whopper 0.3.2 → 0.5.0

package/dist/signatures/_types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"_types.d.ts","sourceRoot":"","sources":["../../src/signatures/_types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AACnD,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAE1C,MAAM,MAAM,KAAK,GAAG,MAAM,CAAC;AAE3B,MAAM,MAAM,IAAI,GAAG;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAChC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC;IACjB,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAChC,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;CAC7C,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B,CAAC"}
+{"version":3,"file":"_types.d.ts","sourceRoot":"","sources":["../../src/signatures/_types.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AACnD,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAE1C,MAAM,MAAM,KAAK,GAAG,MAAM,CAAC;AAE3B,MAAM,MAAM,IAAI,GAAG;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAChC,MAAM,CAAC,EAAE,KAAK,EAAE,CAAC;IACjB,IAAI,CAAC,EAAE,KAAK,EAAE,CAAC;IACf,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAChC,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;IAG5C,2BAA2B,CAAC,EAAE,MAAM,EAAE,CAAC;CACxC,CAAC;AAEF,MAAM,MAAM,UAAU,GAAG;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,KAAK,CAAC;IACjB,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,IAAI,CAAC,EAAE,IAAI,CAAC;IACZ,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B,CAAC"}

package/dist/signatures/signatures.test.js

@@ -1,5 +1,7 @@
 import { describe, it, expect } from "vitest";
 import { signatures } from "./index.js";
+import { isRelativePath } from "../browser/active_scan.js";
+const VALID_CONFIDENCES = ["high", "medium", "low"];
 describe("signatures validation", () => {
     describe("required fields", () => {
         it("all signatures should have a non-empty name", () => {
@@ -18,10 +20,9 @@ describe("signatures validation", () => {
     });
     describe("confidence values", () => {
         it("all rules should have valid confidence values", () => {
-            const validConfidences = ["high", "medium", "low"];
             for (const sig of signatures) {
                 if (sig.rule) {
-                    expect(validConfidences, `Invalid confidence "${sig.rule.confidence}" in ${sig.name}`).toContain(sig.rule.confidence);
+                    expect(VALID_CONFIDENCES, `Invalid confidence "${sig.rule.confidence}" in ${sig.name}`).toContain(sig.rule.confidence);
                 }
             }
         });
@@ -81,6 +82,27 @@ describe("signatures validation", () => {
                 }
             }
         });
+        it("all activeRules bodyRegex patterns should be valid regex", () => {
+            for (const sig of signatures) {
+                if (sig.activeRules) {
+                    for (const [i, rule] of sig.activeRules.entries()) {
+                        testRegex(rule.bodyRegex, sig.name, `activeRules[${i}].bodyRegex`);
+                    }
+                }
+            }
+        });
+        it("all activeRules paths should be relative", () => {
+            for (const sig of signatures) {
+                if (!sig.activeRules)
+                    continue;
+                for (const [i, rule] of sig.activeRules.entries()) {
+                    expect(isRelativePath(rule.path), `${sig.name}.activeRules[${i}].path must be relative: "${rule.path}"`).toBe(true);
+                    if (rule.confidence) {
+                        expect(VALID_CONFIDENCES, `Invalid confidence in ${sig.name}.activeRules[${i}]`).toContain(rule.confidence);
+                    }
+                }
+            }
+        });
         it("all javascriptVariables patterns should be valid regex", () => {
             for (const sig of signatures) {
                 if (sig.rule?.javascriptVariables) {

