secure-scan 1.2.2

package/dist/analyzers/core/scoring/riskScoring.js

@@ -0,0 +1,180 @@
+"use strict";
+/**
+ * Risk Scoring Engine
+ * Calculates risk scores and severity levels for scan results
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.RiskScoringEngine = void 0;
+const types_1 = require("../../../types");
+/**
+ * Risk weights for different factors
+ */
+const SEVERITY_WEIGHTS = {
+    [types_1.Severity.CRITICAL]: 100,
+    [types_1.Severity.HIGH]: 70,
+    [types_1.Severity.MEDIUM]: 40,
+    [types_1.Severity.LOW]: 15,
+    [types_1.Severity.INFO]: 5
+};
+/**
+ * Category weights
+ */
+const CATEGORY_WEIGHTS = {
+    [types_1.FindingCategory.MALWARE]: 1.5,
+    [types_1.FindingCategory.VULNERABILITY]: 1.0,
+    [types_1.FindingCategory.CODE_SMELL]: 0.5,
+    [types_1.FindingCategory.BEST_PRACTICE]: 0.3
+};
+/**
+ * Risk level thresholds
+ */
+const RISK_THRESHOLDS = {
+    safe: 10,
+    low: 30,
+    medium: 50,
+    high: 75
+};
+/**
+ * Risk Scoring Engine Class
+ */
+class RiskScoringEngine {
+    /**
+     * Calculate overall risk score for findings
+     */
+    calculateRiskScore(findings, totalFiles) {
+        if (findings.length === 0) {
+            return 0;
+        }
+        let totalScore = 0;
+        for (const finding of findings) {
+            const severityWeight = SEVERITY_WEIGHTS[finding.severity];
+            const categoryWeight = CATEGORY_WEIGHTS[finding.category];
+            const confidenceMultiplier = finding.confidence / 100;
+            totalScore += severityWeight * categoryWeight * confidenceMultiplier;
+        }
+        // Normalize score based on codebase size
+        // More files = slightly lower weight per finding
+        const sizeNormalizer = Math.log10(Math.max(totalFiles, 1)) + 1;
+        // Calculate normalized score (0-100)
+        const normalizedScore = Math.min(100, (totalScore / sizeNormalizer) / 2);
+        return Math.round(normalizedScore);
+    }
+    /**
+     * Determine risk level from score
+     */
+    getRiskLevel(score) {
+        if (score >= RISK_THRESHOLDS.high)
+            return 'critical';
+        if (score >= RISK_THRESHOLDS.medium)
+            return 'high';
+        if (score >= RISK_THRESHOLDS.low)
+            return 'medium';
+        if (score >= RISK_THRESHOLDS.safe)
+            return 'low';
+        return 'safe';
+    }
+    /**
+     * Get severity distribution
+     */
+    getSeverityDistribution(findings) {
+        const distribution = {
+            [types_1.Severity.CRITICAL]: 0,
+            [types_1.Severity.HIGH]: 0,
+            [types_1.Severity.MEDIUM]: 0,
+            [types_1.Severity.LOW]: 0,
+            [types_1.Severity.INFO]: 0
+        };
+        for (const finding of findings) {
+            distribution[finding.severity]++;
+        }
+        return distribution;
+    }
+    /**
+     * Get category distribution
+     */
+    getCategoryDistribution(findings) {
+        const distribution = {
+            [types_1.FindingCategory.MALWARE]: 0,
+            [types_1.FindingCategory.VULNERABILITY]: 0,
+            [types_1.FindingCategory.CODE_SMELL]: 0,
+            [types_1.FindingCategory.BEST_PRACTICE]: 0
+        };
+        for (const finding of findings) {
+            distribution[finding.category]++;
+        }
+        return distribution;
+    }
+    /**
+     * Get top affected files
+     */
+    getTopAffectedFiles(findings, limit = 10) {
+        const fileMap = new Map();
+        for (const finding of findings) {
+            const current = fileMap.get(finding.location.file) || { count: 0, criticalCount: 0 };
+            current.count++;
+            if (finding.severity === types_1.Severity.CRITICAL || finding.severity === types_1.Severity.HIGH) {
+                current.criticalCount++;
+            }
+            fileMap.set(finding.location.file, current);
+        }
+        return Array.from(fileMap.entries())
+            .map(([file, stats]) => ({ file, ...stats }))
+            .sort((a, b) => b.criticalCount - a.criticalCount || b.count - a.count)
+            .slice(0, limit);
+    }
+    /**
+     * Get threat type distribution
+     */
+    getThreatTypeDistribution(findings) {
+        const distribution = {};
+        for (const finding of findings) {
+            distribution[finding.threatType] = (distribution[finding.threatType] || 0) + 1;
+        }
+        return distribution;
+    }
