circle-ir-ai 1.1.0

package/dist/llm/language-context.js

@@ -0,0 +1,492 @@
+/**
+ * Language-Specific Context for LLM Prompts
+ *
+ * Provides language-aware examples, patterns, and guidance for
+ * enrichment and verification across Java, Python, JavaScript/TypeScript, and Rust.
+ */
+// ============================================================================
+// Java Context
+// ============================================================================
+const JAVA_CONTEXT = {
+    name: 'Java',
+    codeFence: 'java',
+    frameworks: ['Spring', 'Spring Boot', 'Jakarta EE', 'Struts', 'Vert.x', 'Spark'],
+    httpSources: [
+        { pattern: 'request.getParameter()', type: 'http_param', description: 'HTTP query/form parameter' },
+        { pattern: 'request.getHeader()', type: 'http_header', description: 'HTTP header value' },
+        { pattern: 'request.getCookies()', type: 'http_cookie', description: 'HTTP cookies' },
+        { pattern: 'request.getInputStream()', type: 'http_body', description: 'Request body stream' },
+        { pattern: '@RequestParam', type: 'http_param', description: 'Spring parameter annotation' },
+        { pattern: '@RequestBody', type: 'http_body', description: 'Spring body annotation' },
+        { pattern: '@PathVariable', type: 'http_path', description: 'Spring path variable' },
+    ],
+    sanitizers: {
+        'CWE-89': ['PreparedStatement with ?', 'JPA parameterized queries', 'MyBatis #{param}'],
+        'CWE-79': ['ESAPI.encoder().encodeForHTML()', 'HtmlUtils.htmlEscape()', 'StringEscapeUtils.escapeHtml4()'],
+        'CWE-78': ['ProcessBuilder with array args (no shell)', 'Apache Commons Exec with CommandLine'],
+        'CWE-22': ['File.getCanonicalPath() + startsWith check', 'Paths.get().normalize()'],
+    },
+    sinkPatterns: {
+        'CWE-89': [
+            { pattern: 'Statement.execute*(sql)', safe: 'PreparedStatement with ?', description: 'SQL execution' },
+            { pattern: 'createQuery(sql)', safe: 'JPA with parameters', description: 'JPA query' },
+        ],
+        'CWE-78': [
+            { pattern: 'Runtime.exec(cmd)', safe: 'Constant commands only', description: 'Command execution' },
+            { pattern: 'ProcessBuilder.command()', safe: 'Array args without shell', description: 'Process builder' },
+        ],
+        'CWE-79': [
+            { pattern: 'response.getWriter().print()', safe: 'JSON responses', description: 'Response output' },
+            { pattern: 'out.println()', safe: 'Escaped content', description: 'JSP output' },
+        ],
+    },
+    sourceExamples: `// Java HTTP sources
+String param = request.getParameter("input");
+String header = request.getHeader("X-Custom");
+Cookie[] cookies = request.getCookies();
+BufferedReader reader = request.getReader();
+
+// Spring annotations
+public String handle(@RequestParam String input, @RequestBody User user) { }`,
+    sinkExamples: `// SQL Injection - VULNERABLE
+String sql = "SELECT * FROM users WHERE id = " + userInput;
+stmt.executeQuery(sql);
+
+// SQL Injection - SAFE (parameterized)
+PreparedStatement ps = conn.prepareStatement("SELECT * FROM users WHERE id = ?");
+ps.setString(1, userInput);`,
+};
+// ============================================================================
+// Python Context
+// ============================================================================
+const PYTHON_CONTEXT = {
+    name: 'Python',
+    codeFence: 'python',
+    frameworks: ['Flask', 'Django', 'FastAPI', 'Pyramid', 'aiohttp', 'Tornado'],
+    httpSources: [
+        { pattern: 'request.args.get()', type: 'http_param', description: 'Flask query parameter' },
+        { pattern: 'request.form.get()', type: 'http_param', description: 'Flask form data' },
+        { pattern: 'request.json', type: 'http_body', description: 'Flask JSON body' },
+        { pattern: 'request.headers.get()', type: 'http_header', description: 'Flask HTTP header' },
+        { pattern: 'request.cookies.get()', type: 'http_cookie', description: 'Flask cookie' },
+        { pattern: 'request.GET.get()', type: 'http_param', description: 'Django query parameter' },
+        { pattern: 'request.POST.get()', type: 'http_param', description: 'Django form data' },
+    ],
+    sanitizers: {
+        'CWE-89': ['cursor.execute(sql, params)', 'SQLAlchemy with bindparams', 'Django ORM (no raw())'],
+        'CWE-79': ['markupsafe.escape()', 'bleach.clean()', 'html.escape()', 'Jinja2 autoescape'],
+        'CWE-78': ['shlex.quote()', 'subprocess with array args (shell=False)'],
+        'CWE-22': ['os.path.basename()', 'werkzeug.utils.secure_filename()', 'Path.resolve() + check'],
+        'CWE-502': ['yaml.safe_load()', 'json.loads() (safe by default)'],
