@loxia-labs/loxia-autopilot-one 1.0.1 → 1.0.4

package/src/analyzers/SecurityAnalyzer.js

@@ -1,729 +1 @@
-/**
- * SecurityAnalyzer - Professional security scanning using external tools
- *
- * Uses industry-standard security scanners:
- * - Semgrep: Multi-language SAST
- * - Bandit: Python security scanner
- * - ESLint Security Plugin: JavaScript/TypeScript security
- * - npm audit: Node.js dependency vulnerabilities
- * - pip-audit: Python dependency vulnerabilities
- */
-
-import { exec } from 'child_process';
-import { promisify } from 'util';
-import path from 'path';
-import fs from 'fs/promises';
-import { STATIC_ANALYSIS } from '../utilities/constants.js';
-
-const execAsync = promisify(exec);
-
-class SecurityAnalyzer {
-  constructor(logger = null) {
-    this.logger = logger;
-    this.availableScanners = null;
-    this.scannerCache = new Map(); // Cache scanner availability checks
-
-    // Path to locally installed scanners (from postinstall script)
-    this.localScannerDir = path.join(process.cwd(), 'node_modules', '.scanners');
-  }
-
-  /**
-   * Detect which security scanners are available on the system
-   * @returns {Promise<Object>} Available scanners
-   */
-  async detectAvailableScanners() {
-    // Return cached result if available
-    if (this.availableScanners !== null) {
-      return this.availableScanners;
-    }
-
-    const available = {
-      semgrep: false,
-      bandit: false,
-      npmAudit: false,
-      pipAudit: false,
-      eslintSecurity: false
-    };
-
-    // Check for Semgrep (local first, then system)
-    try {
-      const localSemgrep = path.join(this.localScannerDir, 'semgrep');
-      try {
-        await fs.access(localSemgrep);
-        available.semgrep = true;
-        this.logger?.debug('Semgrep scanner detected (local)');
-      } catch {
-        await execAsync('semgrep --version', { timeout: 5000 });
-        available.semgrep = true;
-        this.logger?.debug('Semgrep scanner detected (system)');
-      }
-    } catch (error) {
-      this.logger?.debug('Semgrep not available', { error: error.message });
-    }
-
-    // Check for Bandit
-    try {
-      await execAsync('bandit --version', { timeout: 5000 });
-      available.bandit = true;
-      this.logger?.debug('Bandit scanner detected');
-    } catch (error) {
-      this.logger?.debug('Bandit not available', { error: error.message });
-    }
-
-    // Check for npm (npm audit is built-in)
-    try {
-      await execAsync('npm --version', { timeout: 5000 });
-      available.npmAudit = true;
-      this.logger?.debug('npm audit available');
-    } catch (error) {
-      this.logger?.debug('npm not available', { error: error.message });
-    }
-
-    // Check for pip-audit
-    try {
-      await execAsync('pip-audit --version', { timeout: 5000 });
-      available.pipAudit = true;
-      this.logger?.debug('pip-audit detected');
-    } catch (error) {
-      this.logger?.debug('pip-audit not available', { error: error.message });
-    }
-
-    // Check for eslint-plugin-security
-    try {
-      // Check if the package is installed
-      const result = await execAsync('npm list eslint-plugin-security --depth=0 --json', {
-        timeout: 5000,
-        cwd: process.cwd()
-      });
-      const parsed = JSON.parse(result.stdout);
-      if (parsed.dependencies && parsed.dependencies['eslint-plugin-security']) {
-        available.eslintSecurity = true;
-        this.logger?.debug('eslint-plugin-security detected');
-      }
-    } catch (error) {
-      this.logger?.debug('eslint-plugin-security not available', { error: error.message });
-    }
-
-    this.availableScanners = available;
-    return available;
-  }
-
-  /**
-   * Analyze a file for security vulnerabilities
-   * @param {string} filePath - Path to file
-   * @param {string} content - File content
-   * @param {Object} options - Analysis options
-   * @returns {Promise<Array>} Security issues found
-   */
-  async analyze(filePath, content, options = {}) {
-    const issues = [];
-    const available = await this.detectAvailableScanners();
-    const language = this.detectLanguage(filePath);
-
-    // Skip test files if requested
-    if (options.skipTestFiles !== false && this.isTestFile(filePath)) {
-      this.logger?.debug('Skipping test file for security scan', { filePath });
-      return [];
-    }
-
-    // Run appropriate scanners based on language
-    if (language === 'javascript' || language === 'typescript') {
-      // Run Semgrep for JS/TS
-      if (available.semgrep) {
-        const semgrepIssues = await this.runSemgrep(filePath, [language], options);
-        issues.push(...semgrepIssues);
-      }
-
-      // Run ESLint Security Plugin
-      if (available.eslintSecurity) {
-        const eslintIssues = await this.runESLintSecurity(filePath, content, options);
-        issues.push(...eslintIssues);
-      }
-    }
-
-    if (language === 'python') {
-      // Run Bandit for Python
-      if (available.bandit) {
-        const banditIssues = await this.runBandit(filePath, options);
-        issues.push(...banditIssues);
-      }
-
-      // Run Semgrep for Python
-      if (available.semgrep) {
