@mcp-guardian/server 0.3.0

package/dist/cli.js

@@ -0,0 +1,216 @@
+#!/usr/bin/env node
+import { Command } from 'commander';
+import chalk from 'chalk';
+import { ConfigParser } from './config-parser.js';
+import { HistoryDatabase } from './database/history-db.js';
+import { ReportGenerator } from './reporter/report-generator.js';
+import { calculateOverallScore } from './utils/scoring.js';
+import { ProxyManager } from './proxy/proxy-manager.js';
+import { createContainer } from './container.js';
+// ── Shared helpers ────────────────────────────────────────────────────
+function loadConfigs(options) {
+    if (options.all) {
+        return ConfigParser.parseAll();
+    }
+    const paths = options.config ? [options.config] : ConfigParser.findConfigPaths();
+    if (paths.length === 0)
+        return { servers: [], sourcePaths: [] };
+    return { servers: ConfigParser.parse(paths[0]), sourcePaths: [paths[0]] };
+}
+function checkAlertThresholds(reports, opts) {
+    if ('failOnCritical' in opts && opts.failOnCritical && reports.some((r) => r.cves.some((c) => c.severity === 'CRITICAL'))) {
+        console.error(chalk.red('\n⚠ Critical CVE(s) detected'));
+        process.exit(1);
+    }
+    if ('failOnSecrets' in opts && opts.failOnSecrets && reports.some((r) => r.secretsFound.length > 0)) {
+        console.error(chalk.red('\n⚠ Hardcoded secrets detected'));
+        process.exit(1);
+    }
+    if (opts.thresholdScore !== undefined) {
+        const below = reports.filter((r) => r.score < opts.thresholdScore);
+        if (below.length > 0) {
+            console.error(chalk.red(`\n⚠ ${below.length} server(s) below score threshold ${opts.thresholdScore}: ${below.map((r) => `${r.serverName} (${r.score})`).join(', ')}`));
+            process.exit(2);
+        }
+    }
+}
+// ── CLI commands ──────────────────────────────────────────────────────
+const program = new Command();
+program
+    .name('mcp-guardian')
+    .description('Security, cost, and health audit for MCP infrastructure')
+    .version('0.3.0');
+program
+    .command('scan')
+    .description('Run security scan on MCP servers')
+    .option('-c, --config <path>', 'Path to an MCP config file')
+    .option('-a, --all', 'Aggregate all discoverable config files')
+    .option('--threshold-score <number>', 'Exit code 2 if any server score drops below threshold', parseInt)
+    .option('--fail-on-critical', 'Exit code 1 if any critical CVE found')
+    .option('--fail-on-secrets', 'Exit code 1 if any hardcoded secrets detected')
+    .action(async (opts) => {
+    const { servers, sourcePaths } = loadConfigs(opts);
+    if (servers.length === 0) {
+        console.error(chalk.yellow('No servers found in config.'));
+        process.exit(0);
+    }
+    if (opts.all && sourcePaths.length > 1) {
+        console.error(chalk.dim(`Aggregated ${sourcePaths.length} configs: ${sourcePaths.join(', ')}`));
+    }
+    else {
+        console.error(chalk.dim(`Using config: ${sourcePaths[0] || 'auto-detected'}`));
+    }
+    const container = createContainer();
+    const reports = await Promise.all(servers.map((s) => container.securityScanner.scanServer(s)));
+    await Promise.all(reports.map((r) => container.db.addSecurityScan(r.serverName, r.score, r.cves.length, r)));
+    container.db.close();
+    console.log(new ReportGenerator().formatSecurityReports(reports));
+    checkAlertThresholds(reports, opts);
+});
+program
+    .command('audit')
+    .description('Audit token costs for MCP servers')
+    .option('-c, --config <path>', 'Path to an MCP config file')
+    .option('-a, --all', 'Aggregate all discoverable config files')
+    .option('-s, --server <name>', 'Filter to a specific server')
+    .option('--threshold-cost <number>', 'Exit code 2 if total cost exceeds threshold (USD)', parseFloat)
+    .action(async (opts) => {
+    const { servers } = loadConfigs(opts);
+    const filtered = opts.server ? servers.filter((s) => s.name === opts.server) : servers;
+    if (filtered.length === 0) {
+        console.error(chalk.yellow('No servers found.'));
+        process.exit(0);
+    }
+    const container = createContainer();
+    const results = await Promise.all(filtered.map((s) => container.costAuditor.auditServer(s)));
+    container.costAuditor.dispose();
+    await Promise.all(results.map((r) => container.db.addCostRecord(r.serverName, r.tokensUsed, r.estimatedCostUSD)));
+    container.db.close();
+    console.log(new ReportGenerator().formatCostReports(results));
+    if (opts.thresholdCost) {
+        const total = results.reduce((s, r) => s + r.estimatedCostUSD, 0);
+        if (total > opts.thresholdCost) {
+            console.error(chalk.red(`\n⚠ Total cost $${total.toFixed(4)} exceeds threshold $${opts.thresholdCost.toFixed(4)}`));
+            process.exit(2);
+        }
+    }
+});
+program
+    .command('health')
+    .description('Check health of MCP servers')
+    .option('-c, --config <path>', 'Path to an MCP config file')
+    .option('-a, --all', 'Aggregate all discoverable config files')
+    .option('-s, --server <name>', 'Filter to a specific server')
+    .option('--threshold-latency <ms>', 'Exit code 2 if any server exceeds latency threshold', parseInt)
+    .option('--fail-on-overload', 'Exit code 1 if any server has tool overload')
+    .action(async (opts) => {
+    const { servers } = loadConfigs(opts);
+    const filtered = opts.server ? servers.filter((s) => s.name === opts.server) : servers;
+    if (filtered.length === 0) {
+        console.error(chalk.yellow('No servers found.'));
+        process.exit(0);
+    }
+    const container = createContainer();
+    const results = await Promise.all(filtered.map((s) => container.healthMonitor.checkServer(s)));
+    await Promise.all(results.map((r) => container.db.addHealthCheck(r.serverName, r.latencyMs, r.successRate > 0.5, r.toolCount)));
+    container.db.close();
+    console.log(new ReportGenerator().formatHealthReports(results));
+    if (opts.failOnOverload && results.some((r) => r.overloadWarning)) {
+        console.error(chalk.red('\n⚠ One or more servers have tool overload'));
+        process.exit(1);
+    }
+    if (opts.thresholdLatency !== undefined) {
+        const slow = results.filter((r) => r.latencyMs > opts.thresholdLatency);
+        if (slow.length > 0) {
+            console.error(chalk.red(`\n⚠ ${slow.length} server(s) exceed ${opts.thresholdLatency}ms latency: ${slow.map((r) => r.serverName).join(', ')}`));
+            process.exit(2);
+        }
+    }
