npm - getdoorman - Versions diffs - 1.0.6 → 1.0.7 - Mend

getdoorman 1.0.6 → 1.0.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (27) hide show

package/package.json +1 -1
package/src/rules/bugs/ai-codegen.js +1 -1
package/src/rules/bugs/crypto-bugs.js +1 -1
package/src/rules/bugs/go-bugs.js +1 -1
package/src/rules/compliance/healthcare.js +4 -4
package/src/rules/compliance/regional-eu.js +1 -1
package/src/rules/compliance/regional-international.js +4 -4
package/src/rules/infrastructure/index.js +5 -5
package/src/rules/quality/index.js +8 -8
package/src/rules/scope-rules.js +1 -1
package/src/rules/security/ai-api.js +8 -8
package/src/rules/security/auth.js +5 -5
package/src/rules/security/csharp.js +15 -15
package/src/rules/security/dart.js +6 -6
package/src/rules/security/deserialization.js +1 -1
package/src/rules/security/go.js +8 -8
package/src/rules/security/injection.js +21 -21
package/src/rules/security/mcp-server.js +4 -4
package/src/rules/security/oauth-jwt.js +1 -1
package/src/rules/security/path-traversal.js +6 -6
package/src/rules/security/php.js +28 -28
package/src/rules/security/ruby.js +20 -20
package/src/rules/security/rust.js +6 -6
package/src/rules/security/shell.js +9 -9
package/src/rules/security/ssrf.js +1 -1
package/src/rules/security/swift.js +3 -3
package/src/rules/security/taint.js +1 -1

package/src/rules/security/injection.js CHANGED Viewed

@@ -42,7 +42,7 @@ const rules = [
   {
     id: 'SEC-INJ-001',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via String Concatenation',
     description:
@@ -82,7 +82,7 @@ const rules = [
   {
     id: 'SEC-INJ-002',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via ORM Raw Queries',
     description:
@@ -108,7 +108,7 @@ const rules = [
   {
     id: 'SEC-INJ-003',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'NoSQL Injection via MongoDB',
     description:
@@ -138,7 +138,7 @@ const rules = [
   {
     id: 'SEC-INJ-004',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via exec',
     description:
@@ -169,7 +169,7 @@ const rules = [
   {
     id: 'SEC-INJ-005',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via Shell Spawn',
     description:
@@ -288,7 +288,7 @@ const rules = [
   {
     id: 'SEC-INJ-008',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Server-Side Template Injection (SSTI)',
     description:
@@ -520,7 +520,7 @@ const rules = [
   {
     id: 'SEC-INJ-015',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'XML External Entity (XXE) Injection',
     description:
@@ -727,7 +727,7 @@ const rules = [
   {
     id: 'SEC-INJ-019',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Prototype Pollution',
     description:
@@ -757,7 +757,7 @@ const rules = [
   {
     id: 'SEC-INJ-020',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Path Traversal',
     description:
@@ -797,7 +797,7 @@ const rules = [
   {
     id: 'SEC-INJ-021',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SSRF: fetch/axios called with user-controlled URL',
     description: 'Making HTTP requests to URLs derived from user input enables Server-Side Request Forgery (SSRF), allowing attackers to probe internal services, cloud metadata endpoints, or exfiltrate data.',
@@ -819,7 +819,7 @@ const rules = [
   {
     id: 'SEC-INJ-022',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SSRF: http.request with user-controlled host option',
     description: 'Node.js http.request/https.request called with options derived from user input allows SSRF attacks targeting internal services.',
@@ -927,7 +927,7 @@ const rules = [
   {
     id: 'SEC-INJ-026',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SSTI: EJS template rendered with user-controlled template string',
     description: 'Passing user input as the template string to ejs.render() allows arbitrary JavaScript execution on the server.',
@@ -949,7 +949,7 @@ const rules = [
   {
     id: 'SEC-INJ-027',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SSTI: Pug template compiled from user-controlled input',
     description: 'pug.compile() or pug.render() with user-supplied template strings allows arbitrary code execution.',
@@ -971,7 +971,7 @@ const rules = [
   {
     id: 'SEC-INJ-028',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SSTI: Handlebars template compiled from user-controlled input',
     description: 'Handlebars.compile() called with user input allows template injection leading to remote code execution.',
@@ -1180,7 +1180,7 @@ const rules = [
   {
     id: 'SEC-INJ-036',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'LDAP Injection via unsanitized user input in LDAP query',
     description: 'Building LDAP filter strings with user input without escaping special characters allows LDAP injection attacks.',
@@ -1202,7 +1202,7 @@ const rules = [
   {
     id: 'SEC-INJ-037',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'eval() called with user-controlled input — arbitrary code execution',
     description: 'eval() with any user-supplied string allows remote code execution. This is one of the most dangerous patterns in JavaScript.',
@@ -1291,7 +1291,7 @@ export default rules;
 // SEC-INJ-041: SQL injection via template literal in raw query
 rules.push({
-  id: 'SEC-INJ-041', category: 'security', severity: 'critical', confidence: 'likely',
+  id: 'SEC-INJ-041', category: 'security', severity: 'high', confidence: 'likely',
   title: 'SQL Injection via template literal in query string',
   check({ files }) {
     const findings = [];
@@ -1429,7 +1429,7 @@ rules.push({
 // SEC-INJ-048: Unsafe shell execution with variables
 rules.push({
-  id: 'SEC-INJ-048', category: 'security', severity: 'critical', confidence: 'likely',
+  id: 'SEC-INJ-048', category: 'security', severity: 'high', confidence: 'likely',
   title: 'Shell command constructed with variable interpolation',
   check({ files }) {
     const findings = [];
@@ -1470,7 +1470,7 @@ rules.push({
 // SEC-INJ-050: Arbitrary file read via path parameter
 rules.push({
-  id: 'SEC-INJ-050', category: 'security', severity: 'critical', confidence: 'likely',
+  id: 'SEC-INJ-050', category: 'security', severity: 'high', confidence: 'likely',
   title: 'File read using user-controlled filename — path traversal',
   check({ files }) {
     const findings = [];
@@ -1508,7 +1508,7 @@ rules.push({
 // SEC-INJ-052: Subprocess injection via template literal
 rules.push({
-  id: 'SEC-INJ-052', category: 'security', severity: 'critical', confidence: 'likely',
+  id: 'SEC-INJ-052', category: 'security', severity: 'high', confidence: 'likely',
   title: 'subprocess injection via template in spawn/fork',
   check({ files }) {
     const findings = [];
@@ -1546,7 +1546,7 @@ rules.push({
 // SEC-INJ-054: Unsafe use of vm.runInNewContext with user data
 rules.push({
-  id: 'SEC-INJ-054', category: 'security', severity: 'critical', confidence: 'likely',
+  id: 'SEC-INJ-054', category: 'security', severity: 'high', confidence: 'likely',
   title: 'vm.runInNewContext/runInContext with user data — sandbox escape risk',
   check({ files }) {
     const findings = [];

