npm - aura-security - Versions diffs - 0.4.0 - Mend

aura-security 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (115) hide show

package/LICENSE +21 -0
package/README.md +446 -0
package/deploy/AWS-DEPLOYMENT.md +358 -0
package/deploy/terraform/main.tf +362 -0
package/deploy/terraform/terraform.tfvars.example +6 -0
package/dist/agents/base.d.ts +44 -0
package/dist/agents/base.js +96 -0
package/dist/agents/index.d.ts +14 -0
package/dist/agents/index.js +17 -0
package/dist/agents/policy/evaluator.d.ts +15 -0
package/dist/agents/policy/evaluator.js +183 -0
package/dist/agents/policy/index.d.ts +12 -0
package/dist/agents/policy/index.js +15 -0
package/dist/agents/policy/validator.d.ts +15 -0
package/dist/agents/policy/validator.js +182 -0
package/dist/agents/scanners/gitleaks.d.ts +14 -0
package/dist/agents/scanners/gitleaks.js +155 -0
package/dist/agents/scanners/grype.d.ts +14 -0
package/dist/agents/scanners/grype.js +109 -0
package/dist/agents/scanners/index.d.ts +15 -0
package/dist/agents/scanners/index.js +27 -0
package/dist/agents/scanners/npm-audit.d.ts +13 -0
package/dist/agents/scanners/npm-audit.js +129 -0
package/dist/agents/scanners/semgrep.d.ts +14 -0
package/dist/agents/scanners/semgrep.js +131 -0
package/dist/agents/scanners/trivy.d.ts +14 -0
package/dist/agents/scanners/trivy.js +122 -0
package/dist/agents/types.d.ts +137 -0
package/dist/agents/types.js +91 -0
package/dist/auditor/index.d.ts +3 -0
package/dist/auditor/index.js +2 -0
package/dist/auditor/pipeline.d.ts +19 -0
package/dist/auditor/pipeline.js +240 -0
package/dist/auditor/validator.d.ts +17 -0
package/dist/auditor/validator.js +58 -0
package/dist/aura/client.d.ts +29 -0
package/dist/aura/client.js +125 -0
package/dist/aura/index.d.ts +4 -0
package/dist/aura/index.js +2 -0
package/dist/aura/server.d.ts +45 -0
package/dist/aura/server.js +343 -0
package/dist/cli.d.ts +17 -0
package/dist/cli.js +1433 -0
package/dist/client/index.d.ts +41 -0
package/dist/client/index.js +170 -0
package/dist/compliance/index.d.ts +40 -0
package/dist/compliance/index.js +292 -0
package/dist/database/index.d.ts +77 -0
package/dist/database/index.js +395 -0
package/dist/index.d.ts +25 -0
package/dist/index.js +762 -0
package/dist/integrations/aura-scanner.d.ts +69 -0
package/dist/integrations/aura-scanner.js +155 -0
package/dist/integrations/aws-scanner.d.ts +63 -0
package/dist/integrations/aws-scanner.js +624 -0
package/dist/integrations/config.d.ts +69 -0
package/dist/integrations/config.js +212 -0
package/dist/integrations/github.d.ts +45 -0
package/dist/integrations/github.js +201 -0
package/dist/integrations/gitlab.d.ts +36 -0
package/dist/integrations/gitlab.js +110 -0
package/dist/integrations/index.d.ts +11 -0
package/dist/integrations/index.js +11 -0
package/dist/integrations/local-scanner.d.ts +146 -0
package/dist/integrations/local-scanner.js +1654 -0
package/dist/integrations/notifications.d.ts +99 -0
package/dist/integrations/notifications.js +305 -0
package/dist/integrations/scanners.d.ts +57 -0
package/dist/integrations/scanners.js +217 -0
package/dist/integrations/slop-scanner.d.ts +69 -0
package/dist/integrations/slop-scanner.js +155 -0
package/dist/integrations/webhook.d.ts +37 -0
package/dist/integrations/webhook.js +256 -0
package/dist/orchestrator/index.d.ts +72 -0
package/dist/orchestrator/index.js +187 -0
package/dist/output/index.d.ts +152 -0
package/dist/output/index.js +399 -0
package/dist/pipeline/index.d.ts +72 -0
package/dist/pipeline/index.js +313 -0
package/dist/sbom/index.d.ts +94 -0
package/dist/sbom/index.js +298 -0
package/dist/schemas/index.d.ts +2 -0
package/dist/schemas/index.js +2 -0
package/dist/schemas/input.schema.d.ts +87 -0
package/dist/schemas/input.schema.js +44 -0
package/dist/schemas/output.schema.d.ts +115 -0
package/dist/schemas/output.schema.js +64 -0
package/dist/serve-visualizer.d.ts +2 -0
package/dist/serve-visualizer.js +78 -0
package/dist/slop/client.d.ts +29 -0
package/dist/slop/client.js +125 -0
package/dist/slop/index.d.ts +4 -0
package/dist/slop/index.js +2 -0
package/dist/slop/server.d.ts +45 -0
package/dist/slop/server.js +343 -0
package/dist/types/events.d.ts +62 -0
package/dist/types/events.js +2 -0
package/dist/types/index.d.ts +1 -0
package/dist/types/index.js +1 -0
package/dist/visualizer/index.d.ts +4 -0
package/dist/visualizer/index.js +181 -0
package/dist/websocket/index.d.ts +88 -0
package/dist/websocket/index.js +195 -0
package/dist/zones/index.d.ts +7 -0
package/dist/zones/index.js +7 -0
package/dist/zones/manager.d.ts +101 -0
package/dist/zones/manager.js +304 -0
package/dist/zones/types.d.ts +78 -0
package/dist/zones/types.js +33 -0
package/package.json +84 -0
package/visualizer/app.js +0 -0
package/visualizer/index-minimal.html +1771 -0
package/visualizer/index.html +2933 -0
package/visualizer/landing.html +1328 -0
package/visualizer/styles.css +0 -0

