@oculum/scanner 1.0.14 → 1.0.15

package/dist/formatters/grouping.js

@@ -1,152 +0,0 @@
-"use strict";
-/**
- * Finding Grouping Logic
- * Groups and sorts vulnerabilities for workflow-friendly output
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.THEME_CONFIG = void 0;
-exports.getRiskTheme = getRiskTheme;
-exports.groupByTheme = groupByTheme;
-exports.limitPerGroup = limitPerGroup;
-exports.sortBySeverity = sortBySeverity;
-exports.getBlockingIssues = getBlockingIssues;
-exports.getActionableIssues = getActionableIssues;
-/**
- * Map categories to risk themes
- */
-function getRiskTheme(category) {
-    switch (category) {
-        case 'hardcoded_secret':
-        case 'high_entropy_string':
-        case 'sensitive_url':
-            return 'secrets';
-        case 'sql_injection':
-        case 'xss':
-        case 'command_injection':
-        case 'dangerous_function':
-            return 'injection';
-        case 'missing_auth':
-        case 'security_bypass':
-            return 'auth';
-        case 'ai_pattern':
-        case 'ai_prompt_injection':
-        case 'ai_unsafe_execution':
-        case 'ai_overpermissive_tool':
-            return 'ai';
-        case 'insecure_config':
-        case 'cors_misconfiguration':
-        case 'root_container':
-        case 'dangerous_file':
-        case 'weak_crypto':
-            return 'config';
-        case 'data_exposure':
-        case 'sensitive_variable':
-            return 'data';
-        default:
-            return 'other';
-    }
-}
-/**
- * Theme display names and icons
- */
-exports.THEME_CONFIG = {
-    secrets: { name: 'Secrets & Credentials', icon: '🔑', priority: 1 },
-    injection: { name: 'Injection Vulnerabilities', icon: '💉', priority: 2 },
-    auth: { name: 'Authentication Issues', icon: '🔒', priority: 3 },
-    ai: { name: 'AI Security', icon: '🤖', priority: 4 },
-    config: { name: 'Configuration Issues', icon: '⚙️', priority: 5 },
-    data: { name: 'Data Exposure', icon: '📊', priority: 6 },
-    other: { name: 'Other Issues', icon: '⚠️', priority: 7 },
-};
-/**
- * Severity sort order (higher = more severe)
- */
-const SEVERITY_ORDER = {
-    critical: 5,
-    high: 4,
-    medium: 3,
-    low: 2,
-    info: 1,
-};
-/**
- * Group vulnerabilities by risk theme
- */
-function groupByTheme(vulnerabilities) {
-    // Group by theme
-    const groups = new Map();
-    for (const vuln of vulnerabilities) {
-        const theme = getRiskTheme(vuln.category);
-        if (!groups.has(theme)) {
-            groups.set(theme, []);
-        }
-        groups.get(theme).push(vuln);
-    }
-    // Convert to array and sort
-    const result = [];
-    for (const [theme, findings] of groups) {
-        // Sort findings within group: severity desc, then confidence desc
-        findings.sort((a, b) => {
-            const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
-            if (severityDiff !== 0)
-                return severityDiff;
-            const confidenceOrder = { high: 3, medium: 2, low: 1 };
-            return confidenceOrder[b.confidence] - confidenceOrder[a.confidence];
-        });
-        // Count severities
-        const severityCounts = {
-            critical: 0,
-            high: 0,
-            medium: 0,
-            low: 0,
-            info: 0,
-        };
-        for (const f of findings) {
-            severityCounts[f.severity]++;
-        }
-        const config = exports.THEME_CONFIG[theme];
-        result.push({
-            theme,
-            themeName: config.name,
-            themeIcon: config.icon,
-            findings,
-            severityCounts,
-        });
-    }
-    // Sort groups by theme priority
-    result.sort((a, b) => exports.THEME_CONFIG[a.theme].priority - exports.THEME_CONFIG[b.theme].priority);
-    return result;
-}
-/**
- * Limit findings per group to avoid overwhelming output
- */
-function limitPerGroup(groups, maxPerGroup = 10) {
-    return groups.map(group => ({
-        ...group,
-        findings: group.findings.slice(0, maxPerGroup),
-    }));
-}
-/**
- * Get findings sorted by severity across all groups
- */
-function sortBySeverity(vulnerabilities) {
-    return [...vulnerabilities].sort((a, b) => {
-        const severityDiff = SEVERITY_ORDER[b.severity] - SEVERITY_ORDER[a.severity];
-        if (severityDiff !== 0)
-            return severityDiff;
-        const confidenceOrder = { high: 3, medium: 2, low: 1 };
-        return confidenceOrder[b.confidence] - confidenceOrder[a.confidence];
-    });
-}
-/**
- * Filter to only blocking issues (critical/high)
- */
-function getBlockingIssues(vulnerabilities) {
-    return vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high');
-}
-/**
- * Filter to actionable issues (medium and above)
- */
-function getActionableIssues(vulnerabilities) {
-    return vulnerabilities.filter(v => v.severity === 'critical' || v.severity === 'high' || v.severity === 'medium');
-}
-//# sourceMappingURL=grouping.js.map

