@nodesecure/js-x-ray 11.2.0 → 11.4.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/AstAnalyser.d.ts +13 -0
- package/dist/AstAnalyser.d.ts.map +1 -1
- package/dist/AstAnalyser.js +11 -7
- package/dist/AstAnalyser.js.map +1 -1
- package/dist/CollectableSet.d.ts +8 -5
- package/dist/CollectableSet.d.ts.map +1 -1
- package/dist/CollectableSet.js +12 -8
- package/dist/CollectableSet.js.map +1 -1
- package/dist/CollectableSetRegistry.d.ts +4 -2
- package/dist/CollectableSetRegistry.d.ts.map +1 -1
- package/dist/CollectableSetRegistry.js +5 -2
- package/dist/CollectableSetRegistry.js.map +1 -1
- package/dist/ProbeRunner.d.ts +6 -1
- package/dist/ProbeRunner.d.ts.map +1 -1
- package/dist/ProbeRunner.js +31 -5
- package/dist/ProbeRunner.js.map +1 -1
- package/dist/ShadyLink.d.ts +23 -0
- package/dist/ShadyLink.d.ts.map +1 -0
- package/dist/{ShadyURL.js → ShadyLink.js} +51 -15
- package/dist/ShadyLink.js.map +1 -0
- package/dist/SourceFile.d.ts +5 -3
- package/dist/SourceFile.d.ts.map +1 -1
- package/dist/SourceFile.js +17 -1
- package/dist/SourceFile.js.map +1 -1
- package/dist/VirtualVariableIdentifier.d.ts +9 -0
- package/dist/VirtualVariableIdentifier.d.ts.map +1 -0
- package/dist/VirtualVariableIdentifier.js +17 -0
- package/dist/VirtualVariableIdentifier.js.map +1 -0
- package/dist/probes/data-exfiltration.d.ts.map +1 -1
- package/dist/probes/data-exfiltration.js +21 -4
- package/dist/probes/data-exfiltration.js.map +1 -1
- package/dist/probes/isImportDeclaration.d.ts.map +1 -1
- package/dist/probes/isImportDeclaration.js +8 -3
- package/dist/probes/isImportDeclaration.js.map +1 -1
- package/dist/probes/isLiteral.d.ts.map +1 -1
- package/dist/probes/isLiteral.js +36 -7
- package/dist/probes/isLiteral.js.map +1 -1
- package/dist/probes/isRequire/InlinedRequire.d.ts +24 -0
- package/dist/probes/isRequire/InlinedRequire.d.ts.map +1 -0
- package/dist/probes/isRequire/InlinedRequire.js +88 -0
- package/dist/probes/isRequire/InlinedRequire.js.map +1 -0
- package/dist/probes/isSerializeEnv.d.ts +8 -4
- package/dist/probes/isSerializeEnv.d.ts.map +1 -1
- package/dist/probes/isSerializeEnv.js +37 -4
- package/dist/probes/isSerializeEnv.js.map +1 -1
- package/dist/probes/isUnsafeCommand.d.ts +4 -2
- package/dist/probes/isUnsafeCommand.d.ts.map +1 -1
- package/dist/probes/isUnsafeCommand.js +60 -51
- package/dist/probes/isUnsafeCommand.js.map +1 -1
- package/dist/probes/log-usage.d.ts +19 -0
- package/dist/probes/log-usage.d.ts.map +1 -0
- package/dist/probes/log-usage.js +53 -0
- package/dist/probes/log-usage.js.map +1 -0
- package/dist/probes/sql-injection.d.ts +12 -0
- package/dist/probes/sql-injection.d.ts.map +1 -0
- package/dist/probes/sql-injection.js +32 -0
- package/dist/probes/sql-injection.js.map +1 -0
- package/dist/utils/toLiteral.d.ts +3 -0
- package/dist/utils/toLiteral.d.ts.map +1 -0
- package/dist/utils/toLiteral.js +4 -0
- package/dist/utils/toLiteral.js.map +1 -0
- package/dist/warnings.d.ts +16 -2
- package/dist/warnings.d.ts.map +1 -1
- package/dist/warnings.js +12 -1
- package/dist/warnings.js.map +1 -1
- package/package.json +5 -2
- package/dist/ShadyURL.d.ts +0 -13
- package/dist/ShadyURL.d.ts.map +0 -1
- package/dist/ShadyURL.js.map +0 -1
package/dist/AstAnalyser.d.ts
CHANGED
|
@@ -29,6 +29,7 @@ export interface RuntimeOptions {
|
|
|
29
29
|
* @default JsSourceParser
|
|
30
30
|
*/
|
|
31
31
|
customParser?: SourceParser;
|
|
32
|
+
metadata?: Record<string, unknown>;
|
|
32
33
|
}
|
|
33
34
|
export interface RuntimeFileOptions extends Omit<RuntimeOptions, "isMinified"> {
|
|
34
35
|
packageName?: string;
|
|
@@ -49,6 +50,7 @@ export type ReportOnFile = {
|
|
|
49
50
|
ok: false;
|
|
50
51
|
warnings: Warning[];
|
|
51
52
|
};
|
|
53
|
+
export type Sensitivity = "conservative" | "aggressive";
|
|
52
54
|
export interface AstAnalyserOptions {
|
|
53
55
|
/**
|
|
54
56
|
* @default []
|
|
@@ -67,6 +69,17 @@ export interface AstAnalyserOptions {
|
|
|
67
69
|
* @default []
|
|
68
70
|
*/
|
|
69
71
|
collectables?: CollectableSet[];
|
|
72
|
+
/**
|
|
73
|
+
* Configures the sensitivity level for warning detection.
|
|
74
|
+
*
|
|
75
|
+
* - `conservative` (default): Strict detection to minimize false positives.
|
|
76
|
+
* Suitable for scanning ecosystem libraries.
|
|
77
|
+
* - `aggressive`: Relaxed constraints to surface more warnings.
|
|
78
|
+
* Provides maximum visibility for local project security auditing.
|
|
79
|
+
*
|
|
80
|
+
* @default "conservative"
|
|
81
|
+
*/
|
|
82
|
+
sensitivity?: Sensitivity;
|
|
70
83
|
}
|
|
71
84
|
export interface PrepareSourceOptions {
|
|
72
85
|
removeHTMLComments?: boolean;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AstAnalyser.d.ts","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,OAAO,EAAkB,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAExE,OAAO,EAEL,KAAK,QAAQ,EACd,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAe,KAAK,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EACL,UAAU,EACV,KAAK,WAAW,EACjB,MAAM,iBAAiB,CAAC;AAMzB,OAAO,EAEL,KAAK,mBAAmB,EACxB,KAAK,OAAO,EACb,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,cAAc,CAAC;CACzC;AAED,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B;;OAEG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,KAAK,IAAI,CAAC;IAC9C,QAAQ,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,KAAK,IAAI,CAAC;IAC5C;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"AstAnalyser.d.ts","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAMA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,OAAO,EAAkB,KAAK,YAAY,EAAE,MAAM,qBAAqB,CAAC;AAExE,OAAO,EAEL,KAAK,QAAQ,EACd,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAe,KAAK,KAAK,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EACL,UAAU,EACV,KAAK,WAAW,EACjB,MAAM,iBAAiB,CAAC;AAMzB,OAAO,EAEL,KAAK,mBAAmB,EACxB,KAAK,OAAO,EACb,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrD,MAAM,WAAW,UAAU;IACzB,MAAM,EAAE,OAAO,CAAC;IAChB,KAAK,EAAE,OAAO,CAAC;IACf,QAAQ,CAAC,EAAE,IAAI,GAAG,MAAM,CAAC,cAAc,CAAC;CACzC;AAED,MAAM,WAAW,cAAc;IAC7B;;OAEG;IACH,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB;;OAEG;IACH,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B;;OAEG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,UAAU,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,KAAK,IAAI,CAAC;IAC9C,QAAQ,CAAC,EAAE,CAAC,UAAU,EAAE,UAAU,KAAK,IAAI,CAAC;IAC5C;;OAEG;IACH,YAAY,CAAC,EAAE,YAAY,CAAC;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,kBAAmB,SAAQ,IAAI,CAAC,cAAc,EAAE,YAAY,CAAC;IAC5E,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,MAAM;IACrB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACtC,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,MAAM,YAAY,GAAG;IACzB,EAAE,EAAE,IAAI,CAAC;IACT,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACtC,KAAK,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;CACzB,GAAG;IACF,EAAE,EAAE,KAAK,CAAC;IACV,QAAQ,EAAE,OAAO,EAAE,CAAC;CACrB,CAAC;AAEF,MAAM,MAAM,WAAW,GAAG,cAAc,GAAG,YAAY,CAAC;AAExD,MAAM,WAAW,kBAAkB;IACjC;;OAEG;IACH,YAAY,CAAC,EAAE,KAAK,EAAE,CAAC;IACvB;;OAEG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B;;OAEG;IACH,gBAAgB,CAAC,EAAE,OAAO,GAAG,QAAQ,CAAC,mBAAmB,CAAC,CAAC;IAC3D,SAAS,CAAC,EAAE,QAAQ,EAAE,CAAC;IACvB;;OAEG;IACH,YAAY,CAAC,EAAE,cAAc,EAAE,CAAC;IAChC;;;;;;;;;OASG;IACH,WAAW,CAAC,EAAE,WAAW,CAAC;CAC3B;AAED,MAAM,WAAW,oBAAoB;IACnC,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;AAED,qBAAa,WAAW;;IACtB,MAAM,CAAC,aAAa,EAAE,YAAY,CAAwB;IAG1D,MAAM,EAAE,KAAK,EAAE,CAAC;gBAIJ,OAAO,GAAE,kBAAuB;IAuC5C,OAAO,CACL,GAAG,EAAE,MAAM,EACX,OAAO,GAAE,cAAmB,GAC3B,MAAM;IAqEH,WAAW,CACf,UAAU,EAAE,MAAM,GAAG,GAAG,EACxB,OAAO,GAAE,kBAAuB,GAC/B,OAAO,CAAC,YAAY,CAAC;IAmDxB,eAAe,CACb,UAAU,EAAE,MAAM,GAAG,GAAG,EACxB,OAAO,GAAE,kBAAuB,GAC/B,YAAY;IAmDf,aAAa,CACX,MAAM,EAAE,MAAM,EACd,OAAO,GAAE,oBAAyB,GACjC,MAAM;CAqBV"}