package/src/rules/security/mcp-server.js CHANGED Viewed

@@ -19,8 +19,8 @@ function checkAll(rule, files, pattern) {
 const rules = [
   { id: 'SEC-MCP-001', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP tool without input validation', check({ files }) { return checkAll(this, files, /server\.tool\([^,]+,\s*async\s*\(\s*\{/); } },
   { id: 'SEC-MCP-002', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP params in file operation', check({ files }) { return checkAll(this, files, /fs\.\w+\(\s*(?:params|args|input)\.\w+/); } },
-  { id: 'SEC-MCP-003', category: 'security', severity: 'critical', confidence: 'likely', title: 'MCP params in exec/spawn', check({ files }) { return checkAll(this, files, /(?:exec|spawn|execSync)\(\s*(?:params|args|input)\./); } },
-  { id: 'SEC-MCP-004', category: 'security', severity: 'critical', confidence: 'likely', title: 'MCP params in SQL query', check({ files }) { return checkAll(this, files, /(?:query|execute)\(\s*`[^`]*\$\{(?:params|args|input)\./); } },
+  { id: 'SEC-MCP-003', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP params in exec/spawn', check({ files }) { return checkAll(this, files, /(?:exec|spawn|execSync)\(\s*(?:params|args|input)\./); } },
+  { id: 'SEC-MCP-004', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP params in SQL query', check({ files }) { return checkAll(this, files, /(?:query|execute)\(\s*`[^`]*\$\{(?:params|args|input)\./); } },
   { id: 'SEC-MCP-005', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP params in eval', check({ files }) { return checkAll(this, files, /(?:eval|new\s+Function)\(\s*(?:params|args|input)\./); } },
   { id: 'SEC-MCP-006', category: 'security', severity: 'medium', confidence: 'suggestion', title: 'MCP tool without schema', check({ files }) { return checkAll(this, files, /server\.tool\(\s*['"][^'"]+['"]\s*,\s*(?:async\s*)?\(/); } },
   { id: 'SEC-MCP-007', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP params in URL (SSRF)', check({ files }) { return checkAll(this, files, /(?:fetch|axios|got|request)\(\s*(?:params|args|input)\./); } },
@@ -47,8 +47,8 @@ const rules = [
   { id: 'SEC-MCP-028', category: 'security', severity: 'low', confidence: 'suggestion', title: 'MCP description leaks impl', check({ files }) { return checkAll(this, files, /description:\s*['"].*(?:database|internal|private)/i); } },
   { id: 'SEC-MCP-029', category: 'security', severity: 'medium', confidence: 'likely', title: 'MCP cross-tool data leak', check({ files }) { return checkAll(this, files, /(?:global|globalThis)\.\w+.*=.*(?:params|args)\./); } },
   { id: 'SEC-MCP-030', category: 'security', severity: 'medium', confidence: 'suggestion', title: 'MCP debug mode enabled', check({ files }) { return checkAll(this, files, /(?:debug|verbose)\s*[:=]\s*true/); } },
-  { id: 'SEC-MCP-031', category: 'security', severity: 'critical', confidence: 'likely', title: 'MCP shell injection', check({ files }) { return checkAll(this, files, /(?:child_process\.|execSync|execFile)\s*\(\s*`[^`]*\$\{(?:params|args|input)\./); } },
-  { id: 'SEC-MCP-032', category: 'security', severity: 'critical', confidence: 'likely', title: 'MCP template injection', check({ files }) { return checkAll(this, files, /(?:render|compile|template)\(\s*(?:params|args|input)\./); } },
+  { id: 'SEC-MCP-031', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP shell injection', check({ files }) { return checkAll(this, files, /(?:child_process\.|execSync|execFile)\s*\(\s*`[^`]*\$\{(?:params|args|input)\./); } },
+  { id: 'SEC-MCP-032', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP template injection', check({ files }) { return checkAll(this, files, /(?:render|compile|template)\(\s*(?:params|args|input)\./); } },
   { id: 'SEC-MCP-033', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP LDAP injection', check({ files }) { return checkAll(this, files, /(?:ldap|LDAP).*(?:search|bind).*(?:params|args)\./); } },
   { id: 'SEC-MCP-034', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP XML injection', check({ files }) { return checkAll(this, files, /[<].*\$\{(?:params|args|input)\./); } },
   { id: 'SEC-MCP-035', category: 'security', severity: 'high', confidence: 'likely', title: 'MCP header injection', check({ files }) { return checkAll(this, files, /setHeader\([^,]+,\s*(?:params|args|input)\./); } },

