typescript.PHP.Sec.Scan/package.json at master · venantvr-security/typescript.PHP.Sec.Scan · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
{
  "name": "php-security-scanner",
  "displayName": "PHP Security Scanner",
  "description": "Une extension VS Code pour détecter les vulnérabilités de sécurité dans le code PHP via taint tracking.",
  "version": "0.0.1",
  "engines": {
    "vscode": "^1.85.0"
  },
  "categories": [
    "Linters",
    "Programming Languages"
  ],
  "activationEvents": [
    "onLanguage:php",
    "onCommand:phpSecurityScanner.scan"
  ],
  "main": "./out/extension.js",
  "contributes": {
    "commands": [
      {
        "command": "phpSecurityScanner.scan",
        "title": "PHP Security Scanner: Analyser le Workspace"
      }
    ],
    "configuration": {
      "title": "PHP Security Scanner",
      "properties": {
        "phpSecurityScanner.vulnTypes": {
          "type": "array",
          "items": {
            "type": "string",
            "enum": [
              "sql_injection",
              "xss",
              "rce",
              "file_inclusion",
              "auth_bypass",
              "session_fixation",
              "insecure_upload"
            ]
          },
          "default": [
            "sql_injection",
            "xss",
            "rce",
            "file_inclusion",
            "auth_bypass",
            "session_fixation",
            "insecure_upload"
          ],
          "description": "Types de vulnérabilités à analyser."
        },
        "phpSecurityScanner.includePatterns": {
          "type": "array",
          "items": {
            "type": "string"
          },
          "default": [
            "**/*.php"
          ],
          "description": "Motifs glob pour inclure les fichiers à analyser (ex. **/*.php)."
        },
        "phpSecurityScanner.excludePatterns": {
          "type": "array",
          "items": {
            "type": "string"
          },
          "default": [
            "**/vendor/**",
            "**/node_modules/**"
          ],
          "description": "Motifs glob pour exclure les fichiers de l'analyse."
        },
        "phpSecurityScanner.rulesFile": {
          "type": "string",
          "default": "",
          "description": "Chemin vers un fichier rules.yaml personnalisé pour les définitions de vulnérabilités."
        }
      }
    }
  },
  "scripts": {
    "vscode:prepublish": "npm run compile",
    "compile": "tsc -p ./",
    "watch": "tsc -watch -p ./",
    "test": "mocha -r ts-node/register tests/**/*.test.ts --colors",
    "test:watch": "mocha -r ts-node/register tests/**/*.test.ts --watch --colors"
  },
  "dependencies": {
    "js-yaml": "^4.1.0",
    "tree-sitter": "0.21.1",
    "tree-sitter-php": "^0.22.6",
    "vscode-uri": "^3.0.8"
  },
  "devDependencies": {
    "@types/node": "^20.12.12",
    "@types/vscode": "^1.85.0",
    "@types/mocha": "^10.0.7",
    "@types/chai": "^4.3.16",
    "@types/js-yaml": "^4.0.9",
    "typescript": "^5.4.5",
    "mocha": "^10.4.0",
    "chai": "^4.4.1",
    "ts-node": "^10.9.2"
  },
  "publishConfig": {
    "access": "public"
  }
}