@kevinrabun/judges 2.0.0 → 2.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +98 -0
- package/dist/evaluators/authentication.d.ts.map +1 -1
- package/dist/evaluators/authentication.js +114 -4
- package/dist/evaluators/authentication.js.map +1 -1
- package/dist/evaluators/compliance.d.ts.map +1 -1
- package/dist/evaluators/compliance.js +21 -3
- package/dist/evaluators/compliance.js.map +1 -1
- package/dist/evaluators/configuration-management.d.ts.map +1 -1
- package/dist/evaluators/configuration-management.js +23 -1
- package/dist/evaluators/configuration-management.js.map +1 -1
- package/dist/evaluators/cybersecurity.d.ts.map +1 -1
- package/dist/evaluators/cybersecurity.js +27 -5
- package/dist/evaluators/cybersecurity.js.map +1 -1
- package/dist/evaluators/data-security.d.ts.map +1 -1
- package/dist/evaluators/data-security.js +114 -2
- package/dist/evaluators/data-security.js.map +1 -1
- package/dist/evaluators/database.js +1 -1
- package/dist/evaluators/database.js.map +1 -1
- package/dist/evaluators/ethics-bias.d.ts.map +1 -1
- package/dist/evaluators/ethics-bias.js +13 -1
- package/dist/evaluators/ethics-bias.js.map +1 -1
- package/dist/evaluators/index.d.ts +10 -4
- package/dist/evaluators/index.d.ts.map +1 -1
- package/dist/evaluators/index.js +111 -17
- package/dist/evaluators/index.js.map +1 -1
- package/dist/evaluators/observability.d.ts.map +1 -1
- package/dist/evaluators/observability.js +2 -1
- package/dist/evaluators/observability.js.map +1 -1
- package/dist/evaluators/performance.js +1 -1
- package/dist/evaluators/performance.js.map +1 -1
- package/dist/evaluators/shared.d.ts.map +1 -1
- package/dist/evaluators/shared.js +6 -0
- package/dist/evaluators/shared.js.map +1 -1
- package/dist/evaluators/v2.d.ts +4 -0
- package/dist/evaluators/v2.d.ts.map +1 -1
- package/dist/evaluators/v2.js +8 -2
- package/dist/evaluators/v2.js.map +1 -1
- package/dist/index.js +104 -11
- package/dist/index.js.map +1 -1
- package/dist/language-patterns.js +2 -2
- package/dist/reports/public-repo-report.d.ts +10 -0
- package/dist/reports/public-repo-report.d.ts.map +1 -1
- package/dist/reports/public-repo-report.js +106 -7
- package/dist/reports/public-repo-report.js.map +1 -1
- package/dist/types.d.ts +2 -0
- package/dist/types.d.ts.map +1 -1
- package/package.json +1 -1
|
@@ -1,5 +1,103 @@
|
|
|
1
1
|
import { getLineNumbers, getLangLineNumbers, getLangFamily } from "./shared.js";
|
|
2
2
|
import * as LP from "../language-patterns.js";
|
|
3
|
+
function isLikelyPlaceholderCredentialValue(value) {
|
|
4
|
+
const normalized = value.trim().toLowerCase();
|
|
5
|
+
const exactPlaceholders = new Set([
|
|
6
|
+
"test",
|
|
7
|
+
"testing",
|
|
8
|
+
"mock",
|
|
9
|
+
"dummy",
|
|
10
|
+
"example",
|
|
11
|
+
"sample",
|
|
12
|
+
"fake",
|
|
13
|
+
"na",
|
|
14
|
+
"n/a",
|
|
15
|
+
"none",
|
|
16
|
+
"null",
|
|
17
|
+
"undefined",
|
|
18
|
+
"changeme",
|
|
19
|
+
"change_me",
|
|
20
|
+
"replace_me",
|
|
21
|
+
"replace-me",
|
|
22
|
+
"your_token_here",
|
|
23
|
+
"your_api_key",
|
|
24
|
+
"unused",
|
|
25
|
+
"not_used",
|
|
26
|
+
"placeholder",
|
|
27
|
+
]);
|
|
28
|
+
if (exactPlaceholders.has(normalized)) {
|
|
29
|
+
return true;
|
|
30
|
+
}
|
|
31
|
+
if (/^(?:test|mock|dummy|sample|example|fake|placeholder|na|n\/a|unused|changeme|replace)[-_a-z0-9]*$/i.test(normalized)) {
|
|
32
|
+
return true;
|
|
33
|
+
}
|
|
34
|
+
return false;
|
|
35
|
+
}
|
|
36
|
+
function isStrictCredentialDetectionEnabled() {
|
|
37
|
+
return process.env.JUDGES_CREDENTIAL_MODE?.toLowerCase() === "strict";
|
|
38
|
+
}
|
|
39
|
+
function looksLikeRealCredentialValue(value) {
|
|
40
|
+
if (isLikelyPlaceholderCredentialValue(value)) {
|
|
41
|
+
return false;
|
|
42
|
+
}
|
|
43
|
+
if (!isStrictCredentialDetectionEnabled()) {
|
|
44
|
+
return true;
|
|
45
|
+
}
|
|
46
|
+
const normalized = value.trim();
|
|
47
|
+
if (normalized.length < 12) {
|
|
48
|
+
return false;
|
|
49
|
+
}
|
|
50
|
+
if (/(?:test|mock|dummy|sample|example|fake|placeholder|changeme|replace[_-]?me|unused|not[_-]?used|password|secret)/i.test(normalized)) {
|
|
51
|
+
return false;
|
|
52
|
+
}
|
|
53
|
+
const hasLower = /[a-z]/.test(normalized);
|
|
54
|
+
const hasUpper = /[A-Z]/.test(normalized);
|
|
55
|
+
const hasDigit = /\d/.test(normalized);
|
|
56
|
+
const hasSymbol = /[^A-Za-z0-9]/.test(normalized);
|
|
57
|
+
const classCount = [hasLower, hasUpper, hasDigit, hasSymbol].filter(Boolean).length;
|
|
58
|
+
if (normalized.length >= 20 && classCount >= 2) {
|
|
59
|
+
return true;
|
|
60
|
+
}
|
|
61
|
+
if (normalized.length >= 16 && classCount >= 3) {
|
|
62
|
+
return true;
|
|
63
|
+
}
|
|
64
|
+
return false;
|
|
65
|
+
}
|
|
66
|
+
function lineContainsRealQuotedSecret(line, pattern) {
|
|
67
|
+
const matches = [...line.matchAll(pattern)];
|
|
68
|
+
if (matches.length === 0)
|
|
69
|
+
return false;
|
|
70
|
+
return matches.some((match) => {
|
|
71
|
+
const full = match[0] ?? "";
|
|
72
|
+
const quotedValueMatch = full.match(/["']([^"']+)["']/);
|
|
73
|
+
if (!quotedValueMatch)
|
|
74
|
+
return true;
|
|
75
|
+
const value = quotedValueMatch[1] ?? "";
|
|
76
|
+
return looksLikeRealCredentialValue(value);
|
|
77
|
+
});
|
|
78
|
+
}
|
|
79
|
+
function isLikelyNonProductionContext(lines, index) {
|
|
80
|
+
const contextStart = Math.max(0, index - 2);
|
|
81
|
+
const contextEnd = Math.min(lines.length, index + 3);
|
|
82
|
+
const context = lines.slice(contextStart, contextEnd).join("\n");
|
|
83
|
+
const nonProductionSignals = /\b(?:describe|it|test)\s*\(|\b(?:tests?|mock|mocks|fixture|fixtures|harness|e2e|example|sample|dummy)\b/i;
|
|
84
|
+
const productionSignals = /\b(?:prod|production|release|deploy|deployment)\b/i;
|
|
85
|
+
return nonProductionSignals.test(context) && !productionSignals.test(context);
|
|
86
|
+
}
|
|
87
|
+
function filterNonProductionLineNumbers(code, lineNumbers) {
|
|
88
|
+
const lines = code.split("\n");
|
|
89
|
+
return lineNumbers.filter((lineNumber) => !isLikelyNonProductionContext(lines, lineNumber - 1));
|
|
90
|
+
}
|
|
91
|
+
function getFilteredHardcodedSecretLines(code, pattern) {
|
|
92
|
+
const lines = code.split("\n");
|
|
93
|
+
const flaggedLines = [];
|
|
94
|
+
for (let index = 0; index < lines.length; index += 1) {
|
|
95
|
+
if (lineContainsRealQuotedSecret(lines[index], pattern) && !isLikelyNonProductionContext(lines, index)) {
|
|
96
|
+
flaggedLines.push(index + 1);
|
|
97
|
+
}
|
|
98
|
+
}
|
|
99
|
+
return flaggedLines;
|
|
100
|
+
}
|
|
3
101
|
export function analyzeDataSecurity(code, language) {
|
|
4
102
|
const findings = [];
|
|
5
103
|
let ruleNum = 1;
|
|
@@ -23,8 +121,22 @@ export function analyzeDataSecurity(code, language) {
|
|
|
23
121
|
{ pattern: /(?:AZURE|MICROSOFT)_[A-Z_]*(?:KEY|SECRET|TOKEN|CONNECTION)\s*[:=]\s*["'][^"']+["']/gi, name: "Azure credential" },
|
|
24
122
|
{ pattern: /(?:DATABASE_URL|MONGO_URI|REDIS_URL)\s*[:=]\s*["'][^"']+["']/gi, name: "database connection URL" },
|
|
25
123
|
];
|
|
124
|
+
const filteredQuotedSecretNames = new Set([
|
|
125
|
+
"password",
|
|
126
|
+
"API key",
|
|
127
|
+
"secret/token",
|
|
128
|
+
"connection string",
|
|
129
|
+
"private key",
|
|
130
|
+
"AWS credential",
|
|
131
|
+
"hardcoded auth token",
|
|
132
|
+
"Azure credential",
|
|
133
|
+
"database connection URL",
|
|
134
|
+
]);
|
|
26
135
|
for (const sp of secretPatterns) {
|
|
27
|
-
const
|
|
136
|
+
const baseLines = filteredQuotedSecretNames.has(sp.name)
|
|
137
|
+
? getFilteredHardcodedSecretLines(code, sp.pattern)
|
|
138
|
+
: getLineNumbers(code, sp.pattern);
|
|
139
|
+
const lines = filterNonProductionLineNumbers(code, baseLines);
|
|
28
140
|
if (lines.length > 0) {
|
|
29
141
|
findings.push({
|
|
30
142
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
@@ -213,7 +325,7 @@ export function analyzeDataSecurity(code, language) {
|
|
|
213
325
|
}
|
|
214
326
|
// Hardcoded encryption keys / IVs
|
|
215
327
|
const encKeyPatterns = /(?:encryption[_-]?key|aes[_-]?key|iv|initialization[_-]?vector|nonce)\s*[:=]\s*["'][^"']+["']|(?:Buffer\.from|new\s+Uint8Array)\s*\(.*(?:key|iv)/gi;
|
|
216
|
-
const encKeyLines = getLineNumbers(code, encKeyPatterns);
|
|
328
|
+
const encKeyLines = filterNonProductionLineNumbers(code, getLineNumbers(code, encKeyPatterns));
|
|
217
329
|
if (encKeyLines.length > 0) {
|
|
218
330
|
findings.push({
|
|
219
331
|
ruleId: `${prefix}-${String(ruleNum++).padStart(3, "0")}`,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"data-security.js","sourceRoot":"","sources":["../../src/evaluators/data-security.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,MAAM,UAAU,mBAAmB,CAAC,IAAY,EAAE,QAAgB;IAChE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,MAAM,CAAC;IACtB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,qCAAqC;IACrC,MAAM,cAAc,GAAG;QACrB,EAAE,OAAO,EAAE,mDAAmD,EAAE,IAAI,EAAE,UAAU,EAAE;QAClF,EAAE,OAAO,EAAE,kDAAkD,EAAE,IAAI,EAAE,SAAS,EAAE;QAChF,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,cAAc,EAAE;QAC/E,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,mBAAmB,EAAE;QAC7F,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,aAAa,EAAE;QACjF,EAAE,OAAO,EAAE,0DAA0D,EAAE,IAAI,EAAE,sBAAsB,EAAE;QACrG,EAAE,OAAO,EAAE,uEAAuE,EAAE,IAAI,EAAE,gBAAgB,EAAE;QAC5G,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE;QAC3D,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,cAAc,EAAE;QAC/E,EAAE,OAAO,EAAE,8BAA8B,EAAE,IAAI,EAAE,aAAa,EAAE;QAChE,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,0BAA0B,EAAE;QACrE,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,kBAAkB,EAAE;QACtF,EAAE,OAAO,EAAE,wDAAwD,EAAE,IAAI,EAAE,sBAAsB,EAAE;QACnG,EAAE,OAAO,EAAE,sFAAsF,EAAE,IAAI,EAAE,kBAAkB,EAAE;QAC7H,EAAE,OAAO,EAAE,gEAAgE,EAAE,IAAI,EAAE,yBAAyB,EAAE;KAC/G,CAAC;IAEF,KAAK,MAAM,EAAE,IAAI,cAAc,EAAE,CAAC;QAChC,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC;QAC/C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,UAAU;gBACpB,KAAK,EAAE,aAAa,EAAE,CAAC,IAAI,WAAW;gBACtC,WAAW,EAAE,KAAK,EAAE,CAAC,IAAI,wKAAwK;gBACjM,WAAW,EAAE,KAAK;gBAClB,cAAc,EAAE,YAAY,EAAE,CAAC,IAAI,qKAAqK;gBACxM,SAAS,EAAE,wCAAwC;aACpD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,2DAA2D;IAC3D,MAAM,oBAAoB,GAAG,qMAAqM,CAAC;IACnO,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC5D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8BAA8B;YACrC,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,kIAAkI;YAClJ,SAAS,EAAE,qCAAqC;SACjD,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,MAAM,aAAa,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC;IACvE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,8LAA8L;YAC3M,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,yFAAyF;YACzG,SAAS,EAAE,4BAA4B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC;IACtE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,kDAAkD;YACzD,WAAW,EAAE,8JAA8J;YAC3K,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,2GAA2G;YAC3H,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG,sDAAsD,CAAC;IAC5E,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,6HAA6H;YAC1I,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,0FAA0F;YAC1G,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,sBAAsB,CAAC,CAAC;IACjF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,+IAA+I;YAC5J,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,6LAA6L;YAC7M,SAAS,EAAE,iCAAiC;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,MAAM,iBAAiB,GAAG,cAAc,CAAC,IAAI,EAAE,uDAAuD,CAAC,CAAC;IACxG,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,MAAM,SAAS,GAAG,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1D,MAAM,WAAW,GAAG,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,gCAAgC;gBACvC,WAAW,EAAE,mIAAmI;gBAChJ,WAAW,EAAE,iBAAiB;gBAC9B,cAAc,EAAE,oHAAoH;gBACpI,SAAS,EAAE,oCAAoC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,mBAAmB,GAAG,uDAAuD,CAAC;IACpF,MAAM,gBAAgB,GAAG,cAAc,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;IACnE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,4CAA4C;YACnD,WAAW,EAAE,mHAAmH;YAChI,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,mHAAmH;YACnI,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,kBAAkB,GAAG,sEAAsE,CAAC;IAClG,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IACjE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,aAAa,GAAG,6FAA6F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/H,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,0CAA0C;gBACjD,WAAW,EAAE,sHAAsH;gBACnI,WAAW,EAAE,eAAe;gBAC5B,cAAc,EAAE,oIAAoI;gBACpJ,SAAS,EAAE,0CAA0C;aACtD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,mBAAmB,GAAG,0GAA0G,CAAC;IACvI,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;IACjE,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,UAAU,GAAG,yEAAyE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxG,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,UAAU;gBACpB,KAAK,EAAE,qCAAqC;gBAC5C,WAAW,EAAE,gHAAgH;gBAC7H,WAAW,EAAE,cAAc;gBAC3B,cAAc,EAAE,mJAAmJ;gBACnK,SAAS,EAAE,kCAAkC;aAC9C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,2DAA2D,CAAC,CAAC;IACxG,MAAM,YAAY,GAAG,wDAAwD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;QAC7C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,2CAA2C;YAClD,WAAW,EAAE,8HAA8H;YAC3I,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,uFAAuF;YACvG,SAAS,EAAE,sBAAsB;SAClC,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,mFAAmF,CAAC,CAAC;IAChI,MAAM,OAAO,GAAG,4DAA4D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,+IAA+I;YAC5J,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACtC,cAAc,EAAE,uHAAuH;YACvI,SAAS,EAAE,sBAAsB;SAClC,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,kBAAkB,GAAG,+HAA+H,CAAC;IAC3J,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAC5D,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,iIAAiI;YAC9I,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,6IAA6I;YAC7J,SAAS,EAAE,gCAAgC;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,cAAc,GAAG,oJAAoJ,CAAC;IAC5K,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IACzD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,0IAA0I;YACvJ,