@aegis-scan/mcp-server 0.17.0 → 0.18.5

package/dist/handlers.d.ts

@@ -1,4 +1,6 @@
 import type { AuditResult, Finding } from '@aegis-scan/core';
+/** Validate that a path is safe to scan (no traversal, no system/user-secret directories, must exist) */
+export declare function validatePath(inputPath: string): string;
 export declare function getLastResult(): AuditResult | null;
 export declare function setLastResult(result: AuditResult): void;
 export interface ScanInput {

package/dist/handlers.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../src/handlers.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,OAAO,EAAgB,MAAM,kBAAkB,CAAC;AA+C3E,wBAAgB,aAAa,IAAI,WAAW,GAAG,IAAI,CAElD;AAED,wBAAgB,aAAa,CAAC,MAAM,EAAE,WAAW,GAAG,IAAI,CAEvD;AAMD,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,KAAK,CAAC;QACjB,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAC,CAAC;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAiBD,wBAAsB,UAAU,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CA4CtE;AAMD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CAyBnE;AAMD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACjF,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,CAwBzE;AAMD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,GAAG,SAAS,CAAC;CACrD;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAkCxF;AAMD,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,kBAAkB,GAAG,mBAAmB,CA0ClF"}
+{"version":3,"file":"handlers.d.ts","sourceRoot":"","sources":["../src/handlers.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAkC7D,yGAAyG;AACzG,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,GAAG,MAAM,CA+BtD;AAaD,wBAAgB,aAAa,IAAI,WAAW,GAAG,IAAI,CAElD;AAED,wBAAgB,aAAa,CAAC,MAAM,EAAE,WAAW,GAAG,IAAI,CAEvD;AAMD,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,KAAK,CAAC;QACjB,EAAE,EAAE,MAAM,CAAC;QACX,QAAQ,EAAE,MAAM,CAAC;QACjB,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC;QAChB,GAAG,CAAC,EAAE,MAAM,CAAC;KACd,CAAC,CAAC;IACH,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,MAAM,CAAC;CACnB;AAiBD,wBAAsB,UAAU,CAAC,KAAK,EAAE,SAAS,GAAG,OAAO,CAAC,UAAU,CAAC,CAsCtE;AAMD,MAAM,WAAW,aAAa;IAC5B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,wBAAgB,cAAc,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CAyBnE;AAMD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;CACd;AAED,MAAM,WAAW,WAAW;IAC1B,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACjF,OAAO,EAAE,OAAO,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,wBAAsB,WAAW,CAAC,KAAK,EAAE,UAAU,GAAG,OAAO,CAAC,WAAW,CAAC,CAuBzE;AAMD,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,GAAG,MAAM,GAAG,UAAU,GAAG,SAAS,CAAC;CACrD;AAED,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,OAAO,CAAC;CACjB;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,eAAe,GAAG,OAAO,CAAC,gBAAgB,CAAC,CAkCxF;AAMD,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,OAAO,CAAC;CAChB;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,kBAAkB,GAAG,mBAAmB,CA0ClF"}

package/dist/handlers.js

@@ -1,37 +1,66 @@
 import { loadConfig, Orchestrator } from '@aegis-scan/core';
 import { getAllScanners } from '@aegis-scan/scanners';
 import * as path from 'node:path';
-import { existsSync } from 'node:fs';
-/** Validate that a path is safe to scan (no traversal, must exist) */
-function validatePath(inputPath) {
-    // Check RAW input BEFORE resolve (resolve strips ..)
