argus-ci 1.1.1 → 1.2.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (16) hide show
  1. package/dist/core/reporter.d.ts.map +1 -1
  2. package/dist/core/reporter.js +5 -3
  3. package/dist/core/reporter.js.map +1 -1
  4. package/dist/core/scanner.d.ts +7 -11
  5. package/dist/core/scanner.d.ts.map +1 -1
  6. package/dist/core/scanner.js +225 -102
  7. package/dist/core/scanner.js.map +1 -1
  8. package/dist/hooks/setup.d.ts +6 -3
  9. package/dist/hooks/setup.d.ts.map +1 -1
  10. package/dist/hooks/setup.js +201 -52
  11. package/dist/hooks/setup.js.map +1 -1
  12. package/dist/types.d.ts +27 -9
  13. package/dist/types.d.ts.map +1 -1
  14. package/dist/types.js +1 -1
  15. package/dist/types.js.map +1 -1
  16. package/package.json +1 -1
package/dist/core/reporter.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAS,UAAU,EAAY,MAAM,aAAa,CAAC;AAc/D,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,CAsDvE;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAOpD;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAsBtF"}
1
+ {"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAS,UAAU,EAAY,MAAM,aAAa,CAAC;AAc/D,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,CAwDvE;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAOpD;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAsBtF"}
package/dist/core/reporter.js CHANGED
@@ -27,11 +27,13 @@ export function toMarkdown(result, context) {
27
27
  lines.push(`## Semgrep scan results\n`);
28
28
  // Summary bar
29
29
  if (issues.length === 0) {
30
+ const engineStr = result.engines.length ? ` · engines: ${result.engines.join(" + ")}` : "";
30
31
  lines.push(`✅ **No issues found** — ${filesScanned} file${filesScanned !== 1 ? "s" : ""} scanned in ${durationMs}ms`);
31
- lines.push(`\n_Rulesets: ${rulesets.join(", ")}_`);
32
+ lines.push(`\n_Rulesets: ${rulesets.join(", ")}${engineStr}_`);
32
33
  return lines.join("\n");
33
34
  }
34
- lines.push(`| Severity | Count |`, `|----------|-------|`, `| 🔴 Error | ${errors.length} |`, `| 🟡 Warning | ${warnings.length} |`, `| 🔵 Info | ${infos.length} |`, ``, `_${filesScanned} file${filesScanned !== 1 ? "s" : ""} scanned · ${durationMs}ms · rulesets: ${rulesets.join(", ")}_`, ``);
35
+ const engineStr = result.engines.length ? ` · engines: ${result.engines.join(" + ")}` : "";
36
+ lines.push(`| Severity | Count |`, `|----------|-------|`, `| 🔴 Error | ${errors.length} |`, `| 🟡 Warning | ${warnings.length} |`, `| 🔵 Info | ${infos.length} |`, ``, `_${filesScanned} file${filesScanned !== 1 ? "s" : ""} scanned · ${durationMs}ms · rulesets: ${rulesets.join(", ")}${engineStr}_`, ``);
35
37
  // Group by file
36
38
  const byFile = groupByFile(issues);
37
39
  for (const [file, fileIssues] of Object.entries(byFile)) {
@@ -44,7 +46,7 @@ export function toMarkdown(result, context) {
44
46
  if (issue.sourceLine) {
45
47
  lines.push(`\`\`\`\n${issue.sourceLine}\n\`\`\``);
46
48
  }
47
- lines.push(`_Rule: \`${issue.ruleId}\`_`);
49
+ lines.push(`_Rule: \`${issue.ruleId}\` · via ${issue.engine}_`);
48
50
  if (issue.cwe?.length)
49
51
  lines.push(`_CWE: ${issue.cwe.join(", ")}_`);
50
52
  if (issue.owasp?.length)
package/dist/core/reporter.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"reporter.js","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,IAAI;IACb,OAAO,EAAE,IAAI;IACb,IAAI,EAAK,IAAI;CACd,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,OAAO;IAChB,OAAO,EAAE,SAAS;IAClB,IAAI,EAAK,MAAM;CAChB,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,MAAkB,EAAE,OAAgB;IAC7D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC;IACnD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC9D,MAAM,MAAM,GAAK,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAChE,MAAM,KAAK,GAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAE7D,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,SAAS;IACT,IAAI,OAAO;QAAE,KAAK,CAAC,IAAI,CAAC,qBAAqB,OAAO,IAAI,CAAC,CAAC;;QAC7C,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAErD,cAAc;IACd,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,2BAA2B,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,eAAe,UAAU,IAAI,CAAC,CAAC;QACtH,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACnD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,IAAI,CACR,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,MAAM,CAAC,MAAM,MAAM,EACrC,kBAAkB,QAAQ,CAAC,MAAM,IAAI,EACrC,kBAAkB,KAAK,CAAC,MAAM,OAAO,EACrC,EAAE,EACF,IAAI,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,cAAc,UAAU,kBAAkB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,EACrH,EAAE,CACH,CAAC;IAEF,gBAAgB;IAChB,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;QAC9B,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC7C,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,KAAK,aAAa,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACjC,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;gBACrB,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,CAAC,UAAU,UAAU,CAAC,CAAC;YACpD,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,MAAM,KAAK,CAAC,CAAC;YAC1C,IAAI,KAAK,CAAC,GAAG,EAAE,MAAM;gBAAI,KAAK,CAAC,IAAI,CAAC,SAAS,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtE,IAAI,KAAK,CAAC,KAAK,EAAE,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5E,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,MAAkB;IAC1C,IAAI,MAAM,CAAC,OAAO;QAAE,OAAO,YAAY,MAAM,CAAC,UAAU,EAAE,CAAC;IAC3D,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,WAAW,MAAM,CAAC,YAAY,gBAAgB,CAAC;IAEtF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;IAC1E,MAAM,KAAK,GAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;IAC5E,OAAO,SAAS,MAAM,CAAC,MAAM,CAAC,MAAM,YAAY,MAAM,YAAY,KAAK,iBAAiB,MAAM,CAAC,YAAY,QAAQ,CAAC;AACtH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAkB,EAAE,OAAe,EAAE,KAAa;IAC5E,MAAM,KAAK,GAAa;QACtB,4BAA4B;QAC5B,cAAc,OAAO,KAAK,KAAK,GAAG;QAClC,EAAE;KACH,CAAC;IAEF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,YAAY,qBAAqB,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;QACrG,KAAK,CAAC,IAAI,CAAC,gBAAgB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1D,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAC,CAAC;IACzE,KAAK,CAAC,IAAI,CAAC,yDAAyD,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IACjG,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,gFAAgF;AAEhF,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1C,CAAC;IACD,yCAAyC;IACzC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
1
+ {"version":3,"file":"reporter.js","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,IAAI;IACb,OAAO,EAAE,IAAI;IACb,IAAI,EAAK,IAAI;CACd,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,OAAO;IAChB,OAAO,EAAE,SAAS;IAClB,IAAI,EAAK,MAAM;CAChB,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,MAAkB,EAAE,OAAgB;IAC7D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC;IACnD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC9D,MAAM,MAAM,GAAK,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAChE,MAAM,KAAK,GAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAE7D,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,SAAS;IACT,IAAI,OAAO;QAAE,KAAK,CAAC,IAAI,CAAC,qBAAqB,OAAO,IAAI,CAAC,CAAC;;QAC7C,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAErD,cAAc;IACd,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3F,KAAK,CAAC,IAAI,CAAC,2BAA2B,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,eAAe,UAAU,IAAI,CAAC,CAAC;QACtH,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,CAAC;QAC/D,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3F,KAAK,CAAC,IAAI,CACR,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,MAAM,CAAC,MAAM,MAAM,EACrC,kBAAkB,QAAQ,CAAC,MAAM,IAAI,EACrC,kBAAkB,KAAK,CAAC,MAAM,OAAO,EACrC,EAAE,EACF,IAAI,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,cAAc,UAAU,kBAAkB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,SAAS,GAAG,EACjI,EAAE,CACH,CAAC;IAEF,gBAAgB;IAChB,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;QAC9B,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC7C,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,KAAK,aAAa,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACjC,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;gBACrB,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,CAAC,UAAU,UAAU,CAAC,CAAC;YACpD,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,MAAM,YAAY,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;YAChE,IAAI,KAAK,CAAC,GAAG,EAAE,MAAM;gBAAI,KAAK,CAAC,IAAI,CAAC,SAAS,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtE,IAAI,KAAK,CAAC,KAAK,EAAE,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5E,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,MAAkB;IAC1C,IAAI,MAAM,CAAC,OAAO;QAAE,OAAO,YAAY,MAAM,CAAC,UAAU,EAAE,CAAC;IAC3D,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,WAAW,MAAM,CAAC,YAAY,gBAAgB,CAAC;IAEtF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;IAC1E,MAAM,KAAK,GAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;IAC5E,OAAO,SAAS,MAAM,CAAC,MAAM,CAAC,MAAM,YAAY,MAAM,YAAY,KAAK,iBAAiB,MAAM,CAAC,YAAY,QAAQ,CAAC;AACtH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAkB,EAAE,OAAe,EAAE,KAAa;IAC5E,MAAM,KAAK,GAAa;QACtB,4BAA4B;QAC5B,cAAc,OAAO,KAAK,KAAK,GAAG;QAClC,EAAE;KACH,CAAC;IAEF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,YAAY,qBAAqB,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;QACrG,KAAK,CAAC,IAAI,CAAC,gBAAgB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1D,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAC,CAAC;IACzE,KAAK,CAAC,IAAI,CAAC,yDAAyD,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IACjG,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,gFAAgF;AAEhF,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1C,CAAC;IACD,yCAAyC;IACzC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
package/dist/core/scanner.d.ts CHANGED
@@ -1,19 +1,15 @@
1
1
  /**
2
- * Semgrep CLI wrapper.
