verification-layer 0.24.4 → 0.24.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +3 -1
- package/dist/ai/cache.js +2 -2
- package/dist/ai/cache.js.map +1 -1
- package/dist/ai/config.d.ts +1 -1
- package/dist/ai/config.js +1 -1
- package/dist/ai/config.js.map +1 -1
- package/dist/ai/rules/prompts/audit-logging.js +1 -1
- package/dist/ai/rules/rule-runner.d.ts.map +1 -1
- package/dist/ai/rules/rule-runner.js.map +1 -1
- package/dist/ai/rules/triage.d.ts.map +1 -1
- package/dist/ai/rules/triage.js +1 -1
- package/dist/ai/rules/triage.js.map +1 -1
- package/dist/ai/scanner.d.ts.map +1 -1
- package/dist/ai/scanner.js +1 -1
- package/dist/ai/scanner.js.map +1 -1
- package/dist/cli.js +1 -1
- package/dist/cli.js.map +1 -1
- package/dist/index.d.ts +0 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/dist/marketplace/installer.d.ts.map +1 -1
- package/dist/marketplace/installer.js +3 -3
- package/dist/marketplace/installer.js.map +1 -1
- package/dist/marketplace/registry.d.ts.map +1 -1
- package/dist/marketplace/registry.js +3 -1
- package/dist/marketplace/registry.js.map +1 -1
- package/dist/reporters/index.d.ts.map +1 -1
- package/dist/reporters/index.js +16 -40
- package/dist/reporters/index.js.map +1 -1
- package/dist/scanners/api-security/index.js +2 -2
- package/dist/scanners/api-security/index.js.map +1 -1
- package/dist/scanners/authentication/index.d.ts.map +1 -1
- package/dist/scanners/authentication/index.js +2 -4
- package/dist/scanners/authentication/index.js.map +1 -1
- package/dist/scanners/configuration/index.js +2 -2
- package/dist/scanners/configuration/index.js.map +1 -1
- package/dist/scanners/credentials/index.js +2 -2
- package/dist/scanners/credentials/index.js.map +1 -1
- package/dist/scanners/credentials/patterns.js +1 -1
- package/dist/scanners/credentials/patterns.js.map +1 -1
- package/dist/scanners/errors/index.js +2 -2
- package/dist/scanners/errors/index.js.map +1 -1
- package/dist/scanners/hipaa2026/index.d.ts.map +1 -1
- package/dist/scanners/hipaa2026/index.js +1 -1
- package/dist/scanners/hipaa2026/index.js.map +1 -1
- package/dist/scanners/hipaa2026/patterns.d.ts.map +1 -1
- package/dist/scanners/hipaa2026/patterns.js.map +1 -1
- package/dist/scanners/operational/index.js +3 -3
- package/dist/scanners/operational/index.js.map +1 -1
- package/dist/scanners/rbac/index.js +2 -2
- package/dist/scanners/rbac/index.js.map +1 -1
- package/dist/scanners/revocation/index.js +2 -2
- package/dist/scanners/revocation/index.js.map +1 -1
- package/dist/scanners/sanitization/index.d.ts.map +1 -1
- package/dist/scanners/sanitization/index.js +2 -3
- package/dist/scanners/sanitization/index.js.map +1 -1
- package/dist/scanners/skills/index.js +1 -1
- package/dist/scanners/skills/index.js.map +1 -1
- package/dist/scanners/skills/patterns.js +3 -3
- package/dist/scanners/skills/patterns.js.map +1 -1
- package/dist/training/index.js +1 -1
- package/dist/training/index.js.map +1 -1
- package/dist/utils/scan-history.js +2 -2
- package/dist/utils/scan-history.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/api-security/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,sBAAsB;IAC5B,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/api-security/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,sBAAsB;IAC5B,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,sBAAsB;YACtB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,4BAA4B,CAAC,EAAE,CAAC;gBAC9C,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;oBAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBAEtB,sCAAsC;wBACtC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;wBAChC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BAChG,SAAS;wBACX,CAAC;wBAED,yCAAyC;wBACzC,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;4BAC9B,wEAAwE;4BACxE,IAAI,CAAC,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gCACnE,SAAS;4BACX,CAAC;4BAED,yBAAyB;4BACzB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BAC1C,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;4BAC7C,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;4BAE5D,2CAA2C;4BAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;4BAC5D,IAAI,CAAC,OAAO;gCAAE,SAAS;4BAEvB,0BAA0B;4BAC1B,MAAM,sBAAsB,GAAG,YAAY;iCACxC,MAAM,CAAC,CAAC,CAAC,EAAE;gCACV,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gCACnB,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;4BAC1E,CAAC,CAAC;iCACD,IAAI,CAAC,IAAI,CAAC,CAAC;4BAEd,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;gCAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC1D,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAChC,CAAC;gCACF,IAAI,gBAAgB,EAAE,CAAC;oCACrB,SAAS;gCACX,CAAC;4BACH,CAAC;4BAED,qBAAqB;4BACrB,MAAM,QAAQ,GAAsC,gBAAgB,CAAC;4BAErE,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,OAAO,CAAC,EAAE;gCACd,KAAK,EAAE,OAAO,CAAC,IAAI;gCACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;gCAC7D,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,QAAQ,EAAE,QAAQ;gCAClB,IAAI;gCACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC;gCACrC,cAAc,EAAE,OAAO,CAAC,cAAc;gCACtC,cAAc,EAAE,OAAO,CAAC,cAAc;gCACtC,UAAU,EAAE,MAAM;6BACnB,CAAC,CAAC;4BAEH,SAAS;wBACX,CAAC;wBAED,yCAAyC;wBACzC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBACzD,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,4CAA4C;wBAC5C,IAAI,YAAsB,CAAC;wBAE3B,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;4BAC9B,yDAAyD;4BACzD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;4BAClC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;4BAC3C,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;wBACzC,CAAC;6BAAM,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;4BACpC,+EAA+E;4BAC/E,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BAC1C,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;wBACzC,CAAC;6BAAM,CAAC;4BACN,YAAY,GAAG,CAAC,IAAI,CAAC,CAAC;wBACxB,CAAC;wBAED,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAExC,mCAAmC;wBACnC,MAAM,sBAAsB,GAAG,OAAO;6BACnC,KAAK,CAAC,IAAI,CAAC;6BACX,MAAM,CAAC,CAAC,CAAC,EAAE;4BACV,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;4BACnB,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;wBAC1E,CAAC,CAAC;6BACD,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,0BAA0B;wBAC1B,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;4BAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC1D,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAChC,CAAC;4BACF,IAAI,gBAAgB,EAAE,CAAC;gCACrB,SAAS;4BACX,CAAC;wBACH,CAAC;wBAED,sCAAsC;wBACtC,IAAI,QAAQ,GAAsC,gBAAgB,CAAC;wBACnE,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;4BAC7B,QAAQ,GAAG,cAAc,CAAC;wBAC5B,CAAC;wBAED,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,QAAQ,EAAE,QAAQ;4BAClB,IAAI;4BACJ,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC;4BACrC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;gBAChC,SAAS;YACX,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAGpE,eAAO,MAAM,qBAAqB,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAGpE,eAAO,MAAM,qBAAqB,EAAE,OAmEnC,CAAC"}
|
|
@@ -7,12 +7,10 @@ import { ALL_MFA_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const authenticationScanner = {
|
|
8
8
|
name: 'Multi-Factor Authentication Scanner',
|
|
9
9
|
category: 'access-control', // Map to existing category for now
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code and config files
|
|
13
13
|
const relevantFiles = files.filter((f) => /\.(js|ts|jsx|tsx|json|yaml|yml|env)$/i.test(f));
|
|
14
|
-
// Common auth config file patterns
|
|
15
|
-
const authConfigFiles = relevantFiles.filter((f) => /(?:auth|clerk|supabase|next-auth).*\.(?:ts|js|json|config)/i.test(f));
|
|
16
14
|
for (const file of relevantFiles) {
|
|
17
15
|
try {
|
|
18
16
|
const content = await fs.readFile(file, 'utf-8');
|
|
@@ -58,7 +56,7 @@ export const authenticationScanner = {
|
|
|
58
56
|
}
|
|
59
57
|
}
|