|
package/dist/AstAnalyser.js
CHANGED
|
@@ -18,10 +18,12 @@ export class AstAnalyser {
|
|
|
18
18
|
#pipelineRunner;
|
|
19
19
|
probes;
|
|
20
20
|
#collectables;
|
|
21
|
+
#sensitivity;
|
|
21
22
|
constructor(options = {}) {
|
|
22
|
-
const { customProbes = [], optionalWarnings = false, skipDefaultProbes = false, pipelines = [], collectables = [] } = options;
|
|
23
|
+
const { customProbes = [], optionalWarnings = false, skipDefaultProbes = false, pipelines = [], collectables = [], sensitivity = "conservative" } = options;
|
|
23
24
|
this.#pipelineRunner = new PipelineRunner(pipelines);
|
|
24
25
|
this.#collectables = collectables;
|
|
26
|
+
this.#sensitivity = sensitivity;
|
|
25
27
|
let probes = ProbeRunner.Defaults;
|
|
26
28
|
if (Array.isArray(customProbes) &&
|
|
27
29
|
customProbes.length > 0) {
|
|
@@ -42,10 +44,11 @@ export class AstAnalyser {
|
|
|
42
44
|
this.probes = probes;
|
|
43
45
|
}
|
|
44
46
|
analyse(str, options = {}) {
|
|
45
|
-
const { location, isMinified = false, removeHTMLComments = false, initialize, finalize } = options;
|
|
47
|
+
const { location, isMinified = false, removeHTMLComments = false, initialize, finalize, metadata } = options;
|
|
46
48
|
const parser = options.customParser ?? AstAnalyser.DefaultParser;
|
|
47
49
|
const body = parser.parse(this.prepareSource(str, { removeHTMLComments }), void 0);
|
|
48
|
-
const source = new SourceFile(location);
|
|
50
|
+
const source = new SourceFile(location, metadata);
|
|
51
|
+
source.sensitivity = this.#sensitivity;
|
|
49
52
|
if (trojan.verify(str)) {
|
|
50
53
|
source.warnings.push(generateWarning("obfuscated-code", { value: "trojan-source" }));
|
|
51
54
|
}
|
|
@@ -63,10 +66,11 @@ export class AstAnalyser {
|
|
|
63
66
|
if (Array.isArray(node)) {
|
|
64
67
|
return;
|
|
65
68
|
}
|
|
66
|
-
source.walk(node)
|
|
67
|
-
|
|
68
|
-
|
|
69
|
-
|
|
69
|
+
for (const probeNode of source.walk(node)) {
|
|
70
|
+
const action = probeRunner.walk(probeNode);
|
|
71
|
+
if (action === "skip") {
|
|
72
|
+
this.skip();
|
|
73
|
+
}
|
|
70
74
|
}
|
|
71
75
|
});
|
|
72
76
|
if (finalize) {
|
package/dist/AstAnalyser.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AstAnalyser.js","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,MAAM,MAAM,SAAS,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAK7B,+BAA+B;AAC/B,OAAO,EAAE,cAAc,EAAqB,MAAM,qBAAqB,CAAC;AACxE,OAAO,KAAK,MAAM,MAAM,gCAAgC,CAAC;AACzD,OAAO,EACL,cAAc,EAEf,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,WAAW,EAAc,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EACL,UAAU,EAEX,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,cAAc,EACd,yBAAyB,EAC1B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EACL,eAAe,EAGhB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;
|
|
1
|
+
{"version":3,"file":"AstAnalyser.js","sourceRoot":"","sources":["../src/AstAnalyser.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,MAAM,MAAM,SAAS,CAAC;AAC7B,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAK7B,+BAA+B;AAC/B,OAAO,EAAE,cAAc,EAAqB,MAAM,qBAAqB,CAAC;AACxE,OAAO,KAAK,MAAM,MAAM,gCAAgC,CAAC;AACzD,OAAO,EACL,cAAc,EAEf,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,WAAW,EAAc,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EACL,UAAU,EAEX,MAAM,iBAAiB,CAAC;AACzB,OAAO,EACL,cAAc,EACd,yBAAyB,EAC1B,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EACL,eAAe,EAGhB,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AACrD,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAyFrE,MAAM,OAAO,WAAW;IACtB,MAAM,CAAC,aAAa,GAAiB,IAAI,cAAc,EAAE,CAAC;IAE1D,eAAe,CAAiB;IAChC,MAAM,CAAU;IAChB,aAAa,CAAmB;IAChC,YAAY,CAAc;IAE1B,YAAY,UAA8B,EAAE;QAC1C,MAAM,EACJ,YAAY,GAAG,EAAE,EACjB,gBAAgB,GAAG,KAAK,EACxB,iBAAiB,GAAG,KAAK,EACzB,SAAS,GAAG,EAAE,EACd,YAAY,GAAG,EAAE,EACjB,WAAW,GAAG,cAAc,EAC7B,GAAG,OAAO,CAAC;QAEZ,IAAI,CAAC,eAAe,GAAG,IAAI,cAAc,CAAC,SAAS,CAAC,CAAC;QACrD,IAAI,CAAC,aAAa,GAAG,YAAY,CAAC;QAClC,IAAI,CAAC,YAAY,GAAG,WAAW,CAAC;QAEhC,IAAI,MAAM,GAAG,WAAW,CAAC,QAAQ,CAAC;QAClC,IACE,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC;YAC3B,YAAY,CAAC,MAAM,GAAG,CAAC,EACvB,CAAC;YACD,MAAM,GAAG,iBAAiB,KAAK,IAAI,CAAC,CAAC;gBACnC,YAAY,CAAC,CAAC;gBACd,CAAC,GAAG,MAAM,EAAE,GAAG,YAAY,CAAC,CAAC;QACjC,CAAC;QAED,IAAI,OAAO,gBAAgB,KAAK,SAAS,EAAE,CAAC;YAC1C,IAAI,gBAAgB,EAAE,CAAC;gBACrB,MAAM,GAAG,CAAC,GAAG,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,SAAS,CAAC,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;aACI,CAAC;YACJ,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,gBAAgB,IAAI,EAAE,CAAC;iBACtD,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,WAAW,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;YAE9D,MAAM,GAAG,CAAC,GAAG,MAAM,EAAE,GAAG,cAAc,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,OAAO,CACL,GAAW,EACX,UAA0B,EAAE;QAE5B,MAAM,EACJ,QAAQ,EACR,UAAU,GAAG,KAAK,EAClB,kBAAkB,GAAG,KAAK,EAC1B,UAAU,EACV,QAAQ,EACR,QAAQ,EACT,GAAG,OAAO,CAAC;QAEZ,MAAM,MAAM,GAAG,OAAO,CAAC,YAAY,IAAI,WAAW,CAAC,aAAa,CAAC;QAEjE,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CACvB,IAAI,CAAC,aAAa,CAAC,GAAG,EAAE,EAAE,kBAAkB,EAAE,CAAC,EAC/C,KAAK,CAAC,CACP,CAAC;QAEF,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAClD,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,YAAY,CAAC;QACvC,IAAI,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAClB,eAAe,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC,CAC/D,CAAC;QACJ,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,WAAW,CAAC,MAAM,EAAE,IAAI,sBAAsB,CAAC,IAAI,CAAC,aAAa,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;QACzG,IAAI,UAAU,EAAE,CAAC;YACf,IAAI,OAAO,UAAU,KAAK,UAAU,EAAE,CAAC;gBACrC,MAAM,IAAI,SAAS,CAAC,uCAAuC,CAAC,CAAC;YAC/D,CAAC;YACD,UAAU,CAAC,MAAM,CAAC,CAAC;QACrB,CAAC;QAED,2DAA2D;QAC3D,MAAM,WAAW,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACtD,SAAS,CAAC,WAAW,EAAE,SAAS,IAAI,CAAC,IAAI;YACvC,4BAA4B;YAC5B,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,OAAO;YACT,CAAC;YAED,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1C,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBAC3C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;oBACtB,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,OAAO,QAAQ,KAAK,UAAU,EAAE,CAAC;gBACnC,MAAM,IAAI,SAAS,CAAC,qCAAqC,CAAC,CAAC;YAC7D,CAAC;YACD,QAAQ,CAAC,MAAM,CAAC,CAAC;QACnB,CAAC;QACD,WAAW,CAAC,QAAQ,EAAE,CAAC;QAEvB,oEAAoE;QACpE,IAAI,yBAAyB,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;QACtC,CAAC;QAED,OAAO;YACL,GAAG,MAAM,CAAC,SAAS,CAAC,UAAU,CAAC;YAC/B,YAAY,EAAE,MAAM,CAAC,YAAY;YACjC,KAAK,EAAE,MAAM,CAAC,KAAK;SACpB,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,WAAW,CACf,UAAwB,EACxB,UAA8B,EAAE;QAEhC,IAAI,CAAC;YACH,MAAM,EACJ,WAAW,GAAG,IAAI,EAClB,kBAAkB,GAAG,KAAK,EAC1B,UAAU,EACV,QAAQ,EACR,YAAY,EACb,GAAG,OAAO,CAAC;YAEZ,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,cAAc,GAAG,UAAU,YAAY,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;YAEhF,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,GAAG,CAAC,CAAC;YACrE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;gBAC7B,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;gBACtC,UAAU,EAAE,KAAK;gBACjB,kBAAkB;gBAClB,UAAU;gBACV,QAAQ;gBACR,YAAY;aACb,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBACzB,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACxC,CAAC;YAED,0EAA0E;YAC1E,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,KAAK,EAAE,CAAC;gBAChD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAChC,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,IAAI;gBACR,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC;QACJ,CAAC;QACD,OAAO,KAAU,EAAE,CAAC;YAClB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,QAAQ,EAAE;oBACR,eAAe,CAAC,eAAe,EAAE;wBAC/B,KAAK,EAAE,KAAK,CAAC,OAAO;qBACrB,CAAC;iBACH;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,eAAe,CACb,UAAwB,EACxB,UAA8B,EAAE;QAEhC,IAAI,CAAC;YACH,MAAM,EACJ,WAAW,GAAG,IAAI,EAClB,kBAAkB,GAAG,KAAK,EAC1B,UAAU,EACV,QAAQ,EACR,YAAY,EACb,GAAG,OAAO,CAAC;YAEZ,MAAM,GAAG,GAAG,MAAM,CAAC,YAAY,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACrD,MAAM,cAAc,GAAG,UAAU,YAAY,GAAG,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC;YAEhF,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,GAAG,CAAC,CAAC;YACrE,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,EAAE;gBAC7B,QAAQ,EAAE,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC;gBACtC,UAAU,EAAE,KAAK;gBACjB,kBAAkB;gBAClB,UAAU;gBACV,QAAQ;gBACR,YAAY;aACb,CAAC,CAAC;YAEH,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;gBACzB,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACxC,CAAC;YAED,0EAA0E;YAC1E,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,KAAK,EAAE,CAAC;gBAChD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YAChC,CAAC;YAED,OAAO;gBACL,EAAE,EAAE,IAAI;gBACR,YAAY,EAAE,IAAI,CAAC,YAAY;gBAC/B,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC;QACJ,CAAC;QACD,OAAO,KAAU,EAAE,CAAC;YAClB,OAAO;gBACL,EAAE,EAAE,KAAK;gBACT,QAAQ,EAAE;oBACR,eAAe,CAAC,eAAe,EAAE;wBAC/B,KAAK,EAAE,KAAK,CAAC,OAAO;qBACrB,CAAC;iBACH;aACF,CAAC;QACJ,CAAC;IACH,CAAC;IAED,aAAa,CACX,MAAc,EACd,UAAgC,EAAE;QAElC,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,MAAM,IAAI,SAAS,CAAC,yBAAyB,CAAC,CAAC;QACjD,CAAC;QACD,MAAM,EAAE,kBAAkB,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;QAE/C;;;;WAIG;QACH,MAAM,YAAY,GAAG,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC;YAC3C,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;QAElD,OAAO,kBAAkB,CAAC,CAAC;YACzB,IAAI,CAAC,kBAAkB,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC;IACzD,CAAC;IAED,kBAAkB,CAAC,GAAW;QAC5B,OAAO,GAAG,CAAC,UAAU,CAAC,sBAAsB,EAAE,EAAE,CAAC,CAAC;IACpD,CAAC"}
|
package/dist/CollectableSet.d.ts
CHANGED
|
@@ -1,19 +1,22 @@
|
|
|
1
1
|
import { type SourceArrayLocation } from "./utils/toArrayLocation.ts";
|
|
2
|
-
export type
|
|
2
|
+
export type Type = "url" | "hostname" | "ip" | "email" | (string & {});
|
|
3
|
+
export type Location<T = Record<string, unknown>> = {
|
|
3
4
|
file: string | null;
|
|
4
5
|
location: SourceArrayLocation[];
|
|
6
|
+
metadata?: T;
|
|
5
7
|
};
|
|
6
|
-
export declare class CollectableSet {
|
|
8
|
+
export declare class CollectableSet<T = Record<string, unknown>> {
|
|
7
9
|
#private;
|
|
8
|
-
type:
|
|
10
|
+
type: Type;
|
|
9
11
|
constructor(type: string);
|
|
10
|
-
add(value: string, { file, location }: {
|
|
12
|
+
add(value: string, { file, location, metadata }: {
|
|
11
13
|
file?: string | null;
|
|
14
|
+
metadata?: T;
|
|
12
15
|
location: SourceArrayLocation;
|
|
13
16
|
}): void;
|
|
14
17
|
[Symbol.iterator](): Generator<{
|
|
15
18
|
value: string;
|
|
16
|
-
locations: Location[];
|
|
19
|
+
locations: Location<T>[];
|
|
17
20
|
}, void, unknown>;
|
|
18
21
|
}
|
|
19
22
|
//# sourceMappingURL=CollectableSet.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CollectableSet.d.ts","sourceRoot":"","sources":["../src/CollectableSet.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,MAAM,MAAM,QAAQ,GAAG;
|
|
1
|
+
{"version":3,"file":"CollectableSet.d.ts","sourceRoot":"","sources":["../src/CollectableSet.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,KAAK,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,MAAM,MAAM,IAAI,GAAG,KAAK,GAAG,UAAU,GAAG,IAAI,GAAG,OAAO,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;AAEvE,MAAM,MAAM,QAAQ,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI;IAClD,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,QAAQ,EAAE,mBAAmB,EAAE,CAAC;IAChC,QAAQ,CAAC,EAAE,CAAC,CAAC;CACd,CAAC;AAEF,qBAAa,cAAc,CAAC,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;;IAErD,IAAI,EAAE,IAAI,CAAC;gBACC,IAAI,EAAE,MAAM;IAIxB,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,IAAW,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE;QACtD,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACrB,QAAQ,CAAC,EAAE,CAAC,CAAC;QACb,QAAQ,EAAE,mBAAmB,CAAC;KAC/B;IAkBC,CAAC,MAAM,CAAC,QAAQ,CAAC;;;;CAmBpB"}
|
package/dist/CollectableSet.js
CHANGED
|
@@ -6,25 +6,29 @@ export class CollectableSet {
|
|
|
6
6
|
constructor(type) {
|
|
7
7
|
this.type = type;
|
|
8
8
|
}
|
|
9
|
-
add(value, { file = null, location }) {
|
|
9
|
+
add(value, { file = null, location, metadata }) {
|
|
10
10
|
if (!this.#entries.has(value)) {
|
|
11
|
-
this.#entries.set(value, new Map([[file, [location]]]));
|
|
11
|
+
this.#entries.set(value, new Map([[file, [{ location, metadata }]]]));
|
|
12
12
|
return;
|
|
13
13
|
}
|
|
14
14
|
const files = this.#entries.get(value);
|
|
15
15
|
if (files?.has(file)) {
|
|
16
|
-
files?.get(file)?.push(location);
|
|
16
|
+
files?.get(file)?.push({ location, metadata });
|
|
17
17
|
return;
|
|
18
18
|
}
|
|
19
|
-
files?.set(file, [location]);
|
|
19
|
+
files?.set(file, [{ location, metadata }]);
|
|
20
20
|
}
|
|
21
21
|
*[Symbol.iterator]() {
|
|
22
22
|
for (const [value, files] of this.#entries) {
|
|
