circle-ir 3.51.0 → 3.52.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (30) hide show
  1. package/dist/analysis/config-loader.d.ts.map +1 -1
  2. package/dist/analysis/config-loader.js +9 -19
  3. package/dist/analysis/config-loader.js.map +1 -1
  4. package/dist/analysis/passes/insecure-cookie-pass.d.ts +23 -23
  5. package/dist/analysis/passes/insecure-cookie-pass.d.ts.map +1 -1
  6. package/dist/analysis/passes/insecure-cookie-pass.js +169 -79
  7. package/dist/analysis/passes/insecure-cookie-pass.js.map +1 -1
  8. package/dist/analysis/passes/tls-verify-disabled-pass.d.ts +52 -0
  9. package/dist/analysis/passes/tls-verify-disabled-pass.d.ts.map +1 -0
  10. package/dist/analysis/passes/tls-verify-disabled-pass.js +247 -0
  11. package/dist/analysis/passes/tls-verify-disabled-pass.js.map +1 -0
  12. package/dist/analysis/passes/weak-crypto-pass.d.ts +49 -0
  13. package/dist/analysis/passes/weak-crypto-pass.d.ts.map +1 -0
  14. package/dist/analysis/passes/weak-crypto-pass.js +223 -0
  15. package/dist/analysis/passes/weak-crypto-pass.js.map +1 -0
  16. package/dist/analysis/passes/weak-hash-pass.d.ts +45 -0
  17. package/dist/analysis/passes/weak-hash-pass.d.ts.map +1 -0
  18. package/dist/analysis/passes/weak-hash-pass.js +150 -0
  19. package/dist/analysis/passes/weak-hash-pass.js.map +1 -0
  20. package/dist/analysis/passes/weak-random-pass.d.ts +53 -0
  21. package/dist/analysis/passes/weak-random-pass.d.ts.map +1 -0
  22. package/dist/analysis/passes/weak-random-pass.js +181 -0
  23. package/dist/analysis/passes/weak-random-pass.js.map +1 -0
  24. package/dist/analyzer.d.ts.map +1 -1
  25. package/dist/analyzer.js +12 -0
  26. package/dist/analyzer.js.map +1 -1
  27. package/dist/browser/circle-ir.js +747 -50
  28. package/dist/core/circle-ir-core.cjs +9 -19
  29. package/dist/core/circle-ir-core.js +9 -19
  30. package/package.json +1 -1
package/dist/analysis/config-loader.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config-loader.d.ts","sourceRoot":"","sources":["../../src/analysis/config-loader.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,YAAY,EACZ,UAAU,EACV,WAAW,EACX,aAAa,EACb,WAAW,EACX,gBAAgB,EAChB,UAAU,EACX,MAAM,oBAAoB,CAAC;AAE5B;;;GAGG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,GAAG,CAAC,CAEjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,aAAa,EAAE,CAiB1E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG;IACtD,KAAK,EAAE,WAAW,EAAE,CAAC;IACrB,UAAU,EAAE,gBAAgB,EAAE,CAAC;CAChC,CAcA;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,cAAc,EAAE,MAAM,EAAE,EACxB,YAAY,EAAE,MAAM,EAAE,GACrB,WAAW,CAQb;AAED;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,aAAa,EA4a1C,CAAC;AAEF,eAAO,MAAM,aAAa,EAAE,WAAW,EA4xCtC,CAAC;AAEF,eAAO,MAAM,kBAAkB,EAAE,gBAAgB,EAoMhD,CAAC;AAEF;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,WAAW,CAM9C;AAMD;;;;;;;;GAQG;AACH,eAAO,MAAM,oBAAoB,EAAE,UAAU,EA8F5C,CAAC"}
1
+ {"version":3,"file":"config-loader.d.ts","sourceRoot":"","sources":["../../src/analysis/config-loader.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,YAAY,EACZ,UAAU,EACV,WAAW,EACX,aAAa,EACb,WAAW,EACX,gBAAgB,EAChB,UAAU,EACX,MAAM,oBAAoB,CAAC;AAE5B;;;GAGG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,GAAG,CAAC,CAEjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,aAAa,EAAE,CAiB1E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG;IACtD,KAAK,EAAE,WAAW,EAAE,CAAC;IACrB,UAAU,EAAE,gBAAgB,EAAE,CAAC;CAChC,CAcA;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,cAAc,EAAE,MAAM,EAAE,EACxB,YAAY,EAAE,MAAM,EAAE,GACrB,WAAW,CAQb;AAED;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,aAAa,EA4a1C,CAAC;AAEF,eAAO,MAAM,aAAa,EAAE,WAAW,EA8wCtC,CAAC;AAEF,eAAO,MAAM,kBAAkB,EAAE,gBAAgB,EAoMhD,CAAC;AAEF;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,WAAW,CAM9C;AAMD;;;;;;;;GAQG;AACH,eAAO,MAAM,oBAAoB,EAAE,UAAU,EA8F5C,CAAC"}
