verification-layer 0.24.1 → 0.24.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/config.d.ts.map +1 -1
- package/dist/config.js +27 -0
- package/dist/config.js.map +1 -1
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/scan-code.d.ts +12 -0
- package/dist/scan-code.d.ts.map +1 -0
- package/dist/scan-code.js +34 -0
- package/dist/scan-code.js.map +1 -0
- package/dist/scanners/encryption/index.d.ts.map +1 -1
- package/dist/scanners/encryption/index.js +21 -0
- package/dist/scanners/encryption/index.js.map +1 -1
- package/dist/scanners/hipaa2026/index.js +2 -2
- package/package.json +5 -3
package/dist/config.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,QAAA,MAAM,cAAc,EAAE,
|
|
1
|
+
{"version":3,"file":"config.d.ts","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,QAAA,MAAM,cAAc,EAAE,YAiErB,CAAC;AAEF,wBAAsB,UAAU,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,YAAY,CAAC,CAmB/F;AAED,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,GAAG,OAAO,CAU7E;AAED,wBAAgB,aAAa,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,YAAY,GAAG,OAAO,CAGxE;AAED,OAAO,EAAE,cAAc,EAAE,CAAC"}
|
package/dist/config.js
CHANGED
|
@@ -30,6 +30,33 @@ const DEFAULT_CONFIG = {
|
|
|
30
30
|
'schema.org',
|
|
31
31
|
'ogp.me',
|
|
32
32
|
'rdfs.org',
|
|
33
|
+
// Healthcare standards
|
|
34
|
+
'hl7.org',
|
|
35
|
+
'www.hl7.org',
|
|
36
|
+
'fhir.org',
|
|
37
|
+
'terminology.hl7.org',
|
|
38
|
+
'loinc.org',
|
|
39
|
+
'snomed.info',
|
|
40
|
+
'icd.who.int',
|
|
41
|
+
'unitsofmeasure.org',
|
|
42
|
+
'nucc.org',
|
|
43
|
+
'ada.org',
|
|
44
|
+
'x12.org',
|
|
45
|
+
// Tooling / package registries
|
|
46
|
+
'opensource.org',
|
|
47
|
+
'creativecommons.org',
|
|
48
|
+
'spdx.org',
|
|
49
|
+
'json-schema.org',
|
|
50
|
+
'yaml.org',
|
|
51
|
+
'xml.org',
|
|
52
|
+
'maven.apache.org',
|
|
53
|
+
'www.apache.org',
|
|
54
|
+
'registry.npmjs.org',
|
|
55
|
+
'pypi.org',
|
|
56
|
+
'rubygems.org',
|
|
57
|
+
'crates.io',
|
|
58
|
+
'pkg.go.dev',
|
|
59
|
+
'mvnrepository.com',
|
|
33
60
|
// Documentation
|
|
34
61
|
'example.com',
|
|
35
62
|
'example.org',
|
package/dist/config.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,MAAM,cAAc,GAAiB;IACnC,OAAO,EAAE,EAAE;IACX,WAAW,EAAE,EAAE;IACf,eAAe,EAAE;QACf,iBAAiB;QACjB,YAAY;QACZ,QAAQ;QACR,WAAW;QACX,UAAU;QACV,cAAc;QACd,OAAO;QACP,sBAAsB;QACtB,WAAW;QACX,cAAc;QACd,kBAAkB;QAClB,gBAAgB;QAChB,sBAAsB;QACtB,qBAAqB;QACrB,aAAa;QACb,mBAAmB;QACnB,gBAAgB;QAChB,kBAAkB;QAClB,yBAAyB;QACzB,4BAA4B;QAC5B,iBAAiB;QACjB,qBAAqB;QACrB,mBAAmB;QACnB,YAAY;QACZ,QAAQ;QACR,UAAU;QACV,gBAAgB;QAChB,aAAa;QACb,aAAa;QACb,WAAW;QACX,WAAW;KACZ;IACD,YAAY,EAAE,CAAC;IACf,UAAU,EAAE,SAAS;CACtB,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,UAAkB,EAAE,UAAmB;IACtE,MAAM,UAAU,GAAG,UAAU,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;IAEzE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACpD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA0B,CAAC;QAEhE,OAAO;YACL,GAAG,cAAc;YACjB,GAAG,UAAU;YACb,oCAAoC;YACpC,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;YAC3E,WAAW,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACvF,eAAe,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;SACpG,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,qCAAqC;QACrC,OAAO,cAAc,CAAC;IACxB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,QAAgB,EAAE,MAAoB;IAClE,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;IAC7C,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAChC,uBAAuB;QACvB,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;YACvD,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAW,EAAE,MAAoB;IAC7D,MAAM,WAAW,GAAG,MAAM,CAAC,eAAe,IAAI,EAAE,CAAC;IACjD,OAAO,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;AAC1D,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,CAAC"}
|
|
1
|
+
{"version":3,"file":"config.js","sourceRoot":"","sources":["../src/config.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,IAAI,MAAM,MAAM,CAAC;AAGxB,MAAM,cAAc,GAAiB;IACnC,OAAO,EAAE,EAAE;IACX,WAAW,EAAE,EAAE;IACf,eAAe,EAAE;QACf,iBAAiB;QACjB,YAAY;QACZ,QAAQ;QACR,WAAW;QACX,UAAU;QACV,cAAc;QACd,OAAO;QACP,sBAAsB;QACtB,WAAW;QACX,cAAc;QACd,kBAAkB;QAClB,gBAAgB;QAChB,sBAAsB;QACtB,qBAAqB;QACrB,aAAa;QACb,mBAAmB;QACnB,gBAAgB;QAChB,kBAAkB;QAClB,yBAAyB;QACzB,4BAA4B;QAC5B,iBAAiB;QACjB,qBAAqB;QACrB,mBAAmB;QACnB,YAAY;QACZ,QAAQ;QACR,UAAU;QACV,uBAAuB;QACvB,SAAS;QACT,aAAa;QACb,UAAU;QACV,qBAAqB;QACrB,WAAW;QACX,aAAa;QACb,aAAa;QACb,oBAAoB;QACpB,UAAU;QACV,SAAS;QACT,SAAS;QACT,+BAA+B;QAC/B,gBAAgB;QAChB,qBAAqB;QACrB,UAAU;QACV,iBAAiB;QACjB,UAAU;QACV,SAAS;QACT,kBAAkB;QAClB,gBAAgB;QAChB,oBAAoB;QACpB,UAAU;QACV,cAAc;QACd,WAAW;QACX,YAAY;QACZ,mBAAmB;QACnB,gBAAgB;QAChB,aAAa;QACb,aAAa;QACb,WAAW;QACX,WAAW;KACZ;IACD,YAAY,EAAE,CAAC;IACf,UAAU,EAAE,SAAS;CACtB,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,UAAkB,EAAE,UAAmB;IACtE,MAAM,UAAU,GAAG,UAAU,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,gBAAgB,CAAC,CAAC;IAEzE,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACpD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA0B,CAAC;QAEhE,OAAO;YACL,GAAG,cAAc;YACjB,GAAG,UAAU;YACb,oCAAoC;YACpC,OAAO,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,OAAO,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;YAC3E,WAAW,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,WAAW,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACvF,eAAe,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,eAAe,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,UAAU,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC;SACpG,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,qCAAqC;QACrC,OAAO,cAAc,CAAC;IACxB,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,QAAgB,EAAE,MAAoB;IAClE,MAAM,WAAW,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;IAC7C,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE;QAChC,uBAAuB;QACvB,IAAI,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;YACvD,OAAO,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,GAAW,EAAE,MAAoB;IAC7D,MAAM,WAAW,GAAG,MAAM,CAAC,eAAe,IAAI,EAAE,CAAC;IACjD,OAAO,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;AAC1D,CAAC;AAED,OAAO,EAAE,cAAc,EAAE,CAAC"}
|
package/dist/index.d.ts
CHANGED
|
@@ -8,4 +8,6 @@ export { calculateComplianceScore, formatScore, getScoreColor, getScoreSummary }
|
|
|
8
8
|
export type { Finding, ScanResult, ScanOptions, Report, ReportOptions, Scanner, Severity, ComplianceCategory, Confidence, VlayerConfig, AcknowledgedFinding, ContextLine, CompiledCustomRule, CustomRuleFix, ComplianceScore, GroupedFinding, Occurrence, } from './types.js';
|
|
9
9
|
export type { LoadRulesResult, RuleLoadError, CustomRuleDefinition, RulesFile } from './rules/index.js';
|
|
10
10
|
export type { Baseline, BaselineEntry } from './baseline.js';
|
|
11
|
+
export { scanCode } from './scan-code.js';
|
|
12
|
+
export type { CodeInput, ScanCodeOptions } from './scan-code.js';
|
|
11
13
|
//# sourceMappingURL=index.d.ts.map
|
