@nodesecure/js-x-ray 11.5.0 → 12.0.0

package/dist/utils/isStringBase64.d.ts

@@ -0,0 +1,8 @@
+export interface Base64Options {
+    allowMime?: boolean;
+    mimeRequired?: boolean;
+    paddingRequired?: boolean;
+    allowEmpty?: boolean;
+}
+export declare function isStringBase64(v: string, opts?: Base64Options): boolean;
+//# sourceMappingURL=isStringBase64.d.ts.map

package/dist/utils/isStringBase64.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isStringBase64.d.ts","sourceRoot":"","sources":["../../src/utils/isStringBase64.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,aAAa;IAC5B,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,wBAAgB,cAAc,CAC5B,CAAC,EAAE,MAAM,EACT,IAAI,GAAE,aAAkB,GACvB,OAAO,CAoBT"}

package/dist/utils/isStringBase64.js

@@ -0,0 +1,18 @@
+export function isStringBase64(v, opts = {}) {
+    if (opts.allowEmpty === false && v === "") {
+        return false;
+    }
+    let regex = "(?:[A-Za-z0-9+\\/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+\\/]{3}=)?";
+    const mimeRegex = "(data:\\w+\\/[a-zA-Z\\+\\-\\.]+;base64,)";
+    if (opts.mimeRequired === true) {
+        regex = mimeRegex + regex;
+    }
+    else if (opts.allowMime === true) {
+        regex = mimeRegex + "?" + regex;
+    }
+    if (opts.paddingRequired === false) {
+        regex = "(?:[A-Za-z0-9+\\/]{4})*(?:[A-Za-z0-9+\\/]{2}(==)?|[A-Za-z0-9+\\/]{3}=?)?";
+    }
+    return (new RegExp("^" + regex + "$", "gi")).test(v);
+}
+//# sourceMappingURL=isStringBase64.js.map

package/dist/utils/isStringBase64.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isStringBase64.js","sourceRoot":"","sources":["../../src/utils/isStringBase64.ts"],"names":[],"mappings":"AAOA,MAAM,UAAU,cAAc,CAC5B,CAAS,EACT,OAAsB,EAAE;IAExB,IAAI,IAAI,CAAC,UAAU,KAAK,KAAK,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC;QAC1C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,KAAK,GAAG,oEAAoE,CAAC;IACjF,MAAM,SAAS,GAAG,0CAA0C,CAAC;IAE7D,IAAI,IAAI,CAAC,YAAY,KAAK,IAAI,EAAE,CAAC;QAC/B,KAAK,GAAG,SAAS,GAAG,KAAK,CAAC;IAC5B,CAAC;SACI,IAAI,IAAI,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;QACjC,KAAK,GAAG,SAAS,GAAG,GAAG,GAAG,KAAK,CAAC;IAClC,CAAC;IAED,IAAI,IAAI,CAAC,eAAe,KAAK,KAAK,EAAE,CAAC;QACnC,KAAK,GAAG,0EAA0E,CAAC;IACrF,CAAC;IAED,OAAO,CAAC,IAAI,MAAM,CAAC,GAAG,GAAG,KAAK,GAAG,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACvD,CAAC"}

package/dist/utils/isSvg.d.ts

@@ -0,0 +1,7 @@
+import type { ESTree } from "meriyah";
+export declare function isSvg(strOrLiteral: ESTree.Literal | string): boolean;
+/**
+ * @description detect if a given string is a svg path or not.
+ */
+export declare function isSvgPath(str: string): boolean;
+//# sourceMappingURL=isSvg.d.ts.map

package/dist/utils/isSvg.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"isSvg.d.ts","sourceRoot":"","sources":["../../src/utils/isSvg.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAKtC,wBAAgB,KAAK,CACnB,YAAY,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,GACpC,OAAO,CAST;AAED;;GAEG;AACH,wBAAgB,SAAS,CACvB,GAAG,EAAE,MAAM,GACV,OAAO,CAST"}

package/dist/utils/isSvg.js

@@ -0,0 +1,26 @@
+// Import Third-party Dependencies
+import isStringSvg from "is-svg";
+// Import Internal Dependencies
+import { toValue } from "../estree/index.js";
+export function isSvg(strOrLiteral) {
+    try {
+        const value = toValue(strOrLiteral);
+        return isStringSvg(value) || isSvgPath(value);
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * @description detect if a given string is a svg path or not.
+ */
+export function isSvgPath(str) {
+    if (typeof str !== "string") {
+        return false;
+    }
+    const trimStr = str.trim();
+    return trimStr.length > 4
+        && /^[mzlhvcsqta]\s*[-+.0-9][^mlhvzcsqta]+/i.test(trimStr)
+        && /[\dz]$/i.test(trimStr);
+}
+//# sourceMappingURL=isSvg.js.map

