@trailofbits/vsix-audit 0.1.0

package/dist/scanner/checks/ast.js

@@ -0,0 +1,469 @@
+import { parseSync, Visitor } from "oxc-parser";
+import { detectBundler, hasGenuineObfuscation } from "../bundler.js";
+import { isScannable, SCANNABLE_EXTENSIONS_PATTERN } from "../constants.js";
+/**
+ * Pre-compute line start positions for fast line/column lookup from byte offsets.
+ */
+function computeLineStarts(content) {
+    const lineStarts = [0];
+    for (let i = 0; i < content.length; i++) {
+        if (content[i] === "\n") {
+            lineStarts.push(i + 1);
+        }
+    }
+    return lineStarts;
+}
+/**
+ * Convert byte offset to line number (1-indexed).
+ */
+function offsetToLine(offset, lineStarts) {
+    let low = 0;
+    let high = lineStarts.length - 1;
+    while (low < high) {
+        const mid = Math.ceil((low + high) / 2);
+        const midStart = lineStarts[mid];
+        if (midStart !== undefined && midStart <= offset) {
+            low = mid;
+        }
+        else {
+            high = mid - 1;
+        }
+    }
+    return low + 1;
+}
+/**
+ * Convert byte offset to column number (0-indexed).
+ */
+function offsetToColumn(offset, lineStarts) {
+    const line = offsetToLine(offset, lineStarts);
+    const lineStart = lineStarts[line - 1] ?? 0;
+    return offset - lineStart;
+}
+/**
+ * Get code snippet around a node's location.
+ */
+function getCodeSnippet(content, start, end, lineStarts, maxLen = 100) {
+    const lineNum = offsetToLine(start, lineStarts);
+    const lines = content.split("\n");
+    const line = lines[lineNum - 1];
+    if (!line)
+        return "(no line)";
+    const lineStart = lineStarts[lineNum - 1] ?? 0;
+    const colStart = start - lineStart;
+    const colEnd = end - lineStart;
+    const snippetStart = Math.max(0, colStart - 10);
+    const snippetEnd = Math.min(line.length, colEnd + 30);
+    let snippet = line.slice(snippetStart, snippetEnd);
+    if (snippetStart > 0)
+        snippet = "..." + snippet;
+    if (snippetEnd < line.length)
+        snippet = snippet + "...";
+    return snippet.slice(0, maxLen);
+}
+/**
+ * Check if a node is an Identifier with a specific name.
+ */
+function isIdentifier(node, name) {
+    if (!node || node.type !== "Identifier")
+        return false;
+    if (name !== undefined) {
+        return node.name === name;
+    }
+    return true;
+}
+/**
+ * Get the name of an identifier node.
+ */
+function getIdentifierName(node) {
+    if (node.type === "Identifier") {
+        return node.name;
+    }
+    return null;
+}
+/**
+ * Check if a node is a call to a specific function name.
+ */
+function isCallTo(node, name) {
+    if (node.type !== "CallExpression")
+        return false;
+    const names = Array.isArray(name) ? name : [name];
+    const callee = node.callee;
+    // Direct call: eval()
+    if (isIdentifier(callee)) {
+        const calleeName = getIdentifierName(callee);
+        if (calleeName && names.includes(calleeName)) {
+            return true;
+        }
+    }
+    // Member call: require("child_process").exec()
+    if (callee.type === "MemberExpression") {
+        const memberExpr = callee;
+        if (isIdentifier(memberExpr.property)) {
+            const propName = getIdentifierName(memberExpr.property);
+            if (propName && names.includes(propName)) {
+                return true;
+            }
+        }
+    }
+    return false;
+}
+/**
+ * Check if node is a new expression with specific constructor.
+ */
+function isNewExpression(node, name) {
+    if (node.type !== "NewExpression")
+        return false;
+    const newExpr = node;
+    return isIdentifier(newExpr.callee, name);
+}
+/**
+ * Check if argument is a literal (string, number, boolean, template).
+ * OXC uses "Literal" type for all primitive literals (ESTree spec).
+ */
+function isLiteral(node) {
+    if (!node)
+        return false;
+    const type = node.type;
+    // OXC uses "Literal" for string/number/boolean/null/regex/bigint
+    // TemplateLiteral keeps its own type
+    return type === "Literal" || type === "TemplateLiteral";
+}
+/**
+ * Check if content has obfuscation indicators.