+});
+program
+    .command('report')
+    .description('Generate a full MCP Guardian report')
+    .option('-c, --config <path>', 'Path to an MCP config file')
+    .option('-a, --all', 'Aggregate all discoverable config files')
+    .option('-f, --format <format>', 'Output format: text (default), markdown, or json', 'text')
+    .option('--output <path>', 'Save report to a file instead of stdout')
+    .option('--threshold-score <number>', 'Exit code 2 if overall score drops below threshold', parseInt)
+    .action(async (opts) => {
+    const { servers, sourcePaths } = loadConfigs(opts);
+    if (servers.length === 0) {
+        console.error(chalk.yellow('No servers found in config.'));
+        process.exit(0);
+    }
+    if (opts.all && sourcePaths.length > 1) {
+        console.error(chalk.dim(`Aggregated ${sourcePaths.length} configs: ${sourcePaths.join(', ')}`));
+    }
+    else {
+        console.error(chalk.dim(`Using config: ${sourcePaths[0] || 'auto-detected'}`));
+    }
+    const container = createContainer();
+    const [security, costs, health] = await Promise.all([
+        Promise.all(servers.map((s) => container.securityScanner.scanServer(s))),
+        Promise.all(servers.map((s) => container.costAuditor.auditServer(s))),
+        Promise.all(servers.map((s) => container.healthMonitor.checkServer(s))),
+    ]);
+    container.costAuditor.dispose();
+    await Promise.all([
+        ...security.map((r) => container.db.addSecurityScan(r.serverName, r.score, r.cves.length, r)),
+        ...costs.map((r) => container.db.addCostRecord(r.serverName, r.tokensUsed, r.estimatedCostUSD)),
+        ...health.map((r) => container.db.addHealthCheck(r.serverName, r.latencyMs, r.successRate > 0.5, r.toolCount)),
+    ]);
+    container.db.close();
+    const overallScore = calculateOverallScore(security, health);
+    const configPath = opts.all ? `aggregated (${sourcePaths.length} files)` : (sourcePaths[0] || 'auto-detected');
+    const fullReport = { timestamp: new Date().toISOString(), configPath, security, costs, health, overallScore };
+    const reporter = new ReportGenerator();
+    let output;
+    if (opts.format === 'json')
+        output = JSON.stringify(fullReport, null, 2);
+    else if (opts.format === 'markdown')
+        output = reporter.toMarkdown(fullReport);
+    else
+        output = reporter.formatFullReport(fullReport);
+    if (opts.output) {
+        const fs = await import('fs');
+        fs.writeFileSync(opts.output, output);
+        console.error(chalk.green(`Report saved to ${opts.output}`));
+    }
+    else {
+        console.log(output);
+    }
+    checkAlertThresholds(security, opts);
+});
+program
+    .command('proxy')
+    .description('Start MCP Guardian proxy to capture real token usage data')
+    .option('-c, --config <path>', 'Path to MCP config file')
+    .action(async (opts) => {
+    const paths = opts.config ? [opts.config] : ConfigParser.findConfigPaths();
+    if (paths.length === 0) {
+        console.error(chalk.red('No MCP config files found. Use --config to specify a path.'));
+        process.exit(1);
+    }
+    const servers = ConfigParser.parse(paths[0]);
+    if (servers.length === 0) {
+        console.error(chalk.yellow('No servers found in config.'));
+        process.exit(0);
+    }
+    const db = new HistoryDatabase();
+    const manager = new ProxyManager(db);
+    await manager.startAll(servers);
+    console.error(chalk.green('MCP Guardian proxy running. Press Ctrl+C to stop.'));
+    const cleanup = () => { manager.stopAll(); db.close(); process.exit(0); };
+    process.on('SIGINT', cleanup);
+    process.on('SIGTERM', cleanup);
+    const proxies = manager.getProxies();
+    if (proxies.length > 0) {
+        process.stdin.setEncoding('utf-8');
+        process.stdin.on('data', (chunk) => {
+            for (const proxy of proxies)
+                proxy.handleClientInput(chunk.trim());
+        });
+    }
+});
+program.parse();
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAC3D,OAAO,EAAE,eAAe,EAAE,MAAM,gCAAgC,CAAC;AAEjE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oBAAoB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAsCjD,yEAAyE;AACzE,SAAS,WAAW,CAAC,OAA2C;IAI9D,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,OAAO,YAAY,CAAC,QAAQ,EAAE,CAAC;IACjC,CAAC;IACD,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;IACjF,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE,CAAC;IAChE,OAAO,EAAE,OAAO,EAAE,YAAY,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AAC5E,CAAC;AAED,SAAS,oBAAoB,CAAC,OAAyB,EAAE,IAAiC;IACxF,IAAI,gBAAgB,IAAI,IAAI,IAAI,IAAI,CAAC,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,EAAE,CAAC;QAC1H,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,8BAA8B,CAAC,CAAC,CAAC;QACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,eAAe,IAAI,IAAI,IAAI,IAAI,CAAC,aAAa,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;QACpG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,CAAC,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,IAAI,CAAC,cAAc,KAAK,SAAS,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,cAAe,CAAC,CAAC;QACpE,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,MAAM,oCAAoC,IAAI,CAAC,cAAc,KAAK,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YACvK,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC;AAED,yEAAyE;AACzE,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAC9B,OAAO;KACJ,IAAI,CAAC,cAAc,CAAC;KACpB,WAAW,CAAC,yDAAyD,CAAC;KACtE,OAAO,CAAC,OAAO,CAAC,CAAC;AAEpB,OAAO;KACJ,OAAO,CAAC,MAAM,CAAC;KACf,WAAW,CAAC,kCAAkC,CAAC;KAC/C,MAAM,CAAC,qBAAqB,EAAE,4BAA4B,CAAC;KAC3D,MAAM,CAAC,WAAW,EAAE,yCAAyC,CAAC;KAC9D,MAAM,CAAC,4BAA4B,EAAE,uDAAuD,EAAE,QAAQ,CAAC;KACvG,MAAM,CAAC,oBAAoB,EAAE,uCAAuC,CAAC;KACrE,MAAM,CAAC,mBAAmB,EAAE,+CAA+C,CAAC;KAC5E,MAAM,CAAC,KAAK,EAAE,IAAiB,EAAE,EAAE;IAClC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACnD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAE1G,IAAI,IAAI,CAAC,GAAG,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,WAAW,CAAC,MAAM,aAAa,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;IAClG,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,WAAW,CAAC,CAAC,CAAC,IAAI,eAAe,EAAE,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC;IACpC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/F,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7G,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAErB,OAAO,CAAC,GAAG,CAAC,IAAI,eAAe,EAAE,CAAC,qBAAqB,CAAC,OAAO,CAAC,CAAC,CAAC;IAClE,oBAAoB,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