v0.73.0 — technical depth: IFDS summary edges + type-stub filter + cross-repo federation
Latest
Three technical-depth lifts closing loops opened in earlier releases.
#1 IFDS full summary edges
`scanner/src/dataflow/ifds.js` — v0.71 IFDS used bottom summaries (callees assumed clean). v0.73 adds real per-function summary edges: `summaries: Map<qid|entryFact, Set>`, pending-return registry, and call-site translation helpers. Summary reuse makes second call to same callee O(1) — what makes IFDS polynomial in practice.
#2 Type-stub-aware filter
`scanner/src/dataflow/stub-aware-filter.js` — post-pass consulting v0.70's parsed type stubs. Demotes findings whose source type cannot carry the vulnerability metacharacters:
| Family | CWE | Safe types (demoted) |
|---|---|---|
| XSS | CWE-79 | number, boolean, Date, RegExp, bigint |
| SQLi | CWE-89 | number, boolean, Date, bigint |
| Cmd-inj | CWE-78 | number, boolean, bigint |
| Path | CWE-22 | number, boolean |
| SSRF | CWE-918 | number, boolean |
Severity drops one tier; never drops the finding. Auditor sees `_stubTypeDemoted: true` + reason.
#3 Cross-repo federation
`scanner/src/dataflow/cross-repo.js` — the intra-repo `cross-lang-openapi.js` from v0.66 ties a single repo's client call to its server route. v0.73 ships the inter-repo lift: `buildFederatedGraph(specs)` walks a SET of OpenAPI specs from different repos, finds shared `(method, path)` endpoints with overlapping field schemas, emits federated edges. Each edge becomes a `CROSS-REPO` finding (`CWE-829`) showing both repos + the shared fields in the trace.
Test totals
832 scanner tests pass / 0 fail (up from 811).
🤖 Generated with Claude Code