argus-ci 1.1.2 → 1.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/core/reporter.d.ts.map +1 -1
- package/dist/core/reporter.js +5 -3
- package/dist/core/reporter.js.map +1 -1
- package/dist/core/scanner.d.ts +7 -11
- package/dist/core/scanner.d.ts.map +1 -1
- package/dist/core/scanner.js +225 -102
- package/dist/core/scanner.js.map +1 -1
- package/dist/hooks/setup.d.ts.map +1 -1
- package/dist/hooks/setup.js +103 -41
- package/dist/hooks/setup.js.map +1 -1
- package/dist/types.d.ts +27 -9
- package/dist/types.d.ts.map +1 -1
- package/dist/types.js +1 -1
- package/dist/types.js.map +1 -1
- package/package.json +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAS,UAAU,EAAY,MAAM,aAAa,CAAC;AAc/D,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,
|
|
1
|
+
{"version":3,"file":"reporter.d.ts","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAS,UAAU,EAAY,MAAM,aAAa,CAAC;AAc/D,wBAAgB,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC,EAAE,MAAM,GAAG,MAAM,CAwDvE;AAED,wBAAgB,SAAS,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CAOpD;AAED,wBAAgB,WAAW,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,GAAG,MAAM,CAsBtF"}
|
package/dist/core/reporter.js
CHANGED
|
@@ -27,11 +27,13 @@ export function toMarkdown(result, context) {
|
|
|
27
27
|
lines.push(`## Semgrep scan results\n`);
|
|
28
28
|
// Summary bar
|
|
29
29
|
if (issues.length === 0) {
|
|
30
|
+
const engineStr = result.engines.length ? ` · engines: ${result.engines.join(" + ")}` : "";
|
|
30
31
|
lines.push(`✅ **No issues found** — ${filesScanned} file${filesScanned !== 1 ? "s" : ""} scanned in ${durationMs}ms`);
|
|
31
|
-
lines.push(`\n_Rulesets: ${rulesets.join(", ")}_`);
|
|
32
|
+
lines.push(`\n_Rulesets: ${rulesets.join(", ")}${engineStr}_`);
|
|
32
33
|
return lines.join("\n");
|
|
33
34
|
}
|
|
34
|
-
|
|
35
|
+
const engineStr = result.engines.length ? ` · engines: ${result.engines.join(" + ")}` : "";
|
|
36
|
+
lines.push(`| Severity | Count |`, `|----------|-------|`, `| 🔴 Error | ${errors.length} |`, `| 🟡 Warning | ${warnings.length} |`, `| 🔵 Info | ${infos.length} |`, ``, `_${filesScanned} file${filesScanned !== 1 ? "s" : ""} scanned · ${durationMs}ms · rulesets: ${rulesets.join(", ")}${engineStr}_`, ``);
|
|
35
37
|
// Group by file
|
|
36
38
|
const byFile = groupByFile(issues);
|
|
37
39
|
for (const [file, fileIssues] of Object.entries(byFile)) {
|
|
@@ -44,7 +46,7 @@ export function toMarkdown(result, context) {
|
|
|
44
46
|
if (issue.sourceLine) {
|
|
45
47
|
lines.push(`\`\`\`\n${issue.sourceLine}\n\`\`\``);
|
|
46
48
|
}
|
|
47
|
-
lines.push(`_Rule: \`${issue.ruleId}\`_`);
|
|
49
|
+
lines.push(`_Rule: \`${issue.ruleId}\` · via ${issue.engine}_`);
|
|
48
50
|
if (issue.cwe?.length)
|
|
49
51
|
lines.push(`_CWE: ${issue.cwe.join(", ")}_`);
|
|
50
52
|
if (issue.owasp?.length)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"reporter.js","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,IAAI;IACb,OAAO,EAAE,IAAI;IACb,IAAI,EAAK,IAAI;CACd,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,OAAO;IAChB,OAAO,EAAE,SAAS;IAClB,IAAI,EAAK,MAAM;CAChB,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,MAAkB,EAAE,OAAgB;IAC7D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC;IACnD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC9D,MAAM,MAAM,GAAK,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAChE,MAAM,KAAK,GAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAE7D,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,SAAS;IACT,IAAI,OAAO;QAAE,KAAK,CAAC,IAAI,CAAC,qBAAqB,OAAO,IAAI,CAAC,CAAC;;QAC7C,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAErD,cAAc;IACd,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,KAAK,CAAC,IAAI,CAAC,2BAA2B,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,eAAe,UAAU,IAAI,CAAC,CAAC;QACtH,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;
|
|
1
|
+
{"version":3,"file":"reporter.js","sourceRoot":"","sources":["../../src/core/reporter.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,IAAI;IACb,OAAO,EAAE,IAAI;IACb,IAAI,EAAK,IAAI;CACd,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,KAAK,EAAI,OAAO;IAChB,OAAO,EAAE,SAAS;IAClB,IAAI,EAAK,MAAM;CAChB,CAAC;AAEF,MAAM,UAAU,UAAU,CAAC,MAAkB,EAAE,OAAgB;IAC7D,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,OAAO,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC;IACnD,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,UAAU,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC9D,MAAM,MAAM,GAAK,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC;IAC9D,MAAM,QAAQ,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC;IAChE,MAAM,KAAK,GAAM,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAE7D,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,SAAS;IACT,IAAI,OAAO;QAAE,KAAK,CAAC,IAAI,CAAC,qBAAqB,OAAO,IAAI,CAAC,CAAC;;QAC7C,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IAErD,cAAc;IACd,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC3F,KAAK,CAAC,IAAI,CAAC,2BAA2B,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,eAAe,UAAU,IAAI,CAAC,CAAC;QACtH,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,SAAS,GAAG,CAAC,CAAC;QAC/D,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,MAAM,SAAS,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;IAC3F,KAAK,CAAC,IAAI,CACR,sBAAsB,EACtB,sBAAsB,EACtB,kBAAkB,MAAM,CAAC,MAAM,MAAM,EACrC,kBAAkB,QAAQ,CAAC,MAAM,IAAI,EACrC,kBAAkB,KAAK,CAAC,MAAM,OAAO,EACrC,EAAE,EACF,IAAI,YAAY,QAAQ,YAAY,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,cAAc,UAAU,kBAAkB,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,SAAS,GAAG,EACjI,EAAE,CACH,CAAC;IAEF,gBAAgB;IAChB,MAAM,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC;IACnC,KAAK,MAAM,CAAC,IAAI,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,EAAE,CAAC;QACxD,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;QAC9B,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC7C,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,OAAO,KAAK,IAAI,KAAK,aAAa,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC3D,KAAK,CAAC,IAAI,CAAC,KAAK,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YACjC,IAAI,KAAK,CAAC,UAAU,EAAE,CAAC;gBACrB,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,CAAC,UAAU,UAAU,CAAC,CAAC;YACpD,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,MAAM,YAAY,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;YAChE,IAAI,KAAK,CAAC,GAAG,EAAE,MAAM;gBAAI,KAAK,CAAC,IAAI,CAAC,SAAS,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACtE,IAAI,KAAK,CAAC,KAAK,EAAE,MAAM;gBAAE,KAAK,CAAC,IAAI,CAAC,WAAW,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC5E,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,SAAS,CAAC,MAAkB;IAC1C,IAAI,MAAM,CAAC,OAAO;QAAE,OAAO,YAAY,MAAM,CAAC,UAAU,EAAE,CAAC;IAC3D,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,WAAW,MAAM,CAAC,YAAY,gBAAgB,CAAC;IAEtF,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,MAAM,CAAC;IAC1E,MAAM,KAAK,GAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;IAC5E,OAAO,SAAS,MAAM,CAAC,MAAM,CAAC,MAAM,YAAY,MAAM,YAAY,KAAK,iBAAiB,MAAM,CAAC,YAAY,QAAQ,CAAC;AACtH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,MAAkB,EAAE,OAAe,EAAE,KAAa;IAC5E,MAAM,KAAK,GAAa;QACtB,4BAA4B;QAC5B,cAAc,OAAO,KAAK,KAAK,GAAG;QAClC,EAAE;KACH,CAAC;IAEF,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;QACnB,KAAK,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,2BAA2B,MAAM,CAAC,YAAY,qBAAqB,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;QACrG,KAAK,CAAC,IAAI,CAAC,gBAAgB,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1D,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,8BAA8B;IAC9B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAC,CAAC;IACzE,KAAK,CAAC,IAAI,CAAC,yDAAyD,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;IACjG,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,gFAAgF;AAEhF,SAAS,WAAW,CAAC,MAAe;IAClC,MAAM,MAAM,GAA4B,EAAE,CAAC;IAC3C,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1C,CAAC;IACD,yCAAyC;IACzC,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC;IACzC,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/core/scanner.d.ts
CHANGED
|
@@ -1,19 +1,15 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Semgrep
|
|
3
|
-
*
|
|
2
|
+
* Scanner core — runs Opengrep (primary) or Semgrep (fallback) for pattern-based
|
|
3
|
+
* security analysis, then optionally runs Bearer for deep data-flow analysis.
|
|
4
4
|
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
5
|
+
* Scanner priority:
|
|
6
|
+
* 1. opengrep — free taint analysis, drop-in Semgrep replacement
|
|
7
|
+
* 2. semgrep — fallback if opengrep not installed
|
|
8
|
+
* 3. bearer — optional second pass, deep data-flow, run on staged/branch/PR
|
|
7
9
|
*/
|
|
8
10
|
import type { ScanConfig, ScanResult } from "../types.js";
|
|
9
11
|
export declare function scanFiles(files: string[], cwd: string, config?: ScanConfig): Promise<ScanResult>;
|
|
10
|
-
/**
|
|
11
|
-
* Scans only the git-staged files in cwd.
|
|
12
|
-
* Used by the pre-commit hook.
|
|
13
|
-
*/
|
|
14
12
|
export declare function scanStaged(cwd: string, config?: ScanConfig): Promise<ScanResult>;
|
|
15
|
-
/**
|
|
16
|
-
* Scans files changed on a branch vs a base branch.
|
|
17
|
-
*/
|
|
18
13
|
export declare function scanBranch(cwd: string, branch: string, base?: string, config?: ScanConfig): Promise<ScanResult>;
|
|
14
|
+
export declare function isBearerInstalled(): boolean;
|
|
19
15
|
//# sourceMappingURL=scanner.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA
|
|
1
|
+
{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,KAAK,EACH,UAAU,EAAE,UAAU,EAG9B,MAAM,aAAa,CAAC;AAOrB,wBAAsB,SAAS,CAC7B,KAAK,EAAG,MAAM,EAAE,EAChB,GAAG,EAAK,MAAM,EACd,MAAM,GAAE,UAAe,GACtB,OAAO,CAAC,UAAU,CAAC,CAmBrB;AAED,wBAAsB,UAAU,CAAC,GAAG,EAAE,MAAM,EAAE,MAAM,GAAE,UAAe,GAAG,OAAO,CAAC,UAAU,CAAC,CAe1F;AAED,wBAAsB,UAAU,CAC9B,GAAG,EAAK,MAAM,EACd,MAAM,EAAE,MAAM,EACd,IAAI,GAAI,MAAe,EACvB,MAAM,GAAE,UAAe,GACtB,OAAO,CAAC,UAAU,CAAC,CAyBrB;AAoMD,wBAAgB,iBAAiB,IAAI,OAAO,CAE3C"}
|
package/dist/core/scanner.js
CHANGED
|
@@ -1,173 +1,296 @@
|
|
|
1
1
|
/**
|
|
2
|
-
* Semgrep
|
|
3
|
-
*
|
|
2
|
+
* Scanner core — runs Opengrep (primary) or Semgrep (fallback) for pattern-based
|
|
3
|
+
* security analysis, then optionally runs Bearer for deep data-flow analysis.
|
|
4
4
|
*
|
|
5
|
-
*
|
|
6
|
-
*
|
|
5
|
+
* Scanner priority:
|
|
6
|
+
* 1. opengrep — free taint analysis, drop-in Semgrep replacement
|
|
7
|
+
* 2. semgrep — fallback if opengrep not installed
|
|
8
|
+
* 3. bearer — optional second pass, deep data-flow, run on staged/branch/PR
|
|
7
9
|
*/
|
|
8
10
|
import { execSync, spawnSync } from "child_process";
|
|
9
|
-
import { existsSync,
|
|
11
|
+
import { existsSync, statSync } from "fs";
|
|
10
12
|
import { join } from "path";
|
|
11
|
-
const DEFAULT_RULESETS = ["p/secrets", "p/owasp-top-ten"];
|
|
13
|
+
const DEFAULT_RULESETS = ["p/secrets", "p/owasp-top-ten", "p/security-audit"];
|
|
12
14
|
const DEFAULT_EXCLUDE = ["node_modules", "dist", ".git", "coverage", "build", ".next", "vendor"];
|
|
13
|
-
// ───
|
|
15
|
+
// ─── Public API ───────────────────────────────────────────────────────────────
|
|
14
16
|
export async function scanFiles(files, cwd, config = {}) {
|
|
15
17
|
const t0 = Date.now();
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
19
|
-
return {
|
|
20
|
-
issues: [], skipped: true, filesScanned: 0, durationMs: 0, rulesets: [],
|
|
21
|
-
skipReason: "semgrep not found. Install with: pip install semgrep or brew install semgrep",
|
|
22
|
-
};
|
|
18
|
+
const eligible = filterEligible(files, cwd, config);
|
|
19
|
+
if (eligible.length === 0) {
|
|
20
|
+
return empty("No eligible files to scan", t0, config);
|
|
23
21
|
}
|
|
24
|
-
//
|
|
25
|
-
const
|
|
26
|
-
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
22
|
+
// Run Opengrep/Semgrep
|
|
23
|
+
const primaryResult = await runPrimaryScanner(eligible, cwd, config, t0);
|
|
24
|
+
// Bearer: optional, skip for single-file MCP calls (too slow)
|
|
25
|
+
const runBearer = config.runBearer ?? (eligible.length > 1);
|
|
26
|
+
if (runBearer && isBearerInstalled()) {
|
|
27
|
+
const bearerResult = await runBearerScan(eligible, cwd, t0);
|
|
28
|
+
return mergeResults(primaryResult, bearerResult, t0);
|
|
29
|
+
}
|
|
30
|
+
return primaryResult;
|
|
31
|
+
}
|
|
32
|
+
export async function scanStaged(cwd, config = {}) {
|
|
33
|
+
let staged;
|
|
34
|
+
try {
|
|
35
|
+
const out = execSync("git diff --name-only --cached --diff-filter=ACM", { cwd, encoding: "utf8" });
|
|
36
|
+
staged = out.trim().split("\n").filter(Boolean);
|
|
37
|
+
}
|
|
38
|
+
catch {
|
|
39
|
+
return empty("Not a git repository or no staged files", Date.now(), config);
|
|
40
|
+
}
|
|
41
|
+
if (staged.length === 0) {
|
|
42
|
+
return empty("No staged files", Date.now(), config);
|
|
43
|
+
}
|
|
44
|
+
// Always run Bearer on staged files (this is the pre-commit gate — worth the extra seconds)
|
|
45
|
+
return scanFiles(staged, cwd, { ...config, runBearer: config.runBearer ?? true });
|
|
46
|
+
}
|
|
47
|
+
export async function scanBranch(cwd, branch, base = "main", config = {}) {
|
|
48
|
+
let files;
|
|
49
|
+
try {
|
|
50
|
+
const out = execSync(`git diff --name-only --diff-filter=ACM $(git merge-base ${base} ${branch}) ${branch}`, { cwd, encoding: "utf8" });
|
|
51
|
+
files = out.trim().split("\n").filter(Boolean);
|
|
52
|
+
}
|
|
53
|
+
catch {
|
|
31
54
|
try {
|
|
32
|
-
const
|
|
33
|
-
|
|
55
|
+
const out = execSync(`git diff --name-only --diff-filter=ACM ${base}...${branch}`, { cwd, encoding: "utf8" });
|
|
56
|
+
files = out.trim().split("\n").filter(Boolean);
|
|
34
57
|
}
|
|
35
|
-
catch {
|
|
36
|
-
return
|
|
58
|
+
catch (e) {
|
|
59
|
+
return empty(`Could not diff ${branch} vs ${base}: ${String(e).slice(0, 200)}`, Date.now(), config);
|
|
37
60
|
}
|
|
38
|
-
});
|
|
39
|
-
if (eligible.length === 0) {
|
|
40
|
-
return { issues: [], skipped: true, skipReason: "No eligible files to scan", filesScanned: 0, durationMs: 0, rulesets: [] };
|
|
41
61
|
}
|
|
62
|
+
if (files.length === 0) {
|
|
63
|
+
return empty(`No changed files between ${base} and ${branch}`, Date.now(), config);
|
|
64
|
+
}
|
|
65
|
+
return scanFiles(files, cwd, { ...config, runBearer: config.runBearer ?? true });
|
|
66
|
+
}
|
|
67
|
+
// ─── Primary scanner (Opengrep / Semgrep) ────────────────────────────────────
|
|
68
|
+
async function runPrimaryScanner(files, cwd, config, t0) {
|
|
69
|
+
const scannerInfo = findPrimaryScanner();
|
|
70
|
+
if (!scannerInfo) {
|
|
71
|
+
return {
|
|
72
|
+
issues: [], skipped: true, filesScanned: files.length, durationMs: Date.now() - t0,
|
|
73
|
+
rulesets: [], engines: [],
|
|
74
|
+
skipReason: "No scanner found. Install Opengrep (pip install opengrep) or Semgrep (brew install semgrep)",
|
|
75
|
+
};
|
|
76
|
+
}
|
|
77
|
+
const { binary, engine } = scannerInfo;
|
|
42
78
|
const rulesets = config.rulesets ?? DEFAULT_RULESETS;
|
|
43
79
|
const excludes = [...DEFAULT_EXCLUDE, ...(config.exclude ?? [])];
|
|
44
|
-
// Build semgrep command
|
|
45
80
|
const args = [
|
|
46
81
|
...rulesets.flatMap((r) => ["--config", r]),
|
|
47
82
|
"--json",
|
|
48
|
-
"--no-git-ignore",
|
|
83
|
+
"--no-git-ignore",
|
|
49
84
|
"--quiet",
|
|
50
85
|
...excludes.flatMap((e) => ["--exclude", e]),
|
|
51
86
|
"--",
|
|
52
|
-
...
