@phuetz/code-buddy 0.1.0 → 0.1.2

package/dist/security/bash-parser.js

@@ -0,0 +1,327 @@
+/**
+ * Bash Command Parser (Vibe-inspired)
+ *
+ * Parses bash commands to extract individual commands from complex
+ * expressions (pipelines, chains, subshells, command substitutions).
+ *
+ * Uses tree-sitter-bash if available, otherwise falls back to a
+ * robust regex/state-machine parser that handles common patterns.
+ *
+ * This is critical for security: `rm -rf / && echo safe` should
+ * detect the `rm -rf /` component, not just see "echo safe".
+ */
+import { logger } from '../utils/logger.js';
+/**
+ * Parse bash commands using a state-machine approach.
+ * Handles quotes, escapes, pipelines, chains, subshells.
+ */
+function fallbackParse(input, depth = 0) {
+    if (depth > 10) {
+        return { commands: [{ command: input, args: [], raw: input, connector: null, isSubshell: false }], usedTreeSitter: false, warnings: ['Parse depth limit exceeded'] };
+    }
+    const commands = [];
+    const warnings = [];
+    // First, handle `bash -c "..."` and `sh -c "..."` wrapper
+    const bashCMatch = input.match(/^(bash|sh|zsh)\s+(-[a-z]*c)\s+(['"])([\s\S]*?)\3\s*$/);
+    if (bashCMatch) {
+        const innerResult = fallbackParse(bashCMatch[4], depth + 1);
+        // Also add the outer shell command
+        return {
+            commands: [
+                { command: bashCMatch[1], args: [bashCMatch[2], bashCMatch[4]], raw: input, connector: null, isSubshell: false },
+                ...innerResult.commands.map(c => ({ ...c, isSubshell: true })),
+            ],
+            usedTreeSitter: false,
+            warnings: innerResult.warnings,
+        };
+    }
+    // Tokenize: split on unquoted separators (&&, ||, |, ;)
+    const segments = [];
+    let current = '';
+    let quoteState = 'none';
+    let escaped = false;
+    let parenDepth = 0;
+    for (let i = 0; i < input.length; i++) {
+        const ch = input[i];
+        const next = input[i + 1];
+        if (escaped) {
+            current += ch;
+            escaped = false;
+            continue;
+        }
+        if (ch === '\\') {
+            escaped = true;
+            current += ch;
+            continue;
+        }
+        // Quote handling
+        if (quoteState === 'none') {
+            if (ch === "'") {
+                quoteState = 'single';
+                current += ch;
+                continue;
+            }
+            if (ch === '"') {
+                quoteState = 'double';
+                current += ch;
+                continue;
+            }
+            if (ch === '`') {
+                quoteState = 'backtick';
+                current += ch;
+                continue;
+            }
+        }
+        else if (quoteState === 'single' && ch === "'") {
+            quoteState = 'none';
+            current += ch;
+            continue;
+        }
+        else if (quoteState === 'double' && ch === '"') {
+            quoteState = 'none';
+            current += ch;
+            continue;
+        }
+        else if (quoteState === 'backtick' && ch === '`') {
+            quoteState = 'none';
+            current += ch;
+            continue;
+        }
+        if (quoteState !== 'none') {
+            current += ch;
+            continue;
+        }
+        // Subshell/group tracking
+        if (ch === '(' || ch === '{') {
+            parenDepth++;
+            current += ch;
+            continue;
+        }
+        if (ch === ')' || ch === '}') {
+            parenDepth--;
+            current += ch;
+            continue;
+        }
+        if (parenDepth > 0) {
+            current += ch;
+            continue;
+        }
+        // Separators (only at top level, outside quotes)
+        if (ch === '&' && next === '&') {
+            segments.push({ text: current.trim(), connector: '&&' });
+            current = '';
+            i++; // skip next &
+            continue;
+        }
+        if (ch === '|' && next === '|') {
+            segments.push({ text: current.trim(), connector: '||' });
+            current = '';
+            i++; // skip next |
+            continue;
+        }
+        if (ch === '|') {
+            segments.push({ text: current.trim(), connector: '|' });
+            current = '';
+            continue;
+        }
+        if (ch === ';') {
+            segments.push({ text: current.trim(), connector: ';' });
+            current = '';
+            continue;
+        }
+        current += ch;
+    }
+    if (current.trim()) {
+        segments.push({ text: current.trim(), connector: null });
+    }
+    // Parse each segment into a command
+    for (const seg of segments) {
+        if (!seg.text)
+            continue;
+        // Handle command substitution $(...) recursively
+        const subCmdMatch = seg.text.match(/\$\((.+)\)/);
+        if (subCmdMatch) {
+            const innerResult = fallbackParse(subCmdMatch[1], depth + 1);
+            commands.push(...innerResult.commands.map(c => ({ ...c, isSubshell: true })));
+        }
+        // Handle subshell (...)
+        const subshellMatch = seg.text.match(/^\((.+)\)$/);
+        if (subshellMatch) {
+            const innerResult = fallbackParse(subshellMatch[1], depth + 1);
+            commands.push(...innerResult.commands.map(c => ({ ...c, isSubshell: true })));
+            continue;
+        }
+        // Strip env var assignments at the start: VAR=value cmd args
+        let cmdText = seg.text;
+        while (/^\w+=\S*\s/.test(cmdText)) {
+            cmdText = cmdText.replace(/^\w+=\S*\s+/, '');
+        }
+        // Strip redirections from the end for command detection
+        const cleanText = cmdText
+            .replace(/\s*[0-9]*>[>&]*\s*\S+/g, '')
+            .replace(/\s*<\s*\S+/g, '')
+            .trim();
+        if (!cleanText)
+            continue;
+        // Split into command and args
+        const parts = tokenizeSimple(cleanText);
+        if (parts.length === 0)
+            continue;
+        commands.push({
+            command: parts[0],
+            args: parts.slice(1),
+            raw: seg.text,
+            connector: seg.connector,
+            isSubshell: false,
+        });
+    }
+    if (quoteState !== 'none') {
+        warnings.push(`Unclosed ${quoteState} quote`);
+    }
+    return { commands, usedTreeSitter: false, warnings };
+}
+/**
+ * Simple tokenizer that respects quotes.
+ */
+function tokenizeSimple(input) {
+    const tokens = [];
+    let current = '';
+    let inSingle = false;
+    let inDouble = false;
+    for (let i = 0; i < input.length; i++) {
+        const ch = input[i];
+        if (ch === "'" && !inDouble) {
+            inSingle = !inSingle;
+            continue;
+        }
+        if (ch === '"' && !inSingle) {
+            inDouble = !inDouble;
+            continue;
+        }
+        if (ch === ' ' && !inSingle && !inDouble) {
+            if (current) {
+                tokens.push(current);
+                current = '';
+            }
+            continue;
+        }
+        current += ch;
+    }
+    if (current)
+        tokens.push(current);
+    return tokens;
+}
+// ============================================================================
+// Public API
+// ============================================================================
+/**
+ * Parse a bash command string into individual commands.
+ * Uses tree-sitter if available, falls back to state-machine parser.
