ai-trust 0.7.0 → 0.7.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +119 -111
- package/dist/commands/check.d.ts.map +1 -1
- package/dist/commands/check.js +36 -1
- package/dist/commands/check.js.map +1 -1
- package/dist/index.js +14 -1
- package/dist/index.js.map +1 -1
- package/dist/scanner/index.d.ts +18 -0
- package/dist/scanner/index.d.ts.map +1 -1
- package/dist/scanner/index.js +106 -1
- package/dist/scanner/index.js.map +1 -1
- package/package.json +7 -3
package/README.md
CHANGED
|
@@ -1,99 +1,106 @@
|
|
|
1
|
-
> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent)
|
|
2
1
|
# ai-trust
|
|
3
2
|
|
|
4
|
-
|
|
3
|
+
> **[OpenA2A](https://github.com/opena2a-org/opena2a)**: [CLI](https://github.com/opena2a-org/opena2a) · [HackMyAgent](https://github.com/opena2a-org/hackmyagent) · [Secretless](https://github.com/opena2a-org/secretless-ai) · [AIM](https://github.com/opena2a-org/agent-identity-management) · [Browser Guard](https://github.com/opena2a-org/AI-BrowserGuard) · [DVAA](https://github.com/opena2a-org/damn-vulnerable-ai-agent)
|
|
5
4
|
|
|
6
|
-
|
|
5
|
+
Trust verification CLI for AI packages. MCP servers, A2A agents, skills, AI tools, LLMs. Queries the OpenA2A Registry trust graph for security scans, community consensus, dependency risk, and known advisories. Apache 2.0.
|
|
7
6
|
|
|
8
|
-
[](https://opensource.org/licenses/Apache-2.0)
|
|
9
7
|
[](https://www.npmjs.com/package/ai-trust)
|
|
8
|
+
[](https://opensource.org/licenses/Apache-2.0)
|
|
9
|
+
[](https://github.com/opena2a-org/ai-trust)
|
|
10
10
|
|
|
11
|
-
|
|
11
|
+
[Website](https://opena2a.org/ai-trust) · [Registry](https://registry.opena2a.org) · [Discord](https://discord.gg/uRZa3KXgEn)
|
|
12
12
|
|
|
13
|
-
|
|
14
|
-
brew install opena2a-org/tap/ai-trust
|
|
15
|
-
```
|
|
13
|
+
For general-purpose libraries (express, typescript, chalk, etc.) use [HackMyAgent](https://github.com/opena2a-org/hackmyagent) instead. ai-trust is scoped to AI-native packages only.
|
|
16
14
|
|
|
17
|
-
|
|
15
|
+
## Quick start
|
|
18
16
|
|
|
19
17
|
```bash
|
|
20
|
-
|
|
18
|
+
npx ai-trust check @modelcontextprotocol/server-filesystem
|
|
21
19
|
```
|
|
22
20
|
|
|
23
|
-
|
|
21
|
+
```
|
|
22
|
+
@modelcontextprotocol/server-filesystem mcp_server · scanned 2 days ago
|
|
23
|
+
No known issues
|
|
24
24
|
|
|
25
|
-
|
|
26
|
-
|
|
25
|
+
Trust ━━━━━━━━━━━━━━━━━━━━ 87/100
|
|
26
|
+
Level Scanned (3/4)
|
|
27
|
+
Blocked > Warning > Listed > Scanned > Verified
|
|
28
|
+
|
|
29
|
+
── Next Steps ──────────────────────────────────────────────
|
|
30
|
+
Fresh scan: ai-trust check @modelcontextprotocol/server-filesystem
|
|
31
|
+
Full project audit: ai-trust audit package.json
|
|
27
32
|
```
|
|
28
33
|
|
|
29
|
-
|
|
34
|
+
|
|
35
|
+
|
|
36
|
+
## Install
|
|
37
|
+
|
|
38
|
+
### npm
|
|
30
39
|
|
|
31
40
|
```bash
|
|
32
|
-
npx
|
|
41
|
+
npx ai-trust check <pkg> # run once, no install
|
|
42
|
+
npm install -g ai-trust # install globally
|
|
33
43
|
```
|
|
34
44
|
|
|
35
|
-
|
|
45
|
+
Requires Node.js 18 or later.
|
|
46
|
+
|
|
47
|
+
### Homebrew
|
|
36
48
|
|
|
37
49
|
```bash
|
|
38
|
-
|
|
50
|
+
brew install opena2a-org/tap/ai-trust
|
|
39
51
|
```
|
|
40
52
|
|
|
41
|
-
|
|
53
|
+
### From source
|
|
42
54
|
|
|
55
|
+
```bash
|
|
56
|
+
git clone https://github.com/opena2a-org/ai-trust.git
|
|
57
|
+
cd ai-trust
|
|
58
|
+
npm install
|
|
59
|
+
npm run build
|
|
60
|
+
node dist/index.js check express
|
|
43
61
|
```
|
|
44
|
-
@modelcontextprotocol/server-filesystem mcp_server · scanned 2 days ago
|
|
45
|
-
No known issues
|
|
46
62
|
|
|
47
|
-
|
|
48
|
-
Level Scanned (3/4)
|
|
49
|
-
Blocked > Warning > Listed > Scanned > Verified
|
|
63
|
+
### Verifying what was installed
|
|
50
64
|
|
|
51
|
-
|
|
52
|
-
|
|
53
|
-
|
|
65
|
+
Every release publishes via npm Trusted Publishing with SLSA v1 provenance. No long-lived `NPM_TOKEN`. GitHub Actions exchanges its OIDC token with npm at publish time.
|
|
66
|
+
|
|
67
|
+
```bash
|
|
68
|
+
npm view ai-trust dist.attestations --json
|
|
69
|
+
# Expects non-empty result with predicateType "https://slsa.dev/provenance/v1"
|
|
54
70
|
```
|
|
55
71
|
|
|
56
72
|
## Scope: AI packages only
|
|
57
73
|
|
|
58
|
-
ai-trust verifies trust for
|
|
74
|
+
ai-trust verifies trust for AI-native packages. For everything else, use HMA.
|
|
59
75
|
|
|
60
76
|
| Your package is... | Use |
|
|
61
77
|
|---|---|
|
|
62
|
-
| MCP server
|
|
78
|
+
| MCP server, A2A agent, skill, AI tool, LLM | `ai-trust` |
|
|
63
79
|
| General-purpose library (express, chalk, typescript, etc.) | `hackmyagent check <pkg>` |
|
|
64
80
|
| Full codebase security audit | `hackmyagent secure .` |
|
|
65
81
|
|
|
66
82
|
`ai-trust audit package.json` audits AI packages in the trust table and separately lists libraries in an "Out of scope" section with an HMA pointer.
|
|
67
83
|
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
## Built-in Help
|
|
71
|
-
|
|
72
|
-
```bash
|
|
73
|
-
ai-trust --help # All commands and flags
|
|
74
|
-
ai-trust --version # Current version
|
|
75
|
-
ai-trust [command] -h # Help for a specific command
|
|
76
|
-
```
|
|
77
|
-
|
|
78
|
-
---
|
|
84
|
+
Running `ai-trust check express` on a general-purpose library returns an "out of scope" verdict with a redirect to `hackmyagent check express`. Intentional. ai-trust is for AI packages only.
|
|
79
85
|
|
|
80
86
|
## Commands
|
|
81
87
|
|
|
82
|
-
### check
|
|
88
|
+
### `check`
|
|
83
89
|
|
|
84
90
|
Look up the trust verdict for a single AI package.
|
|
85
91
|
|
|
86
92
|
```bash
|
|
87
93
|
ai-trust check @modelcontextprotocol/server-filesystem
|
|
88
94
|
ai-trust check my-custom-agent --type a2a_agent
|
|
89
|
-
ai-trust check @modelcontextprotocol/server-postgres --json
|
|
95
|
+
ai-trust check @modelcontextprotocol/server-postgres --json
|
|
96
|
+
ai-trust check mcp-server-xyz --scan-if-missing --contribute # download + scan + share
|
|
97
|
+
ai-trust check server-filesystem --no-scan # registry lookup only
|
|
98
|
+
ai-trust check /path/to/local --scan-path /path/to/local # scan a local directory
|
|
90
99
|
```
|
|
91
100
|
|
|
92
|
-
|
|
93
|
-
|
|
94
|
-
### MCP Server Trust
|
|
101
|
+
Flags: `--type`, `--scan-if-missing`, `--contribute`, `--no-scan`, `--no-deep`, `--scan-path`, `--json`.
|
|
95
102
|
|
|
96
|
-
MCP
|
|
103
|
+
### MCP server shorthand
|
|
97
104
|
|
|
98
105
|
```bash
|
|
99
106
|
# These are equivalent:
|
|
@@ -106,29 +113,28 @@ ai-trust check @supabase/mcp-server-supabase
|
|
|
106
113
|
ai-trust check @cloudflare/mcp-server-cloudflare
|
|
107
114
|
```
|
|
108
115
|
|
|
109
|
-
|
|
116
|
+
`server-*` resolves to `@modelcontextprotocol/server-*`. Third-party `mcp-server-*` packages are looked up by their actual name.
|
|
110
117
|
|
|
111
|
-
|
|
118
|
+
### Scan on demand
|
|
112
119
|
|
|
113
|
-
When a package is not in the registry, ai-trust can download and scan it locally using [HackMyAgent](https://github.com/opena2a-org/hackmyagent). In interactive mode, you
|
|
120
|
+
When a package is not in the registry, ai-trust can download and scan it locally using [HackMyAgent](https://github.com/opena2a-org/hackmyagent). In interactive mode, you are prompted. In CI:
|
|
114
121
|
|
|
115
122
|
```bash
|
|
116
|
-
|
|
117
|
-
ai-trust check
|
|
118
|
-
|
|
119
|
-
# Registry lookup only (skip local scan)
|
|
120
|
-
ai-trust check server-filesystem --no-scan
|
|
123
|
+
ai-trust check mcp-server-xyz --scan-if-missing --contribute # auto-scan + share
|
|
124
|
+
ai-trust check server-filesystem --no-scan # skip scanning entirely
|
|
121
125
|
```
|
|
122
126
|
|
|
123
|
-
|
|
127
|
+
Local scans run HMA with NanoMind semantic analysis enabled by default. Pass `--no-deep` for static-only.
|
|
128
|
+
|
|
129
|
+
### `audit`
|
|
124
130
|
|
|
125
|
-
Parse dependency files and audit AI packages. Supports
|
|
131
|
+
Parse dependency files and audit AI packages. Supports `.json` (package.json format) and `.txt` (requirements.txt format). Libraries get partitioned into an "Out of scope" section.
|
|
126
132
|
|
|
127
133
|
```bash
|
|
128
134
|
ai-trust audit package.json
|
|
129
135
|
ai-trust audit requirements.txt
|
|
130
|
-
ai-trust audit package.json --min-trust 2
|
|
131
|
-
ai-trust audit package.json --scan-missing --contribute
|
|
136
|
+
ai-trust audit package.json --min-trust 2 # custom threshold (default 3)
|
|
137
|
+
ai-trust audit package.json --scan-missing --contribute # scan unknown AI packages
|
|
132
138
|
```
|
|
133
139
|
|
|
134
140
|
Example output (mixed AI + libraries):
|
|
@@ -139,7 +145,7 @@ Example output (mixed AI + libraries):
|
|
|
139
145
|
PACKAGE TYPE VERDICT TRUST SCORE SCAN
|
|
140
146
|
──────────────────────────────────────────────────────────────────────────────────────
|
|
141
147
|
@modelcontextprotocol/sdk mcp_server SAFE Scanned ━━━━━━━━ 87 passed
|
|
142
|
-
@opena2a/aim-core a2a_agent
|
|
148
|
+
@opena2a/aim-core a2a_agent SAFE Scanned ━━━━━━━━ 81 passed
|
|
143
149
|
...
|
|
144
150
|
|
|
145
151
|
── Out of scope (libraries) ────────────────────────────────
|
|
@@ -150,97 +156,99 @@ Example output (mixed AI + libraries):
|
|
|
150
156
|
Library security: npx hackmyagent secure .
|
|
151
157
|
```
|
|
152
158
|
|
|
153
|
-
### batch
|
|
159
|
+
### `batch`
|
|
154
160
|
|
|
155
161
|
Look up trust verdicts for multiple AI packages at once. Non-AI packages get partitioned into the "Out of scope" footer.
|
|
156
162
|
|
|
157
163
|
```bash
|
|
158
164
|
ai-trust batch @modelcontextprotocol/server-filesystem @modelcontextprotocol/server-postgres
|
|
159
165
|
ai-trust batch my-server-a my-server-b --type mcp_server
|
|
166
|
+
ai-trust batch react vue express lodash chalk
|
|
160
167
|
```
|
|
161
168
|
|
|
162
|
-
|
|
169
|
+
Flags: `--type`, `--min-trust`.
|
|
163
170
|
|
|
164
|
-
## Output
|
|
171
|
+
## Output options
|
|
165
172
|
|
|
166
173
|
```bash
|
|
167
|
-
ai-trust check express --json
|
|
168
|
-
ai-trust audit package.json --json
|
|
169
|
-
ai-trust check express --no-color
|
|
170
|
-
ai-trust check express --registry-url http://localhost:8080
|
|
171
|
-
```
|
|
172
|
-
|
|
173
|
-
---
|
|
174
|
-
|
|
175
|
-
## Community Contribution
|
|
176
|
-
|
|
177
|
-
Every scan you run can improve trust data for the entire community. Scan results are shared as anonymized telemetry (check pass/fail and severity only -- no file paths, source code, or descriptions).
|
|
178
|
-
|
|
179
|
-
On first scan, ai-trust asks whether you want to contribute. Your choice is saved in `~/.opena2a/config.json` and shared across all OpenA2A tools (opena2a-cli, hackmyagent).
|
|
180
|
-
|
|
181
|
-
```bash
|
|
182
|
-
# Contribute for this scan (non-interactive / CI)
|
|
183
|
-
ai-trust check chalk --contribute
|
|
184
|
-
|
|
185
|
-
# Configure globally via opena2a-cli
|
|
186
|
-
opena2a config set contribute true # opt in
|
|
187
|
-
opena2a config set contribute false # opt out
|
|
174
|
+
ai-trust check express --json # JSON output for scripting
|
|
175
|
+
ai-trust audit package.json --json # JSON audit output
|
|
176
|
+
ai-trust check express --no-color # disable colored output
|
|
177
|
+
ai-trust check express --registry-url http://localhost:8080 # custom registry endpoint
|
|
188
178
|
```
|
|
189
179
|
|
|
190
|
-
|
|
191
|
-
|
|
192
|
-
---
|
|
193
|
-
|
|
194
|
-
## Trust Levels
|
|
180
|
+
## Trust levels
|
|
195
181
|
|
|
196
182
|
| Level | Label | Description |
|
|
197
|
-
|
|
183
|
+
|---|---|---|
|
|
198
184
|
| 0 | Blocked | Package is blocked due to security concerns |
|
|
199
185
|
| 1 | Warning | Package has known issues |
|
|
200
186
|
| 2 | Listed | Package is listed but not yet scanned |
|
|
201
187
|
| 3 | Scanned | Package has been scanned by HackMyAgent |
|
|
202
188
|
| 4 | Verified | Package is verified by the publisher |
|
|
203
189
|
|
|
204
|
-
## Exit
|
|
190
|
+
## Exit codes
|
|
205
191
|
|
|
206
192
|
| Code | Meaning |
|
|
207
|
-
|
|
208
|
-
| 0 | All queried packages are safe
|
|
193
|
+
|---|---|
|
|
194
|
+
| 0 | All queried packages are safe and meet the trust threshold |
|
|
209
195
|
| 1 | Operational error (network failure, file not found, server error) |
|
|
210
|
-
| 2 | Policy signal: one or more packages have warning
|
|
196
|
+
| 2 | Policy signal: one or more packages have warning or blocked verdict, or fall below `--min-trust` |
|
|
211
197
|
|
|
212
|
-
|
|
198
|
+
## Community contribution
|
|
213
199
|
|
|
214
|
-
|
|
200
|
+
Every scan you run can improve trust data for the entire community. Scan results are shared as anonymised telemetry: check pass/fail and severity only. No file paths, source code, or descriptions.
|
|
215
201
|
|
|
216
|
-
-
|
|
217
|
-
- [HackMyAgent](https://github.com/opena2a-org/hackmyagent) (optional, required for local scanning)
|
|
202
|
+
On first scan, ai-trust asks whether you want to contribute. Your choice is saved in `~/.opena2a/config.json` and shared across all OpenA2A tools (`opena2a-cli`, `hackmyagent`).
|
|
218
203
|
|
|
219
|
-
|
|
204
|
+
```bash
|
|
205
|
+
ai-trust check chalk --contribute # contribute for this scan (non-interactive / CI)
|
|
206
|
+
opena2a config set contribute true # opt in globally
|
|
207
|
+
opena2a config set contribute false # opt out globally
|
|
208
|
+
```
|
|
209
|
+
|
|
210
|
+
More scans contributed means packages move from "Listed" to "Scanned" faster, reducing risk for everyone.
|
|
211
|
+
|
|
212
|
+
## Using with opena2a-cli
|
|
213
|
+
|
|
214
|
+
[`opena2a-cli`](https://github.com/opena2a-org/opena2a) is the unified CLI for the OpenA2A security toolchain. ai-trust powers `opena2a trust`.
|
|
220
215
|
|
|
221
216
|
```bash
|
|
222
|
-
|
|
223
|
-
|
|
224
|
-
|
|
217
|
+
npm install -g opena2a-cli
|
|
218
|
+
opena2a trust @modelcontextprotocol/server-filesystem
|
|
219
|
+
opena2a review # full security dashboard
|
|
225
220
|
```
|
|
226
221
|
|
|
227
|
-
## Use
|
|
222
|
+
## Use cases
|
|
228
223
|
|
|
229
|
-
|
|
224
|
+
| Guide | Time |
|
|
225
|
+
|---|---|
|
|
226
|
+
| [Check if a package is safe before installing](docs/use-cases/check-before-install.md) | 2 min |
|
|
227
|
+
| [Verify an MCP server's trust score](docs/use-cases/check-mcp-server.md) | 3 min |
|
|
228
|
+
| [Contribute trust data to the community](docs/use-cases/contribute-scans.md) | 3 min |
|
|
229
|
+
|
|
230
|
+
Full index: [docs/USE-CASES.md](docs/USE-CASES.md).
|
|
231
|
+
|
|
232
|
+
## Contributing
|
|
233
|
+
|
|
234
|
+
Apache 2.0. PRs from outside the org welcome.
|
|
230
235
|
|
|
231
|
-
|
|
232
|
-
|
|
233
|
-
-
|
|
236
|
+
```bash
|
|
237
|
+
git clone https://github.com/opena2a-org/ai-trust.git
|
|
238
|
+
cd ai-trust && npm install && npm run build && npm test
|
|
239
|
+
```
|
|
234
240
|
|
|
235
|
-
|
|
241
|
+
Security issues: `security@opena2a.org` (coordinated disclosure, response within 24 hours).
|
|
236
242
|
|
|
237
243
|
## Links
|
|
238
244
|
|
|
239
|
-
- [
|
|
240
|
-
- [OpenA2A
|
|
241
|
-
- [
|
|
242
|
-
- [
|
|
245
|
+
- [Website](https://opena2a.org/ai-trust)
|
|
246
|
+
- [OpenA2A Registry](https://registry.opena2a.org). Trust scores and scan data.
|
|
247
|
+
- [OpenA2A CLI](https://github.com/opena2a-org/opena2a). Unified security CLI.
|
|
248
|
+
- [HackMyAgent](https://github.com/opena2a-org/hackmyagent). Local scanning for unverified packages.
|
|
249
|
+
|
|
250
|
+
Part of the [OpenA2A](https://opena2a.org) security platform.
|
|
243
251
|
|
|
244
252
|
## License
|
|
245
253
|
|
|
246
|
-
Apache-2.0
|
|
254
|
+
Apache-2.0.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"check.d.ts","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AA8CzC,wBAAgB,oBAAoB,CAAC,OAAO,EAAE,OAAO,GAAG,IAAI,CAoO3D"}
|
package/dist/commands/check.js
CHANGED
|
@@ -10,7 +10,7 @@ import { RegistryClient, PackageNotFoundError } from "@opena2a/registry-client";
|
|
|
10
10
|
import { formatCheckResult, formatScanResult, formatJson, formatNotFound, } from "../output/formatter.js";
|
|
11
11
|
import { buildNotFoundOutput, translateDownloadError } from "@opena2a/check-core";
|
|
12
12
|
import { resolveAndLog } from "../utils/resolve.js";
|
|
13
|
-
import { isHmaAvailable, scanPackage } from "../scanner/index.js";
|
|
13
|
+
import { isHmaAvailable, scanPackage, scanLocalPath } from "../scanner/index.js";
|
|
14
14
|
import { confirm } from "../utils/prompt.js";
|
|
15
15
|
import { isContributeEnabled, queueScanResult, flushQueue, recordScanAndMaybeShowTip, saveContributeChoice, sendScanPing, } from "../telemetry/index.js";
|
|
16
16
|
import { checkSkillOrMcp, parseRichTarget } from "../check/skill-mcp-check.js";
|
|
@@ -29,8 +29,43 @@ export function registerCheckCommand(program) {
|
|
|
29
29
|
.option("--rescan", "deprecated (local scan is now the default)")
|
|
30
30
|
.option("--no-deep", "disable NanoMind semantic analysis (static checks only)")
|
|
31
31
|
.option("--analm", "AI-powered threat analysis using AnaLM")
|
|
32
|
+
.option("--scan-path <dir>", "scan a local directory directly (skip npm-pack download); used for adversarial-corpus fixtures and on-disk scans")
|
|
32
33
|
.action(async (rawName, opts) => {
|
|
33
34
|
const globalOpts = program.opts();
|
|
35
|
+
// --scan-path: scan a local directory directly. No registry lookup, no
|
|
36
|
+
// download step, no contribution. Used for adversarial-corpus fixtures
|
|
37
|
+
// and any on-disk target. The <name> argument is treated as a label
|
|
38
|
+
// for the result (typically the fixture path).
|
|
39
|
+
if (opts.scanPath) {
|
|
40
|
+
if (!(await isHmaAvailable())) {
|
|
41
|
+
console.error(chalk.red("error: HMA is not available. Install hackmyagent or ensure node_modules/.bin/hackmyagent resolves."));
|
|
42
|
+
process.exit(2);
|
|
43
|
+
}
|
|
44
|
+
let result;
|
|
45
|
+
try {
|
|
46
|
+
result = await scanLocalPath(opts.scanPath, {
|
|
47
|
+
deep: opts.deep ?? true,
|
|
48
|
+
analm: opts.analm ?? false,
|
|
49
|
+
});
|
|
50
|
+
}
|
|
51
|
+
catch (e) {
|
|
52
|
+
const msg = e instanceof Error ? e.message : String(e);
|
|
53
|
+
console.error(chalk.red(`error: ${msg}`));
|
|
54
|
+
console.error(chalk.dim("Fix: pass --scan-path to a directory that exists and is readable."));
|
|
55
|
+
process.exit(2);
|
|
56
|
+
}
|
|
57
|
+
// Override packageName with the user-supplied name so output is
|
|
58
|
+
// labeled clearly when the same fixture is invoked under different
|
|
59
|
+
// names (e.g. release-smoke harness uses surface/intent/fixture).
|
|
60
|
+
result.packageName = rawName;
|
|
61
|
+
if (globalOpts.json) {
|
|
62
|
+
console.log(JSON.stringify(result, null, 2));
|
|
63
|
+
}
|
|
64
|
+
else {
|
|
65
|
+
console.log(formatScanResult(result));
|
|
66
|
+
}
|
|
67
|
+
return;
|
|
68
|
+
}
|
|
34
69
|
// Rich-block dispatch (skill: / mcp: prefix). Mirrors HMA's
|
|
35
70
|
// src/check/ module for parity F12 / F13. When the registry
|
|
36
71
|
// has a fresh narrative, render the rich block and exit.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhF,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,EACV,cAAc,GACf,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAElE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,EACzB,oBAAoB,EACpB,YAAY,GACb,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAC1C,MAAM,gBAAgB,GAAW,GAAG,CAAC,OAAO,CAAC;AAgB7C,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,gDAAgD,CAAC;SAC7D,MAAM,CACL,mBAAmB,EACnB,4DAA4D,CAC7D;SACA,MAAM,CACL,mBAAmB,EACnB,sDAAsD,CACvD;SACA,MAAM,CACL,cAAc,EACd,oDAAoD,CACrD;SACA,MAAM,CAAC,WAAW,EAAE,uCAAuC,CAAC;SAC5D,MAAM,CAAC,UAAU,EAAE,4CAA4C,CAAC;SAChE,MAAM,CACL,WAAW,EACX,yDAAyD,CAC1D;SACA,MAAM,CACL,SAAS,EACT,wCAAwC,CACzC;SACA,MAAM,CAAC,KAAK,EAAE,OAAe,EAAE,IAAkB,EAAE,EAAE;QACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAG9B,CAAC;QAEF,4DAA4D;QAC5D,4DAA4D;QAC5D,yDAAyD;QACzD,0DAA0D;QAC1D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC;gBACpC,OAAO,EAAE,UAAU,CAAC,WAAW;gBAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;aAC1C,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;gBACnC,MAAM;gBACN,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,MAAM,EAAE,UAAU;gBAClB,SAAS,EAAE,YAAY,gBAAgB,EAAE;gBACzC,UAAU,EAAE,UAAU;gBACtB,MAAM,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI;gBACzB,OAAO,EAAE;oBACP,KAAK,EAAE,MAAM;oBACb,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB;aACF,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACpB,IAAI,UAAU,CAAC,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACrD,CAAC;gBACD,OAAO;YACT,CAAC;YACD,gEAAgE;YAChE,4DAA4D;YAC5D,+DAA+D;YAC/D,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,CAAC;QAED,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,UAAU,CAAC,WAAW;YAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QAEH,yDAAyD;QACzD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC,CAAC;QAC7F,CAAC;QAED,8CAA8C;QAC9C,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACxD,mEAAmE;gBACnE,2CAA2C;gBAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;gBACtE,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;oBACzB,+DAA+D;oBAC/D,+DAA+D;oBAC/D,qBAAqB,CAAC,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;oBAC/C,iEAAiE;oBACjE,4DAA4D;oBAC5D,gDAAgD;oBAChD,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;wBACpC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;oBACvB,CAAC;oBACD,OAAO;gBACT,CAAC;gBACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBAClC,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;gBACzC,CAAC;gBACD,IACE,MAAM,CAAC,KAAK;oBACZ,CAAC,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,IAAI,MAAM,CAAC,OAAO,KAAK,QAAQ,CAAC,EAC9H,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,oBAAoB,EAAE,CAAC;oBACxC,6DAA6D;oBAC7D,yDAAyD;oBACzD,2DAA2D;oBAC3D,8DAA8D;oBAC9D,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC;oBACzC,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;wBAC7B,qBAAqB,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;wBAC7C,OAAO,CAAC,SAAS;oBACnB,CAAC;oBACD,oBAAoB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACjE,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;wBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;4BACzC,IAAI;4BACJ,SAAS,EAAE,KAAK;4BAChB,KAAK,EAAE,OAAO;yBACf,CAAC,CAAC,CAAC,CAAC;oBACP,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;oBACrC,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,qEAAqE;QACrE,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,uEAAuE;QACvE,qEAAqE;QACrE,mEAAmE;QACnE,4DAA4D;QAC5D,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAChE,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;YAC9E,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;gBACzB,qBAAqB,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;gBACvD,4DAA4D;gBAC5D,IAAI,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;gBACD,OAAO;YACT,CAAC;YACD,qDAAqD;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,CAAC,GAAG,YAAY,oBAAoB,CAAC,EAAE,CAAC;gBAC3C,0EAA0E;gBAC1E,wEAAwE;gBACxE,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,6BAA6B,OAAO,gCAAgC,CAAC,CAAC,CAAC;YACjG,CAAC;YACD,sEAAsE;YACtE,kEAAkE;YAClE,sEAAsE;YACtE,sEAAsE;QACxE,CAAC;QAED,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,IAAI,EACJ,YAAY,IAAI,KAAK,CACtB,CAAC;IACJ,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,8CAA8C;IAC9C,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAC7B,YAAY,IAAI,sCAAsC,CACvD,CAAC;QACF,OAAO;IACT,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;gBAC7D,SAAS,EAAE;oBACT,kBAAkB,IAAI,oBAAoB;oBAC1C,sCAAsC;iBACvC;aACF,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,YAAY,IAAI,wCAAwC,CAAC,CAAC;YACxE,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,sBAAsB,IAAI,oBAAoB,CAAC,CAAC;YAC9D,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,iCAAiC;IACjC,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,sCAAsC,CAAC,CACnE,CAAC;IAEF,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC;IAC1E,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC;AAC/F,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB,EAClB,aAAqB;IAErB,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAEzC,IAAI,UAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACzD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;oBACzC,IAAI;oBACJ,SAAS,EAAE,KAAK;oBAChB,KAAK,EAAE,OAAO;oBACd,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CAAC,CAAC,CAAC;YACP,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,cAAc,CAAC;oBACb,GAAG,EAAE,IAAI;oBACT,SAAS,EAAE,KAAK;oBAChB,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CACH,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IACtC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,2EAA2E;IAC3E,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,mFAAmF;IACnF,8EAA8E;IAC9E,YAAY,CACV,IAAI,EACJ,UAAU,CAAC,OAAO,EAClB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,EACvC,UAAU,CAAC,WAAW,CACvB,CAAC;IAEF,8BAA8B;IAC9B,MAAM,gBAAgB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,qBAAqB,GAAG,KAAK,CAAC;AAElC,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,UAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,EAAE,KAAK,IAAI,CAAC;IAEzE,6EAA6E;IAC7E,mEAAmE;IACnE,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,cAAc,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACxB,kEAAkE;YAClE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,4DAA4D,CAAC,CACzE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAClE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,uDAAuD,CAAC,CACpE,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,YAAY,GAAG,MAAM,OAAO,CAChC,qCAAqC,EACrC,IAAI,CACL,CAAC;YAEF,2CAA2C;YAC3C,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAEnC,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,yEAAyE,CAAC,CACtF,CAAC;gBACF,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBACxF,OAAO;YACT,CAAC;QACH,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,wEAAwE,CACzE,CACF,CAAC;gBACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,sBAAsB,IAAI,iCAAiC,CAC5D,CACF,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,cAAc;QAAE,OAAO;IAE5B,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;AAC1F,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,UAAsB,EACtB,WAAmB,EACnB,IAAwB;IAExB,IAAI,CAAC;QACH,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,KAAK,CAAC,uEAAuE,CAAC,CACrF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;IAED,kFAAkF;IAClF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC;YACpC,IAAI;YACJ,IAAI,EAAE,IAAI,EAAE,IAAI;YAChB,KAAK,EAAE,UAAU,CAAC,IAAI,CAAC,KAAK;YAC5B,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ;YAClC,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,gBAAgB;YAC7B,OAAO,EAAE,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACvG,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE;gBACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;aAC3B,CAAC,CAAC;YACH,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,WAAW;YACxC,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACxC,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAC3B,IAAY,EACZ,UAAkD;IAElD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;YACzC,IAAI;YACJ,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;YAC7D,SAAS,EAAE;gBACT,kBAAkB,IAAI,oBAAoB;gBAC1C,sCAAsC;aACvC;SACF,CAAC,CAAC,CAAC,CAAC;IACP,CAAC;SAAM,CAAC;QACN,yFAAyF;QACzF,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,SAAS,GAAG,MAAM,cAAc,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CAAC,OAAgB;IACvC,OAAO,CACL,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,UAAU;QACtB,OAAO,KAAK,QAAQ,CACrB,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,MAAmB,EAAE,MAAe;IACjE,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,GAAG,MAAM;YACT,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,gDAAgD;YAClE,SAAS,EAAE,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC;SAChD,CAAC,CAAC,CAAC;QACJ,OAAO;IACT,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,EAAE,CACpF,CAAC;IACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mEAAmE,CAAC,EAAE,CACjI,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;IACvE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,IAAY,EAAE,MAAe;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,IAAI;YACJ,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,kEAAkE;YACpF,SAAS,EAAE,CAAC,qBAAqB,IAAI,EAAE,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,sCAAsC,CAAC,EAAE,CACpF,CAAC;QACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mFAAmF,CAAC,EAAE,CACjJ,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACnE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"check.js","sourceRoot":"","sources":["../../src/commands/check.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EAAE,QAAQ,EAAE,MAAM,wBAAwB,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAEhF,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,UAAU,EACV,cAAc,GACf,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,mBAAmB,EAAE,sBAAsB,EAAE,MAAM,qBAAqB,CAAC;AAClF,OAAO,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AACpD,OAAO,EAAE,cAAc,EAAE,WAAW,EAAE,aAAa,EAAE,MAAM,qBAAqB,CAAC;AAEjF,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EACL,mBAAmB,EACnB,eAAe,EACf,UAAU,EACV,yBAAyB,EACzB,oBAAoB,EACpB,YAAY,GACb,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,MAAM,6BAA6B,CAAC;AAC/E,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;AAC1C,MAAM,gBAAgB,GAAW,GAAG,CAAC,OAAO,CAAC;AAkB7C,MAAM,UAAU,oBAAoB,CAAC,OAAgB;IACnD,OAAO;SACJ,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,gDAAgD,CAAC;SAC7D,MAAM,CACL,mBAAmB,EACnB,4DAA4D,CAC7D;SACA,MAAM,CACL,mBAAmB,EACnB,sDAAsD,CACvD;SACA,MAAM,CACL,cAAc,EACd,oDAAoD,CACrD;SACA,MAAM,CAAC,WAAW,EAAE,uCAAuC,CAAC;SAC5D,MAAM,CAAC,UAAU,EAAE,4CAA4C,CAAC;SAChE,MAAM,CACL,WAAW,EACX,yDAAyD,CAC1D;SACA,MAAM,CACL,SAAS,EACT,wCAAwC,CACzC;SACA,MAAM,CACL,mBAAmB,EACnB,kHAAkH,CACnH;SACA,MAAM,CAAC,KAAK,EAAE,OAAe,EAAE,IAAkB,EAAE,EAAE;QACpD,MAAM,UAAU,GAAG,OAAO,CAAC,IAAI,EAG9B,CAAC;QAEF,uEAAuE;QACvE,uEAAuE;QACvE,oEAAoE;QACpE,+CAA+C;QAC/C,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAClB,IAAI,CAAC,CAAC,MAAM,cAAc,EAAE,CAAC,EAAE,CAAC;gBAC9B,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CAAC,oGAAoG,CAAC,CAChH,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,IAAI,MAAM,CAAC;YACX,IAAI,CAAC;gBACH,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,QAAQ,EAAE;oBAC1C,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI;oBACvB,KAAK,EAAE,IAAI,CAAC,KAAK,IAAI,KAAK;iBAC3B,CAAC,CAAC;YACL,CAAC;YAAC,OAAO,CAAC,EAAE,CAAC;gBACX,MAAM,GAAG,GAAG,CAAC,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;gBACvD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,GAAG,EAAE,CAAC,CAAC,CAAC;gBAC1C,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,GAAG,CACP,mEAAmE,CACpE,CACF,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAClB,CAAC;YACD,gEAAgE;YAChE,mEAAmE;YACnE,kEAAkE;YAClE,MAAM,CAAC,WAAW,GAAG,OAAO,CAAC;YAC7B,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/C,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,CAAC;YACxC,CAAC;YACD,OAAO;QACT,CAAC;QAED,4DAA4D;QAC5D,4DAA4D;QAC5D,yDAAyD;QACzD,0DAA0D;QAC1D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,MAAM,UAAU,GAAG,IAAI,cAAc,CAAC;gBACpC,OAAO,EAAE,UAAU,CAAC,WAAW;gBAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;aAC1C,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,eAAe,CAAC;gBACnC,MAAM;gBACN,WAAW,EAAE,UAAU,CAAC,WAAW;gBACnC,MAAM,EAAE,UAAU;gBAClB,SAAS,EAAE,YAAY,gBAAgB,EAAE;gBACzC,UAAU,EAAE,UAAU;gBACtB,MAAM,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI;gBACzB,OAAO,EAAE;oBACP,KAAK,EAAE,MAAM;oBACb,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,IAAI,EAAE,KAAK,CAAC,IAAI;oBAChB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,KAAK,EAAE,KAAK,CAAC,KAAK;oBAClB,MAAM,EAAE,KAAK,CAAC,MAAM;oBACpB,GAAG,EAAE,KAAK,CAAC,GAAG;oBACd,SAAS,EAAE,KAAK,CAAC,SAAS;oBAC1B,IAAI,EAAE,KAAK,CAAC,IAAI;iBACjB;aACF,CAAC,CAAC;YACH,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBACpB,IAAI,UAAU,CAAC,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;oBACpC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBACrD,CAAC;gBACD,OAAO;YACT,CAAC;YACD,gEAAgE;YAChE,4DAA4D;YAC5D,+DAA+D;YAC/D,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;QACxB,CAAC;QAED,MAAM,IAAI,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC;QACpC,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,UAAU,CAAC,WAAW;YAC/B,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QAEH,yDAAyD;QACzD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;YAChB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC,CAAC;QAC7F,CAAC;QAED,8CAA8C;QAC9C,IAAI,IAAI,CAAC,IAAI,KAAK,KAAK,EAAE,CAAC;YACxB,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;gBACxD,mEAAmE;gBACnE,2CAA2C;gBAC3C,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;gBACtE,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;oBACzB,+DAA+D;oBAC/D,+DAA+D;oBAC/D,qBAAqB,CAAC,MAAM,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;oBAC/C,iEAAiE;oBACjE,4DAA4D;oBAC5D,gDAAgD;oBAChD,IAAI,eAAe,CAAC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC;wBACpC,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;oBACvB,CAAC;oBACD,OAAO;gBACT,CAAC;gBACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;oBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;gBAClC,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,CAAC;gBACzC,CAAC;gBACD,IACE,MAAM,CAAC,KAAK;oBACZ,CAAC,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,MAAM,CAAC,OAAO,KAAK,UAAU,IAAI,MAAM,CAAC,OAAO,KAAK,QAAQ,CAAC,EAC9H,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAAC,OAAO,GAAG,EAAE,CAAC;gBACb,IAAI,GAAG,YAAY,oBAAoB,EAAE,CAAC;oBACxC,6DAA6D;oBAC7D,yDAAyD;oBACzD,2DAA2D;oBAC3D,8DAA8D;oBAC9D,MAAM,QAAQ,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC;oBACzC,IAAI,QAAQ,KAAK,WAAW,EAAE,CAAC;wBAC7B,qBAAqB,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;wBAC7C,OAAO,CAAC,SAAS;oBACnB,CAAC;oBACD,oBAAoB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;gBACzC,CAAC;qBAAM,CAAC;oBACN,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;oBACjE,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;wBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;4BACzC,IAAI;4BACJ,SAAS,EAAE,KAAK;4BAChB,KAAK,EAAE,OAAO;yBACf,CAAC,CAAC,CAAC,CAAC;oBACP,CAAC;yBAAM,CAAC;wBACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;oBACrC,CAAC;oBACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YACD,OAAO;QACT,CAAC;QAED,qEAAqE;QACrE,qEAAqE;QACrE,mEAAmE;QACnE,iDAAiD;QACjD,EAAE;QACF,uEAAuE;QACvE,qEAAqE;QACrE,mEAAmE;QACnE,4DAA4D;QAC5D,IAAI,CAAC;YACH,MAAM,cAAc,GAAG,MAAM,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,IAAI,CAAC,CAAC;YAChE,MAAM,IAAI,GAAG,QAAQ,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,cAAc,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC;YAC9E,IAAI,IAAI,KAAK,WAAW,EAAE,CAAC;gBACzB,qBAAqB,CAAC,cAAc,EAAE,UAAU,CAAC,IAAI,CAAC,CAAC;gBACvD,4DAA4D;gBAC5D,IAAI,eAAe,CAAC,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC5C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;gBACvB,CAAC;gBACD,OAAO;YACT,CAAC;YACD,qDAAqD;QACvD,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,IAAI,CAAC,CAAC,GAAG,YAAY,oBAAoB,CAAC,EAAE,CAAC;gBAC3C,0EAA0E;gBAC1E,wEAAwE;gBACxE,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,6BAA6B,OAAO,gCAAgC,CAAC,CAAC,CAAC;YACjG,CAAC;YACD,sEAAsE;YACtE,kEAAkE;YAClE,sEAAsE;YACtE,sEAAsE;QACxE,CAAC;QAED,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,IAAI,EACJ,YAAY,IAAI,KAAK,CACtB,CAAC;IACJ,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,8CAA8C;IAC9C,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QACvB,MAAM,cAAc,CAClB,IAAI,EACJ,MAAM,EACN,UAAU,EACV,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAC7B,YAAY,IAAI,sCAAsC,CACvD,CAAC;QACF,OAAO;IACT,CAAC;IAED,uDAAuD;IACvD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;QACzB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;gBAC7D,SAAS,EAAE;oBACT,kBAAkB,IAAI,oBAAoB;oBAC1C,sCAAsC;iBACvC;aACF,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,YAAY,IAAI,wCAAwC,CAAC,CAAC;YACxE,OAAO,CAAC,KAAK,CAAC,oBAAoB,CAAC,CAAC;YACpC,OAAO,CAAC,KAAK,CAAC,sBAAsB,IAAI,oBAAoB,CAAC,CAAC;YAC9D,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;YAC9C,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAChD,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,iCAAiC;IACjC,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,sCAAsC,CAAC,CACnE,CAAC;IAEF,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,MAAM,UAAU,GAAG,MAAM,OAAO,CAAC,iCAAiC,EAAE,IAAI,CAAC,CAAC;IAC1E,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,MAAM,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,GAAG,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,EAAE,aAAa,CAAC,CAAC;AAC/F,CAAC;AAED,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,MAAsB,EACtB,UAAkD,EAClD,IAAkB,EAClB,aAAqB;IAErB,IAAI,CAAC,CAAC,MAAM,aAAa,EAAE,CAAC;QAAE,OAAO;IAErC,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAEzC,IAAI,UAAsB,CAAC;IAC3B,IAAI,CAAC;QACH,UAAU,GAAG,MAAM,WAAW,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,IAAI,IAAI,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;IACvF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QACjE,yEAAyE;QACzE,sEAAsE;QACtE,yEAAyE;QACzE,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACzD,IAAI,UAAU,KAAK,SAAS,EAAE,CAAC;YAC7B,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;gBACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;oBACzC,IAAI;oBACJ,SAAS,EAAE,KAAK;oBAChB,KAAK,EAAE,OAAO;oBACd,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CAAC,CAAC,CAAC;YACP,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CACT,cAAc,CAAC;oBACb,GAAG,EAAE,IAAI;oBACT,SAAS,EAAE,KAAK;oBAChB,SAAS,EAAE,UAAU,CAAC,SAAS;oBAC/B,WAAW,EAAE,UAAU,CAAC,WAAW;iBACpC,CAAC,CACH,CAAC;YACJ,CAAC;YACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;YACrB,OAAO;QACT,CAAC;QACD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;gBACzC,IAAI;gBACJ,SAAS,EAAE,KAAK;gBAChB,KAAK,EAAE,OAAO;aACf,CAAC,CAAC,CAAC,CAAC;QACP,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,UAAU,OAAO,EAAE,CAAC,CAAC;QACrC,CAAC;QACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,sBAAsB;IACtB,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC,CAAC;IACtC,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,gBAAgB,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,2EAA2E;IAC3E,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,IAAI,UAAU,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;QACzE,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;IACvB,CAAC;IAED,mFAAmF;IACnF,8EAA8E;IAC9E,YAAY,CACV,IAAI,EACJ,UAAU,CAAC,OAAO,EAClB,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,UAAU,GAAG,GAAG,CAAC,EACvC,UAAU,CAAC,WAAW,CACvB,CAAC;IAEF,8BAA8B;IAC9B,MAAM,gBAAgB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,EAAE,IAAI,CAAC,CAAC;AAC7D,CAAC;AAED,IAAI,qBAAqB,GAAG,KAAK,CAAC;AAElC,KAAK,UAAU,gBAAgB,CAC7B,IAAY,EACZ,UAAsB,EACtB,UAAkD,EAClD,IAAkB;IAElB,MAAM,cAAc,GAAG,IAAI,CAAC,UAAU,IAAI,mBAAmB,EAAE,KAAK,IAAI,CAAC;IAEzE,6EAA6E;IAC7E,mEAAmE;IACnE,IAAI,IAAI,CAAC,UAAU,IAAI,CAAC,cAAc,EAAE,CAAC;QACvC,IAAI,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,CAAC;YACxB,kEAAkE;YAClE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,4DAA4D,CAAC,CACzE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,qDAAqD,CAAC,CAClE,CAAC;YACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,uDAAuD,CAAC,CACpE,CAAC;YACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;YAElB,MAAM,YAAY,GAAG,MAAM,OAAO,CAChC,qCAAqC,EACrC,IAAI,CACL,CAAC;YAEF,2CAA2C;YAC3C,oBAAoB,CAAC,YAAY,CAAC,CAAC;YAEnC,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CAAC,yEAAyE,CAAC,CACtF,CAAC;gBACF,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;gBACxF,OAAO;YACT,CAAC;QACH,CAAC;aAAM,CAAC;YACN,gFAAgF;YAChF,IAAI,CAAC,qBAAqB,EAAE,CAAC;gBAC3B,qBAAqB,GAAG,IAAI,CAAC;gBAC7B,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAClB,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,wEAAwE,CACzE,CACF,CAAC;gBACF,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,IAAI,CACR,sBAAsB,IAAI,iCAAiC,CAC5D,CACF,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,iFAAiF;IACjF,MAAM,GAAG,GAAG,yBAAyB,EAAE,CAAC;IACxC,IAAI,GAAG,EAAE,CAAC;QACR,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,CAAC,cAAc;QAAE,OAAO;IAE5B,MAAM,kBAAkB,CAAC,IAAI,EAAE,UAAU,EAAE,UAAU,CAAC,WAAW,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC;AAC1F,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,IAAY,EACZ,UAAsB,EACtB,WAAmB,EACnB,IAAwB;IAExB,IAAI,CAAC;QACH,eAAe,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAChD,MAAM,EAAE,GAAG,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC;QACzC,IAAI,EAAE,EAAE,CAAC;YACP,OAAO,CAAC,KAAK,CACX,KAAK,CAAC,KAAK,CAAC,uEAAuE,CAAC,CACrF,CAAC;QACJ,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;IAED,kFAAkF;IAClF,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,cAAc,CAAC;YAChC,OAAO,EAAE,WAAW;YACpB,SAAS,EAAE,YAAY,gBAAgB,EAAE;SAC1C,CAAC,CAAC;QACH,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,WAAW,CAAC;YACpC,IAAI;YACJ,IAAI,EAAE,IAAI,EAAE,IAAI;YAChB,KAAK,EAAE,UAAU,CAAC,IAAI,CAAC,KAAK;YAC5B,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ;YAClC,IAAI,EAAE,UAAU;YAChB,WAAW,EAAE,gBAAgB;YAC7B,OAAO,EAAE,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,KAAK,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM;YACvG,QAAQ,EAAE,UAAU,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC3C,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,OAAO,EAAE,CAAC,CAAC,OAAO,IAAI,EAAE;gBACxB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,WAAW,EAAE,CAAC,CAAC,WAAW;aAC3B,CAAC,CAAC;YACH,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,WAAW;YACxC,aAAa,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;SACxC,CAAC,CAAC;QACH,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YACnB,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QACtF,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,sDAAsD;IACxD,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAC3B,IAAY,EACZ,UAAkD;IAElD,IAAI,UAAU,CAAC,IAAI,EAAE,CAAC;QACpB,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC,mBAAmB,CAAC;YACzC,IAAI;YACJ,SAAS,EAAE,KAAK;YAChB,KAAK,EAAE,YAAY,IAAI,sCAAsC;YAC7D,SAAS,EAAE;gBACT,kBAAkB,IAAI,oBAAoB;gBAC1C,sCAAsC;aACvC;SACF,CAAC,CAAC,CAAC,CAAC;IACP,CAAC;SAAM,CAAC;QACN,yFAAyF;QACzF,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,GAAG,EAAE,IAAI,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC,CAAC;IAC/D,CAAC;IACD,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;AACvB,CAAC;AAED,KAAK,UAAU,aAAa;IAC1B,MAAM,SAAS,GAAG,MAAM,cAAc,EAAE,CAAC;IACzC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,CAAC,KAAK,CACX,8DAA8D,CAC/D,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,8BAA8B,CAAC,CAAC;QAC9C,OAAO,CAAC,QAAQ,GAAG,CAAC,CAAC;QACrB,OAAO,KAAK,CAAC;IACf,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;GAIG;AACH,SAAS,eAAe,CAAC,OAAgB;IACvC,OAAO,CACL,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,SAAS;QACrB,OAAO,KAAK,UAAU;QACtB,OAAO,KAAK,QAAQ,CACrB,CAAC;AACJ,CAAC;AAED;;;;;;;GAOG;AACH,SAAS,qBAAqB,CAAC,MAAmB,EAAE,MAAe;IACjE,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,GAAG,MAAM;YACT,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,gDAAgD;YAClE,SAAS,EAAE,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC;SAChD,CAAC,CAAC,CAAC;QACJ,OAAO;IACT,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,+BAA+B,CAAC,EAAE,CACpF,CAAC;IACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mEAAmE,CAAC,EAAE,CACjI,CAAC;IACF,OAAO,CAAC,KAAK,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,gCAAgC,CAAC,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,MAAM,CAAC,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;IACvE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,IAAY,EAAE,MAAe;IAC1D,IAAI,MAAM,EAAE,CAAC;QACX,OAAO,CAAC,GAAG,CAAC,UAAU,CAAC;YACrB,IAAI;YACJ,KAAK,EAAE,KAAK;YACZ,UAAU,EAAE,IAAI;YAChB,gBAAgB,EAAE,kEAAkE;YACpF,SAAS,EAAE,CAAC,qBAAqB,IAAI,EAAE,CAAC;SACzC,CAAC,CAAC,CAAC;IACN,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,sCAAsC,CAAC,EAAE,CACpF,CAAC;QACF,OAAO,CAAC,KAAK,CACX,KAAK,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,mFAAmF,CAAC,EAAE,CACjJ,CAAC;QACF,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,CAAC,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACnE,OAAO,CAAC,KAAK,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,EAAE,CAAC,EAAE,CAAC,CAAC;QAChE,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACpB,CAAC;AACH,CAAC"}
|
package/dist/index.js
CHANGED
|
@@ -23,6 +23,14 @@ program
|
|
|
23
23
|
.option("--registry-url <url>", "registry base URL", "https://api.oa2a.org")
|
|
24
24
|
.option("--json", "output raw JSON", false)
|
|
25
25
|
.option("--no-color", "disable colored output");
|
|
26
|
+
// Two-bucket telemetry disclosure (briefs/scan-result-telemetry-policy.md §7,
|
|
27
|
+
// [CHIEF-CSR-014] + [CHIEF-CPO-021]). Surfaces both consent rails on --help so
|
|
28
|
+
// users see the boundary without reading the privacy policy.
|
|
29
|
+
program.addHelpText("after", `
|
|
30
|
+
Telemetry:
|
|
31
|
+
Anonymous usage telemetry is on. Disable: OPENA2A_TELEMETRY=off
|
|
32
|
+
Local scans may contribute to the OpenA2A Registry. Disable: --no-contribute or ai-trust telemetry off
|
|
33
|
+
`);
|
|
26
34
|
registerCheckCommand(program);
|
|
27
35
|
registerAuditCommand(program);
|
|
28
36
|
registerBatchCommand(program);
|
|
@@ -58,7 +66,12 @@ registerBatchCommand(program);
|
|
|
58
66
|
return;
|
|
59
67
|
telemetryStartedAt.delete(name);
|
|
60
68
|
void tele.track(name, {
|
|
61
|
-
|
|
69
|
+
// Exit 0 = clean, 1 = below-threshold, 2 = not-found. All three
|
|
70
|
+
// are working outcomes per audit.test.ts. Per [CHIEF-CSR-018] +
|
|
71
|
+
// [CHIEF-CPO-022], pass [2] so the dashboard treats not-found as
|
|
72
|
+
// success (crash-rate semantics, not user-outcome semantics).
|
|
73
|
+
// Real crashes are exit >=3 or out-of-range — those stay failure.
|
|
74
|
+
success: tele.successFromExitCode(process.exitCode, [2]),
|
|
62
75
|
durationMs: Date.now() - startedAt,
|
|
63
76
|
});
|
|
64
77
|
});
|
package/dist/index.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AACvC,MAAM,OAAO,GAAW,GAAG,CAAC,OAAO,CAAC;AACpC,MAAM,cAAc,GAAG,UAAU,CAAC;AAClC,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;AAC9E,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,UAAU,CAAC;KAChB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,MAAM,CACL,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,CACvB;KACA,MAAM,CAAC,QAAQ,EAAE,iBAAiB,EAAE,KAAK,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC;AAElD,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAE9B,CAAC,KAAK,IAAI,EAAE;IACV,6DAA6D;IAC7D,iEAAiE;IACjE,yDAAyD;IACzD,qEAAqE;IACrE,yBAAyB;IACzB,wEAAwE;IACxE,mEAAmE;IACnE,kEAAkE;IAClE,uBAAuB;IACvB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC9C,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAE5D,OAAO,CAAC,OAAO,CACb,KAAK,CAAC,WAAW,CAAC;QAChB,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,OAAO;QAChB,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE;KACzB,CAAC,EACF,eAAe,EACf,2BAA2B,CAC5B,CAAC;IAEF,OAAO;SACJ,IAAI,CAAC,WAAW,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QACjD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO;QACrD,kBAAkB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3C,CAAC,CAAC;SACD,IAAI,CAAC,YAAY,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QAClD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO;QACpC,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;YACpB,OAAO,EAAE,CAAC,OAAO,CAAC,QAAQ,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA;;;;;GAKG;AAEH,OAAO,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AAC5C,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,EAAE,oBAAoB,EAAE,MAAM,qBAAqB,CAAC;AAE3D,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAC/C,MAAM,GAAG,GAAG,OAAO,CAAC,iBAAiB,CAAC,CAAC;AACvC,MAAM,OAAO,GAAW,GAAG,CAAC,OAAO,CAAC;AACpC,MAAM,cAAc,GAAG,UAAU,CAAC;AAClC,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAS,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC;AAC9E,MAAM,kBAAkB,GAAG,IAAI,GAAG,EAAkB,CAAC;AAErD,MAAM,OAAO,GAAG,IAAI,OAAO,EAAE,CAAC;AAE9B,OAAO;KACJ,IAAI,CAAC,UAAU,CAAC;KAChB,WAAW,CAAC,kFAAkF,CAAC;KAC/F,MAAM,CACL,sBAAsB,EACtB,mBAAmB,EACnB,sBAAsB,CACvB;KACA,MAAM,CAAC,QAAQ,EAAE,iBAAiB,EAAE,KAAK,CAAC;KAC1C,MAAM,CAAC,YAAY,EAAE,wBAAwB,CAAC,CAAC;AAElD,8EAA8E;AAC9E,+EAA+E;AAC/E,6DAA6D;AAC7D,OAAO,CAAC,WAAW,CACjB,OAAO,EACP;;;;CAID,CACA,CAAC;AAEF,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAC9B,oBAAoB,CAAC,OAAO,CAAC,CAAC;AAE9B,CAAC,KAAK,IAAI,EAAE;IACV,6DAA6D;IAC7D,iEAAiE;IACjE,yDAAyD;IACzD,qEAAqE;IACrE,yBAAyB;IACzB,wEAAwE;IACxE,mEAAmE;IACnE,kEAAkE;IAClE,uBAAuB;IACvB,MAAM,IAAI,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAChD,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,CAAC;IAC9C,MAAM,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,OAAO,EAAE,CAAC,CAAC;IAE5D,OAAO,CAAC,OAAO,CACb,KAAK,CAAC,WAAW,CAAC;QAChB,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,OAAO;QAChB,SAAS,EAAE,IAAI,CAAC,MAAM,EAAE;KACzB,CAAC,EACF,eAAe,EACf,2BAA2B,CAC5B,CAAC;IAEF,OAAO;SACJ,IAAI,CAAC,WAAW,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QACjD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,IAAI,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO;QACrD,kBAAkB,CAAC,GAAG,CAAC,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;IAC3C,CAAC,CAAC;SACD,IAAI,CAAC,YAAY,EAAE,CAAC,YAAY,EAAE,aAAa,EAAE,EAAE;QAClD,MAAM,IAAI,GAAG,aAAa,CAAC,IAAI,EAAE,CAAC;QAClC,MAAM,SAAS,GAAG,kBAAkB,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC/C,IAAI,SAAS,KAAK,SAAS;YAAE,OAAO;QACpC,kBAAkB,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAChC,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,EAAE;YACpB,gEAAgE;YAChE,gEAAgE;YAChE,iEAAiE;YACjE,8DAA8D;YAC9D,kEAAkE;YAClE,OAAO,EAAE,IAAI,CAAC,mBAAmB,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,CAAC;YACxD,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;SACnC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEL,OAAO;SACJ,OAAO,CAAC,oBAAoB,CAAC;SAC7B,WAAW,CAAC,gEAAgE,CAAC;SAC7E,MAAM,CAAC,CAAC,MAA0B,EAAE,EAAE;QACrC,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,mBAAmB,CAAC,MAAyD,EAAE;YACnF,IAAI,EAAE,cAAc;YACpB,SAAS,EAAE,IAAI,CAAC,MAAM;YACtB,SAAS,EAAE,IAAI,CAAC,SAAS;SAC1B,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEL,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QAC7B,OAAO,CAAC,UAAU,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,IAAI,CAAC;QACH,MAAM,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,QAAQ,GAAG,kBAAkB,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC;QACxD,IAAI,QAAQ,EAAE,CAAC;YACb,MAAM,IAAI,GAAG,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,SAAS,CAAC;YACzD,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QAC7B,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;YAAS,CAAC;QACT,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC;IACrB,CAAC;AACH,CAAC,CAAC,EAAE,CAAC"}
|
package/dist/scanner/index.d.ts
CHANGED
|
@@ -28,4 +28,22 @@ export interface ScanResult {
|
|
|
28
28
|
export declare function scanPackage(name: string, options?: HmaScanOptions & {
|
|
29
29
|
ecosystem?: "npm" | "pypi";
|
|
30
30
|
}): Promise<ScanResult>;
|
|
31
|
+
/**
|
|
32
|
+
* Scan a local directory directly (no download step). Used for adversarial
|
|
33
|
+
* corpus fixtures and any other on-disk target. Skips the LOCAL_ONLY filter
|
|
34
|
+
* because for local sources those categories ARE meaningful (a missing
|
|
35
|
+
* .gitignore in a real repo is a real finding, unlike in an npm tarball).
|
|
36
|
+
*/
|
|
37
|
+
export declare function scanLocalPath(targetDir: string, options?: HmaScanOptions): Promise<ScanResult>;
|
|
38
|
+
/**
|
|
39
|
+
* Verify that the unpacked tarball's package.json `name` matches the
|
|
40
|
+
* requested name. This is a guard against `npm pack <name>` returning the
|
|
41
|
+
* wrong package (or an empty tarball), which would otherwise produce a
|
|
42
|
+
* misleading scan result that the publish path could send to the registry.
|
|
43
|
+
*
|
|
44
|
+
* If package.json is unreadable or has no `name` field, that's also a
|
|
45
|
+
* publish-blocker — we don't have enough information to identify what was
|
|
46
|
+
* actually scanned.
|
|
47
|
+
*/
|
|
48
|
+
export declare function assertPackageMatchesName(dir: string, requestedName: string): Promise<void>;
|
|
31
49
|
//# sourceMappingURL=index.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,YAAY,EAAE,cAAc,EAAE,MAAM,iBAAiB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AACtD,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAM3G,OAAO,KAAK,EAAE,aAAa,EAAE,eAAe,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,UAAU,CAAC;AAE/F,MAAM,WAAW,UAAU;IACzB,WAAW,EAAE,MAAM,CAAC;IACpB,IAAI,EAAE,aAAa,CAAC;IACpB,mDAAmD;IACnD,UAAU,EAAE,MAAM,CAAC;IACnB,0CAA0C;IAC1C,UAAU,EAAE,MAAM,CAAC;IACnB,wCAAwC;IACxC,OAAO,EAAE,MAAM,GAAG,SAAS,GAAG,SAAS,CAAC;IACxC,6EAA6E;IAC7E,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IACrC,oDAAoD;IACpD,eAAe,CAAC,EAAE,cAAc,EAAE,CAAC;CACpC;AAkBD;;;;GAIG;AACH,wBAAsB,WAAW,CAC/B,IAAI,EAAE,MAAM,EACZ,OAAO,GAAE,cAAc,GAAG;IAAE,SAAS,CAAC,EAAE,KAAK,GAAG,MAAM,CAAA;CAAO,GAC5D,OAAO,CAAC,UAAU,CAAC,CAyErB;AAED;;;;;GAKG;AACH,wBAAsB,aAAa,CACjC,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE,cAAmB,GAC3B,OAAO,CAAC,UAAU,CAAC,CAgCrB;AAED;;;;;;;;;GASG;AACH,wBAAsB,wBAAwB,CAC5C,GAAG,EAAE,MAAM,EACX,aAAa,EAAE,MAAM,GACpB,OAAO,CAAC,IAAI,CAAC,CAoDf"}
|
package/dist/scanner/index.js
CHANGED
|
@@ -3,6 +3,8 @@
|
|
|
3
3
|
*/
|
|
4
4
|
export { downloadPackage } from "./downloader.js";
|
|
5
5
|
export { isHmaAvailable, runHmaScan } from "./hma.js";
|
|
6
|
+
import { readFile, stat } from "node:fs/promises";
|
|
7
|
+
import { join } from "node:path";
|
|
6
8
|
import { downloadPackage } from "./downloader.js";
|
|
7
9
|
import { runHmaScan } from "./hma.js";
|
|
8
10
|
/**
|
|
@@ -26,8 +28,21 @@ const LOCAL_ONLY_CATEGORIES = new Set([
|
|
|
26
28
|
* Filters local-only findings (git, permissions, etc.) to match HMA check output.
|
|
27
29
|
*/
|
|
28
30
|
export async function scanPackage(name, options = {}) {
|
|
29
|
-
const
|
|
31
|
+
const ecosystem = options.ecosystem ?? "npm";
|
|
32
|
+
const download = await downloadPackage(name, ecosystem);
|
|
30
33
|
try {
|
|
34
|
+
// Defense-in-depth: verify the unpacked tarball's package.json `name`
|
|
35
|
+
// matches the requested name BEFORE running runHmaScan. Without this,
|
|
36
|
+
// if `npm pack <name>` ever returned a tarball whose contents identify
|
|
37
|
+
// as a different package (registry redirect, partial-fetch corruption,
|
|
38
|
+
// future typosquat-misroute), --scan-if-missing would publish a trust
|
|
39
|
+
// record under the requested name with content from a different package.
|
|
40
|
+
// The guard does NOT block legitimate scope shorthand resolution
|
|
41
|
+
// (`server-filesystem` → `@modelcontextprotocol/server-filesystem`);
|
|
42
|
+
// see assertPackageMatchesName for the canonical-scope rules.
|
|
43
|
+
if (ecosystem === "npm") {
|
|
44
|
+
await assertPackageMatchesName(download.dir, name);
|
|
45
|
+
}
|
|
31
46
|
const scan = await runHmaScan(download.dir, options);
|
|
32
47
|
// Filter out local-dev-only findings that are meaningless for downloaded packages.
|
|
33
48
|
// This matches HMA's filterLocalOnlyFindings() so scores are consistent.
|
|
@@ -77,6 +92,96 @@ export async function scanPackage(name, options = {}) {
|
|
|
77
92
|
await download.cleanup();
|
|
78
93
|
}
|
|
79
94
|
}
|
|
95
|
+
/**
|
|
96
|
+
* Scan a local directory directly (no download step). Used for adversarial
|
|
97
|
+
* corpus fixtures and any other on-disk target. Skips the LOCAL_ONLY filter
|
|
98
|
+
* because for local sources those categories ARE meaningful (a missing
|
|
99
|
+
* .gitignore in a real repo is a real finding, unlike in an npm tarball).
|
|
100
|
+
*/
|
|
101
|
+
export async function scanLocalPath(targetDir, options = {}) {
|
|
102
|
+
let st;
|
|
103
|
+
try {
|
|
104
|
+
st = await stat(targetDir);
|
|
105
|
+
}
|
|
106
|
+
catch (e) {
|
|
107
|
+
const code = e.code ?? "unknown";
|
|
108
|
+
throw new Error(`scanLocalPath: ${targetDir} could not be read (${code}).`);
|
|
109
|
+
}
|
|
110
|
+
if (!st.isDirectory()) {
|
|
111
|
+
throw new Error(`scanLocalPath: ${targetDir} is not a directory.`);
|
|
112
|
+
}
|
|
113
|
+
const scan = await runHmaScan(targetDir, options);
|
|
114
|
+
const trustScore = scan.maxScore > 0 ? scan.score / scan.maxScore : 0;
|
|
115
|
+
const trustLevel = deriveTrustLevel(scan);
|
|
116
|
+
const verdict = deriveVerdict(scan);
|
|
117
|
+
const result = {
|
|
118
|
+
packageName: targetDir,
|
|
119
|
+
scan,
|
|
120
|
+
trustScore,
|
|
121
|
+
trustLevel,
|
|
122
|
+
verdict,
|
|
123
|
+
};
|
|
124
|
+
if (scan.semanticFindings && scan.semanticFindings.length > 0) {
|
|
125
|
+
result.semanticFindings = scan.semanticFindings;
|
|
126
|
+
}
|
|
127
|
+
if (scan.analystFindings && scan.analystFindings.length > 0) {
|
|
128
|
+
result.analystFindings = scan.analystFindings;
|
|
129
|
+
}
|
|
130
|
+
return result;
|
|
131
|
+
}
|
|
132
|
+
/**
|
|
133
|
+
* Verify that the unpacked tarball's package.json `name` matches the
|
|
134
|
+
* requested name. This is a guard against `npm pack <name>` returning the
|
|
135
|
+
* wrong package (or an empty tarball), which would otherwise produce a
|
|
136
|
+
* misleading scan result that the publish path could send to the registry.
|
|
137
|
+
*
|
|
138
|
+
* If package.json is unreadable or has no `name` field, that's also a
|
|
139
|
+
* publish-blocker — we don't have enough information to identify what was
|
|
140
|
+
* actually scanned.
|
|
141
|
+
*/
|
|
142
|
+
export async function assertPackageMatchesName(dir, requestedName) {
|
|
143
|
+
let pkgRaw;
|
|
144
|
+
try {
|
|
145
|
+
pkgRaw = await readFile(join(dir, "package.json"), "utf8");
|
|
146
|
+
}
|
|
147
|
+
catch (e) {
|
|
148
|
+
const code = e.code ?? "unknown";
|
|
149
|
+
throw new Error(`download verification failed: ${dir}/package.json could not be read (${code}); refusing to scan/publish a package whose identity cannot be confirmed.`);
|
|
150
|
+
}
|
|
151
|
+
let parsed;
|
|
152
|
+
try {
|
|
153
|
+
parsed = JSON.parse(pkgRaw);
|
|
154
|
+
}
|
|
155
|
+
catch {
|
|
156
|
+
throw new Error(`download verification failed: ${dir}/package.json is not valid JSON; refusing to scan/publish.`);
|
|
157
|
+
}
|
|
158
|
+
const actualName = typeof parsed.name === "string" ? parsed.name : "";
|
|
159
|
+
if (!actualName) {
|
|
160
|
+
throw new Error(`download verification failed: ${dir}/package.json has no "name" field; refusing to scan/publish.`);
|
|
161
|
+
}
|
|
162
|
+
const norm = (s) => s.toLowerCase();
|
|
163
|
+
if (norm(actualName) === norm(requestedName))
|
|
164
|
+
return;
|
|
165
|
+
// Allow the legitimate case where the request used unscoped shorthand
|
|
166
|
+
// and npm resolved it to a scoped package (e.g. `server-filesystem` →
|
|
167
|
+
// `@modelcontextprotocol/server-filesystem`). A real npm scope MUST start
|
|
168
|
+
// with `@`, contain exactly one `/`, and have non-empty scope + basename.
|
|
169
|
+
// Anything else (`evil-corp/foo`, `foo/bar/baz`, `/foo`, `@a/b/c`) is
|
|
170
|
+
// rejected — the guard's purpose is refusing to publish under the wrong
|
|
171
|
+
// identity, and only canonical scopes are legitimate identity equivalences
|
|
172
|
+
// for an unscoped request.
