@panguard-ai/panguard-scan 0.2.0 → 0.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +1 -1
- package/dist/cli/commands.d.ts.map +1 -1
- package/dist/cli/commands.js +2 -1
- package/dist/cli/commands.js.map +1 -1
- package/dist/cli/index.js +114 -2
- package/dist/cli/index.js.map +1 -1
- package/dist/index.d.ts +3 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +6 -1
- package/dist/index.js.map +1 -1
- package/dist/scanners/index.d.ts +3 -1
- package/dist/scanners/index.d.ts.map +1 -1
- package/dist/scanners/index.js +20 -1
- package/dist/scanners/index.js.map +1 -1
- package/dist/scanners/remote/index.d.ts.map +1 -1
- package/dist/scanners/remote/index.js +40 -0
- package/dist/scanners/remote/index.js.map +1 -1
- package/dist/scanners/sast-checker.d.ts +26 -0
- package/dist/scanners/sast-checker.d.ts.map +1 -0
- package/dist/scanners/sast-checker.js +289 -0
- package/dist/scanners/sast-checker.js.map +1 -0
- package/dist/scanners/secrets-checker.d.ts +41 -0
- package/dist/scanners/secrets-checker.d.ts.map +1 -0
- package/dist/scanners/secrets-checker.js +332 -0
- package/dist/scanners/secrets-checker.js.map +1 -0
- package/dist/scanners/types.d.ts +10 -0
- package/dist/scanners/types.d.ts.map +1 -1
- package/dist/scanners/types.js.map +1 -1
- package/package.json +13 -3
package/LICENSE
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"commands.d.ts","sourceRoot":"","sources":["../../src/cli/commands.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;
|
|
1
|
+
{"version":3,"file":"commands.d.ts","sourceRoot":"","sources":["../../src/cli/commands.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAsBH,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,sBAAsB,CAAC;AAIvD;;;GAGG;AACH,wBAAsB,WAAW,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,IAAI,CAAC,CA+InE"}
|
package/dist/cli/commands.js
CHANGED
|
@@ -7,6 +7,7 @@
|
|
|
7
7
|
import { initI18n, t, createLogger, setLogLevel, c, colorSeverity, banner, spinner, table, box, scoreDisplay, divider, formatDuration, symbols, statusPanel, } from '@panguard-ai/core';
|
|
8
8
|
import { runScan } from '../scanners/index.js';
|
|
9
9
|
import { generatePdfReport } from '../report/index.js';
|
|
10
|
+
import { PANGUARD_SCAN_VERSION } from '../index.js';
|
|
10
11
|
const logger = createLogger('panguard-scan:cli');
|
|
11
12
|
/**
|
|
12
13
|
* Execute a security scan and generate a report
|
|
@@ -19,7 +20,7 @@ export async function executeScan(config) {
|
|
|
19
20
|
}
|
|
20
21
|
await initI18n(config.lang);
|
|
21
22
|
// Banner
|
|
22
|
-
console.log(banner());
|
|
23
|
+
console.log(banner(PANGUARD_SCAN_VERSION));
|
|
23
24
|
const mode = config.depth === 'quick' ? t('panguard-scan:cli.quickMode') : t('panguard-scan:cli.fullMode');
|
|
24
25
|
console.log(` ${symbols.scan} ${mode}`);
|
|
25
26
|
console.log('');
|
package/dist/cli/commands.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"commands.js","sourceRoot":"","sources":["../../src/cli/commands.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,QAAQ,EACR,CAAC,EACD,YAAY,EACZ,WAAW,EACX,CAAC,EACD,aAAa,EACb,MAAM,EACN,OAAO,EACP,KAAK,EACL,GAAG,EACH,YAAY,EACZ,OAAO,EACP,cAAc,EACd,OAAO,EACP,WAAW,GACZ,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"commands.js","sourceRoot":"","sources":["../../src/cli/commands.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EACL,QAAQ,EACR,CAAC,EACD,YAAY,EACZ,WAAW,EACX,CAAC,EACD,aAAa,EACb,MAAM,EACN,OAAO,EACP,KAAK,EACL,GAAG,EACH,YAAY,EACZ,OAAO,EACP,cAAc,EACd,OAAO,EACP,WAAW,GACZ,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAC/C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oBAAoB,CAAC;AACvD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD,MAAM,MAAM,GAAG,YAAY,CAAC,mBAAmB,CAAC,CAAC;AAEjD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,MAAkB;IAClD,oDAAoD;IACpD,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxB,CAAC;IAED,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAE5B,SAAS;IACT,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAC;IAE3C,MAAM,IAAI,GACR,MAAM,CAAC,KAAK,KAAK,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,6BAA6B,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,4BAA4B,CAAC,CAAC;IAChG,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;IACzC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAEhB,oBAAoB;IACpB,MAAM,EAAE,GAAG,OAAO,CAChB,CAAC,CAAC,4BAA4B,EAAE,EAAE,YAAY,EAAE,6BAA6B,EAAE,CAAC,CACjF,CAAC;IACF,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,MAAM,CAAC,CAAC;IACrC,EAAE,CAAC,OAAO,CACR,CAAC,CAAC,4BAA4B,CAAC,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,cAAc,CAAC,MAAM,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAC1F,CAAC;IAEF,iBAAiB;IACjB,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;IACxD,MAAM,KAAK,GACT,WAAW,IAAI,EAAE;QACf,CAAC,CAAC,GAAG;QACL,CAAC,CAAC,WAAW,IAAI,EAAE;YACjB,CAAC,CAAC,GAAG;YACL,CAAC,CAAC,WAAW,IAAI,EAAE;gBACjB,CAAC,CAAC,GAAG;gBACL,CAAC,CAAC,WAAW,IAAI,EAAE;oBACjB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,GAAG,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;IAE9C,+DAA+D;IAC/D,MAAM,SAAS,GAAG,CAAC,CAAC,0BAA0B,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CACT,WAAW,CAAC,6BAA6B,EAAE;QACzC;YACE,KAAK,EAAE,QAAQ;YACf,KAAK,EACH,MAAM,CAAC,SAAS,IAAI,EAAE;gBACpB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC;gBACrB,CAAC,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE;oBACtB,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;oBACtB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,YAAY,CAAC;YAChC,MAAM,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU;SAC1F;QACD;YACE,KAAK,EAAE,YAAY;YACnB,KAAK,EAAE,GAAG,MAAM,CAAC,SAAS,SAAS,SAAS,GAAG;YAC/C,MAAM,EAAE,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU;SAC1F;QACD;YACE,KAAK,EAAE,cAAc;YACrB,