npm - secure-scan - Versions diffs - 1.2.2 - Mend

secure-scan 1.2.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (569) hide show

package/README.md +564 -0
package/dist/ai/aiAnalyzer.d.ts +99 -0
package/dist/ai/aiAnalyzer.d.ts.map +1 -0
package/dist/ai/aiAnalyzer.js +669 -0
package/dist/ai/aiAnalyzer.js.map +1 -0
package/dist/ai/index.d.ts +5 -0
package/dist/ai/index.d.ts.map +1 -0
package/dist/ai/index.js +21 -0
package/dist/ai/index.js.map +1 -0
package/dist/analyzers/base/baseAnalyzer.d.ts +44 -0
package/dist/analyzers/base/baseAnalyzer.d.ts.map +1 -0
package/dist/analyzers/base/baseAnalyzer.js +53 -0
package/dist/analyzers/base/baseAnalyzer.js.map +1 -0
package/dist/analyzers/base/index.d.ts +5 -0
package/dist/analyzers/base/index.d.ts.map +1 -0
package/dist/analyzers/base/index.js +21 -0
package/dist/analyzers/base/index.js.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts +60 -0
package/dist/analyzers/c-cpp/cppAnalyzer.d.ts.map +1 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js +218 -0
package/dist/analyzers/c-cpp/cppAnalyzer.js.map +1 -0
package/dist/analyzers/c-cpp/index.d.ts +5 -0
package/dist/analyzers/c-cpp/index.d.ts.map +1 -0
package/dist/analyzers/c-cpp/index.js +21 -0
package/dist/analyzers/c-cpp/index.js.map +1 -0
package/dist/analyzers/core/engine/index.d.ts +5 -0
package/dist/analyzers/core/engine/index.d.ts.map +1 -0
package/dist/analyzers/core/engine/index.js +21 -0
package/dist/analyzers/core/engine/index.js.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts +46 -0
package/dist/analyzers/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/analyzers/core/engine/ruleEngine.js +173 -0
package/dist/analyzers/core/engine/ruleEngine.js.map +1 -0
package/dist/analyzers/core/index.d.ts +8 -0
package/dist/analyzers/core/index.d.ts.map +1 -0
package/dist/analyzers/core/index.js +24 -0
package/dist/analyzers/core/index.js.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts +31 -0
package/dist/analyzers/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/analyzers/core/scanner/fileScanner.js +199 -0
package/dist/analyzers/core/scanner/fileScanner.js.map +1 -0
package/dist/analyzers/core/scanner/index.d.ts +5 -0
package/dist/analyzers/core/scanner/index.d.ts.map +1 -0
package/dist/analyzers/core/scanner/index.js +21 -0
package/dist/analyzers/core/scanner/index.js.map +1 -0
package/dist/analyzers/core/scoring/index.d.ts +5 -0
package/dist/analyzers/core/scoring/index.d.ts.map +1 -0
package/dist/analyzers/core/scoring/index.js +21 -0
package/dist/analyzers/core/scoring/index.js.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts +49 -0
package/dist/analyzers/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/analyzers/core/scoring/riskScoring.js +180 -0
package/dist/analyzers/core/scoring/riskScoring.js.map +1 -0
package/dist/analyzers/core/securityScanner.d.ts +47 -0
package/dist/analyzers/core/securityScanner.d.ts.map +1 -0
package/dist/analyzers/core/securityScanner.js +298 -0
package/dist/analyzers/core/securityScanner.js.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts +64 -0
package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/csharp/csharpAnalyzer.js +232 -0
package/dist/analyzers/csharp/csharpAnalyzer.js.map +1 -0
package/dist/analyzers/csharp/index.d.ts +5 -0
package/dist/analyzers/csharp/index.d.ts.map +1 -0
package/dist/analyzers/csharp/index.js +21 -0
package/dist/analyzers/csharp/index.js.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts +36 -0
package/dist/analyzers/iac/iacAnalyzer.d.ts.map +1 -0
package/dist/analyzers/iac/iacAnalyzer.js +182 -0
package/dist/analyzers/iac/iacAnalyzer.js.map +1 -0
package/dist/analyzers/iac/index.d.ts +5 -0
package/dist/analyzers/iac/index.d.ts.map +1 -0
package/dist/analyzers/iac/index.js +21 -0
package/dist/analyzers/iac/index.js.map +1 -0
package/dist/analyzers/index.d.ts +30 -0
package/dist/analyzers/index.d.ts.map +1 -0
package/dist/analyzers/index.js +80 -0
package/dist/analyzers/index.js.map +1 -0
package/dist/analyzers/java/index.d.ts +5 -0
package/dist/analyzers/java/index.d.ts.map +1 -0
package/dist/analyzers/java/index.js +21 -0
package/dist/analyzers/java/index.js.map +1 -0
package/dist/analyzers/java/javaAnalyzer.d.ts +64 -0
package/dist/analyzers/java/javaAnalyzer.d.ts.map +1 -0
package/dist/analyzers/java/javaAnalyzer.js +224 -0
package/dist/analyzers/java/javaAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/astUtils.d.ts +170 -0
package/dist/analyzers/javascript/astUtils.d.ts.map +1 -0
package/dist/analyzers/javascript/astUtils.js +700 -0
package/dist/analyzers/javascript/astUtils.js.map +1 -0
package/dist/analyzers/javascript/index.d.ts +18 -0
package/dist/analyzers/javascript/index.d.ts.map +1 -0
package/dist/analyzers/javascript/index.js +50 -0
package/dist/analyzers/javascript/index.js.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts +111 -0
package/dist/analyzers/javascript/javascriptAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js +860 -0
package/dist/analyzers/javascript/javascriptAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/malwareDetector.d.ts +102 -0
package/dist/analyzers/javascript/malwareDetector.d.ts.map +1 -0
package/dist/analyzers/javascript/malwareDetector.js +616 -0
package/dist/analyzers/javascript/malwareDetector.js.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts +87 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js +553 -0
package/dist/analyzers/javascript/packageJsonAnalyzer.js.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts +120 -0
package/dist/analyzers/javascript/taintAnalyzer.d.ts.map +1 -0
package/dist/analyzers/javascript/taintAnalyzer.js +526 -0
package/dist/analyzers/javascript/taintAnalyzer.js.map +1 -0
package/dist/analyzers/php/index.d.ts +5 -0
package/dist/analyzers/php/index.d.ts.map +1 -0
package/dist/analyzers/php/index.js +21 -0
package/dist/analyzers/php/index.js.map +1 -0
package/dist/analyzers/php/phpAnalyzer.d.ts +56 -0
package/dist/analyzers/php/phpAnalyzer.d.ts.map +1 -0
package/dist/analyzers/php/phpAnalyzer.js +202 -0
package/dist/analyzers/php/phpAnalyzer.js.map +1 -0
package/dist/analyzers/python/index.d.ts +5 -0
package/dist/analyzers/python/index.d.ts.map +1 -0
package/dist/analyzers/python/index.js +21 -0
package/dist/analyzers/python/index.js.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts +64 -0
package/dist/analyzers/python/pythonAnalyzer.d.ts.map +1 -0
package/dist/analyzers/python/pythonAnalyzer.js +226 -0
package/dist/analyzers/python/pythonAnalyzer.js.map +1 -0
package/dist/cli/index.d.ts +7 -0
package/dist/cli/index.d.ts.map +1 -0
package/dist/cli/index.js +281 -0
package/dist/cli/index.js.map +1 -0
package/dist/core/engine/index.d.ts +5 -0
package/dist/core/engine/index.d.ts.map +1 -0
package/dist/core/engine/index.js +21 -0
package/dist/core/engine/index.js.map +1 -0
package/dist/core/engine/ruleEngine.d.ts +46 -0
package/dist/core/engine/ruleEngine.d.ts.map +1 -0
package/dist/core/engine/ruleEngine.js +173 -0
package/dist/core/engine/ruleEngine.js.map +1 -0
package/dist/core/index.d.ts +8 -0
package/dist/core/index.d.ts.map +1 -0
package/dist/core/index.js +24 -0
package/dist/core/index.js.map +1 -0
package/dist/core/scanner/fileScanner.d.ts +31 -0
package/dist/core/scanner/fileScanner.d.ts.map +1 -0
package/dist/core/scanner/fileScanner.js +199 -0
package/dist/core/scanner/fileScanner.js.map +1 -0
package/dist/core/scanner/index.d.ts +5 -0
package/dist/core/scanner/index.d.ts.map +1 -0
package/dist/core/scanner/index.js +21 -0
package/dist/core/scanner/index.js.map +1 -0
package/dist/core/scoring/index.d.ts +5 -0
package/dist/core/scoring/index.d.ts.map +1 -0
package/dist/core/scoring/index.js +21 -0
package/dist/core/scoring/index.js.map +1 -0
package/dist/core/scoring/riskScoring.d.ts +49 -0
package/dist/core/scoring/riskScoring.d.ts.map +1 -0
package/dist/core/scoring/riskScoring.js +180 -0
package/dist/core/scoring/riskScoring.js.map +1 -0
package/dist/core/securityScanner.d.ts +47 -0
package/dist/core/securityScanner.d.ts.map +1 -0
package/dist/core/securityScanner.js +298 -0
package/dist/core/securityScanner.js.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts +96 -0
package/dist/dependencies/aiDependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/aiDependencyAnalyzer.js +435 -0
package/dist/dependencies/aiDependencyAnalyzer.js.map +1 -0
package/dist/dependencies/database/cveDatabase.d.ts +32 -0
package/dist/dependencies/database/cveDatabase.d.ts.map +1 -0
package/dist/dependencies/database/cveDatabase.js +393 -0
package/dist/dependencies/database/cveDatabase.js.map +1 -0
package/dist/dependencies/database/index.d.ts +6 -0
package/dist/dependencies/database/index.d.ts.map +1 -0
package/dist/dependencies/database/index.js +22 -0
package/dist/dependencies/database/index.js.map +1 -0
package/dist/dependencies/database/maliciousPackages.d.ts +43 -0
package/dist/dependencies/database/maliciousPackages.d.ts.map +1 -0
package/dist/dependencies/database/maliciousPackages.js +279 -0
package/dist/dependencies/database/maliciousPackages.js.map +1 -0
package/dist/dependencies/dependencyAnalyzer.d.ts +74 -0
package/dist/dependencies/dependencyAnalyzer.d.ts.map +1 -0
package/dist/dependencies/dependencyAnalyzer.js +349 -0
package/dist/dependencies/dependencyAnalyzer.js.map +1 -0
package/dist/dependencies/detectors/index.d.ts +7 -0
package/dist/dependencies/detectors/index.d.ts.map +1 -0
package/dist/dependencies/detectors/index.js +28 -0
package/dist/dependencies/detectors/index.js.map +1 -0
package/dist/dependencies/detectors/securityStandards.d.ts +15 -0
package/dist/dependencies/detectors/securityStandards.d.ts.map +1 -0
package/dist/dependencies/detectors/securityStandards.js +178 -0
package/dist/dependencies/detectors/securityStandards.js.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts +53 -0
package/dist/dependencies/detectors/vulnerabilityDetector.d.ts.map +1 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js +289 -0
package/dist/dependencies/detectors/vulnerabilityDetector.js.map +1 -0
package/dist/dependencies/index.d.ts +14 -0
package/dist/dependencies/index.d.ts.map +1 -0
package/dist/dependencies/index.js +43 -0
package/dist/dependencies/index.js.map +1 -0
package/dist/dependencies/installed/index.d.ts +8 -0
package/dist/dependencies/installed/index.d.ts.map +1 -0
package/dist/dependencies/installed/index.js +24 -0
package/dist/dependencies/installed/index.js.map +1 -0
package/dist/dependencies/installed/installedScanner.d.ts +91 -0
package/dist/dependencies/installed/installedScanner.d.ts.map +1 -0
package/dist/dependencies/installed/installedScanner.js +766 -0
package/dist/dependencies/installed/installedScanner.js.map +1 -0
package/dist/dependencies/installed/malwarePatterns.d.ts +32 -0
package/dist/dependencies/installed/malwarePatterns.d.ts.map +1 -0
package/dist/dependencies/installed/malwarePatterns.js +480 -0
package/dist/dependencies/installed/malwarePatterns.js.map +1 -0
package/dist/dependencies/installed/types.d.ts +274 -0
package/dist/dependencies/installed/types.d.ts.map +1 -0
package/dist/dependencies/installed/types.js +7 -0
package/dist/dependencies/installed/types.js.map +1 -0
package/dist/dependencies/parsers/base/baseParser.d.ts +44 -0
package/dist/dependencies/parsers/base/baseParser.d.ts.map +1 -0
package/dist/dependencies/parsers/base/baseParser.js +80 -0
package/dist/dependencies/parsers/base/baseParser.js.map +1 -0
package/dist/dependencies/parsers/base/index.d.ts +6 -0
package/dist/dependencies/parsers/base/index.d.ts.map +1 -0
package/dist/dependencies/parsers/base/index.js +27 -0
package/dist/dependencies/parsers/base/index.js.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts +36 -0
package/dist/dependencies/parsers/cpp/cppParser.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/cppParser.js +196 -0
