secure-scan 1.2.2

package/dist/analyzers/php/phpAnalyzer.js

@@ -0,0 +1,202 @@
+"use strict";
+/**
+ * PHP Analyzer
+ * Specialized analyzer for PHP code
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PHPAnalyzer = void 0;
+const base_1 = require("../base");
+const types_1 = require("../../types");
+const utils_1 = require("../../utils");
+const standards_1 = require("../../rules/standards");
+/**
+ * PHP Analyzer Class
+ */
+class PHPAnalyzer extends base_1.BaseAnalyzer {
+    name = 'PHP Analyzer';
+    languages = ['php'];
+    version = '1.0.0';
+    /**
+     * Analyze PHP file
+     */
+    async analyze(file, rules) {
+        const findings = [];
+        // Filter rules for PHP
+        const phpRules = rules.filter(r => r.languages.includes('php'));
+        // Run rule engine
+        const ruleFindings = await this.ruleEngine.analyzeFile(file, phpRules);
+        findings.push(...ruleFindings);
+        // Additional PHP-specific analysis
+        const customFindings = await this.customAnalysis(file);
+        findings.push(...customFindings);
+        return findings;
+    }
+    /**
+     * Custom PHP-specific analysis
+     */
+    async customAnalysis(file) {
+        const findings = [];
+        const lines = file.content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            const lineNum = i + 1;
+            // Check for dangerous functions
+            if (this.checkDangerousFunctions(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Dangerous PHP Function', 'Use of a function that can execute arbitrary code or commands.', types_1.Severity.CRITICAL, types_1.ThreatType.DANGEROUS_FUNCTION));
+            }
+            // Check for file inclusion vulnerabilities
+            if (this.checkFileInclusion(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Potential File Inclusion Vulnerability', 'File include with user-controlled input can lead to LFI/RFI.', types_1.Severity.CRITICAL, types_1.ThreatType.PATH_TRAVERSAL));
+            }
+            // Check for SQL injection patterns
+            if (this.checkSqlInjection(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Potential SQL Injection', 'Direct variable interpolation in SQL query detected.', types_1.Severity.CRITICAL, types_1.ThreatType.SQL_INJECTION));
+            }
+            // Check for XSS vulnerabilities
+            if (this.checkXss(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Potential Cross-Site Scripting (XSS)', 'User input echoed without proper escaping.', types_1.Severity.HIGH, types_1.ThreatType.XSS));
+            }
+            // Check for insecure session configuration
+            if (this.checkInsecureSession(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Insecure Session Configuration', 'Session configuration may be insecure.', types_1.Severity.MEDIUM, types_1.ThreatType.SECURITY_MISCONFIGURATION));
+            }
+            // Check for disable_functions bypass attempts
+            if (this.checkBypassAttempts(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Security Bypass Attempt', 'Code attempts to bypass PHP security restrictions.', types_1.Severity.CRITICAL, types_1.ThreatType.BACKDOOR));
+            }
+            // Check for web shell patterns
+            if (this.checkWebShell(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Web Shell Pattern Detected', 'Code pattern consistent with a PHP web shell.', types_1.Severity.CRITICAL, types_1.ThreatType.BACKDOOR));
+            }
+        }
+        return findings;
+    }
+    /**
+     * Check for dangerous functions
+     */
+    checkDangerousFunctions(line) {
+        const dangerous = [
+            /\bassert\s*\(\s*\$/,
+            /\bpreg_replace\s*\([^)]*\/[^)]*e['"]/i,
+            /\bcreate_function\s*\(/,
+            /\barray_map\s*\(\s*['"]\w+['"],\s*\$/,
+            /\barray_filter\s*\(\s*\$[^,]*,\s*['"]\w+['"]\)/,
+            /\busort\s*\(\s*\$[^,]*,\s*['"]\w+['"]\)/,
+            /\bregister_shutdown_function\s*\(\s*\$/,
+            /\bregister_tick_function\s*\(\s*\$/
+        ];
+        return dangerous.some(p => p.test(line));
+    }
+    /**
+     * Check for file inclusion vulnerabilities
+     */
+    checkFileInclusion(line) {
+        const patterns = [
+            /\b(?:include|require|include_once|require_once)\s*\(\s*\$_(?:GET|POST|REQUEST|COOKIE)/i,
+            /\b(?:include|require|include_once|require_once)\s*\(\s*\$(?!_)[a-zA-Z_]/i,
+            /\bfile_get_contents\s*\(\s*\$_/i,
+            /\bfopen\s*\(\s*\$_/i,
+            /\breadf(?:ile)?\s*\(\s*\$_/i
+        ];
+        return patterns.some(p => p.test(line));
+    }
+    /**
+     * Check for SQL injection
+     */
+    checkSqlInjection(line) {
+        const patterns = [
+            /\$(?:query|sql)\s*=\s*["'].*\.\s*\$_(?:GET|POST|REQUEST)/i,
+            /mysql_query\s*\([^)]*\.\s*\$_/i,
+            /mysqli_query\s*\([^)]*\.\s*\$_/i,
+            /\$(?:pdo|db|conn)->query\s*\([^)]*\.\s*\$_/i,
+            /["']SELECT[^'"]*\.\s*\$_/i,
+            /["']INSERT[^'"]*\.\s*\$_/i,
+            /["']UPDATE[^'"]*\.\s*\$_/i,
+            /["']DELETE[^'"]*\.\s*\$_/i
+        ];
+        return patterns.some(p => p.test(line));
+    }
+    /**
+     * Check for XSS
+     */
+    checkXss(line) {
+        const patterns = [
+            /echo\s+\$_(?:GET|POST|REQUEST|COOKIE)/i,
+            /print\s+\$_(?:GET|POST|REQUEST|COOKIE)/i,
+            /<?=\s*\$_(?:GET|POST|REQUEST|COOKIE)/i,
+            /echo\s+\$[a-zA-Z_]+[^;]*;\s*(?!.*htmlspecialchars|.*htmlentities|.*strip_tags)/
+        ];
+        return patterns.some(p => p.test(line));
+    }
+    /**
+     * Check for insecure session configuration
+     */
+    checkInsecureSession(line) {
+        const patterns = [
+            /session\.cookie_httponly\s*=\s*(?:0|false|off)/i,
+            /session\.cookie_secure\s*=\s*(?:0|false|off)/i,
+            /session\.use_strict_mode\s*=\s*(?:0|false|off)/i,
+            /ini_set\s*\(\s*['"]session\.cookie_httponly['"]\s*,\s*(?:0|false|'0'|'false')/i
+        ];
+        return patterns.some(p => p.test(line));
+    }
+    /**
+     * Check for security bypass attempts
+     */
+    checkBypassAttempts(line) {
+        const patterns = [
+            /\bini_set\s*\(\s*['"]disable_functions['"]/i,
+            /\bini_restore\s*\(/i,
+            /\bputenv\s*\(\s*['"]LD_PRELOAD/i,
+            /\bmail\s*\([^)]*-X\s/i,
+            /\bimap_open\s*\([^)]*\\x00/i
+        ];
+        return patterns.some(p => p.test(line));
+    }
+    /**
+     * Check for web shell patterns
+     */
+    checkWebShell(line) {
+        const patterns = [
+            /\$_(?:GET|POST|REQUEST)\s*\[[^\]]+\]\s*\(\s*\$_(?:GET|POST|REQUEST)/i,
+            /eval\s*\(\s*(?:base64_decode|gzinflate|gzuncompress|str_rot13)\s*\(/i,
+            /\$\w+\s*=\s*str_replace\s*\([^)]+\)\s*;\s*\$\w+\s*\(/,
+            /\$\{\s*\$_(?:GET|POST|REQUEST)/i,
+            /\$\w+\s*=\s*\$_(?:GET|POST|REQUEST)[^;]+;\s*@?\$\w+\s*\(/
+        ];
+        return patterns.some(p => p.test(line));
+    }
+    /**
+     * Create generic finding
+     */
+    createFinding(file, lineNum, title, description, severity, threatType) {
+        const context = (0, utils_1.extractCodeContext)(file.content, lineNum, 2);
+        return {
+            id: (0, utils_1.generateId)(),
+            title,
+            description,
+            severity,
+            threatType,
+            category: types_1.FindingCategory.VULNERABILITY,
+            location: {
+                file: file.relativePath,
+                startLine: lineNum,
+                endLine: lineNum
+            },
+            snippet: {
+                code: context.code,
+                contextBefore: context.contextBefore,
+                contextAfter: context.contextAfter
+            },
+            standards: (0, standards_1.getStandardsForThreat)(threatType),
+            remediation: 'Review and fix the identified issue.',
+            confidence: 80,
+            analyzer: this.name,
+            timestamp: new Date(),
+            tags: ['php']
+        };
+    }
+}
+exports.PHPAnalyzer = PHPAnalyzer;
+exports.default = PHPAnalyzer;
+//# sourceMappingURL=phpAnalyzer.js.map