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YACrC,MAAM,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;SAC1D;QACD;YACE,KAAK,EAAE,eAAe;YACtB,KAAK,EAAE,cAAc,CAAC,MAAM,CAAC,YAAY,CAAC;SAC3C;KACF,CAAC,CACH,CAAC;IAEF,iBAAiB;IACjB,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,aAAa,CAAC,CAAC,CAAC;QAC7D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,MAAM,OAAO,GAAG;YACd,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,OAAgB,EAAE;YAC9D,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,EAAE,UAAU,EAAE,KAAK,EAAE,EAAE,EAAE;YAClD,EAAE,MAAM,EAAE,SAAS,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE;YAC9C,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,EAAE;SAC9C,CAAC;QAEF,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;YACvD,GAAG,EAAE,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC;YAClB,QAAQ,EAAE,aAAa,CAAC,OAAO,CAAC,QAAQ,CAAC;YACzC,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,MAAM,EAAG,OAA8C,CAAC,OAAO,CAAC;gBAC9D,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;gBACjB,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;SACvB,CAAC,CAAC,CAAC;QAEJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;QACzC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,iBAAiB;QACjB,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;QAClF,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;QAC9E,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;QAC/E,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM,CAAC;QAE5E,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,IAAI,SAAS,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,SAAS,WAAW,CAAC,CAAC,CAAC;QACnE,IAAI,SAAS,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,SAAS,OAAO,CAAC,CAAC,CAAC;QAC5D,IAAI,QAAQ,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,QAAQ,SAAS,CAAC,CAAC,CAAC;QAC9D,IAAI,QAAQ,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,QAAQ,MAAM,CAAC,CAAC,CAAC;QAExD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CACT,GAAG,CACD,GAAG,OAAO,CAAC,IAAI,IAAI,CAAC,CAAC,8BAA8B,EAAE,EAAE,YAAY,EAAE,2BAA2B,EAAE,CAAC,EAAE,EACrG,EAAE,WAAW,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,WAAW,EAAE,CAC5C,CACF,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,aAAa;IACb,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,MAAM,QAAQ,GAAG,OAAO,CACtB,CAAC,CAAC,8BAA8B,EAAE,EAAE,YAAY,EAAE,0BAA0B,EAAE,CAAC,CAChF,CAAC;QACF,IAAI,CAAC;YACH,MAAM,iBAAiB,CAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC;YAC5D,QAAQ,CAAC,OAAO,CACd,CAAC,CAAC,+BAA+B,EAAE;gBACjC,IAAI,EAAE,MAAM,CAAC,MAAM;gBACnB,YAAY,EAAE,iBAAiB,MAAM,CAAC,MAAM,EAAE;aAC/C,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,QAAQ,CAAC,IAAI,CAAC,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YACtF,MAAM,CAAC,KAAK,CAAC,+BAA+B,EAAE;gBAC5C,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;aACxD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,uBAAuB,IAAI,IAAI,EAAE,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC,CAAC;IACzE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC"}
|
package/dist/cli/index.js
CHANGED
|
@@ -6,15 +6,127 @@
|
|
|
6
6
|
* @module @panguard-ai/panguard-scan/cli
|
|
7
7
|
*/
|
|
8
8
|
import { Command } from 'commander';
|
|
9
|
+
import path from 'node:path';
|
|
9
10
|
import { setLogLevel } from '@panguard-ai/core';
|
|
10
11
|
import { PANGUARD_SCAN_VERSION } from '../index.js';
|
|
11
12
|
import { executeScan } from './commands.js';
|
|
12
13
|
import { runRemoteScan } from '../scanners/remote/index.js';
|
|
14
|
+
import { sortBySeverity } from '../scanners/types.js';
|
|
15
|
+
/**
|
|
16
|
+
* Get all severity levels that are at or above the given threshold
|
|
17
|
+
* 取得達到或超過指定閾值的所有嚴重等級
|
|
18
|
+
*
|
|
19
|
+
* @param severity - Minimum severity threshold / 最低嚴重等級閾值
|
|
20
|
+
* @returns Array of severity strings at or above the threshold / 達到或超過閾值的嚴重等級陣列
|
|
21
|
+
*/
|
|
22
|
+
function getFailSeverities(severity) {
|
|
23
|
+
const order = ['critical', 'high', 'medium', 'low', 'info'];
|
|
24
|
+
const idx = order.indexOf(severity);
|
|
25
|
+
if (idx === -1)
|
|
26
|
+
return ['critical'];
|
|
27
|
+
return order.slice(0, idx + 1);
|
|
28
|
+
}
|
|
13
29
|
const program = new Command();
|
|
14
30
|
program
|
|
15
31
|
.name('panguard-scan')
|
|
16
32
|
.description('PanguardScan - 60-second security health check tool / 60 秒資安健檢工具')
|
|
17
|
-
.version(PANGUARD_SCAN_VERSION)
|
|
33
|
+
.version(PANGUARD_SCAN_VERSION);
|
|
34
|
+
// ---------------------------------------------------------------------------
|
|
35
|
+
// code subcommand - SAST source code scanner
|
|
36
|
+
// code 子命令 - SAST 原始碼掃描器
|
|
37
|
+
// ---------------------------------------------------------------------------
|
|
38
|
+
program
|
|
39
|
+
.command('code')
|
|
40
|
+
.description('Scan source code for security vulnerabilities (SAST) / 掃描原始碼安全漏洞')
|
|
41
|
+
.option('--dir <directory>', 'Source code directory to scan / 要掃描的原始碼目錄', '.')
|
|
42
|
+
.option('--lang <language>', 'Language: en or zh-TW / 語言', 'en')
|
|
43
|
+
.option('--json', 'Output pure JSON (for AI agents) / 輸出純 JSON', false)
|
|
44
|
+
.option('--fail-on <severity>', 'Exit with code 1 if findings at this severity level exist / 若發現達到此嚴重等級則以非零碼退出')
|
|
45
|
+
.option('--output <path>', 'Output PDF report path / 輸出 PDF 報告路徑')
|
|
46
|
+
.action(async (options) => {
|
|
47
|
+
const _lang = options.lang === 'zh-TW' ? 'zh-TW' : 'en';
|
|
48
|
+
const { checkSourceCode } = await import('../scanners/sast-checker.js');
|
|
49
|
+
const { checkHardcodedSecrets } = await import('../scanners/secrets-checker.js');
|
|
50
|
+
if (!options.json) {
|
|
51
|
+
setLogLevel('silent');
|
|
52
|
+
console.error(`Scanning ${path.resolve(options.dir)} for security issues...`);
|
|
53
|
+
}
|
|
54
|
+
else {
|
|
55
|
+
