@bryan-thompson/inspector-assessment-client 1.26.3 → 1.26.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/assets/{OAuthCallback-TVHya7KP.js → OAuthCallback-DpdInvWI.js} +1 -1
- package/dist/assets/{OAuthDebugCallback-Cs3pMLdW.js → OAuthDebugCallback-D1ImpKK5.js} +1 -1
- package/dist/assets/{index-jBP9ZYhX.js → index-umcoGmYw.js} +4 -4
- package/dist/index.html +1 -1
- package/lib/lib/assessment/extendedTypes.d.ts +2 -1
- package/lib/lib/assessment/extendedTypes.d.ts.map +1 -1
- package/lib/lib/securityPatterns.d.ts.map +1 -1
- package/lib/lib/securityPatterns.js +26 -0
- package/lib/services/assessment/AssessmentOrchestrator.d.ts +1 -0
- package/lib/services/assessment/AssessmentOrchestrator.d.ts.map +1 -1
- package/lib/services/assessment/AssessmentOrchestrator.js +26 -0
- package/lib/services/assessment/modules/AuthenticationAssessor.d.ts.map +1 -1
- package/lib/services/assessment/modules/AuthenticationAssessor.js +94 -0
- package/lib/services/assessment/modules/securityTests/SecurityPayloadGenerator.d.ts.map +1 -1
- package/lib/services/assessment/modules/securityTests/SecurityPayloadGenerator.js +23 -0
- package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.d.ts.map +1 -1
- package/lib/services/assessment/modules/securityTests/SecurityResponseAnalyzer.js +14 -2
- package/package.json +1 -1
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-
|
|
1
|
+
import { u as useToast, r as reactExports, j as jsxRuntimeExports, p as parseOAuthCallbackParams, g as generateOAuthErrorDescription, S as SESSION_KEYS, I as InspectorOAuthClientProvider, a as auth } from "./index-umcoGmYw.js";
|
|
2
2
|
const OAuthCallback = ({ onConnect }) => {
|
|
3
3
|
const { toast } = useToast();
|
|
4
4
|
const hasProcessedRef = reactExports.useRef(false);
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-
|
|
1
|
+
import { r as reactExports, S as SESSION_KEYS, p as parseOAuthCallbackParams, j as jsxRuntimeExports, g as generateOAuthErrorDescription } from "./index-umcoGmYw.js";
|
|
2
2
|
const OAuthDebugCallback = ({ onConnect }) => {
|
|
3
3
|
reactExports.useEffect(() => {
|
|
4
4
|
let isProcessed = false;
|
|
@@ -16373,7 +16373,7 @@ object({
|
|
|
16373
16373
|
token_type_hint: string().optional()
|
|
16374
16374
|
}).strip();
|
|
16375
16375
|
const name = "@bryan-thompson/inspector-assessment-client";
|
|
16376
|
-
const version$1 = "1.26.
|
|
16376
|
+
const version$1 = "1.26.5";
|
|
16377
16377
|
const packageJson = {
|
|
16378
16378
|
name,
|
|
16379
16379
|
version: version$1
|
|
@@ -45288,7 +45288,7 @@ const useTheme = () => {
|
|
|
45288
45288
|
[theme, setThemeWithSideEffect]
|
|
45289
45289
|
);
|
|
45290
45290
|
};
|
|
45291
|
-
const version = "1.26.
|
|
45291
|
+
const version = "1.26.5";
|
|
45292
45292
|
var [createTooltipContext] = createContextScope("Tooltip", [
|
|
45293
45293
|
createPopperScope
|
|
45294
45294
|
]);
|
|
@@ -48845,13 +48845,13 @@ const App = () => {
|
|
|
48845
48845
|
) });
|
|
48846
48846
|
if (window.location.pathname === "/oauth/callback") {
|
|
48847
48847
|
const OAuthCallback = React.lazy(
|
|
48848
|
-
() => __vitePreload(() => import("./OAuthCallback-
|
|
48848
|
+
() => __vitePreload(() => import("./OAuthCallback-DpdInvWI.js"), true ? [] : void 0)
|
|
48849
48849
|
);
|
|
48850
48850
|
return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthCallback, { onConnect: onOAuthConnect }) });
|
|
48851
48851
|
}
|
|
48852
48852
|
if (window.location.pathname === "/oauth/callback/debug") {
|
|
48853
48853
|
const OAuthDebugCallback = React.lazy(
|
|
48854
|
-
() => __vitePreload(() => import("./OAuthDebugCallback-
|
|
48854
|
+
() => __vitePreload(() => import("./OAuthDebugCallback-D1ImpKK5.js"), true ? [] : void 0)
|
|
48855
48855
|
);
|
|
48856
48856
|
return /* @__PURE__ */ jsxRuntimeExports.jsx(reactExports.Suspense, { fallback: /* @__PURE__ */ jsxRuntimeExports.jsx("div", { children: "Loading..." }), children: /* @__PURE__ */ jsxRuntimeExports.jsx(OAuthDebugCallback, { onConnect: onOAuthDebugConnect }) });
|
|
48857
48857
|
}
|
package/dist/index.html
CHANGED
|
@@ -5,7 +5,7 @@
|
|
|
5
5
|
<link rel="icon" type="image/svg+xml" href="/mcp.svg" />
|
|
6
6
|
<meta name="viewport" content="width=device-width, initial-scale=1.0" />
|
|
7
7
|
<title>MCP Inspector</title>
|
|
8
|
-
<script type="module" crossorigin src="/assets/index-
|
|
8
|
+
<script type="module" crossorigin src="/assets/index-umcoGmYw.js"></script>
|
|
9
9
|
<link rel="stylesheet" crossorigin href="/assets/index-cHhcEXbr.css">
|
|
10
10
|
</head>
|
|
11
11
|
<body>
|
|
@@ -308,7 +308,7 @@ export interface TransportSecurityAnalysis {
|
|
|
308
308
|
recommendations: string[];
|
|
309
309
|
}
|
|
310
310
|
/** Type of authentication configuration finding */
|
|
311
|
-
export type AuthConfigFindingType = "ENV_DEPENDENT_AUTH" | "FAIL_OPEN_PATTERN" | "DEV_MODE_WARNING" | "HARDCODED_SECRET";
|
|
311
|
+
export type AuthConfigFindingType = "ENV_DEPENDENT_AUTH" | "FAIL_OPEN_PATTERN" | "FAIL_OPEN_LOGIC" | "DEV_MODE_WARNING" | "HARDCODED_SECRET";
|
|
312
312
|
/** Severity of auth configuration finding */
|
|
313
313
|
export type AuthConfigSeverity = "HIGH" | "MEDIUM" | "LOW";
|
|
314
314
|
/** Context lines surrounding a finding (Issue #66) */
|
|
@@ -337,6 +337,7 @@ export interface AuthConfigAnalysis {
|
|
|
337
337
|
/** Findings by type */
|
|
338
338
|
envDependentAuthCount: number;
|
|
339
339
|
failOpenPatternCount: number;
|
|
340
|
+
failOpenLogicCount: number;
|
|
340
341
|
devModeWarningCount: number;
|
|
341
342
|
hardcodedSecretCount: number;
|
|
342
343
|
/** Detailed findings */
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"extendedTypes.d.ts","sourceRoot":"","sources":["../../../src/lib/assessment/extendedTypes.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EACV,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,eAAe,EAChB,MAAM,aAAa,CAAC;AAOrB,MAAM,MAAM,WAAW,GACnB,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,CAAC;AAER,MAAM,MAAM,WAAW,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;AAElE,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,WAAW,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,WAAW,GAAG,kBAAkB,GAAG,QAAQ,GAAG,aAAa,CAAC;IACtE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,mBAAmB,EAAE,OAAO,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,YAAY,EAAE,CAAC;IAC3B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,gBAAgB,EAAE;QAChB,SAAS,EAAE,OAAO,CAAC;QACnB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,MAAM,EAAE,OAAO,CAAC;QAChB,UAAU,EAAE,OAAO,CAAC;KACrB,CAAC;IACF,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,CAAC;AAE3E,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,OAAO,CAAC;IACxB,WAAW,CAAC,EAAE;QACZ,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,aAAa,CAAC,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,gDAAgD;IAChD,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,gBAAgB,CAAC,EAAE;QACjB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,MAAM,EAAE,MAAM,CAAC;QACf,wCAAwC;QACxC,UAAU,EAAE,mBAAmB,CAAC;QAChC,yDAAyD;QACzD,WAAW,EAAE,OAAO,CAAC;KACtB,CAAC;IACF,iEAAiE;IACjE,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,iDAAiD;IACjD,oBAAoB,CAAC,EAAE;QACrB,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,EAAE,KAAK,CAAC;YACd,IAAI,EAAE,MAAM,CAAC;YACb,OAAO,EAAE,MAAM,CAAC;YAChB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;YACpC,QAAQ,EAAE,MAAM,CAAC;YACjB,QAAQ,EAAE,MAAM,CAAC;SAClB,CAAC,CAAC;QACH,SAAS,EAAE,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;KAC/C,CAAC;IACF,+CAA+C;IAC/C,gBAAgB,CAAC,EAAE;QACjB,kCAAkC;QAClC,SAAS,CAAC,EAAE;YACV,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,iBAAiB,CAAC,EAAE,MAAM,CAAC;YAC3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;SAC5B,CAAC;QACF,oCAAoC;QACpC,WAAW,CAAC,EAAE;YACZ,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;YACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;SACnB,CAAC;QACF,6BAA6B;QAC7B,YAAY,CAAC,EAAE;YACb,SAAS,EAAE,OAAO,CAAC;YACnB,MAAM,CAAC,EAAE,MAAM,CAAC;SACjB,CAAC;QACF,6BAA6B;QAC7B,cAAc,CAAC,EAAE;YACf,SAAS,EAAE,OAAO,CAAC;YACnB,YAAY,CAAC,EAAE,MAAM,CAAC;SACvB,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,oBAAoB,EAAE,CAAC;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gFAAgF;IAChF,0BAA0B,EAAE,MAAM,CAAC;IACnC,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,8CAA8C;IAC9C,OAAO,CAAC,EAAE;QACR,uDAAuD;QACvD,QAAQ,EAAE,MAAM,CAAC;QACjB,yDAAyD;QACzD,WAAW,EAAE,MAAM,CAAC;QACpB,uDAAuD;QACvD,WAAW,EAAE,MAAM,CAAC;QACpB,2CAA2C;QAC3C,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;IACF,6CAA6C;IAC7C,kBAAkB,CAAC,EAAE;QACnB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,MAAM,CAAC;QACnB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,uDAAuD;IACvD,iBAAiB,CAAC,EAAE;QAClB,oDAAoD;QACpD,GAAG,EAAE,MAAM,CAAC;QACZ,sCAAsC;QACtC,UAAU,EAAE,MAAM,CAAC;QACnB,sDAAsD;QACtD,QAAQ,EAAE,MAAM,CAAC;QACjB,sCAAsC;QACtC,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,oEAAoE;IACpE,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC,qDAAqD;IACrD,uBAAuB,CAAC,EAAE;QACxB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,oBAAoB,EAAE,MAAM,CAAC;QAC7B,qBAAqB,EAAE,MAAM,CAAC;QAC9B,oBAAoB,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,+CAA+C;IAC/C,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C,sDAAsD;IACtD,wBAAwB,CAAC,EAAE;QACzB,8CAA8C;QAC9C,kBAAkB,EAAE,MAAM,CAAC;QAC3B,qDAAqD;QACrD,kBAAkB,EAAE,MAAM,CAAC;QAC3B,gDAAgD;QAChD,aAAa,EAAE,MAAM,CAAC;QACtB,6DAA6D;QAC7D,uBAAuB,EAAE,MAAM,CAAC;KACjC,CAAC;CACH;AAOD,MAAM,MAAM,yBAAyB,GACjC,WAAW,GACX,OAAO,GACP,UAAU,GACV,SAAS,CAAC;AAEd,MAAM,MAAM,qBAAqB,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,CAAC;AAEpE,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,yBAAyB,CAAC;IACpC,QAAQ,EACJ,cAAc,GACd,eAAe,GACf,kBAAkB,GAClB,YAAY,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;IACxB,6EAA6E;IAC7E,WAAW,CAAC,EAAE,qBAAqB,CAAC;IACpC,4DAA4D;IAC5D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,OAAO,EAAE,sBAAsB,EAAE,CAAC;IAClC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,EAAE,MAAM,CAAC;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE;QACV,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;QAChB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC9B,CAAC;IACF,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;CACxC;AAED,MAAM,WAAW,4BAA4B;IAC3C,WAAW,EAAE,OAAO,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,wBAAwB,EAAE,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,4CAA4C;IAC5C,eAAe,CAAC,EAAE;QAChB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,iBAAiB,EAAE,uBAAuB,EAAE,CAAC;QAC7C,aAAa,EAAE,OAAO,CAAC;KACxB,CAAC;IACF,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EACA,gBAAgB,GAChB,mBAAmB,GACnB,yBAAyB,GACzB,eAAe,GACf,gBAAgB,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACpC,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,OAAO,CAAC;IACxB,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;IAE1B,yCAAyC;IACzC,aAAa,CAAC,EAAE,KAAK,CAAC;QACpB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,OAAO,CAAC;QACpB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC,CAAC;IACH,gCAAgC;IAChC,gBAAgB,CAAC,EAAE;QACjB,SAAS,EAAE,KAAK,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,CAAC;QACjD,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;CACH;AAMD,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,4BAA4B;IAC3C,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAMD,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,GAAG,SAAS,CAAC;AAElE,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,OAAO,CAAC;IACvB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,OAAO,CAAC;IACrB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,cAAc,EAAE,OAAO,CAAC;IACxB,cAAc,EAAE,OAAO,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;IACvB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,mDAAmD;AACnD,MAAM,MAAM,qBAAqB,GAC7B,oBAAoB,GACpB,mBAAmB,GACnB,kBAAkB,GAClB,kBAAkB,CAAC;AAEvB,6CAA6C;AAC7C,MAAM,MAAM,kBAAkB,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE3D,sDAAsD;AACtD,MAAM,WAAW,wBAAwB;IACvC,sEAAsE;IACtE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oEAAoE;IACpE,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wCAAwC;AACxC,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,qBAAqB,CAAC;IAC5B,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,oEAAoE;IACpE,OAAO,CAAC,EAAE,wBAAwB,CAAC;CACpC;AAED,0CAA0C;AAC1C,MAAM,WAAW,kBAAkB;IACjC,8BAA8B;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,uBAAuB;IACvB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,wBAAwB;IACxB,QAAQ,EAAE,iBAAiB,EAAE,CAAC;IAC9B,qCAAqC;IACrC,eAAe,EAAE,OAAO,CAAC;IACzB,8CAA8C;IAC9C,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,UAAU,CAAC;IACvB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,mBAAmB,CAAC;IACrC,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE;QAChB,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,uBAAuB,EAAE,MAAM,EAAE,CAAC;QAClC,gBAAgB,EAAE,MAAM,EAAE,CAAC;KAC5B,CAAC;IACF,iBAAiB,CAAC,EAAE,yBAAyB,CAAC;IAC9C,2FAA2F;IAC3F,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,OAAO,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,mBAAmB,GAAG,qBAAqB,GAAG,IAAI,CAAC;IAC5D,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;IACrC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE;QACT,mBAAmB,EAAE,OAAO,CAAC;QAC7B,wBAAwB,EAAE,OAAO,CAAC;KACnC,CAAC;IAEF,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,kBAAkB,CAAC,EAAE;QACnB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,aAAa,CAAC,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,qEAAqE;IACrE,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD,kEAAkE;IAClE,eAAe,CAAC,EAAE,KAAK,CAAC;QACtB,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,sBAAsB,CAAC;KACxC,CAAC,CAAC;CACJ;AAOD;;;;;;;GAOG;AACH,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,YAAY,GAAG,YAAY,CAAC;AAEtE;;;GAGG;AACH,MAAM,WAAW,sBAAsB;IACrC,gCAAgC;IAChC,IAAI,EAAE,YAAY,CAAC;IACnB,uCAAuC;IACvC,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,oDAAoD;IACpD,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,kDAAkD;IAClD,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,yEAAyE;IACzE,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,2BAA2B,EAAE,MAAM,CAAC;IACpC,OAAO,EAAE,kBAAkB,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,UAAU,EAAE,OAAO,CAAC;IACpB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,uBAAuB,EAAE,OAAO,CAAC;IACjC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,uBAAuB,EAAE,OAAO,CAAC;IACjC,uBAAuB,EAAE,MAAM,EAAE,CAAC;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,2DAA2D;IAC3D,iBAAiB,CAAC,EAAE,KAAK,CAAC;QACxB,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;QACzC,QAAQ,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IACH,iCAAiC;IACjC,cAAc,CAAC,EAAE;QACf,YAAY,EAAE,OAAO,CAAC;QACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,oDAAoD;IACpD,kBAAkB,CAAC,EAAE,QAAQ,GAAG,UAAU,GAAG,cAAc,GAAG,YAAY,CAAC;CAC5E;AAED,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,EAAE,MAAM,CAAC;IAChC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,4BAA4B,EAAE,MAAM,CAAC;IACrC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,8BAA8B,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,kBAAkB,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,OAAO,CAAC;IAChB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kBAAkB,EAAE,OAAO,CAAC;IAC5B,YAAY,EAAE,OAAO,CAAC;IACtB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,6CAA6C;IAC7C,cAAc,CAAC,EAAE;QACf,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,EAAE,CAAC;QACpB,SAAS,EAAE,OAAO,CAAC;KACpB,CAAC;IACF,+BAA+B;IAC/B,cAAc,CAAC,EAAE;QACf,gBAAgB,EAAE,OAAO,CAAC;QAC1B,aAAa,EAAE,OAAO,CAAC;QACvB,eAAe,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC;CACH;AAED,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,wBAAwB,EAAE,MAAM,CAAC;IACjC,wBAAwB,EAAE,MAAM,CAAC;IACjC,OAAO,EAAE,gBAAgB,EAAE,CAAC;IAC5B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