@oculum/scanner 1.0.11 → 1.0.13

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (1178) hide show
  1. package/dist/ai-context/index.d.ts +6 -0
  2. package/dist/ai-context/index.d.ts.map +1 -0
  3. package/dist/ai-context/index.js +13 -0
  4. package/dist/ai-context/index.js.map +1 -0
  5. package/dist/ai-context/manager.d.ts +67 -0
  6. package/dist/ai-context/manager.d.ts.map +1 -0
  7. package/dist/ai-context/manager.js +104 -0
  8. package/dist/ai-context/manager.js.map +1 -0
  9. package/dist/category-filter.d.ts +125 -0
  10. package/dist/category-filter.d.ts.map +1 -0
  11. package/dist/category-filter.js +360 -0
  12. package/dist/category-filter.js.map +1 -0
  13. package/dist/detect/ai-code/agent-tools.d.ts +22 -0
  14. package/dist/detect/ai-code/agent-tools.d.ts.map +1 -0
  15. package/dist/detect/ai-code/agent-tools.js +1509 -0
  16. package/dist/detect/ai-code/agent-tools.js.map +1 -0
  17. package/dist/detect/ai-code/byok-patterns.d.ts +15 -0
  18. package/dist/detect/ai-code/byok-patterns.d.ts.map +1 -0
  19. package/dist/detect/ai-code/byok-patterns.js +313 -0
  20. package/dist/detect/ai-code/byok-patterns.js.map +1 -0
  21. package/dist/detect/ai-code/endpoint-protection.d.ts +38 -0
  22. package/dist/detect/ai-code/endpoint-protection.d.ts.map +1 -0
  23. package/dist/detect/ai-code/endpoint-protection.js +349 -0
  24. package/dist/detect/ai-code/endpoint-protection.js.map +1 -0
  25. package/dist/detect/ai-code/execution-sinks.d.ts +21 -0
  26. package/dist/detect/ai-code/execution-sinks.d.ts.map +1 -0
  27. package/dist/detect/ai-code/execution-sinks.js +1158 -0
  28. package/dist/detect/ai-code/execution-sinks.js.map +1 -0
  29. package/dist/detect/ai-code/fingerprinting.d.ts +10 -0
  30. package/dist/detect/ai-code/fingerprinting.d.ts.map +1 -0
  31. package/dist/detect/ai-code/fingerprinting.js +665 -0
  32. package/dist/detect/ai-code/fingerprinting.js.map +1 -0
  33. package/dist/detect/ai-code/index.d.ts +12 -0
  34. package/dist/detect/ai-code/index.d.ts.map +1 -0
  35. package/dist/detect/ai-code/index.js +26 -0
  36. package/dist/detect/ai-code/index.js.map +1 -0
  37. package/dist/detect/ai-code/mcp-security.d.ts +20 -0
  38. package/dist/detect/ai-code/mcp-security.d.ts.map +1 -0
  39. package/dist/detect/ai-code/mcp-security.js +880 -0
  40. package/dist/detect/ai-code/mcp-security.js.map +1 -0
  41. package/dist/detect/ai-code/model-supply-chain.d.ts +23 -0
  42. package/dist/detect/ai-code/model-supply-chain.d.ts.map +1 -0
  43. package/dist/detect/ai-code/model-supply-chain.js +447 -0
  44. package/dist/detect/ai-code/model-supply-chain.js.map +1 -0
  45. package/dist/detect/ai-code/package-hallucination.d.ts +22 -0
  46. package/dist/detect/ai-code/package-hallucination.d.ts.map +1 -0
  47. package/dist/detect/ai-code/package-hallucination.js +841 -0
  48. package/dist/detect/ai-code/package-hallucination.js.map +1 -0
  49. package/dist/detect/ai-code/prompt-hygiene.d.ts +22 -0
  50. package/dist/detect/ai-code/prompt-hygiene.d.ts.map +1 -0
  51. package/dist/detect/ai-code/prompt-hygiene.js +1177 -0
  52. package/dist/detect/ai-code/prompt-hygiene.js.map +1 -0
  53. package/dist/detect/ai-code/rag-safety.d.ts +24 -0
  54. package/dist/detect/ai-code/rag-safety.d.ts.map +1 -0
  55. package/dist/detect/ai-code/rag-safety.js +913 -0
  56. package/dist/detect/ai-code/rag-safety.js.map +1 -0
  57. package/dist/detect/ai-code/schema-validation.d.ts +28 -0
  58. package/dist/detect/ai-code/schema-validation.d.ts.map +1 -0
  59. package/dist/detect/ai-code/schema-validation.js +378 -0
  60. package/dist/detect/ai-code/schema-validation.js.map +1 -0
  61. package/dist/detect/config/agent-skill-injection.d.ts +27 -0
  62. package/dist/detect/config/agent-skill-injection.d.ts.map +1 -0
  63. package/dist/detect/config/agent-skill-injection.js +472 -0
  64. package/dist/detect/config/agent-skill-injection.js.map +1 -0
  65. package/dist/detect/config/comments.d.ts +11 -0
  66. package/dist/detect/config/comments.d.ts.map +1 -0
  67. package/dist/detect/config/comments.js +206 -0
  68. package/dist/detect/config/comments.js.map +1 -0
  69. package/dist/detect/config/file-flags.d.ts +10 -0
  70. package/dist/detect/config/file-flags.d.ts.map +1 -0
  71. package/dist/detect/config/file-flags.js +124 -0
  72. package/dist/detect/config/file-flags.js.map +1 -0
  73. package/dist/detect/config/index.d.ts +7 -0
  74. package/dist/detect/config/index.d.ts.map +1 -0
  75. package/dist/detect/config/index.js +17 -0
  76. package/dist/detect/config/index.js.map +1 -0
  77. package/dist/detect/config/osv-check.d.ts +75 -0
  78. package/dist/detect/config/osv-check.d.ts.map +1 -0
  79. package/dist/detect/config/osv-check.js +309 -0
  80. package/dist/detect/config/osv-check.js.map +1 -0
  81. package/dist/detect/config/package-check.d.ts +63 -0
  82. package/dist/detect/config/package-check.d.ts.map +1 -0
  83. package/dist/detect/config/package-check.js +509 -0
  84. package/dist/detect/config/package-check.js.map +1 -0
  85. package/dist/detect/config/urls.d.ts +11 -0
  86. package/dist/detect/config/urls.d.ts.map +1 -0
  87. package/dist/detect/config/urls.js +450 -0
  88. package/dist/detect/config/urls.js.map +1 -0
  89. package/dist/detect/index.d.ts +37 -0
  90. package/dist/detect/index.d.ts.map +1 -0
  91. package/dist/detect/index.js +77 -0
  92. package/dist/detect/index.js.map +1 -0
  93. package/dist/detect/secrets/config-audit.d.ts +11 -0
  94. package/dist/detect/secrets/config-audit.d.ts.map +1 -0
  95. package/dist/detect/secrets/config-audit.js +315 -0
  96. package/dist/detect/secrets/config-audit.js.map +1 -0
  97. package/dist/detect/secrets/config-mcp-audit.d.ts +23 -0
  98. package/dist/detect/secrets/config-mcp-audit.d.ts.map +1 -0
  99. package/dist/detect/secrets/config-mcp-audit.js +243 -0
  100. package/dist/detect/secrets/config-mcp-audit.js.map +1 -0
  101. package/dist/detect/secrets/entropy.d.ts +11 -0
  102. package/dist/detect/secrets/entropy.d.ts.map +1 -0
  103. package/dist/detect/secrets/entropy.js +751 -0
  104. package/dist/detect/secrets/entropy.js.map +1 -0
  105. package/dist/detect/secrets/index.d.ts +36 -0
  106. package/dist/detect/secrets/index.d.ts.map +1 -0
  107. package/dist/detect/secrets/index.js +174 -0
  108. package/dist/detect/secrets/index.js.map +1 -0
  109. package/dist/detect/secrets/patterns.d.ts +11 -0
  110. package/dist/detect/secrets/patterns.d.ts.map +1 -0
  111. package/dist/detect/secrets/patterns.js +518 -0
  112. package/dist/detect/secrets/patterns.js.map +1 -0
  113. package/dist/detect/secrets/weak-crypto.d.ts +10 -0
  114. package/dist/detect/secrets/weak-crypto.d.ts.map +1 -0
  115. package/dist/detect/secrets/weak-crypto.js +432 -0
  116. package/dist/detect/secrets/weak-crypto.js.map +1 -0
  117. package/dist/detect/structural/auth-patterns.d.ts +22 -0
  118. package/dist/detect/structural/auth-patterns.d.ts.map +1 -0
  119. package/dist/detect/structural/auth-patterns.js +533 -0
  120. package/dist/detect/structural/auth-patterns.js.map +1 -0
  121. package/dist/detect/structural/dangerous-functions/child-process.d.ts +16 -0
  122. package/dist/detect/structural/dangerous-functions/child-process.d.ts.map +1 -0
  123. package/dist/detect/structural/dangerous-functions/child-process.js +74 -0
  124. package/dist/detect/structural/dangerous-functions/child-process.js.map +1 -0
  125. package/dist/detect/structural/dangerous-functions/dom-xss.d.ts +34 -0
  126. package/dist/detect/structural/dangerous-functions/dom-xss.d.ts.map +1 -0
  127. package/dist/detect/structural/dangerous-functions/dom-xss.js +230 -0
  128. package/dist/detect/structural/dangerous-functions/dom-xss.js.map +1 -0
  129. package/dist/detect/structural/dangerous-functions/index.d.ts +16 -0
  130. package/dist/detect/structural/dangerous-functions/index.d.ts.map +1 -0
  131. package/dist/detect/structural/dangerous-functions/index.js +1193 -0
  132. package/dist/detect/structural/dangerous-functions/index.js.map +1 -0
  133. package/dist/detect/structural/dangerous-functions/json-parse.d.ts +31 -0
  134. package/dist/detect/structural/dangerous-functions/json-parse.d.ts.map +1 -0
  135. package/dist/detect/structural/dangerous-functions/json-parse.js +326 -0
  136. package/dist/detect/structural/dangerous-functions/json-parse.js.map +1 -0
  137. package/dist/detect/structural/dangerous-functions/math-random.d.ts +111 -0
  138. package/dist/detect/structural/dangerous-functions/math-random.d.ts.map +1 -0
  139. package/dist/detect/structural/dangerous-functions/math-random.js +684 -0
  140. package/dist/detect/structural/dangerous-functions/math-random.js.map +1 -0
  141. package/dist/detect/structural/dangerous-functions/patterns.d.ts +21 -0
  142. package/dist/detect/structural/dangerous-functions/patterns.d.ts.map +1 -0
  143. package/dist/detect/structural/dangerous-functions/patterns.js +163 -0
  144. package/dist/detect/structural/dangerous-functions/patterns.js.map +1 -0
  145. package/dist/detect/structural/dangerous-functions/request-validation.d.ts +13 -0
  146. package/dist/detect/structural/dangerous-functions/request-validation.d.ts.map +1 -0
  147. package/dist/detect/structural/dangerous-functions/request-validation.js +126 -0
  148. package/dist/detect/structural/dangerous-functions/request-validation.js.map +1 -0
  149. package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts +24 -0
  150. package/dist/detect/structural/dangerous-functions/utils/control-flow.d.ts.map +1 -0
  151. package/dist/detect/structural/dangerous-functions/utils/control-flow.js +70 -0
  152. package/dist/detect/structural/dangerous-functions/utils/control-flow.js.map +1 -0
  153. package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts +31 -0
  154. package/dist/detect/structural/dangerous-functions/utils/helpers.d.ts.map +1 -0
  155. package/dist/detect/structural/dangerous-functions/utils/helpers.js +147 -0
  156. package/dist/detect/structural/dangerous-functions/utils/helpers.js.map +1 -0
  157. package/dist/detect/structural/dangerous-functions/utils/index.d.ts +9 -0
  158. package/dist/detect/structural/dangerous-functions/utils/index.d.ts.map +1 -0
  159. package/dist/detect/structural/dangerous-functions/utils/index.js +23 -0
  160. package/dist/detect/structural/dangerous-functions/utils/index.js.map +1 -0
  161. package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts +22 -0
  162. package/dist/detect/structural/dangerous-functions/utils/schema-validation.d.ts.map +1 -0
  163. package/dist/detect/structural/dangerous-functions/utils/schema-validation.js +102 -0
  164. package/dist/detect/structural/dangerous-functions/utils/schema-validation.js.map +1 -0
  165. package/dist/detect/structural/data-exposure.d.ts +19 -0
  166. package/dist/detect/structural/data-exposure.d.ts.map +1 -0
  167. package/dist/detect/structural/data-exposure.js +262 -0
  168. package/dist/detect/structural/data-exposure.js.map +1 -0
  169. package/dist/detect/structural/framework-checks.d.ts +10 -0
  170. package/dist/detect/structural/framework-checks.d.ts.map +1 -0
  171. package/dist/detect/structural/framework-checks.js +389 -0
  172. package/dist/detect/structural/framework-checks.js.map +1 -0
  173. package/dist/detect/structural/index.d.ts +71 -0
  174. package/dist/detect/structural/index.d.ts.map +1 -0
  175. package/dist/detect/structural/index.js +510 -0
  176. package/dist/detect/structural/index.js.map +1 -0
  177. package/dist/detect/structural/log-injection.d.ts +18 -0
  178. package/dist/detect/structural/log-injection.d.ts.map +1 -0
  179. package/dist/detect/structural/log-injection.js +217 -0
  180. package/dist/detect/structural/log-injection.js.map +1 -0
  181. package/dist/detect/structural/logic-gates.d.ts +10 -0
  182. package/dist/detect/structural/logic-gates.d.ts.map +1 -0
  183. package/dist/detect/structural/logic-gates.js +227 -0
  184. package/dist/detect/structural/logic-gates.js.map +1 -0
  185. package/dist/detect/structural/risky-imports.d.ts +10 -0
  186. package/dist/detect/structural/risky-imports.d.ts.map +1 -0
  187. package/dist/detect/structural/risky-imports.js +168 -0
  188. package/dist/detect/structural/risky-imports.js.map +1 -0
  189. package/dist/detect/structural/security-headers.d.ts +18 -0
  190. package/dist/detect/structural/security-headers.d.ts.map +1 -0
  191. package/dist/detect/structural/security-headers.js +196 -0
  192. package/dist/detect/structural/security-headers.js.map +1 -0
  193. package/dist/detect/structural/ssrf-detection.d.ts +18 -0
  194. package/dist/detect/structural/ssrf-detection.d.ts.map +1 -0
  195. package/dist/detect/structural/ssrf-detection.js +263 -0
  196. package/dist/detect/structural/ssrf-detection.js.map +1 -0
  197. package/dist/detect/structural/variables.d.ts +11 -0
  198. package/dist/detect/structural/variables.d.ts.map +1 -0
  199. package/dist/detect/structural/variables.js +159 -0
  200. package/dist/detect/structural/variables.js.map +1 -0
  201. package/dist/detect/structural/xxe-detection.d.ts +18 -0
  202. package/dist/detect/structural/xxe-detection.d.ts.map +1 -0
  203. package/dist/detect/structural/xxe-detection.js +245 -0
  204. package/dist/detect/structural/xxe-detection.js.map +1 -0
  205. package/dist/filtering/context-adjustments.d.ts +23 -0
  206. package/dist/filtering/context-adjustments.d.ts.map +1 -0
  207. package/dist/filtering/context-adjustments.js +100 -0
  208. package/dist/filtering/context-adjustments.js.map +1 -0
  209. package/dist/filtering/index.d.ts +3 -0
  210. package/dist/filtering/index.d.ts.map +1 -0
  211. package/dist/filtering/index.js +8 -0
  212. package/dist/filtering/index.js.map +1 -0
  213. package/dist/filtering/pipeline.d.ts +48 -0
  214. package/dist/filtering/pipeline.d.ts.map +1 -0
  215. package/dist/filtering/pipeline.js +76 -0
  216. package/dist/filtering/pipeline.js.map +1 -0
  217. package/dist/formatters/ai-context.d.ts +23 -0
  218. package/dist/formatters/ai-context.d.ts.map +1 -0
  219. package/dist/formatters/ai-context.js +238 -0
  220. package/dist/formatters/ai-context.js.map +1 -0
  221. package/dist/formatters/github-comment.d.ts +1 -1
  222. package/dist/formatters/github-comment.d.ts.map +1 -1
  223. package/dist/formatters/github-comment.js +2 -2
  224. package/dist/formatters/github-comment.js.map +1 -1
  225. package/dist/formatters/ide/claude-code.d.ts +17 -0
  226. package/dist/formatters/ide/claude-code.d.ts.map +1 -0
  227. package/dist/formatters/ide/claude-code.js +94 -0
  228. package/dist/formatters/ide/claude-code.js.map +1 -0
  229. package/dist/formatters/ide/cursor.d.ts +13 -0
  230. package/dist/formatters/ide/cursor.d.ts.map +1 -0
  231. package/dist/formatters/ide/cursor.js +125 -0
  232. package/dist/formatters/ide/cursor.js.map +1 -0
  233. package/dist/formatters/ide/index.d.ts +62 -0
  234. package/dist/formatters/ide/index.d.ts.map +1 -0
  235. package/dist/formatters/ide/index.js +184 -0
  236. package/dist/formatters/ide/index.js.map +1 -0
  237. package/dist/formatters/ide/windsurf.d.ts +13 -0
  238. package/dist/formatters/ide/windsurf.d.ts.map +1 -0
  239. package/dist/formatters/ide/windsurf.js +117 -0
  240. package/dist/formatters/ide/windsurf.js.map +1 -0
  241. package/dist/formatters/index.d.ts +2 -0
  242. package/dist/formatters/index.d.ts.map +1 -1
  243. package/dist/formatters/index.js +17 -1
  244. package/dist/formatters/index.js.map +1 -1
  245. package/dist/index.d.ts +17 -60
  246. package/dist/index.d.ts.map +1 -1
  247. package/dist/index.js +67 -824
  248. package/dist/index.js.map +1 -1
  249. package/dist/layer1/comments.d.ts +4 -1
  250. package/dist/layer1/comments.d.ts.map +1 -1
  251. package/dist/layer1/comments.js +1 -1
  252. package/dist/layer1/comments.js.map +1 -1
  253. package/dist/layer1/config-audit.d.ts +4 -1
  254. package/dist/layer1/config-audit.d.ts.map +1 -1
  255. package/dist/layer1/config-audit.js +45 -11
  256. package/dist/layer1/config-audit.js.map +1 -1
  257. package/dist/layer1/config-mcp-audit.d.ts +4 -1
  258. package/dist/layer1/config-mcp-audit.d.ts.map +1 -1
  259. package/dist/layer1/config-mcp-audit.js +2 -2
  260. package/dist/layer1/config-mcp-audit.js.map +1 -1
  261. package/dist/layer1/entropy.d.ts +4 -1
  262. package/dist/layer1/entropy.d.ts.map +1 -1
  263. package/dist/layer1/entropy.js +212 -1
  264. package/dist/layer1/entropy.js.map +1 -1
  265. package/dist/layer1/file-flags.d.ts +4 -1
  266. package/dist/layer1/file-flags.d.ts.map +1 -1
  267. package/dist/layer1/file-flags.js +12 -5
  268. package/dist/layer1/file-flags.js.map +1 -1
  269. package/dist/layer1/index.d.ts.map +1 -1
  270. package/dist/layer1/index.js +14 -19
  271. package/dist/layer1/index.js.map +1 -1
  272. package/dist/layer1/patterns.d.ts +4 -1
  273. package/dist/layer1/patterns.d.ts.map +1 -1
  274. package/dist/layer1/patterns.js +34 -4
  275. package/dist/layer1/patterns.js.map +1 -1
  276. package/dist/layer1/urls.d.ts +4 -1
  277. package/dist/layer1/urls.d.ts.map +1 -1
  278. package/dist/layer1/urls.js +162 -14
  279. package/dist/layer1/urls.js.map +1 -1
  280. package/dist/layer1/weak-crypto.d.ts +4 -1
  281. package/dist/layer1/weak-crypto.d.ts.map +1 -1
  282. package/dist/layer1/weak-crypto.js +144 -7
  283. package/dist/layer1/weak-crypto.js.map +1 -1
  284. package/dist/layer2/ai-agent-tools.d.ts +4 -1
  285. package/dist/layer2/ai-agent-tools.d.ts.map +1 -1
  286. package/dist/layer2/ai-agent-tools.js +661 -2
  287. package/dist/layer2/ai-agent-tools.js.map +1 -1
  288. package/dist/layer2/ai-endpoint-protection.d.ts +2 -0
  289. package/dist/layer2/ai-endpoint-protection.d.ts.map +1 -1
  290. package/dist/layer2/ai-endpoint-protection.js +1 -1
  291. package/dist/layer2/ai-endpoint-protection.js.map +1 -1
  292. package/dist/layer2/ai-execution-sinks.d.ts +4 -1
  293. package/dist/layer2/ai-execution-sinks.d.ts.map +1 -1
  294. package/dist/layer2/ai-execution-sinks.js +252 -43
  295. package/dist/layer2/ai-execution-sinks.js.map +1 -1
  296. package/dist/layer2/ai-fingerprinting.d.ts +4 -1
  297. package/dist/layer2/ai-fingerprinting.d.ts.map +1 -1
  298. package/dist/layer2/ai-fingerprinting.js +25 -32
  299. package/dist/layer2/ai-fingerprinting.js.map +1 -1
  300. package/dist/layer2/ai-mcp-security.d.ts +4 -1
  301. package/dist/layer2/ai-mcp-security.d.ts.map +1 -1
  302. package/dist/layer2/ai-mcp-security.js +200 -2
  303. package/dist/layer2/ai-mcp-security.js.map +1 -1
  304. package/dist/layer2/ai-package-hallucination.d.ts +4 -1
  305. package/dist/layer2/ai-package-hallucination.d.ts.map +1 -1
  306. package/dist/layer2/ai-package-hallucination.js +136 -4
  307. package/dist/layer2/ai-package-hallucination.js.map +1 -1
  308. package/dist/layer2/ai-prompt-hygiene.d.ts +4 -1
