tangkal 1.1.0 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/dist/src/cli.d.ts.map +1 -1
  2. package/dist/src/cli.js +63 -52
  3. package/dist/src/cli.js.map +1 -1
  4. package/package.json +3 -3
package/dist/src/cli.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":"AA4HA,wBAAsB,GAAG,kBAExB"}
1
+ {"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":"AA4JA,wBAAsB,GAAG,kBAExB"}
package/dist/src/cli.js CHANGED
@@ -1,18 +1,18 @@
1
- import { Command } from 'commander';
2
- import chalk from 'chalk';
3
- import fs from 'fs/promises';
4
- import path from 'path';
5
- import inquirer from 'inquirer';
6
- import { scanDirectory } from './scanner.js';
1
+ import chalk from "chalk";
2
+ import { Command } from "commander";
3
+ import fs from "fs/promises";
4
+ import inquirer from "inquirer";
5
+ import path from "path";
6
+ import { scanDirectory } from "./scanner.js";
7
7
  const program = new Command();
8
8
  program
9
- .name('tangkal')
10
- .description('Preventive security scanner for cloned repositories')
11
- .version('1.1.0')
12
- .argument('[directory]', 'directory to scan', '.')
13
- .option('--json', 'output results as JSON')
14
- .option('--no-audit', 'skip npm audit check')
15
- .option('--nuke', 'interactive mode to delete suspicious files')
9
+ .name("tangkal")
10
+ .description("Preventive security scanner for cloned repositories")
11
+ .version("1.2.0")
12
+ .argument("[directory]", "directory to scan", ".")
13
+ .option("--json", "output results as JSON")
14
+ .option("--no-audit", "skip npm audit check")
15
+ .option("--nuke", "interactive mode to delete suspicious files")
16
16
  .action(async (directory, options) => {
17
17
  try {
18
18
  const results = await scanDirectory(directory, options);
@@ -21,86 +21,97 @@ program
21
21
  return;
22
22
  }
23
23
  if (results.length === 0) {
24
- console.log(chalk.green.bold('\nOK: No suspicious patterns found.'));
24
+ console.log(chalk.green.bold("\nOK: No suspicious patterns found."));
25
25
  return;
26
26
  }
27
27
  // Separate vulnerabilities from other results for special formatting
28
- const vulnerabilities = results.filter(f => f.type === 'Vulnerability');
29
- const otherResults = results.filter(f => f.type !== 'Vulnerability');
28
+ const vulnerabilities = results.filter((f) => f.type === "Vulnerability");
29
+ const otherResults = results.filter((f) => f.type !== "Vulnerability");
30
30
  if (otherResults.length > 0) {
31
- console.log(chalk.red.bold('\n===================================='));
32
- console.log(chalk.red.bold('ALERT: Malicious Code Detected'));
33
- console.log(chalk.red.bold('===================================='));
34
- otherResults.forEach(f => {
35
- console.log(chalk.red('--------------------------------------------------'));
36
- console.log(`${chalk.red.bold('TYPE:')} ${chalk.white.bold(f.name || f.type)} ${chalk.gray(`(Severity: ${f.severity.toUpperCase()})`)}`);
37
- console.log(`${chalk.cyan('FILE:')} ${chalk.white(f.file)}:${chalk.yellow(f.line || 0)}`);
38
- console.log(`${chalk.cyan('DESC:')} ${chalk.yellow(f.description)}`);
31
+ console.log(chalk.red.bold("\n===================================="));
32
+ console.log(chalk.red.bold("ALERT: Malicious Code Detected"));
33
+ console.log(chalk.red.bold("===================================="));
34
+ otherResults.forEach((f) => {
35
+ console.log(chalk.red("--------------------------------------------------"));
36
+ console.log(`${chalk.red.bold("TYPE:")} ${chalk.white.bold(f.name || f.type)} ${chalk.gray(`(Severity: ${f.severity.toUpperCase()})`)}`);
37
+ console.log(`${chalk.cyan("FILE:")} ${chalk.white(f.file)}:${chalk.yellow(f.line || 0)}`);
38
+ console.log(`${chalk.cyan("DESC:")} ${chalk.yellow(f.description)}`);
39
39
  if (f.content) {
40
- console.log(chalk.cyan('CODE:'));
40
+ console.log(chalk.cyan("CODE:"));
41
41
  console.log(chalk.bgBlack.white(` ${f.content.trim()} `));
42
42
  }
43
- console.log('');
43
+ console.log("");
44
44
  });
45
45
  }
46
46
  if (vulnerabilities.length > 0) {
47
- console.log(chalk.red.bold('\n===================================='));
48
- console.log(chalk.red.bold('ALERT: Vulnerable Package'));
49
- console.log(chalk.red.bold('===================================='));
47
+ console.log(chalk.red.bold("\n===================================="));
48
+ console.log(chalk.red.bold("ALERT: Vulnerable Package"));
49
+ console.log(chalk.red.bold("===================================="));
50
50
  // Sort by severity (Critical first)
51
- const severityOrder = { 'critical': 0, 'high': 1, 'moderate': 2, 'medium': 2, 'low': 3 };
52
- vulnerabilities.sort((a, b) => (severityOrder[a.severity] ?? 99) - (severityOrder[b.severity] ?? 99));
53
- vulnerabilities.forEach(v => {
54
- const fixedIn = v.fixedIn || 'latest';
55
- const severityColor = (v.severity === 'critical' || v.severity === 'high') ? chalk.red.bold : chalk.yellow;
51
+ const severityOrder = {
52
+ critical: 0,
53
+ high: 1,
54
+ moderate: 2,
55
+ medium: 2,
56
+ low: 3,
57
+ };
58
+ vulnerabilities.sort((a, b) => (severityOrder[a.severity] ?? 99) -
59
+ (severityOrder[b.severity] ?? 99));
60
+ vulnerabilities.forEach((v) => {
61
+ const fixedIn = v.fixedIn || "latest";
62
+ const severityColor = v.severity === "critical" || v.severity === "high"
63
+ ? chalk.red.bold
64
+ : chalk.yellow;
56
65
  const pkgLabel = chalk.magenta(`${v.name}@${v.version}`);
57
66
  console.log(chalk.green(`[SOLUTION]: Upgrade ${v.name}@${v.version} to ${v.name}@${fixedIn} to fix.`));
58
67
  let links = `[${v.url}]`;
59
68
  if (v.references && v.references.length) {
60
- const snyk = v.references.find(r => r.includes('snyk.io'));
69
+ const snyk = v.references.find((r) => r.includes("snyk.io"));
61
70
  if (snyk)
62
71
  links += ` [${snyk}]`;
63
72
  }
64
- console.log(`${chalk.white('[')}${severityColor(v.severity.toUpperCase())}${chalk.white(' Severity]')} ${chalk.blue(links)}`);
73
+ console.log(`${chalk.white("[")}${severityColor(v.severity.toUpperCase())}${chalk.white(" Severity]")} ${chalk.blue(links)}`);
65
74
  console.log(`${pkgLabel} ${chalk.white(v.summary)}`);
66
75
  console.log(chalk.dim(`introduced by ${v.name}@${v.version}`));
67
- console.log('');
76
+ console.log("");
68
77
  });
69
78
  }
70
79
  // Nuke Mode
71
80
  if (options.nuke) {
72
- const filesToDelete = [...new Set(results.map(r => r.file))];
81
+ const filesToDelete = [...new Set(results.map((r) => r.file))];
73
82
  const { selected } = await inquirer.prompt([
74
83
  {
75
- type: 'checkbox',
76
- name: 'selected',
77
- message: 'Select files to DELETE (Space to select, Enter to confirm):',
78
- choices: filesToDelete
79
- }
84
+ type: "checkbox",
85
+ name: "selected",
86
+ message: "Select files to DELETE (Space to select, Enter to confirm):",
87
+ choices: filesToDelete,
88
+ },
80
89
  ]);
81
90
  if (selected.length > 0) {
82
- const { confirm } = await inquirer.prompt([{
83
- type: 'confirm',
84
- name: 'confirm',
91
+ const { confirm } = await inquirer.prompt([
92
+ {
93
+ type: "confirm",
94
+ name: "confirm",
85
95
  message: `Are you sure you want to PERMANENTLY delete ${selected.length} files?`,
86
- default: false
87
- }]);
96
+ default: false,
97
+ },
98
+ ]);
88
99
  if (confirm) {
89
100
  for (const file of selected) {
90
101
  await fs.unlink(path.resolve(directory, file));
91
102
  console.log(chalk.red(`Deleted: ${file}`));
92
103
  }
93
- console.log(chalk.green('Cleanup complete.'));
104
+ console.log(chalk.green("Cleanup complete."));
94
105
  }
95
106
  }
96
107
  }
97
108
  else {
98
- console.log(chalk.red.bold('FAIL: Potential threats found.'));
99
- console.log(chalk.yellow('Review manually or run with --nuke to delete files interactively.'));
109
+ console.log(chalk.red.bold("FAIL: Potential threats found."));
110
+ console.log(chalk.yellow("Review manually or run with --nuke to delete files interactively."));
100
111
  }
101
112
  }
102
113
  catch (error) {
103
- console.error(chalk.red.bold('\nFATAL ERROR:'), error.message || error);
114
+ console.error(chalk.red.bold("\nFATAL ERROR:"), error.message || error);
104
115
  if (error.stack)
105
116
  console.error(chalk.gray(error.stack));
106
117
  process.exit(1);
