@bryan-thompson/inspector-assessment-client 1.15.1 → 1.16.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/assets/{OAuthCallback-tZBHqkSF.js → OAuthCallback-CayYEvRg.js} +1 -1
- package/dist/assets/{OAuthDebugCallback-D73S8G8X.js → OAuthDebugCallback-CijTatbL.js} +1 -1
- package/dist/assets/{index-BAbFakRL.js → index-B9ESGk3E.js} +745 -4350
- package/dist/index.html +1 -1
- package/lib/lib/assessmentTypes.d.ts +129 -0
- package/lib/lib/assessmentTypes.d.ts.map +1 -1
- package/lib/lib/assessmentTypes.js +20 -0
- package/lib/lib/securityPatterns.d.ts +2 -2
- package/lib/lib/securityPatterns.d.ts.map +1 -1
- package/lib/lib/securityPatterns.js +290 -15
- package/lib/services/assessment/AssessmentOrchestrator.d.ts +67 -0
- package/lib/services/assessment/AssessmentOrchestrator.d.ts.map +1 -1
- package/lib/services/assessment/AssessmentOrchestrator.js +91 -1
- package/lib/services/assessment/ResponseValidator.d.ts +7 -34
- package/lib/services/assessment/ResponseValidator.d.ts.map +1 -1
- package/lib/services/assessment/ResponseValidator.js +100 -704
- package/lib/services/assessment/config/annotationPatterns.js +1 -1
- package/lib/services/assessment/lib/RequestHistoryAnalyzer.d.ts +67 -0
- package/lib/services/assessment/lib/RequestHistoryAnalyzer.d.ts.map +1 -0
- package/lib/services/assessment/lib/RequestHistoryAnalyzer.js +191 -0
- package/lib/services/assessment/lib/claudeCodeBridge.d.ts +1 -0
- package/lib/services/assessment/lib/claudeCodeBridge.d.ts.map +1 -1
- package/lib/services/assessment/lib/claudeCodeBridge.js +5 -4
- package/lib/services/assessment/modules/AuthenticationAssessor.d.ts +4 -0
- package/lib/services/assessment/modules/AuthenticationAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/AuthenticationAssessor.js +97 -1
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.d.ts +39 -0
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.d.ts.map +1 -0
- package/lib/services/assessment/modules/CrossCapabilitySecurityAssessor.js +330 -0
- package/lib/services/assessment/modules/FunctionalityAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/FunctionalityAssessor.js +46 -13
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts +5 -0
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/MCPSpecComplianceAssessor.js +81 -0
- package/lib/services/assessment/modules/ManifestValidationAssessor.js +1 -1
- package/lib/services/assessment/modules/PromptAssessor.d.ts +30 -0
- package/lib/services/assessment/modules/PromptAssessor.d.ts.map +1 -0
- package/lib/services/assessment/modules/PromptAssessor.js +367 -0
- package/lib/services/assessment/modules/ResourceAssessor.d.ts +28 -0
- package/lib/services/assessment/modules/ResourceAssessor.d.ts.map +1 -0
- package/lib/services/assessment/modules/ResourceAssessor.js +296 -0
- package/lib/services/assessment/modules/SecurityAssessor.d.ts +4 -2
- package/lib/services/assessment/modules/SecurityAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/SecurityAssessor.js +10 -41
- package/lib/utils/jsonUtils.d.ts +68 -0
- package/lib/utils/jsonUtils.d.ts.map +1 -0
- package/lib/utils/jsonUtils.js +141 -0
- package/lib/utils/paramUtils.d.ts +11 -0
- package/lib/utils/paramUtils.d.ts.map +1 -0
- package/lib/utils/paramUtils.js +37 -0
- package/lib/utils/schemaUtils.d.ts +74 -0
- package/lib/utils/schemaUtils.d.ts.map +1 -0
- package/lib/utils/schemaUtils.js +268 -0
- package/package.json +1 -1
|
@@ -224,7 +224,7 @@ export function loadPatternConfig(configPath) {
|
|
|
224
224
|
ambiguous: userConfig.ambiguous ?? DEFAULT_ANNOTATION_PATTERNS.ambiguous,
|
|
225
225
|
};
|
|
226
226
|
}
|
|
227
|
-
catch
|
|
227
|
+
catch {
|
|
228
228
|
console.warn(`Warning: Could not load pattern config from ${configPath}, using defaults`);
|
|
229
229
|
return DEFAULT_ANNOTATION_PATTERNS;
|
|
230
230
|
}
|
|
@@ -0,0 +1,67 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Request History Analyzer
|
|
3
|
+
* Utility library for analyzing MCP request/response patterns
|
|
4
|
+
*
|
|
5
|
+
* Provides analysis for:
|
|
6
|
+
* - Protocol compliance validation (JSON-RPC 2.0)
|
|
7
|
+
* - Error pattern analysis across requests
|
|
8
|
+
* - Timing analysis and response time percentiles
|
|
9
|
+
* - Content consistency validation
|
|
10
|
+
*/
|
|
11
|
+
export interface RequestHistoryEntry {
|
|
12
|
+
id: string | number;
|
|
13
|
+
method: string;
|
|
14
|
+
params?: Record<string, unknown>;
|
|
15
|
+
timestamp: number;
|
|
16
|
+
response?: {
|
|
17
|
+
result?: unknown;
|
|
18
|
+
error?: {
|
|
19
|
+
code: number;
|
|
20
|
+
message: string;
|
|
21
|
+
data?: unknown;
|
|
22
|
+
};
|
|
23
|
+
};
|
|
24
|
+
responseTime?: number;
|
|
25
|
+
status: "pending" | "success" | "error";
|
|
26
|
+
}
|
|
27
|
+
export interface RequestHistoryAnalysis {
|
|
28
|
+
totalRequests: number;
|
|
29
|
+
successCount: number;
|
|
30
|
+
errorCount: number;
|
|
31
|
+
pendingCount: number;
|
|
32
|
+
successRate: number;
|
|
33
|
+
timing: {
|
|
34
|
+
averageResponseTime: number;
|
|
35
|
+
minResponseTime: number;
|
|
36
|
+
maxResponseTime: number;
|
|
37
|
+
p50ResponseTime: number;
|
|
38
|
+
p95ResponseTime: number;
|
|
39
|
+
p99ResponseTime: number;
|
|
40
|
+
};
|
|
41
|
+
errors: {
|
|
42
|
+
byCode: Record<number, number>;
|
|
43
|
+
byMessage: Record<string, number>;
|
|
44
|
+
patterns: string[];
|
|
45
|
+
};
|
|
46
|
+
protocolCompliance: {
|
|
47
|
+
allHaveJsonRpcVersion: boolean;
|
|
48
|
+
allHaveValidIds: boolean;
|
|
49
|
+
allHaveProperStructure: boolean;
|
|
50
|
+
violations: string[];
|
|
51
|
+
};
|
|
52
|
+
methodDistribution: Record<string, number>;
|
|
53
|
+
slowRequests: Array<{
|
|
54
|
+
method: string;
|
|
55
|
+
responseTime: number;
|
|
56
|
+
timestamp: number;
|
|
57
|
+
}>;
|
|
58
|
+
}
|
|
59
|
+
/**
|
|
60
|
+
* Analyze a collection of MCP request/response entries
|
|
61
|
+
*/
|
|
62
|
+
export declare function analyzeRequestHistory(entries: RequestHistoryEntry[]): RequestHistoryAnalysis;
|
|
63
|
+
/**
|
|
64
|
+
* Generate a summary string from the analysis
|
|
65
|
+
*/
|
|
66
|
+
export declare function generateAnalysisSummary(analysis: RequestHistoryAnalysis): string;
|
|
67
|
+
//# sourceMappingURL=RequestHistoryAnalyzer.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"RequestHistoryAnalyzer.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/lib/RequestHistoryAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,GAAG,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE;QACT,MAAM,CAAC,EAAE,OAAO,CAAC;QACjB,KAAK,CAAC,EAAE;YACN,IAAI,EAAE,MAAM,CAAC;YACb,OAAO,EAAE,MAAM,CAAC;YAChB,IAAI,CAAC,EAAE,OAAO,CAAC;SAChB,CAAC;KACH,CAAC;IACF,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,MAAM,EAAE,SAAS,GAAG,SAAS,GAAG,OAAO,CAAC;CACzC;AAED,MAAM,WAAW,sBAAsB;IACrC,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IAGpB,MAAM,EAAE;QACN,mBAAmB,EAAE,MAAM,CAAC;QAC5B,eAAe,EAAE,MAAM,CAAC;QACxB,eAAe,EAAE,MAAM,CAAC;QACxB,eAAe,EAAE,MAAM,CAAC;QACxB,eAAe,EAAE,MAAM,CAAC;QACxB,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IAGF,MAAM,EAAE;QACN,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAC/B,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAClC,QAAQ,EAAE,MAAM,EAAE,CAAC;KACpB,CAAC;IAGF,kBAAkB,EAAE;QAClB,qBAAqB,EAAE,OAAO,CAAC;QAC/B,eAAe,EAAE,OAAO,CAAC;QACzB,sBAAsB,EAAE,OAAO,CAAC;QAChC,UAAU,EAAE,MAAM,EAAE,CAAC;KACtB,CAAC;IAGF,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAG3C,YAAY,EAAE,KAAK,CAAC;QAClB,MAAM,EAAE,MAAM,CAAC;QACf,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,OAAO,EAAE,mBAAmB,EAAE,GAC7B,sBAAsB,CA0CxB;AAqKD;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,QAAQ,EAAE,sBAAsB,GAC/B,MAAM,CA0BR"}
|
|
@@ -0,0 +1,191 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Request History Analyzer
|
|
3
|
+
