@vyuhlabs/dxkit 2.3.0 → 2.3.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +138 -0
- package/dist/analyzers/bom/index.d.ts.map +1 -1
- package/dist/analyzers/bom/index.js +78 -2
- package/dist/analyzers/bom/index.js.map +1 -1
- package/dist/analyzers/bom/pm-signals.d.ts +63 -0
- package/dist/analyzers/bom/pm-signals.d.ts.map +1 -0
- package/dist/analyzers/bom/pm-signals.js +200 -0
- package/dist/analyzers/bom/pm-signals.js.map +1 -0
- package/dist/analyzers/tools/tool-registry.d.ts +10 -7
- package/dist/analyzers/tools/tool-registry.d.ts.map +1 -1
- package/dist/analyzers/tools/tool-registry.js +63 -32
- package/dist/analyzers/tools/tool-registry.js.map +1 -1
- package/dist/analyzers/xlsx/bom.d.ts +29 -18
- package/dist/analyzers/xlsx/bom.d.ts.map +1 -1
- package/dist/analyzers/xlsx/bom.js +386 -71
- package/dist/analyzers/xlsx/bom.js.map +1 -1
- package/dist/tools-cli.d.ts.map +1 -1
- package/dist/tools-cli.js +10 -4
- package/dist/tools-cli.js.map +1 -1
- package/package.json +1 -1
package/CHANGELOG.md
CHANGED
|
@@ -7,6 +7,144 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
|
|
|
7
7
|
|
|
8
8
|
## [Unreleased]
|
|
9
9
|
|
|
10
|
+
## [2.3.2] - 2026-04-24
|
|
11
|
+
|
|
12
|
+
PM-grade bom reports. The xlsx and markdown outputs both restructure
|
|
13
|
+
around decision-making (what to fix, who to call, what to plan) rather
|
|
14
|
+
than enumeration (here are all the packages, figure it out).
|
|
15
|
+
|
|
16
|
+
### Added — markdown report
|
|
17
|
+
|
|
18
|
+
- **🎯 Executive Summary** at the top: ship-blocker count, sprint-sized
|
|
19
|
+
finding count (risk ≥ 40), license exposure (copyleft-strong + unknown
|
|
20
|
+
counts), staleness (> 3y old packages), highest-leverage upgrade. One
|
|
21
|
+
screen, written for a PM who needs "can we ship?" without scrolling.
|
|
22
|
+
|
|
23
|
+
- **Reconciliation prose** on "Top-Level Dep Groups" explaining why the
|
|
24
|
+
numbers don't sum to the Summary totals — each CVE is counted once per
|
|
25
|
+
top-level parent it reaches through, by design. "Advisories" column
|
|
26
|
+
renamed to "Rolled-up Advisories" to reinforce the different semantics.
|
|
27
|
+
|
|
28
|
+
### Added — xlsx report (4-sheet workbook, replaces the single `platform` sheet)
|
|
29
|
+
|
|
30
|
+
1. **`Executive Summary`** — KV grid on one screen: totals, severity
|
|
31
|
+
breakdown, top ship-blocker, highest-leverage upgrade, license-class
|
|
32
|
+
counts (Permissive / Copyleft weak & strong / Proprietary / Unknown),
|
|
33
|
+
staleness counts, tool provenance.
|
|
34
|
+
|
|
35
|
+
2. **`Triage`** — top 10 findings ranked by composite riskScore.
|
|
36
|
+
Columns: Priority / Risk / Severity / KEV / Reachable /
|
|
37
|
+
Package@Version / Advisory / CVSS / EPSS / Upgrade to / Effort /
|
|
38
|
+
Rationale.
|
|
39
|
+
|
|
40
|
+
3. **`Inventory`** — the legacy 15-column customer format (unchanged
|
|
41
|
+
byte-for-byte on cols 1–15) with **4 columns appended** (16–19):
|
|
42
|
+
Risk / KEV / Reachable / EPSS, plus a bonus col 20 for CVSS (max).
|
|
43
|
+
Sort by col 16 desc for the same triage ordering sheet 2 uses.
|
|
44
|
+
|
|
45
|
+
4. **`License Breakdown`** — pivot: license type × count × risk class ×
|
|
46
|
+
sample packages. Copyleft-strong licenses surface at the top; unknown
|
|
47
|
+
bucket flags licenses the classifier didn't recognise (legitimate
|
|
48
|
+
human-review candidates like `CC-BY-4.0`).
|
|
49
|
+
|
|
50
|
+
### Added — shared pm-signals module
|
|
51
|
+
|
|
52
|
+
New `src/analyzers/bom/pm-signals.ts` with pure helpers the markdown
|
|
53
|
+
and xlsx renderers both use:
|
|
54
|
+
|
|
55
|
+
- `licenseClass(licenseType)` — SPDX-id → `permissive` | `copyleft-weak` |
|
|
56
|
+
`copyleft-strong` | `proprietary` | `unknown`. Handles compound
|
|
57
|
+
expressions (`MIT OR GPL-3.0` classifies as `copyleft-strong`, the
|
|
58
|
+
stricter class), parenthesised forms (`(Apache-2.0 OR UPL-1.0)`),
|
|
59
|
+
legacy `"MIT license"` / `"Apache 2.0 license"` suffixes, and known
|
|
60
|
+
proprietary markers (`UNLICENSED`, `SEE LICENSE IN ...`).
|
|
61
|
+
|
|
62
|
+
- `stalenessTier(releaseDate)` — `fresh` (< 1y) / `aging` (1–3y) /
|
|
63
|
+
`stale` (≥ 3y) / `unknown`. Injectable `now` for deterministic tests.
|
|
64
|
+
|
|
65
|
+
- `effortEstimate(entry)` — `trivial` (patch bump) / `moderate` (minor
|
|
66
|
+
bump) / `major` (breaking) / `blocked` (no fix available). Derived
|
|
67
|
+
from semver delta; multi-vuln entries escalate to the worst tier seen.
|
|
68
|
+
|
|
69
|
+
Derivations deliberately stay in the renderer layer rather than on
|
|
70
|
+
`DepVulnFinding` / `LicenseFinding` so the analyzer contract is
|
|
71
|
+
unchanged — consumers can re-derive trivially if needed.
|
|
72
|
+
|
|
73
|
+
### Changed (breaking-ish — see note)
|
|
74
|
+
|
|
75
|
+
- Xlsx sheet layout changed from single `"platform"` sheet to a 4-sheet
|
|
76
|
+
workbook. **Consumers hardcoding sheet name `"platform"` will break.**
|
|
77
|
+
The legacy 15-column layout is preserved byte-for-byte on the renamed
|
|
78
|
+
`"Inventory"` sheet. Appended cols 16–19 are additive.
|
|
79
|
+
|
|
80
|
+
### Validation
|
|
81
|
+
|
|
82
|
+
- 715 tests passing (+18 pm-signals cases: license class mapping,
|
|
83
|
+
compound expressions, staleness thresholds, effort semver deltas).
|
|
84
|
+
- Typecheck + lint + format + architecture + pre-push CI-mirror gate clean.
|
|
85
|
+
- vyuhlabs-platform smoke: all 4 sheets render correctly, exec summary
|
|
86
|
+
surfaces 3 ship-blockers + 9 sprint-risk findings + pm2 flagged
|
|
87
|
+
copyleft-strong, `@loopback/rest` surfaces as highest-leverage upgrade
|
|
88
|
+
(27 transitive advisories, worst CRITICAL).
|
|
89
|
+
|
|
90
|
+
## [2.3.1] - 2026-04-24
|
|
91
|
+
|
|
92
|
+
Patch release fixing three install-robustness issues reported on a
|
|
93
|
+
real vyuhlabs-platform install:
|
|
94
|
+
|
|
95
|
+
### Fixed
|
|
96
|
+
|
|
97
|
+
- **`@vitest/coverage-v8` install crashed with `MODULE_NOT_FOUND`** on
|
|
98
|
+
repos that don't use vitest (mocha / jest / ava / lb-mocha). The
|
|
99
|
+
install command called `node -e "require('vitest/package.json')"`
|
|
100
|
+
to auto-detect the vitest major — unconditionally, so any non-
|
|
101
|
+
vitest project hit a hard crash during `tools install --yes`.
|
|
102
|
+
Now prefixed with `test -f node_modules/vitest/package.json ||
|
|
103
|
+
{ echo 'vitest not present — skipping'; exit 0; }` so the install
|
|
104
|
+
no-ops cleanly when vitest isn't a target-repo dep.
|
|
105
|
+
|
|
106
|
+
- **Semgrep / pip-audit / ruff / pip-licenses / coverage dep pins
|
|
107
|
+
colliding in the shared venv**. Pre-2.3.1 installed every Python
|
|
108
|
+
CLI tool into one venv at `~/.cache/dxkit/tools-venv/`. semgrep's
|
|
109
|
+
`tomli~=2.0.1` pin lost to pip-audit's newer tomli, breaking
|
|
110
|
+
semgrep on repos where both tools installed. Every Python CLI
|
|
111
|
+
(semgrep, ruff, pip-audit, pip-licenses, coverage) now uses
|
|
112
|
+
`pipx install <tool>`, putting each in its own isolated venv
|
|
113
|
+
under `~/.local/pipx/venvs/<tool>/`. Binaries symlink into
|
|
114
|
+
`~/.local/bin/` which is already in `getSystemPaths()`'s probe
|
|
115
|
+
list, so `findTool()` picks them up without further changes.
|
|
116
|
+
Bootstrap fragment auto-installs pipx via `pip --user` when
|
|
117
|
+
absent (handles PEP-668 Debian/Ubuntu with
|
|
118
|
+
`--break-system-packages` fallback).
