kastell 2.1.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +18 -0
- package/.claude-plugin/plugin.json +39 -0
- package/CHANGELOG.md +1266 -1216
- package/LICENSE +201 -201
- package/NOTICE +5 -5
- package/README.md +1 -1
- package/README.tr.md +1 -1
- package/bin/kastell +2 -2
- package/bin/kastell-mcp +5 -5
- package/dist/adapters/coolify.js +92 -92
- package/dist/adapters/dokploy.js +99 -99
- package/dist/adapters/shared.d.ts.map +1 -1
- package/dist/adapters/shared.js +4 -2
- package/dist/adapters/shared.js.map +1 -1
- package/dist/commands/add.d.ts.map +1 -1
- package/dist/commands/add.js +6 -9
- package/dist/commands/add.js.map +1 -1
- package/dist/commands/auth.d.ts.map +1 -1
- package/dist/commands/auth.js +12 -12
- package/dist/commands/auth.js.map +1 -1
- package/dist/commands/doctor.d.ts +1 -0
- package/dist/commands/doctor.d.ts.map +1 -1
- package/dist/commands/doctor.js +23 -8
- package/dist/commands/doctor.js.map +1 -1
- package/dist/commands/evidence.d.ts.map +1 -1
- package/dist/commands/evidence.js +8 -9
- package/dist/commands/evidence.js.map +1 -1
- package/dist/commands/fix.d.ts +1 -0
- package/dist/commands/fix.d.ts.map +1 -1
- package/dist/commands/fix.js +24 -5
- package/dist/commands/fix.js.map +1 -1
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +4 -7
- package/dist/commands/init.js.map +1 -1
- package/dist/commands/interactive/backup-maintenance.d.ts +8 -0
- package/dist/commands/interactive/backup-maintenance.d.ts.map +1 -0
- package/dist/commands/interactive/backup-maintenance.js +120 -0
- package/dist/commands/interactive/backup-maintenance.js.map +1 -0
- package/dist/commands/interactive/index.d.ts +4 -0
- package/dist/commands/interactive/index.d.ts.map +1 -0
- package/dist/commands/interactive/index.js +94 -0
- package/dist/commands/interactive/index.js.map +1 -0
- package/dist/commands/interactive/menu.d.ts +23 -0
- package/dist/commands/interactive/menu.d.ts.map +1 -0
- package/dist/commands/interactive/menu.js +121 -0
- package/dist/commands/interactive/menu.js.map +1 -0
- package/dist/commands/interactive/monitoring.d.ts +5 -0
- package/dist/commands/interactive/monitoring.d.ts.map +1 -0
- package/dist/commands/interactive/monitoring.js +96 -0
- package/dist/commands/interactive/monitoring.js.map +1 -0
- package/dist/commands/interactive/plugins.d.ts +2 -0
- package/dist/commands/interactive/plugins.d.ts.map +1 -0
- package/dist/commands/interactive/plugins.js +30 -0
- package/dist/commands/interactive/plugins.js.map +1 -0
- package/dist/commands/interactive/security.d.ts +9 -0
- package/dist/commands/interactive/security.d.ts.map +1 -0
- package/dist/commands/interactive/security.js +535 -0
- package/dist/commands/interactive/security.js.map +1 -0
- package/dist/commands/interactive/server-management.d.ts +5 -0
- package/dist/commands/interactive/server-management.d.ts.map +1 -0
- package/dist/commands/interactive/server-management.js +79 -0
- package/dist/commands/interactive/server-management.js.map +1 -0
- package/dist/commands/interactive/shared.d.ts +12 -0
- package/dist/commands/interactive/shared.d.ts.map +1 -0
- package/dist/commands/interactive/shared.js +30 -0
- package/dist/commands/interactive/shared.js.map +1 -0
- package/dist/commands/interactive.d.ts.map +1 -1
- package/dist/commands/interactive.js +29 -0
- package/dist/commands/interactive.js.map +1 -1
- package/dist/commands/lock.js +1 -1
- package/dist/commands/lock.js.map +1 -1
- package/dist/commands/plugin.d.ts +8 -0
- package/dist/commands/plugin.d.ts.map +1 -0
- package/dist/commands/plugin.js +87 -0
- package/dist/commands/plugin.js.map +1 -0
- package/dist/commands/regression.d.ts.map +1 -1
- package/dist/commands/regression.js +1 -2
- package/dist/commands/regression.js.map +1 -1
- package/dist/commands/restart.d.ts.map +1 -1
- package/dist/commands/restart.js +3 -2
- package/dist/commands/restart.js.map +1 -1
- package/dist/commands/schedule.js +2 -2
- package/dist/commands/schedule.js.map +1 -1
- package/dist/core/audit/checkIds.d.ts +516 -0
- package/dist/core/audit/checkIds.d.ts.map +1 -0
- package/dist/core/audit/checkIds.js +515 -0
- package/dist/core/audit/checkIds.js.map +1 -0
- package/dist/core/audit/checks/accounts.d.ts.map +1 -1
- package/dist/core/audit/checks/accounts.js +23 -22
- package/dist/core/audit/checks/accounts.js.map +1 -1
- package/dist/core/audit/checks/auth.d.ts.map +1 -1
- package/dist/core/audit/checks/auth.js +23 -22
- package/dist/core/audit/checks/auth.js.map +1 -1
- package/dist/core/audit/checks/backup.d.ts.map +1 -1
- package/dist/core/audit/checks/backup.js +9 -8
- package/dist/core/audit/checks/backup.js.map +1 -1
- package/dist/core/audit/checks/banners.d.ts.map +1 -1
- package/dist/core/audit/checks/banners.js +7 -6
- package/dist/core/audit/checks/banners.js.map +1 -1
- package/dist/core/audit/checks/boot.d.ts.map +1 -1
- package/dist/core/audit/checks/boot.js +12 -11
- package/dist/core/audit/checks/boot.js.map +1 -1
- package/dist/core/audit/checks/cloudmeta.d.ts.map +1 -1
- package/dist/core/audit/checks/cloudmeta.js +7 -6
- package/dist/core/audit/checks/cloudmeta.js.map +1 -1
- package/dist/core/audit/checks/crypto.d.ts +0 -5
- package/dist/core/audit/checks/crypto.d.ts.map +1 -1
- package/dist/core/audit/checks/crypto.js +20 -19
- package/dist/core/audit/checks/crypto.js.map +1 -1
- package/dist/core/audit/checks/ddos.d.ts.map +1 -1
- package/dist/core/audit/checks/ddos.js +9 -8
- package/dist/core/audit/checks/ddos.js.map +1 -1
- package/dist/core/audit/checks/dns.d.ts.map +1 -1
- package/dist/core/audit/checks/dns.js +9 -8
- package/dist/core/audit/checks/dns.js.map +1 -1
- package/dist/core/audit/checks/docker.d.ts.map +1 -1
- package/dist/core/audit/checks/docker.js +65 -64
- package/dist/core/audit/checks/docker.js.map +1 -1
- package/dist/core/audit/checks/fileintegrity.d.ts.map +1 -1
- package/dist/core/audit/checks/fileintegrity.js +11 -10
- package/dist/core/audit/checks/fileintegrity.js.map +1 -1
- package/dist/core/audit/checks/filesystem.d.ts.map +1 -1
- package/dist/core/audit/checks/filesystem.js +21 -20
- package/dist/core/audit/checks/filesystem.js.map +1 -1
- package/dist/core/audit/checks/firewall.d.ts.map +1 -1
- package/dist/core/audit/checks/firewall.js +18 -17
- package/dist/core/audit/checks/firewall.js.map +1 -1
- package/dist/core/audit/checks/httpHeaders.d.ts.map +1 -1
- package/dist/core/audit/checks/httpHeaders.js +7 -6
- package/dist/core/audit/checks/httpHeaders.js.map +1 -1
- package/dist/core/audit/checks/incidentready.d.ts.map +1 -1
- package/dist/core/audit/checks/incidentready.js +13 -12
- package/dist/core/audit/checks/incidentready.js.map +1 -1
- package/dist/core/audit/checks/kernel.d.ts.map +1 -1
- package/dist/core/audit/checks/kernel.js +32 -31
- package/dist/core/audit/checks/kernel.js.map +1 -1
- package/dist/core/audit/checks/logging.d.ts.map +1 -1
- package/dist/core/audit/checks/logging.js +21 -20
- package/dist/core/audit/checks/logging.js.map +1 -1
- package/dist/core/audit/checks/mac.d.ts.map +1 -1
- package/dist/core/audit/checks/mac.js +11 -10
- package/dist/core/audit/checks/mac.js.map +1 -1
- package/dist/core/audit/checks/malware.d.ts.map +1 -1
- package/dist/core/audit/checks/malware.js +12 -11
- package/dist/core/audit/checks/malware.js.map +1 -1
- package/dist/core/audit/checks/memory.d.ts.map +1 -1
- package/dist/core/audit/checks/memory.js +12 -11
- package/dist/core/audit/checks/memory.js.map +1 -1
- package/dist/core/audit/checks/network.d.ts.map +1 -1
- package/dist/core/audit/checks/network.js +22 -21
- package/dist/core/audit/checks/network.js.map +1 -1
- package/dist/core/audit/checks/nginx.d.ts.map +1 -1
- package/dist/core/audit/checks/nginx.js +17 -16
- package/dist/core/audit/checks/nginx.js.map +1 -1
- package/dist/core/audit/checks/resourcelimits.d.ts.map +1 -1
- package/dist/core/audit/checks/resourcelimits.js +9 -8
- package/dist/core/audit/checks/resourcelimits.js.map +1 -1
- package/dist/core/audit/checks/scheduling.d.ts.map +1 -1
- package/dist/core/audit/checks/scheduling.js +13 -12
- package/dist/core/audit/checks/scheduling.js.map +1 -1
- package/dist/core/audit/checks/secrets.d.ts.map +1 -1
- package/dist/core/audit/checks/secrets.js +16 -15
- package/dist/core/audit/checks/secrets.js.map +1 -1