setLogLevel('silent');
|
|
56
|
+
}
|
|
57
|
+
const [codeFindings, secretFindings] = await Promise.all([
|
|
58
|
+
checkSourceCode(options.dir),
|
|
59
|
+
checkHardcodedSecrets(options.dir),
|
|
60
|
+
]);
|
|
61
|
+
const allFindings = [...codeFindings, ...secretFindings].sort(sortBySeverity);
|
|
62
|
+
if (options.json) {
|
|
63
|
+
console.log(JSON.stringify({
|
|
64
|
+
version: PANGUARD_SCAN_VERSION,
|
|
65
|
+
timestamp: new Date().toISOString(),
|
|
66
|
+
scan_type: 'sast',
|
|
67
|
+
target: path.resolve(options.dir),
|
|
68
|
+
findings_count: allFindings.length,
|
|
69
|
+
findings: allFindings.map((f, i) => ({
|
|
70
|
+
seq: i + 1,
|
|
71
|
+
id: f.id,
|
|
72
|
+
title: f.title,
|
|
73
|
+
description: f.description,
|
|
74
|
+
severity: f.severity,
|
|
75
|
+
category: f.category,
|
|
76
|
+
remediation: f.remediation,
|
|
77
|
+
complianceRef: f.complianceRef,
|
|
78
|
+
details: f.details,
|
|
79
|
+
})),
|
|
80
|
+
powered_by: 'Panguard AI',
|
|
81
|
+
agent_friendly: true,
|
|
82
|
+
}, null, 2));
|
|
83
|
+
}
|
|
84
|
+
else {
|
|
85
|
+
// Human-friendly output
|
|
86
|
+
// 人性化輸出
|
|
87
|
+
if (allFindings.length === 0) {
|
|
88
|
+
console.log('No security issues found.');
|
|
89
|
+
}
|
|
90
|
+
else {
|
|
91
|
+
console.log(`\nFound ${allFindings.length} finding(s):\n`);
|
|
92
|
+
for (const f of allFindings) {
|
|
93
|
+
console.log(` [${f.severity.toUpperCase()}] ${f.title}`);
|
|
94
|
+
if (f.details) {
|
|
95
|
+
console.log(` ${f.details}`);
|
|
96
|
+
}
|
|
97
|
+
}
|
|
98
|
+
const critCount = allFindings.filter((f) => f.severity === 'critical').length;
|
|
99
|
+
const highCount = allFindings.filter((f) => f.severity === 'high').length;
|
|
100
|
+
const medCount = allFindings.filter((f) => f.severity === 'medium').length;
|
|
101
|
+
const lowCount = allFindings.filter((f) => f.severity === 'low').length;
|
|
102
|
+
const parts = [];
|
|
103
|
+
if (critCount > 0)
|
|
104
|
+
parts.push(`${critCount} Critical`);
|
|
105
|
+
if (highCount > 0)
|
|
106
|
+
parts.push(`${highCount} High`);
|
|
107
|
+
if (medCount > 0)
|
|
108
|
+
parts.push(`${medCount} Medium`);
|
|
109
|
+
if (lowCount > 0)
|
|
110
|
+
parts.push(`${lowCount} Low`);
|
|
111
|
+
console.log(`\nSummary: ${parts.join(' | ')}`);
|
|
112
|
+
}
|
|
113
|
+
console.log('');
|
|
114
|
+
}
|
|
115
|
+
// Handle --fail-on
|
|
116
|
+
// 處理 --fail-on 選項
|
|
117
|
+
if (options.failOn) {
|
|
118
|
+
const failSeverities = getFailSeverities(options.failOn);
|
|
119
|
+
const hasFailingFindings = allFindings.some((f) => failSeverities.includes(f.severity));
|
|
120
|
+
if (hasFailingFindings) {
|
|
121
|
+
process.exit(1);
|
|
122
|
+
}
|
|
123
|
+
}
|
|
124
|
+
});
|
|
125
|
+
// ---------------------------------------------------------------------------
|
|
126
|
+
// Default scan command (root action)
|
|
127
|
+
// 預設掃描指令(根動作)
|
|
128
|
+
// ---------------------------------------------------------------------------
|
|
129
|
+
program
|
|
18
130
|
.option('--quick', 'Quick scan mode (~30 seconds) / 快速掃描模式', false)
|
|
19
131
|
.option('--output <path>', 'Output PDF report path / 輸出 PDF 報告路徑', 'panguard-scan-report.pdf')
|
|
20
132
|
.option('--lang <language>', 'Language: en or zh-TW / 語言', 'en')
|
|
@@ -63,7 +175,7 @@ program
|
|
|
63
175
|
// Human-friendly remote output delegated to executeScan is not available here;
|
|
64
176
|
// print a simple summary
|
|
65
177
|
const { banner, scoreDisplay, symbols, c, formatDuration } = await import('@panguard-ai/core');
|
|
66
|
-
console.log(banner());
|
|
178
|
+
console.log(banner(PANGUARD_SCAN_VERSION));
|
|
67
179
|
console.log(` ${symbols.scan} Remote Scan: ${c.bold(options.target)}`);
|
|
68
180
|
console.log(scoreDisplay(safetyScore, grade));
|
|
69
181
|
console.log(` Findings: ${result.findings.length} | Duration: ${formatDuration(result.scanDuration)}`);
|
package/dist/cli/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";AACA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";AACA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AACpD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC5C,OAAO,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAGtD;;;;;;GAMG;AACH,SAAS,iBAAiB,CAAC,QAAgB;IACzC,MAAM,KAAK,GAAe,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;IACxE,MAAM,GAAG,GAAG,KAAK,CAAC,OAAO,CAAC,QAAoB,CAAC,CAAC;IAChD,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IACpC,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;AACjC,CAAC;AAED,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,eAAe,CAAC;KACrB,WAAW,CAAC,kEAAkE,CAAC;KAC/E,OAAO,CAAC,qBAAqB,CAAC,CAAC;AAElC,8EAA8E;AAC9E,6CAA6C;AAC7C,yBAAyB;AACzB,8EAA8E;AAC9E,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CACV,kEAAkE,CACnE;KACA,MAAM,CAAC,mBAAmB,EAAE,2CAA2C,EAAE,GAAG,CAAC;KAC7E,MAAM,CAAC,mBAAmB,EAAE,4BAA4B,EAAE,IAAI,CAAC;KAC/D,MAAM,CAAC,QAAQ,EAAE,6CAA6C,EAAE,KAAK,CAAC;KACtE,MAAM,CACL,sBAAsB,EACtB,+EAA+E,CAChF;KACA,MAAM,CAAC,iBAAiB,EAAE,sCAAsC,CAAC;KACjE,MAAM,CACL,KAAK,EAAE,OAMN,EAAE,EAAE;IACH,MAAM,KAAK,GAAa,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IAClE,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,6BAA6B,CAAC,CAAC;IACxE,MAAM,EAAE,qBAAqB,EAAE,GAAG,MAAM,MAAM,CAAC,gCAAgC,CAAC,CAAC;IAEjF,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAClB,WAAW,CAAC,QAAQ,CAAC,CAAC;QACtB,OAAO,CAAC,KAAK,CACX,YAAY,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAC/D,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,WAAW,CAAC,QAAQ,CAAC,CAAC;IACxB,CAAC;IAED,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACvD,eAAe,CAAC,OAAO,CAAC,GAAG,CAAC;QAC5B,qBAAqB,CAAC,OAAO,CAAC,GAAG,CAAC;KACnC,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,cAAc,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAE9E,