@zerothreatai/vulnerability-registry 3.0.0 → 5.0.0

package/src/error-codes.js

@@ -1,315 +0,0 @@
-"use strict";
-/**
- * Vulnerability Registry - Error Codes
- *
- * Central enum containing all vulnerability error codes across all scanners.
- * Each code maps to a complete VulnerabilityDefinition.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.VulnerabilityCode = void 0;
-var VulnerabilityCode;
-(function (VulnerabilityCode) {
-    // ========================================
-    // SQL INJECTION (SQLI_*)
-    // ========================================
-    VulnerabilityCode["SQLI_ERROR_BASED"] = "SQLI_ERROR_BASED";
-    VulnerabilityCode["SQLI_BOOLEAN_BASED"] = "SQLI_BOOLEAN_BASED";
-    VulnerabilityCode["SQLI_TIME_BASED"] = "SQLI_TIME_BASED";
-    VulnerabilityCode["SQLI_STACK_BASED"] = "SQLI_STACK_BASED";
-    VulnerabilityCode["SQLI_UNION_BASED"] = "SQLI_UNION_BASED";
-    // ========================================
-    // CROSS-SITE SCRIPTING (XSS_*)
-    // ========================================
-    VulnerabilityCode["XSS_REFLECTED"] = "XSS_REFLECTED";
-    VulnerabilityCode["XSS_STORED"] = "XSS_STORED";
-    VulnerabilityCode["XSS_DOM_BASED"] = "XSS_DOM_BASED";
-    VulnerabilityCode["XSS_SVG_INJECTION"] = "XSS_SVG_INJECTION";
-    VulnerabilityCode["XSS_CSTI_ANGULAR"] = "XSS_CSTI_ANGULAR";
-    VulnerabilityCode["XSS_CSTI_VUE"] = "XSS_CSTI_VUE";
-    VulnerabilityCode["XSS_EVENT_HANDLER"] = "XSS_EVENT_HANDLER";
-    VulnerabilityCode["XSS_SCRIPT_INJECTION"] = "XSS_SCRIPT_INJECTION";
-    VulnerabilityCode["XSS_HTML_INJECTION"] = "XSS_HTML_INJECTION";
-    VulnerabilityCode["XSS_ATTRIBUTE_INJECTION"] = "XSS_ATTRIBUTE_INJECTION";
-    VulnerabilityCode["XSS_JS_CONTEXT"] = "XSS_JS_CONTEXT";
-    VulnerabilityCode["XSS_CSS_INJECTION"] = "XSS_CSS_INJECTION";
-    VulnerabilityCode["XSS_CSP_BYPASS"] = "XSS_CSP_BYPASS";
-    VulnerabilityCode["XSS_TEMPLATE_LITERAL"] = "XSS_TEMPLATE_LITERAL";
-    VulnerabilityCode["XSS_MUTATION_BASED"] = "XSS_MUTATION_BASED";
-    // ========================================
-    // COMMAND INJECTION (CMDI_*)
-    // ========================================
-    VulnerabilityCode["CMDI_OOB_CONFIRMED"] = "CMDI_OOB_CONFIRMED";
-    VulnerabilityCode["CMDI_REFLECTED"] = "CMDI_REFLECTED";
-    VulnerabilityCode["CMDI_TIME_BASED"] = "CMDI_TIME_BASED";
-    VulnerabilityCode["CMDI_ERROR_BASED"] = "CMDI_ERROR_BASED";
-    // ========================================
-    // SERVER-SIDE REQUEST FORGERY (SSRF_*)
-    // ========================================
-    VulnerabilityCode["SSRF_CLOUD_METADATA"] = "SSRF_CLOUD_METADATA";
-    VulnerabilityCode["SSRF_INTERNAL_SERVICE"] = "SSRF_INTERNAL_SERVICE";
-    VulnerabilityCode["SSRF_PROTOCOL_SMUGGLING"] = "SSRF_PROTOCOL_SMUGGLING";
-    VulnerabilityCode["SSRF_BLIND_OOB"] = "SSRF_BLIND_OOB";
-    VulnerabilityCode["SSRF_FILTER_BYPASS"] = "SSRF_FILTER_BYPASS";
-    // ========================================
-    // SERVER-SIDE TEMPLATE INJECTION (SSTI_*)
-    // ========================================
-    VulnerabilityCode["SSTI_JINJA2"] = "SSTI_JINJA2";
-    VulnerabilityCode["SSTI_TWIG"] = "SSTI_TWIG";
-    VulnerabilityCode["SSTI_FREEMARKER"] = "SSTI_FREEMARKER";
-    VulnerabilityCode["SSTI_VELOCITY"] = "SSTI_VELOCITY";
-    VulnerabilityCode["SSTI_THYMELEAF"] = "SSTI_THYMELEAF";
-    VulnerabilityCode["SSTI_ERB"] = "SSTI_ERB";
-    VulnerabilityCode["SSTI_EJS"] = "SSTI_EJS";
-    VulnerabilityCode["SSTI_PUG"] = "SSTI_PUG";
-    VulnerabilityCode["SSTI_SMARTY"] = "SSTI_SMARTY";
-    VulnerabilityCode["SSTI_MAKO"] = "SSTI_MAKO";
-    VulnerabilityCode["SSTI_GENERIC"] = "SSTI_GENERIC";
-    // ========================================
-    // XML EXTERNAL ENTITY (XXE_*)
-    // ========================================
-    VulnerabilityCode["XXE_CLASSIC"] = "XXE_CLASSIC";
-    VulnerabilityCode["XXE_BLIND"] = "XXE_BLIND";
-    VulnerabilityCode["XXE_OOB"] = "XXE_OOB";
-    VulnerabilityCode["XXE_ERROR_BASED"] = "XXE_ERROR_BASED";
-    VulnerabilityCode["XXE_PARAMETER_ENTITY"] = "XXE_PARAMETER_ENTITY";
-    // ========================================
-    // XPATH INJECTION (XPATH_*)
-    // ========================================
-    VulnerabilityCode["XPATH_AUTH_BYPASS"] = "XPATH_AUTH_BYPASS";
-    VulnerabilityCode["XPATH_DATA_EXTRACTION"] = "XPATH_DATA_EXTRACTION";
-    VulnerabilityCode["XPATH_BLIND"] = "XPATH_BLIND";
-    VulnerabilityCode["XPATH_ERROR_BASED"] = "XPATH_ERROR_BASED";
-    // ========================================
-    // LOCAL FILE INCLUSION (LFI_*)
-    // ========================================
-    VulnerabilityCode["LFI_PATH_TRAVERSAL"] = "LFI_PATH_TRAVERSAL";
-    VulnerabilityCode["LFI_FILTER_BYPASS"] = "LFI_FILTER_BYPASS";
-    VulnerabilityCode["LFI_SOURCE_DISCLOSURE"] = "LFI_SOURCE_DISCLOSURE";
-    VulnerabilityCode["LFI_WRAPPER_PROTOCOL"] = "LFI_WRAPPER_PROTOCOL";
-    VulnerabilityCode["LFI_PROC_DISCLOSURE"] = "LFI_PROC_DISCLOSURE";
-    // ========================================
-    // JWT VULNERABILITIES (JWT_*)
-    // ========================================
-    VulnerabilityCode["JWT_NONE_ALGORITHM"] = "JWT_NONE_ALGORITHM";
-    VulnerabilityCode["JWT_WEAK_SECRET"] = "JWT_WEAK_SECRET";
-    VulnerabilityCode["JWT_KEY_CONFUSION"] = "JWT_KEY_CONFUSION";
-    VulnerabilityCode["JWT_EXPIRED_TOKEN"] = "JWT_EXPIRED_TOKEN";
-    VulnerabilityCode["JWT_MISSING_CLAIMS"] = "JWT_MISSING_CLAIMS";
-    VulnerabilityCode["JWT_CLAIM_TAMPERING"] = "JWT_CLAIM_TAMPERING";
-    VulnerabilityCode["JWT_KID_INJECTION"] = "JWT_KID_INJECTION";
