@shriyanss/js-recon 1.1.4-alpha.4 → 1.2.1-alpha.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +32 -0
- package/README.md +4 -0
- package/build/analyze/engine/{esqueryEngine.js → astEngine.js} +31 -1
- package/build/analyze/engine/astEngine.js.map +1 -0
- package/build/analyze/engine/index.js +6 -4
- package/build/analyze/engine/index.js.map +1 -1
- package/build/analyze/engine/requestEngine.js +18 -4
- package/build/analyze/engine/requestEngine.js.map +1 -1
- package/build/analyze/helpers/engineHelpers/findDirectAssignment.js +27 -0
- package/build/analyze/helpers/engineHelpers/findDirectAssignment.js.map +1 -0
- package/build/analyze/helpers/outputHelper.js +8 -0
- package/build/analyze/helpers/outputHelper.js.map +1 -0
- package/build/analyze/helpers/schemas.js +2 -2
- package/build/analyze/helpers/schemas.js.map +1 -1
- package/build/analyze/index.js +11 -3
- package/build/analyze/index.js.map +1 -1
- package/build/globalConfig.js +1 -1
- package/build/index.js +18 -6
- package/build/index.js.map +1 -1
- package/build/lazyLoad/index.js +5 -1
- package/build/lazyLoad/index.js.map +1 -1
- package/build/report/index.js +53 -0
- package/build/report/index.js.map +1 -0
- package/build/report/utility/genHtml.js +184 -0
- package/build/report/utility/genHtml.js.map +1 -0
- package/build/report/utility/initReportDb.js +71 -0
- package/build/report/utility/initReportDb.js.map +1 -0
- package/build/report/utility/markdownGen/addAnalyze.js +45 -0
- package/build/report/utility/markdownGen/addAnalyze.js.map +1 -0
- package/build/report/utility/markdownGen/addMappedJson.js +25 -0
- package/build/report/utility/markdownGen/addMappedJson.js.map +1 -0
- package/build/report/utility/populateDb/populateAnalysisFindings.js +23 -0
- package/build/report/utility/populateDb/populateAnalysisFindings.js.map +1 -0
- package/build/report/utility/populateDb/populateEndpoints.js +42 -0
- package/build/report/utility/populateDb/populateEndpoints.js.map +1 -0
- package/build/report/utility/populateDb/populateMappedJson.js +23 -0
- package/build/report/utility/populateDb/populateMappedJson.js.map +1 -0
- package/build/report/utility/populateDb/populateMappedOpenapi.js +41 -0
- package/build/report/utility/populateDb/populateMappedOpenapi.js.map +1 -0
- package/build/run/index.js +22 -9
- package/build/run/index.js.map +1 -1
- package/build/utility/urlUtils.js +1 -1
- package/build/utility/urlUtils.js.map +1 -1
- package/package.json +6 -2
- package/build/analyze/engine/esqueryEngine.js.map +0 -1
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,37 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## 1.2.1-alpha.1 - 2025.08.04
|
|
4
|
+
|
|
5
|
+
### Added
|
|
6
|
+
|
|
7
|
+
- Added `-k/--insecure` flag to disable SSL certificate verification
|
|
8
|
+
- Added `json` output feature to analyze module
|
|
9
|
+
- Added `analyze` module auto-run to `run` module
|
|
10
|
+
- Added `report` module
|
|
11
|
+
|
|
12
|
+
### Changed
|
|
13
|
+
|
|
14
|
+
- Updated the `postMessageFunctionResolve` step to resolve function expressions
|
|
15
|
+
- Updated the `postMessageFunctionResolve` step to resolve arrow function expressions
|
|
16
|
+
- Remove `--map-openapi` flag from run module (enabled by default)
|
|
17
|
+
- Remove `--map-openapi-output` flag from run module
|
|
18
|
+
|
|
19
|
+
### Fixed
|
|
20
|
+
|
|
21
|
+
## 1.1.4 - 2025.08.01
|
|
22
|
+
|
|
23
|
+
### Added
|
|
24
|
+
|
|
25
|
+
### Changed
|
|
26
|
+
|
|
27
|
+
- Replace `:` with `_` when creating host directories in `output/`
|
|
28
|
+
- Rename `esquery` engine to `ast` engine
|
|
29
|
+
- Allow any string type for `CheckAssignmentExistStep`
|
|
30
|
+
|
|
31
|
+
### Fixed
|
|
32
|
+
|
|
33
|
+
- Fix the issue in ast engine to handle direct assignments in `checkAssignmentExist`
|
|
34
|
+
|
|
3
35
|
## 1.1.4-alpha.4 - 2025.07.31
|
|
4
36
|
|
|
5
37
|
### Added
|
package/README.md
CHANGED
|
@@ -58,6 +58,8 @@ js-recon run -u https://app.example.com
|
|
|
58
58
|
| `map` | Maps function calls and analyzes code, with optional AI-powered descriptions. | [Read Docs](https://js-recon.io/docs/docs/modules/map) |
|
|
59
59
|
| `api-gateway` | Manages AWS API Gateway for IP rotation to bypass rate limits. | [Read Docs](https://js-recon.io/docs/docs/modules/api-gateway) |
|
|
60
60
|
| `run` | Runs all analysis modules automatically on a target. | [Read Docs](https://js-recon.io/docs/docs/modules/run) |
|
|
61
|
+
| `analyze` | Analyzes the code. | [Read Docs](https://js-recon.io/docs/docs/modules/analyze) |
|
|
62
|
+
| `report` | Generates a report from the analysis modules. | [Read Docs](https://js-recon.io/docs/docs/modules/report) |
|
|
61
63
|
|
|
62
64
|
## Key Features
|
|
63
65
|
|
|
@@ -67,6 +69,8 @@ js-recon run -u https://app.example.com
|
|
|
67
69
|
- Endpoints modules extracts client-side paths from the app
|
|
68
70
|
- Map feature analyzes the JS files and outputs it to a JSON file. An interactive mode can be then used to analyze it
|
|
69
71
|
- Reconstruct HTTP requests that the app makes to the server, and output them to the OpenAPI spec
|
|
72
|
+
- Run analyze to find potential issues in JS code and the HTTP requests the app makes
|
|
73
|
+
- Generate a report from the analyze module
|
|
70
74
|
|
|
71
75
|
## Example Scenario
|
|
72
76
|
|
|
@@ -15,8 +15,10 @@ import esquery from "esquery";
|
|
|
15
15
|
import { highlight } from "cli-highlight";
|
|
16
16
|
import { resolveFunctionIdentifier } from "../helpers/engineHelpers/resolveFunctionIdentifier.js";
|
|
17
17
|
import { findMemberExpressionAssignment } from "../helpers/engineHelpers/findMemberExpressionAssignment.js";
|
|
18
|
+
import { findDirectAssignment } from "../helpers/engineHelpers/findDirectAssignment.js";
|
|
18
19
|
const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0, function* () {
|
|
19
20
|
var _a, _b;
|
|
21
|
+
let findings = [];
|
|
20
22
|
for (const chunk of Object.values(mappedJsonData)) {
|
|
21
23
|
// first of all, load the code in ast
|
|
22
24
|
const ast = parser.parse(chunk.code, {
|
|
@@ -71,6 +73,13 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
|
|
|
71
73
|
completedSteps.push(step.name);
|
|
72
74
|
}
|
|
73
75
|
}
|
|
76
|
+
else if (selectedNode.arguments[1].type === "FunctionExpression" ||
|
|
77
|
+
selectedNode.arguments[1].type === "ArrowFunctionExpression") {
|
|
78
|
+
const functionExpression = selectedNode.arguments[1];
|
|
79
|
+
matchList[step.name] = { node: functionExpression, scope: ast };
|
|
80
|
+
matchCount++;
|
|
81
|
+
completedSteps.push(step.name);
|
|
82
|
+
}
|
|
74
83
|
}
|
|
75
84
|
}
|
|
76
85
|
}
|
|
@@ -89,6 +98,15 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
|
|
|
89
98
|
completedSteps.push(step.name);
|
|
90
99
|
}
|
|
91
100
|
}
|
|
101
|
+
else if (selectedNode) {
|
|
102
|
+
const assignmentNode = findDirectAssignment(selectedNode, matchList[step.checkAssignmentExist.name].scope);
|
|
103
|
+
if (assignmentNode) {
|
|
104
|
+
// store the matched assignment in matchList similar to earlier steps
|
|
105
|
+
matchList[step.name] = { node: assignmentNode, scope: ast };
|
|
106
|
+
matchCount++;
|
|
107
|
+
completedSteps.push(step.name);
|
|
108
|
+
}
|
|
109
|
+
}
|
|
92
110
|
}
|
|
93
111
|
}
|
|
94
112
|
// now, check if the matchCount is equal to the length of the rule.steps
|
|
@@ -114,8 +132,20 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
|
|
|
114
132
|
ignoreIllegals: true,
|
|
115
133
|
theme: undefined,
|
|
116
134
|
}));
|
|
135
|
+
findings.push({
|
|
136
|
+
ruleId: rule.id,
|
|
137
|
+
ruleName: rule.name,
|
|
138
|
+
ruleType: rule.type,
|
|
139
|
+
ruleDescription: rule.description,
|
|
140
|
+
ruleAuthor: rule.author,
|
|
141
|
+
ruleTech: rule.tech,
|
|
142
|
+
severity: rule.severity,
|
|
143
|
+
message: message,
|
|
144
|
+
findingLocation: `// ${chunk.id}\n\n${code}`,
|
|
145
|
+
});
|
|
117
146
|
}
|
|
118
147
|
}
|
|
148
|
+
return findings;
|
|
119
149
|
});
|
|
120
150
|
export default esqueryEngine;
|
|
121
|
-
//# sourceMappingURL=
|
|
151
|
+
//# sourceMappingURL=astEngine.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"astEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/astEngine.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,MAAM,MAAM,eAAe,CAAC;AAEnC,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAC1C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC;AACrC,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,yBAAyB,EAAE,MAAM,uDAAuD,CAAC;AAClG,OAAO,EAAE,8BAA8B,EAAE,MAAM,4DAA4D,CAAC;AAC5G,OAAO,EAAE,oBAAoB,EAAE,MAAM,kDAAkD,CAAC;AAGxF,MAAM,aAAa,GAAG,CAAO,IAAU,EAAE,cAAsB,EAA2B,EAAE;;IACxF,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QAChD,qCAAqC;QACrC,MAAM,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE;YACjC,UAAU,EAAE,aAAa;YACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;YAC9B,aAAa,EAAE,IAAI;SACtB,CAAC,CAAC;QAEH,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,SAAS,GAAmD,EAAE,CAAC;QACnE,MAAM,cAAc,GAAa,EAAE,CAAC;QAEpC,wCAAwC;QACxC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,8CAA8C;YAC9C,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;gBAEpC,wEAAwE;gBACxE,MAAM,OAAO,GAAW,OAAO,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;gBAE/C,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;oBACzB,6DAA6D;oBAC7D,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;oBAC5C,UAAU,EAAE,CAAC;gBACjB,CAAC;gBACD,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnC,CAAC;iBAAM,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBACrC,6FAA6F;gBAE7F,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAE7E,IAAI,YAAY,EAAE,CAAC;oBACf,0DAA0D;oBAC1D,IAAI,YAAY,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;wBACzC,IACI,YAAY,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;4BAC/C,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAClD,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,kBAAkB;4BACxD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe;4BAClD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,EAC/C,CAAC;4BACC,IAAI,YAAY,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gCACtC,+CAA+C;gCAC/C,4BAA4B;gCAC5B,IAAI,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oCAClD,qCAAqC;oCACrC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,MAAM,gBAAgB,GAAG,yBAAyB,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;oCAE5E,IAAI,gBAAgB,EAAE,CAAC;wCACnB,eAAe;wCACf,mBAAmB;wCACnB,4DAA4D;wCAC5D,QAAQ;wCACR,KAAK;wCACL,gDAAgD;wCAChD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wCAC9D,UAAU,EAAE,CAAC;wCACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCACnC,CAAC;gCACL,CAAC;qCAAM,IACH,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB;oCACvD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,yBAAyB,EAC9D,CAAC;oCACC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;oCAChE,UAAU,EAAE,CAAC;oCACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCACnC,CAAC;4BACL,CAAC;wBACL,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACnC,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAC3E,MAAM,OAAO,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC;gBAC/C,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,CAAC;gBAEpE,IAAI,YAAY,IAAI,gBAAgB,EAAE,CAAC;oBACnC,MAAM,cAAc,GAAG,8BAA8B,CACjD,YAAY,EACZ,OAAO,EACP,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,qEAAqE;wBACrE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,UAAU,EAAE,CAAC;wBACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACnC,CAAC;gBACL,CAAC;qBAAM,IAAI,YAAY,EAAE,CAAC;oBACtB,MAAM,cAAc,GAAG,oBAAoB,CACvC,YAAY,EACZ,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,qEAAqE;wBACrE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,UAAU,EAAE,CAAC;wBACb,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACnC,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAED,wEAAwE;QACxE,IAAI,UAAU,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACnC,MAAM,OAAO,GAAG,QAAQ,IAAI,CAAC,IAAI,oBAAoB,KAAK,CAAC,EAAE,EAAE,CAAC;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC9E,MAAM,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;YAE5C,sDAAsD;YACtD,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YACvC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;YACxC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;YACpC,CAAC;YAED,OAAO,CAAC,GAAG,CACP,SAAS,CAAC,IAAI,EAAE;gBACZ,QAAQ,EAAE,YAAY;gBACtB,cAAc,EAAE,IAAI;gBACpB,KAAK,EAAE,SAAS;aACnB,CAAC,CACL,CAAC;YAEF,QAAQ,CAAC,IAAI,CAAC;gBACV,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,eAAe,EAAE,IAAI,CAAC,WAAW;gBACjC,UAAU,EAAE,IAAI,CAAC,MAAM;gBACvB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO,EAAE,OAAO;gBAChB,eAAe,EAAE,MAAM,KAAK,CAAC,EAAE,OAAO,IAAI,EAAE;aAC/C,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,aAAa,CAAC"}
|
|
@@ -8,9 +8,10 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
8
8
|
});
|
|
9
9
|
};
|
|
10
10
|
import requestEngine from "./requestEngine.js";
|
|
11
|
-
import
|
|
11
|
+
import astEngine from "./astEngine.js";
|
|
12
12
|
export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(void 0, void 0, void 0, function* () {
|
|
13
13
|
// first of all check what is rule type, and then check if the data for that is available or is undefined
|
|
14
|
+
let findings = [];
|
|
14
15
|
if (rule.type === "request") {
|
|
15
16
|
if (!openapiData) {
|
|
16
17
|
return;
|
|
@@ -22,10 +23,10 @@ export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(voi
|
|
|
22
23
|
}
|
|
23
24
|
}
|
|
24
25
|
if (techValid || tech === "all") {
|
|
25
|
-
requestEngine(rule, openapiData);
|
|
26
|
+
findings.push(...(yield requestEngine(rule, openapiData)));
|
|
26
27
|
}
|
|
27
28
|
}
|
|
28
|
-
else if (rule.type === "
|
|
29
|
+
else if (rule.type === "ast") {
|
|
29
30
|
if (!mappedJsonData) {
|
|
30
31
|
return;
|
|
31
32
|
}
|
|
@@ -36,9 +37,10 @@ export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(voi
|
|
|
36
37
|
}
|
|
37
38
|
}
|
|
38
39
|
if (techValid || tech === "all") {
|
|
39
|
-
|
|
40
|
+
findings.push(...(yield astEngine(rule, mappedJsonData)));
|
|
40
41
|
}
|
|
41
42
|
}
|
|
43
|
+
return findings;
|
|
42
44
|
});
|
|
43
45
|
export default engine;
|
|
44
46
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyze/engine/index.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyze/engine/index.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,SAAS,MAAM,gBAAgB,CAAC;AAGvC,MAAM,CAAC,MAAM,MAAM,GAAG,CAClB,IAAU,EACV,cAAkC,EAClC,WAAoC,EACpC,IAAoB,EACtB,EAAE;IACA,yGAAyG;IAEzG,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1B,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC;IACL,CAAC;SAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,EAAE,CAAC;YAClB,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
|
|
@@ -10,6 +10,7 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
|
|
|
10
10
|
import chalk from "chalk";
|
|
11
11
|
const engine = (rule, openapiData) => __awaiter(void 0, void 0, void 0, function* () {
|
|
12
12
|
var _a;
|
|
13
|
+
let findings = [];
|
|
13
14
|
for (const path in openapiData.paths) {
|
|
14
15
|
const methods = openapiData.paths[path];
|
|
15
16
|
for (const method in methods) {
|
|
@@ -55,21 +56,34 @@ const engine = (rule, openapiData) => __awaiter(void 0, void 0, void 0, function
|
|
|
55
56
|
}
|
|
56
57
|
if (successfulSteps === rule.steps.length) {
|
|
57
58
|
// get the severity of the rule
|
|
59
|
+
