@kevinrabun/judges 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +98 -0
- package/dist/evaluators/authentication.d.ts.map +1 -1
- package/dist/evaluators/authentication.js +114 -4
- package/dist/evaluators/authentication.js.map +1 -1
- package/dist/evaluators/compliance.d.ts.map +1 -1
- package/dist/evaluators/compliance.js +21 -3
- package/dist/evaluators/compliance.js.map +1 -1
- package/dist/evaluators/configuration-management.d.ts.map +1 -1
- package/dist/evaluators/configuration-management.js +23 -1
- package/dist/evaluators/configuration-management.js.map +1 -1
- package/dist/evaluators/cybersecurity.d.ts.map +1 -1
- package/dist/evaluators/cybersecurity.js +27 -5
- package/dist/evaluators/cybersecurity.js.map +1 -1
- package/dist/evaluators/data-security.d.ts.map +1 -1
- package/dist/evaluators/data-security.js +114 -2
- package/dist/evaluators/data-security.js.map +1 -1
- package/dist/evaluators/database.js +1 -1
- package/dist/evaluators/database.js.map +1 -1
- package/dist/evaluators/ethics-bias.d.ts.map +1 -1
- package/dist/evaluators/ethics-bias.js +13 -1
- package/dist/evaluators/ethics-bias.js.map +1 -1
- package/dist/evaluators/index.d.ts +10 -4
- package/dist/evaluators/index.d.ts.map +1 -1
- package/dist/evaluators/index.js +111 -17
- package/dist/evaluators/index.js.map +1 -1
- package/dist/evaluators/observability.d.ts.map +1 -1
- package/dist/evaluators/observability.js +2 -1
- package/dist/evaluators/observability.js.map +1 -1
- package/dist/evaluators/performance.js +1 -1
- package/dist/evaluators/performance.js.map +1 -1
- package/dist/evaluators/shared.d.ts.map +1 -1
- package/dist/evaluators/shared.js +6 -0
- package/dist/evaluators/shared.js.map +1 -1
- package/dist/evaluators/v2.d.ts +4 -0
- package/dist/evaluators/v2.d.ts.map +1 -1
- package/dist/evaluators/v2.js +8 -2
- package/dist/evaluators/v2.js.map +1 -1
- package/dist/index.js +104 -11
- package/dist/index.js.map +1 -1
- package/dist/language-patterns.js +2 -2
- package/dist/reports/public-repo-report.d.ts +10 -0
- package/dist/reports/public-repo-report.d.ts.map +1 -1
- package/dist/reports/public-repo-report.js +106 -7
- package/dist/reports/public-repo-report.js.map +1 -1
- package/dist/types.d.ts +2 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -159,6 +159,78 @@ npm install -g @kevinrabun/judges
|
|
|
159
159
|
|
|
160
160
|
Then use `judges` as the command in your MCP config (no `args` needed).
|
|
161
161
|
|
|
162
|
+
### 5. Use Judges in GitHub Copilot PR Reviews
|
|
163
|
+
|
|
164
|
+
Yes — users can include Judges as part of GitHub-based review workflows, with one important caveat:
|
|
165
|
+
|
|
166
|
+
- The hosted `copilot-pull-request-reviewer` on GitHub does not currently let you directly attach arbitrary local MCP servers the same way VS Code does.
|
|
167
|
+
- The practical pattern is to run Judges in CI on each PR, publish a report/check, and have Copilot + human reviewers use that output during review.
|
|
168
|
+
|
|
169
|
+
#### Option A (recommended): PR workflow check + report artifact
|
|
170
|
+
|
|
171
|
+
Create `.github/workflows/judges-pr-review.yml`:
|
|
172
|
+
|
|
173
|
+
```yaml
|
|
174
|
+
name: Judges PR Review
|
|
175
|
+
|
|
176
|
+
on:
|
|
177
|
+
pull_request:
|
|
178
|
+
types: [opened, synchronize, reopened]
|
|
179
|
+
|
|
180
|
+
jobs:
|
|
181
|
+
judges:
|
|
182
|
+
runs-on: ubuntu-latest
|
|
183
|
+
permissions:
|
|
184
|
+
contents: read
|
|
185
|
+
pull-requests: write
|
|
186
|
+
|
|
187
|
+
steps:
|
|
188
|
+
- name: Checkout
|
|
189
|
+
uses: actions/checkout@v4
|
|
190
|
+
|
|
191
|
+
- name: Setup Node
|
|
192
|
+
uses: actions/setup-node@v4
|
|
193
|
+
with:
|
|
194
|
+
node-version: 20
|
|
195
|
+
cache: npm
|
|
196
|
+
|
|
197
|
+
- name: Install
|
|
198
|
+
run: npm ci
|
|
199
|
+
|
|
200
|
+
- name: Generate Judges report
|
|
201
|
+
run: |
|
|
202
|
+
npx tsx -e "import { generateRepoReportFromLocalPath } from './src/reports/public-repo-report.ts';
|
|
203
|
+
const result = generateRepoReportFromLocalPath({
|
|
204
|
+
repoPath: process.cwd(),
|
|
205
|
+
outputPath: 'judges-pr-report.md',
|
|
206
|
+
maxFiles: 600,
|
|
207
|
+
maxFindingsInReport: 150,
|
|
208
|
+
});
|
|
209
|
+
console.log('Overall:', result.overallVerdict, result.averageScore);"
|
|
210
|
+
|
|
211
|
+
- name: Upload report artifact
|
|
212
|
+
uses: actions/upload-artifact@v4
|
|
213
|
+
with:
|
|
214
|
+
name: judges-pr-report
|
|
215
|
+
path: judges-pr-report.md
|
|
216
|
+
```
|
|
217
|
+
|
|
218
|
+
This gives every PR a reproducible Judges output your team (and Copilot) can reference.
|
|
219
|
+
|
|
220
|
+
#### Option B: Add Copilot custom instructions in-repo
|
|
221
|
+
|
|
222
|
+
Add `.github/instructions/judges.instructions.md` with guidance such as:
|
|
223
|
+
|
|
224
|
+
```markdown
|
|
225
|
+
When reviewing pull requests:
|
|
226
|
+
1. Read the latest Judges report artifact/check output first.
|
|
227
|
+
2. Prioritize CRITICAL and HIGH findings in remediation guidance.
|
|
228
|
+
3. If findings conflict, defer to security/compliance-related Judges.
|
|
229
|
+
4. Include rule IDs (e.g., DATA-001, CYBER-004) in suggested fixes.
|
|
230
|
+
```
|
|
231
|
+
|
|
232
|
+
This helps keep Copilot feedback aligned with Judges findings.
|
|
233
|
+
|
|
162
234
|
---
|
|
163
235
|
|
|
164
236
|
## The Judge Panel
|
|
@@ -303,6 +375,8 @@ Supports:
|
|
|
303
375
|
| `language` | string | conditional | Programming language for single-file mode |
|
|
304
376
|
| `files` | array | conditional | `{ path, content, language }[]` for project mode |
|
|
305
377
|
| `context` | string | no | High-level review context |
|
|
378
|
+
| `includeAstFindings` | boolean | no | Include AST/code-structure findings (default: true) |
|
|
379
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
306
380
|
| `policyProfile` | enum | no | `default`, `startup`, `regulated`, `healthcare`, `fintech`, `public-sector` |
|
|
307
381
|
| `evaluationContext` | object | no | Structured architecture/constraint context |
|
|
308
382
|
| `evidence` | object | no | Runtime/operational evidence for confidence calibration |
|
|
@@ -328,6 +402,8 @@ Supports:
|
|
|
328
402
|
| `context` | string | no | Optional business/technical context |
|
|
329
403
|
| `maxFindings` | number | no | Max translated top findings (default: 10) |
|
|
330
404
|
| `maxTasks` | number | no | Max generated tasks (default: 20) |
|
|
405
|
+
| `includeAstFindings` | boolean | no | Include AST/code-structure findings (default: true) |
|
|
406
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
331
407
|
|
|
332
408
|
### `evaluate_public_repo_report`
|
|
333
409
|
Clone a **public repository URL**, run the full judges panel across eligible source files, and generate a consolidated markdown report.
