@panguard-ai/scan-core 0.1.1 → 0.1.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/atr-engine.d.ts.map +1 -1
- package/dist/atr-engine.js +18 -3
- package/dist/atr-engine.js.map +1 -1
- package/package.json +2 -3
package/dist/atr-engine.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atr-engine.d.ts","sourceRoot":"","sources":["../src/atr-engine.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,YAAY,EACZ,OAAO,EACP,WAAW,EAEZ,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"atr-engine.d.ts","sourceRoot":"","sources":["../src/atr-engine.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,eAAe,EACf,YAAY,EACZ,OAAO,EACP,WAAW,EAEZ,MAAM,YAAY,CAAC;AAwBpB;;GAEG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,SAAS,eAAe,EAAE,GAAG,YAAY,EAAE,CAoB9E;AA2CD,MAAM,WAAW,cAAc;IAC7B,4EAA4E;IAC5E,QAAQ,CAAC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAC5B,gEAAgE;IAChE,QAAQ,CAAC,iBAAiB,CAAC,EAAE,OAAO,CAAC;IACrC,oEAAoE;IACpE,QAAQ,CAAC,WAAW,CAAC,EAAE,OAAO,CAAC;CAChC;AAED;;;;;GAKG;AACH,wBAAgB,WAAW,CACzB,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,SAAS,YAAY,EAAE,EAC9B,OAAO,GAAE,cAAmB,GAC3B;IACD,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,WAAW,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;CACtB,CA2EA"}
|
package/dist/atr-engine.js
CHANGED
|
@@ -9,9 +9,24 @@ import { SAFE_INSTALL_URLS } from './instruction-patterns.js';
|
|
|
9
9
|
// ---------------------------------------------------------------------------
|
|
10
10
|
// Rule compilation
|
|
11
11
|
// ---------------------------------------------------------------------------
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
12
|
+
/**
|
|
13
|
+
* Simplified ReDoS safety check (replaces safe-regex CJS dependency).
|
|
14
|
+
* Detects catastrophic backtracking patterns: nested quantifiers like (a+)+,
|
|
15
|
+
* (a*)*b, ([a-z]+)*, etc. These cause exponential time on non-matching input.
|
|
16
|
+
*/
|
|
17
|
+
function isSafeRegex(re) {
|
|
18
|
+
const src = re.source;
|
|
19
|
+
// Reject nested quantifiers: (pattern+)+ or (pattern*)+ or (pattern+)* etc.
|
|
20
|
+
if (/\([^)]*[+*]\)[+*{]/.test(src))
|
|
21
|
+
return false;
|
|
22
|
+
// Reject overlapping alternations with quantifiers: (a|a)+
|
|
23
|
+
if (/\(([^|)]+)\|\1\)[+*]/.test(src))
|
|
24
|
+
return false;
|
|
25
|
+
// Reject star-of-star: .*.*.* (3+ consecutive greedy wildcards)
|
|
26
|
+
if (/(\.\*){3,}/.test(src))
|
|
27
|
+
return false;
|
|
28
|
+
return true;
|
|
29
|
+
}
|
|
15
30
|
/**
|
|
16
31
|
* Compile ATR rules: convert pattern strings to RegExp with ReDoS protection.
|
|
17
32
|
*/
|
package/dist/atr-engine.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"atr-engine.js","sourceRoot":"","sources":["../src/atr-engine.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AASH,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAE9D,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E,
|
|
1
|
+
{"version":3,"file":"atr-engine.js","sourceRoot":"","sources":["../src/atr-engine.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AASH,OAAO,EAAE,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AACzD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAE9D,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E;;;;GAIG;AACH,SAAS,WAAW,CAAC,EAAU;IAC7B,MAAM,GAAG,GAAG,EAAE,CAAC,MAAM,CAAC;IACtB,6EAA6E;IAC7E,IAAI,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACjD,2DAA2D;IAC3D,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACnD,iEAAiE;IACjE,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,KAAK,CAAC;IACzC,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,YAAY,CAAC,KAAiC;IAC5D,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAC1B,GAAG,IAAI;QACP,QAAQ,EAAE,IAAI,CAAC,QAAQ;aACpB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACT,IAAI,CAAC;gBACH,sEAAsE;gBACtE,MAAM,mBAAmB,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;gBACtD,MAAM,OAAO,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;gBACpF,MAAM,KAAK,GAAG,mBAAmB,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC7C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;gBACzC,mCAAmC;gBACnC,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC;oBAAE,OAAO,IAAI,CAAC;gBACrC,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACjC,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC,CAAC;aACD,MAAM,CAAC,OAAO,CAA2C;KAC7D,CAAC,CAAC,CAAC;AACN,CAAC;AAED,8EAA8E;AAC9E,yBAAyB;AACzB,8EAA8E;AAE9E,SAAS,kBAAkB,CAAC,OAAe;IACzC,MAAM,UAAU,GAAG,wEAAwE,CAAC;IAC5F,IAAI,KAA6B,CAAC;IAClC,IAAI,KAAK,GAAG,KAAK,CAAC;IAClB,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACnD,KAAK,GAAG,IAAI,CAAC;QACb,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;QAC7D,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;QACrE,MAAM,IAAI,GAAG,OAAO,CAAC,SAAS,CAAC,SAAS,EAAE,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QAC9F,MAAM,MAAM,GAAG,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC/E,IAAI,CAAC,MAAM;YAAE,OAAO,KAAK,CAAC;IAC5B,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB,EAAE,eAAuB;IAClE,MAAM,oBAAoB,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,CAAC,CAAC;IACzF,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;IACzC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3E,OAAO,kBAAkB,CAAC,eAAe,CAAC,CAAC;AAC7C,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB;IACzC,MAAM,GAAG,GAA6B;QACpC,QAAQ,EAAE,QAAQ;QAClB,IAAI,EAAE,KAAK;QACX,MAAM,EAAE,KAAK;QACb,GAAG,EAAE,MAAM;QACX,IAAI,EAAE,MAAM;KACb,CAAC;IACF,OAAO,GAAG,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC;AACjC,CAAC;AAeD;;;;;GAKG;AACH,MAAM,UAAU,WAAW,CACzB,OAAe,EACf,KAA8B,EAC9B,UAA0B,EAAE;IAM5B,MAAM,EAAE,QAAQ,GAAG,KAAK,EAAE,iBAAiB,GAAG,KAAK,EAAE,WAAW,GAAG,KAAK,EAAE,GAAG,OAAO,CAAC;IACrF,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,cAAc,GAAG,IAAI,GAAG,EAAU,CAAC;IACzC,MAAM,eAAe,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;IAEpD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAAE,SAAS;QAE1C,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACrC,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAChD,QAAQ,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC;gBAC7B,MAAM,eAAe,GAAG,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;gBAC7D,QAAQ,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC;gBAE7B,IAAI,UAAU,EAAE,CAAC;oBACf,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;oBAC5B,MAAM,YAAY,GAAG,CACnB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC;wBACnE,CAAC,CAAC,IAAI,CAAC,QAAQ;wBACf,CAAC,CAAC,QAAQ,CACD,CAAC;oBAEd,IAAI,QAAQ,GAAG,YAAY,CAAC;oBAC5B,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,IAAI,EAAE,CAAC;oBAEjC,oEAAoE;oBACpE,IAAI,eAAe,EAAE,CAAC;wBACpB,IAAI,QAAQ;4BAAE,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;wBACrD,IAAI,iBAAiB,CAAC,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,EAAE,EAAE,OAAO,CAAC,EAAE,CAAC;4BACxD,QAAQ,GAAG,KAAK,CAAC;wBACnB,CAAC;wBACD,IAAI,iBAAiB,EAAE,CAAC;4BACtB,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;wBACzC,CAAC;oBACH,CAAC;oBACD,qCAAqC;oBACrC,IAAI,CAAC,eAAe,IAAI,UAAU,IAAI,iBAAiB,IAAI,WAAW,EAAE,CAAC;wBACvE,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;oBACzC,CAAC;oBAED,MAAM,WAAW,GAAG,iBAAiB,CAAC,GAAG,IAAI,CAAC,KAAK,IAAI,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;oBAExE,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,OAAO,IAAI,CAAC,EAAE,EAAE;wBACpB,KAAK,EAAE,WAAW;4BAChB,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,8BAA8B;4BAC7C,CAAC,CAAC,CAAC,eAAe,IAAI,UAAU;gCAC9B,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,qBAAqB;gCACpC,CAAC,CAAC,IAAI,CAAC,KAAK;wBAChB,WAAW,EAAE,QAAQ,CAAC,IAAI,IAAI,oBAAoB,IAAI,CAAC,EAAE,EAAE;wBAC3D,QAAQ;wBACR,QAAQ,EAAE,IAAI,CAAC,QAAQ,IAAI,KAAK;wBAChC,QAAQ,EAAE,aAAa,IAAI,CAAC,EAAE,EAAE;qBACjC,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,qBAAqB;YACvB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ;QACR,KAAK,EAAE;YACL,MAAM,EAAE,cAAc,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACjD,KAAK,EACH,cAAc,CAAC,IAAI,GAAG,CAAC;gBACrB,CAAC,CAAC,kBAAkB,cAAc,CAAC,IAAI,uBAAuB,KAAK,CAAC,MAAM,aAAa;gBACvF,CAAC,CAAC,yBAAyB,KAAK,CAAC,MAAM,mBAAmB;SAC/D;QACD,YAAY,EAAE,cAAc,CAAC,IAAI;KAClC,CAAC;AACJ,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@panguard-ai/scan-core",
|
|
3
|
-
"version": "0.1.
|
|
3
|
+
"version": "0.1.2",
|
|
4
4
|
"license": "MIT",
|
|
5
5
|
"repository": {
|
|
6
6
|
"type": "git",
|
|
@@ -28,8 +28,7 @@
|
|
|
28
28
|
"README.md"
|
|
29
29
|
],
|
|
30
30
|
"dependencies": {
|
|
31
|
-
"js-yaml": "^4.1.0"
|
|
32
|
-
"safe-regex": "^2.1.1"
|
|
31
|
+
"js-yaml": "^4.1.0"
|
|
33
32
|
},
|
|
34
33
|
"devDependencies": {
|
|
35
34
|
"@types/js-yaml": "^4.0.9",
|