@trailofbits/vsix-audit 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +661 -0
- package/README.md +281 -0
- package/dist/cli.d.ts +3 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +703 -0
- package/dist/cli.js.map +1 -0
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +4 -0
- package/dist/index.js.map +1 -0
- package/dist/scanner/batch.d.ts +12 -0
- package/dist/scanner/batch.d.ts.map +1 -0
- package/dist/scanner/batch.js +104 -0
- package/dist/scanner/batch.js.map +1 -0
- package/dist/scanner/bundler.d.ts +35 -0
- package/dist/scanner/bundler.d.ts.map +1 -0
- package/dist/scanner/bundler.js +120 -0
- package/dist/scanner/bundler.js.map +1 -0
- package/dist/scanner/cache.d.ts +45 -0
- package/dist/scanner/cache.d.ts.map +1 -0
- package/dist/scanner/cache.js +153 -0
- package/dist/scanner/cache.js.map +1 -0
- package/dist/scanner/cache.test.d.ts +2 -0
- package/dist/scanner/cache.test.d.ts.map +1 -0
- package/dist/scanner/cache.test.js +149 -0
- package/dist/scanner/cache.test.js.map +1 -0
- package/dist/scanner/capabilities.d.ts +29 -0
- package/dist/scanner/capabilities.d.ts.map +1 -0
- package/dist/scanner/capabilities.js +217 -0
- package/dist/scanner/capabilities.js.map +1 -0
- package/dist/scanner/checks/ast.d.ts +3 -0
- package/dist/scanner/checks/ast.d.ts.map +1 -0
- package/dist/scanner/checks/ast.js +469 -0
- package/dist/scanner/checks/ast.js.map +1 -0
- package/dist/scanner/checks/ast.test.d.ts +2 -0
- package/dist/scanner/checks/ast.test.d.ts.map +1 -0
- package/dist/scanner/checks/ast.test.js +389 -0
- package/dist/scanner/checks/ast.test.js.map +1 -0
- package/dist/scanner/checks/behavioral.d.ts +3 -0
- package/dist/scanner/checks/behavioral.d.ts.map +1 -0
- package/dist/scanner/checks/behavioral.js +367 -0
- package/dist/scanner/checks/behavioral.js.map +1 -0
- package/dist/scanner/checks/blocklist.d.ts +3 -0
- package/dist/scanner/checks/blocklist.d.ts.map +1 -0
- package/dist/scanner/checks/blocklist.js +32 -0
- package/dist/scanner/checks/blocklist.js.map +1 -0
- package/dist/scanner/checks/blocklist.test.d.ts +2 -0
- package/dist/scanner/checks/blocklist.test.d.ts.map +1 -0
- package/dist/scanner/checks/blocklist.test.js +74 -0
- package/dist/scanner/checks/blocklist.test.js.map +1 -0
- package/dist/scanner/checks/chains.d.ts +35 -0
- package/dist/scanner/checks/chains.d.ts.map +1 -0
- package/dist/scanner/checks/chains.js +505 -0
- package/dist/scanner/checks/chains.js.map +1 -0
- package/dist/scanner/checks/chains.test.d.ts +2 -0
- package/dist/scanner/checks/chains.test.d.ts.map +1 -0
- package/dist/scanner/checks/chains.test.js +250 -0
- package/dist/scanner/checks/chains.test.js.map +1 -0
- package/dist/scanner/checks/dataflow.d.ts +3 -0
- package/dist/scanner/checks/dataflow.d.ts.map +1 -0
- package/dist/scanner/checks/dataflow.js +316 -0
- package/dist/scanner/checks/dataflow.js.map +1 -0
- package/dist/scanner/checks/dependencies.d.ts +13 -0
- package/dist/scanner/checks/dependencies.d.ts.map +1 -0
- package/dist/scanner/checks/dependencies.js +225 -0
- package/dist/scanner/checks/dependencies.js.map +1 -0
- package/dist/scanner/checks/dependencies.test.d.ts +2 -0
- package/dist/scanner/checks/dependencies.test.d.ts.map +1 -0
- package/dist/scanner/checks/dependencies.test.js +248 -0
- package/dist/scanner/checks/dependencies.test.js.map +1 -0
- package/dist/scanner/checks/finding-quality.test.d.ts +8 -0
- package/dist/scanner/checks/finding-quality.test.d.ts.map +1 -0
- package/dist/scanner/checks/finding-quality.test.js +164 -0
- package/dist/scanner/checks/finding-quality.test.js.map +1 -0
- package/dist/scanner/checks/ioc.d.ts +20 -0
- package/dist/scanner/checks/ioc.d.ts.map +1 -0
- package/dist/scanner/checks/ioc.js +234 -0
- package/dist/scanner/checks/ioc.js.map +1 -0
- package/dist/scanner/checks/ioc.test.d.ts +2 -0
- package/dist/scanner/checks/ioc.test.d.ts.map +1 -0
- package/dist/scanner/checks/ioc.test.js +298 -0
- package/dist/scanner/checks/ioc.test.js.map +1 -0
- package/dist/scanner/checks/manifest.d.ts +6 -0
- package/dist/scanner/checks/manifest.d.ts.map +1 -0
- package/dist/scanner/checks/manifest.js +123 -0
- package/dist/scanner/checks/manifest.js.map +1 -0
- package/dist/scanner/checks/manifest.test.d.ts +2 -0
- package/dist/scanner/checks/manifest.test.d.ts.map +1 -0
- package/dist/scanner/checks/manifest.test.js +108 -0
- package/dist/scanner/checks/manifest.test.js.map +1 -0
- package/dist/scanner/checks/obfuscation.d.ts +3 -0
- package/dist/scanner/checks/obfuscation.d.ts.map +1 -0
- package/dist/scanner/checks/obfuscation.js +432 -0
- package/dist/scanner/checks/obfuscation.js.map +1 -0
- package/dist/scanner/checks/obfuscation.test.d.ts +2 -0
- package/dist/scanner/checks/obfuscation.test.d.ts.map +1 -0
- package/dist/scanner/checks/obfuscation.test.js +399 -0
- package/dist/scanner/checks/obfuscation.test.js.map +1 -0
- package/dist/scanner/checks/package.d.ts +17 -0
- package/dist/scanner/checks/package.d.ts.map +1 -0
- package/dist/scanner/checks/package.js +422 -0
- package/dist/scanner/checks/package.js.map +1 -0
- package/dist/scanner/checks/package.test.d.ts +2 -0
- package/dist/scanner/checks/package.test.d.ts.map +1 -0
- package/dist/scanner/checks/package.test.js +518 -0
- package/dist/scanner/checks/package.test.js.map +1 -0
- package/dist/scanner/checks/patterns.d.ts +5 -0
- package/dist/scanner/checks/patterns.d.ts.map +1 -0
- package/dist/scanner/checks/patterns.js +251 -0
- package/dist/scanner/checks/patterns.js.map +1 -0
- package/dist/scanner/checks/patterns.test.d.ts +2 -0
- package/dist/scanner/checks/patterns.test.d.ts.map +1 -0
- package/dist/scanner/checks/patterns.test.js +147 -0
- package/dist/scanner/checks/patterns.test.js.map +1 -0
- package/dist/scanner/checks/unicode.d.ts +3 -0
- package/dist/scanner/checks/unicode.d.ts.map +1 -0
- package/dist/scanner/checks/unicode.js +247 -0
- package/dist/scanner/checks/unicode.js.map +1 -0
- package/dist/scanner/checks/unicode.test.d.ts +2 -0
- package/dist/scanner/checks/unicode.test.d.ts.map +1 -0
- package/dist/scanner/checks/unicode.test.js +202 -0
- package/dist/scanner/checks/unicode.test.js.map +1 -0
- package/dist/scanner/checks/yara.d.ts +23 -0
- package/dist/scanner/checks/yara.d.ts.map +1 -0
- package/dist/scanner/checks/yara.js +349 -0
- package/dist/scanner/checks/yara.js.map +1 -0
- package/dist/scanner/checks/yara.test.d.ts +2 -0
- package/dist/scanner/checks/yara.test.d.ts.map +1 -0
- package/dist/scanner/checks/yara.test.js +126 -0
- package/dist/scanner/checks/yara.test.js.map +1 -0
- package/dist/scanner/constants.d.ts +18 -0
- package/dist/scanner/constants.d.ts.map +1 -0
- package/dist/scanner/constants.js +37 -0
- package/dist/scanner/constants.js.map +1 -0
- package/dist/scanner/detection-coverage.test.d.ts +2 -0
- package/dist/scanner/detection-coverage.test.d.ts.map +1 -0
- package/dist/scanner/detection-coverage.test.js +216 -0
- package/dist/scanner/detection-coverage.test.js.map +1 -0
- package/dist/scanner/download.d.ts +76 -0
- package/dist/scanner/download.d.ts.map +1 -0
- package/dist/scanner/download.js +339 -0
- package/dist/scanner/download.js.map +1 -0
- package/dist/scanner/download.test.d.ts +2 -0
- package/dist/scanner/download.test.d.ts.map +1 -0
- package/dist/scanner/download.test.js +149 -0
- package/dist/scanner/download.test.js.map +1 -0
- package/dist/scanner/index.d.ts +8 -0
- package/dist/scanner/index.d.ts.map +1 -0
- package/dist/scanner/index.js +167 -0
- package/dist/scanner/index.js.map +1 -0
- package/dist/scanner/index.test.d.ts +2 -0
- package/dist/scanner/index.test.d.ts.map +1 -0
- package/dist/scanner/index.test.js +71 -0
- package/dist/scanner/index.test.js.map +1 -0
- package/dist/scanner/loaders/zoo.d.ts +3 -0
- package/dist/scanner/loaders/zoo.d.ts.map +1 -0
- package/dist/scanner/loaders/zoo.js +112 -0
- package/dist/scanner/loaders/zoo.js.map +1 -0
- package/dist/scanner/types.d.ts +118 -0
- package/dist/scanner/types.d.ts.map +1 -0
