postquant 0.4.2 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +45 -27
- package/dist/commands/analyze.d.ts.map +1 -1
- package/dist/commands/analyze.js +18 -23
- package/dist/commands/analyze.js.map +1 -1
- package/dist/index.js +4 -2
- package/dist/index.js.map +1 -1
- package/dist/output/cbom.d.ts.map +1 -1
- package/dist/output/cbom.js +1 -13
- package/dist/output/cbom.js.map +1 -1
- package/dist/output/json-code.d.ts.map +1 -1
- package/dist/output/json-code.js +2 -13
- package/dist/output/json-code.js.map +1 -1
- package/dist/output/json.d.ts.map +1 -1
- package/dist/output/json.js +2 -13
- package/dist/output/json.js.map +1 -1
- package/dist/output/sarif.d.ts.map +1 -1
- package/dist/output/sarif.js +1 -13
- package/dist/output/sarif.js.map +1 -1
- package/dist/output/terminal-code.d.ts.map +1 -1
- package/dist/output/terminal-code.js +6 -13
- package/dist/output/terminal-code.js.map +1 -1
- package/dist/output/terminal.d.ts.map +1 -1
- package/dist/output/terminal.js +6 -13
- package/dist/output/terminal.js.map +1 -1
- package/dist/scanner/code/ast/analyzer.d.ts +8 -0
- package/dist/scanner/code/ast/analyzer.d.ts.map +1 -0
- package/dist/scanner/code/ast/analyzer.js +117 -0
- package/dist/scanner/code/ast/analyzer.js.map +1 -0
- package/dist/scanner/code/ast/import-resolver.d.ts +13 -0
- package/dist/scanner/code/ast/import-resolver.d.ts.map +1 -0
- package/dist/scanner/code/ast/import-resolver.js +198 -0
- package/dist/scanner/code/ast/import-resolver.js.map +1 -0
- package/dist/scanner/code/ast/merge.d.ts +11 -0
- package/dist/scanner/code/ast/merge.d.ts.map +1 -0
- package/dist/scanner/code/ast/merge.js +50 -0
- package/dist/scanner/code/ast/merge.js.map +1 -0
- package/dist/scanner/code/ast/parser.d.ts +9 -0
- package/dist/scanner/code/ast/parser.d.ts.map +1 -0
- package/dist/scanner/code/ast/parser.js +58 -0
- package/dist/scanner/code/ast/parser.js.map +1 -0
- package/dist/scanner/code/ast/patterns/index.d.ts +5 -0
- package/dist/scanner/code/ast/patterns/index.d.ts.map +1 -0
- package/dist/scanner/code/ast/patterns/index.js +13 -0
- package/dist/scanner/code/ast/patterns/index.js.map +1 -0
- package/dist/scanner/code/ast/patterns/javascript.d.ts +3 -0
- package/dist/scanner/code/ast/patterns/javascript.d.ts.map +1 -0
- package/dist/scanner/code/ast/patterns/javascript.js +113 -0
- package/dist/scanner/code/ast/patterns/javascript.js.map +1 -0
- package/dist/scanner/code/ast/patterns/python.d.ts +3 -0
- package/dist/scanner/code/ast/patterns/python.d.ts.map +1 -0
- package/dist/scanner/code/ast/patterns/python.js +165 -0
- package/dist/scanner/code/ast/patterns/python.js.map +1 -0
- package/dist/scanner/code/ast/patterns/types.d.ts +23 -0
- package/dist/scanner/code/ast/patterns/types.d.ts.map +1 -0
- package/dist/scanner/code/ast/patterns/types.js +2 -0
- package/dist/scanner/code/ast/patterns/types.js.map +1 -0
- package/dist/scanner/code/ast/scope-detector.d.ts +8 -0
- package/dist/scanner/code/ast/scope-detector.d.ts.map +1 -0
- package/dist/scanner/code/ast/scope-detector.js +116 -0
- package/dist/scanner/code/ast/scope-detector.js.map +1 -0
- package/dist/scanner/code/ast/variable-resolver.d.ts +11 -0
- package/dist/scanner/code/ast/variable-resolver.d.ts.map +1 -0
- package/dist/scanner/code/ast/variable-resolver.js +115 -0
- package/dist/scanner/code/ast/variable-resolver.js.map +1 -0
- package/dist/scanner/code/discovery.d.ts +2 -0
- package/dist/scanner/code/discovery.d.ts.map +1 -1
- package/dist/scanner/code/discovery.js +8 -1
- package/dist/scanner/code/discovery.js.map +1 -1
- package/dist/scanner/code/grader.d.ts.map +1 -1
- package/dist/scanner/code/grader.js +2 -0
- package/dist/scanner/code/grader.js.map +1 -1
- package/dist/scanner/code/matcher.js +14 -4
- package/dist/scanner/code/matcher.js.map +1 -1
- package/dist/scanner/code/patterns/c.d.ts +3 -0
- package/dist/scanner/code/patterns/c.d.ts.map +1 -0
- package/dist/scanner/code/patterns/c.js +359 -0
- package/dist/scanner/code/patterns/c.js.map +1 -0
- package/dist/scanner/code/patterns/go.d.ts.map +1 -1
- package/dist/scanner/code/patterns/go.js +54 -0
- package/dist/scanner/code/patterns/go.js.map +1 -1
- package/dist/scanner/code/patterns/index.d.ts +3 -1
- package/dist/scanner/code/patterns/index.d.ts.map +1 -1
- package/dist/scanner/code/patterns/index.js +5 -1
- package/dist/scanner/code/patterns/index.js.map +1 -1
- package/dist/scanner/code/patterns/java.d.ts.map +1 -1
- package/dist/scanner/code/patterns/java.js +46 -0
- package/dist/scanner/code/patterns/java.js.map +1 -1
- package/dist/scanner/code/patterns/javascript.d.ts.map +1 -1
- package/dist/scanner/code/patterns/javascript.js +58 -0
- package/dist/scanner/code/patterns/javascript.js.map +1 -1
- package/dist/scanner/code/patterns/python.d.ts.map +1 -1
- package/dist/scanner/code/patterns/python.js +59 -0
- package/dist/scanner/code/patterns/python.js.map +1 -1
- package/dist/scanner/code/patterns/rust.d.ts +3 -0
- package/dist/scanner/code/patterns/rust.d.ts.map +1 -0
- package/dist/scanner/code/patterns/rust.js +246 -0
- package/dist/scanner/code/patterns/rust.js.map +1 -0
- package/dist/scanner/code/risk-assessor.d.ts.map +1 -1
- package/dist/scanner/code/risk-assessor.js +37 -0
- package/dist/scanner/code/risk-assessor.js.map +1 -1
- package/dist/scanner/grader.d.ts.map +1 -1
- package/dist/scanner/grader.js +2 -0
- package/dist/scanner/grader.js.map +1 -1
- package/dist/types/index.d.ts +22 -4
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js.map +1 -1
- package/dist/utils/version.d.ts +2 -0
- package/dist/utils/version.d.ts.map +1 -0
- package/dist/utils/version.js +19 -0
- package/dist/utils/version.js.map +1 -0
- package/grammars/tree-sitter-python.wasm +0 -0
- package/grammars/tree-sitter-typescript.wasm +0 -0
- package/package.json +4 -2
|
@@ -3,9 +3,11 @@ import { pythonPatterns } from './python.js';
|
|
|
3
3
|
import { javascriptPatterns } from './javascript.js';
|
|
4
4
|
import { goPatterns } from './go.js';
|
|