-    if (inputPath.includes('..')) {
-        throw new Error(`Path traversal detected: ${inputPath}`);
-    }
-    // Block null bytes (path injection on some OS)
+import * as os from 'node:os';
+import { existsSync, realpathSync } from 'node:fs';
+const SYSTEM_BLOCKED_RAW = [
+    '/etc', '/private/etc',
+    '/root', '/private/root',
+    '/usr', '/bin', '/sbin', '/sys', '/proc',
+    '/var/log', '/private/var/log',
+    '/var/db', '/private/var/db',
+    '/var/root', '/private/var/root',
+    '/var/spool', '/private/var/spool',
+    '/var/audit', '/private/var/audit',
+    '/tmp', '/private/tmp',
+    '/var/tmp', '/private/var/tmp',
+    '/Volumes',
+    'C:\\Windows', 'C:\\Program Files', 'C:\\ProgramData', 'C:\\Users\\Default',
+];
+const USER_SECRET_DIRS = ['.ssh', '.aws', '.gnupg', '.config', '.docker', '.kube', '.azure', '.gcloud'];
+function buildCanonicalBlocklist() {
+    const home = os.homedir();
+    const userSecrets = USER_SECRET_DIRS.map((d) => path.join(home, d));
+    const all = [...SYSTEM_BLOCKED_RAW, ...userSecrets];
+    // realpath canonicalizes through symlinks so /etc and /private/etc both normalize to the same form
+    return all.map((p) => {
+        try {
+            return realpathSync(p);
+        }
+        catch {
+            return p;
+        }
+    });
+}
+const CANONICAL_BLOCKLIST = buildCanonicalBlocklist();
+/** Validate that a path is safe to scan (no traversal, no system/user-secret directories, must exist) */
+export function validatePath(inputPath) {
+    // Null-byte check first — on some OS the null byte truncates the path before downstream checks see it
     if (inputPath.includes('\0')) {
         throw new Error(`Null byte in path: ${inputPath}`);
     }
+    if (inputPath.includes('..')) {
+        throw new Error(`Path traversal detected: ${inputPath}`);
+    }
     const resolved = path.resolve(inputPath);
-    // Block system directories (Unix + Windows)
-    const blocked = ['/etc', '/root', '/var', '/usr', '/bin', '/sbin', '/sys', '/proc',
-        'C:\\Windows', 'C:\\Program Files', 'C:\\ProgramData'];
-    if (blocked.some((b) => resolved.startsWith(b))) {
-        throw new Error(`Blocked system path: ${resolved}`);
+    // Canonicalize via realpath when path exists — catches symlink-escape (user-link → /etc) and macOS aliasing (/etc ↔ /private/etc)
+    let canonical = resolved;
+    try {
+        canonical = realpathSync(resolved);
+    }
+    catch {
+        // path doesn't exist; existsSync below will reject
+    }
+    // Exact-match OR <prefix>/<sep> to avoid /etcetera-style false-positives that the previous startsWith allowed
+    const isBlocked = (p) => CANONICAL_BLOCKLIST.some((b) => p === b || p.startsWith(b + path.sep));
+    if (isBlocked(resolved) || isBlocked(canonical)) {
+        throw new Error(`Blocked system or user-secret path: ${resolved}`);
     }
     if (!existsSync(resolved)) {
         throw new Error(`Path does not exist: ${resolved}`);
     }
     return resolved;
 }
-/** Categories used for the fast "scan" mode (mirrors CLI scan.ts). */
-const FAST_CATEGORIES = [
-    'security',
-    'dependencies',
-    'quality',
-    'compliance',
-    'i18n',
-];
 /** Compliance framework → scanner name mapping. */
 const COMPLIANCE_SCANNER_MAP = {
     gdpr: 'gdpr-engine',
@@ -64,15 +93,8 @@ export async function handleScan(input) {
     const config = await loadConfig(resolvedPath, mode);
     const orchestrator = new Orchestrator();
     const allScanners = getAllScanners();
-    if (mode === 'scan') {
-        for (const scanner of allScanners.filter((s) => FAST_CATEGORIES.includes(s.category))) {
-            orchestrator.register(scanner);
-        }
-    }
-    else {
-        for (const scanner of allScanners) {
-            orchestrator.register(scanner);
-        }
+    for (const scanner of allScanners) {
+        orchestrator.register(scanner);
     }
     const result = await orchestrator.run(config);
     setLastResult(result);
@@ -125,8 +147,7 @@ export async function handleScore(input) {
     const config = await loadConfig(resolvedPath, 'scan');
     const orchestrator = new Orchestrator();
     const allScanners = getAllScanners();
-    // Quick scan — fast categories only
-    for (const scanner of allScanners.filter((s) => FAST_CATEGORIES.includes(s.category))) {
+    for (const scanner of allScanners) {
         orchestrator.register(scanner);
     }
     const result = await orchestrator.run(config);

package/dist/handlers.js.map

@@ -1 +1 @@
