codeslick-cli 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (455) hide show
  1. package/README.md +458 -0
  2. package/__tests__/cli-reporter.test.ts +86 -0
  3. package/__tests__/config-loader.test.ts +247 -0
  4. package/__tests__/local-scanner.test.ts +245 -0
  5. package/bin/codeslick.cjs +153 -0
  6. package/dist/packages/cli/src/commands/auth.d.ts +36 -0
  7. package/dist/packages/cli/src/commands/auth.d.ts.map +1 -0
  8. package/dist/packages/cli/src/commands/auth.js +226 -0
  9. package/dist/packages/cli/src/commands/auth.js.map +1 -0
  10. package/dist/packages/cli/src/commands/config.d.ts +37 -0
  11. package/dist/packages/cli/src/commands/config.d.ts.map +1 -0
  12. package/dist/packages/cli/src/commands/config.js +196 -0
  13. package/dist/packages/cli/src/commands/config.js.map +1 -0
  14. package/dist/packages/cli/src/commands/init.d.ts +32 -0
  15. package/dist/packages/cli/src/commands/init.d.ts.map +1 -0
  16. package/dist/packages/cli/src/commands/init.js +171 -0
  17. package/dist/packages/cli/src/commands/init.js.map +1 -0
  18. package/dist/packages/cli/src/commands/scan.d.ts +40 -0
  19. package/dist/packages/cli/src/commands/scan.d.ts.map +1 -0
  20. package/dist/packages/cli/src/commands/scan.js +204 -0
  21. package/dist/packages/cli/src/commands/scan.js.map +1 -0
  22. package/dist/packages/cli/src/config/config-loader.d.ts +67 -0
  23. package/dist/packages/cli/src/config/config-loader.d.ts.map +1 -0
  24. package/dist/packages/cli/src/config/config-loader.js +146 -0
  25. package/dist/packages/cli/src/config/config-loader.js.map +1 -0
  26. package/dist/packages/cli/src/reporters/cli-reporter.d.ts +69 -0
  27. package/dist/packages/cli/src/reporters/cli-reporter.d.ts.map +1 -0
  28. package/dist/packages/cli/src/reporters/cli-reporter.js +244 -0
  29. package/dist/packages/cli/src/reporters/cli-reporter.js.map +1 -0
  30. package/dist/packages/cli/src/scanner/local-scanner.d.ts +92 -0
  31. package/dist/packages/cli/src/scanner/local-scanner.d.ts.map +1 -0
  32. package/dist/packages/cli/src/scanner/local-scanner.js +221 -0
  33. package/dist/packages/cli/src/scanner/local-scanner.js.map +1 -0
  34. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts +88 -0
  35. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts.map +1 -0
  36. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js +371 -0
  37. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js.map +1 -0
  38. package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts +63 -0
  39. package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts.map +1 -0
  40. package/dist/src/lib/analyzers/helpers/jsx-helpers.js +95 -0
  41. package/dist/src/lib/analyzers/helpers/jsx-helpers.js.map +1 -0
  42. package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts +59 -0
  43. package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts.map +1 -0
  44. package/dist/src/lib/analyzers/helpers/variable-tracker.js +231 -0
  45. package/dist/src/lib/analyzers/helpers/variable-tracker.js.map +1 -0
  46. package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts +20 -0
  47. package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts.map +1 -0
  48. package/dist/src/lib/analyzers/java/security-checks/access-control.js +129 -0
  49. package/dist/src/lib/analyzers/java/security-checks/access-control.js.map +1 -0
  50. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts +25 -0
  51. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts.map +1 -0
  52. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js +221 -0
  53. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js.map +1 -0
  54. package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts +18 -0
  55. package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts.map +1 -0
  56. package/dist/src/lib/analyzers/java/security-checks/code-quality.js +84 -0
  57. package/dist/src/lib/analyzers/java/security-checks/code-quality.js.map +1 -0
  58. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts +18 -0
  59. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts.map +1 -0
  60. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js +161 -0
  61. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js.map +1 -0
  62. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts +20 -0
  63. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts.map +1 -0
  64. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js +163 -0
  65. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js.map +1 -0
  66. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts +24 -0
  67. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  68. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js +178 -0
  69. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js.map +1 -0
  70. package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts +25 -0
  71. package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts.map +1 -0
  72. package/dist/src/lib/analyzers/java/security-checks/exception-handling.js +179 -0
  73. package/dist/src/lib/analyzers/java/security-checks/exception-handling.js.map +1 -0
  74. package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts +17 -0
  75. package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts.map +1 -0
  76. package/dist/src/lib/analyzers/java/security-checks/file-operations.js +67 -0
  77. package/dist/src/lib/analyzers/java/security-checks/file-operations.js.map +1 -0
  78. package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts +25 -0
  79. package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts.map +1 -0
  80. package/dist/src/lib/analyzers/java/security-checks/framework-security.js +396 -0
  81. package/dist/src/lib/analyzers/java/security-checks/framework-security.js.map +1 -0
  82. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts +20 -0
  83. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts.map +1 -0
  84. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js +123 -0
  85. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js.map +1 -0
  86. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts +23 -0
  87. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts.map +1 -0
  88. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js +201 -0
  89. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js.map +1 -0
  90. package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts +20 -0
  91. package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts.map +1 -0
  92. package/dist/src/lib/analyzers/java/security-checks/insecure-design.js +121 -0
  93. package/dist/src/lib/analyzers/java/security-checks/insecure-design.js.map +1 -0
  94. package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts +20 -0
  95. package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts.map +1 -0
  96. package/dist/src/lib/analyzers/java/security-checks/logging-failures.js +89 -0
  97. package/dist/src/lib/analyzers/java/security-checks/logging-failures.js.map +1 -0
  98. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts +26 -0
  99. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts.map +1 -0
  100. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js +309 -0
  101. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js.map +1 -0
  102. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts +18 -0
  103. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts.map +1 -0
  104. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js +114 -0
  105. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js.map +1 -0
  106. package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts +58 -0
  107. package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts.map +1 -0
  108. package/dist/src/lib/analyzers/java/utils/createVulnerability.js +71 -0
  109. package/dist/src/lib/analyzers/java/utils/createVulnerability.js.map +1 -0
  110. package/dist/src/lib/analyzers/java-analyzer.d.ts +209 -0
  111. package/dist/src/lib/analyzers/java-analyzer.d.ts.map +1 -0
  112. package/dist/src/lib/analyzers/java-analyzer.js +1720 -0
  113. package/dist/src/lib/analyzers/java-analyzer.js.map +1 -0
  114. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts +27 -0
  115. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts.map +1 -0
  116. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js +123 -0
  117. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js.map +1 -0
  118. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts +44 -0
  119. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts.map +1 -0
  120. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js +224 -0
  121. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js.map +1 -0
  122. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts +50 -0
  123. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts.map +1 -0
  124. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js +284 -0
  125. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js.map +1 -0
  126. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts +27 -0
  127. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts.map +1 -0
  128. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js +86 -0
  129. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js.map +1 -0
  130. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts +32 -0
  131. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts.map +1 -0
  132. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js +44 -0
  133. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js.map +1 -0
  134. package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts +22 -0
  135. package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts.map +1 -0
  136. package/dist/src/lib/analyzers/javascript/security-checks/access-control.js +168 -0
  137. package/dist/src/lib/analyzers/javascript/security-checks/access-control.js.map +1 -0
  138. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts +25 -0
  139. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts.map +1 -0
  140. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js +232 -0
  141. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js.map +1 -0
  142. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts +27 -0
  143. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts.map +1 -0
  144. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js +222 -0
  145. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js.map +1 -0
  146. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts +28 -0
  147. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts.map +1 -0
  148. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js +176 -0
  149. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js.map +1 -0
  150. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts +23 -0
  151. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  152. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js +113 -0
  153. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js.map +1 -0
  154. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts +28 -0
  155. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts.map +1 -0
  156. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js +227 -0
  157. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js.map +1 -0
  158. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts +32 -0
  159. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts.map +1 -0
  160. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js +260 -0
  161. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js.map +1 -0
  162. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts +26 -0
  163. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts.map +1 -0
  164. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js +164 -0
  165. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js.map +1 -0
  166. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts +26 -0
  167. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts.map +1 -0
  168. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js +775 -0
  169. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js.map +1 -0
  170. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts +25 -0
  171. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts.map +1 -0
  172. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js +168 -0