+ */
+function hasObfuscationIndicators(content) {
+    const indicators = [
+        /_0x[a-f0-9]{4,}/i, // Hex variable names
+        /\\x[a-f0-9]{2}(?:\\x[a-f0-9]{2}){5,}/i, // Many hex escapes
+        /atob\s*\([^)]+\)/i, // Base64 decode
+        /String\.fromCharCode\s*\([^)]*,/i, // Char code construction
+    ];
+    return indicators.some((pattern) => pattern.test(content));
+}
+const AST_PATTERNS = [
+    {
+        id: "AST_EVAL_DYNAMIC",
+        title: "eval() with dynamic argument",
+        description: "eval() is called with a non-literal argument (variable or expression). This executes arbitrary code at runtime, making static analysis impossible.",
+        severity: "high",
+        detect: (node, context) => {
+            // Skip in bundled code - bundlers use eval for CSS-in-JS, source maps,
+            // hot module replacement, WASM initialization, etc.
+            if (context.isBundled && !context.hasObfuscationIndicators)
+                return null;
+            if (!isCallTo(node, "eval"))
+                return null;
+            const arg = node.arguments[0];
+            if (!arg || isLiteral(arg))
+                return null;
+            const span = node;
+            return {
+                start: span.start,
+                end: span.end,
+                codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                additionalInfo: context.hasObfuscationIndicators
+                    ? "Combined with obfuscation indicators"
+                    : null,
+            };
+        },
+        legitimateUses: ["REPL implementations", "Dynamic expression evaluators"],
+        redFlags: ["Argument is decoded/decrypted value", "Combined with obfuscation"],
+    },
+    {
+        id: "AST_FUNCTION_CONSTRUCTOR",
+        title: "Function() constructor creates code from string",
+        description: "new Function() creates executable code from strings, similar to eval(). This can execute arbitrary code and bypass static analysis.",
+        severity: "high",
+        detect: (node, context) => {
+            if (!isNewExpression(node, "Function"))
+                return null;
+            // Skip in bundled code - webpack/rollup use Function() for module loading
+            if (context.isBundled && !context.hasObfuscationIndicators)
+                return null;
+            // Check if any argument is non-literal
+            const hasDynamicArg = node.arguments.some((arg) => !isLiteral(arg));
+            const span = node;
+            return {
+                start: span.start,
+                end: span.end,
+                codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                additionalInfo: hasDynamicArg ? "Uses dynamic (non-literal) argument" : null,
+            };
+        },
+        legitimateUses: ["Template compilation", "Code generators", "Bundlers"],
+        redFlags: ["Dynamic arguments", "Combined with decode functions"],
+    },
+    {
+        id: "AST_DYNAMIC_REQUIRE",
+        title: "require() with dynamic argument",
+        description: "require() is called with a variable or expression instead of a string literal. This can load arbitrary modules at runtime.",
+        severity: "medium",
+        detect: (node, context) => {
+            // Skip in bundled code - __webpack_require__ uses dynamic requires
+            if (context.isBundled)
+                return null;
+            if (node.type !== "CallExpression")
+                return null;
+            const callExpr = node;
+            if (!isIdentifier(callExpr.callee, "require")) {
+                return null;
+            }
+            const arg = callExpr.arguments[0];
+            if (!arg || isLiteral(arg))
+                return null;
+            const span = node;
+            return {
+                start: span.start,
+                end: span.end,
+                codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                additionalInfo: null,
+            };
+        },
+        legitimateUses: ["Plugin systems", "Dynamic module loading", "Bundlers"],
+        redFlags: ["Module name from network", "Combined with obfuscation"],
+    },
+    {
+        id: "AST_DYNAMIC_IMPORT",
+        title: "Dynamic import() with non-literal source",
+        description: "import() is called with a variable or expression. This can load arbitrary modules at runtime.",
+        severity: "medium",
+        detect: (node, context) => {
+            // OXC uses ImportExpression for dynamic imports
+            if (node.type !== "ImportExpression")
+                return null;
+            const importExpr = node;
+            const source = importExpr.source;
+            if (isLiteral(source))
+                return null;
+            const span = node;
+            return {
+                start: span.start,
+                end: span.end,
+                codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                additionalInfo: null,
+            };
+        },
+        legitimateUses: ["Lazy loading", "Code splitting"],
+        redFlags: ["Module URL from network", "User-controlled path"],
+    },
+    {
+        id: "AST_INDIRECT_CALL",
+        title: "Indirect function call via computed property",
+        description: "Function is called using computed property access like obj[var](). This can hide which function is being called.",
+        severity: "low",
+        detect: (node, context) => {
+            // Skip in bundled code - this is extremely common in bundled code
+            if (context.isBundled)
+                return null;
+            if (node.type !== "CallExpression")
+                return null;
+            const callExpr = node;
+            if (callExpr.callee.type !== "MemberExpression")
+                return null;
+            const memberExpr = callExpr.callee;
+            if (!memberExpr.computed)
+                return null;
+            // Skip if property is a literal
+            if (isLiteral(memberExpr.property))
+                return null;
+            // Only flag in obfuscated contexts
+            if (!context.hasObfuscationIndicators)
+                return null;
+            const span = node;
+            return {
+                start: span.start,
+                end: span.end,
+                codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                additionalInfo: "Appears in obfuscated code context",
+            };
+        },
+        redFlags: ["Property name is computed/decoded"],
+    },
+    {
+        id: "AST_PROCESS_BINDING",
+        title: "Access to process internal bindings",
+        description: "Code accesses process.binding() or process._linkedBinding() which provide access to Node.js internals and can bypass security restrictions.",
+        severity: "high",
+        detect: (node, context) => {
+            if (!isCallTo(node, ["binding", "_linkedBinding"]))
+                return null;
+            // Check if it's on process object
+            const callExpr = node;
+            if (callExpr.callee.type !== "MemberExpression")
+                return null;
+            const memberExpr = callExpr.callee;
+            if (!isIdentifier(memberExpr.object, "process"))
+                return null;
+            const span = node;
+            return {
+                start: span.start,
+                end: span.end,
+                codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                additionalInfo: null,
+            };
+        },
+        redFlags: ["Access to internal modules", "Bypass security checks"],
+    },
+    {
+        id: "AST_GLOBAL_THIS_EVAL",
+        title: "eval accessed via globalThis/window/global",
+        description: "Code accesses eval through global object property access, which can evade simple eval detection.",
+        severity: "high",
+        detect: (node, context) => {
+            if (node.type !== "MemberExpression")
+                return null;
+            const memberExpr = node;
+            const obj = memberExpr.object;
+            if (!isIdentifier(obj))
+                return null;
+            const objName = getIdentifierName(obj);
+            if (!objName || !["globalThis", "window", "global", "self"].includes(objName)) {
+                return null;
+            }
+            const prop = memberExpr.property;
+            if (isIdentifier(prop, "eval")) {
+                const span = node;
+                return {
+                    start: span.start,
+                    end: span.end,
+                    codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                    additionalInfo: null,
+                };
+            }
+            // Check string literal property: globalThis["eval"]
+            // OXC uses "Literal" type for string literals (ESTree spec)
+            if (prop.type === "Literal") {
+                const strLiteral = prop;
+                if (strLiteral.value === "eval") {
+                    const span = node;
+                    return {
+                        start: span.start,
+                        end: span.end,
+                        codeSnippet: getCodeSnippet(context.content, span.start, span.end, context.lineStarts),
+                        additionalInfo: null,
+                    };
+                }
+            }
+            return null;
+        },
+        redFlags: ["Evasion of eval detection"],
+    },
+];
+/**
+ * Parse and analyze a JavaScript/TypeScript file for suspicious patterns.
+ */
+function analyzeFile(filename, content) {
+    const findings = [];
+    // Determine lang from extension
+    const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
+    const langMap = {
+        ".js": "js",
+        ".mjs": "js",
+        ".cjs": "js",
+        ".jsx": "jsx",
+        ".ts": "ts",
+        ".tsx": "tsx",
+    };
+    const lang = langMap[ext] || "tsx"; // Default to tsx for maximum compatibility
+    // Try to parse the file
+    let result;
+    try {
+        result = parseSync(filename, content, {
+            lang,
+            sourceType: "unambiguous",
+        });
+    }
+    catch {
+        // If parsing fails, skip this file
+        return findings;
+    }
+    // If there are errors, skip this file (error recovery mode)
+    if (result.errors.length > 0) {
+        return findings;
+    }
+    const bundlerInfo = detectBundler(content, filename);
+    const lineStarts = computeLineStarts(content);
+    const context = {
+        filename,
+        content,
+        hasObfuscationIndicators: hasObfuscationIndicators(content) || hasGenuineObfuscation(content),
+        isBundled: bundlerInfo.isBundled,
+        lineStarts,
+    };
+    const seenFindings = new Set();
+    const addFinding = (pattern, match) => {
+        const line = offsetToLine(match.start, lineStarts);
+        const key = `${pattern.id}:${filename}:${line}`;
+        if (seenFindings.has(key))
+            return;
+        seenFindings.add(key);
+        const finding = {
+            id: pattern.id,
+            title: pattern.title,
+            description: pattern.description,
+            severity: pattern.severity,
+            category: "ast",
+            location: {
+                file: filename,
+                line,
+                column: offsetToColumn(match.start, lineStarts),
+            },
+            metadata: {
+                codeSnippet: match.codeSnippet,
+                ...(pattern.legitimateUses && {
+                    legitimateUses: pattern.legitimateUses,
+                }),
+                ...(pattern.redFlags && { redFlags: pattern.redFlags }),
+            },
+        };
+        if (match.additionalInfo) {
+            finding.metadata["additionalInfo"] = match.additionalInfo;
+        }
+        findings.push(finding);
+    };
+    // Process patterns for each node type using typed visitors
+    const processNode = (node) => {
+        for (const pattern of AST_PATTERNS) {
+            const match = pattern.detect(node, context);
+            if (match)
+                addFinding(pattern, match);
+        }
+    };
+    const visitor = new Visitor({
+        CallExpression(node) {
+            processNode(node);
+        },
+        NewExpression(node) {
+            processNode(node);
+        },
+        MemberExpression(node) {
+            processNode(node);
+        },
+        ImportExpression(node) {
+            processNode(node);
+        },
+    });
+    visitor.visit(result.program);
+    return findings;
+}
+export function checkAST(contents) {
+    const findings = [];
+    for (const [filename, buffer] of contents.files) {
+        // Skip vendor/third-party code - extension authors don't control this code
+        // and popular packages like protobufjs, @babel/*, pino legitimately use eval/Function
+        if (filename.includes("node_modules/") || filename.includes("vendor/")) {
+            continue;
+        }
+        // Only analyze JS/TS files
+        if (!isScannable(filename, SCANNABLE_EXTENSIONS_PATTERN))
+            continue;
+        // Skip non-JS/TS files that might be in the scannable set (like .sh, .ps1)
+        const ext = filename.slice(filename.lastIndexOf(".")).toLowerCase();
+        if (![".js", ".ts", ".mjs", ".cjs", ".jsx", ".tsx"].includes(ext))
+            continue;
+        const content = buffer.toString("utf8");
+        findings.push(...analyzeFile(filename, content));
+    }
+    return findings;
+}
+//# sourceMappingURL=ast.js.map

package/dist/scanner/checks/ast.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"ast.js","sourceRoot":"","sources":["../../../src/scanner/checks/ast.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,YAAY,CAAC;AAUhD,OAAO,EAAE,aAAa,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,4BAA4B,EAAE,MAAM,iBAAiB,CAAC;AA4B5E;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAAe;IACxC,MAAM,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC;IACvB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACxC,IAAI,OAAO,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YACxB,UAAU,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACzB,CAAC;IACH,CAAC;IACD,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,MAAc,EAAE,UAAoB;IACxD,IAAI,GAAG,GAAG,CAAC,CAAC;IACZ,IAAI,IAAI,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACjC,OAAO,GAAG,GAAG,IAAI,EAAE,CAAC;QAClB,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,QAAQ,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QACjC,IAAI,QAAQ,KAAK,SAAS,IAAI,QAAQ,IAAI,MAAM,EAAE,CAAC;YACjD,GAAG,GAAG,GAAG,CAAC;QACZ,CAAC;aAAM,CAAC;YACN,IAAI,GAAG,GAAG,GAAG,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IACD,OAAO,GAAG,GAAG,CAAC,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CAAC,MAAc,EAAE,UAAoB;IAC1D,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IAC9C,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IAC5C,OAAO,MAAM,GAAG,SAAS,CAAC;AAC5B,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CACrB,OAAe,EACf,KAAa,EACb,GAAW,EACX,UAAoB,EACpB,MAAM,GAAG,GAAG;IAEZ,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,CAAC;IAChC,IAAI,CAAC,IAAI;QAAE,OAAO,WAAW,CAAC;IAE9B,MAAM,SAAS,GAAG,UAAU,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,KAAK,GAAG,SAAS,CAAC;IACnC,MAAM,MAAM,GAAG,GAAG,GAAG,SAAS,CAAC;IAE/B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,QAAQ,GAAG,EAAE,CAAC,CAAC;IAChD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;IACtD,IAAI,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;IAEnD,IAAI,YAAY,GAAG,CAAC;QAAE,OAAO,GAAG,KAAK,GAAG,OAAO,CAAC;IAChD,IAAI,UAAU,GAAG,IAAI,CAAC,MAAM;QAAE,OAAO,GAAG,OAAO,GAAG,KAAK,CAAC;IAExD,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;AAClC,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,IAAsB,EAAE,IAAa;IACzD,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY;QAAE,OAAO,KAAK,CAAC;IACtD,IAAI,IAAI,KAAK,SAAS,EAAE,CAAC;QACvB,OAAQ,IAAyB,CAAC,IAAI,KAAK,IAAI,CAAC;IAClD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,IAAU;IACnC,IAAI,IAAI,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;QAC/B,OAAQ,IAAyB,CAAC,IAAI,CAAC;IACzC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,IAAU,EAAE,IAAuB;IACnD,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;QAAE,OAAO,KAAK,CAAC;IAEjD,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IAClD,MAAM,MAAM,GAAI,IAAuB,CAAC,MAAM,CAAC;IAE/C,sBAAsB;IACtB,IAAI,YAAY,CAAC,MAAM,CAAC,EAAE,CAAC;QACzB,MAAM,UAAU,GAAG,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAC7C,IAAI,UAAU,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YAC7C,OAAO,IAAI,CAAC;QACd,CAAC;IACH,CAAC;IAED,+CAA+C;IAC/C,IAAI,MAAM,CAAC,IAAI,KAAK,kBAAkB,EAAE,CAAC;QACvC,MAAM,UAAU,GAAG,MAA0B,CAAC;QAC9C,IAAI,YAAY,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YACtC,MAAM,QAAQ,GAAG,iBAAiB,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;YACxD,IAAI,QAAQ,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACzC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,IAAU,EAAE,IAAY;IAC/C,IAAI,IAAI,CAAC,IAAI,KAAK,eAAe;QAAE,OAAO,KAAK,CAAC;IAChD,MAAM,OAAO,GAAG,IAAqB,CAAC;IACtC,OAAO,YAAY,CAAC,OAAO,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;AAC5C,CAAC;AAED;;;GAGG;AACH,SAAS,SAAS,CAAC,IAAiC;IAClD,IAAI,CAAC,IAAI;QAAE,OAAO,KAAK,CAAC;IACxB,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;IACvB,iEAAiE;IACjE,qCAAqC;IACrC,OAAO,IAAI,KAAK,SAAS,IAAI,IAAI,KAAK,iBAAiB,CAAC;AAC1D,CAAC;AAED;;GAEG;AACH,SAAS,wBAAwB,CAAC,OAAe;IAC/C,MAAM,UAAU,GAAG;QACjB,kBAAkB,EAAE,qBAAqB;QACzC,uCAAuC,EAAE,mBAAmB;QAC5D,mBAAmB,EAAE,gBAAgB;QACrC,kCAAkC,EAAE,yBAAyB;KAC9D,CAAC;IAEF,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED,MAAM,YAAY,GAAiB;IACjC;QACE,EAAE,EAAE,kBAAkB;QACtB,KAAK,EAAE,8BAA8B;QACrC,WAAW,EACT,oJAAoJ;QACtJ,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,uEAAuE;YACvE,oDAAoD;YACpD,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,wBAAwB;gBAAE,OAAO,IAAI,CAAC;YAExE,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;gBAAE,OAAO,IAAI,CAAC;YAEzC,MAAM,GAAG,GAAI,IAAuB,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YAClD,IAAI,CAAC,GAAG,IAAI,SAAS,CAAC,GAAG,CAAC;gBAAE,OAAO,IAAI,CAAC;YAExC,MAAM,IAAI,GAAG,IAAY,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;gBACtF,cAAc,EAAE,OAAO,CAAC,wBAAwB;oBAC9C,CAAC,CAAC,sCAAsC;oBACxC,CAAC,CAAC,IAAI;aACT,CAAC;QACJ,CAAC;QACD,cAAc,EAAE,CAAC,sBAAsB,EAAE,+BAA+B,CAAC;QACzE,QAAQ,EAAE,CAAC,qCAAqC,EAAE,2BAA2B,CAAC;KAC/E;IACD;QACE,EAAE,EAAE,0BAA0B;QAC9B,KAAK,EAAE,iDAAiD;QACxD,WAAW,EACT,qIAAqI;QACvI,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,IAAI,CAAC,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC;gBAAE,OAAO,IAAI,CAAC;YAEpD,0EAA0E;YAC1E,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,wBAAwB;gBAAE,OAAO,IAAI,CAAC;YAExE,uCAAuC;YACvC,MAAM,aAAa,GAAI,IAAsB,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;YAEvF,MAAM,IAAI,GAAG,IAAY,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;gBACtF,cAAc,EAAE,aAAa,CAAC,CAAC,CAAC,qCAAqC,CAAC,CAAC,CAAC,IAAI;aAC7E,CAAC;QACJ,CAAC;QACD,cAAc,EAAE,CAAC,sBAAsB,EAAE,iBAAiB,EAAE,UAAU,CAAC;QACvE,QAAQ,EAAE,CAAC,mBAAmB,EAAE,gCAAgC,CAAC;KAClE;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,KAAK,EAAE,iCAAiC;QACxC,WAAW,EACT,4HAA4H;QAC9H,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,mEAAmE;YACnE,IAAI,OAAO,CAAC,SAAS;gBAAE,OAAO,IAAI,CAAC;YAEnC,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;gBAAE,OAAO,IAAI,CAAC;YAChD,MAAM,QAAQ,GAAG,IAAsB,CAAC;YACxC,IAAI,CAAC,YAAY,CAAC,QAAQ,CAAC,MAAM,EAAE,SAAS,CAAC,EAAE,CAAC;gBAC9C,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,GAAG,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC;YAClC,IAAI,CAAC,GAAG,IAAI,SAAS,CAAC,GAAG,CAAC;gBAAE,OAAO,IAAI,CAAC;YAExC,MAAM,IAAI,GAAG,IAAY,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;gBACtF,cAAc,EAAE,IAAI;aACrB,CAAC;QACJ,CAAC;QACD,cAAc,EAAE,CAAC,gBAAgB,EAAE,wBAAwB,EAAE,UAAU,CAAC;QACxE,QAAQ,EAAE,CAAC,0BAA0B,EAAE,2BAA2B,CAAC;KACpE;IACD;QACE,EAAE,EAAE,oBAAoB;QACxB,KAAK,EAAE,0CAA0C;QACjD,WAAW,EACT,+FAA+F;QACjG,QAAQ,EAAE,QAAQ;QAClB,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,gDAAgD;YAChD,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB;gBAAE,OAAO,IAAI,CAAC;YAElD,MAAM,UAAU,GAAG,IAAwB,CAAC;YAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;YACjC,IAAI,SAAS,CAAC,MAAkB,CAAC;gBAAE,OAAO,IAAI,CAAC;YAE/C,MAAM,IAAI,GAAG,IAAY,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;gBACtF,cAAc,EAAE,IAAI;aACrB,CAAC;QACJ,CAAC;QACD,cAAc,EAAE,CAAC,cAAc,EAAE,gBAAgB,CAAC;QAClD,QAAQ,EAAE,CAAC,yBAAyB,EAAE,sBAAsB,CAAC;KAC9D;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,KAAK,EAAE,8CAA8C;QACrD,WAAW,EACT,kHAAkH;QACpH,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,kEAAkE;YAClE,IAAI,OAAO,CAAC,SAAS;gBAAE,OAAO,IAAI,CAAC;YAEnC,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;gBAAE,OAAO,IAAI,CAAC;YAChD,MAAM,QAAQ,GAAG,IAAsB,CAAC;YACxC,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBAAE,OAAO,IAAI,CAAC;YAE7D,MAAM,UAAU,GAAG,QAAQ,CAAC,MAA0B,CAAC;YACvD,IAAI,CAAC,UAAU,CAAC,QAAQ;gBAAE,OAAO,IAAI,CAAC;YAEtC,gCAAgC;YAChC,IAAI,SAAS,CAAC,UAAU,CAAC,QAAoB,CAAC;gBAAE,OAAO,IAAI,CAAC;YAE5D,mCAAmC;YACnC,IAAI,CAAC,OAAO,CAAC,wBAAwB;gBAAE,OAAO,IAAI,CAAC;YAEnD,MAAM,IAAI,GAAG,IAAY,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;gBACtF,cAAc,EAAE,oCAAoC;aACrD,CAAC;QACJ,CAAC;QACD,QAAQ,EAAE,CAAC,mCAAmC,CAAC;KAChD;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,KAAK,EAAE,qCAAqC;QAC5C,WAAW,EACT,6IAA6I;QAC/I,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,SAAS,EAAE,gBAAgB,CAAC,CAAC;gBAAE,OAAO,IAAI,CAAC;YAEhE,kCAAkC;YAClC,MAAM,QAAQ,GAAG,IAAsB,CAAC;YACxC,IAAI,QAAQ,CAAC,MAAM,CAAC,IAAI,KAAK,kBAAkB;gBAAE,OAAO,IAAI,CAAC;YAE7D,MAAM,UAAU,GAAG,QAAQ,CAAC,MAA0B,CAAC;YACvD,IAAI,CAAC,YAAY,CAAC,UAAU,CAAC,MAAM,EAAE,SAAS,CAAC;gBAAE,OAAO,IAAI,CAAC;YAE7D,MAAM,IAAI,GAAG,IAAY,CAAC;YAC1B,OAAO;gBACL,KAAK,EAAE,IAAI,CAAC,KAAK;gBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;gBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;gBACtF,cAAc,EAAE,IAAI;aACrB,CAAC;QACJ,CAAC;QACD,QAAQ,EAAE,CAAC,4BAA4B,EAAE,wBAAwB,CAAC;KACnE;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,KAAK,EAAE,4CAA4C;QACnD,WAAW,EACT,kGAAkG;QACpG,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE;YACxB,IAAI,IAAI,CAAC,IAAI,KAAK,kBAAkB;gBAAE,OAAO,IAAI,CAAC;YAElD,MAAM,UAAU,GAAG,IAAwB,CAAC;YAC5C,MAAM,GAAG,GAAG,UAAU,CAAC,MAAM,CAAC;YAC9B,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC;gBAAE,OAAO,IAAI,CAAC;YAEpC,MAAM,OAAO,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;YACvC,IAAI,CAAC,OAAO,IAAI,CAAC,CAAC,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9E,OAAO,IAAI,CAAC;YACd,CAAC;YAED,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC;YACjC,IAAI,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,EAAE,CAAC;gBAC/B,MAAM,IAAI,GAAG,IAAY,CAAC;gBAC1B,OAAO;oBACL,KAAK,EAAE,IAAI,CAAC,KAAK;oBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;oBACtF,cAAc,EAAE,IAAI;iBACrB,CAAC;YACJ,CAAC;YAED,oDAAoD;YACpD,4DAA4D;YAC5D,IAAI,IAAI,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;gBAC5B,MAAM,UAAU,GAAG,IAA0B,CAAC;gBAC9C,IAAI,UAAU,CAAC,KAAK,KAAK,MAAM,EAAE,CAAC;oBAChC,MAAM,IAAI,GAAG,IAAY,CAAC;oBAC1B,OAAO;wBACL,KAAK,EAAE,IAAI,CAAC,KAAK;wBACjB,GAAG,EAAE,IAAI,CAAC,GAAG;wBACb,WAAW,EAAE,cAAc,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC,KAAK,EAAE,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,UAAU,CAAC;wBACtF,cAAc,EAAE,IAAI;qBACrB,CAAC;gBACJ,CAAC;YACH,CAAC;YAED,OAAO,IAAI,CAAC;QACd,CAAC;QACD,QAAQ,EAAE,CAAC,2BAA2B,CAAC;KACxC;CACF,CAAC;AAEF;;GAEG;AACH,SAAS,WAAW,CAAC,QAAgB,EAAE,OAAe;IACpD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,gCAAgC;IAChC,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACpE,MAAM,OAAO,GAAgD;QAC3D,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,IAAI;QACZ,MAAM,EAAE,IAAI;QACZ,MAAM,EAAE,KAAK;QACb,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,KAAK;KACd,CAAC;IACF,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,CAAC,2CAA2C;IAE/E,wBAAwB;IACxB,IAAI,MAAM,CAAC;IACX,IAAI,CAAC;QACH,MAAM,GAAG,SAAS,CAAC,QAAQ,EAAE,OAAO,EAAE;YACpC,IAAI;YACJ,UAAU,EAAE,aAAa;SAC1B,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,mCAAmC;QACnC,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,4DAA4D;IAC5D,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACrD,MAAM,UAAU,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;IAE9C,MAAM,OAAO,GAAe;QAC1B,QAAQ;QACR,OAAO;QACP,wBAAwB,EAAE,wBAAwB,CAAC,OAAO,CAAC,IAAI,qBAAqB,CAAC,OAAO,CAAC;QAC7F,SAAS,EAAE,WAAW,CAAC,SAAS;QAChC,UAAU;KACX,CAAC;IAEF,MAAM,YAAY,GAAG,IAAI,GAAG,EAAU,CAAC;IAEvC,MAAM,UAAU,GAAG,CAAC,OAAmB,EAAE,KAAe,EAAE,EAAE;QAC1D,MAAM,IAAI,GAAG,YAAY,CAAC,KAAK,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;QACnD,MAAM,GAAG,GAAG,GAAG,OAAO,CAAC,EAAE,IAAI,QAAQ,IAAI,IAAI,EAAE,CAAC;QAChD,IAAI,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO;QAClC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QAEtB,MAAM,OAAO,GAAY;YACvB,EAAE,EAAE,OAAO,CAAC,EAAE;YACd,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,KAAK;YACf,QAAQ,EAAE;gBACR,IAAI,EAAE,QAAQ;gBACd,IAAI;gBACJ,MAAM,EAAE,cAAc,CAAC,KAAK,CAAC,KAAK,EAAE,UAAU,CAAC;aAChD;YACD,QAAQ,EAAE;gBACR,WAAW,EAAE,KAAK,CAAC,WAAW;gBAC9B,GAAG,CAAC,OAAO,CAAC,cAAc,IAAI;oBAC5B,cAAc,EAAE,OAAO,CAAC,cAAc;iBACvC,CAAC;gBACF,GAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,QAAQ,EAAE,OAAO,CAAC,QAAQ,EAAE,CAAC;aACxD;SACF,CAAC;QAEF,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;YACzB,OAAO,CAAC,QAAS,CAAC,gBAAgB,CAAC,GAAG,KAAK,CAAC,cAAc,CAAC;QAC7D,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC,CAAC;IAEF,2DAA2D;IAC3D,MAAM,WAAW,GAAG,CAAC,IAAU,EAAE,EAAE;QACjC,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;YACnC,MAAM,KAAK,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5C,IAAI,KAAK;gBAAE,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QACxC,CAAC;IACH,CAAC,CAAC;IAEF,MAAM,OAAO,GAAG,IAAI,OAAO,CAAC;QAC1B,cAAc,CAAC,IAAI;YACjB,WAAW,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;QACD,aAAa,CAAC,IAAI;YAChB,WAAW,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;QACD,gBAAgB,CAAC,IAAI;YACnB,WAAW,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;QACD,gBAAgB,CAAC,IAAI;YACnB,WAAW,CAAC,IAAI,CAAC,CAAC;QACpB,CAAC;KACF,CAAC,CAAC;IAEH,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAE9B,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,QAAQ,CAAC,QAAsB;IAC7C,MAAM,QAAQ,GAAc,EAAE,CAAC;IAE/B,KAAK,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,EAAE,CAAC;QAChD,2EAA2E;QAC3E,sFAAsF;QACtF,IAAI,QAAQ,CAAC,QAAQ,CAAC,eAAe,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YACvE,SAAS;QACX,CAAC;QAED,2BAA2B;QAC3B,IAAI,CAAC,WAAW,CAAC,QAAQ,EAAE,4BAA4B,CAAC;YAAE,SAAS;QAEnE,2EAA2E;QAC3E,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACpE,IAAI,CAAC,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,SAAS;QAE5E,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QAExC,QAAQ,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC,CAAC;IACnD,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}

package/dist/scanner/checks/ast.test.d.ts

@@ -0,0 +1,2 @@
+export {};
+//# sourceMappingURL=ast.test.d.ts.map

package/dist/scanner/checks/ast.test.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ast.test.d.ts","sourceRoot":"","sources":["../../../src/scanner/checks/ast.test.ts"],"names":[],"mappings":""}