main/resources/insider-version +1 -0
  378. package/src/test/java/org/dxworks/insider/application/inspector/services/CommentServiceTest.java +40 -0
  379. package/src/test/java/org/dxworks/insider/technology/finder/parsers/FingerprintsXmlParserTest.java +15 -0
  380. package/src/test/java/org/dxworks/insider/utils/FileUtilsTest.java +31 -0
  381. package/src/test/java/org/dxworks/insider/utils/ImportUtilsTest.java +24 -0
  382. package/src/test/java/org/dxworks/insider/utils/transformers/JsonToCsvTransformerTest.java +18 -0
  383. package/src/test/resources/Test1.java +21 -0
  384. package/src/test/resources/Test2.java +21 -0
  385. package/src/test/resources/cobol/CM201M.CBL +88 -0
@@ -0,0 +1,48 @@
1
+ [
2
+ {
3
+ "name": "Data: Audio File",
4
+ "id": "AI015600",
5
+ "description": "Data: Audio File",
6
+ "tags":[ "Data.Media.Audio" ],
7
+ "severity": "moderate",
8
+ "patterns": [
9
+ {
10
+ "pattern": "\\.(wma|wmv|asf|vp9|cr2|wav|mpeg|gsm|ogg|au|aiff|vox|aac|msv|dvf|flac|aifc|amz|atrac|m4a|m4p)\b",
11
+ "type": "regex",
12
+ "scopes": [ "code", "comment" ],
13
+ "modifiers": [ "i" ],
14
+ "confidence": "high"
15
+ },
16
+ {
17
+ "pattern": "\\.(mp2|mp3|mp4|mpa|ra|rax|raw|smf|snd|sng|swa|hma|aac|ac3|eac3|Vorbis|pcm)\b",
18
+ "type": "regex",
19
+ "scopes": [ "code", "comment" ],
20
+ "modifiers": [ "i" ],
21
+ "confidence": "high"
22
+ }
23
+ ]
24
+ },
25
+ {
26
+ "name": "Data: Video File",
27
+ "id": "AI015700",
28
+ "description": "Data: Video File",
29
+ "tags":[ "Data.Media.Video" ],
30
+ "severity": "moderate",
31
+ "patterns": [
32
+ {
33
+ "pattern": "\\.(avi|flv|mov|wmv|mp4|vob|hdv|ogg|oga|ogv|ogx)\b",
34
+ "type": "regex",
35
+ "scopes": [ "code", "comment" ],
36
+ "modifiers": [ "i" ],
37
+ "confidence": "high"
38
+ },
39
+ {
40
+ "pattern": "\\.(mp4|m4v|f4v|f4a|m4b|m4r|f4b|mxf|op1a|op-atom)\b",
41
+ "type": "regex",
42
+ "scopes": [ "code", "comment" ],
43
+ "modifiers": [ "i" ],
44
+ "confidence": "high"
45
+ }
46
+ ]
47
+ }
48
+ ]
@@ -0,0 +1,91 @@
1
+ [
2
+ {
3
+ "name": "Data: Access Credentials",
4
+ "id": "AI015800",
5
+ "description": "Data: Access Credentials",
6
+ "tags":[ "Data.Sensitive.Credentials" ],
7
+ "severity": "critical",
8
+ "patterns": [
9
+ {
10
+ "pattern": "username|userid|passphrase|secret|credential|credentials",
11
+ "type": "regexword",
12
+ "scopes": [ "code" ],
13
+ "confidence": "high",
14
+ "modifiers": [ "i" ]
15
+ },
16
+ {
17
+ "pattern": "\\.htpasswd|secret_key|private_key|authorized_keys|npmrc|\\.ssh",
18
+ "type": "regexword",
19
+ "scopes": [ "code" ],
20
+ "confidence": "high",
21
+ "modifiers": [ "i" ]
22
+ },
23
+ {
24
+ "pattern": "auth_token|access_token|password|passwrd|client_credentials|client_*id|client_*secret",
25
+ "type": "regexword",
26
+ "scopes": [ "code" ],
27
+ "modifiers": [ "i" ],
28
+ "confidence": "high"
29
+ }
30
+ ]
31
+ },
32
+ {
33
+ "name": "Data: Embedded Secret",
34
+ "id": "AI015900",
35
+ "description": "Data: Embedded Secret",
36
+ "tags":[ "Data.Sensitive.Secret" ],
37
+ "severity": "critical",
38
+ "patterns": [
39
+ {
40
