circle-ir-ai 1.1.0

package/dist/security-scan/owasp-mapping.js

@@ -0,0 +1,246 @@
+/**
+ * OWASP Top 10 Mapping
+ *
+ * Maps CWE IDs to OWASP Top 10 2021 categories.
+ * Reference: https://owasp.org/Top10/
+ */
+/**
+ * CWE to OWASP Top 10 2021 mapping.
+ * Based on official OWASP mapping: https://owasp.org/Top10/A00_2021_How_to_use_the_OWASP_Top_10_as_a_Standard/
+ */
+const CWE_TO_OWASP = {
+    // A01:2021-Broken Access Control
+    'CWE-022': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Path Traversal' },
+    'CWE-023': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Relative Path Traversal' },
+    'CWE-035': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Path Traversal' },
+    'CWE-200': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Exposure of Sensitive Information' },
+    'CWE-201': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Insertion of Sensitive Information Into Sent Data' },
+    'CWE-219': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Storage of File with Sensitive Data Under Web Root' },
+    'CWE-264': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Permissions, Privileges, and Access Controls' },
+    'CWE-275': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Permission Issues' },
+    'CWE-276': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Incorrect Default Permissions' },
+    'CWE-284': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Improper Access Control' },
+    'CWE-285': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Improper Authorization' },
+    'CWE-352': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Cross-Site Request Forgery (CSRF)' },
+    'CWE-359': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Exposure of Private Personal Information' },
+    'CWE-425': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Direct Request' },
+    'CWE-548': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Exposure of Information Through Directory Listing' },
+    'CWE-552': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Files or Directories Accessible to External Parties' },
+    'CWE-566': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Authorization Bypass Through User-Controlled SQL Primary Key' },
+    'CWE-601': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'URL Redirection to Untrusted Site' },
+    'CWE-639': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Authorization Bypass Through User-Controlled Key' },
+    'CWE-651': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Exposure of WSDL File Containing Sensitive Information' },
+    'CWE-668': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Exposure of Resource to Wrong Sphere' },
+    'CWE-706': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Use of Incorrectly-Resolved Name or Reference' },
+    'CWE-862': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Missing Authorization' },
+    'CWE-863': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Incorrect Authorization' },
+    'CWE-913': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Improper Control of Dynamically-Managed Code Resources' },
+    'CWE-922': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Insecure Storage of Sensitive Information' },
+    'CWE-1275': { category: 'A01:2021-Broken Access Control', rank: 1, description: 'Sensitive Cookie with Improper SameSite Attribute' },
+    // A02:2021-Cryptographic Failures
+    'CWE-261': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Weak Encoding for Password' },
+    'CWE-296': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Improper Following of Chain of Trust for Certificate Validation' },
+    'CWE-310': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Cryptographic Issues' },
+    'CWE-319': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Cleartext Transmission of Sensitive Information' },
+    'CWE-321': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of Hard-coded Cryptographic Key' },
+    'CWE-322': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Key Exchange without Entity Authentication' },
+    'CWE-323': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Reusing a Nonce, Key Pair in Encryption' },
+    'CWE-324': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of a Key Past its Expiration Date' },
+    'CWE-325': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Missing Cryptographic Step' },
+    'CWE-326': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Inadequate Encryption Strength' },
+    'CWE-327': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of Broken/Risky Cryptographic Algorithm' },
+    'CWE-328': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Reversible One-Way Hash' },
+    'CWE-329': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Not Using an Unpredictable IV with CBC Mode' },
+    'CWE-330': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of Insufficiently Random Values' },
+    'CWE-331': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Insufficient Entropy' },
+    'CWE-335': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Incorrect Usage of Seeds in Pseudo-Random Number Generator' },
+    'CWE-336': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Same Seed in Pseudo-Random Number Generator' },
+    'CWE-338': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of Cryptographically Weak PRNG' },
+    'CWE-340': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Generation of Predictable Numbers or Identifiers' },
+    'CWE-347': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Improper Verification of Cryptographic Signature' },
+    'CWE-523': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Unprotected Transport of Credentials' },
+    'CWE-757': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Selection of Less-Secure Algorithm During Negotiation' },
+    'CWE-759': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of a One-Way Hash without a Salt' },
+    'CWE-760': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of a One-Way Hash with a Predictable Salt' },
+    'CWE-780': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of RSA Algorithm without OAEP' },
+    'CWE-916': { category: 'A02:2021-Cryptographic Failures', rank: 2, description: 'Use of Password Hash With Insufficient Computational Effort' },
+    // A03:2021-Injection
+    'CWE-020': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Input Validation' },
+    'CWE-074': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Special Elements in Output Used by a Downstream Component' },
+    'CWE-075': { category: 'A03:2021-Injection', rank: 3, description: 'Failure to Sanitize Special Elements into a Different Plane' },
+    'CWE-077': { category: 'A03:2021-Injection', rank: 3, description: 'Command Injection' },
+    'CWE-078': { category: 'A03:2021-Injection', rank: 3, description: 'OS Command Injection' },
+    'CWE-079': { category: 'A03:2021-Injection', rank: 3, description: 'Cross-site Scripting (XSS)' },
+    'CWE-080': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Script-Related HTML Tags' },
+    'CWE-083': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Script in Attributes' },
+    'CWE-087': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Alternate XSS Syntax' },
+    'CWE-088': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Argument Delimiters' },
+    'CWE-089': { category: 'A03:2021-Injection', rank: 3, description: 'SQL Injection' },
+    'CWE-090': { category: 'A03:2021-Injection', rank: 3, description: 'LDAP Injection' },
+    'CWE-091': { category: 'A03:2021-Injection', rank: 3, description: 'XML Injection' },
+    'CWE-093': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of CRLF Sequences' },
+    'CWE-094': { category: 'A03:2021-Injection', rank: 3, description: 'Code Injection' },
+    'CWE-095': { category: 'A03:2021-Injection', rank: 3, description: 'Eval Injection' },
+    'CWE-096': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Directives in Statically Saved Code' },
+    'CWE-097': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Server-Side Includes' },
+    'CWE-098': { category: 'A03:2021-Injection', rank: 3, description: 'PHP Remote File Inclusion' },
+    'CWE-099': { category: 'A03:2021-Injection', rank: 3, description: 'Resource Injection' },
+    'CWE-113': { category: 'A03:2021-Injection', rank: 3, description: 'HTTP Response Splitting' },
+    'CWE-116': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Encoding or Escaping of Output' },
+    'CWE-138': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of Special Elements' },
+    'CWE-564': { category: 'A03:2021-Injection', rank: 3, description: 'SQL Injection: Hibernate' },
+    'CWE-643': { category: 'A03:2021-Injection', rank: 3, description: 'XPath Injection' },
+    'CWE-644': { category: 'A03:2021-Injection', rank: 3, description: 'Improper Neutralization of HTTP Headers' },
+    'CWE-652': { category: 'A03:2021-Injection', rank: 3, description: 'XQuery Injection' },
+    'CWE-917': { category: 'A03:2021-Injection', rank: 3, description: 'Expression Language Injection' },
+    'CWE-1236': { category: 'A03:2021-Injection', rank: 3, description: 'CSV Injection' },
+    // A04:2021-Insecure Design
+    'CWE-209': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Generation of Error Message Containing Sensitive Information' },
+    'CWE-256': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Plaintext Storage of a Password' },
+    'CWE-501': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Trust Boundary Violation' },
+    'CWE-522': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Insufficiently Protected Credentials' },
+    'CWE-602': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Client-Side Enforcement of Server-Side Security' },
+    'CWE-656': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Reliance on Security Through Obscurity' },
+    'CWE-799': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Improper Control of Interaction Frequency' },
+    'CWE-840': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Business Logic Errors' },
+    'CWE-841': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Improper Enforcement of Behavioral Workflow' },
+    'CWE-927': { category: 'A04:2021-Insecure Design', rank: 4, description: 'Use of Implicit Intent for Sensitive Communication' },
+    // A05:2021-Security Misconfiguration
+    'CWE-002': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Environment Issues' },
+    'CWE-011': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'ASP.NET Misconfiguration' },
+    'CWE-013': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'ASP.NET Misconfiguration: Password in Configuration File' },
+    'CWE-015': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'External Control of System or Configuration Setting' },
+    'CWE-016': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Configuration' },
+    'CWE-260': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Password in Configuration File' },
+    'CWE-315': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Cleartext Storage of Sensitive Information in a Cookie' },
+    'CWE-520': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: '.NET Misconfiguration: Use of Impersonation' },
+    'CWE-526': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Exposure of Sensitive Information Through Environmental Variables' },
+    'CWE-537': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Java Runtime Error Message Containing Sensitive Information' },
+    'CWE-541': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Inclusion of Sensitive Information in an Include File' },
+    'CWE-547': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Use of Hard-coded, Security-relevant Constants' },
+    'CWE-611': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'XML External Entity (XXE)' },
+    'CWE-614': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: "Sensitive Cookie Without 'Secure' Attribute" },
+    'CWE-756': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Missing Custom Error Page' },
+    'CWE-776': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Improper Restriction of Recursive Entity References' },
+    'CWE-942': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'Permissive Cross-domain Policy with Untrusted Domains' },
+    'CWE-1004': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: "Sensitive Cookie Without 'HttpOnly' Flag" },
+    'CWE-1032': { category: 'A05:2021-Security Misconfiguration', rank: 5, description: 'OWASP Top Ten 2017 Category A6' },
+    // A06:2021-Vulnerable and Outdated Components (usually detected by SCA tools)
+    'CWE-937': { category: 'A06:2021-Vulnerable and Outdated Components', rank: 6, description: 'Using Components with Known Vulnerabilities' },
+    'CWE-1035': { category: 'A06:2021-Vulnerable and Outdated Components', rank: 6, description: 'Using Components with Known Vulnerabilities' },
+    // A07:2021-Identification and Authentication Failures
+    'CWE-255': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Credentials Management Errors' },
+    'CWE-259': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Use of Hard-coded Password' },
+    'CWE-287': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Improper Authentication' },
+    'CWE-288': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Authentication Bypass Using an Alternate Path or Channel' },
+    'CWE-290': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Authentication Bypass by Spoofing' },
+    'CWE-294': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Authentication Bypass by Capture-replay' },
+    'CWE-295': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Improper Certificate Validation' },
+    'CWE-297': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Improper Validation of Certificate with Host Mismatch' },
+    'CWE-300': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Channel Accessible by Non-Endpoint' },
+    'CWE-302': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Authentication Bypass by Assumed-Immutable Data' },
+    'CWE-304': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Missing Critical Step in Authentication' },
+    'CWE-306': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Missing Authentication for Critical Function' },
+    'CWE-307': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Improper Restriction of Excessive Authentication Attempts' },
+    'CWE-308': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Use of Single-factor Authentication' },
+    'CWE-384': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Session Fixation' },
+    'CWE-521': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Weak Password Requirements' },
+    'CWE-613': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Insufficient Session Expiration' },
+    'CWE-620': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Unverified Password Change' },
+    'CWE-640': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Weak Password Recovery Mechanism' },
+    'CWE-798': { category: 'A07:2021-Identification and Authentication Failures', rank: 7, description: 'Use of Hard-coded Credentials' },
+    // A08:2021-Software and Data Integrity Failures
+    'CWE-345': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Insufficient Verification of Data Authenticity' },
+    'CWE-353': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Missing Support for Integrity Check' },
+    'CWE-426': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Untrusted Search Path' },
+    'CWE-427': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Uncontrolled Search Path Element' },
+    'CWE-428': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Unquoted Search Path or Element' },
+    'CWE-470': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Use of Externally-Controlled Input to Select Classes or Code' },
+    'CWE-494': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Download of Code Without Integrity Check' },
+    'CWE-502': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Deserialization of Untrusted Data' },
+    'CWE-565': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Reliance on Cookies without Validation and Integrity' },
+    'CWE-784': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Reliance on Cookies without Validation and Integrity Checking' },
+    'CWE-829': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Inclusion of Functionality from Untrusted Control Sphere' },
+    'CWE-830': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Inclusion of Web Functionality from an Untrusted Source' },
+    'CWE-915': { category: 'A08:2021-Software and Data Integrity Failures', rank: 8, description: 'Improperly Controlled Modification of Dynamically-Determined Object Attributes' },
+    // A09:2021-Security Logging and Monitoring Failures
+    'CWE-117': { category: 'A09:2021-Security Logging and Monitoring Failures', rank: 9, description: 'Improper Output Neutralization for Logs' },
+    'CWE-223': { category: 'A09:2021-Security Logging and Monitoring Failures', rank: 9, description: 'Omission of Security-relevant Information' },
+    'CWE-532': { category: 'A09:2021-Security Logging and Monitoring Failures', rank: 9, description: 'Insertion of Sensitive Information into Log File' },
+    'CWE-778': { category: 'A09:2021-Security Logging and Monitoring Failures', rank: 9, description: 'Insufficient Logging' },
+    // A10:2021-Server-Side Request Forgery
+    'CWE-918': { category: 'A10:2021-Server-Side Request Forgery', rank: 10, description: 'Server-Side Request Forgery (SSRF)' },
+};
+/**
+ * Get OWASP Top 10 mapping for a CWE ID.
+ */
+export function getOWASPMapping(cweId) {
+    // Normalize CWE ID format
+    const normalizedCwe = cweId.toUpperCase().replace(/^CWE-?/, 'CWE-');
+    // Try exact match
+    if (CWE_TO_OWASP[normalizedCwe]) {
+        return CWE_TO_OWASP[normalizedCwe];
+    }
+    // Try without leading zeros (CWE-089 vs CWE-89)
+    const numericPart = normalizedCwe.replace('CWE-', '');
+    const withoutLeadingZeros = 'CWE-' + parseInt(numericPart, 10);
+    if (CWE_TO_OWASP[withoutLeadingZeros]) {
+        return CWE_TO_OWASP[withoutLeadingZeros];
+    }
+    // Try with leading zeros (CWE-22 vs CWE-022)
+    const withLeadingZeros = 'CWE-' + numericPart.padStart(3, '0');
+    if (CWE_TO_OWASP[withLeadingZeros]) {
+        return CWE_TO_OWASP[withLeadingZeros];
+    }
+    return {
+        category: 'Unknown',
+        rank: 0,
+        description: `Unknown CWE: ${cweId}`,
+    };
+}
+/**
+ * Get all CWE IDs for an OWASP category.
+ */
+export function getCWEsForOWASPCategory(category) {
+    return Object.entries(CWE_TO_OWASP)
+        .filter(([_, mapping]) => mapping.category === category)
+        .map(([cwe]) => cwe);
+}
+/**
+ * Get OWASP category by rank (1-10).
+ */
+export function getOWASPCategoryByRank(rank) {
+    const categories = [
+        'A01:2021-Broken Access Control',
+        'A02:2021-Cryptographic Failures',
+        'A03:2021-Injection',
+        'A04:2021-Insecure Design',
+        'A05:2021-Security Misconfiguration',
+        'A06:2021-Vulnerable and Outdated Components',
+        'A07:2021-Identification and Authentication Failures',
+        'A08:2021-Software and Data Integrity Failures',
+        'A09:2021-Security Logging and Monitoring Failures',
+        'A10:2021-Server-Side Request Forgery',
+    ];
+    return categories[rank - 1] || null;
+}
+/**
+ * Get a short description of an OWASP category.
+ */
+export function getOWASPCategoryDescription(category) {
+    const descriptions = {
+        'A01:2021-Broken Access Control': 'Restrictions on what authenticated users can do are not properly enforced.',
+        'A02:2021-Cryptographic Failures': 'Failures related to cryptography which often lead to exposure of sensitive data.',
+        'A03:2021-Injection': 'Hostile data is sent to an interpreter as part of a command or query.',
+        'A04:2021-Insecure Design': 'Risks related to design and architectural flaws.',
+        'A05:2021-Security Misconfiguration': 'Missing appropriate security hardening or improperly configured permissions.',
+        'A06:2021-Vulnerable and Outdated Components': 'Using components with known vulnerabilities.',
+        'A07:2021-Identification and Authentication Failures': 'Confirmation of user identity, authentication, and session management.',
+        'A08:2021-Software and Data Integrity Failures': 'Code and infrastructure that does not protect against integrity violations.',
+        'A09:2021-Security Logging and Monitoring Failures': 'Failures in logging and monitoring activities.',
+        'A10:2021-Server-Side Request Forgery': 'Fetching a remote resource without validating the user-supplied URL.',
+        'Unknown': 'Unknown or unmapped vulnerability category.',
+    };
+    return descriptions[category] || 'Unknown category.';
+}
+//# sourceMappingURL=owasp-mapping.js.map

package/dist/security-scan/owasp-mapping.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"owasp-mapping.js","sourceRoot":"","sources":["../../src/security-scan/owasp-mapping.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAqBH;;;GAGG;AACH,MAAM,YAAY,GAAiC;IACjD,iCAAiC;IACjC,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE;IACjG,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC1G,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE;IACjG,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACpH,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mDAAmD,EAAE;IACpI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,oDAAoD,EAAE;IACrI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,8CAA8C,EAAE;IAC/H,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mBAAmB,EAAE;IACpG,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE;IAChH,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC1G,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,wBAAwB,EAAE;IACzG,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACpH,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0CAA0C,EAAE;IAC3H,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE;IACjG,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mDAAmD,EAAE;IACpI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qDAAqD,EAAE;IACtI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,8DAA8D,EAAE;IAC/I,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACpH,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kDAAkD,EAAE;IACnI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,wDAAwD,EAAE;IACzI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE;IACvH,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+CAA+C,EAAE;IAChI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE;IACxG,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC1G,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,wDAAwD,EAAE;IACzI,SAAS,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE;IAC5H,UAAU,EAAE,EAAE,QAAQ,EAAE,gCAAgC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mDAAmD,EAAE;IAErI,kCAAkC;IAClC,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC9G,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iEAAiE,EAAE;IACnJ,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE;IACxG,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACnI,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qCAAqC,EAAE;IACvH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4CAA4C,EAAE;IAC9H,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC3H,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uCAAuC,EAAE;IACzH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC9G,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE;IAClH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAC/H,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC3G,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAC/H,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qCAAqC,EAAE;IACvH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE;IACxG,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4DAA4D,EAAE;IAC9I,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAC/H,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE;IACtH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kDAAkD,EAAE;IACpI,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kDAAkD,EAAE;IACpI,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE;IACxH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uDAAuD,EAAE;IACzI,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE;IACxH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+CAA+C,EAAE;IACjI,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACrH,SAAS,EAAE,EAAE,QAAQ,EAAE,iCAAiC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6DAA6D,EAAE;IAE/I,qBAAqB;IACrB,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAChG,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sFAAsF,EAAE;IAC3J,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6DAA6D,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mBAAmB,EAAE;IACxF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE;IAC3F,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE;IACjG,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qDAAqD,EAAE;IAC1H,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACtH,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACtH,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gDAAgD,EAAE;IACrH,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE;IACpF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE;IACrF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE;IACpF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE;IAChH,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE;IACrF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gBAAgB,EAAE;IACrF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gEAAgE,EAAE;IACrI,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACtH,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAChG,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE;IACzF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC9F,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC9G,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAClH,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE;IAC/F,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iBAAiB,EAAE;IACtF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC9G,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE;IACvF,SAAS,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACpG,UAAU,EAAE,EAAE,QAAQ,EAAE,oBAAoB,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE;IAErF,2BAA2B;IAC3B,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,8DAA8D,EAAE;IACzI,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE;IAC5G,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE;IACrG,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sCAAsC,EAAE;IACjH,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IAC5H,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,wCAAwC,EAAE;IACnH,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE;IACtH,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE;IAClG,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IACxH,SAAS,EAAE,EAAE,QAAQ,EAAE,0BAA0B,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,oDAAoD,EAAE;IAE/H,qCAAqC;IACrC,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,oBAAoB,EAAE;IACzG,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0BAA0B,EAAE;IAC/G,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0DAA0D,EAAE;IAC/I,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qDAAqD,EAAE;IAC1I,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,eAAe,EAAE;IACpG,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE;IACrH,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,wDAAwD,EAAE;IAC7I,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mEAAmE,EAAE;IACxJ,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6DAA6D,EAAE;IAClJ,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uDAAuD,EAAE;IAC5I,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gDAAgD,EAAE;IACrI,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAChH,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2BAA2B,EAAE;IAChH,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qDAAqD,EAAE;IAC1I,SAAS,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uDAAuD,EAAE;IAC5I,UAAU,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0CAA0C,EAAE;IAChI,UAAU,EAAE,EAAE,QAAQ,EAAE,oCAAoC,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gCAAgC,EAAE;IAEtH,8EAA8E;IAC9E,SAAS,EAAE,EAAE,QAAQ,EAAE,6CAA6C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAC3I,UAAU,EAAE,EAAE,QAAQ,EAAE,6CAA6C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,6CAA6C,EAAE;IAE5I,sDAAsD;IACtD,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE;IACrI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yBAAyB,EAAE;IAC/H,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0DAA0D,EAAE;IAChK,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACzI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC/I,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE;IACvI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uDAAuD,EAAE;IAC7J,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,oCAAoC,EAAE;IAC1I,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACvJ,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC/I,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,8CAA8C,EAAE;IACpJ,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2DAA2D,EAAE;IACjK,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAC3I,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kBAAkB,EAAE;IACxH,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE;IACvI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kCAAkC,EAAE;IACxI,SAAS,EAAE,EAAE,QAAQ,EAAE,qDAAqD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+BAA+B,EAAE;IAErI,gDAAgD;IAChD,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gDAAgD,EAAE;IAChJ,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,qCAAqC,EAAE;IACrI,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,uBAAuB,EAAE;IACvH,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kCAAkC,EAAE;IAClI,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,iCAAiC,EAAE;IACjI,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,8DAA8D,EAAE;IAC9J,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0CAA0C,EAAE;IAC1I,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,mCAAmC,EAAE;IACnI,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sDAAsD,EAAE;IACtJ,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,+DAA+D,EAAE;IAC/J,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,0DAA0D,EAAE;IAC1J,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yDAAyD,EAAE;IACzJ,SAAS,EAAE,EAAE,QAAQ,EAAE,+CAA+C,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,gFAAgF,EAAE;IAEhL,oDAAoD;IACpD,SAAS,EAAE,EAAE,QAAQ,EAAE,mDAAmD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,yCAAyC,EAAE;IAC7I,SAAS,EAAE,EAAE,QAAQ,EAAE,mDAAmD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,2CAA2C,EAAE;IAC/I,SAAS,EAAE,EAAE,QAAQ,EAAE,mDAAmD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,kDAAkD,EAAE;IACtJ,SAAS,EAAE,EAAE,QAAQ,EAAE,mDAAmD,EAAE,IAAI,EAAE,CAAC,EAAE,WAAW,EAAE,sBAAsB,EAAE;IAE1H,uCAAuC;IACvC,SAAS,EAAE,EAAE,QAAQ,EAAE,sCAAsC,EAAE,IAAI,EAAE,EAAE,EAAE,WAAW,EAAE,oCAAoC,EAAE;CAC7H,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,eAAe,CAAC,KAAa;IAC3C,0BAA0B;IAC1B,MAAM,aAAa,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAEpE,kBAAkB;IAClB,IAAI,YAAY,CAAC,aAAa,CAAC,EAAE,CAAC;QAChC,OAAO,YAAY,CAAC,aAAa,CAAC,CAAC;IACrC,CAAC;IAED,gDAAgD;IAChD,MAAM,WAAW,GAAG,aAAa,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC;IACtD,MAAM,mBAAmB,GAAG,MAAM,GAAG,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IAC/D,IAAI,YAAY,CAAC,mBAAmB,CAAC,EAAE,CAAC;QACtC,OAAO,YAAY,CAAC,mBAAmB,CAAC,CAAC;IAC3C,CAAC;IAED,6CAA6C;IAC7C,MAAM,gBAAgB,GAAG,MAAM,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/D,IAAI,YAAY,CAAC,gBAAgB,CAAC,EAAE,CAAC;QACnC,OAAO,YAAY,CAAC,gBAAgB,CAAC,CAAC;IACxC,CAAC;IAED,OAAO;QACL,QAAQ,EAAE,SAAS;QACnB,IAAI,EAAE,CAAC;QACP,WAAW,EAAE,gBAAgB,KAAK,EAAE;KACrC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,uBAAuB,CAAC,QAAuB;IAC7D,OAAO,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC;SAChC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,KAAK,QAAQ,CAAC;SACvD,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,IAAY;IACjD,MAAM,UAAU,GAAoB;QAClC,gCAAgC;QAChC,iCAAiC;QACjC,oBAAoB;QACpB,0BAA0B;QAC1B,oCAAoC;QACpC,6CAA6C;QAC7C,qDAAqD;QACrD,+CAA+C;QAC/C,mDAAmD;QACnD,sCAAsC;KACvC,CAAC;IAEF,OAAO,UAAU,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC;AACtC,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,2BAA2B,CAAC,QAAuB;IACjE,MAAM,YAAY,GAAkC;QAClD,gCAAgC,EAAE,4EAA4E;QAC9G,iCAAiC,EAAE,kFAAkF;QACrH,oBAAoB,EAAE,uEAAuE;QAC7F,0BAA0B,EAAE,kDAAkD;QAC9E,oCAAoC,EAAE,8EAA8E;QACpH,6CAA6C,EAAE,8CAA8C;QAC7F,qDAAqD,EAAE,wEAAwE;QAC/H,+CAA+C,EAAE,6EAA6E;QAC9H,mDAAmD,EAAE,gDAAgD;QACrG,sCAAsC,EAAE,sEAAsE;QAC9G,SAAS,EAAE,6CAA6C;KACzD,CAAC;IAEF,OAAO,YAAY,CAAC,QAAQ,CAAC,IAAI,mBAAmB,CAAC;AACvD,CAAC"}

package/dist/security-scan/scanner.d.ts

@@ -0,0 +1,204 @@
+/**
+ * Continuous Security Scanner
+ *
+ * Provides automated security scanning for repositories with:
+ * - Git clone → file walker → Circle-IR analysis pipeline
