@vltpkg/query 0.0.0-3 → 0.0.0-30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (243) hide show
  1. package/README.md +39 -82
  2. package/dist/esm/attribute.d.ts +1 -1
  3. package/dist/esm/attribute.d.ts.map +1 -1
  4. package/dist/esm/attribute.js +8 -13
  5. package/dist/esm/attribute.js.map +1 -1
  6. package/dist/esm/combinator.d.ts.map +1 -1
  7. package/dist/esm/combinator.js +5 -2
  8. package/dist/esm/combinator.js.map +1 -1
  9. package/dist/esm/id.d.ts.map +1 -1
  10. package/dist/esm/id.js +23 -7
  11. package/dist/esm/id.js.map +1 -1
  12. package/dist/esm/index.d.ts +40 -7
  13. package/dist/esm/index.d.ts.map +1 -1
  14. package/dist/esm/index.js +303 -23
  15. package/dist/esm/index.js.map +1 -1
  16. package/dist/esm/parser.d.ts +15 -0
  17. package/dist/esm/parser.d.ts.map +1 -0
  18. package/dist/esm/parser.js +93 -0
  19. package/dist/esm/parser.js.map +1 -0
  20. package/dist/esm/pseudo/abandoned.d.ts +7 -0
  21. package/dist/esm/pseudo/abandoned.d.ts.map +1 -0
  22. package/dist/esm/pseudo/abandoned.js +6 -0
  23. package/dist/esm/pseudo/abandoned.js.map +1 -0
  24. package/dist/esm/pseudo/attr.d.ts +2 -1
  25. package/dist/esm/pseudo/attr.d.ts.map +1 -1
  26. package/dist/esm/pseudo/attr.js +10 -2
  27. package/dist/esm/pseudo/attr.js.map +1 -1
  28. package/dist/esm/pseudo/confused.d.ts +9 -0
  29. package/dist/esm/pseudo/confused.d.ts.map +1 -0
  30. package/dist/esm/pseudo/confused.js +19 -0
  31. package/dist/esm/pseudo/confused.js.map +1 -0
  32. package/dist/esm/pseudo/cve.d.ts +13 -0
  33. package/dist/esm/pseudo/cve.d.ts.map +1 -0
  34. package/dist/esm/pseudo/cve.js +44 -0
  35. package/dist/esm/pseudo/cve.js.map +1 -0
  36. package/dist/esm/pseudo/cwe.d.ts +13 -0
  37. package/dist/esm/pseudo/cwe.d.ts.map +1 -0
  38. package/dist/esm/pseudo/cwe.js +43 -0
  39. package/dist/esm/pseudo/cwe.js.map +1 -0
  40. package/dist/esm/pseudo/debug.d.ts +7 -0
  41. package/dist/esm/pseudo/debug.d.ts.map +1 -0
  42. package/dist/esm/pseudo/debug.js +6 -0
  43. package/dist/esm/pseudo/debug.js.map +1 -0
  44. package/dist/esm/pseudo/deprecated.d.ts +7 -0
  45. package/dist/esm/pseudo/deprecated.d.ts.map +1 -0
  46. package/dist/esm/pseudo/deprecated.js +6 -0
  47. package/dist/esm/pseudo/deprecated.js.map +1 -0
  48. package/dist/esm/pseudo/dev.d.ts +6 -0
  49. package/dist/esm/pseudo/dev.d.ts.map +1 -0
  50. package/dist/esm/pseudo/dev.js +15 -0
  51. package/dist/esm/pseudo/dev.js.map +1 -0
  52. package/dist/esm/pseudo/dynamic.d.ts +7 -0
  53. package/dist/esm/pseudo/dynamic.d.ts.map +1 -0
  54. package/dist/esm/pseudo/dynamic.js +6 -0
  55. package/dist/esm/pseudo/dynamic.js.map +1 -0
  56. package/dist/esm/pseudo/empty.d.ts +7 -0
  57. package/dist/esm/pseudo/empty.d.ts.map +1 -0
  58. package/dist/esm/pseudo/empty.js +14 -0
  59. package/dist/esm/pseudo/empty.js.map +1 -0
  60. package/dist/esm/pseudo/entropic.d.ts +7 -0
  61. package/dist/esm/pseudo/entropic.d.ts.map +1 -0
  62. package/dist/esm/pseudo/entropic.js +6 -0
  63. package/dist/esm/pseudo/entropic.js.map +1 -0
  64. package/dist/esm/pseudo/env.d.ts +7 -0
  65. package/dist/esm/pseudo/env.d.ts.map +1 -0
  66. package/dist/esm/pseudo/env.js +6 -0
  67. package/dist/esm/pseudo/env.js.map +1 -0
  68. package/dist/esm/pseudo/eval.d.ts +7 -0
  69. package/dist/esm/pseudo/eval.d.ts.map +1 -0
  70. package/dist/esm/pseudo/eval.js +6 -0
  71. package/dist/esm/pseudo/eval.js.map +1 -0
  72. package/dist/esm/pseudo/fs.d.ts +7 -0
  73. package/dist/esm/pseudo/fs.d.ts.map +1 -0
  74. package/dist/esm/pseudo/fs.js +6 -0
  75. package/dist/esm/pseudo/fs.js.map +1 -0
  76. package/dist/esm/pseudo/helpers.d.ts +25 -1
  77. package/dist/esm/pseudo/helpers.d.ts.map +1 -1
  78. package/dist/esm/pseudo/helpers.js +53 -0
  79. package/dist/esm/pseudo/helpers.js.map +1 -1
  80. package/dist/esm/pseudo/host.d.ts +20 -0
  81. package/dist/esm/pseudo/host.d.ts.map +1 -0
  82. package/dist/esm/pseudo/host.js +80 -0
  83. package/dist/esm/pseudo/host.js.map +1 -0
  84. package/dist/esm/pseudo/license.d.ts +13 -0
  85. package/dist/esm/pseudo/license.d.ts.map +1 -0
  86. package/dist/esm/pseudo/license.js +58 -0
  87. package/dist/esm/pseudo/license.js.map +1 -0
  88. package/dist/esm/pseudo/link.d.ts +9 -0
  89. package/dist/esm/pseudo/link.d.ts.map +1 -0
  90. package/dist/esm/pseudo/link.js +25 -0
  91. package/dist/esm/pseudo/link.js.map +1 -0
  92. package/dist/esm/pseudo/malware.d.ts +24 -0
  93. package/dist/esm/pseudo/malware.d.ts.map +1 -0
  94. package/dist/esm/pseudo/malware.js +187 -0
  95. package/dist/esm/pseudo/malware.js.map +1 -0
  96. package/dist/esm/pseudo/minified.d.ts +7 -0
  97. package/dist/esm/pseudo/minified.d.ts.map +1 -0
  98. package/dist/esm/pseudo/minified.js +6 -0
  99. package/dist/esm/pseudo/minified.js.map +1 -0
  100. package/dist/esm/pseudo/missing.d.ts +8 -0
  101. package/dist/esm/pseudo/missing.d.ts.map +1 -0
  102. package/dist/esm/pseudo/missing.js +15 -0
  103. package/dist/esm/pseudo/missing.js.map +1 -0
  104. package/dist/esm/pseudo/native.d.ts +7 -0
  105. package/dist/esm/pseudo/native.d.ts.map +1 -0
  106. package/dist/esm/pseudo/native.js +6 -0
  107. package/dist/esm/pseudo/native.js.map +1 -0
  108. package/dist/esm/pseudo/network.d.ts +7 -0
  109. package/dist/esm/pseudo/network.d.ts.map +1 -0
  110. package/dist/esm/pseudo/network.js +6 -0
  111. package/dist/esm/pseudo/network.js.map +1 -0
  112. package/dist/esm/pseudo/obfuscated.d.ts +7 -0
  113. package/dist/esm/pseudo/obfuscated.d.ts.map +1 -0
  114. package/dist/esm/pseudo/obfuscated.js +6 -0
  115. package/dist/esm/pseudo/obfuscated.js.map +1 -0
  116. package/dist/esm/pseudo/optional.d.ts +6 -0
  117. package/dist/esm/pseudo/optional.d.ts.map +1 -0
  118. package/dist/esm/pseudo/optional.js +15 -0
  119. package/dist/esm/pseudo/optional.js.map +1 -0
  120. package/dist/esm/pseudo/outdated.d.ts +4 -4
  121. package/dist/esm/pseudo/outdated.d.ts.map +1 -1
  122. package/dist/esm/pseudo/outdated.js +44 -33
  123. package/dist/esm/pseudo/outdated.js.map +1 -1
  124. package/dist/esm/pseudo/overridden.d.ts +8 -0
  125. package/dist/esm/pseudo/overridden.d.ts.map +1 -0
  126. package/dist/esm/pseudo/overridden.js +17 -0
  127. package/dist/esm/pseudo/overridden.js.map +1 -0
  128. package/dist/esm/pseudo/path.d.ts +19 -0
  129. package/dist/esm/pseudo/path.d.ts.map +1 -0
  130. package/dist/esm/pseudo/path.js +113 -0
  131. package/dist/esm/pseudo/path.js.map +1 -0
  132. package/dist/esm/pseudo/peer.d.ts +6 -0
  133. package/dist/esm/pseudo/peer.d.ts.map +1 -0
  134. package/dist/esm/pseudo/peer.js +15 -0
  135. package/dist/esm/pseudo/peer.js.map +1 -0
  136. package/dist/esm/pseudo/prerelease.d.ts +18 -0
  137. package/dist/esm/pseudo/prerelease.d.ts.map +1 -0
  138. package/dist/esm/pseudo/prerelease.js +41 -0
  139. package/dist/esm/pseudo/prerelease.js.map +1 -0
  140. package/dist/esm/pseudo/private.d.ts +7 -0
  141. package/dist/esm/pseudo/private.d.ts.map +1 -0
  142. package/dist/esm/pseudo/private.js +16 -0
  143. package/dist/esm/pseudo/private.js.map +1 -0
  144. package/dist/esm/pseudo/prod.d.ts +6 -0
  145. package/dist/esm/pseudo/prod.d.ts.map +1 -0
  146. package/dist/esm/pseudo/prod.js +15 -0
  147. package/dist/esm/pseudo/prod.js.map +1 -0
  148. package/dist/esm/pseudo/published.d.ts +40 -0
  149. package/dist/esm/pseudo/published.d.ts.map +1 -0
  150. package/dist/esm/pseudo/published.js +158 -0
  151. package/dist/esm/pseudo/published.js.map +1 -0
  152. package/dist/esm/pseudo/root.d.ts +7 -0
  153. package/dist/esm/pseudo/root.d.ts.map +1 -0
  154. package/dist/esm/pseudo/root.js +18 -0
  155. package/dist/esm/pseudo/root.js.map +1 -0
  156. package/dist/esm/pseudo/scanned.d.ts +9 -0
  157. package/dist/esm/pseudo/scanned.d.ts.map +1 -0
  158. package/dist/esm/pseudo/scanned.js +17 -0
  159. package/dist/esm/pseudo/scanned.js.map +1 -0
  160. package/dist/esm/pseudo/score.d.ts +16 -0
  161. package/dist/esm/pseudo/score.d.ts.map +1 -0
  162. package/dist/esm/pseudo/score.js +119 -0
