UNPKG

@bobmatnyc/ai-code-review

Version:

A TypeScript-based tool for automated code reviews using AI models from Google Gemini, Anthropic Claude, and OpenRouter

37 lines (36 loc) 1.35 kB
/** * @fileoverview OWASP Dependency-Check integration for package security analysis * * This module integrates with OWASP Dependency-Check to provide comprehensive * dependency scanning and vulnerability detection for architectural and security reviews. * OWASP Dependency-Check is an open-source solution that detects publicly disclosed * vulnerabilities in project dependencies. */ /** * Interface for security analysis results */ export interface SecurityAnalysisResults { techStackReport: string; vulnerabilityReport: string; totalDependencies: number; totalVulnerabilities: number; criticalVulnerabilities: number; highVulnerabilities: number; mediumVulnerabilities: number; lowVulnerabilities: number; unmappedVulnerabilities: number; scanSuccessful: boolean; error?: string; } /** * Run security analysis with OWASP Dependency-Check * @param projectPath The path to the project * @returns Security analysis results */ export declare function analyzeSecurityWithOwasp(projectPath: string): Promise<SecurityAnalysisResults>; /** * Create a dependency security section for reviews * @param projectPath The path to the project * @returns Security information formatted for inclusion in reviews */ export declare function createOwaspSecuritySection(projectPath: string): Promise<string>;