stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: add security sink detection patterns for JavaScript/TypeScript

Browse Source 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
This commit is contained in:
StellaOps Bot
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/Gateway/StellaOps.Gateway.WebService/Authorization/EffectiveClaimsStore.cs
View File

@@ -1,6 +1,7 @@
using System.Collections.Concurrent;
using Microsoft.Extensions.Logging;
using StellaOps.Router.Common.Models;
using StellaOps.Router.Gateway.Authorization;
namespace StellaOps.Gateway.WebService.Authorization;

1
src/Gateway/StellaOps.Gateway.WebService/Authorization/IEffectiveClaimsStore.cs
View File

@@ -1,4 +1,5 @@
using StellaOps.Router.Common.Models;
using StellaOps.Router.Gateway.Authorization;
namespace StellaOps.Gateway.WebService.Authorization;

2
src/Gateway/StellaOps.Gateway.WebService/Program.cs
View File

@@ -1,6 +1,7 @@
using System.Net;
using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Options;
using StellaOps.Auth.Abstractions;
using StellaOps.Auth.ServerIntegration;
using StellaOps.Auth.Security.Dpop;
using StellaOps.Configuration;
@@ -13,6 +14,7 @@ using StellaOps.Router.Common.Abstractions;
using StellaOps.Router.Common.Models;
using StellaOps.Router.Gateway;
using StellaOps.Router.Gateway.Configuration;
using StellaOps.Router.Gateway.DependencyInjection;
using StellaOps.Router.Gateway.Middleware;
using StellaOps.Router.Gateway.OpenApi;
using StellaOps.Router.Gateway.RateLimit;

4
src/Gateway/StellaOps.Gateway.WebService/Services/GatewayHostedService.cs
View File

@@ -119,7 +119,7 @@ public sealed class GatewayHostedService : IHostedService
private void HandleTlsFrame(string connectionId, Frame frame)
{
_ = HandleFrameAsync(TransportType.Tls, connectionId, frame);
_ = HandleFrameAsync(TransportType.Certificate, connectionId, frame);
}
private void HandleTcpDisconnection(string connectionId)
@@ -434,7 +434,7 @@ public sealed class GatewayHostedService : IHostedService
return;
}
if (transportType == TransportType.Tls)
if (transportType == TransportType.Certificate)
{
_tlsServer.GetConnection(connectionId)?.Close();
}

2
src/Gateway/StellaOps.Gateway.WebService/Services/GatewayTransportClient.cs
View File

@@ -144,7 +144,7 @@ public sealed class GatewayTransportClient : ITransportClient
case TransportType.Tcp:
await _tcpServer.SendFrameAsync(connection.ConnectionId, frame, cancellationToken);
break;
case TransportType.Tls:
case TransportType.Certificate:
await _tlsServer.SendFrameAsync(connection.ConnectionId, frame, cancellationToken);
break;
default: