secure-scan 1.2.2

package/dist/analyzers/core/engine/ruleEngine.js

@@ -0,0 +1,173 @@
+"use strict";
+/**
+ * Rule Engine
+ * Core engine for running security rules against code
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RuleEngine = void 0;
+const types_1 = require("../../../types");
+const utils_1 = require("../../../utils");
+const standards_1 = require("../../../rules/standards");
+const logger_1 = require("../../../utils/logger");
+/**
+ * Rule Engine Class
+ */
+class RuleEngine {
+    rules;
+    constructor() {
+        this.rules = [];
+    }
+    /**
+     * Load rules for analysis
+     */
+    loadRules(rules) {
+        this.rules = rules.filter(r => r.enabled);
+        logger_1.logger.info(`📋 Loaded ${this.rules.length} active rules`);
+    }
+    /**
+     * Get rules for a specific language
+     */
+    getRulesForLanguage(language) {
+        return this.rules.filter(rule => rule.languages.includes(language) ||
+            rule.languages.includes('*'));
+    }
+    /**
+     * Run rules against a file
+     */
+    async analyzeFile(file, rules) {
+        const findings = [];
+        const applicableRules = rules || this.getRulesForLanguage(file.language || '');
+        for (const rule of applicableRules) {
+            try {
+                const ruleFindings = await this.runRule(rule, file);
+                findings.push(...ruleFindings);
+            }
+            catch (error) {
+                logger_1.logger.debug(`Error running rule ${rule.id}: ${error}`);
+            }
+        }
+        return findings;
+    }
+    /**
+     * Run a single rule against a file
+     */
+    async runRule(rule, file) {
+        const findings = [];
+        for (const pattern of rule.patterns) {
+            if (pattern.type === 'regex') {
+                const matches = this.matchRegex(file.content, pattern.pattern, pattern.flags);
+                for (const match of matches) {
+                    const finding = this.createFinding(rule, file, match);
+                    findings.push(finding);
+                }
+            }
+        }
+        return findings;
+    }
+    /**
+     * Match regex pattern against content
+     */
+    matchRegex(content, pattern, flags = 'gim') {
+        const matches = [];
+        const lines = content.split('\n');
+        try {
+            const regex = new RegExp(pattern, flags);
+            let lineOffset = 0;
+            for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+                const line = lines[lineNum];
+                let match;
+                // Reset regex for each line
+                const lineRegex = new RegExp(pattern, flags.replace('g', '') + 'g');
+                while ((match = lineRegex.exec(line)) !== null) {
+                    matches.push({
+                        matched: true,
+                        line: lineNum + 1, // 1-indexed
+                        column: match.index + 1,
+                        matchedText: match[0],
+                        groups: match.groups
+                    });
+                    // Prevent infinite loop on zero-width matches
+                    if (match[0].length === 0) {
+                        lineRegex.lastIndex++;
+                    }
+                }
+                lineOffset += line.length + 1;
+            }
+        }
+        catch (error) {
+            logger_1.logger.debug(`Invalid regex pattern: ${pattern}`);
+        }
+        return matches;
+    }
+    /**
+     * Create a finding from a rule match
+     */
+    createFinding(rule, file, match) {
+        const context = (0, utils_1.extractCodeContext)(file.content, match.line, 3);
+        const location = {
+            file: file.relativePath,
+            startLine: match.line,
+            endLine: match.line,
+            startColumn: match.column,
+            endColumn: match.column + match.matchedText.length
+        };
+        const snippet = {
+            code: context.code,
+            contextBefore: context.contextBefore,
+            contextAfter: context.contextAfter,
+            highlight: {
+                start: match.column - 1,
+                end: match.column - 1 + match.matchedText.length
+            }
+        };
+        return {
+            id: (0, utils_1.generateId)(),
+            title: rule.name,
+            description: rule.description,
+            severity: rule.severity,
+            threatType: rule.threatType,
+            category: rule.category,
+            location,
+            snippet,
+            standards: rule.standards.length > 0
+                ? rule.standards
+                : (0, standards_1.getStandardsForThreat)(rule.threatType),
+            remediation: rule.remediation,
+            confidence: 85, // Default confidence for regex matches
+            analyzer: 'rule-engine',
+            timestamp: new Date(),
+            tags: rule.tags
+        };
+    }
+    /**
+     * Deduplicate findings
+     */
+    deduplicateFindings(findings) {
+        const seen = new Set();
+        const unique = [];
+        for (const finding of findings) {
+            const key = `${finding.location.file}:${finding.location.startLine}:${finding.threatType}`;
+            if (!seen.has(key)) {
+                seen.add(key);
+                unique.push(finding);
+            }
+        }
+        return unique;
+    }
+    /**
+     * Sort findings by severity
+     */
+    sortBySeverity(findings) {
+        const severityOrder = {
+            [types_1.Severity.CRITICAL]: 0,
+            [types_1.Severity.HIGH]: 1,
+            [types_1.Severity.MEDIUM]: 2,
+            [types_1.Severity.LOW]: 3,
+            [types_1.Severity.INFO]: 4
+        };
+        return [...findings].sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
+    }
+}
+exports.RuleEngine = RuleEngine;
+exports.default = RuleEngine;
+//# sourceMappingURL=ruleEngine.js.map