package/dist/dependencies/parsers/cpp/cppParser.js.map +1 -0
package/dist/dependencies/parsers/cpp/index.d.ts +6 -0
package/dist/dependencies/parsers/cpp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/cpp/index.js +27 -0
package/dist/dependencies/parsers/cpp/index.js.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts +32 -0
package/dist/dependencies/parsers/csharp/csharpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/csharpParser.js +125 -0
package/dist/dependencies/parsers/csharp/csharpParser.js.map +1 -0
package/dist/dependencies/parsers/csharp/index.d.ts +6 -0
package/dist/dependencies/parsers/csharp/index.d.ts.map +1 -0
package/dist/dependencies/parsers/csharp/index.js +27 -0
package/dist/dependencies/parsers/csharp/index.js.map +1 -0
package/dist/dependencies/parsers/index.d.ts +24 -0
package/dist/dependencies/parsers/index.d.ts.map +1 -0
package/dist/dependencies/parsers/index.js +69 -0
package/dist/dependencies/parsers/index.js.map +1 -0
package/dist/dependencies/parsers/java/index.d.ts +6 -0
package/dist/dependencies/parsers/java/index.d.ts.map +1 -0
package/dist/dependencies/parsers/java/index.js +27 -0
package/dist/dependencies/parsers/java/index.js.map +1 -0
package/dist/dependencies/parsers/java/javaParser.d.ts +32 -0
package/dist/dependencies/parsers/java/javaParser.d.ts.map +1 -0
package/dist/dependencies/parsers/java/javaParser.js +168 -0
package/dist/dependencies/parsers/java/javaParser.js.map +1 -0
package/dist/dependencies/parsers/javascript/index.d.ts +6 -0
package/dist/dependencies/parsers/javascript/index.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/index.js +27 -0
package/dist/dependencies/parsers/javascript/index.js.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts +55 -0
package/dist/dependencies/parsers/javascript/javascriptParser.d.ts.map +1 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js +266 -0
package/dist/dependencies/parsers/javascript/javascriptParser.js.map +1 -0
package/dist/dependencies/parsers/php/index.d.ts +6 -0
package/dist/dependencies/parsers/php/index.d.ts.map +1 -0
package/dist/dependencies/parsers/php/index.js +27 -0
package/dist/dependencies/parsers/php/index.js.map +1 -0
package/dist/dependencies/parsers/php/phpParser.d.ts +35 -0
package/dist/dependencies/parsers/php/phpParser.d.ts.map +1 -0
package/dist/dependencies/parsers/php/phpParser.js +162 -0
package/dist/dependencies/parsers/php/phpParser.js.map +1 -0
package/dist/dependencies/parsers/python/index.d.ts +6 -0
package/dist/dependencies/parsers/python/index.d.ts.map +1 -0
package/dist/dependencies/parsers/python/index.js +27 -0
package/dist/dependencies/parsers/python/index.js.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts +60 -0
package/dist/dependencies/parsers/python/pythonParser.d.ts.map +1 -0
package/dist/dependencies/parsers/python/pythonParser.js +336 -0
package/dist/dependencies/parsers/python/pythonParser.js.map +1 -0
package/dist/dependencies/types.d.ts +280 -0
package/dist/dependencies/types.d.ts.map +1 -0
package/dist/dependencies/types.js +59 -0
package/dist/dependencies/types.js.map +1 -0
package/dist/i18n/index.d.ts +2 -0
package/dist/i18n/index.d.ts.map +1 -0
package/dist/i18n/index.js +18 -0
package/dist/i18n/index.js.map +1 -0
package/dist/i18n/translations.d.ts +55 -0
package/dist/i18n/translations.d.ts.map +1 -0
package/dist/i18n/translations.js +119 -0
package/dist/i18n/translations.js.map +1 -0
package/dist/index.d.ts +14 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +36 -0
package/dist/index.js.map +1 -0
package/dist/reports/dependencyReportGenerator.d.ts +20 -0
package/dist/reports/dependencyReportGenerator.d.ts.map +1 -0
package/dist/reports/dependencyReportGenerator.js +690 -0
package/dist/reports/dependencyReportGenerator.js.map +1 -0
package/dist/reports/htmlReportGenerator.d.ts +43 -0
package/dist/reports/htmlReportGenerator.d.ts.map +1 -0
package/dist/reports/htmlReportGenerator.js +793 -0
package/dist/reports/htmlReportGenerator.js.map +1 -0
package/dist/reports/index.d.ts +7 -0
package/dist/reports/index.d.ts.map +1 -0
package/dist/reports/index.js +23 -0
package/dist/reports/index.js.map +1 -0
package/dist/reports/installedDepsReportGenerator.d.ts +14 -0
package/dist/reports/installedDepsReportGenerator.d.ts.map +1 -0
package/dist/reports/installedDepsReportGenerator.js +872 -0
package/dist/reports/installedDepsReportGenerator.js.map +1 -0
package/dist/rules/index.d.ts +31 -0
package/dist/rules/index.d.ts.map +1 -0
package/dist/rules/index.js +95 -0
package/dist/rules/index.js.map +1 -0
package/dist/rules/malware/categories/backdoors.d.ts +12 -0
package/dist/rules/malware/categories/backdoors.d.ts.map +1 -0
package/dist/rules/malware/categories/backdoors.js +163 -0
package/dist/rules/malware/categories/backdoors.js.map +1 -0
package/dist/rules/malware/categories/cryptominers.d.ts +13 -0
package/dist/rules/malware/categories/cryptominers.d.ts.map +1 -0
package/dist/rules/malware/categories/cryptominers.js +415 -0
package/dist/rules/malware/categories/cryptominers.js.map +1 -0
package/dist/rules/malware/categories/exfiltration.d.ts +20 -0
package/dist/rules/malware/categories/exfiltration.d.ts.map +1 -0
package/dist/rules/malware/categories/exfiltration.js +658 -0
package/dist/rules/malware/categories/exfiltration.js.map +1 -0
package/dist/rules/malware/categories/keyloggers.d.ts +19 -0
package/dist/rules/malware/categories/keyloggers.d.ts.map +1 -0
package/dist/rules/malware/categories/keyloggers.js +763 -0
package/dist/rules/malware/categories/keyloggers.js.map +1 -0
package/dist/rules/malware/categories/loaders.d.ts +20 -0
package/dist/rules/malware/categories/loaders.d.ts.map +1 -0
package/dist/rules/malware/categories/loaders.js +702 -0
package/dist/rules/malware/categories/loaders.js.map +1 -0
package/dist/rules/malware/categories/network.d.ts +19 -0
package/dist/rules/malware/categories/network.d.ts.map +1 -0