+    },
+    sinkPatterns: {
+        'CWE-89': [
+            { pattern: 'cursor.execute(f"SELECT...{var}")', safe: 'cursor.execute(sql, params)', description: 'SQL query' },
+            { pattern: 'Model.objects.raw(sql)', safe: 'Django ORM filter()', description: 'Django raw SQL' },
+        ],
+        'CWE-78': [
+            { pattern: 'os.system(cmd)', safe: 'subprocess with shell=False', description: 'Shell command' },
+            { pattern: 'subprocess.run(cmd, shell=True)', safe: 'shell=False with list', description: 'Subprocess' },
+        ],
+        'CWE-79': [
+            { pattern: 'render_template_string(user_input)', safe: 'render_template() with autoescape', description: 'Template injection' },
+            { pattern: 'Markup(user_input)', safe: 'escape() first', description: 'Safe markup' },
+        ],
+        'CWE-502': [
+            { pattern: 'pickle.loads(data)', safe: 'Never safe with untrusted data', description: 'Pickle deserialization' },
+            { pattern: 'yaml.load(data)', safe: 'yaml.safe_load(data)', description: 'YAML deserialization' },
+        ],
+    },
+    sourceExamples: `# Flask HTTP sources
+user_input = request.args.get('input')
+form_data = request.form.get('data')
+json_body = request.json
+header = request.headers.get('X-Custom')
+cookie = request.cookies.get('session')
+
+# Django HTTP sources
+param = request.GET.get('input')
+post_data = request.POST.get('data')
+body = request.body`,
+    sinkExamples: `# SQL Injection - VULNERABLE
+cursor.execute(f"SELECT * FROM users WHERE id = {user_id}")
+
+# SQL Injection - SAFE (parameterized)
+cursor.execute("SELECT * FROM users WHERE id = %s", (user_id,))
+
+# Command Injection - VULNERABLE
+os.system(f"ping {host}")
+
+# Command Injection - SAFE
+subprocess.run(["ping", host], shell=False)`,
+};
+// ============================================================================
+// JavaScript/TypeScript Context
+// ============================================================================
+const JAVASCRIPT_CONTEXT = {
+    name: 'JavaScript/TypeScript',
+    codeFence: 'javascript',
+    frameworks: ['Express', 'Fastify', 'Koa', 'Hapi', 'NestJS', 'Next.js'],
+    httpSources: [
+        { pattern: 'req.query.param', type: 'http_param', description: 'Express query parameter' },
+        { pattern: 'req.body.field', type: 'http_body', description: 'Express body field' },
+        { pattern: 'req.params.id', type: 'http_path', description: 'Express route parameter' },
+        { pattern: 'req.headers["x-header"]', type: 'http_header', description: 'Express header' },
+        { pattern: 'req.cookies.name', type: 'http_cookie', description: 'Express cookie' },
+        { pattern: 'ctx.query', type: 'http_param', description: 'Koa query params' },
+        { pattern: 'ctx.request.body', type: 'http_body', description: 'Koa body' },
+    ],
+    sanitizers: {
+        'CWE-89': ['Parameterized queries with ?', 'Knex.js query builder', 'Sequelize ORM', 'Prisma'],
+        'CWE-79': ['DOMPurify.sanitize()', 'validator.escape()', 'encodeURIComponent()', 'React JSX (auto-escaped)'],
+        'CWE-78': ['child_process.spawn() with array args', 'shell-escape library'],
+        'CWE-22': ['path.basename()', 'path.normalize() + startsWith check'],
+        'CWE-943': ['MongoDB with strict schemas', 'Mongoose sanitization'],
+    },
+    sinkPatterns: {
+        'CWE-89': [
+            { pattern: 'db.query(`SELECT...${input}`)', safe: 'db.query(sql, [params])', description: 'SQL query' },
+            { pattern: 'connection.query(sql + input)', safe: 'Parameterized query', description: 'MySQL query' },
+        ],
+        'CWE-78': [
+            { pattern: 'exec(cmd)', safe: 'spawn() with array args', description: 'Command execution' },
+            { pattern: 'child_process.execSync(cmd)', safe: 'spawnSync with args array', description: 'Sync execution' },
+        ],
+        'CWE-79': [
+            { pattern: 'res.send(userInput)', safe: 'res.json() or escaped HTML', description: 'Response output' },
+            { pattern: 'element.innerHTML = input', safe: 'textContent or DOMPurify', description: 'DOM XSS' },
+        ],
+        'CWE-943': [
+            { pattern: 'collection.find({$where: input})', safe: 'Avoid $where with user input', description: 'NoSQL injection' },
+            { pattern: 'Model.find(userQuery)', safe: 'Sanitize query operators', description: 'MongoDB query' },
+        ],
+    },
+    sourceExamples: `// Express HTTP sources
+const userInput = req.query.input;
+const bodyData = req.body.data;
+const pathParam = req.params.id;
+const header = req.headers['x-custom'];
+const cookie = req.cookies.session;
+
+// Koa HTTP sources