- package/dist/scanner/types.js +2 -0
- package/dist/scanner/types.js.map +1 -0
- package/dist/scanner/utils.d.ts +14 -0
- package/dist/scanner/utils.d.ts.map +1 -0
- package/dist/scanner/utils.js +25 -0
- package/dist/scanner/utils.js.map +1 -0
- package/dist/scanner/vsix.d.ts +6 -0
- package/dist/scanner/vsix.d.ts.map +1 -0
- package/dist/scanner/vsix.js +213 -0
- package/dist/scanner/vsix.js.map +1 -0
- package/dist/scanner/vsix.test.d.ts +2 -0
- package/dist/scanner/vsix.test.d.ts.map +1 -0
- package/dist/scanner/vsix.test.js +355 -0
- package/dist/scanner/vsix.test.js.map +1 -0
- package/package.json +60 -0
- package/zoo/blocklist/extensions.json +201 -0
- package/zoo/iocs/blockchain-extensions.txt +21 -0
- package/zoo/iocs/c2-domains.txt +50 -0
- package/zoo/iocs/c2-ips.txt +24 -0
- package/zoo/iocs/hashes.txt +47 -0
- package/zoo/iocs/malicious-npm.txt +85 -0
- package/zoo/iocs/wallets.txt +18 -0
- package/zoo/signatures/yara/README.md +46 -0
- package/zoo/signatures/yara/blockchain_c2.yar +48 -0
- package/zoo/signatures/yara/code_execution.yar +165 -0
- package/zoo/signatures/yara/credential_harvesting.yar +116 -0
- package/zoo/signatures/yara/crypto_wallet_targeting.yar +92 -0
- package/zoo/signatures/yara/data_exfiltration.yar +207 -0
- package/zoo/signatures/yara/google_calendar_c2.yar +187 -0
- package/zoo/signatures/yara/messaging_c2.yar +103 -0
- package/zoo/signatures/yara/multi_stage_attacks.yar +331 -0
- package/zoo/signatures/yara/obfuscation_patterns.yar +208 -0
- package/zoo/signatures/yara/powershell_attacks.yar +116 -0
- package/zoo/signatures/yara/rat_capabilities.yar +243 -0
- package/zoo/signatures/yara/self_propagation.yar +239 -0
- package/zoo/signatures/yara/unicode_stealth.yar +48 -0
- package/zoo/signatures/yara/websocket_c2.yar +83 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"download.js","sourceRoot":"","sources":["../../src/scanner/download.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,iBAAiB,EAAE,MAAM,SAAS,CAAC;AAC5C,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,YAAY,CAAC;AA8CrE,MAAM,eAAe,GAAG,0EAA0E,CAAC;AAEnG,MAAM,mBAAmB,GAAG,eAAe,CAAC;AAE5C,MAAM,eAAe,GAAG,0BAA0B,CAAC;AAEnD,MAAM,cAAc,GAAG,uEAAuE,CAAC;AAsB/F;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,IAAI,QAAQ,GAAa,aAAa,CAAC;IACvC,IAAI,IAAI,GAAG,KAAK,CAAC;IAEjB,4BAA4B;IAC5B,IAAI,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QACjC,QAAQ,GAAG,SAAS,CAAC;QACrB,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;SAAM,IAAI,KAAK,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;QAC5C,QAAQ,GAAG,aAAa,CAAC;QACzB,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACzB,CAAC;SAAM,IAAI,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QACvC,QAAQ,GAAG,QAAQ,CAAC;QACpB,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;IACxB,CAAC;IAED,2BAA2B;IAC3B,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACtC,IAAI,UAAU,GAAG,IAAI,CAAC;IACtB,IAAI,OAA2B,CAAC;IAEhC,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;QAChB,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QACpC,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;IACpC,CAAC;IAED,uBAAuB;IACvB,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,IAAI,QAAQ,IAAI,CAAC,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CACb,0BAA0B,KAAK,8DAA8D,CAC9F,CAAC;IACJ,CAAC;IAED,MAAM,SAAS,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC;IAChD,MAAM,IAAI,GAAG,UAAU,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC;IAE5C,IAAI,CAAC,SAAS,IAAI,CAAC,IAAI,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CACb,0BAA0B,KAAK,8DAA8D,CAC9F,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAsB,EAAE,SAAS,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAChE,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,SAAiB,EACjB,IAAY,EACZ,OAAgB;IAEhB,MAAM,WAAW,GAAG,GAAG,SAAS,IAAI,IAAI,EAAE,CAAC;IAE3C,MAAM,WAAW,GAAG;QAClB,OAAO,EAAE;YACP;gBACE,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;gBACjD,QAAQ,EAAE,CAAC;gBACX,UAAU,EAAE,CAAC;aACd;SACF;QACD,KAAK,EAAE,KAAK,GAAG,IAAI,GAAG,GAAG,EAAE,0CAA0C;KACtE,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,eAAe,EAAE;QAC5C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,MAAM,EAAE,gCAAgC,mBAAmB,EAAE;SAC9D;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;KAClC,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,0BAA0B,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IACtF,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;IACxD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;IACjD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;IAE5B,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,wBAAwB,WAAW,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEpC,2CAA2C;IAC3C,IAAI,aAAa,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CACb,WAAW,OAAO,kBAAkB,WAAW,aAAa,QAAQ,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CACnF,CAAC;QACJ,CAAC;QACD,aAAa,GAAG,KAAK,CAAC;IACxB,CAAC;IAED,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,6BAA6B,WAAW,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,oCAAoC;IACpC,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,SAAS,CAAC,CAAC;IAE/E,MAAM,MAAM,GAAsB;QAChC,WAAW;QACX,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,aAAa;QACtC,IAAI,EAAE,GAAG,CAAC,aAAa;QACvB,OAAO,EAAE,aAAa,CAAC,OAAO;QAC9B,WAAW,EAAE,aAAa,CAAC,WAAW;QACtC,QAAQ,EAAE,aAAa;KACxB,CAAC;IAEF,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;QACpB,MAAM,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC;IACvC,CAAC;IACD,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACzB,MAAM,CAAC,WAAW,GAAG,GAAG,CAAC,gBAAgB,CAAC;IAC5C,CAAC;IACD,IAAI,WAAW,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,CAAC,YAAY,GAAG,WAAW,CAAC,KAAK,CAAC;IAC1C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,SAAiB,EACjB,IAAY,EACZ,OAAgB;IAEhB,MAAM,WAAW,GAAG,GAAG,SAAS,IAAI,IAAI,EAAE,CAAC;IAC3C,MAAM,GAAG,GAAG,OAAO;QACjB,CAAC,CAAC,GAAG,eAAe,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,EAAE;QACtD,CAAC,CAAC,GAAG,eAAe,IAAI,SAAS,IAAI,IAAI,EAAE,CAAC;IAE9C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;YAC5B,MAAM,IAAI,KAAK,CAAC,mCAAmC,WAAW,EAAE,CAAC,CAAC;QACpE,CAAC;QACD,MAAM,IAAI,KAAK,CAAC,sBAAsB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAqB,CAAC;IAEzD,MAAM,MAAM,GAAsB;QAChC,WAAW;QACX,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,IAAI,EAAE,IAAI,CAAC,IAAI;QACf,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,QAAQ,EAAE,SAAS;KACpB,CAAC;IAEF,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACnB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC;IACtC,CAAC;IACD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACxC,CAAC;IACD,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,CAAC,WAAW,GAAG,IAAI,CAAC,WAAW,CAAC;IACxC,CAAC;IACD,IAAI,IAAI,CAAC,aAAa,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,CAAC,YAAY,GAAG,IAAI,CAAC,aAAa,CAAC;IAC3C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,SAAiB,EACjB,IAAY,EACZ,OAAgB;IAEhB,MAAM,WAAW,GAAG,GAAG,SAAS,IAAI,IAAI,EAAE,CAAC;IAE3C,MAAM,WAAW,GAAG;QAClB,OAAO,EAAE;YACP;gBACE,QAAQ,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;gBACjD,QAAQ,EAAE,CAAC;gBACX,UAAU,EAAE,CAAC;aACd;SACF;QACD,KAAK,EAAE,KAAK,GAAG,IAAI,GAAG,GAAG,EAAE,0CAA0C;KACtE,CAAC;IAEF,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,cAAc,EAAE;QAC3C,MAAM,EAAE,MAAM;QACd,OAAO,EAAE;YACP,cAAc,EAAE,kBAAkB;YAClC,MAAM,EAAE,gCAAgC,mBAAmB,EAAE;SAC9D;QACD,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC;KAClC,CAAC,CAAC;IAEH,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,qBAAqB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,MAAM,QAAQ,CAAC,IAAI,EAAE,CAAoB,CAAC;IACxD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC;IACjD,MAAM,GAAG,GAAG,UAAU,EAAE,CAAC,CAAC,CAAC,CAAC;IAE5B,IAAI,CAAC,GAAG,EAAE,CAAC;QACT,MAAM,IAAI,KAAK,CAAC,kCAAkC,WAAW,EAAE,CAAC,CAAC;IACnE,CAAC;IAED,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,IAAI,EAAE,CAAC;IAEpC,2CAA2C;IAC3C,IAAI,aAAa,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAChC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,MAAM,IAAI,KAAK,CACb,WAAW,OAAO,kBAAkB,WAAW,aAAa,QAAQ,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CACnF,CAAC;QACJ,CAAC;QACD,aAAa,GAAG,KAAK,CAAC;IACxB,CAAC;IAED,IAAI,CAAC,aAAa,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,6BAA6B,WAAW,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,oCAAoC;IACpC,MAAM,WAAW,GAAG,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,KAAK,SAAS,CAAC,CAAC;IAE/E,MAAM,MAAM,GAAsB;QAChC,WAAW;QACX,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,aAAa;QACtC,IAAI,EAAE,GAAG,CAAC,aAAa;QACvB,OAAO,EAAE,aAAa,CAAC,OAAO;QAC9B,WAAW,EAAE,aAAa,CAAC,WAAW;QACtC,QAAQ,EAAE,QAAQ;KACnB,CAAC;IAEF,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;QACpB,MAAM,CAAC,WAAW,GAAG,GAAG,CAAC,WAAW,CAAC;IACvC,CAAC;IACD,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;QACzB,MAAM,CAAC,WAAW,GAAG,GAAG,CAAC,gBAAgB,CAAC;IAC5C,CAAC;IACD,IAAI,WAAW,EAAE,KAAK,KAAK,SAAS,EAAE,CAAC;QACrC,MAAM,CAAC,YAAY,GAAG,WAAW,CAAC,KAAK,CAAC;IAC1C,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,yBAAyB,CACvC,SAAiB,EACjB,IAAY,EACZ,OAAe;IAEf,OAAO,WAAW,SAAS,uDAAuD,SAAS,cAAc,IAAI,IAAI,OAAO,0DAA0D,CAAC;AACrL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,SAAiB,EAAE,IAAY,EAAE,OAAe;IACpF,OAAO,GAAG,eAAe,IAAI,SAAS,IAAI,IAAI,IAAI,OAAO,SAAS,SAAS,IAAI,IAAI,IAAI,OAAO,OAAO,CAAC;AACxG,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,SAAiB,EAAE,IAAY,EAAE,OAAe;IACnF,OAAO,qEAAqE,SAAS,iBAAiB,IAAI,IAAI,OAAO,YAAY,CAAC;AACpI,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,SAAiB,EAAE,IAAY,EAAE,OAAe;IAC7E,OAAO,yBAAyB,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAAC,GAAW,EAAE,QAAgB;IAC9D,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,CAAC,QAAQ,CAAC,EAAE,EAAE,CAAC;QACjB,MAAM,IAAI,KAAK,CAAC,oBAAoB,QAAQ,CAAC,MAAM,IAAI,QAAQ,CAAC,UAAU,EAAE,CAAC,CAAC;IAChF,CAAC;IAED,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,qBAAqB,CAAC,CAAC;IACzC,CAAC;IAED,sCAAsC;IACtC,MAAM,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEpD,gCAAgC;IAChC,MAAM,UAAU,GAAG,QAAQ,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAgD,CAAC,CAAC;IAC/F,MAAM,UAAU,GAAG,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAE/C,MAAM,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;AACzC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,SAAiB,EACjB,IAAY,EACZ,OAAe,EACf,QAAgB,EAChB,WAAqB,aAAa;IAElC,IAAI,GAAW,CAAC;IAChB,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,GAAG,GAAG,qBAAqB,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACxD,CAAC;SAAM,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,GAAG,GAAG,oBAAoB,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACvD,CAAC;SAAM,CAAC;QACN,GAAG,GAAG,yBAAyB,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,MAAM,mBAAmB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;AAC3C,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,WAAmB,EACnB,OAAyB;IAEzB,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;IAC7E,MAAM,QAAQ,GAAG,OAAO,EAAE,QAAQ,KAAK,KAAK,CAAC;IAC7C,MAAM,aAAa,GAAG,OAAO,EAAE,aAAa,KAAK,IAAI,CAAC;IAEtD,8CAA8C;IAC9C,IAAI,QAA2B,CAAC;IAChC,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC3B,QAAQ,GAAG,MAAM,YAAY,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC1D,CAAC;SAAM,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,QAAQ,GAAG,MAAM,WAAW,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IACzD,CAAC;SAAM,CAAC;QACN,QAAQ,GAAG,MAAM,cAAc,CAAC,SAAS,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC5D,CAAC;IAED,8EAA8E;IAC9E,IAAI,OAAO,EAAE,OAAO,EAAE,CAAC;QACrB,MAAM,QAAQ,GAAG,GAAG,QAAQ,CAAC,SAAS,IAAI,QAAQ,CAAC,IAAI,IAAI,QAAQ,CAAC,OAAO,OAAO,CAAC;QACnF,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAEjD,+BAA+B;QAC/B,IAAI,QAAQ,IAAI,CAAC,aAAa,EAAE,CAAC;YAC/B,MAAM,UAAU,GAAG,aAAa,CAC9B,QAAQ,EACR,QAAQ,CAAC,SAAS,EAClB,QAAQ,CAAC,IAAI,EACb,QAAQ,CAAC,OAAO,CACjB,CAAC;YACF,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;YAE7F,IAAI,MAAM,EAAE,CAAC;gBACX,iCAAiC;gBACjC,MAAM,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;gBAClD,MAAM,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;gBACrC,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;YACvD,CAAC;QACH,CAAC;QAED,iBAAiB;QACjB,MAAM,YAAY,CAAC,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAO,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC5F,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;IACxD,CAAC;IAED,sBAAsB;IACtB,MAAM,UAAU,GAAG,aAAa,CAAC,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;IAEhG,0BAA0B;IAC1B,IAAI,QAAQ,IAAI,CAAC,aAAa,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAO,CAAC,CAAC;QAC7F,IAAI,MAAM,EAAE,CAAC;YACX,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;QACzD,CAAC;IACH,CAAC;IAED,oBAAoB;IACpB,MAAM,cAAc,CAAC,QAAQ,CAAC,CAAC;IAC/B,MAAM,YAAY,CAAC,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,OAAO,EAAE,UAAU,EAAE,QAAQ,CAAC,CAAC;IAE9F,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC;AAC1D,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"download.test.d.ts","sourceRoot":"","sources":["../../src/scanner/download.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,149 @@
|
|
|
1
|
+
import { describe, expect, it } from "vitest";
|
|
2
|
+
import { getCursorDownloadUrl, getDownloadUrl, getMarketplaceDownloadUrl, getOpenVSXDownloadUrl, parseExtensionId, } from "./download.js";
|
|
3
|
+
describe("parseExtensionId", () => {
|
|
4
|
+
it("parses publisher.name format", () => {
|
|
5
|
+
const result = parseExtensionId("ms-python.python");
|
|
6
|
+
expect(result.publisher).toBe("ms-python");
|
|
7
|
+
expect(result.name).toBe("python");
|
|
8
|
+
expect(result.version).toBeUndefined();
|
|
9
|
+
expect(result.registry).toBe("marketplace");
|
|
10
|
+
});
|
|
11
|
+
it("parses publisher.name@version format", () => {
|
|
12
|
+
const result = parseExtensionId("ms-python.python@2024.1.0");
|
|
13
|
+
expect(result.publisher).toBe("ms-python");
|
|
14
|
+
expect(result.name).toBe("python");
|
|
15
|
+
expect(result.version).toBe("2024.1.0");
|
|
16
|
+
expect(result.registry).toBe("marketplace");
|
|
17
|
+
});
|
|
18
|
+
it("handles dots in extension name", () => {
|
|
19
|
+
const result = parseExtensionId("publisher.extension.name");
|
|
20
|
+
expect(result.publisher).toBe("publisher");
|
|
21
|
+
expect(result.name).toBe("extension.name");
|
|
22
|
+
expect(result.version).toBeUndefined();
|
|
23
|
+
expect(result.registry).toBe("marketplace");
|
|
24
|
+
});
|
|
25
|
+
it("handles version with dots", () => {
|
|
26
|
+
const result = parseExtensionId("ms-vscode.cpptools@1.2.3");
|
|
27
|
+
expect(result.publisher).toBe("ms-vscode");
|
|
28
|
+
expect(result.name).toBe("cpptools");
|
|
29
|
+
expect(result.version).toBe("1.2.3");
|
|
30
|
+
});
|
|
31
|
+
it("handles prerelease versions", () => {
|
|
32
|
+
const result = parseExtensionId("publisher.ext@1.0.0-beta.1");
|
|
33
|
+
expect(result.publisher).toBe("publisher");
|
|
34
|
+
expect(result.name).toBe("ext");
|
|
35
|
+
expect(result.version).toBe("1.0.0-beta.1");
|
|
36
|
+
});
|
|
37
|
+
it("parses openvsx: prefix", () => {
|
|
38
|
+
const result = parseExtensionId("openvsx:redhat.java");
|
|
39
|
+
expect(result.publisher).toBe("redhat");
|
|
40
|
+
expect(result.name).toBe("java");
|
|
41
|
+
expect(result.version).toBeUndefined();
|
|
42
|
+
expect(result.registry).toBe("openvsx");
|
|
43
|
+
});
|
|
44
|
+
it("parses openvsx: prefix with version", () => {
|
|
45
|
+
const result = parseExtensionId("openvsx:redhat.java@1.0.0");
|
|
46
|
+
expect(result.publisher).toBe("redhat");
|
|
47
|
+
expect(result.name).toBe("java");
|
|
48
|
+
expect(result.version).toBe("1.0.0");
|
|
49
|
+
expect(result.registry).toBe("openvsx");
|
|
50
|
+
});
|
|
51
|
+
it("parses marketplace: prefix", () => {
|
|
52
|
+
const result = parseExtensionId("marketplace:ms-python.python");
|
|
53
|
+
expect(result.publisher).toBe("ms-python");
|
|
54
|
+
expect(result.name).toBe("python");
|
|
55
|
+
expect(result.version).toBeUndefined();
|
|
56
|
+
expect(result.registry).toBe("marketplace");
|
|
57
|
+
});
|
|
58
|
+
it("parses marketplace: prefix with version", () => {
|
|
59
|
+
const result = parseExtensionId("marketplace:ms-python.python@2024.1.0");
|
|
60
|
+
expect(result.publisher).toBe("ms-python");
|
|
61
|
+
expect(result.name).toBe("python");
|
|
62
|
+
expect(result.version).toBe("2024.1.0");
|
|
63
|
+
expect(result.registry).toBe("marketplace");
|
|
64
|
+
});
|
|
65
|
+
it("parses cursor: prefix", () => {
|
|
66
|
+
const result = parseExtensionId("cursor:ms-python.python");
|
|
67
|
+
expect(result.publisher).toBe("ms-python");
|
|
68
|
+
expect(result.name).toBe("python");
|
|
69
|
+
expect(result.version).toBeUndefined();
|
|
70
|
+
expect(result.registry).toBe("cursor");
|
|
71
|
+
});
|
|
72
|
+
it("parses cursor: prefix with version", () => {
|
|
73
|
+
const result = parseExtensionId("cursor:ms-python.python@2024.1.0");
|
|
74
|
+
expect(result.publisher).toBe("ms-python");
|
|
75
|
+
expect(result.name).toBe("python");
|
|
76
|
+
expect(result.version).toBe("2024.1.0");
|
|
77
|
+
expect(result.registry).toBe("cursor");
|
|
78
|
+
});
|
|
79
|
+
it("throws on missing publisher", () => {
|
|
80
|
+
expect(() => parseExtensionId("python")).toThrow("Invalid extension ID");
|
|
81
|
+
});
|
|
82
|
+
it("throws on empty publisher", () => {
|
|
83
|
+
expect(() => parseExtensionId(".python")).toThrow("Invalid extension ID");
|
|
84
|
+
});
|
|
85
|
+
it("throws on empty name", () => {
|
|
86
|
+
expect(() => parseExtensionId("publisher.")).toThrow("Invalid extension ID");
|
|
87
|
+
});
|
|
88
|
+
it("throws on just a dot", () => {
|
|
89
|
+
expect(() => parseExtensionId(".")).toThrow("Invalid extension ID");
|
|
90
|
+
});
|
|
91
|
+
it("throws on openvsx: prefix with invalid ID", () => {
|
|
92
|
+
expect(() => parseExtensionId("openvsx:invalid")).toThrow("Invalid extension ID");
|
|
93
|
+
});
|
|
94
|
+
});
|
|
95
|
+
describe("getDownloadUrl", () => {
|
|
96
|
+
it("generates correct download URL", () => {
|
|
97
|
+
const url = getDownloadUrl("ms-python", "python", "2024.1.0");
|
|
98
|
+
expect(url).toBe("https://ms-python.gallery.vsassets.io/_apis/public/gallery/publisher/ms-python/extension/python/2024.1.0/assetbyname/Microsoft.VisualStudio.Services.VSIXPackage");
|
|
99
|
+
});
|
|
100
|
+
it("handles publisher with hyphen", () => {
|
|
101
|
+
const url = getDownloadUrl("ms-vscode", "cpptools", "1.0.0");
|
|
102
|
+
expect(url).toContain("ms-vscode.gallery.vsassets.io");
|
|
103
|
+
expect(url).toContain("/publisher/ms-vscode/");
|
|
104
|
+
});
|
|
105
|
+
it("handles extension name with special chars", () => {
|
|
106
|
+
const url = getDownloadUrl("pub", "my-ext", "1.0.0");
|
|
107
|
+
expect(url).toContain("/extension/my-ext/");
|
|
108
|
+
});
|
|
109
|
+
});
|
|
110
|
+
describe("getMarketplaceDownloadUrl", () => {
|
|
111
|
+
it("generates correct Marketplace download URL", () => {
|
|
112
|
+
const url = getMarketplaceDownloadUrl("ms-python", "python", "2024.1.0");
|
|
113
|
+
expect(url).toBe("https://ms-python.gallery.vsassets.io/_apis/public/gallery/publisher/ms-python/extension/python/2024.1.0/assetbyname/Microsoft.VisualStudio.Services.VSIXPackage");
|
|
114
|
+
});
|
|
115
|
+
});
|
|
116
|
+
describe("getOpenVSXDownloadUrl", () => {
|
|
117
|
+
it("generates correct OpenVSX download URL", () => {
|
|
118
|
+
const url = getOpenVSXDownloadUrl("redhat", "java", "1.0.0");
|
|
119
|
+
expect(url).toBe("https://open-vsx.org/api/redhat/java/1.0.0/file/redhat.java-1.0.0.vsix");
|
|
120
|
+
});
|
|
121
|
+
it("handles publisher with special chars", () => {
|
|
122
|
+
const url = getOpenVSXDownloadUrl("ms-python", "python", "2024.1.0");
|
|
123
|
+
expect(url).toBe("https://open-vsx.org/api/ms-python/python/2024.1.0/file/ms-python.python-2024.1.0.vsix");
|
|
124
|
+
});
|
|
125
|
+
});
|
|
126
|
+
describe("getCursorDownloadUrl", () => {
|
|
127
|
+
it("generates correct Cursor download URL", () => {
|
|
128
|
+
const url = getCursorDownloadUrl("ms-python", "python", "2024.1.0");
|
|
129
|
+
expect(url).toBe("https://marketplace.cursorapi.com/_apis/public/gallery/publishers/ms-python/vsextensions/python/2024.1.0/vspackage");
|
|
130
|
+
});
|
|
131
|
+
it("handles extension name with hyphen", () => {
|
|
132
|
+
const url = getCursorDownloadUrl("eamodio", "gitlens", "15.0.0");
|
|
133
|
+
expect(url).toBe("https://marketplace.cursorapi.com/_apis/public/gallery/publishers/eamodio/vsextensions/gitlens/15.0.0/vspackage");
|
|
134
|
+
});
|
|
135
|
+
});
|
|
136
|
+
// Integration tests that require network access
|
|
137
|
+
describe.skip("downloadExtension (integration)", () => {
|
|
138
|
+
// These tests are skipped by default as they require network access
|
|
139
|
+
// Run manually with: npm test -- --run download.test.ts
|
|
140
|
+
it("downloads a real extension", async () => {
|
|
141
|
+
// This would actually download from the marketplace
|
|
142
|
+
// Skipped to avoid network requests in normal test runs
|
|
143
|
+
});
|
|
144
|
+
it("queries extension metadata", async () => {
|
|
145
|
+
// This would actually query the marketplace API
|
|
146
|
+
// Skipped to avoid network requests in normal test runs
|
|
147
|
+
});
|
|
148
|
+
});
|
|
149
|
+
//# sourceMappingURL=download.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"download.test.js","sourceRoot":"","sources":["../../src/scanner/download.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,oBAAoB,EACpB,cAAc,EACd,yBAAyB,EACzB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAEvB,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,MAAM,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;QAEpD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,MAAM,GAAG,gBAAgB,CAAC,2BAA2B,CAAC,CAAC;QAE7D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,MAAM,GAAG,gBAAgB,CAAC,0BAA0B,CAAC,CAAC;QAE5D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,MAAM,GAAG,gBAAgB,CAAC,0BAA0B,CAAC,CAAC;QAE5D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,MAAM,GAAG,gBAAgB,CAAC,4BAA4B,CAAC,CAAC;QAE9D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,MAAM,GAAG,gBAAgB,CAAC,qBAAqB,CAAC,CAAC;QAEvD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,MAAM,GAAG,gBAAgB,CAAC,2BAA2B,CAAC,CAAC;QAE7D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,MAAM,GAAG,gBAAgB,CAAC,8BAA8B,CAAC,CAAC;QAEhE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,MAAM,GAAG,gBAAgB,CAAC,uCAAuC,CAAC,CAAC;QAEzE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uBAAuB,EAAE,GAAG,EAAE;QAC/B,MAAM,MAAM,GAAG,gBAAgB,CAAC,yBAAyB,CAAC,CAAC;QAE3D,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QACvC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,gBAAgB,CAAC,kCAAkC,CAAC,CAAC;QAEpE,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC3E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,SAAS,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC5E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,MAAM,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IAC/E,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,MAAM,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACtE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,CAAC,GAAG,EAAE,CAAC,gBAAgB,CAAC,iBAAiB,CAAC,CAAC,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACpF,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,GAAG,GAAG,cAAc,CAAC,WAAW,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAE9D,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CACd,kKAAkK,CACnK,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;QACvC,MAAM,GAAG,GAAG,cAAc,CAAC,WAAW,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;QAE7D,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,+BAA+B,CAAC,CAAC;QACvD,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,GAAG,GAAG,cAAc,CAAC,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QAErD,MAAM,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;IACzC,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