+ * - OWASP Top 10 category mapping
+ * - Summary report with severity, location, confidence
+ * - Trend tracking (store results, compare across runs)
+ */
+import { type Finding, type SupportedLanguage } from 'circle-ir';
+import { type OWASPMapping } from './owasp-mapping.js';
+export interface ScanOptions {
+    /** Repository URL or local path */
+    target: string;
+    /** Branch to scan (default: main or master) */
+    branch?: string;
+    /** Specific commit to scan */
+    commit?: string;
+    /** Languages to scan (default: auto-detect) */
+    languages?: SupportedLanguage[];
+    /** Maximum files to scan (default: 1000) */
+    maxFiles?: number;
+    /** File patterns to include (glob) */
+    includePatterns?: string[];
+    /** File patterns to exclude (glob) */
+    excludePatterns?: string[];
+    /** Minimum severity to report (default: low) */
+    minSeverity?: 'critical' | 'high' | 'medium' | 'low';
+    /** Enable parallel analysis (default: true) */
+    parallel?: boolean;
+    /** Maximum concurrency for parallel analysis (default: 10) */
+    maxConcurrency?: number;
+    /** Enable LLM enrichment (default: false) */
+    enableLLM?: boolean;
+    /** Output directory for reports */
+    outputDir?: string;
+    /** Verbose logging */
+    verbose?: boolean;
+    /** Progress callback */
+    onProgress?: (progress: ScanProgress) => void;
+}
+export interface ScanProgress {
+    phase: 'clone' | 'discover' | 'analyze' | 'report';
+    currentFile?: string;
+    filesProcessed: number;
+    totalFiles: number;
+    findingsCount: number;
+}
+export interface ScanResult {
+    /** Scan metadata */
+    meta: ScanMeta;
+    /** All findings */
+    findings: ScanFinding[];
+    /** Findings grouped by OWASP Top 10 category */
+    byOWASP: OWASPSummary;
+    /** Summary statistics */
+    summary: ScanSummary;
+    /** Per-file results */
+    files: FileResult[];
+}
+export interface ScanMeta {
+    /** Target repository or path */
+    target: string;
+    /** Branch scanned */
+    branch?: string;
+    /** Commit hash */
+    commit?: string;
+    /** Scan timestamp */
+    timestamp: string;
+    /** Scan duration in ms */
+    durationMs: number;
+    /** Circle-IR version */
+    version: string;
+}
+export interface ScanFinding extends Finding {
+    /** OWASP Top 10 mapping */
+    owasp: OWASPMapping;
+    /** Relative file path */
+    filePath: string;
+}
+export interface OWASPSummary {
+    [category: string]: {
+        count: number;
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+        findings: ScanFinding[];
+    };
+}
+export interface ScanSummary {
+    /** Total files scanned */
+    totalFiles: number;
+    /** Total lines of code */
+    totalLOC: number;
+    /** Total findings */
+    totalFindings: number;
+    /** Findings by severity */
+    bySeverity: {
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+    };
+    /** Findings by type */
+    byType: {
+        [type: string]: number;
+    };
+    /** Top 5 most vulnerable files */
+    topVulnerableFiles: Array<{
+        file: string;
+        count: number;
+    }>;
+}
+export interface FileResult {
+    path: string;
+    language: SupportedLanguage;
+    loc: number;
+    findings: ScanFinding[];
+    analysisTimeMs: number;
+}
+export declare class SecurityScanner {
+    private workDir;
+    private verbose;
+    private onProgress?;
+    constructor();
+    /**
+     * Run a security scan on a repository or local path.
+     */
+    scan(options: ScanOptions): Promise<ScanResult>;
+    /**
+     * Prepare repository for scanning.
+     */
+    private prepareRepository;
+    /**
+     * Clone a Git repository.
+     */
+    private cloneRepository;
+    /**
+     * Discover files to scan.
+     */
+    private discoverFiles;
+    /**
+     * Check if a path matches any of the given glob patterns.
+     */
+    private matchesPattern;
+    /**
+     * Analyze files.
+     */
+    private analyzeFiles;
+    /**
+     * Analyze a single file.
+     */
+    private analyzeFile;
+    /**
+     * Detect language from file extension.
+     */
+    private detectLanguage;
+    /**
+     * Check if severity meets minimum threshold.
+     */
+    private meetsMinSeverity;
+    /**
+     * Generate scan report.
+     */
+    private generateReport;
+    /**
+     * Save report to output directory.
+     */
+    private saveReport;
+    /**
+     * Convert result to SARIF format.
+     */
+    private toSARIF;
+    /**
+     * Convert result to text summary.
+     */
+    private toTextSummary;
+    /**
+     * Report progress.
+     */
+    private reportProgress;
+    /**
+     * Clean up temporary files.
+     */
+    cleanup(): void;
+}
+/**
+ * Run a security scan on a repository or local path.
+ */
+export declare function scanRepository(options: ScanOptions): Promise<ScanResult>;
+/**
+ * Scan a local directory.
+ */
+export declare function scanDirectory(directory: string, options?: Partial<ScanOptions>): Promise<ScanResult>;
+/**
+ * Quick scan with default options.
+ */
+export declare function quickScan(target: string): Promise<ScanResult>;
+/**
+ * Format scan result as a human-readable report.
