@pensar/apex 2.0.0 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (55) hide show
  1. package/README.md +20 -0
  2. package/build/agent-4g69jwmq.js +19 -0
  3. package/build/{agent-x1tnsg7n.js → agent-6nhperp2.js} +7 -10
  4. package/build/{agent-z8043nrm.js → agent-x7n47c84.js} +9 -12
  5. package/build/{apps-gdze0s68.js → apps-2ac4vt09.js} +15 -18
  6. package/build/{auth-24ca1qwx.js → auth-bmt98hz0.js} +16 -19
  7. package/build/authentication-c0aj9zaz.js +19 -0
  8. package/build/blackboxAgent-sgph70e4.js +19 -0
  9. package/build/{blackboxPentest-xwc031xm.js → blackboxPentest-xngbtdxb.js} +13 -16
  10. package/build/{cli-a20jcpmp.js → cli-0yptvbbm.js} +1 -1
  11. package/build/{cli-pkdjamer.js → cli-1f5zzrxj.js} +15 -5
  12. package/build/{cli-0v9x0eby.js → cli-88bhxzr1.js} +1 -1
  13. package/build/{cli-948dk60p.js → cli-8g5cwvbm.js} +1 -1
  14. package/build/{cli-mswm4k81.js → cli-cc13ydyx.js} +11 -1
  15. package/build/{cli-wdmqkshz.js → cli-ddtmgbqv.js} +2 -2
  16. package/build/{cli-h6nw89zf.js → cli-eptabm2j.js} +1 -1
  17. package/build/{cli-zpvmaxem.js → cli-f93g10xk.js} +2 -2
  18. package/build/{cli-zvq4gy61.js → cli-fa7nrded.js} +13 -6
  19. package/build/{cli-sw5swz40.js → cli-fxtbkw2f.js} +3 -3
  20. package/build/{cli-ntd42071.js → cli-hk03x6fq.js} +1 -1
  21. package/build/{cli-5fr9k6m4.js → cli-mfzkhttr.js} +58 -35
  22. package/build/{cli-31cara07.js → cli-pyzw545d.js} +8 -6
  23. package/build/{cli-cb5va0cs.js → cli-w2st266h.js} +10 -1
  24. package/build/{cli-h825qzmd.js → cli-z1dapp7v.js} +1492 -53
  25. package/build/{cli-k8mvghe1.js → cli-zpdmnz8c.js} +455 -921
  26. package/build/cli.js +105 -45
  27. package/build/{config-cmq1cxz3.js → config-j0gfjhrm.js} +3 -3
  28. package/build/{doctor-2bkpddws.js → doctor-zn8ms7gs.js} +8 -1
  29. package/build/{fixes-a4qscvkx.js → fixes-d8ytvyzn.js} +15 -18
  30. package/build/{index-hfhkjj2g.js → index-2t2cg8x0.js} +8 -11
  31. package/build/{index-54ep0ery.js → index-3cbcjqw1.js} +9 -12
  32. package/build/{index-48pjf9d2.js → index-528cyewc.js} +94 -126
  33. package/build/{index-2a1x5nnv.js → index-9d2es97h.js} +3 -3
  34. package/build/{index-aymt8k9w.js → index-a1sy2zak.js} +2 -2
  35. package/build/{index-s17r2akv.js → index-hjvqqkem.js} +4 -4
  36. package/build/{index-0fnbx38r.js → index-k6ttkac6.js} +20 -14
  37. package/build/{issues-5pnrspt7.js → issues-17kdjtdg.js} +15 -18
  38. package/build/{logs-1mfm901x.js → logs-r4rjar4m.js} +15 -18
  39. package/build/{offesecAgent-mrbyc93d.js → offesecAgent-azd8ahkm.js} +8 -11
  40. package/build/pentest-2vsjf0j8.js +28 -0
  41. package/build/{pentests-htmtq66d.js → pentests-npjb5q1h.js} +15 -18
  42. package/build/{targetedPentest-cpbd87rc.js → targetedPentest-m24wvscc.js} +9 -12
  43. package/build/threatModel-7akmfzzm.js +26 -0
  44. package/build/{uninstall-6y9dkgyt.js → uninstall-7pm6zcah.js} +1 -1
  45. package/build/{upload-7wtbr768.js → upload-wg0vxmk0.js} +8 -1
  46. package/build/{utils-trqnyj77.js → utils-gd1y4t26.js} +6 -8
  47. package/package.json +1 -1
  48. package/build/agent-84enr6xn.js +0 -22
  49. package/build/authentication-0k43jay4.js +0 -22
  50. package/build/blackboxAgent-76tnwwg7.js +0 -22
  51. package/build/cli-1yavz2pb.js +0 -17
  52. package/build/cli-3knnkdps.js +0 -666
  53. package/build/cli-s1nckt4k.js +0 -20
  54. package/build/pentest-wy4eeagc.js +0 -31
  55. package/build/threatModel-9n56z6a6.js +0 -29
package/build/{cli-k8mvghe1.js → cli-zpdmnz8c.js} RENAMED
@@ -1,47 +1,39 @@
1
1
  import {
2
2
  detectOSAndEnhancePrompt
3
- } from "./cli-mswm4k81.js";
4
- import {
5
- CredentialManager,
6
- NotFoundError,
7
- RateLimiter,
8
- createDir,
9
- descending,
10
- generateRandomName,
11
- generateSessionName,
12
- list,
13
- read,
14
- schema,
15
- update,
16
- write,
17
- writeRaw
18
- } from "./cli-3knnkdps.js";
3
+ } from "./cli-cc13ydyx.js";
19
4
  import {
20
5
  parseTargetUrl
21
6
  } from "./cli-c8131c4q.js";
22
7
  import {
23
- ToolsetStateSchema,
24
- init_toolset
25
- } from "./cli-s1nckt4k.js";
26
- import {
27
- init_ai
28
- } from "./cli-1yavz2pb.js";
29
- import {
8
+ CredentialManager,
9
+ NotFoundError,
10
+ create,
11
+ createLogger,
30
12
  generateObjectResponse,
31
13
  getApexTracer,
32
14
  hasToolCall,
15
+ init_ai,
16
+ init_credentials,
33
17
  init_dist,
18
+ init_lazyLogger,
34
19
  init_observability,
20
+ init_session,
21
+ init_storage,
22
+ init_structured,
23
+ list,
24
+ read,
35
25
  require_tslib,
36
- streamResponse
37
- } from "./cli-h825qzmd.js";
26
+ scopedLogger,
27
+ streamResponse,
28
+ write
29
+ } from "./cli-z1dapp7v.js";
38
30
  import {
39
31
  ensureValidToken,
40
32
  getPensarApiUrl,
41
33
  init_auth,
42
34
  init_constants,
43
35
  signGatewayRequest
44
- } from "./cli-948dk60p.js";
36
+ } from "./cli-8g5cwvbm.js";
45
37
  import {
46
38
  _enum,
47
39
  _null,
@@ -67,17 +59,12 @@ import {
67
59
  string,
68
60
  tool,
69
61
  union,
70
- unknown,
71
- zod_default
62
+ unknown
72
63
  } from "./cli-e6rgwtpb.js";
73
64
  import {
74
65
  config,
75
66
  init_config
76
- } from "./cli-h6nw89zf.js";
77
- import {
78
- getCurrentVersion,
79
- init_installation
80
- } from "./cli-a20jcpmp.js";
67
+ } from "./cli-eptabm2j.js";
81
68
  import {
82
69
  __commonJS,
83
70
  __require,
@@ -1107,52 +1094,52 @@ var require_util = __commonJS((exports) => {
1107
1094
  return hash;
1108
1095
  }
1109
1096
  exports.toHash = toHash;
1110
- function alwaysValidSchema(it, schema2) {
1111
- if (typeof schema2 == "boolean")
1112
- return schema2;
1113
- if (Object.keys(schema2).length === 0)
1097
+ function alwaysValidSchema(it, schema) {
1098
+ if (typeof schema == "boolean")
1099
+ return schema;
1100
+ if (Object.keys(schema).length === 0)
1114
1101
  return true;
1115
- checkUnknownRules(it, schema2);
1116
- return !schemaHasRules(schema2, it.self.RULES.all);
1102
+ checkUnknownRules(it, schema);
1103
+ return !schemaHasRules(schema, it.self.RULES.all);
1117
1104
  }
1118
1105
  exports.alwaysValidSchema = alwaysValidSchema;
1119
- function checkUnknownRules(it, schema2 = it.schema) {
1106
+ function checkUnknownRules(it, schema = it.schema) {
1120
1107
  const { opts, self: self2 } = it;
1121
1108
  if (!opts.strictSchema)
1122
1109
  return;
1123
- if (typeof schema2 === "boolean")
1110
+ if (typeof schema === "boolean")
1124
1111
  return;
1125
1112
  const rules2 = self2.RULES.keywords;
1126
- for (const key in schema2) {
1113
+ for (const key in schema) {
1127
1114
  if (!rules2[key])
1128
1115
  checkStrictMode(it, `unknown keyword: "${key}"`);
1129
1116
  }
1130
1117
  }
1131
1118
  exports.checkUnknownRules = checkUnknownRules;
1132
- function schemaHasRules(schema2, rules2) {
1133
- if (typeof schema2 == "boolean")
1134
- return !schema2;
1135
- for (const key in schema2)
1119
+ function schemaHasRules(schema, rules2) {
1120
+ if (typeof schema == "boolean")
1121
+ return !schema;
1122
+ for (const key in schema)
1136
1123
  if (rules2[key])
1137
1124
  return true;
1138
1125
  return false;
1139
1126
  }
1140
1127
  exports.schemaHasRules = schemaHasRules;
1141
- function schemaHasRulesButRef(schema2, RULES) {
1142
- if (typeof schema2 == "boolean")
1143
- return !schema2;
1144
- for (const key in schema2)
1128
+ function schemaHasRulesButRef(schema, RULES) {
1129
+ if (typeof schema == "boolean")
1130
+ return !schema;
1131
+ for (const key in schema)
1145
1132
  if (key !== "$ref" && RULES.all[key])
1146
1133
  return true;
1147
1134
  return false;
1148
1135
  }
1149
1136
  exports.schemaHasRulesButRef = schemaHasRulesButRef;
1150
- function schemaRefOrVal({ topSchemaRef, schemaPath }, schema2, keyword, $data) {
1137
+ function schemaRefOrVal({ topSchemaRef, schemaPath }, schema, keyword, $data) {
1151
1138
  if (!$data) {
1152
- if (typeof schema2 == "number" || typeof schema2 == "boolean")
1153
- return schema2;
1154
- if (typeof schema2 == "string")
1155
- return (0, codegen_1._)`${schema2}`;
1139
+ if (typeof schema == "number" || typeof schema == "boolean")
1140
+ return schema;
1141
+ if (typeof schema == "string")
1142
+ return (0, codegen_1._)`${schema}`;
1156
1143
  }
1157
1144
  return (0, codegen_1._)`${topSchemaRef}${schemaPath}${(0, codegen_1.getProperty)(keyword)}`;
1158
1145
  }
@@ -1412,10 +1399,10 @@ var require_boolSchema = __commonJS((exports) => {
1412
1399
  message: "boolean schema is false"
1413
1400
  };
1414
1401
  function topBoolOrEmptySchema(it) {
1415
- const { gen, schema: schema2, validateName } = it;
1416
- if (schema2 === false) {
1402
+ const { gen, schema, validateName } = it;
1403
+ if (schema === false) {
1417
1404
  falseSchemaError(it, false);
1418
- } else if (typeof schema2 == "object" && schema2.$async === true) {
1405
+ } else if (typeof schema == "object" && schema.$async === true) {
1419
1406
  gen.return(names_1.default.data);
1420
1407
  } else {
1421
1408
  gen.assign((0, codegen_1._)`${validateName}.errors`, null);
@@ -1424,8 +1411,8 @@ var require_boolSchema = __commonJS((exports) => {
1424
1411
  }
1425
1412
  exports.topBoolOrEmptySchema = topBoolOrEmptySchema;
1426
1413
  function boolOrEmptySchema(it, valid) {
1427
- const { gen, schema: schema2 } = it;
1428
- if (schema2 === false) {
1414
+ const { gen, schema } = it;
1415
+ if (schema === false) {
1429
1416
  gen.var(valid, false);
1430
1417
  falseSchemaError(it);
1431
1418
  } else {
@@ -1481,18 +1468,18 @@ var require_rules = __commonJS((exports) => {
1481
1468
  var require_applicability = __commonJS((exports) => {
1482
1469
  Object.defineProperty(exports, "__esModule", { value: true });
1483
1470
  exports.shouldUseRule = exports.shouldUseGroup = exports.schemaHasRulesForType = undefined;
1484
- function schemaHasRulesForType({ schema: schema2, self: self2 }, type) {
1471
+ function schemaHasRulesForType({ schema, self: self2 }, type) {
1485
1472
  const group = self2.RULES.types[type];
1486
- return group && group !== true && shouldUseGroup(schema2, group);
1473
+ return group && group !== true && shouldUseGroup(schema, group);
1487
1474
  }
1488
1475
  exports.schemaHasRulesForType = schemaHasRulesForType;
1489
- function shouldUseGroup(schema2, group) {
1490
- return group.rules.some((rule) => shouldUseRule(schema2, rule));
1476
+ function shouldUseGroup(schema, group) {
1477
+ return group.rules.some((rule) => shouldUseRule(schema, rule));
1491
1478
  }
1492
1479
  exports.shouldUseGroup = shouldUseGroup;
1493
- function shouldUseRule(schema2, rule) {
1480
+ function shouldUseRule(schema, rule) {
1494
1481
  var _a;
1495
- return schema2[rule.keyword] !== undefined || ((_a = rule.definition.implements) === null || _a === undefined ? undefined : _a.some((kwd) => schema2[kwd] !== undefined));
1482
+ return schema[rule.keyword] !== undefined || ((_a = rule.definition.implements) === null || _a === undefined ? undefined : _a.some((kwd) => schema[kwd] !== undefined));
1496
1483
  }
1497
1484
  exports.shouldUseRule = shouldUseRule;
1498
1485
  });
@@ -1511,17 +1498,17 @@ var require_dataType = __commonJS((exports) => {
1511
1498
  DataType2[DataType2["Correct"] = 0] = "Correct";
1512
1499
  DataType2[DataType2["Wrong"] = 1] = "Wrong";
1513
1500
  })(DataType || (exports.DataType = DataType = {}));
1514
- function getSchemaTypes(schema2) {
1515
- const types = getJSONTypes(schema2.type);
1501
+ function getSchemaTypes(schema) {
1502
+ const types = getJSONTypes(schema.type);
1516
1503
  const hasNull = types.includes("null");
1517
1504
  if (hasNull) {
1518
- if (schema2.nullable === false)
1505
+ if (schema.nullable === false)
1519
1506
  throw new Error("type: null contradicts nullable: false");
1520
1507
  } else {
1521
- if (!types.length && schema2.nullable !== undefined) {
1508
+ if (!types.length && schema.nullable !== undefined) {
1522
1509
  throw new Error('"nullable" cannot be used without "type"');
1523
1510
  }
1524
- if (schema2.nullable === true)
1511
+ if (schema.nullable === true)
1525
1512
  types.push("null");
1526
1513
  }
1527
1514
  return types;
@@ -1653,8 +1640,8 @@ var require_dataType = __commonJS((exports) => {
1653
1640
  }
1654
1641
  exports.checkDataTypes = checkDataTypes;
1655
1642
  var typeError = {
1656
- message: ({ schema: schema2 }) => `must be ${schema2}`,
1657
- params: ({ schema: schema2, schemaValue }) => typeof schema2 == "string" ? (0, codegen_1._)`{type: ${schema2}}` : (0, codegen_1._)`{type: ${schemaValue}}`
1643
+ message: ({ schema }) => `must be ${schema}`,
1644
+ params: ({ schema, schemaValue }) => typeof schema == "string" ? (0, codegen_1._)`{type: ${schema}}` : (0, codegen_1._)`{type: ${schemaValue}}`
1658
1645
  };
1659
1646
  function reportTypeError(it) {
1660
1647
  const cxt = getTypeErrorContext(it);
@@ -1662,16 +1649,16 @@ var require_dataType = __commonJS((exports) => {
1662
1649
  }
1663
1650
  exports.reportTypeError = reportTypeError;
1664
1651
  function getTypeErrorContext(it) {
1665
- const { gen, data, schema: schema2 } = it;
1666
- const schemaCode = (0, util_1.schemaRefOrVal)(it, schema2, "type");
1652
+ const { gen, data, schema } = it;
1653
+ const schemaCode = (0, util_1.schemaRefOrVal)(it, schema, "type");
1667
1654
  return {
1668
1655
  gen,
1669
1656
  keyword: "type",
1670
1657
  data,
1671
- schema: schema2.type,
1658
+ schema: schema.type,
1672
1659
  schemaCode,
1673
1660
  schemaValue: schemaCode,
1674
- parentSchema: schema2,
1661
+ parentSchema: schema,
1675
1662
  params: {},
1676
1663
  it
1677
1664
  };
@@ -1817,15 +1804,15 @@ var require_code2 = __commonJS((exports) => {
1817
1804
  }
1818
1805
  exports.validateArray = validateArray;
1819
1806
  function validateUnion(cxt) {
1820
- const { gen, schema: schema2, keyword, it } = cxt;
1821
- if (!Array.isArray(schema2))
1807
+ const { gen, schema, keyword, it } = cxt;
1808
+ if (!Array.isArray(schema))
1822
1809
  throw new Error("ajv implementation error");
1823
- const alwaysValid = schema2.some((sch) => (0, util_1.alwaysValidSchema)(it, sch));
1810
+ const alwaysValid = schema.some((sch) => (0, util_1.alwaysValidSchema)(it, sch));
1824
1811
  if (alwaysValid && !it.opts.unevaluated)
1825
1812
  return;
1826
1813
  const valid = gen.let("valid", false);
1827
1814
  const schValid = gen.name("_valid");
1828
- gen.block(() => schema2.forEach((_sch, i) => {
1815
+ gen.block(() => schema.forEach((_sch, i) => {
1829
1816
  const schCxt = cxt.subschema({
1830
1817
  keyword,
1831
1818
  schemaProp: i,
@@ -1850,8 +1837,8 @@ var require_keyword = __commonJS((exports) => {
1850
1837
  var code_1 = require_code2();
1851
1838
  var errors_1 = require_errors();
1852
1839
  function macroKeywordCode(cxt, def) {
1853
- const { gen, keyword, schema: schema2, parentSchema, it } = cxt;
1854
- const macroSchema = def.macro.call(it.self, schema2, parentSchema, it);
1840
+ const { gen, keyword, schema, parentSchema, it } = cxt;
1841
+ const macroSchema = def.macro.call(it.self, schema, parentSchema, it);
1855
1842
  const schemaRef = useKeyword(gen, keyword, macroSchema);
1856
1843
  if (it.opts.validateSchema !== false)
1857
1844
  it.self.validateSchema(macroSchema, true);
@@ -1868,9 +1855,9 @@ var require_keyword = __commonJS((exports) => {
1868
1855
  exports.macroKeywordCode = macroKeywordCode;
1869
1856
  function funcKeywordCode(cxt, def) {
1870
1857
  var _a;
1871
- const { gen, keyword, schema: schema2, parentSchema, $data, it } = cxt;
1858
+ const { gen, keyword, schema, parentSchema, $data, it } = cxt;
1872
1859
  checkAsyncKeyword(it, def);
1873
- const validate = !$data && def.compile ? def.compile.call(it.self, schema2, parentSchema, it) : def.validate;
1860
+ const validate = !$data && def.compile ? def.compile.call(it.self, schema, parentSchema, it) : def.validate;
1874
1861
  const validateRef = useKeyword(gen, keyword, validate);
1875
1862
  const valid = gen.let("valid");
1876
1863
  cxt.block$data(valid, validateKeyword);
@@ -1930,20 +1917,20 @@ var require_keyword = __commonJS((exports) => {
1930
1917
  throw new Error(`keyword "${keyword}" failed to compile`);
1931
1918
  return gen.scopeValue("keyword", typeof result == "function" ? { ref: result } : { ref: result, code: (0, codegen_1.stringify)(result) });
1932
1919
  }
1933
- function validSchemaType(schema2, schemaType, allowUndefined = false) {
1934
- return !schemaType.length || schemaType.some((st) => st === "array" ? Array.isArray(schema2) : st === "object" ? schema2 && typeof schema2 == "object" && !Array.isArray(schema2) : typeof schema2 == st || allowUndefined && typeof schema2 == "undefined");
1920
+ function validSchemaType(schema, schemaType, allowUndefined = false) {
1921
+ return !schemaType.length || schemaType.some((st) => st === "array" ? Array.isArray(schema) : st === "object" ? schema && typeof schema == "object" && !Array.isArray(schema) : typeof schema == st || allowUndefined && typeof schema == "undefined");
1935
1922
  }
1936
1923
  exports.validSchemaType = validSchemaType;
1937
- function validateKeywordUsage({ schema: schema2, opts, self: self2, errSchemaPath }, def, keyword) {
1924
+ function validateKeywordUsage({ schema, opts, self: self2, errSchemaPath }, def, keyword) {
1938
1925
  if (Array.isArray(def.keyword) ? !def.keyword.includes(keyword) : def.keyword !== keyword) {
1939
1926
  throw new Error("ajv implementation error");
1940
1927
  }
1941
1928
  const deps = def.dependencies;
1942
- if (deps === null || deps === undefined ? undefined : deps.some((kwd) => !Object.prototype.hasOwnProperty.call(schema2, kwd))) {
1929
+ if (deps === null || deps === undefined ? undefined : deps.some((kwd) => !Object.prototype.hasOwnProperty.call(schema, kwd))) {
1943
1930
  throw new Error(`parent schema must have dependencies of ${keyword}: ${deps.join(",")}`);
1944
1931
  }
1945
1932
  if (def.validateSchema) {
1946
- const valid = def.validateSchema(schema2[keyword]);
1933
+ const valid = def.validateSchema(schema[keyword]);
1947
1934
  if (!valid) {
1948
1935
  const msg = `keyword "${keyword}" value is invalid at path "${errSchemaPath}": ` + self2.errorsText(def.validateSchema.errors);
1949
1936
  if (opts.validateSchema === "log")
@@ -1962,8 +1949,8 @@ var require_subschema = __commonJS((exports) => {
1962
1949
  exports.extendSubschemaMode = exports.extendSubschemaData = exports.getSubschema = undefined;
1963
1950
  var codegen_1 = require_codegen();
1964
1951
  var util_1 = require_util();
1965
- function getSubschema(it, { keyword, schemaProp, schema: schema2, schemaPath, errSchemaPath, topSchemaRef }) {
1966
- if (keyword !== undefined && schema2 !== undefined) {
1952
+ function getSubschema(it, { keyword, schemaProp, schema, schemaPath, errSchemaPath, topSchemaRef }) {
1953
+ if (keyword !== undefined && schema !== undefined) {
1967
1954
  throw new Error('both "keyword" and "schema" passed, only one allowed');
1968
1955
  }
1969
1956
  if (keyword !== undefined) {
@@ -1978,12 +1965,12 @@ var require_subschema = __commonJS((exports) => {
1978
1965
  errSchemaPath: `${it.errSchemaPath}/${keyword}/${(0, util_1.escapeFragment)(schemaProp)}`
1979
1966
  };
1980
1967
  }
1981
- if (schema2 !== undefined) {
1968
+ if (schema !== undefined) {
1982
1969
  if (schemaPath === undefined || errSchemaPath === undefined || topSchemaRef === undefined) {
1983
1970
  throw new Error('"schemaPath", "errSchemaPath" and "topSchemaRef" are required with "schema"');
1984
1971
  }
1985
1972
  return {
1986
- schema: schema2,
1973
+ schema,
1987
1974
  schemaPath,
1988
1975
  topSchemaRef,
1989
1976
  errSchemaPath
@@ -2080,7 +2067,7 @@ var require_fast_deep_equal = __commonJS((exports, module) => {
2080
2067
 