package/dist/formatters/grouping.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"grouping.js","sourceRoot":"","sources":["../../src/formatters/grouping.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAmBH,oCAqCC;AAwCD,oCAmDC;AAKD,sCAKC;AAKD,wCAQC;AAKD,8CAEC;AAKD,kDAIC;AA1KD;;GAEG;AACH,SAAgB,YAAY,CAAC,QAA+B;IAC1D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,kBAAkB,CAAC;QACxB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,eAAe;YAClB,OAAO,SAAS,CAAA;QAElB,KAAK,eAAe,CAAC;QACrB,KAAK,KAAK,CAAC;QACX,KAAK,mBAAmB,CAAC;QACzB,KAAK,oBAAoB;YACvB,OAAO,WAAW,CAAA;QAEpB,KAAK,cAAc,CAAC;QACpB,KAAK,iBAAiB;YACpB,OAAO,MAAM,CAAA;QAEf,KAAK,YAAY,CAAC;QAClB,KAAK,qBAAqB,CAAC;QAC3B,KAAK,qBAAqB,CAAC;QAC3B,KAAK,wBAAwB;YAC3B,OAAO,IAAI,CAAA;QAEb,KAAK,iBAAiB,CAAC;QACvB,KAAK,uBAAuB,CAAC;QAC7B,KAAK,gBAAgB,CAAC;QACtB,KAAK,gBAAgB,CAAC;QACtB,KAAK,aAAa;YAChB,OAAO,QAAQ,CAAA;QAEjB,KAAK,eAAe,CAAC;QACrB,KAAK,oBAAoB;YACvB,OAAO,MAAM,CAAA;QAEf;YACE,OAAO,OAAO,CAAA;IAClB,CAAC;AACH,CAAC;AAED;;GAEG;AACU,QAAA,YAAY,GAAwE;IAC/F,OAAO,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACnE,SAAS,EAAE,EAAE,IAAI,EAAE,2BAA2B,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACzE,IAAI,EAAE,EAAE,IAAI,EAAE,uBAAuB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IAChE,EAAE,EAAE,EAAE,IAAI,EAAE,aAAa,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACpD,MAAM,EAAE,EAAE,IAAI,EAAE,sBAAsB,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACjE,IAAI,EAAE,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;IACxD,KAAK,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE,IAAI,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,EAAE;CACzD,CAAA;AAED;;GAEG;AACH,MAAM,cAAc,GAA0C;IAC5D,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAA;AAaD;;GAEG;AACH,SAAgB,YAAY,CAAC,eAAgC;IAC3D,iBAAiB;IACjB,MAAM,MAAM,GAAG,IAAI,GAAG,EAA8B,CAAA;IAEpD,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACzC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,EAAE,CAAC,CAAA;QACvB,CAAC;QACD,MAAM,CAAC,GAAG,CAAC,KAAK,CAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;IAC/B,CAAC;IAED,4BAA4B;IAC5B,MAAM,MAAM,GAAsB,EAAE,CAAA;IAEpC,KAAK,MAAM,CAAC,KAAK,EAAE,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC;QACvC,kEAAkE;QAClE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACrB,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;YAC5E,IAAI,YAAY,KAAK,CAAC;gBAAE,OAAO,YAAY,CAAA;YAE3C,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;YACtD,OAAO,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;QACtE,CAAC,CAAC,CAAA;QAEF,mBAAmB;QACnB,MAAM,cAAc,GAA0C;YAC5D,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,IAAI,EAAE,CAAC;SACR,CAAA;QACD,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAA;QAC9B,CAAC;QAED,MAAM,MAAM,GAAG,oBAAY,CAAC,KAAK,CAAC,CAAA;QAClC,MAAM,CAAC,IAAI,CAAC;YACV,KAAK;YACL,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,SAAS,EAAE,MAAM,CAAC,IAAI;YACtB,QAAQ;YACR,cAAc;SACf,CAAC,CAAA;IACJ,CAAC;IAED,gCAAgC;IAChC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,oBAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,GAAG,oBAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAA;IAEtF,OAAO,MAAM,CAAA;AACf,CAAC;AAED;;GAEG;AACH,SAAgB,aAAa,CAAC,MAAyB,EAAE,cAAsB,EAAE;IAC/E,OAAO,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1B,GAAG,KAAK;QACR,QAAQ,EAAE,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC;KAC/C,CAAC,CAAC,CAAA;AACL,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,eAAgC;IAC7D,OAAO,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACxC,MAAM,YAAY,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAA;QAC5E,IAAI,YAAY,KAAK,CAAC;YAAE,OAAO,YAAY,CAAA;QAE3C,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;QACtD,OAAO,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAA;IACtE,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAAC,eAAgC;IAChE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;AACxF,CAAC;AAED;;GAEG;AACH,SAAgB,mBAAmB,CAAC,eAAgC;IAClE,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAChC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAC9E,CAAA;AACH,CAAC"}

package/dist/formatters/ide/claude-code.d.ts

@@ -1,17 +0,0 @@
-/**
- * Claude Code IDE Integration
- * Generates CLAUDE.md section format
- */
-import type { ScanResult } from '../../types';
-/** Start marker for Oculum section in CLAUDE.md */
-export declare const OCULUM_SECTION_START = "<!-- OCULUM_SECURITY_START -->";
-/** End marker for Oculum section in CLAUDE.md */
-export declare const OCULUM_SECTION_END = "<!-- OCULUM_SECURITY_END -->";
-/**
- * Format scan result as CLAUDE.md section
- *
- * @param result - The scan result to format
- * @returns Markdown string with markers for CLAUDE.md
- */
-export declare function formatClaudeCodeSection(result: ScanResult): string;
-//# sourceMappingURL=claude-code.d.ts.map

package/dist/formatters/ide/claude-code.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"claude-code.d.ts","sourceRoot":"","sources":["../../../src/formatters/ide/claude-code.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAwC,MAAM,aAAa,CAAA;AAGnF,mDAAmD;AACnD,eAAO,MAAM,oBAAoB,mCAAmC,CAAA;AAEpE,iDAAiD;AACjD,eAAO,MAAM,kBAAkB,iCAAiC,CAAA;AAuBhE;;;;;GAKG;AACH,wBAAgB,uBAAuB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAoElE"}

