@vyuhlabs/dxkit 2.10.0 → 2.11.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (109) hide show
  1. package/CHANGELOG.md +98 -0
  2. package/dist/allowlist/cli.d.ts +23 -23
  3. package/dist/allowlist/cli.d.ts.map +1 -1
  4. package/dist/allowlist/cli.js +72 -34
  5. package/dist/allowlist/cli.js.map +1 -1
  6. package/dist/allowlist/file.d.ts +7 -1
  7. package/dist/allowlist/file.d.ts.map +1 -1
  8. package/dist/allowlist/file.js +7 -1
  9. package/dist/allowlist/file.js.map +1 -1
  10. package/dist/analysis-result.d.ts +10 -0
  11. package/dist/analysis-result.d.ts.map +1 -1
  12. package/dist/analyzers/cache.d.ts +1 -0
  13. package/dist/analyzers/cache.d.ts.map +1 -1
  14. package/dist/analyzers/cache.js +69 -0
  15. package/dist/analyzers/cache.js.map +1 -1
  16. package/dist/analyzers/security/aggregator.d.ts +90 -90
  17. package/dist/analyzers/security/aggregator.d.ts.map +1 -1
  18. package/dist/analyzers/security/aggregator.js +140 -56
  19. package/dist/analyzers/security/aggregator.js.map +1 -1
  20. package/dist/analyzers/security/gather.d.ts +2 -0
  21. package/dist/analyzers/security/gather.d.ts.map +1 -1
  22. package/dist/analyzers/security/gather.js +30 -4
  23. package/dist/analyzers/security/gather.js.map +1 -1
  24. package/dist/analyzers/security/types.d.ts +29 -7
  25. package/dist/analyzers/security/types.d.ts.map +1 -1
  26. package/dist/analyzers/tools/fingerprint.d.ts +133 -20
  27. package/dist/analyzers/tools/fingerprint.d.ts.map +1 -1
  28. package/dist/analyzers/tools/fingerprint.js +194 -20
  29. package/dist/analyzers/tools/fingerprint.js.map +1 -1
  30. package/dist/analyzers/tools/gitleaks.d.ts +2 -2
  31. package/dist/analyzers/tools/gitleaks.d.ts.map +1 -1
  32. package/dist/analyzers/tools/gitleaks.js +7 -1
  33. package/dist/analyzers/tools/gitleaks.js.map +1 -1
  34. package/dist/analyzers/tools/graphify.d.ts.map +1 -1
  35. package/dist/analyzers/tools/graphify.js +28 -0
  36. package/dist/analyzers/tools/graphify.js.map +1 -1
  37. package/dist/analyzers/tools/grep-secrets.d.ts.map +1 -1
  38. package/dist/analyzers/tools/grep-secrets.js +22 -12
  39. package/dist/analyzers/tools/grep-secrets.js.map +1 -1
  40. package/dist/analyzers/tools/salt.d.ts +68 -0
  41. package/dist/analyzers/tools/salt.d.ts.map +1 -0
  42. package/dist/{baseline → analyzers/tools}/salt.js +59 -18
  43. package/dist/analyzers/tools/salt.js.map +1 -0
  44. package/dist/analyzers/tools/semgrep.d.ts +7 -7
  45. package/dist/analyzers/tools/semgrep.d.ts.map +1 -1
  46. package/dist/analyzers/tools/semgrep.js +14 -7
  47. package/dist/analyzers/tools/semgrep.js.map +1 -1
  48. package/dist/analyzers/tools/tool-registry.js +4 -4
  49. package/dist/baseline/baseline-file.d.ts +9 -2
  50. package/dist/baseline/baseline-file.d.ts.map +1 -1
  51. package/dist/baseline/baseline-file.js.map +1 -1
  52. package/dist/baseline/check-renderers.d.ts.map +1 -1
  53. package/dist/baseline/check-renderers.js +14 -0
  54. package/dist/baseline/check-renderers.js.map +1 -1
  55. package/dist/baseline/check.d.ts +33 -0
  56. package/dist/baseline/check.d.ts.map +1 -1
  57. package/dist/baseline/check.js +78 -2
  58. package/dist/baseline/check.js.map +1 -1
  59. package/dist/baseline/create.d.ts +1 -1
  60. package/dist/baseline/create.d.ts.map +1 -1
  61. package/dist/baseline/create.js +3 -1
  62. package/dist/baseline/create.js.map +1 -1
  63. package/dist/baseline/finding-identity.d.ts +20 -13
  64. package/dist/baseline/finding-identity.d.ts.map +1 -1
  65. package/dist/baseline/finding-identity.js +51 -20
  66. package/dist/baseline/finding-identity.js.map +1 -1
  67. package/dist/baseline/migrate.d.ts +94 -0
  68. package/dist/baseline/migrate.d.ts.map +1 -0
  69. package/dist/baseline/migrate.js +238 -0
  70. package/dist/baseline/migrate.js.map +1 -0
  71. package/dist/baseline/producers/security.d.ts +9 -9
  72. package/dist/baseline/producers/security.d.ts.map +1 -1
  73. package/dist/baseline/producers/security.js +16 -4
  74. package/dist/baseline/producers/security.js.map +1 -1
  75. package/dist/baseline/types.d.ts +145 -95
  76. package/dist/baseline/types.d.ts.map +1 -1
  77. package/dist/baseline/types.js +30 -26
  78. package/dist/baseline/types.js.map +1 -1
  79. package/dist/explore/finding-context.d.ts +17 -0
  80. package/dist/explore/finding-context.d.ts.map +1 -1
  81. package/dist/explore/finding-context.js +34 -0
  82. package/dist/explore/finding-context.js.map +1 -1
  83. package/dist/explore/queries.d.ts +32 -15
  84. package/dist/explore/queries.d.ts.map +1 -1
  85. package/dist/explore/queries.js +36 -6
  86. package/dist/explore/queries.js.map +1 -1
  87. package/dist/ingest/normalize.d.ts +1 -1
  88. package/dist/ingest/normalize.d.ts.map +1 -1
  89. package/dist/ingest/normalize.js +5 -1
  90. package/dist/ingest/normalize.js.map +1 -1
  91. package/dist/ingest/sarif.d.ts.map +1 -1
  92. package/dist/ingest/sarif.js +16 -7
  93. package/dist/ingest/sarif.js.map +1 -1
  94. package/dist/ingest/types.d.ts +23 -12
  95. package/dist/ingest/types.d.ts.map +1 -1
  96. package/dist/languages/capabilities/types.d.ts +64 -53
  97. package/dist/languages/capabilities/types.d.ts.map +1 -1
  98. package/dist/languages/capabilities/types.js +4 -4
  99. package/dist/update.d.ts.map +1 -1
  100. package/dist/update.js +49 -0
  101. package/dist/update.js.map +1 -1
  102. package/dist/upgrade.d.ts.map +1 -1
  103. package/dist/upgrade.js +2 -1
  104. package/dist/upgrade.js.map +1 -1
  105. package/package.json +6 -3
  106. package/templates/.claude/skills/dxkit-update/SKILL.md +45 -4
  107. package/dist/baseline/salt.d.ts +0 -45
  108. package/dist/baseline/salt.d.ts.map +0 -1
  109. package/dist/baseline/salt.js.map +0 -1
@@ -10,46 +10,46 @@
10
10
  *
11
11
  * The disease this closes (D086 / D087 / D091):
12
12
  *
13
- * - **D086** Health Security section and standalone vuln-scan Code
14
- * Findings table both reported "code findings by severity" but
15
- * came up with different numbers (`0C 11H 18M 0L` vs
16
- * `0C 17H 14M 0L`) on the same repo. Two consumers, two
17
- * aggregation paths, slightly-different inclusion rules.
13
+ * - **D086** Health Security section and standalone vuln-scan Code
14
+ * Findings table both reported "code findings by severity" but
15
+ * came up with different numbers (`0C 11H 18M 0L` vs
16
+ * `0C 17H 14M 0L`) on the same repo. Two consumers, two
17
+ * aggregation paths, slightly-different inclusion rules.
18
18
  *
19
- * - **D087** Vuln-scan exec summary said "Subtotal: 70" (sum of
20
- * dep-vuln severity buckets) and the same page later said
21
- * "81 advisories" (findings.length). 70 vs 81 on one page.
19
+ * - **D087** Vuln-scan exec summary said "Subtotal: 70" (sum of
20
+ * dep-vuln severity buckets) and the same page later said
21
+ * "81 advisories" (findings.length). 70 vs 81 on one page.
22
22
  *
23
- * - **D091** A single TLS-bypass root finding surfaced twice in the
24
- * Code Findings table (registry-grep at `:74` HIGH, semgrep at
25
- * `:72` MEDIUM) because code findings carried no fingerprint and
26
- * no cross-tool dedup ran.
23
+ * - **D091** A single TLS-bypass root finding surfaced twice in the
24
+ * Code Findings table (registry-grep at `:74` HIGH, semgrep at
25
+ * `:72` MEDIUM) because code findings carried no fingerprint and
26
+ * no cross-tool dedup ran.
27
27
  *
28
28
  * Architectural posture:
29
29
  *
30
- * - The aggregator sits BETWEEN gather and reports. Gather still
31
- * produces raw envelopes (`gatherSecrets`, `gatherFileFindings`,
32
- * `gatherCodePatterns`, `gatherTlsBypassFindings`, `gatherDepVulns`);
33
- * the aggregator merges + dedups + buckets them into the canonical
34
- * shape; consumers read by field name.
30
+ * - The aggregator sits BETWEEN gather and reports. Gather still
31
+ * produces raw envelopes (`gatherSecrets`, `gatherFileFindings`,
32
+ * `gatherCodePatterns`, `gatherTlsBypassFindings`, `gatherDepVulns`);
33
+ * the aggregator merges + dedups + buckets them into the canonical
34
+ * shape; consumers read by field name.