,GAAG,GAAG,yBAAyB,CAAC,WAAW,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAEzE,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CACd,kKAAkK,CACnK,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,GAAG,GAAG,qBAAqB,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAE7D,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAC;IAC7F,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;QAC9C,MAAM,GAAG,GAAG,qBAAqB,CAAC,WAAW,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAErE,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CACd,wFAAwF,CACzF,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;IACpC,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,GAAG,GAAG,oBAAoB,CAAC,WAAW,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC;QAEpE,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CACd,oHAAoH,CACrH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,GAAG,GAAG,oBAAoB,CAAC,SAAS,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;QAEjE,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CACd,iHAAiH,CAClH,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gDAAgD;AAChD,QAAQ,CAAC,IAAI,CAAC,iCAAiC,EAAE,GAAG,EAAE;IACpD,oEAAoE;IACpE,wDAAwD;IAExD,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,oDAAoD;QACpD,wDAAwD;IAC1D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,KAAK,IAAI,EAAE;QAC1C,gDAAgD;QAChD,wDAAwD;IAC1D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { BatchScanResult, CheckSummary, Finding, ModuleTimings, ScanOptions, ScanResult, Severity } from "./types.js";
|
|
2
|
+
export declare const MODULE_NAMES: readonly ["package", "obfuscation", "ast", "ioc", "yara"];
|
|
3
|
+
export type ModuleName = (typeof MODULE_NAMES)[number];
|
|
4
|
+
export type { BatchScanResult, CheckSummary, Finding, ModuleTimings, ScanOptions, ScanResult, Severity, };
|
|
5
|
+
export type { BatchScanCallbacks, BatchScanOptions } from "./batch.js";
|
|
6
|
+
export { findVsixFiles, scanDirectory } from "./batch.js";
|
|
7
|
+
export declare function scanExtension(target: string, options: ScanOptions): Promise<ScanResult>;
|
|
8
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAiBA,OAAO,KAAK,EACV,eAAe,EACf,YAAY,EACZ,OAAO,EACP,aAAa,EACb,WAAW,EACX,UAAU,EACV,QAAQ,EAET,MAAM,YAAY,CAAC;AAGpB,eAAO,MAAM,YAAY,2DAA4D,CAAC;AACtF,MAAM,MAAM,UAAU,GAAG,CAAC,OAAO,YAAY,CAAC,CAAC,MAAM,CAAC,CAAC;AAEvD,YAAY,EACV,eAAe,EACf,YAAY,EACZ,OAAO,EACP,aAAa,EACb,WAAW,EACX,UAAU,EACV,QAAQ,GACT,CAAC;AACF,YAAY,EAAE,kBAAkB,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AACvE,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAoD1D,wBAAsB,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CA2H7F"}
|
|
@@ -0,0 +1,167 @@
|
|
|
1
|
+
import { stat } from "node:fs/promises";
|
|
2
|
+
import { checkAST } from "./checks/ast.js";
|
|
3
|
+
import { checkIocs } from "./checks/ioc.js";
|
|
4
|
+
import { checkObfuscation } from "./checks/obfuscation.js";
|
|
5
|
+
import { checkPackage } from "./checks/package.js";
|
|
6
|
+
import { checkYara, DEFAULT_YARA_RULES_DIR, isYaraAvailable, listYaraRules, } from "./checks/yara.js";
|
|
7
|
+
import { isScannable, SCANNABLE_EXTENSIONS_PATTERN, SCANNABLE_EXTENSIONS_UNICODE, } from "./constants.js";
|
|
8
|
+
import { loadZooData } from "./loaders/zoo.js";
|
|
9
|
+
import { loadExtension } from "./vsix.js";
|
|
10
|
+
export const MODULE_NAMES = ["package", "obfuscation", "ast", "ioc", "yara"];
|
|
11
|
+
export { findVsixFiles, scanDirectory } from "./batch.js";
|
|
12
|
+
const SEVERITY_ORDER = {
|
|
13
|
+
low: 0,
|
|
14
|
+
medium: 1,
|
|
15
|
+
high: 2,
|
|
16
|
+
critical: 3,
|
|
17
|
+
};
|
|
18
|
+
function filterBySeverity(findings, minSeverity) {
|
|
19
|
+
const minLevel = SEVERITY_ORDER[minSeverity];
|
|
20
|
+
return findings.filter((f) => SEVERITY_ORDER[f.severity] >= minLevel);
|
|
21
|
+
}
|
|
22
|
+
function deduplicateFindings(findings) {
|
|
23
|
+
const seen = new Set();
|
|
24
|
+
const result = [];
|
|
25
|
+
for (const finding of findings) {
|
|
26
|
+
const key = `${finding.id}:${finding.location?.file ?? ""}:${finding.location?.line ?? ""}`;
|
|
27
|
+
if (!seen.has(key)) {
|
|
28
|
+
seen.add(key);
|
|
29
|
+
result.push(finding);
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
return result;
|
|
33
|
+
}
|
|
34
|
+
function sortFindings(findings) {
|
|
35
|
+
return findings.sort((a, b) => {
|
|
36
|
+
const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
|
|
37
|
+
if (severityDiff !== 0)
|
|
38
|
+
return severityDiff;
|
|
39
|
+
return a.id.localeCompare(b.id);
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
function countScannableFiles(contents, extensions) {
|
|
43
|
+
let count = 0;
|
|
44
|
+
for (const filename of contents.files.keys()) {
|
|
45
|
+
if (isScannable(filename, extensions)) {
|
|
46
|
+
count++;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
return count;
|
|
50
|
+
}
|
|
51
|
+
function shouldRunModule(name, options) {
|
|
52
|
+
if (!options.modules || options.modules.length === 0)
|
|
53
|
+
return true;
|
|
54
|
+
return options.modules.includes(name);
|
|
55
|
+
}
|
|
56
|
+
export async function scanExtension(target, options) {
|
|
57
|
+
const startTime = performance.now();
|
|
58
|
+
const timings = { load: 0, total: 0 };
|
|
59
|
+
const targetExists = await stat(target).catch(() => null);
|
|
60
|
+
if (!targetExists) {
|
|
61
|
+
throw new Error(`Target not found: ${target}`);
|
|
62
|
+
}
|
|
63
|
+
const loadStart = performance.now();
|
|
64
|
+
const [contents, zooData] = await Promise.all([loadExtension(target), loadZooData()]);
|
|
65
|
+
timings.load = performance.now() - loadStart;
|
|
66
|
+
const { manifest } = contents;
|
|
67
|
+
const extensionId = `${manifest.publisher}.${manifest.name}`;
|
|
68
|
+
let findings = [];
|
|
69
|
+
const inventory = [];
|
|
70
|
+
// Check YARA availability upfront
|
|
71
|
+
const yaraAvailable = await isYaraAvailable();
|
|
72
|
+
const yaraRules = yaraAvailable ? await listYaraRules(DEFAULT_YARA_RULES_DIR) : [];
|
|
73
|
+
// Count files by type for inventory
|
|
74
|
+
const codeFileCount = countScannableFiles(contents, SCANNABLE_EXTENSIONS_PATTERN);
|
|
75
|
+
const textFileCount = countScannableFiles(contents, SCANNABLE_EXTENSIONS_UNICODE);
|
|
76
|
+
// Package check (blocklist + manifest + dependencies)
|
|
77
|
+
if (shouldRunModule("package", options)) {
|
|
78
|
+
const moduleStart = performance.now();
|
|
79
|
+
findings.push(...checkPackage(contents, zooData));
|
|
80
|
+
timings.package = performance.now() - moduleStart;
|
|
81
|
+
inventory.push({
|
|
82
|
+
name: "Package",
|
|
83
|
+
enabled: true,
|
|
84
|
+
description: "Blocklist, manifest analysis, npm dependencies, lifecycle scripts",
|
|
85
|
+
});
|
|
86
|
+
}
|
|
87
|
+
// Obfuscation check (entropy + Unicode hiding)
|
|
88
|
+
if (shouldRunModule("obfuscation", options)) {
|
|
89
|
+
const moduleStart = performance.now();
|
|
90
|
+
findings.push(...checkObfuscation(contents));
|
|
91
|
+
timings.obfuscation = performance.now() - moduleStart;
|
|
92
|
+
inventory.push({
|
|
93
|
+
name: "Obfuscation",
|
|
94
|
+
enabled: true,
|
|
95
|
+
description: `Entropy and Unicode analysis across ${textFileCount} files`,
|
|
96
|
+
rulesApplied: 8,
|
|
97
|
+
filesExamined: textFileCount,
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
// AST analysis
|
|
101
|
+
if (shouldRunModule("ast", options)) {
|
|
102
|
+
const moduleStart = performance.now();
|
|
103
|
+
findings.push(...checkAST(contents));
|
|
104
|
+
timings.ast = performance.now() - moduleStart;
|
|
105
|
+
inventory.push({
|
|
106
|
+
name: "AST",
|
|
107
|
+
enabled: true,
|
|
108
|
+
description: `Structural code analysis across ${codeFileCount} code files`,
|
|
109
|
+
rulesApplied: 7,
|
|
110
|
+
filesExamined: codeFileCount,
|
|
111
|
+
});
|
|
112
|
+
}
|
|
113
|
+
// IOC check
|
|
114
|
+
if (shouldRunModule("ioc", options)) {
|
|
115
|
+
const moduleStart = performance.now();
|
|
116
|
+