package/dist/signatures/signatures.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"signatures.test.js","sourceRoot":"","sources":["../../src/signatures/signatures.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAExC,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;YACrD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,wBAAwB,CAAC,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,0BAA0B,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAC7B,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,KAAK,CAC/C,CAAC;YACF,MAAM,CACJ,UAAU,EACV,8BAA8B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtD,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YACnD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACb,MAAM,CACJ,gBAAgB,EAChB,uBAAuB,GAAG,CAAC,IAAI,CAAC,UAAU,QAAQ,GAAG,CAAC,IAAI,EAAE,CAC7D,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,MAAM,aAAa,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC3C,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;oBAChB,MAAM,CACJ,aAAa,EACb,oBAAoB,GAAG,CAAC,OAAO,QAAQ,GAAG,CAAC,IAAI,EAAE,CAClD,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,MAAM,SAAS,GAAG,CAAC,OAAe,EAAE,OAAe,EAAE,KAAa,EAAE,EAAE;YACpE,IAAI,CAAC;gBACH,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAC3B,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CACb,oBAAoB,OAAO,IAAI,KAAK,MAAM,OAAO,GAAG,CACrD,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;oBACtB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACjE,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,WAAW,MAAM,EAAE,CAAC,CAAC;oBACpD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC;oBACrB,KAAK,MAAM,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;wBACtC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;oBACzC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;oBACnB,KAAK,MAAM,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;wBACpC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;oBACtB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACjE,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,WAAW,MAAM,EAAE,CAAC,CAAC;oBACpD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;oBAClC,KAAK,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAC7C,GAAG,CAAC,IAAI,CAAC,mBAAmB,CAC7B,EAAE,CAAC;wBACF,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,uBAAuB,OAAO,EAAE,CAAC,CAAC;oBACjE,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YACxD,MAAM,WAAW,GAAa,EAAE,CAAC;YAEjC,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;oBACzB,KAAK,MAAM,OAAO,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;wBAC3C,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;4BAC3B,WAAW,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,OAAO,OAAO,EAAE,CAAC,CAAC;wBAChD,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,CACJ,WAAW,EACX,wCAAwC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qEAAqE,EAAE,GAAG,EAAE;YAC7E,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACb,MAAM,kBAAkB,GACtB,GAAG,CAAC,IAAI,CAAC,OAAO;wBAChB,GAAG,CAAC,IAAI,CAAC,MAAM;wBACf,GAAG,CAAC,IAAI,CAAC,IAAI;wBACb,GAAG,CAAC,IAAI,CAAC,OAAO;wBAChB,GAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC;oBAE/B,MAAM,CACJ,kBAAkB,EAClB,GAAG,GAAG,CAAC,IAAI,qCAAqC,CACjD,CAAC,UAAU,EAAE,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,UAAU,GAAG,+CAA+C,CAAC;YACnE,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;oBACZ,MAAM,CACJ,GAAG,CAAC,GAAG,EACP,yBAAyB,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,GAAG,GAAG,CAClD,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"signatures.test.js","sourceRoot":"","sources":["../../src/signatures/signatures.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,cAAc,EAAE,MAAM,2BAA2B,CAAC;AAE3D,MAAM,iBAAiB,GAAG,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;AAEpD,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;YACrD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,MAAM,CAAC,GAAG,CAAC,IAAI,EAAE,wBAAwB,CAAC,CAAC,WAAW,EAAE,CAAC;gBACzD,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,0BAA0B,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzE,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE;YAC9C,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAC7B,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,KAAK,CAC/C,CAAC;YACF,MAAM,CACJ,UAAU,EACV,8BAA8B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACtD,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACb,MAAM,CACJ,iBAAiB,EACjB,uBAAuB,GAAG,CAAC,IAAI,CAAC,UAAU,QAAQ,GAAG,CAAC,IAAI,EAAE,CAC7D,CAAC,SAAS,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACnC,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,MAAM,aAAa,GAAG,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC3C,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;oBAChB,MAAM,CACJ,aAAa,EACb,oBAAoB,GAAG,CAAC,OAAO,QAAQ,GAAG,CAAC,IAAI,EAAE,CAClD,CAAC,SAAS,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,MAAM,SAAS,GAAG,CAAC,OAAe,EAAE,OAAe,EAAE,KAAa,EAAE,EAAE;YACpE,IAAI,CAAC;gBACH,IAAI,MAAM,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;YAC3B,CAAC;YAAC,MAAM,CAAC;gBACP,MAAM,IAAI,KAAK,CACb,oBAAoB,OAAO,IAAI,KAAK,MAAM,OAAO,GAAG,CACrD,CAAC;YACJ,CAAC;QACH,CAAC,CAAC;QAEF,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;oBACtB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACjE,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,WAAW,MAAM,EAAE,CAAC,CAAC;oBACpD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,CAAC;oBACrB,KAAK,MAAM,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;wBACtC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;oBACzC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;YAChD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC;oBACnB,KAAK,MAAM,OAAO,IAAI,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;wBACpC,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC;oBACtB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBACjE,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,WAAW,MAAM,EAAE,CAAC,CAAC;oBACpD,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0DAA0D,EAAE,GAAG,EAAE;YAClE,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,WAAW,EAAE,CAAC;oBACpB,KAAK,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;wBAClD,SAAS,CAAC,IAAI,CAAC,SAAS,EAAE,GAAG,CAAC,IAAI,EAAE,eAAe,CAAC,aAAa,CAAC,CAAC;oBACrE,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,CAAC,GAAG,CAAC,WAAW;oBAAE,SAAS;gBAC/B,KAAK,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,GAAG,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,CAAC;oBAClD,MAAM,CACJ,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EACzB,GAAG,GAAG,CAAC,IAAI,gBAAgB,CAAC,6BAA6B,IAAI,CAAC,IAAI,GAAG,CACtE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACb,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;wBACpB,MAAM,CACJ,iBAAiB,EACjB,yBAAyB,GAAG,CAAC,IAAI,gBAAgB,CAAC,GAAG,CACtD,CAAC,SAAS,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;oBAC/B,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wDAAwD,EAAE,GAAG,EAAE;YAChE,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,mBAAmB,EAAE,CAAC;oBAClC,KAAK,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAC7C,GAAG,CAAC,IAAI,CAAC,mBAAmB,CAC7B,EAAE,CAAC;wBACF,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,IAAI,EAAE,uBAAuB,OAAO,EAAE,CAAC,CAAC;oBACjE,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;QACjC,EAAE,CAAC,8CAA8C,EAAE,GAAG,EAAE;YACtD,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YACxD,MAAM,WAAW,GAAa,EAAE,CAAC;YAEjC,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;oBACzB,KAAK,MAAM,OAAO,IAAI,GAAG,CAAC,gBAAgB,EAAE,CAAC;wBAC3C,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC;4BAC3B,WAAW,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,OAAO,OAAO,EAAE,CAAC,CAAC;wBAChD,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;YAED,MAAM,CACJ,WAAW,EACX,wCAAwC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACjE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;YACvD,MAAM,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC;QACjD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qEAAqE,EAAE,GAAG,EAAE;YAC7E,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;oBACb,MAAM,kBAAkB,GACtB,GAAG,CAAC,IAAI,CAAC,OAAO;wBAChB,GAAG,CAAC,IAAI,CAAC,MAAM;wBACf,GAAG,CAAC,IAAI,CAAC,IAAI;wBACb,GAAG,CAAC,IAAI,CAAC,OAAO;wBAChB,GAAG,CAAC,IAAI,CAAC,mBAAmB,CAAC;oBAE/B,MAAM,CACJ,kBAAkB,EAClB,GAAG,GAAG,CAAC,IAAI,qCAAqC,CACjD,CAAC,UAAU,EAAE,CAAC;gBACjB,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;QAC1B,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,UAAU,GAAG,+CAA+C,CAAC;YACnE,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;gBAC7B,IAAI,GAAG,CAAC,GAAG,EAAE,CAAC;oBACZ,MAAM,CACJ,GAAG,CAAC,GAAG,EACP,yBAAyB,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,GAAG,GAAG,CAClD,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBACxB,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/signatures/technologies/lodash.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"lodash.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/lodash.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,eAAO,MAAM,eAAe,EAAE,SAc7B,CAAC"}
+{"version":3,"file":"lodash.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/lodash.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,eAAO,MAAM,eAAe,EAAE,SAe7B,CAAC"}