* Utility library for analyzing MCP request/response patterns
|
|
4
|
+
*
|
|
5
|
+
* Provides analysis for:
|
|
6
|
+
* - Protocol compliance validation (JSON-RPC 2.0)
|
|
7
|
+
* - Error pattern analysis across requests
|
|
8
|
+
* - Timing analysis and response time percentiles
|
|
9
|
+
* - Content consistency validation
|
|
10
|
+
*/
|
|
11
|
+
/**
|
|
12
|
+
* Analyze a collection of MCP request/response entries
|
|
13
|
+
*/
|
|
14
|
+
export function analyzeRequestHistory(entries) {
|
|
15
|
+
const totalRequests = entries.length;
|
|
16
|
+
const successCount = entries.filter((e) => e.status === "success").length;
|
|
17
|
+
const errorCount = entries.filter((e) => e.status === "error").length;
|
|
18
|
+
const pendingCount = entries.filter((e) => e.status === "pending").length;
|
|
19
|
+
const successRate = totalRequests > 0 ? (successCount / totalRequests) * 100 : 0;
|
|
20
|
+
// Calculate timing metrics
|
|
21
|
+
const timing = calculateTimingMetrics(entries);
|
|
22
|
+
// Analyze errors
|
|
23
|
+
const errors = analyzeErrors(entries);
|
|
24
|
+
// Check protocol compliance
|
|
25
|
+
const protocolCompliance = checkProtocolCompliance(entries);
|
|
26
|
+
// Calculate method distribution
|
|
27
|
+
const methodDistribution = calculateMethodDistribution(entries);
|
|
28
|
+
// Find slow requests
|
|
29
|
+
const slowRequests = entries
|
|
30
|
+
.filter((e) => e.responseTime && e.responseTime > 1000)
|
|
31
|
+
.map((e) => ({
|
|
32
|
+
method: e.method,
|
|
33
|
+
responseTime: e.responseTime,
|
|
34
|
+
timestamp: e.timestamp,
|
|
35
|
+
}))
|
|
36
|
+
.sort((a, b) => b.responseTime - a.responseTime);
|
|
37
|
+
return {
|
|
38
|
+
totalRequests,
|
|
39
|
+
successCount,
|
|
40
|
+
errorCount,
|
|
41
|
+
pendingCount,
|
|
42
|
+
successRate,
|
|
43
|
+
timing,
|
|
44
|
+
errors,
|
|
45
|
+
protocolCompliance,
|
|
46
|
+
methodDistribution,
|
|
47
|
+
slowRequests,
|
|
48
|
+
};
|
|
49
|
+
}
|
|
50
|
+
function calculateTimingMetrics(entries) {
|
|
51
|
+
const responseTimes = entries
|
|
52
|
+
.filter((e) => e.responseTime !== undefined)
|
|
53
|
+
.map((e) => e.responseTime)
|
|
54
|
+
.sort((a, b) => a - b);
|
|
55
|
+
if (responseTimes.length === 0) {
|
|
56
|
+
return {
|
|
57
|
+
averageResponseTime: 0,
|
|
58
|
+
minResponseTime: 0,
|
|
59
|
+
maxResponseTime: 0,
|
|
60
|
+
p50ResponseTime: 0,
|
|
61
|
+
p95ResponseTime: 0,
|
|
62
|
+
p99ResponseTime: 0,
|
|
63
|
+
};
|
|
64
|
+
}
|
|
65
|
+
const sum = responseTimes.reduce((acc, t) => acc + t, 0);
|
|
66
|
+
const avg = sum / responseTimes.length;
|
|
67
|
+
const min = responseTimes[0];
|
|
68
|
+
const max = responseTimes[responseTimes.length - 1];
|
|
69
|
+
// Calculate percentiles
|
|
70
|
+
const p50Index = Math.floor(responseTimes.length * 0.5);
|
|
71
|
+
const p95Index = Math.floor(responseTimes.length * 0.95);
|
|
72
|
+
const p99Index = Math.floor(responseTimes.length * 0.99);
|
|
73
|
+
return {
|
|
74
|
+
averageResponseTime: Math.round(avg),
|
|
75
|
+
minResponseTime: min,
|
|
76
|
+
maxResponseTime: max,
|
|
77
|
+
p50ResponseTime: responseTimes[p50Index] || max,
|
|
78
|
+
p95ResponseTime: responseTimes[p95Index] || max,
|
|
79
|
+
p99ResponseTime: responseTimes[p99Index] || max,
|
|
80
|
+
};
|
|
81
|
+
}
|
|
82
|
+
function analyzeErrors(entries) {
|
|
83
|
+
const byCode = {};
|
|
84
|
+
const byMessage = {};
|
|
85
|
+
const patterns = [];
|
|
86
|
+
const errorEntries = entries.filter((e) => e.status === "error" && e.response?.error);
|
|
87
|
+
for (const entry of errorEntries) {
|
|
88
|
+
const error = entry.response.error;
|
|
89
|
+
// Count by error code
|
|
90
|
+
byCode[error.code] = (byCode[error.code] || 0) + 1;
|
|
91
|
+
// Count by message (truncated)
|
|
92
|
+
const truncatedMsg = error.message.substring(0, 50);
|
|
93
|
+
byMessage[truncatedMsg] = (byMessage[truncatedMsg] || 0) + 1;
|
|
94
|
+
