@loxia-labs/loxia-autopilot-one 1.0.1 → 1.0.3

package/src/analyzers/SecurityAnalyzer.js

@@ -1,729 +1 @@
-/**
- * SecurityAnalyzer - Professional security scanning using external tools
- *
- * Uses industry-standard security scanners:
- * - Semgrep: Multi-language SAST
- * - Bandit: Python security scanner
- * - ESLint Security Plugin: JavaScript/TypeScript security
- * - npm audit: Node.js dependency vulnerabilities
- * - pip-audit: Python dependency vulnerabilities
- */
-
-import { exec } from 'child_process';
-import { promisify } from 'util';
-import path from 'path';
-import fs from 'fs/promises';
-import { STATIC_ANALYSIS } from '../utilities/constants.js';
-
-const execAsync = promisify(exec);
-
-class SecurityAnalyzer {
-  constructor(logger = null) {
-    this.logger = logger;
-    this.availableScanners = null;
-    this.scannerCache = new Map(); // Cache scanner availability checks
-
-    // Path to locally installed scanners (from postinstall script)
-    this.localScannerDir = path.join(process.cwd(), 'node_modules', '.scanners');
-  }
-
-  /**
-   * Detect which security scanners are available on the system
-   * @returns {Promise<Object>} Available scanners
-   */
-  async detectAvailableScanners() {
-    // Return cached result if available
-    if (this.availableScanners !== null) {
-      return this.availableScanners;
-    }
-
-    const available = {
-      semgrep: false,
-      bandit: false,
-      npmAudit: false,
-      pipAudit: false,
-      eslintSecurity: false
-    };
-
-    // Check for Semgrep (local first, then system)
-    try {
-      const localSemgrep = path.join(this.localScannerDir, 'semgrep');
-      try {
-        await fs.access(localSemgrep);
-        available.semgrep = true;
-        this.logger?.debug('Semgrep scanner detected (local)');
-      } catch {
-        await execAsync('semgrep --version', { timeout: 5000 });
-        available.semgrep = true;
-        this.logger?.debug('Semgrep scanner detected (system)');
-      }
-    } catch (error) {
-      this.logger?.debug('Semgrep not available', { error: error.message });
-    }
-
-    // Check for Bandit
-    try {
-      await execAsync('bandit --version', { timeout: 5000 });
-      available.bandit = true;
-      this.logger?.debug('Bandit scanner detected');
-    } catch (error) {
-      this.logger?.debug('Bandit not available', { error: error.message });
-    }
-
-    // Check for npm (npm audit is built-in)
-    try {
-      await execAsync('npm --version', { timeout: 5000 });
-      available.npmAudit = true;
-      this.logger?.debug('npm audit available');
-    } catch (error) {
-      this.logger?.debug('npm not available', { error: error.message });
-    }
-
-    // Check for pip-audit
-    try {
-      await execAsync('pip-audit --version', { timeout: 5000 });
-      available.pipAudit = true;
-      this.logger?.debug('pip-audit detected');
-    } catch (error) {
-      this.logger?.debug('pip-audit not available', { error: error.message });
-    }
-
-    // Check for eslint-plugin-security
-    try {
-      // Check if the package is installed
-      const result = await execAsync('npm list eslint-plugin-security --depth=0 --json', {
-        timeout: 5000,
-        cwd: process.cwd()
-      });
-      const parsed = JSON.parse(result.stdout);
-      if (parsed.dependencies && parsed.dependencies['eslint-plugin-security']) {
-        available.eslintSecurity = true;
-        this.logger?.debug('eslint-plugin-security detected');
-      }
-    } catch (error) {
-      this.logger?.debug('eslint-plugin-security not available', { error: error.message });
-    }
-
-    this.availableScanners = available;
-    return available;
-  }
-
-  /**
-   * Analyze a file for security vulnerabilities
-   * @param {string} filePath - Path to file
-   * @param {string} content - File content
-   * @param {Object} options - Analysis options
-   * @returns {Promise<Array>} Security issues found
-   */
-  async analyze(filePath, content, options = {}) {
-    const issues = [];
-    const available = await this.detectAvailableScanners();
-    const language = this.detectLanguage(filePath);
-
-    // Skip test files if requested
-    if (options.skipTestFiles !== false && this.isTestFile(filePath)) {
-      this.logger?.debug('Skipping test file for security scan', { filePath });
-      return [];
-    }
-
-    // Run appropriate scanners based on language
-    if (language === 'javascript' || language === 'typescript') {
-      // Run Semgrep for JS/TS
-      if (available.semgrep) {
-        const semgrepIssues = await this.runSemgrep(filePath, [language], options);
-        issues.push(...semgrepIssues);
-      }
-
-      // Run ESLint Security Plugin
-      if (available.eslintSecurity) {
-        const eslintIssues = await this.runESLintSecurity(filePath, content, options);
-        issues.push(...eslintIssues);
-      }
-    }
-
-    if (language === 'python') {
-      // Run Bandit for Python
-      if (available.bandit) {
-        const banditIssues = await this.runBandit(filePath, options);
-        issues.push(...banditIssues);
-      }
-
-      // Run Semgrep for Python
-      if (available.semgrep) {
-        const semgrepIssues = await this.runSemgrep(filePath, [language], options);
-        issues.push(...semgrepIssues);
-      }
-    }
-
-    // If no scanners available, return informative message
-    if (issues.length === 0 && !this.hasScannersForLanguage(available, language)) {
-      this.logger?.warn('No security scanners available for language', { language, filePath });
-    }
-
-    return this.normalizeResults(issues);
-  }
-
-  /**
-   * Analyze a project directory for security vulnerabilities
-   * @param {string} projectDir - Project directory path
-   * @param {string} language - Primary language to scan
-   * @param {Object} options - Analysis options
-   * @returns {Promise<Array>} Security issues found
-   */
-  async analyzeProject(projectDir, language, options = {}) {
-    const issues = [];
-    const available = await this.detectAvailableScanners();
-
-    // Run dependency scanners
-    if (language === 'javascript' || language === 'typescript') {
-      if (available.npmAudit) {
-        const npmIssues = await this.runNpmAudit(projectDir, options);
-        issues.push(...npmIssues);
-      }
-    }
-
-    if (language === 'python') {
-      if (available.pipAudit) {
-        const pipIssues = await this.runPipAudit(projectDir, options);
-        issues.push(...pipIssues);
-      }
-    }
-
-    return this.normalizeResults(issues);
-  }
-
-  /**
-   * Run Semgrep scanner
-   * @private
-   */
-  async runSemgrep(filePath, languages, options = {}) {
-    try {
-      const dir = path.dirname(filePath);
-      const result = await execAsync(
-        `semgrep --config=auto --json "${filePath}"`,
-        {
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 30000,
-          cwd: dir
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parseSemgrepResults(output);
-    } catch (error) {
-      // Semgrep exits with non-zero if issues found, check stdout
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parseSemgrepResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse Semgrep output', {
-            error: parseError.message,
-            stdout: error.stdout
-          });
-        }
-      }
-      this.logger?.error('Semgrep scan failed', { error: error.message });
-      return [];
-    }
-  }
-
-  /**
-   * Parse Semgrep results
-   * @private
-   */
-  parseSemgrepResults(output) {
-    const issues = [];
-
-    if (output.results && Array.isArray(output.results)) {
-      for (const result of output.results) {
-        issues.push({
-          file: result.path,
-          line: result.start?.line || 1,
-          column: result.start?.col || 1,
-          severity: this.mapSemgrepSeverity(result.extra?.severity),
-          rule: result.check_id,
-          message: result.extra?.message || result.extra?.lines || 'Security issue detected',
-          category: 'security',
-          scanner: 'semgrep',
-          cwe: result.extra?.metadata?.cwe,
-          owasp: result.extra?.metadata?.owasp,
-          confidence: result.extra?.metadata?.confidence,
-          references: result.extra?.metadata?.references
-        });
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run Bandit scanner for Python
-   * @private
-   */
-  async runBandit(filePath, options = {}) {
-    try {
-      const result = await execAsync(
-        `bandit -f json "${filePath}"`,
-        {
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 30000
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parseBanditResults(output);
-    } catch (error) {
-      // Bandit exits with non-zero if issues found
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parseBanditResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse Bandit output', {
-            error: parseError.message
-          });
-        }
-      }
-      this.logger?.error('Bandit scan failed', { error: error.message });
-      return [];
-    }
-  }
-
-  /**
-   * Parse Bandit results
-   * @private
-   */
-  parseBanditResults(output) {
-    const issues = [];
-
-    if (output.results && Array.isArray(output.results)) {
-      for (const result of output.results) {
-        issues.push({
-          file: result.filename,
-          line: result.line_number || 1,
-          column: result.col_offset || 1,
-          severity: this.mapBanditSeverity(result.issue_severity),
-          rule: result.test_id,
-          message: result.issue_text,
-          category: 'security',
-          scanner: 'bandit',
-          cwe: result.issue_cwe?.id ? `CWE-${result.issue_cwe.id}` : null,
-          confidence: result.issue_confidence,
-          moreInfo: result.more_info
-        });
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run ESLint with security plugin
-   * @private
-   */
-  async runESLintSecurity(filePath, content, options = {}) {
-    try {
-      // Use ESLint programmatically
-      const { ESLint } = await import('eslint');
-
-      const eslint = new ESLint({
-        overrideConfig: {
-          plugins: ['security'],
-          extends: ['plugin:security/recommended'],
-          parserOptions: {
-            ecmaVersion: 'latest',
-            sourceType: 'module'
-          }
-        },
-        useEslintrc: false
-      });
-
-      const results = await eslint.lintText(content, { filePath });
