vaspera 2.10.1 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/action/pr-comment.test.js +8 -0
- package/dist/action/pr-comment.test.js.map +1 -1
- package/dist/action/sarif-upload.test.js +8 -0
- package/dist/action/sarif-upload.test.js.map +1 -1
- package/dist/scanners/cache.d.ts.map +1 -1
- package/dist/scanners/cache.js +8 -0
- package/dist/scanners/cache.js.map +1 -1
- package/dist/scanners/dast.d.ts +40 -0
- package/dist/scanners/dast.d.ts.map +1 -0
- package/dist/scanners/dast.js +228 -0
- package/dist/scanners/dast.js.map +1 -0
- package/dist/scanners/deploy/types.d.ts +6 -6
- package/dist/scanners/index.d.ts +4 -4
- package/dist/scanners/index.d.ts.map +1 -1
- package/dist/scanners/index.js +133 -15
- package/dist/scanners/index.js.map +1 -1
- package/dist/scanners/index.test.js +6 -6
- package/dist/scanners/index.test.js.map +1 -1
- package/dist/scanners/openapi.d.ts +20 -0
- package/dist/scanners/openapi.d.ts.map +1 -0
- package/dist/scanners/openapi.js +226 -0
- package/dist/scanners/openapi.js.map +1 -0
- package/dist/scanners/runtime/types.d.ts +4 -4
- package/dist/scanners/rust.d.ts +22 -0
- package/dist/scanners/rust.d.ts.map +1 -0
- package/dist/scanners/rust.js +239 -0
- package/dist/scanners/rust.js.map +1 -0
- package/dist/scanners/scale/types.d.ts +16 -16
- package/dist/scanners/terraform.d.ts +23 -0
- package/dist/scanners/terraform.d.ts.map +1 -0
- package/dist/scanners/terraform.js +207 -0
- package/dist/scanners/terraform.js.map +1 -0
- package/dist/scanners/types.d.ts +1 -1
- package/dist/scanners/types.d.ts.map +1 -1
- package/dist/scanners/types.js +8 -0
- package/dist/scanners/types.js.map +1 -1
- package/package.json +1 -1
|
@@ -40,8 +40,8 @@ export declare const EndpointSchema: z.ZodObject<{
|
|
|
40
40
|
path: string;
|
|
41
41
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
42
42
|
weight: number;
|
|
43
|
-
body?: Record<string, unknown> | undefined;
|
|
44
43
|
headers?: Record<string, string> | undefined;
|
|
44
|
+
body?: Record<string, unknown> | undefined;
|
|
45
45
|
thresholds?: {
|
|
46
46
|
p95?: number | undefined;
|
|
47
47
|
p99?: number | undefined;
|
|
@@ -49,9 +49,9 @@ export declare const EndpointSchema: z.ZodObject<{
|
|
|
49
49
|
} | undefined;
|
|
50
50
|
}, {
|
|
51
51
|
path: string;
|
|
52
|
+
headers?: Record<string, string> | undefined;
|
|
52
53
|
body?: Record<string, unknown> | undefined;
|
|
53
54
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
54
|
-
headers?: Record<string, string> | undefined;
|
|
55
55
|
thresholds?: {
|
|
56
56
|
p95?: number | undefined;
|
|
57
57
|
p99?: number | undefined;
|
|
@@ -100,8 +100,8 @@ export declare const ScenarioSchema: z.ZodObject<{
|
|
|
100
100
|
path: string;
|
|
101
101
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
102
102
|
weight: number;
|
|
103
|
-
body?: Record<string, unknown> | undefined;
|
|
104
103
|
headers?: Record<string, string> | undefined;
|
|
104
|
+
body?: Record<string, unknown> | undefined;
|
|
105
105
|
thresholds?: {
|
|
106
106
|
p95?: number | undefined;
|
|
107
107
|
p99?: number | undefined;
|
|
@@ -109,9 +109,9 @@ export declare const ScenarioSchema: z.ZodObject<{
|
|
|
109
109
|
} | undefined;
|
|
110
110
|
}, {
|
|
111
111
|
path: string;
|
|
112
|
+
headers?: Record<string, string> | undefined;
|
|
112
113
|
body?: Record<string, unknown> | undefined;
|
|
113
114
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
114
|
-
headers?: Record<string, string> | undefined;
|
|
115
115
|
thresholds?: {
|
|
116
116
|
p95?: number | undefined;
|
|
117
117
|
p99?: number | undefined;
|
|
@@ -131,8 +131,8 @@ export declare const ScenarioSchema: z.ZodObject<{
|
|
|
131
131
|
path: string;
|
|
132
132
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
133
133
|
weight: number;
|
|
134
|
-
body?: Record<string, unknown> | undefined;
|
|
135
134
|
headers?: Record<string, string> | undefined;
|
|
135
|
+
body?: Record<string, unknown> | undefined;
|
|
136
136
|
thresholds?: {
|
|
137
137
|
p95?: number | undefined;
|
|
138
138
|
p99?: number | undefined;
|
|
@@ -149,9 +149,9 @@ export declare const ScenarioSchema: z.ZodObject<{
|
|
|
149
149
|
type?: "ramp" | "spike" | "soak" | "stress" | "breakpoint" | undefined;
|
|
150
150
|
endpoints?: {
|
|
151
151
|
path: string;
|
|
152
|
+
headers?: Record<string, string> | undefined;
|
|
152
153
|
body?: Record<string, unknown> | undefined;
|
|
153
154
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
154
|
-
headers?: Record<string, string> | undefined;
|
|
155
155
|
thresholds?: {
|
|
156
156
|
p95?: number | undefined;
|
|
157
157
|
p99?: number | undefined;
|
|
@@ -206,8 +206,8 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
206
206
|
path: string;
|
|
207
207
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
208
208
|
weight: number;
|
|
209
|
-
body?: Record<string, unknown> | undefined;
|
|
210
209
|
headers?: Record<string, string> | undefined;
|
|
210
|
+
body?: Record<string, unknown> | undefined;
|
|
211
211
|
thresholds?: {
|
|
212
212
|
p95?: number | undefined;
|
|
213
213
|
p99?: number | undefined;
|
|
@@ -215,9 +215,9 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
215
215
|
} | undefined;
|
|
216
216
|
}, {
|
|
217
217
|
path: string;
|
|
218
|
+
headers?: Record<string, string> | undefined;
|
|
218
219
|
body?: Record<string, unknown> | undefined;
|
|
219
220
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
220
|
-
headers?: Record<string, string> | undefined;
|
|
221
221
|
thresholds?: {
|
|
222
222
|
p95?: number | undefined;
|
|
223
223
|
p99?: number | undefined;
|
|
@@ -237,8 +237,8 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
237
237
|
path: string;
|
|
238
238
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
239
239
|
weight: number;
|
|
240
|
-
body?: Record<string, unknown> | undefined;
|
|
241
240
|
headers?: Record<string, string> | undefined;
|
|
241
|
+
body?: Record<string, unknown> | undefined;
|
|
242
242
|
thresholds?: {
|
|
243
243
|
p95?: number | undefined;
|
|
244
244
|
p99?: number | undefined;
|
|
@@ -255,9 +255,9 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
255
255
|
type?: "ramp" | "spike" | "soak" | "stress" | "breakpoint" | undefined;
|
|
256
256
|
endpoints?: {
|
|
257
257
|
path: string;
|
|
258
|
+
headers?: Record<string, string> | undefined;
|
|
258
259
|
body?: Record<string, unknown> | undefined;
|
|
259
260
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
260
|
-
headers?: Record<string, string> | undefined;
|
|
261
261
|
thresholds?: {
|
|
262
262
|
p95?: number | undefined;
|
|
263
263
|
p99?: number | undefined;
|
|
@@ -305,8 +305,8 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
305
305
|
path: string;
|
|
306
306
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
307
307
|
weight: number;
|
|
308
|
-
body?: Record<string, unknown> | undefined;
|
|
309
308
|
headers?: Record<string, string> | undefined;
|
|
309
|
+
body?: Record<string, unknown> | undefined;
|
|
310
310
|
thresholds?: {
|
|
311
311
|
p95?: number | undefined;
|
|
312
312
|
p99?: number | undefined;
|
|
@@ -314,9 +314,9 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
314
314
|
} | undefined;
|
|
315
315
|
}, {
|
|
316
316
|
path: string;
|
|
317
|
+
headers?: Record<string, string> | undefined;
|
|
317
318
|
body?: Record<string, unknown> | undefined;
|
|
318
319
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
319
|
-
headers?: Record<string, string> | undefined;
|
|
320
320
|
thresholds?: {
|
|
321
321
|
p95?: number | undefined;
|
|
322
322
|
p99?: number | undefined;
|
|
@@ -339,8 +339,8 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
339
339
|
path: string;
|
|
340
340
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
341
341
|
weight: number;
|
|
342
|
-
body?: Record<string, unknown> | undefined;
|
|
343
342
|
headers?: Record<string, string> | undefined;
|
|
343
|
+
body?: Record<string, unknown> | undefined;
|
|
344
344
|
thresholds?: {
|
|
345
345
|
p95?: number | undefined;
|
|
346
346
|
p99?: number | undefined;
|
|
@@ -360,8 +360,8 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
360
360
|
path: string;
|
|
361
361
|
method: "GET" | "POST" | "PUT" | "DELETE" | "PATCH";
|
|
362
362
|
weight: number;
|
|
363
|
-
body?: Record<string, unknown> | undefined;
|
|
364
363
|
headers?: Record<string, string> | undefined;
|
|
364
|
+
body?: Record<string, unknown> | undefined;
|
|
365
365
|
thresholds?: {
|
|
366
366
|
p95?: number | undefined;
|
|
367
367
|
p99?: number | undefined;
|
|
@@ -380,9 +380,9 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
380
380
|
type?: "ramp" | "spike" | "soak" | "stress" | "breakpoint" | undefined;
|
|
381
381
|
endpoints?: {
|
|
382
382
|
path: string;
|
|
383
|
+
headers?: Record<string, string> | undefined;
|
|
383
384
|
body?: Record<string, unknown> | undefined;
|
|
384
385
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
385
|
-
headers?: Record<string, string> | undefined;
|
|
386
386
|
thresholds?: {
|
|
387
387
|
p95?: number | undefined;
|
|
388
388
|
p99?: number | undefined;
|
|
@@ -402,9 +402,9 @@ export declare const LoadProfileSchema: z.ZodObject<{
|
|
|
402
402
|
baseUrl?: string | undefined;
|
|
403
403
|
endpoints?: {
|
|
404
404
|
path: string;
|
|
405
|
+
headers?: Record<string, string> | undefined;
|
|
405
406
|
body?: Record<string, unknown> | undefined;
|
|
406
407
|
method?: "GET" | "POST" | "PUT" | "DELETE" | "PATCH" | undefined;
|
|
407
|
-
headers?: Record<string, string> | undefined;
|
|
408
408
|
thresholds?: {
|
|
409
409
|
p95?: number | undefined;
|
|
410
410
|
p99?: number | undefined;
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Terraform/IaC Scanner Integration
|
|
3
|
+
*
|
|
4
|
+
* Scans Infrastructure as Code for security misconfigurations
|
|
5
|
+
* using tfsec and checkov.
|
|
6
|
+
*
|
|
7
|
+
* @module scanners/terraform
|
|
8
|
+
*/
|
|
9
|
+
import type { ScannerResult, ScannerAvailability } from "./types.js";
|
|
10
|
+
export declare function checkTfsecAvailable(): Promise<ScannerAvailability>;
|
|
11
|
+
export declare function checkCheckovAvailable(): Promise<ScannerAvailability>;
|
|
12
|
+
export declare function runTfsec(projectPath: string, options?: {
|
|
13
|
+
timeout?: number;
|
|
14
|
+
}): Promise<ScannerResult>;
|
|
15
|
+
export declare function runCheckov(projectPath: string, options?: {
|
|
16
|
+
timeout?: number;
|
|
17
|
+
framework?: string;
|
|
18
|
+
}): Promise<ScannerResult>;
|
|
19
|
+
export declare function runTerraformScanners(projectPath: string, options?: {
|
|
20
|
+
timeout?: number;
|
|
21
|
+
}): Promise<ScannerResult>;
|
|
22
|
+
export declare function detectTerraform(projectPath: string): Promise<boolean>;
|
|
23
|
+
//# sourceMappingURL=terraform.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"terraform.d.ts","sourceRoot":"","sources":["../../src/scanners/terraform.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAMH,OAAO,KAAK,EAAwB,aAAa,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAC;AAoD3F,wBAAsB,mBAAmB,IAAI,OAAO,CAAC,mBAAmB,CAAC,CAexE;AAED,wBAAsB,qBAAqB,IAAI,OAAO,CAAC,mBAAmB,CAAC,CAe1E;AAeD,wBAAsB,QAAQ,CAC5B,WAAW,EAAE,MAAM,EACnB,OAAO,CAAC,EAAE;IAAE,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,GAC7B,OAAO,CAAC,aAAa,CAAC,CAgExB;AAED,wBAAsB,UAAU,CAC9B,WAAW,EAAE,MAAM,EACnB,OAAO,CAAC,EAAE;IAAE,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAA;CAAE,GACjD,OAAO,CAAC,aAAa,CAAC,CAqExB;AAED,wBAAsB,oBAAoB,CACxC,WAAW,EAAE,MAAM,EACnB,OAAO,CAAC,EAAE;IAAE,OAAO,CAAC,EAAE,MAAM,CAAA;CAAE,GAC7B,OAAO,CAAC,aAAa,CAAC,CAkBxB;AAED,wBAAsB,eAAe,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC,CAU3E"}
|
|
@@ -0,0 +1,207 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Terraform/IaC Scanner Integration
|
|
3
|
+
*
|
|
4
|
+
* Scans Infrastructure as Code for security misconfigurations
|
|
5
|
+
* using tfsec and checkov.
|
|
6
|
+
*
|
|
7
|
+
* @module scanners/terraform
|
|
8
|
+
*/
|
|
9
|
+
import { exec } from "child_process";
|
|
10
|
+
import { promisify } from "util";
|
|
11
|
+
const execAsync = promisify(exec);
|
|
12
|
+
export async function checkTfsecAvailable() {
|
|
13
|
+
try {
|
|
14
|
+
const { stdout } = await execAsync("tfsec --version", { timeout: 5000 });
|
|
15
|
+
return {
|
|
16
|
+
scanner: "tfsec",
|
|
17
|
+
available: true,
|
|
18
|
+
version: stdout.trim(),
|
|
19
|
+
};
|
|
20
|
+
}
|
|
21
|
+
catch {
|
|
22
|
+
return {
|
|
23
|
+
scanner: "tfsec",
|
|
24
|
+
available: false,
|
|
25
|
+
error: "tfsec not found. Install from: https://github.com/aquasecurity/tfsec",
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
export async function checkCheckovAvailable() {
|
|
30
|
+
try {
|
|
31
|
+
const { stdout } = await execAsync("checkov --version", { timeout: 5000 });
|
|
32
|
+
return {
|
|
33
|
+
scanner: "checkov",
|
|
34
|
+
available: true,
|
|
35
|
+
version: stdout.trim(),
|
|
36
|
+
};
|
|
37
|
+
}
|
|
38
|
+
catch {
|
|
39
|
+
return {
|
|
40
|
+
scanner: "checkov",
|
|
41
|
+
available: false,
|
|
42
|
+
error: "checkov not found. Install with: pip install checkov",
|
|
43
|
+
};
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
function mapSeverity(severity) {
|
|
47
|
+
switch (severity.toUpperCase()) {
|
|
48
|
+
case "CRITICAL":
|
|
49
|
+
return "critical";
|
|
50
|
+
case "HIGH":
|
|
51
|
+
return "high";
|
|
52
|
+
case "MEDIUM":
|
|
53
|
+
return "medium";
|
|
54
|
+
default:
|
|
55
|
+
return "low";
|
|
56
|
+
}
|
|
57
|
+
}
|
|
58
|
+
export async function runTfsec(projectPath, options) {
|
|
59
|
+
const startTime = Date.now();
|
|
60
|
+
try {
|
|
61
|
+
const availability = await checkTfsecAvailable();
|
|
62
|
+
if (!availability.available) {
|
|
63
|
+
return {
|
|
64
|
+
scanner: "tfsec",
|
|
65
|
+
findings: [],
|
|
66
|
+
duration: Date.now() - startTime,
|
|
67
|
+
success: false,
|
|
68
|
+
error: availability.error,
|
|
69
|
+
};
|
|
70
|
+
}
|
|
71
|
+
const { stdout } = await execAsync(`tfsec "${projectPath}" --format json --no-color`, {
|
|
72
|
+
timeout: options?.timeout || 120000,
|
|
73
|
+
maxBuffer: 10 * 1024 * 1024,
|
|
74
|
+
}).catch((error) => {
|
|
75
|
+
if (error.stdout) {
|
|
76
|
+
return { stdout: error.stdout, stderr: error.stderr || "" };
|
|
77
|
+
}
|
|
78
|
+
throw error;
|
|
79
|
+
});
|
|
80
|
+
const output = JSON.parse(stdout);
|
|
81
|
+
const findings = (output.results || []).map((result) => ({
|
|
82
|
+
scanner: "tfsec",
|
|
83
|
+
ruleId: `tfsec:${result.rule_id}`,
|
|
84
|
+
file: result.location.filename.replace(projectPath + "/", ""),
|
|
85
|
+
line: result.location.start_line,
|
|
86
|
+
endLine: result.location.end_line,
|
|
87
|
+
message: `${result.rule_description}: ${result.description}`,
|
|
88
|
+
severity: mapSeverity(result.severity),
|
|
89
|
+
confidence: 100,
|
|
90
|
+
metadata: {
|
|
91
|
+
provider: result.rule_provider,
|
|
92
|
+
service: result.rule_service,
|
|
93
|
+
impact: result.impact,
|
|
94
|
+
resolution: result.resolution,
|
|
95
|
+
resource: result.resource,
|
|
96
|
+
links: result.links,
|
|
97
|
+
},
|
|
98
|
+
}));
|
|
99
|
+
return {
|
|
100
|
+
scanner: "tfsec",
|
|
101
|
+
findings,
|
|
102
|
+
duration: Date.now() - startTime,
|
|
103
|
+
success: true,
|
|
104
|
+
version: availability.version,
|
|
105
|
+
};
|
|
106
|
+
}
|
|
107
|
+
catch (error) {
|
|
108
|
+
return {
|
|
109
|
+
scanner: "tfsec",
|
|
110
|
+
findings: [],
|
|
111
|
+
duration: Date.now() - startTime,
|
|
112
|
+
success: false,
|
|
113
|
+
error: error instanceof Error ? error.message : "Unknown error",
|
|
114
|
+
};
|
|
115
|
+
}
|
|
116
|
+
}
|
|
117
|
+
export async function runCheckov(projectPath, options) {
|
|
118
|
+
const startTime = Date.now();
|
|
119
|
+
try {
|
|
120
|
+
const availability = await checkCheckovAvailable();
|
|
121
|
+
if (!availability.available) {
|
|
122
|
+
return {
|
|
123
|
+
scanner: "checkov",
|
|
124
|
+
findings: [],
|
|
125
|
+
duration: Date.now() - startTime,
|
|
126
|
+
success: false,
|
|
127
|
+
error: availability.error,
|
|
128
|
+
};
|
|
129
|
+
}
|
|
130
|
+
let command = `checkov -d "${projectPath}" -o json --compact`;
|
|
131
|
+
if (options?.framework) {
|
|
132
|
+
command += ` --framework ${options.framework}`;
|
|
133
|
+
}
|
|
134
|
+
const { stdout } = await execAsync(command, {
|
|
135
|
+
timeout: options?.timeout || 180000,
|
|
136
|
+
maxBuffer: 10 * 1024 * 1024,
|
|
137
|
+
}).catch((error) => {
|
|
138
|
+
if (error.stdout) {
|
|
139
|
+
return { stdout: error.stdout, stderr: error.stderr || "" };
|
|
140
|
+
}
|
|
141
|
+
throw error;
|
|
142
|
+
});
|
|
143
|
+
const outputs = JSON.parse(stdout);
|
|
144
|
+
const findings = [];
|
|
145
|
+
for (const output of outputs) {
|
|
146
|
+
for (const result of output.results.failed_checks) {
|
|
147
|
+
findings.push({
|
|
148
|
+
scanner: "checkov",
|
|
149
|
+
ruleId: `checkov:${result.check_id}`,
|
|
150
|
+
file: result.file_path.replace(projectPath + "/", ""),
|
|
151
|
+
line: result.file_line_range[0],
|
|
152
|
+
endLine: result.file_line_range[1],
|
|
153
|
+
message: result.check_name,
|
|
154
|
+
severity: mapSeverity(result.severity || "MEDIUM"),
|
|
155
|
+
confidence: 100,
|
|
156
|
+
metadata: {
|
|
157
|
+
checkType: output.check_type,
|
|
158
|
+
resource: result.resource,
|
|
159
|
+
guideline: result.guideline,
|
|
160
|
+
},
|
|
161
|
+
});
|
|
162
|
+
}
|
|
163
|
+
}
|
|
164
|
+
return {
|
|
165
|
+
scanner: "checkov",
|
|
166
|
+
findings,
|
|
167
|
+
duration: Date.now() - startTime,
|
|
168
|
+
success: true,
|
|
169
|
+
version: availability.version,
|
|
170
|
+
};
|
|
171
|
+
}
|
|
172
|
+
catch (error) {
|
|
173
|
+
return {
|
|
174
|
+
scanner: "checkov",
|
|
175
|
+
findings: [],
|
|
176
|
+
duration: Date.now() - startTime,
|
|
177
|
+
success: false,
|
|
178
|
+
error: error instanceof Error ? error.message : "Unknown error",
|
|
179
|
+
};
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
export async function runTerraformScanners(projectPath, options) {
|
|
183
|
+
const startTime = Date.now();
|
|
184
|
+
const [tfsecResult, checkovResult] = await Promise.all([
|
|
185
|
+
runTfsec(projectPath, options),
|
|
186
|
+
runCheckov(projectPath, options),
|
|
187
|
+
]);
|
|
188
|
+
const findings = [...tfsecResult.findings, ...checkovResult.findings];
|
|
189
|
+
const success = tfsecResult.success || checkovResult.success;
|
|
190
|
+
return {
|
|
191
|
+
scanner: "terraform",
|
|
192
|
+
findings,
|
|
193
|
+
duration: Date.now() - startTime,
|
|
194
|
+
success,
|
|
195
|
+
error: !success ? "No IaC scanners available" : undefined,
|
|
196
|
+
};
|
|
197
|
+
}
|
|
198
|
+
export async function detectTerraform(projectPath) {
|
|
199
|
+
try {
|
|
200
|
+