-        const semgrepIssues = await this.runSemgrep(filePath, [language], options);
-        issues.push(...semgrepIssues);
-      }
-    }
-
-    // If no scanners available, return informative message
-    if (issues.length === 0 && !this.hasScannersForLanguage(available, language)) {
-      this.logger?.warn('No security scanners available for language', { language, filePath });
-    }
-
-    return this.normalizeResults(issues);
-  }
-
-  /**
-   * Analyze a project directory for security vulnerabilities
-   * @param {string} projectDir - Project directory path
-   * @param {string} language - Primary language to scan
-   * @param {Object} options - Analysis options
-   * @returns {Promise<Array>} Security issues found
-   */
-  async analyzeProject(projectDir, language, options = {}) {
-    const issues = [];
-    const available = await this.detectAvailableScanners();
-
-    // Run dependency scanners
-    if (language === 'javascript' || language === 'typescript') {
-      if (available.npmAudit) {
-        const npmIssues = await this.runNpmAudit(projectDir, options);
-        issues.push(...npmIssues);
-      }
-    }
-
-    if (language === 'python') {
-      if (available.pipAudit) {
-        const pipIssues = await this.runPipAudit(projectDir, options);
-        issues.push(...pipIssues);
-      }
-    }
-
-    return this.normalizeResults(issues);
-  }
-
-  /**
-   * Run Semgrep scanner
-   * @private
-   */
-  async runSemgrep(filePath, languages, options = {}) {
-    try {
-      const dir = path.dirname(filePath);
-      const result = await execAsync(
-        `semgrep --config=auto --json "${filePath}"`,
-        {
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 30000,
-          cwd: dir
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parseSemgrepResults(output);
-    } catch (error) {
-      // Semgrep exits with non-zero if issues found, check stdout
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parseSemgrepResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse Semgrep output', {
-            error: parseError.message,
-            stdout: error.stdout
-          });
-        }
-      }
-      this.logger?.error('Semgrep scan failed', { error: error.message });
-      return [];
-    }
-  }
-
-  /**
-   * Parse Semgrep results
-   * @private
-   */
-  parseSemgrepResults(output) {
-    const issues = [];
-
-    if (output.results && Array.isArray(output.results)) {
-      for (const result of output.results) {
-        issues.push({
-          file: result.path,
-          line: result.start?.line || 1,
-          column: result.start?.col || 1,
-          severity: this.mapSemgrepSeverity(result.extra?.severity),
-          rule: result.check_id,
-          message: result.extra?.message || result.extra?.lines || 'Security issue detected',
-          category: 'security',
-          scanner: 'semgrep',
-          cwe: result.extra?.metadata?.cwe,
-          owasp: result.extra?.metadata?.owasp,
-          confidence: result.extra?.metadata?.confidence,
-          references: result.extra?.metadata?.references
-        });
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run Bandit scanner for Python
-   * @private
-   */
-  async runBandit(filePath, options = {}) {
-    try {
-      const result = await execAsync(
-        `bandit -f json "${filePath}"`,
-        {
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 30000
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parseBanditResults(output);
-    } catch (error) {
-      // Bandit exits with non-zero if issues found
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parseBanditResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse Bandit output', {
-            error: parseError.message
-          });
-        }
-      }
-      this.logger?.error('Bandit scan failed', { error: error.message });
-      return [];
-    }
-  }
-
-  /**
-   * Parse Bandit results
-   * @private
-   */
-  parseBanditResults(output) {
-    const issues = [];
-
-    if (output.results && Array.isArray(output.results)) {
-      for (const result of output.results) {
-        issues.push({
-          file: result.filename,
-          line: result.line_number || 1,
-          column: result.col_offset || 1,
-          severity: this.mapBanditSeverity(result.issue_severity),
-          rule: result.test_id,
-          message: result.issue_text,
-          category: 'security',
-          scanner: 'bandit',
-          cwe: result.issue_cwe?.id ? `CWE-${result.issue_cwe.id}` : null,
-          confidence: result.issue_confidence,
-          moreInfo: result.more_info
-        });
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run ESLint with security plugin
-   * @private
-   */
-  async runESLintSecurity(filePath, content, options = {}) {
-    try {
-      // Use ESLint programmatically
-      const { ESLint } = await import('eslint');
-
-      const eslint = new ESLint({
-        overrideConfig: {
-          plugins: ['security'],
-          extends: ['plugin:security/recommended'],
-          parserOptions: {
-            ecmaVersion: 'latest',
-            sourceType: 'module'
-          }
-        },
-        useEslintrc: false
-      });
-
-      const results = await eslint.lintText(content, { filePath });
-      return this.parseESLintResults(results, filePath);
-    } catch (error) {
-      this.logger?.error('ESLint security scan failed', {
-        error: error.message,
-        filePath
-      });
-      return [];
-    }
-  }
-
-  /**
-   * Parse ESLint security results
-   * @private
-   */
-  parseESLintResults(results, filePath) {
-    const issues = [];
-
-    for (const result of results) {
-      if (result.messages && Array.isArray(result.messages)) {
-        for (const message of result.messages) {
-          // Only include security plugin rules
-          if (message.ruleId && message.ruleId.startsWith('security/')) {
-            issues.push({
-              file: filePath,
-              line: message.line || 1,
-              column: message.column || 1,
-              severity: this.mapESLintSeverity(message.severity),
-              rule: message.ruleId,
-              message: message.message,
-              category: 'security',
-              scanner: 'eslint-security',
-              fixable: message.fix !== undefined
-            });
-          }
-        }
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run npm audit for dependency vulnerabilities
-   * @private
-   */
-  async runNpmAudit(projectDir, options = {}) {
-    try {
-      // Check if package.json exists
-      const packageJsonPath = path.join(projectDir, 'package.json');
-      try {
-        await fs.access(packageJsonPath);
-      } catch {
-        this.logger?.debug('No package.json found, skipping npm audit');
-        return [];
-      }
-
-      const result = await execAsync(
-        'npm audit --json',
-        {
-          cwd: projectDir,
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 60000
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parseNpmAuditResults(output);
-    } catch (error) {
-      // npm audit exits with non-zero if vulnerabilities found
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parseNpmAuditResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse npm audit output', {
-            error: parseError.message
-          });
-        }
-      }
-      return [];
-    }
-  }
-
-  /**
-   * Parse npm audit results
-   * @private
-   */
-  parseNpmAuditResults(output) {
-    const issues = [];
-
-    // npm audit v7+ format
-    if (output.vulnerabilities) {
-      for (const [packageName, vuln] of Object.entries(output.vulnerabilities)) {
-        issues.push({
-          file: 'package.json',
-          line: 1,
-          column: 1,
-          severity: this.mapNpmSeverity(vuln.severity),
-          rule: `npm-${vuln.via[0]?.source || 'advisory'}`,
-          message: `${packageName}: ${vuln.via[0]?.title || 'Security vulnerability'}`,
-          category: 'security',
-          scanner: 'npm-audit',
-          package: packageName,
-          vulnerableVersions: vuln.range,
-          patchedVersions: vuln.fixAvailable ? 'Available' : 'None',
-          cve: vuln.via[0]?.cve,
-          cvss: vuln.via[0]?.cvss,
-          references: vuln.via[0]?.url ? [vuln.via[0].url] : []
-        });
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Run pip-audit for Python dependencies
-   * @private
-   */
-  async runPipAudit(projectDir, options = {}) {
-    try {
-      // Check if requirements.txt exists
-      const requirementsPath = path.join(projectDir, 'requirements.txt');
-      try {
-        await fs.access(requirementsPath);
-      } catch {
-        this.logger?.debug('No requirements.txt found, skipping pip-audit');
-        return [];
-      }
-
-      const result = await execAsync(
-        'pip-audit --format json',
-        {
-          cwd: projectDir,
-          maxBuffer: 10 * 1024 * 1024,
-          timeout: 60000
-        }
-      );
-
-      const output = JSON.parse(result.stdout);
-      return this.parsePipAuditResults(output);
-    } catch (error) {
-      if (error.stdout) {
-        try {
-          const output = JSON.parse(error.stdout);
-          return this.parsePipAuditResults(output);
-        } catch (parseError) {
-          this.logger?.error('Failed to parse pip-audit output', {
-            error: parseError.message
-          });
-        }
-      }
-      return [];
-    }
-  }
-
-  /**
-   * Parse pip-audit results
-   * @private
-   */
-  parsePipAuditResults(output) {
-    const issues = [];
-
-    if (output.dependencies && Array.isArray(output.dependencies)) {
-      for (const dep of output.dependencies) {
-        if (dep.vulns && Array.isArray(dep.vulns)) {
-          for (const vuln of dep.vulns) {
-            issues.push({
-              file: 'requirements.txt',
-              line: 1,
-              column: 1,
-              severity: this.mapPipAuditSeverity(vuln.severity),
-              rule: vuln.id,
-              message: `${dep.name}: ${vuln.description || 'Security vulnerability'}`,
-              category: 'security',
-              scanner: 'pip-audit',
-              package: dep.name,
-              vulnerableVersion: dep.version,
-              fixedVersions: vuln.fix_versions,
-              references: vuln.aliases || []
-            });
-          }
-        }
-      }
-    }
-
-    return issues;
-  }
-
-  /**
