@bryan-thompson/inspector-assessment-client 1.35.1 → 1.35.3

package/lib/services/assessment/modules/ManifestValidationAssessor.js

@@ -14,7 +14,137 @@ import { BaseAssessor } from "./BaseAssessor.js";
 const REQUIRED_FIELDS = ["name", "version", "mcp_config"];
 const RECOMMENDED_FIELDS = ["description", "author", "repository"];
 const CURRENT_MANIFEST_VERSION = "0.3";
+const SEMVER_PATTERN = /^\d+\.\d+\.\d+(-[a-zA-Z0-9.-]+)?(\+[a-zA-Z0-9.-]+)?$/;
+/**
+ * Calculate Levenshtein distance between two strings
+ * Uses space-optimized two-row algorithm for O(min(n,m)) memory
+ * Used for "did you mean?" suggestions on mismatched tool names (Issue #140)
+ * Exported for testing (Issue #141 - ISSUE-002)
+ */
+export function levenshteinDistance(a, b, maxDist) {
+    // Early termination optimizations
+    if (a === b)
+        return 0;
+    if (a.length === 0)
+        return b.length;
+    if (b.length === 0)
+        return a.length;
+    // If length difference exceeds max distance, no need to compute
+    if (maxDist && Math.abs(a.length - b.length) > maxDist) {
+        return maxDist + 1;
+    }
+    // Ensure a is the shorter string (optimize space)
+    if (a.length > b.length) {
+        [a, b] = [b, a];
+    }
+    // Two-row algorithm: only keep previous and current row
+    let prev = Array.from({ length: a.length + 1 }, (_, i) => i);
+    let curr = new Array(a.length + 1);
+    for (let i = 1; i <= b.length; i++) {
+        curr[0] = i;
+        for (let j = 1; j <= a.length; j++) {
+            if (b.charAt(i - 1) === a.charAt(j - 1)) {
+                curr[j] = prev[j - 1];
+            }
+            else {
+                curr[j] = Math.min(prev[j - 1] + 1, // substitution
+                curr[j - 1] + 1, // insertion
+                prev[j] + 1);
+            }
+        }
+        // Swap rows
+        [prev, curr] = [curr, prev];
+    }
+    return prev[a.length];
+}
+/**
+ * Find closest matching tool name from a set
+ * Returns match if distance <= threshold (default: 10 chars or 40% of length)
+ * Generous threshold to catch common renames like "data" -> "resources"
+ */
+function findClosestMatch(name, candidates, threshold) {
+    const maxDist = threshold ?? Math.max(10, Math.floor(name.length * 0.4));
+    let closest = null;
+    let minDist = Infinity;
+    for (const candidate of candidates) {
+        const dist = levenshteinDistance(name.toLowerCase(), candidate.toLowerCase(), maxDist);
+        if (dist < minDist && dist <= maxDist) {
+            minDist = dist;
+            closest = candidate;
+        }
+    }
+    return closest;
+}
 export class ManifestValidationAssessor extends BaseAssessor {
+    /**
+     * Get mcp_config from manifest (supports both root and nested v0.3 format)
+     * Issue #138: Manifest v0.3 places mcp_config under server object
+     *
+     * @param manifest - The parsed manifest JSON
+     * @returns The mcp_config object or undefined if not found in either location
+     */
+    getMcpConfig(manifest) {
+        // Check root level first (legacy format)
+        if (manifest.mcp_config) {
+            return manifest.mcp_config;
+        }
+        // Check nested under server (v0.3 format)
+        if (manifest.server?.mcp_config) {
+            return manifest.server.mcp_config;
+        }
+        return undefined;
+    }
+    /**
+     * Extract contact information from manifest (Issue #141 - D4 check)
+     * Supports: author object, author string (email parsing), repository fallback
+     *
+     * @param manifest - The parsed manifest JSON
+     * @returns Extracted contact info or undefined if no contact info found
+     */
+    extractContactInfo(manifest) {
+        // 1. Check author object format (npm-style)
+        if (typeof manifest.author === "object" && manifest.author !== null) {
+            const authorObj = manifest.author;
+            return {
+                email: authorObj.email,
+                url: authorObj.url,
+                name: authorObj.name,
+                source: "author_object",
+            };
+        }
+        // 2. Check author string (may contain email: "Name <email@example.com>")
+        if (typeof manifest.author === "string" && manifest.author.trim()) {
+            const emailMatch = manifest.author.match(/<([a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,})>/);
+            return {
+                name: manifest.author.replace(/<[^>]+>/, "").trim() || undefined,
+                email: emailMatch?.[1],
+                source: "author_string",
+            };
+        }
+        // 3. Fallback to repository (provides contact via issues)
+        if (manifest.repository) {
+            return {
+                url: manifest.repository,
+                source: "repository",
+            };
+        }
+        return undefined;
+    }
+    /**
+     * Extract version information from manifest (Issue #141 - D5 check)
+     *
+     * @param manifest - The parsed manifest JSON
+     * @returns Extracted version info or undefined if no version found
+     */
+    extractVersionInfo(manifest) {
+        if (!manifest.version)
+            return undefined;
+        return {
+            version: manifest.version,
+            valid: true,
+            semverCompliant: SEMVER_PATTERN.test(manifest.version),
+        };
+    }
     /**
      * Run manifest validation assessment
      */
@@ -58,11 +188,35 @@ export class ManifestValidationAssessor extends BaseAssessor {
         // Validate required fields
         for (const field of REQUIRED_FIELDS) {
             this.testCount++;
-            const result = this.validateRequiredField(manifest, field);
-            validationResults.push(result);
-            if (!result.valid) {
-                hasRequiredFields = false;
-                missingFields.push(field);
+            // Special handling for mcp_config - can be nested under server (Issue #138)
+            if (field === "mcp_config") {
+                const mcpConfig = this.getMcpConfig(manifest);
+                if (!mcpConfig) {
+                    validationResults.push({
+                        field: "mcp_config",
+                        valid: false,
+                        issue: "Missing required field: mcp_config (checked root and server.mcp_config)",
+                        severity: "ERROR",
+                    });
+                    hasRequiredFields = false;
+                    missingFields.push(field);
+                }
+                else {
+                    validationResults.push({
+                        field: "mcp_config",
+                        valid: true,
+                        value: mcpConfig,
+                        severity: "INFO",
+                    });
+                }
+            }
+            else {
+                const result = this.validateRequiredField(manifest, field);
+                validationResults.push(result);
+                if (!result.valid) {
+                    hasRequiredFields = false;
+                    missingFields.push(field);
+                }
             }
         }
         // Validate recommended fields
@@ -70,10 +224,11 @@ export class ManifestValidationAssessor extends BaseAssessor {
             this.testCount++;
             validationResults.push(this.validateRecommendedField(manifest, field));
         }
-        // Validate mcp_config structure
-        if (manifest.mcp_config) {
+        // Validate mcp_config structure (using helper to support both root and nested paths)
+        const mcpConfig = this.getMcpConfig(manifest);
+        if (mcpConfig) {
             this.testCount++;
-            validationResults.push(this.validateMcpConfig(manifest.mcp_config));
+            validationResults.push(this.validateMcpConfig(mcpConfig));
         }
         // Check for icon
         this.testCount++;
@@ -86,6 +241,11 @@ export class ManifestValidationAssessor extends BaseAssessor {
         // Validate version format
         this.testCount++;
         validationResults.push(this.validateVersionFormat(manifest.version));
+        // Validate tool names match server (Issue #140)
+        if (manifest.tools && context.tools.length > 0) {
+            const toolResults = this.validateToolNamesMatch(manifest, context.tools);
+            validationResults.push(...toolResults);
+        }
         // Validate privacy policy URLs if present
         let privacyPolicies;
         if (manifest.privacy_policies &&
@@ -121,6 +281,9 @@ export class ManifestValidationAssessor extends BaseAssessor {
         const status = this.determineManifestStatus(validationResults, hasRequiredFields);
         const explanation = this.generateExplanation(validationResults, hasRequiredFields, hasIcon, privacyPolicies);
         const recommendations = this.generateRecommendations(validationResults, privacyPolicies);
+        // Extract D4/D5 fields (Issue #141)
+        const contactInfo = this.extractContactInfo(manifest);
+        const versionInfo = this.extractVersionInfo(manifest);
         this.logger.info(`Assessment complete: ${validationResults.filter((r) => r.valid).length}/${validationResults.length} checks passed`);
         return {
             hasManifest: true,
@@ -130,6 +293,8 @@ export class ManifestValidationAssessor extends BaseAssessor {
             hasRequiredFields,
             missingFields,
             privacyPolicies,
+            contactInfo,
+            versionInfo,
             status,
             explanation,
             recommendations,
@@ -383,9 +548,7 @@ export class ManifestValidationAssessor extends BaseAssessor {
                 severity: "ERROR",
             };
         }
-        // Check for semver format
-        const semverPattern = /^\d+\.\d+\.\d+(-[a-zA-Z0-9.]+)?(\+[a-zA-Z0-9.]+)?$/;
-        if (!semverPattern.test(version)) {
+        if (!SEMVER_PATTERN.test(version)) {
             return {
                 field: "version (format)",
                 valid: false,
@@ -401,6 +564,98 @@ export class ManifestValidationAssessor extends BaseAssessor {
             severity: "INFO",
         };
     }
+    /**
+     * Validate manifest tool declarations against actual server tools (Issue #140)
+     * Compares tool names in manifest.tools against context.tools from tools/list
+     * Uses Levenshtein distance for "did you mean?" suggestions
+     */
+    validateToolNamesMatch(manifest, serverTools) {
+        const results = [];
+        // Skip if manifest doesn't declare tools
+        if (!manifest.tools || manifest.tools.length === 0) {
+            return results;
+        }
+        this.testCount++;
+        const manifestToolNames = new Set(manifest.tools.map((t) => t.name));
+        const serverToolNames = new Set(serverTools.map((t) => t.name));
+        // Check for tools declared in manifest but not on server
+        const mismatches = [];
+        for (const name of manifestToolNames) {
+            if (!serverToolNames.has(name)) {
+                const suggestion = findClosestMatch(name, serverToolNames);
+                mismatches.push({ manifest: name, suggestion });
+            }
+        }
+        // Check for tools on server but not declared in manifest
+        const undeclaredTools = [];
+        for (const name of serverToolNames) {
+            if (!manifestToolNames.has(name)) {
+                undeclaredTools.push(name);
+            }
+        }
+        // Report mismatches with suggestions
+        if (mismatches.length > 0) {
+            const issueLines = mismatches.map((m) => m.suggestion
+                ? `"${m.manifest}" (did you mean "${m.suggestion}"?)`
+                : `"${m.manifest}"`);
+            results.push({
+                field: "tools (manifest vs server)",
+                valid: false,
+                value: mismatches,
+                issue: `Manifest declares tools not found on server: ${issueLines.join(", ")}`,
+                severity: "WARNING",
+            });
+        }
+        if (undeclaredTools.length > 0) {
+            results.push({
+                field: "tools (undeclared)",
+                valid: false,
+                value: undeclaredTools,
+                issue: `Server has tools not declared in manifest: ${undeclaredTools.join(", ")}`,
+                severity: "INFO",
+            });
+        }
+        // All matched
+        if (mismatches.length === 0 && undeclaredTools.length === 0) {
+            results.push({
+                field: "tools (manifest vs server)",
+                valid: true,
+                value: `${manifestToolNames.size} tools matched`,
+                severity: "INFO",
+            });
+        }
+        return results;
+    }
+    /**
+     * Fetch with retry logic for transient network failures
+     */
+    async fetchWithRetry(url, method, retries = 2, backoffMs = 100) {
+        let lastError = null;
+        for (let attempt = 0; attempt <= retries; attempt++) {
+            const controller = new AbortController();
+            const timeoutId = setTimeout(() => controller.abort(), 5000);
+            try {
+                const response = await fetch(url, {
