codeslick-cli 1.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (455) hide show
  1. package/README.md +458 -0
  2. package/__tests__/cli-reporter.test.ts +86 -0
  3. package/__tests__/config-loader.test.ts +247 -0
  4. package/__tests__/local-scanner.test.ts +245 -0
  5. package/bin/codeslick.cjs +153 -0
  6. package/dist/packages/cli/src/commands/auth.d.ts +36 -0
  7. package/dist/packages/cli/src/commands/auth.d.ts.map +1 -0
  8. package/dist/packages/cli/src/commands/auth.js +226 -0
  9. package/dist/packages/cli/src/commands/auth.js.map +1 -0
  10. package/dist/packages/cli/src/commands/config.d.ts +37 -0
  11. package/dist/packages/cli/src/commands/config.d.ts.map +1 -0
  12. package/dist/packages/cli/src/commands/config.js +196 -0
  13. package/dist/packages/cli/src/commands/config.js.map +1 -0
  14. package/dist/packages/cli/src/commands/init.d.ts +32 -0
  15. package/dist/packages/cli/src/commands/init.d.ts.map +1 -0
  16. package/dist/packages/cli/src/commands/init.js +171 -0
  17. package/dist/packages/cli/src/commands/init.js.map +1 -0
  18. package/dist/packages/cli/src/commands/scan.d.ts +40 -0
  19. package/dist/packages/cli/src/commands/scan.d.ts.map +1 -0
  20. package/dist/packages/cli/src/commands/scan.js +204 -0
  21. package/dist/packages/cli/src/commands/scan.js.map +1 -0
  22. package/dist/packages/cli/src/config/config-loader.d.ts +67 -0
  23. package/dist/packages/cli/src/config/config-loader.d.ts.map +1 -0
  24. package/dist/packages/cli/src/config/config-loader.js +146 -0
  25. package/dist/packages/cli/src/config/config-loader.js.map +1 -0
  26. package/dist/packages/cli/src/reporters/cli-reporter.d.ts +69 -0
  27. package/dist/packages/cli/src/reporters/cli-reporter.d.ts.map +1 -0
  28. package/dist/packages/cli/src/reporters/cli-reporter.js +244 -0
  29. package/dist/packages/cli/src/reporters/cli-reporter.js.map +1 -0
  30. package/dist/packages/cli/src/scanner/local-scanner.d.ts +92 -0
  31. package/dist/packages/cli/src/scanner/local-scanner.d.ts.map +1 -0
  32. package/dist/packages/cli/src/scanner/local-scanner.js +221 -0
  33. package/dist/packages/cli/src/scanner/local-scanner.js.map +1 -0
  34. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts +88 -0
  35. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.d.ts.map +1 -0
  36. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js +371 -0
  37. package/dist/src/lib/analyzers/helpers/ai-code-detection-utils.js.map +1 -0
  38. package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts +63 -0
  39. package/dist/src/lib/analyzers/helpers/jsx-helpers.d.ts.map +1 -0
  40. package/dist/src/lib/analyzers/helpers/jsx-helpers.js +95 -0
  41. package/dist/src/lib/analyzers/helpers/jsx-helpers.js.map +1 -0
  42. package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts +59 -0
  43. package/dist/src/lib/analyzers/helpers/variable-tracker.d.ts.map +1 -0
  44. package/dist/src/lib/analyzers/helpers/variable-tracker.js +231 -0
  45. package/dist/src/lib/analyzers/helpers/variable-tracker.js.map +1 -0
  46. package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts +20 -0
  47. package/dist/src/lib/analyzers/java/security-checks/access-control.d.ts.map +1 -0
  48. package/dist/src/lib/analyzers/java/security-checks/access-control.js +129 -0
  49. package/dist/src/lib/analyzers/java/security-checks/access-control.js.map +1 -0
  50. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts +25 -0
  51. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.d.ts.map +1 -0
  52. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js +221 -0
  53. package/dist/src/lib/analyzers/java/security-checks/ai-generated-code.js.map +1 -0
  54. package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts +18 -0
  55. package/dist/src/lib/analyzers/java/security-checks/code-quality.d.ts.map +1 -0
  56. package/dist/src/lib/analyzers/java/security-checks/code-quality.js +84 -0
  57. package/dist/src/lib/analyzers/java/security-checks/code-quality.js.map +1 -0
  58. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts +18 -0
  59. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.d.ts.map +1 -0
  60. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js +161 -0
  61. package/dist/src/lib/analyzers/java/security-checks/crypto-validation.js.map +1 -0
  62. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts +20 -0
  63. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.d.ts.map +1 -0
  64. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js +163 -0
  65. package/dist/src/lib/analyzers/java/security-checks/deserialization-xxe.js.map +1 -0
  66. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts +24 -0
  67. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  68. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js +178 -0
  69. package/dist/src/lib/analyzers/java/security-checks/enhanced-supply-chain.js.map +1 -0
  70. package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts +25 -0
  71. package/dist/src/lib/analyzers/java/security-checks/exception-handling.d.ts.map +1 -0
  72. package/dist/src/lib/analyzers/java/security-checks/exception-handling.js +179 -0
  73. package/dist/src/lib/analyzers/java/security-checks/exception-handling.js.map +1 -0
  74. package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts +17 -0
  75. package/dist/src/lib/analyzers/java/security-checks/file-operations.d.ts.map +1 -0
  76. package/dist/src/lib/analyzers/java/security-checks/file-operations.js +67 -0
  77. package/dist/src/lib/analyzers/java/security-checks/file-operations.js.map +1 -0
  78. package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts +25 -0
  79. package/dist/src/lib/analyzers/java/security-checks/framework-security.d.ts.map +1 -0
  80. package/dist/src/lib/analyzers/java/security-checks/framework-security.js +396 -0
  81. package/dist/src/lib/analyzers/java/security-checks/framework-security.js.map +1 -0
  82. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts +20 -0
  83. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.d.ts.map +1 -0
  84. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js +123 -0
  85. package/dist/src/lib/analyzers/java/security-checks/hardcoded-credentials.js.map +1 -0
  86. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts +23 -0
  87. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.d.ts.map +1 -0
  88. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js +201 -0
  89. package/dist/src/lib/analyzers/java/security-checks/injection-attacks.js.map +1 -0
  90. package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts +20 -0
  91. package/dist/src/lib/analyzers/java/security-checks/insecure-design.d.ts.map +1 -0
  92. package/dist/src/lib/analyzers/java/security-checks/insecure-design.js +121 -0
  93. package/dist/src/lib/analyzers/java/security-checks/insecure-design.js.map +1 -0
  94. package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts +20 -0
  95. package/dist/src/lib/analyzers/java/security-checks/logging-failures.d.ts.map +1 -0
  96. package/dist/src/lib/analyzers/java/security-checks/logging-failures.js +89 -0
  97. package/dist/src/lib/analyzers/java/security-checks/logging-failures.js.map +1 -0
  98. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts +26 -0
  99. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.d.ts.map +1 -0
  100. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js +309 -0
  101. package/dist/src/lib/analyzers/java/security-checks/security-misconfiguration.js.map +1 -0
  102. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts +18 -0
  103. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.d.ts.map +1 -0
  104. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js +114 -0
  105. package/dist/src/lib/analyzers/java/security-checks/unsafe-patterns.js.map +1 -0
  106. package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts +58 -0
  107. package/dist/src/lib/analyzers/java/utils/createVulnerability.d.ts.map +1 -0
  108. package/dist/src/lib/analyzers/java/utils/createVulnerability.js +71 -0
  109. package/dist/src/lib/analyzers/java/utils/createVulnerability.js.map +1 -0
  110. package/dist/src/lib/analyzers/java-analyzer.d.ts +209 -0
  111. package/dist/src/lib/analyzers/java-analyzer.d.ts.map +1 -0
  112. package/dist/src/lib/analyzers/java-analyzer.js +1720 -0
  113. package/dist/src/lib/analyzers/java-analyzer.js.map +1 -0
  114. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts +27 -0
  115. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.d.ts.map +1 -0
  116. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js +123 -0
  117. package/dist/src/lib/analyzers/javascript/quality-checks/ai-hallucinations.js.map +1 -0
  118. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts +44 -0
  119. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.d.ts.map +1 -0
  120. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js +224 -0
  121. package/dist/src/lib/analyzers/javascript/quality-checks/async-patterns.js.map +1 -0
  122. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts +50 -0
  123. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.d.ts.map +1 -0
  124. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js +284 -0
  125. package/dist/src/lib/analyzers/javascript/quality-checks/code-patterns.js.map +1 -0
  126. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts +27 -0
  127. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.d.ts.map +1 -0
  128. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js +86 -0
  129. package/dist/src/lib/analyzers/javascript/quality-checks/comparison-issues.js.map +1 -0
  130. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts +32 -0
  131. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.d.ts.map +1 -0
  132. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js +44 -0
  133. package/dist/src/lib/analyzers/javascript/quality-checks/reference-errors.js.map +1 -0
  134. package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts +22 -0
  135. package/dist/src/lib/analyzers/javascript/security-checks/access-control.d.ts.map +1 -0
  136. package/dist/src/lib/analyzers/javascript/security-checks/access-control.js +168 -0
  137. package/dist/src/lib/analyzers/javascript/security-checks/access-control.js.map +1 -0
  138. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts +25 -0
  139. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.d.ts.map +1 -0
  140. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js +232 -0
  141. package/dist/src/lib/analyzers/javascript/security-checks/ai-generated-code.js.map +1 -0
  142. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts +27 -0
  143. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.d.ts.map +1 -0
  144. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js +222 -0
  145. package/dist/src/lib/analyzers/javascript/security-checks/authentication-failures.js.map +1 -0
  146. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts +28 -0
  147. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.d.ts.map +1 -0
  148. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js +176 -0
  149. package/dist/src/lib/analyzers/javascript/security-checks/credential-crypto.js.map +1 -0
  150. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts +23 -0
  151. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  152. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js +113 -0
  153. package/dist/src/lib/analyzers/javascript/security-checks/enhanced-supply-chain.js.map +1 -0
  154. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts +28 -0
  155. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.d.ts.map +1 -0
  156. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js +227 -0
  157. package/dist/src/lib/analyzers/javascript/security-checks/exception-handling.js.map +1 -0
  158. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts +32 -0
  159. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.d.ts.map +1 -0
  160. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js +260 -0
  161. package/dist/src/lib/analyzers/javascript/security-checks/injection-attacks.js.map +1 -0
  162. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts +26 -0
  163. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.d.ts.map +1 -0
  164. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js +164 -0
  165. package/dist/src/lib/analyzers/javascript/security-checks/insecure-design.js.map +1 -0
  166. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts +26 -0
  167. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.d.ts.map +1 -0
  168. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js +775 -0
  169. package/dist/src/lib/analyzers/javascript/security-checks/security-misconfiguration.js.map +1 -0
  170. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts +25 -0
