@skillsmith/core 0.4.9 → 0.4.11

package/dist/src/security/audit-types.d.ts

@@ -7,11 +7,11 @@
 /**
  * Types of security events that are audited
  */
-export type AuditEventType = 'url_fetch' | 'file_access' | 'skill_install' | 'skill_uninstall' | 'security_scan' | 'cache_operation' | 'source_sync' | 'config_change';
+export type AuditEventType = 'url_fetch' | 'file_access' | 'skill_install' | 'skill_uninstall' | 'security_scan' | 'cache_operation' | 'source_sync' | 'config_change' | 'quarantine_authenticated_review' | 'quarantine_multi_approval' | 'quarantine_multi_approval_complete' | 'quarantine_multi_approval_cancelled' | 'quarantine_multi_approval_timeout' | 'security_feature_flag_override';
 /**
  * Actor performing the action
  */
-export type AuditActor = 'user' | 'system' | 'adapter' | 'scanner';
+export type AuditActor = 'user' | 'system' | 'adapter' | 'scanner' | 'reviewer';
 /**
  * Result of the audited action
  */

package/dist/src/security/audit-types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"audit-types.d.ts","sourceRoot":"","sources":["../../../src/security/audit-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,aAAa,GACb,eAAe,GACf,iBAAiB,GACjB,eAAe,GACf,iBAAiB,GACjB,aAAa,GACb,eAAe,CAAA;AAEnB;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,GAAG,SAAS,CAAA;AAElE;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,SAAS,GAAG,SAAS,GAAG,OAAO,GAAG,SAAS,CAAA;AAErE;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,cAAc,CAAA;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,UAAU,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,WAAW,CAAA;IACnB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,cAAc,CAAA;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,UAAU,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,WAAW,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAClC,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B,KAAK,CAAC,EAAE,UAAU,CAAA;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,WAAW,CAAA;IACpB,KAAK,CAAC,EAAE,IAAI,CAAA;IACZ,KAAK,CAAC,EAAE,IAAI,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED;;GAEG;AACH,eAAO,MAAM,kBAAkB,IAAI,CAAA;AAEnC;;GAEG;AACH,eAAO,MAAM,kBAAkB,OAAO,CAAA;AAEtC;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAA;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;IAC9C,gBAAgB,EAAE,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAA;IAC7C,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;CAC5B"}
+{"version":3,"file":"audit-types.d.ts","sourceRoot":"","sources":["../../../src/security/audit-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH;;GAEG;AACH,MAAM,MAAM,cAAc,GACtB,WAAW,GACX,aAAa,GACb,eAAe,GACf,iBAAiB,GACjB,eAAe,GACf,iBAAiB,GACjB,aAAa,GACb,eAAe,GAEf,iCAAiC,GACjC,2BAA2B,GAC3B,oCAAoC,GACpC,qCAAqC,GACrC,mCAAmC,GAEnC,gCAAgC,CAAA;AAEpC;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,SAAS,GAAG,SAAS,GAAG,UAAU,CAAA;AAE/E;;GAEG;AACH,MAAM,MAAM,WAAW,GAAG,SAAS,GAAG,SAAS,GAAG,OAAO,GAAG,SAAS,CAAA;AAErE;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,cAAc,CAAA;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,UAAU,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,WAAW,CAAA;IACnB,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAA;IACvB,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAA;IACV,UAAU,EAAE,cAAc,CAAA;IAC1B,SAAS,EAAE,MAAM,CAAA;IACjB,KAAK,EAAE,UAAU,CAAA;IACjB,QAAQ,EAAE,MAAM,CAAA;IAChB,MAAM,EAAE,MAAM,CAAA;IACd,MAAM,EAAE,WAAW,CAAA;IACnB,QAAQ,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;IAClC,UAAU,EAAE,MAAM,CAAA;CACnB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,CAAC,EAAE,cAAc,CAAA;IAC3B,KAAK,CAAC,EAAE,UAAU,CAAA;IAClB,QAAQ,CAAC,EAAE,MAAM,CAAA;IACjB,MAAM,CAAC,EAAE,WAAW,CAAA;IACpB,KAAK,CAAC,EAAE,IAAI,CAAA;IACZ,KAAK,CAAC,EAAE,IAAI,CAAA;IACZ,KAAK,CAAC,EAAE,MAAM,CAAA;IACd,MAAM,CAAC,EAAE,MAAM,CAAA;CAChB;AAED;;GAEG;AACH,eAAO,MAAM,kBAAkB,IAAI,CAAA;AAEnC;;GAEG;AACH,eAAO,MAAM,kBAAkB,OAAO,CAAA;AAEtC;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC;;;OAGG;IACH,WAAW,CAAC,EAAE,OAAO,CAAA;IAErB;;;;OAIG;IACH,aAAa,CAAC,EAAE,MAAM,CAAA;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,YAAY,EAAE,MAAM,CAAA;IACpB,cAAc,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAA;IAC9C,gBAAgB,EAAE,MAAM,CAAC,WAAW,EAAE,MAAM,CAAC,CAAA;IAC7C,cAAc,EAAE,MAAM,CAAA;IACtB,YAAY,EAAE,MAAM,CAAA;IACpB,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;IAC3B,YAAY,EAAE,MAAM,GAAG,IAAI,CAAA;CAC5B"}

package/dist/src/security/audit-types.js.map

@@ -1 +1 @@
-{"version":3,"file":"audit-types.js","sourceRoot":"","sources":["../../../src/security/audit-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAqEH;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAA;AAEnC;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,CAAA,CAAC,WAAW"}
+{"version":3,"file":"audit-types.js","sourceRoot":"","sources":["../../../src/security/audit-types.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AA6EH;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,CAAC,CAAA;AAEnC;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,IAAI,CAAA,CAAC,WAAW"}