5
5
|
import { javaPatterns } from './java.js';
|
|
6
|
+
import { cPatterns } from './c.js';
|
|
7
|
+
import { rustPatterns } from './rust.js';
|
|
6
8
|
/** Get all patterns for a specific language. */
|
|
7
9
|
export declare function getPatterns(language: Language): CryptoPattern[];
|
|
8
10
|
/** Get all patterns across all languages. */
|
|
9
11
|
export declare function getAllPatterns(): CryptoPattern[];
|
|
10
|
-
export { pythonPatterns, javascriptPatterns, goPatterns, javaPatterns };
|
|
12
|
+
export { pythonPatterns, javascriptPatterns, goPatterns, javaPatterns, cPatterns, rustPatterns };
|
|
11
13
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACvE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/index.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACvE,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAWzC,gDAAgD;AAChD,wBAAgB,WAAW,CAAC,QAAQ,EAAE,QAAQ,GAAG,aAAa,EAAE,CAE/D;AAED,6CAA6C;AAC7C,wBAAgB,cAAc,IAAI,aAAa,EAAE,CAEhD;AAED,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,UAAU,EAAE,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -2,11 +2,15 @@ import { pythonPatterns } from './python.js';
|
|
|
2
2
|
import { javascriptPatterns } from './javascript.js';
|
|
3
3
|
import { goPatterns } from './go.js';
|
|
4
4
|
import { javaPatterns } from './java.js';
|
|
5
|
+
import { cPatterns } from './c.js';
|
|
6
|
+
import { rustPatterns } from './rust.js';
|
|
5
7
|
const patternsByLanguage = {
|
|
6
8
|
python: pythonPatterns,
|
|
7
9
|
javascript: javascriptPatterns,
|
|
8
10
|
go: goPatterns,
|
|
9
11
|
java: javaPatterns,
|
|
12
|
+
c: cPatterns,
|
|
13
|
+
rust: rustPatterns,
|
|
10
14
|
};
|
|
11
15
|
/** Get all patterns for a specific language. */
|
|
12
16
|
export function getPatterns(language) {
|
|
@@ -16,5 +20,5 @@ export function getPatterns(language) {
|
|
|
16
20
|
export function getAllPatterns() {
|
|
17
21
|
return Object.values(patternsByLanguage).flat();
|
|
18
22
|
}
|
|
19
|
-
export { pythonPatterns, javascriptPatterns, goPatterns, javaPatterns };
|
|
23
|
+
export { pythonPatterns, javascriptPatterns, goPatterns, javaPatterns, cPatterns, rustPatterns };
|
|
20
24
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAEzC,MAAM,kBAAkB,GAAsC;IAC5D,MAAM,EAAE,cAAc;IACtB,UAAU,EAAE,kBAAkB;IAC9B,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,YAAY;CACnB,CAAC;AAEF,gDAAgD;AAChD,MAAM,UAAU,WAAW,CAAC,QAAkB;IAC5C,OAAO,kBAAkB,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;AAC5C,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,cAAc;IAC5B,OAAO,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,CAAC;AAClD,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,UAAU,EAAE,YAAY,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7C,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AACrD,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AACzC,OAAO,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACnC,OAAO,EAAE,YAAY,EAAE,MAAM,WAAW,CAAC;AAEzC,MAAM,kBAAkB,GAAsC;IAC5D,MAAM,EAAE,cAAc;IACtB,UAAU,EAAE,kBAAkB;IAC9B,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,YAAY;IAClB,CAAC,EAAE,SAAS;IACZ,IAAI,EAAE,YAAY;CACnB,CAAC;AAEF,gDAAgD;AAChD,MAAM,UAAU,WAAW,CAAC,QAAkB;IAC5C,OAAO,kBAAkB,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;AAC5C,CAAC;AAED,6CAA6C;AAC7C,MAAM,UAAU,cAAc;IAC5B,OAAO,MAAM,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC,IAAI,EAAE,CAAC;AAClD,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,UAAU,EAAE,YAAY,EAAE,SAAS,EAAE,YAAY,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"java.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/java.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAa,MAAM,yBAAyB,CAAC;AAExE,eAAO,MAAM,YAAY,EAAE,aAAa,
|
|
1
|
+
{"version":3,"file":"java.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/java.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAa,MAAM,yBAAyB,CAAC;AAExE,eAAO,MAAM,YAAY,EAAE,aAAa,EA2RvC,CAAC"}
|
|
@@ -235,5 +235,51 @@ export const javaPatterns = [
|
|
|
235
235
|
description: "AES-128 provides reduced security against quantum attacks (Grover's algorithm)",
|
|
236
236
|
migration: 'Use AES-256 for quantum-resistant symmetric encryption',
|
|
237
237
|
},
|
|
238
|
+
// === PQC ===
|
|
239
|
+
{
|
|
240
|
+
id: 'java-pqc-bc-provider',
|
|
241
|
+
language: 'java',
|
|
242
|
+
category: 'pqc-algorithm',
|
|
243
|
+
algorithm: 'PQC (Bouncy Castle)',
|
|
244
|
+
risk: 'safe',
|
|
245
|
+
confidence: 'high',
|
|
246
|
+
importPatterns: [/import\s+org\.bouncycastle\.pqc\./, /BouncyCastlePQCProvider/],
|
|
247
|
+
callPatterns: [
|
|
248
|
+
/BouncyCastlePQCProvider\s*\(/,
|
|
249
|
+
/getInstance\s*\(\s*["'](?:ML-KEM|ML-DSA|SLH-DSA|Kyber|Dilithium|SPHINCS)/,
|
|
250
|
+
],
|
|
251
|
+
description: 'Bouncy Castle PQC provider',
|
|
252
|
+
migration: 'Already using PQC — verify algorithm is NIST-approved (ML-KEM, ML-DSA, SLH-DSA)',
|
|
253
|
+
},
|
|
254
|
+
{
|
|
255
|
+
id: 'java-pqc-kem',
|
|
256
|
+
language: 'java',
|
|
257
|
+
category: 'pqc-algorithm',
|
|
258
|
+
algorithm: 'ML-KEM',
|
|
259
|
+
risk: 'safe',
|
|
260
|
+
confidence: 'high',
|
|
261
|
+
importPatterns: [/import\s+.*(?:mlkem|kyber|pqc)/i],
|
|
262
|
+
callPatterns: [
|
|
263
|
+
/getInstance\s*\(\s*["']ML-KEM/,
|
|
264
|
+
/KEM\.getInstance\s*\(/,
|
|
265
|
+
],
|
|
266
|
+
description: 'Java ML-KEM (FIPS 203) key encapsulation',
|
|
267
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
268
|
+
},
|
|
269
|
+
{
|
|
270
|
+
id: 'java-pqc-sig',
|
|
271
|
+
language: 'java',
|
|
272
|
+
category: 'pqc-algorithm',
|
|
273
|
+
algorithm: 'ML-DSA',
|
|
274
|
+
risk: 'safe',
|
|
275
|
+
confidence: 'high',
|
|
276
|
+
importPatterns: [/import\s+.*(?:mldsa|dilithium|pqc)/i],
|
|
277
|
+
callPatterns: [
|
|
278
|
+
/getInstance\s*\(\s*["']ML-DSA/,
|
|
279
|
+
/getInstance\s*\(\s*["']SLH-DSA/,
|
|
280
|
+
],
|
|
281
|
+
description: 'Java ML-DSA/SLH-DSA (FIPS 204/205) digital signatures',
|
|
282
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
283
|
+
},
|
|
238
284
|
];
|
