@nodesecure/js-x-ray 11.0.0 → 11.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/EntryFilesAnalyser.d.ts +5 -0
- package/dist/EntryFilesAnalyser.d.ts.map +1 -1
- package/dist/EntryFilesAnalyser.js +27 -2
- package/dist/EntryFilesAnalyser.js.map +1 -1
- package/dist/JsSourceParser.d.ts +1 -0
- package/dist/JsSourceParser.d.ts.map +1 -1
- package/dist/JsSourceParser.js +6 -0
- package/dist/JsSourceParser.js.map +1 -1
- package/dist/ShadyURL.d.ts.map +1 -1
- package/dist/ShadyURL.js +36 -0
- package/dist/ShadyURL.js.map +1 -1
- package/package.json +2 -1
|
@@ -1,5 +1,6 @@
|
|
|
1
1
|
import { DiGraph, type VertexBody, type VertexDefinition } from "digraph-js";
|
|
2
2
|
import { AstAnalyser, type ReportOnFile, type RuntimeFileOptions } from "./AstAnalyser.js";
|
|
3
|
+
import { JsSourceParser, type SourceParser } from "./JsSourceParser.js";
|
|
3
4
|
export interface EntryFilesAnalyserOptions {
|
|
4
5
|
astAnalyzer?: AstAnalyser;
|
|
5
6
|
loadExtensions?: (defaults: string[]) => string[];
|
|
@@ -8,6 +9,10 @@ export interface EntryFilesAnalyserOptions {
|
|
|
8
9
|
}
|
|
9
10
|
export declare class EntryFilesAnalyser {
|
|
10
11
|
#private;
|
|
12
|
+
static Parsers: {
|
|
13
|
+
readonly js: JsSourceParser;
|
|
14
|
+
readonly ts: SourceParser;
|
|
15
|
+
};
|
|
11
16
|
astAnalyzer: AstAnalyser;
|
|
12
17
|
allowedExtensions: Set<string>;
|
|
13
18
|
dependencies: DiGraph<VertexDefinition<VertexBody>>;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"EntryFilesAnalyser.d.ts","sourceRoot":"","sources":["../src/EntryFilesAnalyser.ts"],"names":[],"mappings":"AAMA,OAAO,EACL,OAAO,EACP,KAAK,UAAU,EACf,KAAK,gBAAgB,EACtB,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"EntryFilesAnalyser.d.ts","sourceRoot":"","sources":["../src/EntryFilesAnalyser.ts"],"names":[],"mappings":"AAMA,OAAO,EACL,OAAO,EACP,KAAK,UAAU,EACf,KAAK,gBAAgB,EACtB,MAAM,YAAY,CAAC;AAIpB,OAAO,EACL,WAAW,EACX,KAAK,YAAY,EACjB,KAAK,kBAAkB,EACxB,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,cAAc,EACd,KAAK,YAAY,EAClB,MAAM,qBAAqB,CAAC;AAS7B,MAAM,WAAW,yBAAyB;IACxC,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,cAAc,CAAC,EAAE,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,MAAM,EAAE,CAAC;IAClD,QAAQ,CAAC,EAAE,MAAM,GAAG,GAAG,CAAC;IACxB,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,qBAAa,kBAAkB;;IAC7B,MAAM,CAAC,OAAO;;qBAE2B,YAAY;MACH;IAGlD,WAAW,EAAE,WAAW,CAAC;IACzB,iBAAiB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC/B,YAAY,EAAE,OAAO,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IACpD,YAAY,EAAE,OAAO,CAAC;gBAGpB,OAAO,GAAE,yBAA8B;IAoBlC,OAAO,CACZ,UAAU,EAAE,QAAQ,CAAC,MAAM,GAAG,GAAG,CAAC,EAClC,OAAO,GAAE,kBAAuB,GAC/B,cAAc,CAAC,YAAY,GAAG;QAAE,IAAI,EAAE,MAAM,CAAC;KAAE,CAAC;CA2JpD"}
