vibe-guard
Version:
██ Vibe-Guard Security Scanner - 28 essential security rules to catch vulnerabilities before they catch you! Zero dependencies, instant setup, works everywhere, optimized performance. Detects SQL injection, XSS, exposed secrets, CSRF, CORS issues, contain
49 lines • 1.89 kB
TypeScript
import { BaseRule, FileContent, SecurityIssue } from '../types';
export declare class BrokenAccessControlRule extends BaseRule {
readonly name = "broken-access-control";
readonly description = "Detects missing authorization checks and insecure direct object references with context-aware analysis";
readonly severity: "high";
private readonly accessControlPatterns;
private readonly multiLineCommentPatterns;
private readonly authorizationPatterns;
private readonly falsePositivePatterns;
check(fileContent: FileContent): SecurityIssue[];
private analyzeContext;
private isSafeContext;
private isInComment;
private isInTestFile;
private isInDocumentation;
private isInDevelopment;
private hasAuthorizationChecks;
private hasAuthentication;
private isProtectedRoute;
private calculateConfidence;
private calculateSeverity;
private detectLanguage;
private detectFramework;
private isInString;
private validateProtectedRoute;
private validateDirectObjectReference;
private validateDatabaseQuery;
private validateMongoDBQuery;
private validateORMQuery;
private validateFileAccess;
private validateFileWrite;
private validateFileDeletion;
private validateDatabaseUpdate;
private validateDatabaseDeletion;
private validateMongoDBRemoval;
private validateRoleAssignment;
private validatePermissionAssignment;
private validateSessionManipulation;
private validateSessionAssignment;
private validatePHPSessionManipulation;
private validatePHPDatabaseQuery;
private validatePythonSessionManipulation;
private validatePythonORMQuery;
private validateJavaSessionManipulation;
private validateJavaRepositoryQuery;
private getLineContext;
private generateSuggestion;
}
//# sourceMappingURL=broken-access-control.d.ts.map