|
|
@@ -340,6 +416,9 @@ Clone a **public repository URL**, run the full judges panel across eligible sou
|
|
|
340
416
|
| `maxFiles` | number | no | Max files analyzed (default: 600) |
|
|
341
417
|
| `maxFileBytes` | number | no | Max file size in bytes (default: 300000) |
|
|
342
418
|
| `maxFindingsInReport` | number | no | Max detailed findings in output (default: 150) |
|
|
419
|
+
| `credentialMode` | string | no | Credential detection mode: `standard` (default) or `strict` |
|
|
420
|
+
| `includeAstFindings` | boolean | no | Include AST/code-structure findings (default: true) |
|
|
421
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
343
422
|
| `keepClone` | boolean | no | Keep cloned repo on disk for inspection |
|
|
344
423
|
|
|
345
424
|
**Quick examples**
|
|
@@ -348,6 +427,15 @@ Generate a report from CLI:
|
|
|
348
427
|
|
|
349
428
|
```bash
|
|
350
429
|
npm run report:public-repo -- --repoUrl https://github.com/microsoft/vscode --output reports/vscode-judges-report.md
|
|
430
|
+
|
|
431
|
+
# stricter credential-signal mode (optional)
|
|
432
|
+
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --credentialMode strict --output reports/openclaw-judges-report-strict.md
|
|
433
|
+
|
|
434
|
+
# judge findings only (exclude AST/code-structure findings)
|
|
435
|
+
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --includeAstFindings false --output reports/openclaw-judges-report-no-ast.md
|
|
436
|
+
|
|
437
|
+
# show only findings at 80%+ confidence
|
|
438
|
+
npm run report:public-repo -- --repoUrl https://github.com/openclaw/openclaw --minConfidence 0.8 --output reports/openclaw-judges-report-high-confidence.md
|
|
351
439
|
```
|
|
352
440
|
|
|
353
441
|
Call from MCP client:
|
|
@@ -360,6 +448,9 @@ Call from MCP client:
|
|
|
360
448
|
"branch": "main",
|
|
361
449
|
"maxFiles": 400,
|
|
362
450
|
"maxFindingsInReport": 120,
|
|
451
|
+
"credentialMode": "strict",
|
|
452
|
+
"includeAstFindings": false,
|
|
453
|
+
"minConfidence": 0.8,
|
|
363
454
|
"outputPath": "reports/vscode-judges-report.md"
|
|
364
455
|
}
|
|
365
456
|
}
|
|
@@ -395,6 +486,8 @@ Submit code to the **full judges panel**. All 33 judges evaluate independently a
|
|
|
395
486
|
| `code` | string | yes | The source code to evaluate |
|
|
396
487
|
| `language` | string | yes | Programming language (e.g., `typescript`, `python`) |
|
|
397
488
|
| `context` | string | no | Additional context about the code |
|
|
489
|
+
| `includeAstFindings` | boolean | no | Include AST/code-structure findings (default: true) |
|
|
490
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
398
491
|
|
|
399
492
|
### `evaluate_code_single_judge`
|
|
400
493
|
Submit code to a **specific judge** for targeted review.
|
|
@@ -405,6 +498,7 @@ Submit code to a **specific judge** for targeted review.
|
|
|
405
498
|
| `language` | string | yes | Programming language |
|
|
406
499
|
| `judgeId` | string | yes | See [judge IDs](#judge-ids) below |
|
|
407
500
|
| `context` | string | no | Additional context |
|
|
501
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
408
502
|
|
|
409
503
|
### `evaluate_project`
|
|
410
504
|
Submit multiple files for **project-level analysis**. All 33 judges evaluate each file, plus cross-file architectural analysis detects code duplication, inconsistent error handling, and dependency cycles.
|
|
@@ -413,6 +507,8 @@ Submit multiple files for **project-level analysis**. All 33 judges evaluate eac
|
|
|
413
507
|
|-----------|------|----------|-------------|
|
|
414
508
|
| `files` | array | yes | Array of `{ path, content, language }` objects |
|
|
415
509
|
| `context` | string | no | Optional project context |
|
|
510
|
+
| `includeAstFindings` | boolean | no | Include AST/code-structure findings (default: true) |
|
|
511
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
416
512
|
|
|
417
513
|
### `evaluate_diff`
|
|
418
514
|
Evaluate only the **changed lines** in a code diff. Runs all 33 judges on the full file but filters findings to lines you specify. Ideal for PR reviews and incremental analysis.
|
|
@@ -423,6 +519,8 @@ Evaluate only the **changed lines** in a code diff. Runs all 33 judges on the fu
|
|
|
423
519
|
| `language` | string | yes | Programming language |
|
|
424
520
|
| `changedLines` | number[] | yes | 1-based line numbers that were changed |
|
|
425
521
|
| `context` | string | no | Optional context about the change |
|
|
522
|
+
| `includeAstFindings` | boolean | no | Include AST/code-structure findings (default: true) |
|
|
523
|
+
| `minConfidence` | number | no | Minimum finding confidence to include (0-1, default: 0) |
|
|
426
524
|
|
|
427
525
|
### `analyze_dependencies`
|
|
428
526
|
Analyze a dependency manifest file for supply-chain risks, version pinning issues, typosquatting indicators, and dependency hygiene. Supports `package.json`, `requirements.txt`, `Cargo.toml`, `go.mod`, `pom.xml`, and `.csproj` files.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../src/evaluators/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"authentication.d.ts","sourceRoot":"","sources":["../../src/evaluators/authentication.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAgJtC,wBAAgB,qBAAqB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAmL/E"}
|
|
@@ -1,12 +1,123 @@
|
|
|
1
1
|
import { getLineNumbers, getLangFamily } from "./shared.js";
|
|
2
|
+
function isLikelyPlaceholderCredentialValue(value) {
|
|
3
|
+
const normalized = value.trim().toLowerCase();
|
|
4
|
+
const exactPlaceholders = new Set([
|
|
5
|
+
"test",
|
|
6
|
+
"testing",
|
|
7
|
+
"mock",
|
|
8
|
+
"dummy",
|
|
9
|
+
"example",
|
|
10
|
+
"sample",
|
|
11
|
+
"fake",
|
|
12
|
+
"na",
|
|
13
|
+
"n/a",
|
|
14
|
+
"none",
|
|
15
|
+
"null",
|
|
16
|
+
"undefined",
|
|
17
|
+
"changeme",
|
|
18
|
+
"change_me",
|
|
19
|
+
"replace_me",
|
|
20
|
+
"replace-me",
|
|
21
|
+
"your_token_here",
|
|
22
|
+
"your_api_key",
|
|
23
|
+
"unused",
|
|
24
|
+
"not_used",
|
|
25
|
+
"placeholder",
|
|
26
|
+
]);
|
|
27
|
+
if (exactPlaceholders.has(normalized)) {
|
|
28
|
+
return true;
|
|
29
|
+
}
|
|
30
|
+
if (/^(?:test|mock|dummy|sample|example|fake|placeholder|na|n\/a|unused|changeme|replace)[-_a-z0-9]*$/i.test(normalized)) {
|
|
31
|
+
return true;
|
|
32
|
+
}
|
|
33
|
+
return false;
|
|
34
|
+
}
|
|
35
|
+
function isStrictCredentialDetectionEnabled() {
|
|
36
|
+
return process.env.JUDGES_CREDENTIAL_MODE?.toLowerCase() === "strict";
|
|
37
|
+
}
|
|
38
|
+
function looksLikeRealCredentialValue(value) {
|
|
39
|
+
if (isLikelyPlaceholderCredentialValue(value)) {
|
|
40
|
+
return false;
|
|
41
|
+
}
|
|
42
|
+
if (!isStrictCredentialDetectionEnabled()) {
|
|
43
|
+
return true;
|
|
44
|
+
}
|
|
45
|
+
const normalized = value.trim();
|
|
46
|
+
if (normalized.length < 12) {
|
|
47
|
+
return false;
|
|
48
|
+
}
|
|
49
|
+
if (/(?:test|mock|dummy|sample|example|fake|placeholder|changeme|replace[_-]?me|unused|not[_-]?used|password|secret)/i.test(normalized)) {
|
|
50
|
+
return false;
|
|
51
|
+
}
|
|
52
|
+
const hasLower = /[a-z]/.test(normalized);
|
|
53
|
+
