npm - ai-trust - Versions diffs - 0.7.0 → 0.7.1 - Mend

ai-trust 0.7.0 → 0.7.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (11) hide show

package/README.md +119 -111
package/dist/commands/check.d.ts.map +1 -1
package/dist/commands/check.js +36 -1
package/dist/commands/check.js.map +1 -1
package/dist/index.js +13 -1
package/dist/index.js.map +1 -1
package/dist/scanner/index.d.ts +18 -0
package/dist/scanner/index.d.ts.map +1 -1
package/dist/scanner/index.js +106 -1
package/dist/scanner/index.js.map +1 -1
package/package.json +6 -2

package/README.md CHANGED Viewed

@@ -1,99 +1,106 @@
-> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent)
 # ai-trust
-Trust verification CLI **for AI packages** — MCP servers, A2A agents, skills, AI tools, and LLMs. Queries the OpenA2A Registry trust graph for security scans, community consensus, dependency risk, and known advisories.
+> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent)
-For general-purpose libraries (express, typescript, chalk, etc.) use [HackMyAgent](https://github.com/opena2a-org/hackmyagent) instead — ai-trust is scoped to AI-native packages only.
+Trust verification CLI for AI packages. MCP servers, A2A agents, skills, AI tools, LLMs. Queries the OpenA2A Registry trust graph for security scans, community consensus, dependency risk, and known advisories. Apache 2.0.
-[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
 [![npm version](https://img.shields.io/npm/v/ai-trust.svg)](https://www.npmjs.com/package/ai-trust)
+[![License: Apache-2.0](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)
+[![Tests](https://img.shields.io/badge/tests-201%20passing-brightgreen)](https://github.com/opena2a-org/ai-trust)
-## Installation
+[Website](https://opena2a.org/ai-trust) · [Registry](https://registry.opena2a.org) · [Discord](https://discord.gg/uRZa3KXgEn)
-```bash
-brew install opena2a-org/tap/ai-trust
-```
+For general-purpose libraries (express, typescript, chalk, etc.) use [HackMyAgent](https://github.com/opena2a-org/hackmyagent) instead. ai-trust is scoped to AI-native packages only.
-Or via npm:
+## Quick start
 ```bash
-npm install -g ai-trust
+npx ai-trust check @modelcontextprotocol/server-filesystem
 ```
-Or run directly with npx:
+```
+  @modelcontextprotocol/server-filesystem  mcp_server · scanned 2 days ago
+  No known issues
-```bash
-npx ai-trust check @modelcontextprotocol/server-filesystem
+  Trust     ━━━━━━━━━━━━━━━━━━━━ 87/100
+  Level     Scanned (3/4)
+  Blocked > Warning > Listed > Scanned > Verified
+  ── Next Steps ──────────────────────────────────────────────
+  Fresh scan:         ai-trust check @modelcontextprotocol/server-filesystem
+  Full project audit: ai-trust audit package.json
 ```
-For a full security dashboard covering trust, credentials, shadow AI, and more:
+![ai-trust demo](docs/ai-trust-demo.gif)
+## Install
+### npm
 ```bash
-npx opena2a-cli review
+npx ai-trust check <pkg>     # run once, no install
+npm install -g ai-trust      # install globally
 ```
-## Quick Start
+Requires Node.js 18 or later.
+### Homebrew
 ```bash
-ai-trust check @modelcontextprotocol/server-filesystem
+brew install opena2a-org/tap/ai-trust
 ```
-Expected output:
+### From source
+```bash
+git clone https://github.com/opena2a-org/ai-trust.git
+cd ai-trust
+npm install
+npm run build
+node dist/index.js check express
 ```
-  @modelcontextprotocol/server-filesystem  mcp_server · scanned 2 days ago
-  No known issues
-  Trust     ━━━━━━━━━━━━━━━━━━━━ 87/100
-  Level     Scanned (3/4)
-  Blocked > Warning > Listed > Scanned > Verified
+### Verifying what was installed
-  ── Next Steps ──────────────────────────────────────────────
-  Fresh scan:         ai-trust check @modelcontextprotocol/server-filesystem
-  Full project audit: ai-trust audit package.json
+Every release publishes via npm Trusted Publishing with SLSA v1 provenance. No long-lived `NPM_TOKEN`. GitHub Actions exchanges its OIDC token with npm at publish time.
+```bash
+npm view ai-trust dist.attestations --json
+# Expects non-empty result with predicateType "https://slsa.dev/provenance/v1"
 ```
 ## Scope: AI packages only
-ai-trust verifies trust for **AI-native** packages. For everything else, use HMA:
+ai-trust verifies trust for AI-native packages. For everything else, use HMA.
 | Your package is... | Use |
 |---|---|
-| MCP server / A2A agent / skill / AI tool / LLM | `ai-trust` |
+| MCP server, A2A agent, skill, AI tool, LLM | `ai-trust` |
 | General-purpose library (express, chalk, typescript, etc.) | `hackmyagent check <pkg>` |
 | Full codebase security audit | `hackmyagent secure .` |
 `ai-trust audit package.json` audits AI packages in the trust table and separately lists libraries in an "Out of scope" section with an HMA pointer.
-![ai-trust audit](docs/ai-trust-demo.gif)
-## Built-in Help
-```bash
-ai-trust --help          # All commands and flags
-ai-trust --version       # Current version
-ai-trust [command] -h    # Help for a specific command
-```
----
+Running `ai-trust check express` on a general-purpose library returns an "out of scope" verdict with a redirect to `hackmyagent check express`. Intentional. ai-trust is for AI packages only.
 ## Commands
-### check
+### `check`
 Look up the trust verdict for a single AI package.
 ```bash
 ai-trust check @modelcontextprotocol/server-filesystem
 ai-trust check my-custom-agent --type a2a_agent
-ai-trust check @modelcontextprotocol/server-postgres --json     # JSON output for scripting
+ai-trust check @modelcontextprotocol/server-postgres --json
+ai-trust check mcp-server-xyz --scan-if-missing --contribute  # download + scan + share
+ai-trust check server-filesystem --no-scan                    # registry lookup only
+ai-trust check /path/to/local --scan-path /path/to/local      # scan a local directory
 ```
-Running `check` on a general-purpose library (e.g. `ai-trust check express`) returns an "out of scope" message with a redirect to `hackmyagent check express`. This is intentional — ai-trust is for AI packages only.
-### MCP Server Trust
+Flags: `--type`, `--scan-if-missing`, `--contribute`, `--no-scan`, `--no-deep`, `--scan-path`, `--json`.
-MCP servers are the most common trust query. Use shorthand to skip the full `@modelcontextprotocol/` scope:
+### MCP server shorthand
 ```bash
 # These are equivalent:
@@ -106,29 +113,28 @@ ai-trust check @supabase/mcp-server-supabase
 ai-trust check @cloudflare/mcp-server-cloudflare
 ```
-Shorthand rule: `server-*` resolves to `@modelcontextprotocol/server-*`. Third-party `mcp-server-*` packages are looked up by their actual name.
+`server-*` resolves to `@modelcontextprotocol/server-*`. Third-party `mcp-server-*` packages are looked up by their actual name.
-#### Scan on demand
+### Scan on demand
-When a package is not in the registry, ai-trust can download and scan it locally using [HackMyAgent](https://github.com/opena2a-org/hackmyagent). In interactive mode, you will be prompted. In CI, use flags:
+When a package is not in the registry, ai-trust can download and scan it locally using [HackMyAgent](https://github.com/opena2a-org/hackmyagent). In interactive mode, you are prompted. In CI:
 ```bash
-# Auto-scan unknown packages, contribute results to the community registry
-ai-trust check mcp-server-xyz --scan-if-missing --contribute
-# Registry lookup only (skip local scan)
-ai-trust check server-filesystem --no-scan
+ai-trust check mcp-server-xyz --scan-if-missing --contribute   # auto-scan + share
+ai-trust check server-filesystem --no-scan                     # skip scanning entirely
 ```
-### audit
+Local scans run HMA with NanoMind semantic analysis enabled by default. Pass `--no-deep` for static-only.
+### `audit`
-Parse dependency files and audit AI packages. Supports any `.json` file (package.json format) or `.txt` file (requirements.txt format). Libraries in the file are partitioned into an "Out of scope" section with a pointer to HMA for general security scanning.
+Parse dependency files and audit AI packages. Supports `.json` (package.json format) and `.txt` (requirements.txt format). Libraries get partitioned into an "Out of scope" section.
 ```bash
 ai-trust audit package.json
 ai-trust audit requirements.txt
-ai-trust audit package.json --min-trust 2         # set minimum trust threshold (default: 3)
-ai-trust audit package.json --scan-missing --contribute  # scan unknown AI packages
+ai-trust audit package.json --min-trust 2                      # custom threshold (default 3)
+ai-trust audit package.json --scan-missing --contribute        # scan unknown AI packages
 ```
 Example output (mixed AI + libraries):
@@ -139,7 +145,7 @@ Example output (mixed AI + libraries):
   PACKAGE                    TYPE          VERDICT   TRUST       SCORE         SCAN
   ──────────────────────────────────────────────────────────────────────────────────────
   @modelcontextprotocol/sdk  mcp_server    SAFE      Scanned     ━━━━━━━━ 87  passed
-  @opena2a/aim-core          a2a_agent    SAFE      Scanned     ━━━━━━━━ 81  passed
+  @opena2a/aim-core          a2a_agent     SAFE      Scanned     ━━━━━━━━ 81  passed
   ...
   ── Out of scope (libraries) ────────────────────────────────
@@ -150,97 +156,99 @@ Example output (mixed AI + libraries):
   Library security:  npx hackmyagent secure .
 ```
-### batch
+### `batch`
 Look up trust verdicts for multiple AI packages at once. Non-AI packages get partitioned into the "Out of scope" footer.
 ```bash
 ai-trust batch @modelcontextprotocol/server-filesystem @modelcontextprotocol/server-postgres
 ai-trust batch my-server-a my-server-b --type mcp_server
+ai-trust batch react vue express lodash chalk
 ```
----
+Flags: `--type`, `--min-trust`.
-## Output Options
+## Output options
 ```bash
-ai-trust check express --json          # JSON output for scripting
-ai-trust audit package.json --json     # JSON audit output
-ai-trust check express --no-color      # disable colored output
-ai-trust check express --registry-url http://localhost:8080  # custom registry
-```
----
-## Community Contribution
-Every scan you run can improve trust data for the entire community. Scan results are shared as anonymized telemetry (check pass/fail and severity only -- no file paths, source code, or descriptions).
-On first scan, ai-trust asks whether you want to contribute. Your choice is saved in `~/.opena2a/config.json` and shared across all OpenA2A tools (opena2a-cli, hackmyagent).
-```bash
-# Contribute for this scan (non-interactive / CI)
-ai-trust check chalk --contribute
-# Configure globally via opena2a-cli
-opena2a config set contribute true    # opt in
-opena2a config set contribute false   # opt out
+ai-trust check express --json                                    # JSON output for scripting
+ai-trust audit package.json --json                               # JSON audit output
+ai-trust check express --no-color                                # disable colored output
+ai-trust check express --registry-url http://localhost:8080      # custom registry endpoint
 ```
-The more scans contributed, the faster packages move from "Listed" to "Scanned" trust level, reducing risk for everyone.
----
-## Trust Levels
+## Trust levels
 | Level | Label | Description |
-|-------|-------|-------------|
+|---|---|---|
 | 0 | Blocked | Package is blocked due to security concerns |
 | 1 | Warning | Package has known issues |
 | 2 | Listed | Package is listed but not yet scanned |
 | 3 | Scanned | Package has been scanned by HackMyAgent |
 | 4 | Verified | Package is verified by the publisher |
-## Exit Codes
+## Exit codes
 | Code | Meaning |
-|------|---------|
-| 0 | All queried packages are safe / meet the trust threshold |
+|---|---|
+| 0 | All queried packages are safe and meet the trust threshold |
 | 1 | Operational error (network failure, file not found, server error) |
-| 2 | Policy signal: one or more packages have warning/blocked verdict or fall below `--min-trust` |
+| 2 | Policy signal: one or more packages have warning or blocked verdict, or fall below `--min-trust` |
----
+## Community contribution
-## Requirements
+Every scan you run can improve trust data for the entire community. Scan results are shared as anonymised telemetry: check pass/fail and severity only. No file paths, source code, or descriptions.
-- Node.js 18 or later
-- [HackMyAgent](https://github.com/opena2a-org/hackmyagent) (optional, required for local scanning)
+On first scan, ai-trust asks whether you want to contribute. Your choice is saved in `~/.opena2a/config.json` and shared across all OpenA2A tools (`opena2a-cli`, `hackmyagent`).
-## Development
+```bash
+ai-trust check chalk --contribute              # contribute for this scan (non-interactive / CI)
+opena2a config set contribute true             # opt in globally
+opena2a config set contribute false            # opt out globally
+```
+More scans contributed means packages move from "Listed" to "Scanned" faster, reducing risk for everyone.
+## Using with opena2a-cli
+[`opena2a-cli`](https://github.com/opena2a-org/opena2a) is the unified CLI for the OpenA2A security toolchain. ai-trust powers `opena2a trust`.
 ```bash
-git clone https://github.com/opena2a-org/ai-trust.git
-cd ai-trust && npm install && npm run build
-node dist/index.js check express    # run locally without installing
+npm install -g opena2a-cli
+opena2a trust @modelcontextprotocol/server-filesystem
+opena2a review                              # full security dashboard
 ```
-## Use Cases
+## Use cases
-Step-by-step guides for common workflows:
+| Guide | Time |
+|---|---|
+| [Check if a package is safe before installing](docs/use-cases/check-before-install.md) | 2 min |
+| [Verify an MCP server's trust score](docs/use-cases/check-mcp-server.md) | 3 min |
+| [Contribute trust data to the community](docs/use-cases/contribute-scans.md) | 3 min |
+Full index: [docs/USE-CASES.md](docs/USE-CASES.md).
+## Contributing
+Apache 2.0. PRs from outside the org welcome.
-- [Check if a package is safe before installing](docs/use-cases/check-before-install.md)
-- [Verify an MCP server's trust score](docs/use-cases/check-mcp-server.md)
-- [Contribute trust data to the community](docs/use-cases/contribute-scans.md)
+```bash
+git clone https://github.com/opena2a-org/ai-trust.git
+cd ai-trust && npm install && npm run build && npm test
+```
-See [docs/USE-CASES.md](docs/USE-CASES.md) for the full index.
+Security issues: `security@opena2a.org` (coordinated disclosure, response within 24 hours).
 ## Links
-- [OpenA2A Registry](https://registry.opena2a.org) — trust scores and scan data
-- [OpenA2A CLI](https://github.com/opena2a-org/opena2a) — unified security CLI
-- [HackMyAgent](https://github.com/opena2a-org/hackmyagent) — local scanning for unverified packages
-- [opena2a.org](https://opena2a.org) — full platform
+- [Website](https://opena2a.org/ai-trust)
+- [OpenA2A Registry](https://registry.opena2a.org). Trust scores and scan data.
+- [OpenA2A CLI](https://github.com/opena2a-org/opena2a). Unified security CLI.
+- [HackMyAgent](https://github.com/opena2a-org/hackmyagent). Local scanning for unverified packages.
+Part of the [OpenA2A](https://opena2a.org) security platform.
 ## License
-Apache-2.0
+Apache-2.0.

package/dist/commands/check.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;~~AA4CzC~~,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,~~CAyL3D~~"}
1	+ {"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA8CzC,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAoO3D"}

package/dist/commands/check.js CHANGED Viewed

@@ -10,7 +10,7 @@ import { RegistryClient, PackageNotFoundError } from "@opena2a/registry-client";
 import { formatCheckResult, formatScanResult, formatJson, formatNotFound, } from "../output/formatter.js";
 import { buildNotFoundOutput, translateDownloadError } from "@opena2a/check-core";
 import { resolveAndLog } from "../utils/resolve.js";
-import { isHmaAvailable, scanPackage } from "../scanner/index.js";
+import { isHmaAvailable, scanPackage, scanLocalPath } from "../scanner/index.js";
 import { confirm } from "../utils/prompt.js";
 import { isContributeEnabled, queueScanResult, flushQueue, recordScanAndMaybeShowTip, saveContributeChoice, sendScanPing, } from "../telemetry/index.js";
 import { checkSkillOrMcp, parseRichTarget } from "../check/skill-mcp-check.js";
@@ -29,8 +29,43 @@ export function registerCheckCommand(program) {
         .option("--rescan", "deprecated (local scan is now the default)")
         .option("--no-deep", "disable NanoMind semantic analysis (static checks only)")
         .option("--analm", "AI-powered threat analysis using AnaLM")
+        .option("--scan-path <dir>", "scan a local directory directly (skip npm-pack download); used for adversarial-corpus fixtures and on-disk scans")
         .action(async (rawName, opts) => {
         const globalOpts = program.opts();
+        // --scan-path: scan a local directory directly. No registry lookup, no
+        // download step, no contribution. Used for adversarial-corpus fixtures
+        // and any on-disk target. The <name> argument is treated as a label
+        // for the result (typically the fixture path).
+        if (opts.scanPath) {
+            if (!(await isHmaAvailable())) {
+                console.error(chalk.red("error: HMA is not available. Install hackmyagent or ensure node_modules/.bin/hackmyagent resolves."));
+                process.exit(2);
+            }
+            let result;
+            try {
+                result = await scanLocalPath(opts.scanPath, {
+                    deep: opts.deep ?? true,
+                    analm: opts.analm ?? false,
+                });
+            }
+            catch (e) {
+                const msg = e instanceof Error ? e.message : String(e);
+                console.error(chalk.red(`error: ${msg}`));
+                console.error(chalk.dim("Fix: pass --scan-path to a directory that exists and is readable."));
+                process.exit(2);
+            }
+            // Override packageName with the user-supplied name so output is
+            // labeled clearly when the same fixture is invoked under different
+            // names (e.g. release-smoke harness uses surface/intent/fixture).
+            result.packageName = rawName;
+            if (globalOpts.json) {
+                console.log(JSON.stringify(result, null, 2));
+            }
+            else {
+                console.log(formatScanResult(result));
+            }
+            return;
+        }
         // Rich-block dispatch (skill: / mcp: prefix). Mirrors HMA's
         // src/check/ module for parity F12 / F13. When the registry
         // has a fresh narrative, render the rich block and exit.