package/dist/analyzers/core/engine/ruleEngine.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ruleEngine.js","sourceRoot":"","sources":["../../../../src/analyzers/core/engine/ruleEngine.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,0CASwB;AACxB,0CAAgE;AAChE,wDAAiE;AACjE,kDAA+C;AAa/C;;GAEG;AACH,MAAa,UAAU;IACb,KAAK,CAAS;IAEtB;QACE,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,KAAa;QACrB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAC1C,eAAM,CAAC,IAAI,CAAC,aAAa,IAAI,CAAC,KAAK,CAAC,MAAM,eAAe,CAAC,CAAC;IAC7D,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAgB;QAClC,OAAO,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAC9B,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAe,CAAC;YACxC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,GAAU,CAAC,CACpC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,WAAW,CAAC,IAAiB,EAAE,KAAc;QACjD,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,eAAe,GAAG,KAAK,IAAI,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;QAE/E,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBACpD,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;YACjC,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,eAAM,CAAC,KAAK,CAAC,sBAAsB,IAAI,CAAC,EAAE,KAAK,KAAK,EAAE,CAAC,CAAC;YAC1D,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,OAAO,CAAC,IAAU,EAAE,IAAiB;QACjD,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,EAAE,CAAC;gBAC7B,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;gBAE9E,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;oBAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,aAAa,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;oBACtD,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBACzB,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,UAAU,CAAC,OAAe,EAAE,OAAe,EAAE,QAAgB,KAAK;QACxE,MAAM,OAAO,GAAmB,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAEzC,IAAI,UAAU,GAAG,CAAC,CAAC;YACnB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;gBACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;gBAC5B,IAAI,KAA6B,CAAC;gBAElC,4BAA4B;gBAC5B,MAAM,SAAS,GAAG,IAAI,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC;gBAEpE,OAAO,CAAC,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;oBAC/C,OAAO,CAAC,IAAI,CAAC;wBACX,OAAO,EAAE,IAAI;wBACb,IAAI,EAAE,OAAO,GAAG,CAAC,EAAE,YAAY;wBAC/B,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;wBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;wBACrB,MAAM,EAAE,KAAK,CAAC,MAAM;qBACrB,CAAC,CAAC;oBAEH,8CAA8C;oBAC9C,IAAI,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC1B,SAAS,CAAC,SAAS,EAAE,CAAC;oBACxB,CAAC;gBACH,CAAC;gBAED,UAAU,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC;QACpD,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,aAAa,CAAC,IAAU,EAAE,IAAiB,EAAE,KAAmB;QACtE,MAAM,OAAO,GAAG,IAAA,0BAAkB,EAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAEhE,MAAM,QAAQ,GAAmB;YAC/B,IAAI,EAAE,IAAI,CAAC,YAAY;YACvB,SAAS,EAAE,KAAK,CAAC,IAAI;YACrB,OAAO,EAAE,KAAK,CAAC,IAAI;YACnB,WAAW,EAAE,KAAK,CAAC,MAAM;YACzB,SAAS,EAAE,KAAK,CAAC,MAAM,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM;SACnD,CAAC;QAEF,MAAM,OAAO,GAAgB;YAC3B,IAAI,EAAE,OAAO,CAAC,IAAI;YAClB,aAAa,EAAE,OAAO,CAAC,aAAa;YACpC,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,SAAS,EAAE;gBACT,KAAK,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;gBACvB,GAAG,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,GAAG,KAAK,CAAC,WAAW,CAAC,MAAM;aACjD;SACF,CAAC;QAEF,OAAO;YACL,EAAE,EAAE,IAAA,kBAAU,GAAE;YAChB,KAAK,EAAE,IAAI,CAAC,IAAI;YAChB,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,QAAQ;YACR,OAAO;YACP,SAAS,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;gBAClC,CAAC,CAAC,IAAI,CAAC,SAAS;gBAChB,CAAC,CAAC,IAAA,iCAAqB,EAAC,IAAI,CAAC,UAAU,CAAC;YAC1C,WAAW,EAAE,IAAI,CAAC,WAAW;YAC7B,UAAU,EAAE,EAAE,EAAE,uCAAuC;YACvD,QAAQ,EAAE,aAAa;YACvB,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,IAAI,EAAE,IAAI,CAAC,IAAI;SAChB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAmB;QACrC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;QAC/B,MAAM,MAAM,GAAc,EAAE,CAAC;QAE7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,SAAS,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YAE3F,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnB,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBACd,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,QAAmB;QAChC,MAAM,aAAa,GAA6B;YAC9C,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAClB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACpB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;SACnB,CAAC;QAEF,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACjC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CACtD,CAAC;IACJ,CAAC;CACF;AAzLD,gCAyLC;AAED,kBAAe,UAAU,CAAC"}