package/dist/analysis/config-loader.js CHANGED
@@ -1086,26 +1086,16 @@ export const DEFAULT_SINKS = [
1086
1086
  { method: 'get', class: 'WebClient', type: 'ssrf', cwe: 'CWE-918', severity: 'high', arg_positions: [] },
1087
1087
  { method: 'post', class: 'WebClient', type: 'ssrf', cwe: 'CWE-918', severity: 'high', arg_positions: [] },
1088
1088
  // =============================================================================
1089
- // Weak Cryptography Sinks (no taint flow required - presence alone is vulnerability)
1089
+ // Config / Absence Vulnerabilities (handled by dedicated pattern passes)
1090
1090
  // =============================================================================
1091
- // Weak Random (CWE-330) - java.util.Random is not cryptographically secure
1092
- { method: 'Random', class: 'constructor', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1093
- { method: 'nextInt', class: 'Random', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1094
- { method: 'nextLong', class: 'Random', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1095
- { method: 'nextFloat', class: 'Random', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1096
- { method: 'nextDouble', class: 'Random', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1097
- { method: 'nextBoolean', class: 'Random', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1098
- { method: 'nextBytes', class: 'Random', type: 'weak_random', cwe: 'CWE-330', severity: 'medium', arg_positions: [] },
1099
- // Weak Hash (CWE-328) - MD5/SHA1 are cryptographically broken
1100
- // Note: Detection requires checking algorithm argument - handled in runner
1101
- { method: 'getInstance', class: 'MessageDigest', type: 'weak_hash', cwe: 'CWE-328', severity: 'medium', arg_positions: [0] },
1102
- // Weak Crypto (CWE-327) - DES/RC4/Blowfish are weak ciphers
1103
- // Note: Detection requires checking algorithm argument - handled in runner
1104
- { method: 'getInstance', class: 'Cipher', type: 'weak_crypto', cwe: 'CWE-327', severity: 'high', arg_positions: [0] },
1105
- { method: 'getInstance', class: 'KeyGenerator', type: 'weak_crypto', cwe: 'CWE-327', severity: 'high', arg_positions: [0] },
1106
- // Insecure Cookie (CWE-614) - cookies without secure/httpOnly flags
1107
- // Note: Detection requires checking if setSecure(true)/setHttpOnly(true) called - handled in runner
1108
- { method: 'Cookie', class: 'constructor', type: 'insecure_cookie', cwe: 'CWE-614', severity: 'medium', arg_positions: [] },
1091
+ // weak_random → WeakRandomPass (src/analysis/passes/weak-random-pass.ts)
1092
+ // weak_hash → WeakHashPass (src/analysis/passes/weak-hash-pass.ts)
1093
+ // weak_crypto → WeakCryptoPass (src/analysis/passes/weak-crypto-pass.ts)
1094
+ // insecure_cookie InsecureCookiePass (src/analysis/passes/insecure-cookie-pass.ts)
1095
+ // tls_verify_disabled TlsVerifyDisabledPass
1096
+ // These patterns are detected by call-site literal inspection, not taint flow,
1097
+ // so they are NOT registered here as sinks (they could never match a "tainted
1098
+ // value flowing into a sink" because the bad value is a hard-coded constant).
1109
1099
  // Trust Boundary (CWE-501) - using untrusted data as session attribute NAME
1110
1100
  // The vulnerability is attacker controlling which key to use, not the value
1111
1101
  { method: 'setAttribute', class: 'HttpSession', type: 'trust_boundary', cwe: 'CWE-501', severity: 'medium', arg_positions: [0] },