;AACtC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,mCAAmC,CAAC;KAChD,MAAM,CAAC,qBAAqB,EAAE,4BAA4B,CAAC;KAC3D,MAAM,CAAC,WAAW,EAAE,yCAAyC,CAAC;KAC9D,MAAM,CAAC,qBAAqB,EAAE,6BAA6B,CAAC;KAC5D,MAAM,CAAC,2BAA2B,EAAE,mDAAmD,EAAE,UAAU,CAAC;KACpG,MAAM,CAAC,KAAK,EAAE,IAAkB,EAAE,EAAE;IACnC,MAAM,EAAE,OAAO,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IACvF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAEjG,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC;IACpC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7F,SAAS,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;IAChC,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC;IAClH,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAErB,OAAO,CAAC,GAAG,CAAC,IAAI,eAAe,EAAE,CAAC,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC;IAE9D,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,gBAAgB,EAAE,CAAC,CAAC,CAAC;QAClE,IAAI,KAAK,GAAG,IAAI,CAAC,aAAa,EAAE,CAAC;YAC/B,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,mBAAmB,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,uBAAuB,IAAI,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;YACpH,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,6BAA6B,CAAC;KAC1C,MAAM,CAAC,qBAAqB,EAAE,4BAA4B,CAAC;KAC3D,MAAM,CAAC,WAAW,EAAE,yCAAyC,CAAC;KAC9D,MAAM,CAAC,qBAAqB,EAAE,6BAA6B,CAAC;KAC5D,MAAM,CAAC,0BAA0B,EAAE,qDAAqD,EAAE,QAAQ,CAAC;KACnG,MAAM,CAAC,oBAAoB,EAAE,6CAA6C,CAAC;KAC3E,MAAM,CAAC,KAAK,EAAE,IAAmB,EAAE,EAAE;IACpC,MAAM,EAAE,OAAO,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC;IACvF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,mBAAmB,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAEjG,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC;IACpC,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/F,MAAM,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,WAAW,GAAG,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;IAChI,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAErB,OAAO,CAAC,GAAG,CAAC,IAAI,eAAe,EAAE,CAAC,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC;IAEhE,IAAI,IAAI,CAAC,cAAc,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,EAAE,CAAC;QAClE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4CAA4C,CAAC,CAAC,CAAC;QACvE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,IAAI,CAAC,gBAAgB,KAAK,SAAS,EAAE,CAAC;QACxC,MAAM,IAAI,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,IAAI,CAAC,gBAAiB,CAAC,CAAC;QACzE,IAAI,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,MAAM,qBAAqB,IAAI,CAAC,gBAAgB,eAAe,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAChJ,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,QAAQ,CAAC;KACjB,WAAW,CAAC,qCAAqC,CAAC;KAClD,MAAM,CAAC,qBAAqB,EAAE,4BAA4B,CAAC;KAC3D,MAAM,CAAC,WAAW,EAAE,yCAAyC,CAAC;KAC9D,MAAM,CAAC,uBAAuB,EAAE,kDAAkD,EAAE,MAAM,CAAC;KAC3F,MAAM,CAAC,iBAAiB,EAAE,yCAAyC,CAAC;KACpE,MAAM,CAAC,4BAA4B,EAAE,oDAAoD,EAAE,QAAQ,CAAC;KACpG,MAAM,CAAC,KAAK,EAAE,IAAmB,EAAE,EAAE;IACpC,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC;IACnD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAE1G,IAAI,IAAI,CAAC,GAAG,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,WAAW,CAAC,MAAM,aAAa,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;IAClG,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,WAAW,CAAC,CAAC,CAAC,IAAI,eAAe,EAAE,CAAC,CAAC,CAAC;IACjF,CAAC;IAED,MAAM,SAAS,GAAG,eAAe,EAAE,CAAC;IACpC,MAAM,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,eAAe,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC;QACxE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,WAAW,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;QACrE,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC;KACxE,CAAC,CAAC;IACH,SAAS,CAAC,WAAW,CAAC,OAAO,EAAE,CAAC;IAChC,MAAM,OAAO,CAAC,GAAG,CAAC;QAChB,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC7F,GAAG,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,gBAAgB,CAAC,CAAC;QAC/F,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,EAAE,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC,WAAW,GAAG,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC;KAC/G,CAAC,CAAC;IACH,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC;IAErB,MAAM,YAAY,GAAG,qBAAqB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC7D,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,eAAe,WAAW,CAAC,MAAM,SAAS,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,eAAe,CAAC,CAAC;IAC/G,MAAM,UAAU,GAAe,EAAE,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,UAAU,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,YAAY,EAAE,CAAC;IAC1H,MAAM,QAAQ,GAAG,IAAI,eAAe,EAAE,CAAC;IAEvC,IAAI,MAAc,CAAC;IACnB,IAAI,IAAI,CAAC,MAAM,KAAK,MAAM;QAAE,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;SACpE,IAAI,IAAI,CAAC,MAAM,KAAK,UAAU;QAAE,MAAM,GAAG,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;;QACzE,MAAM,GAAG,QAAQ,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC;IAEpD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;QAC9B,EAAE,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QACtC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,mBAAmB,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,oBAAoB,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;AACvC,CAAC,CAAC,CAAC;AAEL,OAAO;KACJ,OAAO,CAAC,OAAO,CAAC;KAChB,WAAW,CAAC,2DAA2D,CAAC;KACxE,MAAM,CAAC,qBAAqB,EAAE,yBAAyB,CAAC;KACxD,MAAM,CAAC,KAAK,EAAE,IAAkB,EAAE,EAAE;IACnC,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,eAAe,EAAE,CAAC;IAC3E,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4DAA4D,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAEpI,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAAC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,6BAA6B,CAAC,CAAC,CAAC;QAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAAC,CAAC;IAE1G,MAAM,EAAE,GAAG,IAAI,eAAe,EAAE,CAAC;IACjC,MAAM,OAAO,GAAG,IAAI,YAAY,CAAC,EAAE,CAAC,CAAC;IACrC,MAAM,OAAO,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC;IAEhC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC,CAAC;IAChF,MAAM,OAAO,GAAG,GAAG,EAAE,GAAG,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAC9B,OAAO,CAAC,EAAE,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAE/B,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IACrC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,KAAK,CAAC,WAAW,CAAC,OAAO,CAAC,CAAC;QACnC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAa,EAAE,EAAE;YACzC,KAAK,MAAM,KAAK,IAAI,OAAO;gBAAE,KAAK,CAAC,iBAAiB,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;QACrE,CAAC,CAAC,CAAC;IACL,CAAC;AACH,CAAC,CAAC,CAAC;AAEL,OAAO,CAAC,KAAK,EAAE,CAAC"}