package/dist/src/security/sanitization.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"sanitization.d.ts","sourceRoot":"","sources":["../../../src/security/sanitization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,EACL,eAAe,EACf,wBAAwB,EACxB,4BAA4B,EAC5B,qBAAqB,EACrB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,wBAAwB,CAAA;AAI/B,+EAA+E;AAC/E,eAAO,MAAM,kBAAkB,SAAS,CAAA;AAExC;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CAgDlF;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CAmFrF;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,YAAY,CAC1B,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,MAAM,EAChB,SAAS,SAAqB,GAC7B,MAAM,CAkGR;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CAiD/E;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CA8BlF"}
+{"version":3,"file":"sanitization.d.ts","sourceRoot":"","sources":["../../../src/security/sanitization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAKH,OAAO,EACL,eAAe,EACf,wBAAwB,EACxB,4BAA4B,EAC5B,qBAAqB,EACrB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,wBAAwB,CAAA;AAI/B,+EAA+E;AAC/E,eAAO,MAAM,kBAAkB,SAAS,CAAA;AAExC;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CA0DlF;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CAmFrF;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,wBAAgB,YAAY,CAC1B,IAAI,EAAE,MAAM,EACZ,OAAO,CAAC,EAAE,MAAM,EAChB,SAAS,SAAqB,GAC7B,MAAM,CAkGR;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,wBAAgB,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CAiD/E;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAgB,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,SAAS,SAAqB,GAAG,MAAM,CA8BlF"}

package/dist/src/security/sanitization.js

@@ -45,23 +45,31 @@ export function sanitizeHtml(input, maxLength = DEFAULT_MAX_LENGTH) {
         });
         return '';
     }
-    // Remove script tags and their content
-    let sanitized = input.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '');
-    // Remove event handlers (onclick, onerror, etc.)
-    sanitized = sanitized.replace(/\son\w+\s*=\s*["'][^"']*["']/gi, '');
-    sanitized = sanitized.replace(/\son\w+\s*=\s*[^\s>]*/gi, '');
-    // Remove javascript: protocol
-    sanitized = sanitized.replace(/javascript:/gi, '');
-    // Remove data: protocol (can be used for XSS)
-    sanitized = sanitized.replace(/data:text\/html/gi, '');
-    // Remove vbscript: protocol
-    sanitized = sanitized.replace(/vbscript:/gi, '');
-    // Remove object and embed tags
-    sanitized = sanitized.replace(/<(object|embed|iframe|frame|frameset)[^>]*>/gi, '');
-    // Remove style tags (can contain javascript)
-    sanitized = sanitized.replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, '');
-    // Remove import statements in style attributes
-    sanitized = sanitized.replace(/style\s*=\s*["'][^"']*@import[^"']*["']/gi, '');
+    // SMI-2261: Loop-based sanitization to prevent bypass with nested payloads
+    // e.g., <scr<script>ipt> becomes <script> after single-pass removal
+    let sanitized = input;
+    let previousPass = '';
+    const maxIterations = 10; // Prevent infinite loops on malformed input
+    for (let i = 0; i < maxIterations && previousPass !== sanitized; i++) {
+        previousPass = sanitized;
+        // Remove script tags and their content
+        sanitized = sanitized.replace(/<script\b[^<]*(?:(?!<\/script>)<[^<]*)*<\/script>/gi, '');
+        // Remove event handlers (onclick, onerror, etc.)
+        sanitized = sanitized.replace(/\son\w+\s*=\s*["'][^"']*["']/gi, '');
+        sanitized = sanitized.replace(/\son\w+\s*=\s*[^\s>]*/gi, '');
+        // Remove javascript: protocol
+        sanitized = sanitized.replace(/javascript:/gi, '');
+        // Remove data: protocol (can be used for XSS)
+        sanitized = sanitized.replace(/data:text\/html/gi, '');
+        // Remove vbscript: protocol
+        sanitized = sanitized.replace(/vbscript:/gi, '');
+        // Remove object and embed tags
+        sanitized = sanitized.replace(/<(object|embed|iframe|frame|frameset)[^>]*>/gi, '');
+        // Remove style tags (can contain javascript)
+        sanitized = sanitized.replace(/<style\b[^<]*(?:(?!<\/style>)<[^<]*)*<\/style>/gi, '');
+        // Remove import statements in style attributes
+        sanitized = sanitized.replace(/style\s*=\s*["'][^"']*@import[^"']*["']/gi, '');
+    }
     // Log if significant sanitization occurred
     if (sanitized !== input) {
         logger.debug('HTML sanitized', {

