stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

feat: add security sink detection patterns for JavaScript/TypeScript

Browse Source 
- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations).
- Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns.
- Added `package-lock.json` for dependency management.
This commit is contained in:
StellaOps Bot
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
src/VexHub/StellaOps.VexHub.WebService/Models/VexApiModels.cs Normal file
View File

@@ -0,0 +1,58 @@
using StellaOps.VexHub.Core.Models;
namespace StellaOps.VexHub.WebService.Models;
/// <summary>
/// Response containing VEX statements.
/// </summary>
public sealed class VexStatementsResponse
{
public required IReadOnlyList<AggregatedVexStatement> Statements { get; init; }
public required int TotalCount { get; init; }
public required string QueryType { get; init; }
public required string QueryValue { get; init; }
}
/// <summary>
/// Response for VEX search queries.
/// </summary>
public sealed class VexSearchResponse
{
public required IReadOnlyList<AggregatedVexStatement> Statements { get; init; }
public required long TotalCount { get; init; }
public required int Limit { get; init; }
public required int Offset { get; init; }
}
/// <summary>
/// VEX Hub statistics.
/// </summary>
public sealed class VexHubStats
{
public required long TotalStatements { get; init; }
public required long VerifiedStatements { get; init; }
public required long FlaggedStatements { get; init; }
public required DateTimeOffset GeneratedAt { get; init; }
}
/// <summary>
/// VEX Hub index manifest for tool integration.
/// </summary>
public sealed class VexIndexManifest
{
public required string Version { get; init; }
public required DateTimeOffset LastUpdated { get; init; }
public required VexIndexEndpoints Endpoints { get; init; }
}
/// <summary>
/// VEX Hub API endpoints.
/// </summary>
public sealed class VexIndexEndpoints
{
public required string ByCve { get; init; }
public required string ByPackage { get; init; }
public required string BySource { get; init; }
public required string Search { get; init; }
public required string Stats { get; init; }
}