-      return this.parseESLintResults(results, filePath);
-    } catch (error) {
-      this.logger?.error('ESLint security scan failed', {
-        error: error.message,
-        filePath
-      });
-      return [];
-    }
-  }
-
-  /**
-   * Parse ESLint security results
-   * @private
-   */
-  parseESLintResults(results, filePath) {
-    const issues = [];
-
-    for (const result of results) {
-      if (result.messages && Array.isArray(result.messages)) {
-        for (const message of result.messages) {
-          // Only include security plugin rules
-          if (message.ruleId && message.ruleId.startsWith('security/')) {
-            issues.push({
-              file: filePath,
-              line: message.line || 1,
-              column: message.column || 1,
-              severity: this.mapESLintSeverity(message.severity),
-              rule: message.ruleId,
-              message: message.message,
-              category: 'security',
-              scanner: 'eslint-security',
-              fixable: message.fix !== undefined
-            });
-          }
-        }
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run npm audit for dependency vulnerabilities
-   * @private
-   */
-  async runNpmAudit(projectDir, options = {}) {
-    try {
-      // Check if package.json exists
-      const packageJsonPath = path.join(projectDir, 'package.json');
-      try {
-        await fs.access(packageJsonPath);
-      } catch {
-        this.logger?.debug('No package.json found, skipping npm audit');
-        return [];
-      }
-
-      const result = await execAsync(
-        'npm audit --json',
-        {
-          cwd: projectDir,
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 60000
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parseNpmAuditResults(output);
-    } catch (error) {
-      // npm audit exits with non-zero if vulnerabilities found
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parseNpmAuditResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse npm audit output', {
-            error: parseError.message
-          });
-        }
-      }
-      return [];
-    }
-  }
-
-  /**
-   * Parse npm audit results
-   * @private
-   */
-  parseNpmAuditResults(output) {
-    const issues = [];
-
-    // npm audit v7+ format
-    if (output.vulnerabilities) {
-      for (const [packageName, vuln] of Object.entries(output.vulnerabilities)) {
-        issues.push({
-          file: 'package.json',
-          line: 1,
-          column: 1,
-          severity: this.mapNpmSeverity(vuln.severity),
-          rule: `npm-${vuln.via[0]?.source || 'advisory'}`,
-          message: `${packageName}: ${vuln.via[0]?.title || 'Security vulnerability'}`,
-          category: 'security',
-          scanner: 'npm-audit',
-          package: packageName,
-          vulnerableVersions: vuln.range,
-          patchedVersions: vuln.fixAvailable ? 'Available' : 'None',
-          cve: vuln.via[0]?.cve,
-          cvss: vuln.via[0]?.cvss,
-          references: vuln.via[0]?.url ? [vuln.via[0].url] : []
-        });
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run pip-audit for Python dependencies
-   * @private
-   */
-  async runPipAudit(projectDir, options = {}) {
-    try {
-      // Check if requirements.txt exists
-      const requirementsPath = path.join(projectDir, 'requirements.txt');
-      try {
-        await fs.access(requirementsPath);
-      } catch {
-        this.logger?.debug('No requirements.txt found, skipping pip-audit');
-        return [];
-      }
-
-      const result = await execAsync(
-        'pip-audit --format json',
-        {
-          cwd: projectDir,
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 60000
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parsePipAuditResults(output);
-    } catch (error) {
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parsePipAuditResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse pip-audit output', {
-            error: parseError.message
-          });
-        }
-      }
-      return [];
-    }
-  }
-
-  /**
-   * Parse pip-audit results
-   * @private
-   */
-  parsePipAuditResults(output) {
-    const issues = [];
-
-    if (output.dependencies && Array.isArray(output.dependencies)) {
-      for (const dep of output.dependencies) {
-        if (dep.vulns && Array.isArray(dep.vulns)) {
-          for (const vuln of dep.vulns) {
-            issues.push({
-              file: 'requirements.txt',
-              line: 1,
-              column: 1,
-              severity: this.mapPipAuditSeverity(vuln.severity),
-              rule: vuln.id,
-              message: `${dep.name}: ${vuln.description || 'Security vulnerability'}`,
-              category: 'security',
-              scanner: 'pip-audit',
-              package: dep.name,
-              vulnerableVersion: dep.version,
-              fixedVersions: vuln.fix_versions,
-              references: vuln.aliases || []
-            });
-          }
-        }
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Detect language from file extension
-   * @private
-   */
-  detectLanguage(filePath) {
-    const ext = path.extname(filePath).toLowerCase();
