@hookwarden/engine 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build.d.ts","sourceRoot":"","sources":["../../src/model/build.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"build.d.ts","sourceRoot":"","sources":["../../src/model/build.ts"],"names":[],"mappings":"AAcA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAOjD,OAAO,KAAK,EAGV,UAAU,EACV,YAAY,EACb,MAAM,2BAA2B,CAAC;AACnC,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AACpD,OAAO,EAAE,KAAK,gBAAgB,EAAyB,MAAM,cAAc,CAAC;AAK5E,MAAM,WAAW,sBAAsB;IACrC,QAAQ,CAAC,WAAW,EAAE,aAAa,CAAC,UAAU,CAAC,CAAC;IAChD,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC;IAC1B,QAAQ,CAAC,MAAM,EAAE,MAAM,CAAC;IAExB,QAAQ,CAAC,eAAe,CAAC,EAAE,aAAa,CACtC,CAAC,IAAI,EAAE,UAAU,EAAE,QAAQ,EAAE,aAAa,CAAC,UAAU,CAAC,KAAK,aAAa,CAAC,gBAAgB,CAAC,CAC3F,CAAC;CACH;AAED,wBAAsB,iBAAiB,CAAC,KAAK,EAAE,sBAAsB,GAAG,OAAO,CAAC,YAAY,CAAC,CAmC5F"}
|
package/dist/model/build.js
CHANGED
|
@@ -6,6 +6,7 @@
|
|
|
6
6
|
// - Plan 07's bespoke adapters (Next.js / Django / FastAPI) via the bespokeAdapters hook
|
|
7
7
|
// - This plan's computeReachableSymbols (D-34 cross-file traversal) + extractMiddlewareChain (D-36)
|
|
8
8
|
// - The sdk_verify_call evidence overlay — completes D-32's 7th signal.
|
|
9
|
+
// - The raw-body middleware evidence overlay — prevents FP on express.raw / bodyParser.raw chains.
|
|
9
10
|
import { computeHandlerId } from "../findings/fingerprint.js";
|
|
10
11
|
import { extractBabelLiterals } from "../parsers/literals.js";
|
|
11
12
|
import { extractPythonLiterals } from "../parsers/python-literals.js";
|
|
@@ -77,7 +78,15 @@ async function assembleHandler(cand, file, input) {
|
|
|
77
78
|
});
|
|
78
79
|
// sdk_verify_call evidence overlay (issue #7 fix) — completes D-32's 7th signal.
|
|
79
80
|
const sdkVerifyEvidence = collectSdkVerifyCallEvidence(cand, reachableSymbols, input.ruleSet);
|
|
80
|
-
|
|
81
|
+
// raw-body middleware evidence overlay — prevents stripe/raw-body-misuse FP when express.raw
|
|
82
|
+
// (or bodyParser.raw) is registered as an inline route middleware argument. The handler text
|
|
83
|
+
// search in evidence.ts only sees the arrow function body, not outer route arguments.
|
|
84
|
+
const rawBodyMwEvidence = collectRawBodyMiddlewareEvidence(cand, middlewareChain);
|
|
85
|
+
const evidence = [
|
|
86
|
+
...baseEvidence.evidence,
|
|
87
|
+
...sdkVerifyEvidence,
|
|
88
|
+
...rawBodyMwEvidence,
|
|
89
|
+
];
|
|
81
90
|
// Recompute provider attribution since sdk_verify_call evidence may shift the count.
|
|
82
91
|
const provider = recomputeProvider(evidence, baseEvidence.provider);
|
|
83
92
|
const redactedSnippet = renderHandlerSnippet(file, cand);
|
|
@@ -116,6 +125,29 @@ function collectSdkVerifyCallEvidence(cand, reachableSymbols, ruleSet) {
|
|
|
116
125
|
}
|
|
117
126
|
return out;
|
|
118
127
|
}
|
|
128
|
+
// Raw-body middleware names that guarantee the body arrives as a Buffer/bytes to the handler.
|
|
129
|
+
// Covers both `express.raw(...)` (qualified member call) and `raw(...)` (named import from express
|
|
130
|
+
// or body-parser). import_source guard prevents false-negatives from unrelated `raw` middleware.
|
|
131
|
+
const RAW_BODY_MIDDLEWARE_NAMES = new Set([
|
|
132
|
+
"express.raw",
|
|
133
|
+
"raw", // named import: import { raw } from 'express' or import { raw } from 'body-parser'
|
|
134
|
+
]);
|
|
135
|
+
const RAW_BODY_IMPORT_SOURCES = new Set(["express", "body-parser"]);
|
|
136
|
+
function collectRawBodyMiddlewareEvidence(cand, middlewareChain) {
|
|
137
|
+
const hasRawMiddleware = middlewareChain.some((m) => RAW_BODY_MIDDLEWARE_NAMES.has(m.name) &&
|
|
138
|
+
m.import_source !== null &&
|
|
139
|
+
RAW_BODY_IMPORT_SOURCES.has(m.import_source));
|
|
140
|
+
if (!hasRawMiddleware)
|
|
141
|
+
return [];
|
|
142
|
+
return [
|
|
143
|
+
{
|
|
144
|
+
kind: "body_as_bytes_or_buffer",
|
|
145
|
+
provider: "unknown",
|
|
146
|
+
location: cand.location,
|
|
147
|
+
detail: "raw-body middleware in chain",
|
|
148
|
+
},
|
|
149
|
+
];
|
|
150
|
+
}
|
|
119
151
|
function recomputeProvider(evidence, fallback) {
|
|
120
152
|
const counts = new Map();
|
|
121
153
|
for (const e of evidence) {
|
package/dist/model/build.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build.js","sourceRoot":"","sources":["../../src/model/build.ts"],"names":[],"mappings":"AAAA,mGAAmG;AACnG,uFAAuF;AACvF,EAAE;AACF,kBAAkB;AAClB,+EAA+E;AAC/E,2FAA2F;AAC3F,sGAAsG;AACtG,0EAA0E;
|
|
1
|
+
{"version":3,"file":"build.js","sourceRoot":"","sources":["../../src/model/build.ts"],"names":[],"mappings":"AAAA,mGAAmG;AACnG,uFAAuF;AACvF,EAAE;AACF,kBAAkB;AAClB,+EAA+E;AAC/E,2FAA2F;AAC3F,sGAAsG;AACtG,0EAA0E;AAC1E,qGAAqG;AAErG,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,EAAE,oBAAoB,EAAE,MAAM,wBAAwB,CAAC;AAC9D,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AACtE,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAe3D,OAAO,EAAyB,qBAAqB,EAAE,MAAM,cAAc,CAAC;AAC5E,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,uBAAuB,EAAE,MAAM,mBAAmB,CAAC;AAY5D,MAAM,CAAC,KAAK,UAAU,iBAAiB,CAAC,KAA6B;IACnE,uFAAuF;IACvF,MAAM,WAAW,GAAiB,EAAE,CAAC;IACrC,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;QACrC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,OAAO;YAAE,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1D,CAAC;IAED,4FAA4F;IAC5F,MAAM,UAAU,GAA0E,EAAE,CAAC;IAC7F,MAAM,QAAQ,GAAG,KAAK,CAAC,eAAe,IAAI,EAAE,CAAC;IAC7C,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;QACrC,IAAI,IAAI,CAAC,WAAW,KAAK,IAAI;YAAE,SAAS;QACxC,KAAK,MAAM,IAAI,IAAI,qBAAqB,CAAC,IAAI,CAAC;YAAE,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QAChF,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,WAAW,CAAC;gBAAE,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACvF,CAAC;IACH,CAAC;IAED,+FAA+F;IAC/F,0CAA0C;IAC1C,MAAM,QAAQ,GAAqB,EAAE,CAAC;IACtC,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,UAAU,EAAE,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC,MAAM,eAAe,CAAC,IAAI,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC,CAAC;IAC1D,CAAC;IAED,8FAA8F;IAC9F,8EAA8E;IAC9E,MAAM,uBAAuB,GAA0C,EAAE,CAAC;IAE1E,OAAO;QACL,YAAY,EAAE,KAAK,CAAC,WAAW;QAC/B,QAAQ;QACR,wBAAwB,EAAE,uBAAuB;QACjD,YAAY,EAAE,WAAW;KAC1B,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,eAAe,CAC5B,IAAsB,EACtB,IAAgB,EAChB,KAA6B;IAE7B,MAAM,EAAE,GAAG,MAAM,gBAAgB,CAAC;QAChC,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,qBAAqB,EAAE,IAAI,CAAC,qBAAqB;KAClD,CAAC,CAAC;IACH,MAAM,YAAY,GAAG,eAAe,CAAC;QACnC,OAAO,EAAE,IAAI;QACb,UAAU,EAAE,IAAI;QAChB,eAAe,EAAE,KAAK,CAAC,OAAO,CAAC,SAAS;QACxC,OAAO,EAAE,IAAI,CAAC,OAAO;KACtB,CAAC,CAAC;IACH,MAAM,gBAAgB,GAAG,uBAAuB,CAAC;QAC/C,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;QACzC,YAAY,EAAE,IAAI;QAClB,SAAS,EAAE,KAAK,CAAC,WAAW;QAC5B,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,QAAQ,EAAE,KAAK,CAAC,MAAM,CAAC,sBAAsB;KAC9C,CAAC,CAAC;IACH,MAAM,eAAe,GAAsC,sBAAsB,CAAC;QAChF,OAAO,EAAE,IAAI;QACb,UAAU,EAAE,IAAI;QAChB,OAAO,EAAE,IAAI,CAAC,OAAO;KACtB,CAAC,CAAC;IACH,iFAAiF;IACjF,MAAM,iBAAiB,GAAG,4BAA4B,CAAC,IAAI,EAAE,gBAAgB,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAC9F,6FAA6F;IAC7F,6FAA6F;IAC7F,sFAAsF;IACtF,MAAM,iBAAiB,GAAG,gCAAgC,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAClF,MAAM,QAAQ,GAAmC;QAC/C,GAAG,YAAY,CAAC,QAAQ;QACxB,GAAG,iBAAiB;QACpB,GAAG,iBAAiB;KACrB,CAAC;IACF,qFAAqF;IACrF,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,EAAE,YAAY,CAAC,QAAQ,CAAC,CAAC;IACpE,MAAM,eAAe,GAAG,oBAAoB,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;IACzD,OAAO;QACL,EAAE;QACF,SAAS,EAAE,IAAI,CAAC,SAAsB;QACtC,iBAAiB,EAAE,IAAI,CAAC,iBAAiB;QACzC,aAAa,EAAE,IAAI,CAAC,aAAa;QACjC,YAAY,EAAE,IAAI,CAAC,YAAY;QAC/B,SAAS,EAAE,IAAI,CAAC,SAAS;QACzB,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,qBAAqB,EAAE,IAAI,CAAC,qBAAqB;QACjD,QAAQ;QACR,kBAAkB,EAAE,eAAe,EAAE,kDAAkD;QACvF,QAAQ;QACR,gBAAgB,EAAE,eAAe;QACjC,iBAAiB,EAAE,gBAAgB;QACnC,YAAY,EAAE,EAAE,EAAE,sCAAsC;QACxD,gBAAgB,EAAE,eAAe;KAClC,CAAC;AACJ,CAAC;AAED,SAAS,4BAA4B,CACnC,IAAsB,EACtB,gBAGE,EACF,OAAgB;IAEhB,MAAM,GAAG,GAAsB,EAAE,CAAC;IAClC,KAAK,MAAM,CAAC,YAAY,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE,CAAC;QACtE,KAAK,MAAM,UAAU,IAAI,KAAK,CAAC,gBAAgB,EAAE,CAAC;YAChD,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,cAAc,KAAK,UAAU,IAAI,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,IAAI,UAAU,EAAE,CAAC,CACtF,CAAC;YACF,IAAI,OAAO,EAAE,CAAC;gBACZ,GAAG,CAAC,IAAI,CAAC;oBACP,IAAI,EAAE,iBAAiB;oBACvB,QAAQ,EAAE,YAAY;oBACtB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,MAAM,EAAE,UAAU;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,8FAA8F;AAC9F,mGAAmG;AACnG,iGAAiG;AACjG,MAAM,yBAAyB,GAAwB,IAAI,GAAG,CAAC;IAC7D,aAAa;IACb,KAAK,EAAE,qFAAqF;CAC7F,CAAC,CAAC;AAEH,MAAM,uBAAuB,GAAwB,IAAI,GAAG,CAAC,CAAC,SAAS,EAAE,aAAa,CAAC,CAAC,CAAC;AAEzF,SAAS,gCAAgC,CACvC,IAAsB,EACtB,eAAkD;IAElD,MAAM,gBAAgB,GAAG,eAAe,CAAC,IAAI,CAC3C,CAAC,CAAC,EAAE,EAAE,CACJ,yBAAyB,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC;QACrC,CAAC,CAAC,aAAa,KAAK,IAAI;QACxB,uBAAuB,CAAC,GAAG,CAAC,CAAC,CAAC,aAAa,CAAC,CAC/C,CAAC;IACF,IAAI,CAAC,gBAAgB;QAAE,OAAO,EAAE,CAAC;IACjC,OAAO;QACL;YACE,IAAI,EAAE,yBAAyB;YAC/B,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;YACvB,MAAM,EAAE,8BAA8B;SACvC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAwC,EAAE,QAAgB;IACnF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAkB,CAAC;IACzC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS;YAAE,SAAS;QACvC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5D,CAAC;IACD,IAAI,WAAW,GAAG,SAAS,CAAC;IAC5B,IAAI,QAAQ,GAAG,CAAC,CAAC;IACjB,IAAI,IAAI,GAAG,KAAK,CAAC;IACjB,KAAK,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,MAAM,EAAE,CAAC;QAC5B,IAAI,CAAC,GAAG,QAAQ,EAAE,CAAC;YACjB,WAAW,GAAG,CAAC,CAAC;YAChB,QAAQ,GAAG,CAAC,CAAC;YACb,IAAI,GAAG,KAAK,CAAC;QACf,CAAC;aAAM,IAAI,CAAC,KAAK,QAAQ,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACnC,IAAI,GAAG,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IACD,IAAI,WAAW,KAAK,SAAS;QAAE,OAAO,QAAQ,CAAC;IAC/C,OAAO,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC;AACzC,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAgB,EAAE,IAAsB;IACpE,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,oBAAoB,EAAE,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACzF,MAAM,MAAM,GAAG,IAAI,CAAC,oBAAoB,CAAC;IACzC,MAAM,WAAW,GACf,IAAI,CAAC,OAAO,KAAK,OAAO;QACtB,CAAC,CAAC,oBAAoB,CAAC,IAAI,CAAC,OAAqD,CAAC;QAClF,CAAC,CAAC,qBAAqB,CAAC,IAAI,CAAC,OAAsD,CAAC,CAAC;IACzF,MAAM,aAAa,GAAG,WAAW;SAC9B,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,IAAI,IAAI,CAAC,oBAAoB,IAAI,CAAC,CAAC,GAAG,IAAI,IAAI,CAAC,kBAAkB,CAAC;SACvF,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,GAAG,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,GAAG,MAAM,EAAE,CAAC,CAAC,CAAC;IACxE,OAAO,aAAa,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,CAAC;AACxE,CAAC"}
|
package/dist/types/rule-set.d.ts
CHANGED
|
@@ -8,6 +8,11 @@ export interface ProviderCatalogEntry {
|
|
|
8
8
|
readonly secret_env_prefix: ReadonlyArray<string>;
|
|
9
9
|
readonly secret_literal_prefix: ReadonlyArray<string>;
|
|
10
10
|
readonly conventional_paths: ReadonlyArray<string>;
|
|
11
|
+
readonly hmac_algorithm: "sha1" | "sha256" | "sha512";
|
|
12
|
+
readonly signing_input_format: "raw_body" | "timestamp_dot_body" | "url_plus_sorted_params" | "custom_field_tuple" | "custom";
|
|
13
|
+
readonly timestamp_header: string | null;
|
|
14
|
+
readonly signature_encoding: "hex" | "base64";
|
|
15
|
+
readonly applicable_rules: ReadonlyArray<string>;
|
|
11
16
|
}
|
|
12
17
|
export type ProviderCatalog = Readonly<Record<string, ProviderCatalogEntry>>;
|
|
13
18
|
export type MatcherName = "importMissing" | "callMatches" | "argumentEquals" | "middlewareOrder" | "secretLiteralPrefix" | "signatureHeaderRead";
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"rule-set.d.ts","sourceRoot":"","sources":["../../src/types/rule-set.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGvD,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,gBAAgB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACjD,QAAQ,CAAC,YAAY,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAC7C,QAAQ,CAAC,gBAAgB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACjD,QAAQ,CAAC,iBAAiB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAClD,QAAQ,CAAC,qBAAqB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACtD,QAAQ,CAAC,kBAAkB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"rule-set.d.ts","sourceRoot":"","sources":["../../src/types/rule-set.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACtD,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AACnD,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAGvD,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,gBAAgB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACjD,QAAQ,CAAC,YAAY,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAC7C,QAAQ,CAAC,gBAAgB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACjD,QAAQ,CAAC,iBAAiB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAClD,QAAQ,CAAC,qBAAqB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACtD,QAAQ,CAAC,kBAAkB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IAKnD,QAAQ,CAAC,cAAc,EAAE,MAAM,GAAG,QAAQ,GAAG,QAAQ,CAAC;IACtD,QAAQ,CAAC,oBAAoB,EACzB,UAAU,GACV,oBAAoB,GACpB,wBAAwB,GACxB,oBAAoB,GACpB,QAAQ,CAAC;IACb,QAAQ,CAAC,gBAAgB,EAAE,MAAM,GAAG,IAAI,CAAC;IACzC,QAAQ,CAAC,kBAAkB,EAAE,KAAK,GAAG,QAAQ,CAAC;IAC9C,QAAQ,CAAC,gBAAgB,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;CAClD;AAED,MAAM,MAAM,eAAe,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,oBAAoB,CAAC,CAAC,CAAC;AAG7E,MAAM,MAAM,WAAW,GACnB,eAAe,GACf,aAAa,GACb,gBAAgB,GAChB,iBAAiB,GACjB,qBAAqB,GACrB,qBAAqB,CAAC;AAE1B,MAAM,WAAW,kBAAkB;IACjC,QAAQ,CAAC,IAAI,EAAE,WAAW,CAAC;IAC3B,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;CAC5F;AAGD,MAAM,MAAM,aAAa,GAAG,CAC1B,OAAO,EAAE,cAAc,EACvB,KAAK,EAAE,YAAY,KAChB,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC;AAI7B,MAAM,WAAW,oBAAoB;IACnC,QAAQ,CAAC,QAAQ,EAAE,aAAa,CAAC,MAAM,CAAC,CAAC;IACzC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;CAC7B;AAGD,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC;IAC1B,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC;IAC5B,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,OAAO,EAAE,kBAAkB,GAAG,IAAI,CAAC;IAC5C,QAAQ,CAAC,cAAc,EAAE,MAAM,GAAG,IAAI,CAAC;IACvC,QAAQ,CAAC,UAAU,EAAE,aAAa,CAAC,cAAc,CAAC,WAAW,CAAC,CAAC,GAAG,KAAK,CAAC;IAGxE,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IAEnC,QAAQ,CAAC,uBAAuB,EAAE,aAAa,CAAC,oBAAoB,CAAC,GAAG,IAAI,CAAC;CAC9E;AAED,MAAM,WAAW,OAAO;IACtB,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,iBAAiB,EAAE,MAAM,CAAC;IACnC,QAAQ,CAAC,SAAS,EAAE,eAAe,CAAC;IACpC,QAAQ,CAAC,KAAK,EAAE,aAAa,CAAC,cAAc,CAAC,CAAC;IAC9C,QAAQ,CAAC,UAAU,EAAE,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC,CAAC;CAC9D"}
|
package/dist/version.d.ts
CHANGED
|
@@ -1,2 +1,2 @@
|
|
|
1
|
-
export declare const ENGINE_VERSION = "0.0
|
|
1
|
+
export declare const ENGINE_VERSION = "0.2.0";
|
|
2
2
|
//# sourceMappingURL=version.d.ts.map
|
package/dist/version.js
CHANGED
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
// Single source of truth for engine version. Changesets keeps this in lockstep with
|
|
2
2
|
// package.json (D-05). Update both fields at the same commit. Plan 02-09 adds a CI gate
|
|
3
3
|
// that asserts they match.
|
|
4
|
-
export const ENGINE_VERSION = "0.0
|
|
4
|
+
export const ENGINE_VERSION = "0.2.0";
|
|
5
5
|
//# sourceMappingURL=version.js.map
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@hookwarden/engine",
|
|
3
|
-
"version": "0.
|
|
3
|
+
"version": "0.2.0",
|
|
4
4
|
"description": "hookwarden audit engine — browser-safe, pure-functional. Performs zero I/O.",
|
|
5
5
|
"license": "Apache-2.0",
|
|
6
6
|
"type": "module",
|
|
@@ -18,23 +18,26 @@
|
|
|
18
18
|
"LICENSE"
|
|
19
19
|
],
|
|
20
20
|
"publishConfig": {
|
|
21
|
-
"access": "public"
|
|
22
|
-
|
|
21
|
+
"access": "public"
|
|
22
|
+
},
|
|
23
|
+
"repository": {
|
|
24
|
+
"type": "git",
|
|
25
|
+
"url": "https://github.com/Hookwarden/hookwarden.git",
|
|
26
|
+
"directory": "packages/engine"
|
|
23
27
|
},
|
|
24
|
-
"repository": "github:hookwarden/hookwarden",
|
|
25
28
|
"engines": {
|
|
26
29
|
"node": ">=22.0.0"
|
|
27
30
|
},
|
|
28
31
|
"dependencies": {
|
|
29
32
|
"@babel/parser": "^7.29.3",
|
|
30
33
|
"picomatch": "^4.0.4",
|
|
31
|
-
"tree-sitter-python": "^0.25.0",
|
|
32
34
|
"web-tree-sitter": "^0.26.8"
|
|
33
35
|
},
|
|
34
36
|
"devDependencies": {
|
|
35
37
|
"@babel/types": "^7.29.0",
|
|
36
38
|
"@types/picomatch": "^4.0.3",
|
|
37
|
-
"fast-check": "^3.23.0"
|
|
39
|
+
"fast-check": "^3.23.0",
|
|
40
|
+
"tree-sitter-python": "^0.25.0"
|
|
38
41
|
},
|
|
39
42
|
"scripts": {
|
|
40
43
|
"test": "vitest run"
|