3
- * Runs `semgrep --json` on a set of files and returns normalised Issue[].
2
+ * Scanner core — runs Opengrep (primary) or Semgrep (fallback) for pattern-based
3
+ * security analysis, then optionally runs Bearer for deep data-flow analysis.
4
4
  *
5
- * Semgrep must be installed: pip install semgrep OR brew install semgrep
6
- * We check for it on first run and give a clear install message if missing.
5
+ * Scanner priority:
6
+ * 1. opengrep — free taint analysis, drop-in Semgrep replacement
7
+ * 2. semgrep — fallback if opengrep not installed
8
+ * 3. bearer — optional second pass, deep data-flow, run on staged/branch/PR
7
9
  */
8
10
  import type { ScanConfig, ScanResult } from "../types.js";
9
11
  export declare function scanFiles(files: string[], cwd: string, config?: ScanConfig): Promise<ScanResult>;
10
- /**
11
- * Scans only the git-staged files in cwd.
12
- * Used by the pre-commit hook.
13
- */
14
12
  export declare function scanStaged(cwd: string, config?: ScanConfig): Promise<ScanResult>;
15
- /**
16
- * Scans files changed on a branch vs a base branch.
17
- */
18
13
  export declare function scanBranch(cwd: string, branch: string, base?: string, config?: ScanConfig): Promise<ScanResult>;
14
+ export declare function isBearerInstalled(): boolean;
19
15
  //# sourceMappingURL=scanner.d.ts.map
package/dist/core/scanner.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAKH,OAAO,KAAK,EAAS,UAAU,EAAE,UAAU,EAA8C,MAAM,aAAa,CAAC;AAO7G,wBAAsB,SAAS,CAC7B,KAAK,EAAE,MAAM,EAAE,EACf,GAAG,EAAI,MAAM,EACb,MAAM,GAAE,UAAe,GACtB,OAAO,CAAC,UAAU,CAAC,CAgFrB;AAED;;;GAGG;AACH,wBAAsB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,UAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CAc1F;AAED;;GAEG;AACH,wBAAsB,UAAU,CAC9B,GAAG,EAAK,MAAM,EACd,MAAM,EAAE,MAAM,EACd,IAAI,GAAI,MAAe,EACvB,MAAM,GAAE,UAAe,GACtB,OAAO,CAAC,UAAU,CAAC,CA6BrB"}
1
+ {"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,EACH,UAAU,EAAE,UAAU,EAG9B,MAAM,aAAa,CAAC;AAOrB,wBAAsB,SAAS,CAC7B,KAAK,EAAG,MAAM,EAAE,EAChB,GAAG,EAAK,MAAM,EACd,MAAM,GAAE,UAAe,GACtB,OAAO,CAAC,UAAU,CAAC,CAmBrB;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,UAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CAe1F;AAED,wBAAsB,UAAU,CAC9B,GAAG,EAAK,MAAM,EACd,MAAM,EAAE,MAAM,EACd,IAAI,GAAI,MAAe,EACvB,MAAM,GAAE,UAAe,GACtB,OAAO,CAAC,UAAU,CAAC,CAyBrB;AAoMD,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C"}
package/dist/core/scanner.js CHANGED
@@ -1,173 +1,296 @@
1
1
  /**
2
- * Semgrep CLI wrapper.
3
- * Runs `semgrep --json` on a set of files and returns normalised Issue[].
2
+ * Scanner core — runs Opengrep (primary) or Semgrep (fallback) for pattern-based
3
+ * security analysis, then optionally runs Bearer for deep data-flow analysis.
4
4
  *
5
- * Semgrep must be installed: pip install semgrep OR brew install semgrep
6
- * We check for it on first run and give a clear install message if missing.
5
+ * Scanner priority:
6
+ * 1. opengrep — free taint analysis, drop-in Semgrep replacement
7
+ * 2. semgrep — fallback if opengrep not installed
8
+ * 3. bearer — optional second pass, deep data-flow, run on staged/branch/PR
7
9
  */
8
10
  import { execSync, spawnSync } from "child_process";
9
- import { existsSync, readFileSync } from "fs";
11
+ import { existsSync, statSync } from "fs";
10
12
  import { join } from "path";
11
- const DEFAULT_RULESETS = ["p/secrets", "p/owasp-top-ten"];
13
+ const DEFAULT_RULESETS = ["p/secrets", "p/owasp-top-ten", "p/security-audit"];
12
14
  const DEFAULT_EXCLUDE = ["node_modules", "dist", ".git", "coverage", "build", ".next", "vendor"];
13
- // ─── Main export ─────────────────────────────────────────────────────────────
15
+ // ─── Public API ───────────────────────────────────────────────────────────────
14
16
  export async function scanFiles(files, cwd, config = {}) {
15
17
  const t0 = Date.now();
16
- // Check semgrep is available
17
- const semgrepPath = findSemgrep();
18
- if (!semgrepPath) {
19
- return {
20
- issues: [], skipped: true, filesScanned: 0, durationMs: 0, rulesets: [],
21
- skipReason: "semgrep not found. Install with: pip install semgrep or brew install semgrep",
22
- };
18
+ const eligible = filterEligible(files, cwd, config);
19
+ if (eligible.length === 0) {
20
+ return empty("No eligible files to scan", t0, config);
23
21
  }
24
- // Filter to files that exist and are under size limit
25
- const maxBytes = (config.maxFileSizeKb ?? 500) * 1024;
26
- const eligible = files
27
- .filter((f) => {
28
- const abs = f.startsWith("/") ? f : join(cwd, f);
29
- if (!existsSync(abs))
30
- return false;
22
+ // Run Opengrep/Semgrep
23
+ const primaryResult = await runPrimaryScanner(eligible, cwd, config, t0);
24
+ // Bearer: optional, skip for single-file MCP calls (too slow)
25
+ const runBearer = config.runBearer ?? (eligible.length > 1);
26
+ if (runBearer && isBearerInstalled()) {
27
+ const bearerResult = await runBearerScan(eligible, cwd, t0);
28
+ return mergeResults(primaryResult, bearerResult, t0);
29
+ }
30
+ return primaryResult;
31
+ }
32
+ export async function scanStaged(cwd, config = {}) {
33
+ let staged;
34
+ try {
35
+ const out = execSync("git diff --name-only --cached --diff-filter=ACM", { cwd, encoding: "utf8" });
36
+ staged = out.trim().split("\n").filter(Boolean);
37
+ }
38
+ catch {
39
+ return empty("Not a git repository or no staged files", Date.now(), config);
40
+ }
41
+ if (staged.length === 0) {
42
+ return empty("No staged files", Date.now(), config);
43
+ }
44
+ // Always run Bearer on staged files (this is the pre-commit gate — worth the extra seconds)
45
+ return scanFiles(staged, cwd, { ...config, runBearer: config.runBearer ?? true });
46
+ }
47
+ export async function scanBranch(cwd, branch, base = "main", config = {}) {
48
+ let files;
49
+ try {
50
+ const out = execSync(`git diff --name-only --diff-filter=ACM $(git merge-base ${base} ${branch}) ${branch}`, { cwd, encoding: "utf8" });
51
+ files = out.trim().split("\n").filter(Boolean);
52
+ }
53
+ catch {
31
54
  try {
32
- const stat = readFileSync(abs);
33
- return stat.length <= maxBytes;
55
+ const out = execSync(`git diff --name-only --diff-filter=ACM ${base}...${branch}`, { cwd, encoding: "utf8" });
56
+ files = out.trim().split("\n").filter(Boolean);
34
57
  }
35
- catch {
36
- return false;
58
+ catch (e) {
59
+ return empty(`Could not diff ${branch} vs ${base}: ${String(e).slice(0, 200)}`, Date.now(), config);
37
60
  }
38
- });
39
- if (eligible.length === 0) {
40
- return { issues: [], skipped: true, skipReason: "No eligible files to scan", filesScanned: 0, durationMs: 0, rulesets: [] };
41
61
  }
62
+ if (files.length === 0) {
63
+ return empty(`No changed files between ${base} and ${branch}`, Date.now(), config);
64
+ }
65
+ return scanFiles(files, cwd, { ...config, runBearer: config.runBearer ?? true });
66
+ }
67
+ // ─── Primary scanner (Opengrep / Semgrep) ────────────────────────────────────
68
+ async function runPrimaryScanner(files, cwd, config, t0) {
69
+ const scannerInfo = findPrimaryScanner();
70
+ if (!scannerInfo) {
71
+ return {
72
+ issues: [], skipped: true, filesScanned: files.length, durationMs: Date.now() - t0,
73
+ rulesets: [], engines: [],
74
+ skipReason: "No scanner found. Install Opengrep (pip install opengrep) or Semgrep (brew install semgrep)",
75
+ };
76
+ }
77
+ const { binary, engine } = scannerInfo;
42
78
  const rulesets = config.rulesets ?? DEFAULT_RULESETS;
43
79
  const excludes = [...DEFAULT_EXCLUDE, ...(config.exclude ?? [])];
44
- // Build semgrep command
45
80
  const args = [
46
81
  ...rulesets.flatMap((r) => ["--config", r]),
47
82
  "--json",
48
- "--no-git-ignore", // we control which files to scan explicitly
83
+ "--no-git-ignore",
49
84
  "--quiet",
50
85
  ...excludes.flatMap((e) => ["--exclude", e]),
51
86
  "--",
52
- ...eligible,
87
+ ...files,
53
88
  ];
54
- const result = spawnSync(semgrepPath, args, {
55
- cwd,
56
- encoding: "utf8",
57
- maxBuffer: 50 * 1024 * 1024, // 50MB
89
+ const result = spawnSync(binary, args, {
90
+ cwd, encoding: "utf8", maxBuffer: 50 * 1024 * 1024,
58
91
  });
59
- // semgrep exits 1 when findings are present — that's normal
60
- const stdout = result.stdout ?? "";
61
- const stderr = result.stderr ?? "";
62
92
  if (result.status !== 0 && result.status !== 1) {
63
- // Real error (exit 2+)
64
93
  return {
65
- issues: [], skipped: true, filesScanned: eligible.length, durationMs: Date.now() - t0, rulesets,
66
- skipReason: `semgrep failed (exit ${result.status}): ${stderr.slice(0, 300)}`,
94
+ issues: [], skipped: true, filesScanned: files.length, durationMs: Date.now() - t0,
95
+ rulesets, engines: [],
96
+ skipReason: `${engine} failed (exit ${result.status}): ${(result.stderr ?? "").slice(0, 300)}`,
67
97
  };
68
98
  }
69
99
  let raw;
70
100
  try {
71
- raw = JSON.parse(stdout);
101
+ raw = JSON.parse(result.stdout ?? "");
72
102
  }
73
103
  catch {
74
104
  return {
75
- issues: [], skipped: true, filesScanned: eligible.length, durationMs: Date.now() - t0, rulesets,
76
- skipReason: `Failed to parse semgrep output: ${stdout.slice(0, 200)}`,
105
+ issues: [], skipped: true, filesScanned: files.length, durationMs: Date.now() - t0,
106
+ rulesets, engines: [],
107
+ skipReason: `Failed to parse ${engine} output`,
77
108
  };
78
109
  }
79
- const issues = raw.results.map((f) => mapFinding(f, cwd));
110
+ const issues = raw.results.map((f) => mapSemgrepFinding(f, engine));
80
111
  return {
81
112
  issues,
82
113
  skipped: false,
83
- filesScanned: eligible.length,
114
+ filesScanned: files.length,
84
115
  durationMs: Date.now() - t0,
85
116
  rulesets,
117
+ engines: [engine],
86
118
  };
87
119
  }
88
- /**
89
- * Scans only the git-staged files in cwd.