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;YACE,OAAO,EAAE,qBAAqB;YAC9B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,SAAS,EAAE,MAAM;YACjB,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC;YACjC,cAAc,EAAE,WAAW,CAAC,MAAM;YAClC,QAAQ,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;gBACnC,GAAG,EAAE,CAAC,GAAG,CAAC;gBACV,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,OAAO,EAAE,CAAC,CAAC,OAAO;aACnB,CAAC,CAAC;YACH,UAAU,EAAE,aAAa;YACzB,cAAc,EAAE,IAAI;SACrB,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,wBAAwB;QACxB,QAAQ;QACR,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,WAAW,WAAW,CAAC,MAAM,gBAAgB,CAAC,CAAC;YAC3D,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;gBAC5B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;gBAC1D,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;oBACd,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBACvC,CAAC;YACH,CAAC;YAED,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;YAC9E,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;YAC1E,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;YAC3E,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM,CAAC;YAExE,MAAM,KAAK,GAAa,EAAE,CAAC;YAC3B,IAAI,SAAS,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,SAAS,WAAW,CAAC,CAAC;YACvD,IAAI,SAAS,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,SAAS,OAAO,CAAC,CAAC;YACnD,IAAI,QAAQ,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,SAAS,CAAC,CAAC;YACnD,IAAI,QAAQ,GAAG,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,GAAG,QAAQ,MAAM,CAAC,CAAC;YAEhD,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACjD,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAClB,CAAC;IAED,mBAAmB;IACnB,kBAAkB;IAClB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,cAAc,GAAG,iBAAiB,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACzD,MAAM,kBAAkB,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAChD,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CACpC,CAAC;QACF,IAAI,kBAAkB,EAAE,CAAC;YACvB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC,CACF,CAAC;AAEJ,8EAA8E;AAC9E,qCAAqC;AACrC,cAAc;AACd,8EAA8E;AAC9E,OAAO;KACJ,MAAM,CAAC,SAAS,EAAE,wCAAwC,EAAE,KAAK,CAAC;KAClE,MAAM,CACL,iBAAiB,EACjB,sCAAsC,EACtC,0BAA0B,CAC3B;KACA,MAAM,CAAC,mBAAmB,EAAE,4BAA4B,EAAE,IAAI,CAAC;KAC/D,MAAM,CAAC,WAAW,EAAE,uBAAuB,EAAE,KAAK,CAAC;KACnD,MAAM,CAAC,QAAQ,EAAE,uDAAuD,EAAE,KAAK,CAAC;KAChF,MAAM,CAAC,iBAAiB,EAAE,qCAAqC,CAAC;KAChE,MAAM,CACL,KAAK,EAAE,OAON,EAAE,EAAE;IACH,MAAM,IAAI,GAAa,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IAEjE,mBAAmB;IACnB,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,WAAW,CAAC,QAAQ,CAAC,CAAC;QACtB,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QACrE,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QACxD,MAAM,KAAK,GACT,WAAW,IAAI,EAAE;YACf,CAAC,CAAC,GAAG;YACL,CAAC,CAAC,WAAW,IAAI,EAAE;gBACjB,CAAC,CAAC,GAAG;gBACL,CAAC,CAAC,WAAW,IAAI,EAAE;oBACjB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,WAAW,IAAI,EAAE;wBACjB,CAAC,CAAC,GAAG;wBACL,CAAC,CAAC,GAAG,CAAC;QAEhB,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;gBACE,OAAO,EAAE,qBAAqB;gBAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;gBAC3B,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,UAAU,EAAE,MAAM,CAAC,SAAS;gBAC5B,UAAU,EAAE,MAAM,CAAC,SAAS;gBAC5B,KAAK;gBACL,gBAAgB,EAAE,MAAM,CAAC,YAAY;gBACrC,cAAc,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;gBACtC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;oBACvC,EAAE,EAAE,CAAC,GAAG,CAAC;oBACT,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;oBACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;oBAC1B,WAAW,EAAE,CAAC,CAAC,WAAW;iBAC3B,CAAC,CAAC;gBACH,UAAU,EAAE,aAAa;gBACzB,cAAc,EAAE,IAAI;aACrB,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,+EAA+E;YAC/E,yBAAyB;YACzB,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,OAAO,EAAE,CAAC,EAAE,cAAc,EAAE,GACxD,MAAM,MAAM,CAAC,mBAAmB,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,qBAAqB,CAAC,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,CAAC,IAAI,iBAAiB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YACxE,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,CACT,eAAe,MAAM,CAAC,QAAQ,CAAC,MAAM,gBAAgB,cAAc,CAAC,MAAM,CAAC,YAAY,CAAC,EAAE,CAC3F,CAAC;YACF,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;YAC1E,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;QACD,OAAO;IACT,CAAC;IAED,2BAA2B;IAC3B,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;QACjB,WAAW,CAAC,QAAQ,CAAC,CAAC;QACtB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,MAAM,CAAC,sBAAsB,CAAC,CAAC;QACzD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC;YAC3B,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM;YACvC,IAAI;YACJ,OAAO,EAAE,KAAK;SACf,CAAC,CAAC;QACH,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,SAAS,CAAC,CAAC;QACxD,MAAM,KAAK,GACT,WAAW,IAAI,EAAE;YACf,CAAC,CAAC,GAAG;YACL,CAAC,CAAC,WAAW,IAAI,EAAE;gBACjB,CAAC,CAAC,GAAG;gBACL,CAAC,CAAC,WAAW,IAAI,EAAE;oBACjB,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,WAAW,IAAI,EAAE;wBACjB,CAAC,CAAC,GAAG;wBACL,CAAC,CAAC,GAAG,CAAC;QAEhB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;YACE,OAAO,EAAE,qBAAqB;YAC9B,SAAS,EAAE,MAAM,CAAC,SAAS;YAC3B,MAAM,EAAE,WAAW;YACnB,UAAU,EAAE,MAAM,CAAC,SAAS;YAC5B,UAAU,EAAE,MAAM,CAAC,SAAS;YAC5B,KAAK;YACL,gBAAgB,EAAE,MAAM,CAAC,YAAY;YACrC,cAAc,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;YACtC,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC;gBACvC,EAAE,EAAE,CAAC,GAAG,CAAC;gBACT,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,WAAW,EAAE,CAAC,CAAC,WAAW;aAC3B,CAAC,CAAC;YACH,MAAM,EAAE;gBACN,EAAE,EAAE,GAAG,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,MAAM,IAAI,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,OAAO,EAAE;gBAClE,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC,EAAE,CAAC,IAAI;gBAC9B,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,MAAM;gBAC7C,gBAAgB,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM;gBAClD,gBAAgB,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO;gBAC5D,uBAAuB,EAAE,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,MAAM;aACxE;YACD,UAAU,EAAE,aAAa;YACzB,cAAc,EAAE,IAAI;SACrB,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACF,OAAO;IACT,CAAC;IAED,6BAA6B;IAC7B,MAAM,WAAW,CAAC;QAChB,KAAK,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM;QACvC,IAAI;QACJ,MAAM,EAAE,OAAO,CAAC,MAAM;QACtB,OAAO,EAAE,OAAO,CAAC,OAAO;KACzB,CAAC,CAAC;AACL,CAAC,CACF,CAAC;AAEJ,OAAO,CAAC,UAAU,EAAE,CAAC,KAAK,CAAC,CAAC,GAAY,EAAE,EAAE;IAC1C,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;IACxE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -8,10 +8,12 @@