-{"version":3,"file":"handlers.js","sourceRoot":"","sources":["../src/handlers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AAErC,sEAAsE;AACtE,SAAS,YAAY,CAAC,SAAiB;IACrC,qDAAqD;IACrD,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAC3D,CAAC;IACD,+CAA+C;IAC/C,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,sBAAsB,SAAS,EAAE,CAAC,CAAC;IACrD,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IACzC,4CAA4C;IAC5C,MAAM,OAAO,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO;QAChF,aAAa,EAAE,mBAAmB,EAAE,iBAAiB,CAAC,CAAC;IACzD,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,sEAAsE;AACtE,MAAM,eAAe,GAAmB;IACtC,UAAU;IACV,cAAc;IACd,SAAS;IACT,YAAY;IACZ,MAAM;CACP,CAAC;AAEF,mDAAmD;AACnD,MAAM,sBAAsB,GAA2B;IACrD,IAAI,EAAE,aAAa;IACnB,IAAI,EAAE,MAAM;IACZ,QAAQ,EAAE,UAAU;IACpB,SAAS,EAAE,SAAS;CACrB,CAAC;AAEF,uDAAuD;AACvD,IAAI,UAAU,GAAuB,IAAI,CAAC;AAE1C,MAAM,UAAU,aAAa;IAC3B,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAmB;IAC/C,UAAU,GAAG,MAAM,CAAC;AACtB,CAAC;AAgCD,MAAM,cAAc,GAA2B;IAC7C,OAAO,EAAE,CAAC;IACV,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,SAAS,cAAc,CAAC,QAAmB;IACzC,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CACvB,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAClF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,KAAgB;IAC/C,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/D,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,MAAM,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;IAEpD,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,KAAK,MAAM,OAAO,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;YACtF,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;YAClC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;QACjC,CAAC;IACH,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE/C,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QACpC,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3C,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,SAAS;YACzB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,GAAG,EAAE,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,WAAW;SAC5D,CAAC,CAAC;QACH,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAC;AACJ,CAAC;AAkBD,MAAM,UAAU,cAAc,CAAC,KAAoB;IACjD,MAAM,MAAM,GAAG,UAAU,CAAC;IAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;IACjD,CAAC;IAED,IAAI,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAC/B,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC;IAE9B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QACnB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnE,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,MAAM,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,GAAG,CAAC;IACjC,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAEvC,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,KAAK;QACL,QAAQ,EAAE,OAAO,CAAC,MAAM;KACzB,CAAC;AACJ,CAAC;AAoBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAiB;IACjD,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAEtD,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,oCAAoC;IACpC,KAAK,MAAM,OAAO,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACtF,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC;AACJ,CAAC;AAoBD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAsB;IAC3D,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEvD,sDAAsD;IACtD,MAAM,CAAC,UAAU,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAEtC,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,0EAA0E;IAC1E,MAAM,WAAW,GAAG,sBAAsB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC5D,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC/C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,YAAY,IAAI,CAAC,CAAC,OAAO,KAAK,WAAW,CAChE,CAAC;IAEF,MAAM,MAAM,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;IAClD,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IAEzD,OAAO;QACL,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE,MAAM;QAChB,YAAY,EAAE,MAAM,CAAC,MAAM;QAC3B,KAAK,EAAE,iBAAiB,EAAE,KAAK,IAAI,MAAM,CAAC,KAAK;QAC/C,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,CAAC,MAAM,CAAC,OAAO,IAAI,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC;KAChI,CAAC;AACJ,CAAC;AAyBD,MAAM,UAAU,mBAAmB,CAAC,KAAyB;IAC3D,MAAM,MAAM,GAAG,UAAU,CAAC;IAE1B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,kDAAkD;YAC/D,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,KAAK;SACb,CAAC;IACJ,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IACpE,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QAC3B,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAC3F,CAAC;IAED,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,oBAAoB,KAAK,CAAC,SAAS,kCAAkC;YAClF,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,KAAK;SACb,CAAC;IACJ,CAAC;IAED,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,EAAE;QACrB,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,SAAS;QAC/B,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,GAAG,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,IAAI,yDAAyD;QAC5I,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,KAAK,EAAE,IAAI;KACZ,CAAC;AACJ,CAAC"}