EACJ,kBAAkB,GAClB,gBAAgB,GAChB,kBAAkB,GAClB,sBAAsB,CAAC;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IAEpB,uDAAuD;IACvD,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,qCAAqC;IACrC,oBAAoB,CAAC,EAAE;QACrB,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,kBAAkB,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,6DAA6D;IAC7D,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACxC;AAED,MAAM,WAAW,iCAAiC;IAChD,QAAQ,EAAE,MAAM,CAAC;IACjB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,wBAAwB,EAAE,MAAM,CAAC;IACjC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,yBAAyB,EAAE,CAAC;IACrC,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAQD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,+BAA+B;IAC/B,MAAM,EAAE,OAAO,CAAC;IAChB,2CAA2C;IAC3C,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,kDAAkD;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,gEAAgE;IAChE,aAAa,EAAE,MAAM,CAAC;IACtB,mFAAmF;IACnF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,WAAW,6BAA6B;IAC5C,iCAAiC;IACjC,MAAM,EAAE;QACN,0FAA0F;QAC1F,mBAAmB,EAAE,aAAa,CAAC;QACnC,uEAAuE;QACvE,kBAAkB,EAAE,aAAa,CAAC;QAClC,iEAAiE;QACjE,uBAAuB,EAAE,aAAa,CAAC;QACvC,mFAAmF;QACnF,qBAAqB,CAAC,EAAE,aAAa,CAAC;QACtC,6EAA6E;QAC7E,gBAAgB,CAAC,EAAE,aAAa,CAAC;KAClC,CAAC;IACF,wCAAwC;IACxC,KAAK,EAAE,MAAM,CAAC;IACd,mEAAmE;IACnE,MAAM,EAAE,gBAAgB,CAAC;IACzB,0DAA0D;IAC1D,WAAW,EAAE,MAAM,CAAC;IACpB,yDAAyD;IACzD,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD;;GAEG;AACH,MAAM,MAAM,eAAe,GACvB,OAAO,GACP,SAAS,GACT,QAAQ,GACR,YAAY,GACZ,OAAO,GACP,OAAO,GACP,UAAU,GACV,WAAW,GACX,UAAU,GACV,WAAW,GACX,eAAe,GACf,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;AAErD;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEnE;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,4CAA4C;IAC5C,UAAU,EAAE,sBAAsB,CAAC;IACnC,iDAAiD;IACjD,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,4DAA4D;IAC5D,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,mDAAmD;IACnD,cAAc,EAAE,aAAa,EAAE,CAAC;IAChC,6DAA6D;IAC7D,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,0DAA0D;IAC1D,qBAAqB,EAAE,OAAO,CAAC;IAC/B,uCAAuC;IACvC,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,uCAAuC;IACvC,QAAQ,EAAE;QACR,mDAAmD;QACnD,kBAAkB,EAAE,MAAM,EAAE,CAAC;QAC7B,oDAAoD;QACpD,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,yDAAyD;QACzD,iBAAiB,EAAE,MAAM,EAAE,CAAC;KAC7B,CAAC;CACH;AAOD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,uDAAuD;IACvD,gBAAgB,EAAE,OAAO,CAAC;IAC1B,yDAAyD;IACzD,mBAAmB,EAAE,OAAO,CAAC;IAC7B,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,uDAAuD;IACvD,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,WAAW,+BAA+B;IAC9C,8BAA8B;IAC9B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,+BAA+B;IAC/B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,yCAAyC;IACzC,WAAW,EAAE,OAAO,CAAC;IACrB,0CAA0C;IAC1C,OAAO,EAAE;QACP,6CAA6C;QAC7C,iBAAiB,CAAC,EAAE,eAAe,CAAC;QACpC,+CAA+C;QAC/C,iBAAiB,CAAC,EAAE,eAAe,CAAC;QACpC,wCAAwC;QACxC,iBAAiB,CAAC,EAAE,eAAe,CAAC;QACpC,yCAAyC;QACzC,kBAAkB,CAAC,EAAE,eAAe,CAAC;KACtC,CAAC;IACF,qDAAqD;IACrD,oBAAoB,EAAE,MAAM,CAAC;CAC9B"}
|
|
1
|
+
{"version":3,"file":"extendedTypes.d.ts","sourceRoot":"","sources":["../../../src/lib/assessment/extendedTypes.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EACV,gBAAgB,EAChB,iBAAiB,EACjB,mBAAmB,EACnB,eAAe,EAChB,MAAM,aAAa,CAAC;AAOrB,MAAM,MAAM,WAAW,GACnB,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,GACH,GAAG,CAAC;AAER,MAAM,MAAM,WAAW,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;AAElE,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,WAAW,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,WAAW,CAAC;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,WAAW,GAAG,kBAAkB,GAAG,QAAQ,GAAG,aAAa,CAAC;IACtE,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,mBAAmB,EAAE,OAAO,CAAC;IAC7B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,YAAY,EAAE,CAAC;IAC3B,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,gBAAgB,EAAE;QAChB,SAAS,EAAE,OAAO,CAAC;QACnB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,MAAM,EAAE,OAAO,CAAC;QAChB,UAAU,EAAE,OAAO,CAAC;KACrB,CAAC;IACF,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,aAAa,GAAG,UAAU,GAAG,MAAM,CAAC;AAE3E,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,cAAc,EAAE,OAAO,CAAC;IACxB,WAAW,CAAC,EAAE;QACZ,YAAY,CAAC,EAAE,OAAO,CAAC;QACvB,eAAe,CAAC,EAAE,OAAO,CAAC;QAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,aAAa,CAAC,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,gDAAgD;IAChD,gBAAgB,CAAC,EAAE,gBAAgB,CAAC;IACpC,gBAAgB,CAAC,EAAE;QACjB,gBAAgB,EAAE,OAAO,CAAC;QAC1B,mBAAmB,EAAE,OAAO,CAAC;QAC7B,MAAM,EAAE,MAAM,CAAC;QACf,wCAAwC;QACxC,UAAU,EAAE,mBAAmB,CAAC;QAChC,yDAAyD;QACzD,WAAW,EAAE,OAAO,CAAC;KACtB,CAAC;IACF,iEAAiE;IACjE,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,iDAAiD;IACjD,oBAAoB,CAAC,EAAE;QACrB,QAAQ,EAAE,OAAO,CAAC;QAClB,QAAQ,EAAE,KAAK,CAAC;YACd,IAAI,EAAE,MAAM,CAAC;YACb,OAAO,EAAE,MAAM,CAAC;YAChB,QAAQ,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;YACpC,QAAQ,EAAE,MAAM,CAAC;YACjB,QAAQ,EAAE,MAAM,CAAC;SAClB,CAAC,CAAC;QACH,SAAS,EAAE,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;KAC/C,CAAC;IACF,+CAA+C;IAC/C,gBAAgB,CAAC,EAAE;QACjB,kCAAkC;QAClC,SAAS,CAAC,EAAE;YACV,QAAQ,CAAC,EAAE,MAAM,CAAC;YAClB,WAAW,CAAC,EAAE,MAAM,CAAC;YACrB,iBAAiB,CAAC,EAAE,MAAM,CAAC;YAC3B,iBAAiB,CAAC,EAAE,MAAM,CAAC;SAC5B,CAAC;QACF,oCAAoC;QACpC,WAAW,CAAC,EAAE;YACZ,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;YACpB,MAAM,CAAC,EAAE,MAAM,EAAE,CAAC;SACnB,CAAC;QACF,6BAA6B;QAC7B,YAAY,CAAC,EAAE;YACb,SAAS,EAAE,OAAO,CAAC;YACnB,MAAM,CAAC,EAAE,MAAM,CAAC;SACjB,CAAC;QACF,6BAA6B;QAC7B,cAAc,CAAC,EAAE;YACf,SAAS,EAAE,OAAO,CAAC;YACnB,YAAY,CAAC,EAAE,MAAM,CAAC;SACvB,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,wBAAwB;IACvC,WAAW,EAAE,oBAAoB,EAAE,CAAC;IACpC,cAAc,EAAE,MAAM,CAAC;IACvB,uBAAuB,EAAE,MAAM,CAAC;IAChC,gFAAgF;IAChF,0BAA0B,EAAE,MAAM,CAAC;IACnC,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,8CAA8C;IAC9C,OAAO,CAAC,EAAE;QACR,uDAAuD;QACvD,QAAQ,EAAE,MAAM,CAAC;QACjB,yDAAyD;QACzD,WAAW,EAAE,MAAM,CAAC;QACpB,uDAAuD;QACvD,WAAW,EAAE,MAAM,CAAC;QACpB,2CAA2C;QAC3C,cAAc,EAAE,MAAM,CAAC;KACxB,CAAC;IACF,6CAA6C;IAC7C,kBAAkB,CAAC,EAAE;QACnB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,MAAM,CAAC;QACnB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC;IACF,uDAAuD;IACvD,iBAAiB,CAAC,EAAE;QAClB,oDAAoD;QACpD,GAAG,EAAE,MAAM,CAAC;QACZ,sCAAsC;QACtC,UAAU,EAAE,MAAM,CAAC;QACnB,sDAAsD;QACtD,QAAQ,EAAE,MAAM,CAAC;QACjB,sCAAsC;QACtC,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,oEAAoE;IACpE,4BAA4B,CAAC,EAAE,MAAM,CAAC;IACtC,qDAAqD;IACrD,uBAAuB,CAAC,EAAE;QACxB,mBAAmB,EAAE,MAAM,CAAC;QAC5B,oBAAoB,EAAE,MAAM,CAAC;QAC7B,qBAAqB,EAAE,MAAM,CAAC;QAC9B,oBAAoB,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,+CAA+C;IAC/C,oBAAoB,CAAC,EAAE,oBAAoB,CAAC;IAC5C,sDAAsD;IACtD,wBAAwB,CAAC,EAAE;QACzB,8CAA8C;QAC9C,kBAAkB,EAAE,MAAM,CAAC;QAC3B,qDAAqD;QACrD,kBAAkB,EAAE,MAAM,CAAC;QAC3B,gDAAgD;QAChD,aAAa,EAAE,MAAM,CAAC;QACtB,6DAA6D;QAC7D,uBAAuB,EAAE,MAAM,CAAC;KACjC,CAAC;CACH;AAOD,MAAM,MAAM,yBAAyB,GACjC,WAAW,GACX,OAAO,GACP,UAAU,GACV,SAAS,CAAC;AAEd,MAAM,MAAM,qBAAqB,GAAG,QAAQ,GAAG,QAAQ,GAAG,SAAS,CAAC;AAEpE,MAAM,WAAW,sBAAsB;IACrC,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,yBAAyB,CAAC;IACpC,QAAQ,EACJ,cAAc,GACd,eAAe,GACf,kBAAkB,GAClB,YAAY,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,MAAM,EAAE,MAAM,CAAC;IACf,eAAe,EAAE,MAAM,CAAC;IACxB,6EAA6E;IAC7E,WAAW,CAAC,EAAE,qBAAqB,CAAC;IACpC,4DAA4D;IAC5D,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,6CAA6C;IAC7C,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;CACxB;AAED,MAAM,WAAW,6BAA6B;IAC5C,OAAO,EAAE,sBAAsB,EAAE,CAAC;IAClC,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,qBAAqB,EAAE,OAAO,CAAC;IAC/B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,kBAAkB;IACjC,gBAAgB,EAAE,MAAM,CAAC;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE;QACV,OAAO,EAAE,MAAM,CAAC;QAChB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;QAChB,GAAG,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;KAC9B,CAAC;IACF,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC7B;AAED;;;GAGG;AACH,MAAM,WAAW,uBAAuB;IACtC,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,OAAO,CAAC;IACf,KAAK,CAAC,EAAE,OAAO,CAAC;IAChB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;CACxC;AAED,MAAM,WAAW,4BAA4B;IAC3C,WAAW,EAAE,OAAO,CAAC;IACrB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,EAAE,wBAAwB,EAAE,CAAC;IAC9C,OAAO,EAAE,OAAO,CAAC;IACjB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,4CAA4C;IAC5C,eAAe,CAAC,EAAE;QAChB,QAAQ,EAAE,MAAM,EAAE,CAAC;QACnB,iBAAiB,EAAE,uBAAuB,EAAE,CAAC;QAC7C,aAAa,EAAE,OAAO,CAAC;KACxB,CAAC;IACF,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EACA,gBAAgB,GAChB,mBAAmB,GACnB,yBAAyB,GACzB,eAAe,GACf,gBAAgB,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACpC,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,qBAAqB;IACpC,MAAM,EAAE,gBAAgB,EAAE,CAAC;IAC3B,YAAY,EAAE,MAAM,CAAC;IACrB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,WAAW,EAAE,OAAO,CAAC;IACrB,cAAc,EAAE,OAAO,CAAC;IACxB,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;IAE1B,yCAAyC;IACzC,aAAa,CAAC,EAAE,KAAK,CAAC;QACpB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,OAAO,CAAC;QACpB,kBAAkB,CAAC,EAAE,MAAM,CAAC;KAC7B,CAAC,CAAC;IACH,gCAAgC;IAChC,gBAAgB,CAAC,EAAE;QACjB,SAAS,EAAE,KAAK,GAAG,SAAS,GAAG,OAAO,GAAG,OAAO,CAAC;QACjD,OAAO,EAAE,MAAM,EAAE,CAAC;KACnB,CAAC;CACH;AAMD,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,4BAA4B;IAC3C,YAAY,EAAE,WAAW,EAAE,CAAC;IAC5B,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAMD,MAAM,MAAM,UAAU,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,GAAG,SAAS,CAAC;AAElE,MAAM,WAAW,mBAAmB;IAClC,aAAa,EAAE,OAAO,CAAC;IACvB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,OAAO,CAAC;IACjB,WAAW,EAAE,OAAO,CAAC;IACrB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B,iBAAiB,EAAE,OAAO,CAAC;IAC3B,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,cAAc,EAAE,OAAO,CAAC;IACxB,cAAc,EAAE,OAAO,CAAC;IACxB,aAAa,EAAE,OAAO,CAAC;IACvB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,mDAAmD;AACnD,MAAM,MAAM,qBAAqB,GAC7B,oBAAoB,GACpB,mBAAmB,GACnB,iBAAiB,GACjB,kBAAkB,GAClB,kBAAkB,CAAC;AAEvB,6CAA6C;AAC7C,MAAM,MAAM,kBAAkB,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE3D,sDAAsD;AACtD,MAAM,WAAW,wBAAwB;IACvC,sEAAsE;IACtE,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,oEAAoE;IACpE,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,wCAAwC;AACxC,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,qBAAqB,CAAC;IAC5B,QAAQ,EAAE,kBAAkB,CAAC;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,oEAAoE;IACpE,OAAO,CAAC,EAAE,wBAAwB,CAAC;CACpC;AAED,0CAA0C;AAC1C,MAAM,WAAW,kBAAkB;IACjC,8BAA8B;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,uBAAuB;IACvB,qBAAqB,EAAE,MAAM,CAAC;IAC9B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,kBAAkB,EAAE,MAAM,CAAC;IAC3B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,oBAAoB,EAAE,MAAM,CAAC;IAC7B,wBAAwB;IACxB,QAAQ,EAAE,iBAAiB,EAAE,CAAC;IAC9B,qCAAqC;IACrC,eAAe,EAAE,OAAO,CAAC;IACzB,8CAA8C;IAC9C,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,UAAU,CAAC;IACvB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,aAAa,EAAE,MAAM,CAAC;IACtB,eAAe,EAAE,mBAAmB,CAAC;IACrC,cAAc,EAAE,MAAM,CAAC;IACvB,gBAAgB,EAAE;QAChB,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,uBAAuB,EAAE,MAAM,EAAE,CAAC;QAClC,gBAAgB,EAAE,MAAM,EAAE,CAAC;KAC5B,CAAC;IACF,iBAAiB,CAAC,EAAE,yBAAyB,CAAC;IAC9C,2FAA2F;IAC3F,kBAAkB,CAAC,EAAE,kBAAkB,CAAC;IACxC,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,OAAO,CAAC;IACpB,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IAChC,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,mBAAmB,GAAG,qBAAqB,GAAG,IAAI,CAAC;IAC5D,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;IACrC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE;QACT,mBAAmB,EAAE,OAAO,CAAC;QAC7B,wBAAwB,EAAE,OAAO,CAAC;KACnC,CAAC;IAEF,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,oBAAoB,CAAC,EAAE,MAAM,GAAG,IAAI,CAAC;IACrC,kBAAkB,CAAC,EAAE;QACnB,mBAAmB,CAAC,EAAE,MAAM,CAAC;QAC7B,kBAAkB,CAAC,EAAE,MAAM,CAAC;QAC5B,cAAc,CAAC,EAAE,OAAO,CAAC;QACzB,aAAa,CAAC,EAAE,OAAO,CAAC;KACzB,CAAC;IACF,qEAAqE;IACrE,sBAAsB,CAAC,EAAE,sBAAsB,CAAC;IAChD,kEAAkE;IAClE,eAAe,CAAC,EAAE,KAAK,CAAC;QACtB,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,sBAAsB,CAAC;KACxC,CAAC,CAAC;CACJ;AAOD;;;;;;;GAOG;AACH,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,YAAY,GAAG,YAAY,CAAC;AAEtE;;;GAGG;AACH,MAAM,WAAW,sBAAsB;IACrC,gCAAgC;IAChC,IAAI,EAAE,YAAY,CAAC;IACnB,uCAAuC;IACvC,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,oDAAoD;IACpD,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,kDAAkD;IAClD,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,yEAAyE;IACzE,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;CAC/B;AAED,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,kBAAkB,EAAE,MAAM,CAAC;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,2BAA2B,EAAE,MAAM,CAAC;IACpC,OAAO,EAAE,kBAAkB,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,kBAAkB;IACjC,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,OAAO,CAAC;IAChB,UAAU,EAAE,OAAO,CAAC;IACpB,cAAc,EAAE,MAAM,EAAE,CAAC;IACzB,uBAAuB,EAAE,OAAO,CAAC;IACjC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,uBAAuB,EAAE,OAAO,CAAC;IACjC,uBAAuB,EAAE,MAAM,EAAE,CAAC;IAClC,QAAQ,EAAE,OAAO,CAAC;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,gBAAgB,CAAC,EAAE,MAAM,CAAC;IAC1B,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,2DAA2D;IAC3D,iBAAiB,CAAC,EAAE,KAAK,CAAC;QACxB,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;QACzC,QAAQ,EAAE,OAAO,CAAC;KACnB,CAAC,CAAC;IACH,iCAAiC;IACjC,cAAc,CAAC,EAAE;QACf,YAAY,EAAE,OAAO,CAAC;QACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,oDAAoD;IACpD,kBAAkB,CAAC,EAAE,QAAQ,GAAG,UAAU,GAAG,cAAc,GAAG,YAAY,CAAC;CAC5E;AAED,MAAM,WAAW,kBAAkB;IACjC,eAAe,EAAE,MAAM,CAAC;IACxB,uBAAuB,EAAE,MAAM,CAAC;IAChC,mBAAmB,EAAE,MAAM,CAAC;IAC5B,mBAAmB,EAAE,MAAM,CAAC;IAC5B,4BAA4B,EAAE,MAAM,CAAC;IACrC,sBAAsB,EAAE,MAAM,CAAC;IAC/B,8BAA8B,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,kBAAkB,EAAE,CAAC;IAC9B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,OAAO,CAAC;IAChB,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kBAAkB,EAAE,OAAO,CAAC;IAC5B,YAAY,EAAE,OAAO,CAAC;IACtB,mBAAmB,EAAE,OAAO,CAAC;IAC7B,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,6CAA6C;IAC7C,cAAc,CAAC,EAAE;QACf,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,EAAE,CAAC;QACpB,SAAS,EAAE,OAAO,CAAC;KACpB,CAAC;IACF,+BAA+B;IAC/B,cAAc,CAAC,EAAE;QACf,gBAAgB,EAAE,OAAO,CAAC;QAC1B,aAAa,EAAE,OAAO,CAAC;QACvB,eAAe,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC;CACH;AAED,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,MAAM,CAAC;IACtB,aAAa,EAAE,MAAM,CAAC;IACtB,wBAAwB,EAAE,MAAM,CAAC;IACjC,wBAAwB,EAAE,MAAM,CAAC;IACjC,OAAO,EAAE,gBAAgB,EAAE,CAAC;IAC5B,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD,MAAM,WAAW,yBAAyB;IACxC,QAAQ,EACJ,kBAAkB,GAClB,gBAAgB,GAChB,kBAAkB,GAClB,sBAAsB,CAAC;IAC3B,gBAAgB,EAAE,MAAM,CAAC;IACzB,gBAAgB,EAAE,MAAM,CAAC;IACzB,UAAU,EAAE,OAAO,CAAC;IACpB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IAEpB,uDAAuD;IACvD,yBAAyB,CAAC,EAAE,MAAM,CAAC;IACnC,qCAAqC;IACrC,oBAAoB,CAAC,EAAE;QACrB,eAAe,EAAE,MAAM,EAAE,CAAC;QAC1B,kBAAkB,EAAE,MAAM,CAAC;KAC5B,CAAC;IACF,6DAA6D;IAC7D,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,wCAAwC;IACxC,UAAU,CAAC,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACxC;AAED,MAAM,WAAW,iCAAiC;IAChD,QAAQ,EAAE,MAAM,CAAC;IACjB,oBAAoB,EAAE,MAAM,CAAC;IAC7B,wBAAwB,EAAE,MAAM,CAAC;IACjC,kBAAkB,EAAE,MAAM,CAAC;IAC3B,OAAO,EAAE,yBAAyB,EAAE,CAAC;IACrC,MAAM,EAAE,gBAAgB,CAAC;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAQD;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,+BAA+B;IAC/B,MAAM,EAAE,OAAO,CAAC;IAChB,2CAA2C;IAC3C,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,kDAAkD;IAClD,QAAQ,EAAE,MAAM,CAAC;IACjB,gEAAgE;IAChE,aAAa,EAAE,MAAM,CAAC;IACtB,mFAAmF;IACnF,