@nodesecure/js-x-ray/dist/AstAnalyser.d.ts

JavaScript AST XRay analysis

import { type SourceParser } from "./parsers/JsSourceParser.ts";
import { type Pipeline } from "./pipelines/index.ts";
import { type Probe } from "./ProbeRunner.ts";
import { SourceFile, type SourceFlags } from "./SourceFile.ts";
import { type OptionalWarningName, type Warning } from "./warnings.ts";
import type { CollectableSet, Type } from "./CollectableSet.ts";
export type Dependency = {
    unsafe: boolean;
    inTry: boolean;
};
export interface RuntimeOptions {
    /**
     * A filesystem location for the given source code.
     */
    location?: string;
    /**
     * @default false
     */
    removeHTMLComments?: boolean;
    /**
     * @default false
     */
    isMinified?: boolean;
    initialize?: (sourceFile: SourceFile) => void;
    finalize?: (sourceFile: SourceFile) => void;
    /**
     * @default JsSourceParser
     */
    customParser?: SourceParser;
    metadata?: Record<string, unknown>;
    packageName?: string;
}
export interface Report {
    warnings: Warning[];
    flags: Set<SourceFlags>;
    idsLengthAvg: number;
    stringScore: number;
}
export type ReportOnFile = {
    ok: true;
    warnings: Warning[];
    flags: Set<SourceFlags>;
} | {
    ok: false;
    warnings: Warning[];
};
export type Sensitivity = "conservative" | "aggressive";
export interface AstAnalyserOptions {
    /**
     * @default []
     */
    customProbes?: Probe[];
    /**
     * @default false
     */
    skipDefaultProbes?: boolean;
    /**
     * @default false
     */
    optionalWarnings?: boolean | Iterable<OptionalWarningName>;
    pipelines?: Pipeline[];
    /**
     * @default []
     */
    collectables?: CollectableSet[];
    /**
     * Configures the sensitivity level for warning detection.
     *
     * - `conservative` (default): Strict detection to minimize false positives.
     *   Suitable for scanning ecosystem libraries.
     * - `aggressive`: Relaxed constraints to surface more warnings.
     *   Provides maximum visibility for local project security auditing.
     *
     * @default "conservative"
     */
    sensitivity?: Sensitivity;
}
export interface PrepareSourceOptions {
    removeHTMLComments?: boolean;
}
export declare class AstAnalyser {
    #private;
    static DefaultParser: SourceParser;
    probes: Probe[];
    constructor(options?: AstAnalyserOptions);
    analyse(str: string, options?: RuntimeOptions): Report;
    analyseFile(pathToFile: string | URL, options?: RuntimeOptions): Promise<ReportOnFile>;
    analyseFileSync(pathToFile: string | URL, options?: RuntimeOptions): ReportOnFile;
    prepareSource(source: string, options?: PrepareSourceOptions): string;
    getCollectableSet(type: Type): CollectableSet<Record<string, unknown>> | undefined;
}
//# sourceMappingURL=AstAnalyser.d.ts.map