|
|
87
|
+
...files,
|
|
53
88
|
];
|
|
54
|
-
const result = spawnSync(
|
|
55
|
-
cwd,
|
|
56
|
-
encoding: "utf8",
|
|
57
|
-
maxBuffer: 50 * 1024 * 1024, // 50MB
|
|
89
|
+
const result = spawnSync(binary, args, {
|
|
90
|
+
cwd, encoding: "utf8", maxBuffer: 50 * 1024 * 1024,
|
|
58
91
|
});
|
|
59
|
-
// semgrep exits 1 when findings are present — that's normal
|
|
60
|
-
const stdout = result.stdout ?? "";
|
|
61
|
-
const stderr = result.stderr ?? "";
|
|
62
92
|
if (result.status !== 0 && result.status !== 1) {
|
|
63
|
-
// Real error (exit 2+)
|
|
64
93
|
return {
|
|
65
|
-
issues: [], skipped: true, filesScanned:
|
|
66
|
-
|
|
94
|
+
issues: [], skipped: true, filesScanned: files.length, durationMs: Date.now() - t0,
|
|
95
|
+
rulesets, engines: [],
|
|
96
|
+
skipReason: `${engine} failed (exit ${result.status}): ${(result.stderr ?? "").slice(0, 300)}`,
|
|
67
97
|
};
|
|
68
98
|
}
|
|
69
99
|
let raw;
|
|
70
100
|
try {
|
|
71
|
-
raw = JSON.parse(stdout);
|
|
101
|
+
raw = JSON.parse(result.stdout ?? "");
|
|
72
102
|
}
|
|
73
103
|
catch {
|
|
74
104
|
return {
|
|
75
|
-
issues: [], skipped: true, filesScanned:
|
|
76
|
-
|
|
105
|
+
issues: [], skipped: true, filesScanned: files.length, durationMs: Date.now() - t0,
|
|
106
|
+
rulesets, engines: [],
|
|
107
|
+
skipReason: `Failed to parse ${engine} output`,
|
|
77
108
|
};
|
|
78
109
|
}
|
|
79
|
-
const issues = raw.results.map((f) =>
|
|
110
|
+
const issues = raw.results.map((f) => mapSemgrepFinding(f, engine));
|
|
80
111
|
return {
|
|
81
112
|
issues,
|
|
82
113
|
skipped: false,
|
|
83
|
-
filesScanned:
|
|
114
|
+
filesScanned: files.length,
|
|
84
115
|
durationMs: Date.now() - t0,
|
|
85
116
|
rulesets,
|
|
117
|
+
engines: [engine],
|
|
86
118
|
};
|
|
87
119
|
}
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
92
|
-
|
|
93
|
-
|
|
120
|
+
// ─── Bearer scanner ───────────────────────────────────────────────────────────
|
|
121
|
+
async function runBearerScan(files, cwd, t0) {
|
|
122
|
+
const bearerBin = findBearer();
|
|
123
|
+
if (!bearerBin)
|
|
124
|
+
return empty("Bearer not installed", t0, {});
|
|
125
|
+
// Bearer scans paths/directories — deduplicate to unique directories containing the files
|
|
126
|
+
const paths = [...new Set(files.map((f) => {
|
|
127
|
+
const abs = f.startsWith("/") ? f : join(cwd, f);
|
|
128
|
+
return abs;
|
|
129
|
+
}))];
|
|
130
|
+
const args = [
|
|
131
|
+
"scan",
|
|
132
|
+
"--format", "json",
|
|
133
|
+
"--quiet",
|
|
134
|
+
"--exit-code", "0", // don't exit 1 on findings — we handle them ourselves
|
|
135
|
+
...paths,
|
|
136
|
+
];
|
|
137
|
+
const result = spawnSync(bearerBin, args, {
|
|
138
|
+
cwd, encoding: "utf8", maxBuffer: 50 * 1024 * 1024, timeout: 60_000,
|
|
139
|
+
});
|
|
140
|
+
if (result.status !== 0) {
|
|
141
|
+
return empty(`Bearer scan failed (exit ${result.status})`, t0, {});
|
|
142
|
+
}
|
|
143
|
+
let raw;
|
|
94
144
|
try {
|
|
95
|
-
|
|
96
|
-
staged = out.trim().split("\n").filter(Boolean);
|
|
145
|
+
raw = JSON.parse(result.stdout ?? "");
|
|
97
146
|
}
|
|
98
147
|
catch {
|
|
99
|
-
return
|
|
148
|
+
return empty("Failed to parse Bearer output", t0, {});
|
|
100
149
|
}
|
|
101
|
-
|
|
102
|
-
|
|
150
|
+
const issues = [];
|
|
151
|
+
const severityMap = {
|
|
152
|
+
critical: "error",
|
|
153
|
+
high: "error",
|
|
154
|
+
medium: "warning",
|
|
155
|
+
low: "info",
|
|
156
|
+
warning: "info",
|
|
157
|
+
};
|
|
158
|
+
for (const [sev, findings] of Object.entries(raw)) {
|
|
159
|
+
if (!Array.isArray(findings))
|
|
160
|
+
continue;
|
|
161
|
+
for (const f of findings) {
|
|
162
|
+
// Only include files we were asked to scan
|
|
163
|
+
const relPath = f.filename.startsWith(cwd) ? f.filename.slice(cwd.length + 1) : f.filename;
|
|
164
|
+
const included = files.some((file) => relPath.endsWith(file) || file.endsWith(relPath));
|
|
165
|
+
if (!included)
|
|
166
|
+
continue;
|
|
167
|
+
issues.push({
|
|
168
|
+
ruleId: `bearer/${f.rule_id}`,
|
|
169
|
+
path: relPath,
|
|
170
|
+
line: f.line_number,
|
|
171
|
+
col: f.column_number ?? 1,
|
|
172
|
+
severity: severityMap[sev] ?? "warning",
|
|
173
|
+
message: f.description,
|
|
174
|
+
sourceLine: f.code_extract?.trim(),
|
|
175
|
+
cwe: f.cwe_ids,
|
|
176
|
+
engine: "bearer",
|
|
177
|
+
});
|
|
178
|
+
}
|
|
103
179
|
}
|
|
104
|
-
return
|
|
180
|
+
return {
|
|
181
|
+
issues,
|
|
182
|
+
skipped: false,
|
|
183
|
+
filesScanned: files.length,
|
|
184
|
+
durationMs: Date.now() - t0,
|
|
185
|
+
rulesets: ["bearer/built-in"],
|
|
186
|
+
engines: ["bearer"],
|
|
187
|
+
};
|
|
105
188
|
}
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
109
|
-
|
|
110
|
-
|
|
111
|
-
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
189
|
+
// ─── Merge results ────────────────────────────────────────────────────────────
|
|
190
|
+
function mergeResults(primary, bearer, t0) {
|
|
191
|
+
const allIssues = [...primary.issues, ...bearer.issues];
|
|
192
|
+
// Deduplicate: same file + same line from both scanners
|
|
193
|
+
const seen = new Set();
|
|
194
|
+
const deduped = allIssues.filter((i) => {
|
|
195
|
+
const key = `${i.path}:${i.line}:${i.ruleId}`;
|
|
196
|
+
if (seen.has(key))
|
|
197
|
+
return false;
|
|
198
|
+
seen.add(key);
|
|
199
|
+
return true;
|
|
200
|
+
});
|
|
201
|
+
return {
|
|
202
|
+
issues: deduped,
|
|
203
|
+
skipped: primary.skipped && bearer.skipped,
|
|
204
|
+
filesScanned: primary.filesScanned,
|
|
205
|
+
durationMs: Date.now() - t0,
|
|
206
|
+
rulesets: [...new Set([...primary.rulesets, ...bearer.rulesets])],
|
|
207
|
+
engines: [...new Set([...primary.engines, ...bearer.engines])],
|
|
208
|
+
};
|
|
209
|
+
}
|
|
210
|
+
// ─── Scanner detection ────────────────────────────────────────────────────────
|
|
211
|
+
function findPrimaryScanner() {
|
|
212
|
+
// Try opengrep first — has free taint analysis
|
|
213
|
+
for (const candidate of ["opengrep", "/usr/local/bin/opengrep", "/opt/homebrew/bin/opengrep"]) {
|
|
214
|
+
const r = spawnSync(candidate, ["--version"], { encoding: "utf8" });
|
|
215
|
+
if (r.status === 0)
|
|
216
|
+
return { binary: candidate, engine: "opengrep" };
|
|
115
217
|
}
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
}
|
|
122
|
-
catch {
|
|
123
|
-
return { issues: [], skipped: true, skipReason: `Could not diff ${branch} vs ${base}: ${String(e).slice(0, 200)}`, filesScanned: 0, durationMs: 0, rulesets: [] };
|
|
124
|
-
}
|
|
218
|
+
// Fall back to semgrep
|
|
219
|
+
for (const candidate of ["semgrep", "/usr/local/bin/semgrep", "/opt/homebrew/bin/semgrep"]) {
|
|
220
|
+
const r = spawnSync(candidate, ["--version"], { encoding: "utf8" });
|
|
221
|
+
if (r.status === 0)
|
|
222
|
+
return { binary: candidate, engine: "semgrep" };
|
|
125
223
|
}
|
|
126
|
-
|
|
127
|
-
|
|
224
|
+
// Try python module form
|
|
225
|
+
for (const [prog, mod, eng] of [["python3", "opengrep", "opengrep"], ["python3", "semgrep", "semgrep"]]) {
|
|
226
|
+
const r = spawnSync(prog, ["-m", mod, "--version"], { encoding: "utf8" });
|
|
227
|
+
if (r.status === 0)
|
|
228
|
+
return { binary: `${prog} -m ${mod}`, engine: eng };
|
|
128
229
|
}
|
|
129
|
-
|
|
130
|
-
// scan the working tree files (they may be on that branch already)
|
|
131
|
-
return scanFiles(files, cwd, config);
|
|
230
|
+
return null;
|
|
132
231
|
}
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
|
|
139
|
-
return candidate;
|
|
140
|
-
}
|
|
141
|
-
catch { /* continue */ }
|
|
142
|
-
}
|
|
143
|
-
// Try python-installed semgrep
|
|
144
|
-
try {
|
|
145
|
-
const r = spawnSync("python3", ["-m", "semgrep", "--version"], { encoding: "utf8" });
|
|
232
|
+
export function isBearerInstalled() {
|
|
233
|
+
return !!findBearer();
|
|
234
|
+
}
|
|
235
|
+
function findBearer() {
|
|
236
|
+
for (const candidate of ["bearer", "/usr/local/bin/bearer", "/opt/homebrew/bin/bearer"]) {
|
|
237
|
+
const r = spawnSync(candidate, ["version"], { encoding: "utf8" });
|
|
146
238
|
if (r.status === 0)
|
|
147
|
-
return
|
|
239
|
+
return candidate;
|
|
148
240
|
}
|
|
149
|
-
catch { /* continue */ }
|
|
150
241
|
return null;
|
|
151
242
|
}
|
|
152
|
-
|
|
243
|
+
// ─── Helpers ─────────────────────────────────────────────────────────────────
|
|
244
|
+
function filterEligible(files, cwd, config) {
|
|
245
|
+
const maxBytes = (config.maxFileSizeKb ?? 500) * 1024;
|
|
246
|
+
return files.filter((f) => {
|
|
247
|
+
const abs = f.startsWith("/") ? f : join(cwd, f);
|
|
248
|
+
if (!existsSync(abs))
|
|
249
|
+
return false;
|
|
250
|
+
try {
|
|
251
|
+
return statSync(abs).size <= maxBytes;
|
|
252
|
+
}
|
|
253
|
+
catch {
|
|
254
|
+
return false;
|
|
255
|
+
}
|
|
256
|
+
});
|
|
257
|
+
}
|
|
258
|
+
function empty(reason, t0, config) {
|
|
259
|
+
return {
|
|
260
|
+
issues: [], skipped: true, skipReason: reason,
|
|
261
|
+
filesScanned: 0, durationMs: Date.now() - t0,
|
|
262
|
+
rulesets: config.rulesets ?? [], engines: [],
|
|
263
|
+
};
|
|
264
|
+
}
|
|
265
|
+
function mapSemgrepFinding(f, engine) {
|
|
153
266
|
return {
|
|
154
267
|
ruleId: f.check_id,
|
|
155
268
|
path: f.path,
|
|
156
269
|
line: f.start.line,
|
|
157
270
|
col: f.start.col,
|
|
158
|
-
severity:
|
|
271
|
+
severity: mapSemgrepSeverity(f.extra.severity),
|
|
159
272
|
message: f.extra.message,
|
|
160
273
|
sourceLine: f.extra.lines?.trim(),
|
|
161
|
-
cwe: f.extra.metadata?.cwe,
|
|
162
|
-
owasp: f.extra.metadata?.owasp,
|
|
163
|
-
references: f.extra.metadata?.references,
|
|
274
|
+
cwe: toStringArray(f.extra.metadata?.cwe),
|
|
275
|
+
owasp: toStringArray(f.extra.metadata?.owasp),
|
|
276
|
+
references: toStringArray(f.extra.metadata?.references),
|
|
277
|
+
engine,
|
|
164
278
|
};
|
|
165
279
|
}
|
|
166
|
-
function
|
|
280
|
+
function mapSemgrepSeverity(s) {
|
|
167
281
|
if (s === "ERROR")
|
|
168
282
|
return "error";
|
|
169
283
|
if (s === "WARNING")
|
|
170
284
|
return "warning";
|
|
171
285
|
return "info";
|
|
172
286
|
}
|
|
287
|
+
function toStringArray(val) {
|
|
288
|
+
if (!val)
|
|
289
|
+
return undefined;
|
|
290
|
+
if (Array.isArray(val))
|
|
291
|
+
return val.map(String);
|
|
292
|
+
if (typeof val === "string")
|
|
293
|
+
return [val];
|
|
294
|
+
return undefined;
|
|
295
|
+
}
|
|
173
296
|
//# sourceMappingURL=scanner.js.map
|
package/dist/core/scanner.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,MAAM,IAAI,CAAC;AAC9C,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAG5B,MAAM,gBAAgB,GAAG,CAAC,WAAW,EAAE,iBAAiB,CAAC,CAAC;AAC1D,MAAM,eAAe,GAAI,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;AAElG,gFAAgF;AAEhF,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,KAAe,EACf,GAAa,EACb,SAAqB,EAAE;IAEvB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAEtB,6BAA6B;IAC7B,MAAM,WAAW,GAAG,WAAW,EAAE,CAAC;IAClC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE;YACvE,UAAU,EACR,gFAAgF;SACnF,CAAC;IACJ,CAAC;IAED,sDAAsD;IACtD,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;IACtD,MAAM,QAAQ,GAAG,KAAK;SACnB,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACZ,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACnC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC;YAC/B,OAAO,IAAI,CAAC,MAAM,IAAI,QAAQ,CAAC;QACjC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,KAAK,CAAC;QAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IAEL,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,2BAA2B,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC9H,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IACrD,MAAM,QAAQ,GAAG,CAAC,GAAG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IAEjE,wBAAwB;IACxB,MAAM,IAAI,GAAa;QACrB,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC3C,QAAQ;QACR,iBAAiB,EAAM,4CAA4C;QACnE,SAAS;QACT,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC5C,IAAI;QACJ,GAAG,QAAQ;KACZ,CAAC;IAEF,MAAM,MAAM,GAAG,SAAS,CAAC,WAAW,EAAE,IAAI,EAAE;QAC1C,GAAG;QACH,QAAQ,EAAE,MAAM;QAChB,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO;KACrC,CAAC,CAAC;IAEH,4DAA4D;IAC5D,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;IACnC,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC;IAEnC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/C,uBAAuB;QACvB,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,QAAQ;YAC/F,UAAU,EAAE,wBAAwB,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC9E,CAAC;IACJ,CAAC;IAED,IAAI,GAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAqB,CAAC;IAC/C,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE,EAAE,QAAQ;YAC/F,UAAU,EAAE,mCAAmC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SACtE,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;IAE1D,OAAO;QACL,MAAM;QACN,OAAO,EAAE,KAAK;QACd,YAAY,EAAE,QAAQ,CAAC,MAAM;QAC7B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC3B,QAAQ;KACT,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,SAAqB,EAAE;IACnE,IAAI,MAAgB,CAAC;IACrB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAAC,iDAAiD,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACnG,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,yCAAyC,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAC5I,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,iBAAiB,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACpH,CAAC;IAED,OAAO,SAAS,CAAC,MAAM,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,GAAc,EACd,MAAc,EACd,OAAiB,MAAM,EACvB,SAAqB,EAAE;IAEvB,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QACH,2CAA2C;QAC3C,MAAM,GAAG,GAAG,QAAQ,CAClB,2DAA2D,IAAI,IAAI,MAAM,KAAK,MAAM,EAAE,EACtF,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;QACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,CAAC,EAAE,CAAC;QACX,kDAAkD;QAClD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,QAAQ,CAClB,0CAA0C,IAAI,MAAM,MAAM,EAAE,EAC5D,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;YACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjD,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,kBAAkB,MAAM,OAAO,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;QACpK,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,4BAA4B,IAAI,QAAQ,MAAM,EAAE,EAAE,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IACnJ,CAAC;IAED,kEAAkE;IAClE,mEAAmE;IACnE,OAAO,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;AACvC,CAAC;AAED,gFAAgF;AAEhF,SAAS,WAAW;IAClB,KAAK,MAAM,SAAS,IAAI,CAAC,SAAS,EAAE,wBAAwB,EAAE,2BAA2B,CAAC,EAAE,CAAC;QAC3F,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;YACpE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,SAAS,CAAC;QACvC,CAAC;QAAC,MAAM,CAAC,CAAC,cAAc,CAAC,CAAC;IAC5B,CAAC;IACD,+BAA+B;IAC/B,IAAI,CAAC;QACH,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACrF,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,oBAAoB,CAAC,CAAE,uBAAuB;IAC3E,CAAC;IAAC,MAAM,CAAC,CAAC,cAAc,CAAC,CAAC;IAC1B,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,CAAiB,EAAE,GAAW;IAChD,OAAO;QACL,MAAM,EAAO,CAAC,CAAC,QAAQ;QACvB,IAAI,EAAS,CAAC,CAAC,IAAI;QACnB,IAAI,EAAS,CAAC,CAAC,KAAK,CAAC,IAAI;QACzB,GAAG,EAAU,CAAC,CAAC,KAAK,CAAC,GAAG;QACxB,QAAQ,EAAK,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC1C,OAAO,EAAM,CAAC,CAAC,KAAK,CAAC,OAAO;QAC5B,UAAU,EAAG,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE;QAClC,GAAG,EAAU,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG;QAClC,KAAK,EAAQ,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK;QACpC,UAAU,EAAG,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU;KAC1C,CAAC;AACJ,CAAC;AAED,SAAS,WAAW,CAAC,CAAsC;IACzD,IAAI,CAAC,KAAK,OAAO;QAAI,OAAO,OAAO,CAAC;IACpC,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IACtC,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
|
1
|
+
{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/core/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AACpD,OAAO,EAAE,UAAU,EAAgB,QAAQ,EAAE,MAAM,IAAI,CAAC;AACxD,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAO5B,MAAM,gBAAgB,GAAG,CAAC,WAAW,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,CAAC;AAC9E,MAAM,eAAe,GAAI,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;AAElG,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,KAAgB,EAChB,GAAc,EACd,SAAqB,EAAE;IAEvB,MAAM,EAAE,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IACtB,MAAM,QAAQ,GAAG,cAAc,CAAC,KAAK,EAAE,GAAG,EAAE,MAAM,CAAC,CAAC;IAEpD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,KAAK,CAAC,2BAA2B,EAAE,EAAE,EAAE,MAAM,CAAC,CAAC;IACxD,CAAC;IAED,uBAAuB;IACvB,MAAM,aAAa,GAAG,MAAM,iBAAiB,CAAC,QAAQ,EAAE,GAAG,EAAE,MAAM,EAAE,EAAE,CAAC,CAAC;IAEzE,8DAA8D;IAC9D,MAAM,SAAS,GAAG,MAAM,CAAC,SAAS,IAAI,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAC5D,IAAI,SAAS,IAAI,iBAAiB,EAAE,EAAE,CAAC;QACrC,MAAM,YAAY,GAAG,MAAM,aAAa,CAAC,QAAQ,EAAE,GAAG,EAAE,EAAE,CAAC,CAAC;QAC5D,OAAO,YAAY,CAAC,aAAa,EAAE,YAAY,EAAE,EAAE,CAAC,CAAC;IACvD,CAAC;IAED,OAAO,aAAa,CAAC;AACvB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAAC,GAAW,EAAE,SAAqB,EAAE;IACnE,IAAI,MAAgB,CAAC;IACrB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAAC,iDAAiD,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACnG,MAAM,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAClD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC,yCAAyC,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IAC9E,CAAC;IAED,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC,iBAAiB,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IACtD,CAAC;IAED,4FAA4F;IAC5F,OAAO,SAAS,CAAC,MAAM,EAAE,GAAG,EAAE,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,CAAC;AACpF,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,UAAU,CAC9B,GAAc,EACd,MAAc,EACd,OAAiB,MAAM,EACvB,SAAqB,EAAE;IAEvB,IAAI,KAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,QAAQ,CAClB,2DAA2D,IAAI,IAAI,MAAM,KAAK,MAAM,EAAE,EACtF,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;QACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IACjD,CAAC;IAAC,MAAM,CAAC;QACP,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,QAAQ,CAClB,0CAA0C,IAAI,MAAM,MAAM,EAAE,EAC5D,EAAE,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,CAC1B,CAAC;YACF,KAAK,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACjD,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACX,OAAO,KAAK,CAAC,kBAAkB,MAAM,OAAO,IAAI,KAAK,MAAM,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;QACtG,CAAC;IACH,CAAC;IAED,