}
|
|
95
|
+
// Identify error patterns
|
|
96
|
+
if (byCode[-32600])
|
|
97
|
+
patterns.push("Invalid Request errors detected");
|
|
98
|
+
if (byCode[-32601])
|
|
99
|
+
patterns.push("Method Not Found errors detected");
|
|
100
|
+
if (byCode[-32602])
|
|
101
|
+
patterns.push("Invalid Params errors detected");
|
|
102
|
+
if (byCode[-32603])
|
|
103
|
+
patterns.push("Internal errors detected");
|
|
104
|
+
if (byCode[-32700])
|
|
105
|
+
patterns.push("Parse errors detected");
|
|
106
|
+
// Check for high error rates on specific methods
|
|
107
|
+
const methodErrors = {};
|
|
108
|
+
const methodTotal = {};
|
|
109
|
+
for (const entry of entries) {
|
|
110
|
+
methodTotal[entry.method] = (methodTotal[entry.method] || 0) + 1;
|
|
111
|
+
if (entry.status === "error") {
|
|
112
|
+
methodErrors[entry.method] = (methodErrors[entry.method] || 0) + 1;
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
for (const [method, total] of Object.entries(methodTotal)) {
|
|
116
|
+
const errors = methodErrors[method] || 0;
|
|
117
|
+
if (errors / total > 0.5 && errors >= 3) {
|
|
118
|
+
patterns.push(`High error rate (${Math.round((errors / total) * 100)}%) on ${method}`);
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
return { byCode, byMessage, patterns };
|
|
122
|
+
}
|
|
123
|
+
function checkProtocolCompliance(entries) {
|
|
124
|
+
const violations = [];
|
|
125
|
+
// Check IDs
|
|
126
|
+
const allHaveValidIds = entries.every((e) => e.id !== undefined && e.id !== null);
|
|
127
|
+
if (!allHaveValidIds) {
|
|
128
|
+
violations.push("Some requests missing valid id field");
|
|
129
|
+
}
|
|
130
|
+
// Check for duplicate IDs
|
|
131
|
+
const ids = entries.map((e) => e.id);
|
|
132
|
+
const uniqueIds = new Set(ids);
|
|
133
|
+
if (ids.length !== uniqueIds.size) {
|
|
134
|
+
violations.push("Duplicate request IDs detected");
|
|
135
|
+
}
|
|
136
|
+
// Check method names
|
|
137
|
+
const allHaveProperStructure = entries.every((e) => {
|
|
138
|
+
if (!e.method || typeof e.method !== "string")
|
|
139
|
+
return false;
|
|
140
|
+
if (e.params !== undefined && typeof e.params !== "object")
|
|
141
|
+
return false;
|
|
142
|
+
return true;
|
|
143
|
+
});
|
|
144
|
+
if (!allHaveProperStructure) {
|
|
145
|
+
violations.push("Some requests have improper structure");
|
|
146
|
+
}
|
|
147
|
+
// Check error responses
|
|
148
|
+
const errorResponses = entries.filter((e) => e.response?.error);
|
|
149
|
+
const allErrorsProper = errorResponses.every((e) => {
|
|
150
|
+
const error = e.response.error;
|
|
151
|
+
return typeof error.code === "number" && typeof error.message === "string";
|
|
152
|
+
});
|
|
153
|
+
if (!allErrorsProper && errorResponses.length > 0) {
|
|
154
|
+
violations.push("Some error responses do not follow JSON-RPC 2.0 format");
|
|
155
|
+
}
|
|
156
|
+
return {
|
|
157
|
+
allHaveJsonRpcVersion: true, // Assumed if MCP connection works
|
|
158
|
+
allHaveValidIds,
|
|
159
|
+
allHaveProperStructure,
|
|
160
|
+
violations,
|
|
161
|
+
};
|
|
162
|
+
}
|
|
163
|
+
function calculateMethodDistribution(entries) {
|
|
164
|
+
const distribution = {};
|
|
165
|
+
for (const entry of entries) {
|
|
166
|
+
distribution[entry.method] = (distribution[entry.method] || 0) + 1;
|
|
167
|
+
}
|
|
168
|
+
return distribution;
|
|
169
|
+
}
|
|
170
|
+
/**
|
|
171
|
+
* Generate a summary string from the analysis
|
|
172
|
+
*/
|
|
173
|
+
export function generateAnalysisSummary(analysis) {
|
|
174
|
+
const parts = [];
|
|
175
|
+
parts.push(`Analyzed ${analysis.totalRequests} requests.`);
|
|
176
|
+
parts.push(`Success rate: ${analysis.successRate.toFixed(1)}%`);
|
|
177
|
+
if (analysis.timing.averageResponseTime > 0) {
|
|
178
|
+
parts.push(`Avg response time: ${analysis.timing.averageResponseTime}ms`);
|
|
179
|
+
parts.push(`P95 response time: ${analysis.timing.p95ResponseTime}ms`);
