@aion0/bastion 0.1.12 → 0.1.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +27 -3
- package/README.zh.md +26 -3
- package/dist/cli/commands/plugins.d.ts +3 -0
- package/dist/cli/commands/plugins.d.ts.map +1 -0
- package/dist/cli/commands/plugins.js +201 -0
- package/dist/cli/commands/plugins.js.map +1 -0
- package/dist/cli/commands/start.d.ts.map +1 -1
- package/dist/cli/commands/start.js +0 -18
- package/dist/cli/commands/start.js.map +1 -1
- package/dist/cli/index.js +2 -2
- package/dist/cli/index.js.map +1 -1
- package/dist/config/paths.d.ts +0 -1
- package/dist/config/paths.d.ts.map +1 -1
- package/dist/config/paths.js +0 -1
- package/dist/config/paths.js.map +1 -1
- package/dist/config/schema.d.ts +28 -0
- package/dist/config/schema.d.ts.map +1 -1
- package/dist/core/bootstrap.d.ts.map +1 -1
- package/dist/core/bootstrap.js +5 -0
- package/dist/core/bootstrap.js.map +1 -1
- package/dist/dashboard/api-routes.d.ts.map +1 -1
- package/dist/dashboard/api-routes.js +91 -50
- package/dist/dashboard/api-routes.js.map +1 -1
- package/dist/dashboard/page.d.ts.map +1 -1
- package/dist/dashboard/page.js +122 -67
- package/dist/dashboard/page.js.map +1 -1
- package/dist/dlp/ai-validator.d.ts.map +1 -1
- package/dist/dlp/ai-validator.js +11 -13
- package/dist/dlp/ai-validator.js.map +1 -1
- package/dist/dlp/heuristic-validator.d.ts +24 -0
- package/dist/dlp/heuristic-validator.d.ts.map +1 -0
- package/dist/dlp/heuristic-validator.js +97 -0
- package/dist/dlp/heuristic-validator.js.map +1 -0
- package/dist/plugins/builtin/dlp-scanner.d.ts.map +1 -1
- package/dist/plugins/builtin/dlp-scanner.js +3 -0
- package/dist/plugins/builtin/dlp-scanner.js.map +1 -1
- package/dist/plugins/builtin/threat-scorer.d.ts +6 -0
- package/dist/plugins/builtin/threat-scorer.d.ts.map +1 -0
- package/dist/plugins/builtin/threat-scorer.js +266 -0
- package/dist/plugins/builtin/threat-scorer.js.map +1 -0
- package/dist/plugins/builtin/tool-guard.d.ts.map +1 -1
- package/dist/plugins/builtin/tool-guard.js +14 -43
- package/dist/plugins/builtin/tool-guard.js.map +1 -1
- package/dist/plugins/types.d.ts +3 -0
- package/dist/plugins/types.d.ts.map +1 -1
- package/dist/storage/migrations.d.ts.map +1 -1
- package/dist/storage/migrations.js +43 -0
- package/dist/storage/migrations.js.map +1 -1
- package/dist/storage/repositories/taint-marks.d.ts +26 -0
- package/dist/storage/repositories/taint-marks.d.ts.map +1 -0
- package/dist/storage/repositories/taint-marks.js +27 -0
- package/dist/storage/repositories/taint-marks.js.map +1 -0
- package/dist/storage/repositories/threat-score-events.d.ts +27 -0
- package/dist/storage/repositories/threat-score-events.d.ts.map +1 -0
- package/dist/storage/repositories/threat-score-events.js +24 -0
- package/dist/storage/repositories/threat-score-events.js.map +1 -0
- package/dist/storage/repositories/threat-scores.d.ts +26 -0
- package/dist/storage/repositories/threat-scores.d.ts.map +1 -0
- package/dist/storage/repositories/threat-scores.js +42 -0
- package/dist/storage/repositories/threat-scores.js.map +1 -0
- package/dist/storage/repositories/tool-chain-detections.d.ts +24 -0
- package/dist/storage/repositories/tool-chain-detections.d.ts.map +1 -0
- package/dist/storage/repositories/tool-chain-detections.js +27 -0
- package/dist/storage/repositories/tool-chain-detections.js.map +1 -0
- package/dist/tool-guard/chain-detector.d.ts +18 -0
- package/dist/tool-guard/chain-detector.d.ts.map +1 -0
- package/dist/tool-guard/chain-detector.js +55 -0
- package/dist/tool-guard/chain-detector.js.map +1 -0
- package/dist/tool-guard/chain-rules.d.ts +10 -0
- package/dist/tool-guard/chain-rules.d.ts.map +1 -0
- package/dist/tool-guard/chain-rules.js +30 -0
- package/dist/tool-guard/chain-rules.js.map +1 -0
- package/dist/tool-guard/taint-tracker.d.ts +24 -0
- package/dist/tool-guard/taint-tracker.d.ts.map +1 -0
- package/dist/tool-guard/taint-tracker.js +70 -0
- package/dist/tool-guard/taint-tracker.js.map +1 -0
- package/package.json +1 -1
- package/dist/cli/commands/pro.d.ts +0 -3
- package/dist/cli/commands/pro.d.ts.map +0 -1
- package/dist/cli/commands/pro.js +0 -261
- package/dist/cli/commands/pro.js.map +0 -1
- package/dist/license/pro-license.d.ts +0 -11
- package/dist/license/pro-license.d.ts.map +0 -1
- package/dist/license/pro-license.js +0 -88
- package/dist/license/pro-license.js.map +0 -1
- package/dist/license/verify.d.ts +0 -18
- package/dist/license/verify.d.ts.map +0 -1
- package/dist/license/verify.js +0 -71
- package/dist/license/verify.js.map +0 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"page.js","sourceRoot":"","sources":["../../src/dashboard/page.ts"],"names":[],"mappings":";;
|
|
1
|
+
{"version":3,"file":"page.js","sourceRoot":"","sources":["../../src/dashboard/page.ts"],"names":[],"mappings":";;AAqpDA,wCAOC;AA1pDD,qEAAqE;AACrE,MAAM,IAAI,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;QAuGL,CAAC;AAET,qEAAqE;AACrE,MAAM,QAAQ,GAAG;;;;;;;;;;;;;;OAcV,CAAC;AAER,qEAAqE;AACrE,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;OAoBf,CAAC;AAER,qEAAqE;AACrE,MAAM,QAAQ,GAAG;;;;;;;;;;;;;;;;OAgBV,CAAC;AAER,qEAAqE;AACrE,MAAM,UAAU,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAkCZ,CAAC;AAER,qEAAqE;AACrE,MAAM,QAAQ,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OA8DV,CAAC;AAER,qEAAqE;AACrE,MAAM,aAAa,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;OAqMf,CAAC;AAER,qEAAqE;AACrE,MAAM,MAAM,GAAG,iFAAiF,CAAC;AAEjG,qEAAqE;AACrE,MAAM,MAAM,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;UAsrCL,CAAC;AAEX,MAAM,IAAI,GAAG,IAAI,GAAG,+BAA+B;IACjD,QAAQ,GAAG,aAAa,GAAG,QAAQ,GAAG,UAAU,GAAG,QAAQ,GAAG,aAAa,GAAG,MAAM;IACpF,QAAQ,GAAG,MAAM,GAAG,gBAAgB,CAAC;AAEvC,SAAgB,cAAc,CAAC,GAAmB;IAChD,GAAG,CAAC,SAAS,CAAC,GAAG,EAAE;QACjB,cAAc,EAAE,0BAA0B;QAC1C,eAAe,EAAE,qCAAqC;QACtD,QAAQ,EAAE,UAAU;KACrB,CAAC,CAAC;IACH,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ai-validator.d.ts","sourceRoot":"","sources":["../../src/dlp/ai-validator.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;
|
|
1
|
+
{"version":3,"file":"ai-validator.d.ts","sourceRoot":"","sources":["../../src/dlp/ai-validator.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAO/C,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,WAAW,GAAG,QAAQ,GAAG,OAAO,CAAC;IAC3C,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,kGAAkG;IAClG,gBAAgB,CAAC,EAAE,MAAM,OAAO,wBAAwB,EAAE,kBAAkB,GAAG,SAAS,CAAC;CAC1F;AA2CD,qBAAa,WAAW;IACtB,OAAO,CAAC,MAAM,CAAoB;IAClC,OAAO,CAAC,KAAK,CAAW;gBAEZ,MAAM,EAAE,iBAAiB;IAKrC,6EAA6E;IAC7E,IAAI,KAAK,IAAI,OAAO,CAMnB;IAED,qDAAqD;IACrD,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,iBAAiB,CAAC,GAAG,IAAI;IAItD;;;OAGG;IACG,QAAQ,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;YAgD7D,OAAO;YAiBP,SAAS;IAUvB,OAAO,CAAC,aAAa;IAuBrB,OAAO,CAAC,UAAU;IAyBlB,OAAO,CAAC,QAAQ;CAgCjB"}
|
package/dist/dlp/ai-validator.js
CHANGED
|
@@ -6,6 +6,7 @@ Object.defineProperty(exports, "__esModule", { value: true });
|
|
|
6
6
|
exports.AiValidator = void 0;
|
|
7
7
|
const node_https_1 = __importDefault(require("node:https"));
|
|
8
8
|
const logger_js_1 = require("../utils/logger.js");
|
|
9
|
+
const heuristic_validator_js_1 = require("./heuristic-validator.js");
|
|
9
10
|
const log = (0, logger_js_1.createLogger)('ai-validator');
|
|
10
11
|
const SNIPPET_RADIUS = 200;
|
|
11
12
|
// ── Simple LRU cache ──
|
|
@@ -49,7 +50,7 @@ class AiValidator {
|
|
|
49
50
|
if (!this.config.enabled)
|
|
50
51
|
return false;
|
|
51
52
|
if (this.config.provider === 'local') {
|
|
52
|
-
return
|
|
53
|
+
return true; // heuristic validator is always available
|
|
53
54
|
}
|
|
54
55
|
return this.config.apiKey.length > 0;
|
|
55
56
|
}
|
|
@@ -107,7 +108,7 @@ class AiValidator {
|
|
|
107
108
|
}
|
|
108
109
|
async callLLM(finding, matchText, context) {
|
|
109
110
|
if (this.config.provider === 'local') {
|
|
110
|
-
return this.callLocal(context);
|
|
111
|
+
return this.callLocal(finding, matchText, context);
|
|
111
112
|
}
|
|
112
113
|
const prompt = buildPrompt(finding, matchText, context);
|
|
113
114
|
if (this.config.provider === 'anthropic') {
|
|
@@ -115,17 +116,14 @@ class AiValidator {
|
|
|
115
116
|
}
|
|
116
117
|
return this.callOpenAI(prompt);
|
|
117
118
|
}
|
|
118
|
-
async callLocal(context) {
|
|
119
|
-
const
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
return { verdict: 'false_positive', reason: `Local ML: ${result.label} (score: ${result.score.toFixed(3)})` };
|
|
127
|
-
}
|
|
128
|
-
return { verdict: 'sensitive', reason: `Local ML: ${result.label} (score: ${result.score.toFixed(3)})` };
|
|
119
|
+
async callLocal(finding, matchText, context) {
|
|
120
|
+
const verdict = (0, heuristic_validator_js_1.heuristicValidate)({
|
|
121
|
+
matchText,
|
|
122
|
+
surrounding: context,
|
|
123
|
+
patternName: finding.patternName,
|
|
124
|
+
patternCategory: finding.patternCategory,
|
|
125
|
+
});
|
|
126
|
+
return { verdict: verdict.verdict, reason: verdict.reason };
|
|
129
127
|
}
|
|
130
128
|
callAnthropic(prompt) {
|
|
131
129
|
const body = JSON.stringify({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ai-validator.js","sourceRoot":"","sources":["../../src/dlp/ai-validator.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,kDAAkD;
|
|
1
|
+