const { stdout } = await execAsync(`find "${projectPath}" -maxdepth 4 -name "*.tf" -o -name "*.tfvars" -o -name "Pulumi.yaml" -o -name "Pulumi.yml" | head -1`, { timeout: 5000 });
|
|
201
|
+
return stdout.trim().length > 0;
|
|
202
|
+
}
|
|
203
|
+
catch {
|
|
204
|
+
return false;
|
|
205
|
+
}
|
|
206
|
+
}
|
|
207
|
+
//# sourceMappingURL=terraform.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"terraform.js","sourceRoot":"","sources":["../../src/scanners/terraform.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,eAAe,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,MAAM,CAAC;AAKjC,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;AAkDlC,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,iBAAiB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QACzE,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE;SACvB,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,sEAAsE;SAC9E,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB;IACzC,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,mBAAmB,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,CAAC,CAAC;QAC3E,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,MAAM,CAAC,IAAI,EAAE;SACvB,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,sDAAsD;SAC9D,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,QAAgB;IACnC,QAAQ,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/B,KAAK,UAAU;YACb,OAAO,UAAU,CAAC;QACpB,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;QAChB,KAAK,QAAQ;YACX,OAAO,QAAQ,CAAC;QAClB;YACE,OAAO,KAAK,CAAC;IACjB,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,QAAQ,CAC5B,WAAmB,EACnB,OAA8B;IAE9B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,mBAAmB,EAAE,CAAC;QACjD,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,OAAO;gBAChB,QAAQ,EAAE,EAAE;gBACZ,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBAChC,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,YAAY,CAAC,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAChC,UAAU,WAAW,4BAA4B,EACjD;YACE,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,MAAM;YACnC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CACF,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YAChB,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjB,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC9D,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,MAAM,MAAM,GAAgB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAC/C,MAAM,QAAQ,GAA2B,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;YAC/E,OAAO,EAAE,OAAgB;YACzB,MAAM,EAAE,SAAS,MAAM,CAAC,OAAO,EAAE;YACjC,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,GAAG,GAAG,EAAE,EAAE,CAAC;YAC7D,IAAI,EAAE,MAAM,CAAC,QAAQ,CAAC,UAAU;YAChC,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,QAAQ;YACjC,OAAO,EAAE,GAAG,MAAM,CAAC,gBAAgB,KAAK,MAAM,CAAC,WAAW,EAAE;YAC5D,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,QAAQ,CAAC;YACtC,UAAU,EAAE,GAAG;YACf,QAAQ,EAAE;gBACR,QAAQ,EAAE,MAAM,CAAC,aAAa;gBAC9B,OAAO,EAAE,MAAM,CAAC,YAAY;gBAC5B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,KAAK,EAAE,MAAM,CAAC,KAAK;aACpB;SACF,CAAC,CAAC,CAAC;QAEJ,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,QAAQ;YACR,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YAChC,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,YAAY,CAAC,OAAO;SAC9B,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,OAAO,EAAE,OAAO;YAChB,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YAChC,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,WAAmB,EACnB,OAAkD;IAElD,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,IAAI,CAAC;QACH,MAAM,YAAY,GAAG,MAAM,qBAAqB,EAAE,CAAC;QACnD,IAAI,CAAC,YAAY,CAAC,SAAS,EAAE,CAAC;YAC5B,OAAO;gBACL,OAAO,EAAE,SAAS;gBAClB,QAAQ,EAAE,EAAE;gBACZ,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;gBAChC,OAAO,EAAE,KAAK;gBACd,KAAK,EAAE,YAAY,CAAC,KAAK;aAC1B,CAAC;QACJ,CAAC;QAED,IAAI,OAAO,GAAG,eAAe,WAAW,qBAAqB,CAAC;QAC9D,IAAI,OAAO,EAAE,SAAS,EAAE,CAAC;YACvB,OAAO,IAAI,gBAAgB,OAAO,CAAC,SAAS,EAAE,CAAC;QACjD,CAAC;QAED,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAAC,OAAO,EAAE;YAC1C,OAAO,EAAE,OAAO,EAAE,OAAO,IAAI,MAAM;YACnC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;YACjB,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;gBACjB,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YAC9D,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC,CAAC,CAAC;QAEH,MAAM,OAAO,GAAoB,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,QAAQ,GAA2B,EAAE,CAAC;QAE5C