package/dist/utils/isSvg.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"isSvg.js","sourceRoot":"","sources":["../../src/utils/isSvg.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,WAAW,MAAM,QAAQ,CAAC;AAGjC,+BAA+B;AAC/B,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C,MAAM,UAAU,KAAK,CACnB,YAAqC;IAErC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;QAEpC,OAAO,WAAW,CAAC,KAAK,CAAC,IAAI,SAAS,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IACD,MAAM,CAAC;QACL,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,SAAS,CACvB,GAAW;IAEX,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QAC5B,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IAE3B,OAAO,OAAO,CAAC,MAAM,GAAG,CAAC;WACpB,yCAAyC,CAAC,IAAI,CAAC,OAAO,CAAC;WACvD,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC"}

package/dist/utils/makePrefixRemover.d.ts

@@ -0,0 +1,2 @@
+export declare function makePrefixRemover(prefixes: Iterable<string>): (expr: string) => string;
+//# sourceMappingURL=makePrefixRemover.d.ts.map

package/dist/utils/makePrefixRemover.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"makePrefixRemover.d.ts","sourceRoot":"","sources":["../../src/utils/makePrefixRemover.ts"],"names":[],"mappings":"AACA,wBAAgB,iBAAiB,CAC/B,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,GACzB,CAAC,IAAI,EAAE,MAAM,KAAK,MAAM,CAe1B"}

package/dist/utils/makePrefixRemover.js

@@ -0,0 +1,13 @@
+export function makePrefixRemover(prefixes) {
+    return (expr) => {
+        if (!expr.includes(".")) {
+            return expr;
+        }
+        const matchedPrefix = Array.from(prefixes)
+            .find((globalId) => expr.startsWith(globalId));
+        return matchedPrefix ?
+            expr.slice(matchedPrefix.length + 1) :
+            expr;
+    };
+}
+//# sourceMappingURL=makePrefixRemover.js.map

package/dist/utils/makePrefixRemover.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"makePrefixRemover.js","sourceRoot":"","sources":["../../src/utils/makePrefixRemover.ts"],"names":[],"mappings":"AACA,MAAM,UAAU,iBAAiB,CAC/B,QAA0B;IAE1B,OAAO,CACL,IAAI,EACJ,EAAE;QACF,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,IAAI,CAAC;QACd,CAAC;QAED,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC;aACvC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;QAEjD,OAAO,aAAa,CAAC,CAAC;YACpB,IAAI,CAAC,KAAK,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;YACtC,IAAI,CAAC;IACT,CAAC,CAAC;AACJ,CAAC"}

package/dist/utils/patterns.d.ts

@@ -0,0 +1,24 @@
+import type { ESTree } from "meriyah";
+/**
+ * @description get the common string prefix (at the start) pattern
+ * @example
+ * commonStringPrefix("boo", "foo"); // null
+ * commonStringPrefix("bromance", "brother"); // "bro"
+ */
+export declare function commonStringPrefix(leftAnyValue: ESTree.Literal | string, rightAnyValue: ESTree.Literal | string): string | null;
+/**
+ * @description get the common string suffixes (at the end) pattern
+ * @param {!string} leftStr
+ * @param {!string} rightStr
+ * @returns {string | null}
+ *
+ * @example
+ * commonStringSuffix("boo", "foo"); // oo
+ * commonStringSuffix("bromance", "brother"); // null
+ */
+export declare function commonStringSuffix(leftStr: string, rightStr: string): string | null;
+export declare function commonHexadecimalPrefix(identifiersArray: string[]): {
+    oneTimeOccurence: number;
+    prefix: Record<string, number>;
+};
+//# sourceMappingURL=patterns.d.ts.map

package/dist/utils/patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/utils/patterns.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAKtC;;;;;GAKG;AACH,wBAAgB,kBAAkB,CAChC,YAAY,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,EACrC,aAAa,EAAE,MAAM,CAAC,OAAO,GAAG,MAAM,GACrC,MAAM,GAAG,IAAI,CAiBf;AAQD;;;;;;;;;GASG;AACH,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,MAAM,GAAG,IAAI,CAOf;AAED,wBAAgB,uBAAuB,CACrC,gBAAgB,EAAE,MAAM,EAAE,GACzB;IAAE,gBAAgB,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAAE,CAuC/D"}

