github-mcp-auto-git/dist/core/security-manager.d.ts

GitHub MCP Auto Git v3.0 - メモリ効率化・統合MCP・モジュール化完了の完全自動Git操作システム

/**
 * Security Manager - セキュリティ強化システム
 * 入力検証、トークン管理、セキュリティ監視の包括的実装
 */
export declare enum SecurityLevel {
    PUBLIC = "public",
    INTERNAL = "internal",
    CONFIDENTIAL = "confidential",
    RESTRICTED = "restricted"
}
export declare enum ThreatType {
    INJECTION = "injection",
    CREDENTIAL_LEAK = "credential_leak",
    PATH_TRAVERSAL = "path_traversal",
    COMMAND_INJECTION = "command_injection",
    UNAUTHORIZED_ACCESS = "unauthorized_access",
    DATA_EXFILTRATION = "data_exfiltration",
    MALICIOUS_PAYLOAD = "malicious_payload"
}
export interface SecurityThreat {
    type: ThreatType;
    severity: 'low' | 'medium' | 'high' | 'critical';
    description: string;
    source: string;
    payload?: string;
    recommendation: string;
}
export interface ValidationResult {
    isValid: boolean;
    threats: SecurityThreat[];
    sanitizedInput?: any;
    securityLevel: SecurityLevel;
}
export interface TokenInfo {
    value: string;
    type: 'github' | 'api_key' | 'secret' | 'other';
    permissions: string[];
    expiresAt?: Date;
    lastUsed?: Date;
    isValid: boolean;
}
export declare class SecurityManager {
    private encryptionKey;
    private securityLog;
    private readonly DANGEROUS_PATTERNS;
    private readonly ALLOWED_PATTERNS;
    constructor();
    /**
     * 包括的入力検証
     */
    validateInput(input: any, expectedType: string, securityLevel?: SecurityLevel): ValidationResult;
    /**
     * 文字列の脅威検出
     */
    private validateString;
    /**
     * オブジェクトの検証
     */
    private validateObject;
    /**
     * 高度な検証（機械学習ベースの異常検知風）
     */
    private performAdvancedValidation;
    /**
     * 文字列サニタイゼーション
     */
    private sanitizeString;
    /**
     * オブジェクトサニタイゼーション
     */
    private sanitizeObject;
    /**
     * トークン管理
     */
    validateToken(token: string, type: 'github' | 'api_key' | 'secret' | 'other'): Promise<TokenInfo>;
    /**
     * トークン形式検証
     */
    private validateTokenFormat;
    /**
     * GitHub トークン検証（実際のAPI呼び出し）
     */
    private validateGitHubToken;
    /**
     * トークン漏洩チェック
     */
    private isTokenCompromised;
    /**
     * セキュアなトークン暗号化
     */
    encryptToken(token: string): string;
    /**
     * トークン復号化
     */
    decryptToken(encryptedToken: string): string;
    /**
     * ユーティリティ関数
     */
    private generateEncryptionKey;
    private validateType;
    private calculateEntropy;
    private maskSensitiveData;
    private logSecurityEvent;
    /**
     * セキュリティレポート生成
     */
    generateSecurityReport(): {
        summary: {
            totalEvents: number;
            criticalThreats: number;
            highThreats: number;
            mediumThreats: number;
            lowThreats: number;
        };
        recentEvents: Array<{
            timestamp: Date;
            event: string;
            severity: string;
            details: any;
        }>;
        recommendations: string[];
    };
    /**
     * セキュリティログのクリーンアップ
     */
    cleanupSecurityLogs(olderThanDays?: number): number;
}
//# sourceMappingURL=security-manager.d.ts.map