@oculum/scanner 1.0.12 → 1.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (961) hide show
  1. package/dist/detect/ai-code/agent-tools.d.ts +22 -0
  2. package/dist/detect/ai-code/agent-tools.d.ts.map +1 -0
  3. package/dist/detect/ai-code/agent-tools.js +1509 -0
  4. package/dist/detect/ai-code/agent-tools.js.map +1 -0
  5. package/dist/detect/ai-code/byok-patterns.d.ts +15 -0
  6. package/dist/detect/ai-code/byok-patterns.d.ts.map +1 -0
  7. package/dist/detect/ai-code/byok-patterns.js +313 -0
  8. package/dist/detect/ai-code/byok-patterns.js.map +1 -0
  9. package/dist/detect/ai-code/endpoint-protection.d.ts +38 -0
  10. package/dist/detect/ai-code/endpoint-protection.d.ts.map +1 -0
  11. package/dist/detect/ai-code/endpoint-protection.js +349 -0
  12. package/dist/detect/ai-code/endpoint-protection.js.map +1 -0
  13. package/dist/detect/ai-code/execution-sinks.d.ts +21 -0
  14. package/dist/detect/ai-code/execution-sinks.d.ts.map +1 -0
  15. package/dist/detect/ai-code/execution-sinks.js +1158 -0
  16. package/dist/detect/ai-code/execution-sinks.js.map +1 -0
  17. package/dist/detect/ai-code/fingerprinting.d.ts +10 -0
  18. package/dist/detect/ai-code/fingerprinting.d.ts.map +1 -0
  19. package/dist/detect/ai-code/fingerprinting.js +665 -0
  20. package/dist/detect/ai-code/fingerprinting.js.map +1 -0
  21. package/dist/detect/ai-code/index.d.ts +12 -0
  22. package/dist/detect/ai-code/index.d.ts.map +1 -0
  23. package/dist/detect/ai-code/index.js +26 -0
  24. package/dist/detect/ai-code/index.js.map +1 -0
  25. package/dist/detect/ai-code/mcp-security.d.ts +20 -0
  26. package/dist/detect/ai-code/mcp-security.d.ts.map +1 -0
  27. package/dist/detect/ai-code/mcp-security.js +880 -0
  28. package/dist/detect/ai-code/mcp-security.js.map +1 -0
  29. package/dist/detect/ai-code/model-supply-chain.d.ts +23 -0
  30. package/dist/detect/ai-code/model-supply-chain.d.ts.map +1 -0
  31. package/dist/detect/ai-code/model-supply-chain.js +447 -0
  32. package/dist/detect/ai-code/model-supply-chain.js.map +1 -0
  33. package/dist/detect/ai-code/package-hallucination.d.ts +22 -0
  34. package/dist/detect/ai-code/package-hallucination.d.ts.map +1 -0
  35. package/dist/detect/ai-code/package-hallucination.js +841 -0
  36. package/dist/detect/ai-code/package-hallucination.js.map +1 -0
  37. package/dist/detect/ai-code/prompt-hygiene.d.ts +22 -0
  38. package/dist/detect/ai-code/prompt-hygiene.d.ts.map +1 -0
  39. package/dist/detect/ai-code/prompt-hygiene.js +1177 -0
  40. package/dist/detect/ai-code/prompt-hygiene.js.map +1 -0
  41. package/dist/detect/ai-code/rag-safety.d.ts +24 -0
  42. package/dist/detect/ai-code/rag-safety.d.ts.map +1 -0
  43. package/dist/detect/ai-code/rag-safety.js +913 -0
  44. package/dist/detect/ai-code/rag-safety.js.map +1 -0
  45. package/dist/detect/ai-code/schema-validation.d.ts +28 -0
  46. package/dist/detect/ai-code/schema-validation.d.ts.map +1 -0
  47. package/dist/detect/ai-code/schema-validation.js +378 -0
  48. package/dist/detect/ai-code/schema-validation.js.map +1 -0
  49. package/dist/detect/config/agent-skill-injection.d.ts +27 -0
  50. package/dist/detect/config/agent-skill-injection.d.ts.map +1 -0
  51. package/dist/detect/config/agent-skill-injection.js +472 -0
  52. package/dist/detect/config/agent-skill-injection.js.map +1 -0
  53. package/dist/detect/config/comments.d.ts +11 -0
  54. package/dist/detect/config/comments.d.ts.map +1 -0
  55. package/dist/detect/config/comments.js +206 -0
  56. package/dist/detect/config/comments.js.map +1 -0
  57. package/dist/detect/config/file-flags.d.ts +10 -0
  58. package/dist/detect/config/file-flags.d.ts.map +1 -0
  59. package/dist/detect/config/file-flags.js +124 -0
  60. package/dist/detect/config/file-flags.js.map +1 -0
  61. package/dist/detect/config/index.d.ts +7 -0
  62. package/dist/detect/config/index.d.ts.map +1 -0
  63. package/dist/detect/config/index.js +17 -0
  64. package/dist/detect/config/index.js.map +1 -0
  65. package/dist/detect/config/osv-check.d.ts +75 -0
  66. package/dist/detect/config/osv-check.d.ts.map +1 -0
  67. package/dist/detect/config/osv-check.js +309 -0
  68. package/dist/detect/config/osv-check.js.map +1 -0
  69. package/dist/detect/config/package-check.d.ts +63 -0
  70. package/dist/detect/config/package-check.d.ts.map +1 -0
  71. package/dist/detect/config/package-check.js +509 -0
  72. package/dist/detect/config/package-check.js.map +1 -0
  73. package/dist/detect/config/urls.d.ts +11 -0
  74. package/dist/detect/config/urls.d.ts.map +1 -0
  75. package/dist/detect/config/urls.js +450 -0
  76. package/dist/detect/config/urls.js.map +1 -0
  77. package/dist/detect/index.d.ts +37 -0
  78. package/dist/detect/index.d.ts.map +1 -0
  79. package/dist/detect/index.js +77 -0
  80. package/dist/detect/index.js.map +1 -0
  81. package/dist/detect/secrets/config-audit.d.ts +11 -0
  82. package/dist/detect/secrets/config-audit.d.ts.map +1 -0
  83. package/dist/detect/secrets/config-audit.js +315 -0
  84. package/dist/detect/secrets/config-audit.js.map +1 -0
  85. package/dist/detect/secrets/config-mcp-audit.d.ts +23 -0
  86. package/dist/detect/secrets/config-mcp-audit.d.ts.map +1 -0
  87. package/dist/detect/secrets/config-mcp-audit.js +243 -0
  88. package/dist/detect/secrets/config-mcp-audit.js.map +1 -0
  89. package/dist/detect/secrets/entropy.d.ts +11 -0
  90. package/dist/detect/secrets/entropy.d.ts.map +1 -0
  91. package/dist/detect/secrets/entropy.js +751 -0
  92. package/dist/detect/secrets/entropy.js.map +1 -0
  93. package/dist/detect/secrets/index.d.ts +36 -0
  94. package/dist/detect/secrets/index.d.ts.map +1 -0
  95. package/dist/detect/secrets/index.js +174 -0
  96. package/dist/detect/secrets/index.js.map +1 -0
  97. package/dist/detect/secrets/patterns.d.ts +11 -0
  98. package/dist/detect/secrets/patterns.d.ts.map +1 -0
  99. package/dist/detect/secrets/patterns.js +518 -0
  100. package/dist/detect/secrets/patterns.js.map +1 -0
  101. package/dist/detect/secrets/weak-crypto.d.ts +10 -0
  102. package/dist/detect/secrets/weak-crypto.d.ts.map +1 -0
  103. package/dist/detect/secrets/weak-crypto.js +432 -0
  104. package/dist/detect/secrets/weak-crypto.js.map +1 -0
  105. package/dist/detect/structural/auth-patterns.d.ts +22 -0
  106. package/dist/detect/structural/auth-patterns.d.ts.map +1 -0
  107. package/dist/detect/structural/auth-patterns.js +533 -0
  108. package/dist/detect/structural/auth-patterns.js.map +1 -0
  109. package/dist/detect/structural/dangerous-functions/child-process.d.ts +16 -0
  110. package/dist/detect/structural/dangerous-functions/child-process.d.ts.map +1 -0
  111. package/dist/detect/structural/dangerous-functions/child-process.js +74 -0
  112. package/dist/detect/structural/dangerous-functions/child-process.js.map +1 -0
  113. package/dist/detect/structural/dangerous-functions/dom-xss.d.ts +34 -0
  114. package/dist/detect/structural/dangerous-functions/dom-xss.d.ts.map +1 -0
  115. package/dist/detect/structural/dangerous-functions/dom-xss.js +230 -0
  116. package/dist/detect/structural/dangerous-functions/dom-xss.js.map +1 -0
  117. package/dist/detect/structural/dangerous-functions/index.d.ts +16 -0
  118. package/dist/detect/structural/dangerous-functions/index.d.ts.map +1 -0
  119. package/dist/detect/structural/dangerous-functions/index.js +1193 -0
  120. package/dist/detect/structural/dangerous-functions/index.js.map +1 -0
  121. package/dist/detect/structural/dangerous-functions/json-parse.d.ts +31 -0
  122. package/dist/detect/structural/dangerous-functions/json-parse.d.ts.map +1 -0
  123. package/dist/detect/structural/dangerous-functions/json-parse.js +326 -0
  124. package/dist/detect/structural/dangerous-functions/json-parse.js.map +1 -0
  125. package/dist/detect/structural/dangerous-functions/math-random.d.ts +111 -0
  126. package/dist/detect/structural/dangerous-functions/math-random.d.ts.map +1 -0
  127. package/dist/detect/structural/dangerous-functions/math-random.js +684 -0
  128. package/dist/detect/structural/dangerous-functions/math-random.js.map +1 -0
  129. package/dist/detect/structural/dangerous-functions/patterns.d.ts +21 -0
  130. package/dist/detect/structural/dangerous-functions/patterns.d.ts.map +1 -0
  131. package/dist/detect/structural/dangerous-functions/patterns.js +163 -0
  132. package/dist/detect/structural/dangerous-functions/patterns.js.map +1 -0
  133. package/dist/detect/structural/dangerous-functions/request-validation.d.ts +13 -0
  134. package/dist/detect/structural/dangerous-functions/request-validation.d.ts.map +1 -0
  135. package/dist/detect/structural/dangerous-functions/request-validation.js +126 -0
  136. package/dist/detect/structural/dangerous-functions/request-validation.js.map +1 -0
  137. package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts +24 -0
  138. package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts.map +1 -0
  139. package/dist/detect/structural/dangerous-functions/utils/control-flow.js +70 -0
  140. package/dist/detect/structural/dangerous-functions/utils/control-flow.js.map +1 -0
  141. package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts +31 -0
  142. package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts.map +1 -0
  143. package/dist/detect/structural/dangerous-functions/utils/helpers.js +147 -0
  144. package/dist/detect/structural/dangerous-functions/utils/helpers.js.map +1 -0
  145. package/dist/detect/structural/dangerous-functions/utils/index.d.ts +9 -0
  146. package/dist/detect/structural/dangerous-functions/utils/index.d.ts.map +1 -0
  147. package/dist/detect/structural/dangerous-functions/utils/index.js +23 -0
  148. package/dist/detect/structural/dangerous-functions/utils/index.js.map +1 -0
  149. package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts +22 -0
  150. package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts.map +1 -0
  151. package/dist/detect/structural/dangerous-functions/utils/schema-validation.js +102 -0
  152. package/dist/detect/structural/dangerous-functions/utils/schema-validation.js.map +1 -0
  153. package/dist/detect/structural/data-exposure.d.ts +19 -0
  154. package/dist/detect/structural/data-exposure.d.ts.map +1 -0
  155. package/dist/detect/structural/data-exposure.js +262 -0
  156. package/dist/detect/structural/data-exposure.js.map +1 -0
  157. package/dist/detect/structural/framework-checks.d.ts +10 -0
  158. package/dist/detect/structural/framework-checks.d.ts.map +1 -0
  159. package/dist/detect/structural/framework-checks.js +389 -0
  160. package/dist/detect/structural/framework-checks.js.map +1 -0
  161. package/dist/detect/structural/index.d.ts +71 -0
  162. package/dist/detect/structural/index.d.ts.map +1 -0
  163. package/dist/detect/structural/index.js +510 -0
  164. package/dist/detect/structural/index.js.map +1 -0
  165. package/dist/detect/structural/log-injection.d.ts +18 -0
  166. package/dist/detect/structural/log-injection.d.ts.map +1 -0
  167. package/dist/detect/structural/log-injection.js +217 -0
  168. package/dist/detect/structural/log-injection.js.map +1 -0
  169. package/dist/detect/structural/logic-gates.d.ts +10 -0
  170. package/dist/detect/structural/logic-gates.d.ts.map +1 -0
  171. package/dist/detect/structural/logic-gates.js +227 -0
  172. package/dist/detect/structural/logic-gates.js.map +1 -0
  173. package/dist/detect/structural/risky-imports.d.ts +10 -0
  174. package/dist/detect/structural/risky-imports.d.ts.map +1 -0
  175. package/dist/detect/structural/risky-imports.js +168 -0
  176. package/dist/detect/structural/risky-imports.js.map +1 -0
  177. package/dist/detect/structural/security-headers.d.ts +18 -0
  178. package/dist/detect/structural/security-headers.d.ts.map +1 -0
  179. package/dist/detect/structural/security-headers.js +196 -0
  180. package/dist/detect/structural/security-headers.js.map +1 -0
  181. package/dist/detect/structural/ssrf-detection.d.ts +18 -0
  182. package/dist/detect/structural/ssrf-detection.d.ts.map +1 -0
  183. package/dist/detect/structural/ssrf-detection.js +263 -0
  184. package/dist/detect/structural/ssrf-detection.js.map +1 -0
  185. package/dist/detect/structural/variables.d.ts +11 -0
  186. package/dist/detect/structural/variables.d.ts.map +1 -0
  187. package/dist/detect/structural/variables.js +159 -0
  188. package/dist/detect/structural/variables.js.map +1 -0
  189. package/dist/detect/structural/xxe-detection.d.ts +18 -0
  190. package/dist/detect/structural/xxe-detection.d.ts.map +1 -0
  191. package/dist/detect/structural/xxe-detection.js +245 -0
  192. package/dist/detect/structural/xxe-detection.js.map +1 -0
  193. package/dist/index.d.ts +17 -64
  194. package/dist/index.d.ts.map +1 -1
  195. package/dist/index.js +49 -1034
  196. package/dist/index.js.map +1 -1
  197. package/dist/layer2/framework-checks.d.ts.map +1 -1
  198. package/dist/layer2/framework-checks.js +1 -8
  199. package/dist/layer2/framework-checks.js.map +1 -1
  200. package/dist/layer2/index.d.ts +4 -0
  201. package/dist/layer2/index.d.ts.map +1 -1
  202. package/dist/layer2/index.js +50 -1
  203. package/dist/layer2/index.js.map +1 -1
  204. package/dist/layer2/log-injection.d.ts +18 -0
  205. package/dist/layer2/log-injection.d.ts.map +1 -0
  206. package/dist/layer2/log-injection.js +214 -0
  207. package/dist/layer2/log-injection.js.map +1 -0
  208. package/dist/layer2/security-headers.d.ts +18 -0
  209. package/dist/layer2/security-headers.d.ts.map +1 -0
  210. package/dist/layer2/security-headers.js +187 -0
  211. package/dist/layer2/security-headers.js.map +1 -0
  212. package/dist/layer2/ssrf-detection.d.ts +18 -0
  213. package/dist/layer2/ssrf-detection.d.ts.map +1 -0
  214. package/dist/layer2/ssrf-detection.js +252 -0
  215. package/dist/layer2/ssrf-detection.js.map +1 -0
  216. package/dist/layer2/xxe-detection.d.ts +18 -0
  217. package/dist/layer2/xxe-detection.d.ts.map +1 -0
  218. package/dist/layer2/xxe-detection.js +242 -0
  219. package/dist/layer2/xxe-detection.js.map +1 -0
  220. package/dist/layer3/anthropic/prompts/index.d.ts +1 -1
  221. package/dist/layer3/anthropic/prompts/index.d.ts.map +1 -1
  222. package/dist/layer3/anthropic/prompts/index.js +3 -1
  223. package/dist/layer3/anthropic/prompts/index.js.map +1 -1
  224. package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts +19 -0
  225. package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts.map +1 -0
  226. package/dist/layer3/anthropic/prompts/modules/ai-patterns.js +156 -0
  227. package/dist/layer3/anthropic/prompts/modules/ai-patterns.js.map +1 -0
  228. package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts +9 -0
  229. package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts.map +1 -0
  230. package/dist/layer3/anthropic/prompts/modules/auth-access.js +25 -0
  231. package/dist/layer3/anthropic/prompts/modules/auth-access.js.map +1 -0
  232. package/dist/layer3/anthropic/prompts/modules/common.d.ts +11 -0
  233. package/dist/layer3/anthropic/prompts/modules/common.d.ts.map +1 -0
  234. package/dist/layer3/anthropic/prompts/modules/common.js +152 -0
  235. package/dist/layer3/anthropic/prompts/modules/common.js.map +1 -0
  236. package/dist/layer3/anthropic/prompts/modules/index.d.ts +54 -0
  237. package/dist/layer3/anthropic/prompts/modules/index.d.ts.map +1 -0
  238. package/dist/layer3/anthropic/prompts/modules/index.js +185 -0
  239. package/dist/layer3/anthropic/prompts/modules/index.js.map +1 -0
  240. package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts +8 -0
  241. package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts.map +1 -0
  242. package/dist/layer3/anthropic/prompts/modules/owasp-classic.js +84 -0
  243. package/dist/layer3/anthropic/prompts/modules/owasp-classic.js.map +1 -0
  244. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts +8 -0
  245. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts.map +1 -0
  246. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js +68 -0
  247. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js.map +1 -0
  248. package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts +8 -0
  249. package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts.map +1 -0
  250. package/dist/layer3/anthropic/prompts/modules/xss-prompt.js +22 -0
  251. package/dist/layer3/anthropic/prompts/modules/xss-prompt.js.map +1 -0
  252. package/dist/layer3/anthropic/prompts/validation.d.ts +9 -3
  253. package/dist/layer3/anthropic/prompts/validation.d.ts.map +1 -1
  254. package/dist/layer3/anthropic/prompts/validation.js +14 -410
  255. package/dist/layer3/anthropic/prompts/validation.js.map +1 -1
  256. package/dist/layer3/anthropic/providers/anthropic.d.ts.map +1 -1
  257. package/dist/layer3/anthropic/providers/anthropic.js +6 -3
  258. package/dist/layer3/anthropic/providers/anthropic.js.map +1 -1
  259. package/dist/layer3/anthropic/providers/openai.d.ts.map +1 -1
  260. package/dist/layer3/anthropic/providers/openai.js +6 -3
  261. package/dist/layer3/anthropic/providers/openai.js.map +1 -1
  262. package/dist/layer3/anthropic/request-builder.d.ts +11 -4
  263. package/dist/layer3/anthropic/request-builder.d.ts.map +1 -1
  264. package/dist/layer3/anthropic/request-builder.js +32 -16
  265. package/dist/layer3/anthropic/request-builder.js.map +1 -1
  266. package/dist/layer3/anthropic/utils/context-extractor.d.ts +55 -0
  267. package/dist/layer3/anthropic/utils/context-extractor.d.ts.map +1 -0
  268. package/dist/layer3/anthropic/utils/context-extractor.js +161 -0
  269. package/dist/layer3/anthropic/utils/context-extractor.js.map +1 -0
  270. package/dist/layer3/anthropic/utils/index.d.ts +2 -0
  271. package/dist/layer3/anthropic/utils/index.d.ts.map +1 -1
  272. package/dist/layer3/anthropic/utils/index.js +4 -1
  273. package/dist/layer3/anthropic/utils/index.js.map +1 -1
  274. package/dist/model/auth-helper-detector.d.ts +56 -0
  275. package/dist/model/auth-helper-detector.d.ts.map +1 -0
  276. package/dist/model/auth-helper-detector.js +360 -0
  277. package/dist/model/auth-helper-detector.js.map +1 -0
  278. package/dist/model/cross-file-taint.d.ts +40 -0
  279. package/dist/model/cross-file-taint.d.ts.map +1 -0
  280. package/dist/model/cross-file-taint.js +290 -0
  281. package/dist/model/cross-file-taint.js.map +1 -0
  282. package/dist/model/framework-models/django.d.ts +9 -0
  283. package/dist/model/framework-models/django.d.ts.map +1 -0
  284. package/dist/model/framework-models/django.js +82 -0
  285. package/dist/model/framework-models/django.js.map +1 -0
  286. package/dist/model/framework-models/express.d.ts +9 -0
  287. package/dist/model/framework-models/express.d.ts.map +1 -0
  288. package/dist/model/framework-models/express.js +52 -0
  289. package/dist/model/framework-models/express.js.map +1 -0
  290. package/dist/model/framework-models/index.d.ts +20 -0
  291. package/dist/model/framework-models/index.d.ts.map +1 -0
  292. package/dist/model/framework-models/index.js +102 -0
  293. package/dist/model/framework-models/index.js.map +1 -0
  294. package/dist/model/framework-models/nextjs.d.ts +9 -0
  295. package/dist/model/framework-models/nextjs.d.ts.map +1 -0
  296. package/dist/model/framework-models/nextjs.js +71 -0
  297. package/dist/model/framework-models/nextjs.js.map +1 -0
  298. package/dist/model/framework-models/prisma.d.ts +10 -0
  299. package/dist/model/framework-models/prisma.d.ts.map +1 -0
  300. package/dist/model/framework-models/prisma.js +54 -0
  301. package/dist/model/framework-models/prisma.js.map +1 -0
  302. package/dist/model/framework-models/react.d.ts +9 -0
  303. package/dist/model/framework-models/react.d.ts.map +1 -0
  304. package/dist/model/framework-models/react.js +67 -0
  305. package/dist/model/framework-models/react.js.map +1 -0
  306. package/dist/model/framework-models/sequelize.d.ts +9 -0
  307. package/dist/model/framework-models/sequelize.d.ts.map +1 -0
  308. package/dist/model/framework-models/sequelize.js +62 -0
  309. package/dist/model/framework-models/sequelize.js.map +1 -0
  310. package/dist/model/framework-models/types.d.ts +43 -0
  311. package/dist/model/framework-models/types.d.ts.map +1 -0
  312. package/dist/model/framework-models/types.js +10 -0
  313. package/dist/model/framework-models/types.js.map +1 -0
  314. package/dist/model/function-classifier.d.ts +32 -0
  315. package/dist/model/function-classifier.d.ts.map +1 -0
  316. package/dist/model/function-classifier.js +143 -0
  317. package/dist/model/function-classifier.js.map +1 -0
  318. package/dist/model/import-resolver.d.ts +45 -0
  319. package/dist/model/import-resolver.d.ts.map +1 -0
  320. package/dist/model/import-resolver.js +410 -0
  321. package/dist/model/import-resolver.js.map +1 -0
  322. package/dist/model/imported-auth-detector.d.ts +38 -0
  323. package/dist/model/imported-auth-detector.d.ts.map +1 -0
  324. package/dist/model/imported-auth-detector.js +199 -0
  325. package/dist/model/imported-auth-detector.js.map +1 -0
  326. package/dist/model/index.d.ts +63 -0
  327. package/dist/model/index.d.ts.map +1 -0
  328. package/dist/model/index.js +272 -0
  329. package/dist/model/index.js.map +1 -0
  330. package/dist/model/middleware-detector.d.ts +55 -0
  331. package/dist/model/middleware-detector.d.ts.map +1 -0
  332. package/dist/model/middleware-detector.js +382 -0
  333. package/dist/model/middleware-detector.js.map +1 -0
  334. package/dist/model/module-graph.d.ts +46 -0
  335. package/dist/model/module-graph.d.ts.map +1 -0
  336. package/dist/model/module-graph.js +187 -0
  337. package/dist/model/module-graph.js.map +1 -0
  338. package/dist/model/oauth-flow-detector.d.ts +41 -0
  339. package/dist/model/oauth-flow-detector.d.ts.map +1 -0
  340. package/dist/model/oauth-flow-detector.js +202 -0
  341. package/dist/model/oauth-flow-detector.js.map +1 -0
  342. package/dist/model/project-context.d.ts +119 -0
  343. package/dist/model/project-context.d.ts.map +1 -0
  344. package/dist/model/project-context.js +534 -0
  345. package/dist/model/project-context.js.map +1 -0
  346. package/dist/model/route-auth-resolver.d.ts +27 -0
  347. package/dist/model/route-auth-resolver.d.ts.map +1 -0
  348. package/dist/model/route-auth-resolver.js +182 -0
  349. package/dist/model/route-auth-resolver.js.map +1 -0