+{"version":3,"file":"handlers.js","sourceRoot":"","sources":["../src/handlers.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAC5D,OAAO,EAAE,cAAc,EAAE,MAAM,sBAAsB,CAAC;AAEtD,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEnD,MAAM,kBAAkB,GAAG;IACzB,MAAM,EAAE,cAAc;IACtB,OAAO,EAAE,eAAe;IACxB,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO;IACxC,UAAU,EAAE,kBAAkB;IAC9B,SAAS,EAAE,iBAAiB;IAC5B,WAAW,EAAE,mBAAmB;IAChC,YAAY,EAAE,oBAAoB;IAClC,YAAY,EAAE,oBAAoB;IAClC,MAAM,EAAE,cAAc;IACtB,UAAU,EAAE,kBAAkB;IAC9B,UAAU;IACV,aAAa,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,oBAAoB;CAC5E,CAAC;AAEF,MAAM,gBAAgB,GAAG,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;AAExG,SAAS,uBAAuB;IAC9B,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;IAC1B,MAAM,WAAW,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACpE,MAAM,GAAG,GAAG,CAAC,GAAG,kBAAkB,EAAE,GAAG,WAAW,CAAC,CAAC;IACpD,mGAAmG;IACnG,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,IAAI,CAAC;YAAC,OAAO,YAAY,CAAC,CAAC,CAAC,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,CAAC,CAAC;QAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,mBAAmB,GAAG,uBAAuB,EAAE,CAAC;AAEtD,yGAAyG;AACzG,MAAM,UAAU,YAAY,CAAC,SAAiB;IAC5C,sGAAsG;IACtG,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,sBAAsB,SAAS,EAAE,CAAC,CAAC;IACrD,CAAC;IACD,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;QAC7B,MAAM,IAAI,KAAK,CAAC,4BAA4B,SAAS,EAAE,CAAC,CAAC;IAC3D,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAEzC,kIAAkI;IAClI,IAAI,SAAS,GAAG,QAAQ,CAAC;IACzB,IAAI,CAAC;QACH,SAAS,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;IACrC,CAAC;IAAC,MAAM,CAAC;QACP,mDAAmD;IACrD,CAAC;IAED,8GAA8G;IAC9G,MAAM,SAAS,GAAG,CAAC,CAAS,EAAW,EAAE,CACvC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,UAAU,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;IAEzE,IAAI,SAAS,CAAC,QAAQ,CAAC,IAAI,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;QAChD,MAAM,IAAI,KAAK,CAAC,uCAAuC,QAAQ,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,MAAM,IAAI,KAAK,CAAC,wBAAwB,QAAQ,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,mDAAmD;AACnD,MAAM,sBAAsB,GAA2B;IACrD,IAAI,EAAE,aAAa;IACnB,IAAI,EAAE,MAAM;IACZ,QAAQ,EAAE,UAAU;IACpB,SAAS,EAAE,SAAS;CACrB,CAAC;AAEF,uDAAuD;AACvD,IAAI,UAAU,GAAuB,IAAI,CAAC;AAE1C,MAAM,UAAU,aAAa;IAC3B,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,MAAM,UAAU,aAAa,CAAC,MAAmB;IAC/C,UAAU,GAAG,MAAM,CAAC;AACtB,CAAC;AAgCD,MAAM,cAAc,GAA2B;IAC7C,OAAO,EAAE,CAAC;IACV,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF,SAAS,cAAc,CAAC,QAAmB;IACzC,OAAO,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,CACvB,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAClF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,KAAgB;IAC/C,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/D,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,IAAI,MAAM,CAAC;IAElC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,IAAI,CAAC,CAAC;IAEpD,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IAE/C,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa,EAAE,MAAM,CAAC,aAAa;QACnC,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QACpC,WAAW,EAAE,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3C,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI,IAAI,SAAS;YACzB,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,GAAG,EAAE,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,EAAE,WAAW;SAC5D,CAAC,CAAC;QACH,QAAQ,EAAE,MAAM,CAAC,QAAQ;QACzB,SAAS,EAAE,MAAM,CAAC,SAAS;KAC5B,CAAC;AACJ,CAAC;AAkBD,MAAM,UAAU,cAAc,CAAC,KAAoB;IACjD,MAAM,MAAM,GAAG,UAAU,CAAC;IAC1B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;IACjD,CAAC;IAED,IAAI,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;IAC/B,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC;IAE9B,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;QACnB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,QAAQ,CAAC,CAAC;IACnE,CAAC;IACD,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;QAClB,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,KAAK,KAAK,CAAC,OAAO,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,MAAM,GAAG,cAAc,CAAC,QAAQ,CAAC,CAAC;IACxC,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,IAAI,GAAG,CAAC;IACjC,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAEvC,OAAO;QACL,QAAQ,EAAE,OAAO;QACjB,KAAK;QACL,QAAQ,EAAE,OAAO,CAAC,MAAM;KACzB,CAAC;AACJ,CAAC;AAoBD,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAiB;IACjD,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;IAEtD,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