findings.push(...checkIocs(contents, zooData));
|
|
117
|
+
timings.ioc = performance.now() - moduleStart;
|
|
118
|
+
inventory.push({
|
|
119
|
+
name: "IOC",
|
|
120
|
+
enabled: true,
|
|
121
|
+
description: "Hashes, domains, IPs against threat intel",
|
|
122
|
+
});
|
|
123
|
+
}
|
|
124
|
+
// YARA check
|
|
125
|
+
if (shouldRunModule("yara", options)) {
|
|
126
|
+
if (yaraAvailable) {
|
|
127
|
+
const moduleStart = performance.now();
|
|
128
|
+
findings.push(...(await checkYara(contents)));
|
|
129
|
+
timings.yara = performance.now() - moduleStart;
|
|
130
|
+
inventory.push({
|
|
131
|
+
name: "YARA",
|
|
132
|
+
enabled: true,
|
|
133
|
+
description: `${yaraRules.length} rules against all files`,
|
|
134
|
+
rulesApplied: yaraRules.length,
|
|
135
|
+
filesExamined: contents.files.size,
|
|
136
|
+
});
|
|
137
|
+
}
|
|
138
|
+
else {
|
|
139
|
+
inventory.push({
|
|
140
|
+
name: "YARA",
|
|
141
|
+
enabled: false,
|
|
142
|
+
description: "Signature-based malware detection",
|
|
143
|
+
skipReason: "yara not installed",
|
|
144
|
+
});
|
|
145
|
+
}
|
|
146
|
+
}
|
|
147
|
+
findings = deduplicateFindings(findings);
|
|
148
|
+
findings = filterBySeverity(findings, options.severity);
|
|
149
|
+
findings = sortFindings(findings);
|
|
150
|
+
timings.total = performance.now() - startTime;
|
|
151
|
+
return {
|
|
152
|
+
extension: {
|
|
153
|
+
id: extensionId,
|
|
154
|
+
name: manifest.displayName ?? manifest.name,
|
|
155
|
+
version: manifest.version,
|
|
156
|
+
publisher: manifest.publisher,
|
|
157
|
+
},
|
|
158
|
+
findings,
|
|
159
|
+
inventory,
|
|
160
|
+
metadata: {
|
|
161
|
+
scannedAt: new Date().toISOString(),
|
|
162
|
+
scanDuration: Math.round(timings.total),
|
|
163
|
+
...(options.profile ? { timings } : {}),
|
|
164
|
+
},
|
|
165
|
+
};
|
|
166
|
+
}
|
|
167
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,iBAAiB,CAAC;AAC3C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,qBAAqB,CAAC;AACnD,OAAO,EACL,SAAS,EACT,sBAAsB,EACtB,eAAe,EACf,aAAa,GACd,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EACL,WAAW,EACX,4BAA4B,EAC5B,4BAA4B,GAC7B,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAW/C,OAAO,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAE1C,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,SAAS,EAAE,aAAa,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAU,CAAC;AAatF,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,cAAc,GAA6B;IAC/C,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,CAAC;IACT,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;CACZ,CAAC;AAEF,SAAS,gBAAgB,CAAC,QAAmB,EAAE,WAAqB;IAClE,MAAM,QAAQ,GAAG,cAAc,CAAC,WAAW,CAAC,CAAC;IAC7C,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAmB;IAC9C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,MAAM,GAAc,EAAE,CAAC;IAE7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,EAAE,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,EAAE,IAAI,OAAO,CAAC,QAAQ,EAAE,IAAI,IAAI,EAAE,EAAE,CAAC;QAC5F,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CAAC,QAAmB;IACvC,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC5B,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC7E,IAAI,YAAY,KAAK,CAAC;YAAE,OAAO,YAAY,CAAC;QAC5C,OAAO,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAClC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAsB,EAAE,UAAuB;IAC1E,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,KAAK,MAAM,QAAQ,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC7C,IAAI,WAAW,CAAC,QAAQ,EAAE,UAAU,CAAC,EAAE,CAAC;YACtC,KAAK,EAAE,CAAC;QACV,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,eAAe,CAAC,IAAgB,EAAE,OAAoB;IAC7D,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAClE,OAAO,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,MAAc,EAAE,OAAoB;IACtE,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IACpC,MAAM,OAAO,GAAkB,EAAE,IAAI,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;IAErD,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,CAAC;IAC1D,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,KAAK,CAAC,qBAAqB,MAAM,EAAE,CAAC,CAAC;IACjD,CAAC;IAED,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IACpC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,EAAE,WAAW,EAAE,CAAC,CAAC,CAAC;IACtF,OAAO,CAAC,IAAI,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAE7C,MAAM,EAAE,QAAQ,EAAE,GAAG,QAAQ,CAAC;IAC9B,MAAM,WAAW,GAAG,GAAG,QAAQ,CAAC,SAAS,IAAI,QAAQ,CAAC,IAAI,EAAE,CAAC;IAE7D,IAAI,QAAQ,GAAc,EAAE,CAAC;IAC7B,MAAM,SAAS,GAAmB,EAAE,CAAC;IAErC,kCAAkC;IAClC,MAAM,aAAa,GAAG,MAAM,eAAe,EAAE,CAAC;IAC9C,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,MAAM,aAAa,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAEnF,oCAAoC;IACpC,MAAM,aAAa,GAAG,mBAAmB,CAAC,QAAQ,EAAE,4BAA4B,CAAC,CAAC;IAClF,MAAM,aAAa,GAAG,mBAAmB,CAAC,QAAQ,EAAE,4BAA4B,CAAC,CAAC;IAElF,sDAAsD;IACtD,IAAI,eAAe,CAAC,SAAS,EAAE,OAAO,CAAC,EAAE,CAAC;QACxC,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;QAClD,OAAO,CAAC,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;QAClD,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,SAAS;YACf,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,mEAAmE;SACjF,CAAC,CAAC;IACL,CAAC;IAED,+CAA+C;IAC/C,IAAI,eAAe,CAAC,aAAa,EAAE,OAAO,CAAC,EAAE,CAAC;QAC5C,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC7C,OAAO,CAAC,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;QACtD,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,aAAa;YACnB,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,uCAAuC,aAAa,QAAQ;YACzE,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,aAAa;SAC7B,CAAC,CAAC;IACL,CAAC;IAED,eAAe;IACf,IAAI,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;QACpC,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QACrC,OAAO,CAAC,GAAG,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;QAC9C,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,KAAK;YACX,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,mCAAmC,aAAa,aAAa;YAC1E,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,aAAa;SAC7B,CAAC,CAAC;IACL,CAAC;IAED,YAAY;IACZ,IAAI,eAAe,CAAC,KAAK,EAAE,OAAO,CAAC,EAAE,CAAC;QACpC,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;QAC/C,OAAO,CAAC,GAAG,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;QAC9C,SAAS,CAAC,IAAI,CAAC;YACb,IAAI,EAAE,KAAK;YACX,OAAO,EAAE,IAAI;YACb,WAAW,EAAE,2CAA2C;SACzD,CAAC,CAAC;IACL,CAAC;IAED,aAAa;IACb,IAAI,eAAe,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,CAAC;QACrC,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,WAAW,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;YACtC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;YAC9C,OAAO,CAAC,IAAI,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,WAAW,CAAC;YAC/C,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,IAAI;gBACb,WAAW,EAAE,GAAG,SAAS,CAAC,MAAM,0BAA0B;gBAC1D,YAAY,EAAE,SAAS,CAAC,MAAM;gBAC9B,aAAa,EAAE,QAAQ,CAAC,KAAK,CAAC,IAAI;aACnC,CAAC,CAAC;QACL,CAAC;aAAM,CAAC;YACN,SAAS,CAAC,IAAI,CAAC;gBACb,IAAI,EAAE,MAAM;gBACZ,OAAO,EAAE,KAAK;gBACd,WAAW,EAAE,mCAAmC;gBAChD,UAAU,EAAE,oBAAoB;aACjC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,QAAQ,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAC;IACzC,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;IACxD,QAAQ,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IAElC,OAAO,CAAC,KAAK,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;IAE9C,OAAO;QACL,SAAS,EAAE;YACT,EAAE,EAAE,WAAW;YACf,IAAI,EAAE,QAAQ,CAAC,WAAW,IAAI,QAAQ,CAAC,IAAI;YAC3C,OAAO,EAAE,QAAQ,CAAC,OAAO;YACzB,SAAS,EAAE,QAAQ,CAAC,SAAS;SAC9B;QACD,QAAQ;QACR,SAAS;QACT,QAAQ,EAAE;YACR,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,YAAY,EAAE,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;YACvC,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACxC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.test.d.ts","sourceRoot":"","sources":["../../src/scanner/index.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,71 @@
|
|
|
1
|
+
import { existsSync } from "node:fs";
|
|
2
|
+
import { join } from "node:path";
|
