@oculum/scanner 1.0.12 → 1.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/detect/ai-code/agent-tools.d.ts +22 -0
- package/dist/detect/ai-code/agent-tools.d.ts.map +1 -0
- package/dist/detect/ai-code/agent-tools.js +1509 -0
- package/dist/detect/ai-code/agent-tools.js.map +1 -0
- package/dist/detect/ai-code/byok-patterns.d.ts +15 -0
- package/dist/detect/ai-code/byok-patterns.d.ts.map +1 -0
- package/dist/detect/ai-code/byok-patterns.js +313 -0
- package/dist/detect/ai-code/byok-patterns.js.map +1 -0
- package/dist/detect/ai-code/endpoint-protection.d.ts +38 -0
- package/dist/detect/ai-code/endpoint-protection.d.ts.map +1 -0
- package/dist/detect/ai-code/endpoint-protection.js +349 -0
- package/dist/detect/ai-code/endpoint-protection.js.map +1 -0
- package/dist/detect/ai-code/execution-sinks.d.ts +21 -0
- package/dist/detect/ai-code/execution-sinks.d.ts.map +1 -0
- package/dist/detect/ai-code/execution-sinks.js +1158 -0
- package/dist/detect/ai-code/execution-sinks.js.map +1 -0
- package/dist/detect/ai-code/fingerprinting.d.ts +10 -0
- package/dist/detect/ai-code/fingerprinting.d.ts.map +1 -0
- package/dist/detect/ai-code/fingerprinting.js +665 -0
- package/dist/detect/ai-code/fingerprinting.js.map +1 -0
- package/dist/detect/ai-code/index.d.ts +12 -0
- package/dist/detect/ai-code/index.d.ts.map +1 -0
- package/dist/detect/ai-code/index.js +26 -0
- package/dist/detect/ai-code/index.js.map +1 -0
- package/dist/detect/ai-code/mcp-security.d.ts +20 -0
- package/dist/detect/ai-code/mcp-security.d.ts.map +1 -0
- package/dist/detect/ai-code/mcp-security.js +880 -0
- package/dist/detect/ai-code/mcp-security.js.map +1 -0
- package/dist/detect/ai-code/model-supply-chain.d.ts +23 -0
- package/dist/detect/ai-code/model-supply-chain.d.ts.map +1 -0
- package/dist/detect/ai-code/model-supply-chain.js +447 -0
- package/dist/detect/ai-code/model-supply-chain.js.map +1 -0
- package/dist/detect/ai-code/package-hallucination.d.ts +22 -0
- package/dist/detect/ai-code/package-hallucination.d.ts.map +1 -0
- package/dist/detect/ai-code/package-hallucination.js +841 -0
- package/dist/detect/ai-code/package-hallucination.js.map +1 -0
- package/dist/detect/ai-code/prompt-hygiene.d.ts +22 -0
- package/dist/detect/ai-code/prompt-hygiene.d.ts.map +1 -0
- package/dist/detect/ai-code/prompt-hygiene.js +1177 -0
- package/dist/detect/ai-code/prompt-hygiene.js.map +1 -0
- package/dist/detect/ai-code/rag-safety.d.ts +24 -0
- package/dist/detect/ai-code/rag-safety.d.ts.map +1 -0
- package/dist/detect/ai-code/rag-safety.js +913 -0
- package/dist/detect/ai-code/rag-safety.js.map +1 -0
- package/dist/detect/ai-code/schema-validation.d.ts +28 -0
- package/dist/detect/ai-code/schema-validation.d.ts.map +1 -0
- package/dist/detect/ai-code/schema-validation.js +378 -0
- package/dist/detect/ai-code/schema-validation.js.map +1 -0
- package/dist/detect/config/agent-skill-injection.d.ts +27 -0
- package/dist/detect/config/agent-skill-injection.d.ts.map +1 -0
- package/dist/detect/config/agent-skill-injection.js +472 -0
- package/dist/detect/config/agent-skill-injection.js.map +1 -0
- package/dist/detect/config/comments.d.ts +11 -0
- package/dist/detect/config/comments.d.ts.map +1 -0
- package/dist/detect/config/comments.js +206 -0
- package/dist/detect/config/comments.js.map +1 -0
- package/dist/detect/config/file-flags.d.ts +10 -0
- package/dist/detect/config/file-flags.d.ts.map +1 -0
- package/dist/detect/config/file-flags.js +124 -0
- package/dist/detect/config/file-flags.js.map +1 -0
- package/dist/detect/config/index.d.ts +7 -0
- package/dist/detect/config/index.d.ts.map +1 -0
- package/dist/detect/config/index.js +17 -0
- package/dist/detect/config/index.js.map +1 -0
- package/dist/detect/config/osv-check.d.ts +75 -0
- package/dist/detect/config/osv-check.d.ts.map +1 -0
- package/dist/detect/config/osv-check.js +309 -0
- package/dist/detect/config/osv-check.js.map +1 -0
- package/dist/detect/config/package-check.d.ts +63 -0
- package/dist/detect/config/package-check.d.ts.map +1 -0
- package/dist/detect/config/package-check.js +509 -0
- package/dist/detect/config/package-check.js.map +1 -0
- package/dist/detect/config/urls.d.ts +11 -0
- package/dist/detect/config/urls.d.ts.map +1 -0
- package/dist/detect/config/urls.js +450 -0
- package/dist/detect/config/urls.js.map +1 -0
- package/dist/detect/index.d.ts +37 -0
- package/dist/detect/index.d.ts.map +1 -0
- package/dist/detect/index.js +77 -0
- package/dist/detect/index.js.map +1 -0
- package/dist/detect/secrets/config-audit.d.ts +11 -0
- package/dist/detect/secrets/config-audit.d.ts.map +1 -0
- package/dist/detect/secrets/config-audit.js +315 -0
- package/dist/detect/secrets/config-audit.js.map +1 -0
- package/dist/detect/secrets/config-mcp-audit.d.ts +23 -0
- package/dist/detect/secrets/config-mcp-audit.d.ts.map +1 -0
- package/dist/detect/secrets/config-mcp-audit.js +243 -0
- package/dist/detect/secrets/config-mcp-audit.js.map +1 -0
- package/dist/detect/secrets/entropy.d.ts +11 -0
- package/dist/detect/secrets/entropy.d.ts.map +1 -0
- package/dist/detect/secrets/entropy.js +751 -0
- package/dist/detect/secrets/entropy.js.map +1 -0
- package/dist/detect/secrets/index.d.ts +36 -0
- package/dist/detect/secrets/index.d.ts.map +1 -0
- package/dist/detect/secrets/index.js +174 -0
- package/dist/detect/secrets/index.js.map +1 -0
- package/dist/detect/secrets/patterns.d.ts +11 -0
- package/dist/detect/secrets/patterns.d.ts.map +1 -0
- package/dist/detect/secrets/patterns.js +518 -0
- package/dist/detect/secrets/patterns.js.map +1 -0
- package/dist/detect/secrets/weak-crypto.d.ts +10 -0
- package/dist/detect/secrets/weak-crypto.d.ts.map +1 -0
- package/dist/detect/secrets/weak-crypto.js +432 -0
- package/dist/detect/secrets/weak-crypto.js.map +1 -0
- package/dist/detect/structural/auth-patterns.d.ts +22 -0
- package/dist/detect/structural/auth-patterns.d.ts.map +1 -0
- package/dist/detect/structural/auth-patterns.js +533 -0
- package/dist/detect/structural/auth-patterns.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/child-process.d.ts +16 -0
- package/dist/detect/structural/dangerous-functions/child-process.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/child-process.js +74 -0
- package/dist/detect/structural/dangerous-functions/child-process.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/dom-xss.d.ts +34 -0
- package/dist/detect/structural/dangerous-functions/dom-xss.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/dom-xss.js +230 -0
- package/dist/detect/structural/dangerous-functions/dom-xss.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/index.d.ts +16 -0
- package/dist/detect/structural/dangerous-functions/index.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/index.js +1193 -0
- package/dist/detect/structural/dangerous-functions/index.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/json-parse.d.ts +31 -0
- package/dist/detect/structural/dangerous-functions/json-parse.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/json-parse.js +326 -0
- package/dist/detect/structural/dangerous-functions/json-parse.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/math-random.d.ts +111 -0
- package/dist/detect/structural/dangerous-functions/math-random.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/math-random.js +684 -0
- package/dist/detect/structural/dangerous-functions/math-random.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/patterns.d.ts +21 -0
- package/dist/detect/structural/dangerous-functions/patterns.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/patterns.js +163 -0
- package/dist/detect/structural/dangerous-functions/patterns.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/request-validation.d.ts +13 -0
- package/dist/detect/structural/dangerous-functions/request-validation.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/request-validation.js +126 -0
- package/dist/detect/structural/dangerous-functions/request-validation.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts +24 -0
- package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/control-flow.js +70 -0
- package/dist/detect/structural/dangerous-functions/utils/control-flow.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts +31 -0
- package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/helpers.js +147 -0
- package/dist/detect/structural/dangerous-functions/utils/helpers.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/index.d.ts +9 -0
- package/dist/detect/structural/dangerous-functions/utils/index.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/index.js +23 -0
- package/dist/detect/structural/dangerous-functions/utils/index.js.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts +22 -0
- package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts.map +1 -0
- package/dist/detect/structural/dangerous-functions/utils/schema-validation.js +102 -0
- package/dist/detect/structural/dangerous-functions/utils/schema-validation.js.map +1 -0
- package/dist/detect/structural/data-exposure.d.ts +19 -0
- package/dist/detect/structural/data-exposure.d.ts.map +1 -0
- package/dist/detect/structural/data-exposure.js +262 -0
- package/dist/detect/structural/data-exposure.js.map +1 -0
- package/dist/detect/structural/framework-checks.d.ts +10 -0
- package/dist/detect/structural/framework-checks.d.ts.map +1 -0
- package/dist/detect/structural/framework-checks.js +389 -0
- package/dist/detect/structural/framework-checks.js.map +1 -0
- package/dist/detect/structural/index.d.ts +71 -0
- package/dist/detect/structural/index.d.ts.map +1 -0
- package/dist/detect/structural/index.js +510 -0
- package/dist/detect/structural/index.js.map +1 -0
- package/dist/detect/structural/log-injection.d.ts +18 -0
- package/dist/detect/structural/log-injection.d.ts.map +1 -0
- package/dist/detect/structural/log-injection.js +217 -0
- package/dist/detect/structural/log-injection.js.map +1 -0
- package/dist/detect/structural/logic-gates.d.ts +10 -0
- package/dist/detect/structural/logic-gates.d.ts.map +1 -0
- package/dist/detect/structural/logic-gates.js +227 -0
- package/dist/detect/structural/logic-gates.js.map +1 -0
- package/dist/detect/structural/risky-imports.d.ts +10 -0
- package/dist/detect/structural/risky-imports.d.ts.map +1 -0
- package/dist/detect/structural/risky-imports.js +168 -0
- package/dist/detect/structural/risky-imports.js.map +1 -0
- package/dist/detect/structural/security-headers.d.ts +18 -0
- package/dist/detect/structural/security-headers.d.ts.map +1 -0
- package/dist/detect/structural/security-headers.js +196 -0
- package/dist/detect/structural/security-headers.js.map +1 -0
- package/dist/detect/structural/ssrf-detection.d.ts +18 -0
- package/dist/detect/structural/ssrf-detection.d.ts.map +1 -0
- package/dist/detect/structural/ssrf-detection.js +263 -0
- package/dist/detect/structural/ssrf-detection.js.map +1 -0
- package/dist/detect/structural/variables.d.ts +11 -0
- package/dist/detect/structural/variables.d.ts.map +1 -0
- package/dist/detect/structural/variables.js +159 -0
- package/dist/detect/structural/variables.js.map +1 -0
- package/dist/detect/structural/xxe-detection.d.ts +18 -0
- package/dist/detect/structural/xxe-detection.d.ts.map +1 -0
- package/dist/detect/structural/xxe-detection.js +245 -0
- package/dist/detect/structural/xxe-detection.js.map +1 -0
- package/dist/index.d.ts +17 -64
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +49 -1034
- package/dist/index.js.map +1 -1
- package/dist/layer2/framework-checks.d.ts.map +1 -1
- package/dist/layer2/framework-checks.js +1 -8
- package/dist/layer2/framework-checks.js.map +1 -1
- package/dist/layer2/index.d.ts +4 -0
- package/dist/layer2/index.d.ts.map +1 -1
- package/dist/layer2/index.js +50 -1
- package/dist/layer2/index.js.map +1 -1
- package/dist/layer2/log-injection.d.ts +18 -0
- package/dist/layer2/log-injection.d.ts.map +1 -0
- package/dist/layer2/log-injection.js +214 -0
- package/dist/layer2/log-injection.js.map +1 -0
- package/dist/layer2/security-headers.d.ts +18 -0
- package/dist/layer2/security-headers.d.ts.map +1 -0
- package/dist/layer2/security-headers.js +187 -0
- package/dist/layer2/security-headers.js.map +1 -0
- package/dist/layer2/ssrf-detection.d.ts +18 -0
- package/dist/layer2/ssrf-detection.d.ts.map +1 -0
- package/dist/layer2/ssrf-detection.js +252 -0
- package/dist/layer2/ssrf-detection.js.map +1 -0
- package/dist/layer2/xxe-detection.d.ts +18 -0
- package/dist/layer2/xxe-detection.d.ts.map +1 -0
- package/dist/layer2/xxe-detection.js +242 -0
- package/dist/layer2/xxe-detection.js.map +1 -0
- package/dist/layer3/anthropic/prompts/index.d.ts +1 -1