|
|
180
|
+
}
|
|
181
|
+
if (analysis.errors.patterns.length > 0) {
|
|
182
|
+
parts.push(`Error patterns: ${analysis.errors.patterns.join(", ")}`);
|
|
183
|
+
}
|
|
184
|
+
if (analysis.protocolCompliance.violations.length > 0) {
|
|
185
|
+
parts.push(`Protocol issues: ${analysis.protocolCompliance.violations.join(", ")}`);
|
|
186
|
+
}
|
|
187
|
+
if (analysis.slowRequests.length > 0) {
|
|
188
|
+
parts.push(`${analysis.slowRequests.length} slow request(s) detected`);
|
|
189
|
+
}
|
|
190
|
+
return parts.join(" ");
|
|
191
|
+
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"claudeCodeBridge.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/lib/claudeCodeBridge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC/D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE;QACR,yBAAyB,CAAC,EAAE,OAAO,CAAC;QACpC,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAC5B,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;QAClC,oBAAoB,CAAC,EAAE,OAAO,CAAC;KAChC,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,WAAW,EAAE,OAAO,CAAC;IACrB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,WAAW,CAAC;IACtB,eAAe,EAAE,OAAO,GAAG,iBAAiB,GAAG,OAAO,CAAC;IACvD,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB,EAAE;QACpB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;KAC1B,CAAC;IACF,oBAAoB,EAAE,OAAO,CAAC;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,KAAK,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAChC,gBAAgB,EAAE,MAAM,CAAC;QACzB,QAAQ,EAAE,YAAY,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,CAAC;KAClE,CAAC,CAAC;IACH,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,eAAO,MAAM,0BAA0B,EAAE,sBAYxC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,sBAYrC,CAAC;AAEF;;;GAGG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAyB;IACvC,OAAO,CAAC,WAAW,CAAkB;gBAEzB,MAAM,EAAE,sBAAsB;IAW1C;;;OAGG;IACH,gBAAgB,CAAC,OAAO,EAAE,MAAM,sBAAsB,CAAC,UAAU,CAAC,GAAG,OAAO;IAgB5E;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAS/B
|
|
1
|
+
{"version":3,"file":"claudeCodeBridge.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/lib/claudeCodeBridge.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC/D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,uBAAuB,CAAC;AAEzD;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE;QACR,yBAAyB,CAAC,EAAE,OAAO,CAAC;QACpC,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,iBAAiB,CAAC,EAAE,OAAO,CAAC;QAC5B,mBAAmB,CAAC,EAAE,OAAO,CAAC;QAC9B,uBAAuB,CAAC,EAAE,OAAO,CAAC;QAClC,oBAAoB,CAAC,EAAE,OAAO,CAAC;KAChC,CAAC;CACH;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,QAAQ,EAAE,MAAM,CAAC;IACjB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,WAAW,EAAE,OAAO,CAAC;IACrB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,WAAW,CAAC;IACtB,eAAe,EAAE,OAAO,GAAG,iBAAiB,GAAG,OAAO,CAAC;IACvD,cAAc,EAAE,MAAM,EAAE,CAAC;CAC1B;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,oBAAoB,EAAE;QACpB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;KAC1B,CAAC;IACF,oBAAoB,EAAE,OAAO,CAAC;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,SAAS,EAAE,KAAK,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,CAAC;QACpB,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QAChC,gBAAgB,EAAE,MAAM,CAAC;QACzB,QAAQ,EAAE,YAAY,GAAG,WAAW,GAAG,UAAU,GAAG,YAAY,CAAC;KAClE,CAAC,CAAC;IACH,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,eAAO,MAAM,0BAA0B,EAAE,sBAYxC,CAAC;AAEF;;GAEG;AACH,eAAO,MAAM,uBAAuB,EAAE,sBAYrC,CAAC;AAEF;;;GAGG;AACH,qBAAa,gBAAgB;IAC3B,OAAO,CAAC,MAAM,CAAyB;IACvC,OAAO,CAAC,WAAW,CAAkB;gBAEzB,MAAM,EAAE,sBAAsB;IAW1C;;;OAGG;IACH,gBAAgB,CAAC,OAAO,EAAE,MAAM,sBAAsB,CAAC,UAAU,CAAC,GAAG,OAAO;IAgB5E;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAS/B;;;OAGG;IACH,OAAO,CAAC,oBAAoB;IA8B5B;;OAEG;YACW,gBAAgB;IAwB9B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAqBzB;;;;OAIG;IACG,mBAAmB,CACvB,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