package/dist/clients/nvd-client.d.ts

@@ -0,0 +1,17 @@
+import { CveFinding } from '../types.js';
+/**
+ * Client for NIST NVD API (https://services.nvd.nist.gov/rest/json/cves/2.0).
+ * Requires an API key for production use (set via NVD_API_KEY env var).
+ */
+export declare class NvdClient {
+    private baseUrl;
+    private apiKey?;
+    constructor(baseUrl?: string);
+    /**
+     * Search for CVEs by keyword (package name, product, etc.).
+     * Returns up to 20 results.
+     */
+    search(keyword: string): Promise<CveFinding[]>;
+    private mapCvssSeverity;
+}
+//# sourceMappingURL=nvd-client.d.ts.map

package/dist/clients/nvd-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"nvd-client.d.ts","sourceRoot":"","sources":["../../src/clients/nvd-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAIzC;;;GAGG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,MAAM,CAAC,CAAS;gBAEZ,OAAO,GAAE,MAA2D;IAKhF;;;OAGG;IACG,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAqCpD,OAAO,CAAC,eAAe;CAOxB"}

package/dist/clients/nvd-client.js

@@ -0,0 +1,64 @@
+import axios from 'axios';
+import { Logger } from '../utils/logger.js';
+import { nvdLimiter, nvdApiKeyLimiter } from '../utils/rate-limiter.js';
+/**
+ * Client for NIST NVD API (https://services.nvd.nist.gov/rest/json/cves/2.0).
+ * Requires an API key for production use (set via NVD_API_KEY env var).
+ */
+export class NvdClient {
+    baseUrl;
+    apiKey;
+    constructor(baseUrl = 'https://services.nvd.nist.gov/rest/json/cves/2.0') {
+        this.baseUrl = baseUrl;
+        this.apiKey = process.env['NVD_API_KEY'];
+    }
+    /**
+     * Search for CVEs by keyword (package name, product, etc.).
+     * Returns up to 20 results.
+     */
+    async search(keyword) {
+        try {
+            const params = {
+                keywordSearch: keyword,
+                resultsPerPage: '20',
+            };
+            const headers = {};
+            if (this.apiKey) {
+                headers['apiKey'] = this.apiKey;
+            }
+            const limiter = this.apiKey ? nvdApiKeyLimiter : nvdLimiter;
+            await limiter.acquire();
+            const response = await axios.get(this.baseUrl, {
+                params,
+                headers,
+                timeout: 15000,
+            });
+            const vulnerabilities = response.data?.vulnerabilities ?? [];
+            return vulnerabilities.map((entry) => {
+                const cve = entry.cve ?? {};
+                const metrics = cve.metrics?.cvssMetricV31?.[0]?.cvssData ?? cve.metrics?.cvssMetricV30?.[0]?.cvssData;
+                return {
+                    id: cve.id ?? 'unknown',
+                    severity: this.mapCvssSeverity(metrics?.baseSeverity ?? 'MEDIUM'),
+                    summary: cve.descriptions?.[0]?.value?.substring(0, 200) ?? 'No description',
+                    fixedVersion: undefined,
+                };
+            });
+        }
+        catch (error) {
+            Logger.warn(`NVD search failed for "${keyword}": ${error?.message ?? 'Unknown error'}`);
+            return [];
+        }
+    }
+    mapCvssSeverity(severity) {
+        const upper = severity.toUpperCase();
+        if (upper === 'CRITICAL')
+            return 'CRITICAL';
+        if (upper === 'HIGH')
+            return 'HIGH';
+        if (upper === 'LOW')
+            return 'LOW';
+        return 'MEDIUM';
+    }
+}
+//# sourceMappingURL=nvd-client.js.map