  350. package/dist/model/route-discovery/express.d.ts +25 -0
  351. package/dist/model/route-discovery/express.d.ts.map +1 -0
  352. package/dist/model/route-discovery/express.js +225 -0
  353. package/dist/model/route-discovery/express.js.map +1 -0
  354. package/dist/model/route-discovery/index.d.ts +21 -0
  355. package/dist/model/route-discovery/index.d.ts.map +1 -0
  356. package/dist/model/route-discovery/index.js +67 -0
  357. package/dist/model/route-discovery/index.js.map +1 -0
  358. package/dist/model/route-discovery/nextjs.d.ts +16 -0
  359. package/dist/model/route-discovery/nextjs.d.ts.map +1 -0
  360. package/dist/model/route-discovery/nextjs.js +179 -0
  361. package/dist/model/route-discovery/nextjs.js.map +1 -0
  362. package/dist/model/route-discovery/python.d.ts +16 -0
  363. package/dist/model/route-discovery/python.d.ts.map +1 -0
  364. package/dist/model/route-discovery/python.js +181 -0
  365. package/dist/model/route-discovery/python.js.map +1 -0
  366. package/dist/model/route-discovery/types.d.ts +36 -0
  367. package/dist/model/route-discovery/types.d.ts.map +1 -0
  368. package/dist/model/route-discovery/types.js +16 -0
  369. package/dist/model/route-discovery/types.js.map +1 -0
  370. package/dist/model/route-discovery/utils.d.ts +18 -0
  371. package/dist/model/route-discovery/utils.d.ts.map +1 -0
  372. package/dist/model/route-discovery/utils.js +55 -0
  373. package/dist/model/route-discovery/utils.js.map +1 -0
  374. package/dist/model/route-hierarchy.d.ts +50 -0
  375. package/dist/model/route-hierarchy.d.ts.map +1 -0
  376. package/dist/model/route-hierarchy.js +226 -0
  377. package/dist/model/route-hierarchy.js.map +1 -0
  378. package/dist/model/sanitiser-detection.d.ts +27 -0
  379. package/dist/model/sanitiser-detection.d.ts.map +1 -0
  380. package/dist/model/sanitiser-detection.js +224 -0
  381. package/dist/model/sanitiser-detection.js.map +1 -0
  382. package/dist/model/sink-matcher.d.ts +17 -0
  383. package/dist/model/sink-matcher.d.ts.map +1 -0
  384. package/dist/model/sink-matcher.js +141 -0
  385. package/dist/model/sink-matcher.js.map +1 -0
  386. package/dist/model/sink-patterns.d.ts +19 -0
  387. package/dist/model/sink-patterns.d.ts.map +1 -0
  388. package/dist/model/sink-patterns.js +88 -0
  389. package/dist/model/sink-patterns.js.map +1 -0
  390. package/dist/model/source-discovery.d.ts +15 -0
  391. package/dist/model/source-discovery.d.ts.map +1 -0
  392. package/dist/model/source-discovery.js +170 -0
  393. package/dist/model/source-discovery.js.map +1 -0
  394. package/dist/model/taint-tracker.d.ts +21 -0
  395. package/dist/model/taint-tracker.d.ts.map +1 -0
  396. package/dist/model/taint-tracker.js +281 -0
  397. package/dist/model/taint-tracker.js.map +1 -0
  398. package/dist/model/taint-types.d.ts +74 -0
  399. package/dist/model/taint-types.d.ts.map +1 -0
  400. package/dist/model/taint-types.js +9 -0
  401. package/dist/model/taint-types.js.map +1 -0
  402. package/dist/model/trpc-analyzer.d.ts +78 -0
  403. package/dist/model/trpc-analyzer.d.ts.map +1 -0
  404. package/dist/model/trpc-analyzer.js +297 -0
  405. package/dist/model/trpc-analyzer.js.map +1 -0
  406. package/dist/parse/file-classifier.d.ts +228 -0
  407. package/dist/parse/file-classifier.d.ts.map +1 -0
  408. package/dist/parse/file-classifier.js +933 -0
  409. package/dist/parse/file-classifier.js.map +1 -0
  410. package/dist/parse/path-exclusions.d.ts +55 -0
  411. package/dist/parse/path-exclusions.d.ts.map +1 -0
  412. package/dist/parse/path-exclusions.js +224 -0
  413. package/dist/parse/path-exclusions.js.map +1 -0
  414. package/dist/pipeline/config.d.ts +39 -0
  415. package/dist/pipeline/config.d.ts.map +1 -0
  416. package/dist/pipeline/config.js +46 -0
  417. package/dist/pipeline/config.js.map +1 -0
  418. package/dist/pipeline/index.d.ts +34 -0
  419. package/dist/pipeline/index.d.ts.map +1 -0
  420. package/dist/pipeline/index.js +377 -0
  421. package/dist/pipeline/index.js.map +1 -0
  422. package/dist/pipeline/modes/incremental.d.ts +66 -0
  423. package/dist/pipeline/modes/incremental.d.ts.map +1 -0
  424. package/dist/pipeline/modes/incremental.js +200 -0
  425. package/dist/pipeline/modes/incremental.js.map +1 -0
  426. package/dist/postprocess/aggregation.d.ts +14 -0
  427. package/dist/postprocess/aggregation.d.ts.map +1 -0
  428. package/dist/postprocess/aggregation.js +63 -0
  429. package/dist/postprocess/aggregation.js.map +1 -0
  430. package/dist/postprocess/contradictions.d.ts +18 -0
  431. package/dist/postprocess/contradictions.d.ts.map +1 -0
  432. package/dist/postprocess/contradictions.js +99 -0
  433. package/dist/postprocess/contradictions.js.map +1 -0
  434. package/dist/postprocess/dedup.d.ts +13 -0
  435. package/dist/postprocess/dedup.d.ts.map +1 -0
  436. package/dist/postprocess/dedup.js +58 -0
  437. package/dist/postprocess/dedup.js.map +1 -0
  438. package/dist/postprocess/filtering/context-adjustments.d.ts +23 -0
  439. package/dist/postprocess/filtering/context-adjustments.d.ts.map +1 -0
  440. package/dist/postprocess/filtering/context-adjustments.js +100 -0
  441. package/dist/postprocess/filtering/context-adjustments.js.map +1 -0
  442. package/dist/postprocess/filtering/index.d.ts +3 -0
  443. package/dist/postprocess/filtering/index.d.ts.map +1 -0
  444. package/dist/postprocess/filtering/index.js +8 -0
  445. package/dist/postprocess/filtering/index.js.map +1 -0
  446. package/dist/postprocess/filtering/pipeline.d.ts +48 -0
  447. package/dist/postprocess/filtering/pipeline.d.ts.map +1 -0
  448. package/dist/postprocess/filtering/pipeline.js +76 -0
  449. package/dist/postprocess/filtering/pipeline.js.map +1 -0
  450. package/dist/postprocess/index.d.ts +41 -0
  451. package/dist/postprocess/index.d.ts.map +1 -0
  452. package/dist/postprocess/index.js +85 -0
  453. package/dist/postprocess/index.js.map +1 -0
  454. package/dist/postprocess/suppression/config-loader.d.ts +74 -0
  455. package/dist/postprocess/suppression/config-loader.d.ts.map +1 -0
  456. package/dist/postprocess/suppression/config-loader.js +424 -0
  457. package/dist/postprocess/suppression/config-loader.js.map +1 -0
  458. package/dist/postprocess/suppression/hash.d.ts +48 -0
  459. package/dist/postprocess/suppression/hash.d.ts.map +1 -0
  460. package/dist/postprocess/suppression/hash.js +88 -0
  461. package/dist/postprocess/suppression/hash.js.map +1 -0
  462. package/dist/postprocess/suppression/index.d.ts +11 -0
  463. package/dist/postprocess/suppression/index.d.ts.map +1 -0
  464. package/dist/postprocess/suppression/index.js +39 -0
  465. package/dist/postprocess/suppression/index.js.map +1 -0
  466. package/dist/postprocess/suppression/inline-parser.d.ts +39 -0
  467. package/dist/postprocess/suppression/inline-parser.d.ts.map +1 -0
  468. package/dist/postprocess/suppression/inline-parser.js +218 -0
  469. package/dist/postprocess/suppression/inline-parser.js.map +1 -0
  470. package/dist/postprocess/suppression/manager.d.ts +94 -0
  471. package/dist/postprocess/suppression/manager.d.ts.map +1 -0
  472. package/dist/postprocess/suppression/manager.js +292 -0
  473. package/dist/postprocess/suppression/manager.js.map +1 -0
  474. package/dist/postprocess/suppression/types.d.ts +151 -0
  475. package/dist/postprocess/suppression/types.d.ts.map +1 -0
  476. package/dist/postprocess/suppression/types.js +28 -0
  477. package/dist/postprocess/suppression/types.js.map +1 -0
  478. package/dist/postprocess/validation-cap.d.ts +17 -0
  479. package/dist/postprocess/validation-cap.d.ts.map +1 -0
  480. package/dist/postprocess/validation-cap.js +64 -0
  481. package/dist/postprocess/validation-cap.js.map +1 -0
  482. package/dist/report/build-result.d.ts +33 -0
  483. package/dist/report/build-result.d.ts.map +1 -0
  484. package/dist/report/build-result.js +59 -0
  485. package/dist/report/build-result.js.map +1 -0
  486. package/dist/report/enrichment.d.ts +19 -0
  487. package/dist/report/enrichment.d.ts.map +1 -0
  488. package/dist/report/enrichment.js +44 -0
  489. package/dist/report/enrichment.js.map +1 -0
  490. package/dist/report/formatters/ai-context.d.ts +23 -0
  491. package/dist/report/formatters/ai-context.d.ts.map +1 -0
  492. package/dist/report/formatters/ai-context.js +238 -0
  493. package/dist/report/formatters/ai-context.js.map +1 -0
  494. package/dist/report/formatters/cli-terminal.d.ts +65 -0
  495. package/dist/report/formatters/cli-terminal.d.ts.map +1 -0
  496. package/dist/report/formatters/cli-terminal.js +735 -0
  497. package/dist/report/formatters/cli-terminal.js.map +1 -0
  498. package/dist/report/formatters/github-comment.d.ts +41 -0
  499. package/dist/report/formatters/github-comment.d.ts.map +1 -0
  500. package/dist/report/formatters/github-comment.js +370 -0
  501. package/dist/report/formatters/github-comment.js.map +1 -0
  502. package/dist/report/formatters/grouping.d.ts +52 -0
  503. package/dist/report/formatters/grouping.d.ts.map +1 -0
  504. package/dist/report/formatters/grouping.js +152 -0
  505. package/dist/report/formatters/grouping.js.map +1 -0
  506. package/dist/report/formatters/ide/claude-code.d.ts +17 -0
  507. package/dist/report/formatters/ide/claude-code.d.ts.map +1 -0
  508. package/dist/report/formatters/ide/claude-code.js +94 -0
  509. package/dist/report/formatters/ide/claude-code.js.map +1 -0
  510. package/dist/report/formatters/ide/cursor.d.ts +13 -0
  511. package/dist/report/formatters/ide/cursor.d.ts.map +1 -0
  512. package/dist/report/formatters/ide/cursor.js +125 -0
  513. package/dist/report/formatters/ide/cursor.js.map +1 -0
  514. package/dist/report/formatters/ide/index.d.ts +62 -0
  515. package/dist/report/formatters/ide/index.d.ts.map +1 -0
  516. package/dist/report/formatters/ide/index.js +184 -0
  517. package/dist/report/formatters/ide/index.js.map +1 -0
  518. package/dist/report/formatters/ide/windsurf.d.ts +13 -0
  519. package/dist/report/formatters/ide/windsurf.d.ts.map +1 -0
  520. package/dist/report/formatters/ide/windsurf.js +117 -0
  521. package/dist/report/formatters/ide/windsurf.js.map +1 -0
  522. package/dist/report/formatters/index.d.ts +11 -0
  523. package/dist/report/formatters/index.d.ts.map +1 -0
  524. package/dist/report/formatters/index.js +54 -0
  525. package/dist/report/formatters/index.js.map +1 -0
  526. package/dist/report/formatters/vscode-diagnostic.d.ts +103 -0
  527. package/dist/report/formatters/vscode-diagnostic.d.ts.map +1 -0
  528. package/dist/report/formatters/vscode-diagnostic.js +151 -0
  529. package/dist/report/formatters/vscode-diagnostic.js.map +1 -0
  530. package/dist/report/summary.d.ts +27 -0
  531. package/dist/report/summary.d.ts.map +1 -0
  532. package/dist/report/summary.js +57 -0
  533. package/dist/report/summary.js.map +1 -0
  534. package/dist/rules/metadata.d.ts.map +1 -1
  535. package/dist/rules/metadata.js +66 -0
  536. package/dist/rules/metadata.js.map +1 -1
  537. package/dist/score/adjustments.d.ts +22 -0
  538. package/dist/score/adjustments.d.ts.map +1 -0
  539. package/dist/score/adjustments.js +373 -0
