pqaudit 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +41 -5
- package/dist/cli.js +5 -0
- package/dist/cli.js.map +1 -1
- package/dist/reporter/text.d.ts.map +1 -1
- package/dist/reporter/text.js +4 -1
- package/dist/reporter/text.js.map +1 -1
- package/dist/scanner/engine.d.ts.map +1 -1
- package/dist/scanner/engine.js +30 -3
- package/dist/scanner/engine.js.map +1 -1
- package/dist/types.d.ts +6 -0
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
# pqaudit
|
|
2
2
|
|
|
3
|
+
[](https://github.com/PQCWorld/pqaudit/actions/workflows/ci.yml)
|
|
4
|
+
[](https://www.npmjs.com/package/pqaudit)
|
|
5
|
+
[](LICENSE)
|
|
6
|
+
|
|
3
7
|
Scan codebases for quantum-vulnerable cryptography. Get a clear picture of what needs to migrate before [Q-Day](https://en.wikipedia.org/wiki/Q-day).
|
|
4
8
|
|
|
5
9
|
pqaudit detects usage of RSA, ECDSA, Ed25519, ECDH, DH, and other algorithms broken by Shor's algorithm. It also identifies already-migrated PQC usage (ML-KEM, ML-DSA, SLH-DSA) so you can track migration progress. Output as human-readable text, JSON, [CycloneDX CBOM](https://cyclonedx.org/capabilities/cbom/), or [SARIF](https://sarifweb.azurewebsites.net/) for GitHub Code Scanning.
|
|
@@ -39,6 +43,12 @@ pqaudit . --format sarif --output results.sarif
|
|
|
39
43
|
# CI mode — exit code 1 if critical/high findings exist
|
|
40
44
|
pqaudit . --ci
|
|
41
45
|
|
|
46
|
+
# Show all findings including low-confidence comment matches
|
|
47
|
+
pqaudit . --min-confidence 0
|
|
48
|
+
|
|
49
|
+
# Show every occurrence instead of collapsing per file
|
|
50
|
+
pqaudit . --no-dedupe
|
|
51
|
+
|
|
42
52
|
# Skip dependency scanning
|
|
43
53
|
pqaudit . --no-deps
|
|
44
54
|
|
|
@@ -46,25 +56,45 @@ pqaudit . --no-deps
|
|
|
46
56
|
pqaudit . --rules ./my-rules.yaml
|
|
47
57
|
```
|
|
48
58
|
|
|
59
|
+
### All options
|
|
60
|
+
|
|
61
|
+
| Flag | Description | Default |
|
|
62
|
+
|------|-------------|---------|
|
|
63
|
+
| `-f, --format <format>` | Output format: `text`, `json`, `cbom`, `sarif` | `text` |
|
|
64
|
+
| `-o, --output <file>` | Write output to file | stdout |
|
|
65
|
+
| `-s, --severity <level>` | Minimum severity: `critical`, `high`, `medium`, `low`, `safe` | `safe` |
|
|
66
|
+
| `--min-confidence <0-100>` | Filter findings below this confidence threshold | `50` |
|
|
67
|
+
| `--no-dedupe` | Show all occurrences instead of collapsing per file | dedupe on |
|
|
68
|
+
| `--no-deps` | Skip npm dependency scanning | scan deps |
|
|
69
|
+
| `--include <patterns...>` | Glob patterns to include | all source files |
|
|
70
|
+
| `--exclude <patterns...>` | Additional glob patterns to exclude | node_modules, dist, etc. |
|
|
71
|
+
| `--rules <path>` | Path to custom rules YAML file | built-in rules |
|
|
72
|
+
| `--ci` | Exit code 1 if critical or high findings exist | off |
|
|
73
|
+
|
|
49
74
|
## Example output
|
|
50
75
|
|
|
51
76
|
```
|
|
52
77
|
pqaudit — Post-Quantum Cryptography Readiness Scanner
|
|
53
78
|
Scanned: ./my-project
|
|
54
|
-
Date: 2026-04-01T00:00:00.000Z
|
|
55
79
|
|
|
56
80
|
NOT PQC READY — Quantum-vulnerable cryptography detected
|
|
57
81
|
|
|
58
|
-
Files scanned: 65 | Findings:
|
|
59
|
-
Critical:
|
|
82
|
+
Files scanned: 65 | Findings: 12
|
|
83
|
+
Critical: 7 High: 2 Medium: 1 Low: 0 Safe: 2
|
|
60
84
|
|
|
61
|
-
--- CRITICAL (
|
|
85
|
+
--- CRITICAL (7) ---
|
|
62
86
|
|
|
63
|
-
[!!] Ed25519 — Ed25519 signatures —
|
|
87
|
+
[!!] Ed25519 — Ed25519 signatures — vulnerable to Shor's algorithm (14 occurrences)
|
|
64
88
|