|
|
119
|
+
|
|
120
|
+
- **Graphify stays on the shared venv** — it's a Python *library*
|
|
121
|
+
that our graphify.ts subprocess imports, not a CLI tool, so pipx
|
|
122
|
+
doesn't apply. `TOOLS_VENV` narrows to graphify-only.
|
|
123
|
+
|
|
124
|
+
- **"Install command exited 0 without producing the binary" now
|
|
125
|
+
reports as skipped, not failed**. Any install command can
|
|
126
|
+
legitimately no-op (guarded installs like vitest-coverage);
|
|
127
|
+
those no-ops shouldn't clutter the failure summary. Real
|
|
128
|
+
failures (non-zero exit) still classify as `failed`.
|
|
129
|
+
|
|
130
|
+
### Known limitations (not blocking)
|
|
131
|
+
|
|
132
|
+
- `npm install @vyuhlabs/dxkit` still emits deprecation warnings for
|
|
133
|
+
`inflight@1`, `glob@7`, `fstream`, `rimraf@2`, `lodash.isequal` —
|
|
134
|
+
all transitive under `exceljs` (via `archiver` → `archiver-utils`).
|
|
135
|
+
exceljs@4.4.0 is the latest available; the chain is upstream.
|
|
136
|
+
Warnings only, no functional impact; would require either switching
|
|
137
|
+
xlsx libraries (breaking) or upstream archiver modernization.
|
|
138
|
+
|
|
139
|
+
### Validation on vyuhlabs-platform/userserver
|
|
140
|
+
|
|
141
|
+
- `vyuh-dxkit tools` reports 12/13 tools found (vitest-coverage
|
|
142
|
+
correctly listed as missing since lb-mocha is in use)
|
|
143
|
+
- `vyuh-dxkit tools install --yes` reports `0 installed, 1 skipped,
|
|
144
|
+
0 failed` (clean)
|
|
145
|
+
- `vyuh-dxkit bom --xlsx --filter=top-level` completes in 17s,
|
|
146
|
+
writes `.dxkit/reports/bom-YYYY-MM-DD.{md,xlsx}` cleanly
|
|
147
|
+
|
|
10
148
|
## [2.3.0] - 2026-04-24
|
|
11
149
|
|
|
12
150
|
Minor release — turns the `bom` report from enumeration (1700+ rows
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analyzers/bom/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analyzers/bom/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAQH,OAAO,KAAK,EAAY,SAAS,EAAe,MAAM,SAAS,CAAC;AAEhE,YAAY,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAEnD,MAAM,MAAM,SAAS,GAAG,KAAK,GAAG,WAAW,CAAC;AAE5C,MAAM,WAAW,iBAAiB;IAChC,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB;;;;;;0EAMsE;IACtE,MAAM,CAAC,EAAE,SAAS,CAAC;IACnB;;;;;yCAKqC;IACrC,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,wBAAsB,UAAU,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,GAAE,iBAAsB,GAC9B,OAAO,CAAC,SAAS,CAAC,CAqDpB;AAiCD;;;;;GAKG;AACH,MAAM,WAAW,SAAS;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,gBAAgB,EAAE,MAAM,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,GAAG,EAAE,MAAM,CAAC;CACb;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,SAAS,EAAE,CAoD9F;AAED,wBAAgB,eAAe,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,GAAG,MAAM,CAsP1E"}
|
|
@@ -56,6 +56,7 @@ const detect_1 = require("../../detect");
|
|
|
56
56
|
const runner_1 = require("../tools/runner");
|
|
57
57
|
const discovery_1 = require("./discovery");
|
|
58
58
|
const gather_1 = require("./gather");
|
|
59
|
+
const pm_signals_1 = require("./pm-signals");
|
|
59
60
|
async function analyzeBom(repoPath, options = {}) {
|
|
60
61
|
const stack = (0, detect_1.detect)(repoPath);
|
|
61
62
|
const nested = options.nested ?? true;
|
|
@@ -207,6 +208,10 @@ function formatBomReport(report, elapsed) {
|
|
|
207
208
|
L.push('');
|
|
208
209
|
L.push('---');
|
|
209
210
|
L.push('');
|
|
211
|
+
// Executive Summary — one-screen answer to "what's the state of this
|
|
212
|
+
// repo's deps". Written for a PM / security reviewer who needs to
|
|
213
|
+
// decide "can we ship?" without scrolling.
|
|
214
|
+
writeExecutiveSummaryMd(L, report);
|
|
210
215
|
// "This Week's Triage" — top advisories by riskScore, rendered
|
|
211
216
|
// before the summary so the reader sees what to fix *first* above
|
|
212
217
|
// the statistical overview. Only included when at least one
|
|
@@ -289,14 +294,21 @@ function formatBomReport(report, elapsed) {
|
|
|
289
294
|
'Sorted by severity, then advisory count — the top row is the single ' +
|
|
290
295
|
'upgrade that resolves the most critical/highest-volume issues.');
|
|
291
296
|
L.push('');
|
|
297
|
+
L.push('> **Scope note:** this section walks **transitive** advisories too, so its numbers ' +
|
|
298
|
+
"intentionally don't sum to the Summary totals above. `Rolled-up Advisories` counts " +
|
|
299
|
+
'each CVE once per top-level parent it reaches through — the same CVE under two ' +
|
|
300
|
+
'parents is counted twice, because upgrading either parent resolves it. A CRITICAL ' +
|
|
301
|
+
'here can exist even when zero directly-listed packages are CRITICAL — it means ' +
|
|
302
|
+
'a transitive dep is critical and upgrading this top-level clears it.');
|
|
303
|
+
L.push('');
|
|
292
304
|
const SEV_RANK = { critical: 0, high: 1, medium: 2, low: 3 };
|
|
293
305
|
const sorted = topLevelEntries.sort((a, b) => SEV_RANK[a[1].maxSeverity] - SEV_RANK[b[1].maxSeverity] ||
|
|
294
306
|
b[1].advisoryCount - a[1].advisoryCount ||
|
|
295
307
|
a[0].localeCompare(b[0]));
|
|
296
308
|
const cap = 30;
|
|
297
309
|
const shown = sorted.slice(0, cap);
|
|
298
|
-
L.push('| Worst Severity | Top-Level Dep | Advisories | Vulnerable Packages |');
|
|
299
|
-
L.push('
|
|
310
|
+
L.push('| Worst Severity | Top-Level Dep | Rolled-up Advisories | Vulnerable Packages |');
|
|
311
|
+
L.push('|----------------|---------------|---------------------:|---------------------|');
|
|
300
312
|
for (const [top, r] of shown) {
|
|
301
313
|
const pkgCap = 8;
|
|
302
314
|
const pkgList = r.packages.length > pkgCap
|
|
@@ -393,4 +405,68 @@ function formatBomReport(report, elapsed) {
|
|
|
393
405
|
L.push('*Generated by [VyuhLabs DXKit](https://www.npmjs.com/package/@vyuhlabs/dxkit)*');
|
|
394
406
|
return L.join('\n');
|
|
395
407
|
}
|
|
408
|
+
// ─── Executive Summary (top of bom markdown) ────────────────────────────────
|
|
409
|
+
/**
|
|
410
|
+
* One-screen exec summary. Four question-driven lines:
|
|
411
|
+
* 1. Can we ship? (0 blockers if no KEV + high-risk reachable finding)
|
|
412
|
+
* 2. What's the sprint list? (count of risk-tier findings)
|
|
413
|
+
* 3. License compliance exposure? (count of copyleft-strong + unknown)
|
|
414
|
+
* 4. Staleness? (count of deps > 2 years old)
|
|
415
|
+
* Plus the single upgrade with biggest blast-radius win (byTopLevelDep top).
|
|
416
|
+
*/
|
|
417
|
+
function writeExecutiveSummaryMd(L, report) {
|
|
418
|
+
const s = report.summary;
|
|
419
|
+
L.push('## 🎯 Executive Summary');
|
|
420
|
+
L.push('');
|
|
421
|
+
// Ship-blockers: Critical or High + (KEV or reachable) — this is the "drop
|
|
422
|
+
// everything" bucket. Anything severe + evidence of real-world risk.
