@bouncesecurity/aghast 0.0.13
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +661 -0
- package/README.md +111 -0
- package/config/prompts/generic-instructions.md +56 -0
- package/config/prompts/test-cheaper-instructions.md +57 -0
- package/dist/check-library.d.ts +87 -0
- package/dist/check-library.d.ts.map +1 -0
- package/dist/check-library.js +374 -0
- package/dist/check-library.js.map +1 -0
- package/dist/claude-code-provider.d.ts +26 -0
- package/dist/claude-code-provider.d.ts.map +1 -0
- package/dist/claude-code-provider.js +247 -0
- package/dist/claude-code-provider.js.map +1 -0
- package/dist/cli.d.ts +13 -0
- package/dist/cli.d.ts.map +1 -0
- package/dist/cli.js +78 -0
- package/dist/cli.js.map +1 -0
- package/dist/colors.d.ts +7 -0
- package/dist/colors.d.ts.map +1 -0
- package/dist/colors.js +18 -0
- package/dist/colors.js.map +1 -0
- package/dist/error-codes.d.ts +42 -0
- package/dist/error-codes.d.ts.map +1 -0
- package/dist/error-codes.js +60 -0
- package/dist/error-codes.js.map +1 -0
- package/dist/formatters/index.d.ts +10 -0
- package/dist/formatters/index.d.ts.map +1 -0
- package/dist/formatters/index.js +23 -0
- package/dist/formatters/index.js.map +1 -0
- package/dist/formatters/json-formatter.d.ts +11 -0
- package/dist/formatters/json-formatter.d.ts.map +1 -0
- package/dist/formatters/json-formatter.js +11 -0
- package/dist/formatters/json-formatter.js.map +1 -0
- package/dist/formatters/sarif-formatter.d.ts +18 -0
- package/dist/formatters/sarif-formatter.d.ts.map +1 -0
- package/dist/formatters/sarif-formatter.js +103 -0
- package/dist/formatters/sarif-formatter.js.map +1 -0
- package/dist/formatters/types.d.ts +11 -0
- package/dist/formatters/types.d.ts.map +1 -0
- package/dist/formatters/types.js +6 -0
- package/dist/formatters/types.js.map +1 -0
- package/dist/index.d.ts +7 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +406 -0
- package/dist/index.js.map +1 -0
- package/dist/logging.d.ts +26 -0
- package/dist/logging.d.ts.map +1 -0
- package/dist/logging.js +79 -0
- package/dist/logging.js.map +1 -0
- package/dist/mock-ai-provider.d.ts +18 -0
- package/dist/mock-ai-provider.d.ts.map +1 -0
- package/dist/mock-ai-provider.js +28 -0
- package/dist/mock-ai-provider.js.map +1 -0
- package/dist/new-check.d.ts +13 -0
- package/dist/new-check.d.ts.map +1 -0
- package/dist/new-check.js +405 -0
- package/dist/new-check.js.map +1 -0
- package/dist/prompt-template.d.ts +12 -0
- package/dist/prompt-template.d.ts.map +1 -0
- package/dist/prompt-template.js +35 -0
- package/dist/prompt-template.js.map +1 -0
- package/dist/provider-registry.d.ts +15 -0
- package/dist/provider-registry.d.ts.map +1 -0
- package/dist/provider-registry.js +27 -0
- package/dist/provider-registry.js.map +1 -0
- package/dist/repository-analyzer.d.ts +68 -0
- package/dist/repository-analyzer.d.ts.map +1 -0
- package/dist/repository-analyzer.js +230 -0
- package/dist/repository-analyzer.js.map +1 -0
- package/dist/response-parser.d.ts +12 -0
- package/dist/response-parser.d.ts.map +1 -0
- package/dist/response-parser.js +109 -0
- package/dist/response-parser.js.map +1 -0
- package/dist/runtime-config.d.ts +15 -0
- package/dist/runtime-config.d.ts.map +1 -0
- package/dist/runtime-config.js +73 -0
- package/dist/runtime-config.js.map +1 -0
- package/dist/sarif-parser.d.ts +20 -0
- package/dist/sarif-parser.d.ts.map +1 -0
- package/dist/sarif-parser.js +76 -0
- package/dist/sarif-parser.js.map +1 -0
- package/dist/scan-runner.d.ts +29 -0
- package/dist/scan-runner.d.ts.map +1 -0
- package/dist/scan-runner.js +559 -0
- package/dist/scan-runner.js.map +1 -0
- package/dist/semgrep-runner.d.ts +25 -0
- package/dist/semgrep-runner.d.ts.map +1 -0
- package/dist/semgrep-runner.js +100 -0
- package/dist/semgrep-runner.js.map +1 -0
- package/dist/snippet-extractor.d.ts +25 -0
- package/dist/snippet-extractor.d.ts.map +1 -0
- package/dist/snippet-extractor.js +56 -0
- package/dist/snippet-extractor.js.map +1 -0
- package/dist/types.d.ts +206 -0
- package/dist/types.d.ts.map +1 -0
- package/dist/types.js +19 -0
- package/dist/types.js.map +1 -0
- package/package.json +55 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-runner.js","sourceRoot":"","sources":["../src/scan-runner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAC7C,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AACzC,OAAO,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AACnD,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,iBAAiB,EAAE,MAAM,0BAA0B,CAAC;AAC7D,OAAO,EAAE,UAAU,EAAE,MAAM,qBAAqB,CAAC;AACjD,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AACjF,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EACL,gBAAgB,EAChB,kBAAkB,GAYnB,MAAM,YAAY,CAAC;AAEpB,MAAM,SAAS,GAAG,OAAO,CAAC,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;AAC1D,MAAM,GAAG,GAAG,MAAM,CAAC;AACnB,MAAM,mBAAmB,GAAG,CAAC,CAAC;AAE9B;;;GAGG;AACH,SAAS,aAAa,CAAC,MAAkC;IACvD,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAmB,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IACvE,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IAC3C,OAAO;QACL,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;QAC/D,YAAY,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;QACjE,WAAW,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;KAChE,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,UAAU;IACvB,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,OAAO,CAAC,SAAS,EAAE,IAAI,EAAE,cAAc,CAAC,CAAC;QACzD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;QACzD,OAAO,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAQD;;;;;;;GAOG;AACH,KAAK,UAAU,kBAAkB,CAC/B,KAAU,EACV,WAAmB,EACnB,EAA0C,EAC1C,WAAyB;IAEzB,MAAM,OAAO,GAAG,IAAI,KAAK,CAAI,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3C,IAAI,SAAS,GAAG,CAAC,CAAC;IAElB,KAAK,UAAU,MAAM;QACnB,OAAO,SAAS,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC;YAChC,IAAI,WAAW,EAAE,OAAO;gBAAE,MAAM;YAChC,MAAM,CAAC,GAAG,SAAS,EAAE,CAAC;YACtB,OAAO,CAAC,CAAC,CAAC,GAAG,MAAM,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;QACrC,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,WAAW,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC;IACxD,MAAM,OAAO,GAAoB,EAAE,CAAC;IACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IACzB,CAAC;IAED,wEAAwE;IACxE,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;IAClD,MAAM,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,UAAU,CAAC,CAAC;IACpE,IAAI,cAAc,IAAI,cAAc,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;QAC3D,MAAM,cAAc,CAAC,MAAM,CAAC;IAC9B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAcD;;GAEG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,EAAE,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACvE,MAAM,IAAI,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IAC5C,OAAO,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC;AAC9B,CAAC;AASD;;;GAGG;AACH,KAAK,UAAU,WAAW,CACxB,OAAgB,EAChB,OAAe,EACf,SAAiB,EACjB,cAAsB,EACtB,aAA0D;IAE1D,MAAM,WAAW,GAAG,MAAM,cAAc,CACtC,cAAc,EACd,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,SAAS,EACjB,OAAO,CAAC,OAAO,CAChB,CAAC;IAEF,MAAM,KAAK,GAAkB;QAC3B,OAAO;QACP,SAAS;QACT,IAAI,EAAE,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;QACtC,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,OAAO,EAAE,OAAO,CAAC,OAAO;QACxB,WAAW,EAAE,OAAO,CAAC,WAAW;KACjC,CAAC;IACF,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;IAClC,CAAC;IACD,IAAI,aAAa,EAAE,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1C,KAAK,CAAC,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;IAC1C,CAAC;IACD,IAAI,aAAa,EAAE,UAAU,KAAK,SAAS,EAAE,CAAC;QAC5C,KAAK,CAAC,UAAU,GAAG,aAAa,CAAC,UAAU,CAAC;IAC9C,CAAC;IACD,IAAI,OAAO,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;QACnC,KAAK,CAAC,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAC/C,GAAG,IAAI;YACP,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;SACpC,CAAC,CAAC,CAAC;IACN,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,KAAK,UAAU,kBAAkB,CAC/B,KAAoB,EACpB,SAAiB,EACjB,iBAAyB,EACzB,cAAsB,EACtB,UAAkC,EAClC,aAA0D,EAC1D,WAAoB,EACpB,SAAkB,EAClB,aAAsB;IAEtB,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC;IAEzB,gDAAgD;IAChD,IAAI,KAAK,CAAC,WAAW,EAAE,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1C,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,IAAI,KAAK,CAAC,UAAU,OAAO,mDAAmD,CAAC,CAAC;QACxF,CAAC;QACD,OAAO,uBAAuB,CAC5B,KAAK,EACL,SAAS,EACT,iBAAiB,EACjB,cAAc,EACd,UAAU,EACV,aAAa,EACb,WAAW,EACX,SAAS,EACT,aAAa,CACd,CAAC;IACJ,CAAC;IAED,0CAA0C;IAC1C,IAAI,KAAK,CAAC,WAAW,EAAE,IAAI,KAAK,cAAc,EAAE,CAAC;QAC/C,OAAO,uBAAuB,CAAC,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,aAAa,CAAC,CAAC;IAClF,CAAC;IAED,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CAAC,UAAU,OAAO,mDAAmD,CAAC,CAAC;IACxF,CAAC;IAED,WAAW,CAAC,GAAG,EAAE,kBAAkB,SAAS,EAAE,CAAC,CAAC;IAEhD,MAAM,MAAM,GAAG,MAAM,WAAW,CAAC,iBAAiB,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;IAC9E,QAAQ,CAAC,GAAG,EAAE,iBAAiB,MAAM,CAAC,MAAM,QAAQ,CAAC,CAAC;IAEtD,IAAI,MAAM,GAAoB,EAAE,CAAC;IACjC,IAAI,OAA8B,CAAC;IAEnC,MAAM,UAAU,GAAG,WAAW,EAAE,CAAC;IAEjC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;QACzE,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;QAE3C,QAAQ,CAAC,GAAG,EAAE,gBAAgB,UAAU,CAAC,GAAG,CAAC,MAAM,QAAQ,CAAC,CAAC;QAC7D,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,IAAI,eAAe,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;QAEpE,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,WAAW,CAAC,GAAG,EAAE,oCAAoC,CAAC,CAAC;YACvD,OAAO,GAAG;gBACR,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,OAAO;gBACf,WAAW,EAAE,CAAC;gBACd,aAAa;gBACb,KAAK,EAAE,yCAAyC;gBAChD,aAAa,EAAE,UAAU,CAAC,GAAG;gBAC7B,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,CAAC;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,WAAW,CAAC,GAAG,EAAE,iBAAiB,MAAM,CAAC,MAAM,CAAC,MAAM,UAAU,CAAC,CAAC;YAElE,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CACxB,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC5B,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,aAAa,CAAC,CACxE,CACF,CAAC;YAEF,OAAO,GAAG;gBACR,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,MAAM;gBACd,WAAW,EAAE,MAAM,CAAC,MAAM;gBAC1B,aAAa;gBACb,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,CAAC;QACJ,CAAC;aAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YAC1B,WAAW,CAAC,GAAG,EAAE,sCAAsC,CAAC,CAAC;YACzD,OAAO,GAAG;gBACR,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,MAAM;gBACd,WAAW,EAAE,CAAC;gBACd,aAAa;gBACb,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,WAAW,CAAC,GAAG,EAAE,cAAc,CAAC,CAAC;YACjC,OAAO,GAAG;gBACR,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,MAAM;gBACd,WAAW,EAAE,CAAC;gBACd,aAAa;gBACb,UAAU,EAAE,UAAU,CAAC,UAAU;aAClC,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,0DAA0D;QAC1D,IAAI,GAAG,YAAY,kBAAkB,EAAE,CAAC;YACtC,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;QAC3C,MAAM,QAAQ,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAClE,WAAW,CAAC,GAAG,EAAE,kBAAkB,QAAQ,GAAG,CAAC,CAAC;QAChD,OAAO,GAAG;YACR,OAAO;YACP,SAAS;YACT,MAAM,EAAE,OAAO;YACf,WAAW,EAAE,CAAC;YACd,aAAa;YACb,KAAK,EAAE,QAAQ;SAChB,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC;AAC7B,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,gBAAgB,CAC7B,MAAmB,EACnB,OAAe,EACf,SAAiB,EACjB,cAAsB,EACtB,aAA0D;IAE1D,MAAM,WAAW,GAAG,MAAM,cAAc,CACtC,cAAc,EACd,MAAM,CAAC,IAAI,EACX,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,OAAO,CACf,CAAC;IAEF,MAAM,KAAK,GAAkB;QAC3B,OAAO;QACP,SAAS;QACT,IAAI,EAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;QACrC,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,WAAW,EAAE,MAAM,CAAC,OAAO,IAAI,iBAAiB;KACjD,CAAC;IACF,IAAI,WAAW,KAAK,SAAS,EAAE,CAAC;QAC9B,KAAK,CAAC,WAAW,GAAG,WAAW,CAAC;IAClC,CAAC;IACD,IAAI,aAAa,EAAE,QAAQ,KAAK,SAAS,EAAE,CAAC;QAC1C,KAAK,CAAC,QAAQ,GAAG,aAAa,CAAC,QAAQ,CAAC;IAC1C,CAAC;IACD,IAAI,aAAa,EAAE,UAAU,KAAK,SAAS,EAAE,CAAC;QAC5C,KAAK,CAAC,UAAU,GAAG,aAAa,CAAC,UAAU,CAAC;IAC9C,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,KAAK,UAAU,uBAAuB,CACpC,KAAoB,EACpB,SAAiB,EACjB,cAAsB,EACtB,aAA0D;IAE1D,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,KAAK,CAAC,WAAY,CAAC;IAEvC,WAAW,CAAC,GAAG,EAAE,+BAA+B,SAAS,EAAE,CAAC,CAAC;IAC7D,MAAM,UAAU,GAAG,WAAW,EAAE,CAAC;IAEjC,IAAI,CAAC;QACH,sCAAsC;QACtC,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACpC,cAAc;YACd,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,MAAM,EAAE,WAAW,CAAC,MAAM;SAC3B,CAAC,CAAC;QAEH,2CAA2C;QAC3C,IAAI,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;QACvC,OAAO,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAEtC,IAAI,WAAW,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACzC,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC;QAC1D,CAAC;QAED,gCAAgC;QAChC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,WAAW,CAAC,GAAG,EAAE,4BAA4B,CAAC,CAAC;YAC/C,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO;oBACP,SAAS;oBACT,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,CAAC;oBACd,aAAa,EAAE,UAAU,CAAC,OAAO,EAAE;oBACnC,eAAe,EAAE,CAAC;iBACnB;gBACD,MAAM,EAAE,EAAE;aACX,CAAC;QACJ,CAAC;QAED,yDAAyD;QACzD,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,OAAO,CAAC,GAAG,CAAC,CAAC,MAAM,EAAE,EAAE,CACrB,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,aAAa,CAAC,CAC5E,CACF,CAAC;QAEF,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;QAC3C,WAAW,CAAC,GAAG,EAAE,iBAAiB,MAAM,CAAC,MAAM,cAAc,OAAO,CAAC,MAAM,WAAW,CAAC,CAAC;QAExF,OAAO;YACL,OAAO,EAAE;gBACP,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,MAAM;gBACd,WAAW,EAAE,MAAM,CAAC,MAAM;gBAC1B,aAAa;gBACb,eAAe,EAAE,OAAO,CAAC,MAAM;aAChC;YACD,MAAM;SACP,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;QAC3C,MAAM,QAAQ,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAClE,WAAW,CAAC,GAAG,EAAE,kBAAkB,QAAQ,GAAG,CAAC,CAAC;QAChD,OAAO;YACL,OAAO,EAAE;gBACP,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,OAAO;gBACf,WAAW,EAAE,CAAC;gBACd,aAAa;gBACb,KAAK,EAAE,QAAQ;aAChB;YACD,MAAM,EAAE,EAAE;SACX,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,KAAoB,EACpB,SAAiB,EACjB,iBAAyB,EACzB,cAAsB,EACtB,UAAsB,EACtB,aAA0D,EAC1D,kBAA2B,EAC3B,SAAkB,EAClB,aAAsB;IAEtB,MAAM,OAAO,GAAG,KAAK,CAAC,EAAE,CAAC;IACzB,MAAM,WAAW,GAAG,KAAK,CAAC,WAAY,CAAC;IAEvC,WAAW,CAAC,GAAG,EAAE,+BAA+B,SAAS,EAAE,CAAC,CAAC;IAC7D,MAAM,UAAU,GAAG,WAAW,EAAE,CAAC;IAEjC,IAAI,CAAC;QACH,qCAAqC;QACrC,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC;YACpC,cAAc;YACd,KAAK,EAAE,WAAW,CAAC,KAAK;YACxB,MAAM,EAAE,WAAW,CAAC,MAAM;SAC3B,CAAC,CAAC;QAEH,2CAA2C;QAC3C,IAAI,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;QACvC,OAAO,GAAG,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAEtC,IAAI,WAAW,CAAC,UAAU,KAAK,SAAS,EAAE,CAAC;YACzC,OAAO,GAAG,YAAY,CAAC,OAAO,EAAE,WAAW,CAAC,UAAU,CAAC,CAAC;QAC1D,CAAC;QAED,gCAAgC;QAChC,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,WAAW,CAAC,GAAG,EAAE,iCAAiC,CAAC,CAAC;YACpD,OAAO;gBACL,OAAO,EAAE;oBACP,OAAO;oBACP,SAAS;oBACT,MAAM,EAAE,MAAM;oBACd,WAAW,EAAE,CAAC;oBACd,aAAa,EAAE,UAAU,CAAC,OAAO,EAAE;oBACnC,eAAe,EAAE,CAAC;iBACnB;gBACD,MAAM,EAAE,EAAE;aACX,CAAC;QACJ,CAAC;QAED,kEAAkE;QAClE,MAAM,oBAAoB,GACxB,WAAW,CAAC,WAAW,IAAI,kBAAkB,IAAI,mBAAmB,CAAC;QAEvE,WAAW,CAAC,GAAG,EAAE,SAAS,OAAO,CAAC,MAAM,qCAAqC,oBAAoB,GAAG,CAAC,CAAC;QAEtG,kCAAkC;QAClC,MAAM,UAAU,GAAG,MAAM,WAAW,CAAC,iBAAiB,EAAE,SAAS,EAAE,aAAa,CAAC,CAAC;QAClF,IAAI,cAAc,GAAG,CAAC,CAAC;QACvB,MAAM,WAAW,GAAgB,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;QAEpD,MAAM,aAAa,GAAG,MAAM,kBAAkB,CAC5C,OAAO,EACP,oBAAoB,EACpB,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE,EAAE;YACpB,MAAM,KAAK,GAAG,WAAW,GAAG,GAAG,CAAC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;YACtD,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,UAAU,GAAG;;;UAG5B,MAAM,CAAC,IAAI;WACV,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,OAAO;;;;;;;CAO5C,CAAC;gBAEQ,QAAQ,CAAC,GAAG,EAAE,GAAG,KAAK,sBAAsB,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC;gBACjG,MAAM,UAAU,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,MAAM,EAAE,cAAc,EAAE,KAAK,CAAC,CAAC;gBAEhF,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,IAAI,eAAe,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;gBAEpE,IAAI,CAAC,MAAM,EAAE,CAAC;oBACZ,QAAQ,CAAC,GAAG,EAAE,GAAG,KAAK,qCAAqC,CAAC,CAAC;oBAC7D,OAAO,EAAE,MAAM,EAAE,EAAqB,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,UAAU,CAAC,UAAU,EAAE,CAAC;gBAC3G,CAAC;gBAED,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,GAAG,CAC9B,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAC5B,WAAW,CAAC,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,cAAc,EAAE,aAAa,CAAC,CACxE,CACF,CAAC;gBACF,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,CAAC,OAAO,KAAK,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,UAAU,EAAE,CAAC;YACvG,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,gEAAgE;gBAChE,IAAI,GAAG,YAAY,kBAAkB,EAAE,CAAC;oBACtC,WAAW,CAAC,OAAO,GAAG,IAAI,CAAC;oBAC3B,WAAW,CAAC,MAAM,GAAG,GAAG,CAAC;oBACzB,MAAM,GAAG,CAAC;gBACZ,CAAC;gBACD,MAAM,QAAQ,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBAClE,QAAQ,CAAC,GAAG,EAAE,GAAG,KAAK,kBAAkB,QAAQ,EAAE,CAAC,CAAC;gBACpD,OAAO,EAAE,MAAM,EAAE,EAAqB,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,CAAC;YAC/F,CAAC;oBAAS,CAAC;gBACT,cAAc,EAAE,CAAC;gBACjB,WAAW,CAAC,GAAG,EAAE,aAAa,cAAc,IAAI,OAAO,CAAC,MAAM,mBAAmB,CAAC,CAAC;YACrF,CAAC;QACH,CAAC,EACD,WAAW,CACZ,CAAC;QAEF,uBAAuB;QACvB,MAAM,SAAS,GAAoB,EAAE,CAAC;QACtC,IAAI,SAAS,GAAG,KAAK,CAAC;QACtB,IAAI,UAAU,GAAG,KAAK,CAAC;QACvB,MAAM,iBAAiB,GAA+B,EAAE,CAAC;QACzD,KAAK,MAAM,MAAM,IAAI,aAAa,EAAE,CAAC;YACnC,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;YACjC,IAAI,MAAM,CAAC,KAAK;gBAAE,SAAS,GAAG,IAAI,CAAC;YACnC,IAAI,MAAM,CAAC,OAAO;gBAAE,UAAU,GAAG,IAAI,CAAC;YACtC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;QAC5C,CAAC;QAED,kDAAkD;QAClD,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;QAC3C,IAAI,MAA0C,CAAC;QAC/C,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzB,MAAM,GAAG,MAAM,CAAC;QAClB,CAAC;aAAM,IAAI,UAAU,EAAE,CAAC;YACtB,MAAM,GAAG,MAAM,CAAC;QAClB,CAAC;aAAM,IAAI,SAAS,EAAE,CAAC;YACrB,MAAM,GAAG,OAAO,CAAC;QACnB,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,MAAM,CAAC;QAClB,CAAC;QAED,WAAW,CAAC,GAAG,EAAE,WAAW,MAAM,KAAK,SAAS,CAAC,MAAM,YAAY,OAAO,CAAC,MAAM,WAAW,CAAC,CAAC;QAE9F,OAAO;YACL,OAAO,EAAE;gBACP,OAAO;gBACP,SAAS;gBACT,MAAM;gBACN,WAAW,EAAE,SAAS,CAAC,MAAM;gBAC7B,aAAa;gBACb,eAAe,EAAE,OAAO,CAAC,MAAM;gBAC/B,UAAU,EAAE,aAAa,CAAC,iBAAiB,CAAC;aAC7C;YACD,MAAM,EAAE,SAAS;SAClB,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,0DAA0D;QAC1D,IAAI,GAAG,YAAY,kBAAkB,EAAE,CAAC;YACtC,MAAM,GAAG,CAAC;QACZ,CAAC;QACD,MAAM,aAAa,GAAG,UAAU,CAAC,OAAO,EAAE,CAAC;QAC3C,MAAM,QAAQ,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAClE,WAAW,CAAC,GAAG,EAAE,kBAAkB,QAAQ,GAAG,CAAC,CAAC;QAChD,OAAO;YACL,OAAO,EAAE;gBACP,OAAO;gBACP,SAAS;gBACT,MAAM,EAAE,OAAO;gBACf,WAAW,EAAE,CAAC;gBACd,aAAa;gBACb,KAAK,EAAE,QAAQ;aAChB;YACD,MAAM,EAAE,EAAE;SACX,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,OAAyB;IAC1D,MAAM,EAAE,cAAc,EAAE,MAAM,EAAE,UAAU,EAAE,WAAW,EAAE,cAAc,EAAE,WAAW,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,OAAO,CAAC;IAC3H,MAAM,SAAS,GAAG,WAAW,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,cAAc,EAAE,CAAC;IAChC,MAAM,SAAS,GAAG,IAAI,IAAI,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,MAAM,UAAU,EAAE,CAAC;IAEnC,WAAW,CAAC,GAAG,EAAE,6BAA6B,MAAM,KAAK,MAAM,CAAC,MAAM,UAAU,CAAC,CAAC;IAClF,QAAQ,CAAC,GAAG,EAAE,eAAe,cAAc,EAAE,CAAC,CAAC;IAE/C,uEAAuE;IACvE,IAAI,cAA8B,CAAC;IACnC,IAAI,OAAO,CAAC,cAAc,EAAE,CAAC;QAC3B,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,cAAc,CAAC,CAAC;QAC7D,cAAc,GAAG,YAAY,CAAC,UAAU,CAAC;IAC3C,CAAC;IAED,MAAM,iBAAiB,GAA4B,EAAE,CAAC;IACtD,MAAM,SAAS,GAAoB,EAAE,CAAC;IAEtC,8BAA8B;IAC9B,KAAK,IAAI,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC;QAC1C,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;QACtC,MAAM,aAAa,GAAG;YACpB,QAAQ,EAAE,KAAK,CAAC,QAAQ;YACxB,UAAU,EAAE,KAAK,CAAC,UAAU;SAC7B,CAAC;QAEF,IAAI,CAAC;YACH,MAAM,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,GAAG,MAAM,kBAAkB,CAChE,KAAK,EACL,OAAO,CAAC,IAAI,EACZ,OAAO,CAAC,OAAO,EACf,cAAc,EACd,UAAU,EACV,aAAa,EACb,WAAW,EACX,SAAS,EACT,aAAa,CACd,CAAC;YAEF,iBAAiB,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;YACrC,SAAS,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,CAAC;QAC5B,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,GAAG,YAAY,kBAAkB,EAAE,CAAC;gBACtC,oCAAoC;gBACpC,WAAW,CAAC,GAAG,EAAE,6BAA6B,KAAK,CAAC,EAAE,MAAM,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAC3E,iBAAiB,CAAC,IAAI,CAAC;oBACrB,OAAO,EAAE,KAAK,CAAC,EAAE;oBACjB,SAAS,EAAE,OAAO,CAAC,IAAI;oBACvB,MAAM,EAAE,OAAO;oBACf,WAAW,EAAE,CAAC;oBACd,aAAa,EAAE,CAAC;oBAChB,KAAK,EAAE,GAAG,CAAC,OAAO;iBACnB,CAAC,CAAC;gBACH,6CAA6C;gBAC7C,KAAK,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,EAAE,EAAE,GAAG,MAAM,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC;oBAC/C,MAAM,SAAS,GAAG,MAAM,CAAC,EAAE,CAAC,CAAC;oBAC7B,WAAW,CAAC,GAAG,EAAE,mBAAmB,SAAS,CAAC,KAAK,CAAC,EAAE,sBAAsB,CAAC,CAAC;oBAC9E,iBAAiB,CAAC,IAAI,CAAC;wBACrB,OAAO,EAAE,SAAS,CAAC,KAAK,CAAC,EAAE;wBAC3B,SAAS,EAAE,SAAS,CAAC,OAAO,CAAC,IAAI;wBACjC,MAAM,EAAE,OAAO;wBACf,WAAW,EAAE,CAAC;wBACd,aAAa,EAAE,CAAC;wBAChB,KAAK,EAAE,iBAAiB,GAAG,CAAC,OAAO,EAAE;qBACtC,CAAC,CAAC;gBACL,CAAC;gBACD,WAAW,CAAC,GAAG,EAAE,oCAAoC,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBACpE,MAAM;YACR,CAAC;YACD,4EAA4E;YAC5E,sCAAsC;YACtC,MAAM,GAAG,CAAC;QACZ,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG,IAAI,IAAI,EAAE,CAAC;IAC3B,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC;IAE9D,MAAM,OAAO,GAAgB;QAC3B,WAAW,EAAE,iBAAiB,CAAC,MAAM;QACrC,YAAY,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM;QACzE,YAAY,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM;QACzE,aAAa,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,MAAM;QAC1E,WAAW,EAAE,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,OAAO,CAAC,CAAC,MAAM;QACzE,WAAW,EAAE,SAAS,CAAC,MAAM;KAC9B,CAAC;IAEF,WAAW,CAAC,GAAG,EAAE,qBAAqB,SAAS,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAEhE,0CAA0C;IAC1C,MAAM,mBAAmB,GAAG,aAAa,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC;IAEtF,MAAM,OAAO,GAAgB;QAC3B,MAAM;QACN,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE;QAClC,OAAO;QACP,UAAU,EAAE,cAAc;QAC1B,MAAM,EAAE,SAAS;QACjB,MAAM,EAAE,iBAAiB;QACzB,OAAO;QACP,aAAa;QACb,SAAS,EAAE,SAAS,CAAC,WAAW,EAAE;QAClC,OAAO,EAAE,OAAO,CAAC,WAAW,EAAE;QAC9B,UAAU,EAAE,UAAU;YACpB,CAAC,CAAC,EAAE,IAAI,EAAE,cAAc,IAAI,aAAa,EAAE,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC,EAAE;YACrG,CAAC,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE;QAChC,UAAU,EAAE,mBAAmB;KAChC,CAAC;IAEF,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Semgrep runner.
|
|
3
|
+
* Executes Semgrep against a repository and returns raw SARIF output.
|
|
4
|
+
*/
|
|
5
|
+
export interface SemgrepOptions {
|
|
6
|
+
repositoryPath: string;
|
|
7
|
+
rules?: string | string[];
|
|
8
|
+
config?: string;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Build the Semgrep CLI arguments.
|
|
12
|
+
*/
|
|
13
|
+
export declare function buildSemgrepArgs(options: SemgrepOptions, outputFile: string): string[];
|
|
14
|
+
/**
|
|
15
|
+
* Verify that Semgrep is installed and available on PATH.
|
|
16
|
+
* Resolves if found, rejects with a user-friendly error if not.
|
|
17
|
+
* Skips the check when AGHAST_MOCK_SEMGREP is set.
|
|
18
|
+
*/
|
|
19
|
+
export declare function verifySemgrepInstalled(): Promise<void>;
|
|
20
|
+
/**
|
|
21
|
+
* Execute Semgrep and return raw SARIF string.
|
|
22
|
+
* If AGHAST_MOCK_SEMGREP env var is set, reads and returns that file instead.
|
|
23
|
+
*/
|
|
24
|
+
export declare function runSemgrep(options: SemgrepOptions): Promise<string>;
|
|
25
|
+
//# sourceMappingURL=semgrep-runner.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"semgrep-runner.d.ts","sourceRoot":"","sources":["../src/semgrep-runner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAUH,MAAM,WAAW,cAAc;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,cAAc,EACvB,UAAU,EAAE,MAAM,GACjB,MAAM,EAAE,CAeV;AAED;;;;GAIG;AACH,wBAAsB,sBAAsB,IAAI,OAAO,CAAC,IAAI,CAAC,CAa5D;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,CAoEzE"}
|
|
@@ -0,0 +1,100 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Semgrep runner.
|
|
3
|
+
* Executes Semgrep against a repository and returns raw SARIF output.
|
|
4
|
+
*/
|
|
5
|
+
import { execFile } from 'node:child_process';
|
|
6
|
+
import { readFile, mkdtemp, rm, access } from 'node:fs/promises';
|
|
7
|
+
import { join } from 'node:path';
|
|
8
|
+
import { tmpdir } from 'node:os';
|
|
9
|
+
import { logProgress, logDebug } from './logging.js';
|
|
10
|
+
const TAG = 'semgrep';
|
|
11
|
+
/**
|
|
12
|
+
* Build the Semgrep CLI arguments.
|
|
13
|
+
*/
|
|
14
|
+
export function buildSemgrepArgs(options, outputFile) {
|
|
15
|
+
const args = [];
|
|
16
|
+
if (options.config) {
|
|
17
|
+
args.push('--config', options.config);
|
|
18
|
+
}
|
|
19
|
+
else if (options.rules) {
|
|
20
|
+
const rulesList = Array.isArray(options.rules) ? options.rules : [options.rules];
|
|
21
|
+
for (const rule of rulesList) {
|
|
22
|
+
args.push('--config', rule);
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
args.push('--sarif', '--output', outputFile, '.');
|
|
26
|
+
return args;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* Verify that Semgrep is installed and available on PATH.
|
|
30
|
+
* Resolves if found, rejects with a user-friendly error if not.