{"version":3,"file":"ai-validator.js","sourceRoot":"","sources":["../../src/dlp/ai-validator.ts"],"names":[],"mappings":";;;;;;AAAA,4DAA+B;AAC/B,kDAAkD;AAElD,qEAA6D;AAE7D,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,cAAc,CAAC,CAAC;AAEzC,MAAM,cAAc,GAAG,GAAG,CAAC;AAkB3B,yBAAyB;AAEzB,MAAM,QAAQ;IACJ,KAAK,GAAG,IAAI,GAAG,EAAsB,CAAC;IACtC,OAAO,CAAS;IAExB,YAAY,OAAe;QACzB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED,GAAG,CAAC,GAAW;QACb,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAClC,IAAI,KAAK,KAAK,SAAS,EAAE,CAAC;YACxB,mCAAmC;YACnC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;YACvB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC7B,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,GAAG,CAAC,GAAW,EAAE,KAAiB;QAChC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACvB,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;QAC3B,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAM,CAAC;YACjD,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;IACzB,CAAC;CACF;AAED,qBAAqB;AAErB,MAAa,WAAW;IACd,MAAM,CAAoB;IAC1B,KAAK,CAAW;IAExB,YAAY,MAAyB;QACnC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,KAAK,GAAG,IAAI,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;IAC9C,CAAC;IAED,6EAA6E;IAC7E,IAAI,KAAK;QACP,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO;YAAE,OAAO,KAAK,CAAC;QACvC,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,CAAC,0CAA0C;QACzD,CAAC;QACD,OAAO,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC;IACvC,CAAC;IAED,qDAAqD;IACrD,YAAY,CAAC,MAAkC;QAC7C,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAsB,EAAE,IAAY;QACjD,IAAI,CAAC,IAAI,CAAC,KAAK,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,QAAQ,CAAC;QAE1D,MAAM,SAAS,GAAiB,EAAE,CAAC;QAEnC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5C,MAAM,QAAQ,GAAG,GAAG,OAAO,CAAC,WAAW,IAAI,UAAU,EAAE,CAAC;YAExD,oBAAoB;YACpB,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACxC,IAAI,MAAM,EAAE,CAAC;gBACX,IAAI,MAAM,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;oBACnC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,KAAK,CAAC,0BAA0B,EAAE,EAAE,OAAO,EAAE,OAAO,CAAC,WAAW,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;gBACjG,CAAC;gBACD,SAAS;YACX,CAAC;YAED,8BAA8B;YAC9B,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,cAAc,CAAC,CAAC;YAEjE,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;gBAChE,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;gBAEjC,IAAI,MAAM,CAAC,OAAO,KAAK,WAAW,EAAE,CAAC;oBACnC,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAC1B,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,IAAI,CAAC,uCAAuC,EAAE;wBAChD,OAAO,EAAE,OAAO,CAAC,WAAW;wBAC5B,MAAM,EAAE,MAAM,CAAC,MAAM;qBACtB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,sDAAsD;gBACtD,GAAG,CAAC,IAAI,CAAC,6CAA6C,EAAE;oBACtD,OAAO,EAAE,OAAO,CAAC,WAAW;oBAC5B,KAAK,EAAG,GAAa,CAAC,OAAO;iBAC9B,CAAC,CAAC;gBACH,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1B,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAEO,KAAK,CAAC,OAAO,CACnB,OAAmB,EACnB,SAAiB,EACjB,OAAe;QAEf,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACrC,OAAO,IAAI,CAAC,SAAS,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACrD,CAAC;QAED,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QAExD,IAAI,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,WAAW,EAAE,CAAC;YACzC,OAAO,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACpC,CAAC;QACD,OAAO,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;IACjC,CAAC;IAEO,KAAK,CAAC,SAAS,CAAC,OAAmB,EAAE,SAAiB,EAAE,OAAe;QAC7E,MAAM,OAAO,GAAG,IAAA,0CAAiB,EAAC;YAChC,SAAS;YACT,WAAW,EAAE,OAAO;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,eAAe,EAAE,OAAO,CAAC,eAAe;SACzC,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC;IAC9D,CAAC;IAEO,aAAa,CAAC,MAAc;QAClC,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;YAC1B,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,UAAU,EAAE,GAAG;YACf,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;SAC9C,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,QAAQ,CAClB,mBAAmB,EACnB,cAAc,EACd;YACE,cAAc,EAAE,kBAAkB;YAClC,WAAW,EAAE,IAAI,CAAC,MAAM,CAAC,MAAM;YAC/B,mBAAmB,EAAE,YAAY;SAClC,EACD,IAAI,CACL,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,EAAE,CAAC;YAC1C,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,UAAU,CAAC,MAAc;QAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,SAAS,CAAC;YAC1B,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK;YACxB,UAAU,EAAE,GAAG;YACf,QAAQ,EAAE;gBACR,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,kFAAkF,EAAE;gBAC/G,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE;aAClC;SACF,CAAC,CAAC;QAEH,OAAO,IAAI,CAAC,QAAQ,CAClB,gBAAgB,EAChB,sBAAsB,EACtB;YACE,cAAc,EAAE,kBAAkB;YAClC,eAAe,EAAE,UAAU,IAAI,CAAC,MAAM,CAAC,MAAM,EAAE;SAChD,EACD,IAAI,CACL,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE;YACb,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC;YACtD,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;IACL,CAAC;IAEO,QAAQ,CACd,QAAgB,EAChB,IAAY,EACZ,OAA+B,EAC/B,IAAY;QAEZ,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACrC,MAAM,GAAG,GAAG,oBAAK,CAAC,OAAO,CACvB,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,EAAE,GAAG,OAAO,EAAE,gBAAgB,EAAE,MAAM,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,QAAQ,EAAE,EAAE,EAAE,EACjH,CAAC,GAAG,EAAE,EAAE;gBACN,MAAM,MAAM,GAAa,EAAE,CAAC;gBAC5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;gBACtD,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;oBACjB,MAAM,MAAM,GAAG,GAAG,CAAC,UAAU,IAAI,CAAC,CAAC;oBACnC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;oBACvD,IAAI,MAAM,IAAI,GAAG,IAAI,MAAM,GAAG,GAAG,EAAE,CAAC;wBAClC,OAAO,CAAC,MAAM,CAAC,CAAC;oBAClB,CAAC;yBAAM,CAAC;wBACN,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,MAAM,KAAK,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC;oBAC/D,CAAC;gBACH,CAAC,CAAC,CAAC;YACL,CAAC,CACF,CAAC;YAEF,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,EAAE;gBACzC,GAAG,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,4BAA4B,IAAI,CAAC,MAAM,CAAC,SAAS,KAAK,CAAC,CAAC,CAAC;YACjF,CAAC,CAAC,CAAC;YAEH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;YACxB,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAtLD,kCAsLC;AAED,gBAAgB;AAEhB,SAAS,cAAc,CAAC,IAAY,EAAE,KAAa,EAAE,MAAc;IACjE,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7B,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,MAAM,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,KAAK,CAAC,MAAM,GAAG,MAAM,CAAC,CAAC;IAC/D,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,WAAW,CAAC,OAAmB,EAAE,SAAiB,EAAE,OAAe;IAC1E,qEAAqE;IACrE,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,GAAG,CAAC;QACjC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC,CAAC,SAAS,CAAC;IAEd,OAAO;;WAEE,OAAO,CAAC,WAAW,KAAK,OAAO,CAAC,eAAe;mCACvB,MAAM;;;EAGvC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;;;;qFAI8D,CAAC;AACtF,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,wCAAwC;IACxC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAC1C,IAAI,SAAS,EAAE,CAAC;QACd,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;YACxC,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,KAAK,gBAAgB,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC;YACrF,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC,CAAC,kBAAkB,CAAC,CAAC;IAChC,CAAC;IAED,8BAA8B;IAC9B,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,IAAI,KAAK,CAAC,QAAQ,CAAC,gBAAgB,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACzE,OAAO,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;IACnE,CAAC;IACD,4CAA4C;IAC5C,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;AAC9D,CAAC"}
|
|
@@ -0,0 +1,24 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Heuristic DLP Validator
|
|
3
|
+
*
|
|
4
|
+
* Local false-positive filter for DLP regex matches.
|
|
5
|
+
* Detects placeholder values, test keys, low-entropy strings, and documentation patterns.
|
|
6
|
+
* Zero external dependencies — replaces the incorrect PI-classifier-based local validation.
|
|
7
|
+
*/
|
|
8
|
+
export interface HeuristicContext {
|
|
9
|
+
/** The text matched by the DLP regex */
|
|
10
|
+
matchText: string;
|
|
11
|
+
/** Surrounding context around the match */
|
|
12
|
+
surrounding: string;
|
|
13
|
+
/** DLP pattern name (e.g. 'aws-access-key') */
|
|
14
|
+
patternName: string;
|
|
15
|
+
/** DLP pattern category (e.g. 'high-confidence') */
|
|
16
|
+
patternCategory: string;
|
|
17
|
+
}
|
|
18
|
+
export interface HeuristicVerdict {
|
|
19
|
+
verdict: 'sensitive' | 'false_positive';
|
|
20
|
+
reason: string;
|
|
21
|
+
confidence: number;
|
|
22
|
+
}
|
|
23
|
+
export declare function heuristicValidate(ctx: HeuristicContext): HeuristicVerdict;
|
|
24
|
+
//# sourceMappingURL=heuristic-validator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"heuristic-validator.d.ts","sourceRoot":"","sources":["../../src/dlp/heuristic-validator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAIH,MAAM,WAAW,gBAAgB;IAC/B,wCAAwC;IACxC,SAAS,EAAE,MAAM,CAAC;IAClB,2CAA2C;IAC3C,WAAW,EAAE,MAAM,CAAC;IACpB,+CAA+C;IAC/C,WAAW,EAAE,MAAM,CAAC;IACpB,oDAAoD;IACpD,eAAe,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,WAAW,GAAG,gBAAgB,CAAC;IACxC,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;CACpB;AA2BD,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,gBAAgB,GAAG,gBAAgB,CAyDzE"}
|
|
@@ -0,0 +1,97 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* Heuristic DLP Validator
|
|
4
|
+
*
|
|
5
|
+
* Local false-positive filter for DLP regex matches.
|
|
6
|
+
* Detects placeholder values, test keys, low-entropy strings, and documentation patterns.
|
|
7
|
+
* Zero external dependencies — replaces the incorrect PI-classifier-based local validation.
