feat: add security sink detection patterns for JavaScript/TypeScript

- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations). - Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns. - Added `package-lock.json` for dependency management.
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
--- a/bench/competitors/corpus/corpus-manifest.json
+++ b/bench/competitors/corpus/corpus-manifest.json
@@ -0,0 +1,50 @@
+{
+  "version": "1.0.0",
+  "lastUpdated": "2025-12-22T00:00:00Z",
+  "images": [
+    {
+      "digest": "sha256:placeholder-alpine-3.18",
+      "imageRef": "alpine:3.18",
+      "truePositives": [],
+      "falsePositives": [],
+      "categories": ["alpine", "base"],
+      "notes": {}
+    },
+    {
+      "digest": "sha256:placeholder-debian-bookworm",
+      "imageRef": "debian:bookworm-slim",
+      "truePositives": [],
+      "falsePositives": [],
+      "categories": ["debian", "base"],
+      "notes": {}
+    },
+    {
+      "digest": "sha256:placeholder-node-20",
+      "imageRef": "node:20-alpine",
+      "truePositives": [],
+      "falsePositives": [],
+      "categories": ["alpine", "nodejs"],
+      "notes": {}
+    },
+    {
+      "digest": "sha256:placeholder-python-3.12",
+      "imageRef": "python:3.12-slim",
+      "truePositives": [],
+      "falsePositives": [],
+      "categories": ["debian", "python"],
+      "notes": {}
+    }
+  ],
+  "stats": {
+    "totalImages": 4,
+    "byCategory": {
+      "alpine": 2,
+      "debian": 2,
+      "base": 2,
+      "nodejs": 1,
+      "python": 1
+    },
+    "totalTruePositives": 0,
+    "totalFalsePositives": 0
+  }
+}