package/dist/clients/nvd-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"nvd-client.js","sourceRoot":"","sources":["../../src/clients/nvd-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,gBAAgB,EAAE,MAAM,0BAA0B,CAAC;AAExE;;;GAGG;AACH,MAAM,OAAO,SAAS;IACZ,OAAO,CAAS;IAChB,MAAM,CAAU;IAExB,YAAY,UAAkB,kDAAkD;QAC9E,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;IAC3C,CAAC;IAED;;;OAGG;IACH,KAAK,CAAC,MAAM,CAAC,OAAe;QAC1B,IAAI,CAAC;YACH,MAAM,MAAM,GAA2B;gBACrC,aAAa,EAAE,OAAO;gBACtB,cAAc,EAAE,IAAI;aACrB,CAAC;YACF,MAAM,OAAO,GAA2B,EAAE,CAAC;YAC3C,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;gBAChB,OAAO,CAAC,QAAQ,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC;YAClC,CAAC;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC,UAAU,CAAC;YAC5D,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;YAExB,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,EAAE;gBAC7C,MAAM;gBACN,OAAO;gBACP,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YAEH,MAAM,eAAe,GAAG,QAAQ,CAAC,IAAI,EAAE,eAAe,IAAI,EAAE,CAAC;YAC7D,OAAO,eAAe,CAAC,GAAG,CAAC,CAAC,KAAU,EAAE,EAAE;gBACxC,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,IAAI,EAAE,CAAC;gBAC5B,MAAM,OAAO,GAAG,GAAG,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,QAAQ,IAAI,GAAG,CAAC,OAAO,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC;gBACvG,OAAO;oBACL,EAAE,EAAE,GAAG,CAAC,EAAE,IAAI,SAAS;oBACvB,QAAQ,EAAE,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,YAAY,IAAI,QAAQ,CAAC;oBACjE,OAAO,EAAE,GAAG,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,gBAAgB;oBAC5E,YAAY,EAAE,SAAS;iBACxB,CAAC;YACJ,CAAC,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CAAC,0BAA0B,OAAO,MAAM,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE,CAAC,CAAC;YACxF,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAEO,eAAe,CAAC,QAAgB;QACtC,MAAM,KAAK,GAAG,QAAQ,CAAC,WAAW,EAAE,CAAC;QACrC,IAAI,KAAK,KAAK,UAAU;YAAE,OAAO,UAAU,CAAC;QAC5C,IAAI,KAAK,KAAK,MAAM;YAAE,OAAO,MAAM,CAAC;QACpC,IAAI,KAAK,KAAK,KAAK;YAAE,OAAO,KAAK,CAAC;QAClC,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}

package/dist/clients/osv-client.d.ts

@@ -0,0 +1,19 @@
+import { CveFinding } from '../types.js';
+/**
+ * Client for the OSV.dev API (https://api.osv.dev).
+ * Queries known vulnerabilities for open-source packages.
+ */
+export declare class OsvClient {
+    private baseUrl;
+    constructor(baseUrl?: string);
+    /**
+     * Check for known vulnerabilities in a package.
+     * @param packageName - npm package name (e.g. '@modelcontextprotocol/sdk')
+     * @param version - Optional version string
+     * @returns Array of CVE findings
+     */
+    check(packageName: string, version?: string): Promise<CveFinding[]>;
+    private toPurl;
+    private mapSeverity;
+}
+//# sourceMappingURL=osv-client.d.ts.map

package/dist/clients/osv-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"osv-client.d.ts","sourceRoot":"","sources":["../../src/clients/osv-client.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AAIzC;;;GAGG;AACH,qBAAa,SAAS;IACpB,OAAO,CAAC,OAAO,CAAS;gBAEZ,OAAO,GAAE,MAAiC;IAItD;;;;;OAKG;IACG,KAAK,CAAC,WAAW,EAAE,MAAM,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;IAuBzE,OAAO,CAAC,MAAM;IAOd,OAAO,CAAC,WAAW;CAUpB"}

package/dist/clients/osv-client.js

@@ -0,0 +1,60 @@
+import axios from 'axios';
+import { Logger } from '../utils/logger.js';
+import { osvLimiter } from '../utils/rate-limiter.js';
+/**
+ * Client for the OSV.dev API (https://api.osv.dev).
+ * Queries known vulnerabilities for open-source packages.
+ */
+export class OsvClient {
+    baseUrl;
+    constructor(baseUrl = 'https://api.osv.dev/v1') {
+        this.baseUrl = baseUrl;
+    }
+    /**
+     * Check for known vulnerabilities in a package.
+     * @param packageName - npm package name (e.g. '@modelcontextprotocol/sdk')
+     * @param version - Optional version string
+     * @returns Array of CVE findings
+     */
+    async check(packageName, version) {
+        try {
+            await osvLimiter.acquire();
+            // Normalize to purl-compatible format
+            const purl = this.toPurl(packageName, version);
+            const response = await axios.post(`${this.baseUrl}/query`, {
+                package: { purl },
+            }, {
+                timeout: 10000,
+            });
+            const vulns = response.data?.vulns ?? [];
+            return vulns.map((v) => ({
+                id: v.id ?? 'unknown',
+                severity: this.mapSeverity(v.severity),
+                summary: v.summary ?? v.details?.substring(0, 200) ?? 'No description',
+                fixedVersion: v.affected?.[0]?.ranges?.[0]?.events?.find((e) => e.fixed)?.fixed,
+            }));
+        }
+        catch (error) {
+            Logger.warn(`OSV lookup failed for ${packageName}: ${error?.message ?? 'Unknown error'}`);
+            return [];
+        }
+    }
+    toPurl(packageName, version) {
+        // npm purl: pkg:npm/package@version
+        const encoded = encodeURIComponent(packageName);
+        const versionSuffix = version ? `@${encodeURIComponent(version)}` : '';
+        return `pkg:npm/${encoded}${versionSuffix}`;
+    }
+    mapSeverity(severity) {
+        if (!severity)
+            return 'MEDIUM';
+        const map = {
+            CRITICAL: 'CRITICAL',
+            HIGH: 'HIGH',
+            MODERATE: 'MEDIUM',
+            LOW: 'LOW',
+        };
+        return map[severity.toUpperCase()] ?? 'MEDIUM';
+    }
+}
+//# sourceMappingURL=osv-client.js.map