package/dist/signatures/technologies/lodash.js

@@ -10,6 +10,7 @@ export const lodashSignature = {
             "_.differenceBy": "",
             "_.templateSettings.imports._.templateSettings.imports._.VERSION": "(.+)",
         },
+        requiredJavascriptVariables: ["_.differenceBy"],
     },
 };
 //# sourceMappingURL=lodash.js.map

package/dist/signatures/technologies/lodash.js.map

@@ -1 +1 @@
-{"version":3,"file":"lodash.js","sourceRoot":"","sources":["../../../src/signatures/technologies/lodash.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,eAAe,GAAc;IACxC,IAAI,EAAE,QAAQ;IACd,WAAW,EACT,yIAAyI;IAC3I,GAAG,EAAE,sBAAsB;IAC3B,IAAI,EAAE;QACJ,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,CAAC,eAAe,CAAC;QACvB,mBAAmB,EAAE;YACnB,WAAW,EAAE,MAAM;YACnB,gBAAgB,EAAE,EAAE;YACpB,iEAAiE,EAAE,MAAM;SAC1E;KACF;CACF,CAAC"}
+{"version":3,"file":"lodash.js","sourceRoot":"","sources":["../../../src/signatures/technologies/lodash.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,eAAe,GAAc;IACxC,IAAI,EAAE,QAAQ;IACd,WAAW,EACT,yIAAyI;IAC3I,GAAG,EAAE,sBAAsB;IAC3B,IAAI,EAAE;QACJ,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,CAAC,eAAe,CAAC;QACvB,mBAAmB,EAAE;YACnB,WAAW,EAAE,MAAM;YACnB,gBAAgB,EAAE,EAAE;YACpB,iEAAiE,EAAE,MAAM;SAC1E;QACD,2BAA2B,EAAE,CAAC,gBAAgB,CAAC;KAChD;CACF,CAAC"}