90
- * Used by the pre-commit hook.
91
- */
92
- export async function scanStaged(cwd, config = {}) {
93
- let staged;
120
+ // ─── Bearer scanner ───────────────────────────────────────────────────────────
121
+ async function runBearerScan(files, cwd, t0) {
122
+ const bearerBin = findBearer();
123
+ if (!bearerBin)
124
+ return empty("Bearer not installed", t0, {});
125
+ // Bearer scans paths/directories — deduplicate to unique directories containing the files
126
+ const paths = [...new Set(files.map((f) => {
127
+ const abs = f.startsWith("/") ? f : join(cwd, f);
128
+ return abs;
129
+ }))];
130
+ const args = [
131
+ "scan",
132
+ "--format", "json",
133
+ "--quiet",
134
+ "--exit-code", "0", // don't exit 1 on findings — we handle them ourselves
135
+ ...paths,
136
+ ];
137
+ const result = spawnSync(bearerBin, args, {
138
+ cwd, encoding: "utf8", maxBuffer: 50 * 1024 * 1024, timeout: 60_000,
139
+ });
140
+ if (result.status !== 0) {
141
+ return empty(`Bearer scan failed (exit ${result.status})`, t0, {});
142
+ }
143
+ let raw;
94
144
  try {
95
- const out = execSync("git diff --name-only --cached --diff-filter=ACM", { cwd, encoding: "utf8" });
96
- staged = out.trim().split("\n").filter(Boolean);
145
+ raw = JSON.parse(result.stdout ?? "");
97
146
  }
98
147
  catch {
99
- return { issues: [], skipped: true, skipReason: "Not a git repository or no staged files", filesScanned: 0, durationMs: 0, rulesets: [] };
148
+ return empty("Failed to parse Bearer output", t0, {});
100
149
  }
101
- if (staged.length === 0) {
102
- return { issues: [], skipped: true, skipReason: "No staged files", filesScanned: 0, durationMs: 0, rulesets: [] };
150
+ const issues = [];
151
+ const severityMap = {
152
+ critical: "error",
153
+ high: "error",
154
+ medium: "warning",
155
+ low: "info",
156
+ warning: "info",
157
+ };
158
+ for (const [sev, findings] of Object.entries(raw)) {
159
+ if (!Array.isArray(findings))
160
+ continue;
161
+ for (const f of findings) {
162
+ // Only include files we were asked to scan
163
+ const relPath = f.filename.startsWith(cwd) ? f.filename.slice(cwd.length + 1) : f.filename;
164
+ const included = files.some((file) => relPath.endsWith(file) || file.endsWith(relPath));
165
+ if (!included)
166
+ continue;
167
+ issues.push({
168
+ ruleId: `bearer/${f.rule_id}`,
169
+ path: relPath,
170
+ line: f.line_number,
171
+ col: f.column_number ?? 1,
172
+ severity: severityMap[sev] ?? "warning",
173
+ message: f.description,
174
+ sourceLine: f.code_extract?.trim(),
175
+ cwe: f.cwe_ids,
176
+ engine: "bearer",
177
+ });
178
+ }
103
179
  }
104
- return scanFiles(staged, cwd, config);
180
+ return {
181
+ issues,
182
+ skipped: false,
183
+ filesScanned: files.length,
184
+ durationMs: Date.now() - t0,
185
+ rulesets: ["bearer/built-in"],
186
+ engines: ["bearer"],
187
+ };
105
188
  }
106
- /**
107
- * Scans files changed on a branch vs a base branch.
108
- */
109
- export async function scanBranch(cwd, branch, base = "main", config = {}) {
110
- let files;
111
- try {
112
- // Files changed on branch compared to base
113
- const out = execSync(`git diff --name-only --diff-filter=ACM $(git merge-base ${base} ${branch}) ${branch}`, { cwd, encoding: "utf8" });
114
- files = out.trim().split("\n").filter(Boolean);
189
+ // ─── Merge results ────────────────────────────────────────────────────────────
190
+ function mergeResults(primary, bearer, t0) {
191
+ const allIssues = [...primary.issues, ...bearer.issues];
192
+ // Deduplicate: same file + same line from both scanners
193
+ const seen = new Set();
194
+ const deduped = allIssues.filter((i) => {
195
+ const key = `${i.path}:${i.line}:${i.ruleId}`;
196
+ if (seen.has(key))
197
+ return false;
198
+ seen.add(key);
199
+ return true;
200
+ });
201
+ return {
202
+ issues: deduped,
203
+ skipped: primary.skipped && bearer.skipped,
204
+ filesScanned: primary.filesScanned,
205
+ durationMs: Date.now() - t0,
206
+ rulesets: [...new Set([...primary.rulesets, ...bearer.rulesets])],
207
+ engines: [...new Set([...primary.engines, ...bearer.engines])],
208
+ };
209
+ }
210
+ // ─── Scanner detection ────────────────────────────────────────────────────────
211
+ function findPrimaryScanner() {
212
+ // Try opengrep first — has free taint analysis
213
+ for (const candidate of ["opengrep", "/usr/local/bin/opengrep", "/opt/homebrew/bin/opengrep"]) {
214
+ const r = spawnSync(candidate, ["--version"], { encoding: "utf8" });
215
+ if (r.status === 0)
216
+ return { binary: candidate, engine: "opengrep" };
115
217
  }
116
- catch (e) {
117
- // Fallback: diff between branch and base directly
118
- try {
119
- const out = execSync(`git diff --name-only --diff-filter=ACM ${base}...${branch}`, { cwd, encoding: "utf8" });
120
- files = out.trim().split("\n").filter(Boolean);
121
- }
122
- catch {
123
- return { issues: [], skipped: true, skipReason: `Could not diff ${branch} vs ${base}: ${String(e).slice(0, 200)}`, filesScanned: 0, durationMs: 0, rulesets: [] };
124
- }
218
+ // Fall back to semgrep
219
+ for (const candidate of ["semgrep", "/usr/local/bin/semgrep", "/opt/homebrew/bin/semgrep"]) {
220
+ const r = spawnSync(candidate, ["--version"], { encoding: "utf8" });
221
+ if (r.status === 0)
222
+ return { binary: candidate, engine: "semgrep" };
125
223
  }
126
- if (files.length === 0) {
127
- return { issues: [], skipped: true, skipReason: `No changed files between ${base} and ${branch}`, filesScanned: 0, durationMs: 0, rulesets: [] };
224
+ // Try python module form
225
+ for (const [prog, mod, eng] of [["python3", "opengrep", "opengrep"], ["python3", "semgrep", "semgrep"]]) {
226
+ const r = spawnSync(prog, ["-m", mod, "--version"], { encoding: "utf8" });
227
+ if (r.status === 0)
228
+ return { binary: `${prog} -m ${mod}`, engine: eng };
128
229
  }
129
- // Checkout the branch content to a temp worktree isn't practical;
130
- // scan the working tree files (they may be on that branch already)
131
- return scanFiles(files, cwd, config);
230
+ return null;
132
231
  }
133
- // ─── Helpers ─────────────────────────────────────────────────────────────────
134
- function findSemgrep() {
135
- for (const candidate of ["semgrep", "/usr/local/bin/semgrep", "/opt/homebrew/bin/semgrep"]) {
136
- try {
137
- const r = spawnSync(candidate, ["--version"], { encoding: "utf8" });
138
- if (r.status === 0)
139
- return candidate;
140
- }
141
- catch { /* continue */ }
142
- }
143
- // Try python-installed semgrep
144
- try {
145
- const r = spawnSync("python3", ["-m", "semgrep", "--version"], { encoding: "utf8" });
232
+ export function isBearerInstalled() {
233
+ return !!findBearer();
234
+ }
235
+ function findBearer() {
236
+ for (const candidate of ["bearer", "/usr/local/bin/bearer", "/opt/homebrew/bin/bearer"]) {
237
+ const r = spawnSync(candidate, ["version"], { encoding: "utf8" });
146
238
  if (r.status === 0)
147
- return "python3 -m semgrep"; // caller handles space
239
+ return candidate;
148
240
  }
149
- catch { /* continue */ }
150
241
  return null;
151
242
  }
152
- function mapFinding(f, cwd) {
243
+ // ─── Helpers ─────────────────────────────────────────────────────────────────
244
+ function filterEligible(files, cwd, config) {
245
+ const maxBytes = (config.maxFileSizeKb ?? 500) * 1024;
246
+ return files.filter((f) => {
247
+ const abs = f.startsWith("/") ? f : join(cwd, f);
248
+ if (!existsSync(abs))
249
+ return false;
250
+ try {
251
+ return statSync(abs).size <= maxBytes;
252
+ }
253
+ catch {
254
+ return false;
255
+ }
256
+ });
257
+ }
258
+ function empty(reason, t0, config) {
259
+ return {
260
+ issues: [], skipped: true, skipReason: reason,
261
+ filesScanned: 0, durationMs: Date.now() - t0,
262
+ rulesets: config.rulesets ?? [], engines: [],
263
+ };
264
+ }
265
+ function mapSemgrepFinding(f, engine) {
153
266
  return {
154
267
  ruleId: f.check_id,
155
268
  path: f.path,
156
269
  line: f.start.line,
157
270
  col: f.start.col,
158
- severity: mapSeverity(f.extra.severity),
271
+ severity: mapSemgrepSeverity(f.extra.severity),
159
272
  message: f.extra.message,
160
273
  sourceLine: f.extra.lines?.trim(),
161
- cwe: f.extra.metadata?.cwe,
162
- owasp: f.extra.metadata?.owasp,
163
- references: f.extra.metadata?.references,
274
+ cwe: toStringArray(f.extra.metadata?.cwe),
275
+ owasp: toStringArray(f.extra.metadata?.owasp),
276
+ references: toStringArray(f.extra.metadata?.references),
277
+ engine,
164
278
  };
165
279
  }
166
- function mapSeverity(s) {
280
+ function mapSemgrepSeverity(s) {
167
281
  if (s === "ERROR")
168
282
  return "error";
169
283
  if (s === "WARNING")
170
284
