guardrail-security 1.0.1 → 1.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/attack-surface/analyzer.d.ts.map +1 -1
- package/dist/attack-surface/analyzer.js +3 -2
- package/dist/license/engine.d.ts.map +1 -1
- package/dist/license/engine.js +3 -2
- package/dist/secrets/guardian.d.ts.map +1 -1
- package/dist/secrets/guardian.js +25 -6
- package/dist/supply-chain/detector.d.ts.map +1 -1
- package/dist/supply-chain/detector.js +4 -3
- package/package.json +1 -2
- package/src/attack-surface/analyzer.ts +2 -1
- package/src/license/engine.ts +2 -1
- package/src/secrets/guardian.ts +22 -2
- package/src/supply-chain/detector.ts +2 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../src/attack-surface/analyzer.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"analyzer.d.ts","sourceRoot":"","sources":["../../src/attack-surface/analyzer.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,GAAG,SAAS,GAAG,WAAW,GAAG,MAAM,CAAC;IAChD,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,UAAU,EAAE,aAAa,EAAE,CAAC;CAC7B;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACvC;AAED,MAAM,WAAW,2BAA2B;IAC1C,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE;QACP,gBAAgB,EAAE,MAAM,CAAC;QACzB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC/B,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KACtC,CAAC;IACF,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,WAAW,EAAE,UAAU,EAAE,CAAC;IAC1B,WAAW,EAAE,kBAAkB,EAAE,CAAC;CACnC;AAED,qBAAa,qBAAqB;IAC1B,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,2BAA2B,CAAC;YA0CzB,iBAAiB;YAKjB,gBAAgB;YA8BhB,gBAAgB;IAOxB,qBAAqB,CACzB,QAAQ,EAAE,2BAA2B,GACpC,OAAO,CAAC,MAAM,CAAC;CAWnB;AAED,eAAO,MAAM,qBAAqB,uBAA8B,CAAC"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.attackSurfaceAnalyzer = exports.AttackSurfaceAnalyzer = void 0;
|
|
4
|
-
|
|
4
|
+
// Stub prisma for standalone use
|
|
5
|
+
const prisma = null;
|
|
5
6
|
class AttackSurfaceAnalyzer {
|
|
6
7
|
async analyzeProject(projectPath, projectId) {
|
|
7
8
|
const entryPoints = await this.scanHTTPEndpoints(projectPath);
|
|
@@ -27,7 +28,7 @@ class AttackSurfaceAnalyzer {
|
|
|
27
28
|
attackPaths,
|
|
28
29
|
apiFindings,
|
|
29
30
|
};
|
|
30
|
-
await
|
|
31
|
+
await prisma.attackSurfaceAnalysis.create({
|
|
31
32
|
data: {
|
|
32
33
|
projectId,
|
|
33
34
|
summary: JSON.parse(JSON.stringify(result.summary)),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/license/engine.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/license/engine.ts"],"names":[],"mappings":"AAYA,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,eAAe;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;IAC1B,cAAc,EAAE,MAAM,CAAC;IACvB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,SAAS,GAAG,OAAO,CAAC;CAC/B;AAED,MAAM,WAAW,qBAAqB;IACpC,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,OAAO,EAAE;QACP,SAAS,EAAE,MAAM,CAAC;QAClB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACnC,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,YAAY,EAAE,kBAAkB,EAAE,CAAC;IACnC,SAAS,EAAE,eAAe,EAAE,CAAC;IAC7B,aAAa,EAAE,iBAAiB,EAAE,CAAC;IACnC,aAAa,EAAE,WAAW,GAAG,SAAS,GAAG,WAAW,CAAC;CACtD;AAED,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,mBAAmB,EAAE,OAAO,CAAC;CAC9B;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,OAAO,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,qBAAa,uBAAuB;IAC5B,cAAc,CAAC,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,cAAc,EAAE,MAAM,GAAG,OAAO,CAAC,qBAAqB,CAAC;YAoCtG,mBAAmB;IAsCjC;;OAEG;YACW,wBAAwB;IAuCtC;;OAEG;IACH,OAAO,CAAC,6BAA6B;IAyBrC;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA0B5B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAkBzB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IASzB;;OAEG;IACH,UAAU,IAAI,IAAI;IAIlB;;OAEG;IACH,aAAa,IAAI;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,IAAI,GAAG,IAAI,CAAA;KAAE;IAa3D,kBAAkB,CAAC,cAAc,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,mBAAmB;IAkBnF,OAAO,CAAC,sBAAsB;YAoBhB,wBAAwB;IAKhC,wBAAwB,CAAC,QAAQ,EAAE,qBAAqB,GAAG,OAAO,CAAC,MAAM,CAAC;CAiBjF;AAED,eAAO,MAAM,uBAAuB,yBAAgC,CAAC"}
