vaspera 2.9.2 → 2.10.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +68 -0
- package/README.md +58 -1
- package/dist/__tests__/autofix/branch-manager.test.d.ts +2 -0
- package/dist/__tests__/autofix/branch-manager.test.d.ts.map +1 -0
- package/dist/__tests__/autofix/branch-manager.test.js +60 -0
- package/dist/__tests__/autofix/branch-manager.test.js.map +1 -0
- package/dist/__tests__/autofix/commit-generator.test.d.ts +2 -0
- package/dist/__tests__/autofix/commit-generator.test.d.ts.map +1 -0
- package/dist/__tests__/autofix/commit-generator.test.js +147 -0
- package/dist/__tests__/autofix/commit-generator.test.js.map +1 -0
- package/dist/__tests__/autofix/constitution.test.d.ts +9 -0
- package/dist/__tests__/autofix/constitution.test.d.ts.map +1 -0
- package/dist/__tests__/autofix/constitution.test.js +421 -0
- package/dist/__tests__/autofix/constitution.test.js.map +1 -0
- package/dist/__tests__/autofix/pr-generator.test.d.ts +2 -0
- package/dist/__tests__/autofix/pr-generator.test.d.ts.map +1 -0
- package/dist/__tests__/autofix/pr-generator.test.js +152 -0
- package/dist/__tests__/autofix/pr-generator.test.js.map +1 -0
- package/dist/__tests__/property-test-helpers.d.ts +87 -0
- package/dist/__tests__/property-test-helpers.d.ts.map +1 -0
- package/dist/__tests__/property-test-helpers.js +136 -0
- package/dist/__tests__/property-test-helpers.js.map +1 -0
- package/dist/__tests__/scanners/ai-code/ai-detector.test.d.ts +2 -0
- package/dist/__tests__/scanners/ai-code/ai-detector.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/ai-code/ai-detector.test.js +188 -0
- package/dist/__tests__/scanners/ai-code/ai-detector.test.js.map +1 -0
- package/dist/__tests__/scanners/ai-code/confidence-scorer.test.d.ts +2 -0
- package/dist/__tests__/scanners/ai-code/confidence-scorer.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/ai-code/confidence-scorer.test.js +363 -0
- package/dist/__tests__/scanners/ai-code/confidence-scorer.test.js.map +1 -0
- package/dist/__tests__/scanners/ai-code/hallucination-checker.test.d.ts +2 -0
- package/dist/__tests__/scanners/ai-code/hallucination-checker.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/ai-code/hallucination-checker.test.js +226 -0
- package/dist/__tests__/scanners/ai-code/hallucination-checker.test.js.map +1 -0
- package/dist/__tests__/scanners/ai-code/index.test.d.ts +2 -0
- package/dist/__tests__/scanners/ai-code/index.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/ai-code/index.test.js +214 -0
- package/dist/__tests__/scanners/ai-code/index.test.js.map +1 -0
- package/dist/__tests__/scanners/dast/index.test.d.ts +2 -0
- package/dist/__tests__/scanners/dast/index.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/dast/index.test.js +183 -0
- package/dist/__tests__/scanners/dast/index.test.js.map +1 -0
- package/dist/__tests__/scanners/dast/nuclei.test.d.ts +2 -0
- package/dist/__tests__/scanners/dast/nuclei.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/dast/nuclei.test.js +166 -0
- package/dist/__tests__/scanners/dast/nuclei.test.js.map +1 -0
- package/dist/__tests__/scanners/dast/zap.test.d.ts +2 -0
- package/dist/__tests__/scanners/dast/zap.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/dast/zap.test.js +158 -0
- package/dist/__tests__/scanners/dast/zap.test.js.map +1 -0
- package/dist/__tests__/scanners/deploy/health-checker.test.d.ts +2 -0
- package/dist/__tests__/scanners/deploy/health-checker.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/deploy/health-checker.test.js +67 -0
- package/dist/__tests__/scanners/deploy/health-checker.test.js.map +1 -0
- package/dist/__tests__/scanners/deploy/index.test.d.ts +2 -0
- package/dist/__tests__/scanners/deploy/index.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/deploy/index.test.js +84 -0
- package/dist/__tests__/scanners/deploy/index.test.js.map +1 -0
- package/dist/__tests__/scanners/deploy/provider-detector.test.d.ts +2 -0
- package/dist/__tests__/scanners/deploy/provider-detector.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/deploy/provider-detector.test.js +88 -0
- package/dist/__tests__/scanners/deploy/provider-detector.test.js.map +1 -0
- package/dist/__tests__/scanners/deploy/types.test.d.ts +2 -0
- package/dist/__tests__/scanners/deploy/types.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/deploy/types.test.js +126 -0
- package/dist/__tests__/scanners/deploy/types.test.js.map +1 -0
- package/dist/__tests__/scanners/fp-feedback.test.d.ts +2 -0
- package/dist/__tests__/scanners/fp-feedback.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/fp-feedback.test.js +202 -0
- package/dist/__tests__/scanners/fp-feedback.test.js.map +1 -0
- package/dist/__tests__/scanners/fp-filter.property.test.d.ts +9 -0
- package/dist/__tests__/scanners/fp-filter.property.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/fp-filter.property.test.js +253 -0
- package/dist/__tests__/scanners/fp-filter.property.test.js.map +1 -0
- package/dist/__tests__/scanners/fp-filter.test.d.ts +2 -0
- package/dist/__tests__/scanners/fp-filter.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/fp-filter.test.js +234 -0
- package/dist/__tests__/scanners/fp-filter.test.js.map +1 -0
- package/dist/__tests__/scanners/fp-tracker.test.d.ts +2 -0
- package/dist/__tests__/scanners/fp-tracker.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/fp-tracker.test.js +262 -0
- package/dist/__tests__/scanners/fp-tracker.test.js.map +1 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.property.test.d.ts +10 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.property.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.property.test.js +238 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.property.test.js.map +1 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.test.d.ts +2 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.test.js +55 -0
- package/dist/__tests__/scanners/logic/endpoint-analyzer.test.js.map +1 -0
- package/dist/__tests__/scanners/logic/index.test.d.ts +2 -0
- package/dist/__tests__/scanners/logic/index.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/logic/index.test.js +165 -0
- package/dist/__tests__/scanners/logic/index.test.js.map +1 -0
- package/dist/__tests__/scanners/logic/types.test.d.ts +2 -0
- package/dist/__tests__/scanners/logic/types.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/logic/types.test.js +85 -0
- package/dist/__tests__/scanners/logic/types.test.js.map +1 -0
- package/dist/__tests__/scanners/runtime/app-launcher.test.d.ts +2 -0
- package/dist/__tests__/scanners/runtime/app-launcher.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/runtime/app-launcher.test.js +94 -0
- package/dist/__tests__/scanners/runtime/app-launcher.test.js.map +1 -0
- package/dist/__tests__/scanners/runtime/golden-path-runner.test.d.ts +2 -0
- package/dist/__tests__/scanners/runtime/golden-path-runner.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/runtime/golden-path-runner.test.js +195 -0
- package/dist/__tests__/scanners/runtime/golden-path-runner.test.js.map +1 -0
- package/dist/__tests__/scanners/runtime/index.test.d.ts +2 -0
- package/dist/__tests__/scanners/runtime/index.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/runtime/index.test.js +120 -0
- package/dist/__tests__/scanners/runtime/index.test.js.map +1 -0
- package/dist/__tests__/scanners/runtime/types.test.d.ts +2 -0
- package/dist/__tests__/scanners/runtime/types.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/runtime/types.test.js +126 -0
- package/dist/__tests__/scanners/runtime/types.test.js.map +1 -0
- package/dist/__tests__/scanners/scale/bottleneck-detector.test.d.ts +2 -0
- package/dist/__tests__/scanners/scale/bottleneck-detector.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/scale/bottleneck-detector.test.js +187 -0
- package/dist/__tests__/scanners/scale/bottleneck-detector.test.js.map +1 -0
- package/dist/__tests__/scanners/scale/index.test.d.ts +2 -0
- package/dist/__tests__/scanners/scale/index.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/scale/index.test.js +87 -0
- package/dist/__tests__/scanners/scale/index.test.js.map +1 -0
- package/dist/__tests__/scanners/scale/load-profiler.test.d.ts +2 -0
- package/dist/__tests__/scanners/scale/load-profiler.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/scale/load-profiler.test.js +122 -0
- package/dist/__tests__/scanners/scale/load-profiler.test.js.map +1 -0
- package/dist/__tests__/scanners/scale/types.test.d.ts +2 -0
- package/dist/__tests__/scanners/scale/types.test.d.ts.map +1 -0
- package/dist/__tests__/scanners/scale/types.test.js +129 -0
- package/dist/__tests__/scanners/scale/types.test.js.map +1 -0
- package/dist/action/pr-comment.test.js +4 -0
- package/dist/action/pr-comment.test.js.map +1 -1
- package/dist/action/sarif-upload.test.js +4 -0
- package/dist/action/sarif-upload.test.js.map +1 -1
- package/dist/autofix/branch-manager.d.ts +115 -0
- package/dist/autofix/branch-manager.d.ts.map +1 -0
- package/dist/autofix/branch-manager.js +308 -0
- package/dist/autofix/branch-manager.js.map +1 -0
- package/dist/autofix/commit-generator.d.ts +55 -0
- package/dist/autofix/commit-generator.d.ts.map +1 -0
- package/dist/autofix/commit-generator.js +277 -0
- package/dist/autofix/commit-generator.js.map +1 -0
- package/dist/autofix/constitution.d.ts +77 -0
- package/dist/autofix/constitution.d.ts.map +1 -0
- package/dist/autofix/constitution.js +261 -0
- package/dist/autofix/constitution.js.map +1 -0
- package/dist/autofix/constitution.schema.d.ts +441 -0
- package/dist/autofix/constitution.schema.d.ts.map +1 -0
- package/dist/autofix/constitution.schema.js +144 -0
- package/dist/autofix/constitution.schema.js.map +1 -0
- package/dist/autofix/index.d.ts +13 -0
- package/dist/autofix/index.d.ts.map +1 -0
- package/dist/autofix/index.js +15 -0
- package/dist/autofix/index.js.map +1 -0
- package/dist/autofix/pr-generator.d.ts +57 -0
- package/dist/autofix/pr-generator.d.ts.map +1 -0
- package/dist/autofix/pr-generator.js +597 -0
- package/dist/autofix/pr-generator.js.map +1 -0
- package/dist/autofix/types.d.ts +151 -0
- package/dist/autofix/types.d.ts.map +1 -0
- package/dist/autofix/types.js +22 -0
- package/dist/autofix/types.js.map +1 -0
- package/dist/eval/fixtures.d.ts +20 -0
- package/dist/eval/fixtures.d.ts.map +1 -1
- package/dist/eval/fixtures.js +430 -0
- package/dist/eval/fixtures.js.map +1 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +874 -0
- package/dist/index.js.map +1 -1
- package/dist/install-skills.d.ts +11 -0
- package/dist/install-skills.d.ts.map +1 -0
- package/dist/install-skills.js +81 -0
- package/dist/install-skills.js.map +1 -0
- package/dist/scanners/ai-code/ai-detector.d.ts +25 -0
- package/dist/scanners/ai-code/ai-detector.d.ts.map +1 -0
- package/dist/scanners/ai-code/ai-detector.js +192 -0
- package/dist/scanners/ai-code/ai-detector.js.map +1 -0
- package/dist/scanners/ai-code/confidence-scorer.d.ts +40 -0
- package/dist/scanners/ai-code/confidence-scorer.d.ts.map +1 -0
- package/dist/scanners/ai-code/confidence-scorer.js +148 -0
- package/dist/scanners/ai-code/confidence-scorer.js.map +1 -0
- package/dist/scanners/ai-code/hallucination-checker.d.ts +36 -0
- package/dist/scanners/ai-code/hallucination-checker.d.ts.map +1 -0
- package/dist/scanners/ai-code/hallucination-checker.js +298 -0
- package/dist/scanners/ai-code/hallucination-checker.js.map +1 -0
- package/dist/scanners/ai-code/index.d.ts +30 -0
- package/dist/scanners/ai-code/index.d.ts.map +1 -0
- package/dist/scanners/ai-code/index.js +224 -0
- package/dist/scanners/ai-code/index.js.map +1 -0
- package/dist/scanners/ai-code/types.d.ts +192 -0
- package/dist/scanners/ai-code/types.d.ts.map +1 -0
- package/dist/scanners/ai-code/types.js +37 -0
- package/dist/scanners/ai-code/types.js.map +1 -0
- package/dist/scanners/cache.d.ts.map +1 -1
- package/dist/scanners/cache.js +4 -0
- package/dist/scanners/cache.js.map +1 -1
- package/dist/scanners/dast/index.d.ts +39 -0
- package/dist/scanners/dast/index.d.ts.map +1 -0
- package/dist/scanners/dast/index.js +259 -0
- package/dist/scanners/dast/index.js.map +1 -0
- package/dist/scanners/dast/nuclei.d.ts +26 -0
- package/dist/scanners/dast/nuclei.d.ts.map +1 -0
- package/dist/scanners/dast/nuclei.js +354 -0
- package/dist/scanners/dast/nuclei.js.map +1 -0
- package/dist/scanners/dast/types.d.ts +306 -0
- package/dist/scanners/dast/types.d.ts.map +1 -0
- package/dist/scanners/dast/types.js +52 -0
- package/dist/scanners/dast/types.js.map +1 -0
- package/dist/scanners/dast/zap.d.ts +26 -0
- package/dist/scanners/dast/zap.d.ts.map +1 -0
- package/dist/scanners/dast/zap.js +453 -0
- package/dist/scanners/dast/zap.js.map +1 -0
- package/dist/scanners/deploy/health-checker.d.ts +38 -0
- package/dist/scanners/deploy/health-checker.d.ts.map +1 -0
- package/dist/scanners/deploy/health-checker.js +272 -0
- package/dist/scanners/deploy/health-checker.js.map +1 -0
- package/dist/scanners/deploy/index.d.ts +44 -0
- package/dist/scanners/deploy/index.d.ts.map +1 -0
- package/dist/scanners/deploy/index.js +208 -0
- package/dist/scanners/deploy/index.js.map +1 -0
- package/dist/scanners/deploy/provider-detector.d.ts +25 -0
- package/dist/scanners/deploy/provider-detector.d.ts.map +1 -0
- package/dist/scanners/deploy/provider-detector.js +177 -0
- package/dist/scanners/deploy/provider-detector.js.map +1 -0
- package/dist/scanners/deploy/types.d.ts +406 -0
- package/dist/scanners/deploy/types.d.ts.map +1 -0
- package/dist/scanners/deploy/types.js +58 -0
- package/dist/scanners/deploy/types.js.map +1 -0
- package/dist/scanners/deploy/vercel-integration.d.ts +52 -0
- package/dist/scanners/deploy/vercel-integration.d.ts.map +1 -0
- package/dist/scanners/deploy/vercel-integration.js +280 -0
- package/dist/scanners/deploy/vercel-integration.js.map +1 -0
- package/dist/scanners/fp-feedback.d.ts +140 -0
- package/dist/scanners/fp-feedback.d.ts.map +1 -0
- package/dist/scanners/fp-feedback.js +292 -0
- package/dist/scanners/fp-feedback.js.map +1 -0
- package/dist/scanners/fp-filter.d.ts +94 -0
- package/dist/scanners/fp-filter.d.ts.map +1 -0
- package/dist/scanners/fp-filter.js +397 -0
- package/dist/scanners/fp-filter.js.map +1 -0
- package/dist/scanners/fp-tracker.d.ts +125 -0
- package/dist/scanners/fp-tracker.d.ts.map +1 -0
- package/dist/scanners/fp-tracker.js +330 -0
- package/dist/scanners/fp-tracker.js.map +1 -0
- package/dist/scanners/index.d.ts.map +1 -1
- package/dist/scanners/index.js +56 -0
- package/dist/scanners/index.js.map +1 -1
- package/dist/scanners/index.test.js +6 -6
- package/dist/scanners/index.test.js.map +1 -1
- package/dist/scanners/logic/auth-flow-analyzer.d.ts +18 -0
- package/dist/scanners/logic/auth-flow-analyzer.d.ts.map +1 -0
- package/dist/scanners/logic/auth-flow-analyzer.js +384 -0
- package/dist/scanners/logic/auth-flow-analyzer.js.map +1 -0
- package/dist/scanners/logic/endpoint-analyzer.d.ts +29 -0
- package/dist/scanners/logic/endpoint-analyzer.d.ts.map +1 -0
- package/dist/scanners/logic/endpoint-analyzer.js +528 -0
- package/dist/scanners/logic/endpoint-analyzer.js.map +1 -0
- package/dist/scanners/logic/index.d.ts +41 -0
- package/dist/scanners/logic/index.d.ts.map +1 -0
- package/dist/scanners/logic/index.js +268 -0
- package/dist/scanners/logic/index.js.map +1 -0
- package/dist/scanners/logic/types.d.ts +254 -0
- package/dist/scanners/logic/types.d.ts.map +1 -0
- package/dist/scanners/logic/types.js +142 -0
- package/dist/scanners/logic/types.js.map +1 -0
- package/dist/scanners/runtime/app-launcher.d.ts +33 -0
- package/dist/scanners/runtime/app-launcher.d.ts.map +1 -0
- package/dist/scanners/runtime/app-launcher.js +419 -0
- package/dist/scanners/runtime/app-launcher.js.map +1 -0