package/dist/src/security/sanitization.js.map

@@ -1 +1 @@
-{"version":3,"file":"sanitization.js","sourceRoot":"","sources":["../../../src/security/sanitization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,0DAA0D;AAC1D,OAAO,EACL,eAAe,EACf,wBAAwB,EACxB,4BAA4B,EAC5B,qBAAqB,EACrB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,wBAAwB,CAAA;AAE/B,MAAM,MAAM,GAAG,YAAY,CAAC,cAAc,CAAC,CAAA;AAE3C,+EAA+E;AAC/E,MAAM,CAAC,MAAM,kBAAkB,GAAG,MAAM,CAAA;AAExC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,SAAS,GAAG,kBAAkB;IACxE,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,uCAAuC;IACvC,IAAI,SAAS,GAAG,KAAK,CAAC,OAAO,CAAC,qDAAqD,EAAE,EAAE,CAAC,CAAA;IAExF,iDAAiD;IACjD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,gCAAgC,EAAE,EAAE,CAAC,CAAA;IACnE,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAAA;IAE5D,8BAA8B;IAC9B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAA;IAElD,8CAA8C;IAC9C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAA;IAEtD,4BAA4B;IAC5B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAA;IAEhD,+BAA+B;IAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAA;IAElF,6CAA6C;IAC7C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,kDAAkD,EAAE,EAAE,CAAC,CAAA;IAErF,+CAA+C;IAC/C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,2CAA2C,EAAE,EAAE,CAAC,CAAA;IAE9E,2CAA2C;IAC3C,IAAI,SAAS,KAAK,KAAK,EAAE,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE;YAC7B,cAAc,EAAE,KAAK,CAAC,MAAM;YAC5B,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY,EAAE,SAAS,GAAG,kBAAkB;IAC3E,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS;YACT,QAAQ,EAAE,kBAAkB;SAC7B,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,IAAI,CAAA;IAEpB,yBAAyB;IACzB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IAE3C,qCAAqC;IACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEzC,8CAA8C;IAC9C,0EAA0E;IAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAA;IAErD,2DAA2D;IAC3D,qDAAqD;IACrD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAA;IAExD,6EAA6E;IAC7E,sDAAsD;IACtD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAE7C,qCAAqC;IACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAE7C,kBAAkB;IAClB,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAA;IAE5B,yCAAyC;IACzC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;QACvE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,iCAAiC;IACjC,MAAM,aAAa,GAAG;QACpB,KAAK;QACL,KAAK;QACL,KAAK;QACL,KAAK;QACL,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;KACP,CAAA;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;IACtD,IAAI,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;QAC/D,OAAO,GAAG,SAAS,OAAO,CAAA;IAC5B,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,YAAY,CAC1B,IAAY,EACZ,OAAgB,EAChB,SAAS,GAAG,kBAAkB;IAE9B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,IAAI,CAAA;IAEpB,+CAA+C;IAC/C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IAEzC,oDAAoD;IACpD,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IAC5C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEzC,8EAA8E;IAC9E,kEAAkE;IAClE,IAAI,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;QACxD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,uCAAuC;IACvC,4DAA4D;IAC5D,2EAA2E;IAC3E,gEAAgE;IAChE,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,QAAQ,GAAa,EAAE,CAAA;IAC7B,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtB,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,GAAG;YAAE,SAAQ;QAEzC,qCAAqC;QACrC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,cAAc,EAAE,CAAA;YAChB,IAAI,cAAc,GAAG,KAAK,EAAE,CAAC;gBAC3B,yDAAyD;gBACzD,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;gBACjE,MAAK;YACP,CAAC;YACD,uEAAuE;YACvE,SAAQ;QACV,CAAC;QAED,yCAAyC;QACzC,0EAA0E;QAC1E,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;YACpE,SAAQ;QACV,CAAC;QAED,2BAA2B;QAC3B,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;QAClD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YAC/B,KAAK,EAAE,CAAA;QACT,CAAC;IACH,CAAC;IAED,eAAe;IACf,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAE9B,iDAAiD;IACjD,IAAI,UAAU,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,SAAS,GAAG,GAAG,GAAG,SAAS,CAAA;IAC7B,CAAC;IAED,wDAAwD;IACxD,IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;QACtE,MAAM,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,cAAc,IAAI,SAAS,EAAE,CAAA;QAE1E,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,GAAG,GAAG,CAAC,IAAI,QAAQ,KAAK,cAAc,EAAE,CAAC;YAC9E,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACzC,IAAI;gBACJ,OAAO;gBACP,QAAQ;aACT,CAAC,CAAA;YACF,OAAO,EAAE,CAAA;QACX,CAAC;IACH,