  return "warning";
171
285
  return "info";
172
286
  }
287
+ function toStringArray(val) {
288
+ if (!val)
289
+ return undefined;
290
+ if (Array.isArray(val))
291
+ return val.map(String);
292
+ if (typeof val === "string")
293
+ return [val];
294
+ return undefined;
295
+ }
173
296
  //# sourceMappingURL=scanner.js.map
package/dist/core/scanner.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAC9C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,MAAM,gBAAgB,GAAG,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;AAC1D,MAAM,eAAe,GAAI,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;AAElG,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,KAAe,EACf,GAAa,EACb,SAAqB,EAAE;IAEvB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEtB,6BAA6B;IAC7B,MAAM,WAAW,GAAG,WAAW,EAAE,CAAC;IAClC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE;YACvE,UAAU,EACR,gFAAgF;SACnF,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK;SACnB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACZ,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACnC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;YAC/B,OAAO,IAAI,CAAC,MAAM,IAAI,QAAQ,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,KAAK,CAAC;QAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEL,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,2BAA2B,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC9H,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IACrD,MAAM,QAAQ,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IAEjE,wBAAwB;IACxB,MAAM,IAAI,GAAa;QACrB,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC3C,QAAQ;QACR,iBAAiB,EAAM,4CAA4C;QACnE,SAAS;QACT,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC5C,IAAI;QACJ,GAAG,QAAQ;KACZ,CAAC;IAEF,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE;QAC1C,GAAG;QACH,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;KACrC,CAAC,CAAC;IAEH,4DAA4D;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;IAEnC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/C,uBAAuB;QACvB,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,QAAQ;YAC/F,UAAU,EAAE,wBAAwB,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC9E,CAAC;IACJ,CAAC;IAED,IAAI,GAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAqB,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,QAAQ;YAC/F,UAAU,EAAE,mCAAmC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SACtE,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAE1D,OAAO;QACL,MAAM;QACN,OAAO,EAAE,KAAK;QACd,YAAY,EAAE,QAAQ,CAAC,MAAM;QAC7B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC3B,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,SAAqB,EAAE;IACnE,IAAI,MAAgB,CAAC;IACrB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAAC,iDAAiD,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACnG,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,yCAAyC,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC5I,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,iBAAiB,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACpH,CAAC;IAED,OAAO,SAAS,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,GAAc,EACd,MAAc,EACd,OAAiB,MAAM,EACvB,SAAqB,EAAE;IAEvB,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QACH,2CAA2C;QAC3C,MAAM,GAAG,GAAG,QAAQ,CAClB,2DAA2D,IAAI,IAAI,MAAM,KAAK,MAAM,EAAE,EACtF,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;QACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,kDAAkD;QAClD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,QAAQ,CAClB,0CAA0C,IAAI,MAAM,MAAM,EAAE,EAC5D,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;YACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,kBAAkB,MAAM,OAAO,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;QACpK,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,4BAA4B,IAAI,QAAQ,MAAM,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACnJ,CAAC;IAED,kEAAkE;IAClE,mEAAmE;IACnE,OAAO,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,gFAAgF;AAEhF,SAAS,WAAW;IAClB,KAAK,MAAM,SAAS,IAAI,CAAC,SAAS,EAAE,wBAAwB,EAAE,2BAA2B,CAAC,EAAE,CAAC;QAC3F,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACpE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,SAAS,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC,CAAC,cAAc,CAAC,CAAC;IAC5B,CAAC;IACD,+BAA+B;IAC/B,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACrF,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,oBAAoB,CAAC,CAAE,uBAAuB;IAC3E,CAAC;IAAC,MAAM,CAAC,CAAC,cAAc,CAAC,CAAC;IAC1B,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,CAAiB,EAAE,GAAW;IAChD,OAAO;QACL,MAAM,EAAO,CAAC,CAAC,QAAQ;QACvB,IAAI,EAAS,CAAC,CAAC,IAAI;QACnB,IAAI,EAAS,CAAC,CAAC,KAAK,CAAC,IAAI;QACzB,GAAG,EAAU,CAAC,CAAC,KAAK,CAAC,GAAG;QACxB,QAAQ,EAAK,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC1C,OAAO,EAAM,CAAC,CAAC,KAAK,CAAC,OAAO;QAC5B,UAAU,EAAG,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE;QAClC,GAAG,EAAU,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG;QAClC,KAAK,EAAQ,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK;QACpC,UAAU,EAAG,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU;KAC1C,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,CAAsC;IACzD,IAAI,CAAC,KAAK,OAAO;QAAI,OAAO,OAAO,CAAC;IACpC,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IACtC,OAAO,MAAM,CAAC;AAChB,CAAC"}
1
+ {"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,UAAU,EAAgB,QAAQ,EAAE,MAAM,IAAI,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAO5B,MAAM,gBAAgB,GAAG,CAAC,WAAW,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;AAC9E,MAAM,eAAe,GAAI,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;AAElG,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,KAAgB,EAChB,GAAc,EACd,SAAqB,EAAE;IAEvB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACtB,MAAM,QAAQ,GAAG,cAAc,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IAEpD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC,2BAA2B,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACxD,CAAC;IAED,uBAAuB;IACvB,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IAEzE,8DAA8D;IAC9D,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC5D,IAAI,SAAS,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACrC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC5D,OAAO,YAAY,CAAC,aAAa,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,SAAqB,EAAE;IACnE,IAAI,MAAgB,CAAC;IACrB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAAC,iDAAiD,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACnG,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC,yCAAyC,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC,iBAAiB,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IACtD,CAAC;IAED,4FAA4F;IAC5F,OAAO,SAAS,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,CAAC;AACpF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,GAAc,EACd,MAAc,EACd,OAAiB,MAAM,EACvB,SAAqB,EAAE;IAEvB,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAClB,2DAA2D,IAAI,IAAI,MAAM,KAAK,MAAM,EAAE,EACtF,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;QACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,QAAQ,CAClB,0CAA0C,IAAI,MAAM,MAAM,EAAE,EAC5D,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;YACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,KAAK,CAAC,kBAAkB,MAAM,OAAO,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;QACtG,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC,4BAA4B,IAAI,QAAQ,MAAM,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IACrF,CAAC;IAED,OAAO,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,CAAC;AACnF,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,iBAAiB,CAC9B,KAAgB,EAChB,GAAc,EACd,MAAkB,EAClB,EAAc;IAEd,MAAM,WAAW,GAAG,kBAAkB,EAAE,CAAC;IACzC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;YAClF,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;YACzB,UAAU,EACR,6FAA6F;SAChG,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,WAAW,CAAC;IACvC,MAAM,QAAQ,GAAI,MAAM,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IACtD,MAAM,QAAQ,GAAI,CAAC,GAAG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IAElE,MAAM,IAAI,GAAa;QACrB,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC3C,QAAQ;QACR,iBAAiB;QACjB,SAAS;QACT,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC5C,IAAI;QACJ,GAAG,KAAK;KACT,CAAC;IAEF,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE;QACrC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;KACnD,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/C,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;YAClF,QAAQ,EAAE,OAAO,EAAE,EAAE;YACrB,UAAU,EAAE,GAAG,MAAM,iBAAiB,MAAM,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC/F,CAAC;IACJ,CAAC;IAED,IAAI,GAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAqB,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;YAClF,QAAQ,EAAE,OAAO,EAAE,EAAE;YACrB,UAAU,EAAE,mBAAmB,MAAM,SAAS;SAC/C,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IAEpE,OAAO;QACL,MAAM;QACN,OAAO,EAAE,KAAK;QACd,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC3B,QAAQ;QACR,OAAO,EAAE,CAAC,MAAM,CAAC;KAClB,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,KAAK,UAAU,aAAa,CAC1B,KAAe,EACf,GAAa,EACb,EAAa;IAEb,MAAM,SAAS,GAAG,UAAU,EAAE,CAAC;IAC/B,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC,sBAAsB,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAE7D,0FAA0F;IAC1F,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxC,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACjD,OAAO,GAAG,CAAC;QACb,CAAC,CAAC,CAAC,CAAC,CAAC;IAEL,MAAM,IAAI,GAAG;QACX,MAAM;QACN,UAAU,EAAE,MAAM;QAClB,SAAS;QACT,aAAa,EAAE,GAAG,EAAI,sDAAsD;QAC5E,GAAG,KAAK;KACT,CAAC;IAEF,MAAM,MAAM,GAAG,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE;QACxC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO,EAAE,MAAM;KACpE,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC,4BAA4B,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,GAAoB,CAAC;IACzB,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAoB,CAAC;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC,+BAA+B,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,MAAM,GAAY,EAAE,CAAC;IAC3B,MAAM,WAAW,GAAsC;QACrD,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAM,OAAO;QACjB,MAAM,EAAI,SAAS;QACnB,GAAG,EAAO,MAAM;QAChB,OAAO,EAAG,MAAM;KACjB,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC;YAAE,SAAS;QACvC,KAAK,MAAM,CAAC,IAAI,QAA2B,EAAE,CAAC;YAC5C,2CAA2C;YAC3C,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC3F,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YACxF,IAAI,CAAC,QAAQ;gBAAE,SAAS;YAExB,MAAM,CAAC,IAAI,CAAC;gBACV,MAAM,EAAM,UAAU,CAAC,CAAC,OAAO,EAAE;gBACjC,IAAI,EAAQ,OAAO;gBACnB,IAAI,EAAQ,CAAC,CAAC,WAAW;gBACzB,GAAG,EAAS,CAAC,CAAC,aAAa,IAAI,CAAC;gBAChC,QAAQ,EAAI,WAAW,CAAC,GAAG,CAAC,IAAI,SAAS;gBACzC,OAAO,EAAK,CAAC,CAAC,WAAW;gBACzB,UAAU,EAAE,CAAC,CAAC,YAAY,EAAE,IAAI,EAAE;gBAClC,GAAG,EAAS,CAAC,CAAC,OAAO;gBACrB,MAAM,EAAM,QAAQ;aACrB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM;QACN,OAAO,EAAO,KAAK;QACnB,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,UAAU,EAAI,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC7B,QAAQ,EAAM,CAAC,iBAAiB,CAAC;QACjC,OAAO,EAAO,CAAC,QAAQ,CAAC;KACzB,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,SAAS,YAAY,CAAC,OAAmB,EAAE,MAAkB,EAAE,EAAU;IACvE,MAAM,SAAS,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IACxD,wDAAwD;IACxD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;QAC9C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAQ,OAAO;QACrB,OAAO,EAAO,OAAO,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO;QAC/C,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,UAAU,EAAI,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC7B,QAAQ,EAAM,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;QACrE,OAAO,EAAO,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;KACpE,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,SAAS,kBAAkB;IACzB,+CAA+C;IAC/C,KAAK,MAAM,SAAS,IAAI,CAAC,UAAU,EAAE,yBAAyB,EAAE,4BAA4B,CAAC,EAAE,CAAC;QAC9F,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IACvE,CAAC;IAED,uBAAuB;IACvB,KAAK,MAAM,SAAS,IAAI,CAAC,SAAS,EAAE,wBAAwB,EAAE,2BAA2B,CAAC,EAAE,CAAC;QAC3F,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IACtE,CAAC;IAED,yBAAyB;IACzB,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,CAAU,EAAE,CAAC;QACjH,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,OAAO,GAAG,EAAE,EAAE,MAAM,EAAE,GAAiB,EAAE,CAAC;IACxF,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CAAC,CAAC,UAAU,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,UAAU;IACjB,KAAK,MAAM,SAAS,IAAI,CAAC,QAAQ,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,EAAE,CAAC;QACxF,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;IACvC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,gFAAgF;AAEhF,SAAS,cAAc,CAAC,KAAe,EAAE,GAAW,EAAE,MAAkB;IACtE,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;IACtD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACxB,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACnC,IAAI,CAAC;YAAC,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,QAAQ,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,KAAK,CAAC;QAAC,CAAC;IACxE,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,KAAK,CAAC,MAAc,EAAE,EAAU,EAAE,MAAkB;IAC3D,OAAO;QACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM;QAC7C,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC5C,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAiB,EAAE,MAAkB;IAC9D,OAAO;QACL,MAAM,EAAM,CAAC,CAAC,QAAQ;QACtB,IAAI,EAAQ,CAAC,CAAC,IAAI;QAClB,IAAI,EAAQ,CAAC,CAAC,KAAK,CAAC,IAAI;QACxB,GAAG,EAAS,CAAC,CAAC,KAAK,CAAC,GAAG;QACvB,QAAQ,EAAI,kBAAkB,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC;QAChD,OAAO,EAAK,CAAC,CAAC,KAAK,CAAC,OAAO;QAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE;QACjC,GAAG,EAAS,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC;QAChD,KAAK,EAAO,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC;QAClD,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,CAAC;QACvD,MAAM;KACP,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAsC;IAChE,IAAI,CAAC,KAAK,OAAO;QAAI,OAAO,OAAO,CAAC;IACpC,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IACtC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,aAAa,CAAC,GAAY;IACjC,IAAI,CAAC,GAAG;QAAE,OAAO,SAAS,CAAC;IAC3B,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC/C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,SAAS,CAAC;AACnB,CAAC"}
package/dist/hooks/setup.d.ts CHANGED
@@ -1,7 +1,10 @@
1
1
  /**
2
- * Pre-commit hook installer.
3
- * Writes a git hook that runs `argus-ci scan --staged`
4
- * and blocks the commit if any ERROR-severity findings are found.
2
+ * argus-ci setup — single command that does everything:
3
+ * 1. Auto-installs Semgrep if missing (brew on macOS, pip3 elsewhere)
4
+ * 2. Copies CLAUDE.md + .cursorrules trigger files into the repo
5
+ * 3. Installs the pre-commit git hook
6
+ *
7
+ * Usage: npx argus-ci setup
5
8
  */
6
9
  export declare function setupHook(cwd: string): Promise<void>;
7
10
  //# sourceMappingURL=setup.d.ts.map
package/dist/hooks/setup.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAkCH,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CA6D1D"}
1
+ {"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA4CH,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAkC1D"}
package/dist/hooks/setup.js CHANGED
@@ -1,93 +1,244 @@
1
1
  /**
2
- * Pre-commit hook installer.
3
- * Writes a git hook that runs `argus-ci scan --staged`
4
- * and blocks the commit if any ERROR-severity findings are found.
2
+ * argus-ci setup — single command that does everything:
3
+ * 1. Auto-installs Semgrep if missing (brew on macOS, pip3 elsewhere)
4
+ * 2. Copies CLAUDE.md + .cursorrules trigger files into the repo
5
+ * 3. Installs the pre-commit git hook
6
+ *
7
+ * Usage: npx argus-ci setup
5
8
  */
6
- import { existsSync, mkdirSync, writeFileSync, chmodSync, readFileSync } from "fs";
7
- import { join } from "path";
9
+ import { existsSync, mkdirSync, writeFileSync, chmodSync, readFileSync, copyFileSync, } from "fs";
10
+ import { join, dirname } from "path";
11
+ import { spawnSync } from "child_process";
12
+ import { fileURLToPath } from "url";
13
+ import { platform } from "os";
14
+ const __filename = fileURLToPath(import.meta.url);
15
+ const __dirname = dirname(__filename);
16
+ // Resolve the package root (two levels up from dist/hooks/)
17
+ const PKG_ROOT = join(__dirname, "..", "..");
8
18
  const HOOK_MARKER = "# argus-ci-hook";
9
19
  const HOOK_SCRIPT = `#!/usr/bin/env sh
10
20
  ${HOOK_MARKER}
11
21
  # Semgrep quality gate — runs on every commit.
12
- # Remove with: argus-ci setup --remove
22
+ # Remove with: npx argus-ci setup --remove
13
23
  # Bypass (emergency only): git commit --no-verify
14
24
 
15
- echo "🔍 Running Semgrep security scan on staged files..."
25
+ echo "🔍 argus-ci: scanning staged files (Opengrep + Bearer if installed)..."
16
26
 
17
- # Run argus-ci scan on staged files
18
- # Exit code 1 = errors found → block commit
19
- # Exit code 0 = clean → allow commit
20
27
  npx --yes argus-ci scan --staged
21
-
22
28
  EXIT_CODE=$?
23
29
 
24
30
  if [ $EXIT_CODE -ne 0 ]; then
25
31
  echo ""
26
- echo "❌ Semgrep found security issues — commit blocked."
27
- echo " Fix the issues above, then run: git commit"
28
- echo " To skip (not recommended): git commit --no-verify"
32
+ echo "❌ Security issues found — commit blocked."
