@oculum/scanner 1.0.0

package/dist/layer3/package-check.js

@@ -0,0 +1,508 @@
+"use strict";
+/**
+ * Layer 3: Package Hallucination Check (Story C - Hallucination Firewall)
+ *
+ * Verifies if imported packages actually exist and assesses their risk
+ * Prevents typosquatting, dependency confusion, and AI-hallucinated packages
+ *
+ * Features:
+ * - Registry metadata fetching (npm, PyPI)
+ * - Risk score calculation based on multiple factors
+ * - Typosquatting detection via Levenshtein distance
+ * - Package age and popularity analysis
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.LEGITIMATE_PACKAGES = exports.POPULAR_PYTHON_PACKAGES = exports.POPULAR_NPM_PACKAGES = void 0;
+exports.checkPackages = checkPackages;
+exports.levenshteinDistance = levenshteinDistance;
+exports.checkTyposquatting = checkTyposquatting;
+exports.hasSuspiciousNamingPattern = hasSuspiciousNamingPattern;
+exports.computeNPMRiskScore = computeNPMRiskScore;
+exports.computePyPIRiskScore = computePyPIRiskScore;
+const registry_clients_1 = require("../utils/registry-clients");
+// ============================================================================
+// Configuration
+// ============================================================================
+// Maximum packages to check per scan (cost/time control)
+const MAX_PACKAGES_TO_CHECK = 50;
+// ============================================================================
+// Popular Packages for Typosquatting Detection
+// ============================================================================
+const POPULAR_NPM_PACKAGES = new Set([
+    // Core frameworks
+    'react', 'vue', 'angular', 'svelte', 'next', 'nuxt', 'gatsby',
+    'express', 'fastify', 'koa', 'hapi', 'nest', 'nestjs',
+    // Utilities
+    'lodash', 'underscore', 'ramda', 'date-fns', 'dayjs', 'moment',
+    'axios', 'node-fetch', 'got', 'request', 'superagent',
+    // Build tools
+    'webpack', 'rollup', 'vite', 'parcel', 'esbuild', 'swc',
+    'babel', 'typescript', 'eslint', 'prettier', 'jest', 'vitest', 'mocha',
+    // Database
+    'mongoose', 'sequelize', 'prisma', 'typeorm', 'knex', 'pg', 'mysql', 'sqlite3',
+    // Other popular
+    'socket.io', 'ws', 'graphql', 'apollo', 'redux', 'mobx', 'zustand',
+    'tailwindcss', 'styled-components', 'emotion', 'sass', 'postcss',
+    'dotenv', 'cors', 'helmet', 'morgan', 'winston', 'pino',
+    'uuid', 'crypto-js', 'bcrypt', 'jsonwebtoken', 'passport',
+    'commander', 'yargs', 'inquirer', 'chalk', 'ora',
+]);
+exports.POPULAR_NPM_PACKAGES = POPULAR_NPM_PACKAGES;
+const POPULAR_PYTHON_PACKAGES = new Set([
+    'requests', 'flask', 'django', 'fastapi', 'numpy', 'pandas',
+    'scipy', 'matplotlib', 'tensorflow', 'pytorch', 'torch', 'keras',
+    'scikit-learn', 'sklearn', 'pillow', 'opencv-python', 'beautifulsoup4',
+    'sqlalchemy', 'celery', 'redis', 'boto3', 'pytest', 'black', 'flake8',
+    'pydantic', 'httpx', 'aiohttp', 'uvicorn', 'gunicorn',
+]);
+exports.POPULAR_PYTHON_PACKAGES = POPULAR_PYTHON_PACKAGES;
+// ============================================================================
+// Legitimate Packages (Skip checking)
+// ============================================================================
+const LEGITIMATE_PACKAGES = new Set([
+    // Scoped packages from trusted orgs
+    '@supabase/ssr', '@supabase/supabase-js', '@supabase/auth-helpers-nextjs',
+    '@anthropic-ai/sdk', '@openai/openai', '@langchain/core', '@langchain/openai',
+    '@octokit/rest', '@octokit/core',
+    '@radix-ui/react-avatar', '@radix-ui/react-dialog', '@radix-ui/react-dropdown-menu',
+    '@radix-ui/react-scroll-area', '@radix-ui/react-slot', '@radix-ui/react-tabs',
+    '@tailwindcss/postcss', '@tailwindcss/typography',
+    '@types/node', '@types/react', '@types/react-dom',
+    // Common packages with unusual names
+    'class-variance-authority', 'clsx', 'tailwind-merge', 'cva',
+    'lucide-react', 'next-themes', 'sonner', 'zod', 'zustand',
+    'geist', 'sharp', 'turbo', 'tsup', 'tsx',
+    // Known short names
+    'ms', 'qs', 'ws', 'pg', 'ip', 'os', 'fs', 'vm',
+]);
+exports.LEGITIMATE_PACKAGES = LEGITIMATE_PACKAGES;
+// ============================================================================
+// Typosquatting Detection
+// ============================================================================
+/**
+ * Calculate Levenshtein distance between two strings
+ */
+function levenshteinDistance(a, b) {
+    const matrix = [];
+    for (let i = 0; i <= b.length; i++) {
+        matrix[i] = [i];
+    }
+    for (let j = 0; j <= a.length; j++) {
+        matrix[0][j] = j;
+    }
+    for (let i = 1; i <= b.length; i++) {
+        for (let j = 1; j <= a.length; j++) {
+            if (b.charAt(i - 1) === a.charAt(j - 1)) {
+                matrix[i][j] = matrix[i - 1][j - 1];
+            }
+            else {
+                matrix[i][j] = Math.min(matrix[i - 1][j - 1] + 1, matrix[i][j - 1] + 1, matrix[i - 1][j] + 1);
+            }
+        }
+    }
+    return matrix[b.length][a.length];
+}
+/**
+ * Check if package name is similar to a popular package (potential typosquat)
+ */
+function checkTyposquatting(packageName, ecosystem) {
+    const name = packageName.toLowerCase();
+    const popularPackages = ecosystem === 'npm' ? POPULAR_NPM_PACKAGES : POPULAR_PYTHON_PACKAGES;
+    for (const popular of popularPackages) {
+        // Skip if it's the actual package
+        if (name === popular)
+            continue;
+        const distance = levenshteinDistance(name, popular);
+        // Flag if 1-2 character difference and similar length
+        if (distance === 1 && Math.abs(name.length - popular.length) <= 1) {
+            return { isSimilar: true, similarTo: popular, distance };
+        }
+        if (distance === 2 && name.length >= 5 && Math.abs(name.length - popular.length) <= 1) {
+            return { isSimilar: true, similarTo: popular, distance };
+        }
+    }
+    return { isSimilar: false };
+}
+/**
+ * Check for suspicious naming patterns
+ */
+function hasSuspiciousNamingPattern(packageName) {
+    const suspiciousPatterns = [
+        { pattern: /^[a-z]+-js$/, desc: 'package-js suffix (common typosquat pattern)' },
+        { pattern: /^node-[a-z]{2,}$/, desc: 'node-package prefix' },
+        { pattern: /^[a-z]+-node$/, desc: 'package-node suffix' },
+        { pattern: /-\d{3,}$/, desc: 'ends with many numbers' },
+        { pattern: /^[a-z]{1,2}-[a-z]+$/, desc: 'very short prefix' },
+        { pattern: /[0o][0o]|[1l][1l]/i, desc: 'character substitution (0/o, 1/l)' },
+    ];
+    for (const { pattern, desc } of suspiciousPatterns) {
+        if (pattern.test(packageName)) {
+            return { suspicious: true, pattern: desc };
+        }
+    }
+    return { suspicious: false };
+}
+// ============================================================================
+// Risk Score Calculation
+// ============================================================================
+/**
+ * Compute risk score for an npm package
+ */
+async function computeNPMRiskScore(dep, metadata) {
+    const factors = [];
+    let totalScore = 0;
+    // Factor 1: Package not found (highest risk - likely hallucinated)
+    if (!metadata) {
+        factors.push({
+            name: 'package_not_found',
+            score: 100,
+            description: 'Package does not exist in npm registry. Likely a hallucinated package name.',
+        });
+        return {
+            package: dep.name,
+            ecosystem: 'npm',
+            totalScore: 100,
+            factors,
+            recommendation: 'block',
+            severity: 'critical',
+        };
+    }
+    // Factor 2: Package age
+    const ageInDays = (0, registry_clients_1.calculatePackageAgeDays)(metadata.time?.created);
+    if (ageInDays < 7) {
+        factors.push({
+            name: 'very_new_package',
+            score: 30,
+            description: `Package created ${ageInDays} days ago (< 7 days)`,
+        });
+        totalScore += 30;
+    }
+    else if (ageInDays < 30) {
+        factors.push({
+            name: 'new_package',
+            score: 15,
+            description: `Package created ${ageInDays} days ago (< 30 days)`,
+        });
+        totalScore += 15;
+    }
+    // Factor 3: Download count
+    const weeklyDownloads = metadata.downloads?.weekly || 0;
+    if (weeklyDownloads < 10) {
+        factors.push({
+            name: 'no_downloads',
+            score: 25,
+            description: `Only ${weeklyDownloads} weekly downloads`,
+        });
+        totalScore += 25;
+    }
+    else if (weeklyDownloads < 100) {
+        factors.push({
+            name: 'low_downloads',
+            score: 15,
+            description: `Only ${weeklyDownloads} weekly downloads (< 100)`,
+        });
+        totalScore += 15;
+    }
+    else if (weeklyDownloads < 1000) {
+        factors.push({
+            name: 'moderate_downloads',
+            score: 5,
+            description: `${weeklyDownloads} weekly downloads (< 1000)`,
+        });
+        totalScore += 5;
+    }
+    // Factor 4: Typosquatting similarity
+    const typoCheck = checkTyposquatting(dep.name, 'npm');
+    if (typoCheck.isSimilar && typoCheck.distance === 1) {
+        factors.push({
+            name: 'likely_typosquat',
+            score: 40,
+            description: `Name differs by 1 character from popular package "${typoCheck.similarTo}"`,
+        });
+        totalScore += 40;
+    }
+    else if (typoCheck.isSimilar && typoCheck.distance === 2) {
+        factors.push({
+            name: 'possible_typosquat',
+            score: 20,
+            description: `Name similar to popular package "${typoCheck.similarTo}" (${typoCheck.distance} char diff)`,
+        });
+        totalScore += 20;
+    }
+    // Factor 5: Suspicious naming pattern
+    const namingCheck = hasSuspiciousNamingPattern(dep.name);
+    if (namingCheck.suspicious) {
+        factors.push({
+            name: 'suspicious_name',
+            score: 15,
+            description: `Suspicious naming pattern: ${namingCheck.pattern}`,
+        });
+        totalScore += 15;
+    }
+    // Factor 6: No repository/homepage
+    const hasRepo = !!metadata.repository?.url;
+    const hasHomepage = !!metadata.homepage;
+    if (!hasRepo && !hasHomepage) {
+        factors.push({
+            name: 'no_source_links',
+            score: 15,
+            description: 'Package has no repository or homepage link',
+        });
+        totalScore += 15;
+    }
+    // Factor 7: No description
+    if (!metadata.description || metadata.description.length < 10) {
+        factors.push({
+            name: 'no_description',
+            score: 10,
+            description: 'Package has no meaningful description',
+        });
+        totalScore += 10;
+    }
+    // Factor 8: Single maintainer on new package
+    const maintainerCount = metadata.maintainers?.length || 0;
+    if (maintainerCount === 1 && ageInDays < 30) {
+        factors.push({
+            name: 'single_new_maintainer',
+            score: 10,
+            description: 'Single maintainer on a new package',
+        });
+        totalScore += 10;
+    }
+    // Determine recommendation and severity
+    let recommendation;
+    let severity;
+    if (totalScore >= 70) {
+        recommendation = 'block';
+        severity = 'high';
+    }
+    else if (totalScore >= 40) {
+        recommendation = 'review';
+        severity = 'medium';
+    }
+    else if (totalScore >= 20) {
+        recommendation = 'review';
+        severity = 'low';
+    }
+    else {
+        recommendation = 'allow';
+        severity = 'info';
+    }
+    return {
+        package: dep.name,
+        ecosystem: 'npm',
+        totalScore: Math.min(totalScore, 100),
+        factors,
+        recommendation,
+        severity,
+    };
+}
+/**
+ * Compute risk score for a Python package
+ */
+async function computePyPIRiskScore(dep, metadata) {
+    const factors = [];
+    let totalScore = 0;
+    // Factor 1: Package not found
+    if (!metadata) {
+        factors.push({
+            name: 'package_not_found',
+            score: 100,
+            description: 'Package does not exist in PyPI registry. Likely a hallucinated package name.',
+        });
+        return {
+            package: dep.name,
+            ecosystem: 'python',
+            totalScore: 100,
+            factors,
+            recommendation: 'block',
+            severity: 'critical',
+        };
+    }
+    // Factor 2: Typosquatting
+    const typoCheck = checkTyposquatting(dep.name, 'python');
+    if (typoCheck.isSimilar && typoCheck.distance === 1) {
+        factors.push({
+            name: 'likely_typosquat',
+            score: 40,
+            description: `Name differs by 1 character from popular package "${typoCheck.similarTo}"`,
+        });
+        totalScore += 40;
+    }
+    else if (typoCheck.isSimilar && typoCheck.distance === 2) {
+        factors.push({
+            name: 'possible_typosquat',
+            score: 20,
+            description: `Name similar to popular package "${typoCheck.similarTo}"`,
+        });
+        totalScore += 20;
+    }
+    // Factor 3: Suspicious naming
+    const namingCheck = hasSuspiciousNamingPattern(dep.name);
+    if (namingCheck.suspicious) {
+        factors.push({
+            name: 'suspicious_name',
+            score: 15,
+            description: `Suspicious naming pattern: ${namingCheck.pattern}`,
+        });
+        totalScore += 15;
+    }
+    // Factor 4: No project URLs
+    const hasProjectUrls = metadata.projectUrls && Object.keys(metadata.projectUrls).length > 0;
+    if (!hasProjectUrls) {
+        factors.push({
+            name: 'no_project_urls',
+            score: 15,
+            description: 'Package has no project URLs (repository, homepage, etc.)',
+        });
+        totalScore += 15;
+    }
+    // Factor 5: No summary/description
+    if (!metadata.summary || metadata.summary.length < 10) {
+        factors.push({
+            name: 'no_description',
+            score: 10,
+            description: 'Package has no meaningful description',
+        });
+        totalScore += 10;
+    }
+    // Determine recommendation and severity
+    let recommendation;
+    let severity;
+    if (totalScore >= 70) {
+        recommendation = 'block';
+        severity = 'high';
+    }
+    else if (totalScore >= 40) {
+        recommendation = 'review';
+        severity = 'medium';
+    }
+    else if (totalScore >= 20) {
+        recommendation = 'review';
+        severity = 'low';
+    }
+    else {
+        recommendation = 'allow';
+        severity = 'info';
+    }
+    return {
+        package: dep.name,
+        ecosystem: 'python',
+        totalScore: Math.min(totalScore, 100),
+        factors,
+        recommendation,
+        severity,
+    };
+}
+// ============================================================================
+// Vulnerability Generation
+// ============================================================================
+/**
+ * Build description from risk score
+ */
+function buildRiskDescription(risk) {
+    const factorList = risk.factors.map(f => `- ${f.description}`).join('\n');
+    if (risk.totalScore >= 70) {
+        return `Package "${risk.package}" has high risk indicators (score: ${risk.totalScore}/100):\n${factorList}\n\nThis may be a hallucinated package name or a typosquatting attempt.`;
+    }
+    if (risk.totalScore >= 40) {
+        return `Package "${risk.package}" has moderate risk indicators (score: ${risk.totalScore}/100):\n${factorList}\n\nReview this dependency before using.`;
+    }
+    return `Package "${risk.package}" has some risk factors (score: ${risk.totalScore}/100):\n${factorList}`;
+}
+/**
+ * Build suggested fix from risk score
+ */
+function buildRiskSuggestedFix(risk) {
+    if (risk.factors.some(f => f.name === 'package_not_found')) {
+        return 'Verify the package name is correct. This package does not exist in the registry - it may be a hallucinated name from an AI tool.';
+    }
+    if (risk.factors.some(f => f.name.includes('typosquat'))) {
+        const typoFactor = risk.factors.find(f => f.name.includes('typosquat'));
+        const match = typoFactor?.description.match(/"([^"]+)"/);
+        const intendedPackage = match?.[1];
+        return `Verify this is the intended package. Did you mean "${intendedPackage}"?`;
+    }
+    if (risk.totalScore >= 40) {
+        return 'Review this package before using. Check the repository, maintainers, and recent activity.';
+    }
+    return 'Consider reviewing this package\'s repository and maintainers.';
+}
+// ============================================================================
+// Main Check Function
+// ============================================================================
+/**
+ * Check packages in a file for hallucination and risk indicators
+ */
+async function checkPackages(content, filePath) {
+    const vulnerabilities = [];
+    // Determine file type
+    const fileType = (0, registry_clients_1.getPackageFileType)(filePath);
+    if (!fileType) {
+        return vulnerabilities;
+    }
+    // Extract dependencies based on file type
+    let dependencies = [];
+    if (fileType === 'npm' && filePath.endsWith('package.json')) {
+        dependencies = (0, registry_clients_1.extractNpmDependencies)(content);
+    }
+    else if (fileType === 'python') {
+        dependencies = (0, registry_clients_1.extractPythonRequirements)(content);
+    }
+    if (dependencies.length === 0) {
+        return vulnerabilities;
+    }
+    const lines = content.split('\n');
+    // Filter out legitimate/known packages and scoped packages
+    const packagesToCheck = dependencies.filter(dep => {
+        // Skip scoped packages (@org/package) - usually legitimate
+        if (dep.name.startsWith('@'))
+            return false;
+        // Skip known legitimate packages
+        if (LEGITIMATE_PACKAGES.has(dep.name))
+            return false;
+        // Skip exact matches to popular packages
+        if (POPULAR_NPM_PACKAGES.has(dep.name.toLowerCase()))
+            return false;
+        if (POPULAR_PYTHON_PACKAGES.has(dep.name.toLowerCase()))
+            return false;
+        return true;
+    });
+    // Limit packages to check (cost control)
+    const limitedPackages = packagesToCheck.slice(0, MAX_PACKAGES_TO_CHECK);
+    // Check each package
+    for (const dep of limitedPackages) {
+        let risk;
+        if (fileType === 'npm') {
+            const metadata = await (0, registry_clients_1.fetchNPMMetadata)(dep.name);
+            risk = await computeNPMRiskScore(dep, metadata);
+        }
+        else {
+            const metadata = await (0, registry_clients_1.fetchPyPIMetadata)(dep.name);
+            risk = await computePyPIRiskScore(dep, metadata);
+        }
+        // Only create vulnerabilities for packages that need attention
+        if (risk.recommendation !== 'allow') {
+            vulnerabilities.push({
+                id: `pkg-risk-${filePath}-${dep.name}`,
+                filePath,
+                lineNumber: dep.line,
+                lineContent: lines[dep.line - 1]?.trim() || dep.name,
+                severity: risk.severity,
+                category: 'suspicious_package',
+                title: risk.totalScore >= 70
+                    ? 'Potentially hallucinated dependency'
+                    : 'Suspicious dependency',
+                description: buildRiskDescription(risk),
+                suggestedFix: buildRiskSuggestedFix(risk),
+                confidence: risk.totalScore >= 70 ? 'high' : 'medium',
+                layer: 3,
+                requiresAIValidation: risk.totalScore < 70, // High-confidence issues don't need AI validation
+            });
+        }
+        // Rate limiting between requests
+        await (0, registry_clients_1.rateLimitDelay)();
+    }
+    return vulnerabilities;
+}
+//# sourceMappingURL=package-check.js.map

package/dist/layer3/package-check.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"package-check.js","sourceRoot":"","sources":["../../src/layer3/package-check.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;GAWG;;;AAkfH,sCAkFC;AAIC,kDAAmB;AACnB,gDAAkB;AAClB,gEAA0B;AAC1B,kDAAmB;AACnB,oDAAoB;AAzkBtB,gEAWkC;AAElC,+EAA+E;AAC/E,gBAAgB;AAChB,+EAA+E;AAE/E,yDAAyD;AACzD,MAAM,qBAAqB,GAAG,EAAE,CAAA;AAEhC,+EAA+E;AAC/E,+CAA+C;AAC/C,+EAA+E;AAE/E,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC;IACnC,kBAAkB;IAClB,OAAO,EAAE,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ;IAC7D,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ;IACrD,YAAY;IACZ,QAAQ,EAAE,YAAY,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,QAAQ;IAC9D,OAAO,EAAE,YAAY,EAAE,KAAK,EAAE,SAAS,EAAE,YAAY;IACrD,cAAc;IACd,SAAS,EAAE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK;IACvD,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,OAAO;IACtE,WAAW;IACX,UAAU,EAAE,WAAW,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS;IAC9E,gBAAgB;IAChB,WAAW,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS;IAClE,aAAa,EAAE,mBAAmB,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS;IAChE,QAAQ,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM;IACvD,MAAM,EAAE,WAAW,EAAE,QAAQ,EAAE,cAAc,EAAE,UAAU;IACzD,WAAW,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,KAAK;CACjD,CAAC,CAAA;AAgiBA,oDAAoB;AA9hBtB,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC;IACtC,UAAU,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ;IAC3D,OAAO,EAAE,YAAY,EAAE,YAAY,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO;IAChE,cAAc,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,gBAAgB;IACtE,YAAY,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,QAAQ;IACrE,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU;CACtD,CAAC,CAAA;AAyhBA,0DAAuB;AAvhBzB,+EAA+E;AAC/E,sCAAsC;AACtC,+EAA+E;AAE/E,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,oCAAoC;IACpC,eAAe,EAAE,uBAAuB,EAAE,+BAA+B;IACzE,mBAAmB,EAAE,gBAAgB,EAAE,iBAAiB,EAAE,mBAAmB;IAC7E,eAAe,EAAE,eAAe;IAChC,wBAAwB,EAAE,wBAAwB,EAAE,+BAA+B;IACnF,6BAA6B,EAAE,sBAAsB,EAAE,sBAAsB;IAC7E,sBAAsB,EAAE,yBAAyB;IACjD,aAAa,EAAE,cAAc,EAAE,kBAAkB;IACjD,qCAAqC;IACrC,0BAA0B,EAAE,MAAM,EAAE,gBAAgB,EAAE,KAAK;IAC3D,cAAc,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,SAAS;IACzD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK;IACxC,oBAAoB;IACpB,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI;CAC/C,CAAC,CAAA;AAqgBA,kDAAmB;AAhfrB,+EAA+E;AAC/E,0BAA0B;AAC1B,+EAA+E;AAE/E;;GAEG;AACH,SAAS,mBAAmB,CAAC,CAAS,EAAE,CAAS;IAC/C,MAAM,MAAM,GAAe,EAAE,CAAA;IAE7B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAA;IACjB,CAAC;IACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IAClB,CAAC;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACnC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACnC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC;gBACxC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAA;YACrC,CAAC;iBAAM,CAAC;gBACN,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CACrB,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EACxB,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,EACpB,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CACrB,CAAA;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAA;AACnC,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CACzB,WAAmB,EACnB,SAA2B;IAE3B,MAAM,IAAI,GAAG,WAAW,CAAC,WAAW,EAAE,CAAA;IACtC,MAAM,eAAe,GAAG,SAAS,KAAK,KAAK,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,uBAAuB,CAAA;IAE5F,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,kCAAkC;QAClC,IAAI,IAAI,KAAK,OAAO;YAAE,SAAQ;QAE9B,MAAM,QAAQ,GAAG,mBAAmB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;QAEnD,sDAAsD;QACtD,IAAI,QAAQ,KAAK,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YAClE,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAA;QAC1D,CAAC;QACD,IAAI,QAAQ,KAAK,CAAC,IAAI,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;YACtF,OAAO,EAAE,SAAS,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,QAAQ,EAAE,CAAA;QAC1D,CAAC;IACH,CAAC;IAED,OAAO,EAAE,SAAS,EAAE,KAAK,EAAE,CAAA;AAC7B,CAAC;AAED;;GAEG;AACH,SAAS,0BAA0B,CAAC,WAAmB;IACrD,MAAM,kBAAkB,GAAG;QACzB,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,8CAA8C,EAAE;QAChF,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,qBAAqB,EAAE;QAC5D,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,qBAAqB,EAAE;QACzD,EAAE,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,wBAAwB,EAAE;QACvD,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,mBAAmB,EAAE;QAC7D,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,mCAAmC,EAAE;KAC7E,CAAA;IAED,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,kBAAkB,EAAE,CAAC;QACnD,IAAI,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC;YAC9B,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,OAAO,EAAE,IAAI,EAAE,CAAA;QAC5C,CAAC;IACH,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,KAAK,EAAE,CAAA;AAC9B,CAAC;AAED,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E;;GAEG;AACH,KAAK,UAAU,mBAAmB,CAChC,GAAwB,EACxB,QAAmC;IAEnC,MAAM,OAAO,GAAiB,EAAE,CAAA;IAChC,IAAI,UAAU,GAAG,CAAC,CAAA;IAElB,mEAAmE;IACnE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,mBAAmB;YACzB,KAAK,EAAE,GAAG;YACV,WAAW,EAAE,6EAA6E;SAC3F,CAAC,CAAA;QACF,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,IAAI;YACjB,SAAS,EAAE,KAAK;YAChB,UAAU,EAAE,GAAG;YACf,OAAO;YACP,cAAc,EAAE,OAAO;YACvB,QAAQ,EAAE,UAAU;SACrB,CAAA;IACH,CAAC;IAED,wBAAwB;IACxB,MAAM,SAAS,GAAG,IAAA,0CAAuB,EAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAA;IACjE,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,mBAAmB,SAAS,sBAAsB;SAChE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;SAAM,IAAI,SAAS,GAAG,EAAE,EAAE,CAAC;QAC1B,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,aAAa;YACnB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,mBAAmB,SAAS,uBAAuB;SACjE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,2BAA2B;IAC3B,MAAM,eAAe,GAAG,QAAQ,CAAC,SAAS,EAAE,MAAM,IAAI,CAAC,CAAA;IACvD,IAAI,eAAe,GAAG,EAAE,EAAE,CAAC;QACzB,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,cAAc;YACpB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,QAAQ,eAAe,mBAAmB;SACxD,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;SAAM,IAAI,eAAe,GAAG,GAAG,EAAE,CAAC;QACjC,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,eAAe;YACrB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,QAAQ,eAAe,2BAA2B;SAChE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;SAAM,IAAI,eAAe,GAAG,IAAI,EAAE,CAAC;QAClC,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,oBAAoB;YAC1B,KAAK,EAAE,CAAC;YACR,WAAW,EAAE,GAAG,eAAe,4BAA4B;SAC5D,CAAC,CAAA;QACF,UAAU,IAAI,CAAC,CAAA;IACjB,CAAC;IAED,qCAAqC;IACrC,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;IACrD,IAAI,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,qDAAqD,SAAS,CAAC,SAAS,GAAG;SACzF,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;SAAM,IAAI,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,oBAAoB;YAC1B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,oCAAoC,SAAS,CAAC,SAAS,MAAM,SAAS,CAAC,QAAQ,aAAa;SAC1G,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,sCAAsC;IACtC,MAAM,WAAW,GAAG,0BAA0B,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACxD,IAAI,WAAW,CAAC,UAAU,EAAE,CAAC;QAC3B,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,8BAA8B,WAAW,CAAC,OAAO,EAAE;SACjE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,mCAAmC;IACnC,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,EAAE,GAAG,CAAA;IAC1C,MAAM,WAAW,GAAG,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAA;IACvC,IAAI,CAAC,OAAO,IAAI,CAAC,WAAW,EAAE,CAAC;QAC7B,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,4CAA4C;SAC1D,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,2BAA2B;IAC3B,IAAI,CAAC,QAAQ,CAAC,WAAW,IAAI,QAAQ,CAAC,WAAW,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QAC9D,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,uCAAuC;SACrD,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,6CAA6C;IAC7C,MAAM,eAAe,GAAG,QAAQ,CAAC,WAAW,EAAE,MAAM,IAAI,CAAC,CAAA;IACzD,IAAI,eAAe,KAAK,CAAC,IAAI,SAAS,GAAG,EAAE,EAAE,CAAC;QAC5C,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,uBAAuB;YAC7B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,oCAAoC;SAClD,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,wCAAwC;IACxC,IAAI,cAAqD,CAAA;IACzD,IAAI,QAA+B,CAAA;IAEnC,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QACrB,cAAc,GAAG,OAAO,CAAA;QACxB,QAAQ,GAAG,MAAM,CAAA;IACnB,CAAC;SAAM,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QAC5B,cAAc,GAAG,QAAQ,CAAA;QACzB,QAAQ,GAAG,QAAQ,CAAA;IACrB,CAAC;SAAM,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QAC5B,cAAc,GAAG,QAAQ,CAAA;QACzB,QAAQ,GAAG,KAAK,CAAA;IAClB,CAAC;SAAM,CAAC;QACN,cAAc,GAAG,OAAO,CAAA;QACxB,QAAQ,GAAG,MAAM,CAAA;IACnB,CAAC;IAED,OAAO;QACL,OAAO,EAAE,GAAG,CAAC,IAAI;QACjB,SAAS,EAAE,KAAK;QAChB,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC;QACrC,OAAO;QACP,cAAc;QACd,QAAQ;KACT,CAAA;AACH,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,oBAAoB,CACjC,GAAwB,EACxB,QAAoC;IAEpC,MAAM,OAAO,GAAiB,EAAE,CAAA;IAChC,IAAI,UAAU,GAAG,CAAC,CAAA;IAElB,8BAA8B;IAC9B,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,mBAAmB;YACzB,KAAK,EAAE,GAAG;YACV,WAAW,EAAE,8EAA8E;SAC5F,CAAC,CAAA;QACF,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,IAAI;YACjB,SAAS,EAAE,QAAQ;YACnB,UAAU,EAAE,GAAG;YACf,OAAO;YACP,cAAc,EAAE,OAAO;YACvB,QAAQ,EAAE,UAAU;SACrB,CAAA;IACH,CAAC;IAED,0BAA0B;IAC1B,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAA;IACxD,IAAI,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QACpD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,qDAAqD,SAAS,CAAC,SAAS,GAAG;SACzF,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;SAAM,IAAI,SAAS,CAAC,SAAS,IAAI,SAAS,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;QAC3D,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,oBAAoB;YAC1B,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,oCAAoC,SAAS,CAAC,SAAS,GAAG;SACxE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,8BAA8B;IAC9B,MAAM,WAAW,GAAG,0BAA0B,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;IACxD,IAAI,WAAW,CAAC,UAAU,EAAE,CAAC;QAC3B,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,8BAA8B,WAAW,CAAC,OAAO,EAAE;SACjE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,4BAA4B;IAC5B,MAAM,cAAc,GAAG,QAAQ,CAAC,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,MAAM,GAAG,CAAC,CAAA;IAC3F,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,iBAAiB;YACvB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,0DAA0D;SACxE,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,mCAAmC;IACnC,IAAI,CAAC,QAAQ,CAAC,OAAO,IAAI,QAAQ,CAAC,OAAO,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACtD,OAAO,CAAC,IAAI,CAAC;YACX,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,EAAE;YACT,WAAW,EAAE,uCAAuC;SACrD,CAAC,CAAA;QACF,UAAU,IAAI,EAAE,CAAA;IAClB,CAAC;IAED,wCAAwC;IACxC,IAAI,cAAqD,CAAA;IACzD,IAAI,QAA+B,CAAA;IAEnC,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QACrB,cAAc,GAAG,OAAO,CAAA;QACxB,QAAQ,GAAG,MAAM,CAAA;IACnB,CAAC;SAAM,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QAC5B,cAAc,GAAG,QAAQ,CAAA;QACzB,QAAQ,GAAG,QAAQ,CAAA;IACrB,CAAC;SAAM,IAAI,UAAU,IAAI,EAAE,EAAE,CAAC;QAC5B,cAAc,GAAG,QAAQ,CAAA;QACzB,QAAQ,GAAG,KAAK,CAAA;IAClB,CAAC;SAAM,CAAC;QACN,cAAc,GAAG,OAAO,CAAA;QACxB,QAAQ,GAAG,MAAM,CAAA;IACnB,CAAC;IAED,OAAO;QACL,OAAO,EAAE,GAAG,CAAC,IAAI;QACjB,SAAS,EAAE,QAAQ;QACnB,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC;QACrC,OAAO;QACP,cAAc;QACd,QAAQ;KACT,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,2BAA2B;AAC3B,+EAA+E;AAE/E;;GAEG;AACH,SAAS,oBAAoB,CAAC,IAAyB;IACrD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEzE,IAAI,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;QAC1B,OAAO,YAAY,IAAI,CAAC,OAAO,sCAAsC,IAAI,CAAC,UAAU,WAAW,UAAU,yEAAyE,CAAA;IACpL,CAAC;IAED,IAAI,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;QAC1B,OAAO,YAAY,IAAI,CAAC,OAAO,0CAA0C,IAAI,CAAC,UAAU,WAAW,UAAU,0CAA0C,CAAA;IACzJ,CAAC;IAED,OAAO,YAAY,IAAI,CAAC,OAAO,mCAAmC,IAAI,CAAC,UAAU,WAAW,UAAU,EAAE,CAAA;AAC1G,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAAC,IAAyB;IACtD,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,mBAAmB,CAAC,EAAE,CAAC;QAC3D,OAAO,kIAAkI,CAAA;IAC3I,CAAC;IAED,IAAI,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACzD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAA;QACvE,MAAM,KAAK,GAAG,UAAU,EAAE,WAAW,CAAC,KAAK,CAAC,WAAW,CAAC,CAAA;QACxD,MAAM,eAAe,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC,CAAA;QAClC,OAAO,sDAAsD,eAAe,IAAI,CAAA;IAClF,CAAC;IAED,IAAI,IAAI,CAAC,UAAU,IAAI,EAAE,EAAE,CAAC;QAC1B,OAAO,2FAA2F,CAAA;IACpG,CAAC;IAED,OAAO,gEAAgE,CAAA;AACzE,CAAC;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;GAEG;AACI,KAAK,UAAU,aAAa,CACjC,OAAe,EACf,QAAgB;IAEhB,MAAM,eAAe,GAAoB,EAAE,CAAA;IAE3C,sBAAsB;IACtB,MAAM,QAAQ,GAAG,IAAA,qCAAkB,EAAC,QAAQ,CAAC,CAAA;IAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,0CAA0C;IAC1C,IAAI,YAAY,GAA0B,EAAE,CAAA;IAE5C,IAAI,QAAQ,KAAK,KAAK,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;QAC5D,YAAY,GAAG,IAAA,yCAAsB,EAAC,OAAO,CAAC,CAAA;IAChD,CAAC;SAAM,IAAI,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjC,YAAY,GAAG,IAAA,4CAAyB,EAAC,OAAO,CAAC,CAAA;IACnD,CAAC;IAED,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,OAAO,eAAe,CAAA;IACxB,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEjC,2DAA2D;IAC3D,MAAM,eAAe,GAAG,YAAY,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;QAChD,2DAA2D;QAC3D,IAAI,GAAG,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAA;QAE1C,iCAAiC;QACjC,IAAI,mBAAmB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO,KAAK,CAAA;QAEnD,yCAAyC;QACzC,IAAI,oBAAoB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YAAE,OAAO,KAAK,CAAA;QAClE,IAAI,uBAAuB,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;YAAE,OAAO,KAAK,CAAA;QAErE,OAAO,IAAI,CAAA;IACb,CAAC,CAAC,CAAA;IAEF,yCAAyC;IACzC,MAAM,eAAe,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC,EAAE,qBAAqB,CAAC,CAAA;IAEvE,qBAAqB;IACrB,KAAK,MAAM,GAAG,IAAI,eAAe,EAAE,CAAC;QAClC,IAAI,IAAyB,CAAA;QAE7B,IAAI,QAAQ,KAAK,KAAK,EAAE,CAAC;YACvB,MAAM,QAAQ,GAAG,MAAM,IAAA,mCAAgB,EAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YACjD,IAAI,GAAG,MAAM,mBAAmB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QACjD,CAAC;aAAM,CAAC;YACN,MAAM,QAAQ,GAAG,MAAM,IAAA,oCAAiB,EAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAClD,IAAI,GAAG,MAAM,oBAAoB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAA;QAClD,CAAC;QAED,+DAA+D;QAC/D,IAAI,IAAI,CAAC,cAAc,KAAK,OAAO,EAAE,CAAC;YACpC,eAAe,CAAC,IAAI,CAAC;gBACnB,EAAE,EAAE,YAAY,QAAQ,IAAI,GAAG,CAAC,IAAI,EAAE;gBACtC,QAAQ;gBACR,UAAU,EAAE,GAAG,CAAC,IAAI;gBACpB,WAAW,EAAE,KAAK,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,IAAI;gBACpD,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,QAAQ,EAAE,oBAAoB;gBAC9B,KAAK,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE;oBAC1B,CAAC,CAAC,qCAAqC;oBACvC,CAAC,CAAC,uBAAuB;gBAC3B,WAAW,EAAE,oBAAoB,CAAC,IAAI,CAAC;gBACvC,YAAY,EAAE,qBAAqB,CAAC,IAAI,CAAC;gBACzC,UAAU,EAAE,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBACrD,KAAK,EAAE,CAAC;gBACR,oBAAoB,EAAE,IAAI,CAAC,UAAU,GAAG,EAAE,EAAE,kDAAkD;aAC/F,CAAC,CAAA;QACJ,CAAC;QAED,iCAAiC;QACjC,MAAM,IAAA,iCAAc,GAAE,CAAA;IACxB,CAAC;IAED,OAAO,eAAe,CAAA;AACxB,CAAC"}

package/dist/modes/incremental.d.ts

@@ -0,0 +1,66 @@
+/**
+ * Incremental Scan Mode
+ * Optimized scanning for PR workflows - only scan changed files and surface relevant findings
+ */
+import type { ScanFile, Vulnerability, ScanModeConfig } from '../types';
+import { type FileDiff } from '../utils/diff-parser';
+/**
+ * Options for incremental scanning
+ */
+export interface IncrementalScanOptions {
+    /** Git diff output (if available) */
+    diffContent?: string;
+    /** List of changed file paths (alternative to diff) */
+    changedFiles?: string[];
+    /** Whether to only show findings on exactly changed lines (strict) or nearby (default) */
+    strictLineMatching?: boolean;
+    /** Context window for "near changed line" (default: 5) */
+    contextWindow?: number;
+    /** Whether to mark findings as "introduced in this PR" */
+    markAsIntroduced?: boolean;
+    /** Previous findings to compare against (for suppressing pre-existing issues) */
+    previousFindings?: Vulnerability[];
+}
+/**
+ * Result of incremental scan with additional PR-specific metadata
+ */
+export interface IncrementalScanResult {
+    /** All findings (filtered to changed lines) */
+    findings: Vulnerability[];
+    /** Findings that are new in this PR */
+    introduced: Vulnerability[];
+    /** Findings that existed before (if previousFindings provided) */
+    preExisting: Vulnerability[];
+    /** Number of files scanned */
+    filesScanned: number;
+    /** Number of files that were changed */
+    filesChanged: number;
+    /** Parsed diff information */
+    diffs: Map<string, FileDiff>;
+    /** Scan duration in ms */
+    duration: number;
+}
+/**
+ * Run an incremental scan optimized for PR workflows
+ *
+ * This scans:
+ * 1. All changed files (added + modified)
+ * 2. Files that import changed files (for context)
+ * 3. Middleware files (for auth context)
+ *
+ * And only surfaces findings on/near changed lines.
+ */
+export declare function runIncrementalScan(allFiles: ScanFile[], options: IncrementalScanOptions): Promise<IncrementalScanResult>;
+/**
+ * Create a PR-optimized scan config
+ */
+export declare function createPRScanConfig(changedFiles: string[], options?: Partial<ScanModeConfig>): ScanModeConfig;
+/**
+ * Format incremental scan result for PR comment
+ */
+export declare function formatIncrementalForPR(result: IncrementalScanResult): {
+    summary: string;
+    hasNewIssues: boolean;
+    blockingIssues: number;
+};
+//# sourceMappingURL=incremental.d.ts.map

package/dist/modes/incremental.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"incremental.d.ts","sourceRoot":"","sources":["../../src/modes/incremental.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,aAAa,EAAc,cAAc,EAAE,MAAM,UAAU,CAAA;AAGnF,OAAO,EAKL,KAAK,QAAQ,EACd,MAAM,sBAAsB,CAAA;AAG7B;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,qCAAqC;IACrC,WAAW,CAAC,EAAE,MAAM,CAAA;IACpB,uDAAuD;IACvD,YAAY,CAAC,EAAE,MAAM,EAAE,CAAA;IACvB,0FAA0F;IAC1F,kBAAkB,CAAC,EAAE,OAAO,CAAA;IAC5B,0DAA0D;IAC1D,aAAa,CAAC,EAAE,MAAM,CAAA;IACtB,0DAA0D;IAC1D,gBAAgB,CAAC,EAAE,OAAO,CAAA;IAC1B,iFAAiF;IACjF,gBAAgB,CAAC,EAAE,aAAa,EAAE,CAAA;CACnC;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,+CAA+C;IAC/C,QAAQ,EAAE,aAAa,EAAE,CAAA;IACzB,uCAAuC;IACvC,UAAU,EAAE,aAAa,EAAE,CAAA;IAC3B,kEAAkE;IAClE,WAAW,EAAE,aAAa,EAAE,CAAA;IAC5B,8BAA8B;IAC9B,YAAY,EAAE,MAAM,CAAA;IACpB,wCAAwC;IACxC,YAAY,EAAE,MAAM,CAAA;IACpB,8BAA8B;IAC9B,KAAK,EAAE,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAA;IAC5B,0BAA0B;IAC1B,QAAQ,EAAE,MAAM,CAAA;CACjB;AAED;;;;;;;;;GASG;AACH,wBAAsB,kBAAkB,CACtC,QAAQ,EAAE,QAAQ,EAAE,EACpB,OAAO,EAAE,sBAAsB,GAC9B,OAAO,CAAC,qBAAqB,CAAC,CA+HhC;AA+CD;;GAEG;AACH,wBAAgB,kBAAkB,CAChC,YAAY,EAAE,MAAM,EAAE,EACtB,OAAO,GAAE,OAAO,CAAC,cAAc,CAAM,GACpC,cAAc,CAWhB;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,qBAAqB,GAAG;IACrE,OAAO,EAAE,MAAM,CAAA;IACf,YAAY,EAAE,OAAO,CAAA;IACrB,cAAc,EAAE,MAAM,CAAA;CACvB,CAwBA"}