|
|
173
|
+
const slashIdx = actualName.indexOf("/");
|
|
174
|
+
const isCanonicalScope = actualName.startsWith("@") &&
|
|
175
|
+
slashIdx > 1 &&
|
|
176
|
+
slashIdx === actualName.lastIndexOf("/") &&
|
|
177
|
+
slashIdx < actualName.length - 1;
|
|
178
|
+
if (isCanonicalScope &&
|
|
179
|
+
!requestedName.includes("/") &&
|
|
180
|
+
norm(actualName.slice(slashIdx + 1)) === norm(requestedName)) {
|
|
181
|
+
return;
|
|
182
|
+
}
|
|
183
|
+
throw new Error(`download verification failed: requested "${requestedName}" but tarball contains "${actualName}". Refusing to publish a trust record under the wrong name.`);
|
|
184
|
+
}
|
|
80
185
|
function deriveTrustLevel(scan) {
|
|
81
186
|
const ratio = scan.score / scan.maxScore;
|
|
82
187
|
if (ratio >= 0.9)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAGtD,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAkBtC;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,KAAK;IACL,aAAa;IACb,aAAa;IACb,SAAS;IACT,aAAa;IACb,QAAQ;IACR,QAAQ;CACT,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,IAAY,EACZ,UAA2D,EAAE;IAE7D,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/scanner/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAElD,OAAO,EAAE,cAAc,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAGtD,OAAO,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,kBAAkB,CAAC;AAClD,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,UAAU,EAAE,MAAM,UAAU,CAAC;AAkBtC;;;;;GAKG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC;IACpC,KAAK;IACL,aAAa;IACb,aAAa;IACb,SAAS;IACT,aAAa;IACb,QAAQ;IACR,QAAQ;CACT,CAAC,CAAC;AAEH;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAC/B,IAAY,EACZ,UAA2D,EAAE;IAE7D,MAAM,SAAS,GAAG,OAAO,CAAC,SAAS,IAAI,KAAK,CAAC;IAC7C,MAAM,QAAQ,GAAG,MAAM,eAAe,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAExD,IAAI,CAAC;QACH,sEAAsE;QACtE,sEAAsE;QACtE,uEAAuE;QACvE,uEAAuE;QACvE,sEAAsE;QACtE,yEAAyE;QACzE,iEAAiE;QACjE,qEAAqE;QACrE,8DAA8D;QAC9D,IAAI,SAAS,KAAK,KAAK,EAAE,CAAC;YACxB,MAAM,wBAAwB,CAAC,QAAQ,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACrD,CAAC;QACD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,GAAG,EAAE,OAAO,CAAC,CAAC;QAErD,mFAAmF;QACnF,yEAAyE;QACzE,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QACpE,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAClC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,qBAAqB,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAC1D,CAAC;QACF,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC;QAEpE,8CAA8C;QAC9C,IAAI,aAAa,GAAG,aAAa,IAAI,IAAI,CAAC,QAAQ,GAAG,CAAC,EAAE,CAAC;YACvD,mEAAmE;YACnE,MAAM,gBAAgB,GAA2B;gBAC/C,QAAQ,EAAE,EAAE;gBACZ,IAAI,EAAE,EAAE;gBACR,MAAM,EAAE,CAAC;gBACT,GAAG,EAAE,CAAC;aACP,CAAC;YACF,IAAI,WAAW,GAAG,CAAC,CAAC;YACpB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;gBAC9B,IAAI,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC;oBACd,WAAW,IAAI,gBAAgB,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;gBACnD,CAAC;YACH,CAAC;YACD,MAAM,cAAc,GAAG,GAAG,CAAC;YAC3B,IAAI,CAAC,KAAK;gBACR,WAAW,KAAK,CAAC;oBACf,CAAC,CAAC,GAAG;oBACL,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,WAAW,GAAG,cAAc,CAAC,CAAC,CAAC;QAClE,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;QAC9C,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;QAC1C,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;QAEpC,MAAM,MAAM,GAAe;YACzB,WAAW,EAAE,IAAI;YACjB,IAAI;YACJ,UAAU;YACV,UAAU;YACV,OAAO;SACR,CAAC;QAEF,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;QAClD,CAAC;QAED,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC5D,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;QAChD,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;YAAS,CAAC;QACT,MAAM,QAAQ,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,MAAM,CAAC,KAAK,UAAU,aAAa,CACjC,SAAiB,EACjB,UAA0B,EAAE;IAE5B,IAAI,EAAE,CAAC;IACP,IAAI,CAAC;QACH,EAAE,GAAG,MAAM,IAAI,CAAC,SAAS,CAAC,CAAC;IAC7B,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,GAAI,CAA2B,CAAC,IAAI,IAAI,SAAS,CAAC;QAC5D,MAAM,IAAI,KAAK,CACb,kBAAkB,SAAS,uBAAuB,IAAI,IAAI,CAC3D,CAAC;IACJ,CAAC;IACD,IAAI,CAAC,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC;QACtB,MAAM,IAAI,KAAK,CAAC,kBAAkB,SAAS,sBAAsB,CAAC,CAAC;IACrE,CAAC;IACD,MAAM,IAAI,GAAG,MAAM,UAAU,CAAC,SAAS,EAAE,OAAO,CAAC,CAAC;IAClD,MAAM,UAAU,GAAG,IAAI,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC;IACtE,MAAM,UAAU,GAAG,gBAAgB,CAAC,IAAI,CAAC,CAAC;IAC1C,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IAEpC,MAAM,MAAM,GAAe;QACzB,WAAW,EAAE,SAAS;QACtB,IAAI;QACJ,UAAU;QACV,UAAU;QACV,OAAO;KACR,CAAC;IACF,IAAI,IAAI,CAAC,gBAAgB,IAAI,IAAI,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9D,MAAM,CAAC,gBAAgB,GAAG,IAAI,CAAC,gBAAgB,CAAC;IAClD,CAAC;IACD,IAAI,IAAI,CAAC,eAAe,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5D,MAAM,CAAC,eAAe,GAAG,IAAI,CAAC,eAAe,CAAC;IAChD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,wBAAwB,CAC5C,GAAW,EACX,aAAqB;IAErB,IAAI,MAAc,CAAC;IACnB,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,EAAE,MAAM,CAAC,CAAC;IAC7D,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,MAAM,IAAI,GAAI,CAA2B,CAAC,IAAI,IAAI,SAAS,CAAC;QAC5D,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,oCAAoC,IAAI,2EAA2E,CACxJ,CAAC;IACJ,CAAC;IACD,IAAI,MAA0B,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAuB,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,4DAA4D,CACjG,CAAC;IACJ,CAAC;IACD,MAAM,UAAU,GAAG,OAAO,MAAM,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IACtE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,MAAM,IAAI,KAAK,CACb,iCAAiC,GAAG,8DAA8D,CACnG,CAAC;IACJ,CAAC;IACD,MAAM,IAAI,GAAG,CAAC,CAAS,EAAU,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;IACpD,IAAI,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC;QAAE,OAAO;IAErD,sEAAsE;IACtE,sEAAsE;IACtE,0EAA0E;IAC1E,0EAA0E;IAC1E,sEAAsE;IACtE,wEAAwE;IACxE,2EAA2E;IAC3E,2BAA2B;IAC3B,MAAM,QAAQ,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACzC,MAAM,gBAAgB,GACpB,UAAU,CAAC,UAAU,CAAC,GAAG,CAAC;QAC1B,QAAQ,GAAG,CAAC;QACZ,QAAQ,KAAK,UAAU,CAAC,WAAW,CAAC,GAAG,CAAC;QACxC,QAAQ,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC;IACnC,IACE,gBAAgB;QAChB,CAAC,aAAa,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC5B,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,aAAa,CAAC,EAC5D,CAAC;QACD,OAAO;IACT,CAAC;IAED,MAAM,IAAI,KAAK,CACb,4CAA4C,aAAa,2BAA2B,UAAU,6DAA6D,CAC5J,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,IAAmB;IAC3C,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzC,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,sBAAsB;IAClD,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,yBAAyB;IACrD,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,CAAC,CAAC,CAAC,UAAU;IACtC,OAAO,CAAC,CAAC,CAAC,UAAU;AACtB,CAAC;AAED,SAAS,aAAa,CAAC,IAAmB;IACxC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC;IACzC,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CACpC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAC9C,CAAC;IACF,MAAM,OAAO,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAChC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC1C,CAAC;IAEF,wEAAwE;IACxE,2EAA2E;IAC3E,wEAAwE;IACxE,yEAAyE;IACzE,IAAI,KAAK,IAAI,GAAG,IAAI,CAAC,WAAW,IAAI,CAAC,OAAO;QAAE,OAAO,MAAM,CAAC;IAC5D,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,SAAS,CAAC,CAAC,qDAAqD;IACzF,IAAI,KAAK,IAAI,GAAG;QAAE,OAAO,SAAS,CAAC;IACnC,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "ai-trust",
|
|
3
|
-
"version": "0.7.
|
|
3
|
+
"version": "0.7.2",
|
|
4
4
|
"description": "Trust verification CLI for AI packages — check MCP servers, A2A agents, AI tools, and LLMs before you install",
|
|
5
5
|
"homepage": "https://opena2a.org/ai-trust",
|
|
6
6
|
"repository": {
|
|
@@ -22,7 +22,8 @@
|
|
|
22
22
|
"lint": "tsc --noEmit",
|
|
23
23
|
"test": "vitest run",
|
|
24
24
|
"test:watch": "vitest",
|
|
25
|
-
"test:coverage": "vitest run --coverage"
|
|
25
|
+
"test:coverage": "vitest run --coverage",
|
|
26
|
+
"release-smoke:corpus": "tsx scripts/release-smoke-corpus.ts"
|
|
26
27
|
},
|
|
27
28
|
"keywords": [
|
|
28
29
|
"ai",
|
|
@@ -45,13 +46,16 @@
|
|
|
45
46
|
"@opena2a/contribute": "^0.1.0",
|
|
46
47
|
"@opena2a/registry-client": "0.1.0",
|
|
47
48
|
"@opena2a/shared": "^0.1.0",
|
|
48
|
-
"@opena2a/telemetry": "
|
|
49
|
+
"@opena2a/telemetry": "0.3.0",
|
|
49
50
|
"chalk": "^5.3.0",
|
|
50
51
|
"commander": "^12.1.0",
|
|
51
52
|
"hackmyagent": "^0.17.1"
|
|
52
53
|
},
|
|
53
54
|
"devDependencies": {
|
|
55
|
+
"@types/js-yaml": "^4.0.9",
|
|
54
56
|
"@types/node": "^20.11.0",
|
|
57
|
+
"js-yaml": "^4.1.0",
|
|
58
|
+
"tsx": "^4.21.0",
|
|
55
59
|
"typescript": "^5.3.0",
|
|
56
60
|
"vitest": "^3.0.0"
|
|
57
61
|
},
|