/** * @fileoverview MUSUBIX Security Package - Main Entry Point * @module @nahisaho/musubix-security * @version 3.0.11 * * Static analysis and vulnerability detection for TypeScript/JavaScript applications. * Now with CodeQL-equivalent capabilities! * * Features: * - Vulnerability scanning (SQL Injection, XSS, Command Injection, etc.) * - Taint analysis (data flow tracking) * - Secret detection (API keys, passwords, tokens) * - Dependency auditing (npm audit integration) * - Fix generation and verification * - Multiple report formats (JSON, SARIF, Markdown, HTML) * * CodeQL-Equivalent Features (v3.1.0): * - Multi-language extractors (Tree-sitter based): Go, Java, TypeScript, JavaScript, Python, PHP * - CodeDB: In-memory code database with AST, CFG, DFG, and symbol tables * - MQL: MUSUBIX Query Language for code analysis * - Variant Analysis: Taint-based vulnerability detection with SARIF export * * @example * ```typescript * import { runSecurityScan, createSecurityService } from '@nahisaho/musubix-security'; * * // Quick scan * const result = await runSecurityScan('./src'); * console.log(`Found ${result.summary.totalVulnerabilities} vulnerabilities`); * * // Full service usage * const service = createSecurityService(); * const scanResult = await service.scan({ * target: './src', * vulnerabilities: true, * taint: true, * secrets: true, * dependencies: true, * generateFixes: true, * }); * * // CodeQL-style variant analysis (v3.1.0) * import { createScanner, createMQLEngine, createCodeDBBuilder } from '@nahisaho/musubix-security'; * * // Build CodeDB * const builder = createCodeDBBuilder(); * const { database } = await builder.build('./src'); * * // Run MQL queries * const engine = createMQLEngine(); * const result = await engine.execute('FROM functions WHERE name LIKE "%sql%"', database); * * // Run variant analysis * const scanner = createScanner(); * const findings = await scanner.scan('./src'); * ``` */ export { type Vulnerability, type SourceLocation, type ScanResult, type SecurityRule, type Severity, type OWASPCategory, type TaintSource, type TaintSink, type TaintPath, type TaintResult, type SanitizerDefinition, BUILTIN_SANITIZERS, type Fix, type CodeEdit, type ImportEdit, type VerificationResult, type VerificationStatus, type ApplyResult, type FixBatch, type FixStrategy, type Secret, type SecretPattern, type SecretScanResult, BUILTIN_SECRET_PATTERNS, type AuditResult, type VulnerableDependency, type DependencyVulnerability, type SBOM, type SBOMEntry, type LicensePolicy, type SecurityConfig, type ReportConfig, type CacheConfig, type CIConfig, DEFAULT_CONFIG, } from './types/index.js'; export { VulnerabilityScanner, TaintAnalyzer, SecretDetector, DependencyAuditor, } from './analysis/index.js'; export { ASTParser, FileScanner, loadConfig, loadConfigSync, MemoryCache, FileCache, NoopCache, cacheKey, contentHash, type ICache, } from './infrastructure/index.js'; export { PipelineManager, createPipelineManager, createStandardPipeline, ResultAggregator, createResultAggregator, mergeSimilarByLocation, } from './core/index.js'; export { ImageScanner, createImageScanner, type ImageScanOptions, type ImageScanResult, type DockerfileAnalysis, type DockerfileIssue, type BestPracticeViolation, type ContainerVulnerability, } from './analyzers/container/image-scanner.js'; export { IaCChecker, createIaCChecker, type IaCCheckOptions, type IaCAnalysisResult, type IaCIssue, type IaCType, } from './analyzers/iac/iac-checker.js'; export { PromptInjectionDetector, createPromptInjectionDetector, type PromptInjectionOptions, type PromptInjectionResult, type PromptInjectionVulnerability, } from './analyzers/ai/prompt-injection-detector.js'; export { ZeroDayDetector, createZeroDayDetector, type ZeroDayOptions, type ZeroDayResult, type ZeroDayVulnerability, } from './analyzers/sast/zero-day-detector.js'; export { InterproceduralAnalyzer, createInterproceduralAnalyzer, type InterproceduralOptions, type InterproceduralResult, type CallGraphNode, type DataFlowPath, } from './analyzers/sast/interprocedural-analyzer.js'; export { ComplianceChecker, createComplianceChecker, type ComplianceStandard, type ComplianceRequirement, type ComplianceCheckResult, type ComplianceFinding, type ComplianceReport, type ComplianceSummary, type ComplianceCheckerOptions, } from './analyzers/compliance/compliance-checker.js'; export { DependencyScanner, createDependencyScanner, type DependencyScannerOptions, type DependencyInfo, type DependencyScanResult, type LicenseRisk, type SBOMComponent, type SBOMDocument, type OutdatedPackage, type DependencySummary, } from './analyzers/sca/dependency-scanner.js'; export { APISecurityAnalyzer, createAPISecurityAnalyzer, type APISecurityOptions, type APISecurityResult, type APISecurityIssue, type APISecurityCategory, type APIEndpoint, type OpenAPISpec, type SecurityCoverage, type