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,oJAAoJ;YACpK,SAAS,EAAE,8CAA8C;SAC1D,CAAC,CAAC;IACL,CAAC;IAED,iDAAiD;IACjD,MAAM,oBAAoB,GAAG,+EAA+E,CAAC;IAC7G,MAAM,iBAAiB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACrE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;YACrD,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC7E,OAAO,qEAAqE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC7F,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QACH,IAAI,YAAY,EAAE,CAAC;YACjB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,sCAAsC;gBAC7C,WAAW,EAAE,4IAA4I;gBACzJ,WAAW,EAAE,iBAAiB;gBAC9B,cAAc,EAAE,oIAAoI;gBACpJ,SAAS,EAAE,8CAA8C;aAC1D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,qBAAqB,GAAG,8IAA8I,CAAC;IAC7K,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IAClE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,yCAAyC;YAChD,WAAW,EAAE,gJAAgJ;YAC7J,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,iKAAiK;YACjL,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,MAAM,eAAe,GAAG,gEAAgE,CAAC;IACzF,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC3D,MAAM,aAAa,GAAG,yEAAyE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3G,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QAC9C,MAAM,gBAAgB,GAAG,+EAA+E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpH,IAAI,gBAAgB,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,0CAA0C;gBACjD,WAAW,EAAE,wJAAwJ;gBACrK,WAAW,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;gBACrC,cAAc,EAAE,kJAAkJ;gBAClK,SAAS,EAAE,uCAAuC;aACnD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
1
|
+
{"version":3,"file":"data-security.js","sourceRoot":"","sources":["../../src/evaluators/data-security.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAChF,OAAO,KAAK,EAAE,MAAM,yBAAyB,CAAC;AAE9C,SAAS,kCAAkC,CAAC,KAAa;IACvD,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IAE9C,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;QAChC,MAAM;QACN,SAAS;QACT,MAAM;QACN,OAAO;QACP,SAAS;QACT,QAAQ;QACR,MAAM;QACN,IAAI;QACJ,KAAK;QACL,MAAM;QACN,MAAM;QACN,WAAW;QACX,UAAU;QACV,WAAW;QACX,YAAY;QACZ,YAAY;QACZ,iBAAiB;QACjB,cAAc;QACd,QAAQ;QACR,UAAU;QACV,aAAa;KACd,CAAC,CAAC;IAEH,IAAI,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,EAAE,CAAC;QACtC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,mGAAmG,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACzH,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,kCAAkC;IACzC,OAAO,OAAO,CAAC,GAAG,CAAC,sBAAsB,EAAE,WAAW,EAAE,KAAK,QAAQ,CAAC;AACxE,CAAC;AAED,SAAS,4BAA4B,CAAC,KAAa;IACjD,IAAI,kCAAkC,CAAC,KAAK,CAAC,EAAE,CAAC;QAC9C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,CAAC,kCAAkC,EAAE,EAAE,CAAC;QAC1C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,UAAU,GAAG,KAAK,CAAC,IAAI,EAAE,CAAC;IAChC,IAAI,UAAU,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC3B,OAAO,KAAK,CAAC;IACf,CAAC;IAED,IAAI,kHAAkH,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACxI,OAAO,KAAK,CAAC;IACf,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvC,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAEpF,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,IAAI,EAAE,IAAI,UAAU,IAAI,CAAC,EAAE,CAAC;QAC/C,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,4BAA4B,CAAC,IAAY,EAAE,OAAe;IACjE,MAAM,OAAO,GAAG,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAEvC,OAAO,OAAO,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;QAC5B,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,MAAM,gBAAgB,GAAG,IAAI,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QACxD,IAAI,CAAC,gBAAgB;YAAE,OAAO,IAAI,CAAC;QACnC,MAAM,KAAK,GAAG,gBAAgB,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QACxC,OAAO,4BAA4B,CAAC,KAAK,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,4BAA4B,CAAC,KAAe,EAAE,KAAa;IAClE,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;IAC5C,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;IACrD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAEjE,MAAM,oBAAoB,GAAG,0GAA0G,CAAC;IACxI,MAAM,iBAAiB,GAAG,oDAAoD,CAAC;IAE/E,OAAO,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;AAChF,CAAC;AAED,SAAS,8BAA8B,CAAC,IAAY,EAAE,WAAqB;IACzE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,OAAO,WAAW,CAAC,MAAM,CAAC,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,4BAA4B,CAAC,KAAK,EAAE,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;AAClG,CAAC;AAED,SAAS,+BAA+B,CAAC,IAAY,EAAE,OAAe;IACpE,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,KAAK,CAAC,MAAM,EAAE,KAAK,IAAI,CAAC,EAAE,CAAC;QACrD,IAAI,4BAA4B,CAAC,KAAK,CAAC,KAAK,CAAC,EAAE,OAAO,CAAC,IAAI,CAAC,4BAA4B,CAAC,KAAK,EAAE,KAAK,CAAC,EAAE,CAAC;YACvG,YAAY,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,MAAM,UAAU,mBAAmB,CAAC,IAAY,EAAE,QAAgB;IAChE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,MAAM,CAAC;IACtB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,qCAAqC;IACrC,MAAM,cAAc,GAAG;QACrB,EAAE,OAAO,EAAE,mDAAmD,EAAE,IAAI,EAAE,UAAU,EAAE;QAClF,EAAE,OAAO,EAAE,kDAAkD,EAAE,IAAI,EAAE,SAAS,EAAE;QAChF,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,cAAc,EAAE;QAC/E,EAAE,OAAO,EAAE,qDAAqD,EAAE,IAAI,EAAE,mBAAmB,EAAE;QAC7F,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,aAAa,EAAE;QACjF,EAAE,OAAO,EAAE,0DAA0D,EAAE,IAAI,EAAE,sBAAsB,EAAE;QACrG,EAAE,OAAO,EAAE,uEAAuE,EAAE,IAAI,EAAE,gBAAgB,EAAE;QAC5G,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE;QAC3D,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,cAAc,EAAE;QAC/E,EAAE,OAAO,EAAE,8BAA8B,EAAE,IAAI,EAAE,aAAa,EAAE;QAChE,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,0BAA0B,EAAE;QACrE,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,kBAAkB,EAAE;QACtF,EAAE,OAAO,EAAE,wDAAwD,EAAE,IAAI,EAAE,sBAAsB,EAAE;QACnG,EAAE,OAAO,EAAE,sFAAsF,EAAE,IAAI,EAAE,kBAAkB,EAAE;QAC7H,EAAE,OAAO,EAAE,gEAAgE,EAAE,IAAI,EAAE,yBAAyB,EAAE;KAC/G,CAAC;IAEF,MAAM,yBAAyB,GAAG,IAAI,GAAG,CAAC;QACxC,UAAU;QACV,SAAS;QACT,cAAc;QACd,mBAAmB;QACnB,aAAa;QACb,gBAAgB;QAChB,sBAAsB;QACtB,kBAAkB;QAClB,yBAAyB;KAC1B,CAAC,CAAC;IAEH,KAAK,MAAM,EAAE,IAAI,cAAc,EAAE,CAAC;QAChC,MAAM,SAAS,GAAG,yBAAyB,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC;YACtD,CAAC,CAAC,+BAA+B,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC;YACnD,CAAC,CAAC,cAAc,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC;QACrC,MAAM,KAAK,GAAG,8BAA8B,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;QAC9D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,UAAU;gBACpB,KAAK,EAAE,aAAa,EAAE,CAAC,IAAI,WAAW;gBACtC,WAAW,EAAE,KAAK,EAAE,CAAC,IAAI,wKAAwK;gBACjM,WAAW,EAAE,KAAK;gBAClB,cAAc,EAAE,YAAY,EAAE,CAAC,IAAI,qKAAqK;gBACxM,SAAS,EAAE,wCAAwC;aACpD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,2DAA2D;IAC3D,MAAM,oBAAoB,GAAG,qMAAqM,CAAC;IACnO,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IAC5D,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,8BAA8B;YACrC,WAAW,EAAE,yJAAyJ;YACtK,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,kIAAkI;YAClJ,SAAS,EAAE,qCAAqC;SACjD,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,MAAM,aAAa,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,SAAS,CAAC,CAAC;IACvE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,8LAA8L;YAC3M,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,yFAAyF;YACzG,SAAS,EAAE,4BAA4B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC;IACtE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,kDAAkD;YACzD,WAAW,EAAE,8JAA8J;YAC3K,WAAW,EAAE,QAAQ;YACrB,cAAc,EAAE,2GAA2G;YAC3H,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG,sDAAsD,CAAC;IAC5E,MAAM,SAAS,GAAG,cAAc,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,6HAA6H;YAC1I,WAAW,EAAE,SAAS;YACtB,cAAc,EAAE,0FAA0F;YAC1G,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,EAAE,QAAQ,EAAE,EAAE,CAAC,sBAAsB,CAAC,CAAC;IACjF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,+IAA+I;YAC5J,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,6LAA6L;YAC7M,SAAS,EAAE,iCAAiC;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,gCAAgC;IAChC,MAAM,iBAAiB,GAAG,cAAc,CAAC,IAAI,EAAE,uDAAuD,CAAC,CAAC;IACxG,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,MAAM,SAAS,GAAG,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC1D,MAAM,WAAW,GAAG,gCAAgC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAChE,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,gCAAgC;gBACvC,WAAW,EAAE,mIAAmI;gBAChJ,WAAW,EAAE,iBAAiB;gBAC9B,cAAc,EAAE,oHAAoH;gBACpI,SAAS,EAAE,oCAAoC;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,mBAAmB,GAAG,uDAAuD,CAAC;IACpF,MAAM,gBAAgB,GAAG,cAAc,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;IACnE,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,4CAA4C;YACnD,WAAW,EAAE,mHAAmH;YAChI,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,mHAAmH;YACnI,SAAS,EAAE,8BAA8B;SAC1C,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,MAAM,kBAAkB,GAAG,sEAAsE,CAAC;IAClG,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IACjE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,aAAa,GAAG,6FAA6F,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC/H,IAAI,CAAC,aAAa,EAAE,CAAC;YACnB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,0CAA0C;gBACjD,WAAW,EAAE,sHAAsH;gBACnI,WAAW,EAAE,eAAe;gBAC5B,cAAc,EAAE,oIAAoI;gBACpJ,SAAS,EAAE,0CAA0C;aACtD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,MAAM,mBAAmB,GAAG,0GAA0G,CAAC;IACvI,MAAM,cAAc,GAAG,cAAc,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;IACjE,IAAI,cAAc,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,MAAM,UAAU,GAAG,yEAAyE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxG,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,UAAU;gBACpB,KAAK,EAAE,qCAAqC;gBAC5C,WAAW,EAAE,gHAAgH;gBAC7H,WAAW,EAAE,cAAc;gBAC3B,cAAc,EAAE,mJAAmJ;gBACnK,SAAS,EAAE,kCAAkC;aAC9C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,qCAAqC;IACrC,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,2DAA2D,CAAC,CAAC;IACxG,MAAM,YAAY,GAAG,wDAAwD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACzF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;QAC7C,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,2CAA2C;YAClD,WAAW,EAAE,8HAA8H;YAC3I,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,uFAAuF;YACvG,SAAS,EAAE,sBAAsB;SAClC,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,mFAAmF,CAAC,CAAC;IAChI,MAAM,OAAO,GAAG,4DAA4D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;QACzC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,6BAA6B;YACpC,WAAW,EAAE,+IAA+I;YAC5J,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACtC,cAAc,EAAE,uHAAuH;YACvI,SAAS,EAAE,sBAAsB;SAClC,CAAC,CAAC;IACL,CAAC;IAED,mCAAmC;IACnC,MAAM,kBAAkB,GAAG,+HAA+H,CAAC;IAC3J,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IAC5D,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,iIAAiI;YAC9I,WAAW,EAAE,UAAU;YACvB,cAAc,EAAE,6IAA6I;YAC7J,SAAS,EAAE,gCAAgC;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,cAAc,GAAG,oJAAoJ,CAAC;IAC5K,MAAM,WAAW,GAAG,8BAA8B,CAAC,IAAI,EAAE,cAAc,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC;IAC/F,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,0IAA0I;YACvJ,WAAW,EAAE,WAAW;YACxB,cAAc,EAAE,oJAAoJ;YACpK,SAAS,EAAE,8CAA8C;SAC1D,CAAC,CAAC;IACL,CAAC;IAED,iDAAiD;IACjD,MAAM,oBAAoB,GAAG,+EAA+E,CAAC;IAC7G,MAAM,iBAAiB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACrE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;YACrD,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAC7E,OAAO,qEAAqE,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC7F,CAAC;YACD,OAAO,KAAK,CAAC;QACf,CAAC,CAAC,CAAC;QACH,IAAI,YAAY,EAAE,CAAC;YACjB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,sCAAsC;gBAC7C,WAAW,EAAE,4IAA4I;gBACzJ,WAAW,EAAE,iBAAiB;gBAC9B,cAAc,EAAE,oIAAoI;gBACpJ,SAAS,EAAE,8CAA8C;aAC1D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,qBAAqB,GAAG,8IAA8I,CAAC;IAC7K,MAAM,aAAa,GAAG,cAAc,CAAC,IAAI,EAAE,qBAAqB,CAAC,CAAC;IAClE,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,yCAAyC;YAChD,WAAW,EAAE,gJAAgJ;YAC7J,WAAW,EAAE,aAAa;YAC1B,cAAc,EAAE,iKAAiK;YACjL,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,6BAA6B;IAC7B,MAAM,eAAe,GAAG,gEAAgE,CAAC;IACzF,MAAM,YAAY,GAAG,cAAc,CAAC,IAAI,EAAE,eAAe,CAAC,CAAC;IAC3D,MAAM,aAAa,GAAG,yEAAyE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC3G,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;QAC9C,MAAM,gBAAgB,GAAG,+EAA+E,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpH,IAAI,gBAAgB,EAAE,CAAC;YACrB,QAAQ,CAAC,IAAI,CAAC;gBACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;gBACzD,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,0CAA0C;gBACjD,WAAW,EAAE,wJAAwJ;gBACrK,WAAW,EAAE,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;gBACrC,cAAc,EAAE,kJAAkJ;gBAClK,SAAS,EAAE,uCAAuC;aACnD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -5,7 +5,7 @@ export function analyzeDatabase(code, language) {
|
|
|
5
5
|
const prefix = "DB";
|
|
6
6
|
const lang = getLangFamily(language);
|
|
7
7
|
// SQL injection via string concatenation
|
|
8
|
-
const sqlInjectionPattern = /(?:execute|query|raw|prepare)\s*\(\s*(?:`[^`]
|
|
8
|
+
const sqlInjectionPattern = /(?:execute|query|raw|prepare)\s*\(\s*(?:`[^`]*(?:\$\{[^}]*\b(?:req|request|params|query|body|input|user|id|name|email)\b|\$\{[^}]*\+)|['"][^'"]*['"]\s*\+\s*(?:req\.|request\.|params\.|query\.|body\.|input|user|id|name|email)|['"][^'"]*['"]\s*\.\s*concat\s*\()/gi;
|
|
9
9
|
const sqlInjectionLines = getLineNumbers(code, sqlInjectionPattern);
|
|
10
10
|
if (sqlInjectionLines.length > 0) {
|
|
11
11
|
findings.push({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"database.js","sourceRoot":"","sources":["../../src/evaluators/database.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAsB,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,eAAe,CAAC,IAAY,EAAE,QAAgB;IAC5D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,yCAAyC;IACzC,MAAM,mBAAmB,GAAG,
|
|
1
|
+
{"version":3,"file":"database.js","sourceRoot":"","sources":["../../src/evaluators/database.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,cAAc,EAAsB,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,eAAe,CAAC,IAAY,EAAE,QAAgB;IAC5D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,MAAM,GAAG,IAAI,CAAC;IACpB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,yCAAyC;IACzC,MAAM,mBAAmB,GAAG,uQAAuQ,CAAC;IACpS,MAAM,iBAAiB,GAAG,cAAc,CAAC,IAAI,EAAE,mBAAmB,CAAC,CAAC;IACpE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,SAAS,iBAAiB,CAAC,MAAM,uKAAuK;YACrN,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,iJAAiJ;YACjK,SAAS,EAAE,qDAAqD;SACjE,CAAC,CAAC;IACL,CAAC;IAED,iBAAiB;IACjB,MAAM,iBAAiB,GAAG,eAAe,CAAC;IAC1C,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;IAChE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,SAAS,eAAe,CAAC,MAAM,uIAAuI;YACnL,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,yJAAyJ;YACzK,SAAS,EAAE,gCAAgC;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,sCAAsC;IACtC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,wCAAwC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACxD,MAAM,GAAG,IAAI,CAAC;YACd,SAAS,EAAE,CAAC;QACd,CAAC;QACD,IAAI,MAAM,IAAI,6EAA6E,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvG,OAAO,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtB,CAAC;QACD,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,KAAK,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;YAC/C,MAAM,MAAM,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;YAChD,SAAS,IAAI,KAAK,GAAG,MAAM,CAAC;YAC5B,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;gBACnB,MAAM,GAAG,KAAK,CAAC;gBACf,SAAS,GAAG,CAAC,CAAC;YAChB,CAAC;QACH,CAAC;IACH,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,4BAA4B;YACnC,WAAW,EAAE,SAAS,OAAO,CAAC,MAAM,mJAAmJ;YACvL,WAAW,EAAE,OAAO;YACpB,cAAc,EAAE,gIAAgI;YAChJ,SAAS,EAAE,8CAA8C;SAC1D,CAAC,CAAC;IACL,CAAC;IAED,wBAAwB;IACxB,MAAM,eAAe,GAAG,gHAAgH,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpJ,MAAM,UAAU,GAAG,iFAAiF,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChH,IAAI,eAAe,IAAI,CAAC,UAAU,EAAE,CAAC;QACnC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,kJAAkJ;YAC/J,cAAc,EAAE,uJAAuJ;YACvK,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,yCAAyC;IACzC,MAAM,aAAa,GAAG,wFAAwF,CAAC;IAC/G,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,EAAE,aAAa,CAAC,CAAC;IACxD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,SAAS,WAAW,CAAC,MAAM,8GAA8G;YACtJ,WAAW,EAAE,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACpC,cAAc,EAAE,wIAAwI;YACxJ,SAAS,EAAE,+BAA+B;SAC3C,CAAC,CAAC;IACL,CAAC;IAED,0BAA0B;IAC1B,MAAM,YAAY,GAAG,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAClG,MAAM,eAAe,GAAG,sEAAsE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1G,IAAI,YAAY,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACrE,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,sJAAsJ;YACnK,cAAc,EAAE,wHAAwH;YACxI,SAAS,EAAE,uDAAuD;SACnE,CAAC,CAAC;IACL,CAAC;IAED,+BAA+B;IAC/B,MAAM,iBAAiB,GAAG,4DAA4D,CAAC;IACvF,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;IAChE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,sCAAsC;YAC7C,WAAW,EAAE,mJAAmJ;YAChK,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,6IAA6I;YAC7J,SAAS,EAAE,kDAAkD;SAC9D,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,oBAAoB,GAAG,mEAAmE,CAAC;IACjG,MAAM,kBAAkB,GAAG,cAAc,CAAC,IAAI,EAAE,oBAAoB,CAAC,CAAC;IACtE,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,gDAAgD;YACvD,WAAW,EAAE,SAAS,kBAAkB,CAAC,MAAM,kJAAkJ;YACjM,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EAAE,wKAAwK;YACxL,SAAS,EAAE,qDAAqD;SACjE,CAAC,CAAC;IACL,CAAC;IAED,uBAAuB;IACvB,MAAM,aAAa,GAAG,sJAAsJ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxL,MAAM,gBAAgB,GAAG,2DAA2D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAChG,IAAI,gBAAgB,IAAI,CAAC,aAAa,EAAE,CAAC;QACvC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,0CAA0C;YACjD,WAAW,EAAE,2JAA2J;YACxK,cAAc,EAAE,0IAA0I;YAC1J,SAAS,EAAE,kEAAkE;SAC9E,CAAC,CAAC;IACL,CAAC;IAED,qCAAqC;IACrC,MAAM,cAAc,GAAG,gDAAgD,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACnF,MAAM,YAAY,GAAG,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACpG,IAAI,cAAc,IAAI,CAAC,YAAY,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9D,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,qDAAqD;YAC5D,WAAW,EAAE,iKAAiK;YAC9K,cAAc,EAAE,kIAAkI;YAClJ,SAAS,EAAE,oDAAoD;SAChE,CAAC,CAAC;IACL,CAAC;IAED,4CAA4C;IAC5C,MAAM,iBAAiB,GAAG,iDAAiD,CAAC;IAC5E,MAAM,eAAe,GAAG,cAAc,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;IAChE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,oDAAoD;YAC3D,WAAW,EAAE,oIAAoI;YACjJ,WAAW,EAAE,eAAe;YAC5B,cAAc,EAAE,yJAAyJ;YACzK,SAAS,EAAE,uDAAuD;SACnE,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ethics-bias.d.ts","sourceRoot":"","sources":["../../src/evaluators/ethics-bias.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"ethics-bias.d.ts","sourceRoot":"","sources":["../../src/evaluators/ethics-bias.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAItC,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,EAAE,CAuO3E"}
|
|
@@ -5,10 +5,22 @@ export function analyzeEthicsBias(code, language) {
|
|
|
5
5
|
const prefix = "ETHICS";
|
|
6
6
|
let ruleNum = 1;
|
|
7
7
|
const lang = getLangFamily(language);
|
|
8
|
+
const isCommentLikeLine = (line) => {
|
|
9
|
+
const trimmed = line.trim();
|
|
10
|
+
return (trimmed.startsWith("//") ||
|
|
11
|
+
trimmed.startsWith("/*") ||
|
|
12
|
+
trimmed.startsWith("*") ||
|
|
13
|
+
trimmed.startsWith("#") ||
|
|
14
|
+
trimmed.startsWith("--"));
|
|
15
|
+
};
|
|
16
|
+
const stripStringLiterals = (line) => line.replace(/(["'`])(?:\\.|(?!\1).)*\1/g, "");
|
|
8
17
|
// Detect demographic-based filtering or scoring
|
|
9
18
|
const demographicLines = [];
|
|
10
19
|
lines.forEach((line, i) => {
|
|
11
|
-
if (
|
|
20
|
+
if (isCommentLikeLine(line))
|
|
21
|
+
return;
|
|
22
|
+
const executableLine = stripStringLiterals(line);
|
|
23
|
+
if (/\b(?:gender|sex|race|ethnicity|religion|nationality|age|disability)\b\s*(?:===|==|!==|!=|\?\s|&&|\|\|)/i.test(executableLine)) {
|
|
12
24
|
demographicLines.push(i + 1);
|
|
13
25
|
}
|
|
14
26
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ethics-bias.js","sourceRoot":"","sources":["../../src/evaluators/ethics-bias.ts"],"names":[],"mappings":"AACA,OAAO,EAAsC,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IAC9D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,QAAQ,CAAC;IACxB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,gDAAgD;IAChD,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,
|
|
1
|
+
{"version":3,"file":"ethics-bias.js","sourceRoot":"","sources":["../../src/evaluators/ethics-bias.ts"],"names":[],"mappings":"AACA,OAAO,EAAsC,aAAa,EAAE,MAAM,aAAa,CAAC;AAGhF,MAAM,UAAU,iBAAiB,CAAC,IAAY,EAAE,QAAgB;IAC9D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,QAAQ,CAAC;IACxB,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,IAAI,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC;IAErC,MAAM,iBAAiB,GAAG,CAAC,IAAY,EAAW,EAAE;QAClD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YACxB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;YACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;YACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CACzB,CAAC;IACJ,CAAC,CAAC;IAEF,MAAM,mBAAmB,GAAG,CAAC,IAAY,EAAU,EAAE,CACnD,IAAI,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAC;IAEjD,gDAAgD;IAChD,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,iBAAiB,CAAC,IAAI,CAAC;YAAE,OAAO;QACpC,MAAM,cAAc,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;QACjD,IAAI,yGAAyG,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YACnI,gBAAgB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,UAAU;YACpB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,+HAA+H;YAC5I,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,kJAAkJ;YAClK,SAAS,EAAE,6DAA6D;SACzE,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,gDAAgD,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gDAAgD,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YACtM,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,MAAM,iBAAiB,GAAG,2DAA2D,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjG,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,0HAA0H;YACvI,WAAW,EAAE,YAAY;YACzB,cAAc,EAAE,qHAAqH;YACrI,SAAS,EAAE,uDAAuD;SACnE,CAAC,CAAC;IACL,CAAC;IAED,wDAAwD;IACxD,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,2DAA2D,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3E,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1F,IAAI,CAAC,oDAAoD,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,iCAAiC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3H,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAChC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,uDAAuD;YAC9D,WAAW,EAAE,qIAAqI;YAClJ,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,8GAA8G;YAC9H,SAAS,EAAE,yCAAyC;SACrD,CAAC,CAAC;IACL,CAAC;IAED,kCAAkC;IAClC,MAAM,gBAAgB,GAAa,EAAE,CAAC;IACtC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,uCAAuC;QACvC,IAAI,+DAA+D,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,mEAAmE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACjK,gBAAgB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;QACD,4BAA4B;QAC5B,IAAI,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/E,gBAAgB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC/B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,iCAAiC;YACxC,WAAW,EAAE,gIAAgI;YAC7I,WAAW,EAAE,gBAAgB;YAC7B,cAAc,EAAE,2GAA2G;YAC3H,SAAS,EAAE,mDAAmD;SAC/D,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,iBAAiB,GAAa,EAAE,CAAC;IACvC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,uEAAuE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvF,iBAAiB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAChC,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACjC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,gCAAgC;YACvC,WAAW,EAAE,yHAAyH;YACtI,WAAW,EAAE,iBAAiB;YAC9B,cAAc,EAAE,iGAAiG;YACjH,SAAS,EAAE,4DAA4D;SACxE,CAAC,CAAC;IACL,CAAC;IAED,kDAAkD;IAClD,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,6CAA6C,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,uEAAuE,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YACzN,IAAI,4CAA4C,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;gBACjH,eAAe,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC9B,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,6CAA6C;YACpD,WAAW,EAAE,gIAAgI;YAC7I,WAAW,EAAE,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;YACxC,cAAc,EAAE,yHAAyH;YACzI,SAAS,EAAE,wCAAwC;SACpD,CAAC,CAAC;IACL,CAAC;IAED,0CAA0C;IAC1C,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,4GAA4G,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5H,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,qCAAqC;YAC5C,WAAW,EAAE,gHAAgH;YAC7H,WAAW,EAAE,YAAY;YACzB,cAAc,EAAE,4HAA4H;YAC5I,SAAS,EAAE,yCAAyC;SACrD,CAAC,CAAC;IACL,CAAC;IAED,+CAA+C;IAC/C,MAAM,wBAAwB,GAAa,EAAE,CAAC;IAC9C,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,2HAA2H,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3I,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5F,IAAI,CAAC,qCAAqC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACzD,wBAAwB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,wBAAwB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,+CAA+C;YACtD,WAAW,EAAE,wIAAwI;YACrJ,WAAW,EAAE,wBAAwB;YACrC,cAAc,EAAE,2HAA2H;YAC3I,SAAS,EAAE,4CAA4C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,uCAAuC;IACvC,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,wCAAwC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gEAAgE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvI,YAAY,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,yDAAyD;YAChE,WAAW,EAAE,mHAAmH;YAChI,WAAW,EAAE,YAAY;YACzB,cAAc,EAAE,sJAAsJ;YACtK,SAAS,EAAE,yCAAyC;SACrD,CAAC,CAAC;IACL,CAAC;IAED,gDAAgD;IAChD,MAAM,kBAAkB,GAAa,EAAE,CAAC;IACxC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,oBAAoB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACpC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC1E,IAAI,CAAC,oCAAoC,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACxD,kBAAkB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;IACH,IAAI,kBAAkB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAClC,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM,EAAE,GAAG,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;YACzD,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wCAAwC;YAC/C,WAAW,EAAE,0GAA0G;YACvH,WAAW,EAAE,kBAAkB;YAC/B,cAAc,EAAE,wIAAwI;YACxJ,SAAS,EAAE,iDAAiD;SAC7D,CAAC,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1,13 +1,17 @@
|
|
|
1
1
|
import { JudgeDefinition, JudgeEvaluation, TribunalVerdict, ProjectVerdict, DiffVerdict, DependencyVerdict, AppBuilderWorkflowResult } from "../types.js";
|
|
2
2
|
import { formatVerdictAsMarkdown, formatEvaluationAsMarkdown } from "./shared.js";
|
|
3
|
+
export interface EvaluationOptions {
|
|
4
|
+
includeAstFindings?: boolean;
|
|
5
|
+
minConfidence?: number;
|
|
6
|
+
}
|
|
3
7
|
/**
|
|
4
8
|
* Run a single judge against the provided code.
|
|
5
9
|
*/
|
|
6
|
-
export declare function evaluateWithJudge(judge: JudgeDefinition, code: string, language: string, context?: string): JudgeEvaluation;
|
|
10
|
+
export declare function evaluateWithJudge(judge: JudgeDefinition, code: string, language: string, context?: string, options?: EvaluationOptions): JudgeEvaluation;
|
|
7
11
|
/**
|
|
8
12
|
* Run the full tribunal — all judges evaluate the code.
|
|
9
13
|
*/
|
|
10
|
-
export declare function evaluateWithTribunal(code: string, language: string, context?: string): TribunalVerdict;
|
|
14
|
+
export declare function evaluateWithTribunal(code: string, language: string, context?: string, options?: EvaluationOptions): TribunalVerdict;
|
|
11
15
|
/**
|
|
12
16
|
* Evaluate multiple files as a project. Runs the full tribunal on each file,
|
|
13
17
|
* then detects cross-file architectural issues.
|
|
@@ -16,12 +20,12 @@ export declare function evaluateProject(files: Array<{
|
|
|
16
20
|
path: string;
|
|
17
21
|
content: string;
|
|
18
22
|
language: string;
|
|
19
|
-
}>, context?: string): ProjectVerdict;
|
|
23
|
+
}>, context?: string, options?: EvaluationOptions): ProjectVerdict;
|
|
20
24
|
/**
|
|
21
25
|
* Evaluate only the changed lines in a diff. Runs the full tribunal on the
|
|
22
26
|
* new code but filters findings to only those affecting changed line ranges.
