@kernlang/review 3.2.3 → 3.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cache.js +140 -3
- package/dist/cache.js.map +1 -1
- package/dist/call-graph.d.ts +4 -1
- package/dist/call-graph.js +290 -25
- package/dist/call-graph.js.map +1 -1
- package/dist/concept-rules/contract-drift.d.ts +21 -0
- package/dist/concept-rules/contract-drift.js +66 -0
- package/dist/concept-rules/contract-drift.js.map +1 -0
- package/dist/concept-rules/cross-stack-utils.d.ts +50 -0
- package/dist/concept-rules/cross-stack-utils.js +98 -0
- package/dist/concept-rules/cross-stack-utils.js.map +1 -0
- package/dist/concept-rules/index.js +12 -1
- package/dist/concept-rules/index.js.map +1 -1
- package/dist/concept-rules/tainted-across-wire.d.ts +33 -0
- package/dist/concept-rules/tainted-across-wire.js +98 -0
- package/dist/concept-rules/tainted-across-wire.js.map +1 -0
- package/dist/concept-rules/untyped-api-response.d.ts +30 -0
- package/dist/concept-rules/untyped-api-response.js +71 -0
- package/dist/concept-rules/untyped-api-response.js.map +1 -0
- package/dist/external-tools.d.ts +36 -4
- package/dist/external-tools.js +79 -12
- package/dist/external-tools.js.map +1 -1
- package/dist/graph.js +149 -39
- package/dist/graph.js.map +1 -1
- package/dist/index.d.ts +29 -4
- package/dist/index.js +329 -47
- package/dist/index.js.map +1 -1
- package/dist/inferrer.d.ts +5 -0
- package/dist/inferrer.js +1 -1
- package/dist/inferrer.js.map +1 -1
- package/dist/llm-bridge.d.ts +26 -1
- package/dist/llm-bridge.js +42 -6
- package/dist/llm-bridge.js.map +1 -1
- package/dist/llm-review.js +29 -11
- package/dist/llm-review.js.map +1 -1
- package/dist/mappers/ts-concepts.js +278 -7
- package/dist/mappers/ts-concepts.js.map +1 -1
- package/dist/public-api.d.ts +73 -0
- package/dist/public-api.js +351 -0
- package/dist/public-api.js.map +1 -0
- package/dist/reporter.d.ts +5 -0
- package/dist/reporter.js +119 -84
- package/dist/reporter.js.map +1 -1
- package/dist/review-health.d.ts +38 -0
- package/dist/review-health.js +60 -0
- package/dist/review-health.js.map +1 -0
- package/dist/rules/async.js +4 -16
- package/dist/rules/async.js.map +1 -1
- package/dist/rules/base.js +112 -87
- package/dist/rules/base.js.map +1 -1
- package/dist/rules/confidence.d.ts +2 -2
- package/dist/rules/confidence.js +32 -15
- package/dist/rules/confidence.js.map +1 -1
- package/dist/rules/dead-code.d.ts +2 -1
- package/dist/rules/dead-code.js +49 -3
- package/dist/rules/dead-code.js.map +1 -1
- package/dist/rules/index.js +131 -0
- package/dist/rules/index.js.map +1 -1
- package/dist/rules/kern-source-cross-file.d.ts +2 -0
- package/dist/rules/kern-source-cross-file.js +102 -0
- package/dist/rules/kern-source-cross-file.js.map +1 -0
- package/dist/rules/kern-source.js +86 -9
- package/dist/rules/kern-source.js.map +1 -1
- package/dist/rules/nextjs-app-router.js +936 -31
- package/dist/rules/nextjs-app-router.js.map +1 -1
- package/dist/rules/nextjs.js +193 -10
- package/dist/rules/nextjs.js.map +1 -1
- package/dist/rules/react-composition.js +442 -61
- package/dist/rules/react-composition.js.map +1 -1
- package/dist/rules/react-hooks.js +51 -2
- package/dist/rules/react-hooks.js.map +1 -1
- package/dist/rules/react.js +265 -49
- package/dist/rules/react.js.map +1 -1
- package/dist/rules/utils.d.ts +37 -2
- package/dist/rules/utils.js +113 -0
- package/dist/rules/utils.js.map +1 -1
- package/dist/semantic-diff.js +1 -1
- package/dist/semantic-diff.js.map +1 -1
- package/dist/taint-ast.js +228 -4
- package/dist/taint-ast.js.map +1 -1
- package/dist/taint-crossfile.d.ts +30 -2
- package/dist/taint-crossfile.js +280 -59
- package/dist/taint-crossfile.js.map +1 -1
- package/dist/taint-types.d.ts +2 -1
- package/dist/taint-types.js +32 -2
- package/dist/taint-types.js.map +1 -1
- package/dist/taint.d.ts +1 -1
- package/dist/taint.js +1 -1
- package/dist/taint.js.map +1 -1
- package/dist/types.d.ts +80 -0
- package/dist/types.js.map +1 -1
- package/package.json +3 -3
package/dist/taint-ast.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"taint-ast.js","sourceRoot":"","sources":["../src/taint-ast.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAOL,UAAU,GACX,MAAM,UAAU,CAAC;AAElB,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,qBAAqB,EACrB,uBAAuB,EACvB,UAAU,GACX,MAAM,kBAAkB,CAAC;AAG1B,2EAA2E;AAE3E;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,UAAsB;IACzD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAgC,CAAC;IAExD,MAAM,MAAM,GAGP,EAAE,CAAC;IACR,KAAK,MAAM,EAAE,IAAI,UAAU,CAAC,YAAY,EAAE,EAAE,CAAC;QAC3C,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,IAAI,IAAI;YAAE,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,qBAAqB,EAAE,EAAE,CAAC;QACtD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;YACnC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,eAAe,IAAI,IAAI,CAAC,WAAW,EAAE,KAAK,oBAAoB,CAAC,EAAE,CAAC;gBACpG,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,IAAW,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,MAAM,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAE3C,sDAAsD;QACtD,MAAM,KAAK,GAAwC,EAAE,CAAC;QACtD,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,gBAAgB;gBAAE,KAAK,CAAC,IAAI,CAAC,CAAsC,CAAC,CAAC;QAC/F,CAAC,CAAC,CAAC;QAEH,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAU,CAAC;QAC9C,MAAM,cAAc,GAAG,IAAI,GAAG,EAAsC,CAAC;QAErE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;YAC3C,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC3C,IAAI,CAAC,OAAO;gBAAE,SAAS;YAEvB,6DAA6D;YAC7D,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC;gBAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACvC,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;oBACtC,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC;wBACxG,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;wBAC3B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;4BAAE,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;wBAC7D,cAAc,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC;YACH,CAAC;YAED,wCAAwC;YACxC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,oBAAoB,EAAE,CAAC;oBAC/C,KAAK,MAAM,OAAO,IAAK,GAAW,CAAC,gBAAgB,EAAE,EAAE,CAAC;wBACtD,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;wBACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;wBAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;4BACvC,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;4BACtC,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC;gCACnE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gCAC3B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;oCAAE,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;gCAC7D,cAAc,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;4BACtC,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,mBAAmB,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,cAAc,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,SAAwB,EAAE,QAAgB,EAAE,UAAsB;IAChG,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,uEAAuE;IACvE,MAAM,eAAe,GAAG,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAEzD,0DAA0D;IAC1D,MAAM,MAAM,GAGP,EAAE,CAAC;IACR,KAAK,MAAM,EAAE,IAAI,UAAU,CAAC,YAAY,EAAE;QAAE,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAC1G,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,qBAAqB,EAAE,EAAE,CAAC;QACtD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;YACnC,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;gBACpC,IAAI,QAAQ,KAAK,eAAe,IAAI,QAAQ,KAAK,oBAAoB,EAAE,CAAC;oBACtE,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAW,EAAE,SAAS,EAAE,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;gBAC3E,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,UAAU,CAAC,UAAU,EAAE,EAAE,CAAC;QAC1C,KAAK,MAAM,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,MAAM,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,SAAS,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC;QAE/G,qDAAqD;QACrD,MAAM,aAAa,GAAkB,EAAE,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC;YAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAChD,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACnE,aAAa,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,CAAC;YAC/D,CAAC;QACH,CAAC;QACD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEzC,gEAAgE;QAChE,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,SAAS;QAEpB,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,MAAM,WAAW,GAAG,IAAI,GAAG,EAAuB,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,aAAa;YAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAE1D,wEAAwE;QACxE,mEAAmE;QACnE,MAAM,QAAQ,GAA6C,EAAE,CAAC;QAC9D,IAAI,CAAC,iBAAiB,CAAC,CAAC,IAAI,EAAE,EAAE;YAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,mBAAmB,EAAE,CAAC;gBACtD,QAAQ,CAAC,IAAI,CAAC,IAA8C,CAAC,CAAC;YAChE,CAAC;QACH,CAAC,CAAC,CAAC;QACH,8DAA8D;QAC9D,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC;YACjC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;gBACpC,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAExC,wDAAwD;gBACxD,IAAI,QAAQ,KAAK,YAAY,EAAE,CAAC;oBAC9B,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACpC,IAAI,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;wBAAE,SAAS;oBACzC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI;wBAAE,SAAS;oBACpB,IAAI,sBAAsB,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;wBAC/C,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;wBAC3B,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;wBAC1D,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;wBAC9D,MAAM,SAAS,GAAG,MAAM,EAAE,MAAM,CAAC;wBACjC,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC,CAAC;oBAChF,CAAC;gBACH,CAAC;gBAED,oDAAoD;gBACpD,IAAI,QAAQ,KAAK,sBAAsB,EAAE,CAAC;oBACxC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,YAAY,CAAC;wBAAE,SAAS;oBACnE,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;oBAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;oBAC/D,MAAM,SAAS,GAAG,OAAO,EAAE,MAAM,CAAC;oBAClC,KAAK,MAAM,OAAO,IAAK,QAAgB,CAAC,WAAW,EAAE,EAAE,CAAC;wBACtD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;wBACjC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;4BAC9B,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;4BACzB,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,IAAI,cAAc,EAAE,CAAC,CAAC;wBACjF,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,iDAAiD;gBACjD,IAAI,QAAQ,KAAK,qBAAqB,EAAE,CAAC;oBACvC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,YAAY,CAAC;wBAAE,SAAS;oBACnE,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;oBAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;oBAC/D,MAAM,SAAS,GAAG,OAAO,EAAE,MAAM,CAAC;oBAClC,KAAK,MAAM,OAAO,IAAK,QAAgB,CAAC,WAAW,EAAE,EAAE,CAAC;wBACtD,IAAI,OAAO,CAAC,WAAW,EAAE,KAAK,gBAAgB,EAAE,CAAC;4BAC/C,MAAM,MAAM,GAAI,OAAe,CAAC,OAAO,EAAE,CAAC;4BAC1C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gCAC9B,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gCACzB,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,IAAI,cAAc,EAAE,CAAC,CAAC;4BACjF,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,MAAM,KAAK,GAAgB,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAwC,EAAE,CAAC;QACtD,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,gBAAgB;gBAAE,KAAK,CAAC,IAAI,CAAC,CAAsC,CAAC,CAAC;QAC/F,CAAC,CAAC,CAAC;QACH,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ;gBAAE,SAAS;YACxB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,QAAQ,CAAC;YAEzD,sDAAsD;YACtD,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,MAAM,UAAU,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBAC5D,IAAI,UAAU,EAAE,CAAC;oBACf,KAAK,CAAC,IAAI,CAAC;wBACT,IAAI,EAAE,UAAU;wBAChB,QAAQ,EAAE,OAAO;wBACjB,UAAU;wBACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE;qBAChC,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;YACH,CAAC;YAED,wCAAwC;YACxC,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBACpD,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAC1B,OAAO,CAAC,KAAK,oBAAoB,IAAI,CAAC,KAAK,+BAA+B,CAAC;YAC7E,CAAC,CAAC,CAAC;YACH,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;gBAC/B,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,oBAAoB,EAAE,CAAC;oBAC/C,KAAK,MAAM,IAAI,IAAK,GAAW,CAAC,gBAAgB,EAAE,EAAE,CAAC;wBACnD,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;wBAClC,MAAM,UAAU,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;wBAC7D,IAAI,UAAU,EAAE,CAAC;4BACf,KAAK,CAAC,IAAI,CAAC;gCACT,IAAI,EAAE,GAAG,UAAU,aAAa;gCAChC,QAAQ,EAAE,OAAO;gCACjB,UAAU;gCACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE;6BAChC,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,kFAAkF;QAClF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,mEAAmE;YACnE,uEAAuE;YACvE,qBAAqB;YACrB,IAAI,mBAAmB,CAAC,IAAI,CAAC;gBAAE,SAAS;YACxC,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;YAC3C,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACnD,IAAI,CAAC,UAAU;gBAAE,SAAS;YAE1B,qEAAqE;YACrE,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YACrC,KAAK,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,IAAI,UAAU,CAAC,cAAc,EAAE,CAAC;gBAC/D,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM;oBAAE,SAAS;gBAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC/B,MAAM,UAAU,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBAC5D,IAAI,UAAU,EAAE,CAAC;oBACf,yEAAyE;oBACzE,KAAK,MAAM,YAAY,IAAI,UAAU,EAAE,CAAC;wBACtC,KAAK,CAAC,IAAI,CAAC;4BACT,IAAI,EAAE,GAAG,UAAU,SAAS;4BAC5B,QAAQ,EAAE,YAAY;4BACtB,UAAU;4BACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE;yBAChC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEjC,2CAA2C;QAC3C,MAAM,eAAe,GAAG,iBAAiB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QAE9D,cAAc;QACd,MAAM,KAAK,GAAgB,EAAE,CAAC;QAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC;YACpE,iFAAiF;YACjF,uFAAuF;YACvF,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC3C,KAAK,MAAM,EAAE,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;oBACjC,IAAI,EAAE,KAAK,IAAI,CAAC,UAAU;wBAAE,OAAO,IAAI,CAAC;oBACxC,yDAAyD;oBACzD,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC;wBAAE,OAAO,IAAI,CAAC;gBACxD,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YACH,MAAM,YAAY,GAAG,SAAS,IAAI,IAAI,CAAC;YACvC,MAAM,UAAU,GAAG,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,qBAAqB,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;YAEpG,KAAK,CAAC,IAAI,CAAC;gBACT,MAAM;gBACN,IAAI;gBACJ,SAAS,EAAE,YAAY,IAAI,UAAU;gBACrC,SAAS,EAAE,SAAS,EAAE,IAAI;gBAC1B,qBAAqB,EAAE,YAAY,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;aAChF,CAAC,CAAC;QACL,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,2EAA2E;AAE3E,kEAAkE;AAClE,SAAS,sBAAsB,CAAC,IAAU,EAAE,YAAyB;IACnE,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC;IACxE,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,OAAO,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,KAAK,yBAAyB,EAAE,CAAC;QACpC,OAAO,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,KAAK,gBAAgB,EAAE,CAAC;QAC3B,IAAI,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC;YAAE,OAAO,IAAI,CAAC;QACrF,KAAK,MAAM,GAAG,IAAK,IAAY,CAAC,YAAY,EAAE,EAAE,CAAC;YAC/C,IAAI,sBAAsB,CAAC,GAAG,EAAE,YAAY,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC7D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC,KAAK,iBAAiB,EAAE,CAAC;QAC5B,OAAO,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7E,CAAC;IACD,6CAA6C;IAC7C,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvC,IAAI,sBAAsB,CAAC,KAAK,EAAE,YAAY,CAAC;YAAE,OAAO,IAAI,CAAC;IAC/D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,sFAAsF;AACtF,SAAS,iBAAiB,CAAC,IAAuC;IAChE,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY;QAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IAC9C,IAAI,CAAC,KAAK,0BAA0B;QAAE,OAAQ,IAAY,CAAC,OAAO,EAAE,CAAC;IACrE,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,mBAAmB,CAAC,IAAuC;IAMlE,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5C,IAAI,UAAU;gBAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QAClE,CAAC;IACH,CAAC;IACD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACxD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,kGAAkG;AAClG,SAAS,mBAAmB,CAAC,IAAU;IACrC,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY;QAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IAC9C,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,mBAAmB,CAAE,IAAY,CAAC,aAAa,EAAE,CAAC,CAAC;QAC/D,IAAI,GAAG;YAAE,OAAO,GAAG,GAAG,IAAK,IAAY,CAAC,OAAO,EAAE,EAAE,CAAC;IACtD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,8DAA8D;AAC9D,SAAS,qBAAqB,CAAC,IAAU,EAAE,YAAyB;IAClE,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IAClF,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,OAAO,qBAAqB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC5E,CAAC;IACD,sEAAsE;IACtE,IAAI,CAAC,KAAK,kBAAkB,EAAE,CAAC;QAC7B,OAAO,CACL,qBAAqB,CAAE,IAAY,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC;YAC5D,qBAAqB,CAAE,IAAY,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAC9D,CAAC;IACJ,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,qBAAqB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QACzD,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,oCAAoC;AACpC,SAAS,iBAAiB,CAAC,IAAU,EAAE,YAAyB;IAC9D,MAAM,UAAU,GAAwD,EAAE,CAAC;IAE3E,MAAM,QAAQ,GAAwC,EAAE,CAAC;IACzD,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;QAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,gBAAgB;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAsC,CAAC,CAAC;IAClG,CAAC,CAAC,CAAC;IACH,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrF,IAAI,CAAC,gBAAgB;YAAE,SAAS;QAEhC,sDAAsD;QACtD,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;QACxC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;YACtC,2FAA2F;YAC3F,MAAM,QAAQ,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;YAC1C,IAAI,QAAQ,IAAI,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC;gBACzD,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBACzD,IAAI,OAAO;oBAAE,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,mFAAmF;QACnF,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,IAAI,MAAM,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,qBAAqB,EAAE,CAAC;YAC7D,MAAM,QAAQ,GAAI,MAAc,CAAC,OAAO,EAAE,CAAC;YAC3C,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAED,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,aAAa,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC"}
|
|
1
|
+
{"version":3,"file":"taint-ast.js","sourceRoot":"","sources":["../src/taint-ast.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAOL,UAAU,GACX,MAAM,UAAU,CAAC;AAElB,OAAO,EACL,gBAAgB,EAChB,gBAAgB,EAChB,qBAAqB,EACrB,uBAAuB,EACvB,UAAU,GACX,MAAM,kBAAkB,CAAC;AAG1B,2EAA2E;AAE3E;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAAC,UAAsB;IACzD,MAAM,OAAO,GAAG,IAAI,GAAG,EAAgC,CAAC;IAExD,MAAM,MAAM,GAGP,EAAE,CAAC;IACR,KAAK,MAAM,EAAE,IAAI,UAAU,CAAC,YAAY,EAAE,EAAE,CAAC;QAC3C,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,IAAI,IAAI;YAAE,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,CAAC,CAAC;IAC5C,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,qBAAqB,EAAE,EAAE,CAAC;QACtD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;YACnC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,KAAK,eAAe,IAAI,IAAI,CAAC,WAAW,EAAE,KAAK,oBAAoB,CAAC,EAAE,CAAC;gBACpG,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,EAAE,IAAI,EAAE,IAAW,EAAE,CAAC,CAAC;YAC3D,CAAC;QACH,CAAC;IACH,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE,EAAE,IAAI,MAAM,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAClC,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,IAAI,CAAC,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAE3C,sDAAsD;QACtD,MAAM,KAAK,GAAwC,EAAE,CAAC;QACtD,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,gBAAgB;gBAAE,KAAK,CAAC,IAAI,CAAC,CAAsC,CAAC,CAAC;QAC/F,CAAC,CAAC,CAAC;QAEH,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAU,CAAC;QAC9C,MAAM,cAAc,GAAG,IAAI,GAAG,EAAsC,CAAC;QAErE,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;YAC3C,MAAM,OAAO,GAAG,UAAU,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YAC3C,IAAI,CAAC,OAAO;gBAAE,SAAS;YAEvB,6DAA6D;YAC7D,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC;gBAC9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACvC,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;oBACtC,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC;wBACxG,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;wBAC3B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;4BAAE,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;wBAC7D,cAAc,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;oBACtC,CAAC;gBACH,CAAC;YACH,CAAC;YAED,wCAAwC;YACxC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,oBAAoB,EAAE,CAAC;oBAC/C,KAAK,MAAM,OAAO,IAAK,GAAW,CAAC,gBAAgB,EAAE,EAAE,CAAC;wBACtD,MAAM,IAAI,GAAG,OAAO,CAAC,aAAa,EAAE,CAAC;wBACrC,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,EAAE,CAAC;wBAChC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;4BACvC,MAAM,SAAS,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;4BACtC,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,CAAC,UAAU,CAAC,GAAG,SAAS,GAAG,CAAC,EAAE,CAAC;gCACnE,mBAAmB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;gCAC3B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC;oCAAE,cAAc,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;gCAC7D,cAAc,CAAC,GAAG,CAAC,CAAC,CAAE,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;4BACtC,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,mBAAmB,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YACjC,OAAO,CAAC,GAAG,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,mBAAmB,EAAE,cAAc,EAAE,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,UAAU,eAAe,CAAC,SAAwB,EAAE,QAAgB,EAAE,UAAsB;IAChG,MAAM,OAAO,GAAkB,EAAE,CAAC;IAElC,uEAAuE;IACvE,MAAM,eAAe,GAAG,oBAAoB,CAAC,UAAU,CAAC,CAAC;IAEzD,0DAA0D;IAC1D,MAAM,MAAM,GAGP,EAAE,CAAC;IACR,KAAK,MAAM,EAAE,IAAI,UAAU,CAAC,YAAY,EAAE;QAAE,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;IAC1G,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,qBAAqB,EAAE,EAAE,CAAC;QACtD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,eAAe,EAAE,EAAE,CAAC;YAC1C,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;YACnC,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;gBACpC,IAAI,QAAQ,KAAK,eAAe,IAAI,QAAQ,KAAK,oBAAoB,EAAE,CAAC;oBACtE,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAW,EAAE,SAAS,EAAE,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;gBAC3E,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,UAAU,CAAC,UAAU,EAAE,EAAE,CAAC;QAC1C,KAAK,MAAM,MAAM,IAAI,GAAG,CAAC,UAAU,EAAE,EAAE,CAAC;YACtC,MAAM,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,KAAK,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,MAAM,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,EAAE,CAAC,aAAa,EAAE,CAAC;QAClC,MAAM,MAAM,GAAG,SAAS,IAAI,EAAE,IAAI,OAAO,EAAE,CAAC,OAAO,KAAK,UAAU,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,EAAE,IAAI,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC;QAE/G,qDAAqD;QACrD,MAAM,aAAa,GAAkB,EAAE,CAAC;QACxC,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;YAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC;YAC7B,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YAChD,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACnE,aAAa,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC,CAAC;YAC/D,CAAC;QACH,CAAC;QACD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEzC,gEAAgE;QAChE,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,IAAI,CAAC,IAAI;YAAE,SAAS;QAEpB,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,MAAM,WAAW,GAAG,IAAI,GAAG,EAAuB,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,aAAa;YAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QAE1D,wEAAwE;QACxE,mEAAmE;QACnE,MAAM,QAAQ,GAA6C,EAAE,CAAC;QAC9D,IAAI,CAAC,iBAAiB,CAAC,CAAC,IAAI,EAAE,EAAE;YAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,mBAAmB,EAAE,CAAC;gBACtD,QAAQ,CAAC,IAAI,CAAC,IAA8C,CAAC,CAAC;YAChE,CAAC;QACH,CAAC,CAAC,CAAC;QACH,8DAA8D;QAC9D,KAAK,IAAI,GAAG,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,GAAG,EAAE,EAAE,CAAC;YACjC,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;gBAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;gBACpC,MAAM,QAAQ,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAExC,wDAAwD;gBACxD,IAAI,QAAQ,KAAK,YAAY,EAAE,CAAC;oBAC9B,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,CAAC;oBACpC,IAAI,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC;wBAAE,SAAS;oBACzC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI;wBAAE,SAAS;oBACpB,IAAI,sBAAsB,CAAC,IAAI,EAAE,YAAY,CAAC,EAAE,CAAC;wBAC/C,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;wBAC3B,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;wBAC1D,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;wBAC9D,MAAM,SAAS,GAAG,MAAM,EAAE,MAAM,CAAC;wBACjC,WAAW,CAAC,GAAG,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,IAAI,SAAS,EAAE,CAAC,CAAC;oBAChF,CAAC;gBACH,CAAC;gBAED,oDAAoD;gBACpD,IAAI,QAAQ,KAAK,sBAAsB,EAAE,CAAC;oBACxC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,YAAY,CAAC;wBAAE,SAAS;oBACnE,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;oBAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;oBAC/D,MAAM,SAAS,GAAG,OAAO,EAAE,MAAM,CAAC;oBAClC,KAAK,MAAM,OAAO,IAAK,QAAgB,CAAC,WAAW,EAAE,EAAE,CAAC;wBACtD,MAAM,MAAM,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC;wBACjC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;4BAC9B,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;4BACzB,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,IAAI,cAAc,EAAE,CAAC,CAAC;wBACjF,CAAC;oBACH,CAAC;gBACH,CAAC;gBAED,iDAAiD;gBACjD,IAAI,QAAQ,KAAK,qBAAqB,EAAE,CAAC;oBACvC,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,EAAE,CAAC;oBACnC,IAAI,CAAC,IAAI,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,YAAY,CAAC;wBAAE,SAAS;oBACnE,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;oBAC1D,MAAM,OAAO,GAAG,OAAO,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;oBAC/D,MAAM,SAAS,GAAG,OAAO,EAAE,MAAM,CAAC;oBAClC,KAAK,MAAM,OAAO,IAAK,QAAgB,CAAC,WAAW,EAAE,EAAE,CAAC;wBACtD,IAAI,OAAO,CAAC,WAAW,EAAE,KAAK,gBAAgB,EAAE,CAAC;4BAC/C,MAAM,MAAM,GAAI,OAAe,CAAC,OAAO,EAAE,CAAC;4BAC1C,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;gCAC9B,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gCACzB,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,SAAS,IAAI,cAAc,EAAE,CAAC,CAAC;4BACjF,CAAC;wBACH,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,iDAAiD;QACjD,MAAM,KAAK,GAAgB,EAAE,CAAC;QAC9B,MAAM,KAAK,GAAwC,EAAE,CAAC;QACtD,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;YAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,gBAAgB;gBAAE,KAAK,CAAC,IAAI,CAAC,CAAsC,CAAC,CAAC;QAC/F,CAAC,CAAC,CAAC;QACH,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ;gBAAE,SAAS;YACxB,MAAM,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,QAAQ,CAAC;YAEzD,sDAAsD;YACtD,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,MAAM,UAAU,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBAC5D,IAAI,UAAU,EAAE,CAAC;oBACf,KAAK,CAAC,IAAI,CAAC;wBACT,IAAI,EAAE,UAAU;wBAChB,QAAQ,EAAE,OAAO;wBACjB,UAAU;wBACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE;qBAChC,CAAC,CAAC;oBACH,MAAM;gBACR,CAAC;YACH,CAAC;YAED,wCAAwC;YACxC,MAAM,YAAY,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBACpD,MAAM,CAAC,GAAG,CAAC,CAAC,WAAW,EAAE,CAAC;gBAC1B,OAAO,CAAC,KAAK,oBAAoB,IAAI,CAAC,KAAK,+BAA+B,CAAC;YAC7E,CAAC,CAAC,CAAC;YACH,KAAK,MAAM,GAAG,IAAI,YAAY,EAAE,CAAC;gBAC/B,IAAI,GAAG,CAAC,WAAW,EAAE,KAAK,oBAAoB,EAAE,CAAC;oBAC/C,KAAK,MAAM,IAAI,IAAK,GAAW,CAAC,gBAAgB,EAAE,EAAE,CAAC;wBACnD,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;wBAClC,MAAM,UAAU,GAAG,qBAAqB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;wBAC7D,IAAI,UAAU,EAAE,CAAC;4BACf,KAAK,CAAC,IAAI,CAAC;gCACT,IAAI,EAAE,GAAG,UAAU,aAAa;gCAChC,QAAQ,EAAE,OAAO;gCACjB,UAAU;gCACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE;6BAChC,CAAC,CAAC;wBACL,CAAC;oBACH,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,kFAAkF;QAClF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,mEAAmE;YACnE,uEAAuE;YACvE,qBAAqB;YACrB,IAAI,mBAAmB,CAAC,IAAI,CAAC;gBAAE,SAAS;YACxC,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;YAC3C,MAAM,UAAU,GAAG,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC;YACnD,IAAI,CAAC,UAAU;gBAAE,SAAS;YAE1B,qEAAqE;YACrE,MAAM,QAAQ,GAAG,IAAI,CAAC,YAAY,EAAE,CAAC;YACrC,KAAK,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,IAAI,UAAU,CAAC,cAAc,EAAE,CAAC;gBAC/D,IAAI,QAAQ,IAAI,QAAQ,CAAC,MAAM;oBAAE,SAAS;gBAC1C,MAAM,GAAG,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;gBAC/B,MAAM,UAAU,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBAC5D,IAAI,UAAU,EAAE,CAAC;oBACf,yEAAyE;oBACzE,KAAK,MAAM,YAAY,IAAI,UAAU,EAAE,CAAC;wBACtC,KAAK,CAAC,IAAI,CAAC;4BACT,IAAI,EAAE,GAAG,UAAU,SAAS;4BAC5B,QAAQ,EAAE,YAAY;4BACtB,UAAU;4BACV,IAAI,EAAE,IAAI,CAAC,kBAAkB,EAAE;yBAChC,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEjC,2CAA2C;QAC3C,MAAM,eAAe,GAAG,iBAAiB,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;QAE9D,0DAA0D;QAC1D,MAAM,cAAc,GAAG,IAAI,GAAG,EAA+C,CAAC;QAC9E,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;gBACtC,MAAM,IAAI,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBACtD,IAAI,IAAI,EAAE,CAAC;oBACT,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;oBAChD,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACpB,cAAc,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;QACH,CAAC;QAED,cAAc;QACd,MAAM,KAAK,GAAgB,EAAE,CAAC;QAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC;YACpE,iFAAiF;YACjF,uFAAuF;YACvF,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC3C,KAAK,MAAM,EAAE,IAAI,CAAC,CAAC,aAAa,EAAE,CAAC;oBACjC,IAAI,EAAE,KAAK,IAAI,CAAC,UAAU;wBAAE,OAAO,IAAI,CAAC;oBACxC,yDAAyD;oBACzD,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,GAAG,EAAE,GAAG,CAAC;wBAAE,OAAO,IAAI,CAAC;gBACxD,CAAC;gBACD,OAAO,KAAK,CAAC;YACf,CAAC,CAAC,CAAC;YAEH,+DAA+D;YAC/D,uEAAuE;YACvE,wDAAwD;YACxD,MAAM,cAAc,GAAG,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;YACjE,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,CAAC,EAAE,IAAI,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC,CAAC;YAEhG,MAAM,YAAY,GAAG,SAAS,IAAI,IAAI,IAAI,WAAW,CAAC;YACtD,MAAM,UAAU,GAAG,SAAS,IAAI,IAAI,CAAC,CAAC,CAAC,qBAAqB,CAAC,SAAS,CAAC,IAAI,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YAE1G,KAAK,CAAC,IAAI,CAAC;gBACT,MAAM;gBACN,IAAI;gBACJ,SAAS,EAAE,YAAY,IAAI,UAAU;gBACrC,SAAS,EAAE,SAAS,EAAE,IAAI,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;gBACrE,qBAAqB,EAAE,SAAS,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS;aACrF,CAAC,CAAC;QACL,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QACvD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,2EAA2E;AAE3E,kEAAkE;AAClE,SAAS,sBAAsB,CAAC,IAAU,EAAE,YAAyB;IACnE,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC;IACxE,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,OAAO,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,KAAK,yBAAyB,EAAE,CAAC;QACpC,OAAO,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7E,CAAC;IACD,IAAI,CAAC,KAAK,gBAAgB,EAAE,CAAC;QAC3B,IAAI,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC;YAAE,OAAO,IAAI,CAAC;QACrF,KAAK,MAAM,GAAG,IAAK,IAAY,CAAC,YAAY,EAAE,EAAE,CAAC;YAC/C,IAAI,sBAAsB,CAAC,GAAG,EAAE,YAAY,CAAC;gBAAE,OAAO,IAAI,CAAC;QAC7D,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,IAAI,CAAC,KAAK,iBAAiB,EAAE,CAAC;QAC5B,OAAO,sBAAsB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC7E,CAAC;IACD,6CAA6C;IAC7C,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvC,IAAI,sBAAsB,CAAC,KAAK,EAAE,YAAY,CAAC;YAAE,OAAO,IAAI,CAAC;IAC/D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,sFAAsF;AACtF,SAAS,iBAAiB,CAAC,IAAuC;IAChE,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY;QAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IAC9C,IAAI,CAAC,KAAK,0BAA0B;QAAE,OAAQ,IAAY,CAAC,OAAO,EAAE,CAAC;IACrE,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;;;;;GAMG;AACH,SAAS,mBAAmB,CAAC,IAAuC;IAMlE,MAAM,IAAI,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;IAClC,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC5C,IAAI,UAAU;gBAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;QAClE,CAAC;IACH,CAAC;IACD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACxC,IAAI,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IACxD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,kGAAkG;AAClG,SAAS,mBAAmB,CAAC,IAAU;IACrC,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY;QAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IAC9C,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,mBAAmB,CAAE,IAAY,CAAC,aAAa,EAAE,CAAC,CAAC;QAC/D,IAAI,GAAG;YAAE,OAAO,GAAG,GAAG,IAAK,IAAY,CAAC,OAAO,EAAE,EAAE,CAAC;IACtD,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,8DAA8D;AAC9D,SAAS,qBAAqB,CAAC,IAAU,EAAE,YAAyB;IAClE,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,YAAY,IAAI,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QAAE,OAAO,IAAI,CAAC,OAAO,EAAE,CAAC;IAClF,IAAI,CAAC,KAAK,0BAA0B,EAAE,CAAC;QACrC,OAAO,qBAAqB,CAAE,IAAY,CAAC,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;IAC5E,CAAC;IACD,sEAAsE;IACtE,IAAI,CAAC,KAAK,kBAAkB,EAAE,CAAC;QAC7B,OAAO,CACL,qBAAqB,CAAE,IAAY,CAAC,OAAO,EAAE,EAAE,YAAY,CAAC;YAC5D,qBAAqB,CAAE,IAAY,CAAC,QAAQ,EAAE,EAAE,YAAY,CAAC,CAC9D,CAAC;IACJ,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,qBAAqB,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;QACzD,IAAI,KAAK;YAAE,OAAO,KAAK,CAAC;IAC1B,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,oCAAoC;AACpC,SAAS,iBAAiB,CAAC,IAAU,EAAE,YAAyB;IAC9D,MAAM,UAAU,GAAwD,EAAE,CAAC;IAE3E,MAAM,QAAQ,GAAwC,EAAE,CAAC;IACzD,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;QAC3B,IAAI,CAAC,CAAC,WAAW,EAAE,KAAK,gBAAgB;YAAE,QAAQ,CAAC,IAAI,CAAC,CAAsC,CAAC,CAAC;IAClG,CAAC,CAAC,CAAC;IACH,KAAK,MAAM,IAAI,IAAI,QAAQ,EAAE,CAAC;QAC5B,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;QACrF,IAAI,CAAC,gBAAgB;YAAE,SAAS;QAEhC,sDAAsD;QACtD,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAC;QACxC,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;YACtC,2FAA2F;YAC3F,MAAM,QAAQ,GAAG,mBAAmB,CAAC,GAAG,CAAC,CAAC;YAC1C,IAAI,QAAQ,IAAI,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,EAAE,CAAC;gBACzD,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,MAAM,OAAO,GAAG,qBAAqB,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;gBACzD,IAAI,OAAO;oBAAE,aAAa,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,mFAAmF;QACnF,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;QAChC,IAAI,MAAM,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,qBAAqB,EAAE,CAAC;YAC7D,MAAM,QAAQ,GAAI,MAAc,CAAC,OAAO,EAAE,CAAC;YAC3C,aAAa,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC9B,CAAC;QAED,IAAI,aAAa,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC3B,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,gBAAgB,EAAE,aAAa,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,OAAO,UAAU,CAAC;AACpB,CAAC;AAED,2EAA2E;AAC3E,EAAE;AACF,6EAA6E;AAC7E,6BAA6B;AAC7B,EAAE;AACF,0EAA0E;AAC1E,0EAA0E;AAC1E,iDAAiD;AACjD,EAAE;AACF,0CAA0C;AAC1C,uEAAuE;AACvE,2EAA2E;AAC3E,0EAA0E;AAC1E,sDAAsD;AACtD,oEAAoE;AACpE,2EAA2E;AAC3E,4EAA4E;AAC5E,cAAc;AACd,EAAE;AACF,uEAAuE;AACvE,yBAAyB;AAEzB,MAAM,kBAAkB,GAAG;IACzB,IAAI;IACJ,UAAU;IACV,OAAO;IACP,QAAQ;IACR,UAAU;IACV,OAAO;IACP,QAAQ;IACR,WAAW;IACX,OAAO;IACP,WAAW;IACX,QAAQ;IACR,OAAO;CACR,CAAC;AAEF,SAAS,sBAAsB,CAAC,IAAY;IAC1C,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,KAAK,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;AAC1E,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,IAAuC,EAAE,UAAkB,EAAE,MAAY;IACtG,MAAM,MAAM,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC;IAE9C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,IAAI,CAAC;YAAE,SAAS;QAC/C,IAAI,CAAC,sBAAsB,CAAC,KAAK,CAAC,IAAI,EAAE,UAAU,CAAC;YAAE,SAAS;QAC9D,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAOD;;;GAGG;AACH,SAAS,sBAAsB,CAAC,IAAU;IACxC,MAAM,MAAM,GAAqB,EAAE,CAAC;IAEpC,IAAI,CAAC,iBAAiB,CAAC,CAAC,IAAI,EAAE,EAAE;QAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,WAAW;YAAE,OAAO;QACtD,MAAM,MAAM,GAAG,IAAsC,CAAC;QACtD,MAAM,QAAQ,GAAG,MAAM,CAAC,gBAAgB,EAAE,CAAC;QAE3C,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC;YAAE,OAAO;QAEnC,MAAM,CAAC,IAAI,CAAC;YACV,IAAI,EAAE,MAAM,CAAC,aAAa,EAAE;YAC5B,MAAM;SACP,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,KAAqB,EAAE,IAAU;IAC3D,MAAM,SAAS,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;IAClC,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC;IAC7B,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,EAAE,CAAC;IACxC,IAAI,CAAC,WAAW;QAAE,OAAO,KAAK,CAAC;IAE/B,IAAI,GAAG,GAAqB,IAAI,CAAC;IACjC,OAAO,GAAG,EAAE,CAAC;QACX,IAAI,GAAG,KAAK,OAAO;YAAE,OAAO,KAAK,CAAC,CAAC,sCAAsC;QACzE,MAAM,MAAM,GAAG,GAAG,CAAC,SAAS,EAAE,CAAC;QAC/B,IAAI,MAAM,KAAK,WAAW,EAAE,CAAC;YAC3B,OAAO,OAAO,CAAC,MAAM,EAAE,GAAG,SAAS,CAAC;QACtC,CAAC;QACD,GAAG,GAAG,MAAM,CAAC;IACf,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,WAAW,CAAC,IAAU;IAC7B,MAAM,CAAC,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAC7B,IAAI,CAAC,KAAK,iBAAiB,IAAI,CAAC,KAAK,gBAAgB;QAAE,OAAO,IAAI,CAAC;IACnE,IAAI,CAAC,KAAK,OAAO,EAAE,CAAC;QAClB,MAAM,UAAU,GAAI,IAAiC,CAAC,aAAa,EAAE,CAAC;QACtE,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QAC1C,2EAA2E;QAC3E,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/C,MAAM,EAAE,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAC9B,OAAO,EAAE,KAAK,iBAAiB,IAAI,EAAE,KAAK,gBAAgB,CAAC;IAC7D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;;;;;GASG;AACH,SAAS,sBAAsB,CAAC,IAAU,EAAE,OAAe;IACzD,IAAI,oBAAoB,CAAC,IAAI,EAAE,OAAO,CAAC;QAAE,OAAO,IAAI,CAAC;IACrD,OAAO,wBAAwB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;AACjD,CAAC;AAED;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,IAAU,EAAE,OAAe;IACvD,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,gBAAgB,EAAE,CAAC;QACnD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;YACvC,IAAI,oBAAoB,CAAC,KAAK,EAAE,OAAO,CAAC;gBAAE,OAAO,IAAI,CAAC;QACxD,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IACD,MAAM,GAAG,GAAG,IAA2C,CAAC;IACxD,MAAM,EAAE,GAAG,GAAG,CAAC,gBAAgB,EAAE,CAAC,OAAO,EAAE,CAAC;IAC5C,IAAI,EAAE,KAAK,KAAK,IAAI,EAAE,KAAK,IAAI;QAAE,OAAO,KAAK,CAAC;IAC9C,KAAK,MAAM,IAAI,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,EAAE,CAAC;QACnD,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,gBAAgB;YAAE,SAAS;QAC7D,MAAM,OAAO,GAAI,IAA4C,CAAC,aAAa,EAAE,CAAC;QAC9E,IAAI,WAAW,CAAC,OAAO,EAAE,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;IACjD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,wBAAwB,CAAC,IAAU,EAAE,OAAe;IAC3D,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,qBAAqB,EAAE,CAAC;QACxD,MAAM,KAAK,GAAG,IAAgD,CAAC;QAC/D,IAAI,KAAK,CAAC,gBAAgB,EAAE,KAAK,UAAU,CAAC,gBAAgB,EAAE,CAAC;YAC7D,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,EAAE,CAAC;YACnC,IAAI,iBAAiB,CAAC,OAAO,EAAE,OAAO,CAAC;gBAAE,OAAO,IAAI,CAAC;QACvD,CAAC;IACH,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvC,IAAI,wBAAwB,CAAC,KAAK,EAAE,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;IAC5D,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAU,EAAE,OAAe;IACpD,yEAAyE;IACzE,yEAAyE;IACzE,IAAI,GAAG,GAAS,IAAI,CAAC;IACrB,OAAO,GAAG,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,wBAAwB,EAAE,CAAC;QAC7D,GAAG,GAAI,GAAmD,CAAC,aAAa,EAAE,CAAC;IAC7E,CAAC;IACD,IAAI,GAAG,CAAC,OAAO,EAAE,KAAK,UAAU,CAAC,cAAc;QAAE,OAAO,KAAK,CAAC;IAC9D,MAAM,IAAI,GAAG,GAAwC,CAAC;IACtD,MAAM,UAAU,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC,OAAO,EAAE,CAAC;IAClD,MAAM,WAAW,GAAG,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC,CAAC,CAAC,UAAU,CAAC;IACzF,IAAI,CAAC,sBAAsB,CAAC,WAAW,CAAC;QAAE,OAAO,KAAK,CAAC;IACvD,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC;QACtC,IAAI,WAAW,CAAC,GAAG,EAAE,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;IAC7C,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,WAAW,CAAC,IAAU,EAAE,OAAe;IAC9C,IAAI,IAAI,CAAC,WAAW,EAAE,KAAK,YAAY,IAAI,IAAI,CAAC,OAAO,EAAE,KAAK,OAAO;QAAE,OAAO,IAAI,CAAC;IACnF,IAAI,IAAI,CAAC,WAAW,EAAE,KAAK,0BAA0B,EAAE,CAAC;QACtD,OAAO,WAAW,CAAE,IAAoD,CAAC,aAAa,EAAE,EAAE,OAAO,CAAC,CAAC;IACrG,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QACvC,IAAI,WAAW,CAAC,KAAK,EAAE,OAAO,CAAC;YAAE,OAAO,IAAI,CAAC;IAC/C,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -4,8 +4,9 @@
|
|
|
4
4
|
* Traces tainted data across import boundaries:
|
|
5
5
|
* handler(req) → importedFn(req.body) → exec() in another file.
|
|
6
6
|
*/
|
|
7
|
+
import type { Project } from 'ts-morph';
|
|
7
8
|
import type { CrossFileTaintResult, ExportedFunction } from './taint-types.js';
|
|
8
|
-
import type { InferResult } from './types.js';
|
|
9
|
+
import type { GraphResult, InferResult } from './types.js';
|
|
9
10
|
/**
|
|
10
11
|
* Build a map of exported functions across all files.
|
|
11
12
|
* Maps "filePath::fnName" → ExportedFunction with sink info.
|
|
@@ -16,6 +17,33 @@ export declare function buildExportMap(inferredPerFile: Map<string, InferResult[
|
|
|
16
17
|
* Maps "importingFile::importedName" → absolute file path of the definition.
|
|
17
18
|
*/
|
|
18
19
|
export declare function buildImportMap(inferredPerFile: Map<string, InferResult[]>, graphImports: Map<string, string[]>): Map<string, string>;
|
|
20
|
+
/**
|
|
21
|
+
* Build an export map from ts-morph — works on ANY TypeScript codebase,
|
|
22
|
+
* regardless of whether the file has been KERN-inferred.
|
|
23
|
+
*
|
|
24
|
+
* Scans every exported function declaration and arrow/function-expression
|
|
25
|
+
* variable, extracts its body text, and runs the same sink detector the
|
|
26
|
+
* IR-based map uses. Output keys are identical (`filePath::fnName`) so the
|
|
27
|
+
* result merges cleanly with `buildExportMap`.
|
|
28
|
+
*/
|
|
29
|
+
export declare function buildExportMapFromGraph(project: Project, graph: GraphResult): Map<string, ExportedFunction>;
|
|
30
|
+
/**
|
|
31
|
+
* Build an import map from ts-morph for any TS codebase.
|
|
32
|
+
*
|
|
33
|
+
* Keys: `importingFile::localName`. Works for named imports (including
|
|
34
|
+
* aliased `import { foo as bar }`), default imports, and re-exports resolved
|
|
35
|
+
* via ts-morph's module resolution.
|
|
36
|
+
*/
|
|
37
|
+
export declare function buildImportMapFromGraph(project: Project, graph: GraphResult): Map<string, string>;
|
|
38
|
+
/**
|
|
39
|
+
* Build a map of *local-name → exported-name* for aliased named imports.
|
|
40
|
+
*
|
|
41
|
+
* Keys: `importingFile::localName`. Values: the actual exported name at the
|
|
42
|
+
* import target. Identity mappings (localName === exportedName) are omitted
|
|
43
|
+
* to keep the map compact. Callers look up `aliasMap.get(key) ?? localName`
|
|
44
|
+
* when they need the name to match against an export map.
|
|
45
|
+
*/
|
|
46
|
+
export declare function buildImportAliasMap(project: Project, graph: GraphResult): Map<string, string>;
|
|
19
47
|
/**
|
|
20
48
|
* Cross-file taint analysis.
|
|
21
49
|
*
|
|
@@ -25,4 +53,4 @@ export declare function buildImportMap(inferredPerFile: Map<string, InferResult[
|
|
|
25
53
|
* 3. Look up the target function — does it have a dangerous sink?
|
|
26
54
|
* 4. If yes and no sanitizer in between → cross-file taint path
|
|
27
55
|
*/
|
|
28
|
-
export declare function analyzeTaintCrossFile(inferredPerFile: Map<string, InferResult[]>, graphImports: Map<string, string[]
|
|
56
|
+
export declare function analyzeTaintCrossFile(inferredPerFile: Map<string, InferResult[]>, graphImports: Map<string, string[]>, graph?: GraphResult): CrossFileTaintResult[];
|
package/dist/taint-crossfile.js
CHANGED
|
@@ -4,7 +4,12 @@
|
|
|
4
4
|
* Traces tainted data across import boundaries:
|
|
5
5
|
* handler(req) → importedFn(req.body) → exec() in another file.
|
|
6
6
|
*/
|
|
7
|
+
import { extname } from 'path';
|
|
7
8
|
import { classifyParams, detectSanitizers, findClosingParen, findTaintedSinks, propagateTaint } from './taint-regex.js';
|
|
9
|
+
const TS_MORPH_GRAPH_EXTENSIONS = new Set(['.ts', '.tsx', '.js', '.jsx', '.mts', '.cts', '.mjs', '.cjs']);
|
|
10
|
+
function supportsTsMorphGraphFile(filePath) {
|
|
11
|
+
return TS_MORPH_GRAPH_EXTENSIONS.has(extname(filePath).toLowerCase());
|
|
12
|
+
}
|
|
8
13
|
// ── Export Map ───────────────────────────────────────────────────────────
|
|
9
14
|
/**
|
|
10
15
|
* Build a map of exported functions across all files.
|
|
@@ -88,6 +93,154 @@ export function buildImportMap(inferredPerFile, graphImports) {
|
|
|
88
93
|
}
|
|
89
94
|
return importMap;
|
|
90
95
|
}
|
|
96
|
+
// ── ts-morph-Backed Export / Import Maps ────────────────────────────────
|
|
97
|
+
/**
|
|
98
|
+
* Build an export map from ts-morph — works on ANY TypeScript codebase,
|
|
99
|
+
* regardless of whether the file has been KERN-inferred.
|
|
100
|
+
*
|
|
101
|
+
* Scans every exported function declaration and arrow/function-expression
|
|
102
|
+
* variable, extracts its body text, and runs the same sink detector the
|
|
103
|
+
* IR-based map uses. Output keys are identical (`filePath::fnName`) so the
|
|
104
|
+
* result merges cleanly with `buildExportMap`.
|
|
105
|
+
*/
|
|
106
|
+
export function buildExportMapFromGraph(project, graph) {
|
|
107
|
+
const exportMap = new Map();
|
|
108
|
+
for (const gf of graph.files) {
|
|
109
|
+
if (!supportsTsMorphGraphFile(gf.path))
|
|
110
|
+
continue;
|
|
111
|
+
const sf = project.getSourceFile(gf.path);
|
|
112
|
+
if (!sf)
|
|
113
|
+
continue;
|
|
114
|
+
for (const [exportName, decls] of sf.getExportedDeclarations()) {
|
|
115
|
+
for (const decl of decls) {
|
|
116
|
+
const collected = collectFnSignature(decl);
|
|
117
|
+
if (!collected)
|
|
118
|
+
continue;
|
|
119
|
+
const { params, code } = collected;
|
|
120
|
+
const paramNames = params
|
|
121
|
+
.split(',')
|
|
122
|
+
.map((p) => p.trim().split(':')[0]?.trim())
|
|
123
|
+
.filter(Boolean);
|
|
124
|
+
const sinks = [];
|
|
125
|
+
if (code && paramNames.length > 0) {
|
|
126
|
+
const dummyTaint = paramNames.map((name) => ({
|
|
127
|
+
name,
|
|
128
|
+
origin: `param:${name}`,
|
|
129
|
+
}));
|
|
130
|
+
sinks.push(...findTaintedSinks(code, dummyTaint));
|
|
131
|
+
}
|
|
132
|
+
const key = `${gf.path}::${exportName}`;
|
|
133
|
+
exportMap.set(key, {
|
|
134
|
+
filePath: gf.path,
|
|
135
|
+
fnName: exportName,
|
|
136
|
+
params,
|
|
137
|
+
hasSink: sinks.length > 0,
|
|
138
|
+
sinks,
|
|
139
|
+
});
|
|
140
|
+
}
|
|
141
|
+
}
|
|
142
|
+
}
|
|
143
|
+
return exportMap;
|
|
144
|
+
}
|
|
145
|
+
/**
|
|
146
|
+
* Build an import map from ts-morph for any TS codebase.
|
|
147
|
+
*
|
|
148
|
+
* Keys: `importingFile::localName`. Works for named imports (including
|
|
149
|
+
* aliased `import { foo as bar }`), default imports, and re-exports resolved
|
|
150
|
+
* via ts-morph's module resolution.
|
|
151
|
+
*/
|
|
152
|
+
export function buildImportMapFromGraph(project, graph) {
|
|
153
|
+
const importMap = new Map();
|
|
154
|
+
for (const gf of graph.files) {
|
|
155
|
+
if (!supportsTsMorphGraphFile(gf.path))
|
|
156
|
+
continue;
|
|
157
|
+
const sf = project.getSourceFile(gf.path);
|
|
158
|
+
if (!sf)
|
|
159
|
+
continue;
|
|
160
|
+
for (const imp of sf.getImportDeclarations()) {
|
|
161
|
+
let target;
|
|
162
|
+
try {
|
|
163
|
+
target = imp.getModuleSpecifierSourceFile() ?? undefined;
|
|
164
|
+
}
|
|
165
|
+
catch {
|
|
166
|
+
continue;
|
|
167
|
+
}
|
|
168
|
+
if (!target)
|
|
169
|
+
continue;
|
|
170
|
+
const targetPath = target.getFilePath();
|
|
171
|
+
for (const named of imp.getNamedImports()) {
|
|
172
|
+
const localName = named.getAliasNode()?.getText() ?? named.getName();
|
|
173
|
+
importMap.set(`${gf.path}::${localName}`, targetPath);
|
|
174
|
+
}
|
|
175
|
+
const def = imp.getDefaultImport();
|
|
176
|
+
if (def)
|
|
177
|
+
importMap.set(`${gf.path}::${def.getText()}`, targetPath);
|
|
178
|
+
}
|
|
179
|
+
}
|
|
180
|
+
return importMap;
|
|
181
|
+
}
|
|
182
|
+
/**
|
|
183
|
+
* Build a map of *local-name → exported-name* for aliased named imports.
|
|
184
|
+
*
|
|
185
|
+
* Keys: `importingFile::localName`. Values: the actual exported name at the
|
|
186
|
+
* import target. Identity mappings (localName === exportedName) are omitted
|
|
187
|
+
* to keep the map compact. Callers look up `aliasMap.get(key) ?? localName`
|
|
188
|
+
* when they need the name to match against an export map.
|
|
189
|
+
*/
|
|
190
|
+
export function buildImportAliasMap(project, graph) {
|
|
191
|
+
const aliasMap = new Map();
|
|
192
|
+
for (const gf of graph.files) {
|
|
193
|
+
if (!supportsTsMorphGraphFile(gf.path))
|
|
194
|
+
continue;
|
|
195
|
+
const sf = project.getSourceFile(gf.path);
|
|
196
|
+
if (!sf)
|
|
197
|
+
continue;
|
|
198
|
+
for (const imp of sf.getImportDeclarations()) {
|
|
199
|
+
for (const named of imp.getNamedImports()) {
|
|
200
|
+
const alias = named.getAliasNode();
|
|
201
|
+
if (!alias)
|
|
202
|
+
continue; // not aliased — localName IS the exported name
|
|
203
|
+
const localName = alias.getText();
|
|
204
|
+
const exportedName = named.getName();
|
|
205
|
+
aliasMap.set(`${gf.path}::${localName}`, exportedName);
|
|
206
|
+
}
|
|
207
|
+
}
|
|
208
|
+
}
|
|
209
|
+
return aliasMap;
|
|
210
|
+
}
|
|
211
|
+
/** Extract `{ params, code }` from an exported function-ish declaration. */
|
|
212
|
+
function collectFnSignature(decl) {
|
|
213
|
+
const kind = decl.getKindName();
|
|
214
|
+
if (kind === 'FunctionDeclaration') {
|
|
215
|
+
const fn = decl;
|
|
216
|
+
const body = fn.getBody();
|
|
217
|
+
return {
|
|
218
|
+
params: fn
|
|
219
|
+
.getParameters()
|
|
220
|
+
.map((p) => p.getText())
|
|
221
|
+
.join(','),
|
|
222
|
+
code: body?.getText() ?? '',
|
|
223
|
+
};
|
|
224
|
+
}
|
|
225
|
+
if (kind === 'VariableDeclaration') {
|
|
226
|
+
const vd = decl;
|
|
227
|
+
const init = vd.getInitializer();
|
|
228
|
+
if (!init)
|
|
229
|
+
return undefined;
|
|
230
|
+
const initKind = init.getKindName();
|
|
231
|
+
if (initKind !== 'ArrowFunction' && initKind !== 'FunctionExpression')
|
|
232
|
+
return undefined;
|
|
233
|
+
const fn = init;
|
|
234
|
+
return {
|
|
235
|
+
params: fn
|
|
236
|
+
.getParameters()
|
|
237
|
+
.map((p) => p.getText())
|
|
238
|
+
.join(','),
|
|
239
|
+
code: fn.getBody().getText(),
|
|
240
|
+
};
|
|
241
|
+
}
|
|
242
|
+
return undefined;
|
|
243
|
+
}
|
|
91
244
|
// ── Cross-File Analysis ─────────────────────────────────────────────────
|
|
92
245
|
/**
|
|
93
246
|
* Cross-file taint analysis.
|
|
@@ -98,74 +251,142 @@ export function buildImportMap(inferredPerFile, graphImports) {
|
|
|
98
251
|
* 3. Look up the target function — does it have a dangerous sink?
|
|
99
252
|
* 4. If yes and no sanitizer in between → cross-file taint path
|
|
100
253
|
*/
|
|
101
|
-
export function analyzeTaintCrossFile(inferredPerFile, graphImports) {
|
|
254
|
+
export function analyzeTaintCrossFile(inferredPerFile, graphImports, graph) {
|
|
102
255
|
const exportMap = buildExportMap(inferredPerFile);
|
|
103
256
|
const importMap = buildImportMap(inferredPerFile, graphImports);
|
|
257
|
+
// Alias resolution for aliased named imports (`import { foo as bar }`).
|
|
258
|
+
// Populated only from ts-morph — the IR-derived path does not preserve alias
|
|
259
|
+
// metadata. Keyed the same as importMap: `importingFile::localName`.
|
|
260
|
+
const aliasMap = new Map();
|
|
261
|
+
// Augment with ts-morph-derived maps so taint works on files that were
|
|
262
|
+
// never KERN-inferred. IR-derived entries take priority; ts-morph fills gaps.
|
|
263
|
+
if (graph?.project) {
|
|
264
|
+
const tsExportMap = buildExportMapFromGraph(graph.project, graph);
|
|
265
|
+
for (const [key, fn] of tsExportMap) {
|
|
266
|
+
if (!exportMap.has(key))
|
|
267
|
+
exportMap.set(key, fn);
|
|
268
|
+
}
|
|
269
|
+
const tsImportMap = buildImportMapFromGraph(graph.project, graph);
|
|
270
|
+
for (const [key, path] of tsImportMap) {
|
|
271
|
+
if (!importMap.has(key))
|
|
272
|
+
importMap.set(key, path);
|
|
273
|
+
}
|
|
274
|
+
const tsAliasMap = buildImportAliasMap(graph.project, graph);
|
|
275
|
+
for (const [key, exportedName] of tsAliasMap) {
|
|
276
|
+
aliasMap.set(key, exportedName);
|
|
277
|
+
}
|
|
278
|
+
}
|
|
279
|
+
// Also walk files that have no IR at all but are present in the graph.
|
|
280
|
+
// These are the files we previously missed entirely.
|
|
281
|
+
const iteratedFiles = new Set(inferredPerFile.keys());
|
|
282
|
+
const extraFiles = [];
|
|
283
|
+
if (graph?.project) {
|
|
284
|
+
for (const gf of graph.files) {
|
|
285
|
+
if (iteratedFiles.has(gf.path))
|
|
286
|
+
continue;
|
|
287
|
+
if (!supportsTsMorphGraphFile(gf.path))
|
|
288
|
+
continue;
|
|
289
|
+
const sf = graph.project.getSourceFile(gf.path);
|
|
290
|
+
if (sf)
|
|
291
|
+
extraFiles.push([gf.path, sf]);
|
|
292
|
+
}
|
|
293
|
+
}
|
|
104
294
|
const results = [];
|
|
295
|
+
const analyzeCaller = (args) => {
|
|
296
|
+
const { filePath, fnName, paramsStr, code, startLine } = args;
|
|
297
|
+
if (!code)
|
|
298
|
+
return;
|
|
299
|
+
const taintedParams = classifyParams(paramsStr);
|
|
300
|
+
if (taintedParams.length === 0)
|
|
301
|
+
return;
|
|
302
|
+
const taintedVars = propagateTaint(code, taintedParams);
|
|
303
|
+
const taintedNames = new Set(taintedVars.map((v) => v.name));
|
|
304
|
+
const callRegex = /\b(\w+)\s*\(/g;
|
|
305
|
+
let callMatch;
|
|
306
|
+
while ((callMatch = callRegex.exec(code)) !== null) {
|
|
307
|
+
const calledFn = callMatch[0].replace(/\s*\($/, '');
|
|
308
|
+
const resolvedFile = importMap.get(`${filePath}::${calledFn}`);
|
|
309
|
+
if (!resolvedFile)
|
|
310
|
+
continue;
|
|
311
|
+
// Resolve alias: if `calledFn` is a local name for an aliased import, use
|
|
312
|
+
// the exported name for the export-map lookup.
|
|
313
|
+
const exportedName = aliasMap.get(`${filePath}::${calledFn}`) ?? calledFn;
|
|
314
|
+
const targetFn = exportMap.get(`${resolvedFile}::${exportedName}`);
|
|
315
|
+
if (!targetFn?.hasSink)
|
|
316
|
+
continue;
|
|
317
|
+
const callStart = callMatch.index + callMatch[0].length;
|
|
318
|
+
const parenEnd = findClosingParen(code, callStart);
|
|
319
|
+
const argText = code.slice(callStart, parenEnd);
|
|
320
|
+
const taintedArgs = [];
|
|
321
|
+
for (const tName of taintedNames) {
|
|
322
|
+
if (new RegExp(`\\b${tName}\\b`).test(argText))
|
|
323
|
+
taintedArgs.push(tName);
|
|
324
|
+
}
|
|
325
|
+
if (taintedArgs.length === 0)
|
|
326
|
+
continue;
|
|
327
|
+
const beforeCall = code.slice(0, callMatch.index);
|
|
328
|
+
const foundSanitizers = detectSanitizers(beforeCall);
|
|
329
|
+
const hasSanitizer = taintedArgs.some((arg) => foundSanitizers.some((s) => new RegExp(`\\b${arg}\\b`).test(s.context)));
|
|
330
|
+
if (hasSanitizer)
|
|
331
|
+
continue;
|
|
332
|
+
for (const sink of targetFn.sinks) {
|
|
333
|
+
const source = taintedVars.find((v) => taintedArgs.includes(v.name));
|
|
334
|
+
if (!source)
|
|
335
|
+
continue;
|
|
336
|
+
results.push({
|
|
337
|
+
callerFile: filePath,
|
|
338
|
+
callerFn: fnName,
|
|
339
|
+
callerLine: startLine,
|
|
340
|
+
calleeFile: resolvedFile,
|
|
341
|
+
calleeFn: exportedName,
|
|
342
|
+
taintedArgs,
|
|
343
|
+
sinkInCallee: sink,
|
|
344
|
+
source,
|
|
345
|
+
});
|
|
346
|
+
}
|
|
347
|
+
}
|
|
348
|
+
};
|
|
349
|
+
// IR-derived callers
|
|
105
350
|
for (const [filePath, inferred] of inferredPerFile) {
|
|
106
351
|
for (const r of inferred) {
|
|
107
352
|
if (r.node.type !== 'fn')
|
|
108
353
|
continue;
|
|
109
|
-
const fnName = r.node.props?.name || 'anonymous';
|
|
110
|
-
const paramsStr = r.node.props?.params || '';
|
|
111
354
|
const handler = r.node.children?.find((c) => c.type === 'handler');
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
124
|
-
|
|
125
|
-
|
|
126
|
-
|
|
127
|
-
|
|
128
|
-
|
|
129
|
-
|
|
130
|
-
|
|
131
|
-
|
|
132
|
-
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
const
|
|
138
|
-
|
|
139
|
-
const taintedArgs = [];
|
|
140
|
-
for (const tName of taintedNames) {
|
|
141
|
-
if (new RegExp(`\\b${tName}\\b`).test(argText)) {
|
|
142
|
-
taintedArgs.push(tName);
|
|
143
|
-
}
|
|
144
|
-
}
|
|
145
|
-
if (taintedArgs.length === 0)
|
|
355
|
+
analyzeCaller({
|
|
356
|
+
filePath,
|
|
357
|
+
fnName: r.node.props?.name || 'anonymous',
|
|
358
|
+
paramsStr: r.node.props?.params || '',
|
|
359
|
+
code: handler?.props?.code || '',
|
|
360
|
+
startLine: r.startLine,
|
|
361
|
+
});
|
|
362
|
+
}
|
|
363
|
+
}
|
|
364
|
+
// ts-morph-derived callers for files that were never KERN-inferred.
|
|
365
|
+
const seenCallers = new Set(); // dedup: filePath::fnName
|
|
366
|
+
for (const [filePath, inferred] of inferredPerFile) {
|
|
367
|
+
for (const r of inferred) {
|
|
368
|
+
if (r.node.type !== 'fn')
|
|
369
|
+
continue;
|
|
370
|
+
const name = r.node.props?.name || '';
|
|
371
|
+
if (name)
|
|
372
|
+
seenCallers.add(`${filePath}::${name}`);
|
|
373
|
+
}
|
|
374
|
+
}
|
|
375
|
+
for (const [filePath, sf] of extraFiles) {
|
|
376
|
+
for (const [exportName, decls] of sf.getExportedDeclarations()) {
|
|
377
|
+
if (seenCallers.has(`${filePath}::${exportName}`))
|
|
378
|
+
continue;
|
|
379
|
+
for (const decl of decls) {
|
|
380
|
+
const sig = collectFnSignature(decl);
|
|
381
|
+
if (!sig)
|
|
146
382
|
continue;
|
|
147
|
-
|
|
148
|
-
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
for (const sink of targetFn.sinks) {
|
|
155
|
-
const source = taintedVars.find((v) => taintedArgs.includes(v.name));
|
|
156
|
-
if (!source)
|
|
157
|
-
continue;
|
|
158
|
-
results.push({
|
|
159
|
-
callerFile: filePath,
|
|
160
|
-
callerFn: fnName,
|
|
161
|
-
callerLine: r.startLine,
|
|
162
|
-
calleeFile: resolvedFile,
|
|
163
|
-
calleeFn: calledFn,
|
|
164
|
-
taintedArgs,
|
|
165
|
-
sinkInCallee: sink,
|
|
166
|
-
source,
|
|
167
|
-
});
|
|
168
|
-
}
|
|
383
|
+
analyzeCaller({
|
|
384
|
+
filePath,
|
|
385
|
+
fnName: exportName,
|
|
386
|
+
paramsStr: sig.params,
|
|
387
|
+
code: sig.code,
|
|
388
|
+
startLine: decl.getStartLineNumber(),
|
|
389
|
+
});
|
|
169
390
|
}
|
|
170
391
|
}
|
|
171
392
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"taint-crossfile.js","sourceRoot":"","sources":["../src/taint-crossfile.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAIxH,4EAA4E;AAE5E;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,eAA2C;IACxE,MAAM,SAAS,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEtD,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,SAAS;YACnC,MAAM,MAAM,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YACpD,IAAI,CAAC,MAAM;gBAAE,SAAS;YAEtB,2EAA2E;YAC3E,MAAM,UAAU,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;YACpD,IAAI,CAAC,UAAU;gBAAE,SAAS;YAE1B,MAAM,MAAM,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,MAAiB,IAAI,EAAE,CAAC;YACtD,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;YACnE,MAAM,IAAI,GAAI,OAAO,EAAE,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YAEpD,sDAAsD;YACtD,MAAM,KAAK,GAAgB,EAAE,CAAC;YAC9B,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,UAAU,GAAkB,EAAE,CAAC;gBACrC,wDAAwD;gBACxD,MAAM,UAAU,GAAG,MAAM;qBACtB,KAAK,CAAC,GAAG,CAAC;qBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;qBAC1C,MAAM,CAAC,OAAO,CAAC,CAAC;gBACnB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,IAAI,EAAE,EAAE,CAAC,CAAC;gBACrD,CAAC;gBACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC1B,KAAK,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC;YAED,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,MAAM,EAAE,EAAE;gBACtC,QAAQ;gBACR,MAAM;gBACN,MAAM;gBACN,OAAO,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;gBACzB,KAAK;aACN,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,UAAU,cAAc,CAC5B,eAA2C,EAC3C,YAAmC;IAEnC,MAAM,SAAS,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE5C,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEzD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ;gBAAE,SAAS;YACvC,MAAM,IAAI,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YAClD,MAAM,KAAK,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,KAAgB,IAAI,EAAE,CAAC;YACpD,MAAM,aAAa,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,OAAkB,IAAI,EAAE,CAAC;YAE9D,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,mDAAmD;YACnD,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC9C,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,CACpE,CAAC;YACF,IAAI,CAAC,YAAY;gBAAE,SAAS;YAE5B,8CAA8C;YAC9C,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;oBACzD,IAAI,IAAI;wBAAE,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,IAAI,EAAE,EAAE,YAAY,CAAC,CAAC;gBAChE,CAAC;YACH,CAAC;YACD,IAAI,aAAa,EAAE,CAAC;gBAClB,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;YAC/D,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,2EAA2E;AAE3E;;;;;;;;GAQG;AACH,MAAM,UAAU,qBAAqB,CACnC,eAA2C,EAC3C,YAAmC;IAEnC,MAAM,SAAS,GAAG,cAAc,CAAC,eAAe,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,cAAc,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IAChE,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,SAAS;YAEnC,MAAM,MAAM,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,WAAW,CAAC;YAC7D,MAAM,SAAS,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,MAAiB,IAAI,EAAE,CAAC;YACzD,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;YACnE,MAAM,IAAI,GAAI,OAAO,EAAE,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YACpD,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,6CAA6C;YAC7C,MAAM,aAAa,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;YAChD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YAEzC,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;YACxD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YAE7D,2DAA2D;YAC3D,MAAM,SAAS,GAAG,eAAe,CAAC;YAClC,IAAI,SAAS,CAAC;YACd,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;gBAEpD,gCAAgC;gBAChC,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,QAAQ,EAAE,CAAC,CAAC;gBAC/D,IAAI,CAAC,YAAY;oBAAE,SAAS;gBAE5B,wCAAwC;gBACxC,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,YAAY,KAAK,QAAQ,EAAE,CAAC,CAAC;gBAC/D,IAAI,CAAC,QAAQ,EAAE,OAAO;oBAAE,SAAS;gBAEjC,wCAAwC;gBACxC,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;gBACxD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;gBACnD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;gBAEhD,sDAAsD;gBACtD,MAAM,WAAW,GAAa,EAAE,CAAC;gBACjC,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;oBACjC,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;wBAC/C,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;oBAC1B,CAAC;gBACH,CAAC;gBAED,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;oBAAE,SAAS;gBAEvC,sDAAsD;gBACtD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;gBAClD,MAAM,eAAe,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;gBACrD,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC5C,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CACxE,CAAC;gBAEF,IAAI,YAAY;oBAAE,SAAS,CAAC,qCAAqC;gBAEjE,8BAA8B;gBAC9B,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;oBAClC,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;oBACrE,IAAI,CAAC,MAAM;wBAAE,SAAS;oBAEtB,OAAO,CAAC,IAAI,CAAC;wBACX,UAAU,EAAE,QAAQ;wBACpB,QAAQ,EAAE,MAAM;wBAChB,UAAU,EAAE,CAAC,CAAC,SAAS;wBACvB,UAAU,EAAE,YAAY;wBACxB,QAAQ,EAAE,QAAQ;wBAClB,WAAW;wBACX,YAAY,EAAE,IAAI;wBAClB,MAAM;qBACP,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
|
1
|
+
{"version":3,"file":"taint-crossfile.js","sourceRoot":"","sources":["../src/taint-crossfile.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAE/B,OAAO,EAAE,cAAc,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAIxH,MAAM,yBAAyB,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;AAE1G,SAAS,wBAAwB,CAAC,QAAgB;IAChD,OAAO,yBAAyB,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,4EAA4E;AAE5E;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,eAA2C;IACxE,MAAM,SAAS,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEtD,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,SAAS;YACnC,MAAM,MAAM,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YACpD,IAAI,CAAC,MAAM;gBAAE,SAAS;YAEtB,2EAA2E;YAC3E,MAAM,UAAU,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;YACpD,IAAI,CAAC,UAAU;gBAAE,SAAS;YAE1B,MAAM,MAAM,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,MAAiB,IAAI,EAAE,CAAC;YACtD,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;YACnE,MAAM,IAAI,GAAI,OAAO,EAAE,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YAEpD,sDAAsD;YACtD,MAAM,KAAK,GAAgB,EAAE,CAAC;YAC9B,IAAI,IAAI,EAAE,CAAC;gBACT,MAAM,UAAU,GAAkB,EAAE,CAAC;gBACrC,wDAAwD;gBACxD,MAAM,UAAU,GAAG,MAAM;qBACtB,KAAK,CAAC,GAAG,CAAC;qBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;qBAC1C,MAAM,CAAC,OAAO,CAAC,CAAC;gBACnB,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;oBAC9B,UAAU,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,IAAI,EAAE,EAAE,CAAC,CAAC;gBACrD,CAAC;gBACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC1B,KAAK,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;gBACpD,CAAC;YACH,CAAC;YAED,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,MAAM,EAAE,EAAE;gBACtC,QAAQ;gBACR,MAAM;gBACN,MAAM;gBACN,OAAO,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;gBACzB,KAAK;aACN,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,2EAA2E;AAE3E;;;GAGG;AACH,MAAM,UAAU,cAAc,CAC5B,eAA2C,EAC3C,YAAmC;IAEnC,MAAM,SAAS,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE5C,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,MAAM,eAAe,GAAG,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;QAEzD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,QAAQ;gBAAE,SAAS;YACvC,MAAM,IAAI,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YAClD,MAAM,KAAK,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,KAAgB,IAAI,EAAE,CAAC;YACpD,MAAM,aAAa,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,OAAkB,IAAI,EAAE,CAAC;YAE9D,IAAI,CAAC,IAAI;gBAAE,SAAS;YAEpB,mDAAmD;YACnD,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC9C,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC,CACpE,CAAC;YACF,IAAI,CAAC,YAAY;gBAAE,SAAS;YAE5B,8CAA8C;YAC9C,IAAI,KAAK,EAAE,CAAC;gBACV,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;oBACzD,IAAI,IAAI;wBAAE,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,IAAI,EAAE,EAAE,YAAY,CAAC,CAAC;gBAChE,CAAC;YACH,CAAC;YACD,IAAI,aAAa,EAAE,CAAC;gBAClB,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,aAAa,EAAE,EAAE,YAAY,CAAC,CAAC;YAC/D,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,2EAA2E;AAE3E;;;;;;;;GAQG;AACH,MAAM,UAAU,uBAAuB,CAAC,OAAgB,EAAE,KAAkB;IAC1E,MAAM,SAAS,GAAG,IAAI,GAAG,EAA4B,CAAC;IAEtD,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC,IAAI,CAAC;YAAE,SAAS;QACjD,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,EAAE;YAAE,SAAS;QAElB,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,uBAAuB,EAAE,EAAE,CAAC;YAC/D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBAC3C,IAAI,CAAC,SAAS;oBAAE,SAAS;gBAEzB,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,GAAG,SAAS,CAAC;gBACnC,MAAM,UAAU,GAAG,MAAM;qBACtB,KAAK,CAAC,GAAG,CAAC;qBACV,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC;qBAC1C,MAAM,CAAC,OAAO,CAAC,CAAC;gBAEnB,MAAM,KAAK,GAAgB,EAAE,CAAC;gBAC9B,IAAI,IAAI,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAClC,MAAM,UAAU,GAAkB,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;wBAC1D,IAAI;wBACJ,MAAM,EAAE,SAAS,IAAI,EAAE;qBACxB,CAAC,CAAC,CAAC;oBACJ,KAAK,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC;gBACpD,CAAC;gBAED,MAAM,GAAG,GAAG,GAAG,EAAE,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;gBACxC,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE;oBACjB,QAAQ,EAAE,EAAE,CAAC,IAAI;oBACjB,MAAM,EAAE,UAAU;oBAClB,MAAM;oBACN,OAAO,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;oBACzB,KAAK;iBACN,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,uBAAuB,CAAC,OAAgB,EAAE,KAAkB;IAC1E,MAAM,SAAS,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE5C,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC,IAAI,CAAC;YAAE,SAAS;QACjD,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,EAAE;YAAE,SAAS;QAElB,KAAK,MAAM,GAAG,IAAI,EAAE,CAAC,qBAAqB,EAAE,EAAE,CAAC;YAC7C,IAAI,MAA8B,CAAC;YACnC,IAAI,CAAC;gBACH,MAAM,GAAG,GAAG,CAAC,4BAA4B,EAAE,IAAI,SAAS,CAAC;YAC3D,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,IAAI,CAAC,MAAM;gBAAE,SAAS;YACtB,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;YAExC,KAAK,MAAM,KAAK,IAAI,GAAG,CAAC,eAAe,EAAE,EAAE,CAAC;gBAC1C,MAAM,SAAS,GAAG,KAAK,CAAC,YAAY,EAAE,EAAE,OAAO,EAAE,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBACrE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,KAAK,SAAS,EAAE,EAAE,UAAU,CAAC,CAAC;YACxD,CAAC;YACD,MAAM,GAAG,GAAG,GAAG,CAAC,gBAAgB,EAAE,CAAC;YACnC,IAAI,GAAG;gBAAE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,KAAK,GAAG,CAAC,OAAO,EAAE,EAAE,EAAE,UAAU,CAAC,CAAC;QACrE,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,UAAU,mBAAmB,CAAC,OAAgB,EAAE,KAAkB;IACtE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE3C,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC,IAAI,CAAC;YAAE,SAAS;QACjD,MAAM,EAAE,GAAG,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,EAAE;YAAE,SAAS;QAElB,KAAK,MAAM,GAAG,IAAI,EAAE,CAAC,qBAAqB,EAAE,EAAE,CAAC;YAC7C,KAAK,MAAM,KAAK,IAAI,GAAG,CAAC,eAAe,EAAE,EAAE,CAAC;gBAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,YAAY,EAAE,CAAC;gBACnC,IAAI,CAAC,KAAK;oBAAE,SAAS,CAAC,+CAA+C;gBACrE,MAAM,SAAS,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC;gBAClC,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,EAAE,CAAC;gBACrC,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,IAAI,KAAK,SAAS,EAAE,EAAE,YAAY,CAAC,CAAC;YACzD,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,4EAA4E;AAC5E,SAAS,kBAAkB,CAAC,IAA6B;IACvD,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IAEhC,IAAI,IAAI,KAAK,qBAAqB,EAAE,CAAC;QACnC,MAAM,EAAE,GAAG,IAA8C,CAAC;QAC1D,MAAM,IAAI,GAAG,EAAE,CAAC,OAAO,EAAE,CAAC;QAC1B,OAAO;YACL,MAAM,EAAE,EAAE;iBACP,aAAa,EAAE;iBACf,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;iBACvB,IAAI,CAAC,GAAG,CAAC;YACZ,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;SAC5B,CAAC;IACJ,CAAC;IAED,IAAI,IAAI,KAAK,qBAAqB,EAAE,CAAC;QACnC,MAAM,EAAE,GAAG,IAA8C,CAAC;QAC1D,MAAM,IAAI,GAAG,EAAE,CAAC,cAAc,EAAE,CAAC;QACjC,IAAI,CAAC,IAAI;YAAE,OAAO,SAAS,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACpC,IAAI,QAAQ,KAAK,eAAe,IAAI,QAAQ,KAAK,oBAAoB;YAAE,OAAO,SAAS,CAAC;QACxF,MAAM,EAAE,GAAG,IAAgF,CAAC;QAC5F,OAAO;YACL,MAAM,EAAE,EAAE;iBACP,aAAa,EAAE;iBACf,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC;iBACvB,IAAI,CAAC,GAAG,CAAC;YACZ,IAAI,EAAE,EAAE,CAAC,OAAO,EAAE,CAAC,OAAO,EAAE;SAC7B,CAAC;IACJ,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,2EAA2E;AAE3E;;;;;;;;GAQG;AACH,MAAM,UAAU,qBAAqB,CACnC,eAA2C,EAC3C,YAAmC,EACnC,KAAmB;IAEnB,MAAM,SAAS,GAAG,cAAc,CAAC,eAAe,CAAC,CAAC;IAClD,MAAM,SAAS,GAAG,cAAc,CAAC,eAAe,EAAE,YAAY,CAAC,CAAC;IAEhE,wEAAwE;IACxE,6EAA6E;IAC7E,qEAAqE;IACrE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE3C,uEAAuE;IACvE,8EAA8E;IAC9E,IAAI,KAAK,EAAE,OAAO,EAAE,CAAC;QACnB,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAClE,KAAK,MAAM,CAAC,GAAG,EAAE,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC;YACpC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QAClD,CAAC;QACD,MAAM,WAAW,GAAG,uBAAuB,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAClE,KAAK,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,WAAW,EAAE,CAAC;YACtC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACpD,CAAC;QACD,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAC7D,KAAK,MAAM,CAAC,GAAG,EAAE,YAAY,CAAC,IAAI,UAAU,EAAE,CAAC;YAC7C,QAAQ,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,qDAAqD;IACrD,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC,CAAC;IACtD,MAAM,UAAU,GAAgC,EAAE,CAAC;IACnD,IAAI,KAAK,EAAE,OAAO,EAAE,CAAC;QACnB,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAC7B,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC;gBAAE,SAAS;YACzC,IAAI,CAAC,wBAAwB,CAAC,EAAE,CAAC,IAAI,CAAC;gBAAE,SAAS;YACjD,MAAM,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC;YAChD,IAAI,EAAE;gBAAE,UAAU,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC;QACzC,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAA2B,EAAE,CAAC;IAE3C,MAAM,aAAa,GAAG,CAAC,IAMtB,EAAE,EAAE;QACH,MAAM,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,GAAG,IAAI,CAAC;QAC9D,IAAI,CAAC,IAAI;YAAE,OAAO;QAElB,MAAM,aAAa,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;QAChD,IAAI,aAAa,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO;QAEvC,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;QACxD,MAAM,YAAY,GAAG,IAAI,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;QAE7D,MAAM,SAAS,GAAG,eAAe,CAAC;QAClC,IAAI,SAAS,CAAC;QACd,OAAO,CAAC,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACnD,MAAM,QAAQ,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAC;YAEpD,MAAM,YAAY,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,QAAQ,EAAE,CAAC,CAAC;YAC/D,IAAI,CAAC,YAAY;gBAAE,SAAS;YAE5B,0EAA0E;YAC1E,+CAA+C;YAC/C,MAAM,YAAY,GAAG,QAAQ,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,QAAQ,EAAE,CAAC,IAAI,QAAQ,CAAC;YAC1E,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,YAAY,KAAK,YAAY,EAAE,CAAC,CAAC;YACnE,IAAI,CAAC,QAAQ,EAAE,OAAO;gBAAE,SAAS;YAEjC,MAAM,SAAS,GAAG,SAAS,CAAC,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;YACxD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACnD,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;YAEhD,MAAM,WAAW,GAAa,EAAE,CAAC;YACjC,KAAK,MAAM,KAAK,IAAI,YAAY,EAAE,CAAC;gBACjC,IAAI,IAAI,MAAM,CAAC,MAAM,KAAK,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC;oBAAE,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;YAC1E,CAAC;YACD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;gBAAE,SAAS;YAEvC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,KAAK,CAAC,CAAC;YAClD,MAAM,eAAe,GAAG,gBAAgB,CAAC,UAAU,CAAC,CAAC;YACrD,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAC5C,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,KAAK,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CACxE,CAAC;YACF,IAAI,YAAY;gBAAE,SAAS;YAE3B,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;gBAClC,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;gBACrE,IAAI,CAAC,MAAM;oBAAE,SAAS;gBACtB,OAAO,CAAC,IAAI,CAAC;oBACX,UAAU,EAAE,QAAQ;oBACpB,QAAQ,EAAE,MAAM;oBAChB,UAAU,EAAE,SAAS;oBACrB,UAAU,EAAE,YAAY;oBACxB,QAAQ,EAAE,YAAY;oBACtB,WAAW;oBACX,YAAY,EAAE,IAAI;oBAClB,MAAM;iBACP,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC,CAAC;IAEF,qBAAqB;IACrB,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,SAAS;YACnC,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,CAAC;YACnE,aAAa,CAAC;gBACZ,QAAQ;gBACR,MAAM,EAAG,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,WAAW;gBACrD,SAAS,EAAG,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,MAAiB,IAAI,EAAE;gBACjD,IAAI,EAAG,OAAO,EAAE,KAAK,EAAE,IAAe,IAAI,EAAE;gBAC5C,SAAS,EAAE,CAAC,CAAC,SAAS;aACvB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,oEAAoE;IACpE,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC,CAAC,0BAA0B;IACjE,KAAK,MAAM,CAAC,QAAQ,EAAE,QAAQ,CAAC,IAAI,eAAe,EAAE,CAAC;QACnD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,IAAI;gBAAE,SAAS;YACnC,MAAM,IAAI,GAAI,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAe,IAAI,EAAE,CAAC;YAClD,IAAI,IAAI;gBAAE,WAAW,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,IAAI,EAAE,CAAC,CAAC;QACpD,CAAC;IACH,CAAC;IACD,KAAK,MAAM,CAAC,QAAQ,EAAE,EAAE,CAAC,IAAI,UAAU,EAAE,CAAC;QACxC,KAAK,MAAM,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,EAAE,CAAC,uBAAuB,EAAE,EAAE,CAAC;YAC/D,IAAI,WAAW,CAAC,GAAG,CAAC,GAAG,QAAQ,KAAK,UAAU,EAAE,CAAC;gBAAE,SAAS;YAC5D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,GAAG,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;gBACrC,IAAI,CAAC,GAAG;oBAAE,SAAS;gBACnB,aAAa,CAAC;oBACZ,QAAQ;oBACR,MAAM,EAAE,UAAU;oBAClB,SAAS,EAAE,GAAG,CAAC,MAAM;oBACrB,IAAI,EAAE,GAAG,CAAC,IAAI;oBACd,SAAS,EAAE,IAAI,CAAC,kBAAkB,EAAE;iBACrC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}
|
package/dist/taint-types.d.ts
CHANGED
|
@@ -121,7 +121,8 @@ export type SinkCategory = TaintSink['category'];
|
|
|
121
121
|
/**
|
|
122
122
|
* Check if a sanitizer is actually sufficient for a given sink category.
|
|
123
123
|
* Returns true if the sanitizer protects against the sink, false if it's
|
|
124
|
-
* a mismatch (e.g., parseInt used to "sanitize" command injection)
|
|
124
|
+
* a mismatch (e.g., parseInt used to "sanitize" command injection) or if the
|
|
125
|
+
* sanitizer name is unrecognized (default-deny so real taint still fires).
|
|
125
126
|
*/
|
|
126
127
|
export declare function isSanitizerSufficient(sanitizerName: string, sinkCategory: SinkCategory): boolean;
|
|
127
128
|
export declare const SINK_NAMES: Map<string, "command" | "fs" | "sql" | "redirect" | "eval" | "template" | "codegen" | "ssrf">;
|
package/dist/taint-types.js
CHANGED
|
@@ -109,24 +109,53 @@ export const SANITIZER_PATTERNS = [
|
|
|
109
109
|
{ pattern: /\bstripDelimiters\s*\(/, name: 'stripDelimiters' },
|
|
110
110
|
{ pattern: /\bcleanForPrompt\s*\(/, name: 'cleanForPrompt' },
|
|
111
111
|
];
|
|
112
|
+
// SANITIZER_PATTERN_NAMES emits bare names ('safeParse', 'parse'); SANITIZER_PATTERNS (regex) emits
|
|
113
|
+
// prefixed names ('schema.safeParse', 'path.normalize'). Both call isSanitizerSufficient(), so the
|
|
114
|
+
// table below carries BOTH forms explicitly for each sanitizer.
|
|
115
|
+
//
|
|
116
|
+
// Design rule: only include a BARE key when the name is unlikely to collide with unrelated methods.
|
|
117
|
+
// `safeParse` is distinctive enough (almost always a Zod/Yup schema call), but bare `parse`,
|
|
118
|
+
// `validate`, `normalize`, `resolve`, `basename` are ambiguous — a user's custom `.parse()` or
|
|
119
|
+
// `.normalize()` would otherwise be silently treated as a full sanitizer, producing false negatives
|
|
120
|
+
// on real taint bugs. Those stay prefixed-only so the regex engine catches them and the AST engine
|
|
121
|
+
// defaults to deny (unknown sanitizer → taint still fires, conservative).
|
|
112
122
|
const SANITIZER_SUFFICIENCY = {
|
|
123
|
+
// Coercion sanitizers (bare names are unambiguous)
|
|
113
124
|
parseInt: new Set(['sql']),
|
|
114
125
|
parseFloat: new Set(['sql']),
|
|
126
|
+
Number: new Set(['sql']),
|
|
115
127
|
'Number()': new Set(['sql']),
|
|
116
|
-
|
|
128
|
+
Boolean: new Set([]), // too weak for any sink — documented for intent
|
|
129
|
+
'Boolean()': new Set([]),
|
|
130
|
+
// Schema validation — `safeParse` stays bare (Zod/Yup-specific); `parse`/`validate`/`validateSync` only as prefixed to avoid colliding with JSON.parse, Date.parse, user methods, etc.
|
|
117
131
|
'schema.parse': new Set(['command', 'fs', 'sql', 'redirect', 'eval', 'template', 'ssrf']),
|
|
118
132
|
'schema.safeParse': new Set(['command', 'fs', 'sql', 'redirect', 'eval', 'template', 'ssrf']),
|
|
133
|
+
safeParse: new Set(['command', 'fs', 'sql', 'redirect', 'eval', 'template', 'ssrf']),
|
|
119
134
|
'schema.validate': new Set(['command', 'fs', 'sql', 'redirect', 'eval', 'template', 'ssrf']),
|
|
120
135
|
'schema.validateSync': new Set(['command', 'fs', 'sql', 'redirect', 'eval', 'template', 'ssrf']),
|
|
136
|
+
// String sanitization
|
|
121
137
|
'sanitize()': new Set(['template']),
|
|
138
|
+
sanitize: new Set(['template']),
|
|
122
139
|
'escape()': new Set(['sql', 'template']),
|
|
140
|
+
escape: new Set(['sql', 'template']),
|
|
141
|
+
escapeHtml: new Set(['template']),
|
|
123
142
|
DOMPurify: new Set(['template']),
|
|
143
|
+
purify: new Set(['template']),
|
|
144
|
+
xss: new Set(['template']),
|
|
124
145
|
// encodeURIComponent prevents open-redirect but NOT SSRF — the attacker still controls the host
|
|
125
146
|
encodeURIComponent: new Set(['redirect']),
|
|
147
|
+
encodeURI: new Set(['redirect']),
|
|
148
|
+
// Path sanitization — only prefixed; a user's `.normalize()` is not safe to treat as FS-sufficient
|
|
126
149
|
'path.normalize': new Set(['fs']),
|
|
150
|
+
'path.resolve': new Set(['fs']),
|
|
151
|
+
'path.basename': new Set(['fs']),
|
|
127
152
|
'replace(../)': new Set(['fs']),
|
|
153
|
+
// SQL parameterization
|
|
128
154
|
'parameterized query ($N)': new Set(['sql']),
|
|
129
155
|
'parameterized query (?)': new Set(['sql']),
|
|
156
|
+
parameterized: new Set(['sql']),
|
|
157
|
+
sqlstring: new Set(['sql']),
|
|
158
|
+
// Prompt sanitization
|
|
130
159
|
sanitizeForPrompt: new Set(['template']),
|
|
131
160
|
escapePrompt: new Set(['template']),
|
|
132
161
|
stripDelimiters: new Set(['template']),
|
|
@@ -135,7 +164,8 @@ const SANITIZER_SUFFICIENCY = {
|
|
|
135
164
|
/**
|
|
136
165
|
* Check if a sanitizer is actually sufficient for a given sink category.
|
|
137
166
|
* Returns true if the sanitizer protects against the sink, false if it's
|
|
138
|
-
* a mismatch (e.g., parseInt used to "sanitize" command injection)
|
|
167
|
+
* a mismatch (e.g., parseInt used to "sanitize" command injection) or if the
|
|
168
|
+
* sanitizer name is unrecognized (default-deny so real taint still fires).
|
|
139
169
|
*/
|
|
140
170
|
export function isSanitizerSufficient(sanitizerName, sinkCategory) {
|
|
141
171
|
const allowed = SANITIZER_SUFFICIENCY[sanitizerName];
|