|
package/dist/license/engine.js
CHANGED
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.licenseComplianceEngine = exports.LicenseComplianceEngine = void 0;
|
|
4
|
-
|
|
4
|
+
// Stub prisma for standalone use
|
|
5
|
+
const prisma = null;
|
|
5
6
|
const compatibility_matrix_1 = require("./compatibility-matrix");
|
|
6
7
|
const fs_1 = require("fs");
|
|
7
8
|
const path_1 = require("path");
|
|
@@ -35,7 +36,7 @@ class LicenseComplianceEngine {
|
|
|
35
36
|
overallStatus,
|
|
36
37
|
};
|
|
37
38
|
// @ts-ignore - licenseAnalysis may not exist in schema yet
|
|
38
|
-
const analysis = await
|
|
39
|
+
const analysis = await prisma.licenseAnalysis.findUnique({
|
|
39
40
|
where: { id: projectId }
|
|
40
41
|
});
|
|
41
42
|
return result;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"guardian.d.ts","sourceRoot":"","sources":["../../src/secrets/guardian.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"guardian.d.ts","sourceRoot":"","sources":["../../src/secrets/guardian.ts"],"names":[],"mappings":"AA4BA,oBAAY,UAAU;IACpB,OAAO,YAAY;IACnB,QAAQ,aAAa;IACrB,KAAK,UAAU;IACf,WAAW,gBAAgB;IAC3B,WAAW,gBAAgB;IAC3B,YAAY,iBAAiB;IAC7B,UAAU,eAAe;IACzB,cAAc,mBAAmB;IACjC,KAAK,UAAU;IACf,cAAc,mBAAmB;IACjC,YAAY,iBAAiB;IAC7B,cAAc,mBAAmB;IACjC,UAAU,eAAe;IACzB,SAAS,cAAc;IACvB,WAAW,gBAAgB;IAC3B,eAAe,oBAAoB;IACnC,gBAAgB,qBAAqB;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,OAAO,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;IACnB,cAAc,EAAE;QACd,MAAM,EAAE,QAAQ,GAAG,aAAa,GAAG,WAAW,GAAG,mBAAmB,CAAC;QACrE,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,EAAE,MAAM,CAAC;KACrB,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,YAAY,CAAC,EAAE,OAAO,CAAC;IACvB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,eAAe,EAAE,CAAC;IAC9B,OAAO,EAAE;QACP,YAAY,EAAE,MAAM,CAAC;QACrB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC/B,MAAM,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;KACvD,CAAC;CACH;AAED;;;;GAIG;AACH,qBAAa,eAAe;IAC1B;;OAEG;IACG,WAAW,CACf,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,eAAe,EAAE,CAAC;IAoF7B;;OAEG;IACG,WAAW,CACf,WAAW,EAAE,MAAM,EACnB,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE,WAAgB,GACxB,OAAO,CAAC,iBAAiB,CAAC;IAgF7B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAIxB;;OAEG;IACH,OAAO,CAAC,WAAW;IAyBnB;;OAEG;IACH,OAAO,CAAC,eAAe;IAsCvB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAgC3B;;OAEG;IACH,OAAO,CAAC,SAAS;IAIjB;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAwC9B;;OAEG;IACG,gBAAgB,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,EAAE,CAAC;CAoBtE;AAGD,eAAO,MAAM,eAAe,iBAAwB,CAAC"}
|
package/dist/secrets/guardian.js
CHANGED
|
@@ -1,8 +1,27 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.secretsGuardian = exports.SecretsGuardian = exports.SecretType = void 0;
|
|
4
|
-
|
|
5
|
-
const
|
|
4
|
+
// Stub prisma for standalone use
|
|
5
|
+
const prisma = null;
|
|
6
|
+
// Local implementations of core utilities
|
|
7
|
+
function calculateEntropy(str) {
|
|
8
|
+
const len = str.length;
|
|
9
|
+
const charCounts = {};
|
|
10
|
+
for (const char of str) {
|
|
11
|
+
charCounts[char] = (charCounts[char] || 0) + 1;
|
|
12
|
+
}
|
|
13
|
+
let entropy = 0;
|
|
14
|
+
for (const count of Object.values(charCounts)) {
|
|
15
|
+
const p = count / len;
|
|
16
|
+
entropy -= p * Math.log2(p);
|
|
17
|
+
}
|
|
18
|
+
return entropy;
|
|
19
|
+
}
|
|
20
|
+
function maskSensitiveValue(value) {
|
|
21
|
+
if (value.length <= 8)
|
|
22
|
+
return '***';
|
|
23
|
+
return value.slice(0, 4) + '...' + value.slice(-4);
|
|
24
|
+
}
|
|
6
25
|
const patterns_1 = require("./patterns");
|
|
7
26
|
const fs_1 = require("fs");
|
|
8
27
|
const glob_1 = require("glob");
|
|
@@ -133,7 +152,7 @@ class SecretsGuardian {
|
|
|
133
152
|
for (const detection of detections) {
|
|
134
153
|
try {
|
|
135
154
|
// @ts-ignore - secretDetection may not exist in schema yet
|
|
136
|
-
await
|
|
155
|
+
await prisma.secretDetection.create({
|
|
137
156
|
data: {
|
|
138
157