|
|
@@ -1,14 +1,25 @@
|
|
|
1
|
+
var _a;
|
|
1
2
|
// Import Node.js Dependencies
|
|
2
3
|
import fs from "node:fs/promises";
|
|
3
4
|
import path from "node:path";
|
|
4
5
|
import { fileURLToPath } from "node:url";
|
|
5
6
|
// Import Third-party Dependencies
|
|
6
7
|
import { DiGraph } from "digraph-js";
|
|
8
|
+
import { TsSourceParser } from "@nodesecure/ts-source-parser";
|
|
7
9
|
// Import Internal Dependencies
|
|
8
10
|
import { AstAnalyser } from "./AstAnalyser.js";
|
|
11
|
+
import { JsSourceParser } from "./JsSourceParser.js";
|
|
9
12
|
// CONSTANTS
|
|
10
|
-
const kDefaultExtensions = [
|
|
13
|
+
const kDefaultExtensions = [
|
|
14
|
+
...Array.from(JsSourceParser.FileExtensions).map((ext) => ext.slice(1)),
|
|
15
|
+
...Array.from(TsSourceParser.FileExtensions).map((ext) => ext.slice(1)),
|
|
16
|
+
"node"
|
|
17
|
+
];
|
|
11
18
|
export class EntryFilesAnalyser {
|
|
19
|
+
static Parsers = {
|
|
20
|
+
js: new JsSourceParser(),
|
|
21
|
+
ts: new TsSourceParser()
|
|
22
|
+
};
|
|
12
23
|
#rootPath = null;
|
|
13
24
|
astAnalyzer;
|
|
14
25
|
allowedExtensions;
|
|
@@ -48,13 +59,26 @@ export class EntryFilesAnalyser {
|
|
|
48
59
|
path.relative(this.#rootPath, file) :
|
|
49
60
|
file;
|
|
50
61
|
}
|
|
62
|
+
#getParserFromFileExtension(file) {
|
|
63
|
+
const fileExtension = path.extname(file);
|
|
64
|
+
if (JsSourceParser.FileExtensions.has(fileExtension)) {
|
|
65
|
+
return _a.Parsers.js;
|
|
66
|
+
}
|
|
67
|
+
else if (TsSourceParser.FileExtensions.has(fileExtension)) {
|
|
68
|
+
return _a.Parsers.ts;
|
|
69
|
+
}
|
|
70
|
+
return void 0;
|
|
71
|
+
}
|
|
51
72
|
async *#analyseFile(file, relativeFile, options) {
|
|
52
73
|
this.dependencies.addVertex({
|
|
53
74
|
id: relativeFile,
|
|
54
75
|
adjacentTo: [],
|
|
55
76
|
body: {}
|
|
56
77
|
});
|
|
57
|
-
const report = await this.astAnalyzer.analyseFile(file,
|
|
78
|
+
const report = await this.astAnalyzer.analyseFile(file, {
|
|
79
|
+
...options,
|
|
80
|
+
customParser: this.#getParserFromFileExtension(file)
|
|
81
|
+
});
|
|
58
82
|
yield { file: relativeFile, ...report };
|
|
59
83
|
if (!report.ok || typeof report.dependencies === "undefined") {
|
|
60
84
|
return;
|
|
@@ -113,6 +137,7 @@ export class EntryFilesAnalyser {
|
|
|
113
137
|
}
|
|
114
138
|
}
|
|
115
139
|
}
|
|
140
|
+
_a = EntryFilesAnalyser;
|
|
116
141
|
function fileURLToPathExtended(file) {
|
|
117
142
|
return file instanceof URL ?