package/dist/utils/patterns.js

@@ -0,0 +1,77 @@
+// Import Third-party Dependencies
+import FrequencySet from "frequency-set";
+// Import Internal Dependencies
+import { toValue } from "../estree/index.js";
+/**
+ * @description get the common string prefix (at the start) pattern
+ * @example
+ * commonStringPrefix("boo", "foo"); // null
+ * commonStringPrefix("bromance", "brother"); // "bro"
+ */
+export function commonStringPrefix(leftAnyValue, rightAnyValue) {
+    const leftStr = toValue(leftAnyValue);
+    const rightStr = toValue(rightAnyValue);
+    // The length of leftStr cannot be greater than that rightStr
+    const minLen = leftStr.length > rightStr.length ? rightStr.length : leftStr.length;
+    let commonStr = "";
+    for (let id = 0; id < minLen; id++) {
+        if (leftStr.charAt(id) !== rightStr.charAt(id)) {
+            break;
+        }
+        commonStr += leftStr.charAt(id);
+    }
+    return commonStr === "" ? null : commonStr;
+}
+function reverseString(string) {
+    return string.split("").reverse().join("");
+}
+/**
+ * @description get the common string suffixes (at the end) pattern
+ * @param {!string} leftStr
+ * @param {!string} rightStr
+ * @returns {string | null}
+ *
+ * @example
+ * commonStringSuffix("boo", "foo"); // oo
+ * commonStringSuffix("bromance", "brother"); // null
+ */
+export function commonStringSuffix(leftStr, rightStr) {
+    const commonPrefix = commonStringPrefix(reverseString(leftStr), reverseString(rightStr));
+    return commonPrefix === null ? null : reverseString(commonPrefix);
+}
+export function commonHexadecimalPrefix(identifiersArray) {
+    if (!Array.isArray(identifiersArray)) {
+        throw new TypeError("identifiersArray must be an Array");
+    }
+    const prefix = new FrequencySet();
+    mainLoop: for (const value of identifiersArray.slice().sort()) {
+        for (const [cp, count] of prefix) {
+            const commonStr = commonStringPrefix(value, cp);
+            if (commonStr === null) {
+                continue;
+            }
+            if (commonStr === cp || commonStr.startsWith(cp)) {
+                prefix.add(cp);
+            }
+            else if (cp.startsWith(commonStr)) {
+                prefix.delete(cp);
+                prefix.add(commonStr, count + 1);
+            }
+            continue mainLoop;
+        }
+        prefix.add(value);
+    }
+    // We remove one-time occurences (because they are normal variables)
+    let oneTimeOccurence = 0;
+    for (const [key, value] of prefix.entries()) {
+        if (value === 1) {
+            prefix.delete(key);
+            oneTimeOccurence++;
+        }
+    }
+    return {
+        oneTimeOccurence,
+        prefix: Object.fromEntries(prefix)
+    };
+}
+//# sourceMappingURL=patterns.js.map

package/dist/utils/patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/utils/patterns.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,YAAY,MAAM,eAAe,CAAC;AAGzC,+BAA+B;AAC/B,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAE7C;;;;;GAKG;AACH,MAAM,UAAU,kBAAkB,CAChC,YAAqC,EACrC,aAAsC;IAEtC,MAAM,OAAO,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;IAExC,6DAA6D;IAC7D,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC;IACnF,IAAI,SAAS,GAAG,EAAE,CAAC;IAEnB,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC;QACnC,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;YAC/C,MAAM;QACR,CAAC;QAED,SAAS,IAAI,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAClC,CAAC;IAED,OAAO,SAAS,KAAK,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;AAC7C,CAAC;AAED,SAAS,aAAa,CACpB,MAAc;IAEd,OAAO,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAC7C,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,kBAAkB,CAChC,OAAe,EACf,QAAgB;IAEhB,MAAM,YAAY,GAAG,kBAAkB,CACrC,aAAa,CAAC,OAAO,CAAC,EACtB,aAAa,CAAC,QAAQ,CAAC,CACxB,CAAC;IAEF,OAAO,YAAY,KAAK,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,aAAa,CAAC,YAAY,CAAC,CAAC;AACpE,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,gBAA0B;IAE1B,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,SAAS,CAAC,mCAAmC,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;IAElC,QAAQ,EAAE,KAAK,MAAM,KAAK,IAAI,gBAAgB,CAAC,KAAK,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC;QAC9D,KAAK,MAAM,CAAC,EAAE,EAAE,KAAK,CAAC,IAAI,MAAM,EAAE,CAAC;YACjC,MAAM,SAAS,GAAG,kBAAkB,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YAChD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,SAAS;YACX,CAAC;YAED,IAAI,SAAS,KAAK,EAAE,IAAI,SAAS,CAAC,UAAU,CAAC,EAAE,CAAC,EAAE,CAAC;gBACjD,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACjB,CAAC;iBACI,IAAI,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAClC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;gBAClB,MAAM,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YACnC,CAAC;YACD,SAAS,QAAQ,CAAC;QACpB,CAAC;QAED,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC;IAED,oEAAoE;IACpE,IAAI,gBAAgB,GAAG,CAAC,CAAC;IACzB,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,EAAE,CAAC;QAC5C,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;YAChB,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACnB,gBAAgB,EAAE,CAAC;QACrB,CAAC;IACH,CAAC;IAED,OAAO;QACL,gBAAgB;QAChB,MAAM,EAAE,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC;KACnC,CAAC;AACJ,CAAC"}