package/dist/formatters/ide/claude-code.js

@@ -1,94 +0,0 @@
-"use strict";
-/**
- * Claude Code IDE Integration
- * Generates CLAUDE.md section format
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.OCULUM_SECTION_END = exports.OCULUM_SECTION_START = void 0;
-exports.formatClaudeCodeSection = formatClaudeCodeSection;
-const grouping_1 = require("../grouping");
-/** Start marker for Oculum section in CLAUDE.md */
-exports.OCULUM_SECTION_START = '<!-- OCULUM_SECURITY_START -->';
-/** End marker for Oculum section in CLAUDE.md */
-exports.OCULUM_SECTION_END = '<!-- OCULUM_SECURITY_END -->';
-/**
- * Get "ALWAYS" rule for a category
- */
-function getAlwaysRule(category) {
-    const rules = {
-        sql_injection: 'Use parameterized queries for all database operations',
-        xss: 'Escape or sanitize user input before rendering in HTML',
-        hardcoded_secret: 'Use environment variables for secrets and API keys',
-        high_entropy_string: 'Store credentials in secure vaults, not in code',
-        missing_auth: 'Add authentication middleware to API endpoints',
-        dangerous_function: 'Avoid eval() and exec() - use safe alternatives',
-        command_injection: 'Sanitize all input passed to shell commands',
-        data_exposure: 'Never log sensitive data or expose it in responses',
-        weak_crypto: 'Use modern cryptographic algorithms (SHA-256+, AES-256)',
-        ai_prompt_injection: 'Sanitize user input before including in prompts',
-        ai_unsafe_execution: 'Validate AI-generated code before execution',
-    };
-    return rules[category] || null;
-}
-/**
- * Format scan result as CLAUDE.md section
- *
- * @param result - The scan result to format
- * @returns Markdown string with markers for CLAUDE.md
- */
-function formatClaudeCodeSection(result) {
-    const { vulnerabilities, timestamp } = result;
-    // Sort by severity
-    const sorted = (0, grouping_1.sortBySeverity)(vulnerabilities);
-    let md = '';
-    // Section markers
-    md += `${exports.OCULUM_SECTION_START}\n`;
-    md += `## Security Issues (Auto-Generated)\n\n`;
-    md += `> Last scan: ${timestamp}\n\n`;
-    // No findings case
-    if (vulnerabilities.length === 0) {
-        md += `No security issues detected.\n\n`;
-        md += `Run \`oculum scan\` to scan for vulnerabilities.\n`;
-        md += `${exports.OCULUM_SECTION_END}\n`;
-        return md;
-    }
-    // Summary
-    const { severityCounts, hasBlockingIssues } = result;
-    if (hasBlockingIssues) {
-        md += `**BLOCKING ISSUES:** ${severityCounts.critical + severityCounts.high} issues must be fixed.\n\n`;
-    }
-    // DO NOT section - list findings
-    md += `**DO NOT** ignore these findings:\n\n`;
-    let count = 0;
-    for (const vuln of sorted.slice(0, 10)) {
-        count++;
-        const severityLabel = vuln.severity === 'critical' ? 'CRITICAL' :
-            vuln.severity === 'high' ? 'HIGH' :
-                vuln.severity.toUpperCase();
-        md += `${count}. **${vuln.title}** [${severityLabel}] in \`${vuln.filePath}:${vuln.lineNumber}\`\n`;
-    }
-    if (sorted.length > 10) {
-        md += `\n... and ${sorted.length - 10} more issues.\n`;
-    }
-    md += '\n';
