circle-ir-ai 2.7.17 → 2.8.0

package/CHANGELOG.md

@@ -5,6 +5,177 @@ All notable changes to this project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [2.7.19] - 2026-05-28
+
+### Versioning policy
+
+- **Lockstep with cognium-ai (CLI).** From 2.7.19 forward,
+  `circle-ir-ai` (engine) and `cognium-ai` (CLI) ship the same
+  version number, bumped together in each release cycle.
+  cognium-ai's `circle-ir-ai` dependency becomes exact-pin
+  (`"2.7.19"`, not `"^2.7.19"`) so the lockstep is mechanically
+  enforced at install time. 2.7.18 is skipped on the engine side
+  to converge with the CLI's existing 2.7.18 → 2.7.19 step.
+
+### Fixed
+
+- **#61 (CRITICAL): default exclude globs over-matched Java package
+  paths, nuking findings on any Spring-Boot-shaped project.**
+  Symptom: `cognium-ai scan --no-llm` returned 0 findings on
+  `java-vuln-demo` (was 188); python down 75%, javascript down 72%,
+  rust down 82%, html down 47%; `durationMs: 7` confirmed the
+  analyzer wasn't even reaching files. Bash was unaffected.
+
+  Root cause: 2.7.15's Bucket C added `**/buildSrc/**`,
+  `**/examples/**`, `**/example/**`, `**/samples/**`, `**/demo/**`
+  to default excludes, intending to filter top-level
+  `examples/`/`demo/` directories on real-world repos (ZAP buildSrc,
+  Next.js examples). But `**/` matches at any depth, and Java's
+  Spring archetype convention maps the package `com.example.demo`
+  to filesystem `src/main/java/com/example/demo/`. Every Java file
+  in any `com.example.demo` project lived under a path that matched
+  `**/demo/**` and was silently excluded.
+
+  Fix: anchored all five patterns to repo root (`demo/**`,
+  `examples/**`, `example/**`, `samples/**`, `buildSrc/**`),
+  preserving the original Bucket C intent (top-level marker dirs)
+  without colliding with package directory names. Cross-language
+  hits in the regression all correlate with `demo`/`example`/`sample`
+  being common package or workspace-member name segments.
+
+  Repro verified pre-fix: `scanDirectory` on
+  `/tmp/x/src/main/java/com/example/demo/UserController.java` →
+  0 findings. Post-fix: 3 findings (sql_injection critical +
+  2 missing-public-doc). Closes #61.
+
+- **#62: secrets `secrets[]` and `bySeverity` inflated 2× when
+  scanning git history.** Symptom: `cognium-ai secrets` reported
+  `activeSecrets: 8`, `historicalSecrets: 8`, but `secrets[].length`
+  = 16 and `bySeverity` summed to 16 — uniform 2× inflation across
+  all 8 vuln-demo repos.
+
+  Root cause: `scanFile()` emits absolute file paths
+  (`path.resolve()`, per #13's convention). `scanDiff()` parsed the
+  diff header `+++ b/<relpath>` and emitted the relative form as the
+  file path on history secrets. The HEAD↔history dedup
+  (`s.file === secret.file`) compared absolute vs relative and never
+  matched. Every secret that lived in HEAD AND was added in a
+  scanned commit landed twice in `secrets[]` — once active
+  (working-tree walk, `presentInHead = true`), once historical (dedup
+  miss, falsely classified as historical-only). `activeSecrets`
+  stayed correct because the flag was set independently in the
+  working-tree walk.
+
+  Fix: `scanDiff` now takes a `repoDir` parameter and resolves
+  `currentFile` to absolute via `path.resolve(repoDir, currentFile)`
+  before emitting DetectedSecret. Relative form preserved for
+  `isPathExcluded()` (which still expects repo-relative).
+  Closes #62.
+
+### Dependencies
+
+- **circle-ir upgraded to ^3.23.3.** Four-part bump:
+
+  **3.23.0 — MyBatis ORM mapper sinks added** to
+  `configs/sinks/sql.yaml`: `*Mapper.insert`,
+  `*Mapper.insertSelective`, `*Mapper.update`,
+  `*Mapper.updateByPrimaryKey`, `*Mapper.updateByPrimaryKeySelective`
+  — all marked `sql_injection` / CWE-89 / critical with the note
+  "MyBatis ORM - tainted fields in entity may be interpolated via ${}
+  syntax". Forward-looking precision improvement for production Java
+  apps using MyBatis ORM.
+
+  **3.23.1 — precision cleanup of auto-mined sinks.** Removes
+  miscategorized "Auto-mined from CVE analysis" entries from three
+  sink configs:
+    - `sql.yaml`: drops `File`, `FileInputStream`, `getResource`,
+      `URL.openConnection` (these are file/URL operations, not SQL
+      sinks)
+    - `code_injection.yaml`: drops `ObjectInputStream.readObject`,