|
|
423
|
+
let shipBlockers = 0;
|
|
424
|
+
let actionable = 0;
|
|
425
|
+
for (const e of report.entries) {
|
|
426
|
+
for (const v of e.vulns) {
|
|
427
|
+
const sev = v.severity === 'critical' || v.severity === 'high';
|
|
428
|
+
const realRisk = v.kev === true || v.reachable === true;
|
|
429
|
+
if (sev && realRisk)
|
|
430
|
+
shipBlockers++;
|
|
431
|
+
if (typeof v.riskScore === 'number' && v.riskScore >= 40)
|
|
432
|
+
actionable++;
|
|
433
|
+
}
|
|
434
|
+
}
|
|
435
|
+
const blockerLine = shipBlockers === 0
|
|
436
|
+
? '✅ **0 ship-blockers** (no critical/high advisories are KEV-listed AND reachable)'
|
|
437
|
+
: `🚫 **${shipBlockers} ship-blocker${shipBlockers === 1 ? '' : 's'}** — critical/high severity + (KEV or reachable). See "This Week's Triage" below.`;
|
|
438
|
+
L.push(`- ${blockerLine}`);
|
|
439
|
+
L.push(`- 🔥 **${actionable} finding${actionable === 1 ? '' : 's'} for this sprint** (risk score ≥ 40)`);
|
|
440
|
+
// License exposure
|
|
441
|
+
const licByClass = new Map();
|
|
442
|
+
for (const e of report.entries) {
|
|
443
|
+
const c = (0, pm_signals_1.licenseClass)(e.licenseType);
|
|
444
|
+
licByClass.set(c, (licByClass.get(c) ?? 0) + 1);
|
|
445
|
+
}
|
|
446
|
+
const strong = licByClass.get('copyleft-strong') ?? 0;
|
|
447
|
+
const unknownLic = licByClass.get('unknown') ?? 0;
|
|
448
|
+
const licBits = [];
|
|
449
|
+
if (strong > 0)
|
|
450
|
+
licBits.push(`${strong} copyleft-strong (review obligations)`);
|
|
451
|
+
if (unknownLic > 0)
|
|
452
|
+
licBits.push(`${unknownLic} unknown (needs classification)`);
|
|
453
|
+
L.push(`- 📜 **License exposure:** ${licBits.length > 0 ? licBits.join('; ') : 'all permissive — no action needed'}`);
|
|
454
|
+
// Staleness
|
|
455
|
+
const now = new Date();
|
|
456
|
+
const staleCount = report.entries.filter((e) => (0, pm_signals_1.stalenessTier)(e.releaseDate, now) === 'stale').length;
|
|
457
|
+
L.push(`- 🗓️ **Staleness:** ${staleCount} package${staleCount === 1 ? '' : 's'} released > 3 years ago`);
|
|
458
|
+
// Highest-leverage upgrade
|
|
459
|
+
const rollup = Object.entries(s.byTopLevelDep).sort((a, b) => {
|
|
460
|
+
const SEV_RANK = { critical: 0, high: 1, medium: 2, low: 3 };
|
|
461
|
+
return (SEV_RANK[a[1].maxSeverity] - SEV_RANK[b[1].maxSeverity] ||
|
|
462
|
+
b[1].advisoryCount - a[1].advisoryCount);
|
|
463
|
+
});
|
|
464
|
+
if (rollup.length > 0) {
|
|
465
|
+
const [name, r] = rollup[0];
|
|
466
|
+
L.push(`- 🎯 **Highest-leverage upgrade:** \`${name}\` — resolves up to ${r.advisoryCount} transitive advisor${r.advisoryCount === 1 ? 'y' : 'ies'} (worst ${SEV_BADGE[r.maxSeverity]})`);
|
|
467
|
+
}
|
|
468
|
+
L.push('');
|
|
469
|
+
L.push('---');
|
|
470
|
+
L.push('');
|
|
471
|
+
}
|
|
396
472
|
//# sourceMappingURL=index.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyzers/bom/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAgCH,gCAwDC;AAgED,0CAoDC;AAED,0CAwOC;AApbD,2CAA6B;AAC7B,yCAAsC;AACtC,4CAAsC;AACtC,2CAAmD;AACnD,qCAAuF;AA0BhF,KAAK,UAAU,UAAU,CAC9B,QAAgB,EAChB,UAA6B,EAAE;IAE/B,MAAM,KAAK,GAAG,IAAA,eAAM,EAAC,QAAQ,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC;IACtC,MAAM,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,IAAA,yBAAgB,EAAC,QAAQ,CAAC,CAAC;IAC9F,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,gBAAgB,EAAE,YAAY,EAAE,GAAG,YAAY,CAAC;IAExF,oEAAoE;IACpE,mEAAmE;IACnE,gEAAgE;IAChE,qBAAqB;IACrB,MAAM,aAAa,GAAG,IAAA,2BAAkB,EAAC,UAAU,CAAC,CAAC;IAErD,MAAM,MAAM,GAAc,OAAO,CAAC,MAAM,IAAI,KAAK,CAAC;IAClD,MAAM,OAAO,GACX,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;IAEzF,MAAM,UAAU,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IAC5F,IAAI,kBAAkB,GAAG,CAAC,CAAC;IAC3B,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,gBAAgB,GAAG,CAAC,CAAC;IACzB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAClB,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,kBAAkB,EAAE,CAAC;YACrB,IAAI,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,WAAW,CAAC;gBAAE,eAAe,EAAE,CAAC;QACjE,CAAC;QACD,eAAe,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;QAClC,IAAI,CAAC,CAAC,CAAC,cAAc;YAAE,gBAAgB,EAAE,CAAC;IAC5C,CAAC;IAED,OAAO;QACL,IAAI,EAAE,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAClD,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,SAAS,EAAE,IAAA,YAAG,EAAC,wCAAwC,EAAE,QAAQ,CAAC;QAClE,MAAM,EAAE,IAAA,YAAG,EAAC,6CAA6C,EAAE,QAAQ,CAAC;QACpE,aAAa,EAAE,GAAG;QAClB,OAAO,EAAE;YACP,aAAa,EAAE,OAAO,CAAC,MAAM;YAC7B,UAAU;YACV,kBAAkB;YAClB,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,aAAa;YACb,MAAM;YACN,uBAAuB,EAAE,UAAU,CAAC,MAAM;YAC1C,YAAY;SACb;QACD,OAAO;QACP,SAAS;QACT,gBAAgB;KACjB,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,YAAY,CACzB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,IAAA,gCAAoB,EAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACzB,gEAAgE;QAChE,wDAAwD;QACxD,OAAO,IAAA,yBAAgB,EAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC;QAC/B,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,GAAG;QAChD,MAAM,EAAE,MAAM,IAAA,yBAAgB,EAAC,OAAO,CAAC;KACxC,CAAC,CAAC,CACJ,CAAC;IACF,OAAO,IAAA,8BAAqB,EAAC,OAAO,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,SAAS,GAAgC;IAC7C,QAAQ,EAAE,UAAU;IACpB,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;CACX,CAAC;AAgBF;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,eAAe,CAAC,MAAiB,EAAE,KAAa,EAAE,OAAe;IAW/E,MAAM,IAAI,GAAW,EAAE,CAAC;IACxB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QAC/B,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YACxB,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ;gBAAE,SAAS;YAC9C,IAAI,CAAC,CAAC,SAAS,GAAG,OAAO;gBAAE,SAAS;YACpC,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,CAAC,CAAC,SAAS;gBACjB,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,gBAAgB,EAAE,GAAG,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,EAAE;gBAC7C,IAAI,EAAE,CAAC,CAAC,SAAS;gBACjB,IAAI,EAAE,CAAC,CAAC,SAAS;gBACjB,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,aAAa,EAAE,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,aAAa;aAClD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAEjC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,GAAG;YAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7B,IAAI,CAAC,CAAC,SAAS,KAAK,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,CAAC,CAAC,SAAS,KAAK,KAAK;YAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvD,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ;YAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACxE,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC;YACjD,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAC5D,+DAA+D;QAC/D,sCAAsC;QACtC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACxF,OAAO;YACL,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,gBAAgB,EAAE,CAAC,CAAC,gBAAgB;YACpC,SAAS;YACT,GAAG;SACJ,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,eAAe,CAAC,MAAiB,EAAE,OAAe;IAChE,MAAM,CAAC,GAAa,EAAE,CAAC;IAEvB,CAAC,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAC3C,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,SAAS,GAAG,CAAC,CAAC;IAC7D,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEX,+DAA+D;IAC/D,kEAAkE;IAClE,4DAA4D;IAC5D,8DAA8D;IAC9D,+DAA+D;IAC/D,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/C,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAChC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,OAAO,MAAM,CAAC,MAAM,WAAW,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,gBAAgB;YAC9E,8EAA8E;YAC9E,yDAAyD,CAC5D,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5D,CAAC,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5D,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACzB,CAAC,CAAC,IAAI,CACJ,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,EAAE,UAAU,GAAG,CAAC,gBAAgB,QAAQ,GAAG,CAAC,SAAS,MAAM,GAAG,CAAC,GAAG,IAAI,CAC/G,CAAC;QACJ,CAAC;QACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IAED,UAAU;IACV,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACrB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,CAAC,CAAC,IAAI,CACJ,uBAAuB,CAAC,CAAC,YAAY,CAAC,MAAM,qBAAqB;YAC/D,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YAChD,yEAAyE,CAC5E,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IACD,IAAI,CAAC,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QAC7B,CAAC,CAAC,IAAI,CACJ,KAAK,CAAC,CAAC,aAAa,6BAA6B,CAAC,CAAC,uBAAuB,kDAAkD;YAC1H,+EAA+E;YAC/E,uCAAuC,CAC1C,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,aAAa,yDAAyD,CAAC,CAAC;IACxF,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,IAAI,CAAC,CAAC,kBAAkB,GAAG,CAAC,EAAE,CAAC;QAC7B,CAAC,CAAC,IAAI,CACJ,KAAK,CAAC,CAAC,kBAAkB,4CAA4C;YACnE,KAAK,CAAC,CAAC,eAAe,yBAAyB;YAC/C,oEAAoE;YACpE,+BAA+B;YAC/B,KAAK,CAAC,CAAC,eAAe,sDAAsD,CAC/E,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,+DAA+D;YAC7D,sCAAsC,CAAC,CAAC,eAAe,mBAAmB;YAC1E,qBAAqB,CAAC,CAAC,kBAAkB,uBAAuB;YAChE,+BAA+B,CAClC,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QAChE,CAAC,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QAChE,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,CAAC;QAClD,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,CAAC;QAC9C,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,MAAM,IAAI,CAAC,CAAC;QAChD,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7C,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IACD,IAAI,CAAC,CAAC,gBAAgB,GAAG,CAAC,EAAE,CAAC;QAC3B,CAAC,CAAC,IAAI,CACJ,QAAQ,CAAC,CAAC,gBAAgB,2DAA2D;YACnF,sEAAsE;YACtE,qEAAqE,CACxE,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEX,oEAAoE;IACpE,+DAA+D;IAC/D,+DAA+D;IAC/D,mEAAmE;IACnE,6BAA6B;IAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;IACxD,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QAClC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,sEAAsE;YACpE,sEAAsE;YACtE,gEAAgE,CACnE,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,MAAM,QAAQ,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1F,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CACjC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACP,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YACvD,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