package/dist/analyzers/php/phpAnalyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"phpAnalyzer.js","sourceRoot":"","sources":["../../../src/analyzers/php/phpAnalyzer.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,kCAAuC;AACvC,uCAAmH;AACnH,uCAA6D;AAC7D,qDAA8D;AAE9D;;GAEG;AACH,MAAa,WAAY,SAAQ,mBAAY;IAC3C,IAAI,GAAG,cAAc,CAAC;IACtB,SAAS,GAAwB,CAAC,KAAK,CAAC,CAAC;IACzC,OAAO,GAAG,OAAO,CAAC;IAElB;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,IAAiB,EAAE,KAAa;QAC5C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;QAEhE,kBAAkB;QAClB,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QACvE,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;QAE/B,mCAAmC;QACnC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QACvD,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;QAEjC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAAC,IAAiB;QAC5C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAEvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;YAEtB,gCAAgC;YAChC,IAAI,IAAI,CAAC,uBAAuB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,wBAAwB,EACxB,gEAAgE,EAChE,gBAAQ,CAAC,QAAQ,EACjB,kBAAU,CAAC,kBAAkB,CAC9B,CAAC,CAAC;YACL,CAAC;YAED,2CAA2C;YAC3C,IAAI,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,wCAAwC,EACxC,8DAA8D,EAC9D,gBAAQ,CAAC,QAAQ,EACjB,kBAAU,CAAC,cAAc,CAC1B,CAAC,CAAC;YACL,CAAC;YAED,mCAAmC;YACnC,IAAI,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,yBAAyB,EACzB,sDAAsD,EACtD,gBAAQ,CAAC,QAAQ,EACjB,kBAAU,CAAC,aAAa,CACzB,CAAC,CAAC;YACL,CAAC;YAED,gCAAgC;YAChC,IAAI,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,sCAAsC,EACtC,4CAA4C,EAC5C,gBAAQ,CAAC,IAAI,EACb,kBAAU,CAAC,GAAG,CACf,CAAC,CAAC;YACL,CAAC;YAED,2CAA2C;YAC3C,IAAI,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,gCAAgC,EAChC,wCAAwC,EACxC,gBAAQ,CAAC,MAAM,EACf,kBAAU,CAAC,yBAAyB,CACrC,CAAC,CAAC;YACL,CAAC;YAED,8CAA8C;YAC9C,IAAI,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,yBAAyB,EACzB,oDAAoD,EACpD,gBAAQ,CAAC,QAAQ,EACjB,kBAAU,CAAC,QAAQ,CACpB,CAAC,CAAC;YACL,CAAC;YAED,+BAA+B;YAC/B,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,4BAA4B,EAC5B,+CAA+C,EAC/C,gBAAQ,CAAC,QAAQ,EACjB,kBAAU,CAAC,QAAQ,CACpB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,uBAAuB,CAAC,IAAY;QAC1C,MAAM,SAAS,GAAG;YAChB,oBAAoB;YACpB,uCAAuC;YACvC,wBAAwB;YACxB,sCAAsC;YACtC,gDAAgD;YAChD,yCAAyC;YACzC,wCAAwC;YACxC,oCAAoC;SACrC,CAAC;QACF,OAAO,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,IAAY;QACrC,MAAM,QAAQ,GAAG;YACf,wFAAwF;YACxF,0EAA0E;YAC1E,iCAAiC;YACjC,qBAAqB;YACrB,6BAA6B;SAC9B,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,IAAY;QACpC,MAAM,QAAQ,GAAG;YACf,2DAA2D;YAC3D,gCAAgC;YAChC,iCAAiC;YACjC,6CAA6C;YAC7C,2BAA2B;YAC3B,2BAA2B;YAC3B,2BAA2B;YAC3B,2BAA2B;SAC5B,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,QAAQ,CAAC,IAAY;QAC3B,MAAM,QAAQ,GAAG;YACf,wCAAwC;YACxC,yCAAyC;YACzC,uCAAuC;YACvC,gFAAgF;SACjF,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,IAAY;QACvC,MAAM,QAAQ,GAAG;YACf,iDAAiD;YACjD,+CAA+C;YAC/C,iDAAiD;YACjD,gFAAgF;SACjF,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,IAAY;QACtC,MAAM,QAAQ,GAAG;YACf,6CAA6C;YAC7C,qBAAqB;YACrB,iCAAiC;YACjC,uBAAuB;YACvB,6BAA6B;SAC9B,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,IAAY;QAChC,MAAM,QAAQ,GAAG;YACf,sEAAsE;YACtE,sEAAsE;YACtE,sDAAsD;YACtD,iCAAiC;YACjC,0DAA0D;SAC3D,CAAC;QACF,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,aAAa,CACnB,IAAiB,EACjB,OAAe,EACf,KAAa,EACb,WAAmB,EACnB,QAAkB,EAClB,UAAsB;QAEtB,MAAM,OAAO,GAAG,IAAA,0BAAkB,EAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;QAE7D,OAAO;YACL,EAAE,EAAE,IAAA,kBAAU,GAAE;YAChB,KAAK;YACL,WAAW;YACX,QAAQ;YACR,UAAU;YACV,QAAQ,EAAE,uBAAe,CAAC,aAAa;YACvC,QAAQ,EAAE;gBACR,IAAI,EAAE,IAAI,CAAC,YAAY;gBACvB,SAAS,EAAE,OAAO;gBAClB,OAAO,EAAE,OAAO;aACjB;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,YAAY,EAAE,OAAO,CAAC,YAAY;aACnC;YACD,SAAS,EAAE,IAAA,iCAAqB,EAAC,UAAU,CAAC;YAC5C,WAAW,EAAE,sCAAsC;YACnD,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,IAAI,EAAE,CAAC,KAAK,CAAC;SACd,CAAC;IACJ,CAAC;CACF;AAxQD,kCAwQC;AAED,kBAAe,WAAW,CAAC"}

