@vyuhlabs/dxkit 2.10.0 → 2.11.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +98 -0
- package/dist/allowlist/cli.d.ts +23 -23
- package/dist/allowlist/cli.d.ts.map +1 -1
- package/dist/allowlist/cli.js +72 -34
- package/dist/allowlist/cli.js.map +1 -1
- package/dist/allowlist/file.d.ts +7 -1
- package/dist/allowlist/file.d.ts.map +1 -1
- package/dist/allowlist/file.js +7 -1
- package/dist/allowlist/file.js.map +1 -1
- package/dist/analysis-result.d.ts +10 -0
- package/dist/analysis-result.d.ts.map +1 -1
- package/dist/analyzers/cache.d.ts +1 -0
- package/dist/analyzers/cache.d.ts.map +1 -1
- package/dist/analyzers/cache.js +69 -0
- package/dist/analyzers/cache.js.map +1 -1
- package/dist/analyzers/security/aggregator.d.ts +90 -90
- package/dist/analyzers/security/aggregator.d.ts.map +1 -1
- package/dist/analyzers/security/aggregator.js +140 -56
- package/dist/analyzers/security/aggregator.js.map +1 -1
- package/dist/analyzers/security/gather.d.ts +2 -0
- package/dist/analyzers/security/gather.d.ts.map +1 -1
- package/dist/analyzers/security/gather.js +30 -4
- package/dist/analyzers/security/gather.js.map +1 -1
- package/dist/analyzers/security/types.d.ts +29 -7
- package/dist/analyzers/security/types.d.ts.map +1 -1
- package/dist/analyzers/tools/fingerprint.d.ts +133 -20
- package/dist/analyzers/tools/fingerprint.d.ts.map +1 -1
- package/dist/analyzers/tools/fingerprint.js +194 -20
- package/dist/analyzers/tools/fingerprint.js.map +1 -1
- package/dist/analyzers/tools/gitleaks.d.ts +2 -2
- package/dist/analyzers/tools/gitleaks.d.ts.map +1 -1
- package/dist/analyzers/tools/gitleaks.js +7 -1
- package/dist/analyzers/tools/gitleaks.js.map +1 -1
- package/dist/analyzers/tools/graphify.d.ts.map +1 -1
- package/dist/analyzers/tools/graphify.js +28 -0
- package/dist/analyzers/tools/graphify.js.map +1 -1
- package/dist/analyzers/tools/grep-secrets.d.ts.map +1 -1
- package/dist/analyzers/tools/grep-secrets.js +22 -12
- package/dist/analyzers/tools/grep-secrets.js.map +1 -1
- package/dist/analyzers/tools/salt.d.ts +68 -0
- package/dist/analyzers/tools/salt.d.ts.map +1 -0
- package/dist/{baseline → analyzers/tools}/salt.js +59 -18
- package/dist/analyzers/tools/salt.js.map +1 -0
- package/dist/analyzers/tools/semgrep.d.ts +7 -7
- package/dist/analyzers/tools/semgrep.d.ts.map +1 -1
- package/dist/analyzers/tools/semgrep.js +14 -7
- package/dist/analyzers/tools/semgrep.js.map +1 -1
- package/dist/analyzers/tools/tool-registry.js +4 -4
- package/dist/baseline/baseline-file.d.ts +9 -2
- package/dist/baseline/baseline-file.d.ts.map +1 -1
- package/dist/baseline/baseline-file.js.map +1 -1
- package/dist/baseline/check-renderers.d.ts.map +1 -1
- package/dist/baseline/check-renderers.js +14 -0
- package/dist/baseline/check-renderers.js.map +1 -1
- package/dist/baseline/check.d.ts +33 -0
- package/dist/baseline/check.d.ts.map +1 -1
- package/dist/baseline/check.js +78 -2
- package/dist/baseline/check.js.map +1 -1
- package/dist/baseline/create.d.ts +1 -1
- package/dist/baseline/create.d.ts.map +1 -1
- package/dist/baseline/create.js +3 -1
- package/dist/baseline/create.js.map +1 -1
- package/dist/baseline/finding-identity.d.ts +20 -13
- package/dist/baseline/finding-identity.d.ts.map +1 -1
- package/dist/baseline/finding-identity.js +51 -20
- package/dist/baseline/finding-identity.js.map +1 -1
- package/dist/baseline/migrate.d.ts +94 -0
- package/dist/baseline/migrate.d.ts.map +1 -0
- package/dist/baseline/migrate.js +238 -0
- package/dist/baseline/migrate.js.map +1 -0
- package/dist/baseline/producers/security.d.ts +9 -9
- package/dist/baseline/producers/security.d.ts.map +1 -1
- package/dist/baseline/producers/security.js +16 -4
- package/dist/baseline/producers/security.js.map +1 -1
- package/dist/baseline/types.d.ts +145 -95
- package/dist/baseline/types.d.ts.map +1 -1
- package/dist/baseline/types.js +30 -26
- package/dist/baseline/types.js.map +1 -1
- package/dist/explore/finding-context.d.ts +17 -0
- package/dist/explore/finding-context.d.ts.map +1 -1
- package/dist/explore/finding-context.js +34 -0
- package/dist/explore/finding-context.js.map +1 -1
- package/dist/explore/queries.d.ts +32 -15
- package/dist/explore/queries.d.ts.map +1 -1
- package/dist/explore/queries.js +36 -6
- package/dist/explore/queries.js.map +1 -1
- package/dist/ingest/normalize.d.ts +1 -1
- package/dist/ingest/normalize.d.ts.map +1 -1
- package/dist/ingest/normalize.js +5 -1
- package/dist/ingest/normalize.js.map +1 -1
- package/dist/ingest/sarif.d.ts.map +1 -1
- package/dist/ingest/sarif.js +16 -7
- package/dist/ingest/sarif.js.map +1 -1
- package/dist/ingest/types.d.ts +23 -12
- package/dist/ingest/types.d.ts.map +1 -1
- package/dist/languages/capabilities/types.d.ts +64 -53
- package/dist/languages/capabilities/types.d.ts.map +1 -1
- package/dist/languages/capabilities/types.js +4 -4
- package/dist/update.d.ts.map +1 -1
- package/dist/update.js +49 -0
- package/dist/update.js.map +1 -1
- package/dist/upgrade.d.ts.map +1 -1
- package/dist/upgrade.js +2 -1
- package/dist/upgrade.js.map +1 -1
- package/package.json +6 -3
- package/templates/.claude/skills/dxkit-update/SKILL.md +45 -4
- package/dist/baseline/salt.d.ts +0 -45
- package/dist/baseline/salt.d.ts.map +0 -1
- package/dist/baseline/salt.js.map +0 -1
|
@@ -10,46 +10,46 @@
|
|
|
10
10
|
*
|
|
11
11
|
* The disease this closes (D086 / D087 / D091):
|
|
12
12
|
*
|
|
13
|
-
*
|
|
14
|
-
*
|
|
15
|
-
*
|
|
16
|
-
*
|
|
17
|
-
*
|
|
13
|
+
* - **D086** Health Security section and standalone vuln-scan Code
|
|
14
|
+
* Findings table both reported "code findings by severity" but
|
|
15
|
+
* came up with different numbers (`0C 11H 18M 0L` vs
|
|
16
|
+
* `0C 17H 14M 0L`) on the same repo. Two consumers, two
|
|
17
|
+
* aggregation paths, slightly-different inclusion rules.
|
|
18
18
|
*
|
|
19
|
-
*
|
|
20
|
-
*
|
|
21
|
-
*
|
|
19
|
+
* - **D087** Vuln-scan exec summary said "Subtotal: 70" (sum of
|
|
20
|
+
* dep-vuln severity buckets) and the same page later said
|
|
21
|
+
* "81 advisories" (findings.length). 70 vs 81 on one page.
|
|
22
22
|
*
|
|
23
|
-
*
|
|
24
|
-
*
|
|
25
|
-
*
|
|
26
|
-
*
|
|
23
|
+
* - **D091** A single TLS-bypass root finding surfaced twice in the
|
|
24
|
+
* Code Findings table (registry-grep at `:74` HIGH, semgrep at
|
|
25
|
+
* `:72` MEDIUM) because code findings carried no fingerprint and
|
|
26
|
+
* no cross-tool dedup ran.
|
|
27
27
|
*
|
|
28
28
|
* Architectural posture:
|
|
29
29
|
*
|
|
30
|
-
*
|
|
31
|
-
*
|
|
32
|
-
*
|
|
33
|
-
*
|
|
34
|
-
*
|
|
30
|
+
* - The aggregator sits BETWEEN gather and reports. Gather still
|
|
31
|
+
* produces raw envelopes (`gatherSecrets`, `gatherFileFindings`,
|
|
32
|
+
* `gatherCodePatterns`, `gatherTlsBypassFindings`, `gatherDepVulns`);
|
|
33
|
+
* the aggregator merges + dedups + buckets them into the canonical
|
|
34
|
+
* shape; consumers read by field name.
|
|
35
35
|
*
|
|
36
|
-
*
|
|
37
|
-
*
|
|
38
|
-
*
|
|
36
|
+
* - Three separately-named severity buckets (`codeBySeverity`,
|
|
37
|
+
* `depBySeverity`, `secretsBySeverity`) — the shape forbids any
|
|
38
|
+
* consumer from accidentally summing cross-axis again.
|
|
39
39
|
*
|
|
40
|
-
*
|
|
41
|
-
*
|
|
42
|
-
*
|
|
43
|
-
*
|
|
40
|
+
* - Two named dep counts (`dependencyAdvisoryUniqueCount` for the
|
|
41
|
+
* canonical user-facing total; `dependencyFindingsRawCount` for
|
|
42
|
+
* diagnostic audit). Renderers cannot pick "the wrong number"
|
|
43
|
+
* without naming which they want.
|
|
44
44
|
*
|
|
45
|
-
*
|
|
46
|
-
*
|
|
47
|
-
*
|
|
48
|
-
*
|
|
49
|
-
*
|
|
45
|
+
* - Code findings get a canonical-rule + line-window fingerprint;
|
|
46
|
+
* cross-tool collisions collapse to ONE CodeFinding with
|
|
47
|
+
* `keptSeverity = max(severities)` and `producedBy` listing all
|
|
48
|
+
* contributing tools. The `dedupCollisions` audit trail records
|
|
49
|
+
* every collapse for `--detailed` visibility.
|
|
50
50
|
*
|
|
51
|
-
*
|
|
52
|
-
*
|
|
51
|
+
* - `provenance` distinguishes "tool ran, 0 findings" from "tool
|
|
52
|
+
* didn't run" — drives D080-style "(not run: typescript)" labels.
|
|
53
53
|
*
|
|
54
54
|
* G_v4_8 architectural gate (`scripts/check-architecture.sh`) blocks
|
|
55
55
|
* `countBySeverity` / severity-Record accumulator declarations
|
|
@@ -95,21 +95,21 @@ function bumpCounts(counts, severity) {
|
|
|
95
95
|
* function — same input always produces the same output.
|
|
96
96
|
*
|
|
97
97
|
* Dedup pipeline (code-side):
|
|
98
|
-
*
|
|
99
|
-
*
|
|
100
|
-
*
|
|
101
|
-
*
|
|
102
|
-
*
|
|
103
|
-
*
|
|
104
|
-
*
|
|
98
|
+
* 1. Concat raw findings from secrets/fileFindings/codePatterns/tlsBypass.