-    const languageMap = {
-      '.js': 'javascript',
-      '.jsx': 'javascript',
-      '.mjs': 'javascript',
-      '.cjs': 'javascript',
-      '.ts': 'typescript',
-      '.tsx': 'typescript',
-      '.py': 'python'
-    };
-    return languageMap[ext] || null;
-  }
-
-  /**
-   * Check if file is a test file
-   * @private
-   */
-  isTestFile(filePath) {
-    const testPatterns = [
-      /\.test\./,
-      /\.spec\./,
-      /__tests__\//,
-      /\/tests?\//,
-      /\.test$/,
-      /\.spec$/
-    ];
-    return testPatterns.some(pattern => pattern.test(filePath));
-  }
-
-  /**
-   * Check if scanners are available for a language
-   * @private
-   */
-  hasScannersForLanguage(available, language) {
-    if (language === 'javascript' || language === 'typescript') {
-      return available.semgrep || available.eslintSecurity;
-    }
-    if (language === 'python') {
-      return available.bandit || available.semgrep;
-    }
-    return false;
-  }
-
-  /**
-   * Normalize all scanner results to common format
-   * @private
-   */
-  normalizeResults(results) {
-    return results.map(result => ({
-      file: result.file,
-      line: result.line || 1,
-      column: result.column || 1,
-      severity: result.severity || STATIC_ANALYSIS.SEVERITY.WARNING,
-      rule: result.rule || 'unknown',
-      message: result.message || 'Security issue detected',
-      category: 'security',
-      scanner: result.scanner,
-      cwe: result.cwe || null,
-      owasp: result.owasp || null,
-      confidence: result.confidence || null,
-      fixable: result.fixable || false,
-      remediation: result.remediation || result.moreInfo || null,
-      references: result.references || [],
-      package: result.package || null
-    }));
-  }
-
-  /**
-   * Map Semgrep severity to our standard
-   * @private
-   */
-  mapSemgrepSeverity(severity) {
-    const map = {
-      'ERROR': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'WARNING': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'INFO': STATIC_ANALYSIS.SEVERITY.WARNING
-    };
-    return map[severity?.toUpperCase()] || STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map Bandit severity to our standard
-   * @private
-   */
-  mapBanditSeverity(severity) {
-    const map = {
-      'HIGH': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'MEDIUM': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'LOW': STATIC_ANALYSIS.SEVERITY.WARNING
-    };
-    return map[severity?.toUpperCase()] || STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map ESLint severity to our standard
-   * @private
-   */
-  mapESLintSeverity(severity) {
-    return severity === 2 ? STATIC_ANALYSIS.SEVERITY.ERROR : STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map npm audit severity to our standard
-   * @private
-   */
-  mapNpmSeverity(severity) {
-    const map = {
-      'critical': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'high': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'moderate': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'low': STATIC_ANALYSIS.SEVERITY.WARNING,
-      'info': STATIC_ANALYSIS.SEVERITY.INFO
-    };
-    return map[severity?.toLowerCase()] || STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map pip-audit severity to our standard
-   * @private
-   */
-  mapPipAuditSeverity(severity) {
-    // pip-audit doesn't always provide severity, default to ERROR
-    if (!severity) return STATIC_ANALYSIS.SEVERITY.ERROR;
-
-    const map = {
-      'critical': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'high': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'medium': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'low': STATIC_ANALYSIS.SEVERITY.WARNING
-    };
-    return map[severity?.toLowerCase()] || STATIC_ANALYSIS.SEVERITY.ERROR;
-  }
-
-  /**
-   * Get scanner status report
-   * @returns {Promise<Object>} Scanner availability and status
-   */
-  async getScannerStatus() {
-    const available = await this.detectAvailableScanners();
-    return {
-      scanners: available,
-      recommendations: this.getInstallRecommendations(available)
-    };
-  }
-
-  /**
-   * Get installation recommendations for missing scanners
-   * @private
-   */
-  getInstallRecommendations(available) {
-    const recommendations = [];
-
-    if (!available.semgrep) {
-      recommendations.push({
-        scanner: 'Semgrep',
-        reason: 'Multi-language SAST with extensive security rules',
-        install: 'pip install semgrep OR use Docker: docker pull returntocorp/semgrep',
-        priority: 'high'
-      });
-    }
-
-    if (!available.bandit) {
-      recommendations.push({
-        scanner: 'Bandit',
-        reason: 'Python security scanner',
-        install: 'pip install bandit',
-        priority: 'medium'
-      });
-    }
-
-    if (!available.eslintSecurity) {
-      recommendations.push({
-        scanner: 'eslint-plugin-security',
-        reason: 'JavaScript/TypeScript security rules',
-        install: 'npm install --save-dev eslint-plugin-security',
-        priority: 'medium'
-      });
-    }
-
-    if (!available.pipAudit) {
-      recommendations.push({
-        scanner: 'pip-audit',
