@shirokuma-library/shirokuma-docs 0.3.0-alpha.15 → 0.3.0-alpha.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of @shirokuma-library/shirokuma-docs might be problematic. Click here for more details.
- package/dist/commands/lint/all.d.ts.map +1 -1
- package/dist/commands/lint/all.js +2 -0
- package/dist/commands/lint/all.js.map +1 -1
- package/dist/commands/lint/index.d.ts.map +1 -1
- package/dist/commands/lint/index.js +13 -1
- package/dist/commands/lint/index.js.map +1 -1
- package/dist/commands/lint/security.d.ts +55 -0
- package/dist/commands/lint/security.d.ts.map +1 -0
- package/dist/commands/lint/security.js +469 -0
- package/dist/commands/lint/security.js.map +1 -0
- package/dist/commands/projects/setup.js +6 -6
- package/dist/commands/projects/setup.js.map +1 -1
- package/dist/commands/skills.d.ts +69 -0
- package/dist/commands/skills.d.ts.map +1 -0
- package/dist/commands/skills.js +253 -0
- package/dist/commands/skills.js.map +1 -0
- package/dist/index.js +27 -3
- package/dist/index.js.map +1 -1
- package/dist/lint/security-types.d.ts +71 -0
- package/dist/lint/security-types.d.ts.map +1 -0
- package/dist/lint/security-types.js +7 -0
- package/dist/lint/security-types.js.map +1 -0
- package/dist/utils/config.d.ts +17 -0
- package/dist/utils/config.d.ts.map +1 -1
- package/dist/utils/config.js +14 -0
- package/dist/utils/config.js.map +1 -1
- package/dist/utils/describe.d.ts +74 -0
- package/dist/utils/describe.d.ts.map +1 -0
- package/dist/utils/describe.js +149 -0
- package/dist/utils/describe.js.map +1 -0
- package/dist/utils/gh-config.d.ts +2 -1
- package/dist/utils/gh-config.d.ts.map +1 -1
- package/dist/utils/gh-config.js +4 -2
- package/dist/utils/gh-config.js.map +1 -1
- package/dist/utils/logger.d.ts +8 -2
- package/dist/utils/logger.d.ts.map +1 -1
- package/dist/utils/logger.js +11 -5
- package/dist/utils/logger.js.map +1 -1
- package/dist/utils/status-workflow.d.ts +3 -2
- package/dist/utils/status-workflow.d.ts.map +1 -1
- package/dist/utils/status-workflow.js +7 -5
- package/dist/utils/status-workflow.js.map +1 -1
- package/i18n/cli/en.json +4 -0
- package/i18n/cli/ja.json +4 -0
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"all.d.ts","sourceRoot":"","sources":["../../../src/commands/lint/all.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;
|
|
1
|
+
{"version":3,"file":"all.d.ts","sourceRoot":"","sources":["../../../src/commands/lint/all.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAaH,UAAU,cAAc;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAWD;;GAEG;AACH,wBAAsB,UAAU,CAAC,OAAO,EAAE,cAAc,GAAG,OAAO,CAAC,IAAI,CAAC,CAyDvE"}
|
|
@@ -15,6 +15,7 @@ import { lintCodeCommand } from "./code.js";
|
|
|
15
15
|
import { lintAnnotationsCommand } from "./annotations.js";
|
|
16
16
|
import { lintStructureCommand } from "./structure.js";
|
|
17
17
|
import { lintWorkflowCommand } from "./workflow.js";
|
|
18
|
+
import { lintSecurityCommand } from "./security.js";
|
|
18
19
|
/**
|
|
19
20
|
* lint all コマンドハンドラ
|
|
20
21
|
*/
|
|
@@ -29,6 +30,7 @@ export async function cmdLintAll(options) {
|
|
|
29
30
|
{ name: "annotations", fn: lintAnnotationsCommand },
|
|
30
31
|
{ name: "structure", fn: lintStructureCommand, formatDefault: "yaml" },
|
|
31
32
|
{ name: "workflow", fn: lintWorkflowCommand },
|
|
33
|
+
{ name: "security", fn: lintSecurityCommand },
|
|
32
34
|
];
|
|
33
35
|
const total = steps.length;
|
|
34
36
|
let completed = 0;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"all.js","sourceRoot":"","sources":["../../../src/commands/lint/all.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAoBpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAuB;IACtD,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE7C,MAAM,KAAK,GAAe;QACxB,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,gBAAgB,EAAE;QACvC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,mBAAmB,EAAE;QAC7C,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,EAAE;QACrC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,EAAE;QACrC,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE,sBAAsB,EAAE;QACnD,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,EAAE;QACtE,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,mBAAmB,EAAE;KAC9C,CAAC;IAEF,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;IAC3B,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAE/C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,WAAW;gBACpB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,IAAI,CAAC,aAAa,IAAI,OAAO,CAAC,MAAM;gBAC5C,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC,CAAC;YACH,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;gBACnB,MAAM,EAAE,CAAC;gBACT,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACzB,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,eAAe,QAAQ,EAAE,CAAC,CAAC;YAC1D,CAAC;iBAAM,CAAC;gBACN,SAAS,EAAE,CAAC;gBACZ,MAAM,CAAC,OAAO,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,EAAE,CAAC;YACT,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,OAAO;IACP,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,MAAM,CAAC,IAAI,CAAC,YAAY,SAAS,IAAI,KAAK,KAAK,CAAC,CAAC;IACjD,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,IAAI,KAAK,QAAQ,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7D,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"all.js","sourceRoot":"","sources":["../../../src/commands/lint/all.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAC5C,OAAO,EAAE,sBAAsB,EAAE,MAAM,kBAAkB,CAAC;AAC1D,OAAO,EAAE,oBAAoB,EAAE,MAAM,gBAAgB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,mBAAmB,EAAE,MAAM,eAAe,CAAC;AAoBpD;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,OAAuB;IACtD,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE7C,MAAM,KAAK,GAAe;QACxB,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,EAAE,gBAAgB,EAAE;QACvC,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,mBAAmB,EAAE;QAC7C,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,EAAE;QACrC,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE,eAAe,EAAE;QACrC,EAAE,IAAI,EAAE,aAAa,EAAE,EAAE,EAAE,sBAAsB,EAAE;QACnD,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,EAAE,oBAAoB,EAAE,aAAa,EAAE,MAAM,EAAE;QACtE,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,mBAAmB,EAAE;QAC7C,EAAE,IAAI,EAAE,UAAU,EAAE,EAAE,EAAE,mBAAmB,EAAE;KAC9C,CAAC;IAEF,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC;IAC3B,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,IAAI,MAAM,GAAG,CAAC,CAAC;IACf,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;QAE/C,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,WAAW;gBACpB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,IAAI,CAAC,aAAa,IAAI,OAAO,CAAC,MAAM;gBAC5C,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,MAAM,EAAE,OAAO,CAAC,MAAM;gBACtB,OAAO,EAAE,OAAO,CAAC,OAAO;aACzB,CAAC,CAAC;YACH,IAAI,QAAQ,KAAK,CAAC,EAAE,CAAC;gBACnB,MAAM,EAAE,CAAC;gBACT,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBACzB,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,eAAe,QAAQ,EAAE,CAAC,CAAC;YAC1D,CAAC;iBAAM,CAAC;gBACN,SAAS,EAAE,CAAC;gBACZ,MAAM,CAAC,OAAO,CAAC,QAAQ,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,EAAE,CAAC;YACT,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzB,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,CAAC,IAAI,KAAK,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,OAAO;IACP,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,MAAM,CAAC,IAAI,CAAC,YAAY,SAAS,IAAI,KAAK,KAAK,CAAC,CAAC;IACjD,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,IAAI,KAAK,QAAQ,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC7D,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;YACnB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACvB,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/commands/lint/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAyBpC,wBAAgB,iBAAiB,IAAI,OAAO,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/commands/lint/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AAyBpC,wBAAgB,iBAAiB,IAAI,OAAO,CA4I3C"}
|
|
@@ -31,7 +31,7 @@ function mergeOpts(command, localOpts) {
|
|
|
31
31
|
// =============================================================================
|
|
32
32
|
export function createLintCommand() {
|
|
33
33
|
const lint = new Command("lint")
|
|
34
|
-
.description("検証 (all, tests, coverage, docs, code, annotations, structure, workflow)");
|
|
34
|
+
.description("検証 (all, tests, coverage, docs, code, annotations, structure, workflow, security)");
|
|
35
35
|
// Common parent options (available to all subcommands via command.parent?.opts())
|
|
36
36
|
lint
|
|
37
37
|
.option("-p, --project <path>", "プロジェクトパス", process.cwd())
|
|
@@ -142,6 +142,18 @@ export function createLintCommand() {
|
|
|
142
142
|
const { lintWorkflowCommand } = await import("./workflow.js");
|
|
143
143
|
setExitCode(await lintWorkflowCommand(options));
|
|
144
144
|
});
|
|
145
|
+
// ---------------------------------------------------------------------------
|
|
146
|
+
// security
|
|
147
|
+
// ---------------------------------------------------------------------------
|
|
148
|
+
lint
|
|
149
|
+
.command("security")
|
|
150
|
+
.description("依存パッケージの脆弱性をチェック")
|
|
151
|
+
.option("--severity <level>", "最小severity閾値 (critical, high, moderate, low)", "high")
|
|
152
|
+
.action(async (localOpts, command) => {
|
|
153
|
+
const options = mergeOpts(command, localOpts);
|
|
154
|
+
const { lintSecurityCommand } = await import("./security.js");
|
|
155
|
+
setExitCode(await lintSecurityCommand(options));
|
|
156
|
+
});
|
|
145
157
|
return lint;
|
|
146
158
|
}
|
|
147
159
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/lint/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAE9D,gFAAgF;AAChF,UAAU;AACV,gFAAgF;AAEhF;;;;;;GAMG;AACH,8DAA8D;AAC9D,SAAS,SAAS,CAAC,OAAgB,EAAE,SAAkC;IACrE,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAChD,OAAO,EAAE,GAAG,UAAU,EAAE,GAAG,SAAS,EAAE,CAAC;AACzC,CAAC;AAED,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF,MAAM,UAAU,iBAAiB;IAC/B,MAAM,IAAI,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC;SAC7B,WAAW,CACV,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/commands/lint/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,WAAW,EAAE,MAAM,4BAA4B,CAAC;AACzD,OAAO,EAAE,mBAAmB,EAAE,MAAM,yBAAyB,CAAC;AAE9D,gFAAgF;AAChF,UAAU;AACV,gFAAgF;AAEhF;;;;;;GAMG;AACH,8DAA8D;AAC9D,SAAS,SAAS,CAAC,OAAgB,EAAE,SAAkC;IACrE,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;IAChD,OAAO,EAAE,GAAG,UAAU,EAAE,GAAG,SAAS,EAAE,CAAC;AACzC,CAAC;AAED,gFAAgF;AAChF,mBAAmB;AACnB,gFAAgF;AAEhF,MAAM,UAAU,iBAAiB;IAC/B,MAAM,IAAI,GAAG,IAAI,OAAO,CAAC,MAAM,CAAC;SAC7B,WAAW,CACV,mFAAmF,CACpF,CAAC;IAEJ,kFAAkF;IAClF,IAAI;SACD,MAAM,CAAC,sBAAsB,EAAE,UAAU,EAAE,OAAO,CAAC,GAAG,EAAE,CAAC;SACzD,MAAM,CAAC,qBAAqB,EAAE,UAAU,EAAE,4BAA4B,CAAC;SACvE,MAAM,CAAC,uBAAuB,EAAE,oCAAoC,EAAE,UAAU,CAAC;SACjF,MAAM,CAAC,qBAAqB,EAAE,UAAU,CAAC;SACzC,MAAM,CAAC,cAAc,EAAE,gCAAgC,CAAC;SACxD,MAAM,CAAC,eAAe,EAAE,QAAQ,CAAC,CAAC;IAErC,sCAAsC;IACtC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,WAAW,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,WAAW,CAAC,IAAI,EAAE,CAAC;QAChC,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;YACjB,IAAI,CAAC,OAAO,GAAG,mBAAmB,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACnD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,8EAA8E;IAC9E,+DAA+D;IAC/D,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,KAAK,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC;SACnC,WAAW,CAAC,gBAAgB,CAAC;SAC7B,MAAM,CAAC,KAAK,EAAE,UAAU,EAAE,OAAO,EAAE,EAAE;QACpC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;QACvC,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,CAAC;QAChD,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,QAAQ;IACR,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,OAAO,CAAC;SAChB,WAAW,CAAC,4BAA4B,CAAC;SACzC,MAAM,CAAC,+BAA+B,EAAE,eAAe,EAAE,QAAQ,CAAC;SAClE,MAAM,CAAC,4BAA4B,EAAE,UAAU,CAAC;SAChD,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;QACxD,WAAW,CAAC,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,WAAW;IACX,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,wBAAwB,CAAC;SACrC,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;QAC9D,WAAW,CAAC,MAAM,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,OAAO;IACP,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,gCAAgC,CAAC;SAC7C,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;QACtD,WAAW,CAAC,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,OAAO;IACP,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,sCAAsC,CAAC;SACnD,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC,CAAC;QACtD,WAAW,CAAC,MAAM,eAAe,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,cAAc;IACd,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,aAAa,CAAC;SACtB,WAAW,CAAC,qDAAqD,CAAC;SAClE,MAAM,CAAC,OAAO,EAAE,iBAAiB,CAAC;SAClC,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,sBAAsB,EAAE,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAAC,CAAC;QACpE,WAAW,CAAC,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,YAAY;IACZ,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,WAAW,CAAC;SACpB,WAAW,CAAC,6BAA6B,CAAC;SAC1C,MAAM,CAAC,uBAAuB,EAAE,iCAAiC,EAAE,MAAM,CAAC;SAC1E,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,oBAAoB,EAAE,GAAG,MAAM,MAAM,CAAC,gBAAgB,CAAC,CAAC;QAChE,WAAW,CAAC,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,WAAW;IACX,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,2CAA2C,CAAC;SACxD,MAAM,CAAC,UAAU,EAAE,mBAAmB,CAAC;SACvC,MAAM,CAAC,YAAY,EAAE,cAAc,CAAC;SACpC,MAAM,CAAC,WAAW,EAAE,cAAc,CAAC;SACnC,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;QAC9D,WAAW,CAAC,MAAM,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEL,8EAA8E;IAC9E,WAAW;IACX,8EAA8E;IAC9E,IAAI;SACD,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,kBAAkB,CAAC;SAC/B,MAAM,CAAC,oBAAoB,EAAE,8CAA8C,EAAE,MAAM,CAAC;SACpF,MAAM,CAAC,KAAK,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE;QACnC,MAAM,OAAO,GAAG,SAAS,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC9C,MAAM,EAAE,mBAAmB,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;QAC9D,WAAW,CAAC,MAAM,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEL,OAAO,IAAI,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* lint-security コマンド - 依存パッケージ脆弱性チェック
|
|
3
|
+
*
|
|
4
|
+
* パッケージマネージャー(npm / pnpm / yarn)を自動検出し、
|
|
5
|
+
* audit コマンドを実行して脆弱性を検出・報告する。
|
|
6
|
+
*
|
|
7
|
+
* 方針:
|
|
8
|
+
* - lockfile の存在でパッケージマネージャーを自動判定
|
|
9
|
+
* - audit JSON 出力をパース、共通型 VulnerabilityItem に正規化
|
|
10
|
+
* - critical / high はエラー、moderate / low は警告
|
|
11
|
+
* - dev dependency の脆弱性は warning 扱い(production より低重要度)
|
|
12
|
+
* - ネットワークエラー時は warning + skip(lint 全体をブロックしない)
|
|
13
|
+
*/
|
|
14
|
+
import type { VulnerabilityItem, PackageManager } from "../../lint/security-types.js";
|
|
15
|
+
/**
|
|
16
|
+
* コマンドオプション
|
|
17
|
+
*/
|
|
18
|
+
interface LintSecurityOptions {
|
|
19
|
+
project: string;
|
|
20
|
+
config?: string;
|
|
21
|
+
format?: "terminal" | "json" | "summary";
|
|
22
|
+
output?: string;
|
|
23
|
+
strict?: boolean;
|
|
24
|
+
verbose?: boolean;
|
|
25
|
+
/** 最小 severity 閾値 (critical, high, moderate, low) */
|
|
26
|
+
severity?: string;
|
|
27
|
+
}
|
|
28
|
+
/**
|
|
29
|
+
* lockfile の存在からパッケージマネージャーを検出する
|
|
30
|
+
*/
|
|
31
|
+
export declare function detectPackageManager(projectPath: string): PackageManager;
|
|
32
|
+
/**
|
|
33
|
+
* audit コマンドを実行し JSON 文字列を返す
|
|
34
|
+
*
|
|
35
|
+
* audit コマンドは脆弱性検出時に exit code 非ゼロを返すため、
|
|
36
|
+
* execSync のエラーから stdout を取り出す。
|
|
37
|
+
* ネットワーク未接続等の真のエラーは ENETUNREACH / ENOTFOUND 等で判断。
|
|
38
|
+
*/
|
|
39
|
+
export declare function runAudit(pm: PackageManager, projectPath: string): {
|
|
40
|
+
output: string;
|
|
41
|
+
error: null;
|
|
42
|
+
} | {
|
|
43
|
+
output: null;
|
|
44
|
+
error: string;
|
|
45
|
+
};
|
|
46
|
+
/**
|
|
47
|
+
* パッケージマネージャーに応じて audit 結果をパース
|
|
48
|
+
*/
|
|
49
|
+
export declare function parseAuditResult(pm: PackageManager, jsonOutput: string): VulnerabilityItem[];
|
|
50
|
+
/**
|
|
51
|
+
* lint-security コマンドハンドラ
|
|
52
|
+
*/
|
|
53
|
+
export declare function lintSecurityCommand(options: LintSecurityOptions): Promise<number>;
|
|
54
|
+
export {};
|
|
55
|
+
//# sourceMappingURL=security.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../../src/commands/lint/security.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAQH,OAAO,KAAK,EAEV,iBAAiB,EAEjB,cAAc,EACf,MAAM,8BAA8B,CAAC;AAEtC;;GAEG;AACH,UAAU,mBAAmB;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,SAAS,CAAC;IACzC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,qDAAqD;IACrD,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAyGD;;GAEG;AACH,wBAAgB,oBAAoB,CAAC,WAAW,EAAE,MAAM,GAAG,cAAc,CAQxE;AAMD;;;;;;GAMG;AACH,wBAAgB,QAAQ,CACtB,EAAE,EAAE,cAAc,EAClB,WAAW,EAAE,MAAM,GAClB;IAAE,MAAM,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,IAAI,CAAA;CAAE,GAAG;IAAE,MAAM,EAAE,IAAI,CAAC;IAAC,KAAK,EAAE,MAAM,CAAA;CAAE,CAoCnE;AAuKD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,EAAE,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,GAAG,iBAAiB,EAAE,CAS5F;AA8KD;;GAEG;AACH,wBAAsB,mBAAmB,CAAC,OAAO,EAAE,mBAAmB,GAAG,OAAO,CAAC,MAAM,CAAC,CAiFvF"}
|
|
@@ -0,0 +1,469 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* lint-security コマンド - 依存パッケージ脆弱性チェック
|
|
3
|
+
*
|
|
4
|
+
* パッケージマネージャー(npm / pnpm / yarn)を自動検出し、
|
|
5
|
+
* audit コマンドを実行して脆弱性を検出・報告する。
|
|
6
|
+
*
|
|
7
|
+
* 方針:
|
|
8
|
+
* - lockfile の存在でパッケージマネージャーを自動判定
|
|
9
|
+
* - audit JSON 出力をパース、共通型 VulnerabilityItem に正規化
|
|
10
|
+
* - critical / high はエラー、moderate / low は警告
|
|
11
|
+
* - dev dependency の脆弱性は warning 扱い(production より低重要度)
|
|
12
|
+
* - ネットワークエラー時は warning + skip(lint 全体をブロックしない)
|
|
13
|
+
*/
|
|
14
|
+
import { execSync } from "node:child_process";
|
|
15
|
+
import { existsSync } from "node:fs";
|
|
16
|
+
import { resolve, join } from "node:path";
|
|
17
|
+
import { createLogger } from "../../utils/logger.js";
|
|
18
|
+
import { t } from "../../utils/i18n.js";
|
|
19
|
+
import { determineLintExitCode } from "../../lint/exit-code.js";
|
|
20
|
+
// =============================================================================
|
|
21
|
+
// Package Manager Detection
|
|
22
|
+
// =============================================================================
|
|
23
|
+
/**
|
|
24
|
+
* lockfile の存在からパッケージマネージャーを検出する
|
|
25
|
+
*/
|
|
26
|
+
export function detectPackageManager(projectPath) {
|
|
27
|
+
if (existsSync(join(projectPath, "pnpm-lock.yaml"))) {
|
|
28
|
+
return "pnpm";
|
|
29
|
+
}
|
|
30
|
+
if (existsSync(join(projectPath, "yarn.lock"))) {
|
|
31
|
+
return "yarn";
|
|
32
|
+
}
|
|
33
|
+
return "npm";
|
|
34
|
+
}
|
|
35
|
+
// =============================================================================
|
|
36
|
+
// Audit Execution
|
|
37
|
+
// =============================================================================
|
|
38
|
+
/**
|
|
39
|
+
* audit コマンドを実行し JSON 文字列を返す
|
|
40
|
+
*
|
|
41
|
+
* audit コマンドは脆弱性検出時に exit code 非ゼロを返すため、
|
|
42
|
+
* execSync のエラーから stdout を取り出す。
|
|
43
|
+
* ネットワーク未接続等の真のエラーは ENETUNREACH / ENOTFOUND 等で判断。
|
|
44
|
+
*/
|
|
45
|
+
export function runAudit(pm, projectPath) {
|
|
46
|
+
const cmd = pm === "yarn" ? `yarn audit --json` : `${pm} audit --json`;
|
|
47
|
+
try {
|
|
48
|
+
const output = execSync(cmd, {
|
|
49
|
+
cwd: projectPath,
|
|
50
|
+
encoding: "utf8",
|
|
51
|
+
// 脆弱性ありでも stdout を取得するため stdio: pipe
|
|
52
|
+
stdio: ["pipe", "pipe", "pipe"],
|
|
53
|
+
});
|
|
54
|
+
return { output, error: null };
|
|
55
|
+
}
|
|
56
|
+
catch (err) {
|
|
57
|
+
// execSync は exit code 非ゼロで例外を throw する
|
|
58
|
+
// stdout が含まれていれば脆弱性検出の正常ケース
|
|
59
|
+
if (err && typeof err === "object" && "stdout" in err) {
|
|
60
|
+
const stdout = err.stdout;
|
|
61
|
+
if (stdout && stdout.trim().length > 0) {
|
|
62
|
+
return { output: stdout, error: null };
|
|
63
|
+
}
|
|
64
|
+
}
|
|
65
|
+
// stdout がない = ネットワークエラー等
|
|
66
|
+
const message = err instanceof Error ? err.message : String(err);
|
|
67
|
+
const isNetworkError = message.includes("ENETUNREACH") ||
|
|
68
|
+
message.includes("ENOTFOUND") ||
|
|
69
|
+
message.includes("ETIMEDOUT") ||
|
|
70
|
+
message.includes("network") ||
|
|
71
|
+
message.includes("ECONNREFUSED");
|
|
72
|
+
if (isNetworkError) {
|
|
73
|
+
return { output: null, error: "NETWORK_ERROR" };
|
|
74
|
+
}
|
|
75
|
+
return { output: null, error: message };
|
|
76
|
+
}
|
|
77
|
+
}
|
|
78
|
+
// =============================================================================
|
|
79
|
+
// Parsers
|
|
80
|
+
// =============================================================================
|
|
81
|
+
/**
|
|
82
|
+
* npm audit JSON をパースして VulnerabilityItem[] に正規化
|
|
83
|
+
*/
|
|
84
|
+
function parseNpmAudit(jsonOutput) {
|
|
85
|
+
let parsed;
|
|
86
|
+
try {
|
|
87
|
+
parsed = JSON.parse(jsonOutput);
|
|
88
|
+
}
|
|
89
|
+
catch {
|
|
90
|
+
return [];
|
|
91
|
+
}
|
|
92
|
+
const items = [];
|
|
93
|
+
// npm v7+ 形式: vulnerabilities
|
|
94
|
+
if (parsed.vulnerabilities) {
|
|
95
|
+
for (const [, entry] of Object.entries(parsed.vulnerabilities)) {
|
|
96
|
+
const severity = normalizeSeverity(entry.severity);
|
|
97
|
+
const fixAvailable = entry.fixAvailable === true ||
|
|
98
|
+
(typeof entry.fixAvailable === "object" && entry.fixAvailable !== null);
|
|
99
|
+
// via から CVE IDs と説明を収集
|
|
100
|
+
const cveIds = [];
|
|
101
|
+
let description = "";
|
|
102
|
+
const viaNames = [];
|
|
103
|
+
for (const via of entry.via ?? []) {
|
|
104
|
+
if (typeof via === "string") {
|
|
105
|
+
viaNames.push(via);
|
|
106
|
+
}
|
|
107
|
+
else {
|
|
108
|
+
if (via.title)
|
|
109
|
+
description = via.title;
|
|
110
|
+
if (via.cwe)
|
|
111
|
+
cveIds.push(...via.cwe);
|
|
112
|
+
if (via.name)
|
|
113
|
+
viaNames.push(via.name);
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
// dev 判定: npm v7+ の isDirect フラグを利用。
|
|
117
|
+
// isDirect が false かつ via が他パッケージ経由のみの場合、
|
|
118
|
+
// 保守的に prod 扱い(isDev=false)とする。
|
|
119
|
+
// 明示的な dev 判定は pnpm/yarn の方が正確。
|
|
120
|
+
const isDev = false;
|
|
121
|
+
items.push({
|
|
122
|
+
name: entry.name,
|
|
123
|
+
severity,
|
|
124
|
+
description: description || `Vulnerability in ${entry.name}`,
|
|
125
|
+
range: entry.range,
|
|
126
|
+
fixAvailable,
|
|
127
|
+
cveIds: cveIds.length > 0 ? cveIds : undefined,
|
|
128
|
+
isDev,
|
|
129
|
+
via: viaNames,
|
|
130
|
+
});
|
|
131
|
+
}
|
|
132
|
+
return items;
|
|
133
|
+
}
|
|
134
|
+
// npm v6 形式: advisories
|
|
135
|
+
if (parsed.advisories) {
|
|
136
|
+
for (const [, advisory] of Object.entries(parsed.advisories)) {
|
|
137
|
+
const severity = normalizeSeverity(advisory.severity);
|
|
138
|
+
const isDev = advisory.findings.some((f) => f.paths.some((p) => p.includes(">") || p.includes("dev")));
|
|
139
|
+
items.push({
|
|
140
|
+
name: advisory.module_name,
|
|
141
|
+
severity,
|
|
142
|
+
description: advisory.title,
|
|
143
|
+
fixAvailable: !!advisory.patched_versions && advisory.patched_versions !== "<0.0.0",
|
|
144
|
+
fixedIn: advisory.patched_versions,
|
|
145
|
+
cveIds: advisory.cves,
|
|
146
|
+
isDev,
|
|
147
|
+
via: [],
|
|
148
|
+
});
|
|
149
|
+
}
|
|
150
|
+
}
|
|
151
|
+
return items;
|
|
152
|
+
}
|
|
153
|
+
/**
|
|
154
|
+
* pnpm audit JSON をパースして VulnerabilityItem[] に正規化
|
|
155
|
+
*/
|
|
156
|
+
function parsePnpmAudit(jsonOutput) {
|
|
157
|
+
let parsed;
|
|
158
|
+
try {
|
|
159
|
+
parsed = JSON.parse(jsonOutput);
|
|
160
|
+
}
|
|
161
|
+
catch {
|
|
162
|
+
return [];
|
|
163
|
+
}
|
|
164
|
+
const items = [];
|
|
165
|
+
if (!parsed.advisories)
|
|
166
|
+
return items;
|
|
167
|
+
for (const [, advisory] of Object.entries(parsed.advisories)) {
|
|
168
|
+
const severity = normalizeSeverity(advisory.severity);
|
|
169
|
+
const isDev = advisory.findings.some((f) => f.dev);
|
|
170
|
+
items.push({
|
|
171
|
+
name: advisory.module_name,
|
|
172
|
+
severity,
|
|
173
|
+
description: advisory.title,
|
|
174
|
+
fixAvailable: !!advisory.patched_versions && advisory.patched_versions !== "<0.0.0",
|
|
175
|
+
fixedIn: advisory.patched_versions,
|
|
176
|
+
cveIds: advisory.cves,
|
|
177
|
+
isDev,
|
|
178
|
+
via: [],
|
|
179
|
+
});
|
|
180
|
+
}
|
|
181
|
+
return items;
|
|
182
|
+
}
|
|
183
|
+
/**
|
|
184
|
+
* yarn audit NDJSON をパースして VulnerabilityItem[] に正規化
|
|
185
|
+
*
|
|
186
|
+
* yarn audit は各行が独立した JSON オブジェクトの NDJSON 形式
|
|
187
|
+
*/
|
|
188
|
+
function parseYarnAudit(jsonOutput) {
|
|
189
|
+
const items = [];
|
|
190
|
+
const seen = new Set();
|
|
191
|
+
for (const line of jsonOutput.split("\n")) {
|
|
192
|
+
const trimmed = line.trim();
|
|
193
|
+
if (!trimmed)
|
|
194
|
+
continue;
|
|
195
|
+
let obj;
|
|
196
|
+
try {
|
|
197
|
+
obj = JSON.parse(trimmed);
|
|
198
|
+
}
|
|
199
|
+
catch {
|
|
200
|
+
continue;
|
|
201
|
+
}
|
|
202
|
+
const entry = obj;
|
|
203
|
+
if (entry.type !== "auditAdvisory")
|
|
204
|
+
continue;
|
|
205
|
+
const { advisory, resolution } = entry.data;
|
|
206
|
+
const key = `${advisory.module_name}:${advisory.severity}`;
|
|
207
|
+
// 同一パッケージ・severity の重複を除去
|
|
208
|
+
if (seen.has(key))
|
|
209
|
+
continue;
|
|
210
|
+
seen.add(key);
|
|
211
|
+
const severity = normalizeSeverity(advisory.severity);
|
|
212
|
+
items.push({
|
|
213
|
+
name: advisory.module_name,
|
|
214
|
+
severity,
|
|
215
|
+
description: advisory.title,
|
|
216
|
+
fixAvailable: !!advisory.patched_versions && advisory.patched_versions !== "<0.0.0",
|
|
217
|
+
fixedIn: advisory.patched_versions,
|
|
218
|
+
cveIds: advisory.cves,
|
|
219
|
+
isDev: resolution.dev,
|
|
220
|
+
via: [],
|
|
221
|
+
});
|
|
222
|
+
}
|
|
223
|
+
return items;
|
|
224
|
+
}
|
|
225
|
+
/**
|
|
226
|
+
* パッケージマネージャーに応じて audit 結果をパース
|
|
227
|
+
*/
|
|
228
|
+
export function parseAuditResult(pm, jsonOutput) {
|
|
229
|
+
switch (pm) {
|
|
230
|
+
case "npm":
|
|
231
|
+
return parseNpmAudit(jsonOutput);
|
|
232
|
+
case "pnpm":
|
|
233
|
+
return parsePnpmAudit(jsonOutput);
|
|
234
|
+
case "yarn":
|
|
235
|
+
return parseYarnAudit(jsonOutput);
|
|
236
|
+
}
|
|
237
|
+
}
|
|
238
|
+
// =============================================================================
|
|
239
|
+
// Helpers
|
|
240
|
+
// =============================================================================
|
|
241
|
+
/**
|
|
242
|
+
* severity 文字列を正規化
|
|
243
|
+
*/
|
|
244
|
+
function normalizeSeverity(raw) {
|
|
245
|
+
const lower = raw.toLowerCase();
|
|
246
|
+
if (lower === "critical")
|
|
247
|
+
return "critical";
|
|
248
|
+
if (lower === "high")
|
|
249
|
+
return "high";
|
|
250
|
+
if (lower === "moderate" || lower === "medium")
|
|
251
|
+
return "moderate";
|
|
252
|
+
if (lower === "low")
|
|
253
|
+
return "low";
|
|
254
|
+
return "info";
|
|
255
|
+
}
|
|
256
|
+
/**
|
|
257
|
+
* severity の重み(フィルタリング用)
|
|
258
|
+
*/
|
|
259
|
+
const SEVERITY_WEIGHT = {
|
|
260
|
+
critical: 4,
|
|
261
|
+
high: 3,
|
|
262
|
+
moderate: 2,
|
|
263
|
+
low: 1,
|
|
264
|
+
info: 0,
|
|
265
|
+
};
|
|
266
|
+
/**
|
|
267
|
+
* severity 文字列からフィルタ閾値を取得
|
|
268
|
+
*/
|
|
269
|
+
function parseSeverityThreshold(level) {
|
|
270
|
+
const lower = (level ?? "high").toLowerCase();
|
|
271
|
+
if (lower === "critical")
|
|
272
|
+
return SEVERITY_WEIGHT.critical;
|
|
273
|
+
if (lower === "high")
|
|
274
|
+
return SEVERITY_WEIGHT.high;
|
|
275
|
+
if (lower === "moderate" || lower === "medium")
|
|
276
|
+
return SEVERITY_WEIGHT.moderate;
|
|
277
|
+
if (lower === "low")
|
|
278
|
+
return SEVERITY_WEIGHT.low;
|
|
279
|
+
return SEVERITY_WEIGHT.high;
|
|
280
|
+
}
|
|
281
|
+
/**
|
|
282
|
+
* サマリーを計算
|
|
283
|
+
*/
|
|
284
|
+
function calcSummary(vulnerabilities) {
|
|
285
|
+
let critical = 0, high = 0, moderate = 0, low = 0, info = 0;
|
|
286
|
+
let prodErrorCount = 0;
|
|
287
|
+
for (const v of vulnerabilities) {
|
|
288
|
+
if (v.severity === "critical")
|
|
289
|
+
critical++;
|
|
290
|
+
else if (v.severity === "high")
|
|
291
|
+
high++;
|
|
292
|
+
else if (v.severity === "moderate")
|
|
293
|
+
moderate++;
|
|
294
|
+
else if (v.severity === "low")
|
|
295
|
+
low++;
|
|
296
|
+
else
|
|
297
|
+
info++;
|
|
298
|
+
// errorCount は prod の critical/high のみ(dev は除外)
|
|
299
|
+
if (!v.isDev && (v.severity === "critical" || v.severity === "high")) {
|
|
300
|
+
prodErrorCount++;
|
|
301
|
+
}
|
|
302
|
+
}
|
|
303
|
+
return {
|
|
304
|
+
critical,
|
|
305
|
+
high,
|
|
306
|
+
moderate,
|
|
307
|
+
low,
|
|
308
|
+
info,
|
|
309
|
+
errorCount: prodErrorCount,
|
|
310
|
+
warningCount: moderate + low,
|
|
311
|
+
total: critical + high + moderate + low + info,
|
|
312
|
+
};
|
|
313
|
+
}
|
|
314
|
+
// =============================================================================
|
|
315
|
+
// Formatter
|
|
316
|
+
// =============================================================================
|
|
317
|
+
/**
|
|
318
|
+
* レポートをフォーマット
|
|
319
|
+
*/
|
|
320
|
+
function formatReport(report, format) {
|
|
321
|
+
if (format === "json") {
|
|
322
|
+
return JSON.stringify(report, null, 2);
|
|
323
|
+
}
|
|
324
|
+
if (format === "summary") {
|
|
325
|
+
return formatSummary(report);
|
|
326
|
+
}
|
|
327
|
+
return formatTerminal(report);
|
|
328
|
+
}
|
|
329
|
+
function formatSummary(report) {
|
|
330
|
+
if (report.skipped) {
|
|
331
|
+
return `\nSecurity Audit: SKIPPED\nReason: ${report.skipReason ?? "unknown"}\n`;
|
|
332
|
+
}
|
|
333
|
+
const { summary } = report;
|
|
334
|
+
const lines = [
|
|
335
|
+
"",
|
|
336
|
+
"Security Audit Summary",
|
|
337
|
+
"======================",
|
|
338
|
+
"",
|
|
339
|
+
`Package Manager: ${report.packageManager}`,
|
|
340
|
+
`Critical: ${summary.critical}`,
|
|
341
|
+
`High: ${summary.high}`,
|
|
342
|
+
`Moderate: ${summary.moderate}`,
|
|
343
|
+
`Low: ${summary.low}`,
|
|
344
|
+
`Total: ${summary.total}`,
|
|
345
|
+
"",
|
|
346
|
+
report.passed ? "PASSED" : "FAILED",
|
|
347
|
+
"",
|
|
348
|
+
];
|
|
349
|
+
return lines.join("\n");
|
|
350
|
+
}
|
|
351
|
+
function formatTerminal(report) {
|
|
352
|
+
const lines = [];
|
|
353
|
+
lines.push("");
|
|
354
|
+
lines.push("Security Vulnerability Audit");
|
|
355
|
+
lines.push("=".repeat(60));
|
|
356
|
+
lines.push("");
|
|
357
|
+
if (report.skipped) {
|
|
358
|
+
lines.push(`\u26A0\uFE0F Skipped: ${report.skipReason ?? "unknown"}`);
|
|
359
|
+
lines.push("");
|
|
360
|
+
return lines.join("\n");
|
|
361
|
+
}
|
|
362
|
+
lines.push(`Package Manager: ${report.packageManager}`);
|
|
363
|
+
lines.push("");
|
|
364
|
+
if (report.vulnerabilities.length === 0) {
|
|
365
|
+
lines.push("\u2705 No vulnerabilities found");
|
|
366
|
+
}
|
|
367
|
+
else {
|
|
368
|
+
for (const v of report.vulnerabilities) {
|
|
369
|
+
const icon = v.severity === "critical" || v.severity === "high" ? "\u274C" : "\u26A0\uFE0F";
|
|
370
|
+
const devLabel = v.isDev ? " [dev]" : "";
|
|
371
|
+
lines.push(`${icon} ${v.name}${devLabel} (${v.severity})`);
|
|
372
|
+
lines.push(` ${v.description}`);
|
|
373
|
+
if (v.fixAvailable) {
|
|
374
|
+
lines.push(` \u2192 Fix available${v.fixedIn ? `: ${v.fixedIn}` : ""}`);
|
|
375
|
+
}
|
|
376
|
+
else {
|
|
377
|
+
lines.push(` \u2192 No fix available`);
|
|
378
|
+
}
|
|
379
|
+
if (v.cveIds && v.cveIds.length > 0) {
|
|
380
|
+
lines.push(` CVE: ${v.cveIds.join(", ")}`);
|
|
381
|
+
}
|
|
382
|
+
lines.push("");
|
|
383
|
+
}
|
|
384
|
+
}
|
|
385
|
+
const { summary } = report;
|
|
386
|
+
lines.push("=".repeat(60));
|
|
387
|
+
lines.push("");
|
|
388
|
+
lines.push("Summary:");
|
|
389
|
+
lines.push(` \u274C Critical: ${summary.critical}`);
|
|
390
|
+
lines.push(` \u274C High: ${summary.high}`);
|
|
391
|
+
lines.push(` \u26A0\uFE0F Moderate: ${summary.moderate}`);
|
|
392
|
+
lines.push(` \u26A0\uFE0F Low: ${summary.low}`);
|
|
393
|
+
lines.push(` \u2139\uFE0F Info: ${summary.info}`);
|
|
394
|
+
lines.push("");
|
|
395
|
+
lines.push(report.passed ? "\u2705 PASSED" : "\u274C FAILED");
|
|
396
|
+
lines.push("");
|
|
397
|
+
return lines.join("\n");
|
|
398
|
+
}
|
|
399
|
+
// =============================================================================
|
|
400
|
+
// Main Handler
|
|
401
|
+
// =============================================================================
|
|
402
|
+
/**
|
|
403
|
+
* lint-security コマンドハンドラ
|
|
404
|
+
*/
|
|
405
|
+
export async function lintSecurityCommand(options) {
|
|
406
|
+
const logger = createLogger(options.verbose);
|
|
407
|
+
const projectPath = resolve(options.project);
|
|
408
|
+
logger.info(t("commands.lintSecurity.validating"));
|
|
409
|
+
const pm = detectPackageManager(projectPath);
|
|
410
|
+
logger.info(`パッケージマネージャー: ${pm}`);
|
|
411
|
+
// audit 実行
|
|
412
|
+
const auditResult = runAudit(pm, projectPath);
|
|
413
|
+
if (auditResult.error !== null) {
|
|
414
|
+
const isNetwork = auditResult.error === "NETWORK_ERROR";
|
|
415
|
+
const report = {
|
|
416
|
+
packageManager: pm,
|
|
417
|
+
vulnerabilities: [],
|
|
418
|
+
summary: { critical: 0, high: 0, moderate: 0, low: 0, info: 0, errorCount: 0, warningCount: 0, total: 0 },
|
|
419
|
+
skipped: true,
|
|
420
|
+
skipReason: isNetwork
|
|
421
|
+
? "ネットワーク未接続のためスキップ"
|
|
422
|
+
: `audit コマンドエラー: ${auditResult.error}`,
|
|
423
|
+
passed: true,
|
|
424
|
+
};
|
|
425
|
+
const outputFormat = options.format ?? "terminal";
|
|
426
|
+
console.log(formatReport(report, outputFormat));
|
|
427
|
+
logger.warn(`セキュリティ監査をスキップ: ${report.skipReason}`);
|
|
428
|
+
return 0;
|
|
429
|
+
}
|
|
430
|
+
// パース
|
|
431
|
+
const allVulnerabilities = parseAuditResult(pm, auditResult.output);
|
|
432
|
+
// severity フィルタ適用
|
|
433
|
+
const threshold = parseSeverityThreshold(options.severity);
|
|
434
|
+
const filtered = allVulnerabilities.filter((v) => SEVERITY_WEIGHT[v.severity] >= threshold);
|
|
435
|
+
const summary = calcSummary(filtered);
|
|
436
|
+
// errorCount は calcSummary 内で prod の critical/high のみカウント
|
|
437
|
+
const passed = summary.errorCount === 0;
|
|
438
|
+
const report = {
|
|
439
|
+
packageManager: pm,
|
|
440
|
+
vulnerabilities: filtered,
|
|
441
|
+
summary,
|
|
442
|
+
skipped: false,
|
|
443
|
+
passed,
|
|
444
|
+
};
|
|
445
|
+
// 出力
|
|
446
|
+
const outputFormat = options.format ?? "terminal";
|
|
447
|
+
const output = formatReport(report, outputFormat);
|
|
448
|
+
if (options.output) {
|
|
449
|
+
const { writeFile } = await import("../../utils/file.js");
|
|
450
|
+
writeFile(options.output, output);
|
|
451
|
+
logger.success(`レポートを出力: ${options.output}`);
|
|
452
|
+
}
|
|
453
|
+
else {
|
|
454
|
+
console.log(output);
|
|
455
|
+
}
|
|
456
|
+
// 結果メッセージ
|
|
457
|
+
const strict = options.strict ?? false;
|
|
458
|
+
if (report.passed) {
|
|
459
|
+
logger.success(t("commands.lintSecurity.allPassed"));
|
|
460
|
+
}
|
|
461
|
+
else if (strict) {
|
|
462
|
+
logger.error(`セキュリティ監査失敗 - critical/high ${summary.errorCount}件の脆弱性が検出されました`);
|
|
463
|
+
}
|
|
464
|
+
else {
|
|
465
|
+
logger.warn(`セキュリティ監査完了 - ${summary.errorCount}件のエラー(non-strictモード)`);
|
|
466
|
+
}
|
|
467
|
+
return determineLintExitCode(report.passed, strict);
|
|
468
|
+
}
|
|
469
|
+
//# sourceMappingURL=security.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"security.js","sourceRoot":"","sources":["../../../src/commands/lint/security.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,UAAU,EAAE,MAAM,SAAS,CAAC;AACrC,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAC1C,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,CAAC,EAAE,MAAM,qBAAqB,CAAC;AACxC,OAAO,EAAE,qBAAqB,EAAE,MAAM,yBAAyB,CAAC;AAyHhE,gFAAgF;AAChF,4BAA4B;AAC5B,gFAAgF;AAEhF;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,WAAmB;IACtD,IAAI,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,gBAAgB,CAAC,CAAC,EAAE,CAAC;QACpD,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,IAAI,UAAU,CAAC,IAAI,CAAC,WAAW,EAAE,WAAW,CAAC,CAAC,EAAE,CAAC;QAC/C,OAAO,MAAM,CAAC;IAChB,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,gFAAgF;AAChF,kBAAkB;AAClB,gFAAgF;AAEhF;;;;;;GAMG;AACH,MAAM,UAAU,QAAQ,CACtB,EAAkB,EAClB,WAAmB;IAEnB,MAAM,GAAG,GAAG,EAAE,KAAK,MAAM,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,GAAG,EAAE,eAAe,CAAC;IAEvE,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,QAAQ,CAAC,GAAG,EAAE;YAC3B,GAAG,EAAE,WAAW;YAChB,QAAQ,EAAE,MAAM;YAChB,qCAAqC;YACrC,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QACH,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IACjC,CAAC;IAAC,OAAO,GAAY,EAAE,CAAC;QACtB,wCAAwC;QACxC,6BAA6B;QAC7B,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,QAAQ,IAAI,GAAG,EAAE,CAAC;YACtD,MAAM,MAAM,GAAI,GAAiC,CAAC,MAAM,CAAC;YACzD,IAAI,MAAM,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;YACzC,CAAC;QACH,CAAC;QAED,0BAA0B;QAC1B,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,MAAM,cAAc,GAClB,OAAO,CAAC,QAAQ,CAAC,aAAa,CAAC;YAC/B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC7B,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC7B,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC;YAC3B,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAEnC,IAAI,cAAc,EAAE,CAAC;YACnB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,eAAe,EAAE,CAAC;QAClD,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,CAAC;IAC1C,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,UAAU;AACV,gFAAgF;AAEhF;;GAEG;AACH,SAAS,aAAa,CAAC,UAAkB;IACvC,IAAI,MAAoB,CAAC;IACzB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAiB,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,KAAK,GAAwB,EAAE,CAAC;IAEtC,8BAA8B;IAC9B,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,KAAK,MAAM,CAAC,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE,CAAC;YAC/D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YACnD,MAAM,YAAY,GAChB,KAAK,CAAC,YAAY,KAAK,IAAI;gBAC3B,CAAC,OAAO,KAAK,CAAC,YAAY,KAAK,QAAQ,IAAI,KAAK,CAAC,YAAY,KAAK,IAAI,CAAC,CAAC;YAE1E,wBAAwB;YACxB,MAAM,MAAM,GAAa,EAAE,CAAC;YAC5B,IAAI,WAAW,GAAG,EAAE,CAAC;YACrB,MAAM,QAAQ,GAAa,EAAE,CAAC;YAE9B,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,GAAG,IAAI,EAAE,EAAE,CAAC;gBAClC,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC5B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;gBACrB,CAAC;qBAAM,CAAC;oBACN,IAAI,GAAG,CAAC,KAAK;wBAAE,WAAW,GAAG,GAAG,CAAC,KAAK,CAAC;oBACvC,IAAI,GAAG,CAAC,GAAG;wBAAE,MAAM,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;oBACrC,IAAI,GAAG,CAAC,IAAI;wBAAE,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;gBACxC,CAAC;YACH,CAAC;YAED,qCAAqC;YACrC,0CAA0C;YAC1C,gCAAgC;YAChC,gCAAgC;YAChC,MAAM,KAAK,GAAG,KAAK,CAAC;YAEpB,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,KAAK,CAAC,IAAI;gBAChB,QAAQ;gBACR,WAAW,EAAE,WAAW,IAAI,oBAAoB,KAAK,CAAC,IAAI,EAAE;gBAC5D,KAAK,EAAE,KAAK,CAAC,KAAK;gBAClB,YAAY;gBACZ,MAAM,EAAE,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS;gBAC9C,KAAK;gBACL,GAAG,EAAE,QAAQ;aACd,CAAC,CAAC;QACL,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED,wBAAwB;IACxB,IAAI,MAAM,CAAC,UAAU,EAAE,CAAC;QACtB,KAAK,MAAM,CAAC,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACtD,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CACzC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAC1D,CAAC;YAEF,KAAK,CAAC,IAAI,CAAC;gBACT,IAAI,EAAE,QAAQ,CAAC,WAAW;gBAC1B,QAAQ;gBACR,WAAW,EAAE,QAAQ,CAAC,KAAK;gBAC3B,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,gBAAgB,IAAI,QAAQ,CAAC,gBAAgB,KAAK,QAAQ;gBACnF,OAAO,EAAE,QAAQ,CAAC,gBAAgB;gBAClC,MAAM,EAAE,QAAQ,CAAC,IAAI;gBACrB,KAAK;gBACL,GAAG,EAAE,EAAE;aACR,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,UAAkB;IACxC,IAAI,MAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAkB,CAAC;IACnD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,KAAK,GAAwB,EAAE,CAAC;IAEtC,IAAI,CAAC,MAAM,CAAC,UAAU;QAAE,OAAO,KAAK,CAAC;IAErC,KAAK,MAAM,CAAC,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;QAC7D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QACtD,MAAM,KAAK,GAAG,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QAEnD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,QAAQ,CAAC,WAAW;YAC1B,QAAQ;YACR,WAAW,EAAE,QAAQ,CAAC,KAAK;YAC3B,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,gBAAgB,IAAI,QAAQ,CAAC,gBAAgB,KAAK,QAAQ;YACnF,OAAO,EAAE,QAAQ,CAAC,gBAAgB;YAClC,MAAM,EAAE,QAAQ,CAAC,IAAI;YACrB,KAAK;YACL,GAAG,EAAE,EAAE;SACR,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,UAAkB;IACxC,MAAM,KAAK,GAAwB,EAAE,CAAC;IACtC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAE/B,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QAC1C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC5B,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,MAAM,KAAK,GAAG,GAAwB,CAAC;QACvC,IAAI,KAAK,CAAC,IAAI,KAAK,eAAe;YAAE,SAAS;QAE7C,MAAM,EAAE,QAAQ,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC,IAAI,CAAC;QAC5C,MAAM,GAAG,GAAG,GAAG,QAAQ,CAAC,WAAW,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;QAE3D,0BAA0B;QAC1B,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEd,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;QAEtD,KAAK,CAAC,IAAI,CAAC;YACT,IAAI,EAAE,QAAQ,CAAC,WAAW;YAC1B,QAAQ;YACR,WAAW,EAAE,QAAQ,CAAC,KAAK;YAC3B,YAAY,EAAE,CAAC,CAAC,QAAQ,CAAC,gBAAgB,IAAI,QAAQ,CAAC,gBAAgB,KAAK,QAAQ;YACnF,OAAO,EAAE,QAAQ,CAAC,gBAAgB;YAClC,MAAM,EAAE,QAAQ,CAAC,IAAI;YACrB,KAAK,EAAE,UAAU,CAAC,GAAG;YACrB,GAAG,EAAE,EAAE;SACR,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,EAAkB,EAAE,UAAkB;IACrE,QAAQ,EAAE,EAAE,CAAC;QACX,KAAK,KAAK;YACR,OAAO,aAAa,CAAC,UAAU,CAAC,CAAC;QACnC,KAAK,MAAM;YACT,OAAO,cAAc,CAAC,UAAU,CAAC,CAAC;QACpC,KAAK,MAAM;YACT,OAAO,cAAc,CAAC,UAAU,CAAC,CAAC;IACtC,CAAC;AACH,CAAC;AAED,gFAAgF;AAChF,UAAU;AACV,gFAAgF;AAEhF;;GAEG;AACH,SAAS,iBAAiB,CAAC,GAAW;IACpC,MAAM,KAAK,GAAG,GAAG,CAAC,WAAW,EAAE,CAAC;IAChC,IAAI,KAAK,KAAK,UAAU;QAAE,OAAO,UAAU,CAAC;IAC5C,IAAI,KAAK,KAAK,MAAM;QAAE,OAAO,MAAM,CAAC;IACpC,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,QAAQ;QAAE,OAAO,UAAU,CAAC;IAClE,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,KAAK,CAAC;IAClC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,eAAe,GAA0C;IAC7D,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,QAAQ,EAAE,CAAC;IACX,GAAG,EAAE,CAAC;IACN,IAAI,EAAE,CAAC;CACR,CAAC;AAEF;;GAEG;AACH,SAAS,sBAAsB,CAAC,KAAyB;IACvD,MAAM,KAAK,GAAG,CAAC,KAAK,IAAI,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC;IAC9C,IAAI,KAAK,KAAK,UAAU;QAAE,OAAO,eAAe,CAAC,QAAQ,CAAC;IAC1D,IAAI,KAAK,KAAK,MAAM;QAAE,OAAO,eAAe,CAAC,IAAI,CAAC;IAClD,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,QAAQ;QAAE,OAAO,eAAe,CAAC,QAAQ,CAAC;IAChF,IAAI,KAAK,KAAK,KAAK;QAAE,OAAO,eAAe,CAAC,GAAG,CAAC;IAChD,OAAO,eAAe,CAAC,IAAI,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,eAAoC;IACvD,IAAI,QAAQ,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,EAAE,QAAQ,GAAG,CAAC,EAAE,GAAG,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC;IAC5D,IAAI,cAAc,GAAG,CAAC,CAAC;IAEvB,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU;YAAE,QAAQ,EAAE,CAAC;aACrC,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM;YAAE,IAAI,EAAE,CAAC;aAClC,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU;YAAE,QAAQ,EAAE,CAAC;aAC1C,IAAI,CAAC,CAAC,QAAQ,KAAK,KAAK;YAAE,GAAG,EAAE,CAAC;;YAChC,IAAI,EAAE,CAAC;QAEZ,gDAAgD;QAChD,IAAI,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,EAAE,CAAC;YACrE,cAAc,EAAE,CAAC;QACnB,CAAC;IACH,CAAC;IAED,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,QAAQ;QACR,GAAG;QACH,IAAI;QACJ,UAAU,EAAE,cAAc;QAC1B,YAAY,EAAE,QAAQ,GAAG,GAAG;QAC5B,KAAK,EAAE,QAAQ,GAAG,IAAI,GAAG,QAAQ,GAAG,GAAG,GAAG,IAAI;KAC/C,CAAC;AACJ,CAAC;AAED,gFAAgF;AAChF,YAAY;AACZ,gFAAgF;AAEhF;;GAEG;AACH,SAAS,YAAY,CACnB,MAA2B,EAC3B,MAAuC;IAEvC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACzC,CAAC;IACD,IAAI,MAAM,KAAK,SAAS,EAAE,CAAC;QACzB,OAAO,aAAa,CAAC,MAAM,CAAC,CAAC;IAC/B,CAAC;IACD,OAAO,cAAc,CAAC,MAAM,CAAC,CAAC;AAChC,CAAC;AAED,SAAS,aAAa,CAAC,MAA2B;IAChD,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,sCAAsC,MAAM,CAAC,UAAU,IAAI,SAAS,IAAI,CAAC;IAClF,CAAC;IAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAC3B,MAAM,KAAK,GAAG;QACZ,EAAE;QACF,wBAAwB;QACxB,wBAAwB;QACxB,EAAE;QACF,oBAAoB,MAAM,CAAC,cAAc,EAAE;QAC3C,oBAAoB,OAAO,CAAC,QAAQ,EAAE;QACtC,oBAAoB,OAAO,CAAC,IAAI,EAAE;QAClC,oBAAoB,OAAO,CAAC,QAAQ,EAAE;QACtC,oBAAoB,OAAO,CAAC,GAAG,EAAE;QACjC,oBAAoB,OAAO,CAAC,KAAK,EAAE;QACnC,EAAE;QACF,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ;QACnC,EAAE;KACH,CAAC;IACF,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,SAAS,cAAc,CAAC,MAA2B;IACjD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC3C,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,0BAA0B,MAAM,CAAC,UAAU,IAAI,SAAS,EAAE,CAAC,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;IAChD,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YACvC,MAAM,IAAI,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,cAAc,CAAC;YAC5F,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;YACzC,KAAK,CAAC,IAAI,CAAC,GAAG,IAAI,IAAI,CAAC,CAAC,IAAI,GAAG,QAAQ,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;YAClC,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC;gBACnB,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC5E,CAAC;iBAAM,CAAC;gBACN,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;YAC3C,CAAC;YACD,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpC,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YAC/C,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACvB,KAAK,CAAC,IAAI,CAAC,uBAAuB,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IACtD,KAAK,CAAC,IAAI,CAAC,uBAAuB,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IAClD,KAAK,CAAC,IAAI,CAAC,8BAA8B,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC7D,KAAK,CAAC,IAAI,CAAC,8BAA8B,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,8BAA8B,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACzD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;IAC9D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,gFAAgF;AAChF,eAAe;AACf,gFAAgF;AAEhF;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB,CAAC,OAA4B;IACpE,MAAM,MAAM,GAAG,YAAY,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;IAE7C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,kCAAkC,CAAC,CAAC,CAAC;IAEnD,MAAM,EAAE,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IAC7C,MAAM,CAAC,IAAI,CAAC,gBAAgB,EAAE,EAAE,CAAC,CAAC;IAElC,WAAW;IACX,MAAM,WAAW,GAAG,QAAQ,CAAC,EAAE,EAAE,WAAW,CAAC,CAAC;IAE9C,IAAI,WAAW,CAAC,KAAK,KAAK,IAAI,EAAE,CAAC;QAC/B,MAAM,SAAS,GAAG,WAAW,CAAC,KAAK,KAAK,eAAe,CAAC;QAExD,MAAM,MAAM,GAAwB;YAClC,cAAc,EAAE,EAAE;YAClB,eAAe,EAAE,EAAE;YACnB,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,QAAQ,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,YAAY,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE;YACzG,OAAO,EAAE,IAAI;YACb,UAAU,EAAE,SAAS;gBACnB,CAAC,CAAC,kBAAkB;gBACpB,CAAC,CAAC,kBAAkB,WAAW,CAAC,KAAK,EAAE;YACzC,MAAM,EAAE,IAAI;SACb,CAAC;QAEF,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,IAAI,UAAU,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC;QAEhD,MAAM,CAAC,IAAI,CAAC,kBAAkB,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACnD,OAAO,CAAC,CAAC;IACX,CAAC;IAED,MAAM;IACN,MAAM,kBAAkB,GAAG,gBAAgB,CAAC,EAAE,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC;IAEpE,kBAAkB;IAClB,MAAM,SAAS,GAAG,sBAAsB,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAG,kBAAkB,CAAC,MAAM,CACxC,CAAC,CAAC,EAAE,EAAE,CAAC,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,SAAS,CAChD,CAAC;IAEF,MAAM,OAAO,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;IACtC,0DAA0D;IAC1D,MAAM,MAAM,GAAG,OAAO,CAAC,UAAU,KAAK,CAAC,CAAC;IAExC,MAAM,MAAM,GAAwB;QAClC,cAAc,EAAE,EAAE;QAClB,eAAe,EAAE,QAAQ;QACzB,OAAO;QACP,OAAO,EAAE,KAAK;QACd,MAAM;KACP,CAAC;IAEF,KAAK;IACL,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,IAAI,UAAU,CAAC;IAClD,MAAM,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IAElD,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACnB,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,qBAAqB,CAAC,CAAC;QAC1D,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,OAAO,CAAC,YAAY,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC/C,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;IAED,UAAU;IACV,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,KAAK,CAAC;IACvC,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;QAClB,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,iCAAiC,CAAC,CAAC,CAAC;IACvD,CAAC;SAAM,IAAI,MAAM,EAAE,CAAC;QAClB,MAAM,CAAC,KAAK,CACV,8BAA8B,OAAO,CAAC,UAAU,eAAe,CAChE,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CACT,gBAAgB,OAAO,CAAC,UAAU,sBAAsB,CACzD,CAAC;IACJ,CAAC;IAED,OAAO,qBAAqB,CAAC,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;AACtD,CAAC"}
|