33
+ echo " Fix the issues above, then commit again."
34
+ echo " Emergency bypass: git commit --no-verify"
29
35
  exit 1
30
36
  fi
31
37
 
32
- echo "✅ Semgrep scan passed."
38
+ echo "✅ argus-ci: all clear."
33
39
  exit 0
34
40
  `;
41
+ // ─── Main export ──────────────────────────────────────────────────────────────
35
42
  export async function setupHook(cwd) {
36
43
  const remove = process.argv.includes("--remove");
37
- // Find .git directory
44
+ if (remove) {
45
+ const hookPath = join(cwd, ".git", "hooks", "pre-commit");
46
+ await removeHook(hookPath);
47
+ return;
48
+ }
49
+ console.log("\n🚀 argus-ci setup\n");
50
+ // Step 1: ensure Opengrep (or Semgrep fallback) is installed
51
+ await ensurePrimaryScanner();
52
+ // Step 2: offer Bearer for deep data-flow scanning
53
+ await ensureBearer();
54
+ // Step 2: copy trigger files into the repo
55
+ copyTriggerFiles(cwd);
56
+ // Step 3: install the pre-commit hook
57
+ installPreCommitHook(cwd);
58
+ console.log(`
59
+ ✅ Setup complete. argus-ci is now active in this repo.
60
+
61
+ What happens next:
62
+ • Every file your AI agent writes is scanned (Opengrep — fast, taint-aware)
63
+ • Every commit is scanned (Opengrep + Bearer if installed) — errors block the commit
64
+ • CLAUDE.md and .cursorrules tell your AI agent to run scans automatically
65
+
66
+ To review a PR: npx argus-ci pr <github-url>
67
+ To remove the hook: npx argus-ci setup --remove
68
+ `);
69
+ }
70
+ // ─── Step 1: auto-install Opengrep (or Semgrep fallback) ─────────────────────
71
+ async function ensurePrimaryScanner() {
72
+ // Check if opengrep is already installed
73
+ if (isScannerInstalled("opengrep")) {
74
+ const v = getScannerVersion("opengrep");
75
+ console.log(` ✓ Opengrep already installed (${v})`);
76
+ return;
77
+ }
78
+ // Check if semgrep is installed as fallback
79
+ if (isScannerInstalled("semgrep")) {
80
+ const v = getScannerVersion("semgrep");
81
+ console.log(` ✓ Semgrep installed (${v}) — Opengrep not found, using Semgrep as fallback`);
82
+ console.log(` Note: Install Opengrep for free taint analysis: pip install opengrep`);
83
+ return;
84
+ }
85
+ // Neither found — try to install Opengrep
86
+ console.log(" ⚙️ No scanner found — installing Opengrep (free taint analysis)...");
87
+ const installed = tryInstallOpengrep();
88
+ if (!installed) {
89
+ // Opengrep failed — try Semgrep as fallback
90
+ console.log(" ⚙️ Opengrep install failed — trying Semgrep as fallback...");
91
+ const semgrepInstalled = tryInstallSemgrep();
92
+ if (!semgrepInstalled) {
93
+ console.error(`
94
+ ❌ Could not install a scanner automatically.
95
+ Please install one manually then re-run setup:
96
+
97
+ pip install opengrep (recommended — free taint analysis)
98
+ brew install semgrep (macOS, fallback)
99
+ pip install semgrep (any platform, fallback)
100
+ `);
101
+ process.exit(1);
102
+ }
103
+ const v = getScannerVersion("semgrep");
104
+ console.log(` ✓ Semgrep installed as fallback (${v})`);
105
+ return;
106
+ }
107
+ const v = getScannerVersion("opengrep");
108
+ console.log(` ✓ Opengrep installed (${v}) — taint analysis enabled`);
109
+ }
110
+ function tryInstallOpengrep() {
111
+ const pipCmd = commandExists("pip3") ? "pip3" : "pip";
112
+ console.log(` → ${pipCmd} install opengrep`);
113
+ const r = spawnSync(pipCmd, ["install", "opengrep"], { stdio: "inherit" });
114
+ return r.status === 0 && isScannerInstalled("opengrep");
115
+ }
116
+ function tryInstallSemgrep() {
117
+ const os = platform();
118
+ if (os === "darwin" && commandExists("brew")) {
119
+ console.log(" → brew install semgrep");
120
+ const r = spawnSync("brew", ["install", "semgrep"], { stdio: "inherit" });
121
+ if (r.status === 0)
122
+ return true;
123
+ }
124
+ const pipCmd = commandExists("pip3") ? "pip3" : "pip";
125
+ console.log(` → ${pipCmd} install semgrep`);
126
+ const r = spawnSync(pipCmd, ["install", "semgrep"], { stdio: "inherit" });
127
+ return r.status === 0 && isScannerInstalled("semgrep");
128
+ }
129
+ function isScannerInstalled(scanner) {
130
+ for (const cmd of [scanner, `/usr/local/bin/${scanner}`, `/opt/homebrew/bin/${scanner}`]) {
131
+ const r = spawnSync(cmd, ["--version"], { encoding: "utf8" });
132
+ if (r.status === 0)
133
+ return true;
134
+ }
135
+ const r = spawnSync("python3", ["-m", scanner, "--version"], { encoding: "utf8" });
136
+ return r.status === 0;
137
+ }
138
+ function getScannerVersion(scanner) {
139
+ const r = spawnSync(scanner, ["--version"], { encoding: "utf8" });
140
+ if (r.status === 0)
141
+ return r.stdout.trim().split("\n")[0];
142
+ const r2 = spawnSync("python3", ["-m", scanner, "--version"], { encoding: "utf8" });
143
+ return r2.stdout?.trim().split("\n")[0] ?? "unknown";
144
+ }
145
+ // ─── Step 1b: offer Bearer install ───────────────────────────────────────────
146
+ async function ensureBearer() {
147
+ // Check if Bearer already installed
148
+ for (const cmd of ["bearer", "/usr/local/bin/bearer", "/opt/homebrew/bin/bearer"]) {
149
+ const r = spawnSync(cmd, ["version"], { encoding: "utf8" });
150
+ if (r.status === 0) {
151
+ console.log(` ✓ Bearer already installed — deep data-flow analysis enabled`);
152
+ return;
153
+ }
154
+ }
155
+ // Try to install Bearer
156
+ console.log(" ⚙️ Installing Bearer (deep data-flow analysis)...");
157
+ const os = platform();
158
+ let installed = false;
159
+ if (os === "darwin" && commandExists("brew")) {
160
+ console.log(" → brew install bearer/tap/bearer");
161
+ const r = spawnSync("brew", ["install", "bearer/tap/bearer"], { stdio: "inherit" });
162
+ installed = r.status === 0;
163
+ }
164
+ if (!installed) {
165
+ // Try the install script (macOS/Linux)
166
+ console.log(" → curl install script");
167
+ const r = spawnSync("sh", ["-c", "curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh"], { stdio: "inherit" });
168
+ installed = r.status === 0;
169
+ }
170
+ if (installed) {
171
+ console.log(" ✓ Bearer installed — staged/branch/PR scans will include data-flow analysis");
172
+ }
173
+ else {
174
+ console.log(" ℹ️ Bearer not installed (optional) — skipping data-flow analysis");
175
+ console.log(" Install manually: brew install bearer/tap/bearer");
176
+ }
177
+ }
178
+ function commandExists(cmd) {
179
+ const r = spawnSync(platform() === "win32" ? "where" : "which", [cmd], { encoding: "utf8" });
180
+ return r.status === 0;
181
+ }
182
+ // ─── Step 2: copy trigger files ───────────────────────────────────────────────
183
+ function copyTriggerFiles(cwd) {
184
+ const files = [
185
+ { src: join(PKG_ROOT, "CLAUDE.md"), dest: join(cwd, "CLAUDE.md") },
186
+ { src: join(PKG_ROOT, ".cursorrules"), dest: join(cwd, ".cursorrules") },
187
+ ];
188
+ for (const { src, dest } of files) {
189
+ if (!existsSync(src)) {
190
+ console.log(` ⚠️ Could not find ${src} in package — skipping`);
191
+ continue;
192
+ }
193
+ if (existsSync(dest)) {
194
+ // Check if already contains argus-ci instructions
195
+ const existing = readFileSync(dest, "utf8");
196
+ if (existing.includes("argus-ci") || existing.includes("scan_files")) {
197
+ console.log(` ✓ ${dest.split("/").pop()} already contains argus-ci instructions`);
198
+ continue;
199
+ }
200
+ // Append to existing file
201
+ const appended = existing.trimEnd() + "\n\n" + readFileSync(src, "utf8");
202
+ writeFileSync(dest, appended, "utf8");
203
+ console.log(` ✓ argus-ci instructions appended to existing ${dest.split("/").pop()}`);
204
+ }
205
+ else {
206
+ copyFileSync(src, dest);
207
+ console.log(` ✓ ${dest.split("/").pop()} written`);
208
+ }
209
+ }
210
+ }
211
+ // ─── Step 3: install pre-commit hook ─────────────────────────────────────────
212
+ function installPreCommitHook(cwd) {
38
213
  const gitDir = join(cwd, ".git");
39
214
  if (!existsSync(gitDir)) {
40
- console.error(" Not a git repository. Run this from the repo root.");
41
- process.exit(1);
215
+ console.warn(" ⚠️ No .git directory found skipping pre-commit hook");
216
+ console.warn(" Run from a git repo root to install the commit gate.");
217
+ return;
42
218
  }
43
219
  const hooksDir = join(gitDir, "hooks");
44
220
  const hookPath = join(hooksDir, "pre-commit");
45
- if (remove) {
46
- await removeHook(hookPath);
47
- return;
48
- }
49
- // Create hooks dir if needed
50
221
  if (!existsSync(hooksDir))
51
222
  mkdirSync(hooksDir, { recursive: true });
52
- // Check if a hook already exists (not ours)
53
223
  if (existsSync(hookPath)) {
54
224
  const existing = readFileSync(hookPath, "utf8");
55
225
  if (existing.includes(HOOK_MARKER)) {
56
- console.log(" argus-ci pre-commit hook already installed.");
226
+ console.log(" Pre-commit hook already installed");
57
227
  return;
58
228
  }
59
- // Append to existing hook
229
+ // Append to existing hook rather than overwrite
60
230
  const appended = existing.trimEnd() + "\n\n" + HOOK_SCRIPT;
61
231
  writeFileSync(hookPath, appended, "utf8");
62
232
  chmodSync(hookPath, 0o755);
63
- console.log(" argus-ci hook appended to existing pre-commit hook.");
233
+ console.log(" argus-ci appended to existing pre-commit hook");
64
234
  }
65
235
  else {
66
236
  writeFileSync(hookPath, HOOK_SCRIPT, "utf8");
67
237
  chmodSync(hookPath, 0o755);
68
- console.log(" argus-ci pre-commit hook installed.");
238
+ console.log(" Pre-commit hook installed");
69
239
  }
70
- // Verify semgrep is available
71
- const { spawnSync } = await import("child_process");
