dotenv-diff 2.3.2 → 2.3.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/src/config/types.d.ts +2 -0
- package/dist/src/config/types.d.ts.map +1 -1
- package/dist/src/core/cspDetector.d.ts +7 -0
- package/dist/src/core/cspDetector.d.ts.map +1 -0
- package/dist/src/core/cspDetector.js +38 -0
- package/dist/src/core/cspDetector.js.map +1 -0
- package/dist/src/services/codeBaseScanner.d.ts.map +1 -1
- package/dist/src/services/codeBaseScanner.js +6 -0
- package/dist/src/services/codeBaseScanner.js.map +1 -1
- package/dist/src/services/scanOutputToConsole.d.ts.map +1 -1
- package/dist/src/services/scanOutputToConsole.js +3 -0
- package/dist/src/services/scanOutputToConsole.js.map +1 -1
- package/dist/src/ui/scan/printCspWarning.d.ts +6 -0
- package/dist/src/ui/scan/printCspWarning.d.ts.map +1 -0
- package/dist/src/ui/scan/printCspWarning.js +17 -0
- package/dist/src/ui/scan/printCspWarning.js.map +1 -0
- package/package.json +2 -2
|
@@ -132,6 +132,7 @@ export interface ScanResult {
|
|
|
132
132
|
}>;
|
|
133
133
|
};
|
|
134
134
|
duration: number;
|
|
135
|
+
hasCsp?: boolean;
|
|
135
136
|
}
|
|
136
137
|
/** Options for scanning the codebase for environment variable usage. */
|
|
137
138
|
export interface ScanUsageOptions extends ScanOptions {
|
|
@@ -187,6 +188,7 @@ export interface ScanJsonEntry {
|
|
|
187
188
|
count: number;
|
|
188
189
|
}>;
|
|
189
190
|
};
|
|
191
|
+
hasCsp?: boolean;
|
|
190
192
|
}
|
|
191
193
|
export interface VariableUsages {
|
|
192
194
|
[variable: string]: EnvUsage[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAGhE,eAAO,MAAM,kBAAkB,8EAOrB,CAAC;AAGX,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC;AAE3D;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG;IACpB,WAAW,EAAE,OAAO,CAAC;IACrB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,OAAO,CAAC;IACzB,GAAG,EAAE,OAAO,CAAC;IACb,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,WAAW,EAAE,MAAM,GAAG,SAAS,CAAC;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,OAAO,GAAG,SAAS,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAChC,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7B,UAAU,CAAC,EAAE;QACX,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC3E,EAAE,CAAC,EAAE,OAAO,CAAC;CACd,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EACH,aAAa,GACb,iBAAiB,GACjB,WAAW,GACX,MAAM,GACN,MAAM,GACN,MAAM,GACN,KAAK,CAAC;IACV,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,UAAU,EAAE;QACV,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,wEAAwE;AACxE,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACnD,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,OAAO,EAAE,KAAK,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,KAAK,CAAC;YACZ,IAAI,EAAE,MAAM,CAAC;YACb,IAAI,EAAE,MAAM,CAAC;YACb,OAAO,EAAE,MAAM,CAAC;YAChB,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC,CAAC;KACJ,CAAC,CAAC;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,KAAK,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;IAEH,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,OAAO,CAAC,EAAE,KAAK,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;IACH,UAAU,CAAC,EAAE;QACX,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAGhE,eAAO,MAAM,kBAAkB,8EAOrB,CAAC;AAGX,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC;AAE3D;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG;IACpB,WAAW,EAAE,OAAO,CAAC;IACrB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,OAAO,CAAC;IACzB,GAAG,EAAE,OAAO,CAAC;IACb,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,WAAW,EAAE,MAAM,GAAG,SAAS,CAAC;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,OAAO,GAAG,SAAS,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAChC,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7B,UAAU,CAAC,EAAE;QACX,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC3E,EAAE,CAAC,EAAE,OAAO,CAAC;CACd,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EACH,aAAa,GACb,iBAAiB,GACjB,WAAW,GACX,MAAM,GACN,MAAM,GACN,MAAM,GACN,KAAK,CAAC;IACV,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,UAAU,EAAE;QACV,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,wEAAwE;AACxE,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACnD,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IACF,OAAO,EAAE,KAAK,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,KAAK,CAAC;YACZ,IAAI,EAAE,MAAM,CAAC;YACb,IAAI,EAAE,MAAM,CAAC;YACb,OAAO,EAAE,MAAM,CAAC;YAChB,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC,CAAC;KACJ,CAAC,CAAC;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,KAAK,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;IAEH,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,OAAO,CAAC,EAAE,KAAK,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;IACH,UAAU,CAAC,EAAE;QACX,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAGD,MAAM,WAAW,cAAc;IAC7B,CAAC,QAAQ,EAAE,MAAM,GAAG,QAAQ,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,OAAO,CAAC;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAC5C,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE;QAAE,GAAG,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAC3C,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,CAAC,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtE,aAAa,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACrD,YAAY,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACpD,cAAc,EAAE;QAAE,MAAM,EAAE,cAAc,GAAG,aAAa,CAAA;KAAE,GAAG,IAAI,CAAC;CACnE,CAAC"}
|
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Returns true if the source code looks like it configures a CSP.
|
|
3
|
+
* We are deliberately generous: if we see "Content-Security-Policy" anywhere
|
|
4
|
+
* in a realistic pattern, we treat CSP as present.
|
|
5
|
+
*/
|
|
6
|
+
export declare function hasCspInSource(source: string): boolean;
|
|
7
|
+
//# sourceMappingURL=cspDetector.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cspDetector.d.ts","sourceRoot":"","sources":["../../../src/core/cspDetector.ts"],"names":[],"mappings":"AASA;;;;GAIG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAyBtD"}
|
|
@@ -0,0 +1,38 @@
|
|
|
1
|
+
// Very lightweight CSP detectors – we only need to know "does some CSP exist?"
|
|
2
|
+
const META_CSP_PATTERN = /<meta[^>]*http-equiv=["']Content-Security-Policy["'][^>]*>/i;
|
|
3
|
+
const HEADER_CSP_PATTERN = /(setHeader|header|append)\(\s*['"]Content-Security-Policy['"]/i;
|
|
4
|
+
const HELMET_CSP_PATTERN = /\bcontentSecurityPolicy\b/;
|
|
5
|
+
/**
|
|
6
|
+
* Returns true if the source code looks like it configures a CSP.
|
|
7
|
+
* We are deliberately generous: if we see "Content-Security-Policy" anywhere
|
|
8
|
+
* in a realistic pattern, we treat CSP as present.
|
|
9
|
+
*/
|
|
10
|
+
export function hasCspInSource(source) {
|
|
11
|
+
// 1. META tag
|
|
12
|
+
if (META_CSP_PATTERN.test(source))
|
|
13
|
+
return true;
|
|
14
|
+
// 2. Node header setters
|
|
15
|
+
if (HEADER_CSP_PATTERN.test(source))
|
|
16
|
+
return true;
|
|
17
|
+
// 3. Helmet or similar middleware
|
|
18
|
+
if (HELMET_CSP_PATTERN.test(source))
|
|
19
|
+
return true;
|
|
20
|
+
// 4. Plain fallback
|
|
21
|
+
if (/Content-Security-Policy/i.test(source))
|
|
22
|
+
return true;
|
|
23
|
+
// 5. SvelteKit kit.csp
|
|
24
|
+
if (/kit\s*:\s*{[^}]*csp\s*:/s.test(source))
|
|
25
|
+
return true;
|
|
26
|
+
// 6. A variable named <something>Csp or cspConfig or sharedCsp
|
|
27
|
+
if (/\b(shared|global|site|app)[A-Z]?Csp\b/.test(source))
|
|
28
|
+
return true;
|
|
29
|
+
if (/\bcspConfig\b/i.test(source))
|
|
30
|
+
return true;
|
|
31
|
+
if (/\bcsp\s*:\s*{[^}]*['"]default-src['"]:/i.test(source))
|
|
32
|
+
return true;
|
|
33
|
+
// 7. Directives object pattern (strong indicator)
|
|
34
|
+
if (/directives\s*:\s*{[^}]*['"]default-src['"]:/is.test(source))
|
|
35
|
+
return true;
|
|
36
|
+
return false;
|
|
37
|
+
}
|
|
38
|
+
//# sourceMappingURL=cspDetector.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"cspDetector.js","sourceRoot":"","sources":["../../../src/core/cspDetector.ts"],"names":[],"mappings":"AAAA,+EAA+E;AAC/E,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE,MAAM,kBAAkB,GACtB,gEAAgE,CAAC;AAEnE,MAAM,kBAAkB,GAAG,2BAA2B,CAAC;AAEvD;;;;GAIG;AACH,MAAM,UAAU,cAAc,CAAC,MAAc;IAC3C,cAAc;IACd,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAE/C,yBAAyB;IACzB,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,kCAAkC;IAClC,IAAI,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,oBAAoB;IACpB,IAAI,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzD,uBAAuB;IACvB,IAAI,0BAA0B,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAEzD,+DAA+D;IAC/D,IAAI,uCAAuC,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IACtE,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAC/C,IAAI,yCAAyC,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAExE,kDAAkD;IAClD,IAAI,+CAA+C,CAAC,IAAI,CAAC,MAAM,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9E,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"codeBaseScanner.d.ts","sourceRoot":"","sources":["../../../src/services/codeBaseScanner.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAY,WAAW,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"codeBaseScanner.d.ts","sourceRoot":"","sources":["../../../src/services/codeBaseScanner.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAY,WAAW,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAU5E;;;;GAIG;AACH,wBAAsB,YAAY,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAiEzE"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import fs from 'fs/promises';
|
|
2
2
|
import path from 'path';
|
|
3
3
|
import { detectSecretsInSource, } from '../core/secretDetectors.js';
|
|
4
|
+
import { hasCspInSource } from '../core/cspDetector.js';
|
|
4
5
|
import { DEFAULT_EXCLUDE_PATTERNS } from '../core/patterns.js';
|
|
5
6
|
import { scanFile } from '../core/scanFile.js';
|
|
6
7
|
import { findFiles } from './fileWalker.js';
|
|
@@ -18,9 +19,13 @@ export async function scanCodebase(opts) {
|
|
|
18
19
|
const allUsages = [];
|
|
19
20
|
let filesScanned = 0;
|
|
20
21
|
const allSecrets = [];
|
|
22
|
+
let hasCsp = false;
|
|
21
23
|
for (const filePath of files) {
|
|
22
24
|
try {
|
|
23
25
|
const content = await fs.readFile(filePath, 'utf-8');
|
|
26
|
+
if (!hasCsp && hasCspInSource(content)) {
|
|
27
|
+
hasCsp = true;
|
|
28
|
+
}
|
|
24
29
|
const fileUsages = await scanFile(filePath, content, opts);
|
|
25
30
|
allUsages.push(...fileUsages);
|
|
26
31
|
if (opts.secrets) {
|
|
@@ -60,6 +65,7 @@ export async function scanCodebase(opts) {
|
|
|
60
65
|
example: [],
|
|
61
66
|
},
|
|
62
67
|
duration: 0,
|
|
68
|
+
hasCsp: hasCsp,
|
|
63
69
|
};
|
|
64
70
|
}
|
|
65
71
|
//# sourceMappingURL=codeBaseScanner.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"codeBaseScanner.js","sourceRoot":"","sources":["../../../src/services/codeBaseScanner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EACL,qBAAqB,GAEtB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE5C;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAiB;IAClD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE;QACtC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,OAAO,EAAE,CAAC,GAAG,wBAAwB,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,oBAAoB;KACnE,CAAC,CAAC;IAEH,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,MAAM,UAAU,GAAoB,EAAE,CAAC;IAEvC,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"codeBaseScanner.js","sourceRoot":"","sources":["../../../src/services/codeBaseScanner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EACL,qBAAqB,GAEtB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE5C;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAiB;IAClD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE;QACtC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,OAAO,EAAE,CAAC,GAAG,wBAAwB,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,oBAAoB;KACnE,CAAC,CAAC;IAEH,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,MAAM,UAAU,GAAoB,EAAE,CAAC;IAEvC,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAErD,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,MAAM,GAAG,IAAI,CAAC;YAChB,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC3D,SAAS,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;YAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;oBACvD,MAAM,GAAG,GAAG,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;oBAC/D,IAAI,GAAG,CAAC,MAAM;wBAAE,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,iCAAiC;gBACnC,CAAC;YACH,CAAC;YACD,YAAY,EAAE,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,uDAAuD;YACvD,SAAS;QACX,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,KAAK,EAAE,EAAE,CACR,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC;QACrC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAChE,CAAC;IAEF,MAAM,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5E,OAAO;QACL,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,EAAE;QACV,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE;YACL,YAAY;YACZ,WAAW,EAAE,cAAc,CAAC,MAAM;YAClC,eAAe,EAAE,eAAe,CAAC,MAAM;SACxC;QACD,UAAU,EAAE;YACV,GAAG,EAAE,EAAE;YACP,OAAO,EAAE,EAAE;SACZ;QACD,QAAQ,EAAE,CAAC;QACX,MAAM,EAAE,MAAM;KACf,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanOutputToConsole.d.ts","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"scanOutputToConsole.d.ts","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAevE;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,UAAU,EAAE,UAAU,EACtB,IAAI,EAAE,gBAAgB,EACtB,eAAe,EAAE,MAAM,EACvB,UAAU,CAAC,EAAE;IACX,UAAU,EAAE,OAAO,CAAC;IACpB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,gBAAgB,EAAE,OAAO,CAAC;CAC3B,GACA;IAAE,aAAa,EAAE,OAAO,CAAA;CAAE,CA2I5B"}
|
|
@@ -13,6 +13,7 @@ import { printSuccess } from '../ui/shared/printSuccess.js';
|
|
|
13
13
|
import { printStrictModeError } from '../ui/shared/printStrictModeError.js';
|
|
14
14
|
import { printFixTips } from '../ui/shared/printFixTips.js';
|
|
15
15
|
import { printAutoFix } from '../ui/shared/printAutoFix.js';
|
|
16
|
+
import { printCspWarning } from '../ui/scan/printCspWarning.js';
|
|
16
17
|
/**
|
|
17
18
|
* Outputs the scan results to the console.