package/dist/clients/osv-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"osv-client.js","sourceRoot":"","sources":["../../src/clients/osv-client.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AAC5C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AAEtD;;;GAGG;AACH,MAAM,OAAO,SAAS;IACZ,OAAO,CAAS;IAExB,YAAY,UAAkB,wBAAwB;QACpD,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IACzB,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,KAAK,CAAC,WAAmB,EAAE,OAAgB;QAC/C,IAAI,CAAC;YACH,MAAM,UAAU,CAAC,OAAO,EAAE,CAAC;YAC3B,sCAAsC;YACtC,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;YAC/C,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,QAAQ,EAAE;gBACzD,OAAO,EAAE,EAAE,IAAI,EAAE;aAClB,EAAE;gBACD,OAAO,EAAE,KAAK;aACf,CAAC,CAAC;YACH,MAAM,KAAK,GAAU,QAAQ,CAAC,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChD,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;gBAC5B,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,SAAS;gBACrB,QAAQ,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,QAAQ,CAAC;gBACtC,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,IAAI,gBAAgB;gBACtE,YAAY,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,KAAK;aACrF,CAAC,CAAC,CAAC;QACN,CAAC;QAAC,OAAO,KAAU,EAAE,CAAC;YACpB,MAAM,CAAC,IAAI,CAAC,yBAAyB,WAAW,KAAK,KAAK,EAAE,OAAO,IAAI,eAAe,EAAE,CAAC,CAAC;YAC1F,OAAO,EAAE,CAAC;QACZ,CAAC;IACH,CAAC;IAEO,MAAM,CAAC,WAAmB,EAAE,OAAgB;QAClD,oCAAoC;QACpC,MAAM,OAAO,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;QAChD,MAAM,aAAa,GAAG,OAAO,CAAC,CAAC,CAAC,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACvE,OAAO,WAAW,OAAO,GAAG,aAAa,EAAE,CAAC;IAC9C,CAAC;IAEO,WAAW,CAAC,QAAiB;QACnC,IAAI,CAAC,QAAQ;YAAE,OAAO,QAAQ,CAAC;QAC/B,MAAM,GAAG,GAA2D;YAClE,QAAQ,EAAE,UAAU;YACpB,IAAI,EAAE,MAAM;YACZ,QAAQ,EAAE,QAAQ;YAClB,GAAG,EAAE,KAAK;SACX,CAAC;QACF,OAAO,GAAG,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,QAAQ,CAAC;IACjD,CAAC;CACF"}

package/dist/clients/pricing-client.d.ts

@@ -0,0 +1,16 @@
+export declare class PricingClient {
+    private prices;
+    constructor();
+    /** Calculate estimated cost for a given number of tokens. */
+    calculateCost(tokens: number, model: string, isOutput?: boolean): number;
+    /** Get the full pricing record for a model, or null if unknown. */
+    getPricingForModel(model: string): {
+        input: number;
+        output: number;
+    } | null;
+    /** List all known model pricing entries. */
+    listModels(): string[];
+    /** Add or update pricing for a model at runtime. */
+    addPricing(model: string, inputCost: number, outputCost: number): void;
+}
+//# sourceMappingURL=pricing-client.d.ts.map

package/dist/clients/pricing-client.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pricing-client.d.ts","sourceRoot":"","sources":["../../src/clients/pricing-client.ts"],"names":[],"mappings":"AA6JA,qBAAa,aAAa;IACxB,OAAO,CAAC,MAAM,CAAoD;;IAOlE,6DAA6D;IAC7D,aAAa,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,GAAE,OAAe,GAAG,MAAM;IAW/E,mEAAmE;IACnE,kBAAkB,CAAC,KAAK,EAAE,MAAM,GAAG;QAAE,KAAK,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,GAAG,IAAI;IAI3E,4CAA4C;IAC5C,UAAU,IAAI,MAAM,EAAE;IAItB,oDAAoD;IACpD,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,IAAI;CAGvE"}

package/dist/clients/pricing-client.js

@@ -0,0 +1,171 @@
+/**
+ * Comprehensive token pricing for all major LLM providers.
+ * Rates per 1M tokens (as of mid-2025).
+ * Override via PRICING_OVERRIDES env var (JSON): {"model-name": {"input": N, "output": N}}
+ */
+const DEFAULT_PRICING_TABLE = {
+    // ── OpenAI ──────────────────────────────────────────
+    'gpt-4o': { input: 5.0, output: 15.0 },
+    'gpt-4o-mini': { input: 0.15, output: 0.6 },
+    'gpt-4.5-preview': { input: 75.0, output: 150.0 },
+    'gpt-4-turbo': { input: 10.0, output: 30.0 },
+    'gpt-4': { input: 30.0, output: 60.0 },
+    'gpt-4-32k': { input: 60.0, output: 120.0 },
+    'gpt-3.5-turbo': { input: 0.5, output: 1.5 },
+    'gpt-3.5-turbo-16k': { input: 3.0, output: 4.0 },
+    'o1': { input: 15.0, output: 60.0 },
+    'o1-mini': { input: 1.1, output: 4.4 },
+    'o3-mini': { input: 1.1, output: 4.4 },
+    'o3': { input: 10.0, output: 40.0 },
+    'o4-mini': { input: 1.1, output: 4.4 },
+    'gpt-4o-realtime-preview': { input: 5.0, output: 20.0 },
+    // ── Anthropic ───────────────────────────────────────
+    'claude-3-5-sonnet': { input: 3.0, output: 15.0 },
+    'claude-3-opus': { input: 15.0, output: 75.0 },
+    'claude-3-sonnet': { input: 3.0, output: 15.0 },
+    'claude-3-haiku': { input: 0.25, output: 1.25 },
+    'claude-3-5-haiku': { input: 0.8, output: 4.0 },
+    'claude-2.1': { input: 8.0, output: 24.0 },
+    'claude-2.0': { input: 8.0, output: 24.0 },
+    'claude-instant': { input: 0.8, output: 2.4 },
+    // ── Google DeepMind ─────────────────────────────────
+    'gemini-2.0-flash': { input: 0.1, output: 0.4 },
+    'gemini-2.0-flash-lite': { input: 0.075, output: 0.3 },
+    'gemini-2.5-pro': { input: 1.25, output: 10.0 },
+    'gemini-2.5-flash': { input: 0.15, output: 0.6 },
+    'gemini-1.5-pro': { input: 1.25, output: 5.0 },
+    'gemini-1.5-flash': { input: 0.075, output: 0.3 },
+    'gemini-1.5-flash-8b': { input: 0.0375, output: 0.15 },
+    'gemini-1.0-pro': { input: 0.5, output: 1.5 },
+    'gemini-1.0-ultra': { input: 0.5, output: 1.5 },
+    'gemma-2-27b': { input: 0.27, output: 0.27 },
+    'gemma-2-9b': { input: 0.1, output: 0.1 },
+    'gemma-3-27b': { input: 0.15, output: 0.15 },
+    // ── DeepSeek ────────────────────────────────────────
+    'deepseek-chat': { input: 0.14, output: 0.28 },
+    'deepseek-reasoner': { input: 0.55, output: 2.19 },
+    'deepseek-v3': { input: 0.27, output: 1.1 },
+    'deepseek-r1': { input: 0.55, output: 2.19 },
+    // ── xAI (Grok) ──────────────────────────────────────
+    'grok-3': { input: 3.0, output: 15.0 },
+    'grok-3-mini': { input: 0.3, output: 0.5 },
+    'grok-2': { input: 2.0, output: 10.0 },
+    'grok-2-vision': { input: 2.0, output: 10.0 },
+    'grok-1.5': { input: 5.0, output: 15.0 },
+    // ── Meta (Llama via Cloud APIs) ─────────────────────
+    'llama-4-maverick': { input: 0.2, output: 0.6 },
+    'llama-4-scout': { input: 0.15, output: 0.4 },
+    'llama-3.3-70b': { input: 0.59, output: 0.79 },
+    'llama-3.1-405b': { input: 2.0, output: 6.0 },
+    'llama-3.1-70b': { input: 0.59, output: 0.79 },
+    'llama-3.1-8b': { input: 0.06, output: 0.06 },
+    'llama-3-70b': { input: 0.59, output: 0.79 },
+    'llama-3-8b': { input: 0.06, output: 0.06 },
+    // ── Mistral ─────────────────────────────────────────
+    'mistral-large': { input: 2.0, output: 6.0 },
+    'mistral-medium': { input: 2.7, output: 8.1 },
+    'mistral-small': { input: 0.2, output: 0.6 },
+    'mistral-nemo': { input: 0.15, output: 0.15 },
+    'mistral-7b': { input: 0.08, output: 0.08 },
+    'mixtral-8x7b': { input: 0.24, output: 0.24 },
+    'mixtral-8x22b': { input: 1.0, output: 1.0 },
+    'codestral': { input: 0.2, output: 0.6 },
+    'pixtral-large': { input: 2.0, output: 6.0 },
+    // ── Cohere ──────────────────────────────────────────
+    'command-r-plus': { input: 2.5, output: 10.0 },
+    'command-r': { input: 0.5, output: 1.5 },
+    'command': { input: 0.5, output: 1.5 },
+    'command-light': { input: 0.3, output: 0.6 },
+    // ── AI21 Labs ───────────────────────────────────────
+    'jamba-1.5-large': { input: 2.0, output: 8.0 },
+    'jamba-1.5-mini': { input: 0.2, output: 0.4 },
+    'jamba-instruct': { input: 0.5, output: 1.5 },
+    // ── Reka ────────────────────────────────────────────
+    'reka-core': { input: 3.0, output: 10.0 },
+    'reka-flash': { input: 0.25, output: 1.0 },
+    'reka-edge': { input: 0.4, output: 1.0 },
+    // ── Amazon (Bedrock) ────────────────────────────────
+    'amazon-titan-text-premier': { input: 0.5, output: 1.5 },
+    'amazon-titan-text-lite': { input: 0.15, output: 0.2 },
+    'amazon-titan-text-express': { input: 0.2, output: 0.6 },
+    'amazon-nova-pro': { input: 2.0, output: 8.0 },
+    'amazon-nova-lite': { input: 0.15, output: 0.4 },
+    'amazon-nova-micro': { input: 0.05, output: 0.1 },
+    // ── Alibaba (Qwen) ──────────────────────────────────
+    'qwen-max': { input: 2.0, output: 6.0 },
+    'qwen-plus': { input: 0.4, output: 1.2 },
+    'qwen-turbo': { input: 0.2, output: 0.4 },
+    'qwen-coder-plus': { input: 0.7, output: 1.4 },
+    'qwen-2.5-72b': { input: 0.58, output: 1.16 },
+    'qwen-2.5-32b': { input: 0.27, output: 0.54 },
+    'qwen-2.5-7b': { input: 0.07, output: 0.07 },
+    // ── Zhipu AI (GLM) ──────────────────────────────────
+    'glm-4-plus': { input: 2.0, output: 6.0 },
+    'glm-4-air': { input: 0.5, output: 1.0 },
+    'glm-4-flash': { input: 0.05, output: 0.1 },
+    // ── 01.AI (Yi) ──────────────────────────────────────
+    'yi-large': { input: 2.0, output: 6.0 },
+    'yi-medium': { input: 0.5, output: 1.0 },
+    'yi-small': { input: 0.1, output: 0.1 },
+    // ── Writer ──────────────────────────────────────────
+    'palmyra-x-004': { input: 3.0, output: 10.0 },
+    'palmyra-med': { input: 0.5, output: 1.5 },
+    // ── Perplexity ──────────────────────────────────────
+    'sonar-pro': { input: 5.0, output: 15.0 },
+    'sonar': { input: 2.0, output: 5.0 },
+    'sonar-reasoning': { input: 3.0, output: 15.0 },
+    // ── HuggingFace ─────────────────────────────────────
+    'zephyr-7b-beta': { input: 0.05, output: 0.05 },
+    'falcon-180b': { input: 1.0, output: 1.0 },
+    'falcon-40b': { input: 0.5, output: 0.5 },
+};
+function loadCustomPricing() {
+    const overrides = process.env['PRICING_OVERRIDES'];
+    if (!overrides)
+        return {};
+    try {
+        const parsed = JSON.parse(overrides);
+        const result = {};
+        for (const [model, rates] of Object.entries(parsed)) {
+            const r = rates;
+            if (typeof r.input === 'number' && typeof r.output === 'number') {
+                result[model] = { input: r.input, output: r.output };
+            }
+        }
+        return result;
+    }
+    catch {
+        return {};
+    }
+}
+export class PricingClient {
+    prices;
+    constructor() {
+        const custom = loadCustomPricing();
+        this.prices = { ...DEFAULT_PRICING_TABLE, ...custom };
+    }
+    /** Calculate estimated cost for a given number of tokens. */
+    calculateCost(tokens, model, isOutput = false) {
+        const price = this.prices[model];
+        if (!price) {
+            // Unknown model — use a conservative default of $10/M input, $30/M output
+            const rate = isOutput ? 30.0 : 10.0;
+            return (tokens / 1_000_000) * rate;
+        }
+        const rate = isOutput ? price.output : price.input;
+        return (tokens / 1_000_000) * rate;
+    }
+    /** Get the full pricing record for a model, or null if unknown. */
+    getPricingForModel(model) {
+        return this.prices[model] ?? null;
+    }
+    /** List all known model pricing entries. */
+    listModels() {
+        return Object.keys(this.prices);
+    }
+    /** Add or update pricing for a model at runtime. */
+    addPricing(model, inputCost, outputCost) {
+        this.prices[model] = { input: inputCost, output: outputCost };
+    }
+}
+//# sourceMappingURL=pricing-client.js.map