src/crypto/signing.ts:14
|
|
65
89
|
> import { sign, verify } from "@noble/ed25519";
|
|
66
90
|
Fix: ML-DSA-65 (FIPS 204) or hybrid Ed25519+ML-DSA-65
|
|
67
91
|
Confidence: 90% | Effort: moderate | Via: regex
|
|
92
|
+
|
|
93
|
+
[!!] RSA — RSA signature — vulnerable to quantum factoring (3 occurrences)
|
|
94
|
+
src/auth/jwt.ts:42
|
|
95
|
+
> jwt.sign(payload, key, { algorithm: "RS256" });
|
|
96
|
+
Fix: ML-DSA-65 (FIPS 204)
|
|
97
|
+
Confidence: 85% | Effort: complex | Via: regex
|
|
68
98
|
...
|
|
69
99
|
```
|
|
70
100
|
|
|
@@ -156,6 +186,8 @@ Rules are defined in YAML:
|
|
|
156
186
|
- "import.*myVulnerableLib"
|
|
157
187
|
```
|
|
158
188
|
|
|
189
|
+
See [CONTRIBUTING.md](CONTRIBUTING.md) for the full rule schema and how to submit new rules.
|
|
190
|
+
|
|
159
191
|
## Detection methods
|
|
160
192
|
|
|
161
193
|
Currently implements L0 (regex) detection. Planned:
|
|
@@ -165,6 +197,10 @@ Currently implements L0 (regex) detection. Planned:
|
|
|
165
197
|
- **Network scanning**: TLS/SSH endpoint analysis
|
|
166
198
|
- **More languages**: Cargo.toml, build.gradle, requirements.txt dependency scanning
|
|
167
199
|
|
|
200
|
+
## Contributing
|
|
201
|
+
|
|
202
|
+
See [CONTRIBUTING.md](CONTRIBUTING.md) for guidelines on submitting rules, bug fixes, and new features.
|
|
203
|
+
|
|
168
204
|
## References
|
|
169
205
|
|
|
170
206
|
- [NIST FIPS 203 — ML-KEM](https://csrc.nist.gov/pubs/fips/203/final)
|
package/dist/cli.js
CHANGED
|
@@ -19,6 +19,9 @@ program
|
|
|
19
19
|
.option("--include <patterns...>", "File patterns to include")
|
|
20
20
|
.option("--exclude <patterns...>", "Additional file patterns to exclude")
|
|
21
21
|
.option("--rules <dir>", "Path to custom rules YAML file")
|
|
22
|
+
.option("--min-confidence <number>", "Minimum confidence 0-100 (default 50)", "50")
|
|
23
|
+
.option("--dedupe", "Collapse duplicate findings per file (default: true)")
|
|
24
|
+
.option("--no-dedupe", "Show all occurrences instead of collapsing duplicates")
|
|
22
25
|
.option("--ci", "Exit with code 1 if critical/high findings exist")
|
|
23
26
|
.action(async (target, opts) => {
|
|
24
27
|
const config = {
|
|
@@ -30,6 +33,8 @@ program
|
|
|
30
33
|
include: opts.include,
|
|
31
34
|
exclude: opts.exclude,
|
|
32
35
|
rulesDir: opts.rules,
|
|
36
|
+
minConfidence: Number(opts.minConfidence),
|
|
37
|
+
dedupe: opts.dedupe !== false,
|
|
33
38
|
};
|
|
34
39
|
const result = await scan(config);
|
|
35
40
|
let output;
|
package/dist/cli.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAGlD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,SAAS,CAAC;KACf,WAAW,CACV,0GAA0G,CAC3G;KACA,OAAO,CAAC,OAAO,CAAC;KAChB,QAAQ,CAAC,UAAU,EAAE,mBAAmB,EAAE,GAAG,CAAC;KAC9C,MAAM,CACL,uBAAuB,EACvB,wCAAwC,EACxC,MAAM,CACP;KACA,MAAM,CAAC,qBAAqB,EAAE,wCAAwC,CAAC;KACvE,MAAM,CACL,wBAAwB,EACxB,+DAA+D,EAC/D,MAAM,CACP;KACA,MAAM,CAAC,WAAW,EAAE,0BAA0B,CAAC;KAC/C,MAAM,CAAC,yBAAyB,EAAE,0BAA0B,CAAC;KAC7D,MAAM,CAAC,yBAAyB,EAAE,qCAAqC,CAAC;KACxE,MAAM,CAAC,eAAe,EAAE,gCAAgC,CAAC;KACzD,MAAM,CAAC,MAAM,EAAE,kDAAkD,CAAC;KAClE,MAAM,CAAC,KAAK,EAAE,MAAc,EAAE,IAAI,EAAE,EAAE;IACrC,MAAM,MAAM,GAAe;QACzB,MAAM;QACN,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,WAAW,EAAE,IAAI,CAAC,QAAoB;QACtC,gBAAgB,EAAE,IAAI,CAAC,IAAI,KAAK,KAAK;QACrC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,QAAQ,EAAE,IAAI,CAAC,KAAK;
|
|
1
|
+
