feat: add security sink detection patterns for JavaScript/TypeScript

- Introduced `sink-detect.js` with various security sink detection patterns categorized by type (e.g., command injection, SQL injection, file operations). - Implemented functions to build a lookup map for fast sink detection and to match sink calls against known patterns. - Added `package-lock.json` for dependency management.
2025-12-22 23:21:21 +02:00
parent 3ba7157b00
commit 5146204f1b
529 changed files with 73579 additions and 5985 deletions
--- a/src/__Libraries/StellaOps.DeltaVerdict/Signing/DeltaSigningService.cs
+++ b/src/__Libraries/StellaOps.DeltaVerdict/Signing/DeltaSigningService.cs
@@ -114,11 +114,21 @@ public sealed class DeltaSigningService : IDeltaSigningService

    private static string ComputeSignature(byte[] pae, SigningOptions options)
    {
-        return options.Algorithm switch
+        return ComputeSignatureCore(pae, options.Algorithm, options.SecretBase64);
+    }
+
+    private static string ComputeSignature(byte[] pae, VerificationOptions options)
+    {
+        return ComputeSignatureCore(pae, options.Algorithm, options.SecretBase64);
+    }
+
+    private static string ComputeSignatureCore(byte[] pae, SigningAlgorithm algorithm, string? secretBase64)
+    {
+        return algorithm switch
        {
-            SigningAlgorithm.HmacSha256 => ComputeHmac(pae, options.SecretBase64),
+            SigningAlgorithm.HmacSha256 => ComputeHmac(pae, secretBase64),
            SigningAlgorithm.Sha256 => Convert.ToBase64String(SHA256.HashData(pae)),
-            _ => throw new InvalidOperationException($"Unsupported signing algorithm: {options.Algorithm}")
+            _ => throw new InvalidOperationException($"Unsupported signing algorithm: {algorithm}")
        };
    }