@offgridsec/kira-lite-mcp 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (37) hide show
  1. package/PRIVACY.md +9 -1
  2. package/README.md +1 -1
  3. package/dist/config.d.ts +5 -0
  4. package/dist/config.js +1 -1
  5. package/dist/core/engines/kira-core.js +1 -1
  6. package/dist/core/engines/osv.js +485 -1
  7. package/dist/core/engines/runner.js +30 -1
  8. package/dist/core/scanner.js +101 -1
  9. package/dist/core/types.js +1 -1
  10. package/dist/core/utils.js +70 -1
  11. package/dist/index.js +477 -1
  12. package/dist/rules/c-cpp.js +202 -1
  13. package/dist/rules/cicd.js +144 -1
  14. package/dist/rules/csharp.js +207 -1
  15. package/dist/rules/docker.js +143 -1
  16. package/dist/rules/go.js +184 -1
  17. package/dist/rules/index.js +147 -1
  18. package/dist/rules/java.js +1 -1
  19. package/dist/rules/javascript-extended.js +1 -1
  20. package/dist/rules/javascript.js +1 -1
  21. package/dist/rules/kubernetes.js +1 -1
  22. package/dist/rules/php.js +1 -1
  23. package/dist/rules/python-extended.js +1 -1
  24. package/dist/rules/python.js +1 -1
  25. package/dist/rules/ruby.js +1 -1
  26. package/dist/rules/secrets-extended.js +1 -1
  27. package/dist/rules/secrets.js +1 -1
  28. package/dist/rules/shell.js +1 -1
  29. package/dist/rules/terraform.js +1 -1
  30. package/dist/telemetry.d.ts +1 -0
  31. package/dist/telemetry.js +1 -1
  32. package/dist/tools/fix-vulnerability.js +1 -1
  33. package/dist/tools/scan-code.js +1 -1
  34. package/dist/tools/scan-dependencies.js +1 -1
  35. package/dist/tools/scan-diff.js +1 -1
  36. package/dist/tools/scan-file.js +1 -1
  37. package/package.json +1 -1
package/dist/rules/go.js CHANGED
@@ -1 +1,184 @@
1
- (function(_0x702ce8,_0x32c463){const _0xb86c35={_0x2e6acc:0xae,_0x49b2c0:0x110,_0x1444a2:0x2af,_0xc1ef32:0x2b0,_0x2f686e:0x1f1,_0x335f56:0x6b,_0x293ce4:0x150,_0x3737bc:0x12,_0x104e06:0x59,_0x41b377:0x173,_0x3b751d:0x168,_0x5ac2a7:0x1ed,_0x30c27e:0x37},_0x1278c0={_0x250e73:0xc8};function _0x22d24a(_0x5cce91,_0x2d041e){return _0x2fc0(_0x2d041e- -_0x1278c0._0x250e73,_0x5cce91);}const _0x5eeca6=_0x702ce8();function _0x78017d(_0x3a8793,_0x1d3989){return _0x2fc0(_0x1d3989-0xad,_0x3a8793);}while(!![]){try{const _0x54acce=-parseInt(_0x22d24a(_0xb86c35._0x2e6acc,_0xb86c35._0x49b2c0))/(0x27*-0x3c+0x15c6+-0xca1*0x1)+parseInt(_0x78017d(_0xb86c35._0x1444a2,0x2b3))/(0x2d7*-0x5+-0xf6d+0x1da2)*(-parseInt(_0x78017d(_0xb86c35._0xc1ef32,_0xb86c35._0x2f686e))/(0x248*0x8+-0x9d1+-0x86c))+-parseInt(_0x22d24a(0xd8,_0xb86c35._0x335f56))/(-0x210b+0x4*-0x5fb+0x1*0x38fb)*(parseInt(_0x22d24a(0x15a,0x1e2))/(0xe82*0x1+0x5c1+-0x143e))+parseInt(_0x22d24a(_0xb86c35._0x293ce4,0xfc))/(-0xd*-0x135+0x1e7*0x11+-0x3002)*(-parseInt(_0x22d24a(-_0xb86c35._0x3737bc,_0xb86c35._0x104e06))/(-0x1a8d+-0x7e3+0x2277))+parseInt(_0x22d24a(0x1b3,_0xb86c35._0x41b377))/(0x6a3+-0x47*-0x7f+-0x29d4)*(-parseInt(_0x78017d(_0xb86c35._0x3b751d,_0xb86c35._0x5ac2a7))/(-0x136f+0x20b0+-0xd38))+parseInt(_0x22d24a(-_0xb86c35._0x30c27e,0x41))/(0x1bd*-0x1+-0x74d*-0x2+-0xcd3)*(parseInt(_0x78017d(0x1e2,0x16a))/(0x1*-0x14fb+-0x1e8d+0x1131*0x3))+parseInt(_0x22d24a(0x108,0x17))/(-0xe5*-0x11+-0x2*-0xe24+-0x2b71);if(_0x54acce===_0x32c463)break;else _0x5eeca6['push'](_0x5eeca6['shift']());}catch(_0x2ceaef){_0x5eeca6['push'](_0x5eeca6['shift']());}}}(_0x592d,0xb2d1*0x3+0x4bf45+0x1*-0x1bb59));const _0x1e71d1={};_0x1e71d1['id']=_0x113a09(-0xa2,-0x4c)+_0x113a09(0x9d,0x186)+'1',_0x1e71d1[_0x113a09(-0x2a,-0x53)]='CWE-8'+'9',_0x1e71d1[_0x113a09(-0x110,-0x16e)+'ity']=_0x3489fe(0x3d7,0x44d)+'cal',_0x1e71d1[_0x113a09(-0x26,0x33)]=_0x113a09(-0x98,-0x187)+_0x113a09(-0x75,-0x35)+'ion\x20—'+_0x3489fe(0x4fd,0x517)+_0x113a09(-0xf1,-0xa3)+_0x3489fe(0x512,0x4cd)+_0x113a09(-0xf5,-0x175)+_0x3489fe(0x57e,0x4ed)+_0x113a09(-0x44,-0x49)+_0x113a09(0x5f,0x112)+_0x113a09(-0xb5,-0x1b7)+'y',_0x1e71d1[_0x3489fe(0x487,0x4a4)+_0x113a09(0x78,0x1a)+'n']=_0x3489fe(0x5a9,0x4c3)+'\x20fmt.'+_0x113a09(-0xfa,-0x1c0)+_0x3489fe(0x3ed,0x477)+'\x20stri'+_0x3489fe(0x3fd,0x41f)+_0x3489fe(0x512,0x50a)+'natio'+_0x113a09(-0xcb,-0x18b)+_0x3489fe(0x526,0x5fd)+'uerie'+_0x113a09(0x40,0x39)+_0x113a09(0x51,-0x9f)+'injec'+_0x3489fe(0x513,0x59f)+_0x3489fe(0x556,0x46f)+_0x3489fe(0x4fe,0x554)+_0x113a09(-0xa7,-0x136)+'sql\x20s'+_0x3489fe(0x45b,0x3c7)+_0x113a09(-0x22,-0x3a)+_0x113a09(-0xf2,-0x62)+_0x3489fe(0x53a,0x505)+_0x113a09(-0x5b,0x97)+_0x3489fe(0x3ec,0x3d9),_0x1e71d1[_0x3489fe(0x597,0x5bd)+_0x3489fe(0x4e5,0x40a)]=['go'],_0x1e71d1[_0x113a09(-0x4a,-0x58)+'rn']=/(?:Query|Exec|QueryRow|QueryContext|ExecContext|QueryRowContext|Prepare)\s*\(\s*(?:ctx\s*,\s*)?(?:fmt\.Sprintf|[^,)]+\+)/g,_0x1e71d1[_0x113a09(-0x6d,-0x16e)]=_0x3489fe(0x4cf,0x41a)+_0x113a09(0x48,0x83)+_0x113a09(0x76,0x7a)+'ed\x20qu'+'eries'+_0x3489fe(0x56e,0x501)+_0x3489fe(0x50e,0x41f)+'(\x22SEL'+'ECT\x20*'+_0x3489fe(0x3e5,0x328)+_0x113a09(-0x12,0x77)+_0x3489fe(0x488,0x4e0)+'RE\x20id'+_0x3489fe(0x3dd,0x3b2)+_0x3489fe(0x416,0x508)+')';const _0x3afa48={};_0x3afa48['id']='GO-SQ'+_0x3489fe(0x58b,0x51a)+'2',_0x3afa48[_0x113a09(-0x2a,0x4b)]=_0x113a09(0x44,0x72)+'9',_0x3afa48[_0x113a09(-0x110,-0x1b7)+'ity']=_0x113a09(-0x117,-0xb9)+_0x3489fe(0x4c5,0x524),_0x3afa48[_0x3489fe(0x4c8,0x403)]=_0x113a09(-0x98,-0xda)+_0x113a09(-0x75,0x27)+_0x113a09(-0x3e,0x62)+_0x3489fe(0x4fd,0x41e)+_0x3489fe(0x54d,0x4f3)+_0x3489fe(0x4d5,0x59d)+_0x3489fe(0x3ba,0x386)+_0x3489fe(0x423,0x40c)+_0x3489fe(0x430,0x38c)+'QL',_0x3afa48['descr'+_0x113a09(0x78,0x15b)+'n']=_0x113a09(0x9a,0x149)+'g\x20for'+'matti'+'ng\x20us'+'ed\x20to'+_0x113a09(0x97,0x115)+_0x3489fe(0x3f8,0x33b)+_0x113a09(-0xb5,-0x124)+'ies\x20d'+'ynami'+_0x113a09(-0x13f,-0x1b9)+'.',_0x3afa48[_0x3489fe(0x597,0x676)+'ages']=['go'],_0x3afa48[_0x3489fe(0x4a4,0x50f)+'rn']=/fmt\.Sprintf\s*\(\s*["'](?:SELECT|INSERT|UPDATE|DELETE|DROP|ALTER|CREATE)\b/gi,_0x3afa48[_0x3489fe(0x481,0x54c)]='Use\x20p'+_0x3489fe(0x536,0x569)+_0x3489fe(0x564,0x63d)+_0x3489fe(0x578,0x48f)+_0x3489fe(0x4eb,0x4a8)+'\x20with'+_0x3489fe(0x421,0x3bc)+_0x3489fe(0x407,0x3a9)+'aceho'+_0x3489fe(0x452,0x532)+'\x20inst'+_0x113a09(-0x13c,-0x14a)+_0x3489fe(0x5ad,0x523)+'.Spri'+_0x113a09(-0xfc,-0xa7)+_0x3489fe(0x4d8,0x5c8)+'L.';const _0x579e25={};_0x579e25['id']=_0x113a09(0x39,-0x2d)+_0x113a09(0x3c,-0x55)+'1',_0x579e25['cwe']=_0x113a09(0x6f,0x6c)+'8',_0x579e25[_0x113a09(-0x110,-0x15b)+_0x113a09(-0x88,0x12)]='criti'+_0x3489fe(0x4c5,0x4b4),_0x579e25[_0x113a09(-0x26,-0xa7)]=_0x113a09(-0x2d,0x33)+_0x113a09(0x1,0x22)+_0x113a09(-0x76,0x42)+_0x3489fe(0x559,0x580)+_0x3489fe(0x43d,0x4a5)+'Comma'+_0x3489fe(0x3b3,0x350)+_0x113a09(0x41,-0xa5)+_0x113a09(-0x38,-0x12)+_0x3489fe(0x572,0x628),_0x579e25['descr'+_0x3489fe(0x566,0x51a)+'n']=_0x3489fe(0x4de,0x44c)+_0x3489fe(0x41a,0x4d2)+_0x113a09(0x72,0x7e)+_0x3489fe(0x4a2,0x553)+_0x113a09(-0x11d,-0x1c9)+'rom\x20u'+_0x3489fe(0x4b3,0x586)+_0x113a09(0xb6,0x193)+_0x113a09(-0xfd,-0x4b)+'es\x20ar'+_0x113a09(-0x51,-0x93)+_0x3489fe(0x490,0x4d3)+_0x113a09(-0x73,0x40)+_0x113a09(0x6d,0x78)+_0x113a09(-0x83,-0x11a)+'.',_0x579e25[_0x113a09(0xa9,0xd7)+'ages']=['go'],_0x579e25['patte'+'rn']=/exec\.Command\s*\(\s*(?:fmt\.Sprintf|[^,)]+\+)/g,_0x579e25[_0x3489fe(0x481,0x44f)]='Pass\x20'+_0x113a09(0x14,-0x11)+_0x113a09(0x1f,-0x9)+_0x3489fe(0x3d0,0x3c8)+_0x113a09(0x3e,0x51)+_0x3489fe(0x494,0x4cd)+'amete'+_0x3489fe(0x50c,0x53e)+_0x113a09(0x6d,-0x18)+_0x113a09(-0x6a,0x89)+_0x113a09(-0xc,-0xc)+'exec.'