@ordojs/security/dist/audit/vulnerability-scanner.d.ts

Security package for OrdoJS with XSS, CSRF, and injection protection

export interface VulnerabilityReport {
    package: string;
    version: string;
    vulnerability: {
        id: string;
        title: string;
        severity: 'low' | 'medium' | 'high' | 'critical';
        description: string;
        references: string[];
        cwe?: string[];
        cvss?: {
            score: number;
            vector: string;
        };
    };
    fixAvailable: {
        available: boolean;
        version?: string;
        path?: string;
    };
    paths: string[];
}
export interface DependencyAuditResult {
    vulnerabilities: VulnerabilityReport[];
    summary: {
        total: number;
        critical: number;
        high: number;
        medium: number;
        low: number;
    };
    metadata: {
        totalDependencies: number;
        auditedAt: Date;
        tool: string;
        projectPath: string;
    };
}
export interface ScanOptions {
    projectPath: string;
    includeDevDependencies?: boolean;
    skipAuditFix?: boolean;
    auditLevel?: 'low' | 'moderate' | 'high' | 'critical';
    timeout?: number;
}
export declare class VulnerabilityScanner {
    private options;
    constructor(options: ScanOptions);
    scanDependencies(): Promise<DependencyAuditResult>;
    private runNpmAudit;
    private parseNpmAuditResult;
    private runManualAudit;
    private getKnownVulnerabilities;
    private isVersionVulnerable;
    private countDependencies;
    private calculateSummary;
    private mapSeverity;
    generateFixScript(): Promise<string>;
}
//# sourceMappingURL=vulnerability-scanner.d.ts.map