- package/dist/scanners/runtime/golden-path-runner.d.ts +48 -0
- package/dist/scanners/runtime/golden-path-runner.d.ts.map +1 -0
- package/dist/scanners/runtime/golden-path-runner.js +373 -0
- package/dist/scanners/runtime/golden-path-runner.js.map +1 -0
- package/dist/scanners/runtime/index.d.ts +41 -0
- package/dist/scanners/runtime/index.d.ts.map +1 -0
- package/dist/scanners/runtime/index.js +164 -0
- package/dist/scanners/runtime/index.js.map +1 -0
- package/dist/scanners/runtime/playwright-executor.d.ts +50 -0
- package/dist/scanners/runtime/playwright-executor.d.ts.map +1 -0
- package/dist/scanners/runtime/playwright-executor.js +387 -0
- package/dist/scanners/runtime/playwright-executor.js.map +1 -0
- package/dist/scanners/runtime/types.d.ts +215 -0
- package/dist/scanners/runtime/types.d.ts.map +1 -0
- package/dist/scanners/runtime/types.js +40 -0
- package/dist/scanners/runtime/types.js.map +1 -0
- package/dist/scanners/scale/bottleneck-detector.d.ts +17 -0
- package/dist/scanners/scale/bottleneck-detector.d.ts.map +1 -0
- package/dist/scanners/scale/bottleneck-detector.js +250 -0
- package/dist/scanners/scale/bottleneck-detector.js.map +1 -0
- package/dist/scanners/scale/capacity-estimator.d.ts +17 -0
- package/dist/scanners/scale/capacity-estimator.d.ts.map +1 -0
- package/dist/scanners/scale/capacity-estimator.js +197 -0
- package/dist/scanners/scale/capacity-estimator.js.map +1 -0
- package/dist/scanners/scale/index.d.ts +37 -0
- package/dist/scanners/scale/index.d.ts.map +1 -0
- package/dist/scanners/scale/index.js +101 -0
- package/dist/scanners/scale/index.js.map +1 -0
- package/dist/scanners/scale/load-profiler.d.ts +48 -0
- package/dist/scanners/scale/load-profiler.d.ts.map +1 -0
- package/dist/scanners/scale/load-profiler.js +377 -0
- package/dist/scanners/scale/load-profiler.js.map +1 -0
- package/dist/scanners/scale/types.d.ts +529 -0
- package/dist/scanners/scale/types.d.ts.map +1 -0
- package/dist/scanners/scale/types.js +57 -0
- package/dist/scanners/scale/types.js.map +1 -0
- package/dist/scanners/secrets.d.ts.map +1 -1
- package/dist/scanners/secrets.js +13 -2
- package/dist/scanners/secrets.js.map +1 -1
- package/dist/scanners/types.d.ts +1 -1
- package/dist/scanners/types.d.ts.map +1 -1
- package/dist/scanners/types.js +4 -0
- package/dist/scanners/types.js.map +1 -1
- package/package.json +8 -4
- package/skills/vaspera-add-tests/SKILL.md +102 -0
- package/skills/vaspera-ai-verify/SKILL.md +166 -0
- package/skills/vaspera-audit/SKILL.md +67 -0
- package/skills/vaspera-certify/SKILL.md +130 -0
- package/skills/vaspera-deploy/SKILL.md +152 -0
- package/skills/vaspera-fix-critical/SKILL.md +52 -0
- package/skills/vaspera-fix-high/SKILL.md +81 -0
- package/skills/vaspera-fix-medium/SKILL.md +56 -0
- package/skills/vaspera-fix-rls/SKILL.md +85 -0
- package/skills/vaspera-harden/SKILL.md +102 -0
- package/skills/vaspera-help/SKILL.md +61 -0
- package/skills/vaspera-load-test/SKILL.md +167 -0
- package/skills/vaspera-verify/SKILL.md +70 -0
- package/skills/vaspera-verify-e2e/SKILL.md +117 -0
|
@@ -0,0 +1,214 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, afterEach } from "vitest";
|
|
2
|
+
import { join } from "path";
|
|
3
|
+
import { mkdir, writeFile, rm, readFile } from "fs/promises";
|
|
4
|
+
import { tmpdir } from "os";
|
|
5
|
+
import { runAIVerification, quickAICheck, loadAIVerifyConfig, generateAIVerifyConfig, formatVerificationReport, } from "../../../scanners/ai-code/index.js";
|
|
6
|
+
describe("ai-code module exports", () => {
|
|
7
|
+
it("exports runAIVerification", () => {
|
|
8
|
+
expect(typeof runAIVerification).toBe("function");
|
|
9
|
+
});
|
|
10
|
+
it("exports quickAICheck", () => {
|
|
11
|
+
expect(typeof quickAICheck).toBe("function");
|
|
12
|
+
});
|
|
13
|
+
it("exports loadAIVerifyConfig", () => {
|
|
14
|
+
expect(typeof loadAIVerifyConfig).toBe("function");
|
|
15
|
+
});
|
|
16
|
+
it("exports generateAIVerifyConfig", () => {
|
|
17
|
+
expect(typeof generateAIVerifyConfig).toBe("function");
|
|
18
|
+
});
|
|
19
|
+
it("exports formatVerificationReport", () => {
|
|
20
|
+
expect(typeof formatVerificationReport).toBe("function");
|
|
21
|
+
});
|
|
22
|
+
});
|
|
23
|
+
describe("ai-code integration", () => {
|
|
24
|
+
let testDir;
|
|
25
|
+
beforeEach(async () => {
|
|
26
|
+
testDir = join(tmpdir(), `ai-code-integration-${Date.now()}-${Math.random().toString(36).slice(2, 8)}`);
|
|
27
|
+
await mkdir(testDir, { recursive: true });
|
|
28
|
+
await writeFile(join(testDir, "package.json"), JSON.stringify({
|
|
29
|
+
name: "test-project",
|
|
30
|
+
dependencies: { react: "^18.0.0" },
|
|
31
|
+
}));
|
|
32
|
+
});
|
|
33
|
+
afterEach(async () => {
|
|
34
|
+
await rm(testDir, { recursive: true, force: true });
|
|
35
|
+
});
|
|
36
|
+
describe("runAIVerification", () => {
|
|
37
|
+
it("analyzes a project with clean code", async () => {
|
|
38
|
+
await writeFile(join(testDir, "clean.ts"), `
|
|
39
|
+
function add(a: number, b: number): number {
|
|
40
|
+
return a + b;
|
|
41
|
+
}
|
|
42
|
+
|
|
43
|
+
export { add };
|
|
44
|
+
`);
|
|
45
|
+
const result = await runAIVerification(testDir);
|
|
46
|
+
expect(result.success).toBe(true);
|
|
47
|
+
expect(result.filesAnalyzed).toBe(1);
|
|
48
|
+
expect(result.score.overallScore).toBeGreaterThan(50);
|
|
49
|
+
});
|
|
50
|
+
it("detects AI patterns", async () => {
|
|
51
|
+
await writeFile(join(testDir, "ai-generated.ts"), `
|
|
52
|
+
// Generated by ChatGPT
|
|
53
|
+
// @cursor-ai
|
|
54
|
+
function example() {
|
|
55
|
+
// TODO: implement this logic here
|
|
56
|
+
return null;
|
|
57
|
+
}
|
|
58
|
+
`);
|
|
59
|
+
const result = await runAIVerification(testDir);
|
|
60
|
+
expect(result.success).toBe(true);
|
|
61
|
+
expect(result.indicators.length).toBeGreaterThan(0);
|
|
62
|
+
expect(result.summary.aiLikelyChanges).toBeGreaterThan(0);
|
|
63
|
+
});
|
|
64
|
+
it("detects hallucinations", async () => {
|
|
65
|
+
await writeFile(join(testDir, "hallucinated.ts"), `
|
|
66
|
+
import { x } from "./nonexistent-module";
|
|
67
|
+
import fake from "react-native-awesome-button";
|
|
68
|
+
`);
|
|
69
|
+
const result = await runAIVerification(testDir);
|
|
70
|
+
expect(result.success).toBe(true);
|
|
71
|
+
expect(result.hallucinations.length).toBeGreaterThan(0);
|
|
72
|
+
});
|
|
73
|
+
it("respects specific files option", async () => {
|
|
74
|
+
await writeFile(join(testDir, "a.ts"), "const a = 1;");
|
|
75
|
+
await writeFile(join(testDir, "b.ts"), "const b = 2;");
|
|
76
|
+
const result = await runAIVerification(testDir, {
|
|
77
|
+
files: ["a.ts"],
|
|
78
|
+
});
|
|
79
|
+
expect(result.filesAnalyzed).toBe(1);
|
|
80
|
+
});
|
|
81
|
+
});
|
|
82
|
+
describe("quickAICheck", () => {
|
|
83
|
+
it("checks a single file", async () => {
|
|
84
|
+
await writeFile(join(testDir, "test.ts"), `
|
|
85
|
+
// Generated by AI
|
|
86
|
+
function test() {
|
|
87
|
+
return true;
|
|
88
|
+
}
|
|
89
|
+
`);
|
|
90
|
+
const result = await quickAICheck(join(testDir, "test.ts"), testDir);
|
|
91
|
+
expect(result.aiLikelihood).toBeGreaterThan(0);
|
|
92
|
+
expect(result.indicators.length).toBeGreaterThan(0);
|
|
93
|
+
});
|
|
94
|
+
it("returns low likelihood for clean code", async () => {
|
|
95
|
+
await writeFile(join(testDir, "clean.ts"), `
|
|
96
|
+
function add(a: number, b: number): number {
|
|
97
|
+
return a + b;
|
|
98
|
+
}
|
|
99
|
+
`);
|
|
100
|
+
const result = await quickAICheck(join(testDir, "clean.ts"), testDir);
|
|
101
|
+
expect(result.aiLikelihood).toBe(0);
|
|
102
|
+
expect(result.requiresReview).toBe(false);
|
|
103
|
+
});
|
|
104
|
+
});
|
|
105
|
+
describe("loadAIVerifyConfig", () => {
|
|
106
|
+
it("returns null for non-existent config", async () => {
|
|
107
|
+
const config = await loadAIVerifyConfig(testDir);
|
|
108
|
+
expect(config).toBeNull();
|
|
109
|
+
});
|
|