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,OAAO,KAAK,CAAC,4BAA4B,IAAI,QAAQ,MAAM,EAAE,EAAE,IAAI,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IACrF,CAAC;IAED,OAAO,SAAS,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE,GAAG,MAAM,EAAE,SAAS,EAAE,MAAM,CAAC,SAAS,IAAI,IAAI,EAAE,CAAC,CAAC;AACnF,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,iBAAiB,CAC9B,KAAgB,EAChB,GAAc,EACd,MAAkB,EAClB,EAAc;IAEd,MAAM,WAAW,GAAG,kBAAkB,EAAE,CAAC;IACzC,IAAI,CAAC,WAAW,EAAE,CAAC;QACjB,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;YAClF,QAAQ,EAAE,EAAE,EAAE,OAAO,EAAE,EAAE;YACzB,UAAU,EACR,6FAA6F;SAChG,CAAC;IACJ,CAAC;IAED,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,GAAG,WAAW,CAAC;IACvC,MAAM,QAAQ,GAAI,MAAM,CAAC,QAAQ,IAAI,gBAAgB,CAAC;IACtD,MAAM,QAAQ,GAAI,CAAC,GAAG,eAAe,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC;IAElE,MAAM,IAAI,GAAa;QACrB,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC,CAAC,CAAC;QAC3C,QAAQ;QACR,iBAAiB;QACjB,SAAS;QACT,GAAG,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;QAC5C,IAAI;QACJ,GAAG,KAAK;KACT,CAAC;IAEF,MAAM,MAAM,GAAG,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE;QACrC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;KACnD,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC/C,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;YAClF,QAAQ,EAAE,OAAO,EAAE,EAAE;YACrB,UAAU,EAAE,GAAG,MAAM,iBAAiB,MAAM,CAAC,MAAM,MAAM,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE;SAC/F,CAAC;IACJ,CAAC;IAED,IAAI,GAAqB,CAAC;IAC1B,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAqB,CAAC;IAC5D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;YACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,YAAY,EAAE,KAAK,CAAC,MAAM,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;YAClF,QAAQ,EAAE,OAAO,EAAE,EAAE;YACrB,UAAU,EAAE,mBAAmB,MAAM,SAAS;SAC/C,CAAC;IACJ,CAAC;IAED,MAAM,MAAM,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IAEpE,OAAO;QACL,MAAM;QACN,OAAO,EAAE,KAAK;QACd,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC3B,QAAQ;QACR,OAAO,EAAE,CAAC,MAAM,CAAC;KAClB,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,KAAK,UAAU,aAAa,CAC1B,KAAe,EACf,GAAa,EACb,EAAa;IAEb,MAAM,SAAS,GAAG,UAAU,EAAE,CAAC;IAC/B,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC,sBAAsB,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IAE7D,0FAA0F;IAC1F,MAAM,KAAK,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE;YACxC,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACjD,OAAO,GAAG,CAAC;QACb,CAAC,CAAC,CAAC,CAAC,CAAC;IAEL,MAAM,IAAI,GAAG;QACX,MAAM;QACN,UAAU,EAAE,MAAM;QAClB,SAAS;QACT,aAAa,EAAE,GAAG,EAAI,sDAAsD;QAC5E,GAAG,KAAK;KACT,CAAC;IAEF,MAAM,MAAM,GAAG,SAAS,CAAC,SAAS,EAAE,IAAI,EAAE;QACxC,GAAG,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,OAAO,EAAE,MAAM;KACpE,CAAC,CAAC;IAEH,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,OAAO,KAAK,CAAC,4BAA4B,MAAM,CAAC,MAAM,GAAG,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACrE,CAAC;IAED,IAAI,GAAoB,CAAC;IACzB,IAAI,CAAC;QACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,IAAI,EAAE,CAAoB,CAAC;IAC3D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC,+BAA+B,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;IACxD,CAAC;IAED,MAAM,MAAM,GAAY,EAAE,CAAC;IAC3B,MAAM,WAAW,GAAsC;QACrD,QAAQ,EAAE,OAAO;QACjB,IAAI,EAAM,OAAO;QACjB,MAAM,EAAI,SAAS;QACnB,GAAG,EAAO,MAAM;QAChB,OAAO,EAAG,MAAM;KACjB,CAAC;IAEF,KAAK,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC;YAAE,SAAS;QACvC,KAAK,MAAM,CAAC,IAAI,QAA2B,EAAE,CAAC;YAC5C,2CAA2C;YAC3C,MAAM,OAAO,GAAG,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC;YAC3F,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC;YACxF,IAAI,CAAC,QAAQ;gBAAE,SAAS;YAExB,MAAM,CAAC,IAAI,CAAC;gBACV,MAAM,EAAM,UAAU,CAAC,CAAC,OAAO,EAAE;gBACjC,IAAI,EAAQ,OAAO;gBACnB,IAAI,EAAQ,CAAC,CAAC,WAAW;gBACzB,GAAG,EAAS,CAAC,CAAC,aAAa,IAAI,CAAC;gBAChC,QAAQ,EAAI,WAAW,CAAC,GAAG,CAAC,IAAI,SAAS;gBACzC,OAAO,EAAK,CAAC,CAAC,WAAW;gBACzB,UAAU,EAAE,CAAC,CAAC,YAAY,EAAE,IAAI,EAAE;gBAClC,GAAG,EAAS,CAAC,CAAC,OAAO;gBACrB,MAAM,EAAM,QAAQ;aACrB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,MAAM;QACN,OAAO,EAAO,KAAK;QACnB,YAAY,EAAE,KAAK,CAAC,MAAM;QAC1B,UAAU,EAAI,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC7B,QAAQ,EAAM,CAAC,iBAAiB,CAAC;QACjC,OAAO,EAAO,CAAC,QAAQ,CAAC;KACzB,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,SAAS,YAAY,CAAC,OAAmB,EAAE,MAAkB,EAAE,EAAU;IACvE,MAAM,SAAS,GAAG,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC;IACxD,wDAAwD;IACxD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,OAAO,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACrC,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,MAAM,EAAE,CAAC;QAC9C,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAChC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,MAAM,EAAQ,OAAO;QACrB,OAAO,EAAO,OAAO,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO;QAC/C,YAAY,EAAE,OAAO,CAAC,YAAY;QAClC,UAAU,EAAI,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC7B,QAAQ,EAAM,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,QAAQ,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC;QACrE,OAAO,EAAO,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,OAAO,CAAC,OAAO,EAAE,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC;KACpE,CAAC;AACJ,CAAC;AAED,iFAAiF;AAEjF,SAAS,kBAAkB;IACzB,+CAA+C;IAC/C,KAAK,MAAM,SAAS,IAAI,CAAC,UAAU,EAAE,yBAAyB,EAAE,4BAA4B,CAAC,EAAE,CAAC;QAC9F,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,CAAC;IACvE,CAAC;IAED,uBAAuB;IACvB,KAAK,MAAM,SAAS,IAAI,CAAC,SAAS,EAAE,wBAAwB,EAAE,2BAA2B,CAAC,EAAE,CAAC;QAC3F,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QACpE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,SAAS,EAAE,CAAC;IACtE,CAAC;IAED,yBAAyB;IACzB,KAAK,MAAM,CAAC,IAAI,EAAE,GAAG,EAAE,GAAG,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,UAAU,EAAE,UAAU,CAAC,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,CAAU,EAAE,CAAC;QACjH,MAAM,CAAC,GAAG,SAAS,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,EAAE,MAAM,EAAE,GAAG,IAAI,OAAO,GAAG,EAAE,EAAE,MAAM,EAAE,GAAiB,EAAE,CAAC;IACxF,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CAAC,CAAC,UAAU,EAAE,CAAC;AACxB,CAAC;AAED,SAAS,UAAU;IACjB,KAAK,MAAM,SAAS,IAAI,CAAC,QAAQ,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,EAAE,CAAC;QACxF,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAClE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;IACvC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,gFAAgF;AAEhF,SAAS,cAAc,CAAC,KAAe,EAAE,GAAW,EAAE,MAAkB;IACtE,MAAM,QAAQ,GAAG,CAAC,MAAM,CAAC,aAAa,IAAI,GAAG,CAAC,GAAG,IAAI,CAAC;IACtD,OAAO,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACxB,MAAM,GAAG,GAAG,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QACjD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QACnC,IAAI,CAAC;YAAC,OAAO,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,IAAI,QAAQ,CAAC;QAAC,CAAC;QAAC,MAAM,CAAC;YAAC,OAAO,KAAK,CAAC;QAAC,CAAC;IACxE,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,KAAK,CAAC,MAAc,EAAE,EAAU,EAAE,MAAkB;IAC3D,OAAO;QACL,MAAM,EAAE,EAAE,EAAE,OAAO,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM;QAC7C,YAAY,EAAE,CAAC,EAAE,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,EAAE;QAC5C,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,EAAE,EAAE,OAAO,EAAE,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAiB,EAAE,MAAkB;IAC9D,OAAO;QACL,MAAM,EAAM,CAAC,CAAC,QAAQ;QACtB,IAAI,EAAQ,CAAC,CAAC,IAAI;QAClB,IAAI,EAAQ,CAAC,CAAC,KAAK,CAAC,IAAI;QACxB,GAAG,EAAS,CAAC,CAAC,KAAK,CAAC,GAAG;QACvB,QAAQ,EAAI,kBAAkB,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,CAAC;QAChD,OAAO,EAAK,CAAC,CAAC,KAAK,CAAC,OAAO;QAC3B,UAAU,EAAE,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,IAAI,EAAE;QACjC,GAAG,EAAS,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,GAAG,CAAC;QAChD,KAAK,EAAO,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC;QAClD,UAAU,EAAE,aAAa,CAAC,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE,UAAU,CAAC;QACvD,MAAM;KACP,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,CAAsC;IAChE,IAAI,CAAC,KAAK,OAAO;QAAI,OAAO,OAAO,CAAC;IACpC,IAAI,CAAC,KAAK,SAAS;QAAE,OAAO,SAAS,CAAC;IACtC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,SAAS,aAAa,CAAC,GAAY;IACjC,IAAI,CAAC,GAAG;QAAE,OAAO,SAAS,CAAC;IAC3B,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC;QAAE,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IAC/C,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,CAAC,GAAG,CAAC,CAAC;IAC1C,OAAO,SAAS,CAAC;AACnB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA4CH,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,
|
|
1
|
+
{"version":3,"file":"setup.d.ts","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AA4CH,wBAAsB,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAkC1D"}
|
package/dist/hooks/setup.js
CHANGED
|
@@ -22,7 +22,7 @@ ${HOOK_MARKER}
|
|
|
22
22
|
# Remove with: npx argus-ci setup --remove
|
|
23
23
|
# Bypass (emergency only): git commit --no-verify
|
|
24
24
|
|
|
25
|
-
echo "🔍 argus-ci: scanning staged files..."
|
|
25
|
+
echo "🔍 argus-ci: scanning staged files (Opengrep + Bearer if installed)..."
|
|
26
26
|
|
|
27
27
|
npx --yes argus-ci scan --staged
|
|
28
28
|
EXIT_CODE=$?