package/dist/analyzers/core/index.d.ts

@@ -0,0 +1,8 @@
+/**
+ * Core Module Exports
+ */
+export * from './scanner';
+export * from './engine';
+export * from './scoring';
+export * from './securityScanner';
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzers/core/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analyzers/core/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,WAAW,CAAC;AAC1B,cAAc,UAAU,CAAC;AACzB,cAAc,WAAW,CAAC;AAC1B,cAAc,mBAAmB,CAAC"}

package/dist/analyzers/core/index.js

@@ -0,0 +1,24 @@
+"use strict";
+/**
+ * Core Module Exports
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./scanner"), exports);
+__exportStar(require("./engine"), exports);
+__exportStar(require("./scoring"), exports);
+__exportStar(require("./securityScanner"), exports);
+//# sourceMappingURL=index.js.map

package/dist/analyzers/core/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyzers/core/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;AAEH,4CAA0B;AAC1B,2CAAyB;AACzB,4CAA0B;AAC1B,oDAAkC"}

package/dist/analyzers/core/scanner/fileScanner.d.ts

@@ -0,0 +1,31 @@
+/**
+ * File Scanner Module
+ * Scans directories and collects files for analysis
+ */
+import { ScannedFile, ScanConfig } from '../../../types';
+/**
+ * File Scanner Class
+ */
+export declare class FileScanner {
+    private config;
+    private extensions;
+    constructor(config: ScanConfig);
+    /**
+     * Scan project directory for files
+     */
+    scan(): Promise<ScannedFile[]>;
+    /**
+     * Process a single file
+     */
+    private processFile;
+    /**
+     * Get ignore patterns for glob
+     */
+    private getIgnorePatterns;
+    /**
+     * Get file statistics
+     */
+    getFileStats(files: ScannedFile[]): Record<string, number>;
+}
+export default FileScanner;
+//# sourceMappingURL=fileScanner.d.ts.map

package/dist/analyzers/core/scanner/fileScanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"fileScanner.d.ts","sourceRoot":"","sources":["../../../../src/analyzers/core/scanner/fileScanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAKH,OAAO,EAAE,WAAW,EAAqB,UAAU,EAAE,MAAM,gBAAgB,CAAC;AA8B5E;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAa;IAC3B,OAAO,CAAC,UAAU,CAAW;gBAEjB,MAAM,EAAE,UAAU;IAK9B;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;IAqEpC;;OAEG;YACW,WAAW;IAgCzB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA4BzB;;OAEG;IACH,YAAY,CAAC,KAAK,EAAE,WAAW,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;CAU3D;AAED,eAAe,WAAW,CAAC"}

package/dist/analyzers/core/scanner/fileScanner.js

@@ -0,0 +1,199 @@
+"use strict";
+/**
+ * File Scanner Module
+ * Scans directories and collects files for analysis
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.FileScanner = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const glob_1 = require("glob");
+const utils_1 = require("../../../utils");
+const logger_1 = require("../../../utils/logger");
+/**
+ * Default file extensions to scan
+ */
+const DEFAULT_EXTENSIONS = [
+    '.js', '.jsx', '.mjs', '.cjs',
+    '.ts', '.tsx',
+    '.py', '.pyw',
+    '.php', '.phtml',
+    '.java',
+    '.c', '.h', '.cpp', '.cc', '.cxx', '.hpp',
+    '.cs',
+    '.yaml', '.yml',
+    '.tf', '.tfvars'
+];
+/**
+ * Default max file size (5MB)
+ */
+const DEFAULT_MAX_FILE_SIZE = 5 * 1024 * 1024;
+/**
+ * File Scanner Class
+ */
+class FileScanner {
+    config;
+    extensions;
+    constructor(config) {
+        this.config = config;
+        this.extensions = DEFAULT_EXTENSIONS;
+    }
+    /**
+     * Scan project directory for files
+     */
+    async scan() {
+        const projectPath = path.resolve(this.config.projectPath);
+        if (!fs.existsSync(projectPath)) {
+            throw new Error(`Project path does not exist: ${projectPath}`);
+        }
+        const stats = fs.statSync(projectPath);
+        if (!stats.isDirectory()) {
+            throw new Error(`Project path is not a directory: ${projectPath}`);
+        }
+        logger_1.logger.info(`🔍 Starting file scan in: ${projectPath}`);
+        // Build glob pattern
+        const patterns = this.extensions.map(ext => `**/*${ext}`);
+        patterns.push('**/Dockerfile');
+        patterns.push('**/.github/**/*.yml');
+        patterns.push('**/.github/**/*.yaml');
+        patterns.push('**/.gitlab-ci.yml');
+        const files = [];
+        for (const pattern of patterns) {
+            const matches = await (0, glob_1.glob)(pattern, {
+                cwd: projectPath,
+                nodir: true,
+                absolute: false,
+                ignore: this.getIgnorePatterns()
+            });
+            for (const match of matches) {
+                const absolutePath = path.join(projectPath, match);
+                // Skip if already processed
+                if (files.some(f => f.absolutePath === absolutePath)) {
+                    continue;
+                }
+                // Skip excluded paths
+                if ((0, utils_1.shouldExclude)(match, this.config.exclude || [])) {