const hasUpper = /[A-Z]/.test(normalized);
|
|
54
|
+
const hasDigit = /\d/.test(normalized);
|
|
55
|
+
const hasSymbol = /[^A-Za-z0-9]/.test(normalized);
|
|
56
|
+
const classCount = [hasLower, hasUpper, hasDigit, hasSymbol].filter(Boolean).length;
|
|
57
|
+
if (normalized.length >= 20 && classCount >= 2) {
|
|
58
|
+
return true;
|
|
59
|
+
}
|
|
60
|
+
if (normalized.length >= 16 && classCount >= 3) {
|
|
61
|
+
return true;
|
|
62
|
+
}
|
|
63
|
+
return false;
|
|
64
|
+
}
|
|
65
|
+
function getHardcodedCredentialLinesWithoutPlaceholders(code) {
|
|
66
|
+
const lines = code.split("\n");
|
|
67
|
+
const flaggedLines = [];
|
|
68
|
+
const assignmentPattern = /\b(password|passwd|pwd|secret|api_?key|apikey|token|auth_?token)\b\s*[:=]\s*["'`]([^"'`]{3,})["'`]/gi;
|
|
69
|
+
const nonProductionContextPattern = /\b(?:test|tests|mock|mocks|fixture|fixtures|harness|e2e|example|sample|dummy)\b/i;
|
|
70
|
+
const productionContextPattern = /\b(?:prod|production|release|deploy|deployment)\b/i;
|
|
71
|
+
const isLikelyTestModule = /\b(?:describe|it|test)\s*\(/i.test(code);
|
|
72
|
+
if (isLikelyTestModule && !productionContextPattern.test(code)) {
|
|
73
|
+
return [];
|
|
74
|
+
}
|
|
75
|
+
for (let index = 0; index < lines.length; index += 1) {
|
|
76
|
+
const line = lines[index];
|
|
77
|
+
const matches = [...line.matchAll(assignmentPattern)];
|
|
78
|
+
if (matches.length === 0)
|
|
79
|
+
continue;
|
|
80
|
+
const contextStart = Math.max(0, index - 2);
|
|
81
|
+
const contextEnd = Math.min(lines.length, index + 3);
|
|
82
|
+
const context = lines.slice(contextStart, contextEnd).join("\n");
|
|
83
|
+
const isLikelyNonProductionContext = nonProductionContextPattern.test(context) &&
|
|
84
|
+
!productionContextPattern.test(context);
|
|
85
|
+
const hasRealCredential = matches.some((match) => {
|
|
86
|
+
const value = match[2] ?? "";
|
|
87
|
+
return looksLikeRealCredentialValue(value);
|
|
88
|
+
});
|
|
89
|
+
if (hasRealCredential && !isLikelyNonProductionContext) {
|
|
90
|
+
flaggedLines.push(index + 1);
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
return flaggedLines;
|
|
94
|
+
}
|
|
95
|
+
function getWeakCredentialHashLines(code) {
|
|
96
|
+
const lines = code.split("\n");
|
|
97
|
+
const weakHashPattern = /createHash\s*\(\s*["'`](?:md5|sha1|sha256)["'`]\)|(?:\bmd5\b|\bsha1\b)\s*\(/gi;
|
|
98
|
+
const authContextPattern = /password|passwd|pwd|credential|login|signin|signup|auth|token|session|user/i;
|
|
99
|
+
const flagged = [];
|
|
100
|
+
for (let index = 0; index < lines.length; index += 1) {
|
|
101
|
+
weakHashPattern.lastIndex = 0;
|
|
102
|
+
if (!weakHashPattern.test(lines[index])) {
|
|
103
|
+
continue;
|
|
104
|
+
}
|
|
105
|
+
const start = Math.max(0, index - 4);
|
|
106
|
+
const end = Math.min(lines.length - 1, index + 4);
|
|
107
|
+
const context = lines.slice(start, end + 1).join("\n");
|
|
108
|
+
if (authContextPattern.test(context)) {
|
|
109
|
+
flagged.push(index + 1);
|
|
110
|
+
}
|
|
111
|
+
}
|
|
112
|
+
return flagged;
|
|
113
|
+
}
|
|
2
114
|
export function analyzeAuthentication(code, language) {
|
|
3
115
|
const findings = [];
|
|
4
116
|
let ruleNum = 1;
|
|
5
117
|
const prefix = "AUTH";
|
|
6
118
|
const lang = getLangFamily(language);
|
|
7
119
|
// Hardcoded credentials
|
|
8
|
-
const
|
|
9
|
-
const credentialLines = getLineNumbers(code, credentialPattern);
|
|
120
|
+
const credentialLines = getHardcodedCredentialLinesWithoutPlaceholders(code);
|
|
10
121
|
if (credentialLines.length > 0) {
|
|
11
122
|
findings.push({
|
|
12
123
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
@@ -46,8 +157,7 @@ export function analyzeAuthentication(code, language) {
|
|
|
46
157
|
});
|
|
47
158
|
}
|
|
48
159
|
// Weak password hashing
|
|
49
|
-
const
|
|
50
|
-
const weakHashLines = getLineNumbers(code, weakHashPattern);
|
|
160
|
+
const weakHashLines = getWeakCredentialHashLines(code);
|
|
51
161
|
if (weakHashLines.length > 0) {
|
|
52
162
|
findings.push({
|
|
53
163
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"authentication.js","sourceRoot":"","sources":["../../src/evaluators/authentication.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAsB,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,
|
|
1
|
+
{"version":3,"file":"authentication.js","sourceRoot":"","sources":["../../src/evaluators/authentication.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAsB,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,SAAS,kCAAkC,CAAC,KAAa;IACvD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAE9C,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;QAChC,MAAM;QACN,SAAS;QACT,MAAM;QACN,OAAO;QACP,SAAS;QACT,QAAQ;QACR,MAAM;QACN,IAAI;QACJ,KAAK;QACL,MAAM;QACN,MAAM;QACN,WAAW;QACX,UAAU;QACV,WAAW;QACX,YAAY;QACZ,YAAY;QACZ,iBAAiB;QACjB,cAAc;QACd,QAAQ;QACR,UAAU;QACV,aAAa;KACd,CAAC,CAAC;IAEH,IAAI,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,mGAAmG,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACzH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,kCAAkC;IACzC,OAAO,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,WAAW,EAAE,KAAK,QAAQ,CAAC;AACxE,CAAC;AAED,SAAS,4BAA4B,CAAC,KAAa;IACjD,IAAI,kCAAkC,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC,kCAAkC,EAAE,EAAE,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAChC,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC3B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,kHAAkH,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACxI,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAEpF,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,8CAA8C,CAAC,IAAY;IAClE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,iBAAiB,GAAG,sGAAsG,CAAC;IAEjI,MAAM,2BAA2B,GAAG,kFAAkF,CAAC;IACvH,MAAM,wBAAwB,GAAG,oDAAoD,CAAC;IACtF,MAAM,kBAAkB,GAAG,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAErE,IAAI,kBAAkB,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QAC/D,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACrD,MAAM,IAAI,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC;QAC1B,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;QACtD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEnC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEjE,MAAM,4BAA4B,GAChC,2BAA2B,CAAC,IAAI,CAAC,OAAO,CAAC;YACzC,CAAC,wBAAwB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAE1C,MAAM,iBAAiB,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;YAC/C,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC7B,OAAO,4BAA4B,CAAC,KAAK,CAAC,CAAC;QAC7C,CAAC,CAAC,CAAC;QAEH,IAAI,iBAAiB,IAAI,CAAC,4BAA4B,EAAE,CAAC;YACvD,YAAY,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,0BAA0B,CAAC,IAAY;IAC9C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,eAAe,GAAG,+EAA+E,CAAC;IACxG,MAAM,kBAAkB,GAAG,6EAA6E,CAAC;IAEzG,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACrD,eAAe,CAAC,SAAS,GAAG,CAAC,CAAC;QAC9B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YACxC,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QAClD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEvD,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACrC,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,IAAY,EAAE,QAAgB;IAClE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,MAAM,CAAC;IACtB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,wBAAwB;IACxB,MAAM,eAAe,GAAG,8CAA8C,CAAC,IAAI,CAAC,CAAC;IAC7E,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,SAAS,eAAe,CAAC,MAAM,iKAAiK;YAC7M,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,sJAAsJ;YACtK,SAAS,EAAE,wCAAwC;SACpD,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,MAAM,SAAS,GAAG,iDAAiD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/E,MAAM,iBAAiB,GAAG,wJAAwJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9L,IAAI,SAAS,IAAI,CAAC,iBAAiB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACpE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,gJAAgJ;YAC7J,cAAc,EAAE,gKAAgK;YAChL,SAAS,EAAE,yDAAyD;SACrE,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,iBAAiB,GAAG,oEAAoE,CAAC;IAC/F,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;IAChE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,0JAA0J;YACvK,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,uIAAuI;YACvJ,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,wBAAwB;IACxB,MAAM,aAAa,GAAG,0BAA0B,CAAC,IAAI,CAAC,CAAC;IACvD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,2IAA2I;YACxJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,0HAA0H;YAC1I,SAAS,EAAE,mDAAmD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,YAAY,GAAG,kGAAkG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnI,IAAI,SAAS,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC/D,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,uDAAuD;YAC9D,WAAW,EAAE,yIAAyI;YACtJ,cAAc,EAAE,6IAA6I;YAC7J,SAAS,EAAE,uEAAuE;SACnF,CAAC,CAAC;IACL,CAAC;IAED,2BAA2B;IAC3B,MAAM,MAAM,GAAG,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpD,MAAM,YAAY,GAAG,qDAAqD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtF,MAAM,UAAU,GAAG,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9D,IAAI,MAAM,IAAI,UAAU,IAAI,CAAC,YAAY,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,6IAA6I;YAC1J,cAAc,EAAE,iHAAiH;YACjI,SAAS,EAAE,uCAAuC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,wCAAwC;IACxC,MAAM,kBAAkB,GAAG,8HAA8H,CAAC;IAC1J,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAC1D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,wJAAwJ;YACrK,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,0IAA0I;YAC1J,SAAS,EAAE,0CAA0C;SACtD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,UAAU,GAAG,4DAA4D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3F,MAAM,SAAS,GAAG,kEAAkE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,IAAI,UAAU,IAAI,CAAC,SAAS,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,iJAAiJ;YAC9J,cAAc,EAAE,qIAAqI;YACrJ,SAAS,EAAE,sCAAsC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,mDAAmD;IACnD,MAAM,mBAAmB,GAAG,8DAA8D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtG,MAAM,iBAAiB,GAAG,kHAAkH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxJ,IAAI,mBAAmB,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,mJAAmJ;YAChK,cAAc,EAAE,qJAAqJ;YACrK,SAAS,EAAE,0CAA0C;SACtD,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,QAAQ,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,MAAM,UAAU,GAAG,gGAAgG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/H,IAAI,QAAQ,IAAI,CAAC,UAAU,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,+HAA+H;YAC5I,cAAc,EAAE,6JAA6J;YAC7K,SAAS,EAAE,wCAAwC;SACpD,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,aAAa,GAAG,2DAA2D,CAAC;IAClF,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACxD,MAAM,cAAc,GAAG,wDAAwD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3F,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,cAAc,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,2CAA2C;YAClD,WAAW,EAAE,yIAAyI;YACtJ,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,8IAA8I;YAC9J,SAAS,EAAE,8CAA8C;SAC1D,CAAC,CAAC;IACL,CAAC;IAED,qBAAqB;IACrB,MAAM,WAAW,GAAG,wCAAwC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxE,MAAM,OAAO,GAAG,8DAA8D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1F,IAAI,WAAW,IAAI,CAAC,OAAO,IAAI,UAAU,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,0IAA0I;YACvJ,cAAc,EAAE,8IAA8I;YAC9J,SAAS,EAAE,6CAA6C;SACzD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"compliance.d.ts","sourceRoot":"","sources":["../../src/evaluators/compliance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"compliance.d.ts","sourceRoot":"","sources":["../../src/evaluators/compliance.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAsP3E"}
|
|
@@ -5,11 +5,24 @@ export function analyzeCompliance(code, language) {
|
|
|
5
5
|
const prefix = "COMP";
|
|
6
6
|
let ruleNum = 1;
|
|
7
7
|
const lang = getLangFamily(language);
|
|
8
|
+
const isCommentLikeLine = (line) => {
|
|
9
|
+
const trimmed = line.trim();
|
|
10
|
+
return (trimmed.startsWith("//") ||
|
|
11
|
+
trimmed.startsWith("/*") ||
|
|
12
|
+
trimmed.startsWith("*") ||
|
|
13
|
+
trimmed.startsWith("#") ||
|
|
14
|
+
trimmed.startsWith("--"));
|
|
15
|
+
};
|
|
8
16
|
// Detect PII handling without encryption
|
|
9
17
|
const piiFieldLines = [];
|
|
10
18
|
lines.forEach((line, i) => {
|
|
19
|
+
if (isCommentLikeLine(line))
|
|
20
|
+
return;
|
|
11
21
|
if (/(?:ssn|social_security|tax_id|passport|national_id|driver_license)/i.test(line) && !/encrypt|hash|mask|redact/i.test(line)) {
|
|
12
|
-
|
|
22
|
+
const context = lines.slice(Math.max(0, i - 4), Math.min(lines.length, i + 5)).join("\n");
|
|
23
|
+
if (/(?:save|store|insert|persist|write|log|send|post|request|payload|body|db\.)/i.test(context)) {
|
|
24
|
+
piiFieldLines.push(i + 1);
|
|
25
|
+
}
|
|
13
26
|
}
|
|
14
27
|
});
|
|
15
28
|
if (piiFieldLines.length > 0) {
|
|
@@ -105,10 +118,15 @@ export function analyzeCompliance(code, language) {
|
|
|
105
118
|
// Detect credit card number patterns (PCI DSS)
|
|
106
119
|
const cardNumberLines = [];
|
|
107
120
|
lines.forEach((line, i) => {
|
|
108
|
-
if (
|
|
121
|
+
if (isCommentLikeLine(line))
|
|
122
|
+
return;
|
|
123
|
+
const context = lines.slice(Math.max(0, i - 4), Math.min(lines.length, i + 5)).join("\n");
|
|
124
|
+
const hasPaymentContext = /(?:payment|billing|checkout|charge|\bcard(?:Number)?\b|\bpan\b|stripe|braintree|authorize|capture|transaction)/i.test(context);
|
|
125
|
+
const hasOperationalFlow = /(?:store|save|log|send|post|request|payload|body|db\.)/i.test(context);
|
|
126
|
+
if (/\b(?:4[0-9]{12}(?:[0-9]{3})?|5[1-5][0-9]{14}|3[47][0-9]{13}|6(?:011|5[0-9]{2})[0-9]{12})\b/.test(line) && hasPaymentContext && hasOperationalFlow) {
|
|
109
127
|
cardNumberLines.push(i + 1);
|
|
110
128
|
}
|
|
111
|
-
if (/credit.?card|card.?number|ccn|pan\b|cardNumber/i.test(line) && !/mask|redact|encrypt|hash|tokenize|\*{4}/i.test(line)) {
|
|
129
|
+
if (/credit.?card|card.?number|ccn|pan\b|cardNumber/i.test(line) && !/mask|redact|encrypt|hash|tokenize|\*{4}/i.test(line) && hasPaymentContext && hasOperationalFlow) {
|
|
112
130
|
cardNumberLines.push(i + 1);
|
|
113
131
|
}
|
|
114
132
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"compliance.js","sourceRoot":"","sources":["../../src/evaluators/compliance.ts"],"names":[],"mappings":"AACA,OAAO,EAAsC,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IAC9D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,MAAM,CAAC;IACtB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,yCAAyC;IACzC,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,qEAAqE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAChI,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"compliance.js","sourceRoot":"","sources":["../../src/evaluators/compliance.ts"],"names":[],"mappings":"AACA,OAAO,EAAsC,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IAC9D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,MAAM,CAAC;IACtB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,MAAM,iBAAiB,GAAG,CAAC,IAAY,EAAW,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YACxB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CACzB,CAAC;IACJ,CAAC,CAAC;IAEF,yCAAyC;IACzC,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,iBAAiB,CAAC,IAAI,CAAC;YAAE,OAAO;QAEpC,IAAI,qEAAqE,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAChI,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1F,IAAI,8EAA8E,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACjG,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,2HAA2H;YACxI,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,iHAAiH;YACjI,SAAS,EAAE,gCAAgC;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,uCAAuC;IACvC,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtE,aAAa,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,UAAU,GAAG,qDAAqD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;QAC5C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,mIAAmI;YAChJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,0GAA0G;YAC1H,SAAS,EAAE,qCAAqC;SACjD,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,2CAA2C,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iDAAiD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3H,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1F,IAAI,CAAC,kDAAkD,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACtE,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,+CAA+C;YACtD,WAAW,EAAE,0GAA0G;YACvH,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,wHAAwH;YACxI,SAAS,EAAE,yCAAyC;SACrD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,kCAAkC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,2DAA2D,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5H,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,kCAAkC;YACzC,WAAW,EAAE,yHAAyH;YACtI,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,6GAA6G;YAC7H,SAAS,EAAE,mDAAmD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,cAAc,GAAa,EAAE,CAAC;IACpC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,uFAAuF,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvG,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,gEAAgE,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACpF,cAAc,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,yCAAyC;YAChD,WAAW,EAAE,qHAAqH;YAClI,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,kHAAkH;YAClI,SAAS,EAAE,oCAAoC;SAChD,CAAC,CAAC;IACL,CAAC;IAED,+CAA+C;IAC/C,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,iBAAiB,CAAC,IAAI,CAAC;YAAE,OAAO;QAEpC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1F,MAAM,iBAAiB,GAAG,iHAAiH,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC1J,MAAM,kBAAkB,GAAG,yDAAyD,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEnG,IAAI,4FAA4F,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;YACvJ,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;QACD,IAAI,iDAAiD,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,0CAA0C,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,iBAAiB,IAAI,kBAAkB,EAAE,CAAC;YACtK,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,mIAAmI;YAChJ,WAAW,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,CAAC;YAC1C,cAAc,EAAE,kIAAkI;YAClJ,SAAS,EAAE,uDAAuD;SACnE,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,6GAA6G,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7K,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,uDAAuD;YAC9D,WAAW,EAAE,gIAAgI;YAC7I,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,oHAAoH;YACpI,SAAS,EAAE,uCAAuC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,6CAA6C;IAC7C,MAAM,oBAAoB,GAAG,wFAAwF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjI,MAAM,cAAc,GAAG,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpG,IAAI,cAAc,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC5C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,6HAA6H;YAC1I,cAAc,EAAE,uHAAuH;YACvI,SAAS,EAAE,0DAA0D;SACtE,CAAC,CAAC;IACL,CAAC;IAED,uDAAuD;IACvD,MAAM,WAAW,GAAa,EAAE,CAAC;IACjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,mCAAmC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9F,WAAW,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,+GAA+G;YAC5H,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,sHAAsH;YACtI,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,yFAAyF,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACzG,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,kBAAkB,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1G,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACtD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iDAAiD;YACxD,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACxC,cAAc,EAAE,qGAAqG;YACrH,SAAS,EAAE,sDAAsD;SAClE,CAAC,CAAC;IACL,CAAC;IAED,mDAAmD;IACnD,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,+EAA+E,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/F,gBAAgB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,aAAa,GAAG,sDAAsD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxF,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,sIAAsI;YACnJ,WAAW,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACzC,cAAc,EAAE,uGAAuG;YACvH,SAAS,EAAE,sCAAsC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"configuration-management.d.ts","sourceRoot":"","sources":["../../src/evaluators/configuration-management.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,8BAA8B,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"configuration-management.d.ts","sourceRoot":"","sources":["../../src/evaluators/configuration-management.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,8BAA8B,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAsLxF"}
|
|
@@ -6,7 +6,29 @@ export function analyzeConfigurationManagement(code, language) {
|
|
|
6
6
|
const lang = getLangFamily(language);
|
|
7
7
|
// Hardcoded secrets / credentials
|
|
8
8
|
const secretPattern = /(?:password|passwd|secret|api_?key|token|private_?key)\s*[:=]\s*["'`][^"'`]{3,}/gi;
|
|
9
|
-
const
|
|
9
|
+
const nonProductionContextPattern = /\b(?:test|tests|mock|mocks|fixture|fixtures|harness|e2e|example|sample|dummy)\b/i;
|
|
10
|
+
const productionContextPattern = /\b(?:prod|production|release|deploy|deployment)\b/i;
|
|
11
|
+
const secretLines = [];
|
|
12
|
+
if (/\b(?:describe|it|test)\s*\(/i.test(code) && !productionContextPattern.test(code)) {
|
|
13
|
+
// Skip hardcoded secret findings in explicit test modules.
|
|
14
|
+
}
|
|
15
|
+
else {
|
|
16
|
+
const lines = code.split("\n");
|
|
17
|
+
for (let index = 0; index < lines.length; index += 1) {
|
|
18
|
+
secretPattern.lastIndex = 0;
|
|
19
|
+
if (!secretPattern.test(lines[index])) {
|
|
20
|
+
continue;
|
|
21
|
+
}
|
|
22
|
+
const contextStart = Math.max(0, index - 2);
|
|
23
|
+
const contextEnd = Math.min(lines.length, index + 3);
|
|
24
|
+
const context = lines.slice(contextStart, contextEnd).join("\n");
|
|
25
|
+
const isLikelyNonProductionContext = nonProductionContextPattern.test(context) &&
|
|
26
|
+
!productionContextPattern.test(context);
|
|
27
|
+
if (!isLikelyNonProductionContext) {
|
|
28
|
+
secretLines.push(index + 1);
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
}
|
|
10
32
|
if (secretLines.length > 0) {
|
|
11
33
|
findings.push({
|
|
12
34
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"configuration-management.js","sourceRoot":"","sources":["../../src/evaluators/configuration-management.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAsB,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,8BAA8B,CAAC,IAAY,EAAE,QAAgB;IAC3E,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,kCAAkC;IAClC,MAAM,aAAa,GAAG,mFAAmF,CAAC;IAC1G,MAAM,WAAW,GAAG,
|
|
1
|
+
{"version":3,"file":"configuration-management.js","sourceRoot":"","sources":["../../src/evaluators/configuration-management.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAsB,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,8BAA8B,CAAC,IAAY,EAAE,QAAgB;IAC3E,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,KAAK,CAAC;IACrB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,kCAAkC;IAClC,MAAM,aAAa,GAAG,mFAAmF,CAAC;IAC1G,MAAM,2BAA2B,GAAG,kFAAkF,CAAC;IACvH,MAAM,wBAAwB,GAAG,oDAAoD,CAAC;IACtF,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACtF,2DAA2D;IAC7D,CAAC;SAAM,CAAC;QAEN,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/B,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;YACrD,aAAa,CAAC,SAAS,GAAG,CAAC,CAAC;YAC5B,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;gBACtC,SAAS;YACX,CAAC;YAED,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YACrD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjE,MAAM,4BAA4B,GAChC,2BAA2B,CAAC,IAAI,CAAC,OAAO,CAAC;gBACzC,CAAC,wBAAwB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAE1C,IAAI,CAAC,4BAA4B,EAAE,CAAC;gBAClC,WAAW,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,kCAAkC;YACzC,WAAW,EAAE,SAAS,WAAW,CAAC,MAAM,4JAA4J;YACpM,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,gKAAgK;YAChL,SAAS,EAAE,mDAAmD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,sBAAsB,GAAG,oHAAoH,CAAC;IACpJ,MAAM,oBAAoB,GAAG,cAAc,CAAC,IAAI,EAAE,sBAAsB,CAAC,CAAC;IAC1E,IAAI,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wDAAwD;YAC/D,WAAW,EAAE,SAAS,oBAAoB,CAAC,MAAM,sIAAsI;YACvL,WAAW,EAAE,oBAAoB;YACjC,cAAc,EAAE,4JAA4J;YAC5K,SAAS,EAAE,oCAAoC;SAChD,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,MAAM,UAAU,GAAG,gGAAgG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/H,MAAM,SAAS,GAAG,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/F,IAAI,CAAC,UAAU,IAAI,SAAS,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC7D,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,wKAAwK;YACrL,cAAc,EAAE,6JAA6J;YAC7K,SAAS,EAAE,oCAAoC;SAChD,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,MAAM,mBAAmB,GAAG,+FAA+F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvI,IAAI,SAAS,IAAI,CAAC,mBAAmB,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACtE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,6JAA6J;YAC1K,cAAc,EAAE,8IAA8I;YAC9J,SAAS,EAAE,qCAAqC;SACjD,CAAC,CAAC;IACL,CAAC;IAED,yDAAyD;IACzD,MAAM,mBAAmB,GAAG,qDAAqD,CAAC;IAClF,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,qEAAqE;IACrE,IAAI,UAAU,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC/C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,kDAAkD;YACzD,WAAW,EAAE,sKAAsK;YACnL,cAAc,EAAE,uJAAuJ;YACvK,SAAS,EAAE,+CAA+C;SAC3D,CAAC,CAAC;IACL,CAAC;IAED,wCAAwC;IACxC,MAAM,mBAAmB,GAAG,iEAAiE,CAAC;IAC9F,MAAM,iBAAiB,GAAG,cAAc,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;IACpE,MAAM,qBAAqB,GAAG,uCAAuC,CAAC;IACtE,MAAM,eAAe,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IACzE,MAAM,QAAQ,GAAG,iBAAiB,CAAC,MAAM,CAAC;IAC1C,IAAI,QAAQ,GAAG,CAAC,IAAI,eAAe,KAAK,CAAC,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,SAAS,QAAQ,qIAAqI;YACnK,WAAW,EAAE,iBAAiB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,cAAc,EAAE,sJAAsJ;YACtK,SAAS,EAAE,sCAAsC;SAClD,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,kBAAkB,GAAG,iGAAiG,CAAC;IAC7H,MAAM,gBAAgB,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAClE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,SAAS,gBAAgB,CAAC,MAAM,uGAAuG;YACpJ,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,8IAA8I;YAC9J,SAAS,EAAE,8DAA8D;SAC1E,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,MAAM,UAAU,GAAG,0DAA0D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzF,MAAM,WAAW,GAAG,8DAA8D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC9F,IAAI,UAAU,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC/D,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,uCAAuC;YAC9C,WAAW,EAAE,iKAAiK;YAC9K,cAAc,EAAE,6KAA6K;YAC7L,SAAS,EAAE,sDAAsD;SAClE,CAAC,CAAC;IACL,CAAC;IAED,wCAAwC;IACxC,MAAM,eAAe,GAAG,kFAAkF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtH,IAAI,UAAU,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACnE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,8KAA8K;YAC3L,cAAc,EAAE,4JAA4J;YAC5K,SAAS,EAAE,iDAAiD;SAC7D,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,kBAAkB,GAAG,yHAAyH,CAAC;IACrJ,MAAM,gBAAgB,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAClE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kDAAkD;YACzD,WAAW,EAAE,SAAS,gBAAgB,CAAC,MAAM,yIAAyI;YACtL,WAAW,EAAE,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACzC,cAAc,EAAE,+JAA+J;YAC/K,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cybersecurity.d.ts","sourceRoot":"","sources":["../../src/evaluators/cybersecurity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"cybersecurity.d.ts","sourceRoot":"","sources":["../../src/evaluators/cybersecurity.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,oBAAoB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAoU9E"}
|
|
@@ -35,13 +35,25 @@ export function analyzeCybersecurity(code, language) {
|
|
|
35
35
|
}
|
|
36
36
|
// Command injection risk (multi-language)
|
|
37
37
|
const cmdLines = getLangLineNumbers(code, language, LP.COMMAND_INJECTION);
|
|
38
|
-
|
|
38
|
+
const filteredCmdLines = cmdLines.filter((lineNumber) => {
|
|
39
|
+
const index = lineNumber - 1;
|
|
40
|
+
const context = code
|
|
41
|
+
.split("\n")
|
|
42
|
+
.slice(Math.max(0, index - 3), index + 4)
|
|
43
|
+
.join("\n");
|
|
44
|
+
const dangerousSink = /\b(?:exec|execSync|spawn|spawnSync|system|popen|Runtime\.getRuntime\(\)\.exec|subprocess\.(?:Popen|run|call)|os\.system)\s*\(/i;
|
|
45
|
+
const safeSink = /\bexecFile\s*\(/i;
|
|
46
|
+
const untrustedInput = /(?:req\.|request\.|params\.|query\.|body\.|argv|input|user|prompt|command)/i;
|
|
47
|
+
const unsafeConstruction = /(?:\+\s*\w|\$\{[^}]+\}|\.concat\s*\(|\.join\s*\(|shell\s*:\s*true)/i;
|
|
48
|
+
return dangerousSink.test(context) && !safeSink.test(context) && untrustedInput.test(context) && unsafeConstruction.test(context);
|
|
49
|
+
});
|
|
50
|
+
if (filteredCmdLines.length > 0) {
|
|
39
51
|
findings.push({
|
|
40
52
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
41
53
|
severity: "critical",
|
|
42
54
|
title: "Potential command injection",
|
|
43
55
|
description: "Shell commands are constructed with string concatenation/interpolation, allowing an attacker to inject arbitrary OS commands if user input is included.",
|
|
44
|
-
lineNumbers:
|
|
56
|
+
lineNumbers: filteredCmdLines,
|
|
45
57
|