  171. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.d.ts.map +1 -0
  172. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js +168 -0
  173. package/dist/src/lib/analyzers/javascript/security-checks/software-integrity.js.map +1 -0
  174. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts +27 -0
  175. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.d.ts.map +1 -0
  176. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js +108 -0
  177. package/dist/src/lib/analyzers/javascript/security-checks/storage-security.js.map +1 -0
  178. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts +28 -0
  179. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.d.ts.map +1 -0
  180. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js +143 -0
  181. package/dist/src/lib/analyzers/javascript/security-checks/xss-dom-security.js.map +1 -0
  182. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts +53 -0
  183. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.d.ts.map +1 -0
  184. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js +144 -0
  185. package/dist/src/lib/analyzers/javascript/syntax/syntax-helpers.js.map +1 -0
  186. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts +72 -0
  187. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.d.ts.map +1 -0
  188. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js +314 -0
  189. package/dist/src/lib/analyzers/javascript/syntax/typescript-syntax.js.map +1 -0
  190. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts +58 -0
  191. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.d.ts.map +1 -0
  192. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js +71 -0
  193. package/dist/src/lib/analyzers/javascript/utils/createVulnerability.js.map +1 -0
  194. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts +36 -0
  195. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.d.ts.map +1 -0
  196. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js +70 -0
  197. package/dist/src/lib/analyzers/javascript/utils/metrics-calculator.js.map +1 -0
  198. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts +29 -0
  199. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.d.ts.map +1 -0
  200. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js +55 -0
  201. package/dist/src/lib/analyzers/javascript/utils/performance-analyzer.js.map +1 -0
  202. package/dist/src/lib/analyzers/javascript-analyzer.d.ts +95 -0
  203. package/dist/src/lib/analyzers/javascript-analyzer.d.ts.map +1 -0
  204. package/dist/src/lib/analyzers/javascript-analyzer.js +2141 -0
  205. package/dist/src/lib/analyzers/javascript-analyzer.js.map +1 -0
  206. package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts +21 -0
  207. package/dist/src/lib/analyzers/python/security-checks/access-control.d.ts.map +1 -0
  208. package/dist/src/lib/analyzers/python/security-checks/access-control.js +305 -0
  209. package/dist/src/lib/analyzers/python/security-checks/access-control.js.map +1 -0
  210. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts +25 -0
  211. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.d.ts.map +1 -0
  212. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js +242 -0
  213. package/dist/src/lib/analyzers/python/security-checks/ai-generated-code.js.map +1 -0
  214. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts +24 -0
  215. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.d.ts.map +1 -0
  216. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js +207 -0
  217. package/dist/src/lib/analyzers/python/security-checks/authentication-flaws.js.map +1 -0
  218. package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts +27 -0
  219. package/dist/src/lib/analyzers/python/security-checks/code-quality.d.ts.map +1 -0
  220. package/dist/src/lib/analyzers/python/security-checks/code-quality.js +206 -0
  221. package/dist/src/lib/analyzers/python/security-checks/code-quality.js.map +1 -0
  222. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts +24 -0
  223. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.d.ts.map +1 -0
  224. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js +113 -0
  225. package/dist/src/lib/analyzers/python/security-checks/credentials-crypto.js.map +1 -0
  226. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts +20 -0
  227. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.d.ts.map +1 -0
  228. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js +129 -0
  229. package/dist/src/lib/analyzers/python/security-checks/crypto-failures.js.map +1 -0
  230. package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts +19 -0
  231. package/dist/src/lib/analyzers/python/security-checks/data-integrity.d.ts.map +1 -0
  232. package/dist/src/lib/analyzers/python/security-checks/data-integrity.js +90 -0
  233. package/dist/src/lib/analyzers/python/security-checks/data-integrity.js.map +1 -0
  234. package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts +20 -0
  235. package/dist/src/lib/analyzers/python/security-checks/deserialization.d.ts.map +1 -0
  236. package/dist/src/lib/analyzers/python/security-checks/deserialization.js +68 -0
  237. package/dist/src/lib/analyzers/python/security-checks/deserialization.js.map +1 -0
  238. package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts +25 -0
  239. package/dist/src/lib/analyzers/python/security-checks/django-security.d.ts.map +1 -0
  240. package/dist/src/lib/analyzers/python/security-checks/django-security.js +180 -0
  241. package/dist/src/lib/analyzers/python/security-checks/django-security.js.map +1 -0
  242. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts +23 -0
  243. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  244. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js +127 -0
  245. package/dist/src/lib/analyzers/python/security-checks/enhanced-supply-chain.js.map +1 -0
  246. package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts +23 -0
  247. package/dist/src/lib/analyzers/python/security-checks/exception-handling.d.ts.map +1 -0
  248. package/dist/src/lib/analyzers/python/security-checks/exception-handling.js +120 -0
  249. package/dist/src/lib/analyzers/python/security-checks/exception-handling.js.map +1 -0
  250. package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts +24 -0
  251. package/dist/src/lib/analyzers/python/security-checks/flask-security.d.ts.map +1 -0
  252. package/dist/src/lib/analyzers/python/security-checks/flask-security.js +143 -0
  253. package/dist/src/lib/analyzers/python/security-checks/flask-security.js.map +1 -0
  254. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts +28 -0
  255. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.d.ts.map +1 -0
  256. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js +174 -0
  257. package/dist/src/lib/analyzers/python/security-checks/injection-attacks.js.map +1 -0
  258. package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts +20 -0
  259. package/dist/src/lib/analyzers/python/security-checks/insecure-design.d.ts.map +1 -0
  260. package/dist/src/lib/analyzers/python/security-checks/insecure-design.js +160 -0
  261. package/dist/src/lib/analyzers/python/security-checks/insecure-design.js.map +1 -0
  262. package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts +20 -0
  263. package/dist/src/lib/analyzers/python/security-checks/logging-failures.d.ts.map +1 -0
  264. package/dist/src/lib/analyzers/python/security-checks/logging-failures.js +121 -0
  265. package/dist/src/lib/analyzers/python/security-checks/logging-failures.js.map +1 -0
  266. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts +26 -0
  267. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.d.ts.map +1 -0
  268. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js +248 -0
  269. package/dist/src/lib/analyzers/python/security-checks/nosql-injection.js.map +1 -0
  270. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts +26 -0
  271. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.d.ts.map +1 -0
  272. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js +375 -0
  273. package/dist/src/lib/analyzers/python/security-checks/security-misconfiguration.js.map +1 -0
  274. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts +26 -0
  275. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.d.ts.map +1 -0
  276. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js +160 -0
  277. package/dist/src/lib/analyzers/python/security-checks/ssrf-detection.js.map +1 -0
  278. package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts +23 -0
  279. package/dist/src/lib/analyzers/python/security-checks/web-security.d.ts.map +1 -0
  280. package/dist/src/lib/analyzers/python/security-checks/web-security.js +117 -0
  281. package/dist/src/lib/analyzers/python/security-checks/web-security.js.map +1 -0
  282. package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts +58 -0
  283. package/dist/src/lib/analyzers/python/utils/createVulnerability.d.ts.map +1 -0
  284. package/dist/src/lib/analyzers/python/utils/createVulnerability.js +71 -0
  285. package/dist/src/lib/analyzers/python/utils/createVulnerability.js.map +1 -0
  286. package/dist/src/lib/analyzers/python-analyzer.d.ts +111 -0
  287. package/dist/src/lib/analyzers/python-analyzer.d.ts.map +1 -0
  288. package/dist/src/lib/analyzers/python-analyzer.js +1600 -0
  289. package/dist/src/lib/analyzers/python-analyzer.js.map +1 -0
  290. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts +14 -0
  291. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.d.ts.map +1 -0
  292. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js +47 -0
  293. package/dist/src/lib/analyzers/secrets/patterns/api-keys/ai-providers.js.map +1 -0
  294. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts +13 -0
  295. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.d.ts.map +1 -0
  296. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js +36 -0
  297. package/dist/src/lib/analyzers/secrets/patterns/api-keys/aws.js.map +1 -0
  298. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts +15 -0
  299. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.d.ts.map +1 -0
  300. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js +68 -0
  301. package/dist/src/lib/analyzers/secrets/patterns/api-keys/cloud-providers.js.map +1 -0
  302. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts +15 -0
  303. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.d.ts.map +1 -0
  304. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js +68 -0
  305. package/dist/src/lib/analyzers/secrets/patterns/api-keys/communication.js.map +1 -0
  306. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts +12 -0
  307. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.d.ts.map +1 -0
  308. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js +45 -0
  309. package/dist/src/lib/analyzers/secrets/patterns/api-keys/generic.js.map +1 -0
  310. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts +14 -0
  311. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.d.ts.map +1 -0
  312. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js +47 -0
  313. package/dist/src/lib/analyzers/secrets/patterns/api-keys/github.js.map +1 -0
  314. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts +13 -0
  315. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.d.ts.map +1 -0
  316. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js +36 -0
  317. package/dist/src/lib/analyzers/secrets/patterns/api-keys/stripe.js.map +1 -0
  318. package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts +15 -0
  319. package/dist/src/lib/analyzers/secrets/patterns/api-keys.d.ts.map +1 -0
  320. package/dist/src/lib/analyzers/secrets/patterns/api-keys.js +32 -0
  321. package/dist/src/lib/analyzers/secrets/patterns/api-keys.js.map +1 -0
  322. package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts +15 -0
  323. package/dist/src/lib/analyzers/secrets/patterns/credentials.d.ts.map +1 -0
  324. package/dist/src/lib/analyzers/secrets/patterns/credentials.js +68 -0
  325. package/dist/src/lib/analyzers/secrets/patterns/credentials.js.map +1 -0
  326. package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts +16 -0
  327. package/dist/src/lib/analyzers/secrets/patterns/private-keys.d.ts.map +1 -0
  328. package/dist/src/lib/analyzers/secrets/patterns/private-keys.js +79 -0
  329. package/dist/src/lib/analyzers/secrets/patterns/private-keys.js.map +1 -0
  330. package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts +15 -0
  331. package/dist/src/lib/analyzers/secrets/patterns/tokens.d.ts.map +1 -0
  332. package/dist/src/lib/analyzers/secrets/patterns/tokens.js +58 -0
  333. package/dist/src/lib/analyzers/secrets/patterns/tokens.js.map +1 -0
  334. package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts +88 -0
  335. package/dist/src/lib/analyzers/secrets/secrets-analyzer.d.ts.map +1 -0