72
- const check = spawnSync("semgrep", ["--version"], { encoding: "utf8" });
73
- if (check.status !== 0) {
74
- console.log("\n⚠️ semgrep not found on PATH.");
75
- console.log(" Install it before the hook will work:");
76
- console.log(" → pip install semgrep");
77
- console.log(" → brew install semgrep\n");
78
- }
79
- else {
80
- const version = check.stdout.trim();
81
- console.log(` Using semgrep ${version}`);
82
- }
83
- console.log("\nThe hook will:");
84
- console.log(" • Run on every git commit automatically");
85
- console.log(" • Scan only the files you're committing (fast)");
86
- console.log(" • Block the commit if any ERROR-severity issues are found");
87
- console.log(" • Allow commits with only warnings");
88
- console.log("\nTo remove: argus-ci setup --remove");
89
- console.log("To bypass: git commit --no-verify (emergency only)\n");
90
240
  }
241
+ // ─── Remove ───────────────────────────────────────────────────────────────────
91
242
  async function removeHook(hookPath) {
92
243
  if (!existsSync(hookPath)) {
93
244
  console.log("No pre-commit hook found.");
@@ -98,20 +249,18 @@ async function removeHook(hookPath) {
98
249
  console.log("argus-ci hook not found in pre-commit hook.");
99
250
  return;
100
251
  }
101
- // If the entire file is our hook, delete it
102
252
  if (content.trim() === HOOK_SCRIPT.trim()) {
103
253
  const { unlinkSync } = await import("fs");
104
254
  unlinkSync(hookPath);
105
255
  console.log("✅ argus-ci pre-commit hook removed.");
106
256
  return;
107
257
  }
108
- // Otherwise strip our section from the file
109
258
  const lines = content.split("\n");
110
259
  const markerIdx = lines.findIndex((l) => l.includes(HOOK_MARKER));
111
- if (markerIdx > 0) {
260
+ if (markerIdx >= 0) {
112
261
  const stripped = lines.slice(0, markerIdx).join("\n").trimEnd() + "\n";
113
262
  writeFileSync(hookPath, stripped, "utf8");
114
- console.log("✅ argus-ci section removed from pre-commit hook.");
263
+ console.log("✅ argus-ci removed from pre-commit hook.");
115
264
  }
116
265
  }
117
266
  //# sourceMappingURL=setup.js.map
package/dist/hooks/setup.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,SAAS,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AACnF,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAEtC,MAAM,WAAW,GAAG;EAClB,WAAW;;;;;;;;;;;;;;;;;;;;;;;;CAwBZ,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAW;IACzC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAEjD,sBAAsB;IACtB,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,KAAK,CAAC,sDAAsD,CAAC,CAAC;QACtE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IAED,MAAM,QAAQ,GAAI,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAI,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAE/C,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,6BAA6B;IAC7B,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEpE,4CAA4C;IAC5C,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAEhD,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;YAC7D,OAAO;QACT,CAAC;QAED,0BAA0B;QAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,MAAM,GAAG,WAAW,CAAC;QAC3D,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;QAC7C,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACvD,CAAC;IAED,8BAA8B;IAC9B,MAAM,EAAE,SAAS,EAAE,GAAG,MAAM,MAAM,CAAC,eAAe,CAAC,CAAC;IACpD,MAAM,KAAK,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IACxE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,CAAC,GAAG,CAAC,kCAAkC,CAAC,CAAC;QAChD,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;QACxD,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;IAC7C,CAAC;SAAM,CAAC;QACN,MAAM,OAAO,GAAG,KAAK,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;QACpC,OAAO,CAAC,GAAG,CAAC,oBAAoB,OAAO,EAAE,CAAC,CAAC;IAC7C,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,kBAAkB,CAAC,CAAC;IAChC,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;IACzD,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAChE,OAAO,CAAC,GAAG,CAAC,6DAA6D,CAAC,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,CAAC;IACpD,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;IACrD,OAAO,CAAC,GAAG,CAAC,wDAAwD,CAAC,CAAC;AACxE,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QACzC,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC/C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO;IACT,CAAC;IAED,4CAA4C;IAC5C,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1C,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;QAC1C,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,4CAA4C;IAC5C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;IAClE,IAAI,SAAS,GAAG,CAAC,EAAE,CAAC;QAClB,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;QACvE,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,kDAAkD,CAAC,CAAC;IAClE,CAAC;AACH,CAAC"}
1
+ {"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,UAAU,EAAE,SAAS,EAAE,aAAa,EACpC,SAAS,EAAE,YAAY,EAAE,YAAY,GACtC,MAAM,IAAI,CAAC;AACZ,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AAE9B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAI,OAAO,CAAC,UAAU,CAAC,CAAC;AAEvC,4DAA4D;AAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAEtC,MAAM,WAAW,GAAG;EAClB,WAAW;;;;;;;;;;;;;;;;;;;;CAoBZ,CAAC;AAEF,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAW;IACzC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAEjD,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,6DAA6D;IAC7D,MAAM,oBAAoB,EAAE,CAAC;IAE7B,mDAAmD;IACnD,MAAM,YAAY,EAAE,CAAC;IAErB,2CAA2C;IAC3C,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAEtB,sCAAsC;IACtC,oBAAoB,CAAC,GAAG,CAAC,CAAC;IAE1B,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;CAUb,CAAC,CAAC;AACH,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,oBAAoB;IACjC,yCAAyC;IACzC,IAAI,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,GAAG,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,4CAA4C;IAC5C,IAAI,kBAAkB,CAAC,SAAS,CAAC,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,0BAA0B,CAAC,mDAAmD,CAAC,CAAC;QAC5F,OAAO,CAAC,GAAG,CAAC,0EAA0E,CAAC,CAAC;QACxF,OAAO;IACT,CAAC;IAED,0CAA0C;IAC1C,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAC;IACrF,MAAM,SAAS,GAAG,kBAAkB,EAAE,CAAC;IAEvC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,4CAA4C;QAC5C,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;QAC7E,MAAM,gBAAgB,GAAG,iBAAiB,EAAE,CAAC;QAE7C,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CAAC;;;;;;;CAOnB,CAAC,CAAC;YACG,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,GAAG,CAAC,CAAC;QACxD,OAAO;IACT,CAAC;IAED,MAAM,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,4BAA4B,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,kBAAkB;IACzB,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,mBAAmB,CAAC,CAAC;IACjD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC3E,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,kBAAkB,CAAC,UAAU,CAAC,CAAC;AAC1D,CAAC;AAED,SAAS,iBAAiB;IACxB,MAAM,EAAE,GAAG,QAAQ,EAAE,CAAC;IACtB,IAAI,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;IAClC,CAAC;IACD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,kBAAkB,CAAC,CAAC;IAChD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC1E,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,kBAAkB,CAAC,SAAS,CAAC,CAAC;AACzD,CAAC;AAED,SAAS,kBAAkB,CAAC,OAA+B;IACzD,KAAK,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,kBAAkB,OAAO,EAAE,EAAE,qBAAqB,OAAO,EAAE,CAAC,EAAE,CAAC;QACzF,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;IAClC,CAAC;IACD,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IACnF,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,iBAAiB,CAAC,OAA+B;IACxD,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IAClE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,EAAE,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IACpF,OAAO,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC;AACvD,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,YAAY;IACzB,oCAAoC;IACpC,KAAK,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnB,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;YAC9E,OAAO;QACT,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,QAAQ,EAAE,CAAC;IACtB,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,IAAI,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,mBAAmB,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QACpF,SAAS,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,uCAAuC;QACvC,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,SAAS,CACjB,IAAI,EAAE,CAAC,IAAI,EAAE,wFAAwF,CAAC,EACtG,EAAE,KAAK,EAAE,SAAS,EAAE,CACrB,CAAC;QACF,SAAS,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,+EAA+E,CAAC,CAAC;IAC/F,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,qEAAqE,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7F,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,iFAAiF;AAEjF,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,KAAK,GAAG;QACZ,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAM,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE;QACtE,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,EAAG,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,EAAE;KAC1E,CAAC;IAEF,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,KAAK,EAAE,CAAC;QAClC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,wBAAwB,CAAC,CAAC;YACjE,SAAS;QACX,CAAC;QAED,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,kDAAkD;YAClD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC5C,