driftdetect-detectors 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/accessibility/alt-text.d.ts +63 -0
- package/dist/accessibility/alt-text.d.ts.map +1 -0
- package/dist/accessibility/alt-text.js +100 -0
- package/dist/accessibility/alt-text.js.map +1 -0
- package/dist/accessibility/aria-roles.d.ts +65 -0
- package/dist/accessibility/aria-roles.d.ts.map +1 -0
- package/dist/accessibility/aria-roles.js +87 -0
- package/dist/accessibility/aria-roles.js.map +1 -0
- package/dist/accessibility/focus-management.d.ts +62 -0
- package/dist/accessibility/focus-management.d.ts.map +1 -0
- package/dist/accessibility/focus-management.js +88 -0
- package/dist/accessibility/focus-management.js.map +1 -0
- package/dist/accessibility/heading-hierarchy.d.ts +66 -0
- package/dist/accessibility/heading-hierarchy.d.ts.map +1 -0
- package/dist/accessibility/heading-hierarchy.js +94 -0
- package/dist/accessibility/heading-hierarchy.js.map +1 -0
- package/dist/accessibility/index.d.ts +25 -0
- package/dist/accessibility/index.d.ts.map +1 -0
- package/dist/accessibility/index.js +21 -0
- package/dist/accessibility/index.js.map +1 -0
- package/dist/accessibility/keyboard-nav.d.ts +63 -0
- package/dist/accessibility/keyboard-nav.d.ts.map +1 -0
- package/dist/accessibility/keyboard-nav.js +86 -0
- package/dist/accessibility/keyboard-nav.js.map +1 -0
- package/dist/accessibility/semantic-html.d.ts +76 -0
- package/dist/accessibility/semantic-html.d.ts.map +1 -0
- package/dist/accessibility/semantic-html.js +204 -0
- package/dist/accessibility/semantic-html.js.map +1 -0
- package/dist/api/client-patterns.d.ts +121 -0
- package/dist/api/client-patterns.d.ts.map +1 -0
- package/dist/api/client-patterns.js +478 -0
- package/dist/api/client-patterns.js.map +1 -0
- package/dist/api/error-format.d.ts +140 -0
- package/dist/api/error-format.d.ts.map +1 -0
- package/dist/api/error-format.js +614 -0
- package/dist/api/error-format.js.map +1 -0
- package/dist/api/http-methods.d.ts +255 -0
- package/dist/api/http-methods.d.ts.map +1 -0
- package/dist/api/http-methods.js +890 -0
- package/dist/api/http-methods.js.map +1 -0
- package/dist/api/index.d.ts +16 -0
- package/dist/api/index.d.ts.map +1 -0
- package/dist/api/index.js +37 -0
- package/dist/api/index.js.map +1 -0
- package/dist/api/pagination.d.ts +133 -0
- package/dist/api/pagination.d.ts.map +1 -0
- package/dist/api/pagination.js +521 -0
- package/dist/api/pagination.js.map +1 -0
- package/dist/api/response-envelope.d.ts +261 -0
- package/dist/api/response-envelope.d.ts.map +1 -0
- package/dist/api/response-envelope.js +1050 -0
- package/dist/api/response-envelope.js.map +1 -0
- package/dist/api/retry-patterns.d.ts +117 -0
- package/dist/api/retry-patterns.d.ts.map +1 -0
- package/dist/api/retry-patterns.js +480 -0
- package/dist/api/retry-patterns.js.map +1 -0
- package/dist/api/route-structure.d.ts +128 -0
- package/dist/api/route-structure.d.ts.map +1 -0
- package/dist/api/route-structure.js +738 -0
- package/dist/api/route-structure.js.map +1 -0
- package/dist/auth/audit-logging.d.ts +80 -0
- package/dist/auth/audit-logging.d.ts.map +1 -0
- package/dist/auth/audit-logging.js +370 -0
- package/dist/auth/audit-logging.js.map +1 -0
- package/dist/auth/index.d.ts +33 -0
- package/dist/auth/index.d.ts.map +1 -0
- package/dist/auth/index.js +49 -0
- package/dist/auth/index.js.map +1 -0
- package/dist/auth/middleware-usage.d.ts +65 -0
- package/dist/auth/middleware-usage.d.ts.map +1 -0
- package/dist/auth/middleware-usage.js +192 -0
- package/dist/auth/middleware-usage.js.map +1 -0
- package/dist/auth/permission-checks.d.ts +60 -0
- package/dist/auth/permission-checks.d.ts.map +1 -0
- package/dist/auth/permission-checks.js +159 -0
- package/dist/auth/permission-checks.js.map +1 -0
- package/dist/auth/rbac-patterns.d.ts +68 -0
- package/dist/auth/rbac-patterns.d.ts.map +1 -0
- package/dist/auth/rbac-patterns.js +143 -0
- package/dist/auth/rbac-patterns.js.map +1 -0
- package/dist/auth/resource-ownership.d.ts +77 -0
- package/dist/auth/resource-ownership.d.ts.map +1 -0
- package/dist/auth/resource-ownership.js +324 -0
- package/dist/auth/resource-ownership.js.map +1 -0
- package/dist/auth/token-handling.d.ts +64 -0
- package/dist/auth/token-handling.d.ts.map +1 -0
- package/dist/auth/token-handling.js +151 -0
- package/dist/auth/token-handling.js.map +1 -0
- package/dist/base/ast-detector.d.ts +421 -0
- package/dist/base/ast-detector.d.ts.map +1 -0
- package/dist/base/ast-detector.js +699 -0
- package/dist/base/ast-detector.js.map +1 -0
- package/dist/base/base-detector.d.ts +366 -0
- package/dist/base/base-detector.d.ts.map +1 -0
- package/dist/base/base-detector.js +170 -0
- package/dist/base/base-detector.js.map +1 -0
- package/dist/base/index.d.ts +12 -0
- package/dist/base/index.d.ts.map +1 -0
- package/dist/base/index.js +17 -0
- package/dist/base/index.js.map +1 -0
- package/dist/base/regex-detector.d.ts +421 -0
- package/dist/base/regex-detector.d.ts.map +1 -0
- package/dist/base/regex-detector.js +537 -0
- package/dist/base/regex-detector.js.map +1 -0
- package/dist/base/structural-detector.d.ts +424 -0
- package/dist/base/structural-detector.d.ts.map +1 -0
- package/dist/base/structural-detector.js +731 -0
- package/dist/base/structural-detector.js.map +1 -0
- package/dist/base/types.d.ts +53 -0
- package/dist/base/types.d.ts.map +1 -0
- package/dist/base/types.js +5 -0
- package/dist/base/types.js.map +1 -0
- package/dist/components/component-structure.d.ts +163 -0
- package/dist/components/component-structure.d.ts.map +1 -0
- package/dist/components/component-structure.js +500 -0
- package/dist/components/component-structure.js.map +1 -0
- package/dist/components/composition.d.ts +287 -0
- package/dist/components/composition.d.ts.map +1 -0
- package/dist/components/composition.js +1123 -0
- package/dist/components/composition.js.map +1 -0
- package/dist/components/duplicate-detection.d.ts +251 -0
- package/dist/components/duplicate-detection.d.ts.map +1 -0
- package/dist/components/duplicate-detection.js +804 -0
- package/dist/components/duplicate-detection.js.map +1 -0
- package/dist/components/index.d.ts +16 -0
- package/dist/components/index.d.ts.map +1 -0
- package/dist/components/index.js +51 -0
- package/dist/components/index.js.map +1 -0
- package/dist/components/near-duplicate.d.ts +402 -0
- package/dist/components/near-duplicate.d.ts.map +1 -0
- package/dist/components/near-duplicate.js +1090 -0
- package/dist/components/near-duplicate.js.map +1 -0
- package/dist/components/props-patterns.d.ts +194 -0
- package/dist/components/props-patterns.d.ts.map +1 -0
- package/dist/components/props-patterns.js +795 -0
- package/dist/components/props-patterns.js.map +1 -0
- package/dist/components/ref-forwarding.d.ts +250 -0
- package/dist/components/ref-forwarding.d.ts.map +1 -0
- package/dist/components/ref-forwarding.js +832 -0
- package/dist/components/ref-forwarding.js.map +1 -0
- package/dist/components/state-patterns.d.ts +291 -0
- package/dist/components/state-patterns.d.ts.map +1 -0
- package/dist/components/state-patterns.js +970 -0
- package/dist/components/state-patterns.js.map +1 -0
- package/dist/config/config-validation.d.ts +74 -0
- package/dist/config/config-validation.d.ts.map +1 -0
- package/dist/config/config-validation.js +446 -0
- package/dist/config/config-validation.js.map +1 -0
- package/dist/config/default-values.d.ts +72 -0
- package/dist/config/default-values.d.ts.map +1 -0
- package/dist/config/default-values.js +386 -0
- package/dist/config/default-values.js.map +1 -0
- package/dist/config/env-naming.d.ts +73 -0
- package/dist/config/env-naming.d.ts.map +1 -0
- package/dist/config/env-naming.js +429 -0
- package/dist/config/env-naming.js.map +1 -0
- package/dist/config/environment-detection.d.ts +72 -0
- package/dist/config/environment-detection.d.ts.map +1 -0
- package/dist/config/environment-detection.js +400 -0
- package/dist/config/environment-detection.js.map +1 -0
- package/dist/config/feature-flags.d.ts +72 -0
- package/dist/config/feature-flags.d.ts.map +1 -0
- package/dist/config/feature-flags.js +384 -0
- package/dist/config/feature-flags.js.map +1 -0
- package/dist/config/index.d.ts +27 -0
- package/dist/config/index.d.ts.map +1 -0
- package/dist/config/index.js +43 -0
- package/dist/config/index.js.map +1 -0
- package/dist/config/required-optional.d.ts +71 -0
- package/dist/config/required-optional.d.ts.map +1 -0
- package/dist/config/required-optional.js +344 -0
- package/dist/config/required-optional.js.map +1 -0