- package/dist/layer3/anthropic/prompts/index.d.ts.map +1 -1
- package/dist/layer3/anthropic/prompts/index.js +3 -1
- package/dist/layer3/anthropic/prompts/index.js.map +1 -1
- package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts +19 -0
- package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/ai-patterns.js +156 -0
- package/dist/layer3/anthropic/prompts/modules/ai-patterns.js.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts +9 -0
- package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/auth-access.js +25 -0
- package/dist/layer3/anthropic/prompts/modules/auth-access.js.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/common.d.ts +11 -0
- package/dist/layer3/anthropic/prompts/modules/common.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/common.js +152 -0
- package/dist/layer3/anthropic/prompts/modules/common.js.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/index.d.ts +54 -0
- package/dist/layer3/anthropic/prompts/modules/index.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/index.js +185 -0
- package/dist/layer3/anthropic/prompts/modules/index.js.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts +8 -0
- package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/owasp-classic.js +84 -0
- package/dist/layer3/anthropic/prompts/modules/owasp-classic.js.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts +8 -0
- package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js +68 -0
- package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts +8 -0
- package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts.map +1 -0
- package/dist/layer3/anthropic/prompts/modules/xss-prompt.js +22 -0
- package/dist/layer3/anthropic/prompts/modules/xss-prompt.js.map +1 -0
- package/dist/layer3/anthropic/prompts/validation.d.ts +9 -3
- package/dist/layer3/anthropic/prompts/validation.d.ts.map +1 -1
- package/dist/layer3/anthropic/prompts/validation.js +14 -410
- package/dist/layer3/anthropic/prompts/validation.js.map +1 -1
- package/dist/layer3/anthropic/providers/anthropic.d.ts.map +1 -1
- package/dist/layer3/anthropic/providers/anthropic.js +6 -3
- package/dist/layer3/anthropic/providers/anthropic.js.map +1 -1
- package/dist/layer3/anthropic/providers/openai.d.ts.map +1 -1
- package/dist/layer3/anthropic/providers/openai.js +6 -3
- package/dist/layer3/anthropic/providers/openai.js.map +1 -1
- package/dist/layer3/anthropic/request-builder.d.ts +11 -4
- package/dist/layer3/anthropic/request-builder.d.ts.map +1 -1
- package/dist/layer3/anthropic/request-builder.js +32 -16
- package/dist/layer3/anthropic/request-builder.js.map +1 -1
- package/dist/layer3/anthropic/utils/context-extractor.d.ts +55 -0
- package/dist/layer3/anthropic/utils/context-extractor.d.ts.map +1 -0
- package/dist/layer3/anthropic/utils/context-extractor.js +161 -0
- package/dist/layer3/anthropic/utils/context-extractor.js.map +1 -0
- package/dist/layer3/anthropic/utils/index.d.ts +2 -0
- package/dist/layer3/anthropic/utils/index.d.ts.map +1 -1
- package/dist/layer3/anthropic/utils/index.js +4 -1
- package/dist/layer3/anthropic/utils/index.js.map +1 -1
- package/dist/model/auth-helper-detector.d.ts +56 -0
- package/dist/model/auth-helper-detector.d.ts.map +1 -0
- package/dist/model/auth-helper-detector.js +360 -0
- package/dist/model/auth-helper-detector.js.map +1 -0
- package/dist/model/cross-file-taint.d.ts +40 -0
- package/dist/model/cross-file-taint.d.ts.map +1 -0
- package/dist/model/cross-file-taint.js +290 -0
- package/dist/model/cross-file-taint.js.map +1 -0
- package/dist/model/framework-models/django.d.ts +9 -0
- package/dist/model/framework-models/django.d.ts.map +1 -0
- package/dist/model/framework-models/django.js +82 -0
- package/dist/model/framework-models/django.js.map +1 -0
- package/dist/model/framework-models/express.d.ts +9 -0
- package/dist/model/framework-models/express.d.ts.map +1 -0
- package/dist/model/framework-models/express.js +52 -0
- package/dist/model/framework-models/express.js.map +1 -0
- package/dist/model/framework-models/index.d.ts +20 -0
- package/dist/model/framework-models/index.d.ts.map +1 -0
- package/dist/model/framework-models/index.js +102 -0
- package/dist/model/framework-models/index.js.map +1 -0
- package/dist/model/framework-models/nextjs.d.ts +9 -0
- package/dist/model/framework-models/nextjs.d.ts.map +1 -0
- package/dist/model/framework-models/nextjs.js +71 -0
- package/dist/model/framework-models/nextjs.js.map +1 -0
- package/dist/model/framework-models/prisma.d.ts +10 -0
- package/dist/model/framework-models/prisma.d.ts.map +1 -0
- package/dist/model/framework-models/prisma.js +54 -0
- package/dist/model/framework-models/prisma.js.map +1 -0
- package/dist/model/framework-models/react.d.ts +9 -0
- package/dist/model/framework-models/react.d.ts.map +1 -0
- package/dist/model/framework-models/react.js +67 -0
- package/dist/model/framework-models/react.js.map +1 -0
- package/dist/model/framework-models/sequelize.d.ts +9 -0
- package/dist/model/framework-models/sequelize.d.ts.map +1 -0
- package/dist/model/framework-models/sequelize.js +62 -0
- package/dist/model/framework-models/sequelize.js.map +1 -0
- package/dist/model/framework-models/types.d.ts +43 -0
- package/dist/model/framework-models/types.d.ts.map +1 -0
- package/dist/model/framework-models/types.js +10 -0
- package/dist/model/framework-models/types.js.map +1 -0
- package/dist/model/function-classifier.d.ts +32 -0
- package/dist/model/function-classifier.d.ts.map +1 -0
- package/dist/model/function-classifier.js +143 -0
- package/dist/model/function-classifier.js.map +1 -0
- package/dist/model/import-resolver.d.ts +45 -0
- package/dist/model/import-resolver.d.ts.map +1 -0
- package/dist/model/import-resolver.js +410 -0
- package/dist/model/import-resolver.js.map +1 -0
- package/dist/model/imported-auth-detector.d.ts +38 -0
- package/dist/model/imported-auth-detector.d.ts.map +1 -0
- package/dist/model/imported-auth-detector.js +199 -0
- package/dist/model/imported-auth-detector.js.map +1 -0
- package/dist/model/index.d.ts +63 -0
- package/dist/model/index.d.ts.map +1 -0
- package/dist/model/index.js +272 -0
- package/dist/model/index.js.map +1 -0
- package/dist/model/middleware-detector.d.ts +55 -0
- package/dist/model/middleware-detector.d.ts.map +1 -0
- package/dist/model/middleware-detector.js +382 -0
- package/dist/model/middleware-detector.js.map +1 -0
- package/dist/model/module-graph.d.ts +46 -0
- package/dist/model/module-graph.d.ts.map +1 -0
- package/dist/model/module-graph.js +187 -0
- package/dist/model/module-graph.js.map +1 -0
- package/dist/model/oauth-flow-detector.d.ts +41 -0
- package/dist/model/oauth-flow-detector.d.ts.map +1 -0
- package/dist/model/oauth-flow-detector.js +202 -0
- package/dist/model/oauth-flow-detector.js.map +1 -0
- package/dist/model/project-context.d.ts +119 -0
- package/dist/model/project-context.d.ts.map +1 -0
- package/dist/model/project-context.js +534 -0
- package/dist/model/project-context.js.map +1 -0
- package/dist/model/route-auth-resolver.d.ts +27 -0
- package/dist/model/route-auth-resolver.d.ts.map +1 -0
- package/dist/model/route-auth-resolver.js +182 -0
- package/dist/model/route-auth-resolver.js.map +1 -0
- package/dist/model/route-discovery/express.d.ts +25 -0
- package/dist/model/route-discovery/express.d.ts.map +1 -0
- package/dist/model/route-discovery/express.js +225 -0
- package/dist/model/route-discovery/express.js.map +1 -0
- package/dist/model/route-discovery/index.d.ts +21 -0
- package/dist/model/route-discovery/index.d.ts.map +1 -0
- package/dist/model/route-discovery/index.js +67 -0
- package/dist/model/route-discovery/index.js.map +1 -0
- package/dist/model/route-discovery/nextjs.d.ts +16 -0
- package/dist/model/route-discovery/nextjs.d.ts.map +1 -0
- package/dist/model/route-discovery/nextjs.js +179 -0
- package/dist/model/route-discovery/nextjs.js.map +1 -0
- package/dist/model/route-discovery/python.d.ts +16 -0
- package/dist/model/route-discovery/python.d.ts.map +1 -0
- package/dist/model/route-discovery/python.js +181 -0
- package/dist/model/route-discovery/python.js.map +1 -0
- package/dist/model/route-discovery/types.d.ts +36 -0
- package/dist/model/route-discovery/types.d.ts.map +1 -0
- package/dist/model/route-discovery/types.js +16 -0
- package/dist/model/route-discovery/types.js.map +1 -0
- package/dist/model/route-discovery/utils.d.ts +18 -0
- package/dist/model/route-discovery/utils.d.ts.map +1 -0
- package/dist/model/route-discovery/utils.js +55 -0
- package/dist/model/route-discovery/utils.js.map +1 -0
- package/dist/model/route-hierarchy.d.ts +50 -0
- package/dist/model/route-hierarchy.d.ts.map +1 -0
- package/dist/model/route-hierarchy.js +226 -0
- package/dist/model/route-hierarchy.js.map +1 -0
- package/dist/model/sanitiser-detection.d.ts +27 -0
- package/dist/model/sanitiser-detection.d.ts.map +1 -0
- package/dist/model/sanitiser-detection.js +224 -0
- package/dist/model/sanitiser-detection.js.map +1 -0
- package/dist/model/sink-matcher.d.ts +17 -0
- package/dist/model/sink-matcher.d.ts.map +1 -0
- package/dist/model/sink-matcher.js +141 -0
- package/dist/model/sink-matcher.js.map +1 -0
- package/dist/model/sink-patterns.d.ts +19 -0
- package/dist/model/sink-patterns.d.ts.map +1 -0
- package/dist/model/sink-patterns.js +88 -0
- package/dist/model/sink-patterns.js.map +1 -0
- package/dist/model/source-discovery.d.ts +15 -0
- package/dist/model/source-discovery.d.ts.map +1 -0
- package/dist/model/source-discovery.js +170 -0
- package/dist/model/source-discovery.js.map +1 -0
- package/dist/model/taint-tracker.d.ts +21 -0
- package/dist/model/taint-tracker.d.ts.map +1 -0
- package/dist/model/taint-tracker.js +281 -0
- package/dist/model/taint-tracker.js.map +1 -0
- package/dist/model/taint-types.d.ts +74 -0
- package/dist/model/taint-types.d.ts.map +1 -0
- package/dist/model/taint-types.js +9 -0
- package/dist/model/taint-types.js.map +1 -0
- package/dist/model/trpc-analyzer.d.ts +78 -0
- package/dist/model/trpc-analyzer.d.ts.map +1 -0
- package/dist/model/trpc-analyzer.js +297 -0
- package/dist/model/trpc-analyzer.js.map +1 -0
- package/dist/parse/file-classifier.d.ts +228 -0
- package/dist/parse/file-classifier.d.ts.map +1 -0
- package/dist/parse/file-classifier.js +933 -0
- package/dist/parse/file-classifier.js.map +1 -0
- package/dist/parse/path-exclusions.d.ts +55 -0
- package/dist/parse/path-exclusions.d.ts.map +1 -0
- package/dist/parse/path-exclusions.js +224 -0
- package/dist/parse/path-exclusions.js.map +1 -0
- package/dist/pipeline/config.d.ts +39 -0
- package/dist/pipeline/config.d.ts.map +1 -0
- package/dist/pipeline/config.js +46 -0
- package/dist/pipeline/config.js.map +1 -0
- package/dist/pipeline/index.d.ts +34 -0
- package/dist/pipeline/index.d.ts.map +1 -0
- package/dist/pipeline/index.js +377 -0
- package/dist/pipeline/index.js.map +1 -0
- package/dist/pipeline/modes/incremental.d.ts +66 -0
- package/dist/pipeline/modes/incremental.d.ts.map +1 -0
- package/dist/pipeline/modes/incremental.js +200 -0
- package/dist/pipeline/modes/incremental.js.map +1 -0
- package/dist/postprocess/aggregation.d.ts +14 -0
- package/dist/postprocess/aggregation.d.ts.map +1 -0
- package/dist/postprocess/aggregation.js +63 -0
- package/dist/postprocess/aggregation.js.map +1 -0
- package/dist/postprocess/contradictions.d.ts +18 -0
- package/dist/postprocess/contradictions.d.ts.map +1 -0
- package/dist/postprocess/contradictions.js +99 -0
- package/dist/postprocess/contradictions.js.map +1 -0
- package/dist/postprocess/dedup.d.ts +13 -0
- package/dist/postprocess/dedup.d.ts.map +1 -0
- package/dist/postprocess/dedup.js +58 -0
- package/dist/postprocess/dedup.js.map +1 -0
- package/dist/postprocess/filtering/context-adjustments.d.ts +23 -0
- package/dist/postprocess/filtering/context-adjustments.d.ts.map +1 -0
- package/dist/postprocess/filtering/context-adjustments.js +100 -0
- package/dist/postprocess/filtering/context-adjustments.js.map +1 -0
- package/dist/postprocess/filtering/index.d.ts +3 -0
- package/dist/postprocess/filtering/index.d.ts.map +1 -0
- package/dist/postprocess/filtering/index.js +8 -0
- package/dist/postprocess/filtering/index.js.map +1 -0
- package/dist/postprocess/filtering/pipeline.d.ts +48 -0
- package/dist/postprocess/filtering/pipeline.d.ts.map +1 -0
- package/dist/postprocess/filtering/pipeline.js +76 -0
- package/dist/postprocess/filtering/pipeline.js.map +1 -0
- package/dist/postprocess/index.d.ts +41 -0
- package/dist/postprocess/index.d.ts.map +1 -0
- package/dist/postprocess/index.js +85 -0
- package/dist/postprocess/index.js.map +1 -0
- package/dist/postprocess/suppression/config-loader.d.ts +74 -0