|
|
23
27
|
*/
|
|
24
|
-
export declare function evaluateDiff(code: string, language: string, changedLines: number[], context?: string): DiffVerdict;
|
|
28
|
+
export declare function evaluateDiff(code: string, language: string, changedLines: number[], context?: string, options?: EvaluationOptions): DiffVerdict;
|
|
25
29
|
/**
|
|
26
30
|
* Parse a manifest file and analyze dependencies for supply-chain risks.
|
|
27
31
|
*/
|
|
@@ -36,6 +40,8 @@ export declare function runAppBuilderWorkflow(params: {
|
|
|
36
40
|
}>;
|
|
37
41
|
changedLines?: number[];
|
|
38
42
|
context?: string;
|
|
43
|
+
includeAstFindings?: boolean;
|
|
44
|
+
minConfidence?: number;
|
|
39
45
|
maxFindings?: number;
|
|
40
46
|
maxTasks?: number;
|
|
41
47
|
}): AppBuilderWorkflowResult;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/evaluators/index.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,eAAe,EACf,eAAe,EACf,eAAe,EACf,cAAc,EACd,WAAW,EACX,iBAAiB,EAKjB,wBAAwB,EAGzB,MAAM,aAAa,CAAC;AAIrB,OAAO,EAKL,uBAAuB,EACvB,0BAA0B,EAC3B,MAAM,aAAa,CAAC;AAuCrB;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,KAAK,EAAE,eAAe,EACtB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/evaluators/index.ts"],"names":[],"mappings":"AAIA,OAAO,EACL,eAAe,EACf,eAAe,EACf,eAAe,EACf,cAAc,EACd,WAAW,EACX,iBAAiB,EAKjB,wBAAwB,EAGzB,MAAM,aAAa,CAAC;AAIrB,OAAO,EAKL,uBAAuB,EACvB,0BAA0B,EAC3B,MAAM,aAAa,CAAC;AAuCrB,MAAM,WAAW,iBAAiB;IAChC,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC;CACxB;AA6FD;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,KAAK,EAAE,eAAe,EACtB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,iBAAiB,GAC1B,eAAe,CAsHjB;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,iBAAiB,GAC1B,eAAe,CAuCjB;AAID;;;GAGG;AACH,wBAAgB,eAAe,CAC7B,KAAK,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,QAAQ,EAAE,MAAM,CAAA;CAAE,CAAC,EACjE,OAAO,CAAC,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,iBAAiB,GAC1B,cAAc,CAwHhB;AAID;;;GAGG;AACH,wBAAgB,YAAY,CAC1B,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,EAAE,EACtB,OAAO,CAAC,EAAE,MAAM,EAChB,OAAO,CAAC,EAAE,iBAAiB,GAC1B,WAAW,CAqBb;AAID;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,QAAQ,EAAE,MAAM,EAChB,YAAY,EAAE,MAAM,GACnB,iBAAiB,CA0OnB;AAkGD,wBAAgB,qBAAqB,CAAC,MAAM,EAAE;IAC5C,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACnE,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,kBAAkB,CAAC,EAAE,OAAO,CAAC;IAC7B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB,GAAG,wBAAwB,CAwG3B;AAID,OAAO,EAAE,uBAAuB,EAAE,0BAA0B,EAAE,CAAC"}
|
package/dist/evaluators/index.js
CHANGED
|
@@ -38,11 +38,93 @@ import { analyzeRateLimiting } from "./rate-limiting.js";
|
|
|
38
38
|
import { analyzeCiCd } from "./ci-cd.js";
|
|
39
39
|
import { analyzeCodeStructure } from "./code-structure.js";
|
|
40
40
|
import { analyzeAgentInstructions } from "./agent-instructions.js";
|
|
41
|
-
|
|
41
|
+
function clampConfidence(value) {
|
|
42
|
+
if (!Number.isFinite(value))
|
|
43
|
+
return 0;
|
|
44
|
+
return Math.max(0, Math.min(1, value));
|
|
45
|
+
}
|
|
46
|
+
function estimateFindingConfidence(finding) {
|
|
47
|
+
const existing = typeof finding.confidence === "number" ? finding.confidence : undefined;
|
|
48
|
+
if (typeof existing === "number" && Number.isFinite(existing)) {
|
|
49
|
+
return clampConfidence(existing);
|
|
50
|
+
}
|
|
51
|
+
let score = 0.4;
|
|
52
|
+
const lineCount = finding.lineNumbers?.length ?? 0;
|
|
53
|
+
if (lineCount === 0) {
|
|
54
|
+
score -= 0.12;
|
|
55
|
+
}
|
|
56
|
+
else if (lineCount <= 3) {
|
|
57
|
+
score += 0.22;
|
|
58
|
+
}
|
|
59
|
+
else if (lineCount <= 8) {
|
|
60
|
+
score += 0.14;
|
|
61
|
+
}
|
|
62
|
+
else {
|
|
63
|
+
score += 0.06;
|
|
64
|
+
}
|
|
65
|
+
const hasReference = Boolean(finding.reference);
|
|
66
|
+
const hasSuggestedFix = Boolean(finding.suggestedFix);
|
|
67
|
+
const hasRichDescription = finding.description.length >= 120;
|
|
68
|
+
const hasRichRecommendation = finding.recommendation.length >= 90;
|
|
69
|
+
if (hasReference)
|
|
70
|
+
score += 0.1;
|
|
71
|
+
if (hasSuggestedFix)
|
|
72
|
+
score += 0.12;
|
|
73
|
+
if (hasRichDescription)
|
|
74
|
+
score += 0.05;
|
|
75
|
+
if (hasRichRecommendation)
|
|
76
|
+
score += 0.05;
|
|
77
|
+
const richEvidenceCount = [
|
|
78
|
+
hasReference,
|
|
79
|
+
hasSuggestedFix,
|
|
80
|
+
hasRichDescription,
|
|
81
|
+
hasRichRecommendation,
|
|
82
|
+
].filter(Boolean).length;
|
|
83
|
+
if (lineCount > 0 && richEvidenceCount >= 3) {
|
|
84
|
+
score += 0.08;
|
|
85
|
+
}
|
|
86
|
+
if (lineCount > 0 && richEvidenceCount === 4) {
|
|
87
|
+
score += 0.05;
|
|
88
|
+
}
|
|
89
|
+
const noisyPrefixes = [
|
|
90
|
+
"API-",
|
|
91
|
+
"COMP-",
|
|
92
|
+
"CONC-",
|
|
93
|
+
"CYBER-",
|
|
94
|
+
"DB-",
|
|
95
|
+
"DEPS-",
|
|
96
|
+
"ETHICS-",
|
|
97
|
+
"LOGPRIV-",
|
|
98
|
+
"OBS-",
|
|
99
|
+
"PERF-",
|
|
100
|
+
];
|
|
101
|
+
if (noisyPrefixes.some((prefix) => finding.ruleId.startsWith(prefix)) && richEvidenceCount < 4) {
|
|
102
|
+
score = Math.min(score, 0.89);
|
|
103
|
+
}
|
|
104
|
+
return Number(clampConfidence(score).toFixed(2));
|
|
105
|
+
}
|
|
106
|
+
function applyConfidenceThreshold(findings, options) {
|
|
107
|
+
const minConfidence = clampConfidence(options?.minConfidence ?? 0);
|
|
108
|
+
const normalized = findings.map((finding) => ({
|
|
109
|
+
...finding,
|
|
110
|
+
confidence: estimateFindingConfidence(finding),
|
|
111
|
+
}));
|
|
112
|
+
if (minConfidence <= 0) {
|
|
113
|
+
return normalized;
|
|
114
|
+
}
|
|
115
|
+
return normalized.filter((finding) => (finding.confidence ?? 0) >= minConfidence);
|
|
116
|
+
}
|
|
117
|
+
function resolveJudgeSet(options) {
|
|
118
|
+
const includeAstFindings = options?.includeAstFindings ?? true;
|
|
119
|
+
if (includeAstFindings) {
|
|
120
|
+
return JUDGES;
|
|
121
|
+
}
|
|
122
|
+
return JUDGES.filter((judge) => judge.id !== "code-structure");
|
|
123
|
+
}
|
|
42
124
|
/**
|
|
43
125
|
* Run a single judge against the provided code.
