@mneme-ai/core 0.16.0 → 0.18.0

package/dist/forensics/vulnhunt.js

@@ -0,0 +1,217 @@
+const RULES = [
+    // ── CRYPTO ──────────────────────────────────────────────────────────
+    {
+        class: "crypto-weakness",
+        severity: "high",
+        reference: "CWE-327",
+        pattern: /\b(?:MD5|SHA-?1)\s*\(/i,
+        summary: "MD5 / SHA-1 used as a hash function (broken for security)",
+    },
+    {
+        class: "crypto-weakness",
+        severity: "high",
+        reference: "CWE-327",
+        pattern: /\b(?:DES|3DES|RC4|Blowfish)\b/,
+        summary: "Weak / deprecated cipher referenced",
+    },
+    {
+        class: "crypto-weakness",
+        severity: "critical",
+        reference: "CWE-330",
+        pattern: /Math\.random\s*\(\s*\)|new\s+Random\s*\(\s*\)/,
+        summary: "Non-cryptographic RNG used (Math.random / Random) — use crypto.randomBytes",
+    },
+    {
+        class: "crypto-weakness",
+        severity: "high",
+        reference: "CWE-321",
+        pattern: /(?:secret|api[_-]?key|password|token|private[_-]?key)\s*=\s*["'][a-zA-Z0-9+/=_-]{16,}["']/i,
+        summary: "Hardcoded credential / secret in source",
+    },
+    // ── INJECTION ──────────────────────────────────────────────────────
+    {
+        class: "injection-sql",
+        severity: "critical",
+        reference: "CWE-89",
+        pattern: /(?:SELECT|INSERT|UPDATE|DELETE)\s+[^;]*?\$\{[^}]+\}|"\s*SELECT[^"]*"\s*\+\s*\w+|f"\s*SELECT[^"]*\{/i,
+        summary: "SQL string concatenation / interpolation — possible injection",
+    },
+    {
+        class: "injection-shell",
+        severity: "critical",
+        reference: "CWE-78",
+        pattern: /(?:exec|spawn|system|popen|os\.system|subprocess\.\w+)\s*\(\s*[^,)]*(?:\$\{|\+\s*\w|input\(|argv\[)/,
+        summary: "Shell exec with concatenated / interpolated input",
+    },
+    {
+        class: "injection-xss",
+        severity: "high",
+        reference: "CWE-79",
+        pattern: /\bdangerouslySetInnerHTML\b|\binnerHTML\s*=\s*[^"'][^;]+(?:input|req\.|params|body)/,
+        summary: "innerHTML / dangerouslySetInnerHTML with user-controlled data",
+    },
+    {
+        class: "injection-xss",
+        severity: "medium",
+        reference: "CWE-95",
+        pattern: /\beval\s*\(\s*[^"')]*(?:input|req\.|params|body|argv)/,
+        summary: "eval() with user-controlled input",
+    },
+    // ── AUTH FLAWS ─────────────────────────────────────────────────────
+    {
+        class: "auth-flaw",
+        severity: "critical",
+        reference: "CWE-798",
+        pattern: /\b(?:Bearer|Basic)\s+[A-Za-z0-9+/=._-]{16,}/,
+        summary: "Hardcoded bearer / basic auth token",
+    },
+    {
+        class: "auth-flaw",
+        severity: "critical",
+        reference: "CWE-347",
+        pattern: /jwt\.(?:decode|verify)\s*\([^,)]+,\s*null|jwt\.decode\s*\(/i,
+        summary: "JWT decoded without signature verification",
+    },
+    {
+        class: "auth-flaw",
+        severity: "high",
+        reference: "CWE-942",
+        pattern: /Access-Control-Allow-Origin[^;]*\*[^;]*Access-Control-Allow-Credentials\s*:\s*true|cors\s*\(\s*\{\s*origin\s*:\s*["']\*/i,
+        summary: "CORS wildcard origin combined with credentials enabled",
+    },
+    // ── FINANCIAL LOGIC (bank-grade) ──────────────────────────────────
+    {
+        class: "financial-logic",
+        severity: "critical",
+        reference: "CWE-190",
+        pattern: /(?:amount|balance|price|cents|usd|thb|eur)\s*[+\-*]\s*(?:amount|balance|price|cents|usd|thb|eur)/i,
+        summary: "Arithmetic on money-typed names — verify overflow + precision",
+    },
+    {
+        class: "financial-logic",
+        severity: "high",
+        reference: "CWE-682",
+        pattern: /Number\s*\(\s*(?:amount|balance|price|fee|tax)|parseFloat\s*\(\s*(?:amount|balance|price|fee|tax)/i,
+        summary: "Money cast to JS Number — precision loss; use BigInt or money lib",
+    },
+    {
+        class: "financial-logic",
+        severity: "high",
+        reference: "CWE-840",
+        pattern: /amount\s*[<>]=?\s*0\b/i, // We want to see if it's a guard or a flaw
+        summary: "Direct comparison of `amount` to 0 — verify negative-amount handling",
+    },
