stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: add security sink detection patterns for JavaScript/TypeScript

Browse Source 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
This commit is contained in:
StellaOps Bot
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
src/Scanner/__Libraries/StellaOps.Scanner.Storage.Oci/OciAnnotations.cs
View File

@@ -14,4 +14,46 @@ public static class OciAnnotations
public const string StellaAfterDigest = "org.stellaops.delta.after.digest";
public const string StellaSbomDigest = "org.stellaops.sbom.digest";
public const string StellaVerdictDigest = "org.stellaops.verdict.digest";
// Sprint: SPRINT_4300_0001_0001 - OCI Verdict Attestation Push
/// <summary>
/// The final decision (pass, warn, block) for the verdict.
/// </summary>
public const string StellaVerdictDecision = "org.stellaops.verdict.decision";
/// <summary>
/// Digest of the feeds snapshot used for vulnerability matching.
/// </summary>
public const string StellaFeedsDigest = "org.stellaops.feeds.digest";
/// <summary>
/// Digest of the policy bundle used for evaluation.
/// </summary>
public const string StellaPolicyDigest = "org.stellaops.policy.digest";
/// <summary>
/// Graph revision identifier for the scan.
/// </summary>
public const string StellaGraphRevisionId = "org.stellaops.graph.revision.id";
/// <summary>
/// Digest of the proof bundle containing the evidence chain.
/// </summary>
public const string StellaProofBundleDigest = "org.stellaops.proof.bundle.digest";
/// <summary>
/// Timestamp when the verdict was computed.
/// </summary>
public const string StellaVerdictTimestamp = "org.stellaops.verdict.timestamp";
// Sprint: SPRINT_4300_0002_0002 - Unknowns Attestation Predicates
/// <summary>
/// Digest of the uncertainty state attestation.
/// </summary>
public const string StellaUncertaintyDigest = "org.stellaops.uncertainty.digest";
/// <summary>
/// Digest of the uncertainty budget attestation.
/// </summary>
public const string StellaUncertaintyBudgetDigest = "org.stellaops.uncertainty.budget.digest";
}