35
35
  *
36
- * - Three separately-named severity buckets (`codeBySeverity`,
37
- * `depBySeverity`, `secretsBySeverity`) — the shape forbids any
38
- * consumer from accidentally summing cross-axis again.
36
+ * - Three separately-named severity buckets (`codeBySeverity`,
37
+ * `depBySeverity`, `secretsBySeverity`) — the shape forbids any
38
+ * consumer from accidentally summing cross-axis again.
39
39
  *
40
- * - Two named dep counts (`dependencyAdvisoryUniqueCount` for the
41
- * canonical user-facing total; `dependencyFindingsRawCount` for
42
- * diagnostic audit). Renderers cannot pick "the wrong number"
43
- * without naming which they want.
40
+ * - Two named dep counts (`dependencyAdvisoryUniqueCount` for the
41
+ * canonical user-facing total; `dependencyFindingsRawCount` for
42
+ * diagnostic audit). Renderers cannot pick "the wrong number"
43
+ * without naming which they want.
44
44
  *
45
- * - Code findings get a canonical-rule + line-window fingerprint;
46
- * cross-tool collisions collapse to ONE CodeFinding with
47
- * `keptSeverity = max(severities)` and `producedBy` listing all
48
- * contributing tools. The `dedupCollisions` audit trail records
49
- * every collapse for `--detailed` visibility.
45
+ * - Code findings get a canonical-rule + line-window fingerprint;
46
+ * cross-tool collisions collapse to ONE CodeFinding with
47
+ * `keptSeverity = max(severities)` and `producedBy` listing all
48
+ * contributing tools. The `dedupCollisions` audit trail records
49
+ * every collapse for `--detailed` visibility.
50
50
  *
51
- * - `provenance` distinguishes "tool ran, 0 findings" from "tool
52
- * didn't run" — drives D080-style "(not run: typescript)" labels.
51
+ * - `provenance` distinguishes "tool ran, 0 findings" from "tool
52
+ * didn't run" — drives D080-style "(not run: typescript)" labels.
53
53
  *
54
54
  * G_v4_8 architectural gate (`scripts/check-architecture.sh`) blocks
55
55
  * `countBySeverity` / severity-Record accumulator declarations
@@ -95,21 +95,21 @@ function bumpCounts(counts, severity) {
95
95
  * function — same input always produces the same output.
96
96
  *
97
97
  * Dedup pipeline (code-side):
98
- * 1. Concat raw findings from secrets/fileFindings/codePatterns/tlsBypass.
99
- * 2. Group by `(canonicalRule, file, lineWindow)` key.
100
- * 3. For each group:
101
- * - Emit ONE `CodeFinding` with `keptSeverity = max(severities)`,
102
- * `producedBy` = unique sources.
103
- * - If the group had >1 raw finding, record a `DedupCollision`
104
- * audit entry.
98
+ * 1. Concat raw findings from secrets/fileFindings/codePatterns/tlsBypass.
99
+ * 2. Group by `(canonicalRule, file, lineWindow)` key.
100
+ * 3. For each group:
101
+ * - Emit ONE `CodeFinding` with `keptSeverity = max(severities)`,
102
+ * `producedBy` = unique sources.
103
+ * - If the group had >1 raw finding, record a `DedupCollision`
104
+ * audit entry.
105
105
  *
106
106
  * Dedup pipeline (dep-side):
107
- * - Group `depVulns.findings` by `fingerprint`.
108
- * - For each group: pick the highest-severity entry as the
109
- * representative; severity counts are derived from the unique
110
- * set so they match `dependencyAdvisoryUniqueCount`.
111
- * - Findings without a fingerprint pass through unchanged (defensive;
112
- * `stampFingerprints` in `gatherDepVulns` runs before this).
107
+ * - Group `depVulns.findings` by `fingerprint`.
108
+ * - For each group: pick the highest-severity entry as the
109
+ * representative; severity counts are derived from the unique
110
+ * set so they match `dependencyAdvisoryUniqueCount`.
111
+ * - Findings without a fingerprint pass through unchanged (defensive;
112
+ * `stampFingerprints` in `gatherDepVulns` runs before this).
113
113
  */
114
114
  function buildSecurityAggregate(input) {
115
115
  // ─── Code-side dedup ────────────────────────────────────────────────
@@ -180,14 +180,8 @@ function buildSecurityAggregate(input) {
180
180
  rule: f.rule,
181
181
  line: f.line,
182
182
  severity: f.severity,
183
+ spanHash: f.spanHash,
183
184
  });
184
- // Record the merged finding's own fingerprint when it differs
185
- // from the representative — that's the identity a suppression
186
- // might have been keyed on in a run where the merge landed the
187
- // other way around.
188
- if (naturalFingerprint !== existing.fingerprint) {
189
- existing.absorbedFingerprints.add(naturalFingerprint);
190
- }
191
185
  // Prefer the lower line number as the canonical line — semgrep
192
186
  // typically reports the declaration (earlier line) while
193
187
  // registry-grep reports the assignment; the declaration is the
@@ -198,6 +192,9 @@ function buildSecurityAggregate(input) {
198
192
  existing.rule = f.rule;
199
193
  existing.tool = f.tool;
200
194
  existing.cwe = f.cwe || existing.cwe;
195
+ // Keep the anchor material aligned with the chosen representative.
196
+ existing.spanHash = f.spanHash;
197
+ existing.scope = f.scope;
201
198
  }
202
199
  }
203
200
  else {
@@ -212,6 +209,8 @@ function buildSecurityAggregate(input) {
212
209
  rule: f.rule,
213
210
  title: f.title,
214
211
  tool: f.tool,
212
+ spanHash: f.spanHash,
213
+ scope: f.scope,
215
214
  producedBy: new Set([f.tool]),
216
215
  raws: [
217
216
  {
@@ -219,9 +218,9 @@ function buildSecurityAggregate(input) {
219
218
  rule: f.rule,
220
219
  line: f.line,
221
220
  severity: f.severity,
221
+ spanHash: f.spanHash,
222
222
  },
223
223
  ],
224
- absorbedFingerprints: new Set(),
225
224
  });
226
225
  }
227
226
  // Index this finding's CWE + location → its group, so a later
@@ -229,6 +228,66 @@ function buildSecurityAggregate(input) {
229
228
  if (f.cwe)
230
229
  byCweLoc.set(cweLocKey(f.cwe, f.file, f.line), fingerprint);
231
230
  }
231
+ // ─── Ordinal assignment ────────────────────────────────────────
232
+ // Findings sharing one anchor bucket get a stable in-document-order
233
+ // ordinal so identical constructs stay distinct:
234
+ // • code groups sharing (file, scope, spanHash) — three
235
+ // `eval(userInput)` in one function stay three findings;
236
+ // • secret groups sharing (file) — two leaked credentials in one file
237
+ // stay two findings. Keyed on file ALONE (not the per-tool rule):
238
+ // secret identity discriminates on the tool-independent
239
+ // SECRET_CANONICAL_RULE, so the ordinal must be unique per file
240
+ // across every secret regardless of which scanner/rule found it.
241
+ // Config (file-stable line 0) and anchorless findings need no ordinal.
242
+ // The bucket key is prefixed by category so the code and secret
243
+ // namespaces can never collide. Deterministic regardless of Map
244
+ // iteration order: sorted by line, then by the line-based group key.
245
+ const ordinalBuckets = new Map();
246
+ for (const g of groups.values()) {
247
+ let key;
248
+ if (g.category === 'code' && g.spanHash !== undefined) {
249
+ key = `code\0${g.file}\0${g.scope ?? ''}\0${g.spanHash}`;
250
+ }
251
+ else if (g.category === 'secret') {
252
+ key = `secret\0${g.file}`;
253
+ }
254
+ if (key !== undefined) {
255
+ const list = ordinalBuckets.get(key) ?? [];
256
+ list.push(g);
257
+ ordinalBuckets.set(key, list);
258
+ }
259
+ }
260
+ for (const list of ordinalBuckets.values()) {
261
+ list.sort((a, b) => a.line - b.line ||
262
+ (a.fingerprint < b.fingerprint ? -1 : a.fingerprint > b.fingerprint ? 1 : 0));
263
+ list.forEach((g, i) => {
264
+ g.ordinal = i;
265
+ });
266
+ }
267
+ // The durable content anchor for a group (scheme v2), or undefined when
268
+ // none is resolvable → line-window fallback. Secrets: (ordinal) alone —
269
+ // value/salt-free, so identity is tool- and environment-independent.
270
+ // Code: (scope, spanHash, ordinal) when a span was captured. Config +
271
+ // anchorless: undefined (config's line-0 identity is already
272
+ // (canonicalRule, file)-stable, so it stays on the line path unchanged).
273
+ const anchorFor = (g) => {
274
+ if (g.category === 'secret')
275
+ return (0, fingerprint_1.secretContentAnchor)(g.ordinal ?? 0);
276
+ if (g.category === 'code' && g.spanHash !== undefined) {
277
+ return (0, fingerprint_1.codeContentAnchorFromHash)(g.scope ?? '', g.spanHash, g.ordinal ?? 0);
278
+ }
279
+ return undefined;
280
+ };
281
+ const fingerprintFor = (canonicalRule, file, line, anchor) => anchor !== undefined
282
+ ? (0, fingerprint_1.computeContentFingerprint)(canonicalRule, file, anchor)
283
+ : (0, fingerprint_1.computeCodeFingerprint)(canonicalRule, file, line);
284
+ // The rule discriminator used for IDENTITY (not display/grouping).
285
+ // Secrets fold onto the tool-independent SECRET_CANONICAL_RULE so the same
286
+ // leak fingerprints identically no matter which scanner/rule found it;
287
+ // code/config keep their per-tool canonical rule. Mirrors the secret
288
+ // branch in `identityFor` so the aggregator's stamped fingerprint and the
289
+ // baseline producer's recomputed id always agree.
290
+ const identityRuleFor = (g) => g.category === 'secret' ? fingerprint_1.SECRET_CANONICAL_RULE : g.canonicalRule;
232
291
  const codeFindingsByCategory = {
233
292
  secret: [],
234
293
  code: [],
@@ -238,6 +297,28 @@ function buildSecurityAggregate(input) {
238
297
  const secretsBySeverity = emptyCounts();
239
298
  const dedupCollisions = [];
240
299
  for (const g of groups.values()) {
300
+ const anchor = anchorFor(g);
301
+ const identityRule = identityRuleFor(g);
302
+ const fingerprint = fingerprintFor(identityRule, g.file, g.line, anchor);
303
+ // Absorbed fingerprints: the content fingerprint each merged raw WOULD
304
+ // have had as representative (its own span/HMAC, the group's scope +
305
+ // ordinal). Lets a suppression keyed on a contributing finding's
306
+ // identity still match after the representative flips between runs.
307
+ // Secrets fold onto SECRET_CANONICAL_RULE and a per-file ordinal, so
308
+ // every secret raw in a group resolves to the SAME fingerprint — nothing
309
+ // to absorb (the cross-tool divergence this guarded against is gone).
310
+ const absorbed = new Set();
311
+ for (const raw of g.raws) {
312
+ const rawCanonical = g.category === 'secret' ? fingerprint_1.SECRET_CANONICAL_RULE : (0, fingerprint_1.canonicalRuleFor)(raw.tool, raw.rule);
313
+ let rawAnchor;
314
+ if (g.category === 'secret')
315
+ rawAnchor = (0, fingerprint_1.secretContentAnchor)(g.ordinal ?? 0);
316
+ else if (g.category === 'code' && raw.spanHash !== undefined)
317
+ rawAnchor = (0, fingerprint_1.codeContentAnchorFromHash)(g.scope ?? '', raw.spanHash, g.ordinal ?? 0);
318
+ const rawFp = fingerprintFor(rawCanonical, g.file, raw.line, rawAnchor);
319
+ if (rawFp !== fingerprint)
320
+ absorbed.add(rawFp);
321
+ }
241
322
  const finding = {
242
323
  severity: g.severity,
243
324
  category: g.category,
@@ -247,12 +328,15 @@ function buildSecurityAggregate(input) {
247
328
  file: g.file,
248
329
  line: g.line,
249
330
  tool: g.tool,
250
- fingerprint: g.fingerprint,
331
+ fingerprint,
251
332
  canonicalRule: g.canonicalRule,
252
333
  producedBy: [...g.producedBy].sort(),
253
- ...(g.absorbedFingerprints.size > 0
254
- ? { absorbedFingerprints: [...g.absorbedFingerprints].sort() }
255
- : {}),
334
+ // Content-anchored identity: stamp the FINAL content anchor (the producer reads it back to
335
+ // recompute the same identity). Omitted when absent (→ line fallback).
336
+ ...(anchor !== undefined ? { contentAnchor: anchor } : {}),
337
+ ...(g.spanHash !== undefined ? { spanHash: g.spanHash } : {}),
338
+ ...(g.scope !== undefined ? { scope: g.scope } : {}),
339
+ ...(absorbed.size > 0 ? { absorbedFingerprints: [...absorbed].sort() } : {}),
256
340
  };
257
341
  if (g.category === 'secret') {
258
342
  codeFindingsByCategory.secret.push(finding);
@@ -1 +1 @@
1
- {"version":3,"file":"aggregator.js","sourceRoot":"","sources":["../../../src/analyzers/security/aggregator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;;AAmQH,wDAySC;AAxiBD,sDAA+F;AAC/F,uDAA8F;AA2J9F,6EAA6E;AAE7E;;;;;;;;;;;;;GAaG;AACH,6EAA6E;AAE7E,MAAM,aAAa,GAA6B;IAC9C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF,SAAS,WAAW,CAAC,CAAW,EAAE,CAAW;IAC3C,OAAO,aAAa,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAS,UAAU,CAAC,MAAsB,EAAE,QAAkB;IAC5D,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;AACrB,CAAC;AA2CD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,sBAAsB,CAAC,KAA6B;IAClE,uEAAuE;IACvE,MAAM,eAAe,GAAsB;QACzC,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ;QACzB,GAAG,KAAK,CAAC,YAAY;QACrB,GAAG,KAAK,CAAC,YAAY,CAAC,QAAQ;QAC9B,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,IAAI,EAAE,CAAC;QACnC,GAAG,KAAK,CAAC,SAAS;KACnB,CAAC;IAyBF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAiB,CAAC;IAExC,yEAAyE;IACzE,qEAAqE;IACrE,gEAAgE;IAChE,oEAAoE;IACpE,kEAAkE;IAClE,qEAAqE;IACrE,mEAAmE;IACnE,cAAc;IACd,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC3C,MAAM,SAAS,GAAG,CAAC,GAAW,EAAE,IAAY,EAAE,IAAY,EAAU,EAAE,CACpE,GAAG,GAAG,KAAK,IAAI,KAAK,IAAA,2BAAa,EAAC,IAAI,CAAC,EAAE,CAAC;IAE5C,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,MAAM,aAAa,GAAG,IAAA,8BAAgB,EAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,kBAAkB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAEjF,gEAAgE;QAChE,qEAAqE;QACrE,sEAAsE;QACtE,sEAAsE;QACtE,qBAAqB;QACrB,gEAAgE;QAChE,oEAAoE;QACpE,gEAAgE;QAChE,gEAAgE;QAChE,IAAI,WAAW,GAAG,kBAAkB,CAAC;QACrC,IAAI,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC7B,MAAM,mBAAmB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC;gBAC3F,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;gBAClD,IAAI,SAAS,EAAE,CAAC;oBACd,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,mBAAmB,CAAC;oBAClC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,sEAAsE;QACtE,8DAA8D;QAC9D,kEAAkE;QAClE,oEAAoE;QACpE,8CAA8C;QAC9C,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;YACvB,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC;gBACnE,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;gBAClD,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;oBACpC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC/D,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;gBACjB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAC,CAAC;YACH,8DAA8D;YAC9D,8DAA8D;YAC9D,+DAA+D;YAC/D,oBAAoB;YACpB,IAAI,kBAAkB,KAAK,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAChD,QAAQ,CAAC,oBAAoB,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACxD,CAAC;YACD,+DAA+D;YAC/D,yDAAyD;YACzD,+DAA+D;YAC/D,iEAAiE;YACjE,IAAI,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;gBACzB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC;YACvC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE;gBACtB,WAAW;gBACX,aAAa;gBACb,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,UAAU,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;gBAC7B,IAAI,EAAE;oBACJ;wBACE,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB;iBACF;gBACD,oBAAoB,EAAE,IAAI,GAAG,EAAE;aAChC,CAAC,CAAC;QACL,CAAC;QACD,8DAA8D;QAC9D,kEAAkE;QAClE,IAAI,CAAC,CAAC,GAAG;YAAE,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,sBAAsB,GAAwD;QAClF,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,EAAE;QACR,MAAM,EAAE,EAAE;KACX,CAAC;IACF,MAAM,cAAc,GAAG,WAAW,EAAE,CAAC;IACrC,MAAM,iBAAiB,GAAG,WAAW,EAAE,CAAC;IACxC,MAAM,eAAe,GAAqB,EAAE,CAAC;IAE7C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,MAAM,OAAO,GAAgB;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,aAAa,EAAE,CAAC,CAAC,aAAa;YAC9B,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE;YACpC,GAAG,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,GAAG,CAAC;gBACjC,CAAC,CAAC,EAAE,oBAAoB,EAAE,CAAC,GAAG,CAAC,CAAC,oBAAoB,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC9D,CAAC,CAAC,EAAE,CAAC;SACR,CAAC;QAEF,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC5B,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,6DAA6D;YAC7D,+DAA+D;YAC/D,8DAA8D;YAC9D,wBAAwB;YACxB,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,UAAU,CAAC,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,YAAY,EAAE,CAAC,CAAC,QAAQ;gBACxB,aAAa,EAAE,CAAC,CAAC,IAAI;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,6DAA6D;IAC7D,+DAA+D;IAC/D,mEAAmE;IACnE,qEAAqE;IACrE,kEAAkE;IAClE,mEAAmE;IACnE,MAAM,mBAAmB,GAAG;QAC1B,GAAG,sBAAsB,CAAC,MAAM;QAChC,GAAG,sBAAsB,CAAC,IAAI;QAC9B,GAAG,sBAAsB,CAAC,MAAM;KACjC,CAAC;IACF,IAAA,wCAA6B,EAAC,mBAAmB,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;IAE5E,MAAM,uBAAuB,GAAG,WAAW,EAAE,CAAC;IAC9C,MAAM,0BAA0B,GAAG,WAAW,EAAE,CAAC;IACjD,MAAM,WAAW,GAAG,CAAC,CAAc,EAAW,EAAE,CAC9C,CAAC,CAAC,CAAC,CAAC,WAAW,IAAI,IAAA,8BAAmB,EAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,KAAK,MAAM,CAAC,IAAI,sBAAsB,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,uBAAuB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,MAAM,EAAE,GAAG,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,0BAA0B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,oEAAoE;IACpE,gDAAgD;IAChD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA0B,CAAC;IACpD,IAAI,2BAA2B,GAAG,CAAC,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,IAAI,gBAAgB,2BAA2B,EAAE,EAAE,CAAC;QAC7E,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,6DAA6D;YAC7D,2DAA2D;YAC3D,2BAA2B;YAC3B,IAAI,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,WAAW,EAAE,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,iBAAiB,EAAE,CAAC;QAClC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uEAAuE;IACvE,MAAM,UAAU,GAAwB;QACtC,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAC5B,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ,KAAK,IAAI;SACrC;QACD,YAAY,EAAE;YACZ,IAAI,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ;YACjC,GAAG,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ,KAAK,IAAI;SAC1C;QACD,QAAQ,EAAE;YACR,KAAK,EAAE,KAAK,CAAC,QAAQ,EAAE,SAAS,IAAI,EAAE;YACtC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;SACjD;QACD,SAAS,EAAE;YACT,gEAAgE;YAChE,6DAA6D;YAC7D,8DAA8D;YAC9D,4BAA4B;YAC5B,GAAG,EAAE,KAAK,CAAC,qBAAqB,GAAG,CAAC;YACpC,YAAY,EAAE,KAAK,CAAC,qBAAqB;SAC1C;QACD,YAAY,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;QAC3B,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI;YACzB,SAAS,EAAE,KAAK,CAAC,QAAQ,CAAC,SAAS;YACnC,iBAAiB,EAAE,KAAK,CAAC,QAAQ,CAAC,iBAAiB;SACpD;KACF,CAAC;IAEF,OAAO;QACL,cAAc;QACd,aAAa;QACb,iBAAiB;QACjB,uBAAuB;QACvB,0BAA0B;QAC1B,kBAAkB,EAAE;YAClB,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,IAAI,EAAE,sBAAsB,CAAC,IAAI;YACjC,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,UAAU,EAAE,iBAAiB;SAC9B;QACD,6BAA6B,EAAE,iBAAiB,CAAC,MAAM;QACvD,0BAA0B,EAAE,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM;QAC1D,eAAe;QACf,UAAU;KACX,CAAC;AACJ,CAAC"}