  173. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js.map +1 -0
  174. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts +27 -0
  175. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts.map +1 -0
  176. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js +108 -0
  177. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js.map +1 -0
  178. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts +28 -0
  179. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts.map +1 -0
  180. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js +143 -0
  181. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js.map +1 -0
  182. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts +53 -0
  183. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts.map +1 -0
  184. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js +144 -0
  185. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js.map +1 -0
  186. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts +72 -0
  187. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts.map +1 -0
  188. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js +314 -0
  189. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js.map +1 -0
  190. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts +58 -0
  191. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts.map +1 -0
  192. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js +71 -0
  193. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js.map +1 -0
  194. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts +36 -0
  195. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts.map +1 -0
  196. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js +70 -0
  197. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js.map +1 -0
  198. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts +29 -0
  199. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts.map +1 -0
  200. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js +55 -0
  201. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js.map +1 -0
  202. package/dist/src/lib/analyzers/javascript-analyzer.d.ts +95 -0
  203. package/dist/src/lib/analyzers/javascript-analyzer.d.ts.map +1 -0
  204. package/dist/src/lib/analyzers/javascript-analyzer.js +2141 -0
  205. package/dist/src/lib/analyzers/javascript-analyzer.js.map +1 -0
  206. package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts +21 -0
  207. package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts.map +1 -0
  208. package/dist/src/lib/analyzers/python/security-checks/access-control.js +305 -0
  209. package/dist/src/lib/analyzers/python/security-checks/access-control.js.map +1 -0
  210. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts +25 -0
  211. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts.map +1 -0
  212. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js +242 -0
  213. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js.map +1 -0
  214. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts +24 -0
  215. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts.map +1 -0
  216. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js +207 -0
  217. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js.map +1 -0
  218. package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts +27 -0
  219. package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts.map +1 -0
  220. package/dist/src/lib/analyzers/python/security-checks/code-quality.js +206 -0
  221. package/dist/src/lib/analyzers/python/security-checks/code-quality.js.map +1 -0
  222. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts +24 -0
  223. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts.map +1 -0
  224. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js +113 -0
  225. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js.map +1 -0
  226. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts +20 -0
  227. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts.map +1 -0
  228. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js +129 -0
  229. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js.map +1 -0
  230. package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts +19 -0
  231. package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts.map +1 -0
  232. package/dist/src/lib/analyzers/python/security-checks/data-integrity.js +90 -0
  233. package/dist/src/lib/analyzers/python/security-checks/data-integrity.js.map +1 -0
  234. package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts +20 -0
  235. package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts.map +1 -0
  236. package/dist/src/lib/analyzers/python/security-checks/deserialization.js +68 -0
  237. package/dist/src/lib/analyzers/python/security-checks/deserialization.js.map +1 -0
  238. package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts +25 -0
  239. package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts.map +1 -0
  240. package/dist/src/lib/analyzers/python/security-checks/django-security.js +180 -0
  241. package/dist/src/lib/analyzers/python/security-checks/django-security.js.map +1 -0
  242. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts +23 -0
  243. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  244. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js +127 -0
  245. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js.map +1 -0
  246. package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts +23 -0
  247. package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts.map +1 -0
  248. package/dist/src/lib/analyzers/python/security-checks/exception-handling.js +120 -0
  249. package/dist/src/lib/analyzers/python/security-checks/exception-handling.js.map +1 -0
  250. package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts +24 -0
  251. package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts.map +1 -0
  252. package/dist/src/lib/analyzers/python/security-checks/flask-security.js +143 -0
  253. package/dist/src/lib/analyzers/python/security-checks/flask-security.js.map +1 -0
  254. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts +28 -0
  255. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts.map +1 -0
  256. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js +174 -0
  257. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js.map +1 -0
  258. package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts +20 -0
  259. package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts.map +1 -0
  260. package/dist/src/lib/analyzers/python/security-checks/insecure-design.js +160 -0
  261. package/dist/src/lib/analyzers/python/security-checks/insecure-design.js.map +1 -0
  262. package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts +20 -0
  263. package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts.map +1 -0
  264. package/dist/src/lib/analyzers/python/security-checks/logging-failures.js +121 -0
  265. package/dist/src/lib/analyzers/python/security-checks/logging-failures.js.map +1 -0
  266. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts +26 -0
  267. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts.map +1 -0
  268. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js +248 -0
  269. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js.map +1 -0
  270. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts +26 -0
  271. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts.map +1 -0
  272. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js +375 -0
  273. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js.map +1 -0
  274. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts +26 -0
  275. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts.map +1 -0
  276. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js +160 -0
  277. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js.map +1 -0
  278. package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts +23 -0
  279. package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts.map +1 -0
  280. package/dist/src/lib/analyzers/python/security-checks/web-security.js +117 -0
  281. package/dist/src/lib/analyzers/python/security-checks/web-security.js.map +1 -0
  282. package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts +58 -0
  283. package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts.map +1 -0
  284. package/dist/src/lib/analyzers/python/utils/createVulnerability.js +71 -0
  285. package/dist/src/lib/analyzers/python/utils/createVulnerability.js.map +1 -0
  286. package/dist/src/lib/analyzers/python-analyzer.d.ts +111 -0
  287. package/dist/src/lib/analyzers/python-analyzer.d.ts.map +1 -0
  288. package/dist/src/lib/analyzers/python-analyzer.js +1600 -0
  289. package/dist/src/lib/analyzers/python-analyzer.js.map +1 -0
  290. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts +14 -0
  291. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts.map +1 -0
  292. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js +47 -0
  293. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js.map +1 -0
  294. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts +13 -0
  295. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts.map +1 -0
  296. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js +36 -0
  297. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js.map +1 -0
  298. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts +15 -0
  299. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts.map +1 -0
  300. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js +68 -0
  301. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js.map +1 -0
  302. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts +15 -0
  303. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts.map +1 -0
  304. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js +68 -0
  305. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js.map +1 -0
  306. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts +12 -0
  307. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts.map +1 -0
  308. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js +45 -0
  309. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js.map +1 -0
  310. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts +14 -0
  311. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts.map +1 -0
  312. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js +47 -0
  313. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js.map +1 -0
  314. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts +13 -0
  315. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts.map +1 -0
  316. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js +36 -0
  317. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js.map +1 -0
  318. package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts +15 -0
  319. package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts.map +1 -0
  320. package/dist/src/lib/analyzers/secrets/patterns/api-keys.js +32 -0
  321. package/dist/src/lib/analyzers/secrets/patterns/api-keys.js.map +1 -0
  322. package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts +15 -0
  323. package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts.map +1 -0
  324. package/dist/src/lib/analyzers/secrets/patterns/credentials.js +68 -0
  325. package/dist/src/lib/analyzers/secrets/patterns/credentials.js.map +1 -0
  326. package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts +16 -0
  327. package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts.map +1 -0
  328. package/dist/src/lib/analyzers/secrets/patterns/private-keys.js +79 -0
  329. package/dist/src/lib/analyzers/secrets/patterns/private-keys.js.map +1 -0
  330. package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts +15 -0
  331. package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts.map +1 -0
  332. package/dist/src/lib/analyzers/secrets/patterns/tokens.js +58 -0
  333. package/dist/src/lib/analyzers/secrets/patterns/tokens.js.map +1 -0
  334. package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts +88 -0
  335. package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts.map +1 -0
  336. package/dist/src/lib/analyzers/secrets/secrets-analyzer.js +162 -0
  337. package/dist/src/lib/analyzers/secrets/secrets-analyzer.js.map +1 -0
  338. package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts +56 -0
  339. package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts.map +1 -0
  340. package/dist/src/lib/analyzers/secrets/validators/context-checker.js +199 -0
  341. package/dist/src/lib/analyzers/secrets/validators/context-checker.js.map +1 -0
  342. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts +56 -0
  343. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts.map +1 -0
  344. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js +102 -0
  345. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js.map +1 -0
  346. package/dist/src/lib/analyzers/security-checks/es6-security.d.ts +38 -0
  347. package/dist/src/lib/analyzers/security-checks/es6-security.d.ts.map +1 -0
  348. package/dist/src/lib/analyzers/security-checks/es6-security.js +125 -0
  349. package/dist/src/lib/analyzers/security-checks/es6-security.js.map +1 -0
  350. package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts +46 -0
  351. package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts.map +1 -0
  352. package/dist/src/lib/analyzers/security-checks/python-async-security.js +92 -0
  353. package/dist/src/lib/analyzers/security-checks/python-async-security.js.map +1 -0
  354. package/dist/src/lib/analyzers/security-checks/react-security.d.ts +49 -0
  355. package/dist/src/lib/analyzers/security-checks/react-security.d.ts.map +1 -0
  356. package/dist/src/lib/analyzers/security-checks/react-security.js +125 -0
  357. package/dist/src/lib/analyzers/security-checks/react-security.js.map +1 -0
  358. package/dist/src/lib/analyzers/types.d.ts +92 -0
  359. package/dist/src/lib/analyzers/types.d.ts.map +1 -0
  360. package/dist/src/lib/analyzers/types.js +3 -0
  361. package/dist/src/lib/analyzers/types.js.map +1 -0
  362. package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts +19 -0
  363. package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts.map +1 -0
  364. package/dist/src/lib/analyzers/typescript/security-checks/access-control.js +210 -0
  365. package/dist/src/lib/analyzers/typescript/security-checks/access-control.js.map +1 -0
  366. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts +25 -0
  367. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts.map +1 -0
  368. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js +242 -0
  369. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js.map +1 -0
  370. package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts +28 -0
  371. package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts.map +1 -0
  372. package/dist/src/lib/analyzers/typescript/security-checks/authentication.js +357 -0
  373. package/dist/src/lib/analyzers/typescript/security-checks/authentication.js.map +1 -0
  374. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts +26 -0
  375. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts.map +1 -0
  376. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js +380 -0
  377. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js.map +1 -0
  378. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts +23 -0
  379. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts.map +1 -0
  380. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js +109 -0
  381. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js.map +1 -0
  382. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts +21 -0
  383. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts.map +1 -0
  384. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js +153 -0
  385. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js.map +1 -0
  386. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts +23 -0
  387. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  388. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js +146 -0
  389. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js.map +1 -0
  390. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts +23 -0
  391. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts.map +1 -0
  392. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js +187 -0
  393. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js.map +1 -0
  394. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts +19 -0
  395. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts.map +1 -0
  396. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js +97 -0
  397. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js.map +1 -0
  398. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts +29 -0
  399. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts.map +1 -0
  400. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js +319 -0
  401. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js.map +1 -0
  402. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts +21 -0
  403. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts.map +1 -0
  404. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js +121 -0
  405. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js.map +1 -0
  406. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts +27 -0
  407. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts.map +1 -0
  408. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js +213 -0
  409. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js.map +1 -0
  410. package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts +19 -0
  411. package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts.map +1 -0
  412. package/dist/src/lib/analyzers/typescript/security-checks/type-security.js +59 -0
  413. package/dist/src/lib/analyzers/typescript/security-checks/type-security.js.map +1 -0
  414. package/dist/src/lib/analyzers/typescript/type-checker.d.ts +17 -0
  415. package/dist/src/lib/analyzers/typescript/type-checker.d.ts.map +1 -0
  416. package/dist/src/lib/analyzers/typescript/type-checker.js +515 -0
  417. package/dist/src/lib/analyzers/typescript/type-checker.js.map +1 -0
  418. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts +58 -0
  419. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts.map +1 -0
  420. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js +71 -0
  421. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js.map +1 -0
  422. package/dist/src/lib/analyzers/typescript-analyzer.d.ts +116 -0
  423. package/dist/src/lib/analyzers/typescript-analyzer.d.ts.map +1 -0
  424. package/dist/src/lib/analyzers/typescript-analyzer.js +1660 -0
  425. package/dist/src/lib/analyzers/typescript-analyzer.js.map +1 -0
  426. package/dist/src/lib/security/compliance-mapping.d.ts +29 -0
  427. package/dist/src/lib/security/compliance-mapping.d.ts.map +1 -0
  428. package/dist/src/lib/security/compliance-mapping.js +1342 -0
  429. package/dist/src/lib/security/compliance-mapping.js.map +1 -0
  430. package/dist/src/lib/security/severity-scoring.d.ts +47 -0
  431. package/dist/src/lib/security/severity-scoring.d.ts.map +1 -0
  432. package/dist/src/lib/security/severity-scoring.js +965 -0
  433. package/dist/src/lib/security/severity-scoring.js.map +1 -0
  434. package/dist/src/lib/standards/references.d.ts +16 -0
  435. package/dist/src/lib/standards/references.d.ts.map +1 -0
  436. package/dist/src/lib/standards/references.js +1161 -0
  437. package/dist/src/lib/standards/references.js.map +1 -0
  438. package/dist/src/lib/types/index.d.ts +167 -0
  439. package/dist/src/lib/types/index.d.ts.map +1 -0
  440. package/dist/src/lib/types/index.js +3 -0
  441. package/dist/src/lib/types/index.js.map +1 -0
  442. package/dist/src/lib/utils/code-cleaner.d.ts +59 -0
  443. package/dist/src/lib/utils/code-cleaner.d.ts.map +1 -0
  444. package/dist/src/lib/utils/code-cleaner.js +283 -0
  445. package/dist/src/lib/utils/code-cleaner.js.map +1 -0
  446. package/package.json +51 -0
  447. package/src/commands/auth.ts +308 -0
  448. package/src/commands/config.ts +226 -0
  449. package/src/commands/init.ts +202 -0
  450. package/src/commands/scan.ts +238 -0
  451. package/src/config/config-loader.ts +175 -0
  452. package/src/reporters/cli-reporter.ts +282 -0
  453. package/src/scanner/local-scanner.ts +250 -0
  454. package/tsconfig.json +24 -0
  455. package/tsconfig.tsbuildinfo +1 -0
package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts ADDED
@@ -0,0 +1,20 @@
1
+ /**
2
+ * Hardcoded Credentials Detection Module
3
+ *
4
+ * Detects hardcoded credentials in Java source code including:
5
+ * - General credentials (passwords, secrets, tokens)
6
+ * - AWS credentials (Access Keys, Secret Keys)
7
+ * - Stripe API keys
8
+ * - Byte array encryption keys
9
+ * - Spring @Value annotations with hardcoded credentials
10
+ *
11
+ * OWASP A07:2021 - Authentication & Identification Failures
12
+ */
13
+ import { SecurityVulnerability } from '../../types';
14
+ /**
15
+ * Check for hardcoded credentials in Java code
16
+ * @param lines - Array of code lines to analyze
17
+ * @returns Array of security vulnerabilities found
18
+ */
19
+ export declare function checkHardcodedCredentials(lines: string[]): SecurityVulnerability[];
20
+ //# sourceMappingURL=hardcoded-credentials.d.ts.map
package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"hardcoded-credentials.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/hardcoded-credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;GAIG;AACH,wBAAgB,yBAAyB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,qBAAqB,EAAE,CAsKlF"}
package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js ADDED
@@ -0,0 +1,123 @@
1
+ "use strict";
2
+ /**
3
+ * Hardcoded Credentials Detection Module
4
+ *
5
+ * Detects hardcoded credentials in Java source code including:
6
+ * - General credentials (passwords, secrets, tokens)
7
+ * - AWS credentials (Access Keys, Secret Keys)
8
+ * - Stripe API keys
9
+ * - Byte array encryption keys
10
+ * - Spring @Value annotations with hardcoded credentials
11
+ *
12
+ * OWASP A07:2021 - Authentication & Identification Failures
13
+ */
14
+ Object.defineProperty(exports, "__esModule", { value: true });
15
+ exports.checkHardcodedCredentials = checkHardcodedCredentials;
16
+ const createVulnerability_1 = require("../utils/createVulnerability");
17
+ /**
18
+ * Check for hardcoded credentials in Java code
19
+ * @param lines - Array of code lines to analyze
20
+ * @returns Array of security vulnerabilities found
21
+ */
22
+ function checkHardcodedCredentials(lines) {
23
+ const vulnerabilities = [];
24
+ let inMultiLineComment = false;
25
+ lines.forEach((line, index) => {
26
+ const trimmed = line.trim();
27
+ const lineNumber = index + 1;
28
+ // CRITICAL: Track multi-line comment blocks (/* ... */)
29
+ if (trimmed.includes('/*')) {
30
+ inMultiLineComment = true;
31
+ }
32
+ if (trimmed.includes('*/')) {
33
+ inMultiLineComment = false;
34
+ return; // Skip the line with */
35
+ }
36
+ // CRITICAL: Skip all lines inside multi-line comments and single-line comments
37
+ // FIX (Dec 6, 2025): Added proper multi-line comment tracking
38
+ if (!trimmed ||
39
+ inMultiLineComment ||
40
+ trimmed.startsWith('//')) {
41
+ return;
42
+ }
43
+ // 7. Hardcoded credentials - CRITICAL
44
+ // PHASE 6 FIX (2025-11-21): Skip comment lines to prevent false positives
45
+ // Priority 1 Improvement (2025-11-24): Expanded patterns for API keys, secrets, tokens
46
+ // FIX (Dec 9, 2025): Support ALL naming conventions (camelCase, snake_case, SCREAMING_SNAKE_CASE)
47
+ // Pattern now matches: API_KEY, api_key, apiKey, DB_PASSWORD, dbPassword, AWS_SECRET, awsSecret, etc.
48
+ const credentialPattern = /(password|passwd|pwd|secret|token|key|auth|credential)/i;
49
+ const hasCredentialKeyword = credentialPattern.test(trimmed);
50
+ const hasAssignment = trimmed.match(/\s*=\s*"/);
51
+ if (hasCredentialKeyword && hasAssignment &&
52
+ !trimmed.includes('System.getenv') && !trimmed.includes('config.') && !trimmed.includes('properties')) {
53
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('hardcoded-credentials', 'Hardcoded credentials detected in source code', 'Use environment variables (System.getenv()), configuration files, or secret management services', lineNumber, 'Hardcoded credentials in source code are visible to anyone with access to the codebase, version control history, compiled bytecode, or decompiled classes. This includes developers, contractors, attackers who gain access to repositories, and anyone analyzing JAR files.', 'String password = "SecretPass123"; // Visible in source, Git history, and decompiled bytecode', [
