UNPKG

sicua

Version:

A tool for analyzing project structure and dependencies

github.com/sicua-labs/sicua

sicua-labs/sicua

79 lines (78 loc) 3.15 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
/** * Core vulnerability type definitions for security analysis */ export type SeverityLevel = "critical" | "high" | "medium" | "low"; export type VulnerabilityType = "hardcoded-secret" | "dangerous-eval" | "unsafe-innerhtml" | "console-logging-sensitive" | "sql-injection" | "insecure-random" | "mixed-content" | "environment-exposure" | "debug-code" | "missing-security-headers" | "insecure-cookie" | "client-storage-sensitive" | "unvalidated-redirect" | "redos-vulnerability" | "server-only-import" | "react-antipattern"; export type ConfidenceLevel = "high" | "medium" | "low"; export interface VulnerabilityLocation { line: number; column: number; endLine?: number; endColumn?: number; } export interface VulnerabilityContext { /** The exact code snippet containing the vulnerability */ code: string; /** Surrounding code context for better understanding */ surroundingContext?: string; /** Function name where vulnerability was found */ functionName?: string; /** Component name where vulnerability was found */ componentName?: string; } export interface Vulnerability { /** Unique identifier for this vulnerability instance */ id: string; /** Type of vulnerability detected */ type: VulnerabilityType; /** Severity level of the vulnerability */ severity: SeverityLevel; /** Confidence level in the detection */ confidence: ConfidenceLevel; /** Human-readable description of the vulnerability */ description: string; /** File path where vulnerability was found */ filePath: string; /** Location within the file */ location: VulnerabilityLocation; /** Code context and surrounding information */ context: VulnerabilityContext; /** Additional metadata specific to the vulnerability type */ metadata?: Record<string, unknown>; /** Timestamp when vulnerability was detected */ detectedAt: number; } export interface VulnerabilityPattern { /** Pattern identifier */ id: string; /** Regular expression or string pattern to match */ pattern: RegExp | string; /** Type of vulnerability this pattern detects */ type: VulnerabilityType; /** Severity of vulnerabilities found with this pattern */ severity: SeverityLevel; /** Description template for vulnerabilities found */ description: string; /** Confidence level for this pattern */ confidence: ConfidenceLevel; /** Whether this pattern requires additional context validation */ requiresContextValidation?: boolean; } export interface VulnerabilityRule { /** Rule identifier */ id: string; /** Human-readable rule name */ name: string; /** Rule description */ description: string; /** Vulnerability type this rule detects */ type: VulnerabilityType; /** Severity level for vulnerabilities detected by this rule */ severity: SeverityLevel; /** Patterns used by this rule */ patterns: VulnerabilityPattern[]; /** File extensions this rule applies to */ fileExtensions?: string[]; /** Whether this rule is enabled by default */ enabled: boolean; }