package/dist/analyzers/python/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Python Analyzer Exports
+ */
+export * from './pythonAnalyzer';
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzers/python/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analyzers/python/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,kBAAkB,CAAC"}

package/dist/analyzers/python/index.js

@@ -0,0 +1,21 @@
+"use strict";
+/**
+ * Python Analyzer Exports
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./pythonAnalyzer"), exports);
+//# sourceMappingURL=index.js.map

package/dist/analyzers/python/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyzers/python/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;AAEH,mDAAiC"}

package/dist/analyzers/python/pythonAnalyzer.d.ts

@@ -0,0 +1,64 @@
+/**
+ * Python Analyzer
+ * Specialized analyzer for Python code
+ */
+import { BaseAnalyzer } from '../base';
+import { ScannedFile, Finding, Rule, SupportedLanguage } from '../../types';
+/**
+ * Python Analyzer Class
+ */
+export declare class PythonAnalyzer extends BaseAnalyzer {
+    name: string;
+    languages: SupportedLanguage[];
+    version: string;
+    /**
+     * Analyze Python file
+     */
+    analyze(file: ScannedFile, rules: Rule[]): Promise<Finding[]>;
+    /**
+     * Custom Python-specific analysis
+     */
+    private customAnalysis;
+    /**
+     * Check for dangerous imports
+     */
+    private checkDangerousImports;
+    /**
+     * Check for pickle usage
+     */
+    private checkPickleUsage;
+    /**
+     * Check for unsafe YAML load
+     */
+    private checkUnsafeYamlLoad;
+    /**
+     * Check for subprocess with shell=True
+     */
+    private checkSubprocessShell;
+    /**
+     * Check for tarfile extraction without validation
+     */
+    private checkTarfileTraversal;
+    /**
+     * Check for Flask debug mode
+     */
+    private checkFlaskDebug;
+    /**
+     * Check for Django settings issues
+     */
+    private checkDjangoSettings;
+    /**
+     * Check for compile/exec usage
+     */
+    private checkCompileExec;
+    /**
+     * Analyze requirements.txt
+     */
+    private analyzeRequirements;
+    /**
+     * Create generic finding
+     */
+    private createFinding;
+}
+export default PythonAnalyzer;
+//# sourceMappingURL=pythonAnalyzer.d.ts.map

package/dist/analyzers/python/pythonAnalyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pythonAnalyzer.d.ts","sourceRoot":"","sources":["../../../src/analyzers/python/pythonAnalyzer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAyC,MAAM,aAAa,CAAC;AAKnH;;GAEG;AACH,qBAAa,cAAe,SAAQ,YAAY;IAC9C,IAAI,SAAqB;IACzB,SAAS,EAAE,iBAAiB,EAAE,CAAc;IAC5C,OAAO,SAAW;IAElB;;OAEG;IACG,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;IAiBnE;;OAEG;YACW,cAAc;IAkH5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAY7B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAIxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAU3B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAI5B;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAI7B;;OAEG;IACH,OAAO,CAAC,eAAe;IAKvB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAS3B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAIxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA2C3B;;OAEG;IACH,OAAO,CAAC,aAAa;CAmCtB;AAED,eAAe,cAAc,CAAC"}

package/dist/analyzers/python/pythonAnalyzer.js

@@ -0,0 +1,226 @@
+"use strict";
+/**
+ * Python Analyzer
+ * Specialized analyzer for Python code
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.PythonAnalyzer = void 0;
+const base_1 = require("../base");
+const types_1 = require("../../types");
+const utils_1 = require("../../utils");
+const standards_1 = require("../../rules/standards");
+/**
+ * Python Analyzer Class
+ */
+class PythonAnalyzer extends base_1.BaseAnalyzer {
+    name = 'Python Analyzer';
+    languages = ['python'];
+    version = '1.0.0';
+    /**
+     * Analyze Python file
+     */
+    async analyze(file, rules) {
+        const findings = [];
+        // Filter rules for Python
+        const pyRules = rules.filter(r => r.languages.includes('python'));
+        // Run rule engine
+        const ruleFindings = await this.ruleEngine.analyzeFile(file, pyRules);
+        findings.push(...ruleFindings);
+        // Additional Python-specific analysis
+        const customFindings = await this.customAnalysis(file);
+        findings.push(...customFindings);
+        return findings;
+    }
+    /**
+     * Custom Python-specific analysis
+     */
+    async customAnalysis(file) {
+        const findings = [];
+        const lines = file.content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            const lineNum = i + 1;
+            // Check for dangerous imports
+            if (this.checkDangerousImports(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Potentially Dangerous Import', 'Import of a module commonly used in malware or exploits.', types_1.Severity.MEDIUM, types_1.ThreatType.DANGEROUS_FUNCTION));
+            }
+            // Check for pickle usage
+            if (this.checkPickleUsage(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Insecure Pickle Deserialization', 'Pickle can execute arbitrary code during deserialization.', types_1.Severity.HIGH, types_1.ThreatType.INSECURE_DESERIALIZATION));
+            }
+            // Check for YAML unsafe load
+            if (this.checkUnsafeYamlLoad(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Insecure YAML Load', 'yaml.load() without Loader can execute arbitrary Python code.', types_1.Severity.HIGH, types_1.ThreatType.INSECURE_DESERIALIZATION));
+            }
+            // Check for subprocess shell=True
+            if (this.checkSubprocessShell(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Subprocess with shell=True', 'Using shell=True with subprocess can lead to command injection.', types_1.Severity.HIGH, types_1.ThreatType.COMMAND_INJECTION));
+            }
+            // Check for tarfile path traversal
+            if (this.checkTarfileTraversal(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Tarfile Path Traversal Risk', 'Extracting tar files without validation can lead to path traversal.', types_1.Severity.MEDIUM, types_1.ThreatType.PATH_TRAVERSAL));
+            }
+            // Check for Flask debug mode
+            if (this.checkFlaskDebug(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Flask Debug Mode Enabled', 'Debug mode in production exposes the Werkzeug debugger.', types_1.Severity.HIGH, types_1.ThreatType.SECURITY_MISCONFIGURATION));
+            }
+            // Check for Django settings vulnerabilities
+            if (this.checkDjangoSettings(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Insecure Django Configuration', 'Insecure Django setting detected.', types_1.Severity.MEDIUM, types_1.ThreatType.SECURITY_MISCONFIGURATION));
+            }
+            // Check for compile/exec with input
+            if (this.checkCompileExec(line)) {
+                findings.push(this.createFinding(file, lineNum, 'Dynamic Code Compilation/Execution', 'compile() or exec() may execute arbitrary code.', types_1.Severity.HIGH, types_1.ThreatType.DANGEROUS_FUNCTION));
+            }
+        }
+        // Check for requirements.txt if exists
+        if (file.relativePath.endsWith('requirements.txt')) {
+            const reqFindings = this.analyzeRequirements(file);
+            findings.push(...reqFindings);
+        }
+        return findings;
+    }
+    /**
+     * Check for dangerous imports
+     */
+    checkDangerousImports(line) {
+        const dangerousModules = [
+            /^import\s+ctypes/,
+            /^from\s+ctypes\s+import/,
+            /^import\s+mmap/,
+            /^import\s+pyHook/,
+            /^import\s+pythoncom/,
+            /^import\s+pynput/
+        ];
+        return dangerousModules.some(p => p.test(line.trim()));
+    }
+    /**
+     * Check for pickle usage
+     */
+    checkPickleUsage(line) {
+        return /pickle\.loads?\s*\(/.test(line) || /cPickle\.loads?\s*\(/.test(line);
+    }
+    /**
+     * Check for unsafe YAML load
+     */
+    checkUnsafeYamlLoad(line) {
