@lateos/npm-scan 0.18.2 → 1.0.0

package/backend/detectors/config/thresholds.js

@@ -0,0 +1,66 @@
+/**
+ * Detector confidence thresholds (calibrated post-validation)
+ *
+ * Format: { detector: { flag_threshold, warn_threshold } }
+ * Thresholds calibrated against:
+ *   - 3 real May 2026 attack campaigns (validation)
+ *   - Top 1,000 npm packages (false positive calibration)
+ */
+
+export default {
+  'TIER1-VERSION-ANOMALY': {
+    flag_threshold: 72,
+    warn_threshold: 60,
+    notes: 'Sentinel patterns (99.99.99/11.11.11/10.10.10) always flag at 92 regardless of threshold',
+  },
+  'TIER1-OBFUSCATION-HEURISTICS': {
+    flag_threshold: 75,
+    warn_threshold: 60,
+    notes: 'Increased from 70 post-FP analysis; bundlers (webpack, terser) exempt via whitelist',
+  },
+  'TIER1-BINARY-EMBED': {
+    flag_threshold: 80,
+    warn_threshold: 65,
+    notes: 'High threshold justified; platform-specific binary sets are rare in legitimate packages',
+  },
+  'TIER1-LIFECYCLE-HOOK': {
+    flag_threshold: 65,
+    warn_threshold: 50,
+    notes: 'Moderate threshold; lifecycle hooks common but uncommon in top 1K packages',
+  },
+  'TIER1-INFOSTEALER': {
+    flag_threshold: 72,
+    warn_threshold: 55,
+    notes: 'Pattern-based; calibrated for C2 signatures, credential exfil patterns',
+  },
+  'TIER1-TYPOSQUAT': {
+    flag_threshold: 85,
+    warn_threshold: 70,
+    notes: 'Calibrated to 85 post-FP analysis on top 1,000 packages; 46 edit-distance=1 FPs eliminated at this threshold',
+  },
+  'TIER1-METADATA-SPOOF': {
+    flag_threshold: 70,
+    warn_threshold: 55,
+    notes: 'Namespace/repo URL spoofing; moderate threshold for legitimate clones',
+  },
+  'TIER1-VERSION-CONFUSION': {
+    flag_threshold: 75,
+    warn_threshold: 60,
+    notes: 'High-version heuristics (major >= 9); tuned to avoid FP on pre-release tags',
+  },
+  'TIER1-CLOUD-IMDS': {
+    flag_threshold: 80,
+    warn_threshold: 65,
+    notes: 'IMDS endpoint targeting is rarely legitimate; high threshold',
+  },
+  'TIER1-MULTISTAGE-POSTINSTALL': {
+    flag_threshold: 75,
+    warn_threshold: 60,
+    notes: 'Two-stage download+exec patterns; moderate threshold',
+  },
+  'TIER1-SLSA-ATTESTATION': {
+    flag_threshold: 85,
+    warn_threshold: 70,
+    notes: 'Placeholder; threshold TBD when API stabilizes',
+  },
+};

package/backend/detectors/config/whitelist.json

@@ -0,0 +1,74 @@
+{
+  "packages": [
+    {
+      "name": "webpack",
+      "reason": "Bundler; naturally high entropy in bundled code",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "terser",
+      "reason": "Minifier library; intentional obfuscation",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "uglify-js",
+      "reason": "Minifier library; intentional obfuscation",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "browserify",
+      "reason": "Bundler; bundled JS has high entropy",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "rollup",
+      "reason": "Bundler; bundled JS has high entropy",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "esbuild",
+      "reason": "Bundler/compiler; bundled JS has high entropy",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "@babel/core",
+      "reason": "Transpiler; generated code has high pattern frequency",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "typescript",
+      "reason": "Compiler; generated JS has high entropy",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "lodash",
+      "reason": "Utility library; high pattern frequency from common JS idioms",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "underscore",
+      "reason": "Utility library; high pattern frequency",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "moment",
+      "reason": "Date library; legitimate build artifacts with binary-like data",
+      "detectors": ["TIER1-BINARY-EMBED"]
+    },
+    {
+      "name": "crypto-js",
+      "reason": "Cryptography library; legitimate use of hex/unicode escapes and bitwise ops",
+      "detectors": ["TIER1-OBFUSCATION-HEURISTICS"]
+    },
+    {
+      "name": "preact",
+      "reason": "React alternative; shares naming similarity with react, triggering TYPOSQUAT_VPMDHAJ",
+      "detectors": ["TYPOSQUAT_VPMDHAJ"]
+    },
+    {
+      "name": "@commitlint/read",
+      "reason": "Legitimate commitlint scoped sub-package; edit-distance FP",
+      "detectors": ["TIER1-TYPOSQUAT"]
+    }
+  ]
+}

package/backend/detectors/cve-2026-48710-badhost/codePattern.js

@@ -1,99 +1,99 @@
-import { codePatternAuthFinding, codePatternInfoFinding } from './findings.js';
-
-const AUTH_CONTEXT_PATHS = [
-  'middleware',
-  'auth',
-  'security',
-  'router',
-  'depends',
-  'guard',
-  'permission',
-];
-
-const URL_PATH_PATTERN = /request\.url\.path|req\.url\.path|self\.request\.url\.path/g;
-const SCOPE_PATH_PATTERN = /request\.scope\s*\[\s*["']path["']\s*\]|request\.scope\.get\s*\(\s*["']path["']\s*\)/g;
-
-function hasAuthContext(filePath) {
-  const lower = filePath.toLowerCase();
-  return AUTH_CONTEXT_PATHS.some(ctx => lower.includes(ctx));
-}
-
-function findFunctionBoundaries(lines) {
-  const functions = [];
-  let currentFn = null;
-  let fnBodyStart = -1;
-  let indent = 0;
-
-  for (let i = 0; i < lines.length; i++) {
-    const line = lines[i];
-    const defMatch = line.match(/^(def\s+\w+|async\s+def\s+\w+)/);
-    if (defMatch) {
-      if (currentFn) {
-        functions.push({ name: currentFn, startLine: fnBodyStart, endLine: i - 1 });
-      }
-      currentFn = defMatch[1];
-      fnBodyStart = i;
-      indent = line.length - line.trimStart().length;
-    } else if (currentFn && line.trim() && line.length - line.trimStart().length <= indent && !line.trim().startsWith('#') && !line.trim().startsWith('@')) {
-      functions.push({ name: currentFn, startLine: fnBodyStart, endLine: i - 1 });
-      currentFn = null;
-    }
-  }
-  if (currentFn) {
-    functions.push({ name: currentFn, startLine: fnBodyStart, endLine: lines.length - 1 });
-  }
-
-  return functions;
-}
-
-function hasScopePathInFunction(lines, fnStart, fnEnd) {
-  for (let i = fnStart; i <= fnEnd && i < lines.length; i++) {
-    if (SCOPE_PATH_PATTERN.test(lines[i])) return true;
-  }
-  return false;
-}
-
-export function scanCodePatterns(allFiles) {
-  const findings = [];
-
-  for (const file of (allFiles || [])) {
-    const content = typeof file.content === 'string' ? file.content : '';
-    if (!content) continue;
-    const path = file.path || '';
-    if (!path.endsWith('.py')) continue;
-
-    const lines = content.split('\n');
-    const isAuthContext = hasAuthContext(path);
-    const functions = findFunctionBoundaries(lines);
-    const suppressedLines = new Set();
-
-    for (const fn of functions) {
-      if (hasScopePathInFunction(lines, fn.startLine, fn.endLine)) {
-        for (let i = fn.startLine; i <= fn.endLine && i < lines.length; i++) {
-          if (URL_PATH_PATTERN.test(lines[i])) {
-            suppressedLines.add(i + 1);
-          }
-          URL_PATH_PATTERN.lastIndex = 0;
-        }
-      }
-    }
-
-    if (isAuthContext) {
-      let m;
-      while ((m = URL_PATH_PATTERN.exec(content)) !== null) {
-        const lineNumber = content.slice(0, m.index).split('\n').length;
-        if (suppressedLines.has(lineNumber)) continue;
-        findings.push(codePatternAuthFinding(path, lineNumber));
-      }
-    } else {
-      let m;
-      while ((m = URL_PATH_PATTERN.exec(content)) !== null) {
-        const lineNumber = content.slice(0, m.index).split('\n').length;
-        if (suppressedLines.has(lineNumber)) continue;
-        findings.push(codePatternInfoFinding(path, lineNumber));
-      }
-    }
-  }
-
-  return findings;
-}
+import { codePatternAuthFinding, codePatternInfoFinding } from './findings.js';
+
+const AUTH_CONTEXT_PATHS = [
+  'middleware',
+  'auth',
+  'security',
+  'router',
+  'depends',
+  'guard',
+  'permission',
+];
+
+const URL_PATH_PATTERN = /request\.url\.path|req\.url\.path|self\.request\.url\.path/g;
+const SCOPE_PATH_PATTERN = /request\.scope\s*\[\s*["']path["']\s*\]|request\.scope\.get\s*\(\s*["']path["']\s*\)/g;
+
+function hasAuthContext(filePath) {
+  const lower = filePath.toLowerCase();
+  return AUTH_CONTEXT_PATHS.some(ctx => lower.includes(ctx));
+}
+
+function findFunctionBoundaries(lines) {
+  const functions = [];
+  let currentFn = null;
+  let fnBodyStart = -1;
+  let indent = 0;
+
+  for (let i = 0; i < lines.length; i++) {
+    const line = lines[i];
+    const defMatch = line.match(/^(def\s+\w+|async\s+def\s+\w+)/);
+    if (defMatch) {
+      if (currentFn) {
+        functions.push({ name: currentFn, startLine: fnBodyStart, endLine: i - 1 });
+      }
+      currentFn = defMatch[1];
+      fnBodyStart = i;
+      indent = line.length - line.trimStart().length;
+    } else if (currentFn && line.trim() && line.length - line.trimStart().length <= indent && !line.trim().startsWith('#') && !line.trim().startsWith('@')) {
+      functions.push({ name: currentFn, startLine: fnBodyStart, endLine: i - 1 });
+      currentFn = null;
+    }
+  }
+  if (currentFn) {
+    functions.push({ name: currentFn, startLine: fnBodyStart, endLine: lines.length - 1 });
+  }
+
+  return functions;
+}
+
+function hasScopePathInFunction(lines, fnStart, fnEnd) {
+  for (let i = fnStart; i <= fnEnd && i < lines.length; i++) {
+    if (SCOPE_PATH_PATTERN.test(lines[i])) return true;
+  }
+  return false;
+}
+
+export function scanCodePatterns(allFiles) {
+  const findings = [];
+
+  for (const file of (allFiles || [])) {
+    const content = typeof file.content === 'string' ? file.content : '';
+    if (!content) continue;
+    const path = file.path || '';
+    if (!path.endsWith('.py')) continue;
+
+    const lines = content.split('\n');
+    const isAuthContext = hasAuthContext(path);
+    const functions = findFunctionBoundaries(lines);
+    const suppressedLines = new Set();
+
+    for (const fn of functions) {
+      if (hasScopePathInFunction(lines, fn.startLine, fn.endLine)) {
+        for (let i = fn.startLine; i <= fn.endLine && i < lines.length; i++) {
+          if (URL_PATH_PATTERN.test(lines[i])) {
+            suppressedLines.add(i + 1);
+          }
+          URL_PATH_PATTERN.lastIndex = 0;
+        }
+      }
+    }
+
+    if (isAuthContext) {
+      let m;
+      while ((m = URL_PATH_PATTERN.exec(content)) !== null) {
+        const lineNumber = content.slice(0, m.index).split('\n').length;