package/dist/rules/malware/categories/network.js +622 -0
package/dist/rules/malware/categories/network.js.map +1 -0
package/dist/rules/malware/categories/obfuscation.d.ts +22 -0
package/dist/rules/malware/categories/obfuscation.d.ts.map +1 -0
package/dist/rules/malware/categories/obfuscation.js +766 -0
package/dist/rules/malware/categories/obfuscation.js.map +1 -0
package/dist/rules/malware/constants/index.d.ts +281 -0
package/dist/rules/malware/constants/index.d.ts.map +1 -0
package/dist/rules/malware/constants/index.js +327 -0
package/dist/rules/malware/constants/index.js.map +1 -0
package/dist/rules/malware/engine/index.d.ts +178 -0
package/dist/rules/malware/engine/index.d.ts.map +1 -0
package/dist/rules/malware/engine/index.js +552 -0
package/dist/rules/malware/engine/index.js.map +1 -0
package/dist/rules/malware/index.d.ts +205 -0
package/dist/rules/malware/index.d.ts.map +1 -0
package/dist/rules/malware/index.js +837 -0
package/dist/rules/malware/index.js.map +1 -0
package/dist/rules/malware/scoring/index.d.ts +84 -0
package/dist/rules/malware/scoring/index.d.ts.map +1 -0
package/dist/rules/malware/scoring/index.js +441 -0
package/dist/rules/malware/scoring/index.js.map +1 -0
package/dist/rules/malware/types/index.d.ts +616 -0
package/dist/rules/malware/types/index.d.ts.map +1 -0
package/dist/rules/malware/types/index.js +155 -0
package/dist/rules/malware/types/index.js.map +1 -0
package/dist/rules/malware/utils/index.d.ts +117 -0
package/dist/rules/malware/utils/index.d.ts.map +1 -0
package/dist/rules/malware/utils/index.js +514 -0
package/dist/rules/malware/utils/index.js.map +1 -0
package/dist/rules/standards.d.ts +26 -0
package/dist/rules/standards.d.ts.map +1 -0
package/dist/rules/standards.js +352 -0
package/dist/rules/standards.js.map +1 -0
package/dist/rules/vulnerabilities/constants/index.d.ts +835 -0
package/dist/rules/vulnerabilities/constants/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/constants/index.js +544 -0
package/dist/rules/vulnerabilities/constants/index.js.map +1 -0
package/dist/rules/vulnerabilities/engine/index.d.ts +145 -0
package/dist/rules/vulnerabilities/engine/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/engine/index.js +581 -0
package/dist/rules/vulnerabilities/engine/index.js.map +1 -0
package/dist/rules/vulnerabilities/index.d.ts +148 -0
package/dist/rules/vulnerabilities/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/index.js +252 -0
package/dist/rules/vulnerabilities/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/authentication.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/authentication.js +419 -0
package/dist/rules/vulnerabilities/rules/authentication.js.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/commandInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js +300 -0
package/dist/rules/vulnerabilities/rules/commandInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/csrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/csrf.js +261 -0
package/dist/rules/vulnerabilities/rules/csrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/deserialization.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/deserialization.js +336 -0
package/dist/rules/vulnerabilities/rules/deserialization.js.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/fileUpload.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js +325 -0
package/dist/rules/vulnerabilities/rules/fileUpload.js.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js +446 -0
package/dist/rules/vulnerabilities/rules/hardcodedSecrets.js.map +1 -0
package/dist/rules/vulnerabilities/rules/index.d.ts +17 -0
package/dist/rules/vulnerabilities/rules/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/index.js +47 -0
package/dist/rules/vulnerabilities/rules/index.js.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js +351 -0
package/dist/rules/vulnerabilities/rules/pathTraversal.js.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js +272 -0
package/dist/rules/vulnerabilities/rules/prototypePollution.js.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js +438 -0
package/dist/rules/vulnerabilities/rules/securityMisconfiguration.js.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts +12 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js +636 -0
package/dist/rules/vulnerabilities/rules/sqlInjection.js.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts +8 -0
package/dist/rules/vulnerabilities/rules/ssrf.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/ssrf.js +401 -0
package/dist/rules/vulnerabilities/rules/ssrf.js.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts +11 -0
package/dist/rules/vulnerabilities/rules/xss.d.ts.map +1 -0
package/dist/rules/vulnerabilities/rules/xss.js +724 -0
package/dist/rules/vulnerabilities/rules/xss.js.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts +80 -0
package/dist/rules/vulnerabilities/scoring/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/scoring/index.js +414 -0
package/dist/rules/vulnerabilities/scoring/index.js.map +1 -0
package/dist/rules/vulnerabilities/types/index.d.ts +830 -0
package/dist/rules/vulnerabilities/types/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/types/index.js +164 -0
package/dist/rules/vulnerabilities/types/index.js.map +1 -0
package/dist/rules/vulnerabilities/utils/index.d.ts +206 -0
package/dist/rules/vulnerabilities/utils/index.d.ts.map +1 -0
package/dist/rules/vulnerabilities/utils/index.js +615 -0
package/dist/rules/vulnerabilities/utils/index.js.map +1 -0
package/dist/types/index.d.ts +359 -0
package/dist/types/index.d.ts.map +1 -0
package/dist/types/index.js +61 -0
package/dist/types/index.js.map +1 -0
package/dist/utils/index.d.ts +82 -0
package/dist/utils/index.d.ts.map +1 -0
package/dist/utils/index.js +326 -0
package/dist/utils/index.js.map +1 -0
package/dist/utils/logger.d.ts +40 -0
package/dist/utils/logger.d.ts.map +1 -0