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,SAAS,GAAG,kBAAkB;IACrE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS;YACT,QAAQ,EAAE,aAAa;SACxB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,yCAAyC;IACzC,0EAA0E;IAC1E,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAA;IAE1D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAA;QAE/B,sCAAsC;QACtC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;YAChF,OAAO,EAAE,CAAA;QACX,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAA;YAClE,OAAO,EAAE,CAAA;QACX,CAAC;QAED,oDAAoD;QACpD,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAA;QAEnC,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,CAAA;QAC7D,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAA;QAC1D,OAAO,EAAE,CAAA;IACX,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,SAAS,GAAG,kBAAkB;IACxE,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,KAAK,CAAA;IAErB,mDAAmD;IACnD,0EAA0E;IAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,oCAAoC,EAAE,EAAE,CAAC,CAAA;IAEvE,+BAA+B;IAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,wBAAwB,EAAE,EAAE,CAAC,CAAA;IAE3D,oBAAoB;IACpB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IAEtC,OAAO;IACP,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAA;IAE5B,OAAO,SAAS,CAAA;AAClB,CAAC"}
+{"version":3,"file":"sanitization.js","sourceRoot":"","sources":["../../../src/security/sanitization.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAA;AAEjD,0DAA0D;AAC1D,OAAO,EACL,eAAe,EACf,wBAAwB,EACxB,4BAA4B,EAC5B,qBAAqB,EACrB,uBAAuB,EACvB,qBAAqB,GACtB,MAAM,wBAAwB,CAAA;AAE/B,MAAM,MAAM,GAAG,YAAY,CAAC,cAAc,CAAC,CAAA;AAE3C,+EAA+E;AAC/E,MAAM,CAAC,MAAM,kBAAkB,GAAG,MAAM,CAAA;AAExC;;;;;;;;;;;;;;;GAeG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,SAAS,GAAG,kBAAkB;IACxE,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,2EAA2E;IAC3E,oEAAoE;IACpE,IAAI,SAAS,GAAG,KAAK,CAAA;IACrB,IAAI,YAAY,GAAG,EAAE,CAAA;IACrB,MAAM,aAAa,GAAG,EAAE,CAAA,CAAC,4CAA4C;IAErE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,aAAa,IAAI,YAAY,KAAK,SAAS,EAAE,CAAC,EAAE,EAAE,CAAC;QACrE,YAAY,GAAG,SAAS,CAAA;QAExB,uCAAuC;QACvC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,qDAAqD,EAAE,EAAE,CAAC,CAAA;QAExF,iDAAiD;QACjD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,gCAAgC,EAAE,EAAE,CAAC,CAAA;QACnE,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,yBAAyB,EAAE,EAAE,CAAC,CAAA;QAE5D,8BAA8B;QAC9B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAA;QAElD,8CAA8C;QAC9C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,mBAAmB,EAAE,EAAE,CAAC,CAAA;QAEtD,4BAA4B;QAC5B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAA;QAEhD,+BAA+B;QAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,+CAA+C,EAAE,EAAE,CAAC,CAAA;QAElF,6CAA6C;QAC7C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,kDAAkD,EAAE,EAAE,CAAC,CAAA;QAErF,+CAA+C;QAC/C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,2CAA2C,EAAE,EAAE,CAAC,CAAA;IAChF,CAAC;IAED,2CAA2C;IAC3C,IAAI,SAAS,KAAK,KAAK,EAAE,CAAC;QACxB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE;YAC7B,cAAc,EAAE,KAAK,CAAC,MAAM;YAC5B,eAAe,EAAE,SAAS,CAAC,MAAM;SAClC,CAAC,CAAA;IACJ,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY,EAAE,SAAS,GAAG,kBAAkB;IAC3E,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS;YACT,QAAQ,EAAE,kBAAkB;SAC7B,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,IAAI,CAAA;IAEpB,yBAAyB;IACzB,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,QAAQ,EAAE,EAAE,CAAC,CAAA;IAE3C,qCAAqC;IACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEzC,8CAA8C;IAC9C,0EAA0E;IAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAA;IAErD,2DAA2D;IAC3D,qDAAqD;IACrD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,qBAAqB,EAAE,EAAE,CAAC,CAAA;IAExD,6EAA6E;IAC7E,sDAAsD;IACtD,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAE7C,qCAAqC;IACrC,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,SAAS,EAAE,GAAG,CAAC,CAAA;IAE7C,kBAAkB;IAClB,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAA;IAE5B,yCAAyC;IACzC,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,SAAS,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;QACrD,MAAM,CAAC,IAAI,CAAC,sCAAsC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAA;QACvE,OAAO,EAAE,CAAA;IACX,CAAC;IAED,iCAAiC;IACjC,MAAM,aAAa,GAAG;QACpB,KAAK;QACL,KAAK;QACL,KAAK;QACL,KAAK;QACL,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;QACN,MAAM;KACP,CAAA;IAED,MAAM,QAAQ,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAA;IACtD,IAAI,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;QACrC,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;QAC/D,OAAO,GAAG,SAAS,OAAO,CAAA;IAC5B,