,OAAO;QACL,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,UAAU,EAAE,MAAM,CAAC,UAAU;QAC7B,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,aAAa,EAAE,MAAM,CAAC,aAAa;KACpC,CAAC;AACJ,CAAC;AAoBD,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,KAAsB;IAC3D,MAAM,YAAY,GAAG,YAAY,CAAC,KAAK,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAC/D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAEvD,sDAAsD;IACtD,MAAM,CAAC,UAAU,GAAG,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAEtC,MAAM,YAAY,GAAG,IAAI,YAAY,EAAE,CAAC;IACxC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IACjC,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9C,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,0EAA0E;IAC1E,MAAM,WAAW,GAAG,sBAAsB,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC5D,MAAM,kBAAkB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAC/C,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,YAAY,IAAI,CAAC,CAAC,OAAO,KAAK,WAAW,CAChE,CAAC;IAEF,MAAM,MAAM,GAAG,cAAc,CAAC,kBAAkB,CAAC,CAAC;IAClD,MAAM,iBAAiB,GAAG,MAAM,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;IAEzD,OAAO;QACL,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,QAAQ,EAAE,MAAM;QAChB,YAAY,EAAE,MAAM,CAAC,MAAM;QAC3B,KAAK,EAAE,iBAAiB,EAAE,KAAK,IAAI,MAAM,CAAC,KAAK;QAC/C,KAAK,EAAE,MAAM,CAAC,KAAK;QACnB,MAAM,EAAE,CAAC,MAAM,CAAC,OAAO,IAAI,kBAAkB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,KAAK,CAAC;KAChI,CAAC;AACJ,CAAC;AAyBD,MAAM,UAAU,mBAAmB,CAAC,KAAyB;IAC3D,MAAM,MAAM,GAAG,UAAU,CAAC;IAE1B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,kDAAkD;YAC/D,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,KAAK;SACb,CAAC;IACJ,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IACpE,IAAI,CAAC,OAAO,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC;QAC3B,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,KAAK,KAAK,CAAC,SAAS,CAAC,CAAC;IAC3F,CAAC;IAED,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,SAAS,EAAE,KAAK,CAAC,SAAS;YAC1B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,oBAAoB,KAAK,CAAC,SAAS,kCAAkC;YAClF,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,KAAK;SACb,CAAC;IACJ,CAAC;IAED,OAAO;QACL,SAAS,EAAE,OAAO,CAAC,EAAE;QACrB,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,WAAW,EAAE,OAAO,CAAC,WAAW;QAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,SAAS;QAC/B,IAAI,EAAE,OAAO,CAAC,IAAI;QAClB,GAAG,EAAE,CAAC,OAAO,OAAO,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,WAAW,CAAC,IAAI,yDAAyD;QAC5I,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,GAAG,EAAE,OAAO,CAAC,GAAG;QAChB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,KAAK,EAAE,IAAI;KACZ,CAAC;AACJ,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@aegis-scan/mcp-server",
-  "version": "0.17.0",
+  "version": "0.18.5",
   "description": "AEGIS MCP server — exposes scan / findings / score / compliance / fix-suggestion tools to any Model Context Protocol agent (Claude Code, Cursor, Continue, Zed). Five registered tools: aegis_scan, aegis_findings, aegis_score, aegis_compliance, aegis_fix_suggestion.",
   "license": "MIT",
   "author": "RideMatch1 <230386010+RideMatch1@users.noreply.github.com>",
@@ -47,8 +47,8 @@
   "dependencies": {
     "@modelcontextprotocol/sdk": "^1.0.0",
     "zod": "^3.23.0",
-    "@aegis-scan/core": "0.17.0",
-    "@aegis-scan/scanners": "0.17.0"
+    "@aegis-scan/core": "0.18.5",
+    "@aegis-scan/scanners": "0.18.5"
   },
   "devDependencies": {
     "@types/node": "^22.0.0",

package/sbom.cdx.json

@@ -1 +1 @@
-{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:489a129b-9999-49ca-9e01-6efb6e5c81e7","version":1,"metadata":{"timestamp":"2026-04-27T21:47:10Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"mcp-server","group":"@aegis-scan","version":"0.17.0","description":"AEGIS MCP server — exposes scan / findings / score / compliance / fix-suggestion tools to any Model Context Protocol agent (Claude Code, Cursor, Continue, Zed). Five registered tools: aegis_scan, aegis_findings, aegis_score, aegis_compliance, aegis_fix_suggestion.","purl":"pkg:npm/%40aegis-scan/mcp-server@0.17.0","bom-ref":"pkg:npm/@aegis-scan/mcp-server@0.17.0","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@aegis-scan\\n@modelcontextprotocol\\n@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/mcp-server/node_modules/@aegis-scan/core/package.json\\npackages/mcp-server/node_modules/@aegis-scan/scanners/package.json\\npackages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json\\npackages/mcp-server/node_modules/@types/node/package.json\\npackages/mcp-server/node_modules/typescript/package.json\\npackages/mcp-server/node_modules/vitest/package.json\\npackages/mcp-server/node_modules/zod/package.json"}]},"components":[{"authors":[{"name":"Colin