package/dist/utils/logger.js +139 -0
package/dist/utils/logger.js.map +1 -0
package/docs/ARCHITECTURE.md +320 -0
package/docs/V1.2.1-IA_Performances.md +116 -0
package/docs/images/WIN_Defender.png +0 -0
package/package.json +68 -0
package/secure-scan.config.json +134 -0
package/secure-scan.sln +29 -0
package/src/ai/aiAnalyzer.ts +714 -0
package/src/ai/index.ts +5 -0
package/src/analyzers/base/baseAnalyzer.ts +66 -0
package/src/analyzers/base/index.ts +5 -0
package/src/analyzers/c-cpp/cppAnalyzer.ts +308 -0
package/src/analyzers/c-cpp/index.ts +5 -0
package/src/analyzers/core/engine/index.ts +5 -0
package/src/analyzers/core/engine/ruleEngine.ts +221 -0
package/src/analyzers/core/index.ts +8 -0
package/src/analyzers/core/scanner/fileScanner.ts +204 -0
package/src/analyzers/core/scanner/index.ts +5 -0
package/src/analyzers/core/scoring/index.ts +5 -0
package/src/analyzers/core/scoring/riskScoring.ts +198 -0
package/src/analyzers/core/securityScanner.ts +321 -0
package/src/analyzers/csharp/csharpAnalyzer.ts +328 -0
package/src/analyzers/csharp/index.ts +5 -0
package/src/analyzers/iac/iacAnalyzer.ts +318 -0
package/src/analyzers/iac/index.ts +5 -0
package/src/analyzers/index.ts +67 -0
package/src/analyzers/java/index.ts +5 -0
package/src/analyzers/java/javaAnalyzer.ts +320 -0
package/src/analyzers/javascript/PROMPT_JS_ANALYZER.md +267 -0
package/src/analyzers/javascript/astUtils.ts +789 -0
package/src/analyzers/javascript/index.ts +50 -0
package/src/analyzers/javascript/javascriptAnalyzer.ts +984 -0
package/src/analyzers/javascript/malwareDetector.ts +697 -0
package/src/analyzers/javascript/packageJsonAnalyzer.ts +626 -0
package/src/analyzers/javascript/taintAnalyzer.ts +630 -0
package/src/analyzers/php/index.ts +5 -0
package/src/analyzers/php/phpAnalyzer.ts +280 -0
package/src/analyzers/python/index.ts +5 -0
package/src/analyzers/python/pythonAnalyzer.ts +319 -0
package/src/cli/index.ts +276 -0
package/src/dependencies/aiDependencyAnalyzer.ts +496 -0
package/src/dependencies/database/cveDatabase.ts +426 -0
package/src/dependencies/database/index.ts +6 -0
package/src/dependencies/database/maliciousPackages.ts +286 -0
package/src/dependencies/dependencyAnalyzer.ts +394 -0
package/src/dependencies/detectors/index.ts +7 -0
package/src/dependencies/detectors/securityStandards.ts +200 -0
package/src/dependencies/detectors/vulnerabilityDetector.ts +343 -0
package/src/dependencies/index.ts +27 -0
package/src/dependencies/installed/index.ts +8 -0
package/src/dependencies/installed/installedScanner.ts +821 -0
package/src/dependencies/installed/malwarePatterns.ts +492 -0
package/src/dependencies/installed/types.ts +287 -0
package/src/dependencies/parsers/base/baseParser.ts +108 -0
package/src/dependencies/parsers/base/index.ts +6 -0
package/src/dependencies/parsers/cpp/cppParser.ts +245 -0
package/src/dependencies/parsers/cpp/index.ts +6 -0
package/src/dependencies/parsers/csharp/csharpParser.ts +151 -0
package/src/dependencies/parsers/csharp/index.ts +6 -0
package/src/dependencies/parsers/index.ts +56 -0
package/src/dependencies/parsers/java/index.ts +6 -0
package/src/dependencies/parsers/java/javaParser.ts +203 -0
package/src/dependencies/parsers/javascript/index.ts +6 -0
package/src/dependencies/parsers/javascript/javascriptParser.ts +362 -0
package/src/dependencies/parsers/php/index.ts +6 -0
package/src/dependencies/parsers/php/phpParser.ts +208 -0
package/src/dependencies/parsers/python/index.ts +6 -0
package/src/dependencies/parsers/python/pythonParser.ts +437 -0
package/src/dependencies/types.ts +330 -0
package/src/i18n/index.ts +1 -0
package/src/i18n/translations.ts +194 -0
package/src/index.ts +16 -0
package/src/reports/dependencyReportGenerator.ts +717 -0
package/src/reports/htmlReportGenerator.ts +781 -0
package/src/reports/index.ts +7 -0
package/src/reports/installedDepsReportGenerator.ts +899 -0
package/src/rules/index.ts +58 -0
package/src/rules/malware/INFO.md +287 -0
package/src/rules/malware/categories/backdoors.ts +174 -0
package/src/rules/malware/categories/cryptominers.ts +434 -0
package/src/rules/malware/categories/exfiltration.ts +677 -0
package/src/rules/malware/categories/keyloggers.ts +780 -0
package/src/rules/malware/categories/loaders.ts +721 -0
package/src/rules/malware/categories/network.ts +639 -0
package/src/rules/malware/categories/obfuscation.ts +788 -0
package/src/rules/malware/constants/index.ts +358 -0
package/src/rules/malware/engine/index.ts +758 -0
package/src/rules/malware/index.ts +928 -0
package/src/rules/malware/scoring/index.ts +549 -0
package/src/rules/malware/types/index.ts +752 -0
package/src/rules/malware/utils/index.ts +643 -0
package/src/rules/standards.ts +372 -0
package/src/rules/vulnerabilities/PROMPT_VULNERABILITIES.md +226 -0
package/src/rules/vulnerabilities/constants/index.ts +625 -0
package/src/rules/vulnerabilities/engine/index.ts +831 -0
package/src/rules/vulnerabilities/index.ts +312 -0
package/src/rules/vulnerabilities/rules/authentication.ts +426 -0
package/src/rules/vulnerabilities/rules/commandInjection.ts +307 -0
package/src/rules/vulnerabilities/rules/csrf.ts +268 -0
package/src/rules/vulnerabilities/rules/deserialization.ts +343 -0
package/src/rules/vulnerabilities/rules/fileUpload.ts +332 -0
package/src/rules/vulnerabilities/rules/hardcodedSecrets.ts +453 -0
package/src/rules/vulnerabilities/rules/index.ts +17 -0
package/src/rules/vulnerabilities/rules/pathTraversal.ts +358 -0
package/src/rules/vulnerabilities/rules/prototypePollution.ts +279 -0
package/src/rules/vulnerabilities/rules/securityMisconfiguration.ts +445 -0
package/src/rules/vulnerabilities/rules/sqlInjection.ts +669 -0
package/src/rules/vulnerabilities/rules/ssrf.ts +408 -0
package/src/rules/vulnerabilities/rules/xss.ts +753 -0
package/src/rules/vulnerabilities/scoring/index.ts +543 -0
package/src/rules/vulnerabilities/types/index.ts +1004 -0
package/src/rules/vulnerabilities/utils/index.ts +709 -0
