mobbdev 1.0.143 → 1.0.147
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/index.mjs +27 -19
- package/package.json +1 -1
package/dist/index.mjs
CHANGED
|
@@ -1601,6 +1601,7 @@ var IssueType_Enum = /* @__PURE__ */ ((IssueType_Enum2) => {
|
|
|
1601
1601
|
IssueType_Enum2["Redos"] = "REDOS";
|
|
1602
1602
|
IssueType_Enum2["RegexInjection"] = "REGEX_INJECTION";
|
|
1603
1603
|
IssueType_Enum2["RegexMissingTimeout"] = "REGEX_MISSING_TIMEOUT";
|
|
1604
|
+
IssueType_Enum2["RequestParametersBoundViaInput"] = "REQUEST_PARAMETERS_BOUND_VIA_INPUT";
|
|
1604
1605
|
IssueType_Enum2["ReturnShouldNotBeInvariant"] = "RETURN_SHOULD_NOT_BE_INVARIANT";
|
|
1605
1606
|
IssueType_Enum2["SqlInjection"] = "SQL_Injection";
|
|
1606
1607
|
IssueType_Enum2["Ssrf"] = "SSRF";
|
|
@@ -2664,7 +2665,8 @@ var fixDetailsData = {
|
|
|
2664
2665
|
["PORT_ALL_INTERFACES" /* PortAllInterfaces */]: void 0,
|
|
2665
2666
|
["WRITABLE_FILESYSTEM_SERVICE" /* WritableFilesystemService */]: void 0,
|
|
2666
2667
|
["NO_NEW_PRIVILEGES" /* NoNewPrivileges */]: void 0,
|
|
2667
|
-
["USELESS_TERNARY" /* UselessTernary */]: void 0
|
|
2668
|
+
["USELESS_TERNARY" /* UselessTernary */]: void 0,
|
|
2669
|
+
["REQUEST_PARAMETERS_BOUND_VIA_INPUT" /* RequestParametersBoundViaInput */]: void 0
|
|
2668
2670
|
};
|
|
2669
2671
|
|
|
2670
2672
|
// src/features/analysis/scm/shared/src/getIssueType.ts
|
|
@@ -2790,7 +2792,8 @@ var issueTypeMap = {
|
|
|
2790
2792
|
["PORT_ALL_INTERFACES" /* PortAllInterfaces */]: "Port All Interfaces",
|
|
2791
2793
|
["WRITABLE_FILESYSTEM_SERVICE" /* WritableFilesystemService */]: "Writable Filesystem Service",
|
|
2792
2794
|
["NO_NEW_PRIVILEGES" /* NoNewPrivileges */]: "No New Privileges",
|
|
2793
|
-
["USELESS_TERNARY" /* UselessTernary */]: "Useless Ternary"
|
|
2795
|
+
["USELESS_TERNARY" /* UselessTernary */]: "Useless Ternary",
|
|
2796
|
+
["REQUEST_PARAMETERS_BOUND_VIA_INPUT" /* RequestParametersBoundViaInput */]: "Request Parameters Bound Via Input"
|
|
2794
2797
|
};
|
|
2795
2798
|
var issueTypeZ = z.nativeEnum(IssueType_Enum);
|
|
2796
2799
|
var getIssueTypeFriendlyString = (issueType) => {
|
|
@@ -3290,6 +3293,15 @@ var regexMissingTimeout = {
|
|
|
3290
3293
|
}
|
|
3291
3294
|
};
|
|
3292
3295
|
|
|
3296
|
+
// src/features/analysis/scm/shared/src/storedQuestionData/csharp/requestParametersBoundViaInput.ts
|
|
3297
|
+
var requestParametersBoundViaInput = {
|
|
3298
|
+
fieldsToCopy: {
|
|
3299
|
+
content: () => "Please list all the fields you expect as input from the user. Use comma separated list.",
|
|
3300
|
+
description: () => `This is meant to avoid mass assignment vulnerabilities, where the user would enter an inner unexpected field`,
|
|
3301
|
+
guidance: () => ""
|
|
3302
|
+
}
|
|
3303
|
+
};
|
|
3304
|
+
|
|
3293
3305
|
// src/features/analysis/scm/shared/src/storedQuestionData/csharp/sqlInjection.ts
|
|
3294
3306
|
var sqlInjection2 = {
|
|
3295
3307
|
databaseProvider: {
|
|
@@ -3445,7 +3457,8 @@ var vulnerabilities10 = {
|
|
|
3445
3457
|
["VALUE_SHADOWING" /* ValueShadowing */]: valueShadowing,
|
|
3446
3458
|
["INSECURE_RANDOMNESS" /* InsecureRandomness */]: insecureRandomness,
|
|
3447
3459
|
["INSUFFICIENT_LOGGING" /* InsufficientLogging */]: insufficientLogging,
|
|
3448
|
-
["SQL_Injection" /* SqlInjection */]: sqlInjection2
|
|
3460
|
+
["SQL_Injection" /* SqlInjection */]: sqlInjection2,
|
|
3461
|
+
["REQUEST_PARAMETERS_BOUND_VIA_INPUT" /* RequestParametersBoundViaInput */]: requestParametersBoundViaInput
|
|
3449
3462
|
};
|
|
3450
3463
|
var csharp_default2 = vulnerabilities10;
|
|
3451
3464
|
|
|
@@ -5227,23 +5240,18 @@ var ProjectVulnerabilityReport = z11.object({
|
|
|
5227
5240
|
expirationOn: z11.string()
|
|
5228
5241
|
})
|
|
5229
5242
|
});
|
|
5230
|
-
var
|
|
5231
|
-
|
|
5232
|
-
|
|
5233
|
-
|
|
5234
|
-
|
|
5235
|
-
|
|
5236
|
-
|
|
5237
|
-
|
|
5238
|
-
|
|
5239
|
-
|
|
5240
|
-
|
|
5241
|
-
}),
|
|
5242
|
-
expirationOn: z11.string()
|
|
5243
|
-
})
|
|
5244
|
-
}).array()
|
|
5243
|
+
var GetProjectsQueryZ = z11.object({
|
|
5244
|
+
organization: z11.object({
|
|
5245
|
+
id: z11.string(),
|
|
5246
|
+
projects: z11.array(
|
|
5247
|
+
z11.object({
|
|
5248
|
+
id: z11.string().uuid(),
|
|
5249
|
+
name: z11.string(),
|
|
5250
|
+
numberOfUniqueRepos: z11.number()
|
|
5251
|
+
})
|
|
5252
|
+
)
|
|
5253
|
+
})
|
|
5245
5254
|
});
|
|
5246
|
-
var GetProjectsQueryZ = z11.array(ProjectGetProjectZ);
|
|
5247
5255
|
var ProjectPageQueryResultZ = z11.object({
|
|
5248
5256
|
name: z11.string(),
|
|
5249
5257
|
id: z11.string().uuid(),
|