codeslick-cli 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +458 -0
- package/__tests__/cli-reporter.test.ts +86 -0
- package/__tests__/config-loader.test.ts +247 -0
- package/__tests__/local-scanner.test.ts +245 -0
- package/bin/codeslick.cjs +153 -0
- package/dist/packages/cli/src/commands/auth.d.ts +36 -0
- package/dist/packages/cli/src/commands/auth.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/auth.js +226 -0
- package/dist/packages/cli/src/commands/auth.js.map +1 -0
- package/dist/packages/cli/src/commands/config.d.ts +37 -0
- package/dist/packages/cli/src/commands/config.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/config.js +196 -0
- package/dist/packages/cli/src/commands/config.js.map +1 -0
- package/dist/packages/cli/src/commands/init.d.ts +32 -0
- package/dist/packages/cli/src/commands/init.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/init.js +171 -0
- package/dist/packages/cli/src/commands/init.js.map +1 -0
- package/dist/packages/cli/src/commands/scan.d.ts +40 -0
- package/dist/packages/cli/src/commands/scan.d.ts.map +1 -0
- package/dist/packages/cli/src/commands/scan.js +204 -0
- package/dist/packages/cli/src/commands/scan.js.map +1 -0
- package/dist/packages/cli/src/config/config-loader.d.ts +67 -0
- package/dist/packages/cli/src/config/config-loader.d.ts.map +1 -0
- package/dist/packages/cli/src/config/config-loader.js +146 -0
- package/dist/packages/cli/src/config/config-loader.js.map +1 -0
- package/dist/packages/cli/src/reporters/cli-reporter.d.ts +69 -0
- package/dist/packages/cli/src/reporters/cli-reporter.d.ts.map +1 -0
- package/dist/packages/cli/src/reporters/cli-reporter.js +244 -0
- package/dist/packages/cli/src/reporters/cli-reporter.js.map +1 -0
- package/dist/packages/cli/src/scanner/local-scanner.d.ts +92 -0
- package/dist/packages/cli/src/scanner/local-scanner.d.ts.map +1 -0
- package/dist/packages/cli/src/scanner/local-scanner.js +221 -0
- package/dist/packages/cli/src/scanner/local-scanner.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts +88 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js +371 -0
- package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts +63 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.js +95 -0
- package/dist/src/lib/analyzers/helpers/jsx-helpers.js.map +1 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts +59 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.js +231 -0
- package/dist/src/lib/analyzers/helpers/variable-tracker.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.js +129 -0
- package/dist/src/lib/analyzers/java/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js +221 -0
- package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.js +84 -0
- package/dist/src/lib/analyzers/java/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js +161 -0
- package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js +163 -0
- package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts +24 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js +178 -0
- package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.js +179 -0
- package/dist/src/lib/analyzers/java/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts +17 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.js +67 -0
- package/dist/src/lib/analyzers/java/security-checks/file-operations.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts +25 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.js +396 -0
- package/dist/src/lib/analyzers/java/security-checks/framework-security.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js +123 -0
- package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts +23 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js +201 -0
- package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.js +121 -0
- package/dist/src/lib/analyzers/java/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.js +89 -0
- package/dist/src/lib/analyzers/java/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js +309 -0
- package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts +18 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js +114 -0
- package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/java/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/java-analyzer.d.ts +209 -0
- package/dist/src/lib/analyzers/java-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/java-analyzer.js +1720 -0
- package/dist/src/lib/analyzers/java-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js +123 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts +44 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js +224 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts +50 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js +284 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js +86 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts +32 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js +44 -0
- package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts +22 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.js +168 -0
- package/dist/src/lib/analyzers/javascript/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js +232 -0
- package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js +222 -0
- package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js +176 -0
- package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js +113 -0
- package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js +227 -0
- package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts +32 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js +260 -0
- package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts +26 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js +164 -0
- package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js +775 -0
- package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts +25 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js +168 -0
- package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts +27 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js +108 -0
- package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts +28 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js +143 -0
- package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts +53 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js +144 -0
- package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts +72 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js +314 -0
- package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts +36 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js +70 -0
- package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts +29 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js +55 -0
- package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/javascript-analyzer.d.ts +95 -0
- package/dist/src/lib/analyzers/javascript-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/javascript-analyzer.js +2141 -0
- package/dist/src/lib/analyzers/javascript-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts +21 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.js +305 -0
- package/dist/src/lib/analyzers/python/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js +242 -0
- package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js +207 -0
- package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts +27 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.js +206 -0
- package/dist/src/lib/analyzers/python/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js +113 -0
- package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js +129 -0
- package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts +19 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.js +90 -0
- package/dist/src/lib/analyzers/python/security-checks/data-integrity.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.js +68 -0
- package/dist/src/lib/analyzers/python/security-checks/deserialization.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts +25 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.js +180 -0
- package/dist/src/lib/analyzers/python/security-checks/django-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js +127 -0
- package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.js +120 -0
- package/dist/src/lib/analyzers/python/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts +24 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.js +143 -0
- package/dist/src/lib/analyzers/python/security-checks/flask-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts +28 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js +174 -0
- package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.js +160 -0
- package/dist/src/lib/analyzers/python/security-checks/insecure-design.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts +20 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.js +121 -0
- package/dist/src/lib/analyzers/python/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js +248 -0
- package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js +375 -0
- package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts +26 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js +160 -0
- package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts +23 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.js +117 -0
- package/dist/src/lib/analyzers/python/security-checks/web-security.js.map +1 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/python/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/python-analyzer.d.ts +111 -0
- package/dist/src/lib/analyzers/python-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/python-analyzer.js +1600 -0
