secure-scan 1.2.2

package/dist/utils/index.js

@@ -0,0 +1,326 @@
+"use strict";
+/**
+ * Utility Functions for Secure-Scan
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.generateId = generateId;
+exports.calculateHash = calculateHash;
+exports.getLanguageFromExtension = getLanguageFromExtension;
+exports.shouldExclude = shouldExclude;
+exports.getHighlightLanguage = getHighlightLanguage;
+exports.extractCodeContext = extractCodeContext;
+exports.countLines = countLines;
+exports.severityToNumber = severityToNumber;
+exports.isHigherOrEqualSeverity = isHigherOrEqualSeverity;
+exports.getSeverityColor = getSeverityColor;
+exports.getSeverityBadge = getSeverityBadge;
+exports.formatDuration = formatDuration;
+exports.escapeHtml = escapeHtml;
+exports.truncate = truncate;
+exports.isBase64Like = isBase64Like;
+exports.isHexEncoded = isHexEncoded;
+exports.calculateEntropy = calculateEntropy;
+exports.looksObfuscated = looksObfuscated;
+const crypto = __importStar(require("crypto"));
+const path = __importStar(require("path"));
+const types_1 = require("../types");
+/**
+ * Generate a unique ID
+ */
+function generateId() {
+    return `SS-${Date.now().toString(36)}-${crypto.randomBytes(4).toString('hex')}`;
+}
+/**
+ * Calculate SHA256 hash of content
+ */
+function calculateHash(content) {
+    return crypto.createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Get language from file extension
+ */
+function getLanguageFromExtension(filePath) {
+    const ext = path.extname(filePath).toLowerCase();
+    const extensionMap = {
+        '.js': 'javascript',
+        '.jsx': 'javascript',
+        '.mjs': 'javascript',
+        '.cjs': 'javascript',
+        '.ts': 'typescript',
+        '.tsx': 'typescript',
+        '.py': 'python',
+        '.pyw': 'python',
+        '.php': 'php',
+        '.phtml': 'php',
+        '.php3': 'php',
+        '.php4': 'php',
+        '.php5': 'php',
+        '.java': 'java',
+        '.c': 'c',
+        '.h': 'c',
+        '.cpp': 'cpp',
+        '.cc': 'cpp',
+        '.cxx': 'cpp',
+        '.hpp': 'cpp',
+        '.hxx': 'cpp',
+        '.cs': 'csharp',
+        '.dockerfile': 'dockerfile',
+        '.yaml': 'yaml',
+        '.yml': 'yaml',
+        '.tf': 'terraform',
+        '.tfvars': 'terraform'
+    };
+    // Check for Dockerfile without extension
+    if (path.basename(filePath).toLowerCase() === 'dockerfile') {
+        return 'dockerfile';
+    }
+    return extensionMap[ext] || null;
+}
+/**
+ * Check if file should be excluded
+ */
+function shouldExclude(filePath, excludePatterns) {
+    const normalizedPath = filePath.replace(/\\/g, '/');
+    const defaultExcludes = [
+        'node_modules',
+        'vendor',
+        '.git',
+        'dist',
+        'build',
+        'out',
+        '__pycache__',
+        '.venv',
+        'venv',
+        '.env',
+        'coverage',
+        '.nyc_output',
+        '.next',
+        '.nuxt'
+    ];
+    const allExcludes = [...defaultExcludes, ...excludePatterns];
+    return allExcludes.some(pattern => {
+        // Simple pattern matching
+        if (normalizedPath.includes(`/${pattern}/`) ||
+            normalizedPath.includes(`/${pattern}`) ||
+            normalizedPath.startsWith(`${pattern}/`)) {
+            return true;
+        }
+        return false;
+    });
+}
+/**
+ * Get file extension for syntax highlighting