+                    logger_1.logger.debug(`Skipping excluded file: ${match}`);
+                    continue;
+                }
+                try {
+                    const scannedFile = await this.processFile(absolutePath, match, projectPath);
+                    if (scannedFile) {
+                        files.push(scannedFile);
+                    }
+                }
+                catch (error) {
+                    logger_1.logger.warn(`Failed to process file: ${match} - ${error}`);
+                }
+            }
+        }
+        // Filter by language if specified
+        let filteredFiles = files;
+        if (this.config.languages && this.config.languages.length > 0) {
+            filteredFiles = files.filter(f => f.language && this.config.languages.includes(f.language));
+        }
+        logger_1.logger.info(`📂 Found ${filteredFiles.length} files to analyze`);
+        return filteredFiles;
+    }
+    /**
+     * Process a single file
+     */
+    async processFile(absolutePath, relativePath, projectPath) {
+        const stats = fs.statSync(absolutePath);
+        const maxSize = this.config.maxFileSize || DEFAULT_MAX_FILE_SIZE;
+        // Skip files that are too large
+        if (stats.size > maxSize) {
+            logger_1.logger.debug(`Skipping large file: ${relativePath} (${stats.size} bytes)`);
+            return null;
+        }
+        // Read file content
+        const content = fs.readFileSync(absolutePath, 'utf-8');
+        // Detect language
+        const language = (0, utils_1.getLanguageFromExtension)(absolutePath);
+        return {
+            absolutePath,
+            relativePath,
+            extension: path.extname(absolutePath).toLowerCase(),
+            language,
+            size: stats.size,
+            content,
+            lineCount: (0, utils_1.countLines)(content),
+            hash: (0, utils_1.calculateHash)(content)
+        };
+    }
+    /**
+     * Get ignore patterns for glob
+     */
+    getIgnorePatterns() {
+        const defaultIgnore = [
+            '**/node_modules/**',
+            '**/vendor/**',
+            '**/.git/**',
+            '**/dist/**',
+            '**/build/**',
+            '**/out/**',
+            '**/__pycache__/**',
+            '**/.venv/**',
+            '**/venv/**',
+            '**/coverage/**',
+            '**/.nyc_output/**',
+            '**/.next/**',
+            '**/.nuxt/**',
+            '**/target/**',
+            '**/bin/**',
+            '**/obj/**',
+            '**/*.min.js',
+            '**/*.bundle.js',
+            '**/*.map'
+        ];
+        const customIgnore = (this.config.exclude || []).map((p) => `**/${p}/**`);
+        return [...defaultIgnore, ...customIgnore];
+    }
+    /**
+     * Get file statistics
+     */
+    getFileStats(files) {
+        const stats = {};
+        for (const file of files) {
+            const lang = file.language || 'unknown';
+            stats[lang] = (stats[lang] || 0) + 1;
+        }
+        return stats;
+    }
+}
+exports.FileScanner = FileScanner;
+exports.default = FileScanner;
+//# sourceMappingURL=fileScanner.js.map

