npm - @oculum/scanner - Versions diffs - 1.0.1 → 1.0.3 - Mend

@oculum/scanner 1.0.1 → 1.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (45) hide show

package/dist/index.d.ts +4 -1
package/dist/index.d.ts.map +1 -1
package/dist/index.js +60 -5
package/dist/index.js.map +1 -1
package/dist/layer1/entropy.d.ts.map +1 -1
package/dist/layer1/entropy.js +6 -4
package/dist/layer1/entropy.js.map +1 -1
package/dist/layer1/index.d.ts +3 -2
package/dist/layer1/index.d.ts.map +1 -1
package/dist/layer1/index.js +22 -2
package/dist/layer1/index.js.map +1 -1
package/dist/layer2/dangerous-functions.d.ts.map +1 -1
package/dist/layer2/dangerous-functions.js +319 -11
package/dist/layer2/dangerous-functions.js.map +1 -1
package/dist/layer2/index.d.ts +3 -2
package/dist/layer2/index.d.ts.map +1 -1
package/dist/layer2/index.js +22 -2
package/dist/layer2/index.js.map +1 -1
package/dist/layer3/anthropic.d.ts +5 -1
package/dist/layer3/anthropic.d.ts.map +1 -1
package/dist/layer3/anthropic.js +50 -1
package/dist/layer3/anthropic.js.map +1 -1
package/dist/layer3/index.d.ts +3 -1
package/dist/layer3/index.d.ts.map +1 -1
package/dist/layer3/index.js +21 -0
package/dist/layer3/index.js.map +1 -1
package/dist/types.d.ts +25 -0
package/dist/types.d.ts.map +1 -1
package/dist/types.js +40 -0
package/dist/types.js.map +1 -1
package/dist/utils/context-helpers.d.ts +12 -0
package/dist/utils/context-helpers.d.ts.map +1 -1
package/dist/utils/context-helpers.js +40 -0
package/dist/utils/context-helpers.js.map +1 -1
package/package.json +4 -2
package/src/index.ts +75 -5
package/src/layer1/entropy.ts +6 -4
package/src/layer1/index.ts +33 -5
package/src/layer2/__tests__/math-random-enhanced.test.ts +405 -0
package/src/layer2/dangerous-functions.ts +368 -11
package/src/layer2/index.ts +31 -5
package/src/layer3/anthropic.ts +55 -1
package/src/layer3/index.ts +27 -2
package/src/types.ts +59 -0
package/src/utils/context-helpers.ts +40 -0

package/src/types.ts CHANGED Viewed

@@ -56,6 +56,61 @@ export interface Vulnerability {
   originalSeverity?: VulnerabilitySeverity // For downgraded findings, the original severity
 }
+/**
+ * Cancellation token for aborting scans gracefully
+ * Allows users to stop long-running scans (Ctrl+C) and get partial results
+ */
+export interface CancellationToken {
+  /** Whether cancellation has been requested */
+  cancelled: boolean
+  /** Reason for cancellation (e.g., "User pressed Ctrl+C") */
+  reason?: string
+  /** Request cancellation */
+  cancel(reason?: string): void
+  /** Register cleanup callback to run when cancelled */
+  onCancel(callback: () => void): void
+}
+/**
+ * Create a new cancellation token
+ *
+ * @example
+ * const token = createCancellationToken()
+ * process.on('SIGINT', () => token.cancel('User interrupted'))
+ * const result = await runScan(files, repo, { cancellationToken: token })
+ */
+export function createCancellationToken(): CancellationToken {
+  const cleanupCallbacks: Array<() => void> = []
+  const token: CancellationToken = {
+    cancelled: false,
+    reason: undefined,
+    cancel(reason?: string) {
+      if (!token.cancelled) {
+        token.cancelled = true
+        token.reason = reason
+        // Run cleanup callbacks
+        cleanupCallbacks.forEach(cb => {
+          try {
+            cb()
+          } catch (e) {
+            // Ignore cleanup errors
+          }
+        })
+      }
+    },
+    onCancel(callback) {
+      if (token.cancelled) {
+        callback() // Already cancelled, run immediately
+      } else {
+        cleanupCallbacks.push(callback)
+      }
+    }
+  }
+  return token
+}
 export interface ScanFile {
   path: string
   content: string
@@ -107,6 +162,10 @@ export interface ScanResult {
     cacheReadTokens: number
     cacheHitRate: number
   }
+  // Cancellation metadata
+  cancelled?: boolean // true if scan was cancelled by user
+  cancelReason?: string // Reason for cancellation (e.g., "User pressed Ctrl+C")
 }
 export interface ScanProgress {

package/src/utils/context-helpers.ts CHANGED Viewed

@@ -201,6 +201,46 @@ export function isClientBundledFile(filePath: string): boolean {
   return clientPatterns.some(pattern => pattern.test(filePath))
 }
+/**
+ * Check if file is a seed or data generation file
+ * These files generate test/demo data and Math.random() usage is acceptable
+ * Used to reduce false positives for Math.random() detection
+ */
+export function isSeedOrDataGenFile(filePath: string): boolean {
+  const patterns = [
+    /\/seed\//i,
+    /\/seeds\//i,
+    /seed-database\.(ts|js)$/i,
+    /\/seeder\./i,
+    /datacreator\.(ts|js)$/i,
+    /\/data\/.*creator/i,
+    /\/fixtures\//i,
+    /\.fixture\./i,
+    /\/generators?\//i,
+    /\/factories\//i,
+    /factory\.(ts|js)$/i,
+  ]
+  return patterns.some(p => p.test(filePath))
+}
+/**
+ * Check if file is educational/intentional vulnerability code
+ * These files (e.g., OWASP Juice Shop) contain intentional vulnerabilities for training
+ * Should be skipped entirely to avoid false positives
+ */
+export function isEducationalVulnerabilityFile(filePath: string): boolean {
+  const patterns = [
+    /\/insecurity\.(ts|js)$/i,
+    /\/vulnerable\.(ts|js)$/i,
+    /\/intentionally-vulnerable/i,
+    /\/security-examples?\//i,
+    /\/vuln-examples?\//i,
+    /\/challenge-\d+/i,  // OWASP Juice Shop challenges
+    /\/exploit-examples?\//i,
+  ]
+  return patterns.some(p => p.test(filePath))
+}
 // ============================================================================
 // Code Line Context Detection
 // ============================================================================