recoder-shared/dist/security/soc2-compliance-scanner.d.ts

Shared types, utilities, and configurations for Recoder

/**
 * SOC 2 Compliance Scanner for Generated Code
 * KILLER FEATURE: Enterprise-grade security compliance validation
 * Cursor/Copilot have NO compliance scanning - we dominate enterprise market!
 */
export interface SOC2ComplianceRule {
    id: string;
    name: string;
    category: SOC2Category;
    description: string;
    severity: ComplianceSeverity;
    check: (code: string, context: ComplianceContext) => Promise<ComplianceViolation[]>;
    remediation: string;
    references: string[];
}
export declare enum SOC2Category {
    SECURITY = "security",
    AVAILABILITY = "availability",
    PROCESSING_INTEGRITY = "processing_integrity",
    CONFIDENTIALITY = "confidentiality",
    PRIVACY = "privacy"
}
export declare enum ComplianceSeverity {
    CRITICAL = "critical",
    HIGH = "high",
    MEDIUM = "medium",
    LOW = "low",
    INFO = "info"
}
export interface ComplianceContext {
    filePath: string;
    language: string;
    framework?: string;
    environment: 'development' | 'staging' | 'production';
    dataClassification: DataClassification;
    projectType: ProjectType;
    industryStandards?: IndustryStandard[];
}
export declare enum DataClassification {
    PUBLIC = "public",
    INTERNAL = "internal",
    CONFIDENTIAL = "confidential",
    RESTRICTED = "restricted",
    PII = "pii",
    PHI = "phi",
    PCI = "pci"
}
export declare enum ProjectType {
    WEB_APPLICATION = "web_application",
    API_SERVICE = "api_service",
    DATABASE_SYSTEM = "database_system",
    PAYMENT_SYSTEM = "payment_system",
    HEALTHCARE_SYSTEM = "healthcare_system",
    FINANCIAL_SYSTEM = "financial_system",
    IOT_SYSTEM = "iot_system",
    CLOUD_INFRASTRUCTURE = "cloud_infrastructure"
}
export declare enum IndustryStandard {
    HIPAA = "hipaa",
    PCI_DSS = "pci_dss",
    GDPR = "gdpr",
    SOX = "sox",
    FISMA = "fisma",
    ISO_27001 = "iso_27001",
    NIST = "nist"
}
export interface ComplianceViolation {
    ruleId: string;
    ruleName: string;
    category: SOC2Category;
    severity: ComplianceSeverity;
    message: string;
    line: number;
    column: number;
    evidence: string;
    remediation: string;
    references: string[];
    affectedStandards?: IndustryStandard[];
    riskScore: number;
}
export interface ComplianceReport {
    summary: ComplianceSummary;
    violations: ComplianceViolation[];
    passedRules: string[];
    recommendations: ComplianceRecommendation[];
    certificateEligibility: CertificateEligibility;
    auditTrail: AuditEntry[];
    generatedAt: Date;
    scanDuration: number;
}
export interface ComplianceSummary {
    totalRules: number;
    passedRules: number;
    failedRules: number;
    criticalViolations: number;
    highViolations: number;
    mediumViolations: number;
    lowViolations: number;
    overallScore: number;
    compliancePercentage: number;
    riskLevel: RiskLevel;
}
export declare enum RiskLevel {
    VERY_LOW = "very_low",
    LOW = "low",
    MEDIUM = "medium",
    HIGH = "high",
    VERY_HIGH = "very_high"
}
export interface ComplianceRecommendation {
    type: RecommendationType;
    priority: number;
    title: string;
    description: string;
    implementation: string;
    estimatedEffort: string;
    complianceImpact: number;
}
export declare enum RecommendationType {
    CODE_CHANGE = "code_change",
    ARCHITECTURE_CHANGE = "architecture_change",
    CONFIGURATION = "configuration",
    POLICY = "policy",
    TRAINING = "training",
    MONITORING = "monitoring"
}
export interface CertificateEligibility {
    soc2Type1: boolean;
    soc2Type2: boolean;
    requiredChanges: string[];
    estimatedTimeframe: string;
    auditReadiness: number;
}
export interface AuditEntry {
    timestamp: Date;
    action: string;
    user: string;
    details: Record<string, any>;
}
export declare class SOC2ComplianceScanner {
    private rules;
    private auditTrail;
    constructor();
    private initializeRules;
    private addRule;
    scanCode(code: string, context: ComplianceContext): Promise<ComplianceReport>;
    private checkInputValidation;
    private checkSQLInjection;
    private checkAuthentication;
    private checkAuthorization;
    private checkEncryptionAtRest;
    private checkEncryptionInTransit;
    private checkErrorHandling;
    private checkRateLimiting;
    private checkDataIntegrity;
    private checkTransactionIntegrity;
    private checkPIIProtection;
    private checkDataRetention;
    private calculateSummary;
    private generateRecommendations;
    private estimateEffort;
    private assessCertificateEligibility;
    private logAudit;
    getRuleDetails(ruleId: string): SOC2ComplianceRule | null;
    getAllRules(): SOC2ComplianceRule[];
    addCustomRule(rule: SOC2ComplianceRule): void;
    removeRule(ruleId: string): boolean;
    exportReport(report: ComplianceReport, format?: 'json' | 'html' | 'pdf'): string;
    private generateHTMLReport;
}
//# sourceMappingURL=soc2-compliance-scanner.d.ts.map