@oculum/scanner 1.0.0

package/dist/utils/auth-helper-detector.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-helper-detector.js","sourceRoot":"","sources":["../../src/utils/auth-helper-detector.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AA8GH,8CA6CC;AA2FD,wDAgBC;AAmCD,0DAsEC;AAwCD,4DA2BC;AAlZD,+EAA+E;AAC/E,kCAAkC;AAClC,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,6BAA6B,GAAG;IACpC,mBAAmB;IACnB;QACE,WAAW,EAAE,kFAAkF;QAC/F,WAAW,EAAE,wFAAwF;QACrG,WAAW,EAAE,+CAA+C;KAC7D;IACD,iBAAiB;IACjB;QACE,WAAW,EAAE,QAAQ;QACrB,WAAW,EAAE,oBAAoB;QACjC,WAAW,EAAE,qBAAqB;KACnC;IACD;QACE,WAAW,EAAE,eAAe;QAC5B,WAAW,EAAE,2BAA2B;QACxC,WAAW,EAAE,4BAA4B;KAC1C;IACD,oBAAoB;IACpB;QACE,WAAW,EAAE,oBAAoB;QACjC,WAAW,EAAE,2BAA2B;QACxC,WAAW,EAAE,6BAA6B;KAC3C;IACD;QACE,WAAW,EAAE,cAAc;QAC3B,WAAW,EAAE,qBAAqB;QAClC,WAAW,EAAE,gBAAgB;KAC9B;IACD,oBAAoB;IACpB;QACE,WAAW,EAAE,WAAW;QACxB,WAAW,EAAE,kCAAkC;QAC/C,WAAW,EAAE,oBAAoB;KAClC;CACF,CAAA;AAED;;GAEG;AACH,MAAM,mBAAmB,GAAG;IAC1B,kEAAkE;IAClE,gBAAgB;IAChB,yBAAyB;IACzB,4BAA4B;IAC5B,iBAAiB;IACjB,kCAAkC;IAClC,8BAA8B;IAC9B,+BAA+B;CAChC,CAAA;AAED;;GAEG;AACH,MAAM,wBAAwB,GAAG;IAC/B,sBAAsB,EAAS,oBAAoB;IACnD,sBAAsB,EAAS,+BAA+B;IAC9D,oBAAoB,EAAW,kBAAkB;IACjD,oBAAoB,EAAW,2BAA2B;IAC1D,4BAA4B,EAAG,sBAAsB;IACrD,QAAQ,EAAwB,+BAA+B;CAChE,CAAA;AAED,+EAA+E;AAC/E,sBAAsB;AACtB,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,iBAAiB,CAAC,KAAiB;IACjD,MAAM,OAAO,GAAiB,EAAE,CAAA;IAChC,MAAM,aAAa,GAAG,IAAI,GAAG,EAAU,CAAA;IAEvC,2CAA2C;IAC3C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,sBAAsB;QACtB,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAQ;QAEpD,4DAA4D;QAC5D,MAAM,eAAe,GAAG,yBAAyB,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,CAAC,CAAA;QAC1E,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACrC,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAA;gBAC9B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAA;YACtB,CAAC;QACH,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,KAAK,MAAM,OAAO,IAAI,6BAA6B,EAAE,CAAC;QACpD,MAAM,SAAS,GAAG,OAAO,CAAC,WAAW,CAAC,MAAM,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAA;QACtE,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,SAAS,CAAC,EAAE,CAAC;YAClC,4CAA4C;YAC5C,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAA;YACnE,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,SAAS;oBACf,eAAe,EAAE,IAAI,EAAE,0CAA0C;oBACjE,cAAc,EAAE,IAAI;oBACpB,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,mBAAmB;IACnB,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;IAC9D,MAAM,OAAO,GAAG,yBAAyB,CAAC,OAAO,CAAC,CAAA;IAElD,OAAO;QACL,OAAO;QACP,kBAAkB,EAAE,eAAe,CAAC,MAAM,GAAG,CAAC;QAC9C,OAAO;KACR,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,OAAe,EAAE,QAAgB;IAClE,MAAM,OAAO,GAAiB,EAAE,CAAA;IAChC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IAEjC,oCAAoC;IACpC,MAAM,eAAe,GAAG;QACtB,iEAAiE;QACjE,mFAAmF;QACnF,oEAAoE;QACpE,oFAAoF;KACrF,CAAA;IAED,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAErB,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;YACtC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAA;YACrB,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;YAChC,IAAI,CAAC,KAAK;gBAAE,SAAQ;YAEpB,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;YACzB,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAA;YAEnC,kDAAkD;YAClD,MAAM,gBAAgB,GAAG,6BAA6B,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAC9D,CAAC,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,CAC7B,CAAA;YAED,IAAI,CAAC,gBAAgB;gBAAE,SAAQ;YAE/B,mDAAmD;YACnD,MAAM,YAAY,GAAG,mBAAmB,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;YAClD,MAAM,eAAe,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAA;YAC3E,MAAM,cAAc,GAAG,UAAU;gBAC/B,CAAC,CAAC,wBAAwB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,UAAU,EAAE,CAAC,CAAC;gBAC/D,CAAC,CAAC,KAAK,CAAA;YAET,sCAAsC;YACtC,MAAM,WAAW,GAAG,IAAI,MAAM,CAAC,MAAM,WAAW,CAAC,QAAQ,CAAC,SAAS,EAAE,IAAI,CAAC,CAAA;YAE1E,OAAO,CAAC,IAAI,CAAC;gBACX,IAAI,EAAE,QAAQ;gBACd,SAAS,EAAE,QAAQ;gBACnB,eAAe;gBACf,UAAU;gBACV,cAAc,EAAE,cAAc,IAAI,eAAe,EAAE,uCAAuC;gBAC1F,WAAW;aACZ,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,KAAe,EAAE,SAAiB,EAAE,WAAmB,EAAE;IACpF,IAAI,UAAU,GAAG,CAAC,CAAA;IAClB,IAAI,OAAO,GAAG,KAAK,CAAA;IACnB,MAAM,SAAS,GAAa,EAAE,CAAA;IAE9B,KAAK,IAAI,CAAC,GAAG,SAAS,EAAE,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,QAAQ,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9E,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAEpB,KAAK,MAAM,IAAI,IAAI,IAAI,EAAE,CAAC;YACxB,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;gBACjB,UAAU,EAAE,CAAA;gBACZ,OAAO,GAAG,IAAI,CAAA;YAChB,CAAC;iBAAM,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;gBACxB,UAAU,EAAE,CAAA;gBACZ,IAAI,OAAO,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;oBAChC,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;gBAC7B,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AAC7B,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CACpC,WAAmB,EACnB,kBAA0B,EAC1B,OAAqB;IAErB,oEAAoE;IACpE,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;IAE9D,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;QACrC,MAAM,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAA;QAChC,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,kBAAkB,CAAC,EAAE,CAAC;YAChD,OAAO,MAAM,CAAA;QACf,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;GAGG;AACH,MAAM,6BAA6B,GAA6C;IAC9E,iCAAiC;IACjC,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,kBAAkB,EAAE;IACjE,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,gBAAgB,EAAE;IAC7D,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,aAAa,EAAE;IACvD,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,aAAa,EAAE;IACvD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,YAAY,EAAE;IACrD,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,qBAAqB,EAAE;IACvE,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,YAAY,EAAE;IACrD,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,WAAW,EAAE;IACnD,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,cAAc,EAAE;IACzD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,YAAY,EAAE;IACrD,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,SAAS,EAAE;IAC/C,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,kBAAkB,EAAE;IACjE,QAAQ;IACR,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,gBAAgB,EAAE;IACtE,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,aAAa,EAAE;IAC5D,WAAW;IACX,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,kBAAkB,EAAE;IACjE,WAAW;IACX,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,uBAAuB,EAAE;IAC7E,wBAAwB;IACxB,EAAE,OAAO,EAAE,4CAA4C,EAAE,IAAI,EAAE,mBAAmB,EAAE;CACrF,CAAA;AAED;;;GAGG;AACH,SAAgB,uBAAuB,CACrC,OAAe,EACf,UAAkB,EAClB,OAAqB;IAErB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;IAE9D,kEAAkE;IAClE,MAAM,WAAW,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,GAAG,CAAC,CAAA;IAEjD,uCAAuC;IACvC,KAAK,IAAI,CAAC,GAAG,UAAU,GAAG,CAAC,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC,EAAE,EAAE,CAAC;QACnD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAErB,+BAA+B;QAC/B,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACrC,MAAM,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAA;YAChC,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,CAAC,EAAE,CAAA;YACnD,CAAC;QACH,CAAC;QAED,yFAAyF;QACzF,IAAI,mDAAmD,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtF,4EAA4E;YAC5E,IAAI,CAAC,KAAK,UAAU,GAAG,CAAC,EAAE,CAAC;gBACzB,MAAK;YACP,CAAC;QACH,CAAC;IACH,CAAC;IAED,+DAA+D;IAC/D,gFAAgF;IAChF,wFAAwF;IACxF,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IACvD,KAAK,IAAI,CAAC,GAAG,UAAU,EAAE,CAAC,GAAG,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC;QAC1C,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAErB,yBAAyB;QACzB,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;YACrC,MAAM,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAA;YAChC,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,GAAG,CAAC,EAAE,CAAA;YACnD,CAAC;QACH,CAAC;QAED,kEAAkE;QAClE,KAAK,MAAM,KAAK,IAAI,6BAA6B,EAAE,CAAC;YAClD,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,OAAO;oBACL,OAAO,EAAE,IAAI;oBACb,MAAM,EAAE;wBACN,IAAI,EAAE,KAAK,CAAC,IAAI;wBAChB,eAAe,EAAE,IAAI;wBACrB,cAAc,EAAE,IAAI;wBACpB,WAAW,EAAE,KAAK,CAAC,OAAO;qBAC3B;oBACD,QAAQ,EAAE,CAAC,GAAG,CAAC;iBAChB,CAAA;YACH,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,IAAI,CAAC,GAAG,UAAU,IAAI,oEAAoE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACtG,MAAK;QACP,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAA;AAC3B,CAAC;AAED;;GAEG;AACH,SAAS,yBAAyB,CAAC,OAAqB;IACtD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,oCAAoC,CAAA;IAC7C,CAAC;IAED,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;IACvD,MAAM,KAAK,GAAa,EAAE,CAAA;IAE1B,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAA;IACvC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;IAEd,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAA;QACtF,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,QAAQ,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,gBAAgB,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAA;YAClE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,QAAQ,EAAE,CAAC,CAAA;QAC5C,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;QACd,KAAK,CAAC,IAAI,CAAC,uMAAuM,CAAC,CAAA;IACrN,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzB,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAA;AACnD,CAAC;AAED;;;GAGG;AACH,SAAgB,wBAAwB,CACtC,OAAe,EACf,UAAkB,EAClB,OAAqB;IAErB,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,GAAG,EAAE,CAAC,CAAA;IACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAEhE,kCAAkC;IAClC,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,CAAA;IAC9D,KAAK,MAAM,MAAM,IAAI,eAAe,EAAE,CAAC;QACrC,MAAM,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAA;QAChC,IAAI,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACrC,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,MAAM,kBAAkB,GAAG;QACzB,uDAAuD;QACvD,kDAAkD,EAAE,wBAAwB;QAC5E,oCAAoC;QACpC,wBAAwB,EAAE,gBAAgB;KAC3C,CAAA;IAED,OAAO,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAA;AACtD,CAAC"}

package/dist/utils/context-helpers.d.ts

@@ -0,0 +1,96 @@
+/**
+ * Shared Context Helpers
+ * Centralized utility functions for detecting file and code context
+ * Used across Layer 1 and Layer 2 scanners to reduce false positives
+ */
+/**
+ * Check if file is server-only (not bundled to client)
+ * Server-only files can safely use service role keys and other admin secrets
+ */
+export declare function isServerOnlyFile(filePath: string): boolean;
+/**
+ * Check if file is a test, mock, or fixture file
+ * These files often contain fake secrets and should have lower severity
+ */
+export declare function isTestOrMockFile(filePath: string): boolean;
+/**
+ * Check if file is an example/sample/template file
+ * These files should be skipped or have significantly reduced severity
+ */
+export declare function isExampleFile(filePath: string): boolean;
+/**
+ * Check if file is in an examples/demo directory
+ * Stronger check than isExampleFile - specifically for directories
+ * These are typically tutorial/demo code, not production patterns
+ */
+export declare function isExampleDirectory(filePath: string): boolean;
+/**
+ * Check if file is library/framework code (base classes, utilities)
+ * Library code is intentionally generic - consumers add security
+ * This applies to: langchain, vercel/ai, llamaindex, etc.
+ */
+export declare function isLibraryCode(filePath: string): boolean;
+/**
+ * Check if file is a fixture file (test data, mock responses)
+ * Fixtures contain fake data and should have reduced severity
+ */
+export declare function isFixtureFile(filePath: string): boolean;
+/**
+ * Check if file is documentation (README, CHANGELOG, etc.)
+ * These files should typically be skipped for security scanning
+ */
+export declare function isDocumentationFile(filePath: string): boolean;
+/**
+ * Check if file is scanner code, fixture, or rule definition
+ * Avoid flagging the scanner's own code/test cases
+ */
+export declare function isScannerOrFixtureFile(filePath: string): boolean;
+/**
+ * Check if file is likely client-bundled (exposed to browser)
+ */
+export declare function isClientBundledFile(filePath: string): boolean;
+/**
+ * Check if line uses environment variable reference (not hardcoded)
+ */
+export declare function isEnvVarReference(line: string): boolean;
+/**
+ * Check if line uses NEXT_PUBLIC_ prefix (client-exposed)
+ */
+export declare function isNextPublicEnvVar(line: string): boolean;
+/**
+ * Check if line is a comment
+ */
+export declare function isComment(lineContent: string): boolean;
+/**
+ * Check if value/line appears to be a placeholder
+ */
+export declare function isPlaceholderValue(value: string, line: string): boolean;
+/**
+ * Check if line/path indicates a public endpoint (health, webhook, cron)
+ * These don't need authentication
+ */
+export declare function isPublicEndpoint(lineContent: string, filePath: string): boolean;
+/**
+ * Check if webhook has signature verification nearby
+ */
+export declare function hasWebhookSignatureVerification(lines: string[], lineIndex: number, windowSize?: number): boolean;
+/**
+ * Check if there's an auth check nearby (bidirectional search)
+ */
+export declare function hasAuthCheckNearby(lines: string[], lineIndex: number, windowSize?: number): boolean;
+/**
+ * Check if this appears to be a BYOK (user-provided key) context
+ * BYOK is a feature, not a vulnerability, unless improperly handled
+ */
+export declare function isBYOKContext(lineContent: string, filePath: string): boolean;
+/**
+ * Check if key is being stored/handled properly (not exposed)
+ */
+export declare function isKeyProperlyHandled(lineContent: string, lines: string[], lineIndex: number): boolean;
+/**
+ * Check if this is a service role key usage that's acceptable
+ * Server-only + env var = acceptable
+ * Client exposure = critical
+ */
+export declare function getServiceRoleKeyContext(lineContent: string, filePath: string): 'safe_server' | 'needs_review' | 'client_exposure';
+//# sourceMappingURL=context-helpers.d.ts.map

package/dist/utils/context-helpers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"context-helpers.d.ts","sourceRoot":"","sources":["../../src/utils/context-helpers.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAMH;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAoB1D;AAED;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAmB1D;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAWvD;AAED;;;;GAIG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAY5D;AAED;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAkBvD;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAcvD;AAED;;;GAGG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAY7D;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAahE;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAmB7D;AAMD;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAWvD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAExD;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,CAWtD;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,OAAO,CAkBvE;AAMD;;;GAGG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAiD/E;AAED;;GAEG;AACH,wBAAgB,+BAA+B,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,GAAE,MAAW,GAAG,OAAO,CA0BpH;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,GAAE,MAAW,GAAG,OAAO,CA0CvG;AAMD;;;GAGG;AACH,wBAAgB,aAAa,CAAC,WAAW,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,OAAO,CAiD5E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CA6BrG;AAMD;;;;GAIG;AACH,wBAAgB,wBAAwB,CACtC,WAAW,EAAE,MAAM,EACnB,QAAQ,EAAE,MAAM,GACf,aAAa,GAAG,cAAc,GAAG,iBAAiB,CAuBpD"}

package/dist/utils/context-helpers.js

@@ -0,0 +1,493 @@
+"use strict";
+/**
+ * Shared Context Helpers
+ * Centralized utility functions for detecting file and code context
+ * Used across Layer 1 and Layer 2 scanners to reduce false positives
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.isServerOnlyFile = isServerOnlyFile;
+exports.isTestOrMockFile = isTestOrMockFile;
+exports.isExampleFile = isExampleFile;
+exports.isExampleDirectory = isExampleDirectory;
+exports.isLibraryCode = isLibraryCode;
+exports.isFixtureFile = isFixtureFile;
+exports.isDocumentationFile = isDocumentationFile;
+exports.isScannerOrFixtureFile = isScannerOrFixtureFile;
+exports.isClientBundledFile = isClientBundledFile;
+exports.isEnvVarReference = isEnvVarReference;
+exports.isNextPublicEnvVar = isNextPublicEnvVar;
+exports.isComment = isComment;
+exports.isPlaceholderValue = isPlaceholderValue;
+exports.isPublicEndpoint = isPublicEndpoint;
+exports.hasWebhookSignatureVerification = hasWebhookSignatureVerification;
+exports.hasAuthCheckNearby = hasAuthCheckNearby;
+exports.isBYOKContext = isBYOKContext;
+exports.isKeyProperlyHandled = isKeyProperlyHandled;
+exports.getServiceRoleKeyContext = getServiceRoleKeyContext;
+// ============================================================================
+// File Path Context Detection
+// ============================================================================
+/**
+ * Check if file is server-only (not bundled to client)
+ * Server-only files can safely use service role keys and other admin secrets
+ */
+function isServerOnlyFile(filePath) {
+    const serverPatterns = [
+        /lib\/supabase\/(server|admin|middleware)\.(ts|js)$/i,
+        /\/api\//i, // Next.js API routes
+        /\/server\//i, // Server directories
+        /\.server\.(ts|js|tsx|jsx)$/i, // .server.ts files
+        /\/actions\//i, // Server actions
+        /middleware\.(ts|js)$/i, // Middleware files
+        /\/cron\//i, // Cron jobs
+        /\/workers?\//i, // Worker files
+        /\/scripts?\//i, // Scripts
+        /\/seed\//i, // Database seeds
+        /\/migrations?\//i, // Database migrations
+        /\/lib\/[^/]+\/server/i, // lib/*/server patterns
+        /\/utils\/server/i, // utils/server
+        /\/helpers\/server/i, // helpers/server
+        /\.action\.(ts|js)$/i, // .action.ts files
+        /route\.(ts|js)$/i, // Next.js route handlers
+    ];
+    return serverPatterns.some(pattern => pattern.test(filePath));
+}
+/**
+ * Check if file is a test, mock, or fixture file
+ * These files often contain fake secrets and should have lower severity
+ */
+function isTestOrMockFile(filePath) {
+    const testPatterns = [
+        /\.(test|spec)\.(ts|tsx|js|jsx)$/i,
+        /\/__tests__\//i,
+        /\/test\//i,
+        /\/tests\//i,
+        /\/mock/i,
+        /\/mocks\//i,
+        /\/fixtures?\//i,
+        /\.mock\.(ts|tsx|js|jsx)$/i,
+        /\.stub\.(ts|tsx|js|jsx)$/i,
+        /\.(stories|story)\.(ts|tsx|js|jsx)$/i, // Storybook
+        /\/e2e\//i, // E2E tests
+        /\/cypress\//i, // Cypress tests
+        /\/playwright\//i, // Playwright tests
+        /\/vitest\//i, // Vitest
+        /\/jest\//i, // Jest
+    ];
+    return testPatterns.some(pattern => pattern.test(filePath));
+}
+/**
+ * Check if file is an example/sample/template file
+ * These files should be skipped or have significantly reduced severity
+ */
+function isExampleFile(filePath) {
+    return (filePath.includes('.example') ||
+        filePath.includes('.sample') ||
+        filePath.includes('.template') ||
+        filePath.includes('README') ||
+        filePath.includes('/examples/') ||
+        filePath.includes('/example/') ||
+        filePath.includes('/demo/') ||
+        filePath.includes('/demos/'));
+}
+/**
+ * Check if file is in an examples/demo directory
+ * Stronger check than isExampleFile - specifically for directories
+ * These are typically tutorial/demo code, not production patterns
+ */
+function isExampleDirectory(filePath) {
+    const examplePatterns = [
+        /\/examples?\//i,
+        /\/demos?\//i,
+        /\/templates?\//i,
+        /\/samples?\//i,
+        /\/tutorials?\//i,
+        /\/cookbook\//i,
+        /\/quickstart\//i,
+        /\/getting-started\//i,
+    ];
+    return examplePatterns.some(pattern => pattern.test(filePath));
+}
+/**
+ * Check if file is library/framework code (base classes, utilities)
+ * Library code is intentionally generic - consumers add security
+ * This applies to: langchain, vercel/ai, llamaindex, etc.
+ */
+function isLibraryCode(filePath) {
+    const libraryPatterns = [
+        // Package source directories in monorepos
+        /\/libs\/[^/]+\/src\//i,
+        /\/packages\/[^/]+\/src\//i,
+        // Common library patterns
+        /\/langchain-/i,
+        /\/llamaindex/i,
+        // Source files that aren't examples or tests
+        /\/src\/(?!.*(?:examples?|demos?|tests?)\/).*\.(ts|js)$/i,
+    ];
+    // Must match library pattern AND not be example/test
+    return (libraryPatterns.some(pattern => pattern.test(filePath)) &&
+        !isExampleDirectory(filePath) &&
+        !isTestOrMockFile(filePath));
+}
+/**
+ * Check if file is a fixture file (test data, mock responses)
+ * Fixtures contain fake data and should have reduced severity
+ */
+function isFixtureFile(filePath) {
+    const fixturePatterns = [
+        /__fixtures__\//i,
+        /\.fixture\./i,
+        /fixtures?\//i,
+        /testdata\//i,
+        /test-data\//i,
+        /test_data\//i,
+        /mock-data\//i,
+        /mockdata\//i,
+        /\.mock\./i,
+        /\.stub\./i,
+    ];
+    return fixturePatterns.some(pattern => pattern.test(filePath));
+}
+/**
+ * Check if file is documentation (README, CHANGELOG, etc.)
+ * These files should typically be skipped for security scanning
+ */
+function isDocumentationFile(filePath) {
+    const docPatterns = [
+        /README/i,
+        /CHANGELOG/i,
+        /CONTRIBUTING/i,
+        /LICENSE/i,
+        /\.md$/i,
+        /\.mdx$/i,
+        /\/docs\//i,
+        /\/documentation\//i,
+    ];
+    return docPatterns.some(pattern => pattern.test(filePath));
+}
+/**
+ * Check if file is scanner code, fixture, or rule definition
+ * Avoid flagging the scanner's own code/test cases
+ */
+function isScannerOrFixtureFile(filePath) {
+    const scannerPatterns = [
+        /\/scanner\//i,
+        /\/detector\//i,
+        /\/security\//i,
+        /\/rules?\//i,
+        /\/patterns?\//i,
+        /\/fixtures?\//i,
+        /\/testdata\//i,
+        /\/test-data\//i,
+        /\/test_data\//i,
+    ];
+    return scannerPatterns.some(pattern => pattern.test(filePath));
+}
+/**
+ * Check if file is likely client-bundled (exposed to browser)
+ */
+function isClientBundledFile(filePath) {
+    // Files in these locations are typically client-bundled
+    const clientPatterns = [
+        /\/components\//i,
+        /\/pages\//i, // Next.js pages (can be SSR, but code visible)
+        /\/app\/.*page\.(ts|tsx|js|jsx)$/i, // Next.js app router pages
+        /\/hooks\//i,
+        /\/contexts?\//i,
+        /\/providers?\//i,
+        /\/stores?\//i, // State management
+        /\.client\.(ts|js|tsx|jsx)$/i, // .client.ts files
+    ];
+    // But not if they're also server files
+    if (isServerOnlyFile(filePath)) {
+        return false;
+    }
+    return clientPatterns.some(pattern => pattern.test(filePath));
+}
+// ============================================================================
+// Code Line Context Detection
+// ============================================================================
+/**
+ * Check if line uses environment variable reference (not hardcoded)
+ */
+function isEnvVarReference(line) {
+    return (/process\.env\.[A-Z_]+/.test(line) ||
+        /\$\{?[A-Z_]+\}?/.test(line) ||
+        /import\.meta\.env\.[A-Z_]+/.test(line) ||
+        /Deno\.env\.get\(/.test(line) ||
+        /os\.environ\[/.test(line) || // Python
+        /os\.getenv\(/.test(line) || // Python
+        /ENV\[['"]/.test(line) || // Ruby
+        /env\(["']/.test(line) // Laravel PHP
+    );
+}
+/**
+ * Check if line uses NEXT_PUBLIC_ prefix (client-exposed)
+ */
+function isNextPublicEnvVar(line) {
+    return /NEXT_PUBLIC_[A-Z_]+/.test(line);
+}
+/**
+ * Check if line is a comment
+ */
+function isComment(lineContent) {
+    const trimmed = lineContent.trim();
+    return (trimmed.startsWith('//') ||
+        trimmed.startsWith('#') ||
+        trimmed.startsWith('*') ||
+        trimmed.startsWith('/*') ||
+        trimmed.startsWith('"""') ||
+        trimmed.startsWith("'''") ||
+        trimmed.startsWith('<!--'));
+}
+/**
+ * Check if value/line appears to be a placeholder
+ */
+function isPlaceholderValue(value, line) {
+    const placeholderPatterns = [
+        /xxx/i,
+        /your[-_]?/i,
+        /YOUR[-_]?/i,
+        /placeholder/i,
+        /example/i,
+        /REPLACE[-_]?/i,
+        /CHANGEME/i,
+        /<[a-z_-]+>/i, // <your-api-key>
+        /\[\s*[a-z_-]+\s*\]/i, // [API_KEY]
+        /todo/i,
+        /fixme/i,
+    ];
+    return placeholderPatterns.some(pattern => pattern.test(value) || pattern.test(line));
+}
+// ============================================================================
+// Security Context Detection
+// ============================================================================
+/**
+ * Check if line/path indicates a public endpoint (health, webhook, cron)
+ * These don't need authentication
+ */
+function isPublicEndpoint(lineContent, filePath) {
+    // Health check patterns
+    const healthCheckPatterns = [
+        /\/health\/?["'`]?/i,
+        /\/healthz\/?["'`]?/i,
+        /\/ready\/?["'`]?/i,
+        /\/readyz\/?["'`]?/i,
+        /\/live\/?["'`]?/i,
+        /\/livez\/?["'`]?/i,
+        /\/ping\/?["'`]?/i,
+        /\/status\/?["'`]?/i,
+        /\/api\/health/i,
+        /\/api\/status/i,
+        /\/_health/i,
+    ];
+    // Webhook patterns
+    const webhookPatterns = [
+        /\/webhook/i,
+        /\/webhooks\//i,
+        /\/callback/i,
+        /\/stripe\/webhook/i,
+        /\/github\/webhook/i,
+        /\/clerk\/webhook/i,
+    ];
+    // Cron/scheduled job patterns
+    const cronPatterns = [
+        /\/cron\//i,
+        /\/scheduled\//i,
+        /\/tasks?\//i,
+        /\/jobs?\//i,
+    ];
+    // Check line content
+    const allPatterns = [...healthCheckPatterns, ...webhookPatterns, ...cronPatterns];
+    if (allPatterns.some(pattern => pattern.test(lineContent))) {
+        return true;
+    }
+    // Check file path
+    if (filePath.includes('/health') ||
+        filePath.includes('/webhook') ||
+        filePath.includes('/cron') ||
+        filePath.includes('/scheduled')) {
+        return true;
+    }
+    return false;
+}
+/**
+ * Check if webhook has signature verification nearby
+ */
+function hasWebhookSignatureVerification(lines, lineIndex, windowSize = 15) {
+    const signaturePatterns = [
+        /verifySignature/i,
+        /validateSignature/i,
+        /checkSignature/i,
+        /signature.*verify/i,
+        /verify.*signature/i,
+        /hmac/i,
+        /x-hub-signature/i,
+        /stripe-signature/i,
+        /svix-signature/i,
+        /webhook.*secret/i,
+        /constructEvent/i, // Stripe webhook verification
+        /Webhook\.verify/i, // Generic webhook verify
+    ];
+    const start = Math.max(0, lineIndex - windowSize);
+    const end = Math.min(lines.length, lineIndex + windowSize);
+    for (let i = start; i < end; i++) {
+        if (signaturePatterns.some(pattern => pattern.test(lines[i]))) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Check if there's an auth check nearby (bidirectional search)
+ */
+function hasAuthCheckNearby(lines, lineIndex, windowSize = 20) {
+    const authPatterns = [
+        /authorization/i,
+        /bearer\s+token/i,
+        /req\.user/i,
+        /request\.user/i,
+        /\.user\s*[=!]/,
+        /isAuthenticated/i,
+        /requireAuth/i,
+        /ensureAuth/i,
+        /checkAuth/i,
+        /verifyToken/i,
+        /validateToken/i,
+        /checkPermission/i,
+        /getServerSession/i,
+        /middleware.*auth/i,
+        /session\.user/i,
+        /currentUser/i,
+        /getSession\(/i,
+        /useSession\(/i,
+        /auth\(\)/i, // Next-Auth auth()
+        /withAuth/i,
+        /protected/i,
+        /verifySignature/i, // Webhook signature
+        /checkApiKey/i,
+        /validateApiKey/i,
+        /requireRole/i,
+        /hasRole/i,
+        /isAdmin/i,
+    ];
+    // Search bidirectionally
+    const start = Math.max(0, lineIndex - windowSize);
+    const end = Math.min(lines.length, lineIndex + windowSize);
+    for (let i = start; i < end; i++) {
+        if (authPatterns.some(pattern => pattern.test(lines[i]))) {
+            return true;
+        }
+    }
+    return false;
+}
+// ============================================================================
+// BYOK (Bring Your Own Key) Context Detection
+// ============================================================================
+/**
+ * Check if this appears to be a BYOK (user-provided key) context
+ * BYOK is a feature, not a vulnerability, unless improperly handled
+ */
+function isBYOKContext(lineContent, filePath) {
+    // Common BYOK patterns
+    const byokPatterns = [
+        /user.*api.*key/i,
+        /customer.*key/i,
+        /your.*api.*key/i,
+        /provide.*key/i,
+        /enter.*key/i,
+        /input.*key/i,
+        /form.*key/i,
+        /settings.*key/i,
+        /config.*key.*user/i,
+        /BYOK/i,
+        /bring.*your.*own/i,
+    ];
+    // Form/input contexts
+    const inputPatterns = [
+        /input.*type/i,
+        /onChange/i,
+        /onSubmit/i,
+        /handleSubmit/i,
+        /useState.*key/i,
+        /form.*data/i,
+    ];
+    // Settings/config UI patterns
+    const settingsPatterns = [
+        /\/settings\//i,
+        /\/config\//i,
+        /\/preferences\//i,
+        /\/profile\//i,
+    ];
+    // Check line content
+    if (byokPatterns.some(p => p.test(lineContent)) ||
+        inputPatterns.some(p => p.test(lineContent))) {
+        return true;
+    }
+    // Check file path
+    if (settingsPatterns.some(p => p.test(filePath))) {
+        // In settings files, look for user input context
+        if (inputPatterns.some(p => p.test(lineContent))) {
+            return true;
+        }
+    }
+    return false;
+}
+/**
+ * Check if key is being stored/handled properly (not exposed)
+ */
+function isKeyProperlyHandled(lineContent, lines, lineIndex) {
+    // Proper handling patterns (encryption, secure storage, etc.)
+    const properHandlingPatterns = [
+        /encrypt/i,
+        /hash/i,
+        /secure.*storage/i,
+        /keychain/i,
+        /vault/i,
+        /secretsManager/i,
+        /kms/i,
+        /\.env/i,
+    ];
+    // Check current line
+    if (properHandlingPatterns.some(p => p.test(lineContent))) {
+        return true;
+    }
+    // Check nearby lines (5 lines before and after)
+    const start = Math.max(0, lineIndex - 5);
+    const end = Math.min(lines.length, lineIndex + 5);
+    for (let i = start; i < end; i++) {
+        if (properHandlingPatterns.some(p => p.test(lines[i]))) {
+            return true;
+        }
+    }
+    return false;
+}
+// ============================================================================
+// Service Role Key Context
+// ============================================================================
+/**
+ * Check if this is a service role key usage that's acceptable
+ * Server-only + env var = acceptable
+ * Client exposure = critical
+ */
+function getServiceRoleKeyContext(lineContent, filePath) {
+    const isServer = isServerOnlyFile(filePath);
+    const usesEnvVar = isEnvVarReference(lineContent);
+    const isClientFile = isClientBundledFile(filePath);
+    const isNextPublic = isNextPublicEnvVar(lineContent);
+    // NEXT_PUBLIC_ service role key = always critical (client exposure)
+    if (isNextPublic) {
+        return 'client_exposure';
+    }
+    // Server-only file using env var = safe
+    if (isServer && usesEnvVar) {
+        return 'safe_server';
+    }
+    // Client-bundled file = exposure risk
+    if (isClientFile) {
+        return 'client_exposure';
+    }
+    // Hardcoded or ambiguous = needs review
+    return 'needs_review';
+}
+//# sourceMappingURL=context-helpers.js.map

package/dist/utils/context-helpers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"context-helpers.js","sourceRoot":"","sources":["../../src/utils/context-helpers.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAUH,4CAoBC;AAMD,4CAmBC;AAMD,sCAWC;AAOD,gDAYC;AAOD,sCAkBC;AAMD,sCAcC;AAMD,kDAYC;AAMD,wDAaC;AAKD,kDAmBC;AASD,8CAWC;AAKD,gDAEC;AAKD,8BAWC;AAKD,gDAkBC;AAUD,4CAiDC;AAKD,0EA0BC;AAKD,gDA0CC;AAUD,sCAiDC;AAKD,oDA6BC;AAWD,4DA0BC;AAhhBD,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,cAAc,GAAG;QACrB,qDAAqD;QACrD,UAAU,EAAqB,qBAAqB;QACpD,aAAa,EAAkB,qBAAqB;QACpD,6BAA6B,EAAE,mBAAmB;QAClD,cAAc,EAAiB,iBAAiB;QAChD,uBAAuB,EAAQ,mBAAmB;QAClD,WAAW,EAAoB,YAAY;QAC3C,eAAe,EAAgB,eAAe;QAC9C,eAAe,EAAgB,UAAU;QACzC,WAAW,EAAoB,iBAAiB;QAChD,kBAAkB,EAAa,sBAAsB;QACrD,uBAAuB,EAAQ,wBAAwB;QACvD,kBAAkB,EAAa,eAAe;QAC9C,oBAAoB,EAAW,iBAAiB;QAChD,qBAAqB,EAAU,mBAAmB;QAClD,kBAAkB,EAAa,yBAAyB;KACzD,CAAA;IACD,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,YAAY,GAAG;QACnB,kCAAkC;QAClC,gBAAgB;QAChB,WAAW;QACX,YAAY;QACZ,SAAS;QACT,YAAY;QACZ,gBAAgB;QAChB,2BAA2B;QAC3B,2BAA2B;QAC3B,sCAAsC,EAAG,YAAY;QACrD,UAAU,EAAgC,YAAY;QACtD,cAAc,EAA4B,gBAAgB;QAC1D,iBAAiB,EAAyB,mBAAmB;QAC7D,aAAa,EAA6B,SAAS;QACnD,WAAW,EAA+B,OAAO;KAClD,CAAA;IACD,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC7D,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,OAAO,CACL,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC7B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC7B,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,QAAgB;IACjD,MAAM,eAAe,GAAG;QACtB,gBAAgB;QAChB,aAAa;QACb,iBAAiB;QACjB,eAAe;QACf,iBAAiB;QACjB,eAAe;QACf,iBAAiB;QACjB,sBAAsB;KACvB,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,MAAM,eAAe,GAAG;QACtB,0CAA0C;QAC1C,uBAAuB;QACvB,2BAA2B;QAC3B,0BAA0B;QAC1B,eAAe;QACf,eAAe;QACf,6CAA6C;QAC7C,yDAAyD;KAC1D,CAAA;IAED,qDAAqD;IACrD,OAAO,CACL,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvD,CAAC,kBAAkB,CAAC,QAAQ,CAAC;QAC7B,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAC5B,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,MAAM,eAAe,GAAG;QACtB,iBAAiB;QACjB,cAAc;QACd,cAAc;QACd,aAAa;QACb,cAAc;QACd,cAAc;QACd,cAAc;QACd,aAAa;QACb,WAAW;QACX,WAAW;KACZ,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;GAGG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,WAAW,GAAG;QAClB,SAAS;QACT,YAAY;QACZ,eAAe;QACf,UAAU;QACV,QAAQ;QACR,SAAS;QACT,WAAW;QACX,oBAAoB;KACrB,CAAA;IACD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CAAC,QAAgB;IACrD,MAAM,eAAe,GAAG;QACtB,cAAc;QACd,eAAe;QACf,eAAe;QACf,aAAa;QACb,gBAAgB;QAChB,gBAAgB;QAChB,eAAe;QACf,gBAAgB;QAChB,gBAAgB;KACjB,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,wDAAwD;IACxD,MAAM,cAAc,GAAG;QACrB,iBAAiB;QACjB,YAAY,EAAY,+CAA+C;QACvE,kCAAkC,EAAG,2BAA2B;QAChE,YAAY;QACZ,gBAAgB;QAChB,iBAAiB;QACjB,cAAc,EAAU,mBAAmB;QAC3C,6BAA6B,EAAG,mBAAmB;KACpD,CAAA;IAED,uCAAuC;IACvC,IAAI,gBAAgB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,iBAAiB,CAAC,IAAY;IAC5C,OAAO,CACL,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;QAClC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC5B,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC;QACvC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC7B,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAS,SAAS;QAC5C,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAU,SAAS;QAC5C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAa,OAAO;QAC1C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAa,cAAc;KAClD,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,IAAY;IAC7C,OAAO,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzC,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAmB;IAC3C,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,CAAA;IAClC,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3B,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAa,EAAE,IAAY;IAC5D,MAAM,mBAAmB,GAAG;QAC1B,MAAM;QACN,YAAY;QACZ,YAAY;QACZ,cAAc;QACd,UAAU;QACV,eAAe;QACf,WAAW;QACX,aAAa,EAAY,iBAAiB;QAC1C,qBAAqB,EAAI,YAAY;QACrC,OAAO;QACP,QAAQ;KACT,CAAA;IAED,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACxC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAC1C,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,6BAA6B;AAC7B,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,WAAmB,EAAE,QAAgB;IACpE,wBAAwB;IACxB,MAAM,mBAAmB,GAAG;QAC1B,oBAAoB;QACpB,qBAAqB;QACrB,mBAAmB;QACnB,oBAAoB;QACpB,kBAAkB;QAClB,mBAAmB;QACnB,kBAAkB;QAClB,oBAAoB;QACpB,gBAAgB;QAChB,gBAAgB;QAChB,YAAY;KACb,CAAA;IAED,mBAAmB;IACnB,MAAM,eAAe,GAAG;QACtB,YAAY;QACZ,eAAe;QACf,aAAa;QACb,oBAAoB;QACpB,oBAAoB;QACpB,mBAAmB;KACpB,CAAA;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG;QACnB,WAAW;QACX,gBAAgB;QAChB,aAAa;QACb,YAAY;KACb,CAAA;IAED,qBAAqB;IACrB,MAAM,WAAW,GAAG,CAAC,GAAG,mBAAmB,EAAE,GAAG,eAAe,EAAE,GAAG,YAAY,CAAC,CAAA;IACjF,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAC3D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kBAAkB;IAClB,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC7B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC1B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,+BAA+B,CAAC,KAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IACzG,MAAM,iBAAiB,GAAG;QACxB,kBAAkB;QAClB,oBAAoB;QACpB,iBAAiB;QACjB,oBAAoB;QACpB,oBAAoB;QACpB,OAAO;QACP,kBAAkB;QAClB,mBAAmB;QACnB,iBAAiB;QACjB,kBAAkB;QAClB,iBAAiB,EAAO,8BAA8B;QACtD,kBAAkB,EAAM,yBAAyB;KAClD,CAAA;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAE1D,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9D,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IAC5F,MAAM,YAAY,GAAG;QACnB,gBAAgB;QAChB,iBAAiB;QACjB,YAAY;QACZ,gBAAgB;QAChB,eAAe;QACf,kBAAkB;QAClB,cAAc;QACd,aAAa;QACb,YAAY;QACZ,cAAc;QACd,gBAAgB;QAChB,kBAAkB;QAClB,mBAAmB;QACnB,mBAAmB;QACnB,gBAAgB;QAChB,cAAc;QACd,eAAe;QACf,eAAe;QACf,WAAW,EAAc,mBAAmB;QAC5C,WAAW;QACX,YAAY;QACZ,kBAAkB,EAAO,oBAAoB;QAC7C,cAAc;QACd,iBAAiB;QACjB,cAAc;QACd,UAAU;QACV,UAAU;KACX,CAAA;IAED,yBAAyB;IACzB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAE1D,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,8CAA8C;AAC9C,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,aAAa,CAAC,WAAmB,EAAE,QAAgB;IACjE,uBAAuB;IACvB,MAAM,YAAY,GAAG;QACnB,iBAAiB;QACjB,gBAAgB;QAChB,iBAAiB;QACjB,eAAe;QACf,aAAa;QACb,aAAa;QACb,YAAY;QACZ,gBAAgB;QAChB,oBAAoB;QACpB,OAAO;QACP,mBAAmB;KACpB,CAAA;IAED,sBAAsB;IACtB,MAAM,aAAa,GAAG;QACpB,cAAc;QACd,WAAW;QACX,WAAW;QACX,eAAe;QACf,gBAAgB;QAChB,aAAa;KACd,CAAA;IAED,8BAA8B;IAC9B,MAAM,gBAAgB,GAAG;QACvB,eAAe;QACf,aAAa;QACb,kBAAkB;QAClB,cAAc;KACf,CAAA;IAED,qBAAqB;IACrB,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kBAAkB;IAClB,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACjD,iDAAiD;QACjD,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,WAAmB,EAAE,KAAe,EAAE,SAAiB;IAC1F,8DAA8D;IAC9D,MAAM,sBAAsB,GAAG;QAC7B,UAAU;QACV,OAAO;QACP,kBAAkB;QAClB,WAAW;QACX,QAAQ;QACR,iBAAiB;QACjB,MAAM;QACN,QAAQ;KACT,CAAA;IAED,qBAAqB;IACrB,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gDAAgD;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,CAAA;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,CAAC,CAAC,CAAA;IAEjD,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,2BAA2B;AAC3B,+EAA+E;AAE/E;;;;GAIG;AACH,SAAgB,wBAAwB,CACtC,WAAmB,EACnB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,UAAU,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAA;IACjD,MAAM,YAAY,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAA;IAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAA;IAEpD,oEAAoE;IACpE,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED,wCAAwC;IACxC,IAAI,QAAQ,IAAI,UAAU,EAAE,CAAC;QAC3B,OAAO,aAAa,CAAA;IACtB,CAAC;IAED,sCAAsC;IACtC,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED,wCAAwC;IACxC,OAAO,cAAc,CAAA;AACvB,CAAC"}