guardvibe 3.16.0 → 3.17.0

package/CHANGELOG.md

@@ -5,6 +5,15 @@ All notable changes to GuardVibe are documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [3.17.0] - 2026-06-09
+
+### Added — FAZ 3 part 3: AST constant-origin detection for VG126 (442 rules / 37 tools)
+- **VG126 ("Dynamic RegExp from User Input") no longer fires when the argument is provably constant.** `regexpArgIsConstant` (AST) suppresses `new RegExp(x)` when `x` is: a string literal, a variable assigned from a string literal, the callback parameter of an iteration over a const string-array (incl. an imported SCREAMING_SNAKE_CASE list, by convention), or `someRegExp.source`/`.flags` (cloning a compiled RegExp). Minified bundles are skipped too. Anything not provably constant keeps firing.
+- **Validated (clean stash diff): VG126 29 → 21; all 8 removed are confirmed non-user-input** — dub `detect-bot` ×2 (`UA_BOTS`/`REFERRER_BOTS` bot-pattern lists), a minified vendor bundle, and payload `deepCopyObject` ×5 (`new RegExp(cur.source, cur.flags)` RegExp clones). **0 true positives lost, 0 false positives added.** 10 RegExp tests.
+- No rule or tool changes (442 / 37). FAZ 3 part 3 (reuses the part-1 AST engine).
+
+Gate green (build / lint / test / self-audit PASS / A / 0).
+
 ## [3.16.0] - 2026-06-08
 
 ### Added — FAZ 3 part 2: AST BOLA ownership-guard detection for VG950 (442 rules / 37 tools)

package/build/tools/ast-engine.d.ts

@@ -16,3 +16,12 @@ export declare function paramReachesSink(code: string, filePath?: string): boole
  * firing — for a BOLA rule we prefer a false positive over hiding a real one.
  */
 export declare function bolaOwnershipGuarded(code: string, filePath: string | undefined, line: number): boolean;
+/**
+ * True when the argument to a `new RegExp(...)` at `line` is PROVABLY a constant
+ * (a string literal, a variable assigned from a string literal, or the callback
+ * parameter of an iteration over a const string-array — the "bot list" pattern),
+ * so VG126 ("Dynamic RegExp from user input") is a false positive there. Returns
+ * false on any uncertainty so the rule keeps firing — a regex built from anything
+ * not provably constant stays flagged.
+ */
+export declare function regexpArgIsConstant(code: string, filePath: string | undefined, line: number): boolean;

package/build/tools/ast-engine.js

@@ -212,3 +212,93 @@ export function bolaOwnershipGuarded(code, filePath, line) {
     }
     return false;
 }
+const ITER_METHODS = new Set(["map", "forEach", "some", "every", "filter", "find", "findIndex", "reduce", "flatMap"]);
+/** First `const NAME = <initializer>` for NAME anywhere in the file (file-scope-ish). */
+function findVarInit(ts, sf, name) {
+    let found;
+    const visit = (node) => {
+        if (!found && ts.isVariableDeclaration(node) && ts.isIdentifier(node.name) && node.name.text === name && node.initializer) {
+            found = node.initializer;
+        }
+        if (!found)
+            ts.forEachChild(node, visit);
+    };
+    visit(sf);
+    return found;
+}
+/** A non-empty array literal whose elements are all string/template literals (a const pattern list). */
+function isConstStringArray(ts, sf, node) {
+    // SCREAMING_SNAKE_CASE identifier = constant by convention (often an imported list).
+    if (ts.isIdentifier(node) && /^[A-Z][A-Z0-9_]+$/.test(node.text))
+        return true;
+    let arr = node;
+    if (ts.isIdentifier(node))
+        arr = findVarInit(ts, sf, node.text);
+    if (arr && ts.isArrayLiteralExpression(arr)) {
+        return arr.elements.length > 0 &&
+            arr.elements.every(el => ts.isStringLiteral(el) || ts.isNoSubstitutionTemplateLiteral(el));
+    }
+    return false;
+}
+/**
+ * True when the argument to a `new RegExp(...)` at `line` is PROVABLY a constant
+ * (a string literal, a variable assigned from a string literal, or the callback
+ * parameter of an iteration over a const string-array — the "bot list" pattern),
+ * so VG126 ("Dynamic RegExp from user input") is a false positive there. Returns
+ * false on any uncertainty so the rule keeps firing — a regex built from anything
+ * not provably constant stays flagged.
+ */
+export function regexpArgIsConstant(code, filePath, line) {
+    const ts = getTs();
+    if (!ts)
+        return false;
+    let sf;
+    try {
+        sf = ts.createSourceFile(filePath ?? "file.ts", code, ts.ScriptTarget.Latest, true, scriptKindFor(ts, filePath));
+    }
+    catch {
+        return false;
+    }
+    let target;
+    const visit = (node) => {
+        if (!target && ts.isNewExpression(node) && ts.isIdentifier(node.expression) && node.expression.text === "RegExp"
+            && node.arguments && node.arguments.length > 0) {
+            const startLine = sf.getLineAndCharacterOfPosition(node.getStart(sf)).line + 1;
+            if (Math.abs(startLine - line) <= 1)
+                target = node;
+        }
+        if (!target)
+            ts.forEachChild(node, visit);
+    };
+    visit(sf);
+    if (!target || !target.arguments)
+        return false;
+    const arg = target.arguments[0];
+    if (ts.isStringLiteral(arg) || ts.isNoSubstitutionTemplateLiteral(arg))
+        return true;
+    // `new RegExp(x.source, x.flags)` — cloning an existing compiled RegExp, not user input.
+    if (ts.isPropertyAccessExpression(arg) && (arg.name.text === "source" || arg.name.text === "flags"))
+        return true;
+    if (!ts.isIdentifier(arg))
+        return false;
+    const argName = arg.text;
+    // (a) const argName = "literal"
+    const init = findVarInit(ts, sf, argName);
+    if (init && (ts.isStringLiteral(init) || ts.isNoSubstitutionTemplateLiteral(init)))
+        return true;
+    // (b) argName is the callback parameter of an iteration over a const string array.
+    let fn = target.parent;
+    while (fn && !((ts.isArrowFunction(fn) || ts.isFunctionExpression(fn))
+        && fn.parameters.some(p => ts.isIdentifier(p.name) && p.name.text === argName))) {
+        fn = fn.parent;
+    }
+    if (fn && (ts.isArrowFunction(fn) || ts.isFunctionExpression(fn))) {
+        const call = fn.parent;
+        if (call && ts.isCallExpression(call) && ts.isPropertyAccessExpression(call.expression)
+            && ITER_METHODS.has(call.expression.name.text)
+            && isConstStringArray(ts, sf, call.expression.expression)) {
+            return true;
+        }
+    }
+    return false;
+}

