@telora/daemon 0.15.57 → 0.15.60
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build-info.json +5 -3
- package/dist/assembly-resolvers.d.ts.map +1 -1
- package/dist/assembly-resolvers.js +16 -9
- package/dist/assembly-resolvers.js.map +1 -1
- package/dist/ci-escalation.d.ts +39 -0
- package/dist/ci-escalation.d.ts.map +1 -0
- package/dist/ci-escalation.js +62 -0
- package/dist/ci-escalation.js.map +1 -0
- package/dist/focus-completion.d.ts.map +1 -1
- package/dist/focus-completion.js +39 -14
- package/dist/focus-completion.js.map +1 -1
- package/dist/focus-team-lifecycle.d.ts.map +1 -1
- package/dist/focus-team-lifecycle.js +31 -6
- package/dist/focus-team-lifecycle.js.map +1 -1
- package/dist/git-merge.d.ts +29 -2
- package/dist/git-merge.d.ts.map +1 -1
- package/dist/git-merge.js +27 -11
- package/dist/git-merge.js.map +1 -1
- package/dist/pipeline-config.d.ts +59 -0
- package/dist/pipeline-config.d.ts.map +1 -0
- package/dist/pipeline-config.js +59 -0
- package/dist/pipeline-config.js.map +1 -0
- package/dist/security-auto-inject.d.ts +36 -11
- package/dist/security-auto-inject.d.ts.map +1 -1
- package/dist/security-auto-inject.js +65 -23
- package/dist/security-auto-inject.js.map +1 -1
- package/dist/security-scan-engine.d.ts +12 -7
- package/dist/security-scan-engine.d.ts.map +1 -1
- package/dist/security-scan-engine.js +25 -13
- package/dist/security-scan-engine.js.map +1 -1
- package/package.json +1 -1
|
@@ -2,17 +2,25 @@
|
|
|
2
2
|
* Auto-injection for security findings.
|
|
3
3
|
*
|
|
4
4
|
* Every open finding that the engine sees -- newly observed or with no
|
|
5
|
-
* linked remediation -- is handed to processNewFinding.
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
14
|
-
*
|
|
15
|
-
*
|
|
5
|
+
* linked remediation -- is handed to processNewFinding. One scan batch
|
|
6
|
+
* produces one focus + one tree + one entity + one injection + one
|
|
7
|
+
* delivery, no matter how many findings the scan emits; each finding
|
|
8
|
+
* becomes an Issue under that single delivery.
|
|
9
|
+
*
|
|
10
|
+
* Per-batch (memoized across all findings in a scan run by
|
|
11
|
+
* wrapAutoInjectForScanRun):
|
|
12
|
+
* 1. Security remediation focus + tree.
|
|
13
|
+
* 2. Batch entity node representing the codebase's security surface.
|
|
14
|
+
* 3. Batch injection node ("Remediate security findings ...") targeting
|
|
15
|
+
* the entity node via a reality_tree_edge of kind 'targets'.
|
|
16
|
+
* 4. Batch delivery on the focus, linked to the injection via the
|
|
17
|
+
* delivery's injection_id column.
|
|
18
|
+
*
|
|
19
|
+
* Per finding:
|
|
20
|
+
* 5. Issue under the batch delivery (title = "Remediate <ioc>:<id>",
|
|
21
|
+
* description = advisory summary).
|
|
22
|
+
* 6. Sets finding.linked_injection_id to the batch injection.
|
|
23
|
+
* 7. Writes a security_finding_audit row with action='auto_injected'.
|
|
16
24
|
*
|
|
17
25
|
* No severity gate -- AI attempts every finding. The only short-circuit
|
|
18
26
|
* is `skipped_already_linked` when the finding already carries a
|
|
@@ -76,6 +84,8 @@ export interface AutoInjectDeps {
|
|
|
76
84
|
}>;
|
|
77
85
|
/**
|
|
78
86
|
* Materialize a delivery on the Security focus, linked to the injection.
|
|
87
|
+
* One delivery per scan batch -- memoized by wrapAutoInjectForScanRun so
|
|
88
|
+
* every finding in the run lands on the same delivery.
|
|
79
89
|
*/
|
|
80
90
|
createDelivery: (input: {
|
|
81
91
|
focusId: string;
|
|
@@ -87,6 +97,19 @@ export interface AutoInjectDeps {
|
|
|
87
97
|
}) => Promise<{
|
|
88
98
|
deliveryId: string;
|
|
89
99
|
}>;
|
|
100
|
+
/**
|
|
101
|
+
* Create one Issue under the batch delivery, one per finding. Called
|
|
102
|
+
* after the focus/entity/injection/delivery chain has resolved.