- package/dist/data-access/connection-pooling.d.ts +63 -0
- package/dist/data-access/connection-pooling.d.ts.map +1 -0
- package/dist/data-access/connection-pooling.js +297 -0
- package/dist/data-access/connection-pooling.js.map +1 -0
- package/dist/data-access/dto-patterns.d.ts +64 -0
- package/dist/data-access/dto-patterns.d.ts.map +1 -0
- package/dist/data-access/dto-patterns.js +291 -0
- package/dist/data-access/dto-patterns.js.map +1 -0
- package/dist/data-access/index.d.ts +31 -0
- package/dist/data-access/index.d.ts.map +1 -0
- package/dist/data-access/index.js +49 -0
- package/dist/data-access/index.js.map +1 -0
- package/dist/data-access/n-plus-one.d.ts +60 -0
- package/dist/data-access/n-plus-one.d.ts.map +1 -0
- package/dist/data-access/n-plus-one.js +264 -0
- package/dist/data-access/n-plus-one.js.map +1 -0
- package/dist/data-access/query-patterns.d.ts +64 -0
- package/dist/data-access/query-patterns.d.ts.map +1 -0
- package/dist/data-access/query-patterns.js +314 -0
- package/dist/data-access/query-patterns.js.map +1 -0
- package/dist/data-access/repository-pattern.d.ts +62 -0
- package/dist/data-access/repository-pattern.d.ts.map +1 -0
- package/dist/data-access/repository-pattern.js +257 -0
- package/dist/data-access/repository-pattern.js.map +1 -0
- package/dist/data-access/transaction-patterns.d.ts +61 -0
- package/dist/data-access/transaction-patterns.d.ts.map +1 -0
- package/dist/data-access/transaction-patterns.js +277 -0
- package/dist/data-access/transaction-patterns.js.map +1 -0
- package/dist/data-access/validation-patterns.d.ts +62 -0
- package/dist/data-access/validation-patterns.d.ts.map +1 -0
- package/dist/data-access/validation-patterns.js +301 -0
- package/dist/data-access/validation-patterns.js.map +1 -0
- package/dist/documentation/deprecation.d.ts +62 -0
- package/dist/documentation/deprecation.d.ts.map +1 -0
- package/dist/documentation/deprecation.js +83 -0
- package/dist/documentation/deprecation.js.map +1 -0
- package/dist/documentation/example-code.d.ts +64 -0
- package/dist/documentation/example-code.d.ts.map +1 -0
- package/dist/documentation/example-code.js +79 -0
- package/dist/documentation/example-code.js.map +1 -0
- package/dist/documentation/index.d.ts +22 -0
- package/dist/documentation/index.d.ts.map +1 -0
- package/dist/documentation/index.js +19 -0
- package/dist/documentation/index.js.map +1 -0
- package/dist/documentation/jsdoc-patterns.d.ts +72 -0
- package/dist/documentation/jsdoc-patterns.d.ts.map +1 -0
- package/dist/documentation/jsdoc-patterns.js +92 -0
- package/dist/documentation/jsdoc-patterns.js.map +1 -0
- package/dist/documentation/readme-structure.d.ts +67 -0
- package/dist/documentation/readme-structure.d.ts.map +1 -0
- package/dist/documentation/readme-structure.js +76 -0
- package/dist/documentation/readme-structure.js.map +1 -0
- package/dist/documentation/todo-patterns.d.ts +67 -0
- package/dist/documentation/todo-patterns.d.ts.map +1 -0
- package/dist/documentation/todo-patterns.js +73 -0
- package/dist/documentation/todo-patterns.js.map +1 -0
- package/dist/errors/async-errors.d.ts +72 -0
- package/dist/errors/async-errors.d.ts.map +1 -0
- package/dist/errors/async-errors.js +214 -0
- package/dist/errors/async-errors.js.map +1 -0
- package/dist/errors/circuit-breaker.d.ts +53 -0
- package/dist/errors/circuit-breaker.d.ts.map +1 -0
- package/dist/errors/circuit-breaker.js +241 -0
- package/dist/errors/circuit-breaker.js.map +1 -0
- package/dist/errors/error-codes.d.ts +73 -0
- package/dist/errors/error-codes.d.ts.map +1 -0
- package/dist/errors/error-codes.js +211 -0
- package/dist/errors/error-codes.js.map +1 -0
- package/dist/errors/error-logging.d.ts +73 -0
- package/dist/errors/error-logging.d.ts.map +1 -0
- package/dist/errors/error-logging.js +256 -0
- package/dist/errors/error-logging.js.map +1 -0
- package/dist/errors/error-propagation.d.ts +73 -0
- package/dist/errors/error-propagation.d.ts.map +1 -0
- package/dist/errors/error-propagation.js +244 -0
- package/dist/errors/error-propagation.js.map +1 -0
- package/dist/errors/exception-hierarchy.d.ts +75 -0
- package/dist/errors/exception-hierarchy.d.ts.map +1 -0
- package/dist/errors/exception-hierarchy.js +259 -0
- package/dist/errors/exception-hierarchy.js.map +1 -0
- package/dist/errors/index.d.ts +31 -0
- package/dist/errors/index.d.ts.map +1 -0
- package/dist/errors/index.js +49 -0
- package/dist/errors/index.js.map +1 -0
- package/dist/errors/try-catch-placement.d.ts +73 -0
- package/dist/errors/try-catch-placement.d.ts.map +1 -0
- package/dist/errors/try-catch-placement.js +214 -0
- package/dist/errors/try-catch-placement.js.map +1 -0
- package/dist/index.d.ts +221 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +245 -0
- package/dist/index.js.map +1 -0
- package/dist/logging/context-fields.d.ts +48 -0
- package/dist/logging/context-fields.d.ts.map +1 -0
- package/dist/logging/context-fields.js +160 -0
- package/dist/logging/context-fields.js.map +1 -0
- package/dist/logging/correlation-ids.d.ts +44 -0
- package/dist/logging/correlation-ids.d.ts.map +1 -0
- package/dist/logging/correlation-ids.js +144 -0
- package/dist/logging/correlation-ids.js.map +1 -0
- package/dist/logging/health-checks.d.ts +45 -0
- package/dist/logging/health-checks.d.ts.map +1 -0
- package/dist/logging/health-checks.js +165 -0
- package/dist/logging/health-checks.js.map +1 -0
- package/dist/logging/index.d.ts +31 -0
- package/dist/logging/index.d.ts.map +1 -0
- package/dist/logging/index.js +49 -0
- package/dist/logging/index.js.map +1 -0
- package/dist/logging/log-levels.d.ts +46 -0
- package/dist/logging/log-levels.d.ts.map +1 -0
- package/dist/logging/log-levels.js +178 -0
- package/dist/logging/log-levels.js.map +1 -0
- package/dist/logging/metric-naming.d.ts +46 -0
- package/dist/logging/metric-naming.d.ts.map +1 -0
- package/dist/logging/metric-naming.js +157 -0
- package/dist/logging/metric-naming.js.map +1 -0
- package/dist/logging/pii-redaction.d.ts +44 -0
- package/dist/logging/pii-redaction.d.ts.map +1 -0
- package/dist/logging/pii-redaction.js +166 -0
- package/dist/logging/pii-redaction.js.map +1 -0
- package/dist/logging/structured-format.d.ts +53 -0
- package/dist/logging/structured-format.d.ts.map +1 -0
- package/dist/logging/structured-format.js +235 -0
- package/dist/logging/structured-format.js.map +1 -0
- package/dist/performance/bundle-size.d.ts +79 -0
- package/dist/performance/bundle-size.d.ts.map +1 -0
- package/dist/performance/bundle-size.js +276 -0
- package/dist/performance/bundle-size.js.map +1 -0
- package/dist/performance/caching-patterns.d.ts +78 -0
- package/dist/performance/caching-patterns.d.ts.map +1 -0
- package/dist/performance/caching-patterns.js +257 -0
- package/dist/performance/caching-patterns.js.map +1 -0
- package/dist/performance/code-splitting.d.ts +86 -0
- package/dist/performance/code-splitting.d.ts.map +1 -0
- package/dist/performance/code-splitting.js +447 -0
- package/dist/performance/code-splitting.js.map +1 -0
- package/dist/performance/debounce-throttle.d.ts +75 -0
- package/dist/performance/debounce-throttle.d.ts.map +1 -0
- package/dist/performance/debounce-throttle.js +232 -0
- package/dist/performance/debounce-throttle.js.map +1 -0
- package/dist/performance/index.d.ts +28 -0
- package/dist/performance/index.d.ts.map +1 -0
- package/dist/performance/index.js +39 -0
- package/dist/performance/index.js.map +1 -0
- package/dist/performance/lazy-loading.d.ts +75 -0
- package/dist/performance/lazy-loading.d.ts.map +1 -0
- package/dist/performance/lazy-loading.js +233 -0
- package/dist/performance/lazy-loading.js.map +1 -0
- package/dist/performance/memoization.d.ts +75 -0
- package/dist/performance/memoization.d.ts.map +1 -0
- package/dist/performance/memoization.js +251 -0
- package/dist/performance/memoization.js.map +1 -0
- package/dist/registry/detector-registry.d.ts +266 -0
- package/dist/registry/detector-registry.d.ts.map +1 -0
- package/dist/registry/detector-registry.js +526 -0
- package/dist/registry/detector-registry.js.map +1 -0
- package/dist/registry/index.d.ts +10 -0
- package/dist/registry/index.d.ts.map +1 -0
- package/dist/registry/index.js +10 -0
- package/dist/registry/index.js.map +1 -0
- package/dist/registry/loader.d.ts +232 -0
- package/dist/registry/loader.d.ts.map +1 -0
- package/dist/registry/loader.js +419 -0
- package/dist/registry/loader.js.map +1 -0
- package/dist/registry/types.d.ts +111 -0
- package/dist/registry/types.d.ts.map +1 -0