package/dist/analyzers/core/scanner/fileScanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"fileScanner.js","sourceRoot":"","sources":["../../../../src/analyzers/core/scanner/fileScanner.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,+BAA4B;AAE5B,0CAMwB;AACxB,kDAA+C;AAE/C;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM;IAC7B,KAAK,EAAE,MAAM;IACb,KAAK,EAAE,MAAM;IACb,MAAM,EAAE,QAAQ;IAChB,OAAO;IACP,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM;IACzC,KAAK;IACL,OAAO,EAAE,MAAM;IACf,KAAK,EAAE,SAAS;CACjB,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAG,CAAC,GAAG,IAAI,GAAG,IAAI,CAAC;AAE9C;;GAEG;AACH,MAAa,WAAW;IACd,MAAM,CAAa;IACnB,UAAU,CAAW;IAE7B,YAAY,MAAkB;QAC5B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,UAAU,GAAG,kBAAkB,CAAC;IACvC,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAE1D,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;YAChC,MAAM,IAAI,KAAK,CAAC,gCAAgC,WAAW,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,CAAC,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,oCAAoC,WAAW,EAAE,CAAC,CAAC;QACrE,CAAC;QAED,eAAM,CAAC,IAAI,CAAC,6BAA6B,WAAW,EAAE,CAAC,CAAC;QAExD,qBAAqB;QACrB,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC;QAC1D,QAAQ,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACtC,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAEnC,MAAM,KAAK,GAAkB,EAAE,CAAC;QAEhC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE;gBAClC,GAAG,EAAE,WAAW;gBAChB,KAAK,EAAE,IAAI;gBACX,QAAQ,EAAE,KAAK;gBACf,MAAM,EAAE,IAAI,CAAC,iBAAiB,EAAE;aACjC,CAAC,CAAC;YAEH,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC;gBAEnD,4BAA4B;gBAC5B,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,KAAK,YAAY,CAAC,EAAE,CAAC;oBACrD,SAAS;gBACX,CAAC;gBAED,sBAAsB;gBACtB,IAAI,IAAA,qBAAa,EAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,CAAC;oBACpD,eAAM,CAAC,KAAK,CAAC,2BAA2B,KAAK,EAAE,CAAC,CAAC;oBACjD,SAAS;gBACX,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,KAAK,EAAE,WAAW,CAAC,CAAC;oBAC7E,IAAI,WAAW,EAAE,CAAC;wBAChB,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;oBAC1B,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,eAAM,CAAC,IAAI,CAAC,2BAA2B,KAAK,MAAM,KAAK,EAAE,CAAC,CAAC;gBAC7D,CAAC;YACH,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,IAAI,aAAa,GAAG,KAAK,CAAC;QAC1B,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC/B,CAAC,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,CAAC,SAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAC1D,CAAC;QACJ,CAAC;QAED,eAAM,CAAC,IAAI,CAAC,YAAY,aAAa,CAAC,MAAM,mBAAmB,CAAC,CAAC;QAEjE,OAAO,aAAa,CAAC;IACvB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CACvB,YAAoB,EACpB,YAAoB,EACpB,WAAmB;QAEnB,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;QACxC,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,qBAAqB,CAAC;QAEjE,gCAAgC;QAChC,IAAI,KAAK,CAAC,IAAI,GAAG,OAAO,EAAE,CAAC;YACzB,eAAM,CAAC,KAAK,CAAC,wBAAwB,YAAY,KAAK,KAAK,CAAC,IAAI,SAAS,CAAC,CAAC;YAC3E,OAAO,IAAI,CAAC;QACd,CAAC;QAED,oBAAoB;QACpB,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;QAEvD,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAA,gCAAwB,EAAC,YAAY,CAAC,CAAC;QAExD,OAAO;YACL,YAAY;YACZ,YAAY;YACZ,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE;YACnD,QAAQ;YACR,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,OAAO;YACP,SAAS,EAAE,IAAA,kBAAU,EAAC,OAAO,CAAC;YAC9B,IAAI,EAAE,IAAA,qBAAa,EAAC,OAAO,CAAC;SAC7B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,iBAAiB;QACvB,MAAM,aAAa,GAAG;YACpB,oBAAoB;YACpB,cAAc;YACd,YAAY;YACZ,YAAY;YACZ,aAAa;YACb,WAAW;YACX,mBAAmB;YACnB,aAAa;YACb,YAAY;YACZ,gBAAgB;YAChB,mBAAmB;YACnB,aAAa;YACb,aAAa;YACb,cAAc;YACd,WAAW;YACX,WAAW;YACX,aAAa;YACb,gBAAgB;YAChB,UAAU;SACX,CAAC;QAEF,MAAM,YAAY,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QAElF,OAAO,CAAC,GAAG,aAAa,EAAE,GAAG,YAAY,CAAC,CAAC;IAC7C,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,KAAoB;QAC/B,MAAM,KAAK,GAA2B,EAAE,CAAC;QAEzC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,IAAI,SAAS,CAAC;YACxC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvC,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;CACF;AAhKD,kCAgKC;AAED,kBAAe,WAAW,CAAC"}