  540. package/dist/score/adjustments.js.map +1 -0
  541. package/dist/score/auto-dismiss.d.ts +28 -0
  542. package/dist/score/auto-dismiss.d.ts.map +1 -0
  543. package/dist/score/auto-dismiss.js +200 -0
  544. package/dist/score/auto-dismiss.js.map +1 -0
  545. package/dist/score/confidence.d.ts +19 -0
  546. package/dist/score/confidence.d.ts.map +1 -0
  547. package/dist/score/confidence.js +52 -0
  548. package/dist/score/confidence.js.map +1 -0
  549. package/dist/score/index.d.ts +61 -0
  550. package/dist/score/index.d.ts.map +1 -0
  551. package/dist/score/index.js +250 -0
  552. package/dist/score/index.js.map +1 -0
  553. package/dist/score/types.d.ts +160 -0
  554. package/dist/score/types.d.ts.map +1 -0
  555. package/dist/score/types.js +14 -0
  556. package/dist/score/types.js.map +1 -0
  557. package/dist/shared/ai-context/index.d.ts +6 -0
  558. package/dist/shared/ai-context/index.d.ts.map +1 -0
  559. package/dist/shared/ai-context/index.js +13 -0
  560. package/dist/shared/ai-context/index.js.map +1 -0
  561. package/dist/shared/ai-context/manager.d.ts +67 -0
  562. package/dist/shared/ai-context/manager.d.ts.map +1 -0
  563. package/dist/shared/ai-context/manager.js +104 -0
  564. package/dist/shared/ai-context/manager.js.map +1 -0
  565. package/dist/shared/baseline/diff.d.ts +32 -0
  566. package/dist/shared/baseline/diff.d.ts.map +1 -0
  567. package/dist/shared/baseline/diff.js +119 -0
  568. package/dist/shared/baseline/diff.js.map +1 -0
  569. package/dist/shared/baseline/index.d.ts +9 -0
  570. package/dist/shared/baseline/index.d.ts.map +1 -0
  571. package/dist/shared/baseline/index.js +19 -0
  572. package/dist/shared/baseline/index.js.map +1 -0
  573. package/dist/shared/baseline/manager.d.ts +67 -0
  574. package/dist/shared/baseline/manager.d.ts.map +1 -0
  575. package/dist/shared/baseline/manager.js +180 -0
  576. package/dist/shared/baseline/manager.js.map +1 -0
  577. package/dist/shared/baseline/types.d.ts +91 -0
  578. package/dist/shared/baseline/types.d.ts.map +1 -0
  579. package/dist/shared/baseline/types.js +12 -0
  580. package/dist/shared/baseline/types.js.map +1 -0
  581. package/dist/shared/category-filter.d.ts +125 -0
  582. package/dist/shared/category-filter.d.ts.map +1 -0
  583. package/dist/shared/category-filter.js +360 -0
  584. package/dist/shared/category-filter.js.map +1 -0
  585. package/dist/shared/code-analysis.d.ts +39 -0
  586. package/dist/shared/code-analysis.d.ts.map +1 -0
  587. package/dist/shared/code-analysis.js +159 -0
  588. package/dist/shared/code-analysis.js.map +1 -0
  589. package/dist/shared/comment-analyzer.d.ts +38 -0
  590. package/dist/shared/comment-analyzer.d.ts.map +1 -0
  591. package/dist/shared/comment-analyzer.js +218 -0
  592. package/dist/shared/comment-analyzer.js.map +1 -0
  593. package/dist/shared/diff-detector.d.ts +53 -0
  594. package/dist/shared/diff-detector.d.ts.map +1 -0
  595. package/dist/shared/diff-detector.js +104 -0
  596. package/dist/shared/diff-detector.js.map +1 -0
  597. package/dist/shared/diff-parser.d.ts +80 -0
  598. package/dist/shared/diff-parser.d.ts.map +1 -0
  599. package/dist/shared/diff-parser.js +202 -0
  600. package/dist/shared/diff-parser.js.map +1 -0
  601. package/dist/shared/environment-context.d.ts +76 -0
  602. package/dist/shared/environment-context.d.ts.map +1 -0
  603. package/dist/shared/environment-context.js +271 -0
  604. package/dist/shared/environment-context.js.map +1 -0
  605. package/dist/shared/intent-detector.d.ts +66 -0
  606. package/dist/shared/intent-detector.d.ts.map +1 -0
  607. package/dist/shared/intent-detector.js +282 -0
  608. package/dist/shared/intent-detector.js.map +1 -0
  609. package/dist/shared/parsed-file.d.ts +51 -0
  610. package/dist/shared/parsed-file.d.ts.map +1 -0
  611. package/dist/shared/parsed-file.js +95 -0
  612. package/dist/shared/parsed-file.js.map +1 -0
  613. package/dist/shared/registry-clients.d.ts +93 -0
  614. package/dist/shared/registry-clients.d.ts.map +1 -0
  615. package/dist/shared/registry-clients.js +273 -0
  616. package/dist/shared/registry-clients.js.map +1 -0
  617. package/dist/shared/rules/framework-fixes.d.ts +48 -0
  618. package/dist/shared/rules/framework-fixes.d.ts.map +1 -0
  619. package/dist/shared/rules/framework-fixes.js +439 -0
  620. package/dist/shared/rules/framework-fixes.js.map +1 -0
  621. package/dist/shared/rules/index.d.ts +8 -0
  622. package/dist/shared/rules/index.d.ts.map +1 -0
  623. package/dist/shared/rules/index.js +18 -0
  624. package/dist/shared/rules/index.js.map +1 -0
  625. package/dist/shared/rules/metadata.d.ts +43 -0
  626. package/dist/shared/rules/metadata.d.ts.map +1 -0
  627. package/dist/shared/rules/metadata.js +819 -0
  628. package/dist/shared/rules/metadata.js.map +1 -0
  629. package/dist/shared/schema-semantics.d.ts +45 -0
  630. package/dist/shared/schema-semantics.d.ts.map +1 -0
  631. package/dist/shared/schema-semantics.js +193 -0
  632. package/dist/shared/schema-semantics.js.map +1 -0
  633. package/dist/shared/types.d.ts +337 -0
  634. package/dist/shared/types.d.ts.map +1 -0
  635. package/dist/shared/types.js +126 -0
  636. package/dist/shared/types.js.map +1 -0
  637. package/dist/tiers.d.ts +2 -2
  638. package/dist/tiers.d.ts.map +1 -1
  639. package/dist/tiers.js +10 -0
  640. package/dist/tiers.js.map +1 -1
  641. package/dist/types.d.ts +1 -1
  642. package/dist/types.d.ts.map +1 -1
  643. package/dist/types.js.map +1 -1
  644. package/dist/validate/clients.d.ts +44 -0
  645. package/dist/validate/clients.d.ts.map +1 -0
  646. package/dist/validate/clients.js +81 -0
  647. package/dist/validate/clients.js.map +1 -0
  648. package/dist/validate/index.d.ts +41 -0
  649. package/dist/validate/index.d.ts.map +1 -0
  650. package/dist/validate/index.js +141 -0
  651. package/dist/validate/index.js.map +1 -0
  652. package/dist/validate/prompts/index.d.ts +8 -0
  653. package/dist/validate/prompts/index.d.ts.map +1 -0
  654. package/dist/validate/prompts/index.js +16 -0
  655. package/dist/validate/prompts/index.js.map +1 -0
  656. package/dist/validate/prompts/modules/ai-patterns.d.ts +19 -0
  657. package/dist/validate/prompts/modules/ai-patterns.d.ts.map +1 -0
  658. package/dist/validate/prompts/modules/ai-patterns.js +156 -0
  659. package/dist/validate/prompts/modules/ai-patterns.js.map +1 -0
  660. package/dist/validate/prompts/modules/auth-access.d.ts +9 -0
  661. package/dist/validate/prompts/modules/auth-access.d.ts.map +1 -0
  662. package/dist/validate/prompts/modules/auth-access.js +25 -0
  663. package/dist/validate/prompts/modules/auth-access.js.map +1 -0
  664. package/dist/validate/prompts/modules/common.d.ts +11 -0
  665. package/dist/validate/prompts/modules/common.d.ts.map +1 -0
  666. package/dist/validate/prompts/modules/common.js +186 -0
  667. package/dist/validate/prompts/modules/common.js.map +1 -0
  668. package/dist/validate/prompts/modules/index.d.ts +54 -0
  669. package/dist/validate/prompts/modules/index.d.ts.map +1 -0
  670. package/dist/validate/prompts/modules/index.js +186 -0
  671. package/dist/validate/prompts/modules/index.js.map +1 -0
  672. package/dist/validate/prompts/modules/owasp-classic.d.ts +8 -0
  673. package/dist/validate/prompts/modules/owasp-classic.d.ts.map +1 -0
  674. package/dist/validate/prompts/modules/owasp-classic.js +84 -0
  675. package/dist/validate/prompts/modules/owasp-classic.js.map +1 -0
  676. package/dist/validate/prompts/modules/secrets-crypto.d.ts +8 -0
  677. package/dist/validate/prompts/modules/secrets-crypto.d.ts.map +1 -0
  678. package/dist/validate/prompts/modules/secrets-crypto.js +68 -0
  679. package/dist/validate/prompts/modules/secrets-crypto.js.map +1 -0
  680. package/dist/validate/prompts/modules/xss-prompt.d.ts +8 -0
  681. package/dist/validate/prompts/modules/xss-prompt.d.ts.map +1 -0
  682. package/dist/validate/prompts/modules/xss-prompt.js +22 -0
  683. package/dist/validate/prompts/modules/xss-prompt.js.map +1 -0
  684. package/dist/validate/prompts/semantic-analysis.d.ts +15 -0
  685. package/dist/validate/prompts/semantic-analysis.d.ts.map +1 -0
  686. package/dist/validate/prompts/semantic-analysis.js +169 -0
  687. package/dist/validate/prompts/semantic-analysis.js.map +1 -0
  688. package/dist/validate/prompts/validation.d.ts +18 -0
  689. package/dist/validate/prompts/validation.d.ts.map +1 -0
  690. package/dist/validate/prompts/validation.js +25 -0
  691. package/dist/validate/prompts/validation.js.map +1 -0
  692. package/dist/validate/providers/anthropic.d.ts +17 -0
  693. package/dist/validate/providers/anthropic.d.ts.map +1 -0
  694. package/dist/validate/providers/anthropic.js +260 -0
  695. package/dist/validate/providers/anthropic.js.map +1 -0
  696. package/dist/validate/providers/index.d.ts +8 -0
  697. package/dist/validate/providers/index.d.ts.map +1 -0
  698. package/dist/validate/providers/index.js +13 -0
  699. package/dist/validate/providers/index.js.map +1 -0
  700. package/dist/validate/providers/openai.d.ts +14 -0
  701. package/dist/validate/providers/openai.d.ts.map +1 -0
  702. package/dist/validate/providers/openai.js +336 -0
  703. package/dist/validate/providers/openai.js.map +1 -0
  704. package/dist/validate/request-builder.d.ts +61 -0
  705. package/dist/validate/request-builder.d.ts.map +1 -0
  706. package/dist/validate/request-builder.js +346 -0
  707. package/dist/validate/request-builder.js.map +1 -0
  708. package/dist/validate/types.d.ts +88 -0
  709. package/dist/validate/types.d.ts.map +1 -0
  710. package/dist/validate/types.js +38 -0
  711. package/dist/validate/types.js.map +1 -0
  712. package/dist/validate/utils/context-extractor.d.ts +55 -0
  713. package/dist/validate/utils/context-extractor.d.ts.map +1 -0
  714. package/dist/validate/utils/context-extractor.js +161 -0
  715. package/dist/validate/utils/context-extractor.js.map +1 -0
  716. package/dist/validate/utils/index.d.ts +11 -0
  717. package/dist/validate/utils/index.d.ts.map +1 -0
  718. package/dist/validate/utils/index.js +27 -0
  719. package/dist/validate/utils/index.js.map +1 -0
  720. package/dist/validate/utils/path-helpers.d.ts +21 -0
  721. package/dist/validate/utils/path-helpers.d.ts.map +1 -0
  722. package/dist/validate/utils/path-helpers.js +69 -0
  723. package/dist/validate/utils/path-helpers.js.map +1 -0
  724. package/dist/validate/utils/response-parser.d.ts +40 -0
  725. package/dist/validate/utils/response-parser.d.ts.map +1 -0
  726. package/dist/validate/utils/response-parser.js +286 -0
  727. package/dist/validate/utils/response-parser.js.map +1 -0
  728. package/dist/validate/utils/retry.d.ts +15 -0
  729. package/dist/validate/utils/retry.d.ts.map +1 -0
  730. package/dist/validate/utils/retry.js +62 -0
  731. package/dist/validate/utils/retry.js.map +1 -0
  732. package/package.json +8 -7
  733. package/src/__tests__/benchmark/fixtures/layer1/agent-skill-injection.ts +204 -0
  734. package/src/__tests__/benchmark/fixtures/layer1/index.ts +3 -0
  735. package/src/__tests__/benchmark/fixtures/layer2/index.ts +15 -0
  736. package/src/__tests__/benchmark/fixtures/layer2/log-injection.ts +147 -0
