@oculum/scanner 1.0.1 → 1.0.3

package/dist/utils/context-helpers.js

@@ -14,6 +14,8 @@ exports.isFixtureFile = isFixtureFile;
 exports.isDocumentationFile = isDocumentationFile;
 exports.isScannerOrFixtureFile = isScannerOrFixtureFile;
 exports.isClientBundledFile = isClientBundledFile;
+exports.isSeedOrDataGenFile = isSeedOrDataGenFile;
+exports.isEducationalVulnerabilityFile = isEducationalVulnerabilityFile;
 exports.isEnvVarReference = isEnvVarReference;
 exports.isNextPublicEnvVar = isNextPublicEnvVar;
 exports.isComment = isComment;
@@ -204,6 +206,44 @@ function isClientBundledFile(filePath) {
     }
     return clientPatterns.some(pattern => pattern.test(filePath));
 }
+/**
+ * Check if file is a seed or data generation file
+ * These files generate test/demo data and Math.random() usage is acceptable
+ * Used to reduce false positives for Math.random() detection
+ */
+function isSeedOrDataGenFile(filePath) {
+    const patterns = [
+        /\/seed\//i,
+        /\/seeds\//i,
+        /seed-database\.(ts|js)$/i,
+        /\/seeder\./i,
+        /datacreator\.(ts|js)$/i,
+        /\/data\/.*creator/i,
+        /\/fixtures\//i,
+        /\.fixture\./i,
+        /\/generators?\//i,
+        /\/factories\//i,
+        /factory\.(ts|js)$/i,
+    ];
+    return patterns.some(p => p.test(filePath));
+}
+/**
+ * Check if file is educational/intentional vulnerability code
+ * These files (e.g., OWASP Juice Shop) contain intentional vulnerabilities for training
+ * Should be skipped entirely to avoid false positives
+ */
+function isEducationalVulnerabilityFile(filePath) {
+    const patterns = [
+        /\/insecurity\.(ts|js)$/i,
+        /\/vulnerable\.(ts|js)$/i,
+        /\/intentionally-vulnerable/i,
+        /\/security-examples?\//i,
+        /\/vuln-examples?\//i,
+        /\/challenge-\d+/i, // OWASP Juice Shop challenges
+        /\/exploit-examples?\//i,
+    ];
+    return patterns.some(p => p.test(filePath));
+}
 // ============================================================================
 // Code Line Context Detection
 // ============================================================================

package/dist/utils/context-helpers.js.map

@@ -1 +1 @@
-{"version":3,"file":"context-helpers.js","sourceRoot":"","sources":["../../src/utils/context-helpers.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAUH,4CAoBC;AAMD,4CAmBC;AAMD,sCAWC;AAOD,gDAYC;AAOD,sCAkBC;AAMD,sCAcC;AAMD,kDAYC;AAMD,wDAaC;AAKD,kDAmBC;AASD,8CAWC;AAKD,gDAEC;AAKD,8BAWC;AAKD,gDAkBC;AAUD,4CAiDC;AAKD,0EA0BC;AAKD,gDA0CC;AAUD,sCAiDC;AAKD,oDA6BC;AAWD,4DA0BC;AAhhBD,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,cAAc,GAAG;QACrB,qDAAqD;QACrD,UAAU,EAAqB,qBAAqB;QACpD,aAAa,EAAkB,qBAAqB;QACpD,6BAA6B,EAAE,mBAAmB;QAClD,cAAc,EAAiB,iBAAiB;QAChD,uBAAuB,EAAQ,mBAAmB;QAClD,WAAW,EAAoB,YAAY;QAC3C,eAAe,EAAgB,eAAe;QAC9C,eAAe,EAAgB,UAAU;QACzC,WAAW,EAAoB,iBAAiB;QAChD,kBAAkB,EAAa,sBAAsB;QACrD,uBAAuB,EAAQ,wBAAwB;QACvD,kBAAkB,EAAa,eAAe;QAC9C,oBAAoB,EAAW,iBAAiB;QAChD,qBAAqB,EAAU,mBAAmB;QAClD,kBAAkB,EAAa,yBAAyB;KACzD,CAAA;IACD,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,YAAY,GAAG;QACnB,kCAAkC;QAClC,gBAAgB;QAChB,WAAW;QACX,YAAY;QACZ,SAAS;QACT,YAAY;QACZ,gBAAgB;QAChB,2BAA2B;QAC3B,2BAA2B;QAC3B,sCAAsC,EAAG,YAAY;QACrD,UAAU,EAAgC,YAAY;QACtD,cAAc,EAA4B,gBAAgB;QAC1D,iBAAiB,EAAyB,mBAAmB;QAC7D,aAAa,EAA6B,SAAS;QACnD,WAAW,EAA+B,OAAO;KAClD,CAAA;IACD,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC7D,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,OAAO,CACL,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC7B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC7B,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,QAAgB;IACjD,MAAM,eAAe,GAAG;QACtB,gBAAgB;QAChB,aAAa;QACb,iBAAiB;QACjB,eAAe;QACf,iBAAiB;QACjB,eAAe;QACf,iBAAiB;QACjB,sBAAsB;KACvB,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,MAAM,eAAe,GAAG;QACtB,0CAA0C;QAC1C,uBAAuB;QACvB,2BAA2B;QAC3B,0BAA0B;QAC1B,eAAe;QACf,eAAe;QACf,6CAA6C;QAC7C,yDAAyD;KAC1D,CAAA;IAED,qDAAqD;IACrD,OAAO,CACL,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvD,CAAC,kBAAkB,CAAC,QAAQ,CAAC;QAC7B,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAC5B,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,MAAM,eAAe,GAAG;QACtB,iBAAiB;QACjB,cAAc;QACd,cAAc;QACd,aAAa;QACb,cAAc;QACd,cAAc;QACd,cAAc;QACd,aAAa;QACb,WAAW;QACX,WAAW;KACZ,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;GAGG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,WAAW,GAAG;QAClB,SAAS;QACT,YAAY;QACZ,eAAe;QACf,UAAU;QACV,QAAQ;QACR,SAAS;QACT,WAAW;QACX,oBAAoB;KACrB,CAAA;IACD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CAAC,QAAgB;IACrD,MAAM,eAAe,GAAG;QACtB,cAAc;QACd,eAAe;QACf,eAAe;QACf,aAAa;QACb,gBAAgB;QAChB,gBAAgB;QAChB,eAAe;QACf,gBAAgB;QAChB,gBAAgB;KACjB,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,wDAAwD;IACxD,MAAM,cAAc,GAAG;QACrB,iBAAiB;QACjB,YAAY,EAAY,+CAA+C;QACvE,kCAAkC,EAAG,2BAA2B;QAChE,YAAY;QACZ,gBAAgB;QAChB,iBAAiB;QACjB,cAAc,EAAU,mBAAmB;QAC3C,6BAA6B,EAAG,mBAAmB;KACpD,CAAA;IAED,uCAAuC;IACvC,IAAI,gBAAgB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,iBAAiB,CAAC,IAAY;IAC5C,OAAO,CACL,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;QAClC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC5B,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC;QACvC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC7B,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAS,SAAS;QAC5C,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAU,SAAS;QAC5C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAa,OAAO;QAC1C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAa,cAAc;KAClD,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,IAAY;IAC7C,OAAO,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzC,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAmB;IAC3C,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,CAAA;IAClC,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3B,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAa,EAAE,IAAY;IAC5D,MAAM,mBAAmB,GAAG;QAC1B,MAAM;QACN,YAAY;QACZ,YAAY;QACZ,cAAc;QACd,UAAU;QACV,eAAe;QACf,WAAW;QACX,aAAa,EAAY,iBAAiB;QAC1C,qBAAqB,EAAI,YAAY;QACrC,OAAO;QACP,QAAQ;KACT,CAAA;IAED,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACxC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAC1C,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,6BAA6B;AAC7B,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,WAAmB,EAAE,QAAgB;IACpE,wBAAwB;IACxB,MAAM,mBAAmB,GAAG;QAC1B,oBAAoB;QACpB,qBAAqB;QACrB,mBAAmB;QACnB,oBAAoB;QACpB,kBAAkB;QAClB,mBAAmB;QACnB,kBAAkB;QAClB,oBAAoB;QACpB,gBAAgB;QAChB,gBAAgB;QAChB,YAAY;KACb,CAAA;IAED,mBAAmB;IACnB,MAAM,eAAe,GAAG;QACtB,YAAY;QACZ,eAAe;QACf,aAAa;QACb,oBAAoB;QACpB,oBAAoB;QACpB,mBAAmB;KACpB,CAAA;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG;QACnB,WAAW;QACX,gBAAgB;QAChB,aAAa;QACb,YAAY;KACb,CAAA;IAED,qBAAqB;IACrB,MAAM,WAAW,GAAG,CAAC,GAAG,mBAAmB,EAAE,GAAG,eAAe,EAAE,GAAG,YAAY,CAAC,CAAA;IACjF,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAC3D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kBAAkB;IAClB,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC7B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC1B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,+BAA+B,CAAC,KAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IACzG,MAAM,iBAAiB,GAAG;QACxB,kBAAkB;QAClB,oBAAoB;QACpB,iBAAiB;QACjB,oBAAoB;QACpB,oBAAoB;QACpB,OAAO;QACP,kBAAkB;QAClB,mBAAmB;QACnB,iBAAiB;QACjB,kBAAkB;QAClB,iBAAiB,EAAO,8BAA8B;QACtD,kBAAkB,EAAM,yBAAyB;KAClD,CAAA;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAE1D,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9D,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IAC5F,MAAM,YAAY,GAAG;QACnB,gBAAgB;QAChB,iBAAiB;QACjB,YAAY;QACZ,gBAAgB;QAChB,eAAe;QACf,kBAAkB;QAClB,cAAc;QACd,aAAa;QACb,YAAY;QACZ,cAAc;QACd,gBAAgB;QAChB,kBAAkB;QAClB,mBAAmB;QACnB,mBAAmB;QACnB,gBAAgB;QAChB,cAAc;QACd,eAAe;QACf,eAAe;QACf,WAAW,EAAc,mBAAmB;QAC5C,WAAW;QACX,YAAY;QACZ,kBAAkB,EAAO,oBAAoB;QAC7C,cAAc;QACd,iBAAiB;QACjB,cAAc;QACd,UAAU;QACV,UAAU;KACX,CAAA;IAED,yBAAyB;IACzB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAE1D,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,8CAA8C;AAC9C,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,aAAa,CAAC,WAAmB,EAAE,QAAgB;IACjE,uBAAuB;IACvB,MAAM,YAAY,GAAG;QACnB,iBAAiB;QACjB,gBAAgB;QAChB,iBAAiB;QACjB,eAAe;QACf,aAAa;QACb,aAAa;QACb,YAAY;QACZ,gBAAgB;QAChB,oBAAoB;QACpB,OAAO;QACP,mBAAmB;KACpB,CAAA;IAED,sBAAsB;IACtB,MAAM,aAAa,GAAG;QACpB,cAAc;QACd,WAAW;QACX,WAAW;QACX,eAAe;QACf,gBAAgB;QAChB,aAAa;KACd,CAAA;IAED,8BAA8B;IAC9B,MAAM,gBAAgB,GAAG;QACvB,eAAe;QACf,aAAa;QACb,kBAAkB;QAClB,cAAc;KACf,CAAA;IAED,qBAAqB;IACrB,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kBAAkB;IAClB,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACjD,iDAAiD;QACjD,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,WAAmB,EAAE,KAAe,EAAE,SAAiB;IAC1F,8DAA8D;IAC9D,MAAM,sBAAsB,GAAG;QAC7B,UAAU;QACV,OAAO;QACP,kBAAkB;QAClB,WAAW;QACX,QAAQ;QACR,iBAAiB;QACjB,MAAM;QACN,QAAQ;KACT,CAAA;IAED,qBAAqB;IACrB,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gDAAgD;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,CAAA;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,CAAC,CAAC,CAAA;IAEjD,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,2BAA2B;AAC3B,+EAA+E;AAE/E;;;;GAIG;AACH,SAAgB,wBAAwB,CACtC,WAAmB,EACnB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,UAAU,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAA;IACjD,MAAM,YAAY,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAA;IAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAA;IAEpD,oEAAoE;IACpE,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED,wCAAwC;IACxC,IAAI,QAAQ,IAAI,UAAU,EAAE,CAAC;QAC3B,OAAO,aAAa,CAAA;IACtB,CAAC;IAED,sCAAsC;IACtC,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED,wCAAwC;IACxC,OAAO,cAAc,CAAA;AACvB,CAAC"}
+{"version":3,"file":"context-helpers.js","sourceRoot":"","sources":["../../src/utils/context-helpers.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAUH,4CAoBC;AAMD,4CAmBC;AAMD,sCAWC;AAOD,gDAYC;AAOD,sCAkBC;AAMD,sCAcC;AAMD,kDAYC;AAMD,wDAaC;AAKD,kDAmBC;AAOD,kDAeC;AAOD,wEAWC;AASD,8CAWC;AAKD,gDAEC;AAKD,8BAWC;AAKD,gDAkBC;AAUD,4CAiDC;AAKD,0EA0BC;AAKD,gDA0CC;AAUD,sCAiDC;AAKD,oDA6BC;AAWD,4DA0BC;AAxjBD,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,cAAc,GAAG;QACrB,qDAAqD;QACrD,UAAU,EAAqB,qBAAqB;QACpD,aAAa,EAAkB,qBAAqB;QACpD,6BAA6B,EAAE,mBAAmB;QAClD,cAAc,EAAiB,iBAAiB;QAChD,uBAAuB,EAAQ,mBAAmB;QAClD,WAAW,EAAoB,YAAY;QAC3C,eAAe,EAAgB,eAAe;QAC9C,eAAe,EAAgB,UAAU;QACzC,WAAW,EAAoB,iBAAiB;QAChD,kBAAkB,EAAa,sBAAsB;QACrD,uBAAuB,EAAQ,wBAAwB;QACvD,kBAAkB,EAAa,eAAe;QAC9C,oBAAoB,EAAW,iBAAiB;QAChD,qBAAqB,EAAU,mBAAmB;QAClD,kBAAkB,EAAa,yBAAyB;KACzD,CAAA;IACD,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,QAAgB;IAC/C,MAAM,YAAY,GAAG;QACnB,kCAAkC;QAClC,gBAAgB;QAChB,WAAW;QACX,YAAY;QACZ,SAAS;QACT,YAAY;QACZ,gBAAgB;QAChB,2BAA2B;QAC3B,2BAA2B;QAC3B,sCAAsC,EAAG,YAAY;QACrD,UAAU,EAAgC,YAAY;QACtD,cAAc,EAA4B,gBAAgB;QAC1D,iBAAiB,EAAyB,mBAAmB;QAC7D,aAAa,EAA6B,SAAS;QACnD,WAAW,EAA+B,OAAO;KAClD,CAAA;IACD,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC7D,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,OAAO,CACL,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC7B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC;QAC/B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;QAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC7B,CAAA;AACH,CAAC;AAED;;;;GAIG;AACH,SAAgB,kBAAkB,CAAC,QAAgB;IACjD,MAAM,eAAe,GAAG;QACtB,gBAAgB;QAChB,aAAa;QACb,iBAAiB;QACjB,eAAe;QACf,iBAAiB;QACjB,eAAe;QACf,iBAAiB;QACjB,sBAAsB;KACvB,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;;GAIG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,MAAM,eAAe,GAAG;QACtB,0CAA0C;QAC1C,uBAAuB;QACvB,2BAA2B;QAC3B,0BAA0B;QAC1B,eAAe;QACf,eAAe;QACf,6CAA6C;QAC7C,yDAAyD;KAC1D,CAAA;IAED,qDAAqD;IACrD,OAAO,CACL,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACvD,CAAC,kBAAkB,CAAC,QAAQ,CAAC;QAC7B,CAAC,gBAAgB,CAAC,QAAQ,CAAC,CAC5B,CAAA;AACH,CAAC;AAED;;;GAGG;AACH,SAAgB,aAAa,CAAC,QAAgB;IAC5C,MAAM,eAAe,GAAG;QACtB,iBAAiB;QACjB,cAAc;QACd,cAAc;QACd,aAAa;QACb,cAAc;QACd,cAAc;QACd,cAAc;QACd,aAAa;QACb,WAAW;QACX,WAAW;KACZ,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;GAGG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,WAAW,GAAG;QAClB,SAAS;QACT,YAAY;QACZ,eAAe;QACf,UAAU;QACV,QAAQ;QACR,SAAS;QACT,WAAW;QACX,oBAAoB;KACrB,CAAA;IACD,OAAO,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED;;;GAGG;AACH,SAAgB,sBAAsB,CAAC,QAAgB;IACrD,MAAM,eAAe,GAAG;QACtB,cAAc;QACd,eAAe;QACf,eAAe;QACf,aAAa;QACb,gBAAgB;QAChB,gBAAgB;QAChB,eAAe;QACf,gBAAgB;QAChB,gBAAgB;KACjB,CAAA;IACD,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,wDAAwD;IACxD,MAAM,cAAc,GAAG;QACrB,iBAAiB;QACjB,YAAY,EAAY,+CAA+C;QACvE,kCAAkC,EAAG,2BAA2B;QAChE,YAAY;QACZ,gBAAgB;QAChB,iBAAiB;QACjB,cAAc,EAAU,mBAAmB;QAC3C,6BAA6B,EAAG,mBAAmB;KACpD,CAAA;IAED,uCAAuC;IACvC,IAAI,gBAAgB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC/B,OAAO,KAAK,CAAA;IACd,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC/D,CAAC;AAED;;;;GAIG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,QAAQ,GAAG;QACf,WAAW;QACX,YAAY;QACZ,0BAA0B;QAC1B,aAAa;QACb,wBAAwB;QACxB,oBAAoB;QACpB,eAAe;QACf,cAAc;QACd,kBAAkB;QAClB,gBAAgB;QAChB,oBAAoB;KACrB,CAAA;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC7C,CAAC;AAED;;;;GAIG;AACH,SAAgB,8BAA8B,CAAC,QAAgB;IAC7D,MAAM,QAAQ,GAAG;QACf,yBAAyB;QACzB,yBAAyB;QACzB,6BAA6B;QAC7B,yBAAyB;QACzB,qBAAqB;QACrB,kBAAkB,EAAG,8BAA8B;QACnD,wBAAwB;KACzB,CAAA;IACD,OAAO,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAA;AAC7C,CAAC;AAED,+EAA+E;AAC/E,8BAA8B;AAC9B,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,iBAAiB,CAAC,IAAY;IAC5C,OAAO,CACL,uBAAuB,CAAC,IAAI,CAAC,IAAI,CAAC;QAClC,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC5B,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC;QACvC,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC;QAC7B,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAS,SAAS;QAC5C,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,IAAU,SAAS;QAC5C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,IAAa,OAAO;QAC1C,WAAW,CAAC,IAAI,CAAC,IAAI,CAAC,CAAa,cAAc;KAClD,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,IAAY;IAC7C,OAAO,qBAAqB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;AACzC,CAAC;AAED;;GAEG;AACH,SAAgB,SAAS,CAAC,WAAmB;IAC3C,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,CAAA;IAClC,OAAO,CACL,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC;QACvB,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC;QACxB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC;QACzB,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAC3B,CAAA;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAa,EAAE,IAAY;IAC5D,MAAM,mBAAmB,GAAG;QAC1B,MAAM;QACN,YAAY;QACZ,YAAY;QACZ,cAAc;QACd,UAAU;QACV,eAAe;QACf,WAAW;QACX,aAAa,EAAY,iBAAiB;QAC1C,qBAAqB,EAAI,YAAY;QACrC,OAAO;QACP,QAAQ;KACT,CAAA;IAED,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CACxC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAC1C,CAAA;AACH,CAAC;AAED,+EAA+E;AAC/E,6BAA6B;AAC7B,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,gBAAgB,CAAC,WAAmB,EAAE,QAAgB;IACpE,wBAAwB;IACxB,MAAM,mBAAmB,GAAG;QAC1B,oBAAoB;QACpB,qBAAqB;QACrB,mBAAmB;QACnB,oBAAoB;QACpB,kBAAkB;QAClB,mBAAmB;QACnB,kBAAkB;QAClB,oBAAoB;QACpB,gBAAgB;QAChB,gBAAgB;QAChB,YAAY;KACb,CAAA;IAED,mBAAmB;IACnB,MAAM,eAAe,GAAG;QACtB,YAAY;QACZ,eAAe;QACf,aAAa;QACb,oBAAoB;QACpB,oBAAoB;QACpB,mBAAmB;KACpB,CAAA;IAED,8BAA8B;IAC9B,MAAM,YAAY,GAAG;QACnB,WAAW;QACX,gBAAgB;QAChB,aAAa;QACb,YAAY;KACb,CAAA;IAED,qBAAqB;IACrB,MAAM,WAAW,GAAG,CAAC,GAAG,mBAAmB,EAAE,GAAG,eAAe,EAAE,GAAG,YAAY,CAAC,CAAA;IACjF,IAAI,WAAW,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAC3D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kBAAkB;IAClB,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC5B,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC;QAC7B,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC;QAC1B,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;QACpC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,+BAA+B,CAAC,KAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IACzG,MAAM,iBAAiB,GAAG;QACxB,kBAAkB;QAClB,oBAAoB;QACpB,iBAAiB;QACjB,oBAAoB;QACpB,oBAAoB;QACpB,OAAO;QACP,kBAAkB;QAClB,mBAAmB;QACnB,iBAAiB;QACjB,kBAAkB;QAClB,iBAAiB,EAAO,8BAA8B;QACtD,kBAAkB,EAAM,yBAAyB;KAClD,CAAA;IAED,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAE1D,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAC9D,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,kBAAkB,CAAC,KAAe,EAAE,SAAiB,EAAE,aAAqB,EAAE;IAC5F,MAAM,YAAY,GAAG;QACnB,gBAAgB;QAChB,iBAAiB;QACjB,YAAY;QACZ,gBAAgB;QAChB,eAAe;QACf,kBAAkB;QAClB,cAAc;QACd,aAAa;QACb,YAAY;QACZ,cAAc;QACd,gBAAgB;QAChB,kBAAkB;QAClB,mBAAmB;QACnB,mBAAmB;QACnB,gBAAgB;QAChB,cAAc;QACd,eAAe;QACf,eAAe;QACf,WAAW,EAAc,mBAAmB;QAC5C,WAAW;QACX,YAAY;QACZ,kBAAkB,EAAO,oBAAoB;QAC7C,cAAc;QACd,iBAAiB;QACjB,cAAc;QACd,UAAU;QACV,UAAU;KACX,CAAA;IAED,yBAAyB;IACzB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IACjD,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,UAAU,CAAC,CAAA;IAE1D,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACzD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,8CAA8C;AAC9C,+EAA+E;AAE/E;;;GAGG;AACH,SAAgB,aAAa,CAAC,WAAmB,EAAE,QAAgB;IACjE,uBAAuB;IACvB,MAAM,YAAY,GAAG;QACnB,iBAAiB;QACjB,gBAAgB;QAChB,iBAAiB;QACjB,eAAe;QACf,aAAa;QACb,aAAa;QACb,YAAY;QACZ,gBAAgB;QAChB,oBAAoB;QACpB,OAAO;QACP,mBAAmB;KACpB,CAAA;IAED,sBAAsB;IACtB,MAAM,aAAa,GAAG;QACpB,cAAc;QACd,WAAW;QACX,WAAW;QACX,eAAe;QACf,gBAAgB;QAChB,aAAa;KACd,CAAA;IAED,8BAA8B;IAC9B,MAAM,gBAAgB,GAAG;QACvB,eAAe;QACf,aAAa;QACb,kBAAkB;QAClB,cAAc;KACf,CAAA;IAED,qBAAqB;IACrB,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAC3C,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACjD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,kBAAkB;IAClB,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACjD,iDAAiD;QACjD,IAAI,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;YACjD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAAC,WAAmB,EAAE,KAAe,EAAE,SAAiB;IAC1F,8DAA8D;IAC9D,MAAM,sBAAsB,GAAG;QAC7B,UAAU;QACV,OAAO;QACP,kBAAkB;QAClB,WAAW;QACX,QAAQ;QACR,iBAAiB;QACjB,MAAM;QACN,QAAQ;KACT,CAAA;IAED,qBAAqB;IACrB,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QAC1D,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gDAAgD;IAChD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,SAAS,GAAG,CAAC,CAAC,CAAA;IACxC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,SAAS,GAAG,CAAC,CAAC,CAAA;IAEjD,KAAK,IAAI,CAAC,GAAG,KAAK,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC;QACjC,IAAI,sBAAsB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvD,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,2BAA2B;AAC3B,+EAA+E;AAE/E;;;;GAIG;AACH,SAAgB,wBAAwB,CACtC,WAAmB,EACnB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAA;IAC3C,MAAM,UAAU,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAA;IACjD,MAAM,YAAY,GAAG,mBAAmB,CAAC,QAAQ,CAAC,CAAA;IAClD,MAAM,YAAY,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAA;IAEpD,oEAAoE;IACpE,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED,wCAAwC;IACxC,IAAI,QAAQ,IAAI,UAAU,EAAE,CAAC;QAC3B,OAAO,aAAa,CAAA;IACtB,CAAC;IAED,sCAAsC;IACtC,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,iBAAiB,CAAA;IAC1B,CAAC;IAED,wCAAwC;IACxC,OAAO,cAAc,CAAA;AACvB,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@oculum/scanner",
-  "version": "1.0.1",
+  "version": "1.0.3",
   "description": "AI-native security scanner for detecting vulnerabilities in LLM-generated code",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
@@ -24,7 +24,9 @@
   "scripts": {
     "build": "tsc",
     "dev": "tsc --watch",
-    "test": "echo \"No tests configured yet\"",
+    "test": "jest",
+    "test:watch": "jest --watch",
+    "test:coverage": "jest --coverage",
     "lint": "eslint src/"
   },
   "dependencies": {

package/src/index.ts

@@ -13,6 +13,7 @@ import type {
   ScanMode,
   ScanModeConfig,
   ScanDepth,
+  CancellationToken,
 } from './types'
 import { SCANNABLE_EXTENSIONS, SPECIAL_FILES, MAX_FILE_SIZE, SCAN_MODE_DEFAULTS } from './types'
 import { runLayer1Scan } from './layer1'
@@ -140,6 +141,8 @@ export interface ScanOptions {
   scanDepth?: ScanDepth
   /** Suppress console.log output (for interactive CLI mode) */
   quiet?: boolean
+  /** Cancellation token for aborting scans gracefully */
+  cancellationToken?: CancellationToken
 }
 
 export interface ScanProgress {
@@ -211,12 +214,13 @@ export async function runScan(
 ): Promise<ScanResult> {
   const startTime = Date.now()
   const allVulnerabilities: Vulnerability[] = []
-  
+
   // Resolve scan mode configuration
   const scanModeConfig = resolveScanModeConfig(options)
   const isIncremental = scanModeConfig.mode === 'incremental'
   const depth = scanModeConfig.scanDepth || 'cheap'
   const quiet = options.quiet ?? false
+  const cancellationToken = options.cancellationToken
 
   // Conditional logging helper - suppresses output in quiet mode (interactive CLI)
   const log = (message: string) => {
@@ -225,6 +229,13 @@ export async function runScan(
     }
   }
 
+  // Helper to check cancellation and throw if cancelled
+  const checkCancelled = () => {
+    if (cancellationToken?.cancelled) {
+      throw new Error(`Scan cancelled: ${cancellationToken.reason || 'user requested'}`)
+    }
+  }
+
   log(`[Scanner] repo=${repoInfo.name} mode=${scanModeConfig.mode} depth=${depth} files=${files.length}`)
   if (isIncremental && scanModeConfig.changedFiles) {
     log(`[Scanner] repo=${repoInfo.name} incremental_files=${scanModeConfig.changedFiles.length}`)
@@ -253,9 +264,15 @@ export async function runScan(
     ? files.filter(f => scanModeConfig.changedFiles!.some(cf => f.path.endsWith(cf) || f.path.includes(cf)))
     : files
 
+  // Declare variables that need to be accessible in catch block
+  let middlewareConfig: MiddlewareAuthConfig | undefined
+  let capturedValidationStats: ValidationStats | undefined
+
   try {
+    checkCancelled()
+
     // Detect global auth middleware before scanning (always on all files for context)
-    const middlewareConfig = detectGlobalAuthMiddleware(files)
+    middlewareConfig = detectGlobalAuthMiddleware(files)
     if (middlewareConfig.hasAuthMiddleware) {
       log(`[Scanner] repo=${repoInfo.name} auth_middleware=${middlewareConfig.authType || 'unknown'} file=${middlewareConfig.middlewareFile}`)
     }
@@ -267,9 +284,11 @@ export async function runScan(
       log(`[Scanner] repo=${repoInfo.name} files_with_imported_auth=${filesWithImportedAuth}`)
     }
 
+    checkCancelled()
+
     // Layer 1: Surface Scan
     reportProgress('layer1', 'Running surface scan (patterns, entropy, config)...')
-    let layer1Result = await runLayer1Scan(files)
+    let layer1Result = await runLayer1Scan(files, onProgress, cancellationToken)
 
     // Aggregate repeated localhost findings
     const layer1RawCount = layer1Result.vulnerabilities.length
@@ -279,9 +298,11 @@ export async function runScan(
     }
     log(`[Layer1] repo=${repoInfo.name} findings_raw=${layer1RawCount} findings_deduped=${layer1Result.vulnerabilities.length}`)
 
+    checkCancelled()
+
     // Layer 2: Structural Scan
     reportProgress('layer2', 'Running structural scan (variables, logic gates)...', layer1Result.vulnerabilities.length)
-    const layer2Result = await runLayer2Scan(files, { middlewareConfig, fileAuthImports })
+    const layer2Result = await runLayer2Scan(files, { middlewareConfig, fileAuthImports }, onProgress, cancellationToken)
 
     // Format heuristic breakdown for logging
     const heuristicBreakdown = Object.entries(layer2Result.stats.raw)
@@ -340,12 +361,15 @@ export async function runScan(
     const maxValidationFiles = scanModeConfig.maxAIValidationFiles || MAX_VALIDATION_CANDIDATES_PER_FILE
     const cappedValidation = capValidationCandidatesPerFile(afterAutoDismiss, maxValidationFiles)
 
+    checkCancelled()
+
     // AI Validation of selected findings (if AI is enabled and not skipped by scan mode)
     let validatedFindings = cappedValidation
     let capturedValidationStats: ValidationStats | undefined = undefined
     const shouldValidate = options.enableAI !== false && !scanModeConfig.skipAIValidation && cappedValidation.length > 0
 
     if (shouldValidate) {
+      checkCancelled()
       reportProgress('validating', 'AI validating findings (entropy, secrets, AI patterns)...', cappedValidation.length)
 
       // For incremental scans, only validate findings in changed files
@@ -354,7 +378,21 @@ export async function runScan(
         : cappedValidation
 
       if (findingsToValidate.length > 0) {
-        const validationResult = await validateFindingsWithAI(findingsToValidate, filesForAI)
+        const validationResult = await validateFindingsWithAI(
+          findingsToValidate,
+          filesForAI,
+          undefined, // projectContext (uses default)
+          onProgress ? (progress) => {
+            // Convert AI validation progress to ScanProgress format
+            onProgress({
+              status: 'validating',
+              message: progress.status,
+              filesProcessed: progress.filesProcessed,
+              totalFiles: progress.totalFiles,
+              vulnerabilitiesFound: allVulnerabilities.length,
+            })
+          } : undefined
+        )
         validatedFindings = validationResult.vulnerabilities
         const { stats: validationStats } = validationResult
         capturedValidationStats = validationStats // Capture for return
@@ -378,6 +416,7 @@ export async function runScan(
     const shouldRunLayer3 = options.enableAI !== false && !scanModeConfig.skipLayer3
 
     if (shouldRunLayer3) {
+      checkCancelled()
       reportProgress('layer3', 'Running AI semantic analysis...', allVulnerabilities.length)
 
       // For incremental scans, only analyze changed files
@@ -401,6 +440,7 @@ export async function runScan(
             summary: authHelperContext.summary,
           } : undefined,
         },
+        cancellationToken,
       })
       allVulnerabilities.push(...layer3Result.vulnerabilities)
       log(`[Layer3] repo=${repoInfo.name} depth=${depth} files_analyzed=${layer3Result.aiAnalyzed} findings=${layer3Result.vulnerabilities.length}`)
@@ -439,6 +479,35 @@ export async function runScan(
       validationStats: capturedValidationStats,
     }
   } catch (error) {
+    if (cancellationToken?.cancelled) {
+      // Return partial results on cancellation
+      reportProgress('failed', 'Scan cancelled')
+
+      // Compute partial results
+      const uniqueVulnerabilities = deduplicateVulnerabilities(allVulnerabilities)
+      const resolvedVulnerabilities = resolveContradictions(uniqueVulnerabilities, middlewareConfig)
+      const sortedVulnerabilities = sortBySeverity(resolvedVulnerabilities)
+      const severityCounts = computeSeverityCounts(sortedVulnerabilities)
+      const categoryCounts = computeCategoryCounts(sortedVulnerabilities)
+
+      return {
+        repoName: repoInfo.name,
+        repoUrl: repoInfo.url,
+        branch: repoInfo.branch,
+        filesScanned: files.length,
+        filesSkipped: 0,
+        vulnerabilities: sortedVulnerabilities,
+        severityCounts,
+        categoryCounts,
+        hasBlockingIssues: false, // Don't block on partial results
+        scanDuration: Date.now() - startTime,
+        timestamp: new Date().toISOString(),
+        validationStats: capturedValidationStats,
+        cancelled: true,
+        cancelReason: cancellationToken.reason,
+      }
+    }
+
     reportProgress('failed', `Scan failed: ${error}`)
     throw error
   }
@@ -829,3 +898,4 @@ export { runLayer2Scan } from './layer2'
 export { runLayer3Scan } from './layer3'
 export { buildProjectContext, type ProjectContext } from './utils/project-context-builder'
 export { validateFindingsWithAI, type ValidationStats, type AIValidationResult } from './layer3/anthropic'
+export { createCancellationToken } from './types'

package/src/layer1/entropy.ts

@@ -37,11 +37,13 @@ function extractStringLiterals(content: string): Array<{ value: string; line: nu
   const strings: Array<{ value: string; line: number; lineContent: string }> = []
   const lines = content.split('\n')
 
-  // Patterns for string literals
+  // Patterns for string literals using unrolled loop pattern to prevent catastrophic backtracking
+  // Pattern explanation: "start [non-special-chars]* (escape-sequence [non-special-chars]*)* end"
+  // This avoids nested quantifiers that cause exponential backtracking
   const patterns = [
-    /"([^"\\]|\\.){20,}"/g,      // Double-quoted strings 20+ chars
-    /'([^'\\]|\\.){20,}'/g,      // Single-quoted strings 20+ chars
-    /`([^`\\]|\\.){20,}`/g,      // Template literals 20+ chars
+    /"[^"\\]{20,}(?:\\.[^"\\]*)*"/g,      // Double-quoted strings 20+ chars (unrolled loop)
+    /'[^'\\]{20,}(?:\\.[^'\\]*)*'/g,      // Single-quoted strings 20+ chars (unrolled loop)
+    /`[^`\\]{20,}(?:\\.[^`\\]*)*`/g,      // Template literals 20+ chars (unrolled loop)
   ]
 
   lines.forEach((line, index) => {

package/src/layer1/index.ts

@@ -4,7 +4,8 @@
  * file flags, comment analysis, URL detection, and weak crypto detection
  */
 
-import type { Vulnerability, ScanFile } from '../types'
+import type { Vulnerability, ScanFile, CancellationToken } from '../types'
+import type { ProgressCallback } from '../index'
 import { detectHighEntropyStrings } from './entropy'
 import { detectKnownPatterns } from './patterns'
 import { auditConfiguration } from './config-audit'
@@ -91,10 +92,16 @@ function processFileLayer1(file: ScanFile): {
   }
 }
 
-// Parallel batch size for Layer 1 processing
+// Parallel batch size for Layer 1 processing (larger batches for performance)
 const LAYER1_PARALLEL_BATCH_SIZE = 50
-
-export async function runLayer1Scan(files: ScanFile[]): Promise<Layer1Result> {
+// Progress update interval (report every N files for better UX)
+const PROGRESS_UPDATE_INTERVAL = 10
+
+export async function runLayer1Scan(
+  files: ScanFile[],
+  onProgress?: ProgressCallback,
+  cancellationToken?: CancellationToken
+): Promise<Layer1Result> {
   const startTime = Date.now()
   const vulnerabilities: Vulnerability[] = []
 
@@ -109,11 +116,18 @@ export async function runLayer1Scan(files: ScanFile[]): Promise<Layer1Result> {
     ai_comments: 0,
   }
 
+  // Track progress for frequent updates
+  let filesProcessed = 0
+  let lastProgressUpdate = 0
+
   // Process files in parallel batches for better performance on large codebases
   for (let i = 0; i < files.length; i += LAYER1_PARALLEL_BATCH_SIZE) {
+    // Check for cancellation before processing batch
+    if (cancellationToken?.cancelled) break
+
     const batch = files.slice(i, i + LAYER1_PARALLEL_BATCH_SIZE)
     const results = await Promise.all(batch.map(file => Promise.resolve(processFileLayer1(file))))
-    
+
     for (const result of results) {
       vulnerabilities.push(...result.findings)
       // Accumulate stats
@@ -121,6 +135,20 @@ export async function runLayer1Scan(files: ScanFile[]): Promise<Layer1Result> {
         rawStats[key as Layer1DetectorName] += value
       }
     }
+
+    filesProcessed = Math.min(i + LAYER1_PARALLEL_BATCH_SIZE, files.length)
+
+    // Report progress every PROGRESS_UPDATE_INTERVAL files for better UX
+    if (onProgress && (filesProcessed - lastProgressUpdate >= PROGRESS_UPDATE_INTERVAL || filesProcessed === files.length)) {
+      onProgress({
+        status: 'layer1',
+        message: 'Running surface scan (patterns, entropy, config)...',
+        filesProcessed,
+        totalFiles: files.length,
+        vulnerabilitiesFound: vulnerabilities.length,
+      })
+      lastProgressUpdate = filesProcessed
+    }
   }
 
   // Deduplicate findings (same line might be caught by multiple detectors)