+const query = ctx.query;
+const body = ctx.request.body;`,
+    sinkExamples: `// SQL Injection - VULNERABLE
+const sql = \`SELECT * FROM users WHERE id = \${userId}\`;
+db.query(sql);
+
+// SQL Injection - SAFE (parameterized)
+db.query('SELECT * FROM users WHERE id = ?', [userId]);
+
+// Command Injection - VULNERABLE
+exec(\`ping \${host}\`);
+
+// Command Injection - SAFE
+spawn('ping', [host]);`,
+};
+// ============================================================================
+// Rust Context
+// ============================================================================
+const RUST_CONTEXT = {
+    name: 'Rust',
+    codeFence: 'rust',
+    frameworks: ['Actix-web', 'Rocket', 'Axum', 'Warp', 'Tide'],
+    httpSources: [
+        { pattern: 'Path<T>::into_inner()', type: 'http_path', description: 'Actix path extractor' },
+        { pattern: 'Query<T>::into_inner()', type: 'http_param', description: 'Actix query extractor' },
+        { pattern: 'Json<T>::into_inner()', type: 'http_body', description: 'Actix JSON body' },
+        { pattern: 'Form<T>::into_inner()', type: 'http_param', description: 'Actix form data' },
+        { pattern: 'req.headers()', type: 'http_header', description: 'HTTP headers' },
+        { pattern: 'req.cookie()', type: 'http_cookie', description: 'Request cookies' },
+    ],
+    sanitizers: {
+        'CWE-89': ['sqlx::query!() macro (compile-time checked)', 'Diesel query builder', 'sea-query builder'],
+        'CWE-79': ['askama templates (auto-escaped)', 'maud! macro', 'html_escape crate'],
+        'CWE-78': ['Command::new().arg() (no shell)', 'Avoid shell=true'],
+        'CWE-22': ['Path::file_name()', 'canonicalize() + starts_with check'],
+        'CWE-502': ['serde with #[serde(deny_unknown_fields)]', 'Avoid bincode with untrusted data'],
+    },
+    sinkPatterns: {
+        'CWE-89': [
+            { pattern: 'sqlx::query(&format!("SELECT...{}", input))', safe: 'sqlx::query!() macro', description: 'SQL query' },
+            { pattern: 'conn.execute(sql, &[])', safe: 'Parameterized with $1', description: 'PostgreSQL query' },
+        ],
+        'CWE-78': [
+            { pattern: 'Command::new("sh").arg("-c").arg(cmd)', safe: 'Command::new(prog).args()', description: 'Shell command' },
+            { pattern: 'std::process::Command with shell', safe: 'Direct program execution', description: 'Process spawn' },
+        ],
+        'CWE-79': [
+            { pattern: 'HttpResponse::Ok().body(user_input)', safe: 'Template with auto-escape', description: 'HTTP response' },
+            { pattern: 'Html(user_input)', safe: 'askama/maud templates', description: 'HTML response' },
+        ],
+        'CWE-22': [
+            { pattern: 'std::fs::read(user_path)', safe: 'Validate path prefix', description: 'File read' },
+            { pattern: 'File::open(path)', safe: 'canonicalize + check', description: 'File open' },
+        ],
+    },
+    sourceExamples: `// Actix-web extractors
+async fn handler(
+    path: web::Path<String>,
+    query: web::Query<QueryParams>,
+    body: web::Json<RequestBody>,
+    req: HttpRequest,
+) -> impl Responder {
+    let path_param = path.into_inner();
+    let query_param = query.into_inner();
+    let json_body = body.into_inner();
+    let header = req.headers().get("X-Custom");
+}`,
+    sinkExamples: `// SQL Injection - VULNERABLE
+let sql = format!("SELECT * FROM users WHERE id = {}", user_id);
+sqlx::query(&sql).fetch_one(&pool).await?;
+
+// SQL Injection - SAFE (compile-time checked)
+sqlx::query!("SELECT * FROM users WHERE id = $1", user_id)
+    .fetch_one(&pool).await?;
+
+// Command Injection - VULNERABLE
+Command::new("sh").arg("-c").arg(&user_cmd).output()?;
+
+// Command Injection - SAFE
+Command::new("ping").arg(&host).output()?;`,
+};
+// ============================================================================
+// Language Context Registry
+// ============================================================================
+const LANGUAGE_CONTEXTS = {
+    java: JAVA_CONTEXT,
+    python: PYTHON_CONTEXT,
+    javascript: JAVASCRIPT_CONTEXT,
+    typescript: JAVASCRIPT_CONTEXT, // Share with JavaScript
+    rust: RUST_CONTEXT,
+    c: JAVA_CONTEXT, // Fallback to Java-like patterns
+    cpp: JAVA_CONTEXT,
+};
+/**
+ * Get the language context for a supported language
+ */
+export function getLanguageContext(language) {
+    return LANGUAGE_CONTEXTS[language] || JAVA_CONTEXT;
+}
+/**
+ * Generate source discovery prompt for a specific language
+ *
+ * Uses semantic-guided prompts that focus on security concepts rather than
+ * specific API patterns. This allows the LLM to reason about data flow
+ * semantics and discover sources in unfamiliar frameworks or custom code.
+ */
+export function generateSourceDiscoveryPrompt(language) {
+    const ctx = getLanguageContext(language);
+    return `You are a security expert analyzing ${ctx.name} code for taint sources.
+Find user-controlled input sources NOT already identified.
+
+Method code:
+\`\`\`${ctx.codeFence}
+{methodCode}
+\`\`\`
+
+Method: {methodName}
+Class role: {classRole}
+Already identified sources: {existingSources}
+
+## SEMANTIC CATEGORIES OF SOURCES (reason about the data origin, not method names):
+
+**1. Network Input** - Data arriving over HTTP/network:
+   - Query parameters, form data, request bodies
+   - HTTP headers, cookies, path segments
+   - WebSocket messages, gRPC requests
+   - ANY data extracted from incoming requests
+
+**2. File/Stream Input** - Data read from external sources:
+   - File contents, uploaded files
+   - Standard input, pipes
+   - ANY data read from I/O streams
+
+**3. Database/Storage Input** - Data from persistence that may have been user-supplied:
+   - Query results containing user-submitted data
+   - Cache values, session storage
+   - ANY data retrieved that originated from users
+
+**4. Environment Input** - Configuration that could be attacker-controlled:
+   - Environment variables in shared environments
+   - System properties, config files
+   - Command-line arguments
+
+**5. Inter-Process Input** - Data from other processes/services:
+   - API responses, message queues
+   - Subprocess output, RPC results
+
+## KEY QUESTION: Does this data originate from OUTSIDE the application's trust boundary?
+
+Think about the data's ORIGIN, not the specific API used to access it.
+A source is ANY point where untrusted data enters the application.
+
+## WHAT TO IGNORE (NOT user-controlled):
+- Constants, literals, hardcoded strings
+- Internal configuration values
+- Data constructed entirely within the application
+- Return values from pure internal computations
+
+Respond in JSON format:
+{
+  "additionalSources": [
+    {
+      "line": number,
+      "variable": "variable name",
+      "type": "http_param | http_body | http_header | http_cookie | http_path | io_input | env_input | db_input | network_input",
+      "confidence": 0.0-1.0,
+      "reasoning": "Why this data originates from outside the trust boundary"
+    }
+  ]
+}`;
+}
+/**
+ * Generate sink discovery prompt for a specific language
+ *
+ * Uses semantic-guided prompts that focus on what operations DO
+ * rather than specific API names. This allows the LLM to discover
+ * dangerous operations in unfamiliar frameworks or custom code.
+ */
+export function generateSinkDiscoveryPrompt(language) {
+    const ctx = getLanguageContext(language);
+    return `You are a security expert analyzing ${ctx.name} code for security sinks.
+Find dangerous operations NOT already identified.
+
+Method code:
+\`\`\`${ctx.codeFence}
+{methodCode}
+\`\`\`
+
+Method: {methodName}
+Method calls: {methodCalls}
+Already identified sinks: {existingSinks}
+
+## SEMANTIC CATEGORIES OF SINKS (reason about the EFFECT, not method names):
+
+**1. Data Query Execution** (CWE-89, CWE-943) - Operations that execute queries:
+   - SQL queries against relational databases
+   - NoSQL queries, graph queries, search queries
+   - ANY operation that interprets data as a query language
+   - KEY QUESTION: Is the query structure influenced by external data?
+   - SAFE: Parameterized/prepared statements where data is bound separately
+
+**2. System Command Execution** (CWE-78) - Operations that run system commands:
+   - Process spawning, shell execution
+   - Script evaluation, macro execution
+   - ANY operation that interprets data as system commands
+   - KEY QUESTION: Can external data influence what command runs?
+   - SAFE: Fixed commands with data passed only as arguments (no shell interpretation)
+
+**3. Output Rendering** (CWE-79) - Operations that render content to users:
+   - HTML response generation, template rendering
+   - JavaScript output, DOM manipulation
+   - ANY operation that sends data to be rendered by clients
+   - KEY QUESTION: Can external data inject executable content?
+   - SAFE: Properly escaped output, JSON responses, auto-escaping templates
+
+**4. File System Operations** (CWE-22) - Operations that access file paths:
+   - File read/write, directory creation
+   - Path construction, file inclusion
+   - ANY operation that uses paths from external data
+   - KEY QUESTION: Can external data escape intended directories?
