npm - agentic-qe - Versions diffs - 3.3.3 → 3.3.5 - Mend

agentic-qe 3.3.3 → 3.3.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (553) hide show

package/v3/dist/domains/security-compliance/services/scanners/index.d.ts ADDED Viewed

@@ -0,0 +1,14 @@
+/**
+ * Agentic QE v3 - Security Scanners Module
+ * Exports all scanner components and types
+ */
+export { SecurityScannerService } from './scanner-orchestrator.js';
+export { SASTScanner } from './sast-scanner.js';
+export { DASTScanner } from './dast-scanner.js';
+export { DependencyScanner } from './dependency-scanner.js';
+export type { SecurityScannerConfig, SecurityScannerDependencies, ISecurityScannerService, FullScanResult, DependencyScanResult, SecurityPattern, MutableScanSummary, } from './scanner-types.js';
+export { DEFAULT_CONFIG } from './scanner-types.js';
+export type { Vulnerability, VulnerabilitySeverity, VulnerabilityCategory, VulnerabilityLocation, RemediationAdvice, ScanSummary, SecurityCoverage, ScanStatus, SASTResult, DASTResult, DASTOptions, AuthCredentials, RuleSet, FalsePositiveCheck, } from './scanner-types.js';
+export { ALL_SECURITY_PATTERNS, SQL_INJECTION_PATTERNS, XSS_PATTERNS, SECRET_PATTERNS, PATH_TRAVERSAL_PATTERNS, COMMAND_INJECTION_PATTERNS, MISCONFIGURATION_PATTERNS, DESERIALIZATION_PATTERNS, AUTH_PATTERNS, BUILT_IN_RULE_SETS, } from './security-patterns.js';
+export { analyzeSecurityHeaders, analyzeCookieSecurity, analyzeServerHeaders, scanSensitiveFiles, analyzeCORS, extractAndCrawlLinks, testXSS, testSQLi, analyzeFormsForSecurityIssues, testAuthorizationBypass, testIDOR, validateCredentials, buildAuthHeaders, handleFetchError, calculateSummary, storeScanResults, } from './dast-helpers.js';
+//# sourceMappingURL=index.d.ts.map

package/v3/dist/domains/security-compliance/services/scanners/index.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../../src/domains/security-compliance/services/scanners/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAGnE,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAG5D,YAAY,EACV,qBAAqB,EACrB,2BAA2B,EAC3B,uBAAuB,EACvB,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,kBAAkB,GACnB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAGpD,YAAY,EACV,aAAa,EACb,qBAAqB,EACrB,qBAAqB,EACrB,qBAAqB,EACrB,iBAAiB,EACjB,WAAW,EACX,gBAAgB,EAChB,UAAU,EACV,UAAU,EACV,UAAU,EACV,WAAW,EACX,eAAe,EACf,OAAO,EACP,kBAAkB,GACnB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,YAAY,EACZ,eAAe,EACf,uBAAuB,EACvB,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,aAAa,EACb,kBAAkB,GACnB,MAAM,wBAAwB,CAAC;AAGhC,OAAO,EACL,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,WAAW,EACX,oBAAoB,EACpB,OAAO,EACP,QAAQ,EACR,6BAA6B,EAC7B,uBAAuB,EACvB,QAAQ,EACR,mBAAmB,EACnB,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,mBAAmB,CAAC"}

package/v3/dist/domains/security-compliance/services/scanners/index.js ADDED Viewed

@@ -0,0 +1,16 @@
+/**
+ * Agentic QE v3 - Security Scanners Module
+ * Exports all scanner components and types
+ */
+// Main orchestrator (facade for backward compatibility)
+export { SecurityScannerService } from './scanner-orchestrator.js';
+// Individual scanners
+export { SASTScanner } from './sast-scanner.js';
+export { DASTScanner } from './dast-scanner.js';
+export { DependencyScanner } from './dependency-scanner.js';
+export { DEFAULT_CONFIG } from './scanner-types.js';
+// Security patterns
+export { ALL_SECURITY_PATTERNS, SQL_INJECTION_PATTERNS, XSS_PATTERNS, SECRET_PATTERNS, PATH_TRAVERSAL_PATTERNS, COMMAND_INJECTION_PATTERNS, MISCONFIGURATION_PATTERNS, DESERIALIZATION_PATTERNS, AUTH_PATTERNS, BUILT_IN_RULE_SETS, } from './security-patterns.js';
+// DAST helper functions (for advanced/custom usage)
+export { analyzeSecurityHeaders, analyzeCookieSecurity, analyzeServerHeaders, scanSensitiveFiles, analyzeCORS, extractAndCrawlLinks, testXSS, testSQLi, analyzeFormsForSecurityIssues, testAuthorizationBypass, testIDOR, validateCredentials, buildAuthHeaders, handleFetchError, calculateSummary, storeScanResults, } from './dast-helpers.js';
+//# sourceMappingURL=index.js.map

package/v3/dist/domains/security-compliance/services/scanners/index.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../../../../src/domains/security-compliance/services/scanners/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,wDAAwD;AACxD,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAEnE,sBAAsB;AACtB,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAChD,OAAO,EAAE,iBAAiB,EAAE,MAAM,yBAAyB,CAAC;AAa5D,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAoBpD,oBAAoB;AACpB,OAAO,EACL,qBAAqB,EACrB,sBAAsB,EACtB,YAAY,EACZ,eAAe,EACf,uBAAuB,EACvB,0BAA0B,EAC1B,yBAAyB,EACzB,wBAAwB,EACxB,aAAa,EACb,kBAAkB,GACnB,MAAM,wBAAwB,CAAC;AAEhC,oDAAoD;AACpD,OAAO,EACL,sBAAsB,EACtB,qBAAqB,EACrB,oBAAoB,EACpB,kBAAkB,EAClB,WAAW,EACX,oBAAoB,EACpB,OAAO,EACP,QAAQ,EACR,6BAA6B,EAC7B,uBAAuB,EACvB,QAAQ,EACR,mBAAmB,EACnB,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,EAChB,gBAAgB,GACjB,MAAM,mBAAmB,CAAC"}

package/v3/dist/domains/security-compliance/services/scanners/sast-scanner.d.ts ADDED Viewed

@@ -0,0 +1,92 @@
+/**