  737. package/src/__tests__/benchmark/fixtures/layer2/security-headers.ts +197 -0
  738. package/src/__tests__/benchmark/fixtures/layer2/ssrf-detection.ts +210 -0
  739. package/src/__tests__/benchmark/fixtures/layer2/xxe-detection.ts +195 -0
  740. package/src/__tests__/benchmark/run-depth-validation.ts +3 -3
  741. package/src/__tests__/benchmark/run-real-world-test.ts +4 -4
  742. package/src/__tests__/benchmark/types.ts +1 -1
  743. package/src/__tests__/benchmark/utils/test-runner.ts +3 -3
  744. package/src/__tests__/category-filter.test.ts +2 -2
  745. package/src/__tests__/context-engine/cross-file-taint.test.ts +284 -0
  746. package/src/__tests__/context-engine/framework-models.test.ts +457 -0
  747. package/src/__tests__/context-engine/function-classifier.test.ts +146 -0
  748. package/src/__tests__/context-engine/import-resolver.test.ts +328 -0
  749. package/src/__tests__/context-engine/integration.test.ts +320 -0
  750. package/src/__tests__/context-engine/module-graph.test.ts +159 -0
  751. package/src/__tests__/context-engine/route-discovery/auth-resolver.test.ts +353 -0
  752. package/src/__tests__/context-engine/route-discovery/express.test.ts +150 -0
  753. package/src/__tests__/context-engine/route-discovery/nextjs.test.ts +138 -0
  754. package/src/__tests__/context-engine/route-discovery/python.test.ts +95 -0
  755. package/src/__tests__/context-engine/sanitiser-detection.test.ts +187 -0
  756. package/src/__tests__/context-engine/sink-matcher.test.ts +251 -0
  757. package/src/__tests__/context-engine/source-discovery.test.ts +186 -0
  758. package/src/__tests__/context-engine/taint-tracker.test.ts +182 -0
  759. package/src/__tests__/regression/agent-skill-benign.test.ts +174 -0
  760. package/src/__tests__/regression/known-false-positives.test.ts +312 -4
  761. package/src/__tests__/score/adjustments.test.ts +385 -0
  762. package/src/__tests__/score/confidence.test.ts +283 -0
  763. package/src/__tests__/score/framework-scoring.test.ts +275 -0
  764. package/src/__tests__/score/route-scoring.test.ts +156 -0
  765. package/src/__tests__/score/scoring-integration.test.ts +165 -0
  766. package/src/__tests__/score/taint-adjustments.test.ts +244 -0
  767. package/src/__tests__/snapshots/__snapshots__/anthropic-validation-refactor.test.ts.snap +37 -49
  768. package/src/__tests__/snapshots/__snapshots__/dangerous-functions-refactor.test.ts.snap +52 -0
  769. package/src/__tests__/snapshots/__snapshots__/scan-depth.test.ts.snap +3 -3
  770. package/src/__tests__/snapshots/anthropic-validation-refactor.test.ts +2 -2
  771. package/src/__tests__/snapshots/dangerous-functions-refactor.test.ts +1 -1
  772. package/src/__tests__/snapshots/scan-depth.test.ts +3 -3
  773. package/src/__tests__/validate/route-annotations.test.ts +138 -0
  774. package/src/__tests__/validation/analyze-results.ts +1 -1
  775. package/src/__tests__/validation/extract-for-triage.ts +1 -1
  776. package/src/__tests__/validation/fp-deep-analysis.ts +1 -1
  777. package/src/{layer2/ai-agent-tools.ts → detect/ai-code/agent-tools.ts} +23 -3
  778. package/src/{layer2 → detect/ai-code}/byok-patterns.ts +17 -5
  779. package/src/{layer2/ai-endpoint-protection.ts → detect/ai-code/endpoint-protection.ts} +8 -4
  780. package/src/{layer2/ai-execution-sinks.ts → detect/ai-code/execution-sinks.ts} +8 -4
  781. package/src/{layer2/ai-fingerprinting.ts → detect/ai-code/fingerprinting.ts} +20 -4
  782. package/src/detect/ai-code/index.ts +11 -0
  783. package/src/{layer2/ai-mcp-security.ts → detect/ai-code/mcp-security.ts} +7 -3
  784. package/src/{layer2 → detect/ai-code}/model-supply-chain.ts +7 -3
  785. package/src/{layer2/ai-package-hallucination.ts → detect/ai-code/package-hallucination.ts} +18 -3
  786. package/src/{layer2/ai-prompt-hygiene.ts → detect/ai-code/prompt-hygiene.ts} +25 -3
  787. package/src/{layer2/ai-rag-safety.ts → detect/ai-code/rag-safety.ts} +7 -3
  788. package/src/{layer2/ai-schema-validation.ts → detect/ai-code/schema-validation.ts} +7 -3
  789. package/src/detect/config/agent-skill-injection.ts +551 -0
  790. package/src/{layer1 → detect/config}/comments.ts +6 -2
  791. package/src/{layer1 → detect/config}/file-flags.ts +9 -3
  792. package/src/detect/config/index.ts +6 -0
  793. package/src/{layer3 → detect/config}/osv-check.ts +3 -2
  794. package/src/{layer3 → detect/config}/package-check.ts +3 -2
  795. package/src/{layer1 → detect/config}/urls.ts +12 -5
  796. package/src/detect/index.ts +131 -0
  797. package/src/{layer1 → detect/secrets}/config-audit.ts +7 -2
  798. package/src/{layer1 → detect/secrets}/config-mcp-audit.ts +8 -3
  799. package/src/{layer1 → detect/secrets}/entropy.ts +23 -11
  800. package/src/{layer1 → detect/secrets}/index.ts +31 -30
  801. package/src/{layer1 → detect/secrets}/patterns.ts +10 -3
  802. package/src/{layer1 → detect/secrets}/weak-crypto.ts +7 -2
  803. package/src/{layer2/auth-antipatterns.ts → detect/structural/auth-patterns.ts} +23 -11
  804. package/src/{layer2 → detect/structural}/dangerous-functions/dom-xss.ts +1 -1
  805. package/src/{layer2 → detect/structural}/dangerous-functions/index.ts +47 -24
  806. package/src/{layer2 → detect/structural}/dangerous-functions/json-parse.ts +10 -2
  807. package/src/{layer2 → detect/structural}/dangerous-functions/math-random.ts +2 -2
  808. package/src/{layer2 → detect/structural}/dangerous-functions/patterns.ts +1 -1
  809. package/src/{layer2 → detect/structural}/dangerous-functions/request-validation.ts +10 -2
  810. package/src/{layer2 → detect/structural}/dangerous-functions/utils/control-flow.ts +2 -2
  811. package/src/{layer2 → detect/structural}/data-exposure.ts +11 -3
  812. package/src/{layer2 → detect/structural}/framework-checks.ts +10 -11
  813. package/src/{layer2 → detect/structural}/index.ts +80 -77
  814. package/src/detect/structural/log-injection.ts +254 -0
  815. package/src/{layer2 → detect/structural}/logic-gates.ts +13 -5
  816. package/src/{layer2 → detect/structural}/risky-imports.ts +7 -3
  817. package/src/detect/structural/security-headers.ts +231 -0
  818. package/src/detect/structural/ssrf-detection.ts +300 -0
  819. package/src/{layer2 → detect/structural}/variables.ts +7 -3
  820. package/src/detect/structural/xxe-detection.ts +295 -0
  821. package/src/index.ts +39 -1291
  822. package/src/{utils → model}/auth-helper-detector.ts +1 -1
  823. package/src/model/cross-file-taint.ts +374 -0
  824. package/src/model/framework-models/django.ts +82 -0
  825. package/src/model/framework-models/express.ts +54 -0
  826. package/src/model/framework-models/index.ts +116 -0
  827. package/src/model/framework-models/nextjs.ts +69 -0
  828. package/src/model/framework-models/prisma.ts +57 -0
  829. package/src/model/framework-models/react.ts +63 -0
  830. package/src/model/framework-models/sequelize.ts +63 -0
  831. package/src/model/framework-models/types.ts +46 -0
  832. package/src/model/function-classifier.ts +184 -0
  833. package/src/model/import-resolver.ts +453 -0
  834. package/src/{utils → model}/imported-auth-detector.ts +21 -85
  835. package/src/model/index.ts +353 -0
  836. package/src/{utils → model}/middleware-detector.ts +156 -17
  837. package/src/model/module-graph.ts +254 -0
  838. package/src/{utils → model}/oauth-flow-detector.ts +1 -1
  839. package/src/{utils/project-context-builder.ts → model/project-context.ts} +1 -1
  840. package/src/model/route-auth-resolver.ts +216 -0
  841. package/src/model/route-discovery/express.ts +251 -0
  842. package/src/model/route-discovery/index.ts +83 -0
  843. package/src/model/route-discovery/nextjs.ts +216 -0
  844. package/src/model/route-discovery/python.ts +214 -0
  845. package/src/model/route-discovery/types.ts +48 -0
  846. package/src/model/route-discovery/utils.ts +54 -0
  847. package/src/model/sanitiser-detection.ts +268 -0
  848. package/src/model/sink-matcher.ts +178 -0
  849. package/src/model/sink-patterns.ts +109 -0
  850. package/src/model/source-discovery.ts +209 -0
  851. package/src/model/taint-tracker.ts +333 -0
  852. package/src/model/taint-types.ts +149 -0
  853. package/src/{utils → model}/trpc-analyzer.ts +1 -1
  854. package/src/{utils/context-helpers.ts → parse/file-classifier.ts} +54 -0
  855. package/src/{utils → parse}/path-exclusions.ts +1 -1
  856. package/src/pipeline/config.ts +81 -0
  857. package/src/pipeline/index.ts +437 -0
  858. package/src/{modes → pipeline/modes}/incremental.ts +5 -5
  859. package/src/postprocess/aggregation.ts +74 -0
  860. package/src/postprocess/contradictions.ts +128 -0
  861. package/src/postprocess/dedup.ts +62 -0
  862. package/src/{filtering → postprocess/filtering}/__tests__/pipeline.test.ts +1 -1
  863. package/src/{filtering → postprocess/filtering}/context-adjustments.ts +2 -2
  864. package/src/{filtering → postprocess/filtering}/pipeline.ts +2 -2
  865. package/src/postprocess/index.ts +118 -0
  866. package/src/{suppression → postprocess/suppression}/config-loader.ts +1 -1
  867. package/src/{suppression → postprocess/suppression}/hash.ts +1 -1
  868. package/src/{suppression → postprocess/suppression}/inline-parser.ts +1 -1
  869. package/src/{suppression → postprocess/suppression}/manager.ts +1 -1
  870. package/src/{suppression → postprocess/suppression}/types.ts +2 -2
  871. package/src/postprocess/validation-cap.ts +66 -0
  872. package/src/report/build-result.ts +94 -0
  873. package/src/report/enrichment.ts +52 -0
  874. package/src/{formatters → report/formatters}/ai-context.ts +1 -1
  875. package/src/{formatters → report/formatters}/cli-terminal.ts +11 -11
  876. package/src/{formatters → report/formatters}/github-comment.ts +1 -1
  877. package/src/{formatters → report/formatters}/grouping.ts +8 -8
  878. package/src/{formatters → report/formatters}/ide/claude-code.ts +1 -1
  879. package/src/{formatters → report/formatters}/ide/cursor.ts +1 -1
  880. package/src/{formatters → report/formatters}/ide/windsurf.ts +1 -1
  881. package/src/{formatters → report/formatters}/vscode-diagnostic.ts +1 -1
  882. package/src/report/summary.ts +70 -0
  883. package/src/score/adjustments.ts +387 -0
  884. package/src/{layer3/anthropic → score}/auto-dismiss.ts +15 -14
  885. package/src/score/confidence.ts +66 -0
  886. package/src/score/index.ts +316 -0
  887. package/src/score/types.ts +187 -0
  888. package/src/{baseline → shared/baseline}/__tests__/diff.test.ts +2 -2
  889. package/src/{baseline → shared/baseline}/diff.ts +1 -1
  890. package/src/{baseline → shared/baseline}/manager.ts +1 -1
  891. package/src/{category-filter.ts → shared/category-filter.ts} +1 -1
  892. package/src/{utils → shared}/code-analysis.ts +1 -1
  893. package/src/{rules → shared/rules}/__tests__/metadata.test.ts +7 -0
  894. package/src/{rules → shared/rules}/framework-fixes.ts +1 -1
  895. package/src/{rules → shared/rules}/metadata.ts +94 -0
  896. package/src/{types.ts → shared/types.ts} +22 -5
  897. package/src/tiers.ts +18 -1
  898. package/src/validate/__tests__/context-extractor.test.ts +191 -0
  899. package/src/validate/__tests__/prompt-assembly.test.ts +233 -0