23
23
|
const locations = [];
|
|
24
|
-
for (const [file,
|
|
25
|
-
|
|
26
|
-
|
|
27
|
-
|
|
24
|
+
for (const [file, locs] of files) {
|
|
25
|
+
for (const { location, metadata } of locs) {
|
|
26
|
+
locations.push({
|
|
27
|
+
file,
|
|
28
|
+
location: [location],
|
|
29
|
+
...(metadata && { metadata })
|
|
30
|
+
});
|
|
31
|
+
}
|
|
28
32
|
}
|
|
29
33
|
yield {
|
|
30
34
|
value, locations
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CollectableSet.js","sourceRoot":"","sources":["../src/CollectableSet.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,OAAO,EAA4B,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"CollectableSet.js","sourceRoot":"","sources":["../src/CollectableSet.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,OAAO,EAA4B,MAAM,4BAA4B,CAAC;AAUtE,MAAM,OAAO,cAAc;IACzB,QAAQ,GAAwF,IAAI,GAAG,EAAE,CAAC;IAC1G,IAAI,CAAO;IACX,YAAY,IAAY;QACtB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACnB,CAAC;IAED,GAAG,CAAC,KAAa,EAAE,EAAE,IAAI,GAAG,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAInD;QACC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YAC9B,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAEtE,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QAEvC,IAAI,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,KAAK,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;YAE/C,OAAO;QACT,CAAC;QAED,KAAK,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,CAAC;IAC7C,CAAC;IAED,CAAE,CAAC,MAAM,CAAC,QAAQ,CAAC;QACjB,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC3C,MAAM,SAAS,GAAkB,EAAE,CAAC;YAEpC,KAAK,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,KAAK,EAAE,CAAC;gBACjC,KAAK,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC;oBAC1C,SAAS,CAAC,IAAI,CAAC;wBACb,IAAI;wBACJ,QAAQ,EAAE,CAAC,QAAQ,CAAC;wBACpB,GAAG,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,CAAC;qBAC9B,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,MAAM;gBACJ,KAAK,EAAE,SAAS;aACjB,CAAC;QACJ,CAAC;IACH,CAAC;CACF"}
|
|
@@ -1,12 +1,14 @@
|
|
|
1
|
-
import { CollectableSet } from "./CollectableSet.ts";
|
|
1
|
+
import { CollectableSet, type Type } from "./CollectableSet.ts";
|
|
2
2
|
import type { SourceArrayLocation } from "./utils/toArrayLocation.ts";
|
|
3
3
|
export declare class CollectableSetRegistry {
|
|
4
4
|
#private;
|
|
5
5
|
constructor(collectableSets: CollectableSet[]);
|
|
6
|
-
add(type:
|
|
6
|
+
add(type: Type, { value, file, location, metadata }: {
|
|
7
7
|
value: string;
|
|
8
8
|
file?: string | null;
|
|
9
9
|
location: SourceArrayLocation;
|
|
10
|
+
metadata?: Record<string, unknown>;
|
|
10
11
|
}): void;
|
|
12
|
+
has(type: Type): boolean;
|
|
11
13
|
}
|
|
12
14
|
//# sourceMappingURL=CollectableSetRegistry.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CollectableSetRegistry.d.ts","sourceRoot":"","sources":["../src/CollectableSetRegistry.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;
|
|
1
|
+
{"version":3,"file":"CollectableSetRegistry.d.ts","sourceRoot":"","sources":["../src/CollectableSetRegistry.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,KAAK,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAChE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AAEtE,qBAAa,sBAAsB;;gBAErB,eAAe,EAAE,cAAc,EAAE;IAM7C,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,EAAE;QACnD,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;QACrB,QAAQ,EAAE,mBAAmB,CAAC;QAC9B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACpC;IAKD,GAAG,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;CAGzB"}
|
|
@@ -7,9 +7,12 @@ export class CollectableSetRegistry {
|
|
|
7
7
|
this.#collectableSets.set(collectableSet.type, collectableSet);
|
|
8
8
|
});
|
|
9
9
|
}
|
|
10
|
-
add(type, { value, file, location }) {
|
|
10
|
+
add(type, { value, file, location, metadata }) {
|
|
11
11
|
const collectableSet = this.#collectableSets.get(type);
|
|
12
|
-
collectableSet?.add(value, { file, location });
|
|
12
|
+
collectableSet?.add(value, { file, location, metadata });
|
|
13
|
+
}
|
|
14
|
+
has(type) {
|
|
15
|
+
return this.#collectableSets.has(type);
|
|
13
16
|
}
|
|
14
17
|
}
|
|
15
18
|
//# sourceMappingURL=CollectableSetRegistry.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"CollectableSetRegistry.js","sourceRoot":"","sources":["../src/CollectableSetRegistry.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,OAAO,EAAE,cAAc,
|
|
1
|
+
{"version":3,"file":"CollectableSetRegistry.js","sourceRoot":"","sources":["../src/CollectableSetRegistry.ts"],"names":[],"mappings":"AAAA,+BAA+B;AAC/B,OAAO,EAAE,cAAc,EAAa,MAAM,qBAAqB,CAAC;AAGhE,MAAM,OAAO,sBAAsB;IACjC,gBAAgB,GAA8B,IAAI,GAAG,EAAE,CAAC;IACxD,YAAY,eAAiC;QAC3C,eAAe,CAAC,OAAO,CAAC,CAAC,cAAc,EAAE,EAAE;YACzC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;IACL,CAAC;IAED,GAAG,CAAC,IAAU,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAKhD;QACC,MAAM,cAAc,GAAG,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACvD,cAAc,EAAE,GAAG,CAAC,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,GAAG,CAAC,IAAU;QACZ,OAAO,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;CACF"}
|
package/dist/ProbeRunner.d.ts
CHANGED
|
@@ -4,10 +4,15 @@ import type { OptionalWarningName } from "./warnings.ts";
|
|
|
4
4
|
import type { CollectableSetRegistry } from "./CollectableSetRegistry.ts";
|
|
5
5
|
export type ProbeReturn = void | null | symbol;
|
|
6
6
|
export type ProbeContextDef = Record<string, any>;
|
|
7
|
+
export type NamedMainHandlers<T extends ProbeContextDef = ProbeContextDef> = {
|
|
8
|
+
default: (node: any, ctx: ProbeMainContext<T>) => ProbeReturn;
|
|
9
|
+
[handlerName: string]: (node: any, ctx: ProbeMainContext<T>) => ProbeReturn;
|
|
10
|
+
};
|
|
7
11
|
export type ProbeContext<T extends ProbeContextDef = ProbeContextDef> = {
|
|
8
12
|
sourceFile: SourceFile;
|
|
9
13
|
collectableSetRegistry: CollectableSetRegistry;
|
|
10
14
|
context?: T;
|
|
15
|
+
setEntryPoint: (handlerName: string) => void;
|
|
11
16
|
};
|
|
12
17
|
export type ProbeMainContext<T extends ProbeContextDef = ProbeContextDef> = ProbeContext<T> & {
|
|
13
18
|
data?: any;
|
|
@@ -19,7 +24,7 @@ export interface Probe<T extends ProbeContextDef = ProbeContextDef> {
|
|
|
19
24
|
initialize?: (ctx: ProbeContext<T>) => void | ProbeContext;
|
|
20
25
|
finalize?: (ctx: ProbeContext<T>) => void;
|
|
21
26
|
validateNode: ProbeValidationCallback<T> | ProbeValidationCallback<T>[];
|
|
22
|
-
main: (node: any, ctx: ProbeMainContext<T>) => ProbeReturn
|
|
27
|
+
main: ((node: any, ctx: ProbeMainContext<T>) => ProbeReturn) | NamedMainHandlers<T>;
|
|
23
28
|
teardown?: (ctx: ProbeContext<T>) => void;
|
|
24
29
|
breakOnMatch?: boolean;
|
|
25
30
|
breakGroup?: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProbeRunner.d.ts","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;
|
|
1
|
+