+ */
+function getHighlightLanguage(language) {
+    const highlightMap = {
+        'javascript': 'javascript',
+        'typescript': 'typescript',
+        'python': 'python',
+        'php': 'php',
+        'java': 'java',
+        'c': 'c',
+        'cpp': 'cpp',
+        'csharp': 'csharp',
+        'dockerfile': 'dockerfile',
+        'yaml': 'yaml',
+        'terraform': 'hcl'
+    };
+    return language ? highlightMap[language] : 'plaintext';
+}
+/**
+ * Extract code context around a line
+ */
+function extractCodeContext(content, lineNumber, contextLines = 3) {
+    const lines = content.split('\n');
+    const targetLine = lineNumber - 1; // Convert to 0-indexed
+    const startBefore = Math.max(0, targetLine - contextLines);
+    const endAfter = Math.min(lines.length, targetLine + contextLines + 1);
+    const contextBefore = lines.slice(startBefore, targetLine).join('\n');
+    const code = lines[targetLine] || '';
+    const contextAfter = lines.slice(targetLine + 1, endAfter).join('\n');
+    return { code, contextBefore, contextAfter };
+}
+/**
+ * Count lines in content
+ */
+function countLines(content) {
+    return content.split('\n').length;
+}
+/**
+ * Severity to numeric value for comparison
+ */
+function severityToNumber(severity) {
+    const map = {
+        [types_1.Severity.INFO]: 0,
+        [types_1.Severity.LOW]: 1,
+        [types_1.Severity.MEDIUM]: 2,
+        [types_1.Severity.HIGH]: 3,
+        [types_1.Severity.CRITICAL]: 4
+    };
+    return map[severity];
+}
+/**
+ * Compare severities
+ */
+function isHigherOrEqualSeverity(a, b) {
+    return severityToNumber(a) >= severityToNumber(b);
+}
+/**
+ * Get severity color for reporting
+ */
+function getSeverityColor(severity) {
+    const colors = {
+        [types_1.Severity.INFO]: '#17a2b8',
+        [types_1.Severity.LOW]: '#28a745',
+        [types_1.Severity.MEDIUM]: '#ffc107',
+        [types_1.Severity.HIGH]: '#fd7e14',
+        [types_1.Severity.CRITICAL]: '#dc3545'
+    };
+    return colors[severity];
+}
+/**
+ * Get severity badge class
+ */
+function getSeverityBadge(severity) {
+    const badges = {
+        [types_1.Severity.INFO]: 'badge-info',
+        [types_1.Severity.LOW]: 'badge-success',
+        [types_1.Severity.MEDIUM]: 'badge-warning',
+        [types_1.Severity.HIGH]: 'badge-orange',
+        [types_1.Severity.CRITICAL]: 'badge-danger'
+    };
+    return badges[severity];
+}
+/**
+ * Format duration for display
+ */
+function formatDuration(ms) {
+    if (ms < 1000) {
+        return `${ms}ms`;
+    }
+    if (ms < 60000) {
+        return `${(ms / 1000).toFixed(2)}s`;
+    }
+    const minutes = Math.floor(ms / 60000);
+    const seconds = ((ms % 60000) / 1000).toFixed(0);
+    return `${minutes}m ${seconds}s`;
+}
+/**
+ * Escape HTML for safe display
+ */
+function escapeHtml(text) {
+    const escapeMap = {
+        '&': '&amp;',
+        '<': '&lt;',
+        '>': '&gt;',
+        '"': '&quot;',
+        "'": '&#039;'
+    };
+    return text.replace(/[&<>"']/g, char => escapeMap[char]);
+}
+/**
+ * Truncate text with ellipsis
+ */
+function truncate(text, maxLength) {
+    if (text.length <= maxLength)
+        return text;
+    return text.substring(0, maxLength - 3) + '...';
+}
+/**
+ * Check if string looks like Base64
+ */
+function isBase64Like(str) {