  163. package/dist/esm/pseudo/score.js.map +1 -0
  164. package/dist/esm/pseudo/scripts.d.ts +7 -0
  165. package/dist/esm/pseudo/scripts.d.ts.map +1 -0
  166. package/dist/esm/pseudo/scripts.js +6 -0
  167. package/dist/esm/pseudo/scripts.js.map +1 -0
  168. package/dist/esm/pseudo/semver.d.ts +2 -1
  169. package/dist/esm/pseudo/semver.d.ts.map +1 -1
  170. package/dist/esm/pseudo/semver.js +11 -24
  171. package/dist/esm/pseudo/semver.js.map +1 -1
  172. package/dist/esm/pseudo/severity.d.ts +15 -0
  173. package/dist/esm/pseudo/severity.d.ts.map +1 -0
  174. package/dist/esm/pseudo/severity.js +160 -0
  175. package/dist/esm/pseudo/severity.js.map +1 -0
  176. package/dist/esm/pseudo/shell.d.ts +7 -0
  177. package/dist/esm/pseudo/shell.d.ts.map +1 -0
  178. package/dist/esm/pseudo/shell.js +6 -0
  179. package/dist/esm/pseudo/shell.js.map +1 -0
  180. package/dist/esm/pseudo/shrinkwrap.d.ts +7 -0
  181. package/dist/esm/pseudo/shrinkwrap.d.ts.map +1 -0
  182. package/dist/esm/pseudo/shrinkwrap.js +6 -0
  183. package/dist/esm/pseudo/shrinkwrap.js.map +1 -0
  184. package/dist/esm/pseudo/spec.d.ts +17 -0
  185. package/dist/esm/pseudo/spec.d.ts.map +1 -0
  186. package/dist/esm/pseudo/spec.js +102 -0
  187. package/dist/esm/pseudo/spec.js.map +1 -0
  188. package/dist/esm/pseudo/squat.d.ts +15 -0
  189. package/dist/esm/pseudo/squat.d.ts.map +1 -0
  190. package/dist/esm/pseudo/squat.js +161 -0
  191. package/dist/esm/pseudo/squat.js.map +1 -0
  192. package/dist/esm/pseudo/suspicious.d.ts +7 -0
  193. package/dist/esm/pseudo/suspicious.d.ts.map +1 -0
  194. package/dist/esm/pseudo/suspicious.js +6 -0
  195. package/dist/esm/pseudo/suspicious.js.map +1 -0
  196. package/dist/esm/pseudo/tracker.d.ts +7 -0
  197. package/dist/esm/pseudo/tracker.d.ts.map +1 -0
  198. package/dist/esm/pseudo/tracker.js +6 -0
  199. package/dist/esm/pseudo/tracker.js.map +1 -0
  200. package/dist/esm/pseudo/trivial.d.ts +7 -0
  201. package/dist/esm/pseudo/trivial.d.ts.map +1 -0
  202. package/dist/esm/pseudo/trivial.js +6 -0
  203. package/dist/esm/pseudo/trivial.js.map +1 -0
  204. package/dist/esm/pseudo/type.d.ts +8 -0
  205. package/dist/esm/pseudo/type.d.ts.map +1 -0
  206. package/dist/esm/pseudo/type.js +22 -0
  207. package/dist/esm/pseudo/type.js.map +1 -0
  208. package/dist/esm/pseudo/undesirable.d.ts +7 -0
  209. package/dist/esm/pseudo/undesirable.d.ts.map +1 -0
  210. package/dist/esm/pseudo/undesirable.js +6 -0
  211. package/dist/esm/pseudo/undesirable.js.map +1 -0
  212. package/dist/esm/pseudo/unknown.d.ts +7 -0
  213. package/dist/esm/pseudo/unknown.d.ts.map +1 -0
  214. package/dist/esm/pseudo/unknown.js +6 -0
  215. package/dist/esm/pseudo/unknown.js.map +1 -0
  216. package/dist/esm/pseudo/unmaintained.d.ts +7 -0
  217. package/dist/esm/pseudo/unmaintained.d.ts.map +1 -0
  218. package/dist/esm/pseudo/unmaintained.js +6 -0
  219. package/dist/esm/pseudo/unmaintained.js.map +1 -0
  220. package/dist/esm/pseudo/unpopular.d.ts +7 -0
  221. package/dist/esm/pseudo/unpopular.d.ts.map +1 -0
  222. package/dist/esm/pseudo/unpopular.js +6 -0
  223. package/dist/esm/pseudo/unpopular.js.map +1 -0
  224. package/dist/esm/pseudo/unstable.d.ts +7 -0
  225. package/dist/esm/pseudo/unstable.d.ts.map +1 -0
  226. package/dist/esm/pseudo/unstable.js +6 -0
  227. package/dist/esm/pseudo/unstable.js.map +1 -0
  228. package/dist/esm/pseudo/workspace.d.ts +6 -0
  229. package/dist/esm/pseudo/workspace.d.ts.map +1 -0
  230. package/dist/esm/pseudo/workspace.js +20 -0
  231. package/dist/esm/pseudo/workspace.js.map +1 -0
  232. package/dist/esm/pseudo.d.ts.map +1 -1
  233. package/dist/esm/pseudo.js +151 -109
  234. package/dist/esm/pseudo.js.map +1 -1
  235. package/dist/esm/types.d.ts +98 -26
  236. package/dist/esm/types.d.ts.map +1 -1
  237. package/dist/esm/types.js +1 -106
  238. package/dist/esm/types.js.map +1 -1
  239. package/package.json +20 -15
  240. package/dist/esm/class.d.ts +0 -6
  241. package/dist/esm/class.d.ts.map +0 -1
  242. package/dist/esm/class.js +0 -128
  243. package/dist/esm/class.js.map +0 -1
package/dist/esm/index.js CHANGED
@@ -1,18 +1,31 @@
1
1
  import { error } from '@vltpkg/error-cause';
2
- import postcssSelectorParser from 'postcss-selector-parser';
2
+ import { joinDepIDTuple } from '@vltpkg/dep-id/browser';
3
+ import { parse, isPostcssNodeWithChildren, asPostcssNodeWithChildren, isSelectorNode, isPseudoNode, isIdentifierNode, isAttributeNode, } from '@vltpkg/dss-parser';
3
4
  import { attribute } from "./attribute.js";
4
- import { classFn } from "./class.js";
5
5
  import { combinator } from "./combinator.js";
6
6
  import { id } from "./id.js";
7
7
  import { pseudo } from "./pseudo.js";
8
- import { isPostcssNodeWithChildren, asPostcssNodeWithChildren, isSelectorNode, } from "./types.js";
9
8
  export * from "./types.js";
10
9
  const noopFn = async (state) => state;
11
10
  const selectors = {
12
11
  attribute,
13
- class: classFn,
12
+ /* c8 ignore start */
13
+ class: async (state) => {
14
+ throw error('Unsupported selector', { found: state.current });
15
+ },
16
+ /* c8 ignore end */
14
17
  combinator,
15
- comment: noopFn,
18
+ comment: async (state) => {
19
+ if (state.current.value && !state.comment) {
20
+ const commentValue = state.current.value;
21
+ const cleanComment = commentValue
22
+ .replace(/^\/\*/, '')
23
+ .replace(/\*\/$/, '')
24
+ .trim();
25
+ state.comment = cleanComment;
26
+ }
27
+ return state;
28
+ },
16
29
  id,
17
30
  nesting: noopFn,
18
31
  pseudo,
@@ -41,7 +54,9 @@ export const walk = async (state) => {
41
54
  if (state.loose) {
42
55
  return state;
43
56
  }
44
- throw new Error(`Missing parser for query node: ${state.current.type}`);
57
+ throw error(`Missing parser for query node: ${state.current.type}`, {
58
+ found: state.current,
59
+ });
45
60
  }
46
61
  state = await parserFn(state);
47
62
  // pseudo selectors handle their own sub selectors
@@ -74,37 +89,231 @@ export const walk = async (state) => {
74
89
  }
75
90
  return state;
76
91
  };
92
+ // A list of known security selectors that rely on
93
+ // data from the security-archive in order to work
94
+ const securitySelectors = new Set([
95
+ ':abandoned',
96
+ ':confused',
97
+ ':cve',
98
+ ':cwe',
99
+ ':debug',
100
+ ':deprecated',
101
+ ':dynamic',
102
+ ':entropic',
103
+ ':env',
104
+ ':eval',
105
+ ':fs',
106
+ ':license',
107
+ ':malware',
108
+ ':minified',
109
+ ':native',
110
+ ':network',
111
+ ':obfuscated',
112
+ ':scanned',
113
+ ':score',
114
+ ':scripts',
115
+ ':sev',
116
+ ':severity',
117
+ ':shell',
118
+ ':shrinkwrap',
119
+ ':squat',
120
+ ':suspicious',
121
+ ':tracker',
122
+ ':trivial',
123
+ ':undesirable',
124
+ ':unknown',
125
+ ':unmaintained',
126
+ ':unpopular',
127
+ ':unstable',
128
+ ]);
129
+ const setMethodToJSON = (node) => {
130
+ const { toJSON } = node;
131
+ const insights = node.insights;
132
+ node.toJSON = () => ({
133
+ ...toJSON.call(node),
134
+ insights,
135
+ });
136
+ };
137
+ /**
138
+ * The Query class is used to search the graph for nodes and edges
139
+ * using the Dependency Selector Syntax (DSS).
140
+ */
77
141
  export class Query {
78
142
  #cache;
79
- #graph;
80
- #specOptions;
81
- constructor({ graph, specOptions }) {
143
+ #edges;
144
+ #nodes;
145
+ #importers;
146
+ #retries;
147
+ #securityArchive;
148
+ #hostContexts;
149
+ /**
150
+ * Helper method to determine if a given query string is using any of
151
+ * the known security selectors. This is useful so that operations can
152
+ * skip hydrating the security archive if it's not needed.
153
+ */
154
+ static hasSecuritySelectors(query) {
155
+ for (const selector of securitySelectors) {
156
+ if (query.includes(selector)) {
157
+ return true;
158
+ }
159
+ }
160
+ return false;
161
+ }
162
+ /**
163
+ * Sorts an array of QueryResponse objects by specificity. Objects with
164
+ * higher idCounter values come first, if idCounter values are equal,
165
+ * then objects with higher commonCounter values come first. Otherwise,
166
+ * the original order is preserved.
167
+ */
168
+ static specificitySort(responses) {
169
+ return [...responses].sort((a, b) => {
170
+ // First compare by idCounter (higher comes first)
171
+ if (a.specificity.idCounter !== b.specificity.idCounter) {
172
+ return b.specificity.idCounter - a.specificity.idCounter;
173
+ }
174
+ // If idCounter values are equal, compare by commonCounter
175
+ if (a.specificity.commonCounter !== b.specificity.commonCounter) {
176
+ return (b.specificity.commonCounter - a.specificity.commonCounter);
177
+ }
178
+ // If both counters are equal, preserve original order
179
+ return 0;
180
+ });
181
+ }
182
+ constructor({ edges, nodes, importers, retries, securityArchive, hostContexts, }) {
82
183
  this.#cache = new Map();
83
- this.#graph = graph;
84
- this.#specOptions = specOptions;
184
+ this.#edges = edges;
185
+ this.#nodes = nodes;
186
+ this.#importers = importers;
187
+ this.#retries = retries ?? 3;
188
+ this.#securityArchive = securityArchive;
189
+ this.#hostContexts = hostContexts;
85
190
  }
86
- async search(query, signal) {
87
- if (typeof query !== 'string') {
88
- throw new TypeError('Query search argument needs to be a string');
191
+ #getQueryResponseEdges(_edges) {
192
+ return Array.from(_edges);
193
+ }
194
+ #getQueryResponseNodes(_nodes) {
195
+ const nodes = Array.from(_nodes);
196
+ for (const node of nodes) {
197
+ const securityArchiveEntry = this.#securityArchive?.get(node.id);
198
+ // if a security archive entry is not found then the insights object
199
+ // should just be empty with scanned=false
200
+ if (!securityArchiveEntry) {
201
+ node.insights = {
202
+ scanned: false,
203
+ };
204
+ setMethodToJSON(node);
205
+ continue;
206
+ }
207
+ // if a security archive entry is found then we can populate the insights
208
+ node.insights = {
209
+ scanned: true,
210
+ score: securityArchiveEntry.score,
211
+ abandoned: securityArchiveEntry.alerts.some(i => i.type === 'missingAuthor'),
212
+ confused: securityArchiveEntry.alerts.some(i => i.type === 'manifestConfusion'),
213
+ cve: securityArchiveEntry.alerts
214
+ .map(i => i.props?.cveId)
215
+ .filter(i => i !== undefined),
216
+ cwe: Array.from(new Set(securityArchiveEntry.alerts
217
+ .filter(i => i.props?.cveId)
218
+ .flatMap(i => i.props?.cwes?.map(j => j.id)))),
219
+ debug: securityArchiveEntry.alerts.some(i => i.type === 'debugAccess'),
220
+ deprecated: securityArchiveEntry.alerts.some(i => i.type === 'deprecated'),
221
+ dynamic: securityArchiveEntry.alerts.some(i => i.type === 'dynamicRequire'),
222
+ entropic: securityArchiveEntry.alerts.some(i => i.type === 'highEntropyStrings'),
223
+ env: securityArchiveEntry.alerts.some(i => i.type === 'envVars'),
224
+ eval: securityArchiveEntry.alerts.some(i => i.type === 'usesEval'),
225
+ fs: securityArchiveEntry.alerts.some(i => i.type === 'filesystemAccess'),
226
+ license: {
227
+ unlicensed: securityArchiveEntry.alerts.some(i => i.type === 'explicitlyUnlicensedItem'),
228
+ misc: securityArchiveEntry.alerts.some(i => i.type === 'miscLicenseIssues'),
229
+ restricted: securityArchiveEntry.alerts.some(i => i.type === 'nonpermissiveLicense'),
230
+ ambiguous: securityArchiveEntry.alerts.some(i => i.type === 'ambiguousClassifier'),
231
+ copyleft: securityArchiveEntry.alerts.some(i => i.type === 'copyleftLicense'),
232
+ unknown: securityArchiveEntry.alerts.some(i => i.type === 'unidentifiedLicense'),
233
+ none: securityArchiveEntry.alerts.some(i => i.type === 'noLicenseFound'),
234
+ exception: securityArchiveEntry.alerts.some(i => i.type === 'licenseException'),
235
+ },
236
+ malware: {
237
+ low: securityArchiveEntry.alerts.some(i => i.type === 'gptAnomaly'),
238
+ medium: securityArchiveEntry.alerts.some(i => i.type === 'gptSecurity'),
239
+ high: securityArchiveEntry.alerts.some(i => i.type === 'gptMalware'),
240
+ critical: securityArchiveEntry.alerts.some(i => i.type === 'malware'),
241
+ },
242
+ minified: securityArchiveEntry.alerts.some(i => i.type === 'minifiedFile'),
243
+ native: securityArchiveEntry.alerts.some(i => i.type === 'hasNativeCode'),
244
+ network: securityArchiveEntry.alerts.some(i => i.type === 'networkAccess'),
245
+ obfuscated: securityArchiveEntry.alerts.some(i => i.type === 'obfuscatedFile'),
246
+ scripts: securityArchiveEntry.alerts.some(i => i.type === 'installScripts'),
247
+ severity: {
248
+ low: securityArchiveEntry.alerts.some(i => i.type === 'mildCVE'),
249
+ medium: securityArchiveEntry.alerts.some(i => i.type === 'potentialVulnerability'),
250
+ high: securityArchiveEntry.alerts.some(i => i.type === 'cve'),
251
+ critical: securityArchiveEntry.alerts.some(i => i.type === 'criticalCVE'),
252
+ },
253
+ shell: securityArchiveEntry.alerts.some(i => i.type === 'shellAccess'),
254
+ shrinkwrap: securityArchiveEntry.alerts.some(i => i.type === 'shrinkwrap'),
255
+ squat: {
256
+ medium: securityArchiveEntry.alerts.some(i => i.type === 'gptDidYouMean'),
257
+ critical: securityArchiveEntry.alerts.some(i => i.type === 'didYouMean'),
258
+ },
259
+ suspicious: securityArchiveEntry.alerts.some(i => i.type === 'suspiciousStarActivity'),
260
+ tracker: securityArchiveEntry.alerts.some(i => i.type === 'telemetry'),
261
+ trivial: securityArchiveEntry.alerts.some(i => i.type === 'trivialPackage'),
262
+ undesirable: securityArchiveEntry.alerts.some(i => i.type === 'troll'),
263
+ unknown: securityArchiveEntry.alerts.some(i => i.type === 'newAuthor'),
264
+ unmaintained: securityArchiveEntry.alerts.some(i => i.type === 'unmaintained'),
265
+ unpopular: securityArchiveEntry.alerts.some(i => i.type === 'unpopularPackage'),
266
+ unstable: securityArchiveEntry.alerts.some(i => i.type === 'unstableOwnership'),
267
+ };
268
+ setMethodToJSON(node);
89
269
  }
270
+ return nodes;
271
+ }
272
+ /**
273
+ * Search the graph for nodes and edges that match the given query.
274
+ */
275
+ async search(query, { signal, scopeIDs = [joinDepIDTuple(['file', '.'])], }) {
90
276
  if (!query)
91
- return { edges: [], nodes: [] };
277
+ return {
278
+ edges: [],
279
+ nodes: [],
280
+ importers: [],
281
+ comment: '',
282
+ specificity: { idCounter: 0, commonCounter: 0 },
283
+ };
92
284
  const cachedResult = this.#cache.get(query);
93
285
  if (cachedResult) {
94
286
  return cachedResult;
95
287
  }
96
- const nodes = new Set(Array.from(this.#graph.nodes.values()));
97
- const edges = new Set(Array.from(this.#graph.edges));
288
+ const nodes = this.#nodes;
289
+ const edges = this.#edges;
290
+ const importers = this.#importers;
291
+ // includes virtual workspace edges in the searched edges
292
+ for (const importer of importers) {
293
+ if (!importer.workspaces)
294
+ continue;
295
+ for (const edge of importer.workspaces.values()) {
296
+ edges.add(edge);
297
+ }
298
+ }
299
+ // parse the query string into AST
300
+ const current = parse(query);
301
+ // set loose mode for the entire parse in case there are multiple selectors
302
+ // so that using invalid pseudo selectors or other query language parser
303
+ // errors won't throw an error,
304
+ // e.g: `:root > *, #a, :foo` still returns results for `:root > ` and `#a`
305
+ // while :foo is ignored
306
+ const loose = asPostcssNodeWithChildren(current).nodes.length > 1;
98
307
  // builds initial state and walks over it,
99
308
  // retrieving the collected result
100
- const { collect } = await walk({
309
+ const { collect, comment, importers: stateResultImporters, specificity, } = await walk({
101
310
  cancellable: async () => {
102
311
  await new Promise(resolve => {
103
312
  setTimeout(resolve, 0);
104
313
  });
105
- signal?.throwIfAborted();
314
+ signal.throwIfAborted();
106
315
  },
107
- current: postcssSelectorParser().astSync(query),
316
+ current,
108
317
  initial: {
109
318
  nodes: new Set(nodes),
110
319
  edges: new Set(edges),
@@ -113,17 +322,88 @@ export class Query {
113
322
  nodes: new Set(),
114
323
  edges: new Set(),
115
324
  },
325
+ comment: '',
326
+ loose,
327
+ importers,
116
328
  partial: { nodes, edges },
329
+ retries: this.#retries,
117
330
  signal,
118
- specOptions: this.#specOptions,
331
+ securityArchive: this.#securityArchive,
332
+ scopeIDs,
119
333
  walk,
334
+ specificity: { idCounter: 0, commonCounter: 0 },
335
+ hostContexts: this.#hostContexts,
120
336
  });
121
337
  const res = {
122
- edges: Array.from(collect.edges),
123
- nodes: Array.from(collect.nodes),
338
+ edges: this.#getQueryResponseEdges(collect.edges),
339
+ nodes: this.#getQueryResponseNodes(collect.nodes),
340
+ importers: this.#getQueryResponseNodes(stateResultImporters),
341
+ comment,
342
+ specificity,
124
343
  };
125
344
  this.#cache.set(query, res);
126
345
  return res;
127
346
  }
347
+ /**
348
+ * Parses a query string in order to retrieve an array of tokens.
349
+ */
350
+ static getQueryTokens(query) {
351
+ if (!query)
352
+ return [];
353
+ const tokens = [];
354
+ const ast = (q) => {
355
+ try {
356
+ return parse(q);
357
+ }
358
+ catch (_e) {
359
+ return ast(q.slice(0, -1));
360
+ }
361
+ };
362
+ const processNode = (node) => {
363
+ for (const key of selectorsMap.keys()) {
364
+ if (node.type === key && node.type !== 'root') {
365
+ let token = `${node.spaces.before}${node.value}${node.spaces.after}`;
366
+ if (isIdentifierNode(node)) {
367
+ token = `${node.spaces.before}#${node.value}${node.spaces.after}`;
368
+ }
369
+ else if (isSelectorNode(node)) {
370
+ token = `${node.spaces.before},${node.spaces.after}`;
371
+ }
372
+ else if (isAttributeNode(node)) {
373
+ token = String(node.source?.start?.column &&
374
+ node.source.end?.column &&
375
+ `${node.spaces.before}${query.slice(node.source.start.column - 1, node.source.end.column)}${node.spaces.after}`);
376
+ }
377
+ if (isPostcssNodeWithChildren(node) &&
378
+ isPseudoNode(node) &&
379
+ node.nodes.length) {
380
+ token = String(token.split('(')[0]);
381
+ token += '(';
382
+ }
383
+ if (!isSelectorNode(node) ||
384
+ node.parent?.nodes.indexOf(node) !== 0) {
385
+ tokens.push({
386
+ ...node,
387
+ token,
388
+ });
389
+ }
390
+ }
391
+ }
392
+ if (isPostcssNodeWithChildren(node)) {
393
+ for (const child of node.nodes) {
394
+ processNode(child);
395
+ }
396
+ if (isPseudoNode(node) && node.nodes.length) {
397
+ tokens.push({
398
+ ...node,
399
+ token: ')' + node.spaces.after,
400
+ type: 'pseudo',
401
+ });
402
+ }
403
+ }
404
+ };
405
+ processNode(ast(query));
406
+ return tokens;
407
+ }
128
408
  }
129
409
  //# sourceMappingURL=index.js.map
package/dist/esm/index.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAG3C,OAAO,qBAAqB,MAAM,yBAAyB,CAAA;AAC3D,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC1C,OAAO,EAAE,OAAO,EAAE,MAAM,YAAY,CAAA;AACpC,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA;AAC5C,OAAO,EAAE,EAAE,EAAE,MAAM,SAAS,CAAA;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AACpC,OAAO,EACL,yBAAyB,EACzB,yBAAyB,EACzB,cAAc,GACf,MAAM,YAAY,CAAA;AAQnB,cAAc,YAAY,CAAA;AAE1B,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE,CAAC,KAAK,CAAA;AAElD,MAAM,SAAS,GAAG;IAChB,SAAS;IACT,KAAK,EAAE,OAAO;IACd,UAAU;IACV,OAAO,EAAE,MAAM;IACf,EAAE;IACF,OAAO,EAAE,MAAM;IACf,MAAM;IACN,IAAI,EAAE,MAAM;IACZ,QAAQ,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACrC,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACnC,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;IAC/D,CAAC;IACD,GAAG,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QAChC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,EAAE,CAAC;YAC/D,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,SAAS,EAAE,MAAM;CAClB,CAAA;AACD,MAAM,YAAY,GAAG,IAAI,GAAG,CAC1B,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EACvB,KAAkB,EACI,EAAE;IACxB,MAAM,KAAK,CAAC,WAAW,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAErD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,IAAI,KAAK,CACb,kCAAkC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,CACvD,CAAA;IACH,CAAC;IACD,KAAK,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE7B,kDAAkD;IAClD,IACE,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC;QACxC,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAC/B,CAAC;QACD,MAAM,IAAI,GAA4B,yBAAyB,CAC7D,KAAK,CAAC,OAAO,CACd,CAAA;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC7B,2DAA2D;gBAC3D,IAAI,CAAC,OAAO;oBAAE,SAAQ;gBAEtB,MAAM,UAAU,GAAgB;oBAC9B,GAAG,KAAK;oBACR,OAAO;oBACP,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;oBACvB,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;iBACxB,CAAA;gBACD,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,CAAA;YAChC,CAAC;QACH,CAAC;QAED,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAOD,MAAM,OAAO,KAAK;IAChB,MAAM,CAA4B;IAClC,MAAM,CAAW;IACjB,YAAY,CAAa;IAEzB,YAAY,EAAE,KAAK,EAAE,WAAW,EAAgB;QAC9C,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,EAAE,CAAA;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,YAAY,GAAG,WAAW,CAAA;IACjC,CAAC;IAED,KAAK,CAAC,MAAM,CACV,KAAa,EACb,MAAoB;QAEpB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YAC9B,MAAM,IAAI,SAAS,CACjB,4CAA4C,CAC7C,CAAA;QACH,CAAC;QAED,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAA;QAE3C,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAC3C,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,GAAG,CACnB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,CACvC,CAAA;QACD,MAAM,KAAK,GAAG,IAAI,GAAG,CAAW,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAA;QAE9D,0CAA0C;QAC1C,kCAAkC;QAClC,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,IAAI,CAAC;YAC7B,WAAW,EAAE,KAAK,IAAI,EAAE;gBACtB,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC1B,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;gBACxB,CAAC,CAAC,CAAA;gBACF,MAAM,EAAE,cAAc,EAAE,CAAA;YAC1B,CAAC;YACD,OAAO,EAAE,qBAAqB,EAAE,CAAC,OAAO,CAAC,KAAK,CAAC;YAC/C,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;gBACrB,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;aACtB;YACD,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,EAAY;gBAC1B,KAAK,EAAE,IAAI,GAAG,EAAY;aAC3B;YACD,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE;YACzB,MAAM;YACN,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,IAAI;SACL,CAAC,CAAA;QAEF,MAAM,GAAG,GAAkB;YACzB,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;YAChC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;SACjC,CAAA;QACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QAC3B,OAAO,GAAG,CAAA;IACZ,CAAC;CACF","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport type { EdgeLike, GraphLike, NodeLike } from '@vltpkg/graph'\nimport type { SpecOptions } from '@vltpkg/spec/browser'\nimport postcssSelectorParser from 'postcss-selector-parser'\nimport { attribute } from './attribute.ts'\nimport { classFn } from './class.ts'\nimport { combinator } from './combinator.ts'\nimport { id } from './id.ts'\nimport { pseudo } from './pseudo.ts'\nimport {\n isPostcssNodeWithChildren,\n asPostcssNodeWithChildren,\n isSelectorNode,\n} from './types.ts'\nimport type {\n PostcssNodeWithChildren,\n ParserState,\n ParserFn,\n QueryResponse,\n} from './types.ts'\n\nexport * from './types.ts'\n\nconst noopFn = async (state: ParserState) => state\n\nconst selectors = {\n attribute,\n class: classFn,\n combinator,\n comment: noopFn,\n id,\n nesting: noopFn,\n pseudo,\n root: noopFn,\n selector: async (state: ParserState) => {\n state.partial.nodes = new Set(state.initial.nodes)\n state.partial.edges = new Set(state.initial.edges)\n return state\n },\n string: async (state: ParserState) => {\n throw error('Unsupported selector', { found: state.current })\n },\n tag: async (state: ParserState) => {\n if (state.current.value !== '{' && state.current.value !== '}') {\n throw error('Unsupported selector', { found: state.current })\n }\n return state\n },\n universal: noopFn,\n}\nconst selectorsMap = new Map<string, ParserFn>(\n Object.entries(selectors),\n)\n\nexport const walk = async (\n state: ParserState,\n): Promise<ParserState> => {\n await state.cancellable()\n\n const parserFn = selectorsMap.get(state.current.type)\n\n if (!parserFn) {\n if (state.loose) {\n return state\n }\n\n throw new Error(\n `Missing parser for query node: ${state.current.type}`,\n )\n }\n state = await parserFn(state)\n\n // pseudo selectors handle their own sub selectors\n if (\n isPostcssNodeWithChildren(state.current) &&\n state.current.type !== 'pseudo'\n ) {\n const node: PostcssNodeWithChildren = asPostcssNodeWithChildren(\n state.current,\n )\n\n if (node.nodes.length) {\n for (let i = 0; i < node.nodes.length; i++) {\n const current = node.nodes[i]\n /* c8 ignore next -- impossible but TS doesn't know that */\n if (!current) continue\n\n const childState: ParserState = {\n ...state,\n current,\n next: node.nodes[i + 1],\n prev: node.nodes[i - 1],\n }\n state = await walk(childState)\n }\n }\n\n if (isSelectorNode(node)) {\n for (const edge of state.partial.edges) {\n state.collect.edges.add(edge)\n }\n for (const node of state.partial.nodes) {\n state.collect.nodes.add(node)\n }\n }\n }\n return state\n}\n\nexport type QueryOptions = {\n graph: GraphLike\n specOptions: SpecOptions\n}\n\nexport class Query {\n #cache: Map<string, QueryResponse>\n #graph: GraphLike\n #specOptions: SpecOptions\n\n constructor({ graph, specOptions }: QueryOptions) {\n this.#cache = new Map()\n this.#graph = graph\n this.#specOptions = specOptions\n }\n\n async search(\n query: string,\n signal?: AbortSignal,\n ): Promise<QueryResponse> {\n if (typeof query !== 'string') {\n throw new TypeError(\n 'Query search argument needs to be a string',\n )\n }\n\n if (!query) return { edges: [], nodes: [] }\n\n const cachedResult = this.#cache.get(query)\n if (cachedResult) {\n return cachedResult\n }\n\n const nodes = new Set<NodeLike>(\n Array.from(this.#graph.nodes.values()),\n )\n const edges = new Set<EdgeLike>(Array.from(this.#graph.edges))\n\n // builds initial state and walks over it,\n // retrieving the collected result\n const { collect } = await walk({\n cancellable: async () => {\n await new Promise(resolve => {\n setTimeout(resolve, 0)\n })\n signal?.throwIfAborted()\n },\n current: postcssSelectorParser().astSync(query),\n initial: {\n nodes: new Set(nodes),\n edges: new Set(edges),\n },\n collect: {\n nodes: new Set<NodeLike>(),\n edges: new Set<EdgeLike>(),\n },\n partial: { nodes, edges },\n signal,\n specOptions: this.#specOptions,\n walk,\n })\n\n const res: QueryResponse = {\n edges: Array.from(collect.edges),\n nodes: Array.from(collect.nodes),\n }\n this.#cache.set(query, res)\n return res\n }\n}\n"]}
1
+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,MAAM,qBAAqB,CAAA;AAC3C,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAA;AACvD,OAAO,EACL,KAAK,EACL,yBAAyB,EACzB,yBAAyB,EACzB,cAAc,EACd,YAAY,EACZ,gBAAgB,EAChB,eAAe,GAChB,MAAM,oBAAoB,CAAA;AAC3B,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAA;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAA;AAC5C,OAAO,EAAE,EAAE,EAAE,MAAM,SAAS,CAAA;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,aAAa,CAAA;AAkBpC,cAAc,YAAY,CAAA;AAO1B,MAAM,MAAM,GAAG,KAAK,EAAE,KAAkB,EAAE,EAAE,CAAC,KAAK,CAAA;AAElD,MAAM,SAAS,GAAG;IAChB,SAAS;IACT,qBAAqB;IACrB,KAAK,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QAClC,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;IAC/D,CAAC;IACD,mBAAmB;IACnB,UAAU;IACV,OAAO,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACpC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC;YAC1C,MAAM,YAAY,GAAG,KAAK,CAAC,OAAO,CAAC,KAAK,CAAA;YACxC,MAAM,YAAY,GAAG,YAAY;iBAC9B,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;iBACpB,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC;iBACpB,IAAI,EAAE,CAAA;YACT,KAAK,CAAC,OAAO,GAAG,YAAY,CAAA;QAC9B,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,EAAE;IACF,OAAO,EAAE,MAAM;IACf,MAAM;IACN,IAAI,EAAE,MAAM;IACZ,QAAQ,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACrC,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,CAAA;QAClD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,MAAM,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QACnC,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;IAC/D,CAAC;IACD,GAAG,EAAE,KAAK,EAAE,KAAkB,EAAE,EAAE;QAChC,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,KAAK,GAAG,EAAE,CAAC;YAC/D,MAAM,KAAK,CAAC,sBAAsB,EAAE,EAAE,KAAK,EAAE,KAAK,CAAC,OAAO,EAAE,CAAC,CAAA;QAC/D,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IACD,SAAS,EAAE,MAAM;CAClB,CAAA;AACD,MAAM,YAAY,GAAG,IAAI,GAAG,CAC1B,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAC1B,CAAA;AAED,MAAM,CAAC,MAAM,IAAI,GAAG,KAAK,EACvB,KAAkB,EACI,EAAE;IACxB,MAAM,KAAK,CAAC,WAAW,EAAE,CAAA;IAEzB,MAAM,QAAQ,GAAG,YAAY,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAA;IAErD,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAChB,OAAO,KAAK,CAAA;QACd,CAAC;QAED,MAAM,KAAK,CACT,kCAAkC,KAAK,CAAC,OAAO,CAAC,IAAI,EAAE,EACtD;YACE,KAAK,EAAE,KAAK,CAAC,OAAO;SACrB,CACF,CAAA;IACH,CAAC;IACD,KAAK,GAAG,MAAM,QAAQ,CAAC,KAAK,CAAC,CAAA;IAE7B,kDAAkD;IAClD,IACE,yBAAyB,CAAC,KAAK,CAAC,OAAO,CAAC;QACxC,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,QAAQ,EAC/B,CAAC;QACD,MAAM,IAAI,GAA4B,yBAAyB,CAC7D,KAAK,CAAC,OAAO,CACd,CAAA;QAED,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;YACtB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC3C,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAA;gBAC7B,2DAA2D;gBAC3D,IAAI,CAAC,OAAO;oBAAE,SAAQ;gBAEtB,MAAM,UAAU,GAAgB;oBAC9B,GAAG,KAAK;oBACR,OAAO;oBACP,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;oBACvB,IAAI,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC;iBACxB,CAAA;gBACD,KAAK,GAAG,MAAM,IAAI,CAAC,UAAU,CAAC,CAAA;YAChC,CAAC;QACH,CAAC;QAED,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;YACD,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YAC/B,CAAC;QACH,CAAC;IACH,CAAC;IACD,OAAO,KAAK,CAAA;AACd,CAAC,CAAA;AAWD,kDAAkD;AAClD,kDAAkD;AAClD,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC;IAChC,YAAY;IACZ,WAAW;IACX,MAAM;IACN,MAAM;IACN,QAAQ;IACR,aAAa;IACb,UAAU;IACV,WAAW;IACX,MAAM;IACN,OAAO;IACP,KAAK;IACL,UAAU;IACV,UAAU;IACV,WAAW;IACX,SAAS;IACT,UAAU;IACV,aAAa;IACb,UAAU;IACV,QAAQ;IACR,UAAU;IACV,MAAM;IACN,WAAW;IACX,QAAQ;IACR,aAAa;IACb,QAAQ;IACR,aAAa;IACb,UAAU;IACV,UAAU;IACV,cAAc;IACd,UAAU;IACV,eAAe;IACf,YAAY;IACZ,WAAW;CACZ,CAAC,CAAA;AAEF,MAAM,eAAe,GAAG,CAAC,IAAuB,EAAE,EAAE;IAClD,MAAM,EAAE,MAAM,EAAE,GAAG,IAAI,CAAA;IACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAA;IAC9B,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC,CAAC;QACnB,GAAG,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC;QACpB,QAAQ;KACT,CAAC,CAAA;AACJ,CAAC,CAAA;AAED;;;GAGG;AACH,MAAM,OAAO,KAAK;IAChB,MAAM,CAA4B;IAClC,MAAM,CAAe;IACrB,MAAM,CAAe;IACrB,UAAU,CAAe;IACzB,QAAQ,CAAQ;IAChB,gBAAgB,CAAiC;IACjD,aAAa,CAA6B;IAE1C;;;;OAIG;IACH,MAAM,CAAC,oBAAoB,CAAC,KAAa;QACvC,KAAK,MAAM,QAAQ,IAAI,iBAAiB,EAAE,CAAC;YACzC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7B,OAAO,IAAI,CAAA;YACb,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;;;;OAKG;IACH,MAAM,CAAC,eAAe,CACpB,SAA0B;QAE1B,OAAO,CAAC,GAAG,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YAClC,kDAAkD;YAClD,IAAI,CAAC,CAAC,WAAW,CAAC,SAAS,KAAK,CAAC,CAAC,WAAW,CAAC,SAAS,EAAE,CAAC;gBACxD,OAAO,CAAC,CAAC,WAAW,CAAC,SAAS,GAAG,CAAC,CAAC,WAAW,CAAC,SAAS,CAAA;YAC1D,CAAC;YAED,0DAA0D;YAC1D,IACE,CAAC,CAAC,WAAW,CAAC,aAAa,KAAK,CAAC,CAAC,WAAW,CAAC,aAAa,EAC3D,CAAC;gBACD,OAAO,CACL,CAAC,CAAC,WAAW,CAAC,aAAa,GAAG,CAAC,CAAC,WAAW,CAAC,aAAa,CAC1D,CAAA;YACH,CAAC;YAED,sDAAsD;YACtD,OAAO,CAAC,CAAA;QACV,CAAC,CAAC,CAAA;IACJ,CAAC;IAED,YAAY,EACV,KAAK,EACL,KAAK,EACL,SAAS,EACT,OAAO,EACP,eAAe,EACf,YAAY,GACC;QACb,IAAI,CAAC,MAAM,GAAG,IAAI,GAAG,EAAE,CAAA;QACvB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,MAAM,GAAG,KAAK,CAAA;QACnB,IAAI,CAAC,UAAU,GAAG,SAAS,CAAA;QAC3B,IAAI,CAAC,QAAQ,GAAG,OAAO,IAAI,CAAC,CAAA;QAC5B,IAAI,CAAC,gBAAgB,GAAG,eAAe,CAAA;QACvC,IAAI,CAAC,aAAa,GAAG,YAAY,CAAA;IACnC,CAAC;IAED,sBAAsB,CAAC,MAAqB;QAC1C,OAAO,KAAK,CAAC,IAAI,CAAC,MAAM,CAAwB,CAAA;IAClD,CAAC;IAED,sBAAsB,CAAC,MAAqB;QAC1C,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,MAAM,CAAwB,CAAA;QACvD,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,MAAM,oBAAoB,GAAG,IAAI,CAAC,gBAAgB,EAAE,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAA;YAEhE,oEAAoE;YACpE,0CAA0C;YAC1C,IAAI,CAAC,oBAAoB,EAAE,CAAC;gBAC1B,IAAI,CAAC,QAAQ,GAAG;oBACd,OAAO,EAAE,KAAK;iBACf,CAAA;gBAED,eAAe,CAAC,IAAI,CAAC,CAAA;gBACrB,SAAQ;YACV,CAAC;YAED,yEAAyE;YACzE,IAAI,CAAC,QAAQ,GAAG;gBACd,OAAO,EAAE,IAAI;gBACb,KAAK,EAAE,oBAAoB,CAAC,KAAK;gBACjC,SAAS,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACzC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAChC;gBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,mBAAmB,CACpC;gBACD,GAAG,EAAE,oBAAoB,CAAC,MAAM;qBAC7B,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC;qBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC;gBAC/B,GAAG,EAAE,KAAK,CAAC,IAAI,CACb,IAAI,GAAG,CACL,oBAAoB,CAAC,MAAM;qBACxB,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,KAAK,CAAC;qBAC3B,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAC/C,CACmB;gBACtB,KAAK,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACrC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAC9B;gBACD,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAC7B;gBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,CACjC;gBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,oBAAoB,CACrC;gBACD,GAAG,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAC1B;gBACD,IAAI,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAC3B;gBACD,EAAE,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAClC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CACnC;gBACD,OAAO,EAAE;oBACP,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,0BAA0B,CAC3C;oBACD,IAAI,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,mBAAmB,CACpC;oBACD,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,sBAAsB,CACvC;oBACD,SAAS,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACzC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,qBAAqB,CACtC;oBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAClC;oBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,qBAAqB,CACtC;oBACD,IAAI,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,CACjC;oBACD,SAAS,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACzC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CACnC;iBACF;gBACD,OAAO,EAAE;oBACP,GAAG,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAC7B;oBACD,MAAM,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAC9B;oBACD,IAAI,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAC7B;oBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAC1B;iBACF;gBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAC/B;gBACD,MAAM,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAChC;gBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAChC;gBACD,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,CACjC;gBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,CACjC;gBACD,QAAQ,EAAE;oBACR,GAAG,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACnC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAC1B;oBACD,MAAM,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,wBAAwB,CACzC;oBACD,IAAI,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,KAAK,CACtB;oBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAC9B;iBACF;gBACD,KAAK,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACrC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,aAAa,CAC9B;gBACD,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAC7B;gBACD,KAAK,EAAE;oBACL,MAAM,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACtC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAChC;oBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAC7B;iBACF;gBACD,UAAU,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC1C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,wBAAwB,CACzC;gBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,WAAW,CAC5B;gBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,CACjC;gBACD,WAAW,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC3C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CACxB;gBACD,OAAO,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACvC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,WAAW,CAC5B;gBACD,YAAY,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CAC5C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAC/B;gBACD,SAAS,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACzC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,kBAAkB,CACnC;gBACD,QAAQ,EAAE,oBAAoB,CAAC,MAAM,CAAC,IAAI,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,mBAAmB,CACpC;aACF,CAAA;YAED,eAAe,CAAC,IAAI,CAAC,CAAA;QACvB,CAAC;QACD,OAAO,KAAK,CAAA;IACd,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,MAAM,CACV,KAAa,EACb,EACE,MAAM,EACN,QAAQ,GAAG,CAAC,cAAc,CAAC,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,CAAC,GAC5B;QAEhB,IAAI,CAAC,KAAK;YACR,OAAO;gBACL,KAAK,EAAE,EAAE;gBACT,KAAK,EAAE,EAAE;gBACT,SAAS,EAAE,EAAE;gBACb,OAAO,EAAE,EAAE;gBACX,WAAW,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;aAChD,CAAA;QAEH,MAAM,YAAY,GAAG,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,CAAC,CAAA;QAC3C,IAAI,YAAY,EAAE,CAAC;YACjB,OAAO,YAAY,CAAA;QACrB,CAAC;QAED,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAA;QACzB,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,CAAA;QACzB,MAAM,SAAS,GAAG,IAAI,CAAC,UAAU,CAAA;QAEjC,yDAAyD;QACzD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,IAAI,CAAC,QAAQ,CAAC,UAAU;gBAAE,SAAQ;YAClC,KAAK,MAAM,IAAI,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,EAAE,EAAE,CAAC;gBAChD,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAA;YACjB,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,CAAA;QAC5B,2EAA2E;QAC3E,wEAAwE;QACxE,+BAA+B;QAC/B,2EAA2E;QAC3E,wBAAwB;QACxB,MAAM,KAAK,GAAG,yBAAyB,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAA;QACjE,0CAA0C;QAC1C,kCAAkC;QAClC,MAAM,EACJ,OAAO,EACP,OAAO,EACP,SAAS,EAAE,oBAAoB,EAC/B,WAAW,GACZ,GAAG,MAAM,IAAI,CAAC;YACb,WAAW,EAAE,KAAK,IAAI,EAAE;gBACtB,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE;oBAC1B,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAA;gBACxB,CAAC,CAAC,CAAA;gBACF,MAAM,CAAC,cAAc,EAAE,CAAA;YACzB,CAAC;YACD,OAAO;YACP,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;gBACrB,KAAK,EAAE,IAAI,GAAG,CAAC,KAAK,CAAC;aACtB;YACD,OAAO,EAAE;gBACP,KAAK,EAAE,IAAI,GAAG,EAAY;gBAC1B,KAAK,EAAE,IAAI,GAAG,EAAY;aAC3B;YACD,OAAO,EAAE,EAAE;YACX,KAAK;YACL,SAAS;YACT,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE;YACzB,OAAO,EAAE,IAAI,CAAC,QAAQ;YACtB,MAAM;YACN,eAAe,EAAE,IAAI,CAAC,gBAAgB;YACtC,QAAQ;YACR,IAAI;YACJ,WAAW,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE;YAC/C,YAAY,EAAE,IAAI,CAAC,aAAa;SACjC,CAAC,CAAA;QAEF,MAAM,GAAG,GAAkB;YACzB,KAAK,EAAE,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,KAAK,CAAC;YACjD,KAAK,EAAE,IAAI,CAAC,sBAAsB,CAAC,OAAO,CAAC,KAAK,CAAC;YACjD,SAAS,EAAE,IAAI,CAAC,sBAAsB,CAAC,oBAAoB,CAAC;YAC5D,OAAO;YACP,WAAW;SACZ,CAAA;QACD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;QAC3B,OAAO,GAAG,CAAA;IACZ,CAAC;IAED;;OAEG;IACH,MAAM,CAAC,cAAc,CAAC,KAAa;QACjC,IAAI,CAAC,KAAK;YAAE,OAAO,EAAE,CAAA;QAErB,MAAM,MAAM,GAA0B,EAAE,CAAA;QAExC,MAAM,GAAG,GAAG,CAAC,CAAS,EAAE,EAAE;YACxB,IAAI,CAAC;gBACH,OAAO,KAAK,CAAC,CAAC,CAAC,CAAA;YACjB,CAAC;YAAC,OAAO,EAAE,EAAE,CAAC;gBACZ,OAAO,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAA;YAC5B,CAAC;QACH,CAAC,CAAA;QAED,MAAM,WAAW,GAAG,CAAC,IAAiB,EAAE,EAAE;YACxC,KAAK,MAAM,GAAG,IAAI,YAAY,CAAC,IAAI,EAAE,EAAE,CAAC;gBACtC,IAAI,IAAI,CAAC,IAAI,KAAK,GAAG,IAAI,IAAI,CAAC,IAAI,KAAK,MAAM,EAAE,CAAC;oBAC9C,IAAI,KAAK,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;oBAEpE,IAAI,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC;wBAC3B,KAAK,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;oBACnE,CAAC;yBAAM,IAAI,cAAc,CAAC,IAAI,CAAC,EAAE,CAAC;wBAChC,KAAK,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;oBACtD,CAAC;yBAAM,IAAI,eAAe,CAAC,IAAI,CAAC,EAAE,CAAC;wBACjC,KAAK,GAAG,MAAM,CACZ,IAAI,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM;4BACxB,IAAI,CAAC,MAAM,CAAC,GAAG,EAAE,MAAM;4BACvB,GAAG,IAAI,CAAC,MAAM,CAAC,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK,EAAE,CAClH,CAAA;oBACH,CAAC;oBAED,IACE,yBAAyB,CAAC,IAAI,CAAC;wBAC/B,YAAY,CAAC,IAAI,CAAC;wBAClB,IAAI,CAAC,KAAK,CAAC,MAAM,EACjB,CAAC;wBACD,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAA;wBACnC,KAAK,IAAI,GAAG,CAAA;oBACd,CAAC;oBAED,IACE,CAAC,cAAc,CAAC,IAAI,CAAC;wBACrB,IAAI,CAAC,MAAM,EAAE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EACtC,CAAC;wBACD,MAAM,CAAC,IAAI,CAAC;4BACV,GAAG,IAAI;4BACP,KAAK;yBACiB,CAAC,CAAA;oBAC3B,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,yBAAyB,CAAC,IAAI,CAAC,EAAE,CAAC;gBACpC,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBAC/B,WAAW,CAAC,KAAK,CAAC,CAAA;gBACpB,CAAC;gBACD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC;oBAC5C,MAAM,CAAC,IAAI,CAAC;wBACV,GAAG,IAAI;wBACP,KAAK,EAAE,GAAG,GAAG,IAAI,CAAC,MAAM,CAAC,KAAK;wBAC9B,IAAI,EAAE,QAAQ;qBACQ,CAAC,CAAA;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC,CAAA;QAED,WAAW,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAA;QACvB,OAAO,MAAM,CAAA;IACf,CAAC;CACF","sourcesContent":["import { error } from '@vltpkg/error-cause'\nimport { joinDepIDTuple } from '@vltpkg/dep-id/browser'\nimport {\n parse,\n isPostcssNodeWithChildren,\n asPostcssNodeWithChildren,\n isSelectorNode,\n isPseudoNode,\n isIdentifierNode,\n isAttributeNode,\n} from '@vltpkg/dss-parser'\nimport { attribute } from './attribute.ts'\nimport { combinator } from './combinator.ts'\nimport { id } from './id.ts'\nimport { pseudo } from './pseudo.ts'\nimport type { EdgeLike, NodeLike } from '@vltpkg/types'\nimport type { SecurityArchiveLike } from '@vltpkg/security-archive'\nimport type {\n PostcssNode,\n PostcssNodeWithChildren,\n} from '@vltpkg/dss-parser'\nimport type {\n HostContextsMap,\n ParsedSelectorToken,\n ParserState,\n ParserFn,\n QueryResponse,\n QueryResponseNode,\n QueryResponseEdge,\n} from './types.ts'\nimport type { DepID } from '@vltpkg/dep-id'\n\nexport * from './types.ts'\n\nexport type SearchOptions = {\n signal: AbortSignal\n scopeIDs?: DepID[]\n}\n\nconst noopFn = async (state: ParserState) => state\n\nconst selectors = {\n attribute,\n /* c8 ignore start */\n class: async (state: ParserState) => {\n throw error('Unsupported selector', { found: state.current })\n },\n /* c8 ignore end */\n combinator,\n comment: async (state: ParserState) => {\n if (state.current.value && !state.comment) {\n const commentValue = state.current.value\n const cleanComment = commentValue\n .replace(/^\\/\\*/, '')\n .replace(/\\*\\/$/, '')\n .trim()\n state.comment = cleanComment\n }\n return state\n },\n id,\n nesting: noopFn,\n pseudo,\n root: noopFn,\n selector: async (state: ParserState) => {\n state.partial.nodes = new Set(state.initial.nodes)\n state.partial.edges = new Set(state.initial.edges)\n return state\n },\n string: async (state: ParserState) => {\n throw error('Unsupported selector', { found: state.current })\n },\n tag: async (state: ParserState) => {\n if (state.current.value !== '{' && state.current.value !== '}') {\n throw error('Unsupported selector', { found: state.current })\n }\n return state\n },\n universal: noopFn,\n}\nconst selectorsMap = new Map<string, ParserFn>(\n Object.entries(selectors),\n)\n\nexport const walk = async (\n state: ParserState,\n): Promise<ParserState> => {\n await state.cancellable()\n\n const parserFn = selectorsMap.get(state.current.type)\n\n if (!parserFn) {\n if (state.loose) {\n return state\n }\n\n throw error(\n `Missing parser for query node: ${state.current.type}`,\n {\n found: state.current,\n },\n )\n }\n state = await parserFn(state)\n\n // pseudo selectors handle their own sub selectors\n if (\n isPostcssNodeWithChildren(state.current) &&\n state.current.type !== 'pseudo'\n ) {\n const node: PostcssNodeWithChildren = asPostcssNodeWithChildren(\n state.current,\n )\n\n if (node.nodes.length) {\n for (let i = 0; i < node.nodes.length; i++) {\n const current = node.nodes[i]\n /* c8 ignore next -- impossible but TS doesn't know that */\n if (!current) continue\n\n const childState: ParserState = {\n ...state,\n current,\n next: node.nodes[i + 1],\n prev: node.nodes[i - 1],\n }\n state = await walk(childState)\n }\n }\n\n if (isSelectorNode(node)) {\n for (const edge of state.partial.edges) {\n state.collect.edges.add(edge)\n }\n for (const node of state.partial.nodes) {\n state.collect.nodes.add(node)\n }\n }\n }\n return state\n}\n\nexport type QueryOptions = {\n edges: Set<EdgeLike>\n nodes: Set<NodeLike>\n importers: Set<NodeLike>\n retries?: number\n securityArchive: SecurityArchiveLike | undefined\n hostContexts?: HostContextsMap\n}\n\n// A list of known security selectors that rely on\n// data from the security-archive in order to work\nconst securitySelectors = new Set([\n ':abandoned',\n ':confused',\n ':cve',\n ':cwe',\n ':debug',\n ':deprecated',\n ':dynamic',\n ':entropic',\n ':env',\n ':eval',\n ':fs',\n ':license',\n ':malware',\n ':minified',\n ':native',\n ':network',\n ':obfuscated',\n ':scanned',\n ':score',\n ':scripts',\n ':sev',\n ':severity',\n ':shell',\n ':shrinkwrap',\n ':squat',\n ':suspicious',\n ':tracker',\n ':trivial',\n ':undesirable',\n ':unknown',\n ':unmaintained',\n ':unpopular',\n ':unstable',\n])\n\nconst setMethodToJSON = (node: QueryResponseNode) => {\n const { toJSON } = node\n const insights = node.insights\n node.toJSON = () => ({\n ...toJSON.call(node),\n insights,\n })\n}\n\n/**\n * The Query class is used to search the graph for nodes and edges\n * using the Dependency Selector Syntax (DSS).\n */\nexport class Query {\n #cache: Map<string, QueryResponse>\n #edges: Set<EdgeLike>\n #nodes: Set<NodeLike>\n #importers: Set<NodeLike>\n #retries: number\n #securityArchive: SecurityArchiveLike | undefined\n #hostContexts: HostContextsMap | undefined\n\n /**\n * Helper method to determine if a given query string is using any of\n * the known security selectors. This is useful so that operations can\n * skip hydrating the security archive if it's not needed.\n */\n static hasSecuritySelectors(query: string): boolean {\n for (const selector of securitySelectors) {\n if (query.includes(selector)) {\n return true\n }\n }\n return false\n }\n\n /**\n * Sorts an array of QueryResponse objects by specificity. Objects with\n * higher idCounter values come first, if idCounter values are equal,\n * then objects with higher commonCounter values come first. Otherwise,\n * the original order is preserved.\n */\n static specificitySort(\n responses: QueryResponse[],\n ): QueryResponse[] {\n return [...responses].sort((a, b) => {\n // First compare by idCounter (higher comes first)\n if (a.specificity.idCounter !== b.specificity.idCounter) {\n return b.specificity.idCounter - a.specificity.idCounter\n }\n\n // If idCounter values are equal, compare by commonCounter\n if (\n a.specificity.commonCounter !== b.specificity.commonCounter\n ) {\n return (\n b.specificity.commonCounter - a.specificity.commonCounter\n )\n }\n\n // If both counters are equal, preserve original order\n return 0\n })\n }\n\n constructor({\n edges,\n nodes,\n importers,\n retries,\n securityArchive,\n hostContexts,\n }: QueryOptions) {\n this.#cache = new Map()\n this.#edges = edges\n this.#nodes = nodes\n this.#importers = importers\n this.#retries = retries ?? 3\n this.#securityArchive = securityArchive\n this.#hostContexts = hostContexts\n }\n\n #getQueryResponseEdges(_edges: Set<EdgeLike>): QueryResponseEdge[] {\n return Array.from(_edges) as QueryResponseEdge[]\n }\n\n #getQueryResponseNodes(_nodes: Set<NodeLike>): QueryResponseNode[] {\n const nodes = Array.from(_nodes) as QueryResponseNode[]\n for (const node of nodes) {\n const securityArchiveEntry = this.#securityArchive?.get(node.id)\n\n // if a security archive entry is not found then the insights object\n // should just be empty with scanned=false\n if (!securityArchiveEntry) {\n node.insights = {\n scanned: false,\n }\n\n setMethodToJSON(node)\n continue\n }\n\n // if a security archive entry is found then we can populate the insights\n node.insights = {\n scanned: true,\n score: securityArchiveEntry.score,\n abandoned: securityArchiveEntry.alerts.some(\n i => i.type === 'missingAuthor',\n ),\n confused: securityArchiveEntry.alerts.some(\n i => i.type === 'manifestConfusion',\n ),\n cve: securityArchiveEntry.alerts\n .map(i => i.props?.cveId)\n .filter(i => i !== undefined),\n cwe: Array.from(\n new Set(\n securityArchiveEntry.alerts\n .filter(i => i.props?.cveId)\n .flatMap(i => i.props?.cwes?.map(j => j.id)),\n ),\n ) as `CWE-${string}`[],\n debug: securityArchiveEntry.alerts.some(\n i => i.type === 'debugAccess',\n ),\n deprecated: securityArchiveEntry.alerts.some(\n i => i.type === 'deprecated',\n ),\n dynamic: securityArchiveEntry.alerts.some(\n i => i.type === 'dynamicRequire',\n ),\n entropic: securityArchiveEntry.alerts.some(\n i => i.type === 'highEntropyStrings',\n ),\n env: securityArchiveEntry.alerts.some(\n i => i.type === 'envVars',\n ),\n eval: securityArchiveEntry.alerts.some(\n i => i.type === 'usesEval',\n ),\n fs: securityArchiveEntry.alerts.some(\n i => i.type === 'filesystemAccess',\n ),\n license: {\n unlicensed: securityArchiveEntry.alerts.some(\n i => i.type === 'explicitlyUnlicensedItem',\n ),\n misc: securityArchiveEntry.alerts.some(\n i => i.type === 'miscLicenseIssues',\n ),\n restricted: securityArchiveEntry.alerts.some(\n i => i.type === 'nonpermissiveLicense',\n ),\n ambiguous: securityArchiveEntry.alerts.some(\n i => i.type === 'ambiguousClassifier',\n ),\n copyleft: securityArchiveEntry.alerts.some(\n i => i.type === 'copyleftLicense',\n ),\n unknown: securityArchiveEntry.alerts.some(\n i => i.type === 'unidentifiedLicense',\n ),\n none: securityArchiveEntry.alerts.some(\n i => i.type === 'noLicenseFound',\n ),\n exception: securityArchiveEntry.alerts.some(\n i => i.type === 'licenseException',\n ),\n },\n malware: {\n low: securityArchiveEntry.alerts.some(\n i => i.type === 'gptAnomaly',\n ),\n medium: securityArchiveEntry.alerts.some(\n i => i.type === 'gptSecurity',\n ),\n high: securityArchiveEntry.alerts.some(\n i => i.type === 'gptMalware',\n ),\n critical: securityArchiveEntry.alerts.some(\n i => i.type === 'malware',\n ),\n },\n minified: securityArchiveEntry.alerts.some(\n i => i.type === 'minifiedFile',\n ),\n native: securityArchiveEntry.alerts.some(\n i => i.type === 'hasNativeCode',\n ),\n network: securityArchiveEntry.alerts.some(\n i => i.type === 'networkAccess',\n ),\n obfuscated: securityArchiveEntry.alerts.some(\n i => i.type === 'obfuscatedFile',\n ),\n scripts: securityArchiveEntry.alerts.some(\n i => i.type === 'installScripts',\n ),\n severity: {\n low: securityArchiveEntry.alerts.some(\n i => i.type === 'mildCVE',\n ),\n medium: securityArchiveEntry.alerts.some(\n i => i.type === 'potentialVulnerability',\n ),\n high: securityArchiveEntry.alerts.some(\n i => i.type === 'cve',\n ),\n critical: securityArchiveEntry.alerts.some(\n i => i.type === 'criticalCVE',\n ),\n },\n shell: securityArchiveEntry.alerts.some(\n i => i.type === 'shellAccess',\n ),\n shrinkwrap: securityArchiveEntry.alerts.some(\n i => i.type === 'shrinkwrap',\n ),\n squat: {\n medium: securityArchiveEntry.alerts.some(\n i => i.type === 'gptDidYouMean',\n ),\n critical: securityArchiveEntry.alerts.some(\n i => i.type === 'didYouMean',\n ),\n },\n suspicious: securityArchiveEntry.alerts.some(\n i => i.type === 'suspiciousStarActivity',\n ),\n tracker: securityArchiveEntry.alerts.some(\n i => i.type === 'telemetry',\n ),\n trivial: securityArchiveEntry.alerts.some(\n i => i.type === 'trivialPackage',\n ),\n undesirable: securityArchiveEntry.alerts.some(\n i => i.type === 'troll',\n ),\n unknown: securityArchiveEntry.alerts.some(\n i => i.type === 'newAuthor',\n ),\n unmaintained: securityArchiveEntry.alerts.some(\n i => i.type === 'unmaintained',\n ),\n unpopular: securityArchiveEntry.alerts.some(\n i => i.type === 'unpopularPackage',\n ),\n unstable: securityArchiveEntry.alerts.some(\n i => i.type === 'unstableOwnership',\n ),\n }\n\n setMethodToJSON(node)\n }\n return nodes\n }\n\n /**\n * Search the graph for nodes and edges that match the given query.\n */\n async search(\n query: string,\n {\n signal,\n scopeIDs = [joinDepIDTuple(['file', '.'])],\n }: SearchOptions,\n ): Promise<QueryResponse> {\n if (!query)\n return {\n edges: [],\n nodes: [],\n importers: [],\n comment: '',\n specificity: { idCounter: 0, commonCounter: 0 },\n }\n\n const cachedResult = this.#cache.get(query)\n if (cachedResult) {\n return cachedResult\n }\n\n const nodes = this.#nodes\n const edges = this.#edges\n const importers = this.#importers\n\n // includes virtual workspace edges in the searched edges\n for (const importer of importers) {\n if (!importer.workspaces) continue\n for (const edge of importer.workspaces.values()) {\n edges.add(edge)\n }\n }\n\n // parse the query string into AST\n const current = parse(query)\n // set loose mode for the entire parse in case there are multiple selectors\n // so that using invalid pseudo selectors or other query language parser\n // errors won't throw an error,\n // e.g: `:root > *, #a, :foo` still returns results for `:root > ` and `#a`\n // while :foo is ignored\n const loose = asPostcssNodeWithChildren(current).nodes.length > 1\n // builds initial state and walks over it,\n // retrieving the collected result\n const {\n collect,\n comment,\n importers: stateResultImporters,\n specificity,\n } = await walk({\n cancellable: async () => {\n await new Promise(resolve => {\n setTimeout(resolve, 0)\n })\n signal.throwIfAborted()\n },\n current,\n initial: {\n nodes: new Set(nodes),\n edges: new Set(edges),\n },\n collect: {\n nodes: new Set<NodeLike>(),\n edges: new Set<EdgeLike>(),\n },\n comment: '',\n loose,\n importers,\n partial: { nodes, edges },\n retries: this.#retries,\n signal,\n securityArchive: this.#securityArchive,\n scopeIDs,\n walk,\n specificity: { idCounter: 0, commonCounter: 0 },\n hostContexts: this.#hostContexts,\n })\n\n const res: QueryResponse = {\n edges: this.#getQueryResponseEdges(collect.edges),\n nodes: this.#getQueryResponseNodes(collect.nodes),\n importers: this.#getQueryResponseNodes(stateResultImporters),\n comment,\n specificity,\n }\n this.#cache.set(query, res)\n return res\n }\n\n /**\n * Parses a query string in order to retrieve an array of tokens.\n */\n static getQueryTokens(query: string): ParsedSelectorToken[] {\n if (!query) return []\n\n const tokens: ParsedSelectorToken[] = []\n\n const ast = (q: string) => {\n try {\n return parse(q)\n } catch (_e) {\n return ast(q.slice(0, -1))\n }\n }\n\n const processNode = (node: PostcssNode) => {\n for (const key of selectorsMap.keys()) {\n if (node.type === key && node.type !== 'root') {\n let token = `${node.spaces.before}${node.value}${node.spaces.after}`\n\n if (isIdentifierNode(node)) {\n token = `${node.spaces.before}#${node.value}${node.spaces.after}`\n } else if (isSelectorNode(node)) {\n token = `${node.spaces.before},${node.spaces.after}`\n } else if (isAttributeNode(node)) {\n token = String(\n node.source?.start?.column &&\n node.source.end?.column &&\n `${node.spaces.before}${query.slice(node.source.start.column - 1, node.source.end.column)}${node.spaces.after}`,\n )\n }\n\n if (\n isPostcssNodeWithChildren(node) &&\n isPseudoNode(node) &&\n node.nodes.length\n ) {\n token = String(token.split('(')[0])\n token += '('\n }\n\n if (\n !isSelectorNode(node) ||\n node.parent?.nodes.indexOf(node) !== 0\n ) {\n tokens.push({\n ...node,\n token,\n } as ParsedSelectorToken)\n }\n }\n }\n if (isPostcssNodeWithChildren(node)) {\n for (const child of node.nodes) {\n processNode(child)\n }\n if (isPseudoNode(node) && node.nodes.length) {\n tokens.push({\n ...node,\n token: ')' + node.spaces.after,\n type: 'pseudo',\n } as ParsedSelectorToken)\n }\n }\n }\n\n processNode(ast(query))\n return tokens\n }\n}\n"]}
package/dist/esm/parser.d.ts ADDED
@@ -0,0 +1,15 @@
1
+ import type { Root } from 'postcss-selector-parser';
2
+ /**
3
+ * Escapes forward slashes in specific patterns matching @scoped/name paths
4
+ * This will allow usage of unescaped forward slashes necessary for scoped
5
+ * package names in the id selector.
6
+ */
7
+ export declare const escapeScopedNamesSlashes: (query: string) => string;
8
+ export declare const escapeDots: (query: string) => string;
9
+ export declare const unescapeDots: (query: string) => string;
10
+ /**
11
+ * Parses a CSS selector string into an AST
12
+ * Handles escaping of forward slashes in specific patterns
13
+ */
14
+ export declare const parse: (query: string) => Root;
15
+ //# sourceMappingURL=parser.d.ts.map
package/dist/esm/parser.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"parser.d.ts","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAU,IAAI,EAAE,MAAM,yBAAyB,CAAA;AAG3D;;;;GAIG;AACH,eAAO,MAAM,wBAAwB,UAAW,MAAM,KAAG,MAItD,CAAA;AAEH,eAAO,MAAM,UAAU,UAAW,MAAM,KAAG,MACb,CAAA;AAE9B,eAAO,MAAM,YAAY,UAAW,MAAM,KAAG,MACf,CAAA;AAiB9B;;;GAGG;AACH,eAAO,MAAM,KAAK,UAAW,MAAM,KAAG,IA0ErC,CAAA"}
package/dist/esm/parser.js ADDED
@@ -0,0 +1,93 @@
1
+ import postcssSelectorParser from 'postcss-selector-parser';
2
+ import { asSelectorNode, isCombinatorNode, isPseudoNode, isTagNode, } from '@vltpkg/dss-parser';
3
+ /**
4
+ * Escapes forward slashes in specific patterns matching @scoped/name paths
5
+ * This will allow usage of unescaped forward slashes necessary for scoped
6
+ * package names in the id selector.
7
+ */
8
+ export const escapeScopedNamesSlashes = (query) => query.replace(/(#@(\w|-|\.)+)\//gm, (_, scope) => `${scope}\\/`);
9
+ export const escapeDots = (query) => query.replaceAll('.', '\\.');
10
+ export const unescapeDots = (query) => query.replaceAll('\\.', '.');
11
+ const pseudoCleanUpNeeded = new Set([
12
+ ':published',
13
+ ':score',
14
+ ':malware',
15
+ ':severity',
16
+ ':sev',
17
+ ':squat',
18
+ ':semver',
19
+ ':v',
20
+ ':path',
21
+ ]);
22
+ const hasParamsToEscape = (node) => pseudoCleanUpNeeded.has(node.value);
23
+ /**
24
+ * Parses a CSS selector string into an AST
25
+ * Handles escaping of forward slashes in specific patterns
26
+ */
27
+ export const parse = (query) => {
28
+ const escapedQuery = escapeDots(escapeScopedNamesSlashes(query));
29
+ const transformAst = (root) => {
30
+ root.walk((node) => {
31
+ // clean up the escaped dots
32
+ if (node.value && typeof node.value === 'string') {
33
+ node.value = unescapeDots(node.value);
34
+ }
35
+ if (isPseudoNode(node) && hasParamsToEscape(node)) {
36
+ // these are pseudo nodes that should only take strings as
37
+ // parameters, so in this preparse step we clean up anything
38
+ // that was recognized as a postcss node and transform that
39
+ // into something that can be most likely parsed as a string
40
+ for (const n of node.nodes) {
41
+ // the parameters have a selector node that wraps them up
42
+ const selector = asSelectorNode(n);
43
+ selector.nodes.forEach((currentNode, index, arr) => {
44
+ // get the next node, we'll update it later
45
+ const nextNode = arr[index + 1];
46
+ // if the current node is a combinator node, we'll need to
47
+ // escape it, we do so by removing the node entirely and
48
+ // updating the contents of the next node with its value
49
+ if (isCombinatorNode(currentNode) &&
50
+ isTagNode(nextNode)) {
51
+ nextNode.value = `${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}${nextNode.value}`;
52
+ // make sure to also update the source position
53
+ // references, those are used by the syntax highlighter
54
+ if (nextNode.source?.start?.line &&
55
+ currentNode.source?.start?.line) {
56
+ nextNode.source.start.line =
57
+ currentNode.source.start.line;
58
+ }
59
+ if (nextNode.source?.start?.column &&
60
+ currentNode.source?.start?.column) {
61
+ nextNode.source.start.column =
62
+ currentNode.source.start.column;
63
+ }
64
+ // removes the current node from the selector node
65
+ arr.splice(index, 1);
66
+ }
67
+ });
68
+ // after removing combinator nodes, if we end up with multiple
69
+ // tags in the selector node, we need to smush them together
70
+ selector.nodes.reduce((acc, currentNode) => {
71
+ if (currentNode === acc)
72
+ return acc;
73
+ acc.value = `${acc.value}${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}`;
74
+ // make sure to also update the source position refs
75
+ if (currentNode.source?.end?.line &&
76
+ acc.source?.end?.line) {
77
+ acc.source.end.line = currentNode.source.end.line;
78
+ }
79
+ if (currentNode.source?.end?.column &&
80
+ acc.source?.end?.column) {
81
+ acc.source.end.column = currentNode.source.end.column;
82
+ }
83
+ return acc;
84
+ }, selector.first);
85
+ // the selector wrapper node should have a single node
86
+ selector.nodes.length = 1;
87
+ }
88
+ }
89
+ });
90
+ };
91
+ return postcssSelectorParser(transformAst).astSync(escapedQuery);
92
+ };
93
+ //# sourceMappingURL=parser.js.map
package/dist/esm/parser.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"parser.js","sourceRoot":"","sources":["../../src/parser.ts"],"names":[],"mappings":"AAAA,OAAO,qBAAqB,MAAM,yBAAyB,CAAA;AAC3D,OAAO,EACL,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,SAAS,GACV,MAAM,oBAAoB,CAAA;AAI3B;;;;GAIG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,KAAa,EAAU,EAAE,CAChE,KAAK,CAAC,OAAO,CACX,oBAAoB,EACpB,CAAC,CAAC,EAAE,KAAa,EAAE,EAAE,CAAC,GAAG,KAAK,KAAK,CACpC,CAAA;AAEH,MAAM,CAAC,MAAM,UAAU,GAAG,CAAC,KAAa,EAAU,EAAE,CAClD,KAAK,CAAC,UAAU,CAAC,GAAG,EAAE,KAAK,CAAC,CAAA;AAE9B,MAAM,CAAC,MAAM,YAAY,GAAG,CAAC,KAAa,EAAU,EAAE,CACpD,KAAK,CAAC,UAAU,CAAC,KAAK,EAAE,GAAG,CAAC,CAAA;AAE9B,MAAM,mBAAmB,GAAG,IAAI,GAAG,CAAC;IAClC,YAAY;IACZ,QAAQ;IACR,UAAU;IACV,WAAW;IACX,MAAM;IACN,QAAQ;IACR,SAAS;IACT,IAAI;IACJ,OAAO;CACR,CAAC,CAAA;AAEF,MAAM,iBAAiB,GAAG,CAAC,IAAY,EAAE,EAAE,CACzC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;AAErC;;;GAGG;AACH,MAAM,CAAC,MAAM,KAAK,GAAG,CAAC,KAAa,EAAQ,EAAE;IAC3C,MAAM,YAAY,GAAG,UAAU,CAAC,wBAAwB,CAAC,KAAK,CAAC,CAAC,CAAA;IAChE,MAAM,YAAY,GAAG,CAAC,IAAU,EAAE,EAAE;QAClC,IAAI,CAAC,IAAI,CAAC,CAAC,IAAiB,EAAE,EAAE;YAC9B,4BAA4B;YAC5B,IAAI,IAAI,CAAC,KAAK,IAAI,OAAO,IAAI,CAAC,KAAK,KAAK,QAAQ,EAAE,CAAC;gBACjD,IAAI,CAAC,KAAK,GAAG,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAA;YACvC,CAAC;YACD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,iBAAiB,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClD,0DAA0D;gBAC1D,4DAA4D;gBAC5D,2DAA2D;gBAC3D,4DAA4D;gBAC5D,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;oBAC3B,yDAAyD;oBACzD,MAAM,QAAQ,GAAG,cAAc,CAAC,CAAC,CAAC,CAAA;oBAClC,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,KAAK,EAAE,GAAG,EAAE,EAAE;wBACjD,2CAA2C;wBAC3C,MAAM,QAAQ,GAAG,GAAG,CAAC,KAAK,GAAG,CAAC,CAAC,CAAA;wBAC/B,0DAA0D;wBAC1D,wDAAwD;wBACxD,wDAAwD;wBACxD,IACE,gBAAgB,CAAC,WAAW,CAAC;4BAC7B,SAAS,CAAC,QAAQ,CAAC,EACnB,CAAC;4BACD,QAAQ,CAAC,KAAK,GAAG,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAA;4BAC/G,+CAA+C;4BAC/C,uDAAuD;4BACvD,IACE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI;gCAC5B,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAC/B,CAAC;gCACD,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI;oCACxB,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAA;4BACjC,CAAC;4BACD,IACE,QAAQ,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM;gCAC9B,WAAW,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,EACjC,CAAC;gCACD,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM;oCAC1B,WAAW,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAA;4BACnC,CAAC;4BACD,kDAAkD;4BAClD,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAA;wBACtB,CAAC;oBACH,CAAC,CAAC,CAAA;oBACF,8DAA8D;oBAC9D,4DAA4D;oBAC5D,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,WAAW,EAAE,EAAE;wBACzC,IAAI,WAAW,KAAK,GAAG;4BAAE,OAAO,GAAG,CAAA;wBACnC,GAAG,CAAC,KAAK,GAAG,GAAG,GAAG,CAAC,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,MAAM,GAAG,WAAW,CAAC,KAAK,GAAG,WAAW,CAAC,MAAM,CAAC,KAAK,EAAE,CAAA;wBACrG,oDAAoD;wBACpD,IACE,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI;4BAC7B,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,IAAI,EACrB,CAAC;4BACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,CAAA;wBACnD,CAAC;wBACD,IACE,WAAW,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM;4BAC/B,GAAG,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,EACvB,CAAC;4BACD,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG,CAAC,MAAM,CAAA;wBACvD,CAAC;wBACD,OAAO,GAAG,CAAA;oBACZ,CAAC,EAAE,QAAQ,CAAC,KAAK,CAAC,CAAA;oBAClB,sDAAsD;oBACtD,QAAQ,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAA;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAA;IACJ,CAAC,CAAA;IACD,OAAO,qBAAqB,CAAC,YAAY,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAA;AAClE,CAAC,CAAA","sourcesContent":["import postcssSelectorParser from 'postcss-selector-parser'\nimport {\n asSelectorNode,\n isCombinatorNode,\n isPseudoNode,\n isTagNode,\n} from '@vltpkg/dss-parser'\nimport type { Pseudo, Root } from 'postcss-selector-parser'\nimport type { PostcssNode } from '@vltpkg/dss-parser'\n\n/**\n * Escapes forward slashes in specific patterns matching @scoped/name paths\n * This will allow usage of unescaped forward slashes necessary for scoped\n * package names in the id selector.\n */\nexport const escapeScopedNamesSlashes = (query: string): string =>\n query.replace(\n /(#@(\\w|-|\\.)+)\\//gm,\n (_, scope: string) => `${scope}\\\\/`,\n )\n\nexport const escapeDots = (query: string): string =>\n query.replaceAll('.', '\\\\.')\n\nexport const unescapeDots = (query: string): string =>\n query.replaceAll('\\\\.', '.')\n\nconst pseudoCleanUpNeeded = new Set([\n ':published',\n ':score',\n ':malware',\n ':severity',\n ':sev',\n ':squat',\n ':semver',\n ':v',\n ':path',\n])\n\nconst hasParamsToEscape = (node: Pseudo) =>\n pseudoCleanUpNeeded.has(node.value)\n\n/**\n * Parses a CSS selector string into an AST\n * Handles escaping of forward slashes in specific patterns\n */\nexport const parse = (query: string): Root => {\n const escapedQuery = escapeDots(escapeScopedNamesSlashes(query))\n const transformAst = (root: Root) => {\n root.walk((node: PostcssNode) => {\n // clean up the escaped dots\n if (node.value && typeof node.value === 'string') {\n node.value = unescapeDots(node.value)\n }\n if (isPseudoNode(node) && hasParamsToEscape(node)) {\n // these are pseudo nodes that should only take strings as\n // parameters, so in this preparse step we clean up anything\n // that was recognized as a postcss node and transform that\n // into something that can be most likely parsed as a string\n for (const n of node.nodes) {\n // the parameters have a selector node that wraps them up\n const selector = asSelectorNode(n)\n selector.nodes.forEach((currentNode, index, arr) => {\n // get the next node, we'll update it later\n const nextNode = arr[index + 1]\n // if the current node is a combinator node, we'll need to\n // escape it, we do so by removing the node entirely and\n // updating the contents of the next node with its value\n if (\n isCombinatorNode(currentNode) &&\n isTagNode(nextNode)\n ) {\n nextNode.value = `${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}${nextNode.value}`\n // make sure to also update the source position\n // references, those are used by the syntax highlighter\n if (\n nextNode.source?.start?.line &&\n currentNode.source?.start?.line\n ) {\n nextNode.source.start.line =\n currentNode.source.start.line\n }\n if (\n nextNode.source?.start?.column &&\n currentNode.source?.start?.column\n ) {\n nextNode.source.start.column =\n currentNode.source.start.column\n }\n // removes the current node from the selector node\n arr.splice(index, 1)\n }\n })\n // after removing combinator nodes, if we end up with multiple\n // tags in the selector node, we need to smush them together\n selector.nodes.reduce((acc, currentNode) => {\n if (currentNode === acc) return acc\n acc.value = `${acc.value}${currentNode.spaces.before}${currentNode.value}${currentNode.spaces.after}`\n // make sure to also update the source position refs\n if (\n currentNode.source?.end?.line &&\n acc.source?.end?.line\n ) {\n acc.source.end.line = currentNode.source.end.line\n }\n if (\n currentNode.source?.end?.column &&\n acc.source?.end?.column\n ) {\n acc.source.end.column = currentNode.source.end.column\n }\n return acc\n }, selector.first)\n // the selector wrapper node should have a single node\n selector.nodes.length = 1\n }\n }\n })\n }\n return postcssSelectorParser(transformAst).astSync(escapedQuery)\n}\n"]}
package/dist/esm/pseudo/abandoned.d.ts ADDED
@@ -0,0 +1,7 @@
1
+ /**
2
+ * Filters out any node that does not have a **missingAuthor** report alert.
3
+ */
4
+ export declare const abandoned: (state: import("../types.ts").ParserState) => Promise<import("../types.ts").ParserState & {
5
+ securityArchive: NonNullable<import("../types.ts").ParserState["securityArchive"]>;
6
+ }>;
7
+ //# sourceMappingURL=abandoned.d.ts.map
package/dist/esm/pseudo/abandoned.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"abandoned.d.ts","sourceRoot":"","sources":["../../../src/pseudo/abandoned.ts"],"names":[],"mappings":"AAEA;;GAEG;AACH,eAAO,MAAM,SAAS;;EAGrB,CAAA"}
package/dist/esm/pseudo/abandoned.js ADDED
@@ -0,0 +1,6 @@
1
+ import { createSecuritySelectorFilter } from "./helpers.js";
2
+ /**
3
+ * Filters out any node that does not have a **missingAuthor** report alert.
4
+ */
5
+ export const abandoned = createSecuritySelectorFilter('abandoned', 'missingAuthor');
6
+ //# sourceMappingURL=abandoned.js.map
package/dist/esm/pseudo/abandoned.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"abandoned.js","sourceRoot":"","sources":["../../../src/pseudo/abandoned.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,4BAA4B,EAAE,MAAM,cAAc,CAAA;AAE3D;;GAEG;AACH,MAAM,CAAC,MAAM,SAAS,GAAG,4BAA4B,CACnD,WAAW,EACX,eAAe,CAChB,CAAA","sourcesContent":["import { createSecuritySelectorFilter } from './helpers.ts'\n\n/**\n * Filters out any node that does not have a **missingAuthor** report alert.\n */\nexport const abandoned = createSecuritySelectorFilter(\n 'abandoned',\n 'missingAuthor',\n)\n"]}