-    VulnerabilityCode["JWT_JKU_INJECTION"] = "JWT_JKU_INJECTION";
-    VulnerabilityCode["JWT_EMBEDDED_JWK"] = "JWT_EMBEDDED_JWK";
-    VulnerabilityCode["JWT_X5C_INJECTION"] = "JWT_X5C_INJECTION";
-    // ========================================
-    // OPEN REDIRECT (REDIRECT_*)
-    // ========================================
-    VulnerabilityCode["REDIRECT_HEADER_INJECTION"] = "REDIRECT_HEADER_INJECTION";
-    VulnerabilityCode["REDIRECT_META_REFRESH"] = "REDIRECT_META_REFRESH";
-    VulnerabilityCode["REDIRECT_JS_NAVIGATION"] = "REDIRECT_JS_NAVIGATION";
-    // ========================================
-    // BROKEN ACCESS CONTROL (BAC_*)
-    // ========================================
-    VulnerabilityCode["BAC_ANONYMOUS_ACCESS"] = "BAC_ANONYMOUS_ACCESS";
-    VulnerabilityCode["BAC_HORIZONTAL_PRIVILEGE"] = "BAC_HORIZONTAL_PRIVILEGE";
-    VulnerabilityCode["BAC_VERTICAL_PRIVILEGE"] = "BAC_VERTICAL_PRIVILEGE";
-    VulnerabilityCode["BAC_IDOR"] = "BAC_IDOR";
-    // ========================================
-    // SECURITY HEADERS (HEADER_*)
-    // ========================================
-    VulnerabilityCode["HEADER_MISSING_CSP"] = "HEADER_MISSING_CSP";
-    VulnerabilityCode["HEADER_MISSING_HSTS"] = "HEADER_MISSING_HSTS";
-    VulnerabilityCode["HEADER_MISSING_XFRAME"] = "HEADER_MISSING_XFRAME";
-    VulnerabilityCode["HEADER_MISSING_XCONTENT_TYPE"] = "HEADER_MISSING_XCONTENT_TYPE";
-    VulnerabilityCode["HEADER_MISSING_XSS_PROTECTION"] = "HEADER_MISSING_XSS_PROTECTION";
-    VulnerabilityCode["HEADER_MISSING_REFERRER_POLICY"] = "HEADER_MISSING_REFERRER_POLICY";
-    VulnerabilityCode["HEADER_MISSING_PERMISSIONS_POLICY"] = "HEADER_MISSING_PERMISSIONS_POLICY";
-    VulnerabilityCode["HEADER_WEAK_CSP"] = "HEADER_WEAK_CSP";
-    VulnerabilityCode["HEADER_CORS_MISCONFIGURED"] = "HEADER_CORS_MISCONFIGURED";
-    VulnerabilityCode["HEADER_COEP_WITHOUT_COOP"] = "HEADER_COEP_WITHOUT_COOP";
-    VulnerabilityCode["HEADER_CORP_UNUSUAL"] = "HEADER_CORP_UNUSUAL";
-    VulnerabilityCode["HEADER_EXPECT_CT_PRESENT"] = "HEADER_EXPECT_CT_PRESENT";
-    VulnerabilityCode["HEADER_SERVER_HEADER_PRESENT"] = "HEADER_SERVER_HEADER_PRESENT";
-    VulnerabilityCode["HEADER_X_POWERED_BY_PRESENT"] = "HEADER_X_POWERED_BY_PRESENT";
-    VulnerabilityCode["HEADER_X_XSS_PROTECTION_ENABLED"] = "HEADER_X_XSS_PROTECTION_ENABLED";
-    VulnerabilityCode["COOKIE_SAMESITE_NONE_WITHOUT_SECURE"] = "COOKIE_SAMESITE_NONE_WITHOUT_SECURE";
-    VulnerabilityCode["COOKIE_SESSION_MISSING_SECURE"] = "COOKIE_SESSION_MISSING_SECURE";
-    VulnerabilityCode["COOKIE_MISSING_SECURE"] = "COOKIE_MISSING_SECURE";
-    VulnerabilityCode["COOKIE_SESSION_MISSING_HTTPONLY"] = "COOKIE_SESSION_MISSING_HTTPONLY";
-    VulnerabilityCode["COOKIE_MISSING_HTTPONLY"] = "COOKIE_MISSING_HTTPONLY";
-    VulnerabilityCode["COOKIE_MISSING_SAMESITE"] = "COOKIE_MISSING_SAMESITE";
-    VulnerabilityCode["COOKIE_HOST_PREFIX_INVALID"] = "COOKIE_HOST_PREFIX_INVALID";
-    VulnerabilityCode["COOKIE_SECURE_PREFIX_INVALID"] = "COOKIE_SECURE_PREFIX_INVALID";
-    VulnerabilityCode["HEADER_DRIFT_CSP"] = "HEADER_DRIFT_CSP";
-    VulnerabilityCode["HEADER_DRIFT_HSTS"] = "HEADER_DRIFT_HSTS";
-    VulnerabilityCode["HEADER_DRIFT_XCONTENT_TYPE"] = "HEADER_DRIFT_XCONTENT_TYPE";
-    VulnerabilityCode["HEADER_DRIFT_REFERRER_POLICY"] = "HEADER_DRIFT_REFERRER_POLICY";
-    VulnerabilityCode["HEADER_DRIFT_XFRAME"] = "HEADER_DRIFT_XFRAME";
-    VulnerabilityCode["HEADER_DRIFT_PERMISSIONS_POLICY"] = "HEADER_DRIFT_PERMISSIONS_POLICY";
-    VulnerabilityCode["HEADER_DRIFT_COOP"] = "HEADER_DRIFT_COOP";
-    VulnerabilityCode["HEADER_DRIFT_COEP"] = "HEADER_DRIFT_COEP";
-    VulnerabilityCode["HEADER_DRIFT_CORP"] = "HEADER_DRIFT_CORP";
-    // ========================================
-    // HOST HEADER INJECTION (HOST_*)
-    // ========================================
-    VulnerabilityCode["HOST_CACHE_POISONING"] = "HOST_CACHE_POISONING";
-    VulnerabilityCode["HOST_PASSWORD_RESET"] = "HOST_PASSWORD_RESET";
-    VulnerabilityCode["HOST_REDIRECT"] = "HOST_REDIRECT";
-    // ========================================
-    // DIRECTORY BROWSING (DIRBROWSE_*)
-    // ========================================
-    VulnerabilityCode["DIRBROWSE_ENABLED"] = "DIRBROWSE_ENABLED";
-    VulnerabilityCode["DIRBROWSE_SENSITIVE"] = "DIRBROWSE_SENSITIVE";
-    // ========================================
-    // MASS ASSIGNMENT (MASSASSIGN_*)
-    // ========================================
-    VulnerabilityCode["MASSASSIGN_PROTOTYPE_POLLUTION"] = "MASSASSIGN_PROTOTYPE_POLLUTION";
-    VulnerabilityCode["MASSASSIGN_ROLE_ESCALATION"] = "MASSASSIGN_ROLE_ESCALATION";
-    VulnerabilityCode["MASSASSIGN_HIDDEN_FIELD"] = "MASSASSIGN_HIDDEN_FIELD";
-    // ========================================
-    // DESERIALIZATION (DESER_*)
-    // ========================================
-    VulnerabilityCode["DESER_JAVA"] = "DESER_JAVA";
-    VulnerabilityCode["DESER_PHP"] = "DESER_PHP";
-    VulnerabilityCode["DESER_PYTHON"] = "DESER_PYTHON";
-    VulnerabilityCode["DESER_DOTNET"] = "DESER_DOTNET";
-    VulnerabilityCode["DESER_RUBY"] = "DESER_RUBY";
-    VulnerabilityCode["DESER_NODE"] = "DESER_NODE";
-    // ========================================
-    // SENSITIVE PATH SCOUT - CRITICAL (SENS_CRIT_*)
-    // ========================================
-    VulnerabilityCode["SENS_CRIT_AWS_CREDENTIALS"] = "SENS_CRIT_AWS_CREDENTIALS";
-    VulnerabilityCode["SENS_CRIT_SSH_PRIVATE_KEY"] = "SENS_CRIT_SSH_PRIVATE_KEY";
-    VulnerabilityCode["SENS_CRIT_SSL_PRIVATE_KEY"] = "SENS_CRIT_SSL_PRIVATE_KEY";