+ * Agentic QE v3 - SAST (Static Application Security Testing) Scanner
+ * Performs static code analysis to detect security vulnerabilities
+ */
+import { Result } from '../../../../shared/types/index.js';
+import type { FilePath } from '../../../../shared/value-objects/index.js';
+import type { SecurityScannerConfig, Vulnerability, RemediationAdvice, SASTResult, RuleSet, FalsePositiveCheck, MemoryBackend, HybridRouter, ScanStatus } from './scanner-types.js';
+/**
+ * SAST Scanner - Static Application Security Testing
+ * Scans source code files for security vulnerabilities using pattern matching
+ */
+export declare class SASTScanner {
+    private readonly config;
+    private readonly memory;
+    private readonly llmRouter?;
+    private readonly activeScans;
+    constructor(config: SecurityScannerConfig, memory: MemoryBackend, llmRouter?: HybridRouter, activeScans?: Map<string, ScanStatus>);
+    /**
+     * Scan files for security vulnerabilities using static analysis
+     */
+    scanFiles(files: FilePath[]): Promise<Result<SASTResult>>;
+    /**
+     * Scan with specific rule sets
+     */
+    scanWithRules(files: FilePath[], ruleSetIds: string[]): Promise<Result<SASTResult>>;
+    /**
+     * Get available rule sets
+     */
+    getAvailableRuleSets(): Promise<RuleSet[]>;
+    /**
+     * Check if vulnerability is a false positive
+     */
+    checkFalsePositive(vulnerability: Vulnerability): Promise<Result<FalsePositiveCheck>>;
+    /**
+     * Analyze a file for security vulnerabilities using pattern-based detection
+     */
+    private analyzeFile;
+    /**
+     * Find all matches of a security pattern in the file content
+     */
+    private findPatternMatches;
+    /**
+     * Convert character index to line and column numbers
+     */
+    private getLineAndColumn;
+    /**
+     * Check if the match is inside a comment
+     */
+    private isInComment;
+    /**
+     * Check if the snippet appears to be in documentation or test code examples
+     */
+    private isInDocumentation;
+    /**
+     * Check if the line has a nosec annotation
+     */
+    private hasNosecAnnotation;
+    /**
+     * Create a Vulnerability object from a pattern match
+     */
+    private createVulnerabilityFromPattern;
+    private getEffortForSeverity;
+    /**
+     * Analyze if a vulnerability detection is a false positive using heuristics
+     */
+    private analyzeFalsePositive;
+    /**
+     * Calculate scan summary from vulnerabilities
+     */
+    private calculateSummary;
+    /**
+     * Store scan results in memory
+     */
+    private storeScanResults;
+    /**
+     * Check if LLM analysis is available and enabled
+     */
+    isLLMAnalysisAvailable(): boolean;
+    /**
+     * Get model ID for the configured tier
+     */
+    getModelForTier(tier: number): string;
+    /**
+     * Analyze vulnerability with LLM for deeper insights
+     */
+    analyzeVulnerabilityWithLLM(vuln: Vulnerability, codeContext: string): Promise<RemediationAdvice>;
+    /**
+     * Get default remediation advice without LLM
+     */
+    private getDefaultRemediation;
+}
+//# sourceMappingURL=sast-scanner.d.ts.map

package/v3/dist/domains/security-compliance/services/scanners/sast-scanner.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sast-scanner.d.ts","sourceRoot":"","sources":["../../../../../src/domains/security-compliance/services/scanners/sast-scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,MAAM,EAAW,MAAM,mCAAmC,CAAC;AACpE,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,2CAA2C,CAAC;AAC1E,OAAO,KAAK,EAEV,qBAAqB,EACrB,aAAa,EAGb,iBAAiB,EAGjB,UAAU,EACV,OAAO,EACP,kBAAkB,EAClB,aAAa,EACb,YAAY,EAGZ,UAAU,EACX,MAAM,oBAAoB,CAAC;AAO5B;;;GAGG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAwB;IAC/C,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAgB;IACvC,OAAO,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAe;IAC1C,OAAO,CAAC,QAAQ,CAAC,WAAW,CAA0B;gBAGpD,MAAM,EAAE,qBAAqB,EAC7B,MAAM,EAAE,aAAa,EACrB,SAAS,CAAC,EAAE,YAAY,EACxB,WAAW,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC;IAYvC;;OAEG;IACG,SAAS,CAAC,KAAK,EAAE,QAAQ,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAI/D;;OAEG;IACG,aAAa,CACjB,KAAK,EAAE,QAAQ,EAAE,EACjB,UAAU,EAAE,MAAM,EAAE,GACnB,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IA+D9B;;OAEG;IACG,oBAAoB,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAShD;;OAEG;IACG,kBAAkB,CACtB,aAAa,EAAE,aAAa,GAC3B,OAAO,CAAC,MAAM,CAAC,kBAAkB,CAAC,CAAC;IA8BtC;;OAEG;YACW,WAAW;IA2DzB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IA8B1B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAQxB;;OAEG;IACH,OAAO,CAAC,WAAW;IAuBnB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAWzB;;OAEG;IACH,OAAO,CAAC,kBAAkB;IAqB1B;;OAEG;IACH,OAAO,CAAC,8BAA8B;IAmCtC,OAAO,CAAC,oBAAoB;IAa5B;;OAEG;YACW,oBAAoB;IA+BlC;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAsBxB;;OAEG;YACW,gBAAgB;IAuB9B;;OAEG;IACH,sBAAsB,IAAI,OAAO;IAIjC;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM;IAUrC;;OAEG;IACG,2BAA2B,CAC/B,IAAI,EAAE,aAAa,EACnB,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,iBAAiB,CAAC;IA8D7B;;OAEG;IACH,OAAO,CAAC,qBAAqB;CAO9B"}

package/v3/dist/domains/security-compliance/services/scanners/sast-scanner.js ADDED Viewed

@@ -0,0 +1,440 @@
+/**
+ * Agentic QE v3 - SAST (Static Application Security Testing) Scanner
+ * Performs static code analysis to detect security vulnerabilities
+ */
+import { v4 as uuidv4 } from 'uuid';
+import { ok, err } from '../../../../shared/types/index.js';
+import { ALL_SECURITY_PATTERNS, BUILT_IN_RULE_SETS } from './security-patterns.js';
+// ============================================================================
+// SAST Scanner Service
+// ============================================================================
+/**
+ * SAST Scanner - Static Application Security Testing
+ * Scans source code files for security vulnerabilities using pattern matching
+ */
+export class SASTScanner {
+    config;
+    memory;
+    llmRouter;
+    activeScans;
+    constructor(config, memory, llmRouter, activeScans) {
+        this.config = config;
+        this.memory = memory;
+        this.llmRouter = llmRouter;
+        this.activeScans = activeScans || new Map();
+    }
+    // ==========================================================================
+    // Public Methods
+    // ==========================================================================
+    /**
+     * Scan files for security vulnerabilities using static analysis
+     */
+    async scanFiles(files) {
+        return this.scanWithRules(files, this.config.defaultRuleSets);
+    }
+    /**
+     * Scan with specific rule sets
+     */
+    async scanWithRules(files, ruleSetIds) {
+        const scanId = uuidv4();
+        try {
+            if (files.length === 0) {
+                return err(new Error('No files provided for scanning'));
+            }
+            this.activeScans.set(scanId, 'running');
+            const startTime = Date.now();
+            // Get applicable rule sets
+            const ruleSets = BUILT_IN_RULE_SETS.filter((rs) => ruleSetIds.includes(rs.id));
+            if (ruleSets.length === 0) {
+                return err(new Error(`No valid rule sets found: ${ruleSetIds.join(', ')}`));
+            }
+            // Perform static analysis on each file
+            const vulnerabilities = [];
+            let linesScanned = 0;
+            for (const file of files) {
+                const fileVulns = await this.analyzeFile(file, ruleSets);
+                vulnerabilities.push(...fileVulns.vulnerabilities);
+                linesScanned += fileVulns.linesScanned;
+            }
+            const scanDurationMs = Date.now() - startTime;
+            // Calculate summary
+            const summary = this.calculateSummary(vulnerabilities, files.length, scanDurationMs);
+            // Calculate coverage
+            const coverage = {
+                filesScanned: files.length,
+                linesScanned,
+                rulesApplied: ruleSets.reduce((acc, rs) => acc + rs.ruleCount, 0),
+            };
+            // Store scan results in memory
+            await this.storeScanResults(scanId, 'sast', vulnerabilities, summary);
+            this.activeScans.set(scanId, 'completed');
+            return ok({
+                scanId,
+                vulnerabilities,
+                summary,
+                coverage,
+            });
+        }
+        catch (error) {
+            this.activeScans.set(scanId, 'failed');
+            return err(error instanceof Error ? error : new Error(String(error)));
+        }
+    }
+    /**
+     * Get available rule sets
+     */
+    async getAvailableRuleSets() {
+        // Return built-in rule sets plus any custom ones from memory
+        const customRuleSets = await this.memory.get('security:custom-rule-sets');
+        return [...BUILT_IN_RULE_SETS, ...(customRuleSets || [])];
+    }
+    /**
+     * Check if vulnerability is a false positive
+     */
+    async checkFalsePositive(vulnerability) {
+        try {
+            if (!this.config.enableFalsePositiveDetection) {
+                return ok({
+                    isFalsePositive: false,
+                    confidence: 0,
+                    reason: 'False positive detection is disabled',
+                });
+            }
+            // Analyze vulnerability using heuristics-based false positive detection
+            const analysis = await this.analyzeFalsePositive(vulnerability);
+            // Store the check result for learning
+            await this.memory.set(`security:fp-check:${vulnerability.id}`, { vulnerability, analysis }, { namespace: 'security-compliance', ttl: 86400 * 30 } // 30 days
+            );
+            return ok(analysis);
+        }
+        catch (error) {
+            return err(error instanceof Error ? error : new Error(String(error)));
+        }
+    }
+    // ==========================================================================
+    // Private Methods
+    // ==========================================================================
+    /**
+     * Analyze a file for security vulnerabilities using pattern-based detection
+     */
+    async analyzeFile(file, ruleSets) {