,mBAAmB,GAC3B,OAAO,CAAC,yBAAyB,GAAG,IAAI,CAAC;IA2C5C;;OAEG;IACG,iBAAiB,CACrB,IAAI,EAAE,IAAI,EACV,kBAAkB,CAAC,EAAE;QACnB,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,cAAc,CAAC,EAAE,OAAO,CAAC;KAC1B,GACA,OAAO,CAAC,uBAAuB,GAAG,IAAI,CAAC;IAgD1C;;OAEG;IACG,qBAAqB,CACzB,IAAI,EAAE,IAAI,EACV,iBAAiB,EAAE,MAAM,GACxB,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;IAuCvC;;;OAGG;IACG,sBAAsB,CAC1B,IAAI,EAAE,IAAI,GACT,OAAO,CAAC,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE,GAAG,IAAI,CAAC;IAqC5C;;OAEG;IACG,mBAAmB,CACvB,aAAa,EAAE,MAAM,EACrB,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC;QACT,KAAK,EAAE,MAAM,CAAC;QACd,MAAM,EAAE,MAAM,EAAE,CAAC;QACjB,WAAW,EAAE,MAAM,EAAE,CAAC;KACvB,GAAG,IAAI,CAAC;CA0CV"}
|
|
@@ -10,7 +10,7 @@
|
|
|
10
10
|
* - Tool behavior inference for annotation validation
|
|
11
11
|
* - Documentation quality assessment
|
|
12
12
|
*/
|
|
13
|
-
import { execSync } from "child_process";
|
|
13
|
+
import { execFileSync, execSync } from "child_process";
|
|
14
14
|
/**
|
|
15
15
|
* Default configuration with minimal features
|
|
16
16
|
*/
|
|
@@ -86,14 +86,15 @@ export class ClaudeCodeBridge {
|
|
|
86
86
|
}
|
|
87
87
|
/**
|
|
88
88
|
* Execute Claude CLI with a prompt
|
|
89
|
+
* Uses execFileSync to avoid shell injection vulnerabilities
|
|
89
90
|
*/
|
|
90
91
|
executeClaudeCommand(prompt) {
|
|
91
92
|
const startTime = Date.now();
|
|
92
93
|
try {
|
|
93
94
|
const timeout = this.config.timeout || 30000;
|
|
94
|
-
//
|
|
95
|
-
|
|
96
|
-
const output =
|
|
95
|
+
// Use execFileSync with argument array to prevent shell injection
|
|
96
|
+
// This avoids spawning a shell and passes arguments directly
|
|
97
|
+
const output = execFileSync("claude", ["--print", prompt], {
|
|
97
98
|
encoding: "utf-8",
|
|
98
99
|
timeout,
|
|
99
100
|
stdio: ["pipe", "pipe", "pipe"],
|
|
@@ -16,6 +16,10 @@ export declare class AuthenticationAssessor extends BaseAssessor {
|
|
|
16
16
|
* Run authentication assessment
|
|
17
17
|
*/
|
|
18
18
|
assess(context: AssessmentContext): Promise<AuthenticationAssessment>;
|
|
19
|
+
/**
|
|
20
|
+
* Analyze transport security configuration
|
|
21
|
+
*/
|
|
22
|
+
private analyzeTransportSecurity;
|
|
19
23
|
/**
|
|
20
24
|
* Detect authentication method
|
|
21
25
|
*/
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthenticationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/AuthenticationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAIV,wBAAwB,
|
|
1
|
+
{"version":3,"file":"AuthenticationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/AuthenticationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAIV,wBAAwB,EAEzB,MAAM,uBAAuB,CAAC;AA0D/B,qBAAa,sBAAuB,SAAQ,YAAY;IACtD;;OAEG;IACG,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,wBAAwB,CAAC;IA2H3E;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA6FhC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA+BxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAa3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA2D/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;OAEG;IACH,OAAO,CAAC,cAAc;IActB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmB3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;CAoChC"}
|
|
@@ -44,6 +44,22 @@ const LOCAL_RESOURCE_PATTERNS = [
|
|
|
44
44
|
/localhost|127\.0\.0\.1/i,
|
|
45
45
|
/file:\/\//i,
|
|
46
46
|
];
|
|
47
|
+
// Patterns indicating insecure transport practices
|
|
48
|
+
const INSECURE_TRANSPORT_PATTERNS = [
|
|
49
|
+
/http:\/\/(?!localhost|127\.0\.0\.1)/i, // Non-local HTTP
|
|
50
|
+
/allowInsecure|rejectUnauthorized:\s*false/i, // TLS validation disabled
|
|
51
|
+
/NODE_TLS_REJECT_UNAUTHORIZED.*0/i, // TLS verification disabled via env
|
|
52
|
+
/cors.*\*|origin:\s*true|origin:\s*\*/i, // Overly permissive CORS
|
|
53
|
+
];
|
|
54
|
+
// Patterns indicating secure transport practices