-        reason: 'Python dependency vulnerability scanner',
-        install: 'pip install pip-audit',
-        priority: 'low'
-      });
-    }
-
-    return recommendations;
-  }
-}
-
-export default SecurityAnalyzer;
+const a0_0x5d6f5b=a0_0x5e88;(function(_0xdd22f0,_0x5982ee){const _0x1fe4e0=a0_0x5e88,_0x31f1d1=_0xdd22f0();while(!![]){try{const _0x2a7f69=parseInt(_0x1fe4e0(0x1a6))/0x1+-parseInt(_0x1fe4e0(0x1e8))/0x2+parseInt(_0x1fe4e0(0x205))/0x3+-parseInt(_0x1fe4e0(0x207))/0x4+parseInt(_0x1fe4e0(0x1dd))/0x5+-parseInt(_0x1fe4e0(0x1eb))/0x6*(parseInt(_0x1fe4e0(0x1d6))/0x7)+-parseInt(_0x1fe4e0(0x191))/0x8;if(_0x2a7f69===_0x5982ee)break;else _0x31f1d1['push'](_0x31f1d1['shift']());}catch(_0x2245d9){_0x31f1d1['push'](_0x31f1d1['shift']());}}}(a0_0xb888,0xdadad));import{exec}from'child_process';import{promisify}from'util';import a0_0x3a5a26 from'path';import a0_0x5dd803 from'fs/promises';import{STATIC_ANALYSIS}from'../utilities/constants.js';function a0_0xb888(){const _0x2410fa=['zML4','D2fYBG','q1Dflq','CgfYC2vcyw5KAxrszxn1BhrZ','CgLWlwf1zgL0','C2nHBM5LCKnHy2HL','BM9Kzv9TB2r1BgvZ','BNbTigf1zgL0igf2ywLSywjSzq','AgfZu2nHBM5LCNngB3jmyw5NDwfNzq','CMvMzxjLBMnLCW','rvnmAw50ihnLy3vYAxr5ihnJyw4GzMfPBgvK','zgvZy3jPChrPB24','v0fstKLorW','Bwv0ywrHDge','CMvXDwLYzw1LBNrZlNr4Da','y3zZCW','qMfUzgL0','Dw5RBM93BG','BwvZC2fNzq','CgLWlwf1zgL0ic0TzM9YBwf0igPZB24','Bg9Nz2vY','u0vwrvjjvfK','Bg9JywXty2fUBMvYrgLY','CNvUu2vTz3jLCa','zxH0BMfTzq','yxzHAwXHyMXLu2nHBM5LCNm','y29Sx29MzNnLDa','u2vTz3jLCcbZy2fUBMvYigrLDgvJDgvKicHSB2nHBcK','mteYD3PdDvbp','zxjYB3i','CNvUtNbTqxvKAxq','C2v2zxjPDhK','u2vTz3jLCcbZy2fUigzHAwXLza','rMfPBgvKihrVihbHCNnLifnLBwDYzxaGB3v0Chv0','BNbTigLUC3rHBgWGls1ZyxzLlwrLDIbLC2XPBNqTCgX1z2LUlxnLy3vYAxr5','nJiXodaWmhrRBMXewq','C3rHCNq','CgfJA2fNzq','ywXPyxnLCW','BwfW','Bw9KDwXL','zgv0zwn0qxzHAwXHyMXLu2nHBM5LCNm','DMLH','zxH0CMe','CgLWlwf1zgL0ic0TDMvYC2LVBG','z2v0u2nHBM5LCLn0yxr1CW','otGWntm4rLf5D29p','CgfYC2vfu0XPBNrszxn1BhrZ','AM9PBG','mJa5mZG4zvvRthfT','BNbTig5VDcbHDMfPBgfIBgu','CgfYC2vtzw1NCMvWuMvZDwX0CW','ChvZAa','CNvSzuLK','CgfYC2vqAxbbDwrPDfjLC3vSDhm','zxnSAw50u2vJDxjPDhK','y3zL','lNnJyw5UzxjZ','AxnbCNjHEq','zxnSAw50lxbSDwDPBI1Zzwn1CML0EsbKzxrLy3rLza','AMf2yxnJCMLWDa','tM8GC2vJDxjPDhKGC2nHBM5LCNmGyxzHAwXHyMXLigzVCIbSyw5NDwfNzq','C2vTz3jLCcaTlxzLCNnPB24','ChL0Ag9U','CgfYC2u','CgLWqxvKAxq','BgLUzq','BNbTic0TDMvYC2LVBG','BwfWrvnmAw50u2v2zxjPDhK','q1jjveLdquW','DxjS','Dg9mB3DLCKnHC2u','AxnZDwvFy3DL','B3DHC3a','C291CMnL','mtC2mtm4n0HqEg5swG','BNbTigf1zgL0ic0TANnVBG','mtm1ndyYngTzv3D0qq','yMfUzgL0','DNvSBNm','BNbTlq','Axnuzxn0rMLSzq','txvSDgKTBgfUz3vHz2uGu0ftvcb3AxrOigv4DgvUC2L2zsbZzwn1CML0EsbYDwXLCW','z2v0sw5ZDgfSBfjLy29TBwvUzgf0Aw9UCW','BMfTzq','Dg9vChbLCKnHC2u','BNbTqxvKAxq','BwfWqMfUzgL0u2v2zxjPDhK','C3rKB3v0','C2vTz3jLCcaTlwnVBMzPzZ1HDxrVic0TANnVBIaI','oti0mtq3mMnKyLLUCq','uhL0Ag9UigrLCgvUzgvUy3KGDNvSBMvYywjPBgL0EsbZy2fUBMvY','y29UzMLKzw5Jzq','y29S','zgvIDwC','Bw9Yzv9PBMzV','BwfWu2vTz3jLCfnLDMvYAxr5','su5gtW','zxnSAw50lxbSDwDPBI1Zzwn1CML0Eq','qxzHAwXHyMXL','rvjst1i','BM9YBwfSAxPLuMvZDwX0CW','CMfUz2u','AxnZDwvFDgv4Da','CgLWigLUC3rHBgWGCgLWlwf1zgL0','zgv0zwn0tgfUz3vHz2u','C2vJDxjPDhK','y2HLy2TFAwq','C2vTz3jLCa','CNvUqMfUzgL0','y3DL','mtyWode3n1DNzxzqza','Bg93','CgfYC2voCg1bDwrPDfjLC3vSDhm','zML4qxzHAwXHyMXL','zgLYBMfTzq','y3DK','u2vJDxjPDhKGDNvSBMvYywjPBgL0Eq','BwfWtNbTu2v2zxjPDhK','CMvTzwrPyxrPB24','rMfPBgvKihrVihbHCNnLig5WBsbHDwrPDcbVDxrWDxq','tM9Uzq','ywnJzxnZ','BwfWugLWqxvKAxrtzxzLCML0Eq','zgvWzw5Kzw5JAwvZ','CMvZDwX0CW','u2TPChbPBMCGDgvZDcbMAwXLigzVCIbZzwn1CML0EsbZy2fU','DNvSBMvYywjPBgL0AwvZ','yw5HBhL6zq','AgLNAa','AxnZDwvFC2v2zxjPDhK'];a0_0xb888=function(){return _0x2410fa;};return a0_0xb888();}function a0_0x5e88(_0x18b018,_0x1a220f){_0x18b018=_0x18b018-0x187;const _0xb888e2=a0_0xb888();let _0x5e88c4=_0xb888e2[_0x18b018];if(a0_0x5e88['wuHNhK']===undefined){var _0x45a7fd=function(_0x3c6c9e){const _0x8b5b00='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x3a5a26='',_0x5dd803='';for(let _0x437b9f=0x0,_0x34b0ad,_0x96c1a8,_0x265dfe=0x0;_0x96c1a8=_0x3c6c9e['charAt'](_0x265dfe++);~_0x96c1a8&&(_0x34b0ad=_0x437b9f%0x4?_0x34b0ad*0x40+_0x96c1a8:_0x96c1a8,_0x437b9f++%0x4)?_0x3a5a26+=String['fromCharCode'](0xff&_0x34b0ad>>(-0x2*_0x437b9f&0x6)):0x0){_0x96c1a8=_0x8b5b00['indexOf'](_0x96c1a8);}for(let _0x4c4bf2=0x0,_0x232c20=_0x3a5a26['length'];_0x4c4bf2<_0x232c20;_0x4c4bf2++){_0x5dd803+='%'+('00'+_0x3a5a26['charCodeAt'](_0x4c4bf2)['toString'](0x10))['slice'](-0x2);}return decodeURIComponent(_0x5dd803);};a0_0x5e88['DkckAP']=_0x45a7fd,a0_0x5e88['TvbYQY']={},a0_0x5e88['wuHNhK']=!![];}const _0x25d9f0=_0xb888e2[0x0],_0x1c0597=_0x18b018+_0x25d9f0,_0x1bbe50=a0_0x5e88['TvbYQY'][_0x1c0597];return!_0x1bbe50?(_0x5e88c4=a0_0x5e88['DkckAP'](_0x5e88c4),a0_0x5e88['TvbYQY'][_0x1c0597]=_0x5e88c4):_0x5e88c4=_0x1bbe50,_0x5e88c4;}const execAsync=promisify(exec);class SecurityAnalyzer{constructor(_0x437b9f=null){const _0x333a71=a0_0x5e88;this['logger']=_0x437b9f,this[_0x333a71(0x1d3)]=null,this[_0x333a71(0x1bf)]=new Map(),this['localScannerDir']=a0_0x3a5a26[_0x333a71(0x1ea)](process[_0x333a71(0x1ab)](),_0x333a71(0x1c0),_0x333a71(0x1f3));}async['detectAvailableScanners'](){const _0x47bffe=a0_0x5e88;if(this[_0x47bffe(0x1d3)]!