|
|
99
|
+
* 2. Group by `(canonicalRule, file, lineWindow)` key.
|
|
100
|
+
* 3. For each group:
|
|
101
|
+
* - Emit ONE `CodeFinding` with `keptSeverity = max(severities)`,
|
|
102
|
+
* `producedBy` = unique sources.
|
|
103
|
+
* - If the group had >1 raw finding, record a `DedupCollision`
|
|
104
|
+
* audit entry.
|
|
105
105
|
*
|
|
106
106
|
* Dedup pipeline (dep-side):
|
|
107
|
-
*
|
|
108
|
-
*
|
|
109
|
-
*
|
|
110
|
-
*
|
|
111
|
-
*
|
|
112
|
-
*
|
|
107
|
+
* - Group `depVulns.findings` by `fingerprint`.
|
|
108
|
+
* - For each group: pick the highest-severity entry as the
|
|
109
|
+
* representative; severity counts are derived from the unique
|
|
110
|
+
* set so they match `dependencyAdvisoryUniqueCount`.
|
|
111
|
+
* - Findings without a fingerprint pass through unchanged (defensive;
|
|
112
|
+
* `stampFingerprints` in `gatherDepVulns` runs before this).
|
|
113
113
|
*/
|
|
114
114
|
function buildSecurityAggregate(input) {
|
|
115
115
|
// ─── Code-side dedup ────────────────────────────────────────────────
|
|
@@ -180,14 +180,8 @@ function buildSecurityAggregate(input) {
|
|
|
180
180
|
rule: f.rule,
|
|
181
181
|
line: f.line,
|
|
182
182
|
severity: f.severity,
|
|
183
|
+
spanHash: f.spanHash,
|
|
183
184
|
});
|
|
184
|
-
// Record the merged finding's own fingerprint when it differs
|
|
185
|
-
// from the representative — that's the identity a suppression
|
|
186
|
-
// might have been keyed on in a run where the merge landed the
|
|
187
|
-
// other way around.
|
|
188
|
-
if (naturalFingerprint !== existing.fingerprint) {
|
|
189
|
-
existing.absorbedFingerprints.add(naturalFingerprint);
|
|
190
|
-
}
|
|
191
185
|
// Prefer the lower line number as the canonical line — semgrep
|
|
192
186
|
// typically reports the declaration (earlier line) while
|
|
193
187
|
// registry-grep reports the assignment; the declaration is the
|
|
@@ -198,6 +192,9 @@ function buildSecurityAggregate(input) {
|
|
|
198
192
|
existing.rule = f.rule;
|
|
199
193
|
existing.tool = f.tool;
|
|
200
194
|
existing.cwe = f.cwe || existing.cwe;
|
|
195
|
+
// Keep the anchor material aligned with the chosen representative.
|
|
196
|
+
existing.spanHash = f.spanHash;
|
|
197
|
+
existing.scope = f.scope;
|
|
201
198
|
}
|
|
202
199
|
}
|
|
203
200
|
else {
|
|
@@ -212,6 +209,8 @@ function buildSecurityAggregate(input) {
|
|
|
212
209
|
rule: f.rule,
|
|
213
210
|
title: f.title,
|
|
214
211
|
tool: f.tool,
|
|
212
|
+
spanHash: f.spanHash,
|
|
213
|
+
scope: f.scope,
|
|
215
214
|
producedBy: new Set([f.tool]),
|
|
216
215
|
raws: [
|
|
217
216
|
{
|
|
@@ -219,9 +218,9 @@ function buildSecurityAggregate(input) {
|
|
|
219
218
|
rule: f.rule,
|
|
220
219
|
line: f.line,
|
|
221
220
|
severity: f.severity,
|
|
221
|
+
spanHash: f.spanHash,
|
|
222
222
|
},
|
|
223
223
|
],
|
|
224
|
-
absorbedFingerprints: new Set(),
|
|
225
224
|
});
|
|
226
225
|
}
|
|
227
226
|
// Index this finding's CWE + location → its group, so a later
|
|
@@ -229,6 +228,66 @@ function buildSecurityAggregate(input) {
|
|
|
229
228
|
if (f.cwe)
|
|
230
229
|
byCweLoc.set(cweLocKey(f.cwe, f.file, f.line), fingerprint);
|
|
231
230
|
}
|
|
231
|
+
// ─── Ordinal assignment ────────────────────────────────────────
|
|
232
|
+
// Findings sharing one anchor bucket get a stable in-document-order
|
|
233
|
+
// ordinal so identical constructs stay distinct:
|
|
234
|
+
// • code groups sharing (file, scope, spanHash) — three
|
|
235
|
+
// `eval(userInput)` in one function stay three findings;
|
|
236
|
+
// • secret groups sharing (file) — two leaked credentials in one file
|
|
237
|
+
// stay two findings. Keyed on file ALONE (not the per-tool rule):
|
|
238
|
+
// secret identity discriminates on the tool-independent
|
|
239
|
+
// SECRET_CANONICAL_RULE, so the ordinal must be unique per file
|
|
240
|
+
// across every secret regardless of which scanner/rule found it.
|
|
241
|
+
// Config (file-stable line 0) and anchorless findings need no ordinal.
|
|
242
|
+
// The bucket key is prefixed by category so the code and secret
|
|
243
|
+
// namespaces can never collide. Deterministic regardless of Map
|
|
244
|
+
// iteration order: sorted by line, then by the line-based group key.
|
|
245
|
+
const ordinalBuckets = new Map();
|
|
246
|
+
for (const g of groups.values()) {
|
|
247
|
+
let key;
|
|
248
|
+
if (g.category === 'code' && g.spanHash !== undefined) {
|
|
249
|
+
key = `code\0${g.file}\0${g.scope ?? ''}\0${g.spanHash}`;
|
|
250
|
+
}
|
|
251
|
+
else if (g.category === 'secret') {
|
|
252
|
+
key = `secret\0${g.file}`;
|
|
253
|
+
}
|
|
254
|
+
if (key !== undefined) {
|
|
255
|
+
const list = ordinalBuckets.get(key) ?? [];
|
|
256
|
+
list.push(g);
|
|
257
|
+
ordinalBuckets.set(key, list);
|
|
258
|
+
}
|
|
259
|
+
}
|
|
260
|
+
for (const list of ordinalBuckets.values()) {
|
|
261
|
+
list.sort((a, b) => a.line - b.line ||
|
|
262
|
+
(a.fingerprint < b.fingerprint ? -1 : a.fingerprint > b.fingerprint ? 1 : 0));
|
|
263
|
+
list.forEach((g, i) => {
|
|
264
|
+
g.ordinal = i;
|
|
265
|
+
});
|
|
266
|
+
}
|
|
267
|
+
// The durable content anchor for a group (scheme v2), or undefined when
|
|
268
|
+
// none is resolvable → line-window fallback. Secrets: (ordinal) alone —
|
|
269
|
+
// value/salt-free, so identity is tool- and environment-independent.
|
|
270
|
+
// Code: (scope, spanHash, ordinal) when a span was captured. Config +
|
|
271
|
+
// anchorless: undefined (config's line-0 identity is already
|
|
272
|
+
// (canonicalRule, file)-stable, so it stays on the line path unchanged).
|
|
273
|
+
const anchorFor = (g) => {
|
|
274
|
+
if (g.category === 'secret')
|
|
275
|
+
return (0, fingerprint_1.secretContentAnchor)(g.ordinal ?? 0);
|
|
276
|
+
if (g.category === 'code' && g.spanHash !== undefined) {
|
|
277
|
+
return (0, fingerprint_1.codeContentAnchorFromHash)(g.scope ?? '', g.spanHash, g.ordinal ?? 0);
|
|
278
|
+
}
|
|
279
|
+
return undefined;
|
|
280
|
+
};
|
|
281
|
+
const fingerprintFor = (canonicalRule, file, line, anchor) => anchor !== undefined
|
|
282
|
+
? (0, fingerprint_1.computeContentFingerprint)(canonicalRule, file, anchor)
|
|
283
|
+
: (0, fingerprint_1.computeCodeFingerprint)(canonicalRule, file, line);
|
|
284
|
+
// The rule discriminator used for IDENTITY (not display/grouping).
|
|
285
|
+
// Secrets fold onto the tool-independent SECRET_CANONICAL_RULE so the same
|
|
286
|
+
// leak fingerprints identically no matter which scanner/rule found it;
|
|
287
|
+
// code/config keep their per-tool canonical rule. Mirrors the secret
|
|
288
|
+
// branch in `identityFor` so the aggregator's stamped fingerprint and the
|
|
289
|
+
// baseline producer's recomputed id always agree.
|
|
290
|
+
const identityRuleFor = (g) => g.category === 'secret' ? fingerprint_1.SECRET_CANONICAL_RULE : g.canonicalRule;
|
|
232
291
|
const codeFindingsByCategory = {
|
|
233
292
|
secret: [],
|
|
234
293
|
code: [],
|
|
@@ -238,6 +297,28 @@ function buildSecurityAggregate(input) {
|
|
|
238
297
|
const secretsBySeverity = emptyCounts();
|
|
239
298
|
const dedupCollisions = [];
|
|
240
299
|
for (const g of groups.values()) {
|
|
300
|
+
const anchor = anchorFor(g);
|
|
301
|
+
const identityRule = identityRuleFor(g);
|
|
302
|
+
const fingerprint = fingerprintFor(identityRule, g.file, g.line, anchor);
|
|
303
|
+
// Absorbed fingerprints: the content fingerprint each merged raw WOULD
|
|
304
|
+
// have had as representative (its own span/HMAC, the group's scope +
|
|
305
|
+
// ordinal). Lets a suppression keyed on a contributing finding's
|
|
306
|
+
// identity still match after the representative flips between runs.
|
|
307
|
+
// Secrets fold onto SECRET_CANONICAL_RULE and a per-file ordinal, so
|
|
308
|
+
// every secret raw in a group resolves to the SAME fingerprint — nothing
|
|
309
|
+
// to absorb (the cross-tool divergence this guarded against is gone).
|
|
310
|
+
const absorbed = new Set();
|
|
311
|
+
for (const raw of g.raws) {
|
|
312
|
+
const rawCanonical = g.category === 'secret' ? fingerprint_1.SECRET_CANONICAL_RULE : (0, fingerprint_1.canonicalRuleFor)(raw.tool, raw.rule);
|
|
313
|
+
let rawAnchor;
|
|
314
|
+
if (g.category === 'secret')
|
|
315
|
+
rawAnchor = (0, fingerprint_1.secretContentAnchor)(g.ordinal ?? 0);
|
|
316
|
+
else if (g.category === 'code' && raw.spanHash !== undefined)
|
|
317
|
+
rawAnchor = (0, fingerprint_1.codeContentAnchorFromHash)(g.scope ?? '', raw.spanHash, g.ordinal ?? 0);
|
|
318
|
+
const rawFp = fingerprintFor(rawCanonical, g.file, raw.line, rawAnchor);
|
|
319
|
+
if (rawFp !== fingerprint)
|
|
320
|
+
absorbed.add(rawFp);
|
|
321
|
+
}
|
|
241
322
|
const finding = {
|
|
242
323
|
severity: g.severity,
|
|
243
324
|
category: g.category,
|
|
@@ -247,12 +328,15 @@ function buildSecurityAggregate(input) {
|
|
|
247
328
|
file: g.file,
|
|
248
329
|
line: g.line,
|
|
249
330
|
tool: g.tool,
|
|
250
|
-
fingerprint
|
|
331
|
+
fingerprint,
|
|
251
332
|
canonicalRule: g.canonicalRule,
|
|
252
333
|
producedBy: [...g.producedBy].sort(),
|
|
253
|
-
|
|
254
|
-
|
|
255
|
-
|
|
334
|
+
// Content-anchored identity: stamp the FINAL content anchor (the producer reads it back to
|
|
335
|
+
// recompute the same identity). Omitted when absent (→ line fallback).
|
|
336
|
+
...(anchor !== undefined ? { contentAnchor: anchor } : {}),
|
|
337
|
+
...(g.spanHash !== undefined ? { spanHash: g.spanHash } : {}),
|
|
338
|
+
...(g.scope !== undefined ? { scope: g.scope } : {}),
|
|
339
|
+
...(absorbed.size > 0 ? { absorbedFingerprints: [...absorbed].sort() } : {}),
|
|
256
340
|
};
|
|
257
341
|
if (g.category === 'secret') {
|
|
258
342
|
codeFindingsByCategory.secret.push(finding);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"aggregator.js","sourceRoot":"","sources":["../../../src/analyzers/security/aggregator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;;AAmQH,wDAySC;AAxiBD,sDAA+F;AAC/F,uDAA8F;AA2J9F,6EAA6E;AAE7E;;;;;;;;;;;;;GAaG;AACH,6EAA6E;AAE7E,MAAM,aAAa,GAA6B;IAC9C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF,SAAS,WAAW,CAAC,CAAW,EAAE,CAAW;IAC3C,OAAO,aAAa,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAS,UAAU,CAAC,MAAsB,EAAE,QAAkB;IAC5D,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;AACrB,CAAC;AA2CD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,sBAAsB,CAAC,KAA6B;IAClE,uEAAuE;IACvE,MAAM,eAAe,GAAsB;QACzC,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ;QACzB,GAAG,KAAK,CAAC,YAAY;QACrB,GAAG,KAAK,CAAC,YAAY,CAAC,QAAQ;QAC9B,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,IAAI,EAAE,CAAC;QACnC,GAAG,KAAK,CAAC,SAAS;KACnB,CAAC;IAyBF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAiB,CAAC;IAExC,yEAAyE;IACzE,qEAAqE;IACrE,gEAAgE;IAChE,oEAAoE;IACpE,kEAAkE;IAClE,qEAAqE;IACrE,mEAAmE;IACnE,cAAc;IACd,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC3C,MAAM,SAAS,GAAG,CAAC,GAAW,EAAE,IAAY,EAAE,IAAY,EAAU,EAAE,CACpE,GAAG,GAAG,KAAK,IAAI,KAAK,IAAA,2BAAa,EAAC,IAAI,CAAC,EAAE,CAAC;IAE5C,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,MAAM,aAAa,GAAG,IAAA,8BAAgB,EAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,kBAAkB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAEjF,gEAAgE;QAChE,qEAAqE;QACrE,sEAAsE;QACtE,sEAAsE;QACtE,qBAAqB;QACrB,gEAAgE;QAChE,oEAAoE;QACpE,gEAAgE;QAChE,gEAAgE;QAChE,IAAI,WAAW,GAAG,kBAAkB,CAAC;QACrC,IAAI,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC7B,MAAM,mBAAmB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC;gBAC3F,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;gBAClD,IAAI,SAAS,EAAE,CAAC;oBACd,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,mBAAmB,CAAC;oBAClC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,sEAAsE;QACtE,8DAA8D;QAC9D,kEAAkE;QAClE,oEAAoE;QACpE,8CAA8C;QAC9C,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;YACvB,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC;gBACnE,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;gBAClD,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;oBACpC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC/D,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;gBACjB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAC,CAAC;YACH,8DAA8D;YAC9D,8DAA8D;YAC9D,+DAA+D;YAC/D,oBAAoB;YACpB,IAAI,kBAAkB,KAAK,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAChD,QAAQ,CAAC,oBAAoB,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;YACxD,CAAC;YACD,+DAA+D;YAC/D,yDAAyD;YACzD,+DAA+D;YAC/D,iEAAiE;YACjE,IAAI,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;gBACzB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC;YACvC,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE;gBACtB,WAAW;gBACX,aAAa;gBACb,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,UAAU,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;gBAC7B,IAAI,EAAE;oBACJ;wBACE,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB;iBACF;gBACD,oBAAoB,EAAE,IAAI,GAAG,EAAE;aAChC,CAAC,CAAC;QACL,CAAC;QACD,8DAA8D;QAC9D,kEAAkE;QAClE,IAAI,CAAC,CAAC,GAAG;YAAE,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC,CAAC;IACzE,CAAC;IAED,MAAM,sBAAsB,GAAwD;QAClF,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,EAAE;QACR,MAAM,EAAE,EAAE;KACX,CAAC;IACF,MAAM,cAAc,GAAG,WAAW,EAAE,CAAC;IACrC,MAAM,iBAAiB,GAAG,WAAW,EAAE,CAAC;IACxC,MAAM,eAAe,GAAqB,EAAE,CAAC;IAE7C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,MAAM,OAAO,GAAgB;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,WAAW,EAAE,CAAC,CAAC,WAAW;YAC1B,aAAa,EAAE,CAAC,CAAC,aAAa;YAC9B,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE;YACpC,GAAG,CAAC,CAAC,CAAC,oBAAoB,CAAC,IAAI,GAAG,CAAC;gBACjC,CAAC,CAAC,EAAE,oBAAoB,EAAE,CAAC,GAAG,CAAC,CAAC,oBAAoB,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC9D,CAAC,CAAC,EAAE,CAAC;SACR,CAAC;QAEF,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC5B,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,6DAA6D;YAC7D,+DAA+D;YAC/D,8DAA8D;YAC9D,wBAAwB;YACxB,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,UAAU,CAAC,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,YAAY,EAAE,CAAC,CAAC,QAAQ;gBACxB,aAAa,EAAE,CAAC,CAAC,IAAI;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,6DAA6D;IAC7D,+DAA+D;IAC/D,mEAAmE;IACnE,qEAAqE;IACrE,kEAAkE;IAClE,mEAAmE;IACnE,MAAM,mBAAmB,GAAG;QAC1B,GAAG,sBAAsB,CAAC,MAAM;QAChC,GAAG,sBAAsB,CAAC,IAAI;QAC9B,GAAG,sBAAsB,CAAC,MAAM;KACjC,CAAC;IACF,IAAA,wCAA6B,EAAC,mBAAmB,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;IAE5E,MAAM,uBAAuB,GAAG,WAAW,EAAE,CAAC;IAC9C,MAAM,0BAA0B,GAAG,WAAW,EAAE,CAAC;IACjD,MAAM,WAAW,GAAG,CAAC,CAAc,EAAW,EAAE,CAC9C,CAAC,CAAC,CAAC,CAAC,WAAW,IAAI,IAAA,8BAAmB,EAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,KAAK,MAAM,CAAC,IAAI,sBAAsB,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,uBAAuB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,MAAM,EAAE,GAAG,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,0BAA0B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,oEAAoE;IACpE,gDAAgD;IAChD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA0B,CAAC;IACpD,IAAI,2BAA2B,GAAG,CAAC,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,IAAI,gBAAgB,2BAA2B,EAAE,EAAE,CAAC;QAC7E,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,6DAA6D;YAC7D,2DAA2D;YAC3D,2BAA2B;YAC3B,IAAI,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,WAAW,EAAE,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,iBAAiB,EAAE,CAAC;QAClC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uEAAuE;IACvE,MAAM,UAAU,GAAwB;QACtC,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAC5B,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ,KAAK,IAAI;SACrC;QACD,YAAY,EAAE;YACZ,IAAI,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ;YACjC,GAAG,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ,KAAK,IAAI;SAC1C;QACD,QAAQ,EAAE;YACR,KAAK,EAAE,KAAK,CAAC,QAAQ,EAAE,SAAS,IAAI,EAAE;YACtC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;SACjD;QACD,SAAS,EAAE;YACT,gEAAgE;YAChE,6DAA6D;YAC7D,8DAA8D;YAC9D,4BAA4B;YAC5B,GAAG,EAAE,KAAK,CAAC,qBAAqB,GAAG,CAAC;YACpC,YAAY,EAAE,KAAK,CAAC,qBAAqB;SAC1C;QACD,YAAY,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;QAC3B,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI;YACzB,SAAS,EAAE,KAAK,CAAC,QAAQ,CAAC,SAAS;YACnC,iBAAiB,EAAE,KAAK,CAAC,QAAQ,CAAC,iBAAiB;SACpD;KACF,CAAC;IAEF,OAAO;QACL,cAAc;QACd,aAAa;QACb,iBAAiB;QACjB,uBAAuB;QACvB,0BAA0B;QAC1B,kBAAkB,EAAE;YAClB,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,IAAI,EAAE,sBAAsB,CAAC,IAAI;YACjC,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,UAAU,EAAE,iBAAiB;SAC9B;QACD,6BAA6B,EAAE,iBAAiB,CAAC,MAAM;QACvD,0BAA0B,EAAE,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM;QAC1D,eAAe;QACf,UAAU;KACX,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"aggregator.js","sourceRoot":"","sources":["../../../src/analyzers/security/aggregator.