- package/dist/src/lib/analyzers/python-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts +14 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js +47 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts +13 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js +36 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts +12 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js +45 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts +14 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js +47 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts +13 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js +36 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.js +32 -0
- package/dist/src/lib/analyzers/secrets/patterns/api-keys.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.js +68 -0
- package/dist/src/lib/analyzers/secrets/patterns/credentials.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts +16 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.js +79 -0
- package/dist/src/lib/analyzers/secrets/patterns/private-keys.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts +15 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.js +58 -0
- package/dist/src/lib/analyzers/secrets/patterns/tokens.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts +88 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.js +162 -0
- package/dist/src/lib/analyzers/secrets/secrets-analyzer.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts +56 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.js +199 -0
- package/dist/src/lib/analyzers/secrets/validators/context-checker.js.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts +56 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js +102 -0
- package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.d.ts +38 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.js +125 -0
- package/dist/src/lib/analyzers/security-checks/es6-security.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts +46 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.js +92 -0
- package/dist/src/lib/analyzers/security-checks/python-async-security.js.map +1 -0
- package/dist/src/lib/analyzers/security-checks/react-security.d.ts +49 -0
- package/dist/src/lib/analyzers/security-checks/react-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/security-checks/react-security.js +125 -0
- package/dist/src/lib/analyzers/security-checks/react-security.js.map +1 -0
- package/dist/src/lib/analyzers/types.d.ts +92 -0
- package/dist/src/lib/analyzers/types.d.ts.map +1 -0
- package/dist/src/lib/analyzers/types.js +3 -0
- package/dist/src/lib/analyzers/types.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.js +210 -0
- package/dist/src/lib/analyzers/typescript/security-checks/access-control.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts +25 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js +242 -0
- package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts +28 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.js +357 -0
- package/dist/src/lib/analyzers/typescript/security-checks/authentication.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts +26 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js +380 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js +109 -0
- package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts +21 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js +153 -0
- package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js +146 -0
- package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts +23 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js +187 -0
- package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js +97 -0
- package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts +29 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js +319 -0
- package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts +21 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js +121 -0
- package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts +27 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js +213 -0
- package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts +19 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.js +59 -0
- package/dist/src/lib/analyzers/typescript/security-checks/type-security.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/type-checker.d.ts +17 -0
- package/dist/src/lib/analyzers/typescript/type-checker.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/type-checker.js +515 -0
- package/dist/src/lib/analyzers/typescript/type-checker.js.map +1 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts +58 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js +71 -0
- package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js.map +1 -0
- package/dist/src/lib/analyzers/typescript-analyzer.d.ts +116 -0
- package/dist/src/lib/analyzers/typescript-analyzer.d.ts.map +1 -0
- package/dist/src/lib/analyzers/typescript-analyzer.js +1660 -0
- package/dist/src/lib/analyzers/typescript-analyzer.js.map +1 -0
- package/dist/src/lib/security/compliance-mapping.d.ts +29 -0
- package/dist/src/lib/security/compliance-mapping.d.ts.map +1 -0
- package/dist/src/lib/security/compliance-mapping.js +1342 -0
- package/dist/src/lib/security/compliance-mapping.js.map +1 -0
- package/dist/src/lib/security/severity-scoring.d.ts +47 -0
- package/dist/src/lib/security/severity-scoring.d.ts.map +1 -0
- package/dist/src/lib/security/severity-scoring.js +965 -0
- package/dist/src/lib/security/severity-scoring.js.map +1 -0
- package/dist/src/lib/standards/references.d.ts +16 -0
- package/dist/src/lib/standards/references.d.ts.map +1 -0
- package/dist/src/lib/standards/references.js +1161 -0
- package/dist/src/lib/standards/references.js.map +1 -0
- package/dist/src/lib/types/index.d.ts +167 -0
- package/dist/src/lib/types/index.d.ts.map +1 -0
- package/dist/src/lib/types/index.js +3 -0
- package/dist/src/lib/types/index.js.map +1 -0
- package/dist/src/lib/utils/code-cleaner.d.ts +59 -0
- package/dist/src/lib/utils/code-cleaner.d.ts.map +1 -0
- package/dist/src/lib/utils/code-cleaner.js +283 -0
- package/dist/src/lib/utils/code-cleaner.js.map +1 -0
- package/package.json +51 -0
- package/src/commands/auth.ts +308 -0
- package/src/commands/config.ts +226 -0
- package/src/commands/init.ts +202 -0
- package/src/commands/scan.ts +238 -0
- package/src/config/config-loader.ts +175 -0
- package/src/reporters/cli-reporter.ts +282 -0
- package/src/scanner/local-scanner.ts +250 -0
- package/tsconfig.json +24 -0
- package/tsconfig.tsbuildinfo +1 -0
|
@@ -0,0 +1,357 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* TypeScript Authentication Security Checks
|
|
4
|
+
* OWASP A07:2021 - Identification and Authentication Failures
|
|
5
|
+
* OWASP A02:2021 - Cryptographic Failures
|
|
6
|
+
*
|
|
7
|
+
* Detects critical authentication vulnerabilities:
|
|
8
|
+
* - Check #3: JWT None Algorithm bypass
|
|
9
|
+
* - Check #4: JWT Weak Secret
|
|
10
|
+
* - Check #88: Plaintext password comparison
|
|
11
|
+
* - Check #89: Weak/predictable token generation
|
|
12
|
+
* - Check #90: Master password backdoors
|
|
13
|
+
*/
|
|
14
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
15
|
+
exports.checkAuthentication = checkAuthentication;
|
|
16
|
+
const createVulnerability_1 = require("../utils/createVulnerability");
|
|
17
|
+
// Weak JWT Secret Blacklist (Dec 20, 2025 - Phase A P0)
|
|
18
|
+
const WEAK_JWT_SECRETS = [
|
|
19
|
+
'secret', 'jwt-secret', 'jwtsecret', 'your-secret-key',
|
|
20
|
+
'your-256-bit-secret', 'mysecret', 'password', '12345',
|
|
21
|
+
'test', 'dev', 'development', 'localhost', 'example',
|
|
22
|
+
'supersecret', 'secretkey', 'key', 'token', 'jwt',
|
|
23
|
+
'auth', 'authentication', 'changeme', 'admin', 'root'
|
|
24
|
+
];
|
|
25
|
+
/**
|
|
26
|
+
* Checks for authentication vulnerabilities in TypeScript code
|
|
27
|
+
*
|
|
28
|
+
* Covers:
|
|
29
|
+
* - Check #3: JWT None Algorithm bypass (CRITICAL) - Phase A P0
|
|
30
|
+
* - Check #4: JWT Weak Secret (CRITICAL) - Phase A P0
|
|
31
|
+
* - Check #88: Plaintext password comparison (CRITICAL)
|
|
32
|
+
* - Check #89: Weak token generation (HIGH)
|
|
33
|
+
* - Check #90: Master password backdoor (HIGH)
|
|
34
|
+
*
|
|
35
|
+
* @param lines - Array of code lines
|
|
36
|
+
* @returns Array of security vulnerabilities found
|
|
37
|
+
*/
|
|
38
|
+
function checkAuthentication(lines) {
|
|
39
|
+
const vulnerabilities = [];
|
|
40
|
+
let inMultiLineComment = false;
|
|
41
|
+
lines.forEach((line, index) => {
|
|
42
|
+
const lineNumber = index + 1;
|
|
43
|
+
const trimmed = line.trim();
|
|
44
|
+
// Track multi-line comment blocks (/* ... */)
|
|
45
|
+
if (trimmed.includes('/*')) {
|
|
46
|
+
inMultiLineComment = true;
|
|
47
|
+
}
|
|
48
|
+
if (trimmed.includes('*/')) {
|
|
49
|
+
inMultiLineComment = false;
|
|
50
|
+
return;
|
|
51
|
+
}
|
|
52
|
+
// Skip comments and empty lines
|
|
53
|
+
if (!trimmed || inMultiLineComment || trimmed.startsWith('//') || trimmed.startsWith('*'))
|
|
54
|
+
return;
|
|
55
|
+
// OWASP A07:2021 - Identification and Authentication Failures
|
|
56
|
+
// Check #88: Plaintext Password Comparison - CRITICAL
|
|
57
|
+
// Pattern: rows[0].password === req.body.password
|
|
58
|
+
// Pattern: user.password === password
|
|
59
|
+
// Pattern: storedPassword === inputPassword
|
|
60
|
+
// Detects direct string comparison of passwords without hashing
|
|
61
|
+
// Look for password comparison patterns
|
|
62
|
+
const plaintextPasswordPattern = /(rows\[0\]\??\.(password|hash|password_hash)|user\??\.(password|hash|password_hash)|admin\??\.(password|hash|password_hash)|stored(Password|Hash))\s*===\s*(req\.body\.(password|pwd)|password|pwd|inputPassword)/i;
|
|
63
|
+
const passwordComparisonPattern = /(password|hash|password_hash)\s*===\s*(req\.body\.|password|pwd)/i;
|
|
64
|
+
if (trimmed.match(plaintextPasswordPattern) || trimmed.match(passwordComparisonPattern)) {
|
|
65
|
+
// Check context: was data fetched from database?
