npm - @offgridsec/kira-lite-mcp - Versions diffs - 0.1.2 → 0.1.3 - Mend

@offgridsec/kira-lite-mcp 0.1.2 → 0.1.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (37) hide show

package/PRIVACY.md +9 -1
package/README.md +1 -1
package/dist/config.d.ts +5 -0
package/dist/config.js +1 -1
package/dist/core/engines/kira-core.js +1 -1
package/dist/core/engines/osv.js +485 -1
package/dist/core/engines/runner.js +30 -1
package/dist/core/scanner.js +101 -1
package/dist/core/types.js +1 -1
package/dist/core/utils.js +70 -1
package/dist/index.js +477 -1
package/dist/rules/c-cpp.js +202 -1
package/dist/rules/cicd.js +144 -1
package/dist/rules/csharp.js +207 -1
package/dist/rules/docker.js +143 -1
package/dist/rules/go.js +184 -1
package/dist/rules/index.js +147 -1
package/dist/rules/java.js +1 -1
package/dist/rules/javascript-extended.js +1 -1
package/dist/rules/javascript.js +1 -1
package/dist/rules/kubernetes.js +1 -1
package/dist/rules/php.js +1 -1
package/dist/rules/python-extended.js +1 -1
package/dist/rules/python.js +1 -1
package/dist/rules/ruby.js +1 -1
package/dist/rules/secrets-extended.js +1 -1
package/dist/rules/secrets.js +1 -1
package/dist/rules/shell.js +1 -1
package/dist/rules/terraform.js +1 -1
package/dist/telemetry.d.ts +1 -0
package/dist/telemetry.js +1 -1
package/dist/tools/fix-vulnerability.js +1 -1
package/dist/tools/scan-code.js +1 -1
package/dist/tools/scan-dependencies.js +1 -1
package/dist/tools/scan-diff.js +1 -1
package/dist/tools/scan-file.js +1 -1
package/package.json +1 -1

package/dist/core/engines/runner.js CHANGED Viewed

@@ -1 +1,30 @@
-function _0x46fc(_0xf99bf8,_0x3975d6){_0xf99bf8=_0xf99bf8-(0x1*-0x1b3b+0x91*-0xd+0x23ab);const _0xb08164=_0x3f13();let _0xbf5c5=_0xb08164[_0xf99bf8];if(_0x46fc['QNwTKJ']===undefined){var _0x4b0387=function(_0x1c803f){const _0x10a059='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x43fcec='',_0x26bd77='';for(let _0x4208ce=-0xc5*0xf+-0x4c1+0x104c,_0xd7a16e,_0x28a4a3,_0x1a424a=0x3aa*-0x1+0x2a+0x380;_0x28a4a3=_0x1c803f['charAt'](_0x1a424a++);~_0x28a4a3&&(_0xd7a16e=_0x4208ce%(0xcb4+0x2706+-0x2*0x19db)?_0xd7a16e*(-0x7e6+-0x1ba+-0x9e*-0x10)+_0x28a4a3:_0x28a4a3,_0x4208ce++%(0x6e6*-0x5+0x5*0x501+0x97d))?_0x43fcec+=String['fromCharCode'](0x268b+-0x4*0x5ab+-0xee0&_0xd7a16e>>(-(-0x11*0xce+0x1*-0x1beb+-0x1*-0x299b)*_0x4208ce&-0x225d+0x2*-0x1307+0x4871)):-0xe*0x11d+-0x6*-0x243+0x204){_0x28a4a3=_0x10a059['indexOf'](_0x28a4a3);}for(let _0x23d639=-0xd*-0x2c9+0x25f2+0x1*-0x4a27,_0x492c9b=_0x43fcec['length'];_0x23d639<_0x492c9b;_0x23d639++){_0x26bd77+='%'+('00'+_0x43fcec['charCodeAt'](_0x23d639)['toString'](0x1425+-0x1cf9+0x2*0x472))['slice'](-(0x1761+0x1*-0x1f52+0xb*0xb9));}return decodeURIComponent(_0x26bd77);};_0x46fc['KSdbgK']=_0x4b0387,_0x46fc['sryvWe']={},_0x46fc['QNwTKJ']=!![];}const _0x3ace5b=_0xb08164[0x1082*0x1+-0x897+0x1*-0x7eb],_0x52dd55=_0xf99bf8+_0x3ace5b,_0x439e06=_0x46fc['sryvWe'][_0x52dd55];return!_0x439e06?(_0xbf5c5=_0x46fc['KSdbgK'](_0xbf5c5),_0x46fc['sryvWe'][_0x52dd55]=_0xbf5c5):_0xbf5c5=_0x439e06,_0xbf5c5;}(function(_0x357668,_0xe8b0d6){const _0x10e76f={_0xc20eab:0x278,_0x14dc8a:0x3e5,_0x51031:0x3d8,_0x5d6908:0x28f,_0x5503e2:0x283,_0x5a9f8c:0x292,_0x500f2d:0x284,_0x25a76e:0x3cc,_0x2087e6:0x3cb},_0x5bf15a={_0x489002:0x2b8};function _0x528592(_0x28a415,_0x621bb6){return _0x46fc(_0x28a415-0x161,_0x621bb6);}const _0x19d04f=_0x357668();function _0x5f0e86(_0x57d884,_0x1cffac){return _0x46fc(_0x57d884-_0x5bf15a._0x489002,_0x1cffac);}while(!![]){try{const _0x2f0740=-parseInt(_0x5f0e86(0x3e1,0x3e4))/(0x2505+0x1c00+-0x4104)+-parseInt(_0x528592(0x27f,_0x10e76f._0xc20eab))/(0x59f*0x2+0x7a7*-0x1+-0x83*0x7)*(parseInt(_0x5f0e86(_0x10e76f._0x14dc8a,_0x10e76f._0x51031))/(-0x4*-0x82b+0x2*0xf74+0x1*-0x3f91))+-parseInt(_0x528592(_0x10e76f._0x5d6908,_0x10e76f._0x5503e2))/(-0x1*0x21c1+0xb*-0x32b+0x449e)+-parseInt(_0x528592(0x284,_0x10e76f._0x5a9f8c))/(-0x20f0+0x7*0x189+-0xb1b*-0x2)+parseInt(_0x528592(0x27d,0x27b))/(-0x7*0x178+0x1d4c+-0x12fe)*(parseInt(_0x528592(0x27a,_0x10e76f._0x500f2d))/(-0x1e06+-0x24ff*-0x1+-0x6f2))+parseInt(_0x5f0e86(_0x10e76f._0x25a76e,_0x10e76f._0x2087e6))/(-0x15ae+0xa1f*-0x2+0x29f4)+parseInt(_0x528592(0x289,0x28f))/(-0x198d+-0x219a+0x3b30)*(parseInt(_0x528592(0x274,0x280))/(-0xd20+0x3*0x282+0x5a4));if(_0x2f0740===_0xe8b0d6)break;else _0x19d04f['push'](_0x19d04f['shift']());}catch(_0x450630){_0x19d04f['push'](_0x19d04f['shift']());}}}(_0x3f13,0x1*0x5770d+-0x3219b*-0x7+-0xfd099));import{execFile}from'node:child_process';import{promisify}from'node:util';import{which}from'../utils.js';const execFileAsync=promisify(execFile);export async function runCommand(_0x1e5019,_0x41cc4a,_0xc9b45){const _0x35eb77={_0x10c8bc:0x309,_0x10123f:0x2ff,_0x486584:0x2fd,_0x2338f4:0x14c,_0x341a0f:0x2f5,_0x5dc772:0x15a,_0x5cd861:0x159,_0x22bf44:0x2f3,_0x3ca481:0x2ea,_0x155502:0x2f8,_0x360772:0x2ef,_0x305c83:0x2f4,_0x53d8ed:0x149,_0x11a0c8:0x2fb,_0x24a070:0x2f7,_0x3d66e6:0x302,_0x28db31:0x2fb,_0x160be5:0x30c,_0x4f0558:0x2fa,_0x265efd:0x146,_0x28fb86:0x305},_0x5084f4={_0x12f195:0x1d9},_0x4dc359={_0x19537d:0x2f};function _0x46069c(_0x43b686,_0x1e1196){return _0x46fc(_0x43b686-_0x4dc359._0x19537d,_0x1e1196);}const _0xdb1d54={'NEkZk':function(_0x3c5bdc,_0x1b6e07,_0x473a7c,_0x34bf48){return _0x3c5bdc(_0x1b6e07,_0x473a7c,_0x34bf48);},'qhTrR':function(_0x7e38ec,_0x92e8ef){return _0x7e38ec*_0x92e8ef;},'udaqZ':function(_0x4e5fff,_0x1c1197){return _0x4e5fff*_0x1c1197;},'uTsgY':_0x25dd0a(_0x35eb77._0x10c8bc,_0x35eb77._0x10123f),'nKBNg':function(_0x400f7a,_0x5304f4){return _0x400f7a(_0x5304f4);},'JKuSV':function(_0x4be270,_0x5dfb07){return _0x4be270===_0x5dfb07;},'MiFga':_0x25dd0a(0x304,_0x35eb77._0x486584)+_0x46069c(_0x35eb77._0x2338f4,0x141)};function _0x25dd0a(_0x1d5f6c,_0x2accd1){return _0x46fc(_0x2accd1-_0x5084f4._0x12f195,_0x1d5f6c);}try{const _0x568c3a=await _0xdb1d54[_0x25dd0a(_0x35eb77._0x341a0f,0x2fe)](execFileAsync,_0x1e5019,_0x41cc4a,{'timeout':_0xc9b45?.[_0x46069c(_0x35eb77._0x5dc772,_0x35eb77._0x5cd861)+'ut']??-0x54e7+-0x7dcf+0x147e6,'cwd':_0xc9b45?.[_0x25dd0a(_0x35eb77._0x10123f,_0x35eb77._0x22bf44)],'maxBuffer':_0xdb1d54[_0x25dd0a(_0x35eb77._0x341a0f,0x2ef)](_0xdb1d54[_0x46069c(0x14e,0x159)](0x88d*0x3+0xbe4+-0x2581,-0x14fe*-0x1+-0x59c*-0x6+0x3*-0x10e2),-0x1287+0x19*-0x4f+0x1e3e),'encoding':_0xdb1d54[_0x25dd0a(_0x35eb77._0x3ca481,0x2f1)],..._0xc9b45?.[_0x25dd0a(_0x35eb77._0x155502,0x2f4)]?{'input':_0xc9b45[_0x25dd0a(_0x35eb77._0x360772,_0x35eb77._0x305c83)]}:{}});return{'stdout':String(_0x568c3a['stdou'+'t']),'stderr':_0xdb1d54[_0x46069c(0x150,_0x35eb77._0x53d8ed)](String,_0x568c3a[_0x25dd0a(0x2f2,_0x35eb77._0x11a0c8)+'r']),'exitCode':0x0};}catch(_0x4fb665){return{'stdout':_0x4fb665[_0x25dd0a(_0x35eb77._0x24a070,0x2ee)+'t']??'','stderr':_0x4fb665[_0x25dd0a(_0x35eb77._0x3d66e6,_0x35eb77._0x28db31)+'r']??_0x4fb665[_0x25dd0a(_0x35eb77._0x160be5,0x305)+'ge']??_0xdb1d54[_0x25dd0a(0x2f6,_0x35eb77._0x4f0558)](String,_0x4fb665),'exitCode':_0xdb1d54[_0x46069c(_0x35eb77._0x265efd,0x144)](_0x4fb665[_0x46069c(0x156,0x149)],_0xdb1d54[_0x25dd0a(_0x35eb77._0x28fb86,0x303)])?-(-0x2bd*-0x2+0x3cb*0x2+0xd0f*-0x1):_0x4fb665['statu'+'s']??0x6*0x16a+0x1*0x22d4+-0x2b4f};}}export async function isToolAvailable(_0x521d53){const _0x4673c4={_0x23b1dd:0x463};function _0x351170(_0x51f346,_0x37d0aa){return _0x46fc(_0x37d0aa-0x335,_0x51f346);}const _0x977d4e={'tNiif':function(_0x450604,_0x515cee){return _0x450604!==_0x515cee;},'nQVnq':function(_0x564473,_0x1ecd7f){return _0x564473(_0x1ecd7f);}};return _0x977d4e['tNiif'](await _0x977d4e[_0x351170(_0x4673c4._0x23b1dd,0x455)](which,_0x521d53),null);}function _0x3f13(){const _0xc6850e=['tKvRwMS','DxrMltG','y29Kzq','ouvczeTYDa','mtyYmte3wxzWzLvf','twLgz2e','DgLTzw8','BwvZC2e','mtGYmJq3zfHhr1Lm','nti0mtKYne9TBMXOsa','mZu0ota1ntbQwKjszuC','mZG5mZG1nNfjDM90tG','C3rKB3u','CwHuCLi','sKT1u1y','DvrZz1K','n2rjuM5qta','y3DK','C3rKAw4','mtm1ntmZnhDPugXzwq','re9vva','ndjnsNfpAxG','DwrHCvO','BLfwBNe','BKTctMC','C3rKzxi','mZC3ntC4mhn0r2Tnqq','rvrjtuu'];_0x3f13=function(){return _0xc6850e;};return _0x3f13();}
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+import { which } from "../utils.js";
+const execFileAsync = promisify(execFile);
+export async function runCommand(command, args, options) {
+    try {
+        const result = await execFileAsync(command, args, {
+            timeout: options?.timeout ?? 30_000,
+            cwd: options?.cwd,
+            maxBuffer: 10 * 1024 * 1024,
+            encoding: "utf-8",
+            ...(options?.stdin ? { input: options.stdin } : {}),
+        });
+        return {
+            stdout: String(result.stdout),
+            stderr: String(result.stderr),
+            exitCode: 0,
+        };
+    }
+    catch (err) {
+        return {
+            stdout: err.stdout ?? "",
+            stderr: err.stderr ?? err.message ?? String(err),
+            exitCode: err.code === "ETIMEDOUT" ? -1 : (err.status ?? 1),
+        };
+    }
+}
+export async function isToolAvailable(name) {
+    return (await which(name)) !== null;
+}

package/dist/core/scanner.js CHANGED Viewed

@@ -1 +1,101 @@