package/dist/utils/stringSuspicionScore.d.ts

@@ -0,0 +1,12 @@
+/**
+ * @description Get the number of unique chars in a given string
+ * @param {!string} str string
+ * @param {string[]} [charsToExclude=[]]
+ * @returns {number}
+ */
+export declare function stringCharDiversity(str: string, charsToExclude?: Iterable<string>): number;
+/**
+ * @description Analyze a given string an give it a suspicion score (higher than 1 or 2 mean that the string is highly suspect).
+ */
+export declare function stringSuspicionScore(str: string): number;
+//# sourceMappingURL=stringSuspicionScore.d.ts.map

package/dist/utils/stringSuspicionScore.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stringSuspicionScore.d.ts","sourceRoot":"","sources":["../../src/utils/stringSuspicionScore.ts"],"names":[],"mappings":"AAsBA;;;;;GAKG;AACH,wBAAgB,mBAAmB,CACjC,GAAG,EAAE,MAAM,EACX,cAAc,GAAE,QAAQ,CAAC,MAAM,CAAM,GACpC,MAAM,CAKR;AAQD;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,MAAM,GACV,MAAM,CAmBR"}

package/dist/utils/stringSuspicionScore.js

@@ -0,0 +1,53 @@
+// CONSTANTS
+const kLenSegmenter = new Intl.Segmenter();
+/**
+ * Note: this is not a perfect way to calculate the width of a string, but it should be good enough for our use case.
+ * We are not trying to be 100% accurate, but rather to have a rough estimate of the width of a string.
+ */
+function stringLength(string) {
+    if (string === "") {
+        return 0;
+    }
+    let length = 0;
+    for (const _ of kLenSegmenter.segment(string)) {
+        length++;
+    }
+    return length;
+}
+/**
+ * @description Get the number of unique chars in a given string
+ * @param {!string} str string
+ * @param {string[]} [charsToExclude=[]]
+ * @returns {number}
+ */
+export function stringCharDiversity(str, charsToExclude = []) {
+    const data = new Set(str);
+    [...charsToExclude].forEach((char) => data.delete(char));
+    return data.size;
+}
+// ---
+const kMaxSafeStringLen = 45;
+const kMaxSafeStringCharDiversity = 70;
+const kMinUnsafeStringLenThreshold = 200;
+const kScoreStringLengthThreshold = 750;
+/**
+ * @description Analyze a given string an give it a suspicion score (higher than 1 or 2 mean that the string is highly suspect).
+ */
+export function stringSuspicionScore(str) {
+    const strLen = stringLength(str);
+    if (strLen < kMaxSafeStringLen) {
+        return 0;
+    }
+    const includeSpace = str.includes(" ");
+    const includeSpaceAtStart = includeSpace ?
+        str.slice(0, kMaxSafeStringLen).includes(" ") :
+        false;
+    let suspectScore = includeSpaceAtStart ? 0 : 1;
+    if (strLen > kMinUnsafeStringLenThreshold) {
+        suspectScore += Math.ceil(strLen / kScoreStringLengthThreshold);
+    }
+    return stringCharDiversity(str) >= kMaxSafeStringCharDiversity ?
+        suspectScore + 2 :
+        suspectScore;
+}
+//# sourceMappingURL=stringSuspicionScore.js.map

package/dist/utils/stringSuspicionScore.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stringSuspicionScore.js","sourceRoot":"","sources":["../../src/utils/stringSuspicionScore.ts"],"names":[],"mappings":"AAAA,YAAY;AACZ,MAAM,aAAa,GAAG,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;AAE3C;;;GAGG;AACH,SAAS,YAAY,CACnB,MAAc;IAEd,IAAI,MAAM,KAAK,EAAE,EAAE,CAAC;QAClB,OAAO,CAAC,CAAC;IACX,CAAC;IAED,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,KAAK,MAAM,CAAC,IAAI,aAAa,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9C,MAAM,EAAE,CAAC;IACX,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,mBAAmB,CACjC,GAAW,EACX,iBAAmC,EAAE;IAErC,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC,GAAG,cAAc,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;IAEzD,OAAO,IAAI,CAAC,IAAI,CAAC;AACnB,CAAC;AAED,MAAM;AACN,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAC7B,MAAM,2BAA2B,GAAG,EAAE,CAAC;AACvC,MAAM,4BAA4B,GAAG,GAAG,CAAC;AACzC,MAAM,2BAA2B,GAAG,GAAG,CAAC;AAExC;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAW;IAEX,MAAM,MAAM,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,MAAM,GAAG,iBAAiB,EAAE,CAAC;QAC/B,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM,YAAY,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACvC,MAAM,mBAAmB,GAAG,YAAY,CAAC,CAAC;QACxC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,iBAAiB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/C,KAAK,CAAC;IAER,IAAI,YAAY,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/C,IAAI,MAAM,GAAG,4BAA4B,EAAE,CAAC;QAC1C,YAAY,IAAI,IAAI,CAAC,IAAI,CAAC,MAAM,GAAG,2BAA2B,CAAC,CAAC;IAClE,CAAC;IAED,OAAO,mBAAmB,CAAC,GAAG,CAAC,IAAI,2BAA2B,CAAC,CAAC;QAC9D,YAAY,GAAG,CAAC,CAAC,CAAC;QAClB,YAAY,CAAC;AACjB,CAAC"}