|
|
|
8
8
|
* @module @panguard-ai/panguard-scan
|
|
9
9
|
*/
|
|
10
10
|
/** PanguardScan version / PanguardScan 版本 */
|
|
11
|
-
export declare const PANGUARD_SCAN_VERSION
|
|
11
|
+
export declare const PANGUARD_SCAN_VERSION: string;
|
|
12
12
|
/** PanguardScan product name / PanguardScan 產品名稱 */
|
|
13
13
|
export declare const CLAWSCAN_NAME = "PanguardScan";
|
|
14
14
|
export { runScan } from './scanners/index.js';
|
|
15
|
+
export { checkSourceCode } from './scanners/sast-checker.js';
|
|
16
|
+
export { checkHardcodedSecrets } from './scanners/secrets-checker.js';
|
|
15
17
|
export type { ScanConfig, ScanResult, Finding } from './scanners/types.js';
|
|
16
18
|
export { sortBySeverity, SEVERITY_ORDER } from './scanners/types.js';
|
|
17
19
|
export { runRemoteScan } from './scanners/remote/index.js';
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,6CAA6C;AAC7C,eAAO,MAAM,qBAAqB,EAAE,MAAqB,CAAC;AAE1D,oDAAoD;AACpD,eAAO,MAAM,aAAa,iBAAiB,CAAC;AAG5C,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AACtE,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAGrE,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,YAAY,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAGnE,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -7,12 +7,17 @@
|
|
|
7
7
|
*
|
|
8
8
|
* @module @panguard-ai/panguard-scan
|
|
9
9
|
*/
|
|
10
|
+
import { createRequire } from 'node:module';
|
|
11
|
+
const _require = createRequire(import.meta.url);
|
|
12
|
+
const _pkg = _require('../package.json');
|
|
10
13
|
/** PanguardScan version / PanguardScan 版本 */
|
|
11
|
-
export const PANGUARD_SCAN_VERSION =
|
|
14
|
+
export const PANGUARD_SCAN_VERSION = _pkg.version;
|
|
12
15
|
/** PanguardScan product name / PanguardScan 產品名稱 */
|
|
13
16
|
export const CLAWSCAN_NAME = 'PanguardScan';
|
|
14
17
|
// Scanner exports / 掃描器匯出
|
|
15
18
|
export { runScan } from './scanners/index.js';
|
|
19
|
+
export { checkSourceCode } from './scanners/sast-checker.js';
|
|
20
|
+
export { checkHardcodedSecrets } from './scanners/secrets-checker.js';
|
|
16
21
|
export { sortBySeverity, SEVERITY_ORDER } from './scanners/types.js';
|
|
17
22
|
// Remote scanner exports / 遠端掃描器匯出
|
|
18
23
|
export { runRemoteScan } from './scanners/remote/index.js';
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,6CAA6C;AAC7C,MAAM,CAAC,MAAM,qBAAqB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChD,MAAM,IAAI,GAAG,QAAQ,CAAC,iBAAiB,CAAwB,CAAC;AAChE,6CAA6C;AAC7C,MAAM,CAAC,MAAM,qBAAqB,GAAW,IAAI,CAAC,OAAO,CAAC;AAE1D,oDAAoD;AACpD,MAAM,CAAC,MAAM,aAAa,GAAG,cAAc,CAAC;AAE5C,0BAA0B;AAC1B,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,4BAA4B,CAAC;AAC7D,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErE,mCAAmC;AACnC,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAG3D,wBAAwB;AACxB,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC"}
|
package/dist/scanners/index.d.ts
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
*/
|
|
14
14
|
import type { ScanConfig, ScanResult } from './types.js';
|
|
15
15
|
/** Scanner modules version / 掃描模組版本 */
|
|
16
|
-
export declare const SCANNERS_VERSION
|
|
16
|
+
export declare const SCANNERS_VERSION: string;
|
|
17
17
|
/**
|
|
18
18
|
* Run a complete security scan
|
|
19
19
|
* 執行完整的安全掃描
|
|
@@ -49,6 +49,8 @@ export { checkSslCertificates } from './ssl-checker.js';
|
|
|
49
49
|
export { checkScheduledTasks } from './scheduled-tasks.js';
|
|
50
50
|
export { checkSharedFolders } from './shared-folders.js';
|
|
51
51
|
export { checkCVEs } from './cve-checker.js';
|
|
52
|
+
export { checkSourceCode } from './sast-checker.js';
|
|
53
|
+
export { checkHardcodedSecrets } from './secrets-checker.js';
|
|
52
54
|
export type { ScanConfig, ScanResult, Finding } from './types.js';
|
|
53
55
|
export { sortBySeverity, SEVERITY_ORDER } from './types.js';
|
|
54
56
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanners/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanners/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAkBH,OAAO,KAAK,EAAE,UAAU,EAAE,UAAU,EAAW,MAAM,YAAY,CAAC;AASlE,uCAAuC;AACvC,eAAO,MAAM,gBAAgB,EAAE,MAAqB,CAAC;AAiKrD;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,wBAAsB,OAAO,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CA8JrE;AAID,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAC7D,YAAY,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAClE,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC"}
|
package/dist/scanners/index.js
CHANGED
|
@@ -20,10 +20,15 @@ import { checkSslCertificates } from './ssl-checker.js';
|
|
|
20
20
|
import { checkScheduledTasks } from './scheduled-tasks.js';
|
|
21
21
|
import { checkSharedFolders } from './shared-folders.js';
|
|
22
22
|
import { checkCVEs } from './cve-checker.js';
|
|
23
|
+
import { checkSourceCode } from './sast-checker.js';
|
|
24
|
+
import { checkHardcodedSecrets } from './secrets-checker.js';
|
|
23
25
|
import { sortBySeverity } from './types.js';
|
|