54
+ 'Credential exposure in version control',
55
+ 'Unauthorized system access',
56
+ 'Data breach',
57
+ 'Compliance violations (PCI-DSS, GDPR)',
58
+ 'Credential reuse across systems'
59
+ ], 'String dbPassword = "MySecretP@ssw0rd";\nConnection conn = DriverManager.getConnection(url, username, dbPassword);', 'String dbPassword = System.getenv("DB_PASSWORD"); // From environment variable\n// Or with Spring: @Value("${db.password}") private String dbPassword;\nConnection conn = DriverManager.getConnection(url, username, dbPassword);', 'Store credentials in environment variables, external configuration files, or dedicated secret management services (AWS Secrets Manager, HashiCorp Vault, Azure Key Vault). Never commit credentials to source control'));
60
+ }
61
+ // 7b. AWS credentials - CRITICAL (PRIORITY 1 FIX)
62
+ // Detect AWS Access Key ID (starts with AKIA) and AWS Secret Access Key patterns
63
+ if (trimmed.match(/"AKIA[0-9A-Z]{16}"/) || // AWS Access Key ID
64
+ trimmed.match(/"[A-Za-z0-9/+=]{40}"/) || // AWS Secret Access Key (40 chars base64-like)
65
+ (trimmed.match(/AWS.*=\s*"/) && !trimmed.includes('System.getenv'))) {
66
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('hardcoded-credentials', 'Hardcoded AWS credentials detected in source code', 'Use AWS Secrets Manager, Systems Manager Parameter Store, or environment variables', lineNumber, 'Hardcoded AWS credentials grant full access to AWS resources. If exposed in source code or version control, attackers can use these to create resources, steal data, or incur massive costs on your AWS account.', 'String awsAccessKey = "AKIAIOSFODNN7EXAMPLE"; String awsSecretKey = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";', [
67
+ 'Unauthorized AWS resource access',
68
+ 'Data exfiltration from S3/RDS/DynamoDB',
69
+ 'Resource creation/deletion',
70
+ 'Massive AWS billing fraud',
71
+ 'Credential exposure in Git history'
72
+ ], 'private static final String AWS_ACCESS_KEY = "AKIAIOSFODNN7EXAMPLE";\nprivate static final String AWS_SECRET_KEY = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY";', '// Use AWS SDK default credential provider chain\nAWSCredentialsProvider credentialsProvider = DefaultAWSCredentialsProviderChain.getInstance();\n// Or environment variables:\nString awsAccessKey = System.getenv("AWS_ACCESS_KEY_ID");\nString awsSecretKey = System.getenv("AWS_SECRET_ACCESS_KEY");', 'Use AWS SDK default credential provider chain, AWS Secrets Manager, Systems Manager Parameter Store, or environment variables. Never hardcode AWS credentials. Rotate credentials immediately if exposed'));
73
+ }
74
+ // 7c. Stripe API keys - CRITICAL (PRIORITY 1 FIX)
75
+ // Detect Stripe test and live API keys
76
+ if (trimmed.match(/"(sk|pk)_(test|live)_[0-9a-zA-Z]{24,}"/) ||
77
+ (trimmed.match(/STRIPE.*=\s*"(sk|pk)_/) && !trimmed.includes('System.getenv'))) {
78
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('hardcoded-credentials', 'Hardcoded Stripe API key detected in source code', 'Use environment variables (System.getenv()) or secret management services', lineNumber, 'Hardcoded Stripe API keys allow attackers to access payment data, create refunds, view customer information, or perform unauthorized transactions. Secret keys (sk_) grant full API access while publishable keys (pk_) can expose business information.', 'String stripeKey = "sk_live_4eC39HqLyjWDarjtT1zdp7dc"; // Full payment system access', [
79
+ 'Unauthorized payment processing',
80
+ 'Customer data theft (PII, payment info)',
81
+ 'Fraudulent refunds',
82
+ 'Stripe account takeover',
83
+ 'PCI-DSS compliance violations'
84
+ ], 'private static final String STRIPE_API_KEY = "sk_test_4eC39HqLyjWDarjtT1zdp7dc";', 'String stripeApiKey = System.getenv("STRIPE_API_KEY"); // From environment variable\n// Or with Spring: @Value("${stripe.api.key}") private String stripeApiKey;\nStripe.apiKey = stripeApiKey;', 'Store Stripe API keys in environment variables or secret management services. Use restricted API keys with minimal scopes when possible. Rotate keys immediately if exposed. Never commit to version control'));
85
+ }
86
+ // 7d. Byte array encryption keys - MEDIUM (PRIORITY 1 FIX)
87
+ // Detect hardcoded byte arrays used for encryption (often seen as new byte[] { ... })
88
+ if (trimmed.match(/new\s+byte\s*\[\s*\]\s*\{.*\d+.*\}/) &&
89
+ (trimmed.match(/key|secret|salt|iv|encrypt|cipher/i) ||
90
+ lines[Math.max(0, index - 1)]?.match(/key|secret|salt|iv|encrypt|cipher/i) ||
91
+ lines[Math.min(lines.length - 1, index + 1)]?.match(/key|secret|salt|iv|encrypt|cipher/i))) {
92
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('hardcoded-credentials', 'Hardcoded encryption key detected as byte array', 'Generate keys at runtime using KeyGenerator or derive from secure password-based key derivation (PBKDF2)', lineNumber, 'Hardcoded encryption keys in byte arrays are visible in compiled bytecode and can be extracted by attackers. This defeats the purpose of encryption since the key is as accessible as the plaintext data.', 'byte[] encryptionKey = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF }; // Visible in bytecode', [
93
+ 'Encryption key exposure',
94
+ 'Data decryption by attackers',
95
+ 'Compliance violations',
96
+ 'Key visible in decompiled code',
97
+ 'Cannot rotate keys without code changes'
98
+ ], 'private static final byte[] ENCRYPTION_KEY = new byte[] {\n 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,\n 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F\n};', '// Generate key at runtime:\nKeyGenerator keyGen = KeyGenerator.getInstance("AES");\nkeyGen.init(256);\nSecretKey secretKey = keyGen.generateKey();\n// Or derive from password:\nSecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256");\nKeySpec spec = new PBEKeySpec(password, salt, 65536, 256);\nSecretKey secret = new SecretKeySpec(factory.generateSecret(spec).getEncoded(), "AES");', 'Generate encryption keys at runtime using KeyGenerator or derive from passwords using PBKDF2. Store keys in Java KeyStore or external key management systems (AWS KMS, Azure Key Vault, HashiCorp Vault)'));
99
+ }
100
+ // 7e. Spring @Value with hardcoded credentials - CRITICAL (PRIORITY 4 FIX)
101
+ // Detect @Value annotations with literal strings (not placeholders like ${DB_URL})
102
+ // FIX (Dec 6, 2025): Removed old comment checks - now handled by inMultiLineComment tracking
103
+ if (trimmed.match(/@Value\s*\(\s*"[^$][^"]*"\s*\)/)) {
104
+ // Check next line for sensitive variable names
105
+ const nextLine = lines[index + 1];
106
+ // PHASE 6 FIX (2025-11-21): Added username, email, user to sensitive keyword list
107
+ // Previous bug: @Value("myapp@gmail.com") with emailUsername variable was missed
108
+ const isSensitive = nextLine &&
109
+ nextLine.match(/(password|passwd|pwd|secret|token|apiKey|privateKey|key|auth|credential|username|email|user)/i);
110
+ if (isSensitive) {
111
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('hardcoded-credentials', 'Hardcoded credentials in @Value annotation', 'Use Spring placeholders: @Value("${db.password}") or environment variables', lineNumber, 'Hardcoded credentials in @Value annotations are visible in source code, version control, and compiled bytecode. Spring applications should use placeholders that reference external configuration (application.properties, environment variables, or secret management services).', '@Value("MySecretP@ss123") private String password; // Hardcoded password visible in source', [
112
+ 'Credential exposure in version control',
113
+ 'Unauthorized system access',
114
+ 'Compliance violations (PCI-DSS, SOC2)',
115
+ 'Credential reuse across environments',
116
+ 'Visible in decompiled bytecode'
117
+ ], '@Value("smtp.password.hardcoded")\nprivate String emailPassword;\n// or\n@Value("AKIAIOSFODNN7EXAMPLE")\nprivate String awsAccessKey;', '// Use Spring placeholders:\n@Value("${smtp.password}")\nprivate String emailPassword;\n\n// application.properties:\n// smtp.password=${SMTP_PASSWORD}\n\n// Or environment variable directly:\n@Value("${SMTP_PASSWORD}")\nprivate String emailPassword;', 'Use Spring placeholder syntax @Value("${property.name}") to reference external configuration. Store secrets in application-<profile>.properties, environment variables, or Spring Cloud Config. Never hardcode credentials in @Value annotations'));
118
+ }
119
+ }
120
+ });
121
+ return vulnerabilities;
122
+ }
123
+ //# sourceMappingURL=hardcoded-credentials.js.map
package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"hardcoded-credentials.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/hardcoded-credentials.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;AAUH,8DAsKC;AA7KD,sEAA+E;AAE/E;;;;GAIG;AACH,SAAgB,yBAAyB,CAAC,KAAe;IACvD,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAE7B,wDAAwD;QACxD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO,CAAC,wBAAwB;QAClC,CAAC;QAED,+EAA+E;QAC/E,8DAA8D;QAC9D,IAAI,CAAC,OAAO;YACR,kBAAkB;YAClB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,OAAO;QACT,CAAC;QAED,sCAAsC;QACtC,0EAA0E;QAC1E,uFAAuF;QACvF,kGAAkG;QAClG,sGAAsG;QACtG,MAAM,iBAAiB,GAAG,yDAAyD,CAAC;QACpF,MAAM,oBAAoB,GAAG,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC7D,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAEhD,IAAI,oBAAoB,IAAI,aAAa;YACrC,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;YAC1G,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,uBAAuB,EACvB,+CAA+C,EAC/C,iGAAiG,EACjG,UAAU,EACV,8QAA8Q,EAC9Q,+FAA+F,EAC/F;gBACE,wCAAwC;gBACxC,4BAA4B;gBAC5B,aAAa;gBACb,uCAAuC;gBACvC,iCAAiC;aAClC,EACD,oHAAoH,EACpH,mOAAmO,EACnO,uNAAuN,CACxN,CAAC,CAAC;QACL,CAAC;QAED,kDAAkD;QAClD,iFAAiF;QACjF,IAAI,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,IAAI,oBAAoB;YAC3D,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,IAAI,+CAA+C;YACxF,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC;YACxE,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,uBAAuB,EACvB,mDAAmD,EACnD,oFAAoF,EACpF,UAAU,EACV,kNAAkN,EAClN,iHAAiH,EACjH;gBACE,kCAAkC;gBAClC,wCAAwC;gBACxC,4BAA4B;gBAC5B,2BAA2B;gBAC3B,oCAAoC;aACrC,EACD,gKAAgK,EAChK,0SAA0S,EAC1S,0MAA0M,CAC3M,CAAC,CAAC;QACL,CAAC;QAED,kDAAkD;QAClD,uCAAuC;QACvC,IAAI,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC;YACvD,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC,EAAE,CAAC;YACnF,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,uBAAuB,EACvB,kDAAkD,EAClD,2EAA2E,EAC3E,UAAU,EACV,0PAA0P,EAC1P,sFAAsF,EACtF;gBACE,iCAAiC;gBACjC,yCAAyC;gBACzC,oBAAoB;gBACpB,yBAAyB;gBACzB,+BAA+B;aAChC,EACD,kFAAkF,EAClF,iMAAiM,EACjM,8MAA8M,CAC/M,CAAC,CAAC;QACL,CAAC;QAED,2DAA2D;QAC3D,sFAAsF;QACtF,IAAI,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC;YACnD,CAAC,OAAO,CAAC,KAAK,CAAC,oCAAoC,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,oCAAoC,CAAC;gBAC1E,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC,EAAE,KAAK,CAAC,oCAAoC,CAAC,CAAC,EAAE,CAAC;YAChG,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,uBAAuB,EACvB,iDAAiD,EACjD,0GAA0G,EAC1G,UAAU,EACV,2MAA2M,EAC3M,8GAA8G,EAC9G;gBACE,yBAAyB;gBACzB,8BAA8B;gBAC9B,uBAAuB;gBACvB,gCAAgC;gBAChC,yCAAyC;aAC1C,EACD,wKAAwK,EACxK,yZAAyZ,EACzZ,0MAA0M,CAC3M,CAAC,CAAC;QACL,CAAC;QAED,2EAA2E;QAC3E,mFAAmF;QACnF,6FAA6F;QAC7F,IAAI,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,EAAE,CAAC;YACpD,+CAA+C;YAC/C,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAClC,kFAAkF;YAClF,iFAAiF;YACjF,MAAM,WAAW,GAAG,QAAQ;gBAC1B,QAAQ,CAAC,KAAK,CAAC,+FAA+F,CAAC,CAAC;YAElH,IAAI,WAAW,EAAE,CAAC;gBAChB,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,uBAAuB,EACvB,4CAA4C,EAC5C,4EAA4E,EAC5E,UAAU,EACV,mRAAmR,EACnR,4FAA4F,EAC5F;oBACE,wCAAwC;oBACxC,4BAA4B;oBAC5B,uCAAuC;oBACvC,sCAAsC;oBACtC,gCAAgC;iBACjC,EACD,uIAAuI,EACvI,4PAA4P,EAC5P,kPAAkP,CACnP,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}
package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts ADDED
@@ -0,0 +1,23 @@
1
+ /**
2
+ * Java Injection Attack Detection Module
3
+ *
4
+ * OWASP A03:2021 - Injection
5
+ *
6
+ * This module detects various injection vulnerabilities in Java code:
7
+ * - SQL Injection (CRITICAL)
8
+ * - Command Injection (CRITICAL)
9
+ * - LDAP Injection (HIGH)
10
+ * - XPath Injection (HIGH)
11
+ *
12
+ * All checks follow the pattern matching approach to identify vulnerable
13
+ * string concatenation in security-sensitive contexts.