+        const vulnerabilities = [];
+        const filePath = file.value;
+        const extension = file.extension;
+        // Read file content
+        let content;
+        let lines;
+        try {
+            const fs = await import('fs/promises');
+            content = await fs.readFile(filePath, 'utf-8');
+            lines = content.split('\n');
+        }
+        catch {
+            // File not accessible - return empty results
+            return { vulnerabilities: [], linesScanned: 0 };
+        }
+        const linesScanned = lines.length;
+        // Only scan supported file types
+        const supportedExtensions = ['ts', 'tsx', 'js', 'jsx', 'mjs', 'cjs'];
+        if (!supportedExtensions.includes(extension)) {
+            return { vulnerabilities: [], linesScanned };
+        }
+        // Get applicable categories from rule sets
+        const applicableCategories = new Set(ruleSets.flatMap((rs) => rs.categories));
+        // Filter patterns to only those matching applicable categories
+        const applicablePatterns = ALL_SECURITY_PATTERNS.filter((pattern) => applicableCategories.has(pattern.category));
+        // Scan content for each pattern
+        for (const securityPattern of applicablePatterns) {
+            const matches = this.findPatternMatches(content, lines, securityPattern);
+            for (const match of matches) {
+                // Skip if in comments or string that looks like documentation
+                if (this.isInComment(content, match.index) || this.isInDocumentation(match.snippet)) {
+                    continue;
+                }
+                // Skip nosec annotations
+                if (this.hasNosecAnnotation(lines, match.line)) {
+                    continue;
+                }
+                vulnerabilities.push(this.createVulnerabilityFromPattern(securityPattern, filePath, match));
+            }
+        }
+        return { vulnerabilities, linesScanned };
+    }
+    /**
+     * Find all matches of a security pattern in the file content
+     */
+    findPatternMatches(content, lines, securityPattern) {
+        const matches = [];
+        // Reset regex state for global patterns
+        const pattern = new RegExp(securityPattern.pattern.source, securityPattern.pattern.flags);
+        let match;
+        while ((match = pattern.exec(content)) !== null) {
+            const index = match.index;
+            const { line, column } = this.getLineAndColumn(content, index);
+            // Extract snippet with context (the matched line plus surrounding context)
+            const snippetLines = [];
+            const startLine = Math.max(0, line - 2);
+            const endLine = Math.min(lines.length - 1, line + 1);
+            for (let i = startLine; i <= endLine; i++) {
+                snippetLines.push(lines[i]);
+            }
+            const snippet = snippetLines.join('\n');
+            matches.push({ index, line: line + 1, column: column + 1, snippet }); // 1-indexed
+        }
+        return matches;
+    }
+    /**
+     * Convert character index to line and column numbers
+     */
+    getLineAndColumn(content, index) {
+        const beforeMatch = content.substring(0, index);
+        const lines = beforeMatch.split('\n');
+        const line = lines.length - 1;
+        const column = lines[lines.length - 1].length;
+        return { line, column };
+    }
+    /**
+     * Check if the match is inside a comment
+     */
+    isInComment(content, index) {
+        const beforeMatch = content.substring(0, index);
+        // Check for single-line comment
+        const lastNewline = beforeMatch.lastIndexOf('\n');
+        const currentLine = beforeMatch.substring(lastNewline + 1);
+        if (currentLine.includes('//')) {
+            const commentStart = currentLine.indexOf('//');
+            if (index - (beforeMatch.length - currentLine.length) > commentStart) {
+                return true;
+            }
+        }
+        // Check for multi-line comment
+        const lastBlockCommentStart = beforeMatch.lastIndexOf('/*');
+        const lastBlockCommentEnd = beforeMatch.lastIndexOf('*/');
+        if (lastBlockCommentStart > lastBlockCommentEnd) {
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Check if the snippet appears to be in documentation or test code examples
+     */
+    isInDocumentation(snippet) {
+        const docPatterns = [
+            /\*\s*@example/i,
+            /\*\s*@description/i,
+            /\/\/\s*example:/i,
+            /\/\/\s*e\.g\./i,
+            /```[\s\S]*```/,
+        ];
+        return docPatterns.some((pattern) => pattern.test(snippet));
+    }
+    /**
+     * Check if the line has a nosec annotation
+     */
+    hasNosecAnnotation(lines, lineNumber) {
+        const lineIndex = lineNumber - 1;
+        if (lineIndex < 0 || lineIndex >= lines.length) {
+            return false;
+        }
+        const currentLine = lines[lineIndex];
+        const previousLine = lineIndex > 0 ? lines[lineIndex - 1] : '';
+        const nosecPatterns = [
+            /\/\/\s*nosec/i,
+            /\/\/\s*security-ignore/i,
+            /\/\*\s*nosec\s*\*\//i,
+            /#\s*nosec/i,
+        ];
+        return nosecPatterns.some((pattern) => pattern.test(currentLine) || pattern.test(previousLine));
+    }
+    /**
+     * Create a Vulnerability object from a pattern match
+     */
+    createVulnerabilityFromPattern(pattern, file, match) {
+        const location = {
+            file,
+            line: match.line,
+            column: match.column,
+            snippet: match.snippet,
+        };
+        const remediation = {
+            description: pattern.remediation,
+            fixExample: pattern.fixExample,
+            estimatedEffort: this.getEffortForSeverity(pattern.severity),
+            automatable: pattern.severity === 'low' || pattern.severity === 'informational',
+        };
+        return {
+            id: uuidv4(),
+            cveId: undefined,
+            title: pattern.title,
+            description: `${pattern.description} [${pattern.cweId}]`,
+            severity: pattern.severity,
+            category: pattern.category,
+            location,
+            remediation,
+            references: [
+                `https://owasp.org/Top10/${pattern.owaspId.replace(':', '_')}/`,
+                `https://cwe.mitre.org/data/definitions/${pattern.cweId.replace('CWE-', '')}.html`,
+            ],
+        };
+    }
+    getEffortForSeverity(severity) {
+        const efforts = {
+            critical: 'major',
+            high: 'moderate',
+            medium: 'minor',
+            low: 'trivial',
+            informational: 'trivial',
+        };
+        return efforts[severity];
+    }
+    /**
+     * Analyze if a vulnerability detection is a false positive using heuristics
+     */
+    async analyzeFalsePositive(vulnerability) {
+        let isFalsePositive = false;
+        let confidence = 0.5;
+        let reason = 'Manual review recommended';
+        // Check for common false positive patterns
+        if (vulnerability.severity === 'informational') {
+            confidence = 0.3;
+            reason = 'Low severity findings often require manual verification';
+        }
+        if (vulnerability.location.snippet?.includes('test') ||
+            vulnerability.location.file.includes('test')) {
+            isFalsePositive = true;
+            confidence = 0.8;
+            reason = 'Vulnerability found in test code';
+        }
+        if (vulnerability.location.snippet?.includes('// nosec')) {
+            isFalsePositive = true;
+            confidence = 0.95;
+            reason = 'Explicitly marked as ignored with nosec comment';
+        }
+        return { isFalsePositive, confidence, reason };
+    }
+    /**
+     * Calculate scan summary from vulnerabilities
+     */
+    calculateSummary(vulnerabilities, totalFiles, scanDurationMs) {
+        const summary = {
+            critical: 0,
+            high: 0,
+            medium: 0,
+            low: 0,
+            informational: 0,
+            totalFiles,
+            scanDurationMs,
+        };
+        for (const vuln of vulnerabilities) {
+            summary[vuln.severity]++;
+        }
+        return summary;
+    }
+    /**
+     * Store scan results in memory
+     */
+    async storeScanResults(scanId, scanType, vulnerabilities, summary) {
+        await this.memory.set(`security:scan:${scanId}`, {
+            scanId,
+            scanType,
+            vulnerabilities,
+            summary,
+            timestamp: new Date().toISOString(),
+        }, { namespace: 'security-compliance', ttl: 86400 * 7 } // 7 days
+        );
+    }
+    // ==========================================================================
+    // LLM Enhancement Methods (ADR-051)
+    // ==========================================================================
+    /**
+     * Check if LLM analysis is available and enabled
+     */
+    isLLMAnalysisAvailable() {
+        return this.config.enableLLMAnalysis && this.llmRouter !== undefined;
+    }
+    /**
+     * Get model ID for the configured tier
+     */
+    getModelForTier(tier) {
+        switch (tier) {
+            case 1: return 'claude-3-5-haiku-20241022';
+            case 2: return 'claude-sonnet-4-20250514';
+            case 3: return 'claude-sonnet-4-20250514';
+            case 4: return 'claude-opus-4-5-20251101';
+            default: return 'claude-opus-4-5-20251101'; // Default to Opus for security
+        }
+    }
+    /**
+     * Analyze vulnerability with LLM for deeper insights
+     */
+    async analyzeVulnerabilityWithLLM(vuln, codeContext) {
+        if (!this.llmRouter) {
+            return this.getDefaultRemediation(vuln);
+        }
+        try {
+            const modelId = this.getModelForTier(this.config.llmModelTier);
+            const response = await this.llmRouter.chat({
+                messages: [
+                    {
+                        role: 'system',
+                        content: `You are a senior security engineer. Analyze the vulnerability and provide:
+1. Detailed explanation of the risk
+2. Code example showing the fix
