@clawdstrike/openclaw 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +79 -3
- package/clawdstrike-security.js +1 -0
- package/dist/audit/adapter-logger.d.ts +24 -0
- package/dist/audit/adapter-logger.d.ts.map +1 -0
- package/dist/audit/adapter-logger.js +42 -0
- package/dist/audit/adapter-logger.js.map +1 -0
- package/dist/classification.d.ts +41 -0
- package/dist/classification.d.ts.map +1 -0
- package/dist/classification.js +102 -0
- package/dist/classification.js.map +1 -0
- package/dist/cli/commands/policy.js +1 -1
- package/dist/cli/commands/policy.js.map +1 -1
- package/dist/e2e/openclaw-e2e.js +3 -3
- package/dist/e2e/openclaw-e2e.js.map +1 -1
- package/dist/engine-holder.d.ts +28 -0
- package/dist/engine-holder.d.ts.map +1 -0
- package/dist/engine-holder.js +38 -0
- package/dist/engine-holder.js.map +1 -0
- package/dist/guards/egress.d.ts.map +1 -1
- package/dist/guards/egress.js +20 -1
- package/dist/guards/egress.js.map +1 -1
- package/dist/guards/forbidden-path.d.ts.map +1 -1
- package/dist/guards/forbidden-path.js +6 -0
- package/dist/guards/forbidden-path.js.map +1 -1
- package/dist/guards/secret-leak.d.ts.map +1 -1
- package/dist/guards/secret-leak.js +21 -0
- package/dist/guards/secret-leak.js.map +1 -1
- package/dist/hooks/agent-bootstrap/handler.d.ts +4 -0
- package/dist/hooks/agent-bootstrap/handler.d.ts.map +1 -1
- package/dist/hooks/agent-bootstrap/handler.js +7 -7
- package/dist/hooks/agent-bootstrap/handler.js.map +1 -1
- package/dist/hooks/approval-state.d.ts +31 -0
- package/dist/hooks/approval-state.d.ts.map +1 -0
- package/dist/hooks/approval-state.js +189 -0
- package/dist/hooks/approval-state.js.map +1 -0
- package/dist/hooks/approval-utils.d.ts +5 -0
- package/dist/hooks/approval-utils.d.ts.map +1 -0
- package/dist/hooks/approval-utils.js +77 -0
- package/dist/hooks/approval-utils.js.map +1 -0
- package/dist/hooks/audit-logger/handler.d.ts +4 -0
- package/dist/hooks/audit-logger/handler.d.ts.map +1 -1
- package/dist/hooks/audit-logger/handler.js +4 -0
- package/dist/hooks/audit-logger/handler.js.map +1 -1
- package/dist/hooks/cua-bridge/handler.d.ts +57 -0
- package/dist/hooks/cua-bridge/handler.d.ts.map +1 -0
- package/dist/hooks/cua-bridge/handler.js +369 -0
- package/dist/hooks/cua-bridge/handler.js.map +1 -0
- package/dist/hooks/tool-guard/handler.d.ts +17 -2
- package/dist/hooks/tool-guard/handler.d.ts.map +1 -1
- package/dist/hooks/tool-guard/handler.js +200 -75
- package/dist/hooks/tool-guard/handler.js.map +1 -1
- package/dist/hooks/tool-preflight/handler.d.ts +34 -0
- package/dist/hooks/tool-preflight/handler.d.ts.map +1 -0
- package/dist/hooks/tool-preflight/handler.js +426 -0
- package/dist/hooks/tool-preflight/handler.js.map +1 -0
- package/dist/index.d.ts +8 -1
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -0
- package/dist/index.js.map +1 -1
- package/dist/openclaw-adapter.d.ts +48 -0
- package/dist/openclaw-adapter.d.ts.map +1 -0
- package/dist/openclaw-adapter.js +81 -0
- package/dist/openclaw-adapter.js.map +1 -0
- package/dist/plugin.d.ts +40 -1
- package/dist/plugin.d.ts.map +1 -1
- package/dist/plugin.js +125 -32
- package/dist/plugin.js.map +1 -1
- package/dist/policy/engine.d.ts +5 -0
- package/dist/policy/engine.d.ts.map +1 -1
- package/dist/policy/engine.js +580 -84
- package/dist/policy/engine.js.map +1 -1
- package/dist/policy/loader.js +57 -0
- package/dist/policy/loader.js.map +1 -1
- package/dist/policy/validator.d.ts.map +1 -1
- package/dist/policy/validator.js +97 -3
- package/dist/policy/validator.js.map +1 -1
- package/dist/receipt/signer.d.ts +42 -0
- package/dist/receipt/signer.d.ts.map +1 -0
- package/dist/receipt/signer.js +134 -0
- package/dist/receipt/signer.js.map +1 -0
- package/dist/receipt/types.d.ts +50 -0
- package/dist/receipt/types.d.ts.map +1 -0
- package/dist/receipt/types.js +9 -0
- package/dist/receipt/types.js.map +1 -0
- package/dist/security-prompt.js +1 -1
- package/dist/tools/policy-check.d.ts +2 -2
- package/dist/tools/policy-check.d.ts.map +1 -1
- package/dist/tools/policy-check.js +4 -7
- package/dist/tools/policy-check.js.map +1 -1
- package/dist/translator/openclaw-translator.d.ts +31 -0
- package/dist/translator/openclaw-translator.d.ts.map +1 -0
- package/dist/translator/openclaw-translator.js +314 -0
- package/dist/translator/openclaw-translator.js.map +1 -0
- package/dist/types.d.ts +86 -170
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +4 -0
- package/dist/types.js.map +1 -1
- package/package.json +5 -3
- package/rulesets/ai-agent-minimal.yaml +25 -0
- package/rulesets/ai-agent.yaml +25 -0
package/dist/plugin.d.ts
CHANGED
|
@@ -3,9 +3,48 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Follows the OpenClaw plugin API: https://docs.openclaw.ai/plugin
|
|
5
5
|
*/
|
|
6
|
+
import type { CommandBuilder, HookHandler } from "./types.js";
|
|
6
7
|
export * from "./index.js";
|
|
8
|
+
/** Minimal OpenClaw plugin API surface used by this plugin. */
|
|
9
|
+
interface RegisterHookOptions {
|
|
10
|
+
name?: string;
|
|
11
|
+
entry?: {
|
|
12
|
+
hook?: {
|
|
13
|
+
name?: string;
|
|
14
|
+
};
|
|
15
|
+
};
|
|
16
|
+
}
|
|
17
|
+
interface OpenClawPluginAPI {
|
|
18
|
+
logger?: {
|
|
19
|
+
info?(...args: unknown[]): void;
|
|
20
|
+
warn?(...args: unknown[]): void;
|
|
21
|
+
error?(...args: unknown[]): void;
|
|
22
|
+
};
|
|
23
|
+
config?: {
|
|
24
|
+
plugins?: {
|
|
25
|
+
entries?: Record<string, {
|
|
26
|
+
config?: Record<string, unknown>;
|
|
27
|
+
}>;
|
|
28
|
+
};
|
|
29
|
+
};
|
|
30
|
+
registerTool(tool: {
|
|
31
|
+
name: string;
|
|
32
|
+
description: string;
|
|
33
|
+
parameters: Record<string, unknown>;
|
|
34
|
+
execute: (id: string, params: Record<string, unknown>) => Promise<unknown>;
|
|
35
|
+
}): void;
|
|
36
|
+
registerCli(callback: (ctx: {
|
|
37
|
+
program: {
|
|
38
|
+
command(name: string): CommandBuilder;
|
|
39
|
+
};
|
|
40
|
+
}) => void, opts?: {
|
|
41
|
+
commands?: string[];
|
|
42
|
+
}): void;
|
|
43
|
+
registerHook?(event: string, handler: HookHandler, opts?: RegisterHookOptions): void;
|
|
44
|
+
on?(event: string, handler: HookHandler): void;
|
|
45
|
+
}
|
|
7
46
|
/**
|
|
8
47
|
* Plugin registration function (function format per OpenClaw docs)
|
|
9
48
|
*/
|
|
10
|
-
export default function clawdstrikePlugin(api:
|
|
49
|
+
export default function clawdstrikePlugin(api: OpenClawPluginAPI): void;
|
|
11
50
|
//# sourceMappingURL=plugin.d.ts.map
|
package/dist/plugin.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"plugin.d.ts","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAqB,cAAc,EAAE,WAAW,EAAe,MAAM,YAAY,CAAC;AAS9F,cAAc,YAAY,CAAC;AAE3B,+DAA+D;AAC/D,UAAU,mBAAmB;IAC3B,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,KAAK,CAAC,EAAE;QACN,IAAI,CAAC,EAAE;YACL,IAAI,CAAC,EAAE,MAAM,CAAC;SACf,CAAC;KACH,CAAC;CACH;AAED,UAAU,iBAAiB;IACzB,MAAM,CAAC,EAAE;QAAE,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;QAAC,IAAI,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAC;QAAC,KAAK,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,EAAE,GAAG,IAAI,CAAA;KAAE,CAAC;IAChH,MAAM,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE;YAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;gBAAE,MAAM,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;aAAE,CAAC,CAAA;SAAE,CAAA;KAAE,CAAC;IAC1F,YAAY,CAAC,IAAI,EAAE;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,CAAC;QACpB,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACpC,OAAO,EAAE,CAAC,EAAE,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC;KAC5E,GAAG,IAAI,CAAC;IACT,WAAW,CAAC,QAAQ,EAAE,CAAC,GAAG,EAAE;QAAE,OAAO,EAAE;YAAE,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,CAAA;SAAE,CAAA;KAAE,KAAK,IAAI,EAAE,IAAI,CAAC,EAAE;QAAE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAA;KAAE,GAAG,IAAI,CAAC;IACnI,YAAY,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,CAAC,EAAE,mBAAmB,GAAG,IAAI,CAAC;IACrF,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,GAAG,IAAI,CAAC;CAChD;AAED;;GAEG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CAAC,GAAG,EAAE,iBAAiB,QA8N/D"}
|
package/dist/plugin.js
CHANGED
|
@@ -3,7 +3,12 @@
|
|
|
3
3
|
*
|
|
4
4
|
* Follows the OpenClaw plugin API: https://docs.openclaw.ai/plugin
|
|
5
5
|
*/
|
|
6
|
-
import {
|
|
6
|
+
import { initializeEngine, getSharedEngine } from "./engine-holder.js";
|
|
7
|
+
import toolPreflightHandler, { initialize as initPreflight } from "./hooks/tool-preflight/handler.js";
|
|
8
|
+
import toolGuardHandler, { initialize as initToolGuard } from "./hooks/tool-guard/handler.js";
|
|
9
|
+
import agentBootstrapHandler, { initialize as initBootstrap } from "./hooks/agent-bootstrap/handler.js";
|
|
10
|
+
import cuaBridgeHandler, { initialize as initCuaBridge } from "./hooks/cua-bridge/handler.js";
|
|
11
|
+
import { readFileSync } from "node:fs";
|
|
7
12
|
// Re-export existing utilities for external use
|
|
8
13
|
export * from "./index.js";
|
|
9
14
|
/**
|
|
@@ -11,21 +16,48 @@ export * from "./index.js";
|
|
|
11
16
|
*/
|
|
12
17
|
export default function clawdstrikePlugin(api) {
|
|
13
18
|
const logger = api.logger ?? console;
|
|
19
|
+
const getFileBackedPluginConfig = () => {
|
|
20
|
+
const explicitPath = process.env.OPENCLAW_CONFIG_PATH;
|
|
21
|
+
if (!explicitPath)
|
|
22
|
+
return {};
|
|
23
|
+
try {
|
|
24
|
+
const raw = readFileSync(explicitPath, 'utf8');
|
|
25
|
+
const parsed = JSON.parse(raw);
|
|
26
|
+
const entries = parsed.plugins?.entries ?? {};
|
|
27
|
+
return entries["clawdstrike-security"]?.config
|
|
28
|
+
?? entries["openclaw"]?.config
|
|
29
|
+
?? {};
|
|
30
|
+
}
|
|
31
|
+
catch {
|
|
32
|
+
return {};
|
|
33
|
+
}
|
|
34
|
+
};
|
|
14
35
|
// Load config from plugin settings
|
|
15
36
|
const getConfig = () => {
|
|
16
|
-
const
|
|
37
|
+