|
3
|
+
import { describe, expect, it } from "vitest";
|
|
4
|
+
import { scanExtension } from "./index.js";
|
|
5
|
+
const ZOO_ROOT = join(import.meta.dirname, "..", "..", "zoo");
|
|
6
|
+
const SAMPLES_DIR = process.env["VSIX_ZOO_PATH"] || join(ZOO_ROOT, "samples");
|
|
7
|
+
const hasSamples = existsSync(join(SAMPLES_DIR, "apollyon"));
|
|
8
|
+
describe("scanExtension", () => {
|
|
9
|
+
const defaultOptions = {
|
|
10
|
+
output: "text",
|
|
11
|
+
severity: "low",
|
|
12
|
+
network: true,
|
|
13
|
+
};
|
|
14
|
+
it("throws error for non-existent target", async () => {
|
|
15
|
+
await expect(scanExtension("nonexistent.vsix", defaultOptions)).rejects.toThrow("Target not found: nonexistent.vsix");
|
|
16
|
+
});
|
|
17
|
+
describe.skipIf(!hasSamples)("zoo sample detection", () => {
|
|
18
|
+
it("detects Discord webhook in apollyon sample", async () => {
|
|
19
|
+
const result = await scanExtension(join(SAMPLES_DIR, "apollyon"), defaultOptions);
|
|
20
|
+
expect(result.extension.publisher).toBeUndefined();
|
|
21
|
+
expect(result.extension.name).toBe("mal-vscode-poc");
|
|
22
|
+
// Discord webhook detection via YARA rule
|
|
23
|
+
const discordFinding = result.findings.find((f) => f.id === "YARA_C2_JS_Discord_Webhook_Jan25");
|
|
24
|
+
expect(discordFinding).toBeDefined();
|
|
25
|
+
expect(discordFinding?.severity).toBe("high");
|
|
26
|
+
expect(discordFinding?.location?.file).toBe("extension.js");
|
|
27
|
+
});
|
|
28
|
+
it("detects C2 domain in kagema sample", async () => {
|
|
29
|
+
const result = await scanExtension(join(SAMPLES_DIR, "kagema/ShowSnowcrypto.SnowShoNo/showsnowcrypto.snowshono-0.6.0"), defaultOptions);
|
|
30
|
+
expect(result.extension.publisher).toBe("ShowSnowcrypto");
|
|
31
|
+
const c2Finding = result.findings.find((f) => f.id === "KNOWN_C2_DOMAIN");
|
|
32
|
+
expect(c2Finding).toBeDefined();
|
|
33
|
+
expect(c2Finding?.severity).toBe("critical");
|
|
34
|
+
expect(c2Finding?.metadata?.["domain"]).toBe("niggboo.com");
|
|
35
|
+
});
|
|
36
|
+
it("detects malware hash and trojan source in Extension-Attack-Suite", async () => {
|
|
37
|
+
const result = await scanExtension(join(SAMPLES_DIR, "ecm3401/Extension-Attack-Suite"), defaultOptions);
|
|
38
|
+
expect(result.extension.publisher).toBe("ecm3401");
|
|
39
|
+
// Should detect known malware hash for the .vsix file
|
|
40
|
+
const hashFinding = result.findings.find((f) => f.id === "KNOWN_MALWARE_HASH");
|
|
41
|
+
expect(hashFinding).toBeDefined();
|
|
42
|
+
expect(hashFinding?.severity).toBe("critical");
|
|
43
|
+
// Should detect Trojan Source (BIDI override) attack
|
|
44
|
+
const bidiFinding = result.findings.find((f) => f.id === "BIDI_OVERRIDE");
|
|
45
|
+
expect(bidiFinding).toBeDefined();
|
|
46
|
+
expect(bidiFinding?.severity).toBe("critical");
|
|
47
|
+
}, 30000);
|
|
48
|
+
it("detects PowerShell loader in Extension-Attack-Suite", async () => {
|
|
49
|
+
const result = await scanExtension(join(SAMPLES_DIR, "ecm3401/Extension-Attack-Suite"), defaultOptions);
|
|
50
|
+
// PowerShell download/execute pattern via YARA (critical severity per rule metadata)
|
|
51
|
+
const psFinding = result.findings.find((f) => f.id === "YARA_LOADER_PS_Download_Execute_Jan25");
|
|
52
|
+
expect(psFinding).toBeDefined();
|
|
53
|
+
expect(psFinding?.severity).toBe("critical");
|
|
54
|
+
}, 30000);
|
|
55
|
+
});
|
|
56
|
+
describe.skipIf(!hasSamples)("severity filtering", () => {
|
|
57
|
+
it("filters findings by minimum severity", async () => {
|
|
58
|
+
const lowResult = await scanExtension(join(SAMPLES_DIR, "apollyon"), {
|
|
59
|
+
...defaultOptions,
|
|
60
|
+
severity: "low",
|
|
61
|
+
});
|
|
62
|
+
const highResult = await scanExtension(join(SAMPLES_DIR, "apollyon"), {
|
|
63
|
+
...defaultOptions,
|
|
64
|
+
severity: "high",
|
|
65
|
+
});
|
|
66
|
+
expect(highResult.findings.length).toBeLessThanOrEqual(lowResult.findings.length);
|
|
67
|
+
expect(highResult.findings.every((f) => f.severity === "high" || f.severity === "critical")).toBe(true);
|
|
68
|
+
});
|
|
69
|
+
});
|
|
70
|
+
});
|
|
71
|
+
//# sourceMappingURL=index.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.test.js","sourceRoot":"","sources":["../../src/scanner/index.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAE3C,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;AAC9D,MAAM,WAAW,GAAG,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;AAC9E,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC,CAAC;AAE7D,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,MAAM,cAAc,GAAG;QACrB,MAAM,EAAE,MAAe;QACvB,QAAQ,EAAE,KAAc;QACxB,OAAO,EAAE,IAAI;KACd,CAAC;IAEF,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;QACpD,MAAM,MAAM,CAAC,aAAa,CAAC,kBAAkB,EAAE,cAAc,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAC7E,oCAAoC,CACrC,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,MAAM,CAAC,CAAC,UAAU,CAAC,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACxD,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;YAC1D,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,EAAE,cAAc,CAAC,CAAC;YAElF,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,aAAa,EAAE,CAAC;YACnD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAErD,0CAA0C;YAC1C,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CACzC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,kCAAkC,CACnD,CAAC;YACF,MAAM,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC9C,MAAM,CAAC,cAAc,EAAE,QAAQ,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,MAAM,GAAG,MAAM,aAAa,CAChC,IAAI,CAAC,WAAW,EAAE,gEAAgE,CAAC,EACnF,cAAc,CACf,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAE1D,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,iBAAiB,CAAC,CAAC;YAC1E,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC7C,MAAM,CAAC,SAAS,EAAE,QAAQ,EAAE,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kEAAkE,EAAE,KAAK,IAAI,EAAE;YAChF,MAAM,MAAM,GAAG,MAAM,aAAa,CAChC,IAAI,CAAC,WAAW,EAAE,gCAAgC,CAAC,EACnD,cAAc,CACf,CAAC;YAEF,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAEnD,sDAAsD;YACtD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,oBAAoB,CAAC,CAAC;YAC/E,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAE/C,qDAAqD;YACrD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,eAAe,CAAC,CAAC;YAC1E,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACjD,CAAC,EAAE,KAAK,CAAC,CAAC;QAEV,EAAE,CAAC,qDAAqD,EAAE,KAAK,IAAI,EAAE;YACnE,MAAM,MAAM,GAAG,MAAM,aAAa,CAChC,IAAI,CAAC,WAAW,EAAE,gCAAgC,CAAC,EACnD,cAAc,CACf,CAAC;YAEF,qFAAqF;YACrF,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,uCAAuC,CACxD,CAAC;YACF,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAC/C,CAAC,EAAE,KAAK,CAAC,CAAC;IACZ,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,MAAM,CAAC,CAAC,UAAU,CAAC,CAAC,oBAAoB,EAAE,GAAG,EAAE;QACtD,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,MAAM,SAAS,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,EAAE;gBACnE,GAAG,cAAc;gBACjB,QAAQ,EAAE,KAAK;aAChB,CAAC,CAAC;YAEH,MAAM,UAAU,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,EAAE;gBACpE,GAAG,cAAc;gBACjB,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC;YAEH,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,mBAAmB,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClF,MAAM,CACJ,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CACrF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACf,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"zoo.d.ts","sourceRoot":"","sources":["../../../src/scanner/loaders/zoo.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAkB,OAAO,EAAE,MAAM,aAAa,CAAC;AAkG3D,wBAAsB,WAAW,IAAI,OAAO,CAAC,OAAO,CAAC,CAwCpD"}
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
import { access, readFile } from "node:fs/promises";
|
|
2
|
+
import { dirname, join } from "node:path";
|
|
3
|
+
import { fileURLToPath } from "node:url";
|
|
4
|
+
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
5
|
+
/**
|
|
6
|
+
* Find the zoo directory, checking multiple locations.