-    VulnerabilityCode["SENS_CRIT_RAILS_MASTER_KEY"] = "SENS_CRIT_RAILS_MASTER_KEY";
-    VulnerabilityCode["SENS_CRIT_TERRAFORM_STATE"] = "SENS_CRIT_TERRAFORM_STATE";
-    VulnerabilityCode["SENS_CRIT_FIREBASE_ADMIN_SDK"] = "SENS_CRIT_FIREBASE_ADMIN_SDK";
-    VulnerabilityCode["SENS_CRIT_KUBE_CONFIG"] = "SENS_CRIT_KUBE_CONFIG";
-    VulnerabilityCode["SENS_CRIT_AZURE_STORAGE_KEY"] = "SENS_CRIT_AZURE_STORAGE_KEY";
-    VulnerabilityCode["SENS_CRIT_CONSUL_KV"] = "SENS_CRIT_CONSUL_KV";
-    VulnerabilityCode["SENS_CRIT_VAULT_SECRET"] = "SENS_CRIT_VAULT_SECRET";
-    VulnerabilityCode["SENS_CRIT_DOCKER_SECRET"] = "SENS_CRIT_DOCKER_SECRET";
-    // ========================================
-    // SENSITIVE PATH SCOUT - HIGH (SENS_HIGH_*)
-    // ========================================
-    VulnerabilityCode["SENS_HIGH_GIT_EXPOSED"] = "SENS_HIGH_GIT_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_GIT_CONFIG"] = "SENS_HIGH_GIT_CONFIG";
-    VulnerabilityCode["SENS_HIGH_WORDPRESS_CONFIG"] = "SENS_HIGH_WORDPRESS_CONFIG";
-    VulnerabilityCode["SENS_HIGH_SPRING_ACTUATOR"] = "SENS_HIGH_SPRING_ACTUATOR";
-    VulnerabilityCode["SENS_HIGH_SPRING_HEAPDUMP"] = "SENS_HIGH_SPRING_HEAPDUMP";
-    VulnerabilityCode["SENS_HIGH_DATABASE_BACKUP"] = "SENS_HIGH_DATABASE_BACKUP";
-    VulnerabilityCode["SENS_HIGH_PHPINFO"] = "SENS_HIGH_PHPINFO";
-    VulnerabilityCode["SENS_HIGH_LARAVEL_DEBUG"] = "SENS_HIGH_LARAVEL_DEBUG";
-    VulnerabilityCode["SENS_HIGH_GCP_SERVICE_ACCOUNT"] = "SENS_HIGH_GCP_SERVICE_ACCOUNT";
-    VulnerabilityCode["SENS_HIGH_GRAPHQL_INTROSPECTION"] = "SENS_HIGH_GRAPHQL_INTROSPECTION";
-    VulnerabilityCode["SENS_HIGH_PHPMYADMIN"] = "SENS_HIGH_PHPMYADMIN";
-    VulnerabilityCode["SENS_HIGH_MONGODB_CONFIG"] = "SENS_HIGH_MONGODB_CONFIG";
-    VulnerabilityCode["SENS_HIGH_JAVA_KEYSTORE"] = "SENS_HIGH_JAVA_KEYSTORE";
-    VulnerabilityCode["SENS_HIGH_PHP_SESSION"] = "SENS_HIGH_PHP_SESSION";
-    VulnerabilityCode["SENS_HIGH_ENV_FILE"] = "SENS_HIGH_ENV_FILE";
-    VulnerabilityCode["SENS_HIGH_BACKUP_FILE"] = "SENS_HIGH_BACKUP_FILE";
-    VulnerabilityCode["SENS_HIGH_HTPASSWD"] = "SENS_HIGH_HTPASSWD";
-    VulnerabilityCode["SENS_HIGH_DS_STORE"] = "SENS_HIGH_DS_STORE";
-    // ========================================
-    // SENSITIVE PATH SCOUT - MEDIUM (SENS_MED_*)
-    // ========================================
-    VulnerabilityCode["SENS_MED_SWAGGER_DOCS"] = "SENS_MED_SWAGGER_DOCS";
-    VulnerabilityCode["SENS_MED_APACHE_STATUS"] = "SENS_MED_APACHE_STATUS";
-    VulnerabilityCode["SENS_MED_PROMETHEUS_METRICS"] = "SENS_MED_PROMETHEUS_METRICS";
-    VulnerabilityCode["SENS_MED_DOCKERFILE"] = "SENS_MED_DOCKERFILE";
-    VulnerabilityCode["SENS_MED_FIREBASE_CONFIG"] = "SENS_MED_FIREBASE_CONFIG";
-    VulnerabilityCode["SENS_MED_SOURCE_MAP"] = "SENS_MED_SOURCE_MAP";
-    VulnerabilityCode["SENS_MED_ELASTICSEARCH"] = "SENS_MED_ELASTICSEARCH";
-    VulnerabilityCode["SENS_MED_ADMIN_PANEL"] = "SENS_MED_ADMIN_PANEL";
-    VulnerabilityCode["SENS_MED_COMPOSER_LOCK"] = "SENS_MED_COMPOSER_LOCK";
-    VulnerabilityCode["SENS_MED_PACKAGE_LOCK"] = "SENS_MED_PACKAGE_LOCK";
-    VulnerabilityCode["SENS_MED_GEMFILE_LOCK"] = "SENS_MED_GEMFILE_LOCK";
-    VulnerabilityCode["SENS_MED_ROBOTS_TXT"] = "SENS_MED_ROBOTS_TXT";
-    VulnerabilityCode["SENS_MED_SITEMAP"] = "SENS_MED_SITEMAP";
-    VulnerabilityCode["SENS_MED_CROSSDOMAIN_XML"] = "SENS_MED_CROSSDOMAIN_XML";
-    // ========================================
-    // SENSITIVE PATH SCOUT - LOW (SENS_LOW_*)
-    // ========================================
-    VulnerabilityCode["SENS_LOW_TRAVIS_CI"] = "SENS_LOW_TRAVIS_CI";
-    VulnerabilityCode["SENS_LOW_JENKINSFILE"] = "SENS_LOW_JENKINSFILE";
-    VulnerabilityCode["SENS_LOW_CIRCLECI"] = "SENS_LOW_CIRCLECI";
-    VulnerabilityCode["SENS_LOW_GITLAB_CI"] = "SENS_LOW_GITLAB_CI";
-    VulnerabilityCode["SENS_LOW_README"] = "SENS_LOW_README";
-    VulnerabilityCode["SENS_LOW_CHANGELOG"] = "SENS_LOW_CHANGELOG";
-    VulnerabilityCode["SENS_LOW_LICENSE"] = "SENS_LOW_LICENSE";
-    // ========================================
-    // SENSITIVE PATH SCOUT - EXTENDED
-    // ========================================
-    // HIGH
-    VulnerabilityCode["SENS_HIGH_WEB_SERVER_CONFIGURATION_FILE_DETECTED"] = "SENS_HIGH_WEB_SERVER_CONFIGURATION_FILE_DETECTED";
-    VulnerabilityCode["SENS_HIGH_APPSETTINGS_JSON_EXPOSED"] = "SENS_HIGH_APPSETTINGS_JSON_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_SPRING_CONFIG_EXPOSED"] = "SENS_HIGH_SPRING_CONFIG_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_NPMRC_EXPOSED"] = "SENS_HIGH_NPMRC_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_RAILS_DATABASE_YML_EXPOSED"] = "SENS_HIGH_RAILS_DATABASE_YML_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_DRUPAL_SETTINGS_PHP_EXPOSED"] = "SENS_HIGH_DRUPAL_SETTINGS_PHP_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_MAGENTO_ENV_PHP_EXPOSED"] = "SENS_HIGH_MAGENTO_ENV_PHP_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_JOLOKIA_EXPOSED"] = "SENS_HIGH_JOLOKIA_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_SVN_WORKING_COPY_DATABASE_EXPOSED"] = "SENS_HIGH_SVN_WORKING_COPY_DATABASE_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_SUBVERSION_REPOSITORY_DETECTED"] = "SENS_HIGH_SUBVERSION_REPOSITORY_DETECTED";
-    VulnerabilityCode["SENS_HIGH_SPRING_BOOT_THREAD_DUMP_EXPOSED"] = "SENS_HIGH_SPRING_BOOT_THREAD_DUMP_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_REDIS_RDB_DUMP_DETECTED"] = "SENS_HIGH_REDIS_RDB_DUMP_DETECTED";
-    VulnerabilityCode["SENS_HIGH_TRACE_AXD"] = "SENS_HIGH_TRACE_AXD";