const entries = api.config?.plugins?.entries ?? {};
|
|
38
|
+
const apiPluginConfig = entries["clawdstrike-security"]?.config
|
|
39
|
+
?? entries["openclaw"]?.config
|
|
40
|
+
?? {};
|
|
41
|
+
const filePluginConfig = getFileBackedPluginConfig();
|
|
42
|
+
const pluginConfig = Object.keys(apiPluginConfig).length > 0 ? apiPluginConfig : filePluginConfig;
|
|
43
|
+
const policy = typeof pluginConfig.policy === 'string' ? pluginConfig.policy : undefined;
|
|
44
|
+
const mode = typeof pluginConfig.mode === 'string' ? pluginConfig.mode : 'deterministic';
|
|
45
|
+
const logLevel = typeof pluginConfig.logLevel === 'string' ? pluginConfig.logLevel : 'info';
|
|
46
|
+
const guards = pluginConfig.guards && typeof pluginConfig.guards === 'object'
|
|
47
|
+
? pluginConfig.guards
|
|
48
|
+
: { forbidden_path: true, egress: true, secret_leak: true, patch_integrity: true };
|
|
17
49
|
return {
|
|
18
|
-
policy
|
|
19
|
-
mode:
|
|
20
|
-
logLevel:
|
|
21
|
-
guards
|
|
22
|
-
forbidden_path: true,
|
|
23
|
-
egress: true,
|
|
24
|
-
secret_leak: true,
|
|
25
|
-
patch_integrity: true,
|
|
26
|
-
},
|
|
50
|
+
policy,
|
|
51
|
+
mode: mode,
|
|
52
|
+
logLevel: logLevel,
|
|
53
|
+
guards,
|
|
27
54
|
};
|
|
28
55
|
};
|
|
56
|
+
const refreshSharedEngine = () => {
|
|
57
|
+
const config = getConfig();
|
|
58
|
+
initializeEngine(config);
|
|
59
|
+
return config;
|
|
60
|
+
};
|
|
29
61
|
// Register the policy_check tool
|
|
30
62
|
api.registerTool({
|
|
31
63
|
name: "policy_check",
|
|
@@ -47,22 +79,18 @@ export default function clawdstrikePlugin(api) {
|
|
|
47
79
|
},
|
|
48
80
|
async execute(_id, params) {
|
|
49
81
|
try {
|
|
50
|
-
const config =
|
|
51
|
-
const engine =
|
|
52
|
-
const action = params.action
|
|
53
|
-
const resource = params.resource
|
|
82
|
+
const config = refreshSharedEngine();
|
|
83
|
+
const engine = getSharedEngine(config);
|
|
84
|
+
const action = (typeof params.action === 'string' ? params.action : 'tool_call');
|
|
85
|
+
const resource = typeof params.resource === 'string' ? params.resource : '';
|
|
54
86
|
const event = buildEvent(action, resource);
|
|
55
87
|
const decision = await engine.evaluate(event);
|
|
56
|
-
const isDenied = decision.status === 'deny' || decision.denied;
|
|
57
|
-
const isWarn = decision.status === 'warn' || decision.warn;
|
|
58
88
|
const result = {
|
|
59
|
-
|
|
60
|
-
denied: isDenied,
|
|
61
|
-
warn: isWarn,
|
|
89
|
+
status: decision.status,
|
|
62
90
|
guard: decision.guard,
|
|
63
91
|
reason: decision.reason,
|
|
64
92
|
message: formatDecision(decision),
|
|
65
|
-
suggestion:
|
|
93
|
+
suggestion: decision.status === 'deny' ? getSuggestion(action, resource) : undefined,
|
|
66
94
|
};
|
|
67
95
|
return {
|
|
68
96
|
content: [
|
|
@@ -79,7 +107,13 @@ export default function clawdstrikePlugin(api) {
|
|
|
79
107
|
content: [
|
|
80
108
|
{
|
|
81
109
|
type: "text",
|
|
82
|
-
text: JSON.stringify({
|
|
110
|
+
text: JSON.stringify({
|
|
111
|
+
status: "deny",
|
|
112
|
+
guard: "policy_engine",
|
|
113
|
+
reason: "evaluation_error",
|
|
114
|
+
message: `Policy evaluation failed (fail-closed): ${message}`,
|
|
115
|
+
suggestion: "Check policy configuration and retry",
|
|
116
|
+
}, null, 2),
|
|
83
117
|
},
|
|
84
118
|
],
|
|
85
119
|
};
|
|
@@ -95,7 +129,7 @@ export default function clawdstrikePlugin(api) {
|
|
|
95
129
|
.command("status")
|
|
96
130
|
.description("Show Clawdstrike plugin status")
|
|
97
131
|
.action(() => {
|
|
98
|
-
const config =
|
|
132
|
+
const config = refreshSharedEngine();
|
|
99
133
|
console.log("Clawdstrike Security Plugin");
|
|
100
134
|
console.log("---------------------------");
|
|
101
135
|
console.log(`Mode: ${config.mode}`);
|
|
@@ -109,23 +143,84 @@ export default function clawdstrikePlugin(api) {
|
|
|
109
143
|
clawdstrike
|
|
110
144
|
.command("check <action> <resource>")
|
|
111
145
|
.description("Check if an action is allowed")
|
|
112
|
-
.action(async (
|
|
113
|
-
const
|
|
114
|
-
const
|
|
146
|
+
.action(async (...args) => {
|
|
147
|
+
const action = typeof args[0] === 'string' ? args[0] : '';
|
|
148
|
+
const resource = typeof args[1] === 'string' ? args[1] : '';
|
|
149
|
+
const config = refreshSharedEngine();
|
|
150
|
+
const engine = getSharedEngine(config);
|
|
115
151
|
const event = buildEvent(action, resource);
|
|
116
152
|
const decision = await engine.evaluate(event);
|
|
117
153
|
console.log(formatDecision(decision));
|
|
118
|
-
if (decision.status === 'deny'
|
|
154
|
+
if (decision.status === 'deny') {
|
|
119
155
|
console.log(`Suggestion: ${getSuggestion(action, resource)}`);
|
|
120
156
|
process.exitCode = 1;
|
|
121
157
|
}
|
|
122
158
|
});
|
|
123
159
|
}, { commands: ["clawdstrike"] });
|
|
160
|
+
// Initialize the shared policy engine once, then let each handler
|
|
161
|
+
// initialize its own module state (caches, etc.) via the shared engine.
|
|
162
|
+
const config = refreshSharedEngine();
|
|
163
|
+
initPreflight(config);
|
|
164
|
+
initToolGuard(config);
|
|
165
|
+
initBootstrap(config);
|
|
166
|
+
initCuaBridge(config);
|
|
167
|
+
const withFreshEngine = (handler) => {
|
|
168
|
+
return async (event, ctx) => {
|
|
169
|
+
refreshSharedEngine();
|
|
170
|
+
return handler(event, ctx);
|
|
171
|
+
};
|
|
172
|
+
};
|
|
173
|
+
const wrappedCuaBridgeHandler = withFreshEngine(cuaBridgeHandler);
|
|
174
|
+
const wrappedToolPreflightHandler = withFreshEngine(toolPreflightHandler);
|
|
175
|
+
const wrappedToolGuardHandler = withFreshEngine(toolGuardHandler);
|
|
176
|
+
const wrappedAgentBootstrapHandler = withFreshEngine(agentBootstrapHandler);
|
|
177
|
+
// Register hooks — prefer named hook registration for modern runtimes,
|
|
178
|
+
// but fall back to legacy registration shapes for compatibility.
|
|
179
|
+
if (typeof api.registerHook === 'function') {
|
|
180
|
+
const registerHook = api.registerHook.bind(api);
|
|
181
|
+
const registerHookCompat = (event, name, handler) => {
|
|
182
|
+
const namedOpts = {
|
|
183
|
+
name,
|
|
184
|
+
entry: {
|
|
185
|
+
hook: {
|
|
186
|
+
name,
|
|
187
|
+
},
|
|
188
|
+
},
|
|
189
|
+
};
|
|
190
|
+
try {
|
|
191
|
+
registerHook(event, handler, namedOpts);
|
|
192
|
+
}
|
|
193
|
+
catch {
|
|
194
|
+
try {
|
|
195
|
+
registerHook(event, handler, { name });
|
|
196
|
+
}
|
|
197
|
+
catch {
|
|
198
|
+
registerHook(event, handler);
|
|
199
|
+
}
|
|
200
|
+
}
|
|
201
|
+
};
|
|
202
|
+
// Register for both modern and legacy event names for compatibility.
|
|
203
|
+
registerHookCompat('before_tool_call', 'clawdstrike:cua-bridge:before-tool-call', wrappedCuaBridgeHandler);
|
|
204
|
+
registerHookCompat('before_tool_call', 'clawdstrike:tool-preflight:before-tool-call', wrappedToolPreflightHandler);
|
|
205
|
+
registerHookCompat('tool_call', 'clawdstrike:cua-bridge:tool-call', wrappedCuaBridgeHandler);
|
|
206
|
+
registerHookCompat('tool_call', 'clawdstrike:tool-preflight:tool-call', wrappedToolPreflightHandler);
|
|
207
|
+
registerHookCompat('tool_result_persist', 'clawdstrike:tool-guard:tool-result-persist', wrappedToolGuardHandler);
|
|
208
|
+
registerHookCompat('agent:bootstrap', 'clawdstrike:agent-bootstrap', wrappedAgentBootstrapHandler);
|
|
209
|
+
}
|
|
210
|
+
else if (typeof api.on === 'function') {
|
|
211
|
+
const registerHook = api.on.bind(api);
|
|
212
|
+
registerHook('before_tool_call', wrappedCuaBridgeHandler);
|
|
213
|
+
registerHook('before_tool_call', wrappedToolPreflightHandler);
|
|
214
|
+
registerHook('tool_call', wrappedCuaBridgeHandler);
|
|
215
|
+
registerHook('tool_call', wrappedToolPreflightHandler);
|
|
216
|
+
registerHook('tool_result_persist', wrappedToolGuardHandler);
|
|
217
|
+
registerHook('agent:bootstrap', wrappedAgentBootstrapHandler);
|
|
218
|
+
}
|
|
124
219
|
logger.info?.("[clawdstrike] Plugin registered");
|
|
125
220
|
}
|
|
126
221
|
function buildEvent(action, resource) {
|
|
127
222
|
const now = new Date();
|
|
128
|
-
const eventId = `policy-check-${now.getTime()}-${
|
|
223
|
+
const eventId = `policy-check-${now.getTime()}-${crypto.randomUUID()}`;
|
|
129
224
|
const timestamp = now.toISOString();
|
|
130
225
|
switch (action) {
|
|
131
226
|
case "file_read":
|
|
@@ -198,14 +293,12 @@ function parseNetworkTarget(target) {
|
|
|
198
293
|
}
|
|
199
294
|
}
|
|
200
295
|
function formatDecision(decision) {
|
|
201
|
-
|
|
202
|
-
const isWarn = decision.status === 'warn' || decision.warn;
|
|
203
|
-
if (isDenied) {
|
|
296
|
+
if (decision.status === 'deny') {
|
|
204
297
|
const guard = decision.guard ? ` by ${decision.guard}` : "";
|
|
205
298
|
const reason = decision.reason ? `: ${decision.reason}` : "";
|
|
206
299
|
return `Denied${guard}${reason}`;
|
|
207
300
|
}
|
|
208
|
-
if (
|
|
301
|
+
if (decision.status === 'warn') {
|
|
209
302
|
const msg = decision.message ?? decision.reason ?? "Policy warning";
|
|
210
303
|
return `Warning: ${msg}`;
|
|
211
304
|
}
|
package/dist/plugin.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGlD,gDAAgD;AAChD,cAAc,YAAY,CAAC;AAE3B;;GAEG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CAAC,GAAQ;IAChD,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,OAAO,CAAC;IAErC,mCAAmC;IACnC,MAAM,SAAS,GAAG,GAAsB,EAAE;QACxC,MAAM,YAAY,GAAG,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,sBAAsB,CAAC,EAAE,MAAM,IAAI,EAAE,CAAC;QAC1F,OAAO;YACL,MAAM,EAAE,YAAY,CAAC,MAAM;YAC3B,IAAI,EAAE,YAAY,CAAC,IAAI,IAAI,eAAe;YAC1C,QAAQ,EAAE,YAAY,CAAC,QAAQ,IAAI,MAAM;YACzC,MAAM,EAAE,YAAY,CAAC,MAAM,IAAI;gBAC7B,cAAc,EAAE,IAAI;gBACpB,MAAM,EAAE,IAAI;gBACZ,WAAW,EAAE,IAAI;gBACjB,eAAe,EAAE,IAAI;aACtB;SACF,CAAC;IACJ,CAAC,CAAC;IAEF,iCAAiC;IACjC,GAAG,CAAC,YAAY,CAAC;QACf,IAAI,EAAE,cAAc;QACpB,WAAW,EACT,8KAA8K;QAChL,UAAU,EAAE;YACV,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,CAAC;oBACpE,WAAW,EAAE,6BAA6B;iBAC3C;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,WAAW,EACT,6EAA6E;iBAChF;aACF;YACD,QAAQ,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;SACjC;QACD,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,MAA4C;YACrE,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;gBAC3B,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;gBAExC,MAAM,MAAM,GAAI,MAAM,CAAC,MAA4B,IAAI,WAAW,CAAC;gBACnE,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,EAAE,CAAC;gBAEvC,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAC3C,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,KAAY,CAAC,CAAC;gBAErD,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,CAAC,MAAM,CAAC;gBAC/D,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,CAAC,IAAI,CAAC;gBAC3D,MAAM,MAAM,GAAG;oBACb,OAAO,EAAE,CAAC,QAAQ;oBAClB,MAAM,EAAE,QAAQ;oBAChB,IAAI,EAAE,MAAM;oBACZ,KAAK,EAAE,QAAQ,CAAC,KAAK;oBACrB,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,OAAO,EAAE,cAAc,CAAC,QAAQ,CAAC;oBACjC,UAAU,EAAE,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;iBACnE,CAAC;gBAEF,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;yBACtC;qBACF;iBACF,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACvE,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;yBACxD;qBACF;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;KACF,CAAC,CAAC;IAEH,wBAAwB;IACxB,GAAG,CAAC,WAAW,CACb,CAAC,EAAE,OAAO,EAAoB,EAAE,EAAE;QAChC,MAAM,WAAW,GAAG,OAAO;aACxB,OAAO,CAAC,aAAa,CAAC;aACtB,WAAW,CAAC,iCAAiC,CAAC,CAAC;QAElD,WAAW;aACR,OAAO,CAAC,QAAQ,CAAC;aACjB,WAAW,CAAC,gCAAgC,CAAC;aAC7C,MAAM,CAAC,GAAG,EAAE;YACX,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,IAAI,WAAW,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACvB,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE;gBAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YAChE,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEL,WAAW;aACR,OAAO,CAAC,2BAA2B,CAAC;aACpC,WAAW,CAAC,+BAA+B,CAAC;aAC5C,MAAM,CAAC,KAAK,EAAE,MAAc,EAAE,QAAgB,EAAE,EAAE;YACjD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;YAC3B,MAAM,MAAM,GAAG,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;YACxC,MAAM,KAAK,GAAG,UAAU,CAAC,MAA2B,EAAE,QAAQ,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,KAAY,CAAC,CAAC;YACrD,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtC,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,CAAC,MAAM,EAAE,CAAC;gBAClD,OAAO,CAAC,GAAG,CAAC,eAAe,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC;gBAC9D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,CAAC;IACP,CAAC,EACD,EAAE,QAAQ,EAAE,CAAC,aAAa,CAAC,EAAE,CAC9B,CAAC;IAEF,MAAM,CAAC,IAAI,EAAE,CAAC,iCAAiC,CAAC,CAAC;AACnD,CAAC;AAsCD,SAAS,UAAU,CAAC,MAAyB,EAAE,QAAgB;IAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,OAAO,GAAG,gBAAgB,GAAG,CAAC,OAAO,EAAE,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;IAC1F,MAAM,SAAS,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IAEpC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,WAAW;YACd,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,WAAW;gBACtB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE;aAC1D,CAAC;QACJ,KAAK,YAAY;YACf,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,YAAY;gBACvB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE;aAC3D,CAAC;QACJ,KAAK,SAAS,CAAC;QACf,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACzD,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,gBAAgB;gBAC3B,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;aAC3C,CAAC;QACJ,CAAC;QACD,KAAK,SAAS,CAAC;QACf,KAAK,cAAc,CAAC,CAAC,CAAC;YACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAC3D,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,KAAK,CAAC;YACjC,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,cAAc;gBACzB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE,EAAE,IAAI,EAAE;aACxD,CAAC;QACJ,CAAC;QACD,KAAK,WAAW,CAAC;QACjB;YACE,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,WAAW;gBACtB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,EAAE;aAC3D,CAAC;IACN,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,MAAc;IACxC,MAAM,OAAO,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACtC,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAE3C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI;YACtB,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAClC,CAAC,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO;gBAC3B,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,GAAG,CAAC;QACV,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,OAAO,EAAE,CAAC,CAAC;YAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YAClE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,WAAW,OAAO,EAAE,EAAE,CAAC;QACpE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC/D,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,QAAkB;IACxC,MAAM,QAAQ,GAAG,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,CAAC,MAAM,CAAC;IAC/D,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,KAAK,MAAM,IAAI,QAAQ,CAAC,IAAI,CAAC;IAC3D,IAAI,QAAQ,EAAE,CAAC;QACb,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,OAAO,SAAS,KAAK,GAAG,MAAM,EAAE,CAAC;IACnC,CAAC;IACD,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,MAAM,IAAI,gBAAgB,CAAC;QACpE,OAAO,YAAY,GAAG,EAAE,CAAC;IAC3B,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,SAAS,aAAa,CAAC,MAAc,EAAE,QAAgB;IACrD,IAAI,CAAC,MAAM,KAAK,YAAY,IAAI,MAAM,KAAK,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,OAAO,+EAA+E,CAAC;IACzF,CAAC;IACD,IAAI,CAAC,MAAM,KAAK,YAAY,IAAI,MAAM,KAAK,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,OAAO,gFAAgF,CAAC;IAC1F,CAAC;IACD,IAAI,MAAM,KAAK,gBAAgB,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACxD,OAAO,8DAA8D,CAAC;IACxE,CAAC;IACD,IACE,CAAC,MAAM,KAAK,cAAc,IAAI,MAAM,KAAK,SAAS,CAAC;QACnD,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EACzB,CAAC;QACD,OAAO,+DAA+D,CAAC;IACzE,CAAC;IACD,IACE,CAAC,MAAM,KAAK,cAAc,IAAI,MAAM,KAAK,SAAS,CAAC;QACnD,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAC5D,CAAC;QACD,OAAO,gEAAgE,CAAC;IAC1E,CAAC;IACD,OAAO,yEAAyE,CAAC;AACnF,CAAC"}
|
|
1
|
+
{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../src/plugin.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AACvE,OAAO,oBAAoB,EAAE,EAAE,UAAU,IAAI,aAAa,EAAE,MAAM,mCAAmC,CAAC;AACtG,OAAO,gBAAgB,EAAE,EAAE,UAAU,IAAI,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAC9F,OAAO,qBAAqB,EAAE,EAAE,UAAU,IAAI,aAAa,EAAE,MAAM,oCAAoC,CAAC;AACxG,OAAO,gBAAgB,EAAE,EAAE,UAAU,IAAI,aAAa,EAAE,MAAM,+BAA+B,CAAC;AAC9F,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AAEvC,gDAAgD;AAChD,cAAc,YAAY,CAAC;AA0B3B;;GAEG;AACH,MAAM,CAAC,OAAO,UAAU,iBAAiB,CAAC,GAAsB;IAC9D,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,IAAI,OAAO,CAAC;IAErC,MAAM,yBAAyB,GAAG,GAA4B,EAAE;QAC9D,MAAM,YAAY,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC;QACtD,IAAI,CAAC,YAAY;YAAE,OAAO,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,YAAY,CAAC,YAAY,EAAE,MAAM,CAAC,CAAC;YAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAqF,CAAC;YACnH,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC;YAC9C,OAAO,OAAO,CAAC,sBAAsB,CAAC,EAAE,MAAM;mBACzC,OAAO,CAAC,UAAU,CAAC,EAAE,MAAM;mBAC3B,EAAE,CAAC;QACV,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC,CAAC;IAEF,mCAAmC;IACnC,MAAM,SAAS,GAAG,GAAsB,EAAE;QACxC,MAAM,OAAO,GAAG,GAAG,CAAC,MAAM,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE,CAAC;QACnD,MAAM,eAAe,GACnB,OAAO,CAAC,sBAAsB,CAAC,EAAE,MAAM;eACpC,OAAO,CAAC,UAAU,CAAC,EAAE,MAAM;eAC3B,EAAE,CAAC;QACR,MAAM,gBAAgB,GAAG,yBAAyB,EAAE,CAAC;QACrD,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,gBAAgB,CAAC;QAClG,MAAM,MAAM,GAAG,OAAO,YAAY,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;QACzF,MAAM,IAAI,GAAG,OAAO,YAAY,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,eAAe,CAAC;QACzF,MAAM,QAAQ,GAAG,OAAO,YAAY,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC;QAC5F,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,IAAI,OAAO,YAAY,CAAC,MAAM,KAAK,QAAQ;YAC3E,CAAC,CAAC,YAAY,CAAC,MAAqC;YACpD,CAAC,CAAC,EAAE,cAAc,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,CAAC;QACrF,OAAO;YACL,MAAM;YACN,IAAI,EAAE,IAAiC;YACvC,QAAQ,EAAE,QAAyC;YACnD,MAAM;SACP,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,mBAAmB,GAAG,GAAsB,EAAE;QAClD,MAAM,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,gBAAgB,CAAC,MAAM,CAAC,CAAC;QACzB,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;IAEF,iCAAiC;IACjC,GAAG,CAAC,YAAY,CAAC;QACf,IAAI,EAAE,cAAc;QACpB,WAAW,EACT,8KAA8K;QAChL,UAAU,EAAE;YACV,IAAI,EAAE,QAAQ;YACd,UAAU,EAAE;gBACV,MAAM,EAAE;oBACN,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,WAAW,CAAC;oBACpE,WAAW,EAAE,6BAA6B;iBAC3C;gBACD,QAAQ,EAAE;oBACR,IAAI,EAAE,QAAQ;oBACd,WAAW,EACT,6EAA6E;iBAChF;aACF;YACD,QAAQ,EAAE,CAAC,QAAQ,EAAE,UAAU,CAAC;SACjC;QACD,KAAK,CAAC,OAAO,CAAC,GAAW,EAAE,MAA+B;YACxD,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;gBACrC,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;gBAEvC,MAAM,MAAM,GAAG,CAAC,OAAO,MAAM,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAsB,CAAC;gBACtG,MAAM,QAAQ,GAAG,OAAO,MAAM,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;gBAE5E,MAAM,KAAK,GAAG,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;gBAC3C,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;gBAE9C,MAAM,MAAM,GAAG;oBACb,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,KAAK,EAAE,QAAQ,CAAC,KAAK;oBACrB,MAAM,EAAE,QAAQ,CAAC,MAAM;oBACvB,OAAO,EAAE,cAAc,CAAC,QAAQ,CAAC;oBACjC,UAAU,EAAE,QAAQ,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS;iBACrF,CAAC;gBAEF,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;yBACtC;qBACF;iBACF,CAAC;YACJ,CAAC;YAAC,OAAO,KAAK,EAAE,CAAC;gBACf,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;gBACvE,OAAO;oBACL,OAAO,EAAE;wBACP;4BACE,IAAI,EAAE,MAAM;4BACZ,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;gCACnB,MAAM,EAAE,MAAM;gCACd,KAAK,EAAE,eAAe;gCACtB,MAAM,EAAE,kBAAkB;gCAC1B,OAAO,EAAE,2CAA2C,OAAO,EAAE;gCAC7D,UAAU,EAAE,sCAAsC;6BACnD,EAAE,IAAI,EAAE,CAAC,CAAC;yBACZ;qBACF;iBACF,CAAC;YACJ,CAAC;QACH,CAAC;KACF,CAAC,CAAC;IAEH,wBAAwB;IACxB,GAAG,CAAC,WAAW,CACb,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE;QACd,MAAM,WAAW,GAAG,OAAO;aACxB,OAAO,CAAC,aAAa,CAAC;aACtB,WAAW,CAAC,iCAAiC,CAAC,CAAC;QAElD,WAAW;aACR,OAAO,CAAC,QAAQ,CAAC;aACjB,WAAW,CAAC,gCAAgC,CAAC;aAC7C,MAAM,CAAC,GAAG,EAAE;YACX,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;YACrC,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;YAC3C,OAAO,CAAC,GAAG,CAAC,SAAS,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;YACpC,OAAO,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,MAAM,IAAI,WAAW,EAAE,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,cAAc,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC7C,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;YACvB,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE;gBAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC;YAChE,CAAC,CAAC,CAAC;QACL,CAAC,CAAC,CAAC;QAEL,WAAW;aACR,OAAO,CAAC,2BAA2B,CAAC;aACpC,WAAW,CAAC,+BAA+B,CAAC;aAC5C,MAAM,CAAC,KAAK,EAAE,GAAG,IAAe,EAAE,EAAE;YACnC,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,MAAM,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC5D,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;YACrC,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;YACvC,MAAM,KAAK,GAAG,UAAU,CAAC,MAA2B,EAAE,QAAQ,CAAC,CAAC;YAChE,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;YAC9C,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC;YACtC,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAC/B,OAAO,CAAC,GAAG,CAAC,eAAe,aAAa,CAAC,MAAM,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC;gBAC9D,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACvB,CAAC;QACH,CAAC,CAAC,CAAC;IACP,CAAC,EACD,EAAE,QAAQ,EAAE,CAAC,aAAa,CAAC,EAAE,CAC9B,CAAC;IAEF,kEAAkE;IAClE,wEAAwE;IACxE,MAAM,MAAM,GAAG,mBAAmB,EAAE,CAAC;IACrC,aAAa,CAAC,MAAM,CAAC,CAAC;IACtB,aAAa,CAAC,MAAM,CAAC,CAAC;IACtB,aAAa,CAAC,MAAM,CAAC,CAAC;IACtB,aAAa,CAAC,MAAM,CAAC,CAAC;IAEtB,MAAM,eAAe,GAAG,CAAC,OAAoB,EAAe,EAAE;QAC5D,OAAO,KAAK,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;YAC1B,mBAAmB,EAAE,CAAC;YACtB,OAAO,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC7B,CAAC,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,uBAAuB,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;IAClE,MAAM,2BAA2B,GAAG,eAAe,CAAC,oBAAoB,CAAC,CAAC;IAC1E,MAAM,uBAAuB,GAAG,eAAe,CAAC,gBAAgB,CAAC,CAAC;IAClE,MAAM,4BAA4B,GAAG,eAAe,CAAC,qBAAqB,CAAC,CAAC;IAE5E,uEAAuE;IACvE,iEAAiE;IACjE,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,UAAU,EAAE,CAAC;QAC3C,MAAM,YAAY,GAAG,GAAG,CAAC,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAChD,MAAM,kBAAkB,GAAG,CAAC,KAAa,EAAE,IAAY,EAAE,OAAoB,EAAQ,EAAE;YACrF,MAAM,SAAS,GAAwB;gBACrC,IAAI;gBACJ,KAAK,EAAE;oBACL,IAAI,EAAE;wBACJ,IAAI;qBACL;iBACF;aACF,CAAC;YAEF,IAAI,CAAC;gBACH,YAAY,CAAC,KAAK,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;YAC1C,CAAC;YAAC,MAAM,CAAC;gBACP,IAAI,CAAC;oBACH,YAAY,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC;gBACzC,CAAC;gBAAC,MAAM,CAAC;oBACP,YAAY,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;gBAC/B,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,qEAAqE;QACrE,kBAAkB,CAAC,kBAAkB,EAAE,yCAAyC,EAAE,uBAAuB,CAAC,CAAC;QAC3G,kBAAkB,CAAC,kBAAkB,EAAE,6CAA6C,EAAE,2BAA2B,CAAC,CAAC;QACnH,kBAAkB,CAAC,WAAW,EAAE,kCAAkC,EAAE,uBAAuB,CAAC,CAAC;QAC7F,kBAAkB,CAAC,WAAW,EAAE,sCAAsC,EAAE,2BAA2B,CAAC,CAAC;QACrG,kBAAkB,CAAC,qBAAqB,EAAE,4CAA4C,EAAE,uBAAuB,CAAC,CAAC;QACjH,kBAAkB,CAAC,iBAAiB,EAAE,6BAA6B,EAAE,4BAA4B,CAAC,CAAC;IACrG,CAAC;SAAM,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;QACxC,MAAM,YAAY,GAAG,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACtC,YAAY,CAAC,kBAAkB,EAAE,uBAAuB,CAAC,CAAC;QAC1D,YAAY,CAAC,kBAAkB,EAAE,2BAA2B,CAAC,CAAC;QAC9D,YAAY,CAAC,WAAW,EAAE,uBAAuB,CAAC,CAAC;QACnD,YAAY,CAAC,WAAW,EAAE,2BAA2B,CAAC,CAAC;QACvD,YAAY,CAAC,qBAAqB,EAAE,uBAAuB,CAAC,CAAC;QAC7D,YAAY,CAAC,iBAAiB,EAAE,4BAA4B,CAAC,CAAC;IAChE,CAAC;IAED,MAAM,CAAC,IAAI,EAAE,CAAC,iCAAiC,CAAC,CAAC;AACnD,CAAC;AAoBD,SAAS,UAAU,CAAC,MAAyB,EAAE,QAAgB;IAC7D,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,OAAO,GAAG,gBAAgB,GAAG,CAAC,OAAO,EAAE,IAAI,MAAM,CAAC,UAAU,EAAE,EAAE,CAAC;IACvE,MAAM,SAAS,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IAEpC,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,WAAW;YACd,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,WAAW;gBACtB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE;aAC1D,CAAC;QACJ,KAAK,YAAY;YACf,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,YAAY;gBACvB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE;aAC3D,CAAC;QACJ,KAAK,SAAS,CAAC;QACf,KAAK,gBAAgB,CAAC,CAAC,CAAC;YACtB,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YACzD,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,gBAAgB;gBAC3B,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