{"version":3,"file":"ProbeRunner.d.ts","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAqBtC,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACzD,OAAO,KAAK,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAK1E,MAAM,MAAM,WAAW,GAAG,IAAI,GAAG,IAAI,GAAG,MAAM,CAAC;AAC/C,MAAM,MAAM,eAAe,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAElD,MAAM,MAAM,iBAAiB,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI;IAC3E,OAAO,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC;IAC9D,CAAC,WAAW,EAAE,MAAM,GAAG,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC;CAC7E,CAAC;AAEF,MAAM,MAAM,YAAY,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI;IACtE,UAAU,EAAE,UAAU,CAAC;IACvB,sBAAsB,EAAE,sBAAsB,CAAC;IAC/C,OAAO,CAAC,EAAE,CAAC,CAAC;IACZ,aAAa,EAAE,CAAC,WAAW,EAAE,MAAM,KAAK,IAAI,CAAC;CAC9C,CAAC;AACF,MAAM,MAAM,gBAAgB,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI,YAAY,CAAC,CAAC,CAAC,GAAG;IAC5F,IAAI,CAAC,EAAE,GAAG,CAAC;IACX,OAAO,EAAE,OAAO,WAAW,CAAC,OAAO,CAAC;CACrC,CAAC;AAEF,MAAM,MAAM,uBAAuB,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe,IAAI,CACjF,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KACpC,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC,CAAC;AAErB,MAAM,WAAW,KAAK,CAAC,CAAC,SAAS,eAAe,GAAG,eAAe;IAChE,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,CAAC,EAAE,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,GAAG,YAAY,CAAC;IAC3D,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;IAC1C,YAAY,EAAE,uBAAuB,CAAC,CAAC,CAAC,GAAG,uBAAuB,CAAC,CAAC,CAAC,EAAE,CAAC;IACxE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC,KAAK,WAAW,CAAC,GAAG,iBAAiB,CAAC,CAAC,CAAC,CAAC;IACpF,QAAQ,CAAC,EAAE,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC;IAC1C,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,CAAC,CAAC;CACb;AAED,qBAAa,WAAW;;IACtB,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,UAAU,EAAE,UAAU,CAAC;IAIvB,MAAM,CAAC,OAAO;;;;OAIX;IAEH;;;OAGG;IACH,MAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,CAgBtB;IAEF,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,mBAAmB,EAAE,KAAK,CAAC,CAGlD;gBAGA,UAAU,EAAE,UAAU,EACtB,sBAAsB,EAAE,sBAAsB,EAC9C,MAAM,GAAE,KAAK,EAAyB;IAuGxC,IAAI,CACF,IAAI,EAAE,MAAM,CAAC,IAAI,GAChB,IAAI,GAAG,MAAM;IAoChB,QAAQ,IAAI,IAAI;CAMjB"}
|
package/dist/ProbeRunner.js
CHANGED
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
// Import Node.js Dependencies
|
|
2
2
|
import assert from "node:assert";
|
|
3
3
|
// Import Internal Dependencies
|
|
4
|
+
import logUsage from "./probes/log-usage.js";
|
|
5
|
+
import sqlInjection from "./probes/sql-injection.js";
|
|
4
6
|
import dataExfiltration from "./probes/data-exfiltration.js";
|
|
5
7
|
import isArrayExpression from "./probes/isArrayExpression.js";
|
|
6
8
|
import isBinaryExpression from "./probes/isBinaryExpression.js";
|
|
@@ -22,6 +24,7 @@ export class ProbeRunner {
|
|
|
22
24
|
probes;
|
|
23
25
|
sourceFile;
|
|
24
26
|
#collectableSetRegistry;
|
|
27
|
+
#selectedEntryPoints = new Map();
|
|
25
28
|
static Signals = Object.freeze({
|
|
26
29
|
Break: Symbol.for("breakWalk"),
|
|
27
30
|
Skip: Symbol.for("skipWalk"),
|
|
@@ -45,17 +48,22 @@ export class ProbeRunner {
|
|
|
45
48
|
isArrayExpression,
|
|
46
49
|
isUnsafeCommand,
|
|
47
50
|
isSerializeEnv,
|
|
48
|
-
dataExfiltration
|
|
51
|
+
dataExfiltration,
|
|
52
|
+
sqlInjection
|
|
49
53
|
];
|
|
50
54
|
static Optionals = {
|
|
51
|
-
"synchronous-io": isSyncIO
|
|
55
|
+
"synchronous-io": isSyncIO,
|
|
56
|
+
"log-usage": logUsage
|
|
52
57
|
};
|
|
53
58
|
constructor(sourceFile, collectableSetRegistry, probes = ProbeRunner.Defaults) {
|
|
54
59
|
this.sourceFile = sourceFile;
|
|
55
60
|
this.#collectableSetRegistry = collectableSetRegistry;
|
|
56
61
|
for (const probe of probes) {
|
|
57
62
|
assert(typeof probe.validateNode === "function" || Array.isArray(probe.validateNode), `Invalid probe ${probe.name}: validateNode must be a function or an array of functions`);
|
|
58
|
-
assert(typeof probe.main === "function", `Invalid probe ${probe.name}: main must be a function`);
|
|
63
|
+
assert(typeof probe.main === "function" || typeof probe.main === "object", `Invalid probe ${probe.name}: main must be a function or an object with named handlers`);
|
|
64
|
+
if (typeof probe.main === "object") {
|
|
65
|
+
assert("default" in probe.main && typeof probe.main.default === "function", `Invalid probe ${probe.name}: named main handlers must provide a 'default' handler`);
|
|
66
|
+
}
|
|
59
67
|
assert(typeof probe.initialize === "function" || probe.initialize === undefined, `Invalid probe ${probe.name}: initialize must be a function or undefined`);
|
|
60
68
|
if (probe.initialize) {
|
|
61
69
|
const isDefined = Reflect.defineProperty(probe, kProbeOriginalContext, {
|
|
@@ -75,10 +83,16 @@ export class ProbeRunner {
|
|
|
75
83
|
this.probes = probes;
|
|
76
84
|
}
|
|
77
85
|
#getProbeContext(probe) {
|
|
86
|
+
const setEntryPoint = (handlerName) => {
|
|
87
|
+
if (typeof probe.main === "object") {
|
|
88
|
+
this.#selectedEntryPoints.set(probe, handlerName);
|
|
89
|
+
}
|
|
90
|
+
};
|
|
78
91
|
return {
|
|
79
92
|
sourceFile: this.sourceFile,
|
|
80
93
|
collectableSetRegistry: this.#collectableSetRegistry,
|
|
81
|
-
context: probe.context
|
|
94
|
+
context: probe.context,
|
|
95
|
+
setEntryPoint
|
|
82
96
|
};
|
|
83
97
|
}
|
|
84
98
|
#runProbe(probe, node) {
|
|
@@ -88,7 +102,19 @@ export class ProbeRunner {
|
|
|
88
102
|
for (const validateNode of validationFns) {
|
|
89
103
|
const [isMatching, data = null] = validateNode(node, ctx);
|
|
90
104
|
if (isMatching) {
|
|
91
|
-
|
|
105
|
+
let mainHandler;
|
|
106
|
+
if (typeof probe.main === "function") {
|
|
107
|
+
mainHandler = probe.main;
|
|
108
|
+
}
|
|
109
|
+
else {
|
|
110
|
+
const selectedName = this.#selectedEntryPoints.get(probe);
|
|
111
|
+
const handlerName = (selectedName && selectedName in probe.main)
|
|
112
|
+
? selectedName
|
|
113
|
+
: "default";
|
|
114
|
+
mainHandler = probe.main[handlerName];
|
|
115
|
+
}
|
|
116
|
+
this.#selectedEntryPoints.delete(probe);
|
|
117
|
+
return mainHandler(node, {
|
|
92
118
|
...ctx,
|
|
93
119
|
signals: ProbeRunner.Signals,
|
|
94
120
|
data
|
