UNPKG

vulnzap-core

Version:

Secure AI-generated code by intercepting vulnerabilities in real-time

github.com/VulnZap/vulnzap-core

VulnZap/vulnzap-core

123 lines (122 loc) 3.12 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
interface GitHubAdvisory { id: number; ghsa_id: string; cve_id: string | null; url: string; html_url: string; repository_advisory_url: string | null; summary: string; description: string; type: string; severity: string; source_code_location: string | null; identifiers: Array<{ type: string; value: string; }>; references: string[]; published_at: string; updated_at: string; github_reviewed_at: string | null; nvd_published_at: string | null; withdrawn_at: string | null; vulnerabilities: Array<{ package: { ecosystem: string; name: string; }; first_patched_version: string | null; vulnerable_version_range: string; vulnerable_functions: string[] | null; }>; cvss: { vector_string: string; score: number; } | null; cvss_severities: { cvss_v3: { vector_string: string; score: number; } | null; cvss_v4: { vector_string: string; score: number; } | null; } | null; cwes: Array<{ cwe_id: string; name: string; }> | null; epss: Array<{ percentage: number; percentile: string; }> | null; credits: Array<{ user: { login: string; id: number; node_id: string; avatar_url: string; gravatar_id: string; url: string; html_url: string; followers_url: string; following_url: string; gists_url: string; starred_url: string; subscriptions_url: string; organizations_url: string; repos_url: string; events_url: string; received_events_url: string; type: string; site_admin: boolean; }; type: string; }> | null; } export interface VulnerabilityResult { isVulnerable: boolean; advisories?: Array<{ id: string; title: string; severity: string; cve_id?: string; description: string; source?: string; }>; fixedVersions?: string[]; message?: string; error?: string; isUnknown?: boolean; sources?: string[]; } export default class GitHubAdvisorySource { private readonly CACHE_TTL; private isInitialized; private cachePath; constructor(); initialize(): Promise<boolean>; /** * Save data to cache file * @private */ private _saveToCache; /** * Get data from cache * @private */ private _getFromCache; /** * Clear cache for specific key or all cache * @private */ private _clearCache; private makeApiRequest; getAllAdvisoriesForEcosystem(ecosystem: string): Promise<GitHubAdvisory[]>; private processAdvisoryResults; findVulnerabilities(packageName: string, version: string, ecosystem: string, options?: { refresh?: boolean; }): Promise<VulnerabilityResult>; } export {};