guardvibe 0.6.3 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (85) hide show
  1. package/README.md +93 -156
  2. package/build/data/rules/auth.d.ts +3 -0
  3. package/build/data/rules/auth.d.ts.map +1 -0
  4. package/build/data/rules/auth.js +100 -0
  5. package/build/data/rules/auth.js.map +1 -0
  6. package/build/data/rules/core.js +11 -11
  7. package/build/data/rules/core.js.map +1 -1
  8. package/build/data/rules/database.d.ts +3 -0
  9. package/build/data/rules/database.d.ts.map +1 -0
  10. package/build/data/rules/database.js +100 -0
  11. package/build/data/rules/database.js.map +1 -0
  12. package/build/data/rules/deployment.d.ts +3 -0
  13. package/build/data/rules/deployment.d.ts.map +1 -0
  14. package/build/data/rules/deployment.js +192 -0
  15. package/build/data/rules/deployment.js.map +1 -0
  16. package/build/data/rules/index.d.ts.map +1 -1
  17. package/build/data/rules/index.js +8 -6
  18. package/build/data/rules/index.js.map +1 -1
  19. package/build/data/rules/nextjs.d.ts +3 -0
  20. package/build/data/rules/nextjs.d.ts.map +1 -0
  21. package/build/data/rules/nextjs.js +148 -0
  22. package/build/data/rules/nextjs.js.map +1 -0
  23. package/build/index.js +36 -19
  24. package/build/index.js.map +1 -1
  25. package/build/tools/check-code.d.ts +3 -2
  26. package/build/tools/check-code.d.ts.map +1 -1
  27. package/build/tools/check-code.js +25 -4
  28. package/build/tools/check-code.js.map +1 -1
  29. package/build/tools/check-package-health.d.ts +29 -0
  30. package/build/tools/check-package-health.d.ts.map +1 -0
  31. package/build/tools/check-package-health.js +142 -0
  32. package/build/tools/check-package-health.js.map +1 -0
  33. package/build/tools/check-project.d.ts +1 -1
  34. package/build/tools/check-project.d.ts.map +1 -1
  35. package/build/tools/check-project.js +24 -5
  36. package/build/tools/check-project.js.map +1 -1
  37. package/build/tools/compliance-report.d.ts +1 -1
  38. package/build/tools/compliance-report.d.ts.map +1 -1
  39. package/build/tools/compliance-report.js +33 -9
  40. package/build/tools/compliance-report.js.map +1 -1
  41. package/build/tools/export-sarif.d.ts.map +1 -1
  42. package/build/tools/export-sarif.js +7 -7
  43. package/build/tools/export-sarif.js.map +1 -1
  44. package/build/tools/scan-dependencies.d.ts +1 -1
  45. package/build/tools/scan-dependencies.d.ts.map +1 -1
  46. package/build/tools/scan-dependencies.js +25 -2
  47. package/build/tools/scan-dependencies.js.map +1 -1
  48. package/build/tools/scan-directory.d.ts +1 -1
  49. package/build/tools/scan-directory.d.ts.map +1 -1
  50. package/build/tools/scan-directory.js +33 -11
  51. package/build/tools/scan-directory.js.map +1 -1
  52. package/build/tools/scan-secrets.d.ts +1 -1
  53. package/build/tools/scan-secrets.d.ts.map +1 -1
  54. package/build/tools/scan-secrets.js +110 -57
  55. package/build/tools/scan-secrets.js.map +1 -1
  56. package/build/tools/scan-staged.d.ts +1 -1
  57. package/build/tools/scan-staged.d.ts.map +1 -1
  58. package/build/tools/scan-staged.js +29 -10
  59. package/build/tools/scan-staged.js.map +1 -1
  60. package/build/utils/config.d.ts.map +1 -1
  61. package/build/utils/config.js +19 -11
  62. package/build/utils/config.js.map +1 -1
  63. package/build/utils/manifest-parser.d.ts.map +1 -1
  64. package/build/utils/manifest-parser.js +93 -68
  65. package/build/utils/manifest-parser.js.map +1 -1
  66. package/build/utils/osv-client.d.ts.map +1 -1
  67. package/build/utils/osv-client.js +3 -2
  68. package/build/utils/osv-client.js.map +1 -1
  69. package/build/utils/typosquat.d.ts +9 -0
  70. package/build/utils/typosquat.d.ts.map +1 -0
  71. package/build/utils/typosquat.js +101 -0
  72. package/build/utils/typosquat.js.map +1 -0
  73. package/package.json +4 -5
  74. package/build/data/rules/java.d.ts +0 -3
  75. package/build/data/rules/java.d.ts.map +0 -1
  76. package/build/data/rules/java.js +0 -70
  77. package/build/data/rules/java.js.map +0 -1
  78. package/build/data/rules/php.d.ts +0 -3
  79. package/build/data/rules/php.d.ts.map +0 -1
  80. package/build/data/rules/php.js +0 -59
  81. package/build/data/rules/php.js.map +0 -1
  82. package/build/data/rules/ruby.d.ts +0 -3
