@empline/preflight 1.0.22 → 1.0.24
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/bin/approve.js +0 -0
- package/dist/bin/audit.js +0 -0
- package/dist/bin/install-hooks.js +0 -0
- package/dist/bin/preflight.js +0 -0
- package/dist/bin/review-drift.js +0 -0
- package/dist/bin/review.js +0 -0
- package/dist/bin/submit-drift.js +0 -0
- package/dist/bin/submit.js +0 -0
- package/dist/bin/watch.js +0 -0
- package/dist/checks/api/response-consistency.d.ts.map +1 -1
- package/dist/checks/api/response-consistency.js +13 -5
- package/dist/checks/api/response-consistency.js.map +1 -1
- package/dist/checks/api/response-schema-validation.d.ts.map +1 -1
- package/dist/checks/api/response-schema-validation.js +13 -7
- package/dist/checks/api/response-schema-validation.js.map +1 -1
- package/dist/checks/async-cleanup-validation.d.ts.map +1 -1
- package/dist/checks/async-cleanup-validation.js +9 -3
- package/dist/checks/async-cleanup-validation.js.map +1 -1
- package/dist/checks/auth/role-validation.d.ts.map +1 -1
- package/dist/checks/auth/role-validation.js +12 -14
- package/dist/checks/auth/role-validation.js.map +1 -1
- package/dist/checks/auth/store-access-delegation.d.ts.map +1 -1
- package/dist/checks/auth/store-access-delegation.js +12 -19
- package/dist/checks/auth/store-access-delegation.js.map +1 -1
- package/dist/checks/business/currency-precision.d.ts.map +1 -1
- package/dist/checks/business/currency-precision.js +13 -125
- package/dist/checks/business/currency-precision.js.map +1 -1
- package/dist/checks/business/inventory-atomicity-validation.d.ts.map +1 -1
- package/dist/checks/business/inventory-atomicity-validation.js +15 -11
- package/dist/checks/business/inventory-atomicity-validation.js.map +1 -1
- package/dist/checks/business/order-state-machine-validation.d.ts.map +1 -1
- package/dist/checks/business/order-state-machine-validation.js +13 -10
- package/dist/checks/business/order-state-machine-validation.js.map +1 -1
- package/dist/checks/business/price-calculation-validation.d.ts.map +1 -1
- package/dist/checks/business/price-calculation-validation.js +11 -9
- package/dist/checks/business/price-calculation-validation.js.map +1 -1
- package/dist/checks/business/timezone-handling.d.ts.map +1 -1
- package/dist/checks/business/timezone-handling.js +12 -3
- package/dist/checks/business/timezone-handling.js.map +1 -1
- package/dist/checks/code-hygiene/any-type-detection.d.ts.map +1 -1
- package/dist/checks/code-hygiene/any-type-detection.js +12 -8
- package/dist/checks/code-hygiene/any-type-detection.js.map +1 -1
- package/dist/checks/code-hygiene/broken-template-literals.d.ts.map +1 -1
- package/dist/checks/code-hygiene/broken-template-literals.js +14 -6
- package/dist/checks/code-hygiene/broken-template-literals.js.map +1 -1
- package/dist/checks/code-hygiene/comment-hygiene.d.ts.map +1 -1
- package/dist/checks/code-hygiene/comment-hygiene.js +6 -5
- package/dist/checks/code-hygiene/comment-hygiene.js.map +1 -1
- package/dist/checks/code-hygiene/console-log-detection.d.ts.map +1 -1
- package/dist/checks/code-hygiene/console-log-detection.js +11 -14
- package/dist/checks/code-hygiene/console-log-detection.js.map +1 -1
- package/dist/checks/code-hygiene/decorative-separators.d.ts.map +1 -1
- package/dist/checks/code-hygiene/decorative-separators.js +14 -9
- package/dist/checks/code-hygiene/decorative-separators.js.map +1 -1
- package/dist/checks/code-hygiene/empty-catch-detection.d.ts.map +1 -1
- package/dist/checks/code-hygiene/empty-catch-detection.js +11 -5
- package/dist/checks/code-hygiene/empty-catch-detection.js.map +1 -1
- package/dist/checks/code-hygiene/log-level-misuse.d.ts.map +1 -1
- package/dist/checks/code-hygiene/log-level-misuse.js +11 -10
- package/dist/checks/code-hygiene/log-level-misuse.js.map +1 -1
- package/dist/checks/code-hygiene/missing-logger-import.d.ts.map +1 -1
- package/dist/checks/code-hygiene/missing-logger-import.js +11 -10
- package/dist/checks/code-hygiene/missing-logger-import.js.map +1 -1
- package/dist/checks/code-hygiene/todo-tracking.d.ts.map +1 -1
- package/dist/checks/code-hygiene/todo-tracking.js +12 -4
- package/dist/checks/code-hygiene/todo-tracking.js.map +1 -1
- package/dist/checks/code-hygiene/unicode-console-compatibility.d.ts.map +1 -1
- package/dist/checks/code-hygiene/unicode-console-compatibility.js +11 -3
- package/dist/checks/code-hygiene/unicode-console-compatibility.js.map +1 -1
- package/dist/checks/code-quality/feature-flag-hygiene.d.ts.map +1 -1
- package/dist/checks/code-quality/feature-flag-hygiene.js +10 -6
- package/dist/checks/code-quality/feature-flag-hygiene.js.map +1 -1
- package/dist/checks/code-quality/legacy-data-pattern-detection.d.ts.map +1 -1
- package/dist/checks/code-quality/legacy-data-pattern-detection.js +14 -6
- package/dist/checks/code-quality/legacy-data-pattern-detection.js.map +1 -1
- package/dist/checks/code-quality/magic-number-detection.d.ts.map +1 -1
- package/dist/checks/code-quality/magic-number-detection.js +10 -13
- package/dist/checks/code-quality/magic-number-detection.js.map +1 -1
- package/dist/checks/code-quality/no-console-production.d.ts.map +1 -1
- package/dist/checks/code-quality/no-console-production.js +12 -19
- package/dist/checks/code-quality/no-console-production.js.map +1 -1
- package/dist/checks/code-quality/shared-utility-gaps.d.ts.map +1 -1
- package/dist/checks/code-quality/shared-utility-gaps.js +11 -16
- package/dist/checks/code-quality/shared-utility-gaps.js.map +1 -1
- package/dist/checks/component-imports.d.ts.map +1 -1
- package/dist/checks/component-imports.js +12 -7
- package/dist/checks/component-imports.js.map +1 -1
- package/dist/checks/event-listener-cleanup.d.ts.map +1 -1
- package/dist/checks/event-listener-cleanup.js +9 -3
- package/dist/checks/event-listener-cleanup.js.map +1 -1
- package/dist/checks/react/memory-leak-detection.d.ts.map +1 -1
- package/dist/checks/react/memory-leak-detection.js +10 -5
- package/dist/checks/react/memory-leak-detection.js.map +1 -1
- package/dist/checks/react/memory-leak-patterns.d.ts.map +1 -1
- package/dist/checks/react/memory-leak-patterns.js +10 -8
- package/dist/checks/react/memory-leak-patterns.js.map +1 -1
- package/dist/checks/runtime/client-process-env-usage.d.ts.map +1 -1
- package/dist/checks/runtime/client-process-env-usage.js +12 -9
- package/dist/checks/runtime/client-process-env-usage.js.map +1 -1
- package/dist/checks/runtime/missing-public-env-import.d.ts.map +1 -1
- package/dist/checks/runtime/missing-public-env-import.js +12 -9
- package/dist/checks/runtime/missing-public-env-import.js.map +1 -1
- package/dist/checks/runtime/process-stdio-usage.d.ts.map +1 -1
- package/dist/checks/runtime/process-stdio-usage.js +12 -10
- package/dist/checks/runtime/process-stdio-usage.js.map +1 -1
- package/dist/checks/security/path-traversal-prevention.d.ts.map +1 -1
- package/dist/checks/security/path-traversal-prevention.js +8 -2
- package/dist/checks/security/path-traversal-prevention.js.map +1 -1
- package/dist/checks/security/permission-security-validation.d.ts.map +1 -1
- package/dist/checks/security/permission-security-validation.js +15 -9
- package/dist/checks/security/permission-security-validation.js.map +1 -1
- package/dist/checks/security/prod-command-detection.d.ts.map +1 -1
- package/dist/checks/security/prod-command-detection.js +15 -5
- package/dist/checks/security/prod-command-detection.js.map +1 -1
- package/dist/checks/security/rate-limiting-validation.d.ts.map +1 -1
- package/dist/checks/security/rate-limiting-validation.js +10 -5
- package/dist/checks/security/rate-limiting-validation.js.map +1 -1
- package/dist/checks/security/sensitive-data-exposure.d.ts.map +1 -1
- package/dist/checks/security/sensitive-data-exposure.js +13 -34
- package/dist/checks/security/sensitive-data-exposure.js.map +1 -1
- package/dist/checks/security/sql-injection-prevention.d.ts.map +1 -1
- package/dist/checks/security/sql-injection-prevention.js +14 -11
- package/dist/checks/security/sql-injection-prevention.js.map +1 -1
- package/dist/checks/security/turnstile-scope-validation.d.ts.map +1 -1
- package/dist/checks/security/turnstile-scope-validation.js +8 -4
- package/dist/checks/security/turnstile-scope-validation.js.map +1 -1
- package/dist/checks/security/webhook-security-validation.d.ts.map +1 -1
- package/dist/checks/security/webhook-security-validation.js +13 -6
- package/dist/checks/security/webhook-security-validation.js.map +1 -1
- package/dist/checks/storage-keys-validation.d.ts.map +1 -1
- package/dist/checks/storage-keys-validation.js +10 -4
- package/dist/checks/storage-keys-validation.js.map +1 -1
- package/dist/checks/system/preflight-drift-detector.js +0 -0
- package/dist/checks/ui/console-log-check.js +5 -37
- package/dist/checks/ui/console-log-check.js.map +1 -1
- package/dist/checks/ui/product-image-animations.d.ts.map +1 -1
- package/dist/checks/ui/product-image-animations.js +9 -15
- package/dist/checks/ui/product-image-animations.js.map +1 -1
- package/dist/checks/ui/styling-standards.d.ts.map +1 -1
- package/dist/checks/ui/styling-standards.js.map +1 -1
- package/package.json +12 -13
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prod-command-detection.js","sourceRoot":"","sources":["../../../src/checks/security/prod-command-detection.ts"],"names":[],"mappings":";;AACA;;;;;;;;GAQG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,6DAAkD;
|
|
1
|
+