14
+ */
15
+ import { SecurityVulnerability } from '../../types';
16
+ /**
17
+ * Checks for injection vulnerabilities in Java code
18
+ *
19
+ * @param lines - Array of code lines to analyze
20
+ * @returns Array of detected security vulnerabilities
21
+ */
22
+ export declare function checkInjectionAttacks(lines: string[]): SecurityVulnerability[];
23
+ //# sourceMappingURL=injection-attacks.d.ts.map
package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"injection-attacks.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/injection-attacks.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;GAKG;AACH,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,qBAAqB,EAAE,CAgQ9E"}
package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js ADDED
@@ -0,0 +1,201 @@
1
+ "use strict";
2
+ /**
3
+ * Java Injection Attack Detection Module
4
+ *
5
+ * OWASP A03:2021 - Injection
6
+ *
7
+ * This module detects various injection vulnerabilities in Java code:
8
+ * - SQL Injection (CRITICAL)
9
+ * - Command Injection (CRITICAL)
10
+ * - LDAP Injection (HIGH)
11
+ * - XPath Injection (HIGH)
12
+ *
13
+ * All checks follow the pattern matching approach to identify vulnerable
14
+ * string concatenation in security-sensitive contexts.
15
+ */
16
+ Object.defineProperty(exports, "__esModule", { value: true });
17
+ exports.checkInjectionAttacks = checkInjectionAttacks;
18
+ const createVulnerability_1 = require("../utils/createVulnerability");
19
+ /**
20
+ * Checks for injection vulnerabilities in Java code
21
+ *
22
+ * @param lines - Array of code lines to analyze
23
+ * @returns Array of detected security vulnerabilities
24
+ */
25
+ function checkInjectionAttacks(lines) {
26
+ const vulnerabilities = [];
27
+ let inMultiLineComment = false;
28
+ lines.forEach((line, index) => {
29
+ const lineNumber = index + 1;
30
+ const trimmed = line.trim();
31
+ // Track multi-line comment blocks (/* ... */)
32
+ if (trimmed.includes('/*')) {
33
+ inMultiLineComment = true;
34
+ }
35
+ if (trimmed.includes('*/')) {
36
+ inMultiLineComment = false;
37
+ return;
38
+ }
39
+ // Skip comments and empty lines
40
+ if (!trimmed || inMultiLineComment || trimmed.startsWith('//') || trimmed.startsWith('*'))
41
+ return;
42
+ // 1. SQL Injection - CRITICAL (Enhanced for Phase B)
43
+ // Detects:
44
+ // - JDBC: executeQuery/executeUpdate with concatenation
45
+ // - JPA/JPQL: createQuery/createNativeQuery with concatenation
46
+ // - Hibernate: session.createSQLQuery with concatenation
47
+ // - MyBatis: ${} vulnerable interpolation (vs #{} safe)
48
+ // - StringBuilder usage in queries
49
+ // - Query string construction with SQL keywords + concatenation
50
+ const hasJDBCExecution = trimmed.match(/executeQuery\s*\(.*\+/) ||
51
+ trimmed.match(/executeUpdate\s*\(.*\+/);
52
+ // Check for JPA/Hibernate with concatenation on current line OR when calling with a variable
53
+ // that was constructed with SQL keywords + concatenation on previous lines
54
+ const hasJPAHibernateConcat = trimmed.match(/createQuery\s*\(.*\+/) ||
55
+ trimmed.match(/createNativeQuery\s*\(.*\+/) ||
56
+ trimmed.match(/createSQLQuery\s*\(.*\+/);
57
+ // Check if calling createQuery/createNativeQuery with a variable that was built with concatenation
58
+ const hasJPAHibernateCall = trimmed.match(/create(Query|NativeQuery|SQLQuery)\s*\(/);
59
+ const prevLines = lines.slice(Math.max(0, index - 5), index);
60
+ const hasQueryVarWithConcat = hasJPAHibernateCall && prevLines.some(l => l.match(/\b(query|sql|jpql|hql)\b.*=/) && l.includes('+') && l.match(/SELECT|INSERT|UPDATE|DELETE/i));
61
+ const hasJPAHibernate = hasJPAHibernateConcat || hasQueryVarWithConcat;
62
+ // MyBatis vulnerable interpolation: ${variable} instead of #{variable}
63
+ const hasMyBatisVuln = trimmed.match(/\$\{[^}]+\}/) &&
64
+ (trimmed.match(/SELECT|INSERT|UPDATE|DELETE/i) || trimmed.match(/<select|<insert|<update|<delete/));
65
+ // StringBuilder usage in SQL queries
66
+ const hasStringBuilderSQL = trimmed.match(/StringBuilder.*SELECT|INSERT|UPDATE|DELETE/i) ||
67
+ (trimmed.match(/\.append\s*\(/) && index > 0 &&
68
+ lines.slice(Math.max(0, index - 3), index).some(l => l.match(/StringBuilder/) && l.match(/SELECT|INSERT|UPDATE|DELETE/i)));
69
+ // SQL query string construction with concatenation
70
+ const hasSQLKeywords = trimmed.match(/\b(SELECT|INSERT|UPDATE|DELETE|FROM|WHERE)\b/i);
71
+ const hasStringConcat = trimmed.includes(' + ') || trimmed.includes('+ "') || trimmed.includes('" +');
72
+ const isQueryStringConstruction = hasSQLKeywords && hasStringConcat;
73
+ if (hasJDBCExecution || hasJPAHibernate || hasMyBatisVuln || hasStringBuilderSQL || isQueryStringConstruction) {
74
+ let message = 'SQL Injection vulnerability detected';
75
+ let recommendation = 'Use PreparedStatement with parameterized queries or JPA with named parameters';
76
+ if (hasJPAHibernate) {
77
+ message = 'SQL Injection vulnerability detected in JPA/JPQL/Hibernate query';
78
+ recommendation = 'Use JPA named parameters (:name) with setParameter(), not string concatenation';
79
+ }
80
+ else if (hasMyBatisVuln) {
81
+ message = 'SQL Injection vulnerability detected in MyBatis query';
82
+ recommendation = 'Use #{} parameter binding instead of ${} interpolation in MyBatis queries';
83
+ }
84
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('sql-injection', message, recommendation, lineNumber, 'String concatenation in SQL queries allows attackers to inject malicious SQL code, bypassing authentication, accessing sensitive data, modifying or deleting records, and potentially executing administrative operations on the database. This applies to JDBC, JPA/JPQL, Hibernate HQL/SQL, and MyBatis dynamic queries.', 'entityManager.createQuery("SELECT u FROM User u WHERE u.name = \'" + username + "\'") where username = "\' OR \'1\'=\'1" bypasses filters and returns all users', [
85
+ 'Full database access (read/write/delete)',
86
+ 'Authentication bypass',
87
+ 'Data exfiltration (passwords, credit cards, PII)',
88
+ 'Data destruction (DROP TABLE attacks)',
89
+ 'Privilege escalation to DBA',
90
+ 'Business logic bypass'
91
+ ], 'String query = "SELECT u FROM User u WHERE u.name = \'" + username + "\'";\nentityManager.createQuery(query);', 'String query = "SELECT u FROM User u WHERE u.name = :name";\nentityManager.createQuery(query).setParameter("name", username);', 'Use parameterized queries with named parameters (:name) for JPA/JPQL, PreparedStatement placeholders (?) for JDBC, and #{} parameter binding for MyBatis. Never use string concatenation or ${} interpolation with user input'));
92
+ }
93
+ // 2. Command Injection - CRITICAL (Enhanced for Phase B)
94
+ // Detects:
95
+ // - Runtime.exec() with concatenation or shell invocation
96
+ // - ProcessBuilder with shell ("sh", "bash", "cmd.exe", "/c")
97
+ // - Apache Commons Exec with user input
98
+ // - Environment variable injection
99
+ // Pattern 1: Runtime.exec with concatenation
100
+ const hasRuntimeExec = trimmed.match(/\.exec\s*\(/i) && trimmed.includes('+');
101
+ // Pattern 2: ProcessBuilder with shell invocation
102
+ const hasProcessBuilderShell = trimmed.match(/ProcessBuilder\s*\(/) &&
103
+ (trimmed.match(/"sh"|"bash"|"cmd\.exe"|"\/c"/) ||
104
+ trimmed.match(/'sh'|'bash'|'cmd\.exe'|'\/c'/));
105
+ // Pattern 3: ProcessBuilder with concatenation
106
+ const hasProcessBuilderConcat = trimmed.includes('ProcessBuilder(') && trimmed.includes('+');
107
+ // Pattern 4: Commons Exec with user input
108
+ const hasCommonsExec = trimmed.match(/CommandLine\s*\(/) || trimmed.match(/\.execute\s*\(/);
109
+ // Pattern 5: String command construction (for next line exec check)
110
+ const isCommandConstruction = trimmed.match(/String\s+\w*(cmd|command|exec)\w*\s*=/) && trimmed.includes('+');
111
+ if (hasRuntimeExec || hasProcessBuilderShell || hasProcessBuilderConcat || hasCommonsExec || isCommandConstruction) {
112
+ let message = 'Command Injection vulnerability detected';
113
+ let recommendation = 'Use ProcessBuilder with separate arguments array, never concatenate user input into shell commands';
114
+ if (hasProcessBuilderShell) {
115
+ message = 'Command Injection vulnerability detected - ProcessBuilder with shell invocation';
116
+ recommendation = 'Do not invoke shell (sh, bash, cmd.exe). Use ProcessBuilder with direct command and separate arguments';
117
+ }
118
+ else if (hasCommonsExec) {
119
+ message = 'Command Injection vulnerability detected in Apache Commons Exec';
120
+ recommendation = 'Validate and sanitize all user input before passing to CommandLine. Use argument array, not string parsing';
121
+ }
122
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('command-injection', message, recommendation, lineNumber, 'String concatenation in system commands allows attackers to inject shell metacharacters (;, |, &, $, `, \\n) to execute arbitrary commands on the server with the application\'s privileges, potentially taking complete control of the system. This applies to Runtime.exec(), ProcessBuilder, and Apache Commons Exec.', 'Runtime.getRuntime().exec("ping " + userInput) where userInput = "8.8.8.8; rm -rf /" executes file deletion after ping', [
123
+ 'Complete server compromise',
124
+ 'Arbitrary code execution (RCE)',
125
+ 'Data exfiltration',
126
+ 'Installation of backdoors',
127
+ 'Lateral movement to other systems',
128
+ 'Cryptomining/ransomware deployment'
129
+ ], 'String cmd = "ping " + userInput;\nRuntime.getRuntime().exec(cmd);\n// OR\nProcessBuilder pb = new ProcessBuilder("sh", "-c", userCommand);', 'ProcessBuilder pb = new ProcessBuilder("ping", "-c", "4", userInput);\nProcess p = pb.start();\n// User input is a separate argument, not part of command string', 'Use ProcessBuilder with separate argument array. Each argument is passed as a distinct parameter, preventing shell interpretation of metacharacters. Never invoke shell wrappers (sh, bash, cmd.exe) with user input. Validate input against strict whitelist if command construction is unavoidable'));
130
+ }
131
+ // 3. LDAP Injection - HIGH (Enhanced for Phase B)
132
+ // Detects:
133
+ // - JNDI DirContext.search() with concatenated filters
134
+ // - InitialDirContext.bind/lookup with user input
135
+ // - UnboundID SDK Filter.create() with concatenation
136
+ // - LdapTemplate.search() with concatenation
137
+ // - ModificationItem operations with user input
138
+ // - Bind DN construction with concatenation
139
+ // Pattern 1: JNDI search with filter concatenation
140
+ const hasLdapSearch = trimmed.match(/\.search\s*\(/i) &&
141
+ (trimmed.match(/ldap|LDAP|DirContext|ctx|context|LdapTemplate/i) ||
142
+ trimmed.match(/search\s*\(.*,.*".*\(/)); // search(baseDN, "(uid=...")