- package/dist/core/audit/checks/services.d.ts.map +1 -1
- package/dist/core/audit/checks/services.js +26 -25
- package/dist/core/audit/checks/services.js.map +1 -1
- package/dist/core/audit/checks/ssh.d.ts.map +1 -1
- package/dist/core/audit/checks/ssh.js +23 -22
- package/dist/core/audit/checks/ssh.js.map +1 -1
- package/dist/core/audit/checks/supplychain.d.ts.map +1 -1
- package/dist/core/audit/checks/supplychain.js +13 -12
- package/dist/core/audit/checks/supplychain.js.map +1 -1
- package/dist/core/audit/checks/time.d.ts.map +1 -1
- package/dist/core/audit/checks/time.js +10 -9
- package/dist/core/audit/checks/time.js.map +1 -1
- package/dist/core/audit/checks/tls.d.ts.map +1 -1
- package/dist/core/audit/checks/tls.js +9 -8
- package/dist/core/audit/checks/tls.js.map +1 -1
- package/dist/core/audit/checks/updates.d.ts.map +1 -1
- package/dist/core/audit/checks/updates.js +12 -11
- package/dist/core/audit/checks/updates.js.map +1 -1
- package/dist/core/audit/compliance/categories/index.d.ts +3 -0
- package/dist/core/audit/compliance/categories/index.d.ts.map +1 -0
- package/dist/core/audit/compliance/categories/index.js +737 -0
- package/dist/core/audit/compliance/categories/index.js.map +1 -0
- package/dist/core/audit/compliance/helpers.d.ts +17 -0
- package/dist/core/audit/compliance/helpers.d.ts.map +1 -0
- package/dist/core/audit/compliance/helpers.js +40 -0
- package/dist/core/audit/compliance/helpers.js.map +1 -0
- package/dist/core/audit/compliance/mapper.d.ts +4 -16
- package/dist/core/audit/compliance/mapper.d.ts.map +1 -1
- package/dist/core/audit/compliance/mapper.js +3 -776
- package/dist/core/audit/compliance/mapper.js.map +1 -1
- package/dist/core/audit/fix-history.d.ts +16 -7
- package/dist/core/audit/fix-history.d.ts.map +1 -1
- package/dist/core/audit/fix-history.js +25 -2
- package/dist/core/audit/fix-history.js.map +1 -1
- package/dist/core/audit/fix.d.ts +17 -2
- package/dist/core/audit/fix.d.ts.map +1 -1
- package/dist/core/audit/fix.js +115 -42
- package/dist/core/audit/fix.js.map +1 -1
- package/dist/core/audit/formatters/badge.js +20 -20
- package/dist/core/audit/index.d.ts.map +1 -1
- package/dist/core/audit/index.js +3 -2
- package/dist/core/audit/index.js.map +1 -1
- package/dist/core/audit/snapshot.d.ts.map +1 -1
- package/dist/core/audit/snapshot.js +6 -2
- package/dist/core/audit/snapshot.js.map +1 -1
- package/dist/core/audit/types.d.ts +11 -1
- package/dist/core/audit/types.d.ts.map +1 -1
- package/dist/core/audit/watch.d.ts.map +1 -1
- package/dist/core/audit/watch.js +3 -2
- package/dist/core/audit/watch.js.map +1 -1
- package/dist/core/backup.d.ts.map +1 -1
- package/dist/core/backup.js +10 -5
- package/dist/core/backup.js.map +1 -1
- package/dist/core/bot/handlers.d.ts.map +1 -1
- package/dist/core/bot/handlers.js +2 -17
- package/dist/core/bot/handlers.js.map +1 -1
- package/dist/core/completions.d.ts.map +1 -1
- package/dist/core/completions.js +632 -610
- package/dist/core/completions.js.map +1 -1
- package/dist/core/deploy.d.ts.map +1 -1
- package/dist/core/deploy.js +7 -4
- package/dist/core/deploy.js.map +1 -1
- package/dist/core/doctor-fix.d.ts +1 -1
- package/dist/core/doctor-fix.d.ts.map +1 -1
- package/dist/core/doctor-fix.js +17 -2
- package/dist/core/doctor-fix.js.map +1 -1
- package/dist/core/doctor.d.ts.map +1 -1
- package/dist/core/doctor.js +2 -1
- package/dist/core/doctor.js.map +1 -1
- package/dist/core/firewall.d.ts +0 -1
- package/dist/core/firewall.d.ts.map +1 -1
- package/dist/core/firewall.js +2 -13
- package/dist/core/firewall.js.map +1 -1
- package/dist/core/lock/auth.d.ts +7 -0
- package/dist/core/lock/auth.d.ts.map +1 -0
- package/dist/core/lock/auth.js +59 -0
- package/dist/core/lock/auth.js.map +1 -0
- package/dist/core/lock/docker.d.ts +4 -0
- package/dist/core/lock/docker.d.ts.map +1 -0
- package/dist/core/lock/docker.js +28 -0
- package/dist/core/lock/docker.js.map +1 -0
- package/dist/core/lock/index.d.ts +11 -0
- package/dist/core/lock/index.d.ts.map +1 -0
- package/dist/core/lock/index.js +247 -0
- package/dist/core/lock/index.js.map +1 -0
- package/dist/core/lock/monitoring.d.ts +4 -0
- package/dist/core/lock/monitoring.d.ts.map +1 -0
- package/dist/core/lock/monitoring.js +55 -0
- package/dist/core/lock/monitoring.js.map +1 -0
- package/dist/core/lock/network.d.ts +6 -0
- package/dist/core/lock/network.d.ts.map +1 -0
- package/dist/core/lock/network.js +59 -0
- package/dist/core/lock/network.js.map +1 -0
- package/dist/core/lock/ssh.d.ts +5 -0
- package/dist/core/lock/ssh.d.ts.map +1 -0
- package/dist/core/lock/ssh.js +49 -0
- package/dist/core/lock/ssh.js.map +1 -0
- package/dist/core/lock/system.d.ts +9 -0
- package/dist/core/lock/system.d.ts.map +1 -0
- package/dist/core/lock/system.js +80 -0
- package/dist/core/lock/system.js.map +1 -0
- package/dist/core/lock/types.d.ts +41 -0
- package/dist/core/lock/types.d.ts.map +1 -0
- package/dist/core/lock/types.js +2 -0
- package/dist/core/lock/types.js.map +1 -0
- package/dist/core/maintain.d.ts.map +1 -1
- package/dist/core/maintain.js +3 -1
- package/dist/core/maintain.js.map +1 -1
- package/dist/core/manage.d.ts.map +1 -1
- package/dist/core/manage.js +7 -4
- package/dist/core/manage.js.map +1 -1
- package/dist/core/notify.d.ts.map +1 -1
- package/dist/core/notify.js +2 -1
- package/dist/core/notify.js.map +1 -1
- package/dist/core/notifyStore.d.ts.map +1 -1
- package/dist/core/notifyStore.js +3 -1
- package/dist/core/notifyStore.js.map +1 -1
- package/dist/core/plugin.d.ts +23 -0
- package/dist/core/plugin.d.ts.map +1 -0
- package/dist/core/plugin.js +107 -0
- package/dist/core/plugin.js.map +1 -0
- package/dist/core/provision.d.ts.map +1 -1
- package/dist/core/provision.js +9 -4
- package/dist/core/provision.js.map +1 -1
- package/dist/core/scheduleManager.d.ts +2 -1
- package/dist/core/scheduleManager.d.ts.map +1 -1
- package/dist/core/scheduleManager.js +13 -7
- package/dist/core/scheduleManager.js.map +1 -1
- package/dist/index.js +34 -2
- package/dist/index.js.map +1 -1
- package/dist/mcp/index.js +5 -9
- package/dist/mcp/index.js.map +1 -1
- package/dist/mcp/schemas/audit.d.ts +34 -0
- package/dist/mcp/schemas/audit.d.ts.map +1 -0
- package/dist/mcp/schemas/audit.js +23 -0
- package/dist/mcp/schemas/audit.js.map +1 -0
- package/dist/mcp/schemas/common.d.ts +16 -0
- package/dist/mcp/schemas/common.d.ts.map +1 -0
- package/dist/mcp/schemas/common.js +14 -0
- package/dist/mcp/schemas/common.js.map +1 -0
- package/dist/mcp/schemas/health.d.ts +14 -0
- package/dist/mcp/schemas/health.d.ts.map +1 -0
- package/dist/mcp/schemas/health.js +13 -0
- package/dist/mcp/schemas/health.js.map +1 -0
- package/dist/mcp/schemas/index.d.ts +5 -0
- package/dist/mcp/schemas/index.d.ts.map +1 -0
- package/dist/mcp/schemas/index.js +5 -0
- package/dist/mcp/schemas/index.js.map +1 -0
- package/dist/mcp/schemas/server.d.ts +18 -0
- package/dist/mcp/schemas/server.d.ts.map +1 -0
- package/dist/mcp/schemas/server.js +16 -0
- package/dist/mcp/schemas/server.js.map +1 -0
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +71 -40
- package/dist/mcp/server.js.map +1 -1
- package/dist/mcp/tools/serverAudit.d.ts +63 -1
- package/dist/mcp/tools/serverAudit.d.ts.map +1 -1
- package/dist/mcp/tools/serverAudit.js +63 -6
- package/dist/mcp/tools/serverAudit.js.map +1 -1
- package/dist/mcp/tools/serverBackup.d.ts +100 -2
- package/dist/mcp/tools/serverBackup.d.ts.map +1 -1
- package/dist/mcp/tools/serverBackup.handlers.d.ts.map +1 -1
- package/dist/mcp/tools/serverBackup.handlers.js +9 -0
- package/dist/mcp/tools/serverBackup.handlers.js.map +1 -1
- package/dist/mcp/tools/serverBackup.js +74 -0
- package/dist/mcp/tools/serverBackup.js.map +1 -1
- package/dist/mcp/tools/serverCompare.d.ts +33 -0
- package/dist/mcp/tools/serverCompare.d.ts.map +1 -1
- package/dist/mcp/tools/serverCompare.js +45 -2
- package/dist/mcp/tools/serverCompare.js.map +1 -1
- package/dist/mcp/tools/serverDoctor.d.ts +14 -0
- package/dist/mcp/tools/serverDoctor.d.ts.map +1 -1
- package/dist/mcp/tools/serverDoctor.js +16 -1
- package/dist/mcp/tools/serverDoctor.js.map +1 -1
- package/dist/mcp/tools/serverEvidence.d.ts +13 -0
- package/dist/mcp/tools/serverEvidence.d.ts.map +1 -1
- package/dist/mcp/tools/serverEvidence.js +17 -2
- package/dist/mcp/tools/serverEvidence.js.map +1 -1