1
+ {"version":3,"file":"aggregator.js","sourceRoot":"","sources":["../../../src/analyzers/security/aggregator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;;AA2QH,wDA2ZC;AAlqBD,sDAQ8B;AAC9B,uDAA8F;AA2J9F,6EAA6E;AAE7E;;;;;;;;;;;;;GAaG;AACH,6EAA6E;AAE7E,MAAM,aAAa,GAA6B;IAC9C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF,SAAS,WAAW,CAAC,CAAW,EAAE,CAAW;IAC3C,OAAO,aAAa,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAS,UAAU,CAAC,MAAsB,EAAE,QAAkB;IAC5D,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;AACrB,CAAC;AA2CD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,sBAAsB,CAAC,KAA6B;IAClE,uEAAuE;IACvE,MAAM,eAAe,GAAsB;QACzC,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ;QACzB,GAAG,KAAK,CAAC,YAAY;QACrB,GAAG,KAAK,CAAC,YAAY,CAAC,QAAQ;QAC9B,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,IAAI,EAAE,CAAC;QACnC,GAAG,KAAK,CAAC,SAAS;KACnB,CAAC;IA2CF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAiB,CAAC;IAExC,yEAAyE;IACzE,qEAAqE;IACrE,gEAAgE;IAChE,oEAAoE;IACpE,kEAAkE;IAClE,qEAAqE;IACrE,mEAAmE;IACnE,cAAc;IACd,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC3C,MAAM,SAAS,GAAG,CAAC,GAAW,EAAE,IAAY,EAAE,IAAY,EAAU,EAAE,CACpE,GAAG,GAAG,KAAK,IAAI,KAAK,IAAA,2BAAa,EAAC,IAAI,CAAC,EAAE,CAAC;IAE5C,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,MAAM,aAAa,GAAG,IAAA,8BAAgB,EAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,kBAAkB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAEjF,gEAAgE;QAChE,qEAAqE;QACrE,sEAAsE;QACtE,sEAAsE;QACtE,qBAAqB;QACrB,gEAAgE;QAChE,oEAAoE;QACpE,gEAAgE;QAChE,gEAAgE;QAChE,IAAI,WAAW,GAAG,kBAAkB,CAAC;QACrC,IAAI,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC7B,MAAM,mBAAmB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC;gBAC3F,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;gBAClD,IAAI,SAAS,EAAE,CAAC;oBACd,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,mBAAmB,CAAC;oBAClC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,sEAAsE;QACtE,8DAA8D;QAC9D,kEAAkE;QAClE,oEAAoE;QACpE,8CAA8C;QAC9C,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;YACvB,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC;gBACnE,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;gBAClD,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;oBACpC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC/D,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;gBACjB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAC,CAAC;YACH,+DAA+D;YAC/D,yDAAyD;YACzD,+DAA+D;YAC/D,iEAAiE;YACjE,IAAI,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;gBACzB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC;gBACrC,mEAAmE;gBACnE,QAAQ,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC;gBAC/B,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;YAC3B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE;gBACtB,WAAW;gBACX,aAAa;gBACb,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,UAAU,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;gBAC7B,IAAI,EAAE;oBACJ;wBACE,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;wBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QACD,8DAA8D;QAC9D,kEAAkE;QAClE,IAAI,CAAC,CAAC,GAAG;YAAE,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC,CAAC;IACzE,CAAC;IAED,kEAAkE;IAClE,oEAAoE;IACpE,iDAAiD;IACjD,0DAA0D;IAC1D,6DAA6D;IAC7D,wEAAwE;IACxE,sEAAsE;IACtE,4DAA4D;IAC5D,oEAAoE;IACpE,qEAAqE;IACrE,uEAAuE;IACvE,gEAAgE;IAChE,gEAAgE;IAChE,qEAAqE;IACrE,MAAM,cAAc,GAAG,IAAI,GAAG,EAAmB,CAAC;IAClD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,IAAI,GAAuB,CAAC;QAC5B,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACtD,GAAG,GAAG,SAAS,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,KAAK,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC3D,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,GAAG,GAAG,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QACD,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACb,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,cAAc,CAAC,MAAM,EAAE,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CACP,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACP,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI;YACf,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAC/E,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACpB,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC;IAED,wEAAwE;IACxE,wEAAwE;IACxE,qEAAqE;IACrE,sEAAsE;IACtE,6DAA6D;IAC7D,yEAAyE;IACzE,MAAM,SAAS,GAAG,CAAC,CAAQ,EAAsB,EAAE;QACjD,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAA,iCAAmB,EAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACtD,OAAO,IAAA,uCAAyB,EAAC,CAAC,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QAC9E,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IACF,MAAM,cAAc,GAAG,CACrB,aAAqB,EACrB,IAAY,EACZ,IAAY,EACZ,MAA0B,EAClB,EAAE,CACV,MAAM,KAAK,SAAS;QAClB,CAAC,CAAC,IAAA,uCAAyB,EAAC,aAAa,EAAE,IAAI,EAAE,MAAM,CAAC;QACxD,CAAC,CAAC,IAAA,oCAAsB,EAAC,aAAa,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAExD,mEAAmE;IACnE,2EAA2E;IAC3E,uEAAuE;IACvE,qEAAqE;IACrE,0EAA0E;IAC1E,kDAAkD;IAClD,MAAM,eAAe,GAAG,CAAC,CAAQ,EAAU,EAAE,CAC3C,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,mCAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;IAEpE,MAAM,sBAAsB,GAAwD;QAClF,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,EAAE;QACR,MAAM,EAAE,EAAE;KACX,CAAC;IACF,MAAM,cAAc,GAAG,WAAW,EAAE,CAAC;IACrC,MAAM,iBAAiB,GAAG,WAAW,EAAE,CAAC;IACxC,MAAM,eAAe,GAAqB,EAAE,CAAC;IAE7C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,WAAW,GAAG,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAEzE,uEAAuE;QACvE,qEAAqE;QACrE,iEAAiE;QACjE,oEAAoE;QACpE,qEAAqE;QACrE,yEAAyE;QACzE,sEAAsE;QACtE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;QACnC,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;YACzB,MAAM,YAAY,GAChB,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,mCAAqB,CAAC,CAAC,CAAC,IAAA,8BAAgB,EAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YACzF,IAAI,SAA6B,CAAC;YAClC,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;gBAAE,SAAS,GAAG,IAAA,iCAAmB,EAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;iBACxE,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS;gBAC1D,SAAS,GAAG,IAAA,uCAAyB,EAAC,CAAC,CAAC,KAAK,IAAI,EAAE,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;YACrF,MAAM,KAAK,GAAG,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACxE,IAAI,KAAK,KAAK,WAAW;gBAAE,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,OAAO,GAAgB;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,WAAW;YACX,aAAa,EAAE,CAAC,CAAC,aAAa;YAC9B,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE;YACpC,2FAA2F;YAC3F,uEAAuE;YACvE,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpD,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,oBAAoB,EAAE,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7E,CAAC;QAEF,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC5B,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,6DAA6D;YAC7D,+DAA+D;YAC/D,8DAA8D;YAC9D,wBAAwB;YACxB,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,UAAU,CAAC,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,YAAY,EAAE,CAAC,CAAC,QAAQ;gBACxB,aAAa,EAAE,CAAC,CAAC,IAAI;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,6DAA6D;IAC7D,+DAA+D;IAC/D,mEAAmE;IACnE,qEAAqE;IACrE,kEAAkE;IAClE,mEAAmE;IACnE,MAAM,mBAAmB,GAAG;QAC1B,GAAG,sBAAsB,CAAC,MAAM;QAChC,GAAG,sBAAsB,CAAC,IAAI;QAC9B,GAAG,sBAAsB,CAAC,MAAM;KACjC,CAAC;IACF,IAAA,wCAA6B,EAAC,mBAAmB,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;IAE5E,MAAM,uBAAuB,GAAG,WAAW,EAAE,CAAC;IAC9C,MAAM,0BAA0B,GAAG,WAAW,EAAE,CAAC;IACjD