+    // ── SUPPLY CHAIN ───────────────────────────────────────────────────
+    {
+        class: "supply-chain",
+        severity: "medium",
+        reference: "CWE-1357",
+        pattern: /^\+\s*"[^"]+":\s*"(\^|~)?[0-9]+\.[0-9]+\.[0-9]+(?:-[a-zA-Z0-9.-]+)?",?\s*$/m,
+        summary: "Dependency added or version changed — verify it's locked + scanned",
+    },
+    // ── INFO LEAKAGE ───────────────────────────────────────────────────
+    {
+        class: "info-leakage",
+        severity: "medium",
+        reference: "CWE-209",
+        pattern: /console\.log\s*\([^)]*(?:password|token|secret|key|jwt|cookie|session)/i,
+        summary: "Sensitive value logged to console",
+    },
+    {
+        class: "info-leakage",
+        severity: "high",
+        reference: "CWE-209",
+        pattern: /\b(?:err|error|e)\.stack\b.*?(?:res\.send|res\.json|return)/,
+        summary: "Stack trace exposed to client response",
+    },
+    // ── RACE CONDITIONS ────────────────────────────────────────────────
+    {
+        class: "race-condition",
+        severity: "medium",
+        reference: "CWE-362",
+        pattern: /if\s*\([^)]*await[^)]*\)\s*\{[\s\S]{0,200}?await/,
+        summary: "Check-then-await pattern — possible TOCTOU race",
+    },
+    // ── PRIVILEGE ──────────────────────────────────────────────────────
+    {
+        class: "privilege",
+        severity: "high",
+        reference: "CWE-269",
+        pattern: /\bsetuid\s*\(\s*0\s*\)|\bos\.setuid\s*\(/,
+        summary: "Privilege escalation to root via setuid",
+    },
+];
+const FIX_KEYWORDS = /\b(fix|fixes|fixed|patch|patched|secure|security|cve-?\d+|vuln(?:erability)?|exploit|hotfix)\b/i;
+const SECURITY_SUBJECT = /\b(security|cve-?\d+|vuln|exploit|csrf|xss|sqli|rce|sssrf|xxe|auth\s+bypass)\b/i;
+/**
+ * Scan a set of (commit, diffText) pairs for vulnerability patterns.
+ *
+ * If diff text isn't available, we still scan subject + body — useful
+ * for catching "silent fix" commits (commits whose subject says nothing
+ * but whose diff would have matched).
+ */
+export function huntVulnerabilities(inputs) {
+    const hits = [];
+    const silentFixes = [];
+    for (const { commit, diff } of inputs) {
+        const subjectAndBody = `${commit.subject}\n${commit.body || ""}`;
+        const text = `${subjectAndBody}\n${diff || ""}`;
+        const looksLikeFix = FIX_KEYWORDS.test(subjectAndBody);
+        for (const rule of RULES) {
+            const m = rule.pattern.exec(text);
+            if (!m)
+                continue;
+            // For diff-only rules (additionsOnly), require the matched line to
+            // appear after a leading "+" in a diff context.
+            if (rule.additionsOnly !== false && diff) {
+                const line = extractLineAround(text, m.index);
+                if (line && !line.startsWith("+")) {
+                    continue;
+                }
+            }
+            hits.push({
+                commit,
+                class: rule.class,
+                severity: rule.severity,
+                summary: rule.summary,
+                evidence: truncate(m[0], 200),
+                reference: rule.reference,
+                looksLikeFix,
+            });
+        }
+        // Silent-fix detection: subject looks security-related but didn't
+        // raise any rule hits in the same pass — we still record it because
+        // even a "subject hint" is useful for compliance.
+        if (SECURITY_SUBJECT.test(subjectAndBody)) {
+            silentFixes.push(commit);
+        }
+    }
+    const bySeverity = {
+        info: 0,
+        low: 0,
+        medium: 0,
+        high: 0,
+        critical: 0,
+    };
+    const byClass = {};
+    for (const h of hits) {
+        bySeverity[h.severity] += 1;
+        byClass[h.class] = (byClass[h.class] ?? 0) + 1;
+    }
+    return {
+        hits,
+        bySeverity,
+        byClass,
+        silentFixes,
+        scanned: inputs.length,
+    };
+}
+function extractLineAround(text, index) {
+    const start = text.lastIndexOf("\n", index) + 1;
+    const end = text.indexOf("\n", index);
+    return text.slice(start, end < 0 ? undefined : end);
+}
+function truncate(s, n) {
+    return s.length <= n ? s : s.slice(0, n - 1) + "…";
+}
+//# sourceMappingURL=vulnhunt.js.map

package/dist/forensics/vulnhunt.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vulnhunt.js","sourceRoot":"","sources":["../../src/forensics/vulnhunt.ts"],"names":[],"mappings":"AA6EA,MAAM,KAAK,GAAW;IACpB,uEAAuE;IACvE;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,wBAAwB;QACjC,OAAO,EAAE,2DAA2D;KACrE;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,+BAA+B;QACxC,OAAO,EAAE,qCAAqC;KAC/C;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,+CAA+C;QACxD,OAAO,EAAE,4EAA4E;KACtF;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,4FAA4F;QACrG,OAAO,EAAE,yCAAyC;KACnD;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,qGAAqG;QAC9G,OAAO,EAAE,+DAA+D;KACzE;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,qGAAqG;QAC9G,OAAO,EAAE,mDAAmD;KAC7D;IACD;QACE,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,qFAAqF;QAC9F,OAAO,EAAE,+DAA+D;KACzE;IACD;QACE,KAAK,EAAE,eAAe;QACtB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,QAAQ;QACnB,OAAO,EAAE,uDAAuD;QAChE,OAAO,EAAE,mCAAmC;KAC7C;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,6CAA6C;QACtD,OAAO,EAAE,qCAAqC;KAC/C;IACD;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,6DAA6D;QACtE,OAAO,EAAE,4CAA4C;KACtD;IACD;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,0HAA0H;QACnI,OAAO,EAAE,wDAAwD;KAClE;IAED,qEAAqE;IACrE;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,mGAAmG;QAC5G,OAAO,EAAE,+DAA+D;KACzE;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,oGAAoG;QAC7G,OAAO,EAAE,mEAAmE;KAC7E;IACD;QACE,KAAK,EAAE,iBAAiB;QACxB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,wBAAwB,EAAE,2CAA2C;QAC9E,OAAO,EAAE,sEAAsE;KAChF;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,UAAU;QACrB,OAAO,EAAE,6EAA6E;QACtF,OAAO,EAAE,oEAAoE;KAC9E;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,yEAAyE;QAClF,OAAO,EAAE,mCAAmC;KAC7C;IACD;QACE,KAAK,EAAE,cAAc;QACrB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,6DAA6D;QACtE,OAAO,EAAE,wCAAwC;KAClD;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,gBAAgB;QACvB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,kDAAkD;QAC3D,OAAO,EAAE,iDAAiD;KAC3D;IAED,sEAAsE;IACtE;QACE,KAAK,EAAE,WAAW;QAClB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,OAAO,EAAE,0CAA0C;QACnD,OAAO,EAAE,yCAAyC;KACnD;CACF,CAAC;AAEF,MAAM,YAAY,GAChB,iGAAiG,CAAC;AACpG,MAAM,gBAAgB,GACpB,iFAAiF,CAAC;AAEpF;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CACjC,MAAgD;IAEhD,MAAM,IAAI,GAAc,EAAE,CAAC;IAC3B,MAAM,WAAW,GAAa,EAAE,CAAC;IAEjC,KAAK,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,MAAM,EAAE,CAAC;QACtC,MAAM,cAAc,GAAG,GAAG,MAAM,CAAC,OAAO,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,EAAE,CAAC;QACjE,MAAM,IAAI,GAAG,GAAG,cAAc,KAAK,IAAI,IAAI,EAAE,EAAE,CAAC;QAChD,MAAM,YAAY,GAAG,YAAY,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAEvD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAClC,IAAI,CAAC,CAAC;gBAAE,SAAS;YAEjB,mEAAmE;YACnE,gDAAgD;YAChD,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,IAAI,IAAI,EAAE,CAAC;gBACzC,MAAM,IAAI,GAAG,iBAAiB,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC;gBAC9C,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBAClC,SAAS;gBACX,CAAC;YACH,CAAC;YAED,IAAI,CAAC,IAAI,CAAC;gBACR,MAAM;gBACN,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,QAAQ,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC;gBAC7B,SAAS,EAAE,IAAI,CAAC,SAAS;gBACzB,YAAY;aACb,CAAC,CAAC;QACL,CAAC;QAED,kEAAkE;QAClE,oEAAoE;QACpE,kDAAkD;QAClD,IAAI,gBAAgB,CAAC,IAAI,CAAC,cAAc,CAAC,EAAE,CAAC;YAC1C,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;IACH,CAAC;IAED,MAAM,UAAU,GAA6B;QAC3C,IAAI,EAAE,CAAC;QACP,GAAG,EAAE,CAAC;QACN,MAAM,EAAE,CAAC;QACT,IAAI,EAAE,CAAC;QACP,QAAQ,EAAE,CAAC;KACZ,CAAC;IACF,MAAM,OAAO,GAAuC,EAAE,CAAC;IACvD,KAAK,MAAM,CAAC,IAAI,IAAI,EAAE,CAAC;QACrB,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QAC5B,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACjD,CAAC;IAED,OAAO;QACL,IAAI;QACJ,UAAU;QACV,OAAO;QACP,WAAW;QACX,OAAO,EAAE,MAAM,CAAC,MAAM;KACvB,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY,EAAE,KAAa;IACpD,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IAChD,MAAM,GAAG,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACtC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,QAAQ,CAAC,CAAS,EAAE,CAAS;IACpC,OAAO,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,CAAC;AACrD,CAAC"}

package/dist/index.d.ts

@@ -11,4 +11,5 @@ export * as wisdom from "./wisdom/index.js";
 export * as insights from "./insights/index.js";
 export * as quant from "./quant/index.js";
 export * as guardian from "./guardian/index.js";
+export * as forensics from "./forensics/index.js";
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC"}

package/dist/index.js

@@ -11,4 +11,5 @@ export * as wisdom from "./wisdom/index.js";
 export * as insights from "./insights/index.js";
 export * as quant from "./quant/index.js";
 export * as guardian from "./guardian/index.js";
+export * as forensics from "./forensics/index.js";
 //# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,cAAc,YAAY,CAAC;AAC3B,OAAO,KAAK,GAAG,MAAM,gBAAgB,CAAC;AACtC,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,OAAO,MAAM,oBAAoB,CAAC;AAC9C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC;AAClD,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,IAAI,MAAM,iBAAiB,CAAC;AACxC,OAAO,KAAK,MAAM,MAAM,mBAAmB,CAAC;AAC5C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,KAAK,MAAM,kBAAkB,CAAC;AAC1C,OAAO,KAAK,QAAQ,MAAM,qBAAqB,CAAC;AAChD,OAAO,KAAK,SAAS,MAAM,sBAAsB,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mneme-ai/core",
-  "version": "0.16.0",
+  "version": "0.18.0",
   "description": "Core indexing, retrieval, and graph engine for Mneme",
   "type": "module",
   "main": "./dist/index.js",