- package/dist/mcp/tools/serverExplain.d.ts +17 -0
- package/dist/mcp/tools/serverExplain.d.ts.map +1 -1
- package/dist/mcp/tools/serverExplain.js +33 -1
- package/dist/mcp/tools/serverExplain.js.map +1 -1
- package/dist/mcp/tools/serverFix.d.ts +78 -0
- package/dist/mcp/tools/serverFix.d.ts.map +1 -1
- package/dist/mcp/tools/serverFix.js +87 -0
- package/dist/mcp/tools/serverFix.js.map +1 -1
- package/dist/mcp/tools/serverFleet.d.ts +24 -1
- package/dist/mcp/tools/serverFleet.d.ts.map +1 -1
- package/dist/mcp/tools/serverFleet.js +24 -1
- package/dist/mcp/tools/serverFleet.js.map +1 -1
- package/dist/mcp/tools/serverGuard.d.ts +12 -0
- package/dist/mcp/tools/serverGuard.d.ts.map +1 -1
- package/dist/mcp/tools/serverGuard.js +16 -0
- package/dist/mcp/tools/serverGuard.js.map +1 -1
- package/dist/mcp/tools/serverInfo.d.ts +77 -1
- package/dist/mcp/tools/serverInfo.d.ts.map +1 -1
- package/dist/mcp/tools/serverInfo.js +77 -4
- package/dist/mcp/tools/serverInfo.js.map +1 -1
- package/dist/mcp/tools/serverLock.d.ts +10 -0
- package/dist/mcp/tools/serverLock.d.ts.map +1 -1
- package/dist/mcp/tools/serverLock.js +15 -3
- package/dist/mcp/tools/serverLock.js.map +1 -1
- package/dist/mcp/tools/serverLogs.d.ts +43 -0
- package/dist/mcp/tools/serverLogs.d.ts.map +1 -1
- package/dist/mcp/tools/serverLogs.js +28 -0
- package/dist/mcp/tools/serverLogs.js.map +1 -1
- package/dist/mcp/tools/serverMaintain.d.ts +47 -0
- package/dist/mcp/tools/serverMaintain.d.ts.map +1 -1
- package/dist/mcp/tools/serverMaintain.js +75 -41
- package/dist/mcp/tools/serverMaintain.js.map +1 -1
- package/dist/mcp/tools/serverManage.d.ts +50 -0
- package/dist/mcp/tools/serverManage.d.ts.map +1 -1
- package/dist/mcp/tools/serverManage.js +49 -0
- package/dist/mcp/tools/serverManage.js.map +1 -1
- package/dist/mcp/tools/serverPlugin.d.ts +30 -0
- package/dist/mcp/tools/serverPlugin.d.ts.map +1 -0
- package/dist/mcp/tools/serverPlugin.js +47 -0
- package/dist/mcp/tools/serverPlugin.js.map +1 -0
- package/dist/mcp/tools/serverProvision.d.ts +22 -0
- package/dist/mcp/tools/serverProvision.d.ts.map +1 -1
- package/dist/mcp/tools/serverProvision.js +22 -2
- package/dist/mcp/tools/serverProvision.js.map +1 -1
- package/dist/mcp/tools/serverSecure.d.ts +120 -0
- package/dist/mcp/tools/serverSecure.d.ts.map +1 -1
- package/dist/mcp/tools/serverSecure.handlers.d.ts.map +1 -1
- package/dist/mcp/tools/serverSecure.handlers.js +39 -98
- package/dist/mcp/tools/serverSecure.handlers.js.map +1 -1
- package/dist/mcp/tools/serverSecure.js +101 -0
- package/dist/mcp/tools/serverSecure.js.map +1 -1
- package/dist/mcp/utils.d.ts +1 -0
- package/dist/mcp/utils.d.ts.map +1 -1
- package/dist/mcp/utils.js +5 -1
- package/dist/mcp/utils.js.map +1 -1
- package/dist/plugin/loader.d.ts +10 -0
- package/dist/plugin/loader.d.ts.map +1 -0
- package/dist/plugin/loader.js +88 -0
- package/dist/plugin/loader.js.map +1 -0
- package/dist/plugin/registry.d.ts +16 -0
- package/dist/plugin/registry.d.ts.map +1 -0
- package/dist/plugin/registry.js +101 -0
- package/dist/plugin/registry.js.map +1 -0
- package/dist/plugin/sdk/constants.d.ts +3 -0
- package/dist/plugin/sdk/constants.d.ts.map +1 -0
- package/dist/plugin/sdk/constants.js +3 -0
- package/dist/plugin/sdk/constants.js.map +1 -0
- package/dist/plugin/sdk/types.d.ts +29 -0
- package/dist/plugin/sdk/types.d.ts.map +1 -0
- package/dist/plugin/sdk/types.js +2 -0
- package/dist/plugin/sdk/types.js.map +1 -0
- package/dist/plugin/validate.d.ts +3 -0
- package/dist/plugin/validate.d.ts.map +1 -0
- package/dist/plugin/validate.js +31 -0
- package/dist/plugin/validate.js.map +1 -0
- package/dist/providers/base.d.ts.map +1 -1
- package/dist/providers/base.js +2 -1
- package/dist/providers/base.js.map +1 -1
- package/dist/providers/linode.d.ts +1 -0
- package/dist/providers/linode.d.ts.map +1 -1
- package/dist/providers/linode.js +4 -0
- package/dist/providers/linode.js.map +1 -1
- package/dist/utils/cloudInit.js +58 -58
- package/dist/utils/config.d.ts +3 -0
- package/dist/utils/config.d.ts.map +1 -1
- package/dist/utils/config.js +11 -6
- package/dist/utils/config.js.map +1 -1
- package/dist/utils/encryption.d.ts.map +1 -1
- package/dist/utils/encryption.js +4 -1
- package/dist/utils/encryption.js.map +1 -1
- package/dist/utils/errorMapper.d.ts.map +1 -1
- package/dist/utils/errorMapper.js +2 -1
- package/dist/utils/errorMapper.js.map +1 -1
- package/dist/utils/errors.d.ts +1 -0
- package/dist/utils/errors.d.ts.map +1 -1
- package/dist/utils/errors.js +3 -0
- package/dist/utils/errors.js.map +1 -1
- package/dist/utils/migration.d.ts.map +1 -1
- package/dist/utils/migration.js +25 -14
- package/dist/utils/migration.js.map +1 -1
- package/dist/utils/paths.d.ts +4 -0
- package/dist/utils/paths.d.ts.map +1 -1
- package/dist/utils/paths.js +4 -0
- package/dist/utils/paths.js.map +1 -1
- package/dist/utils/safeMode.d.ts.map +1 -1
- package/dist/utils/safeMode.js +3 -2
- package/dist/utils/safeMode.js.map +1 -1
- package/dist/utils/secureWrite.d.ts.map +1 -1
- package/dist/utils/secureWrite.js +2 -1
- package/dist/utils/secureWrite.js.map +1 -1
- package/dist/utils/securityLogger.d.ts.map +1 -1
- package/dist/utils/securityLogger.js +7 -3
- package/dist/utils/securityLogger.js.map +1 -1
- package/dist/utils/version.d.ts +4 -0
- package/dist/utils/version.d.ts.map +1 -0
- package/dist/utils/version.js +22 -0
- package/dist/utils/version.js.map +1 -0
- package/dist/utils/yamlConfig.d.ts.map +1 -1
- package/dist/utils/yamlConfig.js +3 -2
- package/dist/utils/yamlConfig.js.map +1 -1
- package/kastell-plugin/.claude-plugin/plugin.json +20 -0
- package/kastell-plugin/.mcp.json +8 -0
- package/kastell-plugin/README.md +113 -0
- package/kastell-plugin/agents/.gitkeep +0 -0
- package/kastell-plugin/agents/kastell-auditor.md +77 -0
- package/kastell-plugin/agents/scripts/bucket_mapper.sh +101 -0
- package/kastell-plugin/agents/scripts/trend_report.sh +91 -0
- package/kastell-plugin/hooks/destroy-block.cjs +31 -0
- package/kastell-plugin/hooks/hooks.json +57 -0
- package/kastell-plugin/hooks/pre-commit-audit-guard.cjs +75 -0
- package/kastell-plugin/hooks/session-audit.cjs +86 -0
- package/kastell-plugin/hooks/session-log.cjs +56 -0
- package/kastell-plugin/hooks/stop-quality-check.cjs +72 -0
- package/kastell-plugin/skills/.gitkeep +0 -0
- package/kastell-plugin/skills/kastell-careful/SKILL.md +64 -0
- package/kastell-plugin/skills/kastell-ops/SKILL.md +139 -0
- package/kastell-plugin/skills/kastell-ops/references/commands.md +45 -0
- package/kastell-plugin/skills/kastell-ops/references/mcp-tools.md +50 -0
- package/kastell-plugin/skills/kastell-ops/references/patterns.md +145 -0
- package/kastell-plugin/skills/kastell-ops/references/pitfalls.md +136 -0
- package/kastell-plugin/skills/kastell-ops/scripts/check_coverage.sh +101 -0
- package/kastell-plugin/skills/kastell-ops/scripts/fleet_report.sh +73 -0
- package/kastell-plugin/skills/kastell-ops/scripts/parse_audit.sh +76 -0
- package/kastell-plugin/skills/kastell-research/SKILL.md +90 -0
- package/kastell-plugin/skills/kastell-scaffold/SKILL.md +104 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-audit-check.md +150 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-command.md +80 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-mcp-tool.md +72 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-provider.md +67 -0
- package/kastell-plugin/skills/kastell-scaffold/scripts/scaffold.sh +180 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/check-test.ts.tpl +27 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/check.ts.tpl +50 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/command-core.ts.tpl +18 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/command-test.ts.tpl +17 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/command.ts.tpl +25 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/mcp-tool-test.ts.tpl +30 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/mcp-tool.ts.tpl +29 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/provider-test.ts.tpl +34 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/provider.ts.tpl +32 -0
- package/package.json +122 -113
|
@@ -7,9 +7,10 @@
|
|
|
7
7
|
* It does NOT duplicate MEM-ULIMIT-NOFILE, MEM-PID-MAX-REASONABLE, or MEM-OOM-KILL-POLICY
|
|
8
8
|
* which are covered in memory.ts.