  336. package/dist/src/lib/analyzers/secrets/secrets-analyzer.js +162 -0
  337. package/dist/src/lib/analyzers/secrets/secrets-analyzer.js.map +1 -0
  338. package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts +56 -0
  339. package/dist/src/lib/analyzers/secrets/validators/context-checker.d.ts.map +1 -0
  340. package/dist/src/lib/analyzers/secrets/validators/context-checker.js +199 -0
  341. package/dist/src/lib/analyzers/secrets/validators/context-checker.js.map +1 -0
  342. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts +56 -0
  343. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.d.ts.map +1 -0
  344. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js +102 -0
  345. package/dist/src/lib/analyzers/secrets/validators/entropy-checker.js.map +1 -0
  346. package/dist/src/lib/analyzers/security-checks/es6-security.d.ts +38 -0
  347. package/dist/src/lib/analyzers/security-checks/es6-security.d.ts.map +1 -0
  348. package/dist/src/lib/analyzers/security-checks/es6-security.js +125 -0
  349. package/dist/src/lib/analyzers/security-checks/es6-security.js.map +1 -0
  350. package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts +46 -0
  351. package/dist/src/lib/analyzers/security-checks/python-async-security.d.ts.map +1 -0
  352. package/dist/src/lib/analyzers/security-checks/python-async-security.js +92 -0
  353. package/dist/src/lib/analyzers/security-checks/python-async-security.js.map +1 -0
  354. package/dist/src/lib/analyzers/security-checks/react-security.d.ts +49 -0
  355. package/dist/src/lib/analyzers/security-checks/react-security.d.ts.map +1 -0
  356. package/dist/src/lib/analyzers/security-checks/react-security.js +125 -0
  357. package/dist/src/lib/analyzers/security-checks/react-security.js.map +1 -0
  358. package/dist/src/lib/analyzers/types.d.ts +92 -0
  359. package/dist/src/lib/analyzers/types.d.ts.map +1 -0
  360. package/dist/src/lib/analyzers/types.js +3 -0
  361. package/dist/src/lib/analyzers/types.js.map +1 -0
  362. package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts +19 -0
  363. package/dist/src/lib/analyzers/typescript/security-checks/access-control.d.ts.map +1 -0
  364. package/dist/src/lib/analyzers/typescript/security-checks/access-control.js +210 -0
  365. package/dist/src/lib/analyzers/typescript/security-checks/access-control.js.map +1 -0
  366. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts +25 -0
  367. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.d.ts.map +1 -0
  368. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js +242 -0
  369. package/dist/src/lib/analyzers/typescript/security-checks/ai-generated-code.js.map +1 -0
  370. package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts +28 -0
  371. package/dist/src/lib/analyzers/typescript/security-checks/authentication.d.ts.map +1 -0
  372. package/dist/src/lib/analyzers/typescript/security-checks/authentication.js +357 -0
  373. package/dist/src/lib/analyzers/typescript/security-checks/authentication.js.map +1 -0
  374. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts +26 -0
  375. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.d.ts.map +1 -0
  376. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js +380 -0
  377. package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js.map +1 -0
  378. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts +23 -0
  379. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts.map +1 -0
  380. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js +109 -0
  381. package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js.map +1 -0
  382. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts +21 -0
  383. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts.map +1 -0
  384. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js +153 -0
  385. package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.js.map +1 -0
  386. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts +23 -0
  387. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.d.ts.map +1 -0
  388. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js +146 -0
  389. package/dist/src/lib/analyzers/typescript/security-checks/enhanced-supply-chain.js.map +1 -0
  390. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts +23 -0
  391. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.d.ts.map +1 -0
  392. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js +187 -0
  393. package/dist/src/lib/analyzers/typescript/security-checks/exception-handling.js.map +1 -0
  394. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts +19 -0
  395. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.d.ts.map +1 -0
  396. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js +97 -0
  397. package/dist/src/lib/analyzers/typescript/security-checks/information-disclosure.js.map +1 -0
  398. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts +29 -0
  399. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.d.ts.map +1 -0
  400. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js +319 -0
  401. package/dist/src/lib/analyzers/typescript/security-checks/injection-attacks.js.map +1 -0
  402. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts +21 -0
  403. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.d.ts.map +1 -0
  404. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js +121 -0
  405. package/dist/src/lib/analyzers/typescript/security-checks/logging-failures.js.map +1 -0
  406. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts +27 -0
  407. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.d.ts.map +1 -0
  408. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js +213 -0
  409. package/dist/src/lib/analyzers/typescript/security-checks/security-misconfiguration.js.map +1 -0
  410. package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts +19 -0
  411. package/dist/src/lib/analyzers/typescript/security-checks/type-security.d.ts.map +1 -0
  412. package/dist/src/lib/analyzers/typescript/security-checks/type-security.js +59 -0
  413. package/dist/src/lib/analyzers/typescript/security-checks/type-security.js.map +1 -0
  414. package/dist/src/lib/analyzers/typescript/type-checker.d.ts +17 -0
  415. package/dist/src/lib/analyzers/typescript/type-checker.d.ts.map +1 -0
  416. package/dist/src/lib/analyzers/typescript/type-checker.js +515 -0
  417. package/dist/src/lib/analyzers/typescript/type-checker.js.map +1 -0
  418. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts +58 -0
  419. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.d.ts.map +1 -0
  420. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js +71 -0
  421. package/dist/src/lib/analyzers/typescript/utils/createVulnerability.js.map +1 -0
  422. package/dist/src/lib/analyzers/typescript-analyzer.d.ts +116 -0
  423. package/dist/src/lib/analyzers/typescript-analyzer.d.ts.map +1 -0
  424. package/dist/src/lib/analyzers/typescript-analyzer.js +1660 -0
  425. package/dist/src/lib/analyzers/typescript-analyzer.js.map +1 -0
  426. package/dist/src/lib/security/compliance-mapping.d.ts +29 -0
  427. package/dist/src/lib/security/compliance-mapping.d.ts.map +1 -0
  428. package/dist/src/lib/security/compliance-mapping.js +1342 -0
  429. package/dist/src/lib/security/compliance-mapping.js.map +1 -0
  430. package/dist/src/lib/security/severity-scoring.d.ts +47 -0
  431. package/dist/src/lib/security/severity-scoring.d.ts.map +1 -0
  432. package/dist/src/lib/security/severity-scoring.js +965 -0
  433. package/dist/src/lib/security/severity-scoring.js.map +1 -0
  434. package/dist/src/lib/standards/references.d.ts +16 -0
  435. package/dist/src/lib/standards/references.d.ts.map +1 -0
  436. package/dist/src/lib/standards/references.js +1161 -0
  437. package/dist/src/lib/standards/references.js.map +1 -0
  438. package/dist/src/lib/types/index.d.ts +167 -0
  439. package/dist/src/lib/types/index.d.ts.map +1 -0
  440. package/dist/src/lib/types/index.js +3 -0
  441. package/dist/src/lib/types/index.js.map +1 -0
  442. package/dist/src/lib/utils/code-cleaner.d.ts +59 -0
  443. package/dist/src/lib/utils/code-cleaner.d.ts.map +1 -0
  444. package/dist/src/lib/utils/code-cleaner.js +283 -0
  445. package/dist/src/lib/utils/code-cleaner.js.map +1 -0
  446. package/package.json +51 -0
  447. package/src/commands/auth.ts +308 -0
  448. package/src/commands/config.ts +226 -0
  449. package/src/commands/init.ts +202 -0
  450. package/src/commands/scan.ts +238 -0
  451. package/src/config/config-loader.ts +175 -0
  452. package/src/reporters/cli-reporter.ts +282 -0
  453. package/src/scanner/local-scanner.ts +250 -0
  454. package/tsconfig.json +24 -0
  455. package/tsconfig.tsbuildinfo +1 -0
package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js ADDED
@@ -0,0 +1,380 @@
1
+ "use strict";
2
+ /**
3
+ * TypeScript Code Injection Security Checks
4
+ * OWASP A03:2021 - Injection
5
+ * OWASP A08:2021 - Software and Data Integrity Failures
6
+ * OWASP A10:2021 - Server-Side Request Forgery (SSRF)
7
+ *
8
+ * Detects SQL injection, command injection, path traversal, prototype pollution, and SSRF.
9
+ */
10
+ Object.defineProperty(exports, "__esModule", { value: true });
11
+ exports.checkCodeInjection = checkCodeInjection;
12
+ const createVulnerability_1 = require("../utils/createVulnerability");
13
+ /**
14
+ * Checks for code injection vulnerabilities in TypeScript code
15
+ *
16
+ * Covers:
17
+ * - Check #5: SSRF via Unsafe URL (CRITICAL) - Phase A P0
18
+ * - Check #6: Insecure Deserialization (CRITICAL) - Phase A P0
19
+ * - Check #11: Prototype pollution (HIGH)
20
+ * - Check #12: SQL Injection (CRITICAL)
21
+ * - Check #13: Command Injection (CRITICAL)
22
+ * - Check #14: Path Traversal (HIGH)
23
+ * - Check #9: XXE (XML External Entity) - HIGH - Phase B
24
+ *
25
+ * @param lines - Array of code lines
26
+ * @returns Array of security vulnerabilities found
27
+ */
28
+ function checkCodeInjection(lines) {
29
+ const vulnerabilities = [];
30
+ let inMultiLineComment = false;
31
+ // Track variables assigned from user input (for SSRF detection)
32
+ const userInputVariables = new Map(); // variable name -> line number
33
+ // Track variables assigned from JSON.parse() (for deserialization detection)
34
+ const jsonParseVariables = new Map(); // variable name -> line number
35
+ lines.forEach((line, index) => {
36
+ const lineNumber = index + 1;
37
+ const trimmed = line.trim();
38
+ // Track multi-line comment blocks (/* ... */)
39
+ if (trimmed.includes('/*')) {
40
+ inMultiLineComment = true;
41
+ }
42
+ if (trimmed.includes('*/')) {
43
+ inMultiLineComment = false;
44
+ return;
45
+ }
46
+ // Skip comments and empty lines
47
+ if (!trimmed || inMultiLineComment || trimmed.startsWith('//') || trimmed.startsWith('*'))
48
+ return;
49
+ // OWASP A08:2021 - Software and Data Integrity Failures
50
+ // 11. Prototype pollution - HIGH
51
+ if (trimmed.match(/__proto__|constructor\[.*\]|prototype\[/)) {
52
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('prototype-pollution', 'Possible prototype pollution vulnerability', 'Validate and sanitize input objects, use Object.create(null)', lineNumber, 'Attackers can modify Object.prototype via __proto__, constructor, or prototype access, affecting all objects and potentially leading to RCE or authentication bypass.', 'merge(target, source) where source = JSON.parse(\'{"__proto__": {"isAdmin": true}}\')', [
53
+ 'Remote Code Execution (RCE)',
54
+ 'Authentication bypass',
55
+ 'Privilege escalation',
56
+ 'DoS attacks'
57
+ ], 'function merge(target: any, source: any) {\n for (const key in source) {\n target[key] = source[key]; // DANGEROUS: allows __proto__ pollution\n }\n}', 'function merge(target: any, source: any) {\n for (const key in source) {\n if (key === "__proto__" || key === "constructor" || key === "prototype") continue;\n target[key] = source[key];\n }\n}', 'Filter out dangerous keys (__proto__, constructor, prototype) or use Object.create(null) for prototype-less objects'));
58
+ }
59
+ // OWASP A03:2021 - Injection
60
+ // 12. SQL Injection patterns - CRITICAL
61
+ if (trimmed.match(/SELECT.*FROM.*WHERE.*[+`$]/i) ||
62
+ trimmed.match(/query\s*=\s*[`'"].*\+/) ||
63
+ trimmed.match(/execute\(.*\+/)) {
64
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('sql-injection', 'CRITICAL: Possible SQL Injection', 'Use prepared statements/parameterized queries (?, $1)', lineNumber, 'Attackers can inject SQL commands through user input, enabling database compromise, data theft, or complete server takeover.', 'const query = "SELECT * FROM users WHERE id = " + userId; // userId = "1 OR 1=1; DROP TABLE users;--"', [
65
+ 'Complete database compromise',
66
+ 'Data theft and exfiltration',
67
+ 'Data modification or deletion',
68
+ 'Authentication bypass',
69
+ 'Remote code execution (via xp_cmdshell, etc.)'