package/dist/index.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjF,OAAO,EAAE,wBAAwB,EAAE,WAAW,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC9G,YAAY,EACV,OAAO,EACP,UAAU,EACV,WAAW,EACX,MAAM,EACN,aAAa,EACb,OAAO,EACP,QAAQ,EACR,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,mBAAmB,EACnB,WAAW,EACX,kBAAkB,EAClB,aAAa,EACb,eAAe,EACf,cAAc,EACd,UAAU,GACX,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,eAAe,EAAE,aAAa,EAAE,oBAAoB,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACxG,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjF,OAAO,EAAE,wBAAwB,EAAE,WAAW,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAC9G,YAAY,EACV,OAAO,EACP,UAAU,EACV,WAAW,EACX,MAAM,EACN,aAAa,EACb,OAAO,EACP,QAAQ,EACR,kBAAkB,EAClB,UAAU,EACV,YAAY,EACZ,mBAAmB,EACnB,WAAW,EACX,kBAAkB,EAClB,aAAa,EACb,eAAe,EACf,cAAc,EACd,UAAU,GACX,MAAM,YAAY,CAAC;AACpB,YAAY,EAAE,eAAe,EAAE,aAAa,EAAE,oBAAoB,EAAE,SAAS,EAAE,MAAM,kBAAkB,CAAC;AACxG,YAAY,EAAE,QAAQ,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC7D,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,YAAY,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -5,4 +5,5 @@ export { loadBaseline, saveBaseline, applyBaseline, generateFindingHash } from '
|
|
|
5
5
|
export { checkInlineSuppression, applyInlineSuppressions } from './suppression.js';
|
|
6
6
|
export { checkAcknowledgment, applyAcknowledgments } from './acknowledgments.js';
|
|
7
7
|
export { calculateComplianceScore, formatScore, getScoreColor, getScoreSummary } from './compliance-score.js';
|
|
8
|
+
export { scanCode } from './scan-code.js';
|
|
8
9
|
//# sourceMappingURL=index.js.map
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjF,OAAO,EAAE,wBAAwB,EAAE,WAAW,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,MAAM,WAAW,CAAC;AAChD,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AAC3F,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAC/F,OAAO,EAAE,sBAAsB,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AACnF,OAAO,EAAE,mBAAmB,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AACjF,OAAO,EAAE,wBAAwB,EAAE,WAAW,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,uBAAuB,CAAC;AAsB9G,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC"}
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
import type { ScanResult, ScanOptions } from './types.js';
|
|
2
|
+
export interface CodeInput {
|
|
3
|
+
filename: string;
|
|
4
|
+
content: string;
|
|
5
|
+
}
|
|
6
|
+
export interface ScanCodeOptions {
|
|
7
|
+
files: CodeInput[];
|
|
8
|
+
categories?: ScanOptions['categories'];
|
|
9
|
+
minConfidence?: ScanOptions['minConfidence'];
|
|
10
|
+
}
|
|
11
|
+
export declare function scanCode(options: ScanCodeOptions): Promise<ScanResult>;
|
|
12
|
+
//# sourceMappingURL=scan-code.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-code.d.ts","sourceRoot":"","sources":["../src/scan-code.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAE1D,MAAM,WAAW,SAAS;IACxB,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,SAAS,EAAE,CAAC;IACnB,UAAU,CAAC,EAAE,WAAW,CAAC,YAAY,CAAC,CAAC;IACvC,aAAa,CAAC,EAAE,WAAW,CAAC,eAAe,CAAC,CAAC;CAC9C;AAED,wBAAsB,QAAQ,CAAC,OAAO,EAAE,eAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CA+B5E"}
|
|
@@ -0,0 +1,34 @@
|
|
|
1
|
+
import * as fs from 'fs/promises';
|
|
2
|
+
import * as path from 'path';
|
|
3
|
+
import * as os from 'os';
|
|
4
|
+
import { scan } from './scan.js';
|
|
5
|
+
export async function scanCode(options) {
|
|
6
|
+
// Create temp directory
|
|
7
|
+
const tmpDir = await fs.mkdtemp(path.join(os.tmpdir(), 'vlayer-api-'));
|
|
8
|
+
try {
|
|
9
|
+
// Write files to temp directory preserving structure
|
|
10
|
+
for (const file of options.files) {
|
|
11
|
+
const filePath = path.join(tmpDir, file.filename);
|
|
12
|
+
const dir = path.dirname(filePath);
|
|
13
|
+
await fs.mkdir(dir, { recursive: true });
|
|
14
|
+
await fs.writeFile(filePath, file.content, 'utf-8');
|
|
15
|
+
}
|
|
16
|
+
// Run scan on temp directory
|
|
17
|
+
const result = await scan({
|