-    // ALWAYS section - best practices
-    const alwaysRules = new Set();
-    for (const vuln of vulnerabilities) {
-        const rule = getAlwaysRule(vuln.category);
-        if (rule) {
-            alwaysRules.add(rule);
-        }
-    }
-    if (alwaysRules.size > 0) {
-        md += `**ALWAYS:**\n`;
-        for (const rule of alwaysRules) {
-            md += `- ${rule}\n`;
-        }
-        md += '\n';
-    }
-    // Verification instructions
-    md += `Run \`oculum scan\` to verify fixes.\n`;
-    md += `${exports.OCULUM_SECTION_END}\n`;
-    return md;
-}
-//# sourceMappingURL=claude-code.js.map

package/dist/formatters/ide/claude-code.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"claude-code.js","sourceRoot":"","sources":["../../../src/formatters/ide/claude-code.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;AAsCH,0DAoEC;AAvGD,0CAA4C;AAE5C,mDAAmD;AACtC,QAAA,oBAAoB,GAAG,gCAAgC,CAAA;AAEpE,iDAAiD;AACpC,QAAA,kBAAkB,GAAG,8BAA8B,CAAA;AAEhE;;GAEG;AACH,SAAS,aAAa,CAAC,QAA+B;IACpD,MAAM,KAAK,GAAmD;QAC5D,aAAa,EAAE,uDAAuD;QACtE,GAAG,EAAE,wDAAwD;QAC7D,gBAAgB,EAAE,oDAAoD;QACtE,mBAAmB,EAAE,iDAAiD;QACtE,YAAY,EAAE,gDAAgD;QAC9D,kBAAkB,EAAE,iDAAiD;QACrE,iBAAiB,EAAE,6CAA6C;QAChE,aAAa,EAAE,oDAAoD;QACnE,WAAW,EAAE,yDAAyD;QACtE,mBAAmB,EAAE,iDAAiD;QACtE,mBAAmB,EAAE,6CAA6C;KACnE,CAAA;IAED,OAAO,KAAK,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAA;AAChC,CAAC;AAED;;;;;GAKG;AACH,SAAgB,uBAAuB,CAAC,MAAkB;IACxD,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;IAE7C,mBAAmB;IACnB,MAAM,MAAM,GAAG,IAAA,yBAAc,EAAC,eAAe,CAAC,CAAA;IAE9C,IAAI,EAAE,GAAG,EAAE,CAAA;IAEX,kBAAkB;IAClB,EAAE,IAAI,GAAG,4BAAoB,IAAI,CAAA;IACjC,EAAE,IAAI,yCAAyC,CAAA;IAC/C,EAAE,IAAI,gBAAgB,SAAS,MAAM,CAAA;IAErC,mBAAmB;IACnB,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,EAAE,IAAI,kCAAkC,CAAA;QACxC,EAAE,IAAI,oDAAoD,CAAA;QAC1D,EAAE,IAAI,GAAG,0BAAkB,IAAI,CAAA;QAC/B,OAAO,EAAE,CAAA;IACX,CAAC;IAED,UAAU;IACV,MAAM,EAAE,cAAc,EAAE,iBAAiB,EAAE,GAAG,MAAM,CAAA;IACpD,IAAI,iBAAiB,EAAE,CAAC;QACtB,EAAE,IAAI,wBAAwB,cAAc,CAAC,QAAQ,GAAG,cAAc,CAAC,IAAI,4BAA4B,CAAA;IACzG,CAAC;IAED,iCAAiC;IACjC,EAAE,IAAI,uCAAuC,CAAA;IAE7C,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;QACvC,KAAK,EAAE,CAAA;QACP,MAAM,aAAa,GACjB,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;YAC3C,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;gBACnC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;QAE7B,EAAE,IAAI,GAAG,KAAK,OAAO,IAAI,CAAC,KAAK,OAAO,aAAa,UAAU,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,MAAM,CAAA;IACrG,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;QACvB,EAAE,IAAI,aAAa,MAAM,CAAC,MAAM,GAAG,EAAE,iBAAiB,CAAA;IACxD,CAAC;IACD,EAAE,IAAI,IAAI,CAAA;IAEV,kCAAkC;IAClC,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAA;IACrC,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAA;QACzC,IAAI,IAAI,EAAE,CAAC;YACT,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;QACvB,CAAC;IACH,CAAC;IAED,IAAI,WAAW,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACzB,EAAE,IAAI,eAAe,CAAA;QACrB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,EAAE,IAAI,KAAK,IAAI,IAAI,CAAA;QACrB,CAAC;QACD,EAAE,IAAI,IAAI,CAAA;IACZ,CAAC;IAED,4BAA4B;IAC5B,EAAE,IAAI,wCAAwC,CAAA;IAC9C,EAAE,IAAI,GAAG,0BAAkB,IAAI,CAAA;IAE/B,OAAO,EAAE,CAAA;AACX,CAAC"}