+        if (/yaml\.load\s*\(/.test(line)) {
+            // Check if Loader is specified
+            if (!/Loader\s*=/.test(line) && !/yaml\.safe_load/.test(line)) {
+                return true;
+            }
+        }
+        return false;
+    }
+    /**
+     * Check for subprocess with shell=True
+     */
+    checkSubprocessShell(line) {
+        return /subprocess\.(?:Popen|call|run|check_output|check_call)\s*\([^)]*shell\s*=\s*True/.test(line);
+    }
+    /**
+     * Check for tarfile extraction without validation
+     */
+    checkTarfileTraversal(line) {
+        return /\.extractall\s*\(/.test(line) || /\.extract\s*\(/.test(line);
+    }
+    /**
+     * Check for Flask debug mode
+     */
+    checkFlaskDebug(line) {
+        return /app\.run\s*\([^)]*debug\s*=\s*True/.test(line) ||
+            /DEBUG\s*=\s*True/.test(line);
+    }
+    /**
+     * Check for Django settings issues
+     */
+    checkDjangoSettings(line) {
+        const issues = [
+            /DEBUG\s*=\s*True/,
+            /SECRET_KEY\s*=\s*['"]/,
+            /ALLOWED_HOSTS\s*=\s*\[\s*['"]?\*['"]?\s*\]/
+        ];
+        return issues.some(p => p.test(line));
+    }
+    /**
+     * Check for compile/exec usage
+     */
+    checkCompileExec(line) {
+        return /\bexec\s*\(/.test(line) || /\bcompile\s*\([^)]*['"]\bexec\b['"]\)/.test(line);
+    }
+    /**
+     * Analyze requirements.txt
+     */
+    analyzeRequirements(file) {
+        const findings = [];
+        const lines = file.content.split('\n');
+        // Known vulnerable packages (simplified list)
+        const vulnerablePackages = {
+            'pyyaml': { version: '<5.4', severity: types_1.Severity.HIGH, description: 'Arbitrary code execution via yaml.load()' },
+            'django': { version: '<3.2.4', severity: types_1.Severity.HIGH, description: 'Multiple security vulnerabilities' },
+            'flask': { version: '<2.0', severity: types_1.Severity.MEDIUM, description: 'Security improvements in newer versions' },
+            'requests': { version: '<2.20.0', severity: types_1.Severity.MEDIUM, description: 'CVE-2018-18074 - HTTPS verification bypass' }
+        };
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i].trim().toLowerCase();
+            for (const [pkg, info] of Object.entries(vulnerablePackages)) {
+                if (line.startsWith(pkg + '==') || line.startsWith(pkg + '<') || line === pkg) {
+                    findings.push({
+                        id: (0, utils_1.generateId)(),
+                        title: `Potentially Vulnerable Package: ${pkg}`,
+                        description: `${info.description}. Consider upgrading.`,
+                        severity: info.severity,
+                        threatType: types_1.ThreatType.VULNERABLE_DEPENDENCY,
+                        category: types_1.FindingCategory.VULNERABILITY,
+                        location: {
+                            file: file.relativePath,
+                            startLine: i + 1,
+                            endLine: i + 1
+                        },
+                        snippet: { code: lines[i] },
+                        standards: (0, standards_1.getStandardsForThreat)(types_1.ThreatType.VULNERABLE_DEPENDENCY),
+                        remediation: `Upgrade ${pkg} to the latest secure version.`,
+                        confidence: 60,
+                        analyzer: this.name,
+                        timestamp: new Date(),
+                        tags: ['dependency', 'vulnerable', 'python']
+                    });
+                }
+            }
+        }
+        return findings;
+    }
+    /**
+     * Create generic finding
+     */
+    createFinding(file, lineNum, title, description, severity, threatType) {
+        const context = (0, utils_1.extractCodeContext)(file.content, lineNum, 2);
+        return {
+            id: (0, utils_1.generateId)(),
+            title,
+            description,
+            severity,
+            threatType,
+            category: types_1.FindingCategory.VULNERABILITY,
+            location: {
+                file: file.relativePath,
+                startLine: lineNum,
+                endLine: lineNum
+            },
+            snippet: {
+                code: context.code,
+                contextBefore: context.contextBefore,
+                contextAfter: context.contextAfter
+            },
+            standards: (0, standards_1.getStandardsForThreat)(threatType),
+            remediation: 'Review and fix the identified issue.',
+            confidence: 75,
+            analyzer: this.name,
+            timestamp: new Date(),
+            tags: ['python']
+        };
+    }
+}
+exports.PythonAnalyzer = PythonAnalyzer;
+exports.default = PythonAnalyzer;
+//# sourceMappingURL=pythonAnalyzer.js.map

