@apiposture/cli 1.0.1

package/dist/core/discovery/nestjs-discoverer.js

@@ -0,0 +1,180 @@
+import * as ts from 'typescript';
+import { getLineAndColumn, getDecorators, getDecoratorName, getDecoratorArguments, getStringLiteralValue, } from '../analysis/source-file-loader.js';
+import { createEndpoint } from '../models/endpoint.js';
+import { EndpointType } from '../models/endpoint-type.js';
+import { HttpMethod } from '../models/http-method.js';
+import { NestJSAuthExtractor } from '../authorization/nestjs-auth-extractor.js';
+const NESTJS_HTTP_DECORATORS = new Map([
+    ['Get', HttpMethod.GET],
+    ['Post', HttpMethod.POST],
+    ['Put', HttpMethod.PUT],
+    ['Delete', HttpMethod.DELETE],
+    ['Patch', HttpMethod.PATCH],
+    ['Options', HttpMethod.OPTIONS],
+    ['Head', HttpMethod.HEAD],
+    ['All', HttpMethod.ALL],
+]);
+export class NestJSDiscoverer {
+    name = 'NestJS';
+    authExtractor;
+    constructor() {
+        this.authExtractor = new NestJSAuthExtractor();
+    }
+    async discover(file) {
+        const endpoints = [];
+        const { sourceFile, filePath } = file;
+        // Find all classes with @Controller decorator
+        ts.forEachChild(sourceFile, (node) => {
+            if (ts.isClassDeclaration(node)) {
+                const classEndpoints = this.processClass(node, sourceFile, filePath);
+                endpoints.push(...classEndpoints);
+            }
+        });
+        return endpoints;
+    }
+    processClass(classNode, sourceFile, filePath) {
+        const endpoints = [];
+        const decorators = getDecorators(classNode);
+        // Find @Controller decorator
+        const controllerDecorator = decorators.find((d) => getDecoratorName(d) === 'Controller');
+        if (!controllerDecorator) {
+            return endpoints;
+        }
+        // Get controller path
+        const controllerPath = this.extractControllerPath(controllerDecorator);
+        const controllerName = classNode.name?.text ?? 'UnknownController';
+        // Extract class-level auth decorators
+        const classAuth = this.extractClassAuthInfo(decorators);
+        // Process all methods in the class
+        for (const member of classNode.members) {
+            if (ts.isMethodDeclaration(member)) {
+                const endpoint = this.processMethod(member, sourceFile, filePath, controllerPath, controllerName, classAuth);
+                if (endpoint) {
+                    endpoints.push(endpoint);
+                }
+            }
+        }
+        return endpoints;
+    }
+    processMethod(methodNode, sourceFile, filePath, controllerPath, controllerName, classAuth) {
+        const decorators = getDecorators(methodNode);
+        const methodName = methodNode.name
+            ? ts.isIdentifier(methodNode.name)
+                ? methodNode.name.text
+                : methodNode.name.getText(sourceFile)
+            : 'unknown';
+        // Find HTTP method decorator
+        let httpMethod = null;
+        let routePath = '';
+        for (const decorator of decorators) {
+            const decoratorName = getDecoratorName(decorator);
+            if (decoratorName && NESTJS_HTTP_DECORATORS.has(decoratorName)) {
+                httpMethod = NESTJS_HTTP_DECORATORS.get(decoratorName);
+                routePath = this.extractRoutePath(decorator);
+                break;
+            }
+        }
+        if (!httpMethod) {
+            return null;
+        }
+        // Build full route
+        const fullRoute = this.buildRoute(controllerPath, routePath);
+        // Get location
+        const location = getLineAndColumn(sourceFile, methodNode.getStart(sourceFile));
+        // Extract authorization info
+        const authorization = this.authExtractor.extract(decorators, {
+            classGuards: classAuth.guards,
+            classRoles: classAuth.roles,
+            isPublic: classAuth.isPublic,
+        });
+        return createEndpoint({
+            route: fullRoute,
+            method: httpMethod,
+            handlerName: methodName,
+            controllerName,
+            type: EndpointType.NestJS,
+            location: {
+                filePath,
+                line: location.line,
+                column: location.column,
+            },
+            authorization,
+        });
+    }
+    extractControllerPath(decorator) {
+        const args = getDecoratorArguments(decorator);
+        if (args.length === 0) {
+            return '';
+        }
+        const firstArg = args[0];
+        const path = getStringLiteralValue(firstArg);
+        return path ?? '';
+    }
+    extractRoutePath(decorator) {
+        const args = getDecoratorArguments(decorator);
+        if (args.length === 0) {
+            return '';
+        }
+        const firstArg = args[0];
+        const path = getStringLiteralValue(firstArg);
+        return path ?? '';
+    }
+    buildRoute(controllerPath, methodPath) {
+        let route = '';
+        if (controllerPath) {
+            route = controllerPath.startsWith('/') ? controllerPath : '/' + controllerPath;
+        }
+        else {
+            route = '/';
+        }
+        if (methodPath) {
+            const normalizedMethodPath = methodPath.startsWith('/')
+                ? methodPath
+                : '/' + methodPath;
+            route = route === '/' ? normalizedMethodPath : route + normalizedMethodPath;
+        }
+        // Normalize multiple slashes
+        route = route.replace(/\/+/g, '/');
+        // Ensure single leading slash
+        if (!route.startsWith('/')) {
+            route = '/' + route;
+        }
+        // Remove trailing slash (except for root)
+        if (route.length > 1 && route.endsWith('/')) {
+            route = route.slice(0, -1);
+        }
+        return route;
+    }
+    extractClassAuthInfo(decorators) {
+        const info = {
+            guards: [],
+            roles: [],
+            isPublic: false,
+        };
+        for (const decorator of decorators) {
+            const name = getDecoratorName(decorator);
+            if (name === 'UseGuards') {
+                const args = getDecoratorArguments(decorator);
+                for (const arg of args) {
+                    if (ts.isIdentifier(arg)) {
+                        info.guards.push(arg.text);
+                    }
+                }
+            }
+            if (name === 'Roles') {
+                const args = getDecoratorArguments(decorator);
+                for (const arg of args) {
+                    const value = getStringLiteralValue(arg);
+                    if (value) {
+                        info.roles.push(value);
+                    }
+                }
+            }
+            if (name === 'Public' || name === 'AllowAnonymous' || name === 'SkipAuth') {
+                info.isPublic = true;
+            }
+        }
+        return info;
+    }
+}
+//# sourceMappingURL=nestjs-discoverer.js.map

package/dist/core/discovery/route-group-registry.d.ts

@@ -0,0 +1,18 @@
+export interface RouteGroup {
+    prefix: string;
+    middlewares: string[];
+    variableName: string;
+    filePath: string;
+}
+export declare class RouteGroupRegistry {
+    private groups;
+    private routerMounts;
+    registerGroup(filePath: string, variableName: string, prefix?: string, middlewares?: string[]): void;
+    registerRouterMount(filePath: string, appVariableName: string, prefix: string, routerName: string): void;
+    getGroup(filePath: string, variableName: string): RouteGroup | undefined;
+    getRouterPrefix(filePath: string, routerName: string): string;
+    getAllMiddlewares(filePath: string, variableName: string): string[];
+    clear(): void;
+    private makeKey;
+}
+//# sourceMappingURL=route-group-registry.d.ts.map

package/dist/core/discovery/route-group-registry.js

@@ -0,0 +1,50 @@
+export class RouteGroupRegistry {
+    groups = new Map();
+    routerMounts = new Map();
+    registerGroup(filePath, variableName, prefix = '', middlewares = []) {
+        const key = this.makeKey(filePath, variableName);
+        const group = {
+            prefix,
+            middlewares,
+            variableName,
+            filePath,
+        };
+        if (!this.groups.has(key)) {
+            this.groups.set(key, []);
+        }
+        this.groups.get(key).push(group);
+    }
+    registerRouterMount(filePath, appVariableName, prefix, routerName) {
+        const key = this.makeKey(filePath, appVariableName);
+        if (!this.routerMounts.has(key)) {
+            this.routerMounts.set(key, []);
+        }
+        this.routerMounts.get(key).push({ prefix, routerName });
+    }
+    getGroup(filePath, variableName) {
+        const key = this.makeKey(filePath, variableName);
+        const groups = this.groups.get(key);
+        return groups?.[groups.length - 1];
+    }
+    getRouterPrefix(filePath, routerName) {
+        for (const [, mounts] of this.routerMounts) {
+            const mount = mounts.find((m) => m.routerName === routerName);
+            if (mount) {
+                return mount.prefix;
+            }
+        }
+        return '';
+    }
+    getAllMiddlewares(filePath, variableName) {
+        const group = this.getGroup(filePath, variableName);
+        return group?.middlewares ?? [];
+    }
+    clear() {
+        this.groups.clear();
+        this.routerMounts.clear();
+    }
+    makeKey(filePath, variableName) {
+        return `${filePath}::${variableName}`;
+    }
+}
+//# sourceMappingURL=route-group-registry.js.map

package/dist/core/licensing/license-context.d.ts

@@ -0,0 +1,17 @@
+import { LicenseFeature } from './license-features.js';
+export interface LicenseInfo {
+    key: string;
+    type: 'community' | 'pro' | 'enterprise';
+    features: LicenseFeature[];
+    expiresAt: Date | null;
+    activatedAt: Date;
+    machineId?: string;
+}
+export interface LicenseContext {
+    isLicensed: boolean;
+    info: LicenseInfo | null;
+    hasFeature(feature: LicenseFeature): boolean;
+}
+export declare function createCommunityContext(): LicenseContext;
+export declare function createLicensedContext(info: LicenseInfo): LicenseContext;
+//# sourceMappingURL=license-context.d.ts.map

package/dist/core/licensing/license-context.js

@@ -0,0 +1,15 @@
+export function createCommunityContext() {
+    return {
+        isLicensed: false,
+        info: null,
+        hasFeature: () => false,
+    };
+}
+export function createLicensedContext(info) {
+    return {
+        isLicensed: true,
+        info,
+        hasFeature: (feature) => info.features.includes(feature),
+    };
+}
+//# sourceMappingURL=license-context.js.map

package/dist/core/licensing/license-features.d.ts

@@ -0,0 +1,14 @@
+export declare enum LicenseFeature {
+    DiffMode = "diff-mode",
+    HistoricalTracking = "historical-tracking",
+    RiskScoring = "risk-scoring",
+    AdvancedOwaspRules = "advanced-owasp-rules",
+    SecretsScanning = "secrets-scanning",
+    CustomRules = "custom-rules",
+    TeamReporting = "team-reporting",
+    CiCdIntegration = "ci-cd-integration"
+}
+export declare const proFeatures: LicenseFeature[];
+export declare const enterpriseFeatures: LicenseFeature[];
+export declare function getFeatureDescription(feature: LicenseFeature): string;
+//# sourceMappingURL=license-features.d.ts.map

package/dist/core/licensing/license-features.js

@@ -0,0 +1,47 @@
+export var LicenseFeature;
+(function (LicenseFeature) {
+    LicenseFeature["DiffMode"] = "diff-mode";
+    LicenseFeature["HistoricalTracking"] = "historical-tracking";
+    LicenseFeature["RiskScoring"] = "risk-scoring";
+    LicenseFeature["AdvancedOwaspRules"] = "advanced-owasp-rules";
+    LicenseFeature["SecretsScanning"] = "secrets-scanning";
+    LicenseFeature["CustomRules"] = "custom-rules";
+    LicenseFeature["TeamReporting"] = "team-reporting";
+    LicenseFeature["CiCdIntegration"] = "ci-cd-integration";
+})(LicenseFeature || (LicenseFeature = {}));
+export const proFeatures = [
+    LicenseFeature.DiffMode,
+    LicenseFeature.HistoricalTracking,
+    LicenseFeature.RiskScoring,
+    LicenseFeature.AdvancedOwaspRules,
+];
+export const enterpriseFeatures = [
+    ...proFeatures,
+    LicenseFeature.SecretsScanning,
+    LicenseFeature.CustomRules,
+    LicenseFeature.TeamReporting,
+    LicenseFeature.CiCdIntegration,
+];
+export function getFeatureDescription(feature) {
+    switch (feature) {
+        case LicenseFeature.DiffMode:
+            return 'Compare scans to track changes over time';
+        case LicenseFeature.HistoricalTracking:
+            return 'Store and analyze historical scan data';
+        case LicenseFeature.RiskScoring:
+            return 'Advanced risk scoring and prioritization';
+        case LicenseFeature.AdvancedOwaspRules:
+            return 'Additional OWASP security rules';
+        case LicenseFeature.SecretsScanning:
+            return 'Detect hardcoded secrets and credentials';
+        case LicenseFeature.CustomRules:
+            return 'Create custom security rules';
+        case LicenseFeature.TeamReporting:
+            return 'Team collaboration and reporting';
+        case LicenseFeature.CiCdIntegration:
+            return 'Advanced CI/CD pipeline integration';
+        default:
+            return feature;
+    }
+}
+//# sourceMappingURL=license-features.js.map

package/dist/core/models/authorization-info.d.ts

@@ -0,0 +1,13 @@
+import { SecurityClassification } from './security-classification.js';
+export interface AuthorizationInfo {
+    isAuthenticated: boolean;
+    isExplicitlyPublic: boolean;
+    roles: string[];
+    policies: string[];
+    middlewareChain: string[];
+    guardNames: string[];
+    classification: SecurityClassification;
+}
+export declare function createDefaultAuthorizationInfo(): AuthorizationInfo;
+export declare function determineClassification(auth: Omit<AuthorizationInfo, 'classification'>): SecurityClassification;
+//# sourceMappingURL=authorization-info.d.ts.map

package/dist/core/models/authorization-info.js

@@ -0,0 +1,25 @@
+import { SecurityClassification } from './security-classification.js';
+export function createDefaultAuthorizationInfo() {
+    return {
+        isAuthenticated: false,
+        isExplicitlyPublic: false,
+        roles: [],
+        policies: [],
+        middlewareChain: [],
+        guardNames: [],
+        classification: SecurityClassification.Public,
+    };
+}
+export function determineClassification(auth) {
+    if (auth.policies.length > 0) {
+        return SecurityClassification.PolicyRestricted;
+    }
+    if (auth.roles.length > 0) {
+        return SecurityClassification.RoleRestricted;
+    }
+    if (auth.isAuthenticated) {
+        return SecurityClassification.Authenticated;
+    }
+    return SecurityClassification.Public;
+}
+//# sourceMappingURL=authorization-info.js.map

package/dist/core/models/endpoint-type.d.ts

@@ -0,0 +1,8 @@
+export declare enum EndpointType {
+    Express = "express",
+    NestJS = "nestjs",
+    Fastify = "fastify",
+    Koa = "koa"
+}
+export declare function parseEndpointType(value: string): EndpointType | undefined;
+//# sourceMappingURL=endpoint-type.d.ts.map

package/dist/core/models/endpoint-type.js

@@ -0,0 +1,12 @@
+export var EndpointType;
+(function (EndpointType) {
+    EndpointType["Express"] = "express";
+    EndpointType["NestJS"] = "nestjs";
+    EndpointType["Fastify"] = "fastify";
+    EndpointType["Koa"] = "koa";
+})(EndpointType || (EndpointType = {}));
+export function parseEndpointType(value) {
+    const normalized = value.toLowerCase();
+    return Object.values(EndpointType).find((t) => t === normalized);
+}
+//# sourceMappingURL=endpoint-type.js.map

package/dist/core/models/endpoint.d.ts

@@ -0,0 +1,16 @@
+import { AuthorizationInfo } from './authorization-info.js';
+import { EndpointType } from './endpoint-type.js';
+import { HttpMethod } from './http-method.js';
+import { SourceLocation } from './source-location.js';
+export interface Endpoint {
+    route: string;
+    method: HttpMethod;
+    handlerName: string;
+    controllerName?: string;
+    type: EndpointType;
+    location: SourceLocation;
+    authorization: AuthorizationInfo;
+}
+export declare function createEndpoint(partial: Partial<Endpoint> & Pick<Endpoint, 'route' | 'method' | 'type' | 'location'>): Endpoint;
+export declare function formatEndpoint(endpoint: Endpoint): string;
+//# sourceMappingURL=endpoint.d.ts.map

package/dist/core/models/endpoint.js

@@ -0,0 +1,16 @@
+import { createDefaultAuthorizationInfo } from './authorization-info.js';
+export function createEndpoint(partial) {
+    return {
+        route: partial.route,
+        method: partial.method,
+        handlerName: partial.handlerName ?? 'anonymous',
+        controllerName: partial.controllerName,
+        type: partial.type,
+        location: partial.location,
+        authorization: partial.authorization ?? createDefaultAuthorizationInfo(),
+    };
+}
+export function formatEndpoint(endpoint) {
+    return `${endpoint.method} ${endpoint.route}`;
+}
+//# sourceMappingURL=endpoint.js.map

package/dist/core/models/finding.d.ts

@@ -0,0 +1,19 @@
+import { Endpoint } from './endpoint.js';
+import { Severity } from './severity.js';
+import { SourceLocation } from './source-location.js';
+export interface Finding {
+    ruleId: string;
+    ruleName: string;
+    severity: Severity;
+    message: string;
+    endpoint: Endpoint;
+    location: SourceLocation;
+    recommendation: string;
+    suppressed: boolean;
+    suppressionReason?: string;
+}
+export declare function createFinding(partial: Omit<Finding, 'suppressed' | 'suppressionReason'> & {
+    suppressed?: boolean;
+    suppressionReason?: string;
+}): Finding;
+//# sourceMappingURL=finding.d.ts.map

package/dist/core/models/finding.js

@@ -0,0 +1,8 @@
+export function createFinding(partial) {
+    return {
+        ...partial,
+        suppressed: partial.suppressed ?? false,
+        suppressionReason: partial.suppressionReason,
+    };
+}
+//# sourceMappingURL=finding.js.map

package/dist/core/models/http-method.d.ts

@@ -0,0 +1,14 @@
+export declare enum HttpMethod {
+    GET = "GET",
+    POST = "POST",
+    PUT = "PUT",
+    DELETE = "DELETE",
+    PATCH = "PATCH",
+    OPTIONS = "OPTIONS",
+    HEAD = "HEAD",
+    ALL = "ALL"
+}
+export declare const writeMethods: Set<HttpMethod>;
+export declare function isWriteMethod(method: HttpMethod): boolean;
+export declare function parseHttpMethod(value: string): HttpMethod | undefined;
+//# sourceMappingURL=http-method.d.ts.map

package/dist/core/models/http-method.js

@@ -0,0 +1,25 @@
+export var HttpMethod;
+(function (HttpMethod) {
+    HttpMethod["GET"] = "GET";
+    HttpMethod["POST"] = "POST";
+    HttpMethod["PUT"] = "PUT";
+    HttpMethod["DELETE"] = "DELETE";
+    HttpMethod["PATCH"] = "PATCH";
+    HttpMethod["OPTIONS"] = "OPTIONS";
+    HttpMethod["HEAD"] = "HEAD";
+    HttpMethod["ALL"] = "ALL";
+})(HttpMethod || (HttpMethod = {}));
+export const writeMethods = new Set([
+    HttpMethod.POST,
+    HttpMethod.PUT,
+    HttpMethod.DELETE,
+    HttpMethod.PATCH,
+]);
+export function isWriteMethod(method) {
+    return writeMethods.has(method);
+}
+export function parseHttpMethod(value) {
+    const normalized = value.toUpperCase();
+    return Object.values(HttpMethod).find((m) => m === normalized);
+}
+//# sourceMappingURL=http-method.js.map

package/dist/core/models/index.d.ts

@@ -0,0 +1,10 @@
+export * from './authorization-info.js';
+export * from './endpoint.js';
+export * from './endpoint-type.js';
+export * from './finding.js';
+export * from './http-method.js';
+export * from './scan-result.js';
+export * from './security-classification.js';
+export * from './severity.js';
+export * from './source-location.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/core/models/index.js

@@ -0,0 +1,10 @@
+export * from './authorization-info.js';
+export * from './endpoint.js';
+export * from './endpoint-type.js';
+export * from './finding.js';
+export * from './http-method.js';
+export * from './scan-result.js';
+export * from './security-classification.js';
+export * from './severity.js';
+export * from './source-location.js';
+//# sourceMappingURL=index.js.map

package/dist/core/models/scan-result.d.ts

@@ -0,0 +1,21 @@
+import { Endpoint } from './endpoint.js';
+import { Finding } from './finding.js';
+import { Severity } from './severity.js';
+export interface ScanResult {
+    projectPath: string;
+    scanDate: Date;
+    endpoints: Endpoint[];
+    findings: Finding[];
+    filesScanned: number;
+    scanDurationMs: number;
+}
+export interface ScanSummary {
+    totalEndpoints: number;
+    totalFindings: number;
+    findingsBySeverity: Record<Severity, number>;
+    suppressedFindings: number;
+}
+export declare function createScanResult(partial: Partial<ScanResult> & Pick<ScanResult, 'projectPath'>): ScanResult;
+export declare function getScanSummary(result: ScanResult): ScanSummary;
+export declare function getHighestSeverity(result: ScanResult): Severity | null;
+//# sourceMappingURL=scan-result.d.ts.map