- package/dist/registry/types.js +19 -0
- package/dist/registry/types.js.map +1 -0
- package/dist/security/csp-headers.d.ts +78 -0
- package/dist/security/csp-headers.d.ts.map +1 -0
- package/dist/security/csp-headers.js +401 -0
- package/dist/security/csp-headers.js.map +1 -0
- package/dist/security/csrf-protection.d.ts +72 -0
- package/dist/security/csrf-protection.d.ts.map +1 -0
- package/dist/security/csrf-protection.js +344 -0
- package/dist/security/csrf-protection.js.map +1 -0
- package/dist/security/index.d.ts +30 -0
- package/dist/security/index.d.ts.map +1 -0
- package/dist/security/index.js +48 -0
- package/dist/security/index.js.map +1 -0
- package/dist/security/input-sanitization.d.ts +74 -0
- package/dist/security/input-sanitization.d.ts.map +1 -0
- package/dist/security/input-sanitization.js +373 -0
- package/dist/security/input-sanitization.js.map +1 -0
- package/dist/security/rate-limiting.d.ts +81 -0
- package/dist/security/rate-limiting.d.ts.map +1 -0
- package/dist/security/rate-limiting.js +535 -0
- package/dist/security/rate-limiting.js.map +1 -0
- package/dist/security/secret-management.d.ts +83 -0
- package/dist/security/secret-management.d.ts.map +1 -0
- package/dist/security/secret-management.js +547 -0
- package/dist/security/secret-management.js.map +1 -0
- package/dist/security/sql-injection.d.ts +76 -0
- package/dist/security/sql-injection.d.ts.map +1 -0
- package/dist/security/sql-injection.js +383 -0
- package/dist/security/sql-injection.js.map +1 -0
- package/dist/security/xss-prevention.d.ts +80 -0
- package/dist/security/xss-prevention.d.ts.map +1 -0
- package/dist/security/xss-prevention.js +416 -0
- package/dist/security/xss-prevention.js.map +1 -0
- package/dist/structural/barrel-exports.d.ts +178 -0
- package/dist/structural/barrel-exports.d.ts.map +1 -0
- package/dist/structural/barrel-exports.js +553 -0
- package/dist/structural/barrel-exports.js.map +1 -0
- package/dist/structural/circular-deps.d.ts +140 -0
- package/dist/structural/circular-deps.d.ts.map +1 -0
- package/dist/structural/circular-deps.js +422 -0
- package/dist/structural/circular-deps.js.map +1 -0
- package/dist/structural/co-location.d.ts +202 -0
- package/dist/structural/co-location.d.ts.map +1 -0
- package/dist/structural/co-location.js +640 -0
- package/dist/structural/co-location.js.map +1 -0
- package/dist/structural/directory-structure.d.ts +151 -0
- package/dist/structural/directory-structure.d.ts.map +1 -0
- package/dist/structural/directory-structure.js +457 -0
- package/dist/structural/directory-structure.js.map +1 -0
- package/dist/structural/file-naming.d.ts +61 -0
- package/dist/structural/file-naming.d.ts.map +1 -0
- package/dist/structural/file-naming.js +231 -0
- package/dist/structural/file-naming.js.map +1 -0
- package/dist/structural/import-ordering.d.ts +212 -0
- package/dist/structural/import-ordering.d.ts.map +1 -0
- package/dist/structural/import-ordering.js +821 -0
- package/dist/structural/import-ordering.js.map +1 -0
- package/dist/structural/index.d.ts +23 -0
- package/dist/structural/index.d.ts.map +1 -0
- package/dist/structural/index.js +26 -0
- package/dist/structural/index.js.map +1 -0
- package/dist/structural/module-boundaries.d.ts +164 -0
- package/dist/structural/module-boundaries.d.ts.map +1 -0
- package/dist/structural/module-boundaries.js +616 -0
- package/dist/structural/module-boundaries.js.map +1 -0
- package/dist/structural/package-boundaries.d.ts +182 -0
- package/dist/structural/package-boundaries.d.ts.map +1 -0
- package/dist/structural/package-boundaries.js +602 -0
- package/dist/structural/package-boundaries.js.map +1 -0
- package/dist/styling/class-naming.d.ts +263 -0
- package/dist/styling/class-naming.d.ts.map +1 -0
- package/dist/styling/class-naming.js +892 -0
- package/dist/styling/class-naming.js.map +1 -0
- package/dist/styling/color-usage.d.ts +213 -0
- package/dist/styling/color-usage.d.ts.map +1 -0
- package/dist/styling/color-usage.js +732 -0
- package/dist/styling/color-usage.js.map +1 -0
- package/dist/styling/design-tokens.d.ts +212 -0
- package/dist/styling/design-tokens.d.ts.map +1 -0
- package/dist/styling/design-tokens.js +748 -0
- package/dist/styling/design-tokens.js.map +1 -0
- package/dist/styling/index.d.ts +16 -0
- package/dist/styling/index.d.ts.map +1 -0
- package/dist/styling/index.js +56 -0
- package/dist/styling/index.js.map +1 -0
- package/dist/styling/responsive.d.ts +304 -0
- package/dist/styling/responsive.d.ts.map +1 -0
- package/dist/styling/responsive.js +888 -0
- package/dist/styling/responsive.js.map +1 -0
- package/dist/styling/spacing-scale.d.ts +248 -0
- package/dist/styling/spacing-scale.d.ts.map +1 -0
- package/dist/styling/spacing-scale.js +865 -0
- package/dist/styling/spacing-scale.js.map +1 -0
- package/dist/styling/tailwind-patterns.d.ts +305 -0
- package/dist/styling/tailwind-patterns.d.ts.map +1 -0
- package/dist/styling/tailwind-patterns.js +1181 -0
- package/dist/styling/tailwind-patterns.js.map +1 -0
- package/dist/styling/typography.d.ts +281 -0
- package/dist/styling/typography.d.ts.map +1 -0
- package/dist/styling/typography.js +1004 -0
- package/dist/styling/typography.js.map +1 -0
- package/dist/styling/z-index-scale.d.ts +270 -0
- package/dist/styling/z-index-scale.d.ts.map +1 -0
- package/dist/styling/z-index-scale.js +714 -0
- package/dist/styling/z-index-scale.js.map +1 -0
- package/dist/testing/co-location.d.ts +42 -0
- package/dist/testing/co-location.d.ts.map +1 -0
- package/dist/testing/co-location.js +134 -0
- package/dist/testing/co-location.js.map +1 -0
- package/dist/testing/describe-naming.d.ts +47 -0
- package/dist/testing/describe-naming.d.ts.map +1 -0
- package/dist/testing/describe-naming.js +150 -0
- package/dist/testing/describe-naming.js.map +1 -0
- package/dist/testing/file-naming.d.ts +44 -0
- package/dist/testing/file-naming.d.ts.map +1 -0
- package/dist/testing/file-naming.js +131 -0
- package/dist/testing/file-naming.js.map +1 -0
- package/dist/testing/fixture-patterns.d.ts +52 -0
- package/dist/testing/fixture-patterns.d.ts.map +1 -0
- package/dist/testing/fixture-patterns.js +228 -0
- package/dist/testing/fixture-patterns.js.map +1 -0
- package/dist/testing/index.d.ts +31 -0
- package/dist/testing/index.d.ts.map +1 -0
- package/dist/testing/index.js +49 -0
- package/dist/testing/index.js.map +1 -0
- package/dist/testing/mock-patterns.d.ts +53 -0
- package/dist/testing/mock-patterns.d.ts.map +1 -0
- package/dist/testing/mock-patterns.js +264 -0
- package/dist/testing/mock-patterns.js.map +1 -0
- package/dist/testing/setup-teardown.d.ts +55 -0
- package/dist/testing/setup-teardown.d.ts.map +1 -0
- package/dist/testing/setup-teardown.js +262 -0
- package/dist/testing/setup-teardown.js.map +1 -0
- package/dist/testing/test-structure.d.ts +51 -0
- package/dist/testing/test-structure.d.ts.map +1 -0
- package/dist/testing/test-structure.js +225 -0
- package/dist/testing/test-structure.js.map +1 -0
- package/dist/types/any-usage.d.ts +99 -0
- package/dist/types/any-usage.d.ts.map +1 -0
- package/dist/types/any-usage.js +641 -0
- package/dist/types/any-usage.js.map +1 -0
- package/dist/types/file-location.d.ts +76 -0
- package/dist/types/file-location.d.ts.map +1 -0
- package/dist/types/file-location.js +395 -0
- package/dist/types/file-location.js.map +1 -0
- package/dist/types/generic-patterns.d.ts +97 -0
- package/dist/types/generic-patterns.d.ts.map +1 -0
- package/dist/types/generic-patterns.js +615 -0
- package/dist/types/generic-patterns.js.map +1 -0
- package/dist/types/index.d.ts +31 -0
- package/dist/types/index.d.ts.map +1 -0
- package/dist/types/index.js +43 -0
- package/dist/types/index.js.map +1 -0
- package/dist/types/interface-vs-type.d.ts +81 -0
- package/dist/types/interface-vs-type.d.ts.map +1 -0
- package/dist/types/interface-vs-type.js +440 -0
- package/dist/types/interface-vs-type.js.map +1 -0
- package/dist/types/naming-conventions.d.ts +84 -0
- package/dist/types/naming-conventions.d.ts.map +1 -0
- package/dist/types/naming-conventions.js +455 -0
- package/dist/types/naming-conventions.js.map +1 -0
- package/dist/types/type-assertions.d.ts +98 -0
- package/dist/types/type-assertions.d.ts.map +1 -0
- package/dist/types/type-assertions.js +639 -0
- package/dist/types/type-assertions.js.map +1 -0
- package/dist/types/utility-types.d.ts +110 -0
- package/dist/types/utility-types.d.ts.map +1 -0
- package/dist/types/utility-types.js +547 -0
- package/dist/types/utility-types.js.map +1 -0
- package/package.json +44 -0