+_0x113a09(-0x2d,-0x40)+'nd(\x22c'+_0x113a09(-0xd5,-0xc0)+_0x3489fe(0x530,0x4e5)+'\x22,\x20\x22a'+_0x113a09(-0x58,-0x44)+'.';const _0x14d552={};_0x14d552['id']=_0x113a09(0x39,0x31)+_0x3489fe(0x52a,0x48d)+'2',_0x14d552[_0x113a09(-0x2a,0x10)]=_0x3489fe(0x55d,0x49d)+'8',_0x14d552[_0x113a09(-0x110,-0x203)+_0x3489fe(0x466,0x4d4)]='criti'+_0x3489fe(0x4c5,0x576),_0x14d552['title']=_0x3489fe(0x4c1,0x459)+_0x113a09(0x1,0x9a)+'jecti'+'on\x20—\x20'+_0x113a09(0x56,-0x37)+_0x113a09(0x6d,0xba)+_0x113a09(-0x83,-0xd2)+_0x113a09(-0x6,0x64)+_0x113a09(-0x25,-0x89)+'-c',_0x14d552['descr'+'iptio'+'n']='Using'+_0x3489fe(0x4ab,0x560)+_0x3489fe(0x42c,0x444)+_0x3489fe(0x55f,0x5b3)+_0x113a09(-0x129,-0xc1)+_0x113a09(-0x137,-0x52)+'ings\x20'+_0x3489fe(0x45e,0x3e5)+_0x113a09(-0xab,-0x151)+_0x3489fe(0x40c,0x410)+_0x113a09(-0x91,-0xc9)+_0x113a09(0xb2,0x6c)+_0x113a09(0x23,0xf6)+_0x3489fe(0x41f,0x4d4)+_0x113a09(0x32,-0x18)+_0x3489fe(0x3ca,0x3dd)+_0x3489fe(0x3ff,0x3db)+_0x3489fe(0x4bf,0x53a)+'.',_0x14d552[_0x3489fe(0x597,0x4de)+_0x3489fe(0x4e5,0x55b)]=['go'],_0x14d552['patte'+'rn']=/exec\.Command\s*\(\s*['"](?:bash|sh|cmd)['"]\s*,\s*['"](?:-c|\/c)['"]\s*,/g,_0x14d552[_0x113a09(-0x6d,-0x114)]=_0x113a09(-0x12b,-0x212)+'\x20shel'+_0x113a09(-0xb6,-0xeb)+_0x3489fe(0x577,0x4ad)+_0x3489fe(0x454,0x43e)+_0x113a09(0x6c,0xe7)+_0x113a09(-0x7,-0x58)+_0x113a09(-0x73,-0xb2)+_0x113a09(-0xbd,-0xe6)+_0x3489fe(0x4d1,0x51e)+_0x113a09(-0x49,-0x15)+_0x3489fe(0x46d,0x3ea)+_0x113a09(-0x5f,0x43)+_0x3489fe(0x458,0x407)+'nt\x20li'+_0x113a09(0x9c,0x9);const _0x221d41={};_0x221d41['id']=_0x3489fe(0x441,0x379)+_0x3489fe(0x412,0x4c7)+'1',_0x221d41[_0x3489fe(0x4c4,0x54d)]=_0x3489fe(0x4c0,0x539)+'2',_0x221d41[_0x3489fe(0x3de,0x44f)+_0x3489fe(0x466,0x4a9)]=_0x113a09(-0xe8,-0x108),_0x221d41[_0x113a09(-0x26,0xd6)]=_0x113a09(0x7f,0x14f)+_0x3489fe(0x508,0x4e7)+'rsal\x20'+_0x113a09(-0x9b,-0x3)+_0x113a09(-0xd7,0x2b)+_0x113a09(0x5d,0xd1)+'ile\x20p'+_0x113a09(0x99,0x5a),_0x221d41[_0x3489fe(0x487,0x39d)+_0x113a09(0x78,-0x47)+'n']=_0x3489fe(0x4da,0x558)+_0x113a09(-0x7d,-0x166)+_0x113a09(0x21,-0x55)+'\x20in\x20f'+_0x3489fe(0x3ad,0x2d0)+_0x3489fe(0x464,0x4e6)+'ions\x20'+_0x113a09(0x3f,0xbc)+_0x113a09(0xa4,0x192)+'nitiz'+_0x113a09(-0xcf,0x10)+_0x3489fe(0x521,0x625)+_0x3489fe(0x45a,0x539)+_0x113a09(-0x133,-0x227)+_0x3489fe(0x579,0x5f3)+_0x113a09(-0x130,-0x8e)+_0x113a09(0x93,-0x1),_0x221d41[_0x113a09(0xa9,-0x52)+_0x3489fe(0x4e5,0x507)]=['go'],_0x221d41[_0x3489fe(0x4a4,0x3a2)+'rn']=/(?:os\.(?:Open|Create|ReadFile|WriteFile|Remove|Stat|MkdirAll)|ioutil\.(?:ReadFile|WriteFile)|filepath\.Join)\s*\(\s*(?:r\.|req\.|c\.|ctx\.|params|query|mux\.Vars)/g,_0x221d41[_0x3489fe(0x481,0x4c0)]='Use\x20f'+_0x3489fe(0x428,0x409)+_0x113a09(-0x60,-0xcb)+_0x113a09(0xb3,0x72)+_0x113a09(-0x24,-0x97)+_0x3489fe(0x59b,0x641)+_0x113a09(0xa7,0x157)+'\x20reso'+_0x113a09(0x98,0xf2)+_0x113a09(-0x10d,-0xca)+_0x113a09(0xa0,0x172)+'thin\x20'+'the\x20e'+_0x113a09(-0x71,-0xa1)+_0x3489fe(0x591,0x508)+_0x3489fe(0x434,0x46a)+_0x113a09(-0x50,-0xaf)+_0x3489fe(0x43f,0x3dc)+_0x3489fe(0x41a,0x3b7)+_0x3489fe(0x48d,0x400)+_0x3489fe(0x49a,0x3ab)+_0x113a09(-0x13e,-0x11b)+'x.';const _0x18d139={};_0x18d139['id']=_0x3489fe(0x4d6,0x41f)+_0x113a09(-0x8d,-0x6)+'1',_0x18d139[_0x3489fe(0x4c4,0x47d)]='CWE-9'+'18',_0x18d139['sever'+'ity']=_0x3489fe(0x406,0x3e5),_0x18d139[_0x3489fe(0x4c8,0x565)]=_0x3489fe(0x3fb,0x3f3)+_0x113a09(-0x72,0x3e)+_0x3489fe(0x3d4,0x31c)+_0x113a09(0x52,0x39)+_0x113a09(0xab,-0x13)+_0x113a09(0x3d,0xbc)+_0x3489fe(0x558,0x605)+_0x3489fe(0x4a8,0x527)+_0x3489fe(0x4b5,0x448)+_0x113a09(-0x4b,-0x143)+_0x113a09(0xb7,0x66)+'ut',_0x18d139[_0x113a09(-0x67,-0x99)+_0x113a09(0x78,0x179)+'n']=_0x3489fe(0x549,0x537)+_0x3489fe(0x3b1,0x46a)+'RLs\x20c'+_0x113a09(0x74,0x36)+_0x113a09(-0x97,-0x16d)+'\x20from'+'\x20user'+_0x113a09(-0x139,-0x15b)+_0x3489fe(0x523,0x4c4)+_0x3489fe(0x4ee,0x400)+_0x113a09(-0x7f,-0x121)+_0x3489fe(0x5af,0x569)+_0x113a09(-0xa9,-0x127)+_0x113a09(-0x4f,-0x76)+'.',_0x18d139[_0x113a09(0xa9,-0x1c)+'ages']=['go'],_0x18d139['patte'+'rn']=/http\.(?:Get|Post|Head|NewRequest)\s*\(\s*(?:fmt\.Sprintf|[^,)]+\+\s*(?:r\.|req\.|params|query))/g,_0x18d139[_0x113a09(-0x6d,-0x116)]=_0x3489fe(0x535,0x56b)+_0x113a09(-0x62,0x8d)+_0x113a09(-0xc3,-0x154)+'gains'+'t\x20an\x20'+_0x113a09(-0x100,-0x2d)+_0x3489fe(0x596,0x4bc)+_0x3489fe(0x553,0x5ab)+_0x113a09(-0x36,-0x12d)+_0x113a09(-0x142,-0x227)+_0x113a09(0x75,0x5b)+_0x3489fe(0x4f8,0x590)+'P\x20ran'+'ges\x20('+'10.x,'+_0x113a09(0xd,-0xf2)+_0x3489fe(0x501,0x521)+_0x113a09(-0xae,-0x57)+_0x3489fe(0x41e,0x324)+_0x3489fe(0x4bd,0x3cf);const _0x2afbb3={};_0x2afbb3['id']=_0x3489fe(0x574,0x50e)+_0x3489fe(0x4fc,0x4a5)+_0x113a09(-0x2,0xbc),_0x2afbb3['cwe']='CWE-3'+'27';function _0x113a09(_0x183c72,_0x22c4da){const _0x47e8c0={_0xcc52fa:0x204};return _0x2fc0(_0x183c72- -_0x47e8c0._0xcc52fa,_0x22c4da);}_0x2afbb3[_0x3489fe(0x3de,0x2f6)+_0x113a09(-0x88,-0x109)]=_0x113a09(-0xe8,-0x126),_0x2afbb3['title']=_0x113a09(-0xc8,-0x139)+_0x113a09(0x8d,-0x26)+'ograp'+'hy\x20—\x20'+'MD5\x20u'+'sage',_0x2afbb3[_0x113a09(-0x67,0xe)+'iptio'+'n']=_0x3489fe(0x44a,0x450)+_0x113a09(0xb4,0x19c)+'ptogr'+'aphic'+_0x3489fe(0x583,0x5e7)+_0x3489fe(0x4f7,0x4c7)+'n.\x20Co'+_0x3489fe(0x4ba,0x42d)+_0x3489fe(0x516,0x58c)+_0x113a09(0x50,0x87)+_0x113a09(-0xa,-0x80)+'rated'+'\x20in\x20s'+_0x113a09(-0xdb,-0x78)+'s.',_0x2afbb3[_0x3489fe(0x597,0x67a)+_0x3489fe(0x4e5,0x5ca)]=['go'],_0x2afbb3['patte'+'rn']=/(?:md5\.(?:New|Sum)|crypto\/md5)/g,_0x2afbb3[_0x3489fe(0x481,0x4ee)]=_0x113a09(-0x32,-0x43)+_0x113a09(-0x48,-0xbf)+_0x113a09(0xae,0x19b)+_0x113a09(0x49,0x8d)+_0x113a09(-0x146,-0x14e)+_0x113a09(-0x10b,-0x1cc)+_0x3489fe(0x5a8,0x54e)+_0x3489fe(0x547,0x509)+_0x113a09(0x18,-0x7f)+_0x113a09(0x17,-0xd6)+_0x3489fe(0x4ed,0x40e)+_0x113a09(-0x3f,-0x84)+_0x3489fe(0x539,0x51f)+_0x113a09(-0x23,0xc8)+_0x113a09(-0x4d,0x64)+'t.';const _0x5dc24f={};_0x5dc24f['id']=_0x113a09(0x86,0x4c)+_0x113a09(0xe,0xdb)+'002',_0x5dc24f[_0x113a09(-0x2a,-0xbd)]=_0x113a09(-0xb9,-0x184)+'27',_0x5dc24f[_0x3489fe(0x3de,0x47c)+_0x3489fe(0x466,0x372)]=_0x113a09(-0xe8,-0x87),_0x5dc24f[_0x3489fe(0x4c8,0x518)]=_0x113a09(-0xc8,-0x94)+'Crypt'+_0x113a09(-0xde,-0x11e)+_0x3489fe(0x42d,0x3e6)+_0x3489fe(0x580,0x4d4)+'usage',_0x5dc24f[_0x3489fe(0x487,0x3bb)+'iptio'+'n']=_0x3489fe(0x580,0x5c8)+_0x113a09(0x2b,-0x2f)+_0x3489fe(0x40e,0x33d)+_0x3489fe(0x4f5,0x530)+_0x3489fe(0x57a,0x61b)+_0x113a09(0x4d,-0x83)+_0x3489fe(0x4df,0x51a)+_0x113a09(0x53,-0x99)+_0x3489fe(0x424,0x3b1)+_0x3489fe(0x598,0x651)+_0x113a09(0x8f,0x3f)+_0x113a09(-0x34,0x6)+_0x3489fe(0x469,0x38c)+'tacks'+'.',_0x5dc24f[_0x113a09(0xa9,0x50)+_0x3489fe(0x4e5,0x4b8)]=['go'],_0x5dc24f[_0x3489fe(0x4a4,0x57f)+'rn']=/(?:sha1\.