aws-security-mcp 0.7.0 → 0.7.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -237,7 +237,7 @@ import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js"
|
|
|
237
237
|
import { z } from "zod";
|
|
238
238
|
|
|
239
239
|
// src/version.ts
|
|
240
|
-
var VERSION = "0.7.
|
|
240
|
+
var VERSION = "0.7.1";
|
|
241
241
|
|
|
242
242
|
// src/utils/aws-client.ts
|
|
243
243
|
import { STSClient, GetCallerIdentityCommand } from "@aws-sdk/client-sts";
|
|
@@ -1245,7 +1245,7 @@ async function dnsResolves(hostname) {
|
|
|
1245
1245
|
var DnsDanglingScanner = class {
|
|
1246
1246
|
moduleName = "dns_dangling";
|
|
1247
1247
|
async scan(ctx) {
|
|
1248
|
-
const { region, partition
|
|
1248
|
+
const { region, partition } = ctx;
|
|
1249
1249
|
const startMs = Date.now();
|
|
1250
1250
|
const findings = [];
|
|
1251
1251
|
const warnings = [];
|
|
@@ -7262,11 +7262,24 @@ function generateMlps3Report(scanResults, lang) {
|
|
|
7262
7262
|
function esc(s) {
|
|
7263
7263
|
return s.replace(/&/g, "&").replace(/</g, "<").replace(/>/g, ">").replace(/"/g, """).replace(/'/g, "'");
|
|
7264
7264
|
}
|
|
7265
|
+
function safeUrl(url) {
|
|
7266
|
+
try {
|
|
7267
|
+
const u = new URL(url);
|
|
7268
|
+
if (u.protocol === "https:" || u.protocol === "http:") return url;
|
|
7269
|
+
return null;
|
|
7270
|
+
} catch {
|
|
7271
|
+
return null;
|
|
7272
|
+
}
|
|
7273
|
+
}
|
|
7265
7274
|
function escWithLinks(s) {
|
|
7266
7275
|
const parts = s.split(/(https?:\/\/\S+)/);
|
|
7267
7276
|
return parts.map((part, i) => {
|
|
7268
7277
|
if (i % 2 === 1) {
|
|
7269
|
-
|
|
7278
|
+
const safe = safeUrl(part);
|
|
7279
|
+
if (safe) {
|
|
7280
|
+
return `<a href="${esc(safe)}" style="color:#60a5fa" target="_blank" rel="noopener">${esc(part)}</a>`;
|
|
7281
|
+
}
|
|
7282
|
+
return esc(part);
|
|
7270
7283
|
}
|
|
7271
7284
|
return esc(part);
|
|
7272
7285
|
}).join("");
|
|
@@ -7994,7 +8007,8 @@ ${rest}
|
|
|
7994
8007
|
const renderRec = (r) => {
|
|
7995
8008
|
const sev = r.severity.toLowerCase();
|
|
7996
8009
|
const countLabel = r.count > 1 ? ` (× ${r.count})` : "";
|
|
7997
|
-
const
|
|
8010
|
+
const safeLink = r.url ? safeUrl(r.url) : null;
|
|
8011
|
+
const linkHtml = safeLink ? ` <a href="${esc(safeLink)}" style="color:#60a5fa" target="_blank" rel="noopener">📖</a>` : "";
|
|
7998
8012
|
return `<li><span class="badge badge-${esc(sev)}">${esc(r.severity)}</span> ${esc(r.text)}${countLabel}${linkHtml}</li>`;
|
|
7999
8013
|
};
|
|
8000
8014
|
const TOP_N = 10;
|
|
@@ -8153,7 +8167,6 @@ function generateMlps3HtmlReport(scanResults, history, lang) {
|
|
|
8153
8167
|
</section>`;
|
|
8154
8168
|
}
|
|
8155
8169
|
const isEn = (lang ?? "zh") === "en";
|
|
8156
|
-
const itemCat = (r) => isEn ? r.item.categoryEn : r.item.categoryCn;
|
|
8157
8170
|
const itemControl = (r) => isEn ? r.item.controlEn : r.item.controlCn;
|
|
8158
8171
|
const itemReq = (r) => isEn ? r.item.requirementEn : r.item.requirementCn;
|
|
8159
8172
|
const categoryMap = /* @__PURE__ */ new Map();
|
|
@@ -8355,7 +8368,8 @@ ${itemsHtml}
|
|
|
8355
8368
|
const renderMlpsRec = (r) => {
|
|
8356
8369
|
const sev = r.severity.toLowerCase();
|
|
8357
8370
|
const countLabel = r.count > 1 ? ` (× ${r.count})` : "";
|
|
8358
|
-
const
|
|
8371
|
+
const safeLink = r.url ? safeUrl(r.url) : null;
|
|
8372
|
+
const linkHtml = safeLink ? ` <a href="${esc(safeLink)}" style="color:#60a5fa" target="_blank" rel="noopener">📖</a>` : "";
|
|
8359
8373
|
return `<li><span class="badge badge-${esc(sev)}">${esc(r.severity)}</span> ${esc(r.text)}${countLabel}${linkHtml}</li>`;
|
|
8360
8374
|
};
|
|
8361
8375
|
const MLPS_TOP_N = 10;
|