package/dist/signatures/technologies/lodash.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=lodash.test.d.ts.map

package/dist/signatures/technologies/lodash.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lodash.test.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/lodash.test.ts"],"names":[],"mappings":""}

package/dist/signatures/technologies/lodash.test.js

@@ -0,0 +1,104 @@
+import { describe, it, expect } from "vitest";
+import { applySignature } from "../../analyzer/apply.js";
+import { lodashSignature } from "./lodash.js";
+function createMockContext(overrides = {}) {
+    return {
+        browser: {},
+        page: {},
+        urls: [],
+        responses: [],
+        cookies: [],
+        javascriptVariables: {},
+        timeoutMs: 30000,
+        timeoutOccurred: false,
+        ...overrides,
+    };
+}
+function createMockResponse(overrides = {}) {
+    return {
+        url: "https://example.com",
+        host: "example.com",
+        isFirstParty: true,
+        status: 200,
+        headers: {},
+        body: "",
+        ...overrides,
+    };
+}
+describe("lodashSignature", () => {
+    describe("URL matching", () => {
+        it("should detect Lodash from CDN URL", () => {
+            const context = createMockContext({
+                responses: [
+                    createMockResponse({
+                        url: "https://cdn.example.com/libs/lodash/4.17.21/lodash.min.js",
+                    }),
+                ],
+            });
+            const result = applySignature(context, lodashSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.[0]?.type).toBe("url");
+        });
+        it("should detect Lodash from filename", () => {
+            const context = createMockContext({
+                responses: [
+                    createMockResponse({
+                        url: "https://example.com/js/lodash.min.js",
+                    }),
+                ],
+            });
+            const result = applySignature(context, lodashSignature);
+            expect(result).toBeDefined();
+        });
+    });
+    describe("JavaScript variable matching", () => {
+        it("should detect Lodash when _.VERSION and _.differenceBy are present", () => {
+            const context = createMockContext({
+                javascriptVariables: {
+                    "_.VERSION": "4.17.21",
+                    "_.differenceBy": "function",
+                },
+            });
+            const result = applySignature(context, lodashSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.some((e) => e.version === "4.17.21")).toBe(true);
+        });
+        it("should not detect Lodash when only _.VERSION is present", () => {
+            const context = createMockContext({
+                javascriptVariables: {
+                    "_.VERSION": "4.17.21",
+                },
+            });
+            const result = applySignature(context, lodashSignature);
+            expect(result).toBeUndefined();
+        });
+        it("should detect Lodash with version when URL matches and only _.VERSION is present", () => {
+            const context = createMockContext({
+                responses: [
+                    createMockResponse({
+                        url: "https://example.com/js/lodash.min.js",
+                    }),
+                ],
+                javascriptVariables: {
+                    "_.VERSION": "4.17.21",
+                },
+            });
+            const result = applySignature(context, lodashSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.some((e) => e.type === "url")).toBe(true);
+            expect(result?.evidences?.some((e) => e.type === "script" && e.version === "4.17.21")).toBe(true);
+        });
+        it("should detect Lodash from templateSettings path", () => {
+            const context = createMockContext({
+                javascriptVariables: {
+                    "_.templateSettings.imports._.templateSettings.imports._.VERSION": "4.17.21",
+                    "_.differenceBy": "function",
+                },
+            });
+            const result = applySignature(context, lodashSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.some((e) => e.version === "4.17.21")).toBe(true);
+        });
+    });
+});
+//# sourceMappingURL=lodash.test.js.map