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBACrE,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,yCAAyC,CAAC,CAAC;gBACnF,SAAS;YACX,CAAC;YACD,0BAA0B;YAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,MAAM,GAAG,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YACzE,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,kDAAkD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACzF,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;AACH,CAAC;AAED,gFAAgF;AAEhF,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACzE,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;QAC3E,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAE9C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEpE,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAChD,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;YACrD,OAAO;QACT,CAAC;QACD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,MAAM,GAAG,WAAW,CAAC;QAC3D,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACnE,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;QAC7C,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QACzC,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC/C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1C,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;QAC1C,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;IAClE,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QACnB,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;QACvE,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC"}
package/dist/types.d.ts CHANGED
@@ -21,9 +21,9 @@ export interface SemgrepFinding {
21
21
  severity: "ERROR" | "WARNING" | "INFO";
22
22
  lines?: string;
23
23
  metadata?: {
24
- cwe?: string[];
25
- owasp?: string[];
26
- references?: string[];
24
+ cwe?: string | string[];
25
+ owasp?: string | string[];
26
+ references?: string | string[];
27
27
  category?: string;
28
28
  technology?: string[];
29
29
  };
@@ -35,7 +35,27 @@ export interface SemgrepError {
35
35
  message: string;
36
36
  type: string;
37
37
  }
38
+ export interface BearerRawResult {
39
+ critical?: BearerFinding[];
40
+ high?: BearerFinding[];
41
+ medium?: BearerFinding[];
42
+ low?: BearerFinding[];
43
+ warning?: BearerFinding[];
44
+ }
45
+ export interface BearerFinding {
46
+ rule_id: string;
47
+ rule_display_id?: string;
48
+ description: string;
49
+ severity: string;
50
+ filename: string;
51
+ full_filename?: string;
52
+ line_number: number;
53
+ column_number?: number;
54
+ code_extract?: string;
55
+ cwe_ids?: string[];
56
+ }
38
57
  export type Severity = "error" | "warning" | "info";
58
+ export type ScanEngine = "opengrep" | "semgrep" | "bearer";
39
59
  export interface Issue {
40
60
  ruleId: string;
41
61
  path: string;
@@ -47,6 +67,7 @@ export interface Issue {
47
67
  cwe?: string[];
48
68
  owasp?: string[];
49
69
  references?: string[];
70
+ engine: ScanEngine;
50
71
  }
51
72
  export interface ScanResult {
52
73
  issues: Issue[];
@@ -55,20 +76,17 @@ export interface ScanResult {
55
76
  filesScanned: number;
56
77
  durationMs: number;
57
78
  rulesets: string[];
79
+ engines: ScanEngine[];
58
80
  }
59
81
  export interface ScanConfig {
60
- /** Semgrep rulesets to run — defaults to auto-detected from stack */
61
82
  rulesets?: string[];
62
- /** Fail (exit 1) if any issue of these severities is found */
63
83
  failOn?: Severity[];
64
- /** Max file size in KB to scan — default 500 */
65
84
  maxFileSizeKb?: number;
66
- /** Directories to exclude */
67
85
  exclude?: string[];
68
- /** GITHUB_TOKEN for private repo PR access */
69
86
  githubToken?: string;
70
- /** Anthropic API key for the agent interface */
71
87
  anthropicKey?: string;
88
+ /** Run Bearer deep scan in addition to Opengrep (default: true for staged/branch/PR, false for single file) */
89
+ runBearer?: boolean;
72
90
  }
73
91
  export interface ToolResponse {
74
92
  success: boolean;
package/dist/types.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,MAAM,EAAG,YAAY,EAAE,CAAC;IACxB,KAAK,CAAC,EAAG;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAClC;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAM,MAAM,CAAC;IACjB,KAAK,EAAK;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,GAAG,EAAO;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,KAAK,EAAE;QACL,OAAO,EAAI,MAAM,CAAC;QAClB,QAAQ,EAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;QACxC,KAAK,CAAC,EAAK,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE;YACT,GAAG,CAAC,EAAS,MAAM,EAAE,CAAC;YACtB,KAAK,CAAC,EAAO,MAAM,EAAE,CAAC;YACtB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;YACtB,QAAQ,CAAC,EAAI,MAAM,CAAC;YACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;SACvB,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAK,MAAM,CAAC;IAChB,KAAK,EAAI,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAK,MAAM,CAAC;CACjB;AAID,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;AAEpD,MAAM,WAAW,KAAK;IACpB,MAAM,EAAO,MAAM,CAAC;IACpB,IAAI,EAAS,MAAM,CAAC;IACpB,IAAI,EAAS,MAAM,CAAC;IACpB,GAAG,EAAU,MAAM,CAAC;IACpB,QAAQ,EAAK,QAAQ,CAAC;IACtB,OAAO,EAAM,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAS,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAO,MAAM,EAAE,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAID,MAAM,WAAW,UAAU;IACzB,MAAM,EAAM,KAAK,EAAE,CAAC;IACpB,OAAO,EAAK,OAAO,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAG,MAAM,CAAC;IACpB,QAAQ,EAAK,MAAM,EAAE,CAAC;CACvB;AAID,MAAM,WAAW,UAAU;IACzB,qEAAqE;IACrE,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,8DAA8D;IAC9D,MAAM,CAAC,EAAI,QAAQ,EAAE,CAAC;IACtB,gDAAgD;IAChD,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,6BAA6B;IAC7B,OAAO,CAAC,EAAG,MAAM,EAAE,CAAC;IACpB,8CAA8C;IAC9C,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,gDAAgD;IAChD,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAID,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAG,OAAO,CAAC;IAClB,MAAM,CAAC,EAAG,UAAU,CAAC;IACrB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAI,MAAM,CAAC;CAClB"}
1
+ {"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,MAAM,EAAG,YAAY,EAAE,CAAC;IACxB,KAAK,CAAC,EAAG;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAClC;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAM,MAAM,CAAC;IACjB,KAAK,EAAK;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,GAAG,EAAO;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,KAAK,EAAE;QACL,OAAO,EAAI,MAAM,CAAC;QAClB,QAAQ,EAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;QACxC,KAAK,CAAC,EAAK,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE;YACT,GAAG,CAAC,EAAS,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,KAAK,CAAC,EAAO,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,QAAQ,CAAC,EAAI,MAAM,CAAC;YACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;SACvB,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAK,MAAM,CAAC;IAChB,KAAK,EAAI,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAK,MAAM,CAAC;CACjB;AAID,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,aAAa,EAAE,CAAC;IAC3B,IAAI,CAAC,EAAM,aAAa,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAI,aAAa,EAAE,CAAC;IAC3B,GAAG,CAAC,EAAO,aAAa,EAAE,CAAC;IAC3B,OAAO,CAAC,EAAG,aAAa,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAW,MAAM,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,EAAO,MAAM,CAAC;IACzB,QAAQ,EAAU,MAAM,CAAC;IACzB,QAAQ,EAAU,MAAM,CAAC;IACzB,aAAa,CAAC,EAAI,MAAM,CAAC;IACzB,WAAW,EAAO,MAAM,CAAC;IACzB,aAAa,CAAC,EAAI,MAAM,CAAC;IACzB,YAAY,CAAC,EAAK,MAAM,CAAC;IACzB,OAAO,CAAC,EAAU,MAAM,EAAE,CAAC;CAC5B;AAID,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;AACpD,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;AAE3D,MAAM,WAAW,KAAK;IACpB,MAAM,EAAO,MAAM,CAAC;IACpB,IAAI,EAAS,MAAM,CAAC;IACpB,IAAI,EAAS,MAAM,CAAC;IACpB,GAAG,EAAU,MAAM,CAAC;IACpB,QAAQ,EAAK,QAAQ,CAAC;IACtB,OAAO,EAAM,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAS,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAO,MAAM,EAAE,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,EAAO,UAAU,CAAC;CACzB;AAID,MAAM,WAAW,UAAU;IACzB,MAAM,EAAQ,KAAK,EAAE,CAAC;IACtB,OAAO,EAAO,OAAO,CAAC;IACtB,UAAU,CAAC,EAAG,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAI,MAAM,CAAC;IACrB,QAAQ,EAAM,MAAM,EAAE,CAAC;IACvB,OAAO,EAAO,UAAU,EAAE,CAAC;CAC5B;AAID,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,EAAO,MAAM,EAAE,CAAC;IACzB,MAAM,CAAC,EAAS,QAAQ,EAAE,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAQ,MAAM,EAAE,CAAC;IACzB,WAAW,CAAC,EAAI,MAAM,CAAC;IACvB,YAAY,CAAC,EAAG,MAAM,CAAC;IACvB,+GAA+G;IAC/G,SAAS,CAAC,EAAM,OAAO,CAAC;CACzB;AAID,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAI,OAAO,CAAC;IACnB,MAAM,CAAC,EAAI,UAAU,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAK,MAAM,CAAC;CACnB"}
package/dist/types.js CHANGED
@@ -1,3 +1,3 @@
1
- // ─── Semgrep raw output ───────────────────────────────────────────────────────
1
+ // ─── Semgrep / Opengrep raw output ───────────────────────────────────────────
2
2
  export {};
3
3
  //# sourceMappingURL=types.js.map
package/dist/types.js.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,iFAAiF"}
1
+ {"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,gFAAgF"}
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "argus-ci",
3
- "version": "1.1.1",
3
+ "version": "1.2.0",
4
4
  "description": "AI-powered code security agent — MCP server for Cursor/Claude, mandatory pre-commit gate, and conversational PR/branch review",
5
5
  "type": "module",
6
6
  "main": "dist/mcp/server.js",