70
+ ], 'const query = `SELECT * FROM users WHERE name = \'${userName}\'`; // VULNERABLE', 'const query = "SELECT * FROM users WHERE name = $1";\ndb.query(query, [userName]); // Use parameterized queries', 'Always use parameterized queries (prepared statements) - never concatenate user input into SQL strings'));
71
+ }
72
+ // 13. Command Injection - CRITICAL
73
+ if (trimmed.match(/exec\(|spawn\(|execFile\(/) && (trimmed.includes('+') || trimmed.includes('${'))) {
74
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('command-injection', 'CRITICAL: Possible Command Injection', 'Validate and escape inputs, use execFile() with array of args', lineNumber, 'Attackers can inject shell commands through user input, leading to complete system compromise via arbitrary command execution.', 'exec("ls " + userInput) where userInput = "; rm -rf / #"', [
75
+ 'Remote Code Execution (RCE)',
76
+ 'Complete system compromise',
77
+ 'Data theft and destruction',
78
+ 'Malware installation',
79
+ 'Lateral movement in networks'
80
+ ], 'const cmd = `ping ${userInput}`;\nexec(cmd); // VULNERABLE to command injection', 'import { execFile } from "child_process";\nexecFile("ping", [userInput]); // Safe: args are escaped', 'Use execFile() with array arguments instead of exec(). Arguments are automatically escaped and cannot break out of the command'));
81
+ }
82
+ // 14. Path Traversal - HIGH
83
+ // ENHANCED: Now detects template literals (${variable}) and string concatenation
84
+ if (trimmed.match(/readFile|writeFile|unlink|rmdir/) &&
85
+ (trimmed.match(/\.\.\/|\.\.\\|\+.*path/) || // Original: ../ or + path
86
+ trimmed.match(/\$\{[^}]*\}/) || // NEW: Template literal variables
87
+ trimmed.match(/\+\s*\w+/))) { // ENHANCED: String concatenation
88
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('path-traversal', 'Path Traversal: file access without validation', 'Use path.resolve(), path.normalize() and validate against whitelist', lineNumber, 'Attackers can use ../ sequences to access files outside the intended directory, potentially reading sensitive files like /etc/passwd or application secrets.', 'readFile("./uploads/" + filename) where filename = "../../etc/passwd"', [
89
+ 'Unauthorized file access',
90
+ 'Sensitive data exposure (/etc/passwd, .env files)',
91
+ 'Source code disclosure',
92
+ 'Configuration file theft'
93
+ ], 'const filePath = "./uploads/" + userFilename;\nfs.readFile(filePath); // VULNERABLE to path traversal', 'import path from "path";\nconst safeDir = path.resolve("./uploads");\nconst filePath = path.resolve(safeDir, userFilename);\nif (!filePath.startsWith(safeDir)) throw new Error("Invalid path");\nfs.readFile(filePath);', 'Use path.resolve() to canonicalize paths and validate that the final path is within the allowed directory'));
94
+ }
95
+ // =============================================================================
96
+ // PHASE A P0 - SSRF Detection (Dec 20, 2025)
97
+ // =============================================================================
98
+ // Track user input variable assignments
99
+ // Pattern: const url = req.query.url; const endpoint = req.body.endpoint;
100
+ const userInputAssignment = trimmed.match(/^(?:const|let|var)\s+(\w+)\s*=\s*(req\.(query|body|params|headers)|req\.json\(\))/);
101
+ if (userInputAssignment) {
102
+ const varName = userInputAssignment[1];
103
+ userInputVariables.set(varName, lineNumber);
104
+ }
105
+ // Check #5: SSRF via Unsafe URL - CRITICAL
106
+ // Detect HTTP client method calls with user-controlled URLs
107
+ // OWASP A10:2021 - Server-Side Request Forgery
108
+ // CWE-918: Server-Side Request Forgery (SSRF)
109
+ // Pattern 1: fetch() with user-controlled URL
110
+ if (trimmed.match(/\bfetch\s*\(/)) {
111
+ const fetchCallMatch = trimmed.match(/\bfetch\s*\(\s*([^,)]+)/);
112
+ if (fetchCallMatch) {
113
+ const urlArg = fetchCallMatch[1].trim();
114
+ // Check for direct user input
115
+ const hasDirectUserInput = urlArg.includes('req.query') ||
116
+ urlArg.includes('req.body') ||
117
+ urlArg.includes('req.params') ||
118
+ urlArg.includes('req.headers') ||
119
+ urlArg.includes('req.json()');
120
+ // Check for user input variable
121
+ const hasUserInputVariable = userInputVariables.has(urlArg);
122
+ // Check for template literal with user input
123
+ const hasTemplateLiteralWithInput = trimmed.includes('`') &&
124
+ (trimmed.includes('${req.') || trimmed.match(/\$\{[^}]*\}/));
125
+ // Check for string concatenation with potential user input
126
+ const hasStringConcat = urlArg.includes('+') && !urlArg.match(/^['"`]/);
127
+ if (hasDirectUserInput || hasUserInputVariable || hasTemplateLiteralWithInput || hasStringConcat) {
128
+ // Exclude safe patterns: hardcoded URLs
129
+ const isHardcodedUrl = urlArg.match(/^['"`]https?:\/\//);
130
+ if (!isHardcodedUrl) {
131
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('ssrf', 'SSRF: fetch() with user-controlled URL allows access to internal services', 'Use URL allowlist validation and block private IP ranges', lineNumber, 'Server-Side Request Forgery (SSRF) allows attackers to make the server send requests to internal services, cloud metadata endpoints (AWS, GCP), or arbitrary external URLs. This can expose sensitive data, bypass firewalls, access internal admin panels, or leak cloud credentials.', 'const url = req.query.url; fetch(url); // Attack: url="http://169.254.169.254/latest/meta-data/iam/security-credentials/" → AWS credentials leaked', [
132
+ 'Access to internal services (databases, admin panels, Redis, etc.)',
133
+ 'Cloud metadata endpoint access (AWS, GCP, Azure credentials)',
134
+ 'Port scanning internal network',
135
+ 'Bypass firewall and access control',
136
+ 'Read local files via file:// protocol',
137
+ 'Denial of Service (request loops, large files)',
138
+ 'Data exfiltration to attacker-controlled server'
139
+ ], `const url = req.query.url;\nconst response = await fetch(url); // SSRF vulnerability!`, 'const ALLOWED_HOSTS = [\'api.example.com\', \'cdn.example.com\'];\nconst url = new URL(req.query.url);\nif (!ALLOWED_HOSTS.includes(url.hostname)) throw new Error(\'Invalid URL\');\n// Also block private IPs: 127.0.0.1, 10.0.0.0/8, 192.168.0.0/16, 169.254.0.0/16\nconst response = await fetch(url.toString());', 'Always validate URLs using an allowlist of permitted hostnames. Block private IP ranges (127.0.0.1, 10.0.0.0/8, 192.168.0.0/16, 172.16.0.0/12, 169.254.0.0/16) and cloud metadata endpoints (169.254.169.254). Use URL parsing (new URL()) to prevent bypasses. Never use user input directly in fetch/axios/http.request.'));
140
+ }
141
+ }
142
+ }
143
+ }
144
+ // Pattern 2: axios methods with user-controlled URL
145
+ if (trimmed.match(/axios\.(get|post|put|patch|delete|head|options|request)\s*\(/)) {
146
+ const axiosCallMatch = trimmed.match(/axios\.(get|post|put|patch|delete|head|options|request)\s*\(\s*([^,)]+)/);
147
+ if (axiosCallMatch) {
148
+ const urlArg = axiosCallMatch[2].trim();
149
+ const hasDirectUserInput = urlArg.includes('req.query') ||
150
+ urlArg.includes('req.body') ||
151
+ urlArg.includes('req.params') ||
152
+ urlArg.includes('req.headers');
153
+ const hasUserInputVariable = userInputVariables.has(urlArg);
154
+ const hasTemplateLiteralWithInput = trimmed.includes('`') &&
155
+ (trimmed.includes('${req.') || trimmed.match(/\$\{[^}]*\}/));
156
+ if (hasDirectUserInput || hasUserInputVariable || hasTemplateLiteralWithInput) {
157
+ const isHardcodedUrl = urlArg.match(/^['"`]https?:\/\//);
158
+ if (!isHardcodedUrl) {
159
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('ssrf', `SSRF: axios.${axiosCallMatch[1]}() with user-controlled URL`, 'Use URL allowlist validation and block private IP ranges', lineNumber, 'Server-Side Request Forgery (SSRF) via axios allows attackers to abuse the server as a proxy to access internal services, cloud metadata endpoints, or scan internal networks.', `axios.${axiosCallMatch[1]}(userUrl) // Attack: userUrl="http://localhost:6379/admin" → access internal Redis admin`, [
160
+ 'Internal service access',
161
+ 'Cloud credentials theft',
162
+ 'Internal network reconnaissance',
163
+ 'Firewall bypass',
164
+ 'Data exfiltration'
165
+ ], `const url = req.body.url;\nconst response = await axios.${axiosCallMatch[1]}(url);`, 'const ALLOWED_HOSTS = [\'api.example.com\'];\nconst url = new URL(req.body.url);\nif (!ALLOWED_HOSTS.includes(url.hostname)) throw new Error(\'Invalid URL\');\nconst response = await axios.get(url.toString());', 'Validate all URLs against an allowlist. Block private IPs and cloud metadata endpoints. Use URL parsing to prevent protocol and hostname bypasses.'));
166
+ }
167
+ }
168
+ }
169
+ }
170
+ // Pattern 3: http.request() / https.request() with user-controlled options
171
+ if (trimmed.match(/(http|https)\.request\s*\(/)) {
172
+ const hasUserInput = trimmed.includes('req.query') ||
173
+ trimmed.includes('req.body') ||
174
+ trimmed.includes('req.params') ||
175
+ trimmed.includes('req.headers');
176
+ // Check for hostname/host in options object
177
+ const hasHostnameOption = trimmed.match(/hostname\s*:\s*([^,}]+)/);
178
+ if (hasUserInput || hasHostnameOption) {
179
+ const hostnameArg = hasHostnameOption ? hasHostnameOption[1].trim() : '';
180
+ const hasUserControlledHost = hostnameArg.includes('req.') ||
181
+ userInputVariables.has(hostnameArg) ||
182
+ hasUserInput;
183
+ if (hasUserControlledHost) {
184
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('ssrf', 'SSRF: http.request() with user-controlled hostname', 'Validate hostname against allowlist', lineNumber, 'User-controlled hostname in http.request() allows SSRF attacks to access internal services and cloud metadata endpoints.', 'http.request({ hostname: req.body.host }) // Attack: host="169.254.169.254" → AWS metadata', [
185
+ 'Internal service access',
186
+ 'Cloud credentials theft',
187
+ 'Port scanning',
188
+ 'Firewall bypass'
189
+ ], 'const options = { hostname: req.body.host, path: \'/\' };\nhttp.request(options);', 'const ALLOWED_HOSTS = [\'api.example.com\'];\nif (!ALLOWED_HOSTS.includes(req.body.host)) throw new Error(\'Invalid host\');\nconst options = { hostname: req.body.host, path: \'/\' };\nhttp.request(options);', 'Validate all hostnames against an allowlist. Never allow user input to directly control the hostname parameter.'));
190
+ }
191
+ }
192
+ }
193
+ // Pattern 4: URL construction with user input (template literals or concatenation)
194