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAuDG;;AA2QH,wDA2ZC;AAlqBD,sDAQ8B;AAC9B,uDAA8F;AA2J9F,6EAA6E;AAE7E;;;;;;;;;;;;;GAaG;AACH,6EAA6E;AAE7E,MAAM,aAAa,GAA6B;IAC9C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF,SAAS,WAAW,CAAC,CAAW,EAAE,CAAW;IAC3C,OAAO,aAAa,CAAC,CAAC,CAAC,IAAI,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;AACrD,CAAC;AAED,SAAS,UAAU,CAAC,MAAsB,EAAE,QAAkB;IAC5D,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;AACrB,CAAC;AA2CD;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,SAAgB,sBAAsB,CAAC,KAA6B;IAClE,uEAAuE;IACvE,MAAM,eAAe,GAAsB;QACzC,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ;QACzB,GAAG,KAAK,CAAC,YAAY;QACrB,GAAG,KAAK,CAAC,YAAY,CAAC,QAAQ;QAC9B,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,QAAQ,IAAI,EAAE,CAAC;QACnC,GAAG,KAAK,CAAC,SAAS;KACnB,CAAC;IA2CF,MAAM,MAAM,GAAG,IAAI,GAAG,EAAiB,CAAC;IAExC,yEAAyE;IACzE,qEAAqE;IACrE,gEAAgE;IAChE,oEAAoE;IACpE,kEAAkE;IAClE,qEAAqE;IACrE,mEAAmE;IACnE,cAAc;IACd,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAkB,CAAC;IAC3C,MAAM,SAAS,GAAG,CAAC,GAAW,EAAE,IAAY,EAAE,IAAY,EAAU,EAAE,CACpE,GAAG,GAAG,KAAK,IAAI,KAAK,IAAA,2BAAa,EAAC,IAAI,CAAC,EAAE,CAAC;IAE5C,KAAK,MAAM,CAAC,IAAI,eAAe,EAAE,CAAC;QAChC,MAAM,aAAa,GAAG,IAAA,8BAAgB,EAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QACvD,MAAM,kBAAkB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC;QAEjF,gEAAgE;QAChE,qEAAqE;QACrE,sEAAsE;QACtE,sEAAsE;QACtE,qBAAqB;QACrB,gEAAgE;QAChE,oEAAoE;QACpE,gEAAgE;QAChE,gEAAgE;QAChE,IAAI,WAAW,GAAG,kBAAkB,CAAC;QACrC,IAAI,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QACvC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAC7B,MAAM,mBAAmB,GAAG,IAAA,oCAAsB,EAAC,aAAa,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC;gBAC3F,MAAM,SAAS,GAAG,MAAM,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;gBAClD,IAAI,SAAS,EAAE,CAAC;oBACd,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,mBAAmB,CAAC;oBAClC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,sEAAsE;QACtE,8DAA8D;QAC9D,kEAAkE;QAClE,oEAAoE;QACpE,8CAA8C;QAC9C,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,GAAG,EAAE,CAAC;YACvB,KAAK,MAAM,MAAM,IAAI,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAChC,MAAM,EAAE,GAAG,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,GAAG,MAAM,CAAC,CAAC,CAAC;gBACnE,MAAM,SAAS,GAAG,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;gBAClD,IAAI,SAAS,IAAI,CAAC,SAAS,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;oBACnD,QAAQ,GAAG,SAAS,CAAC;oBACrB,WAAW,GAAG,SAAS,CAAC,WAAW,CAAC;oBACpC,MAAM;gBACR,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC/D,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAChC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC;gBACjB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;aACrB,CAAC,CAAC;YACH,+DAA+D;YAC/D,yDAAyD;YACzD,+DAA+D;YAC/D,iEAAiE;YACjE,IAAI,CAAC,CAAC,IAAI,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAC3B,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;gBACzB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC;gBACvB,QAAQ,CAAC,GAAG,GAAG,CAAC,CAAC,GAAG,IAAI,QAAQ,CAAC,GAAG,CAAC;gBACrC,mEAAmE;gBACnE,QAAQ,CAAC,QAAQ,GAAG,CAAC,CAAC,QAAQ,CAAC;gBAC/B,QAAQ,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;YAC3B,CAAC;QACH,CAAC;aAAM,CAAC;YACN,MAAM,CAAC,GAAG,CAAC,WAAW,EAAE;gBACtB,WAAW;gBACX,aAAa;gBACb,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,UAAU,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;gBAC7B,IAAI,EAAE;oBACJ;wBACE,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;wBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;wBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;qBACrB;iBACF;aACF,CAAC,CAAC;QACL,CAAC;QACD,8DAA8D;QAC9D,kEAAkE;QAClE,IAAI,CAAC,CAAC,GAAG;YAAE,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,WAAW,CAAC,CAAC;IACzE,CAAC;IAED,kEAAkE;IAClE,oEAAoE;IACpE,iDAAiD;IACjD,0DAA0D;IAC1D,6DAA6D;IAC7D,wEAAwE;IACxE,sEAAsE;IACtE,4DAA4D;IAC5D,oEAAoE;IACpE,qEAAqE;IACrE,uEAAuE;IACvE,gEAAgE;IAChE,gEAAgE;IAChE,qEAAqE;IACrE,MAAM,cAAc,GAAG,IAAI,GAAG,EAAmB,CAAC;IAClD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,IAAI,GAAuB,CAAC;QAC5B,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACtD,GAAG,GAAG,SAAS,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,KAAK,IAAI,EAAE,KAAK,CAAC,CAAC,QAAQ,EAAE,CAAC;QAC3D,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,GAAG,GAAG,WAAW,CAAC,CAAC,IAAI,EAAE,CAAC;QAC5B,CAAC;QACD,IAAI,GAAG,KAAK,SAAS,EAAE,CAAC;YACtB,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YACb,cAAc,CAAC,GAAG,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IACD,KAAK,MAAM,IAAI,IAAI,cAAc,CAAC,MAAM,EAAE,EAAE,CAAC;QAC3C,IAAI,CAAC,IAAI,CACP,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACP,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI;YACf,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,GAAG,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAC/E,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACpB,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC;QAChB,CAAC,CAAC,CAAC;IACL,CAAC;IAED,wEAAwE;IACxE,wEAAwE;IACxE,qEAAqE;IACrE,sEAAsE;IACtE,6DAA6D;IAC7D,yEAAyE;IACzE,MAAM,SAAS,GAAG,CAAC,CAAQ,EAAsB,EAAE;QACjD,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;YAAE,OAAO,IAAA,iCAAmB,EAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QACxE,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,SAAS,EAAE,CAAC;YACtD,OAAO,IAAA,uCAAyB,EAAC,CAAC,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;QAC9E,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC,CAAC;IACF,MAAM,cAAc,GAAG,CACrB,aAAqB,EACrB,IAAY,EACZ,IAAY,EACZ,MAA0B,EAClB,EAAE,CACV,MAAM,KAAK,SAAS;QAClB,CAAC,CAAC,IAAA,uCAAyB,EAAC,aAAa,EAAE,IAAI,EAAE,MAAM,CAAC;QACxD,CAAC,CAAC,IAAA,oCAAsB,EAAC,aAAa,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;IAExD,mEAAmE;IACnE,2EAA2E;IAC3E,uEAAuE;IACvE,qEAAqE;IACrE,0EAA0E;IAC1E,kDAAkD;IAClD,MAAM,eAAe,GAAG,CAAC,CAAQ,EAAU,EAAE,CAC3C,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,mCAAqB,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC;IAEpE,MAAM,sBAAsB,GAAwD;QAClF,MAAM,EAAE,EAAE;QACV,IAAI,EAAE,EAAE;QACR,MAAM,EAAE,EAAE;KACX,CAAC;IACF,MAAM,cAAc,GAAG,WAAW,EAAE,CAAC;IACrC,MAAM,iBAAiB,GAAG,WAAW,EAAE,CAAC;IACxC,MAAM,eAAe,GAAqB,EAAE,CAAC;IAE7C,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,YAAY,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,WAAW,GAAG,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;QAEzE,uEAAuE;QACvE,qEAAqE;QACrE,iEAAiE;QACjE,oEAAoE;QACpE,qEAAqE;QACrE,yEAAyE;QACzE,sEAAsE;QACtE,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;QACnC,KAAK,MAAM,GAAG,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC;YACzB,MAAM,YAAY,GAChB,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,mCAAqB,CAAC,CAAC,CAAC,IAAA,8BAAgB,EAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC;YACzF,IAAI,SAA6B,CAAC;YAClC,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ;gBAAE,SAAS,GAAG,IAAA,iCAAmB,EAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;iBACxE,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,GAAG,CAAC,QAAQ,KAAK,SAAS;gBAC1D,SAAS,GAAG,IAAA,uCAAyB,EAAC,CAAC,CAAC,KAAK,IAAI,EAAE,EAAE,GAAG,CAAC,QAAQ,EAAE,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC;YACrF,MAAM,KAAK,GAAG,cAAc,CAAC,YAAY,EAAE,CAAC,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACxE,IAAI,KAAK,KAAK,WAAW;gBAAE,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;QACjD,CAAC;QAED,MAAM,OAAO,GAAgB;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,WAAW;YACX,aAAa,EAAE,CAAC,CAAC,aAAa;YAC9B,UAAU,EAAE,CAAC,GAAG,CAAC,CAAC,UAAU,CAAC,CAAC,IAAI,EAAE;YACpC,2FAA2F;YAC3F,uEAAuE;YACvE,GAAG,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,aAAa,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1D,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,CAAC,CAAC,CAAC,KAAK,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACpD,GAAG,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,oBAAoB,EAAE,CAAC,GAAG,QAAQ,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC7E,CAAC;QAEF,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YAC5B,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;YACnC,sBAAsB,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC5C,6DAA6D;YAC7D,+DAA+D;YAC/D,8DAA8D;YAC9D,wBAAwB;YACxB,UAAU,CAAC,iBAAiB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QAC5C,CAAC;aAAM,CAAC;YACN,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YAC1C,UAAU,CAAC,cAAc,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;QACzC,CAAC;QAED,IAAI,CAAC,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACtB,eAAe,CAAC,IAAI,CAAC;gBACnB,aAAa,EAAE,CAAC,CAAC,aAAa;gBAC9B,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,YAAY,EAAE,CAAC,CAAC,QAAQ;gBACxB,aAAa,EAAE,CAAC,CAAC,IAAI;aACtB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,6DAA6D;IAC7D,+DAA+D;IAC/D,mEAAmE;IACnE,qEAAqE;IACrE,kEAAkE;IAClE,mEAAmE;IACnE,MAAM,mBAAmB,GAAG;QAC1B,GAAG,sBAAsB,CAAC,MAAM;QAChC,GAAG,sBAAsB,CAAC,IAAI;QAC9B,GAAG,sBAAsB,CAAC,MAAM;KACjC,CAAC;IACF,IAAA,wCAA6B,EAAC,mBAAmB,EAAE,KAAK,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;IAE5E,MAAM,uBAAuB,GAAG,WAAW,EAAE,CAAC;IAC9C,MAAM,0BAA0B,GAAG,WAAW,EAAE,CAAC;IACjD,MAAM,WAAW,GAAG,CAAC,CAAc,EAAW,EAAE,CAC9C,CAAC,CAAC,CAAC,CAAC,WAAW,IAAI,IAAA,8BAAmB,EAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC;IAC9D,KAAK,MAAM,CAAC,IAAI,sBAAsB,CAAC,IAAI,EAAE,CAAC;QAC5C,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,uBAAuB,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACvE,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,CAAC,GAAG,sBAAsB,CAAC,MAAM,EAAE,GAAG,sBAAsB,CAAC,MAAM,CAAC,EAAE,CAAC;QACrF,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;YAAE,UAAU,CAAC,0BAA0B,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC1E,CAAC;IAED,uEAAuE;IACvE,kEAAkE;IAClE,oEAAoE;IACpE,gDAAgD;IAChD,MAAM,SAAS,GAAG,IAAI,GAAG,EAA0B,CAAC;IACpD,IAAI,2BAA2B,GAAG,CAAC,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;QACxC,MAAM,GAAG,GAAG,CAAC,CAAC,WAAW,IAAI,gBAAgB,2BAA2B,EAAE,EAAE,CAAC;QAC7E,MAAM,QAAQ,GAAG,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACpC,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACxB,CAAC;aAAM,CAAC;YACN,6DAA6D;YAC7D,2DAA2D;YAC3D,2BAA2B;YAC3B,IAAI,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACjE,SAAS,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACxB,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,iBAAiB,GAAG,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,WAAW,EAAE,CAAC;IACpC,KAAK,MAAM,CAAC,IAAI,iBAAiB,EAAE,CAAC;QAClC,UAAU,CAAC,aAAa,EAAE,CAAC,CAAC,QAAQ,CAAC,CAAC;IACxC,CAAC;IAED,uEAAuE;IACvE,MAAM,UAAU,GAAwB;QACtC,OAAO,EAAE;YACP,IAAI,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ;YAC5B,GAAG,EAAE,KAAK,CAAC,OAAO,CAAC,QAAQ,KAAK,IAAI;SACrC;QACD,YAAY,EAAE;YACZ,IAAI,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ;YACjC,GAAG,EAAE,KAAK,CAAC,YAAY,CAAC,QAAQ,KAAK,IAAI;SAC1C;QACD,QAAQ,EAAE;YACR,KAAK,EAAE,KAAK,CAAC,QAAQ,EAAE,SAAS,IAAI,EAAE;YACtC,GAAG,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,SAAS,CAAC,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;SACjD;QACD,SAAS,EAAE;YACT,gEAAgE;YAChE,6DAA6D;YAC7D,8DAA8D;YAC9D,4BAA4B;YAC5B,GAAG,EAAE,KAAK,CAAC,qBAAqB,GAAG,CAAC;YACpC,YAAY,EAAE,KAAK,CAAC,qBAAqB;SAC1C;QACD,YAAY,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE;QAC3B,QAAQ,EAAE;YACR,IAAI,EAAE,KAAK,CAAC,QAAQ,CAAC,IAAI;YACzB,SAAS,EAAE,KAAK,CAAC,QAAQ,CAAC,SAAS;YACnC,iBAAiB,EAAE,KAAK,CAAC,QAAQ,CAAC,iBAAiB;SACpD;KACF,CAAC;IAEF,OAAO;QACL,cAAc;QACd,aAAa;QACb,iBAAiB;QACjB,uBAAuB;QACvB,0BAA0B;QAC1B,kBAAkB,EAAE;YAClB,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,IAAI,EAAE,sBAAsB,CAAC,IAAI;YACjC,MAAM,EAAE,sBAAsB,CAAC,MAAM;YACrC,UAAU,EAAE,iBAAiB;SAC9B;QACD,6BAA6B,EAAE,iBAAiB,CAAC,MAAM;QACvD,0BAA0B,EAAE,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM;QAC1D,eAAe;QACf,UAAU;KACX,CAAC;AACJ,CAAC"}
|
|
@@ -133,6 +133,8 @@ export declare function buildSecurityAggregateForHealth(cwd: string, secrets: {
|
|
|
133
133
|
file: string;
|
|
134
134
|
line: number;
|
|
135
135
|
cwe: string;
|
|
136
|
+
/** Matched-span hash when the scanner surfaced the span. */
|
|
137
|
+
spanHash?: string;
|
|
136
138
|
}>;
|
|
137
139
|
} | undefined, depVulnsEnvelope: DepVulnResult | undefined, depVulnsAvailable: boolean, depVulnsUnavailableReason: string): Promise<SecurityAggregate>;
|
|
138
140
|
//# sourceMappingURL=gather.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gather.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"gather.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":"AAyBA,OAAO,EAAE,eAAe,EAAE,cAAc,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AACpE,OAAO,EAA0B,KAAK,iBAAiB,EAAE,MAAM,cAAc,CAAC;AAW9E,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,oCAAoC,CAAC;AAIxE;;;;;;GAMG;AACH,wBAAsB,aAAa,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IACxD,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAiBD;AAID,wBAAgB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CAgDjE;AAID;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,wBAAgB,uBAAuB,CAAC,GAAG,EAAE,MAAM,GAAG,eAAe,EAAE,CA4CtE;AAID;;;;;;GAMG;AACH,wBAAsB,kBAAkB,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IAC7D,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,GAAG,IAAI,CAAC;CACzB,CAAC,CAsBD;AAoBD;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACH,wBAAsB,8BAA8B,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC;IACzE,QAAQ,EAAE,aAAa,GAAG,IAAI,CAAC;IAC/B,SAAS,EAAE,OAAO,CAAC;IACnB,iBAAiB,EAAE,MAAM,CAAC;CAC3B,CAAC,CAwED;AAED,wBAAsB,cAAc,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,CAAC,CA6HzE;AAID;;;;;;;;;;;;GAYG;AACH,wBAAsB,+BAA+B,CACnD,GAAG,EAAE,MAAM,EACX,OAAO,EACH;IACE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;QACtB,QAAQ,EAAE,QAAQ,CAAC;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;KACd,CAAC,CAAC;CACJ,GACD,SAAS,EACb,YAAY,EACR;IACE,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,aAAa,CAAC;QACtB,QAAQ,EAAE,QAAQ,CAAC;QACnB,IAAI,EAAE,MAAM,CAAC;QACb,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,GAAG,EAAE,MAAM,CAAC;QACZ,4DAA4D;QAC5D,QAAQ,CAAC,EAAE,MAAM,CAAC;KACnB,CAAC,CAAC;CACJ,GACD,SAAS,EACb,gBAAgB,EAAE,aAAa,GAAG,SAAS,EAC3C,iBAAiB,EAAE,OAAO,EAC1B,yBAAyB,EAAE,MAAM,GAChC,OAAO,CAAC,iBAAiB,CAAC,CAyF5B"}
|
|
@@ -44,10 +44,10 @@ exports.buildSecurityAggregateForHealth = buildSecurityAggregateForHealth;
|
|
|
44
44
|
* Security finding gatherers — one function per tool, no overlap.
|
|
45
45
|
*
|
|
46
46
|
* Tool boundaries:
|
|
47
|
-
*
|
|
48
|
-
*
|
|
49
|
-
*
|
|
50
|
-
*
|
|
47
|
+
* gitleaks → secrets (hardcoded credentials, API keys, private keys in source)
|
|
48
|
+
* find/git → private key files on disk (.key, .pem), .env tracked in git
|
|
49
|
+
* semgrep → code patterns (eval, exec, TLS, CORS, SQLi, XSS, SSRF, etc.)
|
|
50
|
+
* dispatcher → dependency CVEs unioned across every active language pack
|
|
51
51
|
*/
|
|
52
52
|
const fs = __importStar(require("fs"));
|
|
53
53
|
const runner_1 = require("../tools/runner");
|
|
@@ -61,6 +61,7 @@ const risk_score_1 = require("../tools/risk-score");
|
|
|
61
61
|
const upgrade_plan_resolver_1 = require("../tools/upgrade-plan-resolver");
|
|
62
62
|
const normalize_1 = require("../../ingest/normalize");
|
|
63
63
|
const snapshot_1 = require("../../ingest/snapshot");
|
|
64
|
+
const finding_context_1 = require("../../explore/finding-context");
|
|
64
65
|
const exclusions_1 = require("../tools/exclusions");
|
|
65
66
|
const walk_source_files_1 = require("../tools/walk-source-files");
|
|
66
67
|
const path = __importStar(require("path"));
|
|
@@ -91,6 +92,8 @@ async function gatherSecrets(cwd) {
|
|
|
91
92
|
file: f.file,
|
|
92
93
|
line: f.line,
|
|
93
94
|
tool: result.tool,
|
|
95
|
+
// Secret identity is value/salt-free (canonicalRule, file, ordinal),
|
|
96
|
+
// assembled in the aggregator — the gather carries no content anchor.
|
|
94
97
|
}));
|
|
95
98
|
return { findings, toolUsed: result.tool };
|
|
96
99
|
}
|
|
@@ -228,6 +231,8 @@ function gatherTlsBypassFindings(cwd) {
|
|
|
228
231
|
file: relPath,
|
|
229
232
|
line: i + 1,
|
|
230
233
|
tool: 'tls-bypass-registry',
|
|
234
|
+
// Content anchor: the matched line is this finding's span.
|
|
235
|
+
...(trimmed.length > 0 ? { spanHash: (0, fingerprint_1.spanHash)(trimmed) } : {}),
|
|
231
236
|
});
|
|
232
237
|
}
|
|
233
238
|
}
|
|
@@ -254,6 +259,9 @@ async function gatherCodePatterns(cwd) {
|
|
|
254
259
|
file: f.file,
|
|
255
260
|
line: f.line,
|
|
256
261
|
tool: result.tool,
|
|
262
|
+
// Content-anchored identity: carry the matched-span hash; the aggregator combines it with
|
|
263
|
+
// the enclosing-symbol scope + ordinal to build the content anchor.
|
|
264
|
+
...(f.spanHash !== undefined ? { spanHash: f.spanHash } : {}),
|
|
257
265
|
}));
|
|
258
266
|
return { findings, toolUsed: result.tool };
|
|
259
267
|
}
|
|
@@ -531,6 +539,7 @@ async function buildSecurityAggregateForHealth(cwd, secrets, codePatterns, depVu
|
|
|
531
539
|
file: f.file,
|
|
532
540
|
line: f.line,
|
|
533
541
|
tool: codePatterns.tool,
|
|
542
|
+
...(f.spanHash !== undefined ? { spanHash: f.spanHash } : {}),
|
|
534
543
|
}))
|
|
535
544
|
: [];
|
|
536
545
|
// Ingested external-engine findings (Snyk Code / CodeQL / SARIF) read
|
|
@@ -545,6 +554,23 @@ async function buildSecurityAggregateForHealth(cwd, secrets, codePatterns, depVu
|
|
|
545
554
|
// never raise in an excluded path doesn't sneak in via ingestion.
|
|
546
555
|
const externalFindings = (0, normalize_1.externalToSecurityFindings)((0, snapshot_1.readAllSnapshots)(cwd)).filter((f) => !(0, exclusions_1.isExcludedPath)(cwd, f.file));
|
|
547
556
|
const externalEngines = (0, snapshot_1.snapshotEngines)(cwd);
|
|
557
|
+
// Scope pre-pass: attach each CODE finding's enclosing symbol from
|
|
558
|
+
// the graph so identity can anchor to the symbol (B), not the line. Runs
|
|
559
|
+
// here — the single chokepoint that builds the one cached aggregate every
|
|
560
|
+
// consumer reads — so vuln-scan, health, baseline, and BoM all inherit
|
|
561
|
+
// it. Graph access stays in `src/explore/` (Rule 12); the aggregator
|
|
562
|
+
// never touches the graph. Only code-category findings get a scope
|
|
563
|
+
// (secrets anchor on their HMAC; config on (rule, file)). Fail-open: no
|
|
564
|
+
// graph → scopes stay unset → file-level fallback under the content-anchored scheme.
|
|
565
|
+
const codeScopeTargets = [...codeFindings, ...tlsBypass, ...externalFindings];
|
|
566
|
+
const scopeMap = (0, finding_context_1.buildEnclosingScopeMap)(cwd, codeScopeTargets.map((f) => ({ file: f.file, line: f.line })));
|
|
567
|
+
if (scopeMap) {
|
|
568
|
+
for (const f of codeScopeTargets) {
|
|
569
|
+
const symbol = scopeMap[(0, finding_context_1.locationKey)(f.file, f.line)];
|
|
570
|
+
if (symbol)
|
|
571
|
+
f.scope = symbol;
|
|
572
|
+
}
|
|
573
|
+
}
|
|
548
574
|
return (0, aggregator_1.buildSecurityAggregate)({
|
|
549
575
|
secrets: { findings: secretFindings, toolUsed: secrets?.tool ?? null },
|
|
550
576
|
fileFindings,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"gather.js","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA+CA,sCAkBC;AAID,gDAgDC;AAgDD,0DA0CC;AAWD,gDAsBC;AA+CD,wEA4EC;AAED,wCA6HC;AAiBD,0EAkGC;AA7lBD;;;;;;;;GAQG;AACH,uCAAyB;AACzB,4CAAsC;AACtC,gDAA+E;AAC/E,wCAAyD;AACzD,sDAAyD;AACzD,sCAAyC;AACzC,sCAA8C;AAC9C,wDAAgF;AAChF,oDAAoD;AACpD,0EAA+E;AAC/E,sDAAoE;AACpE,oDAA0E;AAC1E,oDAA0E;AAC1E,kEAA8F;AAC9F,2CAA6B;AAE7B,6CAA8E;AAC9E,+CAAqD;AACrD,8CAAkD;AAClD,+CAA8E;AAC9E,0EAKkD;AAClD,+DAA4D;AAG5D,gFAAgF;AAEhF;;;;;;GAMG;AACI,KAAK,UAAU,aAAa,CAAC,GAAW;IAI7C,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,IAAA,2BAAY,EAAC,qBAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IACxF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,QAAiB;QAC3B,GAAG,EAAE,SAAS;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;QAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;KAClB,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,SAAgB,kBAAkB,CAAC,GAAW;IAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,IAAA,gCAAmB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,mDAAmD;IAEpG,oCAAoC;IACpC,sEAAsE;IACtE,qEAAqE;IACrE,wEAAwE;IACxE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,iEAAiE;IACjE,4DAA4D;IAC5D,sDAAsD;IACtD,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,iDAAiD,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,gFAAgF;IACvK,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,oCAAoC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;gBAChE,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;gBACzB,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,MAAM;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;IACtD,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,6BAA6B,CAAC,EAAE;gBACvC,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,KAAK;aACZ,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,SAAgB,uBAAuB,CAAC,GAAW;IACjD,MAAM,QAAQ,GAAG,IAAA,gCAAoB,GAAE,CAAC;IACxC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;QAC5B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAA,oCAAgB,EAAC,OAAO,CAAC,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,MAAM,KAAK,MAAM,IAAI,IAAA,iCAAa,EAAC,IAAI,EAAE,MAAM,CAAC;gBAAE,SAAS;YAC/D,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;gBAC1B,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;gBACjB,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClB,OAAO,GAAG,IAAI,CAAC;oBACf,MAAM;gBACR,CAAC;YACH,CAAC;YACD,IAAI,CAAC,OAAO;gBAAE,SAAS;YACvB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC;YAC5E,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,yBAAyB;gBAC/B,KAAK,EAAE,wCAAwC,OAAO,EAAE;gBACxD,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,IAAI,EAAE,qBAAqB;aAC5B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E;;;;;;GAMG;AACI,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAIlD,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAC3C,GAAG,EACH,2BAAa,EACb,IAAA,2BAAY,EAAC,2BAAa,EAAE,GAAG,CAAC,CACjC,CAAC;IACF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,MAAe;QACzB,GAAG,EAAE,CAAC,CAAC,GAAG;QACV,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;KAClB,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,MAAM,eAAe,GAAmB;IACtC,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,KAAK,EAAE,CAAC;IACR,IAAI,EAAE,IAAI;IACV,QAAQ,EAAE,EAAE;IACZ,wEAAwE;IACxE,oEAAoE;IACpE,oEAAoE;IACpE,uDAAuD;IACvD,SAAS,EAAE,IAAI;IACf,iBAAiB,EAAE,EAAE;CACtB,CAAC;AAEF;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,8BAA8B,CAAC,GAAW;IAK9D,MAAM,WAAW,GAAG,IAAA,iCAAqB,EAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACvF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAC;IACpE,CAAC;IAED,qEAAqE;IACrE,kEAAkE;IAClE,kEAAkE;IAClE,6DAA6D;IAC7D,mEAAmE;IACnE,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,UAAU,CACvC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACpB,IAAA,uBAAY,EAAC,CAAC,CAAC,YAAa,CAAC,QAAS,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,uCAA4B,CAAC,CAAC,IAAI,CAC3F,CAAC,eAAe,EAAE,EAAE;QAClB,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8BAA8B,CAAC,CAAC,EAAE,oBAAoB,OAAO,0CAA0C,CACxG,CAAC;YACF,OAAO;gBACL,IAAI,EAAE,aAAsB;gBAC5B,MAAM,EAAE,eAAe,OAAO,cAAc;aAC7C,CAAC;QACJ,CAAC;QACD,OAAO,eAAe,CAAC,KAAK,CAAC;IAC/B,CAAC,CACF,CACF,CACF,CAAC;IACF,MAAM,gBAAgB,GAAoB,EAAE,CAAC;IAC7C,IAAI,gBAAgB,GAA4C,IAAI,CAAC;IACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,gBAAgB,GAAG;oBACjB,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE;oBACvB,MAAM,EAAE,mBAAoB,CAAC,CAAC,MAAgB,EAAE,OAAO,IAAI,eAAe,EAAE;iBAC7E,CAAC;YACJ,CAAC;YACD,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC;QACxB,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC/D,gBAAgB,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC;QACzE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,uBAAS,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC5F,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,8DAA8D;IAC9D,6DAA6D;IAC7D,gDAAgD;IAChD,gEAAgE;IAChE,iEAAiE;IACjE,4BAA4B;IAC5B,IAAI,QAAQ,EAAE,QAAQ,EAAE,CAAC;QACvB,IAAA,+BAAiB,EAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;IACD,OAAO;QACL,QAAQ;QACR,SAAS,EAAE,gBAAgB,KAAK,IAAI;QACpC,iBAAiB,EAAE,gBAAgB;YACjC,CAAC,CAAC,GAAG,gBAAgB,CAAC,IAAI,KAAK,gBAAgB,CAAC,MAAM,EAAE;YACxD,CAAC,CAAC,EAAE;KACP,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,mEAAmE;IACnE,6DAA6D;IAC7D,oEAAoE;IACpE,uEAAuE;IACvE,uEAAuE;IACvE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;IAE7F,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,GAAG,eAAe;YAClB,SAAS;YACT,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,oEAAoE;IACpE,iEAAiE;IACjE,iEAAiE;IACjE,mEAAmE;IACnE,kEAAkE;IAClE,gDAAgD;IAChD,EAAE;IACF,gEAAgE;IAChE,+DAA+D;IAC/D,kEAAkE;IAClE,+DAA+D;IAC/D,mDAAmD;IACnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC;IACzC,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,sDAAsD;IACtD,IAAA,+BAAiB,EAAC,QAAQ,CAAC,CAAC;IAC5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;QAC/C,MAAM,gBAAgB,GAA4C,EAAE,CAAC;QACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,IAAA,mBAAY,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,IAAI,MAAM,EAAE,CAAC;gBACX,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAc,EAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,KAAK,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBACtD,IAAI,GAAG;oBAAE,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QACD,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACvD,+DAA+D;YAC/D,8DAA8D;YAC9D,gEAAgE;YAChE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,IAAA,iBAAU,EAAC,UAAU,CAAC,EAAE,IAAA,eAAS,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7F,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;gBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC9B,IAAI,KAAK,KAAK,SAAS;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC;gBACzD,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC;YACjD,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,kEAAkE;QAClE,+DAA+D;QAC/D,2DAA2D;QAC3D,gEAAgE;QAChE,uBAAuB;QACvB,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,mEAAmE;QACnE,mEAAmE;QACnE,+DAA+D;QAC/D,mEAAmE;QACnE,kEAAkE;QAClE,wBAAwB;QACxB,MAAM,gBAAgB,GAAG,IAAA,2BAAY,EAAC,qBAAO,CAAC,CAAC;QAC/C,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,eAAe,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,gBAAgB,CAAC,CAAC;YACvF,IAAI,eAAe,IAAI,eAAe,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBAC1D,MAAM,SAAS,GAAG,IAAA,uCAAwB,EAAC,eAAe,CAAC,CAAC;gBAC5D,IAAA,4BAAa,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,4DAA4D;QAC5D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,6DAA6D;QAC7D,IAAA,qDAA6B,EAAC,QAAQ,CAAC,CAAC;QAExC,iEAAiE;QACjE,yDAAyD;QACzD,+DAA+D;QAC/D,wCAAwC;QACxC,IAAA,0BAAa,EAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC;IACxD,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,MAAM;QACN,GAAG;QACH,KAAK,EAAE,QAAQ,GAAG,IAAI,GAAG,MAAM,GAAG,GAAG;QACrC,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ;QACR,qEAAqE;QACrE,+DAA+D;QAC/D,kFAAkF;QAClF,kEAAkE;QAClE,uDAAuD;QACvD,SAAS;QACT,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF;;;;;;;;;;;;GAYG;AACI,KAAK,UAAU,+BAA+B,CACnD,GAAW,EACX,OAWa,EACb,YAYa,EACb,gBAA2C,EAC3C,iBAA0B,EAC1B,yBAAiC;IAEjC,wEAAwE;IACxE,kEAAkE;IAClE,mEAAmE;IACnE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,uBAAuB,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,YAAY,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,cAAc,GAAsB,OAAO;QAC/C,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,QAAiB;YAC3B,GAAG,EAAE,SAAS;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;YAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,OAAO,CAAC,IAAI;SACnB,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,YAAY,GAAsB,YAAY;QAClD,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,MAAe;YACzB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,YAAY,CAAC,IAAI;SACxB,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,sEAAsE;IACtE,oEAAoE;IACpE,qEAAqE;IACrE,EAAE;IACF,qEAAqE;IACrE,qEAAqE;IACrE,qEAAqE;IACrE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,gBAAgB,GAAG,IAAA,sCAA0B,EAAC,IAAA,2BAAgB,EAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAC/E,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,2BAAc,EAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CACpC,CAAC;IACF,MAAM,eAAe,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAE7C,OAAO,IAAA,mCAAsB,EAAC;QAC5B,OAAO,EAAE,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE;QACtE,YAAY;QACZ,YAAY,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,IAAI,IAAI,EAAE;QAC9E,QAAQ,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,eAAe,EAAE;QACpE,SAAS;QACT,qBAAqB,EAAE,IAAA,gCAAoB,GAAE,CAAC,MAAM;QACpD,QAAQ,EAAE;YACR,QAAQ,EAAE,gBAAgB,EAAE,QAAQ,IAAI,EAAE;YAC1C,IAAI,EAAE,gBAAgB,EAAE,IAAI,IAAI,IAAI;YACpC,SAAS,EAAE,iBAAiB;YAC5B,iBAAiB,EAAE,yBAAyB;SAC7C;QACD,oEAAoE;QACpE,oEAAoE;QACpE,iEAAiE;QACjE,0DAA0D;QAC1D,SAAS,EAAE,IAAA,oBAAa,EAAC,GAAG,CAAC;KAC9B,CAAC,CAAC;AACL,CAAC"}