(?:New|Sum)|crypto\/sha1)/g,_0x5dc24f[_0x113a09(-0x6d,0x39)]=_0x3489fe(0x4bc,0x471)+_0x3489fe(0x4a6,0x48b)+_0x113a09(0xae,0xef)+'56\x20or'+_0x113a09(-0x146,-0xa8)+_0x113a09(-0x10b,-0x37);const _0x4128c9={};_0x4128c9['id']=_0x3489fe(0x574,0x4fc)+_0x113a09(0xe,0xf7)+_0x3489fe(0x40f,0x41d),_0x4128c9[_0x113a09(-0x2a,-0x101)]=_0x113a09(-0xb9,-0x19c)+'27',_0x4128c9['sever'+_0x3489fe(0x466,0x427)]=_0x113a09(-0xe8,-0x63),_0x4128c9[_0x113a09(-0x26,-0xf7)]=_0x3489fe(0x426,0x512)+_0x3489fe(0x57b,0x608)+_0x113a09(-0xde,-0xb3)+'hy\x20—\x20'+_0x113a09(0xb,-0xf0)+'sage',_0x4128c9[_0x113a09(-0x67,-0x141)+_0x3489fe(0x566,0x562)+'n']=_0x3489fe(0x565,0x669)+'nd\x203D'+_0x3489fe(0x4e6,0x4e4)+_0x3489fe(0x4c3,0x3c7)+'recat'+_0x113a09(-0x80,-0x24)+_0x113a09(-0x8e,-0xe4)+'s\x20onl'+_0x113a09(0x61,-0x24)+_0x113a09(0x57,0xb5)+_0x113a09(-0x112,-0xb6),_0x4128c9['langu'+_0x3489fe(0x4e5,0x467)]=['go'],_0x4128c9[_0x3489fe(0x4a4,0x505)+'rn']=/(?:des\.NewCipher|des\.NewTripleDESCipher|crypto\/des)/g,_0x4128c9[_0x3489fe(0x481,0x57e)]='Use\x20A'+_0x113a09(-0x131,-0x91)+_0x3489fe(0x4a6,0x41b)+_0x113a09(0xc,0x3a)+'\x20with'+'\x20GCM\x20'+_0x113a09(-0xe4,-0x131)+_0x113a09(-0xcc,-0xff)+_0x113a09(-0x53,0x1f)+_0x113a09(-0xc9,-0x19c);const _0x1153bc={};_0x1153bc['id']=_0x113a09(-0x12f,-0x10c)+_0x113a09(-0x13,-0x29)+'1',_0x1153bc[_0x3489fe(0x4c4,0x48f)]='CWE-3'+'38',_0x1153bc[_0x3489fe(0x3de,0x49b)+_0x3489fe(0x466,0x4e0)]=_0x3489fe(0x406,0x48d),_0x1153bc['title']=_0x113a09(-0xfe,-0x1a2)+'ure\x20R'+'andom'+_0x3489fe(0x53d,0x5a9)+_0x3489fe(0x3e9,0x2e7)+_0x3489fe(0x432,0x3cc)+_0x113a09(-0xda,-0x153)+_0x3489fe(0x4cd,0x445),_0x1153bc[_0x113a09(-0x67,-0x22)+_0x113a09(0x78,0x67)+'n']=_0x113a09(-0x8f,-0xa7)+_0x113a09(-0xd9,-0x120)+_0x113a09(0x6,0x56)+_0x3489fe(0x3ce,0x2f6)+_0x3489fe(0x4d3,0x4cf)+'and\x20m'+_0x113a09(-0x78,-0x3c)+_0x3489fe(0x4e0,0x49e)+'\x20used'+_0x113a09(-0xa5,0x16)+_0x113a09(0x73,-0x3c)+_0x113a09(0x5a,-0x1c)+'ensit'+_0x113a09(-0xb,0xe0)+_0x3489fe(0x464,0x425)+_0x113a09(-0x140,-0x181)+'like\x20'+_0x113a09(0x4a,-0x45)+_0x3489fe(0x4f6,0x4c1)+'keys.',_0x1153bc[_0x113a09(0xa9,0x10b)+'ages']=['go'],_0x1153bc[_0x3489fe(0x4a4,0x475)+'rn']=/math\/rand|rand\.(?:Intn|Int31|Int63|Float64|Read)\s*\(/g,_0x1153bc[_0x113a09(-0x6d,-0x67)]=_0x3489fe(0x4bc,0x5b8)+_0x113a09(-0x48,-0x49)+_0x113a09(-0x63,-0x5)+_0x113a09(-0xa5,-0x14b)+_0x3489fe(0x561,0x503)+_0x3489fe(0x548,0x49e)+'ensit'+_0x113a09(-0xb2,-0x1b0)+_0x113a09(-0x4,-0x40)+'\x20valu'+_0x113a09(0xb8,0x44)+'rypto'+_0x3489fe(0x48b,0x3e2)+_0x113a09(-0xec,-0x1c7)+_0x113a09(-0x127,-0x2c);const _0x2e80bf={};_0x2e80bf['id']=_0x3489fe(0x3e7,0x468)+_0x113a09(0x29,0xba),_0x2e80bf[_0x113a09(-0x2a,-0x22)]=_0x3489fe(0x4c0,0x467)+'95',_0x2e80bf[_0x113a09(-0x110,-0x1f6)+'ity']=_0x3489fe(0x3d7,0x355)+'cal',_0x2e80bf[_0x113a09(-0x26,-0x56)]=_0x113a09(-0x42,-0x13)+_0x113a09(0x88,0x83)+_0x3489fe(0x483,0x3ab)+'rtifi'+_0x3489fe(0x4d0,0x5d1)+_0x3489fe(0x3cc,0x45f)+'icati'+'on',_0x2e80bf[_0x113a09(-0x67,-0x6b)+_0x3489fe(0x566,0x5bc)+'n']=_0x113a09(-0xfe,-0x3b)+_0x113a09(-0x106,-0x15f)+_0x3489fe(0x4e1,0x4c0)+_0x3489fe(0x44d,0x386)+_0x113a09(0x54,0x38)+_0x113a09(-0xa8,-0x40)+_0x3489fe(0x427,0x3be)+_0x3489fe(0x4d0,0x537)+_0x3489fe(0x568,0x547)+'ation'+_0x113a09(-0x52,-0xdd)+'owing'+_0x3489fe(0x465,0x3f0)+_0x3489fe(0x462,0x3e8)+_0x3489fe(0x51d,0x5b1)+_0x3489fe(0x444,0x42d)+_0x113a09(-0x10e,-0x15e)+'s.',_0x2e80bf[_0x113a09(0xa9,0x66)+'ages']=['go'],_0x2e80bf['patte'+'rn']=/InsecureSkipVerify\s*:\s*true/g,_0x2e80bf[_0x113a09(-0x6d,0x24)]=_0x3489fe(0x4b9,0x596)+_0x3489fe(0x59f,0x4eb)+_0x113a09(-0x103,-0x115)+'SkipV'+'erify'+_0x3489fe(0x522,0x582)+_0x113a09(-0x57,-0x60)+_0x3489fe(0x4ad,0x4f0)+_0x3489fe(0x571,0x48d)+_0x3489fe(0x54e,0x4cc)+_0x3489fe(0x557,0x658)+'ates\x20'+'for\x20T'+_0x113a09(0xb5,0x9f)+'rific'+_0x113a09(-0xcf,-0x162)+'.';const _0x4f71d4={};_0x4f71d4['id']=_0x3489fe(0x3e7,0x4db)+'S-002',_0x4f71d4['cwe']='CWE-3'+'27',_0x4f71d4[_0x113a09(-0x110,-0x38)+_0x113a09(-0x88,0x1)]=_0x3489fe(0x406,0x3e0),_0x4f71d4[_0x3489fe(0x4c8,0x3d7)]=_0x113a09(-0xc8,-0xae)+_0x3489fe(0x48a,0x419)+_0x3489fe(0x5a7,0x535)+_0x3489fe(0x3b8,0x318)+_0x3489fe(0x4d7,0x5da)+_0x3489fe(0x59d,0x4f7)+_0x3489fe(0x3e2,0x4dc),_0x4f71d4[_0x113a09(-0x67,-0x40)+_0x113a09(0x78,0x123)+'n']=_0x3489fe(0x467,0x39d)+_0x3489fe(0x5a7,0x4f5)+'ns\x20be'+_0x3489fe(0x492,0x473)+_0x113a09(0x9e,0x153)+_0x3489fe(0x486,0x4b4)+_0x113a09(-0x138,-0x72)+_0x113a09(0x36,0x82)+_0x113a09(0x2d,-0x62)+_0x113a09(-0x82,0x7d)+_0x3489fe(0x3f6,0x3a4)+_0x113a09(0x26,-0x91)+'EAST,'+_0x3489fe(0x59e,0x67b)+').',_0x4f71d4['langu'+_0x3489fe(0x4e5,0x4f7)]=['go'],_0x4f71d4[_0x3489fe(0x4a4,0x49f)+'rn']=/(?:MinVersion|MaxVersion)\s*:\s*tls\.Version(?:SSL30|TLS10|TLS11)/g,_0x4f71d4[_0x113a09(-0x6d,-0x86)]=_0x3489fe(0x4ff,0x4cf)+_0x113a09(-0x99,-0x190)+_0x113a09(-0x30,-0x3b)+_0x3489fe(0x3e4,0x470)+_0x113a09(0x2e,0xbc)+_0x3489fe(0x4c6,0x459)+'LS12\x20'+_0x113a09(-0xe5,-0xb3)+_0x113a09(0x2e,-0x3a)+'sionT'+_0x3489fe(0x528,0x47d);function _0x592d(){const _0x42c4f4=['reKTmda','CNKG4Ocuia','CgfYyxq','D2L0Ag8','CYbLBMe','DgGGDxm','iMfYzZe','vgHLihu','q1DfltG','zw1WBge','r08Tve0','vMfSAwq','yxjHBwu','ntyGB3i','Dg9Rzw4','l3GVy3i','zxjPEMu','y3vYAxq','zguGzMe','iokaLcbTyq','yw4GyMu','yMXLCYa','DwvZDca','igr1zsa','AxnHyMW','CYbHieC','u2HLBgW','yML0igS','r08TtKu','CgfZC3C','Axr5lxm','rMv0y2G','BNmGAw4','EMvKigy','zxmGD2K','BMCGAw4','qsbJzxi','Esa1nI0','r29YB3u','ihvUC2e','DgvYzMe','iejSB2m','ug90zw4','CM90zwm','ieDVj3m','DgLMAwm','rhLUyw0','B24G4Ocuia','C2uGzxG','igv4zwm','zxzPzxC','q1DfltC','DgvUAw4','AxrOigq','AgvSBca','C2vJDxi','B25ZDhi','Aw50zxi','DgvYAxO','revtige','Axb0Aw8','Dg8GAw4','DMfSAwq','DgLVBIa','mc4Xksa','DwjSAwm','DguGzNi','ugf0Aca','oIbKyI4','CM9Yihi','B20GDxm','CgvYiem','Chv0','CMvKzwy','r08Tq1i','4OcuieDVCG','BgvKifq','B2nHDgK','zwqGCxu','AxrYyxi','B3iGC2u','q3j5Chq','ywnLCW','ywWGy28','BI9MB3i','y2HHBM4','u0Hbmsa','zxmU','DcbZAge','ywXSEsa','swDUB3i','igj1AwW','BhzLzca','yxrO','u3rYAw4','zMv0Esa','C3qU','teKTmda','lJiGAge','zxnZAw4','AxmGD2K','Dgv4lca','vc0Wmde','zwqGyMe','DxqGC2e','DgLUzxm','mtu1wePetMLb','Esb0Agu','BgLZDc4','BgfUz3u','ywn0Awm','rM9Yz2u','zwXZlca','DMvYAwy','l3nOyti','mcbVCIa','igv0yY4','zsbjBNm','igLUDgu','zwfUkcK','CYbJCNK','tfmGDMu','BNb1Dca','CIbPBNa','zxm6igm','zxjZAw8','iezVCIa','vxnPBMC','B2rLigu','vgvTCgW','CMSGAw4','zIbMBxq','Dg8GBg8','DgvYBMe','odC5otC4BKX2Bgnv','ihn0CM8','qwXSieK','zw1VCNK','zxmGr28','DMf0zs8','AwXLig8','Aw9UCYa','y2fSBhK','uhjLzMK','Aw5Nifu','zwfKig8','BMqGD2K','zxmGAw4','igLUChu','B3DUihy','yYbZDhi','BIdIGjqGva','ihbYB2q','Bgf0Aw8','CYbHCMi','zxjYB3i','rvmGkgm','EsbMAwW','r08TuKe','qwX3yxK','Dwn0Aw8','y2vZigK','qxzVAwq','ihnHzMu','Ew5HBwK','ihbHy2S','kgj1zIK','BwvKAxu','mtG4nZu4nJHJtfflq1m','yMXPBMC','C2uGDxm','vMvYAwy','DhKGz3u','zwrPy3q','DgHVDxq','yxmGC2u','BMrZigy','ExbHC3m','B3bLCMe','zsbszxe','yw5Kihi','ihrVihu','y3jPDgK','ihnOyxi','ywnRywC','AwXLCY4','zM9Yigq','zxLZlG','id0Gjde','C2v2zxi','BMCGDg8','DhrHy2S','Cgf0Aca','ms4X','BMDLCI4','Dg8GDgW','iezst00','uI0Wmde','r08TveW','DxjLu2S','DgGVCMe','lLjxtxu','zwn1CMu','CMLLCY4','DgyGB3i','ywXSB3C','ig9Yihu','sw5Zzwm','zw5HyMW','BNrMigy','mtbRtxjpDei','u3bYAw4','zwrLzca','kfbpt0q','zw50ihC','zcbtuuW','BMf0Aw8','zsbKyxq','u2vYDMu','CMfTzxq','BMCGy28','DgLHBca','igLUAMu','q29UzgK','yxjHBNq','lLjLywq','C3nPBMC','vxnLihm','ueWTmda','AgLNAa','jdiGCgW','AhKGAxq','B3iGDgW','Bw9Kzsa','n3LQBfbLzW','B3vNAca','BYb0zw0','ChjLy2e','mdaZ','B2DYyxa','AwX1CMu','veGTmda','zwnVBMq','CIbZzwm','CMfUzca','iIWGAwq','yw5PDgK','CMvKihm','BwqIlca','Aw5Nihm','vw5JAgu','q1Dflty','ndGYndHlDwvosxm','otiUmty','yxrPB24','Aw9Yig8','icqXlca','Aw5ZDgu','BIbPBIa','Dg8GChi','ierfuY4','v2vHAYa','CNrPzMK','AwXLCge','BNrLCMy','mtyYAufqvLnw','uKXZige','ic1JihC','AhKG4Ocuia','nZiZywzIt215','y2TLzca','CMf3ifm','ihDPDgG','BMqGzM8','it0GBMK','C2uGzgK','q1Dfltm','yw5Kig0','C3qGkde','BcbPBNy','ihf1zxi','DxrLEcW','ihn5BMm','AxzLihi','zxHLyY4','ywDLigi','CNKGDxm','lNGSide','r08Tuee','BNnHzMu','CYb0Ahi','zgXLige','BcbZzxi','zxmGy2u','yMfZzs8','DgLVBNm','igzVCIa','