agentsqripts
Version:
Comprehensive static code analysis toolkit for identifying technical debt, security vulnerabilities, performance issues, and code quality problems
38 lines (32 loc) • 908 B
JavaScript
/**
* @file Security score calculator
* @description Calculates security score (0-100, higher is more secure)
*/
/**
* Calculates security score (0-100, higher is more secure)
* @param {Array<Object>} vulnerabilities - List of vulnerabilities
* @param {string} content - File content for context
* @returns {number} Security score
*/
function calculateSecurityScore(vulnerabilities, content) {
let score = 100;
const severityPenalties = {
CRITICAL: 25,
HIGH: 15,
MEDIUM: 8,
LOW: 3
};
vulnerabilities.forEach(vuln => {
score -= severityPenalties[vuln.severity] || 5;
});
// Additional context-based penalties
const fileSize = content.length;
if (fileSize < 500) {
// Small files with vulnerabilities are worse
score -= vulnerabilities.length * 2;
}
return Math.max(0, Math.min(100, score));
}
module.exports = {
calculateSecurityScore
};