package/dist/utils/stripNodePrefix.d.ts

@@ -0,0 +1,2 @@
+export declare function stripNodePrefix(value: any): any;
+//# sourceMappingURL=stripNodePrefix.d.ts.map

package/dist/utils/stripNodePrefix.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripNodePrefix.d.ts","sourceRoot":"","sources":["../../src/utils/stripNodePrefix.ts"],"names":[],"mappings":"AAGA,wBAAgB,eAAe,CAAC,KAAK,EAAE,GAAG,GAAG,GAAG,CAQ/C"}

package/dist/utils/stripNodePrefix.js

@@ -0,0 +1,11 @@
+// CONSTANTS
+const kNodeModulePrefix = "node:";
+export function stripNodePrefix(value) {
+    if (typeof value !== "string") {
+        return value;
+    }
+    return value.startsWith(kNodeModulePrefix) ?
+        value.slice(kNodeModulePrefix.length) :
+        value;
+}
+//# sourceMappingURL=stripNodePrefix.js.map

package/dist/utils/stripNodePrefix.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"stripNodePrefix.js","sourceRoot":"","sources":["../../src/utils/stripNodePrefix.ts"],"names":[],"mappings":"AAAA,YAAY;AACZ,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAElC,MAAM,UAAU,eAAe,CAAC,KAAU;IACxC,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QAC9B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,KAAK,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,CAAC;QAC1C,KAAK,CAAC,KAAK,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;QACvC,KAAK,CAAC;AACV,CAAC"}

package/dist/walker/walker.sync.js

@@ -1,5 +1,5 @@
 // Import Internal Dependencies
-import { isNode } from "../types/estree.js";
+import { isNode } from "../estree/types.js";
 import { WalkerBase } from "./walker.base.js";
 export class SyncWalker extends WalkerBase {
     enter;

package/dist/warnings.d.ts

@@ -1,7 +1,7 @@
 import type { ESTree } from "meriyah";
 import { type SourceArrayLocation } from "./utils/toArrayLocation.ts";
-export type OptionalWarningName = "synchronous-io" | "log-usage";
-export type WarningName = "parsing-error" | "encoded-literal" | "unsafe-regex" | "unsafe-stmt" | "short-identifiers" | "suspicious-literal" | "suspicious-file" | "obfuscated-code" | "weak-crypto" | "shady-link" | "unsafe-command" | "unsafe-import" | "serialize-environment" | "data-exfiltration" | "sql-injection" | "monkey-patch" | OptionalWarningName;
+export type OptionalWarningName = "synchronous-io" | "log-usage" | "insecure-random";
+export type WarningName = "parsing-error" | "encoded-literal" | "unsafe-regex" | "unsafe-stmt" | "short-identifiers" | "suspicious-literal" | "suspicious-file" | "obfuscated-code" | "weak-crypto" | "shady-link" | "unsafe-command" | "unsafe-import" | "serialize-environment" | "data-exfiltration" | "sql-injection" | "monkey-patch" | "insecure-random" | "prototype-pollution" | OptionalWarningName;
 export interface Warning<T = WarningName> {
     kind: T | (string & {});
     file?: string;
@@ -103,6 +103,16 @@ export declare const warnings: Readonly<{
         severity: "Warning";
         experimental: false;
     };
+    "insecure-random": {
+        i18n: string;
+        severity: "Information";
+        experimental: false;
+    };
+    "prototype-pollution": {
+        i18n: string;
+        severity: "Warning";
+        experimental: false;
+    };
 }>;
 export interface GenerateWarningOptions {
     location?: ESTree.SourceLocation | null;