package/dist/ProbeRunner.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ProbeRunner.js","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,MAAM,MAAM,aAAa,CAAC;AAKjC,+BAA+B;AAC/B,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAC7D,OAAO,iBAAiB,MAAM,+BAA+B,CAAC;AAC9D,OAAO,kBAAkB,MAAM,gCAAgC,CAAC;AAChE,OAAO,WAAW,MAAM,yBAAyB,CAAC;AAClD,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,mBAAmB,MAAM,iCAAiC,CAAC;AAClE,OAAO,SAAS,MAAM,uBAAuB,CAAC;AAC9C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,aAAa,MAAM,2BAA2B,CAAC;AACtD,OAAO,SAAS,MAAM,iCAAiC,CAAC;AACxD,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,QAAQ,MAAM,sBAAsB,CAAC;AAC5C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,eAAe,MAAM,6BAA6B,CAAC;AAC1D,OAAO,YAAY,MAAM,0BAA0B,CAAC;AAMpD,YAAY;AACZ,MAAM,qBAAqB,GAAG,MAAM,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"ProbeRunner.js","sourceRoot":"","sources":["../src/ProbeRunner.ts"],"names":[],"mappings":"AAAA,8BAA8B;AAC9B,OAAO,MAAM,MAAM,aAAa,CAAC;AAKjC,+BAA+B;AAC/B,OAAO,QAAQ,MAAM,uBAAuB,CAAC;AAC7C,OAAO,YAAY,MAAM,2BAA2B,CAAC;AACrD,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAC7D,OAAO,iBAAiB,MAAM,+BAA+B,CAAC;AAC9D,OAAO,kBAAkB,MAAM,gCAAgC,CAAC;AAChE,OAAO,WAAW,MAAM,yBAAyB,CAAC;AAClD,OAAO,OAAO,MAAM,qBAAqB,CAAC;AAC1C,OAAO,mBAAmB,MAAM,iCAAiC,CAAC;AAClE,OAAO,SAAS,MAAM,uBAAuB,CAAC;AAC9C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,aAAa,MAAM,2BAA2B,CAAC;AACtD,OAAO,SAAS,MAAM,iCAAiC,CAAC;AACxD,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,QAAQ,MAAM,sBAAsB,CAAC;AAC5C,OAAO,cAAc,MAAM,4BAA4B,CAAC;AACxD,OAAO,eAAe,MAAM,6BAA6B,CAAC;AAC1D,OAAO,YAAY,MAAM,0BAA0B,CAAC;AAMpD,YAAY;AACZ,MAAM,qBAAqB,GAAG,MAAM,CAAC,GAAG,CAAC,sBAAsB,CAAC,CAAC;AAqCjE,MAAM,OAAO,WAAW;IACtB,MAAM,CAAU;IAChB,UAAU,CAAa;IACvB,uBAAuB,CAAyB;IAChD,oBAAoB,GAAuB,IAAI,GAAG,EAAE,CAAC;IAErD,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,KAAK,EAAE,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC;QAC9B,IAAI,EAAE,MAAM,CAAC,GAAG,CAAC,UAAU,CAAC;QAC5B,QAAQ,EAAE,IAAI;KACf,CAAC,CAAC;IAEH;;;OAGG;IACH,MAAM,CAAC,QAAQ,GAAY;QACzB,OAAO;QACP,SAAS;QACT,WAAW;QACX,cAAc;QACd,SAAS;QACT,cAAc;QACd,aAAa;QACb,mBAAmB;QACnB,YAAY;QACZ,kBAAkB;QAClB,iBAAiB;QACjB,eAAe;QACf,cAAc;QACd,gBAAgB;QAChB,YAAY;KACb,CAAC;IAEF,MAAM,CAAC,SAAS,GAAuC;QACrD,gBAAgB,EAAE,QAAQ;QAC1B,WAAW,EAAE,QAAQ;KACtB,CAAC;IAEF,YACE,UAAsB,EACtB,sBAA8C,EAC9C,SAAkB,WAAW,CAAC,QAAQ;QAEtC,IAAI,CAAC,UAAU,GAAG,UAAU,CAAC;QAC7B,IAAI,CAAC,uBAAuB,GAAG,sBAAsB,CAAC;QAEtD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,CACJ,OAAO,KAAK,CAAC,YAAY,KAAK,UAAU,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,EAC7E,iBAAiB,KAAK,CAAC,IAAI,4DAA4D,CACxF,CAAC;YACF,MAAM,CACJ,OAAO,KAAK,CAAC,IAAI,KAAK,UAAU,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAClE,iBAAiB,KAAK,CAAC,IAAI,4DAA4D,CACxF,CAAC;YACF,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnC,MAAM,CACJ,SAAS,IAAI,KAAK,CAAC,IAAI,IAAI,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,UAAU,EACnE,iBAAiB,KAAK,CAAC,IAAI,wDAAwD,CACpF,CAAC;YACJ,CAAC;YACD,MAAM,CACJ,OAAO,KAAK,CAAC,UAAU,KAAK,UAAU,IAAI,KAAK,CAAC,UAAU,KAAK,SAAS,EACxE,iBAAiB,KAAK,CAAC,IAAI,8CAA8C,CAC1E,CAAC;YACF,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;gBACrB,MAAM,SAAS,GAAG,OAAO,CAAC,cAAc,CAAC,KAAK,EAAE,qBAAqB,EAAE;oBACrE,UAAU,EAAE,KAAK;oBACjB,KAAK,EAAE,eAAe,CAAC,KAAK,CAAC,OAAO,CAAC;oBACrC,YAAY,EAAE,IAAI;iBACnB,CAAC,CAAC;gBAEH,IAAI,CAAC,SAAS,EAAE,CAAC;oBACf,MAAM,IAAI,KAAK,CAAC,gDAAgD,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC;gBACjF,CAAC;gBAED,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC/D,IAAI,OAAO,EAAE,CAAC;oBACZ,KAAK,CAAC,OAAO,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;IACvB,CAAC;IAED,gBAAgB,CACd,KAAY;QAEZ,MAAM,aAAa,GAAG,CAAC,WAAmB,EAAE,EAAE;YAC5C,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnC,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;YACpD,CAAC;QACH,CAAC,CAAC;QAEF,OAAO;YACL,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,sBAAsB,EAAE,IAAI,CAAC,uBAAuB;YACpD,OAAO,EAAE,KAAK,CAAC,OAAO;YACtB,aAAa;SACd,CAAC;IACJ,CAAC;IAED,SAAS,CACP,KAAY,EACZ,IAAiB;QAEjB,MAAM,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC;YACvD,KAAK,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC5C,MAAM,GAAG,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAEzC,KAAK,MAAM,YAAY,IAAI,aAAa,EAAE,CAAC;YACzC,MAAM,CAAC,UAAU,EAAE,IAAI,GAAG,IAAI,CAAC,GAAG,YAAY,CAC5C,IAAI,EACJ,GAAG,CACJ,CAAC;YAEF,IAAI,UAAU,EAAE,CAAC;gBACf,IAAI,WAA8D,CAAC;gBAEnE,IAAI,OAAO,KAAK,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;oBACrC,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC;gBAC3B,CAAC;qBACI,CAAC;oBACJ,MAAM,YAAY,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;oBAC1D,MAAM,WAAW,GAAG,CAAC,YAAY,IAAI,YAAY,IAAI,KAAK,CAAC,IAAI,CAAC;wBAC9D,CAAC,CAAC,YAAY;wBACd,CAAC,CAAC,SAAS,CAAC;oBACd,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;gBACxC,CAAC;gBAED,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBAExC,OAAO,WAAW,CAAC,IAAI,EAAE;oBACvB,GAAG,GAAG;oBACN,OAAO,EAAE,WAAW,CAAC,OAAO;oBAC5B,IAAI;iBACL,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CACF,IAAiB;QAEjB,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QAEtC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChC,IAAI,KAAK,CAAC,UAAU,IAAI,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC1D,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;gBAC3C,IAAI,MAAM,KAAK,WAAW,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;oBAC5C,SAAS;gBACX,CAAC;gBAED,IAAI,MAAM,KAAK,WAAW,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;oBACxC,OAAO,MAAM,CAAC;gBAChB,CAAC;gBACD,IAAI,MAAM,KAAK,WAAW,CAAC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;oBAC/D,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,IAAI,IAAI,CAAC;oBAE5C,IAAI,UAAU,KAAK,IAAI,EAAE,CAAC;wBACxB,MAAM;oBACR,CAAC;yBACI,CAAC;wBACJ,WAAW,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;oBAC9B,CAAC;gBACH,CAAC;YACH,CAAC;oBACO,CAAC;gBACP,KAAK,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED,QAAQ;QACN,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChC,KAAK,CAAC,QAAQ,EAAE,CAAC,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,CAAC;YAC/C,KAAK,CAAC,OAAO,GAAG,KAAK,CAAC,qBAAqB,CAAC,CAAC;QAC/C,CAAC;IACH,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import type { ESTree } from "meriyah";
|
|
2
|
+
import { type SourceArrayLocation } from "./utils/toArrayLocation.ts";
|
|
3
|
+
import { CollectableSetRegistry } from "./CollectableSetRegistry.ts";
|
|
4
|
+
type Options = {
|
|
5
|
+
collectableSetRegistry: CollectableSetRegistry;
|
|
6
|
+
file?: string | null;
|
|
7
|
+
location?: ESTree.SourceLocation;
|
|
8
|
+
metadata?: Record<string, unknown>;
|
|
9
|
+
};
|
|
10
|
+
export type ShadyLinkResult = {
|
|
11
|
+
safe: boolean;
|
|
12
|
+
isLocalAddress?: boolean;
|
|
13
|
+
};
|
|
14
|
+
export declare class ShadyLink {
|
|
15
|
+
#private;
|
|
16
|
+
static isURLSafe(input: string, options: Options): ShadyLinkResult;
|
|
17
|
+
static isValidIPAddress(input: string): boolean;
|
|
18
|
+
static isIpAddressSafe(input: string, options: Omit<Options, "location"> & {
|
|
19
|
+
location?: SourceArrayLocation | ESTree.SourceLocation;
|
|
20
|
+
}): ShadyLinkResult;
|
|
21
|
+
}
|
|
22
|
+
export {};
|
|
23
|
+