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,6DAA6D;IAC7D,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;CACrB;AAED;;;;GAIG;AACH,MAAM,WAAW,6BAA6B;IAC5C,iCAAiC;IACjC,MAAM,EAAE;QACN,0FAA0F;QAC1F,mBAAmB,EAAE,aAAa,CAAC;QACnC,uEAAuE;QACvE,kBAAkB,EAAE,aAAa,CAAC;QAClC,iEAAiE;QACjE,uBAAuB,EAAE,aAAa,CAAC;QACvC,mFAAmF;QACnF,qBAAqB,CAAC,EAAE,aAAa,CAAC;QACtC,6EAA6E;QAC7E,gBAAgB,CAAC,EAAE,aAAa,CAAC;KAClC,CAAC;IACF,wCAAwC;IACxC,KAAK,EAAE,MAAM,CAAC;IACd,mEAAmE;IACnE,MAAM,EAAE,gBAAgB,CAAC;IACzB,0DAA0D;IAC1D,WAAW,EAAE,MAAM,CAAC;IACpB,yDAAyD;IACzD,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAOD;;GAEG;AACH,MAAM,MAAM,eAAe,GACvB,OAAO,GACP,SAAS,GACT,QAAQ,GACR,YAAY,GACZ,OAAO,GACP,OAAO,GACP,UAAU,GACV,WAAW,GACX,UAAU,GACV,WAAW,GACX,eAAe,GACf,SAAS,CAAC;AAEd;;GAEG;AACH,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,MAAM,GAAG,KAAK,CAAC;AAErD;;GAEG;AACH,MAAM,MAAM,sBAAsB,GAAG,OAAO,GAAG,QAAQ,GAAG,QAAQ,CAAC;AAEnE;;;GAGG;AACH,MAAM,WAAW,oBAAoB;IACnC,4CAA4C;IAC5C,UAAU,EAAE,sBAAsB,CAAC;IACnC,iDAAiD;IACjD,eAAe,CAAC,EAAE,eAAe,CAAC;IAClC,4DAA4D;IAC5D,gBAAgB,EAAE,eAAe,EAAE,CAAC;IACpC,mDAAmD;IACnD,cAAc,EAAE,aAAa,EAAE,CAAC;IAChC,6DAA6D;IAC7D,oBAAoB,EAAE,MAAM,EAAE,CAAC;IAC/B,0DAA0D;IAC1D,qBAAqB,EAAE,OAAO,CAAC;IAC/B,uCAAuC;IACvC,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,uCAAuC;IACvC,QAAQ,EAAE;QACR,mDAAmD;QACnD,kBAAkB,EAAE,MAAM,EAAE,CAAC;QAC7B,oDAAoD;QACpD,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,yDAAyD;QACzD,iBAAiB,EAAE,MAAM,EAAE,CAAC;KAC7B,CAAC;CACH;AAOD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,uDAAuD;IACvD,gBAAgB,EAAE,OAAO,CAAC;IAC1B,yDAAyD;IACzD,mBAAmB,EAAE,OAAO,CAAC;IAC7B,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,uDAAuD;IACvD,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED;;;GAGG;AACH,MAAM,WAAW,+BAA+B;IAC9C,8BAA8B;IAC9B,gBAAgB,EAAE,OAAO,CAAC;IAC1B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,uCAAuC;IACvC,MAAM,EAAE,MAAM,CAAC;IACf,+BAA+B;IAC/B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,yCAAyC;IACzC,WAAW,EAAE,OAAO,CAAC;IACrB,0CAA0C;IAC1C,OAAO,EAAE;QACP,6CAA6C;QAC7C,iBAAiB,CAAC,EAAE,eAAe,CAAC;QACpC,+CAA+C;QAC/C,iBAAiB,CAAC,EAAE,eAAe,CAAC;QACpC,wCAAwC;QACxC,iBAAiB,CAAC,EAAE,eAAe,CAAC;QACpC,yCAAyC;QACzC,kBAAkB,CAAC,EAAE,eAAe,CAAC;KACtC,CAAC;IACF,qDAAqD;IACrD,oBAAoB,EAAE,MAAM,CAAC;CAC9B"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"securityPatterns.d.ts","sourceRoot":"","sources":["../../src/lib/securityPatterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,eAAO,MAAM,wBAAwB,EAAE,aAAa,
|
|
1
|
+
{"version":3,"file":"securityPatterns.d.ts","sourceRoot":"","sources":["../../src/lib/securityPatterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;GAyBG;AAEH,OAAO,EAAE,iBAAiB,EAAE,MAAM,mBAAmB,CAAC;AAEtD,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,iBAAiB,CAAC;IAC7B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,eAAe,EAAE,CAAC;CAC7B;AAED;;;;;;GAMG;AACH,eAAO,MAAM,wBAAwB,EAAE,aAAa,EA64CnD,CAAC;AAEF;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,UAAU,EAAE,MAAM,EAClB,KAAK,CAAC,EAAE,MAAM,GACb,eAAe,EAAE,CAQnB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,aAAa,EAAE,CAEtD;AAED;;GAEG;AACH,wBAAgB,oBAAoB;;;;;;;;EA8BnC"}
|
|
@@ -1287,6 +1287,32 @@ export const SECURITY_ATTACK_PATTERNS = [
|
|
|
1287
1287
|
"access_token",
|
|
1288
1288
|
],
|
|
1289
1289
|
},
|
|
1290
|
+
// Auth failure simulation payloads (Issue #79)
|
|
1291
|
+
// These target tools with simulate_failure parameter to test fail-open behavior
|
|
1292
|
+
{
|
|
1293
|
+
payload: "timeout",
|
|
1294
|
+
evidence: /"auth_type"\s*:\s*"fail-open"|"auth_status"\s*:\s*"bypassed"/i,
|
|
1295
|
+
riskLevel: "HIGH",
|
|
1296
|
+
description: "Simulate auth service timeout - should deny access",
|
|
1297
|
+
payloadType: "auth_failure",
|
|
1298
|
+
parameterTypes: ["simulate_failure", "failure_mode", "failure_type"],
|
|
1299
|
+
},
|
|
1300
|
+
{
|
|
1301
|
+
payload: "exception",
|
|
1302
|
+
evidence: /"auth_type"\s*:\s*"fail-open"|"auth_status"\s*:\s*"bypassed"/i,
|
|
1303
|
+
riskLevel: "HIGH",
|
|
1304
|
+
description: "Simulate auth service exception - should deny access",
|
|
1305
|
+
payloadType: "auth_failure",
|
|
1306
|
+
parameterTypes: ["simulate_failure", "failure_mode", "failure_type"],
|
|
1307
|
+
},
|
|
1308
|
+
{
|
|
1309
|
+
payload: "network_error",
|
|
1310
|
+
evidence: /"auth_type"\s*:\s*"fail-open"|"auth_status"\s*:\s*"bypassed"/i,
|
|
1311
|
+
riskLevel: "HIGH",
|
|
1312
|
+
description: "Simulate network error - should deny access",
|
|
1313
|
+
payloadType: "auth_failure",
|
|
1314
|
+
parameterTypes: ["simulate_failure", "failure_mode", "failure_type"],
|
|
1315
|
+
},
|
|
1290
1316
|
],
|
|
1291
1317
|
},
|
|
1292
1318
|
];
|
|
@@ -106,6 +106,7 @@ export declare class AssessmentOrchestrator {
|
|
|
106
106
|
private portabilityAssessor?;
|
|
107
107
|
private externalAPIScannerAssessor?;
|
|
108
108
|
private temporalAssessor?;
|
|
109
|
+
private authenticationAssessor?;
|
|
109
110
|
private resourceAssessor?;
|
|
110
111
|
private promptAssessor?;
|
|
111
112
|
private crossCapabilityAssessor?;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AssessmentOrchestrator.d.ts","sourceRoot":"","sources":["../../../src/services/assessment/AssessmentOrchestrator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EAEvB,kBAAkB,EAClB,gBAAgB,EAChB,UAAU,EACX,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,IAAI,EACJ,2BAA2B,EAC5B,MAAM,oCAAoC,CAAC;
|
|
1
|
+
{"version":3,"file":"AssessmentOrchestrator.d.ts","sourceRoot":"","sources":["../../../src/services/assessment/AssessmentOrchestrator.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EACL,sBAAsB,EACtB,uBAAuB,EAEvB,kBAAkB,EAClB,gBAAgB,EAChB,UAAU,EACX,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EACL,IAAI,EACJ,2BAA2B,EAC5B,MAAM,oCAAoC,CAAC;AAoC5C,OAAO,EACL,gBAAgB,EAChB,sBAAsB,EAEvB,MAAM,wBAAwB,CAAC;AAehC;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,SAAS,CAAC,EAAE,KAAK,CAAC;QAChB,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,QAAQ,CAAC,EAAE,OAAO,CAAC;KACpB,CAAC,CAAC;CACJ;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,KAAK,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IAClC,SAAS,CAAC,EAAE;QAAE,SAAS,CAAC,EAAE,OAAO,CAAC;QAAC,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IAC3D,OAAO,CAAC,EAAE;QAAE,WAAW,CAAC,EAAE,OAAO,CAAA;KAAE,CAAC;IACpC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAClC,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACxC;AAED,MAAM,WAAW,iBAAiB;IAChC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,IAAI,EAAE,CAAC;IACd,QAAQ,EAAE,CACR,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,OAAO,CAAC,2BAA2B,CAAC,CAAC;IAC1C,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,aAAa,CAAC,EAAE,OAAO,CAAC;IACxB,MAAM,EAAE,uBAAuB,CAAC;IAChC,UAAU,CAAC,EAAE,UAAU,CAAC;IAIxB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,eAAe,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAGtC,YAAY,CAAC,EAAE,kBAAkB,CAAC;IAClC,WAAW,CAAC,EAAE,MAAM,CAAC;IAIrB,UAAU,CAAC,EAAE,gBAAgB,CAAC;IAG9B,SAAS,CAAC,EAAE,WAAW,EAAE,CAAC;IAC1B,iBAAiB,CAAC,EAAE,mBAAmB,EAAE,CAAC;IAC1C,OAAO,CAAC,EAAE,SAAS,EAAE,CAAC;IACtB,kBAAkB,CAAC,EAAE,qBAAqB,CAAC;IAG3C,YAAY,CAAC,EAAE,CAAC,GAAG,EAAE,MAAM,KAAK,OAAO,CAAC,MAAM,CAAC,CAAC;IAChD,SAAS,CAAC,EAAE,CACV,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,KACzB,OAAO,CAAC;QAAE,QAAQ,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,CAAC,CAAA;KAAE,CAAC,CAAC;IAGrE,eAAe,CAAC,EAAE;QAChB,IAAI,EAAE,OAAO,GAAG,KAAK,GAAG,iBAAiB,CAAC;QAC1C,GAAG,CAAC,EAAE,MAAM,CAAC;QACb,OAAO,CAAC,EAAE,OAAO,CAAC;QAClB,YAAY,CAAC,EAAE,OAAO,CAAC;KACxB,CAAC;IAIF,SAAS,CAAC,EAAE,MAAM,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;CACnC;AAED,qBAAa,sBAAsB;IACjC,OAAO,CAAC,MAAM,CAA0B;IACxC,OAAO,CAAC,MAAM,CAAS;IACvB,OAAO,CAAC,SAAS,CAAa;IAC9B,OAAO,CAAC,aAAa,CAAa;IAGlC,OAAO,CAAC,YAAY,CAAC,CAAmB;IACxC,OAAO,CAAC,aAAa,CAAkB;IAGvC,OAAO,CAAC,qBAAqB,CAAC,CAAwB;IACtD,OAAO,CAAC,gBAAgB,CAAC,CAAmB;IAC5C,OAAO,CAAC,qBAAqB,CAAC,CAAwB;IACtD,OAAO,CAAC,qBAAqB,CAAC,CAAwB;IACtD,OAAO,CAAC,iBAAiB,CAAC,CAAoB;IAG9C,OAAO,CAAC,0BAA0B,CAAC,CAA6B;IAGhE,OAAO,CAAC,qBAAqB,CAAC,CAAwB;IACtD,OAAO,CAAC,sBAAsB,CAAC,CAAyB;IACxD,OAAO,CAAC,2BAA2B,CAAC,CAA8B;IAClE,OAAO,CAAC,0BAA0B,CAAC,CAA6B;IAChE,OAAO,CAAC,mBAAmB,CAAC,CAAsB;IAClD,OAAO,CAAC,0BAA0B,CAAC,CAA6B;IAChE,OAAO,CAAC,gBAAgB,CAAC,CAAmB;IAC5C,OAAO,CAAC,sBAAsB,CAAC,CAAyB;IAGxD,OAAO,CAAC,gBAAgB,CAAC,CAAmB;IAC5C,OAAO,CAAC,cAAc,CAAC,CAAiB;IACxC,OAAO,CAAC,uBAAuB,CAAC,CAAkC;gBAItD,MAAM,GAAE,OAAO,CAAC,uBAAuB,CAAM;IA2IzD;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAQ9B;;;OAGG;IACH,OAAO,CAAC,sBAAsB;IAe9B;;;OAGG;IACH,gBAAgB,CAAC,MAAM,CAAC,EAAE,OAAO,CAAC,sBAAsB,CAAC,GAAG,IAAI;IAwBhE;;OAEG;IACH,eAAe,IAAI,OAAO;IAI1B;;OAEG;IACH,eAAe,IAAI,gBAAgB,GAAG,SAAS;IAI/C;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAwC1B;;OAEG;IACG,iBAAiB,CACrB,OAAO,EAAE,iBAAiB,GACzB,OAAO,CAAC,sBAAsB,CAAC;IAojBlC;;OAEG;IACG,MAAM,CACV,UAAU,EAAE,MAAM,EAClB,KAAK,EAAE,IAAI,EAAE,EACb,QAAQ,EAAE,CACR,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAC5B,OAAO,CAAC,2BAA2B,CAAC,EACzC,UAAU,CAAC,EAAE,UAAU,EACvB,aAAa,CAAC,EAAE,MAAM,EACtB,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACpC,OAAO,CAAC,sBAAsB,CAAC;IAclC,OAAO,CAAC,qBAAqB;IA8E7B;;OAEG;IACH,SAAS,IAAI,uBAAuB;IAIpC;;OAEG;IACH,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,uBAAuB,CAAC,GAAG,IAAI;CAG7D"}
|
|
@@ -19,6 +19,7 @@ import { ManifestValidationAssessor } from "./modules/ManifestValidationAssessor
|
|
|
19
19
|
import { PortabilityAssessor } from "./modules/PortabilityAssessor.js";
|
|
20
20
|
import { ExternalAPIScannerAssessor } from "./modules/ExternalAPIScannerAssessor.js";
|
|
21
21
|
import { TemporalAssessor } from "./modules/TemporalAssessor.js";
|
|
22
|
+
import { AuthenticationAssessor } from "./modules/AuthenticationAssessor.js";
|
|
22
23
|
// New capability assessors
|
|
23
24
|
import { ResourceAssessor } from "./modules/ResourceAssessor.js";
|
|
24
25
|
import { PromptAssessor } from "./modules/PromptAssessor.js";
|
|
@@ -57,6 +58,7 @@ export class AssessmentOrchestrator {
|
|
|
57
58
|
portabilityAssessor;
|
|
58
59
|
externalAPIScannerAssessor;
|
|
59
60
|
temporalAssessor;
|
|
61
|
+
authenticationAssessor;
|
|
60
62
|
// New capability assessors
|
|
61
63
|
resourceAssessor;
|
|
62
64
|
promptAssessor;
|
|
@@ -144,6 +146,9 @@ export class AssessmentOrchestrator {
|
|
|
144
146
|
if (this.config.assessmentCategories?.temporal) {
|
|
145
147
|
this.temporalAssessor = new TemporalAssessor(this.config);
|
|
146
148
|
}
|
|
149
|
+
if (this.config.assessmentCategories?.authentication) {
|
|
150
|
+
this.authenticationAssessor = new AuthenticationAssessor(this.config);
|
|
151
|
+
}
|
|
147
152
|
// Initialize new capability assessors
|
|
148
153
|
if (this.config.assessmentCategories?.resources) {
|
|
149
154
|
this.resourceAssessor = new ResourceAssessor(this.config);
|
|
@@ -258,6 +263,9 @@ export class AssessmentOrchestrator {
|
|
|
258
263
|
if (this.portabilityAssessor) {
|
|
259
264
|
this.portabilityAssessor.resetTestCount();
|
|
260
265
|
}
|
|
266
|
+
if (this.authenticationAssessor) {
|
|
267
|
+
this.authenticationAssessor.resetTestCount();
|
|
268
|
+
}
|
|
261
269
|
// Reset new capability assessors
|
|
262
270
|
if (this.resourceAssessor) {
|
|
263
271
|
this.resourceAssessor.resetTestCount();
|
|
@@ -379,6 +387,14 @@ export class AssessmentOrchestrator {
|
|
|
379
387
|
return (assessmentResults.externalAPIScanner = r);
|
|
380
388
|
}));
|
|
381
389
|
}
|
|
390
|
+
if (this.authenticationAssessor) {
|
|
391
|
+
const sourceFileCount = context.sourceCodeFiles?.size || 0;
|
|
392
|
+
emitModuleStartedEvent("Authentication", sourceFileCount, sourceFileCount);
|
|
393
|
+
assessmentPromises.push(this.authenticationAssessor.assess(context).then((r) => {
|
|
394
|
+
emitModuleProgress("Authentication", r.status, r, this.authenticationAssessor.getTestCount());
|
|
395
|
+
return (assessmentResults.authentication = r);
|
|
396
|
+
}));
|
|
397
|
+
}
|
|
382
398
|
// NOTE: Temporal runs in PHASE 0 above, not in parallel with other modules
|
|
383
399
|
// New capability assessors
|
|
384
400
|
if (this.resourceAssessor) {
|
|
@@ -495,6 +511,13 @@ export class AssessmentOrchestrator {
|
|
|
495
511
|
await this.externalAPIScannerAssessor.assess(context);
|
|
496
512
|
emitModuleProgress("External APIs", assessmentResults.externalAPIScanner.status, assessmentResults.externalAPIScanner, this.externalAPIScannerAssessor.getTestCount());
|
|
497
513
|
}
|
|
514
|
+
if (this.authenticationAssessor) {
|
|
515
|
+
const sourceFileCount = context.sourceCodeFiles?.size || 0;
|
|
516
|
+
emitModuleStartedEvent("Authentication", sourceFileCount, sourceFileCount);
|
|
517
|
+
assessmentResults.authentication =
|
|
518
|
+
await this.authenticationAssessor.assess(context);
|
|
519
|
+
emitModuleProgress("Authentication", assessmentResults.authentication.status, assessmentResults.authentication, this.authenticationAssessor.getTestCount());
|
|
520
|
+
}
|
|
498
521
|
// New capability assessors (sequential)
|
|
499
522
|
if (this.resourceAssessor) {
|
|
500
523
|
const resourceCount = (context.resources?.length || 0) +
|
|
@@ -589,6 +612,7 @@ export class AssessmentOrchestrator {
|
|
|
589
612
|
const librariesCount = this.prohibitedLibrariesAssessor?.getTestCount() || 0;
|
|
590
613
|
const manifestCount = this.manifestValidationAssessor?.getTestCount() || 0;
|
|
591
614
|
const portabilityCount = this.portabilityAssessor?.getTestCount() || 0;
|
|
615
|
+
const authenticationCount = this.authenticationAssessor?.getTestCount() || 0;
|
|
592
616
|
const externalAPICount = this.externalAPIScannerAssessor?.getTestCount() || 0;
|
|
593
617
|
const temporalCount = this.temporalAssessor?.getTestCount() || 0;
|
|
594
618
|
// New capability assessor counts
|
|
@@ -608,6 +632,7 @@ export class AssessmentOrchestrator {
|
|
|
608
632
|
prohibitedLibraries: librariesCount,
|
|
609
633
|
manifestValidation: manifestCount,
|
|
610
634
|
portability: portabilityCount,
|
|
635
|
+
authentication: authenticationCount,
|
|
611
636
|
externalAPIScanner: externalAPICount,
|
|
612
637
|
temporal: temporalCount,
|
|
613
638
|
resources: resourcesCount,
|
|
@@ -627,6 +652,7 @@ export class AssessmentOrchestrator {
|
|
|
627
652
|
librariesCount +
|
|
628
653
|
manifestCount +
|
|
629
654
|
portabilityCount +
|
|
655
|
+
authenticationCount +
|
|
630
656
|
externalAPICount +
|
|
631
657
|
temporalCount +
|
|
632
658
|
resourcesCount +
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"AuthenticationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/AuthenticationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAIV,wBAAwB,EAMzB,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"AuthenticationAssessor.d.ts","sourceRoot":"","sources":["../../../../src/services/assessment/modules/AuthenticationAssessor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,KAAK,EAIV,wBAAwB,EAMzB,MAAM,uBAAuB,CAAC;AAmQ/B,qBAAa,sBAAuB,SAAQ,YAAY;IACtD;;OAEG;IACG,MAAM,CAAC,OAAO,EAAE,iBAAiB,GAAG,OAAO,CAAC,wBAAwB,CAAC;IAsJ3E;;OAEG;IACH,OAAO,CAAC,wBAAwB;IA6FhC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IA+BxB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAa3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA2D/B;;OAEG;IACH,OAAO,CAAC,sBAAsB;IAyB9B;;OAEG;IACH,OAAO,CAAC,cAAc;IActB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAmB3B;;OAEG;IACH,OAAO,CAAC,uBAAuB;IA0C/B;;;;;;;;OAQG;IACH,OAAO,CAAC,wBAAwB;IAuRhC;;OAEG;IACH,OAAO,CAAC,mBAAmB;CAW5B"}
|
|
@@ -102,6 +102,69 @@ const FAIL_OPEN_PATTERNS = [
|
|
|
102
102
|
name: "PYTHON_GETENV_DEFAULT",
|
|
103
103
|
},
|
|
104
104
|
];
|
|
105
|
+
// ============================================================================
|
|
106
|
+
// Issue #77: Fail-Open Logic Patterns
|
|
107
|
+
// Detects logic flaws where errors/exceptions lead to access being granted
|
|
108
|
+
// These are distinct from env var fallbacks - they're code logic issues
|
|
109
|
+
// ============================================================================
|
|
110
|
+
const FAIL_OPEN_LOGIC_PATTERNS = [
|
|
111
|
+
// Pattern 1: Response contains "bypassed" auth status
|
|
112
|
+
{
|
|
113
|
+
pattern: /["']auth_status["']\s*:\s*["']bypass/gi,
|
|
114
|
+
name: "BYPASS_STATUS_RESPONSE",
|
|
115
|
+
severity: "HIGH",
|
|
116
|
+
message: "Response indicates authentication was bypassed",
|
|
117
|
+
},
|
|
118
|
+
// Pattern 2: Access granted despite error/failure
|
|
119
|
+
{
|
|
120
|
+
pattern: /access.*granted.*despite|despite.*(?:error|fail).*grant/gi,
|
|
121
|
+
name: "ACCESS_DESPITE_ERROR",
|
|
122
|
+
severity: "HIGH",
|
|
123
|
+
message: "Access granted despite authentication error",
|
|
124
|
+
},
|
|
125
|
+
// Pattern 3: Fail-open comments/keywords (intentional or documentation)
|
|
126
|
+
{
|
|
127
|
+
pattern: /fail[\s_-]?open/gi,
|
|
128
|
+
name: "FAIL_OPEN_KEYWORD",
|
|
129
|
+
severity: "HIGH",
|
|
130
|
+
message: "Fail-open pattern explicitly mentioned in code",
|
|
131
|
+
},
|
|
132
|
+
// Pattern 4: Python except block that returns success/grants access
|
|
133
|
+
{
|
|
134
|
+
pattern: /except\s*(?:[A-Za-z]*Error|Exception)?[^:]*:[\s\S]{0,50}(?:return\s*(?:True|{[^}]*success|{[^}]*grant)|authenticated\s*=\s*True)/gi,
|
|
135
|
+
name: "EXCEPT_GRANTS_ACCESS",
|
|
136
|
+
severity: "HIGH",
|
|
137
|
+
message: "Exception handler grants access instead of denying",
|
|
138
|
+
},
|
|
139
|
+
// Pattern 5: If error then grant pattern
|
|
140
|
+
{
|
|
141
|
+
pattern: /if\s+(?:auth_)?error[^:]*:[\s\S]{0,100}(?:return\s*{[^}]*executed|grant|allow|success)/gi,
|
|
142
|
+
name: "ERROR_GRANTS_ACCESS",
|
|
143
|
+
severity: "HIGH",
|
|
144
|
+
message: "Error condition leads to access being granted",
|
|
145
|
+
},
|
|
146
|
+
// Pattern 6: CVE reference for auth bypass
|
|
147
|
+
{
|
|
148
|
+
pattern: /CVE[-_]?\d{4}[-_]?\d+.*(?:auth|bypass)|(?:auth|bypass).*CVE[-_]?\d{4}[-_]?\d+/gi,
|
|
149
|
+
name: "CVE_AUTH_BYPASS",
|
|
150
|
+
severity: "HIGH",
|
|
151
|
+
message: "CVE reference related to authentication bypass",
|
|
152
|
+
},
|
|
153
|
+
// Pattern 7: Vulnerable flag with auth context
|
|
154
|
+
{
|
|
155
|
+
pattern: /["']vulnerable["']\s*:\s*(?:true|True)/gi,
|
|
156
|
+
name: "VULNERABLE_FLAG",
|
|
157
|
+
severity: "MEDIUM",
|
|
158
|
+
message: "Code contains vulnerable flag set to true",
|
|
159
|
+
},
|
|
160
|
+
// Pattern 8: Authentication bypassed evidence in responses
|
|
161
|
+
{
|
|
162
|
+
pattern: /authentication.*bypassed|bypassed.*authentication/gi,
|
|
163
|
+
name: "AUTH_BYPASSED_EVIDENCE",
|
|
164
|
+
severity: "HIGH",
|
|
165
|
+
message: "Evidence of authentication being bypassed",
|
|
166
|
+
},
|
|
167
|
+
];
|
|
105
168
|
// Patterns that indicate dev mode weakening security
|
|
106
169
|
// Warning 2 fix: Added word boundaries and assignment context to reduce false positives
|
|
107
170
|
const DEV_MODE_PATTERNS = [
|
|
@@ -520,6 +583,7 @@ export class AuthenticationAssessor extends BaseAssessor {
|
|
|
520
583
|
totalFindings: 0,
|
|
521
584
|
envDependentAuthCount: 0,
|
|
522
585
|
failOpenPatternCount: 0,
|
|
586
|
+
failOpenLogicCount: 0,
|
|
523
587
|
devModeWarningCount: 0,
|
|
524
588
|
hardcodedSecretCount: 0,
|
|
525
589
|
findings: [],
|
|
@@ -589,6 +653,34 @@ export class AuthenticationAssessor extends BaseAssessor {
|
|
|
589
653
|
});
|
|
590
654
|
}
|
|
591
655
|
}
|
|
656
|
+
// 2b. Issue #77: Detect fail-open logic patterns (error handling that grants access)
|
|
657
|
+
for (const { pattern, name, severity, message, } of FAIL_OPEN_LOGIC_PATTERNS) {
|
|
658
|
+
// Issue #65: Skip if we've hit the cap for this type
|
|
659
|
+
if (countByType("FAIL_OPEN_LOGIC") >= MAX_FINDINGS)
|
|
660
|
+
break;
|
|
661
|
+
// Reset lastIndex for global patterns
|
|
662
|
+
pattern.lastIndex = 0;
|
|
663
|
+
let match;
|
|
664
|
+
while ((match = pattern.exec(content)) !== null) {
|
|
665
|
+
// Issue #65: Check cap before adding
|
|
666
|
+
if (countByType("FAIL_OPEN_LOGIC") >= MAX_FINDINGS)
|
|
667
|
+
break;
|
|
668
|
+
// Find line number
|
|
669
|
+
const beforeMatch = content.substring(0, match.index);
|
|
670
|
+
const lineNumber = beforeMatch.split("\n").length;
|
|
671
|
+
const lineContent = lines[lineNumber - 1]?.trim() || match[0];
|
|
672
|
+
findings.push({
|
|
673
|
+
type: "FAIL_OPEN_LOGIC",
|
|
674
|
+
severity,
|
|
675
|
+
message: `${message} (${name} pattern)`,
|
|
676
|
+
evidence: lineContent,
|
|
677
|
+
file: filePath,
|
|
678
|
+
lineNumber,
|
|
679
|
+
recommendation: `Fix fail-open logic: authentication errors must deny access, not grant it. Implement fail-closed pattern.`,
|
|
680
|
+
context: getContext(lineNumber - 1), // Issue #66: Add context
|
|
681
|
+
});
|
|
682
|
+
}
|
|
683
|
+
}
|
|
592
684
|
// 3. Detect dev mode patterns that weaken security
|
|
593
685
|
for (const { pattern, severity } of DEV_MODE_PATTERNS) {
|
|
594
686
|
// Issue #65: Skip if we've hit the cap for this type
|
|
@@ -693,6 +785,7 @@ export class AuthenticationAssessor extends BaseAssessor {
|
|
|
693
785
|
// Count by type
|
|
694
786
|
const envDependentAuthCount = uniqueFindings.filter((f) => f.type === "ENV_DEPENDENT_AUTH").length;
|
|
695
787
|
const failOpenPatternCount = uniqueFindings.filter((f) => f.type === "FAIL_OPEN_PATTERN").length;
|
|
788
|
+
const failOpenLogicCount = uniqueFindings.filter((f) => f.type === "FAIL_OPEN_LOGIC").length;
|
|
696
789
|
const devModeWarningCount = uniqueFindings.filter((f) => f.type === "DEV_MODE_WARNING").length;
|
|
697
790
|
const hardcodedSecretCount = uniqueFindings.filter((f) => f.type === "HARDCODED_SECRET").length;
|
|
698
791
|
const hasHighSeverity = uniqueFindings.some((f) => f.severity === "HIGH");
|
|
@@ -700,6 +793,7 @@ export class AuthenticationAssessor extends BaseAssessor {
|
|
|
700
793
|
totalFindings: uniqueFindings.length,
|
|
701
794
|
envDependentAuthCount,
|
|
702
795
|
failOpenPatternCount,
|
|
796
|
+
failOpenLogicCount,
|
|
703
797
|
devModeWarningCount,
|
|
704
798
|
hardcodedSecretCount,
|
|
705
799
|
findings: uniqueFindings,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityPayloadGenerator.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPayloadGenerator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAIzD;;GAEG;AACH,qBAAa,wBAAwB;IACnC,OAAO,CAAC,iBAAiB,CAAuC;IAEhE;;OAEG;IACH,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAUvC;;OAEG;IACH,oBAAoB,CAClB,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"SecurityPayloadGenerator.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPayloadGenerator.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAIzD;;GAEG;AACH,qBAAa,wBAAwB;IACnC,OAAO,CAAC,iBAAiB,CAAuC;IAEhE;;OAEG;IACH,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAUvC;;OAEG;IACH,oBAAoB,CAClB,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC;IA+H1B;;OAEG;IACH,YAAY,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IASjC;;;OAGG;IACH,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO;CAQ7C"}
|
|
@@ -71,6 +71,29 @@ export class SecurityPayloadGenerator {
|
|
|
71
71
|
}
|
|
72
72
|
}
|
|
73
73
|
}
|
|
74
|
+
// Special handling for auth_failure payloads (Issue #79)
|
|
75
|
+
// These target simulate_failure parameters to test fail-open behavior
|
|
76
|
+
if (!payloadInjected && payload.payloadType === "auth_failure") {
|
|
77
|
+
const authFailureParams = [
|
|
78
|
+
"simulate_failure",
|
|
79
|
+
"failure_mode",
|
|
80
|
+
"failure_type",
|
|
81
|
+
];
|
|
82
|
+
for (const [key, prop] of Object.entries(schema.properties)) {
|
|
83
|
+
const propSchema = prop;
|
|
84
|
+
if (propSchema.type === "string") {
|
|
85
|
+
for (const failParam of authFailureParams) {
|
|
86
|
+
if (key.toLowerCase().includes(failParam.toLowerCase())) {
|
|
87
|
+
params[key] = payload.payload;
|
|
88
|
+
payloadInjected = true;
|
|
89
|
+