|
@@ -0,0 +1,72 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CSRF Protection Detector - Cross-Site Request Forgery protection pattern detection
|
|
3
|
+
*
|
|
4
|
+
* Detects CSRF protection patterns including:
|
|
5
|
+
* - CSRF token generation and validation
|
|
6
|
+
* - CSRF middleware (csurf, csrf)
|
|
7
|
+
* - SameSite cookie attributes
|
|
8
|
+
* - Double submit cookie pattern
|
|
9
|
+
* - Origin/Referer header validation
|
|
10
|
+
*
|
|
11
|
+
* @requirements 16.4 - CSRF protection patterns
|
|
12
|
+
*/
|
|
13
|
+
import type { Violation, QuickFix, PatternCategory, Language } from 'driftdetect-core';
|
|
14
|
+
import { RegexDetector } from '../base/regex-detector.js';
|
|
15
|
+
import type { DetectionContext, DetectionResult } from '../base/base-detector.js';
|
|
16
|
+
export type CSRFProtectionPatternType = 'csrf-token' | 'csrf-middleware' | 'same-site-cookie' | 'double-submit' | 'origin-validation' | 'referer-validation' | 'csrf-header';
|
|
17
|
+
export type CSRFViolationType = 'missing-csrf-token' | 'insecure-cookie' | 'missing-same-site';
|
|
18
|
+
export interface CSRFProtectionPatternInfo {
|
|
19
|
+
type: CSRFProtectionPatternType;
|
|
20
|
+
file: string;
|
|
21
|
+
line: number;
|
|
22
|
+
column: number;
|
|
23
|
+
matchedText: string;
|
|
24
|
+
context?: string | undefined;
|
|
25
|
+
}
|
|
26
|
+
export interface CSRFViolationInfo {
|
|
27
|
+
type: CSRFViolationType;
|
|
28
|
+
file: string;
|
|
29
|
+
line: number;
|
|
30
|
+
column: number;
|
|
31
|
+
matchedText: string;
|
|
32
|
+
issue: string;
|
|
33
|
+
suggestedFix?: string | undefined;
|
|
34
|
+
severity: 'high' | 'medium' | 'low';
|
|
35
|
+
}
|
|
36
|
+
export interface CSRFProtectionAnalysis {
|
|
37
|
+
patterns: CSRFProtectionPatternInfo[];
|
|
38
|
+
violations: CSRFViolationInfo[];
|
|
39
|
+
hasCSRFProtection: boolean;
|
|
40
|
+
hasSameSiteCookies: boolean;
|
|
41
|
+
confidence: number;
|
|
42
|
+
}
|
|
43
|
+
export declare const CSRF_TOKEN_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
44
|
+
export declare const CSRF_MIDDLEWARE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
45
|
+
export declare const SAME_SITE_COOKIE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
|
|
46
|
+
export declare const DOUBLE_SUBMIT_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
|
|
47
|
+
export declare const ORIGIN_VALIDATION_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
48
|
+
export declare const REFERER_VALIDATION_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
|
|
49
|
+
export declare const CSRF_HEADER_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
|
|
50
|
+
export declare const INSECURE_COOKIE_PATTERNS: readonly [RegExp, RegExp];
|
|
51
|
+
export declare function shouldExcludeFile(filePath: string): boolean;
|
|
52
|
+
export declare function detectCSRFTokens(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
53
|
+
export declare function detectCSRFMiddleware(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
54
|
+
export declare function detectSameSiteCookies(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
55
|
+
export declare function detectDoubleSubmit(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
56
|
+
export declare function detectOriginValidation(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
57
|
+
export declare function detectRefererValidation(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
58
|
+
export declare function detectCSRFHeaders(content: string, filePath: string): CSRFProtectionPatternInfo[];
|
|
59
|
+
export declare function detectInsecureCookieViolations(content: string, filePath: string): CSRFViolationInfo[];
|
|
60
|
+
export declare function analyzeCSRFProtection(content: string, filePath: string): CSRFProtectionAnalysis;
|
|
61
|
+
export declare class CSRFProtectionDetector extends RegexDetector {
|
|
62
|
+
readonly id = "security/csrf-protection";
|
|
63
|
+
readonly name = "CSRF Protection Detector";
|
|
64
|
+
readonly description = "Detects CSRF protection patterns and identifies potential vulnerabilities";
|
|
65
|
+
readonly category: PatternCategory;
|
|
66
|
+
readonly subcategory = "csrf-protection";
|
|
67
|
+
readonly supportedLanguages: Language[];
|
|
68
|
+
detect(context: DetectionContext): Promise<DetectionResult>;
|
|
69
|
+
generateQuickFix(_violation: Violation): QuickFix | null;
|
|
70
|
+
}
|
|
71
|
+
export declare function createCSRFProtectionDetector(): CSRFProtectionDetector;
|
|
72
|
+
//# sourceMappingURL=csrf-protection.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csrf-protection.d.ts","sourceRoot":"","sources":["../../src/security/csrf-protection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAMlF,MAAM,MAAM,yBAAyB,GACjC,YAAY,GACZ,iBAAiB,GACjB,kBAAkB,GAClB,eAAe,GACf,mBAAmB,GACnB,oBAAoB,GACpB,aAAa,CAAC;AAElB,MAAM,MAAM,iBAAiB,GACzB,oBAAoB,GACpB,iBAAiB,GACjB,mBAAmB,CAAC;AAExB,MAAM,WAAW,yBAAyB;IACxC,IAAI,EAAE,yBAAyB,CAAC;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC9B;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,iBAAiB,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAClC,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACrC;AAED,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,yBAAyB,EAAE,CAAC;IACtC,UAAU,EAAE,iBAAiB,EAAE,CAAC;IAChC,iBAAiB,EAAE,OAAO,CAAC;IAC3B,kBAAkB,EAAE,OAAO,CAAC;IAC5B,UAAU,EAAE,MAAM,CAAC;CACpB;AAMD,eAAO,MAAM,mBAAmB,mIAkBtB,CAAC;AAEX,eAAO,MAAM,wBAAwB,mEAQ3B,CAAC;AAEX,eAAO,MAAM,yBAAyB,2CAK5B,CAAC;AAEX,eAAO,MAAM,sBAAsB,2CAKzB,CAAC;AAEX,eAAO,MAAM,0BAA0B,2FAa7B,CAAC;AAEX,eAAO,MAAM,2BAA2B,2CAK9B,CAAC;AAEX,eAAO,MAAM,oBAAoB,2CAKvB,CAAC;AAEX,eAAO,MAAM,wBAAwB,2BAG3B,CAAC;AAMX,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAU3D;AAED,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,oBAAoB,CAClC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,sBAAsB,CACpC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,EAAE,CAuB7B;AAED,wBAAgB,8BAA8B,CAC5C,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,iBAAiB,EAAE,CAyBrB;AAED,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,sBAAsB,CAqCxB;AAMD,qBAAa,sBAAuB,SAAQ,aAAa;IACvD,QAAQ,CAAC,EAAE,8BAA8B;IACzC,QAAQ,CAAC,IAAI,8BAA8B;IAC3C,QAAQ,CAAC,WAAW,+EAC0D;IAC9E,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAc;IAChD,QAAQ,CAAC,WAAW,qBAAqB;IACzC,QAAQ,CAAC,kBAAkB,EAAE,QAAQ,EAAE,CAA0C;IAE3E,MAAM,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAqBjE,gBAAgB,CAAC,UAAU,EAAE,SAAS,GAAG,QAAQ,GAAG,IAAI;CAGzD;AAED,wBAAgB,4BAA4B,IAAI,sBAAsB,CAErE"}
|
|
@@ -0,0 +1,344 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CSRF Protection Detector - Cross-Site Request Forgery protection pattern detection
|
|
3
|
+
*
|
|
4
|
+
* Detects CSRF protection patterns including:
|
|
5
|
+
* - CSRF token generation and validation
|
|
6
|
+
* - CSRF middleware (csurf, csrf)
|
|
7
|
+
* - SameSite cookie attributes
|
|
8
|
+
* - Double submit cookie pattern
|
|
9
|
+
* - Origin/Referer header validation
|
|
10
|
+
*
|
|
11
|
+
* @requirements 16.4 - CSRF protection patterns
|
|
12
|
+
*/
|
|
13
|
+
import { RegexDetector } from '../base/regex-detector.js';
|
|
14
|
+
// ============================================================================
|
|
15
|
+
// Constants
|
|
16
|
+
// ============================================================================
|
|
17
|
+
export const CSRF_TOKEN_PATTERNS = [
|
|
18
|
+
// TypeScript/JavaScript patterns
|
|
19
|
+
/csrfToken/gi,
|
|
20
|
+
/csrf_token/gi,
|
|
21
|
+
/xsrfToken/gi,
|
|
22
|
+
/xsrf_token/gi,
|
|
23
|
+
/_csrf/gi,
|
|
24
|
+
/anti-csrf/gi,
|
|
25
|
+
/generateCsrfToken\s*\(/gi,
|
|
26
|
+
/validateCsrfToken\s*\(/gi,
|
|
27
|
+
/verifyCsrfToken\s*\(/gi,
|
|
28
|
+
// Python patterns - Django, Flask
|
|
29
|
+
/csrf_protect/gi,
|
|
30
|
+
/CSRFProtect/gi,
|
|
31
|
+
/@csrf_exempt/gi,
|
|
32
|
+
/csrf_token\s*\(/gi,
|
|
33
|
+
/get_token\s*\(/gi,
|
|
34
|
+
/CsrfViewMiddleware/gi,
|
|
35
|
+
];
|
|
36
|
+
export const CSRF_MIDDLEWARE_PATTERNS = [
|
|
37
|
+
/csurf\s*\(/gi,
|
|
38
|
+
/csrf\s*\(/gi,
|
|
39
|
+
/csrfProtection/gi,
|
|
40
|
+
/lusca\.csrf\s*\(/gi,
|
|
41
|
+
/helmet\.csrf\s*\(/gi,
|
|
42
|
+
/import.*csurf/gi,
|
|
43
|
+
/require\s*\(\s*['"`]csurf['"`]\s*\)/gi,
|
|
44
|
+
];
|
|
45
|
+
export const SAME_SITE_COOKIE_PATTERNS = [
|
|
46
|
+
/sameSite\s*[=:]\s*['"`](?:strict|lax|none)['"`]/gi,
|
|
47
|
+
/SameSite\s*=\s*(?:Strict|Lax|None)/gi,
|
|
48
|
+
/cookie\s*\(\s*\{[^}]*sameSite/gi,
|
|
49
|
+
/cookieOptions\s*[=:]\s*\{[^}]*sameSite/gi,
|
|
50
|
+
];
|
|
51
|
+