package/dist/src/cli.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,QAAQ,MAAM,UAAU,CAAC;AAChC,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG7C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,SAAS,CAAC;KACf,WAAW,CAAC,qDAAqD,CAAC;KAClE,OAAO,CAAC,OAAO,CAAC;KAChB,QAAQ,CAAC,aAAa,EAAE,mBAAmB,EAAE,GAAG,CAAC;KACjD,MAAM,CAAC,QAAQ,EAAE,wBAAwB,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,sBAAsB,CAAC;KAC5C,MAAM,CAAC,QAAQ,EAAE,6CAA6C,CAAC;KAC/D,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;IACnC,IAAI,CAAC;QACD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAExD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9C,OAAO;QACT,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC,CAAC;YACrE,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;QACxE,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;QAErE,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC,CAAC;YAEpE,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACrB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC,CAAC;gBAC7E,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;gBAC1I,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC1F,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;gBAErE,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;oBACX,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;gBACjE,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACpB,CAAC,CAAC,CAAC;QACP,CAAC;QAED,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC,CAAC;YAEpE,oCAAoC;YACpC,MAAM,aAAa,GAA2B,EAAE,UAAU,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,CAAC;YACjH,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAEtG,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;gBACxB,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,IAAI,QAAQ,CAAC;gBACtC,MAAM,aAAa,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;gBAC3G,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAEzD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,OAAO,CAAC,CAAC,IAAI,IAAI,OAAO,UAAU,CAAC,CAAC,CAAC;gBAEvG,IAAI,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;gBACzB,IAAI,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;oBAC3D,IAAI,IAAI;wBAAE,KAAK,IAAI,KAAK,IAAI,GAAG,CAAC;gBACpC,CAAC;gBAED,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAC9H,OAAO,CAAC,GAAG,CAAC,GAAG,QAAQ,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACrD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACpB,CAAC,CAAC,CAAC;QACP,CAAC;QAED,YAAY;QACZ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,aAAa,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAE7D,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;gBACzC;oBACE,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,UAAU;oBAChB,OAAO,EAAE,6DAA6D;oBACtE,OAAO,EAAE,aAAa;iBACvB;aACF,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,CAAC;wBACvC,IAAI,EAAE,SAAS;wBACf,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,+CAA+C,QAAQ,CAAC,MAAM,SAAS;wBAChF,OAAO,EAAE,KAAK;qBACjB,CAAC,CAAC,CAAC;gBAEJ,IAAI,OAAO,EAAE,CAAC;oBACV,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;wBAC1B,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;wBAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC/C,CAAC;oBACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;gBAClD,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACJ,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,mEAAmE,CAAC,CAAC,CAAC;QACnG,CAAC;IACL,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,CAAC;QACxE,IAAI,KAAK,CAAC,KAAK;YAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACpB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,MAAM,CAAC,KAAK,UAAU,GAAG;IACvB,MAAM,OAAO,CAAC,UAAU,EAAE,CAAC;AAC7B,CAAC"}
1
+ {"version":3,"file":"cli.js","sourceRoot":"","sources":["../../src/cli.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,QAAQ,MAAM,UAAU,CAAC;AAChC,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7C,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,SAAS,CAAC;KACf,WAAW,CAAC,qDAAqD,CAAC;KAClE,OAAO,CAAC,OAAO,CAAC;KAChB,QAAQ,CAAC,aAAa,EAAE,mBAAmB,EAAE,GAAG,CAAC;KACjD,MAAM,CAAC,QAAQ,EAAE,wBAAwB,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,sBAAsB,CAAC;KAC5C,MAAM,CAAC,QAAQ,EAAE,6CAA6C,CAAC;KAC/D,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;IACnC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;QAExD,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9C,OAAO;QACT,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC,CAAC;YACrE,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;QAC1E,