-    VulnerabilityCode["SENS_HIGH_ELMAH_AXD_EXPOSED"] = "SENS_HIGH_ELMAH_AXD_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_SQLITE_DATABASE_DETECTED"] = "SENS_HIGH_SQLITE_DATABASE_DETECTED";
-    VulnerabilityCode["SENS_HIGH_AWS_CONFIG_EXPOSED"] = "SENS_HIGH_AWS_CONFIG_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_AZURE_CREDENTIALS_EXPOSED"] = "SENS_HIGH_AZURE_CREDENTIALS_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_HELM_VALUES_EXPOSED"] = "SENS_HIGH_HELM_VALUES_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_TERRAFORM_VARS_EXPOSED"] = "SENS_HIGH_TERRAFORM_VARS_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_LARAVEL_LOG_EXPOSED"] = "SENS_HIGH_LARAVEL_LOG_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_WORD_PRESS_DEBUG_LOG_EXPOSED"] = "SENS_HIGH_WORD_PRESS_DEBUG_LOG_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_ADMINER_EXPOSED"] = "SENS_HIGH_ADMINER_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_DEBUG_ENDPOINT_EXPOSED"] = "SENS_HIGH_DEBUG_ENDPOINT_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_GO_DEBUG_VARS_EXPOSED"] = "SENS_HIGH_GO_DEBUG_VARS_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_GO_PPROF_EXPOSED"] = "SENS_HIGH_GO_PPROF_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_AZURE_STORAGE_CONFIG_EXPOSED"] = "SENS_HIGH_AZURE_STORAGE_CONFIG_EXPOSED";
-    VulnerabilityCode["SENS_HIGH_MONGO_RC_EXPOSED"] = "SENS_HIGH_MONGO_RC_EXPOSED";
-    // MEDIUM
-    VulnerabilityCode["SENS_MED_UN_PROTECTED_CONFIG_JSON"] = "SENS_MED_UN_PROTECTED_CONFIG_JSON";
-    VulnerabilityCode["SENS_MED_MERCURIAL_REPOSITORY_FOUND"] = "SENS_MED_MERCURIAL_REPOSITORY_FOUND";
-    VulnerabilityCode["SENS_MED_MERCURIAL_HGRC_EXPOSED"] = "SENS_MED_MERCURIAL_HGRC_EXPOSED";
-    VulnerabilityCode["SENS_MED_CVS_ROOT_EXPOSED"] = "SENS_MED_CVS_ROOT_EXPOSED";
-    VulnerabilityCode["SENS_MED_CVS_ENTRIES_EXPOSED"] = "SENS_MED_CVS_ENTRIES_EXPOSED";
-    VulnerabilityCode["SENS_MED_BAZAAR_REPO_EXPOSED"] = "SENS_MED_BAZAAR_REPO_EXPOSED";
-    VulnerabilityCode["SENS_MED_DOCKER_COMPOSE_CONFIGURATION_DETECTED"] = "SENS_MED_DOCKER_COMPOSE_CONFIGURATION_DETECTED";
-    VulnerabilityCode["SENS_MED_LARAVEL_LOG_VIEWER_ENABLED"] = "SENS_MED_LARAVEL_LOG_VIEWER_ENABLED";
-    VulnerabilityCode["SENS_MED_APACHE_HTACCESS_FILE_DETECTED"] = "SENS_MED_APACHE_HTACCESS_FILE_DETECTED";
-    VulnerabilityCode["SENS_MED_APACHE_SERVER_INFO_EXPOSED"] = "SENS_MED_APACHE_SERVER_INFO_EXPOSED";
-    VulnerabilityCode["SENS_MED_PACKAGE_DEPENDENCIES_DETECTED"] = "SENS_MED_PACKAGE_DEPENDENCIES_DETECTED";
-    VulnerabilityCode["SENS_MED_PHP_COMPOSER_DEPENDENCIES_DETECTED"] = "SENS_MED_PHP_COMPOSER_DEPENDENCIES_DETECTED";
-    VulnerabilityCode["SENS_MED_SSH_PUBLIC_KEY_EXPOSED"] = "SENS_MED_SSH_PUBLIC_KEY_EXPOSED";
-    VulnerabilityCode["SENS_MED_SSL_CERTIFICATE_EXPOSED"] = "SENS_MED_SSL_CERTIFICATE_EXPOSED";
-    VulnerabilityCode["SENS_MED_GRAPH_QL_ENDPOINT_EXPOSED"] = "SENS_MED_GRAPH_QL_ENDPOINT_EXPOSED";
-    VulnerabilityCode["SENS_MED_GRAPHI_QL_EXPOSED"] = "SENS_MED_GRAPHI_QL_EXPOSED";
-    VulnerabilityCode["SENS_MED_TERRAFORM_LOCK_EXPOSED"] = "SENS_MED_TERRAFORM_LOCK_EXPOSED";
-    VulnerabilityCode["SENS_MED_ERROR_LOG_EXPOSED"] = "SENS_MED_ERROR_LOG_EXPOSED";
-    VulnerabilityCode["SENS_MED_ACCESS_LOG_EXPOSED"] = "SENS_MED_ACCESS_LOG_EXPOSED";
-    VulnerabilityCode["SENS_MED_DEBUG_LOG_EXPOSED"] = "SENS_MED_DEBUG_LOG_EXPOSED";
-    VulnerabilityCode["SENS_MED_APPLICATION_LOG_EXPOSED"] = "SENS_MED_APPLICATION_LOG_EXPOSED";
-    VulnerabilityCode["SENS_MED_WSDL_EXPOSED"] = "SENS_MED_WSDL_EXPOSED";
-    VulnerabilityCode["SENS_MED_WORD_PRESS_XML_RPC_EXPOSED"] = "SENS_MED_WORD_PRESS_XML_RPC_EXPOSED";
-    // LOW
-    VulnerabilityCode["SENS_LOW_TOML_PROJECT_FILE_EXPOSED"] = "SENS_LOW_TOML_PROJECT_FILE_EXPOSED";
-    VulnerabilityCode["SENS_LOW_ATLASSIAN_BITBUCKET_PIPELINES_CONFIGURATION_DETECTED"] = "SENS_LOW_ATLASSIAN_BITBUCKET_PIPELINES_CONFIGURATION_DETECTED";
-    VulnerabilityCode["SENS_LOW_AZURE_PIPELINES_CONFIGURATION_DETECTED"] = "SENS_LOW_AZURE_PIPELINES_CONFIGURATION_DETECTED";
-    VulnerabilityCode["SENS_LOW_AWS_CODE_BUILD_BUILDSPEC_DETECTED"] = "SENS_LOW_AWS_CODE_BUILD_BUILDSPEC_DETECTED";
-    VulnerabilityCode["SENS_LOW_GITHUB_ACTIONS_WORKFLOW_DETECTED"] = "SENS_LOW_GITHUB_ACTIONS_WORKFLOW_DETECTED";
-    VulnerabilityCode["SENS_LOW_PYTHON_REQUIREMENTS_DETECTED"] = "SENS_LOW_PYTHON_REQUIREMENTS_DETECTED";
-    VulnerabilityCode["SENS_LOW_TEST_ENDPOINT_EXPOSED"] = "SENS_LOW_TEST_ENDPOINT_EXPOSED";
-    VulnerabilityCode["SENS_LOW_STAGING_ENDPOINT_EXPOSED"] = "SENS_LOW_STAGING_ENDPOINT_EXPOSED";
-    VulnerabilityCode["SENS_LOW_EDITOR_BACKUP_FILE_DETECTED"] = "SENS_LOW_EDITOR_BACKUP_FILE_DETECTED";
-    VulnerabilityCode["SENS_LOW_VIM_SWAP_FILE_DETECTED"] = "SENS_LOW_VIM_SWAP_FILE_DETECTED";
-    VulnerabilityCode["SENS_LOW_DIRECTORY_LISTING_ENABLED"] = "SENS_LOW_DIRECTORY_LISTING_ENABLED";
-    VulnerabilityCode["SENS_LOW_AWSSAM_TEMPLATE_EXPOSED"] = "SENS_LOW_AWSSAM_TEMPLATE_EXPOSED";
-    VulnerabilityCode["SENS_LOW_SERVERLESS_CONFIG_EXPOSED"] = "SENS_LOW_SERVERLESS_CONFIG_EXPOSED";
-    VulnerabilityCode["SENS_LOW_CLOUD_FORMATION_TEMPLATE_EXPOSED"] = "SENS_LOW_CLOUD_FORMATION_TEMPLATE_EXPOSED";
-    // ========================================
-    // CLICKJACKING (CLICK_*)
-    // ========================================
-    VulnerabilityCode["CLICK_FRAMEABLE"] = "CLICK_FRAMEABLE";
-    VulnerabilityCode["CLICK_PARTIAL_PROTECTION"] = "CLICK_PARTIAL_PROTECTION";
-})(VulnerabilityCode || (exports.VulnerabilityCode = VulnerabilityCode = {}));
-exports.default = VulnerabilityCode;

