agentlint 0.1.0

package/dist/scanner.js

@@ -0,0 +1,441 @@
+"use strict";
+/**
+ * AgentLint Scanner
+ * Core orchestration for parsing, rule evaluation, and report generation
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.Scanner = void 0;
+const fs = __importStar(require("fs"));
+const path = __importStar(require("path"));
+const glob_1 = require("glob");
+const types_1 = require("./ir/types");
+const factory_1 = require("./parsers/factory");
+const engine_1 = require("./rules/engine");
+const types_2 = require("./policy/types");
+const hash_1 = require("./utils/hash");
+/**
+ * Main scanner class
+ */
+class Scanner {
+    parserFactory;
+    ruleEngine;
+    options;
+    constructor(options = {}) {
+        this.options = {
+            root: options.root || process.cwd(),
+            include: options.include || types_2.DEFAULT_POLICY.scan.include,
+            exclude: options.exclude || types_2.DEFAULT_POLICY.scan.exclude,
+            policy: options.policy || types_2.DEFAULT_POLICY,
+            ciMode: options.ciMode || false,
+        };
+        const sourceId = (0, hash_1.generateId)('src');
+        this.parserFactory = new factory_1.ParserFactory({
+            sourceId,
+            minConfidence: this.options.policy.scan.min_parse_confidence,
+        });
+        this.ruleEngine = new engine_1.RuleEngine({
+            minConfidence: this.options.policy.policy.min_finding_confidence,
+            disabledRules: this.options.policy.rules.disable,
+            severityOverrides: this.options.policy.rules.severity_overrides,
+        });
+    }
+    /**
+     * Run the scan
+     */
+    async scan() {
+        const errors = [];
+        // Find files to scan
+        const files = await this.findFiles();
+        if (files.length === 0) {
+            const status = this.options.policy.policy.no_supported_files_as === 'fail' ? 'fail' :
+                this.options.policy.policy.no_supported_files_as === 'warn' ? 'warn' : 'pass';
+            const exitCode = status === 'fail' ? 4 : 0;
+            return {
+                documents: [],
+                findings: [],
+                capabilitySummary: this.createEmptyCapabilitySummary(),
+                recommendedPermissions: this.createEmptyPermissionManifest(),
+                status,
+                exitCode,
+                errors: ['No supported agent configuration files found'],
+            };
+        }
+        // Parse all files
+        const documents = [];
+        for (const file of files) {
+            try {
+                const content = fs.readFileSync(file, 'utf-8');
+                const relativePath = path.relative(this.options.root, file);
+                const result = this.parserFactory.parse(relativePath, content);
+                if (result.document) {
+                    documents.push(result.document);
+                }
+                if (result.errors.length > 0) {
+                    errors.push(...result.errors);
+                }
+            }
+            catch (e) {
+                const msg = e instanceof Error ? e.message : String(e);
+                errors.push(`Failed to read ${file}: ${msg}`);
+            }
+        }
+        // Compute capability summary
+        const capabilitySummary = this.computeCapabilitySummary(documents);
+        // Run rule engine
+        const findings = this.ruleEngine.evaluateAll(documents, capabilitySummary);
+        // Generate recommended permissions
+        const recommendedPermissions = this.generateRecommendedPermissions(capabilitySummary);
+        // Determine status and exit code
+        const { status, exitCode } = this.determineStatus(findings, errors);
+        return {
+            documents,
+            findings,
+            capabilitySummary,
+            recommendedPermissions,
+            status,
+            exitCode,
+            errors,
+        };
+    }
+    /**
+     * Find files matching the include/exclude patterns
+     */
+    async findFiles() {
+        const allFiles = [];
+        for (const pattern of this.options.include) {
+            const matches = await (0, glob_1.glob)(pattern, {
+                cwd: this.options.root,
+                absolute: true,
+                ignore: this.options.exclude,
+                nodir: true,
+            });
+            allFiles.push(...matches);
+        }
+        // Filter to only files we can handle
+        const supportedFiles = allFiles.filter(f => {
+            const relativePath = path.relative(this.options.root, f);
+            return this.parserFactory.canHandle(relativePath);
+        });
+        // Deduplicate
+        return [...new Set(supportedFiles)];
+    }
+    /**
+     * Compute capability summary from all documents
+     */
+    computeCapabilitySummary(documents) {
+        const summary = {
+            filesystem: {
+                read: [],
+                write: [],
+                touches_sensitive_paths: [],
+            },
+            shell_exec: {
+                enabled: false,
+                dynamic_detected: false,
+                examples: [],
+            },
+            network: {
+                outbound: false,
+                inbound: false,
+                allowed_domains: [],
+                fetches_executable: false,
+            },
+            secrets: {
+                env_vars_referenced: [],
+                files_referenced: [],
+                propagation_detected: false,
+            },
+            git: {
+                ops: [],
+            },
+            contexts: {
+                has_hooks: false,
+                has_ci_context: false,
+            },
+        };
+        for (const doc of documents) {
+            // Check context
+            if (doc.doc_type === 'hook') {
+                summary.contexts.has_hooks = true;
+            }
+            if (doc.context_profile.runs_in_privileged_env) {
+                summary.contexts.has_ci_context = true;
+            }
+            // Process actions
+            for (const action of doc.actions) {
+                switch (action.type) {
+                    case 'shell_exec':
+                        summary.shell_exec.enabled = true;
+                        if (action.shell?.dynamic) {
+                            summary.shell_exec.dynamic_detected = true;
+                        }
+                        if (action.shell?.command && summary.shell_exec.examples.length < 5) {
+                            summary.shell_exec.examples.push(action.shell.command);
+                        }
+                        break;
+                    case 'network_call':
+                        if (action.network?.direction === 'outbound') {
+                            summary.network.outbound = true;
+                        }
+                        if (action.network?.direction === 'inbound') {
+                            summary.network.inbound = true;
+                        }
+                        if (action.network?.domains) {
+                            summary.network.allowed_domains.push(...action.network.domains);
+                        }
+                        if (action.network?.fetches_executable) {
+                            summary.network.fetches_executable = true;
+                        }
+                        break;
+                    case 'file_write':
+                        if (action.filesystem?.paths) {
+                            summary.filesystem.write.push(...action.filesystem.paths);
+                        }
+                        if (action.filesystem?.sensitive_paths_touched) {
+                            summary.filesystem.touches_sensitive_paths.push(...action.filesystem.sensitive_paths_touched);
+                        }
+                        break;
+                    case 'file_read':
+                        if (action.filesystem?.paths) {
+                            summary.filesystem.read.push(...action.filesystem.paths);
+                        }
+                        break;
+                    case 'git_operation':
+                        if (action.git?.operation) {
+                            summary.git.ops.push(action.git.operation);
+                        }
+                        break;
+                }
+                // Check for secrets
+                if (action.secrets) {
+                    if (action.secrets.reads_env_vars) {
+                        summary.secrets.env_vars_referenced.push(...action.secrets.reads_env_vars);
+                    }
+                    if (action.secrets.reads_files) {
+                        summary.secrets.files_referenced.push(...action.secrets.reads_files);
+                    }
+                    if (action.secrets.propagates_to && action.secrets.propagates_to.length > 0) {
+                        summary.secrets.propagation_detected = true;
+                    }
+                }
+            }
+        }
+        // Deduplicate arrays
+        summary.filesystem.read = [...new Set(summary.filesystem.read)];
+        summary.filesystem.write = [...new Set(summary.filesystem.write)];
+        summary.filesystem.touches_sensitive_paths = [...new Set(summary.filesystem.touches_sensitive_paths)];
+        summary.network.allowed_domains = [...new Set(summary.network.allowed_domains)];
+        summary.secrets.env_vars_referenced = [...new Set(summary.secrets.env_vars_referenced)];
+        summary.secrets.files_referenced = [...new Set(summary.secrets.files_referenced)];
+        summary.git.ops = [...new Set(summary.git.ops)];
+        return summary;
+    }
+    /**
+     * Generate recommended permission manifest based on detected capabilities
+     */
+    generateRecommendedPermissions(summary) {
+        // Generate a conservative (restrictive) manifest based on what we detected
+        return {
+            manifest_version: types_1.PERMISSIONS_VERSION,
+            permissions: {
+                filesystem: {
+                    read: summary.filesystem.read.length > 0 ? summary.filesystem.read : ['**/*'],
+                    write: summary.filesystem.write.filter(p => !this.isBroadPath(p)),
+                    delete: [],
+                },
+                shell_exec: {
+                    // Recommend disabling shell if dynamic execution was detected
+                    enabled: summary.shell_exec.enabled && !summary.shell_exec.dynamic_detected,
+                    allowed_commands: summary.shell_exec.examples
+                        .filter(cmd => !this.isDynamicCommand(cmd))
+                        .slice(0, 10),
+                },
+                network: {
+                    // Recommend disabling network if executable fetching was detected
+                    outbound: summary.network.outbound && !summary.network.fetches_executable,
+                    allowed_domains: summary.network.allowed_domains,
+                },
+                secrets: {
+                    // Recommend no secret access
+                    env_vars: [],
+                    files: [],
+                },
+                git: {
+                    allowed_ops: summary.git.ops,
+                },
+            },
+        };
+    }
+    isBroadPath(path) {
+        return ['**/*', '**', '*', './'].includes(path);
+    }
+    isDynamicCommand(cmd) {
+        return /curl.*\|.*(?:bash|sh)/i.test(cmd) ||
+            /wget.*\|.*(?:bash|sh)/i.test(cmd) ||
+            /\beval\b/i.test(cmd);
+    }
+    /**
+     * Determine scan status and exit code based on findings
+     */
+    determineStatus(findings, errors) {
+        const policy = this.options.policy.policy;
+        // Check for high severity findings
+        if (policy.fail_on !== 'none') {
+            const failFindings = this.ruleEngine.filterBySeverity(findings, policy.fail_on);
+            if (failFindings.length > 0) {
+                return { status: 'fail', exitCode: 1 };
+            }
+        }
+        // Check for warning severity findings
+        if (policy.warn_on !== 'none') {
+            const warnFindings = this.ruleEngine.filterBySeverity(findings, policy.warn_on);
+            if (warnFindings.length > 0) {
+                return { status: 'warn', exitCode: 0 };
+            }
+        }
+        // Check for parse errors in strict mode
+        if (policy.strict && errors.length > 0) {
+            return { status: 'fail', exitCode: 4 };
+        }
+        return { status: 'pass', exitCode: 0 };
+    }
+    createEmptyCapabilitySummary() {
+        return {
+            filesystem: { read: [], write: [], touches_sensitive_paths: [] },
+            shell_exec: { enabled: false, dynamic_detected: false, examples: [] },
+            network: { outbound: false, inbound: false, allowed_domains: [], fetches_executable: false },
+            secrets: { env_vars_referenced: [], files_referenced: [], propagation_detected: false },
+            git: { ops: [] },
+            contexts: { has_hooks: false, has_ci_context: false },
+        };
+    }
+    createEmptyPermissionManifest() {
+        return {
+            manifest_version: types_1.PERMISSIONS_VERSION,
+            permissions: {
+                filesystem: { read: [], write: [], delete: [] },
+                shell_exec: { enabled: false, allowed_commands: [] },
+                network: { outbound: false, allowed_domains: [] },
+                secrets: { env_vars: [], files: [] },
+                git: { allowed_ops: [] },
+            },
+        };
+    }
+    /**
+     * Create report data for output generation
+     */
+    createReportData(result) {
+        const documentSummaries = result.documents.map(doc => ({
+            doc_id: doc.doc_id,
+            path: doc.path,
+            tool_family: doc.tool_family,
+            doc_type: doc.doc_type,
+            format: doc.format,
+            hash: doc.hash.value,
+            parse: doc.parse,
+            context_profile: doc.context_profile,
+            action_counts: {
+                shell_exec: doc.actions.filter(a => a.type === 'shell_exec').length,
+                file_write: doc.actions.filter(a => a.type === 'file_write').length,
+                network_call: doc.actions.filter(a => a.type === 'network_call').length,
+                secrets: doc.actions.filter(a => a.secrets && (a.secrets.reads_env_vars?.length || a.secrets.reads_files?.length)).length,
+            },
+        }));
+        const counts = this.ruleEngine.countBySeverity(result.findings);
+        const report = {
+            report_version: types_1.REPORT_VERSION,
+            schema_version: types_1.IR_SCHEMA_VERSION,
+            generated_at: new Date().toISOString(),
+            tool: {
+                name: 'agentlint',
+                version: '0.1.0',
+                build: {
+                    os: process.platform,
+                    arch: process.arch,
+                },
+            },
+            inputs: {
+                scan_root: this.options.root,
+                sources: [],
+                include: this.options.include,
+                exclude: this.options.exclude,
+                tool_mode: this.options.policy.scan.tool_mode,
+            },
+            policy: {
+                ci_mode: this.options.ciMode,
+                fail_on: this.options.policy.policy.fail_on,
+                warn_on: this.options.policy.policy.warn_on,
+                min_confidence: this.options.policy.policy.min_finding_confidence,
+                rules_disabled: this.options.policy.rules.disable,
+                severity_overrides: this.options.policy.rules.severity_overrides,
+            },
+            summary: {
+                documents_scanned: result.documents.length,
+                files_matched: result.documents.length,
+                parse: {
+                    ok: result.documents.filter(d => d.parse.status === 'ok').length,
+                    partial: result.documents.filter(d => d.parse.status === 'partial').length,
+                    failed: result.documents.filter(d => d.parse.status === 'failed').length,
+                },
+                contexts: {
+                    has_hooks: result.capabilitySummary.contexts.has_hooks,
+                    has_ci_context: result.capabilitySummary.contexts.has_ci_context,
+                },
+                counts_by_severity: counts,
+                status: result.status,
+                exit_code: result.exitCode,
+            },
+            documents: documentSummaries,
+            capability_summary: result.capabilitySummary,
+            recommended_permissions: result.recommendedPermissions,
+            findings: result.findings,
+            diff: null,
+            errors: result.errors.map(e => ({ code: 'INTERNAL_ERROR', message: e })),
+            annotations: {},
+        };
+        return {
+            report,
+            findings: result.findings,
+            capabilitySummary: result.capabilitySummary,
+            recommendedPermissions: result.recommendedPermissions,
+            documents: documentSummaries,
+            status: result.status,
+            exitCode: result.exitCode,
+        };
+    }
+}
+exports.Scanner = Scanner;
+//# sourceMappingURL=scanner.js.map

package/dist/scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../src/scanner.ts"],"names":[],"mappings":";AAAA;;;GAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAEH,uCAAyB;AACzB,2CAA6B;AAC7B,+BAA4B;AAC5B,sCAYoB;AACpB,+CAAkD;AAClD,2CAA4C;AAC5C,0CAA8D;AAC9D,uCAAkD;AAqBlD;;GAEG;AACH,MAAa,OAAO;IACV,aAAa,CAAgB;IAC7B,UAAU,CAAa;IACvB,OAAO,CAAc;IAE7B,YAAY,UAAgC,EAAE;QAC5C,IAAI,CAAC,OAAO,GAAG;YACb,IAAI,EAAE,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,GAAG,EAAE;YACnC,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,sBAAc,CAAC,IAAI,CAAC,OAAO;YACvD,OAAO,EAAE,OAAO,CAAC,OAAO,IAAI,sBAAc,CAAC,IAAI,CAAC,OAAO;YACvD,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,sBAAc;YACxC,MAAM,EAAE,OAAO,CAAC,MAAM,IAAI,KAAK;SAChC,CAAC;QAEF,MAAM,QAAQ,GAAG,IAAA,iBAAU,EAAC,KAAK,CAAC,CAAC;QACnC,IAAI,CAAC,aAAa,GAAG,IAAI,uBAAa,CAAC;YACrC,QAAQ;YACR,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,oBAAoB;SAC7D,CAAC,CAAC;QAEH,IAAI,CAAC,UAAU,GAAG,IAAI,mBAAU,CAAC;YAC/B,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,sBAAsB;YAChE,aAAa,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO;YAChD,iBAAiB,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB;SAChE,CAAC,CAAC;IACL,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI;QACR,MAAM,MAAM,GAAa,EAAE,CAAC;QAE5B,qBAAqB;QACrB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,SAAS,EAAE,CAAC;QAErC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;gBACtE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,qBAAqB,KAAK,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;YAC7F,MAAM,QAAQ,GAAG,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAE3C,OAAO;gBACL,SAAS,EAAE,EAAE;gBACb,QAAQ,EAAE,EAAE;gBACZ,iBAAiB,EAAE,IAAI,CAAC,4BAA4B,EAAE;gBACtD,sBAAsB,EAAE,IAAI,CAAC,6BAA6B,EAAE;gBAC5D,MAAM;gBACN,QAAQ;gBACR,MAAM,EAAE,CAAC,8CAA8C,CAAC;aACzD,CAAC;QACJ,CAAC;QAED,kBAAkB;QAClB,MAAM,SAAS,GAAoB,EAAE,CAAC;QACtC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBAC/C,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;gBAC5D,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,KAAK,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;gBAE/D,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;oBACpB,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;gBAClC,CAAC;gBACD,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;gBAChC,CAAC;YACH,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBACvD,MAAM,CAAC,IAAI,CAAC,kBAAkB,IAAI,KAAK,GAAG,EAAE,CAAC,CAAC;YAChD,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,MAAM,iBAAiB,GAAG,IAAI,CAAC,wBAAwB,CAAC,SAAS,CAAC,CAAC;QAEnE,kBAAkB;QAClB,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,CAAC,WAAW,CAAC,SAAS,EAAE,iBAAiB,CAAC,CAAC;QAE3E,mCAAmC;QACnC,MAAM,sBAAsB,GAAG,IAAI,CAAC,8BAA8B,CAAC,iBAAiB,CAAC,CAAC;QAEtF,iCAAiC;QACjC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAEpE,OAAO;YACL,SAAS;YACT,QAAQ;YACR,iBAAiB;YACjB,sBAAsB;YACtB,MAAM;YACN,QAAQ;YACR,MAAM;SACP,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,SAAS;QACrB,MAAM,QAAQ,GAAa,EAAE,CAAC;QAE9B,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAG,MAAM,IAAA,WAAI,EAAC,OAAO,EAAE;gBAClC,GAAG,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI;gBACtB,QAAQ,EAAE,IAAI;gBACd,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;gBAC5B,KAAK,EAAE,IAAI;aACZ,CAAC,CAAC;YACH,QAAQ,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;QAC5B,CAAC;QAED,qCAAqC;QACrC,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE;YACzC,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YACzD,OAAO,IAAI,CAAC,aAAa,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACpD,CAAC,CAAC,CAAC;QAEH,cAAc;QACd,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC;IACtC,CAAC;IAED;;OAEG;IACK,wBAAwB,CAAC,SAA0B;QACzD,MAAM,OAAO,GAAsB;YACjC,UAAU,EAAE;gBACV,IAAI,EAAE,EAAE;gBACR,KAAK,EAAE,EAAE;gBACT,uBAAuB,EAAE,EAAE;aAC5B;YACD,UAAU,EAAE;gBACV,OAAO,EAAE,KAAK;gBACd,gBAAgB,EAAE,KAAK;gBACvB,QAAQ,EAAE,EAAE;aACb;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,KAAK;gBACd,eAAe,EAAE,EAAE;gBACnB,kBAAkB,EAAE,KAAK;aAC1B;YACD,OAAO,EAAE;gBACP,mBAAmB,EAAE,EAAE;gBACvB,gBAAgB,EAAE,EAAE;gBACpB,oBAAoB,EAAE,KAAK;aAC5B;YACD,GAAG,EAAE;gBACH,GAAG,EAAE,EAAE;aACR;YACD,QAAQ,EAAE;gBACR,SAAS,EAAE,KAAK;gBAChB,cAAc,EAAE,KAAK;aACtB;SACF,CAAC;QAEF,KAAK,MAAM,GAAG,IAAI,SAAS,EAAE,CAAC;YAC5B,gBAAgB;YAChB,IAAI,GAAG,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gBAC5B,OAAO,CAAC,QAAQ,CAAC,SAAS,GAAG,IAAI,CAAC;YACpC,CAAC;YACD,IAAI,GAAG,CAAC,eAAe,CAAC,sBAAsB,EAAE,CAAC;gBAC/C,OAAO,CAAC,QAAQ,CAAC,cAAc,GAAG,IAAI,CAAC;YACzC,CAAC;YAED,kBAAkB;YAClB,KAAK,MAAM,MAAM,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC;gBACjC,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC;oBACpB,KAAK,YAAY;wBACf,OAAO,CAAC,UAAU,CAAC,OAAO,GAAG,IAAI,CAAC;wBAClC,IAAI,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,CAAC;4BAC1B,OAAO,CAAC,UAAU,CAAC,gBAAgB,GAAG,IAAI,CAAC;wBAC7C,CAAC;wBACD,IAAI,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;4BACpE,OAAO,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;wBACzD,CAAC;wBACD,MAAM;oBAER,KAAK,cAAc;wBACjB,IAAI,MAAM,CAAC,OAAO,EAAE,SAAS,KAAK,UAAU,EAAE,CAAC;4BAC7C,OAAO,CAAC,OAAO,CAAC,QAAQ,GAAG,IAAI,CAAC;wBAClC,CAAC;wBACD,IAAI,MAAM,CAAC,OAAO,EAAE,SAAS,KAAK,SAAS,EAAE,CAAC;4BAC5C,OAAO,CAAC,OAAO,CAAC,OAAO,GAAG,IAAI,CAAC;wBACjC,CAAC;wBACD,IAAI,MAAM,CAAC,OAAO,EAAE,OAAO,EAAE,CAAC;4BAC5B,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;wBAClE,CAAC;wBACD,IAAI,MAAM,CAAC,OAAO,EAAE,kBAAkB,EAAE,CAAC;4BACvC,OAAO,CAAC,OAAO,CAAC,kBAAkB,GAAG,IAAI,CAAC;wBAC5C,CAAC;wBACD,MAAM;oBAER,KAAK,YAAY;wBACf,IAAI,MAAM,CAAC,UAAU,EAAE,KAAK,EAAE,CAAC;4BAC7B,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;wBAC5D,CAAC;wBACD,IAAI,MAAM,CAAC,UAAU,EAAE,uBAAuB,EAAE,CAAC;4BAC/C,OAAO,CAAC,UAAU,CAAC,uBAAuB,CAAC,IAAI,CAC7C,GAAG,MAAM,CAAC,UAAU,CAAC,uBAAuB,CAC7C,CAAC;wBACJ,CAAC;wBACD,MAAM;oBAER,KAAK,WAAW;wBACd,IAAI,MAAM,CAAC,UAAU,EAAE,KAAK,EAAE,CAAC;4BAC7B,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;wBAC3D,CAAC;wBACD,MAAM;oBAER,KAAK,eAAe;wBAClB,IAAI,MAAM,CAAC,GAAG,EAAE,SAAS,EAAE,CAAC;4BAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;wBAC7C,CAAC;wBACD,MAAM;gBACV,CAAC;gBAED,oBAAoB;gBACpB,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;oBACnB,IAAI,MAAM,CAAC,OAAO,CAAC,cAAc,EAAE,CAAC;wBAClC,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;oBAC7E,CAAC;oBACD,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC;wBAC/B,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;oBACvE,CAAC;oBACD,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;wBAC5E,OAAO,CAAC,OAAO,CAAC,oBAAoB,GAAG,IAAI,CAAC;oBAC9C,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,qBAAqB;QACrB,OAAO,CAAC,UAAU,CAAC,IAAI,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC;QAChE,OAAO,CAAC,UAAU,CAAC,KAAK,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC;QAClE,OAAO,CAAC,UAAU,CAAC,uBAAuB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,UAAU,CAAC,uBAAuB,CAAC,CAAC,CAAC;QACtG,OAAO,CAAC,OAAO,CAAC,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC,CAAC;QAChF,OAAO,CAAC,OAAO,CAAC,mBAAmB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC,CAAC;QACxF,OAAO,CAAC,OAAO,CAAC,gBAAgB,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,CAAC;QAClF,OAAO,CAAC,GAAG,CAAC,GAAG,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAEhD,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,8BAA8B,CAAC,OAA0B;QAC/D,2EAA2E;QAC3E,OAAO;YACL,gBAAgB,EAAE,2BAAmB;YACrC,WAAW,EAAE;gBACX,UAAU,EAAE;oBACV,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;oBAC7E,KAAK,EAAE,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC;oBACjE,MAAM,EAAE,EAAE;iBACX;gBACD,UAAU,EAAE;oBACV,8DAA8D;oBAC9D,OAAO,EAAE,OAAO,CAAC,UAAU,CAAC,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,gBAAgB;oBAC3E,gBAAgB,EAAE,OAAO,CAAC,UAAU,CAAC,QAAQ;yBAC1C,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC;yBAC1C,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;iBAChB;gBACD,OAAO,EAAE;oBACP,kEAAkE;oBAClE,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC,QAAQ,IAAI,CAAC,OAAO,CAAC,OAAO,CAAC,kBAAkB;oBACzE,eAAe,EAAE,OAAO,CAAC,OAAO,CAAC,eAAe;iBACjD;gBACD,OAAO,EAAE;oBACP,6BAA6B;oBAC7B,QAAQ,EAAE,EAAE;oBACZ,KAAK,EAAE,EAAE;iBACV;gBACD,GAAG,EAAE;oBACH,WAAW,EAAE,OAAO,CAAC,GAAG,CAAC,GAAG;iBAC7B;aACF;SACF,CAAC;IACJ,CAAC;IAEO,WAAW,CAAC,IAAY;QAC9B,OAAO,CAAC,MAAM,EAAE,IAAI,EAAE,GAAG,EAAE,IAAI,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;IAClD,CAAC;IAEO,gBAAgB,CAAC,GAAW;QAClC,OAAO,wBAAwB,CAAC,IAAI,CAAC,GAAG,CAAC;YAClC,wBAAwB,CAAC,IAAI,CAAC,GAAG,CAAC;YAClC,WAAW,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,QAAmB,EAAE,MAAgB;QAC3D,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC;QAE1C,mCAAmC;QACnC,IAAI,MAAM,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAc,CAAC,CAAC;YACvF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;YACzC,CAAC;QACH,CAAC;QAED,sCAAsC;QACtC,IAAI,MAAM,CAAC,OAAO,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,YAAY,GAAG,IAAI,CAAC,UAAU,CAAC,gBAAgB,CAAC,QAAQ,EAAE,MAAM,CAAC,OAAc,CAAC,CAAC;YACvF,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;YACzC,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,MAAM,CAAC,MAAM,IAAI,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACvC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;QACzC,CAAC;QAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,CAAC,EAAE,CAAC;IACzC,CAAC;IAEO,4BAA4B;QAClC,OAAO;YACL,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,uBAAuB,EAAE,EAAE,EAAE;YAChE,UAAU,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE,EAAE;YACrE,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,OAAO,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE,kBAAkB,EAAE,KAAK,EAAE;YAC5F,OAAO,EAAE,EAAE,mBAAmB,EAAE,EAAE,EAAE,gBAAgB,EAAE,EAAE,EAAE,oBAAoB,EAAE,KAAK,EAAE;YACvF,GAAG,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE;YAChB,QAAQ,EAAE,EAAE,SAAS,EAAE,KAAK,EAAE,cAAc,EAAE,KAAK,EAAE;SACtD,CAAC;IACJ,CAAC;IAEO,6BAA6B;QACnC,OAAO;YACL,gBAAgB,EAAE,2BAAmB;YACrC,WAAW,EAAE;gBACX,UAAU,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;gBAC/C,UAAU,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,gBAAgB,EAAE,EAAE,EAAE;gBACpD,OAAO,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,eAAe,EAAE,EAAE,EAAE;gBACjD,OAAO,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;gBACpC,GAAG,EAAE,EAAE,WAAW,EAAE,EAAE,EAAE;aACzB;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,gBAAgB,CAAC,MAAkB;QACjC,MAAM,iBAAiB,GAAsB,MAAM,CAAC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YACxE,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,WAAW,EAAE,GAAG,CAAC,WAAW;YAC5B,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,KAAK;YACpB,KAAK,EAAE,GAAG,CAAC,KAAK;YAChB,eAAe,EAAE,GAAG,CAAC,eAAe;YACpC,aAAa,EAAE;gBACb,UAAU,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,MAAM;gBACnE,UAAU,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC,MAAM;gBACnE,YAAY,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC,MAAM;gBACvE,OAAO,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,cAAc,EAAE,MAAM,IAAI,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,MAAM;aAC1H;SACF,CAAC,CAAC,CAAC;QAEJ,MAAM,MAAM,GAAG,IAAI,CAAC,UAAU,CAAC,eAAe,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAEhE,MAAM,MAAM,GAAoB;YAC9B,cAAc,EAAE,sBAAc;YAC9B,cAAc,EAAE,yBAAiB;YACjC,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACtC,IAAI,EAAE;gBACJ,IAAI,EAAE,WAAW;gBACjB,OAAO,EAAE,OAAO;gBAChB,KAAK,EAAE;oBACL,EAAE,EAAE,OAAO,CAAC,QAAQ;oBACpB,IAAI,EAAE,OAAO,CAAC,IAAI;iBACnB;aACF;YACD,MAAM,EAAE;gBACN,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI;gBAC5B,OAAO,EAAE,EAAE;gBACX,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;gBAC7B,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,OAAO;gBAC7B,SAAS,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS;aAC9C;YACD,MAAM,EAAE;gBACN,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM;gBAC5B,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO;gBAC3C,OAAO,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,OAAO;gBAC3C,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,MAAM,CAAC,sBAAsB;gBACjE,cAAc,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO;gBACjD,kBAAkB,EAAE,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,kBAAkB;aACjE;YACD,OAAO,EAAE;gBACP,iBAAiB,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM;gBAC1C,aAAa,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM;gBACtC,KAAK,EAAE;oBACL,EAAE,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,IAAI,CAAC,CAAC,MAAM;oBAChE,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,MAAM;oBAC1E,MAAM,EAAE,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,MAAM;iBACzE;gBACD,QAAQ,EAAE;oBACR,SAAS,EAAE,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,SAAS;oBACtD,cAAc,EAAE,MAAM,CAAC,iBAAiB,CAAC,QAAQ,CAAC,cAAc;iBACjE;gBACD,kBAAkB,EAAE,MAAM;gBAC1B,MAAM,EAAE,MAAM,CAAC,MAAM;gBACrB,SAAS,EAAE,MAAM,CAAC,QAAQ;aAC3B;YACD,SAAS,EAAE,iBAAiB;YAC5B,kBAAkB,EAAE,MAAM,CAAC,iBAAiB;YAC5C,uBAAuB,EAAE,MAAM,CAAC,sBAAsB;YACtD,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,IAAI,EAAE,IAAI;YACV,MAAM,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,gBAAyB,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC,CAAC;YACjF,WAAW,EAAE,EAAE;SAChB,CAAC;QAEF,OAAO;YACL,MAAM;YACN,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,iBAAiB,EAAE,MAAM,CAAC,iBAAiB;YAC3C,sBAAsB,EAAE,MAAM,CAAC,sBAAsB;YACrD,SAAS,EAAE,iBAAiB;YAC5B,MAAM,EAAE,MAAM,CAAC,MAAM;YACrB,QAAQ,EAAE,MAAM,CAAC,QAAQ;SAC1B,CAAC;IACJ,CAAC;CACF;AA9aD,0BA8aC"}

package/dist/utils/hash.d.ts

@@ -0,0 +1,28 @@
+/**
+ * Hash utilities for AgentLint
+ */
+/**
+ * Generate SHA256 hash of content
+ */
+export declare function sha256(content: string): string;
+/**
+ * Generate a stable finding ID based on rule, path, line, and evidence
+ */
+export declare function generateFindingId(ruleId: string, path: string, startLine: number, evidence: string): string;
+/**
+ * Generate location-based fingerprint
+ */
+export declare function generateLocationFingerprint(ruleId: string, path: string, startLine: number, endLine: number): string;
+/**
+ * Generate content-based fingerprint
+ */
+export declare function generateContentFingerprint(ruleId: string, evidence: string): string;
+/**
+ * Generate a unique ID
+ */
+export declare function generateId(prefix?: string): string;
+/**
+ * Generate document hash
+ */
+export declare function hashDocument(content: string): string;
+//# sourceMappingURL=hash.d.ts.map

package/dist/utils/hash.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.d.ts","sourceRoot":"","sources":["../../src/utils/hash.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH;;GAEG;AACH,wBAAgB,MAAM,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAE9C;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,MAAM,GACf,MAAM,CAGR;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CACzC,MAAM,EAAE,MAAM,EACd,IAAI,EAAE,MAAM,EACZ,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,MAAM,GACd,MAAM,CAGR;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CACxC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACf,MAAM,CAGR;AAYD;;GAEG;AACH,wBAAgB,UAAU,CAAC,MAAM,GAAE,MAAa,GAAG,MAAM,CAExD;AAED;;GAEG;AACH,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,GAAG,MAAM,CAEpD"}

package/dist/utils/hash.js

@@ -0,0 +1,94 @@
+"use strict";
+/**
+ * Hash utilities for AgentLint
+ */
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
+    Object.defineProperty(o, "default", { enumerable: true, value: v });
+}) : function(o, v) {
+    o["default"] = v;
+});
+var __importStar = (this && this.__importStar) || (function () {
+    var ownKeys = function(o) {
+        ownKeys = Object.getOwnPropertyNames || function (o) {
+            var ar = [];
+            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
+            return ar;
+        };
+        return ownKeys(o);
+    };
+    return function (mod) {
+        if (mod && mod.__esModule) return mod;
+        var result = {};
+        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
+        __setModuleDefault(result, mod);
+        return result;
+    };
+})();
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.sha256 = sha256;
+exports.generateFindingId = generateFindingId;
+exports.generateLocationFingerprint = generateLocationFingerprint;
+exports.generateContentFingerprint = generateContentFingerprint;
+exports.generateId = generateId;
+exports.hashDocument = hashDocument;
+const crypto = __importStar(require("crypto"));
+/**
+ * Generate SHA256 hash of content
+ */
+function sha256(content) {
+    return crypto.createHash('sha256').update(content).digest('hex');
+}
+/**
+ * Generate a stable finding ID based on rule, path, line, and evidence
+ */
+function generateFindingId(ruleId, path, startLine, evidence) {
+    const normalized = `${ruleId}|${path}|${startLine}|${normalizeEvidence(evidence)}`;
+    return `sha256:${sha256(normalized).substring(0, 16)}`;
+}
+/**
+ * Generate location-based fingerprint
+ */
+function generateLocationFingerprint(ruleId, path, startLine, endLine) {
+    const data = `${ruleId}|${path}|${startLine}|${endLine}`;
+    return `sha256:${sha256(data).substring(0, 16)}`;
+}
+/**
+ * Generate content-based fingerprint
+ */
+function generateContentFingerprint(ruleId, evidence) {
+    const data = `${ruleId}|${normalizeEvidence(evidence)}`;
+    return `sha256:${sha256(data).substring(0, 16)}`;
+}
+/**
+ * Normalize evidence string for consistent hashing
+ */
+function normalizeEvidence(evidence) {
+    return evidence
+        .trim()
+        .replace(/\s+/g, ' ')
+        .toLowerCase();
+}
+/**
+ * Generate a unique ID
+ */
+function generateId(prefix = 'id') {
+    return `${prefix}_${crypto.randomBytes(8).toString('hex')}`;
+}
+/**
+ * Generate document hash
+ */
+function hashDocument(content) {
+    return `sha256:${sha256(content)}`;
+}
+//# sourceMappingURL=hash.js.map

package/dist/utils/hash.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"hash.js","sourceRoot":"","sources":["../../src/utils/hash.ts"],"names":[],"mappings":";AAAA;;GAEG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAOH,wBAEC;AAKD,8CAQC;AAKD,kEAQC;AAKD,gEAMC;AAeD,gCAEC;AAKD,oCAEC;AApED,+CAAiC;AAEjC;;GAEG;AACH,SAAgB,MAAM,CAAC,OAAe;IACpC,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACnE,CAAC;AAED;;GAEG;AACH,SAAgB,iBAAiB,CAC/B,MAAc,EACd,IAAY,EACZ,SAAiB,EACjB,QAAgB;IAEhB,MAAM,UAAU,GAAG,GAAG,MAAM,IAAI,IAAI,IAAI,SAAS,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;IACnF,OAAO,UAAU,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACzD,CAAC;AAED;;GAEG;AACH,SAAgB,2BAA2B,CACzC,MAAc,EACd,IAAY,EACZ,SAAiB,EACjB,OAAe;IAEf,MAAM,IAAI,GAAG,GAAG,MAAM,IAAI,IAAI,IAAI,SAAS,IAAI,OAAO,EAAE,CAAC;IACzD,OAAO,UAAU,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,SAAgB,0BAA0B,CACxC,MAAc,EACd,QAAgB;IAEhB,MAAM,IAAI,GAAG,GAAG,MAAM,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;IACxD,OAAO,UAAU,MAAM,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC;AACnD,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,QAAgB;IACzC,OAAO,QAAQ;SACZ,IAAI,EAAE;SACN,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC;SACpB,WAAW,EAAE,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,SAAgB,UAAU,CAAC,SAAiB,IAAI;IAC9C,OAAO,GAAG,MAAM,IAAI,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;AAC9D,CAAC;AAED;;GAEG;AACH,SAAgB,YAAY,CAAC,OAAe;IAC1C,OAAO,UAAU,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;AACrC,CAAC"}

package/dist/utils/index.d.ts

@@ -0,0 +1,2 @@
+export * from './hash';
+//# sourceMappingURL=index.d.ts.map

package/dist/utils/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA,cAAc,QAAQ,CAAC"}

package/dist/utils/index.js

@@ -0,0 +1,18 @@
+"use strict";
+var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    var desc = Object.getOwnPropertyDescriptor(m, k);
+    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
+      desc = { enumerable: true, get: function() { return m[k]; } };
+    }
+    Object.defineProperty(o, k2, desc);
+}) : (function(o, m, k, k2) {
+    if (k2 === undefined) k2 = k;
+    o[k2] = m[k];
+}));
+var __exportStar = (this && this.__exportStar) || function(m, exports) {
+    for (var p in m) if (p !== "default" && !Object.prototype.hasOwnProperty.call(exports, p)) __createBinding(exports, m, p);
+};
+Object.defineProperty(exports, "__esModule", { value: true });
+__exportStar(require("./hash"), exports);
+//# sourceMappingURL=index.js.map

package/dist/utils/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":";;;;;;;;;;;;;;;;AAAA,yCAAuB"}