@shriyanss/js-recon 1.3.1-alpha.2 → 1.3.1-alpha.4

package/.github/workflows/build-and-prettify.yaml

@@ -38,9 +38,23 @@ jobs:
             fi
           fi
 
-  prettier:
+  audit:
     runs-on: ubuntu-latest
     needs: version_check
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: "22"
+          cache: "npm"
+      - name: Install dependencies
+        run: npm ci
+      - name: Run npm audit
+        run: npm audit
+
+  prettier:
+    runs-on: ubuntu-latest
+    needs: audit
     steps:
       - name: Checkout
         uses: actions/checkout@v4

package/.github/workflows/pr_checker.yml

@@ -8,16 +8,17 @@ on:
 jobs:
   check-branch:
     runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
     steps:
-      - uses: actions/checkout@v4
-      - name: Check source branch
-        if: github.head_ref != 'dev'
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+      - name: Redirect PR to dev
+        if: github.head_ref != 'dev' || github.event.pull_request.head.repo.full_name != 'shriyanss/js-recon'
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          PR_URL: ${{ github.event.pull_request.html_url }}
+          PR_NUMBER: ${{ github.event.pull_request.number }}
           BRANCH_NAME: ${{ github.head_ref }}
+          SOURCE_REPO: ${{ github.event.pull_request.head.repo.full_name }}
         run: |
-          git config user.name "github-actions[bot]"
-          git config user.email "github-actions[bot]@users.noreply.github.com"
-          gh pr comment $PR_URL --body "This merge is not possible. Create a PR for $BRANCH_NAME -> dev"
-          gh pr close $PR_URL
+          gh pr edit $PR_NUMBER --base dev
+          gh pr comment $PR_NUMBER --body "This PR was targeting \`main\`, but only the \`dev\` branch of \`shriyanss/js-recon\` can merge directly into \`main\`. The target branch has been changed to \`dev\` (source: \`$SOURCE_REPO:$BRANCH_NAME\`)."

package/.github/workflows/publish-js-recon.yml

@@ -35,9 +35,21 @@ jobs:
           GITHUB_RELEASE_VERSION_RAW: ${{ github.event.release.tag_name }}
 
 
-  build:
+  audit:
     needs: version_check
     runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-node@v4
+        with:
+          node-version: 22
+      - run: npm ci
+      - name: Run npm audit
+        run: npm audit
+
+  build:
+    needs: audit
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-node@v4