|
|
66
|
+
const previousLines = lines.slice(Math.max(0, index - 15), index);
|
|
67
|
+
const hasPasswordQuery = previousLines.some(l => {
|
|
68
|
+
const lowerLine = l.toLowerCase();
|
|
69
|
+
return ((lowerLine.includes('select') || lowerLine.includes('query') || lowerLine.includes('find')) &&
|
|
70
|
+
(lowerLine.includes('password') || lowerLine.includes('hash')));
|
|
71
|
+
});
|
|
72
|
+
// Also check for any database operation (even if not mentioning password)
|
|
73
|
+
const hasAnyDbQuery = previousLines.some(l => {
|
|
74
|
+
const lowerLine = l.toLowerCase();
|
|
75
|
+
return (lowerLine.includes('db.query') ||
|
|
76
|
+
lowerLine.includes('db.execute') ||
|
|
77
|
+
lowerLine.includes('await') && (lowerLine.includes('query') || lowerLine.includes('find')));
|
|
78
|
+
});
|
|
79
|
+
// Check if bcrypt/argon2/crypto.compare is used
|
|
80
|
+
const surroundingLines = lines.slice(Math.max(0, index - 5), Math.min(index + 5, lines.length));
|
|
81
|
+
const hasHashingCheck = surroundingLines.some(l => {
|
|
82
|
+
const lowerLine = l.toLowerCase();
|
|
83
|
+
return (lowerLine.includes('bcrypt.compare') ||
|
|
84
|
+
lowerLine.includes('argon2.verify') ||
|
|
85
|
+
lowerLine.includes('crypto.compare') ||
|
|
86
|
+
lowerLine.includes('password.startswith') || // Bcrypt hash format check
|
|
87
|
+
lowerLine.includes('pbkdf2') ||
|
|
88
|
+
lowerLine.includes('scrypt'));
|
|
89
|
+
});
|
|
90
|
+
// Report vulnerability if either: explicit password query found, OR any DB query with password property comparison
|
|
91
|
+
if ((hasPasswordQuery || hasAnyDbQuery) && !hasHashingCheck) {
|
|
92
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('plaintext-password-comparison', 'Plaintext password comparison - passwords appear to be stored and compared without hashing', 'Use bcrypt or Argon2 for password hashing: await bcrypt.compare(inputPassword, storedHash)', lineNumber, 'Direct string comparison of passwords indicates plaintext storage or comparison. If database breach occurs, all user passwords are exposed. This violates OWASP A07 and PCI-DSS requirements for cryptographic password storage.', 'Database query: SELECT password FROM users → if (password === req.body.password) → Attacker gains database access → all passwords exposed in plaintext', [
|
|
93
|
+
'Complete authentication system compromise',
|
|
94
|
+
'Database breach exposes all user passwords in plaintext',
|
|
95
|
+
'Account takeover for all users',
|
|
96
|
+
'Regulatory violations (GDPR Article 32, PCI-DSS 8.2.1)',
|
|
97
|
+
'Credential stuffing attacks across multiple platforms',
|
|
98
|
+
'Inability to detect compromised passwords',
|
|
99
|
+
'No protection against rainbow table attacks'
|
|
100
|
+
], 'const [rows] = await db.query("SELECT password FROM users WHERE email = ?", [email]);\nif (rows[0].password === req.body.password) {\n res.send({ token: generateToken() });\n}', 'const [rows] = await db.query("SELECT password_hash FROM users WHERE email = ?", [email]);\nconst isValid = await bcrypt.compare(req.body.password, rows[0].password_hash);\nif (isValid) {\n res.send({ token: generateToken() });\n}', 'Store passwords using bcrypt (cost factor 12+) or Argon2id. Never store plaintext passwords. Use bcrypt.compare() for verification, never string comparison.'));
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
// OWASP A07:2021 - Identification and Authentication Failures
|
|
104
|
+
// Check #89: Weak Token Generation - HIGH
|
|
105
|
+
// Pattern: Buffer.from(email).toString('base64')
|
|
106
|
+
// Pattern: Math.random().toString(36)
|
|
107
|
+
// Pattern: token = userId
|
|
108
|
+
// Detects predictable or weak token generation
|
|
109
|
+
// Look for token/session/apiKey variable assignments
|
|
110
|
+
const tokenAssignmentPattern = /(token|sessionId|apiKey|authToken|accessToken)\s*[=:]\s*/i;
|
|
111
|
+
if (trimmed.match(tokenAssignmentPattern)) {
|
|
112
|
+
// Check if uses weak/predictable generation methods
|
|
113
|
+
const weakTokenPatterns = [
|
|
114
|
+
// Base64/hex encoding of predictable values
|
|
115
|
+
/Buffer\.from\([^)]*\)\.toString\(['"](?:base64|hex)['"]\)/,
|
|
116
|
+
// Math.random (not cryptographically secure)
|
|
117
|
+
/Math\.random\(\)/,
|
|
118
|
+
// Date.now() or timestamp
|
|
119
|
+
/Date\.now\(\)/,
|
|
120
|
+
// Direct assignment of user data
|
|
121
|
+
/(email|userId|user\.id|req\.body\.)/i,
|
|
122
|
+
// String concatenation with predictable values
|
|
123
|
+
/\+\s*(email|userId|Date\.now)/i,
|
|
124
|
+
];
|
|
125
|
+
const isWeakToken = weakTokenPatterns.some(pattern => trimmed.match(pattern));
|
|
126
|
+
// Exclude secure methods
|
|
127
|
+
const secureTokenPatterns = [
|
|
128
|
+
/crypto\.randomBytes/,
|
|
129
|
+
/crypto\.randomUUID/,
|
|
130
|
+
/uuid\.v4/,
|
|
131
|
+
/crypto\.randomInt/,
|
|
132
|
+
/jwt\.sign/,
|
|
133
|
+
/nanoid/,
|
|
134
|
+
/crypto\.sign/,
|
|
135
|
+
];
|
|
136
|
+
const isSecureToken = secureTokenPatterns.some(pattern => trimmed.match(pattern));
|
|
137
|
+
if (isWeakToken && !isSecureToken) {
|
|
138
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('weak-token-generation', 'Weak or predictable token generation using non-cryptographic methods', 'Use cryptographically secure random: crypto.randomBytes(32).toString(\'hex\') or crypto.randomUUID()', lineNumber, 'Token generation uses predictable or weak methods (Base64 encoding, Math.random, timestamps, user data). Attackers can predict or forge tokens, leading to authentication bypass and account takeover.', 'token = Buffer.from(email).toString("base64") → Attacker decodes "YWRtaW5AY29tcGFueS5jb20=" → gains admin access by forging token', [
|
|
139
|
+
'Complete authentication bypass',
|
|
140
|
+
'Account takeover for any user',
|
|
141
|
+
'Session hijacking',
|
|
142
|
+
'Privilege escalation (forge admin tokens)',
|
|
143
|
+
'Replay attacks',
|
|
144
|
+
'Token prediction attacks',
|
|
145
|
+
'Brute force attacks on weak entropy'
|
|
146
|
+
], 'const token = Buffer.from(req.body.email).toString("base64");\nres.send({ token });', 'const token = crypto.randomBytes(32).toString("hex");\n// Store token-to-user mapping in database/cache\nres.send({ token });', 'Use crypto.randomBytes() for tokens. Tokens must have sufficient entropy (256+ bits), be unpredictable, and cryptographically random. Never use Base64-encoded user data as tokens.'));
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
// OWASP A07:2021 - Identification and Authentication Failures
|
|
150
|
+
// Check #90: Master Password Backdoor - HIGH
|
|
151
|
+
// Pattern: || password === process.env.MASTER_PASS
|
|
152
|
+
// Pattern: || password === "admin123"
|
|
153
|
+
// Pattern: || req.body.password === SUPPORT_PASS
|
|
154
|
+
// Detects master password backdoors that bypass normal authentication
|
|
155
|
+
// Look for OR conditions with alternative password checks
|
|
156
|
+
const masterPasswordPattern = /\|\|\s*(?:req\.body\.)?password\s*===\s*(?:process\.env\.|["']|[A-Z_]+)/;
|
|
157
|
+
if (trimmed.match(masterPasswordPattern)) {
|
|
158
|
+
// Check if this is in authentication context
|
|
159
|
+
const surroundingLines = lines.slice(Math.max(0, index - 5), Math.min(index + 5, lines.length));
|
|
160
|
+
const isAuthContext = surroundingLines.some(l => {
|
|
161
|
+
const lowerLine = l.toLowerCase();
|
|
162
|
+
return (lowerLine.includes('login') ||
|
|
163
|
+
lowerLine.includes('auth') ||
|
|
164
|
+
lowerLine.includes('password') ||
|
|
165
|
+
lowerLine.includes('token'));
|
|
166
|
+
});
|
|
167
|
+
if (isAuthContext) {
|
|
168
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('master-password-backdoor', 'Master password backdoor allows bypassing normal authentication for any account', 'Remove master password bypass. Implement proper admin access through role-based access control (RBAC)', lineNumber, 'Master password or support password allows authentication bypass for any user account. Single password grants access to all accounts, creating massive insider threat and compliance risk.', 'if (password === userPassword || password === process.env.SUPPORT_PASS) → Attacker discovers SUPPORT_PASS → gains access to any account including admin', [
|
|
169
|
+
'Complete authentication bypass for all accounts',
|
|
170
|
+
'Unauthorized access to any user account',
|
|
171
|
+
'Privilege escalation to admin without authorization',
|
|
172
|
+
'Insider threat amplification (one leaked password compromises entire system)',
|
|
173
|
+
'Compliance violations (SOC 2, ISO 27001, GDPR)',
|
|
174
|
+
'Audit trail bypassed (actions performed as legitimate users)',
|
|
175
|
+
'No way to revoke access without changing single password'
|
|
176
|
+
], 'if (rows[0].password === req.body.password || req.body.password === process.env.SUPPORT_PASS) {\n res.send({ token: generateToken(rows[0].id) });\n}', '// Remove master password bypass\nconst isValid = await bcrypt.compare(req.body.password, rows[0].password_hash);\nif (isValid) {\n res.send({ token: generateToken(rows[0].id) });\n}\n// For admin access, use separate admin authentication endpoint with MFA', 'Never implement master password backdoors. Use proper RBAC with admin roles, separate admin authentication, and multi-factor authentication for privileged access.'));
|
|
177
|
+
}
|
|
178
|
+
}
|
|
179
|
+
// OWASP A07:2025 - Identification and Authentication Failures
|
|
180
|
+
// Check #91: Session Fixation - MEDIUM
|
|
181
|
+
// Pattern: req.session.userId = ... (without session.regenerate())
|
|
182
|
+
// Detects session ID not being regenerated after authentication
|
|
183
|
+
// Session fixation allows attackers to hijack user sessions
|
|
184
|
+
// Look for session assignment after authentication
|
|
185
|
+
const sessionAssignmentPattern = /req\.session\.(userId|user|isAuthenticated|authenticated)/i;
|
|
186
|
+
if (trimmed.match(sessionAssignmentPattern)) {
|
|
187
|
+
// Check if this is in authentication context (login/signin)
|
|
188
|
+
const surroundingLines = lines.slice(Math.max(0, index - 10), Math.min(index + 5, lines.length));
|
|
189
|
+
const isAuthContext = surroundingLines.some(l => {
|
|
190
|
+
const lowerLine = l.toLowerCase();
|
|
191
|
+
return ((lowerLine.includes('login') || lowerLine.includes('signin') || lowerLine.includes('authenticate')) &&
|
|
192
|
+
(lowerLine.includes('post') || lowerLine.includes('app.post') || lowerLine.includes('router.post')));
|
|
193
|
+
});
|
|
194
|
+
// Check if bcrypt.compare or authentication check is present
|
|
195
|
+
const hasAuthCheck = surroundingLines.some(l => {
|
|
196
|
+
const lowerLine = l.toLowerCase();
|
|
197
|
+
return (lowerLine.includes('bcrypt.compare') ||
|
|
198
|
+
lowerLine.includes('argon2.verify') ||
|
|
199
|
+
lowerLine.includes('isvalid') ||
|
|
200
|
+
lowerLine.includes('authenticated'));
|
|
201
|
+
});
|
|
202
|
+
// Check if session.regenerate() is called
|
|
203
|
+
const hasSessionRegenerate = surroundingLines.some(l => {
|
|
204
|
+
const lowerLine = l.toLowerCase();
|
|
205
|
+
return lowerLine.includes('session.regenerate') || lowerLine.includes('regeneratesession');
|
|
206
|
+
});
|
|
207
|
+
if (isAuthContext && hasAuthCheck && !hasSessionRegenerate) {
|
|
208
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('session-fixation', 'Session ID not regenerated after authentication - vulnerable to session fixation attacks', 'Regenerate session ID after successful login: req.session.regenerate((err) => { req.session.userId = user.id; })', lineNumber, 'Session fixation occurs when the session ID is not changed after authentication. Attackers can set a known session ID for a victim, then hijack the session after the victim logs in. This allows attackers to impersonate authenticated users without knowing their credentials.', 'Attacker sets victim\'s sessionId=ABC123 → Victim logs in (session not regenerated) → Attacker uses sessionId=ABC123 → gains access as victim', [
|
|
209
|
+
'Session hijacking after authentication',
|
|
210
|
+
'Account takeover without knowing password',
|
|
211
|
+
'Unauthorized access to user data',
|
|
212
|
+
'Bypasses authentication mechanism',
|
|
213
|
+
'Man-in-the-middle session attacks',
|
|
214
|
+
'Cross-site session fixation'
|
|
215
|
+
], 'app.post(\'/login\', async (req, res) => {\n const isValid = await bcrypt.compare(password, user.password_hash);\n if (isValid) {\n req.session.userId = user.id; // Session ID not regenerated!\n res.json({ success: true });\n }\n});', 'app.post(\'/login\', async (req, res) => {\n const isValid = await bcrypt.compare(password, user.password_hash);\n if (isValid) {\n req.session.regenerate((err) => {\n if (err) return res.status(500).json({ error: \'Session error\' });\n req.session.userId = user.id; // Safe - new session ID\n res.json({ success: true });\n });\n }\n});', 'Always regenerate session IDs after successful authentication using req.session.regenerate(). This creates a new session ID, preventing session fixation attacks. Also set session cookie attributes: httpOnly, secure, sameSite=\'strict\'.'));
|
|
216
|
+
}
|
|
217
|
+
}
|
|
218
|
+
// =============================================================================
|
|
219
|
+
// PHASE A P0 - JWT None Algorithm Detection (Dec 20, 2025)
|
|
220
|
+
// =============================================================================
|
|
221
|
+
// Check #3: JWT None Algorithm Bypass - CRITICAL
|
|
222
|
+
// Pattern 1: jwt.verify() without algorithm restriction
|
|
223
|
+
// Pattern 2: jwt.decode() used for authentication
|
|
224
|
+
// OWASP A07:2021 - Identification and Authentication Failures
|
|
225
|
+
// CWE-347: Improper Verification of Cryptographic Signature
|
|
226
|
+
// Detect jwt.verify() calls
|
|
227
|
+
if (trimmed.match(/jwt\.verify\s*\(/)) {
|
|
228
|
+
// Extract the full jwt.verify() call to check for options
|
|
229
|
+
const verifyCallMatch = trimmed.match(/jwt\.verify\s*\([^)]*\)/);
|
|
230
|
+
if (verifyCallMatch) {
|
|
231
|
+
const callContent = verifyCallMatch[0];
|
|
232
|
+
// Check if third argument (options) exists
|
|
233
|
+
const argsMatch = callContent.match(/jwt\.verify\s*\(\s*([^,]+)\s*,\s*([^,]+)(?:\s*,\s*({[^}]*}))?\s*\)/);
|
|
234
|
+
if (argsMatch) {
|
|
235
|
+
const optionsArg = argsMatch[3];
|
|
236
|
+
// Flag if no options (no third argument)
|
|
237
|
+
if (!optionsArg) {
|
|
238
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('jwt-none-algorithm', 'JWT verification without algorithm restriction allows "none" algorithm bypass', 'Always specify allowed algorithms: jwt.verify(token, secret, { algorithms: [\'HS256\'] })', lineNumber, 'JWT verification without algorithm restriction allows attackers to forge tokens using the "none" algorithm, completely bypassing signature verification. Attackers can create valid tokens with any payload (admin access, privilege escalation) without knowing the secret key.', 'Attacker creates token: {"alg": "none", "typ": "JWT"}.{"userId": "admin", "role": "admin"}. (no signature) → jwt.verify() accepts it → complete authentication bypass', [
|
|
239
|
+
'Complete authentication bypass',
|
|
240
|
+
'Privilege escalation to admin/superuser',
|
|
241
|
+
'Unauthorized access to all user accounts',
|
|
242
|
+
'Data breach and exfiltration',
|
|
243
|
+
'System takeover',
|
|
244
|
+
'Token forgery without secret knowledge'
|
|
245
|
+
], 'const decoded = jwt.verify(token, secret); // Accepts "alg": "none"!', 'const decoded = jwt.verify(token, secret, { algorithms: [\'HS256\'] }); // Only allow HS256, reject "none"', 'Always explicitly specify allowed algorithms in jwt.verify() options. Never allow the "none" algorithm. Use strong algorithms: HS256, RS256, ES256. Never use jwt.decode() for authentication (it doesn\'t verify signatures).'));
|
|
246
|
+
}
|
|
247
|
+
// Flag if options contains 'none' algorithm
|
|
248
|
+
else if (optionsArg.includes("'none'") || optionsArg.includes('"none"')) {
|
|
249
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('jwt-none-algorithm', 'JWT algorithms array explicitly allows "none" - complete authentication bypass', 'Remove "none" from algorithms array: jwt.verify(token, secret, { algorithms: [\'HS256\'] })', lineNumber, 'Explicitly allowing the "none" algorithm in JWT verification completely disables signature verification, allowing attackers to forge arbitrary tokens without knowing the secret key.', 'jwt.verify(token, secret, { algorithms: [\'HS256\', \'none\'] }) → Attacker uses "none" → bypasses all authentication', [
|
|
250
|
+
'Complete authentication bypass',
|
|
251
|
+
'Token forgery without secret',
|
|
252
|
+
'Privilege escalation',
|
|
253
|
+
'Unauthorized access to all accounts',
|
|
254
|
+
'Critical security vulnerability'
|
|
255
|
+
], 'jwt.verify(token, secret, { algorithms: [\'HS256\', \'none\'] }); // Allows "none"!', 'jwt.verify(token, secret, { algorithms: [\'HS256\'] }); // Only HS256, never "none"', 'Never include "none" in the algorithms array. Only use cryptographic algorithms: HS256, HS384, HS512, RS256, RS384, RS512, ES256, ES384, ES512.'));
|
|
256
|
+
}
|
|
257
|
+
}
|
|
258
|
+
}
|
|
259
|
+
}
|
|
260
|
+
// Detect jwt.decode() used for authentication
|
|
261
|
+
// jwt.decode() does NOT verify signature - it only decodes the token
|
|
262
|
+
if (trimmed.match(/jwt\.decode\s*\(/)) {
|
|
263
|
+
// Check if the result is used in authentication logic (next 5 lines)
|
|
264
|
+
const nextLines = lines.slice(index + 1, Math.min(index + 6, lines.length));
|
|
265
|
+
const isUsedForAuth = nextLines.some(nextLine => {
|
|
266
|
+
const lowerLine = nextLine.toLowerCase();
|
|
267
|
+
return (lowerLine.includes('if') &&
|
|
268
|
+
(lowerLine.includes('decoded') ||
|
|
269
|
+
lowerLine.includes('user') ||
|
|
270
|
+
lowerLine.includes('auth') ||
|
|
271
|
+
lowerLine.includes('role') ||
|
|
272
|
+
lowerLine.includes('admin'))) ||
|
|
273
|
+
lowerLine.includes('req.user') ||
|
|
274
|
+
lowerLine.includes('req.auth') ||
|
|
275
|
+
lowerLine.includes('session');
|
|
276
|
+
});
|
|
277
|
+
if (isUsedForAuth) {
|
|
278
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('jwt-decode-authentication', 'jwt.decode() used for authentication - does NOT verify signature', 'Use jwt.verify() instead: jwt.verify(token, secret, { algorithms: [\'HS256\'] })', lineNumber, 'jwt.decode() only decodes the JWT payload without verifying the signature. This allows attackers to forge tokens with arbitrary claims (admin role, any user ID) by simply base64-encoding malicious payloads. There is NO cryptographic verification.', 'Attacker creates: btoa(\'{"userId":"admin","role":"superuser"}\') → jwt.decode() accepts it → gains admin access without knowing secret', [
|
|
279
|
+
'Complete authentication bypass',
|
|
280
|
+
'Token forgery trivial (no secret needed)',
|
|
281
|
+
'Privilege escalation to admin',
|
|
282
|
+
'Unauthorized access to all accounts',
|
|
283
|
+
'No cryptographic security whatsoever'
|
|
284
|
+
], 'const decoded = jwt.decode(token); // NO signature verification!\nif (decoded.role === \'admin\') { grantAccess(); }', 'const decoded = jwt.verify(token, process.env.JWT_SECRET, { algorithms: [\'HS256\'] });\nif (decoded.role === \'admin\') { grantAccess(); } // Signature verified!', 'NEVER use jwt.decode() for authentication or authorization. It does not verify signatures. Always use jwt.verify() with secret and algorithms option. Use jwt.decode() only for debugging or displaying non-sensitive token information.'));
|
|
285
|
+
}
|
|
286
|
+
}
|
|
287
|
+
// Check #4: JWT Weak Secret - CRITICAL
|
|
288
|
+
// Pattern: jwt.sign() with weak/short secret or hardcoded secret
|
|
289
|
+
// OWASP A02:2021 - Cryptographic Failures
|
|
290
|
+
// CWE-326: Inadequate Encryption Strength
|
|
291
|
+
// Detect jwt.sign() calls
|
|
292
|
+
if (trimmed.match(/jwt\.sign\s*\(/)) {
|
|
293
|
+
// Extract the jwt.sign() call to check secret
|
|
294
|
+
const signCallMatch = trimmed.match(/jwt\.sign\s*\([^)]*\)/);
|
|
295
|
+
if (signCallMatch) {
|
|
296
|
+
const callContent = signCallMatch[0];
|
|
297
|
+
// Extract second argument (secret)
|
|
298
|
+
// Pattern: jwt.sign(payload, secret, options?)
|
|
299
|
+
const argsMatch = callContent.match(/jwt\.sign\s*\(\s*[^,]+\s*,\s*([^,)]+)/);
|
|
300
|
+
if (argsMatch) {
|
|
301
|
+
const secretArg = argsMatch[1].trim();
|
|
302
|
+
// Check if secret is a string literal (not from env)
|
|
303
|
+
const isStringLiteral = secretArg.match(/^['"`](.*)['"`]$/);
|
|
304
|
+
if (isStringLiteral) {
|
|
305
|
+
const secretValue = isStringLiteral[1];
|
|
306
|
+
const secretLength = secretValue.length;
|
|
307
|
+
// CRITICAL: Check for weak/common secrets FIRST (higher priority than length check)
|
|
308
|
+
// If a secret is both weak AND short (e.g., 'password'), we want to report the
|
|
309
|
+
// more specific "weak/common" message, not the generic "short" message.
|
|
310
|
+
const secretLower = secretValue.toLowerCase();
|
|
311
|
+
const isWeakSecret = WEAK_JWT_SECRETS.some(weak => secretLower === weak.toLowerCase() ||
|
|
312
|
+
secretLower.includes(weak.toLowerCase()));
|
|
313
|
+
// Flag if secret is in weak secrets blacklist (highest priority)
|
|
314
|
+
if (isWeakSecret) {
|
|
315
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('jwt-weak-secret', `JWT secret is common/weak and easily guessable: "${secretValue}"`, 'Use cryptographically random secret: process.env.JWT_SECRET', lineNumber, `Common JWT secrets like "${secretValue}" are trivially guessed by attackers using dictionary attacks. These secrets are publicly known and tried first in any JWT attack. Once guessed, attackers can forge tokens with arbitrary claims, completely bypassing authentication.`, `Secret: "${secretValue}" (in common secrets list) → Attacker tries common secrets → succeeds immediately → forges admin token → complete system compromise`, [
|
|
316
|
+
'Trivial JWT secret guessing',
|
|
317
|
+
'Token forgery within seconds',
|
|
318
|
+
'Complete authentication bypass',
|
|
319
|
+
'Privilege escalation to admin',
|
|
320
|
+
'Zero-effort attack (no brute-force needed)',
|
|
321
|
+
'Publicly known vulnerability'
|
|
322
|
+
], `const token = jwt.sign(payload, '${secretValue}'); // Common/weak secret!`, '// Generate: openssl rand -base64 32\nconst secret = process.env.JWT_SECRET; // Cryptographically random\nconst token = jwt.sign(payload, secret, { expiresIn: \'1h\' });', `NEVER use common/weak secrets. Avoid: ${WEAK_JWT_SECRETS.join(', ')}. Always generate cryptographically random secrets (openssl rand -base64 32) and store in environment variables.`));
|
|
323
|
+
}
|
|
324
|
+
// Flag if secret is too short (< 32 characters / 256 bits) - only if NOT already flagged as weak/common
|
|
325
|
+
else if (secretLength < 32) {
|
|
326
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('jwt-weak-secret', `JWT secret is too short (${secretLength} chars) - minimum 32 characters (256 bits) required`, 'Use cryptographically strong secret: process.env.JWT_SECRET (at least 32 characters)', lineNumber, `Short JWT secrets are vulnerable to brute-force attacks. With only ${secretLength} characters, an attacker can try all combinations in hours/days using modern GPU clusters. Once secret is cracked, attackers can forge tokens with arbitrary claims (admin role, any user ID), completely bypassing authentication.`, `Secret: "${secretValue}" (${secretLength * 8} bits) → Attacker brute-forces in ${secretLength < 10 ? 'minutes' : secretLength < 20 ? 'hours' : 'days'} → forges admin token → complete authentication bypass`, [
|
|
327
|
+
'JWT secret brute-force attack',
|
|
328
|
+
'Token forgery with arbitrary claims',
|
|
329
|
+
'Complete authentication bypass',
|
|
330
|
+
'Privilege escalation to admin',
|
|
331
|
+
'Unauthorized access to all accounts',
|
|
332
|
+
'Permanent compromise (secret cannot be changed without invalidating all tokens)'
|
|
333
|
+
], `const token = jwt.sign({ userId: user.id }, '${secretValue}'); // ${secretLength} chars = ${secretLength * 8} bits`, '// Generate: openssl rand -base64 32\nconst secret = process.env.JWT_SECRET; // At least 32 chars (256 bits)\nconst token = jwt.sign({ userId: user.id }, secret, { expiresIn: \'1h\' });', 'Always use secrets of at least 32 characters (256 bits) for JWT signing. Generate cryptographically random secrets using: openssl rand -base64 32. Store in environment variables, never hardcode. For HS256: 32+ chars. For HS512: 64+ chars.'));
|
|
334
|
+
}
|
|
335
|
+
}
|
|
336
|
+
// Flag if secret is hardcoded (not from process.env or config)
|
|
337
|
+
else if (!secretArg.includes('process.env') &&
|
|
338
|
+
!secretArg.includes('env.') &&
|
|
339
|
+
!secretArg.includes('config.') &&
|
|
340
|
+
!secretArg.includes('Config.') &&
|
|
341
|
+
!secretArg.match(/^[A-Z_]+$/)) { // Allow UPPERCASE_CONSTANTS (likely from env)
|
|
342
|
+
vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('jwt-weak-secret', 'JWT secret is hardcoded - use environment variable: process.env.JWT_SECRET', 'Store JWT secret in environment variable, never hardcode', lineNumber, 'Hardcoded JWT secrets are embedded in source code, making them visible to anyone with repository access. If code is leaked, decompiled, or exposed via version control, attackers can extract the secret and forge arbitrary tokens. Hardcoded secrets cannot be rotated without code changes.', 'Hardcoded secret in code → Repository leaked/exposed → Attacker extracts secret → forges admin tokens → authentication bypass', [
|
|
343
|
+
'Secret exposure via source code',
|
|
344
|
+
'Version control history exposes secret permanently',
|
|
345
|
+
'Cannot rotate secret without code deployment',
|
|
346
|
+
'Token forgery if code is leaked',
|
|
347
|
+
'Insider threat (all developers have access)',
|
|
348
|
+
'Compliance violations (secret storage)'
|
|
349
|
+
], `const token = jwt.sign(payload, ${secretArg}); // Hardcoded secret`, 'const secret = process.env.JWT_SECRET; // From environment\nconst token = jwt.sign(payload, secret, { expiresIn: \'1h\' });', 'NEVER hardcode JWT secrets. Always store in environment variables (process.env.JWT_SECRET). Use secret management systems (AWS Secrets Manager, HashiCorp Vault, etc.) in production. Generate with: openssl rand -base64 32'));
|
|
350
|
+
}
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
});
|
|
355
|
+
return vulnerabilities;
|
|
356
|
+
}
|
|
357
|
+
//# sourceMappingURL=authentication.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"authentication.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/typescript/security-checks/authentication.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;AA2BH,kDA2eC;AAngBD,sEAAqF;AAErF,wDAAwD;AACxD,MAAM,gBAAgB,GAAG;IACvB,QAAQ,EAAE,YAAY,EAAE,WAAW,EAAE,iBAAiB;IACtD,qBAAqB,EAAE,UAAU,EAAE,UAAU,EAAE,OAAO;IACtD,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,SAAS;IACpD,aAAa,EAAE,WAAW,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK;IACjD,MAAM,EAAE,gBAAgB,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM;CACtD,CAAC;AAEF;;;;;;;;;;;;GAYG;AACH,SAAgB,mBAAmB,CACjC,KAAe;IAEf,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,8CAA8C;QAC9C,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO;QACT,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,kBAAkB,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO;QAElG,8DAA8D;QAC9D,sDAAsD;QACtD,kDAAkD;QAClD,sCAAsC;QACtC,4CAA4C;QAC5C,gEAAgE;QAEhE,wCAAwC;QACxC,MAAM,wBAAwB,GAAG,oNAAoN,CAAC;QACtP,MAAM,yBAAyB,GAAG,mEAAmE,CAAC;QAEtG,IAAI,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,EAAE,CAAC;YACxF,iDAAiD;YACjD,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC;YAClE,MAAM,gBAAgB,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBAC9C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CACL,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBAC3F,CAAC,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAC/D,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,0EAA0E;YAC1E,MAAM,aAAa,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBAC3C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CACL,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC9B,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAChC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAC3F,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,gDAAgD;YAChD,MAAM,gBAAgB,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAChG,MAAM,eAAe,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBAChD,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CACL,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;oBACpC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC;oBACnC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;oBACpC,SAAS,CAAC,QAAQ,CAAC,qBAAqB,CAAC,IAAI,2BAA2B;oBACxE,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;oBAC5B,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC7B,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,mHAAmH;YACnH,IAAI,CAAC,gBAAgB,IAAI,aAAa,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC5D,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,+BAA+B,EAC/B,4FAA4F,EAC5F,4FAA4F,EAC5F,UAAU,EACV,kOAAkO,EAClO,wJAAwJ,EACxJ;oBACE,2CAA2C;oBAC3C,yDAAyD;oBACzD,gCAAgC;oBAChC,wDAAwD;oBACxD,uDAAuD;oBACvD,2CAA2C;oBAC3C,6CAA6C;iBAC9C,EACD,kLAAkL,EAClL,yOAAyO,EACzO,8JAA8J,CAC/J,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,0CAA0C;QAC1C,iDAAiD;QACjD,sCAAsC;QACtC,0BAA0B;QAC1B,+CAA+C;QAE/C,qDAAqD;QACrD,MAAM,sBAAsB,GAAG,2DAA2D,CAAC;QAE3F,IAAI,OAAO,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC;YAC1C,oDAAoD;YACpD,MAAM,iBAAiB,GAAG;gBACxB,4CAA4C;gBAC5C,2DAA2D;gBAC3D,6CAA6C;gBAC7C,kBAAkB;gBAClB,0BAA0B;gBAC1B,eAAe;gBACf,iCAAiC;gBACjC,sCAAsC;gBACtC,+CAA+C;gBAC/C,gCAAgC;aACjC,CAAC;YAEF,MAAM,WAAW,GAAG,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;YAE9E,yBAAyB;YACzB,MAAM,mBAAmB,GAAG;gBAC1B,qBAAqB;gBACrB,oBAAoB;gBACpB,UAAU;gBACV,mBAAmB;gBACnB,WAAW;gBACX,QAAQ;gBACR,cAAc;aACf,CAAC;YAEF,MAAM,aAAa,GAAG,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC;YAElF,IAAI,WAAW,IAAI,CAAC,aAAa,EAAE,CAAC;gBAClC,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,uBAAuB,EACvB,sEAAsE,EACtE,sGAAsG,EACtG,UAAU,EACV,wMAAwM,EACxM,mIAAmI,EACnI;oBACE,gCAAgC;oBAChC,+BAA+B;oBAC/B,mBAAmB;oBACnB,2CAA2C;oBAC3C,gBAAgB;oBAChB,0BAA0B;oBAC1B,qCAAqC;iBACtC,EACD,qFAAqF,EACrF,+HAA+H,EAC/H,qLAAqL,CACtL,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,6CAA6C;QAC7C,mDAAmD;QACnD,sCAAsC;QACtC,iDAAiD;QACjD,sEAAsE;QAEtE,0DAA0D;QAC1D,MAAM,qBAAqB,GAAG,yEAAyE,CAAC;QAExG,IAAI,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;YACzC,6CAA6C;YAC7C,MAAM,gBAAgB,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAChG,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBAC9C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CACL,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC;oBAC3B,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC1B,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC9B,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAC5B,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,IAAI,aAAa,EAAE,CAAC;gBAClB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,0BAA0B,EAC1B,iFAAiF,EACjF,uGAAuG,EACvG,UAAU,EACV,4LAA4L,EAC5L,yJAAyJ,EACzJ;oBACE,iDAAiD;oBACjD,yCAAyC;oBACzC,qDAAqD;oBACrD,8EAA8E;oBAC9E,gDAAgD;oBAChD,8DAA8D;oBAC9D,0DAA0D;iBAC3D,EACD,uJAAuJ,EACvJ,mQAAmQ,EACnQ,oKAAoK,CACrK,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,uCAAuC;QACvC,mEAAmE;QACnE,gEAAgE;QAChE,4DAA4D;QAE5D,mDAAmD;QACnD,MAAM,wBAAwB,GAAG,4DAA4D,CAAC;QAE9F,IAAI,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC;YAC5C,4DAA4D;YAC5D,MAAM,gBAAgB,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAEjG,MAAM,aAAa,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBAC9C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CACL,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;oBACnG,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC,CACpG,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,6DAA6D;YAC7D,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBAC7C,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,CACL,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;oBACpC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC;oBACnC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;oBAC7B,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC,CACpC,CAAC;YACJ,CAAC,CAAC,CAAC;YAEH,0CAA0C;YAC1C,MAAM,oBAAoB,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;gBACrD,MAAM,SAAS,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClC,OAAO,SAAS,CAAC,QAAQ,CAAC,oBAAoB,CAAC,IAAI,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;YAC7F,CAAC,CAAC,CAAC;YAEH,IAAI,aAAa,IAAI,YAAY,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC3D,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,kBAAkB,EAClB,0FAA0F,EAC1F,kHAAkH,EAClH,UAAU,EACV,mRAAmR,EACnR,+IAA+I,EAC/I;oBACE,wCAAwC;oBACxC,2CAA2C;oBAC3C,kCAAkC;oBAClC,mCAAmC;oBACnC,mCAAmC;oBACnC,6BAA6B;iBAC9B,EACD,mPAAmP,EACnP,4WAA4W,EAC5W,8OAA8O,CAC/O,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,gFAAgF;QAChF,2DAA2D;QAC3D,gFAAgF;QAEhF,iDAAiD;QACjD,wDAAwD;QACxD,kDAAkD;QAClD,8DAA8D;QAC9D,4DAA4D;QAE5D,4BAA4B;QAC5B,IAAI,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACtC,0DAA0D;YAC1D,MAAM,