- package/dist/postprocess/suppression/config-loader.d.ts.map +1 -0
- package/dist/postprocess/suppression/config-loader.js +424 -0
- package/dist/postprocess/suppression/config-loader.js.map +1 -0
- package/dist/postprocess/suppression/hash.d.ts +48 -0
- package/dist/postprocess/suppression/hash.d.ts.map +1 -0
- package/dist/postprocess/suppression/hash.js +88 -0
- package/dist/postprocess/suppression/hash.js.map +1 -0
- package/dist/postprocess/suppression/index.d.ts +11 -0
- package/dist/postprocess/suppression/index.d.ts.map +1 -0
- package/dist/postprocess/suppression/index.js +39 -0
- package/dist/postprocess/suppression/index.js.map +1 -0
- package/dist/postprocess/suppression/inline-parser.d.ts +39 -0
- package/dist/postprocess/suppression/inline-parser.d.ts.map +1 -0
- package/dist/postprocess/suppression/inline-parser.js +218 -0
- package/dist/postprocess/suppression/inline-parser.js.map +1 -0
- package/dist/postprocess/suppression/manager.d.ts +94 -0
- package/dist/postprocess/suppression/manager.d.ts.map +1 -0
- package/dist/postprocess/suppression/manager.js +292 -0
- package/dist/postprocess/suppression/manager.js.map +1 -0
- package/dist/postprocess/suppression/types.d.ts +151 -0
- package/dist/postprocess/suppression/types.d.ts.map +1 -0
- package/dist/postprocess/suppression/types.js +28 -0
- package/dist/postprocess/suppression/types.js.map +1 -0
- package/dist/postprocess/validation-cap.d.ts +17 -0
- package/dist/postprocess/validation-cap.d.ts.map +1 -0
- package/dist/postprocess/validation-cap.js +64 -0
- package/dist/postprocess/validation-cap.js.map +1 -0
- package/dist/report/build-result.d.ts +33 -0
- package/dist/report/build-result.d.ts.map +1 -0
- package/dist/report/build-result.js +59 -0
- package/dist/report/build-result.js.map +1 -0
- package/dist/report/enrichment.d.ts +19 -0
- package/dist/report/enrichment.d.ts.map +1 -0
- package/dist/report/enrichment.js +44 -0
- package/dist/report/enrichment.js.map +1 -0
- package/dist/report/formatters/ai-context.d.ts +23 -0
- package/dist/report/formatters/ai-context.d.ts.map +1 -0
- package/dist/report/formatters/ai-context.js +238 -0
- package/dist/report/formatters/ai-context.js.map +1 -0
- package/dist/report/formatters/cli-terminal.d.ts +65 -0
- package/dist/report/formatters/cli-terminal.d.ts.map +1 -0
- package/dist/report/formatters/cli-terminal.js +735 -0
- package/dist/report/formatters/cli-terminal.js.map +1 -0
- package/dist/report/formatters/github-comment.d.ts +41 -0
- package/dist/report/formatters/github-comment.d.ts.map +1 -0
- package/dist/report/formatters/github-comment.js +370 -0
- package/dist/report/formatters/github-comment.js.map +1 -0
- package/dist/report/formatters/grouping.d.ts +52 -0
- package/dist/report/formatters/grouping.d.ts.map +1 -0
- package/dist/report/formatters/grouping.js +152 -0
- package/dist/report/formatters/grouping.js.map +1 -0
- package/dist/report/formatters/ide/claude-code.d.ts +17 -0
- package/dist/report/formatters/ide/claude-code.d.ts.map +1 -0
- package/dist/report/formatters/ide/claude-code.js +94 -0
- package/dist/report/formatters/ide/claude-code.js.map +1 -0
- package/dist/report/formatters/ide/cursor.d.ts +13 -0
- package/dist/report/formatters/ide/cursor.d.ts.map +1 -0
- package/dist/report/formatters/ide/cursor.js +125 -0
- package/dist/report/formatters/ide/cursor.js.map +1 -0
- package/dist/report/formatters/ide/index.d.ts +62 -0
- package/dist/report/formatters/ide/index.d.ts.map +1 -0
- package/dist/report/formatters/ide/index.js +184 -0
- package/dist/report/formatters/ide/index.js.map +1 -0
- package/dist/report/formatters/ide/windsurf.d.ts +13 -0
- package/dist/report/formatters/ide/windsurf.d.ts.map +1 -0
- package/dist/report/formatters/ide/windsurf.js +117 -0
- package/dist/report/formatters/ide/windsurf.js.map +1 -0
- package/dist/report/formatters/index.d.ts +11 -0
- package/dist/report/formatters/index.d.ts.map +1 -0
- package/dist/report/formatters/index.js +54 -0
- package/dist/report/formatters/index.js.map +1 -0
- package/dist/report/formatters/vscode-diagnostic.d.ts +103 -0
- package/dist/report/formatters/vscode-diagnostic.d.ts.map +1 -0
- package/dist/report/formatters/vscode-diagnostic.js +151 -0
- package/dist/report/formatters/vscode-diagnostic.js.map +1 -0
- package/dist/report/summary.d.ts +27 -0
- package/dist/report/summary.d.ts.map +1 -0
- package/dist/report/summary.js +57 -0
- package/dist/report/summary.js.map +1 -0
- package/dist/rules/metadata.d.ts.map +1 -1
- package/dist/rules/metadata.js +66 -0
- package/dist/rules/metadata.js.map +1 -1
- package/dist/score/adjustments.d.ts +22 -0
- package/dist/score/adjustments.d.ts.map +1 -0
- package/dist/score/adjustments.js +373 -0
- package/dist/score/adjustments.js.map +1 -0
- package/dist/score/auto-dismiss.d.ts +28 -0
- package/dist/score/auto-dismiss.d.ts.map +1 -0
- package/dist/score/auto-dismiss.js +200 -0
- package/dist/score/auto-dismiss.js.map +1 -0
- package/dist/score/confidence.d.ts +19 -0
- package/dist/score/confidence.d.ts.map +1 -0
- package/dist/score/confidence.js +52 -0
- package/dist/score/confidence.js.map +1 -0
- package/dist/score/index.d.ts +61 -0
- package/dist/score/index.d.ts.map +1 -0
- package/dist/score/index.js +250 -0
- package/dist/score/index.js.map +1 -0
- package/dist/score/types.d.ts +160 -0
- package/dist/score/types.d.ts.map +1 -0
- package/dist/score/types.js +14 -0
- package/dist/score/types.js.map +1 -0
- package/dist/shared/ai-context/index.d.ts +6 -0
- package/dist/shared/ai-context/index.d.ts.map +1 -0
- package/dist/shared/ai-context/index.js +13 -0
- package/dist/shared/ai-context/index.js.map +1 -0
- package/dist/shared/ai-context/manager.d.ts +67 -0
- package/dist/shared/ai-context/manager.d.ts.map +1 -0
- package/dist/shared/ai-context/manager.js +104 -0
- package/dist/shared/ai-context/manager.js.map +1 -0
- package/dist/shared/baseline/diff.d.ts +32 -0
- package/dist/shared/baseline/diff.d.ts.map +1 -0
- package/dist/shared/baseline/diff.js +119 -0
- package/dist/shared/baseline/diff.js.map +1 -0
- package/dist/shared/baseline/index.d.ts +9 -0
- package/dist/shared/baseline/index.d.ts.map +1 -0
- package/dist/shared/baseline/index.js +19 -0
- package/dist/shared/baseline/index.js.map +1 -0
- package/dist/shared/baseline/manager.d.ts +67 -0
- package/dist/shared/baseline/manager.d.ts.map +1 -0
- package/dist/shared/baseline/manager.js +180 -0
- package/dist/shared/baseline/manager.js.map +1 -0
- package/dist/shared/baseline/types.d.ts +91 -0
- package/dist/shared/baseline/types.d.ts.map +1 -0
- package/dist/shared/baseline/types.js +12 -0
- package/dist/shared/baseline/types.js.map +1 -0
- package/dist/shared/category-filter.d.ts +125 -0
- package/dist/shared/category-filter.d.ts.map +1 -0
- package/dist/shared/category-filter.js +360 -0
- package/dist/shared/category-filter.js.map +1 -0
- package/dist/shared/code-analysis.d.ts +39 -0
- package/dist/shared/code-analysis.d.ts.map +1 -0
- package/dist/shared/code-analysis.js +159 -0
- package/dist/shared/code-analysis.js.map +1 -0
- package/dist/shared/comment-analyzer.d.ts +38 -0
- package/dist/shared/comment-analyzer.d.ts.map +1 -0
- package/dist/shared/comment-analyzer.js +218 -0
- package/dist/shared/comment-analyzer.js.map +1 -0
- package/dist/shared/diff-detector.d.ts +53 -0
- package/dist/shared/diff-detector.d.ts.map +1 -0
- package/dist/shared/diff-detector.js +104 -0
- package/dist/shared/diff-detector.js.map +1 -0
- package/dist/shared/diff-parser.d.ts +80 -0
- package/dist/shared/diff-parser.d.ts.map +1 -0
- package/dist/shared/diff-parser.js +202 -0
- package/dist/shared/diff-parser.js.map +1 -0
- package/dist/shared/environment-context.d.ts +76 -0
- package/dist/shared/environment-context.d.ts.map +1 -0
- package/dist/shared/environment-context.js +271 -0
- package/dist/shared/environment-context.js.map +1 -0
- package/dist/shared/intent-detector.d.ts +66 -0
- package/dist/shared/intent-detector.d.ts.map +1 -0
- package/dist/shared/intent-detector.js +282 -0
- package/dist/shared/intent-detector.js.map +1 -0
- package/dist/shared/parsed-file.d.ts +51 -0
- package/dist/shared/parsed-file.d.ts.map +1 -0
- package/dist/shared/parsed-file.js +95 -0
- package/dist/shared/parsed-file.js.map +1 -0
- package/dist/shared/registry-clients.d.ts +93 -0
- package/dist/shared/registry-clients.d.ts.map +1 -0
- package/dist/shared/registry-clients.js +273 -0
- package/dist/shared/registry-clients.js.map +1 -0
- package/dist/shared/rules/framework-fixes.d.ts +48 -0
- package/dist/shared/rules/framework-fixes.d.ts.map +1 -0
- package/dist/shared/rules/framework-fixes.js +439 -0
- package/dist/shared/rules/framework-fixes.js.map +1 -0
- package/dist/shared/rules/index.d.ts +8 -0
- package/dist/shared/rules/index.d.ts.map +1 -0
- package/dist/shared/rules/index.js +18 -0
- package/dist/shared/rules/index.js.map +1 -0
- package/dist/shared/rules/metadata.d.ts +43 -0
- package/dist/shared/rules/metadata.d.ts.map +1 -0
- package/dist/shared/rules/metadata.js +819 -0
- package/dist/shared/rules/metadata.js.map +1 -0
- package/dist/shared/schema-semantics.d.ts +45 -0
- package/dist/shared/schema-semantics.d.ts.map +1 -0
- package/dist/shared/schema-semantics.js +193 -0
- package/dist/shared/schema-semantics.js.map +1 -0
- package/dist/shared/types.d.ts +337 -0
- package/dist/shared/types.d.ts.map +1 -0
- package/dist/shared/types.js +126 -0
- package/dist/shared/types.js.map +1 -0
- package/dist/tiers.d.ts +2 -2
- package/dist/tiers.d.ts.map +1 -1
- package/dist/tiers.js +10 -0
- package/dist/tiers.js.map +1 -1
- package/dist/types.d.ts +1 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/dist/validate/clients.d.ts +44 -0
- package/dist/validate/clients.d.ts.map +1 -0
- package/dist/validate/clients.js +81 -0
- package/dist/validate/clients.js.map +1 -0
- package/dist/validate/index.d.ts +41 -0
- package/dist/validate/index.d.ts.map +1 -0
- package/dist/validate/index.js +141 -0
- package/dist/validate/index.js.map +1 -0
- package/dist/validate/prompts/index.d.ts +8 -0
- package/dist/validate/prompts/index.d.ts.map +1 -0
- package/dist/validate/prompts/index.js +16 -0
- package/dist/validate/prompts/index.js.map +1 -0
- package/dist/validate/prompts/modules/ai-patterns.d.ts +19 -0
- package/dist/validate/prompts/modules/ai-patterns.d.ts.map +1 -0
- package/dist/validate/prompts/modules/ai-patterns.js +156 -0
- package/dist/validate/prompts/modules/ai-patterns.js.map +1 -0
- package/dist/validate/prompts/modules/auth-access.d.ts +9 -0
- package/dist/validate/prompts/modules/auth-access.d.ts.map +1 -0
- package/dist/validate/prompts/modules/auth-access.js +25 -0
- package/dist/validate/prompts/modules/auth-access.js.map +1 -0
- package/dist/validate/prompts/modules/common.d.ts +11 -0
- package/dist/validate/prompts/modules/common.d.ts.map +1 -0
- package/dist/validate/prompts/modules/common.js +186 -0
- package/dist/validate/prompts/modules/common.js.map +1 -0
- package/dist/validate/prompts/modules/index.d.ts +54 -0
- package/dist/validate/prompts/modules/index.d.ts.map +1 -0
- package/dist/validate/prompts/modules/index.js +186 -0
- package/dist/validate/prompts/modules/index.js.map +1 -0
- package/dist/validate/prompts/modules/owasp-classic.d.ts +8 -0
- package/dist/validate/prompts/modules/owasp-classic.d.ts.map +1 -0
- package/dist/validate/prompts/modules/owasp-classic.js +84 -0
- package/dist/validate/prompts/modules/owasp-classic.js.map +1 -0
- package/dist/validate/prompts/modules/secrets-crypto.d.ts +8 -0
- package/dist/validate/prompts/modules/secrets-crypto.d.ts.map +1 -0
- package/dist/validate/prompts/modules/secrets-crypto.js +68 -0
- package/dist/validate/prompts/modules/secrets-crypto.js.map +1 -0
- package/dist/validate/prompts/modules/xss-prompt.d.ts +8 -0
- package/dist/validate/prompts/modules/xss-prompt.d.ts.map +1 -0
- package/dist/validate/prompts/modules/xss-prompt.js +22 -0
- package/dist/validate/prompts/modules/xss-prompt.js.map +1 -0
- package/dist/validate/prompts/semantic-analysis.d.ts +15 -0
- package/dist/validate/prompts/semantic-analysis.d.ts.map +1 -0
- package/dist/validate/prompts/semantic-analysis.js +169 -0
- package/dist/validate/prompts/semantic-analysis.js.map +1 -0
- package/dist/validate/prompts/validation.d.ts +18 -0
- package/dist/validate/prompts/validation.d.ts.map +1 -0
- package/dist/validate/prompts/validation.js +25 -0
- package/dist/validate/prompts/validation.js.map +1 -0
- package/dist/validate/providers/anthropic.d.ts +17 -0
- package/dist/validate/providers/anthropic.d.ts.map +1 -0
- package/dist/validate/providers/anthropic.js +260 -0