|
239
285
|
//# sourceMappingURL=java.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"java.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/java.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,YAAY,GAAoB;IAC3C;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,+CAA+C,CAAC;QACjE,YAAY,EAAE;YACZ,iDAAiD;SAClD;QACD,gBAAgB,EAAE,gCAAgC;QAClD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,gDAAgD;SACjD;QACD,eAAe,EAAE,CAAC,oDAAoD,CAAC;QACvE,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,iDAAiD;SAClD;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,gDAAgD;YAChD,2DAA2D;SAC5D;QACD,WAAW,EAAE,mFAAmF;QAChG,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,mDAAmD;YACnD,qDAAqD;YACrD,mDAAmD;SACpD;QACD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,wCAAwC,CAAC;QAC1D,YAAY,EAAE;YACZ,oDAAoD;YACpD,iDAAiD;SAClD;QACD,WAAW,EAAE,+EAA+E;QAC5F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,sDAAsD;SACvD;QACD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,0CAA0C,CAAC;QAC5D,YAAY,EAAE;YACZ,8CAA8C;YAC9C,4CAA4C;YAC5C,uDAAuD;YACvD,gDAAgD;YAChD,8CAA8C;YAC9C,6CAA6C;SAC9C;QACD,WAAW,EAAE,4EAA4E;QACzF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,oCAAoC,CAAC;QACtD,YAAY,EAAE;YACZ,mCAAmC;SACpC;QACD,WAAW,EAAE,sEAAsE;QACnF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,sCAAsC;YACtC,mCAAmC;SACpC;QACD,WAAW,EAAE,yDAAyD;QACtE,SAAS,EAAE,iDAAiD;QAC5D,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,UAAU;QACd,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,4CAA4C;YAC5C,iCAAiC;SAClC;QACD,YAAY,EAAE;YACZ,8CAA8C;YAC9C,wCAAwC;SACzC;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,gDAAgD;YAChD,yCAAyC;SAC1C;QACD,WAAW,EAAE,oEAAoE;QACjF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,kDAAkD;YAClD,kDAAkD;YAClD,kDAAkD;YAClD,mDAAmD;YACnD,mDAAmD;YACnD,mDAAmD;YACnD,2CAA2C;YAC3C,2CAA2C;YAC3C,2CAA2C;SAC5C;QACD,WAAW,EAAE,4DAA4D;QACzE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,0CAA0C,CAAC;QAC5D,YAAY,EAAE;YACZ,6CAA6C;SAC9C;QACD,gBAAgB,EAAE,0BAA0B;QAC5C,WAAW,EAAE,CAAC,IAAY,EAAa,EAAE,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;QAC7E,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,wDAAwD;KACpE;CACF,CAAC"}
|
|
1
|
+
{"version":3,"file":"java.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/java.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,YAAY,GAAoB;IAC3C;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,+CAA+C,CAAC;QACjE,YAAY,EAAE;YACZ,iDAAiD;SAClD;QACD,gBAAgB,EAAE,gCAAgC;QAClD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,gDAAgD;SACjD;QACD,eAAe,EAAE,CAAC,oDAAoD,CAAC;QACvE,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,iDAAiD;SAClD;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,gDAAgD;YAChD,2DAA2D;SAC5D;QACD,WAAW,EAAE,mFAAmF;QAChG,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,mDAAmD;YACnD,qDAAqD;YACrD,mDAAmD;SACpD;QACD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,wCAAwC,CAAC;QAC1D,YAAY,EAAE;YACZ,oDAAoD;YACpD,iDAAiD;SAClD;QACD,WAAW,EAAE,+EAA+E;QAC5F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,sDAAsD;SACvD;QACD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,0CAA0C,CAAC;QAC5D,YAAY,EAAE;YACZ,8CAA8C;YAC9C,4CAA4C;YAC5C,uDAAuD;YACvD,gDAAgD;YAChD,8CAA8C;YAC9C,6CAA6C;SAC9C;QACD,WAAW,EAAE,4EAA4E;QACzF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,oCAAoC,CAAC;QACtD,YAAY,EAAE;YACZ,mCAAmC;SACpC;QACD,WAAW,EAAE,sEAAsE;QACnF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,sCAAsC;YACtC,mCAAmC;SACpC;QACD,WAAW,EAAE,yDAAyD;QACtE,SAAS,EAAE,iDAAiD;QAC5D,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,UAAU;QACd,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,4CAA4C;YAC5C,iCAAiC;SAClC;QACD,YAAY,EAAE;YACZ,8CAA8C;YAC9C,wCAAwC;SACzC;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,gDAAgD;YAChD,yCAAyC;SAC1C;QACD,WAAW,EAAE,oEAAoE;QACjF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,kDAAkD;YAClD,kDAAkD;YAClD,kDAAkD;YAClD,mDAAmD;YACnD,mDAAmD;YACnD,mDAAmD;YACnD,2CAA2C;YAC3C,2CAA2C;YAC3C,2CAA2C;SAC5C;QACD,WAAW,EAAE,4DAA4D;QACzE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,0CAA0C,CAAC;QAC5D,YAAY,EAAE;YACZ,6CAA6C;SAC9C;QACD,gBAAgB,EAAE,0BAA0B;QAC5C,WAAW,EAAE,CAAC,IAAY,EAAa,EAAE,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;QAC7E,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,wDAAwD;KACpE;IACD,cAAc;IACd;QACE,EAAE,EAAE,sBAAsB;QAC1B,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,qBAAqB;QAChC,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,mCAAmC,EAAE,yBAAyB,CAAC;QAChF,YAAY,EAAE;YACZ,8BAA8B;YAC9B,0EAA0E;SAC3E;QACD,WAAW,EAAE,4BAA4B;QACzC,SAAS,EAAE,iFAAiF;KAC7F;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,iCAAiC,CAAC;QACnD,YAAY,EAAE;YACZ,+BAA+B;YAC/B,uBAAuB;SACxB;QACD,WAAW,EAAE,0CAA0C;QACvD,SAAS,EAAE,yEAAyE;KACrF;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,qCAAqC,CAAC;QACvD,YAAY,EAAE;YACZ,+BAA+B;YAC/B,gCAAgC;SACjC;QACD,WAAW,EAAE,uDAAuD;QACpE,SAAS,EAAE,yEAAyE;KACrF;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"javascript.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/javascript.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAa,MAAM,yBAAyB,CAAC;AAExE,eAAO,MAAM,kBAAkB,EAAE,aAAa,
|
|
1
|
+
{"version":3,"file":"javascript.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/javascript.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAa,MAAM,yBAAyB,CAAC;AAExE,eAAO,MAAM,kBAAkB,EAAE,aAAa,EA2S7C,CAAC"}
|
|
@@ -239,5 +239,63 @@ export const javascriptPatterns = [
|
|
|
239
239
|
migration: 'Use HMAC-based JWT (HS256) for symmetric signing, or await PQC JWT standards',
|
|
240
240
|
cweId: 'CWE-327',
|
|
241
241
|
},
|
|
242
|
+
{
|
|
243
|
+
id: 'js-pqc-liboqs',
|
|
244
|
+
language: 'javascript',
|
|
245
|
+
category: 'pqc-algorithm',
|
|
246
|
+
algorithm: 'ML-KEM',
|
|
247
|
+
risk: 'safe',
|
|
248
|
+
confidence: 'high',
|
|
249
|
+
importPatterns: [
|
|
250
|
+
/require\s*\(\s*['"]liboqs/,
|
|
251
|
+
/from\s+['"]liboqs/,
|
|
252
|
+
],
|
|
253
|
+
callPatterns: [
|
|
254
|
+
/KeyEncapsulation\s*\(/,
|
|
255
|