|
|
8
|
+
*/
|
|
9
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
10
|
+
exports.heuristicValidate = heuristicValidate;
|
|
11
|
+
const entropy_js_1 = require("./entropy.js");
|
|
12
|
+
// ── Known test values (per provider) ──
|
|
13
|
+
const KNOWN_TEST_VALUES = new Set([
|
|
14
|
+
'AKIAIOSFODNN7EXAMPLE',
|
|
15
|
+
'wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY',
|
|
16
|
+
]);
|
|
17
|
+
const KNOWN_TEST_PREFIXES = [
|
|
18
|
+
'sk_test_',
|
|
19
|
+
'pk_test_',
|
|
20
|
+
'rk_test_',
|
|
21
|
+
];
|
|
22
|
+
// ── Placeholder patterns ──
|
|
23
|
+
const PLACEHOLDER_KEYWORDS_RE = /\b(example|test|sample|demo|dummy|placeholder|mock|fake|todo|fixme)\b/i;
|
|
24
|
+
const PLACEHOLDER_TEMPLATE_RE = /YOUR_|your_|<YOUR|<your|\[YOUR|\[your|xxx{3,}|XXX{3,}|changeme|change_me|CHANGE_ME|insert.?here|replace.?this/i;
|
|
25
|
+
// ── Documentation markers ──
|
|
26
|
+
const DOC_MARKER_RE = /\b(e\.g\.|for example|such as|like this|format is|looks like|example:|sample:|returns?:)/i;
|
|
27
|
+
// ── Core heuristic function ──
|
|
28
|
+
function heuristicValidate(ctx) {
|
|
29
|
+
const { matchText, surrounding } = ctx;
|
|
30
|
+
// Rule 1: Known test values (exact match)
|
|
31
|
+
if (KNOWN_TEST_VALUES.has(matchText)) {
|
|
32
|
+
return fp('Known test/example value', 0.99);
|
|
33
|
+
}
|
|
34
|
+
// Rule 2: Known test prefixes
|
|
35
|
+
for (const prefix of KNOWN_TEST_PREFIXES) {
|
|
36
|
+
if (matchText.startsWith(prefix)) {
|
|
37
|
+
return fp(`Known test prefix: ${prefix}*`, 0.95);
|
|
38
|
+
}
|
|
39
|
+
}
|
|
40
|
+
// Rule 3: Placeholder template in match text
|
|
41
|
+
if (PLACEHOLDER_TEMPLATE_RE.test(matchText)) {
|
|
42
|
+
return fp('Placeholder template in match value', 0.95);
|
|
43
|
+
}
|
|
44
|
+
// Rule 4: Repeated characters (>80% same char)
|
|
45
|
+
if (matchText.length >= 8 && isRepeatedChars(matchText, 0.8)) {
|
|
46
|
+
return fp('Repeated characters', 0.9);
|
|
47
|
+
}
|
|
48
|
+
// Rule 5: Sequential characters (abcdef..., 123456...)
|
|
49
|
+
if (matchText.length >= 8 && isSequentialChars(matchText)) {
|
|
50
|
+
return fp('Sequential characters', 0.9);
|
|
51
|
+
}
|
|
52
|
+
// Rule 6: Placeholder keywords in surrounding context
|
|
53
|
+
if (PLACEHOLDER_KEYWORDS_RE.test(surrounding)) {
|
|
54
|
+
return fp('Placeholder keyword in context', 0.8);
|
|
55
|
+
}
|
|
56
|
+
// Rule 7: Documentation markers in surrounding context
|
|
57
|
+
if (DOC_MARKER_RE.test(surrounding)) {
|
|
58
|
+
return fp('Documentation marker in context', 0.75);
|
|
59
|
+
}
|
|
60
|
+
// Rule 8: Entropy-based checks (only for values long enough)
|
|
61
|
+
if (matchText.length >= 8) {
|
|
62
|
+
const entropy = (0, entropy_js_1.shannonEntropy)(matchText);
|
|
63
|
+
// Low entropy → likely not a real secret
|
|
64
|
+
if (entropy < 2.0) {
|
|
65
|
+
return fp(`Low entropy (${entropy.toFixed(2)})`, 0.85);
|
|
66
|
+
}
|
|
67
|
+
// High entropy + no false-positive indicators → likely real
|
|
68
|
+
if (entropy > 4.0) {
|
|
69
|
+
return { verdict: 'sensitive', reason: `High entropy (${entropy.toFixed(2)}), no false-positive indicators`, confidence: 0.8 };
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
// Default: treat as sensitive (fail-closed)
|
|
73
|
+
return { verdict: 'sensitive', reason: 'No false-positive indicators detected', confidence: 0.6 };
|
|
74
|
+
}
|
|
75
|
+
// ── Helpers ──
|
|
76
|
+
function fp(reason, confidence) {
|
|
77
|
+
return { verdict: 'false_positive', reason, confidence };
|
|
78
|
+
}
|
|
79
|
+
function isRepeatedChars(s, threshold) {
|
|
80
|
+
const freq = new Map();
|
|
81
|
+
for (const ch of s) {
|
|
82
|
+
freq.set(ch, (freq.get(ch) ?? 0) + 1);
|
|
83
|
+
}
|
|
84
|
+
const maxFreq = Math.max(...freq.values());
|
|
85
|
+
return maxFreq / s.length > threshold;
|
|
86
|
+
}
|
|
87
|
+
function isSequentialChars(s) {
|
|
88
|
+
// Check if >=60% of adjacent chars are sequential (code point diff = +-1)
|
|
89
|
+
let sequential = 0;
|
|
90
|
+
for (let i = 1; i < s.length; i++) {
|
|
91
|
+
const diff = s.charCodeAt(i) - s.charCodeAt(i - 1);
|
|
92
|
+
if (diff === 1 || diff === -1)
|
|
93
|
+
sequential++;
|
|
94
|
+
}
|
|
95
|
+
return sequential / (s.length - 1) >= 0.6;
|
|
96
|
+
}
|
|
97
|
+
//# sourceMappingURL=heuristic-validator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"heuristic-validator.js","sourceRoot":"","sources":["../../src/dlp/heuristic-validator.ts"],"names":[],"mappings":";AAAA;;;;;;GAMG;;AA8CH,8CAyDC;AArGD,6CAA8C;AAmB9C,yCAAyC;AAEzC,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,sBAAsB;IACtB,0CAA0C;CAC3C,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG;IAC1B,UAAU;IACV,UAAU;IACV,UAAU;CACX,CAAC;AAEF,6BAA6B;AAE7B,MAAM,uBAAuB,GAAG,wEAAwE,CAAC;AAEzG,MAAM,uBAAuB,GAAG,gHAAgH,CAAC;AAEjJ,8BAA8B;AAE9B,MAAM,aAAa,GAAG,2FAA2F,CAAC;AAElH,gCAAgC;AAEhC,SAAgB,iBAAiB,CAAC,GAAqB;IACrD,MAAM,EAAE,SAAS,EAAE,WAAW,EAAE,GAAG,GAAG,CAAC;IAEvC,0CAA0C;IAC1C,IAAI,iBAAiB,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;QACrC,OAAO,EAAE,CAAC,0BAA0B,EAAE,IAAI,CAAC,CAAC;IAC9C,CAAC;IAED,8BAA8B;IAC9B,KAAK,MAAM,MAAM,IAAI,mBAAmB,EAAE,CAAC;QACzC,IAAI,SAAS,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;YACjC,OAAO,EAAE,CAAC,sBAAsB,MAAM,GAAG,EAAE,IAAI,CAAC,CAAC;QACnD,CAAC;IACH,CAAC;IAED,6CAA6C;IAC7C,IAAI,uBAAuB,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAC5C,OAAO,EAAE,CAAC,qCAAqC,EAAE,IAAI,CAAC,CAAC;IACzD,CAAC;IAED,+CAA+C;IAC/C,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,IAAI,eAAe,CAAC,SAAS,EAAE,GAAG,CAAC,EAAE,CAAC;QAC7D,OAAO,EAAE,CAAC,qBAAqB,EAAE,GAAG,CAAC,CAAC;IACxC,CAAC;IAED,uDAAuD;IACvD,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,IAAI,iBAAiB,CAAC,SAAS,CAAC,EAAE,CAAC;QAC1D,OAAO,EAAE,CAAC,uBAAuB,EAAE,GAAG,CAAC,CAAC;IAC1C,CAAC;IAED,sDAAsD;IACtD,IAAI,uBAAuB,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QAC9C,OAAO,EAAE,CAAC,gCAAgC,EAAE,GAAG,CAAC,CAAC;IACnD,CAAC;IAED,uDAAuD;IACvD,IAAI,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;QACpC,OAAO,EAAE,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC;IACrD,CAAC;IAED,6DAA6D;IAC7D,IAAI,SAAS,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC1B,MAAM,OAAO,GAAG,IAAA,2BAAc,EAAC,SAAS,CAAC,CAAC;QAE1C,yCAAyC;QACzC,IAAI,OAAO,GAAG,GAAG,EAAE,CAAC;YAClB,OAAO,EAAE,CAAC,gBAAgB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACzD,CAAC;QAED,4DAA4D;QAC5D,IAAI,OAAO,GAAG,GAAG,EAAE,CAAC;YAClB,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,iBAAiB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,iCAAiC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;QACjI,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,MAAM,EAAE,uCAAuC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC;AACpG,CAAC;AAED,gBAAgB;AAEhB,SAAS,EAAE,CAAC,MAAc,EAAE,UAAkB;IAC5C,OAAO,EAAE,OAAO,EAAE,gBAAgB,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;AAC3D,CAAC;AAED,SAAS,eAAe,CAAC,CAAS,EAAE,SAAiB;IACnD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,EAAE,IAAI,CAAC,EAAE,CAAC;QACnB,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAC3C,OAAO,OAAO,GAAG,CAAC,CAAC,MAAM,GAAG,SAAS,CAAC;AACxC,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS;IAClC,0EAA0E;IAC1E,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACnD,IAAI,IAAI,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,CAAC;YAAE,UAAU,EAAE,CAAC;IAC9C,CAAC;IACD,OAAO,UAAU,GAAG,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC;AAC5C,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dlp-scanner.d.ts","sourceRoot":"","sources":["../../../src/plugins/builtin/dlp-scanner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,MAAM,EAMP,MAAM,aAAa,CAAC;AAErB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAItD,OAAO,EAAe,KAAK,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAShF,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAM3C,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,SAAS,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,cAAc,CAAC,EAAE;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,EAAE,OAAO,CAAC;QACrB,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IACF,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC,8EAA8E;IAC9E,SAAS,CAAC,EAAE,MAAM,SAAS,CAAC;IAC5B,yEAAyE;IACzE,gBAAgB,CAAC,EAAE,MAAM,OAAO,2BAA2B,EAAE,kBAAkB,GAAG,SAAS,CAAC;CAC7F;AAiBD,wBAAgB,sBAAsB,CAAC,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,gBAAgB,EAAE,QAAQ,CAAC,EAAE,OAAO,iBAAiB,EAAE,cAAc,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"dlp-scanner.d.ts","sourceRoot":"","sources":["../../../src/plugins/builtin/dlp-scanner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EACV,MAAM,EAMP,MAAM,aAAa,CAAC;AAErB,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,sBAAsB,CAAC;AAItD,OAAO,EAAe,KAAK,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAShF,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AAM3C,MAAM,WAAW,gBAAgB;IAC/B,MAAM,EAAE,SAAS,CAAC;IAClB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,cAAc,CAAC,EAAE;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,MAAM,EAAE,MAAM,CAAC;QACf,WAAW,EAAE,OAAO,CAAC;QACrB,mBAAmB,EAAE,MAAM,CAAC;KAC7B,CAAC;IACF,YAAY,CAAC,EAAE,iBAAiB,CAAC;IACjC,8EAA8E;IAC9E,SAAS,CAAC,EAAE,MAAM,SAAS,CAAC;IAC5B,yEAAyE;IACzE,gBAAgB,CAAC,EAAE,MAAM,OAAO,2BAA2B,EAAE,kBAAkB,GAAG,SAAS,CAAC;CAC7F;AAiBD,wBAAgB,sBAAsB,CAAC,EAAE,EAAE,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,gBAAgB,EAAE,QAAQ,CAAC,EAAE,OAAO,iBAAiB,EAAE,cAAc,GAAG,MAAM,CAgTnJ"}