|
|
31
|
+
* Skips the check when AGHAST_MOCK_SEMGREP is set.
|
|
32
|
+
*/
|
|
33
|
+
export async function verifySemgrepInstalled() {
|
|
34
|
+
if (process.env.AGHAST_MOCK_SEMGREP)
|
|
35
|
+
return;
|
|
36
|
+
return new Promise((resolve, reject) => {
|
|
37
|
+
execFile('semgrep', ['--version'], (error) => {
|
|
38
|
+
if (error && error.code === 'ENOENT') {
|
|
39
|
+
reject(new Error('Semgrep is required for the configured checks but was not found. Install it from https://semgrep.dev/docs/getting-started/'));
|
|
40
|
+
return;
|
|
41
|
+
}
|
|
42
|
+
resolve();
|
|
43
|
+
});
|
|
44
|
+
});
|
|
45
|
+
}
|
|
46
|
+
/**
|
|
47
|
+
* Execute Semgrep and return raw SARIF string.
|
|
48
|
+
* If AGHAST_MOCK_SEMGREP env var is set, reads and returns that file instead.
|
|
49
|
+
*/
|
|
50
|
+
export async function runSemgrep(options) {
|
|
51
|
+
const mockFile = process.env.AGHAST_MOCK_SEMGREP;
|
|
52
|
+
if (mockFile) {
|
|
53
|
+
logDebug(TAG, `Mock mode: reading SARIF from ${mockFile}`);
|
|
54
|
+
try {
|
|
55
|
+
return await readFile(mockFile, 'utf-8');
|
|
56
|
+
}
|
|
57
|
+
catch (err) {
|
|
58
|
+
throw new Error(`Failed to read AGHAST_MOCK_SEMGREP file: ${mockFile}`, { cause: err });
|
|
59
|
+
}
|
|
60
|
+
}
|
|
61
|
+
logProgress(TAG, 'Running Semgrep...');
|
|
62
|
+
const tmpDir = await mkdtemp(join(tmpdir(), 'aghast-semgrep-'));
|
|
63
|
+
const outputFile = join(tmpDir, 'results.sarif');
|
|
64
|
+
try {
|
|
65
|
+
const args = buildSemgrepArgs(options, outputFile);
|
|
66
|
+
logDebug(TAG, `Command: semgrep ${args.join(' ')}`);
|
|
67
|
+
const { stderr: stderrContent, hadError } = await new Promise((resolve, reject) => {
|
|
68
|
+
execFile('semgrep', args, { cwd: options.repositoryPath, timeout: 300_000 }, (error, _stdout, stderr) => {
|
|
69
|
+
if (error) {
|
|
70
|
+
if (error.code === 'ENOENT') {
|
|
71
|
+
reject(new Error('Semgrep not found. Install it from https://semgrep.dev/docs/getting-started/'));
|
|
72
|
+
return;
|
|
73
|
+
}
|
|
74
|
+
// Semgrep >= 1.0: exit code 0 means success (with or without findings),
|
|
75
|
+
// exit code 1 means an error occurred. Resolve with stderr so the caller
|
|
76
|
+
// can check whether the output file was actually produced.
|
|
77
|
+
resolve({ stderr, hadError: true });
|
|
78
|
+
return;
|
|
79
|
+
}
|
|
80
|
+
resolve({ stderr, hadError: false });
|
|
81
|
+
});
|
|
82
|
+
});
|
|
83
|
+
if (hadError) {
|
|
84
|
+
throw new Error(`Semgrep execution failed${stderrContent.trim() ? `: ${stderrContent.trim()}` : ''}`);
|
|
85
|
+
}
|
|
86
|
+
const outputFileExists = await access(outputFile).then(() => true, () => false);
|
|
87
|
+
if (!outputFileExists) {
|
|
88
|
+
throw new Error('Semgrep did not produce output');
|
|
89
|
+
}
|
|
90
|
+
const sarifContent = await readFile(outputFile, 'utf-8');
|
|
91
|
+
logDebug(TAG, `SARIF output: ${sarifContent.length} chars`);
|
|
92
|
+
return sarifContent;
|
|
93
|
+
}
|
|
94
|
+
finally {
|
|
95
|
+
await rm(tmpDir, { recursive: true, force: true }).catch((err) => {
|
|
96
|
+
logDebug(TAG, `Failed to clean up temp directory ${tmpDir}: ${err}`);
|
|
97
|
+
});
|
|
98
|
+
}
|
|
99
|
+
}
|
|
100
|
+
//# sourceMappingURL=semgrep-runner.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"semgrep-runner.js","sourceRoot":"","sources":["../src/semgrep-runner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,kBAAkB,CAAC;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AACjC,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,cAAc,CAAC;AAErD,MAAM,GAAG,GAAG,SAAS,CAAC;AAQtB;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,OAAuB,EACvB,UAAkB;IAElB,MAAM,IAAI,GAAa,EAAE,CAAC;IAE1B,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;IACxC,CAAC;SAAM,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QACzB,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QACjF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAED,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IAElD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,sBAAsB;IAC1C,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB;QAAE,OAAO;IAC5C,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,QAAQ,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,CAAC,KAAK,EAAE,EAAE;YAC3C,IAAI,KAAK,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBAChE,MAAM,CAAC,IAAI,KAAK,CACd,4HAA4H,CAC7H,CAAC,CAAC;gBACH,OAAO;YACT,CAAC;YACD,OAAO,EAAE,CAAC;QACZ,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAuB;IACtD,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IACjD,IAAI,QAAQ,EAAE,CAAC;QACb,QAAQ,CAAC,GAAG,EAAE,iCAAiC,QAAQ,EAAE,CAAC,CAAC;QAC3D,IAAI,CAAC;YACH,OAAO,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC3C,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,4CAA4C,QAAQ,EAAE,EACtD,EAAE,KAAK,EAAE,GAAG,EAAE,CACf,CAAC;QACJ,CAAC;IACH,CAAC;IAED,WAAW,CAAC,GAAG,EAAE,oBAAoB,CAAC,CAAC;IAEvC,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,iBAAiB,CAAC,CAAC,CAAC;IAChE,MAAM,UAAU,GAAG,IAAI,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;IAEjD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,gBAAgB,CAAC,OAAO,EAAE,UAAU,CAAC,CAAC;QACnD,QAAQ,CAAC,GAAG,EAAE,oBAAoB,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEpD,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,QAAQ,EAAE,GAAG,MAAM,IAAI,OAAO,CAAwC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;YACvH,QAAQ,CACN,SAAS,EACT,IAAI,EACJ,EAAE,GAAG,EAAE,OAAO,CAAC,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,EACjD,CAAC,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE;gBACzB,IAAI,KAAK,EAAE,CAAC;oBACV,IAAK,KAA+B,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;wBACvD,MAAM,CACJ,IAAI,KAAK,CACP,8EAA8E,CAC/E,CACF,CAAC;wBACF,OAAO;oBACT,CAAC;oBACD,wEAAwE;oBACxE,yEAAyE;oBACzE,2DAA2D;oBAC3D,OAAO,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;oBACpC,OAAO;gBACT,CAAC;gBACD,OAAO,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,CAAC,CAAC;YACvC,CAAC,CACF,CAAC;QACJ,CAAC,CAAC,CAAC;QAEH,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,KAAK,CACb,2BAA2B,aAAa,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,KAAK,aAAa,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CACrF,CAAC;QACJ,CAAC;QAED,MAAM,gBAAgB,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC;QAChF,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,MAAM,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,YAAY,GAAG,MAAM,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QACzD,QAAQ,CAAC,GAAG,EAAE,iBAAiB,YAAY,CAAC,MAAM,QAAQ,CAAC,CAAC;QAC5D,OAAO,YAAY,CAAC;IACtB,CAAC;YAAS,CAAC;QACT,MAAM,EAAE,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,EAAE;YAC/D,QAAQ,CAAC,GAAG,EAAE,qCAAqC,MAAM,KAAK,GAAG,EAAE,CAAC,CAAC;QACvE,CAAC,CAAC,CAAC;IACL,CAAC;AACH,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Code snippet extractor.
|
|
3
|
+
* Extracts code snippets from source files at reported line ranges.
|
|
4
|
+
* Used to enrich SecurityIssue with codeSnippet (spec Appendix C.4).
|
|
5
|
+
*/
|
|
6
|
+
/**
|
|
7
|
+
* Check that a resolved file path is contained within the repository directory.