|
|
9
9
|
*/
|
|
10
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
10
11
|
const RLIMIT_CHECKS = [
|
|
11
12
|
{
|
|
12
|
-
id:
|
|
13
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_CGROUPS_V2,
|
|
13
14
|
name: "cgroups v2 Active",
|
|
14
15
|
severity: "warning",
|
|
15
16
|
check: (output) => {
|
|
@@ -27,7 +28,7 @@ const RLIMIT_CHECKS = [
|
|
|
27
28
|
explain: "cgroups v2 (unified hierarchy) provides superior resource isolation and control compared to cgroups v1. Its absence means container runtimes and systemd cannot enforce per-process CPU/memory limits reliably.",
|
|
28
29
|
},
|
|
29
30
|
{
|
|
30
|
-
id:
|
|
31
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_NPROC_SOFT,
|
|
31
32
|
name: "nproc Soft Limit Configured",
|
|
32
33
|
severity: "warning",
|
|
33
34
|
check: (output) => {
|
|
@@ -56,7 +57,7 @@ const RLIMIT_CHECKS = [
|
|
|
56
57
|
explain: "An unlimited nproc soft limit allows a single user to fork unlimited processes, enabling fork bomb attacks that exhaust the process table and cause system-wide denial of service.",
|
|
57
58
|
},
|
|
58
59
|
{
|
|
59
|
-
id:
|
|
60
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_NPROC_HARD,
|
|
60
61
|
name: "nproc Hard Limit Configured",
|
|
61
62
|
severity: "info",
|
|
62
63
|
check: (output) => {
|
|
@@ -85,7 +86,7 @@ const RLIMIT_CHECKS = [
|
|
|
85
86
|
explain: "A hard nproc limit provides an upper bound that even privileged users cannot exceed without root intervention. Without it, soft limits can be trivially bypassed by any user process.",
|
|
86
87
|
},
|
|
87
88
|
{
|
|
88
|
-
id:
|
|
89
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_THREADS_MAX,
|
|
89
90
|
name: "kernel.threads-max Configured",
|
|
90
91
|
severity: "info",
|
|
91
92
|
check: (output) => {
|
|
@@ -109,7 +110,7 @@ const RLIMIT_CHECKS = [
|
|
|
109
110
|
explain: "kernel.threads-max sets the system-wide maximum number of threads. Having it explicitly configured prevents an unbounded thread count that could exhaust kernel resources.",
|
|
110
111
|
},
|
|
111
112
|
{
|
|
112
|
-
id:
|
|
113
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_LIMITS_CONF_NPROC,
|
|
113
114
|
name: "nproc Entries in /etc/security/limits.conf",
|
|
114
115
|
severity: "info",
|
|
115
116
|
check: (output) => {
|
|
@@ -127,7 +128,7 @@ const RLIMIT_CHECKS = [
|
|
|
127
128
|
explain: "Explicit nproc entries in /etc/security/limits.conf enforce process limits for PAM-authenticated sessions. Without them, default system limits apply which may be unlimited depending on the OS version.",
|
|
128
129
|
},
|
|
129
130
|
{
|
|
130
|
-
id:
|
|
131
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_MAXLOGINS,
|
|
131
132
|
name: "maxlogins Configured in limits.conf",
|
|
132
133
|
severity: "info",
|
|
133
134
|
check: (output) => {
|
|
@@ -145,7 +146,7 @@ const RLIMIT_CHECKS = [
|
|
|
145
146
|
explain: "Setting maxlogins in /etc/security/limits.conf limits concurrent login sessions per user. This prevents a single compromised account from holding many simultaneous sessions for parallel attack operations.",
|
|
146
147
|
},
|
|
147
148
|
{
|
|
148
|
-
id:
|
|
149
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_LIMITS_CONF_CONFIGURED,
|
|
149
150
|
name: "/etc/security/limits.conf Has Active Entries",
|
|
150
151
|
severity: "info",
|
|
151
152
|
check: (output) => {
|
|
@@ -174,7 +175,7 @@ const RLIMIT_CHECKS = [
|
|
|
174
175
|
explain: "Configured resource limits in limits.conf prevent individual users from exhausting system resources in denial-of-service scenarios.",
|
|
175
176
|
},
|
|
176
177
|
{
|
|
177
|
-
id:
|
|
178
|
+
id: CHECK_IDS.RESOURCELIMITS.RLIMIT_NPROC_LIMITED,
|
|
178
179
|
name: "nproc Limit Set to Prevent Fork Bombs",
|
|
179
180
|
severity: "warning",
|
|
180
181
|
check: (output) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"resourcelimits.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/resourcelimits.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;
|
|
1
|
+
{"version":3,"file":"resourcelimits.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/resourcelimits.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAa3C,MAAM,aAAa,GAA6B;IAC9C;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,iBAAiB;QAC9C,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBACzC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,gEAAgE,EAAE,CAAC;YAC1G,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBACzC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,kEAAkE,EAAE,CAAC;YAC7G,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2CAA2C,EAAE,CAAC;QACtF,CAAC;QACD,aAAa,EAAE,yEAAyE;QACxF,UAAU,EAAE,gFAAgF;QAC5F,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,iNAAiN;KACpN;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,iBAAiB;QAC9C,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,qBAAqB;YACrB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;YAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,4BAA4B,EAAE,CAAC;YACvE,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,WAAW,GAAG,KAAK,KAAK,WAAW,IAAI,KAAK,KAAK,IAAI,CAAC;YAC5D,IAAI,WAAW,EAAE,CAAC;gBAChB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8CAA8C,EAAE,CAAC;YACzF,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACnC,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,KAAK,CAAC;YACpD,OAAO;gBACL,MAAM,EAAE,UAAU;gBAClB,YAAY,EAAE,UAAU;oBACtB,CAAC,CAAC,qBAAqB,MAAM,eAAe;oBAC5C,CAAC,CAAC,qBAAqB,MAAM,qBAAqB;aACrD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EAAE,uDAAuD;QACnE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oLAAoL;KACvL;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,iBAAiB;QAC9C,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,qBAAqB;YACrB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;YAC/C,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,4BAA4B,EAAE,CAAC;YACvE,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,MAAM,GAAG,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,WAAW,IAAI,KAAK,KAAK,IAAI,CAAC;YAC9E,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,qBAAqB,KAAK,iBAAiB,EAAE,CAAC;YACtF,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACnC,MAAM,KAAK,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,MAAM,GAAG,CAAC,CAAC;YAC3C,OAAO;gBACL,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,KAAK;oBACjB,CAAC,CAAC,qBAAqB,MAAM,eAAe;oBAC5C,CAAC,CAAC,qBAAqB,KAAK,kBAAkB;aACjD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uDAAuD;QACtE,UAAU,EAAE,uDAAuD;QACnE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,uLAAuL;KAC1L;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,kBAAkB;QAC/C,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2CAA2C;YAC3C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,CAAC;YAC1E,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,IAAI,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;oBAC7C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8BAA8B,EAAE,CAAC;gBACzE,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8BAA8B,EAAE,CAAC;YACzE,CAAC;YACD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACrC,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,YAAY,EAAE,wBAAwB,KAAK,eAAe;aAC3D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,mDAAmD;QAClE,UAAU,EAAE,2FAA2F;QACvG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,4KAA4K;KAC/K;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,wBAAwB;QACrD,IAAI,EAAE,4CAA4C;QAClD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;gBAC7C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;YAC5F,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAC,EAAE,CAAC;gBACjD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,+CAA+C,EAAE,CAAC;YAC1F,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;QAC7F,CAAC;QACD,aAAa,EAAE,iEAAiE;QAChF,UAAU,EAAE,0EAA0E;QACtF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,0MAA0M;KAC7M;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,gBAAgB;QAC7C,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAC,EAAE,CAAC;gBACjD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,mDAAmD,EAAE,CAAC;YAC7F,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,+BAA+B,CAAC,EAAE,CAAC;gBACrD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uDAAuD,EAAE,CAAC;YAClG,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,0CAA0C,EAAE,CAAC;QACrF,CAAC;QACD,aAAa,EAAE,sDAAsD;QACrE,UAAU,EAAE,yDAAyD;QACrE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,8MAA8M;KACjN;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,6BAA6B;QAC1D,IAAI,EAAE,8CAA8C;QACpD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,yCAAyC;YACzC,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;YAChE,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,gDAAgD,EAAE,CAAC;YAC3F,CAAC;YACD,qCAAqC;YACrC,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBAClD,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACnB,OAAO,CAAC,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YAC5C,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YACtC,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,GAAG,WAAW,CAAC,MAAM,kCAAkC;oBACzD,CAAC,CAAC,gDAAgD;aACrD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,8DAA8D;QAC7E,UAAU,EAAE,0EAA0E;QACtF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,qIAAqI;KACxI;IACD;QACE,EAAE,EAAE,SAAS,CAAC,cAAc,CAAC,oBAAoB;QACjD,IAAI,EAAE,uCAAuC;QAC7C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,+CAA+C;YAC/C,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACzD,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,mDAAmD,EAAE,CAAC;YAC9F,CAAC;YACD,MAAM,KAAK,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC1C,MAAM,MAAM,GAAG,KAAK,GAAG,KAAK,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,gBAAgB,KAAK,sBAAsB;oBAC7C,CAAC,CAAC,gBAAgB,KAAK,sCAAsC;aAChE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6BAA6B;QAC5C,UAAU,EAAE,uDAAuD;QACnE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,0HAA0H;KAC7H;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,yBAAyB,GAAgB,CACpD,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC/B,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,iBAAiB;gBAC3B,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,iBAAiB;YAC3B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scheduling.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/scheduling.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AAoQ5E,eAAO,MAAM,qBAAqB,EAAE,
|
|
1
|
+
{"version":3,"file":"scheduling.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/scheduling.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AAoQ5E,eAAO,MAAM,qBAAqB,EAAE,WAuCnC,CAAC"}
|
|
@@ -2,9 +2,10 @@
|
|
|
2
2
|
* Scheduling security check parser.