,MAAM,WAAW,GAAG,CAAC,CAAc,EAAW,EAAE,CAC9C,CAAC,CAAC,CAAC,CAAC,WAAW,IAAI,IAAA,8BAAmB,EAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,KAAK,MAAM,CAAC,IAAI,sBAAsB,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,uBAAuB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,MAAM,EAAE,GAAG,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,0BAA0B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,oEAAoE;IACpE,gDAAgD;IAChD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA0B,CAAC;IACpD,IAAI,2BAA2B,GAAG,CAAC,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,IAAI,gBAAgB,2BAA2B,EAAE,EAAE,CAAC;QAC7E,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,6DAA6D;YAC7D,2DAA2D;YAC3D,2BAA2B;YAC3B,IAAI,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,WAAW,EAAE,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,iBAAiB,EAAE,CAAC;QAClC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uEAAuE;IACvE,MAAM,UAAU,GAAwB;QACtC,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAC5B,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ,KAAK,IAAI;SACrC;QACD,YAAY,EAAE;YACZ,IAAI,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ;YACjC,GAAG,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ,KAAK,IAAI;SAC1C;QACD,QAAQ,EAAE;YACR,KAAK,EAAE,KAAK,CAAC,QAAQ,EAAE,SAAS,IAAI,EAAE;YACtC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;SACjD;QACD,SAAS,EAAE;YACT,gEAAgE;YAChE,6DAA6D;YAC7D,8DAA8D;YAC9D,4BAA4B;YAC5B,GAAG,EAAE,KAAK,CAAC,qBAAqB,GAAG,CAAC;YACpC,YAAY,EAAE,KAAK,CAAC,qBAAqB;SAC1C;QACD,YAAY,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;QAC3B,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI;YACzB,SAAS,EAAE,KAAK,CAAC,QAAQ,CAAC,SAAS;YACnC,iBAAiB,EAAE,KAAK,CAAC,QAAQ,CAAC,iBAAiB;SACpD;KACF,CAAC;IAEF,OAAO;QACL,cAAc;QACd,aAAa;QACb,iBAAiB;QACjB,uBAAuB;QACvB,0BAA0B;QAC1B,kBAAkB,EAAE;YAClB,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,IAAI,EAAE,sBAAsB,CAAC,IAAI;YACjC,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,UAAU,EAAE,iBAAiB;SAC9B;QACD,6BAA6B,EAAE,iBAAiB,CAAC,MAAM;QACvD,0BAA0B,EAAE,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM;QAC1D,eAAe;QACf,UAAU;KACX,CAAC;AACJ,CAAC"}
@@ -133,6 +133,8 @@ export declare function buildSecurityAggregateForHealth(cwd: string, secrets: {
133
133
  file: string;
134
134
  line: number;
135
135
  cwe: string;
136
+ /** Matched-span hash when the scanner surfaced the span. */
137
+ spanHash?: string;
136
138
  }>;
137
139
  } | undefined, depVulnsEnvelope: DepVulnResult | undefined, depVulnsAvailable: boolean, depVulnsUnavailableReason: string): Promise<SecurityAggregate>;
138
140
  //# sourceMappingURL=gather.d.ts.map
@@ -1 +1 @@
1
- {"version":3,"file":"gather.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":"AAwBA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACpE,OAAO,EAA0B,KAAK,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAW9E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AAIxE;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IACxD,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAeD;AAID,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CAgDjE;AAID;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CA0CtE;AAID;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAmBD;AAoBD;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,8BAA8B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IACzE,QAAQ,EAAE,aAAa,GAAG,IAAI,CAAC;IAC/B,SAAS,EAAE,OAAO,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;CAC3B,CAAC,CAwED;AAED,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CA6HzE;AAID;;;;;;;;;;;;GAYG;AACH,wBAAsB,+BAA+B,CACnD,GAAG,EAAE,MAAM,EACX,OAAO,EACH;IACE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;QACtB,QAAQ,EAAE,QAAQ,CAAC;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC,CAAC;CACJ,GACD,SAAS,EACb,YAAY,EACR;IACE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;QACtB,QAAQ,EAAE,QAAQ,CAAC;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,GAAG,EAAE,MAAM,CAAC;KACb,CAAC,CAAC;CACJ,GACD,SAAS,EACb,gBAAgB,EAAE,aAAa,GAAG,SAAS,EAC3C,iBAAiB,EAAE,OAAO,EAC1B,yBAAyB,EAAE,MAAM,GAChC,OAAO,CAAC,iBAAiB,CAAC,CAoE5B"}
1
+ {"version":3,"file":"gather.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":"AAyBA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACpE,OAAO,EAA0B,KAAK,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAW9E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AAIxE;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IACxD,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAiBD;AAID,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CAgDjE;AAID;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CA4CtE;AAID;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAsBD;AAoBD;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,8BAA8B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IACzE,QAAQ,EAAE,aAAa,GAAG,IAAI,CAAC;IAC/B,SAAS,EAAE,OAAO,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;CAC3B,CAAC,CAwED;AAED,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CA6HzE;AAID;;;;;;;;;;;;GAYG;AACH,wBAAsB,+BAA+B,CACnD,GAAG,EAAE,MAAM,EACX,OAAO,EACH;IACE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;QACtB,QAAQ,EAAE,QAAQ,CAAC;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC,CAAC;CACJ,GACD,SAAS,EACb,YAAY,EACR;IACE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;QACtB,QAAQ,EAAE,QAAQ,CAAC;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,4DAA4D;QAC5D,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;CACJ,GACD,SAAS,EACb,gBAAgB,EAAE,aAAa,GAAG,SAAS,EAC3C,iBAAiB,EAAE,OAAO,EAC1B,yBAAyB,EAAE,MAAM,GAChC,OAAO,CAAC,iBAAiB,CAAC,CAyF5B"}
@@ -44,10 +44,10 @@ exports.buildSecurityAggregateForHealth = buildSecurityAggregateForHealth;
44
44
  * Security finding gatherers — one function per tool, no overlap.
45
45
  *
46
46
  * Tool boundaries:
47
- * gitleaks → secrets (hardcoded credentials, API keys, private keys in source)
48
- * find/git → private key files on disk (.key, .pem), .env tracked in git
49
- * semgrep → code patterns (eval, exec, TLS, CORS, SQLi, XSS, SSRF, etc.)
50
- * dispatcher → dependency CVEs unioned across every active language pack
47
+ * gitleaks → secrets (hardcoded credentials, API keys, private keys in source)
48
+ * find/git → private key files on disk (.key, .pem), .env tracked in git
49
+ * semgrep → code patterns (eval, exec, TLS, CORS, SQLi, XSS, SSRF, etc.)
50
+ * dispatcher → dependency CVEs unioned across every active language pack
51
51
  */
52
52
  const fs = __importStar(require("fs"));
53
53
  const runner_1 = require("../tools/runner");
@@ -61,6 +61,7 @@ const risk_score_1 = require("../tools/risk-score");
61
61
  const upgrade_plan_resolver_1 = require("../tools/upgrade-plan-resolver");
62
62
  const normalize_1 = require("../../ingest/normalize");
63
63
  const snapshot_1 = require("../../ingest/snapshot");
64
+ const finding_context_1 = require("../../explore/finding-context");
64
65
  const exclusions_1 = require("../tools/exclusions");
65
66
  const walk_source_files_1 = require("../tools/walk-source-files");
66
67
  const path = __importStar(require("path"));
@@ -91,6 +92,8 @@ async function gatherSecrets(cwd) {
91
92
  file: f.file,
92
93
  line: f.line,
93
94
  tool: result.tool,
95
+ // Secret identity is value/salt-free (canonicalRule, file, ordinal),
96
+ // assembled in the aggregator — the gather carries no content anchor.
94
97
  }));
95
98
  return { findings, toolUsed: result.tool };
96
99
  }
@@ -228,6 +231,8 @@ function gatherTlsBypassFindings(cwd) {
228
231
  file: relPath,
229
232
  line: i + 1,
230
233
  tool: 'tls-bypass-registry',
234
+ // Content anchor: the matched line is this finding's span.
235
+ ...(trimmed.length > 0 ? { spanHash: (0, fingerprint_1.spanHash)(trimmed) } : {}),
231
236
  });
232
237
  }
233
238
  }
@@ -254,6 +259,9 @@ async function gatherCodePatterns(cwd) {
254
259
  file: f.file,
255
260
  line: f.line,
256
261
  tool: result.tool,
262
+ // Content-anchored identity: carry the matched-span hash; the aggregator combines it with
263
+ // the enclosing-symbol scope + ordinal to build the content anchor.
264
+ ...(f.spanHash !== undefined ? { spanHash: f.spanHash } : {}),
257
265
  }));
258
266
  return { findings, toolUsed: result.tool };
259
267
  }
@@ -531,6 +539,7 @@ async function buildSecurityAggregateForHealth(cwd, secrets, codePatterns, depVu
531
539
  file: f.file,
532
540
  line: f.line,
533
541
  tool: codePatterns.tool,
542
+ ...(f.spanHash !== undefined ? { spanHash: f.spanHash } : {}),
534
543
  }))
535
544
  : [];
536
545
  // Ingested external-engine findings (Snyk Code / CodeQL / SARIF) read
@@ -545,6 +554,23 @@ async function buildSecurityAggregateForHealth(cwd, secrets, codePatterns, depVu
545
554
  // never raise in an excluded path doesn't sneak in via ingestion.
