@rexymayderio/sentinel 0.1.1 → 0.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -6
- package/dist/analyzers/install-script-analyzer.js +2 -2
- package/dist/analyzers/install-script-analyzer.js.map +1 -1
- package/dist/analyzers/match-evidence.d.ts +6 -1
- package/dist/analyzers/match-evidence.d.ts.map +1 -1
- package/dist/analyzers/match-evidence.js +10 -3
- package/dist/analyzers/match-evidence.js.map +1 -1
- package/dist/analyzers/network-analyzer.d.ts.map +1 -1
- package/dist/analyzers/network-analyzer.js +85 -4
- package/dist/analyzers/network-analyzer.js.map +1 -1
- package/dist/analyzers/static-code-analyzer.d.ts.map +1 -1
- package/dist/analyzers/static-code-analyzer.js +4 -2
- package/dist/analyzers/static-code-analyzer.js.map +1 -1
- package/dist/analyzers/strip-comments.d.ts +9 -0
- package/dist/analyzers/strip-comments.d.ts.map +1 -0
- package/dist/analyzers/strip-comments.js +86 -0
- package/dist/analyzers/strip-comments.js.map +1 -0
- package/dist/analyzers/test-path.d.ts +7 -3
- package/dist/analyzers/test-path.d.ts.map +1 -1
- package/dist/analyzers/test-path.js +40 -25
- package/dist/analyzers/test-path.js.map +1 -1
- package/dist/cli/index.js +7 -5
- package/dist/cli/index.js.map +1 -1
- package/dist/core/sentinel.d.ts +1 -0
- package/dist/core/sentinel.d.ts.map +1 -1
- package/dist/core/sentinel.js +28 -20
- package/dist/core/sentinel.js.map +1 -1
- package/dist/engine/default-policy.d.ts +5 -0
- package/dist/engine/default-policy.d.ts.map +1 -1
- package/dist/engine/default-policy.js.map +1 -1
- package/dist/engine/policy-engine.js +3 -3
- package/dist/engine/policy-engine.js.map +1 -1
- package/dist/engine/risk-calculator.d.ts +1 -5
- package/dist/engine/risk-calculator.d.ts.map +1 -1
- package/dist/engine/risk-calculator.js +2 -6
- package/dist/engine/risk-calculator.js.map +1 -1
- package/dist/mcp/server.js +4 -3
- package/dist/mcp/server.js.map +1 -1
- package/dist/report/report-generator.js +1 -1
- package/dist/report/report-generator.js.map +1 -1
- package/package.json +1 -1
- package/skills/sentinel/SKILL.md +83 -54
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sentinel.d.ts","sourceRoot":"","sources":["../../src/core/sentinel.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAKzD,OAAO,KAAK,EAAE,YAAY,EAAE,aAAa,EAAgB,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAGzG,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAKhE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAGhE,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAC5C,QAAQ,CAAC,SAAS,EAAE,QAAQ,EAAE,CAAC;IAC/B,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAC9C,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,QAAQ,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;CACtC;AAED,qBAAa,QAAQ;IAMP,OAAO,CAAC,QAAQ,CAAC,OAAO;IALpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAwB;IACvD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAyB;IACzD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;gBAEf,OAAO,EAAE,eAAe;IAO/C,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;
|
|
1
|
+
{"version":3,"file":"sentinel.d.ts","sourceRoot":"","sources":["../../src/core/sentinel.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAG/D,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,0BAA0B,CAAC;AAKzD,OAAO,KAAK,EAAE,YAAY,EAAE,aAAa,EAAgB,kBAAkB,EAAE,MAAM,qBAAqB,CAAC;AAGzG,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,6BAA6B,CAAC;AAKhE,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAClE,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAGhE,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,gBAAgB,EAAE,gBAAgB,CAAC;IAC5C,QAAQ,CAAC,SAAS,EAAE,QAAQ,EAAE,CAAC;IAC/B,QAAQ,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;IAC9C,QAAQ,CAAC,cAAc,EAAE,cAAc,CAAC;IACxC,QAAQ,CAAC,aAAa,EAAE,aAAa,CAAC;IACtC,QAAQ,CAAC,YAAY,CAAC,EAAE,YAAY,CAAC;CACtC;AAED,qBAAa,QAAQ;IAMP,OAAO,CAAC,QAAQ,CAAC,OAAO;IALpC,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAwB;IACvD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;IAC5C,OAAO,CAAC,QAAQ,CAAC,eAAe,CAAyB;IACzD,OAAO,CAAC,QAAQ,CAAC,YAAY,CAAe;gBAEf,OAAO,EAAE,eAAe;IAO/C,MAAM,CAAC,SAAS,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,kBAAkB,CAAC;IA6CzE,OAAO,CAAC,uBAAuB;IA6BzB,OAAO,CACX,SAAS,EAAE,MAAM,EACjB,GAAG,EAAE,MAAM,EACX,OAAO,CAAC,EAAE;QAAE,YAAY,CAAC,EAAE,OAAO,CAAC;QAAC,UAAU,CAAC,EAAE,MAAM,IAAI,CAAC;QAAC,GAAG,CAAC,EAAE,MAAM,CAAA;KAAE,GAC1E,OAAO,CAAC,aAAa,CAAC;IAoCzB,cAAc,CAAC,MAAM,EAAE,kBAAkB,EAAE,MAAM,CAAC,EAAE,YAAY,GAAG,MAAM;YAI3D,YAAY;CAoB3B;AAED,wBAAgB,cAAc,CAAC,OAAO,EAAE,eAAe,GAAG,QAAQ,CAEjE"}
|
package/dist/core/sentinel.js
CHANGED
|
@@ -1,12 +1,12 @@
|
|
|
1
1
|
import { cleanupArtifact } from '../acquire/acquirer.js';
|
|
2
2
|
import { runAnalyzers } from '../analyzers/analyzer.js';
|
|
3
|
-
import { isTestPath,
|
|
3
|
+
import { isTestPath, isTestRelevantFinding } from '../analyzers/test-path.js';
|
|
4
4
|
import { buildPermissionGraph } from './permissions.js';
|
|
5
5
|
import { parseTarget } from '../domain/target.js';
|
|
6
6
|
import { DEFAULT_POLICY } from '../engine/default-policy.js';
|
|
7
7
|
import { assessData, hasMeaningfulMetadata, unverifiableAssessment } from '../engine/data-assessment.js';
|
|
8
8
|
import { PolicyEngine } from '../engine/policy-engine.js';
|
|
9
|
-
import { RiskCalculator
|
|
9
|
+
import { RiskCalculator } from '../engine/risk-calculator.js';
|
|
10
10
|
import { ReportGenerator } from '../report/report-generator.js';
|
|
11
11
|
export class Sentinel {
|
|
12
12
|
options;
|
|