2081
2068
  // node_modules/json-schema-traverse/index.js
2082
2069
  var require_json_schema_traverse = __commonJS((exports, module) => {
2083
- var traverse = module.exports = function(schema2, opts, cb) {
2070
+ var traverse = module.exports = function(schema, opts, cb) {
2084
2071
  if (typeof opts == "function") {
2085
2072
  cb = opts;
2086
2073
  opts = {};
@@ -2088,7 +2075,7 @@ var require_json_schema_traverse = __commonJS((exports, module) => {
2088
2075
  cb = opts.cb || cb;
2089
2076
  var pre = typeof cb == "function" ? cb : cb.pre || function() {};
2090
2077
  var post = cb.post || function() {};
2091
- _traverse(opts, pre, post, schema2, "", schema2);
2078
+ _traverse(opts, pre, post, schema, "", schema);
2092
2079
  };
2093
2080
  traverse.keywords = {
2094
2081
  additionalItems: true,
@@ -2134,26 +2121,26 @@ var require_json_schema_traverse = __commonJS((exports, module) => {
2134
2121
  maxProperties: true,
2135
2122
  minProperties: true
2136
2123
  };
2137
- function _traverse(opts, pre, post, schema2, jsonPtr, rootSchema, parentJsonPtr, parentKeyword, parentSchema, keyIndex) {
2138
- if (schema2 && typeof schema2 == "object" && !Array.isArray(schema2)) {
2139
- pre(schema2, jsonPtr, rootSchema, parentJsonPtr, parentKeyword, parentSchema, keyIndex);
2140
- for (var key in schema2) {
2141
- var sch = schema2[key];
2124
+ function _traverse(opts, pre, post, schema, jsonPtr, rootSchema, parentJsonPtr, parentKeyword, parentSchema, keyIndex) {
2125
+ if (schema && typeof schema == "object" && !Array.isArray(schema)) {
2126
+ pre(schema, jsonPtr, rootSchema, parentJsonPtr, parentKeyword, parentSchema, keyIndex);
2127
+ for (var key in schema) {
2128
+ var sch = schema[key];
2142
2129
  if (Array.isArray(sch)) {
2143
2130
  if (key in traverse.arrayKeywords) {
2144
2131
  for (var i = 0;i < sch.length; i++)
2145
- _traverse(opts, pre, post, sch[i], jsonPtr + "/" + key + "/" + i, rootSchema, jsonPtr, key, schema2, i);
2132
+ _traverse(opts, pre, post, sch[i], jsonPtr + "/" + key + "/" + i, rootSchema, jsonPtr, key, schema, i);
2146
2133
  }
2147
2134
  } else if (key in traverse.propsKeywords) {
2148
2135
  if (sch && typeof sch == "object") {
2149
2136
  for (var prop in sch)
2150
- _traverse(opts, pre, post, sch[prop], jsonPtr + "/" + key + "/" + escapeJsonPtr(prop), rootSchema, jsonPtr, key, schema2, prop);
2137
+ _traverse(opts, pre, post, sch[prop], jsonPtr + "/" + key + "/" + escapeJsonPtr(prop), rootSchema, jsonPtr, key, schema, prop);
2151
2138
  }
2152
2139
  } else if (key in traverse.keywords || opts.allKeys && !(key in traverse.skipKeywords)) {
2153
- _traverse(opts, pre, post, sch, jsonPtr + "/" + key, rootSchema, jsonPtr, key, schema2);
2140
+ _traverse(opts, pre, post, sch, jsonPtr + "/" + key, rootSchema, jsonPtr, key, schema);
2154
2141
  }
2155
2142
  }
2156
- post(schema2, jsonPtr, rootSchema, parentJsonPtr, parentKeyword, parentSchema, keyIndex);
2143
+ post(schema, jsonPtr, rootSchema, parentJsonPtr, parentKeyword, parentSchema, keyIndex);
2157
2144
  }
2158
2145
  }
2159
2146
  function escapeJsonPtr(str) {
@@ -2186,14 +2173,14 @@ var require_resolve = __commonJS((exports) => {
2186
2173
  "enum",
2187
2174
  "const"
2188
2175
  ]);
2189
- function inlineRef(schema2, limit = true) {
2190
- if (typeof schema2 == "boolean")
2176
+ function inlineRef(schema, limit = true) {
2177
+ if (typeof schema == "boolean")
2191
2178
  return true;
2192
2179
  if (limit === true)
2193
- return !hasRef(schema2);
2180
+ return !hasRef(schema);
2194
2181
  if (!limit)
2195
2182
  return false;
2196
- return countKeys(schema2) <= limit;
2183
+ return countKeys(schema) <= limit;
2197
2184
  }
2198
2185
  exports.inlineRef = inlineRef;
2199
2186
  var REF_KEYWORDS = new Set([
@@ -2203,11 +2190,11 @@ var require_resolve = __commonJS((exports) => {
2203
2190
  "$dynamicRef",
2204
2191
  "$dynamicAnchor"
2205
2192
  ]);
2206
- function hasRef(schema2) {
2207
- for (const key in schema2) {
2193
+ function hasRef(schema) {
2194
+ for (const key in schema) {
2208
2195
  if (REF_KEYWORDS.has(key))
2209
2196
  return true;
2210
- const sch = schema2[key];
2197
+ const sch = schema[key];
2211
2198
  if (Array.isArray(sch) && sch.some(hasRef))
2212
2199
  return true;
2213
2200
  if (typeof sch == "object" && hasRef(sch))
@@ -2215,16 +2202,16 @@ var require_resolve = __commonJS((exports) => {
2215
2202
  }
2216
2203
  return false;
2217
2204
  }
2218
- function countKeys(schema2) {
2205
+ function countKeys(schema) {
2219
2206
  let count = 0;
2220
- for (const key in schema2) {
2207
+ for (const key in schema) {
2221
2208
  if (key === "$ref")
2222
2209
  return Infinity;
2223
2210
  count++;
2224
2211
  if (SIMPLE_INLINED.has(key))
2225
2212
  continue;
2226
- if (typeof schema2[key] == "object") {
2227
- (0, util_1.eachItem)(schema2[key], (sch) => count += countKeys(sch));
2213
+ if (typeof schema[key] == "object") {
2214
+ (0, util_1.eachItem)(schema[key], (sch) => count += countKeys(sch));
2228
2215
  }
2229
2216
  if (count === Infinity)
2230
2217
  return Infinity;
@@ -2254,16 +2241,16 @@ var require_resolve = __commonJS((exports) => {
2254
2241
  }
2255
2242
  exports.resolveUrl = resolveUrl;
2256
2243
  var ANCHOR = /^[a-z_][-a-z0-9._]*$/i;
2257
- function getSchemaRefs(schema2, baseId) {
2258
- if (typeof schema2 == "boolean")
2244
+ function getSchemaRefs(schema, baseId) {
2245
+ if (typeof schema == "boolean")
2259
2246
  return {};
2260
2247
  const { schemaId, uriResolver } = this.opts;
2261
- const schId = normalizeId(schema2[schemaId] || baseId);
2248
+ const schId = normalizeId(schema[schemaId] || baseId);
2262
2249
  const baseIds = { "": schId };
2263
2250
  const pathPrefix = getFullPath(uriResolver, schId, false);
2264
2251
  const localRefs = {};
2265
2252
  const schemaRefs = new Set;
2266
- traverse(schema2, { allKeys: true }, (sch, jsonPtr, _, parentJsonPtr) => {
2253
+ traverse(schema, { allKeys: true }, (sch, jsonPtr, _, parentJsonPtr) => {
2267
2254
  if (parentJsonPtr === undefined)
2268
2255
  return;
2269
2256
  const fullPath = pathPrefix + jsonPtr;
@@ -2341,15 +2328,15 @@ var require_validate = __commonJS((exports) => {
2341
2328
  validateFunction(it, () => (0, boolSchema_1.topBoolOrEmptySchema)(it));
2342
2329
  }
2343
2330
  exports.validateFunctionCode = validateFunctionCode;
2344
- function validateFunction({ gen, validateName, schema: schema2, schemaEnv, opts }, body) {
2331
+ function validateFunction({ gen, validateName, schema, schemaEnv, opts }, body) {
2345
2332
  if (opts.code.es5) {
2346
2333
  gen.func(validateName, (0, codegen_1._)`${names_1.default.data}, ${names_1.default.valCxt}`, schemaEnv.$async, () => {
2347
- gen.code((0, codegen_1._)`"use strict"; ${funcSourceUrl(schema2, opts)}`);
2334
+ gen.code((0, codegen_1._)`"use strict"; ${funcSourceUrl(schema, opts)}`);
2348
2335
  destructureValCxtES5(gen, opts);
2349
2336
  gen.code(body);
2350
2337
  });
2351
2338
  } else {
2352
- gen.func(validateName, (0, codegen_1._)`${names_1.default.data}, ${destructureValCxt(opts)}`, schemaEnv.$async, () => gen.code(funcSourceUrl(schema2, opts)).code(body));
2339
+ gen.func(validateName, (0, codegen_1._)`${names_1.default.data}, ${destructureValCxt(opts)}`, schemaEnv.$async, () => gen.code(funcSourceUrl(schema, opts)).code(body));
2353
2340
  }
2354
2341
  }
2355
2342
  function destructureValCxt(opts) {
@@ -2373,9 +2360,9 @@ var require_validate = __commonJS((exports) => {
2373
2360
  });
2374
2361
  }
2375
2362
  function topSchemaObjCode(it) {
2376
- const { schema: schema2, opts, gen } = it;
2363
+ const { schema, opts, gen } = it;
2377
2364
  validateFunction(it, () => {
2378
- if (opts.$comment && schema2.$comment)
2365
+ if (opts.$comment && schema.$comment)
2379
2366
  commentKeyword(it);
2380
2367
  checkNoDefault(it);
2381
2368
  gen.let(names_1.default.vErrors, null);
@@ -2393,8 +2380,8 @@ var require_validate = __commonJS((exports) => {
2393
2380
  gen.if((0, codegen_1._)`${it.evaluated}.dynamicProps`, () => gen.assign((0, codegen_1._)`${it.evaluated}.props`, (0, codegen_1._)`undefined`));
2394
2381
  gen.if((0, codegen_1._)`${it.evaluated}.dynamicItems`, () => gen.assign((0, codegen_1._)`${it.evaluated}.items`, (0, codegen_1._)`undefined`));
2395
2382
  }
2396
- function funcSourceUrl(schema2, opts) {
2397
- const schId = typeof schema2 == "object" && schema2[opts.schemaId];
2383
+ function funcSourceUrl(schema, opts) {
2384
+ const schId = typeof schema == "object" && schema[opts.schemaId];
2398
2385
  return schId && (opts.code.source || opts.code.process) ? (0, codegen_1._)`/*# sourceURL=${schId} */` : codegen_1.nil;
2399
2386
  }
2400
2387
  function subschemaCode(it, valid) {
@@ -2407,10 +2394,10 @@ var require_validate = __commonJS((exports) => {
2407
2394
  }
2408
2395
  (0, boolSchema_1.boolOrEmptySchema)(it, valid);
2409
2396
  }
2410
- function schemaCxtHasRules({ schema: schema2, self: self2 }) {
2411
- if (typeof schema2 == "boolean")
2412
- return !schema2;
2413
- for (const key in schema2)
2397
+ function schemaCxtHasRules({ schema, self: self2 }) {
2398
+ if (typeof schema == "boolean")
2399
+ return !schema;
2400
+ for (const key in schema)
2414
2401
  if (self2.RULES.all[key])
2415
2402
  return true;
2416
2403
  return false;
@@ -2419,8 +2406,8 @@ var require_validate = __commonJS((exports) => {
2419
2406
  return typeof it.schema != "boolean";
2420
2407
  }
2421
2408
  function subSchemaObjCode(it, valid) {
2422
- const { schema: schema2, gen, opts } = it;
2423
- if (opts.$comment && schema2.$comment)
2409
+ const { schema, gen, opts } = it;
2410
+ if (opts.$comment && schema.$comment)
2424
2411
  commentKeyword(it);
2425
2412
  updateContext(it);
2426
2413
  checkAsyncSchema(it);
@@ -2440,14 +2427,14 @@ var require_validate = __commonJS((exports) => {
2440
2427
  schemaKeywords(it, types, !checkedTypes, errsCount);
2441
2428
  }
2442
2429
  function checkRefsAndKeywords(it) {
2443
- const { schema: schema2, errSchemaPath, opts, self: self2 } = it;
2444
- if (schema2.$ref && opts.ignoreKeywordsWithRef && (0, util_1.schemaHasRulesButRef)(schema2, self2.RULES)) {
2430
+ const { schema, errSchemaPath, opts, self: self2 } = it;
2431
+ if (schema.$ref && opts.ignoreKeywordsWithRef && (0, util_1.schemaHasRulesButRef)(schema, self2.RULES)) {
2445
2432
  self2.logger.warn(`$ref: keywords ignored in schema at path "${errSchemaPath}"`);
2446
2433
  }
2447
2434
  }
2448
2435
  function checkNoDefault(it) {
2449
- const { schema: schema2, opts } = it;
2450
- if (schema2.default !== undefined && opts.useDefaults && opts.strictSchema) {
2436
+ const { schema, opts } = it;
2437
+ if (schema.default !== undefined && opts.useDefaults && opts.strictSchema) {
2451
2438
  (0, util_1.checkStrictMode)(it, "default is ignored in the schema root");
2452
2439
  }
2453
2440
  }
@@ -2460,8 +2447,8 @@ var require_validate = __commonJS((exports) => {
2460
2447
  if (it.schema.$async && !it.schemaEnv.$async)
2461
2448
  throw new Error("async schema in sync schema");
2462
2449
  }
2463
- function commentKeyword({ gen, schemaEnv, schema: schema2, errSchemaPath, opts }) {
2464
- const msg = schema2.$comment;
2450
+ function commentKeyword({ gen, schemaEnv, schema, errSchemaPath, opts }) {
2451
+ const msg = schema.$comment;
2465
2452
  if (opts.$comment === true) {
2466
2453
  gen.code((0, codegen_1._)`${names_1.default.self}.logger.log(${msg})`);
2467
2454
  } else if (typeof opts.$comment == "function") {
@@ -2488,9 +2475,9 @@ var require_validate = __commonJS((exports) => {
2488
2475
  gen.assign((0, codegen_1._)`${evaluated}.items`, items);
2489
2476
  }
2490
2477
  function schemaKeywords(it, types, typeErrors, errsCount) {
2491
- const { gen, schema: schema2, data, allErrors, opts, self: self2 } = it;
2478
+ const { gen, schema, data, allErrors, opts, self: self2 } = it;
2492
2479
  const { RULES } = self2;
2493
- if (schema2.$ref && (opts.ignoreKeywordsWithRef || !(0, util_1.schemaHasRulesButRef)(schema2, RULES))) {
2480
+ if (schema.$ref && (opts.ignoreKeywordsWithRef || !(0, util_1.schemaHasRulesButRef)(schema, RULES))) {
2494
2481
  gen.block(() => keywordCode(it, "$ref", RULES.all.$ref.definition));
2495
2482
  return;
2496
2483
  }
@@ -2502,7 +2489,7 @@ var require_validate = __commonJS((exports) => {
2502
2489
  groupKeywords(RULES.post);
2503
2490
  });
2504
2491
  function groupKeywords(group) {
2505
- if (!(0, applicability_1.shouldUseGroup)(schema2, group))
2492
+ if (!(0, applicability_1.shouldUseGroup)(schema, group))
2506
2493
  return;
2507
2494
  if (group.type) {
2508
2495
  gen.if((0, dataType_2.checkDataType)(group.type, data, opts.strictNumbers));
@@ -2520,12 +2507,12 @@ var require_validate = __commonJS((exports) => {
2520
2507
  }
2521
2508
  }
2522
2509
  function iterateKeywords(it, group) {
2523
- const { gen, schema: schema2, opts: { useDefaults } } = it;
2510
+ const { gen, schema, opts: { useDefaults } } = it;
2524
2511
  if (useDefaults)
2525
2512
  (0, defaults_1.assignDefaults)(it, group.type);
2526
2513
  gen.block(() => {
2527
2514
  for (const rule of group.rules) {
2528
- if ((0, applicability_1.shouldUseRule)(schema2, rule)) {
2515
+ if ((0, applicability_1.shouldUseRule)(schema, rule)) {
2529
2516
  keywordCode(it, rule.keyword, rule.definition, group.type);
2530
2517
  }
2531
2518
  }
@@ -2864,17 +2851,17 @@ var require_compile = __commonJS((exports) => {
2864
2851
  var _a;
2865
2852
  this.refs = {};
2866
2853
  this.dynamicAnchors = {};
2867
- let schema2;
2854
+ let schema;
2868
2855
  if (typeof env.schema == "object")
2869
- schema2 = env.schema;
2856
+ schema = env.schema;
2870
2857
  this.schema = env.schema;
2871
2858
  this.schemaId = env.schemaId;
2872
2859
  this.root = env.root || this;
2873
- this.baseId = (_a = env.baseId) !== null && _a !== undefined ? _a : (0, resolve_1.normalizeId)(schema2 === null || schema2 === undefined ? undefined : schema2[env.schemaId || "$id"]);
2860
+ this.baseId = (_a = env.baseId) !== null && _a !== undefined ? _a : (0, resolve_1.normalizeId)(schema === null || schema === undefined ? undefined : schema[env.schemaId || "$id"]);
2874
2861
  this.schemaPath = env.schemaPath;
2875
2862
  this.localRefs = env.localRefs;
2876
2863
  this.meta = env.meta;
2877
- this.$async = schema2 === null || schema2 === undefined ? undefined : schema2.$async;
2864
+ this.$async = schema === null || schema === undefined ? undefined : schema.$async;
2878
2865
  this.refs = {};
2879
2866
  }
2880
2867
  }
@@ -2972,10 +2959,10 @@ var require_compile = __commonJS((exports) => {
2972
2959
  return schOrFunc;
2973
2960
  let _sch = resolve.call(this, root, ref);
2974
2961
  if (_sch === undefined) {
2975
- const schema2 = (_a = root.localRefs) === null || _a === undefined ? undefined : _a[ref];
2962
+ const schema = (_a = root.localRefs) === null || _a === undefined ? undefined : _a[ref];
2976
2963
  const { schemaId } = this.opts;
2977
- if (schema2)
2978
- _sch = new SchemaEnv({ schema: schema2, schemaId, root, baseId });
2964
+ if (schema)
2965
+ _sch = new SchemaEnv({ schema, schemaId, root, baseId });
2979
2966
  }
2980
2967
  if (_sch === undefined)
2981
2968
  return;
@@ -3023,12 +3010,12 @@ var require_compile = __commonJS((exports) => {
3023
3010
  if (!schOrRef.validate)
3024
3011
  compileSchema.call(this, schOrRef);
3025
3012
  if (id === (0, resolve_1.normalizeId)(ref)) {
3026
- const { schema: schema2 } = schOrRef;
3013
+ const { schema } = schOrRef;
3027
3014
  const { schemaId } = this.opts;
3028
- const schId = schema2[schemaId];
3015
+ const schId = schema[schemaId];
3029
3016
  if (schId)
3030
3017
  baseId = (0, resolve_1.resolveUrl)(this.opts.uriResolver, baseId, schId);
3031
- return new SchemaEnv({ schema: schema2, schemaId, root, baseId });
3018
+ return new SchemaEnv({ schema, schemaId, root, baseId });
3032
3019
  }
3033
3020
  return getJsonPointer.call(this, p, schOrRef);
3034
3021
  }
@@ -3040,29 +3027,29 @@ var require_compile = __commonJS((exports) => {
3040
3027
  "dependencies",
3041
3028
  "definitions"
3042
3029
  ]);
3043
- function getJsonPointer(parsedRef, { baseId, schema: schema2, root }) {
3030
+ function getJsonPointer(parsedRef, { baseId, schema, root }) {
3044
3031
  var _a;
3045
3032
  if (((_a = parsedRef.fragment) === null || _a === undefined ? undefined : _a[0]) !== "/")
3046
3033
  return;
3047
3034
  for (const part of parsedRef.fragment.slice(1).split("/")) {
3048
- if (typeof schema2 === "boolean")
3035
+ if (typeof schema === "boolean")
3049
3036
  return;
3050
- const partSchema = schema2[(0, util_1.unescapeFragment)(part)];
3037
+ const partSchema = schema[(0, util_1.unescapeFragment)(part)];
3051
3038
  if (partSchema === undefined)
3052
3039
  return;
3053
- schema2 = partSchema;
3054
- const schId = typeof schema2 === "object" && schema2[this.opts.schemaId];
3040
+ schema = partSchema;
3041
+ const schId = typeof schema === "object" && schema[this.opts.schemaId];
3055
3042
  if (!PREVENT_SCOPE_CHANGE.has(part) && schId) {
3056
3043
  baseId = (0, resolve_1.resolveUrl)(this.opts.uriResolver, baseId, schId);
3057
3044
  }
3058
3045
  }
3059
3046
  let env;
3060
- if (typeof schema2 != "boolean" && schema2.$ref && !(0, util_1.schemaHasRulesButRef)(schema2, this.RULES)) {
3061
- const $ref = (0, resolve_1.resolveUrl)(this.opts.uriResolver, baseId, schema2.$ref);
3047
+ if (typeof schema != "boolean" && schema.$ref && !(0, util_1.schemaHasRulesButRef)(schema, this.RULES)) {
3048
+ const $ref = (0, resolve_1.resolveUrl)(this.opts.uriResolver, baseId, schema.$ref);
3062
3049
  env = resolveSchema.call(this, root, $ref);
3063
3050
  }
3064
3051
  const { schemaId } = this.opts;
3065
- env = env || new SchemaEnv({ schema: schema2, schemaId, root, baseId });
3052
+ env = env || new SchemaEnv({ schema, schemaId, root, baseId });
3066
3053
  if (env.schema !== env.root.schema)
3067
3054
  return env;
3068
3055
  return;
@@ -3942,16 +3929,16 @@ var require_core = __commonJS((exports) => {
3942
3929
  this.errors = v.errors;
3943
3930
  return valid;
3944
3931
  }
3945
- compile(schema2, _meta) {
3946
- const sch = this._addSchema(schema2, _meta);
3932
+ compile(schema, _meta) {
3933
+ const sch = this._addSchema(schema, _meta);
3947
3934
  return sch.validate || this._compileSchemaEnv(sch);
3948
3935
  }
3949
- compileAsync(schema2, meta) {
3936
+ compileAsync(schema, meta) {
3950
3937
  if (typeof this.opts.loadSchema != "function") {
3951
3938
  throw new Error("options.loadSchema should be a function");
3952
3939
  }
3953
3940
  const { loadSchema } = this.opts;
3954
- return runCompileAsync.call(this, schema2, meta);
3941
+ return runCompileAsync.call(this, schema, meta);
3955
3942
  async function runCompileAsync(_schema, _meta) {
3956
3943
  await loadMetaSchema.call(this, _schema.$schema);
3957
3944
  const sch = this._addSchema(_schema, _meta);
@@ -3996,34 +3983,34 @@ var require_core = __commonJS((exports) => {
3996
3983
  }
3997
3984
  }
3998
3985
  }
3999
- addSchema(schema2, key, _meta, _validateSchema = this.opts.validateSchema) {
4000
- if (Array.isArray(schema2)) {
4001
- for (const sch of schema2)
3986
+ addSchema(schema, key, _meta, _validateSchema = this.opts.validateSchema) {
3987
+ if (Array.isArray(schema)) {
3988
+ for (const sch of schema)
4002
3989
  this.addSchema(sch, undefined, _meta, _validateSchema);
4003
3990
  return this;
4004
3991
  }
4005
3992
  let id;
4006
- if (typeof schema2 === "object") {
3993
+ if (typeof schema === "object") {
4007
3994
  const { schemaId } = this.opts;
4008
- id = schema2[schemaId];
3995
+ id = schema[schemaId];
4009
3996
  if (id !== undefined && typeof id != "string") {
4010
3997
  throw new Error(`schema ${schemaId} must be string`);
4011
3998
  }
4012
3999
  }
4013
4000
  key = (0, resolve_1.normalizeId)(key || id);
4014
4001
  this._checkUnique(key);
4015
- this.schemas[key] = this._addSchema(schema2, _meta, key, _validateSchema, true);
4002
+ this.schemas[key] = this._addSchema(schema, _meta, key, _validateSchema, true);
4016
4003
  return this;
4017
4004
  }
4018
- addMetaSchema(schema2, key, _validateSchema = this.opts.validateSchema) {
4019
- this.addSchema(schema2, key, true, _validateSchema);
4005
+ addMetaSchema(schema, key, _validateSchema = this.opts.validateSchema) {
4006
+ this.addSchema(schema, key, true, _validateSchema);
4020
4007
  return this;
4021
4008
  }
4022
- validateSchema(schema2, throwOrLogError) {
4023
- if (typeof schema2 == "boolean")
4009
+ validateSchema(schema, throwOrLogError) {
4010
+ if (typeof schema == "boolean")
4024
4011
  return true;
4025
4012
  let $schema;
4026
- $schema = schema2.$schema;
4013
+ $schema = schema.$schema;
4027
4014
  if ($schema !== undefined && typeof $schema != "string") {
4028
4015
  throw new Error("$schema must be a string");
4029
4016
  }
@@ -4033,7 +4020,7 @@ var require_core = __commonJS((exports) => {
4033
4020
  this.errors = null;
4034
4021
  return true;
4035
4022
  }
4036
- const valid = this.validate($schema, schema2);
4023
+ const valid = this.validate($schema, schema);
4037
4024
  if (!valid && throwOrLogError) {
4038
4025
  const message = "schema is invalid: " + this.errorsText();
4039
4026
  if (this.opts.validateSchema === "log")
@@ -4167,9 +4154,9 @@ var require_core = __commonJS((exports) => {
4167
4154
  if (typeof rule != "object")
4168
4155
  continue;
4169
4156
  const { $data } = rule.definition;
4170
- const schema2 = keywords[key];
4171
- if ($data && schema2)
4172
- keywords[key] = schemaOrData(schema2);
4157
+ const schema = keywords[key];
4158
+ if ($data && schema)
4159
+ keywords[key] = schemaOrData(schema);
4173
4160
  }
4174
4161
  }
4175
4162
  return metaSchema;
@@ -4187,23 +4174,23 @@ var require_core = __commonJS((exports) => {
4187
4174
  }
4188
4175
  }
4189
4176
  }
4190
- _addSchema(schema2, meta, baseId, validateSchema = this.opts.validateSchema, addSchema = this.opts.addUsedSchema) {
4177
+ _addSchema(schema, meta, baseId, validateSchema = this.opts.validateSchema, addSchema = this.opts.addUsedSchema) {
4191
4178
  let id;
4192
4179
  const { schemaId } = this.opts;
4193
- if (typeof schema2 == "object") {
4194
- id = schema2[schemaId];
4180
+ if (typeof schema == "object") {
4181
+ id = schema[schemaId];
4195
4182
  } else {
4196
4183
  if (this.opts.jtd)
4197
4184
  throw new Error("schema must be object");
4198
- else if (typeof schema2 != "boolean")
4185
+ else if (typeof schema != "boolean")
4199
4186
  throw new Error("schema must be object or boolean");
4200
4187
  }
4201
- let sch = this._cache.get(schema2);
4188
+ let sch = this._cache.get(schema);
4202
4189
  if (sch !== undefined)
4203
4190
  return sch;
4204
4191
  baseId = (0, resolve_1.normalizeId)(id || baseId);
4205
- const localRefs = resolve_1.getSchemaRefs.call(this, schema2, baseId);
4206
- sch = new compile_1.SchemaEnv({ schema: schema2, schemaId, meta, baseId, localRefs });
4192
+ const localRefs = resolve_1.getSchemaRefs.call(this, schema, baseId);
4193
+ sch = new compile_1.SchemaEnv({ schema, schemaId, meta, baseId, localRefs });
4207
4194
  this._cache.set(sch.schema, sch);
4208
4195
  if (addSchema && !baseId.startsWith("#")) {
4209
4196
  if (baseId)
@@ -4211,7 +4198,7 @@ var require_core = __commonJS((exports) => {
4211
4198
  this.refs[baseId] = sch;
4212
4199
  }
4213
4200
  if (validateSchema)
4214
- this.validateSchema(schema2, true);
4201
+ this.validateSchema(schema, true);
4215
4202
  return sch;
4216
4203
  }
4217
4204
  _checkUnique(id) {
@@ -4362,8 +4349,8 @@ var require_core = __commonJS((exports) => {
4362
4349
  var $dataRef = {
4363
4350
  $ref: "https://raw.githubusercontent.com/ajv-validator/ajv/master/lib/refs/data.json#"
4364
4351
  };
4365
- function schemaOrData(schema2) {
4366
- return { anyOf: [schema2, $dataRef] };
4352
+ function schemaOrData(schema) {
4353
+ return { anyOf: [schema, $dataRef] };
4367
4354
  }
4368
4355
  });
4369
4356
 
