circle-ir-ai 1.1.0

package/dist/secret-scan/patterns.js

@@ -0,0 +1,473 @@
+/**
+ * Secret Detection Pattern Library
+ *
+ * Patterns for detecting various types of secrets and credentials in code.
+ */
+/**
+ * AWS Credential Patterns
+ */
+const awsPatterns = [
+    {
+        id: 'aws-access-key-id',
+        name: 'AWS Access Key ID',
+        description: 'AWS access key identifier',
+        pattern: /\b(A3T[A-Z0-9]|AKIA|AGPA|AIDA|AROA|AIPA|ANPA|ANVA|ASIA)[A-Z0-9]{16}\b/g,
+        severity: 'critical',
+        category: 'aws',
+        keywords: ['AKIA', 'AGPA', 'AIDA', 'AROA', 'AIPA', 'ANPA', 'ANVA', 'ASIA', 'A3T'],
+    },
+    {
+        id: 'aws-secret-access-key',
+        name: 'AWS Secret Access Key',
+        description: 'AWS secret access key',
+        pattern: /(?:aws[_-]?)?secret[_-]?(?:access[_-]?)?key['":\s=]+['"]?([A-Za-z0-9/+=]{40})['"]?/gi,
+        severity: 'critical',
+        category: 'aws',
+        keywords: ['secret', 'aws'],
+    },
+    {
+        id: 'aws-session-token',
+        name: 'AWS Session Token',
+        description: 'AWS temporary session token',
+        pattern: /(?:aws[_-]?)?session[_-]?token['":\s=]+['"]?([A-Za-z0-9/+=]{100,})['"]?/gi,
+        severity: 'high',
+        category: 'aws',
+        keywords: ['session', 'token', 'aws'],
+    },
+];
+/**
+ * GitHub Patterns
+ */
+const githubPatterns = [
+    {
+        id: 'github-pat',
+        name: 'GitHub Personal Access Token',
+        description: 'GitHub personal access token (classic)',
+        pattern: /\bghp_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+        keywords: ['ghp_'],
+    },
+    {
+        id: 'github-oauth',
+        name: 'GitHub OAuth Token',
+        description: 'GitHub OAuth access token',
+        pattern: /\bgho_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+        keywords: ['gho_'],
+    },
+    {
+        id: 'github-app-token',
+        name: 'GitHub App Token',
+        description: 'GitHub App installation token',
+        pattern: /\bghs_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+        keywords: ['ghs_'],
+    },
+    {
+        id: 'github-refresh-token',
+        name: 'GitHub Refresh Token',
+        description: 'GitHub OAuth refresh token',
+        pattern: /\bghr_[A-Za-z0-9]{36}\b/g,
+        severity: 'high',
+        category: 'github',
+        keywords: ['ghr_'],
+    },
+    {
+        id: 'github-fine-grained-pat',
+        name: 'GitHub Fine-Grained PAT',
+        description: 'GitHub fine-grained personal access token',
+        pattern: /\bgithub_pat_[A-Za-z0-9]{22}_[A-Za-z0-9]{59}\b/g,
+        severity: 'critical',
+        category: 'github',
+        keywords: ['github_pat_'],
+    },
+];
+/**
+ * Stripe Patterns
+ */
+const stripePatterns = [
+    {
+        id: 'stripe-secret-key',
+        name: 'Stripe Secret Key',
+        description: 'Stripe API secret key',
+        pattern: /\bsk_live_[A-Za-z0-9]{24,}\b/g,
+        severity: 'critical',
+        category: 'stripe',
+        keywords: ['sk_live_'],
+    },
+    {
+        id: 'stripe-test-key',
+        name: 'Stripe Test Key',
+        description: 'Stripe API test key',
+        pattern: /\bsk_test_[A-Za-z0-9]{24,}\b/g,
+        severity: 'medium',
+        category: 'stripe',
+        keywords: ['sk_test_'],
+    },
+    {
+        id: 'stripe-publishable-key',
+        name: 'Stripe Publishable Key',
+        description: 'Stripe publishable key (not secret but worth flagging)',
+        pattern: /\bpk_live_[A-Za-z0-9]{24,}\b/g,
+        severity: 'low',
+        category: 'stripe',
+        keywords: ['pk_live_'],
+    },
+    {
+        id: 'stripe-restricted-key',
+        name: 'Stripe Restricted Key',
+        description: 'Stripe restricted API key',
+        pattern: /\brk_live_[A-Za-z0-9]{24,}\b/g,
+        severity: 'critical',
+        category: 'stripe',
+        keywords: ['rk_live_'],
+    },
+];
+/**
+ * Generic API Key Patterns
+ */
+const apiKeyPatterns = [
+    {
+        id: 'generic-api-key',
+        name: 'Generic API Key',
+        description: 'Generic API key in assignment or configuration',
+        pattern: /(?:api[_-]?key|apikey)['":\s=]+['"]?([A-Za-z0-9_\-]{20,})['"]?/gi,
+        severity: 'high',
+        category: 'api-key',
+        keywords: ['api', 'key'],
+        falsePositivePatterns: [
+            /example/i,
+            /placeholder/i,
+            /your[_-]?api[_-]?key/i,
+            /xxx+/i,
+            /\$\{/,
+            /%\(/,
+        ],
+    },
+    {
+        id: 'bearer-token',
+        name: 'Bearer Token',
+        description: 'Bearer authentication token',
+        pattern: /\bBearer\s+([A-Za-z0-9_\-.~+/]+=*)\b/g,
+        severity: 'high',
+        category: 'api-key',
+        keywords: ['Bearer'],
+        falsePositivePatterns: [/<token>/i, /\$\{/, /%\(/],
+    },
+];
+/**
+ * JWT Patterns
+ */
+const jwtPatterns = [
+    {
+        id: 'jwt-token',
+        name: 'JWT Token',
+        description: 'JSON Web Token',
+        pattern: /\beyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g,
+        severity: 'high',
+        category: 'jwt',
+        keywords: ['eyJ'],
+        validator: (match) => {
+            // Validate JWT structure
+            const parts = match.split('.');
+            if (parts.length !== 3)
+                return false;
+            try {
+                // Check if header is valid base64
+                const header = JSON.parse(atob(parts[0].replace(/-/g, '+').replace(/_/g, '/')));
+                return header && typeof header === 'object';
+            }
+            catch {
+                return false;
+            }
+        },
+    },
+];
+/**
+ * Database Connection Patterns
+ */
+const databasePatterns = [
+    {
+        id: 'database-url',
+        name: 'Database Connection URL',
+        description: 'Database connection string with credentials',
+        pattern: /(?:postgres(?:ql)?|mysql|mongodb(?:\+srv)?|redis|mssql):\/\/[^:\s]+:[^@\s]+@[^\s'"]+/gi,
+        severity: 'critical',
+        category: 'database',
+        keywords: ['postgres', 'mysql', 'mongodb', 'redis', 'mssql', '://'],
+        falsePositivePatterns: [/localhost/, /127\.0\.0\.1/, /example\.com/],
+    },
+    {
+        id: 'database-password',
+        name: 'Database Password',
+        description: 'Database password in configuration',
+        pattern: /(?:db[_-]?password|database[_-]?password|mysql[_-]?password|postgres[_-]?password)['":\s=]+['"]?([^\s'"]{8,})['"]?/gi,
+        severity: 'critical',
+        category: 'database',
+        keywords: ['password', 'db', 'database', 'mysql', 'postgres'],
+        falsePositivePatterns: [/\$\{/, /%\(/, /example/i, /changeme/i],
+    },
+];
+/**
+ * Private Key Patterns
+ */
+const privateKeyPatterns = [
+    {
+        id: 'rsa-private-key',
+        name: 'RSA Private Key',
+        description: 'RSA private key',
+        pattern: /-----BEGIN RSA PRIVATE KEY-----[\s\S]*?-----END RSA PRIVATE KEY-----/g,
+        severity: 'critical',
+        category: 'private-key',
+        keywords: ['BEGIN RSA PRIVATE KEY'],
+    },
+    {
+        id: 'openssh-private-key',
+        name: 'OpenSSH Private Key',
+        description: 'OpenSSH private key',
+        pattern: /-----BEGIN OPENSSH PRIVATE KEY-----[\s\S]*?-----END OPENSSH PRIVATE KEY-----/g,
+        severity: 'critical',
+        category: 'private-key',
+        keywords: ['BEGIN OPENSSH PRIVATE KEY'],
+    },
+    {
+        id: 'ec-private-key',
+        name: 'EC Private Key',
+        description: 'Elliptic curve private key',
+        pattern: /-----BEGIN EC PRIVATE KEY-----[\s\S]*?-----END EC PRIVATE KEY-----/g,
+        severity: 'critical',
+        category: 'private-key',
+        keywords: ['BEGIN EC PRIVATE KEY'],
+    },
+    {
+        id: 'dsa-private-key',
+        name: 'DSA Private Key',
+        description: 'DSA private key',
+        pattern: /-----BEGIN DSA PRIVATE KEY-----[\s\S]*?-----END DSA PRIVATE KEY-----/g,
+        severity: 'critical',
+        category: 'private-key',
+        keywords: ['BEGIN DSA PRIVATE KEY'],
+    },
+    {
+        id: 'pgp-private-key',
+        name: 'PGP Private Key',
+        description: 'PGP private key block',
+        pattern: /-----BEGIN PGP PRIVATE KEY BLOCK-----[\s\S]*?-----END PGP PRIVATE KEY BLOCK-----/g,
+        severity: 'critical',
+        category: 'private-key',
+        keywords: ['BEGIN PGP PRIVATE KEY'],
+    },
+];
+/**
+ * Cloud Provider Patterns
+ */
+const cloudPatterns = [
+    {
+        id: 'gcp-api-key',
+        name: 'Google Cloud API Key',
+        description: 'Google Cloud Platform API key',
+        pattern: /\bAIza[A-Za-z0-9_-]{35}\b/g,
+        severity: 'critical',
+        category: 'gcp',
+        keywords: ['AIza'],
+    },
+    {
+        id: 'gcp-oauth-token',
+        name: 'Google OAuth Token',
+        description: 'Google OAuth access token',
+        pattern: /\bya29\.[A-Za-z0-9_-]{50,}\b/g,
+        severity: 'high',
+        category: 'gcp',
+        keywords: ['ya29.'],
+    },
+    {
+        id: 'azure-storage-key',
+        name: 'Azure Storage Key',
+        description: 'Azure Storage account key',
+        pattern: /(?:AccountKey|azure[_-]?storage[_-]?key)['":\s=]+['"]?([A-Za-z0-9+/]{86}==)['"]?/gi,
+        severity: 'critical',
+        category: 'azure',
+        keywords: ['AccountKey', 'azure', 'storage'],
+    },
+    {
+        id: 'azure-connection-string',
+        name: 'Azure Connection String',
+        description: 'Azure service connection string',
+        pattern: /DefaultEndpointsProtocol=https?;AccountName=[^;]+;AccountKey=[A-Za-z0-9+/]{86}==/gi,
+        severity: 'critical',
+        category: 'azure',
+        keywords: ['DefaultEndpointsProtocol', 'AccountKey'],
+    },
+];
+/**
+ * Communication Service Patterns
+ */
+const communicationPatterns = [
+    {
+        id: 'slack-token',
+        name: 'Slack Token',
+        description: 'Slack bot or user token',
+        pattern: /\bxox[baprs]-[A-Za-z0-9-]{10,}\b/g,
+        severity: 'high',
+        category: 'slack',
+        keywords: ['xoxb-', 'xoxa-', 'xoxp-', 'xoxr-', 'xoxs-'],
+    },
+    {
+        id: 'slack-webhook',
+        name: 'Slack Webhook URL',
+        description: 'Slack incoming webhook URL',
+        pattern: /https:\/\/hooks\.slack\.com\/services\/T[A-Za-z0-9]+\/B[A-Za-z0-9]+\/[A-Za-z0-9]+/g,
+        severity: 'medium',
+        category: 'slack',
+        keywords: ['hooks.slack.com'],
+    },
+    {
+        id: 'discord-token',
+        name: 'Discord Token',
+        description: 'Discord bot or webhook token',
+        pattern: /\b[MN][A-Za-z0-9]{23,}\.[A-Za-z0-9_-]{6}\.[A-Za-z0-9_-]{27}\b/g,
+        severity: 'high',
+        category: 'discord',
+    },
+    {
+        id: 'discord-webhook',
+        name: 'Discord Webhook URL',
+        description: 'Discord webhook URL',
+        pattern: /https:\/\/discord(?:app)?\.com\/api\/webhooks\/\d+\/[A-Za-z0-9_-]+/g,
+        severity: 'medium',
+        category: 'discord',
+        keywords: ['discord', 'webhook'],
+    },
+    {
+        id: 'twilio-api-key',
+        name: 'Twilio API Key',
+        description: 'Twilio API key',
+        pattern: /\bSK[A-Za-z0-9]{32}\b/g,
+        severity: 'high',
+        category: 'twilio',
+        keywords: ['SK'],
+    },
+    {
+        id: 'sendgrid-api-key',
+        name: 'SendGrid API Key',
+        description: 'SendGrid API key',
+        pattern: /\bSG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}\b/g,
+        severity: 'high',
+        category: 'sendgrid',
+        keywords: ['SG.'],
+    },
+];
+/**
+ * Payment Provider Patterns
+ */
+const paymentPatterns = [
+    {
+        id: 'paypal-client-id',
+        name: 'PayPal Client ID',
+        description: 'PayPal REST API client ID',
+        pattern: /\bA[A-Za-z0-9_-]{20,}(?:sandbox|live)\b/gi,
+        severity: 'medium',
+        category: 'paypal',
+        keywords: ['paypal'],
+    },
+    {
+        id: 'square-access-token',
+        name: 'Square Access Token',
+        description: 'Square API access token',
+        pattern: /\bsq0[a-z]{3}-[A-Za-z0-9_-]{22,}\b/g,
+        severity: 'critical',
+        category: 'square',
+        keywords: ['sq0'],
+    },
+];
+/**
+ * High Entropy String Detection
+ */
+const highEntropyPatterns = [
+    {
+        id: 'high-entropy-base64',
+        name: 'High Entropy Base64 String',
+        description: 'Potentially sensitive base64-encoded string with high entropy',
+        pattern: /['"][A-Za-z0-9+/]{40,}={0,2}['"]/g,
+        severity: 'medium',
+        category: 'high-entropy',
+        validator: (match) => {
+            // Remove quotes
+            const str = match.slice(1, -1);
+            // Calculate Shannon entropy
+            const entropy = calculateEntropy(str);
+            // High entropy threshold for base64 (typically > 4.5)
+            return entropy > 4.5 && str.length >= 40;
+        },
+    },
+    {
+        id: 'high-entropy-hex',
+        name: 'High Entropy Hex String',
+        description: 'Potentially sensitive hexadecimal string with high entropy',
+        pattern: /['"][A-Fa-f0-9]{32,}['"]/g,
+        severity: 'medium',
+        category: 'high-entropy',
+        validator: (match) => {
+            const str = match.slice(1, -1);
+            const entropy = calculateEntropy(str);
+            // Hex strings have lower max entropy (~4.0)
+            return entropy > 3.5 && str.length >= 32;
+        },
+    },
+];
+/**
+ * Calculate Shannon entropy of a string
+ */
+export function calculateEntropy(str) {
+    const len = str.length;
+    if (len === 0)
+        return 0;
+    const freq = new Map();
+    for (const char of str) {
+        freq.set(char, (freq.get(char) || 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / len;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+/**
+ * All secret patterns combined
+ */
+export const SECRET_PATTERNS = [
+    ...awsPatterns,
+    ...githubPatterns,
+    ...stripePatterns,
+    ...apiKeyPatterns,
+    ...jwtPatterns,
+    ...databasePatterns,
+    ...privateKeyPatterns,
+    ...cloudPatterns,
+    ...communicationPatterns,
+    ...paymentPatterns,
+    ...highEntropyPatterns,
+];
+/**
+ * Get patterns by category
+ */
+export function getPatternsByCategory(category) {
+    return SECRET_PATTERNS.filter((p) => p.category === category);
+}
+/**
+ * Get patterns by severity
+ */
+export function getPatternsBySeverity(severity) {
+    return SECRET_PATTERNS.filter((p) => p.severity === severity);
+}
+/**
+ * Get all pattern categories
+ */
+export function getPatternCategories() {
+    return [...new Set(SECRET_PATTERNS.map((p) => p.category))];
+}
+//# sourceMappingURL=patterns.js.map

package/dist/secret-scan/patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/secret-scan/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH;;GAEG;AACH,MAAM,WAAW,GAAoB;IACnC;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,wEAAwE;QACjF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC;KAClF;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC;KAC5B;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC;KACtC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,wCAAwC;QACrD,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,2CAA2C;QACxD,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,aAAa,CAAC;KAC1B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,wDAAwD;QACrE,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,gDAAgD;QAC7D,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC;QACxB,qBAAqB,EAAE;YACrB,UAAU;YACV,cAAc;YACd,uBAAuB;YACvB,OAAO;YACP,MAAM;YACN,KAAK;SACN;KACF;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,qBAAqB,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC;KACnD;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,GAAoB;IACnC;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,gBAAgB;QAC7B,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,KAAK,CAAC;QACjB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yBAAyB;YACzB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACrC,IAAI,CAAC;gBACH,kCAAkC;gBAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;gBAChF,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoB;IACxC;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,6CAA6C;QAC1D,OAAO,EAAE,wFAAwF;QACjG,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC;QACnE,qBAAqB,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,CAAC;KACrE;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,oCAAoC;QACjD,OAAO,EAAE,sHAAsH;QAC/H,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,CAAC;QAC7D,qBAAqB,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,CAAC;KAChE;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAoB;IAC1C;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,+EAA+E;QACxF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,2BAA2B,CAAC;KACxC;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,sBAAsB,CAAC;KACnC;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,mFAAmF;QAC5F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAAoB;IACrC;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,OAAO,CAAC;KACpB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,SAAS,CAAC;KAC7C;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,iCAAiC;QAC9C,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,0BAA0B,EAAE,YAAY,CAAC;KACrD;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAoB;IAC7C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,yBAAyB;QACtC,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;KACxD;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,iBAAiB,CAAC;KAC9B;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,8BAA8B;QAC3C,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;KACjC;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gBAAgB;QAC7B,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,IAAI,CAAC;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,KAAK,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAoB;IACvC;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,QAAQ,CAAC;KACrB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,yBAAyB;QACtC,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,KAAK,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAoB;IAC3C;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,+DAA+D;QAC5E,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,gBAAgB;YAChB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,4BAA4B;YAC5B,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtC,sDAAsD;YACtD,OAAO,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC3C,CAAC;KACF;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,4DAA4D;QACzE,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtC,4CAA4C;YAC5C,OAAO,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC3C,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAExB,MAAM,IAAI,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;QACtB,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C,GAAG,WAAW;IACd,GAAG,cAAc;IACjB,GAAG,cAAc;IACjB,GAAG,cAAc;IACjB,GAAG,WAAW;IACd,GAAG,gBAAgB;IACnB,GAAG,kBAAkB;IACrB,GAAG,aAAa;IAChB,GAAG,qBAAqB;IACxB,GAAG,eAAe;IAClB,GAAG,mBAAmB;CACvB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAwB;IAC5D,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC"}

package/dist/secret-scan/scanner.d.ts

@@ -0,0 +1,162 @@
+/**
+ * Secret Scanner Module
+ *
+ * Scans code and Git history for secrets and credentials.
+ */
+import { type SecretPattern, type SecretSeverity } from './patterns.js';
+/**
+ * Options for secret scanning
+ */
+export interface SecretScanOptions {
+    /** Patterns to use (defaults to all) */
+    patterns?: SecretPattern[];
+    /** Categories to include (defaults to all) */
+    includeCategories?: string[];
+    /** Categories to exclude */
+    excludeCategories?: string[];
+    /** Minimum severity to report */
+    minSeverity?: SecretSeverity;
+    /** Whether to scan git history */
+    scanHistory?: boolean;
+    /** Maximum number of commits to scan in history */
+    maxCommits?: number;
+    /** File patterns to include (glob) */
+    includeFiles?: string[];
+    /** File patterns to exclude (glob) */
+    excludeFiles?: string[];
+    /** Progress callback */
+    onProgress?: (progress: ScanProgress) => void;
+}
+/**
+ * Scan progress information
+ */
+export interface ScanProgress {
+    phase: 'indexing' | 'scanning-files' | 'scanning-history' | 'complete';
+    currentFile?: string;
+    filesScanned: number;
+    totalFiles: number;
+    commitsScanned?: number;
+    totalCommits?: number;
+    secretsFound: number;
+}
+/**
+ * A detected secret
+ */
+export interface DetectedSecret {
+    /** Pattern ID that matched */
+    patternId: string;
+    /** Human-readable name */
+    patternName: string;
+    /** File path where secret was found */
+    file: string;
+    /** Line number */
+    line: number;
+    /** Column position */
+    column: number;
+    /** The matched secret (partially redacted) */
+    match: string;
+    /** Full line content (for context) */
+    lineContent: string;
+    /** Severity level */
+    severity: SecretSeverity;
+    /** Category */
+    category: string;
+    /** Git commit hash (if found in history) */
+    commit?: string;
+    /** Git author (if found in history) */
+    author?: string;
+    /** Git commit date (if found in history) */
+    commitDate?: string;
+    /** Whether secret is still present in HEAD */
+    presentInHead: boolean;
+}
+/**
+ * Scan result summary
+ */
+export interface SecretScanResult {
+    /** Directory that was scanned */
+    directory: string;
+    /** Total files scanned */
+    filesScanned: number;
+    /** Commits scanned (if history scan enabled) */
+    commitsScanned: number;
+    /** All detected secrets */
+    secrets: DetectedSecret[];
+    /** Secrets by severity */
+    bySeverity: Record<SecretSeverity, number>;
+    /** Secrets by category */
+    byCategory: Record<string, number>;
+    /** Secrets currently in HEAD (not just history) */
+    activeSecrets: number;
+    /** Secrets only in history */
+    historicalSecrets: number;
+    /** Scan duration in ms */
+    durationMs: number;
+    /** .gitignore recommendations */
+    gitignoreRecommendations: string[];
+}
+/**
+ * Secret Scanner class
+ */
+export declare class SecretScanner {
+    private patterns;
+    private options;
+    constructor(options?: SecretScanOptions);
+    /**
+     * Select patterns based on options
+     */
+    private selectPatterns;
+    /**
+     * Scan a directory for secrets
+     */
+    scan(directory: string): Promise<SecretScanResult>;
+    /**
+     * Scan a single file for secrets
+     */
+    scanFile(filePath: string, baseDir: string): Promise<DetectedSecret[]>;
+    /**
+     * Scan a single line for secrets
+     */
+    private scanLine;
+    /**
+     * Scan git history for secrets
+     */
+    private scanGitHistory;
+    /**
+     * Scan a git diff for secrets
+     */
+    private scanDiff;
+    /**
+     * Get list of files to scan
+     */
+    private getFiles;
+    /**
+     * Check if directory is a git repo
+     */
+    private isGitRepo;
+    /**
+     * Redact a secret for safe display
+     */
+    private redactSecret;
+    /**
+     * Truncate long lines
+     */
+    private truncateLine;
+    /**
+     * Generate .gitignore recommendations
+     */
+    private generateGitignoreRecommendations;
+}
+/**
+ * Scan a directory for secrets (convenience function)
+ */
+export declare function scanForSecrets(directory: string, options?: SecretScanOptions): Promise<SecretScanResult>;
+/**
+ * Quick scan without git history (convenience function)
+ */
+export declare function quickSecretScan(directory: string): Promise<SecretScanResult>;
+/**
+ * Format scan result as text report
+ */
+export declare function formatSecretReport(result: SecretScanResult): string;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/secret-scan/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/secret-scan/scanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAKH,OAAO,EAGL,KAAK,aAAa,EAClB,KAAK,cAAc,EACpB,MAAM,eAAe,CAAC;AAEvB;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,wCAAwC;IACxC,QAAQ,CAAC,EAAE,aAAa,EAAE,CAAC;IAC3B,8CAA8C;IAC9C,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,4BAA4B;IAC5B,iBAAiB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC7B,iCAAiC;IACjC,WAAW,CAAC,EAAE,cAAc,CAAC;IAC7B,kCAAkC;IAClC,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,mDAAmD;IACnD,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,sCAAsC;IACtC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,sCAAsC;IACtC,YAAY,CAAC,EAAE,MAAM,EAAE,CAAC;IACxB,wBAAwB;IACxB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,YAAY,KAAK,IAAI,CAAC;CAC/C;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,UAAU,GAAG,gBAAgB,GAAG,kBAAkB,GAAG,UAAU,CAAC;IACvE,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,UAAU,EAAE,MAAM,CAAC;IACnB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,8BAA8B;IAC9B,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,uCAAuC;IACvC,IAAI,EAAE,MAAM,CAAC;IACb,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,sBAAsB;IACtB,MAAM,EAAE,MAAM,CAAC;IACf,8CAA8C;IAC9C,KAAK,EAAE,MAAM,CAAC;IACd,sCAAsC;IACtC,WAAW,EAAE,MAAM,CAAC;IACpB,qBAAqB;IACrB,QAAQ,EAAE,cAAc,CAAC;IACzB,eAAe;IACf,QAAQ,EAAE,MAAM,CAAC;IACjB,4CAA4C;IAC5C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,uCAAuC;IACvC,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,4CAA4C;IAC5C,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,8CAA8C;IAC9C,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,iCAAiC;IACjC,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,YAAY,EAAE,MAAM,CAAC;IACrB,gDAAgD;IAChD,cAAc,EAAE,MAAM,CAAC;IACvB,2BAA2B;IAC3B,OAAO,EAAE,cAAc,EAAE,CAAC;IAC1B,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC,cAAc,EAAE,MAAM,CAAC,CAAC;IAC3C,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACnC,mDAAmD;IACnD,aAAa,EAAE,MAAM,CAAC;IACtB,8BAA8B;IAC9B,iBAAiB,EAAE,MAAM,CAAC;IAC1B,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,iCAAiC;IACjC,wBAAwB,EAAE,MAAM,EAAE,CAAC;CACpC;AAED;;GAEG;AACH,qBAAa,aAAa;IACxB,OAAO,CAAC,QAAQ,CAAkB;IAClC,OAAO,CAAC,OAAO,CAAoB;gBAEvB,OAAO,GAAE,iBAAsB;IAK3C;;OAEG;IACH,OAAO,CAAC,cAAc;IA2BtB;;OAEG;IACG,IAAI,CAAC,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,gBAAgB,CAAC;IA8FxD;;OAEG;IACG,QAAQ,CAAC,QAAQ,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,cAAc,EAAE,CAAC;IAoB5E;;OAEG;IACH,OAAO,CAAC,QAAQ;IA+DhB;;OAEG;YACW,cAAc;IAqD5B;;OAEG;IACH,OAAO,CAAC,QAAQ;IA+ChB;;OAEG;IACH,OAAO,CAAC,QAAQ;IA2EhB;;OAEG;IACH,OAAO,CAAC,SAAS;IAYjB;;OAEG;IACH,OAAO,CAAC,YAAY;IAYpB;;OAEG;IACH,OAAO,CAAC,YAAY;IAKpB;;OAEG;IACH,OAAO,CAAC,gCAAgC;CAqDzC;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,SAAS,EAAE,MAAM,EACjB,OAAO,GAAE,iBAAsB,GAC9B,OAAO,CAAC,gBAAgB,CAAC,CAG3B;AAED;;GAEG;AACH,wBAAsB,eAAe,CACnC,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,gBAAgB,CAAC,CAK3B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,gBAAgB,GAAG,MAAM,CAkFnE"}