@nahisaho/musubix-security 2.0.1 → 2.1.0

package/dist/analysis/sinks/html-output.js

@@ -0,0 +1,256 @@
+/**
+ * @fileoverview HTML output sink definitions (XSS vulnerabilities)
+ * @module @nahisaho/musubix-security/analysis/sinks/html-output
+ * @trace REQ-SEC-001
+ */
+/**
+ * HTML output sinks (XSS vulnerabilities)
+ * @trace REQ-SEC-001
+ */
+export const HTML_OUTPUT_SINKS = [
+    // Express response
+    {
+        id: 'SNK-XSS-001',
+        name: 'Express Response Send',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'express',
+        patterns: [
+            { receiver: 'res', method: 'send', vulnerableArg: 0 },
+            { receiver: 'res', method: 'write', vulnerableArg: 0 },
+            { receiver: 'response', method: 'send', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escapeHtml', 'encode', 'sanitizeHtml', 'DOMPurify'],
+        description: 'Express response with user data - XSS risk',
+        enabled: true,
+        tags: ['xss', 'express', 'html'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Template rendering
+    {
+        id: 'SNK-XSS-010',
+        name: 'Template Render',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'express',
+        patterns: [
+            { receiver: 'res', method: 'render', vulnerableArg: 1 },
+            { receiver: 'response', method: 'render', vulnerableArg: 1 },
+        ],
+        expectedSanitizers: ['escapeHtml', 'template auto-escape'],
+        description: 'Template rendering with user data',
+        enabled: true,
+        tags: ['xss', 'template', 'html'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // innerHTML (DOM XSS)
+    {
+        id: 'SNK-XSS-020',
+        name: 'DOM innerHTML',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'browser',
+        patterns: [
+            { property: 'innerHTML', vulnerableArg: 0 },
+            { property: 'outerHTML', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escapeHtml', 'DOMPurify', 'sanitizeHtml', 'textContent'],
+        description: 'DOM innerHTML assignment - DOM XSS vulnerability',
+        enabled: true,
+        tags: ['xss', 'dom', 'innerHTML'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // document.write
+    {
+        id: 'SNK-XSS-030',
+        name: 'Document Write',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'browser',
+        patterns: [
+            { receiver: 'document', method: 'write', vulnerableArg: 0 },
+            { receiver: 'document', method: 'writeln', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escapeHtml', 'DOMPurify'],
+        description: 'document.write with user data - XSS vulnerability',
+        enabled: true,
+        tags: ['xss', 'dom', 'document.write'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // insertAdjacentHTML
+    {
+        id: 'SNK-XSS-040',
+        name: 'Insert Adjacent HTML',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'browser',
+        patterns: [
+            { method: 'insertAdjacentHTML', vulnerableArg: 1 },
+        ],
+        expectedSanitizers: ['escapeHtml', 'DOMPurify'],
+        description: 'insertAdjacentHTML with user data',
+        enabled: true,
+        tags: ['xss', 'dom', 'insertAdjacentHTML'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // jQuery html()
+    {
+        id: 'SNK-XSS-050',
+        name: 'jQuery HTML',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'jquery',
+        patterns: [
+            { receiver: '$', method: 'html', vulnerableArg: 0 },
+            { receiver: 'jQuery', method: 'html', vulnerableArg: 0 },
+            { method: 'html', vulnerableArg: 0 },
+            { receiver: '$', method: 'append', vulnerableArg: 0 },
+            { receiver: '$', method: 'prepend', vulnerableArg: 0 },
+            { receiver: '$', method: 'after', vulnerableArg: 0 },
+            { receiver: '$', method: 'before', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escapeHtml', 'DOMPurify', 'text()'],
+        description: 'jQuery HTML manipulation with user data',
+        enabled: true,
+        tags: ['xss', 'jquery', 'html'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // React dangerouslySetInnerHTML
+    {
+        id: 'SNK-XSS-060',
+        name: 'React DangerouslySetInnerHTML',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'react',
+        patterns: [
+            { property: 'dangerouslySetInnerHTML', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['DOMPurify', 'sanitizeHtml', 'isomorphic-dompurify'],
+        description: 'React dangerouslySetInnerHTML with user data',