|
60
58
|
}
|
|
61
|
-
catch
|
|
59
|
+
catch {
|
|
62
60
|
// Skip files that can't be read
|
|
63
61
|
}
|
|
64
62
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,gBAAgB,EAAmB,MAAM,eAAe,CAAC;AAElE,MAAM,CAAC,MAAM,qBAAqB,GAAY;IAC5C,IAAI,EAAE,qCAAqC;IAC3C,QAAQ,EAAE,gBAAgB,EAAE,mCAAmC;IAE/D,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,gBAAgB,EAAmB,MAAM,eAAe,CAAC;AAElE,MAAM,CAAC,MAAM,qBAAqB,GAAY;IAC5C,IAAI,EAAE,qCAAqC;IAC3C,QAAQ,EAAE,gBAAgB,EAAE,mCAAmC;IAE/D,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,kCAAkC;QAClC,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvC,uCAAuC,CAAC,IAAI,CAAC,CAAC,CAAC,CAChD,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;YACjC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;oBACvC,mDAAmD;oBACnD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;wBAC7B,MAAM,cAAc,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;wBAC9D,SAAS;oBACX,CAAC;oBAED,oDAAoD;oBACpD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;wBAEzB,gBAAgB;wBAChB,IAAI,mBAAmB,CAAC,IAAI,CAAC,IAAI,CAAC;4BAAE,SAAS;wBAE7C,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAC3D,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iDAAiD;wBACjD,MAAM,WAAW,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;4BACvD,gEAAgE;4BAChE,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BACjD,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;wBACzB,CAAC,CAAC,CAAC;wBAEH,IAAI,WAAW;4BAAE,SAAS;wBAE1B,iBAAiB;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,gBAAgB;4BAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,OAAe,EACf,KAAe,EACf,OAAmB,EACnB,QAAmB;IAEnB,wCAAwC;IACxC,MAAM,UAAU,GACd,oCAAoC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC/C,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAEhD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,oDAAoD;IACpD,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACpE,IAAI,CAAC,aAAa;QAAE,OAAO;IAE3B,6BAA6B;IAC7B,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5E,IAAI,YAAY;QAAE,OAAO;IAEzB,wCAAwC;IACxC,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACnD,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,MAAM;QACR,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,QAAQ,CAAC,IAAI,CAAC;QACZ,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;QACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,iEAAiE;QACpG,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,UAAU;QAChB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,UAAU,EAAE,MAAM;KACnB,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_CONFIGURATION_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const configurationScanner = {
|
|
8
8
|
name: 'Configuration Security Scanner',
|
|
9
9
|
category: 'audit-logging',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(ts|tsx|js|jsx)$/.test(f));
|
|
@@ -76,7 +76,7 @@ export const configurationScanner = {
|
|
|
76
76
|
}
|
|
77
77
|
}
|
|
78
78
|
}
|
|
79
|
-
catch
|
|
79
|
+
catch {
|
|
80
80
|
// Skip files that can't be read
|
|
81
81
|
}
|
|
82
82
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/configuration/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,0BAA0B,EAAE,MAAM,eAAe,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAAY;IAC3C,IAAI,EAAE,gCAAgC;IACtC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/configuration/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,0BAA0B,EAAE,MAAM,eAAe,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAAY;IAC3C,IAAI,EAAE,gCAAgC;IACtC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAC7B,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,8CAA8C;gBAC9C,MAAM,UAAU,GAAG,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;oBAEzB,0CAA0C;oBAC1C,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAE1D,oBAAoB;oBACpB,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;wBACjD,uCAAuC;wBACvC,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,IAAI,UAAU;4BAAE,SAAS;wBAExD,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAEnE,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,0BAA0B;wBAC1B,MAAM,aAAa,GAAG,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;4BACjC,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC3D,MAAM,YAAY,GAAG,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;4BACjC,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAE1D,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAC;wBACpD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC;wBAChE,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;wBAE3D,wCAAwC;wBACxC,MAAM,eAAe,GAAG,YAAY;6BACjC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;6BAC5E,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,kDAAkD;wBAClD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;4BACtD,4DAA4D;4BAC5D,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;gCAChC,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,+DAA+D;4BAC/D,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;gCAChC,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,sEAAsE;4BACtE,OAAO,KAAK,CAAC;wBACf,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,MAAM,OAAO,GAAY;4BACvB,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC;wBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,oBAAoB,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_CREDENTIAL_PATTERNS, } from './patterns.js';
|
|
|
7
7
|
export const credentialsScanner = {
|
|
8
8
|
name: 'Credential Security Scanner',
|
|
9
9
|
category: 'encryption',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code and config files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(js|ts|jsx|tsx|py|java|go|rb|php|cs|env|yml|yaml|json)$/i.test(f));
|
|
@@ -74,7 +74,7 @@ export const credentialsScanner = {
|
|
|
74
74
|
}
|
|
75
75
|
}
|
|
76
76
|
}
|
|
77
|
-
catch
|
|
77
|
+
catch {
|
|
78
78
|
// Skip files that can't be read
|
|
79
79
|
}
|
|
80
80
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/credentials/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EACL,uBAAuB,GAExB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,6BAA6B;IACnC,QAAQ,EAAE,YAAY;IAEtB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/credentials/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EACL,uBAAuB,GAExB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,6BAA6B;IACnC,QAAQ,EAAE,YAAY;IAEtB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,kCAAkC;QAClC,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,4DAA4D,CAAC,IAAI,CAAC,CAAC,CAAC,CACrE,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;oBAC9C,wDAAwD;oBACxD,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;wBAC9B,MAAM,uBAAuB,CAC3B,IAAI,EACJ,OAAO,EACP,KAAK,EACL,OAAO,EACP,QAAQ,CACT,CAAC;wBACF,SAAS;oBACX,CAAC;oBAED,sDAAsD;oBACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;wBAEzB,gCAAgC;wBAChC,IAAI,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC;4BAAE,SAAS;wBAEpD,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAC3D,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iDAAiD;wBACjD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;4BAClD,yCAAyC;4BACzC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;gCAAE,OAAO,IAAI,CAAC;4BAE9B,wDAAwD;4BACxD,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;gCAC9B,mCAAmC;gCACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;gCAC5D,IAAI,UAAU,EAAE,CAAC;oCACf,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;oCAC5B,0CAA0C;oCAC1C,IACE,uFAAuF,CAAC,IAAI,CAC1F,KAAK,CACN,EACD,CAAC;wCACD,OAAO,IAAI,CAAC;oCACd,CAAC;oCACD,yCAAyC;oCACzC,IACE,KAAK,CAAC,MAAM,GAAG,CAAC;wCAChB,wCAAwC,CAAC,IAAI,CAAC,KAAK,CAAC,EACpD,CAAC;wCACD,OAAO,IAAI,CAAC;oCACd,CAAC;gCACH,CAAC;4BACH,CAAC;4BAED,OAAO,KAAK,CAAC;wBACf,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,YAAY;4BACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,IAAY,EACZ,OAAe,EACf,KAAe,EACf,OAA0B,EAC1B,QAAmB;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;QAEzB,gBAAgB;QAChB,IAAI,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAElD,sCAAsC;QACtC,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,WAAW;YAAE,SAAS;QAE3B,iFAAiF;QACjF,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEjE,+CAA+C;QAC/C,MAAM,iBAAiB,GACrB,sCAAsC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEvD,yEAAyE;QACzE,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CACzD,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAChB,CAAC;QAEF,IAAI,aAAa;YAAE,SAAS;QAE5B,+DAA+D;QAC/D,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CACrD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,0BAA0B,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CACjE,CAAC;QAEF,IAAI,gBAAgB;YAAE,SAAS;QAE/B,4CAA4C;QAC5C,IAAI,iBAAiB,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,QAAQ,EAAE,YAAY;gBACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;gBACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,+DAA+D;gBAC1H,IAAI,EAAE,IAAI;gBACV,IAAI,EAAE,UAAU;gBAChB,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,UAAU,EAAE,MAAM;aACnB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -60,7 +60,7 @@ export const HARDCODED_CREDENTIALS = {
|
|
|
60
60
|
// Connection strings
|
|
61
61
|
/(?:connection[-_]?string|connectionstring|database[-_]?url)\s*[:=]\s*['"`][^'"`]{10,}['"`]/i,
|
|
62
62
|
// Bearer tokens
|
|
63
|
-
/['"`]Bearer\s+[A-Za-z0-9_
|
|
63
|
+
/['"`]Bearer\s+[A-Za-z0-9_\-.]{16,}['"`]/i,
|
|
64
64
|
// AWS/Service keys
|
|
65
65
|
/(?:aws|service|client)[-_]?(?:key|secret)\s*[:=]\s*['"`][A-Za-z0-9+/]{20,}['"`]/i,
|
|
66
66
|
],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/credentials/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAsB;IACnD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,0CAA0C;IAChD,WAAW,EACT,6GAA6G;IAC/G,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,sDAAsD;IACtE,QAAQ,EAAE;QACR,uDAAuD;QACvD,uEAAuE;QAEvE,wCAAwC;QACxC,oCAAoC;QAEpC,gDAAgD;QAChD,mDAAmD;QACnD,8CAA8C;KAC/C;IACD,gBAAgB,EAAE;QAChB,oBAAoB;QACpB,SAAS;QACT,SAAS;QACT,SAAS;QACT,SAAS;QAET,qCAAqC;QACrC,0CAA0C;QAC1C,0CAA0C;QAE1C,mDAAmD;QACnD,WAAW;QACX,aAAa;QACb,YAAY;KACb;IACD,cAAc,EACZ,mLAAmL;IACrL,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,gCAAgC;IACtC,WAAW,EACT,qIAAqI;IACvI,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,uDAAuD;IACvE,QAAQ,EAAE;QACR,qDAAqD;QACrD,wDAAwD;QAExD,WAAW;QACX,uDAAuD;QAEvD,UAAU;QACV,sEAAsE;QAEtE,SAAS;QACT,2EAA2E;QAE3E,qBAAqB;QACrB,6FAA6F;QAE7F,gBAAgB;QAChB,
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/credentials/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAsB;IACnD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,0CAA0C;IAChD,WAAW,EACT,6GAA6G;IAC/G,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,sDAAsD;IACtE,QAAQ,EAAE;QACR,uDAAuD;QACvD,uEAAuE;QAEvE,wCAAwC;QACxC,oCAAoC;QAEpC,gDAAgD;QAChD,mDAAmD;QACnD,8CAA8C;KAC/C;IACD,gBAAgB,EAAE;QAChB,oBAAoB;QACpB,SAAS;QACT,SAAS;QACT,SAAS;QACT,SAAS;QAET,qCAAqC;QACrC,0CAA0C;QAC1C,0CAA0C;QAE1C,mDAAmD;QACnD,WAAW;QACX,aAAa;QACb,YAAY;KACb;IACD,cAAc,EACZ,mLAAmL;IACrL,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,gCAAgC;IACtC,WAAW,EACT,qIAAqI;IACvI,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,uDAAuD;IACvE,QAAQ,EAAE;QACR,qDAAqD;QACrD,wDAAwD;QAExD,WAAW;QACX,uDAAuD;QAEvD,UAAU;QACV,sEAAsE;QAEtE,SAAS;QACT,2EAA2E;QAE3E,qBAAqB;QACrB,6FAA6F;QAE7F,gBAAgB;QAChB,0CAA0C;QAE1C,mBAAmB;QACnB,kFAAkF;KACnF;IACD,gBAAgB,EAAE;QAChB,wBAAwB;QACxB,eAAe;QACf,oBAAoB;QACpB,QAAQ;QACR,QAAQ;QACR,SAAS;QAET,eAAe;QACf,yCAAyC;QACzC,4CAA4C;QAC5C,WAAW;QACX,0BAA0B;QAC1B,kBAAkB;QAElB,4BAA4B;QAC5B,cAAc;QACd,OAAO,EAAE,oBAAoB;QAE7B,WAAW;QACX,OAAO;QACP,OAAO;KACR;IACD,cAAc,EACZ,6KAA6K;IAC/K,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAsB;IACpD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,mDAAmD;IACzD,WAAW,EACT,kGAAkG;IACpG,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,uDAAuD;IACvE,QAAQ,EAAE;QACR,qBAAqB;QACrB,qBAAqB;QAErB,mBAAmB;QACnB,qBAAqB;QAErB,wBAAwB;QACxB,0BAA0B;QAE1B,2BAA2B;QAC3B,2BAA2B;QAE3B,qBAAqB;QACrB,uBAAuB;QAEvB,wBAAwB;QACxB,yBAAyB;QAEzB,uBAAuB;QACvB,uBAAuB;QAEvB,sBAAsB;QACtB,uBAAuB;KACxB;IACD,gBAAgB,EAAE;QAChB,yBAAyB;QACzB,mEAAmE;QACnE,6BAA6B;QAC7B,4BAA4B;QAE5B,0CAA0C;QAC1C,qDAAqD;QAErD,sBAAsB;QACtB,qDAAqD;QAErD,gBAAgB;QAChB,uBAAuB;QAEvB,gCAAgC;QAChC,qCAAqC;KACtC;IACD,cAAc,EACZ,8PAA8P;IAChQ,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAwB;IAC1D,kBAAkB;IAClB,qBAAqB;IACrB,mBAAmB;CACpB,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_ERROR_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const errorsScanner = {
|
|
8
8
|
name: 'Error Handling Security Scanner',
|
|
9
9
|
category: 'audit-logging',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(ts|tsx|js|jsx)$/.test(f));
|
|
@@ -67,7 +67,7 @@ export const errorsScanner = {
|
|
|
67
67
|
}
|
|
68
68
|
}
|
|
69
69
|
}
|
|
70
|
-
catch
|
|
70
|
+
catch {
|
|
71
71
|
// Skip files that can't be read
|
|
72
72
|
}
|
|
73
73
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/errors/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,iCAAiC;IACvC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/errors/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,iCAAiC;IACvC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAC7B,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,gDAAgD;gBAChD,MAAM,UAAU,GAAG,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;oBAEzB,mBAAmB;oBACnB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAEjC,oBAAoB;oBACpB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;wBACzC,oCAAoC;wBACpC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAEnE,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iCAAiC;wBACjC,IAAI,OAAO,CAAC,EAAE,KAAK,WAAW,IAAI,UAAU;4BAAE,SAAS;wBAEvD,qDAAqD;wBACrD,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEjE,kDAAkD;wBAClD,6EAA6E;wBAC7E,2EAA2E;wBAC3E,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;4BACtD,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC;4BAChC,iEAAiE;4BACjE,IACE,wDAAwD,CAAC,IAAI,CAC3D,UAAU,CACX,EACD,CAAC;gCACD,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;4BAC7B,CAAC;4BACD,6CAA6C;4BAC7C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAC1B,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,MAAM,OAAO,GAAY;4BACvB,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC;wBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,aAAa,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAmRpE,eAAO,MAAM,gBAAgB,EAAE,OAyI9B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EACL,uBAAuB,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAClC,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAE7B,OAAO,EACL,uBAAuB,GACxB,MAAM,eAAe,CAAC;AAiBvB;;GAEG;AACH,KAAK,UAAU,sBAAsB,CACnC,IAAY,EACZ,OAAe,EACf,KAAe;IAEf,MAAM,MAAM,GAAyB,EAAE,CAAC;IAExC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,kBAAkB;QAClB,IAAI,2DAA2D,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3E,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,gBAAgB,CAAC,IAAI,EAAE,UAAU,CAAC;gBACxC,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,YAAY,EAAE,iCAAiC,CAAC,IAAI,CAAC,OAAO,CAAC;aAC9D,CAAC,CAAC;QACL,CAAC;QAED,iBAAiB;QACjB,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9C,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC;gBACvC,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,YAAY,EAAE,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC;aACvD,CAAC,CAAC;QACL,CAAC;QAED,2BAA2B;QAC3B,IAAI,qDAAqD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrE,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,gBAAgB,CAAC,IAAI,EAAE,aAAa,CAAC;gBAC3C,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,YAAY,EAAE,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC;aACvD,CAAC,CAAC;QACL,CAAC;QAED,gBAAgB;QAChB,IAAI,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAChD,MAAM,CAAC,IAAI,CAAC;gBACV,IAAI,EAAE,KAAK;gBACX,IAAI,EAAE,gBAAgB,CAAC,IAAI,EAAE,KAAK,CAAC;gBACnC,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,YAAY,EAAE,0BAA0B,CAAC,IAAI,CAAC,OAAO,CAAC;aACvD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,UAAU,CACvB,IAAY,EACZ,OAAe,EACf,KAAe;IAEf,MAAM,KAAK,GAAkB,EAAE,CAAC;IAEhC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,eAAe;QACf,IAAI,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACjF,KAAK,CAAC,IAAI,CAAC;gBACT,KAAK,EAAE,OAAO;gBACd,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;aACrB,CAAC,CAAC;QACL,CAAC;QAED,aAAa;QACb,IAAI,mDAAmD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACnE,KAAK,CAAC,IAAI,CAAC;gBACT,KAAK,EAAE,YAAY;gBACnB,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;aACrB,CAAC,CAAC;QACL,CAAC;QAED,UAAU;QACV,IAAI,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC;gBACT,KAAK,EAAE,SAAS;gBAChB,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;aACrB,CAAC,CAAC;QACL,CAAC;QAED,SAAS;QACT,IAAI,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC;gBACT,KAAK,EAAE,QAAQ;gBACf,IAAI;gBACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;aACrB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,0BAA0B,CAAC,WAAmB;IAC3D,MAAM,WAAW,GAAG;QAClB,wBAAwB;QACxB,yBAAyB;QACzB,gCAAgC;QAChC,iCAAiC;QACjC,OAAO;QACP,cAAc;QACd,eAAe;QACf,WAAW;QACX,cAAc;QACd,YAAY;KACb,CAAC;IAEF,KAAK,MAAM,UAAU,IAAI,WAAW,EAAE,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC,CAAC;YACpD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,qBAAqB;QACvB,CAAC;IACH,CAAC;IAED,yDAAyD;IACzD,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;QACnE,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QAC9C,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,wEAAwE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACzF,OAAO,IAAI,CAAC;YACd,CAAC;YACD,iDAAiD;YACjD,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,CAAC,EAAE,OAAO,CAAC,CAAC;gBAC1E,IAAI,sEAAsE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACzF,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,wBAAwB;YAC1B,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,iCAAiC;IACnC,CAAC;IAED,0CAA0C;IAC1C,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,MAAM,EAAE,CAAC,QAAQ,CACnC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,EACtC,OAAO,CACR,CAAC;QACF,IAAI,yBAAyB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAChD,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,kBAAkB;IACpB,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,IAAY,EAAE,IAAY;IAClD,iDAAiD;IACjD,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;IAChD,IAAI,KAAK;QAAE,OAAO,KAAK,CAAC,CAAC,CAAC,CAAC;IAE3B,2BAA2B;IAC3B,OAAO,GAAG,IAAI,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAAC,MAA4B;IACxD,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAC1B,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE;QACb,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QAC3C,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5B,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAA0C,CAC3C,CAAC;IAEF,IAAI,MAAM,GAAG,wCAAwC,CAAC;IAEtD,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACnD,MAAM,IAAI,OAAO,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC;QACxC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,GAAG,GAAG,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC,kBAAkB,CAAC,CAAC,CAAC,EAAE,CAAC;YACxD,MAAM,IAAI,KAAK,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,CAAC;QAClE,CAAC;QACD,MAAM,IAAI,IAAI,CAAC;IACjB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,KAAoB;IAC5C,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAC1B,CAAC,GAAG,EAAE,IAAI,EAAE,EAAE;QACZ,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC;YAAE,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC;QAC3C,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3B,OAAO,GAAG,CAAC;IACb,CAAC,EACD,EAAmC,CACpC,CAAC;IAEF,IAAI,MAAM,GAAG,2BAA2B,CAAC;IACzC,MAAM,MAAM,GAAG,CAAC,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,QAAQ,CAAU,CAAC;IAErE,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;QACnC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEjC,MAAM,IAAI,OAAO,KAAK,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,MAAM,YAAY,CAAC;QAClE,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;YACrC,uBAAuB;YACvB,MAAM,IAAI,KAAK,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,MAAM,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC;QAClF,CAAC;QACD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,MAAM,IAAI,aAAa,KAAK,CAAC,MAAM,GAAG,CAAC,SAAS,CAAC;QACnD,CAAC;QACD,MAAM,IAAI,IAAI,CAAC;IACjB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,MAAM,gBAAgB,GAAY;IACvC,IAAI,EAAE,kCAAkC;IACxC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,OAAoB;QAC9C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,cAAc,GAAyB,EAAE,CAAC;QAChD,MAAM,UAAU,GAAkB,EAAE,CAAC;QAErC,4BAA4B;QAC5B,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,0CAA0C,CAAC,IAAI,CAAC,CAAC,CAAC,CACnD,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,+BAA+B;gBAC/B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;oBAC9C,uCAAuC;oBACvC,IAAI,OAAO,CAAC,EAAE,KAAK,iBAAiB,EAAE,CAAC;wBACrC,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;wBAClE,cAAc,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;wBAC/B,SAAS;oBACX,CAAC;oBAED,wCAAwC;oBACxC,IAAI,OAAO,CAAC,EAAE,KAAK,gBAAgB,EAAE,CAAC;wBACpC,MAAM,KAAK,GAAG,MAAM,UAAU,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;wBACrD,UAAU,CAAC,IAAI,CAAC,GAAG,KAAK,CAAC,CAAC;wBAC1B,SAAS;oBACX,CAAC;oBAED,6DAA6D;oBAC7D,IAAI,OAAO,CAAC,EAAE,KAAK,mBAAmB,EAAE,CAAC;wBACvC,SAAS;oBACX,CAAC;oBAED,4BAA4B;oBAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;wBAEzB,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAC3D,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iDAAiD;wBACjD,MAAM,WAAW,GACf,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;4BACnC,gEAAgE;4BAChE,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BACjD,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;wBACzB,CAAC,CAAC,IAAI,KAAK,CAAC;wBAEd,IAAI,WAAW;4BAAE,SAAS;wBAE1B,iBAAiB;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EACZ,OAAO,CAAC,OAAO;gCACf,WAAW,OAAO,CAAC,IAAI,QAAQ,OAAO,CAAC,cAAc,EAAE;4BACzD,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,OAAO,CAAC,UAAU;yBAC/B,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,mEAAmE;QACnE,MAAM,cAAc,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,mBAAmB,CAAC,CAAC;QACvF,IAAI,cAAc,EAAE,CAAC;YACnB,MAAM,eAAe,GAAG,MAAM,0BAA0B,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACvE,IAAI,CAAC,eAAe,EAAE,CAAC;gBACrB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,cAAc,CAAC,EAAE;oBACrB,QAAQ,EAAE,cAAc,CAAC,QAAe;oBACxC,QAAQ,EAAE,cAAc,CAAC,QAAQ;oBACjC,KAAK,EAAE,cAAc,CAAC,IAAI;oBAC1B,WAAW,EAAE,cAAc,CAAC,WAAW;oBACvC,IAAI,EAAE,eAAe;oBACrB,IAAI,EAAE,CAAC;oBACP,cAAc,EAAE,cAAc,CAAC,OAAO,IAAI,EAAE;oBAC5C,cAAc,EAAE,cAAc,CAAC,cAAc;oBAC7C,UAAU,EAAE,cAAc,CAAC,UAAU;iBACtC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,iBAAiB;gBACrB,QAAQ,EAAE,gBAAgB;gBAC1B,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,2CAA2C;gBAClD,WAAW,EAAE,SAAS,cAAc,CAAC,MAAM,yBAAyB;gBACpE,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,CAAC;gBACP,cAAc,EAAE,oBAAoB,CAAC,cAAc,CAAC;gBACpD,cAAc,EACZ,yDAAyD;gBAC3D,UAAU,EAAE,MAAM;aACnB,CAAC,CAAC;QACL,CAAC;QAED,gCAAgC;QAChC,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC1B,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,gBAAgB;gBACpB,QAAQ,EAAE,gBAAgB;gBAC1B,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,yBAAyB;gBAChC,WAAW,EAAE,cAAc,UAAU,CAAC,MAAM,uBAAuB;gBACnE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,cAAc,EAAE,gBAAgB,CAAC,UAAU,CAAC;gBAC5C,cAAc,EACZ,yDAAyD;gBAC3D,UAAU,EAAE,MAAM;aACnB,CAAC,CAAC;QACL,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,CAAC;IAC9B,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,eAAO,MAAM,YAAY,EAAE,gBA