+
/Signature\s*\(/,
|
|
256
|
+
],
|
|
257
|
+
description: 'liboqs-node PQC bindings',
|
|
258
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
259
|
+
},
|
|
260
|
+
{
|
|
261
|
+
id: 'js-pqc-crystals-kyber',
|
|
262
|
+
language: 'javascript',
|
|
263
|
+
category: 'pqc-algorithm',
|
|
264
|
+
algorithm: 'ML-KEM',
|
|
265
|
+
risk: 'safe',
|
|
266
|
+
confidence: 'high',
|
|
267
|
+
importPatterns: [
|
|
268
|
+
/require\s*\(\s*['"]crystals-kyber/,
|
|
269
|
+
/from\s+['"]crystals-kyber/,
|
|
270
|
+
/require\s*\(\s*['"]ml-kem/,
|
|
271
|
+
/from\s+['"]ml-kem/,
|
|
272
|
+
],
|
|
273
|
+
callPatterns: [
|
|
274
|
+
/MlKem\d*\s*[\.(]/,
|
|
275
|
+
/Kyber\d*\s*[\.(]/,
|
|
276
|
+
],
|
|
277
|
+
description: 'ML-KEM (Kyber) key encapsulation',
|
|
278
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
279
|
+
},
|
|
280
|
+
{
|
|
281
|
+
id: 'js-pqc-dilithium',
|
|
282
|
+
language: 'javascript',
|
|
283
|
+
category: 'pqc-algorithm',
|
|
284
|
+
algorithm: 'ML-DSA',
|
|
285
|
+
risk: 'safe',
|
|
286
|
+
confidence: 'high',
|
|
287
|
+
importPatterns: [
|
|
288
|
+
/require\s*\(\s*['"]crystals-dilithium/,
|
|
289
|
+
/from\s+['"]crystals-dilithium/,
|
|
290
|
+
/require\s*\(\s*['"]ml-dsa/,
|
|
291
|
+
/from\s+['"]ml-dsa/,
|
|
292
|
+
],
|
|
293
|
+
callPatterns: [
|
|
294
|
+
/MlDsa\d*\s*[\.(]/,
|
|
295
|
+
/Dilithium\d*\s*[\.(]/,
|
|
296
|
+
],
|
|
297
|
+
description: 'ML-DSA (Dilithium) digital signature',
|
|
298
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
299
|
+
},
|
|
242
300
|
];
|
|
243
301
|
//# sourceMappingURL=javascript.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"javascript.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/javascript.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,kBAAkB,GAAoB;IACjD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,sFAAsF;YACtF,wGAAwG;SACzG;QACD,YAAY,EAAE;YACZ,wCAAwC;YACxC,4CAA4C;YAC5C,oCAAoC;SACrC;QACD,gBAAgB,EAAE,2BAA2B;QAC7C,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,uCAAuC;YACvC,mCAAmC;SACpC;QACD,eAAe,EAAE,CAAC,0DAA0D,CAAC;QAC7E,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,iDAAiD;YACjD,+CAA+C;YAC/C,gDAAgD;YAChD,8CAA8C;SAC/C;QACD,WAAW,EAAE,qFAAqF;QAClG,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,wCAAwC;YACxC,oCAAoC;SACrC;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,8EAA8E;YAC9E,gGAAgG;SACjG;QACD,YAAY,EAAE,CAAC,0BAA0B,CAAC;QAC1C,WAAW,EAAE,mFAAmF;QAChG,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,CAAC,iBAAiB,CAAC;QACjC,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,oCAAoC;YACpC,2CAA2C;SAC5C;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,qCAAqC;YACrC,6CAA6C;SAC9C;QACD,WAAW,EAAE,oEAAoE;QACjF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,uCAAuC;YACvC,uCAAuC;YACvC,uCAAuC;YACvC,+CAA+C;YAC/C,+CAA+C;YAC/C,+CAA+C;SAChD;QACD,WAAW,EAAE,sDAAsD;QACnE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,YAAY,EAAE;YACZ,oCAAoC;YACpC,sCAAsC;SACvC;QACD,gBAAgB,EAAE,WAAW;QAC7B,WAAW,EAAE,CAAC,IAAY,EAAa,EAAE,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;QAC7E,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,wDAAwD;KACpE;IACD;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,qCAAqC;YACrC,uCAAuC;SACxC;QACD,WAAW,EAAE,qDAAqD;QAClE,SAAS,EAAE,iDAAiD;QAC5D,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,+DAA+D;YAC/D,8DAA8D;YAC9D,wEAAwE;YACxE,6CAA6C;SAC9C;QACD,WAAW,EAAE,iFAAiF;QAC9F,SAAS,EAAE,+EAA+E;QAC1F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,4DAA4D;YAC5D,2DAA2D;YAC3D,qDAAqD;SACtD;QACD,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,WAAW;QACtB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,wCAAwC;YACxC,sDAAsD;YACtD,0CAA0C;SAC3C;QACD,YAAY,EAAE;YACZ,8DAA8D;YAC9D,kDAAkD;YAClD,2FAA2F;YAC3F,+EAA+E;YAC/E,oDAAoD;SACrD;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,8EAA8E;QACzF,KAAK,EAAE,SAAS;KACjB;CACF,CAAC"}
|
|
1
|
+
{"version":3,"file":"javascript.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/javascript.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,kBAAkB,GAAoB;IACjD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,sFAAsF;YACtF,wGAAwG;SACzG;QACD,YAAY,EAAE;YACZ,wCAAwC;YACxC,4CAA4C;YAC5C,oCAAoC;SACrC;QACD,gBAAgB,EAAE,2BAA2B;QAC7C,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,uCAAuC;YACvC,mCAAmC;SACpC;QACD,eAAe,EAAE,CAAC,0DAA0D,CAAC;QAC7E,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,iDAAiD;YACjD,+CAA+C;YAC/C,gDAAgD;YAChD,8CAA8C;SAC/C;QACD,WAAW,EAAE,qFAAqF;QAClG,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,wCAAwC;YACxC,oCAAoC;SACrC;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,8EAA8E;YAC9E,gGAAgG;SACjG;QACD,YAAY,EAAE,CAAC,0BAA0B,CAAC;QAC1C,WAAW,EAAE,mFAAmF;QAChG,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,CAAC,iBAAiB,CAAC;QACjC,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,oCAAoC;YACpC,2CAA2C;SAC5C;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,qCAAqC;YACrC,6CAA6C;SAC9C;QACD,WAAW,EAAE,oEAAoE;QACjF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,uCAAuC;YACvC,uCAAuC;YACvC,uCAAuC;YACvC,+CAA+C;YAC/C,+CAA+C;YAC/C,+CAA+C;SAChD;QACD,WAAW,EAAE,sDAAsD;QACnE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,QAAQ;QACZ,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,YAAY,EAAE;YACZ,oCAAoC;YACpC,sCAAsC;SACvC;QACD,gBAAgB,EAAE,WAAW;QAC7B,WAAW,EAAE,CAAC,IAAY,EAAa,EAAE,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;QAC7E,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,wDAAwD;KACpE;IACD;QACE,EAAE,EAAE,SAAS;QACb,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,qCAAqC;YACrC,uCAAuC;SACxC;QACD,WAAW,EAAE,qDAAqD;QAClE,SAAS,EAAE,iDAAiD;QAC5D,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,+DAA+D;YAC/D,8DAA8D;YAC9D,wEAAwE;YACxE,6CAA6C;SAC9C;QACD,WAAW,EAAE,iFAAiF;QAC9F,SAAS,EAAE,+EAA+E;QAC1F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,4DAA4D;YAC5D,2DAA2D;YAC3D,qDAAqD;SACtD;QACD,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,WAAW;QACtB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,wCAAwC;YACxC,sDAAsD;YACtD,0CAA0C;SAC3C;QACD,YAAY,EAAE;YACZ,8DAA8D;YAC9D,kDAAkD;YAClD,2FAA2F;YAC3F,+EAA+E;YAC/E,oDAAoD;SACrD;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,8EAA8E;QACzF,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,2BAA2B;YAC3B,mBAAmB;SACpB;QACD,YAAY,EAAE;YACZ,uBAAuB;YACvB,gBAAgB;SACjB;QACD,WAAW,EAAE,0BAA0B;QACvC,SAAS,EAAE,yEAAyE;KACrF;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,mCAAmC;YACnC,2BAA2B;YAC3B,2BAA2B;YAC3B,mBAAmB;SACpB;QACD,YAAY,EAAE;YACZ,kBAAkB;YAClB,kBAAkB;SACnB;QACD,WAAW,EAAE,kCAAkC;QAC/C,SAAS,EAAE,yEAAyE;KACrF;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,YAAY;QACtB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,uCAAuC;YACvC,+BAA+B;YAC/B,2BAA2B;YAC3B,mBAAmB;SACpB;QACD,YAAY,EAAE;YACZ,kBAAkB;YAClB,sBAAsB;SACvB;QACD,WAAW,EAAE,sCAAsC;QACnD,SAAS,EAAE,yEAAyE;KACrF;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"python.