@nahisaho/musubix-security 2.0.1 → 2.1.1

package/dist/tests/rules/cwe/cwe-top25-14-25.test.js

@@ -0,0 +1,121 @@
+/**
+ * CWE Top 25 (14-25) テスト
+ * TSK-RULE-006: CWE Top 25 Most Dangerous Software Weaknesses
+ */
+import { describe, it, expect } from 'vitest';
+import { cwe190IntegerOverflow, cwe502Deserialization, cwe77CommandInjection, cwe119BufferOverflow, cwe798HardcodedCredentials, cwe918SSRF, cwe306MissingAuthCritical, cwe362RaceCondition, cwe269ImproperPrivilege, cwe94CodeInjection, cwe863IncorrectAuth, cwe276DefaultPermissions, cweTop25Rules14to25, } from '../../../rules/cwe/index.js';
+function createContext(code, filePath = 'test.ts') {
+    return { sourceCode: code, filePath, options: {}, report: () => { } };
+}
+describe('CWE Top 25 (14-25) Rules', () => {
+    describe('CWE-190: Integer Overflow', () => {
+        it('should detect large bit shift', async () => {
+            const code = `const val = x << 32;`;
+            const result = await cwe190IntegerOverflow.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-190-integer-overflow');
+        });
+    });
+    describe('CWE-502: Deserialization', () => {
+        it('should detect JSON.parse on request', async () => {
+            const code = `const data = JSON.parse(req.body);`;
+            const result = await cwe502Deserialization.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-502-deserialization');
+        });
+    });
+    describe('CWE-77: Command Injection', () => {
+        it('should detect child_process exec', async () => {
+            const code = `const { exec } = require('child_process'); exec(cmd);`;
+            const result = await cwe77CommandInjection.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-77-command-injection');
+        });
+    });
+    describe('CWE-119: Buffer Overflow', () => {
+        it('should detect Buffer copy', async () => {
+            const code = `Buffer.from(data).copy(target);`;
+            const result = await cwe119BufferOverflow.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-119-buffer-overflow');
+        });
+    });
+    describe('CWE-798: Hardcoded Credentials', () => {
+        it('should detect hardcoded password', async () => {
+            const code = `const password = 'secret123';`;
+            const result = await cwe798HardcodedCredentials.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-798-hardcoded-credentials');
+        });
+    });
+    describe('CWE-918: SSRF', () => {
+        it('should detect fetch with request URL', async () => {
+            const code = `fetch(req.body.url);`;
+            const result = await cwe918SSRF.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-918-ssrf');
+        });
+    });
+    describe('CWE-306: Missing Auth Critical', () => {
+        it('should detect admin route', async () => {
+            const code = `app.post('/admin/delete', handler);`;
+            const result = await cwe306MissingAuthCritical.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-306-missing-auth-critical');
+        });
+    });
+    describe('CWE-362: Race Condition', () => {
+        it('should detect global state modification', async () => {
+            const code = `global.counter = 0;`;
+            const result = await cwe362RaceCondition.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-362-race-condition');
+        });
+    });
+    describe('CWE-269: Improper Privilege', () => {
+        it('should detect direct admin role', async () => {
+            const code = `user.role = 'admin';`;
+            const result = await cwe269ImproperPrivilege.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-269-improper-privilege');
+        });
+    });
+    describe('CWE-94: Code Injection', () => {
+        it('should detect eval', async () => {
+            const code = `eval(userCode);`;
+            const result = await cwe94CodeInjection.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-94-code-injection');
+        });
+    });
+    describe('CWE-863: Incorrect Authorization', () => {
+        it('should detect findById with params', async () => {
+            const code = `const user = await User.findById(req.params.id);`;
+            const result = await cwe863IncorrectAuth.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-863-incorrect-auth');
+        });
+    });
+    describe('CWE-276: Default Permissions', () => {
+        it('should detect chmod 777', async () => {
+            const code = `fs.chmod(file, 0o777);`;
+            const result = await cwe276DefaultPermissions.analyze(createContext(code));
+            expect(result.length).toBeGreaterThan(0);
+            expect(result[0].ruleId).toBe('cwe-276-default-permissions');
+        });
+    });
+    describe('cweTop25Rules14to25 array', () => {
+        it('should contain exactly 12 rules', () => {
+            expect(cweTop25Rules14to25).toHaveLength(12);
+        });
+        it('should have all rules with valid structure', () => {
+            for (const rule of cweTop25Rules14to25) {
+                expect(rule).toHaveProperty('id');
+                expect(rule).toHaveProperty('name');
+                expect(rule).toHaveProperty('analyze');
+                expect(typeof rule.analyze).toBe('function');
+            }
+        });
+    });
+});
+//# sourceMappingURL=cwe-top25-14-25.test.js.map

package/dist/tests/rules/cwe/cwe-top25-14-25.test.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cwe-top25-14-25.test.js","sourceRoot":"","sources":["../../../../src/tests/rules/cwe/cwe-top25-14-25.test.ts"],"names":[],"mappings":"AAAA;;;GAGG;AACH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,0BAA0B,EAC1B,UAAU,EACV,yBAAyB,EACzB,mBAAmB,EACnB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,wBAAwB,EACxB,mBAAmB,GACpB,MAAM,6BAA6B,CAAC;AAGrC,SAAS,aAAa,CAAC,IAAY,EAAE,QAAQ,GAAG,SAAS;IACvD,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,EAAE,GAAG,EAAE,GAAE,CAAC,EAAE,CAAC;AACvE,CAAC;AAED,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;IACxC,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACzC,EAAE,CAAC,+BAA+B,EAAE,KAAK,IAAI,EAAE;YAC7C,MAAM,IAAI,GAAG,sBAAsB,CAAC;YACpC,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACxE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAC5D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;QACxC,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;YACnD,MAAM,IAAI,GAAG,oCAAoC,CAAC;YAClD,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACxE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACzC,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;YAChD,MAAM,IAAI,GAAG,uDAAuD,CAAC;YACrE,MAAM,MAAM,GAAG,MAAM,qBAAqB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACxE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;QAC5D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,0BAA0B,EAAE,GAAG,EAAE;QACxC,EAAE,CAAC,2BAA2B,EAAE,KAAK,IAAI,EAAE;YACzC,MAAM,IAAI,GAAG,iCAAiC,CAAC;YAC/C,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACvE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QAC3D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,kCAAkC,EAAE,KAAK,IAAI,EAAE;YAChD,MAAM,IAAI,GAAG,+BAA+B,CAAC;YAC7C,MAAM,MAAM,GAAG,MAAM,0BAA0B,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7E,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;QAC7B,EAAE,CAAC,sCAAsC,EAAE,KAAK,IAAI,EAAE;YACpD,MAAM,IAAI,GAAG,sBAAsB,CAAC;YACpC,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YAC7D,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gCAAgC,EAAE,GAAG,EAAE;QAC9C,EAAE,CAAC,2BAA2B,EAAE,KAAK,IAAI,EAAE;YACzC,MAAM,IAAI,GAAG,qCAAqC,CAAC;YACnD,MAAM,MAAM,GAAG,MAAM,yBAAyB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YAC5E,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QACjE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;QACvC,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;YACvD,MAAM,IAAI,GAAG,qBAAqB,CAAC;YACnC,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACtE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,6BAA6B,EAAE,GAAG,EAAE;QAC3C,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;YAC/C,MAAM,IAAI,GAAG,sBAAsB,CAAC;YACpC,MAAM,MAAM,GAAG,MAAM,uBAAuB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YAC1E,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,wBAAwB,EAAE,GAAG,EAAE;QACtC,EAAE,CAAC,oBAAoB,EAAE,KAAK,IAAI,EAAE;YAClC,MAAM,IAAI,GAAG,iBAAiB,CAAC;YAC/B,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACrE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACzD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAChD,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;YAClD,MAAM,IAAI,GAAG,kDAAkD,CAAC;YAChE,MAAM,MAAM,GAAG,MAAM,mBAAmB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YACtE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,8BAA8B,EAAE,GAAG,EAAE;QAC5C,EAAE,CAAC,yBAAyB,EAAE,KAAK,IAAI,EAAE;YACvC,MAAM,IAAI,GAAG,wBAAwB,CAAC;YACtC,MAAM,MAAM,GAAG,MAAM,wBAAwB,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC;YAC3E,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACzC,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,mBAAmB,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC;QAC/C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,KAAK,MAAM,IAAI,IAAI,mBAAmB,EAAE,CAAC;gBACvC,MAAM,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC;gBAClC,MAAM,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC;gBACpC,MAAM,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,SAAS,CAAC,CAAC;gBACvC,MAAM,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/C,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/types/cve.d.ts

@@ -0,0 +1,278 @@
+/**
+ * @fileoverview CVE and NVD type definitions
+ * @module @nahisaho/musubix-security/types/cve
+ * @trace REQ-SEC-CVE-001, REQ-SEC-CVE-002, REQ-SEC-CVE-003, REQ-SEC-CVE-004
+ */
+/**
+ * CVSS v3.x score details
+ * @trace DES-SEC-CVE-001
+ */
+export interface CVSSScore {
+    /** CVSS version */
+    version: '3.0' | '3.1';
+    /** Base score (0.0 - 10.0) */
+    baseScore: number;
+    /** Severity based on base score */
+    severity: CVSSSeverity;
+    /** CVSS vector string (e.g., "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H") */
+    vectorString: string;
+    /** Attack Vector */
+    attackVector: 'NETWORK' | 'ADJACENT_NETWORK' | 'LOCAL' | 'PHYSICAL';
+    /** Attack Complexity */
+    attackComplexity: 'LOW' | 'HIGH';
+    /** Privileges Required */
+    privilegesRequired: 'NONE' | 'LOW' | 'HIGH';
+    /** User Interaction */
+    userInteraction: 'NONE' | 'REQUIRED';
+    /** Scope */
+    scope: 'UNCHANGED' | 'CHANGED';
+    /** Confidentiality Impact */
+    confidentialityImpact: 'NONE' | 'LOW' | 'HIGH';
+    /** Integrity Impact */
+    integrityImpact: 'NONE' | 'LOW' | 'HIGH';
+    /** Availability Impact */
+    availabilityImpact: 'NONE' | 'LOW' | 'HIGH';
+}
+/**
+ * CVSS severity levels
+ */
+export type CVSSSeverity = 'NONE' | 'LOW' | 'MEDIUM' | 'HIGH' | 'CRITICAL';
+/**
+ * CVE reference link
+ */
+export interface CVEReference {
+    /** Reference URL */
+    url: string;
+    /** Reference source (e.g., "MISC", "CONFIRM", "VENDOR_ADVISORY") */
+    source: string;
+    /** Reference tags */
+    tags?: string[];
+}
+/**
+ * CPE (Common Platform Enumeration) match criteria
+ * @trace DES-SEC-CVE-001
+ */
+export interface CPEMatch {
+    /** CPE 2.3 URI format */
+    cpe: string;
+    /** Vulnerable flag */
+    vulnerable: boolean;
+    /** Version start (including) */
+    versionStartIncluding?: string;
+    /** Version start (excluding) */
+    versionStartExcluding?: string;
+    /** Version end (including) */
+    versionEndIncluding?: string;
+    /** Version end (excluding) */
+    versionEndExcluding?: string;
+}
+/**
+ * CVE (Common Vulnerabilities and Exposures) entry
+ * @trace REQ-SEC-CVE-001, DES-SEC-CVE-001
+ */
+export interface CVE {
+    /** CVE identifier (e.g., "CVE-2021-44228") */
+    id: string;
+    /** Vulnerability description */
+    description: string;
+    /** Publication date */
+    published: Date;
+    /** Last modification date */
+    lastModified: Date;
+    /** CVSS v3.x score */
+    cvss?: CVSSScore;
+    /** Related CWE identifiers */
+    cwes: string[];
+    /** Reference links */
+    references: CVEReference[];
+    /** Affected products (CPE matches) */
+    affectedProducts: CPEMatch[];
+    /** Vulnerability status */
+    status: CVEStatus;
+}
+/**
+ * CVE status
+ */
+export type CVEStatus = 'RECEIVED' | 'AWAITING_ANALYSIS' | 'UNDERGOING_ANALYSIS' | 'ANALYZED' | 'MODIFIED' | 'DEFERRED' | 'REJECTED';
+/**
+ * CVE finding for a specific package
+ * @trace REQ-SEC-CVE-003
+ */
+export interface CVEFinding {
+    /** CVE details */
+    cve: CVE;
+    /** Affected package name */
+    package: string;
+    /** Installed version */
+    installedVersion: string;
+    /** Affected version range description */
+    affectedRange: string;
+    /** Fixed version (if available) */
+    fixedVersion?: string;
+    /** Severity level */
+    severity: CVSSSeverity;
+    /** Recommended action */
+    recommendation: string;
+    /** Direct or transitive dependency */
+    dependencyType: 'direct' | 'transitive';
+    /** Dependency path (for transitive) */
+    dependencyPath?: string[];
+}
+/**
+ * CVE search query parameters
+ * @trace DES-SEC-CVE-001
+ */
+export interface CVESearchQuery {
+    /** Search by keyword */
+    keyword?: string;
+    /** Search by CPE */
+    cpe?: string;
+    /** Filter by CWE */
+    cweId?: string;
+    /** Filter by minimum CVSS score */
+    minCvssScore?: number;
+    /** Filter by maximum CVSS score */
+    maxCvssScore?: number;
+    /** Filter by publication date (start) */
+    publishedAfter?: Date;
+    /** Filter by publication date (end) */
+    publishedBefore?: Date;
+    /** Filter by modification date (start) */
+    modifiedAfter?: Date;
+    /** Filter by modification date (end) */
+    modifiedBefore?: Date;
+    /** Results per page (max 2000 for NVD API) */
+    resultsPerPage?: number;
+    /** Start index for pagination */
+    startIndex?: number;
+}
+/**
+ * CVE database sync result
+ * @trace REQ-SEC-CVE-002
+ */
+export interface CVESyncResult {
+    /** Whether sync was performed */
+    synced: boolean;
+    /** Number of CVEs updated */
+    updated: number;
+    /** Number of new CVEs added */
+    added: number;
+    /** Sync strategy used */
+    strategy: 'full' | 'incremental' | 'on-demand';
+    /** Sync duration in milliseconds */
+    duration: number;
+    /** Sync timestamp */
+    timestamp: Date;
+    /** Error message if sync failed */
+    error?: string;
+}
+/**
+ * CVE database options
+ * @trace DES-SEC-CVE-001
+ */
+export interface CVEDatabaseOptions {
+    /** NVD API key (optional, increases rate limit) */
+    apiKey?: string;
+    /** Cache directory path */
+    cacheDir: string;
+    /** Cache TTL in hours (default: 24) */
+    cacheTTL: number;
+    /** Maximum cache size in MB (default: 500) */
+    maxCacheSize: number;
+    /** Enable automatic sync */
+    autoSync: boolean;
+    /** Sync interval in hours */
+    syncInterval: number;
+}
+/**
+ * npm package to CPE mapping
+ * @trace DES-SEC-CVE-003
+ */
+export interface NpmCPEMapping {
+    /** npm package name */
+    npmPackage: string;
+    /** CPE vendor */
+    cpeVendor: string;
+    /** CPE product */
+    cpeProduct: string;
+    /** Last update timestamp */
+    updatedAt: Date;
+}
+/**
+ * NVD API response format
+ * @internal
+ */
+export interface NVDAPIResponse {
+    resultsPerPage: number;
+    startIndex: number;
+    totalResults: number;
+    format: string;
+    version: string;
+    timestamp: string;
+    vulnerabilities: NVDVulnerability[];
+}
+/**
+ * NVD vulnerability entry
+ * @internal
+ */
+export interface NVDVulnerability {
+    cve: {
+        id: string;
+        sourceIdentifier: string;
+        published: string;
+        lastModified: string;
+        vulnStatus: string;
+        descriptions: Array<{
+            lang: string;
+            value: string;
+        }>;
+        metrics?: {
+            cvssMetricV31?: Array<{
+                source: string;
+                type: string;
+                cvssData: {
+                    version: string;
+                    vectorString: string;
+                    baseScore: number;
+                    baseSeverity: string;
+                    attackVector: string;
+                    attackComplexity: string;
+                    privilegesRequired: string;
+                    userInteraction: string;
+                    scope: string;
+                    confidentialityImpact: string;
+                    integrityImpact: string;
+                    availabilityImpact: string;
+                };
+            }>;
+        };
+        weaknesses?: Array<{
+            source: string;
+            type: string;
+            description: Array<{
+                lang: string;
+                value: string;
+            }>;
+        }>;
+        configurations?: Array<{
+            nodes: Array<{
+                operator: string;
+                negate: boolean;
+                cpeMatch: Array<{
+                    vulnerable: boolean;
+                    criteria: string;
+                    versionStartIncluding?: string;
+                    versionStartExcluding?: string;
+                    versionEndIncluding?: string;
+                    versionEndExcluding?: string;
+                }>;
+            }>;
+        }>;
+        references?: Array<{
+            url: string;
+            source: string;
+            tags?: string[];
+        }>;
+    };
+}
+//# sourceMappingURL=cve.d.ts.map

package/dist/types/cve.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cve.d.ts","sourceRoot":"","sources":["../../src/types/cve.