package/dist/commands/check.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhF,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,EACV,cAAc,GACf,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,EACzB,oBAAoB,EACpB,YAAY,GACb,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAC1C,MAAM,gBAAgB,GAAW,GAAG,CAAC,OAAO,CAAC;AAgB7C,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,gDAAgD,CAAC;SAC7D,MAAM,CACL,mBAAmB,EACnB,4DAA4D,CAC7D;SACA,MAAM,CACL,mBAAmB,EACnB,sDAAsD,CACvD;SACA,MAAM,CACL,cAAc,EACd,oDAAoD,CACrD;SACA,MAAM,CAAC,WAAW,EAAE,uCAAuC,CAAC;SAC5D,MAAM,CAAC,UAAU,EAAE,4CAA4C,CAAC;SAChE,MAAM,CACL,WAAW,EACX,yDAAyD,CAC1D;SACA,MAAM,CACL,SAAS,EACT,wCAAwC,CACzC;SACA,MAAM,CAAC,KAAK,EAAE,OAAe,EAAE,IAAkB,EAAE,EAAE;QACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAG9B,CAAC;QAEF,4DAA4D;QAC5D,4DAA4D;QAC5D,yDAAyD;QACzD,0DAA0D;QAC1D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC;gBACpC,OAAO,EAAE,UAAU,CAAC,WAAW;gBAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;aAC1C,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;gBACnC,MAAM;gBACN,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,MAAM,EAAE,UAAU;gBAClB,SAAS,EAAE,YAAY,gBAAgB,EAAE;gBACzC,UAAU,EAAE,UAAU;gBACtB,MAAM,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI;gBACzB,OAAO,EAAE;oBACP,KAAK,EAAE,MAAM;oBACb,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB;aACF,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACpB,IAAI,UAAU,CAAC,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACrD,CAAC;gBACD,OAAO;YACT,CAAC;YACD,gEAAgE;YAChE,4DAA4D;YAC5D,+DAA+D;YAC/D,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,CAAC;QAED,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,UAAU,CAAC,WAAW;YAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QAEH,yDAAyD;QACzD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC,CAAC;QAC7F,CAAC;QAED,8CAA8C;QAC9C,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACxD,mEAAmE;gBACnE,2CAA2C;gBAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;gBACtE,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;oBACzB,+DAA+D;oBAC/D,+DAA+D;oBAC/D,qBAAqB,CAAC,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;oBAC/C,iEAAiE;oBACjE,4DAA4D;oBAC5D,gDAAgD;oBAChD,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;wBACpC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;oBACvB,CAAC;oBACD,OAAO;gBACT,CAAC;gBACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBAClC,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;gBACzC,CAAC;gBACD,IACE,MAAM,CAAC,KAAK;oBACZ,CAAC,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,IAAI,MAAM,CAAC,OAAO,KAAK,QAAQ,CAAC,EAC9H,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,oBAAoB,EAAE,CAAC;oBACxC,6DAA6D;oBAC7D,yDAAyD;oBACzD,2DAA2D;oBAC3D,8DAA8D;oBAC9D,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC;oBACzC,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;wBAC7B,qBAAqB,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;wBAC7C,OAAO,CAAC,SAAS;oBACnB,CAAC;oBACD,oBAAoB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACjE,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;wBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;4BACzC,IAAI;4BACJ,SAAS,EAAE,KAAK;4BAChB,KAAK,EAAE,OAAO;yBACf,CAAC,CAAC,CAAC,CAAC;oBACP,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;oBACrC,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,qEAAqE;QACrE,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,uEAAuE;QACvE,qEAAqE;QACrE,mEAAmE;QACnE,4DAA4D;QAC5D,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAChE,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;YAC9E,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;gBACzB,qBAAqB,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;gBACvD,4DAA4D;gBAC5D,IAAI,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;gBACD,OAAO;YACT,CAAC;YACD,qDAAqD;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,CAAC,GAAG,YAAY,oBAAoB,CAAC,EAAE,CAAC;gBAC3C,0EAA0E;gBAC1E,wEAAwE;gBACxE,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,6BAA6B,OAAO,gCAAgC,CAAC,CAAC,CAAC;YACjG,CAAC;YACD,sEAAsE;YACtE,kEAAkE;YAClE,sEAAsE;YACtE,sEAAsE;QACxE,CAAC;QAED,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,IAAI,EACJ,YAAY,IAAI,KAAK,CACtB,CAAC;IACJ,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,8CAA8C;IAC9C,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAC7B,YAAY,IAAI,sCAAsC,CACvD,CAAC;QACF,OAAO;IACT,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;gBAC7D,SAAS,EAAE;oBACT,kBAAkB,IAAI,oBAAoB;oBAC1C,sCAAsC;iBACvC;aACF,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,YAAY,IAAI,wCAAwC,CAAC,CAAC;YACxE,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,sBAAsB,IAAI,oBAAoB,CAAC,CAAC;YAC9D,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,iCAAiC;IACjC,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,sCAAsC,CAAC,CACnE,CAAC;IAEF,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC;IAC1E,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC;AAC/F,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB,EAClB,aAAqB;IAErB,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAEzC,IAAI,UAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACzD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;oBACzC,IAAI;oBACJ,SAAS,EAAE,KAAK;oBAChB,KAAK,EAAE,OAAO;oBACd,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CAAC,CAAC,CAAC;YACP,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,cAAc,CAAC;oBACb,GAAG,EAAE,IAAI;oBACT,SAAS,EAAE,KAAK;oBAChB,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CACH,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IACtC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,2EAA2E;IAC3E,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,mFAAmF;IACnF,8EAA8E;IAC9E,YAAY,CACV,IAAI,EACJ,UAAU,CAAC,OAAO,EAClB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,EACvC,UAAU,CAAC,WAAW,CACvB,CAAC;IAEF,8BAA8B;IAC9B,MAAM,gBAAgB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,qBAAqB,GAAG,KAAK,CAAC;AAElC,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,UAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,EAAE,KAAK,IAAI,CAAC;IAEzE,6EAA6E;IAC7E,mEAAmE;IACnE,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,cAAc,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACxB,kEAAkE;YAClE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,4DAA4D,CAAC,CACzE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAClE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,uDAAuD,CAAC,CACpE,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,YAAY,GAAG,MAAM,OAAO,CAChC,qCAAqC,EACrC,IAAI,CACL,CAAC;YAEF,2CAA2C;YAC3C,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAEnC,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,yEAAyE,CAAC,CACtF,CAAC;gBACF,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBACxF,OAAO;YACT,CAAC;QACH,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,wEAAwE,CACzE,CACF,CAAC;gBACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,sBAAsB,IAAI,iCAAiC,CAC5D,CACF,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,cAAc;QAAE,OAAO;IAE5B,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;AAC1F,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,UAAsB,EACtB,WAAmB,EACnB,IAAwB;IAExB,IAAI,CAAC;QACH,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,KAAK,CAAC,uEAAuE,CAAC,CACrF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;IAED,kFAAkF;IAClF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC;YACpC,IAAI;YACJ,IAAI,EAAE,IAAI,EAAE,IAAI;YAChB,KAAK,EAAE,UAAU,CAAC,IAAI,CAAC,KAAK;YAC5B,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ;YAClC,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,gBAAgB;YAC7B,OAAO,EAAE,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACvG,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE;gBACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;aAC3B,CAAC,CAAC;YACH,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,WAAW;YACxC,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACxC,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAC3B,IAAY,EACZ,UAAkD;IAElD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;YACzC,IAAI;YACJ,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;YAC7D,SAAS,EAAE;gBACT,kBAAkB,IAAI,oBAAoB;gBAC1C,sCAAsC;aACvC;SACF,CAAC,CAAC,CAAC,CAAC;IACP,CAAC;SAAM,CAAC;QACN,yFAAyF;QACzF,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,SAAS,GAAG,MAAM,cAAc,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CAAC,OAAgB;IACvC,OAAO,CACL,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,UAAU;QACtB,OAAO,KAAK,QAAQ,CACrB,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,MAAmB,EAAE,MAAe;IACjE,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,GAAG,MAAM;YACT,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,gDAAgD;YAClE,SAAS,EAAE,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC;SAChD,CAAC,CAAC,CAAC;QACJ,OAAO;IACT,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,EAAE,CACpF,CAAC;IACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mEAAmE,CAAC,EAAE,CACjI,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;IACvE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,IAAY,EAAE,MAAe;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,IAAI;YACJ,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,kEAAkE;YACpF,SAAS,EAAE,CAAC,qBAAqB,IAAI,EAAE,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,sCAAsC,CAAC,EAAE,CACpF,CAAC;QACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mFAAmF,CAAC,EAAE,CACjJ,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACnE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;AACH,CAAC"}