+ */
+export function parseBashCommand(input) {
+    if (!input || !input.trim()) {
+        return { commands: [], usedTreeSitter: false, warnings: [] };
+    }
+    // Try tree-sitter first (optional dependency)
+    try {
+        // Dynamic import — only works if tree-sitter + tree-sitter-bash are installed
+        // eslint-disable-next-line @typescript-eslint/no-require-imports
+        const Parser = require('tree-sitter');
+        // eslint-disable-next-line @typescript-eslint/no-require-imports
+        const Bash = require('tree-sitter-bash');
+        const parser = new Parser();
+        parser.setLanguage(Bash);
+        const tree = parser.parse(input);
+        const commands = extractCommandsFromTree(tree.rootNode, input);
+        logger.debug('Parsed bash with tree-sitter', { commandCount: commands.length });
+        return { commands, usedTreeSitter: true, warnings: [] };
+    }
+    catch {
+        // tree-sitter not available — use fallback
+    }
+    return fallbackParse(input);
+}
+/**
+ * Extract commands from a tree-sitter AST node.
+ */
+function extractCommandsFromTree(node, _source, isSubshell = false) {
+    const commands = [];
+    function walk(n, subshell) {
+        switch (n.type) {
+            case 'command': {
+                const parts = [];
+                for (let i = 0; i < n.childCount; i++) {
+                    const child = n.child(i);
+                    if (child.type === 'command_name' || child.type === 'word' || child.type === 'string') {
+                        parts.push(child.text);
+                    }
+                }
+                if (parts.length > 0) {
+                    commands.push({
+                        command: parts[0],
+                        args: parts.slice(1),
+                        raw: n.text,
+                        connector: null,
+                        isSubshell: subshell,
+                    });
+                }
+                break;
+            }
+            case 'pipeline':
+            case 'list':
+            case 'compound_statement':
+                for (let i = 0; i < n.childCount; i++) {
+                    walk(n.child(i), subshell);
+                }
+                break;
+            case 'subshell':
+            case 'command_substitution':
+                for (let i = 0; i < n.childCount; i++) {
+                    walk(n.child(i), true);
+                }
+                break;
+            default:
+                for (let i = 0; i < n.childCount; i++) {
+                    walk(n.child(i), subshell);
+                }
+        }
+    }
+    walk(node, isSubshell);
+    return commands;
+}
+/**
+ * Extract just the command names from a bash string (convenience).
+ */
+export function extractCommandNames(input) {
+    const result = parseBashCommand(input);
+    return result.commands.map(c => c.command);
+}
+/**
+ * Check if a bash command string contains any of the given commands.
+ */
+export function containsCommand(input, commands) {
+    const names = extractCommandNames(input);
+    return names.some(name => commands.includes(name));
+}
+/**
+ * Check if a bash command string contains dangerous commands.
+ */
+export function containsDangerousCommand(input) {
+    const DANGEROUS = [
+        'rm', 'rmdir', 'mkfs', 'dd', 'fdisk', 'parted',
+        'shutdown', 'reboot', 'poweroff', 'halt',
+        'kill', 'killall', 'pkill',
+        'chmod', 'chown', 'chgrp',
+        'iptables', 'ip6tables', 'nft',
+        'useradd', 'userdel', 'usermod', 'groupadd',
+        'mount', 'umount',
+        'systemctl', 'service',
+        'crontab',
+    ];
+    const result = parseBashCommand(input);
+    const found = result.commands
+        .map(c => c.command)
+        .filter(name => DANGEROUS.includes(name));
+    return { dangerous: found.length > 0, commands: [...new Set(found)] };
+}
+//# sourceMappingURL=bash-parser.js.map

package/dist/security/bash-parser.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"bash-parser.js","sourceRoot":"","sources":["../../src/security/bash-parser.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AA6B5C;;;GAGG;AACH,SAAS,aAAa,CAAC,KAAa,EAAE,QAAgB,CAAC;IACrD,IAAI,KAAK,GAAG,EAAE,EAAE,CAAC;QAAC,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE,CAAC,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,4BAA4B,CAAC,EAAE,CAAC;IAAC,CAAC;IACzL,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,0DAA0D;IAC1D,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;IACvF,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,WAAW,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QAC5D,mCAAmC;QACnC,OAAO;YACL,QAAQ,EAAE;gBACR,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE,IAAI,EAAE,UAAU,EAAE,KAAK,EAAE;gBAChH,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC;aAC/D;YACD,cAAc,EAAE,KAAK;YACrB,QAAQ,EAAE,WAAW,CAAC,QAAQ;SAC/B,CAAC;IACJ,CAAC;IAED,wDAAwD;IACxD,MAAM,QAAQ,GAAiD,EAAE,CAAC;IAClE,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,UAAU,GAAe,MAAM,CAAC;IACpC,IAAI,OAAO,GAAG,KAAK,CAAC;IACpB,IAAI,UAAU,GAAG,CAAC,CAAC;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACpB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAE1B,IAAI,OAAO,EAAE,CAAC;YACZ,OAAO,IAAI,EAAE,CAAC;YACd,OAAO,GAAG,KAAK,CAAC;YAChB,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,IAAI,EAAE,CAAC;YAChB,OAAO,GAAG,IAAI,CAAC;YACf,OAAO,IAAI,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QAED,iBAAiB;QACjB,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YAC1B,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBAAC,UAAU,GAAG,QAAQ,CAAC;gBAAC,OAAO,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;YACnE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBAAC,UAAU,GAAG,QAAQ,CAAC;gBAAC,OAAO,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;YACnE,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;gBAAC,UAAU,GAAG,UAAU,CAAC;gBAAC,OAAO,IAAI,EAAE,CAAC;gBAAC,SAAS;YAAC,CAAC;QACvE,CAAC;aAAM,IAAI,UAAU,KAAK,QAAQ,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACjD,UAAU,GAAG,MAAM,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAC/C,CAAC;aAAM,IAAI,UAAU,KAAK,QAAQ,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACjD,UAAU,GAAG,MAAM,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAC/C,CAAC;aAAM,IAAI,UAAU,KAAK,UAAU,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACnD,UAAU,GAAG,MAAM,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAC/C,CAAC;QAED,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YAC1B,OAAO,IAAI,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QAED,0BAA0B;QAC1B,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAAC,UAAU,EAAE,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QACxE,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAAC,UAAU,EAAE,CAAC;YAAC,OAAO,IAAI,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QAExE,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;YACnB,OAAO,IAAI,EAAE,CAAC;YACd,SAAS;QACX,CAAC;QAED,iDAAiD;QACjD,IAAI,EAAE,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzD,OAAO,GAAG,EAAE,CAAC;YACb,CAAC,EAAE,CAAC,CAAC,cAAc;YACnB