const message = `[+] "${rule.name}" found in ${path} [${method.toUpperCase()}]`;
|
|
58
60
|
if (rule.severity === "info") {
|
|
59
|
-
console.log(chalk.cyan(
|
|
61
|
+
console.log(chalk.cyan(message));
|
|
60
62
|
}
|
|
61
63
|
else if (rule.severity === "low") {
|
|
62
|
-
console.log(chalk.yellow(
|
|
64
|
+
console.log(chalk.yellow(message));
|
|
63
65
|
}
|
|
64
66
|
else if (rule.severity === "medium") {
|
|
65
|
-
console.log(chalk.magenta(
|
|
67
|
+
console.log(chalk.magenta(message));
|
|
66
68
|
}
|
|
67
69
|
else if (rule.severity === "high") {
|
|
68
|
-
console.log(chalk.red(
|
|
70
|
+
console.log(chalk.red(message));
|
|
69
71
|
}
|
|
72
|
+
findings.push({
|
|
73
|
+
ruleId: rule.id,
|
|
74
|
+
ruleName: rule.name,
|
|
75
|
+
ruleType: rule.type,
|
|
76
|
+
ruleDescription: rule.description,
|
|
77
|
+
ruleAuthor: rule.author,
|
|
78
|
+
ruleTech: rule.tech,
|
|
79
|
+
severity: rule.severity,
|
|
80
|
+
message: message,
|
|
81
|
+
findingLocation: `${path} [${method.toUpperCase()}]`,
|
|
82
|
+
});
|
|
70
83
|
}
|
|
71
84
|
}
|
|
72
85
|
}
|
|
86
|
+
return findings;
|
|
73
87
|
});
|
|
74
88
|
export default engine;
|
|
75
89
|
//# sourceMappingURL=requestEngine.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"requestEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/requestEngine.ts"],"names":[],"mappings":";;;;;;;;;AAEA,OAAO,KAAK,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"requestEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/requestEngine.ts"],"names":[],"mappings":";;;;;;;;;AAEA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,MAAM,MAAM,GAAG,CAAO,IAAU,EAAE,WAAwB,EAA2B,EAAE;;IACnF,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC;QACnC,MAAM,OAAO,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACxC,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC3B,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC;YAClC,IAAI,CAAC,SAAS;gBAAE,SAAS;YAEzB,IAAI,eAAe,GAAG,CAAC,CAAC;YAExB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;gBAC5B,IAAI,WAAW,GAAG,KAAK,CAAC;gBAExB,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;oBAC9B,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;oBACzD,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;wBACxC,WAAW,GAAG,eAAe,CAAC;oBAClC,CAAC;yBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;wBAC7C,WAAW,GAAG,CAAC,eAAe,CAAC;oBACnC,CAAC;gBACL,CAAC;qBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;oBACzC,MAAM,OAAO,GAAG,MAAA,SAAS,CAAC,UAAU,0CAAE,MAAM,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,KAAK,QAAQ,CAAC,CAAC;oBAE/E,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,UAAU,EAAE,CAAC;wBACxC,IAAI,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;4BACrD,WAAW,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACL,CAAC;yBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;wBAC7C,IAAI,CAAC,CAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA,EAAE,CAAC;4BACtD,WAAW,GAAG,IAAI,CAAC;wBACvB,CAAC;oBACL,CAAC;gBACL,CAAC;qBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;oBACxC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,IAAI,EAAE,CAAC;wBAClC,WAAW,GAAG,MAAM,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;oBAC3E,CAAC;yBAAM,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,KAAK,QAAQ,EAAE,CAAC;wBAC7C,WAAW,GAAG,MAAM,CAAC,WAAW,EAAE,KAAK,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;oBAC3E,CAAC;gBACL,CAAC;gBAED,IAAI,WAAW,EAAE,CAAC;oBACd,eAAe,EAAE,CAAC;gBACtB,CAAC;YACL,CAAC;YAED,IAAI,eAAe,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;gBACxC,+BAA+B;gBAC/B,MAAM,OAAO,GAAG,QAAQ,IAAI,CAAC,IAAI,cAAc,IAAI,KAAK,MAAM,CAAC,WAAW,EAAE,GAAG,CAAC;gBAChF,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;gBACrC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;gBACvC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;gBACxC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;gBACpC,CAAC;gBAED,QAAQ,CAAC,IAAI,CAAC;oBACV,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,eAAe,EAAE,IAAI,CAAC,WAAW;oBACjC,UAAU,EAAE,IAAI,CAAC,MAAM;oBACvB,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO,EAAE,OAAO;oBAChB,eAAe,EAAE,GAAG,IAAI,KAAK,MAAM,CAAC,WAAW,EAAE,GAAG;iBACvD,CAAC,CAAC;YACP,CAAC;QACL,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
|
|
@@ -0,0 +1,27 @@
|
|
|
1
|
+
import _traverse from "@babel/traverse";
|
|
2
|
+
const traverse = _traverse.default;
|
|
3
|
+
export function findDirectAssignment(nodeToFind, scope) {
|
|
4
|
+
let assignmentNode = null;
|
|
5
|
+
traverse(scope, {
|
|
6
|
+
AssignmentExpression(path) {
|
|
7
|
+
// Check if the left-hand side of the assignment matches the nodeToFind
|
|
8
|
+
if (path.node.left.type === "Identifier" &&
|
|
9
|
+
nodeToFind.type === "Identifier" &&
|
|
10
|
+
path.node.left.name === nodeToFind.name) {
|
|
11
|
+
assignmentNode = path.node;
|
|
12
|
+
path.stop(); // Stop traversal once found
|
|
13
|
+
}
|
|
14
|
+
},
|
|
15
|
+
VariableDeclarator(path) {
|
|
16
|
+
// Check if the variable being declared matches the nodeToFind
|
|
17
|
+
if (path.node.id.type === "Identifier" &&
|
|
18
|
+
nodeToFind.type === "Identifier" &&
|
|
19
|
+
path.node.id.name === nodeToFind.name) {
|
|
20
|
+
assignmentNode = path.node;
|
|
21
|
+
path.stop(); // Stop traversal once found
|
|
22
|
+
}
|
|
23
|
+
},
|
|
24
|
+
});
|
|
25
|
+
return assignmentNode;
|
|
26
|
+
}
|
|
27
|
+
//# sourceMappingURL=findDirectAssignment.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"findDirectAssignment.js","sourceRoot":"","sources":["../../../../src/analyze/helpers/engineHelpers/findDirectAssignment.ts"],"names":[],"mappings":"AAAA,OAAO,SAAS,MAAM,iBAAiB,CAAC;AAGxC,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC;AAEnC,MAAM,UAAU,oBAAoB,CAAC,UAAgB,EAAE,KAAW;IAC9D,IAAI,cAAc,GAAgB,IAAI,CAAC;IAEvC,QAAQ,CAAC,KAAK,EAAE;QACZ,oBAAoB,CAAC,IAAI;YACrB,uEAAuE;YACvE,IACI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,YAAY;gBACpC,UAAU,CAAC,IAAI,KAAK,YAAY;gBAChC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,UAAU,CAAC,IAAI,EACzC,CAAC;gBACC,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC;gBAC3B,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,4BAA4B;YAC7C,CAAC;QACL,CAAC;QACD,kBAAkB,CAAC,IAAI;YACnB,8DAA8D;YAC9D,IACI,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,YAAY;gBAClC,UAAU,CAAC,IAAI,KAAK,YAAY;gBAChC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,IAAI,KAAK,UAAU,CAAC,IAAI,EACvC,CAAC;gBACC,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC;gBAC3B,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,4BAA4B;YAC7C,CAAC;QACL,CAAC;KACJ,CAAC,CAAC;IAEH,OAAO,cAAc,CAAC;AAC1B,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import fs from "fs";
|
|
2
|
+
import chalk from "chalk";
|
|
3
|
+
export const generateEngineOutput = (outputFile, findings) => {
|
|
4
|
+
console.log(chalk.cyan("[i] Generating engine output..."));
|
|
5
|
+
fs.writeFileSync(outputFile, JSON.stringify(findings, null, 2));
|
|
6
|
+
console.log(chalk.green("[✓] Engine output generated successfully."));
|
|
7
|
+
};
|
|
8
|
+
//# sourceMappingURL=outputHelper.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"outputHelper.js","sourceRoot":"","sources":["../../../src/analyze/helpers/outputHelper.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,KAAK,MAAM,OAAO,CAAC;AAc1B,MAAM,CAAC,MAAM,oBAAoB,GAAG,CAAC,UAAkB,EAAE,QAAwB,EAAE,EAAE;IACjF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC,CAAC;IAC3D,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC,CAAC;AAC1E,CAAC,CAAC"}
|
|
@@ -25,7 +25,7 @@ const PostMessageFuncResolverStepSchema = z.object({
|
|
|
25
25
|
});
|
|
26
26
|
const checkAssignmentExistStepSchema = z.object({
|
|
27
27
|
name: z.string(),
|
|
28
|
-
type: z.