package/src/error-codes.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"error-codes.js","sourceRoot":"","sources":["error-codes.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,CAAN,IAAY,iBAoUX;AApUD,WAAY,iBAAiB;IACzB,2CAA2C;IAC3C,yBAAyB;IACzB,2CAA2C;IAC3C,0DAAqC,CAAA;IACrC,8DAAyC,CAAA;IACzC,wDAAmC,CAAA;IACnC,0DAAqC,CAAA;IACrC,0DAAqC,CAAA;IAErC,2CAA2C;IAC3C,+BAA+B;IAC/B,2CAA2C;IAC3C,oDAA+B,CAAA;IAC/B,8CAAyB,CAAA;IACzB,oDAA+B,CAAA;IAC/B,4DAAuC,CAAA;IACvC,0DAAqC,CAAA;IACrC,kDAA6B,CAAA;IAC7B,4DAAuC,CAAA;IACvC,kEAA6C,CAAA;IAC7C,8DAAyC,CAAA;IACzC,wEAAmD,CAAA;IACnD,sDAAiC,CAAA;IACjC,4DAAuC,CAAA;IACvC,sDAAiC,CAAA;IACjC,kEAA6C,CAAA;IAC7C,8DAAyC,CAAA;IAEzC,2CAA2C;IAC3C,6BAA6B;IAC7B,2CAA2C;IAC3C,8DAAyC,CAAA;IACzC,sDAAiC,CAAA;IACjC,wDAAmC,CAAA;IACnC,0DAAqC,CAAA;IAErC,2CAA2C;IAC3C,uCAAuC;IACvC,2CAA2C;IAC3C,gEAA2C,CAAA;IAC3C,oEAA+C,CAAA;IAC/C,wEAAmD,CAAA;IACnD,sDAAiC,CAAA;IACjC,8DAAyC,CAAA;IAEzC,2CAA2C;IAC3C,0CAA0C;IAC1C,2CAA2C;IAC3C,gDAA2B,CAAA;IAC3B,4CAAuB,CAAA;IACvB,wDAAmC,CAAA;IACnC,oDAA+B,CAAA;IAC/B,sDAAiC,CAAA;IACjC,0CAAqB,CAAA;IACrB,0CAAqB,CAAA;IACrB,0CAAqB,CAAA;IACrB,gDAA2B,CAAA;IAC3B,4CAAuB,CAAA;IACvB,kDAA6B,CAAA;IAE7B,2CAA2C;IAC3C,8BAA8B;IAC9B,2CAA2C;IAC3C,gDAA2B,CAAA;IAC3B,4CAAuB,CAAA;IACvB,wCAAmB,CAAA;IACnB,wDAAmC,CAAA;IACnC,kEAA6C,CAAA;IAE7C,2CAA2C;IAC3C,4BAA4B;IAC5B,2CAA2C;IAC3C,4DAAuC,CAAA;IACvC,oEAA+C,CAAA;IAC/C,gDAA2B,CAAA;IAC3B,4DAAuC,CAAA;IAEvC,2CAA2C;IAC3C,+BAA+B;IAC/B,2CAA2C;IAC3C,8DAAyC,CAAA;IACzC,4DAAuC,CAAA;IACvC,oEAA+C,CAAA;IAC/C,kEAA6C,CAAA;IAC7C,gEAA2C,CAAA;IAE3C,2CAA2C;IAC3C,8BAA8B;IAC9B,2CAA2C;IAC3C,8DAAyC,CAAA;IACzC,wDAAmC,CAAA;IACnC,4DAAuC,CAAA;IACvC,4DAAuC,CAAA;IACvC,8DAAyC,CAAA;IACzC,gEAA2C,CAAA;IAC3C,4DAAuC,CAAA;IACvC,4DAAuC,CAAA;IACvC,0DAAqC,CAAA;IACrC,4DAAuC,CAAA;IAEvC,2CAA2C;IAC3C,6BAA6B;IAC7B,2CAA2C;IAC3C,4EAAuD,CAAA;IACvD,oEAA+C,CAAA;IAC/C,sEAAiD,CAAA;IAEjD,2CAA2C;IAC3C,gCAAgC;IAChC,2CAA2C;IAC3C,kEAA6C,CAAA;IAC7C,0EAAqD,CAAA;IACrD,sEAAiD,CAAA;IACjD,0CAAqB,CAAA;IAErB,2CAA2C;IAC3C,8BAA8B;IAC9B,2CAA2C;IAC3C,8DAAyC,CAAA;IACzC,gEAA2C,CAAA;IAC3C,oEAA+C,CAAA;IAC/C,kFAA6D,CAAA;IAC7D,oFAA+D,CAAA;IAC/D,sFAAiE,CAAA;IACjE,4FAAuE,CAAA;IACvE,wDAAmC,CAAA;IACnC,4EAAuD,CAAA;IACvD,0EAAqD,CAAA;IACrD,gEAA2C,CAAA;IAC3C,0EAAqD,CAAA;IACrD,kFAA6D,CAAA;IAC7D,gFAA2D,CAAA;IAC3D,wFAAmE,CAAA;IACnE,gGAA2E,CAAA;IAC3E,oFAA+D,CAAA;IAC/D,oEAA+C,CAAA;IAC/C,wFAAmE,CAAA;IACnE,wEAAmD,CAAA;IACnD,wEAAmD,CAAA;IACnD,8EAAyD,CAAA;IACzD,kFAA6D,CAAA;IAC7D,0DAAqC,CAAA;IACrC,4DAAuC,CAAA;IACvC,8EAAyD,CAAA;IACzD,kFAA6D,CAAA;IAC7D,gEAA2C,CAAA;IAC3C,wFAAmE,CAAA;IACnE,4DAAuC,CAAA;IACvC,4DAAuC,CAAA;IACvC,4DAAuC,CAAA;IAEvC,2CAA2C;IAC3C,iCAAiC;IACjC,2CAA2C;IAC3C,kEAA6C,CAAA;IAC7C,gEAA2C,CAAA;IAC3C,oDAA+B,CAAA;IAE/B,2CAA2C;IAC3C,mCAAmC;IACnC,2CAA2C;IAC3C,4DAAuC,CAAA;IACvC,gEAA2C,CAAA;IAE3C,2CAA2C;IAC3C,iCAAiC;IACjC,2CAA2C;IAC3C,sFAAiE,CAAA;IACjE,8EAAyD,CAAA;IACzD,wEAAmD,CAAA;IAEnD,2CAA2C;IAC3C,4BAA4B;IAC5B,2CAA2C;IAC3C,8CAAyB,CAAA;IACzB,4CAAuB,CAAA;IACvB,kDAA6B,CAAA;IAC7B,kDAA6B,CAAA;IAC7B,8CAAyB,CAAA;IACzB,8CAAyB,CAAA;IAEzB,2CAA2C;IAC3C,gDAAgD;IAChD,2CAA2C;IAC3C,4EAAuD,CAAA;IACvD,4EAAuD,CAAA;IACvD,4EAAuD,CAAA;IACvD,8EAAyD,CAAA;IACzD,4EAAuD,CAAA;IACvD,kFAA6D,CAAA;IAC7D,oEAA+C,CAAA;IAC/C,gFAA2D,CAAA;IAC3D,gEAA2C,CAAA;IAC3C,sEAAiD,CAAA;IACjD,wEAAmD,CAAA;IAEnD,2CAA2C;IAC3C,4CAA4C;IAC5C,2CAA2C;IAC3C,oEAA+C,CAAA;IAC/C,kEAA6C,CAAA;IAC7C,8EAAyD,CAAA;IACzD,4EAAuD,CAAA;IACvD,4EAAuD,CAAA;IACvD,4EAAuD,CAAA;IACvD,4DAAuC,CAAA;IACvC,wEAAmD,CAAA;IACnD,oFAA+D,CAAA;IAC/D,wFAAmE,CAAA;IACnE,kEAA6C,CAAA;IAC7C,0EAAqD,CAAA;IACrD,wEAAmD,CAAA;IACnD,oEAA+C,CAAA;IAC/C,8DAAyC,CAAA;IACzC,oEAA+C,CAAA;IAC/C,8DAAyC,CAAA;IACzC,8DAAyC,CAAA;IAEzC,2CAA2C;IAC3C,6CAA6C;IAC7C,2CAA2C;IAC3C,oEAA+C,CAAA;IAC/C,sEAAiD,CAAA;IACjD,gFAA2D,CAAA;IAC3D,gEAA2C,CAAA;IAC3C,0EAAqD,CAAA;IACrD,gEAA2C,CAAA;IAC3C,sEAAiD,CAAA;IACjD,kEAA6C,CAAA;IAC7C,sEAAiD,CAAA;IACjD,oEAA+C,CAAA;IAC/C,oEAA+C,CAAA;IAC/C,gEAA2C,CAAA;IAC3C,0DAAqC,CAAA;IACrC,0EAAqD,CAAA;IAErD,2CAA2C;IAC3C,0CAA0C;IAC1C,2CAA2C;IAC3C,8DAAyC,CAAA;IACzC,kEAA6C,CAAA;IAC7C,4DAAuC,CAAA;IACvC,8DAAyC,CAAA;IACzC,wDAAmC,CAAA;IACnC,8DAAyC,CAAA;IACzC,0DAAqC,CAAA;IAErC,2CAA2C;IAC3C,kCAAkC;IAClC,2CAA2C;IAC3C,OAAO;IACP,0HAAqG,CAAA;IACrG,8FAAyE,CAAA;IACzE,wFAAmE,CAAA;IACnE,wEAAmD,CAAA;IACnD,kGAA6E,CAAA;IAC7E,oGAA+E,CAAA;IAC/E,4FAAuE,CAAA;IACvE,4EAAuD,CAAA;IACvD,gHAA2F,CAAA;IAC3F,0GAAqF,CAAA;IACrF,4GAAuF,CAAA;IACvF,4FAAuE,CAAA;IACvE,gEAA2C,CAAA;IAC3C,gFAA2D,CAAA;IAC3D,8FAAyE,CAAA;IACzE,kFAA6D,CAAA;IAC7D,gGAA2E,CAAA;IAC3E,oFAA+D,CAAA;IAC/D,0FAAqE,CAAA;IACrE,oFAA+D,CAAA;IAC/D,sGAAiF,CAAA;IACjF,4EAAuD,CAAA;IACvD,0FAAqE,CAAA;IACrE,wFAAmE,CAAA;IACnE,8EAAyD,CAAA;IACzD,sGAAiF,CAAA;IACjF,8EAAyD,CAAA;IACzD,SAAS;IACT,4FAAuE,CAAA;IACvE,gGAA2E,CAAA;IAC3E,wFAAmE,CAAA;IACnE,4EAAuD,CAAA;IACvD,kFAA6D,CAAA;IAC7D,kFAA6D,CAAA;IAC7D,sHAAiG,CAAA;IACjG,gGAA2E,CAAA;IAC3E,sGAAiF,CAAA;IACjF,gGAA2E,CAAA;IAC3E,sGAAiF,CAAA;IACjF,gHAA2F,CAAA;IAC3F,wFAAmE,CAAA;IACnE,0FAAqE,CAAA;IACrE,8FAAyE,CAAA;IACzE,8EAAyD,CAAA;IACzD,wFAAmE,CAAA;IACnE,8EAAyD,CAAA;IACzD,gFAA2D,CAAA;IAC3D,8EAAyD,CAAA;IACzD,0FAAqE,CAAA;IACrE,oEAA+C,CAAA;IAC/C,gGAA2E,CAAA;IAC3E,MAAM;IACN,8FAAyE,CAAA;IACzE,oJAA+H,CAAA;IAC/H,wHAAmG,CAAA;IACnG,8GAAyF,CAAA;IACzF,4GAAuF,CAAA;IACvF,oGAA+E,CAAA;IAC/E,sFAAiE,CAAA;IACjE,4FAAuE,CAAA;IACvE,kGAA6E,CAAA;IAC7E,wFAAmE,CAAA;IACnE,8FAAyE,CAAA;IACzE,0FAAqE,CAAA;IACrE,8FAAyE,CAAA;IACzE,4GAAuF,CAAA;IAEvF,2CAA2C;IAC3C,yBAAyB;IACzB,2CAA2C;IAC3C,wDAAmC,CAAA;IACnC,0EAAqD,CAAA;AACzD,CAAC,EApUW,iBAAiB,KAAjB,iBAAiB,QAoU5B;AAED,eAAe,iBAAiB,CAAC"}

