cognium-dev 3.23.1 → 3.23.3

package/dist/cli.js

@@ -9017,6 +9017,7 @@ var DEFAULT_SOURCES = [
   { annotation: "FormParam", type: "http_param", severity: "high", param_tainted: true },
   { annotation: "PathParam", type: "http_path", severity: "medium", param_tainted: true },
   { annotation: "HeaderParam", type: "http_header", severity: "high", param_tainted: true },
+  { method_annotation: "DataBoundConstructor", type: "http_param", severity: "high" },
   { method: "getenv", class: "System", type: "env_input", severity: "medium", return_tainted: true },
   { method: "getProperty", class: "System", type: "env_input", severity: "medium", return_tainted: true },
   { method: "getInitParameter", class: "ServletConfig", type: "http_param", severity: "medium", return_tainted: true },
@@ -9377,6 +9378,7 @@ var DEFAULT_SINKS = [
   { method: "getResource", class: "ServletContext", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
   { method: "getResourceAsStream", class: "ServletContext", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
   { method: "getRealPath", class: "ServletContext", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
+  { method: "child", class: "SCMFileSystem", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
   { method: "externalStaticFileLocation", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
   { method: "staticFileLocation", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
   { method: "getEntry", class: "ZipFile", type: "path_traversal", cwe: "CWE-22", severity: "high", arg_positions: [0] },
@@ -10323,6 +10325,26 @@ function findSources(calls, types, patterns) {
       }
     }
   }
+  for (const type of types) {
+    for (const method of type.methods) {
+      for (const pattern of patterns) {
+        if (!pattern.method_annotation)
+          continue;
+        if (!matchesAnnotation(method.annotations, pattern.method_annotation))
+          continue;
+        for (const param of method.parameters) {
+          const paramLine = param.line ?? method.start_line;
+          sources.push({
+            type: pattern.type,
+            location: `@${pattern.method_annotation} ${param.name} in ${method.name}`,
+            severity: pattern.severity,
+            line: paramLine,
+            confidence: 1
+          });
+        }
+      }
+    }
+  }
   const RUST_EXTRACTOR_TYPES = /^(?:Json|Form|Query|Path|Extension|Multipart)(?:<|$)|^(?:Body|Bytes)$/;
   for (const type of types) {
     for (const method of type.methods) {
@@ -25713,7 +25735,7 @@ var colors = {
 };
 
 // src/version.ts
-var version = "3.23.1";
+var version = "3.23.3";
 
 // src/formatters.ts
 var SINK_SEVERITY = {

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "cognium-dev",
-  "version": "3.23.1",
+  "version": "3.23.3",
   "description": "Static Application Security Testing CLI for detecting security vulnerabilities via taint tracking",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -16,8 +16,7 @@
     "typecheck": "tsc --noEmit",
     "version": "node -e \"const v = require('./package.json').version; require('fs').writeFileSync('src/version.ts', '/**\\n * Version information\\n *\\n * Kept in sync with package.json via the \\`version\\` npm lifecycle script.\\n * Do not edit manually — use \\`npm version patch|minor|major\\` instead.\\n */\\nexport const version = \\x27' + v + '\\x27;\\n')\" && git add src/version.ts",
     "dogfood": "bun run src/cli.ts scan src/ -q",
-    "prepublishOnly": "bun run build",
-    "release": "bash release.sh"
+    "prepublishOnly": "bun run build"
   },
   "keywords": [
     "security",
@@ -66,7 +65,7 @@
     "registry": "https://registry.npmjs.org/"
   },
   "dependencies": {
-    "circle-ir": "^3.23.1"
+    "circle-ir": "^3.23.3"
   },
   "devDependencies": {
     "@types/node": "^25.5.0",