+ "pattern": "(secret|pass).*[a-f0-9]{30,}",
41
+ "type": "regex",
42
+ "scopes": [ "code" ],
43
+ "modifiers": [ "i" ],
44
+ "confidence": "low"
45
+ },
46
+ {
47
+ "pattern": "[\"'][a-f0-9]{30,}[\"']",
48
+ "type": "regex",
49
+ "scopes": [ "code" ],
50
+ "modifiers": [ "i" ],
51
+ "confidence": "low"
52
+ }
53
+ ]
54
+ },
55
+ {
56
+ "name": "Data: Secret",
57
+ "id": "AI016000",
58
+ "description": "Data: Secret",
59
+ "tags":[ "Data.Sensitive.Secret" ],
60
+ "severity": "important",
61
+ "patterns": [
62
+ {
63
+ "pattern": "(strictly|highly) confidential",
64
+ "type": "regex",
65
+ "scopes": [ "code", "comment" ],
66
+ "modifiers": [ "i" ]
67
+ },
68
+ {
69
+ "pattern": "secret",
70
+ "type": "string",
71
+ "scopes": [ "code", "comment" ],
72
+ "modifiers": [ "i" ]
73
+ }
74
+ ]
75
+ },
76
+ {
77
+ "name": "Data: Product Key",
78
+ "id": "AI016100",
79
+ "description": "Data: Product Key",
80
+ "tags":[ "Data.Sensitive.ProductKey" ],
81
+ "severity": "critical",
82
+ "patterns": [
83
+ {
84
+ "pattern": "product[ ]*key",
85
+ "type": "regex",
86
+ "scopes": [ "code", "comment" ],
87
+ "modifiers": [ "i" ]
88
+ }
89
+ ]
90
+ }
91
+ ]
@@ -0,0 +1,176 @@
1
+ [
2
+ {
3
+ "name": "Data: Sensitive (Identification)",
4
+ "id": "AI016200",
5
+ "description": "Data: Sensitive (Identification)",
6
+ "tags":[ "Data.Sensitive.Identification" ],
7
+ "severity": "critical",
8
+ "patterns": [
9
+ {
10
+ "pattern": "(first|last|sur)name",
11
+ "type": "regex",
12
+ "scopes": [ "code", "comment" ],
13
+ "modifiers": [ "i" ],
14
+ "confidence": "high"
15
+ },
16
+ {
17
+ "pattern": "birthdate|ethnicity|gender|citizenship|nationality|martial|marriage|married|spouse|mother|father",
18
+ "type": "regex",
19
+ "scopes": [ "code", "comment" ],
20
+ "modifiers": [ "i" ],
21
+ "confidence": "high"
22
+ },
23
+ {
24
+ "pattern": "socialsecurity|nationalid|passport|drvlic|studentID|govtID|driverlic|driverslicense",
25
+ "type": "regex",
26
+ "scopes": [ "code", "comment" ],
27
+ "modifiers": [ "i" ],
28
+ "confidence": "high"
29
+ },
30
+ {
31
+ "pattern": "mobile_*(phone|number)|cell_*(phone|number)|telephone",
32
+ "type": "regexword",
33
+ "scopes": [ "code", "comment" ],
34
+ "modifiers": [ "i" ],
35
+ "confidence": "high"
36
+ }
37
+ ]
38
+ },
39
+ {
40
+ "name": "Data: Sensitive (Identification)",
41
+ "id": "AI016300",
42
+ "description": "Data: Sensitive (Identification)",
43
+ "tags":[ "Data.Sensitive.Identification" ],
44
+ "severity": "important",
45
+ "patterns": [
46
+ {
47
+ "pattern": "mobile|cell|phone|ipaddress|ipaddr|geolocation|geotracking|identification|ssnumber|ssn|children|kids*",
48
+ "type": "regexword",
49
+ "scopes": [ "code", "comment" ],
50
+ "modifiers": [ "i" ],
51
+ "confidence": "medium"
52
+ },
53
+ {
54
+ "pattern": "age",
55
+ "type": "string",
56
+ "scopes": [ "code", "comment" ],
57
+ "modifiers": [ "i" ],
58
+ "confidence": "medium"
59
+ }
60
+ ],
61
+ "conditions": [
62
+ {
63
+ "pattern": {
64
+ "pattern": "address|(first|last|sur)name|gender|contact|email|user|mother|father",
65
+ "type": "regexword",
66