-   * Detect language from file extension
-   * @private
-   */
-  detectLanguage(filePath) {
-    const ext = path.extname(filePath).toLowerCase();
-    const languageMap = {
-      '.js': 'javascript',
-      '.jsx': 'javascript',
-      '.mjs': 'javascript',
-      '.cjs': 'javascript',
-      '.ts': 'typescript',
-      '.tsx': 'typescript',
-      '.py': 'python'
-    };
-    return languageMap[ext] || null;
-  }
-
-  /**
-   * Check if file is a test file
-   * @private
-   */
-  isTestFile(filePath) {
-    const testPatterns = [
-      /\.test\./,
-      /\.spec\./,
-      /__tests__\//,
-      /\/tests?\//,
-      /\.test$/,
-      /\.spec$/
-    ];
-    return testPatterns.some(pattern => pattern.test(filePath));
-  }
-
-  /**
-   * Check if scanners are available for a language
-   * @private
-   */
-  hasScannersForLanguage(available, language) {
-    if (language === 'javascript' || language === 'typescript') {
-      return available.semgrep || available.eslintSecurity;
-    }
-    if (language === 'python') {
-      return available.bandit || available.semgrep;
-    }
-    return false;
-  }
-
-  /**
-   * Normalize all scanner results to common format
-   * @private
-   */
-  normalizeResults(results) {
-    return results.map(result => ({
-      file: result.file,
-      line: result.line || 1,
-      column: result.column || 1,
-      severity: result.severity || STATIC_ANALYSIS.SEVERITY.WARNING,
-      rule: result.rule || 'unknown',
-      message: result.message || 'Security issue detected',
-      category: 'security',
-      scanner: result.scanner,
-      cwe: result.cwe || null,
-      owasp: result.owasp || null,
-      confidence: result.confidence || null,
-      fixable: result.fixable || false,
-      remediation: result.remediation || result.moreInfo || null,
-      references: result.references || [],
-      package: result.package || null
-    }));
-  }
-
-  /**
-   * Map Semgrep severity to our standard
-   * @private
-   */
-  mapSemgrepSeverity(severity) {
-    const map = {
-      'ERROR': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'WARNING': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'INFO': STATIC_ANALYSIS.SEVERITY.WARNING
-    };
-    return map[severity?.toUpperCase()] || STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map Bandit severity to our standard
-   * @private
-   */
-  mapBanditSeverity(severity) {
-    const map = {
-      'HIGH': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'MEDIUM': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'LOW': STATIC_ANALYSIS.SEVERITY.WARNING
-    };
-    return map[severity?.toUpperCase()] || STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map ESLint severity to our standard
-   * @private
-   */
-  mapESLintSeverity(severity) {
-    return severity === 2 ? STATIC_ANALYSIS.SEVERITY.ERROR : STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map npm audit severity to our standard
-   * @private
-   */
-  mapNpmSeverity(severity) {
-    const map = {
-      'critical': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'high': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'moderate': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'low': STATIC_ANALYSIS.SEVERITY.WARNING,
-      'info': STATIC_ANALYSIS.SEVERITY.INFO
-    };
-    return map[severity?.toLowerCase()] || STATIC_ANALYSIS.SEVERITY.WARNING;
-  }
-
-  /**
-   * Map pip-audit severity to our standard
-   * @private
-   */
-  mapPipAuditSeverity(severity) {
-    // pip-audit doesn't always provide severity, default to ERROR
-    if (!severity) return STATIC_ANALYSIS.SEVERITY.ERROR;
-
-    const map = {
-      'critical': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'high': STATIC_ANALYSIS.SEVERITY.CRITICAL,
-      'medium': STATIC_ANALYSIS.SEVERITY.ERROR,
-      'low': STATIC_ANALYSIS.SEVERITY.WARNING
-    };
-    return map[severity?.toLowerCase()] || STATIC_ANALYSIS.SEVERITY.ERROR;
-  }
-
-  /**
-   * Get scanner status report
-   * @returns {Promise<Object>} Scanner availability and status
-   */
-  async getScannerStatus() {
-    const available = await this.detectAvailableScanners();
-    return {
-      scanners: available,
-      recommendations: this.getInstallRecommendations(available)
-    };
-  }
-
-  /**
-   * Get installation recommendations for missing scanners
-   * @private
-   */
-  getInstallRecommendations(available) {
-    const recommendations = [];
-
-    if (!available.semgrep) {
-      recommendations.push({
-        scanner: 'Semgrep',
-        reason: 'Multi-language SAST with extensive security rules',
-        install: 'pip install semgrep OR use Docker: docker pull returntocorp/semgrep',
-        priority: 'high'
-      });
-    }
-
-    if (!available.bandit) {
-      recommendations.push({
-        scanner: 'Bandit',
-        reason: 'Python security scanner',
-        install: 'pip install bandit',
-        priority: 'medium'
-      });
-    }
-
-    if (!available.eslintSecurity) {
-      recommendations.push({
-        scanner: 'eslint-plugin-security',
-        reason: 'JavaScript/TypeScript security rules',
-        install: 'npm install --save-dev eslint-plugin-security',
-        priority: 'medium'
-      });