|
18
|
+
path: tmpDir,
|
|
19
|
+
categories: options.categories,
|
|
20
|
+
minConfidence: options.minConfidence,
|
|
21
|
+
});
|
|
22
|
+
// Clean file paths — remove temp dir prefix
|
|
23
|
+
result.findings = result.findings.map(f => ({
|
|
24
|
+
...f,
|
|
25
|
+
file: f.file.replace(tmpDir + path.sep, ''),
|
|
26
|
+
}));
|
|
27
|
+
return result;
|
|
28
|
+
}
|
|
29
|
+
finally {
|
|
30
|
+
// Always clean up temp files
|
|
31
|
+
await fs.rm(tmpDir, { recursive: true, force: true });
|
|
32
|
+
}
|
|
33
|
+
}
|
|
34
|
+
//# sourceMappingURL=scan-code.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-code.js","sourceRoot":"","sources":["../src/scan-code.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAcjC,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,OAAwB;IACrD,wBAAwB;IACxB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,aAAa,CAAC,CAAC,CAAC;IAEvE,IAAI,CAAC;QACH,qDAAqD;QACrD,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;YACjC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC;YAClD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACnC,MAAM,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzC,MAAM,EAAE,CAAC,SAAS,CAAC,QAAQ,EAAE,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACtD,CAAC;QAED,6BAA6B;QAC7B,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC;YACxB,IAAI,EAAE,MAAM;YACZ,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,aAAa,EAAE,OAAO,CAAC,aAAa;SACrC,CAAC,CAAC;QAEH,4CAA4C;QAC5C,MAAM,CAAC,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,GAAG,CAAC;YACJ,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,EAAE,CAAC;SAC5C,CAAC,CAAC,CAAC;QAEJ,OAAO,MAAM,CAAC;IAChB,CAAC;YAAS,CAAC;QACT,6BAA6B;QAC7B,MAAM,EAAE,CAAC,EAAE,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACxD,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/encryption/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAiC,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/encryption/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,OAAO,EAAiC,MAAM,gBAAgB,CAAC;AA8C7E,eAAO,MAAM,iBAAiB,EAAE,OA2E/B,CAAC"}
|
|
@@ -22,6 +22,19 @@ const MISSING_ENCRYPTION_PATTERNS = [
|
|
|
22
22
|
{ regex: /s3.*upload.*backup(?!.*encrypt|.*sse|.*kms)/i, issue: 'S3 backup without server-side encryption', severity: 'high' },
|
|
23
23
|
{ regex: /backup.*storage(?!.*encrypt)|storage.*backup(?!.*encrypt)/i, issue: 'Backup storage without encryption specified', severity: 'medium' },
|
|
24
24
|
];
|
|
25
|
+
/** Detect test, fixture, example, doc, migration, and seed files */
|
|
26
|
+
function isReducedConfidenceFile(filePath) {
|
|
27
|
+
return /\.(test|spec)\.[^.]+$|__tests__|__mocks__|\/fixtures\/|\/examples\/|\/docs\/|\/migrations?\/|\/seeds?\//i.test(filePath);
|
|
28
|
+
}
|
|
29
|
+
/** Detect comment lines and non-functional references (docs, RFCs, specs) */
|
|
30
|
+
function isCommentOrNonFunctional(line) {
|
|
31
|
+
const trimmed = line.trimStart();
|
|
32
|
+
if (/^(\/\/|#|\*|\/\*)/.test(trimmed))
|
|
33
|
+
return true;
|
|
34
|
+
if (/\b(see|docs|reference|spec|rfc|example|documentation)\b/i.test(trimmed))
|
|
35
|
+
return true;
|
|
36
|
+
return false;
|
|
37
|
+
}
|
|
25
38
|
export const encryptionScanner = {
|
|
26
39
|
name: 'Encryption Scanner',
|
|
27
40
|
category: 'encryption',
|
|
@@ -53,12 +66,20 @@ export const encryptionScanner = {
|
|
|
53
66
|
});
|
|
54
67
|
}
|
|
55
68
|
}
|
|
69
|
+
const isTestOrDocFile = isReducedConfidenceFile(filePath);
|
|
56
70
|
for (const pattern of MISSING_ENCRYPTION_PATTERNS) {
|
|
57
71
|
if (pattern.regex.test(line)) {
|
|
58
72
|
// Check if this is a safe HTTP URL (CDN, namespace, etc.)
