@oculum/scanner 1.0.14 → 1.0.15

package/dist/utils/environment-context.js

@@ -1,271 +0,0 @@
-"use strict";
-/**
- * Environment Context Utility
- * Understands file PURPOSE by path to reduce false positives
- *
- * This addresses false positives where localhost URLs in email templates,
- * dev scripts, and test environments are flagged as production issues.
- *
- * Key insight: The same code pattern may be fine in one context but
- * problematic in another. Context determines severity.
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.getEnvironmentContext = getEnvironmentContext;
-exports.isInPlaceholderAttribute = isInPlaceholderAttribute;
-exports.isDefaultParameterValue = isDefaultParameterValue;
-exports.isDevOnlyContext = isDevOnlyContext;
-exports.allowsTestCredentials = allowsTestCredentials;
-exports.allowsLocalhostUrls = allowsLocalhostUrls;
-exports.getLocalhostSeverity = getLocalhostSeverity;
-/**
- * Email template patterns - localhost is used for local preview
- */
-const EMAIL_TEMPLATE_PATTERNS = [
-    /packages\/email\//i,
-    /templates\/email\//i,
-    /email-templates?\//i,
-    /mail-templates?\//i,
-    /emails?\/(templates?|components?)\//i,
-    /\/email\/.*\.(tsx?|jsx?)$/i,
-    /react-email/i,
-    /mjml/i,
-];
-/**
- * Test/testing directory patterns
- */
-const TEST_PATTERNS = [
-    /\/testing\//i,
-    /\/test\//i,
-    /\/tests\//i,
-    /\/__tests__\//i,
-    /\.test\./i,
-    /\.spec\./i,
-    /\/e2e\//i,
-    /\/cypress\//i,
-    /\/playwright\//i,
-    /\/fixtures?\//i,
-    /\/mocks?\//i,
-    /testdata\//i,
-    /test-data\//i,
-    /\/stubs?\//i,
-];
-/**
- * Development scripts and tooling patterns
- */
-const DEV_TOOLING_PATTERNS = [
-    /scripts?\//i,
-    /bin\//i,
-    /tools?\//i,
-    /cli\//i,
-    /-dev\./i,
-    /\.dev\./i,
-    /dev-server/i,
-    /dev-tools?\//i,
-    /devtools?\//i,
-    /\.sh$/i,
-    /Makefile$/i,
-    /docker-compose\.dev/i,
-    /docker-compose\.local/i,
-    /\.development\./i,
-    /\.local\./i,
-];
-/**
- * Documentation and example patterns
- */
-const DOCUMENTATION_PATTERNS = [
-    /README/i,
-    /\.md$/i,
-    /\.mdx$/i,
-    /\/docs\//i,
-    /\/documentation\//i,
-    /\/examples?\//i,
-    /\/demos?\//i,
-    /\/tutorials?\//i,
-    /\/guides?\//i,
-    /\/samples?\//i,
-    /\/quickstart\//i,
-];
-/**
- * Get the environment context for a file
- *
- * @param filePath - The full file path
- * @returns EnvironmentContext with context information
- */
-function getEnvironmentContext(filePath) {
-    // Email templates - localhost for preview
-    if (EMAIL_TEMPLATE_PATTERNS.some(pattern => pattern.test(filePath))) {
-        return {
-            fileType: 'template',
-            allowsLocalhostDefaults: true,
-            allowsPlaceholderUrls: true,
-            allowsTestCredentials: false,
-            reason: 'Email template file - localhost used for local preview',
-        };
-    }
-    // Test/testing directories
-    if (TEST_PATTERNS.some(pattern => pattern.test(filePath))) {
-        return {
-            fileType: 'test',
-            allowsLocalhostDefaults: true,
-            allowsPlaceholderUrls: true,
-            allowsTestCredentials: true,
-            reason: 'Test/testing file - mock data expected',
-        };
-    }
-    // Dev scripts and tooling
-    if (DEV_TOOLING_PATTERNS.some(pattern => pattern.test(filePath))) {
-        return {
-            fileType: 'tooling',
-            allowsLocalhostDefaults: true,
-            allowsPlaceholderUrls: true,
-            allowsTestCredentials: false,
-            reason: 'Development tooling file',
-        };
-    }
-    // Documentation and examples
-    if (DOCUMENTATION_PATTERNS.some(pattern => pattern.test(filePath))) {
-        return {
-            fileType: 'documentation',
-            allowsLocalhostDefaults: true,
-            allowsPlaceholderUrls: true,
-            allowsTestCredentials: false,
-            reason: 'Documentation or example file',