{"version":3,"file":"prod-command-detection.js","sourceRoot":"","sources":["../../../src/checks/security/prod-command-detection.ts"],"names":[],"mappings":";;AACA;;;;;;;;GAQG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,6DAAkD;AAClD,wDAA2E;AAG3E,iBAAiB;AACJ,QAAA,EAAE,GAAG,iCAAiC,CAAC;AACvC,QAAA,IAAI,GAAG,wBAAwB,CAAC;AAChC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,iDAAiD,CAAC;AAChE,QAAA,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;AASjC,MAAM,UAAU,GAAgB,EAAE,CAAC;AAEnC,6DAA6D;AAC7D,MAAM,kBAAkB,GAAG;IACzB,2DAA2D;IAC3D;QACE,OAAO,EACL,wFAAwF;QAC1F,WAAW,EAAE,mDAAmD;QAChE,QAAQ,EAAE,UAAmB;KAC9B;IACD;QACE,OAAO,EACL,2FAA2F;QAC7F,WAAW,EAAE,+CAA+C;QAC5D,QAAQ,EAAE,UAAmB;KAC9B;IACD;QACE,OAAO,EACL,+GAA+G;QACjH,WAAW,EAAE,yCAAyC;QACtD,QAAQ,EAAE,UAAmB;KAC9B;IACD,kDAAkD;IAClD;QACE,OAAO,EAAE,wEAAwE;QACjF,WAAW,EAAE,yEAAyE;QACtF,QAAQ,EAAE,SAAkB;KAC7B;IACD;QACE,OAAO,EAAE,0DAA0D;QACnE,WAAW,EAAE,kDAAkD;QAC/D,QAAQ,EAAE,UAAmB;KAC9B;IACD,yCAAyC;IACzC;QACE,OAAO,EAAE,4EAA4E;QACrF,WAAW,EAAE,gDAAgD;QAC7D,QAAQ,EAAE,UAAmB;KAC9B;IACD;QACE,OAAO,EAAE,8EAA8E;QACvF,WAAW,EAAE,2DAA2D;QACxE,QAAQ,EAAE,UAAmB;KAC9B;CACF,CAAC;AAEF,4BAA4B;AAC5B,MAAM,UAAU,GAAG,CAAC,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;AAElD,kEAAkE;AAClE,MAAM,qBAAqB,GAAG;IAC5B,qBAAqB;IACrB,qBAAqB;IACrB,iBAAiB;IACjB,wBAAwB;IACxB,kBAAkB;IAClB,2BAA2B,EAAE,YAAY;IACzC,yBAAyB,EAAE,gBAAgB;IAC3C,cAAc;IACd,OAAO;CACR,CAAC;AAEF,6CAA6C;AAC7C,IAAI,aAAa,GAAa,EAAE,CAAC;AAEjC,SAAS,aAAa,CAAC,QAAgB;IACrC,2BAA2B;IAC3B,IAAI,qBAAqB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QACxE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,gCAAgC;IAChC,OAAO,IAAA,8BAAiB,EAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AACpD,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAgB;IAC3C,OAAO,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AAClG,CAAC;AAED,SAAS,QAAQ,CAAC,QAAgB;IAChC,IAAI,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC5B,OAAO;IACT,CAAC;IAED,2EAA2E;IAC3E,IAAI,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAClC,OAAO;IACT,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,kBAAkB,EAAE,CAAC;YACpE,IAAI,KAAK,CAAC;YACV,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YAExD,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC9C,mBAAmB;gBACnB,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBAElD,yDAAyD;gBACzD,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzC,IACE,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;oBACpB,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;oBACrB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;oBACtB,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAC1B,CAAC;oBACD,SAAS;gBACX,CAAC;gBAED,UAAU,CAAC,IAAI,CAAC;oBACd,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,WAAW;oBACpB,QAAQ;iBACT,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,gCAAgC;IAClC,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,OAAe;IACpC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QAC5B,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IAEjE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAEhD,IAAI,aAAa,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5B,SAAS;QACX,CAAC;QAED,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,aAAa,CAAC,QAAQ,CAAC,CAAC;QAC1B,CAAC;aAAM,IACL,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YAC3B,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAC1B,CAAC;YACD,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,MAAM,0CAA0C,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,qDAAqD,CAAC,CAAC;IAElF,2CAA2C;IAC3C,aAAa,GAAG,MAAM,IAAA,0BAAa,EAAC,UAAE,CAAC,CAAC;IAExC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;IAE/B,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;QAClC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC/C,aAAa,CAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,0CAA0C;IAC1C,MAAM,SAAS,GAAG,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC3C,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAClD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IAED,MAAM,aAAa,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,YAAY,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;IAE/E,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,OAAO,wDAAwD,CAAC,CAAC;QACtF,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,6BAA6B,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,MAAM,qBAAK,CAAC,KAAK,iDAAiD,CAAC,CAAC;QAChF,OAAO,CAAC,GAAG,CAAC,MAAM,qBAAK,CAAC,KAAK,oDAAoD,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,MAAM,qBAAK,CAAC,KAAK,sDAAsD,CAAC,CAAC;QACrF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,KAAK,UAAU,UAAU,CAAC,MAAM,0BAA0B,CAAC,CAAC;IAEjF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3B,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,qBAAK,CAAC,KAAK,CAAC,CAAC,CAAC,qBAAK,CAAC,OAAO,CAAC;QACrE,MAAM,KAAK,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,KAAK,KAAK,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;QACtD,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,IAAI,+DAA+D,CAAC,CAAC;IAC1F,OAAO,CAAC,GAAG,CAAC,MAAM,qBAAK,CAAC,KAAK,qDAAqD,CAAC,CAAC;IACpF,OAAO,CAAC,GAAG,CAAC,MAAM,qBAAK,CAAC,KAAK,uDAAuD,CAAC,CAAC;IAEtF,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,+CAA+C;IAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiting-validation.d.ts","sourceRoot":"","sources":["../../../src/checks/security/rate-limiting-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"rate-limiting-validation.d.ts","sourceRoot":"","sources":["../../../src/checks/security/rate-limiting-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;GAUG;AAYH,eAAO,MAAM,EAAE,sCAAsC,CAAC;AACtD,eAAO,MAAM,IAAI,6BAA6B,CAAC;AAC/C,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,QAAQ,OAAO,CAAC;AAC7B,eAAO,MAAM,WAAW,uCAAuC,CAAC;AAChE,eAAO,MAAM,IAAI,UAA4B,CAAC"}
|
|
@@ -52,6 +52,7 @@ const path = __importStar(require("path"));
|
|
|
52
52
|
const console_chars_1 = require("../../utils/console-chars");
|
|
53
53
|
const file_cache_1 = require("../../shared/file-cache");
|
|
54
54
|
const universal_progress_reporter_1 = require("../system/universal-progress-reporter");
|
|
55
|
+
const exclusions_1 = require("../../shared/exclusions");
|
|
55
56
|
// Check metadata
|
|
56
57
|
exports.id = "security/rate-limiting-validation";
|
|
57
58
|
exports.name = "Rate Limiting Validation";
|
|
@@ -96,8 +97,8 @@ const RATE_LIMIT_PATTERNS = [
|
|
|
96
97
|
];
|
|
97
98
|
// Files/directories to scan
|
|
98
99
|
const SCAN_PATTERNS = ["app/api/**/route.ts"];
|
|
99
|
-
//
|
|
100
|
-
|
|
100
|
+
// App-specific exclusions loaded from config
|
|
101
|
+
let appExclusions = [];
|
|
101
102
|
// CACHED FILE LISTS - Scan once, use everywhere
|
|
102
103
|
let _cachedLibFiles = null;
|
|
103
104
|
async function getLibFiles() {
|
|
@@ -182,7 +183,8 @@ async function checkRateLimitingInfrastructure() {
|
|
|
182
183
|
}
|
|
183
184
|
// Check for IP-based rate limiting on auth endpoints
|
|
184
185
|
async function checkIPRateLimiting() {
|
|
185
|
-
const authFiles = await (0, glob_1.glob)("app/api/auth/**/route.ts", { ignore:
|
|
186
|
+
const authFiles = (await (0, glob_1.glob)("app/api/auth/**/route.ts", { ignore: ["**/node_modules/**"] }))
|
|
187
|
+
.filter((file) => !(0, exclusions_1.shouldExcludeFile)(file, appExclusions));
|
|
186
188
|
for (const file of authFiles) {
|
|
187
189
|
const content = fs.readFileSync(file, "utf-8");
|
|
188
190
|
// Check if IP is extracted for rate limiting
|
|
@@ -206,11 +208,14 @@ async function main() {
|
|
|
206
208
|
const reporter = (0, universal_progress_reporter_1.createUniversalProgressReporter)(path.basename(__filename, ".ts"));
|
|
207
209
|
console.log(`${console_chars_1.emoji.shield} Rate Limiting Validation Preflight`);
|
|
208
210
|
console.log((0, console_chars_1.createDivider)(70, "heavy"));
|
|
211
|
+
// Load app-specific exclusions from config
|
|
212
|
+
appExclusions = await (0, exclusions_1.getExclusions)(exports.id);
|
|
209
213
|
// Get all API route files
|
|
210
|
-
const
|
|
211
|
-
ignore:
|
|
214
|
+
const allFiles = await (0, glob_1.glob)(SCAN_PATTERNS[0], {
|
|
215
|
+
ignore: ["**/node_modules/**"],
|
|
212
216
|
nodir: true,
|
|
213
217
|
});
|
|
218
|
+
const files = allFiles.filter((file) => !(0, exclusions_1.shouldExcludeFile)(file, appExclusions));
|
|
214
219
|
console.log(`Scanning ${files.length} API routes for rate limiting...`);
|
|
215
220
|
// Scan each file
|
|
216
221
|
for (const file of files) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rate-limiting-validation.js","sourceRoot":"","sources":["../../../src/checks/security/rate-limiting-validation.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,+BAA4B;AAC5B,2CAA6B;AAC7B,6DAAiE;AACjE,wDAAoD;AACpD,uFAAwF;
|
|
1
|
+
{"version":3,"file":"rate-limiting-validation.js","sourceRoot":"","sources":["../../../src/checks/security/rate-limiting-validation.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,+BAA4B;AAC5B,2CAA6B;AAC7B,6DAAiE;AACjE,wDAAoD;AACpD,uFAAwF;AACxF,wDAA2E;AAG3E,iBAAiB;AACJ,QAAA,EAAE,GAAG,mCAAmC,CAAC;AACzC,QAAA,IAAI,GAAG,0BAA0B,CAAC;AAClC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,oCAAoC,CAAC;AACnD,QAAA,IAAI,GAAG,CAAC,UAAU,EAAC,YAAY,CAAC,CAAC;AAU9C,MAAM,MAAM,GAAY,EAAE,CAAC;AAE3B,yCAAyC;AACzC,MAAM,kBAAkB,GAAG;IACzB,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACnD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,uBAAuB,EAAE;IAC7D,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,yBAAyB,EAAE;IAC/D,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,6BAA6B,EAAE;IACjE,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,EAAE;IACjD,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,mBAAmB,EAAE;IACnD,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,EAAE;IAC/C,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,uBAAuB,EAAE;IACtD,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,kBAAkB,EAAE;CAClD,CAAC;AAEF,2CAA2C;AAC3C,MAAM,qBAAqB,GAAG;IAC5B,EAAE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,EAAE;IAC/C,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,aAAa,EAAE;IAC5C,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,sBAAsB,EAAE;IAC9D,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,mBAAmB,EAAE;IACtD,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,uBAAuB,EAAE;CAC7D,CAAC;AAEF,sDAAsD;AACtD,MAAM,mBAAmB,GAAG;IAC1B,YAAY;IACZ,cAAc;IACd,iBAAiB;IACjB,kBAAkB;IAClB,KAAK;IACL,qBAAqB;IACrB,cAAc;IACd,YAAY;IACZ,iBAAiB;IACjB,gBAAgB;IAChB,cAAc;CACf,CAAC;AAEF,4BAA4B;AAC5B,MAAM,aAAa,GAAG,CAAC,qBAAqB,CAAC,CAAC;AAE9C,6CAA6C;AAC7C,IAAI,aAAa,GAAa,EAAE,CAAC;AAEjC,gDAAgD;AAEhD,IAAI,eAAe,GAAoB,IAAI,CAAC;AAC5C,KAAK,UAAU,WAAW;IACxB,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,eAAe,GAAG,MAAM,sBAAS,CAAC,WAAW,EAAE,CAAC;IAClD,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAEnD,kCAAkC;IAClC,MAAM,eAAe,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAErF,uCAAuC;IACvC,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,kBAAkB,EAAE,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC;oBACP,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,GAAG,IAAI,kDAAkD;oBAClE,IAAI,EAAE,kDAAkD;iBACzD,CAAC,CAAC;YACL,CAAC;YACD,OAAO,CAAC,4BAA4B;QACtC,CAAC;IACH,CAAC;IAED,0CAA0C;IAC1C,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,qBAAqB,EAAE,CAAC;QACtD,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC;oBACP,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,GAAG,IAAI,4BAA4B;oBAC5C,IAAI,EAAE,gDAAgD;iBACvD,CAAC,CAAC;YACL,CAAC;YACD,OAAO;QACT,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,IAAI,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;QACvE,oCAAoC;QACpC,IACE,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC1B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC1B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC1B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAC3B,CAAC;YACD,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,4DAA4D;gBACrE,IAAI,EAAE,0CAA0C;aACjD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,6CAA6C;AAC7C,KAAK,UAAU,+BAA+B;IAC5C,MAAM,QAAQ,GAAG,MAAM,WAAW,EAAE,CAAC;IAErC,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC/C,IACE,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC7B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC;YAC/B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAC3B,CAAC;YACD,eAAe,GAAG,IAAI,CAAC;YACvB,MAAM;QACR,CAAC;IACH,CAAC;IAED,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,MAAM;YACZ,IAAI,EAAE,CAAC;YACP,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,wCAAwC;YACjD,IAAI,EAAE,+DAA+D;SACtE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,qDAAqD;AACrD,KAAK,UAAU,mBAAmB;IAChC,MAAM,SAAS,GAAG,CAAC,MAAM,IAAA,WAAI,EAAC,0BAA0B,EAAE,EAAE,MAAM,EAAE,CAAC,oBAAoB,CAAC,EAAE,CAAC,CAAC;SAC3F,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAA,8BAAiB,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;IAE7D,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAE/C,6CAA6C;QAC7C,MAAM,eAAe,GACnB,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YACnC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC;YACnC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;YAC9B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC;YAC/B,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;QAEpC,IAAI,CAAC,eAAe,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACjD,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI;gBACJ,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,8CAA8C;gBACvD,IAAI,EAAE,mDAAmD;aAC1D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,QAAQ,GAAG,IAAA,6DAA+B,EAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC;IACnF,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,qCAAqC,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAExC,2CAA2C;IAC3C,aAAa,GAAG,MAAM,IAAA,0BAAa,EAAC,UAAE,CAAC,CAAC;IAExC,0BAA0B;IAC1B,MAAM,QAAQ,GAAG,MAAM,IAAA,WAAI,EAAC,aAAa,CAAC,CAAC,CAAC,EAAE;QAC5C,MAAM,EAAE,CAAC,oBAAoB,CAAC;QAC9B,KAAK,EAAE,IAAI;KACZ,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAA,8BAAiB,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;IAEjF,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,CAAC,MAAM,kCAAkC,CAAC,CAAC;IAExE,iBAAiB;IACjB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAED,uBAAuB;IACvB,MAAM,+BAA+B,EAAE,CAAC;IACxC,MAAM,mBAAmB,EAAE,CAAC;IAE5B,iBAAiB;IACjB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;IAE5D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,4CAA4C,CAAC,CAAC;QAC5E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,MAAM,YAAY,QAAQ,CAAC,MAAM,aAAa,CAAC,CAAC;IAE/E,gBAAgB;IAChB,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,KAAK,oCAAoC,CAAC,CAAC;QAChE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;QAC9D,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;QACxC,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,IAAI,wBAAwB,CAAC,CAAC;IACnD,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAExC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,oDAAoD,CAAC,CAAC;QAClF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,kDAAkD,CAAC,CAAC;IAClF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sensitive-data-exposure.d.ts","sourceRoot":"","sources":["../../../src/checks/security/sensitive-data-exposure.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;
|
|
1
|
+
{"version":3,"file":"sensitive-data-exposure.d.ts","sourceRoot":"","sources":["../../../src/checks/security/sensitive-data-exposure.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;AAUH,eAAO,MAAM,EAAE,qCAAqC,CAAC;AACrD,eAAO,MAAM,IAAI,4BAA4B,CAAC;AAC9C,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,QAAQ,OAAO,CAAC;AAC7B,eAAO,MAAM,WAAW,4DAA4D,CAAC;AACrF,eAAO,MAAM,IAAI,UAAe,CAAC"}
|
|
@@ -67,6 +67,7 @@ const fs = __importStar(require("fs"));
|
|
|
67
67
|
const console_chars_1 = require("../../utils/console-chars");
|
|
68
68
|
const file_cache_1 = require("../../shared/file-cache");
|
|
69
69
|
const glob_patterns_1 = require("../../shared/glob-patterns");
|
|
70
|
+
const exclusions_1 = require("../../shared/exclusions");
|
|
70
71
|
// Check metadata
|
|
71
72
|
exports.id = "security/sensitive-data-exposure";
|
|
72
73
|
exports.name = "Sensitive Data Exposure";
|
|
@@ -296,53 +297,29 @@ const DANGEROUS_PATTERNS = [
|
|
|
296
297
|
checkContext: true, // Will check for select: clause nearby
|
|
297
298
|
},
|
|
298
299
|
];
|
|
299
|
-
//
|
|
300
|
-
const
|
|
300
|
+
// Default files to skip (always skipped regardless of config)
|
|
301
|
+
const DEFAULT_SKIP_PATTERNS = (0, glob_patterns_1.extendExcludes)(glob_patterns_1.STANDARD_EXCLUDES, [
|
|
301
302
|
"node_modules",
|
|
302
303
|
".next",
|
|
303
304
|
"dist",
|
|
304
305
|
".git",
|
|
305
|
-
"*.test.ts",
|
|
306
|
-
"*.spec.ts",
|
|
307
306
|
"__mocks__",
|
|
308
|
-
"tests/",
|
|
309
|
-
"scripts/",
|
|
310
|
-
"prisma/seed.ts",
|
|
311
|
-
// Config files with legitimate emails/addresses
|
|
312
|
-
"lib/site-config.ts",
|
|
313
|
-
"lib/template-variables.ts",
|
|
314
|
-
"lib/email-utils.ts",
|
|
315
|
-
"lib/email-template-components.ts",
|
|
316
|
-
"lib/sendgrid-service.ts",
|
|
317
|
-
"lib/simple-auth.ts",
|
|
318
|
-
"lib/learning-system.ts",
|
|
319
|
-
"lib/auth.ts",
|
|
320
|
-
// Admin dashboards with example/mock data
|
|
321
|
-
"components/admin/",
|
|
322
|
-
// Public pages with contact info
|
|
323
|
-
"app/contact/",
|
|
324
|
-
"app/terms-conditions/",
|
|
325
|
-
"app/privacy-policy/",
|
|
326
|
-
// Admin/template pages with examples
|
|
327
|
-
"app/admin/templates/",
|
|
328
|
-
"app/api/admin/settings/",
|
|
329
|
-
// Store pages with legitimate data
|
|
330
|
-
"app/store/payouts/",
|
|
331
|
-
"app/register/store/",
|
|
332
|
-
// Integration handlers with notification emails
|
|
333
|
-
"app/api/integrations/ebay/",
|
|
334
|
-
"app/api/admin/integrations/",
|
|
335
|
-
// Phone validation endpoint (uses example format)
|
|
336
|
-
"app/api/account/phone/",
|
|
337
307
|
]);
|
|
308
|
+
// App-specific exclusions loaded from config
|
|
309
|
+
let appExclusions = [];
|
|
338
310
|
function shouldSkip(filePath) {
|
|
339
311
|
const normalized = filePath.replace(/\\/g, "/");
|
|
340
|
-
|
|
312
|
+
// Check default skip patterns
|
|
313
|
+
const matchesDefault = DEFAULT_SKIP_PATTERNS.some((pattern) => {
|
|
341
314
|
if (pattern.startsWith("*")) {
|
|
342
315
|
return normalized.endsWith(pattern.slice(1));
|
|
343
316
|
}
|
|
344
317
|
return normalized.includes(pattern);
|
|
345
318
|
});
|
|
319
|
+
if (matchesDefault)
|
|
320
|
+
return true;
|
|
321
|
+
// Check app-specific exclusions
|
|
322
|
+
return (0, exclusions_1.shouldExcludeFile)(filePath, appExclusions);
|
|
346
323
|
}
|
|
347
324
|
// CACHED FILE LISTS - Scan once, use everywhere
|
|
348
325
|
let _cachedAllTsTsxFiles = null;
|
|
@@ -463,6 +440,8 @@ async function main() {
|
|
|
463
440
|
console.log((0, console_chars_1.createDivider)(60, "heavy"));
|
|
464
441
|
console.log(`Mode: ${piiOnlyMode ? "PII Detection Only" : "Full Scan (API + PII)"}`);
|
|
465
442
|
console.log(`PII Patterns: ${PII_PATTERNS.length} categories\n`);
|
|
443
|
+
// Load app-specific exclusions from config
|
|
444
|
+
appExclusions = await (0, exclusions_1.getExclusions)(exports.id);
|
|
466
445
|
const files = await getAllTsTsxFiles();
|
|
467
446
|
// Run standard exposure checks (unless --pii-only)
|
|
468
447
|