110
|
+
it("loads YAML config", async () => {
|
|
111
|
+
const vasperaDir = join(testDir, ".vaspera");
|
|
112
|
+
await mkdir(vasperaDir, { recursive: true });
|
|
113
|
+
await writeFile(join(vasperaDir, "ai-verify.yaml"), `
|
|
114
|
+
detection:
|
|
115
|
+
checkPatterns: true
|
|
116
|
+
review:
|
|
117
|
+
requireForConfidence: high
|
|
118
|
+
autoApproveBelow: 20
|
|
119
|
+
`);
|
|
120
|
+
const config = await loadAIVerifyConfig(testDir);
|
|
121
|
+
expect(config).not.toBeNull();
|
|
122
|
+
expect(config?.detection?.checkPatterns).toBe(true);
|
|
123
|
+
expect(config?.review?.requireForConfidence).toBe("high");
|
|
124
|
+
expect(config?.review?.autoApproveBelow).toBe(20);
|
|
125
|
+
});
|
|
126
|
+
it("loads JSON config", async () => {
|
|
127
|
+
const vasperaDir = join(testDir, ".vaspera");
|
|
128
|
+
await mkdir(vasperaDir, { recursive: true });
|
|
129
|
+
await writeFile(join(vasperaDir, "ai-verify.json"), JSON.stringify({
|
|
130
|
+
detection: { checkPatterns: false },
|
|
131
|
+
review: { autoApproveBelow: 50 },
|
|
132
|
+
}));
|
|
133
|
+
const config = await loadAIVerifyConfig(testDir);
|
|
134
|
+
expect(config).not.toBeNull();
|
|
135
|
+
expect(config?.detection?.checkPatterns).toBe(false);
|
|
136
|
+
});
|
|
137
|
+
});
|
|
138
|
+
describe("generateAIVerifyConfig", () => {
|
|
139
|
+
it("creates config file", async () => {
|
|
140
|
+
const configPath = await generateAIVerifyConfig(testDir);
|
|
141
|
+
expect(configPath).toContain("ai-verify.yaml");
|
|
142
|
+
const content = await readFile(configPath, "utf-8");
|
|
143
|
+
expect(content).toContain("detection");
|
|
144
|
+
expect(content).toContain("hallucination");
|
|
145
|
+
expect(content).toContain("review");
|
|
146
|
+
});
|
|
147
|
+
});
|
|
148
|
+
describe("formatVerificationReport", () => {
|
|
149
|
+
it("formats a verification result", () => {
|
|
150
|
+
const result = {
|
|
151
|
+
success: true,
|
|
152
|
+
filesAnalyzed: 10,
|
|
153
|
+
changesScored: [],
|
|
154
|
+
hallucinations: [],
|
|
155
|
+
indicators: [],
|
|
156
|
+
summary: {
|
|
157
|
+
totalChanges: 10,
|
|
158
|
+
aiLikelyChanges: 2,
|
|
159
|
+
requiresReview: 1,
|
|
160
|
+
hallucinationsFound: 0,
|
|
161
|
+
averageConfidence: 25.5,
|
|
162
|
+
},
|
|
163
|
+
score: {
|
|
164
|
+
detectionScore: 85,
|
|
165
|
+
hallucinationScore: 100,
|
|
166
|
+
reviewScore: 90,
|
|
167
|
+
overallScore: 92,
|
|
168
|
+
},
|
|
169
|
+
duration: 1234,
|
|
170
|
+
};
|
|
171
|
+
const report = formatVerificationReport(result);
|
|
172
|
+
expect(report).toContain("AI Code Verification Report");
|
|
173
|
+
expect(report).toContain("Files analyzed: 10");
|
|
174
|
+
expect(report).toContain("Detection Score: 85/100");
|
|
175
|
+
expect(report).toContain("Overall Score: 92/100");
|
|
176
|
+
});
|
|
177
|
+
it("includes hallucinations in report", () => {
|
|
178
|
+
const result = {
|
|
179
|
+
success: true,
|
|
180
|
+
filesAnalyzed: 5,
|
|
181
|
+
changesScored: [],
|
|
182
|
+
hallucinations: [
|
|
183
|
+
{
|
|
184
|
+
type: "nonexistent_import",
|
|
185
|
+
location: { file: "test.ts", line: 1 },
|
|
186
|
+
severity: "high",
|
|
187
|
+
description: "Import does not exist",
|
|
188
|
+
actual: "./missing",
|
|
189
|
+
suggestion: "Create the file or fix the import",
|
|
190
|
+
},
|
|
191
|
+
],
|
|
192
|
+
indicators: [],
|
|
193
|
+
summary: {
|
|
194
|
+
totalChanges: 5,
|
|
195
|
+
aiLikelyChanges: 1,
|
|
196
|
+
requiresReview: 1,
|
|
197
|
+
hallucinationsFound: 1,
|
|
198
|
+
averageConfidence: 30,
|
|
199
|
+
},
|
|
200
|
+
score: {
|
|
201
|
+
detectionScore: 70,
|
|
202
|
+
hallucinationScore: 85,
|
|
203
|
+
reviewScore: 80,
|
|
204
|
+
overallScore: 80,
|
|
205
|
+
},
|
|
206
|
+
duration: 500,
|
|
207
|
+
};
|
|
208
|
+
const report = formatVerificationReport(result);
|
|
209
|
+
expect(report).toContain("Hallucinations:");
|
|
210
|
+
expect(report).toContain("Import does not exist");
|
|
211
|
+
});
|
|
212
|
+
});
|
|
213
|
+
});
|
|
214
|
+
//# sourceMappingURL=index.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.test.js","sourceRoot":"","sources":["../../../../src/__tests__/scanners/ai-code/index.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,EAAE,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,MAAM,EAAE,MAAM,IAAI,CAAC;AAC5B,OAAO,EACL,iBAAiB,EACjB,YAAY,EACZ,kBAAkB,EAClB,sBAAsB,EACtB,wBAAwB,GACzB,MAAM,oCAAoC,CAAC;AAE5C,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;IACtC,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,CAAC,OAAO,iBAAiB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,sBAAsB,EAAE,GAAG,EAAE;QAC9B,MAAM,CAAC,OAAO,YAAY,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,CAAC,OAAO,kBAAkB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,CAAC,OAAO,sBAAsB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,CAAC,OAAO,wBAAwB,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,qBAAqB,EAAE,GAAG,EAAE;IACnC,IAAI,OAAe,CAAC;IAEpB,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,EAAE,uBAAuB,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;QACxG,MAAM,KAAK,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1C,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,EAC7B,IAAI,CAAC,SAAS,CAAC;YACb,IAAI,EAAE,cAAc;YACpB,YAAY,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE;SACnC,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EACzB;;;;;;CAMP,CACM,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAEhD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC;QACxD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qBAAqB,EAAE,KAAK,IAAI,EAAE;YACnC,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,EAChC;;;;;;;CAOP,CACM,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAEhD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC5D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wBAAwB,EAAE,KAAK,IAAI,EAAE;YACtC,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,iBAAiB,CAAC,EAChC;;;CAGP,CACM,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,OAAO,CAAC,CAAC;YAEhD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;YAC9C,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,cAAc,CAAC,CAAC;YACvD,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,EAAE,cAAc,CAAC,CAAC;YAEvD,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,OAAO,EAAE;gBAC9C,KAAK,EAAE,CAAC,MAAM,CAAC;aAChB,CAAC,CAAC;YAEH,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,sBAAsB,EAAE,KAAK,IAAI,EAAE;YACpC,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,EACxB;;;;;CAKP,CACM,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,SAAS,CAAC,EAAE,OAAO,CAAC,CAAC;YAErE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC/C,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;YACrD,MAAM,SAAS,CACb,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EACzB;;;;CAIP,CACM,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,EAAE,OAAO,CAAC,CAAC;YAEtE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACpC,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC5B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mBAAmB,EAAE,KAAK,IAAI,EAAE;YACjC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YAC7C,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,MAAM,SAAS,CACb,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,EAClC;;;;;;CAMP,CACM,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;YAEjD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,oBAAoB,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC1D,MAAM,CAAC,MAAM,EAAE,MAAM,EAAE,gBAAgB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mBAAmB,EAAE,KAAK,IAAI,EAAE;YACjC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;YAC7C,MAAM,KAAK,CAAC,UAAU,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC7C,MAAM,SAAS,CACb,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,EAClC,IAAI,CAAC,SAAS,CAAC;gBACb,SAAS,EAAE,EAAE,aAAa,EAAE,KAAK,EAAE;gBACnC,MAAM,EAAE,EAAE,gBAAgB