@lbroth/rothunter 1.0.0-rc.1

package/dist/detectors/bad-config.js

@@ -0,0 +1,529 @@
+import * as path from 'node:path';
+import { existsSync, readFileSync } from 'node:fs';
+import { readdirSync, statSync } from 'node:fs';
+import { stableHash } from '../utils/hash.js';
+import { escapeForRegex } from '../utils/regex.js';
+// Flags anti-patterns in tsconfig*.json, eslint config, biome.json:
+// disabled strict family, any-permitting rules off, legacy targets.
+// Cites the exact JSON key path.
+export function detectBadConfig(input) {
+    const findings = [];
+    const seen = new Set();
+    const candidates = discoverConfigFiles(input.workspaceRoot, input.files);
+    for (const rel of candidates) {
+        if (seen.has(rel))
+            continue;
+        seen.add(rel);
+        const abs = path.resolve(input.workspaceRoot, rel);
+        let raw;
+        try {
+            raw = readFileSync(abs, 'utf-8');
+        }
+        catch {
+            continue;
+        }
+        if (rel.endsWith('.json') || /\/tsconfig.*\.json$/.test(rel) || rel.endsWith('biome.json') || rel.endsWith('biome.jsonc')) {
+            const parsed = tryParseJsonc(raw);
+            if (!parsed)
+                continue;
+            if (isTsConfig(rel)) {
+                // Resolve `extends` chain so inherited strict-family flags
+                // count. Operators commonly put `strict: true` in
+                // `tsconfig.base.json` and leave the leaf tsconfigs minimal;
+                // flagging those leafs as "strict not set" is a false positive.
+                const merged = mergeTsConfigExtends(input.workspaceRoot, rel, parsed);
+                findings.push(...analyseTsConfig(rel, raw, merged));
+            }
+            else if (rel.endsWith('biome.json') || rel.endsWith('biome.jsonc'))
+                findings.push(...analyseBiome(rel, raw, parsed));
+            else if (isEslintJson(rel))
+                findings.push(...analyseEslint(rel, raw, parsed));
+        }
+        else if (isEslintScript(rel)) {
+            findings.push(...analyseEslintScript(rel, raw));
+        }
+    }
+    return findings;
+}
+/**
+ * Walk the tsconfig `extends` chain (relative + bare specifiers),
+ * merging parent `compilerOptions` under the child's. Bounded depth
+ * (8) + a visited set guard against cyclic / pathological inheritance.
+ * The merged object is what the rule checks read — so a leaf tsconfig
+ * that only sets `outDir` no longer trips "strict not set" when its
+ * base has `"strict": true`.
+ */
+function mergeTsConfigExtends(workspaceRoot, relConfig, raw, visited = new Set(), depth = 0) {
+    if (depth >= 8)
+        return raw;
+    const root = asObj(raw);
+    if (!root)
+        return raw;
+    const extendsValue = typeof root.extends === 'string' ? root.extends : null;
+    if (!extendsValue)
+        return raw;
+    const configAbs = path.resolve(workspaceRoot, relConfig);
+    if (visited.has(configAbs))
+        return raw;
+    visited.add(configAbs);
+    const configDir = path.dirname(configAbs);
+    const parentAbs = resolveExtends(configDir, extendsValue);
+    if (!parentAbs)
+        return raw;
+    let parentRaw;
+    try {
+        parentRaw = tryParseJsonc(readFileSync(parentAbs, 'utf-8'));
+    }
+    catch {
+        return raw;
+    }
+    if (!parentRaw)
+        return raw;
+    const parentMerged = mergeTsConfigExtends(workspaceRoot, path.relative(workspaceRoot, parentAbs), parentRaw, visited, depth + 1);
+    const parentObj = asObj(parentMerged) ?? {};
+    const parentCompiler = asObj(parentObj.compilerOptions) ?? {};
+    const childCompiler = asObj(root.compilerOptions) ?? {};
+    return {
+        ...parentObj,
+        ...root,
+        compilerOptions: { ...parentCompiler, ...childCompiler },
+    };
+}
+function resolveExtends(configDir, extendsValue) {
+    const tryPaths = (base) => {
+        if (existsSync(base))
+            return base;
+        if (existsSync(`${base}.json`))
+            return `${base}.json`;
+        return null;
+    };
+    if (extendsValue.startsWith('.') || extendsValue.startsWith('/')) {
+        return tryPaths(path.resolve(configDir, extendsValue));
+    }
+    // Bare specifier — walk node_modules up.
+    let cur = configDir;
+    while (cur !== path.dirname(cur)) {
+        const candidate = path.join(cur, 'node_modules', extendsValue);
+        const hit = tryPaths(candidate);
+        if (hit)
+            return hit;
+        cur = path.dirname(cur);
+    }
+    return null;
+}
+function discoverConfigFiles(workspaceRoot, files) {
+    const fromParse = files.filter((f) => isConfigFile(f));
+    // The parsed file set covers .ts/.tsx — but tsconfig/eslint are JSON or
+    // pre-import JS, so they're invisible to the symbol parser. Do a light
+    // scan of the workspace root for the common config filenames.
+    const fromRoot = [];
+    for (const name of CONFIG_ROOT_FILES) {
+        const candidate = path.join(workspaceRoot, name);
+        if (existsSync(candidate))
+            fromRoot.push(name);
+    }
+    // Pick up tsconfig.something.json variants too.
+    try {
+        for (const entry of readdirSync(workspaceRoot)) {
+            if (/^tsconfig(\..+)?\.json$/.test(entry))
+                fromRoot.push(entry);
+        }
+    }
+    catch {
+        // workspace unreadable — fall through
+    }
+    // Also pick tsconfig.json from immediate sub-packages (monorepo roots).
+    try {
+        for (const entry of readdirSync(workspaceRoot)) {
+            const sub = path.join(workspaceRoot, entry);
+            let s;
+            try {
+                s = statSync(sub);
+            }
+            catch {
+                continue;
+            }
+            if (!s.isDirectory())
+                continue;
+            if (entry.startsWith('.') || entry === 'node_modules')
+                continue;
+            for (const name of CONFIG_ROOT_FILES) {
+                const candidate = path.join(sub, name);
+                if (existsSync(candidate))
+                    fromRoot.push(path.join(entry, name));
+            }
+        }
+    }
+    catch {
+        // ignore
+    }
+    return [...new Set([...fromParse, ...fromRoot])];
+}
+const CONFIG_ROOT_FILES = [
+    'tsconfig.json',
+    'tsconfig.base.json',
+    'tsconfig.build.json',
+    '.eslintrc',
+    '.eslintrc.json',
+    '.eslintrc.js',
+    '.eslintrc.cjs',
+    'eslint.config.js',
+    'eslint.config.mjs',
+    'eslint.config.cjs',
+    'eslint.config.ts',
+    'biome.json',
+    'biome.jsonc',
+];
+function isConfigFile(file) {
+    return /(^|\/)(tsconfig.*\.json|\.eslintrc(\.\w+)?|eslint\.config\.\w+|biome\.jsonc?)$/.test(file.replace(/\\/g, '/'));
+}
+function isTsConfig(file) {
+    return /(^|\/)tsconfig.*\.json$/.test(file.replace(/\\/g, '/'));
+}
+function isEslintJson(file) {
+    return /(^|\/)\.eslintrc(\.json)?$/.test(file.replace(/\\/g, '/'));
+}
+function isEslintScript(file) {
+    return /(^|\/)\.?eslintrc?\.(js|cjs|mjs|ts)$/.test(file.replace(/\\/g, '/'))
+        || /(^|\/)eslint\.config\.(js|mjs|cjs|ts)$/.test(file.replace(/\\/g, '/'));
+}
+/**
+ * Lightweight JSONC parser: strips // line comments, /* block comments,
+ * and trailing commas before JSON.parse. tsconfig.json + biome.jsonc
+ * accept all three; the editor-quoted location lines aren't affected
+ * because we only use this for value lookup, not editing.
+ */
+function tryParseJsonc(text) {
+    try {
+        const stripped = text
+            .replace(/\/\*[\s\S]*?\*\//g, '')
+            .replace(/(^|[^:"\\])\/\/.*$/gm, '$1')
+            .replace(/,(\s*[}\]])/g, '$1');
+        return JSON.parse(stripped);
+    }
+    catch {
+        return null;
+    }
+}
+function asObj(v) {
+    return v && typeof v === 'object' && !Array.isArray(v) ? v : null;
+}
+function analyseTsConfig(file, raw, parsed) {
+    const root = asObj(parsed);
+    if (!root)
+        return [];
+    const compilerOptions = asObj(root.compilerOptions) ?? {};
+    const out = [];
+    // strict family
+    if (compilerOptions.strict === false) {
+        out.push(makeFinding({
+            file, raw, key: 'strict',
+            detectorId: 'bad-config',
+            severity: 'high',
+            title: 'tsconfig: \`strict\` disabled',
+            blurb: '`"strict": false` opts out of the umbrella that enables `noImplicitAny`, `strictNullChecks`, and other safety nets in one go. Code compiled under this setting silently accepts `any` and undefined-prone access.',
+            suggestion: 'Set `"strict": true` and burn down the resulting type errors. Use file-level `// @ts-expect-error` to triage gradually.',
+        }));
+    }
+    else if (compilerOptions.strict === undefined && compilerOptions.noImplicitAny !== true && compilerOptions.strictNullChecks !== true) {
+        out.push(makeFinding({
+            file, raw, key: 'compilerOptions',
+            detectorId: 'bad-config',
+            severity: 'medium',
+            title: 'tsconfig: \`strict\` not set',
+            blurb: 'Without `"strict": true` (and no explicit sub-flags), `noImplicitAny` and `strictNullChecks` default to false. Most type-safety guarantees are off.',
+            suggestion: 'Add `"strict": true` to `compilerOptions`.',
+        }));
+    }
+    if (compilerOptions.noImplicitAny === false) {
+        out.push(makeFinding({
+            file, raw, key: 'noImplicitAny',
+            detectorId: 'bad-config',
+            severity: 'high',
+            title: 'tsconfig: \`noImplicitAny\` disabled',
+            blurb: 'Untyped parameters silently become `any`. Refactors lose type-safety guarantees and a whole class of bugs becomes invisible.',
+            suggestion: 'Remove the override or set `"noImplicitAny": true`. Type the remaining offenders explicitly.',
+        }));
+    }
+    if (compilerOptions.strictNullChecks === false) {
+        out.push(makeFinding({
+            file, raw, key: 'strictNullChecks',
+            detectorId: 'bad-config',
+            severity: 'high',
+            title: 'tsconfig: \`strictNullChecks\` disabled',
+            blurb: '`null` and `undefined` are silently allowed in every value, defeating the most common class of runtime errors TS is meant to catch.',
+            suggestion: 'Set `"strictNullChecks": true` (or `"strict": true`). Use `?` and explicit unions where null is a legal value.',
+        }));
+    }
+    if (compilerOptions.noImplicitReturns === false) {
+        out.push(makeFinding({
+            file, raw, key: 'noImplicitReturns',
+            detectorId: 'bad-config',
+            severity: 'low',
+            title: 'tsconfig: \`noImplicitReturns\` disabled',
+            blurb: 'Functions can fall off the end without returning a value, returning `undefined` implicitly even when the type annotation forbids it.',
+            suggestion: 'Set `"noImplicitReturns": true`.',
+        }));
+    }
+    if (compilerOptions.noFallthroughCasesInSwitch === false) {
+        out.push(makeFinding({
+            file, raw, key: 'noFallthroughCasesInSwitch',
+            detectorId: 'bad-config',
+            severity: 'low',
+            title: 'tsconfig: \`noFallthroughCasesInSwitch\` disabled',
+            blurb: 'Missing `break` / `return` in switch cases silently falls through — a famous source of off-by-one bugs.',
+            suggestion: 'Set `"noFallthroughCasesInSwitch": true`.',
+        }));
+    }
+    if (compilerOptions.noUnusedLocals === false || compilerOptions.noUnusedParameters === false) {
+        out.push(makeFinding({
+            file, raw, key: compilerOptions.noUnusedLocals === false ? 'noUnusedLocals' : 'noUnusedParameters',
+            detectorId: 'bad-config',
+            severity: 'low',
+            title: 'tsconfig: unused-symbol checks disabled',
+            blurb: 'Unused locals/parameters accumulate as dead code and mask refactor mistakes.',
+            suggestion: 'Enable `"noUnusedLocals": true` and `"noUnusedParameters": true`. Prefix intentionally unused params with `_`.',
+        }));
+    }
+    if (compilerOptions.noUncheckedIndexedAccess === false) {
+        out.push(makeFinding({
+            file, raw, key: 'noUncheckedIndexedAccess',
+            detectorId: 'bad-config',
+            severity: 'low',
+            title: 'tsconfig: \`noUncheckedIndexedAccess\` disabled',
+            blurb: '`array[i]` is typed `T` instead of `T | undefined`. Out-of-bounds access is invisible to the type-checker.',
+            suggestion: 'Set `"noUncheckedIndexedAccess": true` and handle the `undefined` case at each index.',
+        }));
+    }
+    if (compilerOptions.allowJs === true && compilerOptions.checkJs !== true) {
+        out.push(makeFinding({
+            file, raw, key: 'allowJs',
+            detectorId: 'bad-config',
+            severity: 'medium',
+            title: 'tsconfig: \`allowJs\` without \`checkJs\`',
+            blurb: 'JS files are bundled with the TS project but not type-checked, so they leak unchecked `any` types into every importer.',
+            suggestion: 'Either remove `"allowJs"` once the migration is done, or add `"checkJs": true` to type-check the JS too.',
+        }));
+    }
+    if (compilerOptions.skipLibCheck === false) {
+        // Not actually a bad practice in most cases; skip.
+    }
+    if (typeof compilerOptions.target === 'string' && /^(ES3|ES5)$/i.test(compilerOptions.target)) {
+        out.push(makeFinding({
+            file, raw, key: 'target',
+            detectorId: 'bad-config',
+            severity: 'low',
+            title: `tsconfig: \`target\` is ${compilerOptions.target}`,
+            blurb: 'Pre-ES2015 target ships heavy polyfills, breaks async/await without runtime, and signals an old toolchain.',
+            suggestion: 'Bump `"target"` to `ES2020` or newer (Node 16+ supports it natively).',
+        }));
+    }
+    if (typeof compilerOptions.module === 'string' && compilerOptions.module.toLowerCase() === 'commonjs' && !file.endsWith('tsconfig.base.json')) {
+        out.push(makeFinding({
+            file, raw, key: 'module',
+            detectorId: 'bad-config',
+            severity: 'low',
+            title: 'tsconfig: \`module\` is CommonJS',
+            blurb: 'CommonJS output blocks top-level `await`, ESM-only deps, and complicates bundler interop. ESM is the default in modern toolchains.',
+            suggestion: 'Move to `"module": "ESNext"` (or `"NodeNext"` on Node), and `"moduleResolution": "Bundler"` (or `"NodeNext"`).',
+        }));
+    }
+    if (compilerOptions.suppressImplicitAnyIndexErrors === true || compilerOptions.suppressExcessPropertyErrors === true) {
+        out.push(makeFinding({
+            file, raw, key: compilerOptions.suppressImplicitAnyIndexErrors === true ? 'suppressImplicitAnyIndexErrors' : 'suppressExcessPropertyErrors',
+            detectorId: 'bad-config',
+            severity: 'high',
+            title: 'tsconfig: error-suppression flag enabled',
+            blurb: '`suppressImplicitAnyIndexErrors` / `suppressExcessPropertyErrors` silence whole classes of errors. Both are documented escape hatches the TS team discourages.',
+            suggestion: 'Remove the suppression flag and fix the underlying errors (typed index signatures, exact object shapes).',
+        }));
+    }
+    return out;
+}
+function analyseEslint(file, raw, parsed) {
+    const root = asObj(parsed);
+    if (!root)
+        return [];
+    const rules = asObj(root.rules) ?? {};
+    return analyseEslintRules(file, raw, rules);
+}
+function analyseEslintRules(file, raw, rules) {
+    const out = [];
+    const BAD = {
+        '@typescript-eslint/no-explicit-any': {
+            sev: 'high',
+            title: 'eslint: \`no-explicit-any\` disabled',
+            blurb: '`any` defeats type-checking by design. Disabling this rule across the project is the lint-config equivalent of `strict:false`.',
+            suggestion: 'Re-enable the rule, fix offenders with `unknown` or generics, and use eslint-disable comments for the few legitimate cases.',
+        },
+        '@typescript-eslint/no-non-null-assertion': {
+            sev: 'medium',
+            title: 'eslint: \`no-non-null-assertion\` disabled',
+            blurb: '`foo!` overrides the type-checker. Disabling the rule globally normalises a pattern that silently crashes at runtime when the assumption fails.',
+            suggestion: 'Keep the rule on; opt out with a comment + reason at the rare site that actually needs it.',
+        },
+        '@typescript-eslint/no-unused-vars': {
+            sev: 'low',
+            title: 'eslint: \`no-unused-vars\` disabled',
+            blurb: 'Unused imports / vars accumulate, masking refactor mistakes and inflating bundle size.',
+            suggestion: 'Re-enable; prefix intentional throwaways with `_`.',
+        },
+        'eqeqeq': {
+            sev: 'low',
+            title: 'eslint: \`eqeqeq\` disabled',
+            blurb: '`==` coercion bugs are still real. Disabling the rule allows accidental `null == 0` weirdness.',
+            suggestion: 'Re-enable with `"always"`.',
+        },
+    };
+    for (const [name, cfg] of Object.entries(BAD)) {
+        const val = rules[name];
+        if (val == null)
+            continue;
+        if (val === 'off' || val === 0 || (Array.isArray(val) && (val[0] === 'off' || val[0] === 0))) {
+            out.push(makeFinding({
+                file, raw, key: name,
+                detectorId: 'bad-config',
+                severity: cfg.sev,
+                title: cfg.title,
+                blurb: cfg.blurb,
+                suggestion: cfg.suggestion,
+            }));
+        }
+    }
+    return out;
+}
+function analyseEslintScript(file, raw) {
+    // Best-effort heuristic for `eslint.config.js` (Flat) and legacy
+    // `.eslintrc.js` — we can't execute the module safely, so we regex for
+    // rule lines like `'@typescript-eslint/no-explicit-any': 'off'`.