if (!piiOnlyMode) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sensitive-data-exposure.js","sourceRoot":"","sources":["../../../src/checks/security/sensitive-data-exposure.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,6DAAiE;AACjE,wDAAoD;AACpD,8DAA+E;AAG/E,iBAAiB;AACJ,QAAA,EAAE,GAAG,kCAAkC,CAAC;AACxC,QAAA,IAAI,GAAG,yBAAyB,CAAC;AACjC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,yDAAyD,CAAC;AACxE,QAAA,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;AAWjC,MAAM,MAAM,GAAY,EAAE,CAAC;AAC3B,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;AAExD,0DAA0D;AAC1D,MAAM,gBAAgB,GAAG;IACvB,UAAU;IACV,cAAc;IACd,gBAAgB;IAChB,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,aAAa;IACb,cAAc;IACd,YAAY;IACZ,YAAY;IACZ,YAAY;IACZ,KAAK;IACL,KAAK;IACL,gBAAgB;IAChB,OAAO;IACP,aAAa;IACb,eAAe;IACf,aAAa;IACb,KAAK;IACL,WAAW;IACX,gBAAgB;IAChB,gBAAgB;IAChB,YAAY;IACZ,aAAa;IACb,cAAc;IACd,aAAa;IACb,gBAAgB;IAChB,WAAW;CACZ,CAAC;AAEF,uDAAuD;AAEvD,MAAM,YAAY,GAAG;IACnB,kCAAkC;IAClC;QACE,KAAK,EAAE,kCAAkC;QACzC,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,oDAAoD;QAC7D,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,eAAe;QACzB,2DAA2D;QAC3D,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAC5C,+CAA+C;YAC/C,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC7C,IAAI,MAAM,KAAK,CAAC,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,IAAI,GAAG;gBAAE,OAAO,KAAK,CAAC;YAClE,+DAA+D;YAC/D,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC9C,yCAAyC;YACzC,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC9C,wEAAwE;YACxE,yDAAyD;YACzD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IACD,gCAAgC;IAChC;QACE,KAAK,EACH,6FAA6F;QAC/F,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC;KAC9C;IACD,iCAAiC;IACjC;QACE,KAAK,EAAE,6BAA6B;QACpC,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,2DAA2D;QACpE,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;KACpE;IACD,mBAAmB;IACnB;QACE,KAAK,EAAE,yEAAyE;QAChF,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,kDAAkD;QAC3D,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,SAAS;QACnB,iCAAiC;QACjC,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAC/C,OAAO,OAAO,CAAC,MAAM,IAAI,EAAE,IAAI,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;QACtD,CAAC;KACF;IACD,kDAAkD;IAClD;QACE,KAAK,EAAE,yEAAyE;QAChF,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,SAAS;QACnB,qCAAqC;QACrC,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;YAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;YAClC,OAAO,CACL,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAC9B,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACxB,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACzB,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,CAC/B,CAAC;QACJ,CAAC;KACF;IACD,yBAAyB;IACzB;QACE,KAAK,EAAE,qEAAqE;QAC5E,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,wDAAwD;QACjE,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,UAAU;KACrB;IACD,qCAAqC;IACrC;QACE,KAAK,EAAE,0EAA0E;QACjF,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;KACtB;IACD,8CAA8C;IAC9C;QACE,KAAK,EAAE,2EAA2E;QAClF,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;KACtB;IACD,4DAA4D;IAC5D;QACE,KAAK,EAAE,4EAA4E;QACnF,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,uDAAuD;QAChE,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,eAAe;KAC1B;IACD,kBAAkB;IAClB;QACE,KAAK,EAAE,2EAA2E;QAClF,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,eAAe;KAC1B;IACD,uCAAuC;IACvC;QACE,KAAK,EACH,yFAAyF;QAC3F,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,yCAAyC;QAClD,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,WAAW;KACtB;IACD,0BAA0B;IAC1B;QACE,KAAK,EACH,iIAAiI;QACnI,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,0CAA0C;QACnD,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,UAAU;KACrB;CACF,CAAC;AAEF,4CAA4C;AAC5C,SAAS,SAAS,CAAC,UAAkB;IACnC,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC7C,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE;QAAE,OAAO,KAAK,CAAC;IAE3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpC,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,IAAI,CAAC,CAAC;YACX,IAAI,KAAK,GAAG,CAAC;gBAAE,KAAK,IAAI,CAAC,CAAC;QAC5B,CAAC;QAED,GAAG,IAAI,KAAK,CAAC;QACb,MAAM,GAAG,CAAC,MAAM,CAAC;IACnB,CAAC;IAED,OAAO,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,iDAAiD;AACjD,MAAM,kBAAkB,GAAG;IACzB;QACE,qEAAqE;QACrE,KAAK,EACH,oHAAoH;QACtH,OAAO,EACL,uGAAuG;QACzG,QAAQ,EAAE,SAAkB;QAC5B,YAAY,EAAE,IAAI;KACnB;IACD;QACE,sCAAsC;QACtC,KAAK,EAAE,4DAA4D;QACnE,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,SAAkB;KAC7B;IACD;QACE,oEAAoE;QACpE,0EAA0E;QAC1E,oDAAoD;QACpD,KAAK,EACH,qIAAqI;QACvI,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,qCAAqC;QACrC,KAAK,EAAE,yDAAyD;QAChE,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,yEAAyE;QACzE,KAAK,EAAE,8DAA8D;QACrE,OAAO,EAAE,kFAAkF;QAC3F,QAAQ,EAAE,SAAkB;QAC5B,YAAY,EAAE,IAAI,EAAE,uCAAuC;KAC5D;CACF,CAAC;AAEF,gBAAgB;AAChB,MAAM,aAAa,GAAG,IAAA,8BAAc,EAAC,iCAAiB,EAAE;IACtD,cAAc;IACd,OAAO;IACP,MAAM;IACN,MAAM;IACN,WAAW;IACX,WAAW;IACX,WAAW;IACX,QAAQ;IACR,UAAU;IACV,gBAAgB;IAChB,gDAAgD;IAChD,oBAAoB;IACpB,2BAA2B;IAC3B,oBAAoB;IACpB,kCAAkC;IAClC,yBAAyB;IACzB,oBAAoB;IACpB,wBAAwB;IACxB,aAAa;IACb,0CAA0C;IAC1C,mBAAmB;IACnB,iCAAiC;IACjC,cAAc;IACd,uBAAuB;IACvB,qBAAqB;IACrB,qCAAqC;IACrC,sBAAsB;IACtB,yBAAyB;IACzB,mCAAmC;IACnC,oBAAoB;IACpB,qBAAqB;IACrB,gDAAgD;IAChD,4BAA4B;IAC5B,6BAA6B;IAC7B,kDAAkD;IAClD,wBAAwB;CACzB,CAAC,CAAC;AAEH,SAAS,UAAU,CAAC,QAAgB;IAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QACpC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,gDAAgD;AAEhD,IAAI,oBAAoB,GAAoB,IAAI,CAAC;AACjD,KAAK,UAAU,gBAAgB;IAC7B,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,oBAAoB,GAAG,MAAM,sBAAS,CAAC,WAAW,EAAE,CAAC;IACvD,CAAC;IACD,OAAO,oBAAoB,CAAC;AAC9B,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO;IAEjC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,+BAA+B;IAC/B,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC;QACV,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEpE,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAElD,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACzC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YAED,sEAAsE;YACtE,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAC3B,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,EAC9B,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,GAAG,CACpC,CAAC;gBACF,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAChE,SAAS,CAAC,iCAAiC;gBAC7C,CAAC;YACH,CAAC;YAED,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAChE,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;YACrC,MAAM,UAAU,GAAG,IAAI,MAAM,CAAC,SAAS,KAAK,aAAa,EAAE,IAAI,CAAC,CAAC;YACjE,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACnD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBAElD,2DAA2D;gBAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;gBAC7D,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC9D,SAAS;gBACX,CAAC;gBAED,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,GAAG,KAAK,OAAO;oBACxB,QAAQ,EAAE,SAAS;oBACnB,OAAO,EAAE,oBAAoB,KAAK,qDAAqD;iBACxF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,0DAA0D;AAE1D,KAAK,UAAU,cAAc,CAAC,QAAgB;IAC5C,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO;IAEjC,4DAA4D;IAC5D,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,IACE,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC;QAChC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC;QAChC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC;QAC3B,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,EAC3B,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,MAAM,UAAU,IAAI,YAAY,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1E,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAClD,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAEzC,gBAAgB;YAChB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YAED,yBAAyB;YACzB,IACE,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACxB,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;gBACzB,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC1B,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAC1B,CAAC;gBACD,SAAS;YACX,CAAC;YAED,8BAA8B;YAC9B,IAAI,UAAU,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1D,SAAS;YACX,CAAC;YAED,uCAAuC;YACvC,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAEvE,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,WAAW;gBACpB,QAAQ,EAAE,UAAU,CAAC,QAAQ;gBAC7B,OAAO,EAAE,IAAI,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE;gBACrD,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAElF,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,SAAS,WAAW,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,uBAAuB,EAAE,CAAC,CAAC;IACrF,OAAO,CAAC,GAAG,CAAC,iBAAiB,YAAY,CAAC,MAAM,eAAe,CAAC,CAAC;IAEjE,MAAM,KAAK,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAEvC,mDAAmD;IACnD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,wCAAwC,CAAC,CAAC;QACrE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,+BAA+B,CAAC,CAAC;IAC5D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAEhE,6CAA6C;IAC7C,MAAM,aAAa,GAAG,IAAI,GAAG,EAAmB,CAAC;IACjD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACzD,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACrB,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,IAAI,OAAO,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,qBAAqB,CAAC,CAAC;YACnD,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;gBACvB,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,aAAa,CAAC,CAAC;YAC7C,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;gBACtC,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBACzB,OAAO,CAAC,GAAG,CAAC,cAAc,QAAQ,CAAC,MAAM,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,IAAI,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,IAAI,mBAAmB,CAAC,CAAC;YAChD,KAAK,MAAM,CAAC,QAAQ,EAAE,cAAc,CAAC,IAAI,aAAa,EAAE,CAAC;gBACvD,MAAM,cAAc,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;gBACnF,MAAM,gBAAgB,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;gBACvF,OAAO,CAAC,GAAG,CAAC,MAAM,QAAQ,KAAK,cAAc,YAAY,gBAAgB,WAAW,CAAC,CAAC;YACxF,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,aAAa,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5C,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,4BAA4B,aAAa,CAAC,IAAI,EAAE,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,4CAA4C,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAC;QACxF,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,4CAA4C,CAAC,CAAC;AAC9E,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"sensitive-data-exposure.js","sourceRoot":"","sources":["../../../src/checks/security/sensitive-data-exposure.