  900. package/src/validate/__tests__/request-builder.test.ts +347 -0
  901. package/src/{layer3/anthropic → validate}/index.ts +8 -7
  902. package/src/{layer3/anthropic → validate}/prompts/index.ts +2 -0
  903. package/src/validate/prompts/modules/ai-patterns.ts +153 -0
  904. package/src/validate/prompts/modules/auth-access.ts +22 -0
  905. package/src/validate/prompts/modules/common.ts +183 -0
  906. package/src/validate/prompts/modules/index.ts +204 -0
  907. package/src/validate/prompts/modules/owasp-classic.ts +81 -0
  908. package/src/validate/prompts/modules/secrets-crypto.ts +65 -0
  909. package/src/validate/prompts/modules/xss-prompt.ts +19 -0
  910. package/src/validate/prompts/validation.ts +20 -0
  911. package/src/{layer3/anthropic → validate}/providers/anthropic.ts +28 -27
  912. package/src/validate/providers/index.ts +8 -0
  913. package/src/{layer3/anthropic → validate}/providers/openai.ts +30 -25
  914. package/src/validate/request-builder.ts +448 -0
  915. package/src/{layer3/anthropic → validate}/types.ts +1 -1
  916. package/src/validate/utils/context-extractor.ts +220 -0
  917. package/src/{layer3/anthropic → validate}/utils/index.ts +10 -0
  918. package/src/{layer3/anthropic → validate}/utils/response-parser.ts +2 -1
  919. package/src/layer3/anthropic/prompts/validation.ts +0 -419
  920. package/src/layer3/anthropic/providers/index.ts +0 -8
  921. package/src/layer3/anthropic/request-builder.ts +0 -150
  922. package/src/layer3/index.ts +0 -168
  923. /package/src/{layer3 → detect/config}/__tests__/osv-check.test.ts +0 -0
  924. /package/src/{layer2 → detect/structural}/__tests__/math-random-enhanced.test.ts +0 -0
  925. /package/src/{layer2 → detect/structural}/dangerous-functions/child-process.ts +0 -0
  926. /package/src/{layer2 → detect/structural}/dangerous-functions/utils/helpers.ts +0 -0
  927. /package/src/{layer2 → detect/structural}/dangerous-functions/utils/index.ts +0 -0
  928. /package/src/{layer2 → detect/structural}/dangerous-functions/utils/schema-validation.ts +0 -0
  929. /package/src/{utils → model}/route-hierarchy.ts +0 -0
  930. /package/src/{filtering → postprocess/filtering}/index.ts +0 -0
  931. /package/src/{suppression → postprocess/suppression}/__tests__/config-loader.test.ts +0 -0
  932. /package/src/{suppression → postprocess/suppression}/__tests__/hash.test.ts +0 -0
  933. /package/src/{suppression → postprocess/suppression}/__tests__/inline-parser.test.ts +0 -0
  934. /package/src/{suppression → postprocess/suppression}/__tests__/manager.test.ts +0 -0
  935. /package/src/{suppression → postprocess/suppression}/index.ts +0 -0
  936. /package/src/{formatters → report/formatters}/__tests__/ai-context.test.ts +0 -0
  937. /package/src/{formatters → report/formatters}/ide/__tests__/ide.test.ts +0 -0
  938. /package/src/{formatters → report/formatters}/ide/index.ts +0 -0
  939. /package/src/{formatters → report/formatters}/index.ts +0 -0
  940. /package/src/{utils → shared}/__tests__/code-analysis.test.ts +0 -0
  941. /package/src/{utils → shared}/__tests__/parsed-file.test.ts +0 -0
  942. /package/src/{ai-context → shared/ai-context}/__tests__/manager.test.ts +0 -0
  943. /package/src/{ai-context → shared/ai-context}/index.ts +0 -0
  944. /package/src/{ai-context → shared/ai-context}/manager.ts +0 -0
  945. /package/src/{baseline → shared/baseline}/__tests__/manager.test.ts +0 -0
  946. /package/src/{baseline → shared/baseline}/index.ts +0 -0
  947. /package/src/{baseline → shared/baseline}/types.ts +0 -0
  948. /package/src/{utils → shared}/comment-analyzer.ts +0 -0
  949. /package/src/{utils → shared}/diff-detector.ts +0 -0
  950. /package/src/{utils → shared}/diff-parser.ts +0 -0
  951. /package/src/{utils → shared}/environment-context.ts +0 -0
  952. /package/src/{utils → shared}/intent-detector.ts +0 -0
  953. /package/src/{utils → shared}/parsed-file.ts +0 -0
  954. /package/src/{utils → shared}/registry-clients.ts +0 -0
  955. /package/src/{rules → shared/rules}/__tests__/framework-fixes.test.ts +0 -0
  956. /package/src/{rules → shared/rules}/index.ts +0 -0
  957. /package/src/{utils → shared}/schema-semantics.ts +0 -0
  958. /package/src/{layer3/anthropic → validate}/clients.ts +0 -0
  959. /package/src/{layer3/anthropic → validate}/prompts/semantic-analysis.ts +0 -0
  960. /package/src/{layer3/anthropic → validate}/utils/path-helpers.ts +0 -0
  961. /package/src/{layer3/anthropic → validate}/utils/retry.ts +0 -0
package/dist/report/formatters/grouping.js ADDED
@@ -0,0 +1,152 @@
1
+ "use strict";
2
+ /**
3
+ * Finding Grouping Logic
4
+ * Groups and sorts vulnerabilities for workflow-friendly output
5
+ */
6
+ Object.defineProperty(exports, "__esModule", { value: true });
7
+ exports.THEME_CONFIG = void 0;
8
+ exports.getRiskTheme = getRiskTheme;
9
+ exports.groupByTheme = groupByTheme;
10
+ exports.limitPerGroup = limitPerGroup;
11
+ exports.sortBySeverity = sortBySeverity;
12
+ exports.getBlockingIssues = getBlockingIssues;
13
+ exports.getActionableIssues = getActionableIssues;
14
+ /**
15
+ * Map categories to risk themes
16
+ */
17
+ function getRiskTheme(category) {
18
+ switch (category) {
19
+ case 'hardcoded_secret':
20
+ case 'high_entropy_string':
21
+ case 'sensitive_url':
22
+ return 'secrets';
23
+ case 'sql_injection':
24
+ case 'xss':
25
+ case 'command_injection':
26
+ case 'dangerous_function':
27
+ return 'injection';
28
+ case 'missing_auth':
29
+ case 'security_bypass':
30
+ return 'auth';
31
+ case 'ai_pattern':
32
+ case 'ai_prompt_injection':
33
+ case 'ai_unsafe_execution':
34
+ case 'ai_overpermissive_tool':
35
+ return 'ai';
36
+ case 'insecure_config':
37
+ case 'cors_misconfiguration':
38
+ case 'root_container':
39
+ case 'dangerous_file':
40
+ case 'weak_crypto':
41
+ return 'config';
42
+ case 'data_exposure':
43
+ case 'sensitive_variable':
44
+ return 'data';
45
+ default:
46
+ return 'other';
47
+ }
48
+ }
49
+ /**
50
+ * Theme display names and icons
51
+ */
52
+ exports.THEME_CONFIG = {
53
+ secrets: { name: 'Secrets & Credentials', icon: '*', priority: 1 },
54
+ injection: { name: 'Injection Vulnerabilities', icon: '*', priority: 2 },
55
+ auth: { name: 'Authentication Issues', icon: '*', priority: 3 },
56
+ ai: { name: 'AI Security', icon: '*', priority: 4 },
57
+ config: { name: 'Configuration Issues', icon: '*', priority: 5 },
58
+ data: { name: 'Data Exposure', icon: '*', priority: 6 },
59
+ other: { name: 'Other Issues', icon: '*', priority: 7 },
60
+ };
61
+ /**
62
+ * Severity sort order (higher = more severe)
63
+ */
64
+ const SEVERITY_ORDER = {
65
+ critical: 5,
66
+ high: 4,
67
+ medium: 3,
68
+ low: 2,
69
+ info: 1,
70
+ };
71
+ /**
72
+ * Group vulnerabilities by risk theme
73
+ */
74
+ function groupByTheme(vulnerabilities) {
75
+ // Group by theme
76
+ const groups = new Map();
77
+ for (const vuln of vulnerabilities) {
78
+ const theme = getRiskTheme(vuln.category);
79
+ if (!groups.has(theme)) {
80
+ groups.set(theme, []);
81
+ }
82
+ groups.get(theme).push(vuln);
83
+ }
84
+ // Convert to array and sort
85
+ const result = [];
86
+ for (const [theme, findings] of groups) {
87
+ // Sort findings within group: severity desc, then confidence desc
88
+ findings.sort((a, b) => {
89
+ const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
90
+ if (severityDiff !== 0)
91
+ return severityDiff;
92
+ const confidenceOrder = { high: 3, medium: 2, low: 1 };
93
+ return confidenceOrder[b.confidence] - confidenceOrder[a.confidence];
94
+ });
95
+ // Count severities
96
+ const severityCounts = {
97
+ critical: 0,
98
+ high: 0,
99
+ medium: 0,
100
+ low: 0,
101
+ info: 0,
102
+ };
103
+ for (const f of findings) {
104
+ severityCounts[f.severity]++;
105
+ }
106
+ const config = exports.THEME_CONFIG[theme];
107
+ result.push({
108
+ theme,
109
+ themeName: config.name,
110
+ themeIcon: config.icon,
111
+ findings,
112
+ severityCounts,
113
+ });
114
+ }
115
+ // Sort groups by theme priority
116
+ result.sort((a, b) => exports.THEME_CONFIG[a.theme].priority - exports.THEME_CONFIG[b.theme].priority);
117
+ return result;
118
+ }
119
+ /**
120
+ * Limit findings per group to avoid overwhelming output
121
+ */
122
+ function limitPerGroup(groups, maxPerGroup = 10) {
123
+ return groups.map(group => ({
124
+ ...group,
125
+ findings: group.findings.slice(0, maxPerGroup),
126
+ }));
127
+ }
128
+ /**
129
+ * Get findings sorted by severity across all groups
130
+ */
131
+ function sortBySeverity(vulnerabilities) {
132
+ return [...vulnerabilities].sort((a, b) => {
133
+ const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
134
+ if (severityDiff !== 0)
135
+ return severityDiff;
136
+ const confidenceOrder = { high: 3, medium: 2, low: 1 };
137
+ return confidenceOrder[b.confidence] - confidenceOrder[a.confidence];
138
+ });
139
+ }
140
+ /**
141
+ * Filter to only blocking issues (critical/high)
142
+ */
143
+ function getBlockingIssues(vulnerabilities) {
144
+ return vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high');
145
+ }
146
+ /**
147
+ * Filter to actionable issues (medium and above)
148
+ */
149
+ function getActionableIssues(vulnerabilities) {
150
+ return vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high' || v.severity === 'medium');
151
+ }
152
+ //# sourceMappingURL=grouping.js.map
package/dist/report/formatters/grouping.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"grouping.js","sourceRoot":"","sources":["../../../src/report/formatters/grouping.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAmBH,oCAqCC;AAwCD,oCAmDC;AAKD,sCAKC;AAKD,wCAQC;AAKD,8CAEC;AAKD,kDAIC;AA1KD;;GAEG;AACH,SAAgB,YAAY,CAAC,QAA+B;IAC1D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,kBAAkB,CAAC;QACxB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,eAAe;YAClB,OAAO,SAAS,CAAA;QAElB,KAAK,eAAe,CAAC;QACrB,KAAK,KAAK,CAAC;QACX,KAAK,mBAAmB,CAAC;QACzB,KAAK,oBAAoB;YACvB,OAAO,WAAW,CAAA;QAEpB,KAAK,cAAc,CAAC;QACpB,KAAK,iBAAiB;YACpB,OAAO,MAAM,CAAA;QAEf,KAAK,YAAY,CAAC;QAClB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,qBAAqB,CAAC;QAC3B,KAAK,wBAAwB;YAC3B,OAAO,IAAI,CAAA;QAEb,KAAK,iBAAiB,CAAC;QACvB,KAAK,uBAAuB,CAAC;QAC7B,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,aAAa;YAChB,OAAO,QAAQ,CAAA;QAEjB,KAAK,eAAe,CAAC;QACrB,KAAK,oBAAoB;YACvB,OAAO,MAAM,CAAA;QAEf;YACE,OAAO,OAAO,CAAA;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACU,QAAA,YAAY,GAAwE;IAC/F,OAAO,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;IAClE,SAAS,EAAE,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;IACxE,IAAI,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;IAC/D,EAAE,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;IACnD,MAAM,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;IAChE,IAAI,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;IACvD,KAAK,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE;CACxD,CAAA;AAED;;GAEG;AACH,MAAM,cAAc,GAA0C;IAC5D,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAA;AAaD;;GAEG;AACH,SAAgB,YAAY,CAAC,eAAgC;IAC3D,iBAAiB;IACjB,MAAM,MAAM,GAAG,IAAI,GAAG,EAA8B,CAAA;IAEpD,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACzC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;QACvB,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