+        if (suppressedLines.has(lineNumber)) continue;
+        findings.push(codePatternAuthFinding(path, lineNumber));
+      }
+    } else {
+      let m;
+      while ((m = URL_PATH_PATTERN.exec(content)) !== null) {
+        const lineNumber = content.slice(0, m.index).split('\n').length;
+        if (suppressedLines.has(lineNumber)) continue;
+        findings.push(codePatternInfoFinding(path, lineNumber));
+      }
+    }
+  }
+
+  return findings;
+}

package/backend/detectors/cve-2026-48710-badhost/findings.js

@@ -1,105 +1,105 @@
-const CVE = 'CVE-2026-48710';
-const NICKNAME = 'BadHost';
-const CVSS = 7.0;
-const REFERENCES = [
-  'https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette/',
-  'https://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr',
-  'https://badhost.org/',
-  'https://osv.dev/vulnerability/PYSEC-2026-161',
-];
-
-const MITIGATION_NOTE = 'Partial mitigation: Cloudflare and AWS ALB reject malformed Host headers for properly proxied deployments. Direct uvicorn/hypercorn/daphne/granian exposure with no reverse proxy in front is highest risk.';
-
-const DEPENDENCY_REMEDIATION = 'Upgrade starlette to >= 1.0.1. If starlette is inherited transitively through fastapi, vllm, litellm, or an MCP server package, upgrade the top-level package to a version that pins starlette >= 1.0.1. Verify with: pip show starlette.';
-
-const CODE_REMEDIATION = 'Replace request.url.path with request.scope["path"] for all security-sensitive decisions (auth checks, path allowlists, rate limiting gates). The reconstructed request.url is influenced by the unvalidated Host header in Starlette < 1.0.1.';
-
-function makeFinding(overrides = {}) {
-  return {
-    id: CVE,
-    severity: 'high',
-    title: `${NICKNAME} — ${overrides.source || 'unknown'}`,
-    description: '',
-    remediation: '',
-    evidence: JSON.stringify({
-      cve: CVE,
-      nickname: NICKNAME,
-      cvss: CVSS,
-      references: REFERENCES,
-      ...overrides,
-    }),
-    ...overrides,
-  };
-}
-
-export function directDependencyFinding(version, specifier) {
-  return makeFinding({
-    severity: 'high',
-    confidence: 'HIGH',
-    source: 'direct-dependency',
-    title: `${NICKNAME}: Starlette ${version} vulnerable`,
-    description: `Starlette ${version} (${specifier}) is vulnerable to CVE-2026-48710 (BadHost) — authentication bypass via Host header injection. Upgrade to starlette >= 1.0.1.`,
-    remediation: `${DEPENDENCY_REMEDIATION} ${MITIGATION_NOTE}`,
-    file: null,
-    line: null,
-    via: null,
-  });
-}
-
-export function directDependencyUnpinnedFinding() {
-  return makeFinding({
-    severity: 'high',
-    confidence: 'HIGH',
-    source: 'direct-dependency-unpinned',
-    title: `${NICKNAME}: Starlette unpinned`,
-    description: 'Starlette is declared with no version constraint — assume vulnerable to CVE-2026-48710 (BadHost) until pinned to >= 1.0.1.',
-    remediation: `${DEPENDENCY_REMEDIATION} ${MITIGATION_NOTE}`,
-    file: null,
-    line: null,
-    via: null,
-  });
-}
-
-export function transitiveDependencyFinding(packageName, tier) {
-  const confidence = tier === 1 ? 'HIGH' : 'MEDIUM';
-  const tierLabel = tier === 1 ? 'Tier 1' : 'Tier 2';
-  return makeFinding({
-    severity: 'high',
-    confidence,
-    source: 'transitive-dependency',
-    title: `${NICKNAME}: Transitive via ${packageName}`,