@@ -35,14 +35,13 @@ export class Sentinel {
|
|
|
35
35
|
}
|
|
36
36
|
try {
|
|
37
37
|
const rawFindings = await runAnalyzers(this.options.analyzers, { artifact, target });
|
|
38
|
-
const findings =
|
|
39
|
-
const permissions = buildPermissionGraph(findings
|
|
38
|
+
const findings = processTestFindings(rawFindings, this.policyConfig.scoreTestCodeFully);
|
|
39
|
+
const permissions = buildPermissionGraph(findings);
|
|
40
40
|
const evidence = {
|
|
41
41
|
hasMetadata: hasMeaningfulMetadata(artifact.metadata),
|
|
42
42
|
fileCount: artifact.files.length,
|
|
43
43
|
};
|
|
44
|
-
const
|
|
45
|
-
const risk = this.riskCalculator.calculate(findings, evidence, { testFindingWeight });
|
|
44
|
+
const risk = this.riskCalculator.calculate(findings, evidence);
|
|
46
45
|
const dataAssessment = assessData(target, artifact, findings, risk, this.policyConfig);
|
|
47
46
|
const policy = this.policyEngine.evaluate(target, risk, findings, permissions, dataAssessment);
|
|
48
47
|
const criticalCount = findings.filter((f) => f.severity === 'CRITICAL' && !f.positive).length;
|
|
@@ -112,7 +111,7 @@ export class Sentinel {
|
|
|
112
111
|
};
|
|
113
112
|
}
|
|
114
113
|
const target = report.target;
|
|
115
|
-
const installResult = await this.runInstaller(target);
|
|
114
|
+
const installResult = await this.runInstaller(target, options?.cwd);
|
|
116
115
|
return {
|
|
117
116
|
success: installResult.exitCode === 0,
|
|
118
117
|
message: installResult.exitCode === 0
|
|
@@ -124,16 +123,17 @@ export class Sentinel {
|
|
|
124
123
|
generateReport(report, format) {
|
|
125
124
|
return this.reportGenerator.generate(report, format ?? this.options.reportFormat ?? 'terminal');
|
|
126
125
|
}
|
|
127
|
-
async runInstaller(target) {
|
|
126
|
+
async runInstaller(target, cwd) {
|
|
128
127
|
const { processRunner } = this.options;
|
|
129
128
|
switch (target.ecosystem) {
|
|
130
129
|
case 'npm':
|
|
131
130
|
return processRunner.run('npm', ['install', target.name, '--ignore-scripts'], {
|
|
131
|
+
cwd,
|
|
132
132
|
env: { npm_config_ignore_scripts: 'true' },
|
|
133
133
|
});
|
|
134
134
|
case 'github': {
|
|
135
135
|
const [owner, repo] = target.name.split('/');
|
|
136
|
-
return processRunner.run('git', ['clone', `https://github.com/${owner}/${repo}.git`]);
|
|
136
|
+
return processRunner.run('git', ['clone', `https://github.com/${owner}/${repo}.git`], { cwd });
|
|
137
137
|
}
|
|
138
138
|
case 'skill':
|
|
139
139
|
case 'local':
|
|
@@ -146,19 +146,27 @@ export class Sentinel {
|
|
|
146
146
|
export function createSentinel(options) {
|
|
147
147
|
return new Sentinel(options);
|
|
148
148
|
}
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
|
|
152
|
-
|
|
153
|
-
|
|
154
|
-
|
|
155
|
-
|
|
149
|
+
/**
|
|
150
|
+
* Test/fixture files are scanned with a narrower lens than production code.
|
|
151
|
+
* Benign dev patterns (shell APIs, dynamic imports, ...) are expected in tests
|
|
152
|
+
* and dropped, while real attack signatures (secrets, malware, prompt injection)
|
|
153
|
+
* are kept and tagged so they still count toward the risk score and policy.
|
|
154
|
+
* `scoreTestCodeFully` opts back into scoring test files like production code.
|
|
155
|
+
*/
|
|
156
|
+
function processTestFindings(findings, scoreTestCodeFully) {
|
|
157
|
+
const result = [];
|
|
158
|
+
for (const finding of findings) {
|
|
159
|
+
const inTestFile = finding.file !== undefined && isTestPath(finding.file);
|
|
160
|
+
if (!inTestFile) {
|
|
161
|
+
result.push(finding);
|
|
162
|
+
continue;
|
|
156
163
|
}
|
|
157
|
-
if (
|
|
158
|
-
|
|
164
|
+
if (!scoreTestCodeFully && !isTestRelevantFinding(finding)) {
|
|
165
|
+
continue;
|
|
159
166
|
}
|
|
160
|
-
|
|
161
|
-
}
|
|
167
|
+
result.push(finding.isTest ? finding : { ...finding, isTest: true });
|
|
168
|
+
}
|
|
169
|
+
return result;
|
|
162
170
|
}
|
|
163
171
|
function recommendedActionFor(decision) {
|
|
164
172
|
switch (decision) {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"sentinel.js","sourceRoot":"","sources":["../../src/core/sentinel.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,OAAO,EAAE,UAAU,EAAE,
|
|
1
|
+
{"version":3,"file":"sentinel.js","sourceRoot":"","sources":["../../src/core/sentinel.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AACzD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AAExD,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,MAAM,2BAA2B,CAAC;AAG9E,OAAO,EAAE,oBAAoB,EAAE,MAAM,kBAAkB,CAAC;AAExD,OAAO,EAAE,WAAW,EAAe,MAAM,qBAAqB,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAC7D,OAAO,EAAE,UAAU,EAAE,qBAAqB,EAAE,sBAAsB,EAAE,MAAM,8BAA8B,CAAC;AACzG,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAG9D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAWhE,MAAM,OAAO,QAAQ;IAMU;IALZ,cAAc,GAAG,IAAI,cAAc,EAAE,CAAC;IACtC,YAAY,CAAe;IAC3B,eAAe,GAAG,IAAI,eAAe,EAAE,CAAC;IACxC,YAAY,CAAe;IAE5C,YAA6B,OAAwB;QAAxB,YAAO,GAAP,OAAO,CAAiB;QACnD,IAAI,CAAC,YAAY,GAAG,OAAO,CAAC,YAAY;YACtC,CAAC,CAAC,EAAE,GAAG,cAAc,EAAE,GAAG,OAAO,CAAC,YAAY,EAAE;YAChD,CAAC,CAAC,cAAc,CAAC;QACnB,IAAI,CAAC,YAAY,GAAG,IAAI,YAAY,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAC1D,CAAC;IAED,KAAK,CAAC,MAAM,CAAC,SAAiB,EAAE,GAAW;QACzC,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QACzB,MAAM,MAAM,GAAG,WAAW,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,gBAAgB,CAAC,GAAG,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QAErE,IAAI,QAA8B,CAAC;QACnC,IAAI,CAAC;YACH,QAAQ,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QAC5C,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,MAAM,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YACtE,OAAO,IAAI,CAAC,uBAAuB,CAAC,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;QAC7D,CAAC;QAED,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACrF,MAAM,QAAQ,GAAG,mBAAmB,CAAC,WAAW,EAAE,IAAI,CAAC,YAAY,CAAC,kBAAkB,CAAC,CAAC;YACxF,MAAM,WAAW,GAAG,oBAAoB,CAAC,QAAQ,CAAC,CAAC;YACnD,MAAM,QAAQ,GAAG;gBACf,WAAW,EAAE,qBAAqB,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBACrD,SAAS,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM;aACjC,CAAC;YACF,MAAM,IAAI,GAAG,IAAI,CAAC,cAAc,CAAC,SAAS,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;YAC/D,MAAM,cAAc,GAAG,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,IAAI,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;YACvF,MAAM,MAAM,GAAG,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,EAAE,IAAI,EAAE,QAAQ,EAAE,WAAW,EAAE,cAAc,CAAC,CAAC;YAE/F,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;YAC9F,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,KAAK,UAAU,IAAI,CAAC,KAAK,WAAW,aAAa,oBAAoB,CAAC;YAE9F,OAAO;gBACL,MAAM;gBACN,QAAQ;gBACR,IAAI;gBACJ,MAAM;gBACN,WAAW;gBACX,cAAc;gBACd,OAAO;gBACP,iBAAiB,EAAE,oBAAoB,CAAC,MAAM,CAAC,QAAQ,CAAC;gBACxD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;gBACnC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;aAC/B,CAAC;QACJ,CAAC;gBAAS,CAAC;YACT,MAAM,eAAe,CAAC,QAAQ,CAAC,CAAC;QAClC,CAAC;IACH,CAAC;IAEO,uBAAuB,CAAC,MAAc,EAAE,MAAc,EAAE,KAAa;QAC3E,MAAM,cAAc,GAAG,sBAAsB,CAAC,6BAA6B,MAAM,EAAE,CAAC,CAAC;QACrF,MAAM,IAAI,GAAc;YACtB,KAAK,EAAE,CAAC;YACR,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,CAAC;YACb,eAAe,EAAE,CAAC;YAClB,eAAe,EAAE,CAAC;SACnB,CAAC;QACF,MAAM,MAAM,GAAiB;YAC3B,QAAQ,EAAE,kBAAkB;YAC5B,OAAO,EAAE,CAAC,kEAAkE,EAAE,GAAG,cAAc,CAAC,OAAO,CAAC;YACxG,SAAS,EAAE,EAAE;SACd,CAAC;QAEF,OAAO;YACL,MAAM;YACN,QAAQ,EAAE,EAAE;YACZ,IAAI;YACJ,MAAM;YACN,WAAW,EAAE,EAAE;YACf,cAAc;YACd,OAAO,EAAE,gDAAgD;YACzD,iBAAiB,EAAE,oBAAoB,CAAC,MAAM,CAAC,QAAQ,CAAC;YACxD,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,KAAK;SAC/B,CAAC;IACJ,CAAC;IAED,KAAK,CAAC,OAAO,CACX,SAAiB,EACjB,GAAW,EACX,OAA2E;QAE3E,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,GAAG,CAAC,CAAC;QACjD,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;QAExB,IAAI,MAAM,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;YACvC,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,gCAAgC;gBACzC,MAAM;aACP,CAAC;QACJ,CAAC;QAED,MAAM,QAAQ,GAAG,OAAO,EAAE,YAAY;YACpC,CAAC,CAAC,IAAI;YACN,CAAC,CAAC,MAAM,IAAI,CAAC,OAAO,CAAC,cAAc,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QAE9D,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,OAAO,EAAE,6BAA6B;gBACtC,MAAM;aACP,CAAC;QACJ,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC;QAC7B,MAAM,aAAa,GAAG,MAAM,IAAI,CAAC,YAAY,CAAC,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;QAEpE,OAAO;YACL,OAAO,EAAE,aAAa,CAAC,QAAQ,KAAK,CAAC;YACrC,OAAO,EAAE,aAAa,CAAC,QAAQ,KAAK,CAAC;gBACnC,CAAC,CAAC,0BAA0B,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,IAAI,EAAE;gBAC7D,CAAC,CAAC,wBAAwB,aAAa,CAAC,MAAM,IAAI,aAAa,CAAC,MAAM,EAAE;YAC1E,MAAM;SACP,CAAC;IACJ,CAAC;IAED,cAAc,CAAC,MAA0B,EAAE,MAAqB;QAC9D,OAAO,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,MAAM,EAAE,MAAM,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,UAAU,CAAC,CAAC;IAClG,CAAC;IAEO,KAAK,CAAC,YAAY,CAAC,MAAc,EAAE,GAAY;QACrD,MAAM,EAAE,aAAa,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC;QAEvC,QAAQ,MAAM,CAAC,SAAS,EAAE,CAAC;YACzB,KAAK,KAAK;gBACR,OAAO,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC,IAAI,EAAE,kBAAkB,CAAC,EAAE;oBAC5E,GAAG;oBACH,GAAG,EAAE,EAAE,yBAAyB,EAAE,MAAM,EAAE;iBAC3C,CAAC,CAAC;YACL,KAAK,QAAQ,CAAC,CAAC,CAAC;gBACd,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAC7C,OAAO,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,OAAO,EAAE,sBAAsB,KAAK,IAAI,IAAI,MAAM,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,CAAC;YACjG,CAAC;YACD,KAAK,OAAO,CAAC;YACb,KAAK,OAAO;gBACV,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,yDAAyD,EAAE,MAAM,EAAE,EAAE,EAAE,CAAC;YACxG;gBACE,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,MAAM,EAAE,EAAE,EAAE,MAAM,EAAE,+BAA+B,MAAM,CAAC,SAAS,EAAE,EAAE,CAAC;QAClG,CAAC;IACH,CAAC;CACF;AAED,MAAM,UAAU,cAAc,CAAC,OAAwB;IACrD,OAAO,IAAI,QAAQ,CAAC,OAAO,CAAC,CAAC;AAC/B,CAAC;AAED;;;;;;GAMG;AACH,SAAS,mBAAmB,CAAC,QAAmB,EAAE,kBAA2B;IAC3E,MAAM,MAAM,GAAc,EAAE,CAAC;IAC7B,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,KAAK,SAAS,IAAI,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;QAC1E,IAAI,CAAC,UAAU,EAAE,CAAC;YAChB,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACrB,SAAS;QACX,CAAC;QACD,IAAI,CAAC,kBAAkB,IAAI,CAAC,qBAAqB,CAAC,OAAO,CAAC,EAAE,CAAC;YAC3D,SAAS;QACX,CAAC;QACD,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;IACvE,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,oBAAoB,CAAC,QAAkC;IAC9D,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO;YACV,OAAO,gBAAgB,CAAC;QAC1B,KAAK,kBAAkB;YACrB,OAAO,sCAAsC,CAAC;QAChD,KAAK,MAAM;YACT,OAAO,sBAAsB,CAAC;QAChC;YACE,OAAO,iBAAiB,CAAC;IAC7B,CAAC;AACH,CAAC"}
|
|
@@ -10,6 +10,11 @@ export interface PolicyConfig {
|
|
|
10
10
|
readonly warnOnInstallScript: boolean;
|
|
11
11
|
readonly warnOnShellAccess: boolean;
|
|
12
12
|
readonly allowOverrides: boolean;
|
|
13
|
+
/**
|
|
14
|
+
* When false (default), test/fixture files are scanned only for leaked secrets
|
|
15
|
+
* and malware signatures. When true, they are scanned with the full production
|
|
16
|
+
* ruleset like any other source file.
|
|
17
|
+
*/
|
|
13
18
|
readonly scoreTestCodeFully: boolean;
|
|
14
19
|
}
|
|
15
20
|
export declare const DEFAULT_POLICY: PolicyConfig;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"default-policy.d.ts","sourceRoot":"","sources":["../../src/engine/default-policy.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,iBAAiB,EAAE,MAAM,EAAE,CAAC;IACrC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC;IACrC,QAAQ,CAAC,yBAAyB,EAAE,OAAO,CAAC;IAC5C,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IACtC,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC;IACjC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC;CACtC;AAED,eAAO,MAAM,cAAc,EAAE,YAa5B,CAAC"}
|
|
1
|
+
{"version":3,"file":"default-policy.d.ts","sourceRoot":"","sources":["../../src/engine/default-policy.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,QAAQ,CAAC,cAAc,EAAE,MAAM,CAAC;IAChC,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,aAAa,EAAE,MAAM,CAAC;IAC/B,QAAQ,CAAC,iBAAiB,EAAE,MAAM,EAAE,CAAC;IACrC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,kBAAkB,EAAE,MAAM,EAAE,CAAC;IACtC,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC;IACrC,QAAQ,CAAC,yBAAyB,EAAE,OAAO,CAAC;IAC5C,QAAQ,CAAC,mBAAmB,EAAE,OAAO,CAAC;IACtC,QAAQ,CAAC,iBAAiB,EAAE,OAAO,CAAC;IACpC,QAAQ,CAAC,cAAc,EAAE,OAAO,CAAC;IACjC;;;;OAIG;IACH,QAAQ,CAAC,kBAAkB,EAAE,OAAO,CAAC;CACtC;AAED,eAAO,MAAM,cAAc,EAAE,YAa5B,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"default-policy.js","sourceRoot":"","sources":["../../src/engine/default-policy.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"default-policy.js","sourceRoot":"","sources":["../../src/engine/default-policy.ts"],"names":[],"mappings":"AAoBA,MAAM,CAAC,MAAM,cAAc,GAAiB;IAC1C,cAAc,EAAE,EAAE;IAClB,aAAa,EAAE,EAAE;IACjB,aAAa,EAAE,EAAE;IACjB,iBAAiB,EAAE,EAAE;IACrB,kBAAkB,EAAE,EAAE;IACtB,kBAAkB,EAAE,EAAE;IACtB,kBAAkB,EAAE,IAAI;IACxB,yBAAyB,EAAE,IAAI;IAC/B,mBAAmB,EAAE,IAAI;IACzB,iBAAiB,EAAE,IAAI;IACvB,cAAc,EAAE,IAAI;IACpB,kBAAkB,EAAE,KAAK;CAC1B,CAAC"}
|
|
@@ -41,14 +41,14 @@ export class PolicyEngine {
|
|
|
41
41
|
}
|
|
42
42
|
let decision = 'APPROVE';
|
|
43
43
|
if (this.config.warnOnInstallScript) {
|
|
44
|
-
const hasInstallScript = findings.some((f) =>
|
|
44
|
+
const hasInstallScript = findings.some((f) => f.category === 'install-script' && f.ruleId?.startsWith('script-'));
|
|
45
45
|
if (hasInstallScript) {
|
|
46
46
|
reasons.push('Package has install scripts');
|
|
47
47
|
decision = 'WARN';
|
|
48
48
|
}
|
|
49
49
|
}
|
|
50
50
|
if (this.config.warnOnShellAccess) {
|
|
51
|
-
const hasShell = findings.some((f) =>
|
|
51
|
+
const hasShell = findings.some((f) => f.category === 'static-code' && ['spawn', 'exec', 'child-process', 'os-system', 'subprocess'].includes(f.ruleId ?? ''));
|
|
52
52
|
if (hasShell) {
|
|
53
53
|
reasons.push('Package requires shell access');
|
|
54
54
|
decision = decision === 'WARN' ? 'WARN' : 'REQUIRE_APPROVAL';
|
|
@@ -56,7 +56,7 @@ export class PolicyEngine {
|
|
|
56
56
|
}
|
|
57
57
|
if (this.config.requireApprovalForNetwork) {
|
|
58
58
|
const hasNetwork = permissions.some((p) => p.type.startsWith('network-')) ||
|
|
59
|
-
findings.some((f) =>
|
|
59
|
+
findings.some((f) => f.category === 'network' && f.severity !== 'LOW');
|
|
60
60
|
if (hasNetwork) {
|
|
61
61
|
reasons.push('Package requires network access');
|
|
62
62
|
decision = 'REQUIRE_APPROVAL';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../src/engine/policy-engine.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,OAAO,YAAY;IACM;IAA7B,YAA6B,SAAuB,cAAc;QAArC,WAAM,GAAN,MAAM,CAA+B;IAAG,CAAC;IAEtE,QAAQ,CACN,MAAc,EACd,IAAe,EACf,QAAmB,EACnB,WAAyB,EACzB,cAA8B;QAE9B,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAa,EAAE,CAAC;QAE/B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAEvC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAC/E,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,mCAAmC,CAAC,EAAE,SAAS,EAAE,CAAC;QAC1F,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAC/E,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,CAAC,mCAAmC,CAAC,EAAE,SAAS,EAAE,CAAC;QACjG,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,KAAK,6BAA6B,IAAI,CAAC,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC;YACjG,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE,CAAC;YAC/B,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,OAAO,EAAE;oBACP,kEAAkE;oBAClE,GAAG,cAAc,CAAC,OAAO;iBAC1B;gBACD,SAAS;aACV,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,oBAAoB,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC;YACvF,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBACnC,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;YAC1D,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC9E,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAClC,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;YAC1D,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,GAAmB,SAAS,CAAC;QAEzC,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,
|
|
1
|
+
{"version":3,"file":"policy-engine.js","sourceRoot":"","sources":["../../src/engine/policy-engine.ts"],"names":[],"mappings":"AAMA,OAAO,EAAE,cAAc,EAAE,MAAM,qBAAqB,CAAC;AAErD,MAAM,OAAO,YAAY;IACM;IAA7B,YAA6B,SAAuB,cAAc;QAArC,WAAM,GAAN,MAAM,CAA+B;IAAG,CAAC;IAEtE,QAAQ,CACN,MAAc,EACd,IAAe,EACf,QAAmB,EACnB,WAAyB,EACzB,cAA8B;QAE9B,MAAM,OAAO,GAAa,EAAE,CAAC;QAC7B,MAAM,SAAS,GAAa,EAAE,CAAC;QAE/B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC;QAEvC,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAC/E,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,mCAAmC,CAAC,EAAE,SAAS,EAAE,CAAC;QAC1F,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;YAC/E,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,CAAC,mCAAmC,CAAC,EAAE,SAAS,EAAE,CAAC;QACjG,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,cAAc,EAAE,CAAC;YAC7C,OAAO,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,KAAK,6BAA6B,IAAI,CAAC,MAAM,CAAC,cAAc,GAAG,CAAC,CAAC;YACjG,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;QACnD,CAAC;QAED,IAAI,CAAC,cAAc,CAAC,UAAU,EAAE,CAAC;YAC/B,OAAO;gBACL,QAAQ,EAAE,kBAAkB;gBAC5B,OAAO,EAAE;oBACP,kEAAkE;oBAClE,GAAG,cAAc,CAAC,OAAO;iBAC1B;gBACD,SAAS;aACV,CAAC;QACJ,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,kBAAkB,EAAE,CAAC;YACnC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,oBAAoB,IAAI,CAAC,CAAC,QAAQ,CAAC,CAAC;YACvF,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;gBACnC,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;YAC1D,CAAC;YAED,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC9E,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;gBAClC,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;YAC1D,CAAC;QACH,CAAC;QAED,IAAI,QAAQ,GAAmB,SAAS,CAAC;QAEzC,IAAI,IAAI,CAAC,MAAM,CAAC,mBAAmB,EAAE,CAAC;YACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,IAAI,CAAC,CAAC,MAAM,EAAE,UAAU,CAAC,SAAS,CAAC,CAC1E,CAAC;YACF,IAAI,gBAAgB,EAAE,CAAC;gBACrB,OAAO,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;gBAC5C,QAAQ,GAAG,MAAM,CAAC;YACpB,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YAClC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAC5B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,aAAa,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,eAAe,EAAE,WAAW,EAAE,YAAY,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,IAAI,EAAE,CAAC,CAC9H,CAAC;YACF,IAAI,QAAQ,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;gBAC9C,QAAQ,GAAG,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,kBAAkB,CAAC;YAC/D,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,yBAAyB,EAAE,CAAC;YAC1C,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;gBACvE,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,IAAI,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC;YACzE,IAAI,UAAU,EAAE,CAAC;gBACf,OAAO,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;gBAChD,QAAQ,GAAG,kBAAkB,CAAC;YAChC,CAAC;QACH,CAAC;QAED,IAAI,IAAI,CAAC,KAAK,IAAI,IAAI,CAAC,MAAM,CAAC,aAAa,IAAI,QAAQ,KAAK,SAAS,EAAE,CAAC;YACtE,OAAO,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,KAAK,4BAA4B,IAAI,CAAC,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC;YAC/F,QAAQ,GAAG,MAAM,CAAC;QACpB,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,OAAO,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAChD,CAAC;QAED,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC;IAC1C,CAAC;CACF;AAED,MAAM,UAAU,gBAAgB,CAAC,SAAiC;IAChE,OAAO,EAAE,GAAG,cAAc,EAAE,GAAG,SAAS,EAAE,CAAC;AAC7C,CAAC"}
|
|
@@ -1,15 +1,11 @@
|
|
|
1
1
|
import type { Finding } from '../domain/finding.js';
|
|
2
2
|
import type { RiskScore } from '../domain/risk.js';
|
|
3
|
-
export declare const TEST_FINDING_WEIGHT = 0.1;
|
|
4
3
|
export interface AnalysisEvidence {
|
|
5
4
|
readonly hasMetadata: boolean;
|
|
6
5
|
readonly fileCount: number;
|
|
7
6
|
}
|
|
8
|
-
export interface RiskOptions {
|
|
9
|
-
readonly testFindingWeight?: number;
|
|
10
|
-
}
|
|
11
7
|
export declare class RiskCalculator {
|
|
12
|
-
calculate(findings: Finding[], evidence?: AnalysisEvidence
|
|
8
|
+
calculate(findings: Finding[], evidence?: AnalysisEvidence): RiskScore;
|
|
13
9
|
private computeConfidence;
|
|
14
10
|
}
|
|
15
11
|
//# sourceMappingURL=risk-calculator.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"risk-calculator.d.ts","sourceRoot":"","sources":["../../src/engine/risk-calculator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAEpD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;
|
|
1
|
+
{"version":3,"file":"risk-calculator.d.ts","sourceRoot":"","sources":["../../src/engine/risk-calculator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAC;AAEpD,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAanD,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC;IAC9B,QAAQ,CAAC,SAAS,EAAE,MAAM,CAAC;CAC5B;AAED,qBAAa,cAAc;IACzB,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE,EAAE,QAAQ,CAAC,EAAE,gBAAgB,GAAG,SAAS;IA6BtE,OAAO,CAAC,iBAAiB;CAe1B"}
|
|
@@ -2,8 +2,6 @@ import { SEVERITY_WEIGHTS } from '../domain/finding.js';
|
|
|
2
2
|
import { clampScore, scoreToLevel } from '../domain/risk.js';
|
|
3
3
|
const POSITIVE_SIGNAL_WEIGHT = 5;
|
|
4
4
|
const MAX_POSITIVE_REDUCTION = 30;
|
|
5
|
-
export const TEST_FINDING_WEIGHT = 0.1;
|
|
6
|
-
const FULL_WEIGHT = 1;
|
|
7
5
|
const CONFIDENCE_METADATA = 35;
|
|
8
6
|
const CONFIDENCE_HAS_FILES = 25;
|
|
9
7
|
const CONFIDENCE_PER_FILE = 2;
|
|
@@ -11,8 +9,7 @@ const CONFIDENCE_MAX_FILE_BONUS = 20;
|
|
|
11
9
|
const CONFIDENCE_PER_SIGNAL = 2;
|
|
12
10
|
const CONFIDENCE_MAX_SIGNAL_BONUS = 20;
|
|
13
11
|
export class RiskCalculator {
|
|
14
|
-
calculate(findings, evidence
|
|
15
|
-
const testFindingWeight = options?.testFindingWeight ?? FULL_WEIGHT;
|
|
12
|
+
calculate(findings, evidence) {
|
|
16
13
|
let negativeScore = 0;
|
|
17
14
|
let positiveReduction = 0;
|
|
18
15
|
let positiveSignals = 0;
|
|
@@ -24,8 +21,7 @@ export class RiskCalculator {
|
|
|
24
21
|
}
|
|
25
22
|
else if (finding.severity !== 'INFO') {
|
|
26
23
|
negativeSignals++;
|
|
27
|
-
|
|
28
|
-
negativeScore += SEVERITY_WEIGHTS[finding.severity] * weight;
|
|
24
|
+
negativeScore += SEVERITY_WEIGHTS[finding.severity];
|
|
29
25
|
}
|
|
30
26
|
}
|
|
31
27
|
const cappedReduction = Math.min(positiveReduction, MAX_POSITIVE_REDUCTION);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"risk-calculator.js","sourceRoot":"","sources":["../../src/engine/risk-calculator.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAExD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAE7D,MAAM,sBAAsB,GAAG,CAAC,CAAC;AACjC,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAElC,MAAM,
|
|
1
|
+
{"version":3,"file":"risk-calculator.js","sourceRoot":"","sources":["../../src/engine/risk-calculator.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,gBAAgB,EAAE,MAAM,sBAAsB,CAAC;AAExD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,mBAAmB,CAAC;AAE7D,MAAM,sBAAsB,GAAG,CAAC,CAAC;AACjC,MAAM,sBAAsB,GAAG,EAAE,CAAC;AAElC,MAAM,mBAAmB,GAAG,EAAE,CAAC;AAC/B,MAAM,oBAAoB,GAAG,EAAE,CAAC;AAChC,MAAM,mBAAmB,GAAG,CAAC,CAAC;AAC9B,MAAM,yBAAyB,GAAG,EAAE,CAAC;AACrC,MAAM,qBAAqB,GAAG,CAAC,CAAC;AAChC,MAAM,2BAA2B,GAAG,EAAE,CAAC;AAOvC,MAAM,OAAO,cAAc;IACzB,SAAS,CAAC,QAAmB,EAAE,QAA2B;QACxD,IAAI,aAAa,GAAG,CAAC,CAAC;QACtB,IAAI,iBAAiB,GAAG,CAAC,CAAC;QAC1B,IAAI,eAAe,GAAG,CAAC,CAAC;QACxB,IAAI,eAAe,GAAG,CAAC,CAAC;QAExB,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;YAC/B,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;gBACrB,eAAe,EAAE,CAAC;gBAClB,iBAAiB,IAAI,sBAAsB,CAAC;YAC9C,CAAC;iBAAM,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBACvC,eAAe,EAAE,CAAC;gBAClB,aAAa,IAAI,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;YACtD,CAAC;QACH,CAAC;QAED,MAAM,eAAe,GAAG,IAAI,CAAC,GAAG,CAAC,iBAAiB,EAAE,sBAAsB,CAAC,CAAC;QAC5E,MAAM,UAAU,GAAG,UAAU,CAAC,aAAa,GAAG,eAAe,CAAC,CAAC;QAC/D,MAAM,YAAY,GAAG,eAAe,GAAG,eAAe,CAAC;QAEvD,OAAO;YACL,KAAK,EAAE,UAAU;YACjB,KAAK,EAAE,YAAY,CAAC,UAAU,CAAC;YAC/B,UAAU,EAAE,IAAI,CAAC,iBAAiB,CAAC,YAAY,EAAE,QAAQ,CAAC;YAC1D,eAAe;YACf,eAAe;SAChB,CAAC;IACJ,CAAC;IAEO,iBAAiB,CAAC,YAAoB,EAAE,QAA2B;QACzE,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,OAAO,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,EAAE,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACtE,CAAC;QAED,IAAI,UAAU,GAAG,CAAC,CAAC;QACnB,IAAI,QAAQ,CAAC,WAAW;YAAE,UAAU,IAAI,mBAAmB,CAAC;QAC5D,IAAI,QAAQ,CAAC,SAAS,GAAG,CAAC,EAAE,CAAC;YAC3B,UAAU,IAAI,oBAAoB,CAAC;YACnC,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,QAAQ,CAAC,SAAS,GAAG,mBAAmB,EAAE,yBAAyB,CAAC,CAAC;QAC9F,CAAC;QACD,UAAU,IAAI,IAAI,CAAC,GAAG,CAAC,YAAY,GAAG,qBAAqB,EAAE,2BAA2B,CAAC,CAAC;QAE1F,OAAO,UAAU,CAAC,UAAU,CAAC,CAAC;IAChC,CAAC;CACF"}
|
package/dist/mcp/server.js
CHANGED
|
@@ -5,7 +5,7 @@ import { z } from 'zod';
|
|
|
5
5
|
import { createDefaultSentinel } from '../factory.js';
|
|
6
6
|
const server = new McpServer({
|
|
7
7
|
name: 'sentinel',
|
|
8
|
-
version: '0.1.
|
|
8
|
+
version: '0.1.3',
|
|
9
9
|
});
|
|
10
10
|
const sentinel = createDefaultSentinel();
|
|
11
11
|
server.tool('verify_package', 'Verify an npm package for security risks', { name: z.string(), version: z.string().optional() }, async ({ name, version }) => {
|
|
@@ -104,7 +104,8 @@ server.tool('install', 'Verify and install a target (requires explicit confirm f
|
|
|
104
104
|
type: z.string(),
|
|
105
105
|
target: z.string(),
|
|
106
106
|
confirm: z.boolean().describe('Must be true to proceed with installation'),
|
|
107
|
-
|
|
107
|
+
cwd: z.string().optional().describe('Project directory to install into (required for npm/github in MCP — use the workspace root)'),
|
|
108
|
+
}, async ({ type, target, confirm, cwd }) => {
|
|
108
109
|
if (!confirm) {
|
|
109
110
|
return {
|
|
110
111
|
content: [{
|
|
@@ -116,7 +117,7 @@ server.tool('install', 'Verify and install a target (requires explicit confirm f
|
|
|
116
117
|
}],
|
|
117
118
|
};
|
|
118
119
|
}
|
|
119
|
-
const result = await sentinel.install(type, target, { forceApprove: true });
|
|
120
|
+
const result = await sentinel.install(type, target, { forceApprove: true, cwd });
|
|
120
121
|
if (result.report.policy.decision === 'BLOCK') {
|
|
121
122
|
return {
|
|
122
123
|
content: [{
|
package/dist/mcp/server.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAGtD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,MAAM,QAAQ,GAAG,qBAAqB,EAAE,CAAC;AAEzC,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,0CAA0C,EAC1C,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,EACpD,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE;IAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACrD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,+CAA+C,EAC/C,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACvC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;IACxB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,IAAI,EAAE,CAAC,CAAC;IACnE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,EACd,oDAAoD,EACpD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,YAAY,EACZ,4DAA4D,EAC5D,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,kBAAkB,EAClB,iEAAiE,EACjE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACrD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,eAAe,EACf,6DAA6D,EAC7D,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACrB,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,iDAAiD,EACjD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACxC,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU;oBAClC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;iBACjC,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,yCAAyC,EACzC;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC5D,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE;IACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,CAAC,MAAM,IAAI,MAAM,CAAiB,CAAC;IACxD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,YAAY,CAAC,EAAE,CAAC,EAAE,CAAC;AACvG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,4CAA4C,EAC5C,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,EACd,gEAAgE,EAChE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,sDAAsD,EACtD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACxC,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,CAAC;IACtD,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,UAAU;oBACV,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;oBAChC,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;oBAC9B,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,SAAS,EACT,8DAA8D,EAC9D;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;
|
|
1
|
+
{"version":3,"file":"server.js","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AACA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAGtD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,UAAU;IAChB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,MAAM,QAAQ,GAAG,qBAAqB,EAAE,CAAC;AAEzC,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,0CAA0C,EAC1C,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,EAAE,EACpD,KAAK,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE;IAC1B,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,CAAC,GAAG,IAAI,IAAI,OAAO,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC;IACrD,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,+CAA+C,EAC/C,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACvC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE;IACxB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,GAAG,KAAK,IAAI,IAAI,EAAE,CAAC,CAAC;IACnE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,EACd,oDAAoD,EACpD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,YAAY,EACZ,4DAA4D,EAC5D,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,kBAAkB,EAClB,iEAAiE,EACjE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACrD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,eAAe,EACf,6DAA6D,EAC7D,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACrB,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACtD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,iDAAiD,EACjD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACxC,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,KAAK,EAAE,MAAM,CAAC,IAAI,CAAC,KAAK;oBACxB,UAAU,EAAE,MAAM,CAAC,IAAI,CAAC,UAAU;oBAClC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;iBACjC,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,yCAAyC,EACzC;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC,QAAQ,EAAE;CAC5D,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,EAAE,EAAE;IACjC,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,YAAY,GAAG,CAAC,MAAM,IAAI,MAAM,CAAiB,CAAC;IACxD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,YAAY,CAAC,EAAE,CAAC,EAAE,CAAC;AACvG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,4CAA4C,EAC5C,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IACpD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;AACjG,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,cAAc,EACd,gEAAgE,EAChE,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACpB,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QAClD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,MAAM,EAAE,MAAM,CAAC,EAAE,CAAC,EAAE,CAAC;IACjG,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,EAAE,CAAC,EAAE,CAAC;IAClG,CAAC;AACH,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,sDAAsD,EACtD,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,EAAE,EACxC,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IACnD,MAAM,UAAU,GAAG,MAAM,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,CAAC;IACtD,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,UAAU;oBACV,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ;oBAChC,IAAI,EAAE,MAAM,CAAC,IAAI;oBACjB,OAAO,EAAE,MAAM,CAAC,MAAM,CAAC,OAAO;oBAC9B,cAAc,EAAE,MAAM,CAAC,cAAc;iBACtC,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,MAAM,CAAC,IAAI,CACT,SAAS,EACT,8DAA8D,EAC9D;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE;IAChB,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE;IAClB,OAAO,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,CAAC,2CAA2C,CAAC;IAC1E,GAAG,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,6FAA6F,CAAC;CACnI,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,EAAE,EAAE,EAAE;IACvC,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE,kFAAkF;qBAC5F,CAAC;iBACH,CAAC;SACH,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,QAAQ,CAAC,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;IAEjF,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QAC9C,OAAO;YACL,OAAO,EAAE,CAAC;oBACR,IAAI,EAAE,MAAe;oBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;wBACnB,OAAO,EAAE,KAAK;wBACd,OAAO,EAAE,kDAAkD;wBAC3D,MAAM,EAAE,MAAM,CAAC,MAAM;qBACtB,CAAC;iBACH,CAAC;SACH,CAAC;IACJ,CAAC;IAED,OAAO;QACL,OAAO,EAAE,CAAC;gBACR,IAAI,EAAE,MAAe;gBACrB,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;oBACnB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,OAAO,EAAE,MAAM,CAAC,OAAO;oBACvB,MAAM,EAAE,MAAM,CAAC,MAAM;iBACtB,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;AAClC,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,4BAA4B,EAAE,KAAK,CAAC,CAAC;IACnD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
|
|
@@ -53,7 +53,7 @@ export class TerminalReporter {
|
|
|
53
53
|
lines.push(kleur.bold(' Findings Summary:'));
|
|
54
54
|
lines.push(` Critical: ${kleur.red(String(critical.length))} High: ${kleur.red(String(high.length))} Medium: ${kleur.yellow(String(medium.length))} Low: ${kleur.green(String(low.length))} Positive: ${kleur.green(String(positive.length))}`);
|
|
55
55
|
if (testFindingCount > 0) {
|
|
56
|
-
lines.push(kleur.dim(` (${testFindingCount} finding(s) in test/fixture files
|
|
56
|
+
lines.push(kleur.dim(` (${testFindingCount} high-signal finding(s) located in test/fixture files)`));
|
|
57
57
|
}
|
|
58
58
|
lines.push('');
|
|
59
59
|
const displayFindings = [...critical, ...high, ...medium].slice(0, 20);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report-generator.js","sourceRoot":"","sources":["../../src/report/report-generator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAU1B,SAAS,SAAS,CAAC,KAAgB;IACjC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QACzC,KAAK,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC;QAC9B,KAAK,QAAQ,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC;QACnC,KAAK,KAAK,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC;IACjC,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB;IACrC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QACtC,KAAK,kBAAkB,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC;QACpD,KAAK,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC;QACjC,KAAK,cAAc,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC;QAC/C,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC;IAC9B,CAAC;AACH,CAAC;AAED,MAAM,OAAO,gBAAgB;IAClB,MAAM,GAAG,UAAmB,CAAC;IAEtC,QAAQ,CAAC,MAA0B;QACjC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE3C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,CAAC;QAClE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtG,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,CAAC;QACnF,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,iBAAiB,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC7F,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC,CAAC;YACxF,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAChC,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;YAC5C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAC3C,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAChC,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzF,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACjF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACrF,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC/E,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAE3D,MAAM,gBAAgB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;QAEvF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,WAAW,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,aAAa,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,eAAe,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;QACvP,IAAI,gBAAgB,GAAG,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,gBAAgB,
|
|
1
|
+
{"version":3,"file":"report-generator.js","sourceRoot":"","sources":["../../src/report/report-generator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAU1B,SAAS,SAAS,CAAC,KAAgB;IACjC,QAAQ,KAAK,EAAE,CAAC;QACd,KAAK,UAAU,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QACzC,KAAK,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC;QAC9B,KAAK,QAAQ,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC;QACnC,KAAK,KAAK,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC;IACjC,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,QAAgB;IACrC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC;QACtC,KAAK,kBAAkB,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC;QACpD,KAAK,MAAM,CAAC,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC;QACjC,KAAK,cAAc,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,EAAE,CAAC,IAAI,CAAC;QAC/C,OAAO,CAAC,CAAC,OAAO,KAAK,CAAC,KAAK,CAAC;IAC9B,CAAC;AACH,CAAC;AAED,MAAM,OAAO,gBAAgB;IAClB,MAAM,GAAG,UAAmB,CAAC;IAEtC,QAAQ,CAAC,MAA0B;QACjC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAE3C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC,CAAC;QAClE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACtG,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,CAAC;QACnF,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QACvD,KAAK,CAAC,IAAI,CAAC,iBAAiB,aAAa,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;QAC7F,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC,CAAC;YACxF,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAChC,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACrC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;YAC5C,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;gBAC3C,KAAK,CAAC,IAAI,CAAC,SAAS,MAAM,EAAE,CAAC,CAAC;YAChC,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzF,MAAM,IAAI,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACjF,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QACrF,MAAM,GAAG,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC/E,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;QAE3D,MAAM,gBAAgB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC;QAEvF,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,iBAAiB,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,WAAW,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,aAAa,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,UAAU,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,eAAe,KAAK,CAAC,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC;QACvP,IAAI,gBAAgB,GAAG,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,gBAAgB,wDAAwD,CAAC,CAAC,CAAC;QAC1G,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,MAAM,eAAe,GAAG,CAAC,GAAG,QAAQ,EAAE,GAAG,IAAI,EAAE,GAAG,MAAM,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACvE,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC/B,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC;YAC1C,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;gBAChC,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC;oBAC/D,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC,CAAC;wBAC7C,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC;gBAClC,MAAM,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBACtE,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC1D,KAAK,CAAC,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,CAAC,KAAK,GAAG,GAAG,GAAG,OAAO,EAAE,CAAC,CAAC;gBACpD,KAAK,CAAC,IAAI,CAAC,cAAc,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC;gBACrD,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;oBACf,KAAK,CAAC,IAAI,CAAC,cAAc,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;gBACtE,CAAC;YACH,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,CAAC;YACnD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACnC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAClD,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,gBAAgB,MAAM,CAAC,SAAS,KAAK,MAAM,CAAC,UAAU,KAAK,CAAC,CAAC,CAAC;QACnF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IACd,MAAM,GAAG,MAAe,CAAC;IAElC,QAAQ,CAAC,MAA0B;QACjC,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;CACF;AAED,MAAM,OAAO,gBAAgB;IAClB,MAAM,GAAG,UAAmB,CAAC;IAEtC,QAAQ,CAAC,MAA0B;QACjC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACzC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;QAC3E,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,MAAM,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,CAAC;QACxE,KAAK,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QACzD,KAAK,CAAC,IAAI,CAAC,iBAAiB,MAAM,CAAC,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;QACtD,KAAK,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;QAClE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,UAAU,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClF,KAAK,CAAC,IAAI,CAAC,kFAAkF,CAAC,CAAC;YAC/F,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;YAClC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,cAAc,CAAC,OAAO,EAAE,CAAC;gBACnD,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;YAC5B,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;QAChC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;YAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,EAAE,CAAC,CAAC;QAC5B,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAC1B,KAAK,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACvE,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC3D,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;YAC9E,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;YACtE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,MAAM,CAAC,CAAC,QAAQ,MAAM,CAAC,CAAC,KAAK,MAAM,IAAI,MAAM,CAAC,CAAC,IAAI,IAAI,GAAG,MAAM,QAAQ,IAAI,CAAC,CAAC;QAC1G,CAAC;QACD,IAAI,MAAM,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;YAC7B,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;gBACnC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;CACF;AAED,MAAM,OAAO,YAAY;IACF;IAArB,YAAqB,MAAoB;QAApB,WAAM,GAAN,MAAM,CAAc;IAAG,CAAC;IAE7C,QAAQ,CAAC,OAA2B;QAClC,OAAO,IAAI,IAAI,CAAC,MAAM,4CAA4C,CAAC;IACrE,CAAC;CACF;AAED,MAAM,OAAO,eAAe;IACT,UAAU,CAAoC;IAE/D;QACE,IAAI,CAAC,UAAU,GAAG,IAAI,GAAG,CAA+B;YACtD,CAAC,UAAU,EAAE,IAAI,gBAAgB,EAAE,CAAC;YACpC,CAAC,MAAM,EAAE,IAAI,YAAY,EAAE,CAAC;YAC5B,CAAC,UAAU,EAAE,IAAI,gBAAgB,EAAE,CAAC;YACpC,CAAC,OAAO,EAAE,IAAI,YAAY,CAAC,OAAO,CAAC,CAAC;YACpC,CAAC,MAAM,EAAE,IAAI,YAAY,CAAC,MAAM,CAAC,CAAC;YAClC,CAAC,KAAK,EAAE,IAAI,YAAY,CAAC,KAAK,CAAC,CAAC;SACjC,CAAC,CAAC;IACL,CAAC;IAED,QAAQ,CAAC,MAA0B,EAAE,SAAuB,UAAU;QACpE,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,MAAM,IAAI,KAAK,CAAC,8BAA8B,MAAM,EAAE,CAAC,CAAC;QAC1D,CAAC;QACD,OAAO,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;CACF"}
|