|
|
@@ -47,8 +47,10 @@ export async function setupHook(cwd) {
|
|
|
47
47
|
return;
|
|
48
48
|
}
|
|
49
49
|
console.log("\n🚀 argus-ci setup\n");
|
|
50
|
-
// Step 1: ensure Semgrep is installed
|
|
51
|
-
await
|
|
50
|
+
// Step 1: ensure Opengrep (or Semgrep fallback) is installed
|
|
51
|
+
await ensurePrimaryScanner();
|
|
52
|
+
// Step 2: offer Bearer for deep data-flow scanning
|
|
53
|
+
await ensureBearer();
|
|
52
54
|
// Step 2: copy trigger files into the repo
|
|
53
55
|
copyTriggerFiles(cwd);
|
|
54
56
|
// Step 3: install the pre-commit hook
|
|
@@ -57,70 +59,130 @@ export async function setupHook(cwd) {
|
|
|
57
59
|
✅ Setup complete. argus-ci is now active in this repo.
|
|
58
60
|
|
|
59
61
|
What happens next:
|
|
60
|
-
• Every file your AI agent writes is scanned
|
|
61
|
-
• Every commit is scanned — errors block the commit
|
|
62
|
+
• Every file your AI agent writes is scanned (Opengrep — fast, taint-aware)
|
|
63
|
+
• Every commit is scanned (Opengrep + Bearer if installed) — errors block the commit
|
|
62
64
|
• CLAUDE.md and .cursorrules tell your AI agent to run scans automatically
|
|
63
65
|
|
|
64
66
|
To review a PR: npx argus-ci pr <github-url>
|
|
65
67
|
To remove the hook: npx argus-ci setup --remove
|
|
66
68
|
`);
|
|
67
69
|
}
|
|
68
|
-
// ─── Step 1: auto-install Semgrep
|
|
69
|
-
async function
|
|
70
|
-
if
|
|
71
|
-
|
|
72
|
-
|
|
70
|
+
// ─── Step 1: auto-install Opengrep (or Semgrep fallback) ─────────────────────
|
|
71
|
+
async function ensurePrimaryScanner() {
|
|
72
|
+
// Check if opengrep is already installed
|
|
73
|
+
if (isScannerInstalled("opengrep")) {
|
|
74
|
+
const v = getScannerVersion("opengrep");
|
|
75
|
+
console.log(` ✓ Opengrep already installed (${v})`);
|
|
73
76
|
return;
|
|
74
77
|
}
|
|
75
|
-
|
|
76
|
-
|
|
77
|
-
|
|
78
|
-
if (
|
|
79
|
-
|
|
80
|
-
if (commandExists("brew")) {
|
|
81
|
-
console.log(" → brew install semgrep");
|
|
82
|
-
const r = spawnSync("brew", ["install", "semgrep"], { stdio: "inherit" });
|
|
83
|
-
installed = r.status === 0;
|
|
84
|
-
}
|
|
78
|
+
// Opengrep not found — always try to install it (even if Semgrep is present),
|
|
79
|
+
// because Opengrep provides free taint analysis that Semgrep community lacks.
|
|
80
|
+
const semgrepPresent = isScannerInstalled("semgrep");
|
|
81
|
+
if (semgrepPresent) {
|
|
82
|
+
console.log(" ⚙️ Semgrep detected but Opengrep not found — installing Opengrep (free taint analysis)...");
|
|
85
83
|
}
|
|
86
|
-
|
|
87
|
-
|
|
88
|
-
|
|
89
|
-
|
|
90
|
-
|
|
91
|
-
|
|
84
|
+
else {
|
|
85
|
+
console.log(" ⚙️ No scanner found — installing Opengrep (free taint analysis)...");
|
|
86
|
+
}
|
|
87
|
+
const installed = tryInstallOpengrep();
|
|
88
|
+
if (installed) {
|
|
89
|
+
const v = getScannerVersion("opengrep");
|
|
90
|
+
console.log(` ✓ Opengrep installed (${v}) — taint analysis enabled`);
|
|
91
|
+
return;
|
|
92
92
|
}
|
|
93
|
-
if
|
|
93
|
+
// Opengrep install failed — use Semgrep if present, otherwise install it
|
|
94
|
+
if (semgrepPresent) {
|
|
95
|
+
const v = getScannerVersion("semgrep");
|
|
96
|
+
console.log(` ⚠️ Opengrep install failed — using existing Semgrep as fallback (${v})`);
|
|
97
|
+
console.log(` For better taint analysis, install manually: pip install opengrep`);
|
|
98
|
+
return;
|
|
99
|
+
}
|
|
100
|
+
// Neither present — try Semgrep as fallback
|
|
101
|
+
console.log(" ⚙️ Opengrep install failed — trying Semgrep as fallback...");
|
|
102
|
+
const semgrepInstalled = tryInstallSemgrep();
|
|
103
|
+
if (!semgrepInstalled) {
|
|
94
104
|
console.error(`
|
|
95
|
-
❌ Could not install
|
|
96
|
-
Please install
|
|
105
|
+
❌ Could not install a scanner automatically.
|
|
106
|
+
Please install one manually then re-run setup:
|
|
97
107
|
|
|
98
|
-
|
|
99
|
-
|
|
108
|
+
pip install opengrep (recommended — free taint analysis)
|
|
109
|
+
brew install semgrep (macOS, fallback)
|
|
110
|
+
pip install semgrep (any platform, fallback)
|
|
100
111
|
`);
|
|
101
112
|
process.exit(1);
|
|
102
113
|
}
|
|
103
|
-
const v =
|
|
104
|
-
console.log(` ✓ Semgrep installed (${v})`);
|
|
114
|
+
const v = getScannerVersion("semgrep");
|
|
115
|
+
console.log(` ✓ Semgrep installed as fallback (${v})`);
|
|
116
|
+
}
|
|
117
|
+
function tryInstallOpengrep() {
|
|
118
|
+
const pipCmd = commandExists("pip3") ? "pip3" : "pip";
|
|
119
|
+
console.log(` → ${pipCmd} install opengrep`);
|
|
120
|
+
const r = spawnSync(pipCmd, ["install", "opengrep"], { stdio: "inherit" });
|
|
121
|
+
return r.status === 0 && isScannerInstalled("opengrep");
|
|
122
|
+
}
|
|
123
|
+
function tryInstallSemgrep() {
|
|
124
|
+
const os = platform();
|
|
125
|
+
if (os === "darwin" && commandExists("brew")) {
|
|
126
|
+
console.log(" → brew install semgrep");
|
|
127
|
+
const r = spawnSync("brew", ["install", "semgrep"], { stdio: "inherit" });
|
|
128
|
+
if (r.status === 0)
|
|
129
|
+
return true;
|
|
130
|
+
}
|
|
131
|
+
const pipCmd = commandExists("pip3") ? "pip3" : "pip";
|
|
132
|
+
console.log(` → ${pipCmd} install semgrep`);
|
|
133
|
+
const r = spawnSync(pipCmd, ["install", "semgrep"], { stdio: "inherit" });
|
|
134
|
+
return r.status === 0 && isScannerInstalled("semgrep");
|
|
105
135
|
}
|
|
106
|
-
function
|
|
107
|
-
const
|
|
108
|
-
for (const cmd of candidates) {
|
|
136
|
+
function isScannerInstalled(scanner) {
|
|
137
|
+
for (const cmd of [scanner, `/usr/local/bin/${scanner}`, `/opt/homebrew/bin/${scanner}`]) {
|
|
109
138
|
const r = spawnSync(cmd, ["--version"], { encoding: "utf8" });
|
|
110
139
|
if (r.status === 0)
|
|
111
140
|
return true;
|
|
112
141
|
}
|
|
113
|
-
|
|
114
|
-
const r = spawnSync("python3", ["-m", "semgrep", "--version"], { encoding: "utf8" });
|
|
142
|
+
const r = spawnSync("python3", ["-m", scanner, "--version"], { encoding: "utf8" });
|
|
115
143
|
return r.status === 0;
|
|
116
144
|
}
|
|
117
|
-
function
|
|
118
|
-
const r = spawnSync(
|
|
145
|
+
function getScannerVersion(scanner) {
|
|
146
|
+
const r = spawnSync(scanner, ["--version"], { encoding: "utf8" });
|
|
119
147
|
if (r.status === 0)
|
|
120
148
|
return r.stdout.trim().split("\n")[0];
|
|
121
|
-
const r2 = spawnSync("python3", ["-m",
|
|
149
|
+
const r2 = spawnSync("python3", ["-m", scanner, "--version"], { encoding: "utf8" });
|
|
122
150
|
return r2.stdout?.trim().split("\n")[0] ?? "unknown";
|
|
123
151
|
}
|
|
152
|
+
// ─── Step 1b: offer Bearer install ───────────────────────────────────────────
|
|
153
|
+
async function ensureBearer() {
|
|
154
|
+
// Check if Bearer already installed
|
|
155
|
+
for (const cmd of ["bearer", "/usr/local/bin/bearer", "/opt/homebrew/bin/bearer"]) {
|
|
156
|
+
const r = spawnSync(cmd, ["version"], { encoding: "utf8" });
|
|
157
|
+
if (r.status === 0) {
|
|
158
|
+
console.log(` ✓ Bearer already installed — deep data-flow analysis enabled`);
|
|
159
|
+
return;
|
|
160
|
+
}
|
|
161
|
+
}
|
|
162
|
+
// Try to install Bearer
|
|
163
|
+
console.log(" ⚙️ Installing Bearer (deep data-flow analysis)...");
|
|
164
|
+
const os = platform();
|
|
165
|
+
let installed = false;
|
|
166
|
+
// Try curl install script first — works on macOS + Linux, no CLT requirement
|
|
167
|
+
if (commandExists("curl") && (os === "darwin" || os === "linux")) {
|
|
168
|
+
console.log(" → curl install script");
|
|
169
|
+
const r = spawnSync("sh", ["-c", "curl -sfL https://raw.githubusercontent.com/Bearer/bearer/main/contrib/install.sh | sh"], { stdio: "inherit" });
|
|
170
|
+
installed = r.status === 0;
|
|
171
|
+
}
|
|
172
|
+
// Fall back to brew if curl didn't work
|
|
173
|
+
if (!installed && os === "darwin" && commandExists("brew")) {
|
|
174
|
+
console.log(" → brew install bearer/tap/bearer");
|
|
175
|
+
const r = spawnSync("brew", ["install", "bearer/tap/bearer"], { stdio: "inherit" });
|
|
176
|
+
installed = r.status === 0;
|
|
177
|
+
}
|
|
178
|
+
if (installed) {
|
|
179
|
+
console.log(" ✓ Bearer installed — staged/branch/PR scans will include data-flow analysis");
|
|
180
|
+
}
|
|
181
|
+
else {
|
|
182
|
+
console.log(" ℹ️ Bearer not installed (optional) — skipping data-flow analysis");
