@snovon/solast 0.2.0

package/dist/config.d.ts

@@ -0,0 +1,9 @@
+import type { SeverityLabel } from './severity';
+export declare class ConfigUserError extends Error {
+    constructor(message: string);
+}
+export interface SolASTConfig {
+    severityOverrides: Record<string, SeverityLabel>;
+    detectorOptions?: Record<string, any>;
+}
+export declare function loadProjectConfig(cwd: string, targets?: string[]): SolASTConfig;

package/dist/config.js

@@ -0,0 +1,284 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.ConfigUserError = void 0;
+exports.loadProjectConfig = loadProjectConfig;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const ALLOWED_SEVERITIES = ['critical', 'high', 'medium', 'low', 'informational'];
+const ALLOWED_SEVERITIES_TEXT = ALLOWED_SEVERITIES.join(', ');
+class ConfigUserError extends Error {
+    constructor(message) {
+        super(message);
+        this.name = 'ConfigUserError';
+    }
+}
+exports.ConfigUserError = ConfigUserError;
+function loadProjectConfig(cwd, targets = []) {
+    const severityOverrides = {};
+    let detectorOptions = {};
+    for (const configPath of configPaths(cwd, targets)) {
+        if (!fs.existsSync(configPath))
+            continue;
+        const raw = fs.readFileSync(configPath, 'utf8');
+        Object.assign(severityOverrides, parseSeverityOverrides(raw, configPath));
+        const parsedOptions = parseDetectorOptions(raw, configPath);
+        if (parsedOptions) {
+            detectorOptions = { ...detectorOptions, ...parsedOptions };
+        }
+    }
+    return { severityOverrides, detectorOptions };
+}
+function parseDetectorOptions(raw, sourcePath) {
+    if (sourcePath.endsWith('.yml') || sourcePath.endsWith('.yaml'))
+        return parseYamlDetectorOptions(raw);
+    return undefined;
+}
+function parseYamlDetectorOptions(raw) {
+    const options = {};
+    const lines = raw.split(/\r?\n/);
+    let state = 'idle';
+    let detectorsIndent = -1;
+    let ruleIndent = -1;
+    let currentRule = '';
+    for (const rawLine of lines) {
+        const line = rawLine.replace(/\t/g, '  ');
+        if (line.trim().length === 0 || /^\s*#/.test(line))
+            continue;
+        const indent = line.length - line.trimStart().length;
+        const trimmed = stripYamlComment(line.trim());
+        if (state === 'idle') {
+            if (trimmed === 'detectors:') {
+                state = 'in-detectors';
+                detectorsIndent = indent;
+            }
+            continue;
+        }
+        if (state === 'in-detectors') {
+            if (indent <= detectorsIndent) {
+                state = 'idle';
+                if (trimmed === 'detectors:') {
+                    state = 'in-detectors';
+                    detectorsIndent = indent;
+                }
+                continue;
+            }
+            const match = trimmed.match(/^([^:]+):$/);
+            if (match) {
+                currentRule = unquote(match[1].trim());
+                options[currentRule] = {};
+                state = 'in-rule';
+                ruleIndent = indent;
+            }
+            continue;
+        }
+        if (state === 'in-rule') {
+            if (indent <= ruleIndent) {
+                // Pop back to in-detectors
+                state = indent <= detectorsIndent ? 'idle' : 'in-detectors';
+                if (state === 'in-detectors') {
+                    const match = trimmed.match(/^([^:]+):$/);
+                    if (match) {
+                        currentRule = unquote(match[1].trim());
+                        options[currentRule] = {};
+                        state = 'in-rule';
+                        ruleIndent = indent;
+                    }
+                }
+                continue;
+            }
+            const entry = trimmed.match(/^([^:]+):(?:\s*(.*))?$/);
+            if (entry) {
+                const key = unquote(entry[1].trim());
+                const valueText = (entry[2] || '').trim();
+                if (valueText && valueText !== '[]' && valueText !== '{}') {
+                    options[currentRule][key] = unquote(valueText);
+                }
+            }
+        }
+    }
+    return options;
+}
+function configPaths(cwd, targets) {
+    const roots = new Set([path.resolve(cwd)]);
+    if (targets.length === 1) {
+        const target = path.resolve(cwd, targets[0]);
+        try {
+            const stat = fs.statSync(target);
+            roots.add(stat.isDirectory() ? target : path.dirname(target));
+        }
+        catch (_err) {
+            // Path validation later in the scan command owns missing-target errors.
+        }
+    }
+    const paths = [];
+    for (const root of roots) {
+        paths.push(path.join(root, '.solast.toml'));
+        paths.push(path.join(root, '.solast.yml'));
+    }
+    return paths;
+}
+function parseSeverityOverrides(raw, sourcePath) {