+    const out = [];
+    const PATTERNS = [
+        {
+            name: '@typescript-eslint/no-explicit-any',
+            re: /['"]@typescript-eslint\/no-explicit-any['"]\s*:\s*\[?\s*['"]?off['"]?|['"]@typescript-eslint\/no-explicit-any['"]\s*:\s*0\b/,
+            sev: 'high',
+            title: 'eslint: \`no-explicit-any\` disabled',
+            blurb: '`any` defeats type-checking by design. Disabling this rule across the project is the lint-config equivalent of `strict:false`.',
+            suggestion: 'Re-enable; fix offenders with `unknown` or generics.',
+        },
+        {
+            name: '@typescript-eslint/no-non-null-assertion',
+            re: /['"]@typescript-eslint\/no-non-null-assertion['"]\s*:\s*\[?\s*['"]?off['"]?/,
+            sev: 'medium',
+            title: 'eslint: \`no-non-null-assertion\` disabled',
+            blurb: '`foo!` overrides the type-checker; rule should stay on.',
+            suggestion: 'Keep the rule on; opt out at site with a comment.',
+        },
+        {
+            name: '@typescript-eslint/no-unused-vars',
+            re: /['"]@typescript-eslint\/no-unused-vars['"]\s*:\s*\[?\s*['"]?off['"]?/,
+            sev: 'low',
+            title: 'eslint: \`no-unused-vars\` disabled',
+            blurb: 'Unused imports / vars accumulate, masking refactors.',
+            suggestion: 'Re-enable; prefix intentional throwaways with `_`.',
+        },
+        {
+            name: 'eqeqeq',
+            re: /['"]eqeqeq['"]\s*:\s*\[?\s*['"]?off['"]?/,
+            sev: 'low',
+            title: 'eslint: \`eqeqeq\` disabled',
+            blurb: '`==` coercion bugs are still real.',
+            suggestion: 'Re-enable with `"always"`.',
+        },
+    ];
+    for (const p of PATTERNS) {
+        const m = p.re.exec(raw);
+        if (!m)
+            continue;
+        out.push(makeFinding({
+            file, raw, key: p.name, indexOverride: m.index,
+            detectorId: 'bad-config',
+            severity: p.sev,
+            title: p.title,
+            blurb: p.blurb,
+            suggestion: p.suggestion,
+        }));
+    }
+    return out;
+}
+function analyseBiome(file, raw, parsed) {
+    const root = asObj(parsed);
+    if (!root)
+        return [];
+    const linter = asObj(root.linter) ?? {};
+    const rulesGroup = asObj(linter.rules) ?? {};
+    const suspicious = asObj(rulesGroup.suspicious) ?? {};
+    const style = asObj(rulesGroup.style) ?? {};
+    const out = [];
+    if (suspicious.noExplicitAny === 'off') {
+        out.push(makeFinding({
+            file, raw, key: 'noExplicitAny',
+            detectorId: 'bad-config',
+            severity: 'high',
+            title: 'biome: \`noExplicitAny\` disabled',
+            blurb: '`any` defeats type-checking by design.',
+            suggestion: 'Re-enable; fix offenders with `unknown` or generics.',
+        }));
+    }
+    if (style.noNonNullAssertion === 'off') {
+        out.push(makeFinding({
+            file, raw, key: 'noNonNullAssertion',
+            detectorId: 'bad-config',
+            severity: 'medium',
+            title: 'biome: \`noNonNullAssertion\` disabled',
+            blurb: '`foo!` overrides the type-checker.',
+            suggestion: 'Keep on; opt out at site with a comment.',
+        }));
+    }
+    if (linter.enabled === false) {
+        out.push(makeFinding({
+            file, raw, key: 'linter.enabled',
+            detectorId: 'bad-config',
+            severity: 'medium',
+            title: 'biome: linter disabled',
+            blurb: 'The whole linter is off — lint findings will never reach the developer.',
+            suggestion: 'Set `"enabled": true` and tune individual rules instead.',
+        }));
+    }
+    return out;
+}
+function makeFinding(args) {
+    const { line, snippetLines } = locateInSource(args.raw, args.key, args.indexOverride);
+    return {
+        detectorId: args.detectorId,
+        severity: args.severity,
+        confidence: 0.95,
+        layer: 1,
+        title: `${args.title} \`${args.file}\``,
+        description: args.blurb,
+        evidence: [
+            {
+                file: args.file,
+                range: { startLine: line, endLine: line },
+                snippet: snippetLines.join('\n'),
+            },
+        ],
+        suggestion: args.suggestion,
+        fingerprint: `bad-config:${stableHash(`${args.file}:${args.key}`)}`,
+    };
+}
+function locateInSource(raw, key, indexOverride) {
+    const idx = indexOverride ?? findKeyIndex(raw, key);
+    const lines = raw.split('\n');
+    if (idx < 0) {
+        return { line: 1, snippetLines: lines.slice(0, Math.min(3, lines.length)) };
+    }
+    const preceding = raw.slice(0, idx);
+    const line = preceding.split('\n').length;
+    const start = Math.max(0, line - 2);
+    const end = Math.min(lines.length, line + 2);
+    return { line, snippetLines: lines.slice(start, end) };
+}
+function findKeyIndex(raw, key) {
+    // Look for `"key"` or `'key'` followed by `:` — handles both JSONC and
+    // JS-style config dumps.