recommendation: "Use execFile() with an argument array instead of exec(). Never concatenate user input into shell commands. Validate and sanitize all inputs.",
|
|
46
58
|
reference: "OWASP Command Injection — CWE-78",
|
|
47
59
|
});
|
|
@@ -176,15 +188,25 @@ export function analyzeCybersecurity(code, language) {
|
|
|
176
188
|
});
|
|
177
189
|
}
|
|
178
190
|
// Template injection (SSTI)
|
|
179
|
-
const templatePatterns = /render_template_string|
|
|
191
|
+
const templatePatterns = /render_template_string|nunjucks\.renderString|Handlebars\.compile\s*\(|ERB\.new\s*\(/gi;
|
|
180
192
|
const templateLines = getLineNumbers(code, templatePatterns);
|
|
181
|
-
|
|
193
|
+
const filteredTemplateLines = templateLines.filter((lineNumber) => {
|
|
194
|
+
const index = lineNumber - 1;
|
|
195
|
+
const context = code
|
|
196
|
+
.split("\n")
|
|
197
|
+
.slice(Math.max(0, index - 3), index + 4)
|
|
198
|
+
.join("\n");
|
|
199
|
+
const templateSink = /(?:render_template_string|nunjucks\.renderString|Handlebars\.compile\s*\(|ERB\.new\s*\()/i;
|
|
200
|
+
const untrustedInput = /(?:req\.|request\.|params\.|query\.|body\.|input|user)/i;
|
|
201
|
+
return templateSink.test(context) && untrustedInput.test(context);
|
|
202
|
+
});
|
|
203
|
+
if (filteredTemplateLines.length > 0) {
|
|
182
204
|
findings.push({
|
|
183
205
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
184
206
|
severity: "critical",
|
|
185
207
|
title: "Potential Server-Side Template Injection (SSTI)",
|
|
186
208
|
description: "User input appears to be passed directly to template rendering, allowing attackers to execute arbitrary code via template syntax.",
|
|
187
|
-
lineNumbers:
|
|
209
|
+
lineNumbers: filteredTemplateLines,
|
|
188
210
|
recommendation: "Never pass user input as template source. Use templates only from trusted files with parameterized data. Enable sandboxing if available.",
|
|
189
211
|
reference: "OWASP SSTI — CWE-1336",
|
|
190
212
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cybersecurity.js","sourceRoot":"","sources":["../../src/evaluators/cybersecurity.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,oBAAoB,CAAC,IAAY,EAAE,QAAgB;IACjE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,yCAAyC;IACzC,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC;IACpE,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,+BAA+B;YACtC,WAAW,EAAE,yHAAyH;YACtI,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,8HAA8H;YAC9I,SAAS,EAAE,+BAA+B;YAC1C,YAAY,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,4DAA4D,CAAC,CAAC,CAAC,SAAS;SACzG,CAAC,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,MAAM,gBAAgB,GAAG,wEAAwE,CAAC;IAClG,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC9D,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,2JAA2J;YACxK,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,uKAAuK;YACvL,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC;IAC1E,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,8IAA8I;YAC9J,SAAS,EAAE,kCAAkC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,yDAAyD;IACzD,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC;IACrE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,6HAA6H;YAC1I,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,yJAAyJ;YACzK,SAAS,EAAE,0CAA0C;SACtD,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC;IACvE,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,8HAA8H;YAC3I,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,gJAAgJ;YAChK,SAAS,EAAE,uCAAuC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,2BAA2B;IAC3B,MAAM,YAAY,GAAG,qGAAqG,CAAC;IAC3H,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,kIAAkI;YAC/I,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,yIAAyI;YACzJ,SAAS,EAAE,6EAA6E;SACzF,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,MAAM,YAAY,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;IAC3E,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kDAAkD;YACzD,WAAW,EAAE,kJAAkJ;YAC/J,WAAW,EAAE,YAAY;YACzB,cAAc,EAAE,+KAA+K;YAC/L,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,+HAA+H,CAAC;IACpJ,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACnD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,aAAa,GAAG,qHAAqH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvJ,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,oCAAoC;gBAC3C,WAAW,EAAE,sJAAsJ;gBACnK,WAAW,EAAE,QAAQ;gBACrB,cAAc,EAAE,4IAA4I;gBAC5J,SAAS,EAAE,qBAAqB;aACjC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,MAAM,YAAY,GAAG,4GAA4G,CAAC;IAClI,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,iBAAiB,GAAG,6CAA6C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnF,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,0BAA0B;gBACjC,WAAW,EAAE,+GAA+G;gBAC5H,WAAW,EAAE,SAAS;gBACtB,cAAc,EAAE,2GAA2G;gBAC3H,SAAS,EAAE,+BAA+B;aAC3C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sDAAsD;IACtD,MAAM,YAAY,GAAG,mLAAmL,CAAC;IACzM,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,4KAA4K;YACzL,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,uKAAuK;YACvL,SAAS,EAAE,sBAAsB;SAClC,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,gBAAgB,GAAG,4LAA4L,CAAC;IACtN,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC7D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,yBAAyB;YAChC,WAAW,EAAE,uIAAuI;YACpJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,oIAAoI;YACpJ,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,gEAAgE;IAChE,MAAM,aAAa,GAAG,iJAAiJ,CAAC;IACxK,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACvD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,iJAAiJ;YAC9J,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,kIAAkI;YAClJ,SAAS,EAAE,qDAAqD;SACjE,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,gBAAgB,GAAG,yKAAyK,CAAC;IACnM,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC7D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,iDAAiD;YACxD,WAAW,EAAE,mIAAmI;YAChJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,0IAA0I;YAC1J,SAAS,EAAE,uBAAuB;SACnC,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,YAAY,GAAG,yHAAyH,CAAC;IAC/I,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,uHAAuH;YACpI,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,iGAAiG;YACjH,SAAS,EAAE,oDAAoD;SAChE,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,SAAS,GAAG,mJAAmJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjL,MAAM,SAAS,GAAG,2JAA2J,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzL,IAAI,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,yJAAyJ;YACtK,cAAc,EAAE,iKAAiK;YACjL,SAAS,EAAE,kCAAkC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,kDAAkD;IAClD,MAAM,eAAe,GAAG,iIAAiI,CAAC;IAC1J,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC3D,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,MAAM,gBAAgB,GAAG,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5E,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,gCAAgC;gBACvC,WAAW,EAAE,2GAA2G;gBACxH,WAAW,EAAE,YAAY;gBACzB,cAAc,EAAE,qIAAqI;gBACrJ,SAAS,EAAE,oCAAoC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,kBAAkB,GAAG,sDAAsD,CAAC;IAClF,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5D,MAAM,aAAa,GAAG,uEAAuE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzG,IAAI,aAAa,IAAI,gBAAgB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACxE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,kIAAkI;YAC/I,cAAc,EAAE,oKAAoK;YACpL,SAAS,EAAE,2BAA2B;SACvC,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,MAAM,gBAAgB,GAAG,gKAAgK,CAAC;IAC1L,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC7D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,oIAAoI;YACjJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,iHAAiH;YACjI,SAAS,EAAE,wCAAwC;SACpD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,sEAAsE,CAAC,CAAC;IACnH,MAAM,YAAY,GAAG,sCAAsC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,wIAAwI;YACrJ,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACtC,cAAc,EAAE,8HAA8H;YAC9I,SAAS,EAAE,6BAA6B;SACzC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
