codeslick-cli 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +458 -0
- package/__tests__/cli-reporter.test.ts +86 -0
- package/__tests__/config-loader.test.ts +247 -0
- package/__tests__/local-scanner.test.ts +245 -0
- package/bin/codeslick.cjs +153 -0
- package/dist/packages/cli/src/commands/auth.d.ts +36 -0
- package/dist/packages/cli/src/commands/auth.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/auth.js +226 -0
- package/dist/packages/cli/src/commands/auth.js.map +1 -0
- package/dist/packages/cli/src/commands/config.d.ts +37 -0
- package/dist/packages/cli/src/commands/config.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/config.js +196 -0
- package/dist/packages/cli/src/commands/config.js.map +1 -0
- package/dist/packages/cli/src/commands/init.d.ts +32 -0
- package/dist/packages/cli/src/commands/init.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/init.js +171 -0
- package/dist/packages/cli/src/commands/init.js.map +1 -0
- package/dist/packages/cli/src/commands/scan.d.ts +40 -0
- package/dist/packages/cli/src/commands/scan.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/scan.js +204 -0
- package/dist/packages/cli/src/commands/scan.js.map +1 -0
- package/dist/packages/cli/src/config/config-loader.d.ts +67 -0
- package/dist/packages/cli/src/config/config-loader.d.ts.map +1 -0
- package/dist/packages/cli/src/config/config-loader.js +146 -0
- package/dist/packages/cli/src/config/config-loader.js.map +1 -0
- package/dist/packages/cli/src/reporters/cli-reporter.d.ts +69 -0
- package/dist/packages/cli/src/reporters/cli-reporter.d.ts.map +1 -0
- package/dist/packages/cli/src/reporters/cli-reporter.js +244 -0
- package/dist/packages/cli/src/reporters/cli-reporter.js.map +1 -0
- package/dist/packages/cli/src/scanner/local-scanner.d.ts +92 -0
- package/dist/packages/cli/src/scanner/local-scanner.d.ts.map +1 -0
- package/dist/packages/cli/src/scanner/local-scanner.js +221 -0
- package/dist/packages/cli/src/scanner/local-scanner.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts +88 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js +371 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts +63 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.js +95 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts +59 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.js +231 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.js +129 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js +221 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.js +84 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js +161 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js +163 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts +24 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js +178 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.js +179 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts +17 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.js +67 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.js +396 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js +123 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts +23 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js +201 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.js +121 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.js +89 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js +309 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js +114 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/java-analyzer.d.ts +209 -0
- package/dist/src/lib/analyzers/java-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java-analyzer.js +1720 -0
- package/dist/src/lib/analyzers/java-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js +123 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts +44 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js +224 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts +50 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js +284 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js +86 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts +32 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js +44 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts +22 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.js +168 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js +232 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js +222 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js +176 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js +113 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js +227 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts +32 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js +260 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts +26 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js +164 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js +775 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts +25 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js +168 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js +108 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js +143 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts +53 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js +144 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts +72 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js +314 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts +36 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js +70 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts +29 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js +55 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/javascript-analyzer.d.ts +95 -0
- package/dist/src/lib/analyzers/javascript-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript-analyzer.js +2141 -0
- package/dist/src/lib/analyzers/javascript-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts +21 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.js +305 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js +242 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js +207 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts +27 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.js +206 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js +113 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js +129 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts +19 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.js +90 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.js +68 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts +25 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.js +180 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js +127 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.js +120 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.js +143 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts +28 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js +174 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.js +160 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.js +121 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js +248 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js +375 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js +160 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.js +117 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/python-analyzer.d.ts +111 -0
- package/dist/src/lib/analyzers/python-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python-analyzer.js +1600 -0
- package/dist/src/lib/analyzers/python-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts +14 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js +47 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts +13 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js +36 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts +12 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js +45 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts +14 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js +47 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts +13 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js +36 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.js +32 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts +16 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.js +79 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.js +58 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts +88 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.js +162 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts +56 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.js +199 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts +56 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js +102 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.d.ts +38 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.js +125 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts +46 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.js +92 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/react-security.d.ts +49 -0
- package/dist/src/lib/analyzers/security-checks/react-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/react-security.js +125 -0
- package/dist/src/lib/analyzers/security-checks/react-security.js.map +1 -0
- package/dist/src/lib/analyzers/types.d.ts +92 -0
- package/dist/src/lib/analyzers/types.d.ts.map +1 -0
- package/dist/src/lib/analyzers/types.js +3 -0
- package/dist/src/lib/analyzers/types.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.js +210 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js +242 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts +28 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.js +357 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts +26 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js +380 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js +109 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts +21 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js +153 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js +146 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js +187 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js +97 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts +29 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js +319 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts +21 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js +121 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts +27 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js +213 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.js +59 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/type-checker.d.ts +17 -0
- package/dist/src/lib/analyzers/typescript/type-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/type-checker.js +515 -0
- package/dist/src/lib/analyzers/typescript/type-checker.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/typescript-analyzer.d.ts +116 -0
- package/dist/src/lib/analyzers/typescript-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript-analyzer.js +1660 -0
- package/dist/src/lib/analyzers/typescript-analyzer.js.map +1 -0
- package/dist/src/lib/security/compliance-mapping.d.ts +29 -0
- package/dist/src/lib/security/compliance-mapping.d.ts.map +1 -0
- package/dist/src/lib/security/compliance-mapping.js +1342 -0
- package/dist/src/lib/security/compliance-mapping.js.map +1 -0
- package/dist/src/lib/security/severity-scoring.d.ts +47 -0
- package/dist/src/lib/security/severity-scoring.d.ts.map +1 -0
- package/dist/src/lib/security/severity-scoring.js +965 -0
- package/dist/src/lib/security/severity-scoring.js.map +1 -0
- package/dist/src/lib/standards/references.d.ts +16 -0
- package/dist/src/lib/standards/references.d.ts.map +1 -0
- package/dist/src/lib/standards/references.js +1161 -0
- package/dist/src/lib/standards/references.js.map +1 -0
- package/dist/src/lib/types/index.d.ts +167 -0
- package/dist/src/lib/types/index.d.ts.map +1 -0
- package/dist/src/lib/types/index.js +3 -0
- package/dist/src/lib/types/index.js.map +1 -0
- package/dist/src/lib/utils/code-cleaner.d.ts +59 -0
- package/dist/src/lib/utils/code-cleaner.d.ts.map +1 -0
- package/dist/src/lib/utils/code-cleaner.js +283 -0
- package/dist/src/lib/utils/code-cleaner.js.map +1 -0
- package/package.json +51 -0
- package/src/commands/auth.ts +308 -0
- package/src/commands/config.ts +226 -0
- package/src/commands/init.ts +202 -0
- package/src/commands/scan.ts +238 -0
- package/src/config/config-loader.ts +175 -0
- package/src/reporters/cli-reporter.ts +282 -0
- package/src/scanner/local-scanner.ts +250 -0
- package/tsconfig.json +24 -0
- package/tsconfig.tsbuildinfo +1 -0
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* API Keys Pattern Index
|
|
3
|
+
*
|
|
4
|
+
* Combines all API key patterns from various providers.