  309. package/dist/layer2/ai-prompt-hygiene.d.ts.map +1 -1
  310. package/dist/layer2/ai-prompt-hygiene.js +342 -28
  311. package/dist/layer2/ai-prompt-hygiene.js.map +1 -1
  312. package/dist/layer2/ai-rag-safety.d.ts +4 -1
  313. package/dist/layer2/ai-rag-safety.d.ts.map +1 -1
  314. package/dist/layer2/ai-rag-safety.js +82 -2
  315. package/dist/layer2/ai-rag-safety.js.map +1 -1
  316. package/dist/layer2/ai-schema-validation.d.ts +4 -1
  317. package/dist/layer2/ai-schema-validation.d.ts.map +1 -1
  318. package/dist/layer2/ai-schema-validation.js +2 -2
  319. package/dist/layer2/ai-schema-validation.js.map +1 -1
  320. package/dist/layer2/auth-antipatterns.d.ts +2 -0
  321. package/dist/layer2/auth-antipatterns.d.ts.map +1 -1
  322. package/dist/layer2/auth-antipatterns.js +205 -20
  323. package/dist/layer2/auth-antipatterns.js.map +1 -1
  324. package/dist/layer2/byok-patterns.d.ts +4 -1
  325. package/dist/layer2/byok-patterns.d.ts.map +1 -1
  326. package/dist/layer2/byok-patterns.js +2 -2
  327. package/dist/layer2/byok-patterns.js.map +1 -1
  328. package/dist/layer2/dangerous-functions/dom-xss.d.ts +9 -4
  329. package/dist/layer2/dangerous-functions/dom-xss.d.ts.map +1 -1
  330. package/dist/layer2/dangerous-functions/dom-xss.js +73 -22
  331. package/dist/layer2/dangerous-functions/dom-xss.js.map +1 -1
  332. package/dist/layer2/dangerous-functions/index.d.ts +4 -1
  333. package/dist/layer2/dangerous-functions/index.d.ts.map +1 -1
  334. package/dist/layer2/dangerous-functions/index.js +551 -20
  335. package/dist/layer2/dangerous-functions/index.js.map +1 -1
  336. package/dist/layer2/dangerous-functions/math-random.d.ts +54 -4
  337. package/dist/layer2/dangerous-functions/math-random.d.ts.map +1 -1
  338. package/dist/layer2/dangerous-functions/math-random.js +241 -16
  339. package/dist/layer2/dangerous-functions/math-random.js.map +1 -1
  340. package/dist/layer2/dangerous-functions/patterns.d.ts.map +1 -1
  341. package/dist/layer2/dangerous-functions/patterns.js +3 -1
  342. package/dist/layer2/dangerous-functions/patterns.js.map +1 -1
  343. package/dist/layer2/dangerous-functions/utils/control-flow.d.ts +3 -2
  344. package/dist/layer2/dangerous-functions/utils/control-flow.d.ts.map +1 -1
  345. package/dist/layer2/dangerous-functions/utils/control-flow.js +41 -120
  346. package/dist/layer2/dangerous-functions/utils/control-flow.js.map +1 -1
  347. package/dist/layer2/dangerous-functions/utils/helpers.d.ts.map +1 -1
  348. package/dist/layer2/dangerous-functions/utils/helpers.js +26 -3
  349. package/dist/layer2/dangerous-functions/utils/helpers.js.map +1 -1
  350. package/dist/layer2/dangerous-functions/utils/schema-validation.d.ts.map +1 -1
  351. package/dist/layer2/dangerous-functions/utils/schema-validation.js +14 -1
  352. package/dist/layer2/dangerous-functions/utils/schema-validation.js.map +1 -1
  353. package/dist/layer2/data-exposure.d.ts +4 -1
  354. package/dist/layer2/data-exposure.d.ts.map +1 -1
  355. package/dist/layer2/data-exposure.js +11 -38
  356. package/dist/layer2/data-exposure.js.map +1 -1
  357. package/dist/layer2/framework-checks.d.ts +4 -1
  358. package/dist/layer2/framework-checks.d.ts.map +1 -1
  359. package/dist/layer2/framework-checks.js +3 -10
  360. package/dist/layer2/framework-checks.js.map +1 -1
  361. package/dist/layer2/index.d.ts +13 -1
  362. package/dist/layer2/index.d.ts.map +1 -1
  363. package/dist/layer2/index.js +107 -52
  364. package/dist/layer2/index.js.map +1 -1
  365. package/dist/layer2/log-injection.d.ts +18 -0
  366. package/dist/layer2/log-injection.d.ts.map +1 -0
  367. package/dist/layer2/log-injection.js +214 -0
  368. package/dist/layer2/log-injection.js.map +1 -0
  369. package/dist/layer2/logic-gates.d.ts +4 -1
  370. package/dist/layer2/logic-gates.d.ts.map +1 -1
  371. package/dist/layer2/logic-gates.js +54 -20
  372. package/dist/layer2/logic-gates.js.map +1 -1
  373. package/dist/layer2/model-supply-chain.d.ts +4 -1
  374. package/dist/layer2/model-supply-chain.d.ts.map +1 -1
  375. package/dist/layer2/model-supply-chain.js +72 -4
  376. package/dist/layer2/model-supply-chain.js.map +1 -1
  377. package/dist/layer2/risky-imports.d.ts +4 -1
  378. package/dist/layer2/risky-imports.d.ts.map +1 -1
  379. package/dist/layer2/risky-imports.js +2 -2
  380. package/dist/layer2/risky-imports.js.map +1 -1
  381. package/dist/layer2/security-headers.d.ts +18 -0
  382. package/dist/layer2/security-headers.d.ts.map +1 -0
  383. package/dist/layer2/security-headers.js +187 -0
  384. package/dist/layer2/security-headers.js.map +1 -0
  385. package/dist/layer2/ssrf-detection.d.ts +18 -0
  386. package/dist/layer2/ssrf-detection.d.ts.map +1 -0
  387. package/dist/layer2/ssrf-detection.js +252 -0
  388. package/dist/layer2/ssrf-detection.js.map +1 -0
  389. package/dist/layer2/variables.d.ts +4 -1
  390. package/dist/layer2/variables.d.ts.map +1 -1
  391. package/dist/layer2/variables.js +2 -2
  392. package/dist/layer2/variables.js.map +1 -1
  393. package/dist/layer2/xxe-detection.d.ts +18 -0
  394. package/dist/layer2/xxe-detection.d.ts.map +1 -0
  395. package/dist/layer2/xxe-detection.js +242 -0
  396. package/dist/layer2/xxe-detection.js.map +1 -0
  397. package/dist/layer3/anthropic/auto-dismiss.d.ts.map +1 -1
  398. package/dist/layer3/anthropic/auto-dismiss.js +11 -0
  399. package/dist/layer3/anthropic/auto-dismiss.js.map +1 -1
  400. package/dist/layer3/anthropic/prompts/index.d.ts +1 -1
  401. package/dist/layer3/anthropic/prompts/index.d.ts.map +1 -1
  402. package/dist/layer3/anthropic/prompts/index.js +3 -1
  403. package/dist/layer3/anthropic/prompts/index.js.map +1 -1
  404. package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts +19 -0
  405. package/dist/layer3/anthropic/prompts/modules/ai-patterns.d.ts.map +1 -0
  406. package/dist/layer3/anthropic/prompts/modules/ai-patterns.js +156 -0
  407. package/dist/layer3/anthropic/prompts/modules/ai-patterns.js.map +1 -0
  408. package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts +9 -0
  409. package/dist/layer3/anthropic/prompts/modules/auth-access.d.ts.map +1 -0
  410. package/dist/layer3/anthropic/prompts/modules/auth-access.js +25 -0
  411. package/dist/layer3/anthropic/prompts/modules/auth-access.js.map +1 -0
  412. package/dist/layer3/anthropic/prompts/modules/common.d.ts +11 -0
  413. package/dist/layer3/anthropic/prompts/modules/common.d.ts.map +1 -0
  414. package/dist/layer3/anthropic/prompts/modules/common.js +152 -0
  415. package/dist/layer3/anthropic/prompts/modules/common.js.map +1 -0
  416. package/dist/layer3/anthropic/prompts/modules/index.d.ts +54 -0
  417. package/dist/layer3/anthropic/prompts/modules/index.d.ts.map +1 -0
  418. package/dist/layer3/anthropic/prompts/modules/index.js +185 -0
  419. package/dist/layer3/anthropic/prompts/modules/index.js.map +1 -0
  420. package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts +8 -0
  421. package/dist/layer3/anthropic/prompts/modules/owasp-classic.d.ts.map +1 -0
  422. package/dist/layer3/anthropic/prompts/modules/owasp-classic.js +84 -0
  423. package/dist/layer3/anthropic/prompts/modules/owasp-classic.js.map +1 -0
  424. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts +8 -0
  425. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.d.ts.map +1 -0
  426. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js +68 -0
  427. package/dist/layer3/anthropic/prompts/modules/secrets-crypto.js.map +1 -0
  428. package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts +8 -0
  429. package/dist/layer3/anthropic/prompts/modules/xss-prompt.d.ts.map +1 -0
  430. package/dist/layer3/anthropic/prompts/modules/xss-prompt.js +22 -0
  431. package/dist/layer3/anthropic/prompts/modules/xss-prompt.js.map +1 -0
  432. package/dist/layer3/anthropic/prompts/validation.d.ts +9 -3
  433. package/dist/layer3/anthropic/prompts/validation.d.ts.map +1 -1
  434. package/dist/layer3/anthropic/prompts/validation.js +14 -410
  435. package/dist/layer3/anthropic/prompts/validation.js.map +1 -1
  436. package/dist/layer3/anthropic/providers/anthropic.d.ts.map +1 -1
  437. package/dist/layer3/anthropic/providers/anthropic.js +6 -3
  438. package/dist/layer3/anthropic/providers/anthropic.js.map +1 -1
  439. package/dist/layer3/anthropic/providers/openai.d.ts.map +1 -1
  440. package/dist/layer3/anthropic/providers/openai.js +6 -3
  441. package/dist/layer3/anthropic/providers/openai.js.map +1 -1
  442. package/dist/layer3/anthropic/request-builder.d.ts +11 -4
  443. package/dist/layer3/anthropic/request-builder.d.ts.map +1 -1
  444. package/dist/layer3/anthropic/request-builder.js +32 -16
  445. package/dist/layer3/anthropic/request-builder.js.map +1 -1
  446. package/dist/layer3/anthropic/utils/context-extractor.d.ts +55 -0
  447. package/dist/layer3/anthropic/utils/context-extractor.d.ts.map +1 -0
  448. package/dist/layer3/anthropic/utils/context-extractor.js +161 -0
  449. package/dist/layer3/anthropic/utils/context-extractor.js.map +1 -0
  450. package/dist/layer3/anthropic/utils/index.d.ts +2 -0
  451. package/dist/layer3/anthropic/utils/index.d.ts.map +1 -1
  452. package/dist/layer3/anthropic/utils/index.js +4 -1
  453. package/dist/layer3/anthropic/utils/index.js.map +1 -1
  454. package/dist/model/auth-helper-detector.d.ts +56 -0
  455. package/dist/model/auth-helper-detector.d.ts.map +1 -0
  456. package/dist/model/auth-helper-detector.js +360 -0
  457. package/dist/model/auth-helper-detector.js.map +1 -0
  458. package/dist/model/cross-file-taint.d.ts +40 -0
  459. package/dist/model/cross-file-taint.d.ts.map +1 -0
  460. package/dist/model/cross-file-taint.js +290 -0
  461. package/dist/model/cross-file-taint.js.map +1 -0
  462. package/dist/model/framework-models/django.d.ts +9 -0
  463. package/dist/model/framework-models/django.d.ts.map +1 -0
  464. package/dist/model/framework-models/django.js +82 -0
  465. package/dist/model/framework-models/django.js.map +1 -0
  466. package/dist/model/framework-models/express.d.ts +9 -0
  467. package/dist/model/framework-models/express.d.ts.map +1 -0
  468. package/dist/model/framework-models/express.js +52 -0
  469. package/dist/model/framework-models/express.js.map +1 -0
  470. package/dist/model/framework-models/index.d.ts +20 -0
  471. package/dist/model/framework-models/index.d.ts.map +1 -0
  472. package/dist/model/framework-models/index.js +102 -0
  473. package/dist/model/framework-models/index.js.map +1 -0
  474. package/dist/model/framework-models/nextjs.d.ts +9 -0
  475. package/dist/model/framework-models/nextjs.d.ts.map +1 -0
  476. package/dist/model/framework-models/nextjs.js +71 -0
  477. package/dist/model/framework-models/nextjs.js.map +1 -0
  478. package/dist/model/framework-models/prisma.d.ts +10 -0
  479. package/dist/model/framework-models/prisma.d.ts.map +1 -0
  480. package/dist/model/framework-models/prisma.js +54 -0
  481. package/dist/model/framework-models/prisma.js.map +1 -0
  482. package/dist/model/framework-models/react.d.ts +9 -0
  483. package/dist/model/framework-models/react.d.ts.map +1 -0
  484. package/dist/model/framework-models/react.js +67 -0
  485. package/dist/model/framework-models/react.js.map +1 -0
  486. package/dist/model/framework-models/sequelize.d.ts +9 -0
  487. package/dist/model/framework-models/sequelize.d.ts.map +1 -0
  488. package/dist/model/framework-models/sequelize.js +62 -0
  489. package/dist/model/framework-models/sequelize.js.map +1 -0
  490. package/dist/model/framework-models/types.d.ts +43 -0
  491. package/dist/model/framework-models/types.d.ts.map +1 -0
  492. package/dist/model/framework-models/types.js +10 -0
  493. package/dist/model/framework-models/types.js.map +1 -0
  494. package/dist/model/function-classifier.d.ts +32 -0
  495. package/dist/model/function-classifier.d.ts.map +1 -0
  496. package/dist/model/function-classifier.js +143 -0
  497. package/dist/model/function-classifier.js.map +1 -0
  498. package/dist/model/import-resolver.d.ts +45 -0
  499. package/dist/model/import-resolver.d.ts.map +1 -0
  500. package/dist/model/import-resolver.js +410 -0
  501. package/dist/model/import-resolver.js.map +1 -0
  502. package/dist/model/imported-auth-detector.d.ts +38 -0
  503. package/dist/model/imported-auth-detector.d.ts.map +1 -0
  504. package/dist/model/imported-auth-detector.js +199 -0
  505. package/dist/model/imported-auth-detector.js.map +1 -0
  506. package/dist/model/index.d.ts +63 -0
  507. package/dist/model/index.d.ts.map +1 -0
  508. package/dist/model/index.js +272 -0
  509. package/dist/model/index.js.map +1 -0
  510. package/dist/model/middleware-detector.d.ts +55 -0
  511. package/dist/model/middleware-detector.d.ts.map +1 -0
  512. package/dist/model/middleware-detector.js +382 -0
  513. package/dist/model/middleware-detector.js.map +1 -0
  514. package/dist/model/module-graph.d.ts +46 -0
  515. package/dist/model/module-graph.d.ts.map +1 -0
  516. package/dist/model/module-graph.js +187 -0
  517. package/dist/model/module-graph.js.map +1 -0
  518. package/dist/model/oauth-flow-detector.d.ts +41 -0
  519. package/dist/model/oauth-flow-detector.d.ts.map +1 -0
  520. package/dist/model/oauth-flow-detector.js +202 -0
  521. package/dist/model/oauth-flow-detector.js.map +1 -0
  522. package/dist/model/project-context.d.ts +119 -0
  523. package/dist/model/project-context.d.ts.map +1 -0
  524. package/dist/model/project-context.js +534 -0
  525. package/dist/model/project-context.js.map +1 -0
  526. package/dist/model/route-auth-resolver.d.ts +27 -0
  527. package/dist/model/route-auth-resolver.d.ts.map +1 -0
  528. package/dist/model/route-auth-resolver.js +182 -0
  529. package/dist/model/route-auth-resolver.js.map +1 -0
  530. package/dist/model/route-discovery/express.d.ts +25 -0
  531. package/dist/model/route-discovery/express.d.ts.map +1 -0
  532. package/dist/model/route-discovery/express.js +225 -0
  533. package/dist/model/route-discovery/express.js.map +1 -0
  534. package/dist/model/route-discovery/index.d.ts +21 -0
  535. package/dist/model/route-discovery/index.d.ts.map +1 -0
  536. package/dist/model/route-discovery/index.js +67 -0
  537. package/dist/model/route-discovery/index.js.map +1 -0
  538. package/dist/model/route-discovery/nextjs.d.ts +16 -0
  539. package/dist/model/route-discovery/nextjs.d.ts.map +1 -0
  540. package/dist/model/route-discovery/nextjs.js +179 -0
  541. package/dist/model/route-discovery/nextjs.js.map +1 -0
  542. package/dist/model/route-discovery/python.d.ts +16 -0
  543. package/dist/model/route-discovery/python.d.ts.map +1 -0
  544. package/dist/model/route-discovery/python.js +181 -0
  545. package/dist/model/route-discovery/python.js.map +1 -0
  546. package/dist/model/route-discovery/types.d.ts +36 -0
  547. package/dist/model/route-discovery/types.d.ts.map +1 -0
  548. package/dist/model/route-discovery/types.js +16 -0
  549. package/dist/model/route-discovery/types.js.map +1 -0
  550. package/dist/model/route-discovery/utils.d.ts +18 -0
  551. package/dist/model/route-discovery/utils.d.ts.map +1 -0
  552. package/dist/model/route-discovery/utils.js +55 -0
  553. package/dist/model/route-discovery/utils.js.map +1 -0
  554. package/dist/model/route-hierarchy.d.ts +50 -0
  555. package/dist/model/route-hierarchy.d.ts.map +1 -0
  556. package/dist/model/route-hierarchy.js +226 -0
  557. package/dist/model/route-hierarchy.js.map +1 -0
  558. package/dist/model/sanitiser-detection.d.ts +27 -0
  559. package/dist/model/sanitiser-detection.d.ts.map +1 -0
  560. package/dist/model/sanitiser-detection.js +224 -0
  561. package/dist/model/sanitiser-detection.js.map +1 -0
  562. package/dist/model/sink-matcher.d.ts +17 -0
  563. package/dist/model/sink-matcher.d.ts.map +1 -0
  564. package/dist/model/sink-matcher.js +141 -0
  565. package/dist/model/sink-matcher.js.map +1 -0
  566. package/dist/model/sink-patterns.d.ts +19 -0
  567. package/dist/model/sink-patterns.d.ts.map +1 -0
  568. package/dist/model/sink-patterns.js +88 -0
  569. package/dist/model/sink-patterns.js.map +1 -0
  570. package/dist/model/source-discovery.d.ts +15 -0
  571. package/dist/model/source-discovery.d.ts.map +1 -0
  572. package/dist/model/source-discovery.js +170 -0
  573. package/dist/model/source-discovery.js.map +1 -0
  574. package/dist/model/taint-tracker.d.ts +21 -0
  575. package/dist/model/taint-tracker.d.ts.map +1 -0
  576. package/dist/model/taint-tracker.js +281 -0
  577. package/dist/model/taint-tracker.js.map +1 -0
  578. package/dist/model/taint-types.d.ts +74 -0
  579. package/dist/model/taint-types.d.ts.map +1 -0
  580. package/dist/model/taint-types.js +9 -0
  581. package/dist/model/taint-types.js.map +1 -0
  582. package/dist/model/trpc-analyzer.d.ts +78 -0
  583. package/dist/model/trpc-analyzer.d.ts.map +1 -0
  584. package/dist/model/trpc-analyzer.js +297 -0
  585. package/dist/model/trpc-analyzer.js.map +1 -0
  586. package/dist/modes/incremental.js +1 -1
  587. package/dist/parse/file-classifier.d.ts +228 -0
  588. package/dist/parse/file-classifier.d.ts.map +1 -0
  589. package/dist/parse/file-classifier.js +933 -0
  590. package/dist/parse/file-classifier.js.map +1 -0
  591. package/dist/parse/path-exclusions.d.ts +55 -0
  592. package/dist/parse/path-exclusions.d.ts.map +1 -0
  593. package/dist/parse/path-exclusions.js +224 -0
  594. package/dist/parse/path-exclusions.js.map +1 -0
  595. package/dist/pipeline/config.d.ts +39 -0
  596. package/dist/pipeline/config.d.ts.map +1 -0
  597. package/dist/pipeline/config.js +46 -0
  598. package/dist/pipeline/config.js.map +1 -0
  599. package/dist/pipeline/index.d.ts +34 -0
  600. package/dist/pipeline/index.d.ts.map +1 -0
  601. package/dist/pipeline/index.js +377 -0
  602. package/dist/pipeline/index.js.map +1 -0
  603. package/dist/pipeline/modes/incremental.d.ts +66 -0
  604. package/dist/pipeline/modes/incremental.d.ts.map +1 -0
  605. package/dist/pipeline/modes/incremental.js +200 -0
  606. package/dist/pipeline/modes/incremental.js.map +1 -0
  607. package/dist/postprocess/aggregation.d.ts +14 -0
  608. package/dist/postprocess/aggregation.d.ts.map +1 -0
  609. package/dist/postprocess/aggregation.js +63 -0
  610. package/dist/postprocess/aggregation.js.map +1 -0
  611. package/dist/postprocess/contradictions.d.ts +18 -0
  612. package/dist/postprocess/contradictions.d.ts.map +1 -0
  613. package/dist/postprocess/contradictions.js +99 -0
  614. package/dist/postprocess/contradictions.js.map +1 -0
  615. package/dist/postprocess/dedup.d.ts +13 -0
  616. package/dist/postprocess/dedup.d.ts.map +1 -0
  617. package/dist/postprocess/dedup.js +58 -0
  618. package/dist/postprocess/dedup.js.map +1 -0
  619. package/dist/postprocess/filtering/context-adjustments.d.ts +23 -0
  620. package/dist/postprocess/filtering/context-adjustments.d.ts.map +1 -0
  621. package/dist/postprocess/filtering/context-adjustments.js +100 -0
  622. package/dist/postprocess/filtering/context-adjustments.js.map +1 -0
  623. package/dist/postprocess/filtering/index.d.ts +3 -0
  624. package/dist/postprocess/filtering/index.d.ts.map +1 -0
  625. package/dist/postprocess/filtering/index.js +8 -0
  626. package/dist/postprocess/filtering/index.js.map +1 -0
  627. package/dist/postprocess/filtering/pipeline.d.ts +48 -0
  628. package/dist/postprocess/filtering/pipeline.d.ts.map +1 -0
  629. package/dist/postprocess/filtering/pipeline.js +76 -0
  630. package/dist/postprocess/filtering/pipeline.js.map +1 -0
  631. package/dist/postprocess/index.d.ts +41 -0
  632. package/dist/postprocess/index.d.ts.map +1 -0
  633. package/dist/postprocess/index.js +85 -0
  634. package/dist/postprocess/index.js.map +1 -0
  635. package/dist/postprocess/suppression/config-loader.d.ts +74 -0
  636. package/dist/postprocess/suppression/config-loader.d.ts.map +1 -0
  637. package/dist/postprocess/suppression/config-loader.js +424 -0
  638. package/dist/postprocess/suppression/config-loader.js.map +1 -0
  639. package/dist/postprocess/suppression/hash.d.ts +48 -0
  640. package/dist/postprocess/suppression/hash.d.ts.map +1 -0
  641. package/dist/postprocess/suppression/hash.js +88 -0
  642. package/dist/postprocess/suppression/hash.js.map +1 -0
  643. package/dist/postprocess/suppression/index.d.ts +11 -0
  644. package/dist/postprocess/suppression/index.d.ts.map +1 -0
  645. package/dist/postprocess/suppression/index.js +39 -0
  646. package/dist/postprocess/suppression/index.js.map +1 -0
  647. package/dist/postprocess/suppression/inline-parser.d.ts +39 -0
  648. package/dist/postprocess/suppression/inline-parser.d.ts.map +1 -0
  649. package/dist/postprocess/suppression/inline-parser.js +218 -0
  650. package/dist/postprocess/suppression/inline-parser.js.map +1 -0
  651. package/dist/postprocess/suppression/manager.d.ts +94 -0
  652. package/dist/postprocess/suppression/manager.d.ts.map +1 -0
  653. package/dist/postprocess/suppression/manager.js +292 -0
  654. package/dist/postprocess/suppression/manager.js.map +1 -0
  655. package/dist/postprocess/suppression/types.d.ts +151 -0
  656. package/dist/postprocess/suppression/types.d.ts.map +1 -0
  657. package/dist/postprocess/suppression/types.js +28 -0
  658. package/dist/postprocess/suppression/types.js.map +1 -0
  659. package/dist/postprocess/validation-cap.d.ts +17 -0
  660. package/dist/postprocess/validation-cap.d.ts.map +1 -0
  661. package/dist/postprocess/validation-cap.js +64 -0
  662. package/dist/postprocess/validation-cap.js.map +1 -0
  663. package/dist/report/build-result.d.ts +33 -0
  664. package/dist/report/build-result.d.ts.map +1 -0
  665. package/dist/report/build-result.js +59 -0
  666. package/dist/report/build-result.js.map +1 -0
  667. package/dist/report/enrichment.d.ts +19 -0
  668. package/dist/report/enrichment.d.ts.map +1 -0
  669. package/dist/report/enrichment.js +44 -0
  670. package/dist/report/enrichment.js.map +1 -0
  671. package/dist/report/formatters/ai-context.d.ts +23 -0
  672. package/dist/report/formatters/ai-context.d.ts.map +1 -0
  673. package/dist/report/formatters/ai-context.js +238 -0
  674. package/dist/report/formatters/ai-context.js.map +1 -0
  675. package/dist/report/formatters/cli-terminal.d.ts +65 -0
  676. package/dist/report/formatters/cli-terminal.d.ts.map +1 -0
  677. package/dist/report/formatters/cli-terminal.js +735 -0
  678. package/dist/report/formatters/cli-terminal.js.map +1 -0
  679. package/dist/report/formatters/github-comment.d.ts +41 -0
  680. package/dist/report/formatters/github-comment.d.ts.map +1 -0
  681. package/dist/report/formatters/github-comment.js +370 -0
  682. package/dist/report/formatters/github-comment.js.map +1 -0
  683. package/dist/report/formatters/grouping.d.ts +52 -0
  684. package/dist/report/formatters/grouping.d.ts.map +1 -0
  685. package/dist/report/formatters/grouping.js +152 -0
  686. package/dist/report/formatters/grouping.js.map +1 -0
  687. package/dist/report/formatters/ide/claude-code.d.ts +17 -0
  688. package/dist/report/formatters/ide/claude-code.d.ts.map +1 -0
  689. package/dist/report/formatters/ide/claude-code.js +94 -0
  690. package/dist/report/formatters/ide/claude-code.js.map +1 -0
  691. package/dist/report/formatters/ide/cursor.d.ts +13 -0
  692. package/dist/report/formatters/ide/cursor.d.ts.map +1 -0
  693. package/dist/report/formatters/ide/cursor.js +125 -0
  694. package/dist/report/formatters/ide/cursor.js.map +1 -0
  695. package/dist/report/formatters/ide/index.d.ts +62 -0
  696. package/dist/report/formatters/ide/index.d.ts.map +1 -0
  697. package/dist/report/formatters/ide/index.js +184 -0
  698. package/dist/report/formatters/ide/index.js.map +1 -0
  699. package/dist/report/formatters/ide/windsurf.d.ts +13 -0
  700. package/dist/report/formatters/ide/windsurf.d.ts.map +1 -0
  701. package/dist/report/formatters/ide/windsurf.js +117 -0
  702. package/dist/report/formatters/ide/windsurf.js.map +1 -0
  703. package/dist/report/formatters/index.d.ts +11 -0
  704. package/dist/report/formatters/index.d.ts.map +1 -0
  705. package/dist/report/formatters/index.js +54 -0
  706. package/dist/report/formatters/index.js.map +1 -0
  707. package/dist/report/formatters/vscode-diagnostic.d.ts +103 -0
  708. package/dist/report/formatters/vscode-diagnostic.d.ts.map +1 -0
  709. package/dist/report/formatters/vscode-diagnostic.js +151 -0
  710. package/dist/report/formatters/vscode-diagnostic.js.map +1 -0
  711. package/dist/report/summary.d.ts +27 -0
  712. package/dist/report/summary.d.ts.map +1 -0
  713. package/dist/report/summary.js +57 -0
  714. package/dist/report/summary.js.map +1 -0
  715. package/dist/rules/metadata.d.ts.map +1 -1
  716. package/dist/rules/metadata.js +66 -0
  717. package/dist/rules/metadata.js.map +1 -1
  718. package/dist/score/adjustments.d.ts +22 -0
  719. package/dist/score/adjustments.d.ts.map +1 -0
  720. package/dist/score/adjustments.js +373 -0
  721. package/dist/score/adjustments.js.map +1 -0
  722. package/dist/score/auto-dismiss.d.ts +28 -0
  723. package/dist/score/auto-dismiss.d.ts.map +1 -0
  724. package/dist/score/auto-dismiss.js +200 -0
  725. package/dist/score/auto-dismiss.js.map +1 -0
  726. package/dist/score/confidence.d.ts +19 -0
  727. package/dist/score/confidence.d.ts.map +1 -0
  728. package/dist/score/confidence.js +52 -0
  729. package/dist/score/confidence.js.map +1 -0
  730. package/dist/score/index.d.ts +61 -0
  731. package/dist/score/index.d.ts.map +1 -0
  732. package/dist/score/index.js +250 -0
  733. package/dist/score/index.js.map +1 -0
  734. package/dist/score/types.d.ts +160 -0
  735. package/dist/score/types.d.ts.map +1 -0
  736. package/dist/score/types.js +14 -0
  737. package/dist/score/types.js.map +1 -0
  738. package/dist/shared/ai-context/index.d.ts +6 -0
  739. package/dist/shared/ai-context/index.d.ts.map +1 -0
  740. package/dist/shared/ai-context/index.js +13 -0
  741. package/dist/shared/ai-context/index.js.map +1 -0
  742. package/dist/shared/ai-context/manager.d.ts +67 -0
  743. package/dist/shared/ai-context/manager.d.ts.map +1 -0
  744. package/dist/shared/ai-context/manager.js +104 -0
  745. package/dist/shared/ai-context/manager.js.map +1 -0
  746. package/dist/shared/baseline/diff.d.ts +32 -0
  747. package/dist/shared/baseline/diff.d.ts.map +1 -0
  748. package/dist/shared/baseline/diff.js +119 -0
  749. package/dist/shared/baseline/diff.js.map +1 -0
  750. package/dist/shared/baseline/index.d.ts +9 -0
  751. package/dist/shared/baseline/index.d.ts.map +1 -0
  752. package/dist/shared/baseline/index.js +19 -0
  753. package/dist/shared/baseline/index.js.map +1 -0
  754. package/dist/shared/baseline/manager.d.ts +67 -0
  755. package/dist/shared/baseline/manager.d.ts.map +1 -0
  756. package/dist/shared/baseline/manager.js +180 -0
  757. package/dist/shared/baseline/manager.js.map +1 -0
  758. package/dist/shared/baseline/types.d.ts +91 -0
  759. package/dist/shared/baseline/types.d.ts.map +1 -0
  760. package/dist/shared/baseline/types.js +12 -0
  761. package/dist/shared/baseline/types.js.map +1 -0
  762. package/dist/shared/category-filter.d.ts +125 -0
  763. package/dist/shared/category-filter.d.ts.map +1 -0
  764. package/dist/shared/category-filter.js +360 -0
  765. package/dist/shared/category-filter.js.map +1 -0
  766. package/dist/shared/code-analysis.d.ts +39 -0
  767. package/dist/shared/code-analysis.d.ts.map +1 -0
  768. package/dist/shared/code-analysis.js +159 -0
  769. package/dist/shared/code-analysis.js.map +1 -0
  770. package/dist/shared/comment-analyzer.d.ts +38 -0
  771. package/dist/shared/comment-analyzer.d.ts.map +1 -0
  772. package/dist/shared/comment-analyzer.js +218 -0
  773. package/dist/shared/comment-analyzer.js.map +1 -0
  774. package/dist/shared/diff-detector.d.ts +53 -0
  775. package/dist/shared/diff-detector.d.ts.map +1 -0
  776. package/dist/shared/diff-detector.js +104 -0
  777. package/dist/shared/diff-detector.js.map +1 -0
  778. package/dist/shared/diff-parser.d.ts +80 -0
  779. package/dist/shared/diff-parser.d.ts.map +1 -0
  780. package/dist/shared/diff-parser.js +202 -0
  781. package/dist/shared/diff-parser.js.map +1 -0
  782. package/dist/shared/environment-context.d.ts +76 -0
  783. package/dist/shared/environment-context.d.ts.map +1 -0
  784. package/dist/shared/environment-context.js +271 -0
  785. package/dist/shared/environment-context.js.map +1 -0
  786. package/dist/shared/intent-detector.d.ts +66 -0
  787. package/dist/shared/intent-detector.d.ts.map +1 -0
  788. package/dist/shared/intent-detector.js +282 -0
  789. package/dist/shared/intent-detector.js.map +1 -0
  790. package/dist/shared/parsed-file.d.ts +51 -0
  791. package/dist/shared/parsed-file.d.ts.map +1 -0
  792. package/dist/shared/parsed-file.js +95 -0
  793. package/dist/shared/parsed-file.js.map +1 -0
  794. package/dist/shared/registry-clients.d.ts +93 -0
  795. package/dist/shared/registry-clients.d.ts.map +1 -0
  796. package/dist/shared/registry-clients.js +273 -0
  797. package/dist/shared/registry-clients.js.map +1 -0
  798. package/dist/shared/rules/framework-fixes.d.ts +48 -0
  799. package/dist/shared/rules/framework-fixes.d.ts.map +1 -0
  800. package/dist/shared/rules/framework-fixes.js +439 -0
  801. package/dist/shared/rules/framework-fixes.js.map +1 -0
  802. package/dist/shared/rules/index.d.ts +8 -0
  803. package/dist/shared/rules/index.d.ts.map +1 -0
  804. package/dist/shared/rules/index.js +18 -0
  805. package/dist/shared/rules/index.js.map +1 -0
  806. package/dist/shared/rules/metadata.d.ts +43 -0
  807. package/dist/shared/rules/metadata.d.ts.map +1 -0
  808. package/dist/shared/rules/metadata.js +819 -0
  809. package/dist/shared/rules/metadata.js.map +1 -0
  810. package/dist/shared/schema-semantics.d.ts +45 -0
  811. package/dist/shared/schema-semantics.d.ts.map +1 -0
  812. package/dist/shared/schema-semantics.js +193 -0
  813. package/dist/shared/schema-semantics.js.map +1 -0
  814. package/dist/shared/types.d.ts +337 -0
  815. package/dist/shared/types.d.ts.map +1 -0
  816. package/dist/shared/types.js +126 -0
  817. package/dist/shared/types.js.map +1 -0
  818. package/dist/tiers.d.ts +4 -4
  819. package/dist/tiers.d.ts.map +1 -1
  820. package/dist/tiers.js +17 -7
  821. package/dist/tiers.js.map +1 -1
  822. package/dist/types.d.ts +79 -9
  823. package/dist/types.d.ts.map +1 -1
  824. package/dist/types.js +34 -0
  825. package/dist/types.js.map +1 -1
  826. package/dist/utils/code-analysis.d.ts +39 -0
  827. package/dist/utils/code-analysis.d.ts.map +1 -0
  828. package/dist/utils/code-analysis.js +159 -0
  829. package/dist/utils/code-analysis.js.map +1 -0
  830. package/dist/utils/comment-analyzer.d.ts +38 -0
  831. package/dist/utils/comment-analyzer.d.ts.map +1 -0
  832. package/dist/utils/comment-analyzer.js +218 -0
  833. package/dist/utils/comment-analyzer.js.map +1 -0
  834. package/dist/utils/context-helpers.d.ts +108 -1
  835. package/dist/utils/context-helpers.d.ts.map +1 -1
  836. package/dist/utils/context-helpers.js +351 -2
  837. package/dist/utils/context-helpers.js.map +1 -1
  838. package/dist/utils/environment-context.d.ts +76 -0
  839. package/dist/utils/environment-context.d.ts.map +1 -0
  840. package/dist/utils/environment-context.js +271 -0
  841. package/dist/utils/environment-context.js.map +1 -0
  842. package/dist/utils/intent-detector.d.ts +66 -0
  843. package/dist/utils/intent-detector.d.ts.map +1 -0
  844. package/dist/utils/intent-detector.js +282 -0
  845. package/dist/utils/intent-detector.js.map +1 -0
  846. package/dist/utils/parsed-file.d.ts +51 -0
  847. package/dist/utils/parsed-file.d.ts.map +1 -0
  848. package/dist/utils/parsed-file.js +95 -0
  849. package/dist/utils/parsed-file.js.map +1 -0
  850. package/dist/utils/route-hierarchy.d.ts +50 -0
  851. package/dist/utils/route-hierarchy.d.ts.map +1 -0
  852. package/dist/utils/route-hierarchy.js +226 -0
  853. package/dist/utils/route-hierarchy.js.map +1 -0
  854. package/dist/utils/schema-semantics.d.ts +45 -0
  855. package/dist/utils/schema-semantics.d.ts.map +1 -0
  856. package/dist/utils/schema-semantics.js +193 -0
  857. package/dist/utils/schema-semantics.js.map +1 -0
  858. package/dist/validate/clients.d.ts +44 -0
  859. package/dist/validate/clients.d.ts.map +1 -0
  860. package/dist/validate/clients.js +81 -0
  861. package/dist/validate/clients.js.map +1 -0
  862. package/dist/validate/index.d.ts +41 -0
  863. package/dist/validate/index.d.ts.map +1 -0
  864. package/dist/validate/index.js +141 -0
  865. package/dist/validate/index.js.map +1 -0
  866. package/dist/validate/prompts/index.d.ts +8 -0
  867. package/dist/validate/prompts/index.d.ts.map +1 -0
  868. package/dist/validate/prompts/index.js +16 -0
  869. package/dist/validate/prompts/index.js.map +1 -0
  870. package/dist/validate/prompts/modules/ai-patterns.d.ts +19 -0
  871. package/dist/validate/prompts/modules/ai-patterns.d.ts.map +1 -0
  872. package/dist/validate/prompts/modules/ai-patterns.js +156 -0
  873. package/dist/validate/prompts/modules/ai-patterns.js.map +1 -0
  874. package/dist/validate/prompts/modules/auth-access.d.ts +9 -0
  875. package/dist/validate/prompts/modules/auth-access.d.ts.map +1 -0
  876. package/dist/validate/prompts/modules/auth-access.js +25 -0
  877. package/dist/validate/prompts/modules/auth-access.js.map +1 -0
  878. package/dist/validate/prompts/modules/common.d.ts +11 -0
  879. package/dist/validate/prompts/modules/common.d.ts.map +1 -0
  880. package/dist/validate/prompts/modules/common.js +186 -0
  881. package/dist/validate/prompts/modules/common.js.map +1 -0
  882. package/dist/validate/prompts/modules/index.d.ts +54 -0
  883. package/dist/validate/prompts/modules/index.d.ts.map +1 -0
  884. package/dist/validate/prompts/modules/index.js +186 -0
  885. package/dist/validate/prompts/modules/index.js.map +1 -0
  886. package/dist/validate/prompts/modules/owasp-classic.d.ts +8 -0
  887. package/dist/validate/prompts/modules/owasp-classic.d.ts.map +1 -0
  888. package/dist/validate/prompts/modules/owasp-classic.js +84 -0
  889. package/dist/validate/prompts/modules/owasp-classic.js.map +1 -0
  890. package/dist/validate/prompts/modules/secrets-crypto.d.ts +8 -0
  891. package/dist/validate/prompts/modules/secrets-crypto.d.ts.map +1 -0
  892. package/dist/validate/prompts/modules/secrets-crypto.js +68 -0
  893. package/dist/validate/prompts/modules/secrets-crypto.js.map +1 -0
  894. package/dist/validate/prompts/modules/xss-prompt.d.ts +8 -0
  895. package/dist/validate/prompts/modules/xss-prompt.d.ts.map +1 -0
  896. package/dist/validate/prompts/modules/xss-prompt.js +22 -0
  897. package/dist/validate/prompts/modules/xss-prompt.js.map +1 -0
  898. package/dist/validate/prompts/semantic-analysis.d.ts +15 -0
  899. package/dist/validate/prompts/semantic-analysis.d.ts.map +1 -0
  900. package/dist/validate/prompts/semantic-analysis.js +169 -0
  901. package/dist/validate/prompts/semantic-analysis.js.map +1 -0
  902. package/dist/validate/prompts/validation.d.ts +18 -0
  903. package/dist/validate/prompts/validation.d.ts.map +1 -0
  904. package/dist/validate/prompts/validation.js +25 -0
  905. package/dist/validate/prompts/validation.js.map +1 -0
  906. package/dist/validate/providers/anthropic.d.ts +17 -0
  907. package/dist/validate/providers/anthropic.d.ts.map +1 -0
  908. package/dist/validate/providers/anthropic.js +260 -0
  909. package/dist/validate/providers/anthropic.js.map +1 -0
  910. package/dist/validate/providers/index.d.ts +8 -0
  911. package/dist/validate/providers/index.d.ts.map +1 -0
  912. package/dist/validate/providers/index.js +13 -0
  913. package/dist/validate/providers/index.js.map +1 -0
  914. package/dist/validate/providers/openai.d.ts +14 -0
  915. package/dist/validate/providers/openai.d.ts.map +1 -0
  916. package/dist/validate/providers/openai.js +336 -0
  917. package/dist/validate/providers/openai.js.map +1 -0
  918. package/dist/validate/request-builder.d.ts +61 -0
  919. package/dist/validate/request-builder.d.ts.map +1 -0
  920. package/dist/validate/request-builder.js +346 -0
  921. package/dist/validate/request-builder.js.map +1 -0
  922. package/dist/validate/types.d.ts +88 -0
  923. package/dist/validate/types.d.ts.map +1 -0
  924. package/dist/validate/types.js +38 -0
  925. package/dist/validate/types.js.map +1 -0
  926. package/dist/validate/utils/context-extractor.d.ts +55 -0
  927. package/dist/validate/utils/context-extractor.d.ts.map +1 -0
  928. package/dist/validate/utils/context-extractor.js +161 -0
  929. package/dist/validate/utils/context-extractor.js.map +1 -0
  930. package/dist/validate/utils/index.d.ts +11 -0
  931. package/dist/validate/utils/index.d.ts.map +1 -0
  932. package/dist/validate/utils/index.js +27 -0
  933. package/dist/validate/utils/index.js.map +1 -0
  934. package/dist/validate/utils/path-helpers.d.ts +21 -0
  935. package/dist/validate/utils/path-helpers.d.ts.map +1 -0
  936. package/dist/validate/utils/path-helpers.js +69 -0
  937. package/dist/validate/utils/path-helpers.js.map +1 -0
  938. package/dist/validate/utils/response-parser.d.ts +40 -0
  939. package/dist/validate/utils/response-parser.d.ts.map +1 -0
  940. package/dist/validate/utils/response-parser.js +286 -0
  941. package/dist/validate/utils/response-parser.js.map +1 -0
  942. package/dist/validate/utils/retry.d.ts +15 -0
  943. package/dist/validate/utils/retry.d.ts.map +1 -0
  944. package/dist/validate/utils/retry.js +62 -0
  945. package/dist/validate/utils/retry.js.map +1 -0
  946. package/package.json +8 -7
  947. package/src/__tests__/benchmark/fixtures/layer1/agent-skill-injection.ts +204 -0
  948. package/src/__tests__/benchmark/fixtures/layer1/index.ts +3 -0
  949. package/src/__tests__/benchmark/fixtures/layer2/index.ts +27 -0
  950. package/src/__tests__/benchmark/fixtures/layer2/log-injection.ts +147 -0
  951. package/src/__tests__/benchmark/fixtures/layer2/phase5-excessive-agency.ts +580 -0
  952. package/src/__tests__/benchmark/fixtures/layer2/security-headers.ts +197 -0
  953. package/src/__tests__/benchmark/fixtures/layer2/sprint6-ai-enhancements.ts +515 -0
  954. package/src/__tests__/benchmark/fixtures/layer2/ssrf-detection.ts +210 -0
  955. package/src/__tests__/benchmark/fixtures/layer2/xxe-detection.ts +195 -0
  956. package/src/__tests__/benchmark/run-depth-validation.ts +12 -12
  957. package/src/__tests__/benchmark/run-real-world-test.ts +4 -4
  958. package/src/__tests__/benchmark/types.ts +1 -1
  959. package/src/__tests__/benchmark/utils/test-runner.ts +3 -3
  960. package/src/__tests__/category-filter.test.ts +478 -0
  961. package/src/__tests__/context-engine/cross-file-taint.test.ts +284 -0
  962. package/src/__tests__/context-engine/framework-models.test.ts +457 -0
  963. package/src/__tests__/context-engine/function-classifier.test.ts +146 -0
  964. package/src/__tests__/context-engine/import-resolver.test.ts +328 -0
  965. package/src/__tests__/context-engine/integration.test.ts +320 -0
  966. package/src/__tests__/context-engine/module-graph.test.ts +159 -0
  967. package/src/__tests__/context-engine/route-discovery/auth-resolver.test.ts +353 -0
  968. package/src/__tests__/context-engine/route-discovery/express.test.ts +150 -0
  969. package/src/__tests__/context-engine/route-discovery/nextjs.test.ts +138 -0
  970. package/src/__tests__/context-engine/route-discovery/python.test.ts +95 -0
  971. package/src/__tests__/context-engine/sanitiser-detection.test.ts +187 -0
  972. package/src/__tests__/context-engine/sink-matcher.test.ts +251 -0
  973. package/src/__tests__/context-engine/source-discovery.test.ts +186 -0
  974. package/src/__tests__/context-engine/taint-tracker.test.ts +182 -0
  975. package/src/__tests__/regression/agent-skill-benign.test.ts +174 -0
  976. package/src/__tests__/regression/known-false-positives.test.ts +801 -3
  977. package/src/__tests__/score/adjustments.test.ts +385 -0
  978. package/src/__tests__/score/confidence.test.ts +283 -0
  979. package/src/__tests__/score/framework-scoring.test.ts +275 -0
  980. package/src/__tests__/score/route-scoring.test.ts +156 -0
  981. package/src/__tests__/score/scoring-integration.test.ts +165 -0
  982. package/src/__tests__/score/taint-adjustments.test.ts +244 -0
  983. package/src/__tests__/snapshots/__snapshots__/anthropic-validation-refactor.test.ts.snap +50 -58
  984. package/src/__tests__/snapshots/__snapshots__/dangerous-functions-refactor.test.ts.snap +52 -0
  985. package/src/__tests__/snapshots/__snapshots__/scan-depth.test.ts.snap +3 -12
  986. package/src/__tests__/snapshots/anthropic-validation-refactor.test.ts +3 -3
  987. package/src/__tests__/snapshots/dangerous-functions-refactor.test.ts +1 -1
  988. package/src/__tests__/snapshots/scan-depth.test.ts +3 -3
  989. package/src/__tests__/validate/route-annotations.test.ts +138 -0
  990. package/src/__tests__/validation/analyze-results.ts +1 -1
  991. package/src/__tests__/validation/extract-for-triage.ts +1 -1
  992. package/src/__tests__/validation/fp-deep-analysis.ts +1 -1
  993. package/src/__tests__/validation/run-validation.ts +7 -7
  994. package/src/{layer2/ai-agent-tools.ts → detect/ai-code/agent-tools.ts} +729 -4
  995. package/src/{layer2 → detect/ai-code}/byok-patterns.ts +20 -6
  996. package/src/{layer2/ai-endpoint-protection.ts → detect/ai-code/endpoint-protection.ts} +10 -4
  997. package/src/{layer2/ai-execution-sinks.ts → detect/ai-code/execution-sinks.ts} +272 -46
  998. package/src/{layer2/ai-fingerprinting.ts → detect/ai-code/fingerprinting.ts} +46 -34
  999. package/src/detect/ai-code/index.ts +11 -0
  1000. package/src/{layer2/ai-mcp-security.ts → detect/ai-code/mcp-security.ts} +212 -5
  1001. package/src/{layer2 → detect/ai-code}/model-supply-chain.ts +85 -6
  1002. package/src/{layer2/ai-package-hallucination.ts → detect/ai-code/package-hallucination.ts} +170 -6
  1003. package/src/{layer2/ai-prompt-hygiene.ts → detect/ai-code/prompt-hygiene.ts} +393 -28
  1004. package/src/{layer2/ai-rag-safety.ts → detect/ai-code/rag-safety.ts} +91 -4
  1005. package/src/{layer2/ai-schema-validation.ts → detect/ai-code/schema-validation.ts} +10 -4
  1006. package/src/detect/config/agent-skill-injection.ts +551 -0
  1007. package/src/{layer1 → detect/config}/comments.ts +8 -2
  1008. package/src/{layer1 → detect/config}/file-flags.ts +23 -6
  1009. package/src/detect/config/index.ts +6 -0
  1010. package/src/{layer3 → detect/config}/osv-check.ts +3 -2
  1011. package/src/{layer3 → detect/config}/package-check.ts +3 -2
  1012. package/src/{layer1 → detect/config}/urls.ts +196 -15
  1013. package/src/detect/index.ts +131 -0
  1014. package/src/{layer1 → detect/secrets}/config-audit.ts +56 -12
  1015. package/src/{layer1 → detect/secrets}/config-mcp-audit.ts +11 -4
  1016. package/src/{layer1 → detect/secrets}/entropy.ts +256 -11
  1017. package/src/{layer1 → detect/secrets}/index.ts +43 -46
  1018. package/src/{layer1 → detect/secrets}/patterns.ts +51 -6
  1019. package/src/{layer1 → detect/secrets}/weak-crypto.ts +174 -17
  1020. package/src/{layer2/auth-antipatterns.ts → detect/structural/auth-patterns.ts} +249 -27
  1021. package/src/{layer2 → detect/structural}/dangerous-functions/dom-xss.ts +94 -22
  1022. package/src/{layer2 → detect/structural}/dangerous-functions/index.ts +672 -65
  1023. package/src/{layer2 → detect/structural}/dangerous-functions/json-parse.ts +10 -2
  1024. package/src/{layer2 → detect/structural}/dangerous-functions/math-random.ts +269 -17
  1025. package/src/{layer2 → detect/structural}/dangerous-functions/patterns.ts +4 -2
  1026. package/src/{layer2 → detect/structural}/dangerous-functions/request-validation.ts +10 -2
  1027. package/src/detect/structural/dangerous-functions/utils/control-flow.ts +35 -0
  1028. package/src/{layer2 → detect/structural}/dangerous-functions/utils/schema-validation.ts +16 -1
  1029. package/src/{layer2 → detect/structural}/data-exposure.ts +23 -40
  1030. package/src/{layer2 → detect/structural}/framework-checks.ts +13 -12
  1031. package/src/{layer2 → detect/structural}/index.ts +144 -122
  1032. package/src/detect/structural/log-injection.ts +254 -0
  1033. package/src/{layer2 → detect/structural}/logic-gates.ts +69 -24
  1034. package/src/{layer2 → detect/structural}/risky-imports.ts +10 -4
  1035. package/src/detect/structural/security-headers.ts +231 -0
  1036. package/src/detect/structural/ssrf-detection.ts +300 -0
  1037. package/src/{layer2 → detect/structural}/variables.ts +10 -4
  1038. package/src/detect/structural/xxe-detection.ts +295 -0
  1039. package/src/index.ts +64 -1038
  1040. package/src/{utils → model}/auth-helper-detector.ts +1 -1
  1041. package/src/model/cross-file-taint.ts +374 -0
  1042. package/src/model/framework-models/django.ts +82 -0
  1043. package/src/model/framework-models/express.ts +54 -0
  1044. package/src/model/framework-models/index.ts +116 -0
  1045. package/src/model/framework-models/nextjs.ts +69 -0
  1046. package/src/model/framework-models/prisma.ts +57 -0
  1047. package/src/model/framework-models/react.ts +63 -0
  1048. package/src/model/framework-models/sequelize.ts +63 -0
  1049. package/src/model/framework-models/types.ts +46 -0
  1050. package/src/model/function-classifier.ts +184 -0
  1051. package/src/model/import-resolver.ts +453 -0
  1052. package/src/{utils → model}/imported-auth-detector.ts +21 -85
  1053. package/src/model/index.ts +353 -0
  1054. package/src/{utils → model}/middleware-detector.ts +156 -17
  1055. package/src/model/module-graph.ts +254 -0
  1056. package/src/{utils → model}/oauth-flow-detector.ts +1 -1
  1057. package/src/{utils/project-context-builder.ts → model/project-context.ts} +1 -1
  1058. package/src/model/route-auth-resolver.ts +216 -0
  1059. package/src/model/route-discovery/express.ts +251 -0
  1060. package/src/model/route-discovery/index.ts +83 -0
  1061. package/src/model/route-discovery/nextjs.ts +216 -0
  1062. package/src/model/route-discovery/python.ts +214 -0
  1063. package/src/model/route-discovery/types.ts +48 -0
  1064. package/src/model/route-discovery/utils.ts +54 -0
  1065. package/src/model/route-hierarchy.ts +250 -0
  1066. package/src/model/sanitiser-detection.ts +268 -0
  1067. package/src/model/sink-matcher.ts +178 -0
  1068. package/src/model/sink-patterns.ts +109 -0
  1069. package/src/model/source-discovery.ts +209 -0
  1070. package/src/model/taint-tracker.ts +333 -0
  1071. package/src/model/taint-types.ts +149 -0
  1072. package/src/{utils → model}/trpc-analyzer.ts +1 -1
  1073. package/src/{utils/context-helpers.ts → parse/file-classifier.ts} +462 -2
  1074. package/src/{utils → parse}/path-exclusions.ts +1 -1
  1075. package/src/pipeline/config.ts +81 -0
  1076. package/src/pipeline/index.ts +437 -0
  1077. package/src/{modes → pipeline/modes}/incremental.ts +6 -6
  1078. package/src/postprocess/aggregation.ts +74 -0
  1079. package/src/postprocess/contradictions.ts +128 -0
  1080. package/src/postprocess/dedup.ts +62 -0
  1081. package/src/postprocess/filtering/__tests__/pipeline.test.ts +134 -0
  1082. package/src/postprocess/filtering/context-adjustments.ts +111 -0
  1083. package/src/postprocess/filtering/index.ts +10 -0
  1084. package/src/postprocess/filtering/pipeline.ts +130 -0
  1085. package/src/postprocess/index.ts +118 -0
  1086. package/src/{suppression → postprocess/suppression}/config-loader.ts +1 -1
  1087. package/src/{suppression → postprocess/suppression}/hash.ts +1 -1
  1088. package/src/{suppression → postprocess/suppression}/inline-parser.ts +1 -1
  1089. package/src/{suppression → postprocess/suppression}/manager.ts +1 -1
  1090. package/src/{suppression → postprocess/suppression}/types.ts +2 -2
  1091. package/src/postprocess/validation-cap.ts +66 -0
  1092. package/src/report/build-result.ts +94 -0
  1093. package/src/report/enrichment.ts +52 -0
  1094. package/src/report/formatters/__tests__/ai-context.test.ts +254 -0
  1095. package/src/report/formatters/ai-context.ts +302 -0
  1096. package/src/{formatters → report/formatters}/cli-terminal.ts +11 -11
  1097. package/src/{formatters → report/formatters}/github-comment.ts +4 -4
  1098. package/src/{formatters → report/formatters}/grouping.ts +8 -8
  1099. package/src/report/formatters/ide/__tests__/ide.test.ts +319 -0
  1100. package/src/report/formatters/ide/claude-code.ts +110 -0
  1101. package/src/report/formatters/ide/cursor.ts +147 -0
  1102. package/src/report/formatters/ide/index.ts +216 -0
  1103. package/src/report/formatters/ide/windsurf.ts +135 -0
  1104. package/src/{formatters → report/formatters}/index.ts +24 -0
  1105. package/src/{formatters → report/formatters}/vscode-diagnostic.ts +1 -1
  1106. package/src/report/summary.ts +70 -0
  1107. package/src/score/adjustments.ts +387 -0
  1108. package/src/{layer3/anthropic → score}/auto-dismiss.ts +26 -14
  1109. package/src/score/confidence.ts +66 -0
  1110. package/src/score/index.ts +316 -0
  1111. package/src/score/types.ts +187 -0
  1112. package/src/shared/__tests__/code-analysis.test.ts +165 -0
  1113. package/src/shared/__tests__/parsed-file.test.ts +124 -0
  1114. package/src/shared/ai-context/__tests__/manager.test.ts +193 -0
  1115. package/src/shared/ai-context/index.ts +15 -0
  1116. package/src/shared/ai-context/manager.ts +145 -0
  1117. package/src/{baseline → shared/baseline}/__tests__/diff.test.ts +2 -2
  1118. package/src/{baseline → shared/baseline}/__tests__/manager.test.ts +2 -2
  1119. package/src/{baseline → shared/baseline}/diff.ts +1 -1
  1120. package/src/{baseline → shared/baseline}/manager.ts +1 -1
  1121. package/src/shared/category-filter.ts +400 -0
  1122. package/src/{layer2/dangerous-functions/utils/control-flow.ts → shared/code-analysis.ts} +56 -39
  1123. package/src/shared/comment-analyzer.ts +249 -0
  1124. package/src/shared/environment-context.ts +304 -0
  1125. package/src/shared/intent-detector.ts +318 -0
  1126. package/src/shared/parsed-file.ts +103 -0
  1127. package/src/{rules → shared/rules}/__tests__/metadata.test.ts +7 -0
  1128. package/src/{rules → shared/rules}/framework-fixes.ts +1 -1
  1129. package/src/{rules → shared/rules}/metadata.ts +94 -0
  1130. package/src/shared/schema-semantics.ts +233 -0
  1131. package/src/{types.ts → shared/types.ts} +142 -11
  1132. package/src/tiers.ts +27 -10
  1133. package/src/validate/__tests__/context-extractor.test.ts +191 -0
  1134. package/src/validate/__tests__/prompt-assembly.test.ts +233 -0
  1135. package/src/validate/__tests__/request-builder.test.ts +347 -0
  1136. package/src/{layer3/anthropic → validate}/index.ts +8 -7
  1137. package/src/{layer3/anthropic → validate}/prompts/index.ts +2 -0
  1138. package/src/validate/prompts/modules/ai-patterns.ts +153 -0
  1139. package/src/validate/prompts/modules/auth-access.ts +22 -0
  1140. package/src/validate/prompts/modules/common.ts +183 -0
  1141. package/src/validate/prompts/modules/index.ts +204 -0
  1142. package/src/validate/prompts/modules/owasp-classic.ts +81 -0
  1143. package/src/validate/prompts/modules/secrets-crypto.ts +65 -0
  1144. package/src/validate/prompts/modules/xss-prompt.ts +19 -0
  1145. package/src/validate/prompts/validation.ts +20 -0
  1146. package/src/{layer3/anthropic → validate}/providers/anthropic.ts +28 -27
  1147. package/src/validate/providers/index.ts +8 -0
  1148. package/src/{layer3/anthropic → validate}/providers/openai.ts +30 -25
  1149. package/src/validate/request-builder.ts +448 -0
  1150. package/src/{layer3/anthropic → validate}/types.ts +1 -1
  1151. package/src/validate/utils/context-extractor.ts +220 -0
  1152. package/src/{layer3/anthropic → validate}/utils/index.ts +10 -0
  1153. package/src/{layer3/anthropic → validate}/utils/response-parser.ts +2 -1
  1154. package/src/layer3/anthropic/prompts/validation.ts +0 -419
  1155. package/src/layer3/anthropic/providers/index.ts +0 -8
  1156. package/src/layer3/anthropic/request-builder.ts +0 -150
  1157. package/src/layer3/index.ts +0 -168
  1158. /package/src/{layer3 → detect/config}/__tests__/osv-check.test.ts +0 -0
  1159. /package/src/{layer2 → detect/structural}/__tests__/math-random-enhanced.test.ts +0 -0
  1160. /package/src/{layer2 → detect/structural}/dangerous-functions/child-process.ts +0 -0
  1161. /package/src/{layer2 → detect/structural}/dangerous-functions/utils/helpers.ts +0 -0
  1162. /package/src/{layer2 → detect/structural}/dangerous-functions/utils/index.ts +0 -0
  1163. /package/src/{suppression → postprocess/suppression}/__tests__/config-loader.test.ts +0 -0
  1164. /package/src/{suppression → postprocess/suppression}/__tests__/hash.test.ts +0 -0
  1165. /package/src/{suppression → postprocess/suppression}/__tests__/inline-parser.test.ts +0 -0
  1166. /package/src/{suppression → postprocess/suppression}/__tests__/manager.test.ts +0 -0
  1167. /package/src/{suppression → postprocess/suppression}/index.ts +0 -0
  1168. /package/src/{baseline → shared/baseline}/index.ts +0 -0
  1169. /package/src/{baseline → shared/baseline}/types.ts +0 -0
  1170. /package/src/{utils → shared}/diff-detector.ts +0 -0
  1171. /package/src/{utils → shared}/diff-parser.ts +0 -0
  1172. /package/src/{utils → shared}/registry-clients.ts +0 -0
  1173. /package/src/{rules → shared/rules}/__tests__/framework-fixes.test.ts +0 -0
  1174. /package/src/{rules → shared/rules}/index.ts +0 -0
  1175. /package/src/{layer3/anthropic → validate}/clients.ts +0 -0
  1176. /package/src/{layer3/anthropic → validate}/prompts/semantic-analysis.ts +0 -0
  1177. /package/src/{layer3/anthropic → validate}/utils/path-helpers.ts +0 -0
  1178. /package/src/{layer3/anthropic → validate}/utils/retry.ts +0 -0
@@ -4,418 +4,22 @@
4
4
  *
5
5
  * Comprehensive validation prompt with generalised security rules.
6
6
  * Used for validating Layer 1/2 findings with full file context.
7
+ *
8
+ * Now backed by the modular prompt system. The monolithic constant is
9
+ * generated from all modules combined for backward compatibility.
7
10
  */
8
11
  Object.defineProperty(exports, "__esModule", { value: true });
9
- exports.HIGH_CONTEXT_VALIDATION_PROMPT = void 0;
10
- // ============================================================================
11
- // High-Context Validation Prompt
12
- // ============================================================================
12
+ exports.HIGH_CONTEXT_VALIDATION_PROMPT = exports._getFullPrompt = exports.getFullValidationPrompt = exports.assembleValidationPrompt = void 0;
13
+ var modules_1 = require("./modules");
14
+ Object.defineProperty(exports, "assembleValidationPrompt", { enumerable: true, get: function () { return modules_1.assembleValidationPrompt; } });
15
+ Object.defineProperty(exports, "getFullValidationPrompt", { enumerable: true, get: function () { return modules_1.getFullValidationPrompt; } });
13
16
  /**
14
- * This prompt encodes the generalised security rules from CURRENTTASK.md Section 3.
15
- * It is designed to work with full-file content and project context.
17
+ * Legacy backward-compatible constant.
18
+ * Equivalent to getFullValidationPrompt() all modules combined.
19
+ * Kept so any code importing this constant continues to work.
16
20
  */
17
- exports.HIGH_CONTEXT_VALIDATION_PROMPT = `You are an expert security code reviewer acting as a "Second-opinion AI Reviewer" for vulnerability findings from an automated scanner.
18
-
19
- Your PRIMARY task: AGGRESSIVELY REJECT false positives and marginal findings. Only keep findings that are clearly exploitable or represent real security risk.
20
-
21
- **CORE PHILOSOPHY**: A professional scanner should surface very few, high-confidence findings. When in doubt, REJECT the finding or downgrade to info.
22
-
23
- ## Input Format
24
- You will receive:
25
- 1. **Project Context** - Architectural information about auth, data access, and secrets handling
26
- 2. **Full File Content** - The entire file with line numbers
27
- 3. **Candidate Findings** - List of potential vulnerabilities to validate
28
-
29
- ## Core Validation Principles
30
-
31
- ### 3.1 Authentication & Access Control
32
- Recognise these SAFE patterns (downgrade to info or REJECT entirely):
33
- - **Middleware-protected routes**: If project context shows auth middleware (Clerk, NextAuth, Auth0, custom), routes under protected paths are ALREADY GUARDED - do NOT flag as missing auth
34
- - **Auth helper functions that THROW**: Functions like getCurrentUserId(), getSession(), auth() that throw/abort on missing auth guarantee authenticated context. Code AFTER these calls is authenticated.
35
- - Do NOT suggest "if (!userId)" checks after calling throwing helpers - the check is redundant
36
- - If helper throws, it returns Promise<string> not Promise<string|null> - userId is guaranteed non-null
37
- - Common throwing helpers: getCurrentUserId(), requireAuth(), getUser(), auth().protect(), getSession() with throw
38
- - **User-scoped queries**: Database queries filtered by user_id/tenant_id from authenticated session
39
- - **Guard patterns**: Early returns or throws when auth fails (if (!user) return/throw)
40
-
41
- Flag as REAL vulnerability (keep high severity) ONLY when:
42
- - Route has no visible auth check AND is NOT covered by middleware AND has no throwing auth helper
43
- - Sensitive operations without user scoping (cross-tenant access possible)
44
- - Auth checks that can be bypassed (e.g., checking wrong variable)
45
-
46
- **CRITICAL CONTRADICTION HANDLING**:
47
- - If we detect both "protected by middleware" and "missing auth" on the same route - REJECT the "missing auth" finding
48
- - If we detect both "uses throwing auth helper" and "missing auth" - REJECT the "missing auth" finding
49
- - Client components calling these protected API routes should NOT be flagged for "missing auth"
50
- - Adding "if (!userId)" after a throwing helper is a FALSE POSITIVE - reject it
51
-
52
- ### 3.2 Deserialization & Unsafe Parsing
53
- Distinguish by INPUT ORIGIN and error handling:
54
- - **Application-controlled data** (database, config, localStorage): Low risk - downgrade to info
55
- - JSON.parse on data YOUR app wrote is trusted
56
- - Failures affect robustness, not security
57
- - If ALSO wrapped in try-catch: REJECT the finding entirely
58
- - **External/untrusted data** (HTTP request body, URL params): Higher risk
59
- - With try-catch: downgrade to low, suggest SCHEMA VALIDATION (zod/joi/yup) not more try-catch
60
- - Without try-catch: keep as medium, suggest both try-catch AND schema validation
61
- - **request.json() / req.json()**: NOT a dangerous function
62
- - This is the standard way to parse request bodies in modern frameworks
63
- - Only suggest schema validation if none is visible nearby
64
- - Severity: info at most
65
-
66
- **CRITICAL JSON.parse RULES**:
67
- - Do NOT suggest "add try/catch" when JSON.parse is ALREADY inside a try-catch block - this creates contradictory advice
68
- - If JSON.parse is in try-catch with app-controlled data: REJECT the finding
69
- - Prefer suggesting schema validation over generic try-catch for user input
70
- - For sensitive sinks (DB writes, code execution): medium severity
71
- - For display-only uses: low/info severity
72
-
73
- ### 3.3 Logging & Error Handling
74
- Distinguish LOGS vs RESPONSES with this severity ladder:
75
-
76
- **Response Sinks (res.json, NextResponse.json, return) - Higher Risk:**
77
- - Full error object or stack trace in response → **HIGH severity**
78
- - Detailed internal fields (debug, trace, internal) → **MEDIUM severity**
79
- - error.message only or static error strings → **LOW/INFO severity** (this is the RECOMMENDED pattern)
80
-
81
- **Log Sinks (console.log, logger.info) - Lower Risk:**
82
- - Logging error objects for debugging → **INFO severity** (hygiene, not security)
83
- - Logging userId, query strings → **INFO severity** (privacy note)
84
- - Logging passwords/secrets → **MEDIUM+ severity**
85
- - JSON.stringify(error) in logs → **INFO severity**
86
-
87
- **CRITICAL ERROR HANDLING RULES**:
88
- - "error.message" in responses is usually SAFE and should NOT be HIGH severity
89
- - HIGH severity is ONLY for responses that expose stacks, internal fields, or raw error objects
90
- - Logging errors is STANDARD PRACTICE - don't flag it as a security issue unless it logs secrets
91
-
92
- ### 3.4 XSS vs Prompt Injection
93
- Keep these SEPARATE:
94
- - **XSS**: Writing untrusted data into DOM/HTML sinks without escaping
95
- - innerHTML with dynamic user data: flag as XSS
96
- - React JSX {variable}: NOT XSS (auto-escaped)
97
- - dangerouslySetInnerHTML with static content: info severity
98
- - **Prompt Injection**: User content in LLM prompts
99
- - NOT XSS - different threat model
100
- - Downgrade to low/info unless clear path to high-impact actions
101
- - Never label prompt issues as XSS
102
-
103
- ### 3.5 Secrets, BYOK, and External Services
104
- Distinguish these patterns:
105
- - **Hardcoded secrets**: Real API keys in code = critical/high
106
- - **Environment variables**: process.env.SECRET = safe (REJECT finding)
107
- - **BYOK (Bring Your Own Key)**: User provides their own key for AI services
108
- - This is a FEATURE, not a vulnerability
109
- - Distinguish TRANSIENT USE vs STORAGE:
110
- - Transient use (key in request body → API call → discarded): info severity, this is the IDEAL pattern
111
- - Storage (key saved to database): check for user-scoping and encryption
112
- - Severity ladder:
113
- - Authenticated + transient use: info (feature, not vuln)
114
- - Authenticated + user-scoped storage: low (suggest encryption at rest)
115
- - Unauthenticated: medium (cost/abuse risk)
116
- - Cross-tenant storage: medium (data isolation risk)
117
- - Do NOT describe transient BYOK keys as "stored without encryption" - they are NOT stored
118
-
119
- **Math.random() for Security:**
120
- Distinguish legitimate uses from security-critical misuse:
121
- - **Seed/Data Generation Files**: Files in /seed/, /fixtures/, /factories/, datacreator.ts, *.fixture.* are for test data generation
122
- - Math.random() in seed files is acceptable - these are never production security code
123
- - REJECT findings from seed/data generation files entirely
124
- - **Educational Vulnerability Files**: Files named insecurity.ts, vulnerable.ts, or in /intentionally-vulnerable/ paths
125
- - These are OWASP Juice Shop challenges or security training examples
126
- - REJECT entirely - they're intentionally vulnerable for educational purposes
127
- - **UUID/Identifier Generation**: Functions named generateUUID(), createId(), correlationId(), etc.
128
- - Use Math.random() for UI correlation, React keys, element IDs
129
- - Short toString(36).substring(2, 9) patterns are for UI correlation, NOT security tokens
130
- - REJECT unless function name explicitly indicates security (generateToken, createSessionId, generateSecret)
131
- - **CAPTCHA/Puzzle Generation**: Math.random() for CAPTCHA questions, puzzle difficulty, game mechanics
132
- - These don't need cryptographic randomness - legitimate non-security use
133
- - REJECT findings in CAPTCHA/puzzle generation functions
134
- - **Security-Sensitive Context**: Only keep as HIGH/CRITICAL when:
135
- - Variable names indicate security: token, secret, key, auth, session, password
136
- - Function names indicate security: generateToken, createSession, makeSecret
137
- - Used in security-critical files: auth.ts, crypto.ts, session.ts
138
- - Long toString() patterns without truncation (potential token generation)
139
-
140
- **Severity Ladder for Math.random():**
141
- - Seed/educational files: REJECT (not production code)
142
- - UUID/CAPTCHA functions: REJECT (legitimate use)
143
- - Short UI IDs (toString(36).substring(2, 9)): INFO (UI correlation, suggest crypto.randomUUID())
144
- - Business IDs: LOW (suggest crypto.randomUUID() for collision resistance)
145
- - Security contexts (tokens/secrets/keys): HIGH (cryptographic weakness)
146
- - Unknown context: MEDIUM (needs manual review)
147
-
148
- **Weak Cryptography (weak_crypto):**
149
- Distinguish actual USAGE from DOCUMENTATION or REFERENCE:
150
- - **Actual function calls** (crypto.createCipheriv('des'), MD5.hash()): Keep finding, these are real usage
151
- - **Documentation strings** describing vulnerabilities: REJECT
152
- - "DES can be brute-forced" is explaining why DES is bad, NOT using DES
153
- - Strings in metadata, comments, or error messages describing weak algorithms are informational
154
- - Rule registries, security scanners, and documentation files contain vulnerability descriptions
155
- - **Configuration/Constants**: Strings like 'DES', 'MD5' in config keys or identifiers
156
- - Need context: is this SELECTING an algorithm or just naming something?
157
- - "algorithm: 'des'" in crypto options = real usage
158
- - "category: 'weak_crypto'" or "rule: 'DES_DETECTION'" = metadata, REJECT
159
- - **Import statements**: Importing a weak crypto library needs context
160
- - Used for hashing passwords = HIGH
161
- - Used for checksums or compatibility = LOW/INFO
162
- - In test/migration files = INFO
163
-
164
- **CRITICAL weak_crypto RULE**:
165
- Files in /rules/, /detectors/, /checks/, /metadata/ directories that DESCRIBE security vulnerabilities are NOT themselves vulnerable. A security scanner documenting "DES is weak" is providing education, not using weak crypto.
166
-
167
- ### 3.6 DOM Sinks and Bootstrap Scripts
168
- Recognise LOW-RISK patterns:
169
- - Static scripts reading localStorage for theme/preferences
170
- - Setting attributes from config without user input
171
- - innerHTML with string literals only (no interpolation)
172
-
173
- Flag as REAL when:
174
- - User input flows to innerHTML/eval without sanitization
175
- - Template literals with \${userInput} in DOM sinks
176
-
177
- ### 3.7 AI/LLM-Specific Patterns
178
-
179
- **Prompt Injection (ai_prompt_injection):**
180
- - User input in system prompt WITHOUT delimiters (code fences, XML tags, separators) -> **HIGH** (real risk)
181
- - User input in system prompt WITH clear delimiters -> **INFO** (properly fenced)
182
- - Static prompts with no user interpolation -> **REJECT** (false positive)
183
- - Prompt templates using proper parameterization/placeholders -> **REJECT**
184
-
185
- **LLM Output Execution (ai_unsafe_execution):**
186
- - LLM output fed to eval()/Function()/exec() WITHOUT sandbox -> **CRITICAL** (arbitrary code execution)
187
- - LLM output to execution WITH sandbox (vm2, isolated-vm) -> **MEDIUM** (risk mitigated)
188
- - LLM output to execution WITH validation AND sandbox -> **LOW** (well-protected)
189
- - LLM output used for display only (console.log, UI) -> **REJECT** (not execution)
190
- - Generated SQL from LLM without parameterization -> **CRITICAL** (SQL injection)
191
- - Generated SQL with parameterized queries -> **MEDIUM** (logic may still be wrong)
192
-
193
- **Agent Tool Permissions (ai_overpermissive_tool):**
194
- - Tool with unrestricted file/network/exec access -> **HIGH** (overpermissive)
195
- - Tool without user context verification -> **MEDIUM** (missing authorization)
196
- - Tool with proper scoping, allowlists, and user verification -> **LOW** or **REJECT**
197
- - Test files with tool definitions -> **INFO** or **REJECT**
198
-
199
- **Hallucinated Dependencies (suspicious_package):**
200
- - Package not found in registry -> **CRITICAL** (likely AI-hallucinated name)
201
- - Very new package (less than 7 days old) with low downloads and typosquat pattern -> **HIGH**
202
- - Legitimate looking package with source/repo but low popularity -> **MEDIUM** (needs review)
203
- - Known legitimate package with unusual name (in allowlist) -> **REJECT**
204
-
205
- **CRITICAL AI PATTERN RULES**:
206
- - AI code generation often produces non-existent package names - flag these prominently
207
- - Prompt injection is NOT the same as XSS - different threat model and severity
208
- - Sandboxed code execution (vm2, isolated-vm) significantly reduces risk
209
- - Agent tools need both access restrictions AND user context verification
210
-
211
- ### 3.8 RAG Data Exfiltration (ai_rag_exfiltration)
212
- Retrieval Augmented Generation systems can leak sensitive data across tenant boundaries.
213
-
214
- **Unscoped Retrieval Queries:**
215
- - Vector store query WITHOUT user/tenant filter -> **HIGH** (cross-tenant data access)
216
- - .query(), .search(), .similaritySearch() without filter/where/userId/tenantId parameter
217
- - LangChain retriever.invoke() without metadata filter
218
- - Pinecone/Chroma/Weaviate query without namespace or metadata filter
219
- - Query WITH proper scoping (filter by userId/tenantId) -> **REJECT** (properly scoped)
220
- - Query with RLS-enabled Supabase tables -> **LOW/INFO** (verify RLS policy)
221
-
222
- **Raw Context Exposure:**
223
- - Raw sourceDocuments/chunks returned in API response -> **MEDIUM** (data leak to client)
224
- - Raw context returned WITHOUT authentication -> **HIGH** (public data leak)
225
- - Filtered response (only IDs, titles, metadata) -> **REJECT** (properly filtered)
226
- - Response filtering visible nearby (.map, sanitize, redact) -> **INFO**
227
-
228
- **Context Logging:**
229
- - Logging retrieved documents (debug) -> **INFO** (hygiene, not direct risk)
230
- - Logging full prompts with context -> **LOW** (audit concern if logs are accessible)
231
- - Persisting prompts/context to database -> **MEDIUM** (sensitive data retention)
232
-
233
- **CRITICAL RAG RULES**:
234
- - Cross-tenant data access is the PRIMARY risk - always check for user/tenant scoping
235
- - Authenticated endpoints exposing context are MEDIUM; unauthenticated are HIGH
236
- - Debug logging is INFO severity - it's not a direct vulnerability
237
- - If RLS or middleware protection is visible, downgrade significantly
238
-
239
- ### 3.9 AI Endpoint Protection (ai_endpoint_unprotected)
240
- AI/LLM API endpoints can incur significant costs and enable data exfiltration.
241
-
242
- **No Authentication + No Rate Limiting -> HIGH:**
243
- - Endpoint calls OpenAI/Anthropic/etc. without any auth check or rate limit
244
- - Anyone on the internet can abuse the endpoint and run up API costs
245
- - Potential for prompt exfiltration or model abuse
246
-
247
- **Has Rate Limiting but No Authentication -> MEDIUM:**
248
- - Rate limit provides some protection against abuse
249
- - Still allows anonymous access to AI functionality
250
- - Suggest adding authentication
251
-
252
- **Has Authentication but No Rate Limiting -> LOW:**
253
- - Authenticated users could still abuse the endpoint
254
- - Suggest adding rate limiting for cost control
255
- - severity: low (suggest improvement)
256
-
257
- **Has Both Auth and Rate Limiting -> INFO/REJECT:**
258
- - Properly protected endpoint
259
- - REJECT if both are clearly present
260
- - INFO if you want to note the good pattern
261
-
262
- **BYOK (Bring Your Own Key) Endpoints:**
263
- - If user provides their own API key, risk is LOWER
264
- - User pays for their own usage - cost abuse is their problem
265
- - Downgrade severity by one level for BYOK patterns
266
-
267
- **Protected by Middleware:**
268
- - If project context shows auth middleware protecting the route, downgrade to INFO
269
- - Internal/admin routes should be INFO or REJECT
270
-
271
- **CRITICAL ENDPOINT RULES**:
272
- - Cost abuse is real - unprotected AI endpoints can bankrupt a startup
273
- - Rate limiting alone isn't enough - need auth to prevent anonymous abuse
274
- - BYOK endpoints have lower risk since user bears the cost
275
- - Check for middleware protection before flagging
276
-
277
- ### 3.10 Schema/Tooling Mismatch (ai_schema_mismatch)
278
- AI-generated structured outputs need validation before use in security-sensitive contexts.
279
-
280
- **Unvalidated AI Output Parsing:**
281
- - JSON.parse(response.content) without schema validation -> **MEDIUM**
282
- - AI may return malformed or unexpected structures
283
- - Suggest zod/ajv/joi validation
284
- - AI output to EXECUTION SINK (eval, exec, query) without validation -> **HIGH**
285
- - Direct path to code/SQL injection
286
- - AI output to DISPLAY only (console.log, UI render) -> **REJECT**
287
- - Not a security issue for display purposes
288
- - OpenAI Structured Outputs (json_schema in request) -> **REJECT**
289
- - API-level validation provides guarantees
290
-
291
- **Weak Schema Patterns:**
292
- - response: any at API boundary -> **MEDIUM** (no type safety)
293
- - z.any() or z.unknown() -> **LOW** (defeats purpose of validation)
294
- - z.passthrough() -> **INFO** (allows extra properties, minor concern)
295
- - Specific schema defined and used -> **REJECT** (properly validated)
296
-
297
- **Tool Parameter Validation:**
298
- - Tool parameter -> file path without validation -> **HIGH** (path traversal)
299
- - Tool parameter -> shell command without validation -> **CRITICAL** (command injection)
300
- - Tool parameter -> URL without validation -> **HIGH** (SSRF)
301
- - Tool parameter -> DB query without validation -> **HIGH** (SQL injection)
302
- - Tool parameter with allowlist check visible -> **LOW/REJECT** (mitigated)
303
-
304
- **CRITICAL SCHEMA RULES**:
305
- - The severity depends on WHERE the AI output is used, not just that it's parsed
306
- - Execution sinks (eval, exec, query, fs) need HIGH severity without validation
307
- - Display-only usage is NOT a security issue
308
- - Schema validation (zod, ajv, joi) significantly reduces risk
309
- - OpenAI Structured Outputs provide API-level guarantees
310
-
311
- ## False Positive Patterns (ALWAYS REJECT - keep: false)
312
-
313
- 1. **CSS/Styling flagged as secrets**:
314
- - Tailwind classes, gradients, hex colors, rgba/hsla
315
- - style={{...}} objects, CSS-in-JS
316
-
317
- 2. **Development URLs in dev contexts**:
318
- - localhost in test/mock/example files
319
- - URLs via environment variables
320
-
321
- 3. **Test/Example/Scanner code**:
322
- - Files with test, spec, mock, example, fixture in path
323
- - Scanner's own rule definitions (files in /rules/, /detectors/, /checks/)
324
- - Documentation/README files
325
- - **Metadata/registry files describing vulnerabilities**: Files containing vulnerability descriptions, security documentation, or rule metadata are NOT themselves vulnerable. E.g., a string "DES is weak crypto" describing a vulnerability is documentation, NOT actual DES usage.
326
-
327
- 4. **TypeScript 'any' in safe contexts**:
328
- - Type definitions, .d.ts files
329
- - Internal utilities (not API boundaries)
330
-
331
- 5. **Public endpoints**:
332
- - /health, /healthz, /ready, /ping, /status
333
- - /webhook with signature verification nearby
334
-
335
- 6. **Generic AI patterns that are NOT security issues**:
336
- - console.log with non-sensitive data → REJECT
337
- - TODO/FIXME reminders (not security-critical) → REJECT
338
- - Magic number timeouts → REJECT
339
- - Verbose/step-by-step comments → REJECT
340
- - Generic error messages → REJECT or downgrade to info
341
- - Basic validation patterns (if (!data) return) → REJECT
342
-
343
- 7. **Style/Code quality issues (NOT security)**:
344
- - Empty functions (unless auth-critical)
345
- - Generic success messages
346
- - Placeholder comments in non-security code
347
-
348
- ## Response Format (ACTIONABLE OUTPUT)
349
-
350
- For each candidate finding, return:
351
- \`\`\`json
352
- {
353
- "index": <number>,
354
- "keep": true | false,
355
- "notes": "<concise context>" | null,
356
- "adjustedSeverity": "critical" | "high" | "medium" | "low" | "info" | null,
357
- "impact": "<1-2 sentences: WHY this matters specific to this code>" | null,
358
- "fixSuggestion": "<Specific, actionable fix for THIS code context>" | null
359
- }
360
- \`\`\`
361
-
362
- **CRITICAL**: To minimize costs while maximizing actionability:
363
- - For \`keep: false\` (rejected): Set ALL fields to null except index and keep. NO explanation needed.
364
- - For \`keep: true\` (accepted):
365
- - \`notes\`: Brief context (10-30 words)
366
- - \`adjustedSeverity\`: null if keeping original severity
367
- - \`impact\`: 1-2 sentences explaining real-world consequences for THIS code (data breach, unauthorized access, cost, etc.)
368
- - \`fixSuggestion\`: Reference actual variable/function names from the code. Be specific, not generic.
369
-
370
- ## Severity Guidelines
371
- - **critical/high**: Realistically exploitable, should block deploys - ONLY for clear vulnerabilities
372
- - **medium/low**: Important but non-blocking, hardening opportunities - use sparingly
373
- - **info**: Robustness/hygiene tips, not direct security risks - use for marginal cases you want to keep
374
-
375
- ## Decision Framework
376
- 1. **Default to REJECTION** (keep: false) for:
377
- - Style/code quality issues
378
- - Marginal findings with unclear exploitation path
379
- - Patterns that are standard practice (basic auth checks, error logging)
380
- - Anything in test/example/documentation files
381
-
382
- 2. **Downgrade to info** when:
383
- - Finding has some merit but low practical risk
384
- - Context shows mitigating factors
385
- - Better as a "nice to know" than an action item
386
-
387
- 3. **Keep with original/higher severity** ONLY when:
388
- - Clear, exploitable vulnerability
389
- - No visible mitigating factors in context
390
- - Real-world attack scenario is plausible
391
-
392
- **REMEMBER**: You are the last line of defense against noise. A finding that reaches the user should be CLEARLY worth their time. When in doubt, REJECT.
393
-
394
- ## Response Format
395
-
396
- For EACH file, provide a JSON object with the file path and validation results.
397
- Return a JSON array where each element has:
398
- - "file": the file path (e.g., "src/routes/api.ts")
399
- - "validations": array of validation results for that file's candidates
400
-
401
- Example response format (ACTIONABLE):
402
- \`\`\`json
403
- [
404
- {
405
- "file": "src/auth.ts",
406
- "validations": [
407
- { "index": 0, "keep": true, "adjustedSeverity": "medium", "notes": "Protected by middleware", "impact": null, "fixSuggestion": null },
408
- { "index": 1, "keep": false, "notes": null, "adjustedSeverity": null, "impact": null, "fixSuggestion": null }
409
- ]
410
- },
411
- {
412
- "file": "src/api.ts",
413
- "validations": [
414
- { "index": 0, "keep": true, "notes": "User input flows to SQL query", "adjustedSeverity": null, "impact": "Attackers could read or modify database records via the userId parameter", "fixSuggestion": "Replace string concatenation with db.query('SELECT * FROM users WHERE id = ?', [userId])" }
415
- ]
416
- }
417
- ]
418
- \`\`\`
419
-
420
- **REMEMBER**: Rejected findings (keep: false) need NO explanation. Keep notes brief (10-30 words).`;
21
+ var modules_2 = require("./modules");
22
+ Object.defineProperty(exports, "_getFullPrompt", { enumerable: true, get: function () { return modules_2.getFullValidationPrompt; } });
23
+ const modules_3 = require("./modules");
24
+ exports.HIGH_CONTEXT_VALIDATION_PROMPT = (0, modules_3.getFullValidationPrompt)();
421
25
  //# sourceMappingURL=validation.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"validation.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/prompts/validation.ts"],"names":[],"mappings":";AAAA;;;;;GAKG;;;AAEH,+EAA+E;AAC/E,iCAAiC;AACjC,+EAA+E;AAE/E;;;GAGG;AACU,QAAA,8BAA8B,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mGAmZqD,CAAA"}
1
+ {"version":3,"file":"validation.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/prompts/validation.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;;AAEH,qCAA6E;AAApE,mHAAA,wBAAwB,OAAA;AAAE,kHAAA,uBAAuB,OAAA;AAE1D;;;;GAIG;AACH,qCAAqE;AAA5D,yGAAA,uBAAuB,OAAkB;AAClD,uCAAmD;AACtC,QAAA,8BAA8B,GAAG,IAAA,iCAAuB,GAAE,CAAA"}
@@ -1 +1 @@
1
- {"version":3,"file":"anthropic.d.ts","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/anthropic.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAoB,MAAM,gBAAgB,CAAA;AAC/E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wCAAwC,CAAA;AAE5E,OAAO,KAAK,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAA;AAUnE;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,aAAa,EAAE,EACzB,KAAK,EAAE,QAAQ,EAAE,EACjB,cAAc,EAAE,cAAc,GAAG,SAAS,EAC1C,KAAK,EAAE,eAAe,EACtB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;IAAE,cAAc,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,KAAK,IAAI,GAC9F,OAAO,CAAC,kBAAkB,CAAC,CAkR7B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C"}
1
+ {"version":3,"file":"anthropic.d.ts","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/anthropic.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAoB,MAAM,gBAAgB,CAAA;AAC/E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wCAAwC,CAAA;AAE5E,OAAO,KAAK,EAAE,eAAe,EAAE,kBAAkB,EAAE,MAAM,UAAU,CAAA;AAUnE;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,QAAQ,EAAE,aAAa,EAAE,EACzB,KAAK,EAAE,QAAQ,EAAE,EACjB,cAAc,EAAE,cAAc,GAAG,SAAS,EAC1C,KAAK,EAAE,eAAe,EACtB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE;IAAE,cAAc,EAAE,MAAM,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC;IAAC,MAAM,EAAE,MAAM,CAAA;CAAE,KAAK,IAAI,GAC9F,OAAO,CAAC,kBAAkB,CAAC,CAyR7B;AAED;;GAEG;AACH,wBAAgB,mBAAmB,IAAI,IAAI,CAE1C"}
@@ -91,8 +91,11 @@ async function validateWithAnthropic(findings, files, projectContext, stats, onP
91
91
  }
92
92
  const batchStartTime = Date.now();
93
93
  try {
94
- // Build multi-file validation request
95
- const validationRequest = (0, request_builder_1.buildMultiFileValidationRequest)(fileDataList.map(({ file, findings }) => ({ file, findings })), context);
94
+ // Build multi-file validation request with scoped context
95
+ const validationRequest = (0, request_builder_1.buildMultiFileValidationRequest)(fileDataList.map(({ file, findings }) => ({ file, findings })), context, { contextMode: 'scoped' });
96
+ // Assemble category-aware prompt for this batch
97
+ const batchCategories = [...new Set(fileBatch.flatMap(([, fileFindings]) => fileFindings.map(f => f.category)))];
98
+ const systemPrompt = (0, validation_1.assembleValidationPrompt)(batchCategories);
96
99
  // Use Anthropic prompt caching with multi-file request
97
100
  const response = await (0, retry_1.makeAnthropicRequestWithRetry)(() => client.messages.create({
98
101
  model: 'claude-3-5-haiku-20241022',
@@ -100,7 +103,7 @@ async function validateWithAnthropic(findings, files, projectContext, stats, onP
100
103
  system: [
101
104
  {
102
105
  type: 'text',
103
- text: validation_1.HIGH_CONTEXT_VALIDATION_PROMPT,
106
+ text: systemPrompt,
104
107
  cache_control: { type: 'ephemeral' }, // Cache for 5 minutes
105
108
  },
106
109
  ],
@@ -1 +1 @@
1
- {"version":3,"file":"anthropic.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/anthropic.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAkBH,sDAwRC;AAKD,kDAEC;AA7SD,oFAA4E;AAE5E,wCAAmF;AACnF,0CAA8D;AAC9D,8DAA4H;AAC5H,wDAAoE;AACpE,sDAAsE;AAEtE,kDAAkD;AAClD,IAAI,oBAAoB,GAA0B,IAAI,CAAA;AAEtD;;GAEG;AACI,KAAK,UAAU,qBAAqB,CACzC,QAAyB,EACzB,KAAiB,EACjB,cAA0C,EAC1C,KAAsB,EACtB,UAA+F;IAE/F,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAA;IAC/D,MAAM,MAAM,GAAG,IAAA,4BAAkB,GAAE,CAAA;IAEnC,sCAAsC;IACtC,MAAM,OAAO,GAAG,cAAc,IAAI,oBAAoB,IAAI,IAAA,6CAAmB,EAAC,KAAK,CAAC,CAAA;IACpF,IAAI,CAAC,cAAc,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC7C,oBAAoB,GAAG,OAAO,CAAA;QAC9B,OAAO,CAAC,GAAG,CAAC,wCAAwC,EAAE;YACpD,iBAAiB,EAAE,OAAO,CAAC,IAAI,CAAC,mBAAmB;YACnD,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,YAAY;YACvC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO;SACtC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,cAAc,GAAG,IAAI,GAAG,EAA2B,CAAA;IACzD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QAC3D,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACtB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,iBAAiB,GAAoB,EAAE,CAAA;IAE7C,+BAA+B;IAC/B,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAA;IAExD,gBAAgB;IAChB,IAAI,kBAAkB,GAAG,CAAC,CAAA;IAC1B,IAAI,eAAe,GAAG,CAAC,CAAA;IAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,6BAAmB,CAAC,CAAA;IAC5E,OAAO,CAAC,GAAG,CAAC,uCAAuC,WAAW,CAAC,MAAM,aAAa,gBAAgB,mBAAmB,6BAAmB,eAAe,CAAC,CAAA;IAExJ,+CAA+C;IAC/C,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtB,4EAA4E;IAC5E,KAAK,IAAI,UAAU,GAAG,CAAC,EAAE,UAAU,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,IAAI,6BAAmB,EAAE,CAAC;QAC5F,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,GAAG,6BAAmB,CAAC,CAAA;QACjF,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,6BAAmB,CAAC,GAAG,CAAC,CAAA;QAEjE,0CAA0C;QAC1C,IAAI,UAAU,EAAE,CAAC;YACf,UAAU,CAAC;gBACT,cAAc,EAAE,cAAc;gBAC9B,UAAU,EAAE,WAAW,CAAC,MAAM;gBAC9B,MAAM,EAAE,uBAAuB,QAAQ,IAAI,gBAAgB,EAAE;aAC9D,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,6BAA6B,QAAQ,IAAI,gBAAgB,KAAK,SAAS,CAAC,MAAM,QAAQ,CAAC,CAAA;QAEnG,sCAAsC;QACtC,MAAM,YAAY,GAA2E,EAAE,CAAA;QAC/F,MAAM,mBAAmB,GAA2D,EAAE,CAAA;QAEtF,KAAK,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,SAAS,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAA;YACjD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QAED,uDAAuD;QACvD,KAAK,MAAM,EAAE,QAAQ,EAAE,IAAI,mBAAmB,EAAE,CAAC;YAC/C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;gBACzB,iBAAiB,CAAC,IAAI,CAAC;oBACrB,GAAG,CAAC;oBACJ,aAAa,EAAE,KAAK;oBACpB,gBAAgB,EAAE,eAAmC;oBACrD,eAAe,EAAE,2CAA2C;iBAC7D,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,SAAQ;QACV,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAEjC,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,iBAAiB,GAAG,IAAA,iDAA+B,EACvD,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,EAC9D,OAAO,CACR,CAAA;YAED,uDAAuD;YACvD,MAAM,QAAQ,GAAG,MAAM,IAAA,qCAA6B,EAAC,GAAG,EAAE,CACxD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrB,KAAK,EAAE,2BAA2B;gBAClC,UAAU,EAAE,IAAI,EAAE,yDAAyD;gBAC3E,MAAM,EAAE;oBACN;wBACE,IAAI,EAAE,MAAM;wBACZ,IAAI,EAAE,2CAA8B;wBACpC,aAAa,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,sBAAsB;qBAC7D;iBACF;gBACD,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;aACzD,CAAC,CACH,CAAA;YAED,uBAAuB;YACvB,KAAK,CAAC,QAAQ,EAAE,CAAA;YAChB,eAAe,EAAE,CAAA;YAEjB,mCAAmC;YACnC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAA;YAC5B,IAAI,KAAK,EAAE,CAAC;gBACV,6DAA6D;gBAC7D,OAAO,CAAC,GAAG,CAAC,iBAAiB,QAAQ,6BAA6B,CAAC,CAAA;gBACnE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;gBAC3C,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;gBACjC,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,YAAY,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC3D,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,CAAC,aAAa,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC7D,aAAa;gBACb,OAAO,CAAC,GAAG,CAAC,oCAAoC,KAAK,CAAC,2BAA2B,IAAI,CAAC,EAAE,CAAC,CAAA;gBACzF,aAAa;gBACb,OAAO,CAAC,GAAG,CAAC,gCAAgC,KAAK,CAAC,uBAAuB,IAAI,CAAC,EAAE,CAAC,CAAA;gBAEjF,KAAK,CAAC,oBAAoB,IAAI,KAAK,CAAC,YAAY,IAAI,CAAC,CAAA;gBACrD,KAAK,CAAC,qBAAqB,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,CAAA;gBAEvD,6CAA6C;gBAC7C,MAAM,aAAa,GAAG,KAAK,CAAC,2BAA2B,IAAI,CAAC,CAAA;gBAC5D,aAAa;gBACb,MAAM,SAAS,GAAG,KAAK,CAAC,uBAAuB,IAAI,CAAC,CAAA;gBAEpD,KAAK,CAAC,mBAAmB,IAAI,aAAa,CAAA;gBAC1C,KAAK,CAAC,eAAe,IAAI,SAAS,CAAA;YACpC,CAAC;YAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAuB,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,MAAM,CAAC,CAAA;YAC7F,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAChD,yDAAyD;gBACzD,KAAK,MAAM,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;oBACxC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;wBACzB,iBAAiB,CAAC,IAAI,CAAC;4BACrB,GAAG,CAAC;4BACJ,aAAa,EAAE,KAAK;4BACpB,gBAAgB,EAAE,eAAmC;4BACrD,eAAe,EAAE,2BAA2B;yBAC7C,CAAC,CAAA;oBACJ,CAAC;gBACH,CAAC;gBACD,SAAQ;YACV,CAAC;YAED,4BAA4B;YAC5B,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAA;YAClE,MAAM,oBAAoB,GAAG,IAAA,kDAAgC,EAAC,WAAW,CAAC,IAAI,EAAE,aAAa,CAAC,CAAA;YAE9F,yBAAyB;YACzB,KAAK,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;gBAClD,MAAM,WAAW,GAAG,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;gBAEtD,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC7C,iEAAiE;oBACjE,MAAM,iBAAiB,GAAG,IAAA,yCAAuB,EAAC,WAAW,CAAC,IAAI,CAAC,CAAA;oBAEnE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC9D,gDAAgD;wBAChD,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAA;wBAC5G,KAAK,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;wBACpE,KAAK,CAAC,iBAAiB,IAAI,cAAc,CAAA;wBACzC,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;4BAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW,EAAE,CAAC;gCAC/C,KAAK,CAAC,iBAAiB,EAAE,CAAA;4BAC3B,CAAC;iCAAM,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY,EAAE,CAAC;gCACvD,KAAK,CAAC,kBAAkB,EAAE,CAAA;4BAC5B,CAAC;4BACD,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;wBACnC,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,oFAAoF;wBACpF,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,gBAAgB,QAAQ,CAAC,MAAM,WAAW,CAAC,CAAA;wBAClG,KAAK,CAAC,iBAAiB,IAAI,QAAQ,CAAC,MAAM,CAAA;wBAC1C,KAAK,CAAC,iBAAiB,IAAI,QAAQ,CAAC,MAAM,CAAA;wBAC1C,yDAAyD;oBAC3D,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,yCAAyC;oBACzC,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;oBACtG,KAAK,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;oBACpE,KAAK,CAAC,iBAAiB,IAAI,cAAc,CAAA;oBACzC,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW,EAAE,CAAC;4BAC/C,KAAK,CAAC,iBAAiB,EAAE,CAAA;wBAC3B,CAAC;6BAAM,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY,EAAE,CAAC;4BACvD,KAAK,CAAC,kBAAkB,EAAE,CAAA;wBAC5B,CAAC;wBACD,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBACnC,CAAC;gBACH,CAAC;YACH,CAAC;QAEH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAA;YACnE,wDAAwD;YACxD,KAAK,MAAM,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;gBACxC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;oBACzB,iBAAiB,CAAC,IAAI,CAAC;wBACrB,GAAG,CAAC;wBACJ,aAAa,EAAE,KAAK;wBACpB,gBAAgB,EAAE,eAAmC;wBACrD,eAAe,EAAE,oCAAoC;qBACtD,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,CAAA;QACjD,kBAAkB,IAAI,aAAa,CAAA;QAEnC,iCAAiC;QACjC,cAAc,IAAI,SAAS,CAAC,MAAM,CAAA;QAElC,yCAAyC;QACzC,IAAI,UAAU,EAAE,CAAC;YACf,UAAU,CAAC;gBACT,cAAc,EAAE,cAAc;gBAC9B,UAAU,EAAE,WAAW,CAAC,MAAM;gBAC9B,MAAM,EAAE,oCAAoC,QAAQ,IAAI,gBAAgB,EAAE;aAC3E,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,oBAAoB,GAAG,KAAK,CAAC,mBAAmB,GAAG,KAAK,CAAC,eAAe,CAAA;IAC9E,KAAK,CAAC,YAAY,GAAG,oBAAoB,GAAG,CAAC;QAC3C,CAAC,CAAC,KAAK,CAAC,eAAe,GAAG,oBAAoB;QAC9C,CAAC,CAAC,CAAC,CAAA;IAEL,8CAA8C;IAC9C,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,oBAAoB,GAAG,uBAAa,CAAC,KAAK,CAAC,GAAG,OAAS,CAAA;IACrF,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,mBAAmB,GAAG,uBAAa,CAAC,UAAU,CAAC,GAAG,OAAS,CAAA;IACzF,MAAM,aAAa,GAAG,CAAC,KAAK,CAAC,eAAe,GAAG,uBAAa,CAAC,SAAS,CAAC,GAAG,OAAS,CAAA;IACnF,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,qBAAqB,GAAG,uBAAa,CAAC,MAAM,CAAC,GAAG,OAAS,CAAA;IAEnF,KAAK,CAAC,aAAa,GAAG,cAAc,GAAG,cAAc,GAAG,aAAa,GAAG,UAAU,CAAA;IAElF,0DAA0D;IAC1D,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAA;IACrC,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,aAAa,EAAE,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IAC3D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,CAAC,kBAAkB,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IAC/E,OAAO,CAAC,GAAG,CAAC,4BAA4B,eAAe,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,4BAA4B,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;IAC9H,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;IACjC,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,mBAAmB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IACvF,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,CAAC,eAAe,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IAClF,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IAC9E,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,oBAAoB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IACzF,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,qBAAqB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IACnF,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;IAErE,wCAAwC;IACxC,oBAAoB,GAAG,IAAI,CAAA;IAE3B,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB;IACjC,oBAAoB,GAAG,IAAI,CAAA;AAC7B,CAAC"}
1
+ {"version":3,"file":"anthropic.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/anthropic.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAkBH,sDA+RC;AAKD,kDAEC;AApTD,oFAA4E;AAE5E,wCAAmF;AACnF,0CAA8D;AAC9D,8DAA4H;AAC5H,wDAAoE;AACpE,sDAAgE;AAEhE,kDAAkD;AAClD,IAAI,oBAAoB,GAA0B,IAAI,CAAA;AAEtD;;GAEG;AACI,KAAK,UAAU,qBAAqB,CACzC,QAAyB,EACzB,KAAiB,EACjB,cAA0C,EAC1C,KAAsB,EACtB,UAA+F;IAE/F,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAA;IAC/D,MAAM,MAAM,GAAG,IAAA,4BAAkB,GAAE,CAAA;IAEnC,sCAAsC;IACtC,MAAM,OAAO,GAAG,cAAc,IAAI,oBAAoB,IAAI,IAAA,6CAAmB,EAAC,KAAK,CAAC,CAAA;IACpF,IAAI,CAAC,cAAc,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC7C,oBAAoB,GAAG,OAAO,CAAA;QAC9B,OAAO,CAAC,GAAG,CAAC,wCAAwC,EAAE;YACpD,iBAAiB,EAAE,OAAO,CAAC,IAAI,CAAC,mBAAmB;YACnD,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,YAAY;YACvC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO;SACtC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,cAAc,GAAG,IAAI,GAAG,EAA2B,CAAA;IACzD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QAC3D,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACtB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,iBAAiB,GAAoB,EAAE,CAAA;IAE7C,+BAA+B;IAC/B,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAA;IAExD,gBAAgB;IAChB,IAAI,kBAAkB,GAAG,CAAC,CAAA;IAC1B,IAAI,eAAe,GAAG,CAAC,CAAA;IAEvB,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,6BAAmB,CAAC,CAAA;IAC5E,OAAO,CAAC,GAAG,CAAC,uCAAuC,WAAW,CAAC,MAAM,aAAa,gBAAgB,mBAAmB,6BAAmB,eAAe,CAAC,CAAA;IAExJ,+CAA+C;IAC/C,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtB,4EAA4E;IAC5E,KAAK,IAAI,UAAU,GAAG,CAAC,EAAE,UAAU,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,IAAI,6BAAmB,EAAE,CAAC;QAC5F,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,GAAG,6BAAmB,CAAC,CAAA;QACjF,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,6BAAmB,CAAC,GAAG,CAAC,CAAA;QAEjE,0CAA0C;QAC1C,IAAI,UAAU,EAAE,CAAC;YACf,UAAU,CAAC;gBACT,cAAc,EAAE,cAAc;gBAC9B,UAAU,EAAE,WAAW,CAAC,MAAM;gBAC9B,MAAM,EAAE,uBAAuB,QAAQ,IAAI,gBAAgB,EAAE;aAC9D,CAAC,CAAA;QACJ,CAAC;QAED,OAAO,CAAC,GAAG,CAAC,6BAA6B,QAAQ,IAAI,gBAAgB,KAAK,SAAS,CAAC,MAAM,QAAQ,CAAC,CAAA;QAEnG,sCAAsC;QACtC,MAAM,YAAY,GAA2E,EAAE,CAAA;QAC/F,MAAM,mBAAmB,GAA2D,EAAE,CAAA;QAEtF,KAAK,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,SAAS,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAA;YACjD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QAED,uDAAuD;QACvD,KAAK,MAAM,EAAE,QAAQ,EAAE,IAAI,mBAAmB,EAAE,CAAC;YAC/C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;gBACzB,iBAAiB,CAAC,IAAI,CAAC;oBACrB,GAAG,CAAC;oBACJ,aAAa,EAAE,KAAK;oBACpB,gBAAgB,EAAE,eAAmC;oBACrD,eAAe,EAAE,2CAA2C;iBAC7D,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,yCAAyC;QACzC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,SAAQ;QACV,CAAC;QAED,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;QAEjC,IAAI,CAAC;YACH,0DAA0D;YAC1D,MAAM,iBAAiB,GAAG,IAAA,iDAA+B,EACvD,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,EAC9D,OAAO,EACP,EAAE,WAAW,EAAE,QAAQ,EAAE,CAC1B,CAAA;YAED,gDAAgD;YAChD,MAAM,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CACjC,SAAS,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,YAAY,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAC3E,CAAC,CAAA;YACF,MAAM,YAAY,GAAG,IAAA,qCAAwB,EAAC,eAAe,CAAC,CAAA;YAE9D,uDAAuD;YACvD,MAAM,QAAQ,GAAG,MAAM,IAAA,qCAA6B,EAAC,GAAG,EAAE,CACxD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;gBACrB,KAAK,EAAE,2BAA2B;gBAClC,UAAU,EAAE,IAAI,EAAE,yDAAyD;gBAC3E,MAAM,EAAE;oBACN;wBACE,IAAI,EAAE,MAAM;wBACZ,IAAI,EAAE,YAAY;wBAClB,aAAa,EAAE,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,sBAAsB;qBAC7D;iBACF;gBACD,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE,CAAC;aACzD,CAAC,CACH,CAAA;YAED,uBAAuB;YACvB,KAAK,CAAC,QAAQ,EAAE,CAAA;YAChB,eAAe,EAAE,CAAA;YAEjB,mCAAmC;YACnC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAA;YAC5B,IAAI,KAAK,EAAE,CAAC;gBACV,6DAA6D;gBAC7D,OAAO,CAAC,GAAG,CAAC,iBAAiB,QAAQ,6BAA6B,CAAC,CAAA;gBACnE,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAA;gBAC3C,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;gBACjC,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,YAAY,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC3D,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,CAAC,aAAa,IAAI,CAAC,EAAE,CAAC,CAAA;gBAC7D,aAAa;gBACb,OAAO,CAAC,GAAG,CAAC,oCAAoC,KAAK,CAAC,2BAA2B,IAAI,CAAC,EAAE,CAAC,CAAA;gBACzF,aAAa;gBACb,OAAO,CAAC,GAAG,CAAC,gCAAgC,KAAK,CAAC,uBAAuB,IAAI,CAAC,EAAE,CAAC,CAAA;gBAEjF,KAAK,CAAC,oBAAoB,IAAI,KAAK,CAAC,YAAY,IAAI,CAAC,CAAA;gBACrD,KAAK,CAAC,qBAAqB,IAAI,KAAK,CAAC,aAAa,IAAI,CAAC,CAAA;gBAEvD,6CAA6C;gBAC7C,MAAM,aAAa,GAAG,KAAK,CAAC,2BAA2B,IAAI,CAAC,CAAA;gBAC5D,aAAa;gBACb,MAAM,SAAS,GAAG,KAAK,CAAC,uBAAuB,IAAI,CAAC,CAAA;gBAEpD,KAAK,CAAC,mBAAmB,IAAI,aAAa,CAAA;gBAC1C,KAAK,CAAC,eAAe,IAAI,SAAS,CAAA;YACpC,CAAC;YAED,MAAM,WAAW,GAAG,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,KAAuB,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,KAAK,MAAM,CAAC,CAAA;YAC7F,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;gBAChD,yDAAyD;gBACzD,KAAK,MAAM,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;oBACxC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;wBACzB,iBAAiB,CAAC,IAAI,CAAC;4BACrB,GAAG,CAAC;4BACJ,aAAa,EAAE,KAAK;4BACpB,gBAAgB,EAAE,eAAmC;4BACrD,eAAe,EAAE,2BAA2B;yBAC7C,CAAC,CAAA;oBACJ,CAAC;gBACH,CAAC;gBACD,SAAQ;YACV,CAAC;YAED,4BAA4B;YAC5B,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAA;YAClE,MAAM,oBAAoB,GAAG,IAAA,kDAAgC,EAAC,WAAW,CAAC,IAAI,EAAE,aAAa,CAAC,CAAA;YAE9F,yBAAyB;YACzB,KAAK,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;gBAClD,MAAM,WAAW,GAAG,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;gBAEtD,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC7C,iEAAiE;oBACjE,MAAM,iBAAiB,GAAG,IAAA,yCAAuB,EAAC,WAAW,CAAC,IAAI,CAAC,CAAA;oBAEnE,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC9D,gDAAgD;wBAChD,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,QAAQ,EAAE,iBAAiB,CAAC,CAAA;wBAC5G,KAAK,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;wBACpE,KAAK,CAAC,iBAAiB,IAAI,cAAc,CAAA;wBACzC,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;4BAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW,EAAE,CAAC;gCAC/C,KAAK,CAAC,iBAAiB,EAAE,CAAA;4BAC3B,CAAC;iCAAM,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY,EAAE,CAAC;gCACvD,KAAK,CAAC,kBAAkB,EAAE,CAAA;4BAC5B,CAAC;4BACD,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;wBACnC,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,oFAAoF;wBACpF,OAAO,CAAC,IAAI,CAAC,kCAAkC,QAAQ,gBAAgB,QAAQ,CAAC,MAAM,WAAW,CAAC,CAAA;wBAClG,KAAK,CAAC,iBAAiB,IAAI,QAAQ,CAAC,MAAM,CAAA;wBAC1C,KAAK,CAAC,iBAAiB,IAAI,QAAQ,CAAC,MAAM,CAAA;wBAC1C,yDAAyD;oBAC3D,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,yCAAyC;oBACzC,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,QAAQ,EAAE,WAAW,CAAC,CAAA;oBACtG,KAAK,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;oBACpE,KAAK,CAAC,iBAAiB,IAAI,cAAc,CAAA;oBACzC,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW,EAAE,CAAC;4BAC/C,KAAK,CAAC,iBAAiB,EAAE,CAAA;wBAC3B,CAAC;6BAAM,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY,EAAE,CAAC;4BACvD,KAAK,CAAC,kBAAkB,EAAE,CAAA;wBAC5B,CAAC;wBACD,iBAAiB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBACnC,CAAC;gBACH,CAAC;YACH,CAAC;QAEH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,kCAAkC,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAA;YACnE,wDAAwD;YACxD,KAAK,MAAM,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;gBACxC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;oBACzB,iBAAiB,CAAC,IAAI,CAAC;wBACrB,GAAG,CAAC;wBACJ,aAAa,EAAE,KAAK;wBACpB,gBAAgB,EAAE,eAAmC;wBACrD,eAAe,EAAE,oCAAoC;qBACtD,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,cAAc,CAAA;QACjD,kBAAkB,IAAI,aAAa,CAAA;QAEnC,iCAAiC;QACjC,cAAc,IAAI,SAAS,CAAC,MAAM,CAAA;QAElC,yCAAyC;QACzC,IAAI,UAAU,EAAE,CAAC;YACf,UAAU,CAAC;gBACT,cAAc,EAAE,cAAc;gBAC9B,UAAU,EAAE,WAAW,CAAC,MAAM;gBAC9B,MAAM,EAAE,oCAAoC,QAAQ,IAAI,gBAAgB,EAAE;aAC3E,CAAC,CAAA;QACJ,CAAC;IACH,CAAC;IAED,2BAA2B;IAC3B,MAAM,oBAAoB,GAAG,KAAK,CAAC,mBAAmB,GAAG,KAAK,CAAC,eAAe,CAAA;IAC9E,KAAK,CAAC,YAAY,GAAG,oBAAoB,GAAG,CAAC;QAC3C,CAAC,CAAC,KAAK,CAAC,eAAe,GAAG,oBAAoB;QAC9C,CAAC,CAAC,CAAC,CAAA;IAEL,8CAA8C;IAC9C,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,oBAAoB,GAAG,uBAAa,CAAC,KAAK,CAAC,GAAG,OAAS,CAAA;IACrF,MAAM,cAAc,GAAG,CAAC,KAAK,CAAC,mBAAmB,GAAG,uBAAa,CAAC,UAAU,CAAC,GAAG,OAAS,CAAA;IACzF,MAAM,aAAa,GAAG,CAAC,KAAK,CAAC,eAAe,GAAG,uBAAa,CAAC,SAAS,CAAC,GAAG,OAAS,CAAA;IACnF,MAAM,UAAU,GAAG,CAAC,KAAK,CAAC,qBAAqB,GAAG,uBAAa,CAAC,MAAM,CAAC,GAAG,OAAS,CAAA;IAEnF,KAAK,CAAC,aAAa,GAAG,cAAc,GAAG,cAAc,GAAG,aAAa,GAAG,UAAU,CAAA;IAElF,0DAA0D;IAC1D,OAAO,CAAC,GAAG,CAAC,wBAAwB,CAAC,CAAA;IACrC,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,aAAa,EAAE,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IAC3D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,CAAC,kBAAkB,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,kBAAkB,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IAC/E,OAAO,CAAC,GAAG,CAAC,4BAA4B,eAAe,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,4BAA4B,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,kBAAkB,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAA;IAC9H,OAAO,CAAC,GAAG,CAAC,oBAAoB,CAAC,CAAA;IACjC,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,mBAAmB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IACvF,OAAO,CAAC,GAAG,CAAC,sBAAsB,KAAK,CAAC,eAAe,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IAClF,OAAO,CAAC,GAAG,CAAC,yBAAyB,CAAC,KAAK,CAAC,YAAY,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAA;IAC9E,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,oBAAoB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IACzF,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,qBAAqB,CAAC,cAAc,EAAE,SAAS,CAAC,CAAA;IACnF,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;IAErE,wCAAwC;IACxC,oBAAoB,GAAG,IAAI,CAAA;IAE3B,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB;IACjC,oBAAoB,GAAG,IAAI,CAAA;AAC7B,CAAC"}
@@ -1 +1 @@
1
- {"version":3,"file":"openai.d.ts","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/openai.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAoB,MAAM,gBAAgB,CAAA;AAC/E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wCAAwC,CAAA;AAE5E,OAAO,KAAK,EAAE,eAAe,EAAE,kBAAkB,EAAoB,MAAM,UAAU,CAAA;AAWrF;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,QAAQ,EAAE,aAAa,EAAE,EACzB,KAAK,EAAE,QAAQ,EAAE,EACjB,cAAc,EAAE,cAAc,GAAG,SAAS,EAC1C,KAAK,EAAE,eAAe,GACrB,OAAO,CAAC,kBAAkB,CAAC,CA2V7B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,IAAI,CAEvC"}
1
+ {"version":3,"file":"openai.d.ts","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/openai.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,aAAa,EAAE,QAAQ,EAAoB,MAAM,gBAAgB,CAAA;AAC/E,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,wCAAwC,CAAA;AAE5E,OAAO,KAAK,EAAE,eAAe,EAAE,kBAAkB,EAAoB,MAAM,UAAU,CAAA;AAWrF;;;GAGG;AACH,wBAAsB,kBAAkB,CACtC,QAAQ,EAAE,aAAa,EAAE,EACzB,KAAK,EAAE,QAAQ,EAAE,EACjB,cAAc,EAAE,cAAc,GAAG,SAAS,EAC1C,KAAK,EAAE,eAAe,GACrB,OAAO,CAAC,kBAAkB,CAAC,CAkW7B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,IAAI,CAEvC"}
@@ -85,13 +85,16 @@ async function validateWithOpenAI(findings, files, projectContext, stats) {
85
85
  return batchFindings;
86
86
  }
87
87
  try {
88
- // Build multi-file validation request
89
- const validationRequest = (0, request_builder_1.buildMultiFileValidationRequest)(fileDataList.map(({ file, findings: fileFindings }) => ({ file, findings: fileFindings })), context);
88
+ // Build multi-file validation request with scoped context
89
+ const validationRequest = (0, request_builder_1.buildMultiFileValidationRequest)(fileDataList.map(({ file, findings: fileFindings }) => ({ file, findings: fileFindings })), context, { contextMode: 'scoped' });
90
+ // Assemble category-aware prompt for this batch
91
+ const batchCategories = [...new Set(fileDataList.flatMap(({ findings: fileFindings }) => fileFindings.map(f => f.category)))];
92
+ const systemPrompt = (0, validation_1.assembleValidationPrompt)(batchCategories);
90
93
  // Call OpenAI GPT-5-mini with retry logic
91
94
  const response = await (0, retry_1.makeOpenAIRequestWithRetry)(async () => client.chat.completions.create({
92
95
  model: 'gpt-5-mini-2025-08-07',
93
96
  messages: [
94
- { role: 'system', content: validation_1.HIGH_CONTEXT_VALIDATION_PROMPT },
97
+ { role: 'system', content: systemPrompt },
95
98
  { role: 'user', content: validationRequest },
96
99
  ],
97
100
  max_completion_tokens: 4096, // Sufficient for larger batches with many findings
@@ -1 +1 @@
1
- {"version":3,"file":"openai.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/openai.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAoBH,gDAgWC;AAKD,4CAEC;AAvXD,oFAA4E;AAE5E,oCAAiD;AACjD,wCAA0G;AAC1G,0CAA2D;AAC3D,8DAA4H;AAC5H,wDAAoE;AACpE,sDAAsE;AAEtE,kDAAkD;AAClD,IAAI,oBAAoB,GAA0B,IAAI,CAAA;AAEtD;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CACtC,QAAyB,EACzB,KAAiB,EACjB,cAA0C,EAC1C,KAAsB;IAEtB,MAAM,MAAM,GAAG,IAAA,yBAAe,GAAE,CAAA;IAEhC,sCAAsC;IACtC,MAAM,OAAO,GAAG,cAAc,IAAI,oBAAoB,IAAI,IAAA,6CAAmB,EAAC,KAAK,CAAC,CAAA;IACpF,IAAI,CAAC,cAAc,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC7C,oBAAoB,GAAG,OAAO,CAAA;QAC9B,OAAO,CAAC,GAAG,CAAC,4CAA4C,EAAE;YACxD,iBAAiB,EAAE,OAAO,CAAC,IAAI,CAAC,mBAAmB;YACnD,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,YAAY;YACvC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO;SACtC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,cAAc,GAAG,IAAI,GAAG,EAA2B,CAAA;IACzD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QAC3D,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACtB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,iBAAiB,GAAoB,EAAE,CAAA;IAC7C,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAA;IAExD,0CAA0C;IAC1C,IAAI,eAAe,GAAG,CAAC,CAAA;IACvB,MAAM,SAAS,GAAqB,IAAA,8BAAsB,GAAE,CAAA;IAE5D,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,6BAAmB,CAAC,CAAA;IAC5E,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,CAAC,MAAM,aAAa,gBAAgB,mBAAmB,8BAAoB,YAAY,CAAC,CAAA;IAEjJ,+BAA+B;IAC/B,MAAM,UAAU,GAGX,EAAE,CAAA;IAEP,KAAK,IAAI,UAAU,GAAG,CAAC,EAAE,UAAU,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,IAAI,6BAAmB,EAAE,CAAC;QAC5F,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,GAAG,6BAAmB,CAAC,CAAA;QACjF,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,6BAAmB,CAAC,GAAG,CAAC,CAAA;QACjE,UAAU,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAA;IAC1C,CAAC;IAED,qEAAqE;IACrE,MAAM,YAAY,GAAG,KAAK,EACxB,QAA2E,EACjD,EAAE;QAC5B,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAA;QACxC,MAAM,aAAa,GAAoB,EAAE,CAAA;QAEzC,sCAAsC;QACtC,MAAM,YAAY,GAA2E,EAAE,CAAA;QAC/F,MAAM,mBAAmB,GAA2D,EAAE,CAAA;QAEtF,KAAK,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,SAAS,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAA;YACjD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,KAAK,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,mBAAmB,EAAE,CAAC;YAC7D,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;gBAC7B,aAAa,CAAC,IAAI,CAAC;oBACjB,GAAG,CAAC;oBACJ,aAAa,EAAE,KAAK;oBACpB,gBAAgB,EAAE,eAAmC;oBACrD,eAAe,EAAE,2CAA2C;iBAC7D,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,aAAa,CAAA;QACtB,CAAC;QAED,IAAI,CAAC;YACH,sCAAsC;YACtC,MAAM,iBAAiB,GAAG,IAAA,iDAA+B,EACvD,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC,EAC1F,OAAO,CACR,CAAA;YAED,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,MAAM,IAAA,kCAA0B,EAAC,KAAK,IAAI,EAAE,CAC3D,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;gBAC7B,KAAK,EAAE,uBAAuB;gBAC9B,QAAQ,EAAE;oBACR,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,2CAA8B,EAAE;oBAC3D,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE;iBAC7C;gBACD,qBAAqB,EAAE,IAAI,EAAE,mDAAmD;gBAChF,eAAe,EAAE;oBACf,IAAI,EAAE,aAAa;oBACnB,WAAW,EAAE;wBACX,IAAI,EAAE,qBAAqB;wBAC3B,MAAM,EAAE,IAAI;wBACZ,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,WAAW,EAAE;oCACX,IAAI,EAAE,OAAO;oCACb,KAAK,EAAE;wCACL,IAAI,EAAE,QAAQ;wCACd,UAAU,EAAE;4CACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4CACxB,WAAW,EAAE;gDACX,IAAI,EAAE,OAAO;gDACb,KAAK,EAAE;oDACL,IAAI,EAAE,QAAQ;oDACd,UAAU,EAAE;wDACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wDACzB,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;wDACzB,KAAK,EAAE;4DACL,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,OAAO,EAAE,IAAI;yDACd;wDACD,gBAAgB,EAAE;4DAChB,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,IAAI,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC;4DACzD,OAAO,EAAE,IAAI;yDACd;wDACD,MAAM,EAAE;4DACN,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,WAAW,EAAE,+DAA+D;4DAC5E,OAAO,EAAE,IAAI;yDACd;wDACD,aAAa,EAAE;4DACb,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,WAAW,EAAE,gDAAgD;4DAC7D,OAAO,EAAE,IAAI;yDACd;qDACF;oDACD,QAAQ,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,eAAe,CAAC;oDACnF,oBAAoB,EAAE,KAAK;iDAC5B;6CACF;yCACF;wCACD,QAAQ,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC;wCACjC,oBAAoB,EAAE,KAAK;qCAC5B;iCACF;6BACF;4BACD,QAAQ,EAAE,CAAC,aAAa,CAAC;4BACzB,oBAAoB,EAAE,KAAK;yBAC5B;qBACF;iBACF;aACF,CAAC,CACH,CAAA;YAED,oDAAoD;YACpD,SAAS,CAAC,QAAQ,EAAE,CAAA;YAEpB,2CAA2C;YAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAA;YAC5B,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,YAAY,GAAG,KAAK,CAAC,aAAa,IAAI,CAAC,CAAA;gBAC7C,MAAM,gBAAgB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAA;gBACrD,MAAM,YAAY,GAAI,KAAa,CAAC,qBAAqB,EAAE,aAAa,IAAI,CAAC,CAAA;gBAC7E,MAAM,gBAAgB,GAAG,YAAY,GAAG,YAAY,CAAA;gBAEpD,SAAS,CAAC,oBAAoB,IAAI,gBAAgB,CAAA;gBAClD,SAAS,CAAC,qBAAqB,IAAI,gBAAgB,CAAA;gBACnD,SAAS,CAAC,eAAe,IAAI,YAAY,CAAA;gBAEzC,OAAO,CAAC,GAAG,CAAC,kBAAkB,QAAQ,YAAY,YAAY,WAAW,YAAY,aAAa,gBAAgB,SAAS,CAAC,CAAA;gBAE5H,MAAM,SAAS,GAAG,CAAC,gBAAgB,GAAG,2BAAiB,CAAC,KAAK,CAAC,GAAG,OAAS,CAAA;gBAC1E,MAAM,UAAU,GAAG,CAAC,YAAY,GAAG,2BAAiB,CAAC,MAAM,CAAC,GAAG,OAAS,CAAA;gBACxE,MAAM,UAAU,GAAG,CAAC,gBAAgB,GAAG,2BAAiB,CAAC,MAAM,CAAC,GAAG,OAAS,CAAA;gBAC5E,SAAS,CAAC,aAAa,IAAI,SAAS,GAAG,UAAU,GAAG,UAAU,CAAA;YAChE,CAAC;YAED,yBAAyB;YACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAA;YACrD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,KAAK,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,YAAY,EAAE,CAAC;oBACtD,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;wBAC7B,aAAa,CAAC,IAAI,CAAC;4BACjB,GAAG,CAAC;4BACJ,aAAa,EAAE,KAAK;4BACpB,gBAAgB,EAAE,eAAmC;4BACrD,eAAe,EAAE,+BAA+B;yBACjD,CAAC,CAAA;oBACJ,CAAC;gBACH,CAAC;gBACD,OAAO,aAAa,CAAA;YACtB,CAAC;YAED,iFAAiF;YACjF,IAAI,aAAkB,CAAA;YACtB,IAAI,CAAC;gBACH,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBACnC,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAA;gBAClF,mEAAmE;gBACnE,IAAI,aAAa,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC1E,OAAO,CAAC,GAAG,CAAC,sDAAsD,aAAa,CAAC,WAAW,CAAC,MAAM,QAAQ,CAAC,CAAA;oBAC3G,aAAa,GAAG,aAAa,CAAC,WAAW,CAAA;gBAC3C,CAAC;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;oBACxC,OAAO,CAAC,GAAG,CAAC,mDAAmD,aAAa,CAAC,MAAM,QAAQ,CAAC,CAAA;gBAC9F,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,OAAO,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAA;gBACtG,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC,yCAAyC,EAAE,CAAC,CAAC,CAAA;gBAC1D,aAAa,GAAG,OAAO,CAAA;YACzB,CAAC;YAED,4BAA4B;YAC5B,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAA;YAClE,MAAM,oBAAoB,GAAG,IAAA,kDAAgC,EAC3D,OAAO,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EACjF,aAAa,CACd,CAAA;YAED,OAAO,CAAC,GAAG,CAAC,kBAAkB,QAAQ,WAAW,oBAAoB,CAAC,IAAI,sBAAsB,YAAY,CAAC,MAAM,QAAQ,CAAC,CAAA;YAC5H,IAAI,oBAAoB,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACpC,OAAO,CAAC,IAAI,CAAC,2DAA2D,OAAO,aAAa,cAAc,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;gBACzI,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC7D,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBAC9E,CAAC;YACH,CAAC;YAED,mEAAmE;YACnE,IAAI,oBAAoB,CAAC,IAAI,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;gBACtD,MAAM,OAAO,GAAG,YAAY;qBACzB,MAAM,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;qBAC7D,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAA;gBAClC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACvB,OAAO,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,MAAM,4CAA4C,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAClH,CAAC;YACH,CAAC;YAED,yBAAyB;YACzB,KAAK,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,YAAY,EAAE,CAAC;gBAChE,MAAM,WAAW,GAAG,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;gBACtD,OAAO,CAAC,GAAG,CAAC,iBAAiB,QAAQ,KAAK,WAAW,EAAE,MAAM,IAAI,CAAC,2BAA2B,YAAY,CAAC,MAAM,WAAW,CAAC,CAAA;gBAE5H,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC7C,MAAM,iBAAiB,GAAG,IAAA,yCAAuB,EAAC,OAAO,CAAC,CAAA;oBAC1D,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC9D,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,YAAY,EAAE,iBAAiB,CAAC,CAAA;wBAChH,SAAS,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;wBACxE,SAAS,CAAC,iBAAiB,IAAI,cAAc,CAAA;wBAC7C,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;4BAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW;gCAAE,SAAS,CAAC,iBAAiB,EAAE,CAAA;iCACxE,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY;gCAAE,SAAS,CAAC,kBAAkB,EAAE,CAAA;4BACpF,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;wBAC/B,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,oFAAoF;wBACpF,OAAO,CAAC,IAAI,CAAC,sCAAsC,QAAQ,gBAAgB,YAAY,CAAC,MAAM,WAAW,CAAC,CAAA;wBAC1G,SAAS,CAAC,iBAAiB,IAAI,YAAY,CAAC,MAAM,CAAA;wBAClD,SAAS,CAAC,iBAAiB,IAAI,YAAY,CAAC,MAAM,CAAA;wBAClD,qDAAqD;oBACvD,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,YAAY,EAAE,WAAW,CAAC,CAAA;oBAC1G,SAAS,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;oBACxE,SAAS,CAAC,iBAAiB,IAAI,cAAc,CAAA;oBAC7C,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW;4BAAE,SAAS,CAAC,iBAAiB,EAAE,CAAA;6BACxE,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY;4BAAE,SAAS,CAAC,kBAAkB,EAAE,CAAA;wBACpF,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBAC/B,CAAC;gBACH,CAAC;YACH,CAAC;QAEH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,sCAAsC,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAA;YACvE,KAAK,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,YAAY,EAAE,CAAC;gBACtD,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;oBAC7B,aAAa,CAAC,IAAI,CAAC;wBACjB,GAAG,CAAC;wBACJ,aAAa,EAAE,KAAK;wBACpB,gBAAgB,EAAE,eAAmC;wBACrD,eAAe,EAAE,oCAAoC;qBACtD,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,aAAa,CAAA;IACtB,CAAC,CAAA;IAED,qCAAqC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,IAAI,8BAAoB,EAAE,CAAC;QACjE,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,8BAAoB,CAAC,CAAA;QACnE,MAAM,SAAS,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC/D,OAAO,CAAC,GAAG,CAAC,0CAA0C,SAAS,cAAc,CAAC,CAAA;QAE9E,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAA;QAClE,KAAK,MAAM,YAAY,IAAI,OAAO,EAAE,CAAC;YACnC,iBAAiB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;QACzC,CAAC;QACD,eAAe,IAAI,aAAa,CAAC,MAAM,CAAA;IACzC,CAAC;IACD,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAA;IAE5C,8BAA8B;IAC9B,KAAK,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAA;IACnC,KAAK,CAAC,oBAAoB,GAAG,SAAS,CAAC,oBAAoB,CAAA;IAC3D,KAAK,CAAC,qBAAqB,GAAG,SAAS,CAAC,qBAAqB,CAAA;IAC7D,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,eAAe,CAAA;IACjD,KAAK,CAAC,aAAa,GAAG,SAAS,CAAC,aAAa,CAAA;IAC7C,KAAK,CAAC,iBAAiB,GAAG,SAAS,CAAC,iBAAiB,CAAA;IACrD,KAAK,CAAC,iBAAiB,GAAG,SAAS,CAAC,iBAAiB,CAAA;IACrD,KAAK,CAAC,iBAAiB,GAAG,SAAS,CAAC,iBAAiB,CAAA;IACrD,KAAK,CAAC,kBAAkB,GAAG,SAAS,CAAC,kBAAkB,CAAA;IAEvD,2BAA2B;IAC3B,MAAM,oBAAoB,GAAG,KAAK,CAAC,mBAAmB,GAAG,KAAK,CAAC,eAAe,CAAA;IAC9E,KAAK,CAAC,YAAY,GAAG,oBAAoB,GAAG,CAAC;QAC3C,CAAC,CAAC,KAAK,CAAC,eAAe,GAAG,oBAAoB;QAC9C,CAAC,CAAC,CAAC,CAAA;IAEL,uBAAuB;IACvB,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC;QAC7C,CAAC,CAAC,CAAC,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;QACjD,CAAC,CAAC,GAAG,CAAA;IACP,MAAM,gBAAgB,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;IAE1D,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAA;IACzC,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,aAAa,EAAE,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IAC3D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,CAAC,kBAAkB,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,yBAAyB,gBAAgB,GAAG,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,4BAA4B,eAAe,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,4BAA4B,gBAAgB,IAAI,CAAC,CAAA;IAC7D,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,oBAAoB,SAAS,CAAC,CAAA;IACxE,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,eAAe,SAAS,CAAC,CAAA;IAC5D,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,qBAAqB,SAAS,CAAC,CAAA;IAClE,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;IAErE,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB;IAC9B,oBAAoB,GAAG,IAAI,CAAA;AAC7B,CAAC"}
1
+ {"version":3,"file":"openai.js","sourceRoot":"","sources":["../../../../src/layer3/anthropic/providers/openai.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAoBH,gDAuWC;AAKD,4CAEC;AA9XD,oFAA4E;AAE5E,oCAAiD;AACjD,wCAA0G;AAC1G,0CAA2D;AAC3D,8DAA4H;AAC5H,wDAAoE;AACpE,sDAAgE;AAEhE,kDAAkD;AAClD,IAAI,oBAAoB,GAA0B,IAAI,CAAA;AAEtD;;;GAGG;AACI,KAAK,UAAU,kBAAkB,CACtC,QAAyB,EACzB,KAAiB,EACjB,cAA0C,EAC1C,KAAsB;IAEtB,MAAM,MAAM,GAAG,IAAA,yBAAe,GAAE,CAAA;IAEhC,sCAAsC;IACtC,MAAM,OAAO,GAAG,cAAc,IAAI,oBAAoB,IAAI,IAAA,6CAAmB,EAAC,KAAK,CAAC,CAAA;IACpF,IAAI,CAAC,cAAc,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC7C,oBAAoB,GAAG,OAAO,CAAA;QAC9B,OAAO,CAAC,GAAG,CAAC,4CAA4C,EAAE;YACxD,iBAAiB,EAAE,OAAO,CAAC,IAAI,CAAC,mBAAmB;YACnD,YAAY,EAAE,OAAO,CAAC,IAAI,CAAC,YAAY;YACvC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC,GAAG;YAC3B,SAAS,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO;SACtC,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,cAAc,GAAG,IAAI,GAAG,EAA2B,CAAA;IACzD,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QAC3D,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QACtB,cAAc,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAA;IAChD,CAAC;IAED,MAAM,iBAAiB,GAAoB,EAAE,CAAA;IAC7C,MAAM,WAAW,GAAG,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC,CAAA;IAExD,0CAA0C;IAC1C,IAAI,eAAe,GAAG,CAAC,CAAA;IACvB,MAAM,SAAS,GAAqB,IAAA,8BAAsB,GAAE,CAAA;IAE5D,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,6BAAmB,CAAC,CAAA;IAC5E,OAAO,CAAC,GAAG,CAAC,kCAAkC,WAAW,CAAC,MAAM,aAAa,gBAAgB,mBAAmB,8BAAoB,YAAY,CAAC,CAAA;IAEjJ,+BAA+B;IAC/B,MAAM,UAAU,GAGX,EAAE,CAAA;IAEP,KAAK,IAAI,UAAU,GAAG,CAAC,EAAE,UAAU,GAAG,WAAW,CAAC,MAAM,EAAE,UAAU,IAAI,6BAAmB,EAAE,CAAC;QAC5F,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,GAAG,6BAAmB,CAAC,CAAA;QACjF,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,GAAG,6BAAmB,CAAC,GAAG,CAAC,CAAA;QACjE,UAAU,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,SAAS,EAAE,CAAC,CAAA;IAC1C,CAAC;IAED,qEAAqE;IACrE,MAAM,YAAY,GAAG,KAAK,EACxB,QAA2E,EACjD,EAAE;QAC5B,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,GAAG,QAAQ,CAAA;QACxC,MAAM,aAAa,GAAoB,EAAE,CAAA;QAEzC,sCAAsC;QACtC,MAAM,YAAY,GAA2E,EAAE,CAAA;QAC/F,MAAM,mBAAmB,GAA2D,EAAE,CAAA;QAEtF,KAAK,MAAM,CAAC,QAAQ,EAAE,YAAY,CAAC,IAAI,SAAS,EAAE,CAAC;YACjD,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAA;YACjD,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,mBAAmB,CAAC,IAAI,CAAC,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAA;YAChE,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,CAAC,CAAA;YAC/D,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,KAAK,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,mBAAmB,EAAE,CAAC;YAC7D,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;gBAC7B,aAAa,CAAC,IAAI,CAAC;oBACjB,GAAG,CAAC;oBACJ,aAAa,EAAE,KAAK;oBACpB,gBAAgB,EAAE,eAAmC;oBACrD,eAAe,EAAE,2CAA2C;iBAC7D,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,aAAa,CAAA;QACtB,CAAC;QAED,IAAI,CAAC;YACH,0DAA0D;YAC1D,MAAM,iBAAiB,GAAG,IAAA,iDAA+B,EACvD,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,YAAY,EAAE,CAAC,CAAC,EAC1F,OAAO,EACP,EAAE,WAAW,EAAE,QAAQ,EAAE,CAC1B,CAAA;YAED,gDAAgD;YAChD,MAAM,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CACjC,YAAY,CAAC,OAAO,CAAC,CAAC,EAAE,QAAQ,EAAE,YAAY,EAAE,EAAE,EAAE,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CACxF,CAAC,CAAA;YACF,MAAM,YAAY,GAAG,IAAA,qCAAwB,EAAC,eAAe,CAAC,CAAA;YAE9D,0CAA0C;YAC1C,MAAM,QAAQ,GAAG,MAAM,IAAA,kCAA0B,EAAC,KAAK,IAAI,EAAE,CAC3D,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC;gBAC7B,KAAK,EAAE,uBAAuB;gBAC9B,QAAQ,EAAE;oBACR,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,YAAY,EAAE;oBACzC,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,iBAAiB,EAAE;iBAC7C;gBACD,qBAAqB,EAAE,IAAI,EAAE,mDAAmD;gBAChF,eAAe,EAAE;oBACf,IAAI,EAAE,aAAa;oBACnB,WAAW,EAAE;wBACX,IAAI,EAAE,qBAAqB;wBAC3B,MAAM,EAAE,IAAI;wBACZ,MAAM,EAAE;4BACN,IAAI,EAAE,QAAQ;4BACd,UAAU,EAAE;gCACV,WAAW,EAAE;oCACX,IAAI,EAAE,OAAO;oCACb,KAAK,EAAE;wCACL,IAAI,EAAE,QAAQ;wCACd,UAAU,EAAE;4CACV,IAAI,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;4CACxB,WAAW,EAAE;gDACX,IAAI,EAAE,OAAO;gDACb,KAAK,EAAE;oDACL,IAAI,EAAE,QAAQ;oDACd,UAAU,EAAE;wDACV,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;wDACzB,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE;wDACzB,KAAK,EAAE;4DACL,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,OAAO,EAAE,IAAI;yDACd;wDACD,gBAAgB,EAAE;4DAChB,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,IAAI,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC;4DACzD,OAAO,EAAE,IAAI;yDACd;wDACD,MAAM,EAAE;4DACN,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,WAAW,EAAE,+DAA+D;4DAC5E,OAAO,EAAE,IAAI;yDACd;wDACD,aAAa,EAAE;4DACb,IAAI,EAAE,CAAC,QAAQ,EAAE,MAAM,CAAC;4DACxB,WAAW,EAAE,gDAAgD;4DAC7D,OAAO,EAAE,IAAI;yDACd;qDACF;oDACD,QAAQ,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,eAAe,CAAC;oDACnF,oBAAoB,EAAE,KAAK;iDAC5B;6CACF;yCACF;wCACD,QAAQ,EAAE,CAAC,MAAM,EAAE,aAAa,CAAC;wCACjC,oBAAoB,EAAE,KAAK;qCAC5B;iCACF;6BACF;4BACD,QAAQ,EAAE,CAAC,aAAa,CAAC;4BACzB,oBAAoB,EAAE,KAAK;yBAC5B;qBACF;iBACF;aACF,CAAC,CACH,CAAA;YAED,oDAAoD;YACpD,SAAS,CAAC,QAAQ,EAAE,CAAA;YAEpB,2CAA2C;YAC3C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAA;YAC5B,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,YAAY,GAAG,KAAK,CAAC,aAAa,IAAI,CAAC,CAAA;gBAC7C,MAAM,gBAAgB,GAAG,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAA;gBACrD,MAAM,YAAY,GAAI,KAAa,CAAC,qBAAqB,EAAE,aAAa,IAAI,CAAC,CAAA;gBAC7E,MAAM,gBAAgB,GAAG,YAAY,GAAG,YAAY,CAAA;gBAEpD,SAAS,CAAC,oBAAoB,IAAI,gBAAgB,CAAA;gBAClD,SAAS,CAAC,qBAAqB,IAAI,gBAAgB,CAAA;gBACnD,SAAS,CAAC,eAAe,IAAI,YAAY,CAAA;gBAEzC,OAAO,CAAC,GAAG,CAAC,kBAAkB,QAAQ,YAAY,YAAY,WAAW,YAAY,aAAa,gBAAgB,SAAS,CAAC,CAAA;gBAE5H,MAAM,SAAS,GAAG,CAAC,gBAAgB,GAAG,2BAAiB,CAAC,KAAK,CAAC,GAAG,OAAS,CAAA;gBAC1E,MAAM,UAAU,GAAG,CAAC,YAAY,GAAG,2BAAiB,CAAC,MAAM,CAAC,GAAG,OAAS,CAAA;gBACxE,MAAM,UAAU,GAAG,CAAC,gBAAgB,GAAG,2BAAiB,CAAC,MAAM,CAAC,GAAG,OAAS,CAAA;gBAC5E,SAAS,CAAC,aAAa,IAAI,SAAS,GAAG,UAAU,GAAG,UAAU,CAAA;YAChE,CAAC;YAED,yBAAyB;YACzB,MAAM,OAAO,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,OAAO,EAAE,OAAO,CAAA;YACrD,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,KAAK,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,YAAY,EAAE,CAAC;oBACtD,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;wBAC7B,aAAa,CAAC,IAAI,CAAC;4BACjB,GAAG,CAAC;4BACJ,aAAa,EAAE,KAAK;4BACpB,gBAAgB,EAAE,eAAmC;4BACrD,eAAe,EAAE,+BAA+B;yBACjD,CAAC,CAAA;oBACJ,CAAC;gBACH,CAAC;gBACD,OAAO,aAAa,CAAA;YACtB,CAAC;YAED,iFAAiF;YACjF,IAAI,aAAkB,CAAA;YACtB,IAAI,CAAC;gBACH,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAA;gBACnC,OAAO,CAAC,GAAG,CAAC,yCAAyC,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAA;gBAClF,mEAAmE;gBACnE,IAAI,aAAa,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,WAAW,CAAC,EAAE,CAAC;oBAC1E,OAAO,CAAC,GAAG,CAAC,sDAAsD,aAAa,CAAC,WAAW,CAAC,MAAM,QAAQ,CAAC,CAAA;oBAC3G,aAAa,GAAG,aAAa,CAAC,WAAW,CAAA;gBAC3C,CAAC;qBAAM,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;oBACxC,OAAO,CAAC,GAAG,CAAC,mDAAmD,aAAa,CAAC,MAAM,QAAQ,CAAC,CAAA;gBAC9F,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,mCAAmC,EAAE,OAAO,aAAa,EAAE,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAA;gBACtG,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC,yCAAyC,EAAE,CAAC,CAAC,CAAA;gBAC1D,aAAa,GAAG,OAAO,CAAA;YACzB,CAAC;YAED,4BAA4B;YAC5B,MAAM,aAAa,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAA;YAClE,MAAM,oBAAoB,GAAG,IAAA,kDAAgC,EAC3D,OAAO,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,aAAa,CAAC,EACjF,aAAa,CACd,CAAA;YAED,OAAO,CAAC,GAAG,CAAC,kBAAkB,QAAQ,WAAW,oBAAoB,CAAC,IAAI,sBAAsB,YAAY,CAAC,MAAM,QAAQ,CAAC,CAAA;YAC5H,IAAI,oBAAoB,CAAC,IAAI,KAAK,CAAC,EAAE,CAAC;gBACpC,OAAO,CAAC,IAAI,CAAC,2DAA2D,OAAO,aAAa,cAAc,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC,CAAA;gBACzI,IAAI,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC7D,OAAO,CAAC,GAAG,CAAC,gCAAgC,EAAE,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;gBAC9E,CAAC;YACH,CAAC;YAED,mEAAmE;YACnE,IAAI,oBAAoB,CAAC,IAAI,KAAK,YAAY,CAAC,MAAM,EAAE,CAAC;gBACtD,MAAM,OAAO,GAAG,YAAY;qBACzB,MAAM,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;qBAC7D,GAAG,CAAC,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,QAAQ,CAAC,CAAA;gBAClC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACvB,OAAO,CAAC,IAAI,CAAC,oBAAoB,OAAO,CAAC,MAAM,4CAA4C,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;gBAClH,CAAC;YACH,CAAC;YAED,yBAAyB;YACzB,KAAK,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,YAAY,EAAE,CAAC;gBAChE,MAAM,WAAW,GAAG,oBAAoB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAA;gBACtD,OAAO,CAAC,GAAG,CAAC,iBAAiB,QAAQ,KAAK,WAAW,EAAE,MAAM,IAAI,CAAC,2BAA2B,YAAY,CAAC,MAAM,WAAW,CAAC,CAAA;gBAE5H,IAAI,CAAC,WAAW,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;oBAC7C,MAAM,iBAAiB,GAAG,IAAA,yCAAuB,EAAC,OAAO,CAAC,CAAA;oBAC1D,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;wBAC9D,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,YAAY,EAAE,iBAAiB,CAAC,CAAA;wBAChH,SAAS,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;wBACxE,SAAS,CAAC,iBAAiB,IAAI,cAAc,CAAA;wBAC7C,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;4BAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW;gCAAE,SAAS,CAAC,iBAAiB,EAAE,CAAA;iCACxE,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY;gCAAE,SAAS,CAAC,kBAAkB,EAAE,CAAA;4BACpF,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;wBAC/B,CAAC;oBACH,CAAC;yBAAM,CAAC;wBACN,oFAAoF;wBACpF,OAAO,CAAC,IAAI,CAAC,sCAAsC,QAAQ,gBAAgB,YAAY,CAAC,MAAM,WAAW,CAAC,CAAA;wBAC1G,SAAS,CAAC,iBAAiB,IAAI,YAAY,CAAC,MAAM,CAAA;wBAClD,SAAS,CAAC,iBAAiB,IAAI,YAAY,CAAC,MAAM,CAAA;wBAClD,qDAAqD;oBACvD,CAAC;gBACH,CAAC;qBAAM,CAAC;oBACN,MAAM,EAAE,SAAS,EAAE,iBAAiB,EAAE,cAAc,EAAE,GAAG,IAAA,wCAAsB,EAAC,YAAY,EAAE,WAAW,CAAC,CAAA;oBAC1G,SAAS,CAAC,iBAAiB,IAAI,iBAAiB,CAAC,MAAM,GAAG,cAAc,CAAA;oBACxE,SAAS,CAAC,iBAAiB,IAAI,cAAc,CAAA;oBAC7C,KAAK,MAAM,SAAS,IAAI,iBAAiB,EAAE,CAAC;wBAC1C,IAAI,SAAS,CAAC,gBAAgB,KAAK,WAAW;4BAAE,SAAS,CAAC,iBAAiB,EAAE,CAAA;6BACxE,IAAI,SAAS,CAAC,gBAAgB,KAAK,YAAY;4BAAE,SAAS,CAAC,kBAAkB,EAAE,CAAA;wBACpF,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,CAAA;oBAC/B,CAAC;gBACH,CAAC;YACH,CAAC;QAEH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,KAAK,CAAC,sCAAsC,QAAQ,GAAG,EAAE,KAAK,CAAC,CAAA;YACvE,KAAK,MAAM,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,YAAY,EAAE,CAAC;gBACtD,KAAK,MAAM,CAAC,IAAI,YAAY,EAAE,CAAC;oBAC7B,aAAa,CAAC,IAAI,CAAC;wBACjB,GAAG,CAAC;wBACJ,aAAa,EAAE,KAAK;wBACpB,gBAAgB,EAAE,eAAmC;wBACrD,eAAe,EAAE,oCAAoC;qBACtD,CAAC,CAAA;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,aAAa,CAAA;IACtB,CAAC,CAAA;IAED,qCAAqC;IACrC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAA;IAC5B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,UAAU,CAAC,MAAM,EAAE,CAAC,IAAI,8BAAoB,EAAE,CAAC;QACjE,MAAM,aAAa,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,8BAAoB,CAAC,CAAA;QACnE,MAAM,SAAS,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAC/D,OAAO,CAAC,GAAG,CAAC,0CAA0C,SAAS,cAAc,CAAC,CAAA;QAE9E,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,aAAa,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAA;QAClE,KAAK,MAAM,YAAY,IAAI,OAAO,EAAE,CAAC;YACnC,iBAAiB,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,CAAA;QACzC,CAAC;QACD,eAAe,IAAI,aAAa,CAAC,MAAM,CAAA;IACzC,CAAC;IACD,MAAM,aAAa,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAA;IAE5C,8BAA8B;IAC9B,KAAK,CAAC,QAAQ,GAAG,SAAS,CAAC,QAAQ,CAAA;IACnC,KAAK,CAAC,oBAAoB,GAAG,SAAS,CAAC,oBAAoB,CAAA;IAC3D,KAAK,CAAC,qBAAqB,GAAG,SAAS,CAAC,qBAAqB,CAAA;IAC7D,KAAK,CAAC,eAAe,GAAG,SAAS,CAAC,eAAe,CAAA;IACjD,KAAK,CAAC,aAAa,GAAG,SAAS,CAAC,aAAa,CAAA;IAC7C,KAAK,CAAC,iBAAiB,GAAG,SAAS,CAAC,iBAAiB,CAAA;IACrD,KAAK,CAAC,iBAAiB,GAAG,SAAS,CAAC,iBAAiB,CAAA;IACrD,KAAK,CAAC,iBAAiB,GAAG,SAAS,CAAC,iBAAiB,CAAA;IACrD,KAAK,CAAC,kBAAkB,GAAG,SAAS,CAAC,kBAAkB,CAAA;IAEvD,2BAA2B;IAC3B,MAAM,oBAAoB,GAAG,KAAK,CAAC,mBAAmB,GAAG,KAAK,CAAC,eAAe,CAAA;IAC9E,KAAK,CAAC,YAAY,GAAG,oBAAoB,GAAG,CAAC;QAC3C,CAAC,CAAC,KAAK,CAAC,eAAe,GAAG,oBAAoB;QAC9C,CAAC,CAAC,CAAC,CAAA;IAEL,uBAAuB;IACvB,MAAM,gBAAgB,GAAG,WAAW,CAAC,MAAM,GAAG,CAAC;QAC7C,CAAC,CAAC,CAAC,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;QACjD,CAAC,CAAC,GAAG,CAAA;IACP,MAAM,gBAAgB,GAAG,CAAC,aAAa,GAAG,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAA;IAE1D,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAA;IACzC,OAAO,CAAC,GAAG,CAAC,uBAAuB,KAAK,CAAC,aAAa,EAAE,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IAC3D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,iBAAiB,EAAE,CAAC,CAAA;IACxD,OAAO,CAAC,GAAG,CAAC,mBAAmB,KAAK,CAAC,kBAAkB,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,kBAAkB,KAAK,CAAC,QAAQ,EAAE,CAAC,CAAA;IAC/C,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,yBAAyB,gBAAgB,GAAG,CAAC,CAAA;IACzD,OAAO,CAAC,GAAG,CAAC,4BAA4B,eAAe,EAAE,CAAC,CAAA;IAC1D,OAAO,CAAC,GAAG,CAAC,4BAA4B,gBAAgB,IAAI,CAAC,CAAA;IAC7D,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAA;IAC/B,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,oBAAoB,SAAS,CAAC,CAAA;IACxE,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,eAAe,SAAS,CAAC,CAAA;IAC5D,OAAO,CAAC,GAAG,CAAC,iBAAiB,KAAK,CAAC,qBAAqB,SAAS,CAAC,CAAA;IAClE,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAA;IAErE,OAAO,EAAE,eAAe,EAAE,iBAAiB,EAAE,KAAK,EAAE,CAAA;AACtD,CAAC;AAED;;GAEG;AACH,SAAgB,gBAAgB;IAC9B,oBAAoB,GAAG,IAAI,CAAA;AAC7B,CAAC"}
@@ -1,14 +1,21 @@
1
1
  /**
2
2
  * Request Builders for AI Validation
3
3
  *
4
- * Functions for building validation requests with full file context.
4
+ * Functions for building validation requests with full or scoped file context.
5
5
  */
6
6
  import type { Vulnerability, ScanFile } from '../../types';
7
7
  import type { ProjectContext } from '../../utils/project-context-builder';
8
+ import type { ExtractionConfig } from './utils/context-extractor';
9
+ export interface RequestBuilderOptions {
10
+ /** Context mode: 'full' sends entire file, 'scoped' extracts relevant regions (default: 'scoped') */
11
+ contextMode?: 'full' | 'scoped';
12
+ /** Override extraction config for scoped mode */
13
+ extractionConfig?: Partial<ExtractionConfig>;
14
+ }
8
15
  /**
9
- * Build a high-context validation request with full file content
16
+ * Build a high-context validation request with full or scoped file content
10
17
  */
11
- export declare function buildHighContextValidationRequest(file: ScanFile, findings: Vulnerability[], projectContext: ProjectContext): string;
18
+ export declare function buildHighContextValidationRequest(file: ScanFile, findings: Vulnerability[], projectContext: ProjectContext, options?: RequestBuilderOptions): string;
12
19
  /**
13
20
  * Build a multi-file validation request (Phase 2 optimization)
14
21
  * Batches multiple files into a single API call to reduce overhead
@@ -16,5 +23,5 @@ export declare function buildHighContextValidationRequest(file: ScanFile, findin
16
23
  export declare function buildMultiFileValidationRequest(fileDataList: Array<{
17
24
  file: ScanFile;
18
25
  findings: Vulnerability[];
19
- }>, projectContext: ProjectContext): string;
26
+ }>, projectContext: ProjectContext, options?: RequestBuilderOptions): string;
20
27
  //# sourceMappingURL=request-builder.d.ts.map