APISecuritySummary, } from './analyzers/api/api-security-analyzer.js'; export { RealtimeMonitor, createRealtimeMonitor, createSecurityMonitor, type MonitorConfig, type MonitorEvent, type MonitorEventType, type MonitorState, type ScannerFunction, } from './analyzers/monitor/realtime-monitor.js'; export { SecurityDashboard, createSecurityDashboard, type DashboardConfig, type DashboardReport, type SecurityMetrics, type SecurityTrend, type SecurityRecommendation, type ExecutiveSummary, type TopVulnerability, type ComponentRisk, } from './analyzers/dashboard/security-dashboard.js'; export { NeuroSymbolicCore, createNeuroSymbolicCore, StubLLMAnalyzer, StubKnowledgeQuery, } from './intelligence/index.js'; export { SecurityService, createSecurityService, scanForVulnerabilities, runSecurityScan, type ScanOptions, type CompleteScanResult, FixGenerator, createFixGenerator, FixVerifier, createFixVerifier, type VerificationOptions, ReportGenerator, createReportGenerator, type ReportFormat, type CombinedResults, type ReportMetadata, } from './services/index.js'; export { createSecurityCLI, runCLI } from './cli/index.js'; export { SecurityMCPServer, startMCPServer, runMCPServer, SecurityToolHandler, createToolHandler, getToolSchemas, SECURITY_TOOLS, type ToolSchema, type ToolResult, } from './mcp/index.js'; export { CIIntegration, createCIIntegration, isCI, detectCIPlatform, type CIPlatform, type CIEnvironment, type CIIntegrationOptions, type CIScanResult, type GitHubAnnotation, type CISummary, ReportAggregator, createReportAggregator, type AggregatedReport, type AggregatedFinding, type TrendData, type ReportComparison, type ReportAggregatorOptions, GitHooksManager, createGitHooks, installPreCommitHook, installRecommendedHooks, type HookType, type GitHooksConfig, type HookResult, type InstallResult, VSCodeIntegration, createVSCodeIntegration, DiagnosticSeverity, type VSCodeIntegrationOptions, type Diagnostic, type CodeAction, type TreeItem, type HoverContent, type StatusBarItem, type Decoration, } from './integrations/index.js'; export { PolicyEngine, createPolicyEngine, getBuiltInPolicy, type SecurityPolicy, type PolicyRule, type PolicyCondition, type PolicyEvaluationResult, type PolicyEngineOptions, type PolicyAction, } from './policy/index.js'; export { AutoFixer, createAutoFixer, getBuiltInTemplates, createFixTemplate, type FixTemplate, type CodeTransformation, type ImportSpec, type FixApplicationResult, type FixGenerationOptions, type AutoFixerOptions, FixValidator, createFixValidator, quickValidate, type ValidationResult, type ValidationCheck, type SyntaxValidationResult, type RegressionTestResult, type SecurityRescanResult, type FixValidatorOptions, type CustomValidationRule, PatchGenerator, createPatchGenerator, generateQuickPatch, type Patch, type PatchFormat, type PatchFile, type PatchHunk, type PatchLine, type PatchMetadata, type PatchGenerationOptions, type PatchApplicationResult, type PatchGeneratorOptions, RemediationPlanner, createRemediationPlanner, quickCreatePlan, type RemediationPlan, type PlanStatus, type RemediationPhase, type PlannedFix, type FixStatus, type FixDependency, type DependencyType, type EffortEstimate, type Duration, type RiskReduction, type RiskLevel, type PlanMetadata, type PrioritizationStrategy, type RemediationPlannerOptions, type PlanningOptions, SecureCodeTransformer, createSecureCodeTransformer, quickTransform, getBuiltInTransformations, type TransformationDefinition, type TransformationCategory, type CodePattern, type PatternContext, type ReplacementPattern, type TransformImportSpec, type TransformationResult, type AppliedTransformation, type SecureCodeTransformerOptions, type TransformOptions, } from './remediation/index.js'; export { NVDClient, NVDAPIError, type NVDClientOptions, type CVESearchResult, } from './cve/index.js'; export { detectLanguage, getSupportedLanguages, } from './extractors/index.js'; export type { SupportedLanguage } from './extractors/index.js'; export { CodeDB, CodeDBBuilder, createBuilder, createCodeDBBuilder, buildCodeDB, buildCodeDBFromPath, } from './codedb/index.js'; export type { CodeDBOptions, BuilderOptions, BuildProgress, BuildError, BuildResult, SourceFile, } from './codedb/index.js'; export type { CallGraphNode as CodeDBCallGraphNode, CallGraphEdge, TaintPath as CodeDBTaintPath, TypeDefinition, TypeHierarchyInfo, } from './codedb/index.js'; export { VulnerabilityModelManager, createModelManager, TaintDetector, createDetector, SecurityScanner, createScanner, SARIFGenerator, createSARIFGenerator, generateSARIF, exportSARIF, CWE_DATABASE, type VulnerabilityModel, type SourcePattern, type SinkPattern, type SanitizerPattern, type VulnerabilityFinding, type ScanConfig, type ScanResult as VariantScanResult, type VulnerabilitySeverity, type SARIFReport, } from './variant/index.js'; //# sourceMappingURL=index.d.ts.map