|
|
55
|
+
const SECURE_TRANSPORT_PATTERNS = [
|
|
56
|
+
/https:\/\//i,
|
|
57
|
+
/secure:\s*true/i,
|
|
58
|
+
/httpOnly:\s*true/i,
|
|
59
|
+
/sameSite.*strict|sameSite.*lax/i,
|
|
60
|
+
/helmet/i, // Security middleware
|
|
61
|
+
/cors.*origin.*string|cors.*origin.*array/i, // Specific CORS origins
|
|
62
|
+
];
|
|
47
63
|
export class AuthenticationAssessor extends BaseAssessor {
|
|
48
64
|
/**
|
|
49
65
|
* Run authentication assessment
|
|
@@ -104,7 +120,13 @@ export class AuthenticationAssessor extends BaseAssessor {
|
|
|
104
120
|
const status = this.evaluateStatus(appropriateness);
|
|
105
121
|
const explanation = this.generateExplanation(authMethod, hasLocalDependencies, transportType, appropriateness);
|
|
106
122
|
const recommendations = this.generateRecommendations(authMethod, hasLocalDependencies, appropriateness);
|
|
107
|
-
|
|
123
|
+
// Analyze transport security
|
|
124
|
+
const transportSecurity = this.analyzeTransportSecurity(context);
|
|
125
|
+
// Add transport security issues to concerns
|
|
126
|
+
if (transportSecurity.hasInsecurePatterns) {
|
|
127
|
+
appropriateness.concerns.push(...transportSecurity.insecurePatterns.map((p) => `Insecure transport pattern: ${p}`));
|
|
128
|
+
}
|
|
129
|
+
this.log(`Assessment complete: auth=${authMethod}, localDeps=${hasLocalDependencies}, tlsEnforced=${transportSecurity.tlsEnforced}`);
|
|
108
130
|
return {
|
|
109
131
|
authMethod,
|
|
110
132
|
hasLocalDependencies,
|
|
@@ -116,8 +138,82 @@ export class AuthenticationAssessor extends BaseAssessor {
|
|
|
116
138
|
localResourceIndicators,
|
|
117
139
|
apiKeyIndicators,
|
|
118
140
|
},
|
|
141
|
+
transportSecurity,
|
|
119
142
|
status,
|
|
120
143
|
explanation,
|
|
144
|
+
recommendations: [
|
|
145
|
+
...recommendations,
|
|
146
|
+
...transportSecurity.recommendations,
|
|
147
|
+
],
|
|
148
|
+
};
|
|
149
|
+
}
|
|
150
|
+
/**
|
|
151
|
+
* Analyze transport security configuration
|
|
152
|
+
*/
|
|
153
|
+
analyzeTransportSecurity(context) {
|
|
154
|
+
const insecurePatterns = [];
|
|
155
|
+
const securePatterns = [];
|
|
156
|
+
// Check transport config from context
|
|
157
|
+
const transportConfig = context.transportConfig;
|
|
158
|
+
const usesTLS = transportConfig?.usesTLS ?? false;
|
|
159
|
+
const tlsEnforced = transportConfig?.type === "streamable-http" && usesTLS;
|
|
160
|
+
// Analyze source code for patterns
|
|
161
|
+
if (context.sourceCodeFiles) {
|
|
162
|
+
for (const [filePath, content] of context.sourceCodeFiles) {
|
|
163
|
+
this.testCount++;
|
|
164
|
+
// Check for insecure patterns
|
|
165
|
+
for (const pattern of INSECURE_TRANSPORT_PATTERNS) {
|
|
166
|
+
if (pattern.test(content)) {
|
|
167
|
+
const indicator = `${filePath}: ${pattern.source}`;
|
|
168
|
+
if (!insecurePatterns.includes(indicator)) {
|
|
169
|
+
insecurePatterns.push(indicator);
|
|
170
|
+
}
|
|
171
|
+
}
|
|
172
|
+
}
|
|
173
|
+
// Check for secure patterns
|
|
174
|
+
for (const pattern of SECURE_TRANSPORT_PATTERNS) {
|
|
175
|
+
if (pattern.test(content)) {
|
|
176
|
+
const indicator = `${filePath}: ${pattern.source}`;
|
|
177
|
+
if (!securePatterns.includes(indicator)) {
|
|
178
|
+
securePatterns.push(indicator);
|
|
179
|
+
}
|
|
180
|
+
}
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
}
|
|
184
|
+
// Determine CORS configuration
|
|
185
|
+
const corsConfigured = securePatterns.some((p) => /cors/i.test(p));
|
|
186
|
+
const corsPermissive = insecurePatterns.some((p) => /cors.*\*|origin.*true/i.test(p));
|
|
187
|
+
// Check session security
|
|
188
|
+
const sessionSecure = securePatterns.some((p) => /secure.*true|httpOnly/i.test(p)) &&
|
|
189
|
+
!insecurePatterns.some((p) => /secure.*false/i.test(p));
|
|
190
|
+
// Generate recommendations
|
|
191
|
+
const recommendations = [];
|
|
192
|
+
if (insecurePatterns.length > 0) {
|
|
193
|
+