package/dist/analyzers/core/scanner/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Scanner Module Exports
+ */
+export * from './fileScanner';
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzers/core/scanner/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/analyzers/core/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,eAAe,CAAC"}

package/dist/analyzers/core/scanner/index.js

@@ -0,0 +1,21 @@
+"use strict";
+/**
+ * Scanner Module Exports
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./fileScanner"), exports);
+//# sourceMappingURL=index.js.map

package/dist/analyzers/core/scanner/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/analyzers/core/scanner/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;AAEH,gDAA8B"}

package/dist/analyzers/core/scoring/index.d.ts

@@ -0,0 +1,5 @@
+/**
+ * Scoring Module Exports
+ */
+export * from './riskScoring';
+//# sourceMappingURL=index.d.ts.map

package/dist/analyzers/core/scoring/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,cAAc,eAAe,CAAC"}

package/dist/analyzers/core/scoring/index.js

@@ -0,0 +1,21 @@
+"use strict";
+/**
+ * Scoring Module Exports
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./riskScoring"), exports);
+//# sourceMappingURL=index.js.map

package/dist/analyzers/core/scoring/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;AAEH,gDAA8B"}

package/dist/analyzers/core/scoring/riskScoring.d.ts

@@ -0,0 +1,49 @@
+/**
+ * Risk Scoring Engine
+ * Calculates risk scores and severity levels for scan results
+ */
+import { Finding, Severity, FindingCategory } from '../../../types';
+/**
+ * Risk Scoring Engine Class
+ */
+export declare class RiskScoringEngine {
+    /**
+     * Calculate overall risk score for findings
+     */
+    calculateRiskScore(findings: Finding[], totalFiles: number): number;
+    /**
+     * Determine risk level from score
+     */
+    getRiskLevel(score: number): 'safe' | 'low' | 'medium' | 'high' | 'critical';
+    /**
+     * Get severity distribution
+     */
+    getSeverityDistribution(findings: Finding[]): Record<Severity, number>;
+    /**
+     * Get category distribution
+     */
+    getCategoryDistribution(findings: Finding[]): Record<FindingCategory, number>;
+    /**
+     * Get top affected files
+     */
+    getTopAffectedFiles(findings: Finding[], limit?: number): Array<{
+        file: string;
+        count: number;
+        criticalCount: number;
+    }>;
+    /**
+     * Get threat type distribution
+     */
+    getThreatTypeDistribution(findings: Finding[]): Record<string, number>;
+    /**
+     * Calculate security posture metrics
+     */
+    calculateSecurityPosture(findings: Finding[], totalFiles: number, totalLines: number): {
+        score: number;
+        grade: string;
+        findingsPerKLOC: number;
+        criticalRatio: number;
+    };
+}
+export default RiskScoringEngine;
+//# sourceMappingURL=riskScoring.d.ts.map

package/dist/analyzers/core/scoring/riskScoring.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"riskScoring.d.ts","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/riskScoring.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAc,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAkChF;;GAEG;AACH,qBAAa,iBAAiB;IAC5B;;OAEG;IACH,kBAAkB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,MAAM,GAAG,MAAM;IAyBnE;;OAEG;IACH,YAAY,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU;IAQ5E;;OAEG;IACH,uBAAuB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC;IAgBtE;;OAEG;IACH,uBAAuB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,eAAe,EAAE,MAAM,CAAC;IAe7E;;OAEG;IACH,mBAAmB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,KAAK,GAAE,MAAW,GAAG,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,CAAC;IAkB3H;;OAEG;IACH,yBAAyB,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC;IAUtE;;OAEG;IACH,wBAAwB,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG;QACrF,KAAK,EAAE,MAAM,CAAC;QACd,KAAK,EAAE,MAAM,CAAC;QACd,eAAe,EAAE,MAAM,CAAC;QACxB,aAAa,EAAE,MAAM,CAAC;KACvB;CAkCF;AAED,eAAe,iBAAiB,CAAC"}