+    const re = new RegExp(`["']${escapeForRegex(key)}["']\\s*:`);
+    const m = re.exec(raw);
+    return m ? m.index : -1;
+}
+//# sourceMappingURL=bad-config.js.map

package/dist/detectors/bad-config.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bad-config.js","sourceRoot":"","sources":["../../src/detectors/bad-config.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAClC,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,SAAS,CAAC;AACnD,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEhD,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,MAAM,mBAAmB,CAAC;AAKnD,oEAAoE;AACpE,oEAAoE;AACpE,iCAAiC;AACjC,MAAM,UAAU,eAAe,CAAC,KAA6B;IAC3D,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAE/B,MAAM,UAAU,GAAG,mBAAmB,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;IACzE,KAAK,MAAM,GAAG,IAAI,UAAU,EAAE,CAAC;QAC7B,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,CAAC,CAAC;QACnD,IAAI,GAAW,CAAC;QAChB,IAAI,CAAC;YACH,GAAG,GAAG,YAAY,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QACnC,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,qBAAqB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;YAC1H,MAAM,MAAM,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;YAClC,IAAI,CAAC,MAAM;gBAAE,SAAS;YACtB,IAAI,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACpB,2DAA2D;gBAC3D,kDAAkD;gBAClD,6DAA6D;gBAC7D,gEAAgE;gBAChE,MAAM,MAAM,GAAG,oBAAoB,CAAC,KAAK,CAAC,aAAa,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;gBACtE,QAAQ,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC;YACtD,CAAC;iBAAM,IAAI,GAAG,CAAC,QAAQ,CAAC,YAAY,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,aAAa,CAAC;gBAAE,QAAQ,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC;iBAClH,IAAI,YAAY,CAAC,GAAG,CAAC;gBAAE,QAAQ,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,GAAG,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC,CAAC;QAChF,CAAC;aAAM,IAAI,cAAc,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,GAAG,mBAAmB,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,oBAAoB,CAC3B,aAAqB,EACrB,SAAiB,EACjB,GAAY,EACZ,UAAU,IAAI,GAAG,EAAU,EAC3B,KAAK,GAAG,CAAC;IAET,IAAI,KAAK,IAAI,CAAC;QAAE,OAAO,GAAG,CAAC;IAC3B,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC;IACxB,IAAI,CAAC,IAAI;QAAE,OAAO,GAAG,CAAC;IACtB,MAAM,YAAY,GAAG,OAAO,IAAI,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IAC5E,IAAI,CAAC,YAAY;QAAE,OAAO,GAAG,CAAC;IAC9B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,aAAa,EAAE,SAAS,CAAC,CAAC;IACzD,IAAI,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC;QAAE,OAAO,GAAG,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAEvB,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAC1C,MAAM,SAAS,GAAG,cAAc,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC;IAC1D,IAAI,CAAC,SAAS;QAAE,OAAO,GAAG,CAAC;IAE3B,IAAI,SAAkB,CAAC;IACvB,IAAI,CAAC;QACH,SAAS,GAAG,aAAa,CAAC,YAAY,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC,CAAC;IAC9D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,GAAG,CAAC;IACb,CAAC;IACD,IAAI,CAAC,SAAS;QAAE,OAAO,GAAG,CAAC;IAE3B,MAAM,YAAY,GAAG,oBAAoB,CACvC,aAAa,EACb,IAAI,CAAC,QAAQ,CAAC,aAAa,EAAE,SAAS,CAAC,EACvC,SAAS,EACT,OAAO,EACP,KAAK,GAAG,CAAC,CACV,CAAC;IACF,MAAM,SAAS,GAAG,KAAK,CAAC,YAAY,CAAC,IAAI,EAAE,CAAC;IAC5C,MAAM,cAAc,GAAG,KAAK,CAAC,SAAS,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;IAC9D,MAAM,aAAa,GAAG,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;IACxD,OAAO;QACL,GAAG,SAAS;QACZ,GAAG,IAAI;QACP,eAAe,EAAE,EAAE,GAAG,cAAc,EAAE,GAAG,aAAa,EAAE;KACzD,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,SAAiB,EAAE,YAAoB;IAC7D,MAAM,QAAQ,GAAG,CAAC,IAAY,EAAiB,EAAE;QAC/C,IAAI,UAAU,CAAC,IAAI,CAAC;YAAE,OAAO,IAAI,CAAC;QAClC,IAAI,UAAU,CAAC,GAAG,IAAI,OAAO,CAAC;YAAE,OAAO,GAAG,IAAI,OAAO,CAAC;QACtD,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;IACF,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;QACjE,OAAO,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,YAAY,CAAC,CAAC,CAAC;IACzD,CAAC;IACD,yCAAyC;IACzC,IAAI,GAAG,GAAG,SAAS,CAAC;IACpB,OAAO,GAAG,KAAK,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QACjC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,EAAE,YAAY,CAAC,CAAC;QAC/D,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC;QAChC,IAAI,GAAG;YAAE,OAAO,GAAG,CAAC;QACpB,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1B,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,mBAAmB,CAAC,aAAqB,EAAE,KAA4B;IAC9E,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,wEAAwE;IACxE,uEAAuE;IACvE,8DAA8D;IAC9D,MAAM,QAAQ,GAAa,EAAE,CAAC;IAC9B,KAAK,MAAM,IAAI,IAAI,iBAAiB,EAAE,CAAC;QACrC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,IAAI,CAAC,CAAC;QACjD,IAAI,UAAU,CAAC,SAAS,CAAC;YAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjD,CAAC;IACD,gDAAgD;IAChD,IAAI,CAAC;QACH,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/C,IAAI,yBAAyB,CAAC,IAAI,CAAC,KAAK,CAAC;gBAAE,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAClE,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sCAAsC;IACxC,CAAC;IACD,wEAAwE;IACxE,IAAI,CAAC;QACH,KAAK,MAAM,KAAK,IAAI,WAAW,CAAC,aAAa,CAAC,EAAE,CAAC;YAC/C,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;YAC5C,IAAI,CAAC,CAAC;YACN,IAAI,CAAC;gBACH,CAAC,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC;YACpB,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE;gBAAE,SAAS;YAC/B,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,KAAK,cAAc;gBAAE,SAAS;YAChE,KAAK,MAAM,IAAI,IAAI,iBAAiB,EAAE,CAAC;gBACrC,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBACvC,IAAI,UAAU,CAAC,SAAS,CAAC;oBAAE,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC,CAAC;YACnE,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,SAAS;IACX,CAAC;IACD,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,SAAS,EAAE,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AAED,MAAM,iBAAiB,GAAG;IACxB,eAAe;IACf,oBAAoB;IACpB,qBAAqB;IACrB,WAAW;IACX,gBAAgB;IAChB,cAAc;IACd,eAAe;IACf,kBAAkB;IAClB,mBAAmB;IACnB,mBAAmB;IACnB,kBAAkB;IAClB,YAAY;IACZ,aAAa;CACd,CAAC;AAEF,SAAS,YAAY,CAAC,IAAY;IAChC,OAAO,gFAAgF,CAAC,IAAI,CAC1F,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CACzB,CAAC;AACJ,CAAC;AAED,SAAS,UAAU,CAAC,IAAY;IAC9B,OAAO,yBAAyB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;AAClE,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,OAAO,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;AACrE,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAClC,OAAO,sCAAsC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;WACvE,wCAAwC,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,CAAC;AAC/E,CAAC;AAED;;;;;GAKG;AACH,SAAS,aAAa,CAAC,IAAY;IACjC,IAAI,CAAC;QACH,MAAM,QAAQ,GAAG,IAAI;aAClB,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC;aAChC,OAAO,CAAC,sBAAsB,EAAE,IAAI,CAAC;aACrC,OAAO,CAAC,cAAc,EAAE,IAAI,CAAC,CAAC;QACjC,OAAO,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAMD,SAAS,KAAK,CAAC,CAAU;IACvB,OAAO,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,CAAa,CAAC,CAAC,CAAC,IAAI,CAAC;AACjF,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,GAAW,EAAE,MAAe;IACjE,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3B,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,CAAC;IACrB,MAAM,eAAe,GAAG,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,CAAC;IAC1D,MAAM,GAAG,GAAc,EAAE,CAAC;IAE1B,gBAAgB;IAChB,IAAI,eAAe,CAAC,MAAM,KAAK,KAAK,EAAE,CAAC;QACrC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ;YACxB,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,+BAA+B;YACtC,KAAK,EAAE,mNAAmN;YAC1N,UAAU,EAAE,yHAAyH;SACtI,CAAC,CAAC,CAAC;IACN,CAAC;SAAM,IAAI,eAAe,CAAC,MAAM,KAAK,SAAS,IAAI,eAAe,CAAC,aAAa,KAAK,IAAI,IAAI,eAAe,CAAC,gBAAgB,KAAK,IAAI,EAAE,CAAC;QACvI,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,iBAAiB;YACjC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,8BAA8B;YACrC,KAAK,EAAE,qJAAqJ;YAC5J,UAAU,EAAE,4CAA4C;SACzD,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QAC5C,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,eAAe;YAC/B,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,sCAAsC;YAC7C,KAAK,EAAE,8HAA8H;YACrI,UAAU,EAAE,8FAA8F;SAC3G,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,gBAAgB,KAAK,KAAK,EAAE,CAAC;QAC/C,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,kBAAkB;YAClC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,yCAAyC;YAChD,KAAK,EAAE,qIAAqI;YAC5I,UAAU,EAAE,gHAAgH;SAC7H,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,iBAAiB,KAAK,KAAK,EAAE,CAAC;QAChD,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,mBAAmB;YACnC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,0CAA0C;YACjD,KAAK,EAAE,sIAAsI;YAC7I,UAAU,EAAE,kCAAkC;SAC/C,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,0BAA0B,KAAK,KAAK,EAAE,CAAC;QACzD,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,4BAA4B;YAC5C,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,mDAAmD;YAC1D,KAAK,EAAE,yGAAyG;YAChH,UAAU,EAAE,2CAA2C;SACxD,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,cAAc,KAAK,KAAK,IAAI,eAAe,CAAC,kBAAkB,KAAK,KAAK,EAAE,CAAC;QAC7F,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,eAAe,CAAC,cAAc,KAAK,KAAK,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,oBAAoB;YAClG,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,yCAAyC;YAChD,KAAK,EAAE,8EAA8E;YACrF,UAAU,EAAE,gHAAgH;SAC7H,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,wBAAwB,KAAK,KAAK,EAAE,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,0BAA0B;YAC1C,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,iDAAiD;YACxD,KAAK,EAAE,4GAA4G;YACnH,UAAU,EAAE,uFAAuF;SACpG,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,OAAO,KAAK,IAAI,IAAI,eAAe,CAAC,OAAO,KAAK,IAAI,EAAE,CAAC;QACzE,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,SAAS;YACzB,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,2CAA2C;YAClD,KAAK,EAAE,wHAAwH;YAC/H,UAAU,EAAE,0GAA0G;SACvH,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,YAAY,KAAK,KAAK,EAAE,CAAC;QAC3C,mDAAmD;IACrD,CAAC;IACD,IAAI,OAAO,eAAe,CAAC,MAAM,KAAK,QAAQ,IAAI,cAAc,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;QAC9F,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ;YACxB,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,2BAA2B,eAAe,CAAC,MAAM,EAAE;YAC1D,KAAK,EAAE,4GAA4G;YACnH,UAAU,EAAE,uEAAuE;SACpF,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,OAAO,eAAe,CAAC,MAAM,KAAK,QAAQ,IAAI,eAAe,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,UAAU,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC9I,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,QAAQ;YACxB,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,KAAK;YACf,KAAK,EAAE,kCAAkC;YACzC,KAAK,EAAE,oIAAoI;YAC3I,UAAU,EAAE,gHAAgH;SAC7H,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,eAAe,CAAC,8BAA8B,KAAK,IAAI,IAAI,eAAe,CAAC,4BAA4B,KAAK,IAAI,EAAE,CAAC;QACrH,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,eAAe,CAAC,8BAA8B,KAAK,IAAI,CAAC,CAAC,CAAC,gCAAgC,CAAC,CAAC,CAAC,8BAA8B;YAC3I,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,0CAA0C;YACjD,KAAK,EAAE,gKAAgK;YACvK,UAAU,EAAE,0GAA0G;SACvH,CAAC,CAAC,CAAC;IACN,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,aAAa,CAAC,IAAY,EAAE,GAAW,EAAE,MAAe;IAC/D,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3B,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,CAAC;IACrB,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IACtC,OAAO,kBAAkB,CAAC,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,kBAAkB,CAAC,IAAY,EAAE,GAAW,EAAE,KAAc;IACnE,MAAM,GAAG,GAAc,EAAE,CAAC;IAC1B,MAAM,GAAG,GAAyG;QAChH,oCAAoC,EAAE;YACpC,GAAG,EAAE,MAAM;YACX,KAAK,EAAE,sCAAsC;YAC7C,KAAK,EAAE,gIAAgI;YACvI,UAAU,EAAE,6HAA6H;SAC1I;QACD,0CAA0C,EAAE;YAC1C,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,4CAA4C;YACnD,KAAK,EAAE,iJAAiJ;YACxJ,UAAU,EAAE,4FAA4F;SACzG;QACD,mCAAmC,EAAE;YACnC,GAAG,EAAE,KAAK;YACV,KAAK,EAAE,qCAAqC;YAC5C,KAAK,EAAE,wFAAwF;YAC/F,UAAU,EAAE,oDAAoD;SACjE;QACD,QAAQ,EAAE;YACR,GAAG,EAAE,KAAK;YACV,KAAK