-        };
-    }
-    // Development environment config files
-    if (/\.env\.local$|\.env\.development$|\.env\.dev$/i.test(filePath)) {
-        return {
-            fileType: 'development',
-            allowsLocalhostDefaults: true,
-            allowsPlaceholderUrls: false,
-            allowsTestCredentials: false,
-            reason: 'Development environment config',
-        };
-    }
-    // Default: production context
-    return {
-        fileType: 'production',
-        allowsLocalhostDefaults: false,
-        allowsPlaceholderUrls: false,
-        allowsTestCredentials: false,
-    };
-}
-/**
- * Check if a line contains a URL in a placeholder attribute context
- * e.g., placeholder="https://example.com"
- *
- * @param line - The line content to check
- * @returns true if the URL is in a placeholder attribute
- */
-function isInPlaceholderAttribute(line) {
-    // HTML/JSX placeholder attribute
-    const placeholderPatterns = [
-        /placeholder\s*=\s*["'][^"']*https?:\/\//i,
-        /placeholder\s*=\s*\{["'][^"']*https?:\/\//i,
-        /placeholder:\s*["'][^"']*https?:\/\//i,
-        /helperText\s*=\s*["'][^"']*https?:\/\//i,
-        /hint\s*=\s*["'][^"']*https?:\/\//i,
-        /example\s*=\s*["'][^"']*https?:\/\//i,
-    ];
-    return placeholderPatterns.some(pattern => pattern.test(line));
-}
-/**
- * Check if a localhost URL is a default parameter value
- * e.g., function foo(url = 'http://localhost')
- *
- * @param line - The line content to check
- * @returns true if localhost is used as a default parameter
- */
-function isDefaultParameterValue(line) {
-    const defaultPatterns = [
-        // Function parameter default: function foo(url = 'http://localhost')
-        /function\s+\w+\s*\([^)]*=\s*['"]https?:\/\/(localhost|127\.0\.0\.1)/i,
-        // Arrow function default
-        /\([^)]*=\s*['"]https?:\/\/(localhost|127\.0\.0\.1)/i,
-        // Variable with fallback: const url = process.env.X || 'http://localhost'
-        /=\s*process\.env\.\w+\s*\|\|\s*['"]https?:\/\/(localhost|127\.0\.0\.1)/i,
-        /=\s*import\.meta\.env\.\w+\s*\|\|\s*['"]https?:\/\/(localhost|127\.0\.0\.1)/i,
-        // Nullish coalescing: process.env.X ?? 'http://localhost'
-        /=\s*process\.env\.\w+\s*\?\?\s*['"]https?:\/\/(localhost|127\.0\.0\.1)/i,
-        /=\s*import\.meta\.env\.\w+\s*\?\?\s*['"]https?:\/\/(localhost|127\.0\.0\.1)/i,
-    ];
-    return defaultPatterns.some(pattern => pattern.test(line));
-}
-/**
- * Check if a URL is in a clearly development-only context
- *
- * @param line - The line content
- * @param filePath - The file path
- * @returns true if the URL is in a dev-only context
- */
-function isDevOnlyContext(line, filePath) {
-    const context = getEnvironmentContext(filePath);
-    // If the file type is not production, it's dev-only
-    if (context.fileType !== 'production') {
-        return true;
-    }
-    // Check for inline dev-only indicators
-    const devOnlyPatterns = [
-        /if\s*\(\s*process\.env\.NODE_ENV\s*[!=]==?\s*['"]development['"]/i,
-        /if\s*\(\s*!?\s*production\s*\)/i,
-        /if\s*\(\s*dev\s*\)/i,
-        /if\s*\(\s*isDev\s*\)/i,
-        /if\s*\(\s*isLocal\s*\)/i,
-        /\/\/\s*(dev|development|local)\s*(only|mode)/i,
-        /\*\s*(dev|development|local)\s*(only|mode)/i,
-    ];
-    return devOnlyPatterns.some(pattern => pattern.test(line));
-}
-/**
- * Check if a password/credential is acceptable in this context
- *
- * @param filePath - The file path
- * @returns true if test credentials are acceptable
- */
-function allowsTestCredentials(filePath) {
-    const context = getEnvironmentContext(filePath);
-    return context.allowsTestCredentials;
-}
-/**
- * Check if localhost URLs are expected in this file
- *
- * @param filePath - The file path
- * @returns true if localhost is expected/acceptable
- */
-function allowsLocalhostUrls(filePath) {
-    const context = getEnvironmentContext(filePath);