package/src/types/index.ts +391 -0
package/src/utils/index.ts +306 -0
package/src/utils/logger.ts +150 -0
package/test-installed-scanner.ts +136 -0
package/tsconfig.json +30 -0

package/src/types/index.ts ADDED Viewed

@@ -0,0 +1,391 @@
+/**
+ * Tipos principales para Secure-Scan SAST
+ * Definiciones de tipos para análisis de seguridad
+ */
+/**
+ * Lenguajes de programación soportados para análisis
+ */
+export type SupportedLanguage =
+  | 'javascript'
+  | 'typescript'
+  | 'python'
+  | 'php'
+  | 'java'
+  | 'c'
+  | 'cpp'
+  | 'csharp'
+  | 'dockerfile'
+  | 'yaml'
+  | 'terraform';
+/**
+ * Severity levels for findings
+ */
+export enum Severity {
+  INFO = 'info',
+  LOW = 'low',
+  MEDIUM = 'medium',
+  HIGH = 'high',
+  CRITICAL = 'critical'
+}
+/**
+ * Security standard references
+ */
+export interface SecurityStandard {
+  /** Standard name (OWASP, CWE, MITRE, SANS) */
+  name: 'OWASP' | 'CWE' | 'MITRE' | 'SANS';
+  /** Standard ID (e.g., CWE-79, A01:2021) */
+  id: string;
+  /** Standard title */
+  title: string;
+  /** Standard description */
+  description: string;
+  /** URL to standard documentation */
+  url?: string;
+}
+/**
+ * Type of threat detected
+ */
+export enum ThreatType {
+  // Vulnerabilities
+  SQL_INJECTION = 'sql_injection',
+  COMMAND_INJECTION = 'command_injection',
+  XSS = 'xss',
+  CSRF = 'csrf',
+  INSECURE_DESERIALIZATION = 'insecure_deserialization',
+  HARDCODED_CREDENTIALS = 'hardcoded_credentials',
+  PATH_TRAVERSAL = 'path_traversal',
+  LDAP_INJECTION = 'ldap_injection',
+  INSECURE_CRYPTO = 'insecure_crypto',
+  WEAK_RANDOM = 'weak_random',
+  DANGEROUS_FUNCTION = 'dangerous_function',
+  VULNERABLE_DEPENDENCY = 'vulnerable_dependency',
+  INFORMATION_DISCLOSURE = 'information_disclosure',
+  BROKEN_ACCESS_CONTROL = 'broken_access_control',
+  SECURITY_MISCONFIGURATION = 'security_misconfiguration',
+  // Malware
+  BACKDOOR = 'backdoor',
+  KEYLOGGER = 'keylogger',
+  CRYPTOMINER = 'cryptominer',
+  OBFUSCATED_CODE = 'obfuscated_code',
+  EMBEDDED_PAYLOAD = 'embedded_payload',
+  REVERSE_SHELL = 'reverse_shell',
+  DATA_EXFILTRATION = 'data_exfiltration',
+  SUSPICIOUS_NETWORK = 'suspicious_network',
+  MALICIOUS_LOADER = 'malicious_loader'
+}
+/**
+ * Category of finding
+ */
+export enum FindingCategory {
+  VULNERABILITY = 'vulnerability',
+  MALWARE = 'malware',
+  CODE_SMELL = 'code_smell',
+  BEST_PRACTICE = 'best_practice'
+}
+/**
+ * Source location in code
+ */
+export interface SourceLocation {
+  /** File path relative to project root */
+  file: string;
+  /** Start line number (1-indexed) */
+  startLine: number;
+  /** End line number (1-indexed) */
+  endLine: number;
+  /** Start column (optional) */
+  startColumn?: number;
+  /** End column (optional) */
+  endColumn?: number;
+}
+/**
+ * Code snippet with context
+ */
+export interface CodeSnippet {
+  /** The vulnerable/malicious code */
+  code: string;
+  /** Lines before for context */
+  contextBefore?: string;
+  /** Lines after for context */
+  contextAfter?: string;
+  /** Highlighted portion */
+  highlight?: {
+    start: number;
+    end: number;
+  };
+}
+/**
+ * Security finding from analysis
+ */
+export interface Finding {
+  /** Unique finding ID */
+  id: string;
+  /** Finding title */
+  title: string;
+  /** Detailed description */
+  description: string;
+  /** Severity level */
+  severity: Severity;
+  /** Type of threat */
+  threatType: ThreatType;
+  /** Category of finding */
+  category: FindingCategory;
+  /** Source location */
+  location: SourceLocation;
+  /** Code snippet */
+  snippet: CodeSnippet;
+  /** Related security standards */
+  standards: SecurityStandard[];
+  /** Remediation advice */
+  remediation: string;
+  /** Confidence level (0-100) */
+  confidence: number;
+  /** Detected by which analyzer */
+  analyzer: string;
+  /** Detection timestamp */
+  timestamp: Date;
+  /** Tags for categorization */
+  tags: string[];
+  /** AI-generated explanation (if available) */
+  aiExplanation?: string;
+  /** Suggested fix (if available) */
+  suggestedFix?: string;
+}
+/**
+ * File information for scanning
+ */
+export interface ScannedFile {
+  /** Absolute file path */
+  absolutePath: string;
+  /** Relative path from project root */
+  relativePath: string;
+  /** File extension */
+  extension: string;
+  /** Detected language */
+  language: SupportedLanguage | null;
+  /** File size in bytes */
+  size: number;
+  /** File content */
+  content: string;
+  /** Line count */
+  lineCount: number;
+  /** SHA256 hash of content */
+  hash: string;
+}
+/**
+ * Scan statistics
+ */
+export interface ScanStats {
+  /** Total files scanned */
+  totalFiles: number;
+  /** Total lines of code */
+  totalLines: number;
+  /** Files by language */
+  filesByLanguage: Record<string, number>;
+  /** Findings by severity */
+  findingsBySeverity: Record<Severity, number>;
+  /** Findings by category */
+  findingsByCategory: Record<FindingCategory, number>;
+  /** Scan duration in milliseconds */
+  duration: number;
+  /** Scan start time */
+  startTime: Date;
+  /** Scan end time */
+  endTime: Date;
+}
+/**
+ * Complete scan result
+ */
+export interface ScanResult {
+  /** Project path */
+  projectPath: string;
+  /** Project name */
+  projectName: string;
+  /** Scan ID */
+  scanId: string;
+  /** All findings */
+  findings: Finding[];
+  /** Scan statistics */
+  stats: ScanStats;
+  /** Risk score (0-100) */
+  riskScore: number;
+  /** Risk level */
+  riskLevel: 'safe' | 'low' | 'medium' | 'high' | 'critical';
+  /** Scanned files */
+  scannedFiles: ScannedFile[];
+  /** Configuration used */
+  config: ScanConfig;
+}
+/**
+ * Scan configuration
+ */
+export interface ScanConfig {
+  /** Project path to scan */
+  projectPath: string;
+  /** Output file path */
+  outputPath?: string;
+  /** Languages to analyze */
+  languages?: SupportedLanguage[];
+  /** Patterns to exclude */
+  exclude?: string[];
+  /** Minimum severity to report */
+  minSeverity?: Severity;
+  /** Enable AI analysis */
+  useAI?: boolean;
+  /** AI provider configuration */
+  aiConfig?: AIConfig;
+  /** Verbose output */
+  verbose?: boolean;
+  /** Custom rules */
+  customRules?: string[];
+  /** Disabled rules */
+  disabledRules?: string[];
+  /** Maximum file size to scan (bytes) */
+  maxFileSize?: number;
+  /** Timeout per file (ms) */
+  fileTimeout?: number;
+  /** Report language (es = Spanish, en = English) */
+  language?: 'es' | 'en';
+}
+/**
+ * AI configuration
+ */
+export interface AIConfig {
+  /** AI provider (auto-detected if not specified) */
+  provider: 'openai' | 'anthropic' | 'google' | 'gemini' | 'local' | 'auto';
+  /** API key */
+  apiKey?: string;
+  /** Model to use */
+  model?: string;
+  /** API endpoint (for local models) */
+  endpoint?: string;
+  /** Max tokens per request */
+  maxTokens?: number;
+  /** Temperature for generation */
+  temperature?: number;
+  /** Performance options for local models */
+  performance?: LocalAIPerformanceConfig;
+}
+/**
+ * Performance configuration for local AI models
+ */
+export interface LocalAIPerformanceConfig {
+  /** Number of parallel requests (default: 1) */
+  parallelRequests?: number;
+  /** Number of GPU layers to use (-1 for all, 0 for CPU only) */
+  numGpuLayers?: number;
+  /** Number of threads to use (default: auto) */
+  numThreads?: number;
+  /** Context size in tokens (default: 4096) */
+  contextSize?: number;
+  /** Batch size for processing (default: 512) */
+  batchSize?: number;
+  /** Enable result caching */
+  enableCache?: boolean;
+  /** Use mmap for model loading */
+  useMmap?: boolean;
+  /** Use mlock to keep model in memory */
+  useMlock?: boolean;
+  /** Timeout per request in milliseconds (default: 120000) */
+  timeout?: number;
+}
+/**
+ * Rule definition for detection
+ */
+export interface Rule {
+  /** Unique rule ID */
+  id: string;
+  /** Rule name */
+  name: string;
+  /** Rule description */
+  description: string;
+  /** Languages this rule applies to */
+  languages: SupportedLanguage[];
+  /** Threat type this rule detects */
+  threatType: ThreatType;
+  /** Category */
+  category: FindingCategory;
+  /** Default severity */
+  severity: Severity;
+  /** Related standards */
+  standards: SecurityStandard[];
+  /** Detection patterns */
+  patterns: RulePattern[];
+  /** Remediation template */
+  remediation: string;
+  /** Is rule enabled by default */
+  enabled: boolean;
+  /** Tags */
+  tags: string[];
+}
+/**
+ * Pattern for rule matching
+ */
+export interface RulePattern {
+  /** Pattern type */
+  type: 'regex' | 'ast' | 'semantic';
+  /** Pattern value */
+  pattern: string;
+  /** Pattern flags */
+  flags?: string;
+  /** Additional conditions */
+  conditions?: PatternCondition[];
+}
+/**
+ * Condition for pattern matching
+ */
+export interface PatternCondition {
+  /** Condition type */
+  type: 'context' | 'scope' | 'dataflow';
+  /** Condition value */
+  value: string;
+  /** Is negated */
+  negated?: boolean;
+}
+/**
+ * Analyzer plugin interface
+ */
+export interface Analyzer {
+  /** Analyzer name */
+  name: string;
+  /** Supported languages */
+  languages: SupportedLanguage[];
+  /** Analyzer version */
+  version: string;
+  /** Initialize analyzer */
+  initialize(): Promise<void>;
+  /** Analyze a file */
+  analyze(file: ScannedFile, rules: Rule[]): Promise<Finding[]>;
+  /** Cleanup resources */
+  cleanup(): Promise<void>;
+}
+/**
+ * Report generator interface
+ */
+export interface ReportGenerator {
+  /** Generator name */
+  name: string;
+  /** Output format */
+  format: 'html' | 'json' | 'pdf' | 'sarif';
+  /** Generate report */
+  generate(result: ScanResult): Promise<string>;
+}

package/src/utils/index.ts ADDED Viewed

@@ -0,0 +1,306 @@
+/**
+ * Utility Functions for Secure-Scan
+ */
+import * as crypto from 'crypto';
+import * as path from 'path';
+import { SupportedLanguage, Severity } from '../types';
+/**
+ * Generate a unique ID
+ */
+export function generateId(): string {
+  return `SS-${Date.now().toString(36)}-${crypto.randomBytes(4).toString('hex')}`;
+}
+/**
+ * Calculate SHA256 hash of content
+ */
+export function calculateHash(content: string): string {
+  return crypto.createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Get language from file extension
+ */
+export function getLanguageFromExtension(filePath: string): SupportedLanguage | null {
+  const ext = path.extname(filePath).toLowerCase();
+  const extensionMap: Record<string, SupportedLanguage> = {
+    '.js': 'javascript',
+    '.jsx': 'javascript',
+    '.mjs': 'javascript',
+    '.cjs': 'javascript',
+    '.ts': 'typescript',
+    '.tsx': 'typescript',
+    '.py': 'python',
+    '.pyw': 'python',
+    '.php': 'php',
+    '.phtml': 'php',
+    '.php3': 'php',
+    '.php4': 'php',
+    '.php5': 'php',
+    '.java': 'java',
+    '.c': 'c',
+    '.h': 'c',
+    '.cpp': 'cpp',
+    '.cc': 'cpp',
+    '.cxx': 'cpp',
+    '.hpp': 'cpp',
+    '.hxx': 'cpp',
+    '.cs': 'csharp',
+    '.dockerfile': 'dockerfile',
+    '.yaml': 'yaml',
+    '.yml': 'yaml',
+    '.tf': 'terraform',
+    '.tfvars': 'terraform'
+  };
+  // Check for Dockerfile without extension
+  if (path.basename(filePath).toLowerCase() === 'dockerfile') {
+    return 'dockerfile';
+  }
+  return extensionMap[ext] || null;
+}
+/**
+ * Check if file should be excluded
+ */
+export function shouldExclude(filePath: string, excludePatterns: string[]): boolean {
+  const normalizedPath = filePath.replace(/\\/g, '/');
+  const defaultExcludes = [
+    'node_modules',
+    'vendor',
+    '.git',
+    'dist',
+    'build',
+    'out',
+    '__pycache__',
+    '.venv',
+    'venv',
+    '.env',
+    'coverage',
+    '.nyc_output',