,EAAE,6BAA6B;YACpC,KAAK,EAAE,gGAAgG;YACvG,UAAU,EAAE,4BAA4B;SACzC;KACF,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAC9C,MAAM,GAAG,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC;QACxB,IAAI,GAAG,IAAI,IAAI;YAAE,SAAS;QAC1B,IAAI,GAAG,KAAK,KAAK,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,IAAI,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7F,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;gBACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,IAAI;gBACpB,UAAU,EAAE,YAAY;gBACxB,QAAQ,EAAE,GAAG,CAAC,GAAG;gBACjB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,KAAK,EAAE,GAAG,CAAC,KAAK;gBAChB,UAAU,EAAE,GAAG,CAAC,UAAU;aAC3B,CAAC,CAAC,CAAC;QACN,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,mBAAmB,CAAC,IAAY,EAAE,GAAW;IACpD,iEAAiE;IACjE,uEAAuE;IACvE,iEAAiE;IACjE,MAAM,GAAG,GAAc,EAAE,CAAC;IAC1B,MAAM,QAAQ,GAOT;QACH;YACE,IAAI,EAAE,oCAAoC;YAC1C,EAAE,EAAE,6HAA6H;YACjI,GAAG,EAAE,MAAM;YACX,KAAK,EAAE,sCAAsC;YAC7C,KAAK,EAAE,gIAAgI;YACvI,UAAU,EAAE,sDAAsD;SACnE;QACD;YACE,IAAI,EAAE,0CAA0C;YAChD,EAAE,EAAE,6EAA6E;YACjF,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,4CAA4C;YACnD,KAAK,EAAE,yDAAyD;YAChE,UAAU,EAAE,mDAAmD;SAChE;QACD;YACE,IAAI,EAAE,mCAAmC;YACzC,EAAE,EAAE,sEAAsE;YAC1E,GAAG,EAAE,KAAK;YACV,KAAK,EAAE,qCAAqC;YAC5C,KAAK,EAAE,sDAAsD;YAC7D,UAAU,EAAE,oDAAoD;SACjE;QACD;YACE,IAAI,EAAE,QAAQ;YACd,EAAE,EAAE,0CAA0C;YAC9C,GAAG,EAAE,KAAK;YACV,KAAK,EAAE,6BAA6B;YACpC,KAAK,EAAE,oCAAoC;YAC3C,UAAU,EAAE,4BAA4B;SACzC;KACF,CAAC;IACF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACzB,IAAI,CAAC,CAAC;YAAE,SAAS;QACjB,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,aAAa,EAAE,CAAC,CAAC,KAAK;YAC9C,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,CAAC,CAAC,GAAG;YACf,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,UAAU,EAAE,CAAC,CAAC,UAAU;SACzB,CAAC,CAAC,CAAC;IACN,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,IAAY,EAAE,GAAW,EAAE,MAAe;IAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC;IAC3B,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IACxC,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAC7C,MAAM,UAAU,GAAG,KAAK,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC;IACtD,MAAM,KAAK,GAAG,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC;IAC5C,MAAM,GAAG,GAAc,EAAE,CAAC;IAC1B,IAAI,UAAU,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACvC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,eAAe;YAC/B,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,MAAM;YAChB,KAAK,EAAE,mCAAmC;YAC1C,KAAK,EAAE,wCAAwC;YAC/C,UAAU,EAAE,sDAAsD;SACnE,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,KAAK,CAAC,kBAAkB,KAAK,KAAK,EAAE,CAAC;QACvC,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,oBAAoB;YACpC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wCAAwC;YAC/C,KAAK,EAAE,oCAAoC;YAC3C,UAAU,EAAE,0CAA0C;SACvD,CAAC,CAAC,CAAC;IACN,CAAC;IACD,IAAI,MAAM,CAAC,OAAO,KAAK,KAAK,EAAE,CAAC;QAC7B,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;YACnB,IAAI,EAAE,GAAG,EAAE,GAAG,EAAE,gBAAgB;YAChC,UAAU,EAAE,YAAY;YACxB,QAAQ,EAAE,QAAQ;YAClB,KAAK,EAAE,wBAAwB;YAC/B,KAAK,EAAE,yEAAyE;YAChF,UAAU,EAAE,0DAA0D;SACvE,CAAC,CAAC,CAAC;IACN,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAcD,SAAS,WAAW,CAAC,IAAqB;IACxC,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,aAAa,CAAC,CAAC;IACtF,OAAO;QACL,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,QAAQ,EAAE,IAAI,CAAC,QAAQ;QACvB,UAAU,EAAE,IAAI;QAChB,KAAK,EAAE,CAAC;QACR,KAAK,EAAE,GAAG,IAAI,CAAC,KAAK,MAAM,IAAI,CAAC,IAAI,IAAI;QACvC,WAAW,EAAE,IAAI,CAAC,KAAK;QACvB,QAAQ,EAAE;YACR;gBACE,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;gBACzC,OAAO,EAAE,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC;aACjC;SACF;QACD,UAAU,EAAE,IAAI,CAAC,UAAU;QAC3B,WAAW,EAAE,cAAc,UAAU,CAAC,GAAG,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,GAAG,EAAE,CAAC,EAAE;KACpE,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,GAAW,EAAE,GAAW,EAAE,aAAsB;IACtE,MAAM,GAAG,GAAG,aAAa,IAAI,YAAY,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;QACZ,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,YAAY,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;IAC9E,CAAC;IACD,MAAM,SAAS,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IACpC,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;IAC1C,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;IACpC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;IAC7C,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;AACzD,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,GAAW;IAC5C,uEAAuE;IACvE,yBAAyB;IACzB,MAAM,EAAE,GAAG,IAAI,MAAM,CAAC,OAAO,cAAc,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IAC7D,MAAM,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACvB,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC1B,CAAC"}

package/dist/detectors/console-log-prod.d.ts

@@ -0,0 +1,6 @@
+import type { Finding } from '../types.js';
+import type { FileWalkingDetectorInput } from '../types/detector-input.js';
+export interface ConsoleLogProdDetectorInput extends FileWalkingDetectorInput {
+}
+export declare function detectConsoleLogsInProd(input: ConsoleLogProdDetectorInput): Finding[];
+//# sourceMappingURL=console-log-prod.d.ts.map

package/dist/detectors/console-log-prod.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"console-log-prod.d.ts","sourceRoot":"","sources":["../../src/detectors/console-log-prod.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,aAAa,CAAC;AAI3C,OAAO,KAAK,EAAE,wBAAwB,EAAE,MAAM,4BAA4B,CAAC;AAE3E,MAAM,WAAW,2BAA4B,SAAQ,wBAAwB;CAAG;AAGhF,wBAAgB,uBAAuB,CAAC,KAAK,EAAE,2BAA2B,GAAG,OAAO,EAAE,CAUrF"}

package/dist/detectors/console-log-prod.js

@@ -0,0 +1,72 @@
+import { makeSourceReader } from '../utils/source-reader.js';
+import { stableHash } from '../utils/hash.js';
+import { hasIgnoreAnnotation } from '../utils/ignore-annotation.js';
+// console.log/.debug/.info in non-test source. warn/error are intentional. LOW.