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;;;;;;;;;;;;;;;GA2BG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,6DAAiE;AACjE,wDAAoD;AACpD,8DAA+E;AAC/E,wDAA2E;AAG3E,iBAAiB;AACJ,QAAA,EAAE,GAAG,kCAAkC,CAAC;AACxC,QAAA,IAAI,GAAG,yBAAyB,CAAC;AACjC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,yDAAyD,CAAC;AACxE,QAAA,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;AAWjC,MAAM,MAAM,GAAY,EAAE,CAAC;AAC3B,MAAM,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;AAExD,0DAA0D;AAC1D,MAAM,gBAAgB,GAAG;IACvB,UAAU;IACV,cAAc;IACd,gBAAgB;IAChB,QAAQ;IACR,QAAQ;IACR,WAAW;IACX,aAAa;IACb,cAAc;IACd,YAAY;IACZ,YAAY;IACZ,YAAY;IACZ,KAAK;IACL,KAAK;IACL,gBAAgB;IAChB,OAAO;IACP,aAAa;IACb,eAAe;IACf,aAAa;IACb,KAAK;IACL,WAAW;IACX,gBAAgB;IAChB,gBAAgB;IAChB,YAAY;IACZ,aAAa;IACb,cAAc;IACd,aAAa;IACb,gBAAgB;IAChB,WAAW;CACZ,CAAC;AAEF,uDAAuD;AAEvD,MAAM,YAAY,GAAG;IACnB,kCAAkC;IAClC;QACE,KAAK,EAAE,kCAAkC;QACzC,IAAI,EAAE,KAAK;QACX,OAAO,EAAE,oDAAoD;QAC7D,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,eAAe;QACzB,2DAA2D;QAC3D,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAC5C,+CAA+C;YAC/C,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC7C,IAAI,MAAM,KAAK,CAAC,IAAI,MAAM,KAAK,GAAG,IAAI,MAAM,IAAI,GAAG;gBAAE,OAAO,KAAK,CAAC;YAClE,+DAA+D;YAC/D,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC9C,yCAAyC;YACzC,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAC;YAC9C,wEAAwE;YACxE,yDAAyD;YACzD,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACvC,OAAO,IAAI,CAAC;QACd,CAAC;KACF;IACD,gCAAgC;IAChC;QACE,KAAK,EACH,6FAA6F;QAC/F,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC;KAC9C;IACD,iCAAiC;IACjC;QACE,KAAK,EAAE,6BAA6B;QACpC,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,2DAA2D;QACpE,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;KACpE;IACD,mBAAmB;IACnB;QACE,KAAK,EAAE,yEAAyE;QAChF,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,kDAAkD;QAC3D,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,SAAS;QACnB,iCAAiC;QACjC,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;YAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;YAC/C,OAAO,OAAO,CAAC,MAAM,IAAI,EAAE,IAAI,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC;QACtD,CAAC;KACF;IACD,kDAAkD;IAClD;QACE,KAAK,EAAE,yEAAyE;QAChF,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,SAAS;QACnB,qCAAqC;QACrC,QAAQ,EAAE,CAAC,KAAa,EAAE,EAAE;YAC1B,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;YAClC,OAAO,CACL,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAC9B,CAAC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACxB,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACzB,CAAC,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC,CAC/B,CAAC;QACJ,CAAC;KACF;IACD,yBAAyB;IACzB;QACE,KAAK,EAAE,qEAAqE;QAC5E,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,wDAAwD;QACjE,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,UAAU;KACrB;IACD,qCAAqC;IACrC;QACE,KAAK,EAAE,0EAA0E;QACjF,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;KACtB;IACD,8CAA8C;IAC9C;QACE,KAAK,EAAE,2EAA2E;QAClF,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,WAAW;KACtB;IACD,4DAA4D;IAC5D;QACE,KAAK,EAAE,4EAA4E;QACnF,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,uDAAuD;QAChE,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,eAAe;KAC1B;IACD,kBAAkB;IAClB;QACE,KAAK,EAAE,2EAA2E;QAClF,IAAI,EAAE,UAAU;QAChB,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,OAAgB;QAC1B,QAAQ,EAAE,eAAe;KAC1B;IACD,uCAAuC;IACvC;QACE,KAAK,EACH,yFAAyF;QAC3F,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,yCAAyC;QAClD,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,WAAW;KACtB;IACD,0BAA0B;IAC1B;QACE,KAAK,EACH,iIAAiI;QACnI,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,0CAA0C;QACnD,QAAQ,EAAE,SAAkB;QAC5B,QAAQ,EAAE,UAAU;KACrB;CACF,CAAC;AAEF,4CAA4C;AAC5C,SAAS,SAAS,CAAC,UAAkB;IACnC,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC7C,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE;QAAE,OAAO,KAAK,CAAC;IAE3D,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEpC,IAAI,MAAM,EAAE,CAAC;YACX,KAAK,IAAI,CAAC,CAAC;YACX,IAAI,KAAK,GAAG,CAAC;gBAAE,KAAK,IAAI,CAAC,CAAC;QAC5B,CAAC;QAED,GAAG,IAAI,KAAK,CAAC;QACb,MAAM,GAAG,CAAC,MAAM,CAAC;IACnB,CAAC;IAED,OAAO,GAAG,GAAG,EAAE,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,iDAAiD;AACjD,MAAM,kBAAkB,GAAG;IACzB;QACE,qEAAqE;QACrE,KAAK,EACH,oHAAoH;QACtH,OAAO,EACL,uGAAuG;QACzG,QAAQ,EAAE,SAAkB;QAC5B,YAAY,EAAE,IAAI;KACnB;IACD;QACE,sCAAsC;QACtC,KAAK,EAAE,4DAA4D;QACnE,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,SAAkB;KAC7B;IACD;QACE,oEAAoE;QACpE,0EAA0E;QAC1E,oDAAoD;QACpD,KAAK,EACH,qIAAqI;QACvI,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,qCAAqC;QACrC,KAAK,EAAE,yDAAyD;QAChE,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,yEAAyE;QACzE,KAAK,EAAE,8DAA8D;QACrE,OAAO,EAAE,kFAAkF;QAC3F,QAAQ,EAAE,SAAkB;QAC5B,YAAY,EAAE,IAAI,EAAE,uCAAuC;KAC5D;CACF,CAAC;AAEF,8DAA8D;AAC9D,MAAM,qBAAqB,GAAG,IAAA,8BAAc,EAAC,iCAAiB,EAAE;IAC9D,cAAc;IACd,OAAO;IACP,MAAM;IACN,MAAM;IACN,WAAW;CACZ,CAAC,CAAC;AAEH,6CAA6C;AAC7C,IAAI,aAAa,GAAa,EAAE,CAAC;AAEjC,SAAS,UAAU,CAAC,QAAgB;IAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,8BAA8B;IAC9B,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QAC5D,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IACH,IAAI,cAAc;QAAE,OAAO,IAAI,CAAC;IAChC,gCAAgC;IAChC,OAAO,IAAA,8BAAiB,EAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AACpD,CAAC;AAED,gDAAgD;AAEhD,IAAI,oBAAoB,GAAoB,IAAI,CAAC;AACjD,KAAK,UAAU,gBAAgB;IAC7B,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1B,oBAAoB,GAAG,MAAM,sBAAS,CAAC,WAAW,EAAE,CAAC;IACvD,CAAC;IACD,OAAO,oBAAoB,CAAC;AAC9B,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO;IAEjC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,+BAA+B;IAC/B,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC;QACV,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEpE,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAElD,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACzC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YAED,sEAAsE;YACtE,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;gBACzB,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAC3B,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,EAC9B,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,GAAG,CACpC,CAAC;gBACF,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;oBAChE,SAAS,CAAC,iCAAiC;gBAC7C,CAAC;YACH,CAAC;YAED,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,IAAI,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;QAChE,KAAK,MAAM,KAAK,IAAI,gBAAgB,EAAE,CAAC;YACrC,MAAM,UAAU,GAAG,IAAI,MAAM,CAAC,SAAS,KAAK,aAAa,EAAE,IAAI,CAAC,CAAC;YACjE,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACnD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBAElD,2DAA2D;gBAC3D,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;gBAC7D,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBAC9D,SAAS;gBACX,CAAC;gBAED,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,GAAG,KAAK,OAAO;oBACxB,QAAQ,EAAE,SAAS;oBACnB,OAAO,EAAE,oBAAoB,KAAK,qDAAqD;iBACxF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,0DAA0D;AAE1D,KAAK,UAAU,cAAc,CAAC,QAAgB;IAC5C,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO;IAEjC,4DAA4D;IAC5D,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,IACE,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC;QAChC,UAAU,CAAC,QAAQ,CAAC,WAAW,CAAC;QAChC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC;QAC3B,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,EAC3B,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,MAAM,UAAU,IAAI,YAAY,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1E,IAAI,KAAK,CAAC;QAEV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAClD,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAEzC,gBAAgB;YAChB,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YAED,yBAAyB;YACzB,IACE,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACxB,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC;gBACzB,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC1B,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,EAC1B,CAAC;gBACD,SAAS;YACX,CAAC;YAED,8BAA8B;YAC9B,IAAI,UAAU,CAAC,QAAQ,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1D,SAAS;YACX,CAAC;YAED,uCAAuC;YACvC,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAEvE,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,WAAW;gBACpB,QAAQ,EAAE,UAAU,CAAC,QAAQ;gBAC7B,OAAO,EAAE,IAAI,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE;gBACrD,QAAQ,EAAE,UAAU,CAAC,QAAQ;aAC9B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAElF,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;IAC/D,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,SAAS,WAAW,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,uBAAuB,EAAE,CAAC,CAAC;IACrF,OAAO,CAAC,GAAG,CAAC,iBAAiB,YAAY,CAAC,MAAM,eAAe,CAAC,CAAC;IAEjE,2CAA2C;IAC3C,aAAa,GAAG,MAAM,IAAA,0BAAa,EAAC,UAAE,CAAC,CAAC;IAExC,MAAM,KAAK,GAAG,MAAM,gBAAgB,EAAE,CAAC;IAEvC,mDAAmD;IACnD,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,wCAAwC,CAAC,CAAC;QACrE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,+BAA+B,CAAC,CAAC;IAC5D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,cAAc,CAAC,IAAI,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAEhE,6CAA6C;IAC7C,MAAM,aAAa,GAAG,IAAI,GAAG,EAAmB,CAAC;IACjD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACnB,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACzD,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACrB,aAAa,CAAC,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,IAAI,OAAO,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,qBAAqB,CAAC,CAAC;YACnD,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;gBACvB,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,aAAa,CAAC,CAAC;YAC7C,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;gBACtC,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YACH,IAAI,QAAQ,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;gBACzB,OAAO,CAAC,GAAG,CAAC,cAAc,QAAQ,CAAC,MAAM,GAAG,EAAE,gBAAgB,CAAC,CAAC;YAClE,CAAC;QACH,CAAC;QAED,iCAAiC;QACjC,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,IAAI,OAAO,EAAE,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,IAAI,mBAAmB,CAAC,CAAC;YAChD,KAAK,MAAM,CAAC,QAAQ,EAAE,cAAc,CAAC,IAAI,aAAa,EAAE,CAAC;gBACvD,MAAM,cAAc,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;gBACnF,MAAM,gBAAgB,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;gBACvF,OAAO,CAAC,GAAG,CAAC,MAAM,QAAQ,KAAK,cAAc,YAAY,gBAAgB,WAAW,CAAC,CAAC;YACxF,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,aAAa,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5C,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,4BAA4B,aAAa,CAAC,IAAI,EAAE,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,4CAA4C,CAAC,CAAC;QAC1E,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;QACzE,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAC9D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAC;QACxF,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,iEAAiE,CAAC,CAAC;QAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,4CAA4C,CAAC,CAAC;AAC9E,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sql-injection-prevention.d.ts","sourceRoot":"","sources":["../../../src/checks/security/sql-injection-prevention.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;GAgBG;