-function _0x2e6bad(_0x39958b,_0x12e043){const _0x3f7ae1={_0x3c6316:0x74};return _0x509f(_0x12e043- -_0x3f7ae1._0x3c6316,_0x39958b);}function _0x509f(_0x868c0,_0x4edc4b){_0x868c0=_0x868c0-(-0xe2e+-0x2*-0xc43+-0x95a);const _0x1f10b8=_0xd138();let _0x3fb244=_0x1f10b8[_0x868c0];if(_0x509f['hGvEPu']===undefined){var _0x5bb961=function(_0x2e8ba2){const _0x5bd3d9='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x468099='',_0x42b075='';for(let _0x8d00af=0x4*0x3cb+0xbdf+0x17*-0x12d,_0x27b006,_0x1512fd,_0x227967=0x17af+0x19bc+-0x316b;_0x1512fd=_0x2e8ba2['charAt'](_0x227967++);~_0x1512fd&&(_0x27b006=_0x8d00af%(0x3*-0x9b6+-0x1*0x38e+0x5b*0x5c)?_0x27b006*(-0x1*-0x709+-0x41c+-0x2ad)+_0x1512fd:_0x1512fd,_0x8d00af++%(-0xd*0x1e9+-0x2f*-0x5+0x17ee))?_0x468099+=String['fromCharCode'](0xe4b+-0x1*0x75+-0xcd7&_0x27b006>>(-(-0x1975+-0xbf3+-0x2*-0x12b5)*_0x8d00af&0x13f*-0x18+0x458+-0x28f*-0xa)):-0x16e1*-0x1+-0x1cb7+0x5d6){_0x1512fd=_0x5bd3d9['indexOf'](_0x1512fd);}for(let _0xce5a4=0x21d*-0x6+0x1614+-0x4b3*0x2,_0x380509=_0x468099['length'];_0xce5a4<_0x380509;_0xce5a4++){_0x42b075+='%'+('00'+_0x468099['charCodeAt'](_0xce5a4)['toString'](0x1bfc+0x1*0x15e5+-0x147*0x27))['slice'](-(0x29c*0x2+-0x1d5a+0x1824));}return decodeURIComponent(_0x42b075);};_0x509f['SijVPp']=_0x5bb961,_0x509f['KzOfCv']={},_0x509f['hGvEPu']=!![];}const _0x797192=_0x1f10b8[-0x268f*-0x1+0x6d*0x1+-0x26fc],_0x4b10c8=_0x868c0+_0x797192,_0x592748=_0x509f['KzOfCv'][_0x4b10c8];return!_0x592748?(_0x3fb244=_0x509f['SijVPp'](_0x3fb244),_0x509f['KzOfCv'][_0x4b10c8]=_0x3fb244):_0x3fb244=_0x592748,_0x3fb244;}(function(_0x50ce72,_0x1bb993){const _0x4cf69d={_0xd85d45:0x16d,_0x1cf49a:0x150,_0x68ab78:0x151,_0x24dabf:0x15c,_0x4c0c13:0x13f,_0x14c69b:0x173,_0x194243:0x17d,_0x4cf08e:0x36f,_0x1bea4b:0x375,_0x67cb18:0x15a,_0x1b95aa:0x372,_0xf19d36:0x373};function _0x357d6f(_0x5ed9ca,_0x37e17c){return _0x509f(_0x37e17c-0x239,_0x5ed9ca);}const _0xe6bbe3=_0x50ce72();function _0x438594(_0x2367df,_0x490f14){return _0x509f(_0x490f14- -0x281,_0x2367df);}while(!![]){try{const _0x409691=-parseInt(_0x438594(-_0x4cf69d._0xd85d45,-_0x4cf69d._0x1cf49a))/(0x1c2+-0x1fd*0x1+0x3c)+parseInt(_0x438594(-0x17a,-_0x4cf69d._0x68ab78))/(0x225d+0x30f*-0x9+0x5c*-0x13)+-parseInt(_0x357d6f(0x371,0x385))/(0x18f7+0x2a5*-0xe+0xc12)+parseInt(_0x438594(-_0x4cf69d._0x24dabf,-_0x4cf69d._0x4c0c13))/(0x42*-0x10+0x1*0x1819+-0x1*0x13f5)*(-parseInt(_0x438594(-_0x4cf69d._0x14c69b,-_0x4cf69d._0x194243))/(-0xc39+-0x167e+-0x2e5*-0xc))+-parseInt(_0x357d6f(_0x4cf69d._0x4cf08e,_0x4cf69d._0x1bea4b))/(0x16b6+-0x6b0+-0x2*0x800)+parseInt(_0x438594(-0x142,-0x158))/(-0x21e4+-0x18dc+0x3ac7)*(-parseInt(_0x438594(-0x151,-0x15c))/(-0x1c7f+0x20a2+0x1*-0x41b))+-parseInt(_0x438594(-_0x4cf69d._0x67cb18,-0x17a))/(-0x8*-0x3db+0x3bf*-0x1+-0x1b10)*(-parseInt(_0x357d6f(_0x4cf69d._0x1b95aa,_0x4cf69d._0xf19d36))/(0x11a2+-0x14e2+0x34a*0x1));if(_0x409691===_0x1bb993)break;else _0xe6bbe3['push'](_0xe6bbe3['shift']());}catch(_0x335460){_0xe6bbe3['push'](_0xe6bbe3['shift']());}}}(_0xd138,-0x6353c+-0x2cde+0xcbf13));function _0x5e8f43(_0x381a15,_0x5731a1){const _0x2ac8f8={_0x899ff6:0x35d};return _0x509f(_0x381a15- -_0x2ac8f8._0x899ff6,_0x5731a1);}import{detectLanguage,getRulesForLanguage}from'../rules/index.js';import{runKiraCore}from'./engines/kira-core.js';function _0xd138(){const _0x2fe60a=['C29YDa','tff4rwW','Axb0Aw8','BgvUz3q','ignYAxq','BwvKAxu','CYbVzIa','C2nHBLi','BgfUz3u','BMrLEa','C3bSAxq','v3rqANK','y3jPDgK','tgL0zsa','AwnHBa','igXVDW','C2v2zxi','qKnWCei','tg92sgO','quDcvwm','zML4','u3vTBwe','CMfIAwW','yw1L','AxrPzxm','ChvZAa','zwrmAw4','zMLUzgK','mtzWs2LozKG','qvvVz1O','y29Kzq','DgLLCYa','nti0mdKWsLP6tMzv','C29Tzq','Axr5','zMLSzw4','C2nHBM4','zMLSDgu','y2fS','odm0ntqYCLncB01p','nta5ndG0CMvoswvr','BM93','DgL0Bgu','ihz1Bg4','Aw5KzxG','C3rHDhu','DwXUzxi','ig1LzgK','BMDZ','mtbRAuPeu2G','y2XLyw4','ntqZmdbTsvDUwKq','x2zVDw4','whneEMy','CMvNzxG','ywjSzq','CMvZDwW','nhzyyvbOuG','iezVDw4','u0DMtgS','Cgf0Dgu','AM9PBG','DKjjEvi','zgv0zwm','BgfZDeK','s2LYys0','wKDtruu','mtKWotq3ouHzsg5bsq','DhjPBq','ywDL','vgnHuwi','DNvSBMu','Bg93','yxzHAwW','yNvPBgq','zgvZy3i','nta5otuWB2Heu2zu','Aw5MBW','C3vTBwe','mti2ntG1mJD6uLDtDxG','BgLUzq'];_0xd138=function(){return _0x2fe60a;};return _0xd138();}export class KiraScanner{[_0x5e8f43(-0x24d,-0x230)+'egex'](_0x4ecab5){const _0x34259d={_0x5ab143:0x295,_0x51ae1c:0x251,_0x39b0e5:0x280,_0x864bca:0x26e,_0x1697ce:0x29b,_0xce264c:0x2aa,_0x3910ea:0x2b0,_0x34ef05:0x287,_0x242bc0:0x1ab,_0x7fa773:0x1e8,_0x5e750d:0x1f3,_0x3b98b4:0x291,_0x2d17b0:0x1c9,_0x468188:0x1ed,_0x12c576:0x290,_0x101ee2:0x26f,_0x39da56:0x1c5,_0x40bd46:0x1d7,_0x437b1c:0x1ea,_0x4e52e8:0x24d,_0x2dd8ea:0x27d,_0x482f96:0x2b6,_0xbdd8ab:0x18b},_0x27f437={};_0x27f437[_0x3761b2(-_0x34259d._0x5ab143,-0x274)]=function(_0x19c5f1,_0x29b22e){return _0x19c5f1+_0x29b22e;},_0x27f437[_0x3761b2(-0x273,-0x29c)]=_0x670435(0x1de,0x1c4);const _0xc3efe7=_0x27f437,_0xf14bdb=Date[_0x3761b2(-_0x34259d._0x51ae1c,-0x268)](),_0x1becfa=detectLanguage(_0x4ecab5[_0x3761b2(-_0x34259d._0x39b0e5,-_0x34259d._0x864bca)+_0x3761b2(-_0x34259d._0x1697ce,-0x27a)],_0x4ecab5[_0x3761b2(-_0x34259d._0xce264c,-0x289)+_0x670435(0x1ed,0x1c9)]),_0x2fdf2b=getRulesForLanguage(_0x1becfa),_0xbd8a54=_0x4ecab5['code'][_0x3761b2(-_0x34259d._0x3910ea,-_0x34259d._0x34ef05)]('\x0a'),_0xadb771=[];function _0x670435(_0x4c2ee6,_0x29e747){return _0x5e8f43(_0x4c2ee6-0x3fc,_0x29e747);}for(const _0xc544b9 of _0x2fdf2b){for(let _0x5aafd4=0x1e2a+-0x32b*0xb+0x4af;_0x5aafd4<_0xbd8a54[_0x670435(_0x34259d._0x242bc0,0x19c)+'h'];_0x5aafd4++){const _0x59758f=_0xbd8a54[_0x5aafd4];_0xc544b9['patte'+'rn'][_0x670435(_0x34259d._0x7fa773,_0x34259d._0x5e750d)+_0x3761b2(-_0x34259d._0x3b98b4,-0x288)]=0x20ed+0x818+0x1*-0x2905;const _0x41fd0b=_0xc544b9[_0x670435(0x1e4,0x203)+'rn']['exec'](_0x59758f);if(_0x41fd0b){const _0x4d3bc1=_0xadb771[_0x670435(_0x34259d._0x2d17b0,_0x34259d._0x468188)](_0x1c3c69=>_0x1c3c69['id']===_0xc544b9['id']&&_0x1c3c69[_0x670435(0x1a7,0x186)]===_0x5aafd4+(0x8f*0x2b+-0x14f9+-0x30b));if(_0x4d3bc1)continue;_0xadb771['push']({'id':_0xc544b9['id'],'severity':_0xc544b9['sever'+_0x3761b2(-_0x34259d._0x12c576,-_0x34259d._0x101ee2)],'cwe':_0xc544b9['cwe'],'title':_0xc544b9[_0x3761b2(-0x257,-0x267)],'description':_0xc544b9[_0x670435(0x1a2,0x1c1)+_0x670435(0x1aa,0x1b7)+'n'],'line':_0x5aafd4+(-0x26c4+-0xb04+0x9f5*0x5),'column':_0xc3efe7[_0x670435(_0x34259d._0x39da56,_0x34259d._0x40bd46)](_0x41fd0b[_0x670435(0x1d4,_0x34259d._0x437b1c)],0x2141*0x1+-0x4db+-0x1c65),'snippet':_0x59758f[_0x3761b2(-0x22f,-_0x34259d._0x4e52e8)](),'fix':_0xc544b9[_0x3761b2(-0x264,-_0x34259d._0x2dd8ea)],'engine':_0xc3efe7['TcaQb']});}}}function _0x3761b2(_0x510e8c,_0x542a4e){return _0x5e8f43(_0x542a4e- -0x3d,_0x510e8c);}return{'findings':_0xadb771,'status':{'engine':_0xc3efe7[_0x3761b2(-_0x34259d._0x482f96,-0x29c)],'available':!![],'findingsCount':_0xadb771[_0x670435(0x1ab,_0x34259d._0xbdd8ab)+'h'],'durationMs':Date['now']()-_0xf14bdb}};}async['scan'](_0x3b862a){const _0x2120ff={_0x5724c7:0x5d,_0x287140:0x42,_0x454641:0x20,_0x1bc996:0x3d2,_0x33d5b5:0x3b6,_0x4bec71:0x75,_0x4bf6cd:0x3d,_0x33c7b0:0xd,_0x46cb4d:0x21,_0x6b74d9:0x40b,_0x3da28f:0x3ff,_0x2aa827:0x3fe,_0x293745:0x4d,_0x3afddb:0x32,_0x221398:0x10,_0x271190:0x41,_0x58c058:0x37,_0x4091fd:0x72,_0x463dc8:0x4b,_0x3edcde:0x28,_0x53c08d:0x37,_0xd08888:0x55,_0x3c4f3e:0x3d8,_0x4565c3:0x3f9,_0x46fd68:0x3f9,_0x4b87d3:0x3c8,_0x429e6c:0x3aa,_0xb88261:0x31,_0x2ab379:0x49,_0x38284f:0x3e7,_0x1f8f72:0x40d,_0x58fdc7:0x60,_0x188ac0:0x3bd,_0x2d89da:0x3a7,_0x4ed663:0x6a,_0x3155d7:0x3dc,_0x1a907f:0x3f,_0x41d67a:0x3ee,_0x3a889b:0x52,_0x2fdb75:0x34,_0x45be54:0x54,_0x125510:0x2d,_0x4ec9ab:0x3e5,_0x463c36:0x3c3,_0x3972bd:0x3db,_0x11847c:0x3c4,_0x32e394:0x3a,_0x44a07a:0x3d3,_0x565e89:0x3b4},_0x44b58b={_0x3a7ff8:0x1ff},_0x5e8a62={_0x4ce7ea:0x3da,_0x4951a3:0x3ec,_0x3e7c5a:0x354,_0x185a05:0x32c,_0x59e67b:0x3ff,_0x5c7ea0:0x3ec,_0x479840:0x341,_0x5e699c:0x31b},_0x300d97={_0x355a41:0x41f},_0x42e835={_0x5374db:0x615},_0x25f3ca={};_0x25f3ca[_0xae3bf2(-_0x2120ff._0x5724c7,-_0x2120ff._0x287140)]=function(_0x208d25,_0x3905d8){return _0x208d25-_0x3905d8;},_0x25f3ca[_0xae3bf2(-0x2f,-_0x2120ff._0x454641)]=function(_0x30ab3c,_0xb61d9e){return _0x30ab3c!==_0xb61d9e;},_0x25f3ca[_0x3a8107(0x3cc,_0x2120ff._0x1bc996)]=function(_0x4127c0,_0xec740b){return _0x4127c0-_0xec740b;},_0x25f3ca[_0x3a8107(0x3c2,_0x2120ff._0x33d5b5)]=_0xae3bf2(-_0x2120ff._0x4bec71,-0x5f)+_0x3a8107(0x3d7,0x3be)+_0xae3bf2(-0x32,-_0x2120ff._0x4bf6cd)+_0xae3bf2(-_0x2120ff._0x33c7b0,-_0x2120ff._0x46cb4d)+'d',_0x25f3ca[_0x3a8107(0x403,_0x2120ff._0x6b74d9)]=_0x3a8107(0x3f3,_0x2120ff._0x3da28f);const _0x5add6a=_0x25f3ca,_0x4b8270=detectLanguage(_0x3b862a['filen'+_0x3a8107(0x3d8,_0x2120ff._0x2aa827)],_0x3b862a[_0xae3bf2(-0x2e,-_0x2120ff._0x293745)+_0xae3bf2(-_0x2120ff._0x3afddb,-_0x2120ff._0x221398)]),_0x52655c=_0x3b862a[_0xae3bf2(-_0x2120ff._0x271190,-_0x2120ff._0x58c058)][_0xae3bf2(-_0x2120ff._0x4091fd,-_0x2120ff._0x463dc8)]('\x0a'),_0x505f7d=await runKiraCore(_0x3b862a[_0xae3bf2(-_0x2120ff._0x3edcde,-_0x2120ff._0x53c08d)],_0x4b8270,_0x3b862a[_0xae3bf2(-_0x2120ff._0xd08888,-0x32)+_0x3a8107(_0x2120ff._0x3c4f3e,0x3fa)]);if(_0x505f7d?.[_0x3a8107(0x3b9,0x3c6)+_0x3a8107(0x3f8,_0x2120ff._0x4565c3)])return _0x505f7d[_0x3a8107(_0x2120ff._0x46fd68,0x414)+'t'];const _0x412564=this[_0x3a8107(_0x2120ff._0x4b87d3,_0x2120ff._0x429e6c)+'egex'](_0x3b862a),_0x5bdc7e={};_0x5bdc7e[_0xae3bf2(-_0x2120ff._0xb88261,-_0x2120ff._0x2ab379)+_0x3a8107(_0x2120ff._0x38284f,_0x2120ff._0x1f8f72)]=0x0,_0x5bdc7e['high']=0x1,_0x5bdc7e[_0x3a8107(0x3c6,0x3b7)+'m']=0x2;function _0x3a8107(_0x49e360,_0x400eae){return _0x5e8f43(_0x49e360-_0x42e835._0x5374db,_0x400eae);}_0x5bdc7e[_0xae3bf2(-_0x2120ff._0x58fdc7,-0x5e)]=0x3,_0x5bdc7e[_0x3a8107(_0x2120ff._0x188ac0,_0x2120ff._0x2d89da)]=0x4;const _0x4baaf5=_0x5bdc7e;_0x412564['findi'+'ngs'][_0xae3bf2(-0x31,-0x55)]((_0x5e2d7a,_0x36505a)=>{function _0x8d94ea(_0x544ad8,_0xa9be7b){return _0xae3bf2(_0xa9be7b,_0x544ad8-_0x300d97._0x355a41);}const _0x16292a=_0x5add6a['AGBUc'](_0x4baaf5[_0x5e2d7a[_0x8d94ea(_0x5e8a62._0x4ce7ea,0x3bd)+_0x8d94ea(_0x5e8a62._0x4951a3,0x3df)]],_0x4baaf5[_0x36505a[_0x55e7e6(_0x5e8a62._0x3e7c5a,_0x5e8a62._0x185a05)+_0x55e7e6(0x35d,0x33e)]]);function _0x55e7e6(_0x149f2a,_0x319da9){return _0x3a8107(_0x319da9- -0xa5,_0x149f2a);}return _0x5add6a[_0x8d94ea(_0x5e8a62._0x59e67b,_0x5e8a62._0x5c7ea0)](_0x16292a,-0x50*0x2a+0x43a*-0x2+0x1594*0x1)?