|
|
118
143
|
fileURLToPath(file) :
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"EntryFilesAnalyser.js","sourceRoot":"","sources":["../src/EntryFilesAnalyser.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,kCAAkC;AAClC,OAAO,EACL,OAAO,EAGR,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"EntryFilesAnalyser.js","sourceRoot":"","sources":["../src/EntryFilesAnalyser.ts"],"names":[],"mappings":";AAAA,8BAA8B;AAC9B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAEzC,kCAAkC;AAClC,OAAO,EACL,OAAO,EAGR,MAAM,YAAY,CAAC;AACpB,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAE9D,+BAA+B;AAC/B,OAAO,EACL,WAAW,EAGZ,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,cAAc,EAEf,MAAM,qBAAqB,CAAC;AAE7B,YAAY;AACZ,MAAM,kBAAkB,GAAG;IACzB,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACvE,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,cAAc,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACvE,MAAM;CACP,CAAC;AASF,MAAM,OAAO,kBAAkB;IAC7B,MAAM,CAAC,OAAO,GAAG;QACf,EAAE,EAAE,IAAI,cAAc,EAAE;QACxB,EAAE,EAAE,IAAI,cAAc,EAA6B;KACJ,CAAC;IAElD,SAAS,GAAkB,IAAI,CAAC;IAChC,WAAW,CAAc;IACzB,iBAAiB,CAAc;IAC/B,YAAY,CAAwC;IACpD,YAAY,CAAU;IAEtB,YACE,UAAqC,EAAE;QAEvC,MAAM,EACJ,WAAW,GAAG,IAAI,WAAW,EAAE,EAC/B,cAAc,EACd,QAAQ,GAAG,IAAI,EACf,YAAY,GAAG,KAAK,EACrB,GAAG,OAAO,CAAC;QAEZ,IAAI,CAAC,WAAW,GAAG,WAAW,CAAC;QAC/B,MAAM,oBAAoB,GAAG,cAAc;YACzC,CAAC,CAAC,cAAc,CAAC,kBAAkB,CAAC;YACpC,CAAC,CAAC,kBAAkB,CAAC;QAEvB,IAAI,CAAC,iBAAiB,GAAG,IAAI,GAAG,CAAC,oBAAoB,CAAC,CAAC;QACvD,IAAI,CAAC,SAAS,GAAG,QAAQ,KAAK,IAAI,CAAC,CAAC;YAClC,IAAI,CAAC,CAAC,CAAC,qBAAqB,CAAC,QAAQ,CAAC,CAAC;QACzC,IAAI,CAAC,YAAY,GAAG,YAAY,CAAC;IACnC,CAAC;IAED,KAAK,CAAA,CAAE,OAAO,CACZ,UAAkC,EAClC,UAA8B,EAAE;QAEhC,IAAI,CAAC,YAAY,GAAG,IAAI,OAAO,EAAE,CAAC;QAElC,KAAK,MAAM,SAAS,IAAI,IAAI,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;YAC5C,MAAM,mBAAmB,GAAG,IAAI,CAAC,2BAA2B,CAAC,SAAS,CAAC,CAAC;YAExE,IACE,IAAI,CAAC,YAAY;gBACjB,CAAC,MAAM,IAAI,CAAC,WAAW,CAAC,mBAAmB,CAAC,EAC5C,CAAC;gBACD,OAAO;YACT,CAAC;YAED,KAAK,CAAC,CAAC,IAAI,CAAC,YAAY,CACtB,mBAAmB,EACnB,IAAI,CAAC,oBAAoB,CAAC,mBAAmB,CAAC,EAC9C,OAAO,CACR,CAAC;QACJ,CAAC;IACH,CAAC;IAED,2BAA2B,CACzB,IAAkB;QAElB,IAAI,mBAAmB,GAAG,IAAI,CAAC,SAAS,CACtC,qBAAqB,CAAC,IAAI,CAAC,CAC5B,CAAC;QACF,IAAI,IAAI,CAAC,SAAS,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,EAAE,CAAC;YACrE,mBAAmB,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,mBAAmB,CAAC,CAAC;QACvE,CAAC;QAED,OAAO,mBAAmB,CAAC;IAC7B,CAAC;IAED,oBAAoB,CAClB,IAAY;QAEZ,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC;YACrB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;YACrC,IAAI,CAAC;IACT,CAAC;IAED,2BAA2B,CACzB,IAAY;QAEZ,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAEzC,IAAI,cAAc,CAAC,cAAc,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YACrD,OAAO,EAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;QACvC,CAAC;aACI,IAAI,cAAc,CAAC,cAAc,CAAC,GAAG,CAAC,aAAa,CAAC,EAAE,CAAC;YAC1D,OAAO,EAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;QACvC,CAAC;QAED,OAAO,KAAK,CAAC,CAAC;IAChB,CAAC;IAED,KAAK,CAAA,CAAE,YAAY,CACjB,IAAY,EACZ,YAAoB,EACpB,OAA2B;QAE3B,