|
|
28
|
+
type: z.string(),
|
|
29
29
|
memberExpression: z.boolean().optional(),
|
|
30
30
|
});
|
|
31
31
|
const stepSchema = z.object({
|
|
@@ -44,7 +44,7 @@ export const ruleSchema = z.object({
|
|
|
44
44
|
description: z.string(),
|
|
45
45
|
tech: z.array(z.literal("next")),
|
|
46
46
|
severity: z.enum(["info", "low", "medium", "high"]),
|
|
47
|
-
type: z.enum(["request", "
|
|
47
|
+
type: z.enum(["request", "ast"]),
|
|
48
48
|
steps: z.array(stepSchema),
|
|
49
49
|
});
|
|
50
50
|
//# sourceMappingURL=schemas.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../../src/analyze/helpers/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC;IAC9B,CAAC,CAAC,MAAM,CAAC;QACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;QAC1B,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACzC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC;IACF,CAAC,CAAC,MAAM,CAAC;QACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;QACtB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACzC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC;IACF,CAAC,CAAC,MAAM,CAAC;QACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;QACzB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC;CACL,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IAC1B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;CACpB,CAAC,CAAC;AAEH,MAAM,iCAAiC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;CACnB,CAAC,CAAC;AAEH,MAAM,8BAA8B,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"schemas.js","sourceRoot":"","sources":["../../../src/analyze/helpers/schemas.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,iBAAiB,GAAG,CAAC,CAAC,KAAK,CAAC;IAC9B,CAAC,CAAC,MAAM,CAAC;QACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;QAC1B,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACzC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC;IACF,CAAC,CAAC,MAAM,CAAC;QACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC;QACtB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QACzC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC;IACF,CAAC,CAAC,MAAM,CAAC;QACL,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC;QACzB,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACnC,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;KACnB,CAAC;CACL,CAAC,CAAC;AAEH,MAAM,iBAAiB,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,SAAS,CAAC;IAC1B,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;CACpB,CAAC,CAAC;AAEH,MAAM,iCAAiC,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;CACnB,CAAC,CAAC;AAEH,MAAM,8BAA8B,GAAG,CAAC,CAAC,MAAM,CAAC;IAC5C,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,gBAAgB,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE;CAC3C,CAAC,CAAC;AAEH,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IACxB,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE;IACnB,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE;IACxC,OAAO,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IACrC,OAAO,EAAE,iBAAiB,CAAC,QAAQ,EAAE;IACrC,sBAAsB,EAAE,iCAAiC,CAAC,QAAQ,EAAE;IACpE,oBAAoB,EAAE,8BAA8B,CAAC,QAAQ,EAAE;CAClE,CAAC,CAAC;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,CAAC,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,CAAC,MAAM,EAAE;IACd,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE;IACvB,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAChC,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;IACnD,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;IAChC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC;CAC7B,CAAC,CAAC"}
|
package/build/analyze/index.js
CHANGED
|
@@ -14,6 +14,7 @@ import validateRules from "./helpers/validate.js";
|
|
|
14
14
|
import engine from "./engine/index.js";
|
|
15
15
|
import yaml from "yaml";
|
|
16
16
|
import initRules from "./helpers/initRules.js";
|
|
17
|
+
import { generateEngineOutput } from "./helpers/outputHelper.js";
|
|
17
18
|
const availableTechs = {
|
|
18
19
|
next: "Next.js",
|
|
19
20
|
};
|
|
@@ -34,11 +35,11 @@ const getRuleFilesRecursive = (dir) => {
|
|
|
34
35
|
});
|
|
35
36
|
return results;
|
|
36
37
|
};
|
|
37
|
-
const analyze = (rulesPath, mappedJson, tech, list, openapi, validate) => __awaiter(void 0, void 0, void 0, function* () {
|
|
38
|
+
const analyze = (rulesPath, mappedJson, tech, list, openapi, validate, outputFile) => __awaiter(void 0, void 0, void 0, function* () {
|
|
38
39
|
console.log(chalk.cyan(`[i] Loading analyze module...`));
|
|
39
40
|
yield initRules();
|
|
40
41
|
// check if `-r` flag is there. If not, default to `~/.js-recon/rules`
|
|
41
|
-
if (!rulesPath) {
|
|
42
|
+
if (!rulesPath || rulesPath === "") {
|
|
42
43
|
rulesPath = path.join(process.env.HOME, "/.js-recon/rules");
|
|
43
44
|
}
|
|
44
45
|
// check if `rules` exists
|
|
@@ -104,12 +105,19 @@ const analyze = (rulesPath, mappedJson, tech, list, openapi, validate) => __awai
|
|
|
104
105
|
console.log(chalk.green(`[✓] OpenAPI spec loaded successfully`));
|
|
105
106
|
}
|
|
106
107
|
// iterate over the ruleFiles
|
|
108
|
+
let ruleFindings = [];
|
|
107
109
|
for (const ruleFile of ruleFiles) {
|
|
108
110
|
// load the rule
|
|
109
111
|
const rule = yaml.parse(fs.readFileSync(ruleFile, "utf8"));
|
|
110
112
|
// run the rule
|
|
111
|
-
yield engine(rule, mappedJsonData, openapiData, tech);
|
|
113
|
+
const engineFindings = yield engine(rule, mappedJsonData, openapiData, tech);
|
|
114
|
+
// add findings to the global findings
|
|
115
|
+
if (engineFindings) {
|
|
116
|
+
ruleFindings.push(...engineFindings);
|
|
117
|
+
}
|
|
112
118
|
}
|
|
119
|
+
// generate the engine output
|
|
120
|
+
generateEngineOutput(outputFile, ruleFindings);
|
|
113
121
|
});
|
|
114
122
|
export default analyze;
|
|
115
123
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/analyze/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,aAAa,MAAM,uBAAuB,CAAC;AAElD,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,OAAO,SAAS,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/analyze/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,aAAa,MAAM,uBAAuB,CAAC;AAElD,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,OAAO,SAAS,MAAM,wBAAwB,CAAC;AAC/C,OAAO,EAAgB,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAE/E,MAAM,cAAc,GAAG;IACnB,IAAI,EAAE,SAAS;CAClB,CAAC;AAEF,MAAM,qBAAqB,GAAG,CAAC,GAAW,EAAY,EAAE;IACpD,IAAI,OAAO,GAAa,EAAE,CAAC;IAC3B,MAAM,IAAI,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI;QACvB,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC5B,MAAM,IAAI,GAAG,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC/B,IAAI,IAAI,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YAC7B,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC;QAC1D,CAAC;aAAM,CAAC;YACJ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAClD,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACvB,CAAC;QACL,CAAC;IACL,CAAC,CAAC,CAAC;IACH,OAAO,OAAO,CAAC;AACnB,CAAC,CAAC;AAEF,MAAM,OAAO,GAAG,CACZ,SAAiB,EACjB,UAAkB,EAClB,IAAY,EACZ,IAAa,EACb,OAAe,EACf,QAAiB,EACjB,UAAkB,EACpB,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC,CAAC;IAEzD,MAAM,SAAS,EAAE,CAAC;IAElB,sEAAsE;IACtE,IAAI,CAAC,SAAS,IAAI,SAAS,KAAK,EAAE,EAAE,CAAC;QACjC,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAChE,CAAC;IAED,0BAA0B;IAC1B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,SAAS,iBAAiB,CAAC,CAAC,CAAC;QAChE,OAAO;IACX,CAAC;IAED,uEAAuE;IACvE,IAAI,SAAS,GAAa,EAAE,CAAC;IAE7B,IAAI,EAAE,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,EAAE,CAAC;QACxC,SAAS,GAAG,qBAAqB,CAAC,SAAS,CAAC,CAAC;IACjD,CAAC;SAAM,CAAC;QACJ,SAAS,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5B,CAAC;IAED,gCAAgC;IAChC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,SAAS,CAAC,CAAC;IAEpD,IAAI,CAAC,YAAY,EAAE,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAC;QACrD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC,CAAC;QACpD,OAAO;IACX,CAAC;IAED,qEAAqE;IACrE,IAAI,IAAI,EAAE,CAAC;QACP,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC,CAAC;QAC/D,KAAK,MAAM,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,EAAE,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,KAAK,KAAK,EAAE,CAAC,CAAC,CAAC;QACnD,CAAC;QACD,OAAO;IACX,CAAC;IAED,kCAAkC;IAClC