tuq1igK','mc4Wigu','r08Tu1e','Awz5igq','BMCGDxm','EhbVC2u','qMLUzgK','ignHCMu','BgrLCNm','4OcuifvUCW','B24Uifu','Aw5wzxi','u1fmieK','Dwn0zwq','CMD1Bwu','j3mGBMu','ywnJzxm','DxbWB3i','ier5BMe','C2HLBgW','CgfZC2u','Bwf0Ac8','rvmGAge','uKyTmda','Aw4TDgG','ugfYC2K','CgvYyxq','ig1HBI0','Axr5','veXtihy','ig9Yigm','B24Gyxq','zYbVBIa','DxrPB24','DgLLCYa','BMfYEsa','zwqUieq','C3mGAw4','Ew5JlK0','Aw5WDxq','zgLZy2W','zwX5ig4','zxzLBg8','Aw5Niha','Dxn0ig4','zwnLC3m','AMvJDgK','BMPLy3q','C29SDxq','Bw1HBMq','CI1tAwq','EhbLy3q','zNvSBhK','zIb1BNm','ifjLDhu','zML4','AhjVBMK','tfmGq2u','lKnVBw0','CM4G4Ocuia','DMuGA24','zgvZy3i','CYbxseu','Cg1LBNq','veXtify','l3jHBMq','yxrLifu','DhjPBMC','DgGUq2W','yw5Kige','CNKGy28','yw4GAgK','Bg93ide','zcbXDwu','zsbWyxi','zxr1CM4','CMCYiIK','zs4Gvxm','igvYCIa','BwLJihq','CY5iyxm','ywqGB2y','lcbHBgW','yML0CMe','CMvJDg8','DMLJzxm','CMrLzca','yMnYExa','y29TBwe','Bsb1C2u','Cgf0Dgu','y3qGyMK','CNLWDg8','q1Dflte','AwmGvvi','Dgf0zq','Bwf0DgK','igjHC2G','rgLZywi','zsbWCM8','mJC4mty2uuLXA0zM','zY5VCMC','Aw9UiokaLa','CMv0Dxi','BIbJyw4','C2vYigK','Chv0ige','tcbMCM8','zxiGAw4','yMvOyxy','AYbWCMK','uMvTB3y','BgXPC2K','mJCUmc4','vxnLigm','oc54ks4','C2LVBIa','y3rPB24','q1Dflti','q29TBwe','mtKYmdC4ALnZvNrd','zsbKzxa','y3DL','y2fS','C2LVBLq','mZm2','DgL0Bgu','yMfZAca','igfUzca','Exb0BY8','DhmGCge','DxjPDhK','ihrViha','vxnLiha','y2f0zsa','igrPCMu','zMuUug8','ywjSzsa','Bcb7ihi','DgvYCg8','r08Tu1m','tfmGms4','B3iGu1e','BMDZlG','vxnLCIa','tKqTmda','ihvZzxi','CYb0Agu','qNvPBgq','Esb1C2u','B3qGyMu','Axbwzxi','yw5KoIa','AxzLig8','igDLBMu','ywDLCW','rvmGyxi','zwmUq28','ihzPysa','EgvJDxq','yw5KB20','zxjPzxm','mdaX','z29Syw4','igfJy2u','BMqGsw4','ndCXng1mEwnmBq','BMv4Cgu','CIbWyxi','Aw5Lzca','AxmGChi','DgvKigy','CYbVCIa','yNjVA2u','BMfSieK','revtihu','l2fLCYK','ide3mI4','wvbutY0','ifn0CMK','igrHDge','u2v0ie0','ihn0CMK','mtyTmZe','yxjNDw0','r08Trvi','ie5LDMu','ihvZzsa','B3jKCYW','igfSBca','vhjHDMu','Dgf0zs4','CYbHBMq','BgvHzca','CNmGDg8','zw50CYa','uxvLCNK','ihvZzwq','ihzHBhu','CNbYzxq','BMnHDgu','DgLVBI4','teuSiei','CNjVCIa','B25Zigm','uY0Wmde','zxiGDg8','AxmGzgu','CZOGAwy','ywjPBgK','CY5wzxi','zs1TAwq','yxrLigy','r08Tvu4','lcbLBMe','ignHBIa','oIb0CNu','DcbJyw4','DwXUzxi','nJeXnZzlzhPMCwS','u1fmihe','r08Tq00','tfmXmY4','zsbHy2m'];_0x592d=function(){return _0x42c4f4;};return _0x592d();}const _0x35bf41={};_0x35bf41['id']=_0x113a09(0x46,-0x36)+_0x3489fe(0x405,0x45f)+'1',_0x35bf41[_0x3489fe(0x4c4,0x5a2)]=_0x113a09(-0x47,-0xbb)+_0x113a09(-0x27,-0xfa),_0x35bf41[_0x113a09(-0x110,-0xd9)+_0x3489fe(0x466,0x50d)]=_0x113a09(-0x117,-0x147)+_0x3489fe(0x4c5,0x43d),_0x35bf41['title']=_0x113a09(0xbd,0x16d)+'ate\x20I'+'nject'+_0x3489fe(0x4b0,0x4ff)+_0x3489fe(0x45c,0x536)+_0x113a09(-0x55,-0x156)+_0x3489fe(0x533,0x59c)+_0x3489fe(0x56c,0x59f)+_0x3489fe(0x570,0x511)+'er\x20in'+_0x113a09(0x84,0xd7),_0x35bf41[_0x3489fe(0x487,0x417)+_0x113a09(0x78,0x16a)+'n']=_0x113a09(-0x8b,0x4e)+_0x113a09(-0xa0,-0x173)+_0x3489fe(0x4b6,0x424)+_0x113a09(-0x3a,0x2d)+_0x3489fe(0x543,0x5fe)+_0x3489fe(0x40d,0x359)+'plate'+_0x113a09(0x33,0x3)+_0x3489fe(0x50b,0x591)+_0x113a09(0x79,-0xb)+'forma'+_0x3489fe(0x569,0x4e8)+_0x3489fe(0x472,0x4fa)+'osure'+_0x3489fe(0x468,0x52e)+_0x113a09(0xbc,0x157)+_0x3489fe(0x4e9,0x453)+'ion.',_0x35bf41['langu'+_0x3489fe(0x4e5,0x555)]=['go'],_0x35bf41[_0x3489fe(0x4a4,0x3d1)+'rn']=/template\.(?:New|Must)\s*\([^)]*\)\.Parse\s*\(\s*(?:r\.|req\.|params|query|body|input)/g,_0x35bf41['fix']='Use\x20p'+_0x3489fe(0x573,0x52a)+_0x113a09(0x5,0x33)+'templ'+_0x3489fe(0x51e,0x4c5)+_0x113a09(-0x114,-0xba)+_0x113a09(0x16,-0xe)+_0x113a09(0x4,0xc0)+_0x113a09(-0x123,-0x1d1)+_0x3489fe(0x4b6,0x546)+_0x3489fe(0x4b4,0x4d3)+'s\x20tem'+'plate'+_0x113a09(0x12,0x6)+_0x3489fe(0x4d9,0x465);const _0x12f2b9={};_0x12f2b9['id']='GO-RA'+'CE-00'+'1',_0x12f2b9[_0x3489fe(0x4c4,0x4ac)]='CWE-3'+'62',_0x12f2b9['sever'+_0x113a09(-0x88,-0x149)]='mediu'+'m',_0x12f2b9[_0x3489fe(0x4c8,0x456)]=_0x3489fe(0x554,0x55e)+_0x3489fe(0x3fe,0x3db)+'Race\x20'+_0x3489fe(0x400,0x441)+_0x113a09(0x7b,0x18)+_0x113a09(0x87,0x152)+'outin'+_0x3489fe(0x529,0x5ec)+_0x113a09(0x9f,0xbc)+'g\x20sha'+_0x3489fe(0x418,0x4ea)+_0x113a09(-0x45,-0x6a),_0x12f2b9[_0x3489fe(0x487,0x406)+_0x113a09(0x78,0x7f)+'n']=_0x113a09(0x62,0x2b)+_0x113a09(0xa5,0x146)+_0x3489fe(0x4ee,0x595)+_0x3489fe(0x403,0x401)+_0x3489fe(0x3d8,0x474)+'ed\x20va'+'riabl'+_0x3489fe(0x54c,0x598)+_0x3489fe(0x3cf,0x323)+_0x3489fe(0x43b,0x425)+_0x3489fe(0x482,0x398)+'zatio'+_0x3489fe(0x4b2,0x48f)+'\x20caus'+_0x113a09(-0xf4,-0xa3)+'a\x20rac'+'es.',_0x12f2b9['langu'+'ages']=['go'],_0x12f2b9[_0x3489fe(0x4a4,0x3ce)+'rn']=/go\s+func\s*\(\s*\)\s*\{[^}]*(?:map\[|=\s*(?:append|[^=]))/g,_0x12f2b9['fix']=_0x3489fe(0x404,0x3dc)+_0x113a09(-0x7e,-0xd8)+_0x3489fe(0x43a,0x433)+_0x113a09(-0xb3,-0x10)+_0x113a09(-0x104,-0xe9)+_0x3489fe(0x58f,0x4f4)+_0x3489fe(0x57f,0x5ee)+_0x113a09(0xac,0x66)+'or\x20at'+'omic\x20'+_0x3489fe(0x3d3,0x3c5)+_0x113a09(-0xa6,-0x93)+_0x113a09(-0x20,-0x111)+_0x3489fe(0x555,0x494)+_0x113a09(0x94,0xa3)+_0x113a09(-0xd6,-0x17a)+_0x3489fe(0x509,0x4ed);const _0x52043b={};_0x52043b['id']=_0x3489fe(0x503,0x448)+_0x113a09(-0x108,-0x20),_0x52043b[_0x113a09(-0x2a,-0xc1)]='CWE-3'+'91',_0x52043b[_0x113a09(-0x110,-0x58)+_0x113a09(-0x88,-0x142)]=_0x3489fe(0x3c8,0x30b)+'m',_0x52043b[_0x3489fe(0x4c8,0x51e)]=_0x3489fe(0x41b,0x508)+_0x113a09(-0xbf,-0x6a)+'Error'+_0x113a09(-0x6e,-0xf8)+_0x113a09(-0x69,-0x13d)+'Disca'+_0x113a09(-0x4e,0x67)+_0x113a09(-0x132,-0x12a)+_0x3489fe(0x510,0x594)+'e',_0x52043b['descr'+'iptio'+'n']=_0x113a09(0x96,0xcb)+'ing\x20e'+_0x3489fe(0x515,0x592)+_0x113a09(-0x3d,-0xb8)+_0x113a09(0x5c,-0x3a)+'\x20Go\x20c'+_0x3489fe(0x491,0x481)+_0x113a09(0x4e,-0x58)+_0x3489fe(0x411,0x495)+_0x113a09(0x1c,-0xbe)+'\x20lead'+_0x113a09(-0x118,-0x14)+_0x113a09(0x3,-0x92)+'cted\x20'+_0x3489fe(0x4b7,0x538)+_0x113a09(-0xce,-0xa1)+_0x3489fe(0x414,0x4b6)+'urity'+'\x20issu'+'es.',_0x52043b['langu'+_0x113a09(-0x9,-0x52)]=['go'],_0x52043b[_0x3489fe(0x4a4,0x4fd)+'rn']=/[a-zA-Z_]+\s*,\s*_\s*[:=]=?\s*(?:os\.|ioutil\.|io\.|http\.|sql\.|json\.|crypto\.|tls\.)/g;function _0x3489fe(_0x15036e,_0x5e24f1){return _0x2fc0(_0x15036e-0x2ea,_0x5e24f1);}_0x52043b['fix']=_0x113a09(-0x12e,-0x194)+'s\x20che'+'ck\x20er'+_0x113a09(0x81,0x141)+_0x3489fe(0x495,0x556)+_0x3489fe(0x51a,0x4f7)+_0x113a09(-0x56,-0x38)+_0x3489fe(0x433,0x44f)+_0x3489fe(0x4d4,0x5ae)+_0x113a09(-0x59,-0xd1)+_0x113a09(-0x56,-0x3b)+'}';function _0x2fc0(_0xac252d,_0x1e4352){_0xac252d=_0xac252d-(0x1*0x5f+-0x6fe*0x4+0x1c56);const _0x12fc37=_0x592d();let _0xf203e0=_0x12fc37[_0xac252d];if(_0x2fc0['IJghzl']===undefined){var _0x30961b=function(_0x5692ee){const _0x137eef='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x4694d2='',_0x1fefa6='';for(let _0x498cd3=-0x1c5b*0x1+0x13d7*0x1+0x884,_0x249819,_0x333aa0,_0x18eada=-0xb1f+0x27*-0x7b+0x1ddc;_0x333aa0=_0x5692ee['charAt'](_0x18eada++);~_0x333aa0&&(_0x249819=_0x498cd3%(-0x53*0x3+-0x1a05*-0x1+-0x48*0x59)?_0x249819*(-0xb33+-0x2120+0x2c93)+_0x333aa0:_0x333aa0,_0x498cd3++%(0x18e*0x3+-0x4f9*0x3+0xa45*0x1))?