-    description: `Starlette not directly pinned; inherited through ${packageName} (${tierLabel}). ${packageName} depends on Starlette — if its version constraint allows Starlette < 1.0.1, your deployment is vulnerable.`,
-    remediation: `${DEPENDENCY_REMEDIATION} ${MITIGATION_NOTE}`,
-    file: null,
-    line: null,
-    via: packageName,
-  });
-}
-
-export function codePatternAuthFinding(filePath, lineNumber) {
-  return makeFinding({
-    severity: 'medium',
-    confidence: 'MEDIUM',
-    source: 'code-pattern',
-    title: `${NICKNAME}: Dangerous path extraction in auth/middleware`,
-    description: `request.url.path used in auth/middleware context at ${filePath}:${lineNumber} — use request.scope['path'] instead. The reconstructed request.url is influenced by the unvalidated Host header in Starlette < 1.0.1.`,
-    remediation: `${CODE_REMEDIATION} ${MITIGATION_NOTE}`,
-    file: filePath,
-    line: lineNumber,
-    via: null,
-  });
-}
-
-export function codePatternInfoFinding(filePath, lineNumber) {
-  return makeFinding({
-    severity: 'info',
-    confidence: 'LOW',
-    source: 'code-pattern',
-    title: `${NICKNAME}: request.url.path usage detected`,
-    description: `request.url.path used at ${filePath}:${lineNumber} — may be influenced by unvalidated Host header in Starlette < 1.0.1. Verify request.scope['path'] is used for security decisions.`,
-    remediation: `${CODE_REMEDIATION} ${MITIGATION_NOTE}`,
-    file: filePath,
-    line: lineNumber,
-    via: null,
-  });
-}
+const CVE = 'CVE-2026-48710';
+const NICKNAME = 'BadHost';
+const CVSS = 7.0;
+const REFERENCES = [
+  'https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette/',
+  'https://github.com/Kludex/starlette/security/advisories/GHSA-86qp-5c8j-p5mr',
+  'https://badhost.org/',
+  'https://osv.dev/vulnerability/PYSEC-2026-161',
+];
+
+const MITIGATION_NOTE = 'Partial mitigation: Cloudflare and AWS ALB reject malformed Host headers for properly proxied deployments. Direct uvicorn/hypercorn/daphne/granian exposure with no reverse proxy in front is highest risk.';
+
+const DEPENDENCY_REMEDIATION = 'Upgrade starlette to >= 1.0.1. If starlette is inherited transitively through fastapi, vllm, litellm, or an MCP server package, upgrade the top-level package to a version that pins starlette >= 1.0.1. Verify with: pip show starlette.';
+
+const CODE_REMEDIATION = 'Replace request.url.path with request.scope["path"] for all security-sensitive decisions (auth checks, path allowlists, rate limiting gates). The reconstructed request.url is influenced by the unvalidated Host header in Starlette < 1.0.1.';
+
+function makeFinding(overrides = {}) {
+  return {
+    id: CVE,
+    severity: 'high',
+    title: `${NICKNAME} — ${overrides.source || 'unknown'}`,
+    description: '',
+    remediation: '',
+    evidence: JSON.stringify({
+      cve: CVE,
+      nickname: NICKNAME,
+      cvss: CVSS,
+      references: REFERENCES,
+      ...overrides,
+    }),
+    ...overrides,
+  };
+}
+
+export function directDependencyFinding(version, specifier) {
+  return makeFinding({
+    severity: 'high',
+    confidence: 'HIGH',
+    source: 'direct-dependency',
+    title: `${NICKNAME}: Starlette ${version} vulnerable`,
+    description: `Starlette ${version} (${specifier}) is vulnerable to CVE-2026-48710 (BadHost) — authentication bypass via Host header injection. Upgrade to starlette >= 1.0.1.`,
+    remediation: `${DEPENDENCY_REMEDIATION} ${MITIGATION_NOTE}`,
+    file: null,
+    line: null,
+    via: null,
+  });
+}
+
+export function directDependencyUnpinnedFinding() {