|
|
3
3
|
* Checks cron/at access control and directory permissions.
|
|
4
4
|
*/
|
|
5
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
5
6
|
const SCHEDULING_CHECKS = [
|
|
6
7
|
{
|
|
7
|
-
id:
|
|
8
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRON_ACCESS_CONTROL,
|
|
8
9
|
name: "cron.allow Configured",
|
|
9
10
|
severity: "warning",
|
|
10
11
|
check: (output) => {
|
|
@@ -21,7 +22,7 @@ const SCHEDULING_CHECKS = [
|
|
|
21
22
|
explain: "Using cron.allow restricts cron access to explicitly listed users, following the principle of least privilege.",
|
|
22
23
|
},
|
|
23
24
|
{
|
|
24
|
-
id:
|
|
25
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRON_DENY,
|
|
25
26
|
name: "cron.deny Configured",
|
|
26
27
|
severity: "info",
|
|
27
28
|
check: (output) => {
|
|
@@ -37,7 +38,7 @@ const SCHEDULING_CHECKS = [
|
|
|
37
38
|
explain: "The cron.deny file provides a secondary layer of access control by explicitly blocking specific users from cron.",
|
|
38
39
|
},
|
|
39
40
|
{
|
|
40
|
-
id:
|
|
41
|
+
id: CHECK_IDS.SCHEDULING.SCHED_AT_ACCESS_CONTROL,
|
|
41
42
|
name: "at.allow Configured",
|
|
42
43
|
severity: "warning",
|
|
43
44
|
check: (output) => {
|
|
@@ -53,7 +54,7 @@ const SCHEDULING_CHECKS = [
|
|
|
53
54
|
explain: "Using at.allow restricts the 'at' scheduler to explicitly listed users, preventing unauthorized job scheduling.",
|
|
54
55
|
},
|
|
55
56
|
{
|
|
56
|
-
id:
|
|
57
|
+
id: CHECK_IDS.SCHEDULING.SCHED_AT_DENY,
|
|
57
58
|
name: "at.deny Configured",
|
|
58
59
|
severity: "info",
|
|
59
60
|
check: (output) => {
|
|
@@ -69,7 +70,7 @@ const SCHEDULING_CHECKS = [
|
|
|
69
70
|
explain: "The at.deny file blocks specific users from scheduling one-time jobs, complementing at.allow.",
|
|
70
71
|
},
|
|
71
72
|
{
|
|
72
|
-
id:
|
|
73
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRON_DIR_PERMS,
|
|
73
74
|
name: "Cron Dirs Not World-Writable",
|
|
74
75
|
severity: "warning",
|
|
75
76
|
check: (output) => {
|
|
@@ -88,7 +89,7 @@ const SCHEDULING_CHECKS = [
|
|
|
88
89
|
explain: "World-writable cron directories allow any user to inject scheduled tasks, enabling privilege escalation.",
|
|
89
90
|
},
|
|
90
91
|
{
|
|
91
|
-
id:
|
|
92
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRONTAB_PERMS,
|
|
92
93
|
name: "/etc/crontab Restricted",
|
|
93
94
|
severity: "warning",
|
|
94
95
|
check: (output) => {
|
|
@@ -110,7 +111,7 @@ const SCHEDULING_CHECKS = [
|
|
|
110
111
|
explain: "The system crontab must be restricted to root to prevent unauthorized modification of scheduled tasks.",
|
|
111
112
|
},
|
|
112
113
|
{
|
|
113
|
-
id:
|
|
114
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRON_D_PERMS,
|
|
114
115
|
name: "/etc/cron.d Restricted",
|
|
115
116
|
severity: "info",
|
|
116
117
|
check: (output) => {
|
|
@@ -131,7 +132,7 @@ const SCHEDULING_CHECKS = [
|
|
|
131
132
|
explain: "The cron.d directory holds additional crontab files and should be restricted to prevent unauthorized job additions.",
|
|
132
133
|
},
|
|
133
134
|
{
|
|
134
|
-
id:
|
|
135
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRON_DAILY_PERMS,
|
|
135
136
|
name: "/etc/cron.daily Restricted",
|
|
136
137
|
severity: "info",
|
|
137
138
|
check: (output) => {
|
|
@@ -152,7 +153,7 @@ const SCHEDULING_CHECKS = [
|
|
|
152
153
|
explain: "Daily cron scripts directory should be restricted to prevent injection of persistent malicious scripts.",
|
|
153
154
|
},
|
|
154
155
|
{
|
|
155
|
-
id:
|
|
156
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRONTAB_OWNER,
|
|
156
157
|
name: "/etc/crontab Owned by Root with Restricted Permissions",
|
|
157
158
|
severity: "warning",
|
|
158
159
|
check: (output) => {
|
|
@@ -177,7 +178,7 @@ const SCHEDULING_CHECKS = [
|
|
|
177
178
|
explain: "Non-root owned or world-writable crontab files allow privilege escalation through scheduled job injection.",
|
|
178
179
|
},
|
|
179
180
|
{
|
|
180
|
-
id:
|
|
181
|
+
id: CHECK_IDS.SCHEDULING.SCHED_NO_USER_CRONTABS,
|
|
181
182
|
name: "No World-Writable Cron Directories",
|
|
182
183
|
severity: "warning",
|
|
183
184
|
check: (output) => {
|
|
@@ -196,7 +197,7 @@ const SCHEDULING_CHECKS = [
|
|
|
196
197
|
explain: "World-writable cron directories allow any user to inject scheduled tasks for privilege escalation.",
|
|
197
198
|
},
|
|
198
199
|
{
|
|
199
|
-
id:
|
|
200
|
+
id: CHECK_IDS.SCHEDULING.SCHED_CRON_D_FILE_COUNT,
|
|
200
201
|
name: "cron.d File Count Reasonable",
|
|
201
202
|
severity: "info",
|
|
202
203
|
check: (output) => {
|
|
@@ -218,7 +219,7 @@ const SCHEDULING_CHECKS = [
|
|
|
218
219
|
explain: "Excessive cron.d files indicate unmanaged scheduled tasks that may run with elevated privileges.",
|
|
219
220
|
},
|
|
220
221
|
{
|
|
221
|
-
id:
|
|
222
|
+
id: CHECK_IDS.SCHEDULING.SCHED_NO_WORLD_READABLE_CRONTABS,
|
|
222
223
|
name: "No World-Readable User Crontabs",
|
|
223
224
|
severity: "warning",
|
|
224
225
|
check: (output) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scheduling.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/scheduling.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"scheduling.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/scheduling.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAa3C,MAAM,iBAAiB,GAAyB;IAC9C;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,yBAAyB;QAClD,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,uDAAuD;YACvD,MAAM,MAAM,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC1E,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,2BAA2B;aAC9E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6CAA6C;QAC5D,UAAU,EAAE,0DAA0D;QACtE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,gHAAgH;KACnH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,eAAe;QACxC,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClF,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,0BAA0B;aAC5E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kDAAkD;QACjE,UAAU,EAAE,kDAAkD;QAC9D,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,kHAAkH;KACrH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,uBAAuB;QAChD,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,MAAM,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxE,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,yBAAyB;aAC1E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,2CAA2C;QAC1D,UAAU,EAAE,sDAAsD;QAClE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,iHAAiH;KACpH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,aAAa;QACtC,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC9E,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,qBAAqB,CAAC,CAAC,CAAC,wBAAwB;aACxE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EAAE,8CAA8C;QAC1D,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,+FAA+F;KAClG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,oBAAoB;QAC7C,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,qDAAqD;YACrD,MAAM,gBAAgB,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACjF,OAAO;gBACL,MAAM,EAAE,CAAC,gBAAgB;gBACzB,YAAY,EAAE,gBAAgB;oBAC5B,CAAC,CAAC,uCAAuC;oBACzC,CAAC,CAAC,oCAAoC;aACzC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oCAAoC;QACnD,UAAU,EAAE,2FAA2F;QACvG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,0GAA0G;KAC7G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,mBAAmB;QAC5C,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,qCAAqC;YACrC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,uCAAuC,CAAC,CAAC;YACpE,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,yCAAyC,EAAE,CAAC;YAC9F,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,MAAM,GAAG,CAAC,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,MAAM,CAAC;YACxE,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,iBAAiB,KAAK,IAAI,KAAK,EAAE;aAChD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EAAE,wDAAwD;QACpE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wGAAwG;KAC3G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,kBAAkB;QAC3C,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,yCAAyC,CAAC,CAAC;YACtE,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,wCAAwC,EAAE,CAAC;YAC7F,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,MAAM,GAAG,CAAC,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,MAAM,CAAC;YAC3F,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,gBAAgB,KAAK,IAAI,KAAK,EAAE;aAC/C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,mDAAmD;QAClE,UAAU,EAAE,sDAAsD;QAClE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,qHAAqH;KACxH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,sBAAsB;QAC/C,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,2CAA2C,CAAC,CAAC;YACxE,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,4CAA4C,EAAE,CAAC;YACjG,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,MAAM,GAAG,CAAC,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,MAAM,CAAC;YAC3F,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,oBAAoB,KAAK,IAAI,KAAK,EAAE;aACnD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uDAAuD;QACtE,UAAU,EAAE,8DAA8D;QAC1E,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,yGAAyG;KAC5G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,mBAAmB;QAC5C,IAAI,EAAE,wDAAwD;QAC9D,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;YACzE,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uCAAuC,EAAE,CAAC;YAC5F,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,OAAO,GAAG,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;YACpC,MAAM,WAAW,GAAG,KAAK,KAAK,MAAM,CAAC;YACrC,MAAM,iBAAiB,GAAG,OAAO,IAAI,GAAG,CAAC;YACzC,MAAM,MAAM,GAAG,WAAW,IAAI,iBAAiB,CAAC;YAChD,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,6BAA6B,KAAK,WAAW,KAAK,EAAE;aACnE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EAAE,wDAAwD;QACpE