+    // Check if string looks like base64 encoded content
+    if (str.length < 20)
+        return false;
+    const base64Regex = /^[A-Za-z0-9+/=]{20,}$/;
+    return base64Regex.test(str.replace(/\s/g, ''));
+}
+/**
+ * Check if string looks like hex encoded
+ */
+function isHexEncoded(str) {
+    if (str.length < 20 || str.length % 2 !== 0)
+        return false;
+    const hexRegex = /^[0-9a-fA-F]+$/;
+    return hexRegex.test(str);
+}
+/**
+ * Calculate Shannon entropy of a string
+ * High entropy suggests encrypted/compressed/obfuscated content
+ */
+function calculateEntropy(str) {
+    if (str.length === 0)
+        return 0;
+    const frequencies = {};
+    for (const char of str) {
+        frequencies[char] = (frequencies[char] || 0) + 1;
+    }
+    let entropy = 0;
+    const len = str.length;
+    for (const count of Object.values(frequencies)) {
+        const probability = count / len;
+        entropy -= probability * Math.log2(probability);
+    }
+    return entropy;
+}
+/**
+ * Check if code appears obfuscated based on entropy and patterns
+ */
+function looksObfuscated(code) {
+    // Check entropy - obfuscated code tends to have higher entropy
+    const entropy = calculateEntropy(code);
+    if (entropy > 5.5)
+        return true;
+    // Check for common obfuscation patterns
+    const obfuscationPatterns = [
+        /\\x[0-9a-f]{2}/gi, // Hex escape sequences
+        /\\u[0-9a-f]{4}/gi, // Unicode escape sequences
+        /['"][^'"]{100,}['"]/g, // Very long strings
+        /\b[a-z]{1}[0-9]{4,}\b/gi, // Variables like a12345
+        /\(\s*function\s*\(\s*\)\s*{[\s\S]*}\s*\)\s*\(\s*\)/g, // IIFE obfuscation
+        /eval\s*\(\s*atob\s*\(/gi, // eval(atob(...))
+        /String\.fromCharCode/gi, // Character code generation
+    ];
+    let patternMatches = 0;
+    for (const pattern of obfuscationPatterns) {
+        if (pattern.test(code)) {
+            patternMatches++;
+        }
+    }
+    return patternMatches >= 2;
+}
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AASH,gCAEC;AAKD,sCAEC;AAKD,4DAuCC;AAKD,sCA+BC;AAKD,oDAgBC;AAKD,gDAgBC;AAKD,gCAEC;AAKD,4CASC;AAKD,0DAEC;AAKD,4CASC;AAKD,4CASC;AAKD,wCAUC;AAKD,gCASC;AAKD,4BAGC;AAKD,oCAKC;AAKD,oCAIC;AAMD,4CAgBC;AAKD,0CAwBC;AA7SD,+CAAiC;AACjC,2CAA6B;AAC7B,oCAAuD;AAEvD;;GAEG;AACH,SAAgB,UAAU;IACxB,OAAO,MAAM,IAAI,CAAC,GAAG,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;AAClF,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,OAAe;IAC3C,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,SAAgB,wBAAwB,CAAC,QAAgB;IACvD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAEjD,MAAM,YAAY,GAAsC;QACtD,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,QAAQ;QACf,MAAM,EAAE,QAAQ;QAChB,MAAM,EAAE,KAAK;QACb,QAAQ,EAAE,KAAK;QACf,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,MAAM;QACf,IAAI,EAAE,GAAG;QACT,IAAI,EAAE,GAAG;QACT,MAAM,EAAE,KAAK;QACb,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,KAAK;QACb,MAAM,EAAE,KAAK;QACb,MAAM,EAAE,KAAK;QACb,KAAK,EAAE,QAAQ;QACf,aAAa,EAAE,YAAY;QAC3B,OAAO,EAAE,MAAM;QACf,MAAM,EAAE,MAAM;QACd,KAAK,EAAE,WAAW;QAClB,SAAS,EAAE,WAAW;KACvB,CAAC;IAEF,yCAAyC;IACzC,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,KAAK,YAAY,EAAE,CAAC;QAC3D,OAAO,YAAY,CAAC;IACtB,CAAC;IAED,OAAO,YAAY,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,QAAgB,EAAE,eAAyB;IACvE,MAAM,cAAc,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAEpD,MAAM,eAAe,GAAG;QACtB,cAAc;QACd,QAAQ;QACR,MAAM;QACN,MAAM;QACN,OAAO;QACP,KAAK;QACL,aAAa;QACb,OAAO;QACP,MAAM;QACN,MAAM;QACN,UAAU;QACV,aAAa;QACb,OAAO;QACP,OAAO;KACR,CAAC;IAEF,MAAM,WAAW,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,eAAe,CAAC,CAAC;IAE7D,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAChC,0BAA0B;QAC1B,IAAI,cAAc,CAAC,QAAQ,CAAC,IAAI,OAAO,GAAG,CAAC;YACvC,cAAc,CAAC,QAAQ,CAAC,IAAI,OAAO,EAAE,CAAC;YACtC,cAAc,CAAC,UAAU,CAAC,GAAG,OAAO,GAAG,CAAC,EAAE,CAAC;YAC7C,OAAO,IAAI,CAAC;QACd,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,QAAkC;IACrE,MAAM,YAAY,GAAsC;QACtD,YAAY,EAAE,YAAY;QAC1B,YAAY,EAAE,YAAY;QAC1B,QAAQ,EAAE,QAAQ;QAClB,KAAK,EAAE,KAAK;QACZ,MAAM,EAAE,MAAM;QACd,GAAG,EAAE,GAAG;QACR,KAAK,EAAE,KAAK;QACZ,QAAQ,EAAE,QAAQ;QAClB,YAAY,EAAE,YAAY;QAC1B,MAAM,EAAE,MAAM;QACd,WAAW,EAAE,KAAK;KACnB,CAAC;IAEF,OAAO,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAChC,OAAe,EACf,UAAkB,EAClB,eAAuB,CAAC;IAExB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,UAAU,GAAG,UAAU,GAAG,CAAC,CAAC,CAAC,uBAAuB;IAE1D,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,YAAY,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC;IAEvE,MAAM,aAAa,GAAG,KAAK,CAAC,KAAK,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtE,MAAM,IAAI,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;IACrC,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,EAAE,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEtE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,YAAY,EAAE,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,OAAe;IACxC,OAAO,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AACpC,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,MAAM,GAAG,GAA6B;QACpC,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAClB,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QACjB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACpB,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAClB,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;KACvB,CAAC;IACF,OAAO,GAAG,CAAC,QAAQ,CAAC,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,SAAgB,uBAAuB,CAAC,CAAW,EAAE,CAAW;IAC9D,OAAO,gBAAgB,CAAC,CAAC,CAAC,IAAI,gBAAgB,CAAC,CAAC,CAAC,CAAC;AACpD,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,MAAM,MAAM,GAA6B;QACvC,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,SAAS;QAC1B,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,SAAS;QACzB,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,SAAS;QAC5B,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,SAAS;QAC1B,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,SAAS;KAC/B,CAAC;IACF,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB,CAAC,QAAkB;IACjD,MAAM,MAAM,GAA6B;QACvC,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,YAAY;QAC7B,CAAC,gBAAQ,CAAC,GAAG,CAAC,EAAE,eAAe;QAC/B,CAAC,gBAAQ,CAAC,MAAM,CAAC,EAAE,eAAe;QAClC,CAAC,gBAAQ,CAAC,IAAI,CAAC,EAAE,cAAc;QAC/B,CAAC,gBAAQ,CAAC,QAAQ,CAAC,EAAE,cAAc;KACpC,CAAC;IACF,OAAO,MAAM,CAAC,QAAQ,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,EAAU;IACvC,IAAI,EAAE,GAAG,IAAI,EAAE,CAAC;QACd,OAAO,GAAG,EAAE,IAAI,CAAC;IACnB,CAAC;IACD,IAAI,EAAE,GAAG,KAAK,EAAE,CAAC;QACf,OAAO,GAAG,CAAC,EAAE,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC;IACtC,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC;IACvC,MAAM,OAAO,GAAG,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;IACjD,OAAO,GAAG,OAAO,KAAK,OAAO,GAAG,CAAC;AACnC,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,IAAY;IACrC,MAAM,SAAS,GAA2B;QACxC,GAAG,EAAE,OAAO;QACZ,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,MAAM;QACX,GAAG,EAAE,QAAQ;QACb,GAAG,EAAE,QAAQ;KACd,CAAC;IACF,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,SAAgB,QAAQ,CAAC,IAAY,EAAE,SAAiB;IACtD,IAAI,IAAI,CAAC,MAAM,IAAI,SAAS;QAAE,OAAO,IAAI,CAAC;IAC1C,OAAO,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAAC,GAAW;IACtC,oDAAoD;IACpD,IAAI,GAAG,CAAC,MAAM,GAAG,EAAE;QAAE,OAAO,KAAK,CAAC;IAClC,MAAM,WAAW,GAAG,uBAAuB,CAAC;IAC5C,OAAO,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC;AAClD,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAAC,GAAW;IACtC,IAAI,GAAG,CAAC,MAAM,GAAG,EAAE,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC1D,MAAM,QAAQ,GAAG,gBAAgB,CAAC;IAClC,OAAO,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC5B,CAAC;AAED;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,GAAW;IAC1C,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAE/B,MAAM,WAAW,GAA2B,EAAE,CAAC;IAC/C,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC;QAC/C,MAAM,WAAW,GAAG,KAAK,GAAG,GAAG,CAAC;QAChC,OAAO,IAAI,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAClD,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,IAAY;IAC1C,+DAA+D;IAC/D,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IACvC,IAAI,OAAO,GAAG,GAAG;QAAE,OAAO,IAAI,CAAC;IAE/B,wCAAwC;IACxC,MAAM,mBAAmB,GAAG;QAC1B,kBAAkB,EAAE,uBAAuB;QAC3C,kBAAkB,EAAE,2BAA2B;QAC/C,sBAAsB,EAAE,oBAAoB;QAC5C,yBAAyB,EAAE,wBAAwB;QACnD,qDAAqD,EAAE,mBAAmB;QAC1E,yBAAyB,EAAE,kBAAkB;QAC7C,wBAAwB,EAAE,4BAA4B;KACvD,CAAC;IAEF,IAAI,cAAc,GAAG,CAAC,CAAC;IACvB,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;QAC1C,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,cAAc,EAAE,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO,cAAc,IAAI,CAAC,CAAC;AAC7B,CAAC"}

package/dist/utils/logger.d.ts

@@ -0,0 +1,40 @@
+/**
+ * Utilidad de Logging
+ * Registro basado en Winston para entornos de producción
+ */
+import winston from 'winston';
+/**
+ * Create logger instance
+ */
+export declare const logger: winston.Logger;
+/**
+ * Add file transport for production
+ */
+export declare function enableFileLogging(logDir: string): void;
+/**
+ * Set log level
+ */
+export declare function setLogLevel(level: string): void;
+/**
+ * Registrar inicio de escaneo
+ */
+export declare function logScanStart(projectPath: string): void;
+/**
+ * Log scan progress
+ */
+export declare function logProgress(current: number, total: number, fileName: string): void;
+/**
+ * Log finding
+ * @param severity - The severity level of the finding
+ * @param title - Title/description of the finding
+ * @param file - File path where the finding was detected
+ * @param line - Line number of the finding
+ * @param category - Category of the finding (optional)
+ */
+export declare function logFinding(severity: string, title: string, file: string, line: number, category?: string): void;
+/**
+ * Log scan complete
+ */
+export declare function logScanComplete(totalFiles: number, totalFindings: number, duration: number, riskScore: number): void;
+export default logger;
+//# sourceMappingURL=logger.d.ts.map