export const DOUBLE_SUBMIT_PATTERNS = [
|
|
52
|
+
/doubleSubmit/gi,
|
|
53
|
+
/double-submit/gi,
|
|
54
|
+
/csrfCookie/gi,
|
|
55
|
+
/csrf-cookie/gi,
|
|
56
|
+
];
|
|
57
|
+
export const ORIGIN_VALIDATION_PATTERNS = [
|
|
58
|
+
// TypeScript/JavaScript patterns
|
|
59
|
+
/req\.headers\s*\[\s*['"`]origin['"`]\s*\]/gi,
|
|
60
|
+
/request\.headers\.origin/gi,
|
|
61
|
+
/validateOrigin\s*\(/gi,
|
|
62
|
+
/checkOrigin\s*\(/gi,
|
|
63
|
+
/allowedOrigins/gi,
|
|
64
|
+
// Python patterns - FastAPI, Flask
|
|
65
|
+
/request\.headers\.get\s*\(\s*['"`]origin['"`]/gi,
|
|
66
|
+
/validate_origin\s*\(/gi,
|
|
67
|
+
/check_origin\s*\(/gi,
|
|
68
|
+
/allowed_origins/gi,
|
|
69
|
+
/CORSMiddleware/gi,
|
|
70
|
+
];
|
|
71
|
+
export const REFERER_VALIDATION_PATTERNS = [
|
|
72
|
+
/req\.headers\s*\[\s*['"`]referer['"`]\s*\]/gi,
|
|
73
|
+
/request\.headers\.referer/gi,
|
|
74
|
+
/validateReferer\s*\(/gi,
|
|
75
|
+
/checkReferer\s*\(/gi,
|
|
76
|
+
];
|
|
77
|
+
export const CSRF_HEADER_PATTERNS = [
|
|
78
|
+
/x-csrf-token/gi,
|
|
79
|
+
/x-xsrf-token/gi,
|
|
80
|
+
/x-requested-with/gi,
|
|
81
|
+
/csrf-token/gi,
|
|
82
|
+
];
|
|
83
|
+
export const INSECURE_COOKIE_PATTERNS = [
|
|
84
|
+
/httpOnly\s*[=:]\s*false/gi,
|
|
85
|
+
/secure\s*[=:]\s*false/gi,
|
|
86
|
+
];
|
|
87
|
+
// ============================================================================
|
|
88
|
+
// Analysis Functions
|
|
89
|
+
// ============================================================================
|
|
90
|
+
export function shouldExcludeFile(filePath) {
|
|
91
|
+
const excludePatterns = [
|
|
92
|
+
/\.test\.[jt]sx?$/,
|
|
93
|
+
/\.spec\.[jt]sx?$/,
|
|
94
|
+
/__tests__\//,
|
|
95
|
+
/\.d\.ts$/,
|
|
96
|
+
/node_modules\//,
|
|
97
|
+
/\.min\.[jt]s$/,
|
|
98
|
+
];
|
|
99
|
+
return excludePatterns.some((p) => p.test(filePath));
|
|
100
|
+
}
|
|
101
|
+
export function detectCSRFTokens(content, filePath) {
|
|
102
|
+
const results = [];
|
|
103
|
+
const lines = content.split('\n');
|
|
104
|
+
for (let i = 0; i < lines.length; i++) {
|
|
105
|
+
const line = lines[i];
|
|
106
|
+
for (const pattern of CSRF_TOKEN_PATTERNS) {
|
|
107
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
108
|
+
let match;
|
|
109
|
+
while ((match = regex.exec(line)) !== null) {
|
|
110
|
+
results.push({
|
|
111
|
+
type: 'csrf-token',
|
|
112
|
+
file: filePath,
|
|
113
|
+
line: i + 1,
|
|
114
|
+
column: match.index + 1,
|
|
115
|
+
matchedText: match[0],
|
|
116
|
+
context: line.trim(),
|
|
117
|
+
});
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
return results;
|
|
122
|
+
}
|
|
123
|
+
export function detectCSRFMiddleware(content, filePath) {
|
|
124
|
+
const results = [];
|
|
125
|
+
const lines = content.split('\n');
|
|
126
|
+
for (let i = 0; i < lines.length; i++) {
|
|
127
|
+
const line = lines[i];
|
|
128
|
+
for (const pattern of CSRF_MIDDLEWARE_PATTERNS) {
|
|
129
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
130
|
+
let match;
|
|
131
|
+
while ((match = regex.exec(line)) !== null) {
|
|
132
|
+
results.push({
|
|
133
|
+
type: 'csrf-middleware',
|
|
134
|
+
file: filePath,
|
|
135
|
+
line: i + 1,
|
|
136
|
+
column: match.index + 1,
|
|
137
|
+
matchedText: match[0],
|
|
138
|
+
context: line.trim(),
|
|
139
|
+
});
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
return results;
|
|
144
|
+
}
|
|
145
|
+
export function detectSameSiteCookies(content, filePath) {
|
|
146
|
+
const results = [];
|
|
147
|
+
const lines = content.split('\n');
|
|
148
|
+
for (let i = 0; i < lines.length; i++) {
|
|
149
|
+
const line = lines[i];
|
|
150
|
+
for (const pattern of SAME_SITE_COOKIE_PATTERNS) {
|
|
151
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
152
|
+
let match;
|
|
153
|
+
while ((match = regex.exec(line)) !== null) {
|
|
154
|
+
results.push({
|
|
155
|
+
type: 'same-site-cookie',
|
|
156
|
+
file: filePath,
|
|
157
|
+
line: i + 1,
|
|
158
|
+
column: match.index + 1,
|
|
159
|
+
matchedText: match[0],
|
|
160
|
+
context: line.trim(),
|
|
161
|
+
});
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
}
|
|
165
|
+
return results;
|
|
166
|
+
}
|
|
167
|
+
export function detectDoubleSubmit(content, filePath) {
|
|
168
|
+
const results = [];
|
|
169
|
+
const lines = content.split('\n');
|
|
170
|
+
for (let i = 0; i < lines.length; i++) {
|
|
171
|
+
const line = lines[i];
|
|
172
|
+
for (const pattern of DOUBLE_SUBMIT_PATTERNS) {
|
|
173
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
174
|
+
let match;
|
|
175
|
+
while ((match = regex.exec(line)) !== null) {
|
|
176
|
+
results.push({
|
|
177
|
+
type: 'double-submit',
|
|
178
|
+
file: filePath,
|
|
179
|
+
line: i + 1,
|
|
180
|
+
column: match.index + 1,
|
|
181
|
+
matchedText: match[0],
|
|
182
|
+
context: line.trim(),
|
|
183
|
+
});
|
|
184
|
+
}
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
return results;
|
|
188
|
+
}
|
|
189
|
+
export function detectOriginValidation(content, filePath) {
|
|
190
|
+
const results = [];
|
|
191
|
+
const lines = content.split('\n');
|
|
192
|
+
for (let i = 0; i < lines.length; i++) {
|
|
193
|
+
const line = lines[i];
|
|
194
|
+
for (const pattern of ORIGIN_VALIDATION_PATTERNS) {
|
|
195
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
196
|
+
let match;
|
|
197
|
+
while ((match = regex.exec(line)) !== null) {
|
|
198
|
+
results.push({
|
|
199
|
+
type: 'origin-validation',
|
|
200
|
+
file: filePath,
|
|
201
|
+
line: i + 1,
|
|
202
|
+
column: match.index + 1,
|
|
203
|
+
matchedText: match[0],
|
|
204
|
+
context: line.trim(),
|
|
205
|
+
});
|
|
206
|
+
}
|
|
207
|
+
}
|
|
208
|
+
}
|
|
209
|
+
return results;
|
|
210
|
+
}
|
|
211
|
+
export function detectRefererValidation(content, filePath) {
|
|
212
|
+
const results = [];
|
|
213
|
+
const lines = content.split('\n');
|
|
214
|
+
for (let i = 0; i < lines.length; i++) {
|
|
215
|
+
const line = lines[i];
|
|
216
|
+
for (const pattern of REFERER_VALIDATION_PATTERNS) {
|
|
217
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
218
|
+
let match;
|
|
219
|
+
while ((match = regex.exec(line)) !== null) {
|
|
220
|
+
results.push({
|
|
221
|
+
type: 'referer-validation',
|
|
222
|
+
file: filePath,
|
|
223
|
+
line: i + 1,
|
|
224
|
+
column: match.index + 1,
|
|
225
|
+
matchedText: match[0],
|
|
226
|
+
context: line.trim(),
|
|
227
|
+
});
|
|
228
|
+
}
|
|
229
|
+
}
|
|
230
|
+
}
|
|
231
|
+
return results;
|
|
232
|
+
}
|
|
233
|
+
export function detectCSRFHeaders(content, filePath) {
|
|
234
|
+
const results = [];
|
|
235
|
+
const lines = content.split('\n');
|
|
236
|
+
for (let i = 0; i < lines.length; i++) {
|
|
237
|
+
const line = lines[i];
|
|
238
|
+
for (const pattern of CSRF_HEADER_PATTERNS) {
|
|
239
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
240
|
+
let match;
|
|
241
|
+
while ((match = regex.exec(line)) !== null) {
|
|
242
|
+
results.push({
|
|
243
|
+
type: 'csrf-header',
|
|
244
|
+
file: filePath,
|
|
245
|
+
line: i + 1,
|
|
246
|
+
column: match.index + 1,
|
|
247
|
+
matchedText: match[0],
|
|
248
|
+
context: line.trim(),
|
|
249
|
+
});
|
|
250
|
+
}
|
|
251
|
+
}
|
|
252
|
+
}
|
|
253
|
+
return results;
|
|
254
|
+
}
|
|
255
|
+
export function detectInsecureCookieViolations(content, filePath) {
|
|
256
|
+
const results = [];
|
|
257
|
+
const lines = content.split('\n');
|
|
258
|
+
for (let i = 0; i < lines.length; i++) {
|
|
259
|
+
const line = lines[i];
|
|
260
|
+
for (const pattern of INSECURE_COOKIE_PATTERNS) {
|
|
261
|
+
const regex = new RegExp(pattern.source, pattern.flags);
|
|
262
|
+
let match;
|
|
263
|
+
while ((match = regex.exec(line)) !== null) {
|
|
264
|
+
results.push({
|
|
265
|
+
type: 'insecure-cookie',
|
|
266
|
+
file: filePath,
|
|
267
|
+
line: i + 1,
|
|
268
|
+
column: match.index + 1,
|
|
269
|
+
matchedText: match[0],
|
|
270
|
+
issue: 'Insecure cookie configuration detected',
|
|
271
|
+
suggestedFix: 'Set httpOnly: true and secure: true for sensitive cookies',
|
|
272
|
+
severity: 'medium',
|
|
273
|
+
});
|
|
274
|
+
}
|
|
275
|
+
}
|
|
276
|
+
}
|
|
277
|
+
return results;
|
|
278
|
+
}
|
|
279
|
+
export function analyzeCSRFProtection(content, filePath) {
|
|
280
|
+
if (shouldExcludeFile(filePath)) {
|
|
281
|
+
return {
|
|
282
|
+
patterns: [],
|
|
283
|
+
violations: [],
|
|
284
|
+
hasCSRFProtection: false,
|
|
285
|
+
hasSameSiteCookies: false,
|
|
286
|
+
confidence: 1.0,
|
|
287
|
+
};
|
|
288
|
+
}
|
|
289
|
+
const patterns = [
|
|
290
|
+
...detectCSRFTokens(content, filePath),
|
|
291
|
+
...detectCSRFMiddleware(content, filePath),
|
|
292
|
+
...detectSameSiteCookies(content, filePath),
|
|
293
|
+
...detectDoubleSubmit(content, filePath),
|
|
294
|
+
...detectOriginValidation(content, filePath),
|
|
295
|
+
...detectRefererValidation(content, filePath),
|
|
296
|
+
...detectCSRFHeaders(content, filePath),
|
|
297
|
+
];
|
|
298
|
+
const violations = detectInsecureCookieViolations(content, filePath);
|
|
299
|
+
const hasCSRFProtection = patterns.some((p) => p.type === 'csrf-token' || p.type === 'csrf-middleware');
|
|
300
|
+
const hasSameSiteCookies = patterns.some((p) => p.type === 'same-site-cookie');
|
|
301
|
+
const confidence = hasCSRFProtection ? 0.95 : hasSameSiteCookies ? 0.85 : 0.7;
|
|
302
|
+
return {
|
|
303
|
+
patterns,
|
|
304
|
+
violations,
|
|
305
|
+
hasCSRFProtection,
|
|
306
|
+
hasSameSiteCookies,
|
|
307
|
+
confidence,
|
|
308
|
+
};
|
|
309
|
+
}
|
|
310
|
+
// ============================================================================
|
|
311
|
+
// Detector Class
|
|
312
|
+
// ============================================================================
|
|
313
|
+
export class CSRFProtectionDetector extends RegexDetector {
|
|
314
|
+
id = 'security/csrf-protection';
|
|
315
|
+
name = 'CSRF Protection Detector';
|
|
316
|
+
description = 'Detects CSRF protection patterns and identifies potential vulnerabilities';
|
|
317
|
+
category = 'security';
|
|
318
|
+
subcategory = 'csrf-protection';
|
|
319
|
+
supportedLanguages = ['typescript', 'javascript', 'python'];
|
|
320
|
+
async detect(context) {
|
|
321
|
+
if (!this.supportsLanguage(context.language)) {
|
|
322
|
+
return this.createEmptyResult();
|
|
323
|
+
}
|
|
324
|
+
const analysis = analyzeCSRFProtection(context.content, context.file);
|
|
325
|
+
if (analysis.patterns.length === 0 && analysis.violations.length === 0) {
|
|
326
|
+
return this.createEmptyResult();
|
|
327
|
+
}
|
|
328
|
+
return this.createResult([], [], analysis.confidence, {
|
|
329
|
+
custom: {
|
|
330
|
+
patterns: analysis.patterns,
|
|
331
|
+
violations: analysis.violations,
|
|
332
|
+
hasCSRFProtection: analysis.hasCSRFProtection,
|
|
333
|
+
hasSameSiteCookies: analysis.hasSameSiteCookies,
|
|
334
|
+
},
|
|
335
|
+
});
|
|
336
|
+
}
|
|
337
|
+
generateQuickFix(_violation) {
|
|
338
|
+
return null;
|
|
339
|
+
}
|
|
340
|
+
}
|
|
341
|
+
export function createCSRFProtectionDetector() {
|
|
342
|
+
return new CSRFProtectionDetector();
|
|
343
|
+
}
|
|
344
|
+
//# sourceMappingURL=csrf-protection.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"csrf-protection.js","sourceRoot":"","sources":["../../src/security/csrf-protection.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAiD1D,+EAA+E;AAC/E,YAAY;AACZ,+EAA+E;AAE/E,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,iCAAiC;IACjC,aAAa;IACb,cAAc;IACd,aAAa;IACb,cAAc;IACd,SAAS;IACT,aAAa;IACb,0BAA0B;IAC1B,0BAA0B;IAC1B,wBAAwB;IACxB,kCAAkC;IAClC,gBAAgB;IAChB,eAAe;IACf,gBAAgB;IAChB,mBAAmB;IACnB,kBAAkB;IAClB,sBAAsB;CACd,CAAC;AAEX,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,cAAc;IACd,aAAa;IACb,kBAAkB;IAClB,oBAAoB;IACpB,qBAAqB;IACrB,iBAAiB;IACjB,uCAAuC;CAC/B,CAAC;AAEX,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,mDAAmD;IACnD,sCAAsC;IACtC,iCAAiC;IACjC,0CAA0C;CAClC,CAAC;AAEX,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,gBAAgB;IAChB,iBAAiB;IACjB,cAAc;IACd,eAAe;CACP,CAAC;AAEX,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,iCAAiC;IACjC,6CAA6C;IAC7C,4BAA4B;IAC5B,uBAAuB;IACvB,oBAAoB;IACpB,kBAAkB;IAClB,mCAAmC;IACnC,iDAAiD;IACjD,wBAAwB;IACxB,qBAAqB;IACrB,mBAAmB;IACnB,kBAAkB;CACV,CAAC;AAEX,MAAM,CAAC,MAAM,2BAA2B,GAAG;IACzC,8CAA8C;IAC9C,6BAA6B;IAC7B,wBAAwB;IACxB,qBAAqB;CACb,CAAC;AAEX,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,gBAAgB;IAChB,gBAAgB;IAChB,oBAAoB;IACpB,cAAc;CACN,CAAC;AAEX,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,2BAA2B;IAC3B,yBAAyB;CACjB,CAAC;AAEX,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,MAAM,UAAU,iBAAiB,CAAC,QAAgB;IAChD,MAAM,eAAe,GAAG;QACtB,kBAAkB;QAClB,kBAAkB;QAClB,aAAa;QACb,UAAU;QACV,gBAAgB;QAChB,eAAe;KAChB,CAAC;IACF,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,oBAAoB,CAClC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;YAC/C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,iBAAiB;oBACvB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;YAChD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,kBAAkB;oBACxB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,sBAAsB,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,eAAe;oBACrB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,sBAAsB,CACpC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;YACjD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,mBAAmB;oBACzB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,uBAAuB,CACrC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;YAClD,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,oBAAoB;oBAC1B,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAgC,EAAE,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,oBAAoB,EAAE,CAAC;YAC3C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,aAAa;oBACnB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,8BAA8B,CAC5C,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAwB,EAAE,CAAC;IACxC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;YAC/C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,iBAAiB;oBACvB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,KAAK,EAAE,wCAAwC;oBAC/C,YAAY,EAAE,2DAA2D;oBACzE,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,qBAAqB,CACnC,OAAe,EACf,QAAgB;IAEhB,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,EAAE;YACZ,UAAU,EAAE,EAAE;YACd,iBAAiB,EAAE,KAAK;YACxB,kBAAkB,EAAE,KAAK;YACzB,UAAU,EAAE,GAAG;SAChB,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAAgC;QAC5C,GAAG,gBAAgB,CAAC,OAAO,EAAE,QAAQ,CAAC;QACtC,GAAG,oBAAoB,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC1C,GAAG,qBAAqB,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC3C,GAAG,kBAAkB,CAAC,OAAO,EAAE,QAAQ,CAAC;QACxC,GAAG,sBAAsB,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC5C,GAAG,uBAAuB,CAAC,OAAO,EAAE,QAAQ,CAAC;QAC7C,GAAG,iBAAiB,CAAC,OAAO,EAAE,QAAQ,CAAC;KACxC,CAAC;IAEF,MAAM,UAAU,GAAG,8BAA8B,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IAErE,MAAM,iBAAiB,GAAG,QAAQ,CAAC,IAAI,CACrC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAC/D,CAAC;IACF,MAAM,kBAAkB,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CAAC,CAAC;IAE/E,MAAM,UAAU,GAAG,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;IAE9E,OAAO;QACL,QAAQ;QACR,UAAU;QACV,iBAAiB;QACjB,kBAAkB;QAClB,UAAU;KACX,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,MAAM,OAAO,sBAAuB,SAAQ,aAAa;IAC9C,EAAE,GAAG,0BAA0B,CAAC;IAChC,IAAI,GAAG,0BAA0B,CAAC;IAClC,WAAW,GAClB,2EAA2E,CAAC;IACrE,QAAQ,GAAoB,UAAU,CAAC;IACvC,WAAW,GAAG,iBAAiB,CAAC;IAChC,kBAAkB,GAAe,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;IAEjF,KAAK,CAAC,MAAM,CAAC,OAAyB;QACpC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7C,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClC,CAAC;QAED,MAAM,QAAQ,GAAG,qBAAqB,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAEtE,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClC,CAAC;QAED,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,CAAC,UAAU,EAAE;YACpD,MAAM,EAAE;gBACN,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,iBAAiB,EAAE,QAAQ,CAAC,iBAAiB;gBAC7C,kBAAkB,EAAE,QAAQ,CAAC,kBAAkB;aAChD;SACF,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,UAAqB;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,MAAM,UAAU,4BAA4B;IAC1C,OAAO,IAAI,sBAAsB,EAAE,CAAC;AACtC,CAAC"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Security detectors module exports
|
|
3
|
+
*
|
|
4
|
+
* Detects security patterns including:
|
|
5
|
+
* - Input sanitization
|
|
6
|
+
* - SQL injection prevention
|
|
7
|
+
* - XSS prevention
|
|
8
|
+
* - CSRF protection
|
|
9
|
+
* - CSP headers
|
|
10
|
+
* - Secret management
|
|
11
|
+
* - Rate limiting
|
|
12
|
+
*
|
|
13
|
+
* @requirements 16 - Security pattern detection
|
|
14
|
+
*/
|
|
15
|
+
export { InputSanitizationDetector, createInputSanitizationDetector, analyzeInputSanitization, shouldExcludeFile as shouldExcludeInputSanitizationFile, } from './input-sanitization.js';
|
|
16
|
+
export type { InputSanitizationPatternType, InputSanitizationViolationType, InputSanitizationPatternInfo, InputSanitizationViolationInfo, InputSanitizationAnalysis, } from './input-sanitization.js';
|
|
17
|
+