|
|
18
19
|
* @param scanResult - The result of the scan.
|
|
@@ -44,6 +45,8 @@ export function outputToConsole(scanResult, opts, comparedAgainst, fixContext) {
|
|
|
44
45
|
printDuplicates(comparedAgainst || '.env', 'example file', scanResult.duplicates?.env ?? [], scanResult.duplicates?.example ?? [], isJson);
|
|
45
46
|
// Print potential secrets found
|
|
46
47
|
printSecrets(scanResult.secrets ?? [], isJson);
|
|
48
|
+
// CSP warning
|
|
49
|
+
printCspWarning(scanResult.hasCsp, isJson);
|
|
47
50
|
// Check for high severity secrets - ALWAYS exit with error
|
|
48
51
|
const hasHighSeveritySecrets = (scanResult.secrets ?? []).some(s => s.severity === 'high');
|
|
49
52
|
if (hasHighSeveritySecrets) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanOutputToConsole.js","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"scanOutputToConsole.js","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAEhE;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAC7B,UAAsB,EACtB,IAAsB,EACtB,eAAuB,EACvB,UAKC;IAED,IAAI,aAAa,GAAG,KAAK,CAAC;IAE1B,+CAA+C;IAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC;IAElC,WAAW,CAAC,eAAe,CAAC,CAAC;IAE7B,0BAA0B;IAC1B,UAAU,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI,EAAE,UAAU,CAAC,QAAQ,CAAC,CAAC;IAElF,mCAAmC;IACnC,IAAI,UAAU,CAAC,KAAK,CAAC,eAAe,GAAG,CAAC,EAAE,CAAC;QACzC,8BAA8B;QAC9B,oBAAoB,CAAC,UAAU,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACvD,sCAAsC;QACtC,cAAc,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,IAAI,KAAK,EAAE,MAAM,CAAC,CAAC;IACnE,CAAC;IAED,uDAAuD;IACvD,IACE,YAAY,CACV,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,IAAI,EACf,eAAe,EACf,IAAI,CAAC,QAAQ,IAAI,KAAK,EACtB,MAAM,CACP,EACD,CAAC;QACD,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,SAAS;IACT,WAAW,CACT,UAAU,CAAC,MAAM,EACjB,eAAe,EACf,IAAI,CAAC,UAAU,IAAI,KAAK,EACxB,MAAM,CACP,CAAC;IAEF,aAAa;IACb,eAAe,CACb,eAAe,IAAI,MAAM,EACzB,cAAc,EACd,UAAU,CAAC,UAAU,EAAE,GAAG,IAAI,EAAE,EAChC,UAAU,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE,EACpC,MAAM,CACP,CAAC;IAEF,gCAAgC;IAChC,YAAY,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,EAAE,MAAM,CAAC,CAAC;IAE/C,cAAc;IACd,eAAe,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE3C,2DAA2D;IAC3D,MAAM,sBAAsB,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,CAC5D,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC3B,CAAC;IAEF,IAAI,sBAAsB,EAAE,CAAC;QAC3B,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,0CAA0C;IAC1C,IACE,eAAe;QACf,UAAU,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC;QAC/B,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,KAAK,CAAC;QACvC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAC1B,CAAC;QACD,YAAY,CACV,MAAM,EACN,MAAM,EACN,eAAe,EACf,UAAU,CAAC,MAAM,EACjB,IAAI,CAAC,UAAU,IAAI,IAAI,CACxB,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,MAAM,cAAc,GAAG,oBAAoB,CAAC;QAC1C,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,OAAO,EAAE,MAAM;KAChB,CAAC,CAAC;IAEH,IAAI,cAAc,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QACjC,qBAAqB,CAAC;YACpB,OAAO,EAAE,MAAM;YACf,MAAM,EAAE,cAAc,CAAC,MAAM;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,iBAAiB,