+    /**
+     * Calculate security posture metrics
+     */
+    calculateSecurityPosture(findings, totalFiles, totalLines) {
+        const score = 100 - this.calculateRiskScore(findings, totalFiles);
+        // Calculate grade
+        let grade;
+        if (score >= 90)
+            grade = 'A+';
+        else if (score >= 85)
+            grade = 'A';
+        else if (score >= 80)
+            grade = 'A-';
+        else if (score >= 75)
+            grade = 'B+';
+        else if (score >= 70)
+            grade = 'B';
+        else if (score >= 65)
+            grade = 'B-';
+        else if (score >= 60)
+            grade = 'C+';
+        else if (score >= 55)
+            grade = 'C';
+        else if (score >= 50)
+            grade = 'C-';
+        else if (score >= 40)
+            grade = 'D';
+        else
+            grade = 'F';
+        // Findings per 1000 lines of code
+        const kloc = totalLines / 1000;
+        const findingsPerKLOC = kloc > 0 ? findings.length / kloc : 0;
+        // Ratio of critical/high findings
+        const criticalCount = findings.filter(f => f.severity === types_1.Severity.CRITICAL || f.severity === types_1.Severity.HIGH).length;
+        const criticalRatio = findings.length > 0 ? criticalCount / findings.length : 0;
+        return {
+            score: Math.round(score),
+            grade,
+            findingsPerKLOC: Math.round(findingsPerKLOC * 100) / 100,
+            criticalRatio: Math.round(criticalRatio * 100) / 100
+        };
+    }
+}
+exports.RiskScoringEngine = RiskScoringEngine;
+exports.default = RiskScoringEngine;
+//# sourceMappingURL=riskScoring.js.map

package/dist/analyzers/core/scoring/riskScoring.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"riskScoring.js","sourceRoot":"","sources":["../../../../src/analyzers/core/scoring/riskScoring.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAEH,0CAAgF;AAGhF;;GAEG;AACH,MAAM,gBAAgB,GAA6B;IACjD,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,GAAG;IACxB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,EAAE;IACnB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,EAAE;IACrB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,EAAE;IAClB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;CACnB,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoC;IACxD,CAAC,uBAAe,CAAC,OAAO,CAAC,EAAE,GAAG;IAC9B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,GAAG;IACpC,CAAC,uBAAe,CAAC,UAAU,CAAC,EAAE,GAAG;IACjC,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,GAAG;CACrC,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAG;IACtB,IAAI,EAAE,EAAE;IACR,GAAG,EAAE,EAAE;IACP,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;CACT,CAAC;AAEF;;GAEG;AACH,MAAa,iBAAiB;IAC5B;;OAEG;IACH,kBAAkB,CAAC,QAAmB,EAAE,UAAkB;QACxD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,CAAC;QACX,CAAC;QAED,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC1D,MAAM,cAAc,GAAG,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YAC1D,MAAM,oBAAoB,GAAG,OAAO,CAAC,UAAU,GAAG,GAAG,CAAC;YAEtD,UAAU,IAAI,cAAc,GAAG,cAAc,GAAG,oBAAoB,CAAC;QACvE,CAAC;QAED,yCAAyC;QACzC,iDAAiD;QACjD,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAE/D,qCAAqC;QACrC,MAAM,eAAe,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,UAAU,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;QAEzE,OAAO,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACrC,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,KAAa;QACxB,IAAI,KAAK,IAAI,eAAe,CAAC,IAAI;YAAE,OAAO,UAAU,CAAC;QACrD,IAAI,KAAK,IAAI,eAAe,CAAC,MAAM;YAAE,OAAO,MAAM,CAAC;QACnD,IAAI,KAAK,IAAI,eAAe,CAAC,GAAG;YAAE,OAAO,QAAQ,CAAC;QAClD,IAAI,KAAK,IAAI,eAAe,CAAC,IAAI;YAAE,OAAO,KAAK,CAAC;QAChD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,QAAmB;QACzC,MAAM,YAAY,GAA6B;YAC7C,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAClB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACpB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YACjB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;SACnB,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,uBAAuB,CAAC,QAAmB;QACzC,MAAM,YAAY,GAAoC;YACpD,CAAC,uBAAe,CAAC,OAAO,CAAC,EAAE,CAAC;YAC5B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,CAAC;YAClC,CAAC,uBAAe,CAAC,UAAU,CAAC,EAAE,CAAC;YAC/B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,CAAC;SACnC,CAAC;QAEF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;QACnC,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