+ "scopes": [ "code" ],
67
+ "modifiers": [ "i" ]
68
+ },
69
+ "search_in": "finding-region(-40,40)",
70
+ "negate_finding": false
71
+ }
72
+ ]
73
+ },
74
+ {
75
+ "name": "Data: Sensitive (Identification)",
76
+ "id": "AI016400",
77
+ "description": "Data: Sensitive (Identification)",
78
+ "tags":[ "Data.Sensitive.Identification" ],
79
+ "severity": "important",
80
+ "patterns": [
81
+ {
82
+ "pattern": "email",
83
+ "type": "regex",
84
+ "scopes": [ "code", "comment" ],
85
+ "modifiers": [ "i" ],
86
+ "confidence": "medium"
87
+ }
88
+ ],
89
+ "conditions": [
90
+ {
91
+ "pattern": {
92
+ "pattern": "author|package.json",
93
+ "type": "regex",
94
+ "scopes": [ "code" ],
95
+ "modifiers": [ "i" ],
96
+ "_comment": "special case for package.json for SF"
97
+ },
98
+ "search_in": "finding-region(-10,10)",
99
+ "negate_finding": true
100
+ }
101
+ ]
102
+ },
103
+
104
+ {
105
+ "name": "Data: Sensitive (Identification)",
106
+ "id": "AI016500",
107
+ "description": "Data: Sensitive (Identification)",
108
+ "tags":[ "Data.Sensitive.Identification" ],
109
+ "severity": "important",
110
+ "patterns": [
111
+ {
112
+ "pattern": "avatar|photo",
113
+ "type": "regex",
114
+ "scopes": [ "code", "comment" ],
115
+ "modifiers": [ "i" ],
116
+ "confidence": "medium"
117
+ }
118
+ ],
119
+ "conditions": [
120
+ {
121
+ "pattern": {
122
+ "pattern": "user",
123
+ "type": "substring",
124
+ "scopes": [ "code" ],
125
+ "modifiers": [ "i" ]
126
+ },
127
+ "search_in": "finding-region(-30,30)",
128
+ "negate_finding": false
129
+ }
130
+ ]
131
+ },
132
+ {
133
+ "name": "Data: Sensitive (Medical)",
134
+ "id": "AI016600",
135
+ "description": "Data: Sensitive (Medical)",
136
+ "tags":[ "Data.Sensitive.Medical" ],
137
+ "severity": "important",
138
+ "patterns": [
139
+ {
140
+ "pattern": "medical|insurance|doctor|patient|physician|medicare|medicaid|physician|blood_*type",
141
+ "type": "regexword",
142
+ "scopes": [ "code" ],
143
+ "modifiers": [ "i" ],
144
+ "confidence": "low"
145
+ }
146
+ ]
147
+ },
148
+ {
149
+ "name": "Data: Sensitive (Account)",
150
+ "id": "AI016700",
151
+ "description": "Data: Sensitive (Account)",
152
+ "tags":[ "Data.Sensitive.UserAccount" ],
153
+ "severity": "critical",
154
+ "patterns": [
155
+ {
156
+ "pattern": "registration|membership|acctnum|accountnum|accountnumber",
157
+ "type": "regexword",
158
+ "scopes": [ "code" ],
159
+ "modifiers": [ "i" ],
160
+ "confidence": "high"
161
+ }
162
+ ],
163
+ "conditions": [
164
+ {
165
+ "pattern": {
166
+ "pattern": "user",
167
+ "type": "string",
168
+ "scopes": [ "code" ],
169
+ "modifiers": [ "i" ]
170
+ },
171
+ "search_in": "finding-region(-40,40)",
172
+ "negate_finding": false
173
+ }
174
+ ]
175
+ }
176
+ ]
@@ -0,0 +1,240 @@
1
+ [
2
+ {
3
+ "name": "Permissions Request: Contacts (iOS)",
4
+ "id": "AI016731",
5
+ "description": "Permissions Request: Contacts (iOS)",
6
+ "applies_to":[ "swift" ],
7
+ "tags":[ "Device.Permissions.Contacts.iOS" ],
8
+ "severity": "moderate",
9
+ "patterns": [
10
+ {
11
+ "pattern": "permission.contacts",
12