package/dist/signatures/technologies/lodash.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lodash.test.js","sourceRoot":"","sources":["../../../src/signatures/technologies/lodash.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAEzD,OAAO,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE9C,SAAS,iBAAiB,CACxB,YAEI,EAAE;IAEN,OAAO;QACL,OAAO,EAAE,EAAwB;QACjC,IAAI,EAAE,EAAqB;QAC3B,IAAI,EAAE,EAAE;QACR,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,mBAAmB,EAAE,EAAE;QACvB,SAAS,EAAE,KAAK;QAChB,eAAe,EAAE,KAAK;QACtB,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,YAA+B,EAAE;IAC3D,OAAO;QACL,GAAG,EAAE,qBAAqB;QAC1B,IAAI,EAAE,aAAa;QACnB,YAAY,EAAE,IAAI;QAClB,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,EAAE;QACX,IAAI,EAAE,EAAE;QACR,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAC/B,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,SAAS,EAAE;oBACT,kBAAkB,CAAC;wBACjB,GAAG,EAAE,2DAA2D;qBACjE,CAAC;iBACH;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,SAAS,EAAE;oBACT,kBAAkB,CAAC;wBACjB,GAAG,EAAE,sCAAsC;qBAC5C,CAAC;iBACH;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;QAC/B,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,EAAE,CAAC,oEAAoE,EAAE,GAAG,EAAE;YAC5E,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,mBAAmB,EAAE;oBACnB,WAAW,EAAE,SAAS;oBACtB,gBAAgB,EAAE,UAAU;iBAC7B;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yDAAyD,EAAE,GAAG,EAAE;YACjE,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,mBAAmB,EAAE;oBACnB,WAAW,EAAE,SAAS;iBACvB;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC;QACjC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kFAAkF,EAAE,GAAG,EAAE;YAC1F,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,SAAS,EAAE;oBACT,kBAAkB,CAAC;wBACjB,GAAG,EAAE,sCAAsC;qBAC5C,CAAC;iBACH;gBACD,mBAAmB,EAAE;oBACnB,WAAW,EAAE,SAAS;iBACvB;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpE,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpG,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,mBAAmB,EAAE;oBACnB,iEAAiE,EAC/D,SAAS;oBACX,gBAAgB,EAAE,UAAU;iBAC7B;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,eAAe,CAAC,CAAC;YACxD,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/signatures/technologies/magento.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"magento.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/magento.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAI9C,eAAO,MAAM,gBAAgB,EAAE,SA0B9B,CAAC"}
+{"version":3,"file":"magento.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/magento.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAI9C,eAAO,MAAM,gBAAgB,EAAE,SAgC9B,CAAC"}

package/dist/signatures/technologies/magento.js

@@ -25,6 +25,12 @@ export const magentoSignature = {
             VarienForm: "",
         },
     },
+    activeRules: [
+        {
+            path: "/magento_version",
+            bodyRegex: "^Magento/(\\S+)",
+        },
+    ],
     impliedSoftwares: [phpSignature.name, mysqlSignature.name],
 };
 //# sourceMappingURL=magento.js.map

package/dist/signatures/technologies/magento.js.map

@@ -1 +1 @@
-{"version":3,"file":"magento.js","sourceRoot":"","sources":["../../../src/signatures/technologies/magento.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,CAAC,MAAM,gBAAgB,GAAc;IACzC,IAAI,EAAE,SAAS;IACf,WAAW,EAAE,8DAA8D;IAC3E,GAAG,EAAE,wBAAwB;IAC7B,IAAI,EAAE;QACJ,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,CAAC,SAAS,EAAE,mBAAmB,EAAE,gBAAgB,CAAC;QACxD,MAAM,EAAE;YACN,+CAA+C;YAC/C,qBAAqB;YACrB,8BAA8B;SAC/B;QACD,OAAO,EAAE;YACP,gBAAgB,EAAE,IAAI;YACtB,QAAQ,EAAE,IAAI;YACd,oBAAoB,EAAE,IAAI;YAC1B,yCAAyC,EAAE,IAAI;YAC/C,+BAA+B,EAAE,IAAI;YACrC,0BAA0B,EAAE,IAAI;SACjC;QACD,mBAAmB,EAAE;YACnB,IAAI,EAAE,EAAE;YACR,UAAU,EAAE,EAAE;SACf;KACF;IACD,gBAAgB,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,CAAC,IAAI,CAAC;CAC3D,CAAC"}
+{"version":3,"file":"magento.js","sourceRoot":"","sources":["../../../src/signatures/technologies/magento.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAC5C,OAAO,EAAE,YAAY,EAAE,MAAM,UAAU,CAAC;AAExC,MAAM,CAAC,MAAM,gBAAgB,GAAc;IACzC,IAAI,EAAE,SAAS;IACf,WAAW,EAAE,8DAA8D;IAC3E,GAAG,EAAE,wBAAwB;IAC7B,IAAI,EAAE;QACJ,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,CAAC,SAAS,EAAE,mBAAmB,EAAE,gBAAgB,CAAC;QACxD,MAAM,EAAE;YACN,+CAA+C;YAC/C,qBAAqB;YACrB,8BAA8B;SAC/B;QACD,OAAO,EAAE;YACP,gBAAgB,EAAE,IAAI;YACtB,QAAQ,EAAE,IAAI;YACd,oBAAoB,EAAE,IAAI;YAC1B,yCAAyC,EAAE,IAAI;YAC/C,+BAA+B,EAAE,IAAI;YACrC,0BAA0B,EAAE,IAAI;SACjC;QACD,mBAAmB,EAAE;YACnB,IAAI,EAAE,EAAE;YACR,UAAU,EAAE,EAAE;SACf;KACF;IACD,WAAW,EAAE;QACX;YACE,IAAI,EAAE,kBAAkB;YACxB,SAAS,EAAE,iBAAiB;SAC7B;KACF;IACD,gBAAgB,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,cAAc,CAAC,IAAI,CAAC;CAC3D,CAAC"}

package/dist/signatures/technologies/magento.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=magento.test.d.ts.map

package/dist/signatures/technologies/magento.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"magento.test.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/magento.test.ts"],"names":[],"mappings":""}

package/dist/signatures/technologies/magento.test.js

@@ -0,0 +1,28 @@
+import { describe, it, expect } from "vitest";
+import { matchString } from "../../analyzer/match.js";
+import { magentoSignature } from "./magento.js";
+describe("magentoSignature", () => {
+    describe("activeRules", () => {
+        it("defines a /magento_version probe", () => {
+            expect(magentoSignature.activeRules).toHaveLength(1);
+            expect(magentoSignature.activeRules?.[0]?.path).toBe("/magento_version");
+        });
+        it("extracts version from 'Magento/2.4 (Community)'", () => {
+            const rule = magentoSignature.activeRules[0];
+            const result = matchString("Magento/2.4 (Community)", rule.bodyRegex);
+            expect(result.hit).toBe(true);
+            expect(result.version).toBe("2.4");
+        });
+        it("extracts version from 'Magento/2.4.6'", () => {
+            const rule = magentoSignature.activeRules[0];
+            const result = matchString("Magento/2.4.6", rule.bodyRegex);
+            expect(result.hit).toBe(true);
+            expect(result.version).toBe("2.4.6");
+        });
+        it("does not match unrelated responses", () => {
+            const rule = magentoSignature.activeRules[0];
+            expect(matchString("<html>not magento</html>", rule.bodyRegex).hit).toBe(false);
+        });
+    });
+});
+//# sourceMappingURL=magento.test.js.map

package/dist/signatures/technologies/magento.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"magento.test.js","sourceRoot":"","sources":["../../../src/signatures/technologies/magento.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAEhD,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,CAAC,gBAAgB,CAAC,WAAW,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;YACrD,MAAM,CAAC,gBAAgB,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;QAC3E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iDAAiD,EAAE,GAAG,EAAE;YACzD,MAAM,IAAI,GAAG,gBAAgB,CAAC,WAAY,CAAC,CAAC,CAAE,CAAC;YAC/C,MAAM,MAAM,GAAG,WAAW,CAAC,yBAAyB,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;YACtE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC9B,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACrC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,IAAI,GAAG,gBAAgB,CAAC,WAAY,CAAC,CAAC,CAAE,CAAC;YAC/C,MAAM,MAAM,GAAG,WAAW,CAAC,eAAe,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5D,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC9B,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACvC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,IAAI,GAAG,gBAAgB,CAAC,WAAY,CAAC,CAAC,CAAE,CAAC;YAC/C,MAAM,CAAC,WAAW,CAAC,0BAA0B,EAAE,IAAI,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CACtE,KAAK,CACN,CAAC;QACJ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/signatures/technologies/underscore_js.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"underscore_js.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/underscore_js.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,eAAO,MAAM,qBAAqB,EAAE,SAYnC,CAAC"}
+{"version":3,"file":"underscore_js.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/underscore_js.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAE9C,eAAO,MAAM,qBAAqB,EAAE,SAcnC,CAAC"}