,mBAAmB,CAAC,QAAmB,EAAE,QAAgB,EAAE;QACzD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoD,CAAC;QAE5E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,CAAC;YACrF,OAAO,CAAC,KAAK,EAAE,CAAC;YAChB,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAQ,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAQ,CAAC,IAAI,EAAE,CAAC;gBACjF,OAAO,CAAC,aAAa,EAAE,CAAC;YAC1B,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAC9C,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;aACjC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,GAAG,KAAK,EAAE,CAAC,CAAC;aAC5C,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;aACtE,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IACrB,CAAC;IAED;;OAEG;IACH,yBAAyB,CAAC,QAAmB;QAC3C,MAAM,YAAY,GAA2B,EAAE,CAAC;QAEhD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,YAAY,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACjF,CAAC;QAED,OAAO,YAAY,CAAC;IACtB,CAAC;IAED;;OAEG;IACH,wBAAwB,CAAC,QAAmB,EAAE,UAAkB,EAAE,UAAkB;QAMlF,MAAM,KAAK,GAAG,GAAG,GAAG,IAAI,CAAC,kBAAkB,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;QAElE,kBAAkB;QAClB,IAAI,KAAa,CAAC;QAClB,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aACzB,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;aAC7B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;aAC7B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;aAC7B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,IAAI,CAAC;aAC9B,IAAI,KAAK,IAAI,EAAE;YAAE,KAAK,GAAG,GAAG,CAAC;;YAC7B,KAAK,GAAG,GAAG,CAAC;QAEjB,kCAAkC;QAClC,MAAM,IAAI,GAAG,UAAU,GAAG,IAAI,CAAC;QAC/B,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;QAE9D,kCAAkC;QAClC,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACxC,CAAC,CAAC,QAAQ,KAAK,gBAAQ,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,KAAK,gBAAQ,CAAC,IAAI,CACjE,CAAC,MAAM,CAAC;QACT,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;QAEhF,OAAO;YACL,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC;YACxB,KAAK;YACL,eAAe,EAAE,IAAI,CAAC,KAAK,CAAC,eAAe,GAAG,GAAG,CAAC,GAAG,GAAG;YACxD,aAAa,EAAE,IAAI,CAAC,KAAK,CAAC,aAAa,GAAG,GAAG,CAAC,GAAG,GAAG;SACrD,CAAC;IACJ,CAAC;CACF;AAzJD,8CAyJC;AAED,kBAAe,iBAAiB,CAAC"}

package/dist/analyzers/core/securityScanner.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Security Scanner Orchestrator
+ * Main scanner that coordinates all analyzers
+ */
+import { ScanConfig, ScanResult } from '../../types';
+/**
+ * Security Scanner Class
+ * Main orchestrator for the SAST tool
+ */
+export declare class SecurityScanner {
+    private config;
+    private fileScanner;
+    private ruleEngine;
+    private riskScoring;
+    private aiAnalyzer?;
+    constructor(config: ScanConfig);
+    /**
+     * Normalize and validate configuration
+     */
+    private normalizeConfig;
+    /**
+     * Run the security scan
+     */
+    scan(): Promise<ScanResult>;
+    /**
+     * Analyze a single file
+     */
+    private analyzeFile;
+    /**
+     * Filter findings by minimum severity
+     */
+    private filterBySeverity;
+    /**
+     * Calculate scan statistics
+     */
+    private calculateStats;
+    /**
+     * Create empty result when no files found
+     */
+    private createEmptyResult;
+    /**
+     * Generate report
+     */
+    private generateReport;
+}
+export default SecurityScanner;
+//# sourceMappingURL=securityScanner.d.ts.map

package/dist/analyzers/core/securityScanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"securityScanner.d.ts","sourceRoot":"","sources":["../../../src/analyzers/core/securityScanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,OAAO,EACL,UAAU,EACV,UAAU,EAMX,MAAM,aAAa,CAAC;AAWrB;;;GAGG;AACH,qBAAa,eAAe;IAC1B,OAAO,CAAC,MAAM,CAAa;IAC3B,OAAO,CAAC,WAAW,CAAc;IACjC,OAAO,CAAC,UAAU,CAAa;IAC/B,OAAO,CAAC,WAAW,CAAoB;IACvC,OAAO,CAAC,UAAU,CAAC,CAAa;gBAEpB,MAAM,EAAE,UAAU;IAY9B;;OAEG;IACH,OAAO,CAAC,eAAe;IAYvB;;OAEG;IACG,IAAI,IAAI,OAAO,CAAC,UAAU,CAAC;IA4GjC;;OAEG;YACW,WAAW;IAoCzB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAUxB;;OAEG;IACH,OAAO,CAAC,cAAc;IA6BtB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAoCzB;;OAEG;YACW,cAAc;CAiB7B;AAED,eAAe,eAAe,CAAC"}

package/dist/analyzers/core/securityScanner.js

@@ -0,0 +1,298 @@
+"use strict";
+/**
+ * Security Scanner Orchestrator
+ * Main scanner that coordinates all analyzers
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.SecurityScanner = void 0;
+const path = __importStar(require("path"));
+const fs = __importStar(require("fs"));
+const types_1 = require("../../types");
+const scanner_1 = require("./scanner");
+const engine_1 = require("./engine");
+const scoring_1 = require("./scoring");
+const rules_1 = require("../../rules");
+const __1 = require("../");
+const ai_1 = require("../../ai");
+const reports_1 = require("../../reports");
+const utils_1 = require("../../utils");
+const logger_1 = require("../../utils/logger");
+/**
+ * Security Scanner Class
+ * Main orchestrator for the SAST tool
+ */
+class SecurityScanner {
+    config;
+    fileScanner;
+    ruleEngine;
+    riskScoring;
+    aiAnalyzer;
+    constructor(config) {
+        this.config = this.normalizeConfig(config);
+        this.fileScanner = new scanner_1.FileScanner(this.config);
+        this.ruleEngine = new engine_1.RuleEngine();
+        this.riskScoring = new scoring_1.RiskScoringEngine();
+        // Initialize AI analyzer if configured
+        if (this.config.useAI && this.config.aiConfig) {
+            this.aiAnalyzer = new ai_1.AIAnalyzer(this.config.aiConfig);
+        }
+    }
+    /**
+     * Normalize and validate configuration
+     */
+    normalizeConfig(config) {
+        return {
+            ...config,
+            projectPath: path.resolve(config.projectPath),
+            exclude: config.exclude || [],
+            minSeverity: config.minSeverity || types_1.Severity.INFO,
+            verbose: config.verbose || false,
+            maxFileSize: config.maxFileSize || 5 * 1024 * 1024,
+            fileTimeout: config.fileTimeout || 30000
+        };
+    }
+    /**
+     * Run the security scan
+     */
+    async scan() {
+        const startTime = Date.now();
+        const scanId = (0, utils_1.generateId)();
+        (0, logger_1.logScanStart)(this.config.projectPath);
+        try {
+            // Initialize analyzers
+            await (0, __1.initializeAnalyzers)();
+            // Log available analyzers and their versions
+            const allAnalyzers = (0, __1.getAllAnalyzers)();
+            logger_1.logger.info(`🔧 Loaded ${allAnalyzers.length} security analyzers:`);
+            for (const analyzer of allAnalyzers) {
+                logger_1.logger.info(`   • ${analyzer.name} v${analyzer.version} (${analyzer.languages.join(', ')})`);
+            }
+            if (this.aiAnalyzer) {
+                await this.aiAnalyzer.initialize();
+            }
+            // Load rules
+            const rules = (0, rules_1.getEnabledRules)();
+            this.ruleEngine.loadRules(rules);
+            // Scan files
+            logger_1.logger.info('📂 Scanning project files...');
+            const files = await this.fileScanner.scan();
+            if (files.length === 0) {
+                logger_1.logger.warn('⚠️ No files found to analyze');
+                return this.createEmptyResult(scanId, startTime);
+            }
+            // Analyze files
+            logger_1.logger.info('🔍 Analyzing code for vulnerabilities and malware...');
+            const allFindings = [];
+            for (let i = 0; i < files.length; i++) {
+                const file = files[i];
+                if (this.config.verbose) {
+                    logger_1.logger.debug(`Analyzing: ${file.relativePath}`);
+                }
+                try {
+                    const fileFindings = await this.analyzeFile(file);
+                    allFindings.push(...fileFindings);
+                    // Log critical findings immediately
+                    for (const finding of fileFindings) {
+                        if (finding.severity === types_1.Severity.CRITICAL || finding.severity === types_1.Severity.HIGH || finding.category === types_1.FindingCategory.MALWARE) {
+                            (0, logger_1.logFinding)(finding.severity, finding.title, finding.location.file, finding.location.startLine, finding.category);
+                        }
+                    }
+                }
+                catch (error) {
+                    logger_1.logger.debug(`Error analyzing ${file.relativePath}: ${error}`);
+                }
+            }
+            // Deduplicate findings
+            const uniqueFindings = this.ruleEngine.deduplicateFindings(allFindings);
+            // Filter by minimum severity
+            const filteredFindings = this.filterBySeverity(uniqueFindings);
+            // Sort by severity
+            const sortedFindings = this.ruleEngine.sortBySeverity(filteredFindings);