{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AACxC,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,IAAI,EAAE,MAAM,qBAAqB,CAAC;AAC3C,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAGlD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,SAAS,CAAC;KACf,WAAW,CACV,0GAA0G,CAC3G;KACA,OAAO,CAAC,OAAO,CAAC;KAChB,QAAQ,CAAC,UAAU,EAAE,mBAAmB,EAAE,GAAG,CAAC;KAC9C,MAAM,CACL,uBAAuB,EACvB,wCAAwC,EACxC,MAAM,CACP;KACA,MAAM,CAAC,qBAAqB,EAAE,wCAAwC,CAAC;KACvE,MAAM,CACL,wBAAwB,EACxB,+DAA+D,EAC/D,MAAM,CACP;KACA,MAAM,CAAC,WAAW,EAAE,0BAA0B,CAAC;KAC/C,MAAM,CAAC,yBAAyB,EAAE,0BAA0B,CAAC;KAC7D,MAAM,CAAC,yBAAyB,EAAE,qCAAqC,CAAC;KACxE,MAAM,CAAC,eAAe,EAAE,gCAAgC,CAAC;KACzD,MAAM,CAAC,2BAA2B,EAAE,uCAAuC,EAAE,IAAI,CAAC;KAClF,MAAM,CAAC,UAAU,EAAE,sDAAsD,CAAC;KAC1E,MAAM,CAAC,aAAa,EAAE,uDAAuD,CAAC;KAC9E,MAAM,CAAC,MAAM,EAAE,kDAAkD,CAAC;KAClE,MAAM,CAAC,KAAK,EAAE,MAAc,EAAE,IAAI,EAAE,EAAE;IACrC,MAAM,MAAM,GAAe;QACzB,MAAM;QACN,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,MAAM,EAAE,IAAI,CAAC,MAAM;QACnB,WAAW,EAAE,IAAI,CAAC,QAAoB;QACtC,gBAAgB,EAAE,IAAI,CAAC,IAAI,KAAK,KAAK;QACrC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,QAAQ,EAAE,IAAI,CAAC,KAAK;QACpB,aAAa,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC;QACzC,MAAM,EAAE,IAAI,CAAC,MAAM,KAAK,KAAK;KAC9B,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,CAAC;IAElC,IAAI,MAAc,CAAC;IACnB,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,KAAK,MAAM;YACT,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;YAC5B,MAAM;QACR,KAAK,MAAM;YACT,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;YAC5B,MAAM;QACR,KAAK,OAAO;YACV,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;YAC7B,MAAM;QACR,KAAK,MAAM,CAAC;QACZ;YACE,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;YAC5B,MAAM;IACV,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,aAAa,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;QAC9C,IAAI,MAAM,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,+CAA+C;IAC/C,IAAI,IAAI,CAAC,EAAE,EAAE,CAAC;QACZ,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC;QACrD,IAAI,QAAQ,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"text.d.ts","sourceRoot":"","sources":["../../src/reporter/text.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAW,UAAU,EAAY,MAAM,aAAa,CAAC;AAkBjE,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"text.d.ts","sourceRoot":"","sources":["../../src/reporter/text.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAW,UAAU,EAAY,MAAM,aAAa,CAAC;AAkBjE,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA2ErD"}
|
package/dist/reporter/text.js
CHANGED
|
@@ -54,7 +54,10 @@ export function formatText(result) {
|
|
|
54
54
|
const loc = f.location.line
|
|
55
55
|
? `${f.location.file}:${f.location.line}`
|
|
56
56
|
: f.location.file;
|
|
57
|
-
|
|
57
|
+
const occLabel = f.occurrences && f.occurrences > 1
|
|
58
|
+
? ` (${f.occurrences} occurrences)`
|
|
59
|
+
: "";
|
|
60
|
+
lines.push(color(` [${icon}] ${f.algorithm} — ${f.description}${occLabel}`));
|
|
58
61
|
lines.push(chalk.dim(` ${loc}`));
|
|
59
62
|
if (f.location.snippet) {
|
|
60
63
|
lines.push(chalk.dim(` > ${f.location.snippet}`));
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"text.js","sourceRoot":"","sources":["../../src/reporter/text.