|
|
@@ -112,6 +112,7 @@ function createDlpScannerPlugin(db, config, eventBus) {
|
|
|
112
112
|
});
|
|
113
113
|
eventBus?.emit('dlp:finding', {
|
|
114
114
|
requestId: context.id,
|
|
115
|
+
sessionId: context.sessionId,
|
|
115
116
|
patternName: finding.patternName,
|
|
116
117
|
patternCategory: finding.patternCategory,
|
|
117
118
|
action: result.action,
|
|
@@ -203,6 +204,7 @@ function createDlpScannerPlugin(db, config, eventBus) {
|
|
|
203
204
|
});
|
|
204
205
|
eventBus?.emit('dlp:finding', {
|
|
205
206
|
requestId: context.request.id,
|
|
207
|
+
sessionId: context.request.sessionId,
|
|
206
208
|
patternName: finding.patternName,
|
|
207
209
|
patternCategory: finding.patternCategory,
|
|
208
210
|
action: result.action,
|
|
@@ -277,6 +279,7 @@ function createDlpScannerPlugin(db, config, eventBus) {
|
|
|
277
279
|
});
|
|
278
280
|
eventBus?.emit('dlp:finding', {
|
|
279
281
|
requestId: context.request.id,
|
|
282
|
+
sessionId: context.request.sessionId,
|
|
280
283
|
patternName: finding.patternName,
|
|
281
284
|
patternCategory: finding.patternCategory,
|
|
282
285
|
action: 'warn',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dlp-scanner.js","sourceRoot":"","sources":["../../../src/plugins/builtin/dlp-scanner.ts"],"names":[],"mappings":";;AA2DA,wDA6SC;AAhWD,mDAAgE;AAEhE,4EAA+E;AAC/E,gFAAmF;AACnF,0EAA6E;AAC7E,+DAAgF;AAChF,8EAA+E;AAC/E,kEAAoE;AACpE,0EAA2E;AAC3E,gFAAiF;AACjF,6DAAiF;AACjF,iEAAmF;AACnF,mEAAqE;AACrE,qDAAqD;AAGrD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,YAAY,CAAC,CAAC;AAEvC,MAAM,eAAe,GAAG,EAAE,CAAC,CAAC,yCAAyC;AAkBrE;;;GAGG;AACH,SAAS,cAAc,CAAC,IAAY,EAAE,KAAa;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,CAAC;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,KAAK,CAAC,MAAM,GAAG,eAAe,CAAC,CAAC;IACxE,IAAI,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACrC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;IACzC,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,OAAO,GAAG,KAAK,CAAC;IACjD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAgB,sBAAsB,CAAC,EAAqB,EAAE,MAAwB,EAAE,QAAmD;IACzI,MAAM,OAAO,GAAG,IAAI,mCAAmB,CAAC,EAAE,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,IAAI,uCAAqB,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,iCAAkB,CAAC,EAAE,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,GAAc,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC;IAEzF,wCAAwC;IACxC,MAAM,kBAAkB,GAAG,MAAM,CAAC,YAAY;QAC5C,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,YAAY,EAAE,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE;QACvE,CAAC,CAAC,IAAI,CAAC;IACT,MAAM,WAAW,GAAG,kBAAkB;QACpC,CAAC,CAAC,IAAI,6BAAW,CAAC,kBAAkB,CAAC;QACrC,CAAC,CAAC,IAAI,CAAC;IAET,6EAA6E;IAC7E,MAAM,YAAY,GAAG,IAAI,kCAAe,EAAE,CAAC;IAE3C,kDAAkD;IAClD,MAAM,WAAW,GAAiB;QAChC,GAAG,2CAAsB;QACzB,GAAG,gCAAiB;QACpB,GAAG,uCAAoB;QACvB,GAAG,6CAAuB;KAC3B,CAAC;IACF,YAAY,CAAC,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAExD,2DAA2D;IAC3D,IAAI,MAAM,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC;QAC/B,IAAI,MAAM,CAAC,cAAc,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,IAAA,mCAAkB,EAAC,MAAM,CAAC,cAAc,EAAE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC3E,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,uCAAuC,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACvF,CAAC;QACH,CAAC;QACD,IAAI,MAAM,CAAC,cAAc,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC;YAClD,IAAA,kCAAiB,EAAC,MAAM,CAAC,cAAc,EAAE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,EAAE;QACZ,OAAO,EAAE,OAAO;QAChB,UAAU,EAAE,CAAC;QAEb,oDAAoD;QACpD,KAAK,CAAC,SAAS,CAAC,OAAuB;YACrC,mDAAmD;YACnD,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM;gBAAE,OAAO;YAElE,MAAM,QAAQ,GAAG,YAAY,CAAC,UAAU,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAoB,YAAY,CAAC,aAAa,CACxD,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,CACxD,CAAC;YAEF,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAEzC,iFAAiF;YACjF,IAAI,WAAW,EAAE,KAAK,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxD,MAAM,CAAC,WAAW,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAClF,4BAA4B;gBAC5B,MAAM,CAAC,QAAQ,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;gBACpE,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YAC3C,CAAC;YAED,uEAAuE;YACvE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACzC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBAEjE,IAAI,eAAe,GAAkB,IAAI,CAAC;gBAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;oBACtD,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,YAAY,CAAC;oBACtE,eAAe,GAAG,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;gBACrE,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACb,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,OAAO,CAAC,EAAE;oBACtB,YAAY,EAAE,OAAO,CAAC,WAAW;oBACjC,gBAAgB,EAAE,OAAO,CAAC,eAAe;oBACzC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,WAAW,EAAE,OAAO,CAAC,UAAU;oBAC/B,gBAAgB,EAAE,eAAe;oBACjC,gBAAgB,EAAE,eAAe;iBAClC,CAAC,CAAC;gBAEH,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE;oBAC5B,SAAS,EAAE,OAAO,CAAC,EAAE;oBACrB,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,SAAS,EAAE,SAAS;iBACrB,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE;gBACvB,SAAS,EAAE,OAAO,CAAC,EAAE;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;gBACzD,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;gBAC/D,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aACtC,CAAC,CAAC;YAEH,oFAAoF;YACpF,kEAAkE;YAClE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YAC/C,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAClC,OAAO,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC;YAEhD,gDAAgD;YAChD,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACzE,MAAM,WAAW,GAAG,6CAA6C,WAAW,GAAG,CAAC;gBAEhF,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,IAAI,CAAC;wBACH,SAAS,CAAC,MAAM,CAAC;4BACf,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;4BACvB,UAAU,EAAE,OAAO,CAAC,EAAE;4BACtB,WAAW,EAAE,OAAO,CAAC,IAAI;4BACzB,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;4BACpD,MAAM,EAAE,IAAI;yBACb,CAAC,CAAC;oBACL,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,GAAG,CAAC,IAAI,CAAC,oDAAoD,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;oBACpG,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,IAAI,CAAC,0DAA0D,EAAE;wBACnE,SAAS,EAAE,OAAO,CAAC,EAAE;wBACrB,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;qBAChE,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,EAAE,CAAC;YAC9C,CAAC;YAED,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtD,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACpC,GAAG,CAAC,IAAI,CAAC,6DAA6D,EAAE;wBACtE,SAAS,EAAE,OAAO,CAAC,EAAE;wBACrB,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;qBAChE,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,uFAAuF;QACvF,KAAK,CAAC,UAAU,CAAC,OAAiC;YAChD,IAAI,OAAO,CAAC,WAAW;gBAAE,OAAO,CAAC,sDAAsD;YAEvF,MAAM,QAAQ,GAAG,YAAY,CAAC,UAAU,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAG,IAAA,oBAAQ,EAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;YAE7D,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAEzC,qCAAqC;YACrC,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;gBACvB,MAAM,CAAC,QAAQ,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC5E,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YAC3C,CAAC;YAED,kCAAkC;YAClC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACtC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBAEjE,IAAI,eAAe,GAAkB,IAAI,CAAC;gBAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;oBACtD,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,YAAY,CAAC;oBACtE,eAAe,GAAG,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;gBACrE,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACb,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC9B,YAAY,EAAE,OAAO,CAAC,WAAW;oBACjC,gBAAgB,EAAE,OAAO,CAAC,eAAe;oBACzC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,WAAW,EAAE,OAAO,CAAC,UAAU;oBAC/B,gBAAgB,EAAE,eAAe;oBACjC,gBAAgB,EAAE,eAAe;oBACjC,SAAS,EAAE,UAAU;iBACtB,CAAC,CAAC;gBAEH,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE;oBAC5B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC7B,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,SAAS,EAAE,UAAU;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE;gBAChC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;gBAC7B,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;aACpD,CAAC,CAAC;YAEH,6EAA6E;YAC7E,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;YAC9B,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC1C,OAAO,CAAC,OAAO,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAE1F,6CAA6C;YAC7C,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,iFAAiF;gBACjF,IAAI,IAAA,8BAAgB,EAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;oBACrE,GAAG,CAAC,IAAI,CAAC,sDAAsD,EAAE;wBAC/D,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC7B,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;qBACpD,CAAC,CAAC;oBACH,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;gBACpE,CAAC;gBACD,OAAO;oBACL,OAAO,EAAE;wBACP,MAAM,EAAE,8CAA8C,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;qBAC9G;iBACF,CAAC;YACJ,CAAC;YAED,