+            // Calculate statistics
+            const endTime = Date.now();
+            const stats = this.calculateStats(files, sortedFindings, startTime, endTime);
+            // Calculate risk score
+            const riskScore = this.riskScoring.calculateRiskScore(sortedFindings, files.length);
+            const riskLevel = this.riskScoring.getRiskLevel(riskScore);
+            // Create result
+            const result = {
+                projectPath: this.config.projectPath,
+                projectName: path.basename(this.config.projectPath),
+                scanId,
+                findings: sortedFindings,
+                stats,
+                riskScore,
+                riskLevel,
+                scannedFiles: files,
+                config: this.config
+            };
+            (0, logger_1.logScanComplete)(stats.totalFiles, sortedFindings.length, stats.duration, riskScore);
+            // Generate report if output path specified
+            if (this.config.outputPath) {
+                await this.generateReport(result);
+            }
+            // Cleanup
+            await (0, __1.cleanupAnalyzers)();
+            return result;
+        }
+        catch (error) {
+            logger_1.logger.error(`Scan failed: ${error}`);
+            throw error;
+        }
+    }
+    /**
+     * Analyze a single file
+     */
+    async analyzeFile(file) {
+        const findings = [];
+        // Skip if no language detected
+        if (!file.language) {
+            return findings;
+        }
+        // Get language-specific analyzer
+        const analyzer = (0, __1.getAnalyzerForLanguage)(file.language);
+        if (analyzer) {
+            // Log analyzer version being used
+            if (this.config.verbose) {
+                logger_1.logger.debug(`Using ${analyzer.name} v${analyzer.version} for ${file.relativePath}`);
+            }
+            const rules = (0, rules_1.getEnabledRules)().filter(r => r.languages.includes(file.language));
+            const analyzerFindings = await analyzer.analyze(file, rules);
+            findings.push(...analyzerFindings);
+        }
+        // Run rule engine for generic patterns
+        const ruleFindings = await this.ruleEngine.analyzeFile(file);
+        findings.push(...ruleFindings);
+        // AI analysis if enabled
+        if (this.aiAnalyzer && this.config.useAI) {
+            const aiResult = await this.aiAnalyzer.analyze(file);
+            findings.push(...aiResult.findings);
+        }
+        return findings;
+    }
+    /**
+     * Filter findings by minimum severity
+     */
+    filterBySeverity(findings) {
+        if (!this.config.minSeverity) {
+            return findings;
+        }
+        return findings.filter(f => (0, utils_1.isHigherOrEqualSeverity)(f.severity, this.config.minSeverity));
+    }
+    /**
+     * Calculate scan statistics
+     */
+    calculateStats(files, findings, startTime, endTime) {
+        const totalLines = files.reduce((sum, f) => sum + f.lineCount, 0);
+        const filesByLanguage = {};
+        for (const file of files) {
+            const lang = file.language || 'unknown';
+            filesByLanguage[lang] = (filesByLanguage[lang] || 0) + 1;
+        }
+        const findingsBySeverity = this.riskScoring.getSeverityDistribution(findings);
+        const findingsByCategory = this.riskScoring.getCategoryDistribution(findings);
+        return {
+            totalFiles: files.length,
+            totalLines,
+            filesByLanguage,
+            findingsBySeverity,
+            findingsByCategory,
+            duration: endTime - startTime,
+            startTime: new Date(startTime),
+            endTime: new Date(endTime)
+        };
+    }
+    /**
+     * Create empty result when no files found
+     */
+    createEmptyResult(scanId, startTime) {
+        const endTime = Date.now();
+        return {
+            projectPath: this.config.projectPath,
+            projectName: path.basename(this.config.projectPath),
+            scanId,
+            findings: [],
+            stats: {
+                totalFiles: 0,
+                totalLines: 0,
+                filesByLanguage: {},
+                findingsBySeverity: {
+                    [types_1.Severity.CRITICAL]: 0,
+                    [types_1.Severity.HIGH]: 0,
+                    [types_1.Severity.MEDIUM]: 0,