2B1B,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,2BAA2B,EAAE,gBA6BzC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,wBAAwB,EAAE,gBA0BtC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,0BAA0B,EAAE,gBAyBxC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,4BAA4B,EAAE,gBAuB1C,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,6BAA6B,EAAE,gBAyB3C,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,wBAAwB,EAAE,gBAmBtC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,yBAAyB,EAAE,gBAmBvC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,+BAA+B,EAAE,gBAoB7C,CAAC;AAEF,eAAO,MAAM,uBAAuB,EAAE,gBAAgB,EAUrD,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAqB;IAC5C,EAAE,EAAE,eAAe;IACnB,IAAI,EAAE,oDAAoD;IAC1D,WAAW,EAAE,sGAAsG;IACnH,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,sDAAsD;IACtE,QAAQ,EAAE;QACR,yBAAyB;QACzB,yHAAyH;QACzH,2BAA2B;QAC3B,6FAA6F;QAC7F,8BAA8B;QAC9B,sDAAsD;QACtD,+BAA+B;QAC/B,mDAAmD;QACnD,wBAAwB;QACxB,kDAAkD;KACnD;IACD,gBAAgB,EAAE;QAChB,qBAAqB;QACrB,cAAc;QACd,wBAAwB;QACxB,iBAAiB;KAClB;IACD,OAAO,EAAE,yFAAyF;IAClG,UAAU,EAAE,MAAM;IAClB,QAAQ,EAAE,gBAAgB;CAC3B,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,2BAA2B,GAAqB;IAC3D,EAAE,EAAE,oBAAoB;IACxB,IAAI,EAAE,wCAAwC;IAC9C,WAAW,EAAE,+DAA+D;IAC5E,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,mDAAmD;IACnE,QAAQ,EAAE;QACR,8BAA8B;QAC9B,mGAAmG;QACnG,kCAAkC;QAClC,mGAAmG;QACnG,wBAAwB;QACxB,kDAAkD;QAClD,8BAA8B;QAC9B,wFAAwF;QACxF,6BAA6B;QAC7B,uDAAuD;QACvD,gCAAgC;QAChC,iDAAiD;KAClD;IACD,gBAAgB,EAAE;QAChB,kBAAkB;QAClB,cAAc;QACd,WAAW;QACX,UAAU;KACX;IACD,OAAO,EAAE,+FAA+F;IACxG,UAAU,EAAE,MAAM;IAClB,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAqB;IACxD,EAAE,EAAE,mBAAmB;IACvB,IAAI,EAAE,mCAAmC;IACzC,WAAW,EAAE,uEAAuE;IACpF,QAAQ,EAAE,MAAM;IAChB,cAAc,EAAE,yDAAyD;IACzE,QAAQ,EAAE;QACR,oCAAoC;QACpC,kFAAkF;QAClF,4CAA4C;QAC5C,+CAA+C;QAC/C,yBAAyB;QACzB,mCAAmC;QACnC,oCAAoC;QACpC,iCAAiC;QACjC,uBAAuB;QACvB,iDAAiD;KAClD;IACD,gBAAgB,EAAE;QAChB,0BAA0B,EAAE,qBAAqB;QACjD,0CAA0C;QAC1C,cAAc;KACf;IACD,OAAO,EAAE,+EAA+E;IACxF,UAAU,EAAE,MAAM;IAClB,QAAQ,EAAE,gBAAgB;CAC3B,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,0BAA0B,GAAqB;IAC1D,EAAE,EAAE,kBAAkB;IACtB,IAAI,EAAE,qCAAqC;IAC3C,WAAW,EAAE,wEAAwE;IACrF,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,kEAAkE;IAClF,QAAQ,EAAE;QACR,2CAA2C;QAC3C,8FAA8F;QAC9F,sCAAsC;QACtC,yEAAyE;QACzE,0BAA0B;QAC1B,6DAA6D;QAC7D,8BAA8B;QAC9B,sEAAsE;KACvE;IACD,gBAAgB,EAAE;QAChB,kBAAkB;QAClB,wBAAwB;QACxB,sBAAsB;QACtB,oBAAoB;KACrB;IACD,OAAO,EAAE,+FAA+F;IACxG,UAAU,EAAE,QAAQ;IACpB,QAAQ,EAAE,gBAAgB;CAC3B,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAqB;IAC5D,EAAE,EAAE,kBAAkB;IACtB,IAAI,EAAE,uCAAuC;IAC7C,WAAW,EAAE,wEAAwE;IACrF,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,qEAAqE;IACrF,QAAQ,EAAE;QACR,yCAAyC;QACzC,mHAAmH;QACnH,2CAA2C;QAC3C,qEAAqE;QACrE,oCAAoC;QACpC,kEAAkE;KACnE;IACD,gBAAgB,EAAE;QAChB,uBAAuB;QACvB,4BAA4B;QAC5B,sBAAsB;QACtB,eAAe;KAChB;IACD,OAAO,EAAE,0FAA0F;IACnG,UAAU,EAAE,QAAQ;IACpB,QAAQ,EAAE,eAAe;CAC1B,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,6BAA6B,GAAqB;IAC7D,EAAE,EAAE,mBAAmB;IACvB,IAAI,EAAE,sCAAsC;IAC5C,WAAW,EAAE,iFAAiF;IAC9F,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,0DAA0D;IAC1E,QAAQ,EAAE;QACR,oCAAoC;QACpC,+DAA+D;QAC/D,uCAAuC;QACvC,wEAAwE;QACxE,2CAA2C;QAC3C,6FAA6F;QAC7F,4BAA4B;QAC5B,4EAA4E;KAC7E;IACD,gBAAgB,EAAE;QAChB,oBAAoB,EAAE,YAAY;QAClC,mBAAmB;QACnB,gBAAgB;QAChB,mBAAmB;KACpB;IACD,OAAO,EAAE,gGAAgG;IACzG,UAAU,EAAE,MAAM;IAClB,QAAQ,EAAE,gBAAgB;CAC3B,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAqB;IACxD,EAAE,EAAE,iBAAiB;IACrB,IAAI,EAAE,0CAA0C;IAChD,WAAW,EAAE,+EAA+E;IAC5F,QAAQ,EAAE,MAAM;IAChB,cAAc,EAAE,yDAAyD;IACzE,QAAQ,EAAE;QACR,YAAY;QACZ,gEAAgE;QAChE,mBAAmB;QACnB,8BAA8B;QAC9B,2BAA2B;QAC3B,qDAAqD;QACrD,OAAO;QACP,gCAAgC;KACjC;IACD,OAAO,EAAE,gEAAgE;IACzE,UAAU,EAAE,MAAM;IAClB,QAAQ,EAAE,gBAAgB;CAC3B,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAqB;IACzD,EAAE,EAAE,gBAAgB;IACpB,IAAI,EAAE,wBAAwB;IAC9B,WAAW,EAAE,4FAA4F;IACzG,QAAQ,EAAE,MAAM;IAChB,cAAc,EAAE,yDAAyD;IACzE,QAAQ,EAAE;QACR,eAAe;QACf,iEAAiE;QACjE,aAAa;QACb,mDAAmD;QACnD,UAAU;QACV,2CAA2C;QAC3C,SAAS;QACT,kDAAkD;KACnD;IACD,OAAO,EAAE,6DAA6D;IACtE,UAAU,EAAE,MAAM;IAClB,QAAQ,EAAE,gBAAgB;CAC3B,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAqB;IAC/D,EAAE,EAAE,mBAAmB;IACvB,IAAI,EAAE,8CAA8C;IACpD,WAAW,EAAE,gFAAgF;IAC7F,QAAQ,EAAE,MAAM;IAChB,cAAc,EAAE,+CAA+C;IAC/D,QAAQ,EAAE;QACR,oCAAoC;QACpC,mDAAmD;KACpD;IACD,gBAAgB,EAAE;QAChB,kBAAkB;QAClB,YAAY;QACZ,QAAQ;QACR,YAAY;QACZ,kBAAkB;KACnB;IACD,OAAO,EAAE,iFAAiF;IAC1F,UAAU,EAAE,QAAQ;IACpB,QAAQ,EAAE,eAAe;CAC1B,CAAC;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAuB;IACzD,YAAY;IACZ,2BAA2B;IAC3B,wBAAwB;IACxB,0BAA0B;IAC1B,4BAA4B;IAC5B,6BAA6B;IAC7B,wBAAwB;IACxB,yBAAyB;IACzB,+BAA+B;CAChC,CAAC"}
|
|
@@ -7,7 +7,7 @@ import * as fs from 'fs/promises';
|
|
|
7
7
|
export const operationalScanner = {
|
|
8
8
|
name: 'Operational Security Scanner',
|
|
9
9
|
category: 'data-retention',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Handle BACKUP-001 separately (requires project-wide scan)
|
|
13
13
|
const backupFinding = await scanForBackupConfiguration(files);
|
|
@@ -93,7 +93,7 @@ export const operationalScanner = {
|
|
|
93
93
|
}
|
|
94
94
|
}
|
|
95
95
|
}
|
|
96
|
-
catch
|
|
96
|
+
catch {
|
|
97
97
|
// Skip files that can't be read
|
|
98
98
|
continue;
|
|
99
99
|
}
|
|
@@ -146,7 +146,7 @@ async function scanForBackupConfiguration(files) {
|
|
|
146
146
|
break;
|
|
147
147
|
}
|
|
148
148
|
}
|
|
149
|
-
catch
|
|
149
|
+
catch {
|
|
150
150
|
// Skip files that can't be read
|
|
151
151
|
continue;
|
|
152
152
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/operational/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAClF,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,8BAA8B;IACpC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/operational/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,wBAAwB,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAClF,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,8BAA8B;IACpC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,4DAA4D;QAC5D,MAAM,aAAa,GAAG,MAAM,0BAA0B,CAAC,KAAK,CAAC,CAAC;QAC9D,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC/B,CAAC;QAED,mDAAmD;QACnD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,sBAAsB;YACtB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,4BAA4B,CAAC,EAAE,CAAC;gBAC9C,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;oBAC/C,oCAAoC;oBACpC,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;wBAChC,SAAS;oBACX,CAAC;oBAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBAEtB,qBAAqB;wBACrB,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;wBAChC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BAChG,SAAS;wBACX,CAAC;wBAED,6CAA6C;wBAC7C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBACzD,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,4CAA4C;wBAC5C,IAAI,YAAsB,CAAC;wBAE3B,IAAI,OAAO,CAAC,EAAE,KAAK,eAAe,EAAE,CAAC;4BACnC,4EAA4E;4BAC5E,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;4BAC3C,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;wBACzC,CAAC;6BAAM,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;4BACpC,mDAAmD;4BACnD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BAC1C,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;wBACzC,CAAC;6BAAM,CAAC;4BACN,YAAY,GAAG,CAAC,IAAI,CAAC,CAAC;wBACxB,CAAC;wBAED,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAExC,mCAAmC;wBACnC,MAAM,sBAAsB,GAAG,OAAO;6BACnC,KAAK,CAAC,IAAI,CAAC;6BACX,MAAM,CAAC,CAAC,CAAC,EAAE;4BACV,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;4BACnB,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;wBAC1E,CAAC,CAAC;6BACD,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,0BAA0B;wBAC1B,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;4BAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC1D,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAChC,CAAC;4BACF,IAAI,gBAAgB,EAAE,CAAC;gCACrB,SAAS;4BACX,CAAC;wBACH,CAAC;wBAED,sCAAsC;wBACtC,IAAI,QAAQ,GAAwC,gBAAgB,CAAC;wBACrE,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;4BAC7B,QAAQ,GAAG,gBAAgB,CAAC;wBAC9B,CAAC;wBAED,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,QAAQ,EAAE,QAAQ;4BAClB,IAAI;4BACJ,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC;4BACrC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,QAAQ;yBACrB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;gBAChC,SAAS;YACX,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;;GAGG;AACH,KAAK,UAAU,0BAA0B,CAAC,KAAe;IACvD,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAC7B,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,WAAW,GAAkB,IAAI,CAAC;IACtC,IAAI,WAAW,GAAG,CAAC,CAAC;IACpB,IAAI,WAAW,GAAG,EAAE,CAAC;IAErB,mEAAmE;IACnE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,0CAA0C,CAAC,EAAE,CAAC;YAC5D,SAAS;QACX,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,2BAA2B;YAC3B,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,OAAO,GAAG,uBAAuB,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;oBACzE,IAAI,OAAO,EAAE,CAAC;wBACZ,gBAAgB,GAAG,IAAI,CAAC;wBACxB,IAAI,CAAC,WAAW,EAAE,CAAC;4BACjB,WAAW,GAAG,IAAI,CAAC;4BACnB,WAAW,GAAG,CAAC,GAAG,CAAC,CAAC;4BACpB,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;wBAC5B,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,qDAAqD;YACrD,IAAI,CAAC,eAAe,IAAI,uBAAuB,CAAC,gBAAgB,EAAE,CAAC;gBACjE,MAAM,SAAS,GAAG,uBAAuB,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CACnE,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,CACjB,CAAC;gBACF,IAAI,SAAS,EAAE,CAAC;oBACd,eAAe,GAAG,IAAI,CAAC;gBACzB,CAAC;YACH,CAAC;YAED,sCAAsC;YACtC,IAAI,gBAAgB,IAAI,eAAe,EAAE,CAAC;gBACxC,MAAM;YACR,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,gCAAgC;YAChC,SAAS;QACX,CAAC;IACH,CAAC;IAED,mEAAmE;IACnE,IAAI,gBAAgB,IAAI,CAAC,eAAe,IAAI,WAAW,EAAE,CAAC;QACxD,OAAO;YACL,EAAE,EAAE,uBAAuB,CAAC,EAAE;YAC9B,KAAK,EAAE,uBAAuB,CAAC,IAAI;YACnC,WAAW,EAAE,GAAG,uBAAuB,CAAC,WAAW,aAAa,WAAW,EAAE;YAC7E,QAAQ,EAAE,uBAAuB,CAAC,QAAQ;YAC1C,QAAQ,EAAE,gBAAgB;YAC1B,IAAI,EAAE,WAAW;YACjB,IAAI,EAAE,WAAW;YACjB,cAAc,EAAE,uBAAuB,CAAC,cAAc;YACtD,cAAc,EAAE,uBAAuB,CAAC,cAAc;YACtD,UAAU,EAAE,KAAK,EAAE,wCAAwC;SAC5D,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_RBAC_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const rbacScanner = {
|
|
8
8
|
name: 'Role-Based Access Control Scanner',
|
|
9
9
|
category: 'access-control',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(js|ts|jsx|tsx|sql|prisma)$/i.test(f));
|
|
@@ -66,7 +66,7 @@ export const rbacScanner = {
|
|
|
66
66
|
}
|
|
67
67
|
}
|
|
68
68
|
}
|
|
69
|
-
catch
|
|
69
|
+
catch {
|
|
70
70
|
// Skip files that can't be read
|
|
71
71
|
}
|
|
72
72
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/rbac/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,iBAAiB,EAAoB,MAAM,eAAe,CAAC;AAEpE,MAAM,CAAC,MAAM,WAAW,GAAY;IAClC,IAAI,EAAE,mCAAmC;IACzC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/rbac/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,iBAAiB,EAAoB,MAAM,eAAe,CAAC;AAEpE,MAAM,CAAC,MAAM,WAAW,GAAY;IAClC,IAAI,EAAE,mCAAmC;IACzC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,gCAAgC,CAAC,IAAI,CAAC,CAAC,CAAC,CACzC,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,uDAAuD;gBACvD,MAAM,YAAY,GAAG,gBAAgB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBAErD,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;oBACxC,8DAA8D;oBAC9D,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,IAAI,CAAC,YAAY,EAAE,CAAC;wBAC/C,SAAS;oBACX,CAAC;oBAED,6EAA6E;oBAC7E,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;wBAC9B,MAAM,yBAAyB,CAC7B,IAAI,EACJ,OAAO,EACP,KAAK,EACL,OAAO,EACP,QAAQ,CACT,CAAC;wBACF,SAAS;oBACX,CAAC;oBAED,sDAAsD;oBACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;wBAEzB,gBAAgB;wBAChB,IAAI,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC;4BAAE,SAAS;wBAElD,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAC3D,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iDAAiD;wBACjD,MAAM,WAAW,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;4BACvD,gDAAgD;4BAChD,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;gCAC9B,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;4BACzC,CAAC;4BACD,yDAAyD;4BACzD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;4BAClE,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;wBACzB,CAAC,CAAC,CAAC;wBAEH,IAAI,WAAW;4BAAE,SAAS;wBAE1B,iBAAiB;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,gBAAgB;4BAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,SAAS,gBAAgB,CAAC,IAAY,EAAE,OAAe;IACrD,yBAAyB;IACzB,MAAM,cAAc,GAAG;QACrB,iCAAiC;QACjC,aAAa;QACb,aAAa;QACb,gCAAgC;QAChC,WAAW;QACX,aAAa;KACd,CAAC;IAEF,2CAA2C;IAC3C,MAAM,cAAc,GAAG;QACrB,UAAU;QACV,aAAa;QACb,qBAAqB;QACrB,iBAAiB;QACjB,aAAa;KACd,CAAC;IAEF,kDAAkD;IAClD,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAChE,OAAO,KAAK,CAAC;IACf,CAAC;IAED,kDAAkD;IAClD,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,EAAE,CAAC;QAChE,OAAO,IAAI,CAAC;IACd,CAAC;IAED,6DAA6D;IAC7D,OAAO,4CAA4C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjE,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,yBAAyB,CACtC,IAAY,EACZ,OAAe,EACf,KAAe,EACf,OAAoB,EACpB,QAAmB;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;QAEzB,gBAAgB;QAChB,IAAI,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAElD,yCAAyC;QACzC,MAAM,YAAY,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAChE,IAAI,CAAC,YAAY;YAAE,SAAS;QAE5B,kFAAkF;QAClF,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QACzC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEjE,+CAA+C;QAC/C,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC5D,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAChB,CAAC;QAEF,IAAI,gBAAgB;YAAE,SAAS;QAE/B,iBAAiB;QACjB,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,QAAQ,EAAE,gBAAgB;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;YACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,uDAAuD;YAClH,IAAI,EAAE,IAAI;YACV,IAAI,EAAE,UAAU;YAChB,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,cAAc,EAAE,OAAO,CAAC,cAAc;YACtC,UAAU,EAAE,MAAM;SACnB,CAAC,CAAC;IACL,CAAC;AACH,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_REVOCATION_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const revocationScanner = {
|
|
8
8
|
name: 'Token Revocation Security Scanner',
|
|
9
9
|
category: 'access-control',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(ts|tsx|js|jsx)$/.test(f));
|
|
@@ -72,7 +72,7 @@ export const revocationScanner = {
|
|
|
72
72
|
}
|
|
73
73
|
}
|
|
74
74
|
}
|
|
75
|
-
catch
|
|
75
|
+
catch {
|
|
76
76
|
// Skip files that can't be read
|
|
77
77
|
}
|
|
78
78
