avana-cli 2.11.0

package/dist/rules/additional-patterns.js

@@ -0,0 +1,170 @@
+"use strict";
+/**
+ * Avana - Additional Secret Patterns
+ * Extended patterns for less common but still important services
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ADDITIONAL_SECRET_PATTERNS = void 0;
+exports.getAdditionalSecretPatterns = getAdditionalSecretPatterns;
+/**
+ * Additional secret patterns for specialized services
+ * NOTE: Only includes high-confidence patterns with specific prefixes or context
+ */
+exports.ADDITIONAL_SECRET_PATTERNS = [
+    // ============================================
+    // Analytics & Monitoring
+    // ============================================
+    {
+        id: 'new-relic-key',
+        name: 'New Relic License Key',
+        pattern: /NRAK-[A-Z0-9]{27}/g,
+        severity: 'high',
+        description: 'New Relic license key detected',
+        suggestion: 'Move to environment variable: NEW_RELIC_LICENSE_KEY',
+    },
+    {
+        id: 'sentry-dsn',
+        name: 'Sentry DSN',
+        pattern: /https:\/\/[a-f0-9]{32}@[a-z0-9]+\.ingest\.sentry\.io\/[0-9]+/g,
+        severity: 'medium',
+        description: 'Sentry DSN detected',
+        suggestion: 'Move to environment variable: SENTRY_DSN',
+    },
+    // ============================================
+    // CI/CD & DevOps
+    // ============================================
+    {
+        id: 'docker-hub-token',
+        name: 'Docker Hub Token',
+        pattern: /dckr_pat_[a-zA-Z0-9_-]{36}/g,
+        severity: 'critical',
+        description: 'Docker Hub access token detected',
+        suggestion: 'Revoke token and use Docker secrets',
+    },
+    {
+        id: 'npm-token',
+        name: 'NPM Token',
+        pattern: /npm_[a-zA-Z0-9]{36}/g,
+        severity: 'critical',
+        description: 'NPM access token detected',
+        suggestion: 'Revoke token and use .npmrc with environment variable',
+    },
+    // ============================================
+    // Social Media & Marketing
+    // ============================================
+    {
+        id: 'facebook-access-token',
+        name: 'Facebook Access Token',
+        pattern: /EAACEdEose0cBA[0-9A-Za-z]+/g,
+        severity: 'high',
+        description: 'Facebook access token detected',
+        suggestion: 'Revoke token and move to environment variable',
+    },
+    {
+        id: 'twitter-bearer-token',
+        name: 'Twitter Bearer Token',
+        pattern: /AAAAAAAAAAAAAAAAAAAAAA[a-zA-Z0-9%]+/g,
+        severity: 'critical',
+        description: 'Twitter Bearer token detected',
+        suggestion: 'Revoke token and move to environment variable',
+    },
+    // ============================================
+    // Storage & CDN
+    // ============================================
+    {
+        id: 'digitalocean-token',
+        name: 'DigitalOcean Token',
+        pattern: /dop_v1_[a-f0-9]{64}/g,
+        severity: 'critical',
+        description: 'DigitalOcean access token detected',
+        suggestion: 'Revoke token and move to environment variable',
+    },
+    {
+        id: 'heroku-api-key',
+        name: 'Heroku API Key',
+        pattern: /[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}/g,
+        severity: 'critical',
+        description: 'Heroku API key detected',
+        suggestion: 'Revoke key and use Heroku config vars',
+    },
+    // ============================================
+    // Search & Database Services
+    // ============================================
+    {
+        id: 'elasticsearch-password',
+        name: 'Elasticsearch Password',
+        pattern: /elastic:[^@]+@/gi,
+        severity: 'critical',
+        description: 'Elasticsearch credentials detected',
+        suggestion: 'Move to environment variable: ELASTICSEARCH_URL',
+    },
+    // ============================================
+    // Authentication Services
+    // ============================================
+    {
+        id: 'okta-api-token',
+        name: 'Okta API Token',
+        pattern: /00[a-zA-Z0-9_-]{40}/g,
+        severity: 'critical',
+        description: 'Okta API token detected',
+        suggestion: 'Revoke token and move to environment variable',
+    },
+    {
+        id: 'firebase-api-key',
+        name: 'Firebase API Key',
+        pattern: /AIza[0-9A-Za-z\-_]{35}/g,
+        severity: 'high',
+        description: 'Firebase API key detected',
+        suggestion: 'Move to environment variable and restrict API key',
+    },
+    // ============================================
+    // Cryptocurrency & Blockchain
+    // ============================================
+    {
+        id: 'ethereum-private-key',
+        name: 'Ethereum Private Key',
+        pattern: /0x[a-fA-F0-9]{64}/g,
+        severity: 'critical',
+        description: 'Ethereum private key detected',
+        suggestion: 'Remove immediately and use hardware wallet',
+    },
+    // ============================================
+    // Miscellaneous Services
+    // ============================================
+    {
+        id: 'shopify-token',
+        name: 'Shopify Access Token',
+        pattern: /shpat_[a-fA-F0-9]{32}/g,
+        severity: 'critical',
+        description: 'Shopify access token detected',
+        suggestion: 'Revoke token and move to environment variable',
+    },
+    {
+        id: 'shopify-shared-secret',
+        name: 'Shopify Shared Secret',
+        pattern: /shpss_[a-fA-F0-9]{32}/g,
+        severity: 'critical',
+        description: 'Shopify shared secret detected',
+        suggestion: 'Move to environment variable: SHOPIFY_SHARED_SECRET',
+    },
+    {
+        id: 'airtable-api-key',
+        name: 'Airtable API Key',
+        pattern: /key[a-zA-Z0-9]{14}/g,
+        severity: 'high',
+        description: 'Airtable API key detected',
+        suggestion: 'Move to environment variable: AIRTABLE_API_KEY',
+    },
+    {
+        id: 'notion-token',
+        name: 'Notion Integration Token',
+        pattern: /secret_[a-zA-Z0-9]{43}/g,
+        severity: 'high',
+        description: 'Notion integration token detected',
+        suggestion: 'Move to environment variable: NOTION_TOKEN',
+    },
+];
+function getAdditionalSecretPatterns() {
+    return exports.ADDITIONAL_SECRET_PATTERNS;
+}
+//# sourceMappingURL=additional-patterns.js.map

package/dist/rules/additional-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"additional-patterns.js","sourceRoot":"","sources":["../../src/rules/additional-patterns.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AA0KH,kEAEC;AAxKD;;;GAGG;AACU,QAAA,0BAA0B,GAAoB;IACzD,+CAA+C;IAC/C,yBAAyB;IACzB,+CAA+C;IAC/C;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gCAAgC;QAC7C,UAAU,EAAE,qDAAqD;KAClE;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,+DAA+D;QACxE,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,qBAAqB;QAClC,UAAU,EAAE,0CAA0C;KACvD;IAED,+CAA+C;IAC/C,iBAAiB;IACjB,+CAA+C;IAC/C;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,6BAA6B;QACtC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,kCAAkC;QAC/C,UAAU,EAAE,qCAAqC;KAClD;IACD;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,WAAW;QACjB,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2BAA2B;QACxC,UAAU,EAAE,uDAAuD;KACpE;IAED,+CAA+C;IAC/C,2BAA2B;IAC3B,+CAA+C;IAC/C;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,6BAA6B;QACtC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,gCAAgC;QAC7C,UAAU,EAAE,+CAA+C;KAC5D;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,sCAAsC;QAC/C,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,+BAA+B;QAC5C,UAAU,EAAE,+CAA+C;KAC5D;IAED,+CAA+C;IAC/C,gBAAgB;IAChB,+CAA+C;IAC/C;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,oCAAoC;QACjD,UAAU,EAAE,+CAA+C;KAC5D;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,+DAA+D;QACxE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,yBAAyB;QACtC,UAAU,EAAE,uCAAuC;KACpD;IAED,+CAA+C;IAC/C,6BAA6B;IAC7B,+CAA+C;IAC/C;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,kBAAkB;QAC3B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,oCAAoC;QACjD,UAAU,EAAE,iDAAiD;KAC9D;IAED,+CAA+C;IAC/C,0BAA0B;IAC1B,+CAA+C;IAC/C;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,yBAAyB;QACtC,UAAU,EAAE,+CAA+C;KAC5D;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,yBAAyB;QAClC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2BAA2B;QACxC,UAAU,EAAE,mDAAmD;KAChE;IAED,+CAA+C;IAC/C,8BAA8B;IAC9B,+CAA+C;IAC/C;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,+BAA+B;QAC5C,UAAU,EAAE,4CAA4C;KACzD;IAED,+CAA+C;IAC/C,yBAAyB;IACzB,+CAA+C;IAC/C;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,+BAA+B;QAC5C,UAAU,EAAE,+CAA+C;KAC5D;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gCAAgC;QAC7C,UAAU,EAAE,qDAAqD;KAClE;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,qBAAqB;QAC9B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2BAA2B;QACxC,UAAU,EAAE,gDAAgD;KAC7D;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,yBAAyB;QAClC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mCAAmC;QAChD,UAAU,EAAE,4CAA4C;KACzD;CACF,CAAC;AAEF,SAAgB,2BAA2B;IACzC,OAAO,kCAA0B,CAAC;AACpC,CAAC"}

