circle-ir-ai 1.1.0

package/dist/secret-scan/scanner.js

@@ -0,0 +1,511 @@
+/**
+ * Secret Scanner Module
+ *
+ * Scans code and Git history for secrets and credentials.
+ */
+import { execSync } from 'child_process';
+import * as fs from 'fs';
+import * as path from 'path';
+import { SECRET_PATTERNS, } from './patterns.js';
+/**
+ * Secret Scanner class
+ */
+export class SecretScanner {
+    patterns;
+    options;
+    constructor(options = {}) {
+        this.options = options;
+        this.patterns = this.selectPatterns(options);
+    }
+    /**
+     * Select patterns based on options
+     */
+    selectPatterns(options) {
+        let patterns = options.patterns || SECRET_PATTERNS;
+        // Filter by category
+        if (options.includeCategories?.length) {
+            patterns = patterns.filter((p) => options.includeCategories.includes(p.category));
+        }
+        if (options.excludeCategories?.length) {
+            patterns = patterns.filter((p) => !options.excludeCategories.includes(p.category));
+        }
+        // Filter by severity
+        if (options.minSeverity) {
+            const severityOrder = ['low', 'medium', 'high', 'critical'];
+            const minIndex = severityOrder.indexOf(options.minSeverity);
+            patterns = patterns.filter((p) => severityOrder.indexOf(p.severity) >= minIndex);
+        }
+        return patterns;
+    }
+    /**
+     * Scan a directory for secrets
+     */
+    async scan(directory) {
+        const startTime = Date.now();
+        const secrets = [];
+        const progress = {
+            phase: 'indexing',
+            filesScanned: 0,
+            totalFiles: 0,
+            secretsFound: 0,
+        };
+        this.options.onProgress?.(progress);
+        // Get list of files
+        const files = this.getFiles(directory);
+        progress.totalFiles = files.length;
+        progress.phase = 'scanning-files';
+        this.options.onProgress?.(progress);
+        // Scan current files
+        for (const file of files) {
+            progress.currentFile = file;
+            this.options.onProgress?.(progress);
+            const fileSecrets = await this.scanFile(file, directory);
+            for (const secret of fileSecrets) {
+                secret.presentInHead = true;
+                secrets.push(secret);
+            }
+            progress.filesScanned++;
+            progress.secretsFound = secrets.length;
+            this.options.onProgress?.(progress);
+        }
+        // Scan git history if enabled
+        let commitsScanned = 0;
+        if (this.options.scanHistory && this.isGitRepo(directory)) {
+            progress.phase = 'scanning-history';
+            const historySecrets = await this.scanGitHistory(directory, progress);
+            // Mark historical secrets as not present in HEAD if not already found
+            for (const secret of historySecrets) {
+                const existsInHead = secrets.some((s) => s.file === secret.file &&
+                    s.patternId === secret.patternId &&
+                    s.match === secret.match);
+                secret.presentInHead = existsInHead;
+                if (!existsInHead) {
+                    secrets.push(secret);
+                }
+            }
+            commitsScanned = progress.commitsScanned || 0;
+        }
+        progress.phase = 'complete';
+        this.options.onProgress?.(progress);
+        // Calculate statistics
+        const bySeverity = {
+            critical: 0,
+            high: 0,
+            medium: 0,
+            low: 0,
+        };
+        const byCategory = {};
+        for (const secret of secrets) {
+            bySeverity[secret.severity]++;
+            byCategory[secret.category] = (byCategory[secret.category] || 0) + 1;
+        }
+        const activeSecrets = secrets.filter((s) => s.presentInHead).length;
+        const historicalSecrets = secrets.filter((s) => !s.presentInHead).length;
+        // Generate .gitignore recommendations
+        const gitignoreRecommendations = this.generateGitignoreRecommendations(secrets);
+        return {
+            directory,
+            filesScanned: files.length,
+            commitsScanned,
+            secrets,
+            bySeverity,
+            byCategory,
+            activeSecrets,
+            historicalSecrets,
+            durationMs: Date.now() - startTime,
+            gitignoreRecommendations,
+        };
+    }
+    /**
+     * Scan a single file for secrets
+     */
+    async scanFile(filePath, baseDir) {
+        const secrets = [];
+        try {
+            const content = fs.readFileSync(filePath, 'utf-8');
+            const relativePath = path.relative(baseDir, filePath);
+            const lines = content.split('\n');
+            for (let lineNum = 0; lineNum < lines.length; lineNum++) {
+                const line = lines[lineNum];
+                const lineSecrets = this.scanLine(line, relativePath, lineNum + 1);
+                secrets.push(...lineSecrets);
+            }
+        }
+        catch {
+            // Skip files that can't be read
+        }
+        return secrets;
+    }
+    /**
+     * Scan a single line for secrets
+     */
+    scanLine(line, file, lineNum, commit, author, commitDate) {
+        const secrets = [];
+        // Quick keyword pre-filter
+        const lineLower = line.toLowerCase();
+        for (const pattern of this.patterns) {
+            // Skip if no keywords match (optimization)
+            if (pattern.keywords?.length) {
+                const hasKeyword = pattern.keywords.some((k) => lineLower.includes(k.toLowerCase()));
+                if (!hasKeyword)
+                    continue;
+            }
+            // Reset regex lastIndex for global patterns
+            pattern.pattern.lastIndex = 0;
+            let match;
+            while ((match = pattern.pattern.exec(line)) !== null) {
+                const matchedText = match[0];
+                // Check false positive patterns
+                if (pattern.falsePositivePatterns?.length) {
+                    const isFalsePositive = pattern.falsePositivePatterns.some((fp) => fp.test(line));
+                    if (isFalsePositive)
+                        continue;
+                }
+                // Run validator if present
+                if (pattern.validator && !pattern.validator(matchedText)) {
+                    continue;
+                }
+                secrets.push({
+                    patternId: pattern.id,
+                    patternName: pattern.name,
+                    file,
+                    line: lineNum,
+                    column: match.index + 1,
+                    match: this.redactSecret(matchedText),
+                    lineContent: this.truncateLine(line),
+                    severity: pattern.severity,
+                    category: pattern.category,
+                    commit,
+                    author,
+                    commitDate,
+                    presentInHead: false, // Will be updated later
+                });
+            }
+        }
+        return secrets;
+    }
+    /**
+     * Scan git history for secrets
+     */
+    async scanGitHistory(directory, progress) {
+        const secrets = [];
+        const maxCommits = this.options.maxCommits || 100;
+        try {
+            // Get commit hashes
+            const commits = execSync(`git -C "${directory}" log --format="%H" -n ${maxCommits}`, { encoding: 'utf-8' })
+                .trim()
+                .split('\n')
+                .filter(Boolean);
+            progress.totalCommits = commits.length;
+            progress.commitsScanned = 0;
+            for (const commit of commits) {
+                // Get commit info
+                const commitInfo = execSync(`git -C "${directory}" log -1 --format="%an|%aI" ${commit}`, { encoding: 'utf-8' }).trim();
+                const [author, commitDate] = commitInfo.split('|');
+                // Get diff for this commit
+                try {
+                    const diff = execSync(`git -C "${directory}" diff-tree --no-commit-id -r -p ${commit}`, { encoding: 'utf-8', maxBuffer: 50 * 1024 * 1024 });
+                    // Parse diff and scan for secrets
+                    const diffSecrets = this.scanDiff(diff, commit, author, commitDate);
+                    secrets.push(...diffSecrets);
+                }
+                catch {
+                    // Skip commits that can't be diffed
+                }
+                progress.commitsScanned++;
+                progress.secretsFound = secrets.length;
+                this.options.onProgress?.(progress);
+            }
+        }
+        catch {
+            // Git history scan failed
+        }
+        return secrets;
+    }
+    /**
+     * Scan a git diff for secrets
+     */
+    scanDiff(diff, commit, author, commitDate) {
+        const secrets = [];
+        let currentFile = '';
+        let lineNum = 0;
+        const lines = diff.split('\n');
+        for (const line of lines) {
+            // Track current file
+            if (line.startsWith('+++ b/')) {
+                currentFile = line.slice(6);
+                lineNum = 0;
+                continue;
+            }
+            // Track line numbers from hunk headers
+            const hunkMatch = line.match(/^@@ -\d+(?:,\d+)? \+(\d+)/);
+            if (hunkMatch) {
+                lineNum = parseInt(hunkMatch[1], 10) - 1;
+                continue;
+            }
+            // Only scan added lines
+            if (line.startsWith('+') && !line.startsWith('+++')) {
+                lineNum++;
+                const content = line.slice(1); // Remove the '+' prefix
+                const lineSecrets = this.scanLine(content, currentFile, lineNum, commit, author, commitDate);
+                secrets.push(...lineSecrets);
+            }
+            else if (!line.startsWith('-')) {
+                lineNum++;
+            }
+        }
+        return secrets;
+    }
+    /**
+     * Get list of files to scan
+     */
+    getFiles(directory) {
+        const files = [];
+        const excludePatterns = [
+            /node_modules/,
+            /\.git/,
+            /dist/,
+            /build/,
+            /\.min\./,
+            /vendor/,
+            /\.lock$/,
+            /package-lock\.json$/,
+            /yarn\.lock$/,
+            /\.png$/i,
+            /\.jpg$/i,
+            /\.jpeg$/i,
+            /\.gif$/i,
+            /\.ico$/i,
+            /\.svg$/i,
+            /\.woff2?$/i,
+            /\.ttf$/i,
+            /\.eot$/i,
+            /\.mp[34]$/i,
+            /\.wav$/i,
+            /\.avi$/i,
+            /\.mov$/i,
+            /\.pdf$/i,
+            /\.zip$/i,
+            /\.tar$/i,
+            /\.gz$/i,
+            /\.wasm$/i,
+        ];
+        const walk = (dir) => {
+            try {
+                const entries = fs.readdirSync(dir, { withFileTypes: true });
+                for (const entry of entries) {
+                    const fullPath = path.join(dir, entry.name);
+                    const relativePath = path.relative(directory, fullPath);
+                    // Skip excluded patterns
+                    if (excludePatterns.some((p) => p.test(relativePath))) {
+                        continue;
+                    }
+                    // Apply custom exclude patterns
+                    if (this.options.excludeFiles?.length) {
+                        const shouldExclude = this.options.excludeFiles.some((pattern) => new RegExp(pattern).test(relativePath));
+                        if (shouldExclude)
+                            continue;
+                    }
+                    if (entry.isDirectory()) {
+                        walk(fullPath);
+                    }
+                    else if (entry.isFile()) {
+                        // Apply custom include patterns
+                        if (this.options.includeFiles?.length) {
+                            const shouldInclude = this.options.includeFiles.some((pattern) => new RegExp(pattern).test(relativePath));
+                            if (!shouldInclude)
+                                continue;
+                        }
+                        files.push(fullPath);
+                    }
+                }
+            }
+            catch {
+                // Skip directories that can't be read
+            }
+        };
+        walk(directory);
+        return files;
+    }
+    /**
+     * Check if directory is a git repo
+     */
+    isGitRepo(directory) {
+        try {
+            execSync(`git -C "${directory}" rev-parse --git-dir`, {
+                encoding: 'utf-8',
+                stdio: 'pipe',
+            });
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    /**
+     * Redact a secret for safe display
+     */
+    redactSecret(secret) {
+        if (secret.length <= 8) {
+            return '*'.repeat(secret.length);
+        }
+        const visibleChars = Math.min(4, Math.floor(secret.length / 4));
+        return (secret.slice(0, visibleChars) +
+            '*'.repeat(secret.length - visibleChars * 2) +
+            secret.slice(-visibleChars));
+    }
+    /**
+     * Truncate long lines
+     */
+    truncateLine(line, maxLength = 200) {
+        if (line.length <= maxLength)
+            return line;
+        return line.slice(0, maxLength) + '...';
+    }
+    /**
+     * Generate .gitignore recommendations
+     */
+    generateGitignoreRecommendations(secrets) {
+        const recommendations = new Set();
+        for (const secret of secrets) {
+            const file = secret.file;
+            // Common sensitive file patterns
+            if (/\.env($|\.)/.test(file)) {
+                recommendations.add('.env*');
+                recommendations.add('!.env.example');
+            }
+            if (/credentials?\./.test(file)) {
+                recommendations.add('**/credentials*');
+            }
+            if (/secrets?\./.test(file)) {
+                recommendations.add('**/secrets*');
+            }
+            if (/config\.local\./.test(file)) {
+                recommendations.add('*.local.*');
+            }
+            if (/\.pem$/.test(file)) {
+                recommendations.add('*.pem');
+            }
+            if (/\.key$/.test(file)) {
+                recommendations.add('*.key');
+            }
+            if (/id_rsa/.test(file)) {
+                recommendations.add('**/id_rsa*');
+            }
+            if (/\.keystore$/.test(file)) {
+                recommendations.add('*.keystore');
+            }
+            if (/\.jks$/.test(file)) {
+                recommendations.add('*.jks');
+            }
+            if (/\.p12$/.test(file)) {
+                recommendations.add('*.p12');
+            }
+            if (/\.pfx$/.test(file)) {
+                recommendations.add('*.pfx');
+            }
+        }
+        // Always recommend common patterns
+        recommendations.add('.env');
+        recommendations.add('.env.local');
+        recommendations.add('*.pem');
+        recommendations.add('*.key');
+        return [...recommendations].sort();
+    }
+}
+/**
+ * Scan a directory for secrets (convenience function)
+ */
+export async function scanForSecrets(directory, options = {}) {
+    const scanner = new SecretScanner(options);
+    return scanner.scan(directory);
+}
+/**
+ * Quick scan without git history (convenience function)
+ */
+export async function quickSecretScan(directory) {
+    return scanForSecrets(directory, {
+        scanHistory: false,
+        minSeverity: 'medium',
+    });
+}
+/**
+ * Format scan result as text report
+ */
+export function formatSecretReport(result) {
+    const lines = [];
+    lines.push('='.repeat(60));
+    lines.push('SECRET SCAN REPORT');
+    lines.push('='.repeat(60));
+    lines.push('');
+    lines.push(`Directory: ${result.directory}`);
+    lines.push(`Files Scanned: ${result.filesScanned}`);
+    lines.push(`Commits Scanned: ${result.commitsScanned}`);
+    lines.push(`Duration: ${result.durationMs}ms`);
+    lines.push('');
+    // Summary
+    lines.push('-'.repeat(40));
+    lines.push('SUMMARY');
+    lines.push('-'.repeat(40));
+    lines.push(`Total Secrets Found: ${result.secrets.length}`);
+    lines.push(`  Active (in HEAD): ${result.activeSecrets}`);
+    lines.push(`  Historical Only: ${result.historicalSecrets}`);
+    lines.push('');
+    lines.push('By Severity:');
+    lines.push(`  Critical: ${result.bySeverity.critical}`);
+    lines.push(`  High: ${result.bySeverity.high}`);
+    lines.push(`  Medium: ${result.bySeverity.medium}`);
+    lines.push(`  Low: ${result.bySeverity.low}`);
+    lines.push('');
+    lines.push('By Category:');
+    for (const [category, count] of Object.entries(result.byCategory)) {
+        lines.push(`  ${category}: ${count}`);
+    }
+    lines.push('');
+    // Detailed findings
+    if (result.secrets.length > 0) {
+        lines.push('-'.repeat(40));
+        lines.push('FINDINGS');
+        lines.push('-'.repeat(40));
+        // Group by severity
+        const grouped = new Map();
+        for (const secret of result.secrets) {
+            const list = grouped.get(secret.severity) || [];
+            list.push(secret);
+            grouped.set(secret.severity, list);
+        }
+        for (const severity of ['critical', 'high', 'medium', 'low']) {
+            const secrets = grouped.get(severity);
+            if (!secrets?.length)
+                continue;
+            lines.push('');
+            lines.push(`[${severity.toUpperCase()}]`);
+            for (const secret of secrets) {
+                lines.push('');
+                lines.push(`  ${secret.patternName} (${secret.category})`);
+                lines.push(`    File: ${secret.file}:${secret.line}:${secret.column}`);
+                lines.push(`    Match: ${secret.match}`);
+                if (secret.commit) {
+                    lines.push(`    Commit: ${secret.commit.slice(0, 8)}`);
+                    lines.push(`    Author: ${secret.author}`);
+                    lines.push(`    Date: ${secret.commitDate}`);
+                }
+                lines.push(`    Status: ${secret.presentInHead ? 'ACTIVE' : 'Historical'}`);
+            }
+        }
+    }
+    // .gitignore recommendations
+    if (result.gitignoreRecommendations.length > 0) {
+        lines.push('');
+        lines.push('-'.repeat(40));
+        lines.push('.GITIGNORE RECOMMENDATIONS');
+        lines.push('-'.repeat(40));
+        lines.push('Add these patterns to your .gitignore:');
+        lines.push('');
+        for (const pattern of result.gitignoreRecommendations) {
+            lines.push(`  ${pattern}`);
+        }
+    }
+    return lines.join('\n');
+}
+//# sourceMappingURL=scanner.js.map

package/dist/secret-scan/scanner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.js","sourceRoot":"","sources":["../../src/secret-scan/scanner.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,eAAe,CAAC;AACzC,OAAO,KAAK,EAAE,MAAM,IAAI,CAAC;AACzB,OAAO,KAAK,IAAI,MAAM,MAAM,CAAC;AAC7B,OAAO,EACL,eAAe,GAIhB,MAAM,eAAe,CAAC;AAiGvB;;GAEG;AACH,MAAM,OAAO,aAAa;IAChB,QAAQ,CAAkB;IAC1B,OAAO,CAAoB;IAEnC,YAAY,UAA6B,EAAE;QACzC,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;QACvB,IAAI,CAAC,QAAQ,GAAG,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,CAAC;IAC/C,CAAC;IAED;;OAEG;IACK,cAAc,CAAC,OAA0B;QAC/C,IAAI,QAAQ,GAAG,OAAO,CAAC,QAAQ,IAAI,eAAe,CAAC;QAEnD,qBAAqB;QACrB,IAAI,OAAO,CAAC,iBAAiB,EAAE,MAAM,EAAE,CAAC;YACtC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAC/B,OAAO,CAAC,iBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAChD,CAAC;QACJ,CAAC;QACD,IAAI,OAAO,CAAC,iBAAiB,EAAE,MAAM,EAAE,CAAC;YACtC,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,iBAAkB,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CACxD,CAAC;QACJ,CAAC;QAED,qBAAqB;QACrB,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC;YACxB,MAAM,aAAa,GAAqB,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;YAC9E,MAAM,QAAQ,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;YAC5D,QAAQ,GAAG,QAAQ,CAAC,MAAM,CACxB,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,QAAQ,CACrD,CAAC;QACJ,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,IAAI,CAAC,SAAiB;QAC1B,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAC7B,MAAM,OAAO,GAAqB,EAAE,CAAC;QAErC,MAAM,QAAQ,GAAiB;YAC7B,KAAK,EAAE,UAAU;YACjB,YAAY,EAAE,CAAC;YACf,UAAU,EAAE,CAAC;YACb,YAAY,EAAE,CAAC;SAChB,CAAC;QACF,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;QAEpC,oBAAoB;QACpB,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;QACvC,QAAQ,CAAC,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC;QACnC,QAAQ,CAAC,KAAK,GAAG,gBAAgB,CAAC;QAClC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;QAEpC,qBAAqB;QACrB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,QAAQ,CAAC,WAAW,GAAG,IAAI,CAAC;YAC5B,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;YAEpC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;YACzD,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;gBACjC,MAAM,CAAC,aAAa,GAAG,IAAI,CAAC;gBAC5B,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvB,CAAC;YAED,QAAQ,CAAC,YAAY,EAAE,CAAC;YACxB,QAAQ,CAAC,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;YACvC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;QACtC,CAAC;QAED,8BAA8B;QAC9B,IAAI,cAAc,GAAG,CAAC,CAAC;QACvB,IAAI,IAAI,CAAC,OAAO,CAAC,WAAW,IAAI,IAAI,CAAC,SAAS,CAAC,SAAS,CAAC,EAAE,CAAC;YAC1D,QAAQ,CAAC,KAAK,GAAG,kBAAkB,CAAC;YACpC,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,cAAc,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;YAEtE,sEAAsE;YACtE,KAAK,MAAM,MAAM,IAAI,cAAc,EAAE,CAAC;gBACpC,MAAM,YAAY,GAAG,OAAO,CAAC,IAAI,CAC/B,CAAC,CAAC,EAAE,EAAE,CACJ,CAAC,CAAC,IAAI,KAAK,MAAM,CAAC,IAAI;oBACtB,CAAC,CAAC,SAAS,KAAK,MAAM,CAAC,SAAS;oBAChC,CAAC,CAAC,KAAK,KAAK,MAAM,CAAC,KAAK,CAC3B,CAAC;gBACF,MAAM,CAAC,aAAa,GAAG,YAAY,CAAC;gBACpC,IAAI,CAAC,YAAY,EAAE,CAAC;oBAClB,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACvB,CAAC;YACH,CAAC;YAED,cAAc,GAAG,QAAQ,CAAC,cAAc,IAAI,CAAC,CAAC;QAChD,CAAC;QAED,QAAQ,CAAC,KAAK,GAAG,UAAU,CAAC;QAC5B,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;QAEpC,uBAAuB;QACvB,MAAM,UAAU,GAAmC;YACjD,QAAQ,EAAE,CAAC;YACX,IAAI,EAAE,CAAC;YACP,MAAM,EAAE,CAAC;YACT,GAAG,EAAE,CAAC;SACP,CAAC;QACF,MAAM,UAAU,GAA2B,EAAE,CAAC;QAE9C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9B,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvE,CAAC;QAED,MAAM,aAAa,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;QACpE,MAAM,iBAAiB,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,MAAM,CAAC;QAEzE,sCAAsC;QACtC,MAAM,wBAAwB,GAAG,IAAI,CAAC,gCAAgC,CAAC,OAAO,CAAC,CAAC;QAEhF,OAAO;YACL,SAAS;YACT,YAAY,EAAE,KAAK,CAAC,MAAM;YAC1B,cAAc;YACd,OAAO;YACP,UAAU;YACV,UAAU;YACV,aAAa;YACb,iBAAiB;YACjB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YAClC,wBAAwB;SACzB,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,KAAK,CAAC,QAAQ,CAAC,QAAgB,EAAE,OAAe;QAC9C,MAAM,OAAO,GAAqB,EAAE,CAAC;QAErC,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YACnD,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;YACtD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YAElC,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,GAAG,KAAK,CAAC,MAAM,EAAE,OAAO,EAAE,EAAE,CAAC;gBACxD,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,CAAC,CAAC;gBAC5B,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,YAAY,EAAE,OAAO,GAAG,CAAC,CAAC,CAAC;gBACnE,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,gCAAgC;QAClC,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,QAAQ,CACd,IAAY,EACZ,IAAY,EACZ,OAAe,EACf,MAAe,EACf,MAAe,EACf,UAAmB;QAEnB,MAAM,OAAO,GAAqB,EAAE,CAAC;QAErC,2BAA2B;QAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QAErC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,2CAA2C;YAC3C,IAAI,OAAO,CAAC,QAAQ,EAAE,MAAM,EAAE,CAAC;gBAC7B,MAAM,UAAU,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAC7C,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CACpC,CAAC;gBACF,IAAI,CAAC,UAAU;oBAAE,SAAS;YAC5B,CAAC;YAED,4CAA4C;YAC5C,OAAO,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;YAE9B,IAAI,KAA6B,CAAC;YAClC,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACrD,MAAM,WAAW,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;gBAE7B,gCAAgC;gBAChC,IAAI,OAAO,CAAC,qBAAqB,EAAE,MAAM,EAAE,CAAC;oBAC1C,MAAM,eAAe,GAAG,OAAO,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAChE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CACd,CAAC;oBACF,IAAI,eAAe;wBAAE,SAAS;gBAChC,CAAC;gBAED,2BAA2B;gBAC3B,IAAI,OAAO,CAAC,SAAS,IAAI,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;oBACzD,SAAS;gBACX,CAAC;gBAED,OAAO,CAAC,IAAI,CAAC;oBACX,SAAS,EAAE,OAAO,CAAC,EAAE;oBACrB,WAAW,EAAE,OAAO,CAAC,IAAI;oBACzB,IAAI;oBACJ,IAAI,EAAE,OAAO;oBACb,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,KAAK,EAAE,IAAI,CAAC,YAAY,CAAC,WAAW,CAAC;oBACrC,WAAW,EAAE,IAAI,CAAC,YAAY,CAAC,IAAI,CAAC;oBACpC,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,MAAM;oBACN,MAAM;oBACN,UAAU;oBACV,aAAa,EAAE,KAAK,EAAE,wBAAwB;iBAC/C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,KAAK,CAAC,cAAc,CAC1B,SAAiB,EACjB,QAAsB;QAEtB,MAAM,OAAO,GAAqB,EAAE,CAAC;QACrC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,GAAG,CAAC;QAElD,IAAI,CAAC;YACH,oBAAoB;YACpB,MAAM,OAAO,GAAG,QAAQ,CACtB,WAAW,SAAS,0BAA0B,UAAU,EAAE,EAC1D,EAAE,QAAQ,EAAE,OAAO,EAAE,CACtB;iBACE,IAAI,EAAE;iBACN,KAAK,CAAC,IAAI,CAAC;iBACX,MAAM,CAAC,OAAO,CAAC,CAAC;YAEnB,QAAQ,CAAC,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;YACvC,QAAQ,CAAC,cAAc,GAAG,CAAC,CAAC;YAE5B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,kBAAkB;gBAClB,MAAM,UAAU,GAAG,QAAQ,CACzB,WAAW,SAAS,+BAA+B,MAAM,EAAE,EAC3D,EAAE,QAAQ,EAAE,OAAO,EAAE,CACtB,CAAC,IAAI,EAAE,CAAC;gBACT,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,GAAG,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;gBAEnD,2BAA2B;gBAC3B,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,QAAQ,CACnB,WAAW,SAAS,oCAAoC,MAAM,EAAE,EAChE,EAAE,QAAQ,EAAE,OAAO,EAAE,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI,EAAE,CACnD,CAAC;oBAEF,kCAAkC;oBAClC,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,MAAM,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;oBACpE,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;gBAC/B,CAAC;gBAAC,MAAM,CAAC;oBACP,oCAAoC;gBACtC,CAAC;gBAED,QAAQ,CAAC,cAAe,EAAE,CAAC;gBAC3B,QAAQ,CAAC,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;gBACvC,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,CAAC,QAAQ,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;QAC5B,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,QAAQ,CACd,IAAY,EACZ,MAAc,EACd,MAAc,EACd,UAAkB;QAElB,MAAM,OAAO,GAAqB,EAAE,CAAC;QACrC,IAAI,WAAW,GAAG,EAAE,CAAC;QACrB,IAAI,OAAO,GAAG,CAAC,CAAC;QAEhB,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAC/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,qBAAqB;YACrB,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC9B,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5B,OAAO,GAAG,CAAC,CAAC;gBACZ,SAAS;YACX,CAAC;YAED,uCAAuC;YACvC,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,2BAA2B,CAAC,CAAC;YAC1D,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;gBACzC,SAAS;YACX,CAAC;YAED,wBAAwB;YACxB,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBACpD,OAAO,EAAE,CAAC;gBACV,MAAM,OAAO,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,wBAAwB;gBACvD,MAAM,WAAW,GAAG,IAAI,CAAC,QAAQ,CAC/B,OAAO,EACP,WAAW,EACX,OAAO,EACP,MAAM,EACN,MAAM,EACN,UAAU,CACX,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,CAAC;YAC/B,CAAC;iBAAM,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACjC,OAAO,EAAE,CAAC;YACZ,CAAC;QACH,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,QAAQ,CAAC,SAAiB;QAChC,MAAM,KAAK,GAAa,EAAE,CAAC;QAC3B,MAAM,eAAe,GAAG;YACtB,cAAc;YACd,OAAO;YACP,MAAM;YACN,OAAO;YACP,SAAS;YACT,QAAQ;YACR,SAAS;YACT,qBAAqB;YACrB,aAAa;YACb,SAAS;YACT,SAAS;YACT,UAAU;YACV,SAAS;YACT,SAAS;YACT,SAAS;YACT,YAAY;YACZ,SAAS;YACT,SAAS;YACT,YAAY;YACZ,SAAS;YACT,SAAS;YACT,SAAS;YACT,SAAS;YACT,SAAS;YACT,SAAS;YACT,QAAQ;YACR,UAAU;SACX,CAAC;QAEF,MAAM,IAAI,GAAG,CAAC,GAAW,EAAE,EAAE;YAC3B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;gBAC7D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;oBAC5B,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;oBAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC,CAAC;oBAExD,yBAAyB;oBACzB,IAAI,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,EAAE,CAAC;wBACtD,SAAS;oBACX,CAAC;oBAED,gCAAgC;oBAChC,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;wBACtC,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAC/D,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CACvC,CAAC;wBACF,IAAI,aAAa;4BAAE,SAAS;oBAC9B,CAAC;oBAED,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;wBACxB,IAAI,CAAC,QAAQ,CAAC,CAAC;oBACjB,CAAC;yBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;wBAC1B,gCAAgC;wBAChC,IAAI,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,MAAM,EAAE,CAAC;4BACtC,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAC/D,IAAI,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CACvC,CAAC;4BACF,IAAI,CAAC,aAAa;gCAAE,SAAS;wBAC/B,CAAC;wBAED,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;oBACvB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,sCAAsC;YACxC,CAAC;QACH,CAAC,CAAC;QAEF,IAAI,CAAC,SAAS,CAAC,CAAC;QAChB,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,SAAS,CAAC,SAAiB;QACjC,IAAI,CAAC;YACH,QAAQ,CAAC,WAAW,SAAS,uBAAuB,EAAE;gBACpD,QAAQ,EAAE,OAAO;gBACjB,KAAK,EAAE,MAAM;aACd,CAAC,CAAC;YACH,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,KAAK,CAAC;QACf,CAAC;IACH,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,MAAc;QACjC,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACvB,OAAO,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACnC,CAAC;QACD,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;QAChE,OAAO,CACL,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC;YAC7B,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,GAAG,YAAY,GAAG,CAAC,CAAC;YAC5C,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAC5B,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,YAAY,CAAC,IAAY,EAAE,SAAS,GAAG,GAAG;QAChD,IAAI,IAAI,CAAC,MAAM,IAAI,SAAS;YAAE,OAAO,IAAI,CAAC;QAC1C,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,SAAS,CAAC,GAAG,KAAK,CAAC;IAC1C,CAAC;IAED;;OAEG;IACK,gCAAgC,CACtC,OAAyB;QAEzB,MAAM,eAAe,GAAgB,IAAI,GAAG,EAAE,CAAC;QAE/C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;YAC7B,MAAM,IAAI,GAAG,MAAM,CAAC,IAAI,CAAC;YAEzB,iCAAiC;YACjC,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;gBAC7B,eAAe,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YACvC,CAAC;YACD,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAChC,eAAe,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC;YACzC,CAAC;YACD,IAAI,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,eAAe,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC;YACrC,CAAC;YACD,IAAI,iBAAiB,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACjC,eAAe,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;YACnC,CAAC;YACD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACpC,CAAC;YACD,IAAI,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC7B,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;YACpC,CAAC;YACD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACxB,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;YAC/B,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,eAAe,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC5B,eAAe,CAAC,GAAG,CAAC,YAAY,CAAC,CAAC;QAClC,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAC7B,eAAe,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC;QAE7B,OAAO,CAAC,GAAG,eAAe,CAAC,CAAC,IAAI,EAAE,CAAC;IACrC,CAAC;CACF;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc,CAClC,SAAiB,EACjB,UAA6B,EAAE;IAE/B,MAAM,OAAO,GAAG,IAAI,aAAa,CAAC,OAAO,CAAC,CAAC;IAC3C,OAAO,OAAO,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;AACjC,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,SAAiB;IAEjB,OAAO,cAAc,CAAC,SAAS,EAAE;QAC/B,WAAW,EAAE,KAAK;QAClB,WAAW,EAAE,QAAQ;KACtB,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,MAAwB;IACzD,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,SAAS,EAAE,CAAC,CAAC;IAC7C,KAAK,CAAC,IAAI,CAAC,kBAAkB,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;IACpD,KAAK,CAAC,IAAI,CAAC,oBAAoB,MAAM,CAAC,cAAc,EAAE,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,UAAU,IAAI,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,UAAU;IACV,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACtB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,wBAAwB,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IAC5D,KAAK,CAAC,IAAI,CAAC,uBAAuB,MAAM,CAAC,aAAa,EAAE,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,CAAC,sBAAsB,MAAM,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC7D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,UAAU,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxD,KAAK,CAAC,IAAI,CAAC,WAAW,MAAM,CAAC,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,UAAU,CAAC,MAAM,EAAE,CAAC,CAAC;IACpD,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,UAAU,CAAC,GAAG,EAAE,CAAC,CAAC;IAC9C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;IAC3B,KAAK,MAAM,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC;QAClE,KAAK,CAAC,IAAI,CAAC,KAAK,QAAQ,KAAK,KAAK,EAAE,CAAC,CAAC;IACxC,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,oBAAoB;IACpB,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAE3B,oBAAoB;QACpB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoC,CAAC;QAC5D,KAAK,MAAM,MAAM,IAAI,MAAM,CAAC,OAAO,EAAE,CAAC;YACpC,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YAChD,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACrC,CAAC;QAED,KAAK,MAAM,QAAQ,IAAI,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAqB,EAAE,CAAC;YACjF,MAAM,OAAO,GAAG,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;YACtC,IAAI,CAAC,OAAO,EAAE,MAAM;gBAAE,SAAS;YAE/B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,IAAI,QAAQ,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC;YAC1C,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACf,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,WAAW,KAAK,MAAM,CAAC,QAAQ,GAAG,CAAC,CAAC;gBAC3D,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,IAAI,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;gBACvE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC;gBACzC,IAAI,MAAM,CAAC,MAAM,EAAE,CAAC;oBAClB,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;oBACvD,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;oBAC3C,KAAK,CAAC,IAAI,CAAC,aAAa,MAAM,CAAC,UAAU,EAAE,CAAC,CAAC;gBAC/C,CAAC;gBACD,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;YAC9E,CAAC;QACH,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,IAAI,MAAM,CAAC,wBAAwB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QACzC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,wCAAwC,CAAC,CAAC;QACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,wBAAwB,EAAE,CAAC;YACtD,KAAK,CAAC,IAAI,CAAC,KAAK,OAAO,EAAE,CAAC,CAAC;QAC7B,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/dist/security-scan/index.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Security Scan Module
+ *
+ * Provides continuous security scanning capabilities with:
+ * - Repository scanning (Git clone → analyze → report)
+ * - OWASP Top 10 mapping
+ * - Trend tracking over time
+ */
+export { SecurityScanner, scanRepository, scanDirectory, quickScan, formatScanReport, type ScanOptions, type ScanProgress, type ScanResult, type ScanMeta, type ScanFinding, type OWASPSummary, type ScanSummary, type FileResult, } from './scanner.js';
+export { getOWASPMapping, getCWEsForOWASPCategory, getOWASPCategoryByRank, getOWASPCategoryDescription, type OWASPCategory, type OWASPMapping, } from './owasp-mapping.js';
+export { TrendTracker, getTrendTracker, trackScan, type TrendData, type StoredScan, type TrendComparison, type TrendSummary, } from './trend-tracker.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/security-scan/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/security-scan/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,EACL,eAAe,EACf,cAAc,EACd,aAAa,EACb,SAAS,EACT,gBAAgB,EAChB,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,UAAU,EACf,KAAK,QAAQ,EACb,KAAK,WAAW,EAChB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,UAAU,GAChB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,eAAe,EACf,uBAAuB,EACvB,sBAAsB,EACtB,2BAA2B,EAC3B,KAAK,aAAa,EAClB,KAAK,YAAY,GAClB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,YAAY,EACZ,eAAe,EACf,SAAS,EACT,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,eAAe,EACpB,KAAK,YAAY,GAClB,MAAM,oBAAoB,CAAC"}

package/dist/security-scan/index.js

@@ -0,0 +1,15 @@
+/**
+ * Security Scan Module
+ *
+ * Provides continuous security scanning capabilities with:
+ * - Repository scanning (Git clone → analyze → report)
+ * - OWASP Top 10 mapping
+ * - Trend tracking over time
+ */
+// Scanner
+export { SecurityScanner, scanRepository, scanDirectory, quickScan, formatScanReport, } from './scanner.js';
+// OWASP Mapping
+export { getOWASPMapping, getCWEsForOWASPCategory, getOWASPCategoryByRank, getOWASPCategoryDescription, } from './owasp-mapping.js';
+// Trend Tracking
+export { TrendTracker, getTrendTracker, trackScan, } from './trend-tracker.js';
+//# sourceMappingURL=index.js.map

package/dist/security-scan/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/security-scan/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,UAAU;AACV,OAAO,EACL,eAAe,EACf,cAAc,EACd,aAAa,EACb,SAAS,EACT,gBAAgB,GASjB,MAAM,cAAc,CAAC;AAEtB,gBAAgB;AAChB,OAAO,EACL,eAAe,EACf,uBAAuB,EACvB,sBAAsB,EACtB,2BAA2B,GAG5B,MAAM,oBAAoB,CAAC;AAE5B,iBAAiB;AACjB,OAAO,EACL,YAAY,EACZ,eAAe,EACf,SAAS,GAKV,MAAM,oBAAoB,CAAC"}

package/dist/security-scan/owasp-mapping.d.ts

@@ -0,0 +1,29 @@
+/**
+ * OWASP Top 10 Mapping
+ *
+ * Maps CWE IDs to OWASP Top 10 2021 categories.
+ * Reference: https://owasp.org/Top10/
+ */
+export type OWASPCategory = 'A01:2021-Broken Access Control' | 'A02:2021-Cryptographic Failures' | 'A03:2021-Injection' | 'A04:2021-Insecure Design' | 'A05:2021-Security Misconfiguration' | 'A06:2021-Vulnerable and Outdated Components' | 'A07:2021-Identification and Authentication Failures' | 'A08:2021-Software and Data Integrity Failures' | 'A09:2021-Security Logging and Monitoring Failures' | 'A10:2021-Server-Side Request Forgery' | 'Unknown';
+export interface OWASPMapping {
+    category: OWASPCategory;
+    rank: number;
+    description: string;
+}
+/**
+ * Get OWASP Top 10 mapping for a CWE ID.
+ */
+export declare function getOWASPMapping(cweId: string): OWASPMapping;
+/**
+ * Get all CWE IDs for an OWASP category.
+ */
+export declare function getCWEsForOWASPCategory(category: OWASPCategory): string[];
+/**
+ * Get OWASP category by rank (1-10).
+ */
+export declare function getOWASPCategoryByRank(rank: number): OWASPCategory | null;
+/**
+ * Get a short description of an OWASP category.
+ */
+export declare function getOWASPCategoryDescription(category: OWASPCategory): string;
+//# sourceMappingURL=owasp-mapping.d.ts.map

package/dist/security-scan/owasp-mapping.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"owasp-mapping.d.ts","sourceRoot":"","sources":["../../src/security-scan/owasp-mapping.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,MAAM,MAAM,aAAa,GACrB,gCAAgC,GAChC,iCAAiC,GACjC,oBAAoB,GACpB,0BAA0B,GAC1B,oCAAoC,GACpC,6CAA6C,GAC7C,qDAAqD,GACrD,+CAA+C,GAC/C,mDAAmD,GACnD,sCAAsC,GACtC,SAAS,CAAC;AAEd,MAAM,WAAW,YAAY;IAC3B,QAAQ,EAAE,aAAa,CAAC;IACxB,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;CACrB;AAmLD;;GAEG;AACH,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,YAAY,CA2B3D;AAED;;GAEG;AACH,wBAAgB,uBAAuB,CAAC,QAAQ,EAAE,aAAa,GAAG,MAAM,EAAE,CAIzE;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,IAAI,EAAE,MAAM,GAAG,aAAa,GAAG,IAAI,CAezE;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,QAAQ,EAAE,aAAa,GAAG,MAAM,CAgB3E"}