  83. package/build/data/rules/ruby.d.ts.map +0 -1
  84. package/build/data/rules/ruby.js +0 -59
  85. package/build/data/rules/ruby.js.map +0 -1
package/build/data/rules/ruby.js DELETED
@@ -1,59 +0,0 @@
1
- // === Ruby-specific rules ===
2
- export const rubyRules = [
3
- {
4
- id: "VG140",
5
- name: "Ruby SQL injection via interpolation",
6
- severity: "critical",
7
- owasp: "A02:2025 Injection",
8
- description: "String interpolation in SQL queries allows SQL injection attacks.",
9
- pattern: /(?:where|find_by_sql|execute|select|order)\s*\(\s*["'][^"']*#\{/gi,
10
- languages: ["ruby"],
11
- fix: "Use parameterized queries: User.where('name = ?', user_input) or User.where(name: user_input).",
12
- fixCode: "# Use parameterized queries\nUser.where('name = ?', params[:name])\n# Or use hash syntax:\nUser.where(name: params[:name])",
13
- },
14
- {
15
- id: "VG141",
16
- name: "Ruby command injection",
17
- severity: "critical",
18
- owasp: "A02:2025 Injection",
19
- description: "User input in system/backtick commands allows arbitrary command execution.",
20
- pattern: /(?:`[^`]*#\{|%x\{[^}]*#\{|IO\.popen|Open3)/gi,
21
- languages: ["ruby"],
22
- fix: "Use array form of system(): system('cmd', arg1, arg2). Validate input against an allowlist.",
23
- fixCode: "# Use array form of system\nsystem('ls', '-la', safe_dir)\n# Or use Open3 with array args",
24
- },
25
- {
26
- id: "VG142",
27
- name: "Ruby XSS via html_safe/raw",
28
- severity: "high",
29
- owasp: "A02:2025 Injection",
30
- description: "Using .html_safe or raw() with user input bypasses Rails' auto-escaping.",
31
- pattern: /(?:\.html_safe|raw\s*\()\s*/gi,
32
- languages: ["ruby"],
33
- fix: "Avoid .html_safe and raw() with user data. Use sanitize() helper for HTML content.",
34
- fixCode: "# Use sanitize helper\n<%= sanitize(user_input) %>\n# Or use content_tag for safe HTML generation",
35
- },
36
- {
37
- id: "VG143",
38
- name: "Ruby route without auth",
39
- severity: "high",
40
- owasp: "A01:2025 Broken Access Control",
41
- description: "Rails route without before_action authentication filter.",
42
- pattern: /(?:get|post|put|patch|delete)\s+['"]\/(?:api|admin|users|account|dashboard)/gi,
43
- languages: ["ruby"],
44
- fix: "Add before_action :authenticate_user! to controllers handling sensitive routes.",
45
- fixCode: "# Add authentication filter\nclass ApiController < ApplicationController\n before_action :authenticate_user!\nend",
46
- },
47
- {
48
- id: "VG144",
49
- name: "Ruby weak hashing",
50
- severity: "critical",
51
- owasp: "A07:2025 Auth Failures",
52
- description: "Using Digest::MD5 or Digest::SHA1 for hashing. These are not suitable for passwords.",
53
- pattern: /Digest::(?:MD5|SHA1)\.(?:hexdigest|digest|base64digest)/gi,
54
- languages: ["ruby"],
55
- fix: "Use BCrypt::Password.create(password) from the bcrypt gem for password hashing.",
56
- fixCode: "# Use bcrypt gem\nrequire 'bcrypt'\nhash = BCrypt::Password.create(password)\nvalid = BCrypt::Password.new(hash) == input",
57
- },
58
- ];
59
- //# sourceMappingURL=ruby.js.map
package/build/data/rules/ruby.js.map DELETED
@@ -1 +0,0 @@
1
- {"version":3,"file":"ruby.js","sourceRoot":"","sources":["../../../src/data/rules/ruby.ts"],"names":[],"mappings":"AAEA,8BAA8B;AAC9B,MAAM,CAAC,MAAM,SAAS,GAAmB;IACvC;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EACT,mEAAmE;QACrE,OAAO,EAAE,mEAAmE;QAC5E,SAAS,EAAE,CAAC,MAAM,CAAC;QACnB,GAAG,EAAE,gGAAgG;QACrG,OAAO,EAAE,4HAA4H;KACtI;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EACT,4EAA4E;QAC9E,OAAO,EAAE,8CAA8C;QACvD,SAAS,EAAE,CAAC,MAAM,CAAC;QACnB,GAAG,EAAE,6FAA6F;QAClG,OAAO,EAAE,2FAA2F;KACrG;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EACT,0EAA0E;QAC5E,OAAO,EAAE,+BAA+B;QACxC,SAAS,EAAE,CAAC,MAAM,CAAC;QACnB,GAAG,EAAE,oFAAoF;QACzF,OAAO,EAAE,mGAAmG;KAC7G;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,gCAAgC;QACvC,WAAW,EACT,0DAA0D;QAC5D,OAAO,EAAE,+EAA+E;QACxF,SAAS,EAAE,CAAC,MAAM,CAAC;QACnB,GAAG,EAAE,iFAAiF;QACtF,OAAO,EAAE,oHAAoH;KAC9H;IACD;QACE,EAAE,EAAE,OAAO;QACX,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,wBAAwB;QAC/B,WAAW,EACT,sFAAsF;QACxF,OAAO,EAAE,2DAA2D;QACpE,SAAS,EAAE,CAAC,MAAM,CAAC;QACnB,GAAG,EAAE,iFAAiF;QACtF,OAAO,EAAE,2HAA2H;KACrI;CACF,CAAC"}