-    return context.allowsLocalhostDefaults;
-}
-/**
- * Determine severity for a localhost finding based on context
- *
- * @param filePath - The file path
- * @param line - The line content
- * @returns Recommended severity for the finding
- */
-function getLocalhostSeverity(filePath, line) {
-    const context = getEnvironmentContext(filePath);
-    // Production env files with localhost = high severity
-    if (/\.env\.prod|\.env\.production/i.test(filePath)) {
-        return 'high';
-    }
-    // File context allows localhost = info
-    if (context.allowsLocalhostDefaults) {
-        return 'info';
-    }
-    // Default parameter / fallback pattern = info
-    if (isDefaultParameterValue(line)) {
-        return 'info';
-    }
-    // Placeholder attribute = info
-    if (isInPlaceholderAttribute(line)) {
-        return 'info';
-    }
-    // Dev-only code block = info
-    if (isDevOnlyContext(line, filePath)) {
-        return 'info';
-    }
-    // Default for production code = medium
-    return 'medium';
-}
-//# sourceMappingURL=environment-context.js.map

package/dist/utils/environment-context.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"environment-context.js","sourceRoot":"","sources":["../../src/utils/environment-context.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;AA6FH,sDA+DC;AASD,4DAYC;AASD,0DAeC;AASD,4CAoBC;AAQD,sDAGC;AAQD,kDAGC;AASD,oDAiCC;AAvRD;;GAEG;AACH,MAAM,uBAAuB,GAAG;IAC9B,oBAAoB;IACpB,qBAAqB;IACrB,qBAAqB;IACrB,oBAAoB;IACpB,sCAAsC;IACtC,4BAA4B;IAC5B,cAAc;IACd,OAAO;CACR,CAAA;AAED;;GAEG;AACH,MAAM,aAAa,GAAG;IACpB,cAAc;IACd,WAAW;IACX,YAAY;IACZ,gBAAgB;IAChB,WAAW;IACX,WAAW;IACX,UAAU;IACV,cAAc;IACd,iBAAiB;IACjB,gBAAgB;IAChB,aAAa;IACb,aAAa;IACb,cAAc;IACd,aAAa;CACd,CAAA;AAED;;GAEG;AACH,MAAM,oBAAoB,GAAG;IAC3B,aAAa;IACb,QAAQ;IACR,WAAW;IACX,QAAQ;IACR,SAAS;IACT,UAAU;IACV,aAAa;IACb,eAAe;IACf,cAAc;IACd,QAAQ;IACR,YAAY;IACZ,sBAAsB;IACtB,wBAAwB;IACxB,kBAAkB;IAClB,YAAY;CACb,CAAA;AAED;;GAEG;AACH,MAAM,sBAAsB,GAAG;IAC7B,SAAS;IACT,QAAQ;IACR,SAAS;IACT,WAAW;IACX,oBAAoB;IACpB,gBAAgB;IAChB,aAAa;IACb,iBAAiB;IACjB,cAAc;IACd,eAAe;IACf,iBAAiB;CAClB,CAAA;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,QAAgB;IACpD,0CAA0C;IAC1C,IAAI,uBAAuB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACpE,OAAO;YACL,QAAQ,EAAE,UAAU;YACpB,uBAAuB,EAAE,IAAI;YAC7B,qBAAqB,EAAE,IAAI;YAC3B,qBAAqB,EAAE,KAAK;YAC5B,MAAM,EAAE,wDAAwD;SACjE,CAAA;IACH,CAAC;IAED,2BAA2B;IAC3B,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QAC1D,OAAO;YACL,QAAQ,EAAE,MAAM;YAChB,uBAAuB,EAAE,IAAI;YAC7B,qBAAqB,EAAE,IAAI;YAC3B,qBAAqB,EAAE,IAAI;YAC3B,MAAM,EAAE,wCAAwC;SACjD,CAAA;IACH,CAAC;IAED,0BAA0B;IAC1B,IAAI,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACjE,OAAO;YACL,QAAQ,EAAE,SAAS;YACnB,uBAAuB,EAAE,IAAI;YAC7B,qBAAqB,EAAE,IAAI;YAC3B,qBAAqB,EAAE,KAAK;YAC5B,MAAM,EAAE,0BAA0B;SACnC,CAAA;IACH,CAAC;IAED,6BAA6B;IAC7B,IAAI,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,EAAE,CAAC;QACnE,OAAO;YACL,QAAQ,EAAE,eAAe;YACzB,uBAAuB,EAAE,IAAI;YAC7B,qBAAqB,EAAE,IAAI;YAC3B,qBAAqB,EAAE,KAAK;YAC5B,MAAM,EAAE,+BAA+B;SACxC,CAAA;IACH,CAAC;IAED,uCAAuC;IACvC,IAAI,gDAAgD,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpE,OAAO;YACL,QAAQ,EAAE,aAAa;YACvB,uBAAuB,EAAE,IAAI;YAC7B,qBAAqB,EAAE,KAAK;YAC5B,qBAAqB,EAAE,KAAK;YAC5B,MAAM,EAAE,gCAAgC;SACzC,CAAA;IACH,CAAC;IAED,8BAA8B;IAC9B,OAAO;QACL,QAAQ,EAAE,YAAY;QACtB,uBAAuB,EAAE,KAAK;QAC9B,qBAAqB,EAAE,KAAK;QAC5B,qBAAqB,EAAE,KAAK;KAC7B,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,wBAAwB,CAAC,IAAY;IACnD,iCAAiC;IACjC,MAAM,mBAAmB,GAAG;QAC1B,0CAA0C;QAC1C,4CAA4C;QAC5C,uCAAuC;QACvC,yCAAyC;QACzC,mCAAmC;QACnC,sCAAsC;KACvC,CAAA;IAED,OAAO,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;AAChE,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,uBAAuB,CAAC,IAAY;IAClD,MAAM,eAAe,GAAG;QACtB,qEAAqE;QACrE,sEAAsE;QACtE,yBAAyB;QACzB,qDAAqD;QACrD,0EAA0E;QAC1E,yEAAyE;QACzE,8EAA8E;QAC9E,0DAA0D;QAC1D,yEAAyE;QACzE,8EAA8E;KAC/E,CAAA;IAED,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,gBAAgB,CAAC,IAAY,EAAE,QAAgB;IAC7D,MAAM,OAAO,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAA;IAE/C,oDAAoD;IACpD,IAAI,OAAO,CAAC,QAAQ,KAAK,YAAY,EAAE,CAAC;QACtC,OAAO,IAAI,CAAA;IACb,CAAC;IAED,uCAAuC;IACvC,MAAM,eAAe,GAAG;QACtB,mEAAmE;QACnE,iCAAiC;QACjC,qBAAqB;QACrB,uBAAuB;QACvB,yBAAyB;QACzB,+CAA+C;QAC/C,6CAA6C;KAC9C,CAAA;IAED,OAAO,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAA;AAC5D,CAAC;AAED;;;;;GAKG;AACH,SAAgB,qBAAqB,CAAC,QAAgB;IACpD,MAAM,OAAO,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAA;IAC/C,OAAO,OAAO,CAAC,qBAAqB,CAAA;AACtC,CAAC;AAED;;;;;GAKG;AACH,SAAgB,mBAAmB,CAAC,QAAgB;IAClD,MAAM,OAAO,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAA;IAC/C,OAAO,OAAO,CAAC,uBAAuB,CAAA;AACxC,CAAC;AAED;;;;;;GAMG;AACH,SAAgB,oBAAoB,CAClC,QAAgB,EAChB,IAAY;IAEZ,MAAM,OAAO,GAAG,qBAAqB,CAAC,QAAQ,CAAC,CAAA;IAE/C,sDAAsD;IACtD,IAAI,gCAAgC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QACpD,OAAO,MAAM,CAAA;IACf,CAAC;IAED,uCAAuC;IACvC,IAAI,OAAO,CAAC,uBAAuB,EAAE,CAAC;QACpC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,8CAA8C;IAC9C,IAAI,uBAAuB,CAAC,IAAI,CAAC,EAAE,CAAC;QAClC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,+BAA+B;IAC/B,IAAI,wBAAwB,CAAC,IAAI,CAAC,EAAE,CAAC;QACnC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,6BAA6B;IAC7B,IAAI,gBAAgB,CAAC,IAAI,EAAE,QAAQ,CAAC,EAAE,CAAC;QACrC,OAAO,MAAM,CAAA;IACf,CAAC;IAED,uCAAuC;IACvC,OAAO,QAAQ,CAAA;AACjB,CAAC"}

package/dist/utils/imported-auth-detector.d.ts

@@ -1,37 +0,0 @@
-/**
- * Imported Auth Detector
- *
- * Detects auth middleware/helpers imported from other files to avoid
- * false positives on routes that are actually protected via imports.
- *
- * Example: A route file that does `import { authMiddleware } from '@/lib/auth'`
- * and wraps handlers with it should not be flagged as "missing auth".
- */
-import type { ScanFile } from '../types';
-export interface ImportedAuthInfo {
-    importPath: string;
-    importedNames: string[];
-    isAuthRelated: boolean;
-}
-export interface FileAuthImports {
-    filePath: string;
-    imports: ImportedAuthInfo[];
-    usesImportedAuth: boolean;
-}
-/**
- * Extract all imports from a file's content
- */
-export declare function extractImports(content: string): ImportedAuthInfo[];
-/**
- * Check if imported auth is actually used to protect routes/handlers
- */
-export declare function detectImportedAuthUsage(content: string, authImports: ImportedAuthInfo[]): boolean;
-/**
- * Build a registry of files and their auth imports
- */
-export declare function buildFileAuthImports(files: ScanFile[]): Map<string, FileAuthImports>;
-/**
- * Check if a specific file uses imported auth protection
- */
-export declare function fileUsesImportedAuth(filePath: string, registry: Map<string, FileAuthImports>): boolean;
-//# sourceMappingURL=imported-auth-detector.d.ts.map

package/dist/utils/imported-auth-detector.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"imported-auth-detector.d.ts","sourceRoot":"","sources":["../../src/utils/imported-auth-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAA;AAMxC,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAA;IAClB,aAAa,EAAE,MAAM,EAAE,CAAA;IACvB,aAAa,EAAE,OAAO,CAAA;CACvB;AAED,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,MAAM,CAAA;IAChB,OAAO,EAAE,gBAAgB,EAAE,CAAA;IAC3B,gBAAgB,EAAE,OAAO,CAAA;CAC1B;AAkFD;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,gBAAgB,EAAE,CA8ElE;AA+BD;;GAEG;AACH,wBAAgB,uBAAuB,CACrC,OAAO,EAAE,MAAM,EACf,WAAW,EAAE,gBAAgB,EAAE,GAC9B,OAAO,CAgDT;AAaD;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,QAAQ,EAAE,GAAG,GAAG,CAAC,MAAM,EAAE,eAAe,CAAC,CAmBpF;AAED;;GAEG;AACH,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,MAAM,EAChB,QAAQ,EAAE,GAAG,CAAC,MAAM,EAAE,eAAe,CAAC,GACrC,OAAO,CAET"}

package/dist/utils/imported-auth-detector.js

@@ -1,251 +0,0 @@
-"use strict";
-/**
- * Imported Auth Detector
- *
- * Detects auth middleware/helpers imported from other files to avoid
- * false positives on routes that are actually protected via imports.
