@nodesecure/js-x-ray 6.0.0 → 6.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/index.js
CHANGED
|
@@ -15,7 +15,8 @@ import { warnings } from "./src/warnings.js";
|
|
|
15
15
|
const kMeriyahDefaultOptions = {
|
|
16
16
|
next: true,
|
|
17
17
|
loc: true,
|
|
18
|
-
raw: true
|
|
18
|
+
raw: true,
|
|
19
|
+
jsx: true
|
|
19
20
|
};
|
|
20
21
|
|
|
21
22
|
export function runASTAnalysis(str, options = Object.create(null)) {
|
|
@@ -97,7 +98,10 @@ function parseScriptExtended(strToAnalyze, isEcmaScriptModule) {
|
|
|
97
98
|
return body;
|
|
98
99
|
}
|
|
99
100
|
catch (error) {
|
|
100
|
-
if (error.name === "SyntaxError" &&
|
|
101
|
+
if (error.name === "SyntaxError" && (
|
|
102
|
+
error.description.includes("The import keyword") ||
|
|
103
|
+
error.description.includes("The export keyword")
|
|
104
|
+
)) {
|
|
101
105
|
const { body } = meriyah.parseScript(strToAnalyze, {
|
|
102
106
|
...kMeriyahDefaultOptions, module: true
|
|
103
107
|
});
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@nodesecure/js-x-ray",
|
|
3
|
-
"version": "6.0.
|
|
3
|
+
"version": "6.0.1",
|
|
4
4
|
"description": "JavaScript AST XRay analysis",
|
|
5
5
|
"type": "module",
|
|
6
6
|
"exports": "./index.js",
|
|
@@ -39,7 +39,7 @@
|
|
|
39
39
|
},
|
|
40
40
|
"homepage": "https://github.com/NodeSecure/js-x-ray#readme",
|
|
41
41
|
"dependencies": {
|
|
42
|
-
"@nodesecure/estree-ast-utils": "^1.3.
|
|
42
|
+
"@nodesecure/estree-ast-utils": "^1.3.1",
|
|
43
43
|
"@nodesecure/sec-literal": "^1.2.0",
|
|
44
44
|
"estree-walker": "^3.0.1",
|
|
45
45
|
"is-minified-code": "^2.0.0",
|
|
@@ -1,9 +1,9 @@
|
|
|
1
|
-
// Import Third-party Dependencies
|
|
2
|
-
import { Utils } from "@nodesecure/sec-literal";
|
|
3
|
-
|
|
4
|
-
export function verify(analysis, prefix) {
|
|
5
|
-
const pValue = Object.keys(prefix).pop();
|
|
6
|
-
const regexStr = `^${Utils.escapeRegExp(pValue)}[a-zA-Z]{1,2}[0-9]{0,2}$`;
|
|
7
|
-
|
|
8
|
-
return analysis.identifiersName.every(({ name }) => new RegExp(regexStr).test(name));
|
|
9
|
-
}
|
|
1
|
+
// Import Third-party Dependencies
|
|
2
|
+
import { Utils } from "@nodesecure/sec-literal";
|
|
3
|
+
|
|
4
|
+
export function verify(analysis, prefix) {
|
|
5
|
+
const pValue = Object.keys(prefix).pop();
|
|
6
|
+
const regexStr = `^${Utils.escapeRegExp(pValue)}[a-zA-Z]{1,2}[0-9]{0,2}$`;
|
|
7
|
+
|
|
8
|
+
return analysis.identifiersName.every(({ name }) => new RegExp(regexStr).test(name));
|
|
9
|
+
}
|
package/src/obfuscators/index.js
CHANGED
|
@@ -25,8 +25,12 @@ export function isObfuscatedCode(analysis) {
|
|
|
25
25
|
}
|
|
26
26
|
else {
|
|
27
27
|
// TODO: also implement Dictionnary checkup
|
|
28
|
+
const identifiers = analysis.identifiersName
|
|
29
|
+
.map((value) => value?.name ?? null)
|
|
30
|
+
.filter((name) => typeof name === "string");
|
|
31
|
+
|
|
28
32
|
const { prefix, oneTimeOccurence } = Patterns.commonHexadecimalPrefix(
|
|
29
|
-
|
|
33
|
+
identifiers
|
|
30
34
|
);
|
|
31
35
|
const uPrefixNames = new Set(Object.keys(prefix));
|
|
32
36
|
|
|
@@ -1,29 +1,29 @@
|
|
|
1
|
-
// Import Third-party Dependencies
|
|
2
|
-
import { getVariableDeclarationIdentifiers } from "@nodesecure/estree-ast-utils";
|
|
3
|
-
|
|
4
|
-
/**
|
|
5
|
-
* @description Search for AssignmentExpression (Not to be confused with AssignmentPattern).
|
|
6
|
-
*
|
|
7
|
-
* @see https://github.com/estree/estree/blob/master/es5.md#assignmentexpression
|
|
8
|
-
* @example
|
|
9
|
-
* (foo = 5)
|
|
10
|
-
*/
|
|
11
|
-
function validateNode(node) {
|
|
12
|
-
return [
|
|
13
|
-
node.type === "AssignmentExpression"
|
|
14
|
-
];
|
|
15
|
-
}
|
|
16
|
-
|
|
17
|
-
function main(node, options) {
|
|
18
|
-
const { analysis } = options;
|
|
19
|
-
|
|
20
|
-
analysis.idtypes.assignExpr++;
|
|
21
|
-
for (const { name } of getVariableDeclarationIdentifiers(node.left)) {
|
|
22
|
-
analysis.identifiersName.push({ name, type: "assignExpr" });
|
|
23
|
-
}
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
export default {
|
|
27
|
-
name: "isAssignmentExpression",
|
|
28
|
-
validateNode, main, breakOnMatch: false
|
|
29
|
-
};
|
|
1
|
+
// Import Third-party Dependencies
|
|
2
|
+
import { getVariableDeclarationIdentifiers } from "@nodesecure/estree-ast-utils";
|
|
3
|
+
|
|
4
|
+
/**
|
|
5
|
+
* @description Search for AssignmentExpression (Not to be confused with AssignmentPattern).
|
|
6
|
+
*
|
|
7
|
+
* @see https://github.com/estree/estree/blob/master/es5.md#assignmentexpression
|
|
8
|
+
* @example
|
|
9
|
+
* (foo = 5)
|
|
10
|
+
*/
|
|
11
|
+
function validateNode(node) {
|
|
12
|
+
return [
|
|
13
|
+
node.type === "AssignmentExpression"
|
|
14
|
+
];
|
|
15
|
+
}
|
|
16
|
+
|
|
17
|
+
function main(node, options) {
|
|
18
|
+
const { analysis } = options;
|
|
19
|
+
|
|
20
|
+
analysis.idtypes.assignExpr++;
|
|
21
|
+
for (const { name } of getVariableDeclarationIdentifiers(node.left)) {
|
|
22
|
+
analysis.identifiersName.push({ name, type: "assignExpr" });
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
|
|
26
|
+
export default {
|
|
27
|
+
name: "isAssignmentExpression",
|
|
28
|
+
validateNode, main, breakOnMatch: false
|
|
29
|
+
};
|