+   - SAFE: Validated paths, canonicalization with prefix checks
+
+**5. Code Evaluation** (CWE-94) - Operations that interpret data as code:
+   - Dynamic code execution, eval(), script engines
+   - Reflection with external class names
+   - ANY operation that compiles/interprets data
+   - KEY QUESTION: Can external data become executable code?
+
+**6. Deserialization** (CWE-502) - Operations that reconstruct objects from data:
+   - Object deserialization, unmarshalling
+   - ANY operation that creates objects from serialized data
+   - KEY QUESTION: Can external data instantiate arbitrary classes?
+
+**7. Directory/Query Injection** (CWE-90, CWE-643) - Operations on hierarchical data:
+   - LDAP queries, XPath expressions
+   - ANY operation that queries tree/directory structures
+   - KEY QUESTION: Can external data modify query structure?
+
+**8. Network Requests** (CWE-918) - Operations that make outbound requests:
+   - HTTP clients, URL fetching, API calls
+   - ANY operation where URL/host is from external data
+   - KEY QUESTION: Can external data control request destination?
+
+## KEY REASONING APPROACH:
+1. What EFFECT does this operation have?
+2. What INPUT influences that effect?
+3. Can EXTERNAL DATA reach that input?
+4. Is there SANITIZATION that makes it safe?
+
+## WHAT TO IGNORE:
+- Logging operations (observation only, no side effects)
+- Pure string manipulation (unless it reaches a dangerous operation)
+- Internal method calls with no dangerous effects
+- Operations with parameterized/bound inputs (data separate from structure)
+
+Respond in JSON format:
+{
+  "additionalSinks": [
+    {
+      "line": number,
+      "method": "operation description",
+      "type": "sql_injection | command_injection | xss | path_traversal | code_injection | deserialization | ldap_injection | xpath_injection | ssrf | nosql_injection",
+      "cwe": "CWE-XX",
+      "argPositions": [0],
+      "confidence": 0.0-1.0,
+      "reasoning": "Why this operation is dangerous if given untrusted input"
+    }
+  ]
+}`;
+}
+/**
+ * Generate role classification prompt for a specific language
+ */
+export function generateRoleClassificationPrompt(language) {
+    const ctx = getLanguageContext(language);
+    return `You are a security expert analyzing ${ctx.name} code.
+Classify the role of this class/module based on its name, methods, and patterns.
+
+Class/Module: {className}
+Methods/Functions: {methodNames}
+Annotations/Decorators: {annotations}
+Imports: {imports}
+
+## ${ctx.name} FRAMEWORKS TO CONSIDER:
+${ctx.frameworks.join(', ')}
+
+## ROLE DEFINITIONS:
+- controller: Handles HTTP requests, routes, API endpoints
+- service: Business logic, data processing, orchestration
+- repository: Database access, data persistence, queries
+- utility: Helper functions, string manipulation, validation
+- entity: Data models, DTOs, domain objects
+- unknown: Cannot determine role
+
+Respond in JSON format:
+{
+  "role": "controller" | "service" | "repository" | "utility" | "entity" | "unknown",
+  "confidence": 0.0-1.0,
+  "reasoning": "explanation",
+  "indicators": ["list", "of", "indicators"]
+}`;
+}
+/**
+ * Get CWE-specific verification guidance for a language
+ */
+export function getCWEGuidance(language, cwe) {
+    const ctx = getLanguageContext(language);
+    const sanitizers = ctx.sanitizers[cwe] || [];
+    const patterns = ctx.sinkPatterns[cwe] || [];
+    if (sanitizers.length === 0 && patterns.length === 0) {
+        return '';
+    }
+    const sanitizerGuide = sanitizers.length > 0
+        ? `## Known Sanitizers for ${cwe} in ${ctx.name}:\n${sanitizers.map((s) => `- ${s}`).join('\n')}`
+        : '';
+    const patternGuide = patterns.length > 0
+        ? `## Vulnerable vs Safe Patterns:\n${patterns.map((p) => `- VULNERABLE: ${p.pattern}\n  SAFE: ${p.safe}`).join('\n')}`
+        : '';
+    return `${sanitizerGuide}\n\n${patternGuide}`.trim();