546
555
  const externalFindings = (0, normalize_1.externalToSecurityFindings)((0, snapshot_1.readAllSnapshots)(cwd)).filter((f) => !(0, exclusions_1.isExcludedPath)(cwd, f.file));
547
556
  const externalEngines = (0, snapshot_1.snapshotEngines)(cwd);
557
+ // Scope pre-pass: attach each CODE finding's enclosing symbol from
558
+ // the graph so identity can anchor to the symbol (B), not the line. Runs
559
+ // here — the single chokepoint that builds the one cached aggregate every
560
+ // consumer reads — so vuln-scan, health, baseline, and BoM all inherit
561
+ // it. Graph access stays in `src/explore/` (Rule 12); the aggregator
562
+ // never touches the graph. Only code-category findings get a scope
563
+ // (secrets anchor on their HMAC; config on (rule, file)). Fail-open: no
564
+ // graph → scopes stay unset → file-level fallback under the content-anchored scheme.
565
+ const codeScopeTargets = [...codeFindings, ...tlsBypass, ...externalFindings];
566
+ const scopeMap = (0, finding_context_1.buildEnclosingScopeMap)(cwd, codeScopeTargets.map((f) => ({ file: f.file, line: f.line })));
567
+ if (scopeMap) {
568
+ for (const f of codeScopeTargets) {
569
+ const symbol = scopeMap[(0, finding_context_1.locationKey)(f.file, f.line)];
570
+ if (symbol)
571
+ f.scope = symbol;
572
+ }
573
+ }
548
574
  return (0, aggregator_1.buildSecurityAggregate)({
549
575
  secrets: { findings: secretFindings, toolUsed: secrets?.tool ?? null },
550
576
  fileFindings,
@@ -1 +1 @@
1
- {"version":3,"file":"gather.js","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CA,sCAkBC;AAID,gDAgDC;AAgDD,0DA0CC;AAWD,gDAsBC;AA+CD,wEA4EC;AAED,wCA6HC;AAiBD,0EAkGC;AA7lBD;;;;;;;;GAQG;AACH,uCAAyB;AACzB,4CAAsC;AACtC,gDAA+E;AAC/E,wCAAyD;AACzD,sDAAyD;AACzD,sCAAyC;AACzC,sCAA8C;AAC9C,wDAAgF;AAChF,oDAAoD;AACpD,0EAA+E;AAC/E,sDAAoE;AACpE,oDAA0E;AAC1E,oDAA0E;AAC1E,kEAA8F;AAC9F,2CAA6B;AAE7B,6CAA8E;AAC9E,+CAAqD;AACrD,8CAAkD;AAClD,+CAA8E;AAC9E,0EAKkD;AAClD,+DAA4D;AAG5D,gFAAgF;AAEhF;;;;;;GAMG;AACI,KAAK,UAAU,aAAa,CAAC,GAAW;IAI7C,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,IAAA,2BAAY,EAAC,qBAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IACxF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,QAAiB;QAC3B,GAAG,EAAE,SAAS;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;QAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;KAClB,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,SAAgB,kBAAkB,CAAC,GAAW;IAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,IAAA,gCAAmB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,mDAAmD;IAEpG,oCAAoC;IACpC,sEAAsE;IACtE,qEAAqE;IACrE,wEAAwE;IACxE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,iEAAiE;IACjE,4DAA4D;IAC5D,sDAAsD;IACtD,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,iDAAiD,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,gFAAgF;IACvK,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,oCAAoC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;gBAChE,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;gBACzB,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,MAAM;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;IACtD,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,6BAA6B,CAAC,EAAE;gBACvC,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,KAAK;aACZ,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,SAAgB,uBAAuB,CAAC,GAAW;IACjD,MAAM,QAAQ,GAAG,IAAA,gCAAoB,GAAE,CAAC;IACxC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;QAC5B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAA,oCAAgB,EAAC,OAAO,CAAC,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,MAAM,KAAK,MAAM,IAAI,IAAA,iCAAa,EAAC,IAAI,EAAE,MAAM,CAAC;gBAAE,SAAS;YAC/D,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;gBAC1B,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;gBACjB,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClB,OAAO,GAAG,IAAI,CAAC;oBACf,MAAM;gBACR,CAAC;YACH,CAAC;YACD,IAAI,CAAC,OAAO;gBAAE,SAAS;YACvB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC;YAC5E,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,yBAAyB;gBAC/B,KAAK,EAAE,wCAAwC,OAAO,EAAE;gBACxD,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,IAAI,EAAE,qBAAqB;aAC5B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E;;;;;;GAMG;AACI,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAIlD,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAC3C,GAAG,EACH,2BAAa,EACb,IAAA,2BAAY,EAAC,2BAAa,EAAE,GAAG,CAAC,CACjC,CAAC;IACF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,MAAe;QACzB,GAAG,EAAE,CAAC,CAAC,GAAG;QACV,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;KAClB,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,MAAM,eAAe,GAAmB;IACtC,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,KAAK,EAAE,CAAC;IACR,IAAI,EAAE,IAAI;IACV,QAAQ,EAAE,EAAE;IACZ,wEAAwE;IACxE,oEAAoE;IACpE,oEAAoE;IACpE,uDAAuD;IACvD,SAAS,EAAE,IAAI;IACf,iBAAiB,EAAE,EAAE;CACtB,CAAC;AAEF;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,8BAA8B,CAAC,GAAW;IAK9D,MAAM,WAAW,GAAG,IAAA,iCAAqB,EAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACvF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAC;IACpE,CAAC;IAED,qEAAqE;IACrE,kEAAkE;IAClE,kEAAkE;IAClE,6DAA6D;IAC7D,mEAAmE;IACnE,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,UAAU,CACvC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACpB,IAAA,uBAAY,EAAC,CAAC,CAAC,YAAa,CAAC,QAAS,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,uCAA4B,CAAC,CAAC,IAAI,CAC3F,CAAC,eAAe,EAAE,EAAE;QAClB,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8BAA8B,CAAC,CAAC,EAAE,oBAAoB,OAAO,0CAA0C,CACxG,CAAC;YACF,OAAO;gBACL,IAAI,EAAE,aAAsB;gBAC5B,MAAM,EAAE,eAAe,OAAO,cAAc;aAC7C,CAAC;QACJ,CAAC;QACD,OAAO,eAAe,CAAC,KAAK,CAAC;IAC/B,CAAC,CACF,CACF,CACF,CAAC;IACF,MAAM,gBAAgB,GAAoB,EAAE,CAAC;IAC7C,IAAI,gBAAgB,GAA4C,IAAI,CAAC;IACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,gBAAgB,GAAG;oBACjB,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE;oBACvB,MAAM,EAAE,mBAAoB,CAAC,CAAC,MAAgB,EAAE,OAAO,IAAI,eAAe,EAAE;iBAC7E,CAAC;YACJ,CAAC;YACD,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC;QACxB,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC/D,gBAAgB,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC;QACzE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,uBAAS,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC5F,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,8DAA8D;IAC9D,6DAA6D;IAC7D,gDAAgD;IAChD,gEAAgE;IAChE,iEAAiE;IACjE,4BAA4B;IAC5B,IAAI,QAAQ,EAAE,QAAQ,EAAE,CAAC;QACvB,IAAA,+BAAiB,EAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;IACD,OAAO;QACL,QAAQ;QACR,SAAS,EAAE,gBAAgB,KAAK,IAAI;QACpC,iBAAiB,EAAE,gBAAgB;YACjC,CAAC,CAAC,GAAG,gBAAgB,CAAC,IAAI,KAAK,gBAAgB,CAAC,MAAM,EAAE;YACxD,CAAC,CAAC,EAAE;KACP,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,mEAAmE;IACnE,6DAA6D;IAC7D,oEAAoE;IACpE,uEAAuE;IACvE,uEAAuE;IACvE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;IAE7F,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,GAAG,eAAe;YAClB,SAAS;YACT,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,oEAAoE;IACpE,iEAAiE;IACjE,iEAAiE;IACjE,mEAAmE;IACnE,kEAAkE;IAClE,gDAAgD;IAChD,EAAE;IACF,gEAAgE;IAChE,+DAA+D;IAC/D,kEAAkE;IAClE,+DAA+D;IAC/D,mDAAmD;IACnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC;IACzC,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,sDAAsD;IACtD,IAAA,+BAAiB,EAAC,QAAQ,CAAC,CAAC;IAC5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;QAC/C,MAAM,gBAAgB,GAA4C,EAAE,CAAC;QACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,IAAA,mBAAY,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,IAAI,MAAM,EAAE,CAAC;gBACX,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAc,EAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,KAAK,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBACtD,IAAI,GAAG;oBAAE,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QACD,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACvD,+DAA+D;YAC/D,8DAA8D;YAC9D,gEAAgE;YAChE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,IAAA,iBAAU,EAAC,UAAU,CAAC,EAAE,IAAA,eAAS,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7F,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;gBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC9B,IAAI,KAAK,KAAK,SAAS;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC;gBACzD,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC;YACjD,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,kEAAkE;QAClE,+DAA+D;QAC/D,2DAA2D;QAC3D,gEAAgE;QAChE,uBAAuB;QACvB,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,mEAAmE;QACnE,mEAAmE;QACnE,+DAA+D;QAC/D,mEAAmE;QACnE,kEAAkE;QAClE,wBAAwB;QACxB,MAAM,gBAAgB,GAAG,IAAA,2BAAY,EAAC,qBAAO,CAAC,CAAC;QAC/C,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,eAAe,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,gBAAgB,CAAC,CAAC;YACvF,IAAI,eAAe,IAAI,eAAe,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBAC1D,MAAM,SAAS,GAAG,IAAA,uCAAwB,EAAC,eAAe,CAAC,CAAC;gBAC5D,IAAA,4BAAa,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,4DAA4D;QAC5D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,6DAA6D;QAC7D,IAAA,qDAA6B,EAAC