143
+ // Pattern 2: UnboundID Filter.create with concatenation
144
+ const hasUnboundIDVuln = trimmed.match(/Filter\.create\s*\(.*\+/);
145
+ // Pattern 3: LDAP bind/lookup with DN concatenation
146
+ // Check both current line and previous lines for DN construction
147
+ const hasBindOrLookup = trimmed.match(/\.bind\s*\(/) || trimmed.match(/\.lookup\s*\(/);
148
+ const hasLdapBindLookup = hasBindOrLookup &&
149
+ (trimmed.includes('+') || trimmed.match(/cn=.*\+/) ||
150
+ prevLines.some(l => l.match(/\bdn\s*=/) && l.includes('+')));
151
+ // Pattern 4: ModificationItem with user input or modifyAttributes with DN concat
152
+ const hasLdapModify = (trimmed.match(/ModificationItem\s*\[/) || trimmed.match(/modifyAttributes\s*\(/)) &&
153
+ (trimmed.includes('+') || prevLines.some(l => l.includes('ModificationItem') || l.includes('+')));
154
+ if (hasLdapSearch || hasUnboundIDVuln || hasLdapBindLookup || hasLdapModify) {
155
+ // Check previous 5 lines for string concatenation with filter/dn variable
156
+ const prevLines = lines.slice(Math.max(0, index - 5), index);
157
+ const hasFilterConcat = prevLines.some(l => l.match(/filter.*=.*\+/) ||
158
+ l.match(/dn.*=.*\+/) ||
159
+ l.match(/=.*\+.*\).*"/) ||
160
+ l.match(/cn=.*\+/) ||
161
+ l.match(/uid=.*\+/));
162
+ // Check current line for direct concatenation in filters or DNs
163
+ const hasDirectConcat = trimmed.includes('+') &&
164
+ (trimmed.match(/\(uid=/) || trimmed.match(/\(cn=/) ||
165
+ trimmed.match(/dn=/) || trimmed.match(/"cn=/) ||
166
+ trimmed.match(/"uid=/) || trimmed.match(/"ou=/));
167
+ if (hasFilterConcat || hasDirectConcat || hasUnboundIDVuln) {
168
+ let message = 'LDAP Injection vulnerability detected';
169
+ let recommendation = 'Use LdapEncoder.filterEncode() or properly escape special LDAP characters in user input';
170
+ if (hasUnboundIDVuln) {
171
+ message = 'LDAP Injection vulnerability detected in UnboundID Filter.create()';
172
+ recommendation = 'Use Filter.createEqualityFilter() instead of Filter.create() with concatenation';
173
+ }
174
+ else if (hasLdapBindLookup) {
175
+ message = 'LDAP Injection vulnerability detected in bind/lookup DN';
176
+ recommendation = 'Use LdapEncoder.nameEncode() for DN components, validate against whitelist';
177
+ }
178
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('ldap-injection', message, recommendation, lineNumber, 'String concatenation in LDAP filters or DNs allows attackers to inject LDAP metacharacters like *, (, ), &, |, to modify the query logic, bypass authentication, access unauthorized data, enumerate directory entries, or manipulate LDAP operations. This applies to JNDI, UnboundID SDK, and Spring LDAP.', 'ctx.search("ou=users", "(uid=" + username + ")", controls) where username = "*)(uid=*" returns all users bypassing authentication', [
179
+ 'Authentication bypass',
180
+ 'Unauthorized data access',
181
+ 'Directory enumeration',
182
+ 'Information disclosure (email, phone, department)',
183
+ 'Privilege escalation',
184
+ 'LDAP data manipulation'
185
+ ], 'String filter = "(uid=" + username + ")";\nNamingEnumeration results = ctx.search("ou=users", filter, controls);', 'import org.springframework.ldap.support.LdapEncoder;\nString safeUsername = LdapEncoder.filterEncode(username);\nString filter = "(uid=" + safeUsername + ")";\n// Or use UnboundID safe API:\nFilter filter = Filter.createEqualityFilter("uid", username);', 'Use LdapEncoder.filterEncode() to escape special LDAP characters (*, (, ), \\, /, NULL) before inserting into filters. For UnboundID SDK, use Filter.createEqualityFilter() instead of Filter.create(). For DNs, use LdapEncoder.nameEncode() and validate components against whitelist'));
186
+ }
187
+ }
188
+ // 4. XPath Injection - HIGH
189
+ if (trimmed.match(/evaluate\s*\(.*\+/) && trimmed.match(/XPath|xpath/)) {
190
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('xpath-injection', 'XPath Injection vulnerability detected', 'Use parameterized XPath queries or properly escape/validate all user input', lineNumber, 'String concatenation in XPath queries allows attackers to manipulate XML query logic by injecting XPath operators and functions, potentially accessing unauthorized XML data, bypassing authentication, or extracting the entire document structure.', 'xpath.evaluate("//users/user[username=\'" + username + "\' and password=\'" + password + "\']", doc) where username = "\' or \'1\'=\'1" bypasses authentication', [
191
+ 'Authentication bypass',
192
+ 'Unauthorized XML data access',
193
+ 'Information disclosure',
194
+ 'XML structure enumeration',
195
+ 'Business logic bypass'
196
+ ], 'String query = "//users/user[username=\'" + username + "\' and password=\'" + password + "\']";\nxpath.evaluate(query, doc);', '// Use parameterized XPath (if supported) or sanitize input\nString safeUsername = username.replaceAll("[\'\\\"\\\\]", "");\nString query = "//users/user[username=\'" + safeUsername + "\']";\n// Better: Use XPathExpression with setXPathVariableResolver', 'Validate and sanitize user input by removing XPath metacharacters. Preferably use XPath parameterization if your XML library supports it, or switch to safer alternatives like XQuery with parameters'));
197
+ }
198
+ });
199
+ return vulnerabilities;
200
+ }
201
+ //# sourceMappingURL=injection-attacks.js.map
package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"injection-attacks.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/injection-attacks.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;AAWH,sDAgQC;AAxQD,sEAA+E;AAE/E;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,KAAe;IACnD,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,8CAA8C;QAC9C,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO;QACT,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,kBAAkB,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO;QAElG,qDAAqD;QACrD,WAAW;QACX,wDAAwD;QACxD,+DAA+D;QAC/D,yDAAyD;QACzD,wDAAwD;QACxD,mCAAmC;QACnC,gEAAgE;QAEhE,MAAM,gBAAgB,GAAG,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC;YACrC,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,CAAC;QAElE,6FAA6F;QAC7F,2EAA2E;QAC3E,MAAM,qBAAqB,GAAG,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC;YAC3C,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAExE,mGAAmG;QACnG,MAAM,mBAAmB,GAAG,OAAO,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;QACrF,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAC7D,MAAM,qBAAqB,GAAG,mBAAmB,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CACtE,CAAC,CAAC,KAAK,CAAC,6BAA6B,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,8BAA8B,CAAC,CACrG,CAAC;QAEF,MAAM,eAAe,GAAG,qBAAqB,IAAI,qBAAqB,CAAC;QAEvE,uEAAuE;QACvE,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC;YAC3B,CAAC,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC,CAAC;QAE5H,qCAAqC;QACrC,MAAM,mBAAmB,GAAG,OAAO,CAAC,KAAK,CAAC,6CAA6C,CAAC;YAC3D,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,KAAK,GAAG,CAAC;gBAC3C,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAClD,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,8BAA8B,CAAC,CACpE,CAAC,CAAC;QAEjC,mDAAmD;QACnD,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,+CAA+C,CAAC,CAAC;QACtF,MAAM,eAAe,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;QACtG,MAAM,yBAAyB,GAAG,cAAc,IAAI,eAAe,CAAC;QAEpE,IAAI,gBAAgB,IAAI,eAAe,IAAI,cAAc,IAAI,mBAAmB,IAAI,yBAAyB,EAAE,CAAC;YAC9G,IAAI,OAAO,GAAG,sCAAsC,CAAC;YACrD,IAAI,cAAc,GAAG,+EAA+E,CAAC;YAErG,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,GAAG,kEAAkE,CAAC;gBAC7E,cAAc,GAAG,gFAAgF,CAAC;YACpG,CAAC;iBAAM,IAAI,cAAc,EAAE,CAAC;gBAC1B,OAAO,GAAG,uDAAuD,CAAC;gBAClE,cAAc,GAAG,2EAA2E,CAAC;YAC/F,CAAC;YAED,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,eAAe,EACf,OAAO,EACP,cAAc,EACd,UAAU,EACV,4TAA4T,EAC5T,iKAAiK,EACjK;gBACE,0CAA0C;gBAC1C,uBAAuB;gBACvB,kDAAkD;gBAClD,uCAAuC;gBACvC,6BAA6B;gBAC7B,uBAAuB;aACxB,EACD,+GAA+G,EAC/G,+HAA+H,EAC/H,+NAA+N,CAChO,CAAC,CAAC;QACL,CAAC;QAED,yDAAyD;QACzD,WAAW;QACX,0DAA0D;QAC1D,8DAA8D;QAC9D,wCAAwC;QACxC,mCAAmC;QAEnC,6CAA6C;QAC7C,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAE9E,kDAAkD;QAClD,MAAM,sBAAsB,GAAG,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC;YACnC,CAAC,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC;gBAC7C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC,CAAC;QAEhF,+CAA+C;QAC/C,MAAM,uBAAuB,GAAG,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAE7F,0CAA0C;QAC1C,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QAE5F,oEAAoE;QACpE,MAAM,qBAAqB,GAAG,OAAO,CAAC,KAAK,CAAC,uCAAuC,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;QAE9G,IAAI,cAAc,IAAI,sBAAsB,IAAI,uBAAuB,IAAI,cAAc,IAAI,qBAAqB,EAAE,CAAC;YACnH,IAAI,OAAO,GAAG,0CAA0C,CAAC;YACzD,IAAI,cAAc,GAAG,oGAAoG,CAAC;YAE1H,IAAI,sBAAsB,EAAE,CAAC;gBAC3B,OAAO,GAAG,iFAAiF,CAAC;gBAC5F,cAAc,GAAG,wGAAwG,CAAC;YAC5H,CAAC;iBAAM,IAAI,cAAc,EAAE,CAAC;gBAC1B,OAAO,GAAG,iEAAiE,CAAC;gBAC5E,cAAc,GAAG,4GAA4G,CAAC;YAChI,CAAC;YAED,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,mBAAmB,EACnB,OAAO,EACP,cAAc,EACd,UAAU,EACV,0TAA0T,EAC1T,wHAAwH,EACxH;gBACE,4BAA4B;gBAC5B,gCAAgC;gBAChC,mBAAmB;gBACnB,2BAA2B;gBAC3B,mCAAmC;gBACnC,oCAAoC;aACrC,EACD,6IAA6I,EAC7I,kKAAkK,EAClK,sSAAsS,CACvS,CAAC,CAAC;QACL,CAAC;QAED,kDAAkD;QAClD,WAAW;QACX,uDAAuD;QACvD,kDAAkD;QAClD,qDAAqD;QACrD,6CAA6C;QAC7C,gDAAgD;QAChD,4CAA4C;QAE5C,mDAAmD;QACnD,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC;YAC/B,CAAC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC;gBAC/D,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,CAAC,CAAC,6BAA6B;QAE7F,wDAAwD;QACxD,MAAM,gBAAgB,GAAG,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;QAElE,oDAAoD;QACpD,iEAAiE;QACjE,MAAM,eAAe,GAAG,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACvF,MAAM,iBAAiB,GAAG,eAAe;YACb,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,SAAS,CAAC;gBACjD,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAE1F,iFAAiF;QACjF,MAAM,aAAa,GAAG,CAAC,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACjF,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAEzH,IAAI,aAAa,IAAI,gBAAgB,IAAI,iBAAiB,IAAI,aAAa,EAAE,CAAC;YAC5E,0EAA0E;YAC1E,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;YAC7D,MAAM,eAAe,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CACzC,CAAC,CAAC,KAAK,CAAC,eAAe,CAAC;gBACxB,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC;gBACpB,CAAC,CAAC,KAAK,CAAC,cAAc,CAAC;gBACvB,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC;gBAClB,CAAC,CAAC,KAAK,CAAC,UAAU,CAAC,CACpB,CAAC;YAEF,gEAAgE;YAChE,MAAM,eAAe,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;gBACpB,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC;oBACjD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC;oBAC7C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAE3E,IAAI,eAAe,IAAI,eAAe,IAAI,gBAAgB,EAAE,CAAC;gBAC3D,IAAI,OAAO,GAAG,uCAAuC,CAAC;gBACtD,IAAI,cAAc,GAAG,yFAAyF,CAAC;gBAE/G,IAAI,gBAAgB,EAAE,CAAC;oBACrB,OAAO,GAAG,oEAAoE,CAAC;oBAC/E,cAAc,GAAG,iFAAiF,CAAC;gBACrG,CAAC;qBAAM,IAAI,iBAAiB,EAAE,CAAC;oBAC7B,OAAO,GAAG,yDAAyD,CAAC;oBACpE,cAAc,GAAG,4EAA4E,CAAC;gBAChG,CAAC;gBAED,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,gBAAgB,EAChB,OAAO,EACP,cAAc,EACd,UAAU,EACV,8SAA8S,EAC9S,mIAAmI,EACnI;oBACE,uBAAuB;oBACvB,0BAA0B;oBAC1B,uBAAuB;oBACvB,mDAAmD;oBACnD,sBAAsB;oBACtB,wBAAwB;iBACzB,EACD,kHAAkH,EAClH,8PAA8P,EAC9P,yRAAyR,CAC1R,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,IAAI,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,EAAE,CAAC;YACvE,eAAe,CAAC,IAAI,CAAC,IAAA,qDAA+B,EAClD,iBAAiB,EACjB,wCAAwC,EACxC,4EAA4E,EAC5E,UAAU,EACV,sPAAsP,EACtP,iKAAiK,EACjK;gBACE,uBAAuB;gBACvB,8BAA8B;gBAC9B,wBAAwB;gBACxB,2BAA2B;gBAC3B,uBAAuB;aACxB,EACD,8HAA8H,EAC9H,8PAA8P,EAC9P,uMAAuM,CACxM,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}
package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts ADDED
@@ -0,0 +1,20 @@
1
+ /**
2
+ * Java Insecure Design Security Checks
3
+ * OWASP A06:2025 - Insecure Design
4
+ *
5
+ * Detects insecure design patterns in Java applications.
6
+ * Updated for OWASP 2025 with architectural security patterns (Phase 7B Day 9).
7
+ */
8
+ import { SecurityVulnerability } from '../../types';
9
+ /**
10
+ * Checks for insecure design security vulnerabilities in Java code
11
+ *
12
+ * Covers:
13
+ * - Check #1: Missing input validation (no @Valid/@Validated) (HIGH)
14
+ * - Check #2: Direct database queries in controllers (MEDIUM)
15
+ *
16
+ * @param lines - Array of code lines
17
+ * @returns Array of security vulnerabilities found
18
+ */
19
+ export declare function checkInsecureDesign(lines: string[]): SecurityVulnerability[];
20
+ //# sourceMappingURL=insecure-design.d.ts.map
package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"insecure-design.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/insecure-design.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;;GASG;AACH,wBAAgB,mBAAmB,CACjC,KAAK,EAAE,MAAM,EAAE,GACd,qBAAqB,EAAE,CAuKzB"}
package/dist/src/lib/analyzers/java/security-checks/insecure-design.js ADDED
@@ -0,0 +1,121 @@
1
+ "use strict";
2
+ /**
3
+ * Java Insecure Design Security Checks
4
+ * OWASP A06:2025 - Insecure Design
5
+ *
6
+ * Detects insecure design patterns in Java applications.
7
+ * Updated for OWASP 2025 with architectural security patterns (Phase 7B Day 9).
8
+ */
9
+ Object.defineProperty(exports, "__esModule", { value: true });
10
+ exports.checkInsecureDesign = checkInsecureDesign;
11
+ const createVulnerability_1 = require("../utils/createVulnerability");
12
+ /**
13
+ * Checks for insecure design security vulnerabilities in Java code
14
+ *
15
+ * Covers:
16
+ * - Check #1: Missing input validation (no @Valid/@Validated) (HIGH)
17
+ * - Check #2: Direct database queries in controllers (MEDIUM)
18
+ *
19
+ * @param lines - Array of code lines
20
+ * @returns Array of security vulnerabilities found
21
+ */
22
+ function checkInsecureDesign(lines) {
23
+ const vulnerabilities = [];
24
+ let inMultiLineComment = false;
25
+ let inControllerClass = false;
26
+ lines.forEach((line, index) => {
27
+ const trimmedLine = line.trim();
28
+ // CRITICAL: Track multi-line comment blocks (/* ... */)
29
+ if (trimmedLine.includes('/*')) {
30
+ inMultiLineComment = true;
31
+ }
32
+ if (trimmedLine.includes('*/')) {
33
+ inMultiLineComment = false;
34
+ return; // Skip the line with */
35
+ }
36
+ // CRITICAL: Skip all lines inside multi-line comments and single-line comments
37
+ if (!trimmedLine ||
38
+ inMultiLineComment ||
39
+ trimmedLine.startsWith('//')) {
40
+ return;
41
+ }
42
+ const lowerLine = trimmedLine.toLowerCase();
43
+ // Track if we're inside a @RestController or @Controller class
44
+ // Also set flag when seeing mapping annotations (indicates controller method)
45
+ if (lowerLine.includes('@restcontroller') || lowerLine.includes('@controller')) {
46
+ inControllerClass = true;
47
+ }
48
+ if (lowerLine.match(/@(get|post|put|patch|delete|request)mapping/)) {
49
+ inControllerClass = true;
50
+ }
51
+ // Check #1: Missing input validation on POST/PUT/PATCH endpoints
52
+ const isModifyingEndpoint = lowerLine.match(/@(post|put|patch)mapping/);
53
+ if (isModifyingEndpoint) {
54
+ // Look for @RequestBody in the next 2 lines (method signature)
55
+ const nextLines = lines.slice(index + 1, Math.min(index + 3, lines.length));
56
+ const hasRequestBody = nextLines.some(nextLine => nextLine.toLowerCase().includes('@requestbody'));
57
+ if (hasRequestBody) {
58
+ // Check if @Valid or @Validated is present
59
+ const hasValidation = nextLines.some(nextLine => {
60
+ const lowerNext = nextLine.toLowerCase();
61
+ return lowerNext.includes('@valid') || lowerNext.includes('@validated');
62
+ });
63
+ if (!hasValidation) {
64
+ // Find the actual method line number
65
+ let methodLineIndex = index + 1;
66
+ for (let i = index + 1; i < Math.min(index + 3, lines.length); i++) {
67
+ if (lines[i].trim().match(/^(public|private|protected)\s+\w+\s+\w+\s*\(/)) {
68
+ methodLineIndex = i;
69
+ break;
70
+ }
71
+ }
72
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('missing-input-validation', 'Controller method missing input validation annotation', 'Add @Valid or @Validated annotation to @RequestBody parameters', methodLineIndex + 1, 'Missing input validation allows attackers to send malformed or malicious data that can cause application crashes, data corruption, business logic bypass, or injection attacks', '@PostMapping("/users")\npublic User create(@RequestBody User user) { } // No @Valid!', [
73
+ 'SQL injection through unvalidated input',
74
+ 'Business logic bypass with invalid data',
75
+ 'Data corruption from malformed requests',
76
+ 'Application crashes from unexpected values',
77
+ 'Mass assignment vulnerabilities'
78