|
|
5
|
+
* Total: 23 patterns across 7 categories.
|
|
6
|
+
*
|
|
7
|
+
* Created: Phase 1.5, Week 1
|
|
8
|
+
* Date: January 7, 2026
|
|
9
|
+
*/
|
|
10
|
+
import { SecretPattern } from '../secrets-analyzer';
|
|
11
|
+
/**
|
|
12
|
+
* All API key patterns combined
|
|
13
|
+
*/
|
|
14
|
+
export declare const API_KEY_PATTERNS: SecretPattern[];
|
|
15
|
+
//# sourceMappingURL=api-keys.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"api-keys.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/api-keys.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AASpD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,aAAa,EAQ3C,CAAC"}
|
|
@@ -0,0 +1,32 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* API Keys Pattern Index
|
|
4
|
+
*
|
|
5
|
+
* Combines all API key patterns from various providers.
|
|
6
|
+
* Total: 23 patterns across 7 categories.
|
|
7
|
+
*
|
|
8
|
+
* Created: Phase 1.5, Week 1
|
|
9
|
+
* Date: January 7, 2026
|
|
10
|
+
*/
|
|
11
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
12
|
+
exports.API_KEY_PATTERNS = void 0;
|
|
13
|
+
const aws_1 = require("./api-keys/aws");
|
|
14
|
+
const github_1 = require("./api-keys/github");
|
|
15
|
+
const stripe_1 = require("./api-keys/stripe");
|
|
16
|
+
const ai_providers_1 = require("./api-keys/ai-providers");
|
|
17
|
+
const communication_1 = require("./api-keys/communication");
|
|
18
|
+
const cloud_providers_1 = require("./api-keys/cloud-providers");
|
|
19
|
+
const generic_1 = require("./api-keys/generic");
|
|
20
|
+
/**
|
|
21
|
+
* All API key patterns combined
|
|
22
|
+
*/
|
|
23
|
+
exports.API_KEY_PATTERNS = [
|
|
24
|
+
...aws_1.AWS_PATTERNS,
|
|
25
|
+
...github_1.GITHUB_PATTERNS,
|
|
26
|
+
...stripe_1.STRIPE_PATTERNS,
|
|
27
|
+
...ai_providers_1.AI_PROVIDER_PATTERNS,
|
|
28
|
+
...communication_1.COMMUNICATION_PATTERNS,
|
|
29
|
+
...cloud_providers_1.CLOUD_PROVIDER_PATTERNS,
|
|
30
|
+
...generic_1.GENERIC_PATTERNS,
|
|
31
|
+
];
|
|
32
|
+
//# sourceMappingURL=api-keys.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"api-keys.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/api-keys.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAGH,wCAA8C;AAC9C,8CAAoD;AACpD,8CAAoD;AACpD,0DAA+D;AAC/D,4DAAkE;AAClE,gEAAqE;AACrE,gDAAsD;AAEtD;;GAEG;AACU,QAAA,gBAAgB,GAAoB;IAC/C,GAAG,kBAAY;IACf,GAAG,wBAAe;IAClB,GAAG,wBAAe;IAClB,GAAG,mCAAoB;IACvB,GAAG,sCAAsB;IACzB,GAAG,yCAAuB;IAC1B,GAAG,0BAAgB;CACpB,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Credentials Pattern Detection
|
|
3
|
+
*
|
|
4
|
+
* Detects hardcoded credentials:
|
|
5
|
+
* - Database passwords
|
|
6
|
+
* - Generic passwords
|
|
7
|
+
* - JWT secrets
|
|
8
|
+
* - Database connection strings
|
|
9
|
+
*
|
|
10
|
+
* Created: Phase 1.5, Week 1
|
|
11
|
+
* Date: January 7, 2026
|
|
12
|
+
*/
|
|
13
|
+
import { SecretPattern } from '../secrets-analyzer';
|
|
14
|
+
export declare const CREDENTIAL_PATTERNS: SecretPattern[];
|
|
15
|
+
//# sourceMappingURL=credentials.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"credentials.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/credentials.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEpD,eAAO,MAAM,mBAAmB,EAAE,aAAa,EAmD9C,CAAC"}
|
|
@@ -0,0 +1,68 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Credentials Pattern Detection
|
|
4
|
+
*
|
|
5
|
+
* Detects hardcoded credentials:
|
|
6
|
+
* - Database passwords
|
|
7
|
+
* - Generic passwords
|
|
8
|
+
* - JWT secrets
|
|
9
|
+
* - Database connection strings
|
|
10
|
+
*
|
|
11
|
+
* Created: Phase 1.5, Week 1
|
|
12
|
+
* Date: January 7, 2026
|
|
13
|
+
*/
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.CREDENTIAL_PATTERNS = void 0;
|
|
16
|
+
exports.CREDENTIAL_PATTERNS = [
|
|
17
|
+
{
|
|
18
|
+
id: 'database-password',
|
|
19
|
+
name: 'Database Password',
|
|
20
|
+
pattern: /(?:db[_-]?password|database[_-]?password)\s*[:=]\s*['"]([^'"]{8,})['"]/i,
|
|
21
|
+
minEntropy: 3.0,
|
|
22
|
+
description: 'Database password hardcoded in source code',
|
|
23
|
+
severity: 'critical',
|
|
24
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
25
|
+
cwe: 'CWE-798',
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
id: 'generic-password',
|
|
29
|
+
name: 'Generic Password',
|
|
30
|
+
pattern: /(?:password|passwd|pwd)\s*[:=]\s*['"]([^'"]{8,})['"]/i,
|
|
31
|
+
minEntropy: 3.0,
|
|
32
|
+
description: 'Password hardcoded in source code',
|
|
33
|
+
severity: 'high',
|
|
34
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
35
|
+
cwe: 'CWE-798',
|
|
36
|
+
},
|
|
37
|
+
{
|
|
38
|
+
id: 'jwt-secret',
|
|
39
|
+
name: 'JWT Secret',
|
|
40
|
+
pattern: /(?:jwt[_-]?secret|token[_-]?secret)\s*[:=]\s*['"]([^'"]{16,})['"]/i,
|
|
41
|
+
minEntropy: 4.0,
|
|
42
|
+
description: 'JWT secret hardcoded - allows token forgery',
|
|
43
|
+
severity: 'critical',
|
|
44
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
45
|
+
cwe: 'CWE-321',
|
|
46
|
+
},
|
|
47
|
+
{
|
|
48
|
+
id: 'database-connection-string',
|
|
49
|
+
name: 'Database Connection String',
|
|
50
|
+
pattern: /(?:postgres|mysql|mongodb):\/\/[^:]+:[^@]+@/i,
|
|
51
|
+
minEntropy: 3.0,
|
|
52
|
+
description: 'Database connection string with credentials',
|
|
53
|
+
severity: 'critical',
|
|
54
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
55
|
+
cwe: 'CWE-798',
|
|
56
|
+
},
|
|
57
|
+
{
|
|
58
|
+
id: 'encryption-key',
|
|
59
|
+
name: 'Encryption Key',
|
|
60
|
+
pattern: /(?:encryption[_-]?key|encrypt[_-]?key)\s*[:=]\s*['"]([A-Za-z0-9+/=]{32,})['"]/i,
|
|
61
|
+
minEntropy: 4.5,
|
|
62
|
+
description: 'Encryption key hardcoded in source code',
|
|
63
|
+
severity: 'critical',
|
|
64
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
65
|
+
cwe: 'CWE-321',
|
|
66
|
+
},
|
|
67
|
+
];
|
|
68
|
+
//# sourceMappingURL=credentials.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"credentials.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/credentials.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAIU,QAAA,mBAAmB,GAAoB;IAClD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,yEAAyE;QAClF,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,4CAA4C;QACzD,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,uDAAuD;QAChE,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,mCAAmC;QAChD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,oEAAoE;QAC7E,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,6CAA6C;QAC1D,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,4BAA4B;QAChC,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,8CAA8C;QACvD,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,6CAA6C;QAC1D,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,gFAAgF;QACzF,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,yCAAyC;QACtD,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;CACF,CAAC"}
|
|
@@ -0,0 +1,16 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Private Keys Pattern Detection
|
|
3
|
+
*
|
|
4
|
+
* Detects hardcoded private keys:
|
|
5
|
+
* - RSA Private Keys
|
|
6
|
+
* - SSH Private Keys
|
|
7
|
+
* - PGP Private Keys
|
|
8
|
+
* - EC Private Keys
|
|
9
|
+
* - DSA Private Keys
|
|
10
|
+
*
|
|
11
|
+
* Created: Phase 1.5, Week 1
|
|
12
|
+
* Date: January 7, 2026
|
|
13
|
+
*/
|
|
14
|
+
import { SecretPattern } from '../secrets-analyzer';
|
|
15
|
+
export declare const PRIVATE_KEY_PATTERNS: SecretPattern[];
|
|
16
|
+
//# sourceMappingURL=private-keys.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"private-keys.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/private-keys.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEpD,eAAO,MAAM,oBAAoB,EAAE,aAAa,EA6D/C,CAAC"}
|
|
@@ -0,0 +1,79 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Private Keys Pattern Detection
|
|
4
|
+
*
|
|
5
|
+
* Detects hardcoded private keys:
|
|
6
|
+
* - RSA Private Keys
|
|
7
|
+
* - SSH Private Keys
|
|
8
|
+
* - PGP Private Keys
|
|
9
|
+
* - EC Private Keys
|
|
10
|
+
* - DSA Private Keys
|
|
11
|
+
*
|
|
12
|
+
* Created: Phase 1.5, Week 1
|
|
13
|
+
* Date: January 7, 2026
|
|
14
|
+
*/
|
|
15
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
16
|
+
exports.PRIVATE_KEY_PATTERNS = void 0;
|
|
17
|
+
exports.PRIVATE_KEY_PATTERNS = [
|
|
18
|
+
{
|
|
19
|
+
id: 'rsa-private-key',
|
|
20
|
+
name: 'RSA Private Key',
|
|
21
|
+
pattern: /-----BEGIN RSA PRIVATE KEY-----/,
|
|
22
|
+
minEntropy: 3.0, // Lower threshold - very specific marker
|
|
23
|
+
description: 'RSA private key detected in code',
|
|
24
|
+
severity: 'critical',
|
|
25
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
26
|
+
cwe: 'CWE-312',
|
|
27
|
+
},
|
|
28
|
+
{
|
|
29
|
+
id: 'ssh-private-key',
|
|
30
|
+
name: 'SSH Private Key',
|
|
31
|
+
pattern: /-----BEGIN OPENSSH PRIVATE KEY-----/,
|
|
32
|
+
minEntropy: 3.0, // Lower threshold - very specific marker
|
|
33
|
+
description: 'SSH private key detected in code',
|
|
34
|
+
severity: 'critical',
|
|
35
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
36
|
+
cwe: 'CWE-312',
|
|
37
|
+
},
|
|
38
|
+
{
|
|
39
|
+
id: 'pgp-private-key',
|
|
40
|
+
name: 'PGP Private Key',
|
|
41
|
+
pattern: /-----BEGIN PGP PRIVATE KEY BLOCK-----/,
|
|
42
|
+
minEntropy: 3.0, // Lower threshold - very specific marker
|
|
43
|
+
description: 'PGP private key detected in code',
|
|
44
|
+
severity: 'critical',
|
|
45
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
46
|
+
cwe: 'CWE-312',
|
|
47
|
+
},
|
|
48
|
+
{
|
|
49
|
+
id: 'ec-private-key',
|
|
50
|
+
name: 'EC Private Key',
|
|
51
|
+
pattern: /-----BEGIN EC PRIVATE KEY-----/,
|
|
52
|
+
minEntropy: 3.0, // Lower threshold - very specific marker
|
|
53
|
+
description: 'Elliptic Curve private key detected in code',
|
|
54
|
+
severity: 'critical',
|
|
55
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
56
|
+
cwe: 'CWE-312',
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
id: 'dsa-private-key',
|
|
60
|
+
name: 'DSA Private Key',
|
|
61
|
+
pattern: /-----BEGIN DSA PRIVATE KEY-----/,
|
|
62
|
+
minEntropy: 3.0, // Lower threshold - very specific marker
|
|
63
|
+
description: 'DSA private key detected in code',
|
|
64
|
+
severity: 'critical',
|
|
65
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
66
|
+
cwe: 'CWE-312',
|
|
67
|
+
},
|
|
68
|
+
{
|
|
69
|
+
id: 'generic-private-key',
|
|
70
|
+
name: 'Generic Private Key',
|
|
71
|
+
pattern: /-----BEGIN PRIVATE KEY-----/,
|
|
72
|
+
minEntropy: 3.0, // Lower threshold - very specific marker
|
|
73
|
+
description: 'Generic private key detected in code',
|
|
74
|
+
severity: 'critical',
|
|
75
|
+
owaspCategory: 'A02:2021 - Cryptographic Failures',
|
|
76
|
+
cwe: 'CWE-312',
|
|
77
|
+
},
|
|
78
|
+
];
|
|
79
|
+
//# sourceMappingURL=private-keys.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"private-keys.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/private-keys.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;GAYG;;;AAIU,QAAA,oBAAoB,GAAoB;IACnD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,iCAAiC;QAC1C,UAAU,EAAE,GAAG,EAAG,yCAAyC;QAC3D,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,qCAAqC;QAC9C,UAAU,EAAE,GAAG,EAAG,yCAAyC;QAC3D,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,uCAAuC;QAChD,UAAU,EAAE,GAAG,EAAG,yCAAyC;QAC3D,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,gCAAgC;QACzC,UAAU,EAAE,GAAG,EAAG,yCAAyC;QAC3D,WAAW,EAAE,6CAA6C;QAC1D,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,iCAAiC;QAC1C,UAAU,EAAE,GAAG,EAAG,yCAAyC;QAC3D,WAAW,EAAE,kCAAkC;QAC/C,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,OAAO,EAAE,6BAA6B;QACtC,UAAU,EAAE,GAAG,EAAG,yCAAyC;QAC3D,WAAW,EAAE,sCAAsC;QACnD,QAAQ,EAAE,UAAU;QACpB,aAAa,EAAE,mCAAmC;QAClD,GAAG,EAAE,SAAS;KACf;CACF,CAAC"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Token Pattern Detection
|
|
3
|
+
*
|
|
4
|
+
* Detects hardcoded tokens:
|
|
5
|
+
* - Bearer tokens
|
|
6
|
+
* - Session tokens
|
|
7
|
+
* - Auth tokens
|
|
8
|
+
* - Refresh tokens
|
|
9
|
+
*
|
|
10
|
+
* Created: Phase 1.5, Week 1
|
|
11
|
+
* Date: January 7, 2026
|
|
12
|
+
*/
|
|
13
|
+
import { SecretPattern } from '../secrets-analyzer';
|
|
14
|
+
export declare const TOKEN_PATTERNS: SecretPattern[];
|
|
15
|
+
//# sourceMappingURL=tokens.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tokens.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/tokens.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEpD,eAAO,MAAM,cAAc,EAAE,aAAa,EAyCzC,CAAC"}
|
|
@@ -0,0 +1,58 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Token Pattern Detection
|
|
4
|
+
*
|
|
5
|
+
* Detects hardcoded tokens:
|
|
6
|
+
* - Bearer tokens
|
|
7
|
+
* - Session tokens
|
|
8
|
+
* - Auth tokens
|
|
9
|
+
* - Refresh tokens
|
|
10
|
+
*
|
|
11
|
+
* Created: Phase 1.5, Week 1
|
|
12
|
+
* Date: January 7, 2026
|
|
13
|
+
*/
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.TOKEN_PATTERNS = void 0;
|
|
16
|
+
exports.TOKEN_PATTERNS = [
|
|
17
|
+
{
|
|
18
|
+
id: 'bearer-token',
|
|
19
|
+
name: 'Bearer Token',
|
|
20
|
+
pattern: /Bearer\s+[A-Za-z0-9\-._~+/]+=*/i,
|
|
21
|
+
minEntropy: 4.0,
|
|
22
|
+
description: 'Bearer authentication token hardcoded',
|
|
23
|
+
severity: 'high',
|
|
24
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
25
|
+
cwe: 'CWE-798',
|
|
26
|
+
},
|
|
27
|
+
{
|
|
28
|
+
id: 'session-token',
|
|
29
|
+
name: 'Session Token',
|
|
30
|
+
pattern: /(?:session[_-]?token|sessiontoken)\s*[:=]\s*['"]([A-Za-z0-9\-_]{32,})['"]/i,
|
|
31
|
+
minEntropy: 4.0,
|
|
32
|
+
description: 'Session token hardcoded in source code',
|
|
33
|
+
severity: 'high',
|
|
34
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
35
|
+
cwe: 'CWE-798',
|
|
36
|
+
},
|
|
37
|
+
{
|
|
38
|
+
id: 'auth-token',
|
|
39
|
+
name: 'Auth Token',
|
|
40
|
+
pattern: /(?:auth[_-]?token|authtoken)\s*[:=]\s*['"]([A-Za-z0-9\-_]{32,})['"]/i,
|
|
41
|
+
minEntropy: 4.0,
|
|
42
|
+
description: 'Authentication token hardcoded in source code',
|
|
43
|
+
severity: 'high',
|
|
44
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
45
|
+
cwe: 'CWE-798',
|
|
46
|
+
},
|
|
47
|
+
{
|
|
48
|
+
id: 'refresh-token',
|
|
49
|
+
name: 'Refresh Token',
|
|
50
|
+
pattern: /(?:refresh[_-]?token|refreshtoken)\s*[:=]\s*['"]([A-Za-z0-9\-_]{32,})['"]/i,
|
|
51
|
+
minEntropy: 4.0,
|
|
52
|
+
description: 'Refresh token hardcoded in source code',
|
|
53
|
+
severity: 'high',
|
|
54
|
+
owaspCategory: 'A07:2021 - Identification and Authentication Failures',
|
|
55
|
+
cwe: 'CWE-798',
|
|
56
|
+
},
|
|
57
|
+
];
|
|
58
|
+
//# sourceMappingURL=tokens.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tokens.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/patterns/tokens.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAIU,QAAA,cAAc,GAAoB;IAC7C;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,iCAAiC;QAC1C,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,4EAA4E;QACrF,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,YAAY;QAClB,OAAO,EAAE,sEAAsE;QAC/E,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,+CAA+C;QAC5D,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,OAAO,EAAE,4EAA4E;QACrF,UAAU,EAAE,GAAG;QACf,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,SAAS;KACf;CACF,CAAC"}
|
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Secrets Detection Analyzer
|
|
3
|
+
*
|
|
4
|
+
* Detects hardcoded secrets, API keys, passwords, tokens, and private keys in code.
|
|
5
|
+
*
|
|
6
|
+
* Features:
|
|
7
|
+
* - Pattern-based detection (20+ secret types)
|
|
8
|
+
* - Entropy analysis for high-randomness strings
|
|
9
|
+
* - Context checking to reduce false positives
|
|
10
|
+
* - Support for all 4 languages (JavaScript, Python, Java, TypeScript)
|
|
11
|
+
*
|
|
12
|
+
* Created: Phase 1.5, Week 1 (Feature #1)
|
|
13
|
+
* Date: January 7, 2026
|
|
14
|
+
*/
|
|
15
|
+
import { SecurityVulnerability } from '../types';
|
|
16
|
+
/**
|
|
17
|
+
* Secret pattern definition
|
|
18
|
+
*/
|
|
19
|
+
export interface SecretPattern {
|
|
20
|
+
/** Pattern identifier (e.g., 'aws-access-key', 'github-token') */
|
|
21
|
+
id: string;
|
|
22
|
+
/** Human-readable name */
|
|
23
|
+
name: string;
|
|
24
|
+
/** Regex pattern to match the secret */
|
|
25
|
+
pattern: RegExp;
|
|
26
|
+
/** Minimum entropy threshold (0-8, where 8 is maximum randomness) */
|
|
27
|
+
minEntropy?: number;
|
|
28
|
+
/** Description of the secret type */
|
|
29
|
+
description: string;
|
|
30
|
+
/** Severity: 'critical', 'high', 'medium' */
|
|
31
|
+
severity: 'critical' | 'high' | 'medium';
|
|
32
|
+
/** OWASP 2025 category */
|
|
33
|
+
owaspCategory: string;
|
|
34
|
+
/** CWE identifier */
|
|
35
|
+
cwe: string;
|
|
36
|
+
}
|
|
37
|
+
/**
|
|
38
|
+
* Secret detection result
|
|
39
|
+
*/
|
|
40
|
+
export interface SecretMatch {
|
|
41
|
+
pattern: SecretPattern;
|
|
42
|
+
value: string;
|
|
43
|
+
line: number;
|
|
44
|
+
column: number;
|
|
45
|
+
entropy: number;
|
|
46
|
+
context: string;
|
|
47
|
+
}
|
|
48
|
+
/**
|
|
49
|
+
* Main secrets analyzer class
|
|
50
|
+
*/
|
|
51
|
+
export declare class SecretsAnalyzer {
|
|
52
|
+
private patterns;
|
|
53
|
+
constructor();
|
|
54
|
+
/**
|
|
55
|
+
* Analyze code for hardcoded secrets
|
|
56
|
+
*
|
|
57
|
+
* @param code - Source code to analyze
|
|
58
|
+
* @param filePath - File path (for context)
|
|
59
|
+
* @param language - Programming language
|
|
60
|
+
* @returns Array of security vulnerabilities
|
|
61
|
+
*/
|
|
62
|
+
analyzeCode(code: string, filePath: string, language: 'javascript' | 'python' | 'java' | 'typescript'): SecurityVulnerability[];
|
|
63
|
+
/**
|
|
64
|
+
* Find pattern matches in a line of code
|
|
65
|
+
*/
|
|
66
|
+
private findMatches;
|
|
67
|
+
/**
|
|
68
|
+
* Create a security vulnerability from a secret match
|
|
69
|
+
*/
|
|
70
|
+
private createVulnerability;
|
|
71
|
+
/**
|
|
72
|
+
* Mask secret value for evidence (show only first/last few characters)
|
|
73
|
+
*/
|
|
74
|
+
private maskSecret;
|
|
75
|
+
/**
|
|
76
|
+
* Get fix recommendation based on secret type and language
|
|
77
|
+
*/
|
|
78
|
+
private getRecommendation;
|
|
79
|
+
/**
|
|
80
|
+
* Calculate confidence score (0-100) based on entropy and context
|
|
81
|
+
*/
|
|
82
|
+
private calculateConfidence;
|
|
83
|
+
}
|
|
84
|
+
/**
|
|
85
|
+
* Factory function for creating secrets analyzer
|
|
86
|
+
*/
|
|
87
|
+
export declare function createSecretsAnalyzer(): SecretsAnalyzer;
|
|
88
|
+
//# sourceMappingURL=secrets-analyzer.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets-analyzer.d.ts","sourceRoot":"","sources":["../../../../../../../src/lib/analyzers/secrets/secrets-analyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,UAAU,CAAC;AAQjD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,kEAAkE;IAClE,EAAE,EAAE,MAAM,CAAC;IACX,0BAA0B;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,wCAAwC;IACxC,OAAO,EAAE,MAAM,CAAC;IAChB,qEAAqE;IACrE,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,qCAAqC;IACrC,WAAW,EAAE,MAAM,CAAC;IACpB,6CAA6C;IAC7C,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,0BAA0B;IAC1B,aAAa,EAAE,MAAM,CAAC;IACtB,qBAAqB;IACrB,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,aAAa,CAAC;IACvB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,QAAQ,CAAkB;;IAYlC;;;;;;;OAOG;IACI,WAAW,CAChB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,YAAY,GAAG,QAAQ,GAAG,MAAM,GAAG,YAAY,GACxD,qBAAqB,EAAE;IAiC1B;;OAEG;IACH,OAAO,CAAC,WAAW;IA4BnB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAgB3B;;OAEG;IACH,OAAO,CAAC,UAAU;IASlB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAiBzB;;OAEG;IACH,OAAO,CAAC,mBAAmB;CAiB5B;AAED;;GAEG;AACH,wBAAgB,qBAAqB,IAAI,eAAe,CAEvD"}
|
|
@@ -0,0 +1,162 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Secrets Detection Analyzer
|
|
4
|
+
*
|
|
5
|
+
* Detects hardcoded secrets, API keys, passwords, tokens, and private keys in code.
|
|
6
|
+
*
|
|
7
|
+
* Features:
|
|
8
|
+
* - Pattern-based detection (20+ secret types)
|
|
9
|
+
* - Entropy analysis for high-randomness strings
|
|
10
|
+
* - Context checking to reduce false positives
|
|
11
|
+
* - Support for all 4 languages (JavaScript, Python, Java, TypeScript)
|
|
12
|
+
*
|
|
13
|
+
* Created: Phase 1.5, Week 1 (Feature #1)
|
|
14
|
+
* Date: January 7, 2026
|
|
15
|
+
*/
|
|
16
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
17
|
+
exports.SecretsAnalyzer = void 0;
|
|
18
|
+
exports.createSecretsAnalyzer = createSecretsAnalyzer;
|
|
19
|
+
const api_keys_1 = require("./patterns/api-keys");
|
|
20
|
+
const private_keys_1 = require("./patterns/private-keys");
|
|
21
|
+
const credentials_1 = require("./patterns/credentials");
|
|
22
|
+
const tokens_1 = require("./patterns/tokens");
|
|
23
|
+
const entropy_checker_1 = require("./validators/entropy-checker");
|
|
24
|
+
const context_checker_1 = require("./validators/context-checker");
|
|
25
|
+
/**
|
|
26
|
+
* Main secrets analyzer class
|
|
27
|
+
*/
|
|
28
|
+
class SecretsAnalyzer {
|
|
29
|
+
constructor() {
|
|
30
|
+
// Combine all patterns from different categories
|
|
31
|
+
this.patterns = [
|
|
32
|
+
...api_keys_1.API_KEY_PATTERNS,
|
|
33
|
+
...private_keys_1.PRIVATE_KEY_PATTERNS,
|
|
34
|
+
...credentials_1.CREDENTIAL_PATTERNS,
|
|
35
|
+
...tokens_1.TOKEN_PATTERNS,
|
|
36
|
+
];
|
|
37
|
+
}
|
|
38
|
+
/**
|
|
39
|
+
* Analyze code for hardcoded secrets
|
|
40
|
+
*
|
|
41
|
+
* @param code - Source code to analyze
|
|
42
|
+
* @param filePath - File path (for context)
|
|
43
|
+
* @param language - Programming language
|
|
44
|
+
* @returns Array of security vulnerabilities
|
|
45
|
+
*/
|
|
46
|
+
analyzeCode(code, filePath, language) {
|
|
47
|
+
const vulnerabilities = [];
|
|
48
|
+
const lines = code.split('\n');
|
|
49
|
+
// Scan each line for secrets
|
|
50
|
+
for (let lineIndex = 0; lineIndex < lines.length; lineIndex++) {
|
|
51
|
+
const line = lines[lineIndex];
|
|
52
|
+
const lineNumber = lineIndex + 1;
|
|
53
|
+
// Check against all patterns
|
|
54
|
+
for (const pattern of this.patterns) {
|
|
55
|
+
const matches = this.findMatches(line, pattern, lineNumber);
|
|
56
|
+
for (const match of matches) {
|
|
57
|
+
// Validate entropy if required
|
|
58
|
+
if (pattern.minEntropy && match.entropy < pattern.minEntropy) {
|
|
59
|
+
continue; // Skip low-entropy matches
|
|
60
|
+
}
|
|
61
|
+
// Check for false positives
|
|
62
|
+
if ((0, context_checker_1.isLikelyFalsePositive)(match.value, match.context, filePath)) {
|
|
63
|
+
continue; // Skip likely false positives
|
|
64
|
+
}
|
|
65
|
+
// Create vulnerability
|
|
66
|
+
vulnerabilities.push(this.createVulnerability(match, filePath, language));
|
|
67
|
+
}
|
|
68
|
+
}
|
|
69
|
+
}
|
|
70
|
+
return vulnerabilities;
|
|
71
|
+
}
|
|
72
|
+
/**
|
|
73
|
+
* Find pattern matches in a line of code
|
|
74
|
+
*/
|
|
75
|
+
findMatches(line, pattern, lineNumber) {
|
|
76
|
+
const matches = [];
|
|
77
|
+
let match;
|
|
78
|
+
// Use global flag to find all matches
|
|
79
|
+
const regex = new RegExp(pattern.pattern.source, 'g');
|
|
80
|
+
while ((match = regex.exec(line)) !== null) {
|
|
81
|
+
const value = match[0];
|
|
82
|
+
const entropy = (0, entropy_checker_1.calculateEntropy)(value);
|
|
83
|
+
matches.push({
|
|
84
|
+
pattern,
|
|
85
|
+
value,
|
|
86
|
+
line: lineNumber,
|
|
87
|
+
column: match.index,
|
|
88
|
+
entropy,
|
|
89
|
+
context: line.trim(),
|
|
90
|
+
});
|
|
91
|
+
}
|
|
92
|
+
return matches;
|
|
93
|
+
}
|
|
94
|
+
/**
|
|
95
|
+
* Create a security vulnerability from a secret match
|
|
96
|
+
*/
|
|
97
|
+
createVulnerability(match, filePath, language) {
|
|
98
|
+
return {
|
|
99
|
+
severity: match.pattern.severity,
|
|
100
|
+
message: `Hardcoded secret detected: ${match.pattern.name} - ${this.maskSecret(match.value)}`,
|
|
101
|
+
line: match.line,
|
|
102
|
+
suggestion: this.getRecommendation(match.pattern, language),
|
|
103
|
+
category: `hardcoded-secret-${match.pattern.id}`,
|
|
104
|
+
owasp: match.pattern.owaspCategory,
|
|
105
|
+
cwe: match.pattern.cwe,
|
|
106
|
+
};
|
|
107
|
+
}
|
|
108
|
+
/**
|
|
109
|
+
* Mask secret value for evidence (show only first/last few characters)
|
|
110
|
+
*/
|
|
111
|
+
maskSecret(value) {
|
|
112
|
+
if (value.length <= 8) {
|
|
113
|
+
return '***';
|
|
114
|
+
}
|
|
115
|
+
const first = value.substring(0, 4);