package/dist/rules/code-patterns.d.ts

@@ -0,0 +1,26 @@
+/**
+ * Avana - Insecure Code Patterns
+ * Patterns for detecting security vulnerabilities in code
+ */
+import type { SecretPattern } from '../types';
+/**
+ * Insecure code patterns that could lead to security vulnerabilities
+ */
+export declare const CODE_PATTERNS: SecretPattern[];
+/**
+ * Get all code patterns
+ */
+export declare function getAllCodePatterns(): SecretPattern[];
+/**
+ * Get code patterns by severity
+ */
+export declare function getCodePatternsBySeverity(severity: 'critical' | 'high' | 'medium' | 'low'): SecretPattern[];
+/**
+ * Get code pattern by ID
+ */
+export declare function getCodePatternById(id: string): SecretPattern | undefined;
+/**
+ * Get pattern count
+ */
+export declare function getCodePatternCount(): number;
+//# sourceMappingURL=code-patterns.d.ts.map

package/dist/rules/code-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-patterns.d.ts","sourceRoot":"","sources":["../../src/rules/code-patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAE9C;;GAEG;AACH,eAAO,MAAM,aAAa,EAAE,aAAa,EA4LxC,CAAC;AAEF;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,aAAa,EAAE,CAEpD;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,aAAa,EAAE,CAE3G;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS,CAExE;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,MAAM,CAE5C"}