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/revocation/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAExD,MAAM,CAAC,MAAM,iBAAiB,GAAY;IACxC,IAAI,EAAE,mCAAmC;IACzC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/revocation/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,uBAAuB,EAAE,MAAM,eAAe,CAAC;AAExD,MAAM,CAAC,MAAM,iBAAiB,GAAY;IACxC,IAAI,EAAE,mCAAmC;IACzC,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAC7B,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;oBAEzB,gCAAgC;oBAChC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAE1D,oBAAoB;oBACpB,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;wBAC9C,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAEnE,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,wEAAwE;wBACxE,+CAA+C;wBAC/C,MAAM,aAAa,GAAG,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;wBAC5D,MAAM,YAAY,GAAG,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAE1D,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAC;wBACpD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC;wBAChE,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;wBAE3D,wCAAwC;wBACxC,MAAM,eAAe,GAAG,YAAY;6BACjC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;6BAC5E,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,kDAAkD;wBAClD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;4BACtD,gEAAgE;4BAChE,2DAA2D;4BAC3D,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;gCAChC,mDAAmD;gCACnD,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;gCAChC,wEAAwE;gCACxE,8CAA8C;gCAC9C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACzD,CAAC;4BAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAC1B,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,MAAM,OAAO,GAAY;4BACvB,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC;wBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,iBAAiB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/sanitization/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAGpE,eAAO,MAAM,mBAAmB,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/sanitization/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAGpE,eAAO,MAAM,mBAAmB,EAAE,OA4GjC,CAAC;AAEF,eAAe,mBAAmB,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_SANITIZATION_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const sanitizationScanner = {
|
|
8
8
|
name: 'Input Sanitization Security Scanner',
|
|
9
9
|
category: 'access-control',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(ts|tsx|js|jsx)$/.test(f));
|
|
@@ -39,7 +39,6 @@ export const sanitizationScanner = {
|
|
|
39
39
|
// For SANITIZE-001, check context for validation
|
|
40
40
|
// For SANITIZE-002, check if config object has required fields
|
|
41
41
|
const isSafe = pattern.negativePatterns?.some((regex) => {
|
|
42
|
-
const patternStr = regex.source;
|
|
43
42
|
// For file upload patterns, check the entire config block
|
|
44
43
|
if (pattern.id === 'SANITIZE-002') {
|
|
45
44
|
// Check if the line has the required validation fields
|
|
@@ -87,7 +86,7 @@ export const sanitizationScanner = {
|
|
|
87
86
|
}
|
|
88
87
|
}
|
|
89
88
|
}
|
|
90
|
-
catch
|
|
89
|
+
catch {
|
|
91
90
|
// Skip files that can't be read
|
|
92
91
|
}
|
|
93
92
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/sanitization/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAE1D,MAAM,CAAC,MAAM,mBAAmB,GAAY;IAC1C,IAAI,EAAE,qCAAqC;IAC3C,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/sanitization/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAE1D,MAAM,CAAC,MAAM,mBAAmB,GAAY;IAC1C,IAAI,EAAE,qCAAqC;IAC3C,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAC7B,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;oBAEzB,gCAAgC;oBAChC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAE1D,oBAAoB;oBACpB,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;wBAChD,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAEnE,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,4EAA4E;wBAC5E,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;wBACzC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBACjD,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;wBAE3D,wCAAwC;wBACxC,MAAM,eAAe,GAAG,YAAY;6BACjC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;6BAC5E,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,kDAAkD;wBAClD,iDAAiD;wBACjD,+DAA+D;wBAC/D,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;4BACtD,0DAA0D;4BAC1D,IAAI,OAAO,CAAC,EAAE,KAAK,cAAc,EAAE,CAAC;gCAClC,uDAAuD;gCACvD,+CAA+C;gCAC/C,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,6DAA6D;4BAC7D,IAAI,OAAO,CAAC,EAAE,KAAK,cAAc,EAAE,CAAC;gCAClC,uEAAuE;gCACvE,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAC1B,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,yEAAyE;wBACzE,IAAI,OAAO,CAAC,EAAE,KAAK,cAAc,EAAE,CAAC;4BAClC,mDAAmD;4BACnD,IACE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;gCACvB,6BAA6B,CAAC,IAAI,CAAC,IAAI,CAAC,EACxC,CAAC;gCACD,SAAS;4BACX,CAAC;4BAED,6DAA6D;4BAC7D,IACE,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;gCAC5B,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC;gCAChC,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC;gCAC5B,CAAC,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAChC,CAAC;gCACD,SAAS;4BACX,CAAC;wBACH,CAAC;wBAED,iBAAiB;wBACjB,MAAM,OAAO,GAAY;4BACvB,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC;wBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,mBAAmB,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_SKILL_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const skillsScanner = {
|
|
8
8
|
name: 'AI Agent Skills Scanner',
|
|
9
9
|
category: 'access-control',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to only SKILL.md files
|
|
13
13
|
const skillFiles = files.filter((f) => f.endsWith('SKILL.md') ||
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/skills/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,yBAAyB;IAC/B,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/skills/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AAEvC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,yBAAyB;IAC/B,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,gCAAgC;QAChC,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAC7B,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;YACtB,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;YACtB,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC;YACvB,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC;YACtB,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAC1B,CAAC;QAEF,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC5B,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC,MAAM,4BAA4B,CAAC,CAAC;QAE1E,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;YAC9B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC9C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,oBAAoB;gBACpB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;oBACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;wBAE1C,IAAI,KAAK,EAAE,CAAC;4BACV,6BAA6B;4BAC7B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjD,MAAM,OAAO,GAAG,KAAK;iCAClB,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC;iCAC/B,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;gCAChB,UAAU,EAAE,YAAY,GAAG,GAAG,GAAG,CAAC;gCAClC,OAAO,EAAE,CAAC;gCACV,OAAO,EAAE,YAAY,GAAG,GAAG,KAAK,CAAC;6BAClC,CAAC,CAAC,CAAC;4BAEN,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,OAAO,CAAC,EAAE;gCACd,QAAQ,EAAE,uBAAuB,CAAC,OAAO,CAAC,QAAQ,CAAC;gCACnD,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;gCACnB,WAAW,EAAE,OAAO,CAAC,WAAW;gCAChC,IAAI;gCACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,cAAc,EAAE,OAAO,CAAC,cAAc;gCACtC,cAAc,EAAE,OAAO,CAAC,cAAc;gCACtC,OAAO;gCACP,UAAU,EAAE,MAAM;6BACnB,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,gDAAgD;gBAChD,MAAM,QAAQ,GAAG,oBAAoB,CAAC,OAAO,CAAC,CAAC;gBAE/C,2CAA2C;gBAC3C,IAAI,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,GAAG,CAAC,IAAI,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;oBACjF,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,6BAA6B;wBACjC,QAAQ,EAAE,gBAAgB;wBAC1B,QAAQ,EAAE,MAAM;wBAChB,KAAK,EAAE,sCAAsC;wBAC7C,WAAW,EAAE,sFAAsF;wBACnG,IAAI;wBACJ,IAAI,EAAE,QAAQ,CAAC,eAAe,IAAI,CAAC;wBACnC,cAAc,EAAE,6EAA6E;wBAC7F,cAAc,EAAE,kCAAkC;wBAClD,UAAU,EAAE,MAAM;qBACnB,CAAC,CAAC;gBACL,CAAC;gBAED,qCAAqC;gBACrC,IAAI,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC;oBACzC,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,sBAAsB;wBAC1B,QAAQ,EAAE,gBAAgB;wBAC1B,QAAQ,EAAE,QAAQ;wBAClB,KAAK,EAAE,sCAAsC;wBAC7C,WAAW,EAAE,wEAAwE;wBACrF,IAAI;wBACJ,IAAI,EAAE,CAAC;wBACP,cAAc,EAAE,+EAA+E;wBAC/F,UAAU,EAAE,QAAQ;qBACrB,CAAC,CAAC;gBACL,CAAC;gBAED,uCAAuC;gBACvC,IAAI,mCAAmC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBACtD,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,2BAA2B;wBAC/B,QAAQ,EAAE,gBAAgB;wBAC1B,QAAQ,EAAE,UAAU;wBACpB,KAAK,EAAE,uCAAuC;wBAC9C,WAAW,EAAE,2DAA2D;wBACxE,IAAI;wBACJ,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,mCAAmC