_0x4694d2+=String['fromCharCode'](0x1*0x1637+0x1940+-0x2e78&_0x249819>>(-(-0x14*-0x165+-0x40*0x2b+-0x1*0x1122)*_0x498cd3&-0x23de+0x1113+0x12d1)):-0x2552+0x15ec+-0x6*-0x291){_0x333aa0=_0x137eef['indexOf'](_0x333aa0);}for(let _0x44b1a0=-0x2*0x1066+0x10*0x14e+0x6d*0x1c,_0x27978a=_0x4694d2['length'];_0x44b1a0<_0x27978a;_0x44b1a0++){_0x1fefa6+='%'+('00'+_0x4694d2['charCodeAt'](_0x44b1a0)['toString'](0x3*-0x8eb+0x20+0x1ab1))['slice'](-(0x89d+-0x1ecf+0x1634));}return decodeURIComponent(_0x1fefa6);};_0x2fc0['nUMGHH']=_0x30961b,_0x2fc0['rWVsyG']={},_0x2fc0['IJghzl']=!![];}const _0x4d0019=_0x12fc37[0x16f7+-0x1fd2*0x1+0x8db],_0x5644ff=_0xac252d+_0x4d0019,_0x510b5c=_0x2fc0['rWVsyG'][_0x5644ff];return!_0x510b5c?(_0xf203e0=_0x2fc0['nUMGHH'](_0xf203e0),_0x2fc0['rWVsyG'][_0x5644ff]=_0xf203e0):_0xf203e0=_0x510b5c,_0xf203e0;}const _0x85dc9e={};_0x85dc9e['id']=_0x113a09(0x58,0x15)+_0x3489fe(0x590,0x611),_0x85dc9e[_0x3489fe(0x4c4,0x463)]=_0x3489fe(0x41c,0x435)+'68',_0x85dc9e[_0x3489fe(0x3de,0x2eb)+_0x3489fe(0x466,0x3ec)]=_0x113a09(-0x126,-0x34)+'m',_0x85dc9e[_0x113a09(-0x26,0x8)]=_0x113a09(-0xf3,-0xca)+'r\x20Lis'+_0x113a09(0x70,0xd9)+_0x113a09(-0x84,-0x164)+_0x3489fe(0x3a9,0x319)+_0x113a09(-0xc5,-0x107)+_0x3489fe(0x57c,0x565),_0x85dc9e[_0x3489fe(0x487,0x543)+'iptio'+'n']=_0x3489fe(0x450,0x422)+_0x113a09(-0x10f,-0xeb)+'\x200.0.'+_0x113a09(-0xa3,-0xb8)+_0x3489fe(0x44f,0x3ba)+_0x3489fe(0x4dd,0x544)+'\x20serv'+_0x3489fe(0x518,0x4de)+_0x3489fe(0x507,0x523)+'netwo'+_0x3489fe(0x5ac,0x68d)+_0x113a09(0x64,0x114)+_0x3489fe(0x3c2,0x324)+'nclud'+_0x3489fe(0x475,0x421)+_0x3489fe(0x56b,0x5d8)+'\x20ones'+'.',_0x85dc9e[_0x113a09(0xa9,-0x47)+_0x3489fe(0x4e5,0x4fd)]=['go'],_0x85dc9e[_0x3489fe(0x4a4,0x562)+'rn']=/(?:ListenAndServe|Listen)\s*\(\s*['"](?:0\.0\.0\.0|:)(?::\d+)?['"]/g,_0x85dc9e['fix']='Bind\x20'+_0x113a09(0xc0,0x161)+'calho'+_0x3489fe(0x437,0x4a4)+_0x3489fe(0x4bb,0x3eb)+_0x3489fe(0x56a,0x5fa)+_0x3489fe(0x3db,0x3f3)+_0x113a09(-0x7a,0x13)+_0x3489fe(0x489,0x468)+_0x113a09(-0xff,-0x47)+'se\x20fi'+'rewal'+'l\x20rul'+_0x3489fe(0x3b4,0x408)+_0x113a09(-0x135,-0x122)+_0x3489fe(0x3c1,0x485)+'n.';const _0x523dc0={};_0x523dc0['id']=_0x3489fe(0x51f,0x481)+'SAFE-'+'001',_0x523dc0[_0x3489fe(0x4c4,0x483)]=_0x113a09(-0x2e,-0xb0)+'42',_0x523dc0[_0x113a09(-0x110,-0x190)+'ity']=_0x113a09(-0xe8,-0x193),_0x523dc0[_0x113a09(-0x26,-0x28)]='Use\x20o'+_0x113a09(-0x6f,-0x2f)+'afe\x20P'+_0x113a09(-0x115,-0xd6)+'e',_0x523dc0[_0x113a09(-0x67,-0xcd)+_0x113a09(0x78,0x13e)+'n']=_0x113a09(0x43,0x66)+_0x113a09(-0xac,-0x8f)+_0x3489fe(0x3c6,0x325)+_0x3489fe(0x43e,0x4e3)+_0x3489fe(0x3d2,0x3e0)+_0x3489fe(0x3ab,0x366)+'\x27s\x20ty'+'pe\x20sa'+_0x3489fe(0x589,0x49d)+_0x113a09(-0xb8,0x3b)+_0x113a09(-0x144,-0x19e)+_0x113a09(-0x12a,-0x44)+_0x3489fe(0x3cd,0x33e)+_0x3489fe(0x401,0x325)+'ees.',_0x523dc0[_0x113a09(0xa9,-0x52)+_0x3489fe(0x4e5,0x56b)]=['go'],_0x523dc0[_0x113a09(-0x4a,-0xf3)+'rn']=/unsafe\.Pointer/g,_0x523dc0[_0x3489fe(0x481,0x3b7)]=_0x3489fe(0x3c3,0x4c1)+_0x3489fe(0x551,0x5dc)+_0x113a09(-0x1c,0x5)+_0x3489fe(0x563,0x63b)+'\x20unle'+'ss\x20ab'+_0x113a09(-0x74,0x3f)+_0x3489fe(0x473,0x4a4)+_0x113a09(-0x77,-0x85)+'ary.\x20'+'Docum'+_0x113a09(-0xf7,-0x1cc)+_0x113a09(-0xe6,-0x147)+_0x113a09(-0x95,-0x18f)+_0x113a09(-0xf9,-0x1a5)+_0x113a09(-0x119,-0x69)+_0x3489fe(0x55c,0x5f6)+_0x3489fe(0x451,0x4c2)+_0x113a09(-0x70,0x54)+'.';export const goRules=[_0x1e71d1,_0x3afa48,_0x579e25,_0x14d552,_0x221d41,_0x18d139,_0x2afbb3,_0x5dc24f,_0x4128c9,_0x1153bc,_0x2e80bf,_0x4f71d4,_0x35bf41,_0x12f2b9,_0x52043b,_0x85dc9e,_0x523dc0];
1
+ export const goRules = [
2
+ // === SQL Injection ===
3
+ {
4
+ id: "GO-SQLI-001",
5
+ cwe: "CWE-89",
6
+ severity: "critical",
7
+ title: "SQL Injection — String concatenation/formatting in query",
8
+ description: "Using fmt.Sprintf or string concatenation in SQL queries enables injection. Go's database/sql supports parameterized queries.",
9
+ languages: ["go"],
10
+ pattern: /(?:Query|Exec|QueryRow|QueryContext|ExecContext|QueryRowContext|Prepare)\s*\(\s*(?:ctx\s*,\s*)?(?:fmt\.Sprintf|[^,)]+\+)/g,
11
+ fix: "Use parameterized queries: db.Query(\"SELECT * FROM users WHERE id = $1\", id)",
12
+ },
13
+ {
14
+ id: "GO-SQLI-002",
15
+ cwe: "CWE-89",
16
+ severity: "critical",
17
+ title: "SQL Injection — String interpolation in raw SQL",
18
+ description: "String formatting used to build SQL queries dynamically.",
19
+ languages: ["go"],
20
+ pattern: /fmt\.Sprintf\s*\(\s*["'](?:SELECT|INSERT|UPDATE|DELETE|DROP|ALTER|CREATE)\b/gi,
21
+ fix: "Use parameterized queries with $1, $2 placeholders instead of fmt.Sprintf for SQL.",
22
+ },
23
+ // === Command Injection ===
24
+ {
25
+ id: "GO-CMDI-001",
26
+ cwe: "CWE-78",
27
+ severity: "critical",
28
+ title: "Command Injection — exec.Command with user input",
29
+ description: "Building shell commands from user input enables arbitrary command execution.",
30
+ languages: ["go"],
31
+ pattern: /exec\.Command\s*\(\s*(?:fmt\.Sprintf|[^,)]+\+)/g,
32
+ fix: "Pass arguments as separate parameters to exec.Command: exec.Command(\"cmd\", \"arg1\", \"arg2\").",
33
+ },
34
+ {
35
+ id: "GO-CMDI-002",
36
+ cwe: "CWE-78",
37
+ severity: "critical",
38
+ title: "Command Injection — Shell execution via bash -c",
39
+ description: "Using bash -c with dynamic strings passes through shell interpretation, enabling injection.",
40
+ languages: ["go"],
41
+ pattern: /exec\.Command\s*\(\s*['"](?:bash|sh|cmd)['"]\s*,\s*['"](?:-c|\/c)['"]\s*,/g,
42
+ fix: "Avoid shell invocation. Use exec.Command with direct binary and argument list.",
43
+ },
44
+ // === Path Traversal ===
45
+ {
46
+ id: "GO-PATH-001",
47
+ cwe: "CWE-22",
48
+ severity: "high",
49
+ title: "Path Traversal — Unsanitized file path",
50
+ description: "User input used in file operations without sanitization can access arbitrary files.",
51
+ languages: ["go"],
52
+ pattern: /(?:os\.(?:Open|Create|ReadFile|WriteFile|Remove|Stat|MkdirAll)|ioutil\.(?:ReadFile|WriteFile)|filepath\.Join)\s*\(\s*(?:r\.|req\.|c\.|ctx\.|params|query|mux\.Vars)/g,
53
+ fix: "Use filepath.Clean() and verify the resolved path is within the expected base directory using strings.HasPrefix.",
54
+ },
55
+ // === SSRF ===
56
+ {
57
+ id: "GO-SSRF-001",
58
+ cwe: "CWE-918",
59
+ severity: "high",
60
+ title: "Server-Side Request Forgery — Dynamic URL from user input",
61
+ description: "Fetching URLs constructed from user input can access internal services.",
62
+ languages: ["go"],
63
+ pattern: /http\.(?:Get|Post|Head|NewRequest)\s*\(\s*(?:fmt\.Sprintf|[^,)]+\+\s*(?:r\.|req\.|params|query))/g,
64
+ fix: "Validate URLs against an allowlist. Block private/internal IP ranges (10.x, 172.16-31.x, 192.168.x).",
65
+ },
66
+ // === Weak Crypto ===
67
+ {
68
+ id: "GO-CRYPTO-001",
69
+ cwe: "CWE-327",
70
+ severity: "high",
71
+ title: "Weak Cryptography — MD5 usage",
72
+ description: "MD5 is cryptographically broken. Collisions can be generated in seconds.",
73
+ languages: ["go"],
74
+ pattern: /(?:md5\.(?:New|Sum)|crypto\/md5)/g,
75
+ fix: "Use crypto/sha256 or stronger. For passwords, use golang.org/x/crypto/bcrypt.",
76
+ },
77
+ {
78
+ id: "GO-CRYPTO-002",
79
+ cwe: "CWE-327",
80
+ severity: "high",
81
+ title: "Weak Cryptography — SHA1 usage",
82
+ description: "SHA1 is deprecated for security use due to practical collision attacks.",
83
+ languages: ["go"],
84
+ pattern: /(?:sha1\.(?:New|Sum)|crypto\/sha1)/g,
85
+ fix: "Use crypto/sha256 or stronger.",
86
+ },
87
+ {
88
+ id: "GO-CRYPTO-003",
89
+ cwe: "CWE-327",
90
+ severity: "high",
91
+ title: "Weak Cryptography — DES usage",
92
+ description: "DES and 3DES are deprecated. DES has only 56-bit keys.",
93
+ languages: ["go"],