package/dist/warnings.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAItC,OAAO,EAGL,KAAK,mBAAmB,EACzB,MAAM,4BAA4B,CAAC;AAEpC,MAAM,MAAM,mBAAmB,GAC3B,gBAAgB,GAChB,WAAW,CAAC;AAEhB,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,iBAAiB,GACjB,cAAc,GACd,aAAa,GACb,mBAAmB,GACnB,oBAAoB,GACpB,iBAAiB,GACjB,iBAAiB,GACjB,aAAa,GACb,YAAY,GACZ,gBAAgB,GAChB,eAAe,GACf,uBAAuB,GACvB,mBAAmB,GACnB,eAAe,GACf,cAAc,GACd,mBAAmB,CAAC;AAExB,MAAM,WAAW,OAAO,CAAC,CAAC,GAAG,WAAW;IACtC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACxB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,IAAI,GAAG,mBAAmB,GAAG,mBAAmB,EAAE,CAAC;IAC7D,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,GAAG,SAAS,GAAG,UAAU,CAAC;IACjD,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,eAAO,MAAM,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA2FgE,CAAC;AAEtF,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;IACxC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,QAAQ,CAAC,EAAE,aAAa,GAAG,SAAS,GAAG,UAAU,CAAC;CACnD;AAED,wBAAgB,eAAe,CAAC,CAAC,SAAS,WAAW,EACnD,IAAI,EAAE,CAAC,EACP,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,CAAC,CAAC,CA4BZ"}
+{"version":3,"file":"warnings.d.ts","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAItC,OAAO,EAGL,KAAK,mBAAmB,EACzB,MAAM,4BAA4B,CAAC;AAEpC,MAAM,MAAM,mBAAmB,GAC3B,gBAAgB,GAChB,WAAW,GACX,iBAAiB,CAAC;AAEtB,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,iBAAiB,GACjB,cAAc,GACd,aAAa,GACb,mBAAmB,GACnB,oBAAoB,GACpB,iBAAiB,GACjB,iBAAiB,GACjB,aAAa,GACb,YAAY,GACZ,gBAAgB,GAChB,eAAe,GACf,uBAAuB,GACvB,mBAAmB,GACnB,eAAe,GACf,cAAc,GACd,iBAAiB,GACjB,qBAAqB,GACrB,mBAAmB,CAAC;AAExB,MAAM,WAAW,OAAO,CAAC,CAAC,GAAG,WAAW;IACtC,IAAI,EAAE,CAAC,GAAG,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC;IACxB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,IAAI,GAAG,mBAAmB,GAAG,mBAAmB,EAAE,CAAC;IAC7D,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,GAAG,SAAS,GAAG,UAAU,CAAC;IACjD,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,eAAO,MAAM,QAAQ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAqGgE,CAAC;AAEtF,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,EAAE,MAAM,CAAC,cAAc,GAAG,IAAI,CAAC;IACxC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,KAAK,EAAE,MAAM,GAAG,IAAI,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB;;OAEG;IACH,QAAQ,CAAC,EAAE,aAAa,GAAG,SAAS,GAAG,UAAU,CAAC;CACnD;AAED,wBAAgB,eAAe,CAAC,CAAC,SAAS,WAAW,EACnD,IAAI,EAAE,CAAC,EACP,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,CAAC,CAAC,CA4BZ"}

package/dist/warnings.js

@@ -91,6 +91,16 @@ export const warnings = Object.freeze({
         i18n: "sast_warnings.monkey_patch",
         severity: "Warning",
         experimental: false
+    },
+    "insecure-random": {
+        i18n: "sast_warnings.insecure_random",
+        severity: "Information",
+        experimental: false
+    },
+    "prototype-pollution": {
+        i18n: "sast_warnings.prototype_pollution",
+        severity: "Warning",
+        experimental: false
     }
 });
 export function generateWarning(kind, options) {