|
projectId: 'default',
|
|
139
158
|
filePath: detection.filePath
|
|
@@ -183,7 +202,7 @@ class SecretsGuardian {
|
|
|
183
202
|
* Calculate entropy for randomness detection
|
|
184
203
|
*/
|
|
185
204
|
calculateEntropy(str) {
|
|
186
|
-
return
|
|
205
|
+
return calculateEntropy(str);
|
|
187
206
|
}
|
|
188
207
|
/**
|
|
189
208
|
* Check if likely test/example value
|
|
@@ -272,7 +291,7 @@ class SecretsGuardian {
|
|
|
272
291
|
* Mask secret for safe logging
|
|
273
292
|
*/
|
|
274
293
|
maskValue(value) {
|
|
275
|
-
return
|
|
294
|
+
return maskSensitiveValue(value);
|
|
276
295
|
}
|
|
277
296
|
/**
|
|
278
297
|
* Generate recommendation
|
|
@@ -311,7 +330,7 @@ class SecretsGuardian {
|
|
|
311
330
|
*/
|
|
312
331
|
async getProjectReport(projectId) {
|
|
313
332
|
// @ts-ignore - secretDetection may not exist in schema yet
|
|
314
|
-
const detections = await
|
|
333
|
+
const detections = await prisma.secretDetection.findMany({
|
|
315
334
|
where: { projectId },
|
|
316
335
|
orderBy: { createdAt: 'desc' },
|
|
317
336
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"detector.d.ts","sourceRoot":"","sources":["../../src/supply-chain/detector.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"detector.d.ts","sourceRoot":"","sources":["../../src/supply-chain/detector.ts"],"names":[],"mappings":"AAEA,OAAO,EAAqB,eAAe,EAAE,MAAM,aAAa,CAAC;AAEjE,OAAO,EAAkB,oBAAoB,EAAE,MAAM,mBAAmB,CAAC;AAIzE;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,WAAW,EAAE,OAAO,CAAC;IACrB,WAAW,EAAE,OAAO,CAAC;IACrB,YAAY,EAAE,OAAO,CAAC;IACtB,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,cAAc,CAAC,EAAE,oBAAoB,EAAE,CAAC;IACxC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AAED,MAAM,WAAW,MAAM;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,cAAc;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACtC;AAED;;GAEG;AACH,MAAM,WAAW,IAAI;IACnB,EAAE,CAAC,EAAE,MAAM,CAAC;IACZ,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,WAAW,GAAG,MAAM,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,aAAa,EAAE,CAAC;IAC5B,WAAW,EAAE,IAAI,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,SAAS,GAAG,aAAa,GAAG,WAAW,CAAC;IAC9C,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,MAAM,CAAC,EAAE;QAAE,SAAS,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAChD,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;CACzB;AAED;;GAEG;AACH,qBAAa,mBAAmB;IAC9B;;OAEG;IACG,mBAAmB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,eAAe,CAAC;IAIxE;;OAEG;IACG,yBAAyB,CAC7B,YAAY,EAAE,MAAM,EACpB,gBAAgB,CAAC,EAAE,MAAM,GACxB,OAAO,CAAC;QAAE,qBAAqB,EAAE,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAoB9D;;OAEG;IACG,cAAc,CAClB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,qBAAqB,CAAC;IAiFjC;;OAEG;IACG,YAAY,CAAC,WAAW,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC;CA2D1E;AAGD,eAAO,MAAM,mBAAmB,qBAA4B,CAAC"}
|
|
@@ -1,7 +1,8 @@
|
|
|
1
1
|
"use strict";
|
|
2
2
|
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
3
|
exports.supplyChainDetector = exports.SupplyChainDetector = void 0;
|
|
4
|
-
|
|
4
|
+
// Stub prisma for standalone use
|
|
5
|
+
const prisma = null;
|
|
5
6
|
const typosquat_1 = require("./typosquat");
|
|
6
7
|
const malicious_db_1 = require("./malicious-db");
|
|
7
8
|
const script_analyzer_1 = require("./script-analyzer");
|
|
@@ -79,7 +80,7 @@ class SupplyChainDetector {
|
|
|
79
80
|
}
|
|
80
81
|
}
|
|
81
82
|
// Save to database
|
|
82
|
-
await
|
|
83
|
+
await prisma.dependencyAnalysis.create({
|
|
83
84
|
data: {
|
|
84
85
|
projectId,
|
|
85
86
|
packageName,
|
|
@@ -141,7 +142,7 @@ class SupplyChainDetector {
|
|
|
141
142
|
generatedAt: new Date(),
|
|
142
143
|
};
|
|
143
144
|
// @ts-ignore - SBOM model exists in schema, Prisma client may need regeneration
|
|
144
|
-
const savedSBOM = await
|
|
145
|
+
const savedSBOM = await prisma.sBOM.create({
|
|
145
146
|
data: {
|
|
146
147
|
id: sbom.id,
|
|
147
148
|
projectId,
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "guardrail-security",
|
|
3
|
-
"version": "1.0.