McDonnell <zod@colinhacks.com>"}],"group":"","name":"zod","version":"3.25.76","description":"TypeScript-first schema declaration and validation library with static type inference","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/zod@3.25.76","externalReferences":[{"type":"website","url":"https://zod.dev"},{"type":"vcs","url":"git+https://github.com/colinhacks/zod.git"}],"type":"library","bom-ref":"pkg:npm/zod@3.25.76","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/zod/package.json"},{"name":"ImportedModules","value":"zod,zod/z"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/zod/package.json"}],"concludedValue":"packages/mcp-server/node_modules/zod/package.json"}],"occurrences":[{"location":"dist/index.js#7"},{"location":"src/index.ts#7"}]},"tags":["validation"]},{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/vitest/package.json"}],"concludedValue":"packages/mcp-server/node_modules/vitest/package.json"}]},"tags":["framework"]},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/typescript/package.json"}],"concludedValue":"packages/mcp-server/node_modules/typescript/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@types/node/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@types/node/package.json"}]}},{"authors":[{"name":"Anthropic"},{"name":" PBC (https://anthropic.com)"}],"group":"@modelcontextprotocol","name":"sdk","version":"1.29.0","description":"Model Context Protocol implementation for TypeScript","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40modelcontextprotocol/sdk@1.29.0","externalReferences":[{"type":"website","url":"https://modelcontextprotocol.io"},{"type":"vcs","url":"git+https://github.com/modelcontextprotocol/typescript-sdk.git"}],"type":"library","bom-ref":"pkg:npm/@modelcontextprotocol/sdk@1.29.0","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json"},{"name":"ImportedModules","value":"@modelcontextprotocol/sdk/server/mcp.js,McpServer,@modelcontextprotocol/sdk/server/mcp.js/McpServer,@modelcontextprotocol/sdk/server/stdio.js,StdioServerTransport,@modelcontextprotocol/sdk/server/stdio.js/StdioServerTransport"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json"}],"occurrences":[{"location":"dist/index.js#5"},{"location":"src/index.ts#5"},{"location":"dist/index.js#6"},{"location":"src/index.ts#6"}]}},{"authors":[{"name":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>"}],"group":"@aegis-scan","name":"scanners","version":"0.17.0","description":"AEGIS scanner registry — 41 built-in regex checkers + 1 AST cross-file taint analyzer + 20 external-tool wrappers (16 SAST/DAST: Semgrep, Gitleaks, Trivy, ZAP, …; +1 passive subdomain-recon: Subfinder; +3 LLM-agent pentest: Strix, PTAI, Pentest-Swarm-AI — pentest-mode-only). Framework-specific security rules for Next.js + Supabase: multi-tenant isolation, RLS bypass, Zod enforcement, RSC data leaks, and more.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40aegis-scan/scanners@0.17.0","externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}],"type":"framework","bom-ref":"pkg:npm/@aegis-scan/scanners@0.17.0","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@aegis-scan/scanners/package.json"},{"name":"ImportedModules","value":"@aegis-scan/scanners,getAllScanners,@aegis-scan/scanners/getAllScanners"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@aegis-scan/scanners/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@aegis-scan/scanners/package.json"}],"occurrences":[{"location":"dist/handlers.js#2"},{"location":"src/handlers.ts#2"}]},"tags":["framework","security"]},{"authors":[{"name":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>"}],"group":"@aegis-scan","name":"core","version":"0.17.0","description":"AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40aegis-scan/core@0.17.0","externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}],"type":"library","bom-ref":"pkg:npm/@aegis-scan/core@0.17.0","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@aegis-scan/core/package.json"},{"name":"ImportedModules","value":"@aegis-scan/core,loadConfig,@aegis-scan/core/loadConfig,Orchestrator,@aegis-scan/core/Orchestrator,AuditResult,@aegis-scan/core/AuditResult,Finding,@aegis-scan/core/Finding,ScanCategory,@aegis-scan/core/ScanCategory"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@aegis-scan/core/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@aegis-scan/core/package.json"}],"occurrences":[{"location":"dist/handlers.js#1"},{"location":"src/handlers.ts#1"},{"location":"src/handlers.ts#3"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/mcp-server@0.17.0"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-04-27T21:47:10Z","text":"This Software Bill-of-Materials (SBOM) document was created on Monday, April 27, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'mcp-server' with version '0.17.0'. The package type in this SBOM is npm with 3 purl namespaces described under components. The components were identified from 7 source files."}]}