package/src/rules/security/oauth-jwt.js CHANGED Viewed

@@ -303,7 +303,7 @@ const rules = [
   {
     id: 'SEC-JWT-010',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'JWT Payload Decoded Without Verification',
     description:

package/src/rules/security/path-traversal.js CHANGED Viewed

@@ -39,7 +39,7 @@ const rules = [
   {
     id: 'SEC-PT-001',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'fs.readFile with User-Controlled Path (Path Traversal)',
     description:
@@ -62,7 +62,7 @@ const rules = [
   {
     id: 'SEC-PT-002',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'fs.writeFile with User-Controlled Path (Path Traversal)',
     description:
@@ -154,7 +154,7 @@ const rules = [
   {
     id: 'SEC-PT-006',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'fs.createReadStream with User-Controlled Path',
     description:
@@ -177,7 +177,7 @@ const rules = [
   {
     id: 'SEC-PT-007',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Zip Extraction Without Path Validation (Zip Slip)',
     description:
@@ -213,7 +213,7 @@ const rules = [
   {
     id: 'SEC-PT-008',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'fs.unlink/rm with User-Controlled Path (Arbitrary File Deletion)',
     description:
@@ -272,7 +272,7 @@ const rules = [
   {
     id: 'SEC-PT-010',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Template/View File Inclusion with User Input (LFI)',
     description:

package/src/rules/security/php.js CHANGED Viewed

@@ -54,7 +54,7 @@ const rules = [
   {
     id: 'SEC-PHP-001',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via mysql_query with Concatenation',
     description: 'Concatenating user input into mysql_query() allows SQL injection.',
@@ -70,7 +70,7 @@ const rules = [
   {
     id: 'SEC-PHP-002',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via mysqli_query with Variable Interpolation',
     description: 'Using variable interpolation in mysqli_query() enables SQL injection.',
@@ -86,7 +86,7 @@ const rules = [
   {
     id: 'SEC-PHP-003',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via PDO::query with Variable Interpolation',
     description: 'Using string interpolation in PDO::query() bypasses prepared statement protection.',
@@ -102,7 +102,7 @@ const rules = [
   {
     id: 'SEC-PHP-004',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via $_GET in Query String',
     description: 'Directly embedding $_GET values in SQL queries allows injection.',
@@ -118,7 +118,7 @@ const rules = [
   {
     id: 'SEC-PHP-005',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via $_POST in Query String',
     description: 'Directly embedding $_POST values in SQL queries allows injection.',
@@ -134,7 +134,7 @@ const rules = [
   {
     id: 'SEC-PHP-006',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via sprintf()',
     description: 'Using sprintf to build SQL queries with user input allows injection.',
@@ -150,7 +150,7 @@ const rules = [
   {
     id: 'SEC-PHP-007',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via $_REQUEST in Query',
     description: 'Using $_REQUEST in SQL queries allows injection from any request method.',
@@ -198,7 +198,7 @@ const rules = [
   {
     id: 'SEC-PHP-010',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via $db->query with Concatenation',
     description: 'Using $db->query() with concatenated variables allows SQL injection.',
@@ -302,7 +302,7 @@ const rules = [
   {
     id: 'SEC-PHP-016',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via exec()',
     description: 'Passing user input to exec() allows arbitrary command execution.',
@@ -318,7 +318,7 @@ const rules = [
   {
     id: 'SEC-PHP-017',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via system()',
     description: 'Passing user input to system() allows arbitrary command execution.',
@@ -334,7 +334,7 @@ const rules = [
   {
     id: 'SEC-PHP-018',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via shell_exec()',
     description: 'Passing user input to shell_exec() allows arbitrary command execution.',
@@ -350,7 +350,7 @@ const rules = [
   {
     id: 'SEC-PHP-019',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via passthru()',
     description: 'Passing user input to passthru() allows arbitrary command execution.',
@@ -366,7 +366,7 @@ const rules = [
   {
     id: 'SEC-PHP-020',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Command Injection via Backtick Operator',
     description: 'Using backtick operator with user input allows arbitrary command execution.',
@@ -386,7 +386,7 @@ const rules = [
   {
     id: 'SEC-PHP-021',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Local File Inclusion via include()',
     description: 'Using include() with user input allows including arbitrary files.',
@@ -402,7 +402,7 @@ const rules = [
   {
     id: 'SEC-PHP-022',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Local File Inclusion via require()',
     description: 'Using require() with user input allows including arbitrary files.',
@@ -418,7 +418,7 @@ const rules = [
   {
     id: 'SEC-PHP-023',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'File Inclusion via include_once with Variable',
     description: 'Using include_once with user-controlled variable allows file inclusion.',
@@ -434,7 +434,7 @@ const rules = [
   {
     id: 'SEC-PHP-024',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Remote File Inclusion Enabled',
     description: 'Setting allow_url_include=On enables remote file inclusion attacks.',
@@ -450,7 +450,7 @@ const rules = [
   {
     id: 'SEC-PHP-025',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'File Inclusion via require_once with Variable',
     description: 'Using require_once with user-controlled variable allows file inclusion.',
@@ -470,7 +470,7 @@ const rules = [
   {
     id: 'SEC-PHP-026',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Unsafe unserialize() with User Input',
     description: 'Using unserialize() on user input allows object injection and RCE.',
@@ -518,7 +518,7 @@ const rules = [
   {
     id: 'SEC-PHP-029',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Phar Deserialization Attack',
     description: 'File operations on phar:// streams with user input trigger deserialization.',
@@ -554,7 +554,7 @@ const rules = [
   {
     id: 'SEC-PHP-031',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Code Injection via eval()',
     description: 'Using eval() with user-controlled input allows arbitrary code execution.',
@@ -586,7 +586,7 @@ const rules = [
   {
     id: 'SEC-PHP-033',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Code Execution via assert()',
     description: 'assert() with string arguments evaluates code like eval() in PHP < 8.',
@@ -602,7 +602,7 @@ const rules = [
   {
     id: 'SEC-PHP-034',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Code Execution via preg_replace /e Modifier',
     description: 'The /e modifier in preg_replace evaluates replacement as PHP code.',
@@ -722,7 +722,7 @@ const rules = [
   {
     id: 'SEC-PHP-041',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via Laravel DB::raw()',
     description: 'Using DB::raw() with user input bypasses query builder protections.',
@@ -786,7 +786,7 @@ const rules = [
   {
     id: 'SEC-PHP-045',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'SQL Injection via Laravel whereRaw()',
     description: 'Using whereRaw() with concatenated user input enables SQL injection.',
@@ -806,7 +806,7 @@ const rules = [
   {
     id: 'SEC-PHP-046',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'WordPress SQL Injection via $wpdb->query()',
     description: 'Using $wpdb->query() without $wpdb->prepare() allows SQL injection.',
@@ -974,7 +974,7 @@ const rules = [
   {
     id: 'SEC-PHP-056',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Weak Password Hashing: md5()',
     description: 'Using md5() for password hashing is trivially crackable.',
@@ -1006,7 +1006,7 @@ const rules = [
   {
     id: 'SEC-PHP-058',
     category: 'security',
-    severity: 'critical',
+    severity: 'high',
     confidence: 'likely',
     title: 'Hardcoded Encryption Key',
     description: 'Hardcoded encryption keys in source code can be extracted by attackers.',