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0BAA0B,IAAI,GAAG,CAAC,CAAC,CAAC;QAC1D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,sDAAsD,CAAC,CAAC,CAAC;QAClF,OAAO;IACX,CAAC;IAED,yDAAyD;IACzD,IAAI,CAAC,UAAU,IAAI,CAAC,OAAO,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC,CAAC;QAC1E,OAAO;IACX,CAAC;IAED,uEAAuE;IACvE,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,mBAAmB,UAAU,iBAAiB,CAAC,CAAC,CAAC;QACvE,OAAO;IACX,CAAC;IACD,IAAI,OAAO,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACrC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,oBAAoB,OAAO,iBAAiB,CAAC,CAAC,CAAC;QACrE,OAAO;IACX,CAAC;IAED,6CAA6C;IAC7C,IAAI,cAAkC,CAAC;IACvC,IAAI,WAAoC,CAAC;IACzC,IAAI,UAAU,EAAE,CAAC;QACb,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC,CAAC;IACpE,CAAC;IACD,IAAI,OAAO,EAAE,CAAC;QACV,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,6BAA6B;IAC7B,IAAI,YAAY,GAAmB,EAAE,CAAC;IACtC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QAC/B,gBAAgB;QAChB,MAAM,IAAI,GAAS,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC,CAAC;QAEjE,eAAe;QACf,MAAM,cAAc,GAAmB,MAAM,MAAM,CAAC,IAAI,EAAE,cAAc,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;QAE7F,sCAAsC;QACtC,IAAI,cAAc,EAAE,CAAC;YACjB,YAAY,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;QACzC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,oBAAoB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;AACnD,CAAC,CAAA,CAAC;AAEF,eAAe,OAAO,CAAC"}
|
package/build/globalConfig.js
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
const githubURL = "https://github.com/shriyanss/js-recon";
|
|
2
2
|
const modulesDocs = "https://js-recon.io/docs/category/modules";
|
|
3
|
-
const version = "1.1
|
|
3
|
+
const version = "1.2.1-alpha.1";
|
|
4
4
|
const toolDesc = "JS Recon Tool";
|
|
5
5
|
const axiosNonHttpMethods = ["isAxiosError"]; // methods available in axios, which are not for making HTTP requests
|
|
6
6
|
let CONFIG = {
|
package/build/index.js
CHANGED
|
@@ -20,6 +20,7 @@ import refactor from "./refactor/index.js";
|
|
|
20
20
|
import run from "./run/index.js";
|
|
21
21
|
import chalk from "chalk";
|
|
22
22
|
import analyze from "./analyze/index.js";
|
|
23
|
+
import report from "./report/index.js";
|
|
23
24
|
program.version(CONFIG.version).description(CONFIG.toolDesc);
|
|
24
25
|
const validAiOptions = ["description"];
|
|
25
26
|
program
|
|
@@ -37,13 +38,14 @@ program
|
|
|
37
38
|
.option("--cache-file <file>", "File to store response cache", ".resp_cache.json")
|
|
38
39
|
.option("--disable-cache", "Disable response caching", false)
|
|
39
40
|
.option("-y, --yes", "Auto-approve executing JS code from the target", false)
|
|
41
|
+
.option("-k, --insecure", "Disable SSL certificate verification", false)
|
|
40
42
|
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
41
43
|
globalsUtil.setApiGatewayConfigFile(cmd.apiGatewayConfig);
|
|
42
44
|
globalsUtil.setUseApiGateway(cmd.apiGateway);
|
|
43
45
|
globalsUtil.setDisableCache(cmd.disableCache);
|
|
44
46
|
globalsUtil.setRespCacheFile(cmd.cacheFile);
|
|
45
47
|
globalsUtil.setYes(cmd.yes);
|
|
46
|
-
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), Number(cmd.threads), cmd.subsequentRequests, cmd.urlsFile);
|
|
48
|
+
yield lazyLoad(cmd.url, cmd.output, cmd.strictScope, cmd.scope.split(","), Number(cmd.threads), cmd.subsequentRequests, cmd.urlsFile, cmd.insecure);
|
|
47
49
|
}));
|
|
48
50
|
program
|
|
49
51
|
.command("endpoints")
|
|
@@ -149,8 +151,21 @@ program
|
|
|
149
151
|
.option("--openapi <file>", "Path to OpenAPI spec file")
|
|
150
152
|
.option("-l, --list", "List available technologies", false)
|
|
151
153
|
.option("--validate", "Validate the rules", false)
|
|
154
|
+
.option("-o, --output <file>", "Output JSON file name", "analyze.json")
|
|
152
155
|
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
153
|
-
yield analyze(cmd.rules, cmd.mappedJson, cmd.tech, cmd.list, cmd.openapi, cmd.validate);
|
|
156
|
+
yield analyze(cmd.rules, cmd.mappedJson, cmd.tech, cmd.list, cmd.openapi, cmd.validate, cmd.output);
|
|
157
|
+
}));
|
|
158
|
+
program
|
|
159
|
+
.command("report")
|
|
160
|
+
.description("Generate a report")
|
|
161
|
+
.option("-s, --sqlite-db <file>", "SQLite database file", "js-recon.db")
|
|
162
|
+
.option("-m, --mapped-json <file>", "Mapped JSON file")
|
|
163
|
+
.option("-a, --analyze-json <file>", "Analyze JSON file")
|
|
164
|
+
.option("-e, --endpoints-json <file>", "Endpoints JSON file")
|
|
165
|
+
.option("--map-openapi, --mapped-openapi-json <file>", "Mapped OpenAPI JSON file")
|
|
166
|
+
.option("-o, --output <file>", "Output file name (without the extension)", "report")
|
|
167
|
+
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
168
|
+
yield report(cmd.sqliteDb, cmd.mappedJson, cmd.analyzeJson, cmd.endpointsJson, cmd.mappedOpenapiJson, cmd.output);
|
|
154
169
|
}));
|
|
155
170
|
program
|
|
156
171
|
.command("run")
|
|
@@ -172,9 +187,8 @@ program
|
|
|
172
187
|
.option("--ai-endpoint <endpoint>", "Endpoint to use for AI service (for Ollama, etc)")
|
|
173
188
|
.option("--openai-api-key <key>", "OpenAI API key")
|
|
174
189
|
.option("--model <model>", "AI model to use", "gpt-4o-mini")
|
|
175
|
-
.option("--map-openapi", "Generate OpenAPI spec from the code (map module)", false)
|
|
176
|
-
.option("--map-openapi-output <file>", "Output file for OpenAPI spec (map module)", "mapped-openapi.json")
|
|
177
190
|
.option("--map-openapi-chunk-tag", "Add chunk ID tag to OpenAPI spec for each request found (map module)", false)
|
|
191
|
+
.option("--insecure", "Disable SSL certificate verification", false)
|
|
178
192
|
.action((cmd) => __awaiter(void 0, void 0, void 0, function* () {
|
|
179
193
|
var _a;
|
|
180
194
|
globalsUtil.setAi(((_a = cmd.ai) === null || _a === void 0 ? void 0 : _a.split(",")) || []);
|
|
@@ -184,8 +198,6 @@ program
|
|
|
184
198
|
globalsUtil.setAiThreads(cmd.aiThreads);
|
|
185
199
|
if (cmd.aiEndpoint)
|
|
186
200
|
globalsUtil.setAiEndpoint(cmd.aiEndpoint);
|
|
187
|
-
globalsUtil.setOpenapi(cmd.mapOpenapi);
|
|
188
|
-
globalsUtil.setOpenapiOutputFile(cmd.mapOpenapiOutput);
|
|
189
201
|
globalsUtil.setOpenapiChunkTag(cmd.mapOpenapiChunkTag);
|
|
190
202
|
// validate AI options
|
|
191
203
|
if (globalsUtil.getAi().length !== 0) {
|
package/build/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,SAAS,MAAM,sBAAsB,CAAC;AAC7C,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,OAAO,MAAM,oBAAoB,CAAC;AACzC,OAAO,UAAU,MAAM,wBAAwB,CAAC;AAChD,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,WAAW,MAAM,sBAAsB,CAAC;AACpD,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,OAAO,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";;;;;;;;;;AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,SAAS,MAAM,sBAAsB,CAAC;AAC7C,OAAO,MAAM,MAAM,mBAAmB,CAAC;AACvC,OAAO,OAAO,MAAM,oBAAoB,CAAC;AACzC,OAAO,UAAU,MAAM,wBAAwB,CAAC;AAChD,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,WAAW,MAAM,sBAAsB,CAAC;AACpD,OAAO,QAAQ,MAAM,qBAAqB,CAAC;AAC3C,OAAO,GAAG,MAAM,gBAAgB,CAAC;AACjC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,OAAO,MAAM,oBAAoB,CAAC;AACzC,OAAO,MAAM,MAAM,mBAAmB,CAAC;AAEvC,OAAO,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;AAC7D,MAAM,cAAc,GAAG,CAAC,aAAa,CAAC,CAAC;AAEvC,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,sBAAsB,CAAC;KACnC,cAAc,CAAC,sBAAsB,EAAE,+DAA+D,CAAC;KACvG,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,QAAQ,CAAC;KAChE,MAAM,CAAC,gBAAgB,EAAE,kDAAkD,EAAE,KAAK,CAAC;KACnF,MAAM,CAAC,qBAAqB,EAAE,2DAA2D,EAAE,GAAG,CAAC;KAC/F,MAAM,CAAC,yBAAyB,EAAE,0BAA0B,EAAE,GAAG,CAAC;KAClE,MAAM,CAAC,uBAAuB,EAAE,2DAA2D,EAAE,KAAK,CAAC;KACnG,MAAM,CAAC,oBAAoB,EAAE,iCAAiC,EAAE,qBAAqB,CAAC;KACtF,MAAM,CAAC,eAAe,EAAE,qCAAqC,EAAE,KAAK,CAAC;KACrE,MAAM,CAAC,6BAA6B,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;KAC5F,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,EAAE,kBAAkB,CAAC;KACjF,MAAM,CAAC,iBAAiB,EAAE,0BAA0B,EAAE,KAAK,CAAC;KAC5D,MAAM,CAAC,WAAW,EAAE,gDAAgD,EAAE,KAAK,CAAC;KAC5E,MAAM,CAAC,gBAAgB,EAAE,sCAAsC,EAAE,KAAK,CAAC;KACvE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,WAAW,CAAC,uBAAuB,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC;IAC1D,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC7C,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,gBAAgB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5C,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;IAC5B,MAAM,QAAQ,CACV,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EACpB,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,EACnB,GAAG,CAAC,kBAAkB,EACtB,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,QAAQ,CACf,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,WAAW,CAAC;KACpB,WAAW,CAAC,+BAA+B,CAAC;KAC5C,MAAM,CAAC,iBAAiB,EAAE,0DAA0D,CAAC;KACrF,MAAM,CAAC,6BAA6B,EAAE,+BAA+B,CAAC;KACtE,MAAM,CAAC,yBAAyB,EAAE,0CAA0C,EAAE,WAAW,CAAC;KAC1F,MAAM,CAAC,0BAA0B,EAAE,iEAAiE,EAAE,MAAM,CAAC;KAC7G,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,sBAAsB,EAAE,gCAAgC,CAAC;KAChE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,SAAS,CACX,GAAG,CAAC,GAAG,EACP,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,EAC3B,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,UAAU,CACjB,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,+BAA+B,CAAC;KAC5C,cAAc,CAAC,6BAA6B,EAAE,+BAA+B,CAAC;KAC9E,MAAM,CAAC,qBAAqB,EAAE,+BAA+B,EAAE,cAAc,CAAC;KAC9E,MAAM,CAAC,oBAAoB,EAAE,2BAA2B,EAAE,KAAK,CAAC;KAChE,MAAM,CACH,6BAA6B,EAC7B,8DAA8D,EAC9D,gBAAgB,CACnB;KACA,MAAM,CAAC,iBAAiB,EAAE,gCAAgC,EAAE,KAAK,CAAC;KAClE,MAAM,CAAC,WAAW,EAAE,qDAAqD,EAAE,KAAK,CAAC;KACjF,MAAM,CAAC,oBAAoB,EAAE,kBAAkB,EAAE,KAAK,CAAC;KACvD,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,OAAO,CACT,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,gBAAgB,EACpB,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,OAAO,CACd,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,aAAa,CAAC;KACtB,WAAW,CAAC,kDAAkD,CAAC;KAC/D,MAAM,CAAC,YAAY,EAAE,yCAAyC,EAAE,KAAK,CAAC;KACtE,MAAM,CAAC,oBAAoB,EAAE,+BAA+B,CAAC;KAC7D,MAAM,CAAC,eAAe,EAAE,yDAAyD,EAAE,KAAK,CAAC;KACzF,MAAM,CAAC,uBAAuB,EAAE,qCAAqC,CAAC;KACtE,MAAM,CACH,+BAA+B,EAC/B,uFAAuF,CAC1F;KACA,MAAM,CACH,+BAA+B,EAC/B,2FAA2F,CAC9F;KACA,MAAM,CAAC,uBAAuB,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;KACtF,MAAM,CAAC,YAAY,EAAE,uCAAuC,EAAE,KAAK,CAAC;KACpE,MAAM,CAAC,eAAe,EAAE,kCAAkC,EAAE,KAAK,CAAC;KAClE,MAAM,CAAC,yBAAyB,EAAE,6BAA6B,CAAC;KAChE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,WAAW,CAAC,uBAAuB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAChD,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACnC,MAAM,UAAU,CACZ,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,OAAO,EACX,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,IAAI,EACR,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,SAAS,EACb,GAAG,CAAC,MAAM,EACV,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,cAAc,CACrB,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,uBAAuB,CAAC;KACpC,MAAM,CAAC,6BAA6B,EAAE,+BAA+B,CAAC;KACtE,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,qBAAqB,EAAE,sCAAsC,EAAE,QAAQ,CAAC;KAC/E,MAAM,CAAC,uBAAuB,EAAE,iEAAiE,EAAE,MAAM,CAAC;KAC1G,MAAM,CAAC,mBAAmB,EAAE,kBAAkB,EAAE,KAAK,CAAC;KACtD,MAAM,CAAC,gBAAgB,EAAE,sEAAsE,CAAC;KAChG,MAAM,CAAC,wBAAwB,EAAE,iCAAiC,EAAE,GAAG,CAAC;KACxE,MAAM,CAAC,0BAA0B,EAAE,4DAA4D,EAAE,QAAQ,CAAC;KAC1G,MAAM,CAAC,0BAA0B,EAAE,kDAAkD,CAAC;KACtF,MAAM,CAAC,wBAAwB,EAAE,gBAAgB,CAAC;KAClD,MAAM,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,CAAC;KAC3D,MAAM,CAAC,WAAW,EAAE,qCAAqC,EAAE,KAAK,CAAC;KACjE,MAAM,CAAC,yBAAyB,EAAE,8BAA8B,EAAE,qBAAqB,CAAC;KACxF,MAAM,CAAC,qBAAqB,EAAE,yDAAyD,EAAE,KAAK,CAAC;KAC/F,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;;IAClB,WAAW,CAAC,KAAK,CAAC,CAAA,MAAA,GAAG,CAAC,EAAE,0CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE,CAAC,CAAC;IAC5C,WAAW,CAAC,oBAAoB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACjD,WAAW,CAAC,kBAAkB,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;IACpD,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClC,IAAI,GAAG,CAAC,UAAU;QAAE,WAAW,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9D,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;IACpC,WAAW,CAAC,oBAAoB,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAEpD,sBAAsB;IACtB,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,KAAK,EAAE,EAAE,CAAC;YACvC,IAAI,MAAM,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC,CAAC;gBAC3D,OAAO;YACX,CAAC;QACL,CAAC;IACL,CAAC;IACD,MAAM,GAAG,CAAC,GAAG,CAAC,SAAS,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,WAAW,CAAC,CAAC;AACrG,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,UAAU,CAAC;KACnB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,aAAa,CAAC;KACrE,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,mBAAmB,CAAC;KAC3E,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,QAAQ,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;AACnE,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,SAAS,CAAC;KAClB,WAAW,CAAC,kBAAkB,CAAC;KAC/B,MAAM,CAAC,wBAAwB,EAAE,yBAAyB,CAAC;KAC3D,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,aAAa,CAAC;KACrE,MAAM,CAAC,mBAAmB,EAAE,+EAA+E,CAAC;KAC5G,MAAM,CAAC,kBAAkB,EAAE,2BAA2B,CAAC;KACvD,MAAM,CAAC,YAAY,EAAE,6BAA6B,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,YAAY,EAAE,oBAAoB,EAAE,KAAK,CAAC;KACjD,MAAM,CAAC,qBAAqB,EAAE,uBAAuB,EAAE,cAAc,CAAC;KACtE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,QAAQ,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;AACxG,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,mBAAmB,CAAC;KAChC,MAAM,CAAC,wBAAwB,EAAE,sBAAsB,EAAE,aAAa,CAAC;KACvE,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,CAAC;KACtD,MAAM,CAAC,2BAA2B,EAAE,mBAAmB,CAAC;KACxD,MAAM,CAAC,6BAA6B,EAAE,qBAAqB,CAAC;KAC5D,MAAM,CAAC,6CAA6C,EAAE,0BAA0B,CAAC;KACjF,MAAM,CAAC,qBAAqB,EAAE,0CAA0C,EAAE,QAAQ,CAAC;KACnF,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;IAClB,MAAM,MAAM,CACR,GAAG,CAAC,QAAQ,EACZ,GAAG,CAAC,UAAU,EACd,GAAG,CAAC,WAAW,EACf,GAAG,CAAC,aAAa,EACjB,GAAG,CAAC,iBAAiB,EACrB,GAAG,CAAC,MAAM,CACb,CAAC;AACN,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO;KACF,OAAO,CAAC,KAAK,CAAC;KACd,WAAW,CAAC,iBAAiB,CAAC;KAC9B,cAAc,CAAC,iBAAiB,EAAE,YAAY,CAAC;KAC/C,MAAM,CAAC,0BAA0B,EAAE,kBAAkB,EAAE,QAAQ,CAAC;KAChE,MAAM,CAAC,gBAAgB,EAAE,kDAAkD,EAAE,KAAK,CAAC;KACnF,MAAM,CAAC,qBAAqB,EAAE,2DAA2D,EAAE,GAAG,CAAC;KAC/F,MAAM,CAAC,yBAAyB,EAAE,0BAA0B,EAAE,GAAG,CAAC;KAClE,MAAM,CAAC,eAAe,EAAE,qCAAqC,EAAE,KAAK,CAAC;KACrE,MAAM,CAAC,6BAA6B,EAAE,yBAAyB,EAAE,0BAA0B,CAAC;KAC5F,MAAM,CAAC,qBAAqB,EAAE,8BAA8B,EAAE,kBAAkB,CAAC;KACjF,MAAM,CAAC,iBAAiB,EAAE,0BAA0B,EAAE,KAAK,CAAC;KAC5D,MAAM,CAAC,WAAW,EAAE,gDAAgD,EAAE,KAAK,CAAC;KAC5E,MAAM,CAAC,WAAW,EAAE,kBAAkB,EAAE,KAAK,CAAC;KAC9C,MAAM,CAAC,gBAAgB,EAAE,sEAAsE,CAAC;KAChG,MAAM,CAAC,wBAAwB,EAAE,iCAAiC,EAAE,GAAG,CAAC;KACxE,MAAM,CAAC,0BAA0B,EAAE,4DAA4D,EAAE,QAAQ,CAAC;KAC1G,MAAM,CAAC,0BAA0B,EAAE,kDAAkD,CAAC;KACtF,MAAM,CAAC,wBAAwB,EAAE,gBAAgB,CAAC;KAClD,MAAM,CAAC,iBAAiB,EAAE,iBAAiB,EAAE,aAAa,CAAC;KAC3D,MAAM,CAAC,yBAAyB,EAAE,sEAAsE,EAAE,KAAK,CAAC;KAChH,MAAM,CAAC,YAAY,EAAE,sCAAsC,EAAE,KAAK,CAAC;KACnE,MAAM,CAAC,CAAO,GAAG,EAAE,EAAE;;IAClB,WAAW,CAAC,KAAK,CAAC,CAAA,MAAA,GAAG,CAAC,EAAE,0CAAE,KAAK,CAAC,GAAG,CAAC,KAAI,EAAE,CAAC,CAAC;IAC5C,WAAW,CAAC,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;IAC9C,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClC,WAAW,CAAC,oBAAoB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IACjD,WAAW,CAAC,YAAY,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACxC,IAAI,GAAG,CAAC,UAAU;QAAE,WAAW,CAAC,aAAa,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9D,WAAW,CAAC,kBAAkB,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAEvD,sBAAsB;IACtB,IAAI,WAAW,CAAC,KAAK,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACnC,KAAK,MAAM,MAAM,IAAI,WAAW,CAAC,KAAK,EAAE,EAAE,CAAC;YACvC,IAAI,MAAM,KAAK,EAAE,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACpD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0BAA0B,MAAM,EAAE,CAAC,CAAC,CAAC;gBAC3D,OAAO;YACX,CAAC;QACL,CAAC;IACL,CAAC;IACD,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;AACnB,CAAC,CAAA,CAAC,CAAC;AAEP,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC"}
|
package/build/lazyLoad/index.js
CHANGED
|
@@ -48,11 +48,15 @@ import * as globals from "../utility/globals.js";
|
|
|
48
48
|
* @param {string} urlsFile - The JSON file containing additional URLs for subsequent requests.