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,MAAM,eAAe,GAA4C;IAC/D,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI;IACxB,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,IAAI;IACvB,MAAM,EAAE,KAAK,CAAC,MAAM;IACpB,GAAG,EAAE,KAAK,CAAC,IAAI;IACf,IAAI,EAAE,KAAK,CAAC,KAAK;CAClB,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,QAAQ,EAAE,IAAI;IACd,IAAI,EAAE,GAAG;IACT,MAAM,EAAE,GAAG;IACX,GAAG,EAAE,GAAG;IACR,IAAI,EAAE,IAAI;CACX,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,MAAkB;IAC3C,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC,CAAC;IAClF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,cAAc;IACd,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC;IACzB,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC,CAAC;IACtF,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAC7E,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,QAAQ;IACR,KAAK,CAAC,IAAI,CACR,oBAAoB,CAAC,CAAC,YAAY,kBAAkB,CAAC,CAAC,aAAa,EAAE,CACtE,CAAC;IACF,KAAK,CAAC,IAAI,CACR,KAAK,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,IAAI;QACtD,GAAG,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI;QACjD,GAAG,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,IAAI;QACrD,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI;QAC7C,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,EAAE,CACjD,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,oBAAoB;IACpB,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEjD,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,OAAO,EAAE,CAAC;QAC3C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEpC,MAAM,KAAK,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,MAAM,OAAO,CAAC,CAAC,CAAC;QAC9E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YACxC,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI;gBACzB,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE;gBACzC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;YAEpB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,SAAS,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"text.js","sourceRoot":"","sources":["../../src/reporter/text.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B,MAAM,eAAe,GAA4C;IAC/D,QAAQ,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI;IACxB,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,IAAI;IACvB,MAAM,EAAE,KAAK,CAAC,MAAM;IACpB,GAAG,EAAE,KAAK,CAAC,IAAI;IACf,IAAI,EAAE,KAAK,CAAC,KAAK;CAClB,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,QAAQ,EAAE,IAAI;IACd,IAAI,EAAE,GAAG;IACT,MAAM,EAAE,GAAG;IACX,GAAG,EAAE,GAAG;IACR,IAAI,EAAE,IAAI;CACX,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,MAAkB;IAC3C,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC,CAAC;IAClF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,cAAc;IACd,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC;IACzB,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAAC,CAAC;IACtF,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAC7E,CAAC;IACJ,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,QAAQ;IACR,KAAK,CAAC,IAAI,CACR,oBAAoB,CAAC,CAAC,YAAY,kBAAkB,CAAC,CAAC,aAAa,EAAE,CACtE,CAAC;IACF,KAAK,CAAC,IAAI,CACR,KAAK,KAAK,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,IAAI;QACtD,GAAG,KAAK,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,IAAI;QACjD,GAAG,KAAK,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,IAAI;QACrD,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,IAAI;QAC7C,GAAG,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,EAAE,CACjD,CAAC;IACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC7B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,oBAAoB;IACpB,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEjD,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,OAAO,EAAE,CAAC;QAC3C,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEpC,MAAM,KAAK,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,QAAQ,CAAC,WAAW,EAAE,KAAK,QAAQ,CAAC,MAAM,OAAO,CAAC,CAAC,CAAC;QAC9E,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YACxC,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI;gBACzB,