24
26
|
const logger = createLogger('panguard-scan:orchestrator');
|
|
27
|
+
import { createRequire } from 'node:module';
|
|
28
|
+
const _require = createRequire(import.meta.url);
|
|
29
|
+
const _pkg = _require('../../package.json');
|
|
25
30
|
/** Scanner modules version / 掃描模組版本 */
|
|
26
|
-
export const SCANNERS_VERSION =
|
|
31
|
+
export const SCANNERS_VERSION = _pkg.version;
|
|
27
32
|
/**
|
|
28
33
|
* Category-to-title mapping for risk factor conversion
|
|
29
34
|
* 風險因素轉換的類別到標題對應表
|
|
@@ -284,6 +289,18 @@ export async function runScan(config) {
|
|
|
284
289
|
else {
|
|
285
290
|
logger.info('Skipping full-depth checks in quick mode');
|
|
286
291
|
}
|
|
292
|
+
// Code SAST scan / 程式碼靜態安全分析
|
|
293
|
+
if (config.codeDir) {
|
|
294
|
+
logger.info('Running SAST (Semgrep) and secrets scan on source code directory', {
|
|
295
|
+
codeDir: config.codeDir,
|
|
296
|
+
});
|
|
297
|
+
const [codeFindings, secretFindings] = await Promise.all([
|
|
298
|
+
checkSourceCode(config.codeDir),
|
|
299
|
+
checkHardcodedSecrets(config.codeDir),
|
|
300
|
+
]);
|
|
301
|
+
logger.info(`Code scan: ${codeFindings.length} SAST finding(s), ${secretFindings.length} secret finding(s)`);
|
|
302
|
+
additionalFindings.push(...codeFindings, ...secretFindings);
|
|
303
|
+
}
|
|
287
304
|
// Step 6: Merge, enrich with manual fix commands, and sort all findings
|
|
288
305
|
// 步驟 6:合併、補充手動修復指令,並排序所有發現
|
|
289
306
|
const allFindings = [...discoveryFindings, ...additionalFindings]
|
|
@@ -324,5 +341,7 @@ export { checkSslCertificates } from './ssl-checker.js';
|
|
|
324
341
|
export { checkScheduledTasks } from './scheduled-tasks.js';
|
|
325
342
|
export { checkSharedFolders } from './shared-folders.js';
|
|
326
343
|
export { checkCVEs } from './cve-checker.js';
|
|
344
|
+
export { checkSourceCode } from './sast-checker.js';
|
|
345
|
+
export { checkHardcodedSecrets } from './secrets-checker.js';
|
|
327
346
|
export { sortBySeverity, SEVERITY_ORDER } from './types.js';
|
|
328
347
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanners/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAE/D,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,wBAAwB,GACzB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanners/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAE/D,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,wBAAwB,GACzB,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAE7D,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAE5C,MAAM,MAAM,GAAG,YAAY,CAAC,4BAA4B,CAAC,CAAC;AAE1D,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChD,MAAM,IAAI,GAAG,QAAQ,CAAC,oBAAoB,CAAwB,CAAC;AAEnE,uCAAuC;AACvC,MAAM,CAAC,MAAM,gBAAgB,GAAW,IAAI,CAAC,OAAO,CAAC;AAErD;;;;;;GAMG;AACH,MAAM,kBAAkB,GAA2B;IACjD,UAAU,EAAE,4BAA4B;IACxC,aAAa,EAAE,6CAA6C;IAC5D,cAAc,EAAE,+BAA+B;IAC/C,SAAS,EAAE,iCAAiC;IAC5C,eAAe,EAAE,sCAAsC;IACvD,gBAAgB,EAAE,+CAA+C;IACjE,iBAAiB,EAAE,uCAAuC;CAC3D,CAAC;AAEF;;;GAGG;AACH,MAAM,sBAAsB,GAA6B;IACvD,UAAU,EAAE,CAAC,iBAAiB,EAAE,gCAAgC,CAAC;IACjE,cAAc,EAAE,CAAC,sBAAsB,EAAE,sDAAsD,CAAC;IAChG,SAAS,EAAE,CAAC,wCAAwC,CAAC;IACrD,eAAe,EAAE;QACf,8BAA8B;QAC9B,iEAAiE;KAClE;IACD,gBAAgB,EAAE;QAChB,4FAA4F;QAC5F,6BAA6B;KAC9B;IACD,iBAAiB,EAAE;QACjB,0DAA0D;QAC1D,uCAAuC;KACxC;CACF,CAAC;AAEF;;;;;;GAMG;AACH,MAAM,wBAAwB,GAA2B;IACvD,UAAU,EACR,mFAAmF;QACnF,wBAAwB;IAC1B,aAAa,EACX,qGAAqG;QACrG,gCAAgC;IAClC,cAAc,EACZ,6EAA6E;QAC7E,wBAAwB;IAC1B,SAAS,EACP,uEAAuE;QACvE,wBAAwB;IAC1B,eAAe,EACb,qFAAqF;QACrF,4BAA4B;IAC9B,gBAAgB,EACd,2FAA2F;QAC3F,+BAA+B;IACjC,iBAAiB,EACf,qFAAqF;QACrF,yBAAyB;CAC5B,CAAC;AAEF;;;;;;;;;;GAUG;AACH,SAAS,mBAAmB,CAAC,MAAkB;IAC7C,MAAM,KAAK,GACT,kBAAkB,CAAC,MAAM,CAAC,QAAQ,CAAC;QACnC,gBAAgB,MAAM,CAAC,QAAQ,WAAW,MAAM,CAAC,QAAQ,EAAE,CAAC;IAE9D,MAAM,WAAW,GACf,wBAAwB,CAAC,MAAM,CAAC,QAAQ,CAAC;QACzC,2EAA2E;YACzE,qBAAqB,CAAC;IAE1B,MAAM,SAAS,GAAG,sBAAsB,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE1D,OAAO;QACL,EAAE,EAAE,QAAQ,MAAM,CAAC,QAAQ,EAAE;QAC7B,KAAK;QACL,WAAW,EAAE,MAAM,CAAC,WAAW;QAC/B,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,WAAW;QACX,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;;;;;;;;;;GAWG;AACH,SAAS,0BAA0B,CAAC,SAAiB,EAAE,kBAA6B;IAClF,MAAM,cAAc,GAA2B;QAC7C,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,WAAW,IAAI,cAAc,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACvD,CAAC;IAED,gCAAgC;IAChC,cAAc;IACd,OAAO,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED;;;GAGG;AACH,MAAM,mBAAmB,GAA6B;IACpD,QAAQ,EAAE,CAAC,0BAA0B,EAAE,sCAAsC,CAAC;IAC9E,GAAG,EAAE;QACH,wDAAwD;QACxD,8CAA8C;KAC/C;CACF,CAAC;AAEF;;;GAGG;AACH,SAAS,eAAe,CAAC,OAAgB;IACvC,IAAI,OAAO,CAAC,SAAS,IAAI,OAAO,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,OAAO,CAAC;IACtE,MAAM,GAAG,GAAG,mBAAmB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAClD,IAAI,GAAG;QAAE,OAAO,EAAE,GAAG,OAAO,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC;IAC/C,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAAC,MAAkB;IAC9C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAElF,uDAAuD;IACvD,MAAM,eAAe,GAAG,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;IACvF,MAAM,mBAAmB,GAAG;QAC1B,GAAG,wBAAwB;QAC3B,gBAAgB;QAChB,KAAK;QACL,KAAK;QACL,KAAK;QACL,WAAW;QACX,UAAU;QACV,SAAS;QACT,UAAU;QACV,SAAS;QACT,KAAK;QACL,WAAW;QACX,SAAS;QACT,SAAS;QACT,IAAI;QACJ,MAAM;QACN,IAAI;QACJ,UAAU;QACV,WAAW;QACX,MAAM;QACN,IAAI;KACI,CAAC;IACX,MAAM,eAAe,GAAG,qBAAqB,CAAC,eAAe,CAAC,CAAC;IAC/D,MAAM,gBAAgB,GAAG,sBAAsB,CAAC,mBAAmB,CAAC,CAAC;IACrE,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE;QACxC,WAAW,EAAE,eAAe,CAAC,MAAM;QACnC,eAAe,EAAE,mBAAmB,CAAC,MAAM;KAC5C,CAAC,CAAC;IAEH,oCAAoC;IACnC,UAAsC,CAAC,sBAAsB,CAAC,GAAG;QAChE,eAAe;QACf,gBAAgB;KACjB,CAAC;IAEF,oCAAoC;IACpC,cAAc;IACd,MAAM,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,MAAM,QAAQ,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