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;gBAClD,QAAQ,CAAC,IAAI,CAAC;oBACZ,OAAO,EAAE,SAAkB;oBAC3B,MAAM,EAAE,WAAW,MAAM,CAAC,QAAQ,EAAE;oBACpC,IAAI,EAAE,MAAM,CAAC,SAAS,CAAC,OAAO,CAAC,WAAW,GAAG,GAAG,EAAE,EAAE,CAAC;oBACrD,IAAI,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;oBAC/B,OAAO,EAAE,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC;oBAClC,OAAO,EAAE,MAAM,CAAC,UAAU;oBAC1B,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,QAAQ,IAAI,QAAQ,CAAC;oBAClD,UAAU,EAAE,GAAG;oBACf,QAAQ,EAAE;wBACR,SAAS,EAAE,MAAM,CAAC,UAAU;wBAC5B,QAAQ,EAAE,MAAM,CAAC,QAAQ;wBACzB,SAAS,EAAE,MAAM,CAAC,SAAS;qBAC5B;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,QAAQ;YACR,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YAChC,OAAO,EAAE,IAAI;YACb,OAAO,EAAE,YAAY,CAAC,OAAO;SAC9B,CAAC;IACJ,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,OAAO,EAAE,SAAS;YAClB,QAAQ,EAAE,EAAE;YACZ,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YAChC,OAAO,EAAE,KAAK;YACd,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,WAAmB,EACnB,OAA8B;IAE9B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,MAAM,CAAC,WAAW,EAAE,aAAa,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QACrD,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;QAC9B,UAAU,CAAC,WAAW,EAAE,OAAO,CAAC;KACjC,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,CAAC,GAAG,WAAW,CAAC,QAAQ,EAAE,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IACtE,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,IAAI,aAAa,CAAC,OAAO,CAAC;IAE7D,OAAO;QACL,OAAO,EAAE,WAAW;QACpB,QAAQ;QACR,QAAQ,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;QAChC,OAAO;QACP,KAAK,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,2BAA2B,CAAC,CAAC,CAAC,SAAS;KAC1D,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,WAAmB;IACvD,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,SAAS,CAChC,SAAS,WAAW,uGAAuG,EAC3H,EAAE,OAAO,EAAE,IAAI,EAAE,CAClB,CAAC;QACF,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC"}
|
package/dist/scanners/types.d.ts
CHANGED
|
@@ -13,7 +13,7 @@ export type { Severity };
|
|
|
13
13
|
/**
|
|
14
14
|
* Supported scanner types
|
|
15
15
|
*/
|
|
16
|
-
export type ScannerType = "semgrep" | "npm-audit" | "gitleaks" | "tsc" | "eslint" | "bandit" | "gosec" | "brakeman" | "trivy" | "binary-analysis" | "memory-safety" | "race-condition" | "healthcare" | "logic" | "dast" | "zap" | "nuclei" | "plugin";
|
|
16
|
+
export type ScannerType = "semgrep" | "npm-audit" | "gitleaks" | "tsc" | "eslint" | "bandit" | "gosec" | "brakeman" | "trivy" | "binary-analysis" | "memory-safety" | "race-condition" | "healthcare" | "logic" | "dast" | "zap" | "nuclei" | "terraform" | "tfsec" | "checkov" | "openapi" | "spectral" | "rust" | "cargo-audit" | "clippy" | "plugin";
|
|
17
17
|
/**
|
|
18
18
|
* A finding from a deterministic scanner.
|
|
19
19
|
*
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/scanners/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AAG1D,YAAY,EAAE,QAAQ,EAAE,CAAC;AAEzB;;GAEG;AACH,MAAM,MAAM,WAAW,GACnB,SAAS,GACT,WAAW,GACX,UAAU,GACV,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,UAAU,GACV,OAAO,GACP,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAChB,YAAY,GACZ,OAAO,GACP,MAAM,GACN,KAAK,GACL,QAAQ,GACR,QAAQ,CAAC;AAEb;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACnC,qCAAqC;IACrC,OAAO,EAAE,WAAW,CAAC;IAErB,+EAA+E;IAC/E,MAAM,EAAE,MAAM,CAAC;IAEf,mDAAmD;IACnD,IAAI,EAAE,MAAM,CAAC;IAEb,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,0CAA0C;IAC1C,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,qCAAqC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,uCAAuC;IACvC,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAC;IAEhB,qBAAqB;IACrB,QAAQ,EAAE,QAAQ,CAAC;IAEnB,wEAAwE;IACxE,UAAU,EAAE,MAAM,CAAC;IAEnB,8CAA8C;IAC9C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,0DAA0D;IAC1D,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAElB,6CAA6C;IAC7C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAElB,4CAA4C;IAC5C,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,iCAAiC;IACjC,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,iDAAiD;IACjD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,4BAA4B;IAC5B,OAAO,EAAE,WAAW,CAAC;IAErB,0CAA0C;IAC1C,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IAEjC,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAC;IAEjB,8CAA8C;IAC9C,OAAO,EAAE,OAAO,CAAC;IAEjB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,yCAAyC;IACzC