_0x16292a:_0x5add6a[_0x8d94ea(0x3d5,0x3f3)](_0x5e2d7a['line'],_0x36505a[_0x55e7e6(_0x5e8a62._0x479840,_0x5e8a62._0x5e699c)]);});function _0xae3bf2(_0x22ce68,_0x246430){return _0x5e8f43(_0x246430-_0x44b58b._0x3a7ff8,_0x22ce68);}const _0x2ac204=this[_0xae3bf2(-_0x2120ff._0x4ed663,-0x5c)+'Summa'+'ry'](_0x412564[_0x3a8107(_0x2120ff._0x3155d7,0x3b9)+_0xae3bf2(-_0x2120ff._0x1a907f,-0x25)],_0x4b8270,_0x52655c[_0xae3bf2(-0x31,-0x52)+'h']),_0xfea8b1={};return _0xfea8b1[_0x3a8107(_0x2120ff._0x41d67a,0x3f8)+'s']=_0x412564['findi'+_0xae3bf2(-0x4d,-0x25)][_0xae3bf2(-0x49,-_0x2120ff._0x3a889b)+'h']>-0x8b*0x5+-0x7a9*0x3+0x2e*0x8f?_0x5add6a[_0xae3bf2(-_0x2120ff._0x2fdb75,-_0x2120ff._0x45be54)]:_0x5add6a['ZGSEE'],_0xfea8b1[_0xae3bf2(-_0x2120ff._0x125510,-0x4d)+_0x3a8107(0x406,0x3eb)]=_0x4b8270,_0xfea8b1[_0x3a8107(_0x2120ff._0x4ec9ab,_0x2120ff._0x463c36)+_0x3a8107(_0x2120ff._0x3972bd,_0x2120ff._0x3972bd)+'es']=_0x52655c[_0x3a8107(_0x2120ff._0x11847c,0x39e)+'h'],_0xfea8b1[_0xae3bf2(-0x54,-_0x2120ff._0x32e394)+_0x3a8107(0x3f1,_0x2120ff._0x44a07a)]=_0x412564[_0x3a8107(0x3dc,_0x2120ff._0x565e89)+'ngs'],_0xfea8b1[_0x3a8107(0x3be,0x3bf)+'ry']=_0x2ac204,_0xfea8b1['engin'+'es']=[_0x412564['statu'+'s']],_0xfea8b1;}['build'+_0x2e6bad(0xbd,0xaa)+'ry'](_0x396c17,_0xc3bb57,_0x5607aa){const _0x6305d4={_0x2163a3:0x140,_0x4849e3:0x147,_0x21cf7:0x137,_0x350bc6:0x4dc,_0x391f74:0x4e3,_0x24b3c9:0x4fc,_0x241efb:0x4f8,_0x33fc7c:0x4fb,_0x38fa05:0x4fe,_0x56eb3f:0x114,_0x546c8a:0x152,_0x138ac9:0x12d,_0x274dc5:0x4a4,_0x490504:0xfc,_0x591419:0x11a,_0x3403b6:0x4e0,_0x1058c1:0x4c0,_0x440295:0x14c,_0x2da6a8:0x12e,_0x570bb5:0x12c,_0x46f3d4:0x123,_0x2efb51:0x4ae,_0x3e0cf7:0x4e2,_0xc5641c:0x4cf,_0x1f015c:0x4d8,_0xc2840f:0x4d6,_0xaa65cc:0x117,_0x272218:0x503,_0xcc553b:0x4d5,_0xc91943:0x4d6,_0x1e37ad:0x11e,_0x4df24d:0x137,_0x43b454:0x10d,_0x26fa6c:0x146},_0x4fb5b9={_0x1840c2:0x74},_0x17f310={};_0x17f310['BCppB']=function(_0x3525fa,_0x44f2f0){return _0x3525fa===_0x44f2f0;},_0x17f310[_0x108178(_0x6305d4._0x2163a3,_0x6305d4._0x4849e3)]='\x20No\x20v'+_0x108178(0x12a,_0x6305d4._0x21cf7)+'abili'+_0x13e8db(0x4f0,_0x6305d4._0x350bc6)+_0x13e8db(_0x6305d4._0x391f74,_0x6305d4._0x24b3c9)+'ted.',_0x17f310[_0x108178(0x115,0x11b)]=function(_0x229c7b,_0xd0812a){return _0x229c7b>_0xd0812a;},_0x17f310[_0x13e8db(0x4d1,_0x6305d4._0x241efb)]=function(_0x26aabe,_0x4a6cf0){return _0x26aabe>_0x4a6cf0;};const _0x42e00c=_0x17f310;let _0x3248c2=_0x13e8db(_0x6305d4._0x33fc7c,_0x6305d4._0x38fa05)+_0x108178(_0x6305d4._0x56eb3f,0x116)+_0x108178(_0x6305d4._0x546c8a,_0x6305d4._0x138ac9)+'ed\x20'+_0x5607aa+('\x20line'+_0x13e8db(_0x6305d4._0x274dc5,0x4c3))+_0xc3bb57+'.';if(_0x42e00c[_0x108178(_0x6305d4._0x490504,_0x6305d4._0x591419)](_0x396c17[_0x13e8db(_0x6305d4._0x3403b6,_0x6305d4._0x1058c1)+'h'],-0x1a61*0x1+0x19*-0x16c+-0x1*-0x3ded))return _0x3248c2+=_0x42e00c[_0x108178(0x129,_0x6305d4._0x4849e3)],_0x3248c2;const _0x6e4f00=_0x396c17[_0x108178(_0x6305d4._0x440295,_0x6305d4._0x2da6a8)+'r'](_0x29a5be=>_0x29a5be[_0x13e8db(0x4b4,0x4cd)+_0x108178(0x112,0x12b)]===_0x13e8db(0x4ae,0x4c9)+_0x108178(0x117,0x12f))[_0x108178(_0x6305d4._0x570bb5,0x10c)+'h'],_0x2c880f=_0x396c17[_0x108178(0x14e,0x12e)+'r'](_0x246d85=>_0x246d85['sever'+_0x13e8db(0x4ed,0x4df)]==='high')[_0x108178(_0x6305d4._0x46f3d4,0x10c)+'h'];function _0x108178(_0x716e99,_0x199f8c){return _0x2e6bad(_0x716e99,_0x199f8c-_0x4fb5b9._0x1840c2);}const _0x36d037=_0x396c17['filte'+'r'](_0x343624=>_0x343624[_0x108178(0xf3,0x119)+'ity']===_0x108178(0x116,0x10e)+'m')[_0x13e8db(_0x6305d4._0x2efb51,0x4c0)+'h'],_0x28d995=_0x396c17[_0x13e8db(0x4f7,_0x6305d4._0x3e0cf7)+'r'](_0x35a0d0=>_0x35a0d0['sever'+_0x108178(0x106,0x12b)]===_0x108178(0x117,0x100))[_0x13e8db(0x49a,0x4c0)+'h'],_0x4f8b9c=[];if(_0x42e00c[_0x13e8db(0x4ba,_0x6305d4._0xc5641c)](_0x6e4f00,0x1ecd+-0x1067+0x733*-0x2))_0x4f8b9c[_0x13e8db(_0x6305d4._0x1f015c,_0x6305d4._0xc2840f)](_0x6e4f00+(_0x108178(0xfc,0x10d)+_0x108178(0x12e,_0x6305d4._0xaa65cc)));if(_0x42e00c[_0x13e8db(_0x6305d4._0x272218,_0x6305d4._0x241efb)](_0x2c880f,0x1c05+-0xbcb*-0x3+-0x3f66))_0x4f8b9c[_0x13e8db(_0x6305d4._0xcc553b,_0x6305d4._0xc91943)](_0x2c880f+'\x20high');if(_0x36d037>-0xae9+0x25fd*0x1+-0x1b14)_0x4f8b9c[_0x13e8db(0x4c8,0x4d6)](_0x36d037+(_0x108178(_0x6305d4._0x1e37ad,0x138)+'um'));if(_0x42e00c['LovHj'](_0x28d995,-0x225f+0x272*0x8+0xecf))_0x4f8b9c[_0x108178(0x134,0x122)](_0x28d995+_0x108178(0x134,0x118));_0x3248c2+=_0x108178(_0x6305d4._0x4df24d,0x143)+'d\x20'+_0x396c17['lengt'+'h']+(_0x108178(_0x6305d4._0x43b454,0x134)+'erabi'+'litie'+'s:\x20')+_0x4f8b9c[_0x108178(0x142,_0x6305d4._0x26fa6c)](',\x20')+'.';function _0x13e8db(_0x13aa0a,_0x1a4ba4){return _0x2e6bad(_0x13aa0a,_0x1a4ba4-0x428);}return _0x3248c2;}}
+import { detectLanguage, getRulesForLanguage } from "../rules/index.js";
+import { runKiraCore } from "./engines/kira-core.js";
+export class KiraScanner {
+    /**
+     * Synchronous regex-only scan (fast fallback, always available).
