@skillsmith/core 0.4.16 → 0.4.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +14 -0
- package/README.md +57 -2
- package/dist/.tsbuildinfo +1 -1
- package/dist/src/api/client.d.ts +2 -0
- package/dist/src/api/client.d.ts.map +1 -1
- package/dist/src/api/client.js.map +1 -1
- package/dist/src/api/schemas.d.ts +4 -4
- package/dist/src/db/schema.d.ts +2 -2
- package/dist/src/db/schema.d.ts.map +1 -1
- package/dist/src/db/schema.js +8 -2
- package/dist/src/db/schema.js.map +1 -1
- package/dist/src/embeddings/hnsw-store.d.ts +1 -1
- package/dist/src/embeddings/hnsw-store.d.ts.map +1 -1
- package/dist/src/embeddings/hnsw-store.js +4 -34
- package/dist/src/embeddings/hnsw-store.js.map +1 -1
- package/dist/src/embeddings/hnsw-store.types.d.ts +18 -0
- package/dist/src/embeddings/hnsw-store.types.d.ts.map +1 -1
- package/dist/src/embeddings/hnsw-store.types.js.map +1 -1
- package/dist/src/exports/services.d.ts +3 -0
- package/dist/src/exports/services.d.ts.map +1 -1
- package/dist/src/exports/services.js +6 -0
- package/dist/src/exports/services.js.map +1 -1
- package/dist/src/index.d.ts +1 -1
- package/dist/src/index.d.ts.map +1 -1
- package/dist/src/index.js +1 -1
- package/dist/src/index.js.map +1 -1
- package/dist/src/learning/PatternStore.d.ts.map +1 -1
- package/dist/src/learning/PatternStore.js +2 -9
- package/dist/src/learning/PatternStore.js.map +1 -1
- package/dist/src/routing/SONARouter.d.ts.map +1 -1
- package/dist/src/routing/SONARouter.js +4 -15
- package/dist/src/routing/SONARouter.js.map +1 -1
- package/dist/src/scripts/__tests__/scan-imported-skills.test.js +5 -0
- package/dist/src/scripts/__tests__/scan-imported-skills.test.js.map +1 -1
- package/dist/src/scripts/validation/types.d.ts +2 -2
- package/dist/src/security/scanner/SecurityScanner.d.ts +4 -2
- package/dist/src/security/scanner/SecurityScanner.d.ts.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.helpers.d.ts +24 -2
- package/dist/src/security/scanner/SecurityScanner.helpers.d.ts.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.helpers.js +99 -3
- package/dist/src/security/scanner/SecurityScanner.helpers.js.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.js +29 -90
- package/dist/src/security/scanner/SecurityScanner.js.map +1 -1
- package/dist/src/security/scanner/SecurityScanner.ssrf.d.ts +15 -0
- package/dist/src/security/scanner/SecurityScanner.ssrf.d.ts.map +1 -0
- package/dist/src/security/scanner/SecurityScanner.ssrf.js +76 -0
- package/dist/src/security/scanner/SecurityScanner.ssrf.js.map +1 -0
- package/dist/src/security/scanner/index.d.ts +1 -1
- package/dist/src/security/scanner/index.d.ts.map +1 -1
- package/dist/src/security/scanner/index.js +1 -1
- package/dist/src/security/scanner/index.js.map +1 -1
- package/dist/src/security/scanner/patterns.d.ts +6 -0
- package/dist/src/security/scanner/patterns.d.ts.map +1 -1
- package/dist/src/security/scanner/patterns.js +32 -0
- package/dist/src/security/scanner/patterns.js.map +1 -1
- package/dist/src/security/scanner/types.d.ts +2 -1
- package/dist/src/security/scanner/types.d.ts.map +1 -1
- package/dist/src/security/scanner/weights.d.ts.map +1 -1
- package/dist/src/security/scanner/weights.js +1 -0
- package/dist/src/security/scanner/weights.js.map +1 -1
- package/dist/src/services/skill-installation.helpers.d.ts +62 -0
- package/dist/src/services/skill-installation.helpers.d.ts.map +1 -0
- package/dist/src/services/skill-installation.helpers.js +335 -0
- package/dist/src/services/skill-installation.helpers.js.map +1 -0
- package/dist/src/services/skill-installation.service.d.ts +45 -0
- package/dist/src/services/skill-installation.service.d.ts.map +1 -0
- package/dist/src/services/skill-installation.service.js +383 -0
- package/dist/src/services/skill-installation.service.js.map +1 -0
- package/dist/src/services/skill-installation.types.d.ts +144 -0
- package/dist/src/services/skill-installation.types.d.ts.map +1 -0
- package/dist/src/services/skill-installation.types.js +38 -0
- package/dist/src/services/skill-installation.types.js.map +1 -0
- package/dist/src/services/skill-manifest.d.ts +20 -0
- package/dist/src/services/skill-manifest.d.ts.map +1 -0
- package/dist/src/services/skill-manifest.js +84 -0
- package/dist/src/services/skill-manifest.js.map +1 -0
- package/dist/src/session/SessionManager.helpers.d.ts +1 -27
- package/dist/src/session/SessionManager.helpers.d.ts.map +1 -1
- package/dist/src/session/SessionManager.helpers.js +0 -64
- package/dist/src/session/SessionManager.helpers.js.map +1 -1
- package/dist/src/session/SessionManager.memory.d.ts +12 -11
- package/dist/src/session/SessionManager.memory.d.ts.map +1 -1
- package/dist/src/session/SessionManager.memory.js +23 -115
- package/dist/src/session/SessionManager.memory.js.map +1 -1
- package/dist/src/session/SessionManager.types.d.ts +0 -37
- package/dist/src/session/SessionManager.types.d.ts.map +1 -1
- package/dist/src/session/SessionManager.types.js.map +1 -1
- package/dist/src/session/SessionRecovery.js +4 -4
- package/dist/src/session/SessionRecovery.js.map +1 -1
- package/dist/src/testing/MultiLLMProvider.d.ts.map +1 -1
- package/dist/src/testing/MultiLLMProvider.js +5 -19
- package/dist/src/testing/MultiLLMProvider.js.map +1 -1
- package/dist/tests/billing/StripeClient.test.d.ts +18 -0
- package/dist/tests/billing/StripeClient.test.d.ts.map +1 -0
- package/dist/tests/billing/StripeClient.test.js +566 -0
- package/dist/tests/billing/StripeClient.test.js.map +1 -0
- package/dist/tests/billing/StripeWebhookHandler.test.d.ts +16 -0
- package/dist/tests/billing/StripeWebhookHandler.test.d.ts.map +1 -0
- package/dist/tests/billing/StripeWebhookHandler.test.js +240 -0
- package/dist/tests/billing/StripeWebhookHandler.test.js.map +1 -0
- package/dist/tests/billing/stripe-helpers.test.d.ts +7 -0
- package/dist/tests/billing/stripe-helpers.test.d.ts.map +1 -0
- package/dist/tests/billing/stripe-helpers.test.js +91 -0
- package/dist/tests/billing/stripe-helpers.test.js.map +1 -0
- package/dist/tests/billing/webhook-handlers.test.d.ts +16 -0
- package/dist/tests/billing/webhook-handlers.test.d.ts.map +1 -0
- package/dist/tests/billing/webhook-handlers.test.js +519 -0
- package/dist/tests/billing/webhook-handlers.test.js.map +1 -0
- package/dist/tests/db/migration.test.d.ts +11 -0
- package/dist/tests/db/migration.test.d.ts.map +1 -0
- package/dist/tests/db/migration.test.js +265 -0
- package/dist/tests/db/migration.test.js.map +1 -0
- package/dist/tests/security/ContinuousSecurity.test.js +2 -2
- package/dist/tests/security/ContinuousSecurity.test.js.map +1 -1
- package/dist/tests/security.test.js +200 -0
- package/dist/tests/security.test.js.map +1 -1
- package/dist/tests/session/SessionManager.helpers.test.js +1 -9
- package/dist/tests/session/SessionManager.helpers.test.js.map +1 -1
- package/dist/tests/session/SessionManager.memory.test.d.ts +3 -4
- package/dist/tests/session/SessionManager.memory.test.d.ts.map +1 -1
- package/dist/tests/session/SessionManager.memory.test.js +41 -123
- package/dist/tests/session/SessionManager.memory.test.js.map +1 -1
- package/dist/tests/sync/BackgroundSyncService.test.d.ts +13 -0
- package/dist/tests/sync/BackgroundSyncService.test.d.ts.map +1 -0
- package/dist/tests/sync/BackgroundSyncService.test.js +259 -0
- package/dist/tests/sync/BackgroundSyncService.test.js.map +1 -0
- package/dist/tests/testkit.d.ts +14 -0
- package/dist/tests/testkit.d.ts.map +1 -0
- package/dist/tests/testkit.js +14 -0
- package/dist/tests/testkit.js.map +1 -0
- package/dist/tests/unit/migrations/v10-dependencies.test.js +3 -3
- package/dist/tests/unit/migrations/v10-dependencies.test.js.map +1 -1
- package/dist/tests/unit/services/skill-installation.service.test.d.ts +8 -0
- package/dist/tests/unit/services/skill-installation.service.test.d.ts.map +1 -0
- package/dist/tests/unit/services/skill-installation.service.test.js +732 -0
- package/dist/tests/unit/services/skill-installation.service.test.js.map +1 -0
- package/package.json +19 -7
- package/dist/vitest.config.d.ts +0 -3
- package/dist/vitest.config.d.ts.map +0 -1
- package/dist/vitest.config.js +0 -13
- package/dist/vitest.config.js.map +0 -1
|
@@ -5,11 +5,14 @@
|
|
|
5
5
|
*/
|
|
6
6
|
import { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, } from './patterns.js';
|
|
7
7
|
import { safeRegexTest, safeRegexCheck } from './regex-utils.js';
|
|
8
|
-
import { isMultilinePattern, analyzeMarkdownContext, isDocumentationContext, calculateRiskScore, } from './SecurityScanner.helpers.js';
|
|
8
|
+
import { isMultilinePattern, analyzeMarkdownContext, isDocumentationContext, isWithinInlineCode, calculateRiskScore, scanPatternsWithMultilineSupport, } from './SecurityScanner.helpers.js';
|
|
9
|
+
// Import SSRF scanner
|
|
10
|
+
import { scanSsrfPatterns } from './SecurityScanner.ssrf.js';
|
|
9
11
|
// Import formatters (used for both re-export and static methods)
|
|
10
12
|
import { toMinimalRefs, toSARIF, toGitHubAnnotations, toSummary, } from './SecurityScanner.formatters.js';
|
|
11
13
|
// Re-export helpers and formatters for public API
|
|
12
|
-
export { isMultilinePattern, analyzeMarkdownContext, isDocumentationContext, calculateRiskScore, };
|
|
14
|
+
export { isMultilinePattern, analyzeMarkdownContext, isDocumentationContext, isWithinInlineCode, calculateRiskScore, };
|
|
15
|
+
export { scanSsrfPatterns };
|
|
13
16
|
export { toMinimalRefs, toSARIF, toGitHubAnnotations, toSummary };
|
|
14
17
|
export class SecurityScanner {
|
|
15
18
|
allowedDomains;
|
|
@@ -66,9 +69,11 @@ export class SecurityScanner {
|
|
|
66
69
|
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
67
70
|
lines.forEach((line, index) => {
|
|
68
71
|
const ctx = contexts[index];
|
|
69
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
70
72
|
for (const pattern of SENSITIVE_PATH_PATTERNS) {
|
|
71
73
|
if (safeRegexCheck(pattern, line)) {
|
|
74
|
+
const match = safeRegexTest(pattern, line);
|
|
75
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match?.index ?? 0);
|
|
76
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
72
77
|
const confidence = inDocContext ? 'low' : 'high';
|
|
73
78
|
const severity = inDocContext ? 'medium' : 'high';
|
|
74
79
|
findings.push({
|
|
@@ -87,31 +92,12 @@ export class SecurityScanner {
|
|
|
87
92
|
return findings;
|
|
88
93
|
}
|
|
89
94
|
scanJailbreakPatterns(content, lineContexts) {
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
|
|
95
|
-
|
|
96
|
-
for (const pattern of JAILBREAK_PATTERNS) {
|
|
97
|
-
const match = safeRegexTest(pattern, line);
|
|
98
|
-
if (match) {
|
|
99
|
-
const confidence = inDocContext ? 'low' : 'high';
|
|
100
|
-
const severity = inDocContext ? 'high' : 'critical';
|
|
101
|
-
findings.push({
|
|
102
|
-
type: 'jailbreak',
|
|
103
|
-
severity,
|
|
104
|
-
message: `Potential jailbreak pattern detected: "${match[0]}"`,
|
|
105
|
-
location: line.trim().slice(0, 100),
|
|
106
|
-
lineNumber: index + 1,
|
|
107
|
-
inDocumentationContext: inDocContext,
|
|
108
|
-
confidence,
|
|
109
|
-
});
|
|
110
|
-
break;
|
|
111
|
-
}
|
|
112
|
-
}
|
|
113
|
-
});
|
|
114
|
-
return findings;
|
|
95
|
+
return scanPatternsWithMultilineSupport(content, {
|
|
96
|
+
type: 'jailbreak',
|
|
97
|
+
messagePrefix: 'Potential jailbreak pattern detected',
|
|
98
|
+
patterns: JAILBREAK_PATTERNS,
|
|
99
|
+
severities: ['high', 'critical'],
|
|
100
|
+
}, lineContexts);
|
|
115
101
|
}
|
|
116
102
|
scanSuspiciousPatterns(content) {
|
|
117
103
|
const findings = [];
|
|
@@ -152,10 +138,11 @@ export class SecurityScanner {
|
|
|
152
138
|
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
153
139
|
lines.forEach((line, index) => {
|
|
154
140
|
const ctx = contexts[index];
|
|
155
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
156
141
|
for (const pattern of SOCIAL_ENGINEERING_PATTERNS) {
|
|
157
142
|
const match = safeRegexTest(pattern, line);
|
|
158
143
|
if (match) {
|
|
144
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match.index ?? 0);
|
|
145
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
159
146
|
const confidence = inDocContext ? 'low' : 'high';
|
|
160
147
|
const severity = inDocContext ? 'medium' : 'high';
|
|
161
148
|
findings.push({
|
|
@@ -180,10 +167,11 @@ export class SecurityScanner {
|
|
|
180
167
|
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
181
168
|
lines.forEach((line, index) => {
|
|
182
169
|
const ctx = contexts[index];
|
|
183
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
184
170
|
for (const pattern of PROMPT_LEAKING_PATTERNS) {
|
|
185
171
|
const match = safeRegexTest(pattern, line);
|
|
186
172
|
if (match) {
|
|
173
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match.index ?? 0);
|
|
174
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
187
175
|
const confidence = inDocContext ? 'low' : 'high';
|
|
188
176
|
const severity = inDocContext ? 'high' : 'critical';
|
|
189
177
|
findings.push({
|
|
@@ -208,10 +196,11 @@ export class SecurityScanner {
|
|
|
208
196
|
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
209
197
|
lines.forEach((line, index) => {
|
|
210
198
|
const ctx = contexts[index];
|
|
211
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
212
199
|
for (const pattern of DATA_EXFILTRATION_PATTERNS) {
|
|
213
200
|
const match = safeRegexTest(pattern, line);
|
|
214
201
|
if (match) {
|
|
202
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match.index ?? 0);
|
|
203
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
215
204
|
const confidence = inDocContext ? 'low' : 'high';
|
|
216
205
|
const severity = inDocContext ? 'medium' : 'high';
|
|
217
206
|
findings.push({
|
|
@@ -236,10 +225,11 @@ export class SecurityScanner {
|
|
|
236
225
|
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
237
226
|
lines.forEach((line, index) => {
|
|
238
227
|
const ctx = contexts[index];
|
|
239
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
240
228
|
for (const pattern of PRIVILEGE_ESCALATION_PATTERNS) {
|
|
241
229
|
const match = safeRegexTest(pattern, line);
|
|
242
230
|
if (match) {
|
|
231
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match.index ?? 0);
|
|
232
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
243
233
|
const confidence = inDocContext ? 'low' : 'high';
|
|
244
234
|
const severity = inDocContext ? 'high' : 'critical';
|
|
245
235
|
findings.push({
|
|
@@ -259,64 +249,12 @@ export class SecurityScanner {
|
|
|
259
249
|
return findings;
|
|
260
250
|
}
|
|
261
251
|
scanAIDefenceVulnerabilities(content, lineContexts) {
|
|
262
|
-
|
|
263
|
-
|
|
264
|
-
|
|
265
|
-
|
|
266
|
-
|
|
267
|
-
|
|
268
|
-
if (isMultilinePattern(pattern)) {
|
|
269
|
-
const match = safeRegexTest(pattern, content);
|
|
270
|
-
if (match) {
|
|
271
|
-
const matchIndex = content.indexOf(match[0]);
|
|
272
|
-
const lineNumber = content.slice(0, matchIndex).split('\n').length;
|
|
273
|
-
const lineIndex = lineNumber - 1;
|
|
274
|
-
const ctx = contexts[lineIndex];
|
|
275
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
276
|
-
const confidence = inDocContext ? 'low' : 'high';
|
|
277
|
-
const severity = inDocContext ? 'high' : 'critical';
|
|
278
|
-
findings.push({
|
|
279
|
-
type: 'ai_defence',
|
|
280
|
-
severity,
|
|
281
|
-
message: `AI injection pattern detected: "${match[0].slice(0, 50)}${match[0].length > 50 ? '...' : ''}"`,
|
|
282
|
-
location: match[0].trim().slice(0, 100),
|
|
283
|
-
lineNumber,
|
|
284
|
-
category: 'ai_defence',
|
|
285
|
-
inDocumentationContext: inDocContext,
|
|
286
|
-
confidence,
|
|
287
|
-
});
|
|
288
|
-
flaggedLines.add(lineNumber);
|
|
289
|
-
}
|
|
290
|
-
}
|
|
291
|
-
}
|
|
292
|
-
// Second pass: line-by-line scanning for single-line patterns
|
|
293
|
-
lines.forEach((line, index) => {
|
|
294
|
-
if (flaggedLines.has(index + 1))
|
|
295
|
-
return;
|
|
296
|
-
const ctx = contexts[index];
|
|
297
|
-
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
298
|
-
for (const pattern of AI_DEFENCE_PATTERNS) {
|
|
299
|
-
if (isMultilinePattern(pattern))
|
|
300
|
-
continue;
|
|
301
|
-
const match = safeRegexTest(pattern, line);
|
|
302
|
-
if (match) {
|
|
303
|
-
const confidence = inDocContext ? 'low' : 'high';
|
|
304
|
-
const severity = inDocContext ? 'high' : 'critical';
|
|
305
|
-
findings.push({
|
|
306
|
-
type: 'ai_defence',
|
|
307
|
-
severity,
|
|
308
|
-
message: `AI injection pattern detected: "${match[0].slice(0, 50)}${match[0].length > 50 ? '...' : ''}"`,
|
|
309
|
-
location: line.trim().slice(0, 100),
|
|
310
|
-
lineNumber: index + 1,
|
|
311
|
-
category: 'ai_defence',
|
|
312
|
-
inDocumentationContext: inDocContext,
|
|
313
|
-
confidence,
|
|
314
|
-
});
|
|
315
|
-
break;
|
|
316
|
-
}
|
|
317
|
-
}
|
|
318
|
-
});
|
|
319
|
-
return findings;
|
|
252
|
+
return scanPatternsWithMultilineSupport(content, {
|
|
253
|
+
type: 'ai_defence',
|
|
254
|
+
messagePrefix: 'AI injection pattern detected',
|
|
255
|
+
patterns: AI_DEFENCE_PATTERNS,
|
|
256
|
+
severities: ['high', 'critical'],
|
|
257
|
+
}, lineContexts);
|
|
320
258
|
}
|
|
321
259
|
/** @deprecated Use standalone calculateRiskScore function for new code */
|
|
322
260
|
calculateRiskScore = calculateRiskScore;
|
|
@@ -340,6 +278,7 @@ export class SecurityScanner {
|
|
|
340
278
|
findings.push(...this.scanDataExfiltration(content, lineContexts));
|
|
341
279
|
findings.push(...this.scanPrivilegeEscalation(content, lineContexts));
|
|
342
280
|