+ if (trimmed.match(/(?:const|let|var)\s+\w+\s*=\s*`.*\$\{.*\}`/) && trimmed.includes('req.')) {
195
+ // Check if this URL variable is used in fetch/axios
196
+ const urlVarMatch = trimmed.match(/(?:const|let|var)\s+(\w+)\s*=\s*`([^`]*\$\{[^}]*\}[^`]*)`/);
197
+ if (urlVarMatch) {
198
+ const urlVarName = urlVarMatch[1];
199
+ const urlTemplate = urlVarMatch[2];
200
+ // Check if template contains user input
201
+ const hasUserInput = urlTemplate.includes('req.query') ||
202
+ urlTemplate.includes('req.body') ||
203
+ urlTemplate.includes('req.params') ||
204
+ urlTemplate.includes('req.headers');
205
+ if (hasUserInput) {
206
+ // Mark this variable as user-controlled for future fetch/axios detection
207
+ userInputVariables.set(urlVarName, lineNumber);
208
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('ssrf', 'SSRF: URL constructed with user input - vulnerable to SSRF attacks', 'Validate and sanitize user input, use URL allowlist', lineNumber, 'Constructing URLs with unsanitized user input allows attackers to inject malicious hostnames, paths, or protocols, leading to SSRF attacks on internal services.', `const url = \`https://api.example.com/\${req.params.endpoint}\`; // Attack: endpoint="../../../admin" or "@attacker.com/?" → URL manipulation`, [
209
+ 'URL injection and manipulation',
210
+ 'Access to internal services',
211
+ 'Protocol smuggling (http → file, gopher, etc.)',
212
+ 'Hostname injection',
213
+ 'Path traversal in URLs'
214
+ ], `const url = \`https://api.example.com/\${req.query.path}\`;\nfetch(url);`, 'const ALLOWED_PATHS = [\'/users\', \'/posts\'];\nconst path = req.query.path;\nif (!ALLOWED_PATHS.includes(path)) throw new Error(\'Invalid path\');\nconst url = \`https://api.example.com\${path}\`;\nfetch(url);', 'Never interpolate user input directly into URLs. Use allowlists for paths/endpoints. Validate with URL parsing (new URL()) to prevent hostname injection. Block dangerous protocols (file, gopher, dict).'));
215
+ }
216
+ }
217
+ }
218
+ // =============================================================================
219
+ // PHASE A P0 - Insecure Deserialization Detection (Dec 20, 2025)
220
+ // =============================================================================
221
+ // Track JSON.parse() variable assignments
222
+ // Pattern: const userData = JSON.parse(req.body); const config = JSON.parse(input);
223
+ const jsonParseAssignment = trimmed.match(/^(?:const|let|var)\s+(\w+)\s*=\s*JSON\.parse\s*\(/);
224
+ if (jsonParseAssignment) {
225
+ const varName = jsonParseAssignment[1];
226
+ jsonParseVariables.set(varName, lineNumber);
227
+ }
228
+ // Check #6: Insecure Deserialization - CRITICAL
229
+ // Detect JSON.parse() with object merge operations (prototype pollution risk)
230
+ // OWASP A08:2021 - Software and Data Integrity Failures
231
+ // CWE-502: Deserialization of Untrusted Data
232
+ // Pattern 1: Object.assign() with JSON.parse() result
233
+ if (trimmed.match(/Object\.assign\s*\(/)) {
234
+ const assignMatch = trimmed.match(/Object\.assign\s*\([^,]*,\s*([^,)]+)/);
235
+ if (assignMatch) {
236
+ const sourceArg = assignMatch[1].trim();
237
+ // Check if source is from JSON.parse()
238
+ const hasJsonParse = sourceArg.includes('JSON.parse');
239
+ const hasJsonParseVariable = jsonParseVariables.has(sourceArg);
240
+ // Check if JSON.parse() input is from user
241
+ const hasUserInput = trimmed.includes('req.body') ||
242
+ trimmed.includes('req.query') ||
243
+ trimmed.includes('req.params') ||
244
+ trimmed.includes('req.json()');
245
+ if ((hasJsonParse || hasJsonParseVariable) && (hasUserInput || hasJsonParseVariable)) {
246
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('deserialization', 'Insecure deserialization: Object.assign() with JSON.parse() allows prototype pollution', 'Filter dangerous keys (__proto__, constructor, prototype) before merge', lineNumber, 'Using Object.assign() with unsanitized JSON.parse() results allows attackers to inject __proto__, constructor, or prototype properties, polluting Object.prototype. This can lead to authentication bypass, privilege escalation, or remote code execution by modifying behavior of all objects in the application.', 'const userData = JSON.parse(req.body); Object.assign(target, userData); // Attack: {"__proto__": {"isAdmin": true}} → ALL objects now have isAdmin=true', [
247
+ 'Prototype pollution of Object.prototype',
248
+ 'Authentication bypass (inject isAdmin, isAuthenticated)',
249
+ 'Privilege escalation',
250
+ 'Remote Code Execution (RCE)',
251
+ 'Denial of Service',
252
+ 'Application-wide state corruption'
253
+ ], 'const userData = JSON.parse(req.body);\nObject.assign(target, userData); // VULNERABLE!', 'const userData = JSON.parse(req.body);\nconst safe = Object.keys(userData)\n .filter(key => ![\'__proto__\', \'constructor\', \'prototype\'].includes(key))\n .reduce((obj, key) => ({ ...obj, [key]: userData[key] }), {});\nObject.assign(target, safe);', 'Always filter dangerous keys (__proto__, constructor, prototype) before merging parsed JSON. Use schema validation (zod, joi) that rejects these keys. Or use Object.create(null) for prototype-less objects. Never merge unsanitized user input into objects.'));
254
+ }
255
+ }
256
+ }
257
+ // Pattern 2: Spread operator with JSON.parse()
258
+ if (trimmed.match(/\.\.\.\s*JSON\.parse\s*\(/) ||
259
+ trimmed.match(/\.\.\.\s*\w+/)) {
260
+ // Check for spread with direct JSON.parse()
261
+ const hasDirectSpreadParse = trimmed.match(/\.\.\.\s*JSON\.parse\s*\(/);
262
+ // Check for spread with JSON.parse() variable (e.g., { ...userData } or { defaults: true, ...userData })
263
+ const spreadVarMatch = trimmed.match(/\.\.\.\s*(\w+)/);
264
+ const hasSpreadWithParsedVar = spreadVarMatch && jsonParseVariables.has(spreadVarMatch[1]);
265
+ if (hasDirectSpreadParse || hasSpreadWithParsedVar) {
266
+ const hasUserInput = trimmed.includes('req.body') ||
267
+ trimmed.includes('req.query') ||
268
+ trimmed.includes('req.params');
269
+ if (hasUserInput || hasSpreadWithParsedVar) {
270
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('deserialization', 'Insecure deserialization: Spread operator with JSON.parse() allows prototype pollution', 'Filter dangerous keys before spreading parsed JSON', lineNumber, 'Spread operator with unsanitized JSON.parse() results allows __proto__ pollution. Attackers can inject properties into Object.prototype, affecting all objects and potentially leading to authentication bypass or RCE.', 'const config = { ...JSON.parse(req.body) }; // Attack: {"__proto__": {"isAdmin": true}} → prototype polluted', [
271
+ 'Prototype pollution via spread operator',
272
+ 'Authentication bypass',
273
+ 'Privilege escalation',
274
+ 'Remote Code Execution',
275
+ 'Global state corruption'
276
+ ], 'const config = { ...JSON.parse(userInput) }; // VULNERABLE!', 'const parsed = JSON.parse(userInput);\nconst safe = Object.keys(parsed)\n .filter(key => ![\'__proto__\', \'constructor\', \'prototype\'].includes(key))\n .reduce((obj, key) => ({ ...obj, [key]: parsed[key] }), {});\nconst config = { ...safe };', 'Filter dangerous keys before using spread operator with parsed JSON. Use schema validation libraries that reject __proto__. Validate object shape before merging.'));
277
+ }
278
+ }
279
+ }
280
+ // Pattern 3: Deep merge libraries (lodash _.merge, _.extend)
281
+ if (trimmed.match(/(_\.merge|_\.extend|merge|extend)\s*\(/)) {
282
+ const mergeMatch = trimmed.match(/(_\.merge|_\.extend|merge|extend)\s*\([^,]*,\s*([^,)]+)/);
283
+ if (mergeMatch) {
284
+ const sourceArg = mergeMatch[2].trim();
285
+ const hasJsonParse = sourceArg.includes('JSON.parse');
286
+ const hasJsonParseVariable = jsonParseVariables.has(sourceArg);
287
+ const hasUserInput = trimmed.includes('req.body') ||
288
+ trimmed.includes('req.query') ||
289
+ trimmed.includes('req.params');
290
+ if ((hasJsonParse || hasJsonParseVariable) && (hasUserInput || hasJsonParseVariable)) {
291
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('deserialization', 'Insecure deserialization: Deep merge with JSON.parse() allows prototype pollution', 'Use safe merge libraries or filter dangerous keys', lineNumber, 'Deep merge functions (_.merge, _.extend) with unsanitized JSON.parse() results enable __proto__ pollution. Lodash merge recursively copies properties including __proto__, polluting Object.prototype and affecting all objects globally.', '_.merge(target, JSON.parse(req.body)); // Attack: {"__proto__": {"isAdmin": true}} → prototype polluted', [
292
+ 'Prototype pollution via deep merge',
293
+ 'Authentication bypass',
294
+ 'Privilege escalation',
295
+ 'Remote Code Execution',
296
+ 'Recursive pollution of nested objects'
297
+ ], 'const userData = JSON.parse(req.body);\n_.merge(config, userData); // VULNERABLE!', 'import { merge } from \'lodash-es\';\nconst userData = JSON.parse(req.body);\nconst safe = Object.keys(userData)\n .filter(key => ![\'__proto__\', \'constructor\', \'prototype\'].includes(key))\n .reduce((obj, key) => ({ ...obj, [key]: userData[key] }), {});\nmerge(config, safe);', 'Use safe merge alternatives or filter dangerous keys. Libraries like \'just-safe-set\' prevent prototype pollution. Always validate and sanitize user input before merging. Use schema validation (zod, joi) that rejects __proto__.'));
298
+ }
299
+ }
300
+ }
301
+ // Pattern 4: Direct JSON.parse() with user input (warn about potential misuse)
302
+ if (trimmed.match(/JSON\.parse\s*\(/) &&
303
+ (trimmed.includes('req.body') ||
304
+ trimmed.includes('req.query') ||
305
+ trimmed.includes('req.params'))) {
306
+ // Check if this line is just assignment (not already caught by merge/spread)
307
+ const isSimpleAssignment = trimmed.match(/^(?:const|let|var)\s+\w+\s*=\s*JSON\.parse/);
308
+ if (isSimpleAssignment) {
309
+ // Look ahead to next few lines to see if result is used in unsafe operations
310
+ const nextLines = lines.slice(index + 1, Math.min(index + 6, lines.length));
311
+ const hasUnsafeUsage = nextLines.some(nextLine => {
312
+ const lowerLine = nextLine.toLowerCase();
313
+ return (lowerLine.includes('object.assign') ||
314
+ lowerLine.includes('.merge') ||
315
+ lowerLine.includes('.extend') ||
316
+ lowerLine.match(/\{\s*\.\.\./));
317
+ });
318
+ if (hasUnsafeUsage) {
319