package/dist/analyzers/python/pythonAnalyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pythonAnalyzer.js","sourceRoot":"","sources":["../../../src/analyzers/python/pythonAnalyzer.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,kCAAuC;AACvC,uCAAmH;AACnH,uCAA8E;AAC9E,qDAA8D;AAG9D;;GAEG;AACH,MAAa,cAAe,SAAQ,mBAAY;IAC9C,IAAI,GAAG,iBAAiB,CAAC;IACzB,SAAS,GAAwB,CAAC,QAAQ,CAAC,CAAC;IAC5C,OAAO,GAAG,OAAO,CAAC;IAElB;;OAEG;IACH,KAAK,CAAC,OAAO,CAAC,IAAiB,EAAE,KAAa;QAC5C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,0BAA0B;QAC1B,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;QAElE,kBAAkB;QAClB,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACtE,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;QAE/B,sCAAsC;QACtC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;QACvD,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;QAEjC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAAC,IAAiB;QAC5C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAEvC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;YAEtB,8BAA8B;YAC9B,IAAI,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,8BAA8B,EAC9B,0DAA0D,EAC1D,gBAAQ,CAAC,MAAM,EACf,kBAAU,CAAC,kBAAkB,CAC9B,CAAC,CAAC;YACL,CAAC;YAED,yBAAyB;YACzB,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,iCAAiC,EACjC,2DAA2D,EAC3D,gBAAQ,CAAC,IAAI,EACb,kBAAU,CAAC,wBAAwB,CACpC,CAAC,CAAC;YACL,CAAC;YAED,6BAA6B;YAC7B,IAAI,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,oBAAoB,EACpB,+DAA+D,EAC/D,gBAAQ,CAAC,IAAI,EACb,kBAAU,CAAC,wBAAwB,CACpC,CAAC,CAAC;YACL,CAAC;YAED,kCAAkC;YAClC,IAAI,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,4BAA4B,EAC5B,iEAAiE,EACjE,gBAAQ,CAAC,IAAI,EACb,kBAAU,CAAC,iBAAiB,CAC7B,CAAC,CAAC;YACL,CAAC;YAED,mCAAmC;YACnC,IAAI,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACrC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,6BAA6B,EAC7B,qEAAqE,EACrE,gBAAQ,CAAC,MAAM,EACf,kBAAU,CAAC,cAAc,CAC1B,CAAC,CAAC;YACL,CAAC;YAED,6BAA6B;YAC7B,IAAI,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,0BAA0B,EAC1B,yDAAyD,EACzD,gBAAQ,CAAC,IAAI,EACb,kBAAU,CAAC,yBAAyB,CACrC,CAAC,CAAC;YACL,CAAC;YAED,4CAA4C;YAC5C,IAAI,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,+BAA+B,EAC/B,mCAAmC,EACnC,gBAAQ,CAAC,MAAM,EACf,kBAAU,CAAC,yBAAyB,CACrC,CAAC,CAAC;YACL,CAAC;YAED,oCAAoC;YACpC,IAAI,IAAI,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,aAAa,CAC9B,IAAI,EACJ,OAAO,EACP,oCAAoC,EACpC,iDAAiD,EACjD,gBAAQ,CAAC,IAAI,EACb,kBAAU,CAAC,kBAAkB,CAC9B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,uCAAuC;QACvC,IAAI,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,kBAAkB,CAAC,EAAE,CAAC;YACnD,MAAM,WAAW,GAAG,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC;YACnD,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;QAChC,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,IAAY;QACxC,MAAM,gBAAgB,GAAG;YACvB,kBAAkB;YAClB,yBAAyB;YACzB,gBAAgB;YAChB,kBAAkB;YAClB,qBAAqB;YACrB,kBAAkB;SACnB,CAAC;QACF,OAAO,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;IACzD,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,IAAY;QACnC,OAAO,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/E,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,IAAY;QACtC,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,+BAA+B;YAC/B,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC9D,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,IAAY;QACvC,OAAO,kFAAkF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvG,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,IAAY;QACxC,OAAO,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,IAAY;QAClC,OAAO,oCAAoC,CAAC,IAAI,CAAC,IAAI,CAAC;YAC/C,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvC,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,IAAY;QACtC,MAAM,MAAM,GAAG;YACb,kBAAkB;YAClB,uBAAuB;YACvB,4CAA4C;SAC7C,CAAC;QACF,OAAO,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;IACxC,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,IAAY;QACnC,OAAO,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxF,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,IAAiB;QAC3C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAEvC,8CAA8C;QAC9C,MAAM,kBAAkB,GAAiF;YACvG,QAAQ,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,0CAA0C,EAAE;YAC/G,QAAQ,EAAE,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,gBAAQ,CAAC,IAAI,EAAE,WAAW,EAAE,mCAAmC,EAAE;YAC1G,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,yCAAyC,EAAE;YAC/G,UAAU,EAAE,EAAE,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,gBAAQ,CAAC,MAAM,EAAE,WAAW,EAAE,4CAA4C,EAAE;SACzH,CAAC;QAEF,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;YAC3C,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,kBAAkB,CAAC,EAAE,CAAC;gBAC7D,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,GAAG,IAAI,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,GAAG,GAAG,CAAC,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;oBAC9E,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,IAAA,kBAAU,GAAE;wBAChB,KAAK,EAAE,mCAAmC,GAAG,EAAE;wBAC/C,WAAW,EAAE,GAAG,IAAI,CAAC,WAAW,uBAAuB;wBACvD,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,UAAU,EAAE,kBAAU,CAAC,qBAAqB;wBAC5C,QAAQ,EAAE,uBAAe,CAAC,aAAa;wBACvC,QAAQ,EAAE;4BACR,IAAI,EAAE,IAAI,CAAC,YAAY;4BACvB,SAAS,EAAE,CAAC,GAAG,CAAC;4BAChB,OAAO,EAAE,CAAC,GAAG,CAAC;yBACf;wBACD,OAAO,EAAE,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE;wBAC3B,SAAS,EAAE,IAAA,iCAAqB,EAAC,kBAAU,CAAC,qBAAqB,CAAC;wBAClE,WAAW,EAAE,WAAW,GAAG,gCAAgC;wBAC3D,UAAU,EAAE,EAAE;wBACd,QAAQ,EAAE,IAAI,CAAC,IAAI;wBACnB,SAAS,EAAE,IAAI,IAAI,EAAE;wBACrB,IAAI,EAAE,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,CAAC;qBAC7C,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,aAAa,CACnB,IAAiB,EACjB,OAAe,EACf,KAAa,EACb,WAAmB,EACnB,QAAkB,EAClB,UAAsB;QAEtB,MAAM,OAAO,GAAG,IAAA,0BAAkB,EAAC,IAAI,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC;QAE7D,OAAO;YACL,EAAE,EAAE,IAAA,kBAAU,GAAE;YAChB,KAAK;YACL,WAAW;YACX,QAAQ;YACR,UAAU;YACV,QAAQ,EAAE,uBAAe,CAAC,aAAa;YACvC,QAAQ,EAAE;gBACR,IAAI,EAAE,IAAI,CAAC,YAAY;gBACvB,SAAS,EAAE,OAAO;gBAClB,OAAO,EAAE,OAAO;aACjB;YACD,OAAO,EAAE;gBACP,IAAI,EAAE,OAAO,CAAC,IAAI;gBAClB,aAAa,EAAE,OAAO,CAAC,aAAa;gBACpC,YAAY,EAAE,OAAO,CAAC,YAAY;aACnC;YACD,SAAS,EAAE,IAAA,iCAAqB,EAAC,UAAU,CAAC;YAC5C,WAAW,EAAE,sCAAsC;YACnD,UAAU,EAAE,EAAE;YACd,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,IAAI,EAAE,CAAC,QAAQ,CAAC;SACjB,CAAC;IACJ,CAAC;CACF;AA9SD,wCA8SC;AAED,kBAAe,cAAc,CAAC"}

package/dist/cli/index.d.ts

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+/**
+ * Secure-Scan CLI
+ * Herramienta de Análisis Estático de Seguridad de Aplicaciones
+ */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/cli/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/cli/index.ts"],"names":[],"mappings":";AACA;;;GAGG"}