@oculum/cli 1.0.0

package/dist/commands/scan.js

@@ -0,0 +1,323 @@
+"use strict";
+/**
+ * Scan Command
+ * Main scanning functionality for the CLI
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.scanCommand = void 0;
+exports.runScan = runScan;
+const commander_1 = require("commander");
+const path_1 = require("path");
+const fs_1 = require("fs");
+const glob_1 = require("glob");
+const chalk_1 = __importDefault(require("chalk"));
+const ora_1 = __importDefault(require("ora"));
+const scanner_1 = require("@oculum/scanner");
+const formatters_1 = require("@oculum/scanner/formatters");
+const config_js_1 = require("../utils/config.js");
+const api_js_1 = require("../utils/api.js");
+/**
+ * Check if file should be scanned
+ */
+function isScannableFile(filePath) {
+    const ext = (0, path_1.extname)(filePath).toLowerCase();
+    const fileName = (0, path_1.basename)(filePath);
+    // Check special files first
+    if (scanner_1.SPECIAL_FILES.includes(fileName)) {
+        return true;
+    }
+    // Check extensions
+    return scanner_1.SCANNABLE_EXTENSIONS.includes(ext);
+}
+/**
+ * Map file extension to language
+ */
+function getLanguage(filePath) {
+    const ext = (0, path_1.extname)(filePath).toLowerCase();
+    const langMap = {
+        '.js': 'javascript',
+        '.jsx': 'javascript',
+        '.mjs': 'javascript',
+        '.cjs': 'javascript',
+        '.ts': 'typescript',
+        '.tsx': 'typescript',
+        '.py': 'python',
+        '.go': 'go',
+        '.java': 'java',
+        '.rb': 'ruby',
+        '.php': 'php',
+        '.cs': 'csharp',
+        '.yaml': 'yaml',
+        '.yml': 'yaml',
+        '.json': 'json',
+        '.toml': 'toml',
+        '.env': 'dotenv',
+        '.sh': 'shell',
+        '.bash': 'shell',
+    };
+    return langMap[ext] || 'text';
+}
+/**
+ * Collect files to scan from a directory
+ */
+async function collectFiles(targetPath) {
+    const absolutePath = (0, path_1.resolve)(targetPath);
+    const stats = (0, fs_1.statSync)(absolutePath);
+    const files = [];
+    if (stats.isFile()) {
+        // Single file scan
+        if (isScannableFile(absolutePath)) {
+            const content = (0, fs_1.readFileSync)(absolutePath, 'utf-8');
+            if (content.length <= scanner_1.MAX_FILE_SIZE) {
+                files.push({
+                    path: (0, path_1.relative)(process.cwd(), absolutePath),
+                    content,
+                    language: getLanguage(absolutePath),
+                    size: content.length,
+                });
+            }
+        }
+    }
+    else if (stats.isDirectory()) {
+        // Directory scan - use glob to find all files
+        const patterns = [
+            '**/*.js',
+            '**/*.jsx',
+            '**/*.ts',
+            '**/*.tsx',
+            '**/*.py',
+            '**/*.go',
+            '**/*.java',
+            '**/*.rb',
+            '**/*.php',
+            '**/*.cs',
+            '**/*.yaml',
+            '**/*.yml',
+            '**/*.json',
+            '**/*.toml',
+            '**/*.env*',
+            '**/Dockerfile*',
+            '**/docker-compose*.yml',
+            '**/package.json',
+            '**/.env*',
+        ];
+        const ignorePatterns = [
+            '**/node_modules/**',
+            '**/dist/**',
+            '**/build/**',
+            '**/.git/**',
+            '**/vendor/**',
+            '**/__pycache__/**',
+            '**/venv/**',
+            '**/.venv/**',
+            '**/coverage/**',
+            '**/.next/**',
+            '**/.nuxt/**',
+        ];
+        const foundFiles = await (0, glob_1.glob)(patterns, {
+            cwd: absolutePath,
+            ignore: ignorePatterns,
+            nodir: true,
+            absolute: true,
+        });
+        for (const filePath of foundFiles) {
+            try {
+                const fileStats = (0, fs_1.statSync)(filePath);
+                if (fileStats.size > scanner_1.MAX_FILE_SIZE)
+                    continue;
+                const content = (0, fs_1.readFileSync)(filePath, 'utf-8');
+                files.push({
+                    path: (0, path_1.relative)(process.cwd(), filePath),
+                    content,
+                    language: getLanguage(filePath),
+                    size: content.length,
+                });
+            }
+            catch {
+                // Skip files that can't be read
+            }
+        }
+    }
+    return files;
+}
+/**
+ * Format result based on output format
+ */
+function formatOutput(result, format, noColor) {
+    switch (format) {
+        case 'json':
+            return (0, formatters_1.formatJSON)(result, true);
+        case 'sarif':
+            return JSON.stringify((0, formatters_1.formatSARIF)(result), null, 2);
+        case 'markdown':
+            return formatMarkdown(result);
+        case 'terminal':
+        default:
+            return (0, formatters_1.formatTerminalOutput)(result, { noColor });
+    }
+}
+/**
+ * Format as markdown (for docs/reports)
+ */
+function formatMarkdown(result) {
+    const { vulnerabilities, severityCounts, filesScanned, scanDuration } = result;
+    let md = `# Oculum Security Scan Report\n\n`;
+    md += `**Scanned:** ${filesScanned} files in ${(scanDuration / 1000).toFixed(1)}s\n\n`;
+    // Summary table
+    md += `## Summary\n\n`;
+    md += `| Severity | Count |\n`;
+    md += `|----------|-------|\n`;
+    md += `| Critical | ${severityCounts.critical} |\n`;
+    md += `| High | ${severityCounts.high} |\n`;
+    md += `| Medium | ${severityCounts.medium} |\n`;
+    md += `| Low | ${severityCounts.low} |\n`;
+    md += `| Info | ${severityCounts.info} |\n\n`;
+    if (vulnerabilities.length === 0) {
+        md += `## Findings\n\n`;
+        md += `No security issues found.\n`;
+        return md;
+    }
+    // Findings by severity
+    md += `## Findings\n\n`;
+    for (const severity of ['critical', 'high', 'medium', 'low', 'info']) {
+        const findings = vulnerabilities.filter(v => v.severity === severity);
+        if (findings.length === 0)
+            continue;
+        md += `### ${severity.charAt(0).toUpperCase() + severity.slice(1)} (${findings.length})\n\n`;
+        for (const finding of findings) {
+            md += `#### ${finding.title}\n\n`;
+            md += `- **File:** \`${finding.filePath}:${finding.lineNumber}\`\n`;
+            md += `- **Category:** ${finding.category}\n`;
+            md += `- **Description:** ${finding.description}\n`;
+            if (finding.suggestedFix) {
+                md += `- **Fix:** ${finding.suggestedFix}\n`;
+            }
+            md += `\n`;
+        }
+    }
+    return md;
+}
+/**
+ * Get severity rank for comparison
+ */
+function severityRank(severity) {
+    const ranks = {
+        critical: 5,
+        high: 4,
+        medium: 3,
+        low: 2,
+        info: 1,
+        none: 0,
+    };
+    return ranks[severity] || 0;
+}
+/**
+ * Main scan function
+ */
+async function runScan(targetPath, options) {
+    const spinner = (0, ora_1.default)();
+    const config = (0, config_js_1.getConfig)();
+    const noColor = options.color === false;
+    // Validate depth against auth
+    if ((options.depth === 'validated' || options.depth === 'deep') && !(0, config_js_1.isAuthenticated)()) {
+        console.log(chalk_1.default.yellow('\nNote: validated and deep scans require authentication.'));
+        console.log(chalk_1.default.dim('Run `oculum login` to authenticate, or use `--depth cheap` for free local scans.\n'));
+        console.log(chalk_1.default.dim('Falling back to cheap scan...\n'));
+        options.depth = 'cheap';
+    }
+    // Collect files
+    spinner.start('Collecting files to scan...');
+    let files;
+    try {
+        files = await collectFiles(targetPath);
+    }
+    catch (err) {
+        spinner.fail(`Failed to collect files: ${err}`);
+        process.exit(1);
+    }
+    if (files.length === 0) {
+        spinner.fail('No scannable files found');
+        process.exit(1);
+    }
+    spinner.succeed(`Found ${files.length} files to scan`);
+    // Progress callback
+    const onProgress = (progress) => {
+        switch (progress.status) {
+            case 'layer1':
+                spinner.text = `Layer 1: Pattern matching... (${progress.vulnerabilitiesFound} findings)`;
+                break;
+            case 'layer2':
+                spinner.text = `Layer 2: Structural analysis... (${progress.vulnerabilitiesFound} findings)`;
+                break;
+            case 'validating':
+                spinner.text = `AI validation... (${progress.vulnerabilitiesFound} candidates)`;
+                break;
+            case 'layer3':
+                spinner.text = `Layer 3: AI semantic analysis...`;
+                break;
+            case 'complete':
+                spinner.succeed(`Scan complete: ${progress.vulnerabilitiesFound} issues found`);
+                break;
+            case 'failed':
+                spinner.fail(progress.message);
+                break;
+        }
+    };
+    // Run scan
+    let result;
+    try {
+        spinner.start('Starting scan...');
+        // For validated/deep scans, call the backend API
+        if (options.depth !== 'cheap' && (0, config_js_1.isAuthenticated)()) {
+            result = await (0, api_js_1.callBackendAPI)(files, options.depth, config.apiKey);
+        }
+        else {
+            // Local scan for cheap depth
+            result = await (0, scanner_1.runScan)(files, {
+                name: (0, path_1.basename)((0, path_1.resolve)(targetPath)),
+                url: '',
+                branch: 'local',
+            }, {
+                enableAI: false, // Cheap mode = no AI
+                scanDepth: 'cheap',
+            }, onProgress);
+        }
+    }
+    catch (err) {
+        spinner.fail(`Scan failed: ${err}`);
+        process.exit(1);
+    }
+    // Output results
+    const output = formatOutput(result, options.format, noColor);
+    console.log(output);
+    // Write to file if specified
+    if (options.output) {
+        const { writeFileSync } = await import('fs');
+        writeFileSync(options.output, output);
+        console.log(chalk_1.default.dim(`\nResults written to ${options.output}`));
+    }
+    // Exit code based on findings
+    const failThreshold = severityRank(options.failOn);
+    const highestSeverity = result.vulnerabilities.reduce((max, v) => Math.max(max, severityRank(v.severity)), 0);
+    if (highestSeverity >= failThreshold) {
+        process.exit(1);
+    }
+}
+/**
+ * Scan command definition
+ */
+exports.scanCommand = new commander_1.Command('scan')
+    .description('Scan a directory or file for security vulnerabilities')
+    .argument('[path]', 'path to scan', '.')
+    .option('-d, --depth <depth>', 'scan depth: cheap (free), validated, deep', 'cheap')
+    .option('-f, --format <format>', 'output format: terminal, json, sarif, markdown', 'terminal')
+    .option('--fail-on <severity>', 'exit with error code if findings at severity', 'high')
+    .option('--no-color', 'disable colored output')
+    .option('-o, --output <file>', 'write output to file')
+    .option('--incremental', 'only scan changed files (requires git)')
+    .option('--diff <ref>', 'diff against branch/commit for incremental scan')
+    .action(runScan);
+//# sourceMappingURL=scan.js.map

package/dist/commands/scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scan.js","sourceRoot":"","sources":["../../src/commands/scan.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;AA4PH,0BA0GC;AApWD,yCAAmC;AACnC,+BAA2D;AAC3D,2BAAuD;AACvD,+BAA2B;AAC3B,kDAAyB;AACzB,8CAAqB;AACrB,6CASwB;AACxB,2DAImC;AACnC,kDAA+D;AAC/D,4CAAgD;AAYhD;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB;IACvC,MAAM,GAAG,GAAG,IAAA,cAAO,EAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAA;IAC3C,MAAM,QAAQ,GAAG,IAAA,eAAQ,EAAC,QAAQ,CAAC,CAAA;IAEnC,4BAA4B;IAC5B,IAAI,uBAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,mBAAmB;IACnB,OAAO,8BAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC3C,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB;IACnC,MAAM,GAAG,GAAG,IAAA,cAAO,EAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAA;IAC3C,MAAM,OAAO,GAA2B;QACtC,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE,IAAI;QACX,OAAO,EAAE,MAAM;QACf,KAAK,EAAE,MAAM;QACb,MAAM,EAAE,KAAK;QACb,KAAK,EAAE,QAAQ;QACf,OAAO,EAAE,MAAM;QACf,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,MAAM;QACf,OAAO,EAAE,MAAM;QACf,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE,OAAO;QACd,OAAO,EAAE,OAAO;KACjB,CAAA;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,MAAM,CAAA;AAC/B,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,YAAY,CAAC,UAAkB;IAC5C,MAAM,YAAY,GAAG,IAAA,cAAO,EAAC,UAAU,CAAC,CAAA;IACxC,MAAM,KAAK,GAAG,IAAA,aAAQ,EAAC,YAAY,CAAC,CAAA;IACpC,MAAM,KAAK,GAAe,EAAE,CAAA;IAE5B,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;QACnB,mBAAmB;QACnB,IAAI,eAAe,CAAC,YAAY,CAAC,EAAE,CAAC;YAClC,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,YAAY,EAAE,OAAO,CAAC,CAAA;YACnD,IAAI,OAAO,CAAC,MAAM,IAAI,uBAAa,EAAE,CAAC;gBACpC,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAE,IAAA,eAAQ,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,YAAY,CAAC;oBAC3C,OAAO;oBACP,QAAQ,EAAE,WAAW,CAAC,YAAY,CAAC;oBACnC,IAAI,EAAE,OAAO,CAAC,MAAM;iBACrB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;SAAM,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/B,8CAA8C;QAC9C,MAAM,QAAQ,GAAG;YACf,SAAS;YACT,UAAU;YACV,SAAS;YACT,UAAU;YACV,SAAS;YACT,SAAS;YACT,WAAW;YACX,SAAS;YACT,UAAU;YACV,SAAS;YACT,WAAW;YACX,UAAU;YACV,WAAW;YACX,WAAW;YACX,WAAW;YACX,gBAAgB;YAChB,wBAAwB;YACxB,iBAAiB;YACjB,UAAU;SACX,CAAA;QAED,MAAM,cAAc,GAAG;YACrB,oBAAoB;YACpB,YAAY;YACZ,aAAa;YACb,YAAY;YACZ,cAAc;YACd,mBAAmB;YACnB,YAAY;YACZ,aAAa;YACb,gBAAgB;YAChB,aAAa;YACb,aAAa;SACd,CAAA;QAED,MAAM,UAAU,GAAG,MAAM,IAAA,WAAI,EAAC,QAAQ,EAAE;YACtC,GAAG,EAAE,YAAY;YACjB,MAAM,EAAE,cAAc;YACtB,KAAK,EAAE,IAAI;YACX,QAAQ,EAAE,IAAI;SACf,CAAC,CAAA;QAEF,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,IAAA,aAAQ,EAAC,QAAQ,CAAC,CAAA;gBACpC,IAAI,SAAS,CAAC,IAAI,GAAG,uBAAa;oBAAE,SAAQ;gBAE5C,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;gBAC/C,KAAK,CAAC,IAAI,CAAC;oBACT,IAAI,EAAE,IAAA,eAAQ,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC;oBACvC,OAAO;oBACP,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC;oBAC/B,IAAI,EAAE,OAAO,CAAC,MAAM;iBACrB,CAAC,CAAA;YACJ,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,MAAkB,EAAE,MAAc,EAAE,OAAgB;IACxE,QAAQ,MAAM,EAAE,CAAC;QACf,KAAK,MAAM;YACT,OAAO,IAAA,uBAAU,EAAC,MAAM,EAAE,IAAI,CAAC,CAAA;QACjC,KAAK,OAAO;YACV,OAAO,IAAI,CAAC,SAAS,CAAC,IAAA,wBAAW,EAAC,MAAM,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;QACrD,KAAK,UAAU;YACb,OAAO,cAAc,CAAC,MAAM,CAAC,CAAA;QAC/B,KAAK,UAAU,CAAC;QAChB;YACE,OAAO,IAAA,iCAAoB,EAAC,MAAM,EAAE,EAAE,OAAO,EAAE,CAAC,CAAA;IACpD,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,MAAkB;IACxC,MAAM,EAAE,eAAe,EAAE,cAAc,EAAE,YAAY,EAAE,YAAY,EAAE,GAAG,MAAM,CAAA;IAE9E,IAAI,EAAE,GAAG,mCAAmC,CAAA;IAC5C,EAAE,IAAI,gBAAgB,YAAY,aAAa,CAAC,YAAY,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAA;IAEtF,gBAAgB;IAChB,EAAE,IAAI,gBAAgB,CAAA;IACtB,EAAE,IAAI,wBAAwB,CAAA;IAC9B,EAAE,IAAI,wBAAwB,CAAA;IAC9B,EAAE,IAAI,gBAAgB,cAAc,CAAC,QAAQ,MAAM,CAAA;IACnD,EAAE,IAAI,YAAY,cAAc,CAAC,IAAI,MAAM,CAAA;IAC3C,EAAE,IAAI,cAAc,cAAc,CAAC,MAAM,MAAM,CAAA;IAC/C,EAAE,IAAI,WAAW,cAAc,CAAC,GAAG,MAAM,CAAA;IACzC,EAAE,IAAI,YAAY,cAAc,CAAC,IAAI,QAAQ,CAAA;IAE7C,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,EAAE,IAAI,iBAAiB,CAAA;QACvB,EAAE,IAAI,6BAA6B,CAAA;QACnC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,uBAAuB;IACvB,EAAE,IAAI,iBAAiB,CAAA;IAEvB,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAU,EAAE,CAAC;QAC9E,MAAM,QAAQ,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAA;QACrE,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,SAAQ;QAEnC,EAAE,IAAI,OAAO,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,QAAQ,CAAC,MAAM,OAAO,CAAA;QAE5F,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,EAAE,IAAI,QAAQ,OAAO,CAAC,KAAK,MAAM,CAAA;YACjC,EAAE,IAAI,iBAAiB,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,MAAM,CAAA;YACnE,EAAE,IAAI,mBAAmB,OAAO,CAAC,QAAQ,IAAI,CAAA;YAC7C,EAAE,IAAI,sBAAsB,OAAO,CAAC,WAAW,IAAI,CAAA;YACnD,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;gBACzB,EAAE,IAAI,cAAc,OAAO,CAAC,YAAY,IAAI,CAAA;YAC9C,CAAC;YACD,EAAE,IAAI,IAAI,CAAA;QACZ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,QAAgB;IACpC,MAAM,KAAK,GAA2B;QACpC,QAAQ,EAAE,CAAC;QACX,IAAI,EAAE,CAAC;QACP,MAAM,EAAE,CAAC;QACT,GAAG,EAAE,CAAC;QACN,IAAI,EAAE,CAAC;QACP,IAAI,EAAE,CAAC;KACR,CAAA;IACD,OAAO,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAA;AAC7B,CAAC;AAED;;GAEG;AACI,KAAK,UAAU,OAAO,CAAC,UAAkB,EAAE,OAAoB;IACpE,MAAM,OAAO,GAAG,IAAA,aAAG,GAAE,CAAA;IACrB,MAAM,MAAM,GAAG,IAAA,qBAAS,GAAE,CAAA;IAC1B,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,KAAK,KAAK,CAAA;IAEvC,8BAA8B;IAC9B,IAAI,CAAC,OAAO,CAAC,KAAK,KAAK,WAAW,IAAI,OAAO,CAAC,KAAK,KAAK,MAAM,CAAC,IAAI,CAAC,IAAA,2BAAe,GAAE,EAAE,CAAC;QACtF,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,MAAM,CAAC,0DAA0D,CAAC,CAAC,CAAA;QACrF,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,oFAAoF,CAAC,CAAC,CAAA;QAC5G,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,iCAAiC,CAAC,CAAC,CAAA;QACzD,OAAO,CAAC,KAAK,GAAG,OAAO,CAAA;IACzB,CAAC;IAED,gBAAgB;IAChB,OAAO,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAA;IAC5C,IAAI,KAAiB,CAAA;IAErB,IAAI,CAAC;QACH,KAAK,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,CAAA;IACxC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,4BAA4B,GAAG,EAAE,CAAC,CAAA;QAC/C,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAA;QACxC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;IAED,OAAO,CAAC,OAAO,CAAC,SAAS,KAAK,CAAC,MAAM,gBAAgB,CAAC,CAAA;IAEtD,oBAAoB;IACpB,MAAM,UAAU,GAAG,CAAC,QAAsB,EAAE,EAAE;QAC5C,QAAQ,QAAQ,CAAC,MAAM,EAAE,CAAC;YACxB,KAAK,QAAQ;gBACX,OAAO,CAAC,IAAI,GAAG,iCAAiC,QAAQ,CAAC,oBAAoB,YAAY,CAAA;gBACzF,MAAK;YACP,KAAK,QAAQ;gBACX,OAAO,CAAC,IAAI,GAAG,oCAAoC,QAAQ,CAAC,oBAAoB,YAAY,CAAA;gBAC5F,MAAK;YACP,KAAK,YAAY;gBACf,OAAO,CAAC,IAAI,GAAG,qBAAqB,QAAQ,CAAC,oBAAoB,cAAc,CAAA;gBAC/E,MAAK;YACP,KAAK,QAAQ;gBACX,OAAO,CAAC,IAAI,GAAG,kCAAkC,CAAA;gBACjD,MAAK;YACP,KAAK,UAAU;gBACb,OAAO,CAAC,OAAO,CAAC,kBAAkB,QAAQ,CAAC,oBAAoB,eAAe,CAAC,CAAA;gBAC/E,MAAK;YACP,KAAK,QAAQ;gBACX,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAA;gBAC9B,MAAK;QACT,CAAC;IACH,CAAC,CAAA;IAED,WAAW;IACX,IAAI,MAAkB,CAAA;IAEtB,IAAI,CAAC;QACH,OAAO,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAA;QAEjC,iDAAiD;QACjD,IAAI,OAAO,CAAC,KAAK,KAAK,OAAO,IAAI,IAAA,2BAAe,GAAE,EAAE,CAAC;YACnD,MAAM,GAAG,MAAM,IAAA,uBAAc,EAAC,KAAK,EAAE,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,MAAO,CAAC,CAAA;QACrE,CAAC;aAAM,CAAC;YACN,6BAA6B;YAC7B,MAAM,GAAG,MAAM,IAAA,iBAAU,EACvB,KAAK,EACL;gBACE,IAAI,EAAE,IAAA,eAAQ,EAAC,IAAA,cAAO,EAAC,UAAU,CAAC,CAAC;gBACnC,GAAG,EAAE,EAAE;gBACP,MAAM,EAAE,OAAO;aAChB,EACD;gBACE,QAAQ,EAAE,KAAK,EAAE,qBAAqB;gBACtC,SAAS,EAAE,OAAO;aACnB,EACD,UAAU,CACX,CAAA;QACH,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,gBAAgB,GAAG,EAAE,CAAC,CAAA;QACnC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;IAED,iBAAiB;IACjB,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAC5D,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAA;IAEnB,6BAA6B;IAC7B,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAA;QAC5C,aAAa,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;QACrC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,wBAAwB,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC,CAAA;IAClE,CAAC;IAED,8BAA8B;IAC9B,MAAM,aAAa,GAAG,YAAY,CAAC,OAAO,CAAC,MAAM,CAAC,CAAA;IAClD,MAAM,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,CACnD,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EACnD,CAAC,CACF,CAAA;IAED,IAAI,eAAe,IAAI,aAAa,EAAE,CAAC;QACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;AACH,CAAC;AAED;;GAEG;AACU,QAAA,WAAW,GAAG,IAAI,mBAAO,CAAC,MAAM,CAAC;KAC3C,WAAW,CAAC,uDAAuD,CAAC;KACpE,QAAQ,CAAC,QAAQ,EAAE,cAAc,EAAE,GAAG,CAAC;KACvC,MAAM,CAAC,qBAAqB,EAAE,2CAA2C,EAAE,OAAO,CAAC;KACnF,MAAM,CAAC,uBAAuB,EAAE,gDAAgD,EAAE,UAAU,CAAC;KAC7F,MAAM,CAAC,sBAAsB,EAAE,8CAA8C,EAAE,MAAM,CAAC;KACtF,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC;KAC9C,MAAM,CAAC,qBAAqB,EAAE,sBAAsB,CAAC;KACrD,MAAM,CAAC,eAAe,EAAE,wCAAwC,CAAC;KACjE,MAAM,CAAC,cAAc,EAAE,iDAAiD,CAAC;KACzE,MAAM,CAAC,OAAO,CAAC,CAAA"}

package/dist/commands/watch.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Watch Command
+ * File watcher for continuous scanning during development
+ */
+import { Command } from 'commander';
+/**
+ * Watch command definition
+ */
+export declare const watchCommand: Command;
+//# sourceMappingURL=watch.d.ts.map

package/dist/commands/watch.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"watch.d.ts","sourceRoot":"","sources":["../../src/commands/watch.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAA;AAmPnC;;GAEG;AACH,eAAO,MAAM,YAAY,SAYrB,CAAA"}

package/dist/commands/watch.js

@@ -0,0 +1,231 @@
+"use strict";
+/**
+ * Watch Command
+ * File watcher for continuous scanning during development
+ */
+var __importDefault = (this && this.__importDefault) || function (mod) {
+    return (mod && mod.__esModule) ? mod : { "default": mod };
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.watchCommand = void 0;
+const commander_1 = require("commander");
+const path_1 = require("path");
+const fs_1 = require("fs");
+const chalk_1 = __importDefault(require("chalk"));
+const chokidar_1 = __importDefault(require("chokidar"));
+const scanner_1 = require("@oculum/scanner");
+const formatters_1 = require("@oculum/scanner/formatters");
+const config_js_1 = require("../utils/config.js");
+/**
+ * Check if file should be scanned
+ */
+function isScannableFile(filePath) {
+    const ext = (0, path_1.extname)(filePath).toLowerCase();
+    const fileName = (0, path_1.basename)(filePath);
+    if (scanner_1.SPECIAL_FILES.includes(fileName))
+        return true;
+    return scanner_1.SCANNABLE_EXTENSIONS.includes(ext);
+}
+/**
+ * Map file extension to language
+ */
+function getLanguage(filePath) {
+    const ext = (0, path_1.extname)(filePath).toLowerCase();
+    const langMap = {
+        '.js': 'javascript',
+        '.jsx': 'javascript',
+        '.ts': 'typescript',
+        '.tsx': 'typescript',
+        '.py': 'python',
+        '.go': 'go',
+        '.java': 'java',
+        '.rb': 'ruby',
+        '.php': 'php',
+        '.yaml': 'yaml',
+        '.yml': 'yaml',
+        '.json': 'json',
+    };
+    return langMap[ext] || 'text';
+}
+/**
+ * Read file as ScanFile
+ */
+function readScanFile(filePath) {
+    try {
+        const stats = (0, fs_1.statSync)(filePath);
+        if (stats.size > scanner_1.MAX_FILE_SIZE)
+            return null;
+        const content = (0, fs_1.readFileSync)(filePath, 'utf-8');
+        return {
+            path: (0, path_1.relative)(process.cwd(), filePath),
+            content,
+            language: getLanguage(filePath),
+            size: content.length,
+        };
+    }
+    catch {
+        return null;
+    }
+}
+/**
+ * Debounce function
+ */
+function debounce(fn, delay) {
+    let timeoutId = null;
+    return (...args) => {
+        if (timeoutId)
+            clearTimeout(timeoutId);
+        timeoutId = setTimeout(() => fn(...args), delay);
+    };
+}
+/**
+ * Watch command
+ */
+async function watch(targetPath, options) {
+    const absolutePath = (0, path_1.resolve)(targetPath);
+    const config = (0, config_js_1.getConfig)();
+    // Validate depth against auth
+    if ((options.depth === 'validated' || options.depth === 'deep') && !(0, config_js_1.isAuthenticated)()) {
+        console.log(chalk_1.default.yellow('\nNote: validated and deep scans require authentication.'));
+        console.log(chalk_1.default.dim('Run `oculum login` to authenticate.\n'));
+        options.depth = 'cheap';
+    }
+    console.log(chalk_1.default.bold('\nOculum Watch Mode'));
+    console.log(chalk_1.default.dim('─'.repeat(40)));
+    console.log(chalk_1.default.dim(`Watching: ${absolutePath}`));
+    console.log(chalk_1.default.dim(`Depth: ${options.depth}`));
+    console.log(chalk_1.default.dim(`Debounce: ${options.debounce}ms`));
+    console.log(chalk_1.default.dim('\nPress Ctrl+C to stop\n'));
+    // Track changed files for incremental scanning
+    const changedFiles = new Set();
+    let isScanning = false;
+    // Scan function (debounced)
+    const runScanOnChanges = debounce(async () => {
+        if (isScanning || changedFiles.size === 0)
+            return;
+        isScanning = true;
+        const filesToScan = Array.from(changedFiles);
+        changedFiles.clear();
+        // Clear console if requested
+        if (options.clearOnScan) {
+            console.clear();
+        }
+        console.log(chalk_1.default.cyan(`\n[${new Date().toLocaleTimeString()}] Scanning ${filesToScan.length} changed file(s)...`));
+        // Read files
+        const scanFiles = [];
+        for (const filePath of filesToScan) {
+            const file = readScanFile(filePath);
+            if (file)
+                scanFiles.push(file);
+        }
+        if (scanFiles.length === 0) {
+            console.log(chalk_1.default.dim('No scannable files found.'));
+            isScanning = false;
+            return;
+        }
+        try {
+            const result = await (0, scanner_1.runScan)(scanFiles, {
+                name: (0, path_1.basename)(absolutePath),
+                url: '',
+                branch: 'watch',
+            }, {
+                enableAI: options.depth !== 'cheap' && (0, config_js_1.isAuthenticated)(),
+                scanDepth: options.depth,
+                scanMode: 'incremental',
+            });
+            // Output results
+            if (result.vulnerabilities.length === 0) {
+                console.log(chalk_1.default.green('No issues found.'));
+            }
+            else {
+                console.log((0, formatters_1.formatTerminalOutput)(result, {
+                    maxFindingsPerGroup: 5,
+                }));
+            }
+        }
+        catch (err) {
+            console.error(chalk_1.default.red(`Scan error: ${err}`));
+        }
+        isScanning = false;
+    }, options.debounce);
+    // Set up watcher
+    const watcher = chokidar_1.default.watch(absolutePath, {
+        ignored: [
+            '**/node_modules/**',
+            '**/dist/**',
+            '**/build/**',
+            '**/.git/**',
+            '**/vendor/**',
+            '**/__pycache__/**',
+            '**/venv/**',
+            '**/.venv/**',
+            '**/coverage/**',
+            '**/.next/**',
+            '**/.nuxt/**',
+        ],
+        persistent: true,
+        ignoreInitial: true,
+    });
+    watcher.on('change', (filePath) => {
+        if (!isScannableFile(filePath))
+            return;
+        changedFiles.add((0, path_1.resolve)(filePath));
+        console.log(chalk_1.default.dim(`Changed: ${(0, path_1.relative)(process.cwd(), filePath)}`));
+        runScanOnChanges();
+    });
+    watcher.on('add', (filePath) => {
+        if (!isScannableFile(filePath))
+            return;
+        changedFiles.add((0, path_1.resolve)(filePath));
+        console.log(chalk_1.default.dim(`Added: ${(0, path_1.relative)(process.cwd(), filePath)}`));
+        runScanOnChanges();
+    });
+    watcher.on('error', (error) => {
+        console.error(chalk_1.default.red(`Watcher error: ${error}`));
+    });
+    // Handle shutdown
+    process.on('SIGINT', () => {
+        console.log(chalk_1.default.dim('\n\nStopping watch mode...'));
+        watcher.close();
+        process.exit(0);
+    });
+    // Initial scan
+    console.log(chalk_1.default.dim('Performing initial scan...'));
+    const { glob } = await import('glob');
+    const patterns = [
+        '**/*.js', '**/*.jsx', '**/*.ts', '**/*.tsx',
+        '**/*.py', '**/*.go', '**/*.java', '**/*.rb',
+        '**/*.php', '**/*.cs', '**/package.json',
+    ];
+    const ignorePatterns = [
+        '**/node_modules/**', '**/dist/**', '**/build/**',
+        '**/.git/**', '**/vendor/**', '**/__pycache__/**',
+    ];
+    const allFiles = await glob(patterns, {
+        cwd: absolutePath,
+        ignore: ignorePatterns,
+        nodir: true,
+        absolute: true,
+    });
+    for (const filePath of allFiles) {
+        changedFiles.add(filePath);
+    }
+    runScanOnChanges();
+}
+/**
+ * Watch command definition
+ */
+exports.watchCommand = new commander_1.Command('watch')
+    .description('Watch files and scan on changes')
+    .argument('[path]', 'path to watch', '.')
+    .option('-d, --depth <depth>', 'scan depth: cheap, validated, deep', 'cheap')
+    .option('--debounce <ms>', 'debounce time in milliseconds', '500')
+    .option('--clear', 'clear console before each scan', false)
+    .action((path, options) => {
+    watch(path, {
+        depth: options.depth,
+        debounce: parseInt(options.debounce, 10),
+        clearOnScan: options.clear,
+    });
+});
+//# sourceMappingURL=watch.js.map

package/dist/commands/watch.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"watch.js","sourceRoot":"","sources":["../../src/commands/watch.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;AAEH,yCAAmC;AACnC,+BAA2D;AAC3D,2BAA2C;AAC3C,kDAAyB;AACzB,wDAA+B;AAC/B,6CAMwB;AACxB,2DAAiE;AACjE,kDAA+D;AAQ/D;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB;IACvC,MAAM,GAAG,GAAG,IAAA,cAAO,EAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAA;IAC3C,MAAM,QAAQ,GAAG,IAAA,eAAQ,EAAC,QAAQ,CAAC,CAAA;IAEnC,IAAI,uBAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAA;IACjD,OAAO,8BAAoB,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAA;AAC3C,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB;IACnC,MAAM,GAAG,GAAG,IAAA,cAAO,EAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAA;IAC3C,MAAM,OAAO,GAA2B;QACtC,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,YAAY;QACnB,MAAM,EAAE,YAAY;QACpB,KAAK,EAAE,QAAQ;QACf,KAAK,EAAE,IAAI;QACX,OAAO,EAAE,MAAM;QACf,KAAK,EAAE,MAAM;QACb,MAAM,EAAE,KAAK;QACb,OAAO,EAAE,MAAM;QACf,MAAM,EAAE,MAAM;QACd,OAAO,EAAE,MAAM;KAChB,CAAA;IACD,OAAO,OAAO,CAAC,GAAG,CAAC,IAAI,MAAM,CAAA;AAC/B,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,QAAgB;IACpC,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,IAAA,aAAQ,EAAC,QAAQ,CAAC,CAAA;QAChC,IAAI,KAAK,CAAC,IAAI,GAAG,uBAAa;YAAE,OAAO,IAAI,CAAA;QAE3C,MAAM,OAAO,GAAG,IAAA,iBAAY,EAAC,QAAQ,EAAE,OAAO,CAAC,CAAA;QAC/C,OAAO;YACL,IAAI,EAAE,IAAA,eAAQ,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC;YACvC,OAAO;YACP,QAAQ,EAAE,WAAW,CAAC,QAAQ,CAAC;YAC/B,IAAI,EAAE,OAAO,CAAC,MAAM;SACrB,CAAA;IACH,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAA;IACb,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CACf,EAAK,EACL,KAAa;IAEb,IAAI,SAAS,GAA0B,IAAI,CAAA;IAC3C,OAAO,CAAC,GAAG,IAAmB,EAAE,EAAE;QAChC,IAAI,SAAS;YAAE,YAAY,CAAC,SAAS,CAAC,CAAA;QACtC,SAAS,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,EAAE,KAAK,CAAC,CAAA;IAClD,CAAC,CAAA;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,KAAK,CAAC,UAAkB,EAAE,OAAqB;IAC5D,MAAM,YAAY,GAAG,IAAA,cAAO,EAAC,UAAU,CAAC,CAAA;IACxC,MAAM,MAAM,GAAG,IAAA,qBAAS,GAAE,CAAA;IAE1B,8BAA8B;IAC9B,IAAI,CAAC,OAAO,CAAC,KAAK,KAAK,WAAW,IAAI,OAAO,CAAC,KAAK,KAAK,MAAM,CAAC,IAAI,CAAC,IAAA,2BAAe,GAAE,EAAE,CAAC;QACtF,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,MAAM,CAAC,0DAA0D,CAAC,CAAC,CAAA;QACrF,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC,CAAA;QAC/D,OAAO,CAAC,KAAK,GAAG,OAAO,CAAA;IACzB,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAA;IAC9C,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAA;IACtC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,aAAa,YAAY,EAAE,CAAC,CAAC,CAAA;IACnD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,UAAU,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;IACjD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,aAAa,OAAO,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC,CAAA;IAElD,+CAA+C;IAC/C,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAA;IACtC,IAAI,UAAU,GAAG,KAAK,CAAA;IAEtB,4BAA4B;IAC5B,MAAM,gBAAgB,GAAG,QAAQ,CAAC,KAAK,IAAI,EAAE;QAC3C,IAAI,UAAU,IAAI,YAAY,CAAC,IAAI,KAAK,CAAC;YAAE,OAAM;QACjD,UAAU,GAAG,IAAI,CAAA;QAEjB,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAA;QAC5C,YAAY,CAAC,KAAK,EAAE,CAAA;QAEpB,6BAA6B;QAC7B,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,OAAO,CAAC,KAAK,EAAE,CAAA;QACjB,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,IAAI,CAAC,MAAM,IAAI,IAAI,EAAE,CAAC,kBAAkB,EAAE,cAAc,WAAW,CAAC,MAAM,qBAAqB,CAAC,CAAC,CAAA;QAEnH,aAAa;QACb,MAAM,SAAS,GAAe,EAAE,CAAA;QAChC,KAAK,MAAM,QAAQ,IAAI,WAAW,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAA;YACnC,IAAI,IAAI;gBAAE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAChC,CAAC;QAED,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC,CAAA;YACnD,UAAU,GAAG,KAAK,CAAA;YAClB,OAAM;QACR,CAAC;QAED,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,IAAA,iBAAU,EAC7B,SAAS,EACT;gBACE,IAAI,EAAE,IAAA,eAAQ,EAAC,YAAY,CAAC;gBAC5B,GAAG,EAAE,EAAE;gBACP,MAAM,EAAE,OAAO;aAChB,EACD;gBACE,QAAQ,EAAE,OAAO,CAAC,KAAK,KAAK,OAAO,IAAI,IAAA,2BAAe,GAAE;gBACxD,SAAS,EAAE,OAAO,CAAC,KAAK;gBACxB,QAAQ,EAAE,aAAa;aACxB,CACF,CAAA;YAED,iBAAiB;YACjB,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACxC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,CAAA;YAC9C,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,IAAA,iCAAoB,EAAC,MAAM,EAAE;oBACvC,mBAAmB,EAAE,CAAC;iBACvB,CAAC,CAAC,CAAA;YACL,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,eAAe,GAAG,EAAE,CAAC,CAAC,CAAA;QAChD,CAAC;QAED,UAAU,GAAG,KAAK,CAAA;IACpB,CAAC,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAA;IAEpB,iBAAiB;IACjB,MAAM,OAAO,GAAG,kBAAQ,CAAC,KAAK,CAAC,YAAY,EAAE;QAC3C,OAAO,EAAE;YACP,oBAAoB;YACpB,YAAY;YACZ,aAAa;YACb,YAAY;YACZ,cAAc;YACd,mBAAmB;YACnB,YAAY;YACZ,aAAa;YACb,gBAAgB;YAChB,aAAa;YACb,aAAa;SACd;QACD,UAAU,EAAE,IAAI;QAChB,aAAa,EAAE,IAAI;KACpB,CAAC,CAAA;IAEF,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,EAAE,EAAE;QAChC,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;YAAE,OAAM;QACtC,YAAY,CAAC,GAAG,CAAC,IAAA,cAAO,EAAC,QAAQ,CAAC,CAAC,CAAA;QACnC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,YAAY,IAAA,eAAQ,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;QACvE,gBAAgB,EAAE,CAAA;IACpB,CAAC,CAAC,CAAA;IAEF,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,CAAC,QAAQ,EAAE,EAAE;QAC7B,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC;YAAE,OAAM;QACtC,YAAY,CAAC,GAAG,CAAC,IAAA,cAAO,EAAC,QAAQ,CAAC,CAAC,CAAA;QACnC,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,UAAU,IAAA,eAAQ,EAAC,OAAO,CAAC,GAAG,EAAE,EAAE,QAAQ,CAAC,EAAE,CAAC,CAAC,CAAA;QACrE,gBAAgB,EAAE,CAAA;IACpB,CAAC,CAAC,CAAA;IAEF,OAAO,CAAC,EAAE,CAAC,OAAO,EAAE,CAAC,KAAK,EAAE,EAAE;QAC5B,OAAO,CAAC,KAAK,CAAC,eAAK,CAAC,GAAG,CAAC,kBAAkB,KAAK,EAAE,CAAC,CAAC,CAAA;IACrD,CAAC,CAAC,CAAA;IAEF,kBAAkB;IAClB,OAAO,CAAC,EAAE,CAAC,QAAQ,EAAE,GAAG,EAAE;QACxB,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAA;QACpD,OAAO,CAAC,KAAK,EAAE,CAAA;QACf,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC,CAAC,CAAA;IAEF,eAAe;IACf,OAAO,CAAC,GAAG,CAAC,eAAK,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC,CAAA;IACpD,MAAM,EAAE,IAAI,EAAE,GAAG,MAAM,MAAM,CAAC,MAAM,CAAC,CAAA;IACrC,MAAM,QAAQ,GAAG;QACf,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,UAAU;QAC5C,SAAS,EAAE,SAAS,EAAE,WAAW,EAAE,SAAS;QAC5C,UAAU,EAAE,SAAS,EAAE,iBAAiB;KACzC,CAAA;IAED,MAAM,cAAc,GAAG;QACrB,oBAAoB,EAAE,YAAY,EAAE,aAAa;QACjD,YAAY,EAAE,cAAc,EAAE,mBAAmB;KAClD,CAAA;IAED,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,QAAQ,EAAE;QACpC,GAAG,EAAE,YAAY;QACjB,MAAM,EAAE,cAAc;QACtB,KAAK,EAAE,IAAI;QACX,QAAQ,EAAE,IAAI;KACf,CAAC,CAAA;IAEF,KAAK,MAAM,QAAQ,IAAI,QAAQ,EAAE,CAAC;QAChC,YAAY,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;IAC5B,CAAC;IAED,gBAAgB,EAAE,CAAA;AACpB,CAAC;AAED;;GAEG;AACU,QAAA,YAAY,GAAG,IAAI,mBAAO,CAAC,OAAO,CAAC;KAC7C,WAAW,CAAC,iCAAiC,CAAC;KAC9C,QAAQ,CAAC,QAAQ,EAAE,eAAe,EAAE,GAAG,CAAC;KACxC,MAAM,CAAC,qBAAqB,EAAE,oCAAoC,EAAE,OAAO,CAAC;KAC5E,MAAM,CAAC,iBAAiB,EAAE,+BAA+B,EAAE,KAAK,CAAC;KACjE,MAAM,CAAC,SAAS,EAAE,gCAAgC,EAAE,KAAK,CAAC;KAC1D,MAAM,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;IACxB,KAAK,CAAC,IAAI,EAAE;QACV,KAAK,EAAE,OAAO,CAAC,KAAK;QACpB,QAAQ,EAAE,QAAQ,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC;QACxC,WAAW,EAAE,OAAO,CAAC,KAAK;KAC3B,CAAC,CAAA;AACJ,CAAC,CAAC,CAAA"}

package/dist/index.d.ts

@@ -0,0 +1,7 @@
+#!/usr/bin/env node
+/**
+ * Oculum CLI
+ * AI-native security scanner for your codebase
+ */
+export {};
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AACA;;;GAGG"}