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('deserialization', 'Potentially insecure JSON deserialization - ensure __proto__ filtering', 'Filter dangerous keys before using parsed JSON in object operations', lineNumber, 'JSON.parse() with user input followed by object merge operations can enable prototype pollution if __proto__ is not filtered.', 'const data = JSON.parse(req.body); // Later used in Object.assign() → prototype pollution risk', [
320
+ 'Potential prototype pollution',
321
+ 'Authentication bypass risk',
322
+ 'Privilege escalation risk'
323
+ ], 'const data = JSON.parse(req.body);\n// Later: Object.assign(target, data);', 'const parsed = JSON.parse(req.body);\nconst data = Object.keys(parsed)\n .filter(key => ![\'__proto__\', \'constructor\', \'prototype\'].includes(key))\n .reduce((obj, key) => ({ ...obj, [key]: parsed[key] }), {});', 'Always filter dangerous keys after JSON.parse() if result will be merged into objects. Use schema validation that rejects __proto__.'));
324
+ }
325
+ }
326
+ }
327
+ // =============================================================================
328
+ // PHASE B - XXE (XML External Entity) Detection (Dec 20, 2025)
329
+ // =============================================================================
330
+ // 9. XXE - XML External Entity - HIGH
331
+ // Pattern: XML parsing without secure options (DTD/external entity disabling)
332
+ // Detects: xml2js.parseString(), libxmljs.parseXml(), DOMParser.parseFromString()
333
+ const xmlParseMethods = [
334
+ { method: 'xml2js.parseString', secureOption: null },
335
+ { method: 'parseString', secureOption: null }, // xml2js method called directly
336
+ { method: 'libxmljs.parseXml', secureOption: 'noent: false' },
337
+ { method: 'parseXml', secureOption: 'noent: false' }, // libxmljs method
338
+ { method: 'DOMParser', secureOption: null },
339
+ { method: 'parseFromString', secureOption: null } // DOMParser method
340
+ ];
341
+ for (const xmlMethod of xmlParseMethods) {
342
+ if (trimmed.includes(xmlMethod.method)) {
343
+ // Check if parsing user-controlled XML
344
+ const hasUserInput = trimmed.includes('req.body') ||
345
+ trimmed.includes('req.json()') ||
346
+ trimmed.includes('req.query') ||
347
+ trimmed.includes('req.params') ||
348
+ Array.from(userInputVariables.keys()).some(varName => trimmed.includes(varName));
349
+ if (hasUserInput) {
350
+ // For xml2js and DOMParser, any usage with user input is vulnerable
351
+ // (they don't disable DTD by default)
352
+ if (xmlMethod.method.includes('xml2js') || xmlMethod.method.includes('parseString') ||
353
+ xmlMethod.method.includes('DOMParser') || xmlMethod.method.includes('parseFromString')) {
354
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('xxe', `XXE (XML External Entity) risk via ${xmlMethod.method}() with user-controlled XML`, 'Disable DTD processing and external entities in XML parser', lineNumber, 'XML parsers that process Document Type Definitions (DTD) and external entities are vulnerable to XXE attacks. Attackers can read local files, perform SSRF attacks, or cause denial of service by referencing external resources in malicious XML.', `${xmlMethod.method}(req.body.xml) // Attack: XML with <!DOCTYPE foo [<!ENTITY xxe SYSTEM "file:///etc/passwd">]> reads sensitive files`, [
355
+ 'Local file disclosure (read /etc/passwd, application secrets)',
356
+ 'Server-Side Request Forgery (SSRF) to internal services',
357
+ 'Denial of Service (billion laughs attack)',
358
+ 'Remote Code Execution (in rare cases with PHP expect)',
359
+ 'Port scanning of internal network'
360
+ ], `import xml2js from 'xml2js';\nconst parser = new xml2js.Parser();\nparser.parseString(req.body.xml, callback); // Vulnerable: DTD enabled by default`, `import xml2js from 'xml2js';\nconst parser = new xml2js.Parser({\n explicitRoot: false,\n explicitArray: false,\n // CRITICAL: Disable DTD processing to prevent XXE\n // xml2js uses sax parser - need to configure sax options\n strict: false,\n // For libxmljs:\n // { noent: false, dtdload: false, dtdvalid: false }\n});\nparser.parseString(req.body.xml, callback);`, 'Always disable DTD processing and external entity resolution in XML parsers. For xml2js, use sax parser with secure options. For libxmljs, set noent: false. For DOMParser, do not use with untrusted XML. Consider using JSON instead of XML for APIs.'));
361
+ }
362
+ // For libxmljs, check if secure options are present
363
+ else if (xmlMethod.method.includes('libxmljs') || xmlMethod.method.includes('parseXml')) {
364
+ const hasSecureOption = trimmed.includes('noent') && trimmed.includes('false');
365
+ if (!hasSecureOption) {
366
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('xxe', `XXE (XML External Entity) risk via ${xmlMethod.method}() without secure options`, 'Set noent: false to disable entity expansion', lineNumber, 'libxmljs XML parser enables entity expansion by default, allowing XXE attacks through malicious XML documents containing external entity references.', `${xmlMethod.method}(userXml) // Attack: <!ENTITY xxe SYSTEM "http://internal.server/admin"> causes SSRF`, [
367
+ 'XML External Entity injection',
368
+ 'Local file disclosure',
369
+ 'SSRF attacks',
370
+ 'Denial of Service'
371
+ ], `libxmljs.parseXml(req.body.xml); // Missing noent: false`, `libxmljs.parseXml(req.body.xml, { noent: false, dtdload: false, dtdvalid: false });`, 'Always configure libxmljs with noent: false, dtdload: false, and dtdvalid: false to prevent XXE'));
372
+ }
373
+ }
374
+ }
375
+ }
376
+ }
377
+ });
378
+ return vulnerabilities;
379
+ }
380
+ //# sourceMappingURL=code-injection.js.map
package/dist/src/lib/analyzers/typescript/security-checks/code-injection.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"code-injection.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/typescript/security-checks/code-injection.ts"],"names":[],"mappings":";AAAA;;;;;;;GAOG;;AAoBH,gDAskBC;AAvlBD,sEAAqF;AAErF;;;;;;;;;;;;;;GAcG;AACH,SAAgB,kBAAkB,CAChC,KAAe;IAEf,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,gEAAgE;IAChE,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC,CAAC,+BAA+B;IAErF,6EAA6E;IAC7E,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC,CAAC,+BAA+B;IAErF,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,8CAA8C;QAC9C,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO;QACT,CAAC;QAED,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,kBAAkB,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO;QAElG,wDAAwD;QACxD,iCAAiC;QACjC,IAAI,OAAO,CAAC,KAAK,CAAC,yCAAyC,CAAC,EAAE,CAAC;YAC7D,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,qBAAqB,EACrB,4CAA4C,EAC5C,8DAA8D,EAC9D,UAAU,EACV,uKAAuK,EACvK,uFAAuF,EACvF;gBACE,6BAA6B;gBAC7B,uBAAuB;gBACvB,sBAAsB;gBACtB,aAAa;aACd,EACD,4JAA4J,EAC5J,2MAA2M,EAC3M,qHAAqH,CACtH,CAAC,CAAC;QACL,CAAC;QAED,6BAA6B;QAC7B,wCAAwC;QACxC,IAAI,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC;YAC5C,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC;YACtC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;YACnC,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,eAAe,EACf,kCAAkC,EAClC,uDAAuD,EACvD,UAAU,EACV,8HAA8H,EAC9H,uGAAuG,EACvG;gBACE,8BAA8B;gBAC9B,6BAA6B;gBAC7B,+BAA+B;gBAC/B,uBAAuB;gBACvB,+CAA+C;aAChD,EACD,iFAAiF,EACjF,iHAAiH,EACjH,wGAAwG,CACzG,CAAC,CAAC;QACL,CAAC;QAED,mCAAmC;QACnC,IAAI,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YACpG,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,mBAAmB,EACnB,sCAAsC,EACtC,+DAA+D,EAC/D,UAAU,EACV,gIAAgI,EAChI,0DAA0D,EAC1D;gBACE,6BAA6B;gBAC7B,4BAA4B;gBAC5B,4BAA4B;gBAC5B,sBAAsB;gBACtB,8BAA8B;aAC/B,EACD,iFAAiF,EACjF,qGAAqG,EACrG,gIAAgI,CACjI,CAAC,CAAC;QACL,CAAC;QAED,4BAA4B;QAC5B,iFAAiF;QACjF,IAAI,OAAO,CAAC,KAAK,CAAC,iCAAiC,CAAC;YAChD,CAAC,OAAO,CAAC,KAAK,CAAC,wBAAwB,CAAC,IAAM,0BAA0B;gBACvE,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,IAAiB,kCAAkC;gBAC/E,OAAO,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC,CAAgB,iCAAiC;YACjF,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,gBAAgB,EAChB,gDAAgD,EAChD,qEAAqE,EACrE,UAAU,EACV,8JAA8J,EAC9J,uEAAuE,EACvE;gBACE,0BAA0B;gBAC1B,mDAAmD;gBACnD,wBAAwB;gBACxB,0BAA0B;aAC3B,EACD,uGAAuG,EACvG,0NAA0N,EAC1N,2GAA2G,CAC5G,CAAC,CAAC;QACL,CAAC;QAED,gFAAgF;QAChF,6CAA6C;QAC7C,gFAAgF;QAEhF,wCAAwC;QACxC,0EAA0E;QAC1E,MAAM,mBAAmB,GAAG,OAAO,CAAC,KAAK,CAAC,mFAAmF,CAAC,CAAC;QAC/H,IAAI,mBAAmB,EAAE,CAAC;YACxB,MAAM,OAAO,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;YACvC,kBAAkB,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC9C,CAAC;QAED,2CAA2C;QAC3C,4DAA4D;QAC5D,+CAA+C;QAC/C,8CAA8C;QAE9C,8CAA8C;QAC9C,IAAI,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;YAClC,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAEhE,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExC,8BAA8B;gBAC9B,MAAM,kBAAkB,GACtB,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;oBAC5B,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC3B,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAC7B,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC;oBAC9B,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAEhC,gCAAgC;gBAChC,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAE5D,6CAA6C;gBAC7C,MAAM,2BAA2B,GAC/B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;oBACrB,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC;gBAE/D,2DAA2D;gBAC3D,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAExE,IAAI,kBAAkB,IAAI,oBAAoB,IAAI,2BAA2B,IAAI,eAAe,EAAE,CAAC;oBACjG,wCAAwC;oBACxC,MAAM,cAAc,GAAG,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;oBAEzD,IAAI,CAAC,cAAc,EAAE,CAAC;wBACpB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,MAAM,EACN,2EAA2E,EAC3E,0DAA0D,EAC1D,UAAU,EACV,wRAAwR,EACxR,oJAAoJ,EACpJ;4BACE,oEAAoE;4BACpE,8DAA8D;4BAC9D,gCAAgC;4BAChC,oCAAoC;4BACpC,uCAAuC;4BACvC,gDAAgD;4BAChD,iDAAiD;yBAClD,EACD,uFAAuF,EACvF,uTAAuT,EACvT,4TAA4T,CAC7T,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,oDAAoD;QACpD,IAAI,OAAO,CAAC,KAAK,CAAC,8DAA8D,CAAC,EAAE,CAAC;YAClF,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,yEAAyE,CAAC,CAAC;YAEhH,IAAI,cAAc,EAAE,CAAC;gBACnB,MAAM,MAAM,GAAG,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExC,MAAM,kBAAkB,GACtB,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC;oBAC5B,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC3B,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAC7B,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAEjC,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAE5D,MAAM,2BAA2B,GAC/B,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;oBACrB,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,CAAC;gBAE/D,IAAI,kBAAkB,IAAI,oBAAoB,IAAI,2BAA2B,EAAE,CAAC;oBAC9E,MAAM,cAAc,GAAG,MAAM,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