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/python.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAa,MAAM,yBAAyB,CAAC;AAExE,eAAO,MAAM,cAAc,EAAE,aAAa,
|
|
1
|
+
{"version":3,"file":"python.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/python.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAa,MAAM,yBAAyB,CAAC;AAExE,eAAO,MAAM,cAAc,EAAE,aAAa,EAyTzC,CAAC"}
|
|
@@ -251,5 +251,64 @@ export const pythonPatterns = [
|
|
|
251
251
|
description: "AES-128 provides reduced security against quantum attacks (Grover's algorithm)",
|
|
252
252
|
migration: 'Use AES-256 for quantum-resistant symmetric encryption',
|
|
253
253
|
},
|
|
254
|
+
// --- PQC patterns ---
|
|
255
|
+
{
|
|
256
|
+
id: 'python-pqc-oqs-kem',
|
|
257
|
+
language: 'python',
|
|
258
|
+
category: 'pqc-algorithm',
|
|
259
|
+
algorithm: 'ML-KEM',
|
|
260
|
+
risk: 'safe',
|
|
261
|
+
confidence: 'high',
|
|
262
|
+
importPatterns: [
|
|
263
|
+
/import\s+oqs/,
|
|
264
|
+
/from\s+oqs\s+import/,
|
|
265
|
+
],
|
|
266
|
+
callPatterns: [
|
|
267
|
+
/oqs\.KeyEncapsulation\s*\(/,
|
|
268
|
+
/KeyEncapsulation\s*\(/,
|
|
269
|
+
],
|
|
270
|
+
description: 'liboqs ML-KEM (FIPS 203) key encapsulation',
|
|
271
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
272
|
+
nistRef: 'FIPS 203',
|
|
273
|
+
},
|
|
274
|
+
{
|
|
275
|
+
id: 'python-pqc-oqs-sig',
|
|
276
|
+
language: 'python',
|
|
277
|
+
category: 'pqc-algorithm',
|
|
278
|
+
algorithm: 'ML-DSA',
|
|
279
|
+
risk: 'safe',
|
|
280
|
+
confidence: 'high',
|
|
281
|
+
importPatterns: [
|
|
282
|
+
/import\s+oqs/,
|
|
283
|
+
/from\s+oqs\s+import/,
|
|
284
|
+
],
|
|
285
|
+
callPatterns: [
|
|
286
|
+
/oqs\.Signature\s*\(/,
|
|
287
|
+
/Signature\s*\(\s*["'](?:ML-DSA|Dilithium)/,
|
|
288
|
+
],
|
|
289
|
+
description: 'liboqs ML-DSA (FIPS 204) digital signature',
|
|
290
|
+
migration: 'Already using PQC — verify parameter choices match NIST recommendations',
|
|
291
|
+
nistRef: 'FIPS 204',
|
|
292
|
+
},
|
|
293
|
+
{
|
|
294
|
+
id: 'python-pqc-pqcrypto',
|
|
295
|
+
language: 'python',
|
|
296
|
+
category: 'pqc-algorithm',
|
|
297
|
+
algorithm: 'PQC (pqcrypto)',
|
|
298
|
+
risk: 'safe',
|
|
299
|
+
confidence: 'high',
|
|
300
|
+
importPatterns: [
|
|
301
|
+
/from\s+pqcrypto\.\w+\.\w+\s+import/,
|
|
302
|
+
/import\s+pqcrypto/,
|
|
303
|
+
],
|
|
304
|
+
callPatterns: [
|
|
305
|
+
/pqcrypto\.\w+\.\w+\./,
|
|
306
|
+
/generate_keypair\s*\(/,
|
|
307
|
+
/encrypt\s*\(/,
|
|
308
|
+
/sign\s*\(/,
|
|
309
|
+
],
|
|
310
|
+
description: 'pqcrypto Python bindings for PQC algorithms',
|
|
311
|
+
migration: 'Already using PQC — verify algorithm is NIST-approved (ML-KEM, ML-DSA, SLH-DSA)',
|
|
312
|
+
},
|
|
254
313
|
];
|
|
255
314
|
//# sourceMappingURL=python.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"python.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/python.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,oEAAoE;YACpE,yCAAyC;SAC1C;QACD,YAAY,EAAE;YACZ,gCAAgC;YAChC,oBAAoB;SACrB;QACD,gBAAgB,EAAE,iDAAiD;QACnE,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,wEAAwE;YACxE,mCAAmC;SACpC;QACD,YAAY,EAAE;YACZ,2CAA2C;YAC3C,oBAAoB;YACpB,eAAe;SAChB;QACD,WAAW,EAAE,+EAA+E;QAC5F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,mEAAmE;YACnE,yCAAyC;SAC1C;QACD,YAAY,EAAE;YACZ,+BAA+B;YAC/B,oBAAoB;SACrB;QACD,eAAe,EAAE,CAAC,iDAAiD,CAAC;QACpE,WAAW,EAAE,qFAAqF;QAClG,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,6BAA6B;YAC7B,eAAe;SAChB;QACD,WAAW,EAAE,iFAAiF;QAC9F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,CAAC,mCAAmC,CAAC;QACnD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,sEAAsE;YACtE,oEAAoE;SACrE;QACD,YAAY,EAAE;YACZ,iCAAiC;YACjC,+BAA+B;SAChC;QACD,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,uEAAuE;YACvE,qEAAqE;SACtE;QACD,YAAY,EAAE;YACZ,kCAAkC;YAClC,gCAAgC;SACjC;QACD,WAAW,EAAE,iFAAiF;QAC9F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,oEAAoE;YACpE,yCAAyC;SAC1C;QACD,YAAY,EAAE;YACZ,gCAAgC;YAChC,oBAAoB;SACrB;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,mEAAmE;SACpE;QACD,YAAY,EAAE,CAAC,8BAA8B,CAAC;QAC9C,WAAW,EAAE,mFAAmF;QAChG,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,YAAY;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,kBAAkB;YAClB,oCAAoC;SACrC;QACD,YAAY,EAAE;YACZ,mBAAmB;YACnB,iCAAiC;YACjC,kBAAkB;YAClB,eAAe;SAChB;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,kBAAkB;YAClB,qCAAqC;SACtC;QACD,YAAY,EAAE;YACZ,oBAAoB;YACpB,kCAAkC;YAClC,mBAAmB;YACnB,gBAAgB;SACjB;QACD,WAAW,EAAE,oEAAoE;QACjF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,sBAAsB;YACtB,sBAAsB;YACtB,sBAAsB;YACtB,wBAAwB;YACxB,wBAAwB;YACxB,wBAAwB;YACxB,qBAAqB;YACrB,qBAAqB;YACrB,qBAAqB;YACrB,uBAAuB;SACxB;QACD,WAAW,EAAE,4DAA4D;QACzE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,YAAY;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE;YACd,2DAA2D;YAC3D,sCAAsC;SACvC;QACD,YAAY,EAAE;YACZ,sBAAsB;YACtB,eAAe;SAChB;QACD,gBAAgB,EAAE,+BAA+B;QACjD,WAAW,EAAE,CAAC,IAAY,EAAa,EAAE,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;QAC7E,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,wDAAwD;KACpE;CACF,CAAC"}
|
|
1
|
+
