/** * @fileoverview Security service - facade for all security scanning operations * @module @nahisaho/musubix-security/services/security-service * @trace REQ-SEC-SCAN-001 */ import type { SecurityConfig, ScanResult, TaintResult, SecretScanResult, AuditResult, Fix, VerificationResult } from '../types/index.js'; import { type ReportFormat } from './report-generator.js'; /** * Scan options */ export interface ScanOptions { /** Target path (file or directory) */ target: string; /** Enable vulnerability scanning */ vulnerabilities?: boolean; /** Enable taint analysis */ taint?: boolean; /** Enable secret detection */ secrets?: boolean; /** Enable dependency audit */ dependencies?: boolean; /** Generate fixes */ generateFixes?: boolean; /** Verify fixes */ verifyFixes?: boolean; /** Use cache */ useCache?: boolean; /** Configuration overrides */ config?: Partial; } /** * Complete scan result */ export interface CompleteScanResult { /** Scan metadata */ metadata: { target: string; scanTime: Date; duration: number; filesScanned: number; rulesApplied: number; }; /** Vulnerability scan results */ vulnerabilities?: ScanResult; /** Taint analysis results */ taint?: TaintResult; /** Secret scan results */ secrets?: SecretScanResult; /** Dependency audit results */ dependencies?: AuditResult; /** Generated fixes */ fixes?: Fix[]; /** Fix verification results */ verifications?: VerificationResult[]; /** Summary statistics */ summary: { totalVulnerabilities: number; bySeverity: { critical: number; high: number; medium: number; low: number; info: number; }; taintedPaths: number; secretsFound: number; vulnerableDependencies: number; fixesGenerated: number; fixesVerified: number; }; } /** * Security service - main facade for security operations */ export declare class SecurityService { private config; private vulnerabilityScanner; private taintAnalyzer; private secretDetector; private dependencyAuditor; private fixGenerator; private fixVerifier; private reportGenerator; private fileScanner; constructor(config?: Partial); /** * Run a complete security scan */ scan(options: ScanOptions): Promise; /** * Quick scan - vulnerabilities only */ quickScan(target: string): Promise; /** * Scan a single file */ scanFile(filePath: string): Promise; /** * Run taint analysis only */ analyzeTaint(target: string): Promise; /** * Detect secrets only */ detectSecrets(target: string): Promise; /** * Audit dependencies only */ auditDependencies(target: string): Promise; /** * Generate a fix for a vulnerability */ generateFix(vulnerabilityId: string, scanResult: ScanResult): Promise; /** * Verify a fix */ verifyFix(fix: Fix): Promise; /** * Generate a report from scan results */ generateReport(scanResult: CompleteScanResult, format?: ReportFormat): Promise; /** * Generate summary statistics */ private generateSummary; /** * Get current configuration */ getConfig(): SecurityConfig; /** * Update configuration */ setConfig(config: Partial): void; /** * Load configuration from file */ loadConfigFile(searchFrom?: string): Promise; } /** * Create a security service */ export declare function createSecurityService(config?: Partial): SecurityService; /** * Quick scan helper function */ export declare function scanForVulnerabilities(target: string): Promise; /** * Full scan helper function */ export declare function runSecurityScan(target: string, options?: Partial): Promise; //# sourceMappingURL=security-service.d.ts.map