1	+ {"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhF,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,EACV,cAAc,GACf,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEjF,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,EACzB,oBAAoB,EACpB,YAAY,GACb,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAC1C,MAAM,gBAAgB,GAAW,GAAG,CAAC,OAAO,CAAC;AAkB7C,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,gDAAgD,CAAC;SAC7D,MAAM,CACL,mBAAmB,EACnB,4DAA4D,CAC7D;SACA,MAAM,CACL,mBAAmB,EACnB,sDAAsD,CACvD;SACA,MAAM,CACL,cAAc,EACd,oDAAoD,CACrD;SACA,MAAM,CAAC,WAAW,EAAE,uCAAuC,CAAC;SAC5D,MAAM,CAAC,UAAU,EAAE,4CAA4C,CAAC;SAChE,MAAM,CACL,WAAW,EACX,yDAAyD,CAC1D;SACA,MAAM,CACL,SAAS,EACT,wCAAwC,CACzC;SACA,MAAM,CACL,mBAAmB,EACnB,kHAAkH,CACnH;SACA,MAAM,CAAC,KAAK,EAAE,OAAe,EAAE,IAAkB,EAAE,EAAE;QACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAG9B,CAAC;QAEF,uEAAuE;QACvE,uEAAuE;QACvE,oEAAoE;QACpE,+CAA+C;QAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,CAAC,MAAM,cAAc,EAAE,CAAC,EAAE,CAAC;gBAC9B,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CAAC,oGAAoG,CAAC,CAChH,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,MAAM,CAAC;YACX,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE;oBAC1C,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK;iBAC3B,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBACvD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC;gBAC1C,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CACP,mEAAmE,CACpE,CACF,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,gEAAgE;YAChE,mEAAmE;YACnE,kEAAkE;YAClE,MAAM,CAAC,WAAW,GAAG,OAAO,CAAC;YAC7B,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;YACxC,CAAC;YACD,OAAO;QACT,CAAC;QAED,4DAA4D;QAC5D,4DAA4D;QAC5D,yDAAyD;QACzD,0DAA0D;QAC1D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC;gBACpC,OAAO,EAAE,UAAU,CAAC,WAAW;gBAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;aAC1C,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;gBACnC,MAAM;gBACN,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,MAAM,EAAE,UAAU;gBAClB,SAAS,EAAE,YAAY,gBAAgB,EAAE;gBACzC,UAAU,EAAE,UAAU;gBACtB,MAAM,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI;gBACzB,OAAO,EAAE;oBACP,KAAK,EAAE,MAAM;oBACb,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB;aACF,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACpB,IAAI,UAAU,CAAC,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACrD,CAAC;gBACD,OAAO;YACT,CAAC;YACD,gEAAgE;YAChE,4DAA4D;YAC5D,+DAA+D;YAC/D,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,CAAC;QAED,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,UAAU,CAAC,WAAW;YAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QAEH,yDAAyD;QACzD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC,CAAC;QAC7F,CAAC;QAED,8CAA8C;QAC9C,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACxD,mEAAmE;gBACnE,2CAA2C;gBAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;gBACtE,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;oBACzB,+DAA+D;oBAC/D,+DAA+D;oBAC/D,qBAAqB,CAAC,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;oBAC/C,iEAAiE;oBACjE,4DAA4D;oBAC5D,gDAAgD;oBAChD,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;wBACpC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;oBACvB,CAAC;oBACD,OAAO;gBACT,CAAC;gBACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBAClC,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;gBACzC,CAAC;gBACD,IACE,MAAM,CAAC,KAAK;oBACZ,CAAC,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,IAAI,MAAM,CAAC,OAAO,KAAK,QAAQ,CAAC,EAC9H,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,oBAAoB,EAAE,CAAC;oBACxC,6DAA6D;oBAC7D,yDAAyD;oBACzD,2DAA2D;oBAC3D,8DAA8D;oBAC9D,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC;oBACzC,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;wBAC7B,qBAAqB,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;wBAC7C,OAAO,CAAC,SAAS;oBACnB,CAAC;oBACD,oBAAoB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACjE,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;wBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;4BACzC,IAAI;4BACJ,SAAS,EAAE,KAAK;4BAChB,KAAK,EAAE,OAAO;yBACf,CAAC,CAAC,CAAC,CAAC;oBACP,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;oBACrC,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,qEAAqE;QACrE,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,uEAAuE;QACvE,qEAAqE;QACrE,mEAAmE;QACnE,4DAA4D;QAC5D,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAChE,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;YAC9E,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;gBACzB,qBAAqB,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;gBACvD,4DAA4D;gBAC5D,IAAI,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;gBACD,OAAO;YACT,CAAC;YACD,qDAAqD;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,CAAC,GAAG,YAAY,oBAAoB,CAAC,EAAE,CAAC;gBAC3C,0EAA0E;gBAC1E,wEAAwE;gBACxE,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,6BAA6B,OAAO,gCAAgC,CAAC,CAAC,CAAC;YACjG,CAAC;YACD,sEAAsE;YACtE,kEAAkE;YAClE,sEAAsE;YACtE,sEAAsE;QACxE,CAAC;QAED,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,IAAI,EACJ,YAAY,IAAI,KAAK,CACtB,CAAC;IACJ,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,8CAA8C;IAC9C,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAC7B,YAAY,IAAI,sCAAsC,CACvD,CAAC;QACF,OAAO;IACT,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;gBAC7D,SAAS,EAAE;oBACT,kBAAkB,IAAI,oBAAoB;oBAC1C,sCAAsC;iBACvC;aACF,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,YAAY,IAAI,wCAAwC,CAAC,CAAC;YACxE,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,sBAAsB,IAAI,oBAAoB,CAAC,CAAC;YAC9D,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,iCAAiC;IACjC,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,sCAAsC,CAAC,CACnE,CAAC;IAEF,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC;IAC1E,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC;AAC/F,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB,EAClB,aAAqB;IAErB,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAEzC,IAAI,UAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACzD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;oBACzC,IAAI;oBACJ,SAAS,EAAE,KAAK;oBAChB,KAAK,EAAE,OAAO;oBACd,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CAAC,CAAC,CAAC;YACP,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,cAAc,CAAC;oBACb,GAAG,EAAE,IAAI;oBACT,SAAS,EAAE,KAAK;oBAChB,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CACH,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IACtC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,2EAA2E;IAC3E,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,mFAAmF;IACnF,8EAA8E;IAC9E,YAAY,CACV,IAAI,EACJ,UAAU,CAAC,OAAO,EAClB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,EACvC,UAAU,CAAC,WAAW,CACvB,CAAC;IAEF,8BAA8B;IAC9B,MAAM,gBAAgB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,qBAAqB,GAAG,KAAK,CAAC;AAElC,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,UAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,EAAE,KAAK,IAAI,CAAC;IAEzE,6EAA6E;IAC7E,mEAAmE;IACnE,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,cAAc,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACxB,kEAAkE;YAClE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,4DAA4D,CAAC,CACzE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAClE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,uDAAuD,CAAC,CACpE,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,YAAY,GAAG,MAAM,OAAO,CAChC,qCAAqC,EACrC,IAAI,CACL,CAAC;YAEF,2CAA2C;YAC3C,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAEnC,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,yEAAyE,CAAC,CACtF,CAAC;gBACF,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBACxF,OAAO;YACT,CAAC;QACH,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,wEAAwE,CACzE,CACF,CAAC;gBACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,sBAAsB,IAAI,iCAAiC,CAC5D,CACF,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,cAAc;QAAE,OAAO;IAE5B,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;AAC1F,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,UAAsB,EACtB,WAAmB,EACnB,IAAwB;IAExB,IAAI,CAAC;QACH,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,KAAK,CAAC,uEAAuE,CAAC,CACrF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;IAED,kFAAkF;IAClF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC;YACpC,IAAI;YACJ,IAAI,EAAE,IAAI,EAAE,IAAI;YAChB,KAAK,EAAE,UAAU,CAAC,IAAI,CAAC,KAAK;YAC5B,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ;YAClC,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,gBAAgB;YAC7B,OAAO,EAAE,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACvG,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE;gBACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;aAC3B,CAAC,CAAC;YACH,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,WAAW;YACxC,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACxC,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAC3B,IAAY,EACZ,UAAkD;IAElD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;YACzC,IAAI;YACJ,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;YAC7D,SAAS,EAAE;gBACT,kBAAkB,IAAI,oBAAoB;gBAC1C,sCAAsC;aACvC;SACF,CAAC,CAAC,CAAC,CAAC;IACP,CAAC;SAAM,CAAC;QACN,yFAAyF;QACzF,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,SAAS,GAAG,MAAM,cAAc,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CAAC,OAAgB;IACvC,OAAO,CACL,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,UAAU;QACtB,OAAO,KAAK,QAAQ,CACrB,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,MAAmB,EAAE,MAAe;IACjE,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,GAAG,MAAM;YACT,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,gDAAgD;YAClE,SAAS,EAAE,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC;SAChD,CAAC,CAAC,CAAC;QACJ,OAAO;IACT,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,EAAE,CACpF,CAAC;IACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mEAAmE,CAAC,EAAE,CACjI,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;IACvE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,IAAY,EAAE,MAAe;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,IAAI;YACJ,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,kEAAkE;YACpF,SAAS,EAAE,CAAC,qBAAqB,IAAI,EAAE,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,sCAAsC,CAAC,EAAE,CACpF,CAAC;QACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mFAAmF,CAAC,EAAE,CACjJ,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACnE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;AACH,CAAC"}

package/dist/index.js CHANGED Viewed

@@ -23,6 +23,14 @@ program
     .option("--registry-url <url>", "registry base URL", "https://api.oa2a.org")
     .option("--json", "output raw JSON", false)
     .option("--no-color", "disable colored output");
+// Two-bucket telemetry disclosure (briefs/scan-result-telemetry-policy.md §7,
+// [CHIEF-CSR-014] + [CHIEF-CPO-021]). Surfaces both consent rails on --help so
+// users see the boundary without reading the privacy policy.
+program.addHelpText("after", `
+Telemetry:
+  Anonymous usage telemetry is on. Disable: OPENA2A_TELEMETRY=off
+  Local scans may contribute to the OpenA2A Registry. Disable: --no-contribute or ai-trust telemetry off
+`);
 registerCheckCommand(program);
 registerAuditCommand(program);
 registerBatchCommand(program);
@@ -58,7 +66,11 @@ registerBatchCommand(program);
             return;
         telemetryStartedAt.delete(name);
         void tele.track(name, {
-            success: (process.exitCode ?? 0) === 0,
+            // Exit 0 = clean, 1 = trust verdict below threshold OR not-found
+            // (the tool did its job — see audit.test.ts which expects exit 1
+            // and 2 for distinct outcomes). Only exit >=2 is a real crash.
+            // Matches @opena2a/telemetry.successFromExitCode (post-0.2.0).
+            success: (process.exitCode ?? 0) <= 1,
             durationMs: Date.now() - startedAt,
         });
     });

package/dist/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AACvC,MAAM,OAAO,GAAW,GAAG,CAAC,OAAO,CAAC;AACpC,MAAM,cAAc,GAAG,UAAU,CAAC;AAClC,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;AAC9E,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,UAAU,CAAC;KAChB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,MAAM,CACL,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,CACvB;KACA,MAAM,CAAC,QAAQ,EAAE,iBAAiB,EAAE,KAAK,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC;AAElD,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAE9B,CAAC,KAAK,IAAI,EAAE;IACV,6DAA6D;IAC7D,iEAAiE;IACjE,yDAAyD;IACzD,qEAAqE;IACrE,yBAAyB;IACzB,wEAAwE;IACxE,mEAAmE;IACnE,kEAAkE;IAClE,uBAAuB;IACvB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC9C,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAE5D,OAAO,CAAC,OAAO,CACb,KAAK,CAAC,WAAW,CAAC;QAChB,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,OAAO;QAChB,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE;KACzB,CAAC,EACF,eAAe,EACf,2BAA2B,CAC5B,CAAC;IAEF,OAAO;SACJ,IAAI,CAAC,WAAW,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QACjD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO;QACrD,kBAAkB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3C,CAAC,CAAC;SACD,IAAI,CAAC,YAAY,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QAClD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO;QACpC,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;YACpB,OAAO,~~EAAE~~,CAAC,OAAO,CAAC,QAAQ,IAAI,CAAC,~~CAAC~~,~~KAAK~~,CAAC;~~YACtC~~,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;SACnC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEL,OAAO;SACJ,OAAO,CAAC,oBAAoB,CAAC;SAC7B,WAAW,CAAC,gEAAgE,CAAC;SAC7E,MAAM,CAAC,CAAC,MAA0B,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,mBAAmB,CAAC,MAAyD,EAAE;YACnF,IAAI,EAAE,cAAc;YACpB,SAAS,EAAE,IAAI,CAAC,MAAM;YACtB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEL,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,UAAU,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QACxD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACzD,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC7B,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;YAAS,CAAC;QACT,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;AACH,CAAC,CAAC,EAAE,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AACvC,MAAM,OAAO,GAAW,GAAG,CAAC,OAAO,CAAC;AACpC,MAAM,cAAc,GAAG,UAAU,CAAC;AAClC,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;AAC9E,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,UAAU,CAAC;KAChB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,MAAM,CACL,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,CACvB;KACA,MAAM,CAAC,QAAQ,EAAE,iBAAiB,EAAE,KAAK,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC;AAElD,8EAA8E;AAC9E,+EAA+E;AAC/E,6DAA6D;AAC7D,OAAO,CAAC,WAAW,CACjB,OAAO,EACP;;;;CAID,CACA,CAAC;AAEF,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAE9B,CAAC,KAAK,IAAI,EAAE;IACV,6DAA6D;IAC7D,iEAAiE;IACjE,yDAAyD;IACzD,qEAAqE;IACrE,yBAAyB;IACzB,wEAAwE;IACxE,mEAAmE;IACnE,kEAAkE;IAClE,uBAAuB;IACvB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC9C,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAE5D,OAAO,CAAC,OAAO,CACb,KAAK,CAAC,WAAW,CAAC;QAChB,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,OAAO;QAChB,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE;KACzB,CAAC,EACF,eAAe,EACf,2BAA2B,CAC5B,CAAC;IAEF,OAAO;SACJ,IAAI,CAAC,WAAW,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QACjD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO;QACrD,kBAAkB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3C,CAAC,CAAC;SACD,IAAI,CAAC,YAAY,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QAClD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO;QACpC,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;YACpB,iEAAiE;YACjE,iEAAiE;YACjE,+DAA+D;YAC/D,+DAA+D;YAC/D,OAAO,EAAG,CAAC,OAAO,CAAC,QAAQ,IAAI,CAAC,CAAY,IAAI,CAAC;YACjD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;SACnC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEL,OAAO;SACJ,OAAO,CAAC,oBAAoB,CAAC;SAC7B,WAAW,CAAC,gEAAgE,CAAC;SAC7E,MAAM,CAAC,CAAC,MAA0B,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,mBAAmB,CAAC,MAAyD,EAAE;YACnF,IAAI,EAAE,cAAc;YACpB,SAAS,EAAE,IAAI,CAAC,MAAM;YACtB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEL,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,UAAU,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QACxD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACzD,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC7B,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;YAAS,CAAC;QACT,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;AACH,CAAC,CAAC,EAAE,CAAC"}

package/dist/scanner/index.d.ts CHANGED Viewed

@@ -28,4 +28,22 @@ export interface ScanResult {
 export declare function scanPackage(name: string, options?: HmaScanOptions & {
     ecosystem?: "npm" | "pypi";
 }): Promise<ScanResult>;
+/**
+ * Scan a local directory directly (no download step). Used for adversarial
+ * corpus fixtures and any other on-disk target. Skips the LOCAL_ONLY filter
+ * because for local sources those categories ARE meaningful (a missing
+ * .gitignore in a real repo is a real finding, unlike in an npm tarball).
+ */
+export declare function scanLocalPath(targetDir: string, options?: HmaScanOptions): Promise<ScanResult>;
+/**
+ * Verify that the unpacked tarball's package.json `name` matches the
+ * requested name. This is a guard against `npm pack <name>` returning the
+ * wrong package (or an empty tarball), which would otherwise produce a
+ * misleading scan result that the publish path could send to the registry.
+ *
+ * If package.json is unreadable or has no `name` field, that's also a
+ * publish-blocker — we don't have enough information to identify what was
+ * actually scanned.
+ */
+export declare function assertPackageMatchesName(dir: string, requestedName: string): Promise<void>;
 //# sourceMappingURL=index.d.ts.map

package/dist/scanner/index.d.ts.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;~~AAI3G~~,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAE/F,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,aAAa,CAAC;IACpB,mDAAmD;IACnD,UAAU,EAAE,MAAM,CAAC;IACnB,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;IACxC,6EAA6E;IAC7E,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IACrC,oDAAoD;IACpD,eAAe,CAAC,EAAE,cAAc,EAAE,CAAC;CACpC;AAkBD;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,cAAc,GAAG;IAAE,SAAS,CAAC,EAAE,KAAK,GAAG,MAAM,CAAA;CAAO,GAC5D,OAAO,CAAC,UAAU,CAAC,~~CA4DrB~~"}
1	+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAM3G,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAE/F,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,aAAa,CAAC;IACpB,mDAAmD;IACnD,UAAU,EAAE,MAAM,CAAC;IACnB,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;IACxC,6EAA6E;IAC7E,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IACrC,oDAAoD;IACpD,eAAe,CAAC,EAAE,cAAc,EAAE,CAAC;CACpC;AAkBD;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,cAAc,GAAG;IAAE,SAAS,CAAC,EAAE,KAAK,GAAG,MAAM,CAAA;CAAO,GAC5D,OAAO,CAAC,UAAU,CAAC,CAyErB;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE,cAAmB,GAC3B,OAAO,CAAC,UAAU,CAAC,CAgCrB;AAED;;;;;;;;;GASG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,IAAI,CAAC,CAoDf"}

package/dist/scanner/index.js CHANGED Viewed

@@ -3,6 +3,8 @@
  */
 export { downloadPackage } from "./downloader.js";
 export { isHmaAvailable, runHmaScan } from "./hma.js";
+import { readFile, stat } from "node:fs/promises";
+import { join } from "node:path";
 import { downloadPackage } from "./downloader.js";
 import { runHmaScan } from "./hma.js";
 /**
@@ -26,8 +28,21 @@ const LOCAL_ONLY_CATEGORIES = new Set([
  * Filters local-only findings (git, permissions, etc.) to match HMA check output.
  */
 export async function scanPackage(name, options = {}) {
-    const download = await downloadPackage(name, options.ecosystem ?? "npm");
+    const ecosystem = options.ecosystem ?? "npm";
+    const download = await downloadPackage(name, ecosystem);
     try {
+        // Defense-in-depth: verify the unpacked tarball's package.json `name`
+        // matches the requested name BEFORE running runHmaScan. Without this,
+        // if `npm pack <name>` ever returned a tarball whose contents identify
+        // as a different package (registry redirect, partial-fetch corruption,
+        // future typosquat-misroute), --scan-if-missing would publish a trust
+        // record under the requested name with content from a different package.
+        // The guard does NOT block legitimate scope shorthand resolution
+        // (`server-filesystem` → `@modelcontextprotocol/server-filesystem`);
+        // see assertPackageMatchesName for the canonical-scope rules.
+        if (ecosystem === "npm") {
+            await assertPackageMatchesName(download.dir, name);
+        }
         const scan = await runHmaScan(download.dir, options);
         // Filter out local-dev-only findings that are meaningless for downloaded packages.
         // This matches HMA's filterLocalOnlyFindings() so scores are consistent.
@@ -77,6 +92,96 @@ export async function scanPackage(name, options = {}) {
         await download.cleanup();
     }
 }
+/**
+ * Scan a local directory directly (no download step). Used for adversarial
+ * corpus fixtures and any other on-disk target. Skips the LOCAL_ONLY filter
+ * because for local sources those categories ARE meaningful (a missing
+ * .gitignore in a real repo is a real finding, unlike in an npm tarball).
+ */
+export async function scanLocalPath(targetDir, options = {}) {
+    let st;
+    try {
+        st = await stat(targetDir);
+    }
+    catch (e) {
+        const code = e.code ?? "unknown";
+        throw new Error(`scanLocalPath: ${targetDir} could not be read (${code}).`);
+    }
+    if (!st.isDirectory()) {
+        throw new Error(`scanLocalPath: ${targetDir} is not a directory.`);
+    }
+    const scan = await runHmaScan(targetDir, options);
+    const trustScore = scan.maxScore > 0 ? scan.score / scan.maxScore : 0;
+    const trustLevel = deriveTrustLevel(scan);
+    const verdict = deriveVerdict(scan);
+    const result = {
+        packageName: targetDir,
+        scan,
+        trustScore,
+        trustLevel,
+        verdict,
+    };
+    if (scan.semanticFindings && scan.semanticFindings.length > 0) {
+        result.semanticFindings = scan.semanticFindings;
+    }
+    if (scan.analystFindings && scan.analystFindings.length > 0) {
+        result.analystFindings = scan.analystFindings;
+    }
+    return result;
+}
+/**
+ * Verify that the unpacked tarball's package.json `name` matches the
+ * requested name. This is a guard against `npm pack <name>` returning the
+ * wrong package (or an empty tarball), which would otherwise produce a
+ * misleading scan result that the publish path could send to the registry.
+ *
+ * If package.json is unreadable or has no `name` field, that's also a
+ * publish-blocker — we don't have enough information to identify what was
+ * actually scanned.
+ */
+export async function assertPackageMatchesName(dir, requestedName) {
+    let pkgRaw;
+    try {
+        pkgRaw = await readFile(join(dir, "package.json"), "utf8");
+    }
+    catch (e) {
+        const code = e.code ?? "unknown";
+        throw new Error(`download verification failed: ${dir}/package.json could not be read (${code}); refusing to scan/publish a package whose identity cannot be confirmed.`);
+    }
+    let parsed;
+    try {
+        parsed = JSON.parse(pkgRaw);
+    }
+    catch {
+        throw new Error(`download verification failed: ${dir}/package.json is not valid JSON; refusing to scan/publish.`);
+    }
+    const actualName = typeof parsed.name === "string" ? parsed.name : "";
+    if (!actualName) {
+        throw new Error(`download verification failed: ${dir}/package.json has no "name" field; refusing to scan/publish.`);
+    }
+    const norm = (s) => s.toLowerCase();
+    if (norm(actualName) === norm(requestedName))
+        return;
+    // Allow the legitimate case where the request used unscoped shorthand
+    // and npm resolved it to a scoped package (e.g. `server-filesystem` →
+    // `@modelcontextprotocol/server-filesystem`). A real npm scope MUST start
+    // with `@`, contain exactly one `/`, and have non-empty scope + basename.
+    // Anything else (`evil-corp/foo`, `foo/bar/baz`, `/foo`, `@a/b/c`) is
+    // rejected — the guard's purpose is refusing to publish under the wrong
+    // identity, and only canonical scopes are legitimate identity equivalences
+    // for an unscoped request.
+    const slashIdx = actualName.indexOf("/");
+    const isCanonicalScope = actualName.startsWith("@") &&
+        slashIdx > 1 &&
+        slashIdx === actualName.lastIndexOf("/") &&
+        slashIdx < actualName.length - 1;
+    if (isCanonicalScope &&
+        !requestedName.includes("/") &&
+        norm(actualName.slice(slashIdx + 1)) === norm(requestedName)) {
+        return;
+    }
+    throw new Error(`download verification failed: requested "${requestedName}" but tarball contains "${actualName}". Refusing to publish a trust record under the wrong name.`);
+}
 function deriveTrustLevel(scan) {
     const ratio = scan.score / scan.maxScore;
     if (ratio >= 0.9)

package/dist/scanner/index.js.map CHANGED Viewed

	@@ -1 +1 @@
1	- {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAGtD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAkBtC;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,KAAK;IACL,aAAa;IACb,aAAa;IACb,SAAS;IACT,aAAa;IACb,QAAQ;IACR,QAAQ;CACT,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,IAAY,EACZ,UAA2D,EAAE;IAE7D,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,~~OAAO~~,CAAC,~~SAAS~~,IAAI,KAAK,~~CAAC~~,CAAC;~~IAEzE~~,IAAI,CAAC;~~QACH~~,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAErD,mFAAmF;QACnF,yEAAyE;QACzE,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QACpE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAC1D,CAAC;QACF,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAEpE,8CAA8C;QAC9C,IAAI,aAAa,GAAG,aAAa,IAAI,IAAI,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;YACvD,mEAAmE;YACnE,MAAM,gBAAgB,GAA2B;gBAC/C,QAAQ,EAAE,EAAE;gBACZ,IAAI,EAAE,EAAE;gBACR,MAAM,EAAE,CAAC;gBACT,GAAG,EAAE,CAAC;aACP,CAAC;YACF,IAAI,WAAW,GAAG,CAAC,CAAC;YACpB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC9B,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;oBACd,WAAW,IAAI,gBAAgB,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;YACD,MAAM,cAAc,GAAG,GAAG,CAAC;YAC3B,IAAI,CAAC,KAAK;gBACR,WAAW,KAAK,CAAC;oBACf,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,GAAG,cAAc,CAAC,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC9C,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;QAEpC,MAAM,MAAM,GAAe;YACzB,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,UAAU;YACV,UAAU;YACV,OAAO;SACR,CAAC;QAEF,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAClD,CAAC;QAED,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5D,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;QAChD,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;YAAS,CAAC;QACT,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAmB;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzC,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,yBAAyB;IACrD,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO,CAAC,CAAC,CAAC,UAAU;AACtB,CAAC;AAED,SAAS,aAAa,CAAC,IAAmB;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzC,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAC9C,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC1C,CAAC;IAEF,wEAAwE;IACxE,2EAA2E;IAC3E,wEAAwE;IACxE,yEAAyE;IACzE,IAAI,KAAK,IAAI,GAAG,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO;QAAE,OAAO,MAAM,CAAC;IAC5D,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,SAAS,CAAC,CAAC,qDAAqD;IACzF,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,SAAS,CAAC;IACnC,OAAO,SAAS,CAAC;AACnB,CAAC"}
1	+ {"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAGtD,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAkBtC;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,KAAK;IACL,aAAa;IACb,aAAa;IACb,SAAS;IACT,aAAa;IACb,QAAQ;IACR,QAAQ;CACT,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,IAAY,EACZ,UAA2D,EAAE;IAE7D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,KAAK,CAAC;IAC7C,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAExD,IAAI,CAAC;QACH,sEAAsE;QACtE,sEAAsE;QACtE,uEAAuE;QACvE,uEAAuE;QACvE,sEAAsE;QACtE,yEAAyE;QACzE,iEAAiE;QACjE,qEAAqE;QACrE,8DAA8D;QAC9D,IAAI,SAAS,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,wBAAwB,CAAC,QAAQ,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAErD,mFAAmF;QACnF,yEAAyE;QACzE,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QACpE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAC1D,CAAC;QACF,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAEpE,8CAA8C;QAC9C,IAAI,aAAa,GAAG,aAAa,IAAI,IAAI,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;YACvD,mEAAmE;YACnE,MAAM,gBAAgB,GAA2B;gBAC/C,QAAQ,EAAE,EAAE;gBACZ,IAAI,EAAE,EAAE;gBACR,MAAM,EAAE,CAAC;gBACT,GAAG,EAAE,CAAC;aACP,CAAC;YACF,IAAI,WAAW,GAAG,CAAC,CAAC;YACpB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC9B,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;oBACd,WAAW,IAAI,gBAAgB,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;YACD,MAAM,cAAc,GAAG,GAAG,CAAC;YAC3B,IAAI,CAAC,KAAK;gBACR,WAAW,KAAK,CAAC;oBACf,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,GAAG,cAAc,CAAC,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC9C,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;QAEpC,MAAM,MAAM,GAAe;YACzB,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,UAAU;YACV,UAAU;YACV,OAAO;SACR,CAAC;QAEF,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAClD,CAAC;QAED,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5D,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;QAChD,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;YAAS,CAAC;QACT,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,SAAiB,EACjB,UAA0B,EAAE;IAE5B,IAAI,EAAE,CAAC;IACP,IAAI,CAAC;QACH,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,GAAI,CAA2B,CAAC,IAAI,IAAI,SAAS,CAAC;QAC5D,MAAM,IAAI,KAAK,CACb,kBAAkB,SAAS,uBAAuB,IAAI,IAAI,CAC3D,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,kBAAkB,SAAS,sBAAsB,CAAC,CAAC;IACrE,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC1C,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IAEpC,MAAM,MAAM,GAAe;QACzB,WAAW,EAAE,SAAS;QACtB,IAAI;QACJ,UAAU;QACV,UAAU;QACV,OAAO;KACR,CAAC;IACF,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;IAClD,CAAC;IACD,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;IAChD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,GAAW,EACX,aAAqB;IAErB,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,EAAE,MAAM,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,GAAI,CAA2B,CAAC,IAAI,IAAI,SAAS,CAAC;QAC5D,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,oCAAoC,IAAI,2EAA2E,CACxJ,CAAC;IACJ,CAAC;IACD,IAAI,MAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAuB,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,4DAA4D,CACjG,CAAC;IACJ,CAAC;IACD,MAAM,UAAU,GAAG,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IACtE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,8DAA8D,CACnG,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAU,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC;QAAE,OAAO;IAErD,sEAAsE;IACtE,sEAAsE;IACtE,0EAA0E;IAC1E,0EAA0E;IAC1E,sEAAsE;IACtE,wEAAwE;IACxE,2EAA2E;IAC3E,2BAA2B;IAC3B,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,gBAAgB,GACpB,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC;QAC1B,QAAQ,GAAG,CAAC;QACZ,QAAQ,KAAK,UAAU,CAAC,WAAW,CAAC,GAAG,CAAC;QACxC,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACnC,IACE,gBAAgB;QAChB,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC5B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC,EAC5D,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,IAAI,KAAK,CACb,4CAA4C,aAAa,2BAA2B,UAAU,6DAA6D,CAC5J,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAmB;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzC,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,yBAAyB;IACrD,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO,CAAC,CAAC,CAAC,UAAU;AACtB,CAAC;AAED,SAAS,aAAa,CAAC,IAAmB;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzC,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAC9C,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC1C,CAAC;IAEF,wEAAwE;IACxE,2EAA2E;IAC3E,wEAAwE;IACxE,yEAAyE;IACzE,IAAI,KAAK,IAAI,GAAG,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO;QAAE,OAAO,MAAM,CAAC;IAC5D,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,SAAS,CAAC,CAAC,qDAAqD;IACzF,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,SAAS,CAAC;IACnC,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "ai-trust",
-  "version": "0.7.0",
+  "version": "0.7.1",
   "description": "Trust verification CLI for AI packages — check MCP servers, A2A agents, AI tools, and LLMs before you install",
   "homepage": "https://opena2a.org/ai-trust",
   "repository": {
@@ -22,7 +22,8 @@
     "lint": "tsc --noEmit",
     "test": "vitest run",
     "test:watch": "vitest",
-    "test:coverage": "vitest run --coverage"
+    "test:coverage": "vitest run --coverage",
+    "release-smoke:corpus": "tsx scripts/release-smoke-corpus.ts"
   },
   "keywords": [
     "ai",
@@ -51,7 +52,10 @@
     "hackmyagent": "^0.17.1"
   },
   "devDependencies": {
+    "@types/js-yaml": "^4.0.9",
     "@types/node": "^20.11.0",
+    "js-yaml": "^4.1.0",
+    "tsx": "^4.21.0",
     "typescript": "^5.3.0",
     "vitest": "^3.0.0"
   },