IAE7E,gDAAgD;IAChD,oBAAoB;IACpB,MAAM,CAAC,IAAI,CAAC,8CAA8C,CAAC,CAAC;IAC5D,MAAM,iBAAiB,GAAc,SAAS,CAAC,eAAe,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACxF,MAAM,CAAC,IAAI,CAAC,aAAa,iBAAiB,CAAC,MAAM,2BAA2B,CAAC,CAAC;IAE9E,gCAAgC;IAChC,cAAc;IACd,MAAM,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IACjD,MAAM,gBAAgB,GAAG,MAAM,mBAAmB,EAAE,CAAC;IACrD,MAAM,CAAC,IAAI,CAAC,0BAA0B,gBAAgB,CAAC,MAAM,aAAa,CAAC,CAAC;IAE5E,kCAAkC;IAClC,eAAe;IACf,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACxD,MAAM,YAAY,GAAG,qBAAqB,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;IAChE,MAAM,CAAC,IAAI,CAAC,qBAAqB,YAAY,CAAC,MAAM,aAAa,CAAC,CAAC;IAEnE,sDAAsD;IACtD,iBAAiB;IACjB,MAAM,kBAAkB,GAAc,CAAC,GAAG,gBAAgB,EAAE,GAAG,YAAY,CAAC,CAAC;IAE7E,wCAAwC;IACxC,mBAAmB;IACnB,IAAI,MAAM,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,+CAA+C,CAAC,CAAC;QAE7D,wBAAwB;QACxB,WAAW;QACX,MAAM,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACzC,MAAM,WAAW,GAAG,MAAM,oBAAoB,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACpE,MAAM,CAAC,IAAI,CAAC,0BAA0B,WAAW,CAAC,MAAM,aAAa,CAAC,CAAC;QACvE,kBAAkB,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;QAExC,wBAAwB;QACxB,SAAS;QACT,MAAM,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QACxC,MAAM,YAAY,GAAG,MAAM,mBAAmB,EAAE,CAAC;QACjD,MAAM,CAAC,IAAI,CAAC,0BAA0B,YAAY,CAAC,MAAM,aAAa,CAAC,CAAC;QACxE,kBAAkB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;QAEzC,uBAAuB;QACvB,UAAU;QACV,MAAM,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QACvC,MAAM,aAAa,GAAG,MAAM,kBAAkB,EAAE,CAAC;QACjD,MAAM,CAAC,IAAI,CAAC,yBAAyB,aAAa,CAAC,MAAM,aAAa,CAAC,CAAC;QACxE,kBAAkB,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,CAAC;QAE1C,wDAAwD;QACxD,wBAAwB;QACxB,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;QACxD,MAAM,WAAW,GAAG,MAAM,SAAS,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;QACzD,MAAM,CAAC,IAAI,CAAC,cAAc,WAAW,CAAC,MAAM,aAAa,CAAC,CAAC;QAC3D,kBAAkB,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;IAED,6BAA6B;IAC7B,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,MAAM,CAAC,IAAI,CAAC,kEAAkE,EAAE;YAC9E,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC,CAAC;QACH,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;YACvD,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC;YAC/B,qBAAqB,CAAC,MAAM,CAAC,OAAO,CAAC;SACtC,CAAC,CAAC;QACH,MAAM,CAAC,IAAI,CACT,cAAc,YAAY,CAAC,MAAM,qBAAqB,cAAc,CAAC,MAAM,oBAAoB,CAChG,CAAC;QACF,kBAAkB,CAAC,IAAI,CAAC,GAAG,YAAY,EAAE,GAAG,cAAc,CAAC,CAAC;IAC9D,CAAC;IAED,wEAAwE;IACxE,2BAA2B;IAC3B,MAAM,WAAW,GAAc,CAAC,GAAG,iBAAiB,EAAE,GAAG,kBAAkB,CAAC;SACzE,GAAG,CAAC,eAAe,CAAC;SACpB,IAAI,CAAC,cAAc,CAAC,CAAC;IAExB,MAAM,CAAC,IAAI,CAAC,mBAAmB,WAAW,CAAC,MAAM,EAAE,CAAC,CAAC;IAErD,wCAAwC;IACxC,gBAAgB;IAChB,MAAM,iBAAiB,GAAG,0BAA0B,CAAC,SAAS,CAAC,SAAS,EAAE,kBAAkB,CAAC,CAAC;IAC9F,MAAM,SAAS,GAAG,YAAY,CAAC,iBAAiB,CAAC,CAAC;IAElD,MAAM,CAAC,IAAI,CAAC,wBAAwB,iBAAiB,gBAAgB,SAAS,GAAG,CAAC,CAAC;IAEnF,yCAAyC;IACzC,wBAAwB;IACxB,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAE5C,MAAM,MAAM,GAAe;QACzB,SAAS;QACT,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,iBAAiB;QAC5B,SAAS;QACT,YAAY;QACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,MAAM;KACP,CAAC;IAEF,MAAM,CAAC,IAAI,CAAC,wBAAwB,EAAE;QACpC,QAAQ,EAAE,GAAG,YAAY,IAAI;QAC7B,QAAQ,EAAE,WAAW,CAAC,MAAM;QAC5B,SAAS,EAAE,iBAAiB;QAC5B,SAAS;KACV,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,6DAA6D;AAC7D,sBAAsB;AACtB,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,qBAAqB,EAAE,MAAM,iBAAiB,CAAC;AACxD,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAC3D,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AAC7C,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,sBAAsB,CAAC;AAE7D,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/remote/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/remote/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAClD,OAAO,KAAK,EAAW,UAAU,EAAE,MAAM,aAAa,CAAC;AAOvD,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,QAAQ,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAuBD;;GAEG;AACH,wBAAsB,aAAa,CAAC,MAAM,EAAE,gBAAgB,GAAG,OAAO,CAAC,UAAU,CAAC,CA4HjF;AAED,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC"}
|
|
@@ -4,16 +4,56 @@
|
|
|
4
4
|
*
|
|
5
5
|
* @module @panguard-ai/panguard-scan/scanners/remote
|
|
6
6
|
*/
|
|
7
|
+
import { lookup } from 'node:dns/promises';
|
|
7
8
|
import { SEVERITY_ORDER } from '../types.js';
|
|
8
9
|
import { scanPorts } from './port-scanner.js';
|
|
9
10
|
import { checkSSL } from './ssl-checker.js';
|
|
10
11
|
import { checkHttpHeaders } from './http-headers.js';
|
|
11
12
|
import { checkDNS } from './dns-checker.js';
|
|
13
|
+
/** Check if an IP address is private/reserved (SSRF protection). */
|
|
14
|
+
function isPrivateIP(ip) {
|
|
15
|
+
// IPv4 private/reserved ranges
|
|
16
|
+
const parts = ip.split('.').map(Number);
|
|
17
|
+
if (parts.length === 4 && parts.every((n) => !isNaN(n))) {
|
|
18
|
+
const [a, b] = parts;
|
|
19
|
+
if (a === 10)
|
|
20
|
+
return true; // 10.0.0.0/8
|
|
21
|
+
if (a === 172 && b >= 16 && b <= 31)
|
|
22
|
+
return true; // 172.16.0.0/12
|
|
23
|
+
if (a === 192 && b === 168)
|
|
24
|
+
return true; // 192.168.0.0/16
|
|
25
|
+
if (a === 127)
|
|
26
|
+
return true; // 127.0.0.0/8
|
|
27
|
+
if (a === 0)
|
|
28
|
+
return true; // 0.0.0.0/8
|
|
29
|
+
if (a === 169 && b === 254)
|
|
30
|
+
return true; // link-local
|
|
31
|
+
if (a >= 224)
|
|
32
|
+
return true; // multicast + reserved
|
|
33
|
+
}
|
|
34
|
+
// IPv6 loopback and link-local
|
|
35
|
+
if (ip === '::1' || ip === '::' || ip.startsWith('fe80:') || ip.startsWith('fc') || ip.startsWith('fd')) {
|
|
36
|
+
return true;
|
|
37
|
+
}
|
|
38
|
+
return false;
|
|
39
|
+
}
|
|
12
40
|
/**
|
|
13
41
|
* Run a comprehensive remote scan against a target host.