{"version":3,"file":"python.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/python.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,oEAAoE;YACpE,yCAAyC;SAC1C;QACD,YAAY,EAAE;YACZ,gCAAgC;YAChC,oBAAoB;SACrB;QACD,gBAAgB,EAAE,iDAAiD;QACnE,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,wEAAwE;YACxE,mCAAmC;SACpC;QACD,YAAY,EAAE;YACZ,2CAA2C;YAC3C,oBAAoB;YACpB,eAAe;SAChB;QACD,WAAW,EAAE,+EAA+E;QAC5F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,mEAAmE;YACnE,yCAAyC;SAC1C;QACD,YAAY,EAAE;YACZ,+BAA+B;YAC/B,oBAAoB;SACrB;QACD,eAAe,EAAE,CAAC,iDAAiD,CAAC;QACpE,WAAW,EAAE,qFAAqF;QAClG,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,6BAA6B;YAC7B,eAAe;SAChB;QACD,WAAW,EAAE,iFAAiF;QAC9F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE,CAAC,mCAAmC,CAAC;QACnD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,sEAAsE;YACtE,oEAAoE;SACrE;QACD,YAAY,EAAE;YACZ,iCAAiC;YACjC,+BAA+B;SAChC;QACD,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,uEAAuE;YACvE,qEAAqE;SACtE;QACD,YAAY,EAAE;YACZ,kCAAkC;YAClC,gCAAgC;SACjC;QACD,WAAW,EAAE,iFAAiF;QAC9F,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,oEAAoE;YACpE,yCAAyC;SAC1C;QACD,YAAY,EAAE;YACZ,gCAAgC;YAChC,oBAAoB;SACrB;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,IAAI;QACf,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,mEAAmE;SACpE;QACD,YAAY,EAAE,CAAC,8BAA8B,CAAC;QAC9C,WAAW,EAAE,mFAAmF;QAChG,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,YAAY;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,kBAAkB;YAClB,oCAAoC;SACrC;QACD,YAAY,EAAE;YACZ,mBAAmB;YACnB,iCAAiC;YACjC,kBAAkB;YAClB,eAAe;SAChB;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,kBAAkB;YAClB,qCAAqC;SACtC;QACD,YAAY,EAAE;YACZ,oBAAoB;YACpB,kCAAkC;YAClC,mBAAmB;YACnB,gBAAgB;SACjB;QACD,WAAW,EAAE,oEAAoE;QACjF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,YAAY,EAAE;YACZ,sBAAsB;YACtB,sBAAsB;YACtB,sBAAsB;YACtB,wBAAwB;YACxB,wBAAwB;YACxB,wBAAwB;YACxB,qBAAqB;YACrB,qBAAqB;YACrB,qBAAqB;YACrB,uBAAuB;SACxB;QACD,WAAW,EAAE,4DAA4D;QACzE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,YAAY;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE;YACd,2DAA2D;YAC3D,sCAAsC;SACvC;QACD,YAAY,EAAE;YACZ,sBAAsB;YACtB,eAAe;SAChB;QACD,gBAAgB,EAAE,+BAA+B;QACjD,WAAW,EAAE,CAAC,IAAY,EAAa,EAAE,CAAC,CAAC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC;QAC7E,WAAW,EAAE,gFAAgF;QAC7F,SAAS,EAAE,wDAAwD;KACpE;IAED,uBAAuB;IACvB;QACE,EAAE,EAAE,oBAAoB;QACxB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,cAAc;YACd,qBAAqB;SACtB;QACD,YAAY,EAAE;YACZ,4BAA4B;YAC5B,uBAAuB;SACxB;QACD,WAAW,EAAE,4CAA4C;QACzD,SAAS,EAAE,yEAAyE;QACpF,OAAO,EAAE,UAAU;KACpB;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,QAAQ;QACnB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,cAAc;YACd,qBAAqB;SACtB;QACD,YAAY,EAAE;YACZ,qBAAqB;YACrB,2CAA2C;SAC5C;QACD,WAAW,EAAE,4CAA4C;QACzD,SAAS,EAAE,yEAAyE;QACpF,OAAO,EAAE,UAAU;KACpB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,gBAAgB;QAC3B,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE;YACd,oCAAoC;YACpC,mBAAmB;SACpB;QACD,YAAY,EAAE;YACZ,sBAAsB;YACtB,uBAAuB;YACvB,cAAc;YACd,WAAW;SACZ;QACD,WAAW,EAAE,6CAA6C;QAC1D,SAAS,EAAE,iFAAiF;KAC7F;CACF,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rust.d.ts","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/rust.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,yBAAyB,CAAC;AAE7D,eAAO,MAAM,YAAY,EAAE,aAAa,EAoPvC,CAAC"}
|
|
@@ -0,0 +1,246 @@
|
|
|
1
|
+
export const rustPatterns = [
|
|
2
|
+
// === ring ===
|
|
3
|
+
{
|
|
4
|
+
id: 'rust-ring-agreement',
|
|
5
|
+
language: 'rust',
|
|
6
|
+
category: 'key-exchange',
|
|
7
|
+
algorithm: 'ECDH',
|
|
8
|
+
risk: 'critical',
|
|
9
|
+
confidence: 'medium',
|
|
10
|
+
importPatterns: [/use ring::agreement/],
|
|
11
|
+
callPatterns: [
|
|
12
|
+
/agreement::EphemeralPrivateKey::generate/,
|
|
13
|
+
/agreement::agree_ephemeral/,
|
|
14
|
+
/agreement::UnparsedPublicKey::new/,
|
|
15
|
+
],
|
|
16
|
+
description: "ring ECDH key agreement is vulnerable to quantum attacks via Shor's algorithm",
|
|
17
|
+
migration: 'Migrate to ML-KEM (FIPS 203) for key encapsulation',
|
|
18
|
+
nistRef: 'FIPS 203',
|
|
19
|
+
cweId: 'CWE-327',
|
|
20
|
+
},
|
|
21
|
+
{
|
|
22
|
+
id: 'rust-ring-signature',
|
|
23
|
+
language: 'rust',
|
|
24
|
+
category: 'digital-signature',
|
|
25
|
+
algorithm: 'Ed25519/RSA/ECDSA',
|
|
26
|
+
risk: 'critical',
|
|
27
|
+
confidence: 'medium',
|
|
28
|
+
importPatterns: [/use ring::signature/],
|
|
29
|
+
callPatterns: [
|
|
30
|
+
/signature::Ed25519KeyPair::from_/,
|
|
31
|
+
/signature::RsaKeyPair::from_/,
|
|
32
|
+
/key_pair\.sign\s*\(/,
|
|
33
|
+
/signature::UnparsedPublicKey::new/,
|
|
34
|
+
/signature::EcdsaKeyPair::from_/,
|
|
35
|
+
],
|
|
36
|
+
description: "ring signature operations (Ed25519/RSA/ECDSA) are vulnerable to quantum attacks via Shor's algorithm",
|
|
37
|
+
migration: 'Migrate to ML-DSA (FIPS 204) for digital signatures',
|
|
38
|
+
nistRef: 'FIPS 204',
|
|
39
|
+
cweId: 'CWE-327',
|
|
40
|
+
},
|
|
41
|
+
{
|
|
42
|
+
id: 'rust-ring-aead',
|
|
43
|
+
language: 'rust',
|
|
44
|
+
category: 'safe-symmetric',
|
|
45
|
+
algorithm: 'AES-GCM/ChaCha20',
|
|
46
|
+
risk: 'safe',
|
|
47
|
+
confidence: 'medium',
|
|
48
|
+
importPatterns: [/use ring::aead/],
|
|
49
|
+
callPatterns: [
|
|
50
|
+
/aead::SealingKey::new/,
|
|
51
|
+
/aead::OpeningKey::new/,
|
|
52
|
+
/aead::LessSafeKey::new/,
|
|
53
|
+
/aead::UnboundKey::new/,
|
|
54
|
+
],
|
|
55
|
+
description: 'ring AEAD encryption is quantum-resistant',
|
|
56
|
+
migration: 'No migration needed — already quantum-safe',
|
|
57
|
+
},
|
|
58
|
+
{
|
|
59
|
+
id: 'rust-ring-digest',
|
|
60
|
+
language: 'rust',
|
|
61
|
+
category: 'safe-hash',
|
|
62
|
+
algorithm: 'SHA-256',
|
|
63
|
+
risk: 'safe',
|
|
64
|
+
confidence: 'medium',
|
|
65
|
+
importPatterns: [/use ring::digest/],
|
|
66
|
+
callPatterns: [
|
|
67
|
+
/digest::digest\s*\(/,
|
|
68
|
+
/digest::Context::new/,
|
|
69
|
+
],
|
|
70
|
+
description: 'ring digest functions are quantum-resistant hash functions',
|
|
71
|
+