94
+ pattern: /(?:des\.NewCipher|des\.NewTripleDESCipher|crypto\/des)/g,
95
+ fix: "Use AES (crypto/aes) with GCM mode instead of DES.",
96
+ },
97
+ // === Insecure Random ===
98
+ {
99
+ id: "GO-RAND-001",
100
+ cwe: "CWE-338",
101
+ severity: "high",
102
+ title: "Insecure Random — math/rand for security",
103
+ description: "math/rand is predictable and must not be used for security-sensitive operations like tokens or keys.",
104
+ languages: ["go"],
105
+ pattern: /math\/rand|rand\.(?:Intn|Int31|Int63|Float64|Read)\s*\(/g,
106
+ fix: "Use crypto/rand for security-sensitive random values: crypto/rand.Read(buf)",
107
+ },
108
+ // === TLS ===
109
+ {
110
+ id: "GO-TLS-001",
111
+ cwe: "CWE-295",
112
+ severity: "critical",
113
+ title: "Disabled TLS Certificate Verification",
114
+ description: "InsecureSkipVerify disables certificate validation, allowing man-in-the-middle attacks.",
115
+ languages: ["go"],
116
+ pattern: /InsecureSkipVerify\s*:\s*true/g,
117
+ fix: "Remove InsecureSkipVerify: true. Use proper CA certificates for TLS verification.",
118
+ },
119
+ {
120
+ id: "GO-TLS-002",
121
+ cwe: "CWE-327",
122
+ severity: "high",
123
+ title: "Weak TLS Version — TLS 1.0 or 1.1",
124
+ description: "TLS versions below 1.2 have known vulnerabilities (POODLE, BEAST, etc.).",
125
+ languages: ["go"],
126
+ pattern: /(?:MinVersion|MaxVersion)\s*:\s*tls\.Version(?:SSL30|TLS10|TLS11)/g,
127
+ fix: "Set MinVersion to tls.VersionTLS12 or tls.VersionTLS13.",
128
+ },
129
+ // === Template Injection ===
130
+ {
131
+ id: "GO-TMPL-001",
132
+ cwe: "CWE-1336",
133
+ severity: "critical",
134
+ title: "Template Injection — Dynamic template from user input",
135
+ description: "Parsing user input as a Go template can lead to information disclosure or code execution.",
136
+ languages: ["go"],
137
+ pattern: /template\.(?:New|Must)\s*\([^)]*\)\.Parse\s*\(\s*(?:r\.|req\.|params|query|body|input)/g,
138
+ fix: "Use predefined template files. Never parse user input as template strings.",
139
+ },
140
+ // === Race Conditions ===
141
+ {
142
+ id: "GO-RACE-001",
143
+ cwe: "CWE-362",
144
+ severity: "medium",
145
+ title: "Potential Race Condition — Goroutine accessing shared state",
146
+ description: "Goroutines accessing shared variables without synchronization can cause data races.",
147
+ languages: ["go"],
148
+ pattern: /go\s+func\s*\(\s*\)\s*\{[^}]*(?:map\[|=\s*(?:append|[^=]))/g,
149
+ fix: "Use sync.Mutex, sync.RWMutex, channels, or atomic operations to protect shared state.",
150
+ },
151
+ // === Unhandled Errors ===
152
+ {
153
+ id: "GO-ERR-001",
154
+ cwe: "CWE-391",
155
+ severity: "medium",
156
+ title: "Unchecked Error Return — Discarded error value",
157
+ description: "Ignoring error returns in Go can hide failures and lead to unexpected behavior or security issues.",
158
+ languages: ["go"],
159
+ pattern: /[a-zA-Z_]+\s*,\s*_\s*[:=]=?\s*(?:os\.|ioutil\.|io\.|http\.|sql\.|json\.|crypto\.|tls\.)/g,
160
+ fix: "Always check error returns: if err != nil { return err }",
161
+ },
162
+ // === Hardcoded Bind to All Interfaces ===
163
+ {
164
+ id: "GO-NET-001",
165
+ cwe: "CWE-668",
166
+ severity: "medium",
167
+ title: "Server Listening on All Interfaces",
168
+ description: "Binding to 0.0.0.0 exposes the server to all network interfaces including public ones.",
169
+ languages: ["go"],
170
+ pattern: /(?:ListenAndServe|Listen)\s*\(\s*['"](?:0\.0\.0\.0|:)(?::\d+)?['"]/g,
171
+ fix: "Bind to localhost (127.0.0.1) for development or use firewall rules in production.",
172
+ },
173
+ // === Unsafe pointer ===
174
+ {
175
+ id: "GO-UNSAFE-001",
176
+ cwe: "CWE-242",
177
+ severity: "high",
178
+ title: "Use of unsafe Package",
179
+ description: "The unsafe package bypasses Go's type safety and memory safety guarantees.",
180
+ languages: ["go"],
181
+ pattern: /unsafe\.Pointer/g,
182
+ fix: "Avoid unsafe.Pointer unless absolutely necessary. Document why it's needed and review carefully.",
183
+ },
184
+ ];
package/dist/rules/index.js CHANGED
@@ -1 +1,147 @@
1
- (function(_0x2ac82d,_0x2ea29d){const _0x4de3b4={_0x555462:0x577,_0x2e13f2:0x513,_0x5ad0f9:0x523,_0x4a475a:0x584,_0x325509:0x4f7,_0x28923a:0x4d3,_0x3a5b63:0x502,_0x154ed8:0x52f,_0x4f9089:0x55e,_0x270cd8:0x4c0,_0x316eb7:0x593};function _0x5b2461(_0x5cd9de,_0x5b653a){return _0x2fd9(_0x5cd9de-0x2e5,_0x5b653a);}const _0x38a58b=_0x2ac82d();function _0x475cbd(_0x6651e9,_0xb86bab){return _0x2fd9(_0xb86bab-0x364,_0x6651e9);}while(!![]){try{const _0x3d59ab=-parseInt(_0x475cbd(0x572,_0x4de3b4._0x555462))/(0x34a+-0x2267+-0x472*-0x7)*(-parseInt(_0x5b2461(_0x4de3b4._0x2e13f2,0x53d))/(-0x13c*0x9+0x38f*0x3+0x71))+parseInt(_0x5b2461(0x532,0x528))/(-0x2*0x208+-0x2*-0x684+-0x8f5)+-parseInt(_0x5b2461(0x53a,_0x4de3b4._0x5ad0f9))/(-0x130e+-0x13d9+-0x26eb*-0x1)+parseInt(_0x475cbd(_0x4de3b4._0x4a475a,0x598))/(0x7f*0x1b+-0x1ffa+0x129a*0x1)+-parseInt(_0x5b2461(0x520,0x512))/(-0x149b+-0x1fa7+0xe*0x3bc)*(parseInt(_0x5b2461(0x4ef,_0x4de3b4._0x325509))/(-0x20ed+-0x883+0x2977))+parseInt(_0x5b2461(_0x4de3b4._0x28923a,_0x4de3b4._0x3a5b63))/(0x13b5+-0x1655+-0x4*-0xaa)*(-parseInt(_0x475cbd(_0x4de3b4._0x154ed8,_0x4de3b4._0x4f9089))/(0x1bb3*0x1+-0x1*0x1f23+0x379))+-parseInt(_0x5b2461(0x4d8,_0x4de3b4._0x270cd8))/(-0xf17*0x1+-0x2*0xbda+0x26d5)*(-parseInt(_0x475cbd(_0x4de3b4._0x316eb7,0x57d))/(-0x1a7+0x3f7*0x9+-0x21fd));if(_0x3d59ab===_0x2ea29d)break;else _0x38a58b['push'](_0x38a58b['shift']());}catch(_0x32fbbe){_0x38a58b['push'](_0x38a58b['shift']());}}}(_0x5206,0x2*0x745d+-0x1*0x4308e+0x10651*0x7));import{javascriptRules}from'./javascript.js';import{javascriptExtendedRules}from'./javascript-extended.js';import{pythonRules}from'./python.js';import{pythonExtendedRules}from'./python-extended.js';import{goRules}from'./go.js';function _0x5206(){const _0x24b6ab=['rMPOruK','lNbOCdq','mtaZnZa5nNn1y3DbrW','ChL0Ag8','wvH6ANm','lMzPC2G','lNLHBwW','EwfTBa','lNPZAa','lMnZAhq','ANnVBG','lMvUDI4','lMHJBa','mta5nZq0rfziAMjn','lNn2zW','AhrTBa','zg9JA2u','Eg1S','mJb0s2zSB04','shHHDem','lMvUDG','lMT0','lNbODg0','lMH4Ea','BNnMAwW','nZjjrKfPu0S','A2XXv0G','lMn4Ea','zgvZ','lMHWCa','zM9YBq','C3bSAxq','uMzRyxq','shL3rLe','lMPZB24','lNrM','lMDLBxm','DgvYCMe','vePrD1O','lNnJywW','CeTvshK','ntmYru9KrMr4','shL1uvu','BwfRzwy','lNnXBa','lNLTBa','DhLWzxm','DMfNCMe','y3nOyxi','C2HLBgW','mJK0mJzYAKjoEge','lMnZEa','ywDLCW','CNvZDa','lNbOChm','lNHTBa','nJuWote0yvjNBKnW','lMPZ','Cg9W','lNrZ','lMnQCW','sLbiEva','AMf2yq','lNrZEa','CgvJ','C3fS','lNrMDMe','CgHW','lMPHDMe','lNjZ','EwXsqLy','qw5Hu1q','lMPZEa','lNbOCdm','BNrMAwW','AwXL','lMnWCa','mZjrs2z4A3m','lMjHC2G','C3rHCNq','EgvRBem','z251Bwe','lMHO','mtKYmtberMXcBuC','BMrLEe8','CNvIEq','lMn0CW','lMT0CW','C2XPy2u','lMnZ','mJaWodjdyvzLAwu','CMfRzwy','zxjdyxm','z2vTzMK','lNb5DW','lMTZAa','lNbOCdu','Dg9mB3C','lMrVy2S','y3jPChq','BgfZDeK','y3bW','lMDV','A2vMAwW','CMzPBgu','B0jXwNG','lM1QCW','Aw5JBhu','odu2mZC3r3vHEMrk','C1DPDgG','AMf2yxm','lNHZBhq','lNb5','lNbOCa'];_0x5206=function(){return _0x24b6ab;};return _0x5206();}import{javaRules}from'./java.js';import{phpRules}from'./php.js';import{rubyRules}from'./ruby.js';function _0x10be56(_0x342674,_0x4e93e7){const _0x225ccb={_0x1c2b91:0x1ea};return _0x2fd9(_0x342674- -_0x225ccb._0x1c2b91,_0x4e93e7);}import{cCppRules}from'./c-cpp.js';import{csharpRules}from'./csharp.js';import{shellRules}from'./shell.js';import{dockerRules}from'./docker.js';import{kubernetesRules}from'./kubernetes.js';import{cicdRules}from'./cicd.js';import{terraformRules}from'./terraform.js';import{secretsRules}from'./secrets.js';function _0x2fd9(_0x294be5,_0x3a1a22){_0x294be5=_0x294be5-(0x1*-0xdd1+-0x1233+-0x6*-0x5a8);const _0x4dca70=_0x5206();let _0x417841=_0x4dca70[_0x294be5];if(_0x2fd9['EoqXKU']===undefined){var _0x59e4fd=function(_0x286aaf){const _0x5eaaec='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x5a8961='',_0x514120='';for(let _0x15ff22=0x2283+0xf66+-0x1*0x31e9,_0x32b669,_0x2cc216,_0x150cb1=0x1659+0x4*-0x7e7+-0x943*-0x1;_0x2cc216=_0x286aaf['charAt'](_0x150cb1++);~_0x2cc216&&(_0x32b669=_0x15ff22%(-0xda8*-0x1+-0x1*0x92b+0x479*-0x1)?