|
|
1
|
+
{"version":3,"file":"sql-injection-prevention.d.ts","sourceRoot":"","sources":["../../../src/checks/security/sql-injection-prevention.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;GAgBG;AAYH,eAAO,MAAM,EAAE,sCAAsC,CAAC;AACtD,eAAO,MAAM,IAAI,6BAA6B,CAAC;AAC/C,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,QAAQ,OAAO,CAAC;AAC7B,eAAO,MAAM,WAAW,kDAAkD,CAAC;AAC3E,eAAO,MAAM,IAAI,UAAe,CAAC"}
|
|
@@ -58,6 +58,7 @@ const console_chars_1 = require("../../utils/console-chars");
|
|
|
58
58
|
const file_cache_1 = require("../../shared/file-cache");
|
|
59
59
|
const glob_patterns_1 = require("../../shared/glob-patterns");
|
|
60
60
|
const universal_progress_reporter_1 = require("../system/universal-progress-reporter");
|
|
61
|
+
const exclusions_1 = require("../../shared/exclusions");
|
|
61
62
|
// Check metadata
|
|
62
63
|
exports.id = "security/sql-injection-prevention";
|
|
63
64
|
exports.name = "Sql Injection Prevention";
|
|
@@ -108,30 +109,30 @@ const DANGEROUS_PATTERNS = [
|
|
|
108
109
|
severity: "error",
|
|
109
110
|
},
|
|
110
111
|
];
|
|
111
|
-
//
|
|
112
|
-
const
|
|
112
|
+
// Default files/directories to skip (always skipped regardless of config)
|
|
113
|
+
const DEFAULT_SKIP_PATTERNS = (0, glob_patterns_1.extendExcludes)(glob_patterns_1.STANDARD_EXCLUDES, [
|
|
113
114
|
"node_modules",
|
|
114
115
|
".next",
|
|
115
116
|
"dist",
|
|
116
117
|
".git",
|
|
117
|
-
"*.test.ts",
|
|
118
|
-
"*.spec.ts",
|
|
119
118
|
"__mocks__",
|
|
120
|
-
"
|
|
121
|
-
"scripts/",
|
|
122
|
-
"prisma/sql/",
|
|
123
|
-
"lib/database/optimization-manager.ts",
|
|
124
|
-
"lib/search/full-text-search.ts",
|
|
125
|
-
"lib/validation/anti-workaround.ts",
|
|
119
|
+
"prisma/sql/", // TypedSQL files are safe
|
|
126
120
|
]);
|
|
121
|
+
// App-specific exclusions loaded from config
|
|
122
|
+
let appExclusions = [];
|
|
127
123
|
function shouldSkip(filePath) {
|
|
128
124
|
const normalized = filePath.replace(/\\/g, "/");
|
|
129
|
-
|
|
125
|
+
// Check default skip patterns
|
|
126
|
+
const matchesDefault = DEFAULT_SKIP_PATTERNS.some((pattern) => {
|
|
130
127
|
if (pattern.startsWith("*")) {
|
|
131
128
|
return normalized.endsWith(pattern.slice(1));
|
|
132
129
|
}
|
|
133
130
|
return normalized.includes(pattern);
|
|
134
131
|
});
|
|
132
|
+
if (matchesDefault)
|
|
133
|
+
return true;
|
|
134
|
+
// Check app-specific exclusions
|
|
135
|
+
return (0, exclusions_1.shouldExcludeFile)(filePath, appExclusions);
|
|
135
136
|
}
|
|
136
137
|
// CACHED FILE LISTS - Scan once, use everywhere
|
|
137
138
|
let _cachedAllCodeFiles = null;
|
|
@@ -173,6 +174,8 @@ async function main() {
|
|
|
173
174
|
const verbose = process.argv.includes("--verbose") || process.argv.includes("-v");
|
|
174
175
|
console.log(`${console_chars_1.emoji.lock} SQL Injection Prevention Preflight`);
|
|
175
176
|
console.log((0, console_chars_1.createDivider)(60, "heavy"));
|
|
177
|
+
// Load app-specific exclusions from config
|
|
178
|
+
appExclusions = await (0, exclusions_1.getExclusions)(exports.id);
|
|
176
179
|
// Scan TypeScript/JavaScript files
|
|
177
180
|
const files = await getAllCodeFiles();
|
|
178
181
|
for (const file of files) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sql-injection-prevention.js","sourceRoot":"","sources":["../../../src/checks/security/sql-injection-prevention.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;;;;GAgBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,6DAAiE;AACjE,wDAAoD;AACpD,8DAA+E;AAC/E,uFAAwF;
|
|
1
|
+
{"version":3,"file":"sql-injection-prevention.js","sourceRoot":"","sources":["../../../src/checks/security/sql-injection-prevention.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;;;;;GAgBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,6DAAiE;AACjE,wDAAoD;AACpD,8DAA+E;AAC/E,uFAAwF;AACxF,wDAA2E;AAG3E,iBAAiB;AACJ,QAAA,EAAE,GAAG,mCAAmC,CAAC;AACzC,QAAA,IAAI,GAAG,0BAA0B,CAAC;AAClC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,+CAA+C,CAAC;AAC9D,QAAA,IAAI,GAAG,CAAC,UAAU,CAAC,CAAC;AAUjC,MAAM,MAAM,GAAY,EAAE,CAAC;AAE3B,iDAAiD;AACjD,gFAAgF;AAChF,uEAAuE;AACvE,oEAAoE;AACpE,MAAM,kBAAkB,GAAG;IACzB;QACE,2DAA2D;QAC3D,KAAK,EAAE,0CAA0C;QACjD,OAAO,EAAE,+DAA+D;QACxE,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,kCAAkC;QAClC,KAAK,EAAE,sCAAsC;QAC7C,OAAO,EAAE,6DAA6D;QACtE,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,wDAAwD;QACxD,KAAK,EAAE,iCAAiC;QACxC,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,SAAkB;KAC7B;IACD;QACE,4BAA4B;QAC5B,KAAK,EAAE,yCAAyC;QAChD,OAAO,EAAE,sEAAsE;QAC/E,QAAQ,EAAE,SAAkB;KAC7B;IACD;QACE,mCAAmC;QACnC,KAAK,EAAE,gCAAgC;QACvC,OAAO,EAAE,sEAAsE;QAC/E,QAAQ,EAAE,OAAgB;KAC3B;IACD;QACE,mBAAmB;QACnB,KAAK,EAAE,kCAAkC;QACzC,OAAO,EAAE,0EAA0E;QACnF,QAAQ,EAAE,OAAgB;KAC3B;CACF,CAAC;AAEF,0EAA0E;AAC1E,MAAM,qBAAqB,GAAG,IAAA,8BAAc,EAAC,iCAAiB,EAAE;IAC9D,cAAc;IACd,OAAO;IACP,MAAM;IACN,MAAM;IACN,WAAW;IACX,aAAa,EAAE,0BAA0B;CAC1C,CAAC,CAAC;AAEH,6CAA6C;AAC7C,IAAI,aAAa,GAAa,EAAE,CAAC;AAEjC,SAAS,UAAU,CAAC,QAAgB;IAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAChD,8BAA8B;IAC9B,MAAM,cAAc,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE;QAC5D,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QAC/C,CAAC;QACD,OAAO,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACtC,CAAC,CAAC,CAAC;IACH,IAAI,cAAc;QAAE,OAAO,IAAI,CAAC;IAChC,gCAAgC;IAChC,OAAO,IAAA,8BAAiB,EAAC,QAAQ,EAAE,aAAa,CAAC,CAAC;AACpD,CAAC;AAED,gDAAgD;AAEhD,IAAI,mBAAmB,GAAoB,IAAI,CAAC;AAChD,KAAK,UAAU,eAAe;IAC5B,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,mBAAmB,GAAG,MAAM,sBAAS,CAAC,eAAe,EAAE,CAAC;IAC1D,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO;IAEjC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC;QACV,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEpE,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,mBAAmB;YACnB,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAElD,uBAAuB;YACvB,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACzC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBAChE,SAAS;YACX,CAAC;YAED,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,UAAU;gBAChB,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;gBACpE,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,QAAQ,GAAG,IAAA,6DAA+B,EAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC;IACnF,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAElF,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,IAAI,qCAAqC,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAExC,2CAA2C;IAC3C,aAAa,GAAG,MAAM,IAAA,0BAAa,EAAC,UAAE,CAAC,CAAC;IAExC,mCAAmC;IACnC,MAAM,KAAK,GAAG,MAAM,eAAe,EAAE,CAAC;IAEtC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC5D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAEhE,IAAI,OAAO,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,qBAAqB,CAAC,CAAC;YACnD,MAAM,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;gBACvB,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,aAAa,CAAC,CAAC;YAC7C,QAAQ,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE;gBACzB,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;gBAC9C,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC/C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;IAC9C,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,aAAa,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;IAE5C,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,kCAAkC,CAAC,CAAC;QAChE,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,gEAAgE,CAAC,CAAC;QAC9F,OAAO,CAAC,GAAG,CACT,KAAK,qBAAK,CAAC,OAAO,4EAA4E,CAC/F,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,oDAAoD,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,kCAAkC,CAAC,CAAC;AACpE,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"turnstile-scope-validation.d.ts","sourceRoot":"","sources":["../../../src/checks/security/turnstile-scope-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;GAYG;
|
|
1
|
+
{"version":3,"file":"turnstile-scope-validation.d.ts","sourceRoot":"","sources":["../../../src/checks/security/turnstile-scope-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;GAYG;AASH,eAAO,MAAM,EAAE,wCAAwC,CAAC;AACxD,eAAO,MAAM,IAAI,+BAA+B,CAAC;AACjD,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,QAAQ,OAAO,CAAC;AAC7B,eAAO,MAAM,WAAW,yCAAyC,CAAC;AAClE,eAAO,MAAM,IAAI,UAA4B,CAAC"}
|
|
@@ -51,6 +51,7 @@ exports.tags = exports.description = exports.blocking = exports.category = expor
|
|
|
51
51
|
const fs = __importStar(require("fs"));
|
|
52
52
|
const glob_1 = require("glob");
|
|
53
53
|
const console_chars_1 = require("../../utils/console-chars");
|
|
54
|
+
const exclusions_1 = require("../../shared/exclusions");
|
|
54
55
|
// Check metadata
|
|
55
56
|
exports.id = "security/turnstile-scope-validation";
|
|
56
57
|
exports.name = "Turnstile Scope Validation";
|
|
@@ -92,7 +93,8 @@ const SCAN_PATTERNS = [
|
|
|
92
93
|
"app/store/**/*Client.tsx",
|
|
93
94
|
"components/**/*Turnstile*.tsx",
|
|
94
95
|
];
|
|
95
|
-
|
|
96
|
+
// App-specific exclusions loaded from config
|
|
97
|
+
let appExclusions = [];
|
|
96
98
|
function hasTurnstileUsage(content) {
|
|
97
99
|
const lines = content.split("\n");
|
|
98
100
|
// First check if this is just a utility import (getClientIp only)
|
|
@@ -178,17 +180,19 @@ async function main() {
|
|
|
178
180
|
console.log(`${console_chars_1.emoji.shield} Turnstile Scope Validation Preflight`);
|
|
179
181
|
console.log((0, console_chars_1.createDivider)(70, "heavy"));