//# sourceMappingURL=ShadyLink.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ShadyLink.d.ts","sourceRoot":"","sources":["../src/ShadyLink.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,OAAO,EAAmB,KAAK,mBAAmB,EAAE,MAAM,4BAA4B,CAAC;AACvF,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAyCrE,KAAK,OAAO,GAAG;IACb,sBAAsB,EAAE,sBAAsB,CAAC;IAC/C,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC,cAAc,CAAC;IACjC,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC,CAAC;AAEF,MAAM,MAAM,eAAe,GAAG;IAC5B,IAAI,EAAE,OAAO,CAAC;IACd,cAAc,CAAC,EAAE,OAAO,CAAC;CAC1B,CAAC;AAEF,qBAAa,SAAS;;IACpB,MAAM,CAAC,SAAS,CACd,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,OAAO,GACf,eAAe;IA+DlB,MAAM,CAAC,gBAAgB,CAAC,KAAK,EAAE,MAAM;IAIrC,MAAM,CAAC,eAAe,CACpB,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,GAAG;QACnC,QAAQ,CAAC,EAAE,mBAAmB,GAAG,MAAM,CAAC,cAAc,CAAC;KACxD,GACA,eAAe;CA8BnB"}
|
|
@@ -40,34 +40,70 @@ const kKnownProtocols = new Set([
|
|
|
40
40
|
// Security related
|
|
41
41
|
"acap:", "cap:", "cid:", "mid:", "urn:", "tag:", "dns:", "geo:", "ni:", "nih:"
|
|
42
42
|
]);
|
|
43
|
-
export class
|
|
44
|
-
static
|
|
43
|
+
export class ShadyLink {
|
|
44
|
+
static isURLSafe(input, options) {
|
|
45
45
|
if (!URL.canParse(input)) {
|
|
46
|
-
return true;
|
|
46
|
+
return { safe: true };
|
|
47
47
|
}
|
|
48
48
|
const parsedUrl = new URL(input);
|
|
49
49
|
// Unknown protocol, not a real URL
|
|
50
50
|
if (!kKnownProtocols.has(parsedUrl.protocol)) {
|
|
51
|
-
return true;
|
|
51
|
+
return { safe: true };
|
|
52
52
|
}
|
|
53
|
-
const { collectableSetRegistry, file, location } = options;
|
|
53
|
+
const { collectableSetRegistry, file, location, metadata } = options;
|
|
54
54
|
const sourceArrayLocation = toArrayLocation(location);
|
|
55
|
-
collectableSetRegistry.add("url", { value: parsedUrl.href, file, location: sourceArrayLocation });
|
|
55
|
+
collectableSetRegistry.add("url", { value: parsedUrl.href, file, location: sourceArrayLocation, metadata });
|
|
56
56
|
const hostname = parsedUrl.hostname;
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
57
|
+
// Early check for localhost
|
|
58
|
+
if (hostname === "localhost") {
|
|
59
|
+
collectableSetRegistry.add("hostname", { value: hostname, file, location: sourceArrayLocation, metadata });
|
|
60
|
+
return { safe: false, isLocalAddress: true };
|
|
61
|
+
}
|
|
62
|
+
if (parsedUrl.protocol === "file:") {
|
|
63
|
+
if (hostname) {
|
|
64
|
+
collectableSetRegistry.add("hostname", { value: hostname, file, location: sourceArrayLocation, metadata });
|
|
65
|
+
}
|
|
66
|
+
return { safe: true };
|
|
67
|
+
}
|
|
68
|
+
// Remove brackets from IPv6 addresses (e.g., "[::1]" -> "::1")
|
|
69
|
+
const cleanHostname = hostname.startsWith("[") && hostname.endsWith("]")
|
|
70
|
+
? hostname.slice(1, -1)
|
|
71
|
+
: hostname;
|
|
72
|
+
if (this.isValidIPAddress(cleanHostname)) {
|
|
73
|
+
const result = this.isIpAddressSafe(cleanHostname, {
|
|
74
|
+
collectableSetRegistry,
|
|
75
|
+
file,
|
|
76
|
+
location: sourceArrayLocation,
|
|
77
|
+
metadata
|
|
78
|
+
});
|
|
79
|
+
if (!result.safe) {
|
|
80
|
+
return result;
|
|
61
81
|
}
|
|
62
82
|
}
|
|
63
|
-
else {
|
|
64
|
-
collectableSetRegistry.add("hostname", { value: hostname, file, location: sourceArrayLocation });
|
|
83
|
+
else if (hostname) {
|
|
84
|
+
collectableSetRegistry.add("hostname", { value: hostname, file, location: sourceArrayLocation, metadata });
|
|
65
85
|
}
|
|
66
86
|
const scheme = parsedUrl.protocol.replace(":", "");
|
|
67
87
|
if (scheme !== "https") {
|
|
68
|
-
return false;
|
|
88
|
+
return { safe: false };
|
|
89
|
+
}
|
|
90
|
+
const isShadyLink = kShadyLinkRegExps.some((regex) => regex.test(input));
|
|
91
|
+
return { safe: !isShadyLink };
|
|
92
|
+
}
|
|
93
|
+
static isValidIPAddress(input) {
|
|
94
|
+
return /\D/.test(input) && ipaddress.isValid(input);
|
|
95
|
+
}
|
|
96
|
+
static isIpAddressSafe(input, options) {
|
|
97
|
+
const { collectableSetRegistry, file, location, metadata } = options;
|
|
98
|
+
collectableSetRegistry.add("ip", {
|
|
99
|
+
value: input, file,
|
|
100
|
+
location: Array.isArray(location) ? location : toArrayLocation(location),
|
|
101
|
+
metadata
|
|
102
|
+
});
|
|
103
|
+
if (this.#isPrivateIPAddress(input)) {
|
|
104
|
+
return { safe: false, isLocalAddress: true };
|
|
69
105
|
}
|
|
70
|
-
return
|
|
106
|
+
return { safe: true };
|
|
71
107
|
}
|
|
72
108
|
static #isPrivateIPAddress(ipAddress) {
|
|
73
109
|
let ip = ipaddress.parse(ipAddress);
|
|
@@ -81,4 +117,4 @@ export class ShadyURL {
|
|
|
81
117
|
return false;
|
|
82
118
|
}
|
|
83
119
|
}
|
|
84
|
-
//# sourceMappingURL=
|
|
120
|
+
//# sourceMappingURL=ShadyLink.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"ShadyLink.js","sourceRoot":"","sources":["../src/ShadyLink.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,SAAS,MAAM,WAAW,CAAC;AAGlC,+BAA+B;AAC/B,OAAO,EAAE,eAAe,EAA4B,MAAM,4BAA4B,CAAC;AACvF,OAAO,EAAE,sBAAsB,EAAE,MAAM,6BAA6B,CAAC;AAErE,YAAY;AACZ,MAAM,iBAAiB,GAAG;IACxB,qEAAqE;IACrE,yHAAyH;CAC1H,CAAC;AAEF,4DAA4D;AAC5D,sEAAsE;AACtE,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,MAAM;IACN,OAAO,EAAE,QAAQ;IACjB,cAAc;IACd,OAAO,EAAE,OAAO,EAAE,OAAO;IACzB,MAAM;IACN,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IACjC,mBAAmB;IACnB,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC5E,gBAAgB;IAChB,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM;IACjC,kBAAkB;IAClB,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK;IAC7B,iBAAiB;IACjB,SAAS,EAAE,OAAO,EAAE,UAAU;IAC9B,sBAAsB;IACtB,UAAU,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO;IACzC,eAAe;IACf,QAAQ,EAAE,UAAU,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,UAAU;IAC5E,SAAS,EAAE,kBAAkB,EAAE,YAAY;IAC3C,8BAA8B;IAC9B,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,KAAK;IAChG,yBAAyB;IACzB,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ;IAC/E,SAAS,EAAE,OAAO,EAAE,UAAU;IAC9B,yCAAyC;IACzC,aAAa,EAAE,QAAQ,EAAE,cAAc;IACvC,mBAAmB;IACnB,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM;CAC/E,CAAC,CAAC;AAcH,MAAM,OAAO,SAAS;IACpB,MAAM,CAAC,SAAS,CACd,KAAa,EACb,OAAgB;QAEhB,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACxB,CAAC;QAED,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC;QACjC,mCAAmC;QACnC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7C,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACxB,CAAC;QAED,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QACrE,MAAM,mBAAmB,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAEtD,sBAAsB,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,SAAS,CAAC,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,CAAC,CAAC;QAE5G,MAAM,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAC;QAEpC,4BAA4B;QAC5B,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;YAC7B,sBAAsB,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,CAAC,CAAC;YAE3G,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;QAC/C,CAAC;QAED,IAAI,SAAS,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACnC,IAAI,QAAQ,EAAE,CAAC;gBACb,sBAAsB,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,CAAC,CAAC;YAC7G,CAAC;YAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