@@ -4638,9 +4625,9 @@ var require_pattern = __commonJS((exports) => {
4638
4625
  $data: true,
4639
4626
  error,
4640
4627
  code(cxt) {
4641
- const { data, $data, schema: schema2, schemaCode, it } = cxt;
4628
+ const { data, $data, schema, schemaCode, it } = cxt;
4642
4629
  const u = it.opts.unicodeRegExp ? "u" : "";
4643
- const regExp = $data ? (0, codegen_1._)`(new RegExp(${schemaCode}, ${u}))` : (0, code_1.usePattern)(cxt, schema2);
4630
+ const regExp = $data ? (0, codegen_1._)`(new RegExp(${schemaCode}, ${u}))` : (0, code_1.usePattern)(cxt, schema);
4644
4631
  cxt.fail$data((0, codegen_1._)`!${regExp}.test(${data})`);
4645
4632
  }
4646
4633
  };
@@ -4690,11 +4677,11 @@ var require_required = __commonJS((exports) => {
4690
4677
  $data: true,
4691
4678
  error,
4692
4679
  code(cxt) {
4693
- const { gen, schema: schema2, schemaCode, data, $data, it } = cxt;
4680
+ const { gen, schema, schemaCode, data, $data, it } = cxt;
4694
4681
  const { opts } = it;
4695
- if (!$data && schema2.length === 0)
4682
+ if (!$data && schema.length === 0)
4696
4683
  return;
4697
- const useLoop = schema2.length >= opts.loopRequired;
4684
+ const useLoop = schema.length >= opts.loopRequired;
4698
4685
  if (it.allErrors)
4699
4686
  allErrorsMode();
4700
4687
  else
@@ -4702,7 +4689,7 @@ var require_required = __commonJS((exports) => {
4702
4689
  if (opts.strictRequired) {
4703
4690
  const props = cxt.parentSchema.properties;
4704
4691
  const { definedProperties } = cxt.it;
4705
- for (const requiredKey of schema2) {
4692
+ for (const requiredKey of schema) {
4706
4693
  if ((props === null || props === undefined ? undefined : props[requiredKey]) === undefined && !definedProperties.has(requiredKey)) {
4707
4694
  const schemaPath = it.schemaEnv.baseId + it.errSchemaPath;
4708
4695
  const msg = `required property "${requiredKey}" is not defined at "${schemaPath}" (strictRequired)`;
@@ -4714,7 +4701,7 @@ var require_required = __commonJS((exports) => {
4714
4701
  if (useLoop || $data) {
4715
4702
  cxt.block$data(codegen_1.nil, loopAllRequired);
4716
4703
  } else {
4717
- for (const prop of schema2) {
4704
+ for (const prop of schema) {
4718
4705
  (0, code_1.checkReportMissingProp)(cxt, prop);
4719
4706
  }
4720
4707
  }
@@ -4726,7 +4713,7 @@ var require_required = __commonJS((exports) => {
4726
4713
  cxt.block$data(valid, () => loopUntilMissing(missing, valid));
4727
4714
  cxt.ok(valid);
4728
4715
  } else {
4729
- gen.if((0, code_1.checkMissingProp)(cxt, schema2, missing));
4716
+ gen.if((0, code_1.checkMissingProp)(cxt, schema, missing));
4730
4717
  (0, code_1.reportMissingProp)(cxt, missing);
4731
4718
  gen.else();
4732
4719
  }
@@ -4804,8 +4791,8 @@ var require_uniqueItems = __commonJS((exports) => {
4804
4791
  $data: true,
4805
4792
  error,
4806
4793
  code(cxt) {
4807
- const { gen, data, $data, schema: schema2, parentSchema, schemaCode, it } = cxt;
4808
- if (!$data && !schema2)
4794
+ const { gen, data, $data, schema, parentSchema, schemaCode, it } = cxt;
4795
+ if (!$data && !schema)
4809
4796
  return;
4810
4797
  const valid = gen.let("valid");
4811
4798
  const itemTypes = parentSchema.items ? (0, dataType_1.getSchemaTypes)(parentSchema.items) : [];
@@ -4865,11 +4852,11 @@ var require_const = __commonJS((exports) => {
4865
4852
  $data: true,
4866
4853
  error,
4867
4854
  code(cxt) {
4868
- const { gen, data, $data, schemaCode, schema: schema2 } = cxt;
4869
- if ($data || schema2 && typeof schema2 == "object") {
4855
+ const { gen, data, $data, schemaCode, schema } = cxt;
4856
+ if ($data || schema && typeof schema == "object") {
4870
4857
  cxt.fail$data((0, codegen_1._)`!${(0, util_1.useFunc)(gen, equal_1.default)}(${data}, ${schemaCode})`);
4871
4858
  } else {
4872
- cxt.fail((0, codegen_1._)`${schema2} !== ${data}`);
4859
+ cxt.fail((0, codegen_1._)`${schema} !== ${data}`);
4873
4860
  }
4874
4861
  }
4875
4862
  };
@@ -4892,10 +4879,10 @@ var require_enum = __commonJS((exports) => {
4892
4879
  $data: true,
4893
4880
  error,
4894
4881
  code(cxt) {
4895
- const { gen, data, $data, schema: schema2, schemaCode, it } = cxt;
4896
- if (!$data && schema2.length === 0)
4882
+ const { gen, data, $data, schema, schemaCode, it } = cxt;
4883
+ if (!$data && schema.length === 0)
4897
4884
  throw new Error("enum must have non-empty array");
4898
- const useLoop = schema2.length >= it.opts.loopEnum;
4885
+ const useLoop = schema.length >= it.opts.loopEnum;
4899
4886
  let eql;
4900
4887
  const getEql = () => eql !== null && eql !== undefined ? eql : eql = (0, util_1.useFunc)(gen, equal_1.default);
4901
4888
  let valid;
@@ -4903,10 +4890,10 @@ var require_enum = __commonJS((exports) => {
4903
4890
  valid = gen.let("valid");
4904
4891
  cxt.block$data(valid, loopEnum);
4905
4892
  } else {
4906
- if (!Array.isArray(schema2))
4893
+ if (!Array.isArray(schema))
4907
4894
  throw new Error("ajv implementation error");
4908
4895
  const vSchema = gen.const("vSchema", schemaCode);
4909
- valid = (0, codegen_1.or)(...schema2.map((_x, i) => equalCode(vSchema, i)));
4896
+ valid = (0, codegen_1.or)(...schema.map((_x, i) => equalCode(vSchema, i)));
4910
4897
  }
4911
4898
  cxt.pass(valid);
4912
4899
  function loopEnum() {
@@ -4914,7 +4901,7 @@ var require_enum = __commonJS((exports) => {
4914
4901
  gen.forOf("v", schemaCode, (v) => gen.if((0, codegen_1._)`${getEql()}(${data}, ${v})`, () => gen.assign(valid, true).break()));
4915
4902
  }
4916
4903
  function equalCode(vSchema, i) {
4917
- const sch = schema2[i];
4904
+ const sch = schema[i];
4918
4905
  return typeof sch === "object" && sch !== null ? (0, codegen_1._)`${getEql()}(${data}, ${vSchema}[${i}])` : (0, codegen_1._)`${data} === ${sch}`;
4919
4906
  }
4920
4907
  }
@@ -4979,13 +4966,13 @@ var require_additionalItems = __commonJS((exports) => {
4979
4966
  }
4980
4967
  };
4981
4968
  function validateAdditionalItems(cxt, items) {
4982
- const { gen, schema: schema2, data, keyword, it } = cxt;
4969
+ const { gen, schema, data, keyword, it } = cxt;
4983
4970
  it.items = true;
4984
4971
  const len = gen.const("len", (0, codegen_1._)`${data}.length`);
4985
- if (schema2 === false) {
4972
+ if (schema === false) {
4986
4973
  cxt.setParams({ len: items.length });
4987
4974
  cxt.pass((0, codegen_1._)`${len} <= ${items.length}`);
4988
- } else if (typeof schema2 == "object" && !(0, util_1.alwaysValidSchema)(it, schema2)) {
4975
+ } else if (typeof schema == "object" && !(0, util_1.alwaysValidSchema)(it, schema)) {
4989
4976
  const valid = gen.var("valid", (0, codegen_1._)`${len} <= ${items.length}`);
4990
4977
  gen.if((0, codegen_1.not)(valid), () => validateItems(valid));
4991
4978
  cxt.ok(valid);
@@ -5015,11 +5002,11 @@ var require_items = __commonJS((exports) => {
5015
5002
  schemaType: ["object", "array", "boolean"],
5016
5003
  before: "uniqueItems",
5017
5004
  code(cxt) {
5018
- const { schema: schema2, it } = cxt;
5019
- if (Array.isArray(schema2))
5020
- return validateTuple(cxt, "additionalItems", schema2);
5005
+ const { schema, it } = cxt;
5006
+ if (Array.isArray(schema))
5007
+ return validateTuple(cxt, "additionalItems", schema);
5021
5008
  it.items = true;
5022
- if ((0, util_1.alwaysValidSchema)(it, schema2))
5009
+ if ((0, util_1.alwaysValidSchema)(it, schema))
5023
5010
  return;
5024
5011
  cxt.ok((0, code_1.validateArray)(cxt));
5025
5012
  }
@@ -5088,10 +5075,10 @@ var require_items2020 = __commonJS((exports) => {
5088
5075
  before: "uniqueItems",
5089
5076
  error,
5090
5077
  code(cxt) {
5091
- const { schema: schema2, parentSchema, it } = cxt;
5078
+ const { schema, parentSchema, it } = cxt;
5092
5079
  const { prefixItems } = parentSchema;
5093
5080
  it.items = true;
5094
- if ((0, util_1.alwaysValidSchema)(it, schema2))
5081
+ if ((0, util_1.alwaysValidSchema)(it, schema))
5095
5082
  return;
5096
5083
  if (prefixItems)
5097
5084
  (0, additionalItems_1.validateAdditionalItems)(cxt, prefixItems);
@@ -5119,7 +5106,7 @@ var require_contains = __commonJS((exports) => {
5119
5106
  trackErrors: true,
5120
5107
  error,
5121
5108
  code(cxt) {
5122
- const { gen, schema: schema2, parentSchema, data, it } = cxt;
5109
+ const { gen, schema, parentSchema, data, it } = cxt;
5123
5110
  let min;
5124
5111
  let max;
5125
5112
  const { minContains, maxContains } = parentSchema;
@@ -5140,7 +5127,7 @@ var require_contains = __commonJS((exports) => {
5140
5127
  cxt.fail();
5141
5128
  return;
5142
5129
  }
5143
- if ((0, util_1.alwaysValidSchema)(it, schema2)) {
5130
+ if ((0, util_1.alwaysValidSchema)(it, schema)) {
5144
5131
  let cond = (0, codegen_1._)`${len} >= ${min}`;
5145
5132
  if (max !== undefined)
5146
5133
  cond = (0, codegen_1._)`${cond} && ${len} <= ${max}`;
@@ -5221,14 +5208,14 @@ var require_dependencies = __commonJS((exports) => {
5221
5208
  validateSchemaDeps(cxt, schDeps);
5222
5209
  }
5223
5210
  };
5224
- function splitDependencies({ schema: schema2 }) {
5211
+ function splitDependencies({ schema }) {
5225
5212
  const propertyDeps = {};
5226
5213
  const schemaDeps = {};
5227
- for (const key in schema2) {
5214
+ for (const key in schema) {
5228
5215
  if (key === "__proto__")
5229
5216
  continue;
5230
- const deps = Array.isArray(schema2[key]) ? propertyDeps : schemaDeps;
5231
- deps[key] = schema2[key];
5217
+ const deps = Array.isArray(schema[key]) ? propertyDeps : schemaDeps;
5218
+ deps[key] = schema[key];
5232
5219
  }
5233
5220
  return [propertyDeps, schemaDeps];
5234
5221
  }
@@ -5293,8 +5280,8 @@ var require_propertyNames = __commonJS((exports) => {
5293
5280
  schemaType: ["object", "boolean"],
5294
5281
  error,
5295
5282
  code(cxt) {
5296
- const { gen, schema: schema2, data, it } = cxt;
5297
- if ((0, util_1.alwaysValidSchema)(it, schema2))
5283
+ const { gen, schema, data, it } = cxt;
5284
+ if ((0, util_1.alwaysValidSchema)(it, schema))
5298
5285
  return;
5299
5286
  const valid = gen.name("valid");
5300
5287
  gen.forIn("key", data, (key) => {
@@ -5337,12 +5324,12 @@ var require_additionalProperties = __commonJS((exports) => {
5337
5324
  trackErrors: true,
5338
5325
  error,
5339
5326
  code(cxt) {
5340
- const { gen, schema: schema2, parentSchema, data, errsCount, it } = cxt;
5327
+ const { gen, schema, parentSchema, data, errsCount, it } = cxt;
5341
5328
  if (!errsCount)
5342
5329
  throw new Error("ajv implementation error");
5343
5330
  const { allErrors, opts } = it;
5344
5331
  it.props = true;
5345
- if (opts.removeAdditional !== "all" && (0, util_1.alwaysValidSchema)(it, schema2))
5332
+ if (opts.removeAdditional !== "all" && (0, util_1.alwaysValidSchema)(it, schema))
5346
5333
  return;
5347
5334
  const props = (0, code_1.allSchemaProperties)(parentSchema.properties);
5348
5335
  const patProps = (0, code_1.allSchemaProperties)(parentSchema.patternProperties);
@@ -5375,18 +5362,18 @@ var require_additionalProperties = __commonJS((exports) => {
5375
5362
  gen.code((0, codegen_1._)`delete ${data}[${key}]`);
5376
5363
  }
5377
5364
  function additionalPropertyCode(key) {
5378
- if (opts.removeAdditional === "all" || opts.removeAdditional && schema2 === false) {
5365
+ if (opts.removeAdditional === "all" || opts.removeAdditional && schema === false) {
5379
5366
  deleteAdditional(key);
5380
5367
  return;
5381
5368
  }
5382
- if (schema2 === false) {
5369
+ if (schema === false) {
5383
5370
  cxt.setParams({ additionalProperty: key });
5384
5371
  cxt.error();
5385
5372
  if (!allErrors)
5386
5373
  gen.break();
5387
5374
  return;
5388
5375
  }
5389
- if (typeof schema2 == "object" && !(0, util_1.alwaysValidSchema)(it, schema2)) {
5376
+ if (typeof schema == "object" && !(0, util_1.alwaysValidSchema)(it, schema)) {
5390
5377
  const valid = gen.name("valid");
5391
5378
  if (opts.removeAdditional === "failing") {
5392
5379
  applyAdditionalSchema(key, valid, false);
@@ -5433,18 +5420,18 @@ var require_properties = __commonJS((exports) => {
5433
5420
  type: "object",
5434
5421
  schemaType: "object",
5435
5422
  code(cxt) {
5436
- const { gen, schema: schema2, parentSchema, data, it } = cxt;
5423
+ const { gen, schema, parentSchema, data, it } = cxt;
5437
5424
  if (it.opts.removeAdditional === "all" && parentSchema.additionalProperties === undefined) {
5438
5425
  additionalProperties_1.default.code(new validate_1.KeywordCxt(it, additionalProperties_1.default, "additionalProperties"));
5439
5426
  }
5440
- const allProps = (0, code_1.allSchemaProperties)(schema2);
5427
+ const allProps = (0, code_1.allSchemaProperties)(schema);
5441
5428
  for (const prop of allProps) {
5442
5429
  it.definedProperties.add(prop);
5443
5430
  }
5444
5431
  if (it.opts.unevaluated && allProps.length && it.props !== true) {
5445
5432
  it.props = util_1.mergeEvaluated.props(gen, (0, util_1.toHash)(allProps), it.props);
5446
5433
  }
5447
- const properties = allProps.filter((p) => !(0, util_1.alwaysValidSchema)(it, schema2[p]));
5434
+ const properties = allProps.filter((p) => !(0, util_1.alwaysValidSchema)(it, schema[p]));
5448
5435
  if (properties.length === 0)
5449
5436
  return;
5450
5437
  const valid = gen.name("valid");
@@ -5462,7 +5449,7 @@ var require_properties = __commonJS((exports) => {
5462
5449
  cxt.ok(valid);
5463
5450
  }
5464
5451
  function hasDefault(prop) {
5465
- return it.opts.useDefaults && !it.compositeRule && schema2[prop].default !== undefined;
5452
+ return it.opts.useDefaults && !it.compositeRule && schema[prop].default !== undefined;
5466
5453
  }
5467
5454
  function applyPropertySchema(prop) {
5468
5455
  cxt.subschema({
@@ -5488,10 +5475,10 @@ var require_patternProperties = __commonJS((exports) => {
5488
5475
  type: "object",
5489
5476
  schemaType: "object",
5490
5477
  code(cxt) {
5491
- const { gen, schema: schema2, data, parentSchema, it } = cxt;
5478
+ const { gen, schema, data, parentSchema, it } = cxt;
5492
5479
  const { opts } = it;
5493
- const patterns = (0, code_1.allSchemaProperties)(schema2);
5494
- const alwaysValidPatterns = patterns.filter((p) => (0, util_1.alwaysValidSchema)(it, schema2[p]));
5480
+ const patterns = (0, code_1.allSchemaProperties)(schema);
5481
+ const alwaysValidPatterns = patterns.filter((p) => (0, util_1.alwaysValidSchema)(it, schema[p]));
5495
5482
  if (patterns.length === 0 || alwaysValidPatterns.length === patterns.length && (!it.opts.unevaluated || it.props === true)) {
5496
5483
  return;
5497
5484
  }
@@ -5556,8 +5543,8 @@ var require_not = __commonJS((exports) => {
5556
5543
  schemaType: ["object", "boolean"],
5557
5544
  trackErrors: true,
5558
5545
  code(cxt) {
5559
- const { gen, schema: schema2, it } = cxt;
5560
- if ((0, util_1.alwaysValidSchema)(it, schema2)) {
5546
+ const { gen, schema, it } = cxt;
5547
+ if ((0, util_1.alwaysValidSchema)(it, schema)) {
5561
5548
  cxt.fail();
5562
5549
  return;
5563
5550
  }
@@ -5604,12 +5591,12 @@ var require_oneOf = __commonJS((exports) => {
5604
5591
  trackErrors: true,
5605
5592
  error,
5606
5593
  code(cxt) {
5607
- const { gen, schema: schema2, parentSchema, it } = cxt;
5608
- if (!Array.isArray(schema2))
5594
+ const { gen, schema, parentSchema, it } = cxt;
5595
+ if (!Array.isArray(schema))
5609
5596
  throw new Error("ajv implementation error");
5610
5597
  if (it.opts.discriminator && parentSchema.discriminator)
5611
5598
  return;
5612
- const schArr = schema2;
5599
+ const schArr = schema;
5613
5600
  const valid = gen.let("valid", false);
5614
5601
  const passing = gen.let("passing", null);
5615
5602
  const schValid = gen.name("_valid");
@@ -5652,11 +5639,11 @@ var require_allOf = __commonJS((exports) => {
5652
5639
  keyword: "allOf",
5653
5640
  schemaType: "array",
5654
5641
  code(cxt) {
5655
- const { gen, schema: schema2, it } = cxt;
5656
- if (!Array.isArray(schema2))
5642
+ const { gen, schema, it } = cxt;
5643
+ if (!Array.isArray(schema))
5657
5644
  throw new Error("ajv implementation error");
5658
5645
  const valid = gen.name("valid");
5659
- schema2.forEach((sch, i) => {
5646
+ schema.forEach((sch, i) => {
5660
5647
  if ((0, util_1.alwaysValidSchema)(it, sch))
5661
5648
  return;
5662
5649
  const schCxt = cxt.subschema({ keyword: "allOf", schemaProp: i }, valid);
@@ -5728,8 +5715,8 @@ var require_if = __commonJS((exports) => {
5728
5715
  }
5729
5716
  };
5730
5717
  function hasSchema(it, keyword) {
5731
- const schema2 = it.schema[keyword];
5732
- return schema2 !== undefined && !(0, util_1.alwaysValidSchema)(it, schema2);
5718
+ const schema = it.schema[keyword];
5719
+ return schema !== undefined && !(0, util_1.alwaysValidSchema)(it, schema);
5733
5720
  }
5734
5721
  exports.default = def;
5735
5722
  });
@@ -5807,7 +5794,7 @@ var require_format = __commonJS((exports) => {
5807
5794
  $data: true,
5808
5795
  error,
5809
5796
  code(cxt, ruleType) {
5810
- const { gen, data, $data, schema: schema2, schemaCode, it } = cxt;
5797
+ const { gen, data, $data, schema, schemaCode, it } = cxt;
5811
5798
  const { opts, errSchemaPath, schemaEnv, self: self2 } = it;
5812
5799
  if (!opts.validateFormats)
5813
5800
  return;
@@ -5837,7 +5824,7 @@ var require_format = __commonJS((exports) => {
5837
5824
  }
5838
5825
  }
5839
5826
  function validateFormat() {
5840
- const formatDef = self2.formats[schema2];
5827
+ const formatDef = self2.formats[schema];
5841
5828
  if (!formatDef) {
5842
5829
  unknownFormat();
5843
5830
  return;
@@ -5854,12 +5841,12 @@ var require_format = __commonJS((exports) => {
5854
5841
  }
5855
5842
  throw new Error(unknownMsg());
5856
5843
  function unknownMsg() {
5857
- return `unknown format "${schema2}" ignored in schema at path "${errSchemaPath}"`;
5844
+ return `unknown format "${schema}" ignored in schema at path "${errSchemaPath}"`;
5858
5845
  }
5859
5846
  }
5860
5847
  function getFormat(fmtDef) {
5861
- const code = fmtDef instanceof RegExp ? (0, codegen_1.regexpCode)(fmtDef) : opts.code.formats ? (0, codegen_1._)`${opts.code.formats}${(0, codegen_1.getProperty)(schema2)}` : undefined;
5862
- const fmt = gen.scopeValue("formats", { key: schema2, ref: fmtDef, code });
5848
+ const code = fmtDef instanceof RegExp ? (0, codegen_1.regexpCode)(fmtDef) : opts.code.formats ? (0, codegen_1._)`${opts.code.formats}${(0, codegen_1.getProperty)(schema)}` : undefined;
5849
+ const fmt = gen.scopeValue("formats", { key: schema, ref: fmtDef, code });
5863
5850
  if (typeof fmtDef == "object" && !(fmtDef instanceof RegExp)) {
5864
5851
  return [fmtDef.type || "string", fmtDef.validate, (0, codegen_1._)`${fmt}.validate`];
5865
5852
  }
@@ -5955,15 +5942,15 @@ var require_discriminator = __commonJS((exports) => {
5955
5942
  schemaType: "object",
5956
5943
  error,
5957
5944
  code(cxt) {
5958
- const { gen, data, schema: schema2, parentSchema, it } = cxt;
5945
+ const { gen, data, schema, parentSchema, it } = cxt;
5959
5946
  const { oneOf } = parentSchema;
5960
5947
  if (!it.opts.discriminator) {
5961
5948
  throw new Error("discriminator: requires discriminator option");
5962
5949
  }
5963
- const tagName = schema2.propertyName;
5950
+ const tagName = schema.propertyName;
5964
5951
  if (typeof tagName != "string")
5965
5952
  throw new Error("discriminator: requires propertyName");
5966
- if (schema2.mapping)
5953
+ if (schema.mapping)
5967
5954
  throw new Error("discriminator: mapping is not supported");
5968
5955
  if (!oneOf)
5969
5956
  throw new Error("discriminator: requires oneOf keyword");
@@ -48414,8 +48401,8 @@ var require_index_cjs2 = __commonJS((exports, module) => {
48414
48401
  this.re = {};
48415
48402
  compile(this);
48416
48403
  }
48417
- LinkifyIt.prototype.add = function add(schema2, definition) {
48418
- this.__schemas__[schema2] = definition;
48404
+ LinkifyIt.prototype.add = function add(schema, definition) {
48405
+ this.__schemas__[schema] = definition;
48419
48406
  compile(this);
48420
48407
  return this;
48421
48408
  };
@@ -48477,11 +48464,11 @@ var require_index_cjs2 = __commonJS((exports, module) => {
48477
48464
  LinkifyIt.prototype.pretest = function pretest(text) {
48478
48465
  return this.re.pretest.test(text);
48479
48466
  };
48480
- LinkifyIt.prototype.testSchemaAt = function testSchemaAt(text, schema2, pos) {
48481
- if (!this.__compiled__[schema2.toLowerCase()]) {
48467
+ LinkifyIt.prototype.testSchemaAt = function testSchemaAt(text, schema, pos) {
48468
+ if (!this.__compiled__[schema.toLowerCase()]) {
48482
48469
  return 0;
48483
48470
  }
48484
- return this.__compiled__[schema2.toLowerCase()].validate(text, pos, this);
48471
+ return this.__compiled__[schema.toLowerCase()].validate(text, pos, this);
48485
48472
  };
48486
48473
  LinkifyIt.prototype.match = function match(text) {
48487
48474
  const result = [];
@@ -53983,7 +53970,7 @@ var require_logging_utils = __commonJS((exports) => {
53983
53970
  exports.getDebugBackend = getDebugBackend;
53984
53971
  exports.getStructuredBackend = getStructuredBackend;
53985
53972
  exports.setBackend = setBackend;
53986
- exports.log = log;
53973
+ exports.log = log8;
53987
53974
  var events_1 = __require("events");
53988
53975
  var process3 = __importStar(__require("process"));
53989
53976
  var util = __importStar(__require("util"));
@@ -54010,7 +53997,7 @@ var require_logging_utils = __commonJS((exports) => {
54010
53997
  this.func.info = (...args) => this.invokeSeverity(LogSeverity.INFO, ...args);
54011
53998
  this.func.warn = (...args) => this.invokeSeverity(LogSeverity.WARNING, ...args);
54012
53999
  this.func.error = (...args) => this.invokeSeverity(LogSeverity.ERROR, ...args);
54013
- this.func.sublog = (namespace2) => log(namespace2, this.func);
54000
+ this.func.sublog = (namespace2) => log8(namespace2, this.func);
54014
54001
  }
54015
54002
  invoke(fields, ...args) {
54016
54003
  if (this.upstream) {
@@ -54171,7 +54158,7 @@ var require_logging_utils = __commonJS((exports) => {
54171
54158
  cachedBackend = backend;
54172
54159
  loggerCache.clear();
54173
54160
  }
54174
- function log(namespace, parent) {
54161
+ function log8(namespace, parent) {
54175
54162
  if (!cachedBackend) {
54176
54163
  const enablesFlag = process3.env[exports.env.nodeEnables];
54177
54164
  if (!enablesFlag) {
@@ -54311,7 +54298,7 @@ var require_src5 = __commonJS((exports) => {
54311
54298
  exports.HEADER_NAME = "Metadata-Flavor";
54312
54299
  exports.HEADER_VALUE = "Google";
54313
54300
  exports.HEADERS = Object.freeze({ [exports.HEADER_NAME]: exports.HEADER_VALUE });
54314
- var log = logger.log("gcp-metadata");
54301
+ var log8 = logger.log("gcp-metadata");
54315
54302
  exports.METADATA_SERVER_DETECTION = Object.freeze({
54316
54303
  "assume-present": "don't try to ping the metadata server, but assume it's present",
54317
54304
  none: "don't try to ping the metadata server, but don't try to use it either",
@@ -54374,9 +54361,9 @@ var require_src5 = __commonJS((exports) => {
54374
54361
  responseType: "text",
54375
54362
  timeout: requestTimeout()
54376
54363
  };
54377
- log.info("instance request %j", req);
54364
+ log8.info("instance request %j", req);
54378
54365
  const res = await requestMethod(req);
54379
- log.info("instance metadata is %s", res.data);
54366
+ log8.info("instance metadata is %s", res.data);
54380
54367
  const metadataFlavor = res.headers.get(exports.HEADER_NAME);
54381
54368
  if (metadataFlavor !== exports.HEADER_VALUE) {
54382
54369
  throw new RangeError(`Invalid response from metadata service: incorrect ${exports.HEADER_NAME} header. Expected '${exports.HEADER_VALUE}', got ${metadataFlavor ? `'${metadataFlavor}'` : "no header"}`);
@@ -63019,12 +63006,12 @@ var require_endpoint = __commonJS((exports) => {
63019
63006
  constructor(options) {
63020
63007
  this._options = options || {};
63021
63008
  }
63022
- applySchema(target, rootSchema, schema2, context) {
63023
- this.applyMethodsFromSchema(target, rootSchema, schema2, context);
63024
- if (schema2.resources) {
63025
- for (const resourceName in schema2.resources) {
63026
- if (Object.prototype.hasOwnProperty.call(schema2.resources, resourceName)) {
63027
- const resource = schema2.resources[resourceName];
63009
+ applySchema(target, rootSchema, schema, context) {
63010
+ this.applyMethodsFromSchema(target, rootSchema, schema, context);
63011
+ if (schema.resources) {
63012
+ for (const resourceName in schema.resources) {
63013
+ if (Object.prototype.hasOwnProperty.call(schema.resources, resourceName)) {
63014
+ const resource = schema.resources[resourceName];
63028
63015
  if (!target[resourceName]) {
63029
63016
  target[resourceName] = {};
63030
63017
  }
@@ -63033,21 +63020,21 @@ var require_endpoint = __commonJS((exports) => {
63033
63020
  }
63034
63021
  }
63035
63022
  }
63036
- applyMethodsFromSchema(target, rootSchema, schema2, context) {
63037
- if (schema2.methods) {
63038
- for (const name in schema2.methods) {
63039
- if (Object.prototype.hasOwnProperty.call(schema2.methods, name)) {
63040
- const method = schema2.methods[name];
63023
+ applyMethodsFromSchema(target, rootSchema, schema, context) {
63024
+ if (schema.methods) {
63025
+ for (const name in schema.methods) {
63026
+ if (Object.prototype.hasOwnProperty.call(schema.methods, name)) {
63027
+ const method = schema.methods[name];
63041
63028
  target[name] = this.makeMethod(rootSchema, method, context);
63042
63029
  }
63043
63030
  }
63044
63031
  }
63045
63032
  }
63046
- makeMethod(schema2, method, context) {
63033
+ makeMethod(schema, method, context) {
63047
63034
  return (paramsOrCallback, callback) => {
63048
63035
  const params = typeof paramsOrCallback === "function" ? {} : paramsOrCallback;
63049
63036
  callback = typeof paramsOrCallback === "function" ? paramsOrCallback : callback;
63050
- const schemaUrl = buildurl(schema2.rootUrl + schema2.servicePath + method.path);
63037
+ const schemaUrl = buildurl(schema.rootUrl + schema.servicePath + method.path);
63051
63038
  const parameters = {
63052
63039
  options: {
63053
63040
  url: schemaUrl.substring(1, schemaUrl.length - 1),
@@ -63060,7 +63047,7 @@ var require_endpoint = __commonJS((exports) => {
63060
63047
  context
63061
63048
  };
63062
63049
  if (method.mediaUpload && method.mediaUpload.protocols && method.mediaUpload.protocols.simple && method.mediaUpload.protocols.simple.path) {
63063
- const mediaUrl = buildurl(schema2.rootUrl + method.mediaUpload.protocols.simple.path);
63050
+ const mediaUrl = buildurl(schema.rootUrl + method.mediaUpload.protocols.simple.path);
63064
63051
  parameters.mediaUrl = mediaUrl.substring(1, mediaUrl.length - 1);
63065
63052
  }
63066
63053
  if (!callback) {
@@ -63107,10 +63094,10 @@ var require_discovery = __commonJS((exports) => {
63107
63094
  constructor(options) {
63108
63095
  this.options = options || {};
63109
63096
  }
63110
- makeEndpoint(schema2) {
63097
+ makeEndpoint(schema) {
63111
63098
  return (options) => {
63112
63099
  const ep = new endpoint_1.Endpoint(options);
63113
- ep.applySchema(ep, schema2, schema2, ep);
63100
+ ep.applySchema(ep, schema, schema, ep);
63114
63101
  return ep;
63115
63102
  };
63116
63103
  }
@@ -72131,11 +72118,11 @@ var require_tools = __commonJS((exports, module) => {
72131
72118
  }
72132
72119
  }
72133
72120
  }
72134
- function buildFormatters(level, bindings, log) {
72121
+ function buildFormatters(level, bindings, log8) {
72135
72122
  return {
72136
72123
  level,
72137
72124
  bindings,
72138
- log
72125
+ log: log8
72139
72126
  };
72140
72127
  }
72141
72128
  function normalizeDestFileDescriptor(destination) {
@@ -72480,8 +72467,8 @@ var require_proto = __commonJS((exports, module) => {
72480
72467
  } else
72481
72468
  instance[serializersSym] = serializers;
72482
72469
  if (options.hasOwnProperty("formatters")) {
72483
- const { level, bindings: chindings, log } = options.formatters;
72484
- instance[formattersSym] = buildFormatters(level || formatters.level, chindings || resetChildingsFormatter, log || formatters.log);
72470
+ const { level, bindings: chindings, log: log8 } = options.formatters;
72471
+ instance[formattersSym] = buildFormatters(level || formatters.level, chindings || resetChildingsFormatter, log8 || formatters.log);
72485
72472
  } else {
72486
72473
  instance[formattersSym] = buildFormatters(formatters.level, resetChildingsFormatter, formatters.log);
72487
72474
  }
@@ -101685,10 +101672,10 @@ var require_mailer = __commonJS((exports, module) => {
101685
101672
  tnx: "create"
101686
101673
  }, "Creating transport: %s", this.getVersionString());
101687
101674
  if (typeof this.transporter.on === "function") {
101688
- this.transporter.on("log", (log) => {
101675
+ this.transporter.on("log", (log8) => {
101689
101676
  this.logger.debug({
101690
101677
  tnx: "transport"
101691
- }, "%s: %s", log.type, log.message);
101678
+ }, "%s: %s", log8.type, log8.message);
101692
101679
  });
101693
101680
  this.transporter.on("error", (err) => {
101694
101681
  this.logger.error({
@@ -105607,6 +105594,17 @@ You can perform the full lifecycle of a penetration test and support a wide rang
105607
105594
  - **spawn_pentest_swarm** — Fan out targeted pentest agents in parallel across multiple endpoints/objectives.
105608
105595
  - **spawn_coding_agent** — Spawn parallel code analysis agents for source-code tasks.
105609
105596
 
105597
+ ## Pensar CLI (workspace & attack surface)
105598
+
105599
+ You run inside Pensar Apex, and the \`pensar\` CLI is available on this machine. Invoke it through \`execute_command\` to perform Console/workspace operations your other tools don't cover — most importantly managing the **attack surface** and triaging results. These commands act on the workspace the user connected with \`pensar login\` and print JSON to stdout, so you can parse and chain them.
105600
+
105601
+ - **Attack surface (apps & endpoints)** — \`pensar apps\` (list), \`apps get <appId>\`, \`apps create\`, \`apps update <appId>\`, \`apps delete <appId>\`; endpoints via \`apps endpoints <appId>\`, \`apps endpoint <endpointId>\`, \`apps endpoint-create <appId>\`, \`apps endpoint-update <endpointId>\`, \`apps endpoint-delete <endpointId>\`; and \`apps search <query>\` / \`apps search-endpoints <query>\`.
105602
+ - **Issues & fixes** — \`pensar issues [--status --severity --scan --branch]\`, \`issues get <id>\`, \`issues update <id>\`; \`pensar fixes <issueId>\`, \`fixes get <fixId>\`.
105603
+ - **Scans** — \`pensar pentests\`, \`pentests get <id>\`, \`pentests dispatch [--branch --level]\`.
105604
+ - **Agent logs** — \`pensar logs <issueId>\`, \`logs search <issueId> <query>\`.
105605
+
105606
+ Run \`pensar --help\` or \`pensar <command> --help\` for exact flags — the CLI is the source of truth. These commands require the user to be logged in; if one reports it is not authenticated, tell the user to run \`pensar login\` rather than attempting the device flow yourself. Confirm with the user before any mutating command (\`create\`/\`update\`/\`delete\`, \`endpoint-*\`, \`pentests dispatch\`, \`issues update\`). Do NOT launch nested engagements from here (\`pensar pentest\`, \`pensar targeted-pentest\`, \`pensar operator\`, or \`pensar -p\`) — use your own tools for testing.
105607
+
105610
105608
  # How to Work
105611
105609
 