package/dist/rules/code-patterns.js

@@ -0,0 +1,220 @@
+"use strict";
+/**
+ * Avana - Insecure Code Patterns
+ * Patterns for detecting security vulnerabilities in code
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.CODE_PATTERNS = void 0;
+exports.getAllCodePatterns = getAllCodePatterns;
+exports.getCodePatternsBySeverity = getCodePatternsBySeverity;
+exports.getCodePatternById = getCodePatternById;
+exports.getCodePatternCount = getCodePatternCount;
+/**
+ * Insecure code patterns that could lead to security vulnerabilities
+ */
+exports.CODE_PATTERNS = [
+    // ============================================
+    // Code Execution Vulnerabilities
+    // ============================================
+    {
+        id: 'eval-usage',
+        name: 'Eval Usage',
+        pattern: /\beval\s*\(/g,
+        severity: 'high',
+        description: 'eval() can execute arbitrary code and is a security risk',
+        suggestion: 'Use safer alternatives like JSON.parse() or Function constructor with validation',
+    },
+    {
+        id: 'function-constructor',
+        name: 'Function Constructor with String',
+        pattern: /new\s+Function\s*\(\s*['"`][^'"`]*['"`]\s*\)/g,
+        severity: 'high',
+        description: 'Function constructor with string can execute arbitrary code',
+        suggestion: 'Avoid dynamic code execution or use safer alternatives',
+    },
+    // ============================================
+    // SQL Injection Vulnerabilities
+    // ============================================
+    {
+        id: 'sql-concatenation',
+        name: 'SQL String Concatenation',
+        pattern: /(SELECT|INSERT|UPDATE|DELETE|DROP|CREATE).*\+.*FROM|VALUES/gi,
+        severity: 'critical',
+        description: 'SQL string concatenation can lead to SQL injection',
+        suggestion: 'Use parameterized queries or prepared statements',
+    },
+    {
+        id: 'sql-template-literal',
+        name: 'SQL Template Literal',
+        pattern: /`(SELECT|INSERT|UPDATE|DELETE|DROP|CREATE).*\$\{.*\}.*`/gi,
+        severity: 'critical',
+        description: 'SQL template literals with variables can lead to SQL injection',
+        suggestion: 'Use parameterized queries instead of template literals',
+    },
+    // ============================================
+    // Command Injection Vulnerabilities
+    // ============================================
+    {
+        id: 'child-process-exec',
+        name: 'Child Process Exec with User Input',
+        pattern: /exec\s*\(\s*[^)]*\$\{|exec\s*\(\s*[^)]*\+/g,
+        severity: 'critical',
+        description: 'exec() with user input can lead to command injection',
+        suggestion: 'Use execFile() with array arguments or validate input strictly',
+    },
+    {
+        id: 'shell-true',
+        name: 'Shell True in Spawn',
+        pattern: /spawn\s*\([^)]*shell\s*:\s*true/gi,
+        severity: 'high',
+        description: 'Using shell:true in spawn can lead to command injection',
+        suggestion: 'Avoid shell:true or validate all inputs strictly',
+    },
+    // ============================================
+    // Cryptography Issues
+    // ============================================
+    {
+        id: 'weak-crypto-md5',
+        name: 'Weak Cryptography (MD5)',
+        pattern: /crypto\.createHash\s*\(\s*['"]md5['"]\s*\)/g,
+        severity: 'high',
+        description: 'MD5 is cryptographically broken and should not be used',
+        suggestion: 'Use SHA-256 or stronger: crypto.createHash("sha256")',
+    },
+    {
+        id: 'weak-crypto-sha1',
+        name: 'Weak Cryptography (SHA1)',
+        pattern: /crypto\.createHash\s*\(\s*['"]sha1['"]\s*\)/g,
+        severity: 'high',
+        description: 'SHA1 is deprecated and vulnerable to collision attacks',
+        suggestion: 'Use SHA-256 or stronger: crypto.createHash("sha256")',
+    },
+    {
+        id: 'insecure-random',
+        name: 'Insecure Random Number Generation',
+        pattern: /Math\.random\s*\(\s*\)/g,
+        severity: 'medium',
+        description: 'Math.random() is not cryptographically secure',
+        suggestion: 'Use crypto.randomBytes() for security-sensitive operations',
+    },
+    // ============================================
+    // Path Traversal Vulnerabilities
+    // ============================================
+    {
+        id: 'path-traversal',
+        name: 'Path Traversal',
+        pattern: /\.\.[\/\\]/g,
+        severity: 'high',
+        description: 'Path traversal pattern detected - could allow unauthorized file access',
+        suggestion: 'Validate and sanitize file paths, use path.resolve() and check if result is within allowed directory',
+    },
+    {
+        id: 'unsafe-file-read',
+        name: 'Unsafe File Read',
+        pattern: /fs\.(readFile|readFileSync)\s*\([^)]*\$\{|fs\.(readFile|readFileSync)\s*\([^)]*\+/g,
+        severity: 'high',
+        description: 'Reading files with user-controlled paths can lead to path traversal',
+        suggestion: 'Validate file paths and ensure they are within allowed directories',
+    },
+    // ============================================
+    // Deserialization Vulnerabilities
+    // ============================================
+    {
+        id: 'unsafe-yaml-load',
+        name: 'Unsafe YAML Load',
+        pattern: /yaml\.load\s*\(/g,
+        severity: 'critical',
+        description: 'yaml.load() can execute arbitrary code',
+        suggestion: 'Use yaml.safeLoad() instead',
+    },
+    {
+        id: 'unsafe-pickle',
+        name: 'Unsafe Pickle (Python)',
+        pattern: /pickle\.loads?\s*\(/g,
+        severity: 'critical',
+        description: 'pickle.load() can execute arbitrary code',
+        suggestion: 'Use JSON or validate pickle data source',
+    },
+    // ============================================
+    // XSS and Injection Vulnerabilities
+    // ============================================
+    {
+        id: 'innerhtml-assignment',
+        name: 'innerHTML Assignment',
+        pattern: /\.innerHTML\s*=\s*[^;]*\$\{|\.innerHTML\s*=\s*[^;]*\+/g,
+        severity: 'high',
+        description: 'Setting innerHTML with user input can lead to XSS',
+        suggestion: 'Use textContent or sanitize HTML with DOMPurify',
+    },
+    {
+        id: 'dangerously-set-html',
+        name: 'Dangerously Set HTML (React)',
+        pattern: /dangerouslySetInnerHTML/g,
+        severity: 'medium',
+        description: 'dangerouslySetInnerHTML can lead to XSS if not sanitized',
+        suggestion: 'Sanitize HTML content with DOMPurify before using',
+    },
+    // ============================================
+    // Configuration Issues
+    // ============================================
+    {
+        id: 'hardcoded-localhost',
+        name: 'Hardcoded Localhost URL',
+        pattern: /['"]https?:\/\/localhost:\d+/g,
+        severity: 'low',
+        description: 'Hardcoded localhost URLs may cause issues in production',
+        suggestion: 'Use environment variables for API endpoints',
+    },
+    {
+        id: 'cors-wildcard',
+        name: 'CORS Wildcard',
+        pattern: /Access-Control-Allow-Origin['"]?\s*:\s*['"]?\*/g,
+        severity: 'medium',
+        description: 'CORS wildcard (*) allows any origin to access resources',
+        suggestion: 'Specify allowed origins explicitly',
+    },
+    // ============================================
+    // Authentication/Authorization Issues
+    // ============================================
+    {
+        id: 'weak-jwt-secret',
+        name: 'Weak JWT Secret',
+        pattern: /jwt\.sign\s*\([^)]*['"]secret['"]/gi,
+        severity: 'critical',
+        description: 'Weak JWT secret detected',
+        suggestion: 'Use a strong, randomly generated secret from environment variables',
+    },
+    {
+        id: 'missing-auth-check',
+        name: 'Missing Authentication Check',
+        pattern: /app\.(get|post|put|delete|patch)\s*\([^)]*\)\s*,\s*(?!.*auth|.*authenticate|.*isAuthenticated)/gi,
+        severity: 'medium',
+        description: 'Route handler without authentication middleware',
+        suggestion: 'Add authentication middleware to protect routes',
+    },
+];
+/**
+ * Get all code patterns
+ */
+function getAllCodePatterns() {
+    return exports.CODE_PATTERNS;
+}
+/**
+ * Get code patterns by severity
+ */
+function getCodePatternsBySeverity(severity) {
+    return exports.CODE_PATTERNS.filter(p => p.severity === severity);
+}
+/**
+ * Get code pattern by ID
+ */
+function getCodePatternById(id) {
+    return exports.CODE_PATTERNS.find(p => p.id === id);
+}
+/**
+ * Get pattern count
+ */
+function getCodePatternCount() {
+    return exports.CODE_PATTERNS.length;
+}
+//# sourceMappingURL=code-patterns.js.map

