recoder-code/plugin-registry-service/dist/services/SecurityService.d.ts

🚀 AI-powered development platform - Chat with 32+ models, build projects, automate workflows. Free models included!

/**
 * SecurityService
 * Handles security scanning, vulnerability detection, and threat analysis
 */
/// <reference types="node" />
/// <reference types="node" />
import { Config } from '../config';
import { PackageVersion } from '../entities/PackageVersion';
export interface SecurityScanResult {
    status: 'clean' | 'warning' | 'critical';
    vulnerabilities: Vulnerability[];
    threats: Threat[];
    malware_detected: boolean;
    risk_score: number;
    scan_duration: number;
    scanner_version: string;
}
export interface Vulnerability {
    id: string;
    severity: 'low' | 'medium' | 'high' | 'critical';
    title: string;
    description: string;
    cve?: string;
    cwe?: string;
    affected_versions: string[];
    patched_versions: string[];
    recommendation: string;
    references: string[];
}
export interface Threat {
    type: 'malware' | 'backdoor' | 'typosquatting' | 'suspicious_code' | 'data_exfiltration';
    severity: 'low' | 'medium' | 'high' | 'critical';
    description: string;
    evidence: string[];
    confidence: number;
}
export interface ScanOptions {
    deep_scan?: boolean;
    check_dependencies?: boolean;
    malware_detection?: boolean;
    license_check?: boolean;
    timeout?: number;
}
export declare class SecurityService {
    private config?;
    private readonly scannerVersion;
    private readonly logger;
    constructor(config?: Config);
    scanTarball(tarballBuffer: Buffer): Promise<{
        passed: boolean;
        issues: string[];
    }>;
    scanPackage(packageBuffer: Buffer, packageVersion: PackageVersion, options?: ScanOptions): Promise<SecurityScanResult>;
    private extractPackage;
    private scanForVulnerabilities;
    private scanForMalware;
    private scanForSuspiciousPatterns;
    private scanDependencies;
    private scanLicenses;
    private checkDependencyVulnerabilities;
    private scanCodeForVulnerabilities;
    private readPackageJson;
    private getAllFiles;
    private isLikelyTyposquat;
    private isSuspiciousScript;
    private hasDataExfiltrationPatterns;
    private levenshteinDistance;
    private calculateRiskScore;
    private determineStatus;
}