@fourteensystems/prodcheck 0.3.0

package/dist/rules/input-validation-missing.js

@@ -0,0 +1,272 @@
+import { readFileSync } from "node:fs";
+import path from "node:path";
+import { detectOutboundFetcher } from "../util/outbound-fetch.js";
+export const RULE_ID = "INPUT-VALIDATION-MISSING";
+const SEVERITY_RANK = { critical: 4, high: 3, med: 2, low: 1 };
+const SEVERITY_UP = { low: "med", med: "high", high: "high", critical: "critical" };
+function bumpSeverityIfPublicIntent(severity, isPublicIntent) {
+    if (!isPublicIntent)
+        return severity;
+    return SEVERITY_UP[severity] ?? severity;
+}
+function severityFromConfidence(confidence, maxSeverity) {
+    const max = maxSeverity;
+    const maxRank = SEVERITY_RANK[max] ?? 3;
+    // high confidence → use max severity (typically high)
+    // med confidence → cap at med
+    const computed = confidence === "high" ? max : "med";
+    const computedRank = SEVERITY_RANK[computed] ?? 2;
+    return computedRank > maxRank ? max : computed;
+}
+export function run(index, config) {
+    const findings = [];
+    const maxSeverity = config.rules[RULE_ID]?.severity ?? "high";
+    // Check mutation route handlers
+    for (const route of index.routes.mutationRoutes) {
+        const result = checkEndpoint(route, index);
+        if (result) {
+            let { confidence, confidenceRationale: rationale, evidence } = result;
+            let tags = ["input-validation", "data-integrity"];
+            // public-intent endpoints: bump severity (public + unvalidated = worse)
+            if (route.publicIntent) {
+                if (confidence === "med")
+                    confidence = "high";
+                rationale += " — endpoint declared intentionally public (higher exposure)";
+                evidence.push(`public-intent: "${route.publicIntent.reason}"`);
+                tags = ["input-validation", "data-integrity", "public-intent"];
+                // Combined SSRF note when outbound fetch detected
+                let src;
+                try {
+                    src = readFileSync(path.resolve(index.rootDir, route.file), "utf-8");
+                }
+                catch { }
+                if (src) {
+                    const fetcher = detectOutboundFetcher(src);
+                    if (fetcher.isRisky) {
+                        evidence.push("Public endpoint performs outbound fetch; missing validation increases SSRF risk");
+                        tags.push("ssrf-surface");
+                    }
+                }
+            }
+            findings.push({
+                ruleId: RULE_ID,
+                severity: bumpSeverityIfPublicIntent(severityFromConfidence(confidence, maxSeverity), !!route.publicIntent),
+                confidence,
+                message: "Endpoint reads user input and performs writes without schema validation",
+                file: route.file,
+                line: result.line,
+                snippet: result.snippet,
+                evidence,
+                confidenceRationale: rationale,
+                remediation: [
+                    "Validate request body with a schema library before passing to DB/API calls",
+                    "Example: `const data = schema.parse(await request.json())`",
+                    "Recommended: zod, valibot, yup, or joi",
+                ],
+                tags,
+            });
+        }
+    }
+    // Check mutation server actions
+    for (const action of index.serverActions.mutationActions) {
+        const result = checkEndpoint(action, index);
+        if (result) {
+            findings.push({
+                ruleId: RULE_ID,
+                severity: severityFromConfidence(result.confidence, maxSeverity),
+                confidence: result.confidence,
+                message: "Server action performs writes without schema validation on input",
+                file: action.file,
+                line: result.line,
+                snippet: result.snippet,
+                evidence: result.evidence,
+                confidenceRationale: result.confidenceRationale,
+                remediation: [
+                    "Validate action input with a schema library before passing to DB/API calls",
+                    "Example: `const data = schema.parse(formData)`",
+                    "Recommended: zod, valibot, yup, or joi",
+                ],
+                tags: ["input-validation", "data-integrity"],
+            });
+        }
+    }
+    return findings;
+}
+function checkEndpoint(endpoint, index) {
+    let src;
+    try {
+        src = readFileSync(path.resolve(index.rootDir, endpoint.file), "utf-8");
+    }
+    catch {
+        return null;
+    }
+    // Must read user input
+    if (!readsUserInput(src))
+        return null;
+    // Must have a write (DB or Stripe)
+    if (!endpoint.signals.hasDbWriteEvidence && !endpoint.signals.hasStripeWriteEvidence)
+        return null;
+    // Check for validation patterns — if present, no finding
+    // Strip comment lines to avoid false negatives from commented-out validation
+    if (hasSchemaValidation(stripCommentLines(src)))
+        return null;
+    // Build evidence
+    const evidence = [];
+    if (readsJson(src))
+        evidence.push("Reads request.json() / req.json()");
+    if (readsFormData(src))
+        evidence.push("Reads request.formData()");
+    if (/req\.body/.test(src))
+        evidence.push("Reads req.body");
+    for (const detail of endpoint.signals.mutationDetails) {
+        if (detail !== "reads request body") {
+            evidence.push(detail);
+        }
+    }
+    evidence.push("No schema validation detected (z.parse, safeParse, validate, etc.)");
+    // Confidence: high if clear DB write + body read + no validation
+    // med if only general mutation evidence
+    let confidence = endpoint.signals.hasDbWriteEvidence ? "high" : "med";
+    let rationale = confidence === "high"
+        ? "Direct DB write with unvalidated user input — no schema parsing detected"
+        : "Mutation endpoint with unvalidated input — no schema parsing detected";
+    // Webhook-verified routes: signature verification provides some payload integrity
+    // Downgrade — still flag because signatures don't validate schema structure
+    if (hasWebhookSignature(src)) {
+        confidence = "med";
+        rationale = "Webhook signature verified but no schema validation — payload structure not enforced";
+        evidence.push("webhook signature verification present (provides integrity, not schema validation)");
+    }
+    // Find the line of the first body read
+    const line = findInputReadLine(src);
+    return { confidence, line, evidence, confidenceRationale: rationale };
+}
+// --- Detection patterns ---
+function readsUserInput(src) {
+    return readsJson(src) || readsFormData(src) || /req\.body\b/.test(src);
+}
+function readsJson(src) {
+    return /(?:request|req)\.json\s*\(/.test(src);
+}
+function readsFormData(src) {
+    return /(?:request|req)\.formData\s*\(/.test(src);
+}
+/**
+ * Detect schema validation patterns.
+ * Starts with Zod (.parse, .safeParse, z.object) and expands to common libs.
+ */
+function hasSchemaValidation(src) {
+    // Zod: z.object(), schema.parse(), schema.safeParse()
+    if (/\bz\.\s*(?:object|string|number|array|enum|union|tuple|record|literal|nativeEnum|coerce)\s*\(/.test(src))
+        return true;
+    // .parse() but NOT JSON.parse, URL.parse, path.parse, Date.parse, parseInt
+    if (/\.parse\s*\(/.test(src) && !isOnlyBuiltinParse(src))
+        return true;
+    if (/\.safeParse\s*\(/.test(src))
+        return true;
+    // Valibot: v.parse(), v.safeParse(), parse(schema, ...)
+    if (/\bv\.\s*(?:parse|safeParse)\s*\(/.test(src))
+        return true;
+    // Yup: schema.validate(), schema.validateSync()
+    if (/\.validate\s*\(/.test(src) && !isOnlyBuiltinValidate(src))
+        return true;
+    if (/\.validateSync\s*\(/.test(src))
+        return true;
+    // Joi: schema.validate()
+    // (already covered by .validate above)
+    // ArkType: type(...), already uses .parse
+    // (covered by .parse above)
+    // TypeBox + Ajv: Value.Check, ajv.validate — both use .validate
+    // (covered above)
+    // Next.js server action pattern: zod + useFormState
+    // createSafeActionClient (next-safe-action)
+    if (/createSafeActionClient|actionClient/.test(src))
+        return true;
+    // tRPC input validation (z.object in .input())
+    if (/\.input\s*\(\s*z\./.test(src))
+        return true;
+    return false;
+}
+/**
+ * Returns true if ALL .parse() calls in the source are from built-in objects
+ * (JSON.parse, URL.parse, path.parse, Date.parse, etc.) — not schema validation.