,EAAE,EAAE,EAAE;aACjC,CAAC,CACH,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,CAAC;YAEjD,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,QAAQ,EAAE,CAAC;YAC9B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;QACtC,EAAE,CAAC,qBAAqB,EAAE,KAAK,IAAI,EAAE;YACnC,MAAM,UAAU,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;YAEzD,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YAE/C,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;YACpD,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YAC3C,MAAM,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;QACxC,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,MAAM,GAAG;gBACb,OAAO,EAAE,IAAI;gBACb,aAAa,EAAE,EAAE;gBACjB,aAAa,EAAE,EAAE;gBACjB,cAAc,EAAE,EAAE;gBAClB,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE;oBACP,YAAY,EAAE,EAAE;oBAChB,eAAe,EAAE,CAAC;oBAClB,cAAc,EAAE,CAAC;oBACjB,mBAAmB,EAAE,CAAC;oBACtB,iBAAiB,EAAE,IAAI;iBACxB;gBACD,KAAK,EAAE;oBACL,cAAc,EAAE,EAAE;oBAClB,kBAAkB,EAAE,GAAG;oBACvB,WAAW,EAAE,EAAE;oBACf,YAAY,EAAE,EAAE;iBACjB;gBACD,QAAQ,EAAE,IAAI;aACf,CAAC;YAEF,MAAM,MAAM,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;YAEhD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,6BAA6B,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;YAC/C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,yBAAyB,CAAC,CAAC;YACpD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,MAAM,GAAG;gBACb,OAAO,EAAE,IAAI;gBACb,aAAa,EAAE,CAAC;gBAChB,aAAa,EAAE,EAAE;gBACjB,cAAc,EAAE;oBACd;wBACE,IAAI,EAAE,oBAA6B;wBACnC,QAAQ,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,EAAE;wBACtC,QAAQ,EAAE,MAAe;wBACzB,WAAW,EAAE,uBAAuB;wBACpC,MAAM,EAAE,WAAW;wBACnB,UAAU,EAAE,mCAAmC;qBAChD;iBACF;gBACD,UAAU,EAAE,EAAE;gBACd,OAAO,EAAE;oBACP,YAAY,EAAE,CAAC;oBACf,eAAe,EAAE,CAAC;oBAClB,cAAc,EAAE,CAAC;oBACjB,mBAAmB,EAAE,CAAC;oBACtB,iBAAiB,EAAE,EAAE;iBACtB;gBACD,KAAK,EAAE;oBACL,cAAc,EAAE,EAAE;oBAClB,kBAAkB,EAAE,EAAE;oBACtB,WAAW,EAAE,EAAE;oBACf,YAAY,EAAE,EAAE;iBACjB;gBACD,QAAQ,EAAE,GAAG;aACd,CAAC;YAEF,MAAM,MAAM,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;YAEhD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;YAC5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.test.d.ts","sourceRoot":"","sources":["../../../../src/__tests__/scanners/dast/index.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,183 @@
|
|
|
1
|
+
import { describe, it, expect } from "vitest";
|
|
2
|
+
import { formatDASTFindings, convertToSARIF, getDASTInstallInstructions, } from "../../../scanners/dast/index.js";
|
|
3
|
+
describe("dast index", () => {
|
|
4
|
+
describe("formatDASTFindings", () => {
|
|
5
|
+
it("returns message for empty findings", () => {
|
|
6
|
+
const result = formatDASTFindings([]);
|
|
7
|
+
expect(result).toBe("No vulnerabilities found.");
|
|
8
|
+
});
|
|
9
|
+
it("formats findings grouped by severity", () => {
|
|
10
|
+
const findings = [
|
|
11
|
+
createMockFinding({ severity: "critical", name: "SQL Injection" }),
|
|
12
|
+
createMockFinding({ severity: "high", name: "XSS" }),
|
|
13
|
+
createMockFinding({ severity: "medium", name: "CSRF" }),
|
|
14
|
+
];
|
|
15
|
+
const result = formatDASTFindings(findings);
|
|
16
|
+
expect(result).toContain("## DAST Scan Results");
|
|
17
|
+
expect(result).toContain("Found 3 unique vulnerabilities");
|
|
18
|
+
expect(result).toContain("### 🔴 CRITICAL (1)");
|
|
19
|
+
expect(result).toContain("### 🟠 HIGH (1)");
|
|
20
|
+
expect(result).toContain("### 🟡 MEDIUM (1)");
|
|
21
|
+
expect(result).toContain("SQL Injection");
|
|
22
|
+
expect(result).toContain("XSS");
|
|
23
|
+
expect(result).toContain("CSRF");
|
|
24
|
+
});
|
|
25
|
+
it("includes CWE IDs when present", () => {
|
|
26
|
+
const findings = [
|
|
27
|
+
createMockFinding({ cweIds: ["CWE-89", "CWE-564"] }),
|
|
28
|
+
];
|
|
29
|
+
const result = formatDASTFindings(findings);
|
|
30
|
+
expect(result).toContain("CWE: CWE-89, CWE-564");
|
|
31
|
+
});
|
|
32
|
+
it("includes truncated solution when present", () => {
|
|
33
|
+
const longSolution = "A".repeat(300);
|
|
34
|
+
const findings = [
|
|
35
|
+
createMockFinding({ solution: longSolution }),
|
|
36
|
+
];
|
|
37
|
+
const result = formatDASTFindings(findings);
|
|
38
|
+
expect(result).toContain("Fix:");
|
|
39
|
+
expect(result).toContain("...");
|
|
40
|
+
expect(result.length).toBeLessThan(longSolution.length + 500);
|
|
41
|
+
});
|
|
42
|
+
it("shows scanner name for each finding", () => {
|
|
43
|
+
const findings = [
|
|
44
|
+
createMockFinding({ scanner: "zap", name: "From ZAP" }),
|
|
45
|
+
createMockFinding({ scanner: "nuclei", name: "From Nuclei" }),
|
|
46
|
+
];
|
|
47
|
+
const result = formatDASTFindings(findings);
|
|
48
|
+
expect(result).toContain("(zap)");
|
|
49
|
+
expect(result).toContain("(nuclei)");
|
|
50
|
+
});
|
|
51
|
+
});
|
|
52
|
+
describe("convertToSARIF", () => {
|
|
53
|
+
it("generates valid SARIF structure", () => {
|
|
54
|
+
const result = createMockAggregatedResult();
|
|
55
|
+
const sarif = convertToSARIF(result);
|
|
56
|
+
expect(sarif.$schema).toContain("sarif-schema-2.1.0");
|
|
57
|
+
expect(sarif.version).toBe("2.1.0");
|
|
58
|
+
expect(sarif.runs).toHaveLength(1);
|
|
59
|
+
expect(sarif.runs[0].tool.driver.name).toBe("Vaspera DAST");
|
|
60
|
+
});
|
|
61
|
+
it("includes rules for each unique finding", () => {
|
|
62
|
+
const result = createMockAggregatedResult([
|
|
63
|
+
createMockFinding({ ruleId: "zap-40012", name: "XSS" }),
|
|
64
|
+
createMockFinding({ ruleId: "nuclei-CVE-2021-44228", name: "Log4j" }),
|
|
65
|
+
]);
|
|
66
|
+
const sarif = convertToSARIF(result);
|
|
67
|
+
const rules = sarif.runs[0].tool.driver.rules;
|
|
68
|
+
expect(rules).toHaveLength(2);
|
|
69
|
+
expect(rules.map((r) => r.id)).toContain("zap-40012");
|
|
70
|
+
expect(rules.map((r) => r.id)).toContain("nuclei-CVE-2021-44228");
|
|
71
|
+
});
|
|
72
|
+
it("deduplicates rules", () => {
|
|
73
|
+
const result = createMockAggregatedResult([
|
|
74
|
+
createMockFinding({ ruleId: "zap-40012", url: "https://a.com" }),
|
|
75
|
+
createMockFinding({ ruleId: "zap-40012", url: "https://b.com" }),
|
|
76
|
+
]);
|
|
77
|
+
const sarif = convertToSARIF(result);
|
|
78
|
+
expect(sarif.runs[0].tool.driver.rules).toHaveLength(1);
|
|
79
|
+
expect(sarif.runs[0].results).toHaveLength(2);
|
|
80
|
+
});
|
|
81
|
+
it("maps severity to SARIF levels", () => {
|
|
82
|
+
const result = createMockAggregatedResult([
|
|
83
|
+
createMockFinding({ severity: "critical", ruleId: "rule-1" }),
|
|
84
|
+
createMockFinding({ severity: "high", ruleId: "rule-2" }),
|
|
85
|
+
createMockFinding({ severity: "medium", ruleId: "rule-3" }),
|
|
86
|
+
createMockFinding({ severity: "low", ruleId: "rule-4" }),
|
|
87
|
+
]);
|
|
88
|
+
const sarif = convertToSARIF(result);
|
|
89
|
+
const results = sarif.runs[0].results;
|
|
90
|
+
const findLevel = (ruleId) => results.find((r) => r.ruleId === ruleId)?.level;
|
|
91
|
+
expect(findLevel("rule-1")).toBe("error");
|
|
92
|
+
expect(findLevel("rule-2")).toBe("error");
|
|
93
|
+
expect(findLevel("rule-3")).toBe("warning");
|
|
94
|
+
expect(findLevel("rule-4")).toBe("note");
|
|
95
|
+
});
|
|
96
|
+
it("includes finding properties", () => {
|
|
97
|
+
const result = createMockAggregatedResult([
|
|
98
|
+
createMockFinding({
|
|
99
|
+
scanner: "zap",
|
|
100
|
+
confidence: 90,
|
|
101
|
+
cweIds: ["CWE-79"],
|
|
102
|
+
cveIds: ["CVE-2021-12345"],
|
|
103
|
+
evidence: "test evidence",
|
|
104
|
+
}),
|
|
105
|
+
]);
|
|
106
|
+
const sarif = convertToSARIF(result);
|
|
107
|
+
const props = sarif.runs[0].results[0].properties;
|
|
108
|
+
expect(props.scanner).toBe("zap");
|
|
109
|
+
expect(props.confidence).toBe(90);
|
|
110
|
+
expect(props.cweIds).toContain("CWE-79");
|
|
111
|
+
expect(props.cveIds).toContain("CVE-2021-12345");
|
|
112
|
+
expect(props.evidence).toBe("test evidence");
|
|
113
|
+
});
|
|
114
|
+
});
|
|
115
|
+