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtD,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC;YAC/C,CAAC;YAED,uDAAuD;QACzD,CAAC;QAED,kFAAkF;QAClF,KAAK,CAAC,kBAAkB,CAAC,OAAgC;YACvD,IAAI,CAAC,OAAO,CAAC,WAAW;gBAAE,OAAO;YAEjC,uFAAuF;YACvF,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;gBACtC,GAAG,CAAC,KAAK,CAAC,gDAAgD,EAAE;oBAC1D,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC7B,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM;iBAChC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,MAAM,QAAQ,GAAG,YAAY,CAAC,UAAU,EAAE,CAAC;YAC3C,MAAM,cAAc,GAAG,IAAA,oBAAQ,EAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;YAChE,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAEjD,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;gBACvB,cAAc,CAAC,QAAQ,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC5F,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YACnD,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,CAAC;gBAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC5C,OAAO,CAAC,MAAM,CAAC;oBACb,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC9B,YAAY,EAAE,OAAO,CAAC,WAAW;oBACjC,gBAAgB,EAAE,OAAO,CAAC,eAAe;oBACzC,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,OAAO,CAAC,UAAU;oBAC/B,gBAAgB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC;oBAC1D,gBAAgB,EAAE,IAAI;oBACtB,SAAS,EAAE,UAAU;iBACtB,CAAC,CAAC;gBAEH,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE;oBAC5B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC7B,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,MAAM,EAAE,MAAM;oBACd,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,SAAS,EAAE,oBAAoB;iBAChC,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,6CAA6C,EAAE;gBACtD,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;gBAC7B,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;aAC5D,CAAC,CAAC;YAEH,IAAI,CAAC;gBACH,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC5C,SAAS,CAAC,MAAM,CAAC;wBACf,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;wBACvB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC9B,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI;wBACjC,YAAY,EAAE,OAAO,CAAC,IAAI;wBAC1B,MAAM,EAAE,IAAI;qBACb,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,mDAAmD,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"dlp-scanner.js","sourceRoot":"","sources":["../../../src/plugins/builtin/dlp-scanner.ts"],"names":[],"mappings":";;AA2DA,wDAgTC;AAnWD,mDAAgE;AAEhE,4EAA+E;AAC/E,gFAAmF;AACnF,0EAA6E;AAC7E,+DAAgF;AAChF,8EAA+E;AAC/E,kEAAoE;AACpE,0EAA2E;AAC3E,gFAAiF;AACjF,6DAAiF;AACjF,iEAAmF;AACnF,mEAAqE;AACrE,qDAAqD;AAGrD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,YAAY,CAAC,CAAC;AAEvC,MAAM,eAAe,GAAG,EAAE,CAAC,CAAC,yCAAyC;AAkBrE;;;GAGG;AACH,SAAS,cAAc,CAAC,IAAY,EAAE,KAAa;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;IAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,eAAe,CAAC,CAAC;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,GAAG,KAAK,CAAC,MAAM,GAAG,eAAe,CAAC,CAAC;IACxE,IAAI,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACrC,IAAI,KAAK,GAAG,CAAC;QAAE,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;IACzC,IAAI,GAAG,GAAG,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,OAAO,GAAG,KAAK,CAAC;IACjD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAgB,sBAAsB,CAAC,EAAqB,EAAE,MAAwB,EAAE,QAAmD;IACzI,MAAM,OAAO,GAAG,IAAI,mCAAmB,CAAC,EAAE,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,IAAI,uCAAqB,CAAC,EAAE,CAAC,CAAC;IACnD,MAAM,SAAS,GAAG,IAAI,iCAAkB,CAAC,EAAE,CAAC,CAAC;IAC7C,MAAM,SAAS,GAAG,GAAc,EAAE,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC;IAEzF,wCAAwC;IACxC,MAAM,kBAAkB,GAAG,MAAM,CAAC,YAAY;QAC5C,CAAC,CAAC,EAAE,GAAG,MAAM,CAAC,YAAY,EAAE,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE;QACvE,CAAC,CAAC,IAAI,CAAC;IACT,MAAM,WAAW,GAAG,kBAAkB;QACpC,CAAC,CAAC,IAAI,6BAAW,CAAC,kBAAkB,CAAC;QACrC,CAAC,CAAC,IAAI,CAAC;IAET,6EAA6E;IAC7E,MAAM,YAAY,GAAG,IAAI,kCAAe,EAAE,CAAC;IAE3C,kDAAkD;IAClD,MAAM,WAAW,GAAiB;QAChC,GAAG,2CAAsB;QACzB,GAAG,gCAAiB;QACpB,GAAG,uCAAoB;QACvB,GAAG,6CAAuB;KAC3B,CAAC;IACF,YAAY,CAAC,YAAY,CAAC,WAAW,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;IAExD,2DAA2D;IAC3D,IAAI,MAAM,CAAC,cAAc,EAAE,GAAG,EAAE,CAAC;QAC/B,IAAI,MAAM,CAAC,cAAc,CAAC,WAAW,KAAK,KAAK,EAAE,CAAC;YAChD,IAAI,CAAC;gBACH,IAAA,mCAAkB,EAAC,MAAM,CAAC,cAAc,EAAE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;YAC3E,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,uCAAuC,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACvF,CAAC;QACH,CAAC;QACD,IAAI,MAAM,CAAC,cAAc,CAAC,mBAAmB,GAAG,CAAC,EAAE,CAAC;YAClD,IAAA,kCAAiB,EAAC,MAAM,CAAC,cAAc,EAAE,YAAY,EAAE,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,OAAO;QACL,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,EAAE;QACZ,OAAO,EAAE,OAAO;QAChB,UAAU,EAAE,CAAC;QAEb,oDAAoD;QACpD,KAAK,CAAC,SAAS,CAAC,OAAuB;YACrC,mDAAmD;YACnD,IAAI,OAAO,CAAC,MAAM,KAAK,KAAK,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM;gBAAE,OAAO;YAElE,MAAM,QAAQ,GAAG,YAAY,CAAC,UAAU,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAoB,YAAY,CAAC,aAAa,CACxD,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,UAAU,EAAE,QAAQ,EAAE,SAAS,EAAE,CACxD,CAAC;YAEF,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAEzC,iFAAiF;YACjF,IAAI,WAAW,EAAE,KAAK,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxD,MAAM,CAAC,WAAW,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAClF,4BAA4B;gBAC5B,MAAM,CAAC,QAAQ,GAAG,CAAC,GAAG,MAAM,CAAC,WAAW,EAAE,GAAG,MAAM,CAAC,cAAc,CAAC,CAAC;gBACpE,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YAC3C,CAAC;YAED,uEAAuE;YACvE,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACzC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBAEjE,IAAI,eAAe,GAAkB,IAAI,CAAC;gBAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;oBACtD,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,YAAY,CAAC;oBACtE,eAAe,GAAG,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;gBACrE,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACb,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,OAAO,CAAC,EAAE;oBACtB,YAAY,EAAE,OAAO,CAAC,WAAW;oBACjC,gBAAgB,EAAE,OAAO,CAAC,eAAe;oBACzC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,WAAW,EAAE,OAAO,CAAC,UAAU;oBAC/B,gBAAgB,EAAE,eAAe;oBACjC,gBAAgB,EAAE,eAAe;iBAClC,CAAC,CAAC;gBAEH,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE;oBAC5B,SAAS,EAAE,OAAO,CAAC,EAAE;oBACrB,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,SAAS,EAAE,SAAS;iBACrB,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE;gBACvB,SAAS,EAAE,OAAO,CAAC,EAAE;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,WAAW,EAAE,MAAM,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;gBACzD,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;gBAC/D,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;aACtC,CAAC,CAAC;YAEH,oFAAoF;YACpF,kEAAkE;YAClE,OAAO,CAAC,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;YAC/C,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAClC,OAAO,CAAC,WAAW,GAAG,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC;YAEhD,gDAAgD;YAChD,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,MAAM,WAAW,GAAG,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACzE,MAAM,WAAW,GAAG,6CAA6C,WAAW,GAAG,CAAC;gBAEhF,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,IAAI,CAAC;wBACH,SAAS,CAAC,MAAM,CAAC;4BACf,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;4BACvB,UAAU,EAAE,OAAO,CAAC,EAAE;4BACtB,WAAW,EAAE,OAAO,CAAC,IAAI;4BACzB,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,WAAW,EAAE,CAAC;4BACpD,MAAM,EAAE,IAAI;yBACb,CAAC,CAAC;oBACL,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,GAAG,CAAC,IAAI,CAAC,oDAAoD,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;oBACpG,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,GAAG,CAAC,IAAI,CAAC,0DAA0D,EAAE;wBACnE,SAAS,EAAE,OAAO,CAAC,EAAE;wBACrB,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;qBAChE,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,EAAE,OAAO,EAAE,EAAE,MAAM,EAAE,WAAW,EAAE,EAAE,CAAC;YAC9C,CAAC;YAED,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtD,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBACpC,GAAG,CAAC,IAAI,CAAC,6DAA6D,EAAE;wBACtE,SAAS,EAAE,OAAO,CAAC,EAAE;wBACrB,cAAc,EAAE,MAAM,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;qBAChE,CAAC,CAAC;gBACL,CAAC;gBACD,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC;YAC/C,CAAC;QACH,CAAC;QAED,uFAAuF;QACvF,KAAK,CAAC,UAAU,CAAC,OAAiC;YAChD,IAAI,OAAO,CAAC,WAAW;gBAAE,OAAO,CAAC,sDAAsD;YAEvF,MAAM,QAAQ,GAAG,YAAY,CAAC,UAAU,EAAE,CAAC;YAC3C,MAAM,MAAM,GAAG,IAAA,oBAAQ,EAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAC;YAE7D,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAEzC,qCAAqC;YACrC,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;gBACvB,MAAM,CAAC,QAAQ,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC5E,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YAC3C,CAAC;YAED,kCAAkC;YAClC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACtC,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,eAAe,GAAG,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBAEjE,IAAI,eAAe,GAAkB,IAAI,CAAC;gBAC1C,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;oBACtD,MAAM,WAAW,GAAG,IAAI,OAAO,CAAC,WAAW,CAAC,WAAW,EAAE,YAAY,CAAC;oBACtE,eAAe,GAAG,cAAc,CAAC,MAAM,CAAC,YAAY,EAAE,WAAW,CAAC,CAAC;gBACrE,CAAC;gBAED,OAAO,CAAC,MAAM,CAAC;oBACb,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC9B,YAAY,EAAE,OAAO,CAAC,WAAW;oBACjC,gBAAgB,EAAE,OAAO,CAAC,eAAe;oBACzC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,WAAW,EAAE,OAAO,CAAC,UAAU;oBAC/B,gBAAgB,EAAE,eAAe;oBACjC,gBAAgB,EAAE,eAAe;oBACjC,SAAS,EAAE,UAAU;iBACtB,CAAC,CAAC;gBAEH,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE;oBAC5B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC7B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS;oBACpC,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,SAAS,EAAE,UAAU;iBACtB,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,uBAAuB,EAAE;gBAChC,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;gBAC7B,SAAS,EAAE,UAAU;gBACrB,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;aACpD,CAAC,CAAC;YAEH,6EAA6E;YAC7E,OAAO,CAAC,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC;YAC9B,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC;YAC1C,OAAO,CAAC,OAAO,CAAC,WAAW,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,IAAI,CAAC,CAAC,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;YAE1F,6CAA6C;YAC7C,IAAI,MAAM,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC9B,iFAAiF;gBACjF,IAAI,IAAA,8BAAgB,EAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC;oBACrE,GAAG,CAAC,IAAI,CAAC,sDAAsD,EAAE;wBAC/D,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC7B,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;qBACpD,CAAC,CAAC;oBACH,OAAO,EAAE,YAAY,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC;gBACpE,CAAC;gBACD,OAAO;oBACL,OAAO,EAAE;wBACP,MAAM,EAAE,8CAA8C,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG;qBAC9G;iBACF,CAAC;YACJ,CAAC;YAED,IAAI,MAAM,CAAC,MAAM,KAAK,QAAQ,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;gBACtD,OAAO,EAAE,YAAY,EAAE,MAAM,CAAC,YAAY,EAAE,CAAC;YAC/C,CAAC;YAED,uDAAuD;QACzD,CAAC;QAED,kFAAkF;QAClF,KAAK,CAAC,kBAAkB,CAAC,OAAgC;YACvD,IAAI,CAAC,OAAO,CAAC,WAAW;gBAAE,OAAO;YAEjC,uFAAuF;YACvF,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,IAAI,EAAE,CAAC;gBACtC,GAAG,CAAC,KAAK,CAAC,gDAAgD,EAAE;oBAC1D,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC7B,UAAU,EAAE,OAAO,CAAC,IAAI,CAAC,MAAM;iBAChC,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YAED,MAAM,QAAQ,GAAG,YAAY,CAAC,UAAU,EAAE,CAAC;YAC3C,MAAM,cAAc,GAAG,IAAA,oBAAQ,EAAC,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;YAChE,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO;YAEjD,IAAI,WAAW,EAAE,KAAK,EAAE,CAAC;gBACvB,cAAc,CAAC,QAAQ,GAAG,MAAM,WAAW,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBAC5F,IAAI,cAAc,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC;oBAAE,OAAO;YACnD,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,cAAc,CAAC,QAAQ,EAAE,CAAC;gBAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;gBAC5C,OAAO,CAAC,MAAM,CAAC;oBACb,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC9B,YAAY,EAAE,OAAO,CAAC,WAAW;oBACjC,gBAAgB,EAAE,OAAO,CAAC,eAAe;oBACzC,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,OAAO,CAAC,UAAU;oBAC/B,gBAAgB,EAAE,cAAc,CAAC,OAAO,CAAC,IAAI,EAAE,UAAU,CAAC;oBAC1D,gBAAgB,EAAE,IAAI;oBACtB,SAAS,EAAE,UAAU;iBACtB,CAAC,CAAC;gBAEH,QAAQ,EAAE,IAAI,CAAC,aAAa,EAAE;oBAC5B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC7B,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,SAAS;oBACpC,WAAW,EAAE,OAAO,CAAC,WAAW;oBAChC,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,MAAM,EAAE,MAAM;oBACd,UAAU,EAAE,OAAO,CAAC,UAAU;oBAC9B,SAAS,EAAE,oBAAoB;iBAChC,CAAC,CAAC;YACL,CAAC;YAED,GAAG,CAAC,IAAI,CAAC,6CAA6C,EAAE;gBACtD,SAAS,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;gBAC7B,QAAQ,EAAE,cAAc,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;aAC5D,CAAC,CAAC;YAEH,IAAI,CAAC;gBACH,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,EAAE,CAAC;oBAC5C,SAAS,CAAC,MAAM,CAAC;wBACf,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;wBACvB,UAAU,EAAE,OAAO,CAAC,OAAO,CAAC,EAAE;wBAC9B,WAAW,EAAE,OAAO,CAAC,OAAO,CAAC,IAAI;wBACjC,YAAY,EAAE,OAAO,CAAC,IAAI;wBAC1B,MAAM,EAAE,IAAI;qBACb,CAAC,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACN,SAAS,CAAC,UAAU,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;gBAC3C,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,mDAAmD,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
import type { Plugin } from '../types.js';
|
|
2
|
+
import type { PluginEventBus } from '../event-bus.js';
|
|
3
|
+
import type { BastionConfig } from '../../config/schema.js';
|
|
4
|
+
import type Database from 'better-sqlite3';
|
|
5
|
+
export declare function createThreatScorerPlugin(config: BastionConfig, db: Database.Database, eventBus: PluginEventBus): Plugin;
|
|
6
|
+
//# sourceMappingURL=threat-scorer.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"threat-scorer.d.ts","sourceRoot":"","sources":["../../../src/plugins/builtin/threat-scorer.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,EAAuC,MAAM,aAAa,CAAC;AAC/E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAS5D,OAAO,KAAK,QAAQ,MAAM,gBAAgB,CAAC;AA4F3C,wBAAgB,wBAAwB,CACtC,MAAM,EAAE,aAAa,EACrB,EAAE,EAAE,QAAQ,CAAC,QAAQ,EACrB,QAAQ,EAAE,cAAc,GACvB,MAAM,CA4NR"}
|
|
@@ -0,0 +1,266 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
3
|
+
exports.createThreatScorerPlugin = createThreatScorerPlugin;
|
|
4
|
+
const threat_scores_js_1 = require("../../storage/repositories/threat-scores.js");
|
|
5
|
+
const threat_score_events_js_1 = require("../../storage/repositories/threat-score-events.js");
|
|
6
|
+
const tool_chain_detections_js_1 = require("../../storage/repositories/tool-chain-detections.js");
|
|
7
|
+
const taint_marks_js_1 = require("../../storage/repositories/taint-marks.js");
|
|
8
|
+
const chain_detector_js_1 = require("../../tool-guard/chain-detector.js");
|
|
9
|
+
const taint_tracker_js_1 = require("../../tool-guard/taint-tracker.js");
|
|
10
|
+
const chain_rules_js_1 = require("../../tool-guard/chain-rules.js");
|
|
11
|
+
const logger_js_1 = require("../../utils/logger.js");
|
|
12
|
+
const log = (0, logger_js_1.createLogger)('threat-scorer');
|
|
13
|
+
function getDefaults() {
|
|
14
|
+
return {
|
|
15
|
+
enabled: true,
|
|
16
|
+
scoring: {
|
|
17
|
+
piWeight: 30,
|
|
18
|
+
dlpWeight: 10,
|
|
19
|
+
toolGuardWeights: { critical: 25, high: 15, medium: 5, low: 2 },
|
|
20
|
+
toolChainWeight: 40,
|
|
21
|
+
decayPerMinute: 0.5,
|
|
22
|
+
},
|
|
23
|
+
thresholds: { elevated: 20, high: 50, critical: 80 },
|
|
24
|
+
toolChain: { enabled: true, maxWindowSize: 20 },
|
|
25
|
+
taintTracking: { enabled: true, ttlMinutes: 60 },
|
|
26
|
+
};
|
|
27
|
+
}
|
|
28
|
+
function mergeConfig(config) {
|
|
29
|
+
const defaults = getDefaults();
|
|
30
|
+
const ti = config.plugins?.threatIntelligence;
|
|
31
|
+
if (!ti)
|
|
32
|
+
return defaults;
|
|
33
|
+
return {
|
|
34
|
+
enabled: ti.enabled ?? defaults.enabled,
|
|
35
|
+
scoring: {
|
|
36
|
+
piWeight: ti.scoring?.piWeight ?? defaults.scoring.piWeight,
|
|
37
|
+
dlpWeight: ti.scoring?.dlpWeight ?? defaults.scoring.dlpWeight,
|
|
38
|
+
toolGuardWeights: {
|
|
39
|
+
critical: ti.scoring?.toolGuardWeights?.critical ?? defaults.scoring.toolGuardWeights.critical,
|
|
40
|
+
high: ti.scoring?.toolGuardWeights?.high ?? defaults.scoring.toolGuardWeights.high,
|
|
41
|
+
medium: ti.scoring?.toolGuardWeights?.medium ?? defaults.scoring.toolGuardWeights.medium,
|
|
42
|
+
low: ti.scoring?.toolGuardWeights?.low ?? defaults.scoring.toolGuardWeights.low,
|
|
43
|
+
},
|
|
44
|
+
toolChainWeight: ti.scoring?.toolChainWeight ?? defaults.scoring.toolChainWeight,
|
|
45
|
+
decayPerMinute: ti.scoring?.decayPerMinute ?? defaults.scoring.decayPerMinute,
|
|
46
|
+
},
|
|
47
|
+
thresholds: {
|
|
48
|
+
elevated: ti.thresholds?.elevated ?? defaults.thresholds.elevated,
|
|
49
|
+
high: ti.thresholds?.high ?? defaults.thresholds.high,
|
|
50
|
+
critical: ti.thresholds?.critical ?? defaults.thresholds.critical,
|
|
51
|
+
},
|
|
52
|
+
toolChain: {
|
|
53
|
+
enabled: ti.toolChain?.enabled ?? defaults.toolChain.enabled,
|
|
54
|
+
maxWindowSize: ti.toolChain?.maxWindowSize ?? defaults.toolChain.maxWindowSize,
|
|
55
|
+
},
|
|
56
|
+
taintTracking: {
|
|
57
|
+
enabled: ti.taintTracking?.enabled ?? defaults.taintTracking.enabled,
|
|
58
|
+
ttlMinutes: ti.taintTracking?.ttlMinutes ?? defaults.taintTracking.ttlMinutes,
|
|
59
|
+
},
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
function computeLevel(score, thresholds) {
|
|
63
|
+
if (score >= thresholds.critical)
|
|
64
|
+
return 'critical';
|
|
65
|
+
if (score >= thresholds.high)
|
|
66
|
+
return 'high';
|
|
67
|
+
if (score >= thresholds.elevated)
|
|
68
|
+
return 'elevated';
|
|
69
|
+
return 'normal';
|
|
70
|
+
}
|
|
71
|
+
function createThreatScorerPlugin(config, db, eventBus) {
|
|
72
|
+
const tiConfig = mergeConfig(config);
|
|
73
|
+
const scoresRepo = new threat_scores_js_1.ThreatScoresRepository(db);
|
|
74
|
+
const eventsRepo = new threat_score_events_js_1.ThreatScoreEventsRepository(db);
|
|
75
|
+
const chainDetectionsRepo = new tool_chain_detections_js_1.ToolChainDetectionsRepository(db);
|
|
76
|
+
const taintMarksRepo = new taint_marks_js_1.TaintMarksRepository(db);
|
|
77
|
+
const chainDetector = new chain_detector_js_1.ChainDetector(tiConfig.toolChain.maxWindowSize);
|
|
78
|
+