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;IACpE,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;;GAsBG;AACH,MAAM,UAAU,YAAY,CAC1B,IAAY,EACZ,OAAgB,EAChB,SAAS,GAAG,kBAAkB;IAE9B,IAAI,CAAC,IAAI,IAAI,OAAO,IAAI,KAAK,QAAQ,EAAE,CAAC;QACtC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC5B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,IAAI,CAAC,MAAM;YACnB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,IAAI,CAAA;IAEpB,+CAA+C;IAC/C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;IAEzC,oDAAoD;IACpD,MAAM,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAA;IAC5C,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;IAEzC,8EAA8E;IAC9E,kEAAkE;IAClE,IAAI,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAA;QACxD,OAAO,EAAE,CAAA;IACX,CAAC;IAED,uCAAuC;IACvC,4DAA4D;IAC5D,2EAA2E;IAC3E,gEAAgE;IAChE,MAAM,WAAW,GAAG,SAAS,CAAC,KAAK,CAAC,GAAG,CAAC,CAAA;IACxC,MAAM,QAAQ,GAAa,EAAE,CAAA;IAC7B,IAAI,KAAK,GAAG,CAAC,CAAA;IACb,IAAI,cAAc,GAAG,CAAC,CAAA;IAEtB,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,gCAAgC;QAChC,IAAI,CAAC,OAAO,IAAI,OAAO,KAAK,GAAG;YAAE,SAAQ;QAEzC,qCAAqC;QACrC,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;YACrB,cAAc,EAAE,CAAA;YAChB,IAAI,cAAc,GAAG,KAAK,EAAE,CAAC;gBAC3B,yDAAyD;gBACzD,MAAM,CAAC,IAAI,CAAC,iCAAiC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;gBACjE,MAAK;YACP,CAAC;YACD,uEAAuE;YACvE,SAAQ;QACV,CAAC;QAED,yCAAyC;QACzC,0EAA0E;QAC1E,IAAI,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;YACpC,MAAM,CAAC,IAAI,CAAC,oCAAoC,EAAE,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,CAAA;YACpE,SAAQ;QACV,CAAC;QAED,2BAA2B;QAC3B,MAAM,gBAAgB,GAAG,gBAAgB,CAAC,OAAO,CAAC,CAAA;QAClD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAA;YAC/B,KAAK,EAAE,CAAA;QACT,CAAC;IACH,CAAC;IAED,eAAe;IACf,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAA;IAE9B,iDAAiD;IACjD,IAAI,UAAU,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,SAAS,GAAG,GAAG,GAAG,SAAS,CAAA;IAC7B,CAAC;IAED,wDAAwD;IACxD,IAAI,OAAO,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAA;QACtE,MAAM,QAAQ,GAAG,UAAU,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,cAAc,IAAI,SAAS,EAAE,CAAA;QAE1E,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,cAAc,GAAG,GAAG,CAAC,IAAI,QAAQ,KAAK,cAAc,EAAE,CAAC;YAC9E,MAAM,CAAC,IAAI,CAAC,6BAA6B,EAAE;gBACzC,IAAI;gBACJ,OAAO;gBACP,QAAQ;aACT,CAAC,CAAA;YACF,OAAO,EAAE,CAAA;QACX,CAAC;IACH,CAAC;IAED,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,CAAC,KAAK,CAAC,gBAAgB,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAA;IAC/D,CAAC;IAED,OAAO,SAAS,CAAA;AAClB,CAAC;AAED;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,MAAM,UAAU,WAAW,CAAC,GAAW,EAAE,SAAS,GAAG,kBAAkB;IACrE,IAAI,CAAC,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;QACpC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,GAAG,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC3B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,SAAS;YACT,QAAQ,EAAE,aAAa;SACxB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,yCAAyC;IACzC,0EAA0E;IAC1E,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAA;IAE1D,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,CAAA;QAE/B,sCAAsC;QACtC,IAAI,CAAC,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YACnD,MAAM,CAAC,IAAI,CAAC,sBAAsB,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAA;YAChF,OAAO,EAAE,CAAA;QACX,CAAC;QAED,uCAAuC;QACvC,IAAI,MAAM,CAAC,QAAQ,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACvC,MAAM,CAAC,IAAI,CAAC,mCAAmC,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC,CAAA;YAClE,OAAO,EAAE,CAAA;QACX,CAAC;QAED,oDAAoD;QACpD,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,EAAE,CAAA;QAEnC,IAAI,SAAS,KAAK,GAAG,EAAE,CAAC;YACtB,MAAM,CAAC,KAAK,CAAC,eAAe,EAAE,EAAE,QAAQ,EAAE,GAAG,EAAE,SAAS,EAAE,CAAC,CAAA;QAC7D,CAAC;QAED,OAAO,SAAS,CAAA;IAClB,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAA;QAC1D,OAAO,EAAE,CAAA;IACX,CAAC;AACH,CAAC;AAED;;;;;;;;;;;;;;;;;GAiBG;AACH,MAAM,UAAU,YAAY,CAAC,KAAa,EAAE,SAAS,GAAG,kBAAkB;IACxE,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,GAAG,SAAS,EAAE,CAAC;QAC7B,MAAM,CAAC,IAAI,CAAC,2CAA2C,EAAE;YACvD,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,SAAS;YACT,QAAQ,EAAE,cAAc;SACzB,CAAC,CAAA;QACF,OAAO,EAAE,CAAA;IACX,CAAC;IAED,IAAI,SAAS,GAAG,KAAK,CAAA;IAErB,mDAAmD;IACnD,0EAA0E;IAC1E,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,oCAAoC,EAAE,EAAE,CAAC,CAAA;IAEvE,+BAA+B;IAC/B,SAAS,GAAG,SAAS,CAAC,OAAO,CAAC,wBAAwB,EAAE,EAAE,CAAC,CAAA;IAE3D,oBAAoB;IACpB,SAAS,GAAG,SAAS,CAAC,SAAS,CAAC,KAAK,CAAC,CAAA;IAEtC,OAAO;IACP,SAAS,GAAG,SAAS,CAAC,IAAI,EAAE,CAAA;IAE5B,OAAO,SAAS,CAAA;AAClB,CAAC"}