describe("getDASTInstallInstructions", () => {
|
|
116
|
+
it("returns success message when all tools available", () => {
|
|
117
|
+
const availability = [
|
|
118
|
+
{ scanner: "zap", available: true, version: "2.14.0" },
|
|
119
|
+
{ scanner: "nuclei", available: true, version: "3.1.0" },
|
|
120
|
+
];
|
|
121
|
+
const result = getDASTInstallInstructions(availability);
|
|
122
|
+
expect(result).toBe("All DAST tools are installed and available.");
|
|
123
|
+
});
|
|
124
|
+
it("returns ZAP instructions when ZAP unavailable", () => {
|
|
125
|
+
const availability = [
|
|
126
|
+
{ scanner: "zap", available: false, error: "Not found" },
|
|
127
|
+
{ scanner: "nuclei", available: true, version: "3.1.0" },
|
|
128
|
+
];
|
|
129
|
+
const result = getDASTInstallInstructions(availability);
|
|
130
|
+
expect(result).toContain("OWASP ZAP");
|
|
131
|
+
expect(result).toContain("docker pull owasp/zap2docker-stable");
|
|
132
|
+
});
|
|
133
|
+
it("returns Nuclei instructions when Nuclei unavailable", () => {
|
|
134
|
+
const availability = [
|
|
135
|
+
{ scanner: "zap", available: true, version: "2.14.0" },
|
|
136
|
+
{ scanner: "nuclei", available: false, error: "Not found" },
|
|
137
|
+
];
|
|
138
|
+
const result = getDASTInstallInstructions(availability);
|
|
139
|
+
expect(result).toContain("Nuclei");
|
|
140
|
+
expect(result).toContain("go install");
|
|
141
|
+
});
|
|
142
|
+
it("returns both instructions when both unavailable", () => {
|
|
143
|
+
const availability = [
|
|
144
|
+
{ scanner: "zap", available: false, error: "Not found" },
|
|
145
|
+
{ scanner: "nuclei", available: false, error: "Not found" },
|
|
146
|
+
];
|
|
147
|
+
const result = getDASTInstallInstructions(availability);
|
|
148
|
+
expect(result).toContain("OWASP ZAP");
|
|
149
|
+
expect(result).toContain("Nuclei");
|
|
150
|
+
expect(result).toContain("docker pull owasp/zap2docker-stable");
|
|
151
|
+
expect(result).toContain("go install");
|
|
152
|
+
});
|
|
153
|
+
});
|
|
154
|
+
});
|
|
155
|
+
function createMockFinding(overrides = {}) {
|
|
156
|
+
return {
|
|
157
|
+
scanner: "zap",
|
|
158
|
+
ruleId: "zap-test",
|
|
159
|
+
name: "Test Finding",
|
|
160
|
+
description: "Test description",
|
|
161
|
+
severity: "medium",
|
|
162
|
+
confidence: 80,
|
|
163
|
+
url: "https://example.com/test",
|
|
164
|
+
timestamp: new Date().toISOString(),
|
|
165
|
+
...overrides,
|
|
166
|
+
};
|
|
167
|
+
}
|
|
168
|
+
function createMockAggregatedResult(findings = [createMockFinding()]) {
|
|
169
|
+
const target = { url: "https://example.com" };
|
|
170
|
+
return {
|
|
171
|
+
timestamp: new Date().toISOString(),
|
|
172
|
+
target,
|
|
173
|
+
scanners: [],
|
|
174
|
+
totalFindings: findings.length,
|
|
175
|
+
uniqueFindings: findings,
|
|
176
|
+
bySeverity: {},
|
|
177
|
+
byScanner: { zap: 0, nuclei: 0 },
|
|
178
|
+
totalDuration: 1000,
|
|
179
|
+
allSucceeded: true,
|
|
180
|
+
failedScanners: [],
|
|
181
|
+
};
|
|
182
|
+
}
|
|
183
|
+
//# sourceMappingURL=index.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"index.test.js","sourceRoot":"","sources":["../../../../src/__tests__/scanners/dast/index.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,kBAAkB,EAClB,cAAc,EACd,0BAA0B,GAC3B,MAAM,iCAAiC,CAAC;AAQzC,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;IAC1B,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,MAAM,GAAG,kBAAkB,CAAC,EAAE,CAAC,CAAC;YACtC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,QAAQ,GAAkB;gBAC9B,iBAAiB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,eAAe,EAAE,CAAC;gBAClE,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;gBACpD,iBAAiB,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;aACxD,CAAC;YAEF,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAE5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;YACjD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gCAAgC,CAAC,CAAC;YAC3D,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,qBAAqB,CAAC,CAAC;YAChD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,iBAAiB,CAAC,CAAC;YAC5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,mBAAmB,CAAC,CAAC;YAC9C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,eAAe,CAAC,CAAC;YAC1C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,QAAQ,GAAkB;gBAC9B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC,QAAQ,EAAE,SAAS,CAAC,EAAE,CAAC;aACrD,CAAC;YAEF,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAE5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACrC,MAAM,QAAQ,GAAkB;gBAC9B,iBAAiB,CAAC,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC;aAC9C,CAAC;YAEF,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAE5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;YACjC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YAChC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,YAAY,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,QAAQ,GAAkB;gBAC9B,iBAAiB,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC;gBACvD,iBAAiB,CAAC,EAAE,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,aAAa,EAAE,CAAC;aAC9D,CAAC;YAEF,MAAM,MAAM,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAE5C,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YAClC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,MAAM,GAAG,0BAA0B,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAOlC,CAAC;YAEF,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;YACtD,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACpC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACnC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,MAAM,MAAM,GAAG,0BAA0B,CAAC;gBACxC,iBAAiB,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,KAAK,EAAE,CAAC;gBACvD,iBAAiB,CAAC,EAAE,MAAM,EAAE,uBAAuB,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;aACtE,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAElC,CAAC;YACF,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;YAE9C,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YAC9B,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YACtD,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC,uBAAuB,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;YAC5B,MAAM,MAAM,GAAG,0BAA0B,CAAC;gBACxC,iBAAiB,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC;gBAChE,iBAAiB,CAAC,EAAE,MAAM,EAAE,WAAW,EAAE,GAAG,EAAE,eAAe,EAAE,CAAC;aACjE,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAKlC,CAAC;YAEF,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACxD,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE;YACvC,MAAM,MAAM,GAAG,0BAA0B,CAAC;gBACxC,iBAAiB,CAAC,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;gBAC7D,iBAAiB,CAAC,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;gBACzD,iBAAiB,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;gBAC3D,iBAAiB,CAAC,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC;aACzD,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAElC,CAAC;YACF,MAAM,OAAO,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;YAEtC,MAAM,SAAS,GAAG,CAAC,MAAc,EAAE,EAAE,CACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC;YAElD,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5C,MAAM,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,MAAM,GAAG,0BAA0B,CAAC;gBACxC,iBAAiB,CAAC;oBAChB,OAAO,EAAE,KAAK;oBACd,UAAU,EAAE,EAAE;oBACd,MAAM,EAAE,CAAC,QAAQ,CAAC;oBAClB,MAAM,EAAE,CAAC,gBAAgB,CAAC;oBAC1B,QAAQ,EAAE,eAAe;iBAC1B,CAAC;aACH,CAAC,CAAC;YAEH,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAYlC,CAAC;YACF,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;YAElD,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAClC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAClC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YACzC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YACjD,MAAM,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,4BAA4B,EAAE,GAAG,EAAE;QAC1C,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;YAC1D,MAAM,YAAY,GAAuB;gBACvC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE;gBACtD,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE;aACzD,CAAC;YAEF,MAAM,MAAM,GAAG,0BAA0B,CAAC,YAAY,CAAC,CAAC;YAExD,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,YAAY,GAAuB;gBACvC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE;gBACxD,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE;aACzD,CAAC;YAEF,MAAM,MAAM,GAAG,0BAA0B,CAAC,YAAY,CAAC,CAAC;YAExD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YACtC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,qCAAqC,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;YAC7D,MAAM,YAAY,GAAuB;gBACvC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE;gBACtD,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE;aAC5D,CAAC;YAEF,MAAM,MAAM,GAAG,0BAA0B,CAAC,YAAY,CAAC,CAAC;YAExD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,MAAM,YAAY,GAAuB;gBACvC,EAAE,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE;gBACxD,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,WAAW,EAAE;aAC5D,CAAC;YAEF,MAAM,MAAM,GAAG,0BAA0B,CAAC,YAAY,CAAC,CAAC;YAExD,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;YACtC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YACnC,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,qCAAqC,CAAC,CAAC;YAChE,MAAM,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACzC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,SAAS,iBAAiB,CAAC,YAAkC,EAAE;IAC7D,OAAO;QACL,OAAO,EAAE,KAAK;QACd,MAAM,EAAE,UAAU;QAClB,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,kBAAkB;QAC/B,QAAQ,EAAE,QAAQ;QAClB,UAAU,EAAE,EAAE;QACd,GAAG,EAAE,0BAA0B;QAC/B,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CACjC,WAA0B,CAAC,iBAAiB,EAAE,CAAC;IAE/C,MAAM,MAAM,GAAe,EAAE,GAAG,EAAE,qBAAqB,EAAE,CAAC;IAE1D,OAAO;QACL,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,MAAM;QACN,QAAQ,EAAE,EAAE;QACZ,aAAa,EAAE,QAAQ,CAAC,MAAM;QAC9B,cAAc,EAAE,QAAQ;QACxB,UAAU,EAAE,EAAE;QACd,SAAS,EAAE,EAAE,GAAG,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE;QAChC,aAAa,EAAE,IAAI;QACnB,YAAY,EAAE,IAAI;QAClB,cAAc,EAAE,EAAE;KACnB,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nuclei.test.d.ts","sourceRoot":"","sources":["../../../../src/__tests__/scanners/dast/nuclei.test.ts"],"names":[],"mappings":""}
|
|
@@ -0,0 +1,166 @@
|
|
|
1
|
+
import { describe, it, expect } from "vitest";
|
|
2
|
+
import { parseNucleiResult } from "../../../scanners/dast/nuclei.js";
|
|
3
|
+
describe("nuclei scanner", () => {
|
|
4
|
+
describe("parseNucleiResult", () => {
|
|
5
|
+
it("parses Nuclei result to DASTFinding", () => {
|
|
6
|
+
const result = {
|
|
7
|
+
template: "cves/2021/CVE-2021-44228.yaml",
|
|
8
|
+
"template-url": "https://github.com/projectdiscovery/nuclei-templates/blob/main/cves/2021/CVE-2021-44228.yaml",
|
|
9
|
+
"template-id": "CVE-2021-44228",
|
|
10
|
+
"template-path": "/path/to/templates/cves/2021/CVE-2021-44228.yaml",
|
|
11
|
+
info: {
|
|
12
|
+
name: "Apache Log4j RCE",
|
|
13
|
+
author: ["pdteam"],
|
|
14
|
+
tags: ["cve", "cve2021", "rce", "log4j", "apache"],
|
|
15
|
+
description: "Apache Log4j2 <=2.14.1 JNDI features...",
|
|
16
|
+
reference: [
|
|
17
|
+
"https://nvd.nist.gov/vuln/detail/CVE-2021-44228",
|
|
18
|
+
"https://logging.apache.org/log4j/2.x/security.html",
|
|
19
|
+
],
|
|
20
|
+
severity: "critical",
|
|
21
|
+
metadata: { "max-request": 1 },
|
|
22
|
+
classification: {
|
|
23
|
+
"cve-id": ["CVE-2021-44228"],
|
|
24
|
+
"cwe-id": ["CWE-502", "CWE-400"],
|
|
25
|
+
},
|
|
26
|
+
},
|
|
27
|
+
type: "http",
|
|
28
|
+
host: "https://vulnerable-app.com",
|
|
29
|
+
matched: "https://vulnerable-app.com/api/log",
|
|
30
|
+
"extracted-results": ["${jndi:ldap://...}"],
|
|
31
|
+
ip: "192.168.1.1",
|
|
32
|
+
timestamp: "2024-01-15T10:30:00Z",
|
|
33
|
+
matcher: "regex",
|
|
34
|
+
"curl-command": "curl -X POST ...",
|
|
35
|
+
request: "POST /api/log HTTP/1.1\n...",
|
|
36
|
+
response: "HTTP/1.1 200 OK\n...",
|
|
37
|
+
};
|
|
38
|
+
const finding = parseNucleiResult(result);
|
|
39
|
+
expect(finding.scanner).toBe("nuclei");
|
|
40
|
+
expect(finding.ruleId).toBe("nuclei-CVE-2021-44228");
|
|
41
|
+
expect(finding.name).toBe("Apache Log4j RCE");
|
|
42
|
+
expect(finding.severity).toBe("critical");
|
|
43
|
+
expect(finding.confidence).toBe(95);
|
|
44
|
+
expect(finding.url).toBe("https://vulnerable-app.com/api/log");
|
|
45
|
+
expect(finding.cweIds).toContain("CWE-502");
|
|
46
|
+
expect(finding.cweIds).toContain("CWE-400");
|
|
47
|
+
expect(finding.cveIds).toContain("CVE-2021-44228");
|
|
48
|
+
expect(finding.tags).toContain("cve");
|
|
49
|
+
expect(finding.tags).toContain("log4j");
|
|
50
|
+
expect(finding.evidence).toBe("${jndi:ldap://...}");
|
|
51
|
+
expect(finding.references).toContain("https://nvd.nist.gov/vuln/detail/CVE-2021-44228");
|
|
52
|
+
expect(finding.references).toContain("https://github.com/projectdiscovery/nuclei-templates/blob/main/cves/2021/CVE-2021-44228.yaml");
|
|
53
|
+
});
|
|
54
|
+
it("maps Nuclei severity levels correctly", () => {
|
|
55
|
+
const severities = ["critical", "high", "medium", "low", "info", "unknown"];
|
|
56
|
+
const expected = ["critical", "high", "medium", "low", "info", "info"];
|
|
57
|
+
for (let i = 0; i < severities.length; i++) {
|
|
58
|
+
const result = createMockNucleiResult({ severity: severities[i] });
|
|
59
|
+
const finding = parseNucleiResult(result);
|
|
60
|
+
expect(finding.severity).toBe(expected[i]);
|
|
61
|
+
}
|
|
62
|
+
});
|
|
63
|
+
it("assigns confidence based on severity", () => {
|
|
64
|
+
const testCases = [
|
|
65
|
+
{ severity: "critical", expectedConfidence: 95 },
|
|
66
|
+
{ severity: "high", expectedConfidence: 90 },
|
|
67
|
+
{ severity: "medium", expectedConfidence: 80 },
|
|
68
|
+
{ severity: "low", expectedConfidence: 70 },
|
|
69
|
+
{ severity: "info", expectedConfidence: 60 },
|
|
70
|
+
];
|
|
71
|
+
for (const { severity, expectedConfidence } of testCases) {
|
|
72
|
+
const result = createMockNucleiResult({ severity });
|
|
73
|
+
const finding = parseNucleiResult(result);
|
|
74
|
+
expect(finding.confidence).toBe(expectedConfidence);
|
|
75
|
+
}
|
|
76
|
+
});
|
|
77
|
+
it("handles results without optional fields", () => {
|
|
78
|
+
const result = {
|
|
79
|
+
template: "http/misconfiguration/debug-enabled.yaml",
|
|
80
|
+
"template-id": "debug-enabled",
|
|
81
|
+
info: {
|
|
82
|
+
name: "Debug Mode Enabled",
|
|
83
|
+
author: ["tester"],
|
|
84
|
+
tags: ["misconfiguration"],
|
|
85
|
+
severity: "medium",
|
|
86
|
+
},
|
|
87
|
+
type: "http",
|
|
88
|
+
host: "https://example.com",
|
|
89
|
+
matched: "https://example.com/debug",
|
|
90
|
+
timestamp: "2024-01-15T10:30:00Z",
|
|
91
|
+
};
|
|
92
|
+
const finding = parseNucleiResult(result);
|
|
93
|
+
expect(finding.scanner).toBe("nuclei");
|
|
94
|
+
expect(finding.ruleId).toBe("nuclei-debug-enabled");
|
|
95
|
+
expect(finding.description).toBe("Debug Mode Enabled detected");
|
|
96
|
+
expect(finding.cweIds).toBeUndefined();
|
|
97
|
+
expect(finding.cveIds).toBeUndefined();
|
|
98
|
+
expect(finding.evidence).toBeUndefined();
|
|
99
|
+
});
|
|
100
|
+
it("extracts HTTP method from request", () => {
|
|
101
|
+
const postResult = createMockNucleiResult({ request: "POST /api/data HTTP/1.1\nHost: example.com" });
|
|
102
|
+
const getResult = createMockNucleiResult({ request: "GET /api/data HTTP/1.1\nHost: example.com" });
|
|
103
|
+
const putResult = createMockNucleiResult({ request: "PUT /api/data HTTP/1.1\nHost: example.com" });
|
|
104
|
+
expect(parseNucleiResult(postResult).method).toBe("POST");
|
|
105
|
+
expect(parseNucleiResult(getResult).method).toBe("GET");
|
|
106
|
+
expect(parseNucleiResult(putResult).method).toBe("PUT");
|
|
107
|
+
});
|
|
108
|
+
it("uses host as url fallback when matched is not present", () => {
|
|
109
|
+
const result = {
|
|
110
|
+
template: "test.yaml",
|