|
|
3
|
+
"version": "1.0.2",
|
|
4
4
|
"main": "./dist/index.js",
|
|
5
5
|
"files": ["dist/**/*", "src/**/*"],
|
|
6
6
|
"types": "./dist/index.d.ts",
|
|
@@ -17,7 +17,6 @@
|
|
|
17
17
|
"clean": "rm -rf dist"
|
|
18
18
|
},
|
|
19
19
|
"dependencies": {
|
|
20
|
-
"guardrail-core": "^1.0.0",
|
|
21
20
|
"@aws-sdk/client-secrets-manager": "^3.490.0",
|
|
22
21
|
"@azure/keyvault-secrets": "^4.8.0",
|
|
23
22
|
"@azure/identity": "^4.0.0",
|
package/src/license/engine.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
|
|
1
|
+
// Stub prisma for standalone use
|
|
2
|
+
const prisma: any = null;
|
|
2
3
|
import { LICENSE_INFO, COMPATIBILITY_MATRIX, LicenseType } from './compatibility-matrix';
|
|
3
4
|
import { readFileSync, existsSync } from 'fs';
|
|
4
5
|
import { join } from 'path';
|
package/src/secrets/guardian.ts
CHANGED
|
@@ -1,5 +1,25 @@
|
|
|
1
|
-
|
|
2
|
-
|
|
1
|
+
// Stub prisma for standalone use
|
|
2
|
+
const prisma: any = null;
|
|
3
|
+
|
|
4
|
+
// Local implementations of core utilities
|
|
5
|
+
function calculateEntropy(str: string): number {
|
|
6
|
+
const len = str.length;
|
|
7
|
+
const charCounts: Record<string, number> = {};
|
|
8
|
+
for (const char of str) {
|
|
9
|
+
charCounts[char] = (charCounts[char] || 0) + 1;
|
|
10
|
+
}
|
|
11
|
+
let entropy = 0;
|
|
12
|
+
for (const count of Object.values(charCounts)) {
|
|
13
|
+
const p = count / len;
|
|
14
|
+
entropy -= p * Math.log2(p);
|
|
15
|
+
}
|
|
16
|
+
return entropy;
|
|
17
|
+
}
|
|
18
|
+
|
|
19
|
+
function maskSensitiveValue(value: string): string {
|
|
20
|
+
if (value.length <= 8) return '***';
|
|
21
|
+
return value.slice(0, 4) + '...' + value.slice(-4);
|
|
22
|
+
}
|
|
3
23
|
import { SECRET_PATTERNS, TEST_PATTERNS, FALSE_POSITIVE_VALUES, SecretPattern } from './patterns';
|
|
4
24
|
import { readFileSync } from 'fs';
|
|
5
25
|
import { glob } from 'glob';
|
|
@@ -1,4 +1,5 @@
|
|
|
1
|
-
|
|
1
|
+
// Stub prisma for standalone use
|
|
2
|
+
const prisma: any = null;
|
|
2
3
|
import { typosquatDetector, TyposquatResult } from "./typosquat";
|
|
3
4
|
import { maliciousPackageDB } from "./malicious-db";
|
|
4
5
|
import { scriptAnalyzer, ScriptAnalysisResult } from "./script-analyzer";
|