package/CHANGELOG.md

@@ -1,5 +1,101 @@
 # Change Log
 
+## 1.3.1-alpha.4 - 2026-06-08
+
+### Fixed
+
+- `extractSourceMaps` no longer crashes with `EISDIR` when a source map entry has a degenerate path (e.g. a bare `webpack://` prefix with no trailing path) that `normalizePath` reduces to `"."` — such entries are now silently skipped (`lazyload`, `run`)
+- Source map files extracted during `run` are now written to `output/<domain>/extracted/` (or the equivalent per-target subdirectory) instead of a bare `extracted/` directory in the current working directory (`lazyload`, `run`)
+
+### Performance
+
+- `makeGetCallers` now caches per-file content + Babel AST tuples for the lifetime of the resolver instance, so repeated caller searches at high recursion depth no longer re-read and re-parse every JS file on each call — depth-8 runs that previously took 200+ minutes on a large real-world target now complete in under a minute (`map`)
+- `map -t svelte/vue/react`: `getViteConnections` now parses each JS file exactly once instead of twice (single-pass replaces the two-pass approach), cutting parse-time memory in half for large applications (`map`)
+- `map -t svelte/vue/react`: replaced `JSON.stringify(chunks)` (which allocated a string equal in size to the entire output file) with a streaming `createWriteStream` write that serialises one chunk at a time, eliminating the peak in-memory JSON string (`map`)
+- `map -t svelte/vue/react`: `vue_resolveFetch` no longer caches all parsed ASTs and file contents for "fetch"-containing files simultaneously; ASTs are now parsed on-demand and discarded after each file, with a bounded LRU cache of at most 20 ASTs kept alive for cross-file caller lookup (`map`)
+- `map -t svelte/vue/react`: `FetchEntry.enclosingFn.node` (an AST node reference that pinned each file's full Babel AST through the entries array until the end of the second pass) is now nulled out — the field is not read in the second pass; `FetchEntry.fileContent` is similarly cleared to avoid retaining all processed file contents in memory (`map`)
+
+### Added
+
+- GraphQL operation extraction during `--openapi` generation — `map` now scans every downloaded JS file's string and template literals, feeds candidates through the official `graphql` library's `parse()`, and emits each parsed query/mutation/subscription as a POST request. Output is placed under a flat top-level `GraphQL` folder in the Postman collection and tagged `GraphQL` in the OpenAPI spec, with method `POST`, path `/{{graphqlEndpoint}}`, and a JSON body of shape `{"operationName": "...", "query": "...", "variables": {...}}`. The printed query inlines transitively-referenced fragment definitions so each emitted request is self-contained. Disabled with `--no-graphql` (alias `--ngql`) on both `map` and `run` (`map`, `run`)
+- `collectionFolder` optional field on `OpenapiOutputItem` — when set, the OpenAPI generator uses it as the operation's `tags` value and the Postman generator places the item under a flat top-level folder with that name, bypassing the path-segment-derived hierarchy. Used by the new GraphQL resolver to group all operations under a single `GraphQL` folder regardless of transport URL (`map`)
+- `--lazyload-timeout <minutes>` flag on both `lazyload` and `run` commands (default 30, 0 = disabled) — sets a hard ceiling on how long each lazyLoad step runs. When the timer fires the module logs a warning and the pipeline continues to the next step; in-flight Puppeteer pages and downloads may still complete in the background but their results are discarded (`lazyload`, `run`)
+- Next.js lazyload now scans ALL downloaded JS files for webpack chunk URL builder functions (`__webpack_require__.u` pattern), not just `webpack-*.js` files — covers module federation entry points and other non-standard filenames. Scanning runs iteratively after the initial crawl until no new chunk URLs are discovered, with a CLI progress bar (`lazyload`)
+- `--max-recursion-depth <n>` flag on `map` (default 3) — controls how far the HTTP-client URL fan-out and cross-file resolver recurse through caller chains. Higher values resolve more `[param:X]` markers at the cost of runtime; the per-entry deadline scales with depth so deeper recursion still terminates (`map`)
+- `deepSubstituteBodyValue` body resolver — when a request body contains a `[param:X]` leaf whose call-site value is a structured object (e.g. a credentials/config object passed by an outer caller), the leaf is now replaced with the full nested object rather than left as a placeholder string. Used by both the HTTP-client and fetch resolvers (`map`)
+- `makeGetCallersSameFile` fallback for body-param resolution — when the param-owning function has a short minifier-local binding name (≤ 2 chars), `resolveParamToAnyValue` now does a targeted same-file AST search to catch direct in-file callers that `makeGetCallers` skips to avoid cross-file false positives. Same-file short-name calls are unambiguous because the binding is in scope (`map`)
+- Object-preference in `resolveParamToAnyValue` — prefers a caller whose argument resolves to a structured object/array over one that resolves to a bare string, since body params are typically objects and string-arg overloads are usually unrelated dispatch calls. Also skips resolved values where every leaf is still an unresolved placeholder marker (`map`)
+- `OptionalMemberExpression` AST node handling in `deepResolveValue`, `resolveReturnInline`, and `resolveNodeValue` — optional chaining (`a?.b`) in URL/body expressions is now resolved the same way as regular member expressions instead of returning the opaque "unsupported node type" marker (`map`)
+- HTTP-client method-call resolver for Vue/React/Svelte bundles — captures `<obj>.<verb>(<url>, [body], [config])` callsites (where `<verb>` ∈ {get,post,put,delete,patch,head,options}), runs same-function assignment recovery for late-bound locals, fans the URL out across every caller chain, and emits one OpenAPI entry per resolved caller. Designed for bundles whose transport layer overrides `XMLHttpRequest.prototype.{open,send,setRequestHeader}` (axios xhrAdapter and similar wrappers), where the literal URL is composed at the client-instance method call site rather than inside the adapter (`map`)
+- `EnclosingFn.paramNames` + `parent` chain in the shared taint primitives — taint substitution can now resolve `[param:X]` for any parameter at any index in any enclosing function, including across anonymous Promise-chain callbacks where the immediate enclosing function doesn't declare X (`map`)
+- Per-file alias map in `makeGetCallers` — recognizes `{ name: Binding }` re-exports and `{ name: () => Binding }` webpack getter exports so callsites that hit the binding through its public name (e.g. `ae.request(...)`, `r.default.postUnchecked(...)`) are correctly matched as callers of the local minified symbol. Aliases are scoped per file because minifier locals collide across modules (`map`)
+- Member-expression callsite matching in `makeGetCallers` — `<anything>.<exportedName>(...)` is now recognised as a caller of the bound function, in addition to bare-identifier calls (`map`)
+- XMLHttpRequest detection and resolution for Vue.JS, React, and Svelte/Astro bundles — resolves `.open()` method/URL, `.setRequestHeader()` header pairs, and `.send()` body from each XHR binding's call chain; results are registered in the OpenAPI output (`map`)
+- Detect Next.js Server Actions registered via `createServerReference` and emit them as POST endpoints in the OpenAPI spec and Postman collection — includes `next-action` / `Accept` / `Content-Type` headers, route derived from App Router file path, and argument hints traced from the first call site (`map`)
+- Argument hints in Server Action request bodies carry the inferred type alongside the variable name (e.g. `<string:userId>`) instead of an opaque placeholder (`map`)
+- Location metadata for Server Actions: definition chunk + absolute file path + line and call-site chunk + absolute file path + line, surfaced as the `description` field in both the OpenAPI spec and Postman collection (`map`)
+- `list server_actions` interactive command — prints all discovered Server Actions with route, body args, and source locations (`map -i`)
+- Svelte/Astro framework support — `lazyload` now discovers island JS files via recursive HTML page crawl and ESM import following; `map` decodes Vite production chunks using the same logic as Vue; `analyze` and `run` pipeline added for Svelte/Astro apps (`lazyload`, `map`, `analyze`, `run`)
+- `fingerprint` subcommand — batch framework detection against one or more target URLs; outputs detected framework and version to stdout in `text` (default), `json`, `jsonl`, or `csv` format; useful for triaging large target lists before running the full pipeline (`fingerprint`)
+- React (Vite/Rolldown) framework detection via `<link rel="modulepreload">` elements and fast-path filename matching, in addition to inline `<script>` tags (`lazyload`)
+- Recursive ESM import following for React bundles — static imports, dynamic `import()`, and Vite `__vite_mapDeps` arrays are parsed from each downloaded file so all referenced chunks are fetched transitively (`lazyload`)
+- `map` and `analyze` pipeline support for React (Vite/Rolldown) applications, using the same fetch-resolver and analyze engine as Vue with vendor-chunk filtering (`map`, `analyze`, `run`)
+- Content-entropy deduplication in `lazyload` — query-param variants of the same path are probed and only skipped when their extracted script sets are identical, so genuinely distinct parameterised routes are still crawled (`lazyload`)
+- Ctrl-C interrupt menu in `run` — pressing Ctrl-C during a pipeline step shows an interactive prompt (skip current step / skip current target / exit) instead of immediately killing the process; in batch mode an extra "skip target" option is offered (`run`)