|
|
116
|
+
const last = value.substring(value.length - 4);
|
|
117
|
+
return `${first}...${last}`;
|
|
118
|
+
}
|
|
119
|
+
/**
|
|
120
|
+
* Get fix recommendation based on secret type and language
|
|
121
|
+
*/
|
|
122
|
+
getRecommendation(pattern, language) {
|
|
123
|
+
const baseRecommendation = pattern.description;
|
|
124
|
+
const envVarExample = language === 'python'
|
|
125
|
+
? 'os.environ.get("API_KEY")'
|
|
126
|
+
: language === 'java'
|
|
127
|
+
? 'System.getenv("API_KEY")'
|
|
128
|
+
: 'process.env.API_KEY';
|
|
129
|
+
return `${baseRecommendation}\n\nRecommended fix:\n` +
|
|
130
|
+
`1. Move secret to environment variable\n` +
|
|
131
|
+
`2. Load from secure vault (AWS Secrets Manager, HashiCorp Vault)\n` +
|
|
132
|
+
`3. Use: ${envVarExample}\n` +
|
|
133
|
+
`4. Add to .gitignore if stored in config file\n` +
|
|
134
|
+
`5. Rotate the exposed secret immediately`;
|
|
135
|
+
}
|
|
136
|
+
/**
|
|
137
|
+
* Calculate confidence score (0-100) based on entropy and context
|
|
138
|
+
*/
|
|
139
|
+
calculateConfidence(match) {
|
|
140
|
+
let confidence = 70; // Base confidence
|
|
141
|
+
// Higher entropy = higher confidence
|
|
142
|
+
if (match.entropy > 4.5) {
|
|
143
|
+
confidence += 20;
|
|
144
|
+
}
|
|
145
|
+
else if (match.entropy > 3.5) {
|
|
146
|
+
confidence += 10;
|
|
147
|
+
}
|
|
148
|
+
// Known pattern structure = higher confidence
|
|
149
|
+
if (match.pattern.id.includes('aws') || match.pattern.id.includes('github')) {
|
|
150
|
+
confidence += 10;
|
|
151
|
+
}
|
|
152
|
+
return Math.min(confidence, 100);
|
|
153
|
+
}
|
|
154
|
+
}
|
|
155
|
+
exports.SecretsAnalyzer = SecretsAnalyzer;
|
|
156
|
+
/**
|
|
157
|
+
* Factory function for creating secrets analyzer
|
|
158
|
+
*/
|
|
159
|
+
function createSecretsAnalyzer() {
|
|
160
|
+
return new SecretsAnalyzer();
|
|
161
|
+
}
|
|
162
|
+
//# sourceMappingURL=secrets-analyzer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"secrets-analyzer.js","sourceRoot":"","sources":["../../../../../../../src/lib/analyzers/secrets/secrets-analyzer.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;GAaG;;;AAoNH,sDAEC;AAnND,kDAAuD;AACvD,0DAA+D;AAC/D,wDAA6D;AAC7D,8CAAmD;AACnD,kEAAgE;AAChE,kEAAqE;AAoCrE;;GAEG;AACH,MAAa,eAAe;IAG1B;QACE,iDAAiD;QACjD,IAAI,CAAC,QAAQ,GAAG;YACd,GAAG,2BAAgB;YACnB,GAAG,mCAAoB;YACvB,GAAG,iCAAmB;YACtB,GAAG,uBAAc;SAClB,CAAC;IACJ,CAAC;IAED;;;;;;;OAOG;IACI,WAAW,CAChB,IAAY,EACZ,QAAgB,EAChB,QAAyD;QAEzD,MAAM,eAAe,GAA4B,EAAE,CAAC;QACpD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE/B,6BAA6B;QAC7B,KAAK,IAAI,SAAS,GAAG,CAAC,EAAE,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,SAAS,EAAE,EAAE,CAAC;YAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;YAC9B,MAAM,UAAU,GAAG,SAAS,GAAG,CAAC,CAAC;YAEjC,6BAA6B;YAC7B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACpC,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;gBAE5D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;oBAC5B,+BAA+B;oBAC/B,IAAI,OAAO,CAAC,UAAU,IAAI,KAAK,CAAC,OAAO,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;wBAC7D,SAAS,CAAC,2BAA2B;oBACvC,CAAC;oBAED,4BAA4B;oBAC5B,IAAI,IAAA,uCAAqB,EAAC,KAAK,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,EAAE,CAAC;wBAChE,SAAS,CAAC,8BAA8B;oBAC1C,CAAC;oBAED,uBAAuB;oBACvB,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,mBAAmB,CAAC,KAAK,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC;gBAC5E,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,eAAe,CAAC;IACzB,CAAC;IAED;;OAEG;IACK,WAAW,CACjB,IAAY,EACZ,OAAsB,EACtB,UAAkB;QAElB,MAAM,OAAO,GAAkB,EAAE,CAAC;QAClC,IAAI,KAA6B,CAAC;QAElC,sCAAsC;QACtC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAEtD,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC3C,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,OAAO,GAAG,IAAA,kCAAgB,EAAC,KAAK,CAAC,CAAC;YAExC,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO;gBACP,KAAK;gBACL,IAAI,EAAE,UAAU;gBAChB,MAAM,EAAE,KAAK,CAAC,KAAK;gBACnB,OAAO;gBACP,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;aACrB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,mBAAmB,CACzB,KAAkB,EAClB,QAAgB,EAChB,QAAgB;QAEhB,OAAO;YACL,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAChC,OAAO,EAAE,8BAA8B,KAAK,CAAC,OAAO,CAAC,IAAI,MAAM,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE;YAC7F,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,UAAU,EAAE,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC;YAC3D,QAAQ,EAAE,oBAAoB,KAAK,CAAC,OAAO,CAAC,EAAE,EAAE;YAChD,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,aAAa;YAClC,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG;SACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,UAAU,CAAC,KAAa;QAC9B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACtB,OAAO,KAAK,CAAC;QACf,CAAC;QACD,MAAM,KAAK,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACpC,MAAM,IAAI,GAAG,KAAK,CAAC,SAAS,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/C,OAAO,GAAG,KAAK,MAAM,IAAI,EAAE,CAAC;IAC9B,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,OAAsB,EAAE,QAAgB;QAChE,MAAM,kBAAkB,GAAG,OAAO,CAAC,WAAW,CAAC;QAE/C,MAAM,aAAa,GAAG,QAAQ,KAAK,QAAQ;YACzC,CAAC,CAAC,2BAA2B;YAC7B,CAAC,CAAC,QAAQ,KAAK,MAAM;gBACrB,CAAC,CAAC,0BAA0B;gBAC5B,CAAC,CAAC,qBAAqB,CAAC;QAE1B,OAAO,GAAG,kBAAkB,wBAAwB;YAClD,0CAA0C;YAC1C,oEAAoE;YACpE,WAAW,aAAa,IAAI;YAC5B,iDAAiD;YACjD,0CAA0C,CAAC;IAC/C,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,KAAkB;QAC5C,IAAI,UAAU,GAAG,EAAE,CAAC,CAAC,kBAAkB;QAEvC,qCAAqC;QACrC,IAAI,KAAK,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;YACxB,UAAU,IAAI,EAAE,CAAC;QACnB,CAAC;aAAM,IAAI,KAAK,CAAC,OAAO,GAAG,GAAG,EAAE,CAAC;YAC/B,UAAU,IAAI,EAAE,CAAC;QACnB,CAAC;QAED,8CAA8C;QAC9C,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC5E,UAAU,IAAI,EAAE,CAAC;QACnB,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;IACnC,CAAC;CACF;AAhKD,0CAgKC;AAED;;GAEG;AACH,SAAgB,qBAAqB;IACnC,OAAO,IAAI,eAAe,EAAE,CAAC;AAC/B,CAAC"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Context Checker
|
|
3
|
+
*
|
|
4
|
+
* Reduces false positives by analyzing code context.
|
|
5
|
+
* Identifies safe patterns like:
|
|
6
|
+
* - Test files
|
|
7
|
+
* - Example code
|
|
8
|
+
* - Documentation
|
|
9
|
+
* - Placeholder values
|
|
10
|
+
* - Environment variable references
|
|
11
|
+
*
|
|
12
|
+
* Created: Phase 1.5, Week 1
|
|
13
|
+
* Date: January 7, 2026
|
|
14
|
+
*/
|
|
15
|
+
/**
|
|
16
|
+
* Check if value is a placeholder (not a real secret)
|
|
17
|
+
*
|
|
18
|
+
* @param value - Secret value to check
|
|
19
|
+
* @returns True if value is a placeholder
|
|
20
|
+
*/
|
|
21
|
+
export declare function isPlaceholder(value: string): boolean;
|
|
22
|
+
/**
|
|
23
|
+
* Check if context indicates safe usage (not a real secret)
|
|
24
|
+
*
|
|
25
|
+
* @param context - Line of code containing the secret
|
|
26
|
+
* @returns True if context is safe
|
|
27
|
+
*/
|
|
28
|
+
export declare function isSafeContext(context: string): boolean;
|
|
29
|
+
/**
|
|
30
|
+
* Check if file is test/example/documentation
|
|
31
|
+
*
|
|
32
|
+
* @param filePath - File path to check
|
|
33
|
+
* @returns True if file is test/example/docs
|
|
34
|
+
*/
|
|
35
|
+
export declare function isSafeFile(filePath: string): boolean;
|
|
36
|
+
/**
|
|
37
|
+
* Check if value is likely a false positive
|
|
38
|
+
* Combines all heuristics to determine if secret detection should be skipped
|
|
39
|
+
*
|
|
40
|
+
* @param value - Secret value detected
|
|
41
|
+
* @param context - Line of code containing the secret
|
|
42
|
+
* @param filePath - File path
|
|
43
|
+
* @returns True if likely false positive
|
|
44
|
+
*/
|
|
45
|
+
export declare function isLikelyFalsePositive(value: string, context: string, filePath: string): boolean;
|
|
46
|
+
/**
|
|
47
|
+
* Calculate confidence score (0-100) based on context
|
|
48
|
+
* Lower score = more likely false positive
|
|
49
|
+
*
|
|
50
|
+
* @param value - Secret value detected
|
|
51
|
+
* @param context - Line of code
|
|
52
|
+
* @param filePath - File path
|
|
53
|
+
* @returns Confidence score (0-100)
|
|
54
|
+
*/
|
|
55
|
+
export declare function calculateContextConfidence(value: string, context: string, filePath: string): number;
|
|
56
|
+
//# sourceMappingURL=context-checker.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"context-checker.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/secrets/validators/context-checker.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAwEH;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,OAAO,CAqBpD;AAED;;;;;GAKG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAQtD;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAQpD;AAED;;;;;;;;GAQG;AACH,wBAAgB,qBAAqB,CACnC,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,OAAO,CAuBT;AAED;;;;;;;;GAQG;AACH,wBAAgB,0BAA0B,CACxC,KAAK,EAAE,MAAM,EACb,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,MAAM,CAwBR"}
|