- package/dist/validate/providers/anthropic.js.map +1 -0
- package/dist/validate/providers/index.d.ts +8 -0
- package/dist/validate/providers/index.d.ts.map +1 -0
- package/dist/validate/providers/index.js +13 -0
- package/dist/validate/providers/index.js.map +1 -0
- package/dist/validate/providers/openai.d.ts +14 -0
- package/dist/validate/providers/openai.d.ts.map +1 -0
- package/dist/validate/providers/openai.js +336 -0
- package/dist/validate/providers/openai.js.map +1 -0
- package/dist/validate/request-builder.d.ts +61 -0
- package/dist/validate/request-builder.d.ts.map +1 -0
- package/dist/validate/request-builder.js +346 -0
- package/dist/validate/request-builder.js.map +1 -0
- package/dist/validate/types.d.ts +88 -0
- package/dist/validate/types.d.ts.map +1 -0
- package/dist/validate/types.js +38 -0
- package/dist/validate/types.js.map +1 -0
- package/dist/validate/utils/context-extractor.d.ts +55 -0
- package/dist/validate/utils/context-extractor.d.ts.map +1 -0
- package/dist/validate/utils/context-extractor.js +161 -0
- package/dist/validate/utils/context-extractor.js.map +1 -0
- package/dist/validate/utils/index.d.ts +11 -0
- package/dist/validate/utils/index.d.ts.map +1 -0
- package/dist/validate/utils/index.js +27 -0
- package/dist/validate/utils/index.js.map +1 -0
- package/dist/validate/utils/path-helpers.d.ts +21 -0
- package/dist/validate/utils/path-helpers.d.ts.map +1 -0
- package/dist/validate/utils/path-helpers.js +69 -0
- package/dist/validate/utils/path-helpers.js.map +1 -0
- package/dist/validate/utils/response-parser.d.ts +40 -0
- package/dist/validate/utils/response-parser.d.ts.map +1 -0
- package/dist/validate/utils/response-parser.js +286 -0
- package/dist/validate/utils/response-parser.js.map +1 -0
- package/dist/validate/utils/retry.d.ts +15 -0
- package/dist/validate/utils/retry.d.ts.map +1 -0
- package/dist/validate/utils/retry.js +62 -0
- package/dist/validate/utils/retry.js.map +1 -0
- package/package.json +8 -7
- package/src/__tests__/benchmark/fixtures/layer1/agent-skill-injection.ts +204 -0
- package/src/__tests__/benchmark/fixtures/layer1/index.ts +3 -0
- package/src/__tests__/benchmark/fixtures/layer2/index.ts +15 -0
- package/src/__tests__/benchmark/fixtures/layer2/log-injection.ts +147 -0
- package/src/__tests__/benchmark/fixtures/layer2/security-headers.ts +197 -0
- package/src/__tests__/benchmark/fixtures/layer2/ssrf-detection.ts +210 -0
- package/src/__tests__/benchmark/fixtures/layer2/xxe-detection.ts +195 -0
- package/src/__tests__/benchmark/run-depth-validation.ts +3 -3
- package/src/__tests__/benchmark/run-real-world-test.ts +4 -4
- package/src/__tests__/benchmark/types.ts +1 -1
- package/src/__tests__/benchmark/utils/test-runner.ts +3 -3
- package/src/__tests__/category-filter.test.ts +2 -2
- package/src/__tests__/context-engine/cross-file-taint.test.ts +284 -0
- package/src/__tests__/context-engine/framework-models.test.ts +457 -0
- package/src/__tests__/context-engine/function-classifier.test.ts +146 -0
- package/src/__tests__/context-engine/import-resolver.test.ts +328 -0
- package/src/__tests__/context-engine/integration.test.ts +320 -0
- package/src/__tests__/context-engine/module-graph.test.ts +159 -0
- package/src/__tests__/context-engine/route-discovery/auth-resolver.test.ts +353 -0
- package/src/__tests__/context-engine/route-discovery/express.test.ts +150 -0
- package/src/__tests__/context-engine/route-discovery/nextjs.test.ts +138 -0
- package/src/__tests__/context-engine/route-discovery/python.test.ts +95 -0
- package/src/__tests__/context-engine/sanitiser-detection.test.ts +187 -0
- package/src/__tests__/context-engine/sink-matcher.test.ts +251 -0
- package/src/__tests__/context-engine/source-discovery.test.ts +186 -0
- package/src/__tests__/context-engine/taint-tracker.test.ts +182 -0
- package/src/__tests__/regression/agent-skill-benign.test.ts +174 -0
- package/src/__tests__/regression/known-false-positives.test.ts +312 -4
- package/src/__tests__/score/adjustments.test.ts +385 -0
- package/src/__tests__/score/confidence.test.ts +283 -0
- package/src/__tests__/score/framework-scoring.test.ts +275 -0
- package/src/__tests__/score/route-scoring.test.ts +156 -0
- package/src/__tests__/score/scoring-integration.test.ts +165 -0
- package/src/__tests__/score/taint-adjustments.test.ts +244 -0
- package/src/__tests__/snapshots/__snapshots__/anthropic-validation-refactor.test.ts.snap +37 -49
- package/src/__tests__/snapshots/__snapshots__/dangerous-functions-refactor.test.ts.snap +52 -0
- package/src/__tests__/snapshots/__snapshots__/scan-depth.test.ts.snap +3 -3
- package/src/__tests__/snapshots/anthropic-validation-refactor.test.ts +2 -2
- package/src/__tests__/snapshots/dangerous-functions-refactor.test.ts +1 -1
- package/src/__tests__/snapshots/scan-depth.test.ts +3 -3
- package/src/__tests__/validate/route-annotations.test.ts +138 -0
- package/src/__tests__/validation/analyze-results.ts +1 -1
- package/src/__tests__/validation/extract-for-triage.ts +1 -1
- package/src/__tests__/validation/fp-deep-analysis.ts +1 -1
- package/src/{layer2/ai-agent-tools.ts → detect/ai-code/agent-tools.ts} +23 -3
- package/src/{layer2 → detect/ai-code}/byok-patterns.ts +17 -5
- package/src/{layer2/ai-endpoint-protection.ts → detect/ai-code/endpoint-protection.ts} +8 -4
- package/src/{layer2/ai-execution-sinks.ts → detect/ai-code/execution-sinks.ts} +8 -4
- package/src/{layer2/ai-fingerprinting.ts → detect/ai-code/fingerprinting.ts} +20 -4
- package/src/detect/ai-code/index.ts +11 -0
- package/src/{layer2/ai-mcp-security.ts → detect/ai-code/mcp-security.ts} +7 -3
- package/src/{layer2 → detect/ai-code}/model-supply-chain.ts +7 -3
- package/src/{layer2/ai-package-hallucination.ts → detect/ai-code/package-hallucination.ts} +18 -3
- package/src/{layer2/ai-prompt-hygiene.ts → detect/ai-code/prompt-hygiene.ts} +25 -3
- package/src/{layer2/ai-rag-safety.ts → detect/ai-code/rag-safety.ts} +7 -3
- package/src/{layer2/ai-schema-validation.ts → detect/ai-code/schema-validation.ts} +7 -3
- package/src/detect/config/agent-skill-injection.ts +551 -0
- package/src/{layer1 → detect/config}/comments.ts +6 -2
- package/src/{layer1 → detect/config}/file-flags.ts +9 -3
- package/src/detect/config/index.ts +6 -0
- package/src/{layer3 → detect/config}/osv-check.ts +3 -2
- package/src/{layer3 → detect/config}/package-check.ts +3 -2
- package/src/{layer1 → detect/config}/urls.ts +12 -5
- package/src/detect/index.ts +131 -0
- package/src/{layer1 → detect/secrets}/config-audit.ts +7 -2
- package/src/{layer1 → detect/secrets}/config-mcp-audit.ts +8 -3
- package/src/{layer1 → detect/secrets}/entropy.ts +23 -11
- package/src/{layer1 → detect/secrets}/index.ts +31 -30
- package/src/{layer1 → detect/secrets}/patterns.ts +10 -3
- package/src/{layer1 → detect/secrets}/weak-crypto.ts +7 -2
- package/src/{layer2/auth-antipatterns.ts → detect/structural/auth-patterns.ts} +23 -11
- package/src/{layer2 → detect/structural}/dangerous-functions/dom-xss.ts +1 -1
- package/src/{layer2 → detect/structural}/dangerous-functions/index.ts +47 -24
- package/src/{layer2 → detect/structural}/dangerous-functions/json-parse.ts +10 -2
- package/src/{layer2 → detect/structural}/dangerous-functions/math-random.ts +2 -2
- package/src/{layer2 → detect/structural}/dangerous-functions/patterns.ts +1 -1
- package/src/{layer2 → detect/structural}/dangerous-functions/request-validation.ts +10 -2
- package/src/{layer2 → detect/structural}/dangerous-functions/utils/control-flow.ts +2 -2
- package/src/{layer2 → detect/structural}/data-exposure.ts +11 -3
- package/src/{layer2 → detect/structural}/framework-checks.ts +10 -11
- package/src/{layer2 → detect/structural}/index.ts +80 -77
- package/src/detect/structural/log-injection.ts +254 -0
- package/src/{layer2 → detect/structural}/logic-gates.ts +13 -5
- package/src/{layer2 → detect/structural}/risky-imports.ts +7 -3
- package/src/detect/structural/security-headers.ts +231 -0
- package/src/detect/structural/ssrf-detection.ts +300 -0
- package/src/{layer2 → detect/structural}/variables.ts +7 -3
- package/src/detect/structural/xxe-detection.ts +295 -0
- package/src/index.ts +39 -1291
- package/src/{utils → model}/auth-helper-detector.ts +1 -1
- package/src/model/cross-file-taint.ts +374 -0
- package/src/model/framework-models/django.ts +82 -0
- package/src/model/framework-models/express.ts +54 -0
- package/src/model/framework-models/index.ts +116 -0
- package/src/model/framework-models/nextjs.ts +69 -0
- package/src/model/framework-models/prisma.ts +57 -0
- package/src/model/framework-models/react.ts +63 -0
- package/src/model/framework-models/sequelize.ts +63 -0
- package/src/model/framework-models/types.ts +46 -0
- package/src/model/function-classifier.ts +184 -0
- package/src/model/import-resolver.ts +453 -0
- package/src/{utils → model}/imported-auth-detector.ts +21 -85
- package/src/model/index.ts +353 -0
- package/src/{utils → model}/middleware-detector.ts +156 -17
- package/src/model/module-graph.ts +254 -0
- package/src/{utils → model}/oauth-flow-detector.ts +1 -1
- package/src/{utils/project-context-builder.ts → model/project-context.ts} +1 -1
- package/src/model/route-auth-resolver.ts +216 -0
- package/src/model/route-discovery/express.ts +251 -0
- package/src/model/route-discovery/index.ts +83 -0
- package/src/model/route-discovery/nextjs.ts +216 -0
- package/src/model/route-discovery/python.ts +214 -0
- package/src/model/route-discovery/types.ts +48 -0
- package/src/model/route-discovery/utils.ts +54 -0
- package/src/model/sanitiser-detection.ts +268 -0
- package/src/model/sink-matcher.ts +178 -0
- package/src/model/sink-patterns.ts +109 -0
- package/src/model/source-discovery.ts +209 -0
- package/src/model/taint-tracker.ts +333 -0
- package/src/model/taint-types.ts +149 -0
- package/src/{utils → model}/trpc-analyzer.ts +1 -1
- package/src/{utils/context-helpers.ts → parse/file-classifier.ts} +54 -0
- package/src/{utils → parse}/path-exclusions.ts +1 -1
- package/src/pipeline/config.ts +81 -0
- package/src/pipeline/index.ts +437 -0
- package/src/{modes → pipeline/modes}/incremental.ts +5 -5
- package/src/postprocess/aggregation.ts +74 -0
- package/src/postprocess/contradictions.ts +128 -0
- package/src/postprocess/dedup.ts +62 -0
- package/src/{filtering → postprocess/filtering}/__tests__/pipeline.test.ts +1 -1
- package/src/{filtering → postprocess/filtering}/context-adjustments.ts +2 -2
- package/src/{filtering → postprocess/filtering}/pipeline.ts +2 -2
- package/src/postprocess/index.ts +118 -0
- package/src/{suppression → postprocess/suppression}/config-loader.ts +1 -1
- package/src/{suppression → postprocess/suppression}/hash.ts +1 -1
- package/src/{suppression → postprocess/suppression}/inline-parser.ts +1 -1
- package/src/{suppression → postprocess/suppression}/manager.ts +1 -1
- package/src/{suppression → postprocess/suppression}/types.ts +2 -2
- package/src/postprocess/validation-cap.ts +66 -0
- package/src/report/build-result.ts +94 -0
- package/src/report/enrichment.ts +52 -0
- package/src/{formatters → report/formatters}/ai-context.ts +1 -1
- package/src/{formatters → report/formatters}/cli-terminal.ts +11 -11
- package/src/{formatters → report/formatters}/github-comment.ts +1 -1
- package/src/{formatters → report/formatters}/grouping.ts +8 -8
- package/src/{formatters → report/formatters}/ide/claude-code.ts +1 -1
- package/src/{formatters → report/formatters}/ide/cursor.ts +1 -1
- package/src/{formatters → report/formatters}/ide/windsurf.ts +1 -1
- package/src/{formatters → report/formatters}/vscode-diagnostic.ts +1 -1
- package/src/report/summary.ts +70 -0
- package/src/score/adjustments.ts +387 -0
- package/src/{layer3/anthropic → score}/auto-dismiss.ts +15 -14
- package/src/score/confidence.ts +66 -0
- package/src/score/index.ts +316 -0
- package/src/score/types.ts +187 -0
- package/src/{baseline → shared/baseline}/__tests__/diff.test.ts +2 -2
- package/src/{baseline → shared/baseline}/diff.ts +1 -1
- package/src/{baseline → shared/baseline}/manager.ts +1 -1
- package/src/{category-filter.ts → shared/category-filter.ts} +1 -1
- package/src/{utils → shared}/code-analysis.ts +1 -1
- package/src/{rules → shared/rules}/__tests__/metadata.test.ts +7 -0
- package/src/{rules → shared/rules}/framework-fixes.ts +1 -1
- package/src/{rules → shared/rules}/metadata.ts +94 -0
- package/src/{types.ts → shared/types.ts} +22 -5
- package/src/tiers.ts +18 -1
- package/src/validate/__tests__/context-extractor.test.ts +191 -0
- package/src/validate/__tests__/prompt-assembly.test.ts +233 -0
- package/src/validate/__tests__/request-builder.test.ts +347 -0
- package/src/{layer3/anthropic → validate}/index.ts +8 -7
- package/src/{layer3/anthropic → validate}/prompts/index.ts +2 -0
- package/src/validate/prompts/modules/ai-patterns.ts +153 -0
- package/src/validate/prompts/modules/auth-access.ts +22 -0
- package/src/validate/prompts/modules/common.ts +183 -0
- package/src/validate/prompts/modules/index.ts +204 -0
- package/src/validate/prompts/modules/owasp-classic.ts +81 -0
- package/src/validate/prompts/modules/secrets-crypto.ts +65 -0
- package/src/validate/prompts/modules/xss-prompt.ts +19 -0
- package/src/validate/prompts/validation.ts +20 -0
- package/src/{layer3/anthropic → validate}/providers/anthropic.ts +28 -27
- package/src/validate/providers/index.ts +8 -0
- package/src/{layer3/anthropic → validate}/providers/openai.ts +30 -25
- package/src/validate/request-builder.ts +448 -0
- package/src/{layer3/anthropic → validate}/types.ts +1 -1
- package/src/validate/utils/context-extractor.ts +220 -0
- package/src/{layer3/anthropic → validate}/utils/index.ts +10 -0
- package/src/{layer3/anthropic → validate}/utils/response-parser.ts +2 -1
- package/src/layer3/anthropic/prompts/validation.ts +0 -419
- package/src/layer3/anthropic/providers/index.ts +0 -8
- package/src/layer3/anthropic/request-builder.ts +0 -150
- package/src/layer3/index.ts +0 -168
- /package/src/{layer3 → detect/config}/__tests__/osv-check.test.ts +0 -0
- /package/src/{layer2 → detect/structural}/__tests__/math-random-enhanced.test.ts +0 -0
- /package/src/{layer2 → detect/structural}/dangerous-functions/child-process.ts +0 -0
- /package/src/{layer2 → detect/structural}/dangerous-functions/utils/helpers.ts +0 -0
- /package/src/{layer2 → detect/structural}/dangerous-functions/utils/index.ts +0 -0
- /package/src/{layer2 → detect/structural}/dangerous-functions/utils/schema-validation.ts +0 -0
- /package/src/{utils → model}/route-hierarchy.ts +0 -0
- /package/src/{filtering → postprocess/filtering}/index.ts +0 -0
- /package/src/{suppression → postprocess/suppression}/__tests__/config-loader.test.ts +0 -0
- /package/src/{suppression → postprocess/suppression}/__tests__/hash.test.ts +0 -0
- /package/src/{suppression → postprocess/suppression}/__tests__/inline-parser.test.ts +0 -0
- /package/src/{suppression → postprocess/suppression}/__tests__/manager.test.ts +0 -0
- /package/src/{suppression → postprocess/suppression}/index.ts +0 -0
- /package/src/{formatters → report/formatters}/__tests__/ai-context.test.ts +0 -0
- /package/src/{formatters → report/formatters}/ide/__tests__/ide.test.ts +0 -0
- /package/src/{formatters → report/formatters}/ide/index.ts +0 -0
- /package/src/{formatters → report/formatters}/index.ts +0 -0
- /package/src/{utils → shared}/__tests__/code-analysis.test.ts +0 -0
- /package/src/{utils → shared}/__tests__/parsed-file.test.ts +0 -0
- /package/src/{ai-context → shared/ai-context}/__tests__/manager.test.ts +0 -0
- /package/src/{ai-context → shared/ai-context}/index.ts +0 -0
- /package/src/{ai-context → shared/ai-context}/manager.ts +0 -0
- /package/src/{baseline → shared/baseline}/__tests__/manager.test.ts +0 -0
- /package/src/{baseline → shared/baseline}/index.ts +0 -0
- /package/src/{baseline → shared/baseline}/types.ts +0 -0
- /package/src/{utils → shared}/comment-analyzer.ts +0 -0
- /package/src/{utils → shared}/diff-detector.ts +0 -0
- /package/src/{utils → shared}/diff-parser.ts +0 -0
- /package/src/{utils → shared}/environment-context.ts +0 -0
- /package/src/{utils → shared}/intent-detector.ts +0 -0
- /package/src/{utils → shared}/parsed-file.ts +0 -0
- /package/src/{utils → shared}/registry-clients.ts +0 -0
- /package/src/{rules → shared/rules}/__tests__/framework-fixes.test.ts +0 -0
- /package/src/{rules → shared/rules}/index.ts +0 -0
- /package/src/{utils → shared}/schema-semantics.ts +0 -0
- /package/src/{layer3/anthropic → validate}/clients.ts +0 -0
- /package/src/{layer3/anthropic → validate}/prompts/semantic-analysis.ts +0 -0
- /package/src/{layer3/anthropic → validate}/utils/path-helpers.ts +0 -0
- /package/src/{layer3/anthropic → validate}/utils/retry.ts +0 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"math-random.js","sourceRoot":"","sources":["../../../../src/detect/structural/dangerous-functions/math-random.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAuBH,4DAkCC;AAcD,8CAeC;AAOD,oDAmGC;AAMD,wDAiDC;AAMD,wDAgFC;AASD,sEAkBC;AASD,4DAqGC;AAMD,4DAiFC;AAMD,0CAcC;AAMD,gEAuDC;AAWD,wEAsBC;AAMD,oDA0GC;AA7wBD,oEAIuC;AAEvC,uDAA6D;AAE7D;;;;;;;;;;;;GAYG;AACH,SAAgB,wBAAwB,CACtC,OAAe,EACf,UAAkB,EAClB,KAAgB;IAEhB,MAAM,MAAM,GAAG,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;IACnD,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEnD,mDAAmD;IACnD,MAAM,cAAc,GAAG;QACrB,yBAAyB;QACzB,iDAAiD;QACjD,4BAA4B;QAC5B,2BAA2B;QAC3B,4BAA4B;QAC5B,sBAAsB;QACtB,6BAA6B;QAC7B,0BAA0B;QAC1B,6BAA6B;QAC7B,4BAA4B;QAC5B,qCAAqC;QACrC,+BAA+B;QAC/B,sEAAsE;QACtE,gCAAgC;QAChC,6DAA6D;QAC7D,8BAA8B;QAC9B,kDAAkD;QAClD,6CAA6C;QAC7C,8DAA8D;KAC/D,CAAA;IAED,OAAO,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AAClD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAgB,iBAAiB,CAAC,WAAmB,EAAE,QAAgB;IACrE,8BAA8B;IAC9B,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChC,OAAO,KAAK,CAAA;IACd,CAAC;IAED,qCAAqC;IACrC,WAAW;IACX,wBAAwB;IACxB,iCAAiC;IACjC,mCAAmC;IACnC,iCAAiC;IACjC,oCAAoC;IACpC,MAAM,UAAU,GAAG,mCAAmC,CAAA;IACtD,OAAO,UAAU,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;AACrC,CAAC;AAED;;;;GAIG;AACH,SAAgB,oBAAoB,CAClC,WAAmB,EACnB,OAAe,EACf,UAAkB,EAClB,KAAgB;IAEhB,MAAM,MAAM,GAAG,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAE3C,gDAAgD;IAChD,MAAM,oBAAoB,GAAG;QAC3B,mBAAmB;QACnB,yCAAyC,EAAE,gCAAgC;QAC3E,mCAAmC,EAAE,2BAA2B;QAChE,iDAAiD,EAAE,iBAAiB;QACpE,8BAA8B,EAAE,mBAAmB;QACnD,+BAA+B,EAAE,gCAAgC;QACjE,gCAAgC,EAAE,iCAAiC;QACnE,kCAAkC,EAAE,yBAAyB;QAC7D,oCAAoC,EAAE,4BAA4B;QAClE,yBAAyB,EAAE,8BAA8B;QACzD,4BAA4B,EAAE,iCAAiC;QAC/D,wBAAwB,EAAE,2BAA2B;QACrD,yBAAyB;QACzB,wBAAwB,EAAE,gCAAgC;QAC1D,sBAAsB,EAAE,gCAAgC;QACxD,wBAAwB,EAAE,oCAAoC;QAC9D,wBAAwB,EAAE,mCAAmC;QAC7D,kCAAkC;QAClC,uCAAuC,EAAE,2CAA2C;QACpF,6BAA6B,EAAE,sCAAsC;QACrE,wBAAwB;QACxB,4CAA4C,EAAE,kCAAkC;QAChF,4CAA4C,EAAE,oCAAoC;QAClF,2CAA2C,EAAE,8BAA8B;QAC3E,4EAA4E;QAC5E,8EAA8E;QAC9E,yCAAyC;KAC1C,CAAA;IAED,IAAI,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACxD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,uDAAuD;IACvD,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;IAChD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;IAC1D,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEjE,qCAAqC;IACrC,MAAM,uBAAuB,GAAG;QAC9B,yEAAyE;QACzE,oCAAoC;QACpC,sDAAsD;QACtD,kEAAkE;QAClE,oBAAoB;QACpB,yDAAyD;QACzD,gEAAgE;QAChE,mBAAmB;QACnB,2BAA2B;QAC3B,4BAA4B;QAC5B,sBAAsB;QACtB,yBAAyB;QACzB,sBAAsB;QACtB,kDAAkD;QAClD,iFAAiF;QACjF,+FAA+F;KAChG,CAAA;IAED,IAAI,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QACvD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,+DAA+D;IAC/D,MAAM,gBAAgB,GAAG;QACvB,qDAAqD;QACrD,uCAAuC;QACvC,2BAA2B;QAC3B,0BAA0B,EAAE,+CAA+C;KAC5E,CAAA;IAED,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QACvE,OAAO,KAAK,CAAA,CAAC,4CAA4C;IAC3D,CAAC;IAED,kFAAkF;IAClF,sFAAsF;IACtF,MAAM,8BAA8B,GAClC,kCAAkC,CAAC,IAAI,CAAC,WAAW,CAAC;QACpD,CAAC,8BAA8B,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IAEnD,MAAM,8BAA8B,GAClC,kCAAkC,CAAC,IAAI,CAAC,WAAW,CAAC;QACpD,CAAC,8BAA8B,CAAC,IAAI,CAAC,WAAW,CAAC,CAAA;IAEnD,IAAI,8BAA8B,IAAI,8BAA8B,EAAE,CAAC;QACrE,OAAO,KAAK,CAAA,CAAC,oEAAoE;IACnF,CAAC;IAED,OAAO,KAAK,CAAA,CAAC,iCAAiC;AAChD,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CACpC,YAA2B;IAE3B,IAAI,CAAC,YAAY;QAAE,OAAO,SAAS,CAAA;IAEnC,MAAM,KAAK,GAAG,YAAY,CAAC,WAAW,EAAE,CAAA;IAExC,oDAAoD;IACpD,uEAAuE;IACvE,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,eAAe,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAA;IACvF,iEAAiE;IACjE,MAAM,oBAAoB,GAAG,sDAAsD,CAAA;IACnF,IACE,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACzC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,EAChC,CAAC;QACD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,sDAAsD;IACtD,MAAM,eAAe,GAAG,CAAC,SAAS,EAAE,QAAQ,EAAE,aAAa,CAAC,CAAA;IAC5D,iEAAiE;IACjE,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAAE,OAAO,SAAS,CAAA;IAClE,IAAI,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;QAAE,OAAO,SAAS,CAAA;IAE5E,yBAAyB;IACzB,MAAM,YAAY,GAAG,CAAC,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAA;IAChE,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAAE,OAAO,MAAM,CAAA;IAE5D,+EAA+E;IAC/E,MAAM,gBAAgB,GAAG;QACvB,OAAO;QACP,QAAQ;QACR,KAAK;QACL,UAAU;QACV,YAAY;QACZ,WAAW;KACZ,CAAA;IACD,0DAA0D;IAC1D,MAAM,uBAAuB,GAC3B,wEAAwE,CAAA;IAC1E,IACE,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC7C,uBAAuB,CAAC,IAAI,CAAC,KAAK,CAAC,EACnC,CAAC;QACD,OAAO,UAAU,CAAA;IACnB,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CAAC,WAAmB;IAOxD,MAAM,eAAe,GAAG,WAAW,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAA;IAC7E,MAAM,eAAe,GAAG,WAAW,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAA;IAE7E,IAAI,CAAC,eAAe,IAAI,CAAC,eAAe,EAAE,CAAC;QACzC,OAAO;YACL,WAAW,EAAE,KAAK;YAClB,IAAI,EAAE,IAAI;YACV,WAAW,EAAE,KAAK;YAClB,gBAAgB,EAAE,IAAI;YACtB,MAAM,EAAE,SAAS;SAClB,CAAA;IACH,CAAC;IAED,MAAM,IAAI,GAAG,eAAe,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAA;IAEtC,+BAA+B;IAC/B,MAAM,cAAc,GAAG,WAAW,CAAC,KAAK,CACtC,oCAAoC,CACrC,CAAA;IACD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAA;IACtE,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAA;IAExE,MAAM,UAAU,GAAG,cAAc,IAAI,UAAU,IAAI,WAAW,CAAA;IAE9D,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;YACL,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,WAAW,EAAE,KAAK;YAClB,gBAAgB,EAAE,IAAI;YACtB,MAAM,EAAE,YAAY;SACrB,CAAA;IACH,CAAC;IAED,8BAA8B;IAC9B,MAAM,KAAK,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAA;IACrC,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAA;IAE1D,uFAAuF;IACvF,mEAAmE;IACnE,6DAA6D;IAC7D,yCAAyC;IACzC,MAAM,mBAAmB,GAAG,EAAE,CAAA;IAC9B,MAAM,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,mBAAmB,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;IAEpF,4BAA4B;IAC5B,oDAAoD;IACpD,oDAAoD;IACpD,IAAI,MAAM,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QAC1B,OAAO;YACL,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,WAAW,EAAE,IAAI;YACjB,gBAAgB,EAAE,MAAM;YACxB,MAAM,EAAE,aAAa;SACtB,CAAA;IACH,CAAC;SAAM,IAAI,MAAM,IAAI,MAAM,IAAI,EAAE,EAAE,CAAC;QAClC,OAAO;YACL,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,WAAW,EAAE,IAAI;YACjB,gBAAgB,EAAE,MAAM;YACxB,MAAM,EAAE,aAAa;SACtB,CAAA;IACH,CAAC;SAAM,CAAC;QACN,OAAO;YACL,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,WAAW,EAAE,IAAI;YACjB,gBAAgB,EAAE,MAAM;YACxB,MAAM,EAAE,aAAa;SACtB,CAAA;IACH,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,6BAA6B,CAC3C,WAAmB;IAEnB,8CAA8C;IAC9C,MAAM,eAAe,GAAG,WAAW,CAAC,KAAK,CACvC,6CAA6C,CAC9C,CAAA;IACD,IAAI,eAAe;QAAE,OAAO,eAAe,CAAC,CAAC,CAAC,CAAA;IAE9C,mCAAmC;IACnC,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAA;IACtE,IAAI,aAAa;QAAE,OAAO,aAAa,CAAC,CAAC,CAAC,CAAA;IAE1C,kEAAkE;IAClE,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAA;IAChE,IAAI,UAAU;QAAE,OAAO,UAAU,CAAC,CAAC,CAAC,CAAA;IAEpC,OAAO,IAAI,CAAA,CAAC,yBAAyB;AACvC,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,wBAAwB,CACtC,OAAsB;IAEtB,IAAI,CAAC,OAAO;QAAE,OAAO,QAAQ,CAAA,CAAC,+BAA+B;IAE7D,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,EAAE,CAAA;IAEnC,+CAA+C;IAC/C,+EAA+E;IAC/E,mDAAmD;IACnD,MAAM,gBAAgB,GAAG;QACvB,OAAO;QACP,QAAQ;QACR,UAAU;QACV,YAAY;QACZ,WAAW;QACX,MAAM;QACN,OAAO;QACP,SAAS;QACT,MAAM;QACN,MAAM;QACN,QAAQ;QACR,WAAW;QACX,YAAY;QACZ,eAAe;QACf,aAAa;QACb,cAAc;QACd,KAAK;QACL,QAAQ;QACR,OAAO;QACP,WAAW;KACZ,CAAA;IACD,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,0CAA0C;IAC1C,MAAM,eAAe,GAAG;QACtB,uBAAuB;QACvB,IAAI;QACJ,KAAK;QACL,MAAM;QACN,UAAU;QACV,OAAO;QACP,SAAS;QACT,UAAU;QACV,MAAM;QACN,SAAS;QACT,MAAM;QACN,aAAa;QACb,SAAS;QACT,WAAW;QACX,UAAU;QACV,cAAc;QACd,iBAAiB;QACjB,MAAM;QACN,MAAM;QACN,MAAM;QACN,QAAQ;QACR,SAAS;QACT,SAAS;QACT,QAAQ;QACR,MAAM;QACN,WAAW;QACX,WAAW;QACX,OAAO;QACP,4EAA4E;QAC5E,KAAK;QACL,OAAO;QACP,cAAc;QACd,SAAS;QACT,WAAW;QACX,QAAQ;QACR,OAAO;QACP,QAAQ;QACR,OAAO;QACP,QAAQ;QACR,OAAO;QACP,+DAA+D;QAC/D,QAAQ;QACR,OAAO;QACP,SAAS;QACT,OAAO;QACP,SAAS;QACT,SAAS;QACT,QAAQ;QACR,UAAU;QACV,aAAa;QACb,QAAQ;QACR,SAAS;QACT,YAAY;QACZ,QAAQ;QACR,QAAQ;QACR,QAAQ;QACR,SAAS;KACV,CAAA;IACD,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,QAAQ,CAAA,CAAC,iCAAiC;AACnD,CAAC;AAED;;;GAGG;AACH,SAAgB,wBAAwB,CACtC,OAAe,EACf,QAAgB,EAChB,UAAkB,EAClB,KAAgB;IAQhB,MAAM,MAAM,GAAG,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;IACnD,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEnD,6DAA6D;IAC7D,MAAM,gBAAgB,GAAG;QACvB,8EAA8E;QAC9E,8CAA8C;QAC9C,gDAAgD;QAChD,uDAAuD;QACvD,8DAA8D;QAC9D,8CAA8C;KAC/C,CAAA;IACD,