|
|
14
42
|
*/
|
|
15
43
|
export async function runRemoteScan(config) {
|
|
16
44
|
const { target, lang, timeout = 5000 } = config;
|
|
45
|
+
// SSRF protection: resolve hostname and block private/reserved IPs
|
|
46
|
+
try {
|
|
47
|
+
const resolved = await lookup(target);
|
|
48
|
+
if (isPrivateIP(resolved.address)) {
|
|
49
|
+
throw new Error(`Scanning private/reserved IP addresses is not allowed: ${target}`);
|
|
50
|
+
}
|
|
51
|
+
}
|
|
52
|
+
catch (err) {
|
|
53
|
+
if (err instanceof Error && err.message.includes('not allowed'))
|
|
54
|
+
throw err;
|
|
55
|
+
// DNS resolution failed — let individual scanners handle it
|
|
56
|
+
}
|
|
17
57
|
const startTime = Date.now();
|
|
18
58
|
const allFindings = [];
|
|
19
59
|
// Run all checks in parallel
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/remote/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/remote/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAG3C,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAQ5C,oEAAoE;AACpE,SAAS,WAAW,CAAC,EAAU;IAC7B,+BAA+B;IAC/B,MAAM,KAAK,GAAG,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACxC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACxD,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,KAAyC,CAAC;QACzD,IAAI,CAAC,KAAK,EAAE;YAAE,OAAO,IAAI,CAAC,CAA0B,aAAa;QACjE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;YAAE,OAAO,IAAI,CAAC,CAAG,gBAAgB;QACpE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC,CAAa,iBAAiB;QACtE,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC,CAA0B,cAAc;QACnE,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC,CAA4B,YAAY;QACjE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG;YAAE,OAAO,IAAI,CAAC,CAAa,aAAa;QAClE,IAAI,CAAC,IAAI,GAAG;YAAE,OAAO,IAAI,CAAC,CAA2B,uBAAuB;IAC9E,CAAC;IACD,+BAA+B;IAC/B,IAAI,EAAE,KAAK,KAAK,IAAI,EAAE,KAAK,IAAI,IAAI,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;QACxG,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,MAAwB;IAC1D,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC;IAEhD,mEAAmE;IACnE,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAC;QACtC,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,0DAA0D,MAAM,EAAE,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,GAAG,YAAY,KAAK,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC;YAAE,MAAM,GAAG,CAAC;QAC3E,4DAA4D;IAC9D,CAAC;IACD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,WAAW,GAAc,EAAE,CAAC;IAElC,6BAA6B;IAC7B,MAAM,CAAC,UAAU,EAAE,SAAS,EAAE,YAAY,EAAE,SAAS,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACzE,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YAC5C,QAAQ,EAAE,EAAe;YACzB,SAAS,EAAE,EAA6D;SACzE,CAAC,CAAC;QACH,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YAC3C,QAAQ,EAAE,EAAe;YACzB,MAAM,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE;SAC1C,CAAC,CAAC;QACH,gBAAgB,CAAC,MAAM,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YACnD,QAAQ,EAAE,EAAe;YACzB,OAAO,EAAE,EAAE;SACZ,CAAC,CAAC;QACH,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC;YAClC,QAAQ,EAAE,EAAe;YACzB,MAAM,EAAE,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE;SAC3D,CAAC,CAAC;KACJ,CAAC,CAAC;IAEH,WAAW,CAAC,IAAI,CACd,GAAG,UAAU,CAAC,QAAQ,EACtB,GAAG,SAAS,CAAC,QAAQ,EACrB,GAAG,YAAY,CAAC,QAAQ,EACxB,GAAG,SAAS,CAAC,QAAQ,CACtB,CAAC;IAEF,kDAAkD;IAClD,MAAM,cAAc,GAAG,CAAC,GAAG,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACpD,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC/C,OAAO,MAAM,GAAG,MAAM,CAAC;IACzB,CAAC,CAAC,CAAC;IAEH,uBAAuB;IACvB,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC/B,QAAQ,CAAC,CAAC,QAAQ,EAAE,CAAC;YACnB,KAAK,UAAU;gBACb,SAAS,IAAI,EAAE,CAAC;gBAChB,MAAM;YACR,KAAK,MAAM;gBACT,SAAS,IAAI,EAAE,CAAC;gBAChB,MAAM;YACR,KAAK,QAAQ;gBACX,SAAS,IAAI,CAAC,CAAC;gBACf,MAAM;YACR,KAAK,KAAK;gBACR,SAAS,IAAI,CAAC,CAAC;gBACf,MAAM;QACV,CAAC;IACH,CAAC;IACD,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;IAErC,MAAM,SAAS,GACb,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC;IAE/F,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAE5C,OAAO;QACL,SAAS,EAAE;YACT,EAAE,EAAE;gBACF,QAAQ,EAAE,QAAQ;gBAClB,MAAM,EAAE,QAAQ;gBAChB,OAAO,EAAE,EAAE;gBACX,IAAI,EAAE,EAAE;gBACR,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE,MAAM;gBAChB,MAAM,EAAE,CAAC;gBACT,UAAU,EAAE,EAAE;aACf;YACD,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE;gBACP,UAAU,EAAE,EAAE;gBACd,SAAS,EAAE,EAAE;gBACb,iBAAiB,EAAE,EAAE;gBACrB,OAAO,EAAE,EAAE;gBACX,GAAG,EAAE,EAAE;aACR;YACD,SAAS,EAAE,UAAU,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC1C,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,GAAG,EAAE,SAAS;gBACd,OAAO,EAAE,QAAQ;aAClB,CAAC,CAAC;YACH,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE;gBACR,aAAa,EAAE,EAAE;gBACjB,QAAQ,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;gBACpD,OAAO,EAAE,EAAE,cAAc,EAAE,CAAC,EAAE,iBAAiB,EAAE,KAAK,EAAE;gBACxD,KAAK,EAAE,EAAE;aACV;YACD,eAAe,EAAE,EAAE;YACnB,SAAS,EAAE,CAAC;YACZ,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACvC;QACD,QAAQ,EAAE,cAAc;QACxB,SAAS;QACT,SAAS,EAAE,SAAmD;QAC9D,YAAY;QACZ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,MAAM,EAAE;YACN,KAAK,EAAE,MAAM;YACb,IAAI;SACL;KACF,CAAC;AACJ,CAAC;AAED,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SAST (Static Application Security Testing) - Semgrep integration
|
|
3
|
+
* 靜態應用程式安全測試 - Semgrep 整合
|
|
4
|
+
*
|
|
5
|
+
* Runs Semgrep-based SAST analysis when semgrep is installed.
|
|
6
|
+
* If Semgrep is not available, returns an empty result with an info message.
|
|
7
|
+
* 當 semgrep 已安裝時執行基於 Semgrep 的 SAST 分析。
|
|
8
|
+
* 若 Semgrep 不可用,回傳空結果並附帶提示訊息。
|
|
9
|
+
*
|
|
10
|
+
* @module @panguard-ai/panguard-scan/scanners/sast-checker
|
|
11
|
+
*/
|
|
12
|
+
import type { Finding } from './types.js';
|
|
13
|
+
/**
|
|
14
|
+
* Scan source code for security vulnerabilities using SAST
|
|
15
|
+
* 使用 SAST 掃描原始碼的安全漏洞
|
|
16
|
+
*
|
|
17
|
+
* Runs Semgrep if available. If Semgrep is not installed, returns an empty
|
|
18
|
+
* result array. Install Semgrep for full SAST coverage.
|
|
19
|
+
* 若 Semgrep 可用則執行。若 Semgrep 未安裝,回傳空結果陣列。
|
|
20
|
+
* 安裝 Semgrep 以取得完整 SAST 覆蓋。
|
|
21
|
+
*
|
|
22
|
+
* @param targetDir - Source code directory to scan / 要掃描的原始碼目錄
|
|
23
|
+
* @returns Array of security findings / 安全發現陣列
|
|
24
|
+
*/
|
|
25
|
+
export declare function checkSourceCode(targetDir: string): Promise<Finding[]>;
|
|
26
|
+
//# sourceMappingURL=sast-checker.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"sast-checker.d.ts","sourceRoot":"","sources":["../../src/scanners/sast-checker.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAOH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAqT1C;;;;;;;;;;;GAWG;AACH,wBAAsB,eAAe,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CA6B3E"}
|