package/dist/integrations/index.js ADDED Viewed

@@ -0,0 +1,11 @@
+// Integration Hub - Connect external systems to aurasecurity
+// Supports: GitHub, GitLab, Jenkins, Snyk, Trivy, Local System, and custom webhooks
+export { WebhookServer } from './webhook.js';
+export { GitHubIntegration } from './github.js';
+export { GitLabIntegration } from './gitlab.js';
+export { ScannerParser, SnykParser, TrivyParser, SemgrepParser } from './scanners.js';
+export { ConfigLoader } from './config.js';
+export { LocalScanner, quickLocalScan } from './local-scanner.js';
+export { NotificationService, createNotificationFromAudit } from './notifications.js';
+// Aura Protocol Scanner (multi-agent architecture)
+export { auraScan, getAuraState, getAvailableAgents, orchestrator } from './aura-scanner.js';

package/dist/integrations/local-scanner.d.ts ADDED Viewed

@@ -0,0 +1,146 @@
+import type { AuditorInput } from '../types/events.js';
+export interface IaCFinding {
+    file: string;
+    line?: number;
+    resource: string;
+    checkId: string;
+    checkType: string;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+    title: string;
+    guideline?: string;
+}
+export interface DockerfileFinding {
+    file: string;
+    line: number;
+    code: string;
+    message: string;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+}
+export interface LocalScanConfig {
+    targetPath: string;
+    scanSecrets?: boolean;
+    scanPackages?: boolean;
+    scanGit?: boolean;
+    scanEnvFiles?: boolean;
+    scanIaC?: boolean;
+    scanDockerfiles?: boolean;
+    maxDepth?: number;
+    excludePatterns?: string[];
+    languages?: string[];
+    scanners?: string[];
+}
+export interface DiscoveredService {
+    id: string;
+    name: string;
+    type: 'database' | 'cache' | 'cloud' | 'api' | 'messaging' | 'storage' | 'auth' | 'monitoring';
+    source: string;
+    connectionInfo?: string;
+    severity: 'info' | 'low' | 'medium' | 'high' | 'critical';
+}
+export interface DiscoveredModule {
+    id: string;
+    name: string;
+    path: string;
+    type: 'source' | 'component' | 'service' | 'api' | 'lib' | 'config' | 'test' | 'infra' | 'docs';
+    fileCount: number;
+    files: string[];
+    imports: string[];
+    exports: string[];
+}
+export interface LocalScanResult {
+    path: string;
+    timestamp: string;
+    secrets: SecretFinding[];
+    packages: PackageFinding[];
+    sastFindings: SastFinding[];
+    iacFindings: IaCFinding[];
+    dockerfileFindings: DockerfileFinding[];
+    gitInfo: GitInfo | null;
+    envFiles: EnvFileFinding[];
+    systemInfo: SystemInfo;
+    discoveredServices: DiscoveredService[];
+    discoveredModules: DiscoveredModule[];
+    toolsUsed: string[];
+    languagesDetected: string[];
+}
+export interface SecretFinding {
+    file: string;
+    line: number;
+    type: string;
+    snippet: string;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+}
+export interface PackageFinding {
+    name: string;
+    version: string;
+    vulnerabilities: number;
+    severity: 'critical' | 'high' | 'medium' | 'low';
+    vulnId?: string;
+    title?: string;
+    fixedVersion?: string;
+}
+export interface SastFinding {
+    file: string;
+    line: number;
+    rule: string;
+    message: string;
+    severity: string;
+}
+export interface GitInfo {
+    branch: string;
+    remoteUrl?: string;
+    uncommittedChanges: number;
+    lastCommit?: string;
+}
+export interface EnvFileFinding {
+    file: string;
+    variables: string[];
+    hasSecrets: boolean;
+}
+export interface SystemInfo {
+    platform: string;
+    hostname: string;
+    user: string;
+    nodeVersion: string;
+    cwd: string;
+}
+export declare class LocalScanner {
+    private config;
+    constructor(config: LocalScanConfig);
+    scan(): Promise<LocalScanResult>;
+    private detectLanguages;
+    private mergePackageFindings;
+    private discoverServices;
+    private scanFilesForServices;
+    private checkFileForServices;
+    private maskConnectionString;
+    private discoverModules;
+    private scanNestedModules;
+    private analyzeModule;
+    private getCodeFiles;
+    private getSystemInfo;
+    private scanForSecrets;
+    private scanFile;
+    private maskSecret;
+    private scanPackages;
+    private normalizeSeverity;
+    private getGitInfo;
+    private scanEnvFiles;
+    toAuditorInput(result: LocalScanResult): AuditorInput;
+}
+export declare function quickLocalScan(targetPath: string): Promise<LocalScanResult>;
+export interface RemoteScanConfig {
+    gitUrl: string;
+    branch?: string;
+    depth?: number;
+    scanSecrets?: boolean;
+    scanPackages?: boolean;
+}
+export interface RemoteScanResult extends LocalScanResult {
+    gitUrl: string;
+    branch: string;
+    cloneDuration: number;
+    scanDuration: number;
+}
+export declare function scanRemoteGit(config: RemoteScanConfig): Promise<RemoteScanResult>;
+export declare function isGitUrl(str: string): boolean;