+ "type": "string",
13
+ "scopes": [ "code" ],
14
+ "modifiers": [ "i" ],
15
+ "confidence": "high"
16
+ }
17
+ ]
18
+ },
19
+ {
20
+ "name": "Permissions Request: LocationAlways (iOS)",
21
+ "id": "AI016732",
22
+ "description": "Permissions Request: LocationAlways (iOS)",
23
+ "applies_to":[ "swift" ],
24
+ "tags":[ "Device.Permissions.LocationAlways.iOS" ],
25
+ "severity": "moderate",
26
+ "patterns": [
27
+ {
28
+ "pattern": "permission.locationAlways",
29
+ "type": "string",
30
+ "scopes": [ "code" ],
31
+ "modifiers": [ "i" ],
32
+ "confidence": "high"
33
+ }
34
+ ]
35
+ },
36
+ {
37
+ "name": "Permissions Request: LocationWhenInUse (iOS)",
38
+ "id": "AI016733",
39
+ "description": "Permissions Request: LocationWhenInUse (iOS)",
40
+ "applies_to":[ "swift" ],
41
+ "tags":[ "Device.Permissions.LocationWhenInUse.iOS" ],
42
+ "severity": "moderate",
43
+ "patterns": [
44
+ {
45
+ "pattern": "permission.locationWhenInUse",
46
+ "type": "string",
47
+ "scopes": [ "code" ],
48
+ "modifiers": [ "i" ],
49
+ "confidence": "high"
50
+ }
51
+ ]
52
+ },
53
+ {
54
+ "name": "Permissions Request: Notifications (iOS)",
55
+ "id": "AI016734",
56
+ "description": "Permissions Request: Notifications (iOS)",
57
+ "applies_to":[ "swift" ],
58
+ "tags":[ "Device.Permissions.Notifications.iOS" ],
59
+ "severity": "moderate",
60
+ "patterns": [
61
+ {
62
+ "pattern": "permission.notifications",
63
+ "type": "string",
64
+ "scopes": [ "code" ],
65
+ "modifiers": [ "i" ],
66
+ "confidence": "high"
67
+ }
68
+ ]
69
+ },
70
+ {
71
+ "name": "Permissions Request: Microphone (iOS)",
72
+ "id": "AI016735",
73
+ "description": "Permissions Request: Microphone (iOS)",
74
+ "applies_to":[ "swift" ],
75
+ "tags":[ "Device.Permissions.Microphone.iOS" ],
76
+ "severity": "moderate",
77
+ "patterns": [
78
+ {
79
+ "pattern": "permission.microphone",
80
+ "type": "string",
81
+ "scopes": [ "code" ],
82
+ "modifiers": [ "i" ],
83
+ "confidence": "high"
84
+ }
85
+ ]
86
+ },
87
+ {
88
+ "name": "Permissions Request: Camera (iOS)",
89
+ "id": "AI016736",
90
+ "description": "Permissions Request: Camera (iOS)",
91
+ "applies_to":[ "swift" ],
92
+ "tags":[ "Device.Permissions.Camera.iOS" ],
93
+ "severity": "moderate",
94
+ "patterns": [
95
+ {
96
+ "pattern": "permission.camera",
97
+ "type": "string",
98
+ "scopes": [ "code" ],
99
+ "modifiers": [ "i" ],
100
+ "confidence": "high"
101
+ }
102
+ ]
103
+ },
104
+ {
105
+ "name": "Permissions Request: Media Library (iOS)",
106
+ "id": "AI016737",
107
+ "description": "Permissions Request: Media Library (iOS)",
108
+ "applies_to":[ "swift" ],
109
+ "tags":[ "Device.Permissions.MediaLibrary.iOS" ],
110
+ "severity": "moderate",
111
+ "patterns": [
112
+ {
113
+ "pattern": "permission\\.photos|permission\\.mediaLibrary",
114
+ "type": "regexword",
115
+ "scopes": [ "code" ],
116
+ "modifiers": [ "i" ],
117
+ "confidence": "high"
118
+ }
119
+ ]
120
+ },
121
+ {
122
+ "name": "Permissions Request: Reminders (iOS)",
123
+ "id": "AI016738",
124
+ "description": "Permissions Request: Reminders (iOS)",
125