+    '.next',
+    '.nuxt'
+  ];
+  const allExcludes = [...defaultExcludes, ...excludePatterns];
+  return allExcludes.some(pattern => {
+    // Simple pattern matching
+    if (normalizedPath.includes(`/${pattern}/`) ||
+        normalizedPath.includes(`/${pattern}`) ||
+        normalizedPath.startsWith(`${pattern}/`)) {
+      return true;
+    }
+    return false;
+  });
+}
+/**
+ * Get file extension for syntax highlighting
+ */
+export function getHighlightLanguage(language: SupportedLanguage | null): string {
+  const highlightMap: Record<SupportedLanguage, string> = {
+    'javascript': 'javascript',
+    'typescript': 'typescript',
+    'python': 'python',
+    'php': 'php',
+    'java': 'java',
+    'c': 'c',
+    'cpp': 'cpp',
+    'csharp': 'csharp',
+    'dockerfile': 'dockerfile',
+    'yaml': 'yaml',
+    'terraform': 'hcl'
+  };
+  return language ? highlightMap[language] : 'plaintext';
+}
+/**
+ * Extract code context around a line
+ */
+export function extractCodeContext(
+  content: string,
+  lineNumber: number,
+  contextLines: number = 3
+): { code: string; contextBefore: string; contextAfter: string } {
+  const lines = content.split('\n');
+  const targetLine = lineNumber - 1; // Convert to 0-indexed
+  const startBefore = Math.max(0, targetLine - contextLines);
+  const endAfter = Math.min(lines.length, targetLine + contextLines + 1);
+  const contextBefore = lines.slice(startBefore, targetLine).join('\n');
+  const code = lines[targetLine] || '';
+  const contextAfter = lines.slice(targetLine + 1, endAfter).join('\n');
+  return { code, contextBefore, contextAfter };
+}
+/**
+ * Count lines in content
+ */
+export function countLines(content: string): number {
+  return content.split('\n').length;
+}
+/**
+ * Severity to numeric value for comparison
+ */
+export function severityToNumber(severity: Severity): number {
+  const map: Record<Severity, number> = {
+    [Severity.INFO]: 0,
+    [Severity.LOW]: 1,
+    [Severity.MEDIUM]: 2,
+    [Severity.HIGH]: 3,
+    [Severity.CRITICAL]: 4
+  };
+  return map[severity];
+}
+/**
+ * Compare severities
+ */
+export function isHigherOrEqualSeverity(a: Severity, b: Severity): boolean {
+  return severityToNumber(a) >= severityToNumber(b);
+}
+/**
+ * Get severity color for reporting
+ */
+export function getSeverityColor(severity: Severity): string {
+  const colors: Record<Severity, string> = {
+    [Severity.INFO]: '#17a2b8',
+    [Severity.LOW]: '#28a745',
+    [Severity.MEDIUM]: '#ffc107',
+    [Severity.HIGH]: '#fd7e14',
+    [Severity.CRITICAL]: '#dc3545'
+  };
+  return colors[severity];
+}
+/**
+ * Get severity badge class
+ */
+export function getSeverityBadge(severity: Severity): string {
+  const badges: Record<Severity, string> = {
+    [Severity.INFO]: 'badge-info',
+    [Severity.LOW]: 'badge-success',
+    [Severity.MEDIUM]: 'badge-warning',
+    [Severity.HIGH]: 'badge-orange',
+    [Severity.CRITICAL]: 'badge-danger'
+  };
+  return badges[severity];
+}
+/**
+ * Format duration for display
+ */
+export function formatDuration(ms: number): string {
+  if (ms < 1000) {
+    return `${ms}ms`;
+  }
+  if (ms < 60000) {
+    return `${(ms / 1000).toFixed(2)}s`;
+  }
+  const minutes = Math.floor(ms / 60000);
+  const seconds = ((ms % 60000) / 1000).toFixed(0);
+  return `${minutes}m ${seconds}s`;
+}
+/**
+ * Escape HTML for safe display
+ */
+export function escapeHtml(text: string): string {
+  const escapeMap: Record<string, string> = {
+    '&': '&amp;',
+    '<': '&lt;',
+    '>': '&gt;',
+    '"': '&quot;',
+    "'": '&#039;'
+  };
+  return text.replace(/[&<>"']/g, char => escapeMap[char]);
+}
+/**
+ * Truncate text with ellipsis
+ */
+export function truncate(text: string, maxLength: number): string {
+  if (text.length <= maxLength) return text;
+  return text.substring(0, maxLength - 3) + '...';
+}
+/**
+ * Check if string looks like Base64
+ */
+export function isBase64Like(str: string): boolean {
+  // Check if string looks like base64 encoded content
+  if (str.length < 20) return false;
+  const base64Regex = /^[A-Za-z0-9+/=]{20,}$/;
+  return base64Regex.test(str.replace(/\s/g, ''));
+}
+/**
+ * Check if string looks like hex encoded
+ */
+export function isHexEncoded(str: string): boolean {
+  if (str.length < 20 || str.length % 2 !== 0) return false;
+  const hexRegex = /^[0-9a-fA-F]+$/;
+  return hexRegex.test(str);
+}
+/**
+ * Calculate Shannon entropy of a string
+ * High entropy suggests encrypted/compressed/obfuscated content
+ */
+export function calculateEntropy(str: string): number {
+  if (str.length === 0) return 0;
+  const frequencies: Record<string, number> = {};
+  for (const char of str) {
+    frequencies[char] = (frequencies[char] || 0) + 1;
+  }
+  let entropy = 0;
+  const len = str.length;
+  for (const count of Object.values(frequencies)) {
+    const probability = count / len;
+    entropy -= probability * Math.log2(probability);
+  }
+  return entropy;
+}
+/**
+ * Check if code appears obfuscated based on entropy and patterns
+ */
+export function looksObfuscated(code: string): boolean {
+  // Check entropy - obfuscated code tends to have higher entropy
+  const entropy = calculateEntropy(code);
+  if (entropy > 5.5) return true;
+  // Check for common obfuscation patterns
+  const obfuscationPatterns = [
+    /\\x[0-9a-f]{2}/gi, // Hex escape sequences
+    /\\u[0-9a-f]{4}/gi, // Unicode escape sequences
+    /['"][^'"]{100,}['"]/g, // Very long strings
+    /\b[a-z]{1}[0-9]{4,}\b/gi, // Variables like a12345
+    /\(\s*function\s*\(\s*\)\s*{[\s\S]*}\s*\)\s*\(\s*\)/g, // IIFE obfuscation
+    /eval\s*\(\s*atob\s*\(/gi, // eval(atob(...))
+    /String\.fromCharCode/gi, // Character code generation
+  ];
+  let patternMatches = 0;
+  for (const pattern of obfuscationPatterns) {
+    if (pattern.test(code)) {
+      patternMatches++;
+    }
+  }
+  return patternMatches >= 2;
+}