package/dist/warnings.js.map

@@ -1 +1 @@
-{"version":3,"file":"warnings.js","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AAGA,+BAA+B;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EACL,YAAY,EACZ,eAAe,EAEhB,MAAM,4BAA4B,CAAC;AAoCpC,MAAM,CAAC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,eAAe,EAAE;QACf,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,eAAe,EAAE;QACf,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,cAAc,EAAE;QACd,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,aAAa,EAAE;QACb,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,mBAAmB,EAAE;QACnB,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,oBAAoB,EAAE;QACpB,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,UAAU;QACpB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,UAAU;QACpB,YAAY,EAAE,IAAI;KACnB;IACD,aAAa,EAAE;QACb,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,YAAY,EAAE;QACZ,IAAI,EAAE,0BAA0B;QAChC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,gBAAgB,EAAE;QAChB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,IAAI;KACnB;IACD,gBAAgB,EAAE;QAChB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,IAAI;KACnB;IACD,uBAAuB,EAAE;QACvB,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,mBAAmB,EAAE;QACnB,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,WAAW,EAAE;QACX,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,eAAe,EAAE;QACf,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,cAAc,EAAE;QACd,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;CACF,CAAoF,CAAC;AAatF,MAAM,UAAU,eAAe,CAC7B,IAAO,EACP,OAA+B;IAE/B,MAAM,EACJ,IAAI,GAAG,IAAI,EACX,KAAK,EACL,MAAM,GAAG,UAAU,EACnB,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,QAAQ,EACnC,GAAG,OAAO,CAAC;IACZ,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;IAEpD,IAAI,IAAI,KAAK,iBAAiB,EAAE,CAAC;QAC/B,OAAO;YACL,IAAI;YACJ,KAAK;YACL,QAAQ,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YACrC,MAAM;YACN,GAAG,QAAQ,CAAC,IAAI,CAAC;SAClB,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,QAAQ,EAAE,eAAe,CAAC,QAAQ,CAAC;QACnC,MAAM;QACN,GAAG,QAAQ,CAAC,IAAI,CAAC;QACjB,QAAQ;QACR,GAAG,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;KAC7D,CAAC;AACJ,CAAC"}
+{"version":3,"file":"warnings.js","sourceRoot":"","sources":["../src/warnings.ts"],"names":[],"mappings":"AAGA,+BAA+B;AAC/B,OAAO,EAAE,kBAAkB,EAAE,MAAM,+BAA+B,CAAC;AACnE,OAAO,EACL,YAAY,EACZ,eAAe,EAEhB,MAAM,4BAA4B,CAAC;AAuCpC,MAAM,CAAC,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC;IACpC,eAAe,EAAE;QACf,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,eAAe,EAAE;QACf,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,cAAc,EAAE;QACd,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,aAAa,EAAE;QACb,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,mBAAmB,EAAE;QACnB,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,oBAAoB,EAAE;QACpB,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,UAAU;QACpB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,UAAU;QACpB,YAAY,EAAE,IAAI;KACnB;IACD,aAAa,EAAE;QACb,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,YAAY,EAAE;QACZ,IAAI,EAAE,0BAA0B;QAChC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,gBAAgB,EAAE;QAChB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,IAAI;KACnB;IACD,gBAAgB,EAAE;QAChB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,IAAI;KACnB;IACD,uBAAuB,EAAE;QACvB,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,mBAAmB,EAAE;QACnB,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,WAAW,EAAE;QACX,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,eAAe,EAAE;QACf,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,cAAc,EAAE;QACd,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;IACD,iBAAiB,EAAE;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,aAAa;QACvB,YAAY,EAAE,KAAK;KACpB;IACD,qBAAqB,EAAE;QACrB,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,SAAS;QACnB,YAAY,EAAE,KAAK;KACpB;CACF,CAAoF,CAAC;AAatF,MAAM,UAAU,eAAe,CAC7B,IAAO,EACP,OAA+B;IAE/B,MAAM,EACJ,IAAI,GAAG,IAAI,EACX,KAAK,EACL,MAAM,GAAG,UAAU,EACnB,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,QAAQ,EACnC,GAAG,OAAO,CAAC;IACZ,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,YAAY,EAAE,CAAC;IAEpD,IAAI,IAAI,KAAK,iBAAiB,EAAE,CAAC;QAC/B,OAAO;YACL,IAAI;YACJ,KAAK;YACL,QAAQ,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YACrC,MAAM;YACN,GAAG,QAAQ,CAAC,IAAI,CAAC;SAClB,CAAC;IACJ,CAAC;IAED,OAAO;QACL,IAAI;QACJ,QAAQ,EAAE,eAAe,CAAC,QAAQ,CAAC;QACnC,MAAM;QACN,GAAG,QAAQ,CAAC,IAAI,CAAC;QACjB,QAAQ;QACR,GAAG,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7C,GAAG,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;KAC7D,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@nodesecure/js-x-ray",
-  "version": "11.5.0",
+  "version": "12.0.0",
   "description": "JavaScript AST XRay analysis",
   "type": "module",
   "exports": {
@@ -20,7 +20,7 @@
   "scripts": {
     "prepublishOnly": "npm run build",
     "build": "tsc",
-    "test-only": "node --test-reporter=spec --test ./test/**/*.spec.ts",
+    "test-only": "node --test-reporter=spec --test './test/**/*.spec.ts'",
     "test": "c8 --all --src ./src -r html npm run test-only",
     "bench": "node --expose-gc --experimental-strip-types ./benchmark/index.ts"
   },
@@ -52,13 +52,11 @@
   },
   "homepage": "https://github.com/NodeSecure/js-x-ray#readme",
   "dependencies": {
-    "@nodesecure/estree-ast-utils": "^4.3.0",
-    "@nodesecure/sec-literal": "^1.4.0",
-    "@nodesecure/tracer": "^4.0.0",
-    "@nodesecure/ts-source-parser": "1.1.0",
+    "@typescript-eslint/typescript-estree": "8.53.1",
     "digraph-js": "2.2.4",
     "frequency-set": "^2.1.0",
     "ipaddr.js": "2.3.0",
+    "is-svg": "6.1.0",
     "meriyah": "7.0.0",
     "safe-regex": "^2.1.1",
     "ts-pattern": "^5.0.6"