+                    [types_1.Severity.LOW]: 0,
+                    [types_1.Severity.INFO]: 0
+                },
+                findingsByCategory: {
+                    [types_1.FindingCategory.MALWARE]: 0,
+                    [types_1.FindingCategory.VULNERABILITY]: 0,
+                    [types_1.FindingCategory.CODE_SMELL]: 0,
+                    [types_1.FindingCategory.BEST_PRACTICE]: 0
+                },
+                duration: endTime - startTime,
+                startTime: new Date(startTime),
+                endTime: new Date(endTime)
+            },
+            riskScore: 0,
+            riskLevel: 'safe',
+            scannedFiles: [],
+            config: this.config
+        };
+    }
+    /**
+     * Generate report
+     */
+    async generateReport(result) {
+        if (!this.config.outputPath)
+            return;
+        const outputPath = path.resolve(this.config.outputPath);
+        const ext = path.extname(outputPath).toLowerCase();
+        if (ext === '.html' || ext === '') {
+            // Pass the language configuration to the report generator
+            const reportLanguage = this.config.language || 'es';
+            const reportGenerator = new reports_1.HtmlReportGenerator(reportLanguage);
+            const finalPath = ext === '' ? `${outputPath}.html` : outputPath;
+            await reportGenerator.saveReport(result, finalPath);
+        }
+        else if (ext === '.json') {
+            fs.writeFileSync(outputPath, JSON.stringify(result, null, 2), 'utf-8');
+            logger_1.logger.info(`📁 Reporte JSON guardado en: ${outputPath}`);
+        }
+    }
+}
+exports.SecurityScanner = SecurityScanner;
+exports.default = SecurityScanner;
+//# sourceMappingURL=securityScanner.js.map

package/dist/analyzers/core/securityScanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"securityScanner.js","sourceRoot":"","sources":["../../../src/analyzers/core/securityScanner.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,2CAA6B;AAC7B,uCAAyB;AACzB,uCAQqB;AACrB,uCAAwC;AACxC,qCAAsC;AACtC,uCAA8C;AAC9C,uCAA2D;AAC3D,2BAAqG;AACrG,iCAAsC;AACtC,2CAAoD;AACpD,uCAAkE;AAClE,+CAAuF;AAEvF;;;GAGG;AACH,MAAa,eAAe;IAClB,MAAM,CAAa;IACnB,WAAW,CAAc;IACzB,UAAU,CAAa;IACvB,WAAW,CAAoB;IAC/B,UAAU,CAAc;IAEhC,YAAY,MAAkB;QAC5B,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAC3C,IAAI,CAAC,WAAW,GAAG,IAAI,qBAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAChD,IAAI,CAAC,UAAU,GAAG,IAAI,mBAAU,EAAE,CAAC;QACnC,IAAI,CAAC,WAAW,GAAG,IAAI,2BAAiB,EAAE,CAAC;QAE3C,uCAAuC;QACvC,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,IAAI,eAAU,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,MAAkB;QACxC,OAAO;YACL,GAAG,MAAM;YACT,WAAW,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,WAAW,CAAC;YAC7C,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,EAAE;YAC7B,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,gBAAQ,CAAC,IAAI;YAChD,OAAO,EAAE,MAAM,CAAC,OAAO,IAAI,KAAK;YAChC,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,CAAC,GAAG,IAAI,GAAG,IAAI;YAClD,WAAW,EAAE,MAAM,CAAC,WAAW,IAAI,KAAK;SACzC,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,MAAM,GAAG,IAAA,kBAAU,GAAE,CAAC;QAE5B,IAAA,qBAAY,EAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;QAEtC,IAAI,CAAC;YACH,uBAAuB;YACvB,MAAM,IAAA,uBAAmB,GAAE,CAAC;YAE5B,6CAA6C;YAC7C,MAAM,YAAY,GAAG,IAAA,mBAAe,GAAE,CAAC;YACvC,eAAM,CAAC,IAAI,CAAC,aAAa,YAAY,CAAC,MAAM,sBAAsB,CAAC,CAAC;YACpE,KAAK,MAAM,QAAQ,IAAI,YAAY,EAAE,CAAC;gBACpC,eAAM,CAAC,IAAI,CAAC,QAAQ,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,OAAO,KAAK,QAAQ,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YAC/F,CAAC;YAED,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACpB,MAAM,IAAI,CAAC,UAAU,CAAC,UAAU,EAAE,CAAC;YACrC,CAAC;YAED,aAAa;YACb,MAAM,KAAK,GAAG,IAAA,uBAAe,GAAE,CAAC;YAChC,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YAEjC,aAAa;YACb,eAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;YAC5C,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC;YAE5C,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,eAAM,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;gBAC5C,OAAO,IAAI,CAAC,iBAAiB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YACnD,CAAC;YAED,gBAAgB;YAChB,eAAM,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;YACpE,MAAM,WAAW,GAAc,EAAE,CAAC;YAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAEtB,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;oBACxB,eAAM,CAAC,KAAK,CAAC,cAAc,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;gBAClD,CAAC;gBAED,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;oBAClD,WAAW,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;oBAElC,oCAAoC;oBACpC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;wBACnC,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAQ,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,KAAK,gBAAQ,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,KAAK,uBAAe,CAAC,OAAO,EAAE,CAAC;4BACjI,IAAA,mBAAU,EAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,CAAC,SAAS,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;wBACnH,CAAC;oBACH,CAAC;gBACH,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,eAAM,CAAC,KAAK,CAAC,mBAAmB,IAAI,CAAC,YAAY,KAAK,KAAK,EAAE,CAAC,CAAC;gBACjE,CAAC;YACH,CAAC;YAED,uBAAuB;YACvB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,WAAW,CAAC,CAAC;YAExE,6BAA6B;YAC7B,MAAM,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC,cAAc,CAAC,CAAC;YAE/D,mBAAmB;YACnB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,gBAAgB,CAAC,CAAC;YAExE,uBAAuB;YACvB,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAC3B,MAAM,KAAK,GAAG,IAAI,CAAC,cAAc,CAAC,KAAK,EAAE,cAAc,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;YAE7E,uBAAuB;YACvB,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,kBAAkB,CAAC,cAAc,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;YACpF,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,CAAC,YAAY,CAAC,SAAS,CAAC,CAAC;YAE3D,gBAAgB;YAChB,MAAM,MAAM,GAAe;gBACzB,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;gBACpC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;gBACnD,MAAM;gBACN,QAAQ,EAAE,cAAc;gBACxB,KAAK;gBACL,SAAS;gBACT,SAAS;gBACT,YAAY,EAAE,KAAK;gBACnB,MAAM,EAAE,IAAI,CAAC,MAAM;aACpB,CAAC;YAEF,IAAA,wBAAe,EAAC,KAAK,CAAC,UAAU,EAAE,cAAc,CAAC,MAAM,EAAE,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YAEpF,2CAA2C;YAC3C,IAAI,IAAI,CAAC,MAAM,CAAC,UAAU,EAAE,CAAC;gBAC3B,MAAM,IAAI,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;YACpC,CAAC;YAED,UAAU;YACV,MAAM,IAAA,oBAAgB,GAAE,CAAC;YAEzB,OAAO,MAAM,CAAC;QAEhB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,eAAM,CAAC,KAAK,CAAC,gBAAgB,KAAK,EAAE,CAAC,CAAC;YACtC,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,WAAW,CAAC,IAAiB;QACzC,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,+BAA+B;QAC/B,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACnB,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,iCAAiC;QACjC,MAAM,QAAQ,GAAG,IAAA,0BAAsB,EAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvD,IAAI,QAAQ,EAAE,CAAC;YACb,kCAAkC;YAClC,IAAI,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBACxB,eAAM,CAAC,KAAK,CAAC,SAAS,QAAQ,CAAC,IAAI,KAAK,QAAQ,CAAC,OAAO,QAAQ,IAAI,CAAC,YAAY,EAAE,CAAC,CAAC;YACvF,CAAC;YAED,MAAM,KAAK,GAAG,IAAA,uBAAe,GAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACzC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAS,CAAC,CACrC,CAAC;YACF,MAAM,gBAAgB,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAC;QACrC,CAAC;QAED,uCAAuC;QACvC,MAAM,YAAY,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAC7D,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAC;QAE/B,yBAAyB;QACzB,IAAI,IAAI,CAAC,UAAU,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC;YACzC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACrD,QAAQ,CAAC,IAAI,CAAC,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,QAAmB;QAC1C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC7B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACzB,IAAA,+BAAuB,EAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,WAAY,CAAC,CAC9D,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,cAAc,CACpB,KAAoB,EACpB,QAAmB,EACnB,SAAiB,EACjB,OAAe;QAEf,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;QAElE,MAAM,eAAe,GAA2B,EAAE,CAAC;QACnD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,IAAI,GAAG,IAAI,CAAC,QAAQ,IAAI,SAAS,CAAC;YACxC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3D,CAAC;QAED,MAAM,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QAC9E,MAAM,kBAAkB,GAAG,IAAI,CAAC,WAAW,CAAC,uBAAuB,CAAC,QAAQ,CAAC,CAAC;QAE9E,OAAO;YACL,UAAU,EAAE,KAAK,CAAC,MAAM;YACxB,UAAU;YACV,eAAe;YACf,kBAAkB;YAClB,kBAAkB;YAClB,QAAQ,EAAE,OAAO,GAAG,SAAS;YAC7B,SAAS,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC;YAC9B,OAAO,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC;SAC3B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,MAAc,EAAE,SAAiB;QACzD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE3B,OAAO;YACL,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,WAAW;YACpC,WAAW,EAAE,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC;YACnD,MAAM;YACN,QAAQ,EAAE,EAAE;YACZ,KAAK,EAAE;gBACL,UAAU,EAAE,CAAC;gBACb,UAAU,EAAE,CAAC;gBACb,eAAe,EAAE,EAAE;gBACnB,kBAAkB,EAAE;oBAClB,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACtB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;oBACpB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;oBACjB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;iBACnB;gBACD,kBAAkB,EAAE;oBAClB,CAAC,uBAAe,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,CAAC;oBAClC,CAAC,uBAAe,CAAC,UAAU,CAAC,EAAE,CAAC;oBAC/B,CAAC,uBAAe,CAAC,aAAa,CAAC,EAAE,CAAC;iBACnC;gBACD,QAAQ,EAAE,OAAO,GAAG,SAAS;gBAC7B,SAAS,EAAE,IAAI,IAAI,CAAC,SAAS,CAAC;gBAC9B,OAAO,EAAE,IAAI,IAAI,CAAC,OAAO,CAAC;aAC3B;YACD,SAAS,EAAE,CAAC;YACZ,SAAS,EAAE,MAAM;YACjB,YAAY,EAAE,EAAE;YAChB,MAAM,EAAE,IAAI,CAAC,MAAM;SACpB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAAC,MAAkB;QAC7C,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU;YAAE,OAAO;QAEpC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QACxD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;QAEnD,IAAI,GAAG,KAAK,OAAO,IAAI,GAAG,KAAK,EAAE,EAAE,CAAC;YAClC,0DAA0D;YAC1D,MAAM,cAAc,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,IAAI,IAAI,CAAC;YACpD,MAAM,eAAe,GAAG,IAAI,6BAAmB,CAAC,cAAc,CAAC,CAAC;YAChE,MAAM,SAAS,GAAG,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,GAAG,UAAU,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC;YACjE,MAAM,eAAe,CAAC,UAAU,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACtD,CAAC;aAAM,IAAI,GAAG,KAAK,OAAO,EAAE,CAAC;YAC3B,EAAE,CAAC,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;YACvE,eAAM,CAAC,IAAI,CAAC,gCAAgC,UAAU,EAAE,CAAC,CAAC;QAC5D,CAAC;IACH,CAAC;CACF;AAhSD,0CAgSC;AAED,kBAAe,eAAe,CAAC"}

package/dist/analyzers/csharp/csharpAnalyzer.d.ts

@@ -0,0 +1,64 @@
+/**
+ * C# Analyzer
+ * Specialized analyzer for C# code
+ */
+import { BaseAnalyzer } from '../base';
+import { ScannedFile, Finding, Rule, SupportedLanguage } from '../../types';
+/**
+ * C# Analyzer Class
+ */
+export declare class CSharpAnalyzer extends BaseAnalyzer {
+    name: string;
+    languages: SupportedLanguage[];
+    version: string;
+    /**
+     * Analyze C# file
+     */
+    analyze(file: ScannedFile, rules: Rule[]): Promise<Finding[]>;
+    /**
+     * Custom C#-specific analysis
+     */
+    private customAnalysis;
+    /**
+     * Check for SQL injection
+     */
+    private checkSqlInjection;
+    /**
+     * Check for command injection
+     */
+    private checkCommandInjection;
+    /**
+     * Check for insecure deserialization
+     */
+    private checkDeserialization;
+    /**
+     * Check for XXE
+     */
+    private checkXxe;
+    /**
+     * Check for LDAP injection
+     */
+    private checkLdapInjection;
+    /**
+     * Check for path traversal
+     */
+    private checkPathTraversal;
+    /**
+     * Check for weak crypto
+     */
+    private checkWeakCrypto;
+    /**
+     * Check for hardcoded credentials
+     */
+    private checkHardcodedCredentials;
+    /**
+     * Check for unsafe reflection
+     */
+    private checkUnsafeReflection;
+    /**
+     * Create generic finding
+     */
+    private createFinding;
+}
+export default CSharpAnalyzer;
+//# sourceMappingURL=csharpAnalyzer.d.ts.map

package/dist/analyzers/csharp/csharpAnalyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"csharpAnalyzer.d.ts","sourceRoot":"","sources":["../../../src/analyzers/csharp/csharpAnalyzer.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,EAAE,WAAW,EAAE,OAAO,EAAE,IAAI,EAAE,iBAAiB,EAAyC,MAAM,aAAa,CAAC;AAInH;;GAEG;AACH,qBAAa,cAAe,SAAQ,YAAY;IAC9C,IAAI,SAAiB;IACrB,SAAS,EAAE,iBAAiB,EAAE,CAAc;IAC5C,OAAO,SAAW;IAElB;;OAEG;IACG,OAAO,CAAC,IAAI,EAAE,WAAW,EAAE,KAAK,EAAE,IAAI,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;IAiBnE;;OAEG;YACW,cAAc;IAwH5B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAczB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAS7B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAa5B;;OAEG;IACH,OAAO,CAAC,QAAQ;IAehB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAS1B;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAU1B;;OAEG;IACH,OAAO,CAAC,eAAe;IAWvB;;OAEG;IACH,OAAO,CAAC,yBAAyB;IASjC;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAS7B;;OAEG;IACH,OAAO,CAAC,aAAa;CAmCtB;AAED,eAAe,cAAc,CAAC"}