Update and rename exposures/configs/package-json.yaml to http/exposures/configs/package-json.yaml

2023-07-04 09:22:19 +05:30 · 2023-07-04 09:22:19 +05:30 · a9fc298b62
parent b597063a39
commit a9fc298b62
1 changed files with 9 additions and 4 deletions
--- a/http/exposures/configs/package-json.yaml
+++ b/http/exposures/configs/package-json.yaml
@ -1,20 +1,25 @@
 id: package-json

 info:
-  name: npm package.json disclosure
+  name: NPM package.json Disclosure
  author: geeknik,afaq,noraj
  severity: info
-  description: All NodeJS packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project generated by package managers such as npm, yarn, pnpm.
+  description: |
+    All NodeJS packages contain a file, usually in the project root, called package.json - this file holds various metadata relevant to the project generated by package managers such as npm, yarn, pnpm.
  reference:
    - https://docs.npmjs.com/cli/v9/configuring-npm/package-json
    - https://classic.yarnpkg.com/lang/en/docs/package-json/
    - https://pnpm.io/package_json
-  tags: config,exposure
+  metadata:
+    max-request: 2
+    verified: true
+  tags: config,exposure,node,npm

 requests:
  - method: GET
    path:
      - "{{BaseURL}}/package.json"
+      - "{{BaseURL}}/package-lock.json"

    matchers-condition: and
    matchers:
@ -25,9 +30,9 @@ requests:
        condition: and

      - type: word
+        part: header
        words:
          - "application/json"
-        part: header

      - type: status
        status: