appsec-agent 1.3.5 → 1.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (5) hide show
  1. package/dist/src/schemas/security_report.d.ts +8 -10
  2. package/dist/src/schemas/security_report.d.ts.map +1 -1
  3. package/dist/src/schemas/security_report.js +34 -32
  4. package/dist/src/schemas/security_report.js.map +1 -1
  5. package/package.json +1 -1
package/dist/src/schemas/security_report.d.ts CHANGED
@@ -11,21 +11,19 @@ export interface SecurityFinding {
11
11
  id: string;
12
12
  title: string;
13
13
  severity: 'CRITICAL' | 'HIGH' | 'MEDIUM' | 'LOW' | 'INFO';
14
+ confidence: 'HIGH' | 'MEDIUM' | 'LOW';
14
15
  category: string;
16
+ file: string;
17
+ line_numbers?: string;
15
18
  cwe_id?: string;
16
19
  cvss_score?: number;
17
- affected_files: Array<{
18
- path: string;
19
- lines?: string;
20
- }>;
21
20
  description: string;
21
+ code_snippet?: string;
22
22
  impact?: string;
23
- vulnerable_code?: string;
24
- remediation: string | {
25
- description?: string;
26
- remediation_steps?: string[];
27
- secure_code_example?: string;
28
- };
23
+ recommendation: string;
24
+ fixed_code?: string;
25
+ cwe?: string;
26
+ owasp?: string;
29
27
  references?: string[];
30
28
  }
31
29
  export interface SecurityReviewReport {
package/dist/src/schemas/security_report.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security_report.d.ts","sourceRoot":"","sources":["../../../src/schemas/security_report.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC1D,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,KAAK,CAAC;QACpB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC,CAAC;IACH,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,EAAE,MAAM,GAAG;QACpB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;QAC7B,mBAAmB,CAAC,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,oBAAoB;IACnC,sBAAsB,EAAE;QACtB,QAAQ,EAAE;YACR,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,oBAAoB,CAAC,EAAE,MAAM,CAAC;YAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;SAC7B,CAAC;QACF,iBAAiB,EAAE;YACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,IAAI,CAAC,EAAE,MAAM,CAAC;YACd,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,GAAG,CAAC,EAAE,MAAM,CAAC;YACb,IAAI,CAAC,EAAE,MAAM,CAAC;SACf,CAAC;QACF,QAAQ,EAAE,eAAe,EAAE,CAAC;QAC5B,eAAe,CAAC,EAAE,KAAK,CAAC;YACtB,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;SACnB,CAAC,CAAC;QACH,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED;;;GAGG;AACH,eAAO,MAAM,sBAAsB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAoG1D,CAAC"}
1
+ {"version":3,"file":"security_report.d.ts","sourceRoot":"","sources":["../../../src/schemas/security_report.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC1D,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAED,MAAM,WAAW,oBAAoB;IACnC,sBAAsB,EAAE;QACtB,QAAQ,EAAE;YACR,YAAY,CAAC,EAAE,MAAM,CAAC;YACtB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,SAAS,CAAC,EAAE,MAAM,CAAC;YACnB,oBAAoB,CAAC,EAAE,MAAM,CAAC;YAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;SAC7B,CAAC;QACF,iBAAiB,EAAE;YACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,IAAI,CAAC,EAAE,MAAM,CAAC;YACd,MAAM,CAAC,EAAE,MAAM,CAAC;YAChB,GAAG,CAAC,EAAE,MAAM,CAAC;YACb,IAAI,CAAC,EAAE,MAAM,CAAC;SACf,CAAC;QACF,QAAQ,EAAE,eAAe,EAAE,CAAC;QAC5B,eAAe,CAAC,EAAE,KAAK,CAAC;YACtB,KAAK,CAAC,EAAE,MAAM,CAAC;YACf,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;SACnB,CAAC,CAAC;QACH,UAAU,CAAC,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED;;;GAGG;AACH,eAAO,MAAM,sBAAsB,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAsG1D,CAAC"}
package/dist/src/schemas/security_report.js CHANGED
@@ -48,49 +48,51 @@ exports.SECURITY_REPORT_SCHEMA = {
48
48
  type: 'array',
49
49
  items: {
50
50
  type: 'object',
51
- required: ['id', 'title', 'severity', 'category', 'affected_files', 'description', 'remediation'],
51
+ required: ['id', 'title', 'severity', 'confidence', 'category', 'file', 'description', 'recommendation'],
52
52
  properties: {
53
- id: { type: 'string' },
53
+ id: {
54
+ type: 'string',
55
+ description: 'Sequential ID (SEC-001, SEC-002, etc.)'