+ */
+export declare function formatScanReport(result: ScanResult): string;
+//# sourceMappingURL=scanner.d.ts.map

package/dist/security-scan/scanner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"scanner.d.ts","sourceRoot":"","sources":["../../src/security-scan/scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAKH,OAAO,EAML,KAAK,OAAO,EACZ,KAAK,iBAAiB,EACvB,MAAM,WAAW,CAAC;AACnB,OAAO,EAAuC,KAAK,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAM5F,MAAM,WAAW,WAAW;IAC1B,mCAAmC;IACnC,MAAM,EAAE,MAAM,CAAC;IACf,+CAA+C;IAC/C,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,8BAA8B;IAC9B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,+CAA+C;IAC/C,SAAS,CAAC,EAAE,iBAAiB,EAAE,CAAC;IAChC,4CAA4C;IAC5C,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,sCAAsC;IACtC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,sCAAsC;IACtC,eAAe,CAAC,EAAE,MAAM,EAAE,CAAC;IAC3B,gDAAgD;IAChD,WAAW,CAAC,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACrD,+CAA+C;IAC/C,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,8DAA8D;IAC9D,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,6CAA6C;IAC7C,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,mCAAmC;IACnC,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,sBAAsB;IACtB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,wBAAwB;IACxB,UAAU,CAAC,EAAE,CAAC,QAAQ,EAAE,YAAY,KAAK,IAAI,CAAC;CAC/C;AAED,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,OAAO,GAAG,UAAU,GAAG,SAAS,GAAG,QAAQ,CAAC;IACnD,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,aAAa,EAAE,MAAM,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,oBAAoB;IACpB,IAAI,EAAE,QAAQ,CAAC;IACf,mBAAmB;IACnB,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,gDAAgD;IAChD,OAAO,EAAE,YAAY,CAAC;IACtB,yBAAyB;IACzB,OAAO,EAAE,WAAW,CAAC;IACrB,uBAAuB;IACvB,KAAK,EAAE,UAAU,EAAE,CAAC;CACrB;AAED,MAAM,WAAW,QAAQ;IACvB,gCAAgC;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,qBAAqB;IACrB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,kBAAkB;IAClB,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,qBAAqB;IACrB,SAAS,EAAE,MAAM,CAAC;IAClB,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,wBAAwB;IACxB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAY,SAAQ,OAAO;IAC1C,2BAA2B;IAC3B,KAAK,EAAE,YAAY,CAAC;IACpB,yBAAyB;IACzB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED,MAAM,WAAW,YAAY;IAC3B,CAAC,QAAQ,EAAE,MAAM,GAAG;QAClB,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,QAAQ,EAAE,WAAW,EAAE,CAAC;KACzB,CAAC;CACH;AAED,MAAM,WAAW,WAAW;IAC1B,0BAA0B;IAC1B,UAAU,EAAE,MAAM,CAAC;IACnB,0BAA0B;IAC1B,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,2BAA2B;IAC3B,UAAU,EAAE;QACV,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,uBAAuB;IACvB,MAAM,EAAE;QAAE,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAAA;KAAE,CAAC;IACnC,kCAAkC;IAClC,kBAAkB,EAAE,KAAK,CAAC;QAAE,IAAI,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;CAC5D;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,iBAAiB,CAAC;IAC5B,GAAG,EAAE,MAAM,CAAC;IACZ,QAAQ,EAAE,WAAW,EAAE,CAAC;IACxB,cAAc,EAAE,MAAM,CAAC;CACxB;AAMD,qBAAa,eAAe;IAC1B,OAAO,CAAC,OAAO,CAAS;IACxB,OAAO,CAAC,OAAO,CAAU;IACzB,OAAO,CAAC,UAAU,CAAC,CAAmC;;IAOtD;;OAEG;IACG,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC;IAkCrD;;OAEG;YACW,iBAAiB;IAgB/B;;OAEG;IACH,OAAO,CAAC,eAAe;IAkCvB;;OAEG;IACH,OAAO,CAAC,aAAa;IAgGrB;;OAEG;IACH,OAAO,CAAC,cAAc;IAmBtB;;OAEG;YACW,YAAY;IA2D1B;;OAEG;YACW,WAAW;IA2DzB;;OAEG;IACH,OAAO,CAAC,cAAc;IAkCtB;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAUxB;;OAEG;IACH,OAAO,CAAC,cAAc;IAqFtB;;OAEG;YACW,UAAU;IAuBxB;;OAEG;IACH,OAAO,CAAC,OAAO;IAgDf;;OAEG;IACH,OAAO,CAAC,aAAa;IA4DrB;;OAEG;IACH,OAAO,CAAC,cAAc;IAetB;;OAEG;IACH,OAAO,IAAI,IAAI;CAMhB;AAMD;;GAEG;AACH,wBAAsB,cAAc,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAO9E;AAED;;GAEG;AACH,wBAAsB,aAAa,CACjC,SAAS,EAAE,MAAM,EACjB,OAAO,CAAC,EAAE,OAAO,CAAC,WAAW,CAAC,GAC7B,OAAO,CAAC,UAAU,CAAC,CAErB;AAED;;GAEG;AACH,wBAAsB,SAAS,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,UAAU,CAAC,CAOnE;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,UAAU,GAAG,MAAM,CA+E3D"}