break;
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
if (payloadInjected)
|
|
93
|
+
break;
|
|
94
|
+
}
|
|
95
|
+
}
|
|
96
|
+
}
|
|
74
97
|
// Fall back to generic payload - inject into first string parameter
|
|
75
98
|
if (!payloadInjected) {
|
|
76
99
|
for (const [key, prop] of Object.entries(schema.properties)) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityResponseAnalyzer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityResponseAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,2BAA2B,EAC3B,IAAI,EACL,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AAE1E;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,OAAO,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,WAAW,GAAG,aAAa,GAAG,SAAS,CAAC;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEvE;;;GAGG;AACH,qBAAa,wBAAwB;IACnC;;;;;;OAMG;IACH,eAAe,CACb,QAAQ,EAAE,2BAA2B,EACrC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,cAAc;IAqBjB;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IA2B/B;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAkF7B;;;OAGG;IACH,OAAO,CAAC,0BAA0B;IAuClC;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IA2DrE;;OAEG;IACH,oBAAoB,CAClB,SAAS,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,EACvD,YAAY,EAAE,MAAM,GACnB,OAAO;IA6BV;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAiBlD;;OAEG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;IAqBrD;;OAEG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IA6BnD;;OAEG;IACH,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAiFpE;;;;;;;OAOG;IACH,qCAAqC,CACnC,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,MAAM,GACnB,OAAO;IAwFV;;;;;;;OAOG;IACH,yBAAyB,CACvB,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EACpB,IAAI,CAAC,EAAE,IAAI,GACV,kBAAkB;IAoMrB;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IA4CjE;;OAEG;IACH,8BAA8B,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO;IA8CvD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,2BAA2B,GAAG,mBAAmB;IA0BzE;;OAEG;IACH,0BAA0B,CAAC,KAAK,EAAE,OAAO,GAAG,mBAAmB;IA2B/D;;;OAGG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IA+KnD;;OAEG;IACH,wBAAwB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAuCvD;;OAEG;IACH,8BAA8B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAgB7D;;OAEG;IACH,wBAAwB,CACtB,QAAQ,EAAE,2BAA2B,EACrC,QAAQ,EAAE,MAAM,GACf,cAAc;IAyBjB;;;;;;;;;;OAUG;IACH,mBAAmB,CACjB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,OAAO,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,eAAe,EACxB,kBAAkB,CAAC,EAAE,2BAA2B,GAC/C,gBAAgB;IA4JnB;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO;IAmBxE;;OAEG;IACH,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAiBrD;;;;;;OAMG;IACH,yBAAyB,CACvB,QAAQ,EAAE,2BAA2B,GACpC,gBAAgB;
|
|
1
|
+
{"version":3,"file":"SecurityResponseAnalyzer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityResponseAnalyzer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EACL,2BAA2B,EAC3B,IAAI,EACL,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAEzD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AAE1E;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,OAAO,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,UAAU,EAAE,OAAO,CAAC;IACpB,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,MAAM,CAAC,EAAE,MAAM,CAAC;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,EAAE,OAAO,CAAC;IAClB,WAAW,EAAE,WAAW,GAAG,aAAa,GAAG,SAAS,CAAC;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAAG,YAAY,GAAG,QAAQ,GAAG,UAAU,CAAC;AAEvE;;;GAGG;AACH,qBAAa,wBAAwB;IACnC;;;;;;OAMG;IACH,eAAe,CACb,QAAQ,EAAE,2BAA2B,EACrC,OAAO,EAAE,eAAe,EACxB,IAAI,EAAE,IAAI,GACT,cAAc;IAqBjB;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IA2B/B;;;OAGG;IACH,OAAO,CAAC,qBAAqB;IAkF7B;;;OAGG;IACH,OAAO,CAAC,0BAA0B;IAuClC;;OAEG;IACH,qBAAqB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IA2DrE;;OAEG;IACH,oBAAoB,CAClB,SAAS,EAAE;QAAE,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;QAAC,OAAO,CAAC,EAAE,MAAM,CAAA;KAAE,EACvD,YAAY,EAAE,MAAM,GACnB,OAAO;IA6BV;;OAEG;IACH,mBAAmB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAiBlD;;OAEG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;IAqBrD;;OAEG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IA6BnD;;OAEG;IACH,oBAAoB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IAiFpE;;;;;;;OAOG;IACH,qCAAqC,CACnC,MAAM,EAAE,MAAM,EACd,YAAY,EAAE,MAAM,GACnB,OAAO;IAwFV;;;;;;;OAOG;IACH,yBAAyB,CACvB,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,EACpB,IAAI,CAAC,EAAE,IAAI,GACV,kBAAkB;IAoMrB;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,OAAO;IA4CjE;;OAEG;IACH,8BAA8B,CAAC,KAAK,EAAE,OAAO,GAAG,OAAO;IA8CvD;;OAEG;IACH,aAAa,CAAC,QAAQ,EAAE,2BAA2B,GAAG,mBAAmB;IA0BzE;;OAEG;IACH,0BAA0B,CAAC,KAAK,EAAE,OAAO,GAAG,mBAAmB;IA2B/D;;;OAGG;IACH,oBAAoB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IA+KnD;;OAEG;IACH,wBAAwB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAuCvD;;OAEG;IACH,8BAA8B,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAgB7D;;OAEG;IACH,wBAAwB,CACtB,QAAQ,EAAE,2BAA2B,EACrC,QAAQ,EAAE,MAAM,GACf,cAAc;IAyBjB;;;;;;;;;;OAUG;IACH,mBAAmB,CACjB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,OAAO,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,eAAe,EACxB,kBAAkB,CAAC,EAAE,2BAA2B,GAC/C,gBAAgB;IA4JnB;;OAEG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO;IAmBxE;;OAEG;IACH,sBAAsB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAiBrD;;;;;;OAMG;IACH,yBAAyB,CACvB,QAAQ,EAAE,2BAA2B,GACpC,gBAAgB;IAsGnB;;OAEG;IACH,kBAAkB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO;IAoBjD;;OAEG;IACH,sBAAsB,CAAC,QAAQ,EAAE,2BAA2B,GAAG,MAAM;IAWrE;;OAEG;IACH,OAAO,CAAC,gBAAgB;CAwBzB"}
|
|
@@ -1159,6 +1159,11 @@ export class SecurityResponseAnalyzer {
|
|
|
1159
1159
|
const responseText = this.extractResponseContent(response);
|
|
1160
1160
|
// Fail-open indicators (VULNERABLE - CVE-2025-52882 pattern)
|
|
1161
1161
|
const failOpenPatterns = [
|
|
1162
|
+
// Most specific - testbed auth_type pattern (Issue #79)
|
|
1163
|
+
{
|
|
1164
|
+
pattern: /"auth_type"\s*:\s*"fail-open"/i,
|
|
1165
|
+
evidence: "auth_type: fail-open (CVE-2025-52882)",
|
|
1166
|
+
},
|
|
1162
1167
|
{
|
|
1163
1168
|
pattern: /"auth_status"\s*:\s*"bypassed"/i,
|
|
1164
1169
|
evidence: "auth_status: bypassed",
|
|
@@ -1177,9 +1182,11 @@ export class SecurityResponseAnalyzer {
|
|
|
1177
1182
|
pattern: /authentication.*bypassed/i,
|
|
1178
1183
|
evidence: "authentication bypassed",
|
|
1179
1184
|
},
|
|
1185
|
+
// Issue #79: Only detect "vulnerable": true when combined with auth context
|
|
1186
|
+
// Prevents false positives on data leak tools that have secure fail-closed auth
|
|
1180
1187
|
{
|
|
1181
|
-
pattern: /"vulnerable"\s*:\s*true/i,
|
|
1182
|
-
evidence: "vulnerable
|
|
1188
|
+
pattern: /"vulnerable"\s*:\s*true[^}]*(?:"auth_status"|"auth_type"|"auth_error")|(?:"auth_status"|"auth_type"|"auth_error")[^}]*"vulnerable"\s*:\s*true/i,
|
|
1189
|
+
evidence: "vulnerable flag with auth context",
|
|
1183
1190
|
},
|
|
1184
1191
|
{
|
|
1185
1192
|
pattern: /auth.*succeeded.*null/i,
|
|
@@ -1196,6 +1203,11 @@ export class SecurityResponseAnalyzer {
|
|
|
1196
1203
|
];
|
|
1197
1204
|
// Fail-closed indicators (SAFE - proper auth handling)
|
|
1198
1205
|
const failClosedPatterns = [
|
|
1206
|
+
// Most specific - testbed auth_type pattern (Issue #79)
|
|
1207
|
+
{
|
|
1208
|
+
pattern: /"auth_type"\s*:\s*"fail-closed"/i,
|
|
1209
|
+
evidence: "auth_type: fail-closed (secure)",
|
|
1210
|
+
},
|
|
1199
1211
|
{
|
|
1200
1212
|
pattern: /"auth_status"\s*:\s*"denied"/i,
|
|
1201
1213
|
evidence: "auth_status: denied",
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@bryan-thompson/inspector-assessment-client",
|
|
3
|
-
"version": "1.26.
|
|
3
|
+
"version": "1.26.5",
|
|
4
4
|
"description": "Client-side application for the Enhanced MCP Inspector with assessment capabilities",
|
|
5
5
|
"license": "MIT",
|
|
6
6
|
"author": "Bryan Thompson <bryan@triepod.ai>",
|