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,8BAA8B;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IAErB,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,4BAA4B;IAC5B,SAAS,EAAE,MAAM,CAAC;IAElB,oCAAoC;IACpC,WAAW,EAAE,MAAM,CAAC;IAEpB,gCAAgC;IAChC,QAAQ,EAAE,aAAa,EAAE,CAAC;IAE1B,yCAAyC;IACzC,aAAa,EAAE,MAAM,CAAC;IAEtB,mCAAmC;IACnC,UAAU,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAErC,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAEvC,0CAA0C;IAC1C,aAAa,EAAE,MAAM,CAAC;IAEtB,qCAAqC;IACrC,YAAY,EAAE,OAAO,CAAC;IAEtB,2BAA2B;IAC3B,cAAc,EAAE,WAAW,EAAE,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,8CAA8C;IAC9C,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,uDAAuD;IACvD,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,yCAAyC;IACzC,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,gDAAgD;IAChD,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,kCAAkC;IAClC,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB,qCAAqC;IACrC,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB,gCAAgC;IAChC,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,qCAAqC;IACrC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,6CAA6C;IAC7C,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB,gDAAgD;IAChD,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,mCAAmC;IACnC,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,qCAAqC;IACrC,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IAEnB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IAEnB,0CAA0C;IAC1C,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,QAAQ,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,GAAG,SAAS,GAAG,SAAS,CAAC,CAc7G,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB;;kBAGF,QAAQ;cAChB,QAAQ;kBACF,QAAQ;aAChB,QAAQ;cACN,QAAQ;;;eAKP,QAAQ;iBACJ,QAAQ;cACd,QAAQ;;;iBAKA,QAAQ;;;eAKd,QAAQ;iBACJ,QAAQ;oBACR,QAAQ;iBACV,QAAQ;;;cAKX,QAAQ;gBACJ,QAAQ;aACd,QAAQ;;;cAKN,QAAQ;gBACJ,QAAQ;aACd,QAAQ;;;cAKN,QAAQ;gBACJ,QAAQ;cACb,QAAQ;;;kBAKC,QAAQ;cAChB,QAAQ;gBACJ,QAAQ;aACd,QAAQ;iBACH,QAAQ;;CAE9B,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,WAAW,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/scanners/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AAG1D,YAAY,EAAE,QAAQ,EAAE,CAAC;AAEzB;;GAEG;AACH,MAAM,MAAM,WAAW,GACnB,SAAS,GACT,WAAW,GACX,UAAU,GACV,KAAK,GACL,QAAQ,GACR,QAAQ,GACR,OAAO,GACP,UAAU,GACV,OAAO,GACP,iBAAiB,GACjB,eAAe,GACf,gBAAgB,GAChB,YAAY,GACZ,OAAO,GACP,MAAM,GACN,KAAK,GACL,QAAQ,GACR,WAAW,GACX,OAAO,GACP,SAAS,GACT,SAAS,GACT,UAAU,GACV,MAAM,GACN,aAAa,GACb,QAAQ,GACR,QAAQ,CAAC;AAEb;;;;;GAKG;AACH,MAAM,WAAW,oBAAoB;IACnC,qCAAqC;IACrC,OAAO,EAAE,WAAW,CAAC;IAErB,+EAA+E;IAC/E,MAAM,EAAE,MAAM,CAAC;IAEf,mDAAmD;IACnD,IAAI,EAAE,MAAM,CAAC;IAEb,8BAA8B;IAC9B,IAAI,EAAE,MAAM,CAAC;IAEb,0CAA0C;IAC1C,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,qCAAqC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,uCAAuC;IACvC,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAC;IAEhB,qBAAqB;IACrB,QAAQ,EAAE,QAAQ,CAAC;IAEnB,wEAAwE;IACxE,UAAU,EAAE,MAAM,CAAC;IAEnB,8CAA8C;IAC9C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,0DAA0D;IAC1D,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAElB,6CAA6C;IAC7C,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;IAElB,4CAA4C;IAC5C,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,iCAAiC;IACjC,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,iDAAiD;IACjD,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,4BAA4B;IAC5B,OAAO,EAAE,WAAW,CAAC;IAErB,0CAA0C;IAC1C,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IAEjC,6CAA6C;IAC7C,QAAQ,EAAE,MAAM,CAAC;IAEjB,8CAA8C;IAC9C,OAAO,EAAE,OAAO,CAAC;IAEjB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,yCAAyC;IACzC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,2BAA2B;IAC3B,OAAO,CAAC,EAAE,MAAM,CAAC;IAEjB,8BAA8B;IAC9B,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,iCAAiC;IACjC,SAAS,CAAC,EAAE,MAAM,EAAE,CAAC;IAErB,2CAA2C;IAC3C,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,4BAA4B;IAC5B,SAAS,EAAE,MAAM,CAAC;IAElB,oCAAoC;IACpC,WAAW,EAAE,MAAM,CAAC;IAEpB,gCAAgC;IAChC,QAAQ,EAAE,aAAa,EAAE,CAAC;IAE1B,yCAAyC;IACzC,aAAa,EAAE,MAAM,CAAC;IAEtB,mCAAmC;IACnC,UAAU,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAErC,kCAAkC;IAClC,SAAS,EAAE,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IAEvC,0CAA0C;IAC1C,aAAa,EAAE,MAAM,CAAC;IAEtB,qCAAqC;IACrC,YAAY,EAAE,OAAO,CAAC;IAEtB,2BAA2B;IAC3B,cAAc,EAAE,WAAW,EAAE,CAAC;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,8CAA8C;IAC9C,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,uDAAuD;IACvD,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,yCAAyC;IACzC,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,gDAAgD;IAChD,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,kCAAkC;IAClC,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB,qCAAqC;IACrC,MAAM,CAAC,EAAE,OAAO,CAAC;IAEjB,gCAAgC;IAChC,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,qCAAqC;IACrC,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,2CAA2C;IAC3C,KAAK,CAAC,EAAE,OAAO,CAAC;IAEhB,6CAA6C;IAC7C,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB,gDAAgD;IAChD,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,mCAAmC;IACnC,aAAa,CAAC,EAAE,OAAO,CAAC;IAExB,qCAAqC;IACrC,eAAe,CAAC,EAAE,MAAM,CAAC;IAEzB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IAEnB,uCAAuC;IACvC,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IAEnB,0CAA0C;IAC1C,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,QAAQ,CAAC,IAAI,CAAC,cAAc,EAAE,iBAAiB,GAAG,SAAS,GAAG,SAAS,CAAC,CAc7G,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,iBAAiB;;kBAGF,QAAQ;cAChB,QAAQ;kBACF,QAAQ;aAChB,QAAQ;cACN,QAAQ;;;eAKP,QAAQ;iBACJ,QAAQ;cACd,QAAQ;;;iBAKA,QAAQ;;;eAKd,QAAQ;iBACJ,QAAQ;oBACR,QAAQ;iBACV,QAAQ;;;cAKX,QAAQ;gBACJ,QAAQ;aACd,QAAQ;;;cAKN,QAAQ;gBACJ,QAAQ;aACd,QAAQ;;;cAKN,QAAQ;gBACJ,QAAQ;cACb,QAAQ;;;kBAKC,QAAQ;cAChB,QAAQ;gBACJ,QAAQ;aACd,QAAQ;iBACH,QAAQ;;CAE9B,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,WAAW,CAAC;IACrB,SAAS,EAAE,OAAO,CAAC;IACnB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CA+BvF"}
|
package/dist/scanners/types.js
CHANGED
|
@@ -104,6 +104,14 @@ export function toFindingId(scanner, ruleId, index) {
|
|
|
104
104
|
dast: "dst",
|
|
105
105
|
zap: "zap",
|
|
106
106
|
nuclei: "nuc",
|
|
107
|
+
terraform: "tf",
|
|
108
|
+
tfsec: "tfs",
|
|
109
|
+
checkov: "chk",
|
|
110
|
+
openapi: "api",
|
|
111
|
+
spectral: "spc",
|
|
112
|
+
rust: "rs",
|
|
113
|
+
"cargo-audit": "cra",
|
|
114
|
+
clippy: "clp",
|
|
107
115
|
plugin: "plg",
|
|
108
116
|
};
|
|
109
117
|
return `${prefix[scanner]}-${String(index + 1).padStart(3, "0")}`;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/scanners/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/scanners/types.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAyNH;;GAEG;AACH,MAAM,CAAC,MAAM,uBAAuB,GAA8E;IAChH,OAAO,EAAE,IAAI;IACb,YAAY,EAAE,IAAI;IAClB,OAAO,EAAE,IAAI;IACb,UAAU,EAAE,IAAI;IAChB,MAAM,EAAE,KAAK,EAAU,mCAAmC;IAC1D,MAAM,EAAE,KAAK,EAAU,kCAAkC;IACzD,KAAK,EAAE,KAAK,EAAW,8BAA8B;IACrD,QAAQ,EAAE,KAAK,EAAQ,gCAAgC;IACvD,KAAK,EAAE,KAAK,EAAW,kCAAkC;IACzD,cAAc,EAAE,IAAI,EAAG,6CAA6C;IACpE,YAAY,EAAE,KAAK,EAAI,sCAAsC;IAC7D,aAAa,EAAE,IAAI,EAAI,qBAAqB;IAC5C,OAAO,EAAE,MAAM,EAAQ,wBAAwB;CAChD,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,0BAA0B;IAC1B,GAAG,EAAE;QACH,QAAQ,EAAE,UAAsB;QAChC,IAAI,EAAE,MAAkB;QACxB,QAAQ,EAAE,QAAoB;QAC9B,GAAG,EAAE,KAAiB;QACtB,IAAI,EAAE,MAAkB;KACzB;IAED,UAAU;IACV,OAAO,EAAE;QACP,KAAK,EAAE,MAAkB;QACzB,OAAO,EAAE,QAAoB;QAC7B,IAAI,EAAE,KAAiB;KACxB;IAED,sCAAsC;IACtC,QAAQ,EAAE;QACR,OAAO,EAAE,UAAsB;KAChC;IAED,sBAAsB;IACtB,UAAU,EAAE;QACV,KAAK,EAAE,MAAkB;QACzB,OAAO,EAAE,QAAoB;QAC7B,UAAU,EAAE,KAAiB;QAC7B,OAAO,EAAE,MAAkB;KAC5B;IAED,kBAAkB;IAClB,MAAM,EAAE;QACN,IAAI,EAAE,MAAkB;QACxB,MAAM,EAAE,QAAoB;QAC5B,GAAG,EAAE,KAAiB;KACvB;IAED,aAAa;IACb,KAAK,EAAE;QACL,IAAI,EAAE,MAAkB;QACxB,MAAM,EAAE,QAAoB;QAC5B,GAAG,EAAE,KAAiB;KACvB;IAED,kBAAkB;IAClB,QAAQ,EAAE;QACR,IAAI,EAAE,MAAkB;QACxB,MAAM,EAAE,QAAoB;QAC5B,IAAI,EAAE,KAAiB;KACxB;IAED,QAAQ;IACR,KAAK,EAAE;QACL,QAAQ,EAAE,UAAsB;QAChC,IAAI,EAAE,MAAkB;QACxB,MAAM,EAAE,QAAoB;QAC5B,GAAG,EAAE,KAAiB;QACtB,OAAO,EAAE,MAAkB;KAC5B;CACF,CAAC;AAaF;;GAEG;AACH,MAAM,UAAU,WAAW,CAAC,OAAoB,EAAE,MAAc,EAAE,KAAa;IAC7E,MAAM,MAAM,GAAgC;QAC1C,OAAO,EAAE,KAAK;QACd,WAAW,EAAE,KAAK;QAClB,QAAQ,EAAE,KAAK;QACf,GAAG,EAAE,IAAI;QACT,MAAM,EAAE,MAAM;QACd,MAAM,EAAE,IAAI;QACZ,KAAK,EAAE,IAAI;QACX,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,KAAK;QACZ,iBAAiB,EAAE,KAAK;QACxB,eAAe,EAAE,KAAK;QACtB,gBAAgB,EAAE,KAAK;QACvB,UAAU,EAAE,IAAI;QAChB,KAAK,EAAE,KAAK;QACZ,IAAI,EAAE,KAAK;QACX,GAAG,EAAE,KAAK;QACV,MAAM,EAAE,KAAK;QACb,SAAS,EAAE,IAAI;QACf,KAAK,EAAE,KAAK;QACZ,OAAO,EAAE,KAAK;QACd,OAAO,EAAE,KAAK;QACd,QAAQ,EAAE,KAAK;QACf,IAAI,EAAE,IAAI;QACV,aAAa,EAAE,KAAK;QACpB,MAAM,EAAE,KAAK;QACb,MAAM,EAAE,KAAK;KACd,CAAC;IAEF,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,IAAI,MAAM,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;AACpE,CAAC"}
|