export { SQLInjectionDetector, createSQLInjectionDetector, analyzeSQLInjection, detectParameterizedQueries, detectPreparedStatements, detectORMQueries, detectQueryBuilders, detectEscapeFunctions, detectTaggedTemplates, detectStringConcatViolations, detectTemplateLiteralViolations, detectRawSQLViolations, shouldExcludeFile as shouldExcludeSQLInjectionFile, PARAMETERIZED_QUERY_PATTERNS, PREPARED_STATEMENT_PATTERNS, ORM_QUERY_PATTERNS, QUERY_BUILDER_PATTERNS, ESCAPE_FUNCTION_PATTERNS, TAGGED_TEMPLATE_PATTERNS, STRING_CONCAT_VIOLATION_PATTERNS, TEMPLATE_LITERAL_VIOLATION_PATTERNS, RAW_SQL_WITH_INPUT_PATTERNS, } from './sql-injection.js';
|
|
18
|
+
export type { SQLInjectionPatternType, SQLInjectionViolationType, SQLInjectionPatternInfo, SQLInjectionViolationInfo, SQLInjectionAnalysis, } from './sql-injection.js';
|
|
19
|
+
export { XSSPreventionDetector, createXSSPreventionDetector, analyzeXSSPrevention, shouldExcludeFile as shouldExcludeXSSFile, } from './xss-prevention.js';
|
|
20
|
+
export type { XSSPreventionPatternType, XSSViolationType, XSSPreventionPatternInfo, XSSViolationInfo, XSSPreventionAnalysis, } from './xss-prevention.js';
|
|
21
|
+
export { CSRFProtectionDetector, createCSRFProtectionDetector, analyzeCSRFProtection, shouldExcludeFile as shouldExcludeCSRFFile, } from './csrf-protection.js';
|
|
22
|
+
export type { CSRFProtectionPatternType, CSRFViolationType, CSRFProtectionPatternInfo, CSRFViolationInfo, CSRFProtectionAnalysis, } from './csrf-protection.js';
|
|
23
|
+
export { CSPHeadersDetector, createCSPHeadersDetector, analyzeCSPHeaders, shouldExcludeFile as shouldExcludeCSPFile, } from './csp-headers.js';
|
|
24
|
+
export type { CSPHeaderPatternType, CSPViolationType, CSPHeaderPatternInfo, CSPViolationInfo, CSPHeaderAnalysis, } from './csp-headers.js';
|
|
25
|
+
export { SecretManagementDetector, createSecretManagementDetector, analyzeSecretManagement, shouldExcludeFile as shouldExcludeSecretFile, } from './secret-management.js';
|
|
26
|
+
export type { SecretPatternType, SecretViolationType, SecretPatternInfo, SecretViolationInfo, SecretManagementAnalysis, } from './secret-management.js';
|
|
27
|
+
export { RateLimitingDetector, createRateLimitingDetector, analyzeRateLimiting, shouldExcludeFile as shouldExcludeRateLimitFile, } from './rate-limiting.js';
|
|
28
|
+
export type { RateLimitPatternType, RateLimitViolationType, RateLimitPatternInfo, RateLimitViolationInfo, RateLimitAnalysis, } from './rate-limiting.js';
|
|
29
|
+
export declare function createSecurityDetectors(): (import("./input-sanitization.js").InputSanitizationDetector | import("./sql-injection.js").SQLInjectionDetector | import("./xss-prevention.js").XSSPreventionDetector | import("./csrf-protection.js").CSRFProtectionDetector | import("./csp-headers.js").CSPHeadersDetector | import("./secret-management.js").SecretManagementDetector | import("./rate-limiting.js").RateLimitingDetector)[];
|
|
30
|
+
//# sourceMappingURL=index.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAWH,OAAO,EACL,yBAAyB,EACzB,+BAA+B,EAC/B,wBAAwB,EACxB,iBAAiB,IAAI,kCAAkC,GACxD,MAAM,yBAAyB,CAAC;AACjC,YAAY,EACV,4BAA4B,EAC5B,8BAA8B,EAC9B,4BAA4B,EAC5B,8BAA8B,EAC9B,yBAAyB,GAC1B,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,EACnB,0BAA0B,EAC1B,wBAAwB,EACxB,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,qBAAqB,EACrB,4BAA4B,EAC5B,+BAA+B,EAC/B,sBAAsB,EACtB,iBAAiB,IAAI,6BAA6B,EAClD,4BAA4B,EAC5B,2BAA2B,EAC3B,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,wBAAwB,EACxB,gCAAgC,EAChC,mCAAmC,EACnC,2BAA2B,GAC5B,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,uBAAuB,EACvB,yBAAyB,EACzB,uBAAuB,EACvB,yBAAyB,EACzB,oBAAoB,GACrB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,qBAAqB,EACrB,2BAA2B,EAC3B,oBAAoB,EACpB,iBAAiB,IAAI,oBAAoB,GAC1C,MAAM,qBAAqB,CAAC;AAC7B,YAAY,EACV,wBAAwB,EACxB,gBAAgB,EAChB,wBAAwB,EACxB,gBAAgB,EAChB,qBAAqB,GACtB,MAAM,qBAAqB,CAAC;AAG7B,OAAO,EACL,sBAAsB,EACtB,4BAA4B,EAC5B,qBAAqB,EACrB,iBAAiB,IAAI,qBAAqB,GAC3C,MAAM,sBAAsB,CAAC;AAC9B,YAAY,EACV,yBAAyB,EACzB,iBAAiB,EACjB,yBAAyB,EACzB,iBAAiB,EACjB,sBAAsB,GACvB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,iBAAiB,EACjB,iBAAiB,IAAI,oBAAoB,GAC1C,MAAM,kBAAkB,CAAC;AAC1B,YAAY,EACV,oBAAoB,EACpB,gBAAgB,EAChB,oBAAoB,EACpB,gBAAgB,EAChB,iBAAiB,GAClB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,wBAAwB,EACxB,8BAA8B,EAC9B,uBAAuB,EACvB,iBAAiB,IAAI,uBAAuB,GAC7C,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,iBAAiB,EACjB,mBAAmB,EACnB,iBAAiB,EACjB,mBAAmB,EACnB,wBAAwB,GACzB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,EACnB,iBAAiB,IAAI,0BAA0B,GAChD,MAAM,oBAAoB,CAAC;AAC5B,YAAY,EACV,oBAAoB,EACpB,sBAAsB,EACtB,oBAAoB,EACpB,sBAAsB,EACtB,iBAAiB,GAClB,MAAM,oBAAoB,CAAC;AAG5B,wBAAgB,uBAAuB,sYAUtC"}
|
|
@@ -0,0 +1,48 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Security detectors module exports
|
|
3
|
+
*
|
|
4
|
+
* Detects security patterns including:
|
|
5
|
+
* - Input sanitization
|
|
6
|
+
* - SQL injection prevention
|
|
7
|
+
* - XSS prevention
|
|
8
|
+
* - CSRF protection
|
|
9
|
+
* - CSP headers
|
|
10
|
+
* - Secret management
|
|
11
|
+
* - Rate limiting
|
|
12
|
+
*
|
|
13
|
+
* @requirements 16 - Security pattern detection
|
|
14
|
+
*/
|
|
15
|
+
import { createInputSanitizationDetector } from './input-sanitization.js';
|
|
16
|
+
import { createSQLInjectionDetector } from './sql-injection.js';
|
|
17
|
+
import { createXSSPreventionDetector } from './xss-prevention.js';
|
|
18
|
+
import { createCSRFProtectionDetector } from './csrf-protection.js';
|
|
19
|
+
import { createCSPHeadersDetector } from './csp-headers.js';
|
|
20
|
+
import { createSecretManagementDetector } from './secret-management.js';
|
|
21
|
+
import { createRateLimitingDetector } from './rate-limiting.js';
|
|
22
|
+
// Input Sanitization
|
|
23
|
+
export { InputSanitizationDetector, createInputSanitizationDetector, analyzeInputSanitization, shouldExcludeFile as shouldExcludeInputSanitizationFile, } from './input-sanitization.js';
|
|
24
|
+
// SQL Injection
|
|
25
|
+
export { SQLInjectionDetector, createSQLInjectionDetector, analyzeSQLInjection, detectParameterizedQueries, detectPreparedStatements, detectORMQueries, detectQueryBuilders, detectEscapeFunctions, detectTaggedTemplates, detectStringConcatViolations, detectTemplateLiteralViolations, detectRawSQLViolations, shouldExcludeFile as shouldExcludeSQLInjectionFile, PARAMETERIZED_QUERY_PATTERNS, PREPARED_STATEMENT_PATTERNS, ORM_QUERY_PATTERNS, QUERY_BUILDER_PATTERNS, ESCAPE_FUNCTION_PATTERNS, TAGGED_TEMPLATE_PATTERNS, STRING_CONCAT_VIOLATION_PATTERNS, TEMPLATE_LITERAL_VIOLATION_PATTERNS, RAW_SQL_WITH_INPUT_PATTERNS, } from './sql-injection.js';
|
|
26
|
+
// XSS Prevention
|
|
27
|
+
export { XSSPreventionDetector, createXSSPreventionDetector, analyzeXSSPrevention, shouldExcludeFile as shouldExcludeXSSFile, } from './xss-prevention.js';
|
|
28
|
+
// CSRF Protection
|
|
29
|
+
export { CSRFProtectionDetector, createCSRFProtectionDetector, analyzeCSRFProtection, shouldExcludeFile as shouldExcludeCSRFFile, } from './csrf-protection.js';
|
|
30
|
+
// CSP Headers
|
|
31
|
+
export { CSPHeadersDetector, createCSPHeadersDetector, analyzeCSPHeaders, shouldExcludeFile as shouldExcludeCSPFile, } from './csp-headers.js';
|
|
32
|
+
// Secret Management
|
|
33
|
+
export { SecretManagementDetector, createSecretManagementDetector, analyzeSecretManagement, shouldExcludeFile as shouldExcludeSecretFile, } from './secret-management.js';
|
|
34
|
+
// Rate Limiting
|
|
35
|
+
export { RateLimitingDetector, createRateLimitingDetector, analyzeRateLimiting, shouldExcludeFile as shouldExcludeRateLimitFile, } from './rate-limiting.js';
|
|
36
|
+
// Factory function to create all security detectors
|
|
37
|
+
export function createSecurityDetectors() {
|
|
38
|
+
return [
|
|
39
|
+
createInputSanitizationDetector(),
|
|
40
|
+
createSQLInjectionDetector(),
|
|
41
|
+
createXSSPreventionDetector(),
|
|
42
|
+
createCSRFProtectionDetector(),
|
|
43
|
+
createCSPHeadersDetector(),
|
|
44
|
+
createSecretManagementDetector(),
|
|
45
|
+
createRateLimitingDetector(),
|
|
46
|
+
];
|
|
47
|
+
}
|
|
48
|
+