-    }
-
-    if (!available.pipAudit) {
-      recommendations.push({
-        scanner: 'pip-audit',
-        reason: 'Python dependency vulnerability scanner',
-        install: 'pip install pip-audit',
-        priority: 'low'
-      });
-    }
-
-    return recommendations;
-  }
-}
-
-export default SecurityAnalyzer;
+const a0_0x34cbb0=a0_0x4c86;(function(_0x2217a0,_0x121a24){const _0xb4323d=a0_0x4c86,_0x13270a=_0x2217a0();while(!![]){try{const _0x3c4efb=-parseInt(_0xb4323d(0x22a))/0x1+-parseInt(_0xb4323d(0x21b))/0x2+-parseInt(_0xb4323d(0x1c8))/0x3*(parseInt(_0xb4323d(0x228))/0x4)+parseInt(_0xb4323d(0x1f5))/0x5+-parseInt(_0xb4323d(0x1f7))/0x6+parseInt(_0xb4323d(0x1ff))/0x7+-parseInt(_0xb4323d(0x1ee))/0x8*(-parseInt(_0xb4323d(0x1dc))/0x9);if(_0x3c4efb===_0x121a24)break;else _0x13270a['push'](_0x13270a['shift']());}catch(_0x22870e){_0x13270a['push'](_0x13270a['shift']());}}}(a0_0x328e,0x94cb2));import{exec}from'child_process';import{promisify}from'util';import a0_0x18cc67 from'path';import a0_0x2dc2dc from'fs/promises';import{STATIC_ANALYSIS}from'../utilities/constants.js';function a0_0x328e(){const _0x48def3=['y3DL','D2fYBG','CgLWlwf1zgL0ic0TDMvYC2LVBG','C3rKB3v0','ChvZAa','CgfJA2fNzq','ChL0Ag9U','CgfYC2u','mty2otCWohHTDLbgzG','DgL0Bgu','u2vTz3jLCa','y29S','Dg9vChbLCKnHC2u','zgv0zwn0qxzHAwXHyMXLu2nHBM5LCNm','DNvSBMvYywjPBgL0AwvZ','DMLH','CMvTzwrPyxrPB24','u2vTz3jLCcbZy2fUigzHAwXLza','yw5HBhL6zvbYB2PLy3q','BwvZC2fNzq','C3rHCNq','ndbnzKLLyKi','q1Dflq','mZq5ntu3zgLwvw96','BNbTlwf1zgL0','AxnZDwvFC2v2zxjPDhK','AMf2yxnJCMLWDa','BwvZC2fNzxm','CNvUu2vTz3jLCa','CNvUtNbTqxvKAxq','C2vJDxjPDhK','C2vTz3jLCcaTlwnVBMzPzZ1HDxrVic0TANnVBIaI','y29UzMLKzw5Jzq','CgfYC2vqAxbbDwrPDfjLC3vSDhm','DgvZDf9Pza','BwfWrvnmAw50u2v2zxjPDhK','Dg9mB3DLCKnHC2u','zw50CMLLCW','z2v0sw5ZDgfSBfjLy29TBwvUzgf0Aw9UCW','AxnZDwvFy3DL','yMfUzgL0','BM9YBwfSAxPLuMvZDwX0CW','v0fstKLorW','zML4x3zLCNnPB25Z','CgfYC2vcyw5KAxrszxn1BhrZ','u0vwrvjjvfK','C2vTz3jLCcaTlxzLCNnPB24','zgvWzw5Kzw5JAwvZ','CgLWlwf1zgL0igrLDgvJDgvK','mtq1mJCYDfjovM93','u2vJDxjPDhKGDNvSBMvYywjPBgL0Eq','CgfYC2vfu0XPBNrszxn1BhrZ','CgLWlwf1zgL0','y3DK','DxjS','Dw5RBM93BG','CMvXDwLYzw1LBNrZlNr4Da','yMfUzgL0ic1MigPZB24GiG','yxzHAwXHyMXLu2nHBM5LCNm','BgLUzq','BwfWugLWqxvKAxrtzxzLCML0Eq','u2vJDxjPDhKGAxnZDwuGzgv0zwn0zwq','CgLWqxvKAxq','B3DHC3a','zxnSAw50lxbSDwDPBI1Zzwn1CML0EsbKzxrLy3rLza','zML4','C2v2zxjPDhK','Bwv0ywrHDge','qMfUzgL0','mta3mwrjruvLrq','BMfTzq','tM8GC2vJDxjPDhKGC2nHBM5LCNmGyxzHAwXHyMXLigzVCIbSyw5NDwfNzq','Bg9Nz2vY','BwfWqMfUzgL0u2v2zxjPDhK','u2vTz3jLCcbZy2fUBMvYigrLDgvJDgvKicHZExn0zw0P','zxjYB3i','ywnJzxnZ','CNvUugLWqxvKAxq','zxnSAw50lxnLy3vYAxr5','CNvUqMfUzgL0','AxnbCNjHEq','AgfZu2nHBM5LCNngB3jmyw5NDwfNzq','CgLWigLUC3rHBgWGC2vTz3jLCcbpuIb1C2uGrg9JA2vYoIbKB2nRzxiGChvSBcbYzxr1CM50B2nVCNaVC2vTz3jLCa','Cgf0Aa','C291CMnL','DNvSBNm','sMf2yvnJCMLWDc9uExbLu2nYAxb0ihnLy3vYAxr5ihj1BgvZ','mtm0ntm2ruf5sM5t','zML4ywjSzq','qMfUzgL0ihnJyw4GzMfPBgvK','C2nHBM5LCG','BNbTigf1zgL0ic0TANnVBG','zgv0zwn0tgfUz3vHz2u','zxH0CMe','mJi4otmXnxL0quDUwq','C2vTz3jLCa','nJe0mJa3nfrruwLMDq','BwvKAxvT','CMvZDwX0CW','CNvUrvnmAw50u2vJDxjPDhK','rvnmAw50ihnLy3vYAxr5ihnJyw4GzMfPBgvK','zxnSAw50lxbSDwDPBI1Zzwn1CML0Eq','u2TPChbPBMCGDgvZDcbMAwXLigzVCIbZzwn1CML0EsbZy2fU','BNbTigf1zgL0igf2ywLSywjSzq','ntG5odKXnfrnthrkrG','qMfUzgL0ihnJyw5UzxiGzgv0zwn0zwq','zgvZy3jPChrPB24','zgLYBMfTzq','AxnZDwvFy29UzMLKzw5Jzq','rMfPBgvKihrVihbHCNnLifnLBwDYzxaGB3v0Chv0','CgfYC2vtzw1NCMvWuMvZDwX0CW','rMfPBgvKihrVihbHCNnLig5WBsbHDwrPDcbVDxrWDxq','AxnZDwvFDgv4Da','zgvIDwC','DhLWzxnJCMLWDa','AM9PBG','CgLWigLUC3rHBgWGyMfUzgL0','q1jjveLdquW','BgLUDfrLEhq','tM8GCgfJA2fNzs5QC29UigzVDw5KlcbZA2LWCgLUzYbUCg0GyxvKAxq','DgvZDa','C2nHBM5LCKnHy2HL','yMfUzgL0ic0TDMvYC2LVBG','CgfJA2fNzs5QC29U'];a0_0x328e=function(){return _0x48def3;};return a0_0x328e();}const execAsync=promisify(exec);function a0_0x4c86(_0x238ed2,_0x4ea9a9){_0x238ed2=_0x238ed2-0x1b1;const _0x328eba=a0_0x328e();let _0x4c86cd=_0x328eba[_0x238ed2];if(a0_0x4c86['lbrQGt']===undefined){var _0x9959f2=function(_0x3076c9){const _0x526e8c='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x18cc67='',_0x2dc2dc='';for(let _0x560191=0x0,_0x2c43ab,_0x360222,_0x3e6165=0x0;_0x360222=_0x3076c9['charAt'](_0x3e6165++);~_0x360222&&(_0x2c43ab=_0x560191%0x4?_0x2c43ab*0x40+_0x360222:_0x360222,_0x560191++%0x4)?_0x18cc67+=String['fromCharCode'](0xff&_0x2c43ab>>(-0x2*_0x560191&0x6)):0x0){_0x360222=_0x526e8c['indexOf'](_0x360222);}for(let _0x3893f2=0x0,_0x42a3ae=_0x18cc67['length'];_0x3893f2<_0x42a3ae;_0x3893f2++){_0x2dc2dc+='%'+('00'+_0x18cc67['charCodeAt'](_0x3893f2)['toString'](0x10))['slice'](-0x2);}return decodeURIComponent(_0x2dc2dc);};a0_0x4c86['cAXagX']=_0x9959f2,a0_0x4c86['rOCZUP']={},a0_0x4c86['lbrQGt']=!![];}const _0x345594=_0x328eba[0x0],_0x3f292c=_0x238ed2+_0x345594,_0x212086=a0_0x4c86['rOCZUP'][_0x3f292c];return!_0x212086?(_0x4c86cd=a0_0x4c86['cAXagX'](_0x4c86cd),a0_0x4c86['rOCZUP'][_0x3f292c]=_0x4c86cd):_0x4c86cd=_0x212086,_0x4c86cd;}class SecurityAnalyzer{constructor(_0x560191=null){const _0x348e84=a0_0x4c86;this[_0x348e84(0x1df)]=_0x560191,this[_0x348e84(0x1d1)]=null,this[_0x348e84(0x210)]=new Map(),this['localScannerDir']=a0_0x18cc67[_0x348e84(0x20a)](process['cwd'](),'node_modules','.scanners');}async[a0_0x34cbb0(0x220)](){const _0xa2496=a0_0x34cbb0;if(this[_0xa2496(0x1d1)]!==null)return this['availableScanners'];const _0x2c43ab={'semgrep':![],'bandit':![],'npmAudit':![],'pipAudit':![],'eslintSecurity':![]};try{const _0x360222=a0_0x18cc67[_0xa2496(0x20a)](this['localScannerDir'],'semgrep');try{await a0_0x2dc2dc['access'](_0x360222),_0x2c43ab[_0xa2496(0x1f6)]=!![],this['logger']?.[_0xa2496(0x208)]('Semgrep\x20scanner\x20detected\x20(local)');}catch{await execAsync(_0xa2496(0x1c5),{'timeout':0x1388}),_0x2c43ab['semgrep']=!![],this['logger']?.['debug'](_0xa2496(0x1e1));}}catch(_0x3e6165){this[_0xa2496(0x1df)]?.[_0xa2496(0x208)]('Semgrep\x20not\x20available',{'error':_0x3e6165[_0xa2496(0x226)]});}try{await execAsync(_0xa2496(0x211),{'timeout':0x1388}),_0x2c43ab[_0xa2496(0x1bf)]=!![],this['logger']?.['debug'](_0xa2496(0x200));}catch(_0x3893f2){this[_0xa2496(0x1df)]?.['debug']('Bandit\x20not\x20available',{'error':_0x3893f2['message']});}try{await execAsync('npm\x20--version',{'timeout':0x1388}),_0x2c43ab['npmAudit']=!![],this['logger']?.['debug'](_0xa2496(0x1fe));}catch(_0x42a3ae){this[_0xa2496(0x1df)]?.['debug']('npm\x20not\x20available',{'error':_0x42a3ae['message']});}try{await execAsync(_0xa2496(0x215),{'timeout':0x1388}),_0x2c43ab['pipAudit']=!![],this['logger']?.['debug'](_0xa2496(0x1c7));}catch(_0x4236f0){this['logger']?.['debug']('pip-audit\x20not\x20available',{'error':_0x4236f0[_0xa2496(0x226)]});}try{const _0x2c10c8=await execAsync('npm\x20list\x20eslint-plugin-security\x20--depth=0\x20--json',{'timeout':0x1388,'cwd':process[_0xa2496(0x1cc)]()}),_0x31d8fb=JSON[_0xa2496(0x21a)](_0x2c10c8['stdout']);_0x31d8fb['dependencies']&&_0x31d8fb[_0xa2496(0x1c6)][_0xa2496(0x1fc)]&&(_0x2c43ab['eslintSecurity']=!![],this['logger']?.[_0xa2496(0x208)](_0xa2496(0x1d7)));}catch(_0x1762f2){this[_0xa2496(0x1df)]?.['debug']('eslint-plugin-security\x20not\x20available',{'error':_0x1762f2['message']});}return this['availableScanners']=_0x2c43ab,_0x2c43ab;}async['analyze'](_0x13176b,_0x192520,_0x398947={}){const _0x350cf5=a0_0x34cbb0,_0x1536fd=[],_0x5e2ec8=await this[_0x350cf5(0x220)](),_0xea5f61=this[_0x350cf5(0x1f3)](_0x13176b);if(_0x398947['skipTestFiles']!==![]&&this['isTestFile'](_0x13176b))return this['logger']?.[_0x350cf5(0x208)](_0x350cf5(0x1fd),{'filePath':_0x13176b}),[];if(_0xea5f61==='javascript'||_0xea5f61==='typescript'){if(_0x5e2ec8['semgrep']){const _0x2acc0f=await this[_0x350cf5(0x1b3)](_0x13176b,[_0xea5f61],_0x398947);_0x1536fd['push'](..._0x2acc0f);}if(_0x5e2ec8['eslintSecurity']){const _0x39ff40=await this['runESLintSecurity'](_0x13176b,_0x192520,_0x398947);_0x1536fd['push'](..._0x39ff40);}}if(_0xea5f61==='python'){if(_0x5e2ec8[_0x350cf5(0x1bf)]){const _0x4179a8=await this[_0x350cf5(0x1e6)](_0x13176b,_0x398947);_0x1536fd['push'](..._0x4179a8);}if(_0x5e2ec8['semgrep']){const _0x274c86=await this['runSemgrep'](_0x13176b,[_0xea5f61],_0x398947);_0x1536fd['push'](..._0x274c86);}}return _0x1536fd['length']===0x0&&!this['hasScannersForLanguage'](_0x5e2ec8,_0xea5f61)&&this[_0x350cf5(0x1df)]?.[_0x350cf5(0x214)](_0x350cf5(0x1de),{'language':_0xea5f61,'filePath':_0x13176b}),this[_0x350cf5(0x1c0)](_0x1536fd);}async[a0_0x34cbb0(0x225)](_0x10f851,_0x3f806b,_0x28e29f={}){const _0x4873bd=a0_0x34cbb0,_0x1176f0=[],_0x3c7270=await this['detectAvailableScanners']();if(_0x3f806b==='javascript'||_0x3f806b===_0x4873bd(0x209)){if(_0x3c7270['npmAudit']){const _0x45dc06=await this[_0x4873bd(0x1b4)](_0x10f851,_0x28e29f);_0x1176f0['push'](..._0x45dc06);}}if(_0x3f806b===_0x4873bd(0x219)){if(_0x3c7270[_0x4873bd(0x1d5)]){const _0x272071=await this[_0x4873bd(0x1e4)](_0x10f851,_0x28e29f);_0x1176f0['push'](..._0x272071);}}return this['normalizeResults'](_0x1176f0);}async['runSemgrep'](_0x4668c4,_0x5367b6,_0x2fedb2={}){const _0x2ab0a4=a0_0x34cbb0;try{const _0x35c0da=a0_0x18cc67[_0x2ab0a4(0x202)](_0x4668c4),_0x355744=await execAsync(_0x2ab0a4(0x1b6)+_0x4668c4+'\x22',{'maxBuffer':0xa*0x400*0x400,'timeout':0x7530,'cwd':_0x35c0da}),_0x6c784e=JSON['parse'](_0x355744[_0x2ab0a4(0x216)]);return this[_0x2ab0a4(0x205)](_0x6c784e);}catch(_0x22c17c){if(_0x22c17c[_0x2ab0a4(0x216)])try{const _0x54474e=JSON['parse'](_0x22c17c[_0x2ab0a4(0x216)]);return this['parseSemgrepResults'](_0x54474e);}catch(_0x177985){this[_0x2ab0a4(0x1df)]?.['error'](_0x2ab0a4(0x204),{'error':_0x177985['message'],'stdout':_0x22c17c['stdout']});}return this[_0x2ab0a4(0x1df)]?.[_0x2ab0a4(0x1e2)](_0x2ab0a4(0x224),{'error':_0x22c17c[_0x2ab0a4(0x226)]}),[];}}[a0_0x34cbb0(0x205)](_0x335e89){const _0x319ef8=a0_0x34cbb0,_0x51e0fa=[];if(_0x335e89['results']&&Array[_0x319ef8(0x1e7)](_0x335e89[_0x319ef8(0x1f9)]))for(const _0x24c657 of _0x335e89[_0x319ef8(0x1f9)]){_0x51e0fa['push']({'file':_0x24c657[_0x319ef8(0x1ea)],'line':_0x24c657[_0x319ef8(0x227)]?.['line']||0x1,'column':_0x24c657[_0x319ef8(0x227)]?.[_0x319ef8(0x21e)]||0x1,'severity':this['mapSemgrepSeverity'](_0x24c657[_0x319ef8(0x1f4)]?.[_0x319ef8(0x1d9)]),'rule':_0x24c657['check_id'],'message':_0x24c657['extra']?.['message']||_0x24c657[_0x319ef8(0x1f4)]?.['lines']||'Security\x20issue\x20detected','category':'security','scanner':_0x319ef8(0x1f6),'cwe':_0x24c657['extra']?.['metadata']?.[_0x319ef8(0x213)],'owasp':_0x24c657[_0x319ef8(0x1f4)]?.['metadata']?.[_0x319ef8(0x1d6)],'confidence':_0x24c657[_0x319ef8(0x1f4)]?.