+ */
+function isOnlyBuiltinParse(src) {
+    const allParseMatches = [...src.matchAll(/(\w+)\.parse\s*\(/g)];
+    // No named callers found but .parse() exists → likely chained (e.g. getSchema().parse())
+    // Treat as schema validation (safe default)
+    if (allParseMatches.length === 0)
+        return false;
+    return allParseMatches.every((m) => BUILTIN_PARSE_CALLERS.has(m[1]));
+}
+const BUILTIN_PARSE_CALLERS = new Set([
+    "JSON", "URL", "path", "Date", "Number", "BigInt",
+    "Buffer", "querystring", "qs", "cookie", "cookieStore",
+]);
+/**
+ * Returns true if ALL .validate() calls are from built-in/non-schema objects.
+ */
+function isOnlyBuiltinValidate(src) {
+    const allMatches = [...src.matchAll(/(\w+)\.validate\s*\(/g)];
+    if (allMatches.length === 0)
+        return true;
+    return allMatches.every((m) => BUILTIN_VALIDATE_CALLERS.has(m[1]));
+}
+const BUILTIN_VALIDATE_CALLERS = new Set([
+    "document", "form", "email", "url",
+]);
+/**
+ * Remove full-line comments to avoid false negatives.
+ * Only strips lines where first non-whitespace is // or lines inside block comments.
+ * Deliberately simple — doesn't handle inline comments to avoid breaking strings.
+ */
+function stripCommentLines(src) {
+    let inBlock = false;
+    return src.split("\n").filter((line) => {
+        const trimmed = line.trimStart();
+        if (inBlock) {
+            if (trimmed.includes("*/"))
+                inBlock = false;
+            return false;
+        }
+        if (trimmed.startsWith("/*")) {
+            if (!trimmed.includes("*/"))
+                inBlock = true;
+            return false;
+        }
+        if (trimmed.startsWith("//"))
+            return false;
+        return true;
+    }).join("\n");
+}
+/**
+ * Detect webhook signature verification patterns.
+ * Presence indicates payload integrity is verified (but not schema structure).
+ */
+function hasWebhookSignature(src) {
+    if (/constructEvent\s*\(/.test(src))
+        return true;
+    if (/createHmac\s*\(/.test(src) && /signature/i.test(src))
+        return true;
+    if (/timingSafeEqual\s*\(/.test(src))
+        return true;
+    if (/verifySignature\s*\(/.test(src))
+        return true;
+    if (/verifyWebhook\s*\(/i.test(src))
+        return true;
+    if (/\.verify\s*\(/.test(src) && /webhook/i.test(src))
+        return true;
+    return false;
+}
+function findInputReadLine(src) {
+    const lines = src.split("\n");
+    for (let i = 0; i < lines.length; i++) {
+        if (/(?:request|req)\.json\s*\(/.test(lines[i]) ||
+            /(?:request|req)\.formData\s*\(/.test(lines[i]) ||
+            /req\.body\b/.test(lines[i])) {
+            return i + 1;
+        }
+    }
+    return undefined;
+}
+//# sourceMappingURL=input-validation-missing.js.map

package/dist/rules/input-validation-missing.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-validation-missing.js","sourceRoot":"","sources":["../../src/rules/input-validation-missing.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACvC,OAAO,IAAI,MAAM,WAAW,CAAC;AAI7B,OAAO,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAElE,MAAM,CAAC,MAAM,OAAO,GAAG,0BAA0B,CAAC;AAElD,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AAEvF,MAAM,WAAW,GAA6B,EAAE,GAAG,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;AAE9G,SAAS,0BAA0B,CAAC,QAAkB,EAAE,cAAuB;IAC7E,IAAI,CAAC,cAAc;QAAE,OAAO,QAAQ,CAAC;IACrC,OAAO,WAAW,CAAC,QAAQ,CAAC,IAAI,QAAQ,CAAC;AAC3C,CAAC;AAED,SAAS,sBAAsB,CAAC,UAAsB,EAAE,WAAmB;IACzE,MAAM,GAAG,GAAG,WAAuB,CAAC;IACpC,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;IACxC,sDAAsD;IACtD,8BAA8B;IAC9B,MAAM,QAAQ,GAAa,UAAU,KAAK,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC;IAC/D,MAAM,YAAY,GAAG,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAClD,OAAO,YAAY,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC;AACjD,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,KAAgB,EAAE,MAAuB;IAC3D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,QAAQ,IAAI,MAAM,CAAC;IAE9D,gCAAgC;IAChC,KAAK,MAAM,KAAK,IAAI,KAAK,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;QAChD,MAAM,MAAM,GAAG,aAAa,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAC3C,IAAI,MAAM,EAAE,CAAC;YACX,IAAI,EAAE,UAAU,EAAE,mBAAmB,EAAE,SAAS,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;YACtE,IAAI,IAAI,GAAG,CAAC,kBAAkB,EAAE,gBAAgB,CAAC,CAAC;YAElD,wEAAwE;YACxE,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;gBACvB,IAAI,UAAU,KAAK,KAAK;oBAAE,UAAU,GAAG,MAAM,CAAC;gBAC9C,SAAS,IAAI,6DAA6D,CAAC;gBAC3E,QAAQ,CAAC,IAAI,CAAC,mBAAmB,KAAK,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC;gBAC/D,IAAI,GAAG,CAAC,kBAAkB,EAAE,gBAAgB,EAAE,eAAe,CAAC,CAAC;gBAE/D,kDAAkD;gBAClD,IAAI,GAAuB,CAAC;gBAC5B,IAAI,CAAC;oBAAC,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC;gBAAC,CAAC;gBAAC,MAAM,CAAC,CAAA,CAAC;gBACtF,IAAI,GAAG,EAAE,CAAC;oBACR,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,CAAC,CAAC;oBAC3C,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;wBACpB,QAAQ,CAAC,IAAI,CAAC,iFAAiF,CAAC,CAAC;wBACjG,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;oBAC5B,CAAC;gBACH,CAAC;YACH,CAAC;YAED,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,0BAA0B,CAClC,sBAAsB,CAAC,UAAU,EAAE,WAAW,CAAC,EAC/C,CAAC,CAAC,KAAK,CAAC,YAAY,CACrB;gBACD,UAAU;gBACV,OAAO,EAAE,yEAAyE;gBAClF,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ;gBACR,mBAAmB,EAAE,SAAS;gBAC9B,WAAW,EAAE;oBACX,4EAA4E;oBAC5E,4DAA4D;oBAC5D,wCAAwC;iBACzC;gBACD,IAAI;aACL,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,aAAa,CAAC,eAAe,EAAE,CAAC;QACzD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QAC5C,IAAI,MAAM,EAAE,CAAC;YACX,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,sBAAsB,CAAC,MAAM,CAAC,UAAU,EAAE,WAAW,CAAC;gBAChE,UAAU,EAAE,MAAM,CAAC,UAAU;gBAC7B,OAAO,EAAE,kEAAkE;gBAC3E,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,OAAO,EAAE,MAAM,CAAC,OAAO;gBACvB,QAAQ,EAAE,MAAM,CAAC,QAAQ;gBACzB,mBAAmB,EAAE,MAAM,CAAC,mBAAmB;gBAC/C,WAAW,EAAE;oBACX,4EAA4E;oBAC5E,gDAAgD;oBAChD,wCAAwC;iBACzC;gBACD,IAAI,EAAE,CAAC,kBAAkB,EAAE,gBAAgB,CAAC;aAC7C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAUD,SAAS,aAAa,CACpB,QAAsC,EACtC,KAAgB;IAEhB,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,QAAQ,CAAC,IAAI,CAAC,EAAE,OAAO,CAAC,CAAC;IAC1E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,uBAAuB;IACvB,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEtC,mCAAmC;IACnC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,kBAAkB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,sBAAsB;QAAE,OAAO,IAAI,CAAC;IAElG,yDAAyD;IACzD,6EAA6E;IAC7E,IAAI,mBAAmB,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE7D,iBAAiB;IACjB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,IAAI,SAAS,CAAC,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,mCAAmC,CAAC,CAAC;IACvE,IAAI,aAAa,CAAC,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IAClE,IAAI,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAE3D,KAAK,MAAM,MAAM,IAAI,QAAQ,CAAC,OAAO,CAAC,eAAe,EAAE,CAAC;QACtD,IAAI,MAAM,KAAK,oBAAoB,EAAE,CAAC;YACpC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;IAED,QAAQ,CAAC,IAAI,CAAC,oEAAoE,CAAC,CAAC;IAEpF,iEAAiE;IACjE,wCAAwC;IACxC,IAAI,UAAU,GAAe,QAAQ,CAAC,OAAO,CAAC,kBAAkB,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IAElF,IAAI,SAAS,GAAG,UAAU,KAAK,MAAM;QACnC,CAAC,CAAC,0EAA0E;QAC5E,CAAC,CAAC,uEAAuE,CAAC;IAE5E,kFAAkF;IAClF,4EAA4E;IAC5E,IAAI,mBAAmB,CAAC,GAAG,CAAC,EAAE,CAAC;QAC7B,UAAU,GAAG,KAAK,CAAC;QACnB,SAAS,GAAG,sFAAsF,CAAC;QACnG,QAAQ,CAAC,IAAI,CAAC,oFAAoF,CAAC,CAAC;IACtG,CAAC;IAED,uCAAuC;IACvC,MAAM,IAAI,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAEpC,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAC;AACxE,CAAC;AAED,6BAA6B;AAE7B,SAAS,cAAc,CAAC,GAAW;IACjC,OAAO,SAAS,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,SAAS,CAAC,GAAW;IAC5B,OAAO,4BAA4B,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChD,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,OAAO,gCAAgC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AACpD,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,sDAAsD;IACtD,IAAI,+FAA+F,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC3H,2EAA2E;IAC3E,IAAI,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACtE,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9C,wDAAwD;IACxD,IAAI,kCAAkC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9D,gDAAgD;IAChD,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAC5E,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjD,yBAAyB;IACzB,uCAAuC;IAEvC,0CAA0C;IAC1C,4BAA4B;IAE5B,gEAAgE;IAChE,kBAAkB;IAElB,oDAAoD;IACpD,4CAA4C;IAC5C,IAAI,qCAAqC,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEjE,+CAA+C;IAC/C,IAAI,oBAAoB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAEhD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;GAGG;AACH,SAAS,kBAAkB,CAAC,GAAW;IACrC,MAAM,eAAe,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC,CAAC;IAChE,yFAAyF;IACzF,4CAA4C;IAC5C,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAC/C,OAAO,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACvE,CAAC;AAED,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ;IACjD,QAAQ,EAAE,aAAa,EAAE,IAAI,EAAE,QAAQ,EAAE,aAAa;CACvD,CAAC,CAAC;AAEH;;GAEG;AACH,SAAS,qBAAqB,CAAC,GAAW;IACxC,MAAM,UAAU,GAAG,CAAC,GAAG,GAAG,CAAC,QAAQ,CAAC,uBAAuB,CAAC,CAAC,CAAC;IAC9D,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IACzC,OAAO,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,wBAAwB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,MAAM,wBAAwB,GAAG,IAAI,GAAG,CAAC;IACvC,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK;CACnC,CAAC,CAAC;AAEH;;;;GAIG;AACH,SAAS,iBAAiB,CAAC,GAAW;IACpC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QACrC,MAAM,OAAO,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QACjC,IAAI,OAAO,EAAE,CAAC;YACZ,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAAE,OAAO,GAAG,KAAK,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7B,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBAAE,OAAO,GAAG,IAAI,CAAC;YAC5C,OAAO,KAAK,CAAC;QACf,CAAC;QACD,IAAI,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAC;QAC3C,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,SAAS,mBAAmB,CAAC,GAAW;IACtC,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACjD,IAAI,iBAAiB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACvE,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IAClD,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACjD,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC;QAAE,OAAO,IAAI,CAAC;IACnE,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC3C,gCAAgC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC/C,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC;IACH,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/rules/input-validation-missing.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=input-validation-missing.test.d.ts.map

package/dist/rules/input-validation-missing.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"input-validation-missing.test.d.ts","sourceRoot":"","sources":["../../src/rules/input-validation-missing.test.ts"],"names":[],"mappings":""}