+        enabled: true,
+        tags: ['xss', 'react', 'dangerouslySetInnerHTML'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Vue v-html
+    {
+        id: 'SNK-XSS-070',
+        name: 'Vue v-html Directive',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'vue',
+        patterns: [
+            { property: 'v-html', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['DOMPurify', 'sanitizeHtml', 'vue-sanitize'],
+        description: 'Vue v-html directive with user data',
+        enabled: true,
+        tags: ['xss', 'vue', 'v-html'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Angular bypassSecurityTrust
+    {
+        id: 'SNK-XSS-080',
+        name: 'Angular Bypass Security',
+        category: 'html-output',
+        severity: 'high',
+        framework: 'angular',
+        patterns: [
+            { method: 'bypassSecurityTrustHtml', vulnerableArg: 0 },
+            { method: 'bypassSecurityTrustScript', vulnerableArg: 0 },
+            { method: 'bypassSecurityTrustStyle', vulnerableArg: 0 },
+            { method: 'bypassSecurityTrustUrl', vulnerableArg: 0 },
+            { method: 'bypassSecurityTrustResourceUrl', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['DOMPurify', 'sanitizeHtml'],
+        description: 'Angular security bypass with user data',
+        enabled: true,
+        tags: ['xss', 'angular', 'bypass-security'],
+        relatedCWE: ['CWE-79'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // URL redirect (Open Redirect)
+    {
+        id: 'SNK-XSS-090',
+        name: 'URL Redirect',
+        category: 'redirect',
+        severity: 'medium',
+        framework: 'express',
+        patterns: [
+            { receiver: 'res', method: 'redirect', vulnerableArg: 0 },
+            { receiver: 'response', method: 'redirect', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['validateUrl', 'isAllowedDomain', 'whitelist'],
+        description: 'URL redirect with user-controlled destination',
+        enabled: true,
+        tags: ['redirect', 'open-redirect'],
+        relatedCWE: ['CWE-601'],
+        owaspCategory: 'A01:2021-Broken Access Control',
+    },
+    // Browser location
+    {
+        id: 'SNK-XSS-100',
+        name: 'Browser Location',
+        category: 'redirect',
+        severity: 'medium',
+        framework: 'browser',
+        patterns: [
+            { receiver: 'location', property: 'href', vulnerableArg: 0 },
+            { receiver: 'window', property: ['location', 'href'], vulnerableArg: 0 },
+            { receiver: 'location', method: 'assign', vulnerableArg: 0 },
+            { receiver: 'location', method: 'replace', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['validateUrl', 'isAllowedDomain'],
+        description: 'Browser location assignment with user data',
+        enabled: true,
+        tags: ['redirect', 'open-redirect', 'dom'],
+        relatedCWE: ['CWE-601'],
+        owaspCategory: 'A01:2021-Broken Access Control',
+    },
+    // HTTP Header Injection
+    {
+        id: 'SNK-XSS-110',
+        name: 'HTTP Header',
+        category: 'html-output',
+        severity: 'medium',
+        framework: 'express',
+        patterns: [
+            { receiver: 'res', method: 'setHeader', vulnerableArg: 1 },
+            { receiver: 'res', method: 'set', vulnerableArg: 1 },
+            { receiver: 'response', method: 'header', vulnerableArg: 1 },
+        ],
+        expectedSanitizers: ['sanitizeHeader', 'removeNewlines'],
+        description: 'HTTP header injection - CRLF/header splitting',
+        enabled: true,
+        tags: ['header-injection', 'crlf'],
+        relatedCWE: ['CWE-113'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Log injection
+    {
+        id: 'SNK-XSS-120',
+        name: 'Log Output',
+        category: 'html-output',
+        severity: 'low',
+        patterns: [
+            { receiver: 'console', method: 'log', vulnerableArg: 0 },
+            { receiver: 'logger', method: 'info', vulnerableArg: 0 },
+            { receiver: 'logger', method: 'warn', vulnerableArg: 0 },
+            { receiver: 'logger', method: 'error', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['sanitizeForLog', 'removeNewlines'],
+        description: 'Log output with user data - log injection/forging',
+        enabled: true,
+        tags: ['log-injection', 'log-forging'],
+        relatedCWE: ['CWE-117'],
+        owaspCategory: 'A09:2021-Security Logging and Monitoring Failures',
+    },
+];
+//# sourceMappingURL=html-output.js.map

package/dist/analysis/sinks/html-output.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"html-output.js","sourceRoot":"","sources":["../../../src/analysis/sinks/html-output.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA8B;IAC1D,mBAAmB;IACnB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACrD,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACtD,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;SAC3D;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,QAAQ,EAAE,cAAc,EAAE,WAAW,CAAC;QACzE,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,MAAM,CAAC;QAChC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,qBAAqB;IACrB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,iBAAiB;QACvB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;YACvD,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;SAC7D;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,sBAAsB,CAAC;QAC1D,WAAW,EAAE,mCAAmC;QAChD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,CAAC;QACjC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,sBAAsB;IACtB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;YAC3C,EAAE,QAAQ,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;SAC5C;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,cAAc,EAAE,aAAa,CAAC;QAC9E,WAAW,EAAE,kDAAkD;QAC/D,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,WAAW,CAAC;QACjC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,iBAAiB;IACjB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YAC3D,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;SAC9D;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,WAAW,CAAC;QAC/C,WAAW,EAAE,mDAAmD;QAChE,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,gBAAgB,CAAC;QACtC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,qBAAqB;IACrB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,MAAM,EAAE,oBAAoB,EAAE,aAAa,EAAE,CAAC,EAAE;SACnD;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,WAAW,CAAC;QAC/C,WAAW,EAAE,mCAAmC;QAChD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,oBAAoB,CAAC;QAC1C,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,gBAAgB;IAChB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,QAAQ;QACnB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACnD,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACpC,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;YACrD,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;YACtD,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACpD,EAAE,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;SACtD;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,WAAW,EAAE,QAAQ,CAAC;QACzD,WAAW,EAAE,yCAAyC;QACtD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,CAAC;QAC/B,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,gCAAgC;IAChC;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,OAAO;QAClB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,yBAAyB,EAAE,aAAa,EAAE,CAAC,EAAE;SAC1D;QACD,kBAAkB,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,sBAAsB,CAAC;QACzE,WAAW,EAAE,8CAA8C;QAC3D,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,yBAAyB,CAAC;QACjD,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,aAAa;IACb;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,sBAAsB;QAC5B,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,KAAK;QAChB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;SACzC;QACD,kBAAkB,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,CAAC;QACjE,WAAW,EAAE,qCAAqC;QAClD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC;QAC9B,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,8BAA8B;IAC9B;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,yBAAyB;QAC/B,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,MAAM,EAAE,yBAAyB,EAAE,aAAa,EAAE,CAAC,EAAE;YACvD,EAAE,MAAM,EAAE,2BAA2B,EAAE,aAAa,EAAE,CAAC,EAAE;YACzD,EAAE,MAAM,EAAE,0BAA0B,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,MAAM,EAAE,wBAAwB,EAAE,aAAa,EAAE,CAAC,EAAE;YACtD,EAAE,MAAM,EAAE,gCAAgC,EAAE,aAAa,EAAE,CAAC,EAAE;SAC/D;QACD,kBAAkB,EAAE,CAAC,WAAW,EAAE,cAAc,CAAC;QACjD,WAAW,EAAE,wCAAwC;QACrD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,iBAAiB,CAAC;QAC3C,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,+BAA+B;IAC/B;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC,EAAE;YACzD,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,UAAU,EAAE,aAAa,EAAE,CAAC,EAAE;SAC/D;QACD,kBAAkB,EAAE,CAAC,aAAa,EAAE,iBAAiB,EAAE,WAAW,CAAC;QACnE,WAAW,EAAE,+CAA+C;QAC5D,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,UAAU,EAAE,eAAe,CAAC;QACnC,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,aAAa,EAAE,gCAAgC;KAChD;IAED,mBAAmB;IACnB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YAC5D,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,UAAU,EAAE,MAAM,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;YACxE,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;YAC5D,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;SAC9D;QACD,kBAAkB,EAAE,CAAC,aAAa,EAAE,iBAAiB,CAAC;QACtD,WAAW,EAAE,4CAA4C;QACzD,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,KAAK,CAAC;QAC1C,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,aAAa,EAAE,gCAAgC;KAChD;IAED,wBAAwB;IACxB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,QAAQ;QAClB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;YAC1D,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE;YACpD,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa,EAAE,CAAC,EAAE;SAC7D;QACD,kBAAkB,EAAE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;QACxD,WAAW,EAAE,+CAA+C;QAC5D,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,kBAAkB,EAAE,MAAM,CAAC;QAClC,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,aAAa,EAAE,oBAAoB;KACpC;IAED,gBAAgB;IAChB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;SAC1D;QACD,kBAAkB,EAAE,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;QACxD,WAAW,EAAE,mDAAmD;QAChE,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,eAAe,EAAE,aAAa,CAAC;QACtC,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,aAAa,EAAE,mDAAmD;KACnE;CACO,CAAC"}

package/dist/analysis/sinks/index.d.ts

@@ -0,0 +1,30 @@
+/**
+ * @fileoverview Taint sink definitions - Builtin sinks for interprocedural taint analysis
+ * @module @nahisaho/musubix-security/analysis/sinks
+ * @trace REQ-SEC-001 (EARS: テイント分析の高度化)
+ */
+export * from './sql-query.js';
+export * from './command-exec.js';
+export * from './file-operations.js';
+export * from './html-output.js';
+export * from './code-eval.js';
+export * from './types.js';
+import type { SinkDefinition } from './types.js';
+/**
+ * All built-in taint sinks aggregated
+ * @trace REQ-SEC-001
+ */
+export declare const ALL_BUILTIN_SINKS: readonly SinkDefinition[];
+/**
+ * Get sinks by category
+ */
+export declare function getSinksByCategory(category: SinkDefinition['category']): readonly SinkDefinition[];
+/**
+ * Get sinks by severity
+ */
+export declare function getSinksBySeverity(severity: SinkDefinition['severity']): readonly SinkDefinition[];
+/**
+ * Get sinks by CWE ID
+ */
+export declare function getSinksByCWE(cweId: string): readonly SinkDefinition[];
+//# sourceMappingURL=index.d.ts.map

package/dist/analysis/sinks/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analysis/sinks/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,cAAc,gBAAgB,CAAC;AAC/B,cAAc,mBAAmB,CAAC;AAClC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC;AAO3B,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD;;;GAGG;AACH,eAAO,MAAM,iBAAiB,EAAE,SAAS,cAAc,EAM7C,CAAC;AAEX;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,cAAc,CAAC,UAAU,CAAC,GACnC,SAAS,cAAc,EAAE,CAE3B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,QAAQ,EAAE,cAAc,CAAC,UAAU,CAAC,GACnC,SAAS,cAAc,EAAE,CAE3B;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,MAAM,GAAG,SAAS,cAAc,EAAE,CAEtE"}

package/dist/analysis/sinks/index.js

@@ -0,0 +1,46 @@
+/**
+ * @fileoverview Taint sink definitions - Builtin sinks for interprocedural taint analysis
+ * @module @nahisaho/musubix-security/analysis/sinks
+ * @trace REQ-SEC-001 (EARS: テイント分析の高度化)
+ */
+export * from './sql-query.js';
+export * from './command-exec.js';
+export * from './file-operations.js';
+export * from './html-output.js';
+export * from './code-eval.js';
+export * from './types.js';
+import { SQL_QUERY_SINKS } from './sql-query.js';
+import { COMMAND_EXEC_SINKS } from './command-exec.js';
+import { FILE_OPERATION_SINKS } from './file-operations.js';
+import { HTML_OUTPUT_SINKS } from './html-output.js';
+import { CODE_EVAL_SINKS } from './code-eval.js';
+/**
+ * All built-in taint sinks aggregated
+ * @trace REQ-SEC-001
+ */
+export const ALL_BUILTIN_SINKS = [
+    ...SQL_QUERY_SINKS,
+    ...COMMAND_EXEC_SINKS,
+    ...FILE_OPERATION_SINKS,
+    ...HTML_OUTPUT_SINKS,
+    ...CODE_EVAL_SINKS,
+];
+/**
+ * Get sinks by category
+ */
+export function getSinksByCategory(category) {
+    return ALL_BUILTIN_SINKS.filter((s) => s.category === category);
+}
+/**
+ * Get sinks by severity
+ */
+export function getSinksBySeverity(severity) {
+    return ALL_BUILTIN_SINKS.filter((s) => s.severity === severity);
+}
+/**
+ * Get sinks by CWE ID
+ */
+export function getSinksByCWE(cweId) {
+    return ALL_BUILTIN_SINKS.filter((s) => s.relatedCWE?.includes(cweId));
+}
+//# sourceMappingURL=index.js.map

package/dist/analysis/sinks/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analysis/sinks/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,cAAc,gBAAgB,CAAC;AAC/B,cAAc,mBAAmB,CAAC;AAClC,cAAc,sBAAsB,CAAC;AACrC,cAAc,kBAAkB,CAAC;AACjC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC;AAE3B,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AACjD,OAAO,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AACvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAGjD;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA8B;IAC1D,GAAG,eAAe;IAClB,GAAG,kBAAkB;IACrB,GAAG,oBAAoB;IACvB,GAAG,iBAAiB;IACpB,GAAG,eAAe;CACV,CAAC;AAEX;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,QAAoC;IAEpC,OAAO,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAClE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAChC,QAAoC;IAEpC,OAAO,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAClE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,KAAa;IACzC,OAAO,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC;AACxE,CAAC"}

package/dist/analysis/sinks/sql-query.d.ts

@@ -0,0 +1,12 @@
+/**
+ * @fileoverview SQL query sink definitions
+ * @module @nahisaho/musubix-security/analysis/sinks/sql-query
+ * @trace REQ-SEC-001
+ */
+import type { SinkDefinition } from './types.js';
+/**
+ * SQL injection sinks
+ * @trace REQ-SEC-001
+ */
+export declare const SQL_QUERY_SINKS: readonly SinkDefinition[];
+//# sourceMappingURL=sql-query.d.ts.map

package/dist/analysis/sinks/sql-query.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sql-query.d.ts","sourceRoot":"","sources":["../../../src/analysis/sinks/sql-query.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,YAAY,CAAC;AAEjD;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,SAAS,cAAc,EA+M3C,CAAC"}

package/dist/analysis/sinks/sql-query.js

@@ -0,0 +1,209 @@
+/**
+ * @fileoverview SQL query sink definitions
+ * @module @nahisaho/musubix-security/analysis/sinks/sql-query
+ * @trace REQ-SEC-001
+ */
+/**
+ * SQL injection sinks
+ * @trace REQ-SEC-001
+ */
+export const SQL_QUERY_SINKS = [
+    // Generic SQL
+    {
+        id: 'SNK-SQL-001',
+        name: 'Raw SQL Query',
+        category: 'sql-query',
+        severity: 'critical',
+        patterns: [
+            { method: 'query', vulnerableArg: 0 },
+            { method: 'execute', vulnerableArg: 0 },
+            { receiver: 'db', method: 'query', vulnerableArg: 0 },
+            { receiver: 'connection', method: 'query', vulnerableArg: 0 },
+            { receiver: 'pool', method: 'query', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escape', 'parameterize', 'prepare'],
+        description: 'Raw SQL query execution - vulnerable to SQL injection',
+        enabled: true,
+        tags: ['sql', 'injection', 'database'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // MySQL
+    {
+        id: 'SNK-SQL-010',
+        name: 'MySQL Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'mysql',
+        patterns: [
+            { receiver: 'mysql', method: 'query', vulnerableArg: 0 },
+            { receiver: 'connection', method: 'query', vulnerableArg: 0 },
+            { receiver: 'pool', method: 'query', vulnerableArg: 0 },
+            {
+                importPattern: { module: 'mysql', named: ['createConnection', 'createPool'] },
+                method: 'query',
+                vulnerableArg: 0,
+            },
+        ],
+        expectedSanitizers: ['escape', 'format', 'escapeId'],
+        description: 'MySQL query execution',
+        enabled: true,
+        tags: ['sql', 'mysql', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // MySQL2
+    {
+        id: 'SNK-SQL-011',
+        name: 'MySQL2 Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'mysql2',
+        patterns: [
+            { receiver: 'mysql', method: 'query', vulnerableArg: 0 },
+            { receiver: 'connection', method: 'query', vulnerableArg: 0 },
+            { receiver: 'connection', method: 'execute', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escape', 'format', 'prepare'],
+        description: 'MySQL2 query execution',
+        enabled: true,
+        tags: ['sql', 'mysql2', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // PostgreSQL (pg)
+    {
+        id: 'SNK-SQL-020',
+        name: 'PostgreSQL Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'pg',
+        patterns: [
+            { receiver: 'client', method: 'query', vulnerableArg: 0 },
+            { receiver: 'pool', method: 'query', vulnerableArg: 0 },
+            { receiver: 'pg', method: 'query', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['escape', 'format', 'escapeLiteral', 'escapeIdentifier'],
+        description: 'PostgreSQL query execution',
+        enabled: true,
+        tags: ['sql', 'postgresql', 'pg', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // SQLite (better-sqlite3)
+    {
+        id: 'SNK-SQL-030',
+        name: 'SQLite Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'better-sqlite3',
+        patterns: [
+            { receiver: 'db', method: 'prepare', vulnerableArg: 0 },
+            { receiver: 'db', method: 'exec', vulnerableArg: 0 },
+            { receiver: 'database', method: 'prepare', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['parameterize'],
+        description: 'SQLite query execution',
+        enabled: true,
+        tags: ['sql', 'sqlite', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Knex.js Raw
+    {
+        id: 'SNK-SQL-040',
+        name: 'Knex Raw Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'knex',
+        patterns: [
+            { receiver: 'knex', method: 'raw', vulnerableArg: 0 },
+            { receiver: 'db', method: 'raw', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['parameterize', 'binding'],
+        description: 'Knex.js raw query execution',
+        enabled: true,
+        tags: ['sql', 'knex', 'raw', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // TypeORM Raw
+    {
+        id: 'SNK-SQL-050',
+        name: 'TypeORM Raw Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'typeorm',
+        patterns: [
+            { method: 'query', vulnerableArg: 0 },
+            { receiver: 'entityManager', method: 'query', vulnerableArg: 0 },
+            { receiver: 'connection', method: 'query', vulnerableArg: 0 },
+            { receiver: 'dataSource', method: 'query', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['parameterize'],
+        description: 'TypeORM raw query execution',
+        enabled: true,
+        tags: ['sql', 'typeorm', 'raw', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Prisma Raw
+    {
+        id: 'SNK-SQL-060',
+        name: 'Prisma Raw Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'prisma',
+        patterns: [
+            { receiver: 'prisma', method: '$queryRaw', vulnerableArg: 0 },
+            { receiver: 'prisma', method: '$executeRaw', vulnerableArg: 0 },
+            { receiver: 'prisma', method: '$queryRawUnsafe', vulnerableArg: 0 },
+            { receiver: 'prisma', method: '$executeRawUnsafe', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['Prisma.sql', 'template literal'],
+        description: 'Prisma raw query execution',
+        enabled: true,
+        tags: ['sql', 'prisma', 'raw', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // Sequelize Raw
+    {
+        id: 'SNK-SQL-070',
+        name: 'Sequelize Raw Query',
+        category: 'sql-query',
+        severity: 'critical',
+        framework: 'sequelize',
+        patterns: [
+            { receiver: 'sequelize', method: 'query', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['parameterize', 'replacements', 'bind'],
+        description: 'Sequelize raw query execution',
+        enabled: true,
+        tags: ['sql', 'sequelize', 'raw', 'injection'],
+        relatedCWE: ['CWE-89'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+    // NoSQL Injection (MongoDB)
+    {
+        id: 'SNK-SQL-080',
+        name: 'MongoDB Query Operator',
+        category: 'nosql-query',
+        severity: 'high',
+        framework: 'mongodb',
+        patterns: [
+            { method: 'find', vulnerableArg: 0 },
+            { method: 'findOne', vulnerableArg: 0 },
+            { method: 'updateOne', vulnerableArg: 0 },
+            { method: 'deleteOne', vulnerableArg: 0 },
+            { method: 'aggregate', vulnerableArg: 0 },
+        ],
+        expectedSanitizers: ['sanitize', 'validateObjectId'],
+        description: 'MongoDB query with potential NoSQL injection',
+        enabled: true,
+        tags: ['nosql', 'mongodb', 'injection'],
+        relatedCWE: ['CWE-943'],
+        owaspCategory: 'A03:2021-Injection',
+    },
+];
+//# sourceMappingURL=sql-query.js.map

package/dist/analysis/sinks/sql-query.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sql-query.js","sourceRoot":"","sources":["../../../src/analysis/sinks/sql-query.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;;GAGG;AACH,MAAM,CAAC,MAAM,eAAe,GAA8B;IACxD,cAAc;IACd;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,eAAe;QACrB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE;YACR,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACrC,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;YACvC,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACrD,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YAC7D,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;SACxD;QACD,kBAAkB,EAAE,CAAC,QAAQ,EAAE,cAAc,EAAE,SAAS,CAAC;QACzD,WAAW,EAAE,uDAAuD;QACpE,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,UAAU,CAAC;QACtC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,QAAQ;IACR;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,OAAO;QAClB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YAC7D,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACvD;gBACE,aAAa,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC,EAAE;gBAC7E,MAAM,EAAE,OAAO;gBACf,aAAa,EAAE,CAAC;aACjB;SACF;QACD,kBAAkB,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,UAAU,CAAC;QACpD,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,OAAO,EAAE,WAAW,CAAC;QACnC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,SAAS;IACT;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,QAAQ;QACnB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACxD,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YAC7D,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;SAChE;QACD,kBAAkB,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC;QACnD,WAAW,EAAE,wBAAwB;QACrC,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,WAAW,CAAC;QACpC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,kBAAkB;IAClB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,IAAI;QACf,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACzD,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACvD,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;SACtD;QACD,kBAAkB,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,eAAe,EAAE,kBAAkB,CAAC;QAC7E,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,WAAW,CAAC;QAC9C,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,0BAA0B;IAC1B;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,gBAAgB;QAC3B,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;YACvD,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACpD,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;SAC9D;QACD,kBAAkB,EAAE,CAAC,cAAc,CAAC;QACpC,WAAW,EAAE,wBAAwB;QACrC,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,WAAW,CAAC;QACpC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,cAAc;IACd;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,MAAM;QACjB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE;YACrD,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,aAAa,EAAE,CAAC,EAAE;SACpD;QACD,kBAAkB,EAAE,CAAC,cAAc,EAAE,SAAS,CAAC;QAC/C,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW,CAAC;QACzC,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,cAAc;IACd;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YACrC,EAAE,QAAQ,EAAE,eAAe,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YAChE,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;YAC7D,EAAE,QAAQ,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;SAC9D;QACD,kBAAkB,EAAE,CAAC,cAAc,CAAC;QACpC,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,WAAW,CAAC;QAC5C,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,aAAa;IACb;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,QAAQ;QACnB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;YAC7D,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,aAAa,EAAE,aAAa,EAAE,CAAC,EAAE;YAC/D,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,iBAAiB,EAAE,aAAa,EAAE,CAAC,EAAE;YACnE,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,EAAE,mBAAmB,EAAE,aAAa,EAAE,CAAC,EAAE;SACtE;QACD,kBAAkB,EAAE,CAAC,YAAY,EAAE,kBAAkB,CAAC;QACtD,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,CAAC;QAC3C,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,gBAAgB;IAChB;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,WAAW;QACrB,QAAQ,EAAE,UAAU;QACpB,SAAS,EAAE,WAAW;QACtB,QAAQ,EAAE;YACR,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,EAAE,OAAO,EAAE,aAAa,EAAE,CAAC,EAAE;SAC7D;QACD,kBAAkB,EAAE,CAAC,cAAc,EAAE,cAAc,EAAE,MAAM,CAAC;QAC5D,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,KAAK,EAAE,WAAW,EAAE,KAAK,EAAE,WAAW,CAAC;QAC9C,UAAU,EAAE,CAAC,QAAQ,CAAC;QACtB,aAAa,EAAE,oBAAoB;KACpC;IAED,4BAA4B;IAC5B;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,SAAS;QACpB,QAAQ,EAAE;YACR,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,EAAE;YACpC,EAAE,MAAM,EAAE,SAAS,EAAE,aAAa,EAAE,CAAC,EAAE;YACvC,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;YACzC,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;YACzC,EAAE,MAAM,EAAE,WAAW,EAAE,aAAa,EAAE,CAAC,EAAE;SAC1C;QACD,kBAAkB,EAAE,CAAC,UAAU,EAAE,kBAAkB,CAAC;QACpD,WAAW,EAAE,8CAA8C;QAC3D,OAAO,EAAE,IAAI;QACb,IAAI,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,WAAW,CAAC;QACvC,UAAU,EAAE,CAAC,SAAS,CAAC;QACvB,aAAa,EAAE,oBAAoB;KACpC;CACO,CAAC"}