;QACxB,CAAC;QAED,+DAA+D;QAC/D,MAAM,aAAa,GAAG,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC;YACtE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACvB,CAAC,CAAC,QAAQ,CAAC;QAEb,IAAI,IAAI,CAAC,gBAAgB,CAAC,aAAa,CAAC,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,aAAa,EAAE;gBACjD,sBAAsB;gBACtB,IAAI;gBACJ,QAAQ,EAAE,mBAAmB;gBAC7B,QAAQ;aACT,CAAC,CAAC;YACH,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACjB,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;aACI,IAAI,QAAQ,EAAE,CAAC;YAClB,sBAAsB,CAAC,GAAG,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,mBAAmB,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC7G,CAAC;QAED,MAAM,MAAM,GAAG,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACnD,IAAI,MAAM,KAAK,OAAO,EAAE,CAAC;YACvB,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;QACzB,CAAC;QAED,MAAM,WAAW,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAEzE,OAAO,EAAE,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAChC,CAAC;IAED,MAAM,CAAC,gBAAgB,CAAC,KAAa;QACnC,OAAO,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IACtD,CAAC;IAED,MAAM,CAAC,eAAe,CACpB,KAAa,EACb,OAEC;QAED,MAAM,EAAE,sBAAsB,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC;QACrE,sBAAsB,CAAC,GAAG,CAAC,IAAI,EAAE;YAC/B,KAAK,EAAE,KAAK,EAAE,IAAI;YAClB,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,QAAQ,CAAC;YACxE,QAAQ;SACT,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,mBAAmB,CAAC,KAAK,CAAC,EAAE,CAAC;YACpC,OAAO,EAAE,IAAI,EAAE,KAAK,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC;QAC/C,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,mBAAmB,CACxB,SAAiB;QAEjB,IAAI,EAAE,GAAG,SAAS,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QAEpC,IAAI,EAAE,YAAY,SAAS,CAAC,IAAI,IAAI,EAAE,CAAC,mBAAmB,EAAE,EAAE,CAAC;YAC7D,EAAE,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAC1B,CAAC;QAED,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF"}
|
package/dist/SourceFile.d.ts
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import { VariableTracer } from "@nodesecure/tracer";
|
|
2
2
|
import type { ESTree } from "meriyah";
|
|
3
|
-
import type { Dependency } from "./AstAnalyser.ts";
|
|
3
|
+
import type { Dependency, Sensitivity } from "./AstAnalyser.ts";
|
|
4
4
|
import { Deobfuscator } from "./Deobfuscator.ts";
|
|
5
5
|
import { type Warning } from "./warnings.ts";
|
|
6
6
|
export type SourceFlags = "fetch" | "oneline-require" | "is-minified";
|
|
@@ -14,7 +14,9 @@ export declare class SourceFile {
|
|
|
14
14
|
warnings: Warning[];
|
|
15
15
|
flags: Set<SourceFlags>;
|
|
16
16
|
path: SourceFilePath;
|
|
17
|
-
|
|
17
|
+
sensitivity?: Sensitivity;
|
|
18
|
+
metadata?: Record<string, unknown>;
|
|
19
|
+
constructor(sourceLocation?: string, metadata?: Record<string, unknown>);
|
|
18
20
|
addDependency(name: string, location?: ESTree.SourceLocation | null, unsafe?: boolean): void;
|
|
19
21
|
addEncodedLiteral(value: string, location?: ESTree.SourceLocation): void;
|
|
20
22
|
analyzeLiteral(node: any, inArrayExpr?: boolean): void;
|
|
@@ -23,7 +25,7 @@ export declare class SourceFile {
|
|
|
23
25
|
stringScore: number;
|
|
24
26
|
warnings: Warning[];
|
|
25
27
|
};
|
|
26
|
-
walk(node: ESTree.Node):
|
|
28
|
+
walk(node: ESTree.Node): ESTree.Node[];
|
|
27
29
|
}
|
|
28
30
|
export declare class SourceFilePath {
|
|
29
31
|
location: string | null;
|
package/dist/SourceFile.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SourceFile.d.ts","sourceRoot":"","sources":["../src/SourceFile.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,OAAO,KAAK,
|
|
1
|
+
{"version":3,"file":"SourceFile.d.ts","sourceRoot":"","sources":["../src/SourceFile.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAGtC,OAAO,KAAK,EACV,UAAU,EACV,WAAW,EACZ,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAEjD,OAAO,EAEL,KAAK,OAAO,EACb,MAAM,eAAe,CAAC;AAKvB,MAAM,MAAM,WAAW,GACnB,OAAO,GACP,iBAAiB,GACjB,aAAa,CAAC;AAElB,qBAAa,UAAU;IACrB,MAAM,iBAA+C;IACrD,cAAc,UAAS;IACvB,qBAAqB,UAAS;IAC9B,YAAY,eAAsB;IAClC,YAAY,0BAAiC;IAC7C,eAAe,sBAA6B;IAC5C,QAAQ,EAAE,OAAO,EAAE,CAAM;IACzB,KAAK,mBAA0B;IAC/B,IAAI,iBAAwB;IAC5B,WAAW,CAAC,EAAE,WAAW,CAAC;IAC1B,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;gBAEvB,cAAc,CAAC,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IAKvE,aAAa,CACX,IAAI,EAAE,MAAM,EACZ,QAAQ,CAAC,EAAE,MAAM,CAAC,cAAc,GAAG,IAAI,EACvC,MAAM,GAAE,OAAoC;IAwB9C,iBAAiB,CACf,KAAK,EAAE,MAAM,EACb,QAAQ,wBAAiB;IAiB3B,cAAc,CACZ,IAAI,EAAE,GAAG,EACT,WAAW,UAAQ;IAsBrB,SAAS,CACP,UAAU,EAAE,OAAO,GAClB;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,OAAO,EAAE,CAAC;KAAE;IA0CtE,IAAI,CACF,IAAI,EAAE,MAAM,CAAC,IAAI,GAChB,MAAM,CAAC,IAAI,EAAE;CA2BjB;AAED,qBAAa,cAAc;IACzB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAQ;IAE/B,GAAG,CACD,QAAQ,CAAC,EAAE,MAAM;IAKnB,OAAO,CACL,GAAG,KAAK,EAAE,MAAM,EAAE;CAQrB"}
|
package/dist/SourceFile.js
CHANGED
|
@@ -3,6 +3,7 @@ import path from "node:path";
|
|
|
3
3
|
// Import Third-party Dependencies
|
|
4
4
|
import { Literal, Utils } from "@nodesecure/sec-literal";
|
|
5
5
|
import { VariableTracer } from "@nodesecure/tracer";
|
|
6
|
+
import { InlinedRequire } from "./probes/isRequire/InlinedRequire.js";
|
|
6
7
|
import { Deobfuscator } from "./Deobfuscator.js";
|
|
7
8
|
import { rootLocation, toArrayLocation } from "./utils/index.js";
|
|
8
9
|
import { generateWarning } from "./warnings.js";
|
|
@@ -18,8 +19,11 @@ export class SourceFile {
|
|
|
18
19
|
warnings = [];
|
|
19
20
|
flags = new Set();
|
|
20
21
|
path = new SourceFilePath();
|
|
21
|
-
|
|
22
|
+
sensitivity;
|
|
23
|
+
metadata;
|
|
24
|
+
constructor(sourceLocation, metadata) {
|
|
22
25
|
this.path.use(sourceLocation);
|
|
26
|
+
this.metadata = metadata;
|
|
23
27
|
}
|
|
24
28
|
addDependency(name, location, unsafe = this.dependencyAutoWarning) {
|
|
25
29
|
if (typeof name !== "string" || name.trim() === "") {
|
|
@@ -96,6 +100,17 @@ export class SourceFile {
|
|
|
96
100
|
};
|
|
97
101
|
}
|
|
98
102
|
walk(node) {
|
|
103
|
+
const split = InlinedRequire.split(node);
|
|
104
|
+
if (split !== null) {
|
|
105
|
+
this.tracer.walk(split.virtualDeclaration);
|
|
106
|
+
if (split.rebuildExpression) {
|
|
107
|
+
this.tracer.walk(split.rebuildExpression);
|
|
108
|
+
}
|
|
109
|
+
return [
|
|
110
|
+
split.virtualDeclaration,
|
|
111
|
+
...(split.rebuildExpression ? [split.rebuildExpression] : [])
|
|
112
|
+
];
|
|
113
|
+
}
|
|
99
114
|
this.tracer.walk(node);
|
|
100
115
|
this.deobfuscator.walk(node);
|
|
101
116
|
// Detect TryStatement and CatchClause to known which dependency is required in a Try {} clause
|
|
@@ -105,6 +120,7 @@ export class SourceFile {
|
|
|
105
120
|
else if (node.type === "CatchClause") {
|
|
106
121
|
this.inTryStatement = false;
|
|
107
122
|
}
|
|
123
|
+
return [node];
|
|
108
124
|
}
|
|
109
125
|
}
|
|
110
126
|
export class SourceFilePath {
|