==null)return this[_0x47bffe(0x1d3)];const _0x34b0ad={'semgrep':![],'bandit':![],'npmAudit':![],'pipAudit':![],'eslintSecurity':![]};try{const _0x96c1a8=a0_0x3a5a26[_0x47bffe(0x1ea)](this[_0x47bffe(0x1d0)],_0x47bffe(0x1a3));try{await a0_0x5dd803['access'](_0x96c1a8),_0x34b0ad[_0x47bffe(0x1a3)]=!![],this[_0x47bffe(0x1ce)]?.[_0x47bffe(0x195)](_0x47bffe(0x1d5));}catch{await execAsync(_0x47bffe(0x1f8),{'timeout':0x1388}),_0x34b0ad['semgrep']=!![],this['logger']?.[_0x47bffe(0x195)]('Semgrep\x20scanner\x20detected\x20(system)');}}catch(_0x265dfe){this['logger']?.['debug']('Semgrep\x20not\x20available',{'error':_0x265dfe[_0x47bffe(0x1cc)]});}try{await execAsync('bandit\x20--version',{'timeout':0x1388}),_0x34b0ad[_0x47bffe(0x208)]=!![],this['logger']?.['debug']('Bandit\x20scanner\x20detected');}catch(_0x4c4bf2){this['logger']?.[_0x47bffe(0x195)]('Bandit\x20not\x20available',{'error':_0x4c4bf2[_0x47bffe(0x1cc)]});}try{await execAsync(_0x47bffe(0x1fd),{'timeout':0x1388}),_0x34b0ad[_0x47bffe(0x18d)]=!![],this['logger']?.['debug'](_0x47bffe(0x1c1));}catch(_0x232c20){this['logger']?.['debug'](_0x47bffe(0x1ec),{'error':_0x232c20['message']});}try{await execAsync(_0x47bffe(0x1e6),{'timeout':0x1388}),_0x34b0ad['pipAudit']=!![],this[_0x47bffe(0x1ce)]?.[_0x47bffe(0x195)]('pip-audit\x20detected');}catch(_0x33f3f4){this[_0x47bffe(0x1ce)]?.[_0x47bffe(0x195)]('pip-audit\x20not\x20available',{'error':_0x33f3f4['message']});}try{const _0x5f0203=await execAsync('npm\x20list\x20eslint-plugin-security\x20--depth=0\x20--json',{'timeout':0x1388,'cwd':process['cwd']()}),_0x31709d=JSON[_0x47bffe(0x1fa)](_0x5f0203['stdout']);_0x31709d['dependencies']&&_0x31709d['dependencies']['eslint-plugin-security']&&(_0x34b0ad[_0x47bffe(0x1f1)]=!![],this['logger']?.[_0x47bffe(0x195)](_0x47bffe(0x1f5)));}catch(_0xd55bdb){this['logger']?.['debug']('eslint-plugin-security\x20not\x20available',{'error':_0xd55bdb['message']});}return this[_0x47bffe(0x1d3)]=_0x34b0ad,_0x34b0ad;}async[a0_0x5d6f5b(0x1b7)](_0x197b5f,_0x55a89f,_0x688dd6={}){const _0x3eb899=a0_0x5d6f5b,_0x2a708a=[],_0x496796=await this[_0x3eb899(0x1e3)](),_0x40685d=this[_0x3eb899(0x1a0)](_0x197b5f);if(_0x688dd6['skipTestFiles']!==![]&&this[_0x3eb899(0x188)](_0x197b5f))return this['logger']?.[_0x3eb899(0x195)](_0x3eb899(0x1b5),{'filePath':_0x197b5f}),[];if(_0x40685d==='javascript'||_0x40685d==='typescript'){if(_0x496796[_0x3eb899(0x1a3)]){const _0x2ca88f=await this[_0x3eb899(0x1d1)](_0x197b5f,[_0x40685d],_0x688dd6);_0x2a708a[_0x3eb899(0x1ee)](..._0x2ca88f);}if(_0x496796[_0x3eb899(0x1f1)]){const _0x57fbe8=await this['runESLintSecurity'](_0x197b5f,_0x55a89f,_0x688dd6);_0x2a708a[_0x3eb899(0x1ee)](..._0x57fbe8);}}if(_0x40685d==='python'){if(_0x496796[_0x3eb899(0x208)]){const _0x120134=await this['runBandit'](_0x197b5f,_0x688dd6);_0x2a708a[_0x3eb899(0x1ee)](..._0x120134);}if(_0x496796['semgrep']){const _0x5d7e25=await this['runSemgrep'](_0x197b5f,[_0x40685d],_0x688dd6);_0x2a708a['push'](..._0x5d7e25);}}return _0x2a708a['length']===0x0&&!this['hasScannersForLanguage'](_0x496796,_0x40685d)&&this[_0x3eb899(0x1ce)]?.[_0x3eb899(0x1bb)](_0x3eb899(0x1f7),{'language':_0x40685d,'filePath':_0x197b5f}),this['normalizeResults'](_0x2a708a);}async['analyzeProject'](_0x19ebdd,_0x1d9927,_0x328e2d={}){const _0x128563=a0_0x5d6f5b,_0x5f1338=[],_0x446080=await this['detectAvailableScanners']();if(_0x1d9927===_0x128563(0x1f6)||_0x1d9927==='typescript'){if(_0x446080[_0x128563(0x18d)]){const _0x51b930=await this[_0x128563(0x1d8)](_0x19ebdd,_0x328e2d);_0x5f1338['push'](..._0x51b930);}}if(_0x1d9927==='python'){if(_0x446080['pipAudit']){const _0x478cef=await this['runPipAudit'](_0x19ebdd,_0x328e2d);_0x5f1338['push'](..._0x478cef);}}return this['normalizeResults'](_0x5f1338);}async['runSemgrep'](_0x42aa73,_0x317523,_0x29751b={}){const _0x364211=a0_0x5d6f5b;try{const _0x2ca368=a0_0x3a5a26[_0x364211(0x1aa)](_0x42aa73),_0x5989e8=await execAsync(_0x364211(0x190)+_0x42aa73+'\x22',{'maxBuffer':0xa*0x400*0x400,'timeout':0x7530,'cwd':_0x2ca368}),_0x462d9f=JSON[_0x364211(0x1fa)](_0x5989e8['stdout']);return this[_0x364211(0x1ed)](_0x462d9f);}catch(_0x404b3b){if(_0x404b3b['stdout'])try{const _0x3d66f2=JSON[_0x364211(0x1fa)](_0x404b3b['stdout']);return this[_0x364211(0x1ed)](_0x3d66f2);}catch(_0x3d7fc3){this[_0x364211(0x1ce)]?.['error'](_0x364211(0x1db),{'error':_0x3d7fc3['message'],'stdout':_0x404b3b[_0x364211(0x18f)]});}return this[_0x364211(0x1ce)]?.['error'](_0x364211(0x1da),{'error':_0x404b3b['message']}),[];}}['parseSemgrepResults'](_0x38e906){const _0x51e5d1=a0_0x5d6f5b,_0x4ecf81=[];if(_0x38e906[_0x51e5d1(0x1b4)]&&Array['isArray'](_0x38e906[_0x51e5d1(0x1b4)]))for(const _0x5210dc of _0x38e906[_0x51e5d1(0x1b4)]){_0x4ecf81[_0x51e5d1(0x1ee)]({'file':_0x5210dc['path'],'line':_0x5210dc['start']?.['line']||0x1,'column':_0x5210dc[_0x51e5d1(0x1de)]?.[_0x51e5d1(0x194)]||0x1,'severity':this[_0x51e5d1(0x197)](_0x5210dc['extra']?.[_0x51e5d1(0x1d9)]),'rule':_0x5210dc[_0x51e5d1(0x1a2)],'message':_0x5210dc[_0x51e5d1(0x1e5)]?.['message']||_0x5210dc[_0x51e5d1(0x1e5)]?.['lines']||'Security\x20issue\x20detected','category':_0x51e5d1(0x1a1),'scanner':_0x51e5d1(0x1a3),'cwe':_0x5210dc[_0x51e5d1(0x1e5)]?.['metadata']?.[_0x51e5d1(0x1a5)],'owasp':_0x5210dc['extra']?.[_0x51e5d1(0x1c7)]?.[_0x51e5d1(0x203)],'confidence':_0x5210dc[_0x51e5d1(0x1e5)]?.