+}
+//# sourceMappingURL=language-context.js.map

package/dist/llm/language-context.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"language-context.js","sourceRoot":"","sources":["../../src/llm/language-context.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAuCH,+EAA+E;AAC/E,eAAe;AACf,+EAA+E;AAE/E,MAAM,YAAY,GAAoB;IACpC,IAAI,EAAE,MAAM;IACZ,SAAS,EAAE,MAAM;IACjB,UAAU,EAAE,CAAC,QAAQ,EAAE,aAAa,EAAE,YAAY,EAAE,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC;IAChF,WAAW,EAAE;QACX,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,2BAA2B,EAAE;QACnG,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,mBAAmB,EAAE;QACzF,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE;QACrF,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,qBAAqB,EAAE;QAC9F,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,6BAA6B,EAAE;QAC5F,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,wBAAwB,EAAE;QACrF,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,sBAAsB,EAAE;KACrF;IACD,UAAU,EAAE;QACV,QAAQ,EAAE,CAAC,0BAA0B,EAAE,2BAA2B,EAAE,kBAAkB,CAAC;QACvF,QAAQ,EAAE,CAAC,iCAAiC,EAAE,wBAAwB,EAAE,iCAAiC,CAAC;QAC1G,QAAQ,EAAE,CAAC,2CAA2C,EAAE,sCAAsC,CAAC;QAC/F,QAAQ,EAAE,CAAC,4CAA4C,EAAE,yBAAyB,CAAC;KACpF;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,0BAA0B,EAAE,WAAW,EAAE,eAAe,EAAE;YACtG,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,qBAAqB,EAAE,WAAW,EAAE,WAAW,EAAE;SACvF;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,wBAAwB,EAAE,WAAW,EAAE,mBAAmB,EAAE;YAClG,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,0BAA0B,EAAE,WAAW,EAAE,iBAAiB,EAAE;SAC1G;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,8BAA8B,EAAE,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,iBAAiB,EAAE;YACnG,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,iBAAiB,EAAE,WAAW,EAAE,YAAY,EAAE;SACjF;KACF;IACD,cAAc,EAAE;;;;;;;6EAO2D;IAC3E,YAAY,EAAE;;;;;;4BAMY;CAC3B,CAAC;AAEF,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,MAAM,cAAc,GAAoB;IACtC,IAAI,EAAE,QAAQ;IACd,SAAS,EAAE,QAAQ;IACnB,UAAU,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC;IAC3E,WAAW,EAAE;QACX,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,uBAAuB,EAAE;QAC3F,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,iBAAiB,EAAE;QACrF,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,iBAAiB,EAAE;QAC9E,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,mBAAmB,EAAE;QAC3F,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE;QACtF,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,wBAAwB,EAAE;QAC3F,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,kBAAkB,EAAE;KACvF;IACD,UAAU,EAAE;QACV,QAAQ,EAAE,CAAC,6BAA6B,EAAE,4BAA4B,EAAE,uBAAuB,CAAC;QAChG,QAAQ,EAAE,CAAC,qBAAqB,EAAE,gBAAgB,EAAE,eAAe,EAAE,mBAAmB,CAAC;QACzF,QAAQ,EAAE,CAAC,eAAe,EAAE,0CAA0C,CAAC;QACvE,QAAQ,EAAE,CAAC,oBAAoB,EAAE,kCAAkC,EAAE,wBAAwB,CAAC;QAC9F,SAAS,EAAE,CAAC,kBAAkB,EAAE,gCAAgC,CAAC;KAClE;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,mCAAmC,EAAE,IAAI,EAAE,6BAA6B,EAAE,WAAW,EAAE,WAAW,EAAE;YAC/G,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,qBAAqB,EAAE,WAAW,EAAE,gBAAgB,EAAE;SAClG;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,6BAA6B,EAAE,WAAW,EAAE,eAAe,EAAE;YAChG,EAAE,OAAO,EAAE,iCAAiC,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,YAAY,EAAE;SACzG;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,oCAAoC,EAAE,IAAI,EAAE,mCAAmC,EAAE,WAAW,EAAE,oBAAoB,EAAE;YAC/H,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,EAAE,WAAW,EAAE,aAAa,EAAE;SACtF;QACD,SAAS,EAAE;YACT,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,gCAAgC,EAAE,WAAW,EAAE,wBAAwB,EAAE;YAChH,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,sBAAsB,EAAE,WAAW,EAAE,sBAAsB,EAAE;SAClG;KACF;IACD,cAAc,EAAE;;;;;;;;;;oBAUE;IAClB,YAAY,EAAE;;;;;;;;;;4CAU4B;CAC3C,CAAC;AAEF,+EAA+E;AAC/E,gCAAgC;AAChC,+EAA+E;AAE/E,MAAM,kBAAkB,GAAoB;IAC1C,IAAI,EAAE,uBAAuB;IAC7B,SAAS,EAAE,YAAY;IACvB,UAAU,EAAE,CAAC,SAAS,EAAE,SAAS,EAAE,KAAK,EAAE,MAAM,EAAE,QAAQ,EAAE,SAAS,CAAC;IACtE,WAAW,EAAE;QACX,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,yBAAyB,EAAE;QAC1F,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,oBAAoB,EAAE;QACnF,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,yBAAyB,EAAE;QACvF,EAAE,OAAO,EAAE,yBAAyB,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,gBAAgB,EAAE;QAC1F,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,gBAAgB,EAAE;QACnF,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,kBAAkB,EAAE;QAC7E,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,UAAU,EAAE;KAC5E;IACD,UAAU,EAAE;QACV,QAAQ,EAAE,CAAC,8BAA8B,EAAE,uBAAuB,EAAE,eAAe,EAAE,QAAQ,CAAC;QAC9F,QAAQ,EAAE,CAAC,sBAAsB,EAAE,oBAAoB,EAAE,sBAAsB,EAAE,0BAA0B,CAAC;QAC5G,QAAQ,EAAE,CAAC,uCAAuC,EAAE,sBAAsB,CAAC;QAC3E,QAAQ,EAAE,CAAC,iBAAiB,EAAE,qCAAqC,CAAC;QACpE,SAAS,EAAE,CAAC,6BAA6B,EAAE,uBAAuB,CAAC;KACpE;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,+BAA+B,EAAE,IAAI,EAAE,yBAAyB,EAAE,WAAW,EAAE,WAAW,EAAE;YACvG,EAAE,OAAO,EAAE,+BAA+B,EAAE,IAAI,EAAE,qBAAqB,EAAE,WAAW,EAAE,aAAa,EAAE;SACtG;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,EAAE,yBAAyB,EAAE,WAAW,EAAE,mBAAmB,EAAE;YAC3F,EAAE,OAAO,EAAE,6BAA6B,EAAE,IAAI,EAAE,2BAA2B,EAAE,WAAW,EAAE,gBAAgB,EAAE;SAC7G;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,4BAA4B,EAAE,WAAW,EAAE,iBAAiB,EAAE;YACtG,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,0BAA0B,EAAE,WAAW,EAAE,SAAS,EAAE;SACnG;QACD,SAAS,EAAE;YACT,EAAE,OAAO,EAAE,kCAAkC,EAAE,IAAI,EAAE,8BAA8B,EAAE,WAAW,EAAE,iBAAiB,EAAE;YACrH,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,0BAA0B,EAAE,WAAW,EAAE,eAAe,EAAE;SACrG;KACF;IACD,cAAc,EAAE;;;;;;;;;+BASa;IAC7B,YAAY,EAAE;;;;;;;;;;;uBAWO;CACtB,CAAC;AAEF,+EAA+E;AAC/E,eAAe;AACf,+EAA+E;AAE/E,MAAM,YAAY,GAAoB;IACpC,IAAI,EAAE,MAAM;IACZ,SAAS,EAAE,MAAM;IACjB,UAAU,EAAE,CAAC,WAAW,EAAE,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;IAC3D,WAAW,EAAE;QACX,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,sBAAsB,EAAE;QAC5F,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,uBAAuB,EAAE;QAC/F,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,WAAW,EAAE,WAAW,EAAE,iBAAiB,EAAE;QACvF,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,YAAY,EAAE,WAAW,EAAE,iBAAiB,EAAE;QACxF,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,cAAc,EAAE;QAC9E,EAAE,OAAO,EAAE,cAAc,EAAE,IAAI,EAAE,aAAa,EAAE,WAAW,EAAE,iBAAiB,EAAE;KACjF;IACD,UAAU,EAAE;QACV,QAAQ,EAAE,CAAC,6CAA6C,EAAE,sBAAsB,EAAE,mBAAmB,CAAC;QACtG,QAAQ,EAAE,CAAC,iCAAiC,EAAE,aAAa,EAAE,mBAAmB,CAAC;QACjF,QAAQ,EAAE,CAAC,iCAAiC,EAAE,kBAAkB,CAAC;QACjE,QAAQ,EAAE,CAAC,mBAAmB,EAAE,oCAAoC,CAAC;QACrE,SAAS,EAAE,CAAC,0CAA0C,EAAE,mCAAmC,CAAC;KAC7F;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,sBAAsB,EAAE,WAAW,EAAE,WAAW,EAAE;YAClH,EAAE,OAAO,EAAE,wBAAwB,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,kBAAkB,EAAE;SACtG;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,2BAA2B,EAAE,WAAW,EAAE,eAAe,EAAE;YACrH,EAAE,OAAO,EAAE,kCAAkC,EAAE,IAAI,EAAE,0BAA0B,EAAE,WAAW,EAAE,eAAe,EAAE;SAChH;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,qCAAqC,EAAE,IAAI,EAAE,2BAA2B,EAAE,WAAW,EAAE,eAAe,EAAE;YACnH,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,uBAAuB,EAAE,WAAW,EAAE,eAAe,EAAE;SAC7F;QACD,QAAQ,EAAE;YACR,EAAE,OAAO,EAAE,0BAA0B,EAAE,IAAI,EAAE,sBAAsB,EAAE,WAAW,EAAE,WAAW,EAAE;YAC/F,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,sBAAsB,EAAE,WAAW,EAAE,WAAW,EAAE;SACxF;KACF;IACD,cAAc,EAAE;;;;;;;;;;;EAWhB;IACA,YAAY,EAAE;;;;;;;;;;;;2CAY2B;CAC1C,CAAC;AAEF,+EAA+E;AAC/E,4BAA4B;AAC5B,+EAA+E;AAE/E,MAAM,iBAAiB,GAA+C;IACpE,IAAI,EAAE,YAAY;IAClB,MAAM,EAAE,cAAc;IACtB,UAAU,EAAE,kBAAkB;IAC9B,UAAU,EAAE,kBAAkB,EAAE,wBAAwB;IACxD,IAAI,EAAE,YAAY;IAClB,CAAC,EAAE,YAAY,EAAE,iCAAiC;IAClD,GAAG,EAAE,YAAY;CAClB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,QAA2B;IAC5D,OAAO,iBAAiB,CAAC,QAAQ,CAAC,IAAI,YAAY,CAAC;AACrD,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,6BAA6B,CAAC,QAA2B;IACvE,MAAM,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAEzC,OAAO,uCAAuC,GAAG,CAAC,IAAI;;;;QAIhD,GAAG,CAAC,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAyDnB,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,MAAM,UAAU,2BAA2B,CAAC,QAA2B;IACrE,MAAM,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAEzC,OAAO,uCAAuC,GAAG,CAAC,IAAI;;;;QAIhD,GAAG,CAAC,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAoFnB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gCAAgC,CAAC,QAA2B;IAC1E,MAAM,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IAEzC,OAAO,uCAAuC,GAAG,CAAC,IAAI;;;;;;;;KAQnD,GAAG,CAAC,IAAI;EACX,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;;;;;;;;;;;;;;;;EAgBzB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,QAA2B,EAAE,GAAW;IACrE,MAAM,GAAG,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;IACzC,MAAM,UAAU,GAAG,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IAC7C,MAAM,QAAQ,GAAG,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC;IAE7C,IAAI,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACrD,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,cAAc,GAAG,UAAU,CAAC,MAAM,GAAG,CAAC;QAC1C,CAAC,CAAC,2BAA2B,GAAG,OAAO,GAAG,CAAC,IAAI,MAAM,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACjG,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,YAAY,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC;QACtC,CAAC,CAAC,oCAAoC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,iBAAiB,CAAC,CAAC,OAAO,aAAa,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QACvH,CAAC,CAAC,EAAE,CAAC;IAEP,OAAO,GAAG,cAAc,OAAO,YAAY,EAAE,CAAC,IAAI,EAAE,CAAC;AACvD,CAAC"}

package/dist/llm/pattern-verification.d.ts

@@ -0,0 +1,39 @@
+/**
+ * LLM-based pattern verification
+ *
+ * Verifies heuristically discovered patterns using LLM analysis.
+ */
+import type { DiscoveredPattern } from '../analysis/pattern-discovery.js';
+import type { SourcePattern, SinkPattern } from 'circle-ir';
+/**
+ * Verification result for a pattern
+ */
+export interface PatternVerificationResult {
+    pattern: SourcePattern | SinkPattern;
+    isValid: boolean;
+    confidence: number;
+    reasoning: string;
+    suggestedType?: string;
+    suggestedCwe?: string;
+}
+/**
+ * Batch verification result
+ */
+export interface BatchVerificationResult {
+    verified: PatternVerificationResult[];
+    modelUsed: string;
+    tokensUsed: number;
+}
+/**
+ * Verify a batch of discovered patterns using LLM
+ */
+export declare function verifyPatterns(patterns: DiscoveredPattern[], codeContext?: string): Promise<BatchVerificationResult>;
+/**
+ * Verify a single pattern with more detailed analysis
+ */
+export declare function verifyPatternDetailed(pattern: DiscoveredPattern, code: string, _methodName: string): Promise<PatternVerificationResult>;
+/**
+ * Check if LLM verification is available
+ */
+export declare function isVerificationAvailable(): Promise<boolean>;
+//# sourceMappingURL=pattern-verification.d.ts.map

package/dist/llm/pattern-verification.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"pattern-verification.d.ts","sourceRoot":"","sources":["../../src/llm/pattern-verification.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1E,OAAO,KAAK,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,WAAW,CAAC;AAG5D;;GAEG;AACH,MAAM,WAAW,yBAAyB;IACxC,OAAO,EAAE,aAAa,GAAG,WAAW,CAAC;IACrC,OAAO,EAAE,OAAO,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,CAAC,EAAE,MAAM,CAAC;IACvB,YAAY,CAAC,EAAE,MAAM,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,QAAQ,EAAE,yBAAyB,EAAE,CAAC;IACtC,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,QAAQ,EAAE,iBAAiB,EAAE,EAC7B,WAAW,CAAC,EAAE,MAAM,GACnB,OAAO,CAAC,uBAAuB,CAAC,CA6DlC;AAED;;GAEG;AACH,wBAAsB,qBAAqB,CACzC,OAAO,EAAE,iBAAiB,EAC1B,IAAI,EAAE,MAAM,EACZ,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC,yBAAyB,CAAC,CAoDpC;AAED;;GAEG;AACH,wBAAsB,uBAAuB,IAAI,OAAO,CAAC,OAAO,CAAC,CAOhE"}