|
|
8
|
+
* Prevents path traversal attacks where AI-returned file paths like
|
|
9
|
+
* "../../../../etc/passwd" could read files outside the repository.
|
|
10
|
+
*/
|
|
11
|
+
export declare function isPathWithinRepository(repositoryPath: string, absolutePath: string): boolean;
|
|
12
|
+
/**
|
|
13
|
+
* Extract lines from a file at the given line range (1-based, inclusive).
|
|
14
|
+
* Returns undefined if the file cannot be read or the range is invalid.
|
|
15
|
+
*
|
|
16
|
+
* Security: Refuses to read files that resolve outside the repository directory
|
|
17
|
+
* to prevent path traversal via AI-returned file paths.
|
|
18
|
+
*
|
|
19
|
+
* Edge case behavior:
|
|
20
|
+
* - If both startLine and endLine are undefined: returns undefined (no snippet)
|
|
21
|
+
* - If only startLine is provided: endLine defaults to startLine (single line)
|
|
22
|
+
* - If only endLine is provided: startLine defaults to 1
|
|
23
|
+
*/
|
|
24
|
+
export declare function extractSnippet(repositoryPath: string, filePath: string, startLine?: number, endLine?: number): Promise<string | undefined>;
|
|
25
|
+
//# sourceMappingURL=snippet-extractor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"snippet-extractor.d.ts","sourceRoot":"","sources":["../src/snippet-extractor.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH;;;;GAIG;AACH,wBAAgB,sBAAsB,CAAC,cAAc,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO,CAI5F;AAED;;;;;;;;;;;GAWG;AACH,wBAAsB,cAAc,CAClC,cAAc,EAAE,MAAM,EACtB,QAAQ,EAAE,MAAM,EAChB,SAAS,CAAC,EAAE,MAAM,EAClB,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,CA+B7B"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Code snippet extractor.
|
|
3
|
+
* Extracts code snippets from source files at reported line ranges.
|
|
4
|
+
* Used to enrich SecurityIssue with codeSnippet (spec Appendix C.4).
|
|
5
|
+
*/
|
|
6
|
+
import { readFile } from 'node:fs/promises';
|
|
7
|
+
import { resolve, sep } from 'node:path';
|
|
8
|
+
/**
|
|
9
|
+
* Check that a resolved file path is contained within the repository directory.
|
|
10
|
+
* Prevents path traversal attacks where AI-returned file paths like
|
|
11
|
+
* "../../../../etc/passwd" could read files outside the repository.
|
|
12
|
+
*/
|
|
13
|
+
export function isPathWithinRepository(repositoryPath, absolutePath) {
|
|
14
|
+
const normalizedRepo = resolve(repositoryPath) + sep;
|
|
15
|
+
const normalizedFile = resolve(absolutePath);
|
|
16
|
+
return normalizedFile.startsWith(normalizedRepo);
|
|
17
|
+
}
|
|
18
|
+
/**
|
|
19
|
+
* Extract lines from a file at the given line range (1-based, inclusive).
|
|
20
|
+
* Returns undefined if the file cannot be read or the range is invalid.
|
|
21
|
+
*
|
|
22
|
+
* Security: Refuses to read files that resolve outside the repository directory
|
|
23
|
+
* to prevent path traversal via AI-returned file paths.
|
|
24
|
+
*
|
|
25
|
+
* Edge case behavior:
|
|
26
|
+
* - If both startLine and endLine are undefined: returns undefined (no snippet)
|
|
27
|
+
* - If only startLine is provided: endLine defaults to startLine (single line)
|
|
28
|
+
* - If only endLine is provided: startLine defaults to 1
|
|
29
|
+
*/
|
|
30
|
+
export async function extractSnippet(repositoryPath, filePath, startLine, endLine) {
|
|
31
|
+
// When both are undefined, we have no line information to extract
|
|
32
|
+
if (startLine === undefined && endLine === undefined) {
|
|
33
|
+
return undefined;
|
|
34
|
+
}
|
|
35
|
+
const absolutePath = resolve(repositoryPath, filePath);
|
|
36
|
+
// Prevent path traversal — refuse to read files outside the repository
|
|
37
|
+
if (!isPathWithinRepository(repositoryPath, absolutePath)) {
|
|
38
|
+
return undefined;
|
|
39
|
+
}
|
|
40
|
+
let content;
|
|
41
|
+
try {
|
|
42
|
+
content = await readFile(absolutePath, 'utf-8');
|
|
43
|
+
}
|
|
44
|
+
catch {
|
|
45
|
+
return undefined;
|
|
46
|
+
}
|
|
47
|
+
const lines = content.split('\n');
|
|
48
|
+
const start = Math.max(1, startLine ?? 1);
|
|
49
|
+
const end = Math.min(lines.length, endLine ?? start);
|
|
50
|
+
if (start > lines.length || start > end) {
|
|
51
|
+
return undefined;
|
|
52
|
+
}
|
|
53
|
+
// Lines are 1-based in the spec, arrays are 0-based
|
|
54
|
+
return lines.slice(start - 1, end).join('\n');
|
|
55
|
+
}
|
|
56
|
+
//# sourceMappingURL=snippet-extractor.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"snippet-extractor.js","sourceRoot":"","sources":["../src/snippet-extractor.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,GAAG,EAAE,MAAM,WAAW,CAAC;AAEzC;;;;GAIG;AACH,MAAM,UAAU,sBAAsB,CAAC,cAAsB,EAAE,YAAoB;IACjF,MAAM,cAAc,GAAG,OAAO,CAAC,cAAc,CAAC,GAAG,GAAG,CAAC;IACrD,MAAM,cAAc,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC;IAC7C,OAAO,cAAc,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;AACnD,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,cAAsB,EACtB,QAAgB,EAChB,SAAkB,EAClB,OAAgB;IAEhB,kEAAkE;IAClE,IAAI,SAAS,KAAK,SAAS,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QACrD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,YAAY,GAAG,OAAO,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;IAEvD,uEAAuE;IACvE,IAAI,CAAC,sBAAsB,CAAC,cAAc,EAAE,YAAY,CAAC,EAAE,CAAC;QAC1D,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,IAAI,OAAe,CAAC;IACpB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,IAAI,CAAC,CAAC,CAAC;IAC1C,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,OAAO,IAAI,KAAK,CAAC,CAAC;IAErD,IAAI,KAAK,GAAG,KAAK,CAAC,MAAM,IAAI,KAAK,GAAG,GAAG,EAAE,CAAC;QACxC,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,oDAAoD;IACpD,OAAO,KAAK,CAAC,KAAK,CAAC,KAAK,GAAG,CAAC,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAChD,CAAC"}
|
package/dist/types.d.ts
ADDED
|
@@ -0,0 +1,206 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Core type definitions for aghast.
|
|
3
|
+
* Based on SPECIFICATION.md Appendix A.