['metadata']?.[_0x319ef8(0x1b7)],'references':_0x24c657['extra']?.[_0x319ef8(0x1da)]?.['references']});}return _0x51e0fa;}async[a0_0x34cbb0(0x1e6)](_0x4f756d,_0x5a8e1f={}){const _0x4c7223=a0_0x34cbb0;try{const _0x4af802=await execAsync(_0x4c7223(0x1d0)+_0x4f756d+'\x22',{'maxBuffer':0xa*0x400*0x400,'timeout':0x7530}),_0x508408=JSON['parse'](_0x4af802['stdout']);return this[_0x4c7223(0x1c3)](_0x508408);}catch(_0x22f453){if(_0x22f453[_0x4c7223(0x216)])try{const _0x55d27e=JSON[_0x4c7223(0x21a)](_0x22f453['stdout']);return this['parseBanditResults'](_0x55d27e);}catch(_0x4bb8f9){this[_0x4c7223(0x1df)]?.['error']('Failed\x20to\x20parse\x20Bandit\x20output',{'error':_0x4bb8f9[_0x4c7223(0x226)]});}return this['logger']?.['error'](_0x4c7223(0x1f0),{'error':_0x22f453[_0x4c7223(0x226)]}),[];}}[a0_0x34cbb0(0x1c3)](_0x2e4087){const _0x5b3750=a0_0x34cbb0,_0xa1d89=[];if(_0x2e4087[_0x5b3750(0x1f9)]&&Array[_0x5b3750(0x1e7)](_0x2e4087[_0x5b3750(0x1f9)]))for(const _0xc833de of _0x2e4087['results']){_0xa1d89['push']({'file':_0xc833de['filename'],'line':_0xc833de['line_number']||0x1,'column':_0xc833de['col_offset']||0x1,'severity':this['mapBanditSeverity'](_0xc833de[_0x5b3750(0x22c)]),'rule':_0xc833de[_0x5b3750(0x1b9)],'message':_0xc833de[_0x5b3750(0x207)],'category':_0x5b3750(0x1b5),'scanner':'bandit','cwe':_0xc833de[_0x5b3750(0x1be)]?.['id']?_0x5b3750(0x229)+_0xc833de['issue_cwe']['id']:null,'confidence':_0xc833de[_0x5b3750(0x203)],'moreInfo':_0xc833de['more_info']});}return _0xa1d89;}async[a0_0x34cbb0(0x1fa)](_0x1d45ab,_0x5a396a,_0x456677={}){const _0x27c57c=a0_0x34cbb0;try{const {ESLint:_0x2d479f}=await import('eslint'),_0x15e3fe=new _0x2d479f({'overrideConfig':{'plugins':['security'],'extends':['plugin:security/recommended'],'parserOptions':{'ecmaVersion':'latest','sourceType':'module'}},'useEslintrc':![]}),_0x2e1b0f=await _0x15e3fe[_0x27c57c(0x20d)](_0x5a396a,{'filePath':_0x1d45ab});return this[_0x27c57c(0x1ca)](_0x2e1b0f,_0x1d45ab);}catch(_0x338b2a){return this[_0x27c57c(0x1df)]?.['error'](_0x27c57c(0x1fb),{'error':_0x338b2a[_0x27c57c(0x226)],'filePath':_0x1d45ab}),[];}}[a0_0x34cbb0(0x1ca)](_0x28708f,_0x394db2){const _0x1e89d9=a0_0x34cbb0,_0x137f8e=[];for(const _0x3344c4 of _0x28708f){if(_0x3344c4[_0x1e89d9(0x1b2)]&&Array[_0x1e89d9(0x1e7)](_0x3344c4[_0x1e89d9(0x1b2)]))for(const _0x2f2681 of _0x3344c4[_0x1e89d9(0x1b2)]){_0x2f2681['ruleId']&&_0x2f2681['ruleId']['startsWith']('security/')&&_0x137f8e['push']({'file':_0x394db2,'line':_0x2f2681['line']||0x1,'column':_0x2f2681['column']||0x1,'severity':this[_0x1e89d9(0x1ba)](_0x2f2681[_0x1e89d9(0x1d9)]),'rule':_0x2f2681['ruleId'],'message':_0x2f2681['message'],'category':'security','scanner':_0x1e89d9(0x1e5),'fixable':_0x2f2681[_0x1e89d9(0x1d8)]!==undefined});}}return _0x137f8e;}async[a0_0x34cbb0(0x1b4)](_0x20f08c,_0x4457ca={}){const _0x25abeb=a0_0x34cbb0;try{const _0x4cf6ac=a0_0x18cc67['join'](_0x20f08c,_0x25abeb(0x212));try{await a0_0x2dc2dc[_0x25abeb(0x1e3)](_0x4cf6ac);}catch{return this[_0x25abeb(0x1df)]?.['debug'](_0x25abeb(0x20e)),[];}const _0x2508ad=await execAsync(_0x25abeb(0x1f2),{'cwd':_0x20f08c,'maxBuffer':0xa*0x400*0x400,'timeout':0xea60}),_0x5384bc=JSON['parse'](_0x2508ad['stdout']);return this['parseNpmAuditResults'](_0x5384bc);}catch(_0x33b992){if(_0x33b992['stdout'])try{const _0x5434a2=JSON['parse'](_0x33b992['stdout']);return this['parseNpmAuditResults'](_0x5434a2);}catch(_0x35798d){this[_0x25abeb(0x1df)]?.[_0x25abeb(0x1e2)](_0x25abeb(0x206),{'error':_0x35798d['message']});}return[];}}['parseNpmAuditResults'](_0x23e32e){const _0x17d303=a0_0x34cbb0,_0x47e85e=[];if(_0x23e32e[_0x17d303(0x221)])for(const [_0x51e213,_0x26d6f2]of Object[_0x17d303(0x1bc)](_0x23e32e[_0x17d303(0x221)])){_0x47e85e[_0x17d303(0x217)]({'file':_0x17d303(0x212),'line':0x1,'column':0x1,'severity':this['mapNpmSeverity'](_0x26d6f2['severity']),'rule':'npm-'+(_0x26d6f2[_0x17d303(0x222)][0x0]?.[_0x17d303(0x1eb)]||'advisory'),'message':_0x51e213+':\x20'+(_0x26d6f2['via'][0x0]?.[_0x17d303(0x21c)]||'Security\x20vulnerability'),'category':_0x17d303(0x1b5),'scanner':_0x17d303(0x22b),'package':_0x51e213,'vulnerableVersions':_0x26d6f2['range'],'patchedVersions':_0x26d6f2['fixAvailable']?'Available':'None','cve':_0x26d6f2['via'][0x0]?.['cve'],'cvss':_0x26d6f2[_0x17d303(0x222)][0x0]?.['cvss'],'references':_0x26d6f2['via'][0x0]?.[_0x17d303(0x1cd)]?[_0x26d6f2[_0x17d303(0x222)][0x0]['url']]:[]});}return _0x47e85e;}async[a0_0x34cbb0(0x1e4)](_0x302807,_0x21e8a0={}){const _0x301cd1=a0_0x34cbb0;try{const requirementsPath=a0_0x18cc67[_0x301cd1(0x20a)](_0x302807,_0x301cd1(0x1cf));try{await a0_0x2dc2dc['access'](requirementsPath);}catch{return this[_0x301cd1(0x1df)]?.[_0x301cd1(0x208)]('No\x20requirements.txt\x20found,\x20skipping\x20pip-audit'),[];}const _0x3aa648=await execAsync('pip-audit\x20--format\x20json',{'cwd':_0x302807,'maxBuffer':0xa*0x400*0x400,'timeout':0xea60}),_0x4b2078=JSON[_0x301cd1(0x21a)](_0x3aa648['stdout']);return this['parsePipAuditResults'](_0x4b2078);}catch(_0x106ec5){if(_0x106ec5[_0x301cd1(0x216)])try{const _0x1fcb2e=JSON[_0x301cd1(0x21a)](_0x106ec5['stdout']);return this['parsePipAuditResults'](_0x1fcb2e);}catch(_0x4f0af1){this[_0x301cd1(0x1df)]?.