//# sourceMappingURL=index.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;GAaG;AAEH,OAAO,EAAE,+BAA+B,EAAE,MAAM,yBAAyB,CAAC;AAC1E,OAAO,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAChE,OAAO,EAAE,2BAA2B,EAAE,MAAM,qBAAqB,CAAC;AAClE,OAAO,EAAE,4BAA4B,EAAE,MAAM,sBAAsB,CAAC;AACpE,OAAO,EAAE,wBAAwB,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,8BAA8B,EAAE,MAAM,wBAAwB,CAAC;AACxE,OAAO,EAAE,0BAA0B,EAAE,MAAM,oBAAoB,CAAC;AAEhE,qBAAqB;AACrB,OAAO,EACL,yBAAyB,EACzB,+BAA+B,EAC/B,wBAAwB,EACxB,iBAAiB,IAAI,kCAAkC,GACxD,MAAM,yBAAyB,CAAC;AASjC,gBAAgB;AAChB,OAAO,EACL,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,EACnB,0BAA0B,EAC1B,wBAAwB,EACxB,gBAAgB,EAChB,mBAAmB,EACnB,qBAAqB,EACrB,qBAAqB,EACrB,4BAA4B,EAC5B,+BAA+B,EAC/B,sBAAsB,EACtB,iBAAiB,IAAI,6BAA6B,EAClD,4BAA4B,EAC5B,2BAA2B,EAC3B,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,EACxB,wBAAwB,EACxB,gCAAgC,EAChC,mCAAmC,EACnC,2BAA2B,GAC5B,MAAM,oBAAoB,CAAC;AAS5B,iBAAiB;AACjB,OAAO,EACL,qBAAqB,EACrB,2BAA2B,EAC3B,oBAAoB,EACpB,iBAAiB,IAAI,oBAAoB,GAC1C,MAAM,qBAAqB,CAAC;AAS7B,kBAAkB;AAClB,OAAO,EACL,sBAAsB,EACtB,4BAA4B,EAC5B,qBAAqB,EACrB,iBAAiB,IAAI,qBAAqB,GAC3C,MAAM,sBAAsB,CAAC;AAS9B,cAAc;AACd,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,iBAAiB,EACjB,iBAAiB,IAAI,oBAAoB,GAC1C,MAAM,kBAAkB,CAAC;AAS1B,oBAAoB;AACpB,OAAO,EACL,wBAAwB,EACxB,8BAA8B,EAC9B,uBAAuB,EACvB,iBAAiB,IAAI,uBAAuB,GAC7C,MAAM,wBAAwB,CAAC;AAShC,gBAAgB;AAChB,OAAO,EACL,oBAAoB,EACpB,0BAA0B,EAC1B,mBAAmB,EACnB,iBAAiB,IAAI,0BAA0B,GAChD,MAAM,oBAAoB,CAAC;AAS5B,oDAAoD;AACpD,MAAM,UAAU,uBAAuB;IACrC,OAAO;QACL,+BAA+B,EAAE;QACjC,0BAA0B,EAAE;QAC5B,2BAA2B,EAAE;QAC7B,4BAA4B,EAAE;QAC9B,wBAAwB,EAAE;QAC1B,8BAA8B,EAAE;QAChC,0BAA0B,EAAE;KAC7B,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,74 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Input Sanitization Detector - Input sanitization pattern detection
|
|
3
|
+
*
|
|
4
|
+
* Detects input sanitization patterns including:
|
|
5
|
+
* - HTML sanitization (DOMPurify, sanitize-html)
|
|
6
|
+
* - Input validation libraries (validator.js, joi, zod)
|
|
7
|
+
* - Escape functions for different contexts
|
|
8
|
+
* - Custom sanitization functions
|
|
9
|
+
* - Missing sanitization violations
|
|
10
|
+
*
|
|
11
|
+
* @requirements 16.1 - Input sanitization patterns
|
|
12
|
+
*/
|
|
13
|
+
import type { Violation, QuickFix, PatternCategory, Language } from 'driftdetect-core';
|
|
14
|
+
import { RegexDetector } from '../base/regex-detector.js';
|
|
15
|
+
import type { DetectionContext, DetectionResult } from '../base/base-detector.js';
|
|
16
|
+
export type InputSanitizationPatternType = 'dompurify-sanitize' | 'sanitize-html-lib' | 'validator-js' | 'escape-html' | 'escape-sql' | 'escape-regex' | 'custom-sanitize' | 'trim-normalize';
|
|
17
|
+
export type InputSanitizationViolationType = 'unsanitized-input' | 'raw-user-input' | 'missing-validation';
|
|
18
|
+
export interface InputSanitizationPatternInfo {
|
|
19
|
+
type: InputSanitizationPatternType;
|
|
20
|
+
file: string;
|
|
21
|
+
line: number;
|
|
22
|
+
column: number;
|
|
23
|
+
matchedText: string;
|
|
24
|
+
library?: string | undefined;
|
|
25
|
+
context?: string | undefined;
|
|
26
|
+
}
|
|
27
|
+
export interface InputSanitizationViolationInfo {
|
|
28
|
+
type: InputSanitizationViolationType;
|
|
29
|
+
file: string;
|
|
30
|
+
line: number;
|
|
31
|
+
column: number;
|
|
32
|
+
matchedText: string;
|
|
33
|
+
issue: string;
|
|
34
|
+
suggestedFix?: string | undefined;
|
|
35
|
+
}
|
|
36
|
+
export interface InputSanitizationAnalysis {
|
|
37
|
+
patterns: InputSanitizationPatternInfo[];
|
|
38
|
+
violations: InputSanitizationViolationInfo[];
|
|
39
|
+
hasSanitization: boolean;
|
|
40
|
+
sanitizationLibraries: string[];
|
|
41
|
+
confidence: number;
|
|
42
|
+
}
|
|
43
|
+
export declare const DOMPURIFY_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
44
|
+
export declare const SANITIZE_HTML_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
45
|
+
export declare const VALIDATOR_JS_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
46
|
+
export declare const ESCAPE_HTML_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
47
|
+
export declare const ESCAPE_SQL_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
48
|
+
export declare const ESCAPE_REGEX_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
|
|
49
|
+
export declare const CUSTOM_SANITIZE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
50
|
+
export declare const TRIM_NORMALIZE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
|
|
51
|
+
export declare const UNSANITIZED_INPUT_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
|
|
52
|
+
export declare const RAW_USER_INPUT_PATTERNS: readonly [RegExp, RegExp, RegExp];
|
|
53
|
+
export declare function shouldExcludeFile(filePath: string): boolean;
|
|
54
|
+
export declare function detectDOMPurifySanitization(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
55
|
+
export declare function detectSanitizeHtmlLib(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
56
|
+
export declare function detectValidatorJS(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
57
|
+
export declare function detectEscapeHTML(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
58
|
+
export declare function detectEscapeSQL(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
59
|
+
export declare function detectCustomSanitization(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
60
|
+
export declare function detectTrimNormalize(content: string, filePath: string): InputSanitizationPatternInfo[];
|
|
61
|
+
export declare function detectUnsanitizedInputViolations(content: string, filePath: string): InputSanitizationViolationInfo[];
|
|
62
|
+
export declare function analyzeInputSanitization(content: string, filePath: string): InputSanitizationAnalysis;
|
|
63
|
+
export declare class InputSanitizationDetector extends RegexDetector {
|
|
64
|
+
readonly id = "security/input-sanitization";
|
|
65
|
+
readonly name = "Input Sanitization Detector";
|
|
66
|
+
readonly description = "Detects input sanitization patterns and identifies potential unsanitized input vulnerabilities";
|
|
67
|
+
readonly category: PatternCategory;
|
|
68
|
+
readonly subcategory = "input-sanitization";
|
|
69
|
+
readonly supportedLanguages: Language[];
|
|
70
|
+
detect(context: DetectionContext): Promise<DetectionResult>;
|
|
71
|
+
generateQuickFix(_violation: Violation): QuickFix | null;
|
|
72
|
+
}
|
|
73
|
+
export declare function createInputSanitizationDetector(): InputSanitizationDetector;
|
|
74
|
+
//# sourceMappingURL=input-sanitization.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"input-sanitization.d.ts","sourceRoot":"","sources":["../../src/security/input-sanitization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAMlF,MAAM,MAAM,4BAA4B,GACpC,oBAAoB,GACpB,mBAAmB,GACnB,cAAc,GACd,aAAa,GACb,YAAY,GACZ,cAAc,GACd,iBAAiB,GACjB,gBAAgB,CAAC;AAErB,MAAM,MAAM,8BAA8B,GACtC,mBAAmB,GACnB,gBAAgB,GAChB,oBAAoB,CAAC;AAEzB,MAAM,WAAW,4BAA4B;IAC3C,IAAI,EAAE,4BAA4B,CAAC;IACnC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC9B;AAED,MAAM,WAAW,8BAA8B;IAC7C,IAAI,EAAE,8BAA8B,CAAC;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CACnC;AAED,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EAAE,4BAA4B,EAAE,CAAC;IACzC,UAAU,EAAE,8BAA8B,EAAE,CAAC;IAC7C,eAAe,EAAE,OAAO,CAAC;IACzB,qBAAqB,EAAE,MAAM,EAAE,CAAC;IAChC,UAAU,EAAE,MAAM,CAAC;CACpB;AAMD,eAAO,MAAM,kBAAkB,mDAMrB,CAAC;AAEX,eAAO,MAAM,sBAAsB,mDAMzB,CAAC;AAEX,eAAO,MAAM,qBAAqB,2IAmBxB,CAAC;AAEX,eAAO,MAAM,oBAAoB,2DAOvB,CAAC;AAEX,eAAO,MAAM,mBAAmB,mDAMtB,CAAC;AAEX,eAAO,MAAM,qBAAqB,2CAKxB,CAAC;AAEX,eAAO,MAAM,wBAAwB,mHAgB3B,CAAC;AAEX,eAAO,MAAM,uBAAuB,mDAM1B,CAAC;AAEX,eAAO,MAAM,0BAA0B,2CAK7B,CAAC;AAEX,eAAO,MAAM,uBAAuB,mCAI1B,CAAC;AAMX,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAU3D;AAED,wBAAgB,2BAA2B,CACzC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAwBhC;AAED,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAwBhC;AAED,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAwBhC;AAED,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAuBhC;AAED,wBAAgB,eAAe,CAC7B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAuBhC;AAED,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAuBhC;AAED,wBAAgB,mBAAmB,CACjC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,4BAA4B,EAAE,CAuBhC;AAED,wBAAgB,gCAAgC,CAC9C,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,8BAA8B,EAAE,CAyBlC;AAED,wBAAgB,wBAAwB,CACtC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,yBAAyB,CAyC3B;AAMD,qBAAa,yBAA0B,SAAQ,aAAa;IAC1D,QAAQ,CAAC,EAAE,iCAAiC;IAC5C,QAAQ,CAAC,IAAI,iCAAiC;IAC9C,QAAQ,CAAC,WAAW,oGAC+E;IACnG,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAc;IAChD,QAAQ,CAAC,WAAW,wBAAwB;IAC5C,QAAQ,CAAC,kBAAkB,EAAE,QAAQ,EAAE,CAA0C;IAE3E,MAAM,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAqBjE,gBAAgB,CAAC,UAAU,EAAE,SAAS,GAAG,QAAQ,GAAG,IAAI;CAGzD;AAED,wBAAgB,+BAA+B,IAAI,yBAAyB,CAE3E"}
|