migration: 'No migration needed — already quantum-safe',
|
|
72
|
+
},
|
|
73
|
+
// === RustCrypto ===
|
|
74
|
+
{
|
|
75
|
+
id: 'rust-rsa-crate',
|
|
76
|
+
language: 'rust',
|
|
77
|
+
category: 'asymmetric-encryption',
|
|
78
|
+
algorithm: 'RSA',
|
|
79
|
+
risk: 'critical',
|
|
80
|
+
confidence: 'medium',
|
|
81
|
+
importPatterns: [/use rsa::/],
|
|
82
|
+
callPatterns: [
|
|
83
|
+
/RsaPrivateKey::new/,
|
|
84
|
+
/RsaPublicKey::new/,
|
|
85
|
+
/RsaPrivateKey::from_/,
|
|
86
|
+
/RsaPublicKey::from_/,
|
|
87
|
+
],
|
|
88
|
+
description: "RSA operations are vulnerable to quantum attacks via Shor's algorithm",
|
|
89
|
+
migration: 'Migrate to ML-KEM (FIPS 203) for encryption or ML-DSA (FIPS 204) for signatures',
|
|
90
|
+
nistRef: 'FIPS 203/204',
|
|
91
|
+
cweId: 'CWE-327',
|
|
92
|
+
},
|
|
93
|
+
{
|
|
94
|
+
id: 'rust-ecdsa-crate',
|
|
95
|
+
language: 'rust',
|
|
96
|
+
category: 'digital-signature',
|
|
97
|
+
algorithm: 'ECDSA',
|
|
98
|
+
risk: 'critical',
|
|
99
|
+
confidence: 'medium',
|
|
100
|
+
importPatterns: [
|
|
101
|
+
/use ecdsa::/,
|
|
102
|
+
/use p256::ecdsa/,
|
|
103
|
+
/use p384::ecdsa/,
|
|
104
|
+
/use k256::ecdsa/,
|
|
105
|
+
],
|
|
106
|
+
callPatterns: [
|
|
107
|
+
/SigningKey::random/,
|
|
108
|
+
/SigningKey::from_/,
|
|
109
|
+
/VerifyingKey::from_/,
|
|
110
|
+
/ecdsa::SigningKey/,
|
|
111
|
+
],
|
|
112
|
+
description: "ECDSA operations are vulnerable to quantum attacks via Shor's algorithm",
|
|
113
|
+
migration: 'Migrate to ML-DSA (FIPS 204) for digital signatures',
|
|
114
|
+
nistRef: 'FIPS 204',
|
|
115
|
+
cweId: 'CWE-327',
|
|
116
|
+
},
|
|
117
|
+
{
|
|
118
|
+
id: 'rust-aes-crate',
|
|
119
|
+
language: 'rust',
|
|
120
|
+
category: 'safe-symmetric',
|
|
121
|
+
algorithm: 'AES-GCM/ChaCha20',
|
|
122
|
+
risk: 'safe',
|
|
123
|
+
confidence: 'medium',
|
|
124
|
+
importPatterns: [
|
|
125
|
+
/use aes_gcm::/,
|
|
126
|
+
/use aes::/,
|
|
127
|
+
/use chacha20poly1305::/,
|
|
128
|
+
],
|
|
129
|
+
callPatterns: [
|
|
130
|
+
/Aes256Gcm::new/,
|
|
131
|
+
/Aes128Gcm::new/,
|
|
132
|
+
/Aes256Gcm::new_from_slice/,
|
|
133
|
+
/Aes128Gcm::new_from_slice/,
|
|
134
|
+
/ChaCha20Poly1305::new/,
|
|
135
|
+
/XChaCha20Poly1305::new/,
|
|
136
|
+
],
|
|
137
|
+
description: 'AES-GCM and ChaCha20-Poly1305 are quantum-resistant symmetric encryption',
|
|
138
|
+
migration: 'No migration needed — already quantum-safe',
|
|
139
|
+
},
|
|
140
|
+
{
|
|
141
|
+
id: 'rust-sha-crate',
|
|
142
|
+
language: 'rust',
|
|
143
|
+
category: 'safe-hash',
|
|
144
|
+
algorithm: 'SHA-256',
|
|
145
|
+
risk: 'safe',
|
|
146
|
+
confidence: 'medium',
|
|
147
|
+
importPatterns: [/use sha2::/, /use sha3::/],
|
|
148
|
+
callPatterns: [
|
|
149
|
+
/Sha256::digest/,
|
|
150
|
+
/Sha256::new/,
|
|
151
|
+
/Sha384::/,
|
|
152
|
+
/Sha512::/,
|
|
153
|
+
],
|
|
154
|
+
description: 'SHA-256/384/512 are quantum-resistant hash functions',
|
|
155
|
+
migration: 'No migration needed — already quantum-safe',
|
|
156
|
+
},
|
|
157
|
+
{
|
|
158
|
+
id: 'rust-md5-crate',
|
|
159
|
+
language: 'rust',
|
|
160
|
+
category: 'weak-hash',
|
|
161
|
+
algorithm: 'MD5',
|
|
162
|
+
risk: 'critical',
|
|
163
|
+
confidence: 'medium',
|
|
164
|
+
importPatterns: [/use md5::/],
|
|
165
|
+
callPatterns: [
|
|
166
|
+
/Md5::digest/,
|
|
167
|
+
/Md5::new/,
|
|
168
|
+
],
|
|
169
|
+
description: 'MD5 is cryptographically broken and unsuitable for any security use',
|
|
170
|
+
migration: 'Migrate to SHA-256 or SHA-3 for hashing',
|
|
171
|
+
cweId: 'CWE-328',
|
|
172
|
+
},
|
|
173
|
+
// === openssl crate ===
|
|
174
|
+
{
|
|
175
|
+
id: 'rust-openssl-rsa',
|
|
176
|
+
language: 'rust',
|
|
177
|
+
category: 'asymmetric-encryption',
|
|
178
|
+
algorithm: 'RSA',
|
|
179
|
+
risk: 'critical',
|
|
180
|
+
confidence: 'medium',
|
|
181
|
+
importPatterns: [/use openssl::rsa/, /use openssl::pkey/],
|
|
182
|
+
callPatterns: [
|
|
183
|
+
/Rsa::generate/,
|
|
184
|
+
/PKey::from_rsa/,
|
|
185
|
+
/Rsa::public_key_from_/,
|
|
186
|
+
/Rsa::private_key_from_/,
|
|
187
|
+
],
|
|
188
|
+
description: "openssl crate RSA operations are vulnerable to quantum attacks via Shor's algorithm",
|
|
189
|
+
migration: 'Migrate to ML-KEM (FIPS 203) for encryption or ML-DSA (FIPS 204) for signatures',
|
|
190
|
+
nistRef: 'FIPS 203/204',
|
|
191
|
+
cweId: 'CWE-327',
|
|
192
|
+
},
|
|
193
|
+
{
|
|
194
|
+
id: 'rust-openssl-ec',
|
|
195
|
+
language: 'rust',
|
|
196
|
+
category: 'asymmetric-encryption',
|
|
197
|
+
algorithm: 'ECDSA',
|
|
198
|
+
risk: 'critical',
|
|
199
|
+
confidence: 'medium',
|
|
200
|
+
importPatterns: [/use openssl::ec/],
|
|
201
|
+
callPatterns: [
|
|
202
|
+
/EcKey::generate/,
|
|
203
|
+
/EcGroup::from_curve_name/,
|
|
204
|
+
/EcKey::from_/,
|
|
205
|
+
],
|
|
206
|
+
description: "openssl crate EC operations are vulnerable to quantum attacks via Shor's algorithm",
|
|
207
|
+
migration: 'Migrate to ML-DSA (FIPS 204) for signatures or ML-KEM (FIPS 203) for key exchange',
|
|
208
|
+
nistRef: 'FIPS 203/204',
|
|
209
|
+
cweId: 'CWE-327',
|
|
210
|
+
},
|
|
211
|
+
// === PQC ===
|
|
212
|
+
{
|
|
213
|
+
id: 'rust-pqc-pqcrypto',
|
|
214
|
+
language: 'rust',
|
|
215
|
+
category: 'pqc-algorithm',
|
|
216
|
+
algorithm: 'PQC (pqcrypto)',
|
|
217
|
+
risk: 'safe',
|
|
218
|
+
confidence: 'high',
|
|
219
|
+
importPatterns: [/use\s+pqcrypto::/, /use\s+pqcrypto_\w+/],
|
|
220
|
+
callPatterns: [
|
|
221
|
+
/pqcrypto::\w+::\w+::keypair\s*\(/,
|
|
222
|
+
/pqcrypto::\w+::\w+::encapsulate\s*\(/,
|
|
223
|
+
/pqcrypto::\w+::\w+::sign\s*\(/,
|
|
224
|
+
],
|
|
225
|
+
description: 'pqcrypto Rust crate for PQC algorithms',
|
|
226
|
+
migration: 'Already using PQC — verify algorithm is NIST-approved (ML-KEM, ML-DSA, SLH-DSA)',
|
|
227
|
+
},
|
|
228
|
+
{
|
|
229
|
+
id: 'rust-pqc-oqs',
|
|
230
|
+
language: 'rust',
|
|
231
|
+
category: 'pqc-algorithm',
|
|
232
|
+
algorithm: 'PQC (oqs)',
|
|
233
|
+
risk: 'safe',
|
|
234
|
+
confidence: 'high',
|
|
235
|
+