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;IAErE,eAAe;IACf,MAAM,gBAAgB,GAAG,kCAAkC,CAAA;IAC3D,MAAM,mBAAmB,GAAG;QAC1B,4DAA4D;QAC5D,gDAAgD;QAChD,yBAAyB;KAC1B,CAAA;IACD,MAAM,aAAa,GACjB,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC/B,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;IAEhD,6CAA6C;IAC7C,MAAM,WAAW,GAAG,MAAM,CAAC,UAAU,CAAC,CAAA;IACtC,MAAM,WAAW,GAAG,oBAAoB,CAAC,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,MAAM,CAAC,CAAA;IAElF,sDAAsD;IACtD,kFAAkF;IAClF,MAAM,qBAAqB,GAAG;QAC5B,8DAA8D;QAC9D,8CAA8C;QAC9C,mDAAmD;QACnD,2FAA2F;QAC3F,wCAAwC;QACxC,+BAA+B,EAAM,oBAAoB;QACzD,iBAAiB,EAAqB,uBAAuB;QAC7D,wBAAwB,EAAc,gDAAgD;QACtF,uCAAuC,EAAG,sCAAsC;QAChF,UAAU,EAA4B,oBAAoB;QAC1D,aAAa,EAAyB,qBAAqB;QAC3D,gBAAgB,EAAsB,wBAAwB;KAC/D,CAAA;IACD,MAAM,sBAAsB,GAC1B,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAA;IAExE,gCAAgC;IAChC,IAAI,kBAAkB,GAAG,iBAAiB,CAAA;IAC1C,IAAI,iBAAiB,EAAE,CAAC;QACtB,kBAAkB,GAAG,6BAA6B,CAAA;IACpD,CAAC;SAAM,IAAI,aAAa,EAAE,CAAC;QACzB,kBAAkB,GAAG,2BAA2B,CAAA;IAClD,CAAC;SAAM,IAAI,WAAW,EAAE,CAAC;QACvB,kBAAkB,GAAG,mBAAmB,CAAA;IAC1C,CAAC;SAAM,IAAI,sBAAsB,EAAE,CAAC;QAClC,kBAAkB,GAAG,oBAAoB,CAAA;IAC3C,CAAC;IAED,OAAO;QACL,iBAAiB;QACjB,aAAa;QACb,WAAW;QACX,sBAAsB;QACtB,kBAAkB;KACnB,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,eAAe,CAAC,QAAgB;IAC9C,MAAM,iBAAiB,GAAG;QACxB,eAAe,EAAY,gCAAgC;QAC3D,gBAAgB,EAAW,yBAAyB;QACpD,aAAa,EAAc,uBAAuB;QAClD,aAAa,EAAc,oBAAoB;QAC/C,iBAAiB,EAAU,2BAA2B;QACtD,WAAW,EAAgB,eAAe;QAC1C,aAAa,EAAc,mBAAmB;QAC9C,iBAAiB,EAAU,yBAAyB;QACpD,aAAa,EAAc,qBAAqB;QAChD,aAAa,EAAc,uBAAuB;KACnD,CAAA;IACD,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AACtD,CAAC;AAED;;;GAGG;AACH,SAAgB,0BAA0B,CAAC,WAAmB,EAAE,OAAe;IAC7E,8CAA8C;IAC9C,MAAM,kBAAkB,GAAG;QACzB,sBAAsB,EAAY,mBAAmB;QACrD,sBAAsB,EAAY,mBAAmB;QACrD,sBAAsB,EAAY,mBAAmB;QACrD,2BAA2B,EAAO,sBAAsB;QACxD,0BAA0B,EAAQ,qBAAqB;QACvD,4BAA4B,EAAM,uBAAuB;QACzD,6BAA6B,EAAK,wBAAwB;QAC1D,+BAA+B,EAAG,0BAA0B;QAC5D,8BAA8B,EAAI,yBAAyB;QAC3D,8BAA8B,EAAI,yBAAyB;QAC3D,8BAA8B,EAAI,yBAAyB;QAC3D,8BAA8B,EAAI,8BAA8B;QAChE,6BAA6B,EAAK,wBAAwB;QAC1D,8BAA8B,EAAI,yBAAyB;QAC3D,+BAA+B,EAAG,0BAA0B;QAC5D,4BAA4B,EAAM,uBAAuB;QACzD,gCAAgC;QAChC,6BAA6B,EAAK,yBAAyB;QAC3D,6CAA6C,EAAG,mCAAmC;QACnF,+BAA+B,EAAG,gDAAgD;QAClF,+BAA+B,EAAG,uBAAuB;QACzD,+BAA+B,EAAG,uBAAuB;KAC1D,CAAA;IAED,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACtD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,4CAA4C;IAC5C,MAAM,qBAAqB,GAAG;QAC5B,gBAAgB;QAChB,eAAe;QACf,eAAe;QACf,OAAO;QACP,UAAU;QACV,YAAY;QACZ,cAAc;QACd,YAAY;QACZ,eAAe;QACf,eAAe;QACf,YAAY;QACZ,0CAA0C;QAC1C,QAAQ;QACR,WAAW;QACX,eAAe;QACf,SAAS,EAAO,2BAA2B;QAC3C,OAAO,EAAS,gBAAgB;QAChC,WAAW,EAAK,oBAAoB;QACpC,WAAW,EAAK,oBAAoB;KACrC,CAAA;IAED,OAAO,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AACzD,CAAC;AAED;;;;;;;;GAQG;AACH,SAAgB,8BAA8B,CAC5C,IAAY,EACZ,OAAe,EACf,UAAkB,EAClB,KAAgB;IAEhB,MAAM,MAAM,GAAG,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC3C,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IACjD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;IAC1D,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEjE,MAAM,gBAAgB,GAAG;QACvB,oBAAoB,EAAsB,mCAAmC;QAC7E,wCAAwC,EAAE,8BAA8B;QACxE,6BAA6B,EAAa,wBAAwB;QAClE,sBAAsB,EAAqB,sBAAsB;QACjE,yBAAyB,EAAiB,+BAA+B;QACzE,sBAAsB,EAAqB,+BAA+B;QAC1E,qBAAqB,EAAsB,gCAAgC;KAC5E,CAAA;IAED,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;AACpE,CAAC;AAED;;;GAGG;AACH,SAAgB,oBAAoB,CAClC,OAAe,EACf,QAAgB,EAChB,UAAkB,EAClB,OAAiC;IAEjC,6CAA6C;IAC7C,IAAI,IAAA,qCAAmB,EAAC,QAAQ,CAAC,EAAE,CAAC;QAClC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,mDAAmD;IACnD,yDAAyD;IACzD,IAAI,eAAe,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC9B,OAAO,IAAI,CAAA;IACb,CAAC;IAED,8DAA8D;IAC9D,0EAA0E;IAC1E,IAAI,IAAA,gDAA8B,EAAC,QAAQ,CAAC,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAA;IACb,CAAC;IAED,6EAA6E;IAC7E,iEAAiE;IACjE,MAAM,KAAK,GAAG,OAAO,EAAE,MAAM,EAAE,KAAK,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAC3D,MAAM,WAAW,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAA;IAC3C,IAAI,iBAAiB,CAAC,WAAW,EAAE,QAAQ,CAAC,EAAE,CAAC;QAC7C,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kDAAkD;IAClD,uEAAuE;IACvE,IAAI,8BAA8B,CAAC,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,EAAE,CAAC;QAC5E,OAAO,IAAI,CAAA;IACb,CAAC;IAED,4EAA4E;IAC5E,wEAAwE;IACxE,IAAI,wBAAwB,CAAC,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,EAAE,CAAC;QACzD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,wCAAwC;IACxC,IAAI,IAAA,kCAAgB,EAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,CAAC,CAAA;QAC9B,mDAAmD;QACnD,IACE,iCAAiC,CAAC,IAAI,CAAC,IAAI,CAAC;YAC5C,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,EACtC,CAAC;YACD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,IAAI,oBAAoB,CAAC,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,KAAK,CAAC,EAAE,CAAC;QAClE,+DAA+D;QAC/D,MAAM,iBAAiB,GAAG;YACxB,WAAW;YACX,YAAY;YACZ,YAAY;YACZ,UAAU;YACV,QAAQ;YACR,QAAQ;SACT,CAAA;QACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACrD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,oDAAoD;IACpD,0DAA0D;IAC1D,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IACjD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,GAAG,CAAC,CAAC,CAAA;IACzD,MAAM,WAAW,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IACpE,IAAI,0BAA0B,CAAC,WAAW,EAAE,WAAW,CAAC,EAAE,CAAC;QACzD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,8DAA8D;IAC9D,MAAM,YAAY,GAAG,IAAA,qCAAsB,EAAC,OAAO,EAAE,UAAU,CAAC,CAAA;IAChE,MAAM,cAAc,GAAG,sBAAsB,CAAC,YAAY,CAAC,CAAA;IAE3D,8EAA8E;IAC9E,IAAI,cAAc,KAAK,MAAM,IAAI,cAAc,KAAK,SAAS,IAAI,cAAc,KAAK,MAAM,EAAE,CAAC;QAC3F,OAAO,IAAI,CAAA;IACb,CAAC;IAED,qEAAqE;IACrE,qEAAqE;IACrE,8EAA8E;IAC9E,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IACpF,MAAM,yBAAyB,GAAG;QAChC,mDAAmD,EAAU,yBAAyB;QACtF,mDAAmD,EAAU,oCAAoC;QACjG,+CAA+C,EAAc,gCAAgC;QAC7F,2CAA2C,EAAkB,sBAAsB;QACnF,sCAAsC,EAAwB,2BAA2B;QACzF,oCAAoC,EAA0B,8BAA8B;KAC7F,CAAA;IACD,IAAI,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;QAC3D,OAAO,IAAI,CAAA,CAAE,+DAA+D;IAC9E,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC"}
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dangerous Function Pattern Definitions
|
|
3
|
+
*
|
|
4
|
+
* This module defines the patterns for detecting dangerous function calls.
|
|
5
|
+
* These patterns are used by the main detection engine.
|
|
6
|
+
*/
|
|
7
|
+
import type { VulnerabilitySeverity } from '../../../shared/types';
|
|
8
|
+
export interface DangerousFunctionPattern {
|
|
9
|
+
name: string;
|
|
10
|
+
pattern: RegExp;
|
|
11
|
+
severity: VulnerabilitySeverity;
|
|
12
|
+
description: string;
|
|
13
|
+
suggestedFix: string;
|
|
14
|
+
languages?: string[];
|
|
15
|
+
}
|
|
16
|
+
export declare const DANGEROUS_FUNCTIONS: DangerousFunctionPattern[];
|
|
17
|
+
/**
|
|
18
|
+
* Check if file matches language filter
|
|
19
|
+
*/
|
|
20
|
+
export declare function matchesLanguage(filePath: string, languages?: string[]): boolean;
|
|
21
|
+
//# sourceMappingURL=patterns.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../../src/detect/structural/dangerous-functions/patterns.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,qBAAqB,EAAE,MAAM,uBAAuB,CAAA;AAElE,MAAM,WAAW,wBAAwB;IACvC,IAAI,EAAE,MAAM,CAAA;IACZ,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,EAAE,qBAAqB,CAAA;IAC/B,WAAW,EAAE,MAAM,CAAA;IACnB,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,CAAC,EAAE,MAAM,EAAE,CAAA;CACrB;AAED,eAAO,MAAM,mBAAmB,EAAE,wBAAwB,EA8IzD,CAAA;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,QAAQ,EAAE,MAAM,EAAE,SAAS,CAAC,EAAE,MAAM,EAAE,GAAG,OAAO,CAU/E"}
|
|
@@ -0,0 +1,163 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Dangerous Function Pattern Definitions
|
|
4
|
+
*
|
|
5
|
+
* This module defines the patterns for detecting dangerous function calls.
|
|
6
|
+
* These patterns are used by the main detection engine.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.DANGEROUS_FUNCTIONS = void 0;
|
|
10
|
+
exports.matchesLanguage = matchesLanguage;
|
|
11
|
+
exports.DANGEROUS_FUNCTIONS = [
|
|
12
|
+
// Code execution
|
|
13
|
+
{
|
|
14
|
+
name: 'eval() usage',
|
|
15
|
+
pattern: /\beval\s*\(/gi,
|
|
16
|
+
severity: 'critical',
|
|
17
|
+
description: 'eval() executes arbitrary code and is a major security risk',
|
|
18
|
+
suggestedFix: 'Use JSON.parse() for JSON data, or refactor to avoid dynamic code execution',
|
|
19
|
+
},
|
|
20
|
+
{
|
|
21
|
+
name: 'Function constructor',
|
|
22
|
+
pattern: /new\s+Function\s*\(/gi,
|
|
23
|
+
severity: 'critical',
|
|
24
|
+
description: 'Function constructor can execute arbitrary code like eval()',
|
|
25
|
+
suggestedFix: 'Refactor to use static functions or safe alternatives',
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
name: 'setTimeout/setInterval with string',
|
|
29
|
+
pattern: /set(Timeout|Interval)\s*\(\s*['"`]/gi,
|
|
30
|
+
severity: 'high',
|
|
31
|
+
description: 'setTimeout/setInterval with string argument acts like eval()',
|
|
32
|
+
suggestedFix: 'Pass a function reference instead of a string',
|
|
33
|
+
},
|
|
34
|
+
// Command injection
|
|
35
|
+
{
|
|
36
|
+
name: 'child_process exec',
|
|
37
|
+
pattern: /\b(exec|execSync|spawn|spawnSync|execFile)\s*\(/gi,
|
|
38
|
+
severity: 'high',
|
|
39
|
+
description: 'Shell command execution can lead to command injection',
|
|
40
|
+
suggestedFix: 'Validate and sanitize all inputs, prefer execFile over exec',
|
|
41
|
+
},
|
|
42
|
+
{
|
|
43
|
+
name: 'os.system/subprocess (Python)',
|
|
44
|
+
pattern: /\b(os\.system|subprocess\.(call|run|Popen|check_output))\s*\(/gi,
|
|
45
|
+
severity: 'high',
|
|
46
|
+
description: 'Shell command execution can lead to command injection',
|
|
47
|
+
suggestedFix: 'Use subprocess with shell=False and pass arguments as a list',
|
|
48
|
+
languages: ['py'],
|
|
49
|
+
},
|
|
50
|
+
// SQL injection risks
|
|
51
|
+
// Note: .execute is too generic (used by axios, tRPC, request utilities)
|
|
52
|
+
// Focus on .query and .raw which are more SQL-specific
|
|
53
|
+
{
|
|
54
|
+
name: 'Raw SQL query construction',
|
|
55
|
+
pattern: /\.(query|raw)\s*\(\s*[`'"].*\$\{|\.query\s*\(\s*['"].*\+/gi,
|
|
56
|
+
severity: 'critical',
|
|
57
|
+
description: 'String concatenation in SQL queries can lead to SQL injection',
|
|
58
|
+
suggestedFix: 'Use parameterized queries or prepared statements',
|
|
59
|
+
},
|
|
60
|
+
{
|
|
61
|
+
name: 'SQL template literal',
|
|
62
|
+
pattern: /`SELECT.*FROM.*WHERE.*\$\{|`INSERT.*INTO.*VALUES.*\$\{|`UPDATE.*SET.*\$\{|`DELETE.*FROM.*WHERE.*\$\{/gi,
|
|
63
|
+
severity: 'critical',
|
|
64
|
+
description: 'Template literals in SQL queries can lead to SQL injection',
|
|
65
|
+
suggestedFix: 'Use parameterized queries with placeholders (?, $1, etc.)',
|
|
66
|
+
},
|
|
67
|
+
// XSS risks
|
|
68
|
+
{
|
|
69
|
+
name: 'innerHTML assignment',
|
|
70
|
+
pattern: /\.innerHTML\s*=|\.outerHTML\s*=/gi,
|
|
71
|
+
severity: 'high',
|
|
72
|
+
description: 'Direct innerHTML assignment can lead to XSS vulnerabilities',
|
|
73
|
+
suggestedFix: 'Use textContent for text, or sanitize HTML with DOMPurify',
|
|
74
|
+
},
|
|
75
|
+
{
|
|
76
|
+
name: 'document.write',
|
|
77
|
+
pattern: /document\.write\s*\(/gi,
|
|
78
|
+
severity: 'high',
|
|
79
|
+
description: 'document.write can introduce XSS vulnerabilities',
|
|
80
|
+
suggestedFix: 'Use DOM manipulation methods instead',
|
|
81
|
+
},
|
|
82
|
+
{
|
|
83
|
+
name: 'dangerouslySetInnerHTML',
|
|
84
|
+
pattern: /dangerouslySetInnerHTML\s*=\s*\{\s*\{\s*__html\s*:/gi,
|
|
85
|
+
severity: 'high',
|
|
86
|
+
description: 'dangerouslySetInnerHTML can lead to XSS if content is not sanitized',
|
|
87
|
+
suggestedFix: 'Sanitize HTML content with DOMPurify before rendering',
|
|
88
|
+
},
|
|
89
|
+
// Deserialization
|
|
90
|
+
{
|
|
91
|
+
name: 'Unsafe deserialization',
|
|
92
|
+
pattern: /\b(pickle\.loads?|yaml\.load\s*\((?!.*Loader)|unserialize|Marshal\.load)\s*\(/gi,
|
|
93
|
+
severity: 'critical',
|
|
94
|
+
description: 'Unsafe deserialization can lead to remote code execution',
|
|
95
|
+
suggestedFix: 'Use safe loaders (yaml.safe_load) or validate input before deserializing',
|
|
96
|
+
},
|
|
97
|
+
// Note: JSON.parse is handled specially with source-aware severity - see json-parse.ts
|
|
98
|
+
// Note: request.json() is NOT a dangerous function - see request-validation.ts
|
|
99
|
+
// File system risks
|
|
100
|
+
{
|
|
101
|
+
name: 'Dynamic file path',
|
|
102
|
+
pattern: /\b(readFile|writeFile|readFileSync|writeFileSync|createReadStream|createWriteStream)\s*\(\s*[^'"]/gi,
|
|
103
|
+
severity: 'medium',
|
|
104
|
+
description: 'Dynamic file paths can lead to path traversal attacks',
|
|
105
|
+