+{"bomFormat":"CycloneDX","specVersion":"1.6","serialNumber":"urn:uuid:a5c2796f-e445-42d6-8d53-d136b41faec6","version":1,"metadata":{"timestamp":"2026-05-07T19:25:31Z","tools":{"components":[{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}]},"authors":[{"name":"OWASP Foundation"}],"lifecycles":[{"phase":"build"}],"component":{"name":"mcp-server","group":"@aegis-scan","version":"0.18.5","description":"AEGIS MCP server — exposes scan / findings / score / compliance / fix-suggestion tools to any Model Context Protocol agent (Claude Code, Cursor, Continue, Zed). Five registered tools: aegis_scan, aegis_findings, aegis_score, aegis_compliance, aegis_fix_suggestion.","purl":"pkg:npm/%40aegis-scan/mcp-server@0.18.5","bom-ref":"pkg:npm/@aegis-scan/mcp-server@0.18.5","author":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>","type":"application","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}]},"properties":[{"name":"cdx:bom:componentTypes","value":"npm"},{"name":"cdx:bom:componentNamespaces","value":"@aegis-scan\\n@modelcontextprotocol\\n@types"},{"name":"cdx:bom:componentSrcFiles","value":"packages/mcp-server/node_modules/@aegis-scan/core/package.json\\npackages/mcp-server/node_modules/@aegis-scan/scanners/package.json\\npackages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json\\npackages/mcp-server/node_modules/@types/node/package.json\\npackages/mcp-server/node_modules/typescript/package.json\\npackages/mcp-server/node_modules/vitest/package.json\\npackages/mcp-server/node_modules/zod/package.json"}]},"components":[{"authors":[{"name":"Colin McDonnell <zod@colinhacks.com>"}],"group":"","name":"zod","version":"3.25.76","description":"TypeScript-first schema declaration and validation library with static type inference","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/zod@3.25.76","externalReferences":[{"type":"website","url":"https://zod.dev"},{"type":"vcs","url":"git+https://github.com/colinhacks/zod.git"}],"type":"library","bom-ref":"pkg:npm/zod@3.25.76","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/zod/package.json"},{"name":"ImportedModules","value":"zod,zod/z"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/zod/package.json"}],"concludedValue":"packages/mcp-server/node_modules/zod/package.json"}],"occurrences":[{"location":"dist/index.js#7"},{"location":"src/index.ts#7"}]},"tags":["validation"]},{"authors":[{"name":"Anthony Fu <anthonyfu117@hotmail.com>"}],"group":"","name":"vitest","version":"3.2.4","description":"Next generation testing framework powered by Vite","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/vitest@3.2.4","externalReferences":[{"type":"vcs","url":"https://github.com/vitest-dev/vitest#readme"},{"type":"vcs","url":"git+https://github.com/vitest-dev/vitest.git"}],"type":"framework","bom-ref":"pkg:npm/vitest@3.2.4","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/vitest/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/vitest/package.json"}],"concludedValue":"packages/mcp-server/node_modules/vitest/package.json"}]},"tags":["framework"]},{"authors":[{"name":"Microsoft Corp."}],"group":"","name":"typescript","version":"5.9.3","description":"TypeScript is a language for application scale JavaScript development","scope":"optional","licenses":[{"license":{"id":"Apache-2.0","url":"https://opensource.org/licenses/Apache-2.0"}}],"purl":"pkg:npm/typescript@5.9.3","externalReferences":[{"type":"website","url":"https://www.typescriptlang.org/"},{"type":"vcs","url":"https://github.com/microsoft/TypeScript.git"}],"type":"library","bom-ref":"pkg:npm/typescript@5.9.3","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/typescript/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/typescript/package.json"}],"concludedValue":"packages/mcp-server/node_modules/typescript/package.json"}]}},{"group":"@types","name":"node","version":"22.19.17","description":"TypeScript definitions for node","scope":"optional","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40types/node@22.19.17","externalReferences":[{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node"},{"type":"vcs","url":"https://github.com/DefinitelyTyped/DefinitelyTyped.git"}],"type":"library","bom-ref":"pkg:npm/@types/node@22.19.17","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@types/node/package.json"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@types/node/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@types/node/package.json"}]}},{"authors":[{"name":"Anthropic"},{"name":" PBC (https://anthropic.com)"}],"group":"@modelcontextprotocol","name":"sdk","version":"1.29.0","description":"Model Context Protocol implementation for TypeScript","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40modelcontextprotocol/sdk@1.29.0","externalReferences":[{"type":"website","url":"https://modelcontextprotocol.io"},{"type":"vcs","url":"git+https://github.com/modelcontextprotocol/typescript-sdk.git"}],"type":"library","bom-ref":"pkg:npm/@modelcontextprotocol/sdk@1.29.0","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json"},{"name":"ImportedModules","value":"@modelcontextprotocol/sdk/server/mcp.js,McpServer,@modelcontextprotocol/sdk/server/mcp.js/McpServer,@modelcontextprotocol/sdk/server/stdio.js,StdioServerTransport,@modelcontextprotocol/sdk/server/stdio.js/StdioServerTransport"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@modelcontextprotocol/sdk/package.json"}],"occurrences":[{"location":"dist/index.js#5"},{"location":"src/index.ts#5"},{"location":"dist/index.js#6"},{"location":"src/index.ts#6"}]}},{"authors":[{"name":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>"}],"group":"@aegis-scan","name":"scanners","version":"0.18.5","description":"AEGIS scanner registry — 41 built-in regex checkers + 1 AST cross-file taint analyzer + 20 external-tool wrappers (16 SAST/DAST: Semgrep, Gitleaks, Trivy, ZAP, …; +1 passive subdomain-recon: Subfinder; +3 LLM-agent pentest: Strix, PTAI, Pentest-Swarm-AI — pentest-mode-only). Framework-specific security rules for Next.js + Supabase: multi-tenant isolation, RLS bypass, Zod enforcement, RSC data leaks, and more.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40aegis-scan/scanners@0.18.5","externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}],"type":"framework","bom-ref":"pkg:npm/@aegis-scan/scanners@0.18.5","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@aegis-scan/scanners/package.json"},{"name":"ImportedModules","value":"@aegis-scan/scanners,getAllScanners,@aegis-scan/scanners/getAllScanners"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@aegis-scan/scanners/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@aegis-scan/scanners/package.json"}],"occurrences":[{"location":"dist/handlers.js#2"},{"location":"src/handlers.ts#2"}]},"tags":["framework","security"]},{"authors":[{"name":"RideMatch1 <230386010+RideMatch1@users.noreply.github.com>"}],"group":"@aegis-scan","name":"core","version":"0.18.5","description":"AEGIS core engine — orchestrator, scoring (0-1000), config loader with Zod-strict schema, suppression filter, shared types + utilities. The foundation of the AEGIS security-scanner suite for Next.js + Supabase.","scope":"required","licenses":[{"license":{"id":"MIT","url":"https://opensource.org/licenses/MIT"}}],"purl":"pkg:npm/%40aegis-scan/core@0.18.5","externalReferences":[{"type":"vcs","url":"https://github.com/RideMatch1/a.e.g.i.s#readme"},{"type":"vcs","url":"git+https://github.com/RideMatch1/a.e.g.i.s.git"}],"type":"library","bom-ref":"pkg:npm/@aegis-scan/core@0.18.5","properties":[{"name":"SrcFile","value":"packages/mcp-server/node_modules/@aegis-scan/core/package.json"},{"name":"ImportedModules","value":"@aegis-scan/core,loadConfig,@aegis-scan/core/loadConfig,Orchestrator,@aegis-scan/core/Orchestrator,AuditResult,@aegis-scan/core/AuditResult,Finding,@aegis-scan/core/Finding"}],"evidence":{"identity":[{"field":"purl","confidence":0.7,"methods":[{"technique":"manifest-analysis","confidence":0.7,"value":"packages/mcp-server/node_modules/@aegis-scan/core/package.json"}],"concludedValue":"packages/mcp-server/node_modules/@aegis-scan/core/package.json"}],"occurrences":[{"location":"dist/handlers.js#1"},{"location":"src/handlers.ts#1"},{"location":"src/handlers.ts#3"}]}}],"dependencies":[],"annotations":[{"bom-ref":"metadata-annotations","subjects":["pkg:npm/@aegis-scan/mcp-server@0.18.5"],"annotator":{"component":{"group":"@cyclonedx","name":"cdxgen","version":"12.1.4","purl":"pkg:npm/%40cyclonedx/cdxgen@12.1.4","type":"application","bom-ref":"pkg:npm/@cyclonedx/cdxgen@12.1.4","publisher":"OWASP Foundation","authors":[{"name":"OWASP Foundation"}]}},"timestamp":"2026-05-07T19:25:31Z","text":"This Software Bill-of-Materials (SBOM) document was created on Thursday, May 7, 2026 with cdxgen. The data was captured during the build lifecycle phase. The document describes an application named 'mcp-server' with version '0.18.5'. The package type in this SBOM is npm with 3 purl namespaces described under components. The components were identified from 7 source files."}]}