package/dist/formatters/ide/cursor.d.ts

@@ -1,13 +0,0 @@
-/**
- * Cursor IDE Integration
- * Generates .cursor/rules/security.mdc format
- */
-import type { ScanResult } from '../../types';
-/**
- * Format scan result as Cursor MDC rules
- *
- * @param result - The scan result to format
- * @returns MDC format string for .cursor/rules/security.mdc
- */
-export declare function formatCursorRules(result: ScanResult): string;
-//# sourceMappingURL=cursor.d.ts.map

package/dist/formatters/ide/cursor.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"cursor.d.ts","sourceRoot":"","sources":["../../../src/formatters/ide/cursor.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,UAAU,EAAiB,MAAM,aAAa,CAAA;AAwE5D;;;;;GAKG;AACH,wBAAgB,iBAAiB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA+D5D"}

package/dist/formatters/ide/cursor.js

@@ -1,125 +0,0 @@
-"use strict";
-/**
- * Cursor IDE Integration
- * Generates .cursor/rules/security.mdc format
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.formatCursorRules = formatCursorRules;
-const grouping_1 = require("../grouping");
-/**
- * Extract unique directory paths from vulnerabilities for glob patterns
- */
-function extractGlobPatterns(vulnerabilities) {
-    const directories = new Set();
-    for (const vuln of vulnerabilities) {
-        // Get directory path (e.g., 'src/api' from 'src/api/users.ts')
-        const parts = vuln.filePath.split('/');
-        if (parts.length > 1) {
-            // Take up to 2 levels of directory
-            const dir = parts.slice(0, Math.min(parts.length - 1, 2)).join('/');
-            directories.add(`${dir}/**`);
-        }
-    }
-    return Array.from(directories).sort();
-}
-/**
- * Format fix pattern (DO NOT / DO) for a vulnerability
- */
-function formatFixPattern(vuln) {
-    const category = vuln.category;
-    let md = '';
-    // Common patterns by category
-    switch (category) {
-        case 'sql_injection':
-            md += `**DO NOT** concatenate user input into SQL queries.\n\n`;
-            md += `\`\`\`typescript\n// BAD\nconst query = \`SELECT * FROM users WHERE id = \${userId}\`\n\n// GOOD\nconst query = 'SELECT * FROM users WHERE id = ?'\n\`\`\`\n`;
-            break;
-        case 'xss':
-            md += `**DO NOT** insert user input into HTML without escaping.\n\n`;
-            md += `\`\`\`typescript\n// BAD\nelement.innerHTML = userInput\n\n// GOOD\nelement.textContent = userInput\n\`\`\`\n`;
-            break;
-        case 'hardcoded_secret':
-        case 'high_entropy_string':
-            md += `**DO NOT** hardcode secrets or API keys in source code.\n\n`;
-            md += `\`\`\`typescript\n// BAD\nconst apiKey = 'sk-abc123...'\n\n// GOOD\nconst apiKey = process.env.API_KEY\n\`\`\`\n`;
-            break;
-        case 'missing_auth':
-            md += `**DO NOT** expose endpoints without authentication.\n\n`;
-            md += `\`\`\`typescript\n// BAD\napp.get('/api/data', handler)\n\n// GOOD\napp.get('/api/data', authMiddleware, handler)\n\`\`\`\n`;
-            break;
-        case 'dangerous_function':
-            md += `**DO NOT** use eval() or similar dangerous functions with user input.\n\n`;
-            md += `\`\`\`typescript\n// BAD\neval(userInput)\n\n// GOOD\nJSON.parse(userInput)\n\`\`\`\n`;
-            break;
-        default:
-            // Generic fix pattern
-            if (vuln.fixSteps && vuln.fixSteps.length > 0) {
-                md += `**FIX:**\n`;
-                vuln.fixSteps.forEach((step, i) => {
-                    md += `${i + 1}. ${step}\n`;
-                });
-            }
-            else if (vuln.suggestedFix) {
-                md += `**FIX:** ${vuln.suggestedFix}\n`;
-            }
-    }
-    return md;
-}
-/**
- * Format scan result as Cursor MDC rules
- *
- * @param result - The scan result to format
- * @returns MDC format string for .cursor/rules/security.mdc
- */
-function formatCursorRules(result) {
-    const { vulnerabilities, timestamp } = result;
-    // Sort by severity
-    const sorted = (0, grouping_1.sortBySeverity)(vulnerabilities);
-    // Extract glob patterns
-    const globs = extractGlobPatterns(sorted);
-    let md = '';
-    // MDC Frontmatter
-    md += `---\n`;
-    md += `description: Oculum Security Findings\n`;
-    if (globs.length > 0) {
-        md += `globs: "${globs.join(',')}"\n`;
-    }
-    md += `alwaysApply: false\n`;
-    md += `---\n\n`;
-    // No findings case
-    if (vulnerabilities.length === 0) {
-        md += `# Security Scan Results\n\n`;
-        md += `No security issues found. Last scan: ${timestamp}\n\n`;
-        md += `*Run \`oculum scan --cursor --clear\` to remove this file.*\n`;
-        return md;
-    }
-    // Header
-    md += `# Security Issues (${vulnerabilities.length})\n\n`;
-    md += `> Last scan: ${timestamp}\n\n`;
-    // Group by severity
-    const bySeverity = new Map();
-    for (const vuln of sorted) {
-        const group = bySeverity.get(vuln.severity) || [];
-        group.push(vuln);
-        bySeverity.set(vuln.severity, group);
-    }
-    // Output by severity
-    for (const [severity, vulns] of bySeverity) {
-        md += `## ${severity.toUpperCase()} (${vulns.length})\n\n`;
-        for (const vuln of vulns.slice(0, 10)) {
-            md += `### ${vuln.title}\n\n`;
-            md += `**File:** \`${vuln.filePath}:${vuln.lineNumber}\`\n\n`;
-            // Add fix pattern
-            md += formatFixPattern(vuln);
-            md += '\n';
-        }
-        if (vulns.length > 10) {
-            md += `> + ${vulns.length - 10} more ${severity} issues\n\n`;
-        }
-    }
-    // Footer
-    md += `---\n\n`;
-    md += `*Run \`oculum scan --cursor --clear\` after fixing to remove this file.*\n`;
-    return md;
-}
-//# sourceMappingURL=cursor.js.map