+ "applies_to":[ "swift" ],
126
+ "tags":[ "Device.Permissions.Reminders.iOS" ],
127
+ "severity": "moderate",
128
+ "patterns": [
129
+ {
130
+ "pattern": "permission.reminders",
131
+ "type": "string",
132
+ "scopes": [ "code" ],
133
+ "modifiers": [ "i" ],
134
+ "confidence": "high"
135
+ }
136
+ ]
137
+ },
138
+ {
139
+ "name": "Permissions Request: Events (iOS)",
140
+ "id": "AI016739",
141
+ "description": "Permissions Request: Events (iOS)",
142
+ "applies_to":[ "swift" ],
143
+ "tags":[ "Device.Permissions.CalendarEvents.iOS" ],
144
+ "severity": "moderate",
145
+ "patterns": [
146
+ {
147
+ "pattern": "permission.events",
148
+ "type": "string",
149
+ "scopes": [ "code" ],
150
+ "modifiers": [ "i" ],
151
+ "confidence": "high"
152
+ }
153
+ ]
154
+ },
155
+ {
156
+ "name": "Permissions Request: Bluetooth (iOS)",
157
+ "id": "AI016740",
158
+ "description": "Permissions Request: Bluetooth (iOS)",
159
+ "applies_to":[ "swift" ],
160
+ "tags":[ "Device.Permissions.Bluetooth.iOS" ],
161
+ "severity": "moderate",
162
+ "patterns": [
163
+ {
164
+ "pattern": "permission.bluetooth",
165
+ "type": "string",
166
+ "scopes": [ "code" ],
167
+ "modifiers": [ "i" ],
168
+ "confidence": "high"
169
+ }
170
+ ]
171
+ },
172
+ {
173
+ "name": "Permissions Request: Motion (iOS)",
174
+ "id": "AI016741",
175
+ "description": "Permissions Request: Motion (iOS)",
176
+ "applies_to":[ "swift" ],
177
+ "tags":[ "Device.Permissions.Motion.iOS" ],
178
+ "severity": "moderate",
179
+ "patterns": [
180
+ {
181
+ "pattern": "permission.motion",
182
+ "type": "string",
183
+ "scopes": [ "code" ],
184
+ "modifiers": [ "i" ],
185
+ "confidence": "high"
186
+ }
187
+ ]
188
+ },
189
+ {
190
+ "name": "Permissions Request: SpeechRecognizer (iOS)",
191
+ "id": "AI016742",
192
+ "description": "Permissions Request: SpeechRecognizer (iOS)",
193
+ "applies_to":[ "swift" ],
194
+ "tags":[ "Device.Permissions.SpeechRecognizer.iOS" ],
195
+ "severity": "moderate",
196
+ "patterns": [
197
+ {
198
+ "pattern": "permission.speechRecognizer",
199
+ "type": "string",
200
+ "scopes": [ "code" ],
201
+ "modifiers": [ "i" ],
202
+ "confidence": "high"
203
+ }
204
+ ]
205
+ },
206
+ {
207
+ "name": "Permissions Request: Siri (iOS)",
208
+ "id": "AI016743",
209
+ "description": "Permissions Request: Siri (iOS)",
210
+ "applies_to":[ "swift" ],
211
+ "tags":[ "Device.Permissions.VoiceCommand.iOS" ],
212
+ "severity": "moderate",
213
+ "patterns": [
214
+ {
215
+ "pattern": "permission.siri",
216
+ "type": "string",
217
+ "scopes": [ "code" ],
218
+ "modifiers": [ "i" ],
219
+ "confidence": "high"
220
+ }
221
+ ]
222
+ },
223
+ {
224
+ "name": "Permissions Request: Never (iOS)",
225
+ "id": "AI016744",
226
+ "description": "Permissions Request: Never (iOS)",
227
+ "applies_to":[ "swift" ],
228
+ "tags":[ "Device.Permissions.Never.iOS" ],
229
+ "severity": "moderate",
230
+ "patterns": [
231
+ {
232
+ "pattern": "permission.never",
233
+ "type": "string",
234
+ "scopes": [ "code" ],
235
+ "modifiers": [ "i" ],
236
+ "confidence": "high"
237
+ }
238
+ ]
239
+ }
240
+ ]