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,IAAI,IAAI,KAAK,GAAG,EAAE,CAAC;YAC/B,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YACzD,OAAO,GAAG,EAAE,CAAC;YACb,CAAC,EAAE,CAAC,CAAC,cAAc;YACnB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;YACxD,OAAO,GAAG,EAAE,CAAC;YACb,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,GAAG,EAAE,CAAC,CAAC;YACxD,OAAO,GAAG,EAAE,CAAC;YACb,SAAS;QACX,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QACnB,QAAQ,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,CAAC;IAED,oCAAoC;IACpC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC,GAAG,CAAC,IAAI;YAAE,SAAS;QAExB,iDAAiD;QACjD,MAAM,WAAW,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QACjD,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,WAAW,GAAG,aAAa,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChF,CAAC;QAED,wBAAwB;QACxB,MAAM,aAAa,GAAG,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QACnD,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,WAAW,GAAG,aAAa,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;YAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9E,SAAS;QACX,CAAC;QAED,6DAA6D;QAC7D,IAAI,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC;QACvB,OAAO,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC;QAC/C,CAAC;QAED,wDAAwD;QACxD,MAAM,SAAS,GAAG,OAAO;aACtB,OAAO,CAAC,wBAAwB,EAAE,EAAE,CAAC;aACrC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC;aAC1B,IAAI,EAAE,CAAC;QAEV,IAAI,CAAC,SAAS;YAAE,SAAS;QAEzB,8BAA8B;QAC9B,MAAM,KAAK,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;QACxC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;YAAE,SAAS;QAEjC,QAAQ,CAAC,IAAI,CAAC;YACZ,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;YACjB,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;YACpB,GAAG,EAAE,GAAG,CAAC,IAAI;YACb,SAAS,EAAE,GAAG,CAAC,SAAS;YACxB,UAAU,EAAE,KAAK;SAClB,CAAC,CAAC;IACL,CAAC;IAED,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;QAC1B,QAAQ,CAAC,IAAI,CAAC,YAAY,UAAU,QAAQ,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC;AACvD,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,KAAa;IACnC,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,OAAO,GAAG,EAAE,CAAC;IACjB,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,QAAQ,GAAG,KAAK,CAAC;IAErB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEpB,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,QAAQ,GAAG,CAAC,QAAQ,CAAC;YACrB,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC5B,QAAQ,GAAG,CAAC,QAAQ,CAAC;YACrB,SAAS;QACX,CAAC;QAED,IAAI,EAAE,KAAK,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,EAAE,CAAC;YACzC,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBACrB,OAAO,GAAG,EAAE,CAAC;YACf,CAAC;YACD,SAAS;QACX,CAAC;QAED,OAAO,IAAI,EAAE,CAAC;IAChB,CAAC;IAED,IAAI,OAAO;QAAE,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAClC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,+EAA+E;AAC/E,aAAa;AACb,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,UAAU,gBAAgB,CAAC,KAAa;IAC5C,IAAI,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,EAAE,CAAC;QAC5B,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,cAAc,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC/D,CAAC;IAED,8CAA8C;IAC9C,IAAI,CAAC;QACH,8EAA8E;QAC9E,iEAAiE;QACjE,MAAM,MAAM,GAAG,OAAO,CAAC,aAAa,CAAC,CAAC;QACtC,iEAAiE;QACjE,MAAM,IAAI,GAAG,OAAO,CAAC,kBAAkB,CAAC,CAAC;QAEzC,MAAM,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;QAC5B,MAAM,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QACzB,MAAM,IAAI,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAEjC,MAAM,QAAQ,GAAG,uBAAuB,CAAC,IAAI,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC/D,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC;QAEhF,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,2CAA2C;IAC7C,CAAC;IAED,OAAO,aAAa,CAAC,KAAK,CAAC,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAC9B,IAAmM,EACnM,OAAe,EACf,UAAU,GAAG,KAAK;IAElB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,SAAS,IAAI,CAAC,CAAc,EAAE,QAAiB;QAC7C,QAAQ,CAAC,CAAC,IAAI,EAAE,CAAC;YACf,KAAK,SAAS,CAAC,CAAC,CAAC;gBACf,MAAM,KAAK,GAAa,EAAE,CAAC;gBAC3B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,CAAC;oBACxC,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc,IAAI,KAAK,CAAC,IAAI,KAAK,MAAM,IAAI,KAAK,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;wBACtF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;gBACD,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,QAAQ,CAAC,IAAI,CAAC;wBACZ,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;wBACjB,IAAI,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC;wBACpB,GAAG,EAAE,CAAC,CAAC,IAAI;wBACX,SAAS,EAAE,IAAI;wBACf,UAAU,EAAE,QAAQ;qBACrB,CAAC,CAAC;gBACL,CAAC;gBACD,MAAM;YACR,CAAC;YACD,KAAK,UAAU,CAAC;YAChB,KAAK,MAAM,CAAC;YACZ,KAAK,oBAAoB;gBACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,EAAE,QAAQ,CAAC,CAAC;gBAC5C,CAAC;gBACD,MAAM;YACR,KAAK,UAAU,CAAC;YAChB,KAAK,sBAAsB;gBACzB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,EAAE,IAAI,CAAC,CAAC;gBACxC,CAAC;gBACD,MAAM;YACR;gBACE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAgB,EAAE,QAAQ,CAAC,CAAC;gBAC5C,CAAC;QACL,CAAC;IACH,CAAC;IAED,IAAI,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;IACvB,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,KAAa;IAC/C,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACvC,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;AAC7C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,KAAa,EAAE,QAAkB;IAC/D,MAAM,KAAK,GAAG,mBAAmB,CAAC,KAAK,CAAC,CAAC;IACzC,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB,CAAC,KAAa;IACpD,MAAM,SAAS,GAAG;QAChB,IAAI,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ;QAC9C,UAAU,EAAE,QAAQ,EAAE,UAAU,EAAE,MAAM;QACxC,MAAM,EAAE,SAAS,EAAE,OAAO;QAC1B,OAAO,EAAE,OAAO,EAAE,OAAO;QACzB,UAAU,EAAE,WAAW,EAAE,KAAK;QAC9B,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,UAAU;QAC3C,OAAO,EAAE,QAAQ;QACjB,WAAW,EAAE,SAAS;QACtB,SAAS;KACV,CAAC;IAEF,MAAM,MAAM,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACvC,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ;SAC1B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC;SACnB,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAE5C,OAAO,EAAE,SAAS,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;AACxE,CAAC"}

package/dist/security/index.d.ts

@@ -9,17 +9,19 @@
  * - Permission configuration
  * - Command validation and sanitization
  */
-export * from './tool-policy/index.js';
-export * from './bash-allowlist/index.js';
+export type { ToolGroup, PolicyProfile, PolicyAction, PolicyRule, PolicyCondition, ProfileDefinition, PolicyDecision, PolicyContext, PolicySource, PolicyConfig, PolicyEvents, } from './tool-policy/index.js';
+export { ALL_TOOL_GROUPS, DEFAULT_POLICY_CONFIG, getParentGroup, isChildGroup, TOOL_GROUPS, getToolGroups, getToolsInGroup, isToolInGroup, registerToolGroups, unregisterToolGroups, getAllRegisteredTools, getGroupStats, PROFILES, getProfile, getProfileNames, getProfileRules, formatProfile, getProfileComparison, PolicyResolver, resolveMultiple, filterByPolicy, getAllowedTools, PolicyManager, getPolicyManager, resetPolicyManager, isToolAllowed, toolRequiresConfirmation, isToolDenied, } from './tool-policy/index.js';
+export type { PatternType, ApprovalDecision, ApprovalPattern, PatternSource, AllowlistCheckResult, ApprovalPromptOptions, ApprovalPromptResult, AllowlistConfig, AllowlistEvents, } from './bash-allowlist/index.js';
+export { DEFAULT_ALLOWLIST_CONFIG, DEFAULT_SAFE_PATTERNS, DEFAULT_DENY_PATTERNS, matchPattern, matchApprovalPattern, findBestMatch, validatePattern, suggestPattern, extractBaseCommand, isPatternDangerous, AllowlistStore, getAllowlistStore, resetAllowlistStore, ApprovalFlowManager, getApprovalFlowManager, resetApprovalFlowManager, } from './bash-allowlist/index.js';
 export { ApprovalModeManager, getApprovalModeManager, resetApprovalModeManager } from './approval-modes.js';
 export type { ApprovalMode, OperationType, OperationRequest, ApprovalResult, ApprovalModeConfig } from './approval-modes.js';
-export * from './sandbox.js';
+export { SandboxManager, getSandboxManager, resetSandboxManager, type SandboxConfig, type SandboxResult, } from './sandbox.js';
 export { CredentialManager, getCredentialManager, getApiKey, setApiKey } from './credential-manager.js';
 export type { CredentialConfig, StoredCredentials } from './credential-manager.js';
 export { getSecurityModeManager, SecurityModeManager } from './security-modes.js';
 export type { SecurityMode } from './security-modes.js';
-export * from './permission-config.js';
-export * from './data-redaction.js';
+export { PermissionManager, getPermissionManager, resetPermissionManager, type PermissionConfig, type PermissionCheckResult, } from './permission-config.js';
+export { DataRedactionEngine, getDataRedactionEngine, resetDataRedactionEngine, redactSecrets, containsSecrets, type RedactionPattern, type RedactionCategory, type RedactionResult, type RedactionMatch, type RedactionStats, type RedactionConfig, } from './data-redaction.js';
 export type { AuditSeverity, AuditCategory, AuditFinding, AuditResult, SecurityAuditConfig, } from './security-audit.js';
 export { SecurityAuditor, getSecurityAuditor, resetSecurityAuditor, DEFAULT_SECURITY_AUDIT_CONFIG, } from './security-audit.js';
 import { EventEmitter } from 'events';

package/dist/security/index.js

@@ -9,19 +9,20 @@
  * - Permission configuration
  * - Command validation and sanitization
  */
-// Tool Policy System (new)
-export * from './tool-policy/index.js';
-// Bash Allowlist System (new)
-export * from './bash-allowlist/index.js';
+export { ALL_TOOL_GROUPS, DEFAULT_POLICY_CONFIG, getParentGroup, isChildGroup, TOOL_GROUPS, getToolGroups, getToolsInGroup, isToolInGroup, registerToolGroups, unregisterToolGroups, getAllRegisteredTools, getGroupStats, PROFILES, getProfile, getProfileNames, getProfileRules, formatProfile, getProfileComparison, PolicyResolver, resolveMultiple, filterByPolicy, getAllowedTools, PolicyManager, getPolicyManager, resetPolicyManager, isToolAllowed, toolRequiresConfirmation, isToolDenied, } from './tool-policy/index.js';
+export { DEFAULT_ALLOWLIST_CONFIG, DEFAULT_SAFE_PATTERNS, DEFAULT_DENY_PATTERNS, matchPattern, matchApprovalPattern, findBestMatch, validatePattern, suggestPattern, extractBaseCommand, isPatternDangerous, AllowlistStore, getAllowlistStore, resetAllowlistStore, ApprovalFlowManager, getApprovalFlowManager, resetApprovalFlowManager, } from './bash-allowlist/index.js';
 // Export specific items from approval-modes to avoid conflicts
 export { ApprovalModeManager, getApprovalModeManager, resetApprovalModeManager } from './approval-modes.js';
-export * from './sandbox.js';
+// Sandbox
+export { SandboxManager, getSandboxManager, resetSandboxManager, } from './sandbox.js';
 // Credential management
 export { CredentialManager, getCredentialManager, getApiKey, setApiKey } from './credential-manager.js';
 // Export security-modes with renamed ApprovalResult to avoid conflict
 export { getSecurityModeManager, SecurityModeManager } from './security-modes.js';
-export * from './permission-config.js';
-export * from './data-redaction.js';
+// Permission config
+export { PermissionManager, getPermissionManager, resetPermissionManager, } from './permission-config.js';
+// Data redaction
+export { DataRedactionEngine, getDataRedactionEngine, resetDataRedactionEngine, redactSecrets, containsSecrets, } from './data-redaction.js';
 export { SecurityAuditor, getSecurityAuditor, resetSecurityAuditor, DEFAULT_SECURITY_AUDIT_CONFIG, } from './security-audit.js';
 import { EventEmitter } from 'events';
 import { getApprovalModeManager } from './approval-modes.js';

package/dist/security/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAEH,2BAA2B;AAC3B,cAAc,wBAAwB,CAAC;AAEvC,8BAA8B;AAC9B,cAAc,2BAA2B,CAAC;AAE1C,+DAA+D;AAC/D,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,wBAAwB,EACzB,MAAM,qBAAqB,CAAC;AAU7B,cAAc,cAAc,CAAC;AAE7B,wBAAwB;AACxB,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,SAAS,EACT,SAAS,EACV,MAAM,yBAAyB,CAAC;AAOjC,sEAAsE;AACtE,OAAO,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAGlF,cAAc,wBAAwB,CAAC;AACvC,cAAc,qBAAqB,CAAC;AAWpC,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,sBAAsB,EAAkD,MAAM,qBAAqB,CAAC;AAC7G,OAAO,EAAE,iBAAiB,EAAiB,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAgB,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EAAmB,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AA8C9E,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E,MAAM,cAAc,GAAmB;IACrC,OAAO,EAAE,IAAI;IACb,YAAY,EAAE,MAAM;IACpB,YAAY,EAAE,SAAS;IACvB,cAAc,EAAE,IAAI;IACpB,gBAAgB,EAAE,IAAI;IACtB,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E,MAAM,OAAO,eAAgB,SAAQ,YAAY;IACvC,MAAM,CAAiB;IACvB,MAAM,GAAoB,EAAE,CAAC;IAC7B,KAAK,CAAgB;IACrB,SAAS,GAAW,GAAG,CAAC;IAEhC,YAAY,SAAkC,EAAE;QAC9C,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;QAC/C,IAAI,CAAC,KAAK,GAAG;YACX,eAAe,EAAE,CAAC;YAClB,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,CAAC;YAChB,OAAO,EAAE,CAAC;YACV,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;SACb,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,UAAU;QACR,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAElD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAAyB;QACrC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;QAC7E,CAAC;QAED,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,MAAM,MAAM,GAAG,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAEtD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAE7B,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;YAC1B,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACxE,CAAC;aAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC3B,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;YAC3B,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC1D,CAAC;aAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,OAAe;QAClC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAChC,OAAO;gBACL,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,KAAK;gBACf,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,MAAM,cAAc,GAAG,iBAAiB,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAErD,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