IAED,4BAA4B;IAC5B,MAAM,MAAM,GAAsB,EAAE,CAAA;IAEpC,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC;QACvC,kEAAkE;QAClE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACrB,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;YAC5E,IAAI,YAAY,KAAK,CAAC;gBAAE,OAAO,YAAY,CAAA;YAE3C,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;YACtD,OAAO,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;QAEF,mBAAmB;QACnB,MAAM,cAAc,GAA0C;YAC5D,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAA;QACD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAA;QAC9B,CAAC;QAED,MAAM,MAAM,GAAG,oBAAY,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,IAAI,CAAC;YACV,KAAK;YACL,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,QAAQ;YACR,cAAc;SACf,CAAC,CAAA;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,oBAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,oBAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IAEtF,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,MAAyB,EAAE,cAAsB,EAAE;IAC/E,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1B,GAAG,KAAK;QACR,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC;KAC/C,CAAC,CAAC,CAAA;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,eAAgC;IAC7D,OAAO,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACxC,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;QAC5E,IAAI,YAAY,KAAK,CAAC;YAAE,OAAO,YAAY,CAAA;QAE3C,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;QACtD,OAAO,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;IACtE,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,eAAgC;IAChE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;AACxF,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,eAAgC;IAClE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAC9E,CAAA;AACH,CAAC"}
package/dist/report/formatters/ide/claude-code.d.ts ADDED
@@ -0,0 +1,17 @@
1
+ /**
2
+ * Claude Code IDE Integration
3
+ * Generates CLAUDE.md section format
4
+ */
5
+ import type { ScanResult } from '../../../shared/types';
6
+ /** Start marker for Oculum section in CLAUDE.md */
7
+ export declare const OCULUM_SECTION_START = "<!-- OCULUM_SECURITY_START -->";
8
+ /** End marker for Oculum section in CLAUDE.md */
9
+ export declare const OCULUM_SECTION_END = "<!-- OCULUM_SECURITY_END -->";
10
+ /**
11
+ * Format scan result as CLAUDE.md section
12
+ *
13
+ * @param result - The scan result to format
14
+ * @returns Markdown string with markers for CLAUDE.md
15
+ */
16
+ export declare function formatClaudeCodeSection(result: ScanResult): string;
17
+ //# sourceMappingURL=claude-code.d.ts.map
package/dist/report/formatters/ide/claude-code.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"claude-code.d.ts","sourceRoot":"","sources":["../../../../src/report/formatters/ide/claude-code.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAwC,MAAM,uBAAuB,CAAA;AAG7F,mDAAmD;AACnD,eAAO,MAAM,oBAAoB,mCAAmC,CAAA;AAEpE,iDAAiD;AACjD,eAAO,MAAM,kBAAkB,iCAAiC,CAAA;AAuBhE;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAoElE"}
package/dist/report/formatters/ide/claude-code.js ADDED
@@ -0,0 +1,94 @@
1
+ "use strict";
2
+ /**
3
+ * Claude Code IDE Integration
4
+ * Generates CLAUDE.md section format
5
+ */
6
+ Object.defineProperty(exports, "__esModule", { value: true });
7
+ exports.OCULUM_SECTION_END = exports.OCULUM_SECTION_START = void 0;
8
+ exports.formatClaudeCodeSection = formatClaudeCodeSection;
9
+ const grouping_1 = require("../grouping");
10
+ /** Start marker for Oculum section in CLAUDE.md */
11
+ exports.OCULUM_SECTION_START = '<!-- OCULUM_SECURITY_START -->';
12
+ /** End marker for Oculum section in CLAUDE.md */
13
+ exports.OCULUM_SECTION_END = '<!-- OCULUM_SECURITY_END -->';
14
+ /**
15
+ * Get "ALWAYS" rule for a category
16
+ */
17
+ function getAlwaysRule(category) {
18
+ const rules = {
19
+ sql_injection: 'Use parameterized queries for all database operations',
20
+ xss: 'Escape or sanitize user input before rendering in HTML',
21
+ hardcoded_secret: 'Use environment variables for secrets and API keys',
22
+ high_entropy_string: 'Store credentials in secure vaults, not in code',
23
+ missing_auth: 'Add authentication middleware to API endpoints',
24
+ dangerous_function: 'Avoid eval() and exec() - use safe alternatives',
25
+ command_injection: 'Sanitize all input passed to shell commands',
26
+ data_exposure: 'Never log sensitive data or expose it in responses',
27
+ weak_crypto: 'Use modern cryptographic algorithms (SHA-256+, AES-256)',
28
+ ai_prompt_injection: 'Sanitize user input before including in prompts',
29
+ ai_unsafe_execution: 'Validate AI-generated code before execution',
30
+ };
31
+ return rules[category] || null;
32
+ }
33
+ /**
34
+ * Format scan result as CLAUDE.md section
35
+ *
36
+ * @param result - The scan result to format
37
+ * @returns Markdown string with markers for CLAUDE.md
38
+ */
39
+ function formatClaudeCodeSection(result) {
40
+ const { vulnerabilities, timestamp } = result;
41
+ // Sort by severity
42
+ const sorted = (0, grouping_1.sortBySeverity)(vulnerabilities);
43
+ let md = '';
44
+ // Section markers
45
+ md += `${exports.OCULUM_SECTION_START}\n`;
46
+ md += `## Security Issues (Auto-Generated)\n\n`;
47
+ md += `> Last scan: ${timestamp}\n\n`;
48
+ // No findings case
49
+ if (vulnerabilities.length === 0) {
50
+ md += `No security issues detected.\n\n`;
51
+ md += `Run \`oculum scan\` to scan for vulnerabilities.\n`;
52
+ md += `${exports.OCULUM_SECTION_END}\n`;
53
+ return md;
54
+ }
55
+ // Summary
56
+ const { severityCounts, hasBlockingIssues } = result;
57
+ if (hasBlockingIssues) {
58
+ md += `**BLOCKING ISSUES:** ${severityCounts.critical + severityCounts.high} issues must be fixed.\n\n`;
59
+ }
60
+ // DO NOT section - list findings
61
+ md += `**DO NOT** ignore these findings:\n\n`;
62
+ let count = 0;
63
+ for (const vuln of sorted.slice(0, 10)) {
64
+ count++;
65
+ const severityLabel = vuln.severity === 'critical' ? 'CRITICAL' :
66
+ vuln.severity === 'high' ? 'HIGH' :
67
+ vuln.severity.toUpperCase();
68
+ md += `${count}. **${vuln.title}** [${severityLabel}] in \`${vuln.filePath}:${vuln.lineNumber}\`\n`;
69
+ }
70
+ if (sorted.length > 10) {
71
+ md += `\n... and ${sorted.length - 10} more issues.\n`;
72
+ }
73
+ md += '\n';
74
+ // ALWAYS section - best practices
75
+ const alwaysRules = new Set();
76
+ for (const vuln of vulnerabilities) {
77
+ const rule = getAlwaysRule(vuln.category);
78
+ if (rule) {
79
+ alwaysRules.add(rule);
80
+ }
81
+ }
82
+ if (alwaysRules.size > 0) {
83
+ md += `**ALWAYS:**\n`;
84
+ for (const rule of alwaysRules) {
85
+ md += `- ${rule}\n`;
86
+ }
87
+ md += '\n';
88
+ }
89
+ // Verification instructions
90
+ md += `Run \`oculum scan\` to verify fixes.\n`;
91
+ md += `${exports.OCULUM_SECTION_END}\n`;
92
+ return md;
93
+ }
94
+ //# sourceMappingURL=claude-code.js.map
package/dist/report/formatters/ide/claude-code.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"claude-code.js","sourceRoot":"","sources":["../../../../src/report/formatters/ide/claude-code.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAsCH,0DAoEC;AAvGD,0CAA4C;AAE5C,mDAAmD;AACtC,QAAA,oBAAoB,GAAG,gCAAgC,CAAA;AAEpE,iDAAiD;AACpC,QAAA,kBAAkB,GAAG,8BAA8B,CAAA;AAEhE;;GAEG;AACH,SAAS,aAAa,CAAC,QAA+B;IACpD,MAAM,KAAK,GAAmD;QAC5D,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,wDAAwD;QAC7D,gBAAgB,EAAE,oDAAoD;QACtE,mBAAmB,EAAE,iDAAiD;QACtE,YAAY,EAAE,gDAAgD;QAC9D,kBAAkB,EAAE,iDAAiD;QACrE,iBAAiB,EAAE,6CAA6C;QAChE,aAAa,EAAE,oDAAoD;QACnE,WAAW,EAAE,yDAAyD;QACtE,mBAAmB,EAAE,iDAAiD;QACtE,mBAAmB,EAAE,6CAA6C;KACnE,CAAA;IAED,OAAO,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAA;AAChC,CAAC;AAED;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,MAAkB;IACxD,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;IAE7C,mBAAmB;IACnB,MAAM,MAAM,GAAG,IAAA,yBAAc,EAAC,eAAe,CAAC,CAAA;IAE9C,IAAI,EAAE,GAAG,EAAE,CAAA;IAEX,kBAAkB;IAClB,EAAE,IAAI,GAAG,4BAAoB,IAAI,CAAA;IACjC,EAAE,IAAI,yCAAyC,CAAA;IAC/C,EAAE,IAAI,gBAAgB,SAAS,MAAM,CAAA;IAErC,mBAAmB;IACnB,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,EAAE,IAAI,kCAAkC,CAAA;QACxC,EAAE,IAAI,oDAAoD,CAAA;QAC1D,EAAE,IAAI,GAAG,0BAAkB,IAAI,CAAA;QAC/B,OAAO,EAAE,CAAA;IACX,CAAC;IAED,UAAU;IACV,MAAM,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAA;IACpD,IAAI,iBAAiB,EAAE,CAAC;QACtB,EAAE,IAAI,wBAAwB,cAAc,CAAC,QAAQ,GAAG,cAAc,CAAC,IAAI,4BAA4B,CAAA;IACzG,CAAC;IAED,iCAAiC;IACjC,EAAE,IAAI,uCAAuC,CAAA;IAE7C,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QACvC,KAAK,EAAE,CAAA;QACP,MAAM,aAAa,GACjB,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;gBACnC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;QAE7B,EAAE,IAAI,GAAG,KAAK,OAAO,IAAI,CAAC,KAAK,OAAO,aAAa,UAAU,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,MAAM,CAAA;IACrG,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACvB,EAAE,IAAI,aAAa,MAAM,CAAC,MAAM,GAAG,EAAE,iBAAiB,CAAA;IACxD,CAAC;IACD,EAAE,IAAI,IAAI,CAAA;IAEV,kCAAkC;IAClC,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAA;IACrC,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACzC,IAAI,IAAI,EAAE,CAAC;YACT,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACvB,CAAC;IACH,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACzB,EAAE,IAAI,eAAe,CAAA;QACrB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,EAAE,IAAI,KAAK,IAAI,IAAI,CAAA;QACrB,CAAC;QACD,EAAE,IAAI,IAAI,CAAA;IACZ,CAAC;IAED,4BAA4B;IAC5B,EAAE,IAAI,wCAAwC,CAAA;IAC9C,EAAE,IAAI,GAAG,0BAAkB,IAAI,CAAA;IAE/B,OAAO,EAAE,CAAA;AACX,CAAC"}
package/dist/report/formatters/ide/cursor.d.ts ADDED
@@ -0,0 +1,13 @@
1
+ /**
2
+ * Cursor IDE Integration
3
+ * Generates .cursor/rules/security.mdc format
4
+ */
5
+ import type { ScanResult } from '../../../shared/types';
6
+ /**
7
+ * Format scan result as Cursor MDC rules
8
+ *
9
+ * @param result - The scan result to format
10
+ * @returns MDC format string for .cursor/rules/security.mdc
11
+ */
12
+ export declare function formatCursorRules(result: ScanResult): string;
13
+ //# sourceMappingURL=cursor.d.ts.map
package/dist/report/formatters/ide/cursor.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cursor.d.ts","sourceRoot":"","sources":["../../../../src/report/formatters/ide/cursor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAiB,MAAM,uBAAuB,CAAA;AAwEtE;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA+D5D"}
package/dist/report/formatters/ide/cursor.js ADDED
@@ -0,0 +1,125 @@
1
+ "use strict";
2
+ /**
3
+ * Cursor IDE Integration
4
+ * Generates .cursor/rules/security.mdc format
5
+ */
6
+ Object.defineProperty(exports, "__esModule", { value: true });
7
+ exports.formatCursorRules = formatCursorRules;
8
+ const grouping_1 = require("../grouping");
9
+ /**
10
+ * Extract unique directory paths from vulnerabilities for glob patterns
11
+ */
12
+ function extractGlobPatterns(vulnerabilities) {
13
+ const directories = new Set();
14
+ for (const vuln of vulnerabilities) {
15
+ // Get directory path (e.g., 'src/api' from 'src/api/users.ts')
16
+ const parts = vuln.filePath.split('/');
17
+ if (parts.length > 1) {
18
+ // Take up to 2 levels of directory
19
+ const dir = parts.slice(0, Math.min(parts.length - 1, 2)).join('/');
20