findings.push(...this.scanAIDefenceVulnerabilities(content, lineContexts));
|
|
281
|
+
findings.push(...scanSsrfPatterns(content, lineContexts));
|
|
343
282
|
const endTime = performance.now();
|
|
344
283
|
const { total: riskScore, breakdown: riskBreakdown } = calculateRiskScore(findings);
|
|
345
284
|
const hasCritical = findings.some((f) => f.severity === 'critical');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"SecurityScanner.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,GACpB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAIhE,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,8BAA8B,CAAA;AAErC,iEAAiE;AACjE,OAAO,EACL,aAAa,EACb,OAAO,EACP,mBAAmB,EACnB,SAAS,GACV,MAAM,iCAAiC,CAAA;AAExC,kDAAkD;AAClD,OAAO,EAEL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,GACnB,CAAA;AACD,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAA;AAEjE,MAAM,OAAO,eAAe;IAClB,cAAc,CAAa;IAC3B,eAAe,CAAU;IACzB,gBAAgB,CAAQ;IACxB,aAAa,CAAQ;IAE7B,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,cAAc,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,uBAAuB,CAAC,CAAA;QAChF,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAA;QACpD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,SAAS,CAAA,CAAC,MAAM;QACpE,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,EAAE,CAAA;IAClD,CAAC;IAEO,WAAW,CAAC,OAAe;QACjC,MAAM,UAAU,GAAG,4BAA4B,CAAA;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,OAAO,GAAyC,EAAE,CAAA;QAExD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,IAAI,KAAK,CAAA;YACT,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,OAAO,CAAA;IAChB,CAAC;IAEO,eAAe,CAAC,GAAW;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;YAC3B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;YAC9C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,CACzC,CAAC,MAAM,EAAE,EAAE,CAAC,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CACnE,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,OAAe;QAC9B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QAEtC,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,KAAK;oBACX,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,kCAAkC,GAAG,EAAE;oBAChD,QAAQ,EAAE,GAAG;oBACb,UAAU,EAAE,IAAI;iBACjB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,kBAAkB,CAAC,OAAe,EAAE,YAA4B;QACtE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,IAAI,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;oBAClC,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,4CAA4C,OAAO,CAAC,MAAM,EAAE;wBACrE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;gBACzC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,WAAW;wBACjB,QAAQ;wBACR,OAAO,EAAE,0CAA0C,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC9D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,sBAAsB,CAAC,OAAe;QAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,iCAAiC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACrD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC3C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,8BAA8B,KAAK,CAAC,CAAC,CAAC,GAAG;wBAClD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;gBAClD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,oBAAoB;wBAC9B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,iBAAiB,CAAC,OAAe,EAAE,YAA4B;QACrE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,qCAAqC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACzD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,gBAAgB;wBAC1B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,oBAAoB,CAAC,OAAe,EAAE,YAA4B;QACxE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,mBAAmB;wBACzB,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,mBAAmB;wBAC7B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,uBAAuB,CAC7B,OAAe,EACf,YAA4B;QAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,6BAA6B,EAAE,CAAC;gBACpD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,sBAAsB;wBAC5B,QAAQ;wBACR,OAAO,EAAE,2CAA2C,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC/D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,sBAAsB;wBAChC,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,4BAA4B,CAClC,OAAe,EACf,YAA4B;QAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAChE,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAA;QAEtC,wDAAwD;QACxD,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAChC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;gBAC7C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;oBAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAA;oBAClE,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAA;oBAEhC,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAA;oBAC/B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9D,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,YAAY;wBAClB,QAAQ;wBACR,OAAO,EAAE,mCAAmC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;wBACxG,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACvC,UAAU;wBACV,QAAQ,EAAE,YAAY;wBACtB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;gBAC9B,CAAC;YACH,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC;gBAAE,OAAM;YAEvC,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAC3B,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAE9D,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,IAAI,kBAAkB,CAAC,OAAO,CAAC;oBAAE,SAAQ;gBAEzC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,YAAY;wBAClB,QAAQ;wBACR,OAAO,EAAE,mCAAmC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;wBACxG,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,YAAY;wBACtB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAED,0EAA0E;IAC1E,kBAAkB,GAAG,kBAAkB,CAAA;IAEvC,IAAI,CAAC,OAAe,EAAE,OAAe;QACnC,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACnC,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEpD,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,mCAAmC,IAAI,CAAC,gBAAgB,SAAS;aAC3E,CAAC,CAAA;QACJ,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;QACxC,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAChE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAA;QACtD,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAClE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACrE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAE1E,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACjC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QAEnF,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAA;QACnE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;QAC3D,MAAM,gBAAgB,GAAG,SAAS,IAAI,IAAI,CAAC,aAAa,CAAA;QAExD,OAAO;YACL,OAAO;YACP,MAAM,EAAE,CAAC,WAAW,IAAI,CAAC,OAAO,IAAI,CAAC,gBAAgB;YACrD,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,cAAc,EAAE,OAAO,GAAG,SAAS;YACnC,SAAS;YACT,aAAa;SACd,CAAA;IACH,CAAC;IAED,UAAU,CAAC,OAAe;QACxB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAA;QACpD,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gBAAgB,CAAC,MAAc;QAC7B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED,iBAAiB,CAAC,OAAe;QAC/B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpC,CAAC;IAED,oEAAoE;IACpE,MAAM,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,MAAM,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,MAAM,CAAC,mBAAmB,GAAG,mBAAmB,CAAA;IAChD,MAAM,CAAC,SAAS,GAAG,SAAS,CAAA;;AAG9B,eAAe,eAAe,CAAA"}
|
|
1
|
+
{"version":3,"file":"SecurityScanner.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,GACpB,MAAM,eAAe,CAAA;AACtB,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAIhE,OAAO,EACL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,EAClB,gCAAgC,GACjC,MAAM,8BAA8B,CAAA;AAErC,sBAAsB;AACtB,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAA;AAE5D,iEAAiE;AACjE,OAAO,EACL,aAAa,EACb,OAAO,EACP,mBAAmB,EACnB,SAAS,GACV,MAAM,iCAAiC,CAAA;AAExC,kDAAkD;AAClD,OAAO,EAEL,kBAAkB,EAClB,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,GACnB,CAAA;AACD,OAAO,EAAE,gBAAgB,EAAE,CAAA;AAC3B,OAAO,EAAE,aAAa,EAAE,OAAO,EAAE,mBAAmB,EAAE,SAAS,EAAE,CAAA;AAEjE,MAAM,OAAO,eAAe;IAClB,cAAc,CAAa;IAC3B,eAAe,CAAU;IACzB,gBAAgB,CAAQ;IACxB,aAAa,CAAQ;IAE7B,YAAY,UAA0B,EAAE;QACtC,IAAI,CAAC,cAAc,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI,uBAAuB,CAAC,CAAA;QAChF,IAAI,CAAC,eAAe,GAAG,OAAO,CAAC,eAAe,IAAI,EAAE,CAAA;QACpD,IAAI,CAAC,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,IAAI,SAAS,CAAA,CAAC,MAAM;QACpE,IAAI,CAAC,aAAa,GAAG,OAAO,CAAC,aAAa,IAAI,EAAE,CAAA;IAClD,CAAC;IAEO,WAAW,CAAC,OAAe;QACjC,MAAM,UAAU,GAAG,4BAA4B,CAAA;QAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,OAAO,GAAyC,EAAE,CAAA;QAExD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,IAAI,KAAK,CAAA;YACT,OAAO,CAAC,KAAK,GAAG,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,GAAG,CAAC,EAAE,CAAC,CAAA;YAClD,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,OAAO,CAAA;IAChB,CAAC;IAEO,eAAe,CAAC,GAAW;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAA;YAC3B,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;YAC9C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,IAAI,CACzC,CAAC,MAAM,EAAE,EAAE,CAAC,QAAQ,KAAK,MAAM,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,GAAG,MAAM,CAAC,CACnE,CAAA;QACH,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAA;QACd,CAAC;IACH,CAAC;IAEO,QAAQ,CAAC,OAAe;QAC9B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,IAAI,GAAG,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,CAAA;QAEtC,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,IAAI,EAAE,CAAC;YACjC,IAAI,CAAC,IAAI,CAAC,eAAe,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,KAAK;oBACX,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,kCAAkC,GAAG,EAAE;oBAChD,QAAQ,EAAE,GAAG;oBACb,UAAU,EAAE,IAAI;iBACjB,CAAC,CAAA;YACJ,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,kBAAkB,CAAC,OAAe,EAAE,YAA4B;QACtE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,IAAI,cAAc,CAAC,OAAO,EAAE,IAAI,CAAC,EAAE,CAAC;oBAClC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;oBAC1C,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,EAAE,KAAK,IAAI,CAAC,CAAC,CAAA;oBACrF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,4CAA4C,OAAO,CAAC,MAAM,EAAE;wBACrE,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,OAAO,gCAAgC,CACrC,OAAO,EACP;YACE,IAAI,EAAE,WAAW;YACjB,aAAa,EAAE,sCAAsC;YACrD,QAAQ,EAAE,kBAAkB;YAC5B,UAAU,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SACjC,EACD,YAAY,CACb,CAAA;IACH,CAAC;IAEO,sBAAsB,CAAC,OAAe;QAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QAEjC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;gBAC1C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,iCAAiC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACrD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;YAED,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;gBAC3C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ,EAAE,MAAM;wBAChB,OAAO,EAAE,8BAA8B,KAAK,CAAC,CAAC,CAAC,GAAG;wBAClD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;qBACtB,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,qBAAqB,CAAC,OAAe,EAAE,YAA4B;QACzE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,2BAA2B,EAAE,CAAC;gBAClD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,oBAAoB;wBAC1B,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,oBAAoB;wBAC9B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,iBAAiB,CAAC,OAAe,EAAE,YAA4B;QACrE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;gBAC9C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,gBAAgB;wBACtB,QAAQ;wBACR,OAAO,EAAE,qCAAqC,KAAK,CAAC,CAAC,CAAC,GAAG;wBACzD,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,gBAAgB;wBAC1B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,oBAAoB,CAAC,OAAe,EAAE,YAA4B;QACxE,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;gBACjD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;oBAEjD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,mBAAmB;wBACzB,QAAQ;wBACR,OAAO,EAAE,yCAAyC,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC7D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,mBAAmB;wBAC7B,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,uBAAuB,CAC7B,OAAe,EACf,YAA4B;QAE5B,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;QACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEhE,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;YAC5B,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;YAE3B,KAAK,MAAM,OAAO,IAAI,6BAA6B,EAAE,CAAC;gBACpD,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;gBAC1C,IAAI,KAAK,EAAE,CAAC;oBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;oBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;oBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;oBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAA;oBAEnD,QAAQ,CAAC,IAAI,CAAC;wBACZ,IAAI,EAAE,sBAAsB;wBAC5B,QAAQ;wBACR,OAAO,EAAE,2CAA2C,KAAK,CAAC,CAAC,CAAC,GAAG;wBAC/D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;wBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;wBACrB,QAAQ,EAAE,sBAAsB;wBAChC,sBAAsB,EAAE,YAAY;wBACpC,UAAU;qBACX,CAAC,CAAA;oBACF,MAAK;gBACP,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;QAEF,OAAO,QAAQ,CAAA;IACjB,CAAC;IAEO,4BAA4B,CAClC,OAAe,EACf,YAA4B;QAE5B,OAAO,gCAAgC,CACrC,OAAO,EACP;YACE,IAAI,EAAE,YAAY;YAClB,aAAa,EAAE,+BAA+B;YAC9C,QAAQ,EAAE,mBAAmB;YAC7B,UAAU,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;SACjC,EACD,YAAY,CACb,CAAA;IACH,CAAC;IAED,0EAA0E;IAC1E,kBAAkB,GAAG,kBAAkB,CAAA;IAEvC,IAAI,CAAC,OAAe,EAAE,OAAe;QACnC,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACnC,MAAM,QAAQ,GAAsB,EAAE,CAAA;QACtC,MAAM,YAAY,GAAG,sBAAsB,CAAC,OAAO,CAAC,CAAA;QAEpD,IAAI,OAAO,CAAC,MAAM,GAAG,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,mCAAmC,IAAI,CAAC,gBAAgB,SAAS;aAC3E,CAAC,CAAA;QACJ,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAA;QACxC,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAChE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,CAAC,CAAA;QACtD,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,qBAAqB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,iBAAiB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC/D,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,oBAAoB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAClE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,uBAAuB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QACrE,QAAQ,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,4BAA4B,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAC1E,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,OAAO,EAAE,YAAY,CAAC,CAAC,CAAA;QAEzD,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAA;QACjC,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,SAAS,EAAE,aAAa,EAAE,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAA;QAEnF,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAA;QACnE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAA;QAC3D,MAAM,gBAAgB,GAAG,SAAS,IAAI,IAAI,CAAC,aAAa,CAAA;QAExD,OAAO;YACL,OAAO;YACP,MAAM,EAAE,CAAC,WAAW,IAAI,CAAC,OAAO,IAAI,CAAC,gBAAgB;YACrD,QAAQ;YACR,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,cAAc,EAAE,OAAO,GAAG,SAAS;YACnC,SAAS;YACT,aAAa;SACd,CAAA;IACH,CAAC;IAED,UAAU,CAAC,OAAe;QACxB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,IAAI,cAAc,CAAC,OAAO,EAAE,OAAO,CAAC;gBAAE,OAAO,KAAK,CAAA;QACpD,CAAC;QACD,OAAO,IAAI,CAAA;IACb,CAAC;IAED,gBAAgB,CAAC,MAAc;QAC7B,IAAI,CAAC,cAAc,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAA;IAC/C,CAAC;IAED,iBAAiB,CAAC,OAAe;QAC/B,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,OAAO,CAAC,CAAA;IACpC,CAAC;IAED,oEAAoE;IACpE,MAAM,CAAC,aAAa,GAAG,aAAa,CAAA;IACpC,MAAM,CAAC,OAAO,GAAG,OAAO,CAAA;IACxB,MAAM,CAAC,mBAAmB,GAAG,mBAAmB,CAAA;IAChD,MAAM,CAAC,SAAS,GAAG,SAAS,CAAA;;AAG9B,eAAe,eAAe,CAAA"}
|
|
@@ -0,0 +1,15 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SSRF Pattern Scanning - SMI-3509
|
|
3
|
+
*
|
|
4
|
+
* Detects SSRF instructions in skill content.
|
|
5
|
+
* Extracted from SecurityScanner to keep file sizes under 500 lines.
|
|
6
|
+
*/
|
|
7
|
+
import type { SecurityFinding } from './types.js';
|
|
8
|
+
import type { LineContext } from './SecurityScanner.helpers.js';
|
|
9
|
+
/**
|
|
10
|
+
* Scan content for SSRF instruction patterns.
|
|
11
|
+
* Uses documentation context to reduce severity for patterns in code blocks/tables.
|
|
12
|
+
* SMI-3522: Supports multi-line patterns via scanPatternsWithMultilineSupport approach.
|
|
13
|
+
*/
|
|
14
|
+
export declare function scanSsrfPatterns(content: string, lineContexts?: LineContext[]): SecurityFinding[];
|
|
15
|
+
//# sourceMappingURL=SecurityScanner.ssrf.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SecurityScanner.ssrf.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ssrf.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAqB,MAAM,YAAY,CAAA;AACpE,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,8BAA8B,CAAA;AAU/D;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,EAAE,YAAY,CAAC,EAAE,WAAW,EAAE,GAAG,eAAe,EAAE,CA+DjG"}
|
|
@@ -0,0 +1,76 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SSRF Pattern Scanning - SMI-3509
|
|
3
|
+
*
|
|
4
|
+
* Detects SSRF instructions in skill content.
|
|
5
|
+
* Extracted from SecurityScanner to keep file sizes under 500 lines.
|
|
6
|
+
*/
|
|
7
|
+
import { analyzeMarkdownContext, isDocumentationContext, isWithinInlineCode, isMultilinePattern, } from './SecurityScanner.helpers.js';
|
|
8
|
+
import { SSRF_INSTRUCTION_PATTERNS } from './patterns.js';
|
|
9
|
+
import { safeRegexTest } from './regex-utils.js';
|
|
10
|
+
/**
|
|
11
|
+
* Scan content for SSRF instruction patterns.
|
|
12
|
+
* Uses documentation context to reduce severity for patterns in code blocks/tables.
|
|
13
|
+
* SMI-3522: Supports multi-line patterns via scanPatternsWithMultilineSupport approach.
|
|
14
|
+
*/
|
|
15
|
+
export function scanSsrfPatterns(content, lineContexts) {
|
|
16
|
+
const findings = [];
|
|
17
|
+
const lines = content.split('\n');
|
|
18
|
+
const contexts = lineContexts ?? analyzeMarkdownContext(content);
|
|
19
|
+
const flaggedLines = new Set();
|
|
20
|
+
// SMI-3522: First pass — multi-line SSRF patterns against full content
|
|
21
|
+
for (const pattern of SSRF_INSTRUCTION_PATTERNS) {
|
|
22
|
+
if (!isMultilinePattern(pattern))
|
|
23
|
+
continue;
|
|
24
|
+
const match = safeRegexTest(pattern, content);
|
|
25
|
+
if (match) {
|
|
26
|
+
const matchIndex = content.indexOf(match[0]);
|
|
27
|
+
const lineNumber = content.slice(0, matchIndex).split('\n').length;
|
|
28
|
+
const ctx = contexts[lineNumber - 1];
|
|
29
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) : false;
|
|
30
|
+
const confidence = inDocContext ? 'low' : 'high';
|
|
31
|
+
const severity = inDocContext ? 'medium' : 'high';
|
|
32
|
+
const truncated = match[0].slice(0, 50);
|
|
33
|
+
findings.push({
|
|
34
|
+
type: 'ssrf',
|
|
35
|
+
severity,
|
|
36
|
+
message: `SSRF instruction pattern detected: "${truncated}${match[0].length > 50 ? '...' : ''}"`,
|
|
37
|
+
location: match[0].trim().slice(0, 100),
|
|
38
|
+
lineNumber,
|
|
39
|
+
category: 'ssrf',
|
|
40
|
+
inDocumentationContext: inDocContext,
|
|
41
|
+
confidence,
|
|
42
|
+
});
|
|
43
|
+
flaggedLines.add(lineNumber);
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
// Second pass — single-line SSRF patterns per-line
|
|
47
|
+
lines.forEach((line, index) => {
|
|
48
|
+
if (flaggedLines.has(index + 1))
|
|
49
|
+
return;
|
|
50
|
+
const ctx = contexts[index];
|
|
51
|
+
for (const pattern of SSRF_INSTRUCTION_PATTERNS) {
|
|
52
|
+
if (isMultilinePattern(pattern))
|
|
53
|
+
continue;
|
|
54
|
+
const match = safeRegexTest(pattern, line);
|
|
55
|
+
if (match) {
|
|
56
|
+
const inInlineCode = ctx?.isInlineCode && isWithinInlineCode(line, match.index ?? 0);
|
|
57
|
+
const inDocContext = ctx ? isDocumentationContext(ctx) || inInlineCode : false;
|
|
58
|
+
const confidence = inDocContext ? 'low' : 'high';
|
|
59
|
+
const severity = inDocContext ? 'medium' : 'high';
|
|
60
|
+
findings.push({
|
|
61
|
+
type: 'ssrf',
|
|
62
|
+
severity,
|
|
63
|
+
message: `SSRF instruction pattern detected: "${match[0]}"`,
|
|
64
|
+
location: line.trim().slice(0, 100),
|
|
65
|
+
lineNumber: index + 1,
|
|
66
|
+
category: 'ssrf',
|
|
67
|
+
inDocumentationContext: inDocContext,
|
|
68
|
+
confidence,
|
|
69
|
+
});
|
|
70
|
+
break;
|
|
71
|
+
}
|
|
72
|
+
}
|
|
73
|
+
});
|
|
74
|
+
return findings;
|
|
75
|
+
}
|
|
76
|
+
//# sourceMappingURL=SecurityScanner.ssrf.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"SecurityScanner.ssrf.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.ssrf.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAIH,OAAO,EACL,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,8BAA8B,CAAA;AACrC,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAA;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAA;AAEhD;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAe,EAAE,YAA4B;IAC5E,MAAM,QAAQ,GAAsB,EAAE,CAAA;IACtC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAA;IACjC,MAAM,QAAQ,GAAG,YAAY,IAAI,sBAAsB,CAAC,OAAO,CAAC,CAAA;IAChE,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAA;IAEtC,uEAAuE;IACvE,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;QAChD,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC;YAAE,SAAQ;QAC1C,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAA;QAC7C,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAA;YAC5C,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAA;YAClE,MAAM,GAAG,GAAG,QAAQ,CAAC,UAAU,GAAG,CAAC,CAAC,CAAA;YACpC,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAA;YAC9D,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;YACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;YACjD,MAAM,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAA;YAEvC,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI,EAAE,MAAM;gBACZ,QAAQ;gBACR,OAAO,EAAE,uCAAuC,SAAS,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,GAAG;gBAChG,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;gBACvC,UAAU;gBACV,QAAQ,EAAE,MAAM;gBAChB,sBAAsB,EAAE,YAAY;gBACpC,UAAU;aACX,CAAC,CAAA;YACF,YAAY,CAAC,GAAG,CAAC,UAAU,CAAC,CAAA;QAC9B,CAAC;IACH,CAAC;IAED,mDAAmD;IACnD,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,EAAE;QAC5B,IAAI,YAAY,CAAC,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC;YAAE,OAAM;QACvC,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAA;QAE3B,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;YAChD,IAAI,kBAAkB,CAAC,OAAO,CAAC;gBAAE,SAAQ;YACzC,MAAM,KAAK,GAAG,aAAa,CAAC,OAAO,EAAE,IAAI,CAAC,CAAA;YAC1C,IAAI,KAAK,EAAE,CAAC;gBACV,MAAM,YAAY,GAAG,GAAG,EAAE,YAAY,IAAI,kBAAkB,CAAC,IAAI,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAA;gBACpF,MAAM,YAAY,GAAG,GAAG,CAAC,CAAC,CAAC,sBAAsB,CAAC,GAAG,CAAC,IAAI,YAAY,CAAC,CAAC,CAAC,KAAK,CAAA;gBAC9E,MAAM,UAAU,GAAsB,YAAY,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAA;gBACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAA;gBAEjD,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,MAAM;oBACZ,QAAQ;oBACR,OAAO,EAAE,uCAAuC,KAAK,CAAC,CAAC,CAAC,GAAG;oBAC3D,QAAQ,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBACnC,UAAU,EAAE,KAAK,GAAG,CAAC;oBACrB,QAAQ,EAAE,MAAM;oBAChB,sBAAsB,EAAE,YAAY;oBACpC,UAAU;iBACX,CAAC,CAAA;gBACF,MAAK;YACP,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAA;IAEF,OAAO,QAAQ,CAAA;AACjB,CAAC"}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Re-exports for security scanning functionality.
|
|
5
5
|
*/
|
|
6
6
|
export type { SecurityFindingType, SecuritySeverity, SecurityFinding, RiskScoreBreakdown, ScanReport, ScannerOptions, } from './types.js';
|
|
7
|
-
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, } from './patterns.js';
|
|
7
|
+
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, SSRF_INSTRUCTION_PATTERNS, } from './patterns.js';
|
|
8
8
|
export { SEVERITY_WEIGHTS, CATEGORY_WEIGHTS } from './weights.js';
|
|
9
9
|
export { MAX_LINE_LENGTH_FOR_REGEX, safeRegexTest, safeRegexCheck } from './regex-utils.js';
|
|
10
10
|
export { SecurityScanner, default } from './SecurityScanner.js';
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,YAAY,EACV,mBAAmB,EACnB,gBAAgB,EAChB,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,cAAc,GACf,MAAM,YAAY,CAAA;AAGnB,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,YAAY,EACV,mBAAmB,EACnB,gBAAgB,EAChB,eAAe,EACf,kBAAkB,EAClB,UAAU,EACV,cAAc,GACf,MAAM,YAAY,CAAA;AAGnB,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,yBAAyB,GAC1B,MAAM,eAAe,CAAA;AAGtB,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAGjE,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAG3F,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA"}
|
|
@@ -4,7 +4,7 @@
|
|
|
4
4
|
* Re-exports for security scanning functionality.
|
|
5
5
|
*/
|
|
6
6
|
// Patterns (for testing/extending)
|
|
7
|
-
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, } from './patterns.js';
|
|
7
|
+
export { DEFAULT_ALLOWED_DOMAINS, SENSITIVE_PATH_PATTERNS, JAILBREAK_PATTERNS, SUSPICIOUS_PATTERNS, SOCIAL_ENGINEERING_PATTERNS, PROMPT_LEAKING_PATTERNS, DATA_EXFILTRATION_PATTERNS, PRIVILEGE_ESCALATION_PATTERNS, AI_DEFENCE_PATTERNS, SSRF_INSTRUCTION_PATTERNS, } from './patterns.js';
|
|
8
8
|
// Weights (for testing/extending)
|
|
9
9
|
export { SEVERITY_WEIGHTS, CATEGORY_WEIGHTS } from './weights.js';
|
|
10
10
|
// Regex utilities (for testing/extending)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,mCAAmC;AACnC,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../src/security/scanner/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAYH,mCAAmC;AACnC,OAAO,EACL,uBAAuB,EACvB,uBAAuB,EACvB,kBAAkB,EAClB,mBAAmB,EACnB,2BAA2B,EAC3B,uBAAuB,EACvB,0BAA0B,EAC1B,6BAA6B,EAC7B,mBAAmB,EACnB,yBAAyB,GAC1B,MAAM,eAAe,CAAA;AAEtB,kCAAkC;AAClC,OAAO,EAAE,gBAAgB,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAA;AAEjE,0CAA0C;AAC1C,OAAO,EAAE,yBAAyB,EAAE,aAAa,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAA;AAE3F,aAAa;AACb,OAAO,EAAE,eAAe,EAAE,OAAO,EAAE,MAAM,sBAAsB,CAAA"}
|
|
@@ -11,6 +11,12 @@ export declare const SOCIAL_ENGINEERING_PATTERNS: RegExp[];
|
|
|
11
11
|
export declare const PROMPT_LEAKING_PATTERNS: RegExp[];
|
|
12
12
|
export declare const DATA_EXFILTRATION_PATTERNS: RegExp[];
|
|
13
13
|
export declare const PRIVILEGE_ESCALATION_PATTERNS: RegExp[];
|
|
14
|
+
/**
|
|
15
|
+
* SMI-3509: SSRF instruction patterns
|
|
16
|
+
* Detects content instructing fetches to internal/dangerous endpoints.
|
|
17
|
+
* These are text-oriented patterns for skill content scanning (not URL validators).
|
|
18
|
+
*/
|
|
19
|
+
export declare const SSRF_INSTRUCTION_PATTERNS: RegExp[];
|
|
14
20
|
/**
|
|
15
21
|
* SMI-1532: AIDefence CVE-hardened injection patterns
|
|
16
22
|
* Optimized for sub-10ms scan time with compiled regex and no backtracking
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,kBAAkB,
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAanC,CAAA;AAGD,eAAO,MAAM,kBAAkB,UAkB9B,CAAA;AAGD,eAAO,MAAM,mBAAmB,UAY/B,CAAA;AAGD,eAAO,MAAM,2BAA2B,UAavC,CAAA;AAGD,eAAO,MAAM,uBAAuB,UAenC,CAAA;AAGD,eAAO,MAAM,0BAA0B,UAqBtC,CAAA;AAGD,eAAO,MAAM,6BAA6B,UAyBzC,CAAA;AAED;;;;GAIG;AACH,eAAO,MAAM,yBAAyB,UAuBrC,CAAA;AAED;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,mBAAmB,UAwD/B,CAAA"}
|
|
@@ -47,6 +47,10 @@ export const JAILBREAK_PATTERNS = [
|
|
|
47
47
|
/you\s+are\s+now\s+(free|unrestricted|unfiltered)/i,
|
|
48
48
|
/ignore\s+your\s+(safety|ethical)\s+(guidelines?|rules?)/i,
|
|
49
49
|
/hypothetical\s+scenario\s+where\s+you\s+can/i,
|
|
50
|
+
// Multi-line split-word obfuscation patterns (tested against full content)
|
|
51
|
+
/ig\s*\n\s*nore\s+(?:all\s+)?(?:previous|prior|above)\s+(?:instructions?|prompts?|rules?)/i,
|
|
52
|
+
/dis\s*\n\s*regard\s+(?:all\s+)?(?:previous|prior|your)\s+(?:instructions?|programming)/i,
|
|
53
|
+
/by\s*\n\s*pass\s+(?:all\s+)?(?:restrictions?|filters?|safety)/i,
|
|
50
54
|
];
|
|
51
55
|
// Suspicious patterns that might indicate malicious intent
|
|
52
56
|
export const SUSPICIOUS_PATTERNS = [
|
|
@@ -144,6 +148,31 @@ export const PRIVILEGE_ESCALATION_PATTERNS = [
|
|
|
144
148
|
/su\s+-\s+root/i,
|
|
145
149
|
/become\s+root/i,
|
|
146
150
|
];
|
|
151
|
+
/**
|
|
152
|
+
* SMI-3509: SSRF instruction patterns
|
|
153
|
+
* Detects content instructing fetches to internal/dangerous endpoints.
|
|
154
|
+
* These are text-oriented patterns for skill content scanning (not URL validators).
|
|
155
|
+
*/
|
|
156
|
+
export const SSRF_INSTRUCTION_PATTERNS = [
|
|
157
|
+
// Dangerous protocol schemes in skill instructions
|
|
158
|
+
/(?:fetch|request|curl|wget|get|open|load|read)\s+(?:from\s+)?file:\/\//i,
|
|
159
|
+
/(?:fetch|request|curl|wget|get|open|load|read)\s+(?:from\s+)?gopher:\/\//i,
|
|
160
|
+
/(?:fetch|request|curl|wget|get|open|load|read)\s+(?:from\s+)?dict:\/\//i,
|
|
161
|
+
/(?:fetch|request|curl|wget|get|open|load|read)\s+(?:from\s+)?ldap:\/\//i,
|
|
162
|
+
// Instructions targeting localhost/internal IPs
|
|
163
|
+
/(?:fetch|request|curl|wget|get|connect|send)\s+(?:to\s+)?(?:https?:\/\/)?localhost/i,
|
|
164
|
+
/(?:fetch|request|curl|wget|get|connect|send)\s+(?:to\s+)?(?:https?:\/\/)?127\.0\.0\.\d+/i,
|
|
165
|
+
/(?:fetch|request|curl|wget|get|connect|send)\s+(?:to\s+)?(?:https?:\/\/)?0\.0\.0\.0/i,
|
|
166
|
+
// Cloud metadata service endpoints
|
|
167
|
+
/169\.254\.169\.254/,
|
|
168
|
+
// Bare dangerous protocol references in content (without action verb)
|
|
169
|
+
/file:\/\/\/etc\/(?:passwd|shadow|hosts)/i,
|
|
170
|
+
/gopher:\/\/localhost/i,
|
|
171
|
+
// SMI-3522: Multi-line SSRF patterns (split across lines)
|
|
172
|
+
/(?:fetch|request|curl|wget|get|open|load|read)\s+(?:from\s+)?(?:the\s+)?(?:url\s+)?\n\s*file:\/\//i,
|
|
173
|
+
/(?:fetch|request|curl|wget|get|connect|send)\s+(?:to\s+)?(?:the\s*)?\n\s*(?:https?:\/\/)?(?:localhost|127\.0\.0\.\d+|0\.0\.0\.0)/i,
|
|
174
|
+
/(?:fetch|request|curl|wget|get|open|load|read)\s+(?:from\s+)?(?:the\s+)?(?:url\s+)?\n\s*gopher:\/\//i,
|
|
175
|
+
];
|
|
147
176
|
/**
|
|
148
177
|
* SMI-1532: AIDefence CVE-hardened injection patterns
|
|
149
178
|
* Optimized for sub-10ms scan time with compiled regex and no backtracking
|
|
@@ -168,6 +197,9 @@ export const AI_DEFENCE_PATTERNS = [
|
|
|
168
197
|
// Unicode homograph attacks - visually similar characters
|
|
169
198
|
// Detects Cyrillic, Greek, or other homoglyphs mixed with Latin
|
|
170
199
|
/[\u0400-\u04FF\u0370-\u03FF]{2,}[\w\s]+(?:ignore|bypass|instruction)/i,
|
|
200
|
+
// Mixed-script detection: Latin + Cyrillic/Greek in same word (homoglyph attack)
|
|
201
|
+
// Note: \b word boundaries don't work with Unicode; use space/start/end anchors
|
|
202
|
+
/(?:^|[\s,."'(])(?:[a-zA-Z]+[\u0400-\u04FF\u0370-\u03FF]|[\u0400-\u04FF\u0370-\u03FF]+[a-zA-Z])[a-zA-Z\u0400-\u04FF\u0370-\u03FF]*/,
|
|
171
203
|
// Prompt structure manipulation - XML/markdown injection
|
|
172
204
|
/<\/?(?:system|prompt|instruction|context|message)(?:\s[^>]*)?>/i,
|
|
173
205
|
// Base64 encoded instructions (common evasion technique)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,0BAA0B;AAC1B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,YAAY;IACZ,uBAAuB;IACvB,2BAA2B;IAC3B,WAAW;IACX,WAAW;IACX,oBAAoB;IACpB,eAAe;IACf,WAAW;IACX,iBAAiB;IACjB,uBAAuB;IACvB,YAAY;IACZ,oBAAoB;CACrB,CAAA;AAED,+BAA+B;AAC/B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,cAAc;IACd,WAAW;IACX,SAAS;IACT,SAAS;IACT,SAAS;IACT,WAAW;IACX,cAAc;IACd,iBAAiB;IACjB,WAAW;IACX,WAAW;IACX,cAAc;CACf,CAAA;AAED,6BAA6B;AAC7B,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,6EAA6E;IAC7E,2EAA2E;IAC3E,mBAAmB;IACnB,SAAS;IACT,sBAAsB;IACtB,YAAY;IACZ,oDAAoD;IACpD,+DAA+D;IAC/D,iDAAiD;IACjD,mDAAmD;IACnD,0DAA0D;IAC1D,8CAA8C;
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../../src/security/scanner/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,0BAA0B;AAC1B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,YAAY;IACZ,uBAAuB;IACvB,2BAA2B;IAC3B,WAAW;IACX,WAAW;IACX,oBAAoB;IACpB,eAAe;IACf,WAAW;IACX,iBAAiB;IACjB,uBAAuB;IACvB,YAAY;IACZ,oBAAoB;CACrB,CAAA;AAED,+BAA+B;AAC/B,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,QAAQ;IACR,cAAc;IACd,WAAW;IACX,SAAS;IACT,SAAS;IACT,SAAS;IACT,WAAW;IACX,cAAc;IACd,iBAAiB;IACjB,WAAW;IACX,WAAW;IACX,cAAc;CACf,CAAA;AAED,6BAA6B;AAC7B,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,6EAA6E;IAC7E,2EAA2E;IAC3E,mBAAmB;IACnB,SAAS;IACT,sBAAsB;IACtB,YAAY;IACZ,oDAAoD;IACpD,+DAA+D;IAC/D,iDAAiD;IACjD,mDAAmD;IACnD,0DAA0D;IAC1D,8CAA8C;IAE9C,2EAA2E;IAC3E,2FAA2F;IAC3F,yFAAyF;IACzF,gEAAgE;CACjE,CAAA;AAED,2DAA2D;AAC3D,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,YAAY;IACZ,YAAY;IACZ,gBAAgB;IAChB,eAAe,EAAE,uBAAuB;IACxC,uBAAuB;IACvB,yBAAyB;IACzB,qCAAqC;IACrC,gCAAgC;IAChC,eAAe;IACf,0BAA0B,EAAE,qBAAqB;IACjD,0BAA0B;CAC3B,CAAA;AAED,+CAA+C;AAC/C,MAAM,CAAC,MAAM,2BAA2B,GAAG;IACzC,2CAA2C;IAC3C,gBAAgB;IAChB,0CAA0C,EAAE,6BAA6B;IACzE,kDAAkD;IAClD,sBAAsB;IACtB,oCAAoC;IACpC,4BAA4B;IAC5B,2BAA2B;IAC3B,8BAA8B;IAC9B,iCAAiC;IACjC,4BAA4B;IAC