|
|
59
73
|
if (pattern.checkSafe && isSafeHttpUrl(line, config)) {
|
|
60
74
|
continue;
|
|
61
75
|
}
|
|
76
|
+
// Skip test/doc files and comment lines for safe-checkable patterns
|
|
77
|
+
if (pattern.checkSafe && isTestOrDocFile) {
|
|
78
|
+
continue;
|
|
79
|
+
}
|
|
80
|
+
if (pattern.checkSafe && isCommentOrNonFunctional(line)) {
|
|
81
|
+
continue;
|
|
82
|
+
}
|
|
62
83
|
findings.push({
|
|
63
84
|
id: `enc-missing-${lineNum}`,
|
|
64
85
|
category: 'encryption',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/encryption/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,MAAM,oBAAoB,GAAG;IAC3B,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC/E,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,QAAiB,EAAE;IACnF,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC7E,EAAE,KAAK,EAAE,oBAAoB,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACvF,EAAE,KAAK,EAAE,oBAAoB,EAAE,KAAK,EAAE,0BAA0B,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC7F,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAe,EAAE;CAC9E,CAAC;AAEF,MAAM,2BAA2B,GAM5B;IACH,EAAE,KAAK,EAAE,sCAAsC,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAe,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE;IACjJ,EAAE,KAAK,EAAE,qBAAqB,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACtF,EAAE,KAAK,EAAE,6BAA6B,EAAE,KAAK,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC3G,EAAE,KAAK,EAAE,iCAAiC,EAAE,KAAK,EAAE,qCAAqC,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACzH,8BAA8B;IAC9B,EAAE,KAAK,EAAE,gEAAgE,EAAE,KAAK,EAAE,4BAA4B,EAAE,QAAQ,EAAE,UAAmB,EAAE,OAAO,EAAE,oBAA+B,EAAE;IACzL,EAAE,KAAK,EAAE,oDAAoD,EAAE,KAAK,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAe,EAAE;IAChI,EAAE,KAAK,EAAE,gEAAgE,EAAE,KAAK,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAe,EAAE,OAAO,EAAE,oBAA+B,EAAE;IACzL,EAAE,KAAK,EAAE,wDAAwD,EAAE,KAAK,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAmB,EAAE,OAAO,EAAE,oBAA+B,EAAE;IACpL,EAAE,KAAK,EAAE,8CAA8C,EAAE,KAAK,EAAE,0CAA0C,EAAE,QAAQ,EAAE,MAAe,EAAE;IACvI,EAAE,KAAK,EAAE,4DAA4D,EAAE,KAAK,EAAE,6CAA6C,EAAE,QAAQ,EAAE,QAAiB,EAAE;CAC3J,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAY;IACxC,IAAI,EAAE,oBAAoB;IAC1B,QAAQ,EAAE,YAAY;IAEtB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,OAAoB;QAC9C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,cAAc,CAAC;QAChD,MAAM,WAAW,GAAG,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;QAC7C,MAAM,cAAc,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QACtI,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAEjF,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;oBACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;oBAE5B,KAAK,MAAM,OAAO,IAAI,oBAAoB,EAAE,CAAC;wBAC3C,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC7B,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,YAAY,OAAO,EAAE;gCACzB,QAAQ,EAAE,YAAY;gCACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,KAAK,EAAE,sBAAsB,OAAO,CAAC,KAAK,EAAE;gCAC5C,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,sCAAsC;gCACnE,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,OAAO,GAAG,CAAC;gCACjB,cAAc,EAAE,qEAAqE;gCACrF,cAAc,EAAE,wCAAwC;gCACxD,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC;6BACtD,