+ directories.add(`${dir}/**`);
21
+ }
22
+ }
23
+ return Array.from(directories).sort();
24
+ }
25
+ /**
26
+ * Format fix pattern (DO NOT / DO) for a vulnerability
27
+ */
28
+ function formatFixPattern(vuln) {
29
+ const category = vuln.category;
30
+ let md = '';
31
+ // Common patterns by category
32
+ switch (category) {
33
+ case 'sql_injection':
34
+ md += `**DO NOT** concatenate user input into SQL queries.\n\n`;
35
+ md += `\`\`\`typescript\n// BAD\nconst query = \`SELECT * FROM users WHERE id = \${userId}\`\n\n// GOOD\nconst query = 'SELECT * FROM users WHERE id = ?'\n\`\`\`\n`;
36
+ break;
37
+ case 'xss':
38
+ md += `**DO NOT** insert user input into HTML without escaping.\n\n`;
39
+ md += `\`\`\`typescript\n// BAD\nelement.innerHTML = userInput\n\n// GOOD\nelement.textContent = userInput\n\`\`\`\n`;
40
+ break;
41
+ case 'hardcoded_secret':
42
+ case 'high_entropy_string':
43
+ md += `**DO NOT** hardcode secrets or API keys in source code.\n\n`;
44
+ md += `\`\`\`typescript\n// BAD\nconst apiKey = 'sk-abc123...'\n\n// GOOD\nconst apiKey = process.env.API_KEY\n\`\`\`\n`;
45
+ break;
46
+ case 'missing_auth':
47
+ md += `**DO NOT** expose endpoints without authentication.\n\n`;
48
+ md += `\`\`\`typescript\n// BAD\napp.get('/api/data', handler)\n\n// GOOD\napp.get('/api/data', authMiddleware, handler)\n\`\`\`\n`;
49
+ break;
50
+ case 'dangerous_function':
51
+ md += `**DO NOT** use eval() or similar dangerous functions with user input.\n\n`;
52
+ md += `\`\`\`typescript\n// BAD\neval(userInput)\n\n// GOOD\nJSON.parse(userInput)\n\`\`\`\n`;
53
+ break;
54
+ default:
55
+ // Generic fix pattern
56
+ if (vuln.fixSteps && vuln.fixSteps.length > 0) {
57
+ md += `**FIX:**\n`;
58
+ vuln.fixSteps.forEach((step, i) => {
59
+ md += `${i + 1}. ${step}\n`;
60
+ });
61
+ }
62
+ else if (vuln.suggestedFix) {
63
+ md += `**FIX:** ${vuln.suggestedFix}\n`;
64
+ }
65
+ }
66
+ return md;
67
+ }
68
+ /**
69
+ * Format scan result as Cursor MDC rules
70
+ *
71
+ * @param result - The scan result to format
72
+ * @returns MDC format string for .cursor/rules/security.mdc
73
+ */
74
+ function formatCursorRules(result) {
75
+ const { vulnerabilities, timestamp } = result;
76
+ // Sort by severity
77
+ const sorted = (0, grouping_1.sortBySeverity)(vulnerabilities);
78
+ // Extract glob patterns
79
+ const globs = extractGlobPatterns(sorted);
80
+ let md = '';
81
+ // MDC Frontmatter
82
+ md += `---\n`;
83
+ md += `description: Oculum Security Findings\n`;
84
+ if (globs.length > 0) {
85
+ md += `globs: "${globs.join(',')}"\n`;
86
+ }
87
+ md += `alwaysApply: false\n`;
88
+ md += `---\n\n`;
89
+ // No findings case
90
+ if (vulnerabilities.length === 0) {
91
+ md += `# Security Scan Results\n\n`;
92
+ md += `No security issues found. Last scan: ${timestamp}\n\n`;
93
+ md += `*Run \`oculum scan --cursor --clear\` to remove this file.*\n`;
94
+ return md;
95
+ }
96
+ // Header
97
+ md += `# Security Issues (${vulnerabilities.length})\n\n`;
98
+ md += `> Last scan: ${timestamp}\n\n`;
99
+ // Group by severity
100
+ const bySeverity = new Map();
101
+ for (const vuln of sorted) {
102
+ const group = bySeverity.get(vuln.severity) || [];
103
+ group.push(vuln);
104
+ bySeverity.set(vuln.severity, group);
105
+ }
106
+ // Output by severity
107
+ for (const [severity, vulns] of bySeverity) {
108
+ md += `## ${severity.toUpperCase()} (${vulns.length})\n\n`;
109
+ for (const vuln of vulns.slice(0, 10)) {
110
+ md += `### ${vuln.title}\n\n`;
111
+ md += `**File:** \`${vuln.filePath}:${vuln.lineNumber}\`\n\n`;
112
+ // Add fix pattern
113
+ md += formatFixPattern(vuln);
114
+ md += '\n';
115
+ }
116
+ if (vulns.length > 10) {
117
+ md += `> + ${vulns.length - 10} more ${severity} issues\n\n`;
118
+ }
119
+ }
120
+ // Footer
121
+ md += `---\n\n`;
122
+ md += `*Run \`oculum scan --cursor --clear\` after fixing to remove this file.*\n`;
123
+ return md;
124
+ }
125
+ //# sourceMappingURL=cursor.js.map
package/dist/report/formatters/ide/cursor.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"cursor.js","sourceRoot":"","sources":["../../../../src/report/formatters/ide/cursor.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAgFH,8CA+DC;AA5ID,0CAA4C;AAE5C;;GAEG;AACH,SAAS,mBAAmB,CAAC,eAAgC;IAC3D,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAA;IAErC,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,+DAA+D;QAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACtC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,mCAAmC;YACnC,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACnE,WAAW,CAAC,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,CAAA;QAC9B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAA;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,IAAmB;IAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;IAC9B,IAAI,EAAE,GAAG,EAAE,CAAA;IAEX,8BAA8B;IAC9B,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,eAAe;YAClB,EAAE,IAAI,yDAAyD,CAAA;YAC/D,EAAE,IAAI,8JAA8J,CAAA;YACpK,MAAK;QAEP,KAAK,KAAK;YACR,EAAE,IAAI,8DAA8D,CAAA;YACpE,EAAE,IAAI,+GAA+G,CAAA;YACrH,MAAK;QAEP,KAAK,kBAAkB,CAAC;QACxB,KAAK,qBAAqB;YACxB,EAAE,IAAI,6DAA6D,CAAA;YACnE,EAAE,IAAI,kHAAkH,CAAA;YACxH,MAAK;QAEP,KAAK,cAAc;YACjB,EAAE,IAAI,yDAAyD,CAAA;YAC/D,EAAE,IAAI,6HAA6H,CAAA;YACnI,MAAK;QAEP,KAAK,oBAAoB;YACvB,EAAE,IAAI,2EAA2E,CAAA;YACjF,EAAE,IAAI,uFAAuF,CAAA;YAC7F,MAAK;QAEP;YACE,sBAAsB;YACtB,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9C,EAAE,IAAI,YAAY,CAAA;gBAClB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;oBAChC,EAAE,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,IAAI,CAAA;gBAC7B,CAAC,CAAC,CAAA;YACJ,CAAC;iBAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC7B,EAAE,IAAI,YAAY,IAAI,CAAC,YAAY,IAAI,CAAA;YACzC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,MAAkB;IAClD,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;IAE7C,mBAAmB;IACnB,MAAM,MAAM,GAAG,IAAA,yBAAc,EAAC,eAAe,CAAC,CAAA;IAE9C,wBAAwB;IACxB,MAAM,KAAK,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAA;IAEzC,IAAI,EAAE,GAAG,EAAE,CAAA;IAEX,kBAAkB;IAClB,EAAE,IAAI,OAAO,CAAA;IACb,EAAE,IAAI,yCAAyC,CAAA;IAC/C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,EAAE,IAAI,WAAW,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAA;IACvC,CAAC;IACD,EAAE,IAAI,sBAAsB,CAAA;IAC5B,EAAE,IAAI,SAAS,CAAA;IAEf,mBAAmB;IACnB,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,EAAE,IAAI,6BAA6B,CAAA;QACnC,EAAE,IAAI,wCAAwC,SAAS,MAAM,CAAA;QAC7D,EAAE,IAAI,+DAA+D,CAAA;QACrE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,SAAS;IACT,EAAE,IAAI,sBAAsB,eAAe,CAAC,MAAM,OAAO,CAAA;IACzD,EAAE,IAAI,gBAAgB,SAAS,MAAM,CAAA;IAErC,oBAAoB;IACpB,MAAM,UAAU,GAAG,IAAI,GAAG,EAA2B,CAAA;IACrD,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QACjD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAChB,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;IACtC,CAAC;IAED,qBAAqB;IACrB,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3C,EAAE,IAAI,MAAM,QAAQ,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,MAAM,OAAO,CAAA;QAE1D,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YACtC,EAAE,IAAI,OAAO,IAAI,CAAC,KAAK,MAAM,CAAA;YAC7B,EAAE,IAAI,eAAe,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,QAAQ,CAAA;YAE7D,kBAAkB;YAClB,EAAE,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5B,EAAE,IAAI,IAAI,CAAA;QACZ,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACtB,EAAE,IAAI,OAAO,KAAK,CAAC,MAAM,GAAG,EAAE,SAAS,QAAQ,aAAa,CAAA;QAC9D,CAAC;IACH,CAAC;IAED,SAAS;IACT,EAAE,IAAI,SAAS,CAAA;IACf,EAAE,IAAI,4EAA4E,CAAA;IAElF,OAAO,EAAE,CAAA;AACX,CAAC"}
package/dist/report/formatters/ide/index.d.ts ADDED
@@ -0,0 +1,62 @@
1
+ /**
2
+ * IDE Integration Module
3
+ * Exports formatters and utilities for IDE-specific config files
4
+ */
5
+ export { formatCursorRules } from './cursor';
6
+ export { formatWindsurfRules } from './windsurf';
7
+ export { formatClaudeCodeSection, OCULUM_SECTION_START, OCULUM_SECTION_END } from './claude-code';
8
+ /** Supported IDE types */
9
+ export type IDEType = 'cursor' | 'windsurf' | 'claude-code';
10
+ /** Default file paths for each IDE */
11
+ export declare const IDE_FILE_PATHS: Record<IDEType, string>;
12
+ /** Result of a file write operation */
13
+ export interface WriteIDEFileResult {
14
+ success: boolean;
15
+ path: string;
16
+ error?: string;
17
+ }
18
+ /** Result of a file clear operation */
19
+ export interface ClearIDEFilesResult {
20
+ success: boolean;
21
+ clearedFiles: string[];
22
+ errors: string[];
23
+ }
24
+ /**
25
+ * Detect which IDE configurations exist in the project
26
+ *
27
+ * @param projectPath - Path to the project root
28
+ * @returns Array of detected IDE types
29
+ */
30
+ export declare function detectIDEConfigs(projectPath: string): IDEType[];
31
+ /**
32
+ * Write an IDE-specific file
33
+ *
34
+ * @param projectPath - Path to the project root
35
+ * @param relativePath - Relative path for the file
36
+ * @param content - Content to write
37
+ * @returns Result object
38
+ */
39
+ export declare function writeIDEFile(projectPath: string, relativePath: string, content: string): WriteIDEFileResult;
40
+ /**
41
+ * Update the Oculum section in CLAUDE.md
42
+ * Replaces content between OCULUM_SECURITY_START and OCULUM_SECURITY_END markers
43
+ * If markers don't exist, appends the section at the end
44
+ *
45
+ * @param projectPath - Path to the project root
46
+ * @param section - The section content (including markers)
47
+ * @returns Result object
48
+ */
49
+ export declare function updateClaudeMdSection(projectPath: string, section: string): WriteIDEFileResult;
50
+ /**
51
+ * Clear IDE rule files
52
+ *
53
+ * @param projectPath - Path to the project root
54
+ * @param types - Optional array of IDE types to clear. If not provided, clears all.
55
+ * @returns Result object with list of cleared files
56
+ */
57
+ export declare function clearIDEFiles(projectPath: string, types?: IDEType[]): ClearIDEFilesResult;
58
+ /**
59
+ * Get the default file path for an IDE type
60
+ */
61
+ export declare function getIDEFilePath(ide: IDEType): string;
62
+ //# sourceMappingURL=index.d.ts.map
package/dist/report/formatters/ide/index.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/report/formatters/ide/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAA;AAChD,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAA;AAEjG,0BAA0B;AAC1B,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,UAAU,GAAG,aAAa,CAAA;AAE3D,sCAAsC;AACtC,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAIlD,CAAA;AAED,uCAAuC;AACvC,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,uCAAuC;AACvC,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAA;IAChB,YAAY,EAAE,MAAM,EAAE,CAAA;IACtB,MAAM,EAAE,MAAM,EAAE,CAAA;CACjB;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,EAAE,CAmB/D;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAC1B,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,GACd,kBAAkB,CAqBpB;AAED;;;;;;;;GAQG;AACH,wBAAgB,qBAAqB,CACnC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,GACd,kBAAkB,CAwCpB;AAED;;;;;;GAMG;AACH,wBAAgB,aAAa,CAC3B,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,OAAO,EAAE,GAChB,mBAAmB,CA6CrB;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAEnD"}