+3. Effort estimate (trivial/minor/moderate/major)
+4. Whether it's automatable
+Be specific to the code context provided. Return JSON with: { "description": "", "fixExample": "", "estimatedEffort": "minor", "automatable": false }`,
+                    },
+                    {
+                        role: 'user',
+                        content: `Vulnerability: ${vuln.title} (${vuln.category})
+Severity: ${vuln.severity}
+Description: ${vuln.description}
+Code context:
+\`\`\`
+${codeContext}
+\`\`\`
+Provide detailed remediation advice specific to this code.`,
+                    },
+                ],
+                model: modelId,
+                maxTokens: 1500,
+                temperature: 0.2,
+            });
+            if (response.content) {
+                try {
+                    const jsonMatch = response.content.match(/\{[\s\S]*\}/);
+                    if (jsonMatch) {
+                        const analysis = JSON.parse(jsonMatch[0]);
+                        return {
+                            description: analysis.description || vuln.remediation?.description || 'Review and fix the vulnerability',
+                            fixExample: analysis.fixExample || vuln.remediation?.fixExample,
+                            estimatedEffort: analysis.estimatedEffort || vuln.remediation?.estimatedEffort || 'moderate',
+                            automatable: analysis.automatable ?? vuln.remediation?.automatable ?? false,
+                            llmEnhanced: true,
+                        };
+                    }
+                }
+                catch {
+                    // JSON parse failed - use default
+                }
+            }
+        }
+        catch (error) {
+            console.warn('[SASTScanner] LLM analysis failed:', error);
+        }
+        return this.getDefaultRemediation(vuln);
+    }
+    /**
+     * Get default remediation advice without LLM
+     */
+    getDefaultRemediation(vuln) {
+        return vuln.remediation || {
+            description: 'Review and fix the vulnerability following security best practices',
+            estimatedEffort: 'moderate',
+            automatable: false,
+        };
+    }
+}
+//# sourceMappingURL=sast-scanner.js.map

package/v3/dist/domains/security-compliance/services/scanners/sast-scanner.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"sast-scanner.js","sourceRoot":"","sources":["../../../../../src/domains/security-compliance/services/scanners/sast-scanner.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,EAAE,EAAE,IAAI,MAAM,EAAE,MAAM,MAAM,CAAC;AACpC,OAAO,EAAU,EAAE,EAAE,GAAG,EAAE,MAAM,mCAAmC,CAAC;AAoBpE,OAAO,EAAE,qBAAqB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAEnF,+EAA+E;AAC/E,uBAAuB;AACvB,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,OAAO,WAAW;IACL,MAAM,CAAwB;IAC9B,MAAM,CAAgB;IACtB,SAAS,CAAgB;IACzB,WAAW,CAA0B;IAEtD,YACE,MAA6B,EAC7B,MAAqB,EACrB,SAAwB,EACxB,WAAqC;QAErC,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,MAAM,GAAG,MAAM,CAAC;QACrB,IAAI,CAAC,SAAS,GAAG,SAAS,CAAC;QAC3B,IAAI,CAAC,WAAW,GAAG,WAAW,IAAI,IAAI,GAAG,EAAE,CAAC;IAC9C,CAAC;IAED,6EAA6E;IAC7E,iBAAiB;IACjB,6EAA6E;IAE7E;;OAEG;IACH,KAAK,CAAC,SAAS,CAAC,KAAiB;QAC/B,OAAO,IAAI,CAAC,aAAa,CAAC,KAAK,EAAE,IAAI,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAChE,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,aAAa,CACjB,KAAiB,EACjB,UAAoB;QAEpB,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC;QAExB,IAAI,CAAC;YACH,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,gCAAgC,CAAC,CAAC,CAAC;YAC1D,CAAC;YAED,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;YACxC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAE7B,2BAA2B;YAC3B,MAAM,QAAQ,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC,EAAE,EAAE,EAAE,CAChD,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC,EAAE,CAAC,CAC3B,CAAC;YAEF,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC1B,OAAO,GAAG,CAAC,IAAI,KAAK,CAAC,6BAA6B,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;YAC9E,CAAC;YAED,uCAAuC;YACvC,MAAM,eAAe,GAAoB,EAAE,CAAC;YAC5C,IAAI,YAAY,GAAG,CAAC,CAAC;YAErB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,SAAS,GAAG,MAAM,IAAI,CAAC,WAAW,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;gBACzD,eAAe,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,eAAe,CAAC,CAAC;gBACnD,YAAY,IAAI,SAAS,CAAC,YAAY,CAAC;YACzC,CAAC;YAED,MAAM,cAAc,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAE9C,oBAAoB;YACpB,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CACnC,eAAe,EACf,KAAK,CAAC,MAAM,EACZ,cAAc,CACf,CAAC;YAEF,qBAAqB;YACrB,MAAM,QAAQ,GAAqB;gBACjC,YAAY,EAAE,KAAK,CAAC,MAAM;gBAC1B,YAAY;gBACZ,YAAY,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,GAAG,GAAG,EAAE,CAAC,SAAS,EAAE,CAAC,CAAC;aAClE,CAAC;YAEF,+BAA+B;YAC/B,MAAM,IAAI,CAAC,gBAAgB,CAAC,MAAM,EAAE,MAAM,EAAE,eAAe,EAAE,OAAO,CAAC,CAAC;YAEtE,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;YAE1C,OAAO,EAAE,CAAC;gBACR,MAAM;gBACN,eAAe;gBACf,OAAO;gBACP,QAAQ;aACT,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;YACvC,OAAO,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,oBAAoB;QACxB,6DAA6D;QAC7D,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CAC1C,2BAA2B,CAC5B,CAAC;QAEF,OAAO,CAAC,GAAG,kBAAkB,EAAE,GAAG,CAAC,cAAc,IAAI,EAAE,CAAC,CAAC,CAAC;IAC5D,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,kBAAkB,CACtB,aAA4B;QAE5B,IAAI,CAAC;YACH,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,4BAA4B,EAAE,CAAC;gBAC9C,OAAO,EAAE,CAAC;oBACR,eAAe,EAAE,KAAK;oBACtB,UAAU,EAAE,CAAC;oBACb,MAAM,EAAE,sCAAsC;iBAC/C,CAAC,CAAC;YACL,CAAC;YAED,wEAAwE;YACxE,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,aAAa,CAAC,CAAC;YAEhE,sCAAsC;YACtC,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACnB,qBAAqB,aAAa,CAAC,EAAE,EAAE,EACvC,EAAE,aAAa,EAAE,QAAQ,EAAE,EAC3B,EAAE,SAAS,EAAE,qBAAqB,EAAE,GAAG,EAAE,KAAK,GAAG,EAAE,EAAE,CAAC,UAAU;aACjE,CAAC;YAEF,OAAO,EAAE,CAAC,QAAQ,CAAC,CAAC;QACtB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,6EAA6E;IAC7E,kBAAkB;IAClB,6EAA6E;IAE7E;;OAEG;IACK,KAAK,CAAC,WAAW,CACvB,IAAc,EACd,QAAmB;QAEnB,MAAM,eAAe,GAAoB,EAAE,CAAC;QAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC;QAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,SAAS,CAAC;QAEjC,oBAAoB;QACpB,IAAI,OAAe,CAAC;QACpB,IAAI,KAAe,CAAC;QACpB,IAAI,CAAC;YACH,MAAM,EAAE,GAAG,MAAM,MAAM,CAAC,aAAa,CAAC,CAAC;YACvC,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC/C,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC9B,CAAC;QAAC,MAAM,CAAC;YACP,6CAA6C;YAC7C,OAAO,EAAE,eAAe,EAAE,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,CAAC;QAClD,CAAC;QAED,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,CAAC;QAElC,iCAAiC;QACjC,MAAM,mBAAmB,GAAG,CAAC,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC;QACrE,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;YAC7C,OAAO,EAAE,eAAe,EAAE,EAAE,EAAE,YAAY,EAAE,CAAC;QAC/C,CAAC;QAED,2CAA2C;QAC3C,MAAM,oBAAoB,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,UAAU,CAAC,CAAC,CAAC;QAE9E,+DAA+D;QAC/D,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,MAAM,CAAC,CAAC,OAAO,EAAE,EAAE,CAClE,oBAAoB,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAC3C,CAAC;QAEF,gCAAgC;QAChC,KAAK,MAAM,eAAe,IAAI,kBAAkB,EAAE,CAAC;YACjD,MAAM,OAAO,GAAG,IAAI,CAAC,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,eAAe,CAAC,CAAC;YACzE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,8DAA8D;gBAC9D,IAAI,IAAI,CAAC,WAAW,CAAC,OAAO,EAAE,KAAK,CAAC,KAAK,CAAC,IAAI,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,OAAO,CAAC,EAAE,CAAC;oBACpF,SAAS;gBACX,CAAC;gBAED,yBAAyB;gBACzB,IAAI,IAAI,CAAC,kBAAkB,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC/C,SAAS;gBACX,CAAC;gBAED,eAAe,CAAC,IAAI,CAClB,IAAI,CAAC,8BAA8B,CAAC,eAAe,EAAE,QAAQ,EAAE,KAAK,CAAC,CACtE,CAAC;YACJ,CAAC;QACH,CAAC;QAED,OAAO,EAAE,eAAe,EAAE,YAAY,EAAE,CAAC;IAC3C,CAAC;IAED;;OAEG;IACK,kBAAkB,CACxB,OAAe,EACf,KAAe,EACf,eAAgC;QAEhC,MAAM,OAAO,GAA4E,EAAE,CAAC;QAE5F,wCAAwC;QACxC,MAAM,OAAO,GAAG,IAAI,MAAM,CAAC,eAAe,CAAC,OAAO,CAAC,MAAM,EAAE,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;QAE1F,IAAI,KAA6B,CAAC;QAClC,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAChD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC;YAC1B,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC,gBAAgB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;YAE/D,2EAA2E;YAC3E,MAAM,YAAY,GAAa,EAAE,CAAC;YAClC,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;YACxC,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,IAAI,GAAG,CAAC,CAAC,CAAC;YACrD,KAAK,IAAI,CAAC,GAAG,SAAS,EAAE,CAAC,IAAI,OAAO,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC1C,YAAY,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;YAC9B,CAAC;YACD,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAExC,OAAO,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,GAAG,CAAC,EAAE,MAAM,EAAE,MAAM,GAAG,CAAC,EAAE,OAAO,EAAE,CAAC,CAAC,CAAC,YAAY;QACpF,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,OAAe,EAAE,KAAa;QACrD,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAChD,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;QAC9B,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC;QAC9C,OAAO,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC1B,CAAC;IAED;;OAEG;IACK,WAAW,CAAC,OAAe,EAAE,KAAa;QAChD,MAAM,WAAW,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC;QAEhD,gCAAgC;QAChC,MAAM,WAAW,GAAG,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAClD,MAAM,WAAW,GAAG,WAAW,CAAC,SAAS,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC;QAC3D,IAAI,WAAW,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,YAAY,GAAG,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YAC/C,IAAI,KAAK,GAAG,CAAC,WAAW,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,GAAG,YAAY,EAAE,CAAC;gBACrE,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,+BAA+B;QAC/B,MAAM,qBAAqB,GAAG,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAC5D,MAAM,mBAAmB,GAAG,WAAW,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAI,qBAAqB,GAAG,mBAAmB,EAAE,CAAC;YAChD,OAAO,IAAI,CAAC;QACd,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,OAAe;QACvC,MAAM,WAAW,GAAG;YAClB,gBAAgB;YAChB,oBAAoB;YACpB,kBAAkB;YAClB,gBAAgB;YAChB,eAAe;SAChB,CAAC;QACF,OAAO,WAAW,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAC9D,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,KAAe,EAAE,UAAkB;QAC5D,MAAM,SAAS,GAAG,UAAU,GAAG,CAAC,CAAC;QACjC,IAAI,SAAS,GAAG,CAAC,IAAI,SAAS,IAAI,KAAK,CAAC,MAAM,EAAE,CAAC;YAC/C,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,WAAW,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;QACrC,MAAM,YAAY,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QAE/D,MAAM,aAAa,GAAG;YACpB,eAAe;YACf,yBAAyB;YACzB,sBAAsB;YACtB,YAAY;SACb,CAAC;QAEF,OAAO,aAAa,CAAC,IAAI,CACvB,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CACrE,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,8BAA8B,CACpC,OAAwB,EACxB,IAAY,EACZ,KAAwD;QAExD,MAAM,QAAQ,GAA0B;YACtC,IAAI;YACJ,IAAI,EAAE,KAAK,CAAC,IAAI;YAChB,MAAM,EAAE,KAAK,CAAC,MAAM;YACpB,OAAO,EAAE,KAAK,CAAC,OAAO;SACvB,CAAC;QAEF,MAAM,WAAW,GAAsB;YACrC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,eAAe,EAAE,IAAI,CAAC,oBAAoB,CAAC,OAAO,CAAC,QAAQ,CAAC;YAC5D,WAAW,EAAE,OAAO,CAAC,QAAQ,KAAK,KAAK,IAAI,OAAO,CAAC,QAAQ,KAAK,eAAe;SAChF,CAAC;QAEF,OAAO;YACL,EAAE,EAAE,MAAM,EAAE;YACZ,KAAK,EAAE,SAAS;YAChB,KAAK,EAAE,OAAO,CAAC,KAAK;YACpB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,KAAK,OAAO,CAAC,KAAK,GAAG;YACxD,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,QAAQ;YACR,WAAW;YACX,UAAU,EAAE;gBACV,2BAA2B,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,GAAG,EAAE,GAAG,CAAC,GAAG;gBAC/D,0CAA0C,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO;aACnF;SACF,CAAC;IACJ,CAAC;IAEO,oBAAoB,CAC1B,QAA+B;QAE/B,MAAM,OAAO,GAAwE;YACnF,QAAQ,EAAE,OAAO;YACjB,IAAI,EAAE,UAAU;YAChB,MAAM,EAAE,OAAO;YACf,GAAG,EAAE,SAAS;YACd,aAAa,EAAE,SAAS;SACzB,CAAC;QACF,OAAO,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC3B,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,oBAAoB,CAChC,aAA4B;QAE5B,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,IAAI,UAAU,GAAG,GAAG,CAAC;QACrB,IAAI,MAAM,GAAG,2BAA2B,CAAC;QAEzC,2CAA2C;QAC3C,IAAI,aAAa,CAAC,QAAQ,KAAK,eAAe,EAAE,CAAC;YAC/C,UAAU,GAAG,GAAG,CAAC;YACjB,MAAM,GAAG,yDAAyD,CAAC;QACrE,CAAC;QAED,IACE,aAAa,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,MAAM,CAAC;YAChD,aAAa,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,EAC5C,CAAC;YACD,eAAe,GAAG,IAAI,CAAC;YACvB,UAAU,GAAG,GAAG,CAAC;YACjB,MAAM,GAAG,kCAAkC,CAAC;QAC9C,CAAC;QAED,IAAI,aAAa,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;YACzD,eAAe,GAAG,IAAI,CAAC;YACvB,UAAU,GAAG,IAAI,CAAC;YAClB,MAAM,GAAG,iDAAiD,CAAC;QAC7D,CAAC;QAED,OAAO,EAAE,eAAe,EAAE,UAAU,EAAE,MAAM,EAAE,CAAC;IACjD,CAAC;IAED;;OAEG;IACK,gBAAgB,CACtB,eAAgC,EAChC,UAAkB,EAClB,cAAsB;QAEtB,MAAM,OAAO,GAAuB;YAClC,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;YACN,aAAa,EAAE,CAAC;YAChB,UAAU;YACV,cAAc;SACf,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC3B,CAAC;QAED,OAAO,OAAsB,CAAC;IAChC,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,gBAAgB,CAC5B,MAAc,EACd,QAAgB,EAChB,eAAgC,EAChC,OAAoB;QAEpB,MAAM,IAAI,CAAC,MAAM,CAAC,GAAG,CACnB,iBAAiB,MAAM,EAAE,EACzB;YACE,MAAM;YACN,QAAQ;YACR,eAAe;YACf,OAAO;YACP,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACpC,EACD,EAAE,SAAS,EAAE,qBAAqB,EAAE,GAAG,EAAE,KAAK,GAAG,CAAC,EAAE,CAAC,SAAS;SAC/D,CAAC;IACJ,CAAC;IAED,6EAA6E;IAC7E,oCAAoC;IACpC,6EAA6E;IAE7E;;OAEG;IACH,sBAAsB;QACpB,OAAO,IAAI,CAAC,MAAM,CAAC,iBAAiB,IAAI,IAAI,CAAC,SAAS,KAAK,SAAS,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAY;QAC1B,QAAQ,IAAI,EAAE,CAAC;YACb,KAAK,CAAC,CAAC,CAAC,OAAO,2BAA2B,CAAC;YAC3C,KAAK,CAAC,CAAC,CAAC,OAAO,0BAA0B,CAAC;YAC1C,KAAK,CAAC,CAAC,CAAC,OAAO,0BAA0B,CAAC;YAC1C,KAAK,CAAC,CAAC,CAAC,OAAO,0BAA0B,CAAC;YAC1C,OAAO,CAAC,CAAC,OAAO,0BAA0B,CAAC,CAAC,+BAA+B;QAC7E,CAAC;IACH,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,2BAA2B,CAC/B,IAAmB,EACnB,WAAmB;QAEnB,IAAI,CAAC,IAAI,CAAC,SAAS,EAAE,CAAC;YACpB,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;QAC1C,CAAC;QAED,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YAE/D,MAAM,QAAQ,GAAiB,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;gBACvD,QAAQ,EAAE;oBACR;wBACE,IAAI,EAAE,QAAQ;wBACd,OAAO,EAAE;;;;;sJAKiI;qBAC3I;oBACD;wBACE,IAAI,EAAE,MAAM;wBACZ,OAAO,EAAE,kBAAkB,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,QAAQ;YACvD,IAAI,CAAC,QAAQ;eACV,IAAI,CAAC,WAAW;;;;EAI7B,WAAW;;;2DAG8C;qBAChD;iBACF;gBACD,KAAK,EAAE,OAAO;gBACd,SAAS,EAAE,IAAI;gBACf,WAAW,EAAE,GAAG;aACjB,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,OAAO,EAAE,CAAC;gBACrB,IAAI,CAAC;oBACH,MAAM,SAAS,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;oBACxD,IAAI,SAAS,EAAE,CAAC;wBACd,MAAM,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC1C,OAAO;4BACL,WAAW,EAAE,QAAQ,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,EAAE,WAAW,IAAI,kCAAkC;4BACxG,UAAU,EAAE,QAAQ,CAAC,UAAU,IAAI,IAAI,CAAC,WAAW,EAAE,UAAU;4BAC/D,eAAe,EAAE,QAAQ,CAAC,eAAe,IAAI,IAAI,CAAC,WAAW,EAAE,eAAe,IAAI,UAAU;4BAC5F,WAAW,EAAE,QAAQ,CAAC,WAAW,IAAI,IAAI,CAAC,WAAW,EAAE,WAAW,IAAI,KAAK;4BAC3E,WAAW,EAAE,IAAI;yBAClB,CAAC;oBACJ,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,kCAAkC;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC,oCAAoC,EAAE,KAAK,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,IAAI,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,qBAAqB,CAAC,IAAmB;QAC/C,OAAO,IAAI,CAAC,WAAW,IAAI;YACzB,WAAW,EAAE,oEAAoE;YACjF,eAAe,EAAE,UAAU;YAC3B,WAAW,EAAE,KAAK;SACnB,CAAC;IACJ,CAAC;CACF"}