GAAG,cAAc,KAAK,IAAI,CAAC;IAElD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,IAAI,GAAG,oBAAoB,CAC/B;YACE,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,MAAM;YAChC,aAAa,EAAE,UAAU,CAAC,UAAU,EAAE,GAAG,EAAE,MAAM,IAAI,CAAC;YACtD,YAAY,EAAE,UAAU,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;YACzD,OAAO,EAAE,UAAU,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;YACxC,iBAAiB;SAClB,EACD,MAAM,CACP,CAAC;QAEF,IAAI,IAAI;YAAE,aAAa,GAAG,IAAI,CAAC;IACjC,CAAC;IAED,IAAI,IAAI,CAAC,GAAG,IAAI,UAAU,EAAE,CAAC;QAC3B,YAAY,CACV,UAAU,CAAC,UAAU,EACrB;YACE,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;YAC/C,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE;SAC1D,EACD,eAAe,IAAI,MAAM,EACzB,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,cAAc,EACnE,MAAM,EACN,UAAU,CAAC,gBAAgB,CAC5B,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,YAAY,CACV;QACE,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,aAAa,EAAE,UAAU,CAAC,UAAU,EAAE,GAAG,IAAI,EAAE;QAC/C,YAAY,EAAE,UAAU,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE;QAClD,cAAc,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,IAAI;KACrE,EACD,iBAAiB,EACjB,MAAM,EACN,IAAI,CAAC,GAAG,IAAI,KAAK,CAClB,CAAC;IAEF,OAAO,EAAE,aAAa,EAAE,CAAC;AAC3B,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"printCspWarning.d.ts","sourceRoot":"","sources":["../../../../src/ui/scan/printCspWarning.ts"],"names":[],"mappings":"AAEA;;;GAGG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,OAAO,GAAG,SAAS,EAAE,IAAI,EAAE,OAAO,QAczE"}
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
import chalk from 'chalk';
|
|
2
|
+
/**
|
|
3
|
+
* Prints a warning if no CSP was detected.
|
|
4
|
+
* Does NOT affect exit code – soft security warning only.
|
|
5
|
+
*/
|
|
6
|
+
export function printCspWarning(hasCsp, json) {
|
|
7
|
+
// JSON mode: no pretty printing
|
|
8
|
+
if (json)
|
|
9
|
+
return;
|
|
10
|
+
// If CSP exists, remain silent to avoid noise
|
|
11
|
+
if (hasCsp)
|
|
12
|
+
return;
|
|
13
|
+
console.log(chalk.yellow('⚠️ CSP is missing'));
|
|
14
|
+
console.log(chalk.yellow.dim(' No Content-Security-Policy detected in your project.'));
|
|
15
|
+
console.log();
|
|
16
|
+
}
|
|
17
|
+
//# sourceMappingURL=printCspWarning.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"printCspWarning.js","sourceRoot":"","sources":["../../../../src/ui/scan/printCspWarning.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,MAA2B,EAAE,IAAa;IACxE,gCAAgC;IAChC,IAAI,IAAI;QAAE,OAAO;IAEjB,8CAA8C;IAC9C,IAAI,MAAM;QAAE,OAAO;IAEnB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAChD,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,MAAM,CAAC,GAAG,CACd,yDAAyD,CAC1D,CACF,CAAC;IACF,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "dotenv-diff",
|
|
3
|
-
"version": "2.3.
|
|
3
|
+
"version": "2.3.4",
|
|
4
4
|
"type": "module",
|
|
5
5
|
"description": "Scan your codebase to find environment variables in use.",
|
|
6
6
|
"bin": {
|
|
@@ -68,6 +68,6 @@
|
|
|
68
68
|
"eslint": "^9.32.0",
|
|
69
69
|
"prettier": "^3.6.2",
|
|
70
70
|
"typescript": "^5.2.0",
|
|
71
|
-
"vitest": "^
|
|
71
|
+
"vitest": "^3.2.0"
|
|
72
72
|
}
|
|
73
73
|
}
|