+    if (sourcePath.endsWith('.toml'))
+        return parseTomlSeverityOverrides(raw);
+    if (sourcePath.endsWith('.yml') || sourcePath.endsWith('.yaml'))
+        return parseYamlSeverityOverrides(raw);
+    return {};
+}
+function parseTomlSeverityOverrides(raw) {
+    const overrides = {};
+    let section = '';
+    for (const rawLine of raw.split(/\r?\n/)) {
+        const line = stripTomlComment(rawLine).trim();
+        if (!line)
+            continue;
+        const sectionMatch = line.match(/^\[([^\]]+)\]$/);
+        if (sectionMatch) {
+            section = sectionMatch[1].trim();
+            continue;
+        }
+        if (section !== 'severity.overrides')
+            continue;
+        const assignment = line.match(/^([^=]+?)\s*=\s*(.+)$/);
+        if (!assignment)
+            continue;
+        const key = unquote(assignment[1].trim());
+        const value = parseTomlStringValue(assignment[2].trim());
+        overrides[key] = validateSeverityOverride(`severity.overrides.${key}`, value);
+    }
+    return overrides;
+}
+function stripTomlComment(line) {
+    let quote;
+    for (let i = 0; i < line.length; i += 1) {
+        const ch = line[i];
+        if ((ch === '"' || ch === "'") && line[i - 1] !== '\\') {
+            quote = quote === ch ? undefined : quote || ch;
+        }
+        if (ch === '#' && !quote)
+            return line.slice(0, i);
+    }
+    return line;
+}
+function parseTomlStringValue(value) {
+    const trimmed = value.trim();
+    if ((trimmed.startsWith('"') && trimmed.endsWith('"')) || (trimmed.startsWith("'") && trimmed.endsWith("'"))) {
+        return trimmed.slice(1, -1);
+    }
+    return trimmed;
+}
+function parseYamlSeverityOverrides(raw) {
+    const overrides = {};
+    const lines = raw.split(/\r?\n/);
+    let state = 'idle';
+    let severityIndent = -1;
+    let overridesIndent = -1;
+    for (const rawLine of lines) {
+        const line = rawLine.replace(/\t/g, '  ');
+        if (line.trim().length === 0 || /^\s*#/.test(line))
+            continue;
+        const indent = line.length - line.trimStart().length;
+        const trimmed = stripYamlComment(line.trim());
+        if (state === 'idle') {
+            if (trimmed === 'severity:') {
+                state = 'in-severity';
+                severityIndent = indent;
+            }
+            continue;
+        }
+        if (state === 'in-severity') {
+            if (indent <= severityIndent) {
+                state = 'idle';
+                if (trimmed === 'severity:') {
+                    state = 'in-severity';
+                    severityIndent = indent;
+                }
+                continue;
+            }
+            if (trimmed === 'overrides:' || trimmed === 'overrides: {}') {
+                if (trimmed === 'overrides: {}')
+                    return overrides;
+                state = 'in-overrides';
+                overridesIndent = indent;
+            }
+            continue;
+        }
+        if (state === 'in-overrides') {
+            if (indent <= overridesIndent) {
+                state = indent <= severityIndent ? 'idle' : 'in-severity';
+                continue;
+            }
+            const entry = trimmed.match(/^([^:]+):(?:\s*(.*))?$/);
+            if (!entry)
+                continue;
+            const key = unquote(entry[1].trim());
+            const valueText = (entry[2] || '').trim();
+            if (!valueText || valueText === '[]' || valueText === '{}') {
+                throw new ConfigUserError(invalidSeverityMessage(`severity.overrides.${key}`, valueText || '<non-scalar>'));
+            }
+            overrides[key] = validateSeverityOverride(`severity.overrides.${key}`, unquote(valueText));
+        }
+    }
+    return overrides;
+}
+function stripYamlComment(line) {
+    let quote;
+    for (let i = 0; i < line.length; i += 1) {
+        const ch = line[i];
+        if ((ch === '"' || ch === "'") && line[i - 1] !== '\\') {
+            quote = quote === ch ? undefined : quote || ch;
+        }
+        if (ch === '#' && !quote)
+            return line.slice(0, i).trimEnd();
+    }
+    return line;
+}
+function unquote(value) {
+    const trimmed = value.trim();
+    if ((trimmed.startsWith('"') && trimmed.endsWith('"')) || (trimmed.startsWith("'") && trimmed.endsWith("'"))) {
+        return trimmed.slice(1, -1);
+    }
+    return trimmed;
+}
+function validateSeverityOverride(pathLabel, value) {
+    if (typeof value !== 'string' || !ALLOWED_SEVERITIES.includes(value)) {
+        throw new ConfigUserError(invalidSeverityMessage(pathLabel, String(value)));
+    }
+    return value;
+}
+function invalidSeverityMessage(pathLabel, value) {
+    return `${pathLabel} has invalid severity override '${value}'. Allowed values: ${ALLOWED_SEVERITIES_TEXT}`;
+}
+//# sourceMappingURL=config.js.map

package/dist/dedup/files.d.ts

@@ -0,0 +1 @@
+export declare function deduplicateFilesByContent(files: string[]): string[];

package/dist/dedup/files.js

@@ -0,0 +1,74 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.deduplicateFilesByContent = deduplicateFilesByContent;
+const crypto = __importStar(require("crypto"));
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+function normalizeSourceForContentDedup(source) {
+    return source
+        .replace(/\r\n?/g, '\n')
+        .replace(/[ \t]+$/gm, '');
+}
+function contentHash(source) {
+    return crypto
+        .createHash('sha256')
+        .update(normalizeSourceForContentDedup(source))
+        .digest('hex');
+}
+function compareKeptPath(a, b) {
+    const normalizedA = path.normalize(a);
+    const normalizedB = path.normalize(b);
+    if (normalizedA.length !== normalizedB.length)
+        return normalizedA.length - normalizedB.length;
+    return normalizedA.localeCompare(normalizedB);
+}
+function deduplicateFilesByContent(files) {
+    const groups = new Map();
+    for (const file of files) {
+        const source = fs.readFileSync(file, 'utf-8');
+        const hash = contentHash(source);
+        const existing = groups.get(hash);
+        if (existing === undefined || compareKeptPath(file, existing) < 0) {
+            groups.set(hash, file);
+        }
+    }
+    const kept = new Set(groups.values());
+    // Preserve the caller's discovery order — `filter` keeps the input
+    // sequence, so a kept file set is a subsequence of `files`. Sorting
+    // here would reorder findings out of file-discovery order.
+    return files.filter(file => kept.has(file));
+}
+//# sourceMappingURL=files.js.map

package/dist/dedup/findings.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Rule deduplication engine for bridge/cross-chain detectors.
+ *
+ * Clusters findings by (file, overlapping line_range, snippet_hash) and
+ * preserves the highest-severity / highest-confidence finding as canonical.
+ * Deterministic — no solc, RPC, or LLM dependency.
+ *
+ * Design (ADR 0004):
+ *   - Dedup key: file + normalized line range (intersection-based overlap)
+ *     with configurable tolerance + snippetHash
+ *   - Bridge-first rollout: BRIDGE_DEDUP_GROUPS is a data-driven registry;
+ *     adding/widening a bridge detector is a one-line registry change
+ *   - Stable group IDs derived from sorted member findingIds hashed together
+ *   - Severity rank: critical > high > medium > low > informational; error/warning/info
+ *     mapped to their canonical counterparts (error=high, warning=medium, info=low)
+ *   - Confidence rank: high > medium > low
+ *   - merged_from field deferred — output-schema churn; decide in PR discussion
+ */
+import type { ScanResult } from '../index';
+/**
+ * Data-driven registry mapping bridge rule IDs into shared equivalence classes.
+ * Adding/widening a bridge detector is a one-line registry change here.
+ *
+ * Groups are documented in ADR 0004.
+ */
+export declare const BRIDGE_DEDUP_GROUPS: Record<string, string[]>;
+interface DedupResult {
+    findings: ScanResult[];
+    rawCount: number;
+    uniqueCount: number;
+}
+/**
+ * Returns deduplicated findings with raw and unique counts. Empty input returns
+ * empty output with zero counts.
+ *
+ * Within each cluster, the highest-severity / highest-confidence finding
+ * is preserved as canonical with a stable dedup_group_id attached.
+ * Findings outside any bridge dedup group are passed through unchanged.
+ */
+export declare function dedupFindings(findings: ScanResult[]): DedupResult;
+export {};