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE;gBACzC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;YAEpB,MAAM,QAAQ,GAAG,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,WAAW,GAAG,CAAC;gBACjD,CAAC,CAAC,KAAK,CAAC,CAAC,WAAW,eAAe;gBACnC,CAAC,CAAC,EAAE,CAAC;YACP,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,IAAI,KAAK,CAAC,CAAC,SAAS,MAAM,CAAC,CAAC,WAAW,GAAG,QAAQ,EAAE,CAAC,CAAC,CAAC;YAC9E,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC;YACtC,IAAI,CAAC,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACvB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;YACzD,CAAC;YACD,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;gBAClB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;YACxD,CAAC;YACD,KAAK,CAAC,IAAI,CACR,KAAK,CAAC,GAAG,CACP,qBAAqB,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,eAAe,CAAC,CAAC,MAAM,WAAW,CAAC,CAAC,eAAe,EAAE,CACzG,CACF,CAAC;YACF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,eAAe,CACtB,QAAmB;IAEnB,MAAM,MAAM,GAAgC;QAC1C,QAAQ,EAAE,EAAE;QACZ,IAAI,EAAE,EAAE;QACR,MAAM,EAAE,EAAE;QACV,GAAG,EAAE,EAAE;QACP,IAAI,EAAE,EAAE;KACT,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IAED,OAAO,MAAM,CAAC,OAAO,CAAC,MAAM,CAA4B,CAAC;AAC3D,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/scanner/engine.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAGV,UAAU,EACV,UAAU,EAIX,MAAM,aAAa,CAAC;AA0BrB,wBAAsB,IAAI,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,
|
|
1
|
+
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/scanner/engine.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAGV,UAAU,EACV,UAAU,EAIX,MAAM,aAAa,CAAC;AA0BrB,wBAAsB,IAAI,CAAC,MAAM,EAAE,UAAU,GAAG,OAAO,CAAC,UAAU,CAAC,CA4ElE"}
|
package/dist/scanner/engine.js
CHANGED
|
@@ -51,6 +51,9 @@ export async function scan(config) {
|
|
|
51
51
|
const depFindings = scanNpmDependencies(target);
|
|
52
52
|
allFindings.push(...depFindings);
|
|
53
53
|
}
|
|
54
|
+
// Filter by minimum confidence
|
|
55
|
+
const minConfidence = config.minConfidence ?? 50;
|
|
56
|
+
const confidenceFiltered = allFindings.filter((f) => f.confidence * 100 >= minConfidence);
|
|
54
57
|
// Filter by minimum severity
|
|
55
58
|
const severityOrder = {
|
|
56
59
|
critical: 0,
|
|
@@ -60,7 +63,7 @@ export async function scan(config) {
|
|
|
60
63
|
safe: 4,
|
|
61
64
|
};
|
|
62
65
|
const minLevel = severityOrder[config.minSeverity];
|
|
63
|
-
const filtered =
|
|
66
|
+
const filtered = confidenceFiltered.filter((f) => severityOrder[f.severity] <= minLevel);
|
|
64
67
|
// Sort: critical first, then by file
|
|
65
68
|
filtered.sort((a, b) => {
|
|
66
69
|
const sevDiff = severityOrder[a.severity] - severityOrder[b.severity];
|
|
@@ -68,15 +71,39 @@ export async function scan(config) {
|
|
|
68
71
|
return sevDiff;
|
|
69
72
|
return a.location.file.localeCompare(b.location.file);
|
|
70
73
|
});
|
|
74
|
+
// Deduplicate findings with same ruleId + file
|
|
75
|
+
const deduped = config.dedupe !== false ? deduplicateFindings(filtered) : filtered;
|
|
71
76
|
// Build summary
|
|
72
|
-
const summary = buildSummary(
|
|
77
|
+
const summary = buildSummary(deduped, uniqueFiles.length);
|
|
73
78
|
return {
|
|
74
79
|
timestamp: new Date().toISOString(),
|
|
75
80
|
target: config.target,
|
|
76
|
-
findings:
|
|
81
|
+
findings: deduped,
|
|
77
82
|
summary,
|
|
78
83
|
};
|
|
79
84
|
}
|
|
85
|
+
function deduplicateFindings(findings) {
|
|
86
|
+
const groups = new Map();
|
|
87
|
+
for (const f of findings) {
|
|
88
|
+
const key = `${f.ruleId}\0${f.location.file}`;
|
|
89
|
+