- *
- * Example: A route file that does `import { authMiddleware } from '@/lib/auth'`
- * and wraps handlers with it should not be flagged as "missing auth".
- */
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.extractImports = extractImports;
-exports.detectImportedAuthUsage = detectImportedAuthUsage;
-exports.buildFileAuthImports = buildFileAuthImports;
-exports.fileUsesImportedAuth = fileUsesImportedAuth;
-// ============================================================================
-// Patterns
-// ============================================================================
-/**
- * Patterns that indicate auth-related imports by name
- */
-const AUTH_NAME_PATTERNS = [
-    /auth/i,
-    /middleware/i,
-    /protect/i,
-    /guard/i,
-    /session/i,
-    /verify/i,
-    /secure/i,
-    /jwt/i,
-    /token/i,
-];
-/**
- * Specific auth import names commonly used
- */
-const KNOWN_AUTH_IMPORTS = new Set([
-    // Next.js / NextAuth
-    'auth',
-    'getServerSession',
-    'getSession',
-    'withAuth',
-    'getToken',
-    'NextAuth',
-    'NextAuthOptions',
-    // Clerk
-    'auth',
-    'currentUser',
-    'clerkMiddleware',
-    'getAuth',
-    'SignedIn',
-    'SignedOut',
-    // Auth0
-    'withPageAuthRequired',
-    'withApiAuthRequired',
-    'getSession',
-    'getAccessToken',
-    // Custom auth patterns
-    'authMiddleware',
-    'requireAuth',
-    'requireAuthentication',
-    'checkAuth',
-    'verifyAuth',
-    'protectRoute',
-    'withAuthentication',
-    'authenticated',
-    'getCurrentUser',
-    'getCurrentUserId',
-    'getUser',
-    'getUserId',
-]);
-/**
- * Patterns indicating auth-related import paths
- */
-const AUTH_PATH_PATTERNS = [
-    /\/auth\//i,
-    /\/middleware/i,
-    /\/lib\/auth/i,
-    /\/utils\/auth/i,
-    /\/helpers\/auth/i,
-    /next-auth/i,
-    /@clerk/i,
-    /@auth0/i,
-    /lucia/i,
-];
-// ============================================================================
-// Import Extraction
-// ============================================================================
-/**
- * Extract all imports from a file's content
- */
-function extractImports(content) {
-    const imports = [];
-    // ES6 named imports: import { x, y } from 'path'
-    const es6NamedPattern = /import\s+\{([^}]+)\}\s+from\s+['"]([^'"]+)['"]/g;
-    let match;
-    while ((match = es6NamedPattern.exec(content)) !== null) {
-        const names = match[1]
-            .split(',')
-            .map(n => n.trim().split(/\s+as\s+/)[0].trim()) // Handle 'x as y'
-            .filter(n => n.length > 0);
-        const importPath = match[2];
-        const isAuthRelated = isAuthRelatedImport(names, importPath);
-        imports.push({
-            importPath,
-            importedNames: names,
-            isAuthRelated,
-        });
-    }
-    // ES6 default imports: import x from 'path'
-    const defaultPattern = /import\s+(\w+)\s+from\s+['"]([^'"]+)['"]/g;
-    while ((match = defaultPattern.exec(content)) !== null) {
-        const name = match[1];
-        const importPath = match[2];
-        // Skip if already captured as named import
-        if (imports.some(imp => imp.importPath === importPath))
-            continue;
-        const isAuthRelated = isAuthRelatedImport([name], importPath);
-        imports.push({
-            importPath,
-            importedNames: [name],
-            isAuthRelated,
-        });
-    }
-    // CommonJS require: const { x } = require('path')
-    const requireDestructurePattern = /(?:const|let|var)\s+\{([^}]+)\}\s*=\s*require\s*\(\s*['"]([^'"]+)['"]\s*\)/g;
-    while ((match = requireDestructurePattern.exec(content)) !== null) {
-        const names = match[1]
-            .split(',')
-            .map(n => n.trim().split(/\s*:\s*/)[0].trim()) // Handle 'x: y' renaming
-            .filter(n => n.length > 0);
-        const importPath = match[2];
-        const isAuthRelated = isAuthRelatedImport(names, importPath);
-        imports.push({
-            importPath,
-            importedNames: names,
-            isAuthRelated,
-        });
-    }
-    // CommonJS require: const x = require('path')
-    const requireDefaultPattern = /(?:const|let|var)\s+(\w+)\s*=\s*require\s*\(\s*['"]([^'"]+)['"]\s*\)/g;
-    while ((match = requireDefaultPattern.exec(content)) !== null) {
-        const name = match[1];
-        const importPath = match[2];
-        // Skip if already captured
-        if (imports.some(imp => imp.importPath === importPath))
-            continue;
-        const isAuthRelated = isAuthRelatedImport([name], importPath);
-        imports.push({
-            importPath,
-            importedNames: [name],
-            isAuthRelated,
-        });
-    }
-    return imports;
-}
-/**
- * Check if an import is auth-related based on names and path
- */
-function isAuthRelatedImport(names, importPath) {
-    // Check if path is auth-related
-    if (AUTH_PATH_PATTERNS.some(p => p.test(importPath))) {
-        return true;
-    }
-    // Check if any imported name is auth-related
-    for (const name of names) {
-        // Known auth imports
-        if (KNOWN_AUTH_IMPORTS.has(name)) {
-            return true;
-        }
-        // Pattern-based detection
-        if (AUTH_NAME_PATTERNS.some(p => p.test(name))) {
-            return true;
-        }
-    }
-    return false;
-}
-// ============================================================================
-// Auth Usage Detection
-// ============================================================================
-/**
- * Check if imported auth is actually used to protect routes/handlers
- */
-function detectImportedAuthUsage(content, authImports) {
-    if (authImports.length === 0)
-        return false;
-    const authNames = authImports.flatMap(imp => imp.importedNames);
-    for (const name of authNames) {
-        // Pattern 1: Handler wrapping - export const GET = authMiddleware(...)