+- `regexMatch` step type in the AST rule engine — matches string and template literals against a regex pattern, enabling rules that detect hardcoded credentials and other value-pattern findings (`analyze`)
+- React tech added to all tech-gated type definitions and rule schemas (`analyze`)
+- Model Context Protocol stdio server (`mcp --server`) — speaks the MCP protocol so js-recon can be wired into Claude Code, Cursor, and other MCP-aware hosts as a tool provider. Registers `lazyload`, `strings`, `map`, `endpoints`, `analyze`, `report`, `run`, `list_skills`, and `run_skill` as MCP tools. Subcommand stdout is captured and redirected to stderr so the chatty `console.log` output never corrupts the JSON-RPC frame; captured text is returned as the tool result (`mcp`)
+- One-shot chat flag `-c/--chat <prompt>` on `mcp` (repeatable) — sends a single prompt to the AI agent non-interactively, prints the reply, and exits. Intent-detected `lazyload`/`run` jobs are awaited before the reply so the LLM sees the captured output (`mcp`)
+- Claude Code OAuth credential reuse — when no API key is configured, `mcp --cli` and `mcp -c` fall back to the OAuth bearer token stored by the official Claude Code CLI (macOS keychain service `Claude Code-credentials`, or `~/.claude/.credentials.json` on Linux). The Anthropic SDK is constructed with `authToken` + `anthropic-beta: oauth-2025-04-20`. Tokens are auto-refreshed when expired (with a warning); refresh tokens are written back to the source credential store. OAuth tokens are never persisted to `~/.js-recon/mcp.yaml`. Disable refresh with `--no-refresh-claude-creds` (`mcp`)
+- Background-job runner for `mcp --cli` — `lazyload` and `run` actions now spawn child processes (`node build/index.js <subcmd> ...`) and return immediately so the REPL stays responsive. The user can chat with the LLM while a job runs; tails of running jobs are auto-injected into the LLM context on every turn so the model can answer "how's it going?" naturally. New slash commands: `/jobs`, `/log <id>`, `/tail <id> [n]`, `/cancel <id>`. Ctrl-C cancels the most recent running job (SIGTERM → SIGKILL after 3s) before falling through to the exit warning (`mcp --cli`)
+- Skills system — workflow prompts shipped under `~/.js-recon/skills/*.md` (delivered via a new `skills/` directory in the `js-recon-rules` release zipball, staged by `initRules`). Each skill carries YAML frontmatter (`name`, `description`, `params`, optional `pre_actions`). Invoke from the REPL with `/skill <name> [--param value …]`, via natural-language intent (e.g. `pentest <url>` routes to `web_app_pentest`), or from external MCP hosts via the `run_skill` MCP tool. `pre_actions` declare tool jobs (e.g. `run`) that are spawned before the rendered skill prompt is handed to the LLM. Ships with `graphql_pentest` and `web_app_pentest` (`mcp`, `analyze`)
+- `--claude-client-id <id>` flag on `mcp` — OAuth client ID used when auto-refreshing Claude Code credentials; required in environments where the default Anthropic client ID is not registered (`mcp --cli`, `mcp -c`)
+
+### Changed
+
+- Fetch resolution log lines now include the resolved URL, method, headers, and body immediately after the `[+] Found fetch call in "file":line` line instead of being grouped at the end (`map`)
+- Fetch resolution logs correctly label the framework ("React" or "Vue.JS") in the start and summary messages (`map`)
+- `mcp --cli` launches in the user's current working directory and prints a `Working directory: <abs>` + `Artifacts are preserved across runs.` banner. Spawned job child processes inherit that cwd explicitly so artifacts always land next to the user's other working files (`mcp --cli`)
+- Intent detector now requires word-boundary matches on `scan|run|check|test` so the substring `pentest` no longer accidentally routes to `run`; "pentest" + URL now routes to the `web_app_pentest` skill (or any `*_pentest` skill) when one is loaded (`mcp --cli`)
+- Updated `@anthropic-ai/sdk` dependency to **0.102.0**
+
+### Fixed
+
+- `refactor -t react`: chunks whose AST already contains `export { X as default }` or `export default X` no longer receive a second trailing `export default` statement — the refactor pass now checks for an existing default export in the generated code before appending one (`refactor`)
+- Fetch resolver second pass now handles `[param:X]` markers in request bodies — previously `MARKER_RE` matched only `[member:]` / `[urlsearchparams:]` and the resolver explicitly excluded `[param:]` markers, so a fetch wrapper whose body was an outer function parameter (`fetch(url, { body: JSON.stringify({ ..., body: E }) })`) was emitted with the literal placeholder string instead of the structured object the caller actually passed. The body JSON is now parsed and walked with `deepSubstituteBodyValue` so nested object/array call-site values replace the marker leaves (`map`)
+- `[MemberExpression -> X]`, `[var X]`, and other unresolved placeholders in URLs are now substituted with their OpenAPI equivalents (`{X}`) before URL parsing in the OpenAPI spec generator, preventing spurious `Invalid URL` errors for placeholder-containing paths (`map`)
+- Silenced the `Invalid URL` catch in the OpenAPI query-parameter extractor — URLs that remain unparseable after placeholder substitution (e.g. absolute URLs with placeholder hostnames) are skipped silently, since this is expected behaviour (`map`)
+- Add error handling if webpack JS file is not valid
+- `getRuleFilesRecursive` now skips hidden directories (e.g. `.github`) so GitHub Actions workflow YAML files are not loaded as rules (`analyze`)
+- `run` now deletes stale map artifacts (`mapped.json`, `mapped-openapi.json`, `mapped-openapi.postman_collection.json`) before invoking `map`, preventing a leftover file from a previous run being reused when the output directory has been cleared without a full `cleanup` — which caused `resolveFetch` to look up file paths from the wrong target (`run`)
+- `regexMatch` engine step now collects all matching string/template-literal nodes instead of stopping at the first hit; each matched node emits its own finding, so all hardcoded secrets in a single chunk are reported individually rather than only the first one (`analyze`)
+- Taint propagation now follows callback parameters: when a tainted value is passed alongside an inline function argument in a call (e.g. Vue `watch(source, cb)`), the parameters of the inline function are marked tainted, fixing false-negatives where the callback param received a tainted value at runtime but was not tracked (`analyze`)
+- CSPT rule no longer treats `route.params.*` and `useParams()` as taint sources — route segment params are validated against the router's path pattern and cannot carry arbitrary `../` traversal strings; only query params (`route.query`, `URLSearchParams`, `location.search/hash`) are high-confidence CSPT sources (`analyze`)
+- Vue and React pipelines now also delete stale map artifacts before invoking `map`, applying the same fix as the Next.js pipeline; previously a stale `mapped.json` from a prior run would cause the analyze step to report findings against the wrong target's chunk IDs (`run`)
+- `mcp --cli` "Thinking..." spinner no longer ticks forever after a provider error — the `setInterval` is now declared outside the `try` and cleared in `finally`, so 4xx/network failures render cleanly and the next prompt is not mangled (`mcp --cli`)
+- Job/skill announcements (e.g. `[Job 1] run started ...`, `[Invoking skill: web_app_pentest]`) are now echoed to the REPL the moment `handleToolExecution` returns, in addition to being baked into the LLM context. Previously, if the subsequent LLM call failed (quota / auth), the user had no visible signal that a background scan had actually been spawned (`mcp --cli`)
+- Ctrl-C in `mcp --cli` no longer crashes the readline with `SES_UNCAUGHT_EXCEPTION: readline was closed`. The SIGINT handler is wrapped in a try/catch and `prompt()` is guarded by a `promptingActive` flag so a re-entrant call against an already-pending `rl.question` is dropped instead of tearing the interface down (`mcp --cli`)
+
+## 1.3.1-alpha.3 - 2026-05-20
+
+### Added
+
+- Add version for rule templates
+- Add Vue js support for analyze module
+- `esquery` interactive command + headless `-c/--command` runner for `map` and `run`, with `&&` chaining (`map`)
+- Line-editor behavior in interactive mode: cursor movement (left/right/home/end/ctrl-a/ctrl-e), word-wise motion/delete (ctrl-w, ctrl-left/right), kill-to-start/end (ctrl-u/ctrl-k), delete-at-cursor, mid-string insertion so paste lands at the cursor, and horizontal scroll for long inputs (`map -i`)
+
+### Changed
+
+- Removed `mouse: true` from the interactive output pane so terminal-native text selection/copy works in the output area (`map -i`)
+- Vue.js fetch resolver now walks back to the enclosing wrapper function's caller(s) so `URLSearchParams(param.subprop)` expands to real `?k1={k1}&k2={k2}` query strings and spread-header / member-value placeholders get substituted from the caller's object literal — including transitive resolution when the caller passes its own param through (`map`)
+- Vue.js fetch resolver recognises destructured fetch wrappers (e.g. `const { wrapperKey: x } = factory({ ... })`) and resolves their callsites as fetch calls, with positional-first-arg filtering to avoid mis-identifying object-shaped wrappers that construct the URL from a property of their input (`map`)
+- Distinct callsites for the same `(path, method)` are preserved in both the OpenAPI spec (path key gets a `#N` suffix) and the Postman collection (request name gets a `#N` suffix) instead of being collapsed to a single entry (`map`)
+
+### Fixed
+
+- Spread elements in request bodies and option objects are no longer silently dropped when the spread argument is unresolvable — the output surfaces a sentinel key (e.g. `"...arg": "<spread>"`, `"...call()": "<spread>"`) so downstream readers know more fields exist at runtime (`map`)
+
 ## 1.3.1-alpha.2 - 2026-05-18
 
 ### Added

package/CLAUDE.md

@@ -0,0 +1,225 @@
+# js-recon
+
+Static analysis tool that maps API endpoints and detects client-side security issues by analyzing Next.js (webpack/turbopack) and Vue.js bundles. Written in TypeScript, compiled to `build/` before running.
+
+## Build & run
+
+```bash
+npm run cleanup   # rm -rf build/ + tsc (full rebuild)
+npm run start -- <subcommand> [options]
+```
+
+`cleanup` must be run before testing any TypeScript change when using the `run` command.
+
+## Subcommands
+
+| Command       | Purpose                                                                            |
+| ------------- | ---------------------------------------------------------------------------------- |
+| `lazyload`    | Download JS chunks from a target URL                                               |
+| `strings`     | Extract strings/paths/secrets from JS files                                        |
+| `map`         | Parse webpack/turbopack bundles into a structured `mapped.json`                    |
+| `endpoints`   | Extract client-side routes                                                         |
+| `analyze`     | Run YAML rules against `mapped.json` / OpenAPI spec                                |
+| `report`      | Generate HTML/SQLite report                                                        |
+| `run`         | Run all of the above in sequence (primary interface)                               |
+| `api-gateway` | Manage AWS API Gateway for IP rotation                                             |
+| `mcp`         | AI-powered CLI / one-shot chat (`-c`) / Model Context Protocol server (`--server`) |
+
+## Key source files
+
+- `src/index.ts` — CLI entry point; all subcommand definitions and option declarations live here
+- `src/run/index.ts` — orchestrates the full pipeline (`run` subcommand); two tech-specific flows (Next.js 8-step, Vue 4-step)
+- `src/analyze/index.ts` — loads/validates rules, runs AST and request engines
+- `src/analyze/helpers/initRules.ts` — downloads/caches rules from GitHub to `~/.js-recon/rules`
+- `src/analyze/helpers/validate.ts` — validates rules and checks `js_recon_version` compatibility
+- `src/analyze/helpers/schemas.ts` — Zod schema for rule YAML files
+- `src/map/graphql/resolveGraphql.ts` — framework-agnostic GraphQL operation scanner. Visits every `StringLiteral` and `TemplateLiteral` in every JS file, validates with the `graphql` library's `parse()`, and emits each operation as a POST request under a flat `GraphQL` collection folder. Inlines transitively-referenced fragment definitions into each printed query so emitted requests are self-contained. Runs in every framework branch of `map/index.ts` when `--openapi` is on and `--no-graphql`/`--ngql` is not set.
+- `src/map/next_js/resolveFetch.ts` — resolves `fetch()` calls, detects Next.js framework chunks
+- `src/map/next_js/resolveServerActions.ts` — detects `createServerReference(actionId, ...)` calls, derives App Router routes from chunk file paths, traces argument call sites (same-chunk and cross-chunk), and emits POST endpoints with `next-action` headers and typed arg hints (e.g. `<string:userId>`) into the global OpenAPI output
+- `src/map/next_js/utils.ts` — `resolveNodeValue`, `resolveVariableInChunk`, `substituteVariablesInString`
+- `src/map/vue_js/vue_resolveXhr.ts` — directory-scan resolver for `new XMLHttpRequest()` + `.open()/.setRequestHeader()/.send()` patterns. Shared by Vue/React/Svelte pipelines; the `frameworkName` arg only changes log labels. Reaches ground-truth XHR sites but in axios/Got/Ky-style bundles the URL/method come from a dispatcher config (`re.url`, `re.method`) and resolve only to opaque `[member:re.url]` placeholders that taint analysis cannot unwind across the library's internal dispatch chain — those entries fail the `looksLikeUrl` check at emit time. Catch the wrapper-level call instead via `vue_resolveHttpClient`.
+- `src/map/vue_js/vue_resolveHttpClient.ts` — directory-scan resolver for `<obj>.<verb>(<url>, [body], [config])` calls where `<verb>` ∈ {get,post,put,delete,patch,head,options}. Designed for bundles whose transport layer overrides `XMLHttpRequest.prototype.{open,send,setRequestHeader}` (axios xhrAdapter and similar wrappers): the override layer is irrelevant to URL extraction because the literal URL is composed at the client-instance method call site, not inside the adapter. The `looksLikeUrl` heuristic (post-placeholder-strip, must contain `/` or scheme) filters out `Map.get` / `Headers.delete` / `EventBus.post` false positives while keeping partially-resolved URLs like `[call:base()]<literal>/[var X]`. Three resolution stages run on every captured callsite — each addresses a separate gap exposed when an RPC wrapper is hidden behind multiple layers of webpack-exported helpers:
+    1. `resolveFromAssignments` — walks `binding.constantViolations` for `[unresolved: NAME]` markers, so identifiers declared as `let X;` and assigned later in the function body (e.g. `(X = a + "/" + b)` inside a sequence expression) resolve to their RHS. `resolveNodeValue`'s Identifier handler only looks at `binding.init`, which is empty for late-assigned locals.
+    2. `expandParamPlaceholders` — fans out one captured callsite into one URL per caller chain. Walks the `enclosingFn.parent` chain to find which named function declares each `[param:X]`, then substitutes **every** placeholder owned by that same function from a single caller's args (keeps `[param:e]`/`[param:t]` consistent across one caller — never mixing args from different callsites). Recurses on the caller's `enclosingFn` so a forwarding wrapper (`Se(e,t,n) → ae.request(e,t,n,...)`) walks up to the wrapper's own callers.
+    3. Taint substitution falls back to `substituteCallerPlaceholders` / `substituteCallerHeaders` for body/header placeholders that don't have multi-caller fan-out semantics.
+
+    Wired into Vue / React / Svelte pipelines in `map/index.ts`.
+
+- `src/map/vue_js/taint_utils.ts` — shared taint analysis primitives. Several pieces are non-obvious and exist to make `vue_resolveHttpClient` (and `vue_resolveXhr`) work on webpack output:
+    - `EnclosingFn.paramNames` + `parent` chain: `resolveNodeValue` emits `[param:X]` for any param at any index in any enclosing function. The chain lets the helpers resolve such a marker against whichever enclosing scope actually declared X — bundled code routinely nests the resolution callsite inside an anonymous `.then(function ($) {…})` whose own params don't include X, while X is a param of an outer named function.
+    - `buildAliasMap`: collects `{ exportedName: localBinding }` and `{ exportedName: () => localBinding }` patterns from object literals on a **per-file** basis. Webpack's `a.d(b, { name: () => Binding })` getter exports and re-export registries (`const ae = { request: Me }`) hide the local minifier name behind a meaningful key; without this map, `getCallers("Me")` would miss every `ae.request(...)` / `r.default.request(...)` callsite. **The map must be file-scoped** — minifier locals (`Se`, `Me`) collide across modules, and a global alias map blends unrelated functions into the same name set.
+    - `makeGetCallers` accepts an optional `sourceFile` argument so callers can scope alias lookup to the file where the binding was declared. Direct minifier-local matches (`bindingName.length ≤ 2`) are dropped from the candidate list because they generate too many false positives across files; meaningful aliases (length > 2) are kept and used for both bare-identifier (`X(...)`) and member-expression (`<anything>.X(...)`) callsite matching. Overflow returns the partial caller list rather than nothing — the file-scoped alias map already suppresses noise, so partial coverage beats none.
+- `src/map/next_js/getWebpackConnections.ts` — extracts chunk code from webpack bundles
+- `src/map/next_js/interactive_helpers/esqueryGen.ts` — `esquery` interactive command: minifies a pasted snippet, matches it against each chunk's minified AST nodes, prints loose/strict selectors. Vue's command handler imports the same module — keep it framework-agnostic.
+- `src/map/next_js/interactive.ts` / `src/map/vue_js/interactive.ts` — export both the blessed-backed `interactive()` entry and a headless `runCommands(chunks, mapFile, commands)` that pipes `outputBox.log` to stdout for `-c/--command` execution.
+- `src/map/next_js/interactive_helpers/inputPatch.ts` — `enableCursorInput(inputBox)` patches a blessed textbox instance to support cursor movement, mid-string insertion, and paste-at-cursor. It overrides `_listener`/`setValue`/`_updateCursor`/`clearValue` on the instance. **Don't try to remove blessed's listener after the fact** — blessed re-binds `this._listener` on every focus, so overriding `_listener` on the instance is the only race-free approach. Shared by Next.js and Vue interactive entries.
+- `src/globalConfig.ts` — current version string and tool-wide constants
+- `src/utility/globals.ts` — mutable global state (tech detection result, AI config, OpenAPI flag, etc.)
+
+## `run` pipeline in detail
+
+`run` is the primary subcommand. It calls `processUrl` for each target, which dispatches to one of two pipelines based on the detected front-end framework (`globalsUtil.getTech()`).
+
+### Next.js pipeline (8 steps)
+
+1. **Lazyload** — downloads initial JS chunks via Puppeteer; detects framework; sets `globalsUtil.getTech()` to `"next"`
+2. **Strings** — scans downloaded JS for strings, extracts URL paths → `extracted_urls.json`
+3. **Lazyload (subsequent requests)** — re-crawls using the extracted paths to fetch dynamically loaded chunks; also fetches `buildId`
+4. **Strings (pass 2)** — re-runs strings on the expanded chunk set; generates `extracted_urls.txt` (permuted) and `extracted_urls-openapi.json`; optionally scans secrets (`--secrets`)
+5. **Lazyload re-pass (step 4.5)** — a second subsequent-requests crawl to pick up chunks for dynamic routes discovered in pass 2
+6. **Strings re-pass (step 4.6)** — strings pass over the re-pass chunks
+7. **Map** — parses webpack/turbopack bundles; resolves `fetch()` calls and axios usage; generates `mapped.json` and `mapped-openapi.json`; CDN-aware: if JS was served from a different host, `getCdnDir` finds the CDN output dir and passes that to map instead of `outputDir/host`
+8. **Endpoints** — extracts client-side route paths; uses `___subsequent_requests` directory presence to decide whether to pass a JS directory
+9. **Analyze** — loads YAML rules (from `-r/--rules` if provided, otherwise default rules cache); runs AST engine and request engine; writes `analyze.json`
+10. **Report** — populates SQLite DB (`js-recon.db`) and generates HTML report
+
+### Vue.js pipeline (4 steps)
+
+1. **Lazyload** — same as Next.js step 1; sets `globalsUtil.getTech()` to `"vue"`
+2. **Map** — scans the entire `outputDir` (Vue chunks spread across asset hosts)
+3. **Analyze** — same rule loading as Next.js; `-r/--rules` is forwarded here too
+4. **Report** — same as Next.js; if `endpoints.json` doesn't exist it is written as `[]` since Vue endpoints extraction isn't implemented yet
+
+### Tech detection flow
+
+`lazyLoad` sets the global tech string. If it remains `""` after lazyload, `run` exits (single URL) or skips (batch). Techs other than `"next"` and `"vue"` only get lazyload; the rest of the pipeline is skipped with a warning.
+
+### Batch mode
+
+When `-u` points to a file of URLs, each line is processed sequentially. For each URL:
+
+- A subdirectory `output/<host>/` is created
+- `clearJsUrls()` / `clearJsonUrls()` reset the URL sets so previous targets don't bleed over
+- All output paths are prefixed with `workingDir/`
+
+## Adding a new flag to `run`
+
+1. Declare the option in `src/index.ts` on the `run` command (`.option(...)`)
+2. If it configures a global, call the setter in the `action` handler before `await run(cmd)`
+3. If it needs to reach a downstream module (like `analyze`), thread it through `cmd` — `processUrl` receives the full `cmd` object and passes it to submodule calls
+
+**Example — `-r/--rules` flag (added in this codebase):**
+
+- Declared in `src/index.ts`: `.option("-r, --rules <file/dir>", "Rules file or directory (passed to analyze module)")`
+- In `src/run/index.ts` the `analyze` calls use `cmd.rules || ""` — empty string tells `analyze` to use the default rules cache
+
+**Example — `--lazyload-timeout` flag:**
+
+- Declared in `src/index.ts` on both the `lazyload` and `run` commands: `.option("--lazyload-timeout <minutes>", ..., "30")`
+- Threaded directly into each `lazyLoad()` call as `Number(cmd.lazyloadTimeout) * 60 * 1000` (converts minutes → ms). Unlike flags that set a global, this one is passed as a parameter — no setter in the action handler.
+
+## Interactive-mode commands
+
+The `map -i` blessed UI dispatches user input through `interactive_helpers/commandHandler.ts`. The same handler runs headlessly when commands are supplied via `-c/--command`:
+
+- The `-c` option's commander coerce function splits each value on `&&` (with optional whitespace) and concatenates into a single command array. So `-c "list fetch && esquery * fetch"` is two commands; passing `-c` twice has the same effect.
+- `map`'s entry point checks `commands.length > 0` first — if non-empty, it calls `nextRunCommands` / `vueRunCommands` and skips the blessed UI even when `-i` is also set.
+- New commands should be added to **both** `next_js/interactive_helpers/commandHandler.ts` and `vue_js/interactive_helpers/commandHandler.ts`, plus the corresponding `helpMenu.ts` entry. When the implementation is framework-agnostic (e.g. `esquery`), put it under `next_js/interactive_helpers/` and import it from the Vue handler — don't duplicate.
+- `list server_actions` is intentionally Next.js-only (it reads from `getOpenapiOutput()` filtered by `next-action` header) and has no Vue counterpart.
+
+## Reversing RPC-style API calls from manual browser observations
+
+When the user supplies a call-stack screenshot or notes from a real session ("XHR sent here, sink is this prototype override, body comes from this function"), the goal isn't to reproduce that exact target — it's to find the _generic pattern_ that the bundler emitted and add resolver support for it. The reverse-engineering workflow that produced the HTTP-client resolver:
+
+1. **Read the call stack bottom-up.** The deepest frame is almost always the transport (`XMLHttpRequest.send`, `fetch`); ignore it. The next frames going up are the HTTP library (axios's `_request` / `dispatchXhrRequest`); ignore those too unless the URL is literal at that level. Look for the first frame whose source line contains _a recognisable path fragment or template string_ — that's the wrapper callsite worth resolving.
+2. **Identify the URL composition site.** Open the file at that frame in the downloaded bundle (`output/<host>/static/js/<chunk>.js`) and find the literal. Typical webpack patterns are `client.post(base + "literal/path/" + paramVar, body, config)` or `client.request({ url: base + "/" + paramVar, method: "POST" })`. Note what's a literal, what's a parameter, what's a local variable.
+3. **Walk inward from the wrapper.** For every non-literal in the URL, find where it came from in the same function. If it's a `let X;` followed by `X = a + "/" + b` in a sequence expression, that's `resolveFromAssignments`' territory. If it's a function parameter, that's taint analysis' territory.
+4. **Walk outward from the wrapper.** Look at the callers of the enclosing function. In webpack bundles the function is usually exported through one of:
+    - A registry object: `const ae = { request: Me, postUnchecked: Se }` — callsites read `ae.request(...)`, NOT `Me(...)`.
+    - A webpack getter export: `a.d(b, { request: () => Me })` — same effect, different shape.
+    - Both. The same binding often appears in multiple aliases.
+
+    Both shapes are recognised by `buildAliasMap` in `taint_utils.ts` and _must be matched per file_ — minifier locals like `Se`, `Me` collide across modules.
+
+5. **Trace forwarding wrappers all the way out.** A wrapper like `Se(e, t, n) → ae.request(e, t, n, ...)` just forwards its parameters. After substituting at the wrapper level, recurse into Se's own callers; the externally-meaningful arguments (`s.signIn.namespace`) are several layers up.
+6. **Confirm the literal source.** The outermost caller passes a `MemberExpression` like `s.signIn.namespace`. Find the `const s = { signIn: { namespace: "...", method: "..." } }` declaration — `resolveNodeValue` handles this naturally as long as the binding is in scope at the caller's location.
+
+If at any layer the new resolver returns `[unresolved: X]` or `[param:X]`, that's a signal which primitive is missing — extend `taint_utils.ts` (chain walk, per-file aliases, member-expression matching, late-assignment recovery) rather than special-casing the wrapper. The goal is a primitive that resolves _similar_ RPC-style libraries in unrelated apps, not the one bundle in front of you.
+
+**Do not encode target-specific paths or service names in code or comments.** When iterating, run `map` against the downloaded chunks and grep the resulting `mapped-openapi.json` for the expected URL fragment — never paste that fragment into source.
+
+### How to test changes here
+
+The HTTP-client resolver runs inside the `map` step of the React/Vue/Svelte pipeline; verify it as part of the full `run` pipeline (see "Testing a change" below). Quick iteration loop while debugging:
+
+```bash
+npx tsc
+node --max-old-space-size=8192 build/index.js map \
+    -d output/<host>/static/js -o /tmp/jsr-mapped -t react -f json \
+    2>&1 | grep "URL: " | sort -u
+```
+
+This bypasses the slow `lazyload` step by reusing already-downloaded chunks. The final acceptance test is still `npm run cleanup && npm run start -- run -u <target> -y -k`; grep `mapped-openapi.json` for the expected resolved URL fragment.
+
+## Rules
+
+Rules are YAML files (`.yml`/`.yaml`) in two places:
+
+- **Workspace:** `../js-recon-rules/` (relative to this repo)
+- **Installed cache:** `~/.js-recon/rules`
+
+`initRules` downloads rules from GitHub when missing or when the cached version doesn't match the latest release. `js_recon_version` (required) must be declared in every rule (e.g. `js_recon_version: ">=X.Y.Z"`); `initRules` uses it to validate compatibility and skips incompatible rules with a warning. The version check strips prerelease suffixes (e.g. `1.3.1-alpha.3` → `[1,3,1]`).
+
+Rule categories:
+
+- `ast/` — AST-based pattern matching against chunk code (uses `@babel/parser` + `esquery`)
+- `request/` — OpenAPI/request-level checks against the resolved endpoint list
+
+When `-r` points to a single file, only that rule is loaded. When it points to a directory, all `.yml`/`.yaml` files are loaded recursively.
+
+## Testing a change
+
+**Testing is mandatory for every change.** Before reporting a task complete:
+
+1. Run `npm run cleanup` to rebuild TypeScript.
+2. Run the `run` subcommand against the target the user provides. Do not use `analyze` or other individual subcommands as a substitute — the `run` subcommand must be used to validate end-to-end behavior.
+3. If the user has not provided a target, ask for one before proceeding.
+
+Typical test invocation:
+
+```bash
+npm run cleanup && npm run start -- run -u <target-url> -y -k
+```
+
+## Release process
+
+Releasing a new version touches four repos. Work on `dev` (js-recon, js-recon-rules) and `stage` (js-recon-docs). Do **not** touch `js-recon-research` — it is private and excluded from releases.
+
+### Steps
+
+1. **Bump version** — update `version` in `src/globalConfig.ts` and `package.json` to the new tag (e.g. `1.3.1-alpha.4`). Both must match.
+
+2. **Update CHANGELOG** — add a `## <version> - <YYYY-MM-DD>` section to `CHANGELOG.md` with `### Fixed`, `### Performance`, `### Added`, `### Changed` sub-sections as needed. Verify every `feat`/`fix` commit since the previous tag is covered:
+
+    ```bash
+    git log <prev-tag>..HEAD --oneline | grep -E "^[a-f0-9]+ (feat|fix)"
+    ```
+
+3. **Update README** — ensure the Commands table in `README.md` lists every subcommand declared in `src/index.ts`.
+
+4. **Update rules** (`js-recon-rules` repo, `dev` branch) — if there are unreleased commits, update `CHANGELOG.md` and `version.txt`, then push.
+
+5. **Update docs** (`js-recon-docs` repo, `stage` branch):
+    - Fix any option/flag gaps in `docs/docs/modules/*.md` (cross-check against `src/index.ts`).
+    - Snapshot the current docs: `npx docusaurus docs:version <version>` (run inside `js-recon-docs/`).
+    - Keep `lastVersion` in `docusaurus.config.ts` pointing to the last **stable** release (do not change it for alphas/betas).
+    - Verify: `npm run build` in `js-recon-docs/` must pass with no broken-link errors.
+
+6. **Push** — push all three repos to their source branches (`dev`/`stage`).
+
+7. **Open PRs** using `gh pr create`:
+   | Repo | Source | Target | Title | Body |
+   |------|--------|--------|-------|------|
+   | `shriyanss/js-recon` | `dev` | `main` | version string (e.g. `v1.3.1-alpha.4`) | `## <version>` changelog section |
+   | `shriyanss/js-recon-docs` | `stage` | `main` | version string | Brief summary of doc changes |
+   | `shriyanss/js-recon-rules` | `dev` | `main` | rules version (e.g. `v1.2.0`) | `## <version>` rules changelog section |
+
+8. **Monitor PRs** — CodeRabbit reviews automatically. Wait for GitHub CI (version check, build, etc.) to pass. The docs CI check is expected to fail until js-recon is fully published to npm.
+
+## Security / confidentiality
+
+When a change is informed by behavior observed on a real target (URLs, endpoint names, response shapes, finding details, etc.):
+
+- **Do not include any target information in code comments, commit messages, docstrings, variable names, or any other artifact.**
+- This applies to hostnames, paths, parameter names, response content, or any other detail that could identify the target.
+- If context from the target is needed to describe a change, describe it in abstract terms only (e.g. "URL parameter passed to fetch" not "https://example.com/api/docs passes `file` param to fetch").