|
|
4
|
+
*/
|
|
5
|
+
export declare const DEFAULT_AI_MODEL = "haiku";
|
|
6
|
+
export declare const MOCK_MODEL_NAME = "mock";
|
|
7
|
+
export interface TokenUsage {
|
|
8
|
+
inputTokens: number;
|
|
9
|
+
outputTokens: number;
|
|
10
|
+
totalTokens: number;
|
|
11
|
+
}
|
|
12
|
+
export interface CheckRegistryEntry {
|
|
13
|
+
id: string;
|
|
14
|
+
repositories: string[];
|
|
15
|
+
enabled?: boolean;
|
|
16
|
+
}
|
|
17
|
+
export interface CheckDefinition {
|
|
18
|
+
id: string;
|
|
19
|
+
name: string;
|
|
20
|
+
instructionsFile?: string;
|
|
21
|
+
severity?: 'critical' | 'high' | 'medium' | 'low' | 'informational';
|
|
22
|
+
confidence?: 'high' | 'medium' | 'low';
|
|
23
|
+
checkTarget?: CheckTargetDefinition;
|
|
24
|
+
applicablePaths?: string[];
|
|
25
|
+
excludedPaths?: string[];
|
|
26
|
+
}
|
|
27
|
+
export interface SecurityCheck {
|
|
28
|
+
id: string;
|
|
29
|
+
name: string;
|
|
30
|
+
repositories: string[];
|
|
31
|
+
checkTarget?: CheckTargetDefinition;
|
|
32
|
+
instructionsFile?: string;
|
|
33
|
+
applicablePaths?: string[];
|
|
34
|
+
excludedPaths?: string[];
|
|
35
|
+
enabled?: boolean;
|
|
36
|
+
severity?: 'critical' | 'high' | 'medium' | 'low' | 'informational';
|
|
37
|
+
confidence?: 'high' | 'medium' | 'low';
|
|
38
|
+
/** Path to the check folder (set during resolution). */
|
|
39
|
+
checkDir?: string;
|
|
40
|
+
}
|
|
41
|
+
export interface CheckTargetDefinition {
|
|
42
|
+
type: 'semgrep' | 'semgrep-only' | 'repository';
|
|
43
|
+
rules?: string | string[];
|
|
44
|
+
config?: string;
|
|
45
|
+
maxTargets?: number;
|
|
46
|
+
concurrency?: number;
|
|
47
|
+
}
|
|
48
|
+
export interface CheckTarget {
|
|
49
|
+
file: string;
|
|
50
|
+
startLine: number;
|
|
51
|
+
endLine: number;
|
|
52
|
+
message: string;
|
|
53
|
+
snippet?: string;
|
|
54
|
+
}
|
|
55
|
+
export interface DataFlowStep {
|
|
56
|
+
file: string;
|
|
57
|
+
lineNumber: number;
|
|
58
|
+
label: string;
|
|
59
|
+
}
|
|
60
|
+
export interface SecurityIssue {
|
|
61
|
+
checkId: string;
|
|
62
|
+
checkName: string;
|
|
63
|
+
file: string;
|
|
64
|
+
startLine: number;
|
|
65
|
+
endLine: number;
|
|
66
|
+
description: string;
|
|
67
|
+
codeSnippet?: string;
|
|
68
|
+
severity?: string;
|
|
69
|
+
confidence?: string;
|
|
70
|
+
recommendation?: string;
|
|
71
|
+
dataFlow?: DataFlowStep[];
|
|
72
|
+
}
|
|
73
|
+
export interface CheckResponse {
|
|
74
|
+
issues: AIIssue[];
|
|
75
|
+
flagged?: boolean;
|
|
76
|
+
summary?: string;
|
|
77
|
+
analysisNotes?: string;
|
|
78
|
+
}
|
|
79
|
+
/** Raw issue as returned by the AI (before enrichment). */
|
|
80
|
+
export interface AIIssue {
|
|
81
|
+
file: string;
|
|
82
|
+
startLine: number;
|
|
83
|
+
endLine: number;
|
|
84
|
+
description: string;
|
|
85
|
+
dataFlow?: DataFlowStep[];
|
|
86
|
+
}
|
|
87
|
+
export interface CheckExecutionSummary {
|
|
88
|
+
checkId: string;
|
|
89
|
+
checkName: string;
|
|
90
|
+
status: 'PASS' | 'FAIL' | 'FLAG' | 'ERROR';
|
|
91
|
+
issuesFound: number;
|
|
92
|
+
executionTime: number;
|
|
93
|
+
targetsAnalyzed?: number;
|
|
94
|
+
error?: string;
|
|
95
|
+
rawAiResponse?: string;
|
|
96
|
+
tokenUsage?: TokenUsage;
|
|
97
|
+
}
|
|
98
|
+
export interface ScanResults {
|
|
99
|
+
scanId: string;
|
|
100
|
+
timestamp: string;
|
|
101
|
+
version: string;
|
|
102
|
+
repository: RepositoryInfo;
|
|
103
|
+
issues: SecurityIssue[];
|
|
104
|
+
checks: CheckExecutionSummary[];
|
|
105
|
+
summary: ScanSummary;
|
|
106
|
+
executionTime: number;
|
|
107
|
+
startTime: string;
|
|
108
|
+
endTime: string;
|
|
109
|
+
aiProvider: {
|
|
110
|
+
name: string;
|
|
111
|
+
models: string[];
|
|
112
|
+
};
|
|
113
|
+
tokenUsage?: TokenUsage;
|
|
114
|
+
metadata?: Record<string, unknown>;
|
|
115
|
+
}
|
|
116
|
+
export interface RepositoryInfo {
|
|
117
|
+
path: string;
|
|
118
|
+
remoteUrl?: string;
|
|
119
|
+
branch?: string;
|
|
120
|
+
commit?: string;
|
|
121
|
+
isGitRepository: boolean;
|
|
122
|
+
}
|
|
123
|
+
export interface ScanSummary {
|
|
124
|
+
totalChecks: number;
|
|
125
|
+
passedChecks: number;
|
|
126
|
+
failedChecks: number;
|
|
127
|
+
flaggedChecks: number;
|
|
128
|
+
errorChecks: number;
|
|
129
|
+
totalIssues: number;
|
|
130
|
+
}
|
|
131
|
+
export interface RuntimeConfig {
|
|
132
|
+
aiProvider?: {
|
|
133
|
+
name?: string;
|
|
134
|
+
model?: string;
|
|
135
|
+
};
|
|
136
|
+
reporting?: {
|
|
137
|
+
outputDirectory?: string;
|
|
138
|
+
outputFormat?: string;
|
|
139
|
+
};
|
|
140
|
+
genericPrompt?: string;
|
|
141
|
+
failOnCheckFailure?: boolean;
|
|
142
|
+
}
|
|
143
|
+
export interface AggregatedReport {
|
|
144
|
+
timestamp: string;
|
|
145
|
+
projectsScanned: number;
|
|
146
|
+
repositories: string[];
|
|
147
|
+
issues: AggregatedIssue[];
|
|
148
|
+
checks: AggregatedCheckSummary[];
|
|
149
|
+
projectSummaries: ProjectSummary[];
|
|
150
|
+
summary: ScanSummary;
|
|
151
|
+
}
|
|
152
|
+
export interface AggregatedIssue extends SecurityIssue {
|
|
153
|
+
projectName: string;
|
|
154
|
+
repositoryUrl?: string;
|
|
155
|
+
}
|
|
156
|
+
export interface AggregatedCheckSummary extends CheckExecutionSummary {
|
|
157
|
+
projectName: string;
|
|
158
|
+
timestamp: string;
|
|
159
|
+
jobUrl?: string;
|
|
160
|
+
branch?: string;
|
|
161
|
+
pipelineSource?: string;
|
|
162
|
+
}
|
|
163
|
+
export interface ProjectSummary {
|
|
164
|
+
projectName: string;
|
|
165
|
+
totalChecks: number;
|
|
166
|
+
passedChecks: number;
|
|
167
|
+
failedChecks: number;
|
|
168
|
+
errorChecks: number;
|
|
169
|
+
issuesFound: number;
|
|
170
|
+
timestamp: string;
|
|
171
|
+
jobUrl?: string;
|
|
172
|
+
branch?: string;
|
|
173
|
+
pipelineSource?: string;
|
|
174
|
+
}
|
|
175
|
+
export interface CheckDetails {
|
|
176
|
+
id: string;
|
|
177
|
+
name: string;
|
|
178
|
+
overview: string;
|
|
179
|
+
content: string;
|
|
180
|
+
}
|
|
181
|
+
export interface ProviderConfig {
|
|
182
|
+
apiKey?: string;
|
|
183
|
+
model?: string;
|
|
184
|
+
[key: string]: unknown;
|
|
185
|
+
}
|
|
186
|
+
export interface AIResponse {
|
|
187
|
+
raw: string;
|
|
188
|
+
parsed?: CheckResponse;
|
|
189
|
+
tokenUsage?: TokenUsage;
|
|
190
|
+
}
|
|
191
|
+
export interface AIProvider {
|
|
192
|
+
initialize(config: ProviderConfig): Promise<void>;
|
|
193
|
+
executeCheck(instructions: string, repositoryPath: string, logPrefix?: string): Promise<AIResponse>;
|
|
194
|
+
validateConfig(): Promise<boolean>;
|
|
195
|
+
getModelName?(): string;
|
|
196
|
+
enableDebug?(): void;
|
|
197
|
+
}
|
|
198
|
+
/**
|
|
199
|
+
* Error thrown by AI providers for unrecoverable failures (e.g. 401 auth, rate limits).
|
|
200
|
+
* When caught by the scan runner, this signals that the entire scan should abort —
|
|
201
|
+
* no further checks or targets should be attempted.