package/dist/signatures/technologies/underscore_js.js

@@ -1,6 +1,7 @@
 export const underscoreJsSignature = {
     name: "Underscore.js",
     description: "Underscore.js is a JavaScript library which provides utility functions for common programming tasks. It is comparable to features provided by Prototype.js and the Ruby language, but opts for a functional programming design instead of extending object prototypes.",
+    cpe: "cpe:/a:underscorejs:underscore",
     rule: {
         confidence: "high",
         urls: ["underscore.*\\.js(?:\\?ver=([\\d.]+))?"],
@@ -8,6 +9,7 @@ export const underscoreJsSignature = {
             "_.VERSION": "^(.+)$",
             "_.restArguments": "",
         },
+        requiredJavascriptVariables: ["_.restArguments"],
     },
 };
 //# sourceMappingURL=underscore_js.js.map

package/dist/signatures/technologies/underscore_js.js.map

@@ -1 +1 @@
-{"version":3,"file":"underscore_js.js","sourceRoot":"","sources":["../../../src/signatures/technologies/underscore_js.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,qBAAqB,GAAc;IAC9C,IAAI,EAAE,eAAe;IACrB,WAAW,EACT,wQAAwQ;IAC1Q,IAAI,EAAE;QACJ,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,CAAC,wCAAwC,CAAC;QAChD,mBAAmB,EAAE;YACnB,WAAW,EAAE,QAAQ;YACrB,iBAAiB,EAAE,EAAE;SACtB;KACF;CACF,CAAC"}
+{"version":3,"file":"underscore_js.js","sourceRoot":"","sources":["../../../src/signatures/technologies/underscore_js.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,qBAAqB,GAAc;IAC9C,IAAI,EAAE,eAAe;IACrB,WAAW,EACT,wQAAwQ;IAC1Q,GAAG,EAAE,gCAAgC;IACrC,IAAI,EAAE;QACJ,UAAU,EAAE,MAAM;QAClB,IAAI,EAAE,CAAC,wCAAwC,CAAC;QAChD,mBAAmB,EAAE;YACnB,WAAW,EAAE,QAAQ;YACrB,iBAAiB,EAAE,EAAE;SACtB;QACD,2BAA2B,EAAE,CAAC,iBAAiB,CAAC;KACjD;CACF,CAAC"}

package/dist/signatures/technologies/underscore_js.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=underscore_js.test.d.ts.map

package/dist/signatures/technologies/underscore_js.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"underscore_js.test.d.ts","sourceRoot":"","sources":["../../../src/signatures/technologies/underscore_js.test.ts"],"names":[],"mappings":""}

package/dist/signatures/technologies/underscore_js.test.js

@@ -0,0 +1,94 @@
+import { describe, it, expect } from "vitest";
+import { applySignature } from "../../analyzer/apply.js";
+import { underscoreJsSignature } from "./underscore_js.js";
+function createMockContext(overrides = {}) {
+    return {
+        browser: {},
+        page: {},
+        urls: [],
+        responses: [],
+        cookies: [],
+        javascriptVariables: {},
+        timeoutMs: 30000,
+        timeoutOccurred: false,
+        ...overrides,
+    };
+}
+function createMockResponse(overrides = {}) {
+    return {
+        url: "https://example.com",
+        host: "example.com",
+        isFirstParty: true,
+        status: 200,
+        headers: {},
+        body: "",
+        ...overrides,
+    };
+}
+describe("underscoreJsSignature", () => {
+    describe("URL matching", () => {
+        it("should detect Underscore.js from CDN URL", () => {
+            const context = createMockContext({
+                responses: [
+                    createMockResponse({
+                        url: "https://cdn.example.com/libs/underscore.min.js",
+                    }),
+                ],
+            });
+            const result = applySignature(context, underscoreJsSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.[0]?.type).toBe("url");
+        });
+        it("should detect Underscore.js with version from query parameter", () => {
+            const context = createMockContext({
+                responses: [
+                    createMockResponse({
+                        url: "https://example.com/js/underscore.min.js?ver=1.13.6",
+                    }),
+                ],
+            });
+            const result = applySignature(context, underscoreJsSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.some((e) => e.version === "1.13.6")).toBe(true);
+        });
+    });
+    describe("JavaScript variable matching", () => {
+        it("should detect Underscore.js when _.VERSION and _.restArguments are present", () => {
+            const context = createMockContext({
+                javascriptVariables: {
+                    "_.VERSION": "1.13.6",
+                    "_.restArguments": "function",
+                },
+            });
+            const result = applySignature(context, underscoreJsSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.some((e) => e.version === "1.13.6")).toBe(true);
+        });
+        it("should detect Underscore.js with version when URL matches and only _.VERSION is present", () => {
+            const context = createMockContext({
+                responses: [
+                    createMockResponse({
+                        url: "https://example.com/js/underscore.min.js",
+                    }),
+                ],
+                javascriptVariables: {
+                    "_.VERSION": "1.13.6",
+                },
+            });
+            const result = applySignature(context, underscoreJsSignature);
+            expect(result).toBeDefined();
+            expect(result?.evidences?.some((e) => e.type === "url")).toBe(true);
+            expect(result?.evidences?.some((e) => e.type === "script" && e.version === "1.13.6")).toBe(true);
+        });
+        it("should not detect Underscore.js when only _.VERSION is present", () => {
+            const context = createMockContext({
+                javascriptVariables: {
+                    "_.VERSION": "1.13.6",
+                },
+            });
+            const result = applySignature(context, underscoreJsSignature);
+            expect(result).toBeUndefined();
+        });
+    });
+});
+//# sourceMappingURL=underscore_js.test.js.map