|
|
180
182
|
console.log("Policy: Turnstile for public forms, NOT for authenticated seller actions\n");
|
|
183
|
+
// Load app-specific exclusions from config
|
|
184
|
+
appExclusions = await (0, exclusions_1.getExclusions)(exports.id);
|
|
181
185
|
// Get all files to scan
|
|
182
186
|
const allFiles = [];
|
|
183
187
|
for (const pattern of SCAN_PATTERNS) {
|
|
184
188
|
const files = await (0, glob_1.glob)(pattern, {
|
|
185
|
-
ignore:
|
|
189
|
+
ignore: ["**/node_modules/**"],
|
|
186
190
|
nodir: true,
|
|
187
191
|
});
|
|
188
192
|
allFiles.push(...files);
|
|
189
193
|
}
|
|
190
|
-
// Deduplicate
|
|
191
|
-
const uniqueFiles = [...new Set(allFiles)];
|
|
194
|
+
// Deduplicate and filter by exclusions
|
|
195
|
+
const uniqueFiles = [...new Set(allFiles)].filter((file) => !(0, exclusions_1.shouldExcludeFile)(file, appExclusions));
|
|
192
196
|
console.log(`Scanning ${uniqueFiles.length} files for Turnstile usage...\n`);
|
|
193
197
|
// Scan each file
|
|
194
198
|
for (const file of uniqueFiles) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"turnstile-scope-validation.js","sourceRoot":"","sources":["../../../src/checks/security/turnstile-scope-validation.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;GAYG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,+BAA4B;AAC5B,6DAAiE;
|
|
1
|
+
{"version":3,"file":"turnstile-scope-validation.js","sourceRoot":"","sources":["../../../src/checks/security/turnstile-scope-validation.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;;;GAYG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,+BAA4B;AAC5B,6DAAiE;AACjE,wDAA2E;AAG3E,iBAAiB;AACJ,QAAA,EAAE,GAAG,qCAAqC,CAAC;AAC3C,QAAA,IAAI,GAAG,4BAA4B,CAAC;AACpC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,sCAAsC,CAAC;AACrD,QAAA,IAAI,GAAG,CAAC,UAAU,EAAC,YAAY,CAAC,CAAC;AAU9C,MAAM,MAAM,GAAY,EAAE,CAAC;AAE3B,iEAAiE;AACjE,MAAM,2BAA2B,GAAG;IAClC,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,OAAO,EAAE;IACvD,EAAE,OAAO,EAAE,8BAA8B,EAAE,IAAI,EAAE,cAAc,EAAE;IACjE,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,gBAAgB,EAAE;IAClE,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,cAAc,EAAE;CAC9C,CAAC;AAEF,2EAA2E;AAC3E,MAAM,4BAA4B,GAAG;IACnC,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,uBAAuB,EAAE;IACpE,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,2BAA2B,EAAE;IAC1E,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,aAAa,EAAE;IAC1D,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,kBAAkB,EAAE;IAC9D,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,qBAAqB,EAAE;IAC5D,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,8BAA8B,EAAE;IAChE,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,cAAc,EAAE;CACpD,CAAC;AAEF,kFAAkF;AAClF,MAAM,+BAA+B,GAAG;IACtC,2BAA2B;IAC3B,eAAe;IACf,iBAAiB;IACjB,cAAc;CACf,CAAC;AAEF,mEAAmE;AACnE,MAAM,0BAA0B,GAAG,CAAC,sCAAsC,CAAC,CAAC;AAE5E,gBAAgB;AAChB,MAAM,aAAa,GAAG;IACpB,qBAAqB;IACrB,uBAAuB;IACvB,0BAA0B;IAC1B,+BAA+B;CAChC,CAAC;AAEF,6CAA6C;AAC7C,IAAI,aAAa,GAAa,EAAE,CAAC;AAEjC,SAAS,iBAAiB,CAAC,OAAe;IACxC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,kEAAkE;IAClE,IAAI,oBAAoB,GAAG,KAAK,CAAC;IACjC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;YACjD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAAE,CAAC;gBACjE,oBAAoB,GAAG,IAAI,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IAED,yCAAyC;IACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,KAAK,MAAM,OAAO,IAAI,+BAA+B,EAAE,CAAC;YACtD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3B,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,CAAC;YACtC,CAAC;QACH,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;AACnC,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAe;IAC3C,yCAAyC;IACzC,OAAO,CACL,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC;QAChC,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAC;QAC9C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC;QACjC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAClC,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,cAAc,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAElD,oDAAoD;IACpD,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,4BAA4B,EAAE,CAAC;QAC7D,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,IAAI,cAAc,CAAC,KAAK,EAAE,CAAC;gBACzB,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,cAAc,CAAC,IAAI;oBACzB,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,GAAG,IAAI,2DAA2D;oBAC3E,UAAU,EACR,8EAA8E;iBACjF,CAAC,CAAC;YACL,CAAC;YACD,OAAO;QACT,CAAC;IACH,CAAC;IAED,sDAAsD;IACtD,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,2BAA2B,EAAE,CAAC;QAC5D,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3B,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,CAAC;gBAC1B,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC;oBACP,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,GAAG,IAAI,mCAAmC;oBACnD,UAAU,EAAE,kEAAkE;iBAC/E,CAAC,CAAC;YACL,CAAC;YACD,OAAO;QACT,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,IAAI,oBAAoB,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC,KAAK,EAAE,CAAC;QAC1D,gEAAgE;QAChE,MAAM,UAAU,GACd,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;YAC3B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC1B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC5B,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC1B,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QAE5B,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,cAAc,CAAC,IAAI;gBACzB,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,oEAAoE;gBAC7E,UAAU,EACR,2FAA2F;aAC9F,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,MAAM,uCAAuC,CAAC,CAAC;IACpE,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,4EAA4E,CAAC,CAAC;IAE1F,2CAA2C;IAC3C,aAAa,GAAG,MAAM,IAAA,0BAAa,EAAC,UAAE,CAAC,CAAC;IAExC,wBAAwB;IACxB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE;YAChC,MAAM,EAAE,CAAC,oBAAoB,CAAC;YAC9B,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QACH,QAAQ,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;IAC1B,CAAC;IAED,uCAAuC;IACvC,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAC/C,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAA,8BAAiB,EAAC,IAAI,EAAE,aAAa,CAAC,CAClD,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,YAAY,WAAW,CAAC,MAAM,iCAAiC,CAAC,CAAC;IAE7E,iBAAiB;IACjB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAED,iBAAiB;IACjB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;IAE5D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,OAAO,sCAAsC,CAAC,CAAC;QACpE,OAAO,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC;QAC5C,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;QAC1E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,MAAM,YAAY,QAAQ,CAAC,MAAM,aAAa,CAAC,CAAC;IAE5E,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,KAAK,sCAAsC,CAAC,CAAC;QAClE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,SAAS,qBAAK,CAAC,IAAI,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,qCAAqC,CAAC,CAAC;QACrE,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,SAAS,qBAAK,CAAC,IAAI,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,IAAI,oBAAoB,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;IAC9E,OAAO,CAAC,GAAG,CAAC,kEAAkE,CAAC,CAAC;IAChF,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAExC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,8DAA8D,CAAC,CAAC;QAC5F,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,8CAA8C,CAAC,CAAC;IAC9E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhook-security-validation.d.ts","sourceRoot":"","sources":["../../../src/checks/security/webhook-security-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;GAUG;
|
|
1
|
+
{"version":3,"file":"webhook-security-validation.d.ts","sourceRoot":"","sources":["../../../src/checks/security/webhook-security-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;GAUG;AAWH,eAAO,MAAM,EAAE,yCAAyC,CAAC;AACzD,eAAO,MAAM,IAAI,gCAAgC,CAAC;AAClD,eAAO,MAAM,QAAQ,aAAa,CAAC;AACnC,eAAO,MAAM,QAAQ,OAAO,CAAC;AAC7B,eAAO,MAAM,WAAW,0CAA0C,CAAC;AACnE,eAAO,MAAM,IAAI,UAA4B,CAAC"}
|
|
@@ -51,6 +51,7 @@ const glob_1 = require("glob");
|
|
|
51
51
|
const path = __importStar(require("path"));
|
|
52
52
|
const console_chars_1 = require("../../utils/console-chars");
|
|
53
53
|
const universal_progress_reporter_1 = require("../system/universal-progress-reporter");
|
|
54
|
+
const exclusions_1 = require("../../shared/exclusions");
|
|
54
55
|
// Check metadata
|
|
55
56
|
exports.id = "security/webhook-security-validation";
|
|
56
57
|
exports.name = "Webhook Security Validation";
|
|
@@ -91,8 +92,10 @@ const SCAN_PATTERNS = [
|
|
|
91
92
|
"app/api/**/webhooks/**/*.ts",
|
|
92
93
|
"app/api/**/*webhook*.ts",
|
|
93
94
|
];
|
|
94
|
-
//
|
|
95
|
-
const
|
|
95
|
+
// Default files to exclude (always excluded regardless of config)
|
|
96
|
+
const DEFAULT_EXCLUDE_PATTERNS = ["**/node_modules/**"];
|
|
97
|
+
// App-specific exclusions loaded from config
|
|
98
|
+
let appExclusions = [];
|
|
96
99
|
async function scanFile(filePath) {
|
|
97
100
|
const content = fs.readFileSync(filePath, "utf-8");
|
|
98
101
|
const lines = content.split("\n");
|
|
@@ -170,7 +173,8 @@ async function scanFile(filePath) {
|
|
|
170
173
|
}
|
|
171
174
|
// Check for PayPal webhook verification
|
|
172
175
|
async function checkPayPalWebhooks() {
|
|
173
|
-
const paypalFiles = await (0, glob_1.glob)("app/api/**/paypal*/**/*.ts", { ignore:
|
|
176
|
+
const paypalFiles = (await (0, glob_1.glob)("app/api/**/paypal*/**/*.ts", { ignore: DEFAULT_EXCLUDE_PATTERNS }))
|
|
177
|
+
.filter((file) => !(0, exclusions_1.shouldExcludeFile)(file, appExclusions));
|
|
174
178
|
for (const file of paypalFiles) {
|
|
175
179
|
const content = fs.readFileSync(file, "utf-8");
|
|
176
180
|
if (content.includes("webhook") || content.includes("Webhook")) {
|
|
@@ -194,15 +198,18 @@ async function main() {
|
|
|
194
198
|
const reporter = (0, universal_progress_reporter_1.createUniversalProgressReporter)(path.basename(__filename, ".ts"));
|
|
195
199
|