package/README.md

@@ -60,6 +60,8 @@ js-recon run -u https://app.example.com
 | `run`         | Runs all analysis modules automatically on a target.                          | [Read Docs](https://js-recon.io/docs/docs/modules/run)         |
 | `analyze`     | Analyzes the code.                                                            | [Read Docs](https://js-recon.io/docs/docs/modules/analyze)     |
 | `report`      | Generates a report from the analysis modules.                                 | [Read Docs](https://js-recon.io/docs/docs/modules/report)      |
+| `mcp`         | AI-powered interactive CLI, one-shot chat, and MCP stdio server.              | [Read Docs](https://js-recon.io/docs/docs/modules/mcp)         |
+| `fingerprint` | Detects the JavaScript framework used by a target URL (JSON/JSONL output).    | [Read Docs](https://js-recon.io/docs/docs/modules/fingerprint) |
 
 ## Key Features
 

package/build/analyze/engine/astEngine.js

@@ -9,7 +9,9 @@ var __awaiter = (this && this.__awaiter) || function (thisArg, _arguments, P, ge
 };
 import chalk from "chalk";
 import parser from "@babel/parser";
+import _traverse from "@babel/traverse";
 import _generator from "@babel/generator";
+const _traverseDefault = _traverse.default;
 const generator = _generator.default;
 import esquery from "esquery";
 import { highlight } from "cli-highlight";
@@ -134,6 +136,30 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
                     }
                 }
             }
+            else if (step.regexMatch) {
+                // Scan all StringLiteral/TemplateLiteral nodes in the chunk for values matching the regex
+                const pattern = new RegExp(step.regexMatch.pattern);
+                const foundNodes = [];
+                _traverseDefault(ast, {
+                    StringLiteral(nodePath) {
+                        if (pattern.test(nodePath.node.value)) {
+                            foundNodes.push(nodePath.node);
+                        }
+                    },
+                    TemplateLiteral(nodePath) {
+                        for (const quasi of nodePath.node.quasis) {
+                            if (pattern.test(quasi.value.raw)) {
+                                foundNodes.push(nodePath.node);
+                                break;
+                            }
+                        }
+                    },
+                });
+                if (foundNodes.length > 0) {
+                    matchList[step.name] = { node: foundNodes[0], scope: ast, allNodes: foundNodes };
+                    completedSteps.add(step.name);
+                }
+            }
             else if (step.checkAssignmentExist) {
                 const selectedNode = (_b = matchList[step.checkAssignmentExist.name]) === null || _b === void 0 ? void 0 : _b.node;
                 const toMatch = step.checkAssignmentExist.type;
@@ -158,36 +184,38 @@ const esqueryEngine = (rule, mappedJsonData) => __awaiter(void 0, void 0, void 0
         if (completedSteps.size === rule.steps.length) {
             const message = `[+] "${rule.name}" found in chunk ${chunk.id}`;
             const lastMatch = Object.values(matchList)[Object.keys(matchList).length - 1];
-            const code = generator(lastMatch.node).code;
-            // print the message based on the severity of the rule
-            if (rule.severity === "info") {
-                console.log(chalk.cyan(message));
-            }
-            else if (rule.severity === "low") {
-                console.log(chalk.yellow(message));
-            }
-            else if (rule.severity === "medium") {
-                console.log(chalk.magenta(message));
-            }
-            else if (rule.severity === "high") {
-                console.log(chalk.red(message));
+            const nodesToReport = lastMatch.allNodes && lastMatch.allNodes.length > 1 ? lastMatch.allNodes : [lastMatch.node];
+            for (const reportNode of nodesToReport) {
+                const code = generator(reportNode).code;
+                if (rule.severity === "info") {
+                    console.log(chalk.cyan(message));
+                }
+                else if (rule.severity === "low") {
+                    console.log(chalk.yellow(message));
+                }
+                else if (rule.severity === "medium") {
+                    console.log(chalk.magenta(message));
+                }
+                else if (rule.severity === "high") {
+                    console.log(chalk.red(message));
+                }
+                console.log(highlight(code, {
+                    language: "javascript",
+                    ignoreIllegals: true,
+                    theme: undefined,
+                }));
+                findings.push({
+                    ruleId: rule.id,
+                    ruleName: rule.name,
+                    ruleType: rule.type,
+                    ruleDescription: rule.description,
+                    ruleAuthor: rule.author,
+                    ruleTech: rule.tech,
+                    severity: rule.severity,
+                    message: message,
+                    findingLocation: `// ${chunk.id}\n\n${code}`,
+                });
             }
-            console.log(highlight(code, {
-                language: "javascript",
-                ignoreIllegals: true,
-                theme: undefined,
-            }));
-            findings.push({
-                ruleId: rule.id,
-                ruleName: rule.name,
-                ruleType: rule.type,
-                ruleDescription: rule.description,
-                ruleAuthor: rule.author,
-                ruleTech: rule.tech,
-                severity: rule.severity,
-                message: message,
-                findingLocation: `// ${chunk.id}\n\n${code}`,
-            });
         }
     }
     return findings;

