secure-scan 1.2.2 → 1.2.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"riskScoring.d.ts","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/riskScoring.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAc,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAkChF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B;;OAEG;IACH,kBAAkB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM;
|
|
1
|
+
{"version":3,"file":"riskScoring.d.ts","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/riskScoring.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAc,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAkChF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B;;OAEG;IACH,kBAAkB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM;IA6BnE;;OAEG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU;IAQ5E;;OAEG;IACH,uBAAuB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC;IAgBtE;;OAEG;IACH,uBAAuB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC;IAe7E;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,GAAE,MAAW,GAAG,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;IAkB3H;;OAEG;IACH,yBAAyB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAUtE;;OAEG;IACH,wBAAwB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG;QACrF,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,eAAe,EAAE,MAAM,CAAC;QACxB,aAAa,EAAE,MAAM,CAAC;KACvB;CAkCF;AAED,eAAe,iBAAiB,CAAC"}
|
|
@@ -47,9 +47,13 @@ class RiskScoringEngine {
|
|
|
47
47
|
}
|
|
48
48
|
let totalScore = 0;
|
|
49
49
|
for (const finding of findings) {
|
|
50
|
-
const severityWeight = SEVERITY_WEIGHTS[finding.severity];
|
|
51
|
-
const categoryWeight = CATEGORY_WEIGHTS[finding.category];
|
|
52
|
-
|
|
50
|
+
const severityWeight = SEVERITY_WEIGHTS[finding.severity] || 1;
|
|
51
|
+
const categoryWeight = CATEGORY_WEIGHTS[finding.category] || 1;
|
|
52
|
+
// Handle undefined or invalid confidence values
|
|
53
|
+
const confidence = typeof finding.confidence === 'number' && !isNaN(finding.confidence)
|
|
54
|
+
? finding.confidence
|
|
55
|
+
: 80; // Default confidence
|
|
56
|
+
const confidenceMultiplier = confidence / 100;
|
|
53
57
|
totalScore += severityWeight * categoryWeight * confidenceMultiplier;
|
|
54
58
|
}
|
|
55
59
|
// Normalize score based on codebase size
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"riskScoring.js","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/riskScoring.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,0CAAgF;AAGhF;;GAEG;AACH,MAAM,gBAAgB,GAA6B;IACjD,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,GAAG;IACxB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,EAAE;IACnB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,EAAE;IACrB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,EAAE;IAClB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;CACnB,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoC;IACxD,CAAC,uBAAe,CAAC,OAAO,CAAC,EAAE,GAAG;IAC9B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,GAAG;IACpC,CAAC,uBAAe,CAAC,UAAU,CAAC,EAAE,GAAG;IACjC,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,GAAG;CACrC,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,IAAI,EAAE,EAAE;IACR,GAAG,EAAE,EAAE;IACP,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;CACT,CAAC;AAEF;;GAEG;AACH,MAAa,iBAAiB;IAC5B;;OAEG;IACH,kBAAkB,CAAC,QAAmB,EAAE,UAAkB;QACxD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,CAAC;QACX,CAAC;QAED,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"riskScoring.js","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/riskScoring.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,0CAAgF;AAGhF;;GAEG;AACH,MAAM,gBAAgB,GAA6B;IACjD,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,GAAG;IACxB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,EAAE;IACnB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,EAAE;IACrB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,EAAE;IAClB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;CACnB,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoC;IACxD,CAAC,uBAAe,CAAC,OAAO,CAAC,EAAE,GAAG;IAC9B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,GAAG;IACpC,CAAC,uBAAe,CAAC,UAAU,CAAC,EAAE,GAAG;IACjC,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