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;YAC1B,EAAE,EAAE,YAAY;YAChB,UAAU,EAAE,EAAE;YACd,IAAI,EAAE,EAAE;SACT,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,WAAW,CAC/C,IAAI,EACJ;YACE,GAAG,OAAO;YACV,YAAY,EAAE,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC;SACrD,CACF,CAAC;QACF,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,MAAM,EAAE,CAAC;QAExC,IAAI,CAAC,MAAM,CAAC,EAAE,IAAI,OAAO,MAAM,CAAC,YAAY,KAAK,WAAW,EAAE,CAAC;YAC7D,OAAO;QACT,CAAC;QAED,KAAK,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACzC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAC5C,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,CACpC,CAAC;YACF,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;gBACrB,SAAS;YACX,CAAC;YAED,MAAM,eAAe,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,CAAC;YAC3D,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CAAC;gBAClD,IAAI,CAAC,YAAY,CAAC,SAAS,CAAC;oBAC1B,EAAE,EAAE,eAAe;oBACnB,UAAU,EAAE,EAAE;oBACd,IAAI,EAAE,EAAE;iBACT,CAAC,CAAC;gBAEH,KAAK,CAAC,CAAC,IAAI,CAAC,YAAY,CACtB,OAAO,EACP,eAAe,EACf,OAAO,CACR,CAAC;YACJ,CAAC;YAED,IAAI,CAAC,YAAY,CAAC,OAAO,CAAC;gBACxB,IAAI,EAAE,YAAY,EAAE,EAAE,EAAE,eAAe;aACxC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,KAAK,CAAC,mBAAmB,CACvB,QAAgB;QAEhB,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAE7C,IAAI,aAAa,KAAK,EAAE,EAAE,CAAC;YACzB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACzC,MAAM,cAAc,GAAG,GAAG,QAAQ,IAAI,GAAG,EAAE,CAAC;gBAE5C,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,cAAc,CAAC,CAAC;gBACzD,IAAI,SAAS,EAAE,CAAC;oBACd,OAAO,cAAc,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC;aACI,CAAC;YACJ,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,GAAG,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACxD,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;YACnD,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,QAAQ,CAAC;YAClB,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,KAAK,CAAC,WAAW,CACf,QAAsB;QAEtB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAE7C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAU,EAAE,CAAC;YAClB,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAC5B,MAAM,KAAK,CAAC;YACd,CAAC;YAED,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;;;AAGH,SAAS,qBAAqB,CAC5B,IAAkB;IAElB,OAAO,IAAI,YAAY,GAAG,CAAC,CAAC;QAC1B,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;QACrB,IAAI,CAAC;AACT,CAAC"}
|
package/dist/JsSourceParser.d.ts
CHANGED
|
@@ -10,6 +10,7 @@ export interface SourceParser {
|
|
|
10
10
|
parse(source: string, options: unknown): ESTree.Statement[];
|
|
11
11
|
}
|
|
12
12
|
export declare class JsSourceParser implements SourceParser {
|
|
13
|
+
static FileExtensions: Set<string>;
|
|
13
14
|
parse(source: string): ESTree.Program["body"];
|
|
14
15
|
}
|
|
15
16
|
//# sourceMappingURL=JsSourceParser.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JsSourceParser.d.ts","sourceRoot":"","sources":["../src/JsSourceParser.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,KAAK,MAAM,EAEZ,MAAM,SAAS,CAAC;AAUjB,MAAM,MAAM,uBAAuB,GAAG,WAAW,GAAG;IAClD,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC,cAAc,CAAC;CAC5B,CAAC;AAEF,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;CAC7D;AAED,qBAAa,cAAe,YAAW,YAAY;IACjD,KAAK,CACH,MAAM,EAAE,MAAM,GACb,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;CA4B1B"}