|
111
|
+
"template-id": "test",
|
|
112
|
+
info: {
|
|
113
|
+
name: "Test",
|
|
114
|
+
author: ["tester"],
|
|
115
|
+
tags: [],
|
|
116
|
+
severity: "info",
|
|
117
|
+
},
|
|
118
|
+
type: "http",
|
|
119
|
+
host: "https://example.com",
|
|
120
|
+
matched: "",
|
|
121
|
+
timestamp: "2024-01-15T10:30:00Z",
|
|
122
|
+
};
|
|
123
|
+
const finding = parseNucleiResult(result);
|
|
124
|
+
expect(finding.url).toBe("https://example.com");
|
|
125
|
+
});
|
|
126
|
+
it("formats CWE IDs with prefix", () => {
|
|
127
|
+
const result = createMockNucleiResult({
|
|
128
|
+
classification: {
|
|
129
|
+
"cwe-id": ["79", "CWE-89"],
|
|
130
|
+
},
|
|
131
|
+
});
|
|
132
|
+
const finding = parseNucleiResult(result);
|
|
133
|
+
expect(finding.cweIds).toContain("CWE-79");
|
|
134
|
+
expect(finding.cweIds).toContain("CWE-89");
|
|
135
|
+
});
|
|
136
|
+
it("joins multiple extracted results as evidence", () => {
|
|
137
|
+
const result = createMockNucleiResult({
|
|
138
|
+
"extracted-results": ["result1", "result2", "result3"],
|
|
139
|
+
});
|
|
140
|
+
const finding = parseNucleiResult(result);
|
|
141
|
+
expect(finding.evidence).toBe("result1\nresult2\nresult3");
|
|
142
|
+
});
|
|
143
|
+
});
|
|
144
|
+
});
|
|
145
|
+
function createMockNucleiResult(overrides = {}) {
|
|
146
|
+
const { severity, classification, request, "extracted-results": extractedResults, ...rest } = overrides;
|
|
147
|
+
return {
|
|
148
|
+
template: "test/template.yaml",
|
|
149
|
+
"template-id": "test-template",
|
|
150
|
+
info: {
|
|
151
|
+
name: "Test Template",
|
|
152
|
+
author: ["tester"],
|
|
153
|
+
tags: ["test"],
|
|
154
|
+
severity: severity || "medium",
|
|
155
|
+
classification: classification,
|
|
156
|
+
},
|
|
157
|
+
type: "http",
|
|
158
|
+
host: "https://test.example.com",
|
|
159
|
+
matched: "https://test.example.com/path",
|
|
160
|
+
timestamp: "2024-01-15T10:30:00Z",
|
|
161
|
+
request: request,
|
|
162
|
+
"extracted-results": extractedResults,
|
|
163
|
+
...rest,
|
|
164
|
+
};
|
|
165
|
+
}
|
|
166
|
+
//# sourceMappingURL=nuclei.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"nuclei.test.js","sourceRoot":"","sources":["../../../../src/__tests__/scanners/dast/nuclei.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAGrE,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,MAAM,GAAiB;gBAC3B,QAAQ,EAAE,+BAA+B;gBACzC,cAAc,EAAE,8FAA8F;gBAC9G,aAAa,EAAE,gBAAgB;gBAC/B,eAAe,EAAE,kDAAkD;gBACnE,IAAI,EAAE;oBACJ,IAAI,EAAE,kBAAkB;oBACxB,MAAM,EAAE,CAAC,QAAQ,CAAC;oBAClB,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC;oBAClD,WAAW,EAAE,yCAAyC;oBACtD,SAAS,EAAE;wBACT,iDAAiD;wBACjD,oDAAoD;qBACrD;oBACD,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,EAAE,aAAa,EAAE,CAAC,EAAE;oBAC9B,cAAc,EAAE;wBACd,QAAQ,EAAE,CAAC,gBAAgB,CAAC;wBAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;qBACjC;iBACF;gBACD,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,4BAA4B;gBAClC,OAAO,EAAE,oCAAoC;gBAC7C,mBAAmB,EAAE,CAAC,oBAAoB,CAAC;gBAC3C,EAAE,EAAE,aAAa;gBACjB,SAAS,EAAE,sBAAsB;gBACjC,OAAO,EAAE,OAAO;gBAChB,cAAc,EAAE,kBAAkB;gBAClC,OAAO,EAAE,6BAA6B;gBACtC,QAAQ,EAAE,sBAAsB;aACjC,CAAC;YAEF,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAE1C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;YACrD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YAC9C,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC1C,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACpC,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;YAC/D,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC;YAC5C,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;YACnD,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC;YACtC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;YACxC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACpD,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,iDAAiD,CAAC,CAAC;YACxF,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,8FAA8F,CAAC,CAAC;QACvI,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,UAAU,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,SAAS,CAAC,CAAC;YAC5E,MAAM,QAAQ,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;YAEvE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,MAAM,GAAG,sBAAsB,CAAC,EAAE,QAAQ,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACnE,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;gBAC1C,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YAC7C,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,SAAS,GAAG;gBAChB,EAAE,QAAQ,EAAE,UAAU,EAAE,kBAAkB,EAAE,EAAE,EAAE;gBAChD,EAAE,QAAQ,EAAE,MAAM,EAAE,kBAAkB,EAAE,EAAE,EAAE;gBAC5C,EAAE,QAAQ,EAAE,QAAQ,EAAE,kBAAkB,EAAE,EAAE,EAAE;gBAC9C,EAAE,QAAQ,EAAE,KAAK,EAAE,kBAAkB,EAAE,EAAE,EAAE;gBAC3C,EAAE,QAAQ,EAAE,MAAM,EAAE,kBAAkB,EAAE,EAAE,EAAE;aAC7C,CAAC;YAEF,KAAK,MAAM,EAAE,QAAQ,EAAE,kBAAkB,EAAE,IAAI,SAAS,EAAE,CAAC;gBACzD,MAAM,MAAM,GAAG,sBAAsB,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC;gBACpD,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;gBAC1C,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;YACtD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,MAAM,GAAiB;gBAC3B,QAAQ,EAAE,0CAA0C;gBACpD,aAAa,EAAE,eAAe;gBAC9B,IAAI,EAAE;oBACJ,IAAI,EAAE,oBAAoB;oBAC1B,MAAM,EAAE,CAAC,QAAQ,CAAC;oBAClB,IAAI,EAAE,CAAC,kBAAkB,CAAC;oBAC1B,QAAQ,EAAE,QAAQ;iBACnB;gBACD,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,2BAA2B;gBACpC,SAAS,EAAE,sBAAsB;aAClC,CAAC;YAEF,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAE1C,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;YACpD,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;YAChE,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC;YACvC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,aAAa,EAAE,CAAC;QAC3C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,UAAU,GAAG,sBAAsB,CAAC,EAAE,OAAO,EAAE,4CAA4C,EAAE,CAAC,CAAC;YACrG,MAAM,SAAS,GAAG,sBAAsB,CAAC,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC,CAAC;YACnG,MAAM,SAAS,GAAG,sBAAsB,CAAC,EAAE,OAAO,EAAE,2CAA2C,EAAE,CAAC,CAAC;YAEnG,MAAM,CAAC,iBAAiB,CAAC,UAAU,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC1D,MAAM,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YACxD,MAAM,CAAC,iBAAiB,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;YAC/D,MAAM,MAAM,GAAiB;gBAC3B,QAAQ,EAAE,WAAW;gBACrB,aAAa,EAAE,MAAM;gBACrB,IAAI,EAAE;oBACJ,IAAI,EAAE,MAAM;oBACZ,MAAM,EAAE,CAAC,QAAQ,CAAC;oBAClB,IAAI,EAAE,EAAE;oBACR,QAAQ,EAAE,MAAM;iBACjB;gBACD,IAAI,EAAE,MAAM;gBACZ,IAAI,EAAE,qBAAqB;gBAC3B,OAAO,EAAE,EAAE;gBACX,SAAS,EAAE,sBAAsB;aAClC,CAAC;YAEF,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAC1C,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,MAAM,GAAG,sBAAsB,CAAC;gBACpC,cAAc,EAAE;oBACd,QAAQ,EAAE,CAAC,IAAI,EAAE,QAAQ,CAAC;iBAC3B;aACF,CAAC,CAAC;YAEH,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAE1C,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;YAC3C,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,MAAM,GAAG,sBAAsB,CAAC;gBACpC,mBAAmB,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC;aACvD,CAAC,CAAC;YAEH,MAAM,OAAO,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;YAE1C,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QAC7D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,SAAS,sBAAsB,CAAC,YAK5B,EAAE;IACJ,MAAM,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,mBAAmB,EAAE,gBAAgB,EAAE,GAAG,IAAI,EAAE,GAAG,SAAS,CAAC;IAExG,OAAO;QACL,QAAQ,EAAE,oBAAoB;QAC9B,aAAa,EAAE,eAAe;QAC9B,IAAI,EAAE;YACJ,IAAI,EAAE,eAAe;YACrB,MAAM,EAAE,CAAC,QAAQ,CAAC;YAClB,IAAI,EAAE,CAAC,MAAM,CAAC;YACd,QAAQ,EAAE,QAAQ,IAAI,QAAQ;YAC9B,cAAc,EAAE,cAAc;SAC/B;QACD,IAAI,EAAE,MAAM;QACZ,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,+BAA+B;QACxC,SAAS,EAAE,sBAAsB;QACjC,OAAO,EAAE,OAAO;QAChB,mBAAmB,EAAE,gBAAgB;QACrC,GAAG,IAAI;KACR,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"zap.test.d.ts","sourceRoot":"","sources":["../../../../src/__tests__/scanners/dast/zap.test.ts"],"names":[],"mappings":""}
|