+                    method,
+                    signal: controller.signal,
+                    redirect: "follow",
+                });
+                clearTimeout(timeoutId);
+                return response;
+            }
+            catch (error) {
+                clearTimeout(timeoutId);
+                lastError = error instanceof Error ? error : new Error(String(error));
+                // Don't retry on last attempt
+                if (attempt < retries) {
+                    // Exponential backoff
+                    await new Promise((resolve) => setTimeout(resolve, backoffMs * Math.pow(2, attempt)));
+                }
+            }
+        }
+        // All retries exhausted
+        throw lastError;
+    }
     /**
      * Validate privacy policy URLs are accessible
      */
@@ -424,15 +679,8 @@ export class ManifestValidationAssessor extends BaseAssessor {
                 continue;
             }
             try {
-                // Use HEAD request for efficiency, fallback to GET if needed
-                const controller = new AbortController();
-                const timeoutId = setTimeout(() => controller.abort(), 5000);
-                const response = await fetch(url, {
-                    method: "HEAD",
-                    signal: controller.signal,
-                    redirect: "follow",
-                });
-                clearTimeout(timeoutId);
+                // Use HEAD request for efficiency with retry logic
+                const response = await this.fetchWithRetry(url, "HEAD");
                 results.push({
                     url,
                     accessible: response.ok,
@@ -446,14 +694,7 @@ export class ManifestValidationAssessor extends BaseAssessor {
                     error: headError instanceof Error ? headError.message : String(headError),
                 });
                 try {
-                    const controller = new AbortController();
-                    const timeoutId = setTimeout(() => controller.abort(), 5000);
-                    const response = await fetch(url, {
-                        method: "GET",
-                        signal: controller.signal,
-                        redirect: "follow",
-                    });
-                    clearTimeout(timeoutId);
+                    const response = await this.fetchWithRetry(url, "GET");
                     results.push({
                         url,
                         accessible: response.ok,

package/lib/services/assessment/modules/securityTests/ConfidenceScorer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"ConfidenceScorer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/ConfidenceScorer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AAE1E;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAmCD;;GAEG;AACH,qBAAa,gBAAgB;IAC3B;;;;;;;;;;;;;;;;OAgBG;IACH,mBAAmB,CACjB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,OAAO,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,eAAe,EACxB,kBAAkB,CAAC,EAAE,2BAA2B,GAC/C,gBAAgB;IA4JnB;;;;;OAKG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO;IAOxE;;;;;OAKG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;CAOtD"}
+{"version":3,"file":"ConfidenceScorer.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/ConfidenceScorer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,KAAK,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AAE1E;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACtC,oBAAoB,EAAE,OAAO,CAAC;IAC9B,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAmCD;;GAEG;AACH,qBAAa,gBAAgB;IAC3B;;;;;;;;;;;;;;;;OAgBG;IACH,mBAAmB,CACjB,IAAI,EAAE,IAAI,EACV,YAAY,EAAE,OAAO,EACrB,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,eAAe,EACxB,kBAAkB,CAAC,EAAE,2BAA2B,GAC/C,gBAAgB;IAgMnB;;;;;OAKG;IACH,oBAAoB,CAAC,QAAQ,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,GAAG,OAAO;IAOxE;;;;;OAKG;IACH,mBAAmB,CAAC,eAAe,EAAE,MAAM,GAAG,OAAO;CAOtD"}

package/lib/services/assessment/modules/securityTests/ConfidenceScorer.js

@@ -58,6 +58,34 @@ export class ConfidenceScorer {
      * @returns Confidence result with manual review requirements
      */
     calculateConfidence(tool, isVulnerable, evidence, responseText, payload, sanitizationResult) {
+        // Issue #146: Extract execution context from evidence if present
+        // This handles context classification from SecurityResponseAnalyzer