suggestedFix: 'Validate and sanitize file paths, use path.resolve with a base directory',
|
|
106
|
+
},
|
|
107
|
+
{
|
|
108
|
+
name: 'Path traversal risk',
|
|
109
|
+
pattern: /path\.(join|resolve)\s*\([^)]*req\.(params|query|body)/gi,
|
|
110
|
+
severity: 'high',
|
|
111
|
+
description: 'User input in file paths can lead to path traversal attacks',
|
|
112
|
+
suggestedFix: 'Validate paths and ensure they stay within allowed directories',
|
|
113
|
+
},
|
|
114
|
+
// Crypto weaknesses
|
|
115
|
+
{
|
|
116
|
+
name: 'Math.random for security',
|
|
117
|
+
pattern: /Math\.random\s*\(\s*\)/gi,
|
|
118
|
+
severity: 'medium',
|
|
119
|
+
description: 'Math.random() is not cryptographically secure',
|
|
120
|
+
suggestedFix: 'Use crypto.randomBytes() or crypto.getRandomValues() for security-sensitive operations',
|
|
121
|
+
},
|
|
122
|
+
// Regex DoS
|
|
123
|
+
{
|
|
124
|
+
name: 'Potentially unsafe regex',
|
|
125
|
+
pattern: /new\s+RegExp\s*\(\s*[^'"]/gi,
|
|
126
|
+
severity: 'medium',
|
|
127
|
+
description: 'Dynamic regex construction can lead to ReDoS attacks',
|
|
128
|
+
suggestedFix: 'Validate regex patterns and consider using safe-regex library',
|
|
129
|
+
},
|
|
130
|
+
// Prototype pollution
|
|
131
|
+
{
|
|
132
|
+
name: 'Object.assign with user input',
|
|
133
|
+
pattern: /Object\.assign\s*\(\s*\{\s*\}\s*,\s*(req\.|request\.|body|params|query)/gi,
|
|
134
|
+
severity: 'high',
|
|
135
|
+
description: 'Object.assign with user input can lead to prototype pollution',
|
|
136
|
+
suggestedFix: 'Validate and sanitize input, or use a safe merge function',
|
|
137
|
+
},
|
|
138
|
+
{
|
|
139
|
+
name: 'Spread operator with user input',
|
|
140
|
+
pattern: /\{\s*\.\.\.req\.(body|params|query)|\.\.\.request\.(body|params|query)/gi,
|
|
141
|
+
severity: 'medium',
|
|
142
|
+
description: 'Spreading user input can lead to mass assignment vulnerabilities',
|
|
143
|
+
suggestedFix: 'Explicitly pick allowed properties instead of spreading all input',
|
|
144
|
+
},
|
|
145
|
+
];
|
|
146
|
+
/**
|
|
147
|
+
* Check if file matches language filter
|
|
148
|
+
*/
|
|
149
|
+
function matchesLanguage(filePath, languages) {
|
|
150
|
+
if (!languages || languages.length === 0)
|
|
151
|
+
return true;
|
|
152
|
+
const ext = filePath.split('.').pop()?.toLowerCase() || '';
|
|
153
|
+
return languages.some(lang => {
|
|
154
|
+
if (lang === 'py')
|
|
155
|
+
return ext === 'py';
|
|
156
|
+
if (lang === 'js')
|
|
157
|
+
return ['js', 'jsx', 'mjs', 'cjs'].includes(ext);
|
|
158
|
+
if (lang === 'ts')
|
|
159
|
+
return ['ts', 'tsx'].includes(ext);
|
|
160
|
+
return ext === lang;
|
|
161
|
+
});
|
|
162
|
+
}
|
|
163
|
+
//# sourceMappingURL=patterns.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../../src/detect/structural/dangerous-functions/patterns.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAgKH,0CAUC;AA7JY,QAAA,mBAAmB,GAA+B;IAC7D,iBAAiB;IACjB;QACE,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,eAAe;QACxB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,6EAA6E;KAC5F;IACD;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,uDAAuD;KACtE;IACD;QACE,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,sCAAsC;QAC/C,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,8DAA8D;QAC3E,YAAY,EAAE,+CAA+C;KAC9D;IAED,oBAAoB;IACpB;QACE,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,mDAAmD;QAC5D,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,uDAAuD;QACpE,YAAY,EAAE,6DAA6D;KAC5E;IACD;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,iEAAiE;QAC1E,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,uDAAuD;QACpE,YAAY,EAAE,8DAA8D;QAC5E,SAAS,EAAE,CAAC,IAAI,CAAC;KAClB;IAED,sBAAsB;IACtB,yEAAyE;IACzE,uDAAuD;IACvD;QACE,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,4DAA4D;QACrE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,+DAA+D;QAC5E,YAAY,EAAE,kDAAkD;KACjE;IACD;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,wGAAwG;QACjH,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,4DAA4D;QACzE,YAAY,EAAE,2DAA2D;KAC1E;IAED,YAAY;IACZ;QACE,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,2DAA2D;KAC1E;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,kDAAkD;QAC/D,YAAY,EAAE,sCAAsC;KACrD;IACD;QACE,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,sDAAsD;QAC/D,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,qEAAqE;QAClF,YAAY,EAAE,uDAAuD;KACtE;IAED,kBAAkB;IAClB;QACE,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,iFAAiF;QAC1F,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0DAA0D;QACvE,YAAY,EAAE,0EAA0E;KACzF;IACD,uFAAuF;IACvF,+EAA+E;IAE/E,oBAAoB;IACpB;QACE,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,qGAAqG;QAC9G,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,uDAAuD;QACpE,YAAY,EAAE,0EAA0E;KACzF;IACD;QACE,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,0DAA0D;QACnE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6DAA6D;QAC1E,YAAY,EAAE,gEAAgE;KAC/E;IAED,oBAAoB;IACpB;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,+CAA+C;QAC5D,YAAY,EAAE,wFAAwF;KACvG;IAED,YAAY;IACZ;QACE,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,6BAA6B;QACtC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,sDAAsD;QACnE,YAAY,EAAE,+DAA+D;KAC9E;IAED,sBAAsB;IACtB;QACE,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,+DAA+D;QAC5E,YAAY,EAAE,2DAA2D;KAC1E;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,OAAO,EAAE,0EAA0E;QACnF,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,kEAAkE;QAC/E,YAAY,EAAE,mEAAmE;KAClF;CACF,CAAA;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,QAAgB,EAAE,SAAoB;IACpE,IAAI,CAAC,SAAS,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAA;IAErD,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,CAAA;IAC1D,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC3B,IAAI,IAAI,KAAK,IAAI;YAAE,OAAO,GAAG,KAAK,IAAI,CAAA;QACtC,IAAI,IAAI,KAAK,IAAI;YAAE,OAAO,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;QACnE,IAAI,IAAI,KAAK,IAAI;YAAE,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;QACrD,OAAO,GAAG,KAAK,IAAI,CAAA;IACrB,CAAC,CAAC,CAAA;AACJ,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Request Body Validation Detection
|
|
3
|
+
*
|
|
4
|
+
* Detection logic for request.json() / req.json() usage without
|
|
5
|
+
* proper schema validation.
|
|
6
|
+
*/
|
|
7
|
+
import type { Vulnerability } from '../../../shared/types';
|
|
8
|
+
/**
|
|
9
|
+
* Detect request.json() / req.json() and suggest schema validation
|
|
10
|
+
* This is NOT a dangerous function - it's a prompt for best practices
|
|
11
|
+
*/
|
|
12
|
+
export declare function detectRequestJsonValidation(content: string, filePath: string, isTestFile: boolean, vulnerabilities: Vulnerability[]): void;
|
|
13
|
+
//# sourceMappingURL=request-validation.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"request-validation.d.ts","sourceRoot":"","sources":["../../../../src/detect/structural/dangerous-functions/request-validation.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,uBAAuB,CAAA;AAO1D;;;GAGG;AACH,wBAAgB,2BAA2B,CACzC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,OAAO,EACnB,eAAe,EAAE,aAAa,EAAE,GAC/B,IAAI,CAiIN"}
|
|
@@ -0,0 +1,126 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Request Body Validation Detection
|
|
4
|
+
*
|
|
5
|
+
* Detection logic for request.json() / req.json() usage without
|
|
6
|
+
* proper schema validation.
|
|
7
|
+
*/
|
|
8
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
9
|
+
exports.detectRequestJsonValidation = detectRequestJsonValidation;
|
|
10
|
+
const file_classifier_1 = require("../../../parse/file-classifier");
|
|
11
|
+
const schema_validation_1 = require("./utils/schema-validation");
|
|
12
|
+
const helpers_1 = require("./utils/helpers");
|
|
13
|
+
const BASE_CONFIDENCE = 0.35;
|
|
14
|
+
/**
|
|
15
|
+
* Detect request.json() / req.json() and suggest schema validation
|
|
16
|
+
* This is NOT a dangerous function - it's a prompt for best practices
|
|
17
|
+
*/
|
|
18
|
+
function detectRequestJsonValidation(content, filePath, isTestFile, vulnerabilities) {
|
|
19
|
+
// Only check API route files
|
|
20
|
+
if (!/\/(api|routes?|handlers?|controllers?)\//i.test(filePath) &&
|
|
21
|
+
!/route\.(ts|js)$/i.test(filePath)) {
|
|
22
|
+
return;
|
|
23
|
+
}
|
|
24
|
+
// Skip if route has throwing auth helper - these are already protected routes
|
|
25
|
+
// and the schema validation suggestion is lower priority
|
|
26
|
+
if ((0, helpers_1.hasThrowingAuthHelper)(content)) {
|
|
27
|
+
return;
|
|
28
|
+
}
|
|
29
|
+
const lines = content.split('\n');
|
|
30
|
+
// Matches: request.json(), req.json(), await request.json(), etc.
|
|
31
|
+
const requestJsonPattern = /\b(request|req)\.json\s*\(\s*\)/gi;
|
|
32
|
+
// Check if file has schema validation (library-based)
|
|
33
|
+
const hasSchemaLibrary = /\b(zod|yup|joi|ajv|superstruct|valibot|typebox)\b/i.test(content) ||
|
|
34
|
+
/\.parse\s*\(|\.validate\s*\(|\.safeParse\s*\(/i.test(content);
|
|
35
|
+
// If file has schema library validation, don't report
|
|
36
|
+
if (hasSchemaLibrary)
|
|
37
|
+
return;
|
|
38
|
+
// Check for manual validation patterns (less robust but still indicates intent)
|
|
39
|
+
const hasManualCheck = (0, schema_validation_1.hasManualValidation)(content);
|
|
40
|
+
// Track instances for potential aggregation
|
|
41
|
+
const instances = [];
|
|
42
|
+
lines.forEach((line, index) => {
|
|
43
|
+
if ((0, file_classifier_1.isComment)(line))
|
|
44
|
+
return;
|
|
45
|
+
requestJsonPattern.lastIndex = 0;
|
|
46
|
+
if (!requestJsonPattern.test(line))
|
|
47
|
+
return;
|
|
48
|
+
// Check if there's validation nearby (within 10 lines after)
|
|
49
|
+
const startCheck = index;
|
|
50
|
+
const endCheck = Math.min(lines.length, index + 10);
|
|
51
|
+
const nearbyContent = lines.slice(startCheck, endCheck).join('\n');
|
|
52
|
+
// If there's validation in the nearby lines, skip
|
|
53
|
+
if (/\.parse\s*\(|\.validate\s*\(|\.safeParse\s*\(|schema\./i.test(nearbyContent)) {
|
|
54
|
+
return;
|
|
55
|
+
}
|
|
56
|
+
// If manual validation is present, skip individual reporting but track for aggregate
|
|
57
|
+
if (hasManualCheck) {
|
|
58
|
+
instances.push({ lineNumber: index + 1, lineContent: line.trim() });
|
|
59
|
+
return;
|
|
60
|
+
}
|
|
61
|
+
if (isTestFile) {
|
|
62
|
+
return; // Don't report in test files
|
|
63
|
+
}
|
|
64
|
+
instances.push({ lineNumber: index + 1, lineContent: line.trim() });
|
|
65
|
+
});
|
|
66
|
+
// Don't report if no instances found
|
|
67
|
+
if (instances.length === 0)
|
|
68
|
+
return;
|
|
69
|
+
// If manual validation exists, create a single info-level note
|
|
70
|
+
if (hasManualCheck && instances.length > 0) {
|
|
71
|
+
vulnerabilities.push({
|
|
72
|
+
id: `request-json-manual-${filePath}`,
|
|
73
|
+
filePath,
|
|
74
|
+
lineNumber: instances[0].lineNumber,
|
|
75
|
+
lineContent: instances[0].lineContent,
|
|
76
|
+
severity: 'info',
|
|
77
|
+
category: 'dangerous_function',
|
|
78
|
+
title: 'Request body with manual validation',
|
|
79
|
+
description: `API endpoint parses request body with manual validation patterns detected. Consider using a schema library (zod, yup) for more robust type-safe validation.`,
|
|
80
|
+
suggestedFix: 'While manual validation works, schema libraries provide better TypeScript integration and error messages.',
|
|
81
|
+
confidence: 'low',
|
|
82
|
+
baseConfidence: BASE_CONFIDENCE,
|
|
83
|
+
layer: 2,
|
|
84
|
+
source: 'structural',
|
|
85
|
+
});
|
|
86
|
+
return;
|
|
87
|
+
}
|
|
88
|
+
// Aggregate if multiple instances without validation
|
|
89
|
+
if (instances.length >= 2) {
|
|
90
|
+
const lineNumbers = instances.map(i => i.lineNumber).slice(0, 5);
|
|
91
|
+
vulnerabilities.push({
|
|
92
|
+
id: `request-json-aggregated-${filePath}`,
|
|
93
|
+
filePath,
|
|
94
|
+
lineNumber: instances[0].lineNumber,
|
|
95
|
+
lineContent: `${instances.length} instances`,
|
|
96
|
+
severity: 'info',
|
|
97
|
+
category: 'dangerous_function',
|
|
98
|
+
title: `Request body without schema validation (${instances.length} instances)`,
|
|
99
|
+
description: `API endpoint parses request body without visible schema validation at lines: ${lineNumbers.join(', ')}. Consider validating the shape of incoming data.`,
|
|
100
|
+
suggestedFix: 'Add schema validation (e.g., zod): const body = await request.json(); const data = schema.parse(body);',
|
|
101
|
+
confidence: 'low',
|
|
102
|
+
baseConfidence: BASE_CONFIDENCE,
|
|
103
|
+
layer: 2,
|
|
104
|
+
source: 'structural',
|
|
105
|
+
});
|
|
106
|
+
}
|
|
107
|
+
else {
|
|
108
|
+
// Single instance
|
|
109
|
+
vulnerabilities.push({
|
|
110
|
+
id: `request-json-${filePath}-${instances[0].lineNumber}`,
|
|
111
|
+
filePath,
|
|
112
|
+
lineNumber: instances[0].lineNumber,
|
|
113
|
+
lineContent: instances[0].lineContent,
|
|
114
|
+
severity: 'info',
|
|
115
|
+
category: 'dangerous_function',
|
|
116
|
+
title: 'Request body without schema validation',
|
|
117
|
+
description: 'API endpoint parses request body without visible schema validation. Consider validating the shape of incoming data.',
|
|
118
|
+
suggestedFix: 'Add schema validation (e.g., zod): const body = await request.json(); const data = schema.parse(body);',
|
|
119
|
+
confidence: 'low',
|
|
120
|
+
baseConfidence: BASE_CONFIDENCE,
|
|
121
|
+
layer: 2,
|
|
122
|
+
source: 'structural',
|
|
123
|
+
});
|
|
124
|
+
}
|
|
125
|
+
}
|
|
126
|
+
//# sourceMappingURL=request-validation.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"request-validation.js","sourceRoot":"","sources":["../../../../src/detect/structural/dangerous-functions/request-validation.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;AAaH,kEAsIC;AAhJD,oEAA0D;AAC1D,iEAA+D;AAC/D,6CAAuD;AAEvD,MAAM,eAAe,GAAG,IAAI,CAAA;AAE5B;;;GAGG;AACH,SAAgB,2BAA2B,CACzC,OAAe,EACf,QAAgB,EAChB,UAAmB,EACnB,eAAgC;IAEhC,6BAA6B;IAC7B,IACE,CAAC,2CAA2C,CAAC,IAAI,CAAC,QAAQ,CAAC;QAC3D,CAAC,kBAAkB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAClC,CAAC;QACD,OAAM;IACR,CAAC;IAED,8EAA8E;IAC9E,yDAAyD;IACzD,IAAI,IAAA,+BAAqB,EAAC,OAAO,CAAC,EAAE,CAAC;QACnC,OAAM;IACR,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,kEAAkE;IAClE,MAAM,kBAAkB,GAAG,mCAAmC,CAAA;IAE9D,sDAAsD;IACtD,MAAM,gBAAgB,GACpB,oDAAoD,CAAC,IAAI,CAAC,OAAO,CAAC;QAClE,gDAAgD,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IAEhE,sDAAsD;IACtD,IAAI,gBAAgB;QAAE,OAAM;IAE5B,gFAAgF;IAChF,MAAM,cAAc,GAAG,IAAA,uCAAmB,EAAC,OAAO,CAAC,CAAA;IAEnD,4CAA4C;IAC5C,MAAM,SAAS,GAAkD,EAAE,CAAA;IAEnE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,IAAI,IAAA,2BAAS,EAAC,IAAI,CAAC;YAAE,OAAM;QAE3B,kBAAkB,CAAC,SAAS,GAAG,CAAC,CAAA;QAChC,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,OAAM;QAE1C,6DAA6D;QAC7D,MAAM,UAAU,GAAG,KAAK,CAAA;QACxB,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,GAAG,EAAE,CAAC,CAAA;QACnD,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAElE,kDAAkD;QAClD,IACE,yDAAyD,CAAC,IAAI,CAC5D,aAAa,CACd,EACD,CAAC;YACD,OAAM;QACR,CAAC;QAED,qFAAqF;QACrF,IAAI,cAAc,EAAE,CAAC;YACnB,SAAS,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,KAAK,GAAG,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;YACnE,OAAM;QACR,CAAC;QAED,IAAI,UAAU,EAAE,CAAC;YACf,OAAM,CAAC,6BAA6B;QACtC,CAAC;QAED,SAAS,CAAC,IAAI,CAAC,EAAE,UAAU,EAAE,KAAK,GAAG,CAAC,EAAE,WAAW,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,CAAC,CAAA;IACrE,CAAC,CAAC,CAAA;IAEF,qCAAqC;IACrC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC;QAAE,OAAM;IAElC,+DAA+D;IAC/D,IAAI,cAAc,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3C,eAAe,CAAC,IAAI,CAAC;YACnB,EAAE,EAAE,uBAAuB,QAAQ,EAAE;YACrC,QAAQ;YACR,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU;YACnC,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,WAAW;YACrC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,oBAAoB;YAC9B,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,6JAA6J;YAC1K,YAAY,EACV,2GAA2G;YAC7G,UAAU,EAAE,KAAK;YACjB,cAAc,EAAE,eAAe;YAC/B,KAAK,EAAE,CAAC;YACN,MAAM,EAAE,YAAqB;SAChC,CAAC,CAAA;QACF,OAAM;IACR,CAAC;IAED,qDAAqD;IACrD,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC1B,MAAM,WAAW,GAAG,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAA;QAChE,eAAe,CAAC,IAAI,CAAC;YACnB,EAAE,EAAE,2BAA2B,QAAQ,EAAE;YACzC,QAAQ;YACR,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU;YACnC,WAAW,EAAE,GAAG,SAAS,CAAC,MAAM,YAAY;YAC5C,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,oBAAoB;YAC9B,KAAK,EAAE,2CAA2C,SAAS,CAAC,MAAM,aAAa;YAC/E,WAAW,EAAE,gFAAgF,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,mDAAmD;YACtK,YAAY,EACV,wGAAwG;YAC1G,UAAU,EAAE,KAAK;YACjB,cAAc,EAAE,eAAe;YAC/B,KAAK,EAAE,CAAC;YACN,MAAM,EAAE,YAAqB;SAChC,CAAC,CAAA;IACJ,CAAC;SAAM,CAAC;QACN,kBAAkB;QAClB,eAAe,CAAC,IAAI,CAAC;YACnB,EAAE,EAAE,gBAAgB,QAAQ,IAAI,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU,EAAE;YACzD,QAAQ;YACR,UAAU,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,UAAU;YACnC,WAAW,EAAE,SAAS,CAAC,CAAC,CAAC,CAAC,WAAW;YACrC,QAAQ,EAAE,MAAM;YAChB,QAAQ,EAAE,oBAAoB;YAC9B,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EACT,qHAAqH;YACvH,YAAY,EACV,wGAAwG;YAC1G,UAAU,EAAE,KAAK;YACjB,cAAc,EAAE,eAAe;YAC/B,KAAK,EAAE,CAAC;YACN,MAAM,EAAE,YAAqB;SAChC,CAAC,CAAA;IACJ,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Control Flow Analysis Utilities
|
|
3
|
+
*
|
|
4
|
+
* Backward-compatible wrappers around shared code-analysis utilities.
|
|
5
|
+
* Existing callers pass (content: string, lineNumber: number) — these
|
|
6
|
+
* wrappers create a temporary ParsedFile to delegate to the shared implementation.
|
|
7
|
+
*/
|
|
8
|
+
/**
|
|
9
|
+
* Check if a line is inside a try-catch block
|
|
10
|
+
* Looks for enclosing try { ... } catch pattern
|
|
11
|
+
*/
|
|
12
|
+
export declare function isInsideTryCatch(content: string, lineNumber: number): boolean;
|
|
13
|
+
/**
|
|
14
|
+
* Simpler heuristic: check if there's a try-catch in the same function scope
|
|
15
|
+
* Looks for try { before the line and } catch after, within reasonable bounds
|
|
16
|
+
*/
|
|
17
|
+
export declare function hasTryCatchNearby(content: string, lineNumber: number, windowSize?: number): boolean;
|
|
18
|
+
/**
|
|
19
|
+
* Extract function context where a call is being made
|
|
20
|
+
* Looks backwards from the current line to find enclosing function name
|
|
21
|
+
* Returns lowercase function name or null if not found
|
|
22
|
+
*/
|
|
23
|
+
export declare function extractFunctionContext(content: string, lineNumber: number): string | null;
|
|
24
|
+
//# sourceMappingURL=control-flow.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"control-flow.d.ts","sourceRoot":"","sources":["../../../../../src/detect/structural/dangerous-functions/utils/control-flow.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAE7E;AAED;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,GAAE,MAAW,GAAG,OAAO,CAEvG;AAED;;;;GAIG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,GAAG,IAAI,CAEzF"}
|
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Control Flow Analysis Utilities
|
|
4
|
+
*
|
|
5
|
+
* Backward-compatible wrappers around shared code-analysis utilities.
|
|
6
|
+
* Existing callers pass (content: string, lineNumber: number) — these
|
|
7
|
+
* wrappers create a temporary ParsedFile to delegate to the shared implementation.
|
|
8
|
+
*/
|
|
9
|
+
var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
|
|
10
|
+
if (k2 === undefined) k2 = k;
|
|
11
|
+
var desc = Object.getOwnPropertyDescriptor(m, k);
|
|
12
|
+
if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
|
|
13
|
+
desc = { enumerable: true, get: function() { return m[k]; } };
|
|
14
|
+
}
|
|
15
|
+
Object.defineProperty(o, k2, desc);
|
|
16
|
+
}) : (function(o, m, k, k2) {
|
|
17
|
+
if (k2 === undefined) k2 = k;
|
|
18
|
+
o[k2] = m[k];
|
|
19
|
+
}));
|
|
20
|
+
var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
|
|
21
|
+
Object.defineProperty(o, "default", { enumerable: true, value: v });
|
|
22
|
+
}) : function(o, v) {
|
|
23
|
+
o["default"] = v;
|
|
24
|
+
});
|
|
25
|
+
var __importStar = (this && this.__importStar) || (function () {
|
|
26
|
+
var ownKeys = function(o) {
|
|
27
|
+
ownKeys = Object.getOwnPropertyNames || function (o) {
|
|
28
|
+
var ar = [];
|
|
29
|
+
for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
|
|
30
|
+
return ar;
|
|
31
|
+
};
|
|
32
|
+
return ownKeys(o);
|
|
33
|
+
};
|
|
34
|
+
return function (mod) {
|
|
35
|
+
if (mod && mod.__esModule) return mod;
|
|
36
|
+
var result = {};
|
|
37
|
+
if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
|
|
38
|
+
__setModuleDefault(result, mod);
|
|
39
|
+
return result;
|
|
40
|
+
};
|
|
41
|
+
})();
|
|
42
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
43
|
+
exports.isInsideTryCatch = isInsideTryCatch;
|
|
44
|
+
exports.hasTryCatchNearby = hasTryCatchNearby;
|
|
45
|
+
exports.extractFunctionContext = extractFunctionContext;
|
|
46
|
+
const parsed_file_1 = require("../../../../shared/parsed-file");
|
|
47
|
+
const codeAnalysis = __importStar(require("../../../../shared/code-analysis"));
|
|
48
|
+
/**
|
|
49
|
+
* Check if a line is inside a try-catch block
|
|
50
|
+
* Looks for enclosing try { ... } catch pattern
|
|
51
|
+
*/
|
|
52
|
+
function isInsideTryCatch(content, lineNumber) {
|
|
53
|
+
return codeAnalysis.isInsideTryCatch(new parsed_file_1.ParsedFile(content, ''), lineNumber);
|
|
54
|
+
}
|
|
55
|
+
/**
|
|
56
|
+
* Simpler heuristic: check if there's a try-catch in the same function scope
|
|
57
|
+
* Looks for try { before the line and } catch after, within reasonable bounds
|
|
58
|
+
*/
|
|
59
|
+
function hasTryCatchNearby(content, lineNumber, windowSize = 20) {
|
|
60
|
+
return codeAnalysis.hasTryCatchNearby(new parsed_file_1.ParsedFile(content, ''), lineNumber, windowSize);
|
|
61
|
+
}
|
|
62
|
+
/**
|
|
63
|
+
* Extract function context where a call is being made
|
|
64
|
+
* Looks backwards from the current line to find enclosing function name
|
|
65
|
+
* Returns lowercase function name or null if not found
|
|
66
|
+
*/
|
|
67
|
+
function extractFunctionContext(content, lineNumber) {
|
|
68
|
+
return codeAnalysis.extractFunctionContext(new parsed_file_1.ParsedFile(content, ''), lineNumber);
|
|
69
|
+
}
|
|
70
|
+
//# sourceMappingURL=control-flow.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"control-flow.js","sourceRoot":"","sources":["../../../../../src/detect/structural/dangerous-functions/utils/control-flow.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AASH,4CAEC;AAMD,8CAEC;AAOD,wDAEC;AA1BD,gEAA2D;AAC3D,+EAAgE;AAEhE;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,OAAe,EAAE,UAAkB;IAClE,OAAO,YAAY,CAAC,gBAAgB,CAAC,IAAI,wBAAU,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,UAAU,CAAC,CAAA;AAC/E,CAAC;AAED;;;GAGG;AACH,SAAgB,iBAAiB,CAAC,OAAe,EAAE,UAAkB,EAAE,aAAqB,EAAE;IAC5F,OAAO,YAAY,CAAC,iBAAiB,CAAC,IAAI,wBAAU,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,UAAU,EAAE,UAAU,CAAC,CAAA;AAC5F,CAAC;AAED;;;;GAIG;AACH,SAAgB,sBAAsB,CAAC,OAAe,EAAE,UAAkB;IACxE,OAAO,YAAY,CAAC,sBAAsB,CAAC,IAAI,wBAAU,CAAC,OAAO,EAAE,EAAE,CAAC,EAAE,UAAU,CAAC,CAAA;AACrF,CAAC"}
|
|
@@ -0,0 +1,31 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* General Helper Utilities
|
|
3
|
+
*
|
|
4
|
+
* Small utility functions used across the dangerous functions detection module.
|
|
5
|
+
*/
|
|
6
|
+
/**
|
|
7
|
+
* Get a specific line from content by line number (0-indexed)
|
|
8
|
+
*/
|
|
9
|
+
export declare function getLineContent(content: string, lineNumber: number): string;
|
|
10
|
+
/**
|
|
11
|
+
* Get a range of lines from content
|
|
12
|
+
*/
|
|
13
|
+
export declare function getLineRange(content: string, startLine: number, endLine: number): string;
|
|
14
|
+
/**
|
|
15
|
+
* Check if eval/exec/Function has only static literal inputs (no user data)
|
|
16
|
+
* Static inputs like eval('({ mode: "production" })') are low risk
|
|
17
|
+
*
|
|
18
|
+
* Returns true ONLY if the argument is a string literal (not a variable)
|
|
19
|
+
*/
|
|
20
|
+
export declare function hasOnlyStaticInputs(lineContent: string, content: string, lineNumber: number): boolean;
|
|
21
|
+
/**
|
|
22
|
+
* Check if path traversal protection is in place
|
|
23
|
+
* Looks for common sanitization patterns that prevent directory traversal attacks
|
|
24
|
+
*/
|
|
25
|
+
export declare function hasPathTraversalProtection(context: string, lineContent: string): boolean;
|
|
26
|
+
/**
|
|
27
|
+
* Check if route has throwing auth helper (getCurrentUserId, requireAuth, etc.)
|
|
28
|
+
* Routes with throwing auth helpers are already protected
|
|
29
|
+
*/
|
|
30
|
+
export declare function hasThrowingAuthHelper(content: string): boolean;
|
|
31
|
+
//# sourceMappingURL=helpers.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"helpers.d.ts","sourceRoot":"","sources":["../../../../../src/detect/structural/dangerous-functions/utils/helpers.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM,CAG1E;AAED;;GAEG;AACH,wBAAgB,YAAY,CAC1B,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,GACd,MAAM,CAKR;AAED;;;;;GAKG;AACH,wBAAgB,mBAAmB,CACjC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,GACjB,OAAO,CAgCT;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CACxC,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,MAAM,GAClB,OAAO,CAiET;AAED;;;GAGG;AACH,wBAAgB,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAmB9D"}
|