-        const wrapperPattern = new RegExp(`(?:export\\s+(?:const|function)\\s+(?:GET|POST|PUT|PATCH|DELETE|handler)\\s*=\\s*${escapeRegex(name)}\\s*\\()` +
-            `|(?:${escapeRegex(name)}\\s*\\(\\s*(?:async\\s+)?(?:function|\\())`);
-        if (wrapperPattern.test(content)) {
-            return true;
-        }
-        // Pattern 2: Middleware chain - app.use(authMiddleware)
-        const middlewareChainPattern = new RegExp(`\\.(?:use|all|get|post|put|patch|delete)\\s*\\([^)]*${escapeRegex(name)}`);
-        if (middlewareChainPattern.test(content)) {
-            return true;
-        }
-        // Pattern 3: Express/Fastify route with middleware - router.get('/', requireAuth, handler)
-        const routeMiddlewarePattern = new RegExp(`\\.(?:get|post|put|patch|delete)\\s*\\([^,]+,\\s*${escapeRegex(name)}`);
-        if (routeMiddlewarePattern.test(content)) {
-            return true;
-        }
-        // Pattern 4: HOC pattern - withAuth(Component)
-        const hocPattern = new RegExp(`${escapeRegex(name)}\\s*\\(\\s*\\w+\\s*\\)`);
-        if (hocPattern.test(content)) {
-            return true;
-        }
-        // Pattern 5: Auth function call at top of handler - const session = await auth()
-        const authCallPattern = new RegExp(`(?:await\\s+)?${escapeRegex(name)}\\s*\\(\\s*\\)` +
-            `|${escapeRegex(name)}\\s*\\(\\s*(?:req|request|ctx|context)\\s*[,)]`);
-        if (authCallPattern.test(content)) {
-            return true;
-        }
-    }
-    return false;
-}
-/**
- * Escape special regex characters in a string
- */
-function escapeRegex(str) {
-    return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
-}
-// ============================================================================
-// Registry Builder
-// ============================================================================
-/**
- * Build a registry of files and their auth imports
- */
-function buildFileAuthImports(files) {
-    const registry = new Map();
-    for (const file of files) {
-        const allImports = extractImports(file.content);
-        const authImports = allImports.filter(imp => imp.isAuthRelated);
-        const usesImportedAuth = authImports.length > 0 &&
-            detectImportedAuthUsage(file.content, authImports);
-        registry.set(file.path, {
-            filePath: file.path,
-            imports: authImports,
-            usesImportedAuth,
-        });
-    }
-    return registry;
-}
-/**
- * Check if a specific file uses imported auth protection
- */
-function fileUsesImportedAuth(filePath, registry) {
-    return registry.get(filePath)?.usesImportedAuth ?? false;
-}
-//# sourceMappingURL=imported-auth-detector.js.map

package/dist/utils/imported-auth-detector.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"imported-auth-detector.js","sourceRoot":"","sources":["../../src/utils/imported-auth-detector.ts"],"names":[],"mappings":";AAAA;;;;;;;;GAQG;;AAuGH,wCA8EC;AAkCD,0DAmDC;AAgBD,oDAmBC;AAKD,oDAKC;AAnSD,+EAA+E;AAC/E,WAAW;AACX,+EAA+E;AAE/E;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,OAAO;IACP,aAAa;IACb,UAAU;IACV,QAAQ;IACR,UAAU;IACV,SAAS;IACT,SAAS;IACT,MAAM;IACN,QAAQ;CACT,CAAA;AAED;;GAEG;AACH,MAAM,kBAAkB,GAAG,IAAI,GAAG,CAAC;IACjC,qBAAqB;IACrB,MAAM;IACN,kBAAkB;IAClB,YAAY;IACZ,UAAU;IACV,UAAU;IACV,UAAU;IACV,iBAAiB;IAEjB,QAAQ;IACR,MAAM;IACN,aAAa;IACb,iBAAiB;IACjB,SAAS;IACT,UAAU;IACV,WAAW;IAEX,QAAQ;IACR,sBAAsB;IACtB,qBAAqB;IACrB,YAAY;IACZ,gBAAgB;IAEhB,uBAAuB;IACvB,gBAAgB;IAChB,aAAa;IACb,uBAAuB;IACvB,WAAW;IACX,YAAY;IACZ,cAAc;IACd,oBAAoB;IACpB,eAAe;IACf,gBAAgB;IAChB,kBAAkB;IAClB,SAAS;IACT,WAAW;CACZ,CAAC,CAAA;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAG;IACzB,WAAW;IACX,eAAe;IACf,cAAc;IACd,gBAAgB;IAChB,kBAAkB;IAClB,YAAY;IACZ,SAAS;IACT,SAAS;IACT,QAAQ;CACT,CAAA;AAED,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,cAAc,CAAC,OAAe;IAC5C,MAAM,OAAO,GAAuB,EAAE,CAAA;IAEtC,iDAAiD;IACjD,MAAM,eAAe,GAAG,iDAAiD,CAAA;IACzE,IAAI,KAAK,CAAA;IAET,OAAO,CAAC,KAAK,GAAG,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACxD,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC;aACnB,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAE,kBAAkB;aAClE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QAC5B,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAE3B,MAAM,aAAa,GAAG,mBAAmB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;QAE5D,OAAO,CAAC,IAAI,CAAC;YACX,UAAU;YACV,aAAa,EAAE,KAAK;YACpB,aAAa;SACd,CAAC,CAAA;IACJ,CAAC;IAED,4CAA4C;IAC5C,MAAM,cAAc,GAAG,2CAA2C,CAAA;IAClE,OAAO,CAAC,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACvD,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAE3B,2CAA2C;QAC3C,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,KAAK,UAAU,CAAC;YAAE,SAAQ;QAEhE,MAAM,aAAa,GAAG,mBAAmB,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAA;QAE7D,OAAO,CAAC,IAAI,CAAC;YACX,UAAU;YACV,aAAa,EAAE,CAAC,IAAI,CAAC;YACrB,aAAa;SACd,CAAC,CAAA;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,yBAAyB,GAAG,6EAA6E,CAAA;IAC/G,OAAO,CAAC,KAAK,GAAG,yBAAyB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAClE,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC;aACnB,KAAK,CAAC,GAAG,CAAC;aACV,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAE,yBAAyB;aACxE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAA;QAC5B,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAE3B,MAAM,aAAa,GAAG,mBAAmB,CAAC,KAAK,EAAE,UAAU,CAAC,CAAA;QAE5D,OAAO,CAAC,IAAI,CAAC;YACX,UAAU;YACV,aAAa,EAAE,KAAK;YACpB,aAAa;SACd,CAAC,CAAA;IACJ,CAAC;IAED,8CAA8C;IAC9C,MAAM,qBAAqB,GAAG,uEAAuE,CAAA;IACrG,OAAO,CAAC,KAAK,GAAG,qBAAqB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QACrB,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAA;QAE3B,2BAA2B;QAC3B,IAAI,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,UAAU,KAAK,UAAU,CAAC;YAAE,SAAQ;QAEhE,MAAM,aAAa,GAAG,mBAAmB,CAAC,CAAC,IAAI,CAAC,EAAE,UAAU,CAAC,CAAA;QAE7D,OAAO,CAAC,IAAI,CAAC;YACX,UAAU;YACV,aAAa,EAAE,CAAC,IAAI,CAAC;YACrB,aAAa;SACd,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,OAAO,CAAA;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,KAAe,EAAE,UAAkB;IAC9D,gCAAgC;IAChC,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QACrD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,6CAA6C;IAC7C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,qBAAqB;QACrB,IAAI,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YACjC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,0BAA0B;QAC1B,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC/C,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,uBAAuB,CACrC,OAAe,EACf,WAA+B;IAE/B,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAA;IAE1C,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;IAE/D,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;QAC7B,uEAAuE;QACvE,MAAM,cAAc,GAAG,IAAI,MAAM,CAC/B,oFAAoF,WAAW,CAAC,IAAI,CAAC,UAAU;YAC/G,OAAO,WAAW,CAAC,IAAI,CAAC,4CAA4C,CACrE,CAAA;QACD,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACjC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,wDAAwD;QACxD,MAAM,sBAAsB,GAAG,IAAI,MAAM,CACvC,uDAAuD,WAAW,CAAC,IAAI,CAAC,EAAE,CAC3E,CAAA;QACD,IAAI,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,2FAA2F;QAC3F,MAAM,sBAAsB,GAAG,IAAI,MAAM,CACvC,oDAAoD,WAAW,CAAC,IAAI,CAAC,EAAE,CACxE,CAAA;QACD,IAAI,sBAAsB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACzC,OAAO,IAAI,CAAA;QACb,CAAC;QAED,+CAA+C;QAC/C,MAAM,UAAU,GAAG,IAAI,MAAM,CAAC,GAAG,WAAW,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAA;QAC3E,IAAI,UAAU,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAC7B,OAAO,IAAI,CAAA;QACb,CAAC;QAED,iFAAiF;QACjF,MAAM,eAAe,GAAG,IAAI,MAAM,CAChC,iBAAiB,WAAW,CAAC,IAAI,CAAC,gBAAgB;YAClD,IAAI,WAAW,CAAC,IAAI,CAAC,gDAAgD,CACtE,CAAA;QACD,IAAI,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,OAAO,IAAI,CAAA;QACb,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAA;AACd,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,GAAW;IAC9B,OAAO,GAAG,CAAC,OAAO,CAAC,qBAAqB,EAAE,MAAM,CAAC,CAAA;AACnD,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,SAAgB,oBAAoB,CAAC,KAAiB;IACpD,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA2B,CAAA;IAEnD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,UAAU,GAAG,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;QAC/C,MAAM,WAAW,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,CAAA;QAE/D,MAAM,gBAAgB,GACpB,WAAW,CAAC,MAAM,GAAG,CAAC;YACtB,uBAAuB,CAAC,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAA;QAEpD,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE;YACtB,QAAQ,EAAE,IAAI,CAAC,IAAI;YACnB,OAAO,EAAE,WAAW;YACpB,gBAAgB;SACjB,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,QAAQ,CAAA;AACjB,CAAC;AAED;;GAEG;AACH,SAAgB,oBAAoB,CAClC,QAAgB,EAChB,QAAsC;IAEtC,OAAO,QAAQ,CAAC,GAAG,CAAC,QAAQ,CAAC,EAAE,gBAAgB,IAAI,KAAK,CAAA;AAC1D,CAAC"}