_0x32b669*(0x1*-0x1882+0x20e0+-0x81e)+_0x2cc216:_0x2cc216,_0x15ff22++%(-0x8*0x15d+0x13cc+0x8*-0x11c))?_0x5a8961+=String['fromCharCode'](0x25cc+-0x471+-0x205c&_0x32b669>>(-(0x305*0x1+0x1*0x229b+-0x259e)*_0x15ff22&-0x15d6+-0x1b2+0x3ed*0x6)):0xbc4+-0x1d*0x19+-0x8ef){_0x2cc216=_0x5eaaec['indexOf'](_0x2cc216);}for(let _0x509383=0x3*-0x125+0x68+0x307,_0x31c997=_0x5a8961['length'];_0x509383<_0x31c997;_0x509383++){_0x514120+='%'+('00'+_0x5a8961['charCodeAt'](_0x509383)['toString'](0x832+0x1*-0x1871+-0x5*-0x343))['slice'](-(0x6*-0xe3+0xef+0x4b*0xf));}return decodeURIComponent(_0x514120);};_0x2fd9['tikzmq']=_0x59e4fd,_0x2fd9['DIoGDK']={},_0x2fd9['EoqXKU']=!![];}const _0x542a32=_0x4dca70[-0x3a*-0x35+0xf*-0x22+-0x1*0xa04],_0x41e9a9=_0x294be5+_0x542a32,_0x4e066c=_0x2fd9['DIoGDK'][_0x41e9a9];return!_0x4e066c?(_0x417841=_0x2fd9['tikzmq'](_0x417841),_0x2fd9['DIoGDK'][_0x41e9a9]=_0x417841):_0x417841=_0x4e066c,_0x417841;}function _0x1aa8cb(_0x300c73,_0x27ad7e){return _0x2fd9(_0x27ad7e- -0x225,_0x300c73);}import{secretsExtendedRules}from'./secrets-extended.js';const allRules=[...javascriptRules,...javascriptExtendedRules,...pythonRules,...pythonExtendedRules,...goRules,...javaRules,...phpRules,...rubyRules,...cCppRules,...csharpRules,...shellRules,...dockerRules,...kubernetesRules,...cicdRules,...terraformRules,...secretsRules,...secretsExtendedRules],_0x550405={};_0x550405[_0x1aa8cb(-0x17,-0xb)]='javas'+_0x10be56(0x5a,0x57),_0x550405[_0x10be56(0x3f,0x27)]=_0x10be56(0x65,0x2c)+_0x10be56(0x5a,0x3e),_0x550405[_0x10be56(0x61,0x6d)]=_0x1aa8cb(0x4f,0x2a)+'cript',_0x550405[_0x1aa8cb(-0x22,-0x8)]='javas'+_0x10be56(0x5a,0x64),_0x550405[_0x10be56(0x32,0x45)]='types'+'cript',_0x550405[_0x10be56(0x36,0x5c)]=_0x10be56(0x25,0x53)+'cript',_0x550405['.mts']='types'+'cript',_0x550405[_0x1aa8cb(-0x2,0x12)]='types'+_0x10be56(0x5a,0x27),_0x550405[_0x10be56(0x67,0x3b)]='pytho'+'n',_0x550405[_0x10be56(0x55,0x52)]='pytho'+'n',_0x550405['.pyi']=_0x1aa8cb(0x58,0x31)+'n',_0x550405[_0x1aa8cb(0x58,0x22)]='go',_0x550405[_0x10be56(0x3b,0x47)]='java',_0x550405[_0x1aa8cb(-0x31,-0x2f)]=_0x1aa8cb(-0x19,-0x6),_0x550405[_0x10be56(0x4e,0x75)]=_0x1aa8cb(0x22,-0x6),_0x550405[_0x1aa8cb(-0xd,-0x1d)+'a']=_0x1aa8cb(0x1e,-0x6),_0x550405[_0x10be56(0x68,0x82)]='php',_0x550405[_0x10be56(0xd,0x4)+'l']=_0x10be56(0x3a,0x1),_0x550405[_0x10be56(0x40,0x2f)]='php',_0x550405[_0x1aa8cb(0x3a,0x2f)]=_0x10be56(0x3a,0x57),_0x550405[_0x10be56(0x57,0x2c)]=_0x1aa8cb(0x1c,-0x1),_0x550405['.php7']='php',_0x550405[_0x10be56(0x2d,0xa)]='php',_0x550405['.rb']=_0x10be56(0x4c,0x83),_0x550405['.erb']='ruby',_0x550405['.rake']=_0x1aa8cb(0x38,0x11),_0x550405[_0x10be56(0x1b,-0x17)+_0x10be56(0x37,0x29)]=_0x10be56(0x4c,0x2d),_0x550405['.c']='c',_0x550405['.h']='c',_0x550405[_0x1aa8cb(0x24,0x8)]='cpp',_0x550405['.cc']='cpp',_0x550405[_0x10be56(0x12,-0xb)]=_0x10be56(0x5c,0x7e),_0x550405[_0x10be56(0x14,-0x6)]=_0x1aa8cb(-0x6,0x21),_0x550405[_0x10be56(0x49,0x2e)]=_0x10be56(0x5c,0x6d),_0x550405[_0x10be56(0xe,-0x8)]=_0x10be56(0x5c,0x61),_0x550405[_0x1aa8cb(0x1b,0x15)]=_0x10be56(0x27,0x37)+'p',_0x550405[_0x10be56(0x72,0x66)+'ml']='cshar'+'p',_0x550405[_0x1aa8cb(-0x3f,-0x11)]=_0x10be56(0x27,0x4c)+'p',_0x550405[_0x10be56(0x3c,0x31)]=_0x10be56(0x2c,0x4e),_0x550405['.sh']=_0x1aa8cb(-0x19,-0x13),_0x550405[_0x10be56(0x45,0x5b)]='shell',_0x550405[_0x1aa8cb(0x43,0x36)]='shell',_0x550405[_0x1aa8cb(-0x1b,0x1b)]=_0x1aa8cb(-0x6,-0x13),_0x550405[_0x10be56(0x6e,0x86)]=_0x1aa8cb(-0xb,-0x13),_0x550405[_0x1aa8cb(0x4a,0x1e)+'erfil'+'e']=_0x10be56(0x7,-0x2e)+_0x10be56(0x5f,0x65),_0x550405[_0x10be56(0x6f,0x8d)]='yaml',_0x550405[_0x1aa8cb(-0x18,-0x17)]=_0x1aa8cb(0x3a,0x35),_0x550405[_0x1aa8cb(-0x46,-0x21)]=_0x10be56(0x1c,0x4e)+'form',_0x550405[_0x10be56(0x39,0x41)+'rs']=_0x1aa8cb(-0x2a,-0x1f)+'form',_0x550405[_0x10be56(0x3,-0x1d)]='terra'+_0x10be56(0x15,-0x18),_0x550405[_0x1aa8cb(-0x48,-0x22)]=_0x1aa8cb(0x56,0x38),_0x550405[_0x1aa8cb(-0x2,-0x18)]=_0x10be56(0x38,0x5),_0x550405['.html']=_0x10be56(0x6,-0xa),_0x550405['.htm']=_0x1aa8cb(-0x27,-0x35),_0x550405[_0x10be56(0x2e,0x35)]=_0x1aa8cb(-0x3,-0x33),_0x550405['.xsl']='xml',_0x550405[_0x10be56(0x66,0x74)]=_0x1aa8cb(-0x25,-0x33),_0x550405[_0x10be56(0x5,0x6)]=_0x1aa8cb(-0x5a,-0x33);const extensionToLanguage=_0x550405;export function detectLanguage(_0x3c9ca0,_0x5ee5d5){const _0x16e63f={_0x4cde0d:0xe1,_0x350335:0xeb,_0x7ce5ee:0x295,_0x467f29:0x290,_0xf8065:0x91,_0x425903:0xa1,_0x16bd6a:0x8f,_0x2caf01:0x103,_0x2aa4d3:0xed,_0x1ca69e:0x29a,_0x29ed78:0x25a,_0x2606a1:0xb2,_0x145ab4:0x244,_0x3c7664:0xd7,_0x1d932d:0xbb,_0x590635:0xa5,_0x54a172:0xb1,_0x38dee8:0x29b,_0x5ce119:0x291,_0x88ac20:0xec,_0x5766b3:0x245,_0x833662:0x287,_0x6a202d:0x7a,_0xa55023:0xc0,_0x4bfb36:0xa2,_0x4b9e50:0x27c,_0x4fab90:0xed,_0x54f10a:0xc5,_0x4ec9c2:0xcb,_0x7409a2:0x28e,_0x3b1c9a:0x97,_0x434b5e:0x108,_0x30a87f:0xdc,_0x2e1a47:0xa9,_0xb9146c:0x26f,_0x5d5df4:0xe2,_0x4f1bda:0xc1,_0x32d13b:0x254,_0x27b06b:0x107,_0x1deab0:0x130,_0xe7dd18:0xc9,_0x1d6e31:0x279,_0x1c190e:0xee,_0xcb3c1e:0x28d,_0x10606d:0x286,_0x5a1788:0xf2,_0x262c66:0x102},_0x14bbbc={_0x16fa88:0xd5},_0xf4dfa1={};_0xf4dfa1[_0x11fdfd(_0x16e63f._0x4cde0d,_0x16e63f._0x350335)]='javas'+_0x4cd438(_0x16e63f._0x7ce5ee,_0x16e63f._0x467f29),_0xf4dfa1[_0x11fdfd(0xb9,_0x16e63f._0xf8065)]=function(_0x127853,_0x497970){return _0x127853===_0x497970;},_0xf4dfa1['jfxAK']=_0x11fdfd(_0x16e63f._0x425903,_0x16e63f._0x16bd6a)+_0x11fdfd(0xf9,0x121),_0xf4dfa1[_0x11fdfd(_0x16e63f._0x2caf01,_0x16e63f._0x2aa4d3)]=_0x4cd438(0x242,0x25e)+_0x4cd438(_0x16e63f._0x1ca69e,0x283)+'.',_0xf4dfa1[_0x4cd438(0x26f,_0x16e63f._0x29ed78)]=_0x11fdfd(0x10a,0x10e),_0xf4dfa1[_0x11fdfd(_0x16e63f._0x2606a1,0xdd)]=function(_0x337734,_0x1b7e81){return _0x337734===_0x1b7e81;},_0xf4dfa1[_0x4cd438(0x258,0x26a)]=_0x4cd438(0x25d,_0x16e63f._0x145ab4)+'ile',_0xf4dfa1[_0x11fdfd(_0x16e63f._0x3c7664,_0x16e63f._0x1d932d)]=_0x4cd438(0x263,0x247),_0xf4dfa1['PRiHH']=function(_0x313646,_0xcdb5ba){return _0x313646===_0xcdb5ba;},_0xf4dfa1['YXzjs']=_0x11fdfd(_0x16e63f._0x590635,0x80),_0xf4dfa1[_0x4cd438(0x25c,0x290)]=_0x4cd438(0x23d,0x255);function _0x4cd438(_0x5d1cd6,_0x591a35){return _0x10be56(_0x5d1cd6-0x23b,_0x591a35);}_0xf4dfa1[_0x11fdfd(0xd8,0x10c)]=function(_0x3c5013,_0x1daaef){return _0x3c5013===_0x1daaef;},_0xf4dfa1[_0x11fdfd(_0x16e63f._0x54a172,0xcc)]=function(_0x50448e,_0x49911b){return _0x50448e===_0x49911b;},_0xf4dfa1[_0x4cd438(_0x16e63f._0x38dee8,_0x16e63f._0x5ce119)]=_0x11fdfd(_0x16e63f._0x88ac20,0xf0)+_0x4cd438(0x27d,0x2a6),_0xf4dfa1[_0x4cd438(_0x16e63f._0x5766b3,0x20f)]=_0x4cd438(_0x16e63f._0x833662,0x266),_0xf4dfa1[_0x11fdfd(0xab,_0x16e63f._0x6a202d)]=_0x11fdfd(_0x16e63f._0xa55023,_0x16e63f._0x4bfb36)+_0x4cd438(_0x16e63f._0x4b9e50,0x246)+'e';const _0x66a9f2=_0xf4dfa1;if(_0x5ee5d5)return _0x5ee5d5[_0x4cd438(0x293,0x289)+_0x11fdfd(_0x16e63f._0x4fab90,_0x16e63f._0x54f10a)+'e']();if(!