package/build/analyze/engine/astEngine.js.map

@@ -1 +1 @@
-{"version":3,"file":"astEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/astEngine.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,MAAM,MAAM,eAAe,CAAC;AAEnC,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAC1C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC;AACrC,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,yBAAyB,EAAE,MAAM,uDAAuD,CAAC;AAClG,OAAO,EAAE,8BAA8B,EAAE,MAAM,4DAA4D,CAAC;AAC5G,OAAO,EAAE,oBAAoB,EAAE,MAAM,kDAAkD,CAAC;AACxF,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAa,MAAM,uCAAuC,CAAC;AAGnG;;;;;;;;;;GAUG;AACH,MAAM,aAAa,GAAG,CAAO,IAAU,EAAE,cAAsB,EAA2B,EAAE;;IACxF,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QAChD,qCAAqC;QACrC,IAAI,GAAG,CAAC;QACR,IAAI,CAAC;YACD,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE;gBAC3B,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;gBAC9B,aAAa,EAAE,IAAI;aACtB,CAAC,CAAC;QACP,CAAC;QAAC,WAAM,CAAC;YACL,SAAS;QACb,CAAC;QAED,IAAI,SAAS,GAAsE,EAAE,CAAC;QACtF,MAAM,cAAc,GAAgB,IAAI,GAAG,EAAE,CAAC;QAC9C,6EAA6E;QAC7E,yCAAyC;QACzC,MAAM,UAAU,GAAwC,EAAE,CAAC;QAE3D,wCAAwC;QACxC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,gFAAgF;YAChF,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzE,IAAI,CAAC,cAAc,EAAE,CAAC;oBAClB,SAAS;gBACb,CAAC;YACL,CAAC;YAED,8CAA8C;YAC9C,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;gBAEpC,iFAAiF;gBACjF,4EAA4E;gBAC5E,yFAAyF;gBACzF,IAAI,UAAU,GAAS,GAAG,CAAC;gBAC3B,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;oBACzB,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;oBACrD,IAAI,CAAC,UAAU,EAAE,CAAC;wBACd,mDAAmD;wBACnD,SAAS;oBACb,CAAC;oBACD,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC;gBACjC,CAAC;gBAED,wEAAwE;gBACxE,IAAI,OAAO,GAAW,OAAO,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;gBAEpD,yEAAyE;gBACzE,uEAAuE;gBACvE,gEAAgE;gBAChE,oDAAoD;gBACpD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;oBAC/C,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;oBAC9C,MAAM,WAAW,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC;oBAC9C,IAAI,CAAC,WAAW,EAAE,CAAC;wBACf,sDAAsD;wBACtD,SAAS;oBACb,CAAC;oBACD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;wBAC9B,MAAM,WAAW,GAAG,WAAW,CAAC,QAAQ,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;wBAC/D,UAAU,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;oBAChE,CAAC;oBACD,MAAM,KAAK,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;oBACzC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;gBACtE,CAAC;gBAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,+EAA+E;oBAC/E,oEAAoE;oBACpE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;oBAC3E,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBACrC,6FAA6F;gBAE7F,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAE7E,IAAI,YAAY,EAAE,CAAC;oBACf,0DAA0D;oBAC1D,IAAI,YAAY,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;wBACzC,IACI,YAAY,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;4BAC/C,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAClD,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,kBAAkB;4BACxD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe;4BAClD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,EAC/C,CAAC;4BACC,IAAI,YAAY,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gCACtC,+CAA+C;gCAC/C,4BAA4B;gCAC5B,IAAI,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oCAClD,qCAAqC;oCACrC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,MAAM,gBAAgB,GAAG,yBAAyB,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;oCAE5E,IAAI,gBAAgB,EAAE,CAAC;wCACnB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wCAC9D,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCAClC,CAAC;gCACL,CAAC;qCAAM,IACH,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB;oCACvD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,yBAAyB,EAC9D,CAAC;oCACC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;oCAChE,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCAClC,CAAC;4BACL,CAAC;wBACL,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACnC,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAC3E,MAAM,OAAO,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC;gBAC/C,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,CAAC;gBAEpE,IAAI,YAAY,IAAI,gBAAgB,EAAE,CAAC;oBACnC,MAAM,cAAc,GAAG,8BAA8B,CACjD,YAAY,EACZ,OAAO,EACP,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAClC,CAAC;gBACL,CAAC;qBAAM,IAAI,YAAY,EAAE,CAAC;oBACtB,MAAM,cAAc,GAAG,oBAAoB,CACvC,YAAY,EACZ,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAClC,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAED,qEAAqE;QACrE,IAAI,cAAc,CAAC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAC5C,MAAM,OAAO,GAAG,QAAQ,IAAI,CAAC,IAAI,oBAAoB,KAAK,CAAC,EAAE,EAAE,CAAC;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC9E,MAAM,IAAI,GAAG,SAAS,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC;YAE5C,sDAAsD;YACtD,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;YACrC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;gBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;YACvC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;gBACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;YACxC,CAAC;iBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;YACpC,CAAC;YAED,OAAO,CAAC,GAAG,CACP,SAAS,CAAC,IAAI,EAAE;gBACZ,QAAQ,EAAE,YAAY;gBACtB,cAAc,EAAE,IAAI;gBACpB,KAAK,EAAE,SAAS;aACnB,CAAC,CACL,CAAC;YAEF,QAAQ,CAAC,IAAI,CAAC;gBACV,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,eAAe,EAAE,IAAI,CAAC,WAAW;gBACjC,UAAU,EAAE,IAAI,CAAC,MAAM;gBACvB,QAAQ,EAAE,IAAI,CAAC,IAAI;gBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,OAAO,EAAE,OAAO;gBAChB,eAAe,EAAE,MAAM,KAAK,CAAC,EAAE,OAAO,IAAI,EAAE;aAC/C,CAAC,CAAC;QACP,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,aAAa,CAAC"}
+{"version":3,"file":"astEngine.js","sourceRoot":"","sources":["../../../src/analyze/engine/astEngine.ts"],"names":[],"mappings":";;;;;;;;;AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAI1B,OAAO,MAAM,MAAM,eAAe,CAAC;AACnC,OAAO,SAAS,MAAM,iBAAiB,CAAC;AACxC,OAAO,UAAU,MAAM,kBAAkB,CAAC;AAC1C,MAAM,gBAAgB,GAAG,SAAS,CAAC,OAAO,CAAC;AAC3C,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,CAAC;AACrC,OAAO,OAAO,MAAM,SAAS,CAAC;AAE9B,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,yBAAyB,EAAE,MAAM,uDAAuD,CAAC;AAClG,OAAO,EAAE,8BAA8B,EAAE,MAAM,4DAA4D,CAAC;AAC5G,OAAO,EAAE,oBAAoB,EAAE,MAAM,kDAAkD,CAAC;AACxF,OAAO,EAAE,YAAY,EAAE,iBAAiB,EAAa,MAAM,uCAAuC,CAAC;AAGnG;;;;;;;;;;GAUG;AACH,MAAM,aAAa,GAAG,CAAO,IAAU,EAAE,cAAsB,EAA2B,EAAE;;IACxF,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,CAAC,cAAc,CAAC,EAAE,CAAC;QAChD,qCAAqC;QACrC,IAAI,GAAG,CAAC;QACR,IAAI,CAAC;YACD,GAAG,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,EAAE;gBAC3B,UAAU,EAAE,aAAa;gBACzB,OAAO,EAAE,CAAC,KAAK,EAAE,YAAY,CAAC;gBAC9B,aAAa,EAAE,IAAI;aACtB,CAAC,CAAC;QACP,CAAC;QAAC,WAAM,CAAC;YACL,SAAS;QACb,CAAC;QAED,IAAI,SAAS,GAAsE,EAAE,CAAC;QACtF,MAAM,cAAc,GAAgB,IAAI,GAAG,EAAE,CAAC;QAC9C,6EAA6E;QAC7E,yCAAyC;QACzC,MAAM,UAAU,GAAwC,EAAE,CAAC;QAE3D,wCAAwC;QACxC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;YAC5B,gFAAgF;YAChF,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5C,MAAM,cAAc,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;gBACzE,IAAI,CAAC,cAAc,EAAE,CAAC;oBAClB,SAAS;gBACb,CAAC;YACL,CAAC;YAED,8CAA8C;YAC9C,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACf,MAAM,QAAQ,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;gBAEpC,iFAAiF;gBACjF,4EAA4E;gBAC5E,yFAAyF;gBACzF,IAAI,UAAU,GAAS,GAAG,CAAC;gBAC3B,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;oBACzB,MAAM,UAAU,GAAG,SAAS,CAAC,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;oBACrD,IAAI,CAAC,UAAU,EAAE,CAAC;wBACd,mDAAmD;wBACnD,SAAS;oBACb,CAAC;oBACD,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC;gBACjC,CAAC;gBAED,wEAAwE;gBACxE,IAAI,OAAO,GAAW,OAAO,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;gBAEpD,yEAAyE;gBACzE,uEAAuE;gBACvE,gEAAgE;gBAChE,oDAAoD;gBACpD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,OAAO,CAAC,SAAS,EAAE,CAAC;oBAC/C,MAAM,cAAc,GAAG,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC;oBAC9C,MAAM,WAAW,GAAG,SAAS,CAAC,cAAc,CAAC,CAAC;oBAC9C,IAAI,CAAC,WAAW,EAAE,CAAC;wBACf,sDAAsD;wBACtD,SAAS;oBACb,CAAC;oBACD,IAAI,CAAC,UAAU,CAAC,cAAc,CAAC,EAAE,CAAC;wBAC9B,MAAM,WAAW,GAAG,WAAW,CAAC,QAAQ,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;wBAC/D,UAAU,CAAC,cAAc,CAAC,GAAG,YAAY,CAAC,GAAG,EAAE,WAAW,CAAC,CAAC;oBAChE,CAAC;oBACD,MAAM,KAAK,GAAG,UAAU,CAAC,cAAc,CAAC,CAAC;oBACzC,OAAO,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,GAAG,EAAE,CAAC,EAAE,KAAK,CAAC,CAAC,CAAC;gBACtE,CAAC;gBAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACrB,+EAA+E;oBAC/E,oEAAoE;oBACpE,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC;oBAC3E,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,sBAAsB,EAAE,CAAC;gBACrC,6FAA6F;gBAE7F,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,sBAAsB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAE7E,IAAI,YAAY,EAAE,CAAC;oBACf,0DAA0D;oBAC1D,IAAI,YAAY,CAAC,IAAI,KAAK,gBAAgB,EAAE,CAAC;wBACzC,IACI,YAAY,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;4BAC/C,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY;4BAClD,YAAY,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,KAAK,kBAAkB;4BACxD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe;4BAClD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,EAC/C,CAAC;4BACC,IAAI,YAAY,CAAC,SAAS,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gCACtC,+CAA+C;gCAC/C,4BAA4B;gCAC5B,IAAI,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;oCAClD,qCAAqC;oCACrC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,MAAM,gBAAgB,GAAG,yBAAyB,CAAC,kBAAkB,EAAE,GAAG,CAAC,CAAC;oCAE5E,IAAI,gBAAgB,EAAE,CAAC;wCACnB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,gBAAgB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wCAC9D,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oCAClC,CAAC;gCACL,CAAC;qCAAM,IACH,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB;oCACvD,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,KAAK,yBAAyB,EAC9D,CAAC;oCACC,MAAM,kBAAkB,GAAG,YAAY,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;oCACrD,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,kBAAkB,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;oCAChE,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gCAClC,CAAC;4BACL,CAAC;wBACL,CAAC;oBACL,CAAC;gBACL,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;gBACzB,0FAA0F;gBAC1F,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;gBACpD,MAAM,UAAU,GAAW,EAAE,CAAC;gBAC9B,gBAAgB,CAAC,GAAG,EAAE;oBAClB,aAAa,CAAC,QAAa;wBACvB,IAAI,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;4BACpC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;wBACnC,CAAC;oBACL,CAAC;oBACD,eAAe,CAAC,QAAa;wBACzB,KAAK,MAAM,KAAK,IAAI,QAAQ,CAAC,IAAI,CAAC,MAAM,EAAE,CAAC;4BACvC,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,CAAC;gCAChC,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gCAC/B,MAAM;4BACV,CAAC;wBACL,CAAC;oBACL,CAAC;iBACJ,CAAC,CAAC;gBACH,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBACxB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,QAAQ,EAAE,UAAU,EAAE,CAAC;oBACjF,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAClC,CAAC;YACL,CAAC;iBAAM,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBACnC,MAAM,YAAY,GAAS,MAAA,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,0CAAE,IAAI,CAAC;gBAC3E,MAAM,OAAO,GAAG,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC;gBAC/C,MAAM,gBAAgB,GAAG,IAAI,CAAC,oBAAoB,CAAC,gBAAgB,CAAC;gBAEpE,IAAI,YAAY,IAAI,gBAAgB,EAAE,CAAC;oBACnC,MAAM,cAAc,GAAG,8BAA8B,CACjD,YAAY,EACZ,OAAO,EACP,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAClC,CAAC;gBACL,CAAC;qBAAM,IAAI,YAAY,EAAE,CAAC;oBACtB,MAAM,cAAc,GAAG,oBAAoB,CACvC,YAAY,EACZ,SAAS,CAAC,IAAI,CAAC,oBAAoB,CAAC,IAAI,CAAC,CAAC,KAAK,CAClD,CAAC;oBAEF,IAAI,cAAc,EAAE,CAAC;wBACjB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,EAAE,cAAc,EAAE,KAAK,EAAE,GAAG,EAAE,CAAC;wBAC5D,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBAClC,CAAC;gBACL,CAAC;YACL,CAAC;QACL,CAAC;QAED,qEAAqE;QACrE,IAAI,cAAc,CAAC,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YAC5C,MAAM,OAAO,GAAG,QAAQ,IAAI,CAAC,IAAI,oBAAoB,KAAK,CAAC,EAAE,EAAE,CAAC;YAChE,MAAM,SAAS,GAAG,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;YAC9E,MAAM,aAAa,GACf,SAAS,CAAC,QAAQ,IAAI,SAAS,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;YAEhG,KAAK,MAAM,UAAU,IAAI,aAAa,EAAE,CAAC;gBACrC,MAAM,IAAI,GAAG,SAAS,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC;gBAExC,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAC3B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;gBACrC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,KAAK,EAAE,CAAC;oBACjC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;gBACvC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC;gBACxC,CAAC;qBAAM,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;oBAClC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;gBACpC,CAAC;gBAED,OAAO,CAAC,GAAG,CACP,SAAS,CAAC,IAAI,EAAE;oBACZ,QAAQ,EAAE,YAAY;oBACtB,cAAc,EAAE,IAAI;oBACpB,KAAK,EAAE,SAAS;iBACnB,CAAC,CACL,CAAC;gBAEF,QAAQ,CAAC,IAAI,CAAC;oBACV,MAAM,EAAE,IAAI,CAAC,EAAE;oBACf,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,eAAe,EAAE,IAAI,CAAC,WAAW;oBACjC,UAAU,EAAE,IAAI,CAAC,MAAM;oBACvB,QAAQ,EAAE,IAAI,CAAC,IAAI;oBACnB,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,OAAO,EAAE,OAAO;oBAChB,eAAe,EAAE,MAAM,KAAK,CAAC,EAAE,OAAO,IAAI,EAAE;iBAC/C,CAAC,CAAC;YACP,CAAC;QACL,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,aAAa,CAAC"}