,QAAQ,CAAC,CAAC;QAExC,iEAAiE;QACjE,yDAAyD;QACzD,+DAA+D;QAC/D,wCAAwC;QACxC,IAAA,0BAAa,EAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC;IACxD,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,MAAM;QACN,GAAG;QACH,KAAK,EAAE,QAAQ,GAAG,IAAI,GAAG,MAAM,GAAG,GAAG;QACrC,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ;QACR,qEAAqE;QACrE,+DAA+D;QAC/D,kFAAkF;QAClF,kEAAkE;QAClE,uDAAuD;QACvD,SAAS;QACT,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF;;;;;;;;;;;;GAYG;AACI,KAAK,UAAU,+BAA+B,CACnD,GAAW,EACX,OAWa,EACb,YAYa,EACb,gBAA2C,EAC3C,iBAA0B,EAC1B,yBAAiC;IAEjC,wEAAwE;IACxE,kEAAkE;IAClE,mEAAmE;IACnE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,uBAAuB,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,YAAY,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,cAAc,GAAsB,OAAO;QAC/C,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,QAAiB;YAC3B,GAAG,EAAE,SAAS;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;YAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,OAAO,CAAC,IAAI;SACnB,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,YAAY,GAAsB,YAAY;QAClD,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,MAAe;YACzB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,YAAY,CAAC,IAAI;SACxB,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,sEAAsE;IACtE,oEAAoE;IACpE,qEAAqE;IACrE,EAAE;IACF,qEAAqE;IACrE,qEAAqE;IACrE,qEAAqE;IACrE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,gBAAgB,GAAG,IAAA,sCAA0B,EAAC,IAAA,2BAAgB,EAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAC/E,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,2BAAc,EAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CACpC,CAAC;IACF,MAAM,eAAe,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAE7C,OAAO,IAAA,mCAAsB,EAAC;QAC5B,OAAO,EAAE,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE;QACtE,YAAY;QACZ,YAAY,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,IAAI,IAAI,EAAE;QAC9E,QAAQ,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,eAAe,EAAE;QACpE,SAAS;QACT,qBAAqB,EAAE,IAAA,gCAAoB,GAAE,CAAC,MAAM;QACpD,QAAQ,EAAE;YACR,QAAQ,EAAE,gBAAgB,EAAE,QAAQ,IAAI,EAAE;YAC1C,IAAI,EAAE,gBAAgB,EAAE,IAAI,IAAI,IAAI;YACpC,SAAS,EAAE,iBAAiB;YAC5B,iBAAiB,EAAE,yBAAyB;SAC7C;QACD,oEAAoE;QACpE,oEAAoE;QACpE,iEAAiE;QACjE,0DAA0D;QAC1D,SAAS,EAAE,IAAA,oBAAa,EAAC,GAAG,CAAC;KAC9B,CAAC,CAAC;AACL,CAAC"}
1
+ {"version":3,"file":"gather.js","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgDA,sCAoBC;AAID,gDAgDC;AAgDD,0DA4CC;AAWD,gDAyBC;AA+CD,wEA4EC;AAED,wCA6HC;AAiBD,0EAyHC;AA5nBD;;;;;;;;GAQG;AACH,uCAAyB;AACzB,4CAAsC;AACtC,gDAA+E;AAC/E,wCAAyD;AACzD,sDAAmE;AACnE,sCAAyC;AACzC,sCAA8C;AAC9C,wDAAgF;AAChF,oDAAoD;AACpD,0EAA+E;AAC/E,sDAAoE;AACpE,oDAA0E;AAC1E,mEAAoF;AACpF,oDAA0E;AAC1E,kEAA8F;AAC9F,2CAA6B;AAE7B,6CAA8E;AAC9E,+CAAqD;AACrD,8CAAkD;AAClD,+CAA8E;AAC9E,0EAKkD;AAClD,+DAA4D;AAG5D,gFAAgF;AAEhF;;;;;;GAMG;AACI,KAAK,UAAU,aAAa,CAAC,GAAW;IAI7C,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,IAAA,2BAAY,EAAC,qBAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IACxF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,QAAiB;QAC3B,GAAG,EAAE,SAAS;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;QAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,qEAAqE;QACrE,sEAAsE;KACvE,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,SAAgB,kBAAkB,CAAC,GAAW;IAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,IAAA,gCAAmB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,mDAAmD;IAEpG,oCAAoC;IACpC,sEAAsE;IACtE,qEAAqE;IACrE,wEAAwE;IACxE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,iEAAiE;IACjE,4DAA4D;IAC5D,sDAAsD;IACtD,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,iDAAiD,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,gFAAgF;IACvK,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,oCAAoC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;gBAChE,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;gBACzB,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,MAAM;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;IACtD,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,6BAA6B,CAAC,EAAE;gBACvC,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,KAAK;aACZ,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,SAAgB,uBAAuB,CAAC,GAAW;IACjD,MAAM,QAAQ,GAAG,IAAA,gCAAoB,GAAE,CAAC;IACxC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;QAC5B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAA,oCAAgB,EAAC,OAAO,CAAC,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,MAAM,KAAK,MAAM,IAAI,IAAA,iCAAa,EAAC,IAAI,EAAE,MAAM,CAAC;gBAAE,SAAS;YAC/D,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;gBAC1B,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;gBACjB,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClB,OAAO,GAAG,IAAI,CAAC;oBACf,MAAM;gBACR,CAAC;YACH,CAAC;YACD,IAAI,CAAC,OAAO;gBAAE,SAAS;YACvB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC;YAC5E,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,yBAAyB;gBAC/B,KAAK,EAAE,wCAAwC,OAAO,EAAE;gBACxD,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,IAAI,EAAE,qBAAqB;gBAC3B,2DAA2D;gBAC3D,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAA,sBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E;;;;;;GAMG;AACI,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAIlD,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAC3C,GAAG,EACH,2BAAa,EACb,IAAA,2BAAY,EAAC,2BAAa,EAAE,GAAG,CAAC,CACjC,CAAC;IACF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,MAAe;QACzB,GAAG,EAAE,CAAC,CAAC,GAAG;QACV,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,0FAA0F;QAC1F,oEAAoE;QACpE,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9D,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,MAAM,eAAe,GAAmB;IACtC,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,KAAK,EAAE,CAAC;IACR,IAAI,EAAE,IAAI;IACV,QAAQ,EAAE,EAAE;IACZ,wEAAwE;IACxE,oEAAoE;IACpE,oEAAoE;IACpE,uDAAuD;IACvD,SAAS,EAAE,IAAI;IACf,iBAAiB,EAAE,EAAE;CACtB,CAAC;AAEF;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,8BAA8B,CAAC,GAAW;IAK9D,MAAM,WAAW,GAAG,IAAA,iCAAqB,EAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACvF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAC;IACpE,CAAC;IAED,qEAAqE;IACrE,kEAAkE;IAClE,kEAAkE;IAClE,6DAA6D;IAC7D,mEAAmE;IACnE,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,UAAU,CACvC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACpB,IAAA,uBAAY,EAAC,CAAC,CAAC,YAAa,CAAC,QAAS,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,uCAA4B,CAAC,CAAC,IAAI,CAC3F,CAAC,eAAe,EAAE,EAAE;QAClB,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8BAA8B,CAAC,CAAC,EAAE,oBAAoB,OAAO,0CAA0C,CACxG,CAAC;YACF,OAAO;gBACL,IAAI,EAAE,aAAsB;gBAC5B,MAAM,EAAE,eAAe,OAAO,cAAc;aAC7C,CAAC;QACJ,CAAC;QACD,OAAO,eAAe,CAAC,KAAK,CAAC;IAC/B,CAAC,CACF,CACF,CACF,CAAC;IACF,MAAM,gBAAgB,GAAoB,EAAE,CAAC;IAC7C,IAAI,gBAAgB,GAA4C,IAAI,CAAC;IACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,gBAAgB,GAAG;oBACjB,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE;oBACvB,MAAM,EAAE,mBAAoB,CAAC,CAAC,MAAgB,EAAE,OAAO,IAAI,eAAe,EAAE;iBAC7E,CAAC;YACJ,CAAC;YACD,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC;QACxB,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC/D,gBAAgB,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC;QACzE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,uBAAS,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC5F,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,8DAA8D;IAC9D,6DAA6D;IAC7D,gDAAgD;IAChD,gEAAgE;IAChE,iEAAiE;IACjE,4BAA4B;IAC5B,IAAI,QAAQ,EAAE,QAAQ,EAAE,CAAC;QACvB,IAAA,+BAAiB,EAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;IACD,OAAO;QACL,QAAQ;QACR,SAAS,EAAE,gBAAgB,KAAK,IAAI;QACpC,iBAAiB,EAAE,gBAAgB;YACjC,CAAC,CAAC,GAAG,gBAAgB,CAAC,IAAI,KAAK,gBAAgB,CAAC,MAAM,EAAE;YACxD,CAAC,CAAC,EAAE;KACP,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,mEAAmE;IACnE,6DAA6D;IAC7D,oEAAoE;IACpE,uEAAuE;IACvE,uEAAuE;IACvE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;IAE7F,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,GAAG,eAAe;YAClB,SAAS;YACT,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,oEAAoE;IACpE,iEAAiE;IACjE,iEAAiE;IACjE,mEAAmE;IACnE,kEAAkE;IAClE,gDAAgD;IAChD,EAAE;IACF,gEAAgE;IAChE,+DAA+D;IAC/D,kEAAkE;IAClE,+DAA+D;IAC/D,mDAAmD;IACnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC;IACzC,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,sDAAsD;IACtD,IAAA,+BAAiB,EAAC,QAAQ,CAAC,CAAC;IAC5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;QAC/C,MAAM,gBAAgB,GAA4C,EAAE,CAAC;QACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,IAAA,mBAAY,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,IAAI,MAAM,EAAE,CAAC;gBACX,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAc,EAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,KAAK,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBACtD,IAAI,GAAG;oBAAE,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QACD,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACvD,+DAA+D;YAC/D,8DAA8D;YAC9D,gEAAgE;YAChE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,IAAA,iBAAU,EAAC,UAAU,CAAC,EAAE,IAAA,eAAS,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7F,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;gBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC9B,IAAI,KAAK,KAAK,SAAS;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC;gBACzD,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC;YACjD,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,kEAAkE;QAClE,+DAA+D;QAC/D,2DAA2D;QAC3D,gEAAgE;QAChE,uBAAuB;QACvB,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,mEAAmE;QACnE,mEAAmE;QACnE,+DAA+D;QAC/D,mEAAmE;QACnE,kEAAkE;QAClE,wBAAwB;QACxB,MAAM,gBAAgB,GAAG,IAAA,2BAAY,EAAC,qBAAO,CAAC,CAAC;QAC/C,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,eAAe,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,gBAAgB,CAAC,CAAC;YACvF,IAAI,eAAe,IAAI,eAAe,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBAC1D,MAAM,SAAS,GAAG,IAAA,uCAAwB,EAAC,eAAe,CAAC,CAAC;gBAC5D,IAAA,4BAAa,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,4DAA4D;QAC5D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,6DAA6D;QAC7D,IAAA,qDAA6B,EAAC,QAAQ,CAAC,CAAC;QAExC,iEAAiE;QACjE,yDAAyD;QACzD,+DAA+D;QAC/D,wCAAwC;QACxC,IAAA,0BAAa,EAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC;IACxD,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,MAAM;QACN,GAAG;QACH,KAAK,EAAE,QAAQ,GAAG,IAAI,GAAG,MAAM,GAAG,GAAG;QACrC,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ;QACR,qEAAqE;QACrE,+DAA+D;QAC/D,kFAAkF;QAClF,kEAAkE;QAClE,uDAAuD;QACvD,SAAS;QACT,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF;;;;;;;;;;;;GAYG;AACI,KAAK,UAAU,+BAA+B,CACnD,GAAW,EACX,OAWa,EACb,YAca,EACb,gBAA2C,EAC3C,iBAA0B,EAC1B,yBAAiC;IAEjC,wEAAwE;IACxE,kEAAkE;IAClE,mEAAmE;IACnE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,uBAAuB,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,YAAY,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,cAAc,GAAsB,OAAO;QAC/C,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,QAAiB;YAC3B,GAAG,EAAE,SAAS;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;YAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,OAAO,CAAC,IAAI;SACnB,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,YAAY,GAAsB,YAAY;QAClD,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,MAAe;YACzB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,YAAY,CAAC,IAAI;YACvB,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9D,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,sEAAsE;IACtE,oEAAoE;IACpE,qEAAqE;IACrE,EAAE;IACF,qEAAqE;IACrE,qEAAqE;IACrE,qEAAqE;IACrE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,gBAAgB,GAAG,IAAA,sCAA0B,EAAC,IAAA,2BAAgB,EAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAC/E,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,2BAAc,EAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CACpC,CAAC;IACF,MAAM,eAAe,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAE7C,mEAAmE;IACnE,yEAAyE;IACzE,0EAA0E;IAC1E,uEAAuE;IACvE,qEAAqE;IACrE,mEAAmE;IACnE,wEAAwE;IACxE,qFAAqF;IACrF,MAAM,gBAAgB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,SAAS,EAAE,GAAG,gBAAgB,CAAC,CAAC;IAC9E,MAAM,QAAQ,GAAG,IAAA,wCAAsB,EACrC,GAAG,EACH,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAC9D,CAAC;IACF,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,gBAAgB,EAAE,CAAC;YACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAA,6BAAW,EAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YACrD,IAAI,MAAM;gBAAE,CAAC,CAAC,KAAK,GAAG,MAAM,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,IAAA,mCAAsB,EAAC;QAC5B,OAAO,EAAE,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE;QACtE,YAAY;QACZ,YAAY,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,IAAI,IAAI,EAAE;QAC9E,QAAQ,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,eAAe,EAAE;QACpE,SAAS;QACT,qBAAqB,EAAE,IAAA,gCAAoB,GAAE,CAAC,MAAM;QACpD,QAAQ,EAAE;YACR,QAAQ,EAAE,gBAAgB,EAAE,QAAQ,IAAI,EAAE;YAC1C,IAAI,EAAE,gBAAgB,EAAE,IAAI,IAAI,IAAI;YACpC,SAAS,EAAE,iBAAiB;YAC5B,iBAAiB,EAAE,yBAAyB;SAC7C;QACD,oEAAoE;QACpE,oEAAoE;QACpE,iEAAiE;QACjE,0DAA0D;QAC1D,SAAS,EAAE,IAAA,oBAAa,EAAC,GAAG,CAAC;KAC9B,CAAC,CAAC;AACL,CAAC"}
@@ -28,10 +28,32 @@ export interface SecurityFinding {
28
28
  */
29
29
  allowlisted?: boolean;
30
30
  /** The matched allowlist entry's category (`test-fixture`,
31
- * `false-positive`, `accepted-risk`, ...) so renderers can explain
32
- * WHY the finding is suppressed, not just that it is. Present only
33
- * when `allowlisted` is true. */
31
+ * `false-positive`, `accepted-risk`, ...) so renderers can explain
32
+ * WHY the finding is suppressed, not just that it is. Present only
33
+ * when `allowlisted` is true. */
34
34
  allowlistCategory?: AllowlistCategory;
35
+ /**
36
+ * Content-anchored identity material. Carried from the gather
37
+ * boundary through the aggregator so the finding's durable identity
38
+ * can be anchored to WHAT it is, not WHERE it sits (the line). These
39
+ * are additive plumbing: until the content-anchored migration the
40
+ * identity layer still hashes the line; afterward it hashes the
41
+ * content anchor and `line` becomes display metadata only.
42
+ *
43
+ * - `contentAnchor` — the fully-resolved anchor when known at gather:
44
+ * for secrets it's the salted HMAC of the value; for config it's
45
+ * `''`. For CODE findings it's NOT set at gather (it needs `scope`
46
+ * + ordinal); the aggregator stamps it.
47
+ * - `spanHash` — the 16-char hash of a code finding's normalized
48
+ * matched span (semgrep gather). Combined with `scope` + ordinal by
49
+ * the aggregator to build the code `contentAnchor`.
50
+ * - `scope` — the enclosing symbol (function/class) for a code
51
+ * finding, attached by the graph scope pre-pass; `''`/absent →
52
+ * file-level fallback.
53
+ */
54
+ contentAnchor?: string;
55
+ spanHash?: string;
56
+ scope?: string;
35
57
  }
36
58
  export interface DepVulnSummary {
37
59
  critical: number;
@@ -41,8 +63,8 @@ export interface DepVulnSummary {
41
63
  total: number;
42
64
  tool: string | null;
43
65
  /** Per-advisory detail concatenated across every active pack. Empty
44
- * when no provider returned findings (counts may still be non-zero
45
- * for legacy pack output that only emits aggregate counts). */
66
+ * when no provider returned findings (counts may still be non-zero
67
+ * for legacy pack output that only emits aggregate counts). */
46
68
  findings: DepVulnFinding[];
47
69
  /**
48
70
  * D025b (2.4.7): true if at least one active pack's depVulns gather
@@ -72,8 +94,8 @@ export interface SecurityReport {
72
94
  branch: string;
73
95
  summary: {
74
96
  /** Combined code+secret+config severity counts. Preserved for
75
- * backward-compat with detailed report + dashboard consumers
76
- * that already read this shape. */
97
+ * backward-compat with detailed report + dashboard consumers
98
+ * that already read this shape. */
77
99
  findings: {
78
100
  critical: number;
79
101
  high: number;
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AACpE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAE5D,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE1E,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,CAAC;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;;;;OAUG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB;;;sCAGkC;IAClC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;CACvC;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB;;oEAEgE;IAChE,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B;;;;;;;;;;;OAWG;IACH,SAAS,EAAE,OAAO,CAAC;IACnB;;;;;OAKG;IACH,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP;;4CAEoC;QACpC,QAAQ,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QACzF;;;;;;;WAOG;QACH,QAAQ,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QACzF;;;;;WAKG;QACH,WAAW,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QAC5F,YAAY,EAAE,cAAc,CAAC;QAC7B;;;;;;;;WAQG;QACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,qBAAqB,CAAC,EAAE,OAAO,CAAC;KACjC,CAAC;IACF,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,oBAAoB,CAAC;CACrC"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AACpE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAE5D,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE1E,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,CAAC;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;;;;OAUG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB;;;qCAGiC;IACjC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;;;;;;;;;;;;;;;;;OAkBG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB;;mEAE+D;IAC/D,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B;;;;;;;;;;;OAWG;IACH,SAAS,EAAE,OAAO,CAAC;IACnB;;;;;OAKG;IACH,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP;;2CAEmC;QACnC,QAAQ,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QACzF;;;;;;;WAOG;QACH,QAAQ,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QACzF;;;;;WAKG;QACH,WAAW,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QAC5F,YAAY,EAAE,cAAc,CAAC;QAC7B;;;;;;;;WAQG;QACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,qBAAqB,CAAC,EAAE,OAAO,CAAC;KACjC,CAAC;IACF,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,oBAAoB,CAAC;CACrC"}