YACvC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAC3B,CAAC;QACF,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACnC,CAAC,CAAC,IAAI,CAAC,uEAAuE,CAAC,CAAC;QAChF,CAAC,CAAC,IAAI,CAAC,uEAAuE,CAAC,CAAC;QAChF,KAAK,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAG,CAAC,CAAC;YACjB,MAAM,OAAO,GACX,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM;gBACxB,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,OAAO;gBAClF,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5B,CAAC,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,GAAG,QAAQ,CAAC,CAAC,aAAa,MAAM,OAAO,IAAI,CAAC,CAAC;QAC3F,CAAC;QACD,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACxB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACX,CAAC,CAAC,IAAI,CAAC,YAAY,GAAG,OAAO,MAAM,CAAC,MAAM,6CAA6C,CAAC,CAAC;QAC3F,CAAC;QACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IAED,iEAAiE;IACjE,IAAI,CAAC,CAAC,kBAAkB,GAAG,CAAC,EAAE,CAAC;QAC7B,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACjC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,qFAAqF;YACnF,uFAAuF;YACvF,yEAAyE,CAC5E,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,MAAM,QAAQ,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1F,MAAM,OAAO,GAAG,CAAC,CAAW,EAAU,EAAE;YACtC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC;YACd,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;gBACxB,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,SAAS,GAAG,IAAI;oBAAE,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC;YAChF,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QACF,MAAM,IAAI,GAAe,MAAM,CAAC,OAAO;aACpC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;aAC5B,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACb,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,EAAE,KAAK,EAAE;gBAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,oBAAoB;YACnD,OAAO,CACL,QAAQ,CAAC,CAAC,CAAC,WAAY,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAY,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,CAC1F,CAAC;QACJ,CAAC,CAAC,CAAC;QACL,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACjC,CAAC,CAAC,IAAI,CACJ,oGAAoG,CACrG,CAAC;QACF,CAAC,CAAC,IAAI,CACJ,oGAAoG,CACrG,CAAC;QACF,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YACrD,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK;iBACvB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;iBACvB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;YACrD,wEAAwE;YACxE,8DAA8D;YAC9D,iEAAiE;YACjE,gDAAgD;YAChD,MAAM,QAAQ,GACZ,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YACjF,6DAA6D;YAC7D,+DAA+D;YAC/D,8DAA8D;YAC9D,kCAAkC;YAClC,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK;iBACvB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;iBACvB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;YACrD,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YAClF,+DAA+D;YAC/D,kEAAkE;YAClE,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,8DAA8D;YAC9D,2DAA2D;YAC3D,8DAA8D;YAC9D,gEAAgE;YAChE,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,iEAAiE;YACjE,8DAA8D;YAC9D,mDAAmD;YACnD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACxB,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;YAC5D,CAAC,CAAC,IAAI,CACJ,KAAK,QAAQ,MAAM,SAAS,CAAC,CAAC,CAAC,WAAY,CAAC,MAAM,QAAQ,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,QAAQ,CAAC,CAAC,WAAW,MAAM,CAAC,CAAC,KAAK,CAAC,MAAM,MAAM,OAAO,MAAM,SAAS,MAAM,QAAQ,MAAM,MAAM,IAAI,CAC5L,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACtB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACX,CAAC,CAAC,IAAI,CACJ,YAAY,GAAG,OAAO,IAAI,CAAC,MAAM,gGAAgG,CAClI,CAAC;QACJ,CAAC;QACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IAED,SAAS;IACT,CAAC,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAC;IACrE,IAAI,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,CAAC,CAAC,IAAI,CAAC,0BAA0B,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,sBAAsB,OAAO,GAAG,CAAC,CAAC;IACzC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;IAEzF,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACtB,CAAC"}
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/analyzers/bom/index.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;GAcG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAiCH,gCAwDC;AAgED,0CAoDC;AAED,0CAsPC;AAncD,2CAA6B;AAC7B,yCAAsC;AACtC,4CAAsC;AACtC,2CAAmD;AACnD,qCAAuF;AACvF,6CAA8E;AA0BvE,KAAK,UAAU,UAAU,CAC9B,QAAgB,EAChB,UAA6B,EAAE;IAE/B,MAAM,KAAK,GAAG,IAAA,eAAM,EAAC,QAAQ,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,IAAI,IAAI,CAAC;IACtC,MAAM,YAAY,GAAG,MAAM,CAAC,CAAC,CAAC,MAAM,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,IAAA,yBAAgB,EAAC,QAAQ,CAAC,CAAC;IAC9F,MAAM,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,gBAAgB,EAAE,YAAY,EAAE,GAAG,YAAY,CAAC;IAExF,oEAAoE;IACpE,mEAAmE;IACnE,gEAAgE;IAChE,qBAAqB;IACrB,MAAM,aAAa,GAAG,IAAA,2BAAkB,EAAC,UAAU,CAAC,CAAC;IAErD,MAAM,MAAM,GAAc,OAAO,CAAC,MAAM,IAAI,KAAK,CAAC;IAClD,MAAM,OAAO,GACX,MAAM,KAAK,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC;IAEzF,MAAM,UAAU,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IAC5F,IAAI,kBAAkB,GAAG,CAAC,CAAC;IAC3B,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,eAAe,GAAG,CAAC,CAAC;IACxB,IAAI,gBAAgB,GAAG,CAAC,CAAC;IACzB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAClB,UAAU,CAAC,CAAC,CAAC,WAAW,CAAC,EAAE,CAAC;YAC5B,kBAAkB,EAAE,CAAC;YACrB,IAAI,CAAC,CAAC,aAAa,CAAC,UAAU,CAAC,WAAW,CAAC;gBAAE,eAAe,EAAE,CAAC;QACjE,CAAC;QACD,eAAe,IAAI,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC;QAClC,IAAI,CAAC,CAAC,CAAC,cAAc;YAAE,gBAAgB,EAAE,CAAC;IAC5C,CAAC;IAED,OAAO;QACL,IAAI,EAAE,KAAK,CAAC,WAAW,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAClD,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACpC,SAAS,EAAE,IAAA,YAAG,EAAC,wCAAwC,EAAE,QAAQ,CAAC;QAClE,MAAM,EAAE,IAAA,YAAG,EAAC,6CAA6C,EAAE,QAAQ,CAAC;QACpE,aAAa,EAAE,GAAG;QAClB,OAAO,EAAE;YACP,aAAa,EAAE,OAAO,CAAC,MAAM;YAC7B,UAAU;YACV,kBAAkB;YAClB,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,aAAa;YACb,MAAM;YACN,uBAAuB,EAAE,UAAU,CAAC,MAAM;YAC1C,YAAY;SACb;QACD,OAAO;QACP,SAAS;QACT,gBAAgB;KACjB,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,KAAK,UAAU,YAAY,CACzB,QAAgB;IAEhB,MAAM,QAAQ,GAAG,IAAA,gCAAoB,EAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,QAAQ,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACzB,gEAAgE;QAChE,wDAAwD;QACxD,OAAO,IAAA,yBAAgB,EAAC,QAAQ,CAAC,CAAC;IACpC,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,QAAQ,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE,CAAC,CAAC;QAC/B,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,GAAG;QAChD,MAAM,EAAE,MAAM,IAAA,yBAAgB,EAAC,OAAO,CAAC;KACxC,CAAC,CAAC,CACJ,CAAC;IACF,OAAO,IAAA,8BAAqB,EAAC,OAAO,CAAC,CAAC;AACxC,CAAC;AAED,MAAM,SAAS,GAAgC;IAC7C,QAAQ,EAAE,UAAU;IACpB,IAAI,EAAE,MAAM;IACZ,MAAM,EAAE,QAAQ;IAChB,GAAG,EAAE,KAAK;CACX,CAAC;AAgBF;;;;;;;;;;;;;;;;GAgBG;AACH,SAAgB,eAAe,CAAC,MAAiB,EAAE,KAAa,EAAE,OAAe;IAW/E,MAAM,IAAI,GAAW,EAAE,CAAC;IACxB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QAC/B,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YACxB,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ;gBAAE,SAAS;YAC9C,IAAI,CAAC,CAAC,SAAS,GAAG,OAAO;gBAAE,SAAS;YACpC,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,CAAC,CAAC,SAAS;gBACjB,EAAE,EAAE,CAAC,CAAC,EAAE;gBACR,gBAAgB,EAAE,GAAG,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,EAAE;gBAC7C,IAAI,EAAE,CAAC,CAAC,SAAS;gBACjB,IAAI,EAAE,CAAC,CAAC,SAAS;gBACjB,GAAG,EAAE,CAAC,CAAC,GAAG;gBACV,SAAS,EAAE,CAAC,CAAC,SAAS;gBACtB,aAAa,EAAE,CAAC,CAAC,aAAa,IAAI,CAAC,CAAC,aAAa;aAClD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;IACjE,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;IAEjC,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;QACnB,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,IAAI,CAAC,CAAC,GAAG;YAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC7B,IAAI,CAAC,CAAC,SAAS,KAAK,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QAClD,IAAI,CAAC,CAAC,SAAS,KAAK,KAAK;YAAE,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACvD,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ;YAAE,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACxE,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,CAAC,IAAI,IAAI,IAAI,EAAE,CAAC;YACjD,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACnD,CAAC;QACD,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;QAC5D,+DAA+D;QAC/D,sCAAsC;QACtC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,aAAa,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC,eAAe,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QACxF,OAAO;YACL,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,EAAE,EAAE,CAAC,CAAC,EAAE;YACR,gBAAgB,EAAE,CAAC,CAAC,gBAAgB;YACpC,SAAS;YACT,GAAG;SACJ,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAgB,eAAe,CAAC,MAAiB,EAAE,OAAe;IAChE,MAAM,CAAC,GAAa,EAAE,CAAC;IAEvB,CAAC,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;IAC3C,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;IACtD,CAAC,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,KAAK,MAAM,CAAC,SAAS,GAAG,CAAC,CAAC;IAC7D,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEX,qEAAqE;IACrE,kEAAkE;IAClE,2CAA2C;IAC3C,uBAAuB,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IAEnC,+DAA+D;IAC/D,kEAAkE;IAClE,4DAA4D;IAC5D,8DAA8D;IAC9D,+DAA+D;IAC/D,MAAM,MAAM,GAAG,eAAe,CAAC,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAC/C,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,CAAC,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAChC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,OAAO,MAAM,CAAC,MAAM,WAAW,MAAM,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,gBAAgB;YAC9E,8EAA8E;YAC9E,yDAAyD,CAC5D,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5D,CAAC,CAAC,IAAI,CAAC,mDAAmD,CAAC,CAAC;QAC5D,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACzB,CAAC,CAAC,IAAI,CACJ,OAAO,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,UAAU,GAAG,CAAC,EAAE,UAAU,GAAG,CAAC,gBAAgB,QAAQ,GAAG,CAAC,SAAS,MAAM,GAAG,CAAC,GAAG,IAAI,CAC/G,CAAC;QACJ,CAAC;QACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IAED,UAAU;IACV,