+      `XPath.compile`, `PrintWriter.println`, bare `newInstance`
+    - `path.yaml`: drops `XPath.compile`, `PrintWriter.println`,
+      `Class.forName`, bare `newInstance`
+  Net effect: lower FP rate on Java code that uses these APIs in
+  benign contexts (logging, dynamic class loading, XML parsing)
+  without losing real CWE-Bench-Java detections.
+
+  **3.23.2 — Jenkins `SCMFileSystem.child` path-traversal sink
+  added** to `configs/sinks/path.yaml`: `SCMFileSystem.child` typed
+  as `path_traversal` / CWE-022 / high. Engineering-wise addresses
+  the second engine miss in `cogniumhq/circle-ir#5`
+  (`jenkins workflow-multibranch-plugin` CVE-2022-25175,
+  `ReadTrustedStep.run()` → `fs.child(step.path).contentAsString()`
+  with a tainted CPS field).
+
+  **3.23.3 — annotation-based source tainting.** New
+  `method_annotation` field on source patterns plus a new matcher
+  pass that walks every method/constructor with a matching
+  annotation and marks ALL its parameters as tainted sources.
+  Specific addition to `configs/sources/http_sources.yaml`:
+  `@DataBoundConstructor` typed as `http_param` / high. This is the
+  source-side complement to 3.23.2: Jenkins's
+  `@DataBoundConstructor` wires every constructor parameter from
+  form/JSON binding, so every such parameter is user-controlled at
+  construction time. Together 3.23.2 + 3.23.3 give the engine the
+  full taint flow (`@DataBoundConstructor` source →
+  `SCMFileSystem.child` sink) for CVE-2022-25175.
+
+  **CWE-Bench-Java impact (qwen3-coder-next, Ollama):**
+
+  - vs 3.22.3 (2.7.17 baseline): 98/120 (81.7%) — measured
+    2026-05-21
+  - vs 3.23.1 (interim, 2.7.19): 98/120 (81.7%) — measured
+    2026-05-28, bit-identical per-project verdicts to baseline.
+  - vs 3.23.2: 98/120 (81.7%) — measured 2026-05-28,
+    bit-identical. Verified Jenkins CVE-2022-25175 still
+    `[MISSED] 0/3 fix locations`.
+  - vs 3.23.3: re-run pending. Likely still 98/120 (see
+    methodology note below).
+
+  **Honest assessment: none of 3.23.0/1/2/3 move this benchmark,
+  but the underlying engine improvements are real.** All four
+  improvements solve real engineering problems on production Java
+  code; CWE-Bench-Java just can't see them because of a
+  systematic methodology mismatch between **how vulnerabilities are
+  actually exploited** and **how the benchmark buckets them**.
+
+  Specifics:
+  - 3.23.0 MyBatis sinks fire as `sql_injection` / CWE-89, but
+    `apache/dolphinscheduler` CVE-2022-34662 is bucketed under
+    CWE-022 in `cases.json` — runner's `CWE_TO_SINK_TYPE['CWE-022']`
+    is `['path_traversal']` only, so SQL-typed sinks at the same
+    code location don't count.
+  - 3.23.2 `SCMFileSystem.child` fires as `path_traversal` / CWE-022,
+    but `workflow-multibranch-plugin` CVE-2022-25175 is bucketed
+    under CWE-078 in `cases.json` — runner's
+    `CWE_TO_SINK_TYPE['CWE-078']` is
+    `['command_injection', 'code_injection']` only, so
+    path-traversal-typed sinks at the fix line don't count.
+  - 3.23.3 source addition rides on the same flow and faces the
+    same scoring trap.
+
+  Two paths forward, neither in 2.7.19:
+  - **Widen `CWE_TO_SINK_TYPE`** in
+    `benchmarks/runners/run-cwe-bench-java.ts` so each bucket
+    accepts cross-type detections at the documented fix line
+    (treats *any* security finding at the fix location as a
+    detection). Loses some CWE-precision-of-detection signal in
+    exchange for a more truthful representation of engine
+    capability. The IRIS paper itself does not enforce sink-type
+    matching, so this is more apples-to-apples.
+  - **Re-label `cases.json`** to put CVEs under the CWE that
+    matches the actual sink semantics rather than CVE-database
+    metadata. More invasive; introduces a fork of the benchmark.
+
+  **`cogniumhq/circle-ir#5` status:** open. Engineering-wise the
+  engine now detects both flows (Jenkins via 3.23.2 + 3.23.3,
+  dolphinscheduler via 3.23.0 ORM sinks); the benchmark doesn't
+  score them due to CWE-label mismatches. The right close criterion
+  is "engine traces the taint flow end-to-end," which is now true
+  for both — but the issue text describes them as benchmark misses,
+  so closing requires either a benchmark methodology change or a
+  test that doesn't depend on CWE bucket.
+
 ## [2.7.17] - 2026-05-21
 