package/build/analyze/engine/index.js

@@ -35,7 +35,7 @@ export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(voi
                 techValid = false;
             }
         }
-        if (techValid || tech === "all") {
+        if (techValid || tech === "all" || rule.tech.includes("all")) {
             findings.push(...(yield requestEngine(rule, openapiData)));
         }
     }
@@ -49,7 +49,7 @@ export const engine = (rule, mappedJsonData, openapiData, tech) => __awaiter(voi
                 techValid = false;
             }
         }
-        if (techValid || tech === "all") {
+        if (techValid || tech === "all" || rule.tech.includes("all")) {
             findings.push(...(yield astEngine(rule, mappedJsonData)));
         }
     }

package/build/analyze/engine/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyze/engine/index.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,SAAS,MAAM,gBAAgB,CAAC;AAGvC;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,CAClB,IAAU,EACV,cAAkC,EAClC,WAAoC,EACpC,IAAoB,EACe,EAAE;IACrC,yGAAyG;IAEzG,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1B,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC;IACL,CAAC;SAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,EAAE,CAAC;YAClB,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,EAAE,CAAC;YAC9B,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyze/engine/index.ts"],"names":[],"mappings":";;;;;;;;;AAGA,OAAO,aAAa,MAAM,oBAAoB,CAAC;AAC/C,OAAO,SAAS,MAAM,gBAAgB,CAAC;AAGvC;;;;;;;;;;;;GAYG;AACH,MAAM,CAAC,MAAM,MAAM,GAAG,CAClB,IAAU,EACV,cAAkC,EAClC,WAAoC,EACpC,IAAiD,EACd,EAAE;IACrC,yGAAyG;IAEzG,IAAI,QAAQ,GAAmB,EAAE,CAAC;IAElC,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;QAC1B,IAAI,CAAC,WAAW,EAAE,CAAC;YACf,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3D,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,aAAa,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;QAC/D,CAAC;IACL,CAAC;SAAM,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,cAAc,EAAE,CAAC;YAClB,OAAO;QACX,CAAC;QAED,IAAI,SAAS,GAAG,IAAI,CAAC;QACrB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,SAAS,GAAG,KAAK,CAAC;YACtB,CAAC;QACL,CAAC;QAED,IAAI,SAAS,IAAI,IAAI,KAAK,KAAK,IAAI,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3D,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,SAAS,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;IACL,CAAC;IAED,OAAO,QAAQ,CAAC;AACpB,CAAC,CAAA,CAAC;AAEF,eAAe,MAAM,CAAC"}