|
|
202
|
+
*/
|
|
203
|
+
export declare class FatalProviderError extends Error {
|
|
204
|
+
constructor(message: string);
|
|
205
|
+
}
|
|
206
|
+
//# sourceMappingURL=types.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,eAAO,MAAM,gBAAgB,UAAU,CAAC;AACxC,eAAO,MAAM,eAAe,SAAS,CAAC;AAItC,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;CACrB;AAID,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAID,MAAM,WAAW,eAAe;IAC9B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,eAAe,CAAC;IACpE,UAAU,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACvC,WAAW,CAAC,EAAE,qBAAqB,CAAC;IACpC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;CAC1B;AAID,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,WAAW,CAAC,EAAE,qBAAqB,CAAC;IACpC,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,eAAe,CAAC;IACpE,UAAU,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACvC,wDAAwD;IACxD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAID,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,SAAS,GAAG,cAAc,GAAG,YAAY,CAAC;IAChD,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAID,MAAM,WAAW,WAAW;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAID,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;CACf;AAID,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,QAAQ,CAAC,EAAE,YAAY,EAAE,CAAC;CAC3B;AAID,MAAM,WAAW,aAAa;IAC5B,MAAM,EAAE,OAAO,EAAE,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,2DAA2D;AAC3D,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,CAAC,EAAE,YAAY,EAAE,CAAC;CAC3B;AAID,MAAM,WAAW,qBAAqB;IACpC,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,OAAO,CAAC;IAC3C,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB;AAID,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE,cAAc,CAAC;IAC3B,MAAM,EAAE,aAAa,EAAE,CAAC;IACxB,MAAM,EAAE,qBAAqB,EAAE,CAAC;IAChC,OAAO,EAAE,WAAW,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;IAChB,UAAU,EAAE;QACV,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IACF,UAAU,CAAC,EAAE,UAAU,CAAC;IACxB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACpC;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,eAAe,EAAE,OAAO,CAAC;CAC1B;AAED,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAID,MAAM,WAAW,aAAa;IAC5B,UAAU,CAAC,EAAE;QACX,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,KAAK,CAAC,EAAE,MAAM,CAAC;KAChB,CAAC;IACF,SAAS,CAAC,EAAE;QACV,eAAe,CAAC,EAAE,MAAM,CAAC;QACzB,YAAY,CAAC,EAAE,MAAM,CAAC;KACvB,CAAC;IACF,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,kBAAkB,CAAC,EAAE,OAAO,CAAC;CAC9B;AAID,MAAM,WAAW,gBAAgB;IAC/B,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,MAAM,CAAC;IACxB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,MAAM,EAAE,eAAe,EAAE,CAAC;IAC1B,MAAM,EAAE,sBAAsB,EAAE,CAAC;IACjC,gBAAgB,EAAE,cAAc,EAAE,CAAC;IACnC,OAAO,EAAE,WAAW,CAAC;CACtB;AAED,MAAM,WAAW,eAAgB,SAAQ,aAAa;IACpD,WAAW,EAAE,MAAM,CAAC;IACpB,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,sBAAuB,SAAQ,qBAAqB;IACnE,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,cAAc;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAID,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAID,MAAM,WAAW,cAAc;IAC7B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,UAAU;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,CAAC,EAAE,aAAa,CAAC;IACvB,UAAU,CAAC,EAAE,UAAU,CAAC;CACzB;AAED,MAAM,WAAW,UAAU;IACzB,UAAU,CAAC,MAAM,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAClD,YAAY,CACV,YAAY,EAAE,MAAM,EACpB,cAAc,EAAE,MAAM,EACtB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,CAAC,UAAU,CAAC,CAAC;IACvB,cAAc,IAAI,OAAO,CAAC,OAAO,CAAC,CAAC;IACnC,YAAY,CAAC,IAAI,MAAM,CAAC;IACxB,WAAW,CAAC,IAAI,IAAI,CAAC;CACtB;AAED;;;;GAIG;AACH,qBAAa,kBAAmB,SAAQ,KAAK;gBAC/B,OAAO,EAAE,MAAM;CAI5B"}
|
package/dist/types.js
ADDED
|
@@ -0,0 +1,19 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Core type definitions for aghast.
|
|
3
|
+
* Based on SPECIFICATION.md Appendix A.
|
|
4
|
+
*/
|
|
5
|
+
// --- Default AI Model ---
|
|
6
|
+
export const DEFAULT_AI_MODEL = 'haiku';
|
|
7
|
+
export const MOCK_MODEL_NAME = 'mock';
|
|
8
|
+
/**
|
|
9
|
+
* Error thrown by AI providers for unrecoverable failures (e.g. 401 auth, rate limits).
|
|
10
|
+
* When caught by the scan runner, this signals that the entire scan should abort —
|
|
11
|
+
* no further checks or targets should be attempted.
|
|
12
|
+
*/
|
|
13
|
+
export class FatalProviderError extends Error {
|
|
14
|
+
constructor(message) {
|
|
15
|
+
super(message);
|
|
16
|
+
this.name = 'FatalProviderError';
|
|
17
|
+
}
|
|
18
|
+
}
|
|
19
|
+
//# sourceMappingURL=types.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,2BAA2B;AAE3B,MAAM,CAAC,MAAM,gBAAgB,GAAG,OAAO,CAAC;AACxC,MAAM,CAAC,MAAM,eAAe,GAAG,MAAM,CAAC;AA0PtC;;;;GAIG;AACH,MAAM,OAAO,kBAAmB,SAAQ,KAAK;IAC3C,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,oBAAoB,CAAC;IACnC,CAAC;CACF"}
|
package/package.json
ADDED
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
{
|
|
2
|
+
"name": "@bouncesecurity/aghast",
|
|
3
|
+
"version": "0.0.13",
|
|
4
|
+
"description": "AI Guided Hybrid Application Static Testing",
|
|
5
|
+
"type": "module",
|
|
6
|
+
"repository": {
|
|
7
|
+
"type": "git",
|
|
8
|
+
"url": "https://github.com/BounceSecurity/aghast.git"
|
|
9
|
+
},
|
|
10
|
+
"bin": {
|
|
11
|
+
"aghast": "dist/cli.js"
|
|
12
|
+
},
|
|
13
|
+
"files": [
|
|
14
|
+
"dist/",
|
|
15
|
+
"config/"
|
|
16
|
+
],
|
|
17
|
+
"scripts": {
|
|
18
|
+
"prepare": "tsc",
|
|
19
|
+
"build": "tsc",
|
|
20
|
+
"test": "node --import tsx --test tests/*.test.ts",
|
|
21
|
+
"test:ci": "node --import tsx --test --test-reporter=spec --test-reporter-destination=stdout --test-reporter=junit --test-reporter-destination=test-results.xml tests/*.test.ts",
|
|
22
|
+
"test:semgrep": "node --import tsx --test tests/semgrep-integration.itest.ts",
|
|
23
|
+
"lint": "eslint src/ tests/",
|
|
24
|
+
"lint:fix": "eslint --fix src/ tests/",
|
|
25
|
+
"scan": "tsx src/index.ts",
|
|
26
|
+
"new-check": "tsx src/new-check.ts"
|
|
27
|
+
},
|
|
28
|
+
"keywords": [],
|
|
29
|
+
"author": "",
|
|
30
|
+
"license": "AGPL-3.0-or-later",
|
|
31
|
+
"engines": {
|
|
32
|
+
"node": ">=20.0.0"
|
|
33
|
+
},
|
|
34
|
+
"packageManager": "pnpm@10.23.0",
|
|
35
|
+
"devDependencies": {
|
|
36
|
+
"@eslint/js": "^10.0.1",
|
|
37
|
+
"@types/node": "^25.5.0",
|
|
38
|
+
"@types/picomatch": "^4.0.2",
|
|
39
|
+
"eslint": "^10.0.3",
|
|
40
|
+
"tsx": "^4.21.0",
|
|
41
|
+
"typescript": "^5.9.3",
|
|
42
|
+
"typescript-eslint": "^8.57.1"
|
|
43
|
+
},
|
|
44
|
+
"dependencies": {
|
|
45
|
+
"@anthropic-ai/claude-agent-sdk": "^0.2.76",
|
|
46
|
+
"dotenv": "^17.3.1",
|
|
47
|
+
"picocolors": "^1.1.1",
|
|
48
|
+
"picomatch": "^4.0.3"
|
|
49
|
+
},
|
|
50
|
+
"pnpm": {
|
|
51
|
+
"overrides": {
|
|
52
|
+
"minimatch@<10.2.3": ">=10.2.3"
|
|
53
|
+
}
|
|
54
|
+
}
|
|
55
|
+
}
|