package/dist/signatures/technologies/underscore_js.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"underscore_js.test.js","sourceRoot":"","sources":["../../../src/signatures/technologies/underscore_js.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AAEzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAE3D,SAAS,iBAAiB,CACxB,YAEI,EAAE;IAEN,OAAO;QACL,OAAO,EAAE,EAAwB;QACjC,IAAI,EAAE,EAAqB;QAC3B,IAAI,EAAE,EAAE;QACR,SAAS,EAAE,EAAE;QACb,OAAO,EAAE,EAAE;QACX,mBAAmB,EAAE,EAAE;QACvB,SAAS,EAAE,KAAK;QAChB,eAAe,EAAE,KAAK;QACtB,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,YAA+B,EAAE;IAC3D,OAAO;QACL,GAAG,EAAE,qBAAqB;QAC1B,IAAI,EAAE,aAAa;QACnB,YAAY,EAAE,IAAI;QAClB,MAAM,EAAE,GAAG;QACX,OAAO,EAAE,EAAE;QACX,IAAI,EAAE,EAAE;QACR,GAAG,SAAS;KACb,CAAC;AACJ,CAAC;AAED,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,SAAS,EAAE;oBACT,kBAAkB,CAAC;wBACjB,GAAG,EAAE,gDAAgD;qBACtD,CAAC;iBACH;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;YAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,+DAA+D,EAAE,GAAG,EAAE;YACvE,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,SAAS,EAAE;oBACT,kBAAkB,CAAC;wBACjB,GAAG,EAAE,qDAAqD;qBAC3D,CAAC;iBACH;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;YAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,EAAE,CAAC,4EAA4E,EAAE,GAAG,EAAE;YACpF,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,mBAAmB,EAAE;oBACnB,WAAW,EAAE,QAAQ;oBACrB,iBAAiB,EAAE,UAAU;iBAC9B;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;YAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yFAAyF,EAAE,GAAG,EAAE;YACjG,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,SAAS,EAAE;oBACT,kBAAkB,CAAC;wBACjB,GAAG,EAAE,0CAA0C;qBAChD,CAAC;iBACH;gBACD,mBAAmB,EAAE;oBACnB,WAAW,EAAE,QAAQ;iBACtB;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;YAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;YAC7B,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACpE,MAAM,CAAC,MAAM,EAAE,SAAS,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnG,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gEAAgE,EAAE,GAAG,EAAE;YACxE,MAAM,OAAO,GAAG,iBAAiB,CAAC;gBAChC,mBAAmB,EAAE;oBACnB,WAAW,EAAE,QAAQ;iBACtB;aACF,CAAC,CAAC;YAEH,MAAM,MAAM,GAAG,cAAc,CAAC,OAAO,EAAE,qBAAqB,CAAC,CAAC;YAC9D,MAAM,CAAC,MAAM,CAAC,CAAC,aAAa,EAAE,CAAC;QACjC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "whopper",
-  "version": "0.3.2",
+  "version": "0.5.0",
   "description": "Whopper is a CLI tool that discovers and detects web technologies used on websites.",
   "scripts": {
     "build": "tsc -p tsconfig.json",