1
|
+
{"version":3,"file":"cybersecurity.js","sourceRoot":"","sources":["../../src/evaluators/cybersecurity.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,oBAAoB,CAAC,IAAY,EAAE,QAAgB;IACjE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,OAAO,CAAC;IACvB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,yCAAyC;IACzC,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC;IACpE,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,+BAA+B;YACtC,WAAW,EAAE,yHAAyH;YACtI,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,8HAA8H;YAC9I,SAAS,EAAE,+BAA+B;YAC1C,YAAY,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,4DAA4D,CAAC,CAAC,CAAC,SAAS;SACzG,CAAC,CAAC;IACL,CAAC;IAED,6DAA6D;IAC7D,MAAM,gBAAgB,GAAG,wEAAwE,CAAC;IAClG,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC9D,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,2JAA2J;YACxK,WAAW,EAAE,cAAc;YAC3B,cAAc,EAAE,uKAAuK;YACvL,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC;IAC1E,MAAM,gBAAgB,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE;QACtD,MAAM,KAAK,GAAG,UAAU,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI;aACjB,KAAK,CAAC,IAAI,CAAC;aACX,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;aACxC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEd,MAAM,aAAa,GAAG,gIAAgI,CAAC;QACvJ,MAAM,QAAQ,GAAG,kBAAkB,CAAC;QACpC,MAAM,cAAc,GAAG,6EAA6E,CAAC;QACrG,MAAM,kBAAkB,GAAG,qEAAqE,CAAC;QAEjG,OAAO,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,kBAAkB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpI,CAAC,CAAC,CAAC;IAEH,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,8IAA8I;YAC9J,SAAS,EAAE,kCAAkC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,yDAAyD;IACzD,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC;IACrE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,6HAA6H;YAC1I,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,yJAAyJ;YACzK,SAAS,EAAE,0CAA0C;SACtD,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC;IACvE,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,8HAA8H;YAC3I,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,gJAAgJ;YAChK,SAAS,EAAE,uCAAuC;SACnD,CAAC,CAAC;IACL,CAAC;IAED,2BAA2B;IAC3B,MAAM,YAAY,GAAG,qGAAqG,CAAC;IAC3H,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACtD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,oCAAoC;YAC3C,WAAW,EAAE,kIAAkI;YAC/I,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,yIAAyI;YACzJ,SAAS,EAAE,6EAA6E;SACzF,CAAC,CAAC;IACL,CAAC;IAED,sDAAsD;IACtD,MAAM,YAAY,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,cAAc,CAAC,CAAC;IAC3E,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kDAAkD;YACzD,WAAW,EAAE,kJAAkJ;YAC/J,WAAW,EAAE,YAAY;YACzB,cAAc,EAAE,+KAA+K;YAC/L,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,+HAA+H,CAAC;IACpJ,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACnD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,aAAa,GAAG,qHAAqH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvJ,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,oCAAoC;gBAC3C,WAAW,EAAE,sJAAsJ;gBACnK,WAAW,EAAE,QAAQ;gBACrB,cAAc,EAAE,4IAA4I;gBAC5J,SAAS,EAAE,qBAAqB;aACjC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,kCAAkC;IAClC,MAAM,YAAY,GAAG,4GAA4G,CAAC;IAClI,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,MAAM,iBAAiB,GAAG,6CAA6C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnF,IAAI,CAAC,iBAAiB,EAAE,CAAC;YACvB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,0BAA0B;gBACjC,WAAW,EAAE,+GAA+G;gBAC5H,WAAW,EAAE,SAAS;gBACtB,cAAc,EAAE,2GAA2G;gBAC3H,SAAS,EAAE,+BAA+B;aAC3C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sDAAsD;IACtD,MAAM,YAAY,GAAG,mLAAmL,CAAC;IACzM,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8CAA8C;YACrD,WAAW,EAAE,4KAA4K;YACzL,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,uKAAuK;YACvL,SAAS,EAAE,sBAAsB;SAClC,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,gBAAgB,GAAG,4LAA4L,CAAC;IACtN,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC7D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,yBAAyB;YAChC,WAAW,EAAE,uIAAuI;YACpJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,oIAAoI;YACpJ,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,gEAAgE;IAChE,MAAM,aAAa,GAAG,iJAAiJ,CAAC;IACxK,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACvD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,iJAAiJ;YAC9J,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,kIAAkI;YAClJ,SAAS,EAAE,qDAAqD;SACjE,CAAC,CAAC;IACL,CAAC;IAED,4BAA4B;IAC5B,MAAM,gBAAgB,GAAG,wFAAwF,CAAC;IAClH,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC7D,MAAM,qBAAqB,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE;QAChE,MAAM,KAAK,GAAG,UAAU,GAAG,CAAC,CAAC;QAC7B,MAAM,OAAO,GAAG,IAAI;aACjB,KAAK,CAAC,IAAI,CAAC;aACX,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC;aACxC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEd,MAAM,YAAY,GAAG,2FAA2F,CAAC;QACjH,MAAM,cAAc,GAAG,yDAAyD,CAAC;QAEjF,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACpE,CAAC,CAAC,CAAC;IAEH,IAAI,qBAAqB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,iDAAiD;YACxD,WAAW,EAAE,mIAAmI;YAChJ,WAAW,EAAE,qBAAqB;YAClC,cAAc,EAAE,0IAA0I;YAC1J,SAAS,EAAE,uBAAuB;SACnC,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,YAAY,GAAG,yHAAyH,CAAC;IAC/I,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,uHAAuH;YACpI,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,iGAAiG;YACjH,SAAS,EAAE,oDAAoD;SAChE,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,SAAS,GAAG,mJAAmJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjL,MAAM,SAAS,GAAG,2JAA2J,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzL,IAAI,SAAS,IAAI,CAAC,SAAS,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,yJAAyJ;YACtK,cAAc,EAAE,iKAAiK;YACjL,SAAS,EAAE,kCAAkC;SAC9C,CAAC,CAAC;IACL,CAAC;IAED,kDAAkD;IAClD,MAAM,eAAe,GAAG,iIAAiI,CAAC;IAC1J,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC3D,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,MAAM,gBAAgB,GAAG,uCAAuC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5E,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,gCAAgC;gBACvC,WAAW,EAAE,2GAA2G;gBACxH,WAAW,EAAE,YAAY;gBACzB,cAAc,EAAE,qIAAqI;gBACrJ,SAAS,EAAE,oCAAoC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,kBAAkB,GAAG,sDAAsD,CAAC;IAClF,MAAM,gBAAgB,GAAG,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5D,MAAM,aAAa,GAAG,uEAAuE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzG,IAAI,aAAa,IAAI,gBAAgB,IAAI,CAAC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;QACxE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,mCAAmC;YAC1C,WAAW,EAAE,kIAAkI;YAC/I,cAAc,EAAE,oKAAoK;YACpL,SAAS,EAAE,2BAA2B;SACvC,CAAC,CAAC;IACL,CAAC;IAED,oCAAoC;IACpC,MAAM,gBAAgB,GAAG,gKAAgK,CAAC;IAC1L,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,gBAAgB,CAAC,CAAC;IAC7D,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,oIAAoI;YACjJ,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,iHAAiH;YACjI,SAAS,EAAE,wCAAwC;SACpD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,sEAAsE,CAAC,CAAC;IACnH,MAAM,YAAY,GAAG,sCAAsC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACvE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;QAC9C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,wIAAwI;YACrJ,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACtC,cAAc,EAAE,8HAA8H;YAC9I,SAAS,EAAE,6BAA6B;SACzC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-security.d.ts","sourceRoot":"","sources":["../../src/evaluators/data-security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"data-security.d.ts","sourceRoot":"","sources":["../../src/evaluators/data-security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AA2HtC,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CA2T7E"}
|