recommendations.push("TRANSPORT SECURITY: Found insecure patterns that should be reviewed:");
|
|
194
|
+
for (const pattern of insecurePatterns.slice(0, 3)) {
|
|
195
|
+
recommendations.push(` - ${pattern}`);
|
|
196
|
+
}
|
|
197
|
+
}
|
|
198
|
+
if (!usesTLS && transportConfig?.type !== "stdio") {
|
|
199
|
+
recommendations.push("Ensure HTTPS/TLS is enforced for remote transport to protect data in transit");
|
|
200
|
+
}
|
|
201
|
+
if (corsPermissive) {
|
|
202
|
+
recommendations.push("CORS policy is overly permissive (allows all origins). Restrict to specific trusted origins.");
|
|
203
|
+
}
|
|
204
|
+
if (!sessionSecure && securePatterns.length > 0) {
|
|
205
|
+
recommendations.push("Review session cookie security: ensure Secure, HttpOnly, and SameSite flags are set appropriately");
|
|
206
|
+
}
|
|
207
|
+
return {
|
|
208
|
+
usesTLS,
|
|
209
|
+
tlsEnforced,
|
|
210
|
+
hasInsecurePatterns: insecurePatterns.length > 0,
|
|
211
|
+
insecurePatterns,
|
|
212
|
+
hasSecurePatterns: securePatterns.length > 0,
|
|
213
|
+
securePatterns,
|
|
214
|
+
corsConfigured,
|
|
215
|
+
corsPermissive,
|
|
216
|
+
sessionSecure,
|
|
121
217
|
recommendations,
|
|
122
218
|
};
|
|
123
219
|
}
|
|
@@ -0,0 +1,39 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Cross-Capability Security Assessor Module
|
|
3
|
+
* Tests interactions between tools, resources, and prompts for security vulnerabilities
|
|
4
|
+
*
|
|
5
|
+
* Tests include:
|
|
6
|
+
* - Tool->Resource access patterns (can a tool expose unauthorized resources?)
|
|
7
|
+
* - Prompt->Tool interaction (can a prompt trigger dangerous tool calls?)
|
|
8
|
+
* - Resource->Tool data flow (is sensitive resource data passed to tools?)
|
|
9
|
+
* - Privilege escalation across capabilities
|
|
10
|
+
*/
|
|
11
|
+
import { CrossCapabilitySecurityAssessment } from "../../../lib/assessmentTypes.js";
|
|
12
|
+
import { BaseAssessor } from "./BaseAssessor.js";
|
|
13
|
+
import { AssessmentContext } from "../AssessmentOrchestrator.js";
|
|
14
|
+
export declare class CrossCapabilitySecurityAssessor extends BaseAssessor {
|
|
15
|
+
assess(context: AssessmentContext): Promise<CrossCapabilitySecurityAssessment>;
|
|
16
|
+
/**
|
|
17
|
+
* Test if tools can access resources in unauthorized ways
|
|
18
|
+
*/
|
|
19
|
+
private testToolResourceAccess;
|
|
20
|
+
/**
|
|
21
|
+
* Test if prompts could trigger dangerous tool calls
|
|
22
|
+
*/
|
|
23
|
+
private testPromptToolInteraction;
|
|
24
|
+
/**
|
|
25
|
+
* Test if resource data could be passed to tools in unsafe ways
|
|
26
|
+
*/
|
|
27
|
+
private testResourceToolDataFlow;
|
|
28
|
+
/**
|
|
29
|
+
* Test for privilege escalation paths
|
|
30
|
+
*/
|
|
31
|
+
private testPrivilegeEscalation;
|
|
32
|
+
private toolHasPathParameter;
|
|
33
|
+
private toolHasContentParameter;
|
|
34
|
+
private promptCouldTriggerTool;
|
|
35
|
+
private determineCrossCapabilityStatus;
|
|
36
|
+
private generateExplanation;
|
|
37
|
+
private generateRecommendations;
|
|
38
|
+
}
|
|
39
|
+
//# sourceMappingURL=CrossCapabilitySecurityAssessor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"CrossCapabilitySecurityAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/CrossCapabilitySecurityAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EACL,iCAAiC,EAGlC,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EACL,iBAAiB,EAGlB,MAAM,2BAA2B,CAAC;AAwDnC,qBAAa,+BAAgC,SAAQ,YAAY;IACzD,MAAM,CACV,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,iCAAiC,CAAC;IAsE7C;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAgD9B;;OAEG;IACH,OAAO,CAAC,yBAAyB;IA2DjC;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAoDhC;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAkF/B,OAAO,CAAC,oBAAoB;IAa5B,OAAO,CAAC,uBAAuB;IAW/B,OAAO,CAAC,sBAAsB;IAqB9B,OAAO,CAAC,8BAA8B;IAUtC,OAAO,CAAC,mBAAmB;IA+B3B,OAAO,CAAC,uBAAuB;CA+ChC"}
|