eAAe,GAAG,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAEjE,IAAI,eAAe,EAAE,CAAC;gBACpB,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;gBAEvC,2CAA2C;gBAC3C,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,oEAAoE,CAAC,CAAC;gBAE1G,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,UAAU,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;oBAEhC,yCAAyC;oBACzC,IAAI,CAAC,UAAU,EAAE,CAAC;wBAChB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,oBAAoB,EACpB,+EAA+E,EAC/E,2FAA2F,EAC3F,UAAU,EACV,kRAAkR,EAClR,uKAAuK,EACvK;4BACE,gCAAgC;4BAChC,yCAAyC;4BACzC,0CAA0C;4BAC1C,8BAA8B;4BAC9B,iBAAiB;4BACjB,wCAAwC;yBACzC,EACD,sEAAsE,EACtE,4GAA4G,EAC5G,gOAAgO,CACjO,CAAC,CAAC;oBACL,CAAC;oBACD,4CAA4C;yBACvC,IAAI,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;wBACxE,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,oBAAoB,EACpB,gFAAgF,EAChF,6FAA6F,EAC7F,UAAU,EACV,uLAAuL,EACvL,uHAAuH,EACvH;4BACE,gCAAgC;4BAChC,8BAA8B;4BAC9B,sBAAsB;4BACtB,qCAAqC;4BACrC,iCAAiC;yBAClC,EACD,qFAAqF,EACrF,qFAAqF,EACrF,iJAAiJ,CAClJ,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,8CAA8C;QAC9C,qEAAqE;QACrE,IAAI,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACtC,qEAAqE;YACrE,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;YAC5E,MAAM,aAAa,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;gBAC9C,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;gBACzC,OAAO,CACL,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC;oBACxB,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC7B,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;wBAC1B,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;wBAC1B,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;wBAC1B,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAC9B;oBACD,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC9B,SAAS,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC9B,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YAChC,CAAC,CAAC,CAAC;YAEH,IAAI,aAAa,EAAE,CAAC;gBAClB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,2BAA2B,EAC3B,kEAAkE,EAClE,kFAAkF,EAClF,UAAU,EACV,wPAAwP,EACxP,yIAAyI,EACzI;oBACE,gCAAgC;oBAChC,0CAA0C;oBAC1C,+BAA+B;oBAC/B,qCAAqC;oBACrC,sCAAsC;iBACvC,EACD,sHAAsH,EACtH,oKAAoK,EACpK,0OAA0O,CAC3O,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,iEAAiE;QACjE,0CAA0C;QAC1C,0CAA0C;QAE1C,0BAA0B;QAC1B,IAAI,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACpC,8CAA8C;YAC9C,MAAM,aAAa,GAAG,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YAE7D,IAAI,aAAa,EAAE,CAAC;gBAClB,MAAM,WAAW,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;gBAErC,mCAAmC;gBACnC,+CAA+C;gBAC/C,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;gBAE7E,IAAI,SAAS,EAAE,CAAC;oBACd,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;oBAEtC,qDAAqD;oBACrD,MAAM,eAAe,GAAG,SAAS,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;oBAE5D,IAAI,eAAe,EAAE,CAAC;wBACpB,MAAM,WAAW,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;wBACvC,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,CAAC;wBAExC,oFAAoF;wBACpF,+EAA+E;wBAC/E,wEAAwE;wBACxE,MAAM,WAAW,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC;wBAC9C,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAChD,WAAW,KAAK,IAAI,CAAC,WAAW,EAAE;4BAClC,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CACzC,CAAC;wBAEF,iEAAiE;wBACjE,IAAI,YAAY,EAAE,CAAC;4BACjB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,oDAAoD,WAAW,GAAG,EAClE,6DAA6D,EAC7D,UAAU,EACV,4BAA4B,WAAW,yOAAyO,EAChR,YAAY,WAAW,qIAAqI,EAC5J;gCACE,6BAA6B;gCAC7B,8BAA8B;gCAC9B,gCAAgC;gCAChC,+BAA+B;gCAC/B,4CAA4C;gCAC5C,8BAA8B;6BAC/B,EACD,oCAAoC,WAAW,4BAA4B,EAC3E,2KAA2K,EAC3K,yCAAyC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,kHAAkH,CACvL,CAAC,CAAC;wBACL,CAAC;wBACD,wGAAwG;6BACnG,IAAI,YAAY,GAAG,EAAE,EAAE,CAAC;4BAC3B,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,4BAA4B,YAAY,qDAAqD,EAC7F,sFAAsF,EACtF,UAAU,EACV,sEAAsE,YAAY,qOAAqO,EACvT,YAAY,WAAW,MAAM,YAAY,GAAG,CAAC,qCAAqC,YAAY,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,YAAY,GAAG,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,wDAAwD,EAC9M;gCACE,+BAA+B;gCAC/B,qCAAqC;gCACrC,gCAAgC;gCAChC,+BAA+B;gCAC/B,qCAAqC;gCACrC,iFAAiF;6BAClF,EACD,gDAAgD,WAAW,UAAU,YAAY,YAAY,YAAY,GAAG,CAAC,OAAO,EACpH,2LAA2L,EAC3L,gPAAgP,CACjP,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;oBACD,+DAA+D;yBAC1D,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,aAAa,CAAC;wBAClC,CAAC,SAAS,CAAC,QAAQ,CAAC,MAAM,CAAC;wBAC3B,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC9B,CAAC,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC9B,CAAC,SAAS,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,8CAA8C;wBACtF,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,4EAA4E,EAC5E,0DAA0D,EAC1D,UAAU,EACV,gSAAgS,EAChS,+HAA+H,EAC/H;4BACE,iCAAiC;4BACjC,oDAAoD;4BACpD,8CAA8C;4BAC9C,iCAAiC;4BACjC,6CAA6C;4BAC7C,wCAAwC;yBACzC,EACD,mCAAmC,SAAS,wBAAwB,EACpE,6HAA6H,EAC7H,8NAA8N,CAC/N,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}
|
|
@@ -0,0 +1,26 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* TypeScript Code Injection Security Checks
|
|
3
|
+
* OWASP A03:2021 - Injection
|
|
4
|
+
* OWASP A08:2021 - Software and Data Integrity Failures
|
|
5
|
+
* OWASP A10:2021 - Server-Side Request Forgery (SSRF)
|
|
6
|
+
*
|
|
7
|
+
* Detects SQL injection, command injection, path traversal, prototype pollution, and SSRF.
|
|
8
|
+
*/
|
|
9
|
+
import { SecurityVulnerability } from '../../types';
|
|
10
|
+
/**
|
|
11
|
+
* Checks for code injection vulnerabilities in TypeScript code
|
|
12
|
+
*
|
|
13
|
+
* Covers:
|
|
14
|
+
* - Check #5: SSRF via Unsafe URL (CRITICAL) - Phase A P0
|
|
15
|
+
* - Check #6: Insecure Deserialization (CRITICAL) - Phase A P0
|
|
16
|
+
* - Check #11: Prototype pollution (HIGH)
|
|
17
|
+
* - Check #12: SQL Injection (CRITICAL)
|
|
18
|
+
* - Check #13: Command Injection (CRITICAL)
|
|
19
|
+
* - Check #14: Path Traversal (HIGH)
|
|
20
|
+
* - Check #9: XXE (XML External Entity) - HIGH - Phase B
|
|
21
|
+
*
|
|
22
|
+
* @param lines - Array of code lines
|
|
23
|
+
* @returns Array of security vulnerabilities found
|
|
24
|
+
*/
|
|
25
|
+
export declare function checkCodeInjection(lines: string[]): SecurityVulnerability[];
|
|
26
|
+
//# sourceMappingURL=code-injection.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"code-injection.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/typescript/security-checks/code-injection.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;;;;;;;GAcG;AACH,wBAAgB,kBAAkB,CAChC,KAAK,EAAE,MAAM,EAAE,GACd,qBAAqB,EAAE,CAokBzB"}
|