package/dist/src/security/scanner/SecurityScanner.formatters.js

@@ -19,7 +19,7 @@ export function toMinimalRefs(report) {
     return report.findings.map((finding) => {
         const line = finding.lineNumber ?? 0;
         const severity = finding.severity.toUpperCase();
-        const message = finding.message.replace(/"/g, '\\"');
+        const message = finding.message.replace(/\\/g, '\\\\').replace(/"/g, '\\"');
         // Format: skill_id:line:severity:type:message
         return `${report.skillId}:${line}:${severity}:${finding.type}:${message}`;
     });

package/dist/src/security/scanner/SecurityScanner.formatters.js.map

@@ -1 +1 @@
-{"version":3,"file":"SecurityScanner.formatters.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.formatters.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E;;;;;;;;;GASG;AACH,MAAM,UAAU,aAAa,CAAC,MAAkB;IAC9C,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,IAAI,CAAC,CAAA;QACpC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;QAC/C,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QACpD,8CAA8C;QAC9C,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,IAAI,IAAI,QAAQ,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,EAAE,CAAA;IAC3E,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,OAAO,CAAC,MAAkB;IACxC,MAAM,KAAK,GAAG;QACZ,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;QACjE,EAAE,EAAE,EAAE,oBAAoB,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7E,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,OAAO,EAAE;QACnE,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC3E,EAAE,EAAE,EAAE,sBAAsB,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,OAAO,EAAE;QAC/E,EAAE,EAAE,EAAE,oBAAoB,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7E,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,EAAE;QACrE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE;QACrD,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE;KAC9D,CAAA;IAED,MAAM,eAAe,GAA2B;QAC9C,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,SAAS;QACjB,GAAG,EAAE,MAAM;KACZ,CAAA;IAED,OAAO;QACL,OAAO,EAAE,+CAA+C;QACxD,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACJ;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,6BAA6B;wBACnC,OAAO,EAAE,OAAO;wBAChB,cAAc,EAAE,0CAA0C;wBAC1D,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;4BAC1B,EAAE,EAAE,IAAI,CAAC,EAAE;4BACX,IAAI,EAAE,IAAI,CAAC,IAAI;4BACf,gBAAgB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;4BACrC,oBAAoB,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;yBAC/C,CAAC,CAAC;qBACJ;iBACF;gBACD,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBACzC,MAAM,EAAE,OAAO,CAAC,IAAI;oBACpB,KAAK,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,SAAS;oBACrD,OAAO,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,OAAO,EAAE;oBAClC,SAAS,EAAE;wBACT;4BACE,gBAAgB,EAAE;gCAChB,gBAAgB,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,EAAE;gCACzC,MAAM,EAAE;oCACN,SAAS,EAAE,OAAO,CAAC,UAAU,IAAI,CAAC;oCAClC,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS;iCACnE;6BACF;yBACF;qBACF;oBACD,UAAU,EAAE;wBACV,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,MAAM;wBACxC,sBAAsB,EAAE,OAAO,CAAC,sBAAsB,IAAI,KAAK;qBAChE;iBACF,CAAC,CAAC;gBACH,WAAW,EAAE;oBACX;wBACE,mBAAmB,EAAE,IAAI;wBACzB,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE;qBAC3C;iBACF;aACF;SACF;KACF,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAkB;IACpD,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QACrC,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,UAAU,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;QACtF,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,IAAI,CAAC,CAAA;QACpC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;QAChG,OAAO,KAAK,QAAQ,SAAS,MAAM,CAAC,OAAO,SAAS,IAAI,KAAK,OAAO,EAAE,CAAA;IACxE,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,SAAS,CAAC,MAAkB;IAS1C,MAAM,UAAU,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;IACtF,MAAM,MAAM,GAA2B,EAAE,CAAA;IAEzC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;QACtE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;IACxD,CAAC;IAED,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QACrC,UAAU;QACV,MAAM;QACN,cAAc,EAAE,MAAM,CAAC,cAAc;KACtC,CAAA;AACH,CAAC"}
+{"version":3,"file":"SecurityScanner.formatters.js","sourceRoot":"","sources":["../../../../src/security/scanner/SecurityScanner.formatters.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAIH,+EAA+E;AAC/E,oBAAoB;AACpB,+EAA+E;AAE/E;;;;;;;;;GASG;AACH,MAAM,UAAU,aAAa,CAAC,MAAkB;IAC9C,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QACrC,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,IAAI,CAAC,CAAA;QACpC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAA;QAC/C,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAA;QAC3E,8CAA8C;QAC9C,OAAO,GAAG,MAAM,CAAC,OAAO,IAAI,IAAI,IAAI,QAAQ,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,EAAE,CAAA;IAC3E,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,OAAO,CAAC,MAAkB;IACxC,MAAM,KAAK,GAAG;QACZ,EAAE,EAAE,EAAE,WAAW,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,OAAO,EAAE;QACjE,EAAE,EAAE,EAAE,oBAAoB,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7E,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,OAAO,EAAE;QACnE,EAAE,EAAE,EAAE,mBAAmB,EAAE,IAAI,EAAE,mBAAmB,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC3E,EAAE,EAAE,EAAE,sBAAsB,EAAE,IAAI,EAAE,sBAAsB,EAAE,QAAQ,EAAE,OAAO,EAAE;QAC/E,EAAE,EAAE,EAAE,oBAAoB,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,SAAS,EAAE;QAC7E,EAAE,EAAE,EAAE,gBAAgB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,SAAS,EAAE;QACrE,EAAE,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,EAAE;QACrD,EAAE,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE;KAC9D,CAAA;IAED,MAAM,eAAe,GAA2B;QAC9C,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAE,OAAO;QACb,MAAM,EAAE,SAAS;QACjB,GAAG,EAAE,MAAM;KACZ,CAAA;IAED,OAAO;QACL,OAAO,EAAE,+CAA+C;QACxD,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACJ;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,6BAA6B;wBACnC,OAAO,EAAE,OAAO;wBAChB,cAAc,EAAE,0CAA0C;wBAC1D,KAAK,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;4BAC1B,EAAE,EAAE,IAAI,CAAC,EAAE;4BACX,IAAI,EAAE,IAAI,CAAC,IAAI;4BACf,gBAAgB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;4BACrC,oBAAoB,EAAE,EAAE,KAAK,EAAE,IAAI,CAAC,QAAQ,EAAE;yBAC/C,CAAC,CAAC;qBACJ;iBACF;gBACD,OAAO,EAAE,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBACzC,MAAM,EAAE,OAAO,CAAC,IAAI;oBACpB,KAAK,EAAE,eAAe,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,SAAS;oBACrD,OAAO,EAAE,EAAE,IAAI,EAAE,OAAO,CAAC,OAAO,EAAE;oBAClC,SAAS,EAAE;wBACT;4BACE,gBAAgB,EAAE;gCAChB,gBAAgB,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,OAAO,EAAE;gCACzC,MAAM,EAAE;oCACN,SAAS,EAAE,OAAO,CAAC,UAAU,IAAI,CAAC;oCAClC,OAAO,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,SAAS;iCACnE;6BACF;yBACF;qBACF;oBACD,UAAU,EAAE;wBACV,UAAU,EAAE,OAAO,CAAC,UAAU,IAAI,MAAM;wBACxC,sBAAsB,EAAE,OAAO,CAAC,sBAAsB,IAAI,KAAK;qBAChE;iBACF,CAAC,CAAC;gBACH,WAAW,EAAE;oBACX;wBACE,mBAAmB,EAAE,IAAI;wBACzB,UAAU,EAAE,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE;qBAC3C;iBACF;aACF;SACF;KACF,CAAA;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,mBAAmB,CAAC,MAAkB;IACpD,OAAO,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,EAAE;QACrC,MAAM,QAAQ,GACZ,OAAO,CAAC,QAAQ,KAAK,UAAU,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAA;QACtF,MAAM,IAAI,GAAG,OAAO,CAAC,UAAU,IAAI,CAAC,CAAA;QACpC,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAA;QAChG,OAAO,KAAK,QAAQ,SAAS,MAAM,CAAC,OAAO,SAAS,IAAI,KAAK,OAAO,EAAE,CAAA;IACxE,CAAC,CAAC,CAAA;AACJ,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,SAAS,CAAC,MAAkB;IAS1C,MAAM,UAAU,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAA;IACtF,MAAM,MAAM,GAA2B,EAAE,CAAA;IAEzC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;QACtE,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAA;IACxD,CAAC;IAED,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,MAAM,EAAE,MAAM,CAAC,MAAM;QACrB,SAAS,EAAE,MAAM,CAAC,SAAS;QAC3B,aAAa,EAAE,MAAM,CAAC,QAAQ,CAAC,MAAM;QACrC,UAAU;QACV,MAAM;QACN,cAAc,EAAE,MAAM,CAAC,cAAc;KACtC,CAAA;AACH,CAAC"}

package/dist/src/services/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * Services Module
+ *
+ * Business logic services with authentication and authorization.
+ *
+ * @module @skillsmith/core/services
+ */
+export { QuarantineService, type QuarantinePermission, type AuthenticatedSession, type ApprovalRecord, type MultiApprovalStatus, type AuthenticatedReviewInput, type AuthenticatedReviewResult, type QuarantineServiceErrorCode, QuarantineServiceError, hasPermission, isSessionValid, requirePermission, } from './quarantine/index.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/src/services/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/services/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EACL,iBAAiB,EACjB,KAAK,oBAAoB,EACzB,KAAK,oBAAoB,EACzB,KAAK,cAAc,EACnB,KAAK,mBAAmB,EACxB,KAAK,wBAAwB,EAC7B,KAAK,yBAAyB,EAC9B,KAAK,0BAA0B,EAC/B,sBAAsB,EACtB,aAAa,EACb,cAAc,EACd,iBAAiB,GAClB,MAAM,uBAAuB,CAAA"}

package/dist/src/services/index.js

@@ -0,0 +1,10 @@
+/**
+ * Services Module
+ *
+ * Business logic services with authentication and authorization.
+ *
+ * @module @skillsmith/core/services
+ */
+// Quarantine Service (SMI-2269)
+export { QuarantineService, QuarantineServiceError, hasPermission, isSessionValid, requirePermission, } from './quarantine/index.js';
+//# sourceMappingURL=index.js.map

package/dist/src/services/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/services/index.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,gCAAgC;AAChC,OAAO,EACL,iBAAiB,EAQjB,sBAAsB,EACtB,aAAa,EACb,cAAc,EACd,iBAAiB,GAClB,MAAM,uBAAuB,CAAA"}

package/dist/src/services/quarantine/QuarantineService.d.ts

@@ -0,0 +1,157 @@
+/**
+ * SMI-2269: Quarantine Service with Authentication
+ * SMI-2277: Persist multi-approval state to database
+ *
+ * Service layer for quarantine operations that enforces authentication
+ * and authorization. Wraps QuarantineRepository with security controls.
+ *
+ * VP Engineering Guidance:
+ * - Auth belongs in service/handler layer, not repository
+ * - Repositories should be pure data access
+ *
+ * Security Controls:
+ * - QUA-002: Requires authenticated session for review operations
+ * - Enforces security_reviewer permission for review access
+ * - Multi-approval workflow for MALICIOUS severity
+ * - Audit logs include verified reviewer identity
+ * - Approval state persisted to database (survives restarts)
+ *
+ * @module @skillsmith/core/services/quarantine/QuarantineService
+ */
+import type { QuarantineRepository } from '../../repositories/quarantine/index.js';
+import type { ApprovalRepository } from '../../repositories/quarantine/ApprovalRepository.js';
+import type { AuditLogger } from '../../security/AuditLogger.js';
+import type { AuthenticatedSession, AuthenticatedReviewInput, AuthenticatedReviewResult, MultiApprovalStatus } from './types.js';
+/**
+ * Quarantine Service with Authentication
+ *
+ * Provides authenticated access to quarantine operations with:
+ * - Session validation
+ * - Permission checks (security_reviewer role)
+ * - Multi-approval workflow for MALICIOUS severity
+ * - Audit logging with verified identities
+ * - Database-persisted approval state (SMI-2277)
+ *
+ * @example
+ * ```typescript
+ * const service = new QuarantineService(repository, approvalRepository, auditLogger)
+ *
+ * // Review a quarantined skill (requires authentication)
+ * const result = await service.review(
+ *   session,
+ *   quarantineId,
+ *   { reviewStatus: 'approved', reviewNotes: 'Verified safe' }
+ * )
+ * ```
+ */
+export declare class QuarantineService {
+    private readonly repository;
+    private readonly approvalRepository;
+    private readonly auditLogger;
+    constructor(repository: QuarantineRepository, approvalRepository: ApprovalRepository, auditLogger: AuditLogger);
+    /**
+     * Find a quarantine entry by ID
+     *
+     * @param session - Authenticated session
+     * @param id - Quarantine entry ID
+     * @returns Quarantine entry or null
+     */
+    findById(session: AuthenticatedSession, id: string): import("../../repositories/quarantine/types.js").QuarantineEntry | null;
+    /**
+     * Find quarantine entries for a skill
+     *
+     * @param session - Authenticated session
+     * @param skillId - Skill ID
+     * @returns Array of quarantine entries
+     */
+    findBySkillId(session: AuthenticatedSession, skillId: string): import("../../repositories/quarantine/types.js").QuarantineEntry[];
+    /**
+     * Find all quarantine entries with optional filtering
+     *
+     * @param session - Authenticated session
+     * @param filter - Query filters
+     * @returns Paginated quarantine results
+     */
+    findAll(session: AuthenticatedSession, filter?: Parameters<QuarantineRepository['findAll']>[0]): import("../../repositories/quarantine/types.js").PaginatedQuarantineResults;
+    /**
+     * Get quarantine statistics
+     *
+     * @param session - Authenticated session
+     * @returns Quarantine statistics
+     */
+    getStats(session: AuthenticatedSession): import("../../repositories/quarantine/types.js").QuarantineStats;
+    /**
+     * Review a quarantine entry with authentication
+     *
+     * This is the secure replacement for QuarantineRepository.review().
+     * It enforces:
+     * - Valid authenticated session
+     * - security_reviewer permission (quarantine:review)
+     * - Multi-approval for MALICIOUS severity (quarantine:review_malicious)
+     * - Audit logging with verified reviewer identity
+     *
+     * @param session - Authenticated session (verified by auth layer)
+     * @param quarantineId - Quarantine entry ID to review
+     * @param input - Review decision and notes
+     * @returns Review result with verified reviewer identity
+     * @throws QuarantineServiceError on auth/permission failure
+     */
+    review(session: AuthenticatedSession, quarantineId: string, input: AuthenticatedReviewInput): AuthenticatedReviewResult;
+    /**
+     * Handle approval for MALICIOUS severity skills
+     *
+     * MALICIOUS severity requires multiple reviewers to approve
+     * before a skill can be unquarantined. This prevents single
+     * reviewer compromise from allowing malicious skills.
+     *
+     * Approval state is persisted to the database (SMI-2277) so
+     * pending approvals survive service restarts.
+     *
+     * @param session - Authenticated session
+     * @param quarantineId - Quarantine entry ID
+     * @param skillId - Skill ID
+     * @param input - Review input
+     * @returns Review result with multi-approval status
+     */
+    private handleMaliciousApproval;
+    /**
+     * Get pending multi-approval status for a quarantine entry
+     *
+     * @param session - Authenticated session
+     * @param quarantineId - Quarantine entry ID
+     * @returns Multi-approval status or null
+     */
+    getMultiApprovalStatus(session: AuthenticatedSession, quarantineId: string): MultiApprovalStatus | null;
+    /**
+     * Cancel a pending multi-approval workflow
+     *
+     * @param session - Authenticated session (requires admin)
+     * @param quarantineId - Quarantine entry ID
+     * @returns Whether the cancellation was successful
+     */
+    cancelMultiApproval(session: AuthenticatedSession, quarantineId: string): boolean;
+    /**
+     * Create a quarantine entry (admin only)
+     *
+     * @param session - Authenticated session
+     * @param input - Quarantine creation input
+     * @returns Created quarantine entry
+     */
+    create(session: AuthenticatedSession, input: Parameters<QuarantineRepository['create']>[0]): import("../../repositories/quarantine/types.js").QuarantineEntry;
+    /**
+     * Delete a quarantine entry (admin only)
+     *
+     * @param session - Authenticated session
+     * @param id - Quarantine entry ID
+     * @returns Whether the entry was deleted
+     */
+    delete(session: AuthenticatedSession, id: string): boolean;
+    /**
+     * Build a MultiApprovalStatus from database rows
+     *
+     * Converts persisted approval entries into the MultiApprovalStatus
+     * interface expected by consumers.
+     */
+    private buildMultiApprovalStatus;
+}
+//# sourceMappingURL=QuarantineService.d.ts.map