,IAAY;QACjB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;YAClC,OAAO;gBACL,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,EAAE;gBACd,KAAK,EAAE;oBACL,eAAe,EAAE,CAAC;oBAClB,UAAU,EAAE,EAA4B;oBACxC,UAAU,EAAE,EAA4B;iBACzC;aACF,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,sBAAsB,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAEnC,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YACtB,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE;gBAChD,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,MAAM;aAChC,CAAC,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAAe;QAC7B,MAAM,iBAAiB,GAAG;YACxB,EAAE,OAAO,EAAE,uCAAuC,EAAE,OAAO,EAAE,wBAAwB,EAAE;YACvF,EAAE,OAAO,EAAE,uBAAuB,EAAE,OAAO,EAAE,6BAA6B,EAAE;YAC5E,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,2BAA2B,EAAE;YAC7D,EAAE,OAAO,EAAE,2BAA2B,EAAE,OAAO,EAAE,yBAAyB,EAAE;YAC5E,EAAE,OAAO,EAAE,2CAA2C,EAAE,OAAO,EAAE,oBAAoB,EAAE;YACvF,EAAE,OAAO,EAAE,qBAAqB,EAAE,OAAO,EAAE,6BAA6B,EAAE;YAC1E,EAAE,OAAO,EAAE,uBAAuB,EAAE,OAAO,EAAE,sBAAsB,EAAE;YACrE,EAAE,OAAO,EAAE,uBAAuB,EAAE,OAAO,EAAE,sBAAsB,EAAE;YACrE,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,sBAAsB,EAAE;SAC7D,CAAC;QAEF,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,KAAK,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,iBAAiB,EAAE,CAAC;YACrD,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;QAEnC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,UAAU;QACR,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,MAAM,gBAAgB,GAAG,sBAAsB,EAAE,CAAC,CAAC,gCAAgC;QAEnF,OAAO;YACL,MAAM,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE;YAC1B,KAAK,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE;YACxB,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YACpC,kBAAkB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,KAAK,eAAe,CAAC,aAAa,EAAE,CAAC,WAAW,GAAG;YAClG,kBAAkB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;SAClD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,KAAc;QACtB,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,KAAK,GAAG;YACX,eAAe,EAAE,CAAC;YAClB,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,CAAC;YAChB,OAAO,EAAE,CAAC;YACV,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;SACb,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAA+B;QAC1C,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;QAE5C,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;YACjD,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;YACjD,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,eAAe;QACb,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAClC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAElC,MAAM,KAAK,GAAa;YACtB,wBAAwB;YACxB,EAAE;YACF,SAAS,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,EAAE;YAC5C,aAAa,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,EAAE;YAChD,EAAE;YACF,eAAe;YACf,uBAAuB,KAAK,CAAC,eAAe,EAAE;YAC9C,oBAAoB,KAAK,CAAC,YAAY,EAAE;YACxC,qBAAqB,KAAK,CAAC,aAAa,EAAE;YAC1C,cAAc,KAAK,CAAC,OAAO,EAAE;YAC7B,eAAe,KAAK,CAAC,QAAQ,EAAE;YAC/B,gBAAgB,KAAK,CAAC,SAAS,EAAE;YACjC,EAAE;YACF,aAAa;YACb,cAAc,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,EAAE;YAClE,gBAAgB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,EAAE;YACtE,cAAc,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,EAAE;SAC9D,CAAC;QAEF,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,kBAAkB,CAAC,CAAC;YACnC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACnD,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,kBAAkB,EAAE,CAAC;gBAC5D,KAAK,CAAC,IAAI,CAAC,MAAM,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,MAAM,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,+EAA+E;IAC/E,kBAAkB;IAClB,+EAA+E;IAEvE,WAAW,CACjB,IAA2B,EAC3B,MAAc,EACd,MAA+B,EAC/B,OAAiC;QAEjC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,OAAO;QAEnC,MAAM,KAAK,GAAkB;YAC3B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,IAAI;YACJ,MAAM;YACN,MAAM;YACN,OAAO;SACR,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAExB,kBAAkB;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;CACF;AAED,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,IAAI,eAAe,GAA2B,IAAI,CAAC;AAEnD,MAAM,UAAU,kBAAkB,CAAC,MAAgC;IACjE,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,eAAe,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,MAAgC;IACxE,MAAM,OAAO,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAC3C,OAAO,CAAC,UAAU,EAAE,CAAC;IACrB,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,kBAAkB,EAAE,CAAC;IACvC,CAAC;IACD,eAAe,GAAG,IAAI,CAAC;AACzB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;GAUG;AAQH,OAAO,EACL,eAAe,EAAE,qBAAqB,EAAE,cAAc,EAAE,YAAY,EACpE,WAAW,EAAE,aAAa,EAAE,eAAe,EAAE,aAAa,EAC1D,kBAAkB,EAAE,oBAAoB,EAAE,qBAAqB,EAAE,aAAa,EAC9E,QAAQ,EAAE,UAAU,EAAE,eAAe,EAAE,eAAe,EAAE,aAAa,EAAE,oBAAoB,EAC3F,cAAc,EAAE,eAAe,EAAE,cAAc,EAAE,eAAe,EAChE,aAAa,EAAE,gBAAgB,EAAE,kBAAkB,EACnD,aAAa,EAAE,wBAAwB,EAAE,YAAY,GACtD,MAAM,wBAAwB,CAAC;AAQhC,OAAO,EACL,wBAAwB,EAAE,qBAAqB,EAAE,qBAAqB,EACtE,YAAY,EAAE,oBAAoB,EAAE,aAAa,EAAE,eAAe,EAClE,cAAc,EAAE,kBAAkB,EAAE,kBAAkB,EACtD,cAAc,EAAE,iBAAiB,EAAE,mBAAmB,EACtD,mBAAmB,EAAE,sBAAsB,EAAE,wBAAwB,GACtE,MAAM,2BAA2B,CAAC;AAEnC,+DAA+D;AAC/D,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,wBAAwB,EACzB,MAAM,qBAAqB,CAAC;AAU7B,UAAU;AACV,OAAO,EACL,cAAc,EACd,iBAAiB,EACjB,mBAAmB,GAGpB,MAAM,cAAc,CAAC;AAEtB,wBAAwB;AACxB,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,SAAS,EACT,SAAS,EACV,MAAM,yBAAyB,CAAC;AAOjC,sEAAsE;AACtE,OAAO,EAAE,sBAAsB,EAAE,mBAAmB,EAAE,MAAM,qBAAqB,CAAC;AAGlF,oBAAoB;AACpB,OAAO,EACL,iBAAiB,EACjB,oBAAoB,EACpB,sBAAsB,GAGvB,MAAM,wBAAwB,CAAC;AAEhC,iBAAiB;AACjB,OAAO,EACL,mBAAmB,EACnB,sBAAsB,EACtB,wBAAwB,EACxB,aAAa,EACb,eAAe,GAOhB,MAAM,qBAAqB,CAAC;AAW7B,OAAO,EACL,eAAe,EACf,kBAAkB,EAClB,oBAAoB,EACpB,6BAA6B,GAC9B,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,YAAY,EAAE,MAAM,QAAQ,CAAC;AACtC,OAAO,EAAE,sBAAsB,EAAkD,MAAM,qBAAqB,CAAC;AAC7G,OAAO,EAAE,iBAAiB,EAAiB,MAAM,cAAc,CAAC;AAChE,OAAO,EAAE,sBAAsB,EAAgB,MAAM,qBAAqB,CAAC;AAC3E,OAAO,EAAmB,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AA8C9E,+EAA+E;AAC/E,wBAAwB;AACxB,+EAA+E;AAE/E,MAAM,cAAc,GAAmB;IACrC,OAAO,EAAE,IAAI;IACb,YAAY,EAAE,MAAM;IACpB,YAAY,EAAE,SAAS;IACvB,cAAc,EAAE,IAAI;IACpB,gBAAgB,EAAE,IAAI;IACtB,SAAS,EAAE,IAAI;CAChB,CAAC;AAEF,+EAA+E;AAC/E,yBAAyB;AACzB,+EAA+E;AAE/E,MAAM,OAAO,eAAgB,SAAQ,YAAY;IACvC,MAAM,CAAiB;IACvB,MAAM,GAAoB,EAAE,CAAC;IAC7B,KAAK,CAAgB;IACrB,SAAS,GAAW,GAAG,CAAC;IAEhC,YAAY,SAAkC,EAAE;QAC9C,KAAK,EAAE,CAAC;QACR,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,cAAc,EAAE,GAAG,MAAM,EAAE,CAAC;QAC/C,IAAI,CAAC,KAAK,GAAG;YACX,eAAe,EAAE,CAAC;YAClB,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,CAAC;YAChB,OAAO,EAAE,CAAC;YACV,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;SACb,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,UAAU;QACR,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAElD,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAElD,IAAI,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,aAAa,CAAC,OAAyB;QACrC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YACzB,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,oBAAoB,EAAE,KAAK,