package/build/tools/check-code.js

@@ -4,7 +4,7 @@ import { loadConfig } from "../utils/config.js";
 import { loadIgnoreFile, isIgnored } from "../utils/ignore.js";
 import { securityBanner } from "../utils/banner.js";
 import { looksMinified } from "../utils/constants.js";
-import { paramReachesSink, bolaOwnershipGuarded } from "./ast-engine.js";
+import { paramReachesSink, bolaOwnershipGuarded, regexpArgIsConstant } from "./ast-engine.js";
 /** CVE version-pin rule IDs are VG900-VG931 (and only these). Other VG9xx IDs
  * (VG983 Turso, VG990 SVG, VG998 OpenAI browser flag, etc.) are regular code-pattern
  * rules and should NOT be exempted from comment / string-literal skip logic. */
@@ -886,6 +886,12 @@ export function analyzeCode(code, language, framework, filePath, configDir, rule
             // `userId` that only appears in `select`, and sees a separate comparison statement.
             if (rule.id === "VG950" && filePath && bolaOwnershipGuarded(code, filePath, lineNumber))
                 continue;
+            // VG126 (Dynamic RegExp from User Input): the regex matches `new RegExp(anyVar)`,
+            // but the var is often a provable constant — a string literal or the callback
+            // param iterating a const string array (the classic bot-UA / referrer-list pattern).
+            // Suppress only when AST proves the argument is constant; anything else keeps firing.
+            if (rule.id === "VG126" && (looksMinified(code) || (filePath && regexpArgIsConstant(code, filePath, lineNumber))))
+                continue;
             // VG202: skip when the FROM target matches a previous AS-alias in the same file.
             if (dockerStageAliases) {
                 const target = match[0].replace(/^FROM\s+/i, "").split(/[:@\s]/)[0].toLowerCase();

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "guardvibe",
-  "version": "3.16.0",
+  "version": "3.17.0",
   "mcpName": "io.github.goklab/guardvibe",
   "description": "Security infrastructure your AI can't be — deterministic, current past your model's training cutoff, whole-repo-aware, author-independent. Security MCP for vibe coding. 442 rules, 37 tools, CLI + doctor. Host security, auth coverage mapping, LLM-powered deep scan (IDOR/business logic), taint analysis. 71 CVE rules refreshed daily from GHSA/OSV/CISA KEV — Vite dev-server RCE, React Router 7 cluster, DOMPurify XSS, Better Auth bypass, Miasma @redhat-cloud-services compromise, Next.js May 2026 13-advisory cluster, Drizzle/MikroORM/Kysely SQL injection, Axios proxy-auth redirect leak, Hono setCookie attribute injection, Clerk SSRF, tRPC prototype pollution, @tanstack supply-chain, node-ipc protestware, OpenClaude sandbox bypass, plus the full AI-generated stack (Supabase, Stripe, Prisma, Hono, GraphQL, Convex, Turso, Uploadthing, AI SDK). 68 AI-native rules including OWASP MCP Top 10 tool-description prompt injection (VG1068), model-controlled sandbox-disable flag detection (VG1063), Session messenger exfil endpoint IOC (VG1075), and CI/CD supply-chain hardening (VG1070 npm --expect-provenance / --ignore-scripts enforcement).",
   "type": "module",