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,4GAA4G;KAC/G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,sBAAsB;QAC/C,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,qDAAqD;YACrD,MAAM,gBAAgB,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACjF,OAAO;gBACL,MAAM,EAAE,CAAC,gBAAgB;gBACzB,YAAY,EAAE,gBAAgB;oBAC5B,CAAC,CAAC,gDAAgD;oBAClD,CAAC,CAAC,oCAAoC;aACzC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iEAAiE;QAChF,UAAU,EAAE,6EAA6E;QACzF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oGAAoG;KACvG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,uBAAuB;QAChD,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,mEAAmE;YACnE,MAAM,iBAAiB,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YAClF,IAAI,iBAAiB,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACnC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uCAAuC,EAAE,CAAC;YAClF,CAAC;YACD,8DAA8D;YAC9D,MAAM,KAAK,GAAG,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;YACxD,OAAO;gBACL,MAAM,EAAE,KAAK,IAAI,EAAE;gBACnB,YAAY,EAAE,GAAG,KAAK,0BAA0B;aACjD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,mCAAmC;QAClD,UAAU,EAAE,iEAAiE;QAC7E,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,kGAAkG;KACrG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,UAAU,CAAC,gCAAgC;QACzD,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2EAA2E;YAC3E,qFAAqF;YACrF,MAAM,gBAAgB,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iCAAiC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;YACrG,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC;YACrD,OAAO;gBACL,MAAM,EAAE,CAAC,gBAAgB;gBACzB,YAAY,EAAE,gBAAgB;oBAC5B,CAAC,CAAC,mEAAmE;oBACrE,CAAC,CAAC,kCAAkC;aACvC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,sDAAsD;QACrE,UAAU,EAAE,sCAAsC;QAClD,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,yHAAyH;KAC5H;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,qBAAqB,GAAgB,CAChD,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,iBAAiB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QACnC,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,YAAY;gBACtB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,YAAY;YACtB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/secrets.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA6Y5E,eAAO,MAAM,kBAAkB,EAAE,
|
|
1
|
+
{"version":3,"file":"secrets.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/secrets.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA6Y5E,eAAO,MAAM,kBAAkB,EAAE,WAuChC,CAAC"}
|
|
@@ -4,9 +4,10 @@
|
|
|
4
4
|
* git config token exposure, /etc plaintext credentials,
|
|
5
5
|
* AWS credential files, Docker env files, and npm token exposure.
|
|
6
6
|
*/
|
|
7
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
7
8
|
const SECRETS_CHECKS = [
|
|
8
9
|
{
|
|
9
|
-
id:
|
|
10
|
+
id: CHECK_IDS.SECRETS.SECRETS_ENV_WORLD_READABLE,
|
|
10
11
|
name: "No World-Readable .env Files",
|
|
11
12
|
severity: "critical",
|
|
12
13
|
check: (output) => {
|
|
@@ -27,7 +28,7 @@ const SECRETS_CHECKS = [
|
|
|
27
28
|
explain: "World-readable .env files expose API keys, database credentials, and service secrets to any local user on the system. Attackers who obtain local code execution can read these files without privilege escalation.",
|
|
28
29
|
},
|
|
29
30
|
{
|
|
30
|
-
id:
|
|
31
|
+
id: CHECK_IDS.SECRETS.SECRETS_SSH_KEY_PERMS,
|
|
31
32
|
name: "SSH Private Keys Not Overly Permissive",
|
|
32
33
|
severity: "critical",
|
|
33
34
|
check: (output) => {
|
|
@@ -61,7 +62,7 @@ const SECRETS_CHECKS = [
|
|
|
61
62
|
explain: "SSH private keys with permissions wider than 600 can be read by other users on the system, allowing impersonation and unauthorized access to remote hosts. SSH itself will refuse to use keys that are too permissive.",
|
|
62
63
|
},
|
|
63
64
|
{
|
|
64
|
-
id:
|
|
65
|
+
id: CHECK_IDS.SECRETS.SECRETS_GIT_CONFIG_TOKEN,
|
|
65
66
|
name: "No Tokens in Git Config",
|
|
66
67
|
severity: "critical",
|
|
67
68
|
check: (output) => {
|
|
@@ -83,7 +84,7 @@ const SECRETS_CHECKS = [
|
|
|
83
84
|
explain: "Tokens or passwords embedded in .git/config remote URLs (e.g., https://user:TOKEN@github.com/...) are stored in plaintext and readable by anyone with filesystem access to the repo directory.",
|
|
84
85
|
},
|
|
85
86
|
{
|
|
86
|
-
id:
|
|
87
|
+
id: CHECK_IDS.SECRETS.SECRETS_ETC_PLAINTEXT_CRED,
|
|
87
88
|
name: "No Plaintext Credentials in /etc Configs",
|
|
88
89
|
severity: "warning",
|
|
89
90
|
check: (output) => {
|
|
@@ -107,7 +108,7 @@ const SECRETS_CHECKS = [
|
|
|
107
108
|
explain: "Config files in /etc containing plaintext passwords or tokens are readable by system services and privileged users. Credentials should be stored in a secrets manager or environment-specific vault, not in world-accessible config files.",
|
|
108
109
|
},
|
|
109
110
|
{
|
|
110
|
-
id:
|
|
111
|
+
id: CHECK_IDS.SECRETS.SECRETS_ENV_IN_HOME,
|
|
111
112
|
name: "No Unprotected .env Files in Home Directories",
|
|
112
113
|
severity: "warning",
|
|
113
114
|
check: (output) => {
|
|
@@ -127,7 +128,7 @@ const SECRETS_CHECKS = [
|
|
|
127
128
|
explain: "Application .env files in user home directories may contain database passwords, API keys, and service tokens. Without proper permissions, these are readable by any local user on a shared system.",
|
|
128
129
|
},
|
|
129
130
|
{
|
|
130
|
-
id:
|
|
131
|
+
id: CHECK_IDS.SECRETS.SECRETS_WORLD_READABLE_KEYS,
|
|
131
132
|
name: "No World-Readable Private Key Files",
|
|
132
133
|
severity: "critical",
|
|
133
134
|
check: (output) => {
|
|
@@ -147,7 +148,7 @@ const SECRETS_CHECKS = [
|
|
|
147
148
|
explain: "World-readable private keys (TLS keys, SSH keys, service keys) allow any local user to decrypt traffic, forge signatures, or authenticate as the key owner. This is a direct secret exfiltration risk.",
|
|
148
149
|
},
|
|
149
150
|
{
|
|
150
|
-
id:
|
|
151
|
+
id: CHECK_IDS.SECRETS.SECRETS_AWS_CREDS_PERMS,
|
|
151
152
|
name: "AWS Credentials File Not Overly Permissive",
|
|
152
153
|
severity: "warning",
|
|
153
154
|
check: (output) => {
|
|
@@ -167,7 +168,7 @@ const SECRETS_CHECKS = [
|
|
|
167
168
|
explain: "AWS credentials files (~/.aws/credentials) containing access keys must not be world-readable. Exposure allows any local user to enumerate and access cloud resources, potentially leading to data exfiltration or infrastructure compromise.",
|
|
168
169
|
},
|
|
169
170
|
{
|
|
170
|
-
id:
|
|
171
|
+
id: CHECK_IDS.SECRETS.SECRETS_DOCKER_ENV_PERMS,
|
|
171
172
|
name: "Docker Compose .env Files Not World-Readable",
|
|
172
173
|
severity: "warning",
|
|
173
174
|
check: (output) => {
|
|
@@ -187,7 +188,7 @@ const SECRETS_CHECKS = [
|
|
|
187
188
|
explain: "Docker Compose .env files frequently contain database passwords, service tokens, and encryption keys injected as container environment variables. World-readable access exposes all application secrets to local users.",
|
|
188
189
|
},
|
|
189
190
|
{
|
|
190
|
-
id:
|
|
191
|
+
id: CHECK_IDS.SECRETS.SECRETS_NPMRC_TOKEN,
|
|
191
192
|
name: "No npm Auth Tokens in .npmrc",
|
|
192
193
|
severity: "warning",
|
|
193
194
|
check: (output) => {
|
|
@@ -207,7 +208,7 @@ const SECRETS_CHECKS = [
|
|
|
207
208
|
explain: "npm auth tokens in .npmrc files grant access to private npm registries and package publishing. World-readable .npmrc files expose these tokens to any local user, enabling package hijacking or credential theft.",
|
|
208
209
|
},
|
|
209
210
|
{
|
|
210
|
-
id:
|
|
211
|
+
id: CHECK_IDS.SECRETS.SECRETS_SSH_AUTHORIZED_KEYS_PERMS,
|
|
211
212
|
name: "SSH authorized_keys Files Properly Restricted",
|
|
212
213
|
severity: "info",
|
|
213
214
|
check: (output) => {
|
|
@@ -228,7 +229,7 @@ const SECRETS_CHECKS = [
|
|
|
228
229
|
explain: "Group or world-writable authorized_keys files can be modified by unprivileged users to insert their own public key, granting them passwordless SSH access to the account. SSH enforces strict permission checks on this file.",
|
|
229
230
|
},
|
|
230
231
|
{
|
|
231
|
-
id:
|
|
232
|
+
id: CHECK_IDS.SECRETS.SECRETS_NO_READABLE_HISTORY,
|
|
232
233
|
name: "No World-Readable Bash History Files",
|
|
233
234
|
severity: "warning",
|
|
234
235
|
check: (output) => {
|
|
@@ -247,7 +248,7 @@ const SECRETS_CHECKS = [
|
|
|
247
248
|
explain: "World-readable bash history files expose previously typed commands including passwords and API tokens.",
|
|
248
249
|
},
|
|
249
250
|
{
|
|
250
|
-
id:
|
|
251
|
+
id: CHECK_IDS.SECRETS.SECRETS_NO_SSH_AGENT_FORWARDING,
|
|
251
252
|
name: "SSH Agent Forwarding Not Globally Enabled",
|
|
252
253
|
severity: "info",
|
|
253
254
|
check: (output) => {
|
|
@@ -272,7 +273,7 @@ const SECRETS_CHECKS = [
|
|
|
272
273
|
explain: "SSH agent forwarding exposes the user's authentication agent to the remote server, enabling key hijacking.",
|
|
273
274
|
},
|
|
274
275
|
{
|
|
275
|
-
id:
|
|
276
|
+
id: CHECK_IDS.SECRETS.SECRETS_NO_AWS_CREDS_PLAINTEXT,
|
|
276
277
|
name: "AWS Credential Files Not Exposed",
|
|
277
278
|
severity: "warning",
|
|
278
279
|
check: (output) => {
|
|
@@ -306,7 +307,7 @@ const SECRETS_CHECKS = [
|
|
|
306
307
|
explain: "AWS credential files with excessive permissions allow local users to steal cloud access keys for lateral movement.",
|
|
307
308
|
},
|
|
308
309
|
{
|
|
309
|
-
id:
|
|
310
|
+
id: CHECK_IDS.SECRETS.SECRETS_NO_KUBECONFIG_EXPOSED,
|
|
310
311
|
name: "Kubeconfig Not Exposed",
|
|
311
312
|
severity: "warning",
|
|
312
313
|
check: (output) => {
|
|
@@ -342,7 +343,7 @@ const SECRETS_CHECKS = [
|
|
|
342
343
|
explain: "Exposed kubeconfig files contain cluster credentials that allow full Kubernetes cluster compromise.",
|
|
343
344
|
},
|
|
344
345
|
{
|
|
345
|
-
id:
|
|
346
|
+
id: CHECK_IDS.SECRETS.SECRETS_NO_SHELL_RC_SECRETS,