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC;QAC7E,CAAC;QAED,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,MAAM,MAAM,GAAG,eAAe,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;QAEtD,IAAI,CAAC,KAAK,CAAC,eAAe,EAAE,CAAC;QAE7B,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,CAAC;YAC1B,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC;QACxE,CAAC;aAAM,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC3B,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;YAC3B,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;QAC1D,CAAC;aAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YACrB,IAAI,CAAC,WAAW,CAAC,UAAU,EAAE,OAAO,CAAC,IAAI,EAAE,SAAS,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;QACnF,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,cAAc,CAAC,OAAe;QAClC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAChC,OAAO;gBACL,MAAM,EAAE,EAAE;gBACV,MAAM,EAAE,EAAE;gBACV,QAAQ,EAAE,CAAC;gBACX,QAAQ,EAAE,KAAK;gBACf,SAAS,EAAE,KAAK;aACjB,CAAC;QACJ,CAAC;QAED,MAAM,cAAc,GAAG,iBAAiB,EAAE,CAAC;QAC3C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QAErD,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;YACrB,IAAI,CAAC,KAAK,CAAC,SAAS,EAAE,CAAC;YACvB,IAAI,CAAC,WAAW,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,IAAY;QACjB,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,gBAAgB,EAAE,CAAC;YAClC,OAAO;gBACL,QAAQ,EAAE,IAAI;gBACd,QAAQ,EAAE,IAAI;gBACd,UAAU,EAAE,EAAE;gBACd,KAAK,EAAE;oBACL,eAAe,EAAE,CAAC;oBAClB,UAAU,EAAE,EAA4B;oBACxC,UAAU,EAAE,EAA4B;iBACzC;aACF,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,sBAAsB,EAAE,CAAC;QACxC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAEnC,IAAI,MAAM,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACjC,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;YACtB,IAAI,CAAC,WAAW,CAAC,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE;gBAChD,KAAK,EAAE,MAAM,CAAC,UAAU,CAAC,MAAM;aAChC,CAAC,CAAC;QACL,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,OAAe;QAC7B,MAAM,iBAAiB,GAAG;YACxB,EAAE,OAAO,EAAE,uCAAuC,EAAE,OAAO,EAAE,wBAAwB,EAAE;YACvF,EAAE,OAAO,EAAE,uBAAuB,EAAE,OAAO,EAAE,6BAA6B,EAAE;YAC5E,EAAE,OAAO,EAAE,UAAU,EAAE,OAAO,EAAE,2BAA2B,EAAE;YAC7D,EAAE,OAAO,EAAE,2BAA2B,EAAE,OAAO,EAAE,yBAAyB,EAAE;YAC5E,EAAE,OAAO,EAAE,2CAA2C,EAAE,OAAO,EAAE,oBAAoB,EAAE;YACvF,EAAE,OAAO,EAAE,qBAAqB,EAAE,OAAO,EAAE,6BAA6B,EAAE;YAC1E,EAAE,OAAO,EAAE,uBAAuB,EAAE,OAAO,EAAE,sBAAsB,EAAE;YACrE,EAAE,OAAO,EAAE,uBAAuB,EAAE,OAAO,EAAE,sBAAsB,EAAE;YACrE,EAAE,OAAO,EAAE,cAAc,EAAE,OAAO,EAAE,sBAAsB,EAAE;SAC7D,CAAC;QAEF,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,KAAK,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,IAAI,iBAAiB,EAAE,CAAC;YACrD,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC1B,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;QAED,MAAM,IAAI,GAAG,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;QAEnC,IAAI,CAAC,IAAI,EAAE,CAAC;YACV,IAAI,CAAC,WAAW,CAAC,YAAY,EAAE,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,SAAS,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpF,CAAC;QAED,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC;IAC5B,CAAC;IAED;;OAEG;IACH,UAAU;QACR,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;QACjD,MAAM,gBAAgB,GAAG,sBAAsB,EAAE,CAAC,CAAC,gCAAgC;QAEnF,OAAO;YACL,MAAM,EAAE,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE;YAC1B,KAAK,EAAE,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE;YACxB,YAAY,EAAE,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC;YACpC,kBAAkB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,KAAK,eAAe,CAAC,aAAa,EAAE,CAAC,WAAW,GAAG;YAClG,kBAAkB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE;SAClD,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,QAAQ;QACN,OAAO,EAAE,GAAG,IAAI,CAAC,KAAK,EAAE,CAAC;IAC3B,CAAC;IAED;;OAEG;IACH,SAAS,CAAC,KAAc;QACtB,OAAO,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACH,UAAU;QACR,IAAI,CAAC,KAAK,GAAG;YACX,eAAe,EAAE,CAAC;YAClB,YAAY,EAAE,CAAC;YACf,aAAa,EAAE,CAAC;YAChB,OAAO,EAAE,CAAC;YACV,QAAQ,EAAE,CAAC;YACX,SAAS,EAAE,CAAC;SACb,CAAC;QACF,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,YAAY,CAAC,MAA+B;QAC1C,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,IAAI,CAAC,MAAM,EAAE,GAAG,MAAM,EAAE,CAAC;QAE5C,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;YACjD,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,MAAM,CAAC,YAAY,EAAE,CAAC;YACxB,MAAM,eAAe,GAAG,sBAAsB,EAAE,CAAC;YACjD,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;QAC/C,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,IAAI,CAAC,MAAM,CAAC,CAAC;IAC3C,CAAC;IAED;;OAEG;IACH,eAAe;QACb,MAAM,OAAO,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC;QAClC,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC;QAElC,MAAM,KAAK,GAAa;YACtB,wBAAwB;YACxB,EAAE;YACF,SAAS,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,EAAE;YAC5C,aAAa,MAAM,CAAC,YAAY,CAAC,WAAW,EAAE,EAAE;YAChD,EAAE;YACF,eAAe;YACf,uBAAuB,KAAK,CAAC,eAAe,EAAE;YAC9C,oBAAoB,KAAK,CAAC,YAAY,EAAE;YACxC,qBAAqB,KAAK,CAAC,aAAa,EAAE;YAC1C,cAAc,KAAK,CAAC,OAAO,EAAE;YAC7B,eAAe,KAAK,CAAC,QAAQ,EAAE;YAC/B,gBAAgB,KAAK,CAAC,SAAS,EAAE;YACjC,EAAE;YACF,aAAa;YACb,cAAc,MAAM,CAAC,cAAc,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,EAAE;YAClE,gBAAgB,MAAM,CAAC,gBAAgB,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,EAAE;YACtE,cAAc,MAAM,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,YAAY,EAAE;SAC9D,CAAC;QAEF,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACpC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,kBAAkB,CAAC,CAAC;YACnC,KAAK,MAAM,KAAK,IAAI,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBACnD,MAAM,IAAI,GAAG,IAAI,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,kBAAkB,EAAE,CAAC;gBAC5D,KAAK,CAAC,IAAI,CAAC,MAAM,IAAI,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,MAAM,MAAM,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;YAC7E,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,+EAA+E;IAC/E,kBAAkB;IAClB,+EAA+E;IAEvE,WAAW,CACjB,IAA2B,EAC3B,MAAc,EACd,MAA+B,EAC/B,OAAiC;QAEjC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS;YAAE,OAAO;QAEnC,MAAM,KAAK,GAAkB;YAC3B,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;YACrB,IAAI;YACJ,MAAM;YACN,MAAM;YACN,OAAO;SACR,CAAC;QAEF,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAExB,kBAAkB;QAClB,IAAI,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,SAAS,EAAE,CAAC;YACxC,IAAI,CAAC,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IAC5B,CAAC;CACF;AAED,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,IAAI,eAAe,GAA2B,IAAI,CAAC;AAEnD,MAAM,UAAU,kBAAkB,CAAC,MAAgC;IACjE,IAAI,CAAC,eAAe,EAAE,CAAC;QACrB,eAAe,GAAG,IAAI,eAAe,CAAC,MAAM,CAAC,CAAC;IAChD,CAAC;IACD,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,MAAM,UAAU,yBAAyB,CAAC,MAAgC;IACxE,MAAM,OAAO,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;IAC3C,OAAO,CAAC,UAAU,EAAE,CAAC;IACrB,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,oBAAoB;IAClC,IAAI,eAAe,EAAE,CAAC;QACpB,eAAe,CAAC,kBAAkB,EAAE,CAAC;IACvC,CAAC;IACD,eAAe,GAAG,IAAI,CAAC;AACzB,CAAC"}

package/dist/security/skill-scanner.d.ts

@@ -0,0 +1,36 @@
+/**
+ * Skill Code Scanner (OpenClaw-inspired)
+ *
+ * Static analysis of skill files for dangerous patterns.
+ * Scans SKILL.md files and any referenced code for security issues.
+ */
+export type FindingSeverity = 'critical' | 'high' | 'medium' | 'low' | 'info';
+export interface ScanFinding {
+    severity: FindingSeverity;
+    pattern: string;
+    description: string;
+    file: string;
+    line: number;
+    evidence: string;
+}
+export interface ScanResult {
+    file: string;
+    findings: ScanFinding[];
+    scannedAt: number;
+}
+/**
+ * Scan a single file for dangerous patterns.
+ */
+export declare function scanFile(filePath: string): ScanResult;
+/**
+ * Scan a directory of skill files recursively.
+ */
+export declare function scanDirectory(dirPath: string): ScanResult[];
+/**
+ * Scan all skill locations (bundled, managed, workspace).
+ */
+export declare function scanAllSkills(projectRoot?: string): ScanResult[];
+/**
+ * Format scan results as a human-readable report.
+ */
+export declare function formatScanReport(results: ScanResult[]): string;

package/dist/security/skill-scanner.js

@@ -0,0 +1,149 @@
+/**
+ * Skill Code Scanner (OpenClaw-inspired)
+ *
+ * Static analysis of skill files for dangerous patterns.
+ * Scans SKILL.md files and any referenced code for security issues.
+ */
+import fs from 'fs';
+import path from 'path';
+import { logger } from '../utils/logger.js';
+const DANGEROUS_PATTERNS = [
+    // Code execution
+    { pattern: /\beval\s*\(/, severity: 'critical', description: 'Dynamic code execution via eval()', name: 'eval' },
+    { pattern: /\bnew\s+Function\s*\(/, severity: 'critical', description: 'Dynamic function creation', name: 'new-function' },
+    { pattern: /\bchild_process\b/, severity: 'high', description: 'Child process module usage', name: 'child_process' },
+    { pattern: /\bexecSync\s*\(/, severity: 'high', description: 'Synchronous command execution', name: 'execSync' },
+    { pattern: /\bexecFile\s*\(/, severity: 'high', description: 'File execution', name: 'execFile' },
+    { pattern: /\bspawn\s*\(/, severity: 'medium', description: 'Process spawning', name: 'spawn' },
+    { pattern: /\bexec\s*\(/, severity: 'high', description: 'Command execution', name: 'exec' },
+    // File system dangers
+    { pattern: /\brm\s+-rf\b/, severity: 'critical', description: 'Recursive force delete', name: 'rm-rf' },
+    { pattern: /\bunlinkSync\s*\(/, severity: 'medium', description: 'Synchronous file deletion', name: 'unlinkSync' },
+    { pattern: /\bwriteFileSync\s*\(/, severity: 'low', description: 'Synchronous file write', name: 'writeFileSync' },
+    { pattern: /\brmdirSync\s*\(/, severity: 'medium', description: 'Directory removal', name: 'rmdirSync' },
+    // Network
+    { pattern: /\bfetch\s*\(\s*['"`]http/, severity: 'medium', description: 'External HTTP request', name: 'fetch-http' },
+    { pattern: /\baxios\b/, severity: 'low', description: 'HTTP client library usage', name: 'axios' },
+    { pattern: /\brequire\s*\(\s*['"`]https?['"`]\s*\)/, severity: 'medium', description: 'HTTP module import', name: 'http-require' },
+    { pattern: /\bWebSocket\b/, severity: 'medium', description: 'WebSocket usage', name: 'websocket' },
+    // Dynamic imports
+    { pattern: /\brequire\s*\([^'"`]/, severity: 'high', description: 'Dynamic require with variable', name: 'dynamic-require' },
+    { pattern: /\bimport\s*\([^'"`]/, severity: 'high', description: 'Dynamic import with variable', name: 'dynamic-import' },
+    // Environment/secrets
+    { pattern: /process\.env\[/, severity: 'low', description: 'Dynamic environment variable access', name: 'env-dynamic' },
+    { pattern: /\b(API_KEY|SECRET|PASSWORD|TOKEN)\b/i, severity: 'info', description: 'Possible secret reference', name: 'secret-ref' },
+    // Prototype pollution
+    { pattern: /__proto__/, severity: 'high', description: 'Prototype pollution risk', name: 'proto' },
+    { pattern: /\bconstructor\s*\[/, severity: 'high', description: 'Constructor access via bracket notation', name: 'constructor-bracket' },
+    // Shell injection
+    { pattern: /`\$\{.*\}`/, severity: 'medium', description: 'Template literal with interpolation (potential injection)', name: 'template-injection' },
+    { pattern: /\$\(.*\)/, severity: 'medium', description: 'Shell command substitution', name: 'shell-subst' },
+];
+/**
+ * Scan a single file for dangerous patterns.
+ */
+export function scanFile(filePath) {
+    const findings = [];
+    try {
+        const content = fs.readFileSync(filePath, 'utf-8');
+        const lines = content.split('\n');
+        for (let i = 0; i < lines.length; i++) {
+            const line = lines[i];
+            const lineNum = i + 1;
+            // Skip markdown comments and frontmatter delimiters
+            if (line.trim().startsWith('<!--') || line.trim() === '---')
+                continue;
+            for (const dp of DANGEROUS_PATTERNS) {
+                if (dp.pattern.test(line)) {
+                    findings.push({
+                        severity: dp.severity,
+                        pattern: dp.name,
+                        description: dp.description,
+                        file: filePath,
+                        line: lineNum,
+                        evidence: line.trim().slice(0, 120),
+                    });
+                }
+            }
+        }
+    }
+    catch (error) {
+        logger.debug(`Failed to scan file: ${filePath}`, { error });
+    }
+    return {
+        file: filePath,
+        findings,
+        scannedAt: Date.now(),
+    };
+}
+/**
+ * Scan a directory of skill files recursively.
+ */
+export function scanDirectory(dirPath) {
+    const results = [];
+    if (!fs.existsSync(dirPath))
+        return results;
+    const entries = fs.readdirSync(dirPath, { withFileTypes: true });
+    for (const entry of entries) {
+        const fullPath = path.join(dirPath, entry.name);
+        if (entry.isDirectory()) {
+            results.push(...scanDirectory(fullPath));
+        }
+        else if (entry.name.endsWith('.skill.md') ||
+            entry.name === 'SKILL.md' ||
+            entry.name.endsWith('.ts') ||
+            entry.name.endsWith('.js')) {
+            const result = scanFile(fullPath);
+            if (result.findings.length > 0) {
+                results.push(result);
+            }
+        }
+    }
+    return results;
+}
+/**
+ * Scan all skill locations (bundled, managed, workspace).
+ */
+export function scanAllSkills(projectRoot = process.cwd()) {
+    const skillDirs = [
+        path.join(projectRoot, '.codebuddy', 'skills', 'bundled'),
+        path.join(projectRoot, '.codebuddy', 'skills', 'managed'),
+        path.join(projectRoot, '.codebuddy', 'skills', 'workspace'),
+    ];
+    const results = [];
+    for (const dir of skillDirs) {
+        results.push(...scanDirectory(dir));
+    }
+    return results;
+}
+/**
+ * Format scan results as a human-readable report.
+ */
+export function formatScanReport(results) {
+    if (results.length === 0) {
+        return 'Skill scan: No security issues found.';
+    }
+    const allFindings = results.flatMap(r => r.findings);
+    const bySeverity = {
+        critical: allFindings.filter(f => f.severity === 'critical'),
+        high: allFindings.filter(f => f.severity === 'high'),
+        medium: allFindings.filter(f => f.severity === 'medium'),
+        low: allFindings.filter(f => f.severity === 'low'),
+        info: allFindings.filter(f => f.severity === 'info'),
+    };
+    const lines = [];
+    lines.push(`Skill Security Scan: ${allFindings.length} findings in ${results.length} files`);
+    lines.push(`  Critical: ${bySeverity.critical.length} | High: ${bySeverity.high.length} | Medium: ${bySeverity.medium.length} | Low: ${bySeverity.low.length} | Info: ${bySeverity.info.length}`);
+    lines.push('');
+    for (const result of results) {
+        lines.push(`${path.basename(result.file)}:`);
+        for (const finding of result.findings) {
+            const sev = finding.severity.toUpperCase().padEnd(8);
+            lines.push(`  [${sev}] L${finding.line}: ${finding.description}`);
+            lines.push(`           ${finding.evidence}`);
+        }
+        lines.push('');
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=skill-scanner.js.map

package/dist/security/skill-scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"skill-scanner.js","sourceRoot":"","sources":["../../src/security/skill-scanner.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,MAAM,EAAE,MAAM,oBAAoB,CAAC;AA0B5C,MAAM,kBAAkB,GAAuB;IAC7C,iBAAiB;IACjB,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,mCAAmC,EAAE,IAAI,EAAE,MAAM,EAAE;IAChH,EAAE,OAAO,EAAE,uBAAuB,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,cAAc,EAAE;IAC1H,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,eAAe,EAAE;IACpH,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,UAAU,EAAE;IAChH,EAAE,OAAO,EAAE,iBAAiB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,gBAAgB,EAAE,IAAI,EAAE,UAAU,EAAE;IACjG,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,kBAAkB,EAAE,IAAI,EAAE,OAAO,EAAE;IAC/F,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,MAAM,EAAE;IAE5F,sBAAsB;IACtB,EAAE,OAAO,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,OAAO,EAAE;IACvG,EAAE,OAAO,EAAE,mBAAmB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE;IAClH,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,wBAAwB,EAAE,IAAI,EAAE,eAAe,EAAE;IAClH,EAAE,OAAO,EAAE,kBAAkB,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,mBAAmB,EAAE,IAAI,EAAE,WAAW,EAAE;IAExG,UAAU;IACV,EAAE,OAAO,EAAE,0BAA0B,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,uBAAuB,EAAE,IAAI,EAAE,YAAY,EAAE;IACrH,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,OAAO,EAAE;IAClG,EAAE,OAAO,EAAE,wCAAwC,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,oBAAoB,EAAE,IAAI,EAAE,cAAc,EAAE;IAClI,EAAE,OAAO,EAAE,eAAe,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,iBAAiB,EAAE,IAAI,EAAE,WAAW,EAAE;IAEnG,kBAAkB;IAClB,EAAE,OAAO,EAAE,sBAAsB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,+BAA+B,EAAE,IAAI,EAAE,iBAAiB,EAAE;IAC5H,EAAE,OAAO,EAAE,qBAAqB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,8BAA8B,EAAE,IAAI,EAAE,gBAAgB,EAAE;IAEzH,sBAAsB;IACtB,EAAE,OAAO,EAAE,gBAAgB,EAAE,QAAQ,EAAE,KAAK,EAAE,WAAW,EAAE,qCAAqC,EAAE,IAAI,EAAE,aAAa,EAAE;IACvH,EAAE,OAAO,EAAE,sCAAsC,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE;IAEnI,sBAAsB;IACtB,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,0BAA0B,EAAE,IAAI,EAAE,OAAO,EAAE;IAClG,EAAE,OAAO,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE,WAAW,EAAE,yCAAyC,EAAE,IAAI,EAAE,qBAAqB,EAAE;IAExI,kBAAkB;IAClB,EAAE,OAAO,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,2DAA2D,EAAE,IAAI,EAAE,oBAAoB,EAAE;IACnJ,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,EAAE,WAAW,EAAE,4BAA4B,EAAE,IAAI,EAAE,aAAa,EAAE;CAC5G,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,QAAQ,CAAC,QAAgB;IACvC,MAAM,QAAQ,GAAkB,EAAE,CAAC;IAEnC,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QACnD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;YAEtB,oDAAoD;YACpD,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,KAAK,KAAK;gBAAE,SAAS;YAEtE,KAAK,MAAM,EAAE,IAAI,kBAAkB,EAAE,CAAC;gBACpC,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC1B,QAAQ,CAAC,IAAI,CAAC;wBACZ,QAAQ,EAAE,EAAE,CAAC,QAAQ;wBACrB,OAAO,EAAE,EAAE,CAAC,IAAI;wBAChB,WAAW,EAAE,EAAE,CAAC,WAAW;wBAC3B,IAAI,EAAE,QAAQ;wBACd,IAAI,EAAE,OAAO;wBACb,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;qBACpC,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,wBAAwB,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;IAC9D,CAAC;IAED,OAAO;QACL,IAAI,EAAE,QAAQ;QACd,QAAQ;QACR,SAAS,EAAE,IAAI,CAAC,GAAG,EAAE;KACtB,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,OAAe;IAC3C,MAAM,OAAO,GAAiB,EAAE,CAAC;IAEjC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,OAAO,OAAO,CAAC;IAE5C,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,OAAO,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACjE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAEhD,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,IACL,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC;YAChC,KAAK,CAAC,IAAI,KAAK,UAAU;YACzB,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;YAC1B,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAC1B,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAClC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,aAAa,CAAC,cAAsB,OAAO,CAAC,GAAG,EAAE;IAC/D,MAAM,SAAS,GAAG;QAChB,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,SAAS,CAAC;QACzD,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,WAAW,CAAC;KAC5D,CAAC;IAEF,MAAM,OAAO,GAAiB,EAAE,CAAC;IACjC,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;QAC5B,OAAO,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC;IACtC,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAqB;IACpD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,uCAAuC,CAAC;IACjD,CAAC;IAED,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG;QACjB,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC;QAC5D,IAAI,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;QACpD,MAAM,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC;QACxD,GAAG,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC;QAClD,IAAI,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;KACrD,CAAC;IAEF,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,wBAAwB,WAAW,CAAC,MAAM,gBAAgB,OAAO,CAAC,MAAM,QAAQ,CAAC,CAAC;IAC7F,KAAK,CAAC,IAAI,CAAC,eAAe,UAAU,CAAC,QAAQ,CAAC,MAAM,YAAY,UAAU,CAAC,IAAI,CAAC,MAAM,cAAc,UAAU,CAAC,MAAM,CAAC,MAAM,WAAW,UAAU,CAAC,GAAG,CAAC,MAAM,YAAY,UAAU,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC;IAClM,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC7C,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACrD,KAAK,CAAC,IAAI,CAAC,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;YAClE,KAAK,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;QAC/C,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}