package/dist/utils/intent-detector.d.ts

@@ -1,66 +0,0 @@
-/**
- * Intent Detector Utility
- * Detects the INTENT of code patterns, not just keywords
- *
- * This addresses false positives where:
- * - setState() is flagged as a redirect (it's React state, not navigation)
- * - Error codes like 'SAME_PASSWORD' are flagged as password exposure
- * - Signed URLs are flagged as token exposure
- * - React Hook Form's shouldValidate: false is flagged as bypass
- */
-/**
- * Check if a line contains a React state setter (NOT a redirect)
- */
-export declare function isReactStateSetter(line: string): boolean;
-/**
- * Check if a line contains an actual redirect/navigation
- */
-export declare function isActualRedirect(line: string): boolean;
-/**
- * Determine if user input to this function is a security concern
- * State setters with user input are NOT redirects
- *
- * @param line - The line content
- * @returns 'state_setter' | 'redirect' | 'unknown'
- */
-export declare function classifyNavigationIntent(line: string): 'state_setter' | 'redirect' | 'unknown';
-/**
- * Check if a string in an error is a CODE (like 'SAME_PASSWORD')
- * vs an actual VALUE that might expose data
- */
-export declare function isErrorCodeString(line: string): boolean;
-/**
- * Check if an error message might contain actual password/secret value
- */
-export declare function hasPasswordValueInError(line: string): boolean;
-/**
- * Check if "password" in error message is actually an error code/type
- */
-export declare function isPasswordErrorCode(line: string): boolean;
-/**
- * Check if a URL pattern is an intentional signed/presigned URL
- * These are FEATURES, not vulnerabilities
- */
-export declare function isSignedUrlPattern(line: string): boolean;
-/**
- * Check if shouldValidate: false is in a React Hook Form context
- * In RHF, this is a PERFORMANCE optimization, not a security bypass
- */
-export declare function isReactHookFormContext(content: string, lineNumber: number): boolean;
-/**
- * Check if validation: false / validate: false is form library optimization
- */
-export declare function isFormLibraryOptimization(line: string, content: string, lineNumber: number): boolean;
-export interface IntentAnalysis {
-    /** The detected intent */
-    intent: 'security_concern' | 'safe_pattern' | 'unknown';
-    /** Reason for classification */
-    reason: string;
-    /** Suggested action */
-    action: 'flag' | 'skip' | 'downgrade';
-}
-/**
- * Analyze a line for security intent based on multiple heuristics
- */
-export declare function analyzeSecurityIntent(line: string, content: string, lineNumber: number, patternType: 'redirect' | 'password_error' | 'token_url' | 'validation_bypass'): IntentAnalysis;
-//# sourceMappingURL=intent-detector.d.ts.map

package/dist/utils/intent-detector.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"intent-detector.d.ts","sourceRoot":"","sources":["../../src/utils/intent-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AA0CH;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAExD;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAEtD;AAED;;;;;;GAMG;AACH,wBAAgB,wBAAwB,CACtC,IAAI,EAAE,MAAM,GACX,cAAc,GAAG,UAAU,GAAG,SAAS,CAQzC;AAMD;;;GAGG;AACH,wBAAgB,iBAAiB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAYvD;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAc7D;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAezD;AAMD;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAqBxD;AAMD;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAwBnF;AAED;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,GAAG,OAAO,CAmBpG;AAMD,MAAM,WAAW,cAAc;IAC7B,0BAA0B;IAC1B,MAAM,EAAE,kBAAkB,GAAG,cAAc,GAAG,SAAS,CAAA;IACvD,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAA;IACd,uBAAuB;IACvB,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,WAAW,CAAA;CACtC;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CACnC,IAAI,EAAE,MAAM,EACZ,OAAO,EAAE,MAAM,EACf,UAAU,EAAE,MAAM,EAClB,WAAW,EAAE,UAAU,GAAG,gBAAgB,GAAG,WAAW,GAAG,mBAAmB,GAC7E,cAAc,CA8DhB"}