;oBAEzD,IAAI,CAAC,cAAc,EAAE,CAAC;wBACpB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,MAAM,EACN,eAAe,cAAc,CAAC,CAAC,CAAC,6BAA6B,EAC7D,0DAA0D,EAC1D,UAAU,EACV,gLAAgL,EAChL,SAAS,cAAc,CAAC,CAAC,CAAC,0FAA0F,EACpH;4BACE,yBAAyB;4BACzB,yBAAyB;4BACzB,iCAAiC;4BACjC,iBAAiB;4BACjB,mBAAmB;yBACpB,EACD,2DAA2D,cAAc,CAAC,CAAC,CAAC,QAAQ,EACpF,mNAAmN,EACnN,oJAAoJ,CACrJ,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,IAAI,OAAO,CAAC,KAAK,CAAC,4BAA4B,CAAC,EAAE,CAAC;YAChD,MAAM,YAAY,GAChB,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC7B,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAC5B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAC9B,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;YAElC,4CAA4C;YAC5C,MAAM,iBAAiB,GAAG,OAAO,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAEnE,IAAI,YAAY,IAAI,iBAAiB,EAAE,CAAC;gBACtC,MAAM,WAAW,GAAG,iBAAiB,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzE,MAAM,qBAAqB,GACzB,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC;oBAC5B,kBAAkB,CAAC,GAAG,CAAC,WAAW,CAAC;oBACnC,YAAY,CAAC;gBAEf,IAAI,qBAAqB,EAAE,CAAC;oBAC1B,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,MAAM,EACN,oDAAoD,EACpD,qCAAqC,EACrC,UAAU,EACV,0HAA0H,EAC1H,4FAA4F,EAC5F;wBACE,yBAAyB;wBACzB,yBAAyB;wBACzB,eAAe;wBACf,iBAAiB;qBAClB,EACD,mFAAmF,EACnF,iNAAiN,EACjN,iHAAiH,CAClH,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,mFAAmF;QACnF,IAAI,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YAC5F,oDAAoD;YACpD,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,2DAA2D,CAAC,CAAC;YAE/F,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,UAAU,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBAClC,MAAM,WAAW,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC;gBAEnC,wCAAwC;gBACxC,MAAM,YAAY,GAChB,WAAW,CAAC,QAAQ,CAAC,WAAW,CAAC;oBACjC,WAAW,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAChC,WAAW,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAClC,WAAW,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;gBAEtC,IAAI,YAAY,EAAE,CAAC;oBACjB,yEAAyE;oBACzE,kBAAkB,CAAC,GAAG,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;oBAE/C,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,MAAM,EACN,oEAAoE,EACpE,qDAAqD,EACrD,UAAU,EACV,kKAAkK,EAClK,+IAA+I,EAC/I;wBACE,gCAAgC;wBAChC,6BAA6B;wBAC7B,gDAAgD;wBAChD,oBAAoB;wBACpB,wBAAwB;qBACzB,EACD,0EAA0E,EAC1E,qNAAqN,EACrN,2MAA2M,CAC5M,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,gFAAgF;QAChF,iEAAiE;QACjE,gFAAgF;QAEhF,0CAA0C;QAC1C,oFAAoF;QACpF,MAAM,mBAAmB,GAAG,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QAC/F,IAAI,mBAAmB,EAAE,CAAC;YACxB,MAAM,OAAO,GAAG,mBAAmB,CAAC,CAAC,CAAC,CAAC;YACvC,kBAAkB,CAAC,GAAG,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QAC9C,CAAC;QAED,gDAAgD;QAChD,8EAA8E;QAC9E,wDAAwD;QACxD,6CAA6C;QAE7C,sDAAsD;QACtD,IAAI,OAAO,CAAC,KAAK,CAAC,qBAAqB,CAAC,EAAE,CAAC;YACzC,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,sCAAsC,CAAC,CAAC;YAE1E,IAAI,WAAW,EAAE,CAAC;gBAChB,MAAM,SAAS,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAExC,uCAAuC;gBACvC,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACtD,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAE/D,2CAA2C;gBAC3C,MAAM,YAAY,GAChB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC5B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;oBAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAC9B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAEjC,IAAI,CAAC,YAAY,IAAI,oBAAoB,CAAC,IAAI,CAAC,YAAY,IAAI,oBAAoB,CAAC,EAAE,CAAC;oBACrF,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,wFAAwF,EACxF,wEAAwE,EACxE,UAAU,EACV,qTAAqT,EACrT,yJAAyJ,EACzJ;wBACE,yCAAyC;wBACzC,yDAAyD;wBACzD,sBAAsB;wBACtB,6BAA6B;wBAC7B,mBAAmB;wBACnB,mCAAmC;qBACpC,EACD,yFAAyF,EACzF,8PAA8P,EAC9P,gQAAgQ,CACjQ,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,+CAA+C;QAC/C,IAAI,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC;YAC1C,OAAO,CAAC,KAAK,CAAC,cAAc,CAAC,EAAE,CAAC;YAElC,4CAA4C;YAC5C,MAAM,oBAAoB,GAAG,OAAO,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAExE,yGAAyG;YACzG,MAAM,cAAc,GAAG,OAAO,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACvD,MAAM,sBAAsB,GAAG,cAAc,IAAI,kBAAkB,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,CAAC;YAE3F,IAAI,oBAAoB,IAAI,sBAAsB,EAAE,CAAC;gBACnD,MAAM,YAAY,GAChB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC5B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;oBAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAEjC,IAAI,YAAY,IAAI,sBAAsB,EAAE,CAAC;oBAC3C,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,wFAAwF,EACxF,oDAAoD,EACpD,UAAU,EACV,yNAAyN,EACzN,8GAA8G,EAC9G;wBACE,yCAAyC;wBACzC,uBAAuB;wBACvB,sBAAsB;wBACtB,uBAAuB;wBACvB,yBAAyB;qBAC1B,EACD,6DAA6D,EAC7D,wPAAwP,EACxP,mKAAmK,CACpK,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,6DAA6D;QAC7D,IAAI,OAAO,CAAC,KAAK,CAAC,wCAAwC,CAAC,EAAE,CAAC;YAC5D,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,yDAAyD,CAAC,CAAC;YAE5F,IAAI,UAAU,EAAE,CAAC;gBACf,MAAM,SAAS,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEvC,MAAM,YAAY,GAAG,SAAS,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACtD,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;gBAE/D,MAAM,YAAY,GAChB,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC5B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;oBAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBAEjC,IAAI,CAAC,YAAY,IAAI,oBAAoB,CAAC,IAAI,CAAC,YAAY,IAAI,oBAAoB,CAAC,EAAE,CAAC;oBACrF,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,mFAAmF,EACnF,mDAAmD,EACnD,UAAU,EACV,2OAA2O,EAC3O,yGAAyG,EACzG;wBACE,oCAAoC;wBACpC,uBAAuB;wBACvB,sBAAsB;wBACtB,uBAAuB;wBACvB,uCAAuC;qBACxC,EACD,mFAAmF,EACnF,4RAA4R,EAC5R,sOAAsO,CACvO,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,+EAA+E;QAC/E,IAAI,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC;YACjC,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;gBAC5B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;YAErC,6EAA6E;YAC7E,MAAM,kBAAkB,GAAG,OAAO,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;YAEvF,IAAI,kBAAkB,EAAE,CAAC;gBACvB,6EAA6E;gBAC7E,MAAM,SAAS,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;gBAC5E,MAAM,cAAc,GAAG,SAAS,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAC/C,MAAM,SAAS,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;oBACzC,OAAO,CACL,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC;wBACnC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;wBAC5B,SAAS,CAAC,QAAQ,CAAC,SAAS,CAAC;wBAC7B,SAAS,CAAC,KAAK,CAAC,aAAa,CAAC,CAC/B,CAAC;gBACJ,CAAC,CAAC,CAAC;gBAEH,IAAI,cAAc,EAAE,CAAC;oBACnB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,iBAAiB,EACjB,wEAAwE,EACxE,qEAAqE,EACrE,UAAU,EACV,+HAA+H,EAC/H,gGAAgG,EAChG;wBACE,+BAA+B;wBAC/B,4BAA4B;wBAC5B,2BAA2B;qBAC5B,EACD,4EAA4E,EAC5E,0NAA0N,EAC1N,sIAAsI,CACvI,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,gFAAgF;QAChF,+DAA+D;QAC/D,gFAAgF;QAEhF,sCAAsC;QACtC,8EAA8E;QAC9E,kFAAkF;QAElF,MAAM,eAAe,GAAG;YACtB,EAAE,MAAM,EAAE,oBAAoB,EAAE,YAAY,EAAE,IAAI,EAAE;YACpD,EAAE,MAAM,EAAE,aAAa,EAAE,YAAY,EAAE,IAAI,EAAE,EAAE,gCAAgC;YAC/E,EAAE,MAAM,EAAE,mBAAmB,EAAE,YAAY,EAAE,cAAc,EAAE;YAC7D,EAAE,MAAM,EAAE,UAAU,EAAE,YAAY,EAAE,cAAc,EAAE,EAAE,kBAAkB;YACxE,EAAE,MAAM,EAAE,WAAW,EAAE,YAAY,EAAE,IAAI,EAAE;YAC3C,EAAE,MAAM,EAAE,iBAAiB,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,mBAAmB;SACtE,CAAC;QAEF,KAAK,MAAM,SAAS,IAAI,eAAe,EAAE,CAAC;YACxC,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvC,uCAAuC;gBACvC,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC;oBAC5B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAC9B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;oBAC7B,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAC;oBAC9B,KAAK,CAAC,IAAI,CAAC,kBAAkB,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;gBAEtG,IAAI,YAAY,EAAE,CAAC;oBACjB,oEAAoE;oBACpE,sCAAsC;oBACtC,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC;wBAC/E,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;wBAC3F,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,KAAK,EACL,sCAAsC,SAAS,CAAC,MAAM,6BAA6B,EACnF,4DAA4D,EAC5D,UAAU,EACV,oPAAoP,EACpP,GAAG,SAAS,CAAC,MAAM,qHAAqH,EACxI;4BACE,+DAA+D;4BAC/D,yDAAyD;4BACzD,2CAA2C;4BAC3C,uDAAuD;4BACvD,mCAAmC;yBACpC,EACD,sJAAsJ,EACtJ,sXAAsX,EACtX,yPAAyP,CAC1P,CAAC,CAAC;oBACL,CAAC;oBACD,oDAAoD;yBAC/C,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;wBACxF,MAAM,eAAe,GAAG,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;wBAC/E,IAAI,CAAC,eAAe,EAAE,CAAC;4BACrB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,KAAK,EACL,sCAAsC,SAAS,CAAC,MAAM,2BAA2B,EACjF,8CAA8C,EAC9C,UAAU,EACV,sJAAsJ,EACtJ,GAAG,SAAS,CAAC,MAAM,sFAAsF,EACzG;gCACE,+BAA+B;gCAC/B,uBAAuB;gCACvB,cAAc;gCACd,mBAAmB;6BACpB,EACD,0DAA0D,EAC1D,qFAAqF,EACrF,iGAAiG,CAClG,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}
package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts ADDED
@@ -0,0 +1,23 @@
1
+ /**
2
+ * TypeScript Code Quality Security Checks
3
+ * OWASP A01:2021 - Broken Access Control
4
+ * OWASP A06:2021 - Vulnerable and Outdated Components
5
+ *
6
+ * Detects ReDoS, missing error handling, console.log, and insecure cookies.
7
+ */
8
+ import { SecurityVulnerability } from '../../types';
9
+ /**
10
+ * Checks for code quality security vulnerabilities in TypeScript code
11
+ *
12
+ * Covers:
13
+ * - Check #15: Regex DoS (ReDoS) (MEDIUM)
14
+ * - Check #16: Missing error handling (LOW)
15
+ * - Check #17: console.log in production (LOW)
16
+ * - Check #18: Insecure cookie settings (MEDIUM)
17
+ *
18
+ * @param code - Full code string (for global checks like try/catch presence)
19
+ * @param lines - Array of code lines
20
+ * @returns Array of security vulnerabilities found
21
+ */
22
+ export declare function checkCodeQuality(code: string, lines: string[]): SecurityVulnerability[];
23
+ //# sourceMappingURL=code-quality.d.ts.map
package/dist/src/lib/analyzers/typescript/security-checks/code-quality.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"code-quality.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/typescript/security-checks/code-quality.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;;;;;GAYG;AACH,wBAAgB,gBAAgB,CAC9B,IAAI,EAAE,MAAM,EACZ,KAAK,EAAE,MAAM,EAAE,GACd,qBAAqB,EAAE,CA2IzB"}
package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js ADDED
@@ -0,0 +1,109 @@
1
+ "use strict";
2
+ /**
3
+ * TypeScript Code Quality Security Checks
4
+ * OWASP A01:2021 - Broken Access Control
5
+ * OWASP A06:2021 - Vulnerable and Outdated Components
6
+ *
7
+ * Detects ReDoS, missing error handling, console.log, and insecure cookies.