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;;GAGG;AACH,MAAM,WAAW,SAAS;IACxB,mBAAmB;IACnB,OAAO,EAAE,KAAK,GAAG,KAAK,CAAC;IACvB,8BAA8B;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,mCAAmC;IACnC,QAAQ,EAAE,YAAY,CAAC;IACvB,gFAAgF;IAChF,YAAY,EAAE,MAAM,CAAC;IACrB,oBAAoB;IACpB,YAAY,EAAE,SAAS,GAAG,kBAAkB,GAAG,OAAO,GAAG,UAAU,CAAC;IACpE,wBAAwB;IACxB,gBAAgB,EAAE,KAAK,GAAG,MAAM,CAAC;IACjC,0BAA0B;IAC1B,kBAAkB,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IAC5C,uBAAuB;IACvB,eAAe,EAAE,MAAM,GAAG,UAAU,CAAC;IACrC,YAAY;IACZ,KAAK,EAAE,WAAW,GAAG,SAAS,CAAC;IAC/B,6BAA6B;IAC7B,qBAAqB,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IAC/C,uBAAuB;IACvB,eAAe,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;IACzC,0BAA0B;IAC1B,kBAAkB,EAAE,MAAM,GAAG,KAAK,GAAG,MAAM,CAAC;CAC7C;AAED;;GAEG;AACH,MAAM,MAAM,YAAY,GAAG,MAAM,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAE3E;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,oBAAoB;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,oEAAoE;IACpE,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB;IACrB,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,QAAQ;IACvB,yBAAyB;IACzB,GAAG,EAAE,MAAM,CAAC;IACZ,sBAAsB;IACtB,UAAU,EAAE,OAAO,CAAC;IACpB,gCAAgC;IAChC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,gCAAgC;IAChC,qBAAqB,CAAC,EAAE,MAAM,CAAC;IAC/B,8BAA8B;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,8BAA8B;IAC9B,mBAAmB,CAAC,EAAE,MAAM,CAAC;CAC9B;AAED;;;GAGG;AACH,MAAM,WAAW,GAAG;IAClB,8CAA8C;IAC9C,EAAE,EAAE,MAAM,CAAC;IACX,gCAAgC;IAChC,WAAW,EAAE,MAAM,CAAC;IACpB,uBAAuB;IACvB,SAAS,EAAE,IAAI,CAAC;IAChB,6BAA6B;IAC7B,YAAY,EAAE,IAAI,CAAC;IACnB,sBAAsB;IACtB,IAAI,CAAC,EAAE,SAAS,CAAC;IACjB,8BAA8B;IAC9B,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,sBAAsB;IACtB,UAAU,EAAE,YAAY,EAAE,CAAC;IAC3B,sCAAsC;IACtC,gBAAgB,EAAE,QAAQ,EAAE,CAAC;IAC7B,2BAA2B;IAC3B,MAAM,EAAE,SAAS,CAAC;CACnB;AAED;;GAEG;AACH,MAAM,MAAM,SAAS,GACjB,UAAU,GACV,mBAAmB,GACnB,qBAAqB,GACrB,UAAU,GACV,UAAU,GACV,UAAU,GACV,UAAU,CAAC;AAEf;;;GAGG;AACH,MAAM,WAAW,UAAU;IACzB,kBAAkB;IAClB,GAAG,EAAE,GAAG,CAAC;IACT,4BAA4B;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,wBAAwB;IACxB,gBAAgB,EAAE,MAAM,CAAC;IACzB,yCAAyC;IACzC,aAAa,EAAE,MAAM,CAAC;IACtB,mCAAmC;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,qBAAqB;IACrB,QAAQ,EAAE,YAAY,CAAC;IACvB,yBAAyB;IACzB,cAAc,EAAE,MAAM,CAAC;IACvB,sCAAsC;IACtC,cAAc,EAAE,QAAQ,GAAG,YAAY,CAAC;IACxC,uCAAuC;IACvC,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,wBAAwB;IACxB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oBAAoB;IACpB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,oBAAoB;IACpB,KAAK,CAAC,EAAE,MAAM,CAAC;IACf,mCAAmC;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,mCAAmC;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,yCAAyC;IACzC,cAAc,CAAC,EAAE,IAAI,CAAC;IACtB,uCAAuC;IACvC,eAAe,CAAC,EAAE,IAAI,CAAC;IACvB,0CAA0C;IAC1C,aAAa,CAAC,EAAE,IAAI,CAAC;IACrB,wCAAwC;IACxC,cAAc,CAAC,EAAE,IAAI,CAAC;IACtB,8CAA8C;IAC9C,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,iCAAiC;IACjC,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,iCAAiC;IACjC,MAAM,EAAE,OAAO,CAAC;IAChB,6BAA6B;IAC7B,OAAO,EAAE,MAAM,CAAC;IAChB,+BAA+B;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,yBAAyB;IACzB,QAAQ,EAAE,MAAM,GAAG,aAAa,GAAG,WAAW,CAAC;IAC/C,oCAAoC;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB;IACrB,SAAS,EAAE,IAAI,CAAC;IAChB,mCAAmC;IACnC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;;GAGG;AACH,MAAM,WAAW,kBAAkB;IACjC,mDAAmD;IACnD,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,2BAA2B;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,uCAAuC;IACvC,QAAQ,EAAE,MAAM,CAAC;IACjB,8CAA8C;IAC9C,YAAY,EAAE,MAAM,CAAC;IACrB,4BAA4B;IAC5B,QAAQ,EAAE,OAAO,CAAC;IAClB,6BAA6B;IAC7B,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;;GAGG;AACH,MAAM,WAAW,aAAa;IAC5B,uBAAuB;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAClB,kBAAkB;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,4BAA4B;IAC5B,SAAS,EAAE,IAAI,CAAC;CACjB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;IAClB,eAAe,EAAE,gBAAgB,EAAE,CAAC;CACrC;AAED;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,GAAG,EAAE;QACH,EAAE,EAAE,MAAM,CAAC;QACX,gBAAgB,EAAE,MAAM,CAAC;QACzB,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,CAAC;QACrB,UAAU,EAAE,MAAM,CAAC;QACnB,YAAY,EAAE,KAAK,CAAC;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QACrD,OAAO,CAAC,EAAE;YACR,aAAa,CAAC,EAAE,KAAK,CAAC;gBACpB,MAAM,EAAE,MAAM,CAAC;gBACf,IAAI,EAAE,MAAM,CAAC;gBACb,QAAQ,EAAE;oBACR,OAAO,EAAE,MAAM,CAAC;oBAChB,YAAY,EAAE,MAAM,CAAC;oBACrB,SAAS,EAAE,MAAM,CAAC;oBAClB,YAAY,EAAE,MAAM,CAAC;oBACrB,YAAY,EAAE,MAAM,CAAC;oBACrB,gBAAgB,EAAE,MAAM,CAAC;oBACzB,kBAAkB,EAAE,MAAM,CAAC;oBAC3B,eAAe,EAAE,MAAM,CAAC;oBACxB,KAAK,EAAE,MAAM,CAAC;oBACd,qBAAqB,EAAE,MAAM,CAAC;oBAC9B,eAAe,EAAE,MAAM,CAAC;oBACxB,kBAAkB,EAAE,MAAM,CAAC;iBAC5B,CAAC;aACH,CAAC,CAAC;SACJ,CAAC;QACF,UAAU,CAAC,EAAE,KAAK,CAAC;YACjB,MAAM,EAAE,MAAM,CAAC;YACf,IAAI,EAAE,MAAM,CAAC;YACb,WAAW,EAAE,KAAK,CAAC;gBAAE,IAAI,EAAE,MAAM,CAAC;gBAAC,KAAK,EAAE,MAAM,CAAA;aAAE,CAAC,CAAC;SACrD,CAAC,CAAC;QACH,cAAc,CAAC,EAAE,KAAK,CAAC;YACrB,KAAK,EAAE,KAAK,CAAC;gBACX,QAAQ,EAAE,MAAM,CAAC;gBACjB,MAAM,EAAE,OAAO,CAAC;gBAChB,QAAQ,EAAE,KAAK,CAAC;oBACd,UAAU,EAAE,OAAO,CAAC;oBACpB,QAAQ,EAAE,MAAM,CAAC;oBACjB,qBAAqB,CAAC,EAAE,MAAM,CAAC;oBAC/B,qBAAqB,CAAC,EAAE,MAAM,CAAC;oBAC/B,mBAAmB,CAAC,EAAE,MAAM,CAAC;oBAC7B,mBAAmB,CAAC,EAAE,MAAM,CAAC;iBAC9B,CAAC,CAAC;aACJ,CAAC,CAAC;SACJ,CAAC,CAAC;QACH,UAAU,CAAC,EAAE,KAAK,CAAC;YACjB,GAAG,EAAE,MAAM,CAAC;YACZ,MAAM,EAAE,MAAM,CAAC;YACf,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;SACjB,CAAC,CAAC;KACJ,CAAC;CACH"}

package/dist/types/cve.js

@@ -0,0 +1,7 @@
+/**
+ * @fileoverview CVE and NVD type definitions
+ * @module @nahisaho/musubix-security/types/cve
+ * @trace REQ-SEC-CVE-001, REQ-SEC-CVE-002, REQ-SEC-CVE-003, REQ-SEC-CVE-004
+ */
+export {};
+//# sourceMappingURL=cve.js.map

package/dist/types/cve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cve.js","sourceRoot":"","sources":["../../src/types/cve.ts"],"names":[],"mappings":"AAAA;;;;GAIG"}

package/dist/types/index.d.ts

@@ -17,4 +17,6 @@ export type { DeviationType, LLMRecommendation, LLMAnalysisResult, RiskFactor, R
 export type { DataFlowOperation, ParameterInfo, CallGraphNode, ArgumentMapping, CallGraphEdge, CallGraph, CycleInfo, DataFlowStep, DataFlowPath, InterproceduralOptions, InterproceduralResult, IInterproceduralAnalyzer, } from './interprocedural.js';
 export type { DetectionSource, AggregatedVulnerability, AnalysisResult, AggregatedResult, DeduplicationRule, PrioritizationCriteria, IResultAggregator, } from './result.js';
 export { DEFAULT_PRIORITIZATION, SEVERITY_SCORES, } from './result.js';
+export type { CVSSScore, CVSSSeverity, CVEStatus, CVEReference, CPEMatch, CVE, CVEFinding, CVESearchQuery, CVESyncResult, CVEDatabaseOptions, NpmCPEMapping, NVDVulnerability, NVDAPIResponse, } from './cve.js';
+export type { RuleCategory, OWASPTopTenCategory, ASTPattern, ASTPatternMatcher, ASTPatternAnyOf, ASTPatternAllOf, PatternConstraint, RuleFixTemplate, RuleFixImport, SecurityRuleDefinition, RuleMatch, RuleMatchContext, RuleFilter, RuleSetConfig, BuiltinRuleSet, RuleMatchOptions, RuleYAMLEntry, RuleYAMLFile, } from './rule.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,QAAQ,EACR,cAAc,EACd,aAAa,EACb,WAAW,EACX,UAAU,EACV,YAAY,GACb,MAAM,oBAAoB,CAAC;AAG5B,YAAY,EACV,mBAAmB,EACnB,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,aAAa,EACb,SAAS,EACT,WAAW,EACX,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAGhD,YAAY,EACV,WAAW,EACX,QAAQ,EACR,UAAU,EACV,GAAG,EACH,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,WAAW,EACX,QAAQ,EACR,WAAW,GACZ,MAAM,UAAU,CAAC;AAGlB,YAAY,EACV,UAAU,EACV,aAAa,EACb,MAAM,EACN,aAAa,EACb,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAGtD,YAAY,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,uBAAuB,EACvB,iBAAiB,EACjB,WAAW,EACX,YAAY,EACZ,SAAS,EACT,IAAI,EACJ,WAAW,EACX,kBAAkB,EAClB,aAAa,GACd,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,YAAY,EACZ,oBAAoB,EACpB,QAAQ,EACR,WAAW,EACX,QAAQ,EACR,cAAc,GACf,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,cAAc,EACd,qBAAqB,EACrB,UAAU,EACV,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAGrB,YAAY,EACV,OAAO,EACP,WAAW,EACX,YAAY,EACZ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,QAAQ,EACR,eAAe,EACf,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAGvB,YAAY,EACV,YAAY,EACZ,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,mBAAmB,EACnB,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAG7B,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,aAAa,EACb,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAGvB,YAAY,EACV,iBAAiB,EACjB,aAAa,EACb,aAAa,EACb,eAAe,EACf,aAAa,EACb,SAAS,EACT,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,sBAAsB,EACtB,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,sBAAsB,CAAC;AAG9B,YAAY,EACV,eAAe,EACf,uBAAuB,EACvB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,sBAAsB,EACtB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,sBAAsB,EACtB,eAAe,GAChB,MAAM,aAAa,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,QAAQ,EACR,cAAc,EACd,aAAa,EACb,WAAW,EACX,UAAU,EACV,YAAY,GACb,MAAM,oBAAoB,CAAC;AAG5B,YAAY,EACV,mBAAmB,EACnB,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,aAAa,EACb,SAAS,EACT,WAAW,EACX,oBAAoB,EACpB,mBAAmB,GACpB,MAAM,YAAY,CAAC;AAEpB,OAAO,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AAGhD,YAAY,EACV,WAAW,EACX,QAAQ,EACR,UAAU,EACV,GAAG,EACH,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,EAClB,WAAW,EACX,WAAW,EACX,QAAQ,EACR,WAAW,GACZ,MAAM,UAAU,CAAC;AAGlB,YAAY,EACV,UAAU,EACV,aAAa,EACb,MAAM,EACN,aAAa,EACb,iBAAiB,EACjB,gBAAgB,EAChB,kBAAkB,GACnB,MAAM,aAAa,CAAC;AAErB,OAAO,EAAE,uBAAuB,EAAE,MAAM,aAAa,CAAC;AAGtD,YAAY,EACV,cAAc,EACd,mBAAmB,EACnB,oBAAoB,EACpB,uBAAuB,EACvB,iBAAiB,EACjB,WAAW,EACX,YAAY,EACZ,SAAS,EACT,IAAI,EACJ,WAAW,EACX,kBAAkB,EAClB,aAAa,GACd,MAAM,iBAAiB,CAAC;AAGzB,YAAY,EACV,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,YAAY,EACZ,oBAAoB,EACpB,QAAQ,EACR,WAAW,EACX,QAAQ,EACR,cAAc,GACf,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,cAAc,EACd,qBAAqB,EACrB,UAAU,EACV,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAGrB,YAAY,EACV,OAAO,EACP,WAAW,EACX,YAAY,EACZ,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,WAAW,EACX,cAAc,EACd,gBAAgB,EAChB,QAAQ,EACR,eAAe,EACf,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAGvB,YAAY,EACV,YAAY,EACZ,QAAQ,EACR,YAAY,EACZ,cAAc,EACd,mBAAmB,EACnB,aAAa,EACb,mBAAmB,EACnB,kBAAkB,EAClB,kBAAkB,EAClB,YAAY,EACZ,eAAe,GAChB,MAAM,qBAAqB,CAAC;AAG7B,YAAY,EACV,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,UAAU,EACV,cAAc,EACd,gBAAgB,EAChB,uBAAuB,EACvB,aAAa,EACb,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAGvB,YAAY,EACV,iBAAiB,EACjB,aAAa,EACb,aAAa,EACb,eAAe,EACf,aAAa,EACb,SAAS,EACT,SAAS,EACT,YAAY,EACZ,YAAY,EACZ,sBAAsB,EACtB,qBAAqB,EACrB,wBAAwB,GACzB,MAAM,sBAAsB,CAAC;AAG9B,YAAY,EACV,eAAe,EACf,uBAAuB,EACvB,cAAc,EACd,gBAAgB,EAChB,iBAAiB,EACjB,sBAAsB,EACtB,iBAAiB,GAClB,MAAM,aAAa,CAAC;AAErB,OAAO,EACL,sBAAsB,EACtB,eAAe,GAChB,MAAM,aAAa,CAAC;AAGrB,YAAY,EACV,SAAS,EACT,YAAY,EACZ,SAAS,EACT,YAAY,EACZ,QAAQ,EACR,GAAG,EACH,UAAU,EACV,cAAc,EACd,aAAa,EACb,kBAAkB,EAClB,aAAa,EACb,gBAAgB,EAChB,cAAc,GACf,MAAM,UAAU,CAAC;AAGlB,YAAY,EACV,YAAY,EACZ,mBAAmB,EACnB,UAAU,EACV,iBAAiB,EACjB,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,eAAe,EACf,aAAa,EACb,sBAAsB,EACtB,SAAS,EACT,gBAAgB,EAChB,UAAU,EACV,aAAa,EACb,cAAc,EACd,gBAAgB,EAChB,aAAa,EACb,YAAY,GACb,MAAM,WAAW,CAAC"}