console.log("🔐 Webhook Security Validation Preflight");
|
|
196
200
|
console.log((0, console_chars_1.createDivider)(70, "heavy"));
|
|
201
|
+
// Load app-specific exclusions from config
|
|
202
|
+
appExclusions = await (0, exclusions_1.getExclusions)(exports.id);
|
|
197
203
|
// Get all webhook files
|
|
198
|
-
const
|
|
204
|
+
const allFiles = [];
|
|
199
205
|
for (const pattern of SCAN_PATTERNS) {
|
|
200
206
|
const matches = await (0, glob_1.glob)(pattern, {
|
|
201
|
-
ignore:
|
|
207
|
+
ignore: DEFAULT_EXCLUDE_PATTERNS,
|
|
202
208
|
nodir: true,
|
|
203
209
|
});
|
|
204
|
-
|
|
210
|
+
allFiles.push(...matches);
|
|
205
211
|
}
|
|
212
|
+
const files = allFiles.filter((file) => !(0, exclusions_1.shouldExcludeFile)(file, appExclusions));
|
|
206
213
|
if (files.length === 0) {
|
|
207
214
|
console.log("No webhook endpoints found");
|
|
208
215
|
process.exit(0);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"webhook-security-validation.js","sourceRoot":"","sources":["../../../src/checks/security/webhook-security-validation.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,+BAA4B;AAC5B,2CAA6B;AAC7B,6DAAiE;AACjE,uFAAwF;
|
|
1
|
+
{"version":3,"file":"webhook-security-validation.js","sourceRoot":"","sources":["../../../src/checks/security/webhook-security-validation.ts"],"names":[],"mappings":";;AACA;;;;;;;;;;GAUG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,+BAA4B;AAC5B,2CAA6B;AAC7B,6DAAiE;AACjE,uFAAwF;AACxF,wDAA2E;AAG3E,iBAAiB;AACJ,QAAA,EAAE,GAAG,sCAAsC,CAAC;AAC5C,QAAA,IAAI,GAAG,6BAA6B,CAAC;AACrC,QAAA,QAAQ,GAAG,UAAU,CAAC;AACtB,QAAA,QAAQ,GAAG,IAAI,CAAC;AAChB,QAAA,WAAW,GAAG,uCAAuC,CAAC;AACtD,QAAA,IAAI,GAAG,CAAC,UAAU,EAAC,YAAY,CAAC,CAAC;AAU9C,MAAM,MAAM,GAAY,EAAE,CAAC;AAE3B,wDAAwD;AACxD,MAAM,kBAAkB,GAAG;IACzB,YAAY;IACZ,OAAO;IACP,kBAAkB;IAClB,kBAAkB;IAClB,iBAAiB;IACjB,iBAAiB;IACjB,qBAAqB;IACrB,kBAAkB;CACnB,CAAC;AAEF,qDAAqD;AACrD,MAAM,eAAe,GAAG;IACtB,YAAY;IACZ,QAAQ;IACR,cAAc;IACd,aAAa;IACb,qBAAqB;IACrB,mBAAmB;CACpB,CAAC;AAEF,+CAA+C;AAC/C,MAAM,cAAc,GAAG;IACrB,QAAQ;IACR,UAAU;IACV,oDAAoD,EAAE,2BAA2B;CAClF,CAAC;AAEF,4BAA4B;AAC5B,MAAM,aAAa,GAAG;IACpB,6BAA6B;IAC7B,6BAA6B;IAC7B,yBAAyB;CAC1B,CAAC;AAEF,kEAAkE;AAClE,MAAM,wBAAwB,GAAG,CAAC,oBAAoB,CAAC,CAAC;AAExD,6CAA6C;AAC7C,IAAI,aAAa,GAAa,EAAE,CAAC;AAEjC,KAAK,UAAU,QAAQ,CAAC,QAAgB;IACtC,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,mCAAmC;IACnC,MAAM,wBAAwB,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAC7F,IAAI,CAAC,wBAAwB,EAAE,CAAC;QAC9B,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,CAAC;YACP,IAAI,EAAE,OAAO;YACb,OAAO,EAAE,iDAAiD;YAC1D,IAAI,EAAE,qDAAqD;SAC5D,CAAC,CAAC;IACL,CAAC;IAED,8BAA8B;IAC9B,MAAM,mBAAmB,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACrF,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,CAAC;YACP,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,sDAAsD;YAC/D,IAAI,EAAE,wDAAwD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,kFAAkF;IAClF,MAAM,sBAAsB,GAC1B,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC;QACvB,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC;QACzB,CAAC,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAEtD,IAAI,CAAC,sBAAsB,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,CAAC;YACP,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,iFAAiF;YAC1F,IAAI,EAAE,yDAAyD;SAChE,CAAC,CAAC;IACL,CAAC;IAED,gEAAgE;IAChE,IACE,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAChC,CAAC;QACD,IAAI,wBAAwB,EAAE,CAAC;YAC7B,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,SAAS;gBACf,OAAO,EAAE,yDAAyD;gBAClE,IAAI,EAAE,wEAAwE;aAC/E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,mCAAmC;IACnC,IAAI,wBAAwB,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;QACrE,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,QAAQ;YACd,IAAI,EAAE,CAAC;YACP,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,wDAAwD;YACjE,IAAI,EAAE,wDAAwD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,IAAI,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QAC7E,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YACrC,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,OAAO;gBACb,OAAO,EAAE,uDAAuD;gBAChE,IAAI,EAAE,wDAAwD;aAC/D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC;AAED,wCAAwC;AACxC,KAAK,UAAU,mBAAmB;IAChC,MAAM,WAAW,GAAG,CAAC,MAAM,IAAA,WAAI,EAAC,4BAA4B,EAAE,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC,CAAC;SACjG,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAA,8BAAiB,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;IAE7D,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAE/C,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC/D,wCAAwC;YACxC,MAAM,qBAAqB,GACzB,OAAO,CAAC,QAAQ,CAAC,wBAAwB,CAAC;gBAC1C,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC;gBACrC,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;YAEtC,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI;oBACJ,IAAI,EAAE,CAAC;oBACP,IAAI,EAAE,OAAO;oBACb,OAAO,EAAE,4CAA4C;oBACrD,IAAI,EAAE,gEAAgE;iBACvE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,KAAK,UAAU,IAAI;IACjB,MAAM,QAAQ,GAAG,IAAA,6DAA+B,EAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC;IACnF,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAExC,2CAA2C;IAC3C,aAAa,GAAG,MAAM,IAAA,0BAAa,EAAC,UAAE,CAAC,CAAC;IAExC,wBAAwB;IACxB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;QACpC,MAAM,OAAO,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE;YAClC,MAAM,EAAE,wBAAwB;YAChC,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QACH,QAAQ,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;IAC5B,CAAC;IACD,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAA,8BAAiB,EAAC,IAAI,EAAE,aAAa,CAAC,CAAC,CAAC;IAEjF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,YAAY,KAAK,CAAC,MAAM,2CAA2C,CAAC,CAAC;IAEjF,iBAAiB;IACjB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC;IACvB,CAAC;IAED,iCAAiC;IACjC,MAAM,mBAAmB,EAAE,CAAC;IAE5B,iBAAiB;IACjB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;IAE5D,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,6CAA6C,CAAC,CAAC;QAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,YAAY,MAAM,CAAC,MAAM,YAAY,QAAQ,CAAC,MAAM,aAAa,CAAC,CAAC;IAE/E,gBAAgB;IAChB,MAAM,MAAM,GAAG,IAAI,GAAG,EAAmB,CAAC;IAC1C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrB,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IACnC,CAAC;IAED,eAAe;IACf,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,MAAM,EAAE,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;QACvC,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,GAAG,qBAAK,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,qBAAK,CAAC,OAAO,EAAE,CAAC;YAC5E,OAAO,CAAC,GAAG,CAAC,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,IAAI,GAAG,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC/C,OAAO,CAAC,GAAG,CAAC,GAAG,qBAAK,CAAC,IAAI,8BAA8B,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,2DAA2D,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;IAC7D,OAAO,CAAC,GAAG,CAAC,yDAAyD,CAAC,CAAC;IACvE,OAAO,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,IAAA,6BAAa,EAAC,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAExC,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,KAAK,0DAA0D,CAAC,CAAC;QACxF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,qBAAK,CAAC,OAAO,4CAA4C,CAAC,CAAC;IAC5E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"storage-keys-validation.d.ts","sourceRoot":"","sources":["../../src/checks/storage-keys-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;GAgBG;
|
|
1
|
+
{"version":3,"file":"storage-keys-validation.d.ts","sourceRoot":"","sources":["../../src/checks/storage-keys-validation.ts"],"names":[],"mappings":";AACA;;;;;;;;;;;;;;;;GAgBG;AAYH,eAAO,MAAM,EAAE,iCAAiC,CAAC;AACjD,eAAO,MAAM,IAAI,4BAA4B,CAAC;AAC9C,eAAO,MAAM,QAAQ,SAAS,CAAC;AAC/B,eAAO,MAAM,QAAQ,QAAQ,CAAC;AAC9B,eAAO,MAAM,WAAW,sCAAsC,CAAC;AAC/D,eAAO,MAAM,IAAI,UAAwB,CAAC"}
|
|
@@ -58,6 +58,7 @@ const path = __importStar(require("path"));
|
|
|
58
58
|
const console_chars_1 = require("../utils/console-chars");
|
|
59
59
|
const glob_patterns_1 = require("../shared/glob-patterns");
|
|
60
60
|
const universal_progress_reporter_1 = require("./system/universal-progress-reporter");
|
|
61
|
+
const exclusions_1 = require("../shared/exclusions");
|
|
61
62
|
// Check metadata
|
|
62
63
|
exports.id = "misc/storage-keys-validation";
|
|
63
64
|
exports.name = "Storage Keys Validation";
|
|
@@ -102,11 +103,13 @@ const DEFINITION_FILES = [
|
|
|
102
103
|
"hooks/useLocalStorage.ts",
|
|
103
104
|
"hooks/useListingPersistence.ts", // Has its own STORAGE_KEYS constant
|
|
104
105
|
];
|
|
105
|
-
//
|
|
106
|
-
const
|
|
106
|
+
// Default files to skip (always skipped regardless of config)
|
|
107
|
+
const DEFAULT_SKIP_PATTERNS = (0, glob_patterns_1.extendExcludes)(glob_patterns_1.STANDARD_EXCLUDES_WITH_TESTS, [
|
|
107
108
|
"**/scripts/archive/**",
|
|
108
109
|
"**/docs/**",
|
|
109
110
|
]);
|
|
111
|
+
// App-specific exclusions loaded from config
|
|
112
|
+
let appExclusions = [];
|
|
110
113
|
function isKnownKey(key) {
|
|
111
114
|
if (KNOWN_STORAGE_KEYS.has(key))
|
|
112
115
|
return true;
|
|
@@ -224,12 +227,15 @@ async function main() {
|
|
|
224
227
|
console.log((0, console_chars_1.createDivider)(80, "heavy"));
|
|
225
228
|
console.log("Validates localStorage/sessionStorage usage against centralized constants");
|
|
226
229
|
console.log((0, console_chars_1.createDivider)(80, "heavy"));
|
|
230
|
+
// Load app-specific exclusions from config
|
|
231
|
+
appExclusions = await (0, exclusions_1.getExclusions)(exports.id);
|
|
227
232
|
// Find all TypeScript/TSX files
|
|
228
|
-
const
|
|
229
|
-
ignore:
|
|
233
|
+
const allFiles = await (0, glob_1.glob)("**/*.{ts,tsx}", {
|
|
234
|
+
ignore: DEFAULT_SKIP_PATTERNS,
|
|
230
235
|
cwd: process.cwd(),
|
|
231
236
|
absolute: true,
|
|
232
237
|
});
|
|
238
|
+
const files = allFiles.filter((file) => !(0, exclusions_1.shouldExcludeFile)(file, appExclusions));
|
|
233
239
|
const allIssues = [];
|
|
234
240
|
for (const file of files) {
|
|
235
241
|
const issues = await scanFile(file);
|