+export function detectConsoleLogsInProd(input) {
+    const read = makeSourceReader(input.workspaceRoot, input.project);
+    const findings = [];
+    for (const rel of input.files) {
+        if (!isAnalysable(rel))
+            continue;
+        const raw = read(rel);
+        if (raw == null)
+            continue;
+        findings.push(...analyseFile(rel, raw));
+    }
+    return findings;
+}
+const LOG_RE = /\bconsole\.(log|debug|info)\s*\(/g;
+function analyseFile(file, raw) {
+    const out = [];
+    for (const m of raw.matchAll(LOG_RE)) {
+        const line = lineOf(raw, m.index);
+        // Skip if the call is inside a line comment.
+        const lineText = lineAt(raw, line);
+        if (/^\s*\/\//.test(lineText))
+            continue;
+        if (hasIgnoreAnnotation(raw, line, 'console-log-prod'))
+            continue;
+        out.push({
+            detectorId: 'console-log-prod',
+            severity: 'low',
+            confidence: 0.9,
+            layer: 1,
+            title: `console.${m[1]} in ${file}:${line}`,
+            description: `\`console.${m[1]}\` leaks to stdout in production. Loggers configured for severity, redaction, or sampling do not see this output, and CI / serverless / browser consoles pollute with debug noise.`,
+            evidence: [
+                {
+                    file,
+                    range: { startLine: line, endLine: line },
+                    snippet: snippetAround(raw, line),
+                },
+            ],
+            suggestion: 'Route through the project logger (pino / winston / debug / your custom one). For temporary debugging, gate behind `if (process.env.DEBUG)` or remove before merging.',
+            fingerprint: `console-log-prod:${stableHash(`${file}:${line}:${m[1]}`)}`,
+        });
+    }
+    return out;
+}
+function lineAt(raw, line) {
+    return raw.split('\n')[line - 1] ?? '';
+}
+function isAnalysable(file) {
+    const posix = file.replace(/\\/g, '/');
+    return /\.(?:ts|tsx|mts|cts|js|jsx|mjs|cjs)$/.test(posix)
+        && !/\.d\.ts$/.test(posix)
+        && !/(^|\/)node_modules\//.test(posix)
+        && !/(?:^|\/)__tests__\//.test(posix)
+        && !/(?:^|\/)tests?\//.test(posix)
+        && !/(?:^|\/)scripts?\//.test(posix)
+        && !/\.test\.(?:ts|tsx|js|jsx)$/.test(posix)
+        && !/\.spec\.(?:ts|tsx|js|jsx)$/.test(posix);
+}
+function lineOf(raw, idx) {
+    return raw.slice(0, idx).split('\n').length;
+}
+function snippetAround(raw, line) {
+    const lines = raw.split('\n');
+    const from = Math.max(0, line - 1);
+    const to = Math.min(lines.length, line + 1);
+    return lines.slice(from, to).join('\n');
+}
+//# sourceMappingURL=console-log-prod.js.map

package/dist/detectors/console-log-prod.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"console-log-prod.js","sourceRoot":"","sources":["../../src/detectors/console-log-prod.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,UAAU,EAAE,MAAM,kBAAkB,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,+BAA+B,CAAC;AAKpE,gFAAgF;AAChF,MAAM,UAAU,uBAAuB,CAAC,KAAkC;IACxE,MAAM,IAAI,GAAG,gBAAgB,CAAC,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IAClE,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC9B,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;YAAE,SAAS;QACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC;QACtB,IAAI,GAAG,IAAI,IAAI;YAAE,SAAS;QAC1B,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC,CAAC;IAC1C,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,MAAM,GAAG,mCAAmC,CAAC;AAEnD,SAAS,WAAW,CAAC,IAAY,EAAE,GAAW;IAC5C,MAAM,GAAG,GAAc,EAAE,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QACrC,MAAM,IAAI,GAAG,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,KAAM,CAAC,CAAC;QACnC,6CAA6C;QAC7C,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACnC,IAAI,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC;YAAE,SAAS;QACxC,IAAI,mBAAmB,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,CAAC;YAAE,SAAS;QACjE,GAAG,CAAC,IAAI,CAAC;YACP,UAAU,EAAE,kBAAkB;YAC9B,QAAQ,EAAE,KAAK;YACf,UAAU,EAAE,GAAG;YACf,KAAK,EAAE,CAAC;YACR,KAAK,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,OAAO,IAAI,IAAI,IAAI,EAAE;YAC3C,WAAW,EAAE,aAAa,CAAC,CAAC,CAAC,CAAC,oLAAoL;YAClN,QAAQ,EAAE;gBACR;oBACE,IAAI;oBACJ,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE;oBACzC,OAAO,EAAE,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC;iBAClC;aACF;YACD,UAAU,EACR,sKAAsK;YACxK,WAAW,EAAE,oBAAoB,UAAU,CAAC,GAAG,IAAI,IAAI,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE;SACzE,CAAC,CAAC;IACL,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,MAAM,CAAC,GAAW,EAAE,IAAY;IACvC,OAAO,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;AACzC,CAAC;AAED,SAAS,YAAY,CAAC,IAAY;IAChC,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IACvC,OAAO,sCAAsC,CAAC,IAAI,CAAC,KAAK,CAAC;WACpD,CAAC,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC;WACvB,CAAC,sBAAsB,CAAC,IAAI,CAAC,KAAK,CAAC;WACnC,CAAC,qBAAqB,CAAC,IAAI,CAAC,KAAK,CAAC;WAClC,CAAC,kBAAkB,CAAC,IAAI,CAAC,KAAK,CAAC;WAC/B,CAAC,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC;WACjC,CAAC,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC;WACzC,CAAC,4BAA4B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;AACjD,CAAC;AAED,SAAS,MAAM,CAAC,GAAW,EAAE,GAAW;IACtC,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AAC9C,CAAC;AAED,SAAS,aAAa,CAAC,GAAW,EAAE,IAAY;IAC9C,MAAM,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC9B,MAAM,IAAI,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;IACnC,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;IAC5C,OAAO,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1C,CAAC"}

package/dist/detectors/dead-api.d.ts

@@ -0,0 +1,10 @@
+import type { Finding, SymbolRecord } from '../types.js';
+import type { ImportRecord } from '../graph/import-graph.js';
+export interface DeadApiDetectorInput {
+    /** Symbols from every linked workspace. `exported` set, `workspace` set. */
+    symbols: ReadonlyArray<SymbolRecord>;
+    /** Imports from every linked workspace, with `sourceWorkspace` + optional `targetWorkspace`. */
+    imports: ReadonlyArray<ImportRecord>;
+}
+export declare function detectDeadApis(input: DeadApiDetectorInput): Finding[];
+//# sourceMappingURL=dead-api.d.ts.map