+  return makeFinding({
+    severity: 'high',
+    confidence: 'HIGH',
+    source: 'direct-dependency-unpinned',
+    title: `${NICKNAME}: Starlette unpinned`,
+    description: 'Starlette is declared with no version constraint — assume vulnerable to CVE-2026-48710 (BadHost) until pinned to >= 1.0.1.',
+    remediation: `${DEPENDENCY_REMEDIATION} ${MITIGATION_NOTE}`,
+    file: null,
+    line: null,
+    via: null,
+  });
+}
+
+export function transitiveDependencyFinding(packageName, tier) {
+  const confidence = tier === 1 ? 'HIGH' : 'MEDIUM';
+  const tierLabel = tier === 1 ? 'Tier 1' : 'Tier 2';
+  return makeFinding({
+    severity: 'high',
+    confidence,
+    source: 'transitive-dependency',
+    title: `${NICKNAME}: Transitive via ${packageName}`,
+    description: `Starlette not directly pinned; inherited through ${packageName} (${tierLabel}). ${packageName} depends on Starlette — if its version constraint allows Starlette < 1.0.1, your deployment is vulnerable.`,
+    remediation: `${DEPENDENCY_REMEDIATION} ${MITIGATION_NOTE}`,
+    file: null,
+    line: null,
+    via: packageName,
+  });
+}
+
+export function codePatternAuthFinding(filePath, lineNumber) {
+  return makeFinding({
+    severity: 'medium',
+    confidence: 'MEDIUM',
+    source: 'code-pattern',
+    title: `${NICKNAME}: Dangerous path extraction in auth/middleware`,
+    description: `request.url.path used in auth/middleware context at ${filePath}:${lineNumber} — use request.scope['path'] instead. The reconstructed request.url is influenced by the unvalidated Host header in Starlette < 1.0.1.`,
+    remediation: `${CODE_REMEDIATION} ${MITIGATION_NOTE}`,
+    file: filePath,
+    line: lineNumber,
+    via: null,
+  });
+}
+
+export function codePatternInfoFinding(filePath, lineNumber) {
+  return makeFinding({
+    severity: 'info',
+    confidence: 'LOW',
+    source: 'code-pattern',
+    title: `${NICKNAME}: request.url.path usage detected`,
+    description: `request.url.path used at ${filePath}:${lineNumber} — may be influenced by unvalidated Host header in Starlette < 1.0.1. Verify request.scope['path'] is used for security decisions.`,
+    remediation: `${CODE_REMEDIATION} ${MITIGATION_NOTE}`,
+    file: filePath,
+    line: lineNumber,
+    via: null,
+  });
+}

package/backend/detectors/cve-2026-48710-badhost/index.js

@@ -1,15 +1,15 @@
-import { scanFiles } from './manifest.js';
-import { scanTransitive } from './transitive.js';
-import { scanCodePatterns } from './codePattern.js';
-
-export async function scan(pkgJson, files = [], registryMeta = null, allFiles = null) {
-  const targetFiles = allFiles || files;
-
-  const manifestFindings = scanFiles(targetFiles);
-  const transitiveFindings = scanTransitive(targetFiles);
-  const codeFindings = scanCodePatterns(targetFiles);
-
-  const allFindings = [...manifestFindings, ...transitiveFindings, ...codeFindings];
-
-  return allFindings;
-}
+import { scanFiles } from './manifest.js';
+import { scanTransitive } from './transitive.js';
+import { scanCodePatterns } from './codePattern.js';
+
+export async function scan(pkgJson, files = [], registryMeta = null, allFiles = null) {
+  const targetFiles = allFiles || files;
+
+  const manifestFindings = scanFiles(targetFiles);
+  const transitiveFindings = scanTransitive(targetFiles);
+  const codeFindings = scanCodePatterns(targetFiles);
+
+  const allFindings = [...manifestFindings, ...transitiveFindings, ...codeFindings];
+
+  return allFindings;
+}