105612
105610
  1. **Execute what the user asks.** If they say "scan this target", scan it. If they say "test this endpoint for SQLi", test it. Carry out the requested task using your tools and present the results.
@@ -105636,6 +105634,7 @@ For long-running processes (servers, listeners, watchers), background them with
105636
105634
  var BASE_SYSTEM_PROMPT = buildBaseSystemPrompt();
105637
105635
 
105638
105636
  // src/core/memory/index.ts
105637
+ init_storage();
105639
105638
  var MEMORY_CATEGORIES = ["app", "framework", "general"];
105640
105639
  var MEMORIES_PREFIX = "memories";
105641
105640
  function isMemoryEnabled() {
@@ -106840,27 +106839,27 @@ init_core();
106840
106839
 
106841
106840
  // node_modules/@modelcontextprotocol/sdk/dist/esm/server/zod-compat.js
106842
106841
  function isZ4Schema(s) {
106843
- const schema2 = s;
106844
- return !!schema2._zod;
106842
+ const schema = s;
106843
+ return !!schema._zod;
106845
106844
  }
106846
- function safeParse2(schema2, data) {
106847
- if (isZ4Schema(schema2)) {
106848
- const result2 = safeParse(schema2, data);
106845
+ function safeParse2(schema, data) {
106846
+ if (isZ4Schema(schema)) {
106847
+ const result2 = safeParse(schema, data);
106849
106848
  return result2;
106850
106849
  }
106851
- const v3Schema = schema2;
106850
+ const v3Schema = schema;
106852
106851
  const result = v3Schema.safeParse(data);
106853
106852
  return result;
106854
106853
  }
106855
- function getObjectShape(schema2) {
106856
- if (!schema2)
106854
+ function getObjectShape(schema) {
106855
+ if (!schema)
106857
106856
  return;
106858
106857
  let rawShape;
106859
- if (isZ4Schema(schema2)) {
106860
- const v4Schema = schema2;
106858
+ if (isZ4Schema(schema)) {
106859
+ const v4Schema = schema;
106861
106860
  rawShape = v4Schema._zod?.def?.shape;
106862
106861
  } else {
106863
- const v3Schema = schema2;
106862
+ const v3Schema = schema;
106864
106863
  rawShape = v3Schema.shape;
106865
106864
  }
106866
106865
  if (!rawShape)
@@ -106874,9 +106873,9 @@ function getObjectShape(schema2) {
106874
106873
  }
106875
106874
  return rawShape;
106876
106875
  }
106877
- function getLiteralValue(schema2) {
106878
- if (isZ4Schema(schema2)) {
106879
- const v4Schema = schema2;
106876
+ function getLiteralValue(schema) {
106877
+ if (isZ4Schema(schema)) {
106878
+ const v4Schema = schema;
106880
106879
  const def2 = v4Schema._zod?.def;
106881
106880
  if (def2) {
106882
106881
  if (def2.value !== undefined)
@@ -106886,7 +106885,7 @@ function getLiteralValue(schema2) {
106886
106885
  }
106887
106886
  }
106888
106887
  }
106889
- const v3Schema = schema2;
106888
+ const v3Schema = schema;
106890
106889
  const def = v3Schema._def;
106891
106890
  if (def) {
106892
106891
  if (def.value !== undefined)
@@ -106895,7 +106894,7 @@ function getLiteralValue(schema2) {
106895
106894
  return def.values[0];
106896
106895
  }
106897
106896
  }
106898
- const directValue = schema2.value;
106897
+ const directValue = schema.value;
106899
106898
  if (directValue !== undefined)
106900
106899
  return directValue;
106901
106900
  return;
@@ -107744,8 +107743,8 @@ var ignoreOverride = Symbol("Let zodToJsonSchema decide on which parser to use")
107744
107743
  // node_modules/zod-to-json-schema/dist/esm/parsers/string.js
107745
107744
  var ALPHA_NUMERIC = new Set("ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvxyz0123456789");
107746
107745
  // node_modules/@modelcontextprotocol/sdk/dist/esm/server/zod-json-schema-compat.js
107747
- function getMethodLiteral(schema2) {
107748
- const shape = getObjectShape(schema2);
107746
+ function getMethodLiteral(schema) {
107747
+ const shape = getObjectShape(schema);
107749
107748
  const methodSchema = shape?.method;
107750
107749
  if (!methodSchema) {
107751
107750
  throw new Error("Schema is missing a method literal");
@@ -107756,8 +107755,8 @@ function getMethodLiteral(schema2) {
107756
107755
  }
107757
107756
  return value;
107758
107757
  }
107759
- function parseWithCompat(schema2, data) {
107760
- const result = safeParse2(schema2, data);
107758
+ function parseWithCompat(schema, data) {
107759
+ const result = safeParse2(schema, data);
107761
107760
  if (!result.success) {
107762
107761
  throw result.error;
107763
107762
  }
@@ -108606,8 +108605,8 @@ class AjvJsonSchemaValidator {
108606
108605
  constructor(ajv) {
108607
108606
  this._ajv = ajv ?? createDefaultAjvInstance();
108608
108607
  }
108609
- getValidator(schema2) {
108610
- const ajvValidator = "$id" in schema2 && typeof schema2.$id === "string" ? this._ajv.getSchema(schema2.$id) ?? this._ajv.compile(schema2) : this._ajv.compile(schema2);
108608
+ getValidator(schema) {
108609
+ const ajvValidator = "$id" in schema && typeof schema.$id === "string" ? this._ajv.getSchema(schema.$id) ?? this._ajv.compile(schema) : this._ajv.compile(schema);
108611
108610
  return (input) => {
108612
108611
  const valid = ajvValidator(input);
108613
108612
  if (valid) {
@@ -108729,12 +108728,12 @@ function assertClientRequestTaskCapability(requests, method, entityName) {
108729
108728
  }
108730
108729
 
108731
108730
  // node_modules/@modelcontextprotocol/sdk/dist/esm/client/index.js
108732
- function applyElicitationDefaults(schema2, data) {
108733
- if (!schema2 || data === null || typeof data !== "object")
108731
+ function applyElicitationDefaults(schema, data) {
108732
+ if (!schema || data === null || typeof data !== "object")
108734
108733
  return;
108735
- if (schema2.type === "object" && schema2.properties && typeof schema2.properties === "object") {
108734
+ if (schema.type === "object" && schema.properties && typeof schema.properties === "object") {
108736
108735
  const obj = data;
108737
- const props = schema2.properties;
108736
+ const props = schema.properties;
108738
108737
  for (const key of Object.keys(props)) {
108739
108738
  const propSchema = props[key];
108740
108739
  if (obj[key] === undefined && Object.prototype.hasOwnProperty.call(propSchema, "default")) {
@@ -108745,15 +108744,15 @@ function applyElicitationDefaults(schema2, data) {
108745
108744
  }
108746
108745
  }
108747
108746
  }
108748
- if (Array.isArray(schema2.anyOf)) {
108749
- for (const sub of schema2.anyOf) {
108747
+ if (Array.isArray(schema.anyOf)) {
108748
+ for (const sub of schema.anyOf) {
108750
108749
  if (typeof sub !== "boolean") {
108751
108750
  applyElicitationDefaults(sub, data);
108752
108751
  }
108753
108752
  }
108754
108753
  }
108755
- if (Array.isArray(schema2.oneOf)) {
108756
- for (const sub of schema2.oneOf) {
108754
+ if (Array.isArray(schema.oneOf)) {
108755
+ for (const sub of schema.oneOf) {
108757
108756
  if (typeof sub !== "boolean") {
108758
108757
  applyElicitationDefaults(sub, data);
108759
108758
  }
@@ -110942,8 +110941,11 @@ function checkpointState(ctx) {
110942
110941
  // src/core/agents/offSecAgent/tools/completeAuthentication.ts
110943
110942
  init_dist();
110944
110943
  init_zod();
110944
+ init_structured();
110945
+ init_lazyLogger();
110945
110946
  import { existsSync as existsSync4, mkdirSync as mkdirSync3, writeFileSync as writeFileSync4 } from "fs";
110946
110947
  import { join as join6 } from "path";
110948
+ var log = scopedLogger(() => createLogger("complete_authentication"));
110947
110949
  var AUTH_DIR = "auth";
110948
110950
  var AUTH_DATA_FILENAME = "auth-data.json";
110949
110951
  function completeAuthentication(ctx) {
@@ -110983,7 +110985,7 @@ This tool marks the end of the authentication flow.`,
110983
110985
  toolCallDescription: exports_external.string().describe("A concise description of what this tool call is doing")
110984
110986
  }),
110985
110987
  execute: async (result) => {
110986
- console.log(`Authentication complete: ${result.success ? "SUCCESS" : "FAILED"}`);
110988
+ log.info(`Authentication complete: ${result.success ? "SUCCESS" : "FAILED"}`);
110987
110989
  let authDataPath;
110988
110990
  try {
110989
110991
  const authDir = join6(ctx.session.rootPath, AUTH_DIR);
@@ -111002,9 +111004,9 @@ This tool marks the end of the authentication flow.`,
111002
111004
  ...result.authBarrier && { authBarrier: result.authBarrier }
111003
111005
  };
111004
111006
  writeFileSync4(authDataPath, JSON.stringify(authData, null, 2));
111005
- console.log(`Auth data persisted to ${authDataPath}`);
111007
+ log.debug(`Auth data persisted to ${authDataPath}`);
111006
111008
  } catch (err) {
111007
- console.error(`Failed to persist auth data: ${err}`);
111009
+ log.error("Failed to persist auth data", err instanceof Error ? err : undefined, { error: String(err) });
111008
111010
  }
111009
111011
  return {
111010
111012
  success: result.success,
@@ -111024,6 +111026,8 @@ This tool marks the end of the authentication flow.`,
111024
111026
  // src/core/agents/offSecAgent/tools/crawlAuthenticated.ts
111025
111027
  init_dist();
111026
111028
  init_zod();
111029
+ init_structured();
111030
+ init_lazyLogger();
111027
111031
 
111028
111032
  // src/core/agents/specialized/attackSurface/jsExtraction.ts
111029
111033
  async function extractJavascriptEndpoints(params) {
@@ -111098,6 +111102,7 @@ async function extractJavascriptEndpoints(params) {
111098
111102
  }
111099
111103
 