const taintTracker = new taint_tracker_js_1.TaintTracker(tiConfig.taintTracking.ttlMinutes);
|
|
79
|
+
// In-memory threat state per session
|
|
80
|
+
const sessions = new Map();
|
|
81
|
+
const chainRules = [...chain_rules_js_1.BUILTIN_CHAIN_RULES];
|
|
82
|
+
function getOrCreateState(sessionId) {
|
|
83
|
+
let state = sessions.get(sessionId);
|
|
84
|
+
if (!state) {
|
|
85
|
+
// Try loading from DB
|
|
86
|
+
const record = scoresRepo.get(sessionId);
|
|
87
|
+
if (record) {
|
|
88
|
+
state = {
|
|
89
|
+
score: record.score,
|
|
90
|
+
level: record.level,
|
|
91
|
+
eventCount: record.event_count,
|
|
92
|
+
lastEventAt: record.last_event_at ? new Date(record.last_event_at).getTime() : 0,
|
|
93
|
+
};
|
|
94
|
+
}
|
|
95
|
+
else {
|
|
96
|
+
state = { score: 0, level: 'normal', eventCount: 0, lastEventAt: 0 };
|
|
97
|
+
}
|
|
98
|
+
sessions.set(sessionId, state);
|
|
99
|
+
}
|
|
100
|
+
return state;
|
|
101
|
+
}
|
|
102
|
+
function applyDecay(state) {
|
|
103
|
+
if (state.score <= 0 || state.lastEventAt === 0)
|
|
104
|
+
return;
|
|
105
|
+
const elapsedMinutes = (Date.now() - state.lastEventAt) / 60000;
|
|
106
|
+
if (elapsedMinutes <= 0)
|
|
107
|
+
return;
|
|
108
|
+
// Exponential decay: score *= exp(-decayRate * elapsed)
|
|
109
|
+
state.score *= Math.exp(-tiConfig.scoring.decayPerMinute * elapsedMinutes);
|
|
110
|
+
if (state.score < 0.1)
|
|
111
|
+
state.score = 0;
|
|
112
|
+
}
|
|
113
|
+
function addPoints(sessionId, points, eventType, sourceEvent) {
|
|
114
|
+
const state = getOrCreateState(sessionId);
|
|
115
|
+
applyDecay(state);
|
|
116
|
+
state.score += points;
|
|
117
|
+
state.eventCount++;
|
|
118
|
+
state.lastEventAt = Date.now();
|
|
119
|
+
state.level = computeLevel(state.score, tiConfig.thresholds);
|
|
120
|
+
sessions.set(sessionId, state);
|
|
121
|
+
// Persist to DB
|
|
122
|
+
try {
|
|
123
|
+
scoresRepo.upsert({
|
|
124
|
+
session_id: sessionId,
|
|
125
|
+
score: state.score,
|
|
126
|
+
level: state.level,
|
|
127
|
+
event_count: state.eventCount,
|
|
128
|
+
last_event_at: new Date(state.lastEventAt).toISOString(),
|
|
129
|
+
});
|
|
130
|
+
eventsRepo.insert({
|
|
131
|
+
id: crypto.randomUUID(),
|
|
132
|
+
session_id: sessionId,
|
|
133
|
+
event_type: eventType,
|
|
134
|
+
source_event: sourceEvent,
|
|
135
|
+
points,
|
|
136
|
+
score_after: state.score,
|
|
137
|
+
level_after: state.level,
|
|
138
|
+
});
|
|
139
|
+
}
|
|
140
|
+
catch (err) {
|
|
141
|
+
log.warn('Failed to persist threat score', { error: err.message });
|
|
142
|
+
}
|
|
143
|
+
if (state.level !== 'normal') {
|
|
144
|
+
log.warn('Session threat level changed', {
|
|
145
|
+
sessionId,
|
|
146
|
+
level: state.level,
|
|
147
|
+
score: Math.round(state.score * 100) / 100,
|
|
148
|
+
eventType,
|
|
149
|
+
});
|
|
150
|
+
eventBus.emit('threat:level-change', {
|
|
151
|
+
sessionId,
|
|
152
|
+
level: state.level,
|
|
153
|
+
score: state.score,
|
|
154
|
+
eventType,
|
|
155
|
+
});
|
|
156
|
+
}
|
|
157
|
+
}
|
|
158
|
+
// ── Event listeners ──
|
|
159
|
+
eventBus.on('pi:detected', (data) => {
|
|
160
|
+
const event = data;
|
|
161
|
+
if (!event?.sessionId)
|
|
162
|
+
return;
|
|
163
|
+
addPoints(event.sessionId, tiConfig.scoring.piWeight, 'pi', `pi:detected severity=${event.severity ?? 'unknown'}`);
|
|
164
|
+
});
|
|
165
|
+
eventBus.on('dlp:finding', (data) => {
|
|
166
|
+
const event = data;
|
|
167
|
+
if (!event?.sessionId)
|
|
168
|
+
return;
|
|
169
|
+
addPoints(event.sessionId, tiConfig.scoring.dlpWeight, 'dlp', `dlp:finding pattern=${event.patternName ?? 'unknown'}`);
|
|
170
|
+
// Taint tracking: mark DLP findings for later tool input checks
|
|
171
|
+
if (tiConfig.taintTracking.enabled && event.patternName && event.requestId) {
|
|
172
|
+
const fingerprint = taintTracker.markTaint(event.sessionId, event.requestId, event.patternName, `${event.patternName}:${event.requestId}`);
|
|
173
|
+
try {
|
|
174
|
+
taintMarksRepo.insert({
|
|
175
|
+
id: crypto.randomUUID(),
|
|
176
|
+
session_id: event.sessionId,
|
|
177
|
+
request_id: event.requestId,
|
|
178
|
+
pattern_name: event.patternName,
|
|
179
|
+
direction: event.direction ?? 'request',
|
|
180
|
+
fingerprint,
|
|
181
|
+
});
|
|
182
|
+
}
|
|
183
|
+
catch (err) {
|
|
184
|
+
log.warn('Failed to persist taint mark', { error: err.message });
|
|
185
|
+
}
|
|
186
|
+
}
|
|
187
|
+
});
|
|
188
|
+
eventBus.on('toolguard:alert', (data) => {
|
|
189
|
+
const event = data;
|
|
190
|
+
if (!event?.sessionId)
|
|
191
|
+
return;
|
|
192
|
+
const severity = event.severity ?? 'medium';
|
|
193
|
+
const weights = tiConfig.scoring.toolGuardWeights;
|
|
194
|
+
const points = weights[severity] ?? weights.medium;
|
|
195
|
+
addPoints(event.sessionId, points, 'toolguard', `toolguard:alert rule=${event.ruleName ?? 'unknown'} severity=${severity}`);
|
|
196
|
+
// Tool chain detection: record the category and check chains
|
|
197
|
+
if (tiConfig.toolChain.enabled && event.category) {
|
|
198
|
+
chainDetector.recordToolCall(event.sessionId, event.category);
|
|
199
|
+
const match = chainDetector.checkChains(event.sessionId, chainRules);
|
|
200
|
+
if (match) {
|
|
201
|
+
addPoints(event.sessionId, tiConfig.scoring.toolChainWeight, 'toolchain', `chain:${match.rule.id} sequence=${match.matchedSequence.join('→')}`);
|
|
202
|
+
try {
|
|
203
|
+
chainDetectionsRepo.insert({
|
|
204
|
+
id: crypto.randomUUID(),
|
|
205
|
+
session_id: event.sessionId,
|
|
206
|
+
rule_id: match.rule.id,
|
|
207
|
+
matched_sequence: JSON.stringify(match.matchedSequence),
|
|
208
|
+
action: match.rule.action,
|
|
209
|
+
});
|
|
210
|
+
}
|
|
211
|
+
catch (err) {
|
|
212
|
+
log.warn('Failed to persist chain detection', { error: err.message });
|
|
213
|
+
}
|
|
214
|
+
eventBus.emit('toolchain:detected', {
|
|
215
|
+
sessionId: event.sessionId,
|
|
216
|
+
ruleId: match.rule.id,
|
|
217
|
+
ruleName: match.rule.name,
|
|
218
|
+
sequence: match.matchedSequence,
|
|
219
|
+
action: match.rule.action,
|
|
220
|
+
});
|
|
221
|
+
}
|
|
222
|
+
}
|
|
223
|
+
});
|
|
224
|
+
return {
|
|
225
|
+
name: 'threat-scorer',
|
|
226
|
+
priority: 4, // Runs before tool-guard (5) to set context._threatLevel
|
|
227
|
+
version: '1.0.0',
|
|
228
|
+
apiVersion: 2,
|
|
229
|
+
source: 'builtin',
|
|
230
|
+
async onRequest(context) {
|
|
231
|
+
if (!context.sessionId)
|
|
232
|
+
return;
|
|
233
|
+
const state = getOrCreateState(context.sessionId);
|
|
234
|
+
applyDecay(state);
|
|
235
|
+
// Update level after decay
|
|
236
|
+
state.level = computeLevel(state.score, tiConfig.thresholds);
|
|
237
|
+
sessions.set(context.sessionId, state);
|
|
238
|
+
// Set threat level on context for downstream plugins (tool-guard reads this)
|
|
239
|
+
context._threatLevel = state.level;
|
|
240
|
+
context._threatScore = state.score;
|
|
241
|
+
if (state.level !== 'normal') {
|
|
242
|
+
log.debug('Request threat context', {
|
|
243
|
+
sessionId: context.sessionId,
|
|
244
|
+
level: state.level,
|
|
245
|
+
score: Math.round(state.score * 100) / 100,
|
|
246
|
+
});
|
|
247
|
+
}
|
|
248
|
+
// Taint check: scan tool inputs in request body for tainted content
|
|
249
|
+
if (tiConfig.taintTracking.enabled) {
|
|
250
|
+
const taints = taintTracker.getActiveTaints(context.sessionId);
|
|
251
|
+
if (taints.length > 0 && context.body) {
|
|
252
|
+
const match = taintTracker.checkToolInput(context.sessionId, context.body);
|
|
253
|
+
if (match) {
|
|
254
|
+
addPoints(context.sessionId, tiConfig.scoring.dlpWeight, 'taint', `taint:detected pattern=${match.patternName} fingerprint=${match.fingerprint}`);
|
|
255
|
+
log.warn('Tainted data detected in tool input', {
|
|
256
|
+
sessionId: context.sessionId,
|
|
257
|
+
requestId: context.id,
|
|
258
|
+
patternName: match.patternName,
|
|
259
|
+
});
|
|
260
|
+
}
|
|
261
|
+
}
|
|
262
|
+
}
|
|
263
|
+
},
|
|
264
|
+
};
|
|
265
|
+
}
|
|
266
|
+
//# sourceMappingURL=threat-scorer.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"threat-scorer.js","sourceRoot":"","sources":["../../../src/plugins/builtin/threat-scorer.ts"],"names":[],"mappings":";;AAuGA,4DAgOC;AApUD,kFAAqF;AACrF,8FAAgG;AAChG,kGAAoG;AACpG,8EAAiF;AACjF,0EAAmE;AACnE,wEAAiE;AACjE,oEAA0F;AAC1F,qDAAqD;AAGrD,MAAM,GAAG,GAAG,IAAA,wBAAY,EAAC,eAAe,CAAC,CAAC;AAiC1C,SAAS,WAAW;IAClB,OAAO;QACL,OAAO,EAAE,IAAI;QACb,OAAO,EAAE;YACP,QAAQ,EAAE,EAAE;YACZ,SAAS,EAAE,EAAE;YACb,gBAAgB,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE;YAC/D,eAAe,EAAE,EAAE;YACnB,cAAc,EAAE,GAAG;SACpB;QACD,UAAU,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;QACpD,SAAS,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE;QAC/C,aAAa,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE;KACjD,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,MAAqB;IACxC,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,EAAE,GAAG,MAAM,CAAC,OAAO,EAAE,kBAAkB,CAAC;IAC9C,IAAI,CAAC,EAAE;QAAE,OAAO,QAAQ,CAAC;IACzB,OAAO;QACL,OAAO,EAAE,EAAE,CAAC,OAAO,IAAI,QAAQ,CAAC,OAAO;QACvC,OAAO,EAAE;YACP,QAAQ,EAAE,EAAE,CAAC,OAAO,EAAE,QAAQ,IAAI,QAAQ,CAAC,OAAO,CAAC,QAAQ;YAC3D,SAAS,EAAE,EAAE,CAAC,OAAO,EAAE,SAAS,IAAI,QAAQ,CAAC,OAAO,CAAC,SAAS;YAC9D,gBAAgB,EAAE;gBAChB,QAAQ,EAAE,EAAE,CAAC,OAAO,EAAE,gBAAgB,EAAE,QAAQ,IAAI,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,QAAQ;gBAC9F,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,gBAAgB,EAAE,IAAI,IAAI,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI;gBAClF,MAAM,EAAE,EAAE,CAAC,OAAO,EAAE,gBAAgB,EAAE,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,MAAM;gBACxF,GAAG,EAAE,EAAE,CAAC,OAAO,EAAE,gBAAgB,EAAE,GAAG,IAAI,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG;aAChF;YACD,eAAe,EAAE,EAAE,CAAC,OAAO,EAAE,eAAe,IAAI,QAAQ,CAAC,OAAO,CAAC,eAAe;YAChF,cAAc,EAAE,EAAE,CAAC,OAAO,EAAE,cAAc,IAAI,QAAQ,CAAC,OAAO,CAAC,cAAc;SAC9E;QACD,UAAU,EAAE;YACV,QAAQ,EAAE,EAAE,CAAC,UAAU,EAAE,QAAQ,IAAI,QAAQ,CAAC,UAAU,CAAC,QAAQ;YACjE,IAAI,EAAE,EAAE,CAAC,UAAU,EAAE,IAAI,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI;YACrD,QAAQ,EAAE,EAAE,CAAC,UAAU,EAAE,QAAQ,IAAI,QAAQ,CAAC,UAAU,CAAC,QAAQ;SAClE;QACD,SAAS,EAAE;YACT,OAAO,EAAE,EAAE,CAAC,SAAS,EAAE,OAAO,IAAI,QAAQ,CAAC,SAAS,CAAC,OAAO;YAC5D,aAAa,EAAE,EAAE,CAAC,SAAS,EAAE,aAAa,IAAI,QAAQ,CAAC,SAAS,CAAC,aAAa;SAC/E;QACD,aAAa,EAAE;YACb,OAAO,EAAE,EAAE,CAAC,aAAa,EAAE,OAAO,IAAI,QAAQ,CAAC,aAAa,CAAC,OAAO;YACpE,UAAU,EAAE,EAAE,CAAC,aAAa,EAAE,UAAU,IAAI,QAAQ,CAAC,aAAa,CAAC,UAAU;SAC9E;KACF,CAAC;AACJ,CAAC;AAED,SAAS,YAAY,CAAC,KAAa,EAAE,UAA2B;IAC9D,IAAI,KAAK,IAAI,UAAU,CAAC,QAAQ;QAAE,OAAO,UAAU,CAAC;IACpD,IAAI,KAAK,IAAI,UAAU,CAAC,IAAI;QAAE,OAAO,MAAM,CAAC;IAC5C,IAAI,KAAK,IAAI,UAAU,CAAC,QAAQ;QAAE,OAAO,UAAU,CAAC;IACpD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAgB,wBAAwB,CACtC,MAAqB,EACrB,EAAqB,EACrB,QAAwB;IAExB,MAAM,QAAQ,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACrC,MAAM,UAAU,GAAG,IAAI,yCAAsB,CAAC,EAAE,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,oDAA2B,CAAC,EAAE,CAAC,CAAC;IACvD,MAAM,mBAAmB,GAAG,IAAI,wDAA6B,CAAC,EAAE,CAAC,CAAC;IAClE,MAAM,cAAc,GAAG,IAAI,qCAAoB,CAAC,EAAE,CAAC,CAAC;IAEpD,MAAM,aAAa,GAAG,IAAI,iCAAa,CAAC,QAAQ,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IAC1E,MAAM,YAAY,GAAG,IAAI,+BAAY,CAAC,QAAQ,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC;IAEzE,qCAAqC;IACrC,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAuB,CAAC;IAEhD,MAAM,UAAU,GAAoB,CAAC,GAAG,oCAAmB,CAAC,CAAC;IAE7D,SAAS,gBAAgB,CAAC,SAAiB;QACzC,IAAI,KAAK,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;QACpC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,sBAAsB;YACtB,MAAM,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACzC,IAAI,MAAM,EAAE,CAAC;gBACX,KAAK,GAAG;oBACN,KAAK,EAAE,MAAM,CAAC,KAAK;oBACnB,KAAK,EAAE,MAAM,CAAC,KAAoB;oBAClC,UAAU,EAAE,MAAM,CAAC,WAAW;oBAC9B,WAAW,EAAE,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,CAAC;iBACjF,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,KAAK,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC;YACvE,CAAC;YACD,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QACjC,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,SAAS,UAAU,CAAC,KAAkB;QACpC,IAAI,KAAK,CAAC,KAAK,IAAI,CAAC,IAAI,KAAK,CAAC,WAAW,KAAK,CAAC;YAAE,OAAO;QACxD,MAAM,cAAc,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK,CAAC,WAAW,CAAC,GAAG,KAAK,CAAC;QAChE,IAAI,cAAc,IAAI,CAAC;YAAE,OAAO;QAChC,wDAAwD;QACxD,KAAK,CAAC,KAAK,IAAI,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,cAAc,GAAG,cAAc,CAAC,CAAC;QAC3E,IAAI,KAAK,CAAC,KAAK,GAAG,GAAG;YAAE,KAAK,CAAC,KAAK,GAAG,CAAC,CAAC;IACzC,CAAC;IAED,SAAS,SAAS,CAAC,SAAiB,EAAE,MAAc,EAAE,SAAiB,EAAE,WAAmB;QAC1F,MAAM,KAAK,GAAG,gBAAgB,CAAC,SAAS,CAAC,CAAC;QAC1C,UAAU,CAAC,KAAK,CAAC,CAAC;QAElB,KAAK,CAAC,KAAK,IAAI,MAAM,CAAC;QACtB,KAAK,CAAC,UAAU,EAAE,CAAC;QACnB,KAAK,CAAC,WAAW,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC/B,KAAK,CAAC,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;QAE7D,QAAQ,CAAC,GAAG,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAE/B,gBAAgB;QAChB,IAAI,CAAC;YACH,UAAU,CAAC,MAAM,CAAC;gBAChB,UAAU,EAAE,SAAS;gBACrB,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,WAAW,EAAE,KAAK,CAAC,UAAU;gBAC7B,aAAa,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE;aACzD,CAAC,CAAC;YAEH,UAAU,CAAC,MAAM,CAAC;gBAChB,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;gBACvB,UAAU,EAAE,SAAS;gBACrB,UAAU,EAAE,SAAS;gBACrB,YAAY,EAAE,WAAW;gBACzB,MAAM;gBACN,WAAW,EAAE,KAAK,CAAC,KAAK;gBACxB,WAAW,EAAE,KAAK,CAAC,KAAK;aACzB,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,GAAG,CAAC,IAAI,CAAC,gCAAgC,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;QAChF,CAAC;QAED,IAAI,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC7B,GAAG,CAAC,IAAI,CAAC,8BAA8B,EAAE;gBACvC,SAAS;gBACT,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG;gBAC1C,SAAS;aACV,CAAC,CAAC;YAEH,QAAQ,CAAC,IAAI,CAAC,qBAAqB,EAAE;gBACnC,SAAS;gBACT,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,SAAS;aACV,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,wBAAwB;IAExB,QAAQ,CAAC,EAAE,CAAC,aAAa,EAAE,CAAC,IAAa,EAAE,EAAE;QAC3C,MAAM,KAAK,GAAG,IAA6D,CAAC;QAC5E,IAAI,CAAC,KAAK,EAAE,SAAS;YAAE,OAAO;QAC9B,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,IAAI,EAAE,wBAAwB,KAAK,CAAC,QAAQ,IAAI,SAAS,EAAE,CAAC,CAAC;IACrH,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,EAAE,CAAC,aAAa,EAAE,CAAC,IAAa,EAAE,EAAE;QAC3C,MAAM,KAAK,GAAG,IAA6H,CAAC;QAC5I,IAAI,CAAC,KAAK,EAAE,SAAS;YAAE,OAAO;QAC9B,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,KAAK,EAAE,uBAAuB,KAAK,CAAC,WAAW,IAAI,SAAS,EAAE,CAAC,CAAC;QAEvH,gEAAgE;QAChE,IAAI,QAAQ,CAAC,aAAa,CAAC,OAAO,IAAI,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;YAC3E,MAAM,WAAW,GAAG,YAAY,CAAC,SAAS,CACxC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,WAAW,EACnD,GAAG,KAAK,CAAC,WAAW,IAAI,KAAK,CAAC,SAAS,EAAE,CAC1C,CAAC;YACF,IAAI,CAAC;gBACH,cAAc,CAAC,MAAM,CAAC;oBACpB,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;oBACvB,UAAU,EAAE,KAAK,CAAC,SAAS;oBAC3B,UAAU,EAAE,KAAK,CAAC,SAAS;oBAC3B,YAAY,EAAE,KAAK,CAAC,WAAW;oBAC/B,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,SAAS;oBACvC,WAAW;iBACZ,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,GAAG,CAAC,IAAI,CAAC,8BAA8B,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;YAC9E,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,EAAE,CAAC,iBAAiB,EAAE,CAAC,IAAa,EAAE,EAAE;QAC/C,MAAM,KAAK,GAAG,IAID,CAAC;QACd,IAAI,CAAC,KAAK,EAAE,SAAS;YAAE,OAAO;QAE9B,MAAM,QAAQ,GAAG,KAAK,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC5C,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,gBAAgB,CAAC;QAClD,MAAM,MAAM,GAAI,OAAkC,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,MAAM,CAAC;QAC/E,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,MAAM,EAAE,WAAW,EAAE,wBAAwB,KAAK,CAAC,QAAQ,IAAI,SAAS,aAAa,QAAQ,EAAE,CAAC,CAAC;QAE5H,6DAA6D;QAC7D,IAAI,QAAQ,CAAC,SAAS,CAAC,OAAO,IAAI,KAAK,CAAC,QAAQ,EAAE,CAAC;YACjD,aAAa,CAAC,cAAc,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC9D,MAAM,KAAK,GAAG,aAAa,CAAC,WAAW,CAAC,KAAK,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;YACrE,IAAI,KAAK,EAAE,CAAC;gBACV,SAAS,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,eAAe,EAAE,WAAW,EACtE,SAAS,KAAK,CAAC,IAAI,CAAC,EAAE,aAAa,KAAK,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;gBAExE,IAAI,CAAC;oBACH,mBAAmB,CAAC,MAAM,CAAC;wBACzB,EAAE,EAAE,MAAM,CAAC,UAAU,EAAE;wBACvB,UAAU,EAAE,KAAK,CAAC,SAAS;wBAC3B,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE;wBACtB,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,eAAe,CAAC;wBACvD,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;qBAC1B,CAAC,CAAC;gBACL,CAAC;gBAAC,OAAO,GAAG,EAAE,CAAC;oBACb,GAAG,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,KAAK,EAAG,GAAa,CAAC,OAAO,EAAE,CAAC,CAAC;gBACnF,CAAC;gBAED,QAAQ,CAAC,IAAI,CAAC,oBAAoB,EAAE;oBAClC,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE;oBACrB,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,IAAI;oBACzB,QAAQ,EAAE,KAAK,CAAC,eAAe;oBAC/B,MAAM,EAAE,KAAK,CAAC,IAAI,CAAC,MAAM;iBAC1B,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,CAAC,EAAE,yDAAyD;QACtE,OAAO,EAAE,OAAO;QAChB,UAAU,EAAE,CAAC;QACb,MAAM,EAAE,SAAS;QAEjB,KAAK,CAAC,SAAS,CAAC,OAAuB;YACrC,IAAI,CAAC,OAAO,CAAC,SAAS;gBAAE,OAAO;YAE/B,MAAM,KAAK,GAAG,gBAAgB,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YAClD,UAAU,CAAC,KAAK,CAAC,CAAC;YAElB,2BAA2B;YAC3B,KAAK,CAAC,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,KAAK,EAAE,QAAQ,CAAC,UAAU,CAAC,CAAC;YAC7D,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;YAEvC,6EAA6E;YAC7E,OAAO,CAAC,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC;YACnC,OAAO,CAAC,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC;YAEnC,IAAI,KAAK,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBAC7B,GAAG,CAAC,KAAK,CAAC,wBAAwB,EAAE;oBAClC,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,KAAK,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,GAAG,CAAC,GAAG,GAAG;iBAC3C,CAAC,CAAC;YACL,CAAC;YAED,oEAAoE;YACpE,IAAI,QAAQ,CAAC,aAAa,CAAC,OAAO,EAAE,CAAC;gBACnC,MAAM,MAAM,GAAG,YAAY,CAAC,eAAe,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;gBAC/D,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,IAAI,EAAE,CAAC;oBACtC,MAAM,KAAK,GAAG,YAAY,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;oBAC3E,IAAI,KAAK,EAAE,CAAC;wBACV,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,QAAQ,CAAC,OAAO,CAAC,SAAS,EAAE,OAAO,EAC9D,0BAA0B,KAAK,CAAC,WAAW,gBAAgB,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC;wBAClF,GAAG,CAAC,IAAI,CAAC,qCAAqC,EAAE;4BAC9C,SAAS,EAAE,OAAO,CAAC,SAAS;4BAC5B,SAAS,EAAE,OAAO,CAAC,EAAE;4BACrB,WAAW,EAAE,KAAK,CAAC,WAAW;yBAC/B,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;KACF,CAAC;AACJ,CAAC"}
|