package/dist/src/services/quarantine/QuarantineService.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"QuarantineService.d.ts","sourceRoot":"","sources":["../../../../src/services/quarantine/QuarantineService.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,wCAAwC,CAAA;AAClF,OAAO,KAAK,EAAE,kBAAkB,EAAE,MAAM,qDAAqD,CAAA;AAC7F,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,+BAA+B,CAAA;AAChE,OAAO,KAAK,EACV,oBAAoB,EACpB,wBAAwB,EACxB,yBAAyB,EACzB,mBAAmB,EAEpB,MAAM,YAAY,CAAA;AAqBnB;;;;;;;;;;;;;;;;;;;;;GAqBG;AACH,qBAAa,iBAAiB;IAE1B,OAAO,CAAC,QAAQ,CAAC,UAAU;IAC3B,OAAO,CAAC,QAAQ,CAAC,kBAAkB;IACnC,OAAO,CAAC,QAAQ,CAAC,WAAW;gBAFX,UAAU,EAAE,oBAAoB,EAChC,kBAAkB,EAAE,kBAAkB,EACtC,WAAW,EAAE,WAAW;IAO3C;;;;;;OAMG;IACH,QAAQ,CAAC,OAAO,EAAE,oBAAoB,EAAE,EAAE,EAAE,MAAM;IAKlD;;;;;;OAMG;IACH,aAAa,CAAC,OAAO,EAAE,oBAAoB,EAAE,OAAO,EAAE,MAAM;IAK5D;;;;;;OAMG;IACH,OAAO,CAAC,OAAO,EAAE,oBAAoB,EAAE,MAAM,CAAC,EAAE,UAAU,CAAC,oBAAoB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;IAK9F;;;;;OAKG;IACH,QAAQ,CAAC,OAAO,EAAE,oBAAoB;IAStC;;;;;;;;;;;;;;;OAeG;IACH,MAAM,CACJ,OAAO,EAAE,oBAAoB,EAC7B,YAAY,EAAE,MAAM,EACpB,KAAK,EAAE,wBAAwB,GAC9B,yBAAyB;IAoF5B;;;;;;;;;;;;;;;OAeG;IACH,OAAO,CAAC,uBAAuB;IA2K/B;;;;;;OAMG;IACH,sBAAsB,CACpB,OAAO,EAAE,oBAAoB,EAC7B,YAAY,EAAE,MAAM,GACnB,mBAAmB,GAAG,IAAI;IAW7B;;;;;;OAMG;IACH,mBAAmB,CAAC,OAAO,EAAE,oBAAoB,EAAE,YAAY,EAAE,MAAM,GAAG,OAAO;IA8BjF;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,EAAE,oBAAoB,EAAE,KAAK,EAAE,UAAU,CAAC,oBAAoB,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IAK1F;;;;;;OAMG;IACH,MAAM,CAAC,OAAO,EAAE,oBAAoB,EAAE,EAAE,EAAE,MAAM,GAAG,OAAO;IAa1D;;;;;OAKG;IACH,OAAO,CAAC,wBAAwB;CA+BjC"}