+        const contextMatch = evidence.match(/\[Context: (CONFIRMED|LIKELY_FALSE_POSITIVE|SUSPECTED)/);
+        if (contextMatch) {
+            const context = contextMatch[1];
+            // LIKELY_FALSE_POSITIVE: Payload reflected in error message, not executed
+            // Mark as low confidence requiring manual review
+            if (context === "LIKELY_FALSE_POSITIVE") {
+                return {
+                    confidence: "low",
+                    requiresManualReview: true,
+                    manualReviewReason: "Payload reflected in error message, operation failed",
+                    reviewGuidance: "The server rejected the operation but echoed the payload in the error. " +
+                        "Verify if the tool actually processed the payload or just reflected it in the error message. " +
+                        "Check the HTTP status code and error type to confirm the operation was rejected.",
+                };
+            }
+            // CONFIRMED: Operation succeeded, payload was executed
+            // High confidence vulnerability
+            if (context === "CONFIRMED") {
+                return {
+                    confidence: "high",
+                    requiresManualReview: false,
+                };
+            }
+            // SUSPECTED: Ambiguous case - continue with normal scoring but add review flag
+            // Will be handled by downstream logic with medium confidence
+        }
         // Issue #56: If sanitization is detected, reduce confidence for vulnerabilities
         // This helps reduce false positives on well-protected servers
         if (isVulnerable && sanitizationResult?.detected) {

package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts

@@ -25,6 +25,37 @@ export declare const HTTP_ERROR_PATTERNS: {
  * Used by: isMCPValidationError()
  */
 export declare const VALIDATION_ERROR_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+/**
+ * Issue #146: Error context patterns indicating operation failure
+ * Used to detect when payload appears in error message (likely false positive)
+ * These patterns indicate the server rejected/failed the operation
+ */
+export declare const ERROR_CONTEXT_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+/**
+ * Issue #146: Success context patterns indicating operation completion
+ * Used to confirm operation actually executed (high confidence vulnerability)
+ * These patterns indicate the server processed and returned results
+ */
+export declare const SUCCESS_CONTEXT_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+/**
+ * Issue #146: Check if payload appears in error context (likely false positive)
+ * @param responseText The full response text from the tool
+ * @param payload The payload that was sent to the tool
+ * @returns true if payload is reflected in an error context
+ */
+export declare function isPayloadInErrorContext(responseText: string, payload: string): boolean;
+/**
+ * Issue #146: Check if response indicates successful operation (high confidence)
+ * @param responseText The full response text from the tool
+ * @returns true if response indicates operation succeeded
+ */
+export declare function hasSuccessContext(responseText: string): boolean;
+/**
+ * Issue #146: Check if response indicates failed operation (error context)
+ * @param responseText The full response text from the tool
+ * @returns true if response indicates operation failed
+ */
+export declare function hasErrorContext(responseText: string): boolean;
 /**
  * Patterns indicating actual code/command execution
  * Used by: hasExecutionEvidence()
@@ -380,6 +411,70 @@ export declare const OUTPUT_INJECTION_PATTERNS: {
     /** Canary markers for echo detection */
     readonly canaryMarkers: readonly [RegExp];
 };
+/**
+ * Patterns indicating scope violation in tool response
+ * Detects when tools exceed their declared annotations at runtime
+ * CWE-250: Execution with Unnecessary Privileges
+ * CWE-269: Improper Privilege Management
+ */
+export declare const SCOPE_VIOLATION_PATTERNS: readonly [{
+    readonly pattern: RegExp;
+    readonly evidence: "scope_violation: true (tool exceeded declared scope)";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "scope_escalation: true (privilege escalation via input)";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "actual_scope indicates privileged operation";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "privileged_data exposed in response";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "system_secrets leaked in response";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "Admin mode activated via keyword trigger";