importPatterns: [/use\s+oqs::/, /extern\s+crate\s+oqs/],
|
|
236
|
+
callPatterns: [
|
|
237
|
+
/oqs::kem::Kem/,
|
|
238
|
+
/oqs::sig::Sig/,
|
|
239
|
+
/Kem::new\s*\(/,
|
|
240
|
+
/Sig::new\s*\(/,
|
|
241
|
+
],
|
|
242
|
+
description: 'liboqs Rust bindings for PQC algorithms',
|
|
243
|
+
migration: 'Already using PQC — verify algorithm is NIST-approved (ML-KEM, ML-DSA, SLH-DSA)',
|
|
244
|
+
},
|
|
245
|
+
];
|
|
246
|
+
//# sourceMappingURL=rust.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"rust.js","sourceRoot":"","sources":["../../../../src/scanner/code/patterns/rust.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,YAAY,GAAoB;IAC3C,eAAe;IACf;QACE,EAAE,EAAE,qBAAqB;QACzB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,MAAM;QACjB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,qBAAqB,CAAC;QACvC,YAAY,EAAE;YACZ,0CAA0C;YAC1C,4BAA4B;YAC5B,mCAAmC;SACpC;QACD,WAAW,EAAE,+EAA+E;QAC5F,SAAS,EAAE,oDAAoD;QAC/D,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,mBAAmB;QAC9B,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,qBAAqB,CAAC;QACvC,YAAY,EAAE;YACZ,kCAAkC;YAClC,8BAA8B;YAC9B,qBAAqB;YACrB,mCAAmC;YACnC,gCAAgC;SACjC;QACD,WAAW,EAAE,sGAAsG;QACnH,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,kBAAkB;QAC7B,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,gBAAgB,CAAC;QAClC,YAAY,EAAE;YACZ,uBAAuB;YACvB,uBAAuB;YACvB,wBAAwB;YACxB,uBAAuB;SACxB;QACD,WAAW,EAAE,2CAA2C;QACxD,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,kBAAkB,CAAC;QACpC,YAAY,EAAE;YACZ,qBAAqB;YACrB,sBAAsB;SACvB;QACD,WAAW,EAAE,4DAA4D;QACzE,SAAS,EAAE,4CAA4C;KACxD;IACD,qBAAqB;IACrB;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,WAAW,CAAC;QAC7B,YAAY,EAAE;YACZ,oBAAoB;YACpB,mBAAmB;YACnB,sBAAsB;YACtB,qBAAqB;SACtB;QACD,WAAW,EAAE,uEAAuE;QACpF,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,mBAAmB;QAC7B,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE;YACd,aAAa;YACb,iBAAiB;YACjB,iBAAiB;YACjB,iBAAiB;SAClB;QACD,YAAY,EAAE;YACZ,oBAAoB;YACpB,mBAAmB;YACnB,qBAAqB;YACrB,mBAAmB;SACpB;QACD,WAAW,EAAE,yEAAyE;QACtF,SAAS,EAAE,qDAAqD;QAChE,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,gBAAgB;QAC1B,SAAS,EAAE,kBAAkB;QAC7B,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE;YACd,eAAe;YACf,WAAW;YACX,wBAAwB;SACzB;QACD,YAAY,EAAE;YACZ,gBAAgB;YAChB,gBAAgB;YAChB,2BAA2B;YAC3B,2BAA2B;YAC3B,uBAAuB;YACvB,wBAAwB;SACzB;QACD,WAAW,EAAE,0EAA0E;QACvF,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,SAAS;QACpB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,YAAY,EAAE,YAAY,CAAC;QAC5C,YAAY,EAAE;YACZ,gBAAgB;YAChB,aAAa;YACb,UAAU;YACV,UAAU;SACX;QACD,WAAW,EAAE,sDAAsD;QACnE,SAAS,EAAE,4CAA4C;KACxD;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,WAAW;QACrB,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,WAAW,CAAC;QAC7B,YAAY,EAAE;YACZ,aAAa;YACb,UAAU;SACX;QACD,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,yCAAyC;QACpD,KAAK,EAAE,SAAS;KACjB;IACD,wBAAwB;IACxB;QACE,EAAE,EAAE,kBAAkB;QACtB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,KAAK;QAChB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,kBAAkB,EAAE,mBAAmB,CAAC;QACzD,YAAY,EAAE;YACZ,eAAe;YACf,gBAAgB;YAChB,uBAAuB;YACvB,wBAAwB;SACzB;QACD,WAAW,EAAE,qFAAqF;QAClG,SAAS,EAAE,iFAAiF;QAC5F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,uBAAuB;QACjC,SAAS,EAAE,OAAO;QAClB,IAAI,EAAE,UAAU;QAChB,UAAU,EAAE,QAAQ;QACpB,cAAc,EAAE,CAAC,iBAAiB,CAAC;QACnC,YAAY,EAAE;YACZ,iBAAiB;YACjB,0BAA0B;YAC1B,cAAc;SACf;QACD,WAAW,EAAE,oFAAoF;QACjG,SAAS,EAAE,mFAAmF;QAC9F,OAAO,EAAE,cAAc;QACvB,KAAK,EAAE,SAAS;KACjB;IACD,cAAc;IACd;QACE,EAAE,EAAE,mBAAmB;QACvB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,gBAAgB;QAC3B,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,kBAAkB,EAAE,oBAAoB,CAAC;QAC1D,YAAY,EAAE;YACZ,kCAAkC;YAClC,sCAAsC;YACtC,+BAA+B;SAChC;QACD,WAAW,EAAE,wCAAwC;QACrD,SAAS,EAAE,iFAAiF;KAC7F;IACD;QACE,EAAE,EAAE,cAAc;QAClB,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,eAAe;QACzB,SAAS,EAAE,WAAW;QACtB,IAAI,EAAE,MAAM;QACZ,UAAU,EAAE,MAAM;QAClB,cAAc,EAAE,CAAC,aAAa,EAAE,sBAAsB,CAAC;QACvD,YAAY,EAAE;YACZ,eAAe;YACf,eAAe;YACf,eAAe;YACf,eAAe;SAChB;QACD,WAAW,EAAE,yCAAyC;QACtD,SAAS,EAAE,iFAAiF;KAC7F;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"risk-assessor.d.ts","sourceRoot":"","sources":["../../../src/scanner/code/risk-assessor.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EACV,WAAW,EACX,QAAQ,EACR,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,aAAa,EAEb,eAAe,EAChB,MAAM,sBAAsB,CAAC;AAI9B,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,YAAY,CAAC;IACtB,SAAS,EAAE,gBAAgB,GAAG,gBAAgB,GAAG,SAAS,CAAC;CAC5D;AAkFD,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,EAAE,CAcvE;AA4BD,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,MAAM,EAAE,EACf,UAAU,EAAE,MAAM,EAClB,UAAU,GAAE,MAAU,GACrB,aAAa,EAAE,CAsBjB;
|
|
1
|
+
{"version":3,"file":"risk-assessor.d.ts","sourceRoot":"","sources":["../../../src/scanner/code/risk-assessor.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EACV,WAAW,EACX,QAAQ,EACR,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,aAAa,EAEb,eAAe,EAChB,MAAM,sBAAsB,CAAC;AAI9B,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,YAAY,CAAC;IACtB,SAAS,EAAE,gBAAgB,GAAG,gBAAgB,GAAG,SAAS,CAAC;CAC5D;AAkFD,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,EAAE,CAcvE;AA4BD,wBAAgB,uBAAuB,CACrC,KAAK,EAAE,MAAM,EAAE,EACf,UAAU,EAAE,MAAM,EAClB,UAAU,GAAE,MAAU,GACrB,aAAa,EAAE,CAsBjB;AAoDD,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,GAAG,aAAa,EAAE,CA4BxF;AAuBD,wBAAgB,yBAAyB,CAAC,WAAW,EAAE,MAAM,GAAG,aAAa,EAAE,CAgB9E;AAmFD,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,aAAa,CAAC;IACtB,eAAe,EAAE,YAAY,CAAC;CAC/B;AAUD,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,WAAW,EACpB,KAAK,EAAE,MAAM,EAAE,EACf,UAAU,EAAE,MAAM,EAClB,OAAO,EAAE,MAAM,GACd,qBAAqB,GAAG,IAAI,CAuB9B;AAID,wBAAgB,cAAc,CAAC,OAAO,EAAE,aAAa,EAAE,GAAG,eAAe,CAqBxE;AA2DD,wBAAgB,mBAAmB,CACjC,YAAY,EAAE,SAAS,EACvB,OAAO,EAAE,YAAY,GACpB,YAAY,CAEd;AAID,wBAAgB,cAAc,CAC5B,QAAQ,EAAE,WAAW,EAAE,EACvB,YAAY,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAChC,eAAe,EAAE,CAEnB"}
|