|
|
103
|
+
*/
|
|
104
|
+
createIssueOnDelivery: (input: {
|
|
105
|
+
deliveryId: string;
|
|
106
|
+
organizationId: string;
|
|
107
|
+
title: string;
|
|
108
|
+
description: string;
|
|
109
|
+
issueType?: 'Task' | 'Bug';
|
|
110
|
+
}) => Promise<{
|
|
111
|
+
issueId: string;
|
|
112
|
+
}>;
|
|
90
113
|
/** Update the finding row with its new linked_injection_id. */
|
|
91
114
|
linkFinding: (findingId: string, injectionNodeId: string) => Promise<void>;
|
|
92
115
|
/** Append a finding audit row. */
|
|
@@ -104,6 +127,8 @@ export interface ProcessNewFindingResult {
|
|
|
104
127
|
focusId?: string;
|
|
105
128
|
injectionNodeId?: string;
|
|
106
129
|
deliveryId?: string;
|
|
130
|
+
/** Issue created under the batch delivery for this finding. */
|
|
131
|
+
issueId?: string;
|
|
107
132
|
}
|
|
108
133
|
export declare function processNewFinding(finding: FindingForInjection, _options: AutoInjectOptions, deps: AutoInjectDeps): Promise<ProcessNewFindingResult>;
|
|
109
134
|
export declare function buildDefaultAutoInjectDeps(): AutoInjectDeps;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-auto-inject.d.ts","sourceRoot":"","sources":["../src/security-auto-inject.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"security-auto-inject.d.ts","sourceRoot":"","sources":["../src/security-auto-inject.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAGH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,2BAA2B,CAAC;AAM1D,MAAM,WAAW,mBAAmB;IAClC,EAAE,EAAE,MAAM,CAAC;IACX,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,QAAQ,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACjC,MAAM,EAAE,MAAM,GAAG,aAAa,GAAG,UAAU,GAAG,WAAW,CAAC;IAC1D,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;CAClC;AAED,MAAM,MAAM,iBAAiB,GAAG,MAAM,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;AAEtD,MAAM,WAAW,cAAc;IAC7B;;;;OAIG;IACH,8BAA8B,EAAE,CAC9B,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,KACnB,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAClD;;;;;OAKG;IACH,oCAAoC,CAAC,EAAE,CACrC,OAAO,EAAE,MAAM,EACf,YAAY,EAAE,MAAM,KACjB,OAAO,CAAC,IAAI,CAAC,CAAC;IACnB;;;OAGG;IACH,gBAAgB,EAAE,CAAC,KAAK,EAAE;QACxB,MAAM,EAAE,MAAM,CAAC;QACf,cAAc,EAAE,MAAM,CAAC;QACvB,KAAK,EAAE,MAAM,CAAC;QACd,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KAClC,KAAK,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAClC;;OAEG;IACH,eAAe,EAAE,CAAC,KAAK,EAAE;QACvB,MAAM,EAAE,MAAM,CAAC;QACf,cAAc,EAAE,MAAM,CAAC;QACvB,SAAS,EAAE,MAAM,CAAC;QAClB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACxC,KAAK,OAAO,CAAC;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAClC;;;;OAIG;IACH,cAAc,EAAE,CAAC,KAAK,EAAE;QACtB,OAAO,EAAE,MAAM,CAAC;QAChB,SAAS,EAAE,MAAM,CAAC;QAClB,cAAc,EAAE,MAAM,CAAC;QACvB,IAAI,EAAE,MAAM,CAAC;QACb,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;KACzB,KAAK,OAAO,CAAC;QAAE,UAAU,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtC;;;OAGG;IACH,qBAAqB,EAAE,CAAC,KAAK,EAAE;QAC7B,UAAU,EAAE,MAAM,CAAC;QACnB,cAAc,EAAE,MAAM,CAAC;QACvB,KAAK,EAAE,MAAM,CAAC;QACd,WAAW,EAAE,MAAM,CAAC;QACpB,SAAS,CAAC,EAAE,MAAM,GAAG,KAAK,CAAC;KAC5B,KAAK,OAAO,CAAC;QAAE,OAAO,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACnC,+DAA+D;IAC/D,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,eAAe,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3E,kCAAkC;IAClC,UAAU,EAAE,CAAC,KAAK,EAAE;QAClB,SAAS,EAAE,MAAM,CAAC;QAClB,cAAc,EAAE,MAAM,CAAC;QACvB,MAAM,EAAE,eAAe,CAAC;QACxB,MAAM,CAAC,EAAE,MAAM,CAAC;QAChB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;KACnC,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;CACrB;AA2CD,MAAM,WAAW,uBAAuB;IACtC,MAAM,EAAE,UAAU,GAAG,wBAAwB,CAAC;IAC9C,4EAA4E;IAC5E,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,+DAA+D;IAC/D,OAAO,CAAC,EAAE,MAAM,CAAC;CAClB;AAED,wBAAsB,iBAAiB,CACrC,OAAO,EAAE,mBAAmB,EAC5B,QAAQ,EAAE,iBAAiB,EAC3B,IAAI,EAAE,cAAc,GACnB,OAAO,CAAC,uBAAuB,CAAC,CAmElC;AAMD,wBAAgB,0BAA0B,IAAI,cAAc,CAgD3D"}
|
|
@@ -2,17 +2,25 @@
|
|
|
2
2
|
* Auto-injection for security findings.
|
|
3
3
|
*
|
|
4
4
|
* Every open finding that the engine sees -- newly observed or with no
|
|
5
|
-
* linked remediation -- is handed to processNewFinding.
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
10
|
-
*
|
|
11
|
-
*
|
|
12
|
-
*
|
|
13
|
-
*
|
|
14
|
-
*
|
|
15
|
-
*
|
|
5
|
+
* linked remediation -- is handed to processNewFinding. One scan batch
|
|
6
|
+
* produces one focus + one tree + one entity + one injection + one
|
|
7
|
+
* delivery, no matter how many findings the scan emits; each finding
|
|
8
|
+
* becomes an Issue under that single delivery.
|
|
9
|
+
*
|
|
10
|
+
* Per-batch (memoized across all findings in a scan run by
|
|
11
|
+
* wrapAutoInjectForScanRun):
|
|
12
|
+
* 1. Security remediation focus + tree.
|
|
13
|
+
* 2. Batch entity node representing the codebase's security surface.
|
|
14
|
+
* 3. Batch injection node ("Remediate security findings ...") targeting
|
|
15
|
+
* the entity node via a reality_tree_edge of kind 'targets'.
|
|
16
|
+
* 4. Batch delivery on the focus, linked to the injection via the
|
|
17
|
+
* delivery's injection_id column.
|
|
18
|
+
*
|
|
19
|
+
* Per finding:
|
|
20
|
+
* 5. Issue under the batch delivery (title = "Remediate <ioc>:<id>",
|
|
21
|
+
* description = advisory summary).
|
|
22
|
+
* 6. Sets finding.linked_injection_id to the batch injection.
|
|
23
|
+
* 7. Writes a security_finding_audit row with action='auto_injected'.
|
|
16
24
|
*
|
|
17
25
|
* No severity gate -- AI attempts every finding. The only short-circuit
|
|
18
26
|
* is `skipped_already_linked` when the finding already carries a
|
|
@@ -34,39 +42,59 @@ function buildAdvisorySummary(finding) {
|
|
|
34
42
|
const head = candidates[0] ?? `Security finding ${finding.identifier}`;
|
|
35
43
|
return `${head} (${finding.iocClass}, severity=${finding.severity})`;
|
|
36
44
|
}
|
|
37
|
-
function
|
|
45
|
+
function buildFindingLabel(finding) {
|
|
38
46
|
return `${finding.iocClass}:${finding.identifier}`;
|
|
39
47
|
}
|
|
48
|
+
/** Generic, per-tree label for the batch entity node. The server-side
|
|
49
|
+
* upsert dedupes on (treeId, statement, type='entity'), so every finding
|
|
50
|
+
* in the run reuses the same node. */
|
|
51
|
+
const BATCH_ENTITY_LABEL = 'Codebase security surface';
|
|
52
|
+
/** Generic batch injection statement. The scan-run timestamp + finding
|
|
53
|
+
* count are not appended here -- focus name finalization carries that
|
|
54
|
+
* metadata for the dashboard. */
|
|
55
|
+
const BATCH_INJECTION_STATEMENT = 'Remediate security findings in this scan batch';
|
|
56
|
+
function buildBatchDeliveryName() {
|
|
57
|
+
const nowIso = new Date().toISOString();
|
|
58
|
+
return `Security Remediation ${nowIso.slice(0, 16).replace('T', ' ')} UTC`;
|
|
59
|
+
}
|
|
60
|
+
const BATCH_DELIVERY_DESCRIPTION = 'Auto-created to hold remediation work for the findings in this security scan batch. Each finding is tracked as an Issue under this delivery.';
|
|
40
61
|
export async function processNewFinding(finding, _options, deps) {
|
|
41
62
|
if (finding.linkedInjectionId)
|
|
42
63
|
return { status: 'skipped_already_linked' };
|
|
64
|
+
// Steps 1-4 are per-batch: focus, entity, injection, delivery. Each is
|
|
65
|
+
// memoized by wrapAutoInjectForScanRun so every finding in the scan run
|
|
66
|
+
// resolves the same set of identifiers without re-calling the server.
|
|
43
67
|
const focus = await deps.createSecurityRemediationFocus(finding.productId, finding.organizationId);
|
|
44
68
|
const entity = await deps.upsertEntityNode({
|
|
45
69
|
treeId: focus.treeId,
|
|
46
70
|
organizationId: finding.organizationId,
|
|
47
|
-
label:
|
|
48
|
-
payload: {
|
|
71
|
+
label: BATCH_ENTITY_LABEL,
|
|
72
|
+
payload: { batch: true },
|
|
49
73
|
});
|
|
50
74
|
const injection = await deps.createInjection({
|
|
51
75
|
treeId: focus.treeId,
|
|
52
76
|
organizationId: finding.organizationId,
|
|
53
|
-
statement:
|
|
77
|
+
statement: BATCH_INJECTION_STATEMENT,
|
|
54
78
|
targetNodeId: entity.nodeId,
|
|
55
|
-
sourcePayload: {
|
|
56
|
-
finding_id: finding.id,
|
|
57
|
-
ioc_class: finding.iocClass,
|
|
58
|
-
severity: finding.severity,
|
|
59
|
-
identifier: finding.identifier,
|
|
60
|
-
},
|
|
79
|
+
sourcePayload: { batch: true },
|
|
61
80
|
});
|
|
62
81
|
const delivery = await deps.createDelivery({
|
|
63
82
|
focusId: focus.focusId,
|
|
64
83
|
productId: finding.productId,
|
|
65
84
|
organizationId: finding.organizationId,
|
|
66
|
-
name:
|
|
67
|
-
description:
|
|
85
|
+
name: buildBatchDeliveryName(),
|
|
86
|
+
description: BATCH_DELIVERY_DESCRIPTION,
|
|
68
87
|
injectionNodeId: injection.nodeId,
|
|
69
88
|
});
|
|
89
|
+
// Per-finding: one Issue under the batch delivery, plus the finding
|
|
90
|
+
// backlink + audit trail.
|
|
91
|
+
const issue = await deps.createIssueOnDelivery({
|
|
92
|
+
deliveryId: delivery.deliveryId,
|
|
93
|
+
organizationId: finding.organizationId,
|
|
94
|
+
title: `Remediate ${buildFindingLabel(finding)}`,
|
|
95
|
+
description: buildAdvisorySummary(finding),
|
|
96
|
+
issueType: 'Task',
|
|
97
|
+
});
|
|
70
98
|
await deps.linkFinding(finding.id, injection.nodeId);
|
|
71
99
|
await deps.writeAudit({
|
|
72
100
|
findingId: finding.id,
|
|
@@ -77,6 +105,7 @@ export async function processNewFinding(finding, _options, deps) {
|
|
|
77
105
|
severity: finding.severity,
|
|
78
106
|
delivery_id: delivery.deliveryId,
|
|
79
107
|
injection_node_id: injection.nodeId,
|
|
108
|
+
issue_id: issue.issueId,
|
|
80
109
|
},
|
|
81
110
|
});
|
|
82
111
|
return {
|
|
@@ -84,6 +113,7 @@ export async function processNewFinding(finding, _options, deps) {
|
|
|
84
113
|
focusId: focus.focusId,
|
|
85
114
|
injectionNodeId: injection.nodeId,
|
|
86
115
|
deliveryId: delivery.deliveryId,
|
|
116
|
+
issueId: issue.issueId,
|
|
87
117
|
};
|
|
88
118
|
}
|
|
89
119
|
// ---------------------------------------------------------------------------
|
|
@@ -109,6 +139,18 @@ export function buildDefaultAutoInjectDeps() {
|
|
|
109
139
|
createDelivery: async (input) => {
|
|
110
140
|
return callApi('daemon_create_security_delivery', input);
|
|
111
141
|
},
|
|
142
|
+
createIssueOnDelivery: async (input) => {
|
|
143
|
+
const res = await callApi('issue_create', {
|
|
144
|
+
deliveryId: input.deliveryId,
|
|
145
|
+
fields: {
|
|
146
|
+
title: input.title,
|
|
147
|
+
description: input.description,
|
|
148
|
+
issueType: input.issueType ?? 'Task',
|
|
149
|
+
status: 'To Do',
|
|
150
|
+
},
|
|
151
|
+
});
|
|
152
|
+
return { issueId: res.issue.id };
|
|
153
|
+
},
|
|
112
154
|
linkFinding: async (findingId, injectionNodeId) => {
|
|
113
155
|
await callApi('daemon_link_finding_to_injection', { findingId, injectionNodeId });
|
|
114
156
|
},
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-auto-inject.js","sourceRoot":"","sources":["../src/security-auto-inject.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"security-auto-inject.js","sourceRoot":"","sources":["../src/security-auto-inject.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GA6BG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAiG9C,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E,SAAS,oBAAoB,CAAC,OAA4B;IACxD,MAAM,OAAO,GAAG,OAAO,CAAC,OAAkC,CAAC;IAC3D,MAAM,UAAU,GAAG;QACjB,OAAO,OAAO,CAAC,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI;QACxD,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI;QAC5D,OAAO,OAAO,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI;KACzE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;IACzC,MAAM,IAAI,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,oBAAoB,OAAO,CAAC,UAAU,EAAE,CAAC;IACvE,OAAO,GAAG,IAAI,KAAK,OAAO,CAAC,QAAQ,cAAc,OAAO,CAAC,QAAQ,GAAG,CAAC;AACvE,CAAC;AAED,SAAS,iBAAiB,CAAC,OAA4B;IACrD,OAAO,GAAG,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;AACrD,CAAC;AAED;;uCAEuC;AACvC,MAAM,kBAAkB,GAAG,2BAA2B,CAAC;AAEvD;;kCAEkC;AAClC,MAAM,yBAAyB,GAAG,gDAAgD,CAAC;AAEnF,SAAS,sBAAsB;IAC7B,MAAM,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC;IACxC,OAAO,wBAAwB,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,MAAM,CAAC;AAC7E,CAAC;AAED,MAAM,0BAA0B,GAC9B,8IAA8I,CAAC;AAgBjJ,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,OAA4B,EAC5B,QAA2B,EAC3B,IAAoB;IAEpB,IAAI,OAAO,CAAC,iBAAiB;QAAE,OAAO,EAAE,MAAM,EAAE,wBAAwB,EAAE,CAAC;IAE3E,uEAAuE;IACvE,wEAAwE;IACxE,sEAAsE;IACtE,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,8BAA8B,CACrD,OAAO,CAAC,SAAS,EACjB,OAAO,CAAC,cAAc,CACvB,CAAC;IAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,gBAAgB,CAAC;QACzC,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,KAAK,EAAE,kBAAkB;QACzB,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE;KACzB,CAAC,CAAC;IAEH,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,eAAe,CAAC;QAC3C,MAAM,EAAE,KAAK,CAAC,MAAM;QACpB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,SAAS,EAAE,yBAAyB;QACpC,YAAY,EAAE,MAAM,CAAC,MAAM;QAC3B,aAAa,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE;KAC/B,CAAC,CAAC;IAEH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC;QACzC,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,SAAS,EAAE,OAAO,CAAC,SAAS;QAC5B,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,IAAI,EAAE,sBAAsB,EAAE;QAC9B,WAAW,EAAE,0BAA0B;QACvC,eAAe,EAAE,SAAS,CAAC,MAAM;KAClC,CAAC,CAAC;IAEH,oEAAoE;IACpE,0BAA0B;IAC1B,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,qBAAqB,CAAC;QAC7C,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,KAAK,EAAE,aAAa,iBAAiB,CAAC,OAAO,CAAC,EAAE;QAChD,WAAW,EAAE,oBAAoB,CAAC,OAAO,CAAC;QAC1C,SAAS,EAAE,MAAM;KAClB,CAAC,CAAC;IAEH,MAAM,IAAI,CAAC,WAAW,CAAC,OAAO,CAAC,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,CAAC;IAErD,MAAM,IAAI,CAAC,UAAU,CAAC;QACpB,SAAS,EAAE,OAAO,CAAC,EAAE;QACrB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,MAAM,EAAE,eAAe;QACvB,MAAM,EAAE,kBAAkB;QAC1B,OAAO,EAAE;YACP,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,WAAW,EAAE,QAAQ,CAAC,UAAU;YAChC,iBAAiB,EAAE,SAAS,CAAC,MAAM;YACnC,QAAQ,EAAE,KAAK,CAAC,OAAO;SACxB;KACF,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAE,UAAU;QAClB,OAAO,EAAE,KAAK,CAAC,OAAO;QACtB,eAAe,EAAE,SAAS,CAAC,MAAM;QACjC,UAAU,EAAE,QAAQ,CAAC,UAAU;QAC/B,OAAO,EAAE,KAAK,CAAC,OAAO;KACvB,CAAC;AACJ,CAAC;AAED,8EAA8E;AAC9E,kDAAkD;AAClD,8EAA8E;AAE9E,MAAM,UAAU,0BAA0B;IACxC,OAAO;QACL,8BAA8B,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,EAAE;YAClE,OAAO,OAAO,CACZ,0CAA0C,EAC1C,EAAE,SAAS,EAAE,cAAc,EAAE,CAC9B,CAAC;QACJ,CAAC;QACD,oCAAoC,EAAE,KAAK,EAAE,OAAO,EAAE,YAAY,EAAE,EAAE;YACpE,MAAM,OAAO,CAAC,iDAAiD,EAAE;gBAC/D,OAAO;gBACP,YAAY;aACb,CAAC,CAAC;QACL,CAAC;QACD,gBAAgB,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YAChC,OAAO,OAAO,CAAqB,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAClF,CAAC;QACD,eAAe,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YAC/B,OAAO,OAAO,CAAqB,kCAAkC,EAAE,KAAK,CAAC,CAAC;QAChF,CAAC;QACD,cAAc,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YAC9B,OAAO,OAAO,CAAyB,iCAAiC,EAAE,KAAK,CAAC,CAAC;QACnF,CAAC;QACD,qBAAqB,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YACrC,MAAM,GAAG,GAAG,MAAM,OAAO,CAA4B,cAAc,EAAE;gBACnE,UAAU,EAAE,KAAK,CAAC,UAAU;gBAC5B,MAAM,EAAE;oBACN,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,WAAW,EAAE,KAAK,CAAC,WAAW;oBAC9B,SAAS,EAAE,KAAK,CAAC,SAAS,IAAI,MAAM;oBACpC,MAAM,EAAE,OAAO;iBAChB;aACF,CAAC,CAAC;YACH,OAAO,EAAE,OAAO,EAAE,GAAG,CAAC,KAAK,CAAC,EAAE,EAAE,CAAC;QACnC,CAAC;QACD,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,eAAe,EAAE,EAAE;YAChD,MAAM,OAAO,CAAC,kCAAkC,EAAE,EAAE,SAAS,EAAE,eAAe,EAAE,CAAC,CAAC;QACpF,CAAC;QACD,UAAU,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;YAC1B,sEAAsE;YACtE,sEAAsE;YACtE,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,EAAE,GAAG,KAAK,CAAC;YAClC,MAAM,OAAO,CAAC,qCAAqC,EAAE;gBACnD,GAAG,IAAI;gBACP,WAAW,EAAE,MAAM;aACpB,CAAC,CAAC;QACL,CAAC;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -110,15 +110,20 @@ export interface SecurityScanDeps {
|
|
|
110
110
|
resolutionDeps?: ResolutionDeps;
|
|
111
111
|
}
|
|
112
112
|
/**
|
|
113
|
-
* Memoize the
|
|
114
|
-
*
|
|
115
|
-
*
|
|
113
|
+
* Memoize the per-batch identifiers within one scan-run: focus (+ tree),
|
|
114
|
+
* entity node, injection node, and delivery. The server handlers always
|
|
115
|
+
* create new rows; without this wrapper, every finding in the scan would
|
|
116
|
+
* land in its own focus + delivery, producing N noisy copies of what is
|
|
117
|
+
* conceptually one remediation batch. Returns undefined when no
|
|
118
|
+
* auto-inject is configured.
|
|
116
119
|
*
|
|
117
|
-
* Failure semantics: if
|
|
118
|
-
* discarded so the next finding retries the create.
|
|
120
|
+
* Failure semantics: if a memoized call throws, that slot's cached promise
|
|
121
|
+
* is discarded so the next finding in the run retries the create. Slots
|
|
122
|
+
* are independent -- a transient failure on createInjection does not
|
|
123
|
+
* invalidate the already-resolved focus or entity.
|
|
119
124
|
*
|
|
120
|
-
* Also exposes
|
|
121
|
-
*
|
|
125
|
+
* Also exposes peekFocusId() so the engine can finalize the focus name
|
|
126
|
+
* (appending the finding count) once the scan loop completes.
|
|
122
127
|
*/
|
|
123
128
|
export interface ScanRunAutoInject {
|
|
124
129
|
deps: AutoInjectDeps;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-scan-engine.d.ts","sourceRoot":"","sources":["../src/security-scan-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,EAGL,KAAK,cAAc,EAEpB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAGL,KAAK,cAAc,EAEpB,MAAM,iCAAiC,CAAC;AAQzC,MAAM,MAAM,QAAQ,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAC9D,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,aAAa,GAAG,UAAU,GAAG,WAAW,CAAC;AAE9E,sEAAsE;AACtE,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,+CAA+C;AAC/C,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,UAAU,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,8EAA8E;AAC9E,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,QAAQ,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,gDAAgD;AAChD,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,iFAAiF;IACjF,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,uDAAuD;AACvD,MAAM,WAAW,OAAO;IACtB,oEAAoE;IACpE,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;CAC7C;AAQD,wBAAgB,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAEtD;AAED,wBAAgB,qBAAqB,IAAI,OAAO,EAAE,CAEjD;AAMD,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,6EAA6E;IAC7E,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,EAAE,aAAa,CAAC;IACtB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;CAClC;AAED,6EAA6E;AAC7E,MAAM,WAAW,qBAAqB;IACpC;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC/B,iBAAiB,EAAE,CAAC,IAAI,CAAC,EAAE,qBAAqB,KAAK,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IAC3E;;;;OAIG;IACH,aAAa,EAAE,CACb,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,OAAO,EAAE,YAAY,KAClB,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAClC,8DAA8D;IAC9D,mBAAmB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACzD,qBAAqB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3D,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,MAAM,CAAC;IAC1C;;;;OAIG;IACH,eAAe,EAAE,MAAM,IAAI,CAAC;IAC5B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC;;;;OAIG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AAED