|
|
44
126
|
*/
|
|
45
|
-
export function evaluateWithJudge(judge, code, language, context) {
|
|
127
|
+
export function evaluateWithJudge(judge, code, language, context, options) {
|
|
46
128
|
const findings = [];
|
|
47
129
|
switch (judge.id) {
|
|
48
130
|
case "data-security":
|
|
@@ -145,23 +227,25 @@ export function evaluateWithJudge(judge, code, language, context) {
|
|
|
145
227
|
findings.push(...analyzeAgentInstructions(code, language));
|
|
146
228
|
break;
|
|
147
229
|
}
|
|
148
|
-
const
|
|
149
|
-
const
|
|
150
|
-
const
|
|
230
|
+
const filteredFindings = applyConfidenceThreshold(findings, options);
|
|
231
|
+
const score = calculateScore(filteredFindings);
|
|
232
|
+
const verdict = deriveVerdict(filteredFindings, score);
|
|
233
|
+
const summary = buildSummary(judge, filteredFindings, score, verdict);
|
|
151
234
|
return {
|
|
152
235
|
judgeId: judge.id,
|
|
153
236
|
judgeName: judge.name,
|
|
154
237
|
verdict,
|
|
155
238
|
score,
|
|
156
239
|
summary,
|
|
157
|
-
findings,
|
|
240
|
+
findings: filteredFindings,
|
|
158
241
|
};
|
|
159
242
|
}
|
|
160
243
|
/**
|
|
161
244
|
* Run the full tribunal — all judges evaluate the code.
|
|
162
245
|
*/
|
|
163
|
-
export function evaluateWithTribunal(code, language, context) {
|
|
164
|
-
const
|
|
246
|
+
export function evaluateWithTribunal(code, language, context, options) {
|
|
247
|
+
const judges = resolveJudgeSet(options);
|
|
248
|
+
const evaluations = judges.map((judge) => evaluateWithJudge(judge, code, language, context, options));
|
|
165
249
|
const overallScore = Math.round(evaluations.reduce((sum, e) => sum + e.score, 0) / evaluations.length);
|
|
166
250
|
const overallVerdict = evaluations.some((e) => e.verdict === "fail")
|
|
167
251
|
? "fail"
|
|
@@ -187,10 +271,10 @@ export function evaluateWithTribunal(code, language, context) {
|
|
|
187
271
|
* Evaluate multiple files as a project. Runs the full tribunal on each file,
|
|
188
272
|
* then detects cross-file architectural issues.
|
|
189
273
|
*/
|
|
190
|
-
export function evaluateProject(files, context) {
|
|
274
|
+
export function evaluateProject(files, context, options) {
|
|
191
275
|
// Per-file evaluations
|
|
192
276
|
const fileResults = files.map((f) => {
|
|
193
|
-
const verdict = evaluateWithTribunal(f.content, f.language, context);
|
|
277
|
+
const verdict = evaluateWithTribunal(f.content, f.language, context, options);
|
|
194
278
|
return {
|
|
195
279
|
path: f.path,
|
|
196
280
|
language: f.language,
|
|
@@ -240,6 +324,7 @@ export function evaluateProject(files, context) {
|
|
|
240
324
|
recommendation: "Standardize on a single error handling strategy across the project.",
|
|
241
325
|
});
|
|
242
326
|
}
|
|
327
|
+
const filteredArchitecturalFindings = applyConfidenceThreshold(architecturalFindings, options);
|
|
243
328
|
// Check for circular-looking dependency indicators
|
|
244
329
|
const importMap = new Map();
|
|
245
330
|
for (const f of files) {
|
|
@@ -248,7 +333,7 @@ export function evaluateProject(files, context) {
|
|
|
248
333
|
}
|
|
249
334
|
// Overall scores
|
|
250
335
|
const allFindings = fileResults.flatMap((f) => f.findings);
|
|
251
|
-
const crossFindings = [...allFindings, ...
|
|
336
|
+
const crossFindings = [...allFindings, ...filteredArchitecturalFindings];
|
|
252
337
|
const overallScore = fileResults.length > 0
|
|
253
338
|
? Math.round(fileResults.reduce((sum, f) => sum + f.score, 0) /
|
|
254
339
|
fileResults.length)
|
|
@@ -270,7 +355,7 @@ export function evaluateProject(files, context) {
|
|
|
270
355
|
highCount,
|
|
271
356
|
timestamp: new Date().toISOString(),
|
|
272
357
|
fileResults,
|
|
273
|
-
architecturalFindings,
|
|
358
|
+
architecturalFindings: filteredArchitecturalFindings,
|
|
274
359
|
};
|
|
275
360
|
}
|
|
276
361
|
// ─── Diff-based Incremental Analysis ──────────────────────────────────────────
|
|
@@ -278,8 +363,8 @@ export function evaluateProject(files, context) {
|
|
|
278
363
|
* Evaluate only the changed lines in a diff. Runs the full tribunal on the
|
|
279
364
|
* new code but filters findings to only those affecting changed line ranges.
|
|
280
365
|
*/
|
|
281
|
-
export function evaluateDiff(code, language, changedLines, context) {
|
|
282
|
-
const verdict = evaluateWithTribunal(code, language, context);
|
|
366
|
+
export function evaluateDiff(code, language, changedLines, context, options) {
|
|
367
|
+
const verdict = evaluateWithTribunal(code, language, context, options);
|
|
283
368
|
const allFindings = verdict.evaluations.flatMap((e) => e.findings);
|
|
284
369
|
// Filter findings to only those touching changed lines
|
|
285
370
|
const changedSet = new Set(changedLines);
|
|
@@ -603,7 +688,10 @@ export function runAppBuilderWorkflow(params) {
|
|
|
603
688
|
let findings;
|
|
604
689
|
if (params.files && params.files.length > 0) {
|
|
605
690
|
mode = "project";
|
|
606
|
-
const result = evaluateProject(params.files, params.context
|
|
691
|
+
const result = evaluateProject(params.files, params.context, {
|
|
692
|
+
includeAstFindings: params.includeAstFindings,
|
|
693
|
+
minConfidence: params.minConfidence,
|
|
694
|
+
});
|
|
607
695
|
verdict = result.overallVerdict;
|
|
608
696
|
score = result.overallScore;
|
|
609
697
|
findings = [
|
|
@@ -616,7 +704,10 @@ export function runAppBuilderWorkflow(params) {
|
|
|
616
704
|
throw new Error("changedLines mode requires both code and language inputs");
|
|
617
705
|
}
|
|
618
706
|
mode = "diff";
|
|
619
|
-
const result = evaluateDiff(params.code, params.language, params.changedLines, params.context
|
|
707
|
+
const result = evaluateDiff(params.code, params.language, params.changedLines, params.context, {
|
|
708
|
+
includeAstFindings: params.includeAstFindings,
|
|
709
|
+
minConfidence: params.minConfidence,
|
|
710
|
+
});
|
|
620
711
|
verdict = result.verdict;
|
|
621
712
|
score = result.score;
|
|
622
713
|
findings = result.findings;
|
|
@@ -626,7 +717,10 @@ export function runAppBuilderWorkflow(params) {
|
|
|
626
717
|
throw new Error("code mode requires both code and language, or provide files for project mode");
|
|
627
718
|
}
|
|
628
719
|
mode = "code";
|
|
629
|
-
const result = evaluateWithTribunal(params.code, params.language, params.context
|
|
720
|
+
const result = evaluateWithTribunal(params.code, params.language, params.context, {
|
|
721
|
+
includeAstFindings: params.includeAstFindings,
|
|
722
|
+
minConfidence: params.minConfidence,
|
|
723
|
+
});
|
|
630
724
|
verdict = result.overallVerdict;
|
|
631
725
|
score = result.overallScore;
|
|
632
726
|
findings = result.evaluations.flatMap((evaluation) => evaluation.findings);
|