_0x3c9ca0)return _0x66a9f2['xeklC'];const _0x300df4=_0x3c9ca0[_0x11fdfd(0xb0,0xb5)](/[/\\]/)[_0x11fdfd(_0x16e63f._0x4ec9c2,0xef)]()?.['toLow'+_0x4cd438(_0x16e63f._0x7409a2,0x25b)+'e']()||'';if(_0x66a9f2[_0x11fdfd(0xb9,_0x16e63f._0x3b1c9a)](_0x300df4,_0x66a9f2['jfxAK'])||_0x300df4[_0x11fdfd(0xe0,_0x16e63f._0x434b5e)+_0x11fdfd(0xfe,0xea)](_0x66a9f2['FjhEI']))return _0x11fdfd(_0x16e63f._0x425903,0xa3)+_0x11fdfd(0xf9,_0x16e63f._0x30a87f);if(_0x66a9f2[_0x4cd438(0x25a,0x28d)](_0x300df4,'jenki'+_0x11fdfd(_0x16e63f._0x2e1a47,0xaa)+'e'))return _0x66a9f2[_0x4cd438(_0x16e63f._0xb9146c,0x2a0)];if(_0x66a9f2[_0x11fdfd(_0x16e63f._0x2606a1,0x95)](_0x300df4,_0x66a9f2['TJQwZ'])||_0x300df4===_0x11fdfd(_0x16e63f._0x5d5df4,0x10b)+_0x11fdfd(0xf8,_0x16e63f._0x4f1bda)+'e')return _0x66a9f2[_0x4cd438(0x278,_0x16e63f._0x32d13b)];function _0x11fdfd(_0x27ca10,_0x7407e5){return _0x1aa8cb(_0x7407e5,_0x27ca10-_0x14bbbc._0x16fa88);}if(_0x66a9f2['PRiHH'](_0x300df4,_0x66a9f2[_0x11fdfd(_0x16e63f._0x27b06b,_0x16e63f._0x1deab0)])||_0x300df4[_0x4cd438(0x281,0x261)+_0x4cd438(0x29f,0x287)](_0x66a9f2['HyuQU']))return _0x66a9f2[_0x11fdfd(0xd7,_0x16e63f._0xe7dd18)];if(_0x66a9f2[_0x4cd438(_0x16e63f._0x1d6e31,0x282)](_0x300df4,_0x11fdfd(_0x16e63f._0x1c190e,_0x16e63f._0x1c190e)+'le')||_0x66a9f2[_0x11fdfd(0xb1,0xb4)](_0x300df4,_0x66a9f2['oBqZx']))return _0x66a9f2[_0x11fdfd(0xa4,0x86)];if(_0x300df4===_0x66a9f2[_0x4cd438(0x24c,0x257)])return _0x66a9f2['HxatC'];const _0x22c38a=_0x3c9ca0[_0x4cd438(0x28a,0x259)](_0x3c9ca0[_0x4cd438(0x296,_0x16e63f._0xcb3c1e)+_0x4cd438(_0x16e63f._0x10606d,0x25e)+'f']('.'))[_0x11fdfd(_0x16e63f._0x5a1788,_0x16e63f._0x262c66)+_0x11fdfd(_0x16e63f._0x2aa4d3,0xcc)+'e']();return extensionToLanguage[_0x22c38a]||_0x66a9f2['xeklC'];}export function getRulesForLanguage(_0x16ba09){const _0x257638={_0x20d34f:0xb},_0x26cbbd={_0x259f9d:0x531};function _0x93edea(_0x17b871,_0xea7310){return _0x10be56(_0xea7310-_0x26cbbd._0x259f9d,_0x17b871);}function _0x31f382(_0x18a626,_0x23e70a){return _0x1aa8cb(_0x23e70a,_0x18a626- -_0x257638._0x20d34f);}return allRules['filte'+'r'](_0x10e519=>_0x10e519['langu'+_0x93edea(0x54a,0x55c)][_0x93edea(0x5b5,0x593)+_0x31f382(-0x33,-0x50)](_0x16ba09));}export{allRules,javascriptRules,javascriptExtendedRules,pythonRules,pythonExtendedRules,goRules,javaRules,phpRules,rubyRules,cCppRules,csharpRules,shellRules,dockerRules,kubernetesRules,cicdRules,terraformRules,secretsRules,secretsExtendedRules};
1
+ import { javascriptRules } from "./javascript.js";
2
+ import { javascriptExtendedRules } from "./javascript-extended.js";
3
+ import { pythonRules } from "./python.js";
4
+ import { pythonExtendedRules } from "./python-extended.js";
5
+ import { goRules } from "./go.js";
6
+ import { javaRules } from "./java.js";
7
+ import { phpRules } from "./php.js";
8
+ import { rubyRules } from "./ruby.js";
9
+ import { cCppRules } from "./c-cpp.js";
10
+ import { csharpRules } from "./csharp.js";
11
+ import { shellRules } from "./shell.js";
12
+ import { dockerRules } from "./docker.js";
13
+ import { kubernetesRules } from "./kubernetes.js";
14
+ import { cicdRules } from "./cicd.js";
15
+ import { terraformRules } from "./terraform.js";
16
+ import { secretsRules } from "./secrets.js";
17
+ import { secretsExtendedRules } from "./secrets-extended.js";
18
+ const allRules = [
19
+ ...javascriptRules,
20
+ ...javascriptExtendedRules,
21
+ ...pythonRules,
22
+ ...pythonExtendedRules,
23
+ ...goRules,
24
+ ...javaRules,
25
+ ...phpRules,
26
+ ...rubyRules,
27
+ ...cCppRules,
28
+ ...csharpRules,
29
+ ...shellRules,
30
+ ...dockerRules,
31
+ ...kubernetesRules,
32
+ ...cicdRules,
33
+ ...terraformRules,
34
+ ...secretsRules,
35
+ ...secretsExtendedRules,
36
+ ];
37
+ const extensionToLanguage = {
38
+ // JavaScript / TypeScript
39
+ ".js": "javascript",
40
+ ".jsx": "javascript",
41
+ ".mjs": "javascript",
42
+ ".cjs": "javascript",
43
+ ".ts": "typescript",
44
+ ".tsx": "typescript",
45
+ ".mts": "typescript",
46
+ ".cts": "typescript",
47
+ // Python
48
+ ".py": "python",
49
+ ".pyw": "python",
50
+ ".pyi": "python",
51
+ // Go
52
+ ".go": "go",
53
+ // Java / Kotlin / Scala
54
+ ".java": "java",
55
+ ".kt": "java",
56
+ ".kts": "java",
57
+ ".scala": "java",
58
+ // PHP
59
+ ".php": "php",
60
+ ".phtml": "php",
61
+ ".php3": "php",
62
+ ".php4": "php",
63
+ ".php5": "php",
64
+ ".php7": "php",
65
+ ".phps": "php",
66
+ // Ruby
67
+ ".rb": "ruby",
68
+ ".erb": "ruby",
69
+ ".rake": "ruby",
70
+ ".gemspec": "ruby",
71
+ // C / C++
72
+ ".c": "c",
73
+ ".h": "c",
74
+ ".cpp": "cpp",
75
+ ".cc": "cpp",
76
+ ".cxx": "cpp",
77
+ ".hpp": "cpp",
78
+ ".hh": "cpp",
79
+ ".hxx": "cpp",
80
+ // C# / .NET
81
+ ".cs": "csharp",
82
+ ".cshtml": "csharp",
83
+ ".csx": "csharp",
84
+ // Rust (secrets rules apply)
85
+ ".rs": "rust",
86
+ // Shell
87
+ ".sh": "shell",
88
+ ".bash": "shell",
89
+ ".zsh": "shell",
90
+ ".ksh": "shell",
91
+ ".fish": "shell",
92
+ // Docker
93
+ ".dockerfile": "dockerfile",
94
+ // Kubernetes / Docker Compose / CI/CD (all share yaml rules)
95
+ ".yaml": "yaml",
96
+ ".yml": "yaml",
97
+ // Terraform / HCL
98
+ ".tf": "terraform",
99
+ ".tfvars": "terraform",
100
+ ".hcl": "terraform",
101
+ // JSON (package.json, IAM policies, etc.)
102
+ ".json": "json",
103
+ // SQL
104
+ ".sql": "sql",
105
+ // HTML (for inline secrets, XSS)
106
+ ".html": "html",
107
+ ".htm": "html",
108
+ // XML
109
+ ".xml": "xml",
110
+ ".xsl": "xml",
111
+ ".xslt": "xml",
112
+ ".svg": "xml",
113
+ };
114
+ /**
115
+ * Detect language from filename or hint.
116
+ * Also handles special filenames like Dockerfile, Jenkinsfile, Makefile.
117
+ */
118
+ export function detectLanguage(filename, hint) {
119
+ if (hint)
120
+ return hint.toLowerCase();
121
+ if (!filename)
122
+ return "javascript";
123
+ // Handle special filenames without extensions
124
+ const basename = filename.split(/[/\\]/).pop()?.toLowerCase() || "";
125
+ if (basename === "dockerfile" || basename.startsWith("dockerfile."))
126
+ return "dockerfile";
127
+ if (basename === "jenkinsfile")
128
+ return "yaml";
129
+ if (basename === "makefile" || basename === "gnumakefile")
130
+ return "shell";
131
+ if (basename === ".env" || basename.startsWith(".env."))
132
+ return "shell";
133
+ if (basename === "gemfile" || basename === "rakefile")
134
+ return "ruby";
135
+ if (basename === "vagrantfile")
136
+ return "ruby";
137
+ const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
138
+ return extensionToLanguage[ext] || "javascript";
139
+ }
140
+ /**
141
+ * Get all rules that apply to a given language.
142
+ * Secrets rules are language-agnostic and match most languages.
143
+ */
144
+ export function getRulesForLanguage(language) {
145
+ return allRules.filter((rule) => rule.languages.includes(language));
146
+ }
147
+ export { allRules, javascriptRules, javascriptExtendedRules, pythonRules, pythonExtendedRules, goRules, javaRules, phpRules, rubyRules, cCppRules, csharpRules, shellRules, dockerRules, kubernetesRules, cicdRules, terraformRules, secretsRules, secretsExtendedRules, };