['error']('Failed\x20to\x20parse\x20pip-audit\x20output',{'error':_0x4f0af1[_0x301cd1(0x226)]});}return[];}}[a0_0x34cbb0(0x1b8)](_0xa8d9fe){const _0x5c1b64=a0_0x34cbb0,_0x354367=[];if(_0xa8d9fe[_0x5c1b64(0x1c6)]&&Array['isArray'](_0xa8d9fe[_0x5c1b64(0x1c6)]))for(const _0x55a4c7 of _0xa8d9fe['dependencies']){if(_0x55a4c7['vulns']&&Array[_0x5c1b64(0x1e7)](_0x55a4c7[_0x5c1b64(0x1ec)]))for(const _0x1bd0e9 of _0x55a4c7[_0x5c1b64(0x1ec)]){_0x354367[_0x5c1b64(0x217)]({'file':_0x5c1b64(0x1cf),'line':0x1,'column':0x1,'severity':this['mapPipAuditSeverity'](_0x1bd0e9[_0x5c1b64(0x1d9)]),'rule':_0x1bd0e9['id'],'message':_0x55a4c7[_0x5c1b64(0x1dd)]+':\x20'+(_0x1bd0e9[_0x5c1b64(0x201)]||_0x5c1b64(0x1c9)),'category':'security','scanner':'pip-audit','package':_0x55a4c7['name'],'vulnerableVersion':_0x55a4c7['version'],'fixedVersions':_0x1bd0e9[_0x5c1b64(0x1c2)],'references':_0x1bd0e9['aliases']||[]});}}return _0x354367;}[a0_0x34cbb0(0x1f3)](_0x4d1604){const _0x3f5e62=a0_0x34cbb0,_0x581ae0=a0_0x18cc67['extname'](_0x4d1604)[_0x3f5e62(0x1bb)](),_0x405414={'.js':_0x3f5e62(0x1b1),'.jsx':_0x3f5e62(0x1b1),'.mjs':'javascript','.cjs':_0x3f5e62(0x1b1),'.ts':_0x3f5e62(0x209),'.tsx':_0x3f5e62(0x209),'.py':_0x3f5e62(0x219)};return _0x405414[_0x581ae0]||null;}['isTestFile'](_0x1768bf){const _0x345761=a0_0x34cbb0,_0x47df78=[/\.test\./,/\.spec\./,/__tests__\//,/\/tests?\//,/\.test$/,/\.spec$/];return _0x47df78['some'](_0x3139c8=>_0x3139c8[_0x345761(0x20f)](_0x1768bf));}[a0_0x34cbb0(0x1e8)](_0x35cce5,_0x67faa5){const _0x21fac3=a0_0x34cbb0;if(_0x67faa5===_0x21fac3(0x1b1)||_0x67faa5==='typescript')return _0x35cce5['semgrep']||_0x35cce5['eslintSecurity'];if(_0x67faa5===_0x21fac3(0x219))return _0x35cce5[_0x21fac3(0x1bf)]||_0x35cce5['semgrep'];return![];}[a0_0x34cbb0(0x1c0)](_0x44b3b0){const _0x5782ea=a0_0x34cbb0;return _0x44b3b0['map'](_0x1f4984=>({'file':_0x1f4984['file'],'line':_0x1f4984[_0x5782ea(0x1d2)]||0x1,'column':_0x1f4984['column']||0x1,'severity':_0x1f4984['severity']||STATIC_ANALYSIS['SEVERITY'][_0x5782ea(0x1c1)],'rule':_0x1f4984['rule']||_0x5782ea(0x1ce),'message':_0x1f4984[_0x5782ea(0x226)]||_0x5782ea(0x1d4),'category':'security','scanner':_0x1f4984[_0x5782ea(0x1f1)],'cwe':_0x1f4984[_0x5782ea(0x213)]||null,'owasp':_0x1f4984['owasp']||null,'confidence':_0x1f4984['confidence']||null,'fixable':_0x1f4984[_0x5782ea(0x1ef)]||![],'remediation':_0x1f4984[_0x5782ea(0x223)]||_0x1f4984['moreInfo']||null,'references':_0x1f4984['references']||[],'package':_0x1f4984[_0x5782ea(0x218)]||null}));}['mapSemgrepSeverity'](_0x29a071){const _0xb3029c=a0_0x34cbb0,_0x14295c={'ERROR':STATIC_ANALYSIS[_0xb3029c(0x1c4)][_0xb3029c(0x20c)],'WARNING':STATIC_ANALYSIS[_0xb3029c(0x1c4)]['ERROR'],'INFO':STATIC_ANALYSIS[_0xb3029c(0x1c4)]['WARNING']};return _0x14295c[_0x29a071?.[_0xb3029c(0x21f)]()]||STATIC_ANALYSIS[_0xb3029c(0x1c4)][_0xb3029c(0x1c1)];}[a0_0x34cbb0(0x1e0)](_0x5c7095){const _0x29420b=a0_0x34cbb0,_0x59aecf={'HIGH':STATIC_ANALYSIS['SEVERITY'][_0x29420b(0x20c)],'MEDIUM':STATIC_ANALYSIS[_0x29420b(0x1c4)]['ERROR'],'LOW':STATIC_ANALYSIS[_0x29420b(0x1c4)][_0x29420b(0x1c1)]};return _0x59aecf[_0x5c7095?.['toUpperCase']()]||STATIC_ANALYSIS['SEVERITY']['WARNING'];}[a0_0x34cbb0(0x1ba)](_0x309e3f){const _0x558943=a0_0x34cbb0;return _0x309e3f===0x2?STATIC_ANALYSIS[_0x558943(0x1c4)]['ERROR']:STATIC_ANALYSIS['SEVERITY']['WARNING'];}['mapNpmSeverity'](_0x17caa3){const _0x56519c=a0_0x34cbb0,_0x4a3dda={'critical':STATIC_ANALYSIS[_0x56519c(0x1c4)][_0x56519c(0x20c)],'high':STATIC_ANALYSIS[_0x56519c(0x1c4)][_0x56519c(0x20c)],'moderate':STATIC_ANALYSIS['SEVERITY']['ERROR'],'low':STATIC_ANALYSIS[_0x56519c(0x1c4)][_0x56519c(0x1c1)],'info':STATIC_ANALYSIS[_0x56519c(0x1c4)]['INFO']};return _0x4a3dda[_0x17caa3?.['toLowerCase']()]||STATIC_ANALYSIS['SEVERITY'][_0x56519c(0x1c1)];}[a0_0x34cbb0(0x1d3)](_0x3ebb9f){const _0x2bc320=a0_0x34cbb0;if(!_0x3ebb9f)return STATIC_ANALYSIS[_0x2bc320(0x1c4)]['ERROR'];const _0x20ccfa={'critical':STATIC_ANALYSIS['SEVERITY'][_0x2bc320(0x20c)],'high':STATIC_ANALYSIS[_0x2bc320(0x1c4)][_0x2bc320(0x20c)],'medium':STATIC_ANALYSIS[_0x2bc320(0x1c4)]['ERROR'],'low':STATIC_ANALYSIS['SEVERITY'][_0x2bc320(0x1c1)]};return _0x20ccfa[_0x3ebb9f?.[_0x2bc320(0x1bb)]()]||STATIC_ANALYSIS[_0x2bc320(0x1c4)]['ERROR'];}async['getScannerStatus'](){const _0x328e04=a0_0x34cbb0,_0x5c0fcd=await this[_0x328e04(0x220)]();return{'scanners':_0x5c0fcd,'recommendations':this[_0x328e04(0x1bd)](_0x5c0fcd)};}[a0_0x34cbb0(0x1bd)](_0x50fdaf){const _0x570a13=a0_0x34cbb0,_0xe4cc2=[];return!_0x50fdaf[_0x570a13(0x1f6)]&&_0xe4cc2[_0x570a13(0x217)]({'scanner':_0x570a13(0x21d),'reason':'Multi-language\x20SAST\x20with\x20extensive\x20security\x20rules','install':_0x570a13(0x1e9),'priority':'high'}),!_0x50fdaf['bandit']&&_0xe4cc2[_0x570a13(0x217)]({'scanner':_0x570a13(0x1db),'reason':'Python\x20security\x20scanner','install':_0x570a13(0x20b),'priority':'medium'}),!_0x50fdaf['eslintSecurity']&&_0xe4cc2[_0x570a13(0x217)]({'scanner':_0x570a13(0x1fc),'reason':_0x570a13(0x1ed),'install':'npm\x20install\x20--save-dev\x20eslint-plugin-security','priority':_0x570a13(0x1f8)}),!_0x50fdaf['pipAudit']&&_0xe4cc2[_0x570a13(0x217)]({'scanner':_0x570a13(0x1cb),'reason':'Python\x20dependency\x20vulnerability\x20scanner','install':'pip\x20install\x20pip-audit','priority':'low'}),_0xe4cc2;}}export default SecurityAnalyzer;