 ### Fixed

package/dist/secret-scan/history-patterns.d.ts

@@ -0,0 +1,30 @@
+/**
+ * Minimal Secret Patterns for Git History Scanning
+ *
+ * IMPORTANT: These patterns are ONLY for scanning git diffs where we cannot
+ * use circle-ir's analyze() function. For working-tree file scanning, we
+ * delegate to circle-ir's ScanSecretsPass which has comprehensive coverage.
+ *
+ * This file intentionally duplicates a minimal subset of patterns to support
+ * git history scanning. The authoritative patterns live in circle-ir.
+ */
+import type { SecretSeverity } from './scanner.js';
+export interface HistoryPattern {
+    id: string;
+    name: string;
+    pattern: RegExp;
+    severity: SecretSeverity;
+    category: string;
+    falsePositivePatterns?: RegExp[];
+    validator?: (match: string) => boolean;
+}
+/**
+ * Minimal high-confidence patterns for git history scanning.
+ * These mirror circle-ir's ScanSecretsPass provider patterns.
+ */
+export declare const HISTORY_SCAN_PATTERNS: HistoryPattern[];
+/**
+ * Calculate Shannon entropy of a string
+ */
+export declare function calculateEntropy(str: string): number;
+//# sourceMappingURL=history-patterns.d.ts.map

package/dist/secret-scan/history-patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"history-patterns.d.ts","sourceRoot":"","sources":["../../src/secret-scan/history-patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAEnD,MAAM,WAAW,cAAc;IAC7B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;IACjC,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;CACxC;AAED;;;GAGG;AACH,eAAO,MAAM,qBAAqB,EAAE,cAAc,EAuIjD,CAAC;AAEF;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAgBpD"}

package/dist/secret-scan/history-patterns.js

@@ -0,0 +1,162 @@
+/**
+ * Minimal Secret Patterns for Git History Scanning
+ *
+ * IMPORTANT: These patterns are ONLY for scanning git diffs where we cannot
+ * use circle-ir's analyze() function. For working-tree file scanning, we
+ * delegate to circle-ir's ScanSecretsPass which has comprehensive coverage.
+ *
+ * This file intentionally duplicates a minimal subset of patterns to support
+ * git history scanning. The authoritative patterns live in circle-ir.
+ */
+/**
+ * Minimal high-confidence patterns for git history scanning.
+ * These mirror circle-ir's ScanSecretsPass provider patterns.
+ */
+export const HISTORY_SCAN_PATTERNS = [
+    // AWS
+    {
+        id: 'aws-access-key-id',
+        name: 'AWS Access Key ID',
+        pattern: /\bAKIA[0-9A-Z]{16}\b/g,
+        severity: 'critