@fourteensystems/shipguard 0.2.5 → 0.2.7
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +11 -2
- package/dist/cli/commands/scan.d.ts.map +1 -1
- package/dist/cli/commands/scan.js +11 -1
- package/dist/cli/commands/scan.js.map +1 -1
- package/dist/engine/config.d.ts.map +1 -1
- package/dist/engine/config.js +2 -0
- package/dist/engine/config.js.map +1 -1
- package/dist/engine/report.d.ts.map +1 -1
- package/dist/engine/report.js +19 -1
- package/dist/engine/report.js.map +1 -1
- package/dist/engine/run.d.ts +2 -0
- package/dist/engine/run.d.ts.map +1 -1
- package/dist/engine/run.js +5 -1
- package/dist/engine/run.js.map +1 -1
- package/dist/engine/version.d.ts +1 -1
- package/dist/engine/version.js +1 -1
- package/dist/next/deps.js +1 -1
- package/dist/next/deps.js.map +1 -1
- package/dist/next/index.d.ts +1 -1
- package/dist/next/index.d.ts.map +1 -1
- package/dist/next/index.js +8 -1
- package/dist/next/index.js.map +1 -1
- package/dist/next/routes.d.ts.map +1 -1
- package/dist/next/routes.js +27 -3
- package/dist/next/routes.js.map +1 -1
- package/dist/next/routes.test.js +27 -0
- package/dist/next/routes.test.js.map +1 -1
- package/dist/next/wrappers.js +46 -3
- package/dist/next/wrappers.js.map +1 -1
- package/dist/rules/auth-boundary-missing.d.ts.map +1 -1
- package/dist/rules/auth-boundary-missing.js +71 -41
- package/dist/rules/auth-boundary-missing.js.map +1 -1
- package/dist/rules/index.d.ts.map +1 -1
- package/dist/rules/index.js +11 -0
- package/dist/rules/index.js.map +1 -1
- package/dist/rules/input-validation-missing.d.ts +5 -0
- package/dist/rules/input-validation-missing.d.ts.map +1 -0
- package/dist/rules/input-validation-missing.js +242 -0
- package/dist/rules/input-validation-missing.js.map +1 -0
- package/dist/rules/input-validation-missing.test.d.ts +2 -0
- package/dist/rules/input-validation-missing.test.d.ts.map +1 -0
- package/dist/rules/input-validation-missing.test.js +404 -0
- package/dist/rules/input-validation-missing.test.js.map +1 -0
- package/dist/rules/rate-limit-missing.d.ts.map +1 -1
- package/dist/rules/rate-limit-missing.js +46 -4
- package/dist/rules/rate-limit-missing.js.map +1 -1
- package/dist/rules/wrapper-unrecognized.d.ts.map +1 -1
- package/dist/rules/wrapper-unrecognized.js +6 -1
- package/dist/rules/wrapper-unrecognized.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -15,7 +15,7 @@ npx @fourteensystems/shipguard init
|
|
|
15
15
|
Detects your framework and dependencies, generates a config, and runs your first scan.
|
|
16
16
|
|
|
17
17
|
```
|
|
18
|
-
Shipguard 0.2.
|
|
18
|
+
Shipguard 0.2.7
|
|
19
19
|
Detected: next-app-router · next-auth · prisma · upstash-ratelimit · middleware.ts
|
|
20
20
|
Score: 85 PASS
|
|
21
21
|
```
|
|
@@ -61,6 +61,7 @@ shipguard explain AUTH-BOUNDARY-MISSING
|
|
|
61
61
|
| AUTH-BOUNDARY-MISSING | critical | Mutation endpoints without auth checks |
|
|
62
62
|
| RATE-LIMIT-MISSING | critical | API routes without rate limiting (auth-aware severity) |
|
|
63
63
|
| TENANCY-SCOPE-MISSING | critical | Prisma queries without tenant scoping |
|
|
64
|
+
| INPUT-VALIDATION-MISSING | med | Mutation endpoints accepting input without schema validation |
|
|
64
65
|
| WRAPPER-UNRECOGNIZED | high | HOF wrappers that couldn't be verified for auth/rate-limit enforcement |
|
|
65
66
|
|
|
66
67
|
### Wrapper Introspection
|
|
@@ -79,7 +80,8 @@ Shipguard doesn't just detect the wrapper name — it **follows the import, read
|
|
|
79
80
|
1. **Resolve**: follows `import { withWorkspace } from "@/lib/auth"` through tsconfig path aliases (`@/lib/*` → `lib/*`), barrel re-exports (`index.ts` → `export * from "./workspace"`), up to 5 hops with cycle detection
|
|
80
81
|
2. **Analyze**: parses the wrapper body with TypeScript AST to find auth/rate-limit calls
|
|
81
82
|
3. **Verify enforcement**: checks that the call result is used in a conditional (`if (!session) throw`) — calling `getSession()` without checking the result is NOT an auth boundary
|
|
82
|
-
4. **
|
|
83
|
+
4. **Built-in patterns**: recognizes webhook signature verification (`stripe.webhooks.constructEvent`, `verifyVercelSignature`, `verifyQstashSignature`, HMAC + `timingSafeEqual`) as auth enforcement
|
|
84
|
+
5. **Apply**: routes using a verified wrapper are automatically cleared, no hints needed
|
|
83
85
|
|
|
84
86
|
When a wrapper can't be resolved (npm package) or enforcement can't be proven, Shipguard emits a single grouped `WRAPPER-UNRECOGNIZED` finding instead of N identical per-route alerts.
|
|
85
87
|
|
|
@@ -105,16 +107,23 @@ Shipguard auto-detects your stack and adjusts detection accordingly:
|
|
|
105
107
|
| **Upstash** | `Ratelimit`, `ratelimit.limit()` as rate-limit evidence |
|
|
106
108
|
| **Arcjet** | `fixedWindow()`, `slidingWindow()`, `tokenBucket()` |
|
|
107
109
|
| **Unkey** | `withUnkey()`, `verifyKey()` |
|
|
110
|
+
| **Zod / Valibot / Yup** | Schema validation in mutation handlers (INPUT-VALIDATION-MISSING) |
|
|
111
|
+
| **Webhook signatures** | Stripe, WorkOS, Vercel cron, QStash signature verification as auth |
|
|
108
112
|
|
|
109
113
|
### What It Skips
|
|
110
114
|
|
|
111
115
|
- Webhook routes (any path containing `webhook`) — exempt from rate-limit
|
|
112
116
|
- Cron routes (`/api/cron/*`) — exempt from rate-limit
|
|
113
117
|
- Framework-managed routes (NextAuth catch-all, OAuth/SAML endpoints, callbacks, OG images) — exempt from rate-limit
|
|
118
|
+
- OAuth/OIDC/SSO/SCIM callback paths — exempt from auth (public by protocol design)
|
|
114
119
|
- `GET`-only route handlers — not mutation surfaces
|
|
115
120
|
- Routes covered by `middleware.ts` auth — no double-flagging
|
|
116
121
|
- Routes wrapped by verified HOF wrappers (`withWorkspace(handler)` where auth+RL enforcement is proven)
|
|
122
|
+
- DB-backed token lookups with deny on failure (password reset tokens, API keys)
|
|
123
|
+
- Inline auth guards (`getCurrentUser()` + null check + throw/return)
|
|
117
124
|
- Authenticated routes get lower rate-limit severity (abuse requires stolen credentials)
|
|
125
|
+
- Login/signin endpoints get critical severity for missing rate limiting (brute-force risk)
|
|
126
|
+
- Public file upload endpoints get critical severity for missing rate limiting (storage abuse risk)
|
|
118
127
|
|
|
119
128
|
See [PATTERNS.md](../../PATTERNS.md) for full detection logic.
|
|
120
129
|
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/scan.ts"],"names":[],"mappings":"AASA,UAAU,WAAW;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAsB,OAAO,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../../../src/cli/commands/scan.ts"],"names":[],"mappings":"AASA,UAAU,WAAW;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAsB,OAAO,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,IAAI,CAAC,CAiE9D"}
|
|
@@ -20,7 +20,17 @@ export async function cmdScan(opts) {
|
|
|
20
20
|
const additionalExclude = opts.exclude
|
|
21
21
|
? opts.exclude.split(",").map((g) => g.trim())
|
|
22
22
|
: undefined;
|
|
23
|
-
|
|
23
|
+
// Progress indicator for interactive terminals
|
|
24
|
+
const isTTY = process.stderr.isTTY;
|
|
25
|
+
const onProgress = isTTY
|
|
26
|
+
? (step) => {
|
|
27
|
+
process.stderr.write(`\r ${pc.dim("⏳")} ${pc.dim(step)}${"".padEnd(20)}\r`);
|
|
28
|
+
}
|
|
29
|
+
: undefined;
|
|
30
|
+
const result = await runScan({ rootDir, configOverrides, additionalExclude, onProgress });
|
|
31
|
+
// Clear progress line
|
|
32
|
+
if (isTTY)
|
|
33
|
+
process.stderr.write("\r".padEnd(60) + "\r");
|
|
24
34
|
// Filter by confidence if specified, recalculate score and summary
|
|
25
35
|
if (opts.minConfidence) {
|
|
26
36
|
const minConf = parseConfidence(opts.minConfidence);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../../src/cli/commands/scan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,MAAM,YAAY,CAAC;AAC5B,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAY1G,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAiB;IAC7C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAE9B,wCAAwC;QACxC,MAAM,eAAe,GAA6B,EAAE,CAAC;QAErD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YAC1E,MAAM,KAAK,GAA2C,EAAE,CAAC;YACzD,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;gBAC/B,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;YAC3C,CAAC;YACD,eAAe,CAAC,KAAK,GAAG,KAAK,CAAC;QAChC,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO;YACpC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../../src/cli/commands/scan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,MAAM,YAAY,CAAC;AAC5B,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAClE,OAAO,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AACpD,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAY1G,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAiB;IAC7C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,EAAE,CAAC;QAE9B,wCAAwC;QACxC,MAAM,eAAe,GAA6B,EAAE,CAAC;QAErD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACd,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YAC1E,MAAM,KAAK,GAA2C,EAAE,CAAC;YACzD,KAAK,MAAM,MAAM,IAAI,SAAS,EAAE,CAAC;gBAC/B,KAAK,CAAC,MAAM,CAAC,GAAG,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;YAC3C,CAAC;YACD,eAAe,CAAC,KAAK,GAAG,KAAK,CAAC;QAChC,CAAC;QAED,MAAM,iBAAiB,GAAG,IAAI,CAAC,OAAO;YACpC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC9C,CAAC,CAAC,SAAS,CAAC;QAEd,+CAA+C;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC;QACnC,MAAM,UAAU,GAAG,KAAK;YACtB,CAAC,CAAC,CAAC,IAAY,EAAE,EAAE;gBACf,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;YAC/E,CAAC;YACH,CAAC,CAAC,SAAS,CAAC;QAEd,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,EAAE,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,UAAU,EAAE,CAAC,CAAC;QAE1F,sBAAsB;QACtB,IAAI,KAAK;YAAE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,CAAC;QAExD,mEAAmE;QACnE,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACpD,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CACtC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,eAAe,CAAC,OAAO,CAAC,CACjE,CAAC;YACF,MAAM,CAAC,KAAK,GAAG,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC7C,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,CAAC,OAAO,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC/F,CAAC;QAED,IAAI,MAAc,CAAC;QACnB,QAAQ,IAAI,CAAC,MAAM,EAAE,CAAC;YACpB,KAAK,MAAM;gBACT,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;gBAC5B,MAAM;YACR,KAAK,OAAO;gBACV,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;gBAC7B,MAAM;YACR;gBACE,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAClC,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACrC,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACtB,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,GAAG,CAAC,YAAY,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;QACtF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/engine/config.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAQlD,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAMlE;AAED,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAc/E;AAED,eAAO,MAAM,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../../src/engine/config.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAQlD,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAMlE;AAED,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,GAAG,eAAe,GAAG,SAAS,CAc/E;AAED,eAAO,MAAM,cAAc,EAAE,eAiD5B,CAAC;AAEF,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE;IAAE,KAAK,CAAC,EAAE,OAAO,CAAA;CAAE,GAAG,IAAI,CAsDnF"}
|
package/dist/engine/config.js
CHANGED
|
@@ -73,6 +73,7 @@ export const DEFAULT_CONFIG = {
|
|
|
73
73
|
"AUTH-BOUNDARY-MISSING": { severity: "critical" },
|
|
74
74
|
"RATE-LIMIT-MISSING": { severity: "critical" },
|
|
75
75
|
"TENANCY-SCOPE-MISSING": { severity: "critical" },
|
|
76
|
+
"INPUT-VALIDATION-MISSING": { severity: "high" },
|
|
76
77
|
"WRAPPER-UNRECOGNIZED": { severity: "high" },
|
|
77
78
|
},
|
|
78
79
|
waiversFile: "shipguard.waivers.json",
|
|
@@ -119,6 +120,7 @@ export function writeDefaultConfig(rootDir, opts) {
|
|
|
119
120
|
"AUTH-BOUNDARY-MISSING": { severity: "critical" },
|
|
120
121
|
"RATE-LIMIT-MISSING": { severity: "critical" },
|
|
121
122
|
"TENANCY-SCOPE-MISSING": { severity: "critical" },
|
|
123
|
+
"INPUT-VALIDATION-MISSING": { severity: "high" },
|
|
122
124
|
"WRAPPER-UNRECOGNIZED": { severity: "high" },
|
|
123
125
|
},
|
|
124
126
|
scoring: {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/engine/config.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAGlE,MAAM,YAAY,GAAG;IACnB,qBAAqB;IACrB,qBAAqB;IACrB,uBAAuB;CACxB,CAAC;AAEF,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACrC,IAAI,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;IAClC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IACrC,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAE5B,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAoB,CAAC;QACnE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClG,CAAC;IACH,CAAC;IAED,kEAAkE;IAClE,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C,SAAS,EAAE,iBAAiB;IAC5B,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC7B,OAAO,EAAE,CAAC,aAAa,EAAE,aAAa,EAAE,oBAAoB,CAAC;IAC7D,EAAE,EAAE;QACF,MAAM,EAAE,UAAU;QAClB,aAAa,EAAE,MAAM;QACrB,QAAQ,EAAE,EAAE;QACZ,cAAc,EAAE,CAAC;KAClB;IACD,OAAO,EAAE;QACP,KAAK,EAAE,GAAG;QACV,SAAS,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE;KACrD;IACD,KAAK,EAAE;QACL,IAAI,EAAE;YACJ,SAAS,EAAE;gBACT,MAAM,EAAE,kBAAkB,EAAE,YAAY,EAAE,aAAa;gBACvD,aAAa,EAAE,aAAa;gBAC5B,UAAU,EAAkB,uBAAuB;gBACnD,uBAAuB,EAAK,QAAQ;gBACpC,iBAAiB,EAAW,QAAQ;gBACpC,gBAAgB,EAAY,eAAe;gBAC3C,qBAAqB,EAAO,QAAQ;gBACpC,eAAe,EAAa,iBAAiB;gBAC7C,WAAW,EAAgB,0BAA0B;aACtD;YACD,eAAe,EAAE,CAAC,eAAe,CAAC;YAClC,cAAc,EAAE,EAAE;SACnB;QACD,SAAS,EAAE;YACT,QAAQ,EAAE;gBACR,WAAW,EAAE,eAAe,EAAE,WAAW,EAAE,OAAO;gBAClD,6BAA6B,EAAE,kBAAkB,EAAE,kBAAkB;aACtE;YACD,cAAc,EAAE,EAAE;SACnB;QACD,OAAO,EAAE;YACP,aAAa,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC;SAC7F;KACF;IACD,KAAK,EAAE;QACL,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QACjD,oBAAoB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QACjD,sBAAsB,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;KAC7C;IACD,WAAW,EAAE,wBAAwB;CACtC,CAAC;AAEF,MAAM,UAAU,kBAAkB,CAAC,OAAe,EAAE,IAAyB;IAC3E,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,uBAAuB,CAAC,CAAC;IACzD,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QACpC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG;QACb,OAAO,EAAE,mCAAmC;QAC5C,SAAS,EAAE,iBAAiB;QAC5B,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC7B,OAAO,EAAE,CAAC,aAAa,EAAE,aAAa,CAAC;QACvC,EAAE,EAAE;YACF,MAAM,EAAE,UAAU;YAClB,aAAa,EAAE,MAAM;YACrB,QAAQ,EAAE,EAAE;YACZ,cAAc,EAAE,CAAC;SAClB;QACD,KAAK,EAAE;YACL,IAAI,EAAE;gBACJ,SAAS,EAAE;oBACT,MAAM,EAAE,kBAAkB,EAAE,YAAY,EAAE,aAAa;oBACvD,aAAa,EAAE,aAAa;oBAC5B,UAAU,EAAE,uBAAuB,EAAE,iBAAiB;oBACtD,gBAAgB,EAAE,qBAAqB,EAAE,eAAe,EAAE,WAAW;iBACtE;gBACD,eAAe,EAAE,CAAC,eAAe,CAAC;gBAClC,cAAc,EAAE,EAAE;aACnB;YACD,SAAS,EAAE;gBACT,QAAQ,EAAE;oBACR,WAAW,EAAE,eAAe,EAAE,OAAO;oBACrC,6BAA6B,EAAE,kBAAkB,EAAE,kBAAkB;iBACtE;gBACD,cAAc,EAAE,EAAE;aACnB;YACD,OAAO,EAAE;gBACP,aAAa,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC;aAC7F;SACF;QACD,KAAK,EAAE;YACL,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YACjD,oBAAoB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YACjD,sBAAsB,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;SAC7C;QACD,OAAO,EAAE;YACP,KAAK,EAAE,GAAG;YACV,SAAS,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE;SACrD;QACD,WAAW,EAAE,wBAAwB;KACtC,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC9D,CAAC"}
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../../src/engine/config.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAGlE,MAAM,YAAY,GAAG;IACnB,qBAAqB;IACrB,qBAAqB;IACrB,uBAAuB;CACxB,CAAC;AAEF,MAAM,UAAU,cAAc,CAAC,OAAe;IAC5C,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACrC,IAAI,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,GAAG,CAAC;IAClC,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,UAAU,kBAAkB,CAAC,OAAe;IAChD,MAAM,IAAI,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;IACrC,IAAI,CAAC,IAAI;QAAE,OAAO,SAAS,CAAC;IAE5B,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,OAAO,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAoB,CAAC;QACnE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClG,CAAC;IACH,CAAC;IAED,kEAAkE;IAClE,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C,SAAS,EAAE,iBAAiB;IAC5B,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC7B,OAAO,EAAE,CAAC,aAAa,EAAE,aAAa,EAAE,oBAAoB,CAAC;IAC7D,EAAE,EAAE;QACF,MAAM,EAAE,UAAU;QAClB,aAAa,EAAE,MAAM;QACrB,QAAQ,EAAE,EAAE;QACZ,cAAc,EAAE,CAAC;KAClB;IACD,OAAO,EAAE;QACP,KAAK,EAAE,GAAG;QACV,SAAS,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE;KACrD;IACD,KAAK,EAAE;QACL,IAAI,EAAE;YACJ,SAAS,EAAE;gBACT,MAAM,EAAE,kBAAkB,EAAE,YAAY,EAAE,aAAa;gBACvD,aAAa,EAAE,aAAa;gBAC5B,UAAU,EAAkB,uBAAuB;gBACnD,uBAAuB,EAAK,QAAQ;gBACpC,iBAAiB,EAAW,QAAQ;gBACpC,gBAAgB,EAAY,eAAe;gBAC3C,qBAAqB,EAAO,QAAQ;gBACpC,eAAe,EAAa,iBAAiB;gBAC7C,WAAW,EAAgB,0BAA0B;aACtD;YACD,eAAe,EAAE,CAAC,eAAe,CAAC;YAClC,cAAc,EAAE,EAAE;SACnB;QACD,SAAS,EAAE;YACT,QAAQ,EAAE;gBACR,WAAW,EAAE,eAAe,EAAE,WAAW,EAAE,OAAO;gBAClD,6BAA6B,EAAE,kBAAkB,EAAE,kBAAkB;aACtE;YACD,cAAc,EAAE,EAAE;SACnB;QACD,OAAO,EAAE;YACP,aAAa,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC;SAC7F;KACF;IACD,KAAK,EAAE;QACL,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QACjD,oBAAoB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;QACjD,0BAA0B,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;QAChD,sBAAsB,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;KAC7C;IACD,WAAW,EAAE,wBAAwB;CACtC,CAAC;AAEF,MAAM,UAAU,kBAAkB,CAAC,OAAe,EAAE,IAAyB;IAC3E,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,uBAAuB,CAAC,CAAC;IACzD,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC;QACpC,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG;QACb,OAAO,EAAE,mCAAmC;QAC5C,SAAS,EAAE,iBAAiB;QAC5B,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,CAAC;QAC7B,OAAO,EAAE,CAAC,aAAa,EAAE,aAAa,CAAC;QACvC,EAAE,EAAE;YACF,MAAM,EAAE,UAAU;YAClB,aAAa,EAAE,MAAM;YACrB,QAAQ,EAAE,EAAE;YACZ,cAAc,EAAE,CAAC;SAClB;QACD,KAAK,EAAE;YACL,IAAI,EAAE;gBACJ,SAAS,EAAE;oBACT,MAAM,EAAE,kBAAkB,EAAE,YAAY,EAAE,aAAa;oBACvD,aAAa,EAAE,aAAa;oBAC5B,UAAU,EAAE,uBAAuB,EAAE,iBAAiB;oBACtD,gBAAgB,EAAE,qBAAqB,EAAE,eAAe,EAAE,WAAW;iBACtE;gBACD,eAAe,EAAE,CAAC,eAAe,CAAC;gBAClC,cAAc,EAAE,EAAE;aACnB;YACD,SAAS,EAAE;gBACT,QAAQ,EAAE;oBACR,WAAW,EAAE,eAAe,EAAE,OAAO;oBACrC,6BAA6B,EAAE,kBAAkB,EAAE,kBAAkB;iBACtE;gBACD,cAAc,EAAE,EAAE;aACnB;YACD,OAAO,EAAE;gBACP,aAAa,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC;aAC7F;SACF;QACD,KAAK,EAAE;YACL,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YACjD,oBAAoB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YAC9C,uBAAuB,EAAE,EAAE,QAAQ,EAAE,UAAU,EAAE;YACjD,0BAA0B,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;YAChD,sBAAsB,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE;SAC7C;QACD,OAAO,EAAE;YACP,KAAK,EAAE,GAAG;YACV,SAAS,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE;SACrD;QACD,WAAW,EAAE,wBAAwB;KACtC,CAAC;IAEF,aAAa,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAC9D,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report.d.ts","sourceRoot":"","sources":["../../src/engine/report.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAGlD,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,EAAE,YAAY,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"report.d.ts","sourceRoot":"","sources":["../../src/engine/report.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AACtD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAGlD,wBAAgB,YAAY,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,EAAE,YAAY,GAAG,MAAM,CAsG5E;AAED,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAErD"}
|
package/dist/engine/report.js
CHANGED
|
@@ -10,7 +10,22 @@ export function formatPretty(result, diff) {
|
|
|
10
10
|
lines.push("");
|
|
11
11
|
lines.push(` ${pc.bold("Shipguard")} ${pc.dim(result.shipguardVersion)}`);
|
|
12
12
|
lines.push(` ${pc.dim("Detected:")} ${detected.join(" · ")}`);
|
|
13
|
-
|
|
13
|
+
// Score line with inline severity counts
|
|
14
|
+
if (findings.length === 0) {
|
|
15
|
+
lines.push(` ${pc.dim("Score:")} ${scoreColor(String(score))} ${scoreColor(status)}`);
|
|
16
|
+
}
|
|
17
|
+
else {
|
|
18
|
+
const parts = [];
|
|
19
|
+
if (summary.critical > 0)
|
|
20
|
+
parts.push(pc.red(`${summary.critical} critical`));
|
|
21
|
+
if (summary.high > 0)
|
|
22
|
+
parts.push(pc.yellow(`${summary.high} high`));
|
|
23
|
+
if (summary.med > 0)
|
|
24
|
+
parts.push(`${summary.med} med`);
|
|
25
|
+
if (summary.low > 0)
|
|
26
|
+
parts.push(pc.dim(`${summary.low} low`));
|
|
27
|
+
lines.push(` ${pc.dim("Score:")} ${scoreColor(String(score))} ${scoreColor(status)} ${pc.dim("·")} ${parts.join(pc.dim(" · "))}`);
|
|
28
|
+
}
|
|
14
29
|
// Banner: no auth provider detected
|
|
15
30
|
const d = result.detected.deps;
|
|
16
31
|
const hasAnyAuth = d.hasNextAuth || d.hasClerk || d.hasSupabase || d.hasKinde ||
|
|
@@ -49,6 +64,9 @@ export function formatPretty(result, diff) {
|
|
|
49
64
|
}
|
|
50
65
|
}
|
|
51
66
|
lines.push(` ${pc.dim(`Why ${f.confidence}: ${f.confidenceRationale}`)}`);
|
|
67
|
+
if (f.remediation.length > 0) {
|
|
68
|
+
lines.push(` ${pc.cyan("Fix:")} ${f.remediation[0]}`);
|
|
69
|
+
}
|
|
52
70
|
}
|
|
53
71
|
lines.push("");
|
|
54
72
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report.js","sourceRoot":"","sources":["../../src/engine/report.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,YAAY,CAAC;AAG5B,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAE5D,MAAM,UAAU,YAAY,CAAC,MAAkB,EAAE,IAAmB;IAClE,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAE5D,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC;IACzF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAC3E,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC/D,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"report.js","sourceRoot":"","sources":["../../src/engine/report.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,YAAY,CAAC;AAG5B,OAAO,EAAE,WAAW,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAE5D,MAAM,UAAU,YAAY,CAAC,MAAkB,EAAE,IAAmB;IAClE,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAE5D,6BAA6B;IAC7B,MAAM,QAAQ,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC;IAClC,MAAM,UAAU,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC;IACzF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC;IAC3E,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC/D,yCAAyC;IACzC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IACzF,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,IAAI,OAAO,CAAC,QAAQ,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,QAAQ,WAAW,CAAC,CAAC,CAAC;QAC7E,IAAI,OAAO,CAAC,IAAI,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,CAAC,GAAG,OAAO,CAAC,IAAI,OAAO,CAAC,CAAC,CAAC;QACpE,IAAI,OAAO,CAAC,GAAG,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC;QACtD,IAAI,OAAO,CAAC,GAAG,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC;QAC9D,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;IACvI,CAAC;IAED,oCAAoC;IACpC,MAAM,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC;IAC/B,MAAM,UAAU,GAAG,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,QAAQ;QAC3E,CAAC,CAAC,SAAS,IAAI,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,cAAc;QAC9E,CAAC,CAAC,eAAe,CAAC;IACpB,IAAI,CAAC,UAAU,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,EAAE,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,MAAM,CAAC,4BAA4B,CAAC,0DAA0D,CAAC,CAAC;IACvI,CAAC;IAED,IAAI,IAAI,EAAE,CAAC;QACT,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QACrF,KAAK,CAAC,IAAI,CAAC,0BAA0B,IAAI,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QACrG,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,mBAAmB,EAAE,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;QAC3E,CAAC;QACD,IAAI,IAAI,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,oBAAoB;IACpB,MAAM,OAAO,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;IAE1C,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACxD,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QACjC,MAAM,KAAK,GAAG,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC;QAC1F,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,KAAK,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QAEnE,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,GAAG,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,UAAU,cAAc,CAAC,CAAC;YACpD,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,CAAC;YACtC,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC,CAAC;YAC5C,IAAI,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC1B,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;oBAC3B,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;gBAC7B,CAAC;YACH,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,mBAAmB,EAAE,CAAC,EAAE,CAAC,CAAC;YAC/E,IAAI,CAAC,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC7B,KAAK,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,cAAc;IACd,MAAM,YAAY,GAAG,IAAI,GAAG,EAAoB,CAAC;IACjD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC;YAChC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,WAAW,CAAC,CAAC;QAC5C,CAAC;IACH,CAAC;IAED,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACjC,KAAK,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,IAAI,YAAY,EAAE,CAAC;YAC3C,KAAK,MAAM,GAAG,IAAI,KAAK,EAAE,CAAC;gBACxB,KAAK,CAAC,IAAI,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,UAAU;IACV,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,GAAG,CAAC,WAAW,cAAc,CAAC,MAAM,aAAa,CAAC,EAAE,CAAC,CAAC;QACzE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,MAAM;IACN,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,+FAA+F,CAAC,CAAC,CAAC;IACpH,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,GAAG,CAAC,4EAA4E,CAAC,CAAC,CAAC;IACjG,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,MAAkB;IAC3C,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC;AAED,SAAS,eAAe,CAAC,QAAmB;IAC1C,MAAM,MAAM,GAA8B;QACxC,QAAQ,EAAE,EAAE;QACZ,IAAI,EAAE,EAAE;QACR,GAAG,EAAE,EAAE;QACP,GAAG,EAAE,EAAE;KACR,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/engine/run.d.ts
CHANGED
|
@@ -4,6 +4,8 @@ export interface RunOptions {
|
|
|
4
4
|
configOverrides?: Partial<ShipguardConfig>;
|
|
5
5
|
/** Additional exclude globs appended to config excludes (not replacing) */
|
|
6
6
|
additionalExclude?: string[];
|
|
7
|
+
/** Called with a short status string at each scan phase */
|
|
8
|
+
onProgress?: (step: string) => void;
|
|
7
9
|
}
|
|
8
10
|
export declare function runScan(opts: RunOptions): Promise<ScanResult>;
|
|
9
11
|
//# sourceMappingURL=run.d.ts.map
|
package/dist/engine/run.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../src/engine/run.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AAQvE,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAC3C,2EAA2E;IAC3E,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"run.d.ts","sourceRoot":"","sources":["../../src/engine/run.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,eAAe,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AAQvE,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,OAAO,CAAC,eAAe,CAAC,CAAC;IAC3C,2EAA2E;IAC3E,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,2DAA2D;IAC3D,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,CAAC;CACrC;AAED,wBAAsB,OAAO,CAAC,IAAI,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CAyFnE"}
|
package/dist/engine/run.js
CHANGED
|
@@ -48,13 +48,17 @@ export async function runScan(opts) {
|
|
|
48
48
|
if (opts.additionalExclude?.length) {
|
|
49
49
|
config.exclude = [...config.exclude, ...opts.additionalExclude];
|
|
50
50
|
}
|
|
51
|
+
const progress = opts.onProgress ?? (() => { });
|
|
51
52
|
// Build Next.js index
|
|
52
|
-
|
|
53
|
+
progress("Indexing routes and server actions");
|
|
54
|
+
const index = await buildNextIndex(opts.rootDir, config.exclude, opts.onProgress);
|
|
53
55
|
// Merge auto-detected hints with user config
|
|
54
56
|
const mergedHints = mergeHints(config.hints, index.hints);
|
|
55
57
|
// Run rules
|
|
58
|
+
progress("Running rules");
|
|
56
59
|
const rawFindings = runAllRules(index, { ...config, hints: mergedHints });
|
|
57
60
|
// Apply waivers
|
|
61
|
+
progress("Applying waivers");
|
|
58
62
|
const waivers = loadWaivers(opts.rootDir, config.waiversFile);
|
|
59
63
|
const { active, waived } = applyWaivers(rawFindings, waivers);
|
|
60
64
|
// Score
|
package/dist/engine/run.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"run.js","sourceRoot":"","sources":["../../src/engine/run.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"run.js","sourceRoot":"","sources":["../../src/engine/run.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,MAAM,cAAc,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAE,MAAM,YAAY,CAAC;AAC7D,OAAO,EAAE,iBAAiB,EAAE,aAAa,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAW5E,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,IAAgB;IAC5C,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpD,MAAM,MAAM,GAAoB;QAC9B,GAAG,cAAc;QACjB,GAAG,UAAU;QACb,GAAG,IAAI,CAAC,eAAe;QACvB,OAAO,EAAE;YACP,GAAG,cAAc,CAAC,OAAO;YACzB,GAAG,UAAU,EAAE,OAAO;YACtB,GAAG,IAAI,CAAC,eAAe,EAAE,OAAO;YAChC,SAAS,EAAE;gBACT,GAAG,cAAc,CAAC,OAAO,CAAC,SAAS;gBACnC,GAAG,UAAU,EAAE,OAAO,EAAE,SAAS;gBACjC,GAAG,IAAI,CAAC,eAAe,EAAE,OAAO,EAAE,SAAS;aAC5C;SACF;QACD,KAAK,EAAE;YACL,IAAI,EAAE;gBACJ,SAAS,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,SAAS,IAAI,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS;gBACpF,eAAe,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,eAAe,IAAI,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe;gBACtG,cAAc,EAAE,UAAU,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,IAAI,cAAc,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc;aACpG;YACD,SAAS,EAAE;gBACT,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,IAAI,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,QAAQ;gBAC3F,cAAc,EAAE,UAAU,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,IAAI,cAAc,CAAC,KAAK,CAAC,SAAS,CAAC,cAAc;aAC9G;YACD,OAAO,EAAE;gBACP,aAAa,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,EAAE,aAAa,IAAI,cAAc,CAAC,KAAK,CAAC,OAAO,CAAC,aAAa;aACvG;SACF;QACD,EAAE,EAAE;YACF,GAAG,cAAc,CAAC,EAAE;YACpB,GAAG,UAAU,EAAE,EAAE;YACjB,GAAG,IAAI,CAAC,eAAe,EAAE,EAAE;SAC5B;QACD,KAAK,EAAE,IAAI,CAAC,eAAe,EAAE,KAAK,IAAI;YACpC,GAAG,cAAc,CAAC,KAAK;YACvB,GAAG,UAAU,EAAE,KAAK;SACrB;KACF,CAAC;IAEF,2CAA2C;IAC3C,IAAI,IAAI,CAAC,iBAAiB,EAAE,MAAM,EAAE,CAAC;QACnC,MAAM,CAAC,OAAO,GAAG,CAAC,GAAG,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAE/C,sBAAsB;IACtB,QAAQ,CAAC,oCAAoC,CAAC,CAAC;IAC/C,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC;IAElF,6CAA6C;IAC7C,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;IAE1D,YAAY;IACZ,QAAQ,CAAC,eAAe,CAAC,CAAC;IAC1B,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,EAAE,EAAE,GAAG,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC,CAAC;IAE1E,gBAAgB;IAChB,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IAC7B,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,WAAW,CAAC,CAAC;IAC9D,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,YAAY,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAE9D,QAAQ;IACR,MAAM,KAAK,GAAG,YAAY,CAAC,MAAM,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IACnD,MAAM,MAAM,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;IAEzC,OAAO;QACL,OAAO,EAAE,CAAC;QACV,gBAAgB,EAAE,iBAAiB;QACnC,UAAU,EAAE,UAAU,CAAC,MAAM,CAAC;QAC9B,YAAY,EAAE,aAAa;QAC3B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,QAAQ;YACzB,UAAU,EAAE,KAAK,CAAC,UAAU,CAAC,UAAU,IAAI,KAAK,CAAC,UAAU,CAAC,eAAe;SAC5E;QACD,KAAK;QACL,QAAQ,EAAE,MAAM;QAChB,cAAc,EAAE,MAAM;QACtB,OAAO,EAAE;YACP,KAAK,EAAE,MAAM,CAAC,MAAM;YACpB,GAAG,MAAM;YACT,MAAM,EAAE,MAAM,CAAC,MAAM;SACtB;KACF,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CACjB,SAAmC,EACnC,aAAuC;IAEvC,OAAO;QACL,IAAI,EAAE;YACJ,SAAS,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,SAAS,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YACzG,eAAe,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,eAAe,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC3H,cAAc,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,EAAE,cAAc,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,aAAa,CAAC,IAAI,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;SACzH;QACD,SAAS,EAAE;YACT,QAAQ,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,QAAQ,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,aAAa,CAAC,SAAS,EAAE,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAChH,cAAc,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,SAAS,EAAE,cAAc,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,aAAa,CAAC,SAAS,EAAE,cAAc,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;SACnI;QACD,OAAO,EAAE;YACP,aAAa,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,OAAO,EAAE,aAAa,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,aAAa,CAAC,OAAO,EAAE,aAAa,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;SAC5H;KACF,CAAC;AACJ,CAAC"}
|
package/dist/engine/version.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { ShipguardConfig } from "./types.js";
|
|
2
|
-
export declare const SHIPGUARD_VERSION = "0.2.
|
|
2
|
+
export declare const SHIPGUARD_VERSION = "0.2.7";
|
|
3
3
|
export declare const INDEX_VERSION = 1;
|
|
4
4
|
export declare function hashConfig(config: ShipguardConfig): string;
|
|
5
5
|
//# sourceMappingURL=version.d.ts.map
|
package/dist/engine/version.js
CHANGED
package/dist/next/deps.js
CHANGED
|
@@ -31,7 +31,7 @@ export function readDeps(rootDir) {
|
|
|
31
31
|
hasClerk: Boolean(deps["@clerk/nextjs"]),
|
|
32
32
|
hasSupabase: Boolean(deps["@supabase/ssr"] || deps["@supabase/auth-helpers-nextjs"]),
|
|
33
33
|
hasKinde: Boolean(deps["@kinde-oss/kinde-auth-nextjs"]),
|
|
34
|
-
hasWorkOS: Boolean(deps["@workos-inc/authkit-nextjs"]),
|
|
34
|
+
hasWorkOS: Boolean(deps["@workos-inc/authkit-nextjs"] || deps["@workos-inc/node"]),
|
|
35
35
|
hasBetterAuth: Boolean(deps["better-auth"]),
|
|
36
36
|
hasLucia: Boolean(deps["lucia"]),
|
|
37
37
|
hasAuth0: Boolean(deps["@auth0/nextjs-auth0"]),
|
package/dist/next/deps.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"deps.js","sourceRoot":"","sources":["../../src/next/deps.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,MAAM,UAAU,QAAQ,CAAC,OAAe;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACnD,IAAI,GAA4B,CAAC;IACjC,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mBAAmB,OAAO,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACrG,CAAC;IACD,MAAM,IAAI,GAAG,EAAE,GAAG,CAAE,GAAG,CAAC,YAAuC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAE,GAAG,CAAC,eAA0C,IAAI,EAAE,CAAC,EAAE,CAAC;IAErI,iDAAiD;IACjD,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YACpF,MAAM,QAAQ,GAAG,EAAE,GAAG,CAAE,OAAO,CAAC,YAAuC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAE,OAAO,CAAC,eAA0C,IAAI,EAAE,CAAC,EAAE,CAAC;YACjJ,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9C,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;oBAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,oDAAoD;QACtD,CAAC;IACH,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,CAAC;QACrF,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACxC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,+BAA+B,CAAC,CAAC;QACpF,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QACvD,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"deps.js","sourceRoot":"","sources":["../../src/next/deps.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AAExD,MAAM,UAAU,QAAQ,CAAC,OAAe;IACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;IACnD,IAAI,GAA4B,CAAC;IACjC,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,KAAK,CAAC,mBAAmB,OAAO,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACrG,CAAC;IACD,MAAM,IAAI,GAAG,EAAE,GAAG,CAAE,GAAG,CAAC,YAAuC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAE,GAAG,CAAC,eAA0C,IAAI,EAAE,CAAC,EAAE,CAAC;IAErI,iDAAiD;IACjD,MAAM,MAAM,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAC1C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;YACpF,MAAM,QAAQ,GAAG,EAAE,GAAG,CAAE,OAAO,CAAC,YAAuC,IAAI,EAAE,CAAC,EAAE,GAAG,CAAE,OAAO,CAAC,eAA0C,IAAI,EAAE,CAAC,EAAE,CAAC;YACjJ,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9C,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;oBAAE,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,oDAAoD;QACtD,CAAC;IACH,CAAC;IAED,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC,cAAc,CAAC,CAAC;QACrF,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACxC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,+BAA+B,CAAC,CAAC;QACpF,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QACvD,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC,IAAI,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAClF,aAAa,EAAE,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC3C,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAChC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAC9C,cAAc,EAAE,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC7C,eAAe,EAAE,OAAO,CAAC,IAAI,CAAC,gBAAgB,CAAC,IAAI,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACnF,mBAAmB,EAAE,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;QACxD,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QACxC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,IAAI,CAAC,eAAe,CAAC,CAAC;QACpE,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC5D,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QACxC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;KACvC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,oBAAoB,CAAC,IAAmB,EAAE,eAAwB;IAChF,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,CAAC,aAAa,EAAE,aAAa,EAAE,MAAM,EAAE,kBAAkB,EAAE,YAAY,CAAC,CAAC,CAAC;IAE1G,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;QAChC,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IACvC,CAAC;IACD,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnC,CAAC;IACD,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;IACjC,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;IACtC,CAAC;IACD,IAAI,IAAI,CAAC,cAAc,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAChC,CAAC;IACD,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QAC7B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACrC,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,GAAG,CAAS;QACzB,WAAW,EAAE,eAAe,EAAE,OAAO;QACrC,6BAA6B,EAAG,kBAAkB;QAClD,kBAAkB,EAAc,cAAc;QAC9C,kBAAkB,EAAc,iBAAiB;KAClD,CAAC,CAAC;IACH,IAAI,IAAI,CAAC,mBAAmB,EAAE,CAAC;QAC7B,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACpB,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACtB,CAAC;IACD,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,EAAE,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QACrB,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;QACtB,EAAE,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;QACxB,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IACxB,CAAC;IACD,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACpB,EAAE,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACtB,CAAC;IAED,OAAO;QACL,IAAI,EAAE;YACJ,SAAS,EAAE,CAAC,GAAG,OAAO,CAAC;YACvB,eAAe,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,EAAE;YACzD,cAAc,EAAE,EAAE;SACnB;QACD,SAAS,EAAE,EAAE,QAAQ,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,cAAc,EAAE,EAAE,EAAE;QACpD,OAAO,EAAE,EAAE,aAAa,EAAE,CAAC,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,gBAAgB,EAAE,QAAQ,EAAE,WAAW,CAAC,EAAE;KAC1G,CAAC;AACJ,CAAC"}
|
package/dist/next/index.d.ts
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import type { NextIndex } from "./types.js";
|
|
2
2
|
export type { NextIndex } from "./types.js";
|
|
3
3
|
export { detectNextAppRouter } from "./detect.js";
|
|
4
|
-
export declare function buildNextIndex(rootDir: string, exclude: string[]): Promise<NextIndex>;
|
|
4
|
+
export declare function buildNextIndex(rootDir: string, exclude: string[], onProgress?: (step: string) => void): Promise<NextIndex>;
|
|
5
5
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/next/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/next/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAU5C,YAAY,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/next/index.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAU5C,YAAY,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD,wBAAsB,cAAc,CAClC,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EAAE,EACjB,UAAU,CAAC,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,IAAI,GAClC,OAAO,CAAC,SAAS,CAAC,CA6DpB"}
|
package/dist/next/index.js
CHANGED
|
@@ -9,12 +9,14 @@ import { buildTrpcIndex } from "./trpc.js";
|
|
|
9
9
|
import { buildWrapperIndex, computeProtection } from "./wrappers.js";
|
|
10
10
|
import { loadTsconfigPaths } from "../util/resolve.js";
|
|
11
11
|
export { detectNextAppRouter } from "./detect.js";
|
|
12
|
-
export async function buildNextIndex(rootDir, exclude) {
|
|
12
|
+
export async function buildNextIndex(rootDir, exclude, onProgress) {
|
|
13
|
+
const progress = onProgress ?? (() => { });
|
|
13
14
|
const det = detectNextAppRouter(rootDir);
|
|
14
15
|
if (!det.ok) {
|
|
15
16
|
throw new Error(`Shipguard v1 supports Next.js App Router only: ${det.reason ?? "unknown reason"}`);
|
|
16
17
|
}
|
|
17
18
|
const { appDir } = det;
|
|
19
|
+
progress("Reading dependencies");
|
|
18
20
|
const deps = readDeps(rootDir);
|
|
19
21
|
// Check for middleware in standard locations
|
|
20
22
|
const hasMiddlewareTs = existsSync(path.join(rootDir, "middleware.ts"))
|
|
@@ -22,13 +24,18 @@ export async function buildNextIndex(rootDir, exclude) {
|
|
|
22
24
|
|| existsSync(path.join(rootDir, "src/middleware.ts"))
|
|
23
25
|
|| existsSync(path.join(rootDir, "src/middleware.js"));
|
|
24
26
|
const hints = defaultHintsFromDeps(deps, hasMiddlewareTs);
|
|
27
|
+
progress("Analyzing middleware");
|
|
25
28
|
const middleware = analyzeMiddleware(rootDir);
|
|
29
|
+
progress("Discovering routes");
|
|
26
30
|
const allRoutes = await findRouteHandlers(rootDir, exclude, appDir);
|
|
27
31
|
const mutationRoutes = classifyMutationRoutes(allRoutes);
|
|
32
|
+
progress("Discovering server actions");
|
|
28
33
|
const allActions = await findServerActions(rootDir, exclude, appDir);
|
|
29
34
|
const mutationActions = classifyMutationActions(allActions);
|
|
35
|
+
progress("Analyzing tRPC procedures");
|
|
30
36
|
const trpc = await buildTrpcIndex(rootDir, appDir, exclude);
|
|
31
37
|
// Wrapper introspection: resolve, analyze, compute protection
|
|
38
|
+
progress("Resolving wrappers");
|
|
32
39
|
const tsconfigPaths = loadTsconfigPaths(rootDir);
|
|
33
40
|
const resolveOpts = { rootDir, tsconfigPaths };
|
|
34
41
|
const wrappers = buildWrapperIndex(allRoutes, rootDir, resolveOpts, hints.auth.functions, hints.rateLimit.wrappers);
|
package/dist/next/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/next/index.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AACrE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAGvD,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAe,EACf,OAAiB;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/next/index.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,QAAQ,EAAE,oBAAoB,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,iBAAiB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AACxE,OAAO,EAAE,iBAAiB,EAAE,uBAAuB,EAAE,MAAM,qBAAqB,CAAC;AACjF,OAAO,EAAE,cAAc,EAAE,MAAM,WAAW,CAAC;AAC3C,OAAO,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AACrE,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AAGvD,OAAO,EAAE,mBAAmB,EAAE,MAAM,aAAa,CAAC;AAElD,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,OAAe,EACf,OAAiB,EACjB,UAAmC;IAEnC,MAAM,QAAQ,GAAG,UAAU,IAAI,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,mBAAmB,CAAC,OAAO,CAAC,CAAC;IACzC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,IAAI,KAAK,CAAC,kDAAkD,GAAG,CAAC,MAAM,IAAI,gBAAgB,EAAE,CAAC,CAAC;IACtG,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,GAAG,GAAG,CAAC;IACvB,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IACjC,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC;IAE/B,6CAA6C;IAC7C,MAAM,eAAe,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;WAClE,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;WAC/C,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC;WACnD,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,mBAAmB,CAAC,CAAC,CAAC;IAEzD,MAAM,KAAK,GAAG,oBAAoB,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC1D,QAAQ,CAAC,sBAAsB,CAAC,CAAC;IACjC,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAE9C,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC/B,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IACpE,MAAM,cAAc,GAAG,sBAAsB,CAAC,SAAS,CAAC,CAAC;IAEzD,QAAQ,CAAC,4BAA4B,CAAC,CAAC;IACvC,MAAM,UAAU,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IACrE,MAAM,eAAe,GAAG,uBAAuB,CAAC,UAAU,CAAC,CAAC;IAE5D,QAAQ,CAAC,2BAA2B,CAAC,CAAC;IACtC,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAE5D,8DAA8D;IAC9D,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAC/B,MAAM,aAAa,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IACjD,MAAM,WAAW,GAAG,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC;IAC/C,MAAM,QAAQ,GAAG,iBAAiB,CAChC,SAAS,EACT,OAAO,EACP,WAAW,EACX,KAAK,CAAC,IAAI,CAAC,SAAS,EACpB,KAAK,CAAC,SAAS,CAAC,QAAQ,CACzB,CAAC;IAEF,4CAA4C;IAC5C,KAAK,MAAM,KAAK,IAAI,SAAS,EAAE,CAAC;QAC9B,KAAK,CAAC,UAAU,GAAG,iBAAiB,CAAC,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;IACpF,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;QACV,SAAS,EAAE,iBAAiB;QAC5B,OAAO;QACP,IAAI;QACJ,KAAK;QACL,UAAU;QACV,QAAQ;QACR,MAAM,EAAE,EAAE,GAAG,EAAE,SAAS,EAAE,cAAc,EAAE;QAC1C,aAAa,EAAE,EAAE,GAAG,EAAE,UAAU,EAAE,eAAe,EAAE,eAAe,EAAE;QACpE,IAAI;KACL,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../../src/next/routes.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"routes.d.ts","sourceRoot":"","sources":["../../src/next/routes.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,YAAY,CAAC;AAkD7D,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EAAE,EACtB,MAAM,GAAE,MAAc,GACrB,OAAO,CAAC,SAAS,EAAE,CAAC,CAkCtB;AAED,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,SAAS,EAAE,GAAG,SAAS,EAAE,CAOpE;AAED,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,CA+ClE"}
|
package/dist/next/routes.js
CHANGED
|
@@ -9,6 +9,7 @@ const PRISMA_WRITE_METHODS = [
|
|
|
9
9
|
"update", "updateMany",
|
|
10
10
|
"upsert",
|
|
11
11
|
"delete", "deleteMany",
|
|
12
|
+
"insert", "insertMany", // Drizzle, Knex, MongoDB
|
|
12
13
|
];
|
|
13
14
|
/**
|
|
14
15
|
* Stripe write patterns (method chains that indicate mutation).
|
|
@@ -20,6 +21,26 @@ const STRIPE_WRITE_PATTERNS = [
|
|
|
20
21
|
/stripe\.checkout\.sessions\.create\s*\(/,
|
|
21
22
|
/stripe\.subscriptions\./,
|
|
22
23
|
];
|
|
24
|
+
/**
|
|
25
|
+
* Known non-DB objects whose .update()/.delete()/.create() are false positives.
|
|
26
|
+
* Lowercase for case-insensitive matching.
|
|
27
|
+
*/
|
|
28
|
+
const NON_DB_CALLERS = new Set([
|
|
29
|
+
// crypto / hashing
|
|
30
|
+
"crypto", "hmac", "hash", "cipher", "decipher", "sign", "verify",
|
|
31
|
+
"calculatedsignature", "signature", "digest",
|
|
32
|
+
// state / UI
|
|
33
|
+
"state", "setstate", "set", "ref", "context",
|
|
34
|
+
// collections / cache / web APIs
|
|
35
|
+
"cache", "map", "store", "headers", "params", "searchparams",
|
|
36
|
+
"formdata", "cookies", "cookie", "cookiestore", "localstorage", "sessionstorage",
|
|
37
|
+
// streams / events
|
|
38
|
+
"socket", "stream", "emitter", "readable", "writable",
|
|
39
|
+
// DOM
|
|
40
|
+
"document", "element", "node",
|
|
41
|
+
// React / Next
|
|
42
|
+
"router", "response", "nextresponse", "summary",
|
|
43
|
+
]);
|
|
23
44
|
/**
|
|
24
45
|
* Admin-like path segments that suggest privileged operations.
|
|
25
46
|
*/
|
|
@@ -62,11 +83,14 @@ export function classifyMutationRoutes(all) {
|
|
|
62
83
|
}
|
|
63
84
|
export function detectMutationSignals(src) {
|
|
64
85
|
const details = [];
|
|
65
|
-
// Prisma writes
|
|
86
|
+
// Prisma / ORM writes
|
|
66
87
|
let hasDbWrite = false;
|
|
67
88
|
for (const method of PRISMA_WRITE_METHODS) {
|
|
68
|
-
const pattern = new RegExp(
|
|
69
|
-
|
|
89
|
+
const pattern = new RegExp(`(\\w+)\\.${method}\\s*\\(`, "g");
|
|
90
|
+
const matches = [...src.matchAll(pattern)];
|
|
91
|
+
// Filter out known non-DB callers (crypto.update, cache.delete, etc.)
|
|
92
|
+
const dbMatches = matches.filter((m) => !NON_DB_CALLERS.has(m[1].toLowerCase()));
|
|
93
|
+
if (dbMatches.length > 0) {
|
|
70
94
|
hasDbWrite = true;
|
|
71
95
|
details.push(`prisma.${method}`);
|
|
72
96
|
}
|
package/dist/next/routes.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routes.js","sourceRoot":"","sources":["../../src/next/routes.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,MAAM,WAAW,CAAC;AAG3B;;GAEG;AACH,MAAM,oBAAoB,GAAG;IAC3B,QAAQ,EAAE,YAAY,EAAE,qBAAqB;IAC7C,QAAQ,EAAE,YAAY;IACtB,QAAQ;IACR,QAAQ,EAAE,YAAY;
|
|
1
|
+
{"version":3,"file":"routes.js","sourceRoot":"","sources":["../../src/next/routes.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,MAAM,WAAW,CAAC;AAG3B;;GAEG;AACH,MAAM,oBAAoB,GAAG;IAC3B,QAAQ,EAAE,YAAY,EAAE,qBAAqB;IAC7C,QAAQ,EAAE,YAAY;IACtB,QAAQ;IACR,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,YAAY,EAAG,yBAAyB;CACnD,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAG;IAC5B,0BAA0B;IAC1B,0BAA0B;IAC1B,uBAAuB;IACvB,yCAAyC;IACzC,yBAAyB;CAC1B,CAAC;AAEF;;;GAGG;AACH,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC;IAC7B,mBAAmB;IACnB,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ;IAChE,qBAAqB,EAAE,WAAW,EAAE,QAAQ;IAC5C,aAAa;IACb,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,SAAS;IAC5C,iCAAiC;IACjC,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,cAAc;IAC5D,UAAU,EAAE,SAAS,EAAE,QAAQ,EAAE,aAAa,EAAE,cAAc,EAAE,gBAAgB;IAChF,mBAAmB;IACnB,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU;IACrD,MAAM;IACN,UAAU,EAAE,SAAS,EAAE,MAAM;IAC7B,eAAe;IACf,QAAQ,EAAE,UAAU,EAAE,cAAc,EAAE,SAAS;CAChD,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,mBAAmB,GAAG,kEAAkE,CAAC;AAE/F,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAAe,EACf,YAAsB,EACtB,SAAiB,KAAK;IAEtB,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,GAAG,MAAM,2BAA2B,EAAE;QAC9D,GAAG,EAAE,OAAO;QACZ,MAAM,EAAE,CAAC,oBAAoB,EAAE,GAAG,YAAY,CAAC;KAChD,CAAC,CAAC;IAEH,MAAM,MAAM,GAAgB,EAAE,CAAC;IAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;QACrC,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC;YACH,GAAG,GAAG,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;QAClC,CAAC;QAAC,MAAM,CAAC;YACP,SAAS,CAAC,wBAAwB;QACpC,CAAC;QAED,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,MAAM,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAC9C,MAAM,KAAK,GAAG,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,QAAQ,KAAK,MAAM,CAAC;QAElE,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,eAAe;YACrB,IAAI;YACJ,MAAM;YACN,QAAQ;YACR,KAAK;YACL,QAAQ,EAAE,IAAI,EAAE,oDAAoD;YACpE,OAAO;SACR,CAAC,CAAC;IACL,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,UAAU,sBAAsB,CAAC,GAAgB;IACrD,OAAO,GAAG,CAAC,MAAM,CACf,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,OAAO,CAAC,mBAAmB;QAC7B,CAAC,CAAC,OAAO,CAAC,kBAAkB;QAC5B,CAAC,CAAC,OAAO,CAAC,sBAAsB,CACnC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,GAAW;IAC/C,MAAM,OAAO,GAAa,EAAE,CAAC;IAE7B,sBAAsB;IACtB,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,KAAK,MAAM,MAAM,IAAI,oBAAoB,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,YAAY,MAAM,SAAS,EAAE,GAAG,CAAC,CAAC;QAC7D,MAAM,OAAO,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;QAC3C,sEAAsE;QACtE,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QACjF,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzB,UAAU,GAAG,IAAI,CAAC;YAClB,OAAO,CAAC,IAAI,CAAC,UAAU,MAAM,EAAE,CAAC,CAAC;QACnC,CAAC;IACH,CAAC;IAED,gBAAgB;IAChB,IAAI,cAAc,GAAG,KAAK,CAAC;IAC3B,KAAK,MAAM,OAAO,IAAI,qBAAqB,EAAE,CAAC;QAC5C,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACtB,cAAc,GAAG,IAAI,CAAC;YACtB,OAAO,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;YACvC,MAAM;QACR,CAAC;IACH,CAAC;IAED,iBAAiB;IACjB,MAAM,WAAW,GAAG,0DAA0D,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACzF,IAAI,WAAW,EAAE,CAAC;QAChB,UAAU,GAAG,IAAI,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAChC,CAAC;IAED,sEAAsE;IACtE,MAAM,QAAQ,GAAG,qDAAqD,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACjF,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACrC,CAAC;IAED,MAAM,WAAW,GAAG,UAAU,IAAI,cAAc,IAAI,QAAQ,CAAC;IAE7D,OAAO;QACL,mBAAmB,EAAE,WAAW;QAChC,kBAAkB,EAAE,UAAU;QAC9B,sBAAsB,EAAE,cAAc;QACtC,eAAe,EAAE,OAAO;KACzB,CAAC;AACJ,CAAC;AAED,SAAS,qBAAqB,CAAC,GAAW;IACxC,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,uCAAuC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC3E,IAAI,wCAAwC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC7E,IAAI,uCAAuC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC3E,IAAI,yCAAyC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC/E,IAAI,0CAA0C,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACjF,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AAC5D,CAAC;AAED,SAAS,cAAc,CAAC,IAAY,EAAE,SAAiB,KAAK;IAC1D,gDAAgD;IAChD,oDAAoD;IACpD,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,GAAG,GAAG,CAAC;IAC5D,OAAO,GAAG,GAAG,IAAI;SACd,OAAO,CAAC,IAAI,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;SAC5D,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;SAC5B,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AACzB,CAAC"}
|
package/dist/next/routes.test.js
CHANGED
|
@@ -50,6 +50,33 @@ describe("detectMutationSignals", () => {
|
|
|
50
50
|
const signals = detectMutationSignals(src);
|
|
51
51
|
expect(signals.hasDbWriteEvidence).toBe(true);
|
|
52
52
|
});
|
|
53
|
+
it("ignores crypto .update() — not a DB write", () => {
|
|
54
|
+
const src = `
|
|
55
|
+
const sig = crypto.createHmac("sha256", secret).update(text).digest();
|
|
56
|
+
`;
|
|
57
|
+
const signals = detectMutationSignals(src);
|
|
58
|
+
expect(signals.hasDbWriteEvidence).toBe(false);
|
|
59
|
+
});
|
|
60
|
+
it("ignores headers.delete() — not a DB write", () => {
|
|
61
|
+
const src = `headers.delete('content-length');`;
|
|
62
|
+
const signals = detectMutationSignals(src);
|
|
63
|
+
expect(signals.hasDbWriteEvidence).toBe(false);
|
|
64
|
+
});
|
|
65
|
+
it("ignores optional chaining span?.update() — not a DB write", () => {
|
|
66
|
+
const src = `span?.update({ parentObservationId: tracePayload?.observationId });`;
|
|
67
|
+
const signals = detectMutationSignals(src);
|
|
68
|
+
expect(signals.hasDbWriteEvidence).toBe(false);
|
|
69
|
+
});
|
|
70
|
+
it("still detects model.update() as DB write", () => {
|
|
71
|
+
const src = `await asyncTaskModel.update(taskId, { status: "done" });`;
|
|
72
|
+
const signals = detectMutationSignals(src);
|
|
73
|
+
expect(signals.hasDbWriteEvidence).toBe(true);
|
|
74
|
+
});
|
|
75
|
+
it("detects Drizzle db.insert() as DB write", () => {
|
|
76
|
+
const src = `await db.insert(users).values({ name, email });`;
|
|
77
|
+
const signals = detectMutationSignals(src);
|
|
78
|
+
expect(signals.hasDbWriteEvidence).toBe(true);
|
|
79
|
+
});
|
|
53
80
|
it("returns no signals for GET-only route", () => {
|
|
54
81
|
const src = `
|
|
55
82
|
export async function GET() {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"routes.test.js","sourceRoot":"","sources":["../../src/next/routes.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAG5E,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,8CAA8C,CAAC;QAC3D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,0DAA0D,CAAC;QACvE,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,6CAA6C,CAAC;QAC1D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,wEAAwE,CAAC;QACrF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,GAAG,GAAG,0CAA0C,CAAC;QACvD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,GAAG,GAAG,4DAA4D,CAAC;QACzE,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,GAAG,GAAG,mCAAmC,CAAC;QAChD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,MAAM,GAAG,GAAG,uCAAuC,CAAC;QACpD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,GAAG,GAAG,+CAA+C,CAAC;QAC5D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,GAAG,GAAG;;;;;KAKX,CAAC;QACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,MAAM,GAAG,GAAG;;;;KAIX,CAAC;QACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,SAAS,SAAS,CAAC,YAAgC,EAAE;QACnD,OAAO;YACL,IAAI,EAAE,eAAe;YACrB,IAAI,EAAE,uBAAuB;YAC7B,QAAQ,EAAE,WAAW;YACrB,KAAK,EAAE,IAAI;YACX,QAAQ,EAAE,IAAI;YACd,OAAO,EAAE;gBACP,mBAAmB,EAAE,KAAK;gBAC1B,kBAAkB,EAAE,KAAK;gBACzB,sBAAsB,EAAE,KAAK;gBAC7B,eAAe,EAAE,EAAE;aACpB;YACD,GAAG,SAAS;SACb,CAAC;IACJ,CAAC;IAED,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,MAAM,GAAG;YACb,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,sBAAsB,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,EAAE,CAAC;YAClJ,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;YAC3B,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,mBAAmB,EAAE,KAAK,EAAE,kBAAkB,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,EAAE,CAAC;SACnJ,CAAC;QACF,MAAM,SAAS,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACjD,MAAM,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAClC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,MAAM,GAAG,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"routes.test.js","sourceRoot":"","sources":["../../src/next/routes.