|
|
7
|
+
* Priority:
|
|
8
|
+
* 1. VSIX_AUDIT_ZOO_PATH environment variable
|
|
9
|
+
* 2. Development: ../../.. relative to module (src/scanner/loaders -> zoo)
|
|
10
|
+
* 3. Installed: ../.. relative to dist (dist/scanner/loaders -> zoo)
|
|
11
|
+
*/
|
|
12
|
+
async function findZooRoot() {
|
|
13
|
+
// Check environment variable first
|
|
14
|
+
const envPath = process.env["VSIX_AUDIT_ZOO_PATH"];
|
|
15
|
+
if (envPath) {
|
|
16
|
+
return envPath;
|
|
17
|
+
}
|
|
18
|
+
// Development path: src/scanner/loaders -> zoo
|
|
19
|
+
const devPath = join(__dirname, "..", "..", "..", "zoo");
|
|
20
|
+
try {
|
|
21
|
+
await access(devPath);
|
|
22
|
+
return devPath;
|
|
23
|
+
}
|
|
24
|
+
catch {
|
|
25
|
+
// Not found, try installed path
|
|
26
|
+
}
|
|
27
|
+
// Installed path: dist/scanner/loaders -> zoo
|
|
28
|
+
const installedPath = join(__dirname, "..", "..", "zoo");
|
|
29
|
+
try {
|
|
30
|
+
await access(installedPath);
|
|
31
|
+
return installedPath;
|
|
32
|
+
}
|
|
33
|
+
catch {
|
|
34
|
+
// Fall back to dev path (will error with helpful message later)
|
|
35
|
+
return devPath;
|
|
36
|
+
}
|
|
37
|
+
}
|
|
38
|
+
function defangDomain(domain) {
|
|
39
|
+
return domain.replace(/\[\.\]/g, ".");
|
|
40
|
+
}
|
|
41
|
+
/**
|
|
42
|
+
* Generic IOC file parser.
|
|
43
|
+
* @param content - Raw file content
|
|
44
|
+
* @param extractor - Function to extract and validate a value from each line's first field
|
|
45
|
+
* @returns Set of extracted values
|
|
46
|
+
*/
|
|
47
|
+
function parseIOCFile(content, extractor) {
|
|
48
|
+
const result = new Set();
|
|
49
|
+
for (const line of content.split("\n")) {
|
|
50
|
+
const trimmed = line.trim();
|
|
51
|
+
if (!trimmed || trimmed.startsWith("#")) {
|
|
52
|
+
continue;
|
|
53
|
+
}
|
|
54
|
+
const field = trimmed.split(/\s+/)[0];
|
|
55
|
+
if (field) {
|
|
56
|
+
const value = extractor(field);
|
|
57
|
+
if (value) {
|
|
58
|
+
result.add(value);
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
}
|
|
62
|
+
return result;
|
|
63
|
+
}
|
|
64
|
+
/**
|
|
65
|
+
* Parse wallet file format: CURRENCY ADDRESS # comment
|
|
66
|
+
* Extracts the wallet address (second field) from each line.
|
|
67
|
+
*/
|
|
68
|
+
function parseWalletFile(content) {
|
|
69
|
+
const result = new Set();
|
|
70
|
+
for (const line of content.split("\n")) {
|
|
71
|
+
const trimmed = line.trim();
|
|
72
|
+
if (!trimmed || trimmed.startsWith("#"))
|
|
73
|
+
continue;
|
|
74
|
+
// Format: CURRENCY ADDRESS # comment
|
|
75
|
+
const parts = trimmed.split(/\s+/);
|
|
76
|
+
if (parts.length >= 2) {
|
|
77
|
+
const address = parts[1];
|
|
78
|
+
if (address && !address.startsWith("#")) {
|
|
79
|
+
result.add(address);
|
|
80
|
+
}
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
return result;
|
|
84
|
+
}
|
|
85
|
+
let cachedZooData;
|
|
86
|
+
export async function loadZooData() {
|
|
87
|
+
if (cachedZooData) {
|
|
88
|
+
return cachedZooData;
|
|
89
|
+
}
|
|
90
|
+
const zooRoot = await findZooRoot();
|
|
91
|
+
const [blocklistContent, hashesContent, domainsContent, ipsContent, npmContent, walletsContent, blockchainContent,] = await Promise.all([
|
|
92
|
+
readFile(join(zooRoot, "blocklist", "extensions.json"), "utf8"),
|
|
93
|
+
readFile(join(zooRoot, "iocs", "hashes.txt"), "utf8"),
|
|
94
|
+
readFile(join(zooRoot, "iocs", "c2-domains.txt"), "utf8"),
|
|
95
|
+
readFile(join(zooRoot, "iocs", "c2-ips.txt"), "utf8"),
|
|
96
|
+
readFile(join(zooRoot, "iocs", "malicious-npm.txt"), "utf8"),
|
|
97
|
+
readFile(join(zooRoot, "iocs", "wallets.txt"), "utf8"),
|
|
98
|
+
readFile(join(zooRoot, "iocs", "blockchain-extensions.txt"), "utf8"),
|
|
99
|
+
]);
|
|
100
|
+
const blocklistFile = JSON.parse(blocklistContent);
|
|
101
|
+
cachedZooData = {
|
|
102
|
+
blocklist: blocklistFile.extensions,
|
|
103
|
+
hashes: parseIOCFile(hashesContent, (hash) => /^[a-f0-9]{64}$/i.test(hash) ? hash.toLowerCase() : null),
|
|
104
|
+
domains: parseIOCFile(domainsContent, (domain) => defangDomain(domain).toLowerCase()),
|
|
105
|
+
ips: parseIOCFile(ipsContent, (ipWithPort) => ipWithPort.split(":")[0] ?? null),
|
|
106
|
+
maliciousNpmPackages: parseIOCFile(npmContent, (pkg) => pkg.toLowerCase()),
|
|
107
|
+
wallets: parseWalletFile(walletsContent),
|
|
108
|
+
blockchainAllowlist: parseIOCFile(blockchainContent, (extId) => extId),
|
|
109
|
+
};
|
|
110
|
+
return cachedZooData;
|
|
111
|
+
}
|
|
112
|
+
//# sourceMappingURL=zoo.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"zoo.js","sourceRoot":"","sources":["../../../src/scanner/loaders/zoo.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAE1D;;;;;;GAMG;AACH,KAAK,UAAU,WAAW;IACxB,mCAAmC;IACnC,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACnD,IAAI,OAAO,EAAE,CAAC;QACZ,OAAO,OAAO,CAAC;IACjB,CAAC;IAED,+CAA+C;IAC/C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IACzD,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,OAAO,CAAC,CAAC;QACtB,OAAO,OAAO,CAAC;IACjB,CAAC;IAAC,MAAM,CAAC;QACP,gCAAgC;IAClC,CAAC;IAED,8CAA8C;IAC9C,MAAM,aAAa,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;IACzD,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;QAC5B,OAAO,aAAa,CAAC;IACvB,CAAC;IAAC,MAAM,CAAC;QACP,gEAAgE;QAChE,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAMD,SAAS,YAAY,CAAC,MAAc;IAClC,OAAO,MAAM,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;AACxC,CAAC;AAED;;;;;GAKG;AACH,SAAS,YAAY,CAAC,OAAe,EAAE,SAA2C;IAChF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;IAEjC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxC,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACtC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC;YAC/B,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACpB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,SAAS,eAAe,CAAC,OAAe;IACtC,MAAM,MAAM,GAAG,IAAI,GAAG,EAAU,CAAC;IAEjC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACvC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS;QAElD,sCAAsC;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QACnC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACtB,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACzB,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxC,MAAM,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,IAAI,aAAkC,CAAC;AAEvC,MAAM,CAAC,KAAK,UAAU,WAAW;IAC/B,IAAI,aAAa,EAAE,CAAC;QAClB,OAAO,aAAa,CAAC;IACvB,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,WAAW,EAAE,CAAC;IAEpC,MAAM,CACJ,gBAAgB,EAChB,aAAa,EACb,cAAc,EACd,UAAU,EACV,UAAU,EACV,cAAc,EACd,iBAAiB,EAClB,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACpB,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,EAAE,iBAAiB,CAAC,EAAE,MAAM,CAAC;QAC/D,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,gBAAgB,CAAC,EAAE,MAAM,CAAC;QACzD,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,MAAM,CAAC;QACrD,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC5D,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,aAAa,CAAC,EAAE,MAAM,CAAC;QACtD,QAAQ,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,2BAA2B,CAAC,EAAE,MAAM,CAAC;KACrE,CAAC,CAAC;IAEH,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAkB,CAAC;IAEpE,aAAa,GAAG;QACd,SAAS,EAAE,aAAa,CAAC,UAAU;QACnC,MAAM,EAAE,YAAY,CAAC,aAAa,EAAE,CAAC,IAAI,EAAE,EAAE,CAC3C,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,IAAI,CACzD;QACD,OAAO,EAAE,YAAY,CAAC,cAAc,EAAE,CAAC,MAAM,EAAE,EAAE,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QACrF,GAAG,EAAE,YAAY,CAAC,UAAU,EAAE,CAAC,UAAU,EAAE,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QAC/E,oBAAoB,EAAE,YAAY,CAAC,UAAU,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC;QAC1E,OAAO,EAAE,eAAe,CAAC,cAAc,CAAC;QACxC,mBAAmB,EAAE,YAAY,CAAC,iBAAiB,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC;KACvE,CAAC;IAEF,OAAO,aAAa,CAAC;AACvB,CAAC"}
|