111100
111104
  // src/core/agents/offSecAgent/tools/crawlAuthenticated.ts
111105
+ var log2 = scopedLogger(() => createLogger("crawl-authenticated"));
111101
111106
  function crawlAuthenticated(ctx) {
111102
111107
  return tool({
111103
111108
  description: `Recursively crawl web pages starting from a URL to discover links, forms, and JavaScript endpoints.
@@ -111177,7 +111182,7 @@ function crawlAuthenticated(ctx) {
111177
111182
  });
111178
111183
  }
111179
111184
  } catch (error) {
111180
- console.error(`Error crawling ${url}:`, error);
111185
+ log2.error(`Error crawling ${url}`, error instanceof Error ? error : undefined, { error: String(error) });
111181
111186
  }
111182
111187
  }
111183
111188
  return {
@@ -111245,9 +111250,12 @@ Call this at the END of your analysis with:
111245
111250
  // src/core/agents/offSecAgent/tools/createFile.ts
111246
111251
  init_dist();
111247
111252
  init_zod();
111253
+ init_structured();
111254
+ init_lazyLogger();
111248
111255
  import { existsSync as existsSync5 } from "fs";
111249
111256
  import { mkdir, writeFile } from "fs/promises";
111250
111257
  import { dirname as dirname3, isAbsolute, resolve } from "path";
111258
+ var log3 = scopedLogger(() => createLogger("create_file"));
111251
111259
  var createFileInputSchema = exports_external.object({
111252
111260
  path: exports_external.string().describe("Absolute or relative path for the new file"),
111253
111261
  content: exports_external.string().describe("Content to write to the file"),
@@ -111268,14 +111276,14 @@ Parent directories are created automatically if they don't exist.`,
111268
111276
  content,
111269
111277
  overwrite = false
111270
111278
  }) => {
111271
- console.error(`[create_file] enter: path=${filePath}, contentLen=${content.length}, overwrite=${overwrite}, sandbox=${!!ctx.sandbox}`);
111279
+ log3.debug(`enter: path=${filePath}, contentLen=${content.length}, overwrite=${overwrite}, sandbox=${!!ctx.sandbox}`);
111272
111280
  const resolved = isAbsolute(filePath) ? filePath : resolve(ctx.agentCwd, filePath);
111273
- console.error(`[create_file] resolved: ${resolved}`);
111281
+ log3.debug(`resolved: ${resolved}`);
111274
111282
  if (ctx.sandbox) {
111275
111283
  return executeSandboxCreate(ctx, resolved, content, overwrite);
111276
111284
  }
111277
111285
  const result = await executeLocalCreate(resolved, content, overwrite);
111278
- console.error(`[create_file] done: success=${result.success}, error=${result.error || "(none)"}`);
111286
+ log3.debug(`done: success=${result.success}, error=${result.error || "(none)"}`);
111279
111287
  return result;
111280
111288
  }
111281
111289
  });
@@ -111283,7 +111291,7 @@ Parent directories are created automatically if they don't exist.`,
111283
111291
  async function executeLocalCreate(filePath, content, overwrite) {
111284
111292
  try {
111285
111293
  if (!overwrite && existsSync5(filePath)) {
111286
- console.error(`[create_file:local] file already exists: ${filePath}`);
111294
+ log3.debug(`local: file already exists: ${filePath}`);
111287
111295
  return {
111288
111296
  success: false,
111289
111297
  error: `File already exists: ${filePath}. Set overwrite=true to replace it.`,
@@ -111291,18 +111299,20 @@ async function executeLocalCreate(filePath, content, overwrite) {
111291
111299
  };
111292
111300
  }
111293
111301
  const dir = dirname3(filePath);
111294
- console.error(`[create_file:local] mkdir ${dir}`);
111302
+ log3.debug(`local: mkdir ${dir}`);
111295
111303
  await mkdir(dir, { recursive: true });
111296
- console.error(`[create_file:local] mkdir done, writing ${content.length} bytes`);
111304
+ log3.debug(`local: mkdir done, writing ${content.length} bytes`);
111297
111305
  await writeFile(filePath, content, "utf-8");
111298
- console.error(`[create_file:local] writeFile done`);
111306
+ log3.debug("local: writeFile done");
111299
111307
  return {
111300
111308
  success: true,
111301
111309
  error: "",
111302
111310
  path: filePath
111303
111311
  };
111304
111312
  } catch (err) {
111305
- console.error(`[create_file:local] error: ${err}`);
111313
+ log3.error("local: write failed", err instanceof Error ? err : undefined, {
111314
+ error: String(err)
111315
+ });
111306
111316
  return {
111307
111317
  success: false,
111308
111318
  error: err instanceof Error ? err.message : String(err),
@@ -111404,19 +111414,19 @@ function getTask(tasksDir, id) {
111404
111414
  return null;
111405
111415
  }
111406
111416
  }
111407
- function updateTask(tasksDir, id, update2) {
111417
+ function updateTask(tasksDir, id, update) {
111408
111418
  const existing = getTask(tasksDir, id);
111409
111419
  if (!existing)
111410
111420
  return null;
111411
111421
  const updated = {
111412
111422
  ...existing,
111413
- ...update2.status !== undefined && { status: update2.status },
111414
- ...update2.result !== undefined && { result: update2.result },
111415
- ...update2.observation !== undefined && {
111416
- observation: update2.observation
111423
+ ...update.status !== undefined && { status: update.status },
111424
+ ...update.result !== undefined && { result: update.result },
111425
+ ...update.observation !== undefined && {
111426
+ observation: update.observation
111417
111427
  },
111418
- ...update2.metadata !== undefined && {
111419
- metadata: { ...existing.metadata, ...update2.metadata }
111428
+ ...update.metadata !== undefined && {
111429
+ metadata: { ...existing.metadata, ...update.metadata }
111420
111430
  },
111421
111431
  updatedAt: new Date().toISOString()
111422
111432
  };
@@ -111531,8 +111541,12 @@ Examples of good tasks:
111531
111541
  // src/core/agents/offSecAgent/tools/delegateAuth.ts
111532
111542
  init_dist();
111533
111543
  init_zod();
111544
+ init_credentials();
111534
111545
  import { writeFileSync as writeFileSync7 } from "fs";
111535
111546
  import { join as join9 } from "path";
111547
+ init_structured();
111548
+ init_lazyLogger();
111549
+ var log4 = scopedLogger(() => createLogger("delegate_auth"));
111536
111550
  function mergeAuthCredentials(sessionCreds, explicit) {
111537
111551
  const hasExplicit = explicit.username || explicit.password || explicit.apiKey || explicit.tokens;
111538
111552
  const hasSession = sessionCreds && (sessionCreds.username || sessionCreds.password || sessionCreds.apiKey || sessionCreds.tokens);
@@ -111654,42 +111668,33 @@ When to use delegate_to_auth_subagent vs authenticate_session:
111654
111668
  input: { target, reason },
111655
111669
  parentSubagentId: ctx.subagentId
111656
111670
  });
111657
- console.log(`
111658
- \uD83D\uDD10 Delegating to authentication subagent...`);
111659
- console.log(` Target: ${target}`);
111660
- console.log(` Reason: ${reason}`);
111661
- if (username)
111662
- console.log(` Username: ${username}`);
111663
- if (apiKey)
111664
- console.log(` API Key: [PROVIDED]`);
111665
- if (tokens?.bearerToken)
111666
- console.log(` Bearer Token: [PROVIDED]`);
111667
- if (tokens?.cookies)
111668
- console.log(` Cookies: [PROVIDED]`);
111669
- if (tokens?.customHeaders)
111670
- console.log(` Custom Headers: ${Object.keys(tokens.customHeaders).join(", ")}`);
111671
+ log4.info("Delegating to authentication subagent", {
111672
+ target,
111673
+ reason,
111674
+ username: username || undefined,
111675
+ apiKey: apiKey ? "[PROVIDED]" : undefined,
111676
+ bearerToken: tokens?.bearerToken ? "[PROVIDED]" : undefined,
111677
+ cookies: tokens?.cookies ? "[PROVIDED]" : undefined,
111678
+ customHeaders: tokens?.customHeaders ? Object.keys(tokens.customHeaders) : undefined
111679
+ });
111671
111680
  const rawSessionCreds = ctx.session.config?.authCredentials;
111672
111681
  const sessionCreds = rawSessionCreds ? Array.isArray(rawSessionCreds) ? rawSessionCreds[0] : rawSessionCreds : undefined;
111673
111682
  if (sessionCreds && !username && !apiKey && !tokens) {
111674
- console.log(` [Inheriting session credentials]`);
111675
- if (sessionCreds.username)
111676
- console.log(` Session Username: ${sessionCreds.username}`);
111677
- if (sessionCreds.apiKey)
111678
- console.log(` Session API Key: [PROVIDED]`);
111679
- if (sessionCreds.tokens?.bearerToken)
111680
- console.log(` Session Bearer Token: [PROVIDED]`);
111681
- if (sessionCreds.tokens?.cookies)
111682
- console.log(` Session Cookies: [PROVIDED]`);
111683
- if (sessionCreds.tokens?.customHeaders)
111684
- console.log(` Session Custom Headers: ${Object.keys(sessionCreds.tokens.customHeaders).join(", ")}`);
111683
+ log4.debug("Inheriting session credentials", {
111684
+ sessionUsername: sessionCreds.username || undefined,
111685
+ sessionApiKey: sessionCreds.apiKey ? "[PROVIDED]" : undefined,
111686
+ sessionBearerToken: sessionCreds.tokens?.bearerToken ? "[PROVIDED]" : undefined,
111687
+ sessionCookies: sessionCreds.tokens?.cookies ? "[PROVIDED]" : undefined,
111688
+ sessionCustomHeaders: sessionCreds.tokens?.customHeaders ? Object.keys(sessionCreds.tokens.customHeaders) : undefined
111689
+ });
111685
111690
  }
111686
111691
  if (authHints) {
111687
- console.log(` Auth Scheme: ${authHints.authScheme || "unknown"}`);
111688
- console.log(` CSRF Required: ${authHints.csrfRequired || false}`);
111689
- console.log(` Browser Required: ${authHints.browserRequired || false}`);
111690
- if (authHints.protectedEndpoints?.length) {
111691
- console.log(` Protected Endpoints: ${authHints.protectedEndpoints.join(", ")}`);
111692
- }
111692
+ log4.debug("Auth hints", {
111693
+ authScheme: authHints.authScheme || "unknown",
111694
+ csrfRequired: authHints.csrfRequired || false,
111695
+ browserRequired: authHints.browserRequired || false,
111696
+ protectedEndpoints: authHints.protectedEndpoints?.length ? authHints.protectedEndpoints : undefined
111697
+ });
111693
111698
  }
111694
111699
  const credentials = mergeAuthCredentials(sessionCreds, {
111695
111700
  username,
@@ -111704,7 +111709,7 @@ When to use delegate_to_auth_subagent vs authenticate_session:
111704
111709
  if (credentials) {
111705
111710
  ctx.session.credentialManager.addFromAuthCredentials(credentials);
111706
111711
  }
111707
- const { runAuthenticationAgent } = await import("./authentication-0k43jay4.js");
111712
+ const { runAuthenticationAgent } = await import("./authentication-c0aj9zaz.js");
111708
111713
  const localBus = new AgentEventBus;
111709
111714
  AgentEventBus.attachChild(localBus, ctx.eventBus, subagentId);
111710
111715
  const result = await runAuthenticationAgent({
@@ -112333,6 +112338,9 @@ function validateConcurrency(concurrency) {
112333
112338
 
112334
112339
  // src/core/agents/offSecAgent/tools/threatModelGenerator.ts
112335
112340
  init_zod();
112341
+ init_structured();
112342
+ init_lazyLogger();
112343
+ var log5 = scopedLogger(() => createLogger("threat-model-generator"));
112336
112344
  var THREAT_MODEL_CONCURRENCY = 10;
112337
112345
  var threatModelLimiter = pLimit(THREAT_MODEL_CONCURRENCY);
112338
112346
  var PentestObjectiveSchema = exports_external.object({
@@ -112381,7 +112389,7 @@ async function generateThreatModelForEndpoint(ctx, input) {
112381
112389
  return threatModelLimiter(async () => {
112382
112390
  if (ctx.abortSignal?.aborted)
112383
112391
  return null;
112384
- const { CodeAgent } = await import("./agent-84enr6xn.js");
112392
+ const { CodeAgent } = await import("./agent-4g69jwmq.js");
112385
112393
  const subagentId = `threat-model-${sanitize(input.appName)}-${sanitize(input.routePath)}`;
112386
112394
  ctx.eventBus?.emit("subagent-spawn", {
112387
112395
  subagentId,
@@ -112436,7 +112444,7 @@ async function generateThreatModelForEndpoint(ctx, input) {
112436
112444
  status: "failed",
112437
112445
  parentSubagentId: ctx.subagentId
112438
112446
  });
112439
- console.error(`Threat model generation failed for ${input.routePath}: ${error instanceof Error ? error.message : String(error)}`);
112447
+ log5.warn(`Threat model generation failed for ${input.routePath}: ${error instanceof Error ? error.message : String(error)}`);
112440
112448
  return null;
112441
112449
  }
112442
112450
  });
@@ -112835,6 +112843,10 @@ function hasCanonicalName(cwe) {
112835
112843
  return "name" in cwe && typeof cwe.name === "string";
112836
112844
  }
112837
112845
 
112846
+ // src/core/agents/offSecAgent/tools/documentFinding.ts
112847
+ init_structured();
112848
+ init_lazyLogger();
112849
+
112838
112850
  // src/core/agents/specialized/cvssScorer/index.ts
112839
112851
  init_zod();
112840
112852
 
@@ -114222,9 +114234,12 @@ function extractContextSummary(messages) {
114222
114234
  }
114223
114235
 
114224
114236
  // src/core/agents/specialized/findingJudge/index.ts
114237
+ init_structured();
114238
+ init_lazyLogger();
114239
+ var log6 = scopedLogger(() => createLogger("FindingJudge"));
114225
114240
  async function judgeFinding(input, ctx) {
114226
114241
  try {
114227
- const { FindingJudgeAgent } = await import("./agent-x1tnsg7n.js");
114242
+ const { FindingJudgeAgent } = await import("./agent-6nhperp2.js");
114228
114243
  const agent = new FindingJudgeAgent({
114229
114244
  finding: input,
114230
114245
  model: ctx.model,
@@ -114245,7 +114260,11 @@ async function judgeFinding(input, ctx) {
114245
114260
  return normalizeJudgeResult(result);
114246
114261
  } catch (err) {
114247
114262
  const fallback = createJudgeFailureResult(err, ctx.model);
114248
- console.error(`[FindingJudge] Agentic validation failed: model=${fallback.error?.model} type=${fallback.error?.type} message=${fallback.error?.message}`);
114263
+ log6.warn("Agentic validation failed", {
114264
+ model: fallback.error?.model,
114265
+ type: fallback.error?.type,
114266
+ message: fallback.error?.message
114267
+ });
114249
114268
  return fallback;
114250
114269
  }
114251
114270
  }
@@ -114299,6 +114318,7 @@ function createJudgeFailureResult(err, model) {
114299
114318
  }
114300
114319
 