package/src/index.d.ts

@@ -1,60 +0,0 @@
-/**
- * Vulnerability Registry - Main Entry Point
- *
- * Exports all vulnerability codes, definitions, and lookup utilities
- */
-import { VulnerabilityCode } from './error-codes.js';
-import type { VulnerabilityDefinition, VulnerabilityLookup, Severity, VulnerabilityCategory } from './types.js';
-import { INJECTION_VULNERABILITIES } from './categories/injection.js';
-import { XSS_VULNERABILITIES } from './categories/xss.js';
-import { SSRF_VULNERABILITIES } from './categories/ssrf.js';
-import { AUTH_VULNERABILITIES } from './categories/authentication.js';
-import { CONFIG_VULNERABILITIES } from './categories/configuration.js';
-import { SENSITIVE_PATH_VULNERABILITIES } from './categories/sensitive-paths.js';
-/**
- * Complete vulnerability registry combining all categories
- */
-export declare const VULNERABILITY_REGISTRY: Record<string, VulnerabilityDefinition>;
-/**
- * Get vulnerability definition by code
- */
-export declare function getVulnerabilityDefinition(code: VulnerabilityCode | string): VulnerabilityLookup;
-/**
- * Get all vulnerabilities for a specific scanner
- */
-export declare function getVulnerabilitiesByScanner(scanner: string): VulnerabilityDefinition[];
-/**
- * Get all vulnerabilities for a specific category
- */
-export declare function getVulnerabilitiesByCategory(category: VulnerabilityCategory): VulnerabilityDefinition[];
-/**
- * Get all vulnerabilities for a specific severity
- */
-export declare function getVulnerabilitiesBySeverity(severity: Severity): VulnerabilityDefinition[];
-/**
- * Get all vulnerability codes
- */
-export declare function getAllVulnerabilityCodes(): VulnerabilityCode[];
-/**
- * Get total count of registered vulnerabilities
- */
-export declare function getVulnerabilityCount(): number;
-/**
- * Create a finding with vulnerability definition
- */
-export declare function createFinding(code: VulnerabilityCode | string, overrides?: Partial<VulnerabilityDefinition>): VulnerabilityDefinition | null;
-export { VulnerabilityCode } from './error-codes.js';
-export type { VulnerabilityDefinition, VulnerabilityLookup, CVSSProfile, CWEReference, OWASPReference, Severity, VulnerabilityCategory, } from './types.js';
-export { INJECTION_VULNERABILITIES, XSS_VULNERABILITIES, SSRF_VULNERABILITIES, AUTH_VULNERABILITIES, CONFIG_VULNERABILITIES, SENSITIVE_PATH_VULNERABILITIES, };
-declare const _default: {
-    VulnerabilityCode: typeof VulnerabilityCode;
-    VULNERABILITY_REGISTRY: Record<string, VulnerabilityDefinition>;
-    getVulnerabilityDefinition: typeof getVulnerabilityDefinition;
-    getVulnerabilitiesByScanner: typeof getVulnerabilitiesByScanner;
-    getVulnerabilitiesByCategory: typeof getVulnerabilitiesByCategory;
-    getVulnerabilitiesBySeverity: typeof getVulnerabilitiesBySeverity;
-    getAllVulnerabilityCodes: typeof getAllVulnerabilityCodes;
-    getVulnerabilityCount: typeof getVulnerabilityCount;
-    createFinding: typeof createFinding;
-};
-export default _default;

package/src/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,KAAK,EAAE,uBAAuB,EAAE,mBAAmB,EAA6C,QAAQ,EAAE,qBAAqB,EAAE,MAAM,YAAY,CAAC;AAG3J,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AACvE,OAAO,EAAE,8BAA8B,EAAE,MAAM,iCAAiC,CAAC;AAEjF;;GAEG;AACH,eAAO,MAAM,sBAAsB,EAAE,MAAM,CAAC,MAAM,EAAE,uBAAuB,CAO1E,CAAC;AAEF;;GAEG;AACH,wBAAgB,0BAA0B,CAAC,IAAI,EAAE,iBAAiB,GAAG,MAAM,GAAG,mBAAmB,CAMhG;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,OAAO,EAAE,MAAM,GAAG,uBAAuB,EAAE,CAEtF;AAED;;GAEG;AACH,wBAAgB,4BAA4B,CAAC,QAAQ,EAAE,qBAAqB,GAAG,uBAAuB,EAAE,CAEvG;AAED;;GAEG;AACH,wBAAgB,4BAA4B,CAAC,QAAQ,EAAE,QAAQ,GAAG,uBAAuB,EAAE,CAE1F;AAED;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,iBAAiB,EAAE,CAE9D;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,MAAM,CAE9C;AAED;;GAEG;AACH,wBAAgB,aAAa,CACzB,IAAI,EAAE,iBAAiB,GAAG,MAAM,EAChC,SAAS,CAAC,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAC7C,uBAAuB,GAAG,IAAI,CAUhC;AAGD,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,YAAY,EACR,uBAAuB,EACvB,mBAAmB,EACnB,WAAW,EACX,YAAY,EACZ,cAAc,EACd,QAAQ,EACR,qBAAqB,GACxB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACH,yBAAyB,EACzB,mBAAmB,EACnB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,GACjC,CAAC;;;;;;;;;;;;AAEF,wBAUE"}

package/src/index.js

@@ -1,107 +0,0 @@
-"use strict";
-/**
- * Vulnerability Registry - Main Entry Point
- *
- * Exports all vulnerability codes, definitions, and lookup utilities
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.SENSITIVE_PATH_VULNERABILITIES = exports.CONFIG_VULNERABILITIES = exports.AUTH_VULNERABILITIES = exports.SSRF_VULNERABILITIES = exports.XSS_VULNERABILITIES = exports.INJECTION_VULNERABILITIES = exports.VulnerabilityCode = exports.VULNERABILITY_REGISTRY = void 0;
-exports.getVulnerabilityDefinition = getVulnerabilityDefinition;
-exports.getVulnerabilitiesByScanner = getVulnerabilitiesByScanner;
-exports.getVulnerabilitiesByCategory = getVulnerabilitiesByCategory;
-exports.getVulnerabilitiesBySeverity = getVulnerabilitiesBySeverity;
-exports.getAllVulnerabilityCodes = getAllVulnerabilityCodes;
-exports.getVulnerabilityCount = getVulnerabilityCount;
-exports.createFinding = createFinding;
-const error_codes_js_1 = require("./error-codes.js");
-// Import all category definitions
-const injection_js_1 = require("./categories/injection.js");
-Object.defineProperty(exports, "INJECTION_VULNERABILITIES", { enumerable: true, get: function () { return injection_js_1.INJECTION_VULNERABILITIES; } });
-const xss_js_1 = require("./categories/xss.js");
-Object.defineProperty(exports, "XSS_VULNERABILITIES", { enumerable: true, get: function () { return xss_js_1.XSS_VULNERABILITIES; } });
-const ssrf_js_1 = require("./categories/ssrf.js");
-Object.defineProperty(exports, "SSRF_VULNERABILITIES", { enumerable: true, get: function () { return ssrf_js_1.SSRF_VULNERABILITIES; } });
-const authentication_js_1 = require("./categories/authentication.js");
-Object.defineProperty(exports, "AUTH_VULNERABILITIES", { enumerable: true, get: function () { return authentication_js_1.AUTH_VULNERABILITIES; } });
-const configuration_js_1 = require("./categories/configuration.js");
-Object.defineProperty(exports, "CONFIG_VULNERABILITIES", { enumerable: true, get: function () { return configuration_js_1.CONFIG_VULNERABILITIES; } });
-const sensitive_paths_js_1 = require("./categories/sensitive-paths.js");
-Object.defineProperty(exports, "SENSITIVE_PATH_VULNERABILITIES", { enumerable: true, get: function () { return sensitive_paths_js_1.SENSITIVE_PATH_VULNERABILITIES; } });
-/**
- * Complete vulnerability registry combining all categories
- */
-exports.VULNERABILITY_REGISTRY = {
-    ...injection_js_1.INJECTION_VULNERABILITIES,
-    ...xss_js_1.XSS_VULNERABILITIES,
-    ...ssrf_js_1.SSRF_VULNERABILITIES,
-    ...authentication_js_1.AUTH_VULNERABILITIES,
-    ...configuration_js_1.CONFIG_VULNERABILITIES,
-    ...sensitive_paths_js_1.SENSITIVE_PATH_VULNERABILITIES,
-};
-/**
- * Get vulnerability definition by code
- */
-function getVulnerabilityDefinition(code) {
-    const definition = exports.VULNERABILITY_REGISTRY[code];
-    if (definition) {
-        return { found: true, definition };
-    }
-    return { found: false };
-}
-/**
- * Get all vulnerabilities for a specific scanner
- */
-function getVulnerabilitiesByScanner(scanner) {
-    return Object.values(exports.VULNERABILITY_REGISTRY).filter(v => v.scanner === scanner);
-}
-/**
- * Get all vulnerabilities for a specific category
- */
-function getVulnerabilitiesByCategory(category) {
-    return Object.values(exports.VULNERABILITY_REGISTRY).filter(v => v.category === category);
-}
-/**
- * Get all vulnerabilities for a specific severity
- */
-function getVulnerabilitiesBySeverity(severity) {
-    return Object.values(exports.VULNERABILITY_REGISTRY).filter(v => v.severity === severity);
-}
-/**
- * Get all vulnerability codes
- */
-function getAllVulnerabilityCodes() {
-    return Object.values(error_codes_js_1.VulnerabilityCode);
-}
-/**
- * Get total count of registered vulnerabilities
- */
-function getVulnerabilityCount() {
-    return Object.keys(exports.VULNERABILITY_REGISTRY).length;
-}
-/**
- * Create a finding with vulnerability definition
- */
-function createFinding(code, overrides) {
-    const lookup = getVulnerabilityDefinition(code);
-    if (!lookup.found || !lookup.definition) {
-        return null;
-    }
-    return {
-        ...lookup.definition,
-        ...overrides,
-    };
-}
-// Re-export all types and enums
-var error_codes_js_2 = require("./error-codes.js");
-Object.defineProperty(exports, "VulnerabilityCode", { enumerable: true, get: function () { return error_codes_js_2.VulnerabilityCode; } });
-exports.default = {
-    VulnerabilityCode: error_codes_js_1.VulnerabilityCode,
-    VULNERABILITY_REGISTRY: exports.VULNERABILITY_REGISTRY,
-    getVulnerabilityDefinition,
-    getVulnerabilitiesByScanner,
-    getVulnerabilitiesByCategory,
-    getVulnerabilitiesBySeverity,
-    getAllVulnerabilityCodes,
-    getVulnerabilityCount,
-    createFinding,
-};

package/src/index.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAGrD,kCAAkC;AAClC,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AACtE,OAAO,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gCAAgC,CAAC;AACtE,OAAO,EAAE,sBAAsB,EAAE,MAAM,+BAA+B,CAAC;AACvE,OAAO,EAAE,8BAA8B,EAAE,MAAM,iCAAiC,CAAC;AAEjF;;GAEG;AACH,MAAM,CAAC,MAAM,sBAAsB,GAA4C;IAC3E,GAAG,yBAAyB;IAC5B,GAAG,mBAAmB;IACtB,GAAG,oBAAoB;IACvB,GAAG,oBAAoB;IACvB,GAAG,sBAAsB;IACzB,GAAG,8BAA8B;CACpC,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,0BAA0B,CAAC,IAAgC;IACvE,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;IAChD,IAAI,UAAU,EAAE,CAAC;QACb,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;IACvC,CAAC;IACD,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,2BAA2B,CAAC,OAAe;IACvD,OAAO,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,OAAO,CAAC,CAAC;AACpF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAAC,QAA+B;IACxE,OAAO,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AACtF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,4BAA4B,CAAC,QAAkB;IAC3D,OAAO,MAAM,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AACtF,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB;IACpC,OAAO,MAAM,CAAC,MAAM,CAAC,iBAAiB,CAAC,CAAC;AAC5C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB;IACjC,OAAO,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC,MAAM,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CACzB,IAAgC,EAChC,SAA4C;IAE5C,MAAM,MAAM,GAAG,0BAA0B,CAAC,IAAI,CAAC,CAAC;IAChD,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IAChB,CAAC;IAED,OAAO;QACH,GAAG,MAAM,CAAC,UAAU;QACpB,GAAG,SAAS;KACf,CAAC;AACN,CAAC;AAED,gCAAgC;AAChC,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAWrD,gDAAgD;AAChD,OAAO,EACH,yBAAyB,EACzB,mBAAmB,EACnB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,8BAA8B,GACjC,CAAC;AAEF,eAAe;IACX,iBAAiB;IACjB,sBAAsB;IACtB,0BAA0B;IAC1B,2BAA2B;IAC3B,4BAA4B;IAC5B,4BAA4B;IAC5B,wBAAwB;IACxB,qBAAqB;IACrB,aAAa;CAChB,CAAC"}

package/src/types.d.ts

@@ -1,86 +0,0 @@
-/**
- * Vulnerability Registry - Core Types
- *
- * Central type definitions for all vulnerability definitions.
- */
-/**
- * Vulnerability severity levels
- */
-export type Severity = 'critical' | 'high' | 'medium' | 'low' | 'info';
-/**
- * CVSS v3.1 severity ratings
- */
-export type CVSSSeverity = 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'NONE';
-/**
- * Vulnerability categories
- */
-export type VulnerabilityCategory = 'injection' | 'xss' | 'authentication' | 'access_control' | 'configuration' | 'information_disclosure' | 'cryptographic' | 'business_logic' | 'ssrf' | 'file_inclusion';
-/**
- * CVSS v3.1 Score data
- */
-export interface CVSSProfile {
-    /** Base score (0.0 - 10.0) */
-    score: number;
-    /** Full CVSS vector string */
-    vector: string;
-    /** Severity rating derived from score */
-    severity: CVSSSeverity;
-}
-/**
- * CWE (Common Weakness Enumeration) reference
- */
-export interface CWEReference {
-    /** CWE ID (e.g., "CWE-89") */
-    id: string;
-    /** CWE name */
-    name: string;
-    /** URL to CWE definition */
-    url: string;
-}
-/**
- * OWASP reference
- */
-export interface OWASPReference {
-    /** OWASP ID (e.g., "A03:2021") */
-    id: string;
-    /** OWASP category name */
-    name: string;
-    /** URL to OWASP definition */
-    url: string;
-}
-/**
- * Complete vulnerability definition
- */
-export interface VulnerabilityDefinition {
-    /** Unique numeric identifier */
-    id: number;
-    /** Unique vulnerability code */
-    code: string;
-    /** Human-readable title */
-    title: string;
-    /** Detailed description (100+ characters) */
-    description: string;
-    /** Severity level */
-    severity: Severity;
-    /** Vulnerability category */
-    category: VulnerabilityCategory;
-    /** Scanner that detects this vulnerability */
-    scanner: string;
-    /** CVSS v3.1 profile */
-    cvss: CVSSProfile;
-    /** Associated CWE references */
-    cwe: CWEReference[];
-    /** Associated OWASP references */
-    owasp: OWASPReference[];
-    /** Remediation guidance */
-    remediation: string;
-    /** Additional reference URLs */
-    references?: string[];
-}
-/**
- * Vulnerability registry lookup result
- */
-export interface VulnerabilityLookup {
-    found: boolean;
-    definition?: VulnerabilityDefinition;
-}

package/src/types.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAE3E;;GAEG;AACH,MAAM,MAAM,qBAAqB,GAC3B,WAAW,GACX,KAAK,GACL,gBAAgB,GAChB,gBAAgB,GAChB,eAAe,GACf,wBAAwB,GACxB,eAAe,GACf,gBAAgB,GAChB,MAAM,GACN,gBAAgB,CAAC;AAEvB;;GAEG;AACH,MAAM,WAAW,WAAW;IACxB,8BAA8B;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,yCAAyC;IACzC,QAAQ,EAAE,YAAY,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IACzB,8BAA8B;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,eAAe;IACf,IAAI,EAAE,MAAM,CAAC;IACb,4BAA4B;IAC5B,GAAG,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC3B,kCAAkC;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,0BAA0B;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,8BAA8B;IAC9B,GAAG,EAAE,MAAM,CAAC;CACf;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACpC,gCAAgC;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,gCAAgC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,2BAA2B;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,6CAA6C;IAC7C,WAAW,EAAE,MAAM,CAAC;IACpB,qBAAqB;IACrB,QAAQ,EAAE,QAAQ,CAAC;IACnB,6BAA6B;IAC7B,QAAQ,EAAE,qBAAqB,CAAC;IAChC,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAC;IAEhB,wBAAwB;IACxB,IAAI,EAAE,WAAW,CAAC;IAElB,gCAAgC;IAChC,GAAG,EAAE,YAAY,EAAE,CAAC;IAEpB,kCAAkC;IAClC,KAAK,EAAE,cAAc,EAAE,CAAC;IAExB,2BAA2B;IAC3B,WAAW,EAAE,MAAM,CAAC;IAEpB,gCAAgC;IAChC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAChC,KAAK,EAAE,OAAO,CAAC;IACf,UAAU,CAAC,EAAE,uBAAuB,CAAC;CACxC"}

package/src/types.js

@@ -1,7 +0,0 @@
-"use strict";
-/**
- * Vulnerability Registry - Core Types
- *
- * Central type definitions for all vulnerability definitions.
- */
-Object.defineProperty(exports, "__esModule", { value: true });

package/src/types.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"types.js","sourceRoot":"","sources":["types.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}