package/dist/rules/code-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"code-patterns.js","sourceRoot":"","sources":["../../src/rules/code-patterns.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAwMH,gDAEC;AAKD,8DAEC;AAKD,gDAEC;AAKD,kDAEC;AA3ND;;GAEG;AACU,QAAA,aAAa,GAAoB;IAC5C,+CAA+C;IAC/C,iCAAiC;IACjC,+CAA+C;IAC/C;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,cAAc;QACvB,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,0DAA0D;QACvE,UAAU,EAAE,kFAAkF;KAC/F;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,6DAA6D;QAC1E,UAAU,EAAE,wDAAwD;KACrE;IAED,+CAA+C;IAC/C,gCAAgC;IAChC,+CAA+C;IAC/C;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,oDAAoD;QACjE,UAAU,EAAE,kDAAkD;KAC/D;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,2DAA2D;QACpE,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gEAAgE;QAC7E,UAAU,EAAE,wDAAwD;KACrE;IAED,+CAA+C;IAC/C,oCAAoC;IACpC,+CAA+C;IAC/C;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,4CAA4C;QACrD,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,sDAAsD;QACnE,UAAU,EAAE,gEAAgE;KAC7E;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,yDAAyD;QACtE,UAAU,EAAE,kDAAkD;KAC/D;IAED,+CAA+C;IAC/C,sBAAsB;IACtB,+CAA+C;IAC/C;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,6CAA6C;QACtD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,wDAAwD;QACrE,UAAU,EAAE,sDAAsD;KACnE;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,8CAA8C;QACvD,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,wDAAwD;QACrE,UAAU,EAAE,sDAAsD;KACnE;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,mCAAmC;QACzC,OAAO,EAAE,yBAAyB;QAClC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,+CAA+C;QAC5D,UAAU,EAAE,4DAA4D;KACzE;IAED,+CAA+C;IAC/C,iCAAiC;IACjC,+CAA+C;IAC/C;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,aAAa;QACtB,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,wEAAwE;QACrF,UAAU,EAAE,sGAAsG;KACnH;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,qEAAqE;QAClF,UAAU,EAAE,oEAAoE;KACjF;IAED,+CAA+C;IAC/C,kCAAkC;IAClC,+CAA+C;IAC/C;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,kBAAkB;QAC3B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wCAAwC;QACrD,UAAU,EAAE,6BAA6B;KAC1C;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0CAA0C;QACvD,UAAU,EAAE,yCAAyC;KACtD;IAED,+CAA+C;IAC/C,oCAAoC;IACpC,+CAA+C;IAC/C;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,wDAAwD;QACjE,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mDAAmD;QAChE,UAAU,EAAE,iDAAiD;KAC9D;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,0DAA0D;QACvE,UAAU,EAAE,mDAAmD;KAChE;IAED,+CAA+C;IAC/C,uBAAuB;IACvB,+CAA+C;IAC/C;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,yDAAyD;QACtE,UAAU,EAAE,6CAA6C;KAC1D;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,yDAAyD;QACtE,UAAU,EAAE,oCAAoC;KACjD;IAED,+CAA+C;IAC/C,sCAAsC;IACtC,+CAA+C;IAC/C;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0BAA0B;QACvC,UAAU,EAAE,oEAAoE;KACjF;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,kGAAkG;QAC3G,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,iDAAiD;QAC9D,UAAU,EAAE,iDAAiD;KAC9D;CACF,CAAC;AAEF;;GAEG;AACH,SAAgB,kBAAkB;IAChC,OAAO,qBAAa,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,SAAgB,yBAAyB,CAAC,QAAgD;IACxF,OAAO,qBAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAC5D,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,EAAU;IAC3C,OAAO,qBAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB;IACjC,OAAO,qBAAa,CAAC,MAAM,CAAC;AAC9B,CAAC"}