package/dist/core/models/scan-result.js

@@ -0,0 +1,35 @@
+import { Severity, severityOrder } from './severity.js';
+export function createScanResult(partial) {
+    return {
+        projectPath: partial.projectPath,
+        scanDate: partial.scanDate ?? new Date(),
+        endpoints: partial.endpoints ?? [],
+        findings: partial.findings ?? [],
+        filesScanned: partial.filesScanned ?? 0,
+        scanDurationMs: partial.scanDurationMs ?? 0,
+    };
+}
+export function getScanSummary(result) {
+    const activeFindings = result.findings.filter((f) => !f.suppressed);
+    const findingsBySeverity = Object.values(Severity).reduce((acc, severity) => {
+        acc[severity] = activeFindings.filter((f) => f.severity === severity).length;
+        return acc;
+    }, {});
+    return {
+        totalEndpoints: result.endpoints.length,
+        totalFindings: activeFindings.length,
+        findingsBySeverity,
+        suppressedFindings: result.findings.filter((f) => f.suppressed).length,
+    };
+}
+export function getHighestSeverity(result) {
+    const activeFindings = result.findings.filter((f) => !f.suppressed);
+    if (activeFindings.length === 0)
+        return null;
+    return activeFindings.reduce((highest, finding) => {
+        return severityOrder[finding.severity] > severityOrder[highest]
+            ? finding.severity
+            : highest;
+    }, activeFindings[0].severity);
+}
+//# sourceMappingURL=scan-result.js.map

package/dist/core/models/security-classification.d.ts

@@ -0,0 +1,8 @@
+export declare enum SecurityClassification {
+    Public = "public",
+    Authenticated = "authenticated",
+    RoleRestricted = "role-restricted",
+    PolicyRestricted = "policy-restricted"
+}
+export declare function parseSecurityClassification(value: string): SecurityClassification | undefined;
+//# sourceMappingURL=security-classification.d.ts.map

package/dist/core/models/security-classification.js

@@ -0,0 +1,12 @@
+export var SecurityClassification;
+(function (SecurityClassification) {
+    SecurityClassification["Public"] = "public";
+    SecurityClassification["Authenticated"] = "authenticated";
+    SecurityClassification["RoleRestricted"] = "role-restricted";
+    SecurityClassification["PolicyRestricted"] = "policy-restricted";
+})(SecurityClassification || (SecurityClassification = {}));
+export function parseSecurityClassification(value) {
+    const normalized = value.toLowerCase();
+    return Object.values(SecurityClassification).find((c) => c === normalized);
+}
+//# sourceMappingURL=security-classification.js.map

package/dist/core/models/severity.d.ts

@@ -0,0 +1,11 @@
+export declare enum Severity {
+    Info = "info",
+    Low = "low",
+    Medium = "medium",
+    High = "high",
+    Critical = "critical"
+}
+export declare const severityOrder: Record<Severity, number>;
+export declare function compareSeverity(a: Severity, b: Severity): number;
+export declare function parseSeverity(value: string): Severity | undefined;
+//# sourceMappingURL=severity.d.ts.map

package/dist/core/models/severity.js

@@ -0,0 +1,23 @@
+export var Severity;
+(function (Severity) {
+    Severity["Info"] = "info";
+    Severity["Low"] = "low";
+    Severity["Medium"] = "medium";
+    Severity["High"] = "high";
+    Severity["Critical"] = "critical";
+})(Severity || (Severity = {}));
+export const severityOrder = {
+    [Severity.Info]: 0,
+    [Severity.Low]: 1,
+    [Severity.Medium]: 2,
+    [Severity.High]: 3,
+    [Severity.Critical]: 4,
+};
+export function compareSeverity(a, b) {
+    return severityOrder[a] - severityOrder[b];
+}
+export function parseSeverity(value) {
+    const normalized = value.toLowerCase();
+    return Object.values(Severity).find((s) => s === normalized);
+}
+//# sourceMappingURL=severity.js.map