114301
114320
  // src/core/agents/offSecAgent/tools/documentFinding.ts
114321
+ var log7 = scopedLogger(() => createLogger("document-finding"));
114302
114322
  var documentVulnerabilityInputSchema = exports_external.object({
114303
114323
  title: exports_external.string().describe("Finding title"),
114304
114324
  description: exports_external.string().describe("Detailed description of the finding"),
@@ -114888,9 +114908,7 @@ function preparePoc(input) {
114888
114908
  let pocContent = input.pocContent.trim();
114889
114909
  const portabilityWarnings = validatePocPortability(pocContent, input.pocType);
114890
114910
  if (portabilityWarnings.length > 0) {
114891
- console.warn(`[PoC Portability] Warnings for ${filename}:
114892
- ${portabilityWarnings.join(`
114893
- `)}`);
114911
+ log7.warn(`PoC portability warnings for ${filename}: ${portabilityWarnings.join("; ")}`);
114894
114912
  }
114895
114913
  if (!pocContent.startsWith("#!")) {
114896
114914
  const shebangs = {
@@ -120066,6 +120084,9 @@ function createResponseTool(responseSchema, onResult) {
120066
120084
  // src/core/agents/offSecAgent/tools/runAttackSurface.ts
120067
120085
  init_dist();
120068
120086
  init_zod();
120087
+ init_structured();
120088
+ init_lazyLogger();
120089
+ var log8 = scopedLogger(() => createLogger("run_attack_surface"));
120069
120090
  function runAttackSurface(ctx) {
120070
120091
  return tool({
120071
120092
  description: `Run the attack surface discovery agent to map the target's full attack surface.
@@ -120102,7 +120123,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
120102
120123
  });
120103
120124
  if (cwd) {
120104
120125
  try {
120105
- const { WhiteboxAttackSurfaceAgent } = await import("./index-54ep0ery.js");
120126
+ const { WhiteboxAttackSurfaceAgent } = await import("./index-3cbcjqw1.js");
120106
120127
  const localBus = new AgentEventBus;
120107
120128
  AgentEventBus.attachChild(localBus, ctx.eventBus, subagentId);
120108
120129
  const agent = new WhiteboxAttackSurfaceAgent({
@@ -120121,8 +120142,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
120121
120142
  objective: ep.pentestObjectives.join("; "),
120122
120143
  rationale: `${app.framework} ${ep.method} endpoint in ${app.name} (${ep.file}${ep.line ? `:${ep.line}` : ""})`
120123
120144
  })));
120124
- console.log(`
120125
- ✓ Whitebox attack surface complete: ${targets.length} targets from ${result.apps.length} apps`);
120145
+ log8.info(`Whitebox attack surface complete: ${targets.length} targets from ${result.apps.length} apps`);
120126
120146
  ctx.eventBus?.emit("subagent-complete", {
120127
120147
  subagentId,
120128
120148
  status: "completed",
@@ -120138,7 +120158,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
120138
120158
  };
120139
120159
  } catch (error) {
120140
120160
  const errorMsg = error instanceof Error ? error.message : String(error);
120141
- console.error(`✗ Whitebox attack surface agent failed: ${errorMsg}`);
120161
+ log8.error(`Whitebox attack surface agent failed: ${errorMsg}`);
120142
120162
  ctx.eventBus?.emit("subagent-complete", {
120143
120163
  subagentId,
120144
120164
  status: "failed",
@@ -120153,7 +120173,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
120153
120173
  }
120154
120174
  }
120155
120175
  try {
120156
- const { BlackboxAttackSurfaceAgent } = await import("./blackboxAgent-76tnwwg7.js");
120176
+ const { BlackboxAttackSurfaceAgent } = await import("./blackboxAgent-sgph70e4.js");
120157
120177
  const localBus = new AgentEventBus;
120158
120178
  AgentEventBus.attachChild(localBus, ctx.eventBus, subagentId);
120159
120179
  const agent = new BlackboxAttackSurfaceAgent({
@@ -120168,8 +120188,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
120168
120188
  });
120169
120189
  const result = await agent.consume();
120170
120190
  const targetCount = result.targets.length;
120171
- console.log(`
120172
- ✓ Blackbox attack surface complete: ${targetCount} targets identified`);
120191
+ log8.info(`Blackbox attack surface complete: ${targetCount} targets identified`);
120173
120192
  ctx.eventBus?.emit("subagent-complete", {
120174
120193
  subagentId,
120175
120194
  status: "completed",
@@ -120192,7 +120211,7 @@ should be passed directly to spawn_pentest_swarm for deep testing.`,
120192
120211
  };
120193
120212
  } catch (error) {
120194
120213
  const errorMsg = error instanceof Error ? error.message : String(error);
120195
- console.error(`✗ Blackbox attack surface agent failed: ${errorMsg}`);
120214
+ log8.error(`Blackbox attack surface agent failed: ${errorMsg}`);
120196
120215
  ctx.eventBus?.emit("subagent-complete", {
120197
120216
  subagentId,
120198
120217
  status: "failed",
@@ -120232,7 +120251,7 @@ Omit \`cwd\` for blackbox mode (live target probing only).`,
120232
120251
  toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing")
120233
120252
  }),
120234
120253
  execute: async ({ target, cwd }) => {
120235
- const { runPentestWorkflow: workflow } = await import("./pentest-wy4eeagc.js");
120254
+ const { runPentestWorkflow: workflow } = await import("./pentest-2vsjf0j8.js");
120236
120255
  if (!ctx.model) {
120237
120256
  return {
120238
120257
  success: false,
@@ -121808,7 +121827,7 @@ Returns an array of results with the text output from each agent.`,
121808
121827
  });
121809
121828
  }
121810
121829
  async function runSingleCodingAgent(ctx, codebasePath, objective, agentIndex, name) {
121811
- const { CodeAgent } = await import("./agent-84enr6xn.js");
121830
+ const { CodeAgent } = await import("./agent-4g69jwmq.js");
121812
121831
  const subagentId = `coding-agent-${agentIndex}`;
121813
121832
  ctx.eventBus?.emit("subagent-spawn", {
121814
121833
  subagentId,
@@ -121855,8 +121874,11 @@ async function runSingleCodingAgent(ctx, codebasePath, objective, agentIndex, na
121855
121874
  // src/core/findings/registry.ts
121856
121875
  init_zod();
121857
121876
  init_ai();
121877
+ init_structured();
121878
+ init_lazyLogger();
121858
121879
  import { existsSync as existsSync16, readdirSync as readdirSync3, readFileSync as readFileSync4 } from "fs";
121859
121880
  import { join as join23 } from "path";
121881
+ var log9 = scopedLogger(() => createLogger("findings:registry"));
121860
121882
  var VULN_CLASS_PATTERNS = [
121861
121883
  [/sql\s*injection/i, "sql-injection"],
121862
121884
  [/command\s*injection/i, "command-injection"],
@@ -122035,22 +122057,22 @@ class FindingsRegistry {
122035
122057
  if (!existsSync16(findingsPath))
122036
122058
  return registry;
122037
122059
  const files = readdirSync3(findingsPath).filter((f) => f.endsWith(".json"));
122038
- console.log(`[FindingsRegistry.fromDirectory] path=${findingsPath}, jsonFiles=${files.length}`);
122060
+ log9.debug(`fromDirectory: path=${findingsPath}, jsonFiles=${files.length}`);
122039
122061
  for (const file of files) {
122040
122062
  try {
122041
122063
  const raw = readFileSync4(join23(findingsPath, file), "utf-8");
122042
122064
  const finding = JSON.parse(raw);
122043
122065
  if (finding && typeof finding.title === "string" && typeof finding.endpoint === "string") {
122044
122066
  registry.indexFinding(finding);
122045
- console.log(`[FindingsRegistry.fromDirectory] indexed: "${finding.title}" endpoint="${finding.endpoint}" (file=${file})`);
122067
+ log9.debug(`fromDirectory: indexed "${finding.title}" endpoint="${finding.endpoint}" (file=${file})`);
122046
122068
  } else {
122047
- console.log(`[FindingsRegistry.fromDirectory] skipped (missing title/endpoint): file=${file}`);
122069
+ log9.debug(`fromDirectory: skipped (missing title/endpoint) file=${file}`);
122048
122070
  }
122049
122071
  } catch {
122050
- console.log(`[FindingsRegistry.fromDirectory] skipped (malformed): file=${file}`);
122072
+ log9.debug(`fromDirectory: skipped (malformed) file=${file}`);
122051
122073
  }
122052
122074
  }
122053
- console.log(`[FindingsRegistry.fromDirectory] Registry initialized: ${registry.size} findings indexed`);
122075
+ log9.debug(`fromDirectory: registry initialized with ${registry.size} findings indexed`);
122054
122076
  return registry;
122055
122077
  }
122056
122078
  static fromFindings(findings, opts) {
@@ -122081,19 +122103,19 @@ class FindingsRegistry {
122081
122103
  return { duplicate: false };
122082
122104
  }
122083
122105
  async register(finding) {
122084
- console.log(`[FindingsRegistry.register] Checking: "${finding.title}" endpoint="${finding.endpoint}"`);
122106
+ log9.debug(`register: checking "${finding.title}" endpoint="${finding.endpoint}"`);
122085
122107
  const fastResult = await new Promise((resolve6) => {
122086
122108
  this.mutex = this.mutex.then(() => {
122087
122109
  const check = this.isDuplicate(finding);
122088
122110
  if (check.duplicate) {
122089
- console.log(`[FindingsRegistry.register] DUPLICATE (${check.matchType}): "${finding.title}" matched="${check.matchedFinding?.title}"`);
122111
+ log9.debug(`register: DUPLICATE (${check.matchType}) "${finding.title}" matched="${check.matchedFinding?.title}"`);
122090
122112
  resolve6(check);
122091
122113
  } else if (!this.model || this.findings.length === 0) {
122092
122114
  this.indexFinding(finding);
122093
- console.log(`[FindingsRegistry.register] UNIQUE (Tier 1+2, no LLM needed): "${finding.title}" — registry size=${this.size}`);
122115
+ log9.debug(`register: UNIQUE (Tier 1+2, no LLM needed) "${finding.title}" — registry size=${this.size}`);
122094
122116
  resolve6({ duplicate: false });
122095
122117
  } else {
122096
- console.log(`[FindingsRegistry.register] Tier 1+2 pass — proceeding to Tier 3 LLM check for "${finding.title}"`);
122118
+ log9.debug(`register: Tier 1+2 pass — proceeding to Tier 3 LLM check for "${finding.title}"`);
122097
122119
  resolve6(null);
122098
122120
  }
122099
122121
  });
@@ -122105,21 +122127,21 @@ class FindingsRegistry {
122105
122127
  try {
122106
122128
  semanticResult = await this.semanticDedup(finding, snapshot);
122107
122129
  } catch {
122108
- console.log(`[FindingsRegistry.register] Tier 3 LLM error for "${finding.title}" — falling back to Tier 1+2 only`);
122130
+ log9.warn(`register: Tier 3 LLM error for "${finding.title}" — falling back to Tier 1+2 only`);
122109
122131
  }
122110
122132
  if (semanticResult.duplicate) {
122111
- console.log(`[FindingsRegistry.register] DUPLICATE (semantic/Tier 3): "${finding.title}" matched="${semanticResult.matchedFinding?.title}"`);
122133
+ log9.debug(`register: DUPLICATE (semantic/Tier 3) "${finding.title}" matched="${semanticResult.matchedFinding?.title}"`);
122112
122134
  return semanticResult;
122113
122135
  }
122114
122136
  return new Promise((resolve6) => {
122115
122137
  this.mutex = this.mutex.then(() => {
122116
122138
  const recheck = this.isDuplicate(finding);
122117
122139
  if (recheck.duplicate) {
122118
- console.log(`[FindingsRegistry.register] DUPLICATE (race re-check, ${recheck.matchType}): "${finding.title}" matched="${recheck.matchedFinding?.title}"`);
122140
+ log9.debug(`register: DUPLICATE (race re-check, ${recheck.matchType}) "${finding.title}" matched="${recheck.matchedFinding?.title}"`);
122119
122141
  resolve6(recheck);
122120
122142
  } else {
122121
122143
  this.indexFinding(finding);
122122
- console.log(`[FindingsRegistry.register] UNIQUE (all tiers passed): "${finding.title}" — registry size=${this.size}`);
122144
+ log9.debug(`register: UNIQUE (all tiers passed) "${finding.title}" — registry size=${this.size}`);
122123
122145
  resolve6({ duplicate: false });
122124
122146
  }
122125
122147
  });
@@ -122176,7 +122198,7 @@ class FindingsRegistry {
122176
122198
  abortSignal: this.abortSignal
122177
122199
  });
122178
122200
  } catch {
122179
- console.log(`[FindingsRegistry.groupByRootCause] LLM error — skipping root-cause grouping`);
122201
+ log9.warn("groupByRootCause: LLM error — skipping root-cause grouping");
122180
122202
  return [];
122181
122203
  }
122182
122204
  const sanitised = [];
@@ -122288,7 +122310,7 @@ Returns the worker's summary, objective results, and finding count — but NOT t
122288
122310
  message: "spawn_pentest_agent requires a model in the tool context."
122289
122311
  };
122290
122312
  }
122291
- const { TargetedPentestAgent } = await import("./agent-z8043nrm.js");
122313
+ const { TargetedPentestAgent } = await import("./agent-x7n47c84.js");
122292
122314
  const findingsRegistry = ctx.findingsRegistry ?? FindingsRegistry.fromDirectory(ctx.session.findingsPath, {
122293
122315
  model: ctx.model,
122294
122316
  authConfig: ctx.authConfig,
@@ -122418,6 +122440,9 @@ ${existingContext}`;
122418
122440
  // src/core/agents/offSecAgent/tools/spawnPentestSwarm.ts
122419
122441
  init_dist();
122420
122442
  init_zod();
122443
+ init_structured();
122444
+ init_lazyLogger();
122445
+ var log10 = scopedLogger(() => createLogger("spawn-pentest-swarm"));
122421
122446
  function spawnPentestSwarm(ctx) {
122422
122447
  return tool({
122423
122448
  description: `Launch a swarm of targeted pentest sub-agents to test multiple targets in parallel.
@@ -122439,7 +122464,7 @@ Pass every target you want tested — the swarm handles concurrency automaticall
122439
122464
  toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing")
122440
122465
  }),
122441
122466
  execute: async ({ targets }) => {
122442
- const { runPentestSwarm, DEFAULT_CONCURRENCY: DEFAULT_CONCURRENCY2 } = await import("./pentest-wy4eeagc.js");
122467
+ const { runPentestSwarm, DEFAULT_CONCURRENCY: DEFAULT_CONCURRENCY2 } = await import("./pentest-2vsjf0j8.js");
122443
122468
  if (!ctx.model) {
122444
122469
  return {
122445
122470
  success: false,
@@ -122452,8 +122477,7 @@ Pass every target you want tested — the swarm handles concurrency automaticall
122452
122477
  abortSignal: ctx.abortSignal
122453
122478
  });
122454
122479
  const total = targets.length;
122455
- console.log(`
122456
- \uD83D\uDC1D Spawning pentest swarm: ${total} agents (concurrency: ${DEFAULT_CONCURRENCY2})`);
122480
+ log10.info(`Spawning pentest swarm: ${total} agents (concurrency: ${DEFAULT_CONCURRENCY2})`);
122457
122481
  const swarmResults = await runPentestSwarm({
122458
122482
  targets,
122459
122483
  model: ctx.model,
@@ -122487,6 +122511,9 @@ Pass every target you want tested — the swarm handles concurrency automaticall
122487
122511
  // src/core/agents/offSecAgent/tools/submitPlan.ts
122488
122512
  init_dist();
122489
122513
  init_zod();
122514
+ init_structured();
122515
+ init_lazyLogger();
122516
+ var log11 = scopedLogger(() => createLogger("submit_plan"));
122490
122517
  var submitPlanInputSchema = exports_external.object({
122491
122518
  toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing (e.g., 'Submitting pentest plan for operator review')")
122492
122519
  });
@@ -122503,7 +122530,7 @@ Only call this when the plan is complete and ready for review.`,
122503
122530
  execute: async () => {
122504
122531
  const scopeId = ctx.planSubagentId ?? ctx.subagentId;
122505
122532
  const planPath = planFilePath(ctx.session.rootPath, scopeId);
122506
- console.error(`[submit_plan] enter: path=${planPath}`);
122533
+ log11.debug(`enter: path=${planPath}`);
122507
122534
  const plan = readPlan(ctx.session.rootPath, scopeId);
122508
122535
  if (!plan || !plan.trim()) {
122509
122536
  return {
@@ -122512,7 +122539,7 @@ Only call this when the plan is complete and ready for review.`,
122512
122539
  path: planPath
122513
122540
  };
122514
122541
  }
122515
- console.error(`[submit_plan] done: planLen=${plan.length}`);
122542
+ log11.debug(`done: planLen=${plan.length}`);
122516
122543
  return { success: true, error: "", path: planPath };
122517
122544
  }
122518
122545
  });
@@ -123071,9 +123098,12 @@ async function handleSearchResponse(response) {
123071
123098
  // src/core/agents/offSecAgent/tools/writePlan.ts
123072
123099
  init_dist();
123073
123100
  init_zod();
123101
+ init_structured();
123074
123102
  import { mkdirSync as mkdirSync12 } from "fs";
123075
123103
  import { writeFile as writeFile5 } from "fs/promises";
123076
123104
  import { dirname as dirname4 } from "path";
123105
+ init_lazyLogger();
123106
+ var log12 = scopedLogger(() => createLogger("write_plan"));
123077
123107
  var writePlanInputSchema = exports_external.object({
123078
123108
  content: exports_external.string().describe("The full markdown content of the pentest plan"),
123079
123109
  toolCallDescription: exports_external.string().describe("A concise, human-readable description of what this tool call is doing (e.g., 'Writing initial pentest plan with recon findings')")
@@ -123098,13 +123128,15 @@ Required plan sections:
123098
123128
  const scopeId = ctx.planSubagentId ?? ctx.subagentId;
123099
123129
  const planPath = planFilePath(ctx.session.rootPath, scopeId);
123100
123130
  mkdirSync12(dirname4(planPath), { recursive: true });
123101
- console.error(`[write_plan] enter: contentLen=${content.length}, path=${planPath}`);
123131
+ log12.debug(`enter: contentLen=${content.length}, path=${planPath}`);
123102
123132
  try {
123103
123133
  await writeFile5(planPath, content, "utf-8");
123104
- console.error(`[write_plan] done`);
123134
+ log12.debug("done");
123105
123135
  return { success: true, error: "", path: planPath };
123106
123136
  } catch (err) {
123107
- console.error(`[write_plan] error: ${err}`);
123137
+ log12.error("write failed", err instanceof Error ? err : undefined, {
123138
+ error: String(err)
123139
+ });
123108
123140
  return {
123109
123141
  success: false,
123110
123142
  error: err instanceof Error ? err.message : String(err),
@@ -124324,9 +124356,10 @@ class StepTraceWriter {
124324
124356
  // src/core/agents/offSecAgent/offensiveSecurityAgent.ts
124325
124357
  init_dist();
124326
124358
  init_ai();
124327
- import { existsSync as existsSync19, mkdirSync as mkdirSync14 } from "fs";
124359
+ import { existsSync as existsSync18, mkdirSync as mkdirSync14 } from "fs";
124328
124360
  import { writeFile as writeFile6 } from "fs/promises";
124329
124361
  import { join as join25 } from "path";
124362
+ init_structured();
124330
124363
  init_observability();
124331
124364
 
124332
124365
  // src/core/operator/approvalGate.ts
@@ -124602,510 +124635,11 @@ var OperatorSettingsObject = exports_external.object({
124602
124635
  initialMode: exports_external.enum(["plan", "manual", "auto"]).default("manual"),
124603
124636
  requireApproval: exports_external.boolean().default(true)
124604
124637
  });
124605
- // src/core/session/index.ts
124606
- init_zod();
124607
- import { existsSync as existsSync18, readFileSync as readFileSync6 } from "fs";
124608
- import os from "os";
124609
- import path from "path";
124610
- init_installation();
124611
- init_toolset();
124612
- var DEFAULT_OUTCOME_GUIDANCE = "Prove the exploit can be run but do not exfiltrate data or cause any harm to the system. " + "Create proof-of-concept exploits that demonstrate the vulnerability exists without causing damage.";
124613
- var EXFIL_OUTCOME_GUIDANCE = "Exfiltrate data to extract the flag value. " + "Create proof-of-concept exploits that successfully extract the flag from the target system.";
124614
- var DEFAULT_HEADER_RECORD = {
124615
- "User-Agent": "pensar-apex"
124616
- };
124617
- var AuthCredentialsObject = zod_default.object({
124618
- username: zod_default.string().optional(),
124619
- password: zod_default.string().optional(),
124620
- loginUrl: zod_default.string().optional(),
124621
- additionalFields: zod_default.record(zod_default.string(), zod_default.string()).optional(),
124622
- apiKey: zod_default.string().optional(),
124623
- role: zod_default.string().optional(),
124624
- context: zod_default.string().optional(),
124625
- tokens: zod_default.object({
124626
- bearerToken: zod_default.string().optional(),
124627
- cookies: zod_default.string().optional(),
124628
- sessionToken: zod_default.string().optional(),
124629
- customHeaders: zod_default.record(zod_default.string(), zod_default.string()).optional()
124630
- }).optional()
124631
- });
124632
- var ScopeConstraintsObject = zod_default.object({
124633
- allowedHosts: zod_default.string().array().optional(),
124634
- allowedPorts: zod_default.number().array().optional(),
124635
- strictScope: zod_default.boolean().optional()
124636
- });
124637
- var SessionHeadersRecord = zod_default.record(zod_default.string(), zod_default.string());
124638
- var OffensiveHeadersConfigObject = zod_default.object({
124639
- mode: zod_default.enum(["none", "default", "custom"]).optional(),
124640
- headers: SessionHeadersRecord.optional()
124641
- });
124642
- var OperatorSettingsObject2 = zod_default.object({
124643
- initialMode: zod_default.enum(["plan", "manual", "auto"]).default("manual"),
124644
- requireApproval: zod_default.boolean().default(true),
124645
- enableSuggestions: zod_default.boolean().default(true)
124646
- });
124647
- var EmailInboxConfigObject = zod_default.discriminatedUnion("provider", [
124648
- zod_default.object({
124649
- provider: zod_default.literal("gmail"),
124650
- id: zod_default.string(),
124651
- name: zod_default.string(),
124652
- emailAddress: zod_default.string(),
124653
- accessToken: zod_default.string(),
124654
- refreshToken: zod_default.string(),
124655
- clientId: zod_default.string().optional(),
124656
- clientSecret: zod_default.string().optional(),
124657
- tokenExpiry: zod_default.number().optional()
124658
- }),
124659
- zod_default.object({
124660
- provider: zod_default.literal("outlook"),
124661
- id: zod_default.string(),
124662
- name: zod_default.string(),
124663
- emailAddress: zod_default.string(),
124664
- accessToken: zod_default.string(),
124665
- refreshToken: zod_default.string(),
124666
- clientId: zod_default.string().optional(),
124667
- clientSecret: zod_default.string().optional(),
124668
- tokenExpiry: zod_default.number().optional()
124669
- }),
124670
- zod_default.object({
124671
- provider: zod_default.literal("imap"),
124672
- id: zod_default.string(),
124673
- name: zod_default.string(),
124674
- emailAddress: zod_default.string(),
124675
- imapHost: zod_default.string(),
124676
- imapPort: zod_default.number(),
124677
- username: zod_default.string(),
124678
- password: zod_default.string(),
124679
- tls: zod_default.boolean()
124680
- })
124681
- ]);
124682
- var EmailIntegrationConfigObject = zod_default.object({
124683
- inboxes: zod_default.array(EmailInboxConfigObject)
124684
- });
124685
- var SmtpConfigObject = zod_default.object({
124686
- host: zod_default.string(),
124687
- port: zod_default.number(),
124688
- username: zod_default.string(),
124689
- password: zod_default.string(),
124690
- tls: zod_default.boolean().default(true),
124691
- fromAddress: zod_default.string().optional()
124692
- });
124693
- function resolveSmtpConfig(explicit) {
124694
- if (explicit)
124695
- return explicit;
124696
- const fromAddress = process.env.OUTBOUND_EMAIL;
124697
- const resendKey = process.env.RESEND_API_KEY;
124698
- if (resendKey) {
124699
- return {
124700
- host: "smtp.resend.com",
124701
- port: 465,
124702
- username: "resend",
124703
- password: resendKey,
124704
- tls: true,
124705
- fromAddress
124706
- };
124707
- }
124708
- const host = process.env.SMTP_HOST;
124709
- const port = process.env.SMTP_PORT;
124710
- const username = process.env.SMTP_USERNAME;
124711
- const password = process.env.SMTP_PASSWORD;
124712
- if (host && port && username && password) {
124713
- return {
124714
- host,
124715
- port: parseInt(port, 10),
124716
- username,
124717
- password,
124718
- tls: process.env.SMTP_TLS !== "false",
124719
- fromAddress
124720
- };
124721
- }
124722
- return;
124723
- }
124724
- var SessionConfigObject = zod_default.object({
124725
- headers: SessionHeadersRecord.optional(),
124726
- offensiveHeaders: OffensiveHeadersConfigObject.optional(),
124727
- sessionType: zod_default.enum(["web-app"]).optional(),
124728
- mode: zod_default.enum(["auto", "driver", "operator"]).optional(),
124729
- outcomeGuidance: zod_default.string().optional(),
124730
- scopeConstraints: ScopeConstraintsObject.optional(),
124731
- authCredentials: zod_default.union([AuthCredentialsObject, zod_default.array(AuthCredentialsObject)]).optional(),
124732
- authenticationInstructions: zod_default.string().optional(),
124733
- requestsPerSecond: zod_default.number().optional(),
124734
- operatorSettings: OperatorSettingsObject2.optional(),
124735
- toolsetState: ToolsetStateSchema.optional(),
124736
- enumerateSubdomains: zod_default.boolean().optional(),
124737
- codebasePath: zod_default.string().optional(),
124738
- emailIntegration: EmailIntegrationConfigObject.optional(),
124739
- smtpConfig: SmtpConfigObject.optional(),
124740
- exfilMode: zod_default.boolean().optional(),
124741
- agentCwd: zod_default.string().optional(),
124742
- prompt: zod_default.string().optional(),
124743
- taskDriven: zod_default.boolean().optional(),
124744
- requirePlan: zod_default.boolean().optional()
124745
- });
124746
- function getPensarDir() {
124747
- return path.join(os.homedir(), ".pensar");
124748
- }
124749
- function getSessionsDir() {
124750
- return path.join(getPensarDir(), "sessions");
124751
- }
124752
- function getSessionRoot(id) {
124753
- return path.join(getSessionsDir(), id);
124754
- }
124755
- async function createSessionDirs(input) {
124756
- const { session } = input;
124757
- await createDir(["sessions", session.id]);
124758
- await createDir(["sessions", session.id, "findings"]);
124759
- await createDir(["sessions", session.id, "scratchpad"]);
124760
- await createDir(["sessions", session.id, "logs"]);
124761
- await createDir(["sessions", session.id, "pocs"]);
124762
- const startTime = new Date().toISOString();
124763
- const readme = generateSessionReadme(session);
124764
- await writeRaw(["sessions", session.id, "README.md"], readme);
124765
- console.info("created session", session.id);
124766
- }
124767
- function generateSessionReadme(session) {
124768
- return `# Penetration Test Session
124769
-
124770
- **Session ID:** ${session.id}
124771
- **Target:** ${session.targets}
124772
- **Objective:** ${session.config?.outcomeGuidance}
124773
- **Started:** ${session.time.created}
124774
-
124775
- ## Directory Structure
124776
-
124777
- - \`findings/\` - Security findings and vulnerabilities
124778
- - \`scratchpad/\` - Notes and temporary data during testing
124779
- - \`logs/\` - Execution logs and command outputs
124780
- - \`pocs/\` - Proof-of-concept exploit scripts
124781
- - \`session.json\` - Session metadata
124782
-
124783
- ## Findings
124784
-
124785
- Security findings will be documented in the \`findings/\` directory as individual files.
124786
-
124787
- ## Status
124788
-
124789
- Testing in progress...
124790
- `;
124791
- }
124792
- function normalizeDeprecatedHeaders(config2) {
124793
- if (!config2)
124794
- return config2;
124795
- if (config2.offensiveHeaders == null) {
124796
- const { offensiveHeaders: _drop, ...rest2 } = config2;
124797
- return rest2;
124798
- }
124799
- const { offensiveHeaders, ...rest } = config2;
124800
- const restWithHeaders = rest;
124801
- if (restWithHeaders.headers !== undefined) {
124802
- return restWithHeaders;
124803
- }
124804
- const oh = offensiveHeaders;
124805
- if (oh.mode === "none") {
124806
- return { ...restWithHeaders, headers: {} };
124807
- }
124808
- let headers = {};
124809
- if (oh.mode === "default")
124810
- headers = { ...DEFAULT_HEADER_RECORD };
124811
- if (oh.headers)
124812
- headers = { ...headers, ...oh.headers };
124813
- return { ...restWithHeaders, headers };
124814
- }
124815
- function migrateLegacySessionData(input) {
124816
- if (!input || typeof input !== "object")
124817
- return input;
124818
- const root = input;
124819
- const config2 = root.config;
124820
- if (!config2 || typeof config2 !== "object")
124821
- return input;
124822
- const cfg = config2;
124823
- if (!("offensiveHeaders" in cfg))
124824
- return input;
124825
- return { ...root, config: normalizeDeprecatedHeaders(cfg) };
124826
- }
124827
- var SessionInfoObject = zod_default.object({
124828
- id: schema("session"),
124829
- name: zod_default.string().optional(),
124830
- version: zod_default.string(),
124831
- targets: zod_default.array(zod_default.string()),
124832
- config: SessionConfigObject.optional(),
124833
- time: zod_default.object({
124834
- created: zod_default.number(),
124835
- updated: zod_default.number()
124836
- }),
124837
- rootPath: zod_default.string(),
124838
- logsPath: zod_default.string(),
124839
- findingsPath: zod_default.string(),
124840
- scratchpadPath: zod_default.string(),
124841
- pocsPath: zod_default.string()
124842
- });
124843
- async function create(input) {
124844
- const name = input.name ?? generateRandomName();
124845
- const normalizedConfig = normalizeDeprecatedHeaders(input.config);
124846
- const id = `${input.prefix ? input.prefix : ""}` + descending("session", input.id);
124847
- const rootPath = getSessionRoot(id);
124848
- const findingsPath = path.join(rootPath, "findings");
124849
- const scratchpadPath = path.join(rootPath, "scratchpad");
124850
- const logsPath = path.join(rootPath, "logs");
124851
- const pocsPath = path.join(rootPath, "pocs");
124852
- const rateLimiter = new RateLimiter({
124853
- requestsPerSecond: normalizedConfig?.requestsPerSecond
124854
- });
124855
- let credentialManager;
124856
- if (normalizedConfig?.authCredentials) {
124857
- credentialManager = new CredentialManager;
124858
- const creds = Array.isArray(normalizedConfig.authCredentials) ? normalizedConfig.authCredentials : [normalizedConfig.authCredentials];
124859
- for (const cred of creds) {
124860
- credentialManager.addFromAuthCredentials(cred);
124861
- }
124862
- }
124863
- const smtpConfig = resolveSmtpConfig(normalizedConfig?.smtpConfig);
124864
- let snapshotHeaders;
124865
- if (normalizedConfig?.headers !== undefined) {
124866
- snapshotHeaders = { ...normalizedConfig.headers };
124867
- } else {
124868
- const { config: appConfig } = await import("./index-2a1x5nnv.js");
124869
- const cfg = await appConfig.get();
124870
- snapshotHeaders = cfg.defaultHeaders ? { ...cfg.defaultHeaders } : { ...DEFAULT_HEADER_RECORD };
124871
- }
124872
- const result = {
124873
- id,
124874
- version: getCurrentVersion(),
124875
- targets: input.targets,
124876
- name,
124877
- time: {
124878
- created: Date.now(),
124879
- updated: Date.now()
124880
- },
124881
- config: {
124882
- ...normalizedConfig,
124883
- mode: normalizedConfig?.mode || "auto",
124884
- headers: snapshotHeaders,
124885
- outcomeGuidance: normalizedConfig?.outcomeGuidance || (normalizedConfig?.exfilMode ? EXFIL_OUTCOME_GUIDANCE : DEFAULT_OUTCOME_GUIDANCE),
124886
- smtpConfig
124887
- },
124888
- _rateLimiter: rateLimiter,
124889
- credentialManager,
124890
- rootPath,
124891
- logsPath,
124892
- pocsPath,
124893
- scratchpadPath,
124894
- findingsPath
124895
- };
124896
- const { _rateLimiter, credentialManager: _cm, ...sessionData } = result;
124897
- await createSessionDirs({ session: result });
124898
- await write(["sessions", result.id, "session"], sessionData);
124899
- if (!input.name && input.model) {
124900
- generateSessionName({
124901
- targets: input.targets,
124902
- userMessage: input.userMessage,
124903
- model: input.model,
124904
- authConfig: input.authConfig
124905
- }).then((aiName) => {
124906
- if (aiName) {
124907
- result.name = aiName;
124908
- update2(result.id, (s) => {
124909
- s.name = aiName;
124910
- }).catch(() => {});
124911
- input.onNameGenerated?.(aiName);
124912
- }
124913
- });
124914
- }
124915
- return result;
124916
- }
124917
- var get = async (id) => {
124918
- const raw = await read(["sessions", id, "session"]);
124919
- const read2 = migrateLegacySessionData(raw);
124920
- if (read2.config?.requestsPerSecond) {
124921
- read2._rateLimiter = new RateLimiter({
124922
- requestsPerSecond: read2.config.requestsPerSecond
124923
- });
124924
- } else {
124925
- delete read2._rateLimiter;
124926
- }
124927
- return read2;
124928
- };
124929
- async function update2(id, editor) {
124930
- const result = await update(["sessions", id, "session"], (draft) => {
124931
- editor(draft);
124932
- draft.time.updated = Date.now();
124933
- });
124934
- return result;
124935
- }
124936
- async function* list2() {
124937
- const sessionsDir = getSessionsDir();
124938
- let entries;
124939
- try {
124940
- entries = await import("fs/promises").then((fsp) => fsp.readdir(sessionsDir, { withFileTypes: true }));
124941
- } catch {
124942
- return;
124943
- }
124944
- for (const entry of entries) {
124945
- if (!entry.isDirectory())
124946
- continue;
124947
- try {
124948
- yield await read([
124949
- "sessions",
124950
- entry.name,
124951
- "session"
124952
- ]);
124953
- } catch {}
124954
- }
124955
- }
124956
- var RemoveInput = zod_default.object({
124957
- sessionId: schema("session")
124958
- });
124959
- var remove2 = async (input) => {
124960
- try {
124961
- const sessionDir = getSessionRoot(input.sessionId);
124962
- const fsp = await import("fs/promises");
124963
- await fsp.rm(sessionDir, { recursive: true, force: true });
124964
- } catch (e) {
124965
- console.error(e);
124966
- }
124967
- };
124968
- var RemoveMsgInput = zod_default.object({
124969
- sessionId: schema("session"),
124970
- messageId: schema("message")
124971
- });
124972
- async function loadOperatorState(sessionId) {
124973
- try {
124974
- const session = await get(sessionId);
124975
- const statePath = path.join(session.rootPath, "messages.json");
124976
- if (!existsSync18(statePath))
124977
- return null;
124978
- const data = readFileSync6(statePath, "utf-8");
124979
- const parsed = JSON.parse(data);
124980
- if (Array.isArray(parsed)) {
124981
- return {
124982
- mode: session.config?.operatorSettings?.initialMode ?? "manual",
124983
- requireApproval: session.config?.operatorSettings?.requireApproval ?? true,
124984
- currentStage: "recon",
124985
- messages: parsed,
124986
- attackSurface: [],
124987
- credentials: [],
124988
- verifiedVulns: [],
124989
- targetState: null,
124990
- hypotheses: [],
124991
- evidence: [],
124992
- actionHistory: [],
124993
- pausedAt: new Date().toISOString(),
124994
- lastRunId: ""
124995
- };
124996
- }
124997
- return parsed;
124998
- } catch (error) {
124999
- console.error("Error loading operator state:", error);
125000
- return null;
125001
- }
125002
- }
125003
- function hasOperatorState(session) {
125004
- const statePath = path.join(session.rootPath, "messages.json");
125005
- return existsSync18(statePath);
125006
- }
125007
- var MAX_RESUME_MESSAGES = 200;
125008
- function getResumeMessages(messages, limit = MAX_RESUME_MESSAGES) {
125009
- if (messages.length <= limit)
125010
- return messages;
125011
- let cutIndex = messages.length - limit;
125012
- while (cutIndex < messages.length) {
125013
- if (messages[cutIndex].role === "user")
125014
- break;
125015
- cutIndex++;
125016
- }
125017
- if (cutIndex >= messages.length) {
125018
- cutIndex = messages.length - limit;
125019
- }
125020
- return messages.slice(cutIndex);
125021
- }
125022
- function normalizeMessages(messages) {
125023
- if (messages.length <= 1)
125024
- return fixToolOutputs(messages);
125025
- const result = [];
125026
- for (const msg of messages) {
125027
- const prev = result[result.length - 1];
125028
- if (prev && prev.role === "user" && msg.role === "user" && typeof prev.content === "string" && typeof msg.content === "string") {
125029
- result[result.length - 1] = {
125030
- ...prev,
125031
- content: `${prev.content}
125032
-
125033
- ${msg.content}`
125034
- };
125035
- } else if (prev && prev.role === "user" && msg.role === "user") {
125036
- result[result.length - 1] = msg;
125037
- } else {
125038
- result.push(msg);
125039
- }
125040
- }
125041
- return fixToolOutputs(result);
125042
- }
125043
- function fixToolOutputs(messages) {
125044
- let changed = false;
125045
- const fixed = messages.map((msg) => {
125046
- if (msg.role !== "tool" || !Array.isArray(msg.content))
125047
- return msg;
125048
- let partChanged = false;
125049
- const fixedContent = msg.content.map((part) => {
125050
- if (part.type === "tool-result" && typeof part.output === "string") {
125051
- partChanged = true;
125052
- return { ...part, output: { type: "text", value: part.output } };
125053
- }
125054
- return part;
125055
- });
125056
- if (partChanged) {
125057
- changed = true;
125058
- return { ...msg, content: fixedContent };
125059
- }
125060
- return msg;
125061
- });
125062
- return changed ? fixed : messages;
125063
- }
125064
- async function updateOperatorSettings(sessionId, settings) {
125065
- return await update2(sessionId, (session) => {
125066
- if (!session.config) {
125067
- session.config = {};
125068
- }
125069
- if (!session.config.operatorSettings) {
125070
- session.config.operatorSettings = {
125071
- initialMode: "manual",
125072
- requireApproval: true,
125073
- enableSuggestions: true
125074
- };
125075
- }
125076
- if (settings.initialMode !== undefined) {
125077
- session.config.operatorSettings.initialMode = settings.initialMode;
125078
- }
125079
- if (settings.requireApproval !== undefined) {
125080
- session.config.operatorSettings.requireApproval = settings.requireApproval;
125081
- }
125082
- if (settings.enableSuggestions !== undefined) {
125083
- session.config.operatorSettings.enableSuggestions = settings.enableSuggestions;
125084
- }
125085
- });
125086
- }
125087
- async function updateSessionHeaders(sessionId, headers) {
125088
- return await update2(sessionId, (session) => {
125089
- if (!session.config) {
125090
- session.config = {};
125091
- }
125092
- session.config.headers = { ...headers };
125093
- });
125094
- }
125095
- var sessions = {
125096
- getSessionRoot,
125097
- EXFIL_OUTCOME_GUIDANCE,
125098
- create,
125099
- get,
125100
- remove: remove2,
125101
- loadOperatorState,
125102
- hasOperatorState,
125103
- getResumeMessages,
125104
- updateOperatorSettings,
125105
- updateSessionHeaders
125106
- };
125107
-
125108
124638
  // src/core/agents/offSecAgent/offensiveSecurityAgent.ts
124639
+ init_session();
124640
+ init_lazyLogger();
124641
+ var log13 = scopedLogger(() => createLogger("approval-gate"));
124642
+
125109
124643
  class OffensiveSecurityAgent {
125110
124644
  _streamResult = null;
125111
124645
  createStream;
@@ -125238,7 +124772,7 @@ class OffensiveSecurityAgent {
125238
124772
  const planSet = new Set(PLAN_MODE_TOOL_NAMES);
125239
124773
  activeTools = activeTools.filter((t) => planSet.has(t));
125240
124774
  }
125241
- if (!existsSync19(messagesDir)) {
124775
+ if (!existsSync18(messagesDir)) {
125242
124776
  mkdirSync14(messagesDir, { recursive: true });
125243
124777
  }
125244
124778
  const messagesPath = join25(messagesDir, "messages.json");
@@ -125409,19 +124943,19 @@ function wrapToolsWithApprovalGate(tools, gate, exemptToolNames) {
125409
124943
  ...t,
125410
124944
  execute: async (args, options) => {
125411
124945
  const toolCallId = args.toolCallId ?? `tc_${Date.now()}_${Math.random().toString(36).slice(2, 8)}`;
125412
- console.error(`[approval-gate] ${name} (${toolCallId}): checking`);
124946
+ log13.debug(`${name} (${toolCallId}): checking`);
125413
124947
  try {
125414
124948
  await gate.check(name, String(toolCallId), args);
125415
124949
  } catch (err) {
125416
124950
  if (err instanceof ApprovalDeniedError) {
125417
- console.error(`[approval-gate] ${name} (${toolCallId}): denied`);
124951
+ log13.debug(`${name} (${toolCallId}): denied`);
125418
124952
  return { blocked: true, reason: "Denied by operator" };
125419
124953
  }
125420
124954
  throw err;
125421
124955
  }
125422
- console.error(`[approval-gate] ${name} (${toolCallId}): approved, executing`);
124956
+ log13.debug(`${name} (${toolCallId}): approved, executing`);
125423
124957
  const result = await originalExecute(args, options);
125424
- console.error(`[approval-gate] ${name} (${toolCallId}): execute finished`);
124958
+ log13.debug(`${name} (${toolCallId}): execute finished`);
125425
124959
  return result;
125426
124960
  }
125427
124961
  };
@@ -125429,4 +124963,4 @@ function wrapToolsWithApprovalGate(tools, gate, exemptToolNames) {
125429
124963
  return wrapped;
125430
124964
  }
125431
124965
 
125432
- export { AgentEventBus, INTERNAL_ID_PATTERN, ApprovalGate, OPERATOR_MODES, OPERATOR_MODE_CYCLE, createInitialOperatorState, list2 as list, normalizeMessages, sessions, buildProvidedFilesSection, buildSessionWorkspaceSection, buildBaseSystemPrompt, BASE_SYSTEM_PROMPT, isMemoryEnabled, addMemory2 as addMemory, ASK_USER_QUESTIONS_TOOL_NAME, AskUserQuestionSchema, ScopeViolationError, getAllowedHosts, isHostAllowed, extractHostname2 as extractHostname, assertUrlInScope, extractHostsFromCommand, assertCommandInScope, authenticateSession, transformScriptToFunction, parseStorageStateResult, setHeadlessMode, setUserAgent, setViewportSize, PlaywrightMcpSession, createBrowserTools, checkSandboxPlaywright, installSandboxPlaywright, ensureSandboxPlaywright, ensureSandboxBrowser, createSandboxBrowserTools, BROWSER_TOOL_NAMES, createBrowserToolset, checkpointState, completeAuthentication, crawlAuthenticated, createAttackSurfaceReport, createFile, createTask2 as createTask, delegateAuth, detectAuthScheme, documentApp, documentEndpoint, CweEntrySchema, ValidatedCweEntrySchema, hasCanonicalName, documentVulnerability, createEmailToolset, EMAIL_TOOL_NAMES, SEND_EMAIL_TOOL_NAME, executeCommand, extractJsEndpoints, getMemory2 as getMemory, getPage, grep, httpRequest, listFiles, listMemories2 as listMemories, listTasksTool, readTempfileCapped, getApexTmpRoot, extractFallbackStdout, PersistentShell, probeAuthEndpoints, provideComparisonResults, readFile2 as readFile, readSkill, RESPONSE_TOOL_NAME, createResponseTool, runAttackSurface, runPentestWorkflow, runWithBoundedConcurrency, spawnCodingAgent, FindingsRegistry, planFilePath, readPlan, hasPlan, spawnPentestAgent, spawnPentestSwarm, submitPlan, testEndpointVariations, updateFile, updateTask2 as updateTask, validateDiscovery, webSearch, writePlan, createAllTools, ALL_TOOL_NAMES, PLAN_MODE_TOOL_NAMES, SKILL_TOOL_NAMES, StepTraceWriter, OffensiveSecurityAgent };
124966
+ export { AgentEventBus, INTERNAL_ID_PATTERN, ApprovalGate, OPERATOR_MODES, OPERATOR_MODE_CYCLE, createInitialOperatorState, buildProvidedFilesSection, buildSessionWorkspaceSection, buildBaseSystemPrompt, BASE_SYSTEM_PROMPT, isMemoryEnabled, addMemory2 as addMemory, ASK_USER_QUESTIONS_TOOL_NAME, AskUserQuestionSchema, ScopeViolationError, getAllowedHosts, isHostAllowed, extractHostname2 as extractHostname, assertUrlInScope, extractHostsFromCommand, assertCommandInScope, authenticateSession, transformScriptToFunction, parseStorageStateResult, setHeadlessMode, setUserAgent, setViewportSize, PlaywrightMcpSession, createBrowserTools, checkSandboxPlaywright, installSandboxPlaywright, ensureSandboxPlaywright, ensureSandboxBrowser, createSandboxBrowserTools, BROWSER_TOOL_NAMES, createBrowserToolset, checkpointState, completeAuthentication, crawlAuthenticated, createAttackSurfaceReport, createFile, createTask2 as createTask, delegateAuth, detectAuthScheme, documentApp, documentEndpoint, CweEntrySchema, ValidatedCweEntrySchema, hasCanonicalName, documentVulnerability, createEmailToolset, EMAIL_TOOL_NAMES, SEND_EMAIL_TOOL_NAME, executeCommand, extractJsEndpoints, getMemory2 as getMemory, getPage, grep, httpRequest, listFiles, listMemories2 as listMemories, listTasksTool, readTempfileCapped, getApexTmpRoot, extractFallbackStdout, PersistentShell, probeAuthEndpoints, provideComparisonResults, readFile2 as readFile, readSkill, RESPONSE_TOOL_NAME, createResponseTool, runAttackSurface, runPentestWorkflow, runWithBoundedConcurrency, spawnCodingAgent, FindingsRegistry, planFilePath, readPlan, hasPlan, spawnPentestAgent, spawnPentestSwarm, submitPlan, testEndpointVariations, updateFile, updateTask2 as updateTask, validateDiscovery, webSearch, writePlan, createAllTools, ALL_TOOL_NAMES, PLAN_MODE_TOOL_NAMES, SKILL_TOOL_NAMES, StepTraceWriter, OffensiveSecurityAgent };