|
|
183
|
+
console.log(" Install manually: brew install bearer/tap/bearer");
|
|
184
|
+
}
|
|
185
|
+
}
|
|
124
186
|
function commandExists(cmd) {
|
|
125
187
|
const r = spawnSync(platform() === "win32" ? "where" : "which", [cmd], { encoding: "utf8" });
|
|
126
188
|
return r.status === 0;
|
package/dist/hooks/setup.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,UAAU,EAAE,SAAS,EAAE,aAAa,EACpC,SAAS,EAAE,YAAY,EAAE,YAAY,GACtC,MAAM,IAAI,CAAC;AACZ,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AAE9B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAI,OAAO,CAAC,UAAU,CAAC,CAAC;AAEvC,4DAA4D;AAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAEtC,MAAM,WAAW,GAAG;EAClB,WAAW;;;;;;;;;;;;;;;;;;;;CAoBZ,CAAC;AAEF,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAW;IACzC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAEjD,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,
|
|
1
|
+
{"version":3,"file":"setup.js","sourceRoot":"","sources":["../../src/hooks/setup.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,UAAU,EAAE,SAAS,EAAE,aAAa,EACpC,SAAS,EAAE,YAAY,EAAE,YAAY,GACtC,MAAM,IAAI,CAAC;AACZ,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,SAAS,EAAE,MAAM,eAAe,CAAC;AAC1C,OAAO,EAAE,aAAa,EAAE,MAAM,KAAK,CAAC;AACpC,OAAO,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AAE9B,MAAM,UAAU,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAClD,MAAM,SAAS,GAAI,OAAO,CAAC,UAAU,CAAC,CAAC;AAEvC,4DAA4D;AAC5D,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;AAE7C,MAAM,WAAW,GAAG,iBAAiB,CAAC;AAEtC,MAAM,WAAW,GAAG;EAClB,WAAW;;;;;;;;;;;;;;;;;;;;CAoBZ,CAAC;AAEF,iFAAiF;AAEjF,MAAM,CAAC,KAAK,UAAU,SAAS,CAAC,GAAW;IACzC,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IAEjD,IAAI,MAAM,EAAE,CAAC;QACX,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QAC1D,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC3B,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;IAErC,6DAA6D;IAC7D,MAAM,oBAAoB,EAAE,CAAC;IAE7B,mDAAmD;IACnD,MAAM,YAAY,EAAE,CAAC;IAErB,2CAA2C;IAC3C,gBAAgB,CAAC,GAAG,CAAC,CAAC;IAEtB,sCAAsC;IACtC,oBAAoB,CAAC,GAAG,CAAC,CAAC;IAE1B,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;CAUb,CAAC,CAAC;AACH,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,oBAAoB;IACjC,yCAAyC;IACzC,IAAI,kBAAkB,CAAC,UAAU,CAAC,EAAE,CAAC;QACnC,MAAM,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,mCAAmC,CAAC,GAAG,CAAC,CAAC;QACrD,OAAO;IACT,CAAC;IAED,8EAA8E;IAC9E,8EAA8E;IAC9E,MAAM,cAAc,GAAG,kBAAkB,CAAC,SAAS,CAAC,CAAC;IACrD,IAAI,cAAc,EAAE,CAAC;QACnB,OAAO,CAAC,GAAG,CAAC,8FAA8F,CAAC,CAAC;IAC9G,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,CAAC;IACvF,CAAC;IAED,MAAM,SAAS,GAAG,kBAAkB,EAAE,CAAC;IAEvC,IAAI,SAAS,EAAE,CAAC;QACd,MAAM,CAAC,GAAG,iBAAiB,CAAC,UAAU,CAAC,CAAC;QACxC,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,4BAA4B,CAAC,CAAC;QACtE,OAAO;IACT,CAAC;IAED,yEAAyE;IACzE,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;QACvC,OAAO,CAAC,GAAG,CAAC,uEAAuE,CAAC,GAAG,CAAC,CAAC;QACzF,OAAO,CAAC,GAAG,CAAC,wEAAwE,CAAC,CAAC;QACtF,OAAO;IACT,CAAC;IAED,4CAA4C;IAC5C,OAAO,CAAC,GAAG,CAAC,+DAA+D,CAAC,CAAC;IAC7E,MAAM,gBAAgB,GAAG,iBAAiB,EAAE,CAAC;IAE7C,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO,CAAC,KAAK,CAAC;;;;;;;CAOjB,CAAC,CAAC;QACC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,MAAM,CAAC,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IACvC,OAAO,CAAC,GAAG,CAAC,sCAAsC,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,SAAS,kBAAkB;IACzB,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,mBAAmB,CAAC,CAAC;IACjD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,UAAU,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC3E,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,kBAAkB,CAAC,UAAU,CAAC,CAAC;AAC1D,CAAC;AAED,SAAS,iBAAiB;IACxB,MAAM,EAAE,GAAG,QAAQ,EAAE,CAAC;IACtB,IAAI,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7C,OAAO,CAAC,GAAG,CAAC,6BAA6B,CAAC,CAAC;QAC3C,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QAC1E,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;IAClC,CAAC;IACD,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC;IACtD,OAAO,CAAC,GAAG,CAAC,UAAU,MAAM,kBAAkB,CAAC,CAAC;IAChD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;IAC1E,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,IAAI,kBAAkB,CAAC,SAAS,CAAC,CAAC;AACzD,CAAC;AAED,SAAS,kBAAkB,CAAC,OAA+B;IACzD,KAAK,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,kBAAkB,OAAO,EAAE,EAAE,qBAAqB,OAAO,EAAE,CAAC,EAAE,CAAC;QACzF,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC9D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;IAClC,CAAC;IACD,MAAM,CAAC,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IACnF,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,SAAS,iBAAiB,CAAC,OAA+B;IACxD,MAAM,CAAC,GAAG,SAAS,CAAC,OAAO,EAAE,CAAC,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IAClE,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC;IAC1D,MAAM,EAAE,GAAG,SAAS,CAAC,SAAS,EAAE,CAAC,IAAI,EAAE,OAAO,EAAE,WAAW,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IACpF,OAAO,EAAE,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,SAAS,CAAC;AACvD,CAAC;AAED,gFAAgF;AAEhF,KAAK,UAAU,YAAY;IACzB,oCAAoC;IACpC,KAAK,MAAM,GAAG,IAAI,CAAC,QAAQ,EAAE,uBAAuB,EAAE,0BAA0B,CAAC,EAAE,CAAC;QAClF,MAAM,CAAC,GAAG,SAAS,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAC5D,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnB,OAAO,CAAC,GAAG,CAAC,gEAAgE,CAAC,CAAC;YAC9E,OAAO;QACT,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,OAAO,CAAC,GAAG,CAAC,sDAAsD,CAAC,CAAC;IACpE,MAAM,EAAE,GAAG,QAAQ,EAAE,CAAC;IACtB,IAAI,SAAS,GAAG,KAAK,CAAC;IAEtB,6EAA6E;IAC7E,IAAI,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,QAAQ,IAAI,EAAE,KAAK,OAAO,CAAC,EAAE,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,4BAA4B,CAAC,CAAC;QAC1C,MAAM,CAAC,GAAG,SAAS,CACjB,IAAI,EAAE,CAAC,IAAI,EAAE,wFAAwF,CAAC,EACtG,EAAE,KAAK,EAAE,SAAS,EAAE,CACrB,CAAC;QACF,SAAS,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,wCAAwC;IACxC,IAAI,CAAC,SAAS,IAAI,EAAE,KAAK,QAAQ,IAAI,aAAa,CAAC,MAAM,CAAC,EAAE,CAAC;QAC3D,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;QACrD,MAAM,CAAC,GAAG,SAAS,CAAC,MAAM,EAAE,CAAC,SAAS,EAAE,mBAAmB,CAAC,EAAE,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC;QACpF,SAAS,GAAG,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,SAAS,EAAE,CAAC;QACd,OAAO,CAAC,GAAG,CAAC,+EAA+E,CAAC,CAAC;IAC/F,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,GAAG,CAAC,qEAAqE,CAAC,CAAC;QACnF,OAAO,CAAC,GAAG,CAAC,uDAAuD,CAAC,CAAC;IACvE,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAW;IAChC,MAAM,CAAC,GAAG,SAAS,CAAC,QAAQ,EAAE,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;IAC7F,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC;AACxB,CAAC;AAED,iFAAiF;AAEjF,SAAS,gBAAgB,CAAC,GAAW;IACnC,MAAM,KAAK,GAAG;QACZ,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,WAAW,CAAC,EAAM,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,WAAW,CAAC,EAAE;QACtE,EAAE,GAAG,EAAE,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,EAAG,IAAI,EAAE,IAAI,CAAC,GAAG,EAAE,cAAc,CAAC,EAAE;KAC1E,CAAC;IAEF,KAAK,MAAM,EAAE,GAAG,EAAE,IAAI,EAAE,IAAI,KAAK,EAAE,CAAC;QAClC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,GAAG,CAAC,wBAAwB,GAAG,wBAAwB,CAAC,CAAC;YACjE,SAAS;QACX,CAAC;QAED,IAAI,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACrB,kDAAkD;YAClD,MAAM,QAAQ,GAAG,YAAY,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;YAC5C,IAAI,QAAQ,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,YAAY,CAAC,EAAE,CAAC;gBACrE,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,yCAAyC,CAAC,CAAC;gBACnF,SAAS;YACX,CAAC;YACD,0BAA0B;YAC1B,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,MAAM,GAAG,YAAY,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;YACzE,aAAa,CAAC,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;YACtC,OAAO,CAAC,GAAG,CAAC,kDAAkD,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,CAAC;QACzF,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;YACxB,OAAO,CAAC,GAAG,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;QACtD,CAAC;IACH,CAAC;AACH,CAAC;AAED,gFAAgF;AAEhF,SAAS,oBAAoB,CAAC,GAAW;IACvC,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,EAAE,MAAM,CAAC,CAAC;IACjC,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,OAAO,CAAC,IAAI,CAAC,0DAA0D,CAAC,CAAC;QACzE,OAAO,CAAC,IAAI,CAAC,4DAA4D,CAAC,CAAC;QAC3E,OAAO;IACT,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IAE9C,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,SAAS,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAEpE,IAAI,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;QAChD,IAAI,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,uCAAuC,CAAC,CAAC;YACrD,OAAO;QACT,CAAC;QACD,gDAAgD;QAChD,MAAM,QAAQ,GAAG,QAAQ,CAAC,OAAO,EAAE,GAAG,MAAM,GAAG,WAAW,CAAC;QAC3D,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC;IACnE,CAAC;SAAM,CAAC;QACN,aAAa,CAAC,QAAQ,EAAE,WAAW,EAAE,MAAM,CAAC,CAAC;QAC7C,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;IAC/C,CAAC;AACH,CAAC;AAED,iFAAiF;AAEjF,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;QACzC,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC/C,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,6CAA6C,CAAC,CAAC;QAC3D,OAAO;IACT,CAAC;IAED,IAAI,OAAO,CAAC,IAAI,EAAE,KAAK,WAAW,CAAC,IAAI,EAAE,EAAE,CAAC;QAC1C,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;QAC1C,UAAU,CAAC,QAAQ,CAAC,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC;QACnD,OAAO;IACT,CAAC;IAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,SAAS,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;IAClE,IAAI,SAAS,IAAI,CAAC,EAAE,CAAC;QACnB,MAAM,QAAQ,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,GAAG,IAAI,CAAC;QACvE,aAAa,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC,CAAC;QAC1C,OAAO,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC;IAC1D,CAAC;AACH,CAAC"}
|
package/dist/types.d.ts
CHANGED
|
@@ -21,9 +21,9 @@ export interface SemgrepFinding {
|
|
|
21
21
|
severity: "ERROR" | "WARNING" | "INFO";
|
|
22
22
|
lines?: string;
|
|
23
23
|
metadata?: {
|
|
24
|
-
cwe?: string[];
|
|
25
|
-
owasp?: string[];
|
|
26
|
-
references?: string[];
|
|
24
|
+
cwe?: string | string[];
|
|
25
|
+
owasp?: string | string[];
|
|
26
|
+
references?: string | string[];
|
|
27
27
|
category?: string;
|
|
28
28
|
technology?: string[];
|
|
29
29
|
};
|
|
@@ -35,7 +35,27 @@ export interface SemgrepError {
|
|
|
35
35
|
message: string;
|
|
36
36
|
type: string;
|
|
37
37
|
}
|
|
38
|
+
export interface BearerRawResult {
|
|
39
|
+
critical?: BearerFinding[];
|
|
40
|
+
high?: BearerFinding[];
|
|
41
|
+
medium?: BearerFinding[];
|
|
42
|
+
low?: BearerFinding[];
|
|
43
|
+
warning?: BearerFinding[];
|
|
44
|
+
}
|
|
45
|
+
export interface BearerFinding {
|
|
46
|
+
rule_id: string;
|
|
47
|
+
rule_display_id?: string;
|
|
48
|
+
description: string;
|
|
49
|
+
severity: string;
|
|
50
|
+
filename: string;
|
|
51
|
+
full_filename?: string;
|
|
52
|
+
line_number: number;
|
|
53
|
+
column_number?: number;
|
|
54
|
+
code_extract?: string;
|
|
55
|
+
cwe_ids?: string[];
|
|
56
|
+
}
|
|
38
57
|
export type Severity = "error" | "warning" | "info";
|
|
58
|
+
export type ScanEngine = "opengrep" | "semgrep" | "bearer";
|
|
39
59
|
export interface Issue {
|
|
40
60
|
ruleId: string;
|
|
41
61
|
path: string;
|
|
@@ -47,6 +67,7 @@ export interface Issue {
|
|
|
47
67
|
cwe?: string[];
|
|
48
68
|
owasp?: string[];
|
|
49
69
|
references?: string[];
|
|
70
|
+
engine: ScanEngine;
|
|
50
71
|
}
|
|
51
72
|
export interface ScanResult {
|
|
52
73
|
issues: Issue[];
|
|
@@ -55,20 +76,17 @@ export interface ScanResult {
|
|
|
55
76
|
filesScanned: number;
|
|
56
77
|
durationMs: number;
|
|
57
78
|
rulesets: string[];
|
|
79
|
+
engines: ScanEngine[];
|
|
58
80
|
}
|
|
59
81
|
export interface ScanConfig {
|
|
60
|
-
/** Semgrep rulesets to run — defaults to auto-detected from stack */
|
|
61
82
|
rulesets?: string[];
|
|
62
|
-
/** Fail (exit 1) if any issue of these severities is found */
|
|
63
83
|
failOn?: Severity[];
|
|
64
|
-
/** Max file size in KB to scan — default 500 */
|
|
65
84
|
maxFileSizeKb?: number;
|
|
66
|
-
/** Directories to exclude */
|
|
67
85
|
exclude?: string[];
|
|
68
|
-
/** GITHUB_TOKEN for private repo PR access */
|
|
69
86
|
githubToken?: string;
|
|
70
|
-
/** Anthropic API key for the agent interface */
|
|
71
87
|
anthropicKey?: string;
|
|
88
|
+
/** Run Bearer deep scan in addition to Opengrep (default: true for staged/branch/PR, false for single file) */
|
|
89
|
+
runBearer?: boolean;
|
|
72
90
|
}
|
|
73
91
|
export interface ToolResponse {
|
|
74
92
|
success: boolean;
|
package/dist/types.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,MAAM,EAAG,YAAY,EAAE,CAAC;IACxB,KAAK,CAAC,EAAG;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAClC;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAM,MAAM,CAAC;IACjB,KAAK,EAAK;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,GAAG,EAAO;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,KAAK,EAAE;QACL,OAAO,EAAI,MAAM,CAAC;QAClB,QAAQ,EAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;QACxC,KAAK,CAAC,EAAK,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE;YACT,GAAG,CAAC,EAAS,MAAM,EAAE,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,gBAAgB;IAC/B,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,MAAM,EAAG,YAAY,EAAE,CAAC;IACxB,KAAK,CAAC,EAAG;QAAE,UAAU,CAAC,EAAE,MAAM,CAAA;KAAE,CAAC;CAClC;AAED,MAAM,WAAW,cAAc;IAC7B,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAM,MAAM,CAAC;IACjB,KAAK,EAAK;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,GAAG,EAAO;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,GAAG,EAAE,MAAM,CAAA;KAAE,CAAC;IACxC,KAAK,EAAE;QACL,OAAO,EAAI,MAAM,CAAC;QAClB,QAAQ,EAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;QACxC,KAAK,CAAC,EAAK,MAAM,CAAC;QAClB,QAAQ,CAAC,EAAE;YACT,GAAG,CAAC,EAAS,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,KAAK,CAAC,EAAO,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,UAAU,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;YAC/B,QAAQ,CAAC,EAAI,MAAM,CAAC;YACpB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;SACvB,CAAC;KACH,CAAC;CACH;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAK,MAAM,CAAC;IAChB,KAAK,EAAI,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAK,MAAM,CAAC;CACjB;AAID,MAAM,WAAW,eAAe;IAC9B,QAAQ,CAAC,EAAE,aAAa,EAAE,CAAC;IAC3B,IAAI,CAAC,EAAM,aAAa,EAAE,CAAC;IAC3B,MAAM,CAAC,EAAI,aAAa,EAAE,CAAC;IAC3B,GAAG,CAAC,EAAO,aAAa,EAAE,CAAC;IAC3B,OAAO,CAAC,EAAG,aAAa,EAAE,CAAC;CAC5B;AAED,MAAM,WAAW,aAAa;IAC5B,OAAO,EAAW,MAAM,CAAC;IACzB,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,WAAW,EAAO,MAAM,CAAC;IACzB,QAAQ,EAAU,MAAM,CAAC;IACzB,QAAQ,EAAU,MAAM,CAAC;IACzB,aAAa,CAAC,EAAI,MAAM,CAAC;IACzB,WAAW,EAAO,MAAM,CAAC;IACzB,aAAa,CAAC,EAAI,MAAM,CAAC;IACzB,YAAY,CAAC,EAAK,MAAM,CAAC;IACzB,OAAO,CAAC,EAAU,MAAM,EAAE,CAAC;CAC5B;AAID,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,SAAS,GAAG,MAAM,CAAC;AACpD,MAAM,MAAM,UAAU,GAAG,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;AAE3D,MAAM,WAAW,KAAK;IACpB,MAAM,EAAO,MAAM,CAAC;IACpB,IAAI,EAAS,MAAM,CAAC;IACpB,IAAI,EAAS,MAAM,CAAC;IACpB,GAAG,EAAU,MAAM,CAAC;IACpB,QAAQ,EAAK,QAAQ,CAAC;IACtB,OAAO,EAAM,MAAM,CAAC;IACpB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,GAAG,CAAC,EAAS,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAO,MAAM,EAAE,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,MAAM,EAAO,UAAU,CAAC;CACzB;AAID,MAAM,WAAW,UAAU;IACzB,MAAM,EAAQ,KAAK,EAAE,CAAC;IACtB,OAAO,EAAO,OAAO,CAAC;IACtB,UAAU,CAAC,EAAG,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAI,MAAM,CAAC;IACrB,QAAQ,EAAM,MAAM,EAAE,CAAC;IACvB,OAAO,EAAO,UAAU,EAAE,CAAC;CAC5B;AAID,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,EAAO,MAAM,EAAE,CAAC;IACzB,MAAM,CAAC,EAAS,QAAQ,EAAE,CAAC;IAC3B,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,OAAO,CAAC,EAAQ,MAAM,EAAE,CAAC;IACzB,WAAW,CAAC,EAAI,MAAM,CAAC;IACvB,YAAY,CAAC,EAAG,MAAM,CAAC;IACvB,+GAA+G;IAC/G,SAAS,CAAC,EAAM,OAAO,CAAC;CACzB;AAID,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAI,OAAO,CAAC;IACnB,MAAM,CAAC,EAAI,UAAU,CAAC;IACtB,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,KAAK,CAAC,EAAK,MAAM,CAAC;CACnB"}
|
package/dist/types.js
CHANGED
package/dist/types.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../src/types.ts"],"names":[],"mappings":"AAAA,gFAAgF"}
|
package/package.json
CHANGED