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC;QAEvE,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC,CAAC;YAEpE,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;gBACzB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAChE,CAAC;gBACF,OAAO,CAAC,GAAG,CACT,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,EAAE,CAC7H,CAAC;gBACF,OAAO,CAAC,GAAG,CACT,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAC7E,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;gBAErE,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;oBACd,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC,CAAC;gBAC9D,CAAC;gBACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC;QAED,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC,CAAC;YACtE,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC,CAAC;YACzD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC,CAAC;YAEpE,oCAAoC;YACpC,MAAM,aAAa,GAA2B;gBAC5C,QAAQ,EAAE,CAAC;gBACX,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,CAAC;gBACX,MAAM,EAAE,CAAC;gBACT,GAAG,EAAE,CAAC;aACP,CAAC;YACF,eAAe,CAAC,IAAI,CAClB,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACP,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBACjC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CACpC,CAAC;YAEF,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC5B,MAAM,OAAO,GAAG,CAAC,CAAC,OAAO,IAAI,QAAQ,CAAC;gBACtC,MAAM,aAAa,GACjB,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM;oBAChD,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI;oBAChB,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;gBACnB,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC;gBAEzD,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,KAAK,CACT,uBAAuB,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,OAAO,CAAC,CAAC,IAAI,IAAI,OAAO,UAAU,CAC7E,CACF,CAAC;gBAEF,IAAI,KAAK,GAAG,IAAI,CAAC,CAAC,GAAG,GAAG,CAAC;gBACzB,IAAI,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC;oBACxC,MAAM,IAAI,GAAG,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC;oBAC7D,IAAI,IAAI;wBAAE,KAAK,IAAI,KAAK,IAAI,GAAG,CAAC;gBAClC,CAAC;gBAED,OAAO,CAAC,GAAG,CACT,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CACjH,CAAC;gBACF,OAAO,CAAC,GAAG,CAAC,GAAG,QAAQ,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBACrD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;gBAC/D,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClB,CAAC,CAAC,CAAC;QACL,CAAC;QAED,YAAY;QACZ,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;YACjB,MAAM,aAAa,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAE/D,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;gBACzC;oBACE,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,UAAU;oBAChB,OAAO,EACL,6DAA6D;oBAC/D,OAAO,EAAE,aAAa;iBACvB;aACF,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC;oBACxC;wBACE,IAAI,EAAE,SAAS;wBACf,IAAI,EAAE,SAAS;wBACf,OAAO,EAAE,+CAA+C,QAAQ,CAAC,MAAM,SAAS;wBAChF,OAAO,EAAE,KAAK;qBACf;iBACF,CAAC,CAAC;gBAEH,IAAI,OAAO,EAAE,CAAC;oBACZ,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;wBAC5B,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC;wBAC/C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,CAAC;oBAC7C,CAAC;oBACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC,CAAC;gBAChD,CAAC;YACH,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,MAAM,CACV,mEAAmE,CACpE,CACF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,KAAU,EAAE,CAAC;QACpB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,EAAE,KAAK,CAAC,OAAO,IAAI,KAAK,CAAC,CAAC;QACxE,IAAI,KAAK,CAAC,KAAK;YAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;QACxD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,MAAM,CAAC,KAAK,UAAU,GAAG;IACvB,MAAM,OAAO,CAAC,UAAU,EAAE,CAAC;AAC7B,CAAC"}
package/package.json CHANGED
@@ -1,11 +1,11 @@
1
1
  {
2
2
  "name": "tangkal",
3
- "version": "1.1.0",
3
+ "version": "1.2.0",
4
4
  "description": "Preventive security scanner for cloned repositories. Detects malicious AST patterns, vulnerable dependencies, and typosquatting.",
5
5
  "main": "dist/index.js",
6
6
  "type": "module",
7
7
  "bin": {
8
- "tangkal": "./dist/index.js"
8
+ "tangkal": "dist/index.js"
9
9
  },
10
10
  "files": [
11
11
  "dist",
@@ -50,4 +50,4 @@
50
50
  "ts-node": "^10.9.2",
51
51
  "typescript": "^5.9.3"
52
52
  }
53
- }
53
+ }