,GAAG;CACrC,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,IAAI,EAAE,EAAE;IACR,GAAG,EAAE,EAAE;IACP,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;CACT,CAAC;AAEF;;GAEG;AACH,MAAa,iBAAiB;IAC5B;;OAEG;IACH,kBAAkB,CAAC,QAAmB,EAAE,UAAkB;QACxD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,CAAC;QACX,CAAC;QAED,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC/D,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC/D,gDAAgD;YAChD,MAAM,UAAU,GAAG,OAAO,OAAO,CAAC,UAAU,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC;gBACrF,CAAC,CAAC,OAAO,CAAC,UAAU;gBACpB,CAAC,CAAC,EAAE,CAAC,CAAC,qBAAqB;YAC7B,MAAM,oBAAoB,GAAG,UAAU,GAAG,GAAG,CAAC;YAE9C,UAAU,IAAI,cAAc,GAAG,cAAc,GAAG,oBAAoB,CAAC;QACvE,CAAC;QAED,yCAAyC;QACzC,iDAAiD;QACjD,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAE/D,qCAAqC;QACrC,MAAM,eAAe,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;QAEzE,OAAO,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,KAAa;QACxB,IAAI,KAAK,IAAI,eAAe,CAAC,IAAI;YAAE,OAAO,UAAU,CAAC;QACrD,IAAI,KAAK,IAAI,eAAe,CAAC,MAAM;YAAE,OAAO,MAAM,CAAC;QACnD,IAAI,KAAK,IAAI,eAAe,CAAC,GAAG;YAAE,OAAO,QAAQ,CAAC;QAClD,IAAI,KAAK,IAAI,eAAe,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAChD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,QAAmB;QACzC,MAAM,YAAY,GAA6B;YAC7C,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAClB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACpB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;SACnB,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,QAAmB;QACzC,MAAM,YAAY,GAAoC;YACpD,CAAC,uBAAe,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,CAAC;YAClC,CAAC,uBAAe,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,CAAC;SACnC,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAmB,EAAE,QAAgB,EAAE;QACzD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoD,CAAC;QAE5E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC;YACrF,OAAO,CAAC,KAAK,EAAE,CAAC;YAChB,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAQ,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAQ,CAAC,IAAI,EAAE,CAAC;gBACjF,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;aACjC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;aAC5C,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;aACtE,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,yBAAyB,CAAC,QAAmB;QAC3C,MAAM,YAAY,GAA2B,EAAE,CAAC;QAEhD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,QAAmB,EAAE,UAAkB,EAAE,UAAkB;QAMlF,MAAM,KAAK,GAAG,GAAG,GAAG,IAAI,CAAC,kBAAkB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAElE,kBAAkB;QAClB,IAAI,KAAa,CAAC;QAClB,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aACzB,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;aAC7B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;aAC7B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;aAC7B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;;YAC7B,KAAK,GAAG,GAAG,CAAC;QAEjB,kCAAkC;QAClC,MAAM,IAAI,GAAG,UAAU,GAAG,IAAI,CAAC;QAC/B,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9D,kCAAkC;QAClC,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACxC,CAAC,CAAC,QAAQ,KAAK,gBAAQ,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,KAAK,gBAAQ,CAAC,IAAI,CACjE,CAAC,MAAM,CAAC;QACT,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhF,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;YACxB,KAAK;YACL,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,eAAe,GAAG,GAAG,CAAC,GAAG,GAAG;YACxD,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,GAAG,CAAC,GAAG,GAAG;SACrD,CAAC;IACJ,CAAC;CACF;AA7JD,8CA6JC;AAED,kBAAe,iBAAiB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "secure-scan",
|
|
3
|
-
"version": "1.2.
|
|
3
|
+
"version": "1.2.3",
|
|
4
4
|
"description": "Herramienta SAST (Análisis Estático de Seguridad) para detectar vulnerabilidades y código malicioso.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"bin": {
|
|
@@ -39,6 +39,9 @@
|
|
|
39
39
|
"license": "MIT",
|
|
40
40
|
"dependencies": {
|
|
41
41
|
"@anthropic-ai/sdk": "^0.71.2",
|
|
42
|
+
"@babel/parser": "^7.23.0",
|
|
43
|
+
"@babel/traverse": "^7.23.0",
|
|
44
|
+
"@babel/types": "^7.23.0",
|
|
42
45
|
"chalk": "^4.1.2",
|
|
43
46
|
"commander": "^11.1.0",
|
|
44
47
|
"glob": "^10.3.10",
|