package/dist/dedup/findings.js

@@ -0,0 +1,211 @@
+"use strict";
+/**
+ * Rule deduplication engine for bridge/cross-chain detectors.
+ *
+ * Clusters findings by (file, overlapping line_range, snippet_hash) and
+ * preserves the highest-severity / highest-confidence finding as canonical.
+ * Deterministic — no solc, RPC, or LLM dependency.
+ *
+ * Design (ADR 0004):
+ *   - Dedup key: file + normalized line range (intersection-based overlap)
+ *     with configurable tolerance + snippetHash
+ *   - Bridge-first rollout: BRIDGE_DEDUP_GROUPS is a data-driven registry;
+ *     adding/widening a bridge detector is a one-line registry change
+ *   - Stable group IDs derived from sorted member findingIds hashed together
+ *   - Severity rank: critical > high > medium > low > informational; error/warning/info
+ *     mapped to their canonical counterparts (error=high, warning=medium, info=low)
+ *   - Confidence rank: high > medium > low
+ *   - merged_from field deferred — output-schema churn; decide in PR discussion
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.BRIDGE_DEDUP_GROUPS = void 0;
+exports.dedupFindings = dedupFindings;
+const crypto = __importStar(require("crypto"));
+const OVERLAP_TOLERANCE_LINES = 0;
+const severity_1 = require("../severity");
+const CONFIDENCE_RANK = {
+    high: 3,
+    medium: 2,
+    low: 1,
+};
+function severityRank(f) {
+    return severity_1.SEVERITY_RANK[f.severity] ?? 0;
+}
+function confidenceRank(f) {
+    if (!f.confidence)
+        return 0;
+    return CONFIDENCE_RANK[f.confidence] ?? 0;
+}
+function normalizeRange(line, endLine) {
+    const end = endLine ?? line;
+    return { start: Math.min(line, end), end: Math.max(line, end) };
+}
+function rangesOverlap(a, b, tolerance = OVERLAP_TOLERANCE_LINES) {
+    return a.start - tolerance <= b.end && b.start - tolerance <= a.end;
+}
+function stableGroupId(findings, groupKey) {
+    const ids = findings.map(f => f.findingId).filter(Boolean).sort();
+    const input = `groupKey=${groupKey}&findingIds=${ids.join(',')}`;
+    return `grp_${crypto.createHash('sha256').update(input).digest('hex').slice(0, 12)}`;
+}
+function compareFindings(a, b) {
+    const sRank = severityRank(b) - severityRank(a);
+    if (sRank !== 0)
+        return sRank;
+    const cRank = confidenceRank(b) - confidenceRank(a);
+    if (cRank !== 0)
+        return cRank;
+    return a.findingId.localeCompare(b.findingId);
+}
+/**
+ * Data-driven registry mapping bridge rule IDs into shared equivalence classes.
+ * Adding/widening a bridge detector is a one-line registry change here.
+ *
+ * Groups are documented in ADR 0004.
+ */
+exports.BRIDGE_DEDUP_GROUPS = {
+    // Cross-chain message handler surface (ADR 0004): rules that fire on
+    // _lzReceive-like entry points where a caller-controlled cross-chain payload
+    // reaches privileged execution. Same-location findings from these rules
+    // describe the same handler-level vulnerability and collapse to one
+    // canonical finding under --dedup. Issue #1710 explicitly cites
+    // cross-chain-messaging / layerzero-v2-unverified-origin / cross-vm-reentrancy
+    // as overlapping siblings on this surface.
+    'arbitrary-call-gateway': [
+        'cross-chain-arbitrary-call',
+        'cross-chain-messaging',
+        'cross-vm-reentrancy',
+        'fi-bridges',
+        'layerzero-v2-unverified-origin',
+        'zetachain-gateway-hack-analysis',
+    ],
+    'proof-root-public-input': [
+        'bridge-forged-proof',
+        'bridge-business-logic-flaw-incorrect-acc',
+        'starkware-proof-validation-gap',
+        'unbound-zk-verifier-input',
