Add unit tests for AST parsing and security sink detection

- Created `StellaOps.AuditPack.Tests.csproj` for unit testing the AuditPack library.
- Implemented comprehensive unit tests in `index.test.js` for AST parsing, covering various JavaScript and TypeScript constructs including functions, classes, decorators, and JSX.
- Added `sink-detect.test.js` to test security sink detection patterns, validating command injection, SQL injection, file write, deserialization, SSRF, NoSQL injection, and more.
- Included tests for taint source detection in various contexts such as Express, Koa, and AWS Lambda.

src/Scanner/StellaOps.Scanner.Worker/Extensions/BinaryIndexServiceExtensions.cs

@@ -0,0 +1,90 @@
+// SPDX-License-Identifier: AGPL-3.0-or-later
+// Sprint: SPRINT_6000_0004_0001 - Scanner Worker Integration
+// Task: T5 - Add Configuration and DI Registration
+
+using Microsoft.Extensions.Configuration;
+using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.Logging;
+using StellaOps.BinaryIndex.Core.Services;
+using StellaOps.Scanner.Worker.Processing;
+
+namespace StellaOps.Scanner.Worker.Extensions;
+
+/// <summary>
+/// Extension methods for registering BinaryIndex integration services.
+/// </summary>
+public static class BinaryIndexServiceExtensions
+{
+    /// <summary>
+    /// Adds BinaryIndex integration services to the service collection.
+    /// </summary>
+    public static IServiceCollection AddBinaryIndexIntegration(
+        this IServiceCollection services,
+        IConfiguration configuration)
+    {
+        var options = configuration
+            .GetSection("BinaryIndex")
+            .Get<BinaryIndexOptions>() ?? new BinaryIndexOptions();
+
+        if (!options.Enabled)
+        {
+            services.AddSingleton<IBinaryVulnerabilityService, NullBinaryVulnerabilityService>();
+            return services;
+        }
+
+        services.AddSingleton(options);
+        services.AddScoped<IBinaryVulnerabilityService, BinaryVulnerabilityService>();
+        services.AddScoped<IBinaryFeatureExtractor, ElfFeatureExtractor>();
+        services.AddScoped<BinaryVulnerabilityAnalyzer>();
+
+        return services;
+    }
+}
+
+/// <summary>
+/// Configuration options for BinaryIndex integration.
+/// </summary>
+public sealed class BinaryIndexOptions
+{
+    /// <summary>
+    /// Whether binary vulnerability analysis is enabled.
+    /// </summary>
+    public bool Enabled { get; init; } = true;
+
+    /// <summary>
+    /// Batch size for binary lookups.
+    /// </summary>
+    public int BatchSize { get; init; } = 100;
+
+    /// <summary>
+    /// Timeout in milliseconds for binary lookups.
+    /// </summary>
+    public int TimeoutMs { get; init; } = 5000;
+
+    /// <summary>
+    /// Minimum confidence threshold for reporting matches.
+    /// </summary>
+    public decimal MinConfidence { get; init; } = 0.7m;
+}
+
+/// <summary>
+/// Null implementation of IBinaryVulnerabilityService for when binary analysis is disabled.
+/// </summary>
+internal sealed class NullBinaryVulnerabilityService : IBinaryVulnerabilityService
+{
+    public Task<System.Collections.Immutable.ImmutableArray<BinaryVulnMatch>> LookupByIdentityAsync(
+        StellaOps.BinaryIndex.Core.Models.BinaryIdentity identity,
+        LookupOptions? options = null,
+        CancellationToken ct = default)
+    {
+        return Task.FromResult(System.Collections.Immutable.ImmutableArray<BinaryVulnMatch>.Empty);
+    }
+
+    public Task<System.Collections.Immutable.ImmutableDictionary<string, System.Collections.Immutable.ImmutableArray<BinaryVulnMatch>>> LookupBatchAsync(
+        IEnumerable<StellaOps.BinaryIndex.Core.Models.BinaryIdentity> identities,
+        LookupOptions? options = null,
+        CancellationToken ct = default)
+    {
+        return Task.FromResult(System.Collections.Immutable.ImmutableDictionary<string, System.Collections.Immutable.ImmutableArray<BinaryVulnMatch>>.Empty);
+    }
+}