package/dist/clients/pricing-client.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"pricing-client.js","sourceRoot":"","sources":["../../src/clients/pricing-client.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,MAAM,qBAAqB,GAAsD;IAC/E,uDAAuD;IACvD,QAAQ,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IACtC,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAC3C,iBAAiB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE;IACjD,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC5C,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IACtC,WAAW,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE;IAC3C,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC5C,mBAAmB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAChD,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IACnC,SAAS,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACtC,SAAS,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACtC,IAAI,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IACnC,SAAS,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACtC,yBAAyB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAEvD,uDAAuD;IACvD,mBAAmB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IACjD,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC9C,iBAAiB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAC/C,gBAAgB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC/C,kBAAkB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC/C,YAAY,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAC1C,YAAY,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAC1C,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAE7C,uDAAuD;IACvD,kBAAkB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC/C,uBAAuB,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE;IACtD,gBAAgB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC/C,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAChD,gBAAgB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAC9C,kBAAkB,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,EAAE;IACjD,qBAAqB,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE;IACtD,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC7C,kBAAkB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC/C,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC5C,YAAY,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACzC,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAE5C,uDAAuD;IACvD,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC9C,mBAAmB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAClD,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAC3C,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAE5C,uDAAuD;IACvD,QAAQ,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IACtC,aAAa,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC1C,QAAQ,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IACtC,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,UAAU,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAExC,uDAAuD;IACvD,kBAAkB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC/C,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAC7C,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC9C,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC7C,eAAe,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC9C,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC5C,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAE3C,uDAAuD;IACvD,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC5C,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC7C,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC5C,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC3C,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC5C,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxC,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAE5C,uDAAuD;IACvD,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAC9C,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxC,SAAS,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACtC,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAE5C,uDAAuD;IACvD,iBAAiB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC9C,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC7C,gBAAgB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAE7C,uDAAuD;IACvD,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IACzC,YAAY,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAC1C,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAExC,uDAAuD;IACvD,2BAA2B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxD,wBAAwB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IACtD,2BAA2B,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxD,iBAAiB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC9C,kBAAkB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAChD,mBAAmB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAEjD,uDAAuD;IACvD,UAAU,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACvC,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxC,YAAY,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACzC,iBAAiB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC9C,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,cAAc,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAE5C,uDAAuD;IACvD,YAAY,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACzC,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxC,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE;IAE3C,uDAAuD;IACvD,UAAU,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACvC,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACxC,UAAU,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAEvC,uDAAuD;IACvD,eAAe,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAC7C,aAAa,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAE1C,uDAAuD;IACvD,WAAW,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IACzC,OAAO,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IACpC,iBAAiB,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE;IAE/C,uDAAuD;IACvD,gBAAgB,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;IAC/C,aAAa,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;IAC1C,YAAY,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,MAAM,EAAE,GAAG,EAAE;CAC1C,CAAC;AAEF,SAAS,iBAAiB;IACxB,MAAM,SAAS,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IACnD,IAAI,CAAC,SAAS;QAAE,OAAO,EAAE,CAAC;IAE1B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACrC,MAAM,MAAM,GAAsD,EAAE,CAAC;QACrE,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;YACpD,MAAM,CAAC,GAAG,KAAgC,CAAC;YAC3C,IAAI,OAAO,CAAC,CAAC,KAAK,KAAK,QAAQ,IAAI,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,EAAE,CAAC;gBAChE,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC;YACvD,CAAC;QACH,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,MAAM,OAAO,aAAa;IAChB,MAAM,CAAoD;IAElE;QACE,MAAM,MAAM,GAAG,iBAAiB,EAAE,CAAC;QACnC,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,qBAAqB,EAAE,GAAG,MAAM,EAAE,CAAC;IACxD,CAAC;IAED,6DAA6D;IAC7D,aAAa,CAAC,MAAc,EAAE,KAAa,EAAE,WAAoB,KAAK;QACpE,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACjC,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,0EAA0E;YAC1E,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YACpC,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,GAAG,IAAI,CAAC;QACrC,CAAC;QACD,MAAM,IAAI,GAAG,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC;QACnD,OAAO,CAAC,MAAM,GAAG,SAAS,CAAC,GAAG,IAAI,CAAC;IACrC,CAAC;IAED,mEAAmE;IACnE,kBAAkB,CAAC,KAAa;QAC9B,OAAO,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC;IACpC,CAAC;IAED,4CAA4C;IAC5C,UAAU;QACR,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAClC,CAAC;IAED,oDAAoD;IACpD,UAAU,CAAC,KAAa,EAAE,SAAiB,EAAE,UAAkB;QAC7D,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IAChE,CAAC;CACF"}