package/dist/rules/secret-patterns.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Avana - Secret Patterns
+ * Comprehensive database of 100+ patterns for detecting secrets in code
+ */
+import type { SecretPattern } from '../types';
+/**
+ * Comprehensive list of secret patterns to detect
+ * Covers major cloud providers, payment processors, communication tools, Web3/blockchain networks,
+ * DeFi protocols, NFT platforms, blockchain analytics services, and more
+ */
+export declare const SECRET_PATTERNS: SecretPattern[];
+/**
+ * Get all secret patterns
+ */
+export declare function getAllSecretPatterns(): SecretPattern[];
+/**
+ * Get secret patterns by severity
+ */
+export declare function getSecretPatternsBySeverity(severity: 'critical' | 'high' | 'medium' | 'low'): SecretPattern[];
+/**
+ * Get secret pattern by ID
+ */
+export declare function getSecretPatternById(id: string): SecretPattern | undefined;
+/**
+ * Get pattern count
+ */
+export declare function getPatternCount(): number;
+//# sourceMappingURL=secret-patterns.d.ts.map

package/dist/rules/secret-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-patterns.d.ts","sourceRoot":"","sources":["../../src/rules/secret-patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAE9C;;;;GAIG;AACH,eAAO,MAAM,eAAe,EAAE,aAAa,EAwrD1C,CAAC;AAEF;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,aAAa,EAAE,CAEtD;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,aAAa,EAAE,CAE7G;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,EAAE,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS,CAE1E;AAED;;GAEG;AACH,wBAAgB,eAAe,IAAI,MAAM,CAExC"}