package/dist/utils/logger.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.d.ts","sourceRoot":"","sources":["../../src/utils/logger.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,OAAO,MAAM,SAAS,CAAC;AA4B9B;;GAEG;AACH,eAAO,MAAM,MAAM,gBAcjB,CAAC;AAEH;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAWtD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,MAAM,GAAG,IAAI,CAE/C;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAMtD;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAIlF;AAED;;;;;;;GAOG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,CAAC,EAAE,MAAM,GAAG,IAAI,CAe/G;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,UAAU,EAAE,MAAM,EAClB,aAAa,EAAE,MAAM,EACrB,QAAQ,EAAE,MAAM,EAChB,SAAS,EAAE,MAAM,GAChB,IAAI,CAQN;AAaD,eAAe,MAAM,CAAC"}

package/dist/utils/logger.js

@@ -0,0 +1,139 @@
+"use strict";
+/**
+ * Utilidad de Logging
+ * Registro basado en Winston para entornos de producción
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.logger = void 0;
+exports.enableFileLogging = enableFileLogging;
+exports.setLogLevel = setLogLevel;
+exports.logScanStart = logScanStart;
+exports.logProgress = logProgress;
+exports.logFinding = logFinding;
+exports.logScanComplete = logScanComplete;
+const winston_1 = __importDefault(require("winston"));
+const chalk_1 = __importDefault(require("chalk"));
+const { combine, timestamp, printf, colorize } = winston_1.default.format;
+/**
+ * Custom log format for console output
+ */
+const consoleFormat = printf(({ level, message, timestamp }) => {
+    const icons = {
+        error: '❌',
+        warn: '⚠️',
+        info: 'ℹ️',
+        debug: '🔍',
+        verbose: '📝'
+    };
+    const icon = icons[level] || '';
+    return `${chalk_1.default.gray(timestamp)} ${icon} ${message}`;
+});
+/**
+ * Custom log format for file output
+ */
+const fileFormat = printf(({ level, message, timestamp }) => {
+    return `${timestamp} [${level.toUpperCase()}] ${message}`;
+});
+/**
+ * Create logger instance
+ */
+exports.logger = winston_1.default.createLogger({
+    level: process.env.LOG_LEVEL || 'info',
+    format: combine(timestamp({ format: 'YYYY-MM-DD HH:mm:ss' })),
+    transports: [
+        // Console transport with colors
+        new winston_1.default.transports.Console({
+            format: combine(colorize(), consoleFormat)
+        })
+    ]
+});
+/**
+ * Add file transport for production
+ */
+function enableFileLogging(logDir) {
+    exports.logger.add(new winston_1.default.transports.File({
+        filename: `${logDir}/error.log`,
+        level: 'error',
+        format: fileFormat
+    }));
+    exports.logger.add(new winston_1.default.transports.File({
+        filename: `${logDir}/combined.log`,
+        format: fileFormat
+    }));
+}
+/**
+ * Set log level
+ */
+function setLogLevel(level) {
+    exports.logger.level = level;
+}
+/**
+ * Registrar inicio de escaneo
+ */
+function logScanStart(projectPath) {
+    exports.logger.info(chalk_1.default.cyan('═'.repeat(60)));
+    exports.logger.info(chalk_1.default.cyan.bold('🔐 Secure-Scan - Herramienta SAST'));
+    exports.logger.info(chalk_1.default.cyan('═'.repeat(60)));
+    exports.logger.info(`📁 Scanning project: ${chalk_1.default.yellow(projectPath)}`);
+    exports.logger.info(chalk_1.default.gray('─'.repeat(60)));
+}
+/**
+ * Log scan progress
+ */
+function logProgress(current, total, fileName) {
+    const percent = Math.round((current / total) * 100);
+    const bar = '█'.repeat(Math.floor(percent / 5)) + '░'.repeat(20 - Math.floor(percent / 5));
