@lateos/npm-scan 0.6.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +48 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -81,10 +81,57 @@ tests/ Corpus: 5 clean + 33 malicious packages
|
|
|
81
81
|
| ATK-009 | Conditional/dormant triggers (CI, time) | high |
|
|
82
82
|
| ATK-010 | Sandbox evasion / anti-analysis | medium |
|
|
83
83
|
| ATK-011 | Transitive propagation (worm) | high |
|
|
84
|
-
| ATK-011 | Transitive propagation (worm) | high |
|
|
85
84
|
|
|
86
85
|
See `docs/attack-taxonomy.md` for full NIST 800-161 mappings, evasion surfaces, and PoC examples.
|
|
87
86
|
|
|
87
|
+
## Enterprise Features
|
|
88
|
+
|
|
89
|
+
### SAML SSO
|
|
90
|
+
|
|
91
|
+
SAML 2.0 single sign-on for enterprise deployments. Supports:
|
|
92
|
+
|
|
93
|
+
- **IdPs:** Okta, Azure AD / Entra ID, OneLogin, Keycloak, any SAML 2.0 compliant provider
|
|
94
|
+
- **Flow:** SP-initiated SSO redirect → IdP auth → assertion validation → JWT issuance
|
|
95
|
+
- **Provisioning:** auto-creates users from SAML attributes with RBAC (admin/editor/viewer)
|
|
96
|
+
- **Security:** signed AuthnRequests, verified assertions, HMAC-SHA256 JWTs, Single Logout
|
|
97
|
+
|
|
98
|
+
```
|
|
99
|
+
GET /api/v1/sso/metadata # SP metadata XML for IdP registration
|
|
100
|
+
GET /api/v1/sso/login # Start SSO (redirects to IdP)
|
|
101
|
+
POST /api/v1/sso/acs # SAML callback (IdP POSTs here)
|
|
102
|
+
POST /api/v1/sso/slo # Single Logout
|
|
103
|
+
```
|
|
104
|
+
|
|
105
|
+
Requires enterprise license. Configure via env vars or `api/saml-config.yaml`. See `api/README.md` for full docs.
|
|
106
|
+
|
|
107
|
+
### REST API
|
|
108
|
+
|
|
109
|
+
FastAPI-based API for the hosted tier. See `api/README.md` for endpoint reference, auth methods, and configuration.
|
|
110
|
+
|
|
111
|
+
## Enterprise Features
|
|
112
|
+
|
|
113
|
+
### SAML SSO
|
|
114
|
+
|
|
115
|
+
SAML 2.0 single sign-on for enterprise deployments. Supports:
|
|
116
|
+
|
|
117
|
+
- **IdPs:** Okta, Azure AD / Entra ID, OneLogin, Keycloak, any SAML 2.0 compliant provider
|
|
118
|
+
- **Flow:** SP-initiated SSO redirect → IdP auth → assertion validation → JWT issuance
|
|
119
|
+
- **Provisioning:** auto-creates users from SAML attributes with RBAC (admin/editor/viewer)
|
|
120
|
+
- **Security:** signed AuthnRequests, verified assertions, HMAC-SHA256 JWTs, Single Logout
|
|
121
|
+
|
|
122
|
+
```
|
|
123
|
+
GET /api/v1/sso/metadata # SP metadata XML for IdP registration
|
|
124
|
+
GET /api/v1/sso/login # Start SSO (redirects to IdP)
|
|
125
|
+
POST /api/v1/sso/acs # SAML callback (IdP POSTs here)
|
|
126
|
+
POST /api/v1/sso/slo # Single Logout
|
|
127
|
+
```
|
|
128
|
+
|
|
129
|
+
Requires enterprise license. Configure via env vars or `api/saml-config.yaml`. See `api/README.md` for full docs.
|
|
130
|
+
|
|
131
|
+
### REST API
|
|
132
|
+
|
|
133
|
+
FastAPI-based API for the hosted tier. See `api/README.md` for endpoint reference, auth methods, and configuration.
|
|
134
|
+
|
|
88
135
|
## Development
|
|
89
136
|
|
|
90
137
|
```bash
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@lateos/npm-scan",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.7.1",
|
|
4
4
|
"description": "Powerful npm supply chain security scanner - detects malicious packages (Shai-Hulud style), behavioral analysis, SBOM, and compliance reporting.",
|
|
5
5
|
"main": "backend/index.js",
|
|
6
6
|
"bin": {
|