|
|
1
|
+
{"version":3,"file":"gather.js","sourceRoot":"","sources":["../../../src/analyzers/security/gather.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgDA,sCAoBC;AAID,gDAgDC;AAgDD,0DA4CC;AAWD,gDAyBC;AA+CD,wEA4EC;AAED,wCA6HC;AAiBD,0EAyHC;AA5nBD;;;;;;;;GAQG;AACH,uCAAyB;AACzB,4CAAsC;AACtC,gDAA+E;AAC/E,wCAAyD;AACzD,sDAAmE;AACnE,sCAAyC;AACzC,sCAA8C;AAC9C,wDAAgF;AAChF,oDAAoD;AACpD,0EAA+E;AAC/E,sDAAoE;AACpE,oDAA0E;AAC1E,mEAAoF;AACpF,oDAA0E;AAC1E,kEAA8F;AAC9F,2CAA6B;AAE7B,6CAA8E;AAC9E,+CAAqD;AACrD,8CAAkD;AAClD,+CAA8E;AAC9E,0EAKkD;AAClD,+DAA4D;AAG5D,gFAAgF;AAEhF;;;;;;GAMG;AACI,KAAK,UAAU,aAAa,CAAC,GAAW;IAI7C,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,IAAA,2BAAY,EAAC,qBAAO,EAAE,GAAG,CAAC,CAAC,CAAC;IACxF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,QAAiB;QAC3B,GAAG,EAAE,SAAS;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;QAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,qEAAqE;QACrE,sEAAsE;KACvE,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,SAAgB,kBAAkB,CAAC,GAAW;IAC5C,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,IAAA,gCAAmB,EAAC,GAAG,EAAE,KAAK,CAAC,CAAC,CAAC,mDAAmD;IAEpG,oCAAoC;IACpC,sEAAsE;IACtE,qEAAqE;IACrE,wEAAwE;IACxE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,iEAAiE;IACjE,4DAA4D;IAC5D,sDAAsD;IACtD,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,iDAAiD,OAAO,EAAE,EAAE,GAAG,CAAC,CAAC,CAAC,gFAAgF;IACvK,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,oCAAoC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,EAAE;gBAChE,IAAI,EAAE,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;gBACzB,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,MAAM;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sBAAsB;IACtB,MAAM,QAAQ,GAAG,IAAA,YAAG,EAAC,0BAA0B,EAAE,GAAG,CAAC,CAAC;IACtD,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC;YAC7D,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,QAAQ;gBAClB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,YAAY;gBAClB,KAAK,EAAE,6BAA6B,CAAC,EAAE;gBACvC,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,CAAC;gBACP,IAAI,EAAE,KAAK;aACZ,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,8EAA8E;AAE9E;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;GAgCG;AACH;;;;;;;;;;GAUG;AACH,SAAgB,uBAAuB,CAAC,GAAW;IACjD,MAAM,QAAQ,GAAG,IAAA,gCAAoB,GAAE,CAAC;IACxC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACrC,MAAM,QAAQ,GAAG,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,IAAA,mCAAe,EAAC,GAAG,EAAE,EAAE,YAAY,EAAE,IAAI,EAAE,CAAC,CAAC;IAC3D,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,KAAK,MAAM,OAAO,IAAI,KAAK,EAAE,CAAC;QAC5B,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC,EAAE,OAAO,CAAC,CAAC;QAC9D,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QACD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,MAAM,GAAG,IAAA,oCAAgB,EAAC,OAAO,CAAC,CAAC;QACzC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,MAAM,KAAK,MAAM,IAAI,IAAA,iCAAa,EAAC,IAAI,EAAE,MAAM,CAAC;gBAAE,SAAS;YAC/D,IAAI,OAAO,GAAG,KAAK,CAAC;YACpB,KAAK,MAAM,EAAE,IAAI,QAAQ,EAAE,CAAC;gBAC1B,EAAE,CAAC,SAAS,GAAG,CAAC,CAAC;gBACjB,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBAClB,OAAO,GAAG,IAAI,CAAC;oBACf,MAAM;gBACR,CAAC;YACH,CAAC;YACD,IAAI,CAAC,OAAO;gBAAE,SAAS;YACvB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,CAAC;YAC5E,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,GAAG,EAAE,SAAS;gBACd,IAAI,EAAE,yBAAyB;gBAC/B,KAAK,EAAE,wCAAwC,OAAO,EAAE;gBACxD,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,CAAC,GAAG,CAAC;gBACX,IAAI,EAAE,qBAAqB;gBAC3B,2DAA2D;gBAC3D,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,IAAA,sBAAQ,EAAC,OAAO,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aAC/D,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,+EAA+E;AAE/E;;;;;;GAMG;AACI,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAIlD,MAAM,MAAM,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAC3C,GAAG,EACH,2BAAa,EACb,IAAA,2BAAY,EAAC,2BAAa,EAAE,GAAG,CAAC,CACjC,CAAC;IACF,IAAI,CAAC,MAAM;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC;IAErD,MAAM,QAAQ,GAAsB,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAC9D,QAAQ,EAAE,CAAC,CAAC,QAAQ;QACpB,QAAQ,EAAE,MAAe;QACzB,GAAG,EAAE,CAAC,CAAC,GAAG;QACV,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,KAAK,EAAE,CAAC,CAAC,KAAK;QACd,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,CAAC,CAAC,IAAI;QACZ,IAAI,EAAE,MAAM,CAAC,IAAI;QACjB,0FAA0F;QAC1F,oEAAoE;QACpE,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KAC9D,CAAC,CAAC,CAAC;IACJ,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,IAAI,EAAE,CAAC;AAC7C,CAAC;AAED,+EAA+E;AAE/E,MAAM,eAAe,GAAmB;IACtC,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;IACN,KAAK,EAAE,CAAC;IACR,IAAI,EAAE,IAAI;IACV,QAAQ,EAAE,EAAE;IACZ,wEAAwE;IACxE,oEAAoE;IACpE,oEAAoE;IACpE,uDAAuD;IACvD,SAAS,EAAE,IAAI;IACf,iBAAiB,EAAE,EAAE;CACtB,CAAC;AAEF;;;;;;;;GAQG;AACH;;;;;;;;;;;;;;;;;GAiBG;AACI,KAAK,UAAU,8BAA8B,CAAC,GAAW;IAK9D,MAAM,WAAW,GAAG,IAAA,iCAAqB,EAAC,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,YAAY,EAAE,QAAQ,CAAC,CAAC;IACvF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,SAAS,EAAE,IAAI,EAAE,iBAAiB,EAAE,EAAE,EAAE,CAAC;IACpE,CAAC;IAED,qEAAqE;IACrE,kEAAkE;IAClE,kEAAkE;IAClE,6DAA6D;IAC7D,mEAAmE;IACnE,6DAA6D;IAC7D,MAAM,QAAQ,GAAG,MAAM,OAAO,CAAC,UAAU,CACvC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACpB,IAAA,uBAAY,EAAC,CAAC,CAAC,YAAa,CAAC,QAAS,CAAC,aAAa,CAAC,GAAG,CAAC,EAAE,uCAA4B,CAAC,CAAC,IAAI,CAC3F,CAAC,eAAe,EAAE,EAAE;QAClB,IAAI,eAAe,CAAC,OAAO,EAAE,CAAC;YAC5B,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,SAAS,GAAG,IAAI,CAAC,CAAC;YAC7D,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,8BAA8B,CAAC,CAAC,EAAE,oBAAoB,OAAO,0CAA0C,CACxG,CAAC;YACF,OAAO;gBACL,IAAI,EAAE,aAAsB;gBAC5B,MAAM,EAAE,eAAe,OAAO,cAAc;aAC7C,CAAC;QACJ,CAAC;QACD,OAAO,eAAe,CAAC,KAAK,CAAC;IAC/B,CAAC,CACF,CACF,CACF,CAAC;IACF,MAAM,gBAAgB,GAAoB,EAAE,CAAC;IAC7C,IAAI,gBAAgB,GAA4C,IAAI,CAAC;IACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,CAAC,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC5B,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,gBAAgB,GAAG;oBACjB,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE;oBACvB,MAAM,EAAE,mBAAoB,CAAC,CAAC,MAAgB,EAAE,OAAO,IAAI,eAAe,EAAE;iBAC7E,CAAC;YACJ,CAAC;YACD,SAAS;QACX,CAAC;QACD,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC;QACxB,IAAI,OAAO,CAAC,IAAI,KAAK,SAAS,EAAE,CAAC;YAC/B,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC1C,CAAC;aAAM,IAAI,OAAO,CAAC,IAAI,KAAK,aAAa,IAAI,CAAC,gBAAgB,EAAE,CAAC;YAC/D,gBAAgB,GAAG,EAAE,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,EAAE,CAAC;QACzE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,uBAAS,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC5F,kEAAkE;IAClE,kEAAkE;IAClE,kEAAkE;IAClE,8DAA8D;IAC9D,6DAA6D;IAC7D,gDAAgD;IAChD,gEAAgE;IAChE,iEAAiE;IACjE,4BAA4B;IAC5B,IAAI,QAAQ,EAAE,QAAQ,EAAE,CAAC;QACvB,IAAA,+BAAiB,EAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;IACvC,CAAC;IACD,OAAO;QACL,QAAQ;QACR,SAAS,EAAE,gBAAgB,KAAK,IAAI;QACpC,iBAAiB,EAAE,gBAAgB;YACjC,CAAC,CAAC,GAAG,gBAAgB,CAAC,IAAI,KAAK,gBAAgB,CAAC,MAAM,EAAE;YACxD,CAAC,CAAC,EAAE;KACP,CAAC;AACJ,CAAC;AAEM,KAAK,UAAU,cAAc,CAAC,GAAW;IAC9C,mEAAmE;IACnE,6DAA6D;IAC7D,oEAAoE;IACpE,uEAAuE;IACvE,uEAAuE;IACvE,MAAM,EAAE,QAAQ,EAAE,SAAS,EAAE,iBAAiB,EAAE,GAAG,MAAM,8BAA8B,CAAC,GAAG,CAAC,CAAC;IAE7F,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,GAAG,eAAe;YAClB,SAAS;YACT,iBAAiB;SAClB,CAAC;IACJ,CAAC;IAED,mEAAmE;IACnE,oEAAoE;IACpE,iEAAiE;IACjE,iEAAiE;IACjE,mEAAmE;IACnE,kEAAkE;IAClE,gDAAgD;IAChD,EAAE;IACF,gEAAgE;IAChE,+DAA+D;IAC/D,kEAAkE;IAClE,+DAA+D;IAC/D,mDAAmD;IACnD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,IAAI,EAAE,CAAC;IACzC,sEAAsE;IACtE,oEAAoE;IACpE,oEAAoE;IACpE,sDAAsD;IACtD,IAAA,+BAAiB,EAAC,QAAQ,CAAC,CAAC;IAC5B,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACxB,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;QAC/C,MAAM,gBAAgB,GAA4C,EAAE,CAAC;QACrE,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,IAAA,mBAAY,EAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;YACzC,IAAI,MAAM,EAAE,CAAC;gBACX,YAAY,CAAC,GAAG,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;YAC9B,CAAC;iBAAM,CAAC;gBACN,gBAAgB,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7D,CAAC;QACH,CAAC;QACD,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,QAAQ,GAAG,MAAM,IAAA,oBAAc,EAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC;YAC9E,KAAK,MAAM,EAAE,GAAG,EAAE,OAAO,EAAE,IAAI,gBAAgB,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBAC5C,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBACtD,IAAI,GAAG;oBAAE,YAAY,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QACD,IAAI,YAAY,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;YAC1B,MAAM,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YACvD,+DAA+D;YAC/D,8DAA8D;YAC9D,gEAAgE;YAChE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,IAAA,iBAAU,EAAC,UAAU,CAAC,EAAE,IAAA,eAAS,EAAC,UAAU,CAAC,CAAC,CAAC,CAAC;YAC7F,KAAK,MAAM,CAAC,GAAG,EAAE,GAAG,CAAC,IAAI,YAAY,EAAE,CAAC;gBACtC,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAC9B,IAAI,KAAK,KAAK,SAAS;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,GAAG,KAAK,CAAC;gBACzD,IAAI,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC;oBAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,GAAG,GAAG,IAAI,CAAC;YACjD,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,kEAAkE;QAClE,+DAA+D;QAC/D,2DAA2D;QAC3D,gEAAgE;QAChE,uBAAuB;QACvB,EAAE;QACF,mEAAmE;QACnE,oEAAoE;QACpE,mEAAmE;QACnE,mEAAmE;QACnE,+DAA+D;QAC/D,mEAAmE;QACnE,kEAAkE;QAClE,wBAAwB;QACxB,MAAM,gBAAgB,GAAG,IAAA,2BAAY,EAAC,qBAAO,CAAC,CAAC;QAC/C,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,MAAM,eAAe,GAAG,MAAM,8BAAiB,CAAC,MAAM,CAAC,GAAG,EAAE,qBAAO,EAAE,gBAAgB,CAAC,CAAC;YACvF,IAAI,eAAe,IAAI,eAAe,CAAC,SAAS,CAAC,IAAI,GAAG,CAAC,EAAE,CAAC;gBAC1D,MAAM,SAAS,GAAG,IAAA,uCAAwB,EAAC,eAAe,CAAC,CAAC;gBAC5D,IAAA,4BAAa,EAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,+DAA+D;QAC/D,+DAA+D;QAC/D,4DAA4D;QAC5D,+DAA+D;QAC/D,+DAA+D;QAC/D,+DAA+D;QAC/D,6DAA6D;QAC7D,IAAA,qDAA6B,EAAC,QAAQ,CAAC,CAAC;QAExC,iEAAiE;QACjE,yDAAyD;QACzD,+DAA+D;QAC/D,wCAAwC;QACxC,IAAA,0BAAa,EAAC,QAAQ,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,EAAE,GAAG,QAAQ,CAAC,MAAM,CAAC;IACxD,OAAO;QACL,QAAQ;QACR,IAAI;QACJ,MAAM;QACN,GAAG;QACH,KAAK,EAAE,QAAQ,GAAG,IAAI,GAAG,MAAM,GAAG,GAAG;QACrC,IAAI,EAAE,QAAQ,CAAC,IAAI;QACnB,QAAQ;QACR,qEAAqE;QACrE,+DAA+D;QAC/D,kFAAkF;QAClF,kEAAkE;QAClE,uDAAuD;QACvD,SAAS;QACT,iBAAiB;KAClB,CAAC;AACJ,CAAC;AAED,gFAAgF;AAEhF;;;;;;;;;;;;GAYG;AACI,KAAK,UAAU,+BAA+B,CACnD,GAAW,EACX,OAWa,EACb,YAca,EACb,gBAA2C,EAC3C,iBAA0B,EAC1B,yBAAiC;IAEjC,wEAAwE;IACxE,kEAAkE;IAClE,mEAAmE;IACnE,6CAA6C;IAC7C,MAAM,SAAS,GAAG,uBAAuB,CAAC,GAAG,CAAC,CAAC;IAC/C,MAAM,YAAY,GAAG,kBAAkB,CAAC,GAAG,CAAC,CAAC;IAE7C,MAAM,cAAc,GAAsB,OAAO;QAC/C,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3B,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,QAAiB;YAC3B,GAAG,EAAE,SAAS;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK,IAAI,oBAAoB,CAAC,CAAC,IAAI,EAAE;YAC9C,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,OAAO,CAAC,IAAI;SACnB,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,YAAY,GAAsB,YAAY;QAClD,CAAC,CAAC,YAAY,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAChC,QAAQ,EAAE,CAAC,CAAC,QAAQ;YACpB,QAAQ,EAAE,MAAe;YACzB,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,KAAK,EAAE,CAAC,CAAC,KAAK;YACd,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,IAAI,EAAE,YAAY,CAAC,IAAI;YACvB,GAAG,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9D,CAAC,CAAC;QACL,CAAC,CAAC,EAAE,CAAC;IAEP,sEAAsE;IACtE,oEAAoE;IACpE,qEAAqE;IACrE,EAAE;IACF,qEAAqE;IACrE,qEAAqE;IACrE,qEAAqE;IACrE,uEAAuE;IACvE,kEAAkE;IAClE,kEAAkE;IAClE,MAAM,gBAAgB,GAAG,IAAA,sCAA0B,EAAC,IAAA,2BAAgB,EAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAC/E,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,IAAA,2BAAc,EAAC,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,CACpC,CAAC;IACF,MAAM,eAAe,GAAG,IAAA,0BAAe,EAAC,GAAG,CAAC,CAAC;IAE7C,mEAAmE;IACnE,yEAAyE;IACzE,0EAA0E;IAC1E,uEAAuE;IACvE,qEAAqE;IACrE,mEAAmE;IACnE,wEAAwE;IACxE,qFAAqF;IACrF,MAAM,gBAAgB,GAAG,CAAC,GAAG,YAAY,EAAE,GAAG,SAAS,EAAE,GAAG,gBAAgB,CAAC,CAAC;IAC9E,MAAM,QAAQ,GAAG,IAAA,wCAAsB,EACrC,GAAG,EACH,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAC9D,CAAC;IACF,IAAI,QAAQ,EAAE,CAAC;QACb,KAAK,MAAM,CAAC,IAAI,gBAAgB,EAAE,CAAC;YACjC,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAA,6BAAW,EAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YACrD,IAAI,MAAM;gBAAE,CAAC,CAAC,KAAK,GAAG,MAAM,CAAC;QAC/B,CAAC;IACH,CAAC;IAED,OAAO,IAAA,mCAAsB,EAAC;QAC5B,OAAO,EAAE,EAAE,QAAQ,EAAE,cAAc,EAAE,QAAQ,EAAE,OAAO,EAAE,IAAI,IAAI,IAAI,EAAE;QACtE,YAAY;QACZ,YAAY,EAAE,EAAE,QAAQ,EAAE,YAAY,EAAE,QAAQ,EAAE,YAAY,EAAE,IAAI,IAAI,IAAI,EAAE;QAC9E,QAAQ,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,SAAS,EAAE,eAAe,EAAE;QACpE,SAAS;QACT,qBAAqB,EAAE,IAAA,gCAAoB,GAAE,CAAC,MAAM;QACpD,QAAQ,EAAE;YACR,QAAQ,EAAE,gBAAgB,EAAE,QAAQ,IAAI,EAAE;YAC1C,IAAI,EAAE,gBAAgB,EAAE,IAAI,IAAI,IAAI;YACpC,SAAS,EAAE,iBAAiB;YAC5B,iBAAiB,EAAE,yBAAyB;SAC7C;QACD,oEAAoE;QACpE,oEAAoE;QACpE,iEAAiE;QACjE,0DAA0D;QAC1D,SAAS,EAAE,IAAA,oBAAa,EAAC,GAAG,CAAC;KAC9B,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -28,10 +28,32 @@ export interface SecurityFinding {
|
|
|
28
28
|
*/
|
|
29
29
|
allowlisted?: boolean;
|
|
30
30
|
/** The matched allowlist entry's category (`test-fixture`,
|
|
31
|
-
*
|
|
32
|
-
*
|
|
33
|
-
*
|
|
31
|
+
* `false-positive`, `accepted-risk`, ...) so renderers can explain
|
|
32
|
+
* WHY the finding is suppressed, not just that it is. Present only
|
|
33
|
+
* when `allowlisted` is true. */
|
|
34
34
|
allowlistCategory?: AllowlistCategory;
|
|
35
|
+
/**
|
|
36
|
+
* Content-anchored identity material. Carried from the gather
|
|
37
|
+
* boundary through the aggregator so the finding's durable identity
|
|
38
|
+
* can be anchored to WHAT it is, not WHERE it sits (the line). These
|
|
39
|
+
* are additive plumbing: until the content-anchored migration the
|
|
40
|
+
* identity layer still hashes the line; afterward it hashes the
|
|
41
|
+
* content anchor and `line` becomes display metadata only.
|
|
42
|
+
*
|
|
43
|
+
* - `contentAnchor` — the fully-resolved anchor when known at gather:
|
|
44
|
+
* for secrets it's the salted HMAC of the value; for config it's
|
|
45
|
+
* `''`. For CODE findings it's NOT set at gather (it needs `scope`
|
|
46
|
+
* + ordinal); the aggregator stamps it.
|
|
47
|
+
* - `spanHash` — the 16-char hash of a code finding's normalized
|
|
48
|
+
* matched span (semgrep gather). Combined with `scope` + ordinal by
|
|
49
|
+
* the aggregator to build the code `contentAnchor`.
|
|
50
|
+
* - `scope` — the enclosing symbol (function/class) for a code
|
|
51
|
+
* finding, attached by the graph scope pre-pass; `''`/absent →
|
|
52
|
+
* file-level fallback.
|
|
53
|
+
*/
|
|
54
|
+
contentAnchor?: string;
|
|
55
|
+
spanHash?: string;
|
|
56
|
+
scope?: string;
|
|
35
57
|
}
|
|
36
58
|
export interface DepVulnSummary {
|
|
37
59
|
critical: number;
|
|
@@ -41,8 +63,8 @@ export interface DepVulnSummary {
|
|
|
41
63
|
total: number;
|
|
42
64
|
tool: string | null;
|
|
43
65
|
/** Per-advisory detail concatenated across every active pack. Empty
|
|
44
|
-
*
|
|
45
|
-
*
|
|
66
|
+
* when no provider returned findings (counts may still be non-zero
|
|
67
|
+
* for legacy pack output that only emits aggregate counts). */
|
|
46
68
|
findings: DepVulnFinding[];
|
|
47
69
|
/**
|
|
48
70
|
* D025b (2.4.7): true if at least one active pack's depVulns gather
|
|
@@ -72,8 +94,8 @@ export interface SecurityReport {
|
|
|
72
94
|
branch: string;
|
|
73
95
|
summary: {
|
|
74
96
|
/** Combined code+secret+config severity counts. Preserved for
|
|
75
|
-
*
|
|
76
|
-
*
|
|
97
|
+
* backward-compat with detailed report + dashboard consumers
|
|
98
|
+
* that already read this shape. */
|
|
77
99
|
findings: {
|
|
78
100
|
critical: number;
|
|
79
101
|
high: number;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AACpE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAE5D,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE1E,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,CAAC;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;;;;OAUG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB;;;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analyzers/security/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AACH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oCAAoC,CAAC;AACzE,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,4BAA4B,CAAC;AACpE,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,iBAAiB,CAAC;AAE5D,MAAM,MAAM,QAAQ,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAE9D,MAAM,MAAM,eAAe,GAAG,QAAQ,GAAG,MAAM,GAAG,QAAQ,GAAG,YAAY,CAAC;AAE1E,MAAM,WAAW,eAAe;IAC9B,QAAQ,EAAE,QAAQ,CAAC;IACnB,QAAQ,EAAE,eAAe,CAAC;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb;;;;;;;;;;OAUG;IACH,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB;;;qCAGiC;IACjC,iBAAiB,CAAC,EAAE,iBAAiB,CAAC;IACtC;;;;;;;;;;;;;;;;;;OAkBG;IACH,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB;;mEAE+D;IAC/D,QAAQ,EAAE,cAAc,EAAE,CAAC;IAC3B;;;;;;;;;;;OAWG;IACH,SAAS,EAAE,OAAO,CAAC;IACnB;;;;;OAKG;IACH,iBAAiB,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP;;2CAEmC;QACnC,QAAQ,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QACzF;;;;;;;WAOG;QACH,QAAQ,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QACzF;;;;;WAKG;QACH,WAAW,EAAE;YAAE,QAAQ,EAAE,MAAM,CAAC;YAAC,IAAI,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC;QAC5F,YAAY,EAAE,cAAc,CAAC;QAC7B;;;;;;;;WAQG;QACH,gBAAgB,CAAC,EAAE,OAAO,CAAC;QAC3B,qBAAqB,CAAC,EAAE,OAAO,CAAC;KACjC,CAAC;IACF,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,gBAAgB,EAAE,MAAM,EAAE,CAAC;IAC3B;;;;;;OAMG;IACH,YAAY,CAAC,EAAE,oBAAoB,CAAC;CACrC"}
|