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACrB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,IAAI,CAAC,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,CAAC,CAAC,IAAI,CACJ,uBAAuB,CAAC,CAAC,YAAY,CAAC,MAAM,qBAAqB;YAC/D,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;YAChD,yEAAyE,CAC5E,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IACD,IAAI,CAAC,CAAC,MAAM,KAAK,WAAW,EAAE,CAAC;QAC7B,CAAC,CAAC,IAAI,CACJ,KAAK,CAAC,CAAC,aAAa,6BAA6B,CAAC,CAAC,uBAAuB,kDAAkD;YAC1H,+EAA+E;YAC/E,uCAAuC,CAC1C,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,aAAa,yDAAyD,CAAC,CAAC;IACxF,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,IAAI,CAAC,CAAC,kBAAkB,GAAG,CAAC,EAAE,CAAC;QAC7B,CAAC,CAAC,IAAI,CACJ,KAAK,CAAC,CAAC,kBAAkB,4CAA4C;YACnE,KAAK,CAAC,CAAC,eAAe,yBAAyB;YAC/C,oEAAoE;YACpE,+BAA+B;YAC/B,KAAK,CAAC,CAAC,eAAe,sDAAsD,CAC/E,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,+DAA+D;YAC7D,sCAAsC,CAAC,CAAC,eAAe,mBAAmB;YAC1E,qBAAqB,CAAC,CAAC,kBAAkB,uBAAuB;YAChE,+BAA+B,CAClC,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QAChE,CAAC,CAAC,IAAI,CAAC,uDAAuD,CAAC,CAAC;QAChE,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,QAAQ,IAAI,CAAC,CAAC;QAClD,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,CAAC;QAC9C,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,MAAM,IAAI,CAAC,CAAC;QAChD,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,UAAU,CAAC,GAAG,IAAI,CAAC,CAAC;QAC7C,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IACD,IAAI,CAAC,CAAC,gBAAgB,GAAG,CAAC,EAAE,CAAC;QAC3B,CAAC,CAAC,IAAI,CACJ,QAAQ,CAAC,CAAC,gBAAgB,2DAA2D;YACnF,sEAAsE;YACtE,qEAAqE,CACxE,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEX,oEAAoE;IACpE,+DAA+D;IAC/D,+DAA+D;IAC/D,mEAAmE;IACnE,6BAA6B;IAC7B,MAAM,eAAe,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC;IACxD,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;QAClC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,sEAAsE;YACpE,sEAAsE;YACtE,gEAAgE,CACnE,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,qFAAqF;YACnF,qFAAqF;YACrF,iFAAiF;YACjF,oFAAoF;YACpF,iFAAiF;YACjF,sEAAsE,CACzE,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,MAAM,QAAQ,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1F,MAAM,MAAM,GAAG,eAAe,CAAC,IAAI,CACjC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACP,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YACvD,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa;YACvC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAC3B,CAAC;QACF,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACnC,CAAC,CAAC,IAAI,CAAC,iFAAiF,CAAC,CAAC;QAC1F,CAAC,CAAC,IAAI,CAAC,iFAAiF,CAAC,CAAC;QAC1F,KAAK,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;YAC7B,MAAM,MAAM,GAAG,CAAC,CAAC;YACjB,MAAM,OAAO,GACX,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM;gBACxB,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,MAAM,OAAO;gBAClF,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC5B,CAAC,CAAC,IAAI,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,GAAG,QAAQ,CAAC,CAAC,aAAa,MAAM,OAAO,IAAI,CAAC,CAAC;QAC3F,CAAC;QACD,IAAI,MAAM,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACxB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACX,CAAC,CAAC,IAAI,CAAC,YAAY,GAAG,OAAO,MAAM,CAAC,MAAM,6CAA6C,CAAC,CAAC;QAC3F,CAAC;QACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IAED,iEAAiE;IACjE,IAAI,CAAC,CAAC,kBAAkB,GAAG,CAAC,EAAE,CAAC;QAC7B,CAAC,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QACjC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CACJ,qFAAqF;YACnF,uFAAuF;YACvF,yEAAyE,CAC5E,CAAC;QACF,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,MAAM,QAAQ,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1F,MAAM,OAAO,GAAG,CAAC,CAAW,EAAU,EAAE;YACtC,IAAI,IAAI,GAAG,CAAC,CAAC,CAAC;YACd,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;gBACxB,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,SAAS,GAAG,IAAI;oBAAE,IAAI,GAAG,CAAC,CAAC,SAAS,CAAC;YAChF,CAAC;YACD,OAAO,IAAI,CAAC;QACd,CAAC,CAAC;QACF,MAAM,IAAI,GAAe,MAAM,CAAC,OAAO;aACpC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,CAAC;aAC5B,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;YACb,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACtB,IAAI,EAAE,KAAK,EAAE;gBAAE,OAAO,EAAE,GAAG,EAAE,CAAC,CAAC,oBAAoB;YACnD,OAAO,CACL,QAAQ,CAAC,CAAC,CAAC,WAAY,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAY,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,OAAO,CAAC,CAC1F,CAAC;QACJ,CAAC,CAAC,CAAC;QACL,MAAM,GAAG,GAAG,EAAE,CAAC;QACf,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QACjC,CAAC,CAAC,IAAI,CACJ,oGAAoG,CACrG,CAAC;QACF,CAAC,CAAC,IAAI,CACJ,oGAAoG,CACrG,CAAC;QACF,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;YACtB,MAAM,MAAM,GAAG,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;YACrD,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK;iBACvB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;iBACvB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;YACrD,wEAAwE;YACxE,8DAA8D;YAC9D,iEAAiE;YACjE,gDAAgD;YAChD,MAAM,QAAQ,GACZ,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;YACjF,6DAA6D;YAC7D,+DAA+D;YAC/D,8DAA8D;YAC9D,kCAAkC;YAClC,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK;iBACvB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,CAAC;iBACvB,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC;YACrD,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,UAAU,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;YAClF,+DAA+D;YAC/D,kEAAkE;YAClE,MAAM,OAAO,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACtD,8DAA8D;YAC9D,2DAA2D;YAC3D,8DAA8D;YAC9D,gEAAgE;YAChE,MAAM,SAAS,GAAG,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,iEAAiE;YACjE,8DAA8D;YAC9D,mDAAmD;YACnD,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;YACxB,MAAM,QAAQ,GAAG,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC;YAC5D,CAAC,CAAC,IAAI,CACJ,KAAK,QAAQ,MAAM,SAAS,CAAC,CAAC,CAAC,WAAY,CAAC,MAAM,QAAQ,QAAQ,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,QAAQ,CAAC,CAAC,WAAW,MAAM,CAAC,CAAC,KAAK,CAAC,MAAM,MAAM,OAAO,MAAM,SAAS,MAAM,QAAQ,MAAM,MAAM,IAAI,CAC5L,CAAC;QACJ,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,GAAG,GAAG,EAAE,CAAC;YACtB,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACX,CAAC,CAAC,IAAI,CACJ,YAAY,GAAG,OAAO,IAAI,CAAC,MAAM,gGAAgG,CAClI,CAAC;QACJ,CAAC;QACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACb,CAAC;IAED,SAAS;IACT,CAAC,CAAC,IAAI,CAAC,mBAAmB,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,QAAQ,EAAE,CAAC,CAAC;IACrE,IAAI,MAAM,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvC,CAAC,CAAC,IAAI,CAAC,0BAA0B,MAAM,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACzE,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,sBAAsB,OAAO,GAAG,CAAC,CAAC;IACzC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;IAEzF,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACtB,CAAC;AAED,+EAA+E;AAE/E;;;;;;;GAOG;AACH,SAAS,uBAAuB,CAAC,CAAW,EAAE,MAAiB;IAC7D,MAAM,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC;IACzB,CAAC,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAClC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,2EAA2E;IAC3E,qEAAqE;IACrE,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QAC/B,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;YACxB,MAAM,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,UAAU,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC;YAC/D,MAAM,QAAQ,GAAG,CAAC,CAAC,GAAG,KAAK,IAAI,IAAI,CAAC,CAAC,SAAS,KAAK,IAAI,CAAC;YACxD,IAAI,GAAG,IAAI,QAAQ;gBAAE,YAAY,EAAE,CAAC;YACpC,IAAI,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,IAAI,CAAC,CAAC,SAAS,IAAI,EAAE;gBAAE,UAAU,EAAE,CAAC;QACzE,CAAC;IACH,CAAC;IAED,MAAM,WAAW,GACf,YAAY,KAAK,CAAC;QAChB,CAAC,CAAC,kFAAkF;QACpF,CAAC,CAAC,QAAQ,YAAY,gBAAgB,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,mFAAmF,CAAC;IAC3J,CAAC,CAAC,IAAI,CAAC,KAAK,WAAW,EAAE,CAAC,CAAC;IAE3B,CAAC,CAAC,IAAI,CACJ,UAAU,UAAU,WAAW,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,sCAAsC,CACjG,CAAC;IAEF,mBAAmB;IACnB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAwB,CAAC;IACnD,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QAC/B,MAAM,CAAC,GAAG,IAAA,yBAAY,EAAC,CAAC,CAAC,WAAW,CAAC,CAAC;QACtC,UAAU,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClD,CAAC;IACD,MAAM,MAAM,GAAG,UAAU,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,CAAC,CAAC;IACtD,MAAM,UAAU,GAAG,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClD,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,IAAI,MAAM,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,GAAG,MAAM,uCAAuC,CAAC,CAAC;IAC/E,IAAI,UAAU,GAAG,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,GAAG,UAAU,iCAAiC,CAAC,CAAC;IACjF,CAAC,CAAC,IAAI,CACJ,8BAA8B,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,mCAAmC,EAAE,CAC9G,CAAC;IAEF,YAAY;IACZ,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;IACvB,MAAM,UAAU,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CACtC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAA,0BAAa,EAAC,CAAC,CAAC,WAAW,EAAE,GAAG,CAAC,KAAK,OAAO,CACrD,CAAC,MAAM,CAAC;IACT,CAAC,CAAC,IAAI,CACJ,wBAAwB,UAAU,WAAW,UAAU,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,yBAAyB,CAClG,CAAC;IAEF,2BAA2B;IAC3B,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QAC3D,MAAM,QAAQ,GAAgC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1F,OAAO,CACL,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;YACvD,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CACxC,CAAC;IACJ,CAAC,CAAC,CAAC;IACH,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtB,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC;QAC5B,CAAC,CAAC,IAAI,CACJ,wCAAwC,IAAI,uBAAuB,CAAC,CAAC,aAAa,sBAAsB,CAAC,CAAC,aAAa,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,WAAW,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC,GAAG,CAClL,CAAC;IACJ,CAAC;IACD,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACX,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACd,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACb,CAAC"}
|
|
@@ -0,0 +1,63 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* PM-oriented derived signals for bom renderers (2.3.2).
|
|
3
|
+
*
|
|
4
|
+
* Pure helpers that project raw finding fields into categorical
|
|
5
|
+
* signals a non-technical reviewer can sort/filter/decide on without
|
|
6
|
+
* domain expertise:
|
|
7
|
+
*
|
|
8
|
+
* - `licenseClass(licenseType)` — SPDX-id → permissive / copyleft-
|
|
9
|
+
* weak / copyleft-strong / proprietary / unknown. Lets a PM
|
|
10
|
+
* filter the inventory for "anything I need a lawyer to sign off".
|
|
11
|
+
*
|
|
12
|
+
* - `stalenessTier(releaseDate)` — ISO date → fresh (< 1y) / aging
|
|
13
|
+
* (1–3y) / stale (≥ 3y). Lets a PM see deps that may no longer
|
|
14
|
+
* be maintained without knowing semver or npm-registry API.
|
|
15
|
+
*
|
|
16
|
+
* - `effortEstimate(entry)` — packs the entry's upgrade path into
|
|
17
|
+
* trivial / moderate / major / blocked. Derived from
|
|
18
|
+
* installedVersion → fixedVersion semver delta or "no fix available".
|
|
19
|
+
* Helps scope sprint commitments.
|
|
20
|
+
*
|
|
21
|
+
* These deliberately live OUTSIDE `capabilities/types.ts` so the
|
|
22
|
+
* finding types stay the analyzer contract and these are strictly
|
|
23
|
+
* rendering helpers. If downstream consumers later need them in the
|
|
24
|
+
* JSON output, they can be promoted to type fields in a minor bump.
|
|
25
|
+
*/
|
|
26
|
+
import type { BomEntry } from './types';
|
|
27
|
+
export type LicenseClass = 'permissive' | 'copyleft-weak' | 'copyleft-strong' | 'proprietary' | 'unknown';
|
|
28
|
+
/**
|
|
29
|
+
* Classify a license string from a `LicenseFinding`. Accepts raw SPDX
|
|
30
|
+
* ids, compound expressions (`"MIT OR Apache-2.0"` — classifies by the
|
|
31
|
+
* first recognised token), and human-readable variants. Unrecognised
|
|
32
|
+
* input returns `'unknown'` so the caller can surface the raw string
|
|
33
|
+
* for human review.
|
|
34
|
+
*/
|
|
35
|
+
export declare function licenseClass(licenseType: string | undefined): LicenseClass;
|
|
36
|
+
export type StalenessTier = 'fresh' | 'aging' | 'stale' | 'unknown';
|
|
37
|
+
/**
|
|
38
|
+
* Classify package freshness from an ISO-8601 release date. Threshold
|
|
39
|
+
* picked for PM sensibility: "< 1 year" is current, "1–3 years" starts
|
|
40
|
+
* getting stale, "≥ 3 years" warrants a "still maintained?" conversation.
|
|
41
|
+
*
|
|
42
|
+
* `now` is injectable so tests don't drift over time.
|
|
43
|
+
*/
|
|
44
|
+
export declare function stalenessTier(releaseDate: string | undefined, now?: Date): StalenessTier;
|
|
45
|
+
export type EffortEstimate = 'trivial' | 'moderate' | 'major' | 'blocked';
|
|
46
|
+
/**
|
|
47
|
+
* Estimate the effort to remediate a vulnerable package.
|
|
48
|
+
*
|
|
49
|
+
* - `blocked`: no advisory has a `fixedVersion` → requires a drop-in
|
|
50
|
+
* replacement or living-with-it exception.
|
|
51
|
+
* - `trivial`: every advisory's fix is a patch-version bump (same
|
|
52
|
+
* major+minor). Low-risk npm install away.
|
|
53
|
+
* - `moderate`: fix is a minor-version bump (same major). API-additive;
|
|
54
|
+
* contract-stable but light testing warranted.
|
|
55
|
+
* - `major`: fix is a major-version bump. Potential breaking changes;
|
|
56
|
+
* read the changelog before committing.
|
|
57
|
+
*
|
|
58
|
+
* Extracts semver by numeric parse of the first three dotted components
|
|
59
|
+
* (strips a leading `v` Go-style). Non-parseable or multi-vuln mixtures
|
|
60
|
+
* escalate to the highest effort tier seen.
|
|
61
|
+
*/
|
|
62
|
+
export declare function effortEstimate(entry: BomEntry): EffortEstimate;
|
|
63
|
+
//# sourceMappingURL=pm-signals.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pm-signals.d.ts","sourceRoot":"","sources":["../../../src/analyzers/bom/pm-signals.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAIxC,MAAM,MAAM,YAAY,GACpB,YAAY,GACZ,eAAe,GACf,iBAAiB,GACjB,aAAa,GACb,SAAS,CAAC;AAuDd;;;;;;GAMG;AACH,wBAAgB,YAAY,CAAC,WAAW,EAAE,MAAM,GAAG,SAAS,GAAG,YAAY,CAgC1E;AAID,MAAM,MAAM,aAAa,GAAG,OAAO,GAAG,OAAO,GAAG,OAAO,GAAG,SAAS,CAAC;AAIpE;;;;;;GAMG;AACH,wBAAgB,aAAa,CAC3B,WAAW,EAAE,MAAM,GAAG,SAAS,EAC/B,GAAG,GAAE,IAAiB,GACrB,aAAa,CAQf;AAID,MAAM,MAAM,cAAc,GAAG,SAAS,GAAG,UAAU,GAAG,OAAO,GAAG,SAAS,CAAC;AAE1E;;;;;;;;;;;;;;;GAeG;AACH,wBAAgB,cAAc,CAAC,KAAK,EAAE,QAAQ,GAAG,cAAc,CAqB9D"}
|
|
@@ -0,0 +1,200 @@
|
|
|
1
|
+
"use strict";
|
|
2
|
+
/**
|
|
3
|
+
* PM-oriented derived signals for bom renderers (2.3.2).
|
|
4
|
+
*
|
|
5
|
+
* Pure helpers that project raw finding fields into categorical
|
|
6
|
+
* signals a non-technical reviewer can sort/filter/decide on without
|
|
7
|
+
* domain expertise:
|
|
8
|
+
*
|
|
9
|
+
* - `licenseClass(licenseType)` — SPDX-id → permissive / copyleft-
|
|
10
|
+
* weak / copyleft-strong / proprietary / unknown. Lets a PM
|
|
11
|
+
* filter the inventory for "anything I need a lawyer to sign off".
|
|
12
|
+
*
|
|
13
|
+
* - `stalenessTier(releaseDate)` — ISO date → fresh (< 1y) / aging
|
|
14
|
+
* (1–3y) / stale (≥ 3y). Lets a PM see deps that may no longer
|
|
15
|
+
* be maintained without knowing semver or npm-registry API.
|
|
16
|
+
*
|
|
17
|
+
* - `effortEstimate(entry)` — packs the entry's upgrade path into
|
|
18
|
+
* trivial / moderate / major / blocked. Derived from
|
|
19
|
+
* installedVersion → fixedVersion semver delta or "no fix available".
|
|
20
|
+
* Helps scope sprint commitments.
|
|
21
|
+
*
|
|
22
|
+
* These deliberately live OUTSIDE `capabilities/types.ts` so the
|
|
23
|
+
* finding types stay the analyzer contract and these are strictly
|
|
24
|
+
* rendering helpers. If downstream consumers later need them in the
|
|
25
|
+
* JSON output, they can be promoted to type fields in a minor bump.
|
|
26
|
+
*/
|
|
27
|
+
Object.defineProperty(exports, "__esModule", { value: true });
|
|
28
|
+
exports.licenseClass = licenseClass;
|
|
29
|
+
exports.stalenessTier = stalenessTier;
|
|
30
|
+
exports.effortEstimate = effortEstimate;
|
|
31
|
+
/** Known-permissive SPDX ids. Matching is forgiving — `MIT`, `MIT license`,
|
|
32
|
+
* `MIT (fork)` all map to the same class. Bench xlsx was full of
|
|
33
|
+
* human-readable suffixes; this logic normalises them away. */
|
|
34
|
+
const PERMISSIVE = new Set([
|
|
35
|
+
'mit',
|
|
36
|
+
'mit-0',
|
|
37
|
+
'apache-2.0',
|
|
38
|
+
'apache 2.0',
|
|
39
|
+
'apache-1.1',
|
|
40
|
+
'bsd',
|
|
41
|
+
'bsd-2-clause',
|
|
42
|
+
'bsd-3-clause',
|
|
43
|
+
'bsd-3-clause-clear',
|
|
44
|
+
'0bsd',
|
|
45
|
+
'isc',
|
|
46
|
+
'zlib',
|
|
47
|
+
'unlicense',
|
|
48
|
+
'cc0-1.0',
|
|
49
|
+
'wtfpl',
|
|
50
|
+
'python-2.0',
|
|
51
|
+
'python',
|
|
52
|
+
'psf-2.0',
|
|
53
|
+
'artistic-2.0',
|
|
54
|
+
'artistic-1.0',
|
|
55
|
+
'boost',
|
|
56
|
+
'bsl-1.0',
|
|
57
|
+
'upl-1.0', // Universal Permissive License
|
|
58
|
+
]);
|
|
59
|
+
const COPYLEFT_STRONG = new Set([
|
|
60
|
+
'gpl-2.0',
|
|
61
|
+
'gpl-3.0',
|
|
62
|
+
'gpl',
|
|
63
|
+
'agpl-3.0',
|
|
64
|
+
'agpl-1.0',
|
|
65
|
+
'agpl',
|
|
66
|
+
'sspl-1.0',
|
|
67
|
+
]);
|
|
68
|
+
const COPYLEFT_WEAK = new Set([
|
|
69
|
+
'lgpl-2.1',
|
|
70
|
+
'lgpl-3.0',
|
|
71
|
+
'lgpl',
|
|
72
|
+
'mpl-1.1',
|
|
73
|
+
'mpl-2.0',
|
|
74
|
+
'epl-1.0',
|
|
75
|
+
'epl-2.0',
|
|
76
|
+
'cddl-1.0',
|
|
77
|
+
'cddl-1.1',
|
|
78
|
+
]);
|
|
79
|
+
const PROPRIETARY_MARKERS = ['UNLICENSED', 'SEE LICENSE IN', 'PROPRIETARY', 'COMMERCIAL'];
|
|
80
|
+
/**
|
|
81
|
+
* Classify a license string from a `LicenseFinding`. Accepts raw SPDX
|
|
82
|
+
* ids, compound expressions (`"MIT OR Apache-2.0"` — classifies by the
|
|
83
|
+
* first recognised token), and human-readable variants. Unrecognised
|
|
84
|
+
* input returns `'unknown'` so the caller can surface the raw string
|
|
85
|
+
* for human review.
|
|
86
|
+
*/
|
|
87
|
+
function licenseClass(licenseType) {
|
|
88
|
+
if (!licenseType || licenseType === 'UNKNOWN' || licenseType.trim().length === 0) {
|
|
89
|
+
return 'unknown';
|
|
90
|
+
}
|
|
91
|
+
const upper = licenseType.toUpperCase();
|
|
92
|
+
for (const marker of PROPRIETARY_MARKERS) {
|
|
93
|
+
if (upper.includes(marker))
|
|
94
|
+
return 'proprietary';
|
|
95
|
+
}
|
|
96
|
+
// Compound expressions: split on OR/AND, classify each, take the
|
|
97
|
+
// strictest class (copyleft > permissive > unknown). Prevents an
|
|
98
|
+
// `MIT OR GPL-3.0` from reading as harmless MIT when the user can
|
|
99
|
+
// also be tied to GPL obligations. Strip surrounding punctuation
|
|
100
|
+
// (parens/brackets) that license-checker sometimes emits on
|
|
101
|
+
// compound expressions like `(Apache-2.0 OR UPL-1.0)`.
|
|
102
|
+
const cleaned = licenseType.replace(/[()[\]{}]/g, ' ').trim();
|
|
103
|
+
const tokens = cleaned
|
|
104
|
+
.split(/\s+(?:OR|AND|\/|\|)\s+|\s+license\s*$/i)
|
|
105
|
+
.map((t) => t
|
|
106
|
+
.trim()
|
|
107
|
+
.toLowerCase()
|
|
108
|
+
.replace(/^apache\s+/, 'apache-')
|
|
109
|
+
.replace(/\s+/g, '-'))
|
|
110
|
+
.filter(Boolean);
|
|
111
|
+
let worst = 'unknown';
|
|
112
|
+
for (const norm of tokens) {
|
|
113
|
+
if (COPYLEFT_STRONG.has(norm))
|
|
114
|
+
return 'copyleft-strong';
|
|
115
|
+
if (COPYLEFT_WEAK.has(norm))
|
|
116
|
+
worst = 'copyleft-weak';
|
|
117
|
+
else if (PERMISSIVE.has(norm) && worst === 'unknown')
|
|
118
|
+
worst = 'permissive';
|
|
119
|
+
}
|
|
120
|
+
return worst;
|
|
121
|
+
}
|
|
122
|
+
const YEAR_MS = 365 * 24 * 60 * 60 * 1000;
|
|
123
|
+
/**
|
|
124
|
+
* Classify package freshness from an ISO-8601 release date. Threshold
|
|
125
|
+
* picked for PM sensibility: "< 1 year" is current, "1–3 years" starts
|
|
126
|
+
* getting stale, "≥ 3 years" warrants a "still maintained?" conversation.
|
|
127
|
+
*
|
|
128
|
+
* `now` is injectable so tests don't drift over time.
|
|
129
|
+
*/
|
|
130
|
+
function stalenessTier(releaseDate, now = new Date()) {
|
|
131
|
+
if (!releaseDate)
|
|
132
|
+
return 'unknown';
|
|
133
|
+
const t = Date.parse(releaseDate);
|
|
134
|
+
if (Number.isNaN(t))
|
|
135
|
+
return 'unknown';
|
|
136
|
+
const ageMs = now.getTime() - t;
|
|
137
|
+
if (ageMs < YEAR_MS)
|
|
138
|
+
return 'fresh';
|
|
139
|
+
if (ageMs < 3 * YEAR_MS)
|
|
140
|
+
return 'aging';
|
|
141
|
+
return 'stale';
|
|
142
|
+
}
|
|
143
|
+
/**
|
|
144
|
+
* Estimate the effort to remediate a vulnerable package.
|
|
145
|
+
*
|
|
146
|
+
* - `blocked`: no advisory has a `fixedVersion` → requires a drop-in
|
|
147
|
+
* replacement or living-with-it exception.
|
|
148
|
+
* - `trivial`: every advisory's fix is a patch-version bump (same
|
|
149
|
+
* major+minor). Low-risk npm install away.
|
|
150
|
+
* - `moderate`: fix is a minor-version bump (same major). API-additive;
|
|
151
|
+
* contract-stable but light testing warranted.
|
|
152
|
+
* - `major`: fix is a major-version bump. Potential breaking changes;
|
|
153
|
+
* read the changelog before committing.
|
|
154
|
+
*
|
|
155
|
+
* Extracts semver by numeric parse of the first three dotted components
|
|
156
|
+
* (strips a leading `v` Go-style). Non-parseable or multi-vuln mixtures
|
|
157
|
+
* escalate to the highest effort tier seen.
|
|
158
|
+
*/
|
|
159
|
+
function effortEstimate(entry) {
|
|
160
|
+
if (entry.vulns.length === 0)
|
|
161
|
+
return 'trivial'; // unreachable under normal rendering
|
|
162
|
+
const installed = parseSemverTriple(entry.version);
|
|
163
|
+
let worst = 'trivial';
|
|
164
|
+
let anyFixMissing = false;
|
|
165
|
+
for (const v of entry.vulns) {
|
|
166
|
+
if (!v.fixedVersion) {
|
|
167
|
+
anyFixMissing = true;
|
|
168
|
+
continue;
|
|
169
|
+
}
|
|
170
|
+
const fix = parseSemverTriple(v.fixedVersion);
|
|
171
|
+
if (!installed || !fix) {
|
|
172
|
+
worst = worstOf(worst, 'major');
|
|
173
|
+
continue;
|
|
174
|
+
}
|
|
175
|
+
if (fix[0] > installed[0])
|
|
176
|
+
worst = worstOf(worst, 'major');
|
|
177
|
+
else if (fix[1] > installed[1])
|
|
178
|
+
worst = worstOf(worst, 'moderate');
|
|
179
|
+
// patch bumps or lower stay 'trivial'
|
|
180
|
+
}
|
|
181
|
+
if (anyFixMissing)
|
|
182
|
+
return 'blocked';
|
|
183
|
+
return worst;
|
|
184
|
+
}
|
|
185
|
+
function parseSemverTriple(v) {
|
|
186
|
+
const stripped = v.replace(/^v/, '');
|
|
187
|
+
const parts = stripped.split(/[.+-]/).slice(0, 3).map(Number);
|
|
188
|
+
if (parts.length < 3 || parts.some(Number.isNaN))
|
|
189
|
+
return null;
|
|
190
|
+
return parts;
|
|
191
|
+
}
|
|
192
|
+
function worstOf(a, b) {
|
|
193
|
+
const rank = {
|
|
194
|
+
trivial: 0,
|
|
195
|
+
moderate: 1,
|
|
196
|
+
major: 2,
|
|
197
|
+
};
|
|
198
|
+
return rank[a] >= rank[b] ? a : b;
|
|
199
|
+
}
|
|
200
|
+
//# sourceMappingURL=pm-signals.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pm-signals.js","sourceRoot":"","sources":["../../../src/analyzers/bom/pm-signals.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;;AAyEH,oCAgCC;AAeD,sCAWC;AAsBD,wCAqBC;AAjKD;;gEAEgE;AAChE,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC;IACzB,KAAK;IACL,OAAO;IACP,YAAY;IACZ,YAAY;IACZ,YAAY;IACZ,KAAK;IACL,cAAc;IACd,cAAc;IACd,oBAAoB;IACpB,MAAM;IACN,KAAK;IACL,MAAM;IACN,WAAW;IACX,SAAS;IACT,OAAO;IACP,YAAY;IACZ,QAAQ;IACR,SAAS;IACT,cAAc;IACd,cAAc;IACd,OAAO;IACP,SAAS;IACT,SAAS,EAAE,+BAA+B;CAC3C,CAAC,CAAC;AAEH,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC;IAC9B,SAAS;IACT,SAAS;IACT,KAAK;IACL,UAAU;IACV,UAAU;IACV,MAAM;IACN,UAAU;CACX,CAAC,CAAC;AAEH,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC;IAC5B,UAAU;IACV,UAAU;IACV,MAAM;IACN,SAAS;IACT,SAAS;IACT,SAAS;IACT,SAAS;IACT,UAAU;IACV,UAAU;CACX,CAAC,CAAC;AAEH,MAAM,mBAAmB,GAAG,CAAC,YAAY,EAAE,gBAAgB,EAAE,aAAa,EAAE,YAAY,CAAC,CAAC;AAE1F;;;;;;GAMG;AACH,SAAgB,YAAY,CAAC,WAA+B;IAC1D,IAAI,CAAC,WAAW,IAAI,WAAW,KAAK,SAAS,IAAI,WAAW,CAAC,IAAI,EAAE,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjF,OAAO,SAAS,CAAC;IACnB,CAAC;IACD,MAAM,KAAK,GAAG,WAAW,CAAC,WAAW,EAAE,CAAC;IACxC,KAAK,MAAM,MAAM,IAAI,mBAAmB,EAAE,CAAC;QACzC,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,OAAO,aAAa,CAAC;IACnD,CAAC;IACD,iEAAiE;IACjE,iEAAiE;IACjE,kEAAkE;IAClE,iEAAiE;IACjE,4DAA4D;IAC5D,uDAAuD;IACvD,MAAM,OAAO,GAAG,WAAW,CAAC,OAAO,CAAC,YAAY,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;IAC9D,MAAM,MAAM,GAAG,OAAO;SACnB,KAAK,CAAC,wCAAwC,CAAC;SAC/C,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CACT,CAAC;SACE,IAAI,EAAE;SACN,WAAW,EAAE;SACb,OAAO,CAAC,YAAY,EAAE,SAAS,CAAC;SAChC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CACxB;SACA,MAAM,CAAC,OAAO,CAAC,CAAC;IACnB,IAAI,KAAK,GAAiB,SAAS,CAAC;IACpC,KAAK,MAAM,IAAI,IAAI,MAAM,EAAE,CAAC;QAC1B,IAAI,eAAe,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO,iBAAiB,CAAC;QACxD,IAAI,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,KAAK,GAAG,eAAe,CAAC;aAChD,IAAI,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,SAAS;YAAE,KAAK,GAAG,YAAY,CAAC;IAC7E,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAMD,MAAM,OAAO,GAAG,GAAG,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,IAAI,CAAC;AAE1C;;;;;;GAMG;AACH,SAAgB,aAAa,CAC3B,WAA+B,EAC/B,MAAY,IAAI,IAAI,EAAE;IAEtB,IAAI,CAAC,WAAW;QAAE,OAAO,SAAS,CAAC;IACnC,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IAClC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QAAE,OAAO,SAAS,CAAC;IACtC,MAAM,KAAK,GAAG,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;IAChC,IAAI,KAAK,GAAG,OAAO;QAAE,OAAO,OAAO,CAAC;IACpC,IAAI,KAAK,GAAG,CAAC,GAAG,OAAO;QAAE,OAAO,OAAO,CAAC;IACxC,OAAO,OAAO,CAAC;AACjB,CAAC;AAMD;;;;;;;;;;;;;;;GAeG;AACH,SAAgB,cAAc,CAAC,KAAe;IAC5C,IAAI,KAAK,CAAC,KAAK,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC,CAAC,qCAAqC;IACrF,MAAM,SAAS,GAAG,iBAAiB,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACnD,IAAI,KAAK,GAAqC,SAAS,CAAC;IACxD,IAAI,aAAa,GAAG,KAAK,CAAC;IAC1B,KAAK,MAAM,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QAC5B,IAAI,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC;YACpB,aAAa,GAAG,IAAI,CAAC;YACrB,SAAS;QACX,CAAC;QACD,MAAM,GAAG,GAAG,iBAAiB,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,SAAS,IAAI,CAAC,GAAG,EAAE,CAAC;YACvB,KAAK,GAAG,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;YAChC,SAAS;QACX,CAAC;QACD,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;YAAE,KAAK,GAAG,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;aACtD,IAAI,GAAG,CAAC,CAAC,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC;YAAE,KAAK,GAAG,OAAO,CAAC,KAAK,EAAE,UAAU,CAAC,CAAC;QACnE,sCAAsC;IACxC,CAAC;IACD,IAAI,aAAa;QAAE,OAAO,SAAS,CAAC;IACpC,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAS;IAClC,MAAM,QAAQ,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;IACrC,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9D,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC;QAAE,OAAO,IAAI,CAAC;IAC9D,OAAO,KAAiC,CAAC;AAC3C,CAAC;AAED,SAAS,OAAO,CAA6C,CAAI,EAAE,CAAI;IACrE,MAAM,IAAI,GAAqD;QAC7D,OAAO,EAAE,CAAC;QACV,QAAQ,EAAE,CAAC;QACX,KAAK,EAAE,CAAC;KACT,CAAC;IACF,OAAO,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACpC,CAAC"}
|
|
@@ -1,12 +1,15 @@
|
|
|
1
1
|
import { DetectedStack, ToolRequirement } from '../../types';
|
|
2
2
|
/**
|
|
3
|
-
* Shared Python venv location for
|
|
4
|
-
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
7
|
-
*
|
|
8
|
-
*
|
|
9
|
-
*
|
|
3
|
+
* Shared Python venv location for graphify specifically. Graphify is a
|
|
4
|
+
* Python *library* that our graphify.ts subprocess imports directly,
|
|
5
|
+
* not a CLI tool — so it needs a stable venv-relative path we can spawn
|
|
6
|
+
* from, unlike the CLI tools which are better served by pipx (see
|
|
7
|
+
* below).
|
|
8
|
+
*
|
|
9
|
+
* Lives under `~/.cache/dxkit/` so it survives `/tmp` cleanup. Previously
|
|
10
|
+
* `/tmp/graphify-venv` (D013's "~50% flake" was the cleanup + concurrent-
|
|
11
|
+
* run race on first install). `.cache/` is XDG-compliant and persistent;
|
|
12
|
+
* `test -d` in the shell install commands keeps creation idempotent.
|
|
10
13
|
*/
|
|
11
14
|
export declare const TOOLS_VENV: string;
|
|
12
15
|
export interface ToolDefinition extends ToolRequirement {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"tool-registry.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/tool-registry.ts"],"names":[],"mappings":"AAqBA,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE7D
|
|
1
|
+
{"version":3,"file":"tool-registry.d.ts","sourceRoot":"","sources":["../../../src/analyzers/tools/tool-registry.ts"],"names":[],"mappings":"AAqBA,OAAO,EAAE,aAAa,EAAE,eAAe,EAAE,MAAM,aAAa,CAAC;AAE7D;;;;;;;;;;;GAWG;AACH,eAAO,MAAM,UAAU,QAA2D,CAAC;AA2BnF,MAAM,WAAW,cAAe,SAAQ,eAAe;IACrD,4DAA4D;IAC5D,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,mEAAmE;IACnE,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB;;;;OAIG;IACH,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,0CAA0C;IAC1C,eAAe,EAAE;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,KAAK,CAAC,EAAE,MAAM,CAAC;QACf,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,oEAAoE;IACpE,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,SAAS,EAAE,OAAO,CAAC;IACnB,IAAI,EAAE,MAAM,GAAG,IAAI,CAAC;IACpB,OAAO,EAAE,MAAM,GAAG,IAAI,CAAC;IACvB,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,GAAG,OAAO,GAAG,SAAS,CAAC;IAClF,WAAW,EAAE,cAAc,CAAC;CAC7B;AAsHD;;;GAGG;AACH,wBAAgB,QAAQ,CAAC,GAAG,EAAE,cAAc,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,UAAU,CAiFtE;AAkBD,wDAAwD;AACxD,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,cAAc,GAAG,MAAM,CAO7D;AAMD,eAAO,MAAM,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,cAAc,CA2WpD,CAAC;AAMF;;;GAGG;AACH,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,aAAa,CAAC,WAAW,CAAC,GAAG,eAAe,EAAE,CA0C3F;AAED,sDAAsD;AACtD,wBAAgB,aAAa,CAAC,SAAS,EAAE,aAAa,CAAC,WAAW,CAAC,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,UAAU,EAAE,CAgB/F"}
|