|
|
346
347
|
name: "No Secrets Exported in Shell RC Files",
|
|
347
348
|
severity: "warning",
|
|
348
349
|
check: (output) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/secrets.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAgBH,MAAM,cAAc,GAAsB;IACxC;QACE,EAAE,EAAE,4BAA4B;QAChC,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,iGAAiG;YACjG,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;YAC5D,2FAA2F;YAC3F,MAAM,gBAAgB,GAAG,CAAC,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YAC9E,OAAO;gBACL,MAAM,EAAE,CAAC,gBAAgB;gBACzB,YAAY,EAAE,gBAAgB;oBAC5B,CAAC,CAAC,yEAAyE;oBAC3E,CAAC,CAAC,oCAAoC;aACzC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EACR,oKAAoK;QACtK,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oNAAoN;KACvN;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,wCAAwC;QAC9C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,6FAA6F;YAC7F,2DAA2D;YAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,cAAc,GAAa,EAAE,CAAC;YACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,uDAAuD;gBACvD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;gBAC7F,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,mDAAmD;oBACnD,IAAI,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;wBACrC,cAAc,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;oBACzC,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;YAC3C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,4DAA4D;oBAC9D,CAAC,CAAC,uCAAuC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACnF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,8CAA8C;QAC7D,UAAU,EAAE,yJAAyJ;QACrK,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wNAAwN;KAC3N;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kFAAkF;YAClF,6CAA6C;YAC7C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACtE,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;YACzF,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClE,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,wDAAwD;oBAC1D,CAAC,CAAC,qDAAqD,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAC7F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,mDAAmD;QAClE,UAAU,EACR,+FAA+F;QACjG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,gMAAgM;KACnM;IACD;QACE,EAAE,EAAE,4BAA4B;QAChC,IAAI,EAAE,0CAA0C;QAChD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,4EAA4E;YAC5E,iEAAiE;YACjE,IAAI,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,wDAAwD,EAAE,CAAC;YAClG,CAAC;YACD,MAAM,YAAY,GAChB,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC;gBACrC,mCAAmC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnD,OAAO;gBACL,MAAM,EAAE,CAAC,YAAY;gBACrB,YAAY,EAAE,YAAY;oBACxB,CAAC,CAAC,8DAA8D;oBAChE,CAAC,CAAC,wDAAwD;aAC7D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EACR,gMAAgM;QAClM,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,4OAA4O;KAC/O;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,+CAA+C;QACrD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;YACpD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YACtD,MAAM,MAAM,GAAG,WAAW,IAAI,CAAC,YAAY,CAAC;YAC5C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,qDAAqD;oBACvD,CAAC,CAAC,6DAA6D;aAClE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uDAAuD;QACtE,UAAU,EACR,4DAA4D;QAC9D,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oMAAoM;KACvM;IACD;QACE,EAAE,EAAE,6BAA6B;QACjC,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,oBAAoB,GAAG,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YACnE,MAAM,mBAAmB,GAAG,MAAM,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC;YACtE,MAAM,MAAM,GAAG,mBAAmB,IAAI,CAAC,oBAAoB,CAAC;YAC5D,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,2CAA2C;oBAC7C,CAAC,CAAC,2CAA2C;aAChD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EACR,yJAAyJ;QAC3J,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wMAAwM;KAC3M;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,4CAA4C;QAClD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;YACvD,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;YACnD,MAAM,MAAM,GAAG,UAAU,IAAI,CAAC,WAAW,CAAC;YAC1C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,iDAAiD;oBACnD,CAAC,CAAC,wDAAwD;aAC7D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,2DAA2D;QAC1E,UAAU,EACR,gFAAgF;QAClF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,8OAA8O;KACjP;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,8CAA8C;QACpD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YACzD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,WAAW,IAAI,CAAC,YAAY,CAAC;YAC5C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,mDAAmD;oBACrD,CAAC,CAAC,mDAAmD;aACxD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EACR,uHAAuH;QACzH,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,yNAAyN;KAC5N;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;YAC3D,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,YAAY,IAAI,CAAC,aAAa,CAAC;YAC9C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,qDAAqD;oBACvD,CAAC,CAAC,0DAA0D;aAC/D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6CAA6C;QAC5D,UAAU,EACR,oEAAoE;QACtE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,mNAAmN;KACtN;IACD;QACE,EAAE,EAAE,mCAAmC;QACvC,IAAI,EAAE,+CAA+C;QACrD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,8EAA8E;YAC9E,gFAAgF;YAChF,MAAM,YAAY,GAAG,+BAA+B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClE,MAAM,MAAM,GAAG,CAAC,YAAY,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,sDAAsD;oBACxD,CAAC,CAAC,4DAA4D;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uEAAuE;QACtF,UAAU,EACR,6EAA6E;QAC/E,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,+NAA+N;KAClO;IACD;QACE,EAAE,EAAE,6BAA6B;QACjC,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kFAAkF;YAClF,MAAM,kBAAkB,GAAG,MAAM,KAAK,MAAM,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC9E,OAAO;gBACL,MAAM,EAAE,CAAC,kBAAkB;gBAC3B,YAAY,EAAE,kBAAkB;oBAC9B,CAAC,CAAC,0CAA0C;oBAC5C,CAAC,CAAC,gDAAgD;aACrD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4CAA4C;QAC3D,UAAU,EAAE,yDAAyD;QACrE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wGAAwG;KAC3G;IACD;QACE,EAAE,EAAE,iCAAiC;QACrC,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC5D,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,2EAA2E;gBAC3E,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,uDAAuD,EAAE,CAAC;YACjG,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,KAAK,KAAK,IAAI,CAAC;YAC9B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,4DAA4D;oBAC9D,CAAC,CAAC,4DAA4D;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EAAE,iFAAiF;QAC7F,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,4GAA4G;KAC/G;IACD;QACE,EAAE,EAAE,gCAAgC;QACpC,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,sEAAsE;YACtE,uDAAuD;YACvD,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,qBAAqB;gBACrB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,qCAAqC,EAAE,CAAC;YAC/E,CAAC;YACD,4DAA4D;YAC5D,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;YACxD,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBACxC,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpC,gDAAgD;gBAChD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;gBACzB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;gBACzC,OAAO,MAAM,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC;YACjC,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;YACrC,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,kDAAkD;oBACpD,CAAC,CAAC,2DAA2D,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACrF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EAAE,8BAA8B;QAC1C,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oHAAoH;KACvH;IACD;QACE,EAAE,EAAE,+BAA+B;QACnC,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2CAA2C;YAC3C,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC/E,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,iCAAiC,EAAE,CAAC;YAC3E,CAAC;YACD,gEAAgE;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACxD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACxC,MAAM,MAAM,GAAG,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,CAAC;gBAC5C,OAAO;oBACL,MAAM;oBACN,YAAY,EAAE,MAAM;wBAClB,CAAC,CAAC,uBAAuB,IAAI,WAAW;wBACxC,CAAC,CAAC,uBAAuB,IAAI,mBAAmB;iBACnD,CAAC;YACJ,CAAC;YACD,sDAAsD;YACtD,IAAI,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;gBACrC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,6CAA6C,EAAE,CAAC;YACvF,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,2DAA2D;aAC1E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EAAE,0BAA0B;QACtC,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,qGAAqG;KACxG;IACD;QACE,EAAE,EAAE,6BAA6B;QACjC,IAAI,EAAE,uCAAuC;QAC7C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,kBAAkB,GAAG,8DAA8D,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvG,OAAO;gBACL,MAAM,EAAE,CAAC,kBAAkB;gBAC3B,YAAY,EAAE,kBAAkB;oBAC9B,CAAC,CAAC,4CAA4C;oBAC9C,CAAC,CAAC,+CAA+C;aACpD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,qEAAqE;QACpF,UAAU,EAAE,4GAA4G;QACxH,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,uHAAuH;KAC1H;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAgB,CAC7C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAChC,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAE1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,SAAS;YACnB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAE1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/secrets.