+    ],
+};
+function findGroupKey(ruleId) {
+    for (const [key, members] of Object.entries(exports.BRIDGE_DEDUP_GROUPS)) {
+        if (members.includes(ruleId))
+            return key;
+    }
+    return undefined;
+}
+/**
+ * Returns deduplicated findings with raw and unique counts. Empty input returns
+ * empty output with zero counts.
+ *
+ * Within each cluster, the highest-severity / highest-confidence finding
+ * is preserved as canonical with a stable dedup_group_id attached.
+ * Findings outside any bridge dedup group are passed through unchanged.
+ */
+function dedupFindings(findings) {
+    if (findings.length === 0)
+        return { findings: [], rawCount: 0, uniqueCount: 0 };
+    const clusterMap = new Map();
+    const passThrough = [];
+    for (let index = 0; index < findings.length; index++) {
+        const f = findings[index];
+        const groupKey = findGroupKey(f.ruleId);
+        if (!groupKey) {
+            passThrough.push({ index, finding: f });
+            continue;
+        }
+        const range = normalizeRange(f.line, f.endLine);
+        const snippetHash = f.snippetHash ?? '';
+        const instance_key = f.instance_key ?? '';
+        let matchedCluster;
+        for (const cluster of clusterMap.values()) {
+            if (cluster.groupKey !== groupKey)
+                continue;
+            if (cluster.file !== f.file)
+                continue;
+            if (instance_key && cluster.instanceKey === instance_key) {
+                const sameDetector = [...cluster.findings].some(c => c.ruleId === f.ruleId);
+                if (!sameDetector || rangesOverlap(cluster.range, range)) {
+                    matchedCluster = cluster;
+                    break;
+                }
+            }
+            if (cluster.contractHash !== f.contractHash)
+                continue;
+            if (cluster.snippetHash !== snippetHash)
+                continue;
+            if (!rangesOverlap(cluster.range, range))
+                continue;
+            matchedCluster = cluster;
+            break;
+        }
+        if (!matchedCluster) {
+            const key = instance_key
+                ? `${groupKey}|${f.file}|instance_key:${instance_key}|${f.ruleId}|${range.start}-${range.end}|${snippetHash}`
+                : `${groupKey}|${f.file}|${f.contractHash ?? ''}|${snippetHash}|${range.start}`;
+            matchedCluster = {
+                file: f.file,
+                contractHash: f.contractHash,
+                snippetHash,
+                range,
+                findings: [],
+                groupKey,
+                firstIndex: index,
+                instanceKey: instance_key || undefined,
+            };
+            clusterMap.set(key, matchedCluster);
+        }
+        matchedCluster.findings.push(f);
+    }
+    const ordered = [];
+    for (const cluster of clusterMap.values()) {
+        if (cluster.findings.length === 1) {
+            ordered.push({ index: cluster.firstIndex, finding: cluster.findings[0] });
+            continue;
+        }
+        const canonical = [...cluster.findings].sort(compareFindings)[0];
+        canonical.dedup_group_id = stableGroupId(cluster.findings, cluster.groupKey);
+        ordered.push({ index: cluster.firstIndex, finding: canonical });
+    }
+    ordered.push(...passThrough);
+    ordered.sort((a, b) => a.index - b.index);
+    const result = ordered.map(entry => entry.finding);
+    return {
+        findings: result,
+        rawCount: findings.length,
+        uniqueCount: result.length,
+    };
+}
+//# sourceMappingURL=findings.js.map