8
+ */
9
+ Object.defineProperty(exports, "__esModule", { value: true });
10
+ exports.checkCodeQuality = checkCodeQuality;
11
+ const createVulnerability_1 = require("../utils/createVulnerability");
12
+ /**
13
+ * Checks for code quality security vulnerabilities in TypeScript code
14
+ *
15
+ * Covers:
16
+ * - Check #15: Regex DoS (ReDoS) (MEDIUM)
17
+ * - Check #16: Missing error handling (LOW)
18
+ * - Check #17: console.log in production (LOW)
19
+ * - Check #18: Insecure cookie settings (MEDIUM)
20
+ *
21
+ * @param code - Full code string (for global checks like try/catch presence)
22
+ * @param lines - Array of code lines
23
+ * @returns Array of security vulnerabilities found
24
+ */
25
+ function checkCodeQuality(code, lines) {
26
+ const vulnerabilities = [];
27
+ let inMultiLineComment = false;
28
+ lines.forEach((line, index) => {
29
+ const lineNumber = index + 1;
30
+ const trimmed = line.trim();
31
+ // CRITICAL: Track multi-line comment blocks (/* ... */)
32
+ if (trimmed.includes('/*')) {
33
+ inMultiLineComment = true;
34
+ }
35
+ if (trimmed.includes('*/')) {
36
+ inMultiLineComment = false;
37
+ return; // Skip the line with */
38
+ }
39
+ // CRITICAL: Skip all lines inside multi-line comments and single-line comments
40
+ if (!trimmed ||
41
+ inMultiLineComment ||
42
+ trimmed.startsWith('//') ||
43
+ trimmed.startsWith('*')) {
44
+ return;
45
+ }
46
+ // 15. Regex DoS (ReDoS) - MEDIUM
47
+ if (trimmed.match(/new\s+RegExp|\/.*\(.*\+.*\)/)) {
48
+ const hasNestedQuantifiers = trimmed.match(/\([^)]*\+[^)]*\)\+|\([^)]*\*[^)]*\)\+|\([^)]*\+[^)]*\)\*/);
49
+ if (hasNestedQuantifiers) {
50
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('redos', 'Regex with nested quantifiers can cause DoS (ReDoS)', 'Simplify regex or use safe-regex libraries', lineNumber, 'Complex regex patterns with nested quantifiers can cause exponential backtracking, making the application freeze when processing crafted input.', 'const pattern = /(a+)+b/; pattern.test("aaaaaaaaaaaaaaaaaaaaX"); // Takes exponentially longer with more "a"s', [
51
+ 'Denial of Service (DoS)',
52
+ 'Application freeze',
53
+ 'CPU exhaustion',
54
+ 'Timeouts for legitimate users'
55
+ ], 'const emailRegex = /^([a-zA-Z0-9_\\-\\.]+)@([a-zA-Z0-9_\\-\\.]+)\\.([a-zA-Z]{2,5})$/; // Safe', 'const emailRegex = /^([a-zA-Z0-9_\\-\\.]+)+@([a-zA-Z0-9_\\-\\.]+)+\\.([a-zA-Z]{2,5})+$/; // DANGEROUS: nested quantifiers', 'Avoid nested quantifiers like (a+)+ or (a*)*. Test regex with safe-regex library or refactor to use simpler patterns'));
56
+ }
57
+ }
58
+ // 16. Missing error handling - LOW
59
+ if ((trimmed.includes('fetch(') || trimmed.includes('await ')) &&
60
+ !code.includes('try') && !code.includes('.catch')) {
61
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('missing-error-handling', 'Asynchronous operation without error handling', 'Add try/catch or .catch() to prevent crashes', lineNumber, 'Unhandled promise rejections can crash Node.js processes or leak error messages to users, potentially exposing sensitive information.', 'await fetch("/api/data"); // If fetch fails, uncaught exception crashes the app', [
62
+ 'Application crashes',
63
+ 'Information disclosure via error messages',
64
+ 'Poor user experience',
65
+ 'Potential security info leakage'
66
+ ], 'const data = await fetch("/api/users"); // No error handling', 'try {\n const data = await fetch("/api/users");\n} catch (error) {\n console.error("Failed to fetch:", error);\n}', 'Always wrap async operations in try/catch blocks or use .catch() to handle errors gracefully'));
67
+ }
68
+ // 17. console.log in production - LOW
69
+ // ENHANCED: Only flag console.log/info, NOT console.error/warn/debug (legitimate error logging)
70
+ // console.error and console.warn are standard error logging practices and should not be flagged
71
+ const consoleMatch = trimmed.match(/console\.(log|info)\b/);
72
+ if (consoleMatch) {
73
+ const consoleMethod = consoleMatch[1]; // log or info
74
+ // FIXED: Skip console.log in test files (Dec 10, 2025)
75
+ // Detect test file patterns: test-related messages, test framework usage, etc.
76
+ const isTestFileContext = trimmed.toLowerCase().includes('test') ||
77
+ trimmed.toLowerCase().includes('spec') ||
78
+ trimmed.toLowerCase().includes('loaded successfully') ||
79
+ trimmed.toLowerCase().includes('fixture') ||
80
+ trimmed.toLowerCase().includes('mock') ||
81
+ code.includes('describe(') ||
82
+ code.includes('it(') ||
83
+ code.includes('test(') ||
84
+ code.includes('expect(');
85
+ if (!isTestFileContext) {
86
+ console.log(`[code-quality.ts] Line ${lineNumber}: FLAGGING console.${consoleMethod}`);
87
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('console-log', 'console.log can leak sensitive information in production', 'Use professional logger (winston, pino) and remove in build', lineNumber, 'Console statements in production can leak sensitive data (tokens, passwords, PII) to browser DevTools or server logs accessible to attackers.', 'console.log("User logged in:", user.email, user.password); // Leaks password to logs', [
88
+ 'Sensitive data exposure',
89
+ 'PII leakage (GDPR violation)',
90
+ 'Token and credential theft',
91
+ 'Debug information disclosure'
92
+ ], 'console.log("API Response:", apiResponse); // May contain sensitive data', 'import logger from "winston";\nlogger.info("API Response", { userId: user.id }); // Structured logging, redact sensitive fields', 'Use proper logging libraries (winston, pino) with log levels, redaction, and production-safe configuration'));
93
+ }
94
+ }
95
+ // 18. Insecure cookie settings - MEDIUM
96
+ if (trimmed.includes('document.cookie') && trimmed.includes('=') &&
97
+ !trimmed.includes('httpOnly') && !trimmed.includes('secure') &&
98
+ !trimmed.startsWith('//')) {
99
+ vulnerabilities.push((0, createVulnerability_1.createTypeScriptSecurityVulnerability)('insecure-cookies', 'Cookie set without security flags (httpOnly, secure, sameSite)', 'Set cookies server-side with httpOnly, secure, and sameSite flags', lineNumber, 'Cookies without httpOnly flag are accessible to JavaScript (XSS vulnerability). Cookies without secure flag can be intercepted over HTTP.', 'document.cookie = "sessionToken=" + token; // Accessible to XSS, transmitted over HTTP', [
100
+ 'Session hijacking via XSS',
101
+ 'Token theft',
102
+ 'Man-in-the-middle attacks (if not secure)',
103
+ 'CSRF attacks (if no sameSite)'
104
+ ], 'document.cookie = "token=" + authToken; // INSECURE', '// Server-side (Express.js):\nres.cookie("token", authToken, {\n httpOnly: true, // Not accessible to JavaScript\n secure: true, // Only sent over HTTPS\n sameSite: "strict" // CSRF protection\n});', 'Always set cookies server-side with httpOnly (XSS protection), secure (HTTPS only), and sameSite (CSRF protection) flags'));
105
+ }
106
+ });
107
+ return vulnerabilities;
108
+ }
109
+ //# sourceMappingURL=code-quality.js.map
package/dist/src/lib/analyzers/typescript/security-checks/code-quality.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"code-quality.js","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/typescript/security-checks/code-quality.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AAkBH,4CA8IC;AA7JD,sEAAqF;AAErF;;;;;;;;;;;;GAYG;AACH,SAAgB,gBAAgB,CAC9B,IAAY,EACZ,KAAe;IAEf,MAAM,eAAe,GAA4B,EAAE,CAAC;IACpD,IAAI,kBAAkB,GAAG,KAAK,CAAC;IAE/B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,MAAM,UAAU,GAAG,KAAK,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAE5B,wDAAwD;QACxD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,IAAI,CAAC;QAC5B,CAAC;QACD,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,kBAAkB,GAAG,KAAK,CAAC;YAC3B,OAAO,CAAC,wBAAwB;QAClC,CAAC;QAED,+EAA+E;QAC/E,IAAI,CAAC,OAAO;YACR,kBAAkB;YAClB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC5B,OAAO;QACT,CAAC;QAED,iCAAiC;QACjC,IAAI,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,EAAE,CAAC;YACjD,MAAM,oBAAoB,GAAG,OAAO,CAAC,KAAK,CAAC,0DAA0D,CAAC,CAAC;YACvG,IAAI,oBAAoB,EAAE,CAAC;gBACzB,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,OAAO,EACP,qDAAqD,EACrD,4CAA4C,EAC5C,UAAU,EACV,iJAAiJ,EACjJ,+GAA+G,EAC/G;oBACE,yBAAyB;oBACzB,oBAAoB;oBACpB,gBAAgB;oBAChB,+BAA+B;iBAChC,EACD,+FAA+F,EAC/F,2HAA2H,EAC3H,sHAAsH,CACvH,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAC1D,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtD,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,wBAAwB,EACxB,+CAA+C,EAC/C,8CAA8C,EAC9C,UAAU,EACV,uIAAuI,EACvI,iFAAiF,EACjF;gBACE,qBAAqB;gBACrB,2CAA2C;gBAC3C,sBAAsB;gBACtB,iCAAiC;aAClC,EACD,8DAA8D,EAC9D,qHAAqH,EACrH,8FAA8F,CAC/F,CAAC,CAAC;QACL,CAAC;QAED,sCAAsC;QACtC,gGAAgG;QAChG,gGAAgG;QAChG,MAAM,YAAY,GAAG,OAAO,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;QAC5D,IAAI,YAAY,EAAE,CAAC;YACjB,MAAM,aAAa,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc;YAErD,uDAAuD;YACvD,+EAA+E;YAC/E,MAAM,iBAAiB,GACrB,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACtC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACtC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,qBAAqB,CAAC;gBACrD,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC;gBACzC,OAAO,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACtC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;gBAC1B,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;gBACpB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;gBACtB,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YAE3B,IAAI,CAAC,iBAAiB,EAAE,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,0BAA0B,UAAU,sBAAsB,aAAa,EAAE,CAAC,CAAC;gBAEvF,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,aAAa,EACb,0DAA0D,EAC1D,6DAA6D,EAC7D,UAAU,EACV,+IAA+I,EAC/I,sFAAsF,EACtF;oBACE,yBAAyB;oBACzB,8BAA8B;oBAC9B,4BAA4B;oBAC5B,8BAA8B;iBAC/B,EACD,0EAA0E,EAC1E,iIAAiI,EACjI,4GAA4G,CAC7G,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC;YAC5D,CAAC,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC5D,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9B,eAAe,CAAC,IAAI,CAAC,IAAA,2DAAqC,EACxD,kBAAkB,EAClB,gEAAgE,EAChE,mEAAmE,EACnE,UAAU,EACV,2IAA2I,EAC3I,wFAAwF,EACxF;gBACE,2BAA2B;gBAC3B,aAAa;gBACb,2CAA2C;gBAC3C,+BAA+B;aAChC,EACD,qDAAqD,EACrD,8MAA8M,EAC9M,0HAA0H,CAC3H,CAAC,CAAC;QACL,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO,eAAe,CAAC;AACzB,CAAC"}
package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts ADDED
@@ -0,0 +1,21 @@
1
+ /**
2
+ * TypeScript Credentials & Cryptography Security Checks
3
+ * OWASP A07:2021 - Authentication & Identification Failures
4
+ * OWASP A02:2021 - Cryptographic Failures
5
+ *
6
+ * Detects hardcoded credentials, weak cryptography, and insecure storage.
7
+ */
8
+ import { SecurityVulnerability } from '../../types';
9
+ /**
10
+ * Checks for credentials and cryptography vulnerabilities in TypeScript code
11
+ *
12
+ * Covers:
13
+ * - Check #8: Hardcoded credentials (CRITICAL)
14
+ * - Check #9: Math.random() for security (MEDIUM)
15
+ * - Check #10: localStorage for sensitive data (MEDIUM)
16
+ *
17
+ * @param lines - Array of code lines
18
+ * @returns Array of security vulnerabilities found
19
+ */
20
+ export declare function checkCredentialsAndCrypto(lines: string[]): SecurityVulnerability[];
21
+ //# sourceMappingURL=credentials-crypto.d.ts.map
package/dist/src/lib/analyzers/typescript/security-checks/credentials-crypto.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"credentials-crypto.d.ts","sourceRoot":"","sources":["../../../../../../../../src/lib/analyzers/typescript/security-checks/credentials-crypto.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAGpD;;;;;;;;;;GAUG;AACH,wBAAgB,yBAAyB,CACvC,KAAK,EAAE,MAAM,EAAE,GACd,qBAAqB,EAAE,CAoPzB"}