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;wBAC3F,cAAc,EAAE,uEAAuE;wBACvF,UAAU,EAAE,MAAM;qBACnB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,OAAO,CAAC,KAAK,CAAC,6BAA6B,IAAI,GAAG,EAAE,KAAK,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,SAAS,uBAAuB,CAC9B,aAAqB;IAErB,QAAQ,aAAa,EAAE,CAAC;QACtB,KAAK,cAAc;YACjB,OAAO,cAAc,CAAC;QACxB,KAAK,iBAAiB;YACpB,OAAO,gBAAgB,CAAC;QAC1B,KAAK,WAAW;YACd,OAAO,gBAAgB,CAAC;QAC1B,KAAK,iBAAiB;YACpB,OAAO,YAAY,CAAC,CAAC,0DAA0D;QACjF;YACE,OAAO,gBAAgB,CAAC;IAC5B,CAAC;AACH,CAAC;AAWD,SAAS,oBAAoB,CAAC,OAAe;IAC3C,MAAM,QAAQ,GAAkB,EAAE,CAAC;IACnC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,iBAAiB;QACjB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;QACpE,IAAI,WAAW,EAAE,CAAC;YAChB,QAAQ,CAAC,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1C,CAAC;QAED,iBAAiB;QACjB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;QACrE,IAAI,WAAW,EAAE,CAAC;YAChB,QAAQ,CAAC,MAAM,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1C,CAAC;QAED,sBAAsB;QACtB,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;QACpE,IAAI,SAAS,EAAE,CAAC;YACd,QAAQ,CAAC,WAAW,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;YACpE,QAAQ,CAAC,eAAe,GAAG,CAAC,GAAG,CAAC,CAAC;QACnC,CAAC;QAED,kBAAkB;QAClB,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,sBAAsB,CAAC,CAAC;QACxD,IAAI,YAAY,EAAE,CAAC;YACjB,QAAQ,CAAC,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5C,CAAC;QAED,eAAe;QACf,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,SAAS,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACtC,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -27,7 +27,7 @@ export const PHI_EXPOSURE_PATTERNS = [
|
|
|
27
27
|
{
|
|
28
28
|
id: 'skill-phi-dob',
|
|
29
29
|
name: 'Date of birth in prompt',
|
|
30
|
-
pattern: /(?:dob|date.{0,5}birth|birthdate)[:=]\s*['"]?\d{1,2}[
|
|
30
|
+
pattern: /(?:dob|date.{0,5}birth|birthdate)[:=]\s*['"]?\d{1,2}[/-]\d{1,2}[/-]\d{2,4}['"]?/i,
|
|
31
31
|
severity: 'high',
|
|
32
32
|
description: 'Date of birth found in skill definition',
|
|
33
33
|
recommendation: 'Use template variable {{date_of_birth}} instead of actual dates',
|
|
@@ -60,7 +60,7 @@ export const CREDENTIAL_LEAK_PATTERNS = [
|
|
|
60
60
|
{
|
|
61
61
|
id: 'skill-api-key-exposed',
|
|
62
62
|
name: 'API key in skill configuration',
|
|
63
|
-
pattern: /(?:api.{0,5}key|apikey|access.{0,5}key)[:=]\s*['"]?[A-Za-z0-9_
|
|
63
|
+
pattern: /(?:api.{0,5}key|apikey|access.{0,5}key)[:=]\s*['"]?[A-Za-z0-9_-]{20,}['"]?/i,
|
|
64
64
|
severity: 'critical',
|
|
65
65
|
description: 'Hardcoded API key found in skill',
|
|
66
66
|
recommendation: 'Use environment variables: ${ANTHROPIC_API_KEY} or prompt user for keys',
|
|
@@ -87,7 +87,7 @@ export const CREDENTIAL_LEAK_PATTERNS = [
|
|
|
87
87
|
{
|
|
88
88
|
id: 'skill-bearer-token',
|
|
89
89
|
name: 'Bearer token hardcoded',
|
|
90
|
-
pattern: /bearer\s+[A-Za-z0-9_
|
|
90
|
+
pattern: /bearer\s+[A-Za-z0-9_\-.]{20,}/i,
|
|
91
91
|
severity: 'critical',
|
|
92
92
|
description: 'Bearer authentication token found in skill',
|
|
93
93
|
recommendation: 'Tokens should be fetched securely at runtime, not hardcoded',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/skills/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAaH,wBAAwB;AACxB,MAAM,CAAC,MAAM,qBAAqB,GAAmB;IACnD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,iCAAiC;QAC1C,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,kDAAkD;QAC/D,cAAc,EAAE,oFAAoF;QACpG,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mDAAmD;QAChE,cAAc,EAAE,+EAA+E;QAC/F,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/skills/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAaH,wBAAwB;AACxB,MAAM,CAAC,MAAM,qBAAqB,GAAmB;IACnD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,iCAAiC;QAC1C,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,kDAAkD;QAC/D,cAAc,EAAE,oFAAoF;QACpG,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mDAAmD;QAChE,cAAc,EAAE,+EAA+E;QAC/F,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,kFAAkF;QAC3F,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,yCAAyC;QACtD,cAAc,EAAE,iEAAiE;QACjF,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,+BAA+B;QACrC,OAAO,EAAE,mEAAmE;QAC5E,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,6CAA6C;QAC1D,cAAc,EAAE,qEAAqE;QACrF,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,0BAA0B;QAChC,OAAO,EAAE,4EAA4E;QACrF,QAAQ,EAAE,QAAQ;QAClB,WAAW,EAAE,2CAA2C;QACxD,cAAc,EAAE,0DAA0D;QAC1E,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,cAAc;KACzB;CACF,CAAC;AAEF,2BAA2B;AAC3B,MAAM,CAAC,MAAM,wBAAwB,GAAmB;IACtD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,gCAAgC;QACtC,OAAO,EAAE,6EAA6E;QACtF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,kCAAkC;QAC/C,cAAc,EAAE,yEAAyE;QACzF,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,yBAAyB;QAC/B,OAAO,EAAE,gFAAgF;QACzF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2CAA2C;QACxD,cAAc,EAAE,yEAAyE;QACzF,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,wCAAwC;QAC9C,OAAO,EAAE,qDAAqD;QAC9D,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,gDAAgD;QAC7D,cAAc,EAAE,iEAAiE;QACjF,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,4CAA4C;QACzD,cAAc,EAAE,6DAA6D;QAC7E,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,0CAA0C;QACnD,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,qDAAqD;QAClE,cAAc,EAAE,yDAAyD;QACzE,QAAQ,EAAE,iBAAiB;KAC5B;CACF,CAAC;AAEF,6BAA6B;AAC7B,MAAM,CAAC,MAAM,kBAAkB,GAAmB;IAChD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,4BAA4B;QAClC,OAAO,EAAE,8GAA8G;QACvH,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,yDAAyD;QACtE,cAAc,EAAE,qFAAqF;QACrG,cAAc,EAAE,kCAAkC;QAClD,QAAQ,EAAE,WAAW;KACtB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,wEAAwE;QACjF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,qDAAqD;QAClE,cAAc,EAAE,uDAAuD;QACvE,QAAQ,EAAE,WAAW;KACtB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,wEAAwE;QACjF,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2DAA2D;QACxE,cAAc,EAAE,wEAAwE;QACxF,QAAQ,EAAE,WAAW;KACtB;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,2CAA2C;QACxD,cAAc,EAAE,+DAA+D;QAC/E,QAAQ,EAAE,WAAW;KACtB;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,kDAAkD;QAC/D,cAAc,EAAE,6DAA6D;QAC7E,QAAQ,EAAE,WAAW;KACtB;CACF,CAAC;AAEF,4BAA4B;AAC5B,MAAM,CAAC,MAAM,wBAAwB,GAAmB;IACtD;QACE,EAAE,EAAE,6BAA6B;QACjC,IAAI,EAAE,2BAA2B;QACjC,OAAO,EAAE,sGAAsG;QAC/G,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,2CAA2C;QACxD,cAAc,EAAE,kFAAkF;QAClG,cAAc,EAAE,wCAAwC;QACxD,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,kCAAkC;QACxC,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,mDAAmD;QAChE,cAAc,EAAE,oEAAoE;QACpF,cAAc,EAAE,wCAAwC;QACxD,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,kFAAkF;QAC3F,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,wCAAwC;QACrD,cAAc,EAAE,wEAAwE;QACxF,cAAc,EAAE,sCAAsC;QACtD,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,uBAAuB;QAC7B,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,0CAA0C;QACvD,cAAc,EAAE,mEAAmE;QACnF,cAAc,EAAE,wCAAwC;QACxD,QAAQ,EAAE,iBAAiB;KAC5B;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,oCAAoC;QAC1C,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wDAAwD;QACrE,cAAc,EAAE,4DAA4D;QAC5E,cAAc,EAAE,iCAAiC;QACjD,QAAQ,EAAE,iBAAiB;KAC5B;CACF,CAAC;AAEF,wBAAwB;AACxB,MAAM,CAAC,MAAM,kBAAkB,GAAmB;IAChD,GAAG,qBAAqB;IACxB,GAAG,wBAAwB;IAC3B,GAAG,kBAAkB;IACrB,GAAG,wBAAwB;CAC5B,CAAC"}
|
package/dist/training/index.js
CHANGED
|
@@ -235,7 +235,7 @@ export async function showTrainingStatus() {
|
|
|
235
235
|
}
|
|
236
236
|
console.log(chalk.gray(`Total certificates: ${certificates.length}\n`));
|
|
237
237
|
}
|
|
238
|
-
catch
|
|
238
|
+
catch {
|
|
239
239
|
console.log(chalk.yellow('\n⚠️ No training records found.\n'));
|
|
240
240
|
console.log(chalk.gray('Run "vlayer training" to complete the training.\n'));
|
|
241
241
|
}
|