+ ], '@PostMapping("/users")\npublic User create(@RequestBody User user) { }', '@PostMapping("/users")\npublic User create(@Valid @RequestBody UserDTO dto) {\n // Spring validates DTO constraints\n}', 'Always use @Valid or @Validated with Bean Validation constraints (@NotNull, @Size, @Email, etc.) to validate all user input'));
79
+ }
80
+ }
81
+ }
82
+ // Check #2: Direct database access in controllers
83
+ // Detect EntityManager, JdbcTemplate in controller classes
84
+ if (inControllerClass) {
85
+ // Check for EntityManager field declaration
86
+ if (lowerLine.includes('entitymanager') &&
87
+ (lowerLine.includes('private') || lowerLine.includes('autowired') || lowerLine.includes('@persistencecontext'))) {
88
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('direct-database-query', 'direct database access detected in controller layer', 'Move database queries to service or repository layer', index + 1, 'Controllers with direct database access violate separation of concerns, make testing difficult, bypass business logic validation, and create security and maintainability issues', '@RestController\nclass UserController {\n @PersistenceContext EntityManager em; // Direct DB access!', [
89
+ 'Bypass of business logic validation',
90
+ 'SQL injection if queries are constructed dynamically',
91
+ 'Difficult to implement access control',
92
+ 'Cannot reuse database logic across endpoints',
93
+ 'Testing complexity and maintenance issues'
94
+ ], '@PersistenceContext\nprivate EntityManager entityManager;', '@Autowired\nprivate UserService userService; // Use service layer', 'Controllers should only handle HTTP concerns. Move all database queries to repository or service layers'));
95
+ }
96
+ // Check for JdbcTemplate field declaration
97
+ if (lowerLine.includes('jdbctemplate') &&
98
+ (lowerLine.includes('private') || lowerLine.includes('autowired'))) {
99
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('direct-database-query', 'direct database access detected in controller layer', 'Move database queries to service or repository layer', index + 1, 'Controllers with direct database access violate separation of concerns and create security vulnerabilities', '@Autowired\nprivate JdbcTemplate jdbcTemplate; // Direct DB access in controller!', [
100
+ 'Bypass of business logic validation',
101
+ 'SQL injection risks',
102
+ 'Difficult to implement proper access control',
103
+ 'Cannot reuse queries across the application',
104
+ 'Testing and maintenance complexity'
105
+ ], '@Autowired\nprivate JdbcTemplate jdbcTemplate;', '@Autowired\nprivate UserRepository userRepository; // Use repository layer', 'Use the repository pattern to encapsulate all data access logic'));
106
+ }
107
+ // Check for createQuery calls in controller methods
108
+ if (lowerLine.includes('createquery') || lowerLine.includes('createnativequery')) {
109
+ vulnerabilities.push((0, createVulnerability_1.createJavaSecurityVulnerability)('direct-database-query', 'direct database query execution in controller method', 'Move query execution to service or repository layer', index + 1, 'Executing database queries directly in controllers bypasses proper layering and security controls', 'entityManager.createQuery("SELECT u FROM User u").getResultList(); // Direct query!', [
110
+ 'Business logic bypass',
111
+ 'SQL injection if query uses string concatenation',
112
+ 'Cannot enforce consistent access control',
113
+ 'Difficult to test and maintain',
114
+ 'Violates single responsibility principle'
115
+ ], 'return entityManager.createQuery("SELECT u FROM User u").getResultList();', 'return userService.findAll(); // Service handles queries', 'All database queries should be encapsulated in service or repository methods'));
116
+ }
117
+ }
118
+ });
119
+ return vulnerabilities;
120
+ }
121
+ //# sourceMappingURL=insecure-design.js.map
package/dist/src/lib/analyzers/java/security-checks/insecure-design.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"insecure-design.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/insecure-design.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AAeH,kDAyKC;AArLD,sEAA+E;AAE/E;;;;;;;;;GASG;AACH,SAAgB,mBAAmB,CACjC,KAAe;IAEf,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAC/B,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAE9B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAEhC,wDAAwD;QACxD,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO,CAAC,wBAAwB;QAClC,CAAC;QAED,+EAA+E;QAC/E,IAAI,CAAC,WAAW;YACZ,kBAAkB;YAClB,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,OAAO;QACT,CAAC;QAED,MAAM,SAAS,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC;QAE5C,+DAA+D;QAC/D,8EAA8E;QAC9E,IAAI,SAAS,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/E,iBAAiB,GAAG,IAAI,CAAC;QAC3B,CAAC;QACD,IAAI,SAAS,CAAC,KAAK,CAAC,6CAA6C,CAAC,EAAE,CAAC;YACnE,iBAAiB,GAAG,IAAI,CAAC;QAC3B,CAAC;QAED,iEAAiE;QACjE,MAAM,mBAAmB,GAAG,SAAS,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;QAExE,IAAI,mBAAmB,EAAE,CAAC;YACxB,+DAA+D;YAC/D,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAC5E,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAC/C,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAChD,CAAC;YAEF,IAAI,cAAc,EAAE,CAAC;gBACnB,2CAA2C;gBAC3C,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAC9C,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;oBACzC,OAAO,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAC1E,CAAC,CAAC,CAAC;gBAEH,IAAI,CAAC,aAAa,EAAE,CAAC;oBACnB,qCAAqC;oBACrC,IAAI,eAAe,GAAG,KAAK,GAAG,CAAC,CAAC;oBAChC,KAAK,IAAI,CAAC,GAAG,KAAK,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;wBACnE,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,8CAA8C,CAAC,EAAE,CAAC;4BAC1E,eAAe,GAAG,CAAC,CAAC;4BACpB,MAAM;wBACR,CAAC;oBACH,CAAC;oBAED,eAAe,CAAC,IAAI,CAClB,IAAA,qDAA+B,EAC7B,0BAA0B,EAC1B,uDAAuD,EACvD,gEAAgE,EAChE,eAAe,GAAG,CAAC,EACnB,gLAAgL,EAChL,sFAAsF,EACtF;wBACE,yCAAyC;wBACzC,yCAAyC;wBACzC,yCAAyC;wBACzC,4CAA4C;wBAC5C,iCAAiC;qBAClC,EACD,wEAAwE,EACxE,yHAAyH,EACzH,6HAA6H,CAC9H,CACF,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,kDAAkD;QAClD,2DAA2D;QAC3D,IAAI,iBAAiB,EAAE,CAAC;YACtB,4CAA4C;YAC5C,IAAI,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC;gBACnC,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC,EAAE,CAAC;gBACpH,eAAe,CAAC,IAAI,CAClB,IAAA,qDAA+B,EAC7B,uBAAuB,EACvB,qDAAqD,EACrD,sDAAsD,EACtD,KAAK,GAAG,CAAC,EACT,kLAAkL,EAClL,uGAAuG,EACvG;oBACE,qCAAqC;oBACrC,sDAAsD;oBACtD,uCAAuC;oBACvC,8CAA8C;oBAC9C,2CAA2C;iBAC5C,EACD,2DAA2D,EAC3D,mEAAmE,EACnE,yGAAyG,CAC1G,CACF,CAAC;YACJ,CAAC;YAED,2CAA2C;YAC3C,IAAI,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC;gBAClC,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;gBACvE,eAAe,CAAC,IAAI,CAClB,IAAA,qDAA+B,EAC7B,uBAAuB,EACvB,qDAAqD,EACrD,sDAAsD,EACtD,KAAK,GAAG,CAAC,EACT,4GAA4G,EAC5G,mFAAmF,EACnF;oBACE,qCAAqC;oBACrC,qBAAqB;oBACrB,8CAA8C;oBAC9C,6CAA6C;oBAC7C,oCAAoC;iBACrC,EACD,gDAAgD,EAChD,4EAA4E,EAC5E,iEAAiE,CAClE,CACF,CAAC;YACJ,CAAC;YAED,oDAAoD;YACpD,IAAI,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBACjF,eAAe,CAAC,IAAI,CAClB,IAAA,qDAA+B,EAC7B,uBAAuB,EACvB,sDAAsD,EACtD,qDAAqD,EACrD,KAAK,GAAG,CAAC,EACT,mGAAmG,EACnG,qFAAqF,EACrF;oBACE,uBAAuB;oBACvB,kDAAkD;oBAClD,0CAA0C;oBAC1C,gCAAgC;oBAChC,0CAA0C;iBAC3C,EACD,2EAA2E,EAC3E,0DAA0D,EAC1D,8EAA8E,CAC/E,CACF,CAAC;YACJ,CAAC;QACH,CAAC;IAEH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}
package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts ADDED
@@ -0,0 +1,20 @@
1
+ /**
2
+ * Java Logging Failures Security Checks
3
+ * OWASP A09:2025 - Security Logging and Monitoring Failures
4
+ *
5
+ * Detects logging security failures in Java applications.
6
+ * Updated for OWASP 2025 with security logging patterns (Phase 7B Day 9).
7
+ */
8
+ import { SecurityVulnerability } from '../../types';
9
+ /**
10
+ * Checks for logging security vulnerabilities in Java code
11
+ *
12
+ * Covers:
13
+ * - Check #1: Missing security event logging (MEDIUM)
14
+ * - Check #2: System.out.println in production (LOW)
15
+ *
16
+ * @param lines - Array of code lines
17
+ * @returns Array of security vulnerabilities found
18
+ */
19
+ export declare function checkLoggingFailures(lines: string[]): SecurityVulnerability[];
20
+ //# sourceMappingURL=logging-failures.d.ts.map
package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"logging-failures.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/java/security-checks/logging-failures.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;;GASG;AACH,wBAAgB,oBAAoB,CAClC,KAAK,EAAE,MAAM,EAAE,GACd,qBAAqB,EAAE,CA0GzB"}