|
|
1
|
+
{"version":3,"file":"security-scan-engine.d.ts","sourceRoot":"","sources":["../src/security-scan-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAGH,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE/C,OAAO,EAGL,KAAK,cAAc,EAEpB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EAGL,KAAK,cAAc,EAEpB,MAAM,iCAAiC,CAAC;AAQzC,MAAM,MAAM,QAAQ,GAAG,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;AAC9D,MAAM,MAAM,aAAa,GAAG,MAAM,GAAG,aAAa,GAAG,UAAU,GAAG,WAAW,CAAC;AAE9E,sEAAsE;AACtE,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,YAAY,EAAE,MAAM,CAAC;IACrB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,OAAO,EAAE,OAAO,CAAC;IACjB,oBAAoB,EAAE,MAAM,GAAG,IAAI,CAAC;IACpC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;CAC1B;AAED,+CAA+C;AAC/C,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,UAAU,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,8EAA8E;AAC9E,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,QAAQ,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;IACnB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CAClC;AAED,gDAAgD;AAChD,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,YAAY,EAAE,CAAC;IACzB,iFAAiF;IACjF,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;CACnC;AAED,uDAAuD;AACvD,MAAM,WAAW,OAAO;IACtB,oEAAoE;IACpE,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,CAAC,GAAG,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;CAC7C;AAQD,wBAAgB,eAAe,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAEtD;AAED,wBAAgB,qBAAqB,IAAI,OAAO,EAAE,CAEjD;AAMD,MAAM,WAAW,mBAAmB;IAClC,SAAS,EAAE,MAAM,CAAC;IAClB,6EAA6E;IAC7E,MAAM,EAAE,OAAO,CAAC;IAChB,MAAM,EAAE,aAAa,CAAC;IACtB,iBAAiB,EAAE,MAAM,GAAG,IAAI,CAAC;CAClC;AAED,6EAA6E;AAC7E,MAAM,WAAW,qBAAqB;IACpC;;;;OAIG;IACH,UAAU,CAAC,EAAE,OAAO,CAAC;CACtB;AAED,MAAM,WAAW,gBAAgB;IAC/B,iBAAiB,EAAE,CAAC,IAAI,CAAC,EAAE,qBAAqB,KAAK,OAAO,CAAC,UAAU,EAAE,CAAC,CAAC;IAC3E;;;;OAIG;IACH,aAAa,EAAE,CACb,SAAS,EAAE,MAAM,EACjB,cAAc,EAAE,MAAM,EACtB,OAAO,EAAE,YAAY,KAClB,OAAO,CAAC,mBAAmB,CAAC,CAAC;IAClC,8DAA8D;IAC9D,mBAAmB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IACzD,qBAAqB,EAAE,CAAC,QAAQ,EAAE,MAAM,KAAK,OAAO,CAAC,IAAI,CAAC,CAAC;IAC3D,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,KAAK,MAAM,CAAC;IAC1C;;;;OAIG;IACH,eAAe,EAAE,MAAM,IAAI,CAAC;IAC5B,QAAQ,EAAE,OAAO,EAAE,CAAC;IACpB;;;;;OAKG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;IAChC;;;;OAIG;IACH,cAAc,CAAC,EAAE,cAAc,CAAC;CACjC;AAED;;;;;;;;;;;;;;;GAeG;AACH,MAAM,WAAW,iBAAiB;IAChC,IAAI,EAAE,cAAc,CAAC;IACrB,sEAAsE;IACtE,WAAW,IAAI,MAAM,GAAG,IAAI,CAAC;CAC9B;AAwBD,wBAAgB,wBAAwB,CACtC,KAAK,EAAE,cAAc,GAAG,SAAS,GAChC,iBAAiB,GAAG,SAAS,CAyB/B;AAED,wBAAsB,gBAAgB,CACpC,MAAM,EAAE,UAAU,EAClB,OAAO,EAAE,UAAU,GAAG,QAAQ,EAC9B,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC,IAAI,CAAC,CAyHf;AAaD,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,gBAAgB,EACtB,IAAI,GAAE,qBAA0B,GAC/B,OAAO,CAAC,IAAI,CAAC,CAgBf;AAMD,wBAAgB,4BAA4B,CAAC,MAAM,EAAE,YAAY,GAAG,gBAAgB,CAsCnF"}
|
|
@@ -34,25 +34,37 @@ export function registerScanner(scanner) {
|
|
|
34
34
|
export function getRegisteredScanners() {
|
|
35
35
|
return [...DEFAULT_REGISTRY.values()];
|
|
36
36
|
}
|
|
37
|
+
function makeMemoSlot(fn, onResolve) {
|
|
38
|
+
let cached = null;
|
|
39
|
+
return (input) => {
|
|
40
|
+
if (!cached) {
|
|
41
|
+
cached = fn(input).then((result) => {
|
|
42
|
+
onResolve?.(result);
|
|
43
|
+
return result;
|
|
44
|
+
}, (err) => {
|
|
45
|
+
cached = null;
|
|
46
|
+
throw err;
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
return cached;
|
|
50
|
+
};
|
|
51
|
+
}
|
|
37
52
|
export function wrapAutoInjectForScanRun(inner) {
|
|
38
53
|
if (!inner)
|
|
39
54
|
return undefined;
|
|
40
|
-
let cachedPromise = null;
|
|
41
55
|
let resolvedFocusId = null;
|
|
56
|
+
const focusFn = makeMemoSlot((input) => inner.createSecurityRemediationFocus(input.productId, input.organizationId), (result) => {
|
|
57
|
+
resolvedFocusId = result.focusId;
|
|
58
|
+
});
|
|
59
|
+
const entityFn = makeMemoSlot(inner.upsertEntityNode);
|
|
60
|
+
const injectionFn = makeMemoSlot(inner.createInjection);
|
|
61
|
+
const deliveryFn = makeMemoSlot(inner.createDelivery);
|
|
42
62
|
const wrapped = {
|
|
43
63
|
...inner,
|
|
44
|
-
createSecurityRemediationFocus: (productId, organizationId) => {
|
|
45
|
-
|
|
46
|
-
|
|
47
|
-
|
|
48
|
-
return result;
|
|
49
|
-
}, (err) => {
|
|
50
|
-
cachedPromise = null;
|
|
51
|
-
throw err;
|
|
52
|
-
});
|
|
53
|
-
}
|
|
54
|
-
return cachedPromise;
|
|
55
|
-
},
|
|
64
|
+
createSecurityRemediationFocus: (productId, organizationId) => focusFn({ productId, organizationId }),
|
|
65
|
+
upsertEntityNode: entityFn,
|
|
66
|
+
createInjection: injectionFn,
|
|
67
|
+
createDelivery: deliveryFn,
|
|
56
68
|
};
|
|
57
69
|
return {
|
|
58
70
|
deps: wrapped,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"security-scan-engine.js","sourceRoot":"","sources":["../src/security-scan-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,GAGlB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,oBAAoB,EACpB,0BAA0B,GAG3B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAiDjD,8EAA8E;AAC9E,uEAAuE;AACvE,8EAA8E;AAE9E,MAAM,gBAAgB,GAAyB,IAAI,GAAG,EAAE,CAAC;AAEzD,MAAM,UAAU,eAAe,CAAC,OAAgB;IAC9C,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,OAAO,CAAC,GAAG,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;AACxC,CAAC;
|
|
1
|
+
{"version":3,"file":"security-scan-engine.js","sourceRoot":"","sources":["../src/security-scan-engine.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAC/C,OAAO,EACL,0BAA0B,EAC1B,iBAAiB,GAGlB,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,oBAAoB,EACpB,0BAA0B,GAG3B,MAAM,iCAAiC,CAAC;AACzC,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AAiDjD,8EAA8E;AAC9E,uEAAuE;AACvE,8EAA8E;AAE9E,MAAM,gBAAgB,GAAyB,IAAI,GAAG,EAAE,CAAC;AAEzD,MAAM,UAAU,eAAe,CAAC,OAAgB;IAC9C,gBAAgB,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;AAClD,CAAC;AAED,MAAM,UAAU,qBAAqB;IACnC,OAAO,CAAC,GAAG,gBAAgB,CAAC,MAAM,EAAE,CAAC,CAAC;AACxC,CAAC;AAoFD,SAAS,YAAY,CACnB,EAAuC,EACvC,SAAqC;IAErC,IAAI,MAAM,GAA4B,IAAI,CAAC;IAC3C,OAAO,CAAC,KAAa,EAAE,EAAE;QACvB,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,GAAG,EAAE,CAAC,KAAK,CAAC,CAAC,IAAI,CACrB,CAAC,MAAM,EAAE,EAAE;gBACT,SAAS,EAAE,CAAC,MAAM,CAAC,CAAC;gBACpB,OAAO,MAAM,CAAC;YAChB,CAAC,EACD,CAAC,GAAG,EAAE,EAAE;gBACN,MAAM,GAAG,IAAI,CAAC;gBACd,MAAM,GAAG,CAAC;YACZ,CAAC,CACF,CAAC;QACJ,CAAC;QACD,OAAO,MAAM,CAAC;IAChB,CAAC,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,wBAAwB,CACtC,KAAiC;IAEjC,IAAI,CAAC,KAAK;QAAE,OAAO,SAAS,CAAC;IAC7B,IAAI,eAAe,GAAkB,IAAI,CAAC;IAC1C,MAAM,OAAO,GAAG,YAAY,CAC1B,CAAC,KAAoD,EAAE,EAAE,CACvD,KAAK,CAAC,8BAA8B,CAAC,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,cAAc,CAAC,EAC7E,CAAC,MAAM,EAAE,EAAE;QACT,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC;IACnC,CAAC,CACF,CAAC;IACF,MAAM,QAAQ,GAAG,YAAY,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;IACtD,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;IACxD,MAAM,UAAU,GAAG,YAAY,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;IACtD,MAAM,OAAO,GAAmB;QAC9B,GAAG,KAAK;QACR,8BAA8B,EAAE,CAAC,SAAS,EAAE,cAAc,EAAE,EAAE,CAC5D,OAAO,CAAC,EAAE,SAAS,EAAE,cAAc,EAAE,CAAC;QACxC,gBAAgB,EAAE,QAAQ;QAC1B,eAAe,EAAE,WAAW;QAC5B,cAAc,EAAE,UAAU;KAC3B,CAAC;IACF,OAAO;QACL,IAAI,EAAE,OAAO;QACb,WAAW,EAAE,GAAG,EAAE,CAAC,eAAe;KACnC,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,MAAkB,EAClB,OAA8B,EAC9B,IAAsB;IAEtB,uEAAuE;IACvE,yEAAyE;IACzE,oEAAoE;IACpE,8CAA8C;IAC9C,IAAI,OAAO,KAAK,QAAQ,EAAE,CAAC;QACzB,IAAI,CAAC,eAAe,EAAE,CAAC;IACzB,CAAC;IAED,0EAA0E;IAC1E,0EAA0E;IAC1E,0EAA0E;IAC1E,uEAAuE;IACvE,wCAAwC;IACxC,MAAM,oBAAoB,GAAG,wBAAwB,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3E,IAAI,aAAa,GAAG,CAAC,CAAC;IAEtB,MAAM,eAAe,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEnG,kEAAkE;IAClE,iEAAiE;IACjE,8CAA8C;IAC9C,MAAM,eAAe,GAAG,IAAI,GAAG,EAAuB,CAAC;IACvD,KAAK,MAAM,OAAO,IAAI,eAAe,EAAE,CAAC;QACtC,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC;gBAChC,MAAM;gBACN,QAAQ,EAAE,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,SAAS,CAAC;aAC5C,CAAC,CAAC;YAEH,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;YACnC,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACtC,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,aAAa,CACrC,MAAM,CAAC,SAAS,EAChB,MAAM,CAAC,cAAc,EACrB,OAAO,CACR,CAAC;gBACF,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;gBAEjC,4BAA4B;gBAC5B,mCAAmC;gBACnC,iEAAiE;gBACjE,8CAA8C;gBAC9C,MAAM,eAAe,GACnB,MAAM,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,MAAM,IAAI,MAAM,CAAC,iBAAiB,KAAK,IAAI,CAAC,CAAC;gBACnF,IAAI,oBAAoB,IAAI,eAAe,EAAE,CAAC;oBAC5C,IAAI,CAAC;wBACH,MAAM,YAAY,GAAwB;4BACxC,EAAE,EAAE,MAAM,CAAC,SAAS;4BACpB,cAAc,EAAE,MAAM,CAAC,cAAc;4BACrC,SAAS,EAAE,MAAM,CAAC,SAAS;4BAC3B,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;4BAC9B,OAAO,EAAE,OAAO,CAAC,OAAO;4BACxB,MAAM,EAAE,MAAM,CAAC,MAAM;4BACrB,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;yBAC5C,CAAC;wBACF,MAAM,YAAY,GAAG,MAAM,iBAAiB,CAAC,YAAY,EAAE,EAAE,EAAE,oBAAoB,CAAC,IAAI,CAAC,CAAC;wBAC1F,IAAI,YAAY,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;4BACvC,aAAa,EAAE,CAAC;wBAClB,CAAC;oBACH,CAAC;oBAAC,OAAO,GAAG,EAAE,CAAC;wBACb,OAAO,CAAC,IAAI,CACV,sCAAsC,OAAO,CAAC,UAAU,GAAG,EAC1D,GAAa,CAAC,OAAO,CACvB,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;YACD,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAClD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CACV,kCAAkC,OAAO,CAAC,QAAQ,UAAU,EAC3D,GAAa,CAAC,OAAO,CACvB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,+DAA+D;IAC/D,iEAAiE;IACjE,sDAAsD;IACtD,IAAI,IAAI,CAAC,cAAc,IAAI,eAAe,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,YAAY,GAAwB,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,OAAO,EAAE,CAAC,CAAC,GAAG,CACjF,CAAC,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,QAAQ,EAAE,WAAW,EAAE,CAAC,CACzD,CAAC;YACF,MAAM,oBAAoB,CAAC,MAAM,CAAC,SAAS,EAAE,YAAY,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC;QAClF,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CAAC,iDAAiD,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;QAC1F,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,6EAA6E;IAC7E,4EAA4E;IAC5E,4BAA4B;IAC5B,IAAI,oBAAoB,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;QAC9C,MAAM,OAAO,GAAG,oBAAoB,CAAC,WAAW,EAAE,CAAC;QACnD,IAAI,OAAO,IAAI,IAAI,CAAC,cAAc,EAAE,oCAAoC,EAAE,CAAC;YACzE,IAAI,CAAC;gBACH,MAAM,IAAI,CAAC,cAAc,CAAC,oCAAoC,CAAC,OAAO,EAAE,aAAa,CAAC,CAAC;YACzF,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,OAAO,CAAC,IAAI,CACV,qEAAqE,EACpE,GAAa,CAAC,OAAO,CACvB,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,kDAAkD;IAClD,IAAI,CAAC;QACH,MAAM,IAAI,CAAC,mBAAmB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC5C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,IAAI,CAAC,oDAAoD,EAAG,GAAa,CAAC,OAAO,CAAC,CAAC;IAC7F,CAAC;IAED,IAAI,OAAO,KAAK,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,CAAC,qBAAqB,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;IAC9C,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,2DAA2D;AAC3D,8EAA8E;AAE9E,qEAAqE;AACrE,0EAA0E;AAC1E,kEAAkE;AAClE,kEAAkE;AAClE,+CAA+C;AAC/C,MAAM,eAAe,GAAG,IAAI,GAAG,EAAU,CAAC;AAE1C,MAAM,CAAC,KAAK,UAAU,mBAAmB,CACvC,IAAsB,EACtB,OAA8B,EAAE;IAEhC,MAAM,OAAO,GAAG,MAAM,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACnD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,CAAC,MAAM,CAAC,OAAO;YAAE,SAAS;QAC9B,IAAI,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YAAE,SAAS;QAC7C,MAAM,OAAO,GAA0B,MAAM,CAAC,oBAAoB,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,UAAU,CAAC;QAC3F,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QAC/B,IAAI,CAAC;YACH,MAAM,gBAAgB,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;QAChD,CAAC;QAAC,MAAM,CAAC;YACP,+DAA+D;YAC/D,kDAAkD;QACpD,CAAC;gBAAS,CAAC;YACT,eAAe,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,iDAAiD;AACjD,8EAA8E;AAE9E,MAAM,UAAU,4BAA4B,CAAC,MAAoB;IAC/D,MAAM,UAAU,GAAG,CAAC,SAAiB,EAAU,EAAE;QAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;QAChE,IAAI,CAAC,OAAO;YAAE,OAAO,MAAM,CAAC,QAAQ,CAAC;QACrC,OAAO,gBAAgB,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC;IACpD,CAAC,CAAC;IAEF,OAAO;QACL,iBAAiB,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE;YAChC,MAAM,GAAG,GAAG,MAAM,OAAO,CACvB,sCAAsC,EACtC,IAAI,EAAE,UAAU,CAAC,CAAC,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAC7C,CAAC;YACF,OAAO,GAAG,CAAC,KAAK,IAAI,EAAE,CAAC;QACzB,CAAC;QACD,aAAa,EAAE,KAAK,EAAE,SAAS,EAAE,cAAc,EAAE,OAAO,EAAE,EAAE;YAC1D,MAAM,GAAG,GAAG,MAAM,OAAO,CAAsB,gCAAgC,EAAE;gBAC/E,SAAS;gBACT,cAAc;gBACd,GAAG,OAAO;aACX,CAAC,CAAC;YACH,OAAO,GAAG,CAAC;QACb,CAAC;QACD,mBAAmB,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE;YACtC,MAAM,OAAO,CAAC,oCAAoC,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QACpE,CAAC;QACD,qBAAqB,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE;YACxC,MAAM,OAAO,CAAC,kCAAkC,EAAE,EAAE,QAAQ,EAAE,CAAC,CAAC;QAClE,CAAC;QACD,UAAU;QACV,eAAe,EAAE,GAAG,EAAE;YACpB,aAAa,EAAE,CAAC;YAChB,cAAc,EAAE,CAAC;QACnB,CAAC;QACD,QAAQ,EAAE,qBAAqB,EAAE;QACjC,cAAc,EAAE,0BAA0B,EAAE;QAC5C,cAAc,EAAE,0BAA0B,EAAE;KAC7C,CAAC;AACJ,CAAC"}
|