package/dist/formatters/ide/cursor.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"cursor.js","sourceRoot":"","sources":["../../../src/formatters/ide/cursor.ts"],"names":[],"mappings":";AAAA;;;GAGG;;AAgFH,8CA+DC;AA5ID,0CAA4C;AAE5C;;GAEG;AACH,SAAS,mBAAmB,CAAC,eAAgC;IAC3D,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAA;IAErC,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,+DAA+D;QAC/D,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;QACtC,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrB,mCAAmC;YACnC,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;YACnE,WAAW,CAAC,GAAG,CAAC,GAAG,GAAG,KAAK,CAAC,CAAA;QAC9B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,EAAE,CAAA;AACvC,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,IAAmB;IAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;IAC9B,IAAI,EAAE,GAAG,EAAE,CAAA;IAEX,8BAA8B;IAC9B,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,eAAe;YAClB,EAAE,IAAI,yDAAyD,CAAA;YAC/D,EAAE,IAAI,8JAA8J,CAAA;YACpK,MAAK;QAEP,KAAK,KAAK;YACR,EAAE,IAAI,8DAA8D,CAAA;YACpE,EAAE,IAAI,+GAA+G,CAAA;YACrH,MAAK;QAEP,KAAK,kBAAkB,CAAC;QACxB,KAAK,qBAAqB;YACxB,EAAE,IAAI,6DAA6D,CAAA;YACnE,EAAE,IAAI,kHAAkH,CAAA;YACxH,MAAK;QAEP,KAAK,cAAc;YACjB,EAAE,IAAI,yDAAyD,CAAA;YAC/D,EAAE,IAAI,6HAA6H,CAAA;YACnI,MAAK;QAEP,KAAK,oBAAoB;YACvB,EAAE,IAAI,2EAA2E,CAAA;YACjF,EAAE,IAAI,uFAAuF,CAAA;YAC7F,MAAK;QAEP;YACE,sBAAsB;YACtB,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC9C,EAAE,IAAI,YAAY,CAAA;gBAClB,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;oBAChC,EAAE,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,IAAI,IAAI,CAAA;gBAC7B,CAAC,CAAC,CAAA;YACJ,CAAC;iBAAM,IAAI,IAAI,CAAC,YAAY,EAAE,CAAC;gBAC7B,EAAE,IAAI,YAAY,IAAI,CAAC,YAAY,IAAI,CAAA;YACzC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,CAAA;AACX,CAAC;AAED;;;;;GAKG;AACH,SAAgB,iBAAiB,CAAC,MAAkB;IAClD,MAAM,EAAE,eAAe,EAAE,SAAS,EAAE,GAAG,MAAM,CAAA;IAE7C,mBAAmB;IACnB,MAAM,MAAM,GAAG,IAAA,yBAAc,EAAC,eAAe,CAAC,CAAA;IAE9C,wBAAwB;IACxB,MAAM,KAAK,GAAG,mBAAmB,CAAC,MAAM,CAAC,CAAA;IAEzC,IAAI,EAAE,GAAG,EAAE,CAAA;IAEX,kBAAkB;IAClB,EAAE,IAAI,OAAO,CAAA;IACb,EAAE,IAAI,yCAAyC,CAAA;IAC/C,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACrB,EAAE,IAAI,WAAW,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,KAAK,CAAA;IACvC,CAAC;IACD,EAAE,IAAI,sBAAsB,CAAA;IAC5B,EAAE,IAAI,SAAS,CAAA;IAEf,mBAAmB;IACnB,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,EAAE,IAAI,6BAA6B,CAAA;QACnC,EAAE,IAAI,wCAAwC,SAAS,MAAM,CAAA;QAC7D,EAAE,IAAI,+DAA+D,CAAA;QACrE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,SAAS;IACT,EAAE,IAAI,sBAAsB,eAAe,CAAC,MAAM,OAAO,CAAA;IACzD,EAAE,IAAI,gBAAgB,SAAS,MAAM,CAAA;IAErC,oBAAoB;IACpB,MAAM,UAAU,GAAG,IAAI,GAAG,EAA2B,CAAA;IACrD,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAA;QACjD,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAA;QAChB,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAA;IACtC,CAAC;IAED,qBAAqB;IACrB,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,UAAU,EAAE,CAAC;QAC3C,EAAE,IAAI,MAAM,QAAQ,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,MAAM,OAAO,CAAA;QAE1D,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;YACtC,EAAE,IAAI,OAAO,IAAI,CAAC,KAAK,MAAM,CAAA;YAC7B,EAAE,IAAI,eAAe,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,UAAU,QAAQ,CAAA;YAE7D,kBAAkB;YAClB,EAAE,IAAI,gBAAgB,CAAC,IAAI,CAAC,CAAA;YAC5B,EAAE,IAAI,IAAI,CAAA;QACZ,CAAC;QAED,IAAI,KAAK,CAAC,MAAM,GAAG,EAAE,EAAE,CAAC;YACtB,EAAE,IAAI,OAAO,KAAK,CAAC,MAAM,GAAG,EAAE,SAAS,QAAQ,aAAa,CAAA;QAC9D,CAAC;IACH,CAAC;IAED,SAAS;IACT,EAAE,IAAI,SAAS,CAAA;IACf,EAAE,IAAI,4EAA4E,CAAA;IAElF,OAAO,EAAE,CAAA;AACX,CAAC"}