+}];
+/**
+ * Patterns indicating safe scope enforcement (hardened behavior)
+ * Used to confirm tools properly reject privileged actions
+ */
+export declare const SCOPE_ENFORCED_PATTERNS: readonly [{
+    readonly pattern: RegExp;
+    readonly evidence: "scope_enforced: true (safe)";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "Action blocked by allowlist";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "Allowlist enforcement";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "Explicit rejection: action not in allowlist";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "No escalation attempted (safe)";
+}, {
+    readonly pattern: RegExp;
+    readonly evidence: "Allowlist defined and enforced";
+}];
+/**
+ * Privileged actions that should be blocked by readOnlyHint=True tools
+ */
+export declare const PRIVILEGED_ACTIONS: readonly ["write", "write_file", "delete", "delete_data", "execute", "execute_command", "network", "network_request", "modify", "modify_config", "admin", "environment_access"];
+/**
+ * Escalation keywords that may trigger hidden privilege escalation
+ */
+export declare const ESCALATION_KEYWORDS: readonly ["admin", "sudo", "elevate", "root", "superuser", "privilege"];
+/**
+ * Check if response contains scope violation indicators (Issue #144)
+ */
+export declare function hasScopeViolation(text: string): boolean;
+/**
+ * Check if response contains scope enforcement indicators (Issue #144)
+ */
+export declare function hasScopeEnforcement(text: string): boolean;
 /**
  * Check if any pattern in array matches text
  */

package/lib/services/assessment/modules/securityTests/SecurityPatternLibrary.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityPatternLibrary.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPatternLibrary.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH;;;GAGG;AACH,eAAO,MAAM,mBAAmB;IAC9B,kEAAkE;;IAIlE,8DAA8D;;IAG9D,kCAAkC;;IAGlC,gCAAgC;;CAExB,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,2JAmB5B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,oBAAoB,2LAuBvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B;IACtC,iCAAiC;;IAejC,0DAA0D;;CAElD,CAAC;AAMX;;;;;;;GAOG;AACH,eAAO,MAAM,qBAAqB,2KA4BxB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;IACpC,uDAAuD;;IAOvD,oDAAoD;;CAO5C,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;IACpC,oCAAoC;;IAqBpC,4DAA4D;;IAW5D,+BAA+B;;CAEvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B;;;;CAMhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,eAAe,mJAkBlB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,mBAAmB,2rBAwGtB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+B1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc5B,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;EAiCjC,CAAC;AAEX;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAyB3B,CAAC;AAMX;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iCAAiC,EAAE,oBAAoB,EA0FnE,CAAC;AAEF;;;;;;;;GAQG;AAKH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,0BAA0B,MAAM,CAAC;AAE9C;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,IAAM,CAAC;AAMxC;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAC1C,MAAM,EACN;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,CAgCxC,CAAC;AAEF;;;GAGG;AACH,wBAAgB,6BAA6B,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,EAAE,CAiB5E;AAED,eAAO,MAAM,2BAA2B,EAAE,oBAAoB,EAuE7D,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,sBAAsB,2FAWzB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,iBAAiB,mHAcpB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,mFAU1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,mDAM9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,2DAO1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB,2DAO5B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B,yKAWhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,kBAAkB,mGAYrB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,QACO,CAAC;AAMhD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,QAC8B,CAAC;AAE/D;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2EAS3B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,oRA4B9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,0BAA0B;;;;;CAK7B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;IAClC,iCAAiC;;IAQjC,mDAAmD;;IAInD,gDAAgD;;IAIhD,oCAAoC;;IAEpC,6CAA6C;;CAIrC,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB;IACpC,oDAAoD;;IAOpD,wCAAwC;;CAEhC,CAAC;AAMX;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAOjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEvD;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE5D;AAED;;;GAGG;AACH,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAKrE"}