56
+ },
54
57
  title: { type: 'string' },
55
58
  severity: {
56
59
  type: 'string',
57
60
  enum: ['CRITICAL', 'HIGH', 'MEDIUM', 'LOW', 'INFO']
58
61
  },
62
+ confidence: {
63
+ type: 'string',
64
+ enum: ['HIGH', 'MEDIUM', 'LOW'],
65
+ description: 'Confidence level of the finding'
66
+ },
59
67
  category: { type: 'string' },
68
+ file: {
69
+ type: 'string',
70
+ description: 'File path where the vulnerability was found'
71
+ },
72
+ line_numbers: {
73
+ type: 'string',
74
+ description: 'Line number(s) where the issue occurs, e.g., "8-10" or "8"'
75
+ },
60
76
  cwe_id: { type: 'string' },
61
77
  cvss_score: { type: 'number', minimum: 0, maximum: 10 },
62
- affected_files: {
63
- type: 'array',
64
- items: {
65
- type: 'object',
66
- required: ['path'],
67
- properties: {
68
- path: { type: 'string' },
69
- lines: {
70
- type: 'string',
71
- description: 'Line numbers as string, e.g., "8-10" or "8". NOT an array.'
72
- }
73
- }
74
- }
75
- },
76
78
  description: { type: 'string' },
79
+ code_snippet: { type: 'string' },
77
80
  impact: { type: 'string' },
78
- vulnerable_code: { type: 'string' },
79
- remediation: {
80
- oneOf: [
81
- { type: 'string' },
82
- {
83
- type: 'object',
84
- properties: {
85
- description: { type: 'string' },
86
- remediation_steps: {
87
- type: 'array',
88
- items: { type: 'string' }
89
- },
90
- secure_code_example: { type: 'string' }
91
- }
92
- }
93
- ]
81
+ recommendation: {
82
+ type: 'string',
83
+ description: 'Remediation steps to fix the vulnerability'
84
+ },
85
+ fixed_code: {
86
+ type: 'string',
87
+ description: 'Corrected code that fixes the vulnerability'
88
+ },
89
+ cwe: {
90
+ type: 'string',
91
+ description: 'CWE identifier, e.g., "CWE-89: SQL Injection"'
92
+ },
93
+ owasp: {
94
+ type: 'string',
95
+ description: 'OWASP Top 10 reference'
94
96
  },
95
97
  references: {
96
98
  type: 'array',
package/dist/src/schemas/security_report.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"security_report.js","sourceRoot":"","sources":["../../../src/schemas/security_report.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAoDH;;;GAGG;AACU,QAAA,sBAAsB,GAA4B;IAC7D,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,CAAC,wBAAwB,CAAC;IACpC,UAAU,EAAE;QACV,sBAAsB,EAAE;YACtB,IAAI,EAAE,QAAQ;YACd,QAAQ,EAAE,CAAC,UAAU,EAAE,mBAAmB,EAAE,UAAU,CAAC;YACvD,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAChC,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC7B,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC7B,oBAAoB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;wBACzC,kBAAkB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;qBACxC;iBACF;gBACD,iBAAiB,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC5B,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC/B,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACzC,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACrC,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACvC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACpC,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;qBACtC;iBACF;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,QAAQ,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,gBAAgB,EAAE,aAAa,EAAE,aAAa,CAAC;wBACjG,UAAU,EAAE;4BACV,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BACtB,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BACzB,QAAQ,EAAE;gCACR,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC;6BACpD;4BACD,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC5B,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC1B,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;4BACvD,cAAc,EAAE;gCACd,IAAI,EAAE,OAAO;gCACb,KAAK,EAAE;oCACL,IAAI,EAAE,QAAQ;oCACd,QAAQ,EAAE,CAAC,MAAM,CAAC;oCAClB,UAAU,EAAE;wCACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wCACxB,KAAK,EAAE;4CACL,IAAI,EAAE,QAAQ;4CACd,WAAW,EAAE,4DAA4D;yCAC1E;qCACF;iCACF;6BACF;4BACD,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC/B,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC1B,eAAe,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BACnC,WAAW,EAAE;gCACX,KAAK,EAAE;oCACL,EAAE,IAAI,EAAE,QAAQ,EAAE;oCAClB;wCACE,IAAI,EAAE,QAAQ;wCACd,UAAU,EAAE;4CACV,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4CAC/B,iBAAiB,EAAE;gDACjB,IAAI,EAAE,OAAO;gDACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;6CAC1B;4CACD,mBAAmB,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;yCACxC;qCACF;iCACF;6BACF;4BACD,UAAU,EAAE;gCACV,IAAI,EAAE,OAAO;gCACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;6BAC1B;yBACF;qBACF;iBACF;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,UAAU,EAAE;4BACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BACzB,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC/B,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;yBAC7B;qBACF;iBACF;gBACD,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;aAC/B;SACF;KACF;CACF,CAAC"}
1
+ {"version":3,"file":"security_report.js","sourceRoot":"","sources":["../../../src/schemas/security_report.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAkDH;;;GAGG;AACU,QAAA,sBAAsB,GAA4B;IAC7D,IAAI,EAAE,QAAQ;IACd,QAAQ,EAAE,CAAC,wBAAwB,CAAC;IACpC,UAAU,EAAE;QACV,sBAAsB,EAAE;YACtB,IAAI,EAAE,QAAQ;YACd,QAAQ,EAAE,CAAC,UAAU,EAAE,mBAAmB,EAAE,UAAU,CAAC;YACvD,UAAU,EAAE;gBACV,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAChC,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC7B,SAAS,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC7B,oBAAoB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;wBACzC,kBAAkB,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;qBACxC;iBACF;gBACD,iBAAiB,EAAE;oBACjB,IAAI,EAAE,QAAQ;oBACd,UAAU,EAAE;wBACV,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC5B,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wBAC/B,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACzC,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACrC,MAAM,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACvC,GAAG,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;wBACpC,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;qBACtC;iBACF;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,QAAQ,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,UAAU,EAAE,MAAM,EAAE,aAAa,EAAE,gBAAgB,CAAC;wBACxG,UAAU,EAAE;4BACV,EAAE,EAAE;gCACF,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,wCAAwC;6BACtD;4BACD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BACzB,QAAQ,EAAE;gCACR,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC;6BACpD;4BACD,UAAU,EAAE;gCACV,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC;gCAC/B,WAAW,EAAE,iCAAiC;6BAC/C;4BACD,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC5B,IAAI,EAAE;gCACJ,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,6CAA6C;6BAC3D;4BACD,YAAY,EAAE;gCACZ,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,4DAA4D;6BAC1E;4BACD,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC1B,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;4BACvD,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC/B,YAAY,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAChC,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC1B,cAAc,EAAE;gCACd,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,4CAA4C;6BAC1D;4BACD,UAAU,EAAE;gCACV,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,6CAA6C;6BAC3D;4BACD,GAAG,EAAE;gCACH,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,+CAA+C;6BAC7D;4BACD,KAAK,EAAE;gCACL,IAAI,EAAE,QAAQ;gCACd,WAAW,EAAE,wBAAwB;6BACtC;4BACD,UAAU,EAAE;gCACV,IAAI,EAAE,OAAO;gCACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;6BAC1B;yBACF;qBACF;iBACF;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,OAAO;oBACb,KAAK,EAAE;wBACL,IAAI,EAAE,QAAQ;wBACd,UAAU,EAAE;4BACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BACzB,WAAW,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4BAC/B,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;yBAC7B;qBACF;iBACF;gBACD,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;aAC/B;SACF;KACF;CACF,CAAC"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "appsec-agent",
3
- "version": "1.3.5",
3
+ "version": "1.4.0",
4
4
  "description": "TypeScript package for AppSec AI Agent management",
5
5
  "author": "Sam Li",
6
6
  "date": "Feb 23 2026",