const group = groups.get(key);
|
|
90
|
+
if (group) {
|
|
91
|
+
group.push(f);
|
|
92
|
+
}
|
|
93
|
+
else {
|
|
94
|
+
groups.set(key, [f]);
|
|
95
|
+
}
|
|
96
|
+
}
|
|
97
|
+
const result = [];
|
|
98
|
+
for (const group of groups.values()) {
|
|
99
|
+
const first = { ...group[0] };
|
|
100
|
+
if (group.length > 1) {
|
|
101
|
+
first.occurrences = group.length;
|
|
102
|
+
}
|
|
103
|
+
result.push(first);
|
|
104
|
+
}
|
|
105
|
+
return result;
|
|
106
|
+
}
|
|
80
107
|
function buildSummary(findings, filesScanned) {
|
|
81
108
|
const bySeverity = {
|
|
82
109
|
critical: 0,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/scanner/engine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAU5B,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAE9D,MAAM,eAAe,GAAG;IACtB,oBAAoB;IACpB,YAAY;IACZ,aAAa;IACb,YAAY;IACZ,cAAc;IACd,cAAc;IACd,mBAAmB;IACnB,aAAa;IACb,gBAAgB;IAChB,aAAa;IACb,UAAU;IACV,sBAAsB;IACtB,cAAc;IACd,mBAAmB;IACnB,eAAe;CAChB,CAAC;AAEF,MAAM,iBAAiB,GACrB,8IAA8I,CAAC;AAEjJ,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,MAAkB;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEzC,iBAAiB;IACjB,MAAM,eAAe,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IACxE,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAE9D,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YAClC,GAAG,EAAE,MAAM;YACX,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,eAAe;YACvB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QACH,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;IACzB,CAAC;IAED,cAAc;IACd,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAExC,aAAa;IACb,MAAM,WAAW,GAAc,EAAE,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACnC,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QAChD,WAAW,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;IACpC,CAAC;IAED,oBAAoB;IACpB,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAChD,WAAW,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;IACnC,CAAC;IAED,6BAA6B;IAC7B,MAAM,aAAa,GAA6B;QAC9C,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,
|
|
1
|
+
{"version":3,"file":"engine.js","sourceRoot":"","sources":["../../src/scanner/engine.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AAC9C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAU5B,OAAO,EAAE,SAAS,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,EAAE,QAAQ,EAAE,MAAM,mBAAmB,CAAC;AAC7C,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAE9D,MAAM,eAAe,GAAG;IACtB,oBAAoB;IACpB,YAAY;IACZ,aAAa;IACb,YAAY;IACZ,cAAc;IACd,cAAc;IACd,mBAAmB;IACnB,aAAa;IACb,gBAAgB;IAChB,aAAa;IACb,UAAU;IACV,sBAAsB;IACtB,cAAc;IACd,mBAAmB;IACnB,eAAe;CAChB,CAAC;AAEF,MAAM,iBAAiB,GACrB,8IAA8I,CAAC;AAEjJ,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,MAAkB;IAC3C,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAEzC,iBAAiB;IACjB,MAAM,eAAe,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IACxE,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAE9D,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;YAClC,GAAG,EAAE,MAAM;YACX,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,eAAe;YACvB,KAAK,EAAE,IAAI;SACZ,CAAC,CAAC;QACH,KAAK,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;IACzB,CAAC;IAED,cAAc;IACd,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC;IAExC,aAAa;IACb,MAAM,WAAW,GAAc,EAAE,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,QAAQ,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;QACnC,MAAM,YAAY,GAAG,QAAQ,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QAChD,WAAW,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;IACpC,CAAC;IAED,oBAAoB;IACpB,IAAI,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAC5B,MAAM,WAAW,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAC;QAChD,WAAW,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;IACnC,CAAC;IAED,+BAA+B;IAC/B,MAAM,aAAa,GAAG,MAAM,CAAC,aAAa,IAAI,EAAE,CAAC;IACjD,MAAM,kBAAkB,GAAG,WAAW,CAAC,MAAM,CAC3C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,IAAI,aAAa,CAC3C,CAAC;IAEF,6BAA6B;IAC7B,MAAM,aAAa,GAA6B;QAC9C,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IACnD,MAAM,QAAQ,GAAG,kBAAkB,CAAC,MAAM,CACxC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAC7C,CAAC;IAEF,qCAAqC;IACrC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACrB,MAAM,OAAO,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACtE,IAAI,OAAO,KAAK,CAAC;YAAE,OAAO,OAAO,CAAC;QAClC,OAAO,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,+CAA+C;IAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC,CAAC,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;IAEnF,gBAAgB;IAChB,MAAM,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;IAE1D,OAAO;QACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,QAAQ,EAAE,OAAO;QACjB,OAAO;KACR,CAAC;AACJ,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAmB;IAC9C,MAAM,MAAM,GAAG,IAAI,GAAG,EAAqB,CAAC;IAE5C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAC9B,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChB,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAc,EAAE,CAAC;IAC7B,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QACpC,MAAM,KAAK,GAAG,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;QAC9B,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,KAAK,CAAC,WAAW,GAAG,KAAK,CAAC,MAAM,CAAC;QACnC,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,YAAY,CAAC,QAAmB,EAAE,YAAoB;IAC7D,MAAM,UAAU,GAA6B;QAC3C,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;KACR,CAAC;IAEF,MAAM,UAAU,GAAmC;QACjD,GAAG,EAAE,CAAC;QACN,SAAS,EAAE,CAAC;QACZ,IAAI,EAAE,CAAC;QACP,SAAS,EAAE,CAAC;QACZ,QAAQ,EAAE,CAAC;QACX,GAAG,EAAE,CAAC;KACP,CAAC;IAEF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;IAC3B,CAAC;IAED,MAAM,QAAQ,GACZ,UAAU,CAAC,QAAQ,KAAK,CAAC,IAAI,UAAU,CAAC,IAAI,KAAK,CAAC,CAAC;IAErD,OAAO;QACL,YAAY;QACZ,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,UAAU;QACV,UAAU;QACV,QAAQ;KACT,CAAC;AACJ,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -28,6 +28,8 @@ export interface Finding {
|
|
|
28
28
|
detectionMethod: DetectionMethod;
|
|
29
29
|
/** Confidence score 0.0-1.0 */
|
|
30
30
|
confidence: number;
|
|
31
|
+
/** Number of occurrences when deduplicated (1 if not set) */
|
|
32
|
+
occurrences?: number;
|
|
31
33
|
}
|
|
32
34
|
export interface FindingLocation {
|
|
33
35
|
/** File path relative to scan root */
|
|
@@ -78,6 +80,10 @@ export interface ScanConfig {
|
|
|
78
80
|
scanDependencies: boolean;
|
|
79
81
|
/** Custom rules directory */
|
|
80
82
|
rulesDir?: string;
|
|
83
|
+
/** Minimum confidence threshold 0-100 (findings below this are filtered out, default 50) */
|
|
84
|
+
minConfidence?: number;
|
|
85
|
+
/** Deduplicate findings with same ruleId + file (default: true) */
|
|
86
|
+
dedupe: boolean;
|
|
81
87
|
}
|
|
82
88
|
/** Scan result summary */
|
|
83
89
|
export interface ScanResult {