+{"version":3,"file":"SecurityPatternLibrary.d.ts","sourceRoot":"","sources":["../../../../../src/services/assessment/modules/securityTests/SecurityPatternLibrary.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH;;;GAGG;AACH,eAAO,MAAM,mBAAmB;IAC9B,kEAAkE;;IAIlE,8DAA8D;;IAG9D,kCAAkC;;IAGlC,gCAAgC;;CAExB,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,2JAmB5B,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,sBAAsB,2GAazB,CAAC;AAEX;;;;GAIG;AACH,eAAO,MAAM,wBAAwB,mFAU3B,CAAC;AAEX;;;;;GAKG;AACH,wBAAgB,uBAAuB,CACrC,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,GACd,OAAO,CAWT;AAED;;;;GAIG;AACH,wBAAgB,iBAAiB,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAE/D;AAED;;;;GAIG;AACH,wBAAgB,eAAe,CAAC,YAAY,EAAE,MAAM,GAAG,OAAO,CAE7D;AAMD;;;GAGG;AACH,eAAO,MAAM,oBAAoB,2LAuBvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B;IACtC,iCAAiC;;IAejC,0DAA0D;;CAElD,CAAC;AAMX;;;;;;;GAOG;AACH,eAAO,MAAM,qBAAqB,2KA4BxB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;IACpC,uDAAuD;;IAOvD,oDAAoD;;CAO5C,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;IACpC,oCAAoC;;IAqBpC,4DAA4D;;IAW5D,+BAA+B;;CAEvB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B;;;;CAMhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,eAAe,mJAkBlB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,mBAAmB,2rBAwGtB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA+B1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAc5B,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,8BAA8B;;;;;;;;;;;;;;;;;;;;;;;;EAiCjC,CAAC;AAEX;;;;GAIG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAyB3B,CAAC;AAMX;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;;;;;;;;GASG;AACH,eAAO,MAAM,iCAAiC,EAAE,oBAAoB,EA0FnE,CAAC;AAEF;;;;;;;;GAQG;AAKH;;;;;;;;;;GAUG;AACH,eAAO,MAAM,0BAA0B,MAAM,CAAC;AAE9C;;;;;;;GAOG;AACH,eAAO,MAAM,oBAAoB,IAAM,CAAC;AAMxC;;;;;GAKG;AACH,eAAO,MAAM,uBAAuB,EAAE,MAAM,CAC1C,MAAM,EACN;IAAE,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,EAAE,CAgCxC,CAAC;AAEF;;;GAGG;AACH,wBAAgB,6BAA6B,CAAC,YAAY,EAAE,MAAM,GAAG,MAAM,EAAE,CAiB5E;AAED,eAAO,MAAM,2BAA2B,EAAE,oBAAoB,EAuE7D,CAAC;AAMF;;;GAGG;AACH,eAAO,MAAM,sBAAsB,2FAWzB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,iBAAiB,mHAcpB,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,mFAU1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,mDAM9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB,2DAO1B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,yBAAyB,2DAO5B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,6BAA6B,yKAWhC,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,kBAAkB,mGAYrB,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,QACO,CAAC;AAMhD;;;GAGG;AACH,eAAO,MAAM,mBAAmB,QAC8B,CAAC;AAE/D;;;GAGG;AACH,eAAO,MAAM,wBAAwB,2EAS3B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,2BAA2B,oRA4B9B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,0BAA0B;;;;;CAK7B,CAAC;AAMX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;IAClC,iCAAiC;;IAQjC,mDAAmD;;IAInD,gDAAgD;;IAIhD,oCAAoC;;IAEpC,6CAA6C;;CAIrC,CAAC;AAMX;;;;GAIG;AACH,eAAO,MAAM,yBAAyB;IACpC,oDAAoD;;IAOpD,wCAAwC;;CAEhC,CAAC;AAMX;;;;;GAKG;AACH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;EAyB3B,CAAC;AAEX;;;GAGG;AACH,eAAO,MAAM,uBAAuB;;;;;;;;;;;;;;;;;;EAyB1B,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,kBAAkB,iLAarB,CAAC;AAEX;;GAEG;AACH,eAAO,MAAM,mBAAmB,yEAOtB,CAAC;AAEX;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEvD;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEzD;AAMD;;GAEG;AACH,wBAAgB,UAAU,CAAC,QAAQ,EAAE,SAAS,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7E;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAOjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEvD;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE5D;AAED;;;GAGG;AACH,wBAAgB,+BAA+B,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAKrE"}