agentic-qe
Version:
Agentic Quality Engineering Fleet System - AI-driven quality management platform
72 lines • 1.74 kB
TypeScript
/**
* Real Security Scanner Implementation
* Integrates ESLint Security, Semgrep, and NPM Audit
*/
export interface VulnerabilityFinding {
id: string;
type: 'sast' | 'dast' | 'dependency' | 'container';
severity: 'critical' | 'high' | 'medium' | 'low' | 'info';
title: string;
description: string;
location: string;
cwe?: string;
cve?: string;
cvss?: number;
remediation?: string;
references?: string[];
}
export interface ScanResult {
findings: VulnerabilityFinding[];
scanType: string;
duration: number;
success: boolean;
error?: string;
}
/**
* Real Security Scanner using actual tools
*/
export declare class RealSecurityScanner {
private workingDir;
constructor(workingDir?: string);
/**
* Run ESLint security scan
*/
runESLintScan(target: string): Promise<ScanResult>;
/**
* Run Semgrep SAST scan
*/
runSemgrepScan(target: string): Promise<ScanResult>;
/**
* Run NPM Audit scan
*/
runNPMAuditScan(): Promise<ScanResult>;
/**
* Run comprehensive security scan
*/
runComprehensiveScan(target: string): Promise<VulnerabilityFinding[]>;
/**
* Check if Semgrep is available
*/
private isSemgrepAvailable;
/**
* Map ESLint severity to our severity levels
*/
private mapESLintSeverity;
/**
* Map Semgrep severity
*/
private mapSemgrepSeverity;
/**
* Map NPM audit severity
*/
private mapNPMSeverity;
/**
* Extract CWE from ESLint rule ID
*/
private extractCWE;
/**
* Get remediation advice for ESLint rules
*/
private getESLintRemediation;
}
//# sourceMappingURL=SecurityScanner.d.ts.map