feat: add security sink detection patterns for JavaScript/TypeScript

- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations). - Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns. - Added `package-lock.json` for dependency management.
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
--- a/src/Web/StellaOps.Web/angular.json
+++ b/src/Web/StellaOps.Web/angular.json
@@ -13,7 +13,7 @@
      "root": "",
      "sourceRoot": "src",
      "prefix": "app",
-      "architect": {
+      "architect": {
        "build": {
          "builder": "@angular-devkit/build-angular:application",
          "options": {
@@ -25,15 +25,15 @@
            ],
            "tsConfig": "tsconfig.app.json",
            "inlineStyleLanguage": "scss",
-            "assets": [
-              "src/favicon.ico",
-              "src/assets",
-              {
-                "glob": "config.json",
-                "input": "src/config",
-                "output": "."
-              }
-            ],
+            "assets": [
+              "src/favicon.ico",
+              "src/assets",
+              {
+                "glob": "config.json",
+                "input": "src/config",
+                "output": "."
+              }
+            ],
            "styles": [
              "src/styles.scss"
            ],
@@ -49,8 +49,8 @@
                },
                {
                  "type": "anyComponentStyle",
-                  "maximumWarning": "2kb",
-                  "maximumError": "4kb"
+                  "maximumWarning": "6kb",
+                  "maximumError": "12kb"
                }
              ],
              "outputHashing": "all"
@@ -81,59 +81,59 @@
            "buildTarget": "stellaops-web:build"
          }
        },
-        "test": {
-          "builder": "@angular-devkit/build-angular:karma",
-          "options": {
-            "polyfills": [
-              "zone.js",
-              "zone.js/testing"
-            ],
-            "tsConfig": "tsconfig.spec.json",
-            "karmaConfig": "karma.conf.cjs",
-            "inlineStyleLanguage": "scss",
-            "fileReplacements": [
-              {
-                "replace": "src/app/features/policy-studio/editor/monaco-loader.service.ts",
-                "with": "src/app/features/policy-studio/editor/monaco-loader.service.stub.ts"
-              }
-            ],
-            "assets": [
-              "src/favicon.ico",
-              "src/assets",
-              {
-                "glob": "config.json",
-                "input": "src/config",
-                "output": "."
-              }
-            ],
-            "styles": [
-              "src/styles.scss"
-            ],
-            "scripts": []
-          }
-        },
-        "storybook": {
-          "builder": "@storybook/angular:start-storybook",
-          "options": {
-            "configDir": ".storybook",
-            "browserTarget": "stellaops-web:build",
-            "compodoc": false,
-            "port": 6006
-          }
-        },
-        "build-storybook": {
-          "builder": "@storybook/angular:build-storybook",
-          "options": {
-            "configDir": ".storybook",
-            "browserTarget": "stellaops-web:build",
-            "compodoc": false,
-            "outputDir": "storybook-static"
-          }
-        }
-      }
-    }
+        "test": {
+          "builder": "@angular-devkit/build-angular:karma",
+          "options": {
+            "polyfills": [
+              "zone.js",
+              "zone.js/testing"
+            ],
+            "tsConfig": "tsconfig.spec.json",
+            "karmaConfig": "karma.conf.cjs",
+            "inlineStyleLanguage": "scss",
+            "fileReplacements": [
+              {
+                "replace": "src/app/features/policy-studio/editor/monaco-loader.service.ts",
+                "with": "src/app/features/policy-studio/editor/monaco-loader.service.stub.ts"
+              }
+            ],
+            "assets": [
+              "src/favicon.ico",
+              "src/assets",
+              {
+                "glob": "config.json",
+                "input": "src/config",
+                "output": "."
+              }
+            ],
+            "styles": [
+              "src/styles.scss"
+            ],
+            "scripts": []
+          }
+        },
+        "storybook": {
+          "builder": "@storybook/angular:start-storybook",
+          "options": {
+            "configDir": ".storybook",
+            "browserTarget": "stellaops-web:build",
+            "compodoc": false,
+            "port": 6006
+          }
+        },
+        "build-storybook": {
+          "builder": "@storybook/angular:build-storybook",
+          "options": {
+            "configDir": ".storybook",
+            "browserTarget": "stellaops-web:build",
+            "compodoc": false,
+            "outputDir": "storybook-static"
+          }
+        }
+      }
+    }
  },
  "cli": {
    "analytics": false
-  }
-}
+  }
+}