5B,sBAAsB;CACvB,CAAA;AAED,2CAA2C;AAC3C,MAAM,CAAC,MAAM,uBAAuB,GAAG;IACrC,2DAA2D;IAC3D,qCAAqC;IACrC,qCAAqC;IACrC,8CAA8C;IAC9C,qCAAqC;IACrC,2CAA2C;IAC3C,+CAA+C;IAC/C,wDAAwD;IACxD,4CAA4C;IAC5C,+CAA+C;IAC/C,mDAAmD;IACnD,wCAAwC;IACxC,uDAAuD;IACvD,8CAA8C;CAC/C,CAAA;AAED,sCAAsC;AACtC,MAAM,CAAC,MAAM,0BAA0B,GAAG;IACxC,YAAY,EAAE,sBAAsB;IACpC,YAAY,EAAE,sBAAsB;IACpC,2CAA2C;IAC3C,wCAAwC;IACxC,0BAA0B;IAC1B,iCAAiC,EAAE,0BAA0B;IAC7D,iBAAiB;IACjB,wBAAwB;IACxB,gBAAgB;IAChB,mBAAmB;IACnB,iBAAiB;IACjB,uBAAuB;IACvB,iBAAiB;IACjB,QAAQ;IACR,kBAAkB,EAAE,YAAY;IAChC,2BAA2B;IAC3B,wCAAwC;IACxC,8CAA8C;IAC9C,mBAAmB;IACnB,wCAAwC;CACzC,CAAA;AAED,yCAAyC;AACzC,MAAM,CAAC,MAAM,6BAA6B,GAAG;IAC3C,wBAAwB,EAAE,gCAAgC;IAC1D,qBAAqB,EAAE,wBAAwB;IAC/C,YAAY;IACZ,oCAAoC,EAAE,2BAA2B;IACjE,kBAAkB,EAAE,eAAe;IACnC,kBAAkB,EAAE,iBAAiB;IACrC,kBAAkB,EAAE,0BAA0B;IAC9C,iBAAiB;IACjB,iBAAiB;IACjB,SAAS;IACT,iBAAiB;IACjB,WAAW;IACX,SAAS;IACT,SAAS;IACT,oBAAoB;IACpB,iBAAiB;IACjB,kCAAkC;IAClC,oBAAoB;IACpB,oCAAoC;IACpC,4BAA4B;IAC5B,uBAAuB;IACvB,mBAAmB;IACnB,gBAAgB;IAChB,gBAAgB;CACjB,CAAA;AAED;;;;GAIG;AACH,MAAM,CAAC,MAAM,yBAAyB,GAAG;IACvC,mDAAmD;IACnD,yEAAyE;IACzE,2EAA2E;IAC3E,yEAAyE;IACzE,yEAAyE;IAEzE,gDAAgD;IAChD,qFAAqF;IACrF,0FAA0F;IAC1F,sFAAsF;IAEtF,mCAAmC;IACnC,oBAAoB;IAEpB,sEAAsE;IACtE,0CAA0C;IAC1C,uBAAuB;IAEvB,0DAA0D;IAC1D,oGAAoG;IACpG,mIAAmI;IACnI,sGAAsG;CACvG,CAAA;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,2EAA2E;IAC3E,6EAA6E;IAC7E,mEAAmE;IACnE,mDAAmD;IAEnD,oDAAoD;IACpD,4BAA4B;IAE5B,6DAA6D;IAC7D,mFAAmF;IAEnF,0DAA0D;IAC1D,gEAAgE;IAChE,uEAAuE;IAEvE,iFAAiF;IACjF,gFAAgF;IAChF,mIAAmI;IAEnI,yDAAyD;IACzD,iEAAiE;IAEjE,yDAAyD;IACzD,6DAA6D;IAE7D,0DAA0D;IAC1D,uEAAuE;IAEvE,sCAAsC;IACtC,uEAAuE;IACvE,kFAAkF;IAClF,uGAAuG;IAEvG,4BAA4B;IAC5B,kDAAkD;IAElD,yCAAyC;IACzC,kFAAkF;IAElF,6BAA6B;IAC7B,8CAA8C;IAE9C,6CAA6C;IAC7C,+EAA+E;IAC/E,4HAA4H;IAE5H,kDAAkD;IAClD,wEAAwE;IAExE,wBAAwB;IACxB,4CAA4C;IAE5C,+EAA+E;IAC/E,6DAA6D;IAC7D,qBAAqB;CACtB,CAAA"}
|
|
@@ -6,7 +6,7 @@
|
|
|
6
6
|
/**
|
|
7
7
|
* Types of security findings that can be detected
|
|
8
8
|
*/
|
|
9
|
-
export type SecurityFindingType = 'url' | 'sensitive_path' | 'jailbreak' | 'suspicious_pattern' | 'social_engineering' | 'prompt_leaking' | 'data_exfiltration' | 'privilege_escalation' | 'ai_defence';
|
|
9
|
+
export type SecurityFindingType = 'url' | 'sensitive_path' | 'jailbreak' | 'suspicious_pattern' | 'social_engineering' | 'prompt_leaking' | 'data_exfiltration' | 'privilege_escalation' | 'ai_defence' | 'ssrf';
|
|
10
10
|
/**
|
|
11
11
|
* Severity levels for security findings
|
|
12
12
|
*/
|
|
@@ -47,6 +47,7 @@ export interface RiskScoreBreakdown {
|
|
|
47
47
|
sensitivePaths: number;
|
|
48
48
|
externalUrls: number;
|
|
49
49
|
aiDefence: number;
|
|
50
|
+
ssrf: number;
|
|
50
51
|
}
|
|
51
52
|
/**
|
|
52
53
|
* Comprehensive scan report with risk scoring
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAC3B,KAAK,GACL,gBAAgB,GAChB,WAAW,GACX,oBAAoB,GACpB,oBAAoB,GACpB,gBAAgB,GAChB,mBAAmB,GACnB,sBAAsB,GACtB,YAAY,CAAA;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/types.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH;;GAEG;AACH,MAAM,MAAM,mBAAmB,GAC3B,KAAK,GACL,gBAAgB,GAChB,WAAW,GACX,oBAAoB,GACpB,oBAAoB,GACpB,gBAAgB,GAChB,mBAAmB,GACnB,sBAAsB,GACtB,YAAY,GACZ,MAAM,CAAA;AAEV;;GAEG;AACH,MAAM,MAAM,gBAAgB,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAA;AAErE;;;;;GAKG;AACH,MAAM,MAAM,iBAAiB,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAA;AAEzD;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,mBAAmB,CAAA;IACzB,QAAQ,EAAE,gBAAgB,CAAA;IAC1B,OAAO,EAAE,MAAM,CAAA;IACf,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,UAAU,CAAC,EAAE,MAAM,CAAA;IACnB,6CAA6C;IAC7C,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,iFAAiF;IACjF,sBAAsB,CAAC,EAAE,OAAO,CAAA;IAChC,qEAAqE;IACrE,UAAU,CAAC,EAAE,iBAAiB,CAAA;CAC/B;AAED;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,SAAS,EAAE,MAAM,CAAA;IACjB,iBAAiB,EAAE,MAAM,CAAA;IACzB,aAAa,EAAE,MAAM,CAAA;IACrB,gBAAgB,EAAE,MAAM,CAAA;IACxB,mBAAmB,EAAE,MAAM,CAAA;IAC3B,cAAc,EAAE,MAAM,CAAA;IACtB,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,SAAS,EAAE,MAAM,CAAA;IACjB,IAAI,EAAE,MAAM,CAAA;CACb;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,MAAM,CAAA;IACf,MAAM,EAAE,OAAO,CAAA;IACf,QAAQ,EAAE,eAAe,EAAE,CAAA;IAC3B,SAAS,EAAE,IAAI,CAAA;IACf,cAAc,EAAE,MAAM,CAAA;IACtB,0EAA0E;IAC1E,SAAS,EAAE,MAAM,CAAA;IACjB,0CAA0C;IAC1C,aAAa,EAAE,kBAAkB,CAAA;CAClC;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,cAAc,CAAC,EAAE,MAAM,EAAE,CAAA;IACzB,eAAe,CAAC,EAAE,MAAM,EAAE,CAAA;IAC1B,gBAAgB,CAAC,EAAE,MAAM,CAAA;IACzB,4DAA4D;IAC5D,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"weights.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAK7D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,
|
|
1
|
+
{"version":3,"file":"weights.d.ts","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAA;AAElD;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,gBAAgB,EAAE,MAAM,CAK7D,CAAA;AAED;;GAEG;AACH,eAAO,MAAM,gBAAgB,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAWnD,CAAA"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"weights.js","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAqC;IAChE,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,EAAE;CACb,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA2B;IACtD,SAAS,EAAE,GAAG;IACd,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,iBAAiB,EAAE,GAAG;IACtB,oBAAoB,EAAE,GAAG;IACzB,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,GAAG,EAAE,GAAG;IACR,UAAU,EAAE,GAAG,EAAE,iDAAiD;
|
|
1
|
+
{"version":3,"file":"weights.js","sourceRoot":"","sources":["../../../../src/security/scanner/weights.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAAqC;IAChE,GAAG,EAAE,CAAC;IACN,MAAM,EAAE,EAAE;IACV,IAAI,EAAE,EAAE;IACR,QAAQ,EAAE,EAAE;CACb,CAAA;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,gBAAgB,GAA2B;IACtD,SAAS,EAAE,GAAG;IACd,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,iBAAiB,EAAE,GAAG;IACtB,oBAAoB,EAAE,GAAG;IACzB,kBAAkB,EAAE,GAAG;IACvB,cAAc,EAAE,GAAG;IACnB,GAAG,EAAE,GAAG;IACR,UAAU,EAAE,GAAG,EAAE,iDAAiD;IAClE,IAAI,EAAE,GAAG,EAAE,uCAAuC;CACnD,CAAA"}
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* @fileoverview Helper functions for SkillInstallationService
|
|
3
|
+
* @module @skillsmith/core/services/skill-installation.helpers
|
|
4
|
+
* @see SMI-3483: Wave 0 — Extract SkillInstallationService into core
|
|
5
|
+
*
|
|
6
|
+
* Pure helper functions used by the service. Split from the main service
|
|
7
|
+
* file to meet the 500-line standard.
|
|
8
|
+
*/
|
|
9
|
+
import type { SkillDependencyRepository } from '../repositories/SkillDependencyRepository.js';
|
|
10
|
+
import type { Database } from '../db/database-interface.js';
|
|
11
|
+
import type { DepIntelResult, OptimizationInfo, ProgressCallback, UninstallResult } from './skill-installation.types.js';
|
|
12
|
+
import type { ManifestManager } from './skill-manifest.js';
|
|
13
|
+
/**
|
|
14
|
+
* Result of applying optimization to a skill's content.
|
|
15
|
+
*/
|
|
16
|
+
export interface OptimizationResult {
|
|
17
|
+
finalSkillContent: string;
|
|
18
|
+
subSkillFiles: Array<{
|
|
19
|
+
filename: string;
|
|
20
|
+
content: string;
|
|
21
|
+
}>;
|
|
22
|
+
subagentContent: string | undefined;
|
|
23
|
+
claudeMdSnippet: string | undefined;
|
|
24
|
+
optimizationInfo: OptimizationInfo;
|
|
25
|
+
}
|
|
26
|
+
export interface ParsedSkillId {
|
|
27
|
+
owner: string;
|
|
28
|
+
repo: string;
|
|
29
|
+
path: string;
|
|
30
|
+
isRegistryId: boolean;
|
|
31
|
+
}
|
|
32
|
+
export declare function parseSkillIdInternal(input: string): ParsedSkillId;
|
|
33
|
+
export declare function hashContent(content: string): string;
|
|
34
|
+
export interface SkillMdValidation {
|
|
35
|
+
valid: boolean;
|
|
36
|
+
errors: string[];
|
|
37
|
+
}
|
|
38
|
+
export declare function validateSkillMd(content: string): SkillMdValidation;
|
|
39
|
+
export declare function assertNotEncrypted(content: string, filePath: string): void;
|
|
40
|
+
export declare function fetchFromGitHub(owner: string, repo: string, filePath: string, branch?: string): Promise<string>;
|
|
41
|
+
export declare function checkForModifications(skillPath: string, installedAt: string): Promise<boolean>;
|
|
42
|
+
export declare function generateTips(skillName: string, optimizationInfo: OptimizationInfo): string[];
|
|
43
|
+
export declare function extractDepIntel(skillMdContent: string): DepIntelResult;
|
|
44
|
+
export declare function persistDependencies(repo: SkillDependencyRepository, skillId: string, content: string, declared: DepIntelResult['dep_declared']): void;
|
|
45
|
+
/**
|
|
46
|
+
* Perform skill uninstall with manifest awareness and orphan fallback.
|
|
47
|
+
*/
|
|
48
|
+
export declare function performUninstall(params: {
|
|
49
|
+
skillName: string;
|
|
50
|
+
force: boolean;
|
|
51
|
+
skillsDir: string;
|
|
52
|
+
manifest: ManifestManager;
|
|
53
|
+
skillDependencyRepo: SkillDependencyRepository;
|
|
54
|
+
onProgress: ProgressCallback;
|
|
55
|
+
}): Promise<UninstallResult>;
|
|
56
|
+
/**
|
|
57
|
+
* Apply skill optimization via TransformationService.
|
|
58
|
+
* Returns original content if transformation fails or produces no changes.
|
|
59
|
+
*/
|
|
60
|
+
export declare function applyOptimization(db: Database, skillId: string, skillName: string, skillMdContent: string): Promise<OptimizationResult>;
|
|
61
|
+
export declare function sanitizeInstallError(error: unknown): string;
|
|
62
|
+
//# sourceMappingURL=skill-installation.helpers.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"skill-installation.helpers.d.ts","sourceRoot":"","sources":["../../../src/services/skill-installation.helpers.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AASH,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,8CAA8C,CAAA;AAI7F,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,6BAA6B,CAAA;AAC3D,OAAO,KAAK,EACV,cAAc,EACd,gBAAgB,EAChB,gBAAgB,EAChB,eAAe,EAChB,MAAM,+BAA+B,CAAA;AAEtC,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAA;AAE1D;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,iBAAiB,EAAE,MAAM,CAAA;IACzB,aAAa,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;IAC3D,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,eAAe,EAAE,MAAM,GAAG,SAAS,CAAA;IACnC,gBAAgB,EAAE,gBAAgB,CAAA;CACnC;AAMD,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,CAAA;IACb,IAAI,EAAE,MAAM,CAAA;IACZ,IAAI,EAAE,MAAM,CAAA;IACZ,YAAY,EAAE,OAAO,CAAA;CACtB;AAED,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,MAAM,GAAG,aAAa,CA+BjE;AAMD,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEnD;AAMD,MAAM,WAAW,iBAAiB;IAChC,KAAK,EAAE,OAAO,CAAA;IACd,MAAM,EAAE,MAAM,EAAE,CAAA;CACjB;AAED,wBAAgB,eAAe,CAAC,OAAO,EAAE,MAAM,GAAG,iBAAiB,CASlE;AAMD,wBAAgB,kBAAkB,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,IAAI,CAS1E;AAMD,wBAAsB,eAAe,CACnC,KAAK,EAAE,MAAM,EACb,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,MAAM,GAAE,MAAe,GACtB,OAAO,CAAC,MAAM,CAAC,CAuBjB;AAMD,wBAAsB,qBAAqB,CACzC,SAAS,EAAE,MAAM,EACjB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,OAAO,CAAC,CAkBlB;AAMD,wBAAgB,YAAY,CAAC,SAAS,EAAE,MAAM,EAAE,gBAAgB,EAAE,gBAAgB,GAAG,MAAM,EAAE,CAyB5F;AAMD,wBAAgB,eAAe,CAAC,cAAc,EAAE,MAAM,GAAG,cAAc,CAWtE;AAED,wBAAgB,mBAAmB,CACjC,IAAI,EAAE,yBAAyB,EAC/B,OAAO,EAAE,MAAM,EACf,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,cAAc,CAAC,cAAc,CAAC,GACvC,IAAI,CAyBN;AAED;;GAEG;AACH,wBAAsB,gBAAgB,CAAC,MAAM,EAAE;IAC7C,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,OAAO,CAAA;IACd,SAAS,EAAE,MAAM,CAAA;IACjB,QAAQ,EAAE,eAAe,CAAA;IACzB,mBAAmB,EAAE,yBAAyB,CAAA;IAC9C,UAAU,EAAE,gBAAgB,CAAA;CAC7B,GAAG,OAAO,CAAC,eAAe,CAAC,CAuF3B;AAED;;;GAGG;AACH,wBAAsB,iBAAiB,CACrC,EAAE,EAAE,QAAQ,EACZ,OAAO,EAAE,MAAM,EACf,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,GACrB,OAAO,CAAC,kBAAkB,CAAC,CA8C7B;AAqBD,wBAAgB,oBAAoB,CAAC,KAAK,EAAE,OAAO,GAAG,MAAM,CAO3D"}
|