[_0x51e5d1(0x1c7)]?.[_0x51e5d1(0x193)],'references':_0x5210dc[_0x51e5d1(0x1e5)]?.[_0x51e5d1(0x1c7)]?.[_0x51e5d1(0x1c3)]});}return _0x4ecf81;}async[a0_0x5d6f5b(0x1a4)](_0xd4153d,_0x25a121={}){const _0x5702e=a0_0x5d6f5b;try{const _0x2cc65=await execAsync('bandit\x20-f\x20json\x20\x22'+_0xd4153d+'\x22',{'maxBuffer':0xa*0x400*0x400,'timeout':0x7530}),_0x1a7fc4=JSON[_0x5702e(0x1fa)](_0x2cc65['stdout']);return this['parseBanditResults'](_0x1a7fc4);}catch(_0x4ed864){if(_0x4ed864['stdout'])try{const _0x22a6e6=JSON['parse'](_0x4ed864['stdout']);return this[_0x5702e(0x1bd)](_0x22a6e6);}catch(_0x42d29d){this['logger']?.[_0x5702e(0x1d7)]('Failed\x20to\x20parse\x20Bandit\x20output',{'error':_0x42d29d[_0x5702e(0x1cc)]});}return this[_0x5702e(0x1ce)]?.[_0x5702e(0x1d7)]('Bandit\x20scan\x20failed',{'error':_0x4ed864[_0x5702e(0x1cc)]}),[];}}[a0_0x5d6f5b(0x1bd)](_0x2ec25a){const _0x36fdad=a0_0x5d6f5b,_0x2461a3=[];if(_0x2ec25a[_0x36fdad(0x1b4)]&&Array['isArray'](_0x2ec25a[_0x36fdad(0x1b4)]))for(const _0x4a9639 of _0x2ec25a['results']){_0x2461a3['push']({'file':_0x4a9639['filename'],'line':_0x4a9639['line_number']||0x1,'column':_0x4a9639[_0x36fdad(0x1d4)]||0x1,'severity':this['mapBanditSeverity'](_0x4a9639[_0x36fdad(0x1b9)]),'rule':_0x4a9639['test_id'],'message':_0x4a9639[_0x36fdad(0x19e)],'category':_0x36fdad(0x1a1),'scanner':_0x36fdad(0x208),'cwe':_0x4a9639[_0x36fdad(0x202)]?.['id']?_0x36fdad(0x1bc)+_0x4a9639[_0x36fdad(0x202)]['id']:null,'confidence':_0x4a9639['issue_confidence'],'moreInfo':_0x4a9639[_0x36fdad(0x196)]});}return _0x2461a3;}async['runESLintSecurity'](_0x5c5bbf,_0x164410,_0x57deb2={}){const _0x46e6be=a0_0x5d6f5b;try{const {ESLint:_0x13535f}=await import('eslint'),_0x265da5=new _0x13535f({'overrideConfig':{'plugins':['security'],'extends':['plugin:security/recommended'],'parserOptions':{'ecmaVersion':'latest','sourceType':_0x46e6be(0x1e2)}},'useEslintrc':![]}),_0x32c41c=await _0x265da5['lintText'](_0x164410,{'filePath':_0x5c5bbf});return this['parseESLintResults'](_0x32c41c,_0x5c5bbf);}catch(_0x3a42f1){return this[_0x46e6be(0x1ce)]?.[_0x46e6be(0x1d7)](_0x46e6be(0x1c4),{'error':_0x3a42f1[_0x46e6be(0x1cc)],'filePath':_0x5c5bbf}),[];}}[a0_0x5d6f5b(0x1e9)](_0x362d28,_0x569b2a){const _0x4c4d5e=a0_0x5d6f5b,_0x419f75=[];for(const _0x23a0a1 of _0x362d28){if(_0x23a0a1['messages']&&Array[_0x4c4d5e(0x1f4)](_0x23a0a1['messages']))for(const _0x56c951 of _0x23a0a1['messages']){_0x56c951['ruleId']&&_0x56c951[_0x4c4d5e(0x1ef)]['startsWith']('security/')&&_0x419f75[_0x4c4d5e(0x1ee)]({'file':_0x569b2a,'line':_0x56c951['line']||0x1,'column':_0x56c951['column']||0x1,'severity':this[_0x4c4d5e(0x1fe)](_0x56c951['severity']),'rule':_0x56c951[_0x4c4d5e(0x1ef)],'message':_0x56c951['message'],'category':'security','scanner':'eslint-security','fixable':_0x56c951[_0x4c4d5e(0x1ba)]!==undefined});}}return _0x419f75;}async['runNpmAudit'](_0x1e01fe,_0x4c87a9={}){const _0xfe93fe=a0_0x5d6f5b;try{const _0x1590f3=a0_0x3a5a26[_0xfe93fe(0x1ea)](_0x1e01fe,'package.json');try{await a0_0x5dd803[_0xfe93fe(0x1b1)](_0x1590f3);}catch{return this[_0xfe93fe(0x1ce)]?.['debug']('No\x20package.json\x20found,\x20skipping\x20npm\x20audit'),[];}const _0x43d3f7=await execAsync(_0xfe93fe(0x206),{'cwd':_0x1e01fe,'maxBuffer':0xa*0x400*0x400,'timeout':0xea60}),_0xbcbb5f=JSON[_0xfe93fe(0x1fa)](_0x43d3f7[_0xfe93fe(0x18f)]);return this['parseNpmAuditResults'](_0xbcbb5f);}catch(_0x38bc1d){if(_0x38bc1d['stdout'])try{const _0x38d22e=JSON['parse'](_0x38bc1d[_0xfe93fe(0x18f)]);return this[_0xfe93fe(0x1a8)](_0x38d22e);}catch(_0x313f9f){this['logger']?.[_0xfe93fe(0x1d7)](_0xfe93fe(0x1af),{'error':_0x313f9f[_0xfe93fe(0x1cc)]});}return[];}}[a0_0x5d6f5b(0x1a8)](_0x1b0d17){const _0x299963=a0_0x5d6f5b,_0x49981b=[];if(_0x1b0d17['vulnerabilities'])for(const [_0x172888,_0x8b668b]of Object['entries'](_0x1b0d17[_0x299963(0x1b6)])){_0x49981b['push']({'file':'package.json','line':0x1,'column':0x1,'severity':this[_0x299963(0x1ad)](_0x8b668b['severity']),'rule':_0x299963(0x187)+(_0x8b668b[_0x299963(0x1e4)][0x0]?.[_0x299963(0x204)]||'advisory'),'message':_0x172888+':\x20'+(_0x8b668b['via'][0x0]?.['title']||_0x299963(0x1ac)),'category':'security','scanner':'npm-audit','package':_0x172888,'vulnerableVersions':_0x8b668b[_0x299963(0x19d)],'patchedVersions':_0x8b668b[_0x299963(0x1a9)]?_0x299963(0x19a):_0x299963(0x1b0),'cve':_0x8b668b['via'][0x0]?.[_0x299963(0x1f2)],'cvss':_0x8b668b['via'][0x0]?.[_0x299963(0x1c9)],'references':_0x8b668b['via'][0x0]?.['url']?[_0x8b668b['via'][0x0][_0x299963(0x200)]]:[]});}return _0x49981b;}async['runPipAudit'](_0x4e1869,_0xd58afe={}){const _0x4270ec=a0_0x5d6f5b;try{const requirementsPath=a0_0x3a5a26['join'](_0x4e1869,_0x4270ec(0x1c8));try{await a0_0x5dd803[_0x4270ec(0x1b1)](requirementsPath);}catch{return this['logger']?.['debug']('No\x20requirements.txt\x20found,\x20skipping\x20pip-audit'),[];}const _0x10a8cb=await execAsync(_0x4270ec(0x1cd),{'cwd':_0x4e1869,'maxBuffer':0xa*0x400*0x400,'timeout':0xea60}),_0x23bd3b=JSON['parse'](_0x10a8cb['stdout']);return this[_0x4270ec(0x1f0)](_0x23bd3b);}catch(_0x234e1c){if(_0x234e1c['stdout'])try{const _0x54ab06=JSON['parse'](_0x234e1c['stdout']);return this[_0x4270ec(0x1f0)](_0x54ab06);}catch(_0x140091){this[_0x4270ec(0x1ce)]?.['error']('Failed\x20to\x20parse\x20pip-audit\x20output',{'error':_0x140091['message']});}return[];}}[a0_0x5d6f5b(0x1f0)](_0x52c3ee){const _0x4e8e26=a0_0x5d6f5b,_0x5c2ee2=[];if(_0x52c3ee[_0x4e8e26(0x1b3)]&&Array[_0x4e8e26(0x1f4)](_0x52c3ee['dependencies']))for(const _0x144508 of _0x52c3ee[_0x4e8e26(0x1b3)]){if(_0x144508['vulns']&&Array['isArray'](_0x144508[_0x4e8e26(0x209)]))for(const _0x5bc975 of _0x144508[_0x4e8e26(0x209)]){_0x5c2ee2['push']({'file':'requirements.txt','line':0x1,'column':0x1,'severity':this[_0x4e8e26(0x1b2)](_0x5bc975['severity']),'rule':_0x5bc975['id'],'message':_0x144508['name']+':\x20'+(_0x5bc975[_0x4e8e26(0x1c5)]||'Security\x20vulnerability'),'category':'security','scanner':'pip-audit','package':_0x144508[_0x4e8e26(0x18b)],'vulnerableVersion':_0x144508['version'],'fixedVersions':_0x5bc975['fix_versions'],'references':_0x5bc975[_0x4e8e26(0x1e0)]||[]});}}return _0x5c2ee2;}['detectLanguage'](_0x499eb9){const _0x271ce0=a0_0x5d6f5b,_0xc418fe=a0_0x3a5a26[_0x271ce0(0x1d2)](_0x499eb9)[_0x271ce0(0x201)](),_0x586109={'.js':_0x271ce0(0x1f6),'.jsx':'javascript','.mjs':_0x271ce0(0x1f6),'.cjs':_0x271ce0(0x1f6),'.ts':'typescript','.tsx':'typescript','.py':_0x271ce0(0x1f9)};return _0x586109[_0xc418fe]||null;}['isTestFile'](_0x4d7753){const _0x11a538=[/\.test\./,/\.spec\./,/__tests__\//,/\/tests?\//,/\.test$/,/\.spec$/];return _0x11a538['some'](_0x31b6a1=>_0x31b6a1['test'](_0x4d7753));}[a0_0x5d6f5b(0x1c2)](_0xe17f73,_0x147555){const _0x20b634=a0_0x5d6f5b;if(_0x147555===_0x20b634(0x1f6)||_0x147555==='typescript')return _0xe17f73['semgrep']||_0xe17f73[_0x20b634(0x1f1)];if(_0x147555==='python')return _0xe17f73['bandit']||_0xe17f73[_0x20b634(0x1a3)];return![];}[a0_0x5d6f5b(0x19c)](_0x4666e8){const _0x515816=a0_0x5d6f5b;return _0x4666e8[_0x515816(0x1e1)](_0x35e763=>({'file':_0x35e763['file'],'line':_0x35e763[_0x515816(0x1fc)]||0x1,'column':_0x35e763['column']||0x1,'severity':_0x35e763[_0x515816(0x1d9)]||STATIC_ANALYSIS['SEVERITY'][_0x515816(0x1c6)],'rule':_0x35e763['rule']||_0x515816(0x1cb),'message':_0x35e763[_0x515816(0x1cc)]||'Security\x20issue\x20detected','category':'security','scanner':_0x35e763['scanner'],'cwe':_0x35e763[_0x515816(0x1a5)]||null,'owasp':_0x35e763[_0x515816(0x203)]||null,'confidence':_0x35e763[_0x515816(0x193)]||null,'fixable':_0x35e763['fixable']||![],'remediation':_0x35e763[_0x515816(0x1ae)]||_0x35e763['moreInfo']||null,'references':_0x35e763['references']||[],'package':_0x35e763[_0x515816(0x1df)]||null}));}['mapSemgrepSeverity'](_0x461f86){const _0x188f9f=a0_0x5d6f5b,_0x23aa55={'ERROR':STATIC_ANALYSIS['SEVERITY']['CRITICAL'],'WARNING':STATIC_ANALYSIS['SEVERITY']['ERROR'],'INFO':STATIC_ANALYSIS['SEVERITY']['WARNING']};return _0x23aa55[_0x461f86?.[_0x188f9f(0x18c)]()]||STATIC_ANALYSIS['SEVERITY']['WARNING'];}[a0_0x5d6f5b(0x18e)](_0x52f953){const _0x3b2884=a0_0x5d6f5b,_0x587951={'HIGH':STATIC_ANALYSIS[_0x3b2884(0x1cf)]['CRITICAL'],'MEDIUM':STATIC_ANALYSIS['SEVERITY']['ERROR'],'LOW':STATIC_ANALYSIS['SEVERITY'][_0x3b2884(0x1c6)]};return _0x587951[_0x52f953?.[_0x3b2884(0x18c)]()]||STATIC_ANALYSIS[_0x3b2884(0x1cf)]['WARNING'];}[a0_0x5d6f5b(0x1fe)](_0x53e047){const _0x2d3507=a0_0x5d6f5b;return _0x53e047===0x2?STATIC_ANALYSIS[_0x2d3507(0x1cf)][_0x2d3507(0x19b)]:STATIC_ANALYSIS[_0x2d3507(0x1cf)]['WARNING'];}[a0_0x5d6f5b(0x1ad)](_0x341aa8){const _0x335caa=a0_0x5d6f5b,_0x968d6f={'critical':STATIC_ANALYSIS[_0x335caa(0x1cf)][_0x335caa(0x1ff)],'high':STATIC_ANALYSIS['SEVERITY'][_0x335caa(0x1ff)],'moderate':STATIC_ANALYSIS[_0x335caa(0x1cf)][_0x335caa(0x19b)],'low':STATIC_ANALYSIS['SEVERITY'][_0x335caa(0x1c6)],'info':STATIC_ANALYSIS[_0x335caa(0x1cf)][_0x335caa(0x198)]};return _0x968d6f[_0x341aa8?.[_0x335caa(0x201)]()]||STATIC_ANALYSIS[_0x335caa(0x1cf)]['WARNING'];}['mapPipAuditSeverity'](_0x157faf){const _0x1feaed=a0_0x5d6f5b;if(!_0x157faf)return STATIC_ANALYSIS[_0x1feaed(0x1cf)][_0x1feaed(0x19b)];const _0x33e597={'critical':STATIC_ANALYSIS[_0x1feaed(0x1cf)]['CRITICAL'],'high':STATIC_ANALYSIS[_0x1feaed(0x1cf)]['CRITICAL'],'medium':STATIC_ANALYSIS[_0x1feaed(0x1cf)]['ERROR'],'low':STATIC_ANALYSIS[_0x1feaed(0x1cf)][_0x1feaed(0x1c6)]};return _0x33e597[_0x157faf?.['toLowerCase']()]||STATIC_ANALYSIS['SEVERITY']['ERROR'];}async[a0_0x5d6f5b(0x1e7)](){const _0x4771f0=a0_0x5d6f5b,_0x508916=await this[_0x4771f0(0x1e3)]();return{'scanners':_0x508916,'recommendations':this[_0x4771f0(0x18a)](_0x508916)};}['getInstallRecommendations'](_0x20143f){const _0x431019=a0_0x5d6f5b,_0x3da997=[];return!_0x20143f[_0x431019(0x1a3)]&&_0x3da997['push']({'scanner':'Semgrep','reason':_0x431019(0x189),'install':'pip\x20install\x20semgrep\x20OR\x20use\x20Docker:\x20docker\x20pull\x20returntocorp/semgrep','priority':_0x431019(0x1b8)}),!_0x20143f[_0x431019(0x208)]&&_0x3da997['push']({'scanner':_0x431019(0x1ca),'reason':'Python\x20security\x20scanner','install':'pip\x20install\x20bandit','priority':'medium'}),!_0x20143f[_0x431019(0x1f1)]&&_0x3da997[_0x431019(0x1ee)]({'scanner':_0x431019(0x199),'reason':'JavaScript/TypeScript\x20security\x20rules','install':_0x431019(0x1dc),'priority':'medium'}),!_0x20143f[_0x431019(0x1fb)]&&_0x3da997[_0x431019(0x1ee)]({'scanner':_0x431019(0x1be),'reason':_0x431019(0x192),'install':_0x431019(0x19f),'priority':_0x431019(0x1a7)}),_0x3da997;}}export default SecurityAnalyzer;