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAG5E,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,8CAA8C,CAAC;QAC3D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;IAC7D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,0DAA0D,CAAC;QACvE,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,6CAA6C,CAAC;QAC1D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,GAAG,GAAG,wEAAwE,CAAC;QACrF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,GAAG,GAAG,0CAA0C,CAAC;QACvD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,GAAG,GAAG,4DAA4D,CAAC;QACzE,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,GAAG,GAAG,mCAAmC,CAAC;QAChD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IAClE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,MAAM,GAAG,GAAG,uCAAuC,CAAC;QACpD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,GAAG,GAAG,+CAA+C,CAAC;QAC5D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,GAAG,GAAG;;KAEX,CAAC;QACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,GAAG,GAAG,mCAAmC,CAAC;QAChD,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2DAA2D,EAAE,GAAG,EAAE;QACnE,MAAM,GAAG,GAAG,qEAAqE,CAAC;QAClF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,GAAG,GAAG,0DAA0D,CAAC;QACvE,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,GAAG,GAAG,iDAAiD,CAAC;QAC9D,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,GAAG,GAAG;;;;;KAKX,CAAC;QACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;QAClC,MAAM,GAAG,GAAG;;;;KAIX,CAAC;QACF,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;QAC3C,MAAM,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9C,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IACnE,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,SAAS,SAAS,CAAC,YAAgC,EAAE;QACnD,OAAO;YACL,IAAI,EAAE,eAAe;YACrB,IAAI,EAAE,uBAAuB;YAC7B,QAAQ,EAAE,WAAW;YACrB,KAAK,EAAE,IAAI;YACX,QAAQ,EAAE,IAAI;YACd,OAAO,EAAE;gBACP,mBAAmB,EAAE,KAAK;gBAC1B,kBAAkB,EAAE,KAAK;gBACzB,sBAAsB,EAAE,KAAK;gBAC7B,eAAe,EAAE,EAAE;aACpB;YACD,GAAG,SAAS;SACb,CAAC;IACJ,CAAC;IAED,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;QACzC,MAAM,MAAM,GAAG;YACb,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,sBAAsB,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,EAAE,CAAC;YAClJ,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;YAC3B,SAAS,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,mBAAmB,EAAE,KAAK,EAAE,kBAAkB,EAAE,IAAI,EAAE,sBAAsB,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,EAAE,CAAC;SACnJ,CAAC;QACF,MAAM,SAAS,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;QACjD,MAAM,CAAC,SAAS,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAClC,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,MAAM,GAAG,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC;QAC1C,MAAM,CAAC,sBAAsB,CAAC,MAAM,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
package/dist/next/wrappers.js
CHANGED
|
@@ -203,12 +203,45 @@ function analyzeNodeForEvidence(node, authFunctions, rateLimitWrappers, evidence
|
|
|
203
203
|
// Auth: built-in patterns (Supabase .auth.getUser(), .auth.getSession())
|
|
204
204
|
if (/\.auth\.getUser\s*\(/.test(src)) {
|
|
205
205
|
evidence.authCallPresent = true;
|
|
206
|
+
evidence.authEnforced = true;
|
|
206
207
|
evidence.authDetails.push("calls .auth.getUser()");
|
|
207
208
|
}
|
|
208
209
|
if (/\.auth\.getSession\s*\(/.test(src)) {
|
|
209
210
|
evidence.authCallPresent = true;
|
|
211
|
+
evidence.authEnforced = true;
|
|
210
212
|
evidence.authDetails.push("calls .auth.getSession()");
|
|
211
213
|
}
|
|
214
|
+
// Auth: webhook/cron signature verification patterns
|
|
215
|
+
if (/stripe\.webhooks\.constructEvent\s*\(/.test(src)) {
|
|
216
|
+
evidence.authCallPresent = true;
|
|
217
|
+
evidence.authEnforced = true;
|
|
218
|
+
evidence.authDetails.push("verifies Stripe webhook signature");
|
|
219
|
+
}
|
|
220
|
+
if (/workos\.webhooks\.constructEvent\s*\(/.test(src)) {
|
|
221
|
+
evidence.authCallPresent = true;
|
|
222
|
+
evidence.authEnforced = true;
|
|
223
|
+
evidence.authDetails.push("verifies WorkOS webhook signature");
|
|
224
|
+
}
|
|
225
|
+
if (/verifyVercelSignature\s*\(/.test(src)) {
|
|
226
|
+
evidence.authCallPresent = true;
|
|
227
|
+
evidence.authEnforced = true;
|
|
228
|
+
evidence.authDetails.push("verifies Vercel cron signature");
|
|
229
|
+
}
|
|
230
|
+
if (/verifyQstashSignature\s*\(/.test(src)) {
|
|
231
|
+
evidence.authCallPresent = true;
|
|
232
|
+
evidence.authEnforced = true;
|
|
233
|
+
evidence.authDetails.push("verifies QStash signature");
|
|
234
|
+
}
|
|
235
|
+
if (/createHmac\s*\(/.test(src) && /signature/i.test(src)) {
|
|
236
|
+
evidence.authCallPresent = true;
|
|
237
|
+
evidence.authEnforced = true;
|
|
238
|
+
evidence.authDetails.push("HMAC signature verification");
|
|
239
|
+
}
|
|
240
|
+
if (/timingSafeEqual\s*\(/.test(src)) {
|
|
241
|
+
evidence.authCallPresent = true;
|
|
242
|
+
evidence.authEnforced = true;
|
|
243
|
+
evidence.authDetails.push("timing-safe comparison (signature verification)");
|
|
244
|
+
}
|
|
212
245
|
// Rate limit: known wrappers
|
|
213
246
|
for (const fn of rateLimitWrappers) {
|
|
214
247
|
const pattern = new RegExp(`\\b${escapeRegex(fn)}\\s*[.(]`, "m");
|
|
@@ -217,14 +250,20 @@ function analyzeNodeForEvidence(node, authFunctions, rateLimitWrappers, evidence
|
|
|
217
250
|
evidence.rateLimitDetails.push(`calls ${fn}()`);
|
|
218
251
|
}
|
|
219
252
|
}
|
|
220
|
-
//
|
|
221
|
-
|
|
253
|
+
// Rate limit: .limit() method calls on rate-limiter-like objects (Upstash pattern)
|
|
254
|
+
// Catches wrappers importing Upstash via local re-export modules
|
|
255
|
+
if (/(?:ratelimit|rateLimit|rl|limiter|rateLimiter)\.limit\s*\(/i.test(src)) {
|
|
256
|
+
evidence.rateLimitCallPresent = true;
|
|
257
|
+
evidence.rateLimitDetails.push("calls .limit() method");
|
|
258
|
+
}
|
|
259
|
+
// Check for enforcement via AST (don't overwrite if already proven by built-in patterns)
|
|
260
|
+
if (evidence.authCallPresent && !evidence.authEnforced) {
|
|
222
261
|
evidence.authEnforced = detectEnforcement(node, authSet, "auth");
|
|
223
262
|
if (evidence.authEnforced) {
|
|
224
263
|
evidence.authDetails.push("enforces: conditional throw/return on auth failure");
|
|
225
264
|
}
|
|
226
265
|
}
|
|
227
|
-
if (evidence.rateLimitCallPresent) {
|
|
266
|
+
if (evidence.rateLimitCallPresent && !evidence.rateLimitEnforced) {
|
|
228
267
|
evidence.rateLimitEnforced = detectEnforcement(node, rlSet, "rateLimit");
|
|
229
268
|
if (evidence.rateLimitEnforced) {
|
|
230
269
|
evidence.rateLimitDetails.push("enforces: conditional throw/return on rate limit");
|
|
@@ -281,6 +320,10 @@ function detectEnforcement(node, functionNames, kind) {
|
|
|
281
320
|
if (/\.limit\s*\([\s\S]{0,200}(?:throw|return\s+(?:new\s+)?Response|429)/m.test(src)) {
|
|
282
321
|
return true;
|
|
283
322
|
}
|
|
323
|
+
// Pattern: ratelimit.limit() + any throw within 300 chars (looser — catches custom error classes)
|
|
324
|
+
if (/(?:ratelimit|rateLimit|rl|limiter)\.limit\s*\([\s\S]{0,300}\bthrow\b/i.test(src)) {
|
|
325
|
+
return true;
|
|
326
|
+
}
|
|
284
327
|
}
|
|
285
328
|
return false;
|
|
286
329
|
}
|