package/dist/formatters/ide/index.d.ts

@@ -1,62 +0,0 @@
-/**
- * IDE Integration Module
- * Exports formatters and utilities for IDE-specific config files
- */
-export { formatCursorRules } from './cursor';
-export { formatWindsurfRules } from './windsurf';
-export { formatClaudeCodeSection, OCULUM_SECTION_START, OCULUM_SECTION_END } from './claude-code';
-/** Supported IDE types */
-export type IDEType = 'cursor' | 'windsurf' | 'claude-code';
-/** Default file paths for each IDE */
-export declare const IDE_FILE_PATHS: Record<IDEType, string>;
-/** Result of a file write operation */
-export interface WriteIDEFileResult {
-    success: boolean;
-    path: string;
-    error?: string;
-}
-/** Result of a file clear operation */
-export interface ClearIDEFilesResult {
-    success: boolean;
-    clearedFiles: string[];
-    errors: string[];
-}
-/**
- * Detect which IDE configurations exist in the project
- *
- * @param projectPath - Path to the project root
- * @returns Array of detected IDE types
- */
-export declare function detectIDEConfigs(projectPath: string): IDEType[];
-/**
- * Write an IDE-specific file
- *
- * @param projectPath - Path to the project root
- * @param relativePath - Relative path for the file
- * @param content - Content to write
- * @returns Result object
- */
-export declare function writeIDEFile(projectPath: string, relativePath: string, content: string): WriteIDEFileResult;
-/**
- * Update the Oculum section in CLAUDE.md
- * Replaces content between OCULUM_SECURITY_START and OCULUM_SECURITY_END markers
- * If markers don't exist, appends the section at the end
- *
- * @param projectPath - Path to the project root
- * @param section - The section content (including markers)
- * @returns Result object
- */
-export declare function updateClaudeMdSection(projectPath: string, section: string): WriteIDEFileResult;
-/**
- * Clear IDE rule files
- *
- * @param projectPath - Path to the project root
- * @param types - Optional array of IDE types to clear. If not provided, clears all.
- * @returns Result object with list of cleared files
- */
-export declare function clearIDEFiles(projectPath: string, types?: IDEType[]): ClearIDEFilesResult;
-/**
- * Get the default file path for an IDE type
- */
-export declare function getIDEFilePath(ide: IDEType): string;
-//# sourceMappingURL=index.d.ts.map

package/dist/formatters/ide/index.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/formatters/ide/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAMH,OAAO,EAAE,iBAAiB,EAAE,MAAM,UAAU,CAAA;AAC5C,OAAO,EAAE,mBAAmB,EAAE,MAAM,YAAY,CAAA;AAChD,OAAO,EAAE,uBAAuB,EAAE,oBAAoB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAA;AAEjG,0BAA0B;AAC1B,MAAM,MAAM,OAAO,GAAG,QAAQ,GAAG,UAAU,GAAG,aAAa,CAAA;AAE3D,sCAAsC;AACtC,eAAO,MAAM,cAAc,EAAE,MAAM,CAAC,OAAO,EAAE,MAAM,CAIlD,CAAA;AAED,uCAAuC;AACvC,MAAM,WAAW,kBAAkB;IACjC,OAAO,EAAE,OAAO,CAAA;IAChB,IAAI,EAAE,MAAM,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;CACf;AAED,uCAAuC;AACvC,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,OAAO,CAAA;IAChB,YAAY,EAAE,MAAM,EAAE,CAAA;IACtB,MAAM,EAAE,MAAM,EAAE,CAAA;CACjB;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,WAAW,EAAE,MAAM,GAAG,OAAO,EAAE,CAmB/D;AAED;;;;;;;GAOG;AACH,wBAAgB,YAAY,CAC1B,WAAW,EAAE,MAAM,EACnB,YAAY,EAAE,MAAM,EACpB,OAAO,EAAE,MAAM,GACd,kBAAkB,CAqBpB;AAED;;;;;;;;GAQG;AACH,wBAAgB,qBAAqB,CACnC,WAAW,EAAE,MAAM,EACnB,OAAO,EAAE,MAAM,GACd,kBAAkB,CAwCpB;AAED;;;;;;GAMG;AACH,wBAAgB,aAAa,CAC3B,WAAW,EAAE,MAAM,EACnB,KAAK,CAAC,EAAE,OAAO,EAAE,GAChB,mBAAmB,CA6CrB;AAED;;GAEG;AACH,wBAAgB,cAAc,CAAC,GAAG,EAAE,OAAO,GAAG,MAAM,CAEnD"}