|
|
1
|
+
{"version":3,"file":"JsSourceParser.d.ts","sourceRoot":"","sources":["../src/JsSourceParser.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,KAAK,MAAM,EAEZ,MAAM,SAAS,CAAC;AAUjB,MAAM,MAAM,uBAAuB,GAAG,WAAW,GAAG;IAClD,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC,cAAc,CAAC;CAC5B,CAAC;AAEF,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;CAC7D;AAED,qBAAa,cAAe,YAAW,YAAY;IACjD,MAAM,CAAC,cAAc,cAKlB;IAEH,KAAK,CACH,MAAM,EAAE,MAAM,GACb,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;CA4B1B"}
|
package/dist/JsSourceParser.js
CHANGED
|
@@ -8,6 +8,12 @@ const kParsingOptions = {
|
|
|
8
8
|
jsx: true
|
|
9
9
|
};
|
|
10
10
|
export class JsSourceParser {
|
|
11
|
+
static FileExtensions = new Set([
|
|
12
|
+
".js",
|
|
13
|
+
".cjs",
|
|
14
|
+
".mjs",
|
|
15
|
+
".jsx"
|
|
16
|
+
]);
|
|
11
17
|
parse(source) {
|
|
12
18
|
try {
|
|
13
19
|
const { body } = parseModule(source, structuredClone(kParsingOptions));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"JsSourceParser.js","sourceRoot":"","sources":["../src/JsSourceParser.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EACL,WAAW,EACX,KAAK,EAGN,MAAM,SAAS,CAAC;AAEjB,YAAY;AACZ,MAAM,eAAe,GAAqB;IACxC,IAAI,EAAE,IAAI;IACV,GAAG,EAAE,IAAI;IACT,GAAG,EAAE,IAAI;IACT,GAAG,EAAE,IAAI;CACV,CAAC;AAcF,MAAM,OAAO,cAAc;IACzB,KAAK,CACH,MAAc;QAEd,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,WAAW,CAC1B,MAAM,EACN,eAAe,CAAC,eAAe,CAAC,CACjC,CAAC;YAEF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAc,EAAE,CAAC;YACtB,MAAM,WAAW,GAAG,KAAgC,CAAC;YACrD,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC,QAAQ,CAAC,0BAA0B,CAAC,CAAC;YAErF,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CACpB,MAAM,EACN;oBACE,GAAG,eAAe,CAAC,eAAe,CAAC;oBACnC,UAAU,EAAE,UAAU;iBACvB,CACF,CAAC;gBAEF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC
|
|
1
|
+
{"version":3,"file":"JsSourceParser.js","sourceRoot":"","sources":["../src/JsSourceParser.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EACL,WAAW,EACX,KAAK,EAGN,MAAM,SAAS,CAAC;AAEjB,YAAY;AACZ,MAAM,eAAe,GAAqB;IACxC,IAAI,EAAE,IAAI;IACV,GAAG,EAAE,IAAI;IACT,GAAG,EAAE,IAAI;IACT,GAAG,EAAE,IAAI;CACV,CAAC;AAcF,MAAM,OAAO,cAAc;IACzB,MAAM,CAAC,cAAc,GAAG,IAAI,GAAG,CAAC;QAC9B,KAAK;QACL,MAAM;QACN,MAAM;QACN,MAAM;KACP,CAAC,CAAC;IAEH,KAAK,CACH,MAAc;QAEd,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,WAAW,CAC1B,MAAM,EACN,eAAe,CAAC,eAAe,CAAC,CACjC,CAAC;YAEF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAc,EAAE,CAAC;YACtB,MAAM,WAAW,GAAG,KAAgC,CAAC;YACrD,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC,QAAQ,CAAC,0BAA0B,CAAC,CAAC;YAErF,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CACpB,MAAM,EACN;oBACE,GAAG,eAAe,CAAC,eAAe,CAAC;oBACnC,UAAU,EAAE,UAAU;iBACvB,CACF,CAAC;gBAEF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC"}
|
package/dist/ShadyURL.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ShadyURL.d.ts","sourceRoot":"","sources":["../src/ShadyURL.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"ShadyURL.d.ts","sourceRoot":"","sources":["../src/ShadyURL.ts"],"names":[],"mappings":"AA0CA,qBAAa,QAAQ;;IACnB,MAAM,CAAC,MAAM,CACX,KAAK,EAAE,MAAM,GACZ,OAAO;CA0CX"}
|
package/dist/ShadyURL.js
CHANGED
|
@@ -5,12 +5,48 @@ const kShadyLinkRegExps = [
|
|
|
5
5
|
/(http[s]?:\/\/(bit\.ly|ipinfo\.io|httpbin\.org|api\.ipify\.org).*)$/,
|
|
6
6
|
/(http[s]?:\/\/.*\.(link|xyz|tk|ml|ga|cf|gq|pw|top|club|mw|bd|ke|am|sbs|date|quest|cd|bid|ws|icu|cam|uno|email|stream))$/
|
|
7
7
|
];
|
|
8
|
+
// List of known URI schemes (IANA registered + common ones)
|
|
9
|
+
// See: https://www.iana.org/assignments/uri-schemes/uri-schemes.xhtml
|
|
10
|
+
const kKnownProtocols = new Set([
|
|
11
|
+
// Web
|
|
12
|
+
"http:", "https:",
|
|
13
|
+
// File & Data
|
|
14
|
+
"file:", "data:", "blob:",
|
|
15
|
+
// FTP
|
|
16
|
+
"ftp:", "ftps:", "sftp:", "tftp:",
|
|
17
|
+
// Mail & Messaging
|
|
18
|
+
"mailto:", "xmpp:", "irc:", "ircs:", "sip:", "sips:", "tel:", "sms:", "mms:",
|
|
19
|
+
// Remote access
|
|
20
|
+
"ssh:", "telnet:", "vnc:", "rdp:",
|
|
21
|
+
// Version control
|
|
22
|
+
"git:", "svn:", "cvs:", "hg:",
|
|
23
|
+
// P2P & Torrents
|
|
24
|
+
"magnet:", "ed2k:", "torrent:",
|
|
25
|
+
// Crypto & Blockchain
|
|
26
|
+
"bitcoin:", "ethereum:", "ipfs:", "ipns:",
|
|
27
|
+
// App-specific
|
|
28
|
+
"slack:", "discord:", "spotify:", "steam:", "skype:", "zoommtg:", "msteams:",
|
|
29
|
+
"vscode:", "vscode-insiders:", "jetbrains:",
|
|
30
|
+
// Mobile & Desktop deep links
|
|
31
|
+
"intent:", "market:", "itms:", "itms-apps:", "fb:", "twitter:", "instagram:", "whatsapp:", "tg:",
|
|
32
|
+
// Other common protocols
|
|
33
|
+
"ws:", "wss:", "ldap:", "ldaps:", "nntp:", "news:", "rtsp:", "rtspu:", "rtsps:",
|
|
34
|
+
"webcal:", "feed:", "podcast:",
|
|
35
|
+
// eslint-disable-next-line no-script-url
|
|
36
|
+
"javascript:", "about:", "view-source:",
|
|
37
|
+
// Security related
|
|
38
|
+
"acap:", "cap:", "cid:", "mid:", "urn:", "tag:", "dns:", "geo:", "ni:", "nih:"
|
|
39
|
+
]);
|
|
8
40
|
export class ShadyURL {
|
|
9
41
|
static isSafe(input) {
|
|
10
42
|
if (!URL.canParse(input)) {
|
|
11
43
|
return true;
|
|
12
44
|
}
|
|
13
45
|
const parsedUrl = new URL(input);
|
|
46
|
+
// Unknown protocol, not a real URL
|
|
47
|
+
if (!kKnownProtocols.has(parsedUrl.protocol)) {
|
|
48
|
+
return true;
|
|
49
|
+
}
|
|
14
50
|
const hostname = parsedUrl.hostname;
|
|
15
51
|
if (ipaddress.isValid(hostname)) {
|
|
16
52
|
if (this.#isPrivateIPAddress(hostname)) {
|
package/dist/ShadyURL.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ShadyURL.js","sourceRoot":"","sources":["../src/ShadyURL.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,SAAS,MAAM,WAAW,CAAC;AAElC,YAAY;AACZ,MAAM,iBAAiB,GAAG;IACxB,qEAAqE;IACrE,yHAAyH;CAC1H,CAAC;AAEF,MAAM,OAAO,QAAQ;IACnB,MAAM,CAAC,MAAM,CACX,KAAa;QAEb,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QACjC,MAAM,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACpC,IAAI,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,IAAI,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACvC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACnD,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,mBAAmB,CACxB,SAAiB;QAEjB,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAEpC,IAAI,EAAE,YAAY,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC7D,EAAE,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAC1B,CAAC;QAED,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"ShadyURL.js","sourceRoot":"","sources":["../src/ShadyURL.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,SAAS,MAAM,WAAW,CAAC;AAElC,YAAY;AACZ,MAAM,iBAAiB,GAAG;IACxB,qEAAqE;IACrE,yHAAyH;CAC1H,CAAC;AAEF,4DAA4D;AAC5D,sEAAsE;AACtE,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,MAAM;IACN,OAAO,EAAE,QAAQ;IACjB,cAAc;IACd,OAAO,EAAE,OAAO,EAAE,OAAO;IACzB,MAAM;IACN,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IACjC,mBAAmB;IACnB,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC5E,gBAAgB;IAChB,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM;IACjC,kBAAkB;IAClB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK;IAC7B,iBAAiB;IACjB,SAAS,EAAE,OAAO,EAAE,UAAU;IAC9B,sBAAsB;IACtB,UAAU,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO;IACzC,eAAe;IACf,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU;IAC5E,SAAS,EAAE,kBAAkB,EAAE,YAAY;IAC3C,8BAA8B;IAC9B,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,KAAK;IAChG,yBAAyB;IACzB,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ;IAC/E,SAAS,EAAE,OAAO,EAAE,UAAU;IAC9B,yCAAyC;IACzC,aAAa,EAAE,QAAQ,EAAE,cAAc;IACvC,mBAAmB;IACnB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;CAC/E,CAAC,CAAC;AAEH,MAAM,OAAO,QAAQ;IACnB,MAAM,CAAC,MAAM,CACX,KAAa;QAEb,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QACjC,mCAAmC;QACnC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7C,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QACpC,IAAI,SAAS,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,IAAI,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACvC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACnD,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,OAAO,iBAAiB,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,mBAAmB,CACxB,SAAiB;QAEjB,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAEpC,IAAI,EAAE,YAAY,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC7D,EAAE,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAC1B,CAAC;QAED,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nodesecure/js-x-ray",
|
|
3
|
-
"version": "11.
|
|
3
|
+
"version": "11.1.0",
|
|
4
4
|
"description": "JavaScript AST XRay analysis",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": {
|
|
@@ -54,6 +54,7 @@
|
|
|
54
54
|
"@nodesecure/estree-ast-utils": "^4.2.0",
|
|
55
55
|
"@nodesecure/sec-literal": "^1.4.0",
|
|
56
56
|
"@nodesecure/tracer": "^3.0.0",
|
|
57
|
+
"@nodesecure/ts-source-parser": "1.1.0",
|
|
57
58
|
"digraph-js": "2.2.4",
|
|
58
59
|
"frequency-set": "^2.1.0",
|
|
59
60
|
"ipaddr.js": "2.3.0",
|