package/dist/JsSourceParser.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"JsSourceParser.d.ts","sourceRoot":"","sources":["../src/JsSourceParser.ts"],"names":[],"mappings":"AACA,OAAO,EAGL,KAAK,MAAM,EAEZ,MAAM,SAAS,CAAC;AAUjB,MAAM,MAAM,uBAAuB,GAAG,WAAW,GAAG;IAClD,KAAK,EAAE,MAAM,CAAC;IACd,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxB,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC,cAAc,CAAC;CAC5B,CAAC;AAEF,MAAM,WAAW,YAAY;IAC3B,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,GAAG,MAAM,CAAC,SAAS,EAAE,CAAC;CAC7D;AAED,qBAAa,cAAe,YAAW,YAAY;IACjD,MAAM,CAAC,cAAc,cAKlB;IAEH,KAAK,CACH,MAAM,EAAE,MAAM,GACb,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC;CA4B1B"}

package/dist/JsSourceParser.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"JsSourceParser.js","sourceRoot":"","sources":["../src/JsSourceParser.ts"],"names":[],"mappings":"AAAA,kCAAkC;AAClC,OAAO,EACL,WAAW,EACX,KAAK,EAGN,MAAM,SAAS,CAAC;AAEjB,YAAY;AACZ,MAAM,eAAe,GAAqB;IACxC,IAAI,EAAE,IAAI;IACV,GAAG,EAAE,IAAI;IACT,GAAG,EAAE,IAAI;IACT,GAAG,EAAE,IAAI;CACV,CAAC;AAcF,MAAM,OAAO,cAAc;IACzB,MAAM,CAAC,cAAc,GAAG,IAAI,GAAG,CAAC;QAC9B,KAAK;QACL,MAAM;QACN,MAAM;QACN,MAAM;KACP,CAAC,CAAC;IAEH,KAAK,CACH,MAAc;QAEd,IAAI,CAAC;YACH,MAAM,EAAE,IAAI,EAAE,GAAG,WAAW,CAC1B,MAAM,EACN,eAAe,CAAC,eAAe,CAAC,CACjC,CAAC;YAEF,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAc,EAAE,CAAC;YACtB,MAAM,WAAW,GAAG,KAAgC,CAAC;YACrD,MAAM,eAAe,GAAG,WAAW,CAAC,WAAW,CAAC,QAAQ,CAAC,0BAA0B,CAAC,CAAC;YAErF,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,EAAE,IAAI,EAAE,GAAG,KAAK,CACpB,MAAM,EACN;oBACE,GAAG,eAAe,CAAC,eAAe,CAAC;oBACnC,UAAU,EAAE,UAAU;iBACvB,CACF,CAAC;gBAEF,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC"}

package/dist/types/estree.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"estree.d.ts","sourceRoot":"","sources":["../../src/types/estree.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAEtC,MAAM,MAAM,OAAO,CAAC,CAAC,IAAI,MAAM,CAAC,OAAO,GAAG;IACxC,KAAK,EAAE,CAAC,CAAC;CACV,CAAC;AAEF,MAAM,MAAM,aAAa,CAAC,CAAC,IAAI,MAAM,CAAC,aAAa,GAAG;IACpD,KAAK,EAAE,CAAC,CAAC;CACV,CAAC;AAEF,wBAAgB,MAAM,CACpB,KAAK,EAAE,OAAO,GACb,KAAK,IAAI,MAAM,CAAC,IAAI,CAOtB;AAED,wBAAgB,SAAS,CACvB,IAAI,EAAE,OAAO,GACZ,IAAI,IAAI,OAAO,CAAC,MAAM,CAAC,CAIzB;AAED,wBAAgB,iBAAiB,CAC/B,IAAI,EAAE,OAAO,GACZ,IAAI,IAAI,MAAM,CAAC,eAAe,CAchC;AAED,wBAAgB,gBAAgB,CAC9B,IAAI,EAAE,OAAO,GACZ,IAAI,IAAI,MAAM,CAAC,cAAc,CAE/B"}

package/dist/types/estree.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"estree.js","sourceRoot":"","sources":["../../src/types/estree.ts"],"names":[],"mappings":"AAWA,MAAM,UAAU,MAAM,CACpB,KAAc;IAEd,OAAO,CACL,KAAK,KAAK,IAAI;QACd,OAAO,KAAK,KAAK,QAAQ;QACzB,MAAM,IAAI,KAAK;QACf,OAAO,KAAK,CAAC,IAAI,KAAK,QAAQ,CAC/B,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,SAAS,CACvB,IAAa;IAEb,OAAO,MAAM,CAAC,IAAI,CAAC;QACjB,IAAI,CAAC,IAAI,KAAK,SAAS;QACvB,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,CAAC;AACnC,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,IAAa;IAEb,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,KAAK,iBAAiB,EAAE,CAAC;QACrD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACrC,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,KAAK,CAAC;IACf,CAAC;IAED,OAAO,CACL,UAAU,CAAC,IAAI,KAAK,iBAAiB;QACrC,OAAO,UAAU,CAAC,KAAK,CAAC,GAAG,KAAK,QAAQ,CACzC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,IAAa;IAEb,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB,CAAC;AACxD,CAAC"}