|
|
49
49
|
* @returns {Promise<void>}
|
|
50
50
|
*/
|
|
51
|
-
const lazyLoad = (url, output, strictScope, inputScope, threads, subsequentRequestsFlag, urlsFile) => __awaiter(void 0, void 0, void 0, function* () {
|
|
51
|
+
const lazyLoad = (url, output, strictScope, inputScope, threads, subsequentRequestsFlag, urlsFile, insecure) => __awaiter(void 0, void 0, void 0, function* () {
|
|
52
52
|
console.log(chalk.cyan("[i] Loading 'Lazy Load' module"));
|
|
53
53
|
if (process.env.IS_DOCKER === "true") {
|
|
54
54
|
console.log(chalk.yellow("[!] Running in Docker. Browser sandbox disabled"));
|
|
55
55
|
}
|
|
56
|
+
if (insecure) {
|
|
57
|
+
process.env.NODE_TLS_REJECT_UNAUTHORIZED = "0";
|
|
58
|
+
console.log(chalk.yellow("[!] Running in insecure mode. SSL certificate verification disabled"));
|
|
59
|
+
}
|
|
56
60
|
// if cache enabled, check if the cache file exists or not. If no, then create a new one
|
|
57
61
|
if (!globals.getDisableCache()) {
|
|
58
62
|
if (!fs.existsSync(globals.getRespCacheFile())) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lazyLoad/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,eAAe,MAAM,wBAAwB,CAAC;AACrD,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,SAAS,MAAM,iBAAiB,CAAC;AACxC,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAE1B,UAAU;AACV,OAAO,kBAAkB,MAAM,sCAAsC,CAAC;AACtE,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAC7D,OAAO,8BAA8B,MAAM,6CAA6C,CAAC;AACzF,OAAO,oCAAoC,MAAM,mDAAmD,CAAC;AAErG,UAAU;AACV,OAAO,sBAAsB,MAAM,qCAAqC,CAAC;AACzE,OAAO,0BAA0B,MAAM,yCAAyC,CAAC;AACjF,OAAO,aAAa,MAAM,4BAA4B,CAAC;AAEvD,SAAS;AACT,OAAO,wBAAwB,MAAM,sCAAsC,CAAC;AAC5E,OAAO,4BAA4B,MAAM,0CAA0C,CAAC;AAEpF,UAAU;AACV,OAAO,aAAa,MAAM,wBAAwB,CAAC;AACnD,OAAO,gBAAgB,MAAM,2BAA2B,CAAC;AAEzD,qBAAqB;AACrB,OAAO,KAAK,eAAe,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,OAAO,MAAM,uBAAuB,CAAC;AAEjD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,QAAQ,GAAG,CACb,GAAW,EACX,MAAc,EACd,WAAoB,EACpB,UAAc,EACd,OAAe,EACf,sBAA+B,EAC/B,QAAgB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/lazyLoad/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,eAAe,MAAM,wBAAwB,CAAC;AACrD,OAAO,MAAM,MAAM,oBAAoB,CAAC;AACxC,OAAO,SAAS,MAAM,iBAAiB,CAAC;AACxC,MAAM,QAAQ,GAAG,SAAS,CAAC,OAAO,CAAC;AACnC,OAAO,EAAE,GAAG,EAAE,MAAM,KAAK,CAAC;AAE1B,UAAU;AACV,OAAO,kBAAkB,MAAM,sCAAsC,CAAC;AACtE,OAAO,gBAAgB,MAAM,+BAA+B,CAAC;AAC7D,OAAO,8BAA8B,MAAM,6CAA6C,CAAC;AACzF,OAAO,oCAAoC,MAAM,mDAAmD,CAAC;AAErG,UAAU;AACV,OAAO,sBAAsB,MAAM,qCAAqC,CAAC;AACzE,OAAO,0BAA0B,MAAM,yCAAyC,CAAC;AACjF,OAAO,aAAa,MAAM,4BAA4B,CAAC;AAEvD,SAAS;AACT,OAAO,wBAAwB,MAAM,sCAAsC,CAAC;AAC5E,OAAO,4BAA4B,MAAM,0CAA0C,CAAC;AAEpF,UAAU;AACV,OAAO,aAAa,MAAM,wBAAwB,CAAC;AACnD,OAAO,gBAAgB,MAAM,2BAA2B,CAAC;AAEzD,qBAAqB;AACrB,OAAO,KAAK,eAAe,MAAM,cAAc,CAAC;AAChD,OAAO,KAAK,OAAO,MAAM,uBAAuB,CAAC;AAEjD;;;;;;;;;;;;;;;GAeG;AACH,MAAM,QAAQ,GAAG,CACb,GAAW,EACX,MAAc,EACd,WAAoB,EACpB,UAAc,EACd,OAAe,EACf,sBAA+B,EAC/B,QAAgB,EAChB,QAAiB,EACnB,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;IAE1D,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,KAAK,MAAM,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,iDAAiD,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,4BAA4B,GAAG,GAAG,CAAC;QAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,qEAAqE,CAAC,CAAC,CAAC;IACrG,CAAC;IAED,wFAAwF;IACxF,IAAI,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC;QAC7B,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC,gBAAgB,EAAE,CAAC,EAAE,CAAC;YAC7C,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,IAAI,CAAC,CAAC;QACvD,CAAC;IACL,CAAC;IAED,IAAI,IAAI,CAAC;IAET,oCAAoC;IACpC,IAAI,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACrB,IAAI,GAAG,EAAE,CAAC,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAChD,yBAAyB;QACzB,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC;IACnD,CAAC;SAAM,IAAI,GAAG,CAAC,KAAK,CAAC,+BAA+B,CAAC,EAAE,CAAC;QACpD,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;IACjB,CAAC;SAAM,CAAC;QACJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACvD,OAAO;IACX,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,kBAAkB,GAAG,EAAE,CAAC,CAAC,CAAC;QAEjD,IAAI,WAAW,EAAE,CAAC;YACd,eAAe,CAAC,WAAW,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;QACnD,CAAC;aAAM,CAAC;YACJ,eAAe,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACzC,CAAC;QAED,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;QAExC,MAAM,IAAI,GAAG,MAAM,eAAe,CAAC,GAAG,CAAC,CAAC;QACxC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;QAE9C,IAAI,IAAI,EAAE,CAAC;YACP,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAExD,+CAA+C;gBAC/C,MAAM,oBAAoB,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;gBAEzD,qBAAqB;gBACrB,MAAM,wBAAwB,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;gBAC3E,MAAM,8BAA8B,GAAG,MAAM,oCAAoC,CAAC,GAAG,CAAC,CAAC;gBACvF,IAAI,mCAAmC,CAAC;gBAExC,IAAI,sBAAsB,EAAE,CAAC;oBACzB,wCAAwC;oBACxC,mCAAmC,GAAG,MAAM,kBAAkB,CAC1D,GAAG,EACH,QAAQ,EACR,OAAO,EACP,MAAM,EACN,eAAe,CAAC,SAAS,EAAE,CAAC,0BAA0B;qBACzD,CAAC;gBACN,CAAC;gBAED,yBAAyB;gBACzB,yBAAyB;gBACzB,IAAI,iBAAiB,GAAmB;oBACpC,GAAG,CAAC,oBAAoB,IAAI,EAAE,CAAC;oBAC/B,GAAG,CAAC,wBAAwB,IAAI,EAAE,CAAC;oBACnC,GAAG,CAAC,8BAA8B,IAAI,EAAE,CAAC;oBACzC,GAAG,CAAC,mCAAmC,IAAI,EAAE,CAAC;iBACjD,CAAC;gBACF,sGAAsG;gBACtG,8EAA8E;gBAC9E,mGAAmG;gBACnG,yFAAyF;gBACzF,iBAAiB,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,SAAS,EAAE,CAAC,CAAC;gBAEvD,sEAAsE;gBACtE,iBAAiB,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,WAAW,EAAE,CAAC,CAAC;gBAEzD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,MAAM,aAAa,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;gBAC7B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;YAC5D,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAC9B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC,CAAC;gBACjD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAExD,IAAI,iBAAiB,GAAa,EAAE,CAAC;gBAErC,sCAAsC;gBACtC,MAAM,qBAAqB,GAAG,MAAM,sBAAsB,CAAC,GAAG,CAAC,CAAC;gBAChE,MAAM,yBAAyB,GAAG,MAAM,0BAA0B,CAAC,GAAG,CAAC,CAAC;gBAExE,iBAAiB,CAAC,IAAI,CAAC,GAAG,qBAAqB,CAAC,CAAC;gBACjD,iBAAiB,CAAC,IAAI,CAAC,GAAG,yBAAyB,CAAC,CAAC;gBACrD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,IAAI,cAAc,GAAG,EAAE,CAAC;gBACxB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC,CAAC;gBACtE,KAAK,MAAM,MAAM,IAAI,iBAAiB,EAAE,CAAC;oBACrC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBAC1D,CAAC;gBAED,iBAAiB,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;gBAE1C,iBAAiB,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,SAAS,EAAE,CAAC,CAAC;gBAEvD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,MAAM,aAAa,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;YACnD,CAAC;iBAAM,IAAI,IAAI,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC,CAAC;gBAChD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,aAAa,IAAI,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAExD,IAAI,iBAAiB,GAAG,EAAE,CAAC;gBAE3B,sCAAsC;gBACtC,MAAM,qBAAqB,GAAG,MAAM,wBAAwB,CAAC,GAAG,CAAC,CAAC;gBAClE,iBAAiB,CAAC,IAAI,CAAC,GAAG,qBAAqB,CAAC,CAAC;gBAEjD,0BAA0B;gBAC1B,MAAM,yBAAyB,GAAG,MAAM,4BAA4B,CAAC,GAAG,CAAC,CAAC;gBAC1E,iBAAiB,CAAC,IAAI,CAAC,GAAG,yBAAyB,CAAC,CAAC;gBAErD,mBAAmB;gBACnB,iBAAiB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC;gBAEpD,MAAM,aAAa,CAAC,iBAAiB,EAAE,MAAM,CAAC,CAAC;YACnD,CAAC;QACL,CAAC;aAAM,CAAC;YACJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC,CAAC;YACxD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,wCAAwC,CAAC,CAAC,CAAC;YACpE,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,GAAG,CAAC,CAAC;YAC5C,IAAI,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAChC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,OAAO,CAAC,MAAM,YAAY,CAAC,CAAC,CAAC;gBAClE,MAAM,aAAa,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACzC,CAAC;QACL,CAAC;IACL,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,QAAQ,CAAC"}
|
|
@@ -0,0 +1,53 @@
|
|
|
1
|
+
var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, generator) {
|
|
2
|
+
function adopt(value) { return value instanceof P ? value : new P(function (resolve) { resolve(value); }); }
|
|
3
|
+
return new (P || (P = Promise))(function (resolve, reject) {
|
|
4
|
+
function fulfilled(value) { try { step(generator.next(value)); } catch (e) { reject(e); } }
|
|
5
|
+
function rejected(value) { try { step(generator["throw"](value)); } catch (e) { reject(e); } }
|
|
6
|
+
function step(result) { result.done ? resolve(result.value) : adopt(result.value).then(fulfilled, rejected); }
|
|
7
|
+
step((generator = generator.apply(thisArg, _arguments || [])).next());
|
|
8
|
+
});
|
|
9
|
+
};
|
|
10
|
+
import chalk from "chalk";
|
|
11
|
+
import initReportDb from "./utility/initReportDb.js";
|
|
12
|
+
import fs from "fs";
|
|
13
|
+
import { populateMappedJson } from "./utility/populateDb/populateMappedJson.js";
|
|
14
|
+
import Database from "better-sqlite3";
|
|
15
|
+
import { populateAnalysisFindings } from "./utility/populateDb/populateAnalysisFindings.js";
|
|
16
|
+
import populateEndpoints from "./utility/populateDb/populateEndpoints.js";
|
|
17
|
+
import populateMappedOpenapi from "./utility/populateDb/populateMappedOpenapi.js";
|
|
18
|
+
import genHtml from "./utility/genHtml.js";
|
|
19
|
+
const report = (sqliteDbPath, mappedJsonFilePath, analyzeJsonFilePath, endpointsJsonFilePath, mappedOpenapiJsonFilePath, reportFileName) => __awaiter(void 0, void 0, void 0, function* () {
|
|
20
|
+
console.log(chalk.cyan("[i] Running 'report' module"));
|
|
21
|
+
// check if db exists. if not, init
|
|
22
|
+
if (!fs.existsSync(sqliteDbPath)) {
|
|
23
|
+
yield initReportDb(sqliteDbPath);
|
|
24
|
+
console.log(chalk.green("[✓] Report database initialized successfully"));
|
|
25
|
+
}
|
|
26
|
+
const db = new Database(sqliteDbPath);
|
|
27
|
+
// first, populate mapped.json
|
|
28
|
+
if (mappedJsonFilePath) {
|
|
29
|
+
const chunks = JSON.parse(fs.readFileSync(mappedJsonFilePath, "utf8"));
|
|
30
|
+
yield populateMappedJson(db, chunks);
|
|
31
|
+
}
|
|
32
|
+
// then, move to analyze.json
|
|
33
|
+
if (analyzeJsonFilePath) {
|
|
34
|
+
const findings = JSON.parse(fs.readFileSync(analyzeJsonFilePath, "utf8"));
|
|
35
|
+
yield populateAnalysisFindings(db, findings);
|
|
36
|
+
}
|
|
37
|
+
// populate the endpoints
|
|
38
|
+
if (endpointsJsonFilePath) {
|
|
39
|
+
const endpoints = JSON.parse(fs.readFileSync(endpointsJsonFilePath, "utf8"));
|
|
40
|
+
yield populateEndpoints(db, endpoints);
|
|
41
|
+
}
|
|
42
|
+
// populate the mapped openapi
|
|
43
|
+
if (mappedOpenapiJsonFilePath) {
|
|
44
|
+
const openapi = JSON.parse(fs.readFileSync(mappedOpenapiJsonFilePath, "utf8"));
|
|
45
|
+
yield populateMappedOpenapi(db, openapi);
|
|
46
|
+
}
|
|
47
|
+
// finally, generate HTML report
|
|
48
|
+
if (reportFileName) {
|
|
49
|
+
yield genHtml(`${reportFileName}.html`, db);
|
|
50
|
+
}
|
|
51
|
+
});
|
|
52
|
+
export default report;
|
|
53
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/report/index.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,YAAY,MAAM,2BAA2B,CAAC;AACrD,OAAO,EAAE,MAAM,IAAI,CAAC;AAEpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,4CAA4C,CAAC;AAChF,OAAO,QAAQ,MAAM,gBAAgB,CAAC;AAEtC,OAAO,EAAE,wBAAwB,EAAE,MAAM,kDAAkD,CAAC;AAC5F,OAAO,iBAAiB,MAAM,2CAA2C,CAAC;AAC1E,OAAO,qBAAqB,MAAM,+CAA+C,CAAC;AAClF,OAAO,OAAO,MAAM,sBAAsB,CAAC;AAE3C,MAAM,MAAM,GAAG,CACX,YAAoB,EACpB,kBAAsC,EACtC,mBAAuC,EACvC,qBAAyC,EACzC,yBAA6C,EAC7C,cAAkC,EACpC,EAAE;IACA,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC,CAAC;IAEvD,mCAAmC;IACnC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;QAC/B,MAAM,YAAY,CAAC,YAAY,CAAC,CAAC;QACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,8CAA8C,CAAC,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,EAAE,GAAG,IAAI,QAAQ,CAAC,YAAY,CAAC,CAAC;IAEtC,8BAA8B;IAC9B,IAAI,kBAAkB,EAAE,CAAC;QACrB,MAAM,MAAM,GAAW,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,kBAAkB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC/E,MAAM,kBAAkB,CAAC,EAAE,EAAE,MAAM,CAAC,CAAC;IACzC,CAAC;IAED,6BAA6B;IAC7B,IAAI,mBAAmB,EAAE,CAAC;QACtB,MAAM,QAAQ,GAAmB,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,mBAAmB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC1F,MAAM,wBAAwB,CAAC,EAAE,EAAE,QAAQ,CAAC,CAAC;IACjD,CAAC;IAED,yBAAyB;IACzB,IAAI,qBAAqB,EAAE,CAAC;QACxB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC7E,MAAM,iBAAiB,CAAC,EAAE,EAAE,SAAS,CAAC,CAAC;IAC3C,CAAC;IAED,8BAA8B;IAC9B,IAAI,yBAAyB,EAAE,CAAC;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,yBAAyB,EAAE,MAAM,CAAC,CAAC,CAAC;QAC/E,MAAM,qBAAqB,CAAC,EAAE,EAAE,OAAO,CAAC,CAAC;IAC7C,CAAC;IAED,gCAAgC;IAChC,IAAI,cAAc,EAAE,CAAC;QACjB,MAAM,OAAO,CAAC,GAAG,cAAc,OAAO,EAAE,EAAE,CAAC,CAAC;IAChD,CAAC;AACL,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
|