+     */
+    scanRegex(options) {
+        const start = Date.now();
+        const language = detectLanguage(options.filename, options.language);
+        const rules = getRulesForLanguage(language);
+        const lines = options.code.split("\n");
+        const findings = [];
+        for (const rule of rules) {
+            for (let i = 0; i < lines.length; i++) {
+                const line = lines[i];
+                rule.pattern.lastIndex = 0;
+                const match = rule.pattern.exec(line);
+                if (match) {
+                    const isDuplicate = findings.some((f) => f.id === rule.id && f.line === i + 1);
+                    if (isDuplicate)
+                        continue;
+                    findings.push({
+                        id: rule.id,
+                        severity: rule.severity,
+                        cwe: rule.cwe,
+                        title: rule.title,
+                        description: rule.description,
+                        line: i + 1,
+                        column: match.index + 1,
+                        snippet: line.trim(),
+                        fix: rule.fix,
+                        engine: "regex",
+                    });
+                }
+            }
+        }
+        return {
+            findings,
+            status: {
+                engine: "regex",
+                available: true,
+                findingsCount: findings.length,
+                durationMs: Date.now() - start,
+            },
+        };
+    }
+    /**
+     * Full async scan.
+     *
+     * Strategy:
+     * 1. If kira-core Go binary is available → use it (single binary, has everything)
+     * 2. Otherwise → fall back to regex engine
+     */
+    async scan(options) {
+        const language = detectLanguage(options.filename, options.language);
+        const lines = options.code.split("\n");
+        // Strategy 1: Try kira-core binary (single Go binary with everything compiled in)
+        const kiraCoreResult = await runKiraCore(options.code, language, options.filename);
+        if (kiraCoreResult?.available) {
+            return kiraCoreResult.result;
+        }
+        // Strategy 2: Fall back to regex engine
+        const regexResult = this.scanRegex(options);
+        const severityOrder = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+        regexResult.findings.sort((a, b) => {
+            const sevDiff = severityOrder[a.severity] - severityOrder[b.severity];
+            return sevDiff !== 0 ? sevDiff : a.line - b.line;
+        });
+        const summary = this.buildSummary(regexResult.findings, language, lines.length);
+        return {
+            status: regexResult.findings.length > 0 ? "vulnerabilities_found" : "clean",
+            language,
+            scannedLines: lines.length,
+            findings: regexResult.findings,
+            summary,
+            engines: [regexResult.status],
+        };
+    }
+    buildSummary(findings, language, totalLines) {
+        let summary = `Kira-Lite scanned ${totalLines} lines of ${language}.`;
+        if (findings.length === 0) {
+            summary += " No vulnerabilities detected.";
+            return summary;
+        }
+        const critical = findings.filter((f) => f.severity === "critical").length;
+        const high = findings.filter((f) => f.severity === "high").length;
+        const medium = findings.filter((f) => f.severity === "medium").length;
+        const low = findings.filter((f) => f.severity === "low").length;
+        const parts = [];
+        if (critical > 0)
+            parts.push(`${critical} critical`);
+        if (high > 0)
+            parts.push(`${high} high`);
+        if (medium > 0)
+            parts.push(`${medium} medium`);
+        if (low > 0)
+            parts.push(`${low} low`);
+        summary += ` Found ${findings.length} vulnerabilities: ${parts.join(", ")}.`;
+        return summary;
+    }
+}

package/dist/core/types.js CHANGED Viewed

	@@ -1 +1 @@
1	- export{};
1	+ export {};

package/dist/core/utils.js CHANGED Viewed

@@ -1 +1,70 @@
-(function(_0x1df677,_0xeda626){const _0x31474f={_0x1eb108:0x58,_0x2ac472:0x111,_0x375665:0x7c,_0x220baa:0x46,_0x172112:0x32,_0x3d899e:0x59,_0x35f1df:0xc2,_0x5184a9:0x10a};function _0xec2d2a(_0x39cc8e,_0x27d633){return _0x2ee4(_0x39cc8e- -0x2cc,_0x27d633);}const _0xda2ffe=_0x1df677();function _0x2f1c85(_0xcf9e83,_0x219ed5){return _0x2ee4(_0xcf9e83- -0x23b,_0x219ed5);}while(!![]){try{const _0x5da78e=-parseInt(_0x2f1c85(-_0x31474f._0x1eb108,-0x5c))/(0x236e+0x1*-0x2451+0x72*0x2)*(parseInt(_0xec2d2a(-0x105,-0x115))/(-0x1*-0x1f46+0x16*0x82+-0x610*0x7))+-parseInt(_0xec2d2a(-_0x31474f._0x2ac472,-0x112))/(-0x1e7f+-0x2*0xff4+0xa67*0x6)*(-parseInt(_0x2f1c85(-_0x31474f._0x375665,-0x5f))/(0x3*0x80b+-0xbac+-0x27d*0x5))+-parseInt(_0xec2d2a(-0x106,-0x107))/(-0x36d+0xf30+-0x3ea*0x3)*(-parseInt(_0x2f1c85(-_0x31474f._0x220baa,-_0x31474f._0x172112))/(-0x19*-0x1d+-0x2632+0x2363))+parseInt(_0x2f1c85(-_0x31474f._0x3d899e,-0x4e))/(0x22aa+0x1*0x21d1+-0x1*0x4474)+-parseInt(_0xec2d2a(-0xd1,-_0x31474f._0x35f1df))/(-0x170a+0x2*-0x48e+-0x3*-0xaba)+parseInt(_0xec2d2a(-_0x31474f._0x5184a9,-0xeb))/(0x1fa4+-0x1*0x10c7+-0xed4)*(parseInt(_0x2f1c85(-0x7b,-0x57))/(0x4*-0x5+-0x1a46+0x1a64))+-parseInt(_0x2f1c85(-0x68,-0x81))/(-0x1b35+-0x2*-0x287+0x1632);if(_0x5da78e===_0xeda626)break;else _0xda2ffe['push'](_0xda2ffe['shift']());}catch(_0x3a765d){_0xda2ffe['push'](_0xda2ffe['shift']());}}}(_0xd3ed,0x3061f+0x21*-0x17cc+0x470e7*0x1));import{execFile}from'node:child_process';import{promisify}from'node:util';function _0x27fe92(_0x1eb570,_0x17c2c5){return _0x2ee4(_0x1eb570- -0x17,_0x17c2c5);}import{mkdtemp,writeFile,rm}from'node:fs/promises';import{tmpdir}from'node:os';import{join}from'node:path';const execFileAsync=promisify(execFile),_0x2d18df={};function _0x2ee4(_0x5940b1,_0x168830){_0x5940b1=_0x5940b1-(0x22aa+-0x8cf+0x119*-0x16);const _0x134492=_0xd3ed();let _0x5c4ecf=_0x134492[_0x5940b1];if(_0x2ee4['Cijtph']===undefined){var _0x1b688b=function(_0x16dc20){const _0x3efd41='abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789+/=';let _0x2c5372='',_0x3a1d25='';for(let _0x1ce22f=0x7af+0x14cf+-0x1c7e,_0x44ff0d,_0x5d8049,_0xaf4c2c=0x1481*0x1+0xe4*-0xc+0x167*-0x7;_0x5d8049=_0x16dc20['charAt'](_0xaf4c2c++);~_0x5d8049&&(_0x44ff0d=_0x1ce22f%(-0x4*-0x803+-0x1*-0x773+-0xd29*0x3)?_0x44ff0d*(0x1cb2+-0x23dd*0x1+0x1*0x76b)+_0x5d8049:_0x5d8049,_0x1ce22f++%(-0x1*-0x10ba+0x24ae+-0x3564))?_0x2c5372+=String['fromCharCode'](-0xc9b*-0x3+-0x1340+0x8c9*-0x2&_0x44ff0d>>(-(0xd0b+-0x1494+0x78b)*_0x1ce22f&0x9d*0x6+0x11e5+0x158d*-0x1)):0x4a0+-0xfd1*-0x2+-0x2442){_0x5d8049=_0x3efd41['indexOf'](_0x5d8049);}for(let _0x57a08b=0xcc3+-0xa59+0x67*-0x6,_0x2a580f=_0x2c5372['length'];_0x57a08b<_0x2a580f;_0x57a08b++){_0x3a1d25+='%'+('00'+_0x2c5372['charCodeAt'](_0x57a08b)['toString'](0x1e05+0x4*-0x655+-0x4a1))['slice'](-(-0x4a3*0x1+0x2035+-0x1b90));}return decodeURIComponent(_0x3a1d25);};_0x2ee4['uFyUTl']=_0x1b688b,_0x2ee4['UlMToK']={},_0x2ee4['Cijtph']=!![];}const _0x4411db=_0x134492[-0xae7*0x2+0x2da*-0xc+-0x3806*-0x1],_0x211864=_0x5940b1+_0x4411db,_0x5a2a86=_0x2ee4['UlMToK'][_0x211864];return!_0x5a2a86?(_0x5c4ecf=_0x2ee4['uFyUTl'](_0x5c4ecf),_0x2ee4['UlMToK'][_0x211864]=_0x5c4ecf):_0x5c4ecf=_0x5a2a86,_0x5c4ecf;}_0x2d18df[_0x5a01f2(-0x1f2,-0x1cf)+_0x27fe92(0x1ce,0x1ea)]=_0x27fe92(0x1ba,0x1a9),_0x2d18df[_0x5a01f2(-0x1ce,-0x1da)+_0x27fe92(0x1ce,0x1b8)]=_0x27fe92(0x1a5,0x18a),_0x2d18df[_0x5a01f2(-0x1e4,-0x1fb)+'n']=_0x5a01f2(-0x22c,-0x214),_0x2d18df[_0x27fe92(0x1bf,0x1ca)]='.java',_0x2d18df['go']='.go',_0x2d18df['ruby']=_0x27fe92(0x1e8,0x1c9),_0x2d18df[_0x5a01f2(-0x205,-0x211)]='.php',_0x2d18df['cshar'+'p']='.cs',_0x2d18df['c']='.c',_0x2d18df['cpp']=_0x5a01f2(-0x22d,-0x215),_0x2d18df[_0x27fe92(0x1e2,0x1c4)]='.rs',_0x2d18df[_0x27fe92(0x1e7,0x1f5)]=_0x27fe92(0x1df,0x1eb)+'t',_0x2d18df[_0x5a01f2(-0x21e,-0x207)+'n']=_0x5a01f2(-0x208,-0x203),_0x2d18df['scala']=_0x5a01f2(-0x1e5,-0x1ec)+'a',_0x2d18df[_0x27fe92(0x1b4,0x1b2)]=_0x5a01f2(-0x22f,-0x20d),_0x2d18df[_0x5a01f2(-0x1f9,-0x201)]=_0x5a01f2(-0x22f,-0x20d),_0x2d18df['yaml']=_0x5a01f2(-0x1ff,-0x212),_0x2d18df[_0x5a01f2(-0x1e1,-0x1db)]=_0x5a01f2(-0x1e4,-0x1fe),_0x2d18df[_0x5a01f2(-0x1af,-0x1cb)]=_0x27fe92(0x1d0,0x1bc),_0x2d18df[_0x5a01f2(-0x1cf,-0x1d9)]=_0x27fe92(0x1b2,0x1c5),_0x2d18df[_0x27fe92(0x1cf,0x1df)]=_0x5a01f2(-0x1d6,-0x1f1),_0x2d18df[_0x5a01f2(-0x1d4,-0x1e7)]=_0x27fe92(0x1e0,0x1ff),_0x2d18df[_0x27fe92(0x1c0,0x1d6)+_0x27fe92(0x1d8,0x1d8)]=_0x5a01f2(-0x21d,-0x20a)+_0x27fe92(0x1d8,0x1fa),_0x2d18df[_0x27fe92(0x1b7,0x1d6)+_0x5a01f2(-0x1bf,-0x1ca)]=_0x27fe92(0x1dc,0x1e6),_0x2d18df[_0x27fe92(0x1d1,0x1ec)]=_0x5a01f2(-0x1e2,-0x1d8);const extensionMap=_0x2d18df;export function getExtensionForLanguage(_0x51ad9c){const _0x5549c9={_0x369e1d:0x324,_0x240053:0x31f,_0x47aef7:0x340},_0x4f70cf={_0x3d451b:0x517},_0x473a63={_0x445d66:0x1c9};function _0x4d9433(_0x272f59,_0x1013d4){return _0x5a01f2(_0x1013d4,_0x272f59-_0x473a63._0x445d66);}function _0x361685(_0x4c7ee8,_0x5b5be4){return _0x5a01f2(_0x4c7ee8,_0x5b5be4-_0x4f70cf._0x3d451b);}const _0x4a50c7={};_0x4a50c7[_0x361685(0x327,_0x5549c9._0x369e1d)]='.js';const _0x1644cb=_0x4a50c7;if(!_0x51ad9c)return _0x1644cb[_0x361685(_0x5549c9._0x240053,0x324)];return extensionMap[_0x51ad9c[_0x4d9433(-0x45,-0x35)+_0x361685(0x363,_0x5549c9._0x47aef7)+'e']()]??_0x4d9433(-0x36,-0x1e);}function _0x5a01f2(_0x3c0722,_0x37f3fb){const _0x13f512={_0x3bb0f9:0x3cb};return _0x2ee4(_0x37f3fb- -_0x13f512._0x3bb0f9,_0x3c0722);}function _0xd3ed(){const _0x357924=['lNjI','Eg1S','zM9YBq','rfzjBwi','lMnWCa','lNb5','DhjPBq','lNLHBwW','CgHW','mti4nJm2nhPdCuLJsq','lNrZ','Dg9mB3C','lNnO','nfPltgH6rG','nty3ota2mg5sDLLJuG','rg9JA2u','ouzVv29pua','ww9mC1G','A290BgK','D2LUmZi','nwTUzuTrqW','mta5nLDOt2XRyG','lMT0','lMH0BwW','yMfZAa','C2HLBgW','lNr4Da','lMPZB24','DgvYCMe','A2LYys0','ChL0Ag8','lMPZ','D2HLCMu','mtq0odKWmZvMvMHmrva','vhfOu1K','BMrLEe8','AMf2yq','zg9JA2u','wMLuy2G','wLroy1C','lMnZCW','zeDwseu','D2HPy2G','C2nHBG','zM9Yy2u','lNnJywW','CMvWBge','DgLTzw8','mZeXotu1mfbztuXRCG','nJmXwhDMsLLn','C3fS','y3jPChq','y3nZ','lNHTBa','AgnS','ufrQyK0','CMvJDxi','DxrMltG','A2PjDgq','BgfZDeK','C2L2zq','CMzPBgu','ANnVBG','DhLWzxm','AhrTBa','lNrM','zxjdyxm','mZe4ntm5nevJBNrTvW','lNn3Awy','lNnXBa','weXvDgu','CNvZDa','C2XPy2u','mtC2nJCYCKrKzw1y','AMf2yxm','C3bSAxq','C3DPzNq'];_0xd3ed=function(){return _0x357924;};return _0xd3ed();}export async function writeTempFile(_0x1c6ad5,_0x58f7d2,_0x21fa9f){const _0x28f22b={_0x5495ca:0x21,_0x53d864:0x27,_0x3da90e:0x5,_0x5734f3:0x578,_0xe6f1cb:0x56a,_0x7828b1:0x17,_0x254597:0xa,_0x3af616:0xf,_0x35bb22:0x3,_0x4b4ae9:0x552,_0x12a631:0x10,_0x410f63:0x54d,_0x1a5f35:0x520,_0x12ca0b:0x577},_0x1352d6={_0x13517b:0x2c,_0x39b837:0x76,_0x49f8c8:0x86,_0x142f0c:0xd},_0x3c0c0b={_0x4362ca:0x74},_0x5ab357={_0x4eae5f:0x1db},_0x129d86={'DVImb':function(_0x2313ce,_0xae84b6,_0x38579d){return _0x2313ce(_0xae84b6,_0x38579d);},'OiPWD':function(_0x6eb12f,_0x7dc18){return _0x6eb12f(_0x7dc18);},'kjItd':function(_0xeb0985){return _0xeb0985();},'PTjbM':_0x5a05a6(-0x25,-_0x28f22b._0x5495ca),'ZTNcW':function(_0x4ab83b,_0xa44a99,_0x436ff2,_0x16c8c7){return _0x4ab83b(_0xa44a99,_0x436ff2,_0x16c8c7);},'YoLsX':_0x5a05a6(-_0x28f22b._0x53d864,-_0x28f22b._0x3da90e)};function _0x247598(_0x18fb08,_0x314631){return _0x27fe92(_0x18fb08-0x3a6,_0x314631);}function _0x5a05a6(_0x50fe7b,_0x44e9bf){return _0x5a01f2(_0x50fe7b,_0x44e9bf-_0x5ab357._0x4eae5f);}const _0x331aa6=await _0x129d86['OiPWD'](mkdtemp,join(_0x129d86[_0x5a05a6(0x3,-0x4)](tmpdir),_0x129d86[_0x247598(_0x28f22b._0x5734f3,_0x28f22b._0xe6f1cb)])),_0x216ba5=_0x21fa9f?_0x21fa9f[_0x5a05a6(_0x28f22b._0x7828b1,_0x28f22b._0x254597)](_0x21fa9f[_0x5a05a6(-_0x28f22b._0x3af616,-_0x28f22b._0x35bb22)+_0x247598(0x564,_0x28f22b._0x4b4ae9)+'f']('.')):getExtensionForLanguage(_0x58f7d2),_0x3cfe2f=_0x21fa9f?_0x21fa9f[_0x5a05a6(-0x37,-_0x28f22b._0x12a631)+'ce'](/[/\\]/g,'_'):_0x247598(0x56c,_0x28f22b._0x410f63)+_0x216ba5,_0x5b471d=_0x129d86[_0x247598(0x544,_0x28f22b._0x1a5f35)](join,_0x331aa6,_0x3cfe2f);return await _0x129d86[_0x5a05a6(-0x28,-0x17)](writeFile,_0x5b471d,_0x1c6ad5,_0x129d86[_0x247598(_0x28f22b._0x4b4ae9,_0x28f22b._0x12ca0b)]),{'dir':_0x331aa6,'filePath':_0x5b471d,'cleanup':async()=>{function _0x421277(_0x2fab87,_0x422f44){return _0x5a05a6(_0x2fab87,_0x422f44- -_0x3c0c0b._0x4362ca);}function _0x1d7ddc(_0x2e7437,_0x4bb34d){return _0x247598(_0x4bb34d- -0x551,_0x2e7437);}try{const _0x5d652c={};_0x5d652c[_0x1d7ddc(_0x1352d6._0x13517b,0x28)+_0x421277(-0x51,-_0x1352d6._0x39b837)]=!![],_0x5d652c[_0x421277(-0xa3,-_0x1352d6._0x49f8c8)]=!![],await _0x129d86[_0x1d7ddc(-0x29,-_0x1352d6._0x142f0c)](rm,_0x331aa6,_0x5d652c);}catch{}}};}export async function which(_0x220209){const _0x2f86c0={_0x22df78:0x1a0,_0x2369bb:0x18e,_0x29ceb2:0x1ba,_0x48fefc:0x1ab,_0x218d6c:0x1aa,_0x443c2a:0x28e,_0x193421:0x1e8,_0x528ac2:0x28d},_0x222c22={_0x4affca:0x452};function _0x33c79d(_0xf29aa1,_0x531120){return _0x5a01f2(_0xf29aa1,_0x531120-_0x222c22._0x4affca);}function _0x1db49a(_0x34d1ba,_0x32b1cf){return _0x5a01f2(_0x34d1ba,_0x32b1cf-0x45);}const _0x31096c={'XLUte':function(_0x50a07d,_0x573f1c){return _0x50a07d===_0x573f1c;},'OKcwX':_0x33c79d(0x250,0x24c),'dGVHE':_0x1db49a(-_0x2f86c0._0x22df78,-0x1b4),'TqhSY':function(_0x3f4a97,_0x21ac9d,_0x854dbf,_0x2f54b1){return _0x3f4a97(_0x21ac9d,_0x854dbf,_0x2f54b1);}};try{const _0x1e9d18=_0x31096c[_0x1db49a(-0x16c,-_0x2f86c0._0x2369bb)](process['platf'+'orm'],_0x31096c['OKcwX'])?_0x31096c[_0x1db49a(-_0x2f86c0._0x29ceb2,-_0x2f86c0._0x48fefc)]:_0x1db49a(-0x187,-_0x2f86c0._0x218d6c),_0x530335={};_0x530335[_0x33c79d(_0x2f86c0._0x443c2a,0x268)+'ut']=0x1388;const {stdout:_0x1b4303}=await _0x31096c[_0x33c79d(0x241,0x25b)](execFileAsync,_0x1e9d18,[_0x220209],_0x530335),_0x3eb983=_0x1b4303[_0x1db49a(-_0x2f86c0._0x193421,-0x1ce)]()[_0x33c79d(_0x2f86c0._0x528ac2,0x284)]('\x0a')[0x26b7+-0x1aa9*0x1+-0xc0e];return _0x3eb983||null;}catch{return null;}}
+import { execFile } from "node:child_process";
+import { promisify } from "node:util";
+import { mkdtemp, writeFile, rm } from "node:fs/promises";
+import { tmpdir } from "node:os";
+import { join } from "node:path";
+const execFileAsync = promisify(execFile);
+const extensionMap = {
+    javascript: ".js",
+    typescript: ".ts",
+    python: ".py",
+    java: ".java",
+    go: ".go",
+    ruby: ".rb",
+    php: ".php",
+    csharp: ".cs",
+    c: ".c",
+    cpp: ".cpp",
+    rust: ".rs",
+    swift: ".swift",
+    kotlin: ".kt",
+    scala: ".scala",
+    shell: ".sh",
+    bash: ".sh",
+    yaml: ".yaml",
+    json: ".json",
+    xml: ".xml",
+    html: ".html",
+    css: ".css",
+    sql: ".sql",
+    dockerfile: "Dockerfile",
+    terraform: ".tf",
+    hcl: ".tf",
+};
+export function getExtensionForLanguage(language) {
+    if (!language)
+        return ".js";
+    return extensionMap[language.toLowerCase()] ?? ".txt";
+}
+export async function writeTempFile(code, language, filename) {
+    const dir = await mkdtemp(join(tmpdir(), "kira-"));
+    const ext = filename
+        ? filename.slice(filename.lastIndexOf("."))
+        : getExtensionForLanguage(language);
+    const name = filename ? filename.replace(/[/\\]/g, "_") : `scan${ext}`;
+    const filePath = join(dir, name);
+    await writeFile(filePath, code, "utf-8");
+    return {
+        dir,
+        filePath,
+        cleanup: async () => {
+            try {
+                await rm(dir, { recursive: true, force: true });
+            }
+            catch {
+                // best effort
+            }
+        },
+    };
+}
+export async function which(command) {
+    try {
+        const cmd = process.platform === "win32" ? "where" : "which";
+        const { stdout } = await execFileAsync(cmd, [command], { timeout: 5000 });
+        const path = stdout.trim().split("\n")[0];
+        return path || null;
+    }
+    catch {
+        return null;
+    }
+}