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAa3C,MAAM,cAAc,GAAsB;IACxC;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,0BAA0B;QAChD,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,iGAAiG;YACjG,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC;YAC5D,2FAA2F;YAC3F,MAAM,gBAAgB,GAAG,CAAC,UAAU,IAAI,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YAC9E,OAAO;gBACL,MAAM,EAAE,CAAC,gBAAgB;gBACzB,YAAY,EAAE,gBAAgB;oBAC5B,CAAC,CAAC,yEAAyE;oBAC3E,CAAC,CAAC,oCAAoC;aACzC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EACR,oKAAoK;QACtK,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oNAAoN;KACvN;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,qBAAqB;QAC3C,IAAI,EAAE,wCAAwC;QAC9C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,6FAA6F;YAC7F,2DAA2D;YAC3D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,cAAc,GAAa,EAAE,CAAC;YACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,uDAAuD;gBACvD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,kEAAkE,CAAC,CAAC;gBAC7F,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,mDAAmD;oBACnD,IAAI,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;wBACrC,cAAc,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC,CAAC;oBACzC,CAAC;gBACH,CAAC;YACH,CAAC;YACD,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,KAAK,CAAC,CAAC;YAC3C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,4DAA4D;oBAC9D,CAAC,CAAC,uCAAuC,cAAc,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACnF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,8CAA8C;QAC7D,UAAU,EAAE,yJAAyJ;QACrK,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wNAAwN;KAC3N;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,wBAAwB;QAC9C,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kFAAkF;YAClF,6CAA6C;YAC7C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACtE,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;YACzF,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAClE,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,wDAAwD;oBAC1D,CAAC,CAAC,qDAAqD,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aAC7F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,mDAAmD;QAClE,UAAU,EACR,+FAA+F;QACjG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,gMAAgM;KACnM;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,0BAA0B;QAChD,IAAI,EAAE,0CAA0C;QAChD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,4EAA4E;YAC5E,iEAAiE;YACjE,IAAI,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,wDAAwD,EAAE,CAAC;YAClG,CAAC;YACD,MAAM,YAAY,GAChB,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC;gBACrC,mCAAmC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnD,OAAO;gBACL,MAAM,EAAE,CAAC,YAAY;gBACrB,YAAY,EAAE,YAAY;oBACxB,CAAC,CAAC,8DAA8D;oBAChE,CAAC,CAAC,wDAAwD;aAC7D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EACR,gMAAgM;QAClM,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,4OAA4O;KAC/O;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,mBAAmB;QACzC,IAAI,EAAE,+CAA+C;QACrD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,aAAa,CAAC,CAAC;YACpD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YACtD,MAAM,MAAM,GAAG,WAAW,IAAI,CAAC,YAAY,CAAC;YAC5C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,qDAAqD;oBACvD,CAAC,CAAC,6DAA6D;aAClE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uDAAuD;QACtE,UAAU,EACR,4DAA4D;QAC9D,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oMAAoM;KACvM;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,2BAA2B;QACjD,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,oBAAoB,GAAG,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YACnE,MAAM,mBAAmB,GAAG,MAAM,CAAC,QAAQ,CAAC,wBAAwB,CAAC,CAAC;YACtE,MAAM,MAAM,GAAG,mBAAmB,IAAI,CAAC,oBAAoB,CAAC;YAC5D,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,2CAA2C;oBAC7C,CAAC,CAAC,2CAA2C;aAChD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EACR,yJAAyJ;QAC3J,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wMAAwM;KAC3M;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,uBAAuB;QAC7C,IAAI,EAAE,4CAA4C;QAClD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;YACvD,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;YACnD,MAAM,MAAM,GAAG,UAAU,IAAI,CAAC,WAAW,CAAC;YAC1C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,iDAAiD;oBACnD,CAAC,CAAC,wDAAwD;aAC7D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,2DAA2D;QAC1E,UAAU,EACR,gFAAgF;QAClF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,8OAA8O;KACjP;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,wBAAwB;QAC9C,IAAI,EAAE,8CAA8C;QACpD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YACzD,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,CAAC;YACrD,MAAM,MAAM,GAAG,WAAW,IAAI,CAAC,YAAY,CAAC;YAC5C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,mDAAmD;oBACrD,CAAC,CAAC,mDAAmD;aACxD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EACR,uHAAuH;QACzH,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,yNAAyN;KAC5N;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,mBAAmB;QACzC,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,mBAAmB,CAAC,CAAC;YAC3D,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,YAAY,IAAI,CAAC,aAAa,CAAC;YAC9C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,qDAAqD;oBACvD,CAAC,CAAC,0DAA0D;aAC/D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6CAA6C;QAC5D,UAAU,EACR,oEAAoE;QACtE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,mNAAmN;KACtN;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,iCAAiC;QACvD,IAAI,EAAE,+CAA+C;QACrD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,8EAA8E;YAC9E,gFAAgF;YAChF,MAAM,YAAY,GAAG,+BAA+B,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClE,MAAM,MAAM,GAAG,CAAC,YAAY,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,sDAAsD;oBACxD,CAAC,CAAC,4DAA4D;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uEAAuE;QACtF,UAAU,EACR,6EAA6E;QAC/E,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,+NAA+N;KAClO;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,2BAA2B;QACjD,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kFAAkF;YAClF,MAAM,kBAAkB,GAAG,MAAM,KAAK,MAAM,IAAI,gBAAgB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC9E,OAAO;gBACL,MAAM,EAAE,CAAC,kBAAkB;gBAC3B,YAAY,EAAE,kBAAkB;oBAC9B,CAAC,CAAC,0CAA0C;oBAC5C,CAAC,CAAC,gDAAgD;aACrD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4CAA4C;QAC3D,UAAU,EAAE,yDAAyD;QACrE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wGAAwG;KAC3G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,+BAA+B;QACrD,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC5D,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,2EAA2E;gBAC3E,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,uDAAuD,EAAE,CAAC;YACjG,CAAC;YACD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,KAAK,KAAK,IAAI,CAAC;YAC9B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,4DAA4D;oBAC9D,CAAC,CAAC,4DAA4D;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EAAE,iFAAiF;QAC7F,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,4GAA4G;KAC/G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,8BAA8B;QACpD,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,sEAAsE;YACtE,uDAAuD;YACvD,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,qBAAqB;gBACrB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,qCAAqC,EAAE,CAAC;YAC/E,CAAC;YACD,4DAA4D;YAC5D,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;YACxD,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBACxC,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;gBACpC,gDAAgD;gBAChD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAE,CAAC;gBACzB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,EAAE,CAAC,GAAG,EAAE,CAAC;gBACzC,OAAO,MAAM,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,CAAC;YACjC,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;YACrC,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,kDAAkD;oBACpD,CAAC,CAAC,2DAA2D,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;aACrF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EAAE,8BAA8B;QAC1C,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,oHAAoH;KACvH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,6BAA6B;QACnD,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2CAA2C;YAC3C,MAAM,UAAU,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC/E,IAAI,CAAC,UAAU,EAAE,CAAC;gBAChB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,iCAAiC,EAAE,CAAC;YAC3E,CAAC;YACD,gEAAgE;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC;YACxD,IAAI,SAAS,EAAE,CAAC;gBACd,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBACxC,MAAM,MAAM,GAAG,IAAI,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,CAAC;gBAC5C,OAAO;oBACL,MAAM;oBACN,YAAY,EAAE,MAAM;wBAClB,CAAC,CAAC,uBAAuB,IAAI,WAAW;wBACxC,CAAC,CAAC,uBAAuB,IAAI,mBAAmB;iBACnD,CAAC;YACJ,CAAC;YACD,sDAAsD;YACtD,IAAI,MAAM,CAAC,QAAQ,CAAC,eAAe,CAAC,EAAE,CAAC;gBACrC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,6CAA6C,EAAE,CAAC;YACvF,CAAC;YACD,OAAO;gBACL,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,2DAA2D;aAC1E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EAAE,0BAA0B;QACtC,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,qGAAqG;KACxG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,2BAA2B;QACjD,IAAI,EAAE,uCAAuC;QAC7C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,kBAAkB,GAAG,8DAA8D,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvG,OAAO;gBACL,MAAM,EAAE,CAAC,kBAAkB;gBAC3B,YAAY,EAAE,kBAAkB;oBAC9B,CAAC,CAAC,4CAA4C;oBAC9C,CAAC,CAAC,+CAA+C;aACpD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,qEAAqE;QACpF,UAAU,EAAE,4GAA4G;QACxH,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,uHAAuH;KAC1H;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAgB,CAC7C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAChC,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,SAAS;YACnB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"services.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/services.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA2gB5E,eAAO,MAAM,mBAAmB,EAAE,
|
|
1
|
+
{"version":3,"file":"services.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/services.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA2gB5E,eAAO,MAAM,mBAAmB,EAAE,WAuCjC,CAAC"}
|