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;oBAED,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;wBAClD,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC7B,0DAA0D;4BAC1D,IAAI,OAAO,CAAC,SAAS,IAAI,aAAa,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;gCACrD,SAAS;4BACX,CAAC;4BAED,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,eAAe,OAAO,EAAE;gCAC5B,QAAQ,EAAE,YAAY;gCACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,KAAK,EAAE,qBAAqB,OAAO,CAAC,KAAK,EAAE;gCAC3C,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,sCAAsC;gCACnE,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,OAAO,GAAG,CAAC;gCACjB,cAAc,EAAE,4DAA4D;gCAC5E,cAAc,EAAE,gBAAgB;gCAChC,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC;gCACrD,OAAO,EAAE,OAAO,CAAC,OAAO;6BACzB,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/encryption/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,MAAM,oBAAoB,GAAG;IAC3B,EAAE,KAAK,EAAE,aAAa,EAAE,KAAK,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC/E,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE,oBAAoB,EAAE,QAAQ,EAAE,QAAiB,EAAE;IACnF,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC7E,EAAE,KAAK,EAAE,oBAAoB,EAAE,KAAK,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACvF,EAAE,KAAK,EAAE,oBAAoB,EAAE,KAAK,EAAE,0BAA0B,EAAE,QAAQ,EAAE,MAAe,EAAE;IAC7F,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAe,EAAE;CAC9E,CAAC;AAEF,MAAM,2BAA2B,GAM5B;IACH,EAAE,KAAK,EAAE,sCAAsC,EAAE,KAAK,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAe,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,UAAU,EAAE;IACjJ,EAAE,KAAK,EAAE,qBAAqB,EAAE,KAAK,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACtF,EAAE,KAAK,EAAE,6BAA6B,EAAE,KAAK,EAAE,2BAA2B,EAAE,QAAQ,EAAE,UAAmB,EAAE;IAC3G,EAAE,KAAK,EAAE,iCAAiC,EAAE,KAAK,EAAE,qCAAqC,EAAE,QAAQ,EAAE,UAAmB,EAAE;IACzH,8BAA8B;IAC9B,EAAE,KAAK,EAAE,gEAAgE,EAAE,KAAK,EAAE,4BAA4B,EAAE,QAAQ,EAAE,UAAmB,EAAE,OAAO,EAAE,oBAA+B,EAAE;IACzL,EAAE,KAAK,EAAE,oDAAoD,EAAE,KAAK,EAAE,6BAA6B,EAAE,QAAQ,EAAE,MAAe,EAAE;IAChI,EAAE,KAAK,EAAE,gEAAgE,EAAE,KAAK,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAe,EAAE,OAAO,EAAE,oBAA+B,EAAE;IACzL,EAAE,KAAK,EAAE,wDAAwD,EAAE,KAAK,EAAE,+BAA+B,EAAE,QAAQ,EAAE,UAAmB,EAAE,OAAO,EAAE,oBAA+B,EAAE;IACpL,EAAE,KAAK,EAAE,8CAA8C,EAAE,KAAK,EAAE,0CAA0C,EAAE,QAAQ,EAAE,MAAe,EAAE;IACvI,EAAE,KAAK,EAAE,4DAA4D,EAAE,KAAK,EAAE,6CAA6C,EAAE,QAAQ,EAAE,QAAiB,EAAE;CAC3J,CAAC;AAEF,oEAAoE;AACpE,SAAS,uBAAuB,CAAC,QAAgB;IAC/C,OAAO,0GAA0G,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;AACnI,CAAC;AAED,6EAA6E;AAC7E,SAAS,wBAAwB,CAAC,IAAY;IAC5C,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;IACjC,IAAI,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IACnD,IAAI,0DAA0D,CAAC,IAAI,CAAC,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IAC1F,OAAO,KAAK,CAAC;AACf,CAAC;AAED,MAAM,CAAC,MAAM,iBAAiB,GAAY;IACxC,IAAI,EAAE,oBAAoB;IAC1B,QAAQ,EAAE,YAAY;IAEtB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,OAAoB;QAC9C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,cAAc,CAAC;QAChD,MAAM,WAAW,GAAG,MAAM,CAAC,YAAY,IAAI,CAAC,CAAC;QAC7C,MAAM,cAAc,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,CAAC,CAAC;QACtI,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAEjF,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAClD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;oBACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;oBAE5B,KAAK,MAAM,OAAO,IAAI,oBAAoB,EAAE,CAAC;wBAC3C,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC7B,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,YAAY,OAAO,EAAE;gCACzB,QAAQ,EAAE,YAAY;gCACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,KAAK,EAAE,sBAAsB,OAAO,CAAC,KAAK,EAAE;gCAC5C,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,sCAAsC;gCACnE,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,OAAO,GAAG,CAAC;gCACjB,cAAc,EAAE,qEAAqE;gCACrF,cAAc,EAAE,wCAAwC;gCACxD,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC;6BACtD,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;oBAED,MAAM,eAAe,GAAG,uBAAuB,CAAC,QAAQ,CAAC,CAAC;oBAE1D,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;wBAClD,IAAI,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;4BAC7B,0DAA0D;4BAC1D,IAAI,OAAO,CAAC,SAAS,IAAI,aAAa,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;gCACrD,SAAS;4BACX,CAAC;4BACD,oEAAoE;4BACpE,IAAI,OAAO,CAAC,SAAS,IAAI,eAAe,EAAE,CAAC;gCACzC,SAAS;4BACX,CAAC;4BACD,IAAI,OAAO,CAAC,SAAS,IAAI,wBAAwB,CAAC,IAAI,CAAC,EAAE,CAAC;gCACxD,SAAS;4BACX,CAAC;4BAED,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,eAAe,OAAO,EAAE;gCAC5B,QAAQ,EAAE,YAAY;gCACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,KAAK,EAAE,qBAAqB,OAAO,CAAC,KAAK,EAAE;gCAC3C,WAAW,EAAE,GAAG,OAAO,CAAC,KAAK,sCAAsC;gCACnE,IAAI,EAAE,QAAQ;gCACd,IAAI,EAAE,OAAO,GAAG,CAAC;gCACjB,cAAc,EAAE,4DAA4D;gCAC5E,cAAc,EAAE,gBAAgB;gCAChC,OAAO,EAAE,eAAe,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC;gCACrD,OAAO,EAAE,OAAO,CAAC,OAAO;6BACzB,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}
|
|
@@ -314,7 +314,7 @@ export const hipaa2026Scanner = {
|
|
|
314
314
|
findings.push({
|
|
315
315
|
id: 'HIPAA-ASSET-001',
|
|
316
316
|
category: 'data-retention',
|
|
317
|
-
severity: '
|
|
317
|
+
severity: 'info',
|
|
318
318
|
title: 'ePHI Technology Asset Inventory Generated',
|
|
319
319
|
description: `Found ${assetInventory.length} assets processing ePHI`,
|
|
320
320
|
file: 'ASSET-INVENTORY',
|
|
@@ -329,7 +329,7 @@ export const hipaa2026Scanner = {
|
|
|
329
329
|
findings.push({
|
|
330
330
|
id: 'HIPAA-FLOW-001',
|
|
331
331
|
category: 'data-retention',
|
|
332
|
-
severity: '
|
|
332
|
+
severity: 'info',
|
|
333
333
|
title: 'ePHI Flow Map Generated',
|
|
334
334
|
description: `Identified ${phiFlowMap.length} PHI data flow points`,
|
|
335
335
|
file: 'PHI-FLOW-MAP',
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "verification-layer",
|
|
3
|
-
"version": "0.24.
|
|
4
|
-
"description": "
|
|
3
|
+
"version": "0.24.3",
|
|
4
|
+
"description": "Open-source HIPAA compliance scanner for healthcare code. 163+ rules, 12 categories. CLI + CI/CD + VS Code.",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"types": "dist/index.d.ts",
|
|
7
7
|
"bin": {
|
|
@@ -49,7 +49,9 @@
|
|
|
49
49
|
"hipaa-compliance",
|
|
50
50
|
"baseline",
|
|
51
51
|
"suppression",
|
|
52
|
-
"github-action"
|
|
52
|
+
"github-action",
|
|
53
|
+
"devsecops",
|
|
54
|
+
"healthtech"
|
|
53
55
|
],
|
|
54
56
|
"author": "Simon Franco",
|
|
55
57
|
"license": "MIT",
|