,IAAI,EAAE,GAAG,EAAE;aAC3C,CAAC;QACJ,CAAC;QACD,KAAK,SAAS,CAAC;QACf,KAAK,cAAc,CAAC,CAAC,CAAC;YACpB,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YAC3D,MAAM,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC,GAAG,KAAK,CAAC;YACjC,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,cAAc;gBACzB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,IAAI,EAAE,EAAE,IAAI,EAAE;aACxD,CAAC;QACJ,CAAC;QACD,KAAK,WAAW,CAAC;QACjB;YACE,OAAO;gBACL,OAAO;gBACP,SAAS,EAAE,WAAW;gBACtB,SAAS;gBACT,IAAI,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,UAAU,EAAE,EAAE,EAAE;aAC3D,CAAC;IACN,CAAC;AACH,CAAC;AAED,SAAS,kBAAkB,CAAC,MAAc;IACxC,MAAM,OAAO,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;IACtC,IAAI,CAAC,OAAO;QAAE,OAAO,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAE3C,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAC;QAChC,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI;YACtB,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;YAClC,CAAC,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO;gBAC3B,CAAC,CAAC,EAAE;gBACJ,CAAC,CAAC,GAAG,CAAC;QACV,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;IACvD,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,WAAW,OAAO,EAAE,CAAC,CAAC;YAC7C,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YAClE,OAAO,EAAE,IAAI,EAAE,MAAM,CAAC,QAAQ,EAAE,IAAI,EAAE,GAAG,EAAE,WAAW,OAAO,EAAE,EAAE,CAAC;QACpE,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,OAAO,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC;QAC/D,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,cAAc,CAAC,QAAwB;IAC9C,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,OAAO,QAAQ,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5D,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC7D,OAAO,SAAS,KAAK,GAAG,MAAM,EAAE,CAAC;IACnC,CAAC;IACD,IAAI,QAAQ,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;QAC/B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,MAAM,IAAI,gBAAgB,CAAC;QACpE,OAAO,YAAY,GAAG,EAAE,CAAC;IAC3B,CAAC;IACD,OAAO,gBAAgB,CAAC;AAC1B,CAAC;AAED,SAAS,aAAa,CAAC,MAAc,EAAE,QAAgB;IACrD,IAAI,CAAC,MAAM,KAAK,YAAY,IAAI,MAAM,KAAK,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,OAAO,+EAA+E,CAAC;IACzF,CAAC;IACD,IAAI,CAAC,MAAM,KAAK,YAAY,IAAI,MAAM,KAAK,WAAW,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,OAAO,gFAAgF,CAAC;IAC1F,CAAC;IACD,IAAI,MAAM,KAAK,gBAAgB,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACxD,OAAO,8DAA8D,CAAC;IACxE,CAAC;IACD,IACE,CAAC,MAAM,KAAK,cAAc,IAAI,MAAM,KAAK,SAAS,CAAC;QACnD,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EACzB,CAAC;QACD,OAAO,+DAA+D,CAAC;IACzE,CAAC;IACD,IACE,CAAC,MAAM,KAAK,cAAc,IAAI,MAAM,KAAK,SAAS,CAAC;QACnD,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,EAC5D,CAAC;QACD,OAAO,gEAAgE,CAAC;IAC1E,CAAC;IACD,OAAO,yEAAyE,CAAC;AACnF,CAAC"}
|
package/dist/policy/engine.d.ts
CHANGED
|
@@ -19,7 +19,12 @@ export declare class PolicyEngine {
|
|
|
19
19
|
sanitizeOutput(content: string): string;
|
|
20
20
|
evaluate(event: PolicyEvent): Promise<Decision>;
|
|
21
21
|
private applyMode;
|
|
22
|
+
private getExpectedDataType;
|
|
22
23
|
private evaluateDeterministic;
|
|
24
|
+
private checkCua;
|
|
25
|
+
private checkCuaConnectEgress;
|
|
26
|
+
private checkRemoteDesktopSideChannel;
|
|
27
|
+
private checkInputInjectionCapability;
|
|
23
28
|
private checkFilesystem;
|
|
24
29
|
private checkEgress;
|
|
25
30
|
private checkExecution;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/policy/engine.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"engine.d.ts","sourceRoot":"","sources":["../../src/policy/engine.ts"],"names":[],"mappings":"AASA,OAAO,KAAK,EAAgB,QAAQ,EAAkB,iBAAiB,EAAE,MAAM,EAAE,WAAW,EAAY,MAAM,aAAa,CAAC;AA0L5H,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAA8B;IACrD,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAS;IAChC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAqB;IACxD,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAc;IAC1C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAkB;IAClD,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAsB;IAC1D,OAAO,CAAC,QAAQ,CAAC,iBAAiB,CAAmC;gBAEzD,MAAM,GAAE,iBAAsB;IAU1C,aAAa,IAAI,MAAM,EAAE;IAWzB,SAAS,IAAI,MAAM;IAIb,UAAU,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC;QAAE,KAAK,EAAE,OAAO,CAAC;QAAC,MAAM,EAAE,MAAM,EAAE,CAAC;QAAC,QAAQ,EAAE,MAAM,EAAE,CAAA;KAAE,CAAC;IAStG,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAItC,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM;IAOjC,QAAQ,CAAC,KAAK,EAAE,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC;IAkBrD,OAAO,CAAC,SAAS;IA0BjB,OAAO,CAAC,mBAAmB;IA0B3B,OAAO,CAAC,qBAAqB;IA2C7B,OAAO,CAAC,QAAQ;IAyFhB,OAAO,CAAC,qBAAqB;IA0C7B,OAAO,CAAC,6BAA6B;IAkFrC,OAAO,CAAC,6BAA6B;IAuErC,OAAO,CAAC,eAAe;IAqCvB,OAAO,CAAC,WAAW;IAUnB,OAAO,CAAC,cAAc;IAiDtB,OAAO,CAAC,aAAa;IA6DrB,OAAO,CAAC,UAAU;IAkBlB,OAAO,CAAC,gBAAgB;IAoBxB,OAAO,CAAC,qBAAqB;CAiB9B"}
|