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,0CAA0C;AAC1C,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,0CAA0C;AAC1C,MAAM,MAAM,cAAc,GAAG,KAAK,GAAG,WAAW,GAAG,MAAM,GAAG,WAAW,GAAG,UAAU,GAAG,KAAK,CAAC;AAE7F,mCAAmC;AACnC,MAAM,MAAM,eAAe,GAAG,OAAO,GAAG,KAAK,GAAG,YAAY,GAAG,SAAS,CAAC;AAEzE,gCAAgC;AAChC,MAAM,MAAM,eAAe,GAAG,SAAS,GAAG,UAAU,GAAG,SAAS,GAAG,UAAU,CAAC;AAE9E,mDAAmD;AACnD,MAAM,WAAW,OAAO;IACtB,iDAAiD;IACjD,MAAM,EAAE,MAAM,CAAC;IACf,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,8BAA8B;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,6BAA6B;IAC7B,QAAQ,EAAE,cAAc,CAAC;IACzB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,gCAAgC;IAChC,MAAM,EAAE,eAAe,CAAC;IACxB,sBAAsB;IACtB,QAAQ,EAAE,eAAe,CAAC;IAC1B,4BAA4B;IAC5B,eAAe,EAAE,eAAe,CAAC;IACjC,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,0CAA0C;AAC1C,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;AAEvE,0CAA0C;AAC1C,MAAM,MAAM,cAAc,GAAG,KAAK,GAAG,WAAW,GAAG,MAAM,GAAG,WAAW,GAAG,UAAU,GAAG,KAAK,CAAC;AAE7F,mCAAmC;AACnC,MAAM,MAAM,eAAe,GAAG,OAAO,GAAG,KAAK,GAAG,YAAY,GAAG,SAAS,CAAC;AAEzE,gCAAgC;AAChC,MAAM,MAAM,eAAe,GAAG,SAAS,GAAG,UAAU,GAAG,SAAS,GAAG,UAAU,CAAC;AAE9E,mDAAmD;AACnD,MAAM,WAAW,OAAO;IACtB,iDAAiD;IACjD,MAAM,EAAE,MAAM,CAAC;IACf,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,8BAA8B;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,6BAA6B;IAC7B,QAAQ,EAAE,cAAc,CAAC;IACzB,2CAA2C;IAC3C,SAAS,EAAE,MAAM,CAAC;IAClB,kCAAkC;IAClC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,gCAAgC;IAChC,MAAM,EAAE,eAAe,CAAC;IACxB,sBAAsB;IACtB,QAAQ,EAAE,eAAe,CAAC;IAC1B,4BAA4B;IAC5B,eAAe,EAAE,eAAe,CAAC;IACjC,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,6DAA6D;IAC7D,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,eAAe;IAC9B,sCAAsC;IACtC,IAAI,EAAE,MAAM,CAAC;IACb,wCAAwC;IACxC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,0CAA0C;IAC1C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,sCAAsC;IACtC,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wCAAwC;AACxC,MAAM,WAAW,aAAa;IAC5B,6BAA6B;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,iCAAiC;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,4BAA4B;IAC5B,QAAQ,EAAE,QAAQ,CAAC;IACnB,6BAA6B;IAC7B,QAAQ,EAAE,cAAc,CAAC;IACzB,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,8BAA8B;IAC9B,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,uBAAuB;IACvB,MAAM,EAAE,eAAe,CAAC;IACxB,mDAAmD;IACnD,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,8BAA8B;IAC9B,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,yBAAyB;AACzB,MAAM,WAAW,UAAU;IACzB,6BAA6B;IAC7B,MAAM,EAAE,MAAM,CAAC;IACf,oBAAoB;IACpB,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,CAAC;IACpD,2CAA2C;IAC3C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,+BAA+B;IAC/B,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,iCAAiC;IACjC,WAAW,EAAE,QAAQ,CAAC;IACtB,wBAAwB;IACxB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,6BAA6B;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,4FAA4F;IAC5F,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,mEAAmE;IACnE,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,0BAA0B;AAC1B,MAAM,WAAW,UAAU;IACzB,wBAAwB;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,8BAA8B;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,mBAAmB;IACnB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,yBAAyB;IACzB,OAAO,EAAE,WAAW,CAAC;CACtB;AAED,MAAM,WAAW,WAAW;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,UAAU,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IACrC,UAAU,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAC3C,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,wCAAwC;AACxC,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAMnD,CAAC"}
|
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAmHA,wCAAwC;AACxC,MAAM,CAAC,MAAM,cAAc,GAA6B;IACtD,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC"}
|
package/package.json
CHANGED