+    exports.logger.info(`[${bar}] ${percent}% - ${fileName}`);
+}
+/**
+ * Log finding
+ * @param severity - The severity level of the finding
+ * @param title - Title/description of the finding
+ * @param file - File path where the finding was detected
+ * @param line - Line number of the finding
+ * @param category - Category of the finding (optional)
+ */
+function logFinding(severity, title, file, line, category) {
+    const severityColors = {
+        critical: chalk_1.default.bgRed.white,
+        high: chalk_1.default.red,
+        medium: chalk_1.default.yellow,
+        low: chalk_1.default.green,
+        info: chalk_1.default.blue
+    };
+    const colorFn = severityColors[severity] || chalk_1.default.white;
+    // Add MALWARE label if category is malware
+    const malwareLabel = category === 'malware' ? chalk_1.default.bgMagenta.white.bold(' 🦠 MALWARE ') + ' ' : '';
+    exports.logger.info(`${malwareLabel}${colorFn(`[${severity.toUpperCase()}]`)} ${title} at ${chalk_1.default.cyan(file)}:${chalk_1.default.yellow(line)}`);
+}
+/**
+ * Log scan complete
+ */
+function logScanComplete(totalFiles, totalFindings, duration, riskScore) {
+    exports.logger.info(chalk_1.default.gray('─'.repeat(60)));
+    exports.logger.info(chalk_1.default.cyan.bold('📊 Scan Complete'));
+    exports.logger.info(`   📁 Files scanned: ${chalk_1.default.yellow(totalFiles)}`);
+    exports.logger.info(`   🔍 Findings: ${chalk_1.default.yellow(totalFindings)}`);
+    exports.logger.info(`   ⏱️  Duration: ${chalk_1.default.yellow(`${(duration / 1000).toFixed(2)}s`)}`);
+    exports.logger.info(`   📈 Risk Score: ${getRiskScoreDisplay(riskScore)}`);
+    exports.logger.info(chalk_1.default.cyan('═'.repeat(60)));
+}
+/**
+ * Get colored risk score display
+ */
+function getRiskScoreDisplay(score) {
+    if (score >= 80)
+        return chalk_1.default.bgRed.white(` ${score}/100 CRITICAL `);
+    if (score >= 60)
+        return chalk_1.default.red(`${score}/100 HIGH`);
+    if (score >= 40)
+        return chalk_1.default.yellow(`${score}/100 MEDIUM`);
+    if (score >= 20)
+        return chalk_1.default.green(`${score}/100 LOW`);
+    return chalk_1.default.blue(`${score}/100 SAFE`);
+}
+exports.default = exports.logger;
+//# sourceMappingURL=logger.js.map

package/dist/utils/logger.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"logger.js","sourceRoot":"","sources":["../../src/utils/logger.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;AAoDH,8CAWC;AAKD,kCAEC;AAKD,oCAMC;AAKD,kCAIC;AAUD,gCAeC;AAKD,0CAaC;AAnID,sDAA8B;AAC9B,kDAA0B;AAE1B,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,iBAAO,CAAC,MAAM,CAAC;AAEhE;;GAEG;AACH,MAAM,aAAa,GAAG,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE;IAC7D,MAAM,KAAK,GAA2B;QACpC,KAAK,EAAE,GAAG;QACV,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,IAAI;QACV,KAAK,EAAE,IAAI;QACX,OAAO,EAAE,IAAI;KACd,CAAC;IAEF,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAChC,OAAO,GAAG,eAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,IAAI,IAAI,OAAO,EAAE,CAAC;AACvD,CAAC,CAAC,CAAC;AAEH;;GAEG;AACH,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE;IAC1D,OAAO,GAAG,SAAS,KAAK,KAAK,CAAC,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;AAC5D,CAAC,CAAC,CAAC;AAEH;;GAEG;AACU,QAAA,MAAM,GAAG,iBAAO,CAAC,YAAY,CAAC;IACzC,KAAK,EAAE,OAAO,CAAC,GAAG,CAAC,SAAS,IAAI,MAAM;IACtC,MAAM,EAAE,OAAO,CACb,SAAS,CAAC,EAAE,MAAM,EAAE,qBAAqB,EAAE,CAAC,CAC7C;IACD,UAAU,EAAE;QACV,gCAAgC;QAChC,IAAI,iBAAO,CAAC,UAAU,CAAC,OAAO,CAAC;YAC7B,MAAM,EAAE,OAAO,CACb,QAAQ,EAAE,EACV,aAAa,CACd;SACF,CAAC;KACH;CACF,CAAC,CAAC;AAEH;;GAEG;AACH,SAAgB,iBAAiB,CAAC,MAAc;IAC9C,cAAM,CAAC,GAAG,CAAC,IAAI,iBAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACrC,QAAQ,EAAE,GAAG,MAAM,YAAY;QAC/B,KAAK,EAAE,OAAO;QACd,MAAM,EAAE,UAAU;KACnB,CAAC,CAAC,CAAC;IAEJ,cAAM,CAAC,GAAG,CAAC,IAAI,iBAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACrC,QAAQ,EAAE,GAAG,MAAM,eAAe;QAClC,MAAM,EAAE,UAAU;KACnB,CAAC,CAAC,CAAC;AACN,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,KAAa;IACvC,cAAM,CAAC,KAAK,GAAG,KAAK,CAAC;AACvB,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAAC,WAAmB;IAC9C,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC,CAAC;IAClE,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,cAAM,CAAC,IAAI,CAAC,wBAAwB,eAAK,CAAC,MAAM,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;IACjE,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,SAAgB,WAAW,CAAC,OAAe,EAAE,KAAa,EAAE,QAAgB;IAC1E,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,OAAO,GAAG,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC;IACpD,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,EAAE,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC,CAAC;IAC3F,cAAM,CAAC,IAAI,CAAC,IAAI,GAAG,KAAK,OAAO,OAAO,QAAQ,EAAE,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;;GAOG;AACH,SAAgB,UAAU,CAAC,QAAgB,EAAE,KAAa,EAAE,IAAY,EAAE,IAAY,EAAE,QAAiB;IACvG,MAAM,cAAc,GAA4C;QAC9D,QAAQ,EAAE,eAAK,CAAC,KAAK,CAAC,KAAK;QAC3B,IAAI,EAAE,eAAK,CAAC,GAAG;QACf,MAAM,EAAE,eAAK,CAAC,MAAM;QACpB,GAAG,EAAE,eAAK,CAAC,KAAK;QAChB,IAAI,EAAE,eAAK,CAAC,IAAI;KACjB,CAAC;IAEF,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CAAC,IAAI,eAAK,CAAC,KAAK,CAAC;IAExD,2CAA2C;IAC3C,MAAM,YAAY,GAAG,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,eAAK,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAEpG,cAAM,CAAC,IAAI,CAAC,GAAG,YAAY,GAAG,OAAO,CAAC,IAAI,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,IAAI,KAAK,OAAO,eAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,eAAK,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AAChI,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,UAAkB,EAClB,aAAqB,EACrB,QAAgB,EAChB,SAAiB;IAEjB,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC,CAAC;IACjD,cAAM,CAAC,IAAI,CAAC,wBAAwB,eAAK,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC;IAChE,cAAM,CAAC,IAAI,CAAC,mBAAmB,eAAK,CAAC,MAAM,CAAC,aAAa,CAAC,EAAE,CAAC,CAAC;IAC9D,cAAM,CAAC,IAAI,CAAC,oBAAoB,eAAK,CAAC,MAAM,CAAC,GAAG,CAAC,QAAQ,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IACpF,cAAM,CAAC,IAAI,CAAC,qBAAqB,mBAAmB,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;IACnE,cAAM,CAAC,IAAI,CAAC,eAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,KAAa;IACxC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,eAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,KAAK,gBAAgB,CAAC,CAAC;IACrE,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,eAAK,CAAC,GAAG,CAAC,GAAG,KAAK,WAAW,CAAC,CAAC;IACvD,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,eAAK,CAAC,MAAM,CAAC,GAAG,KAAK,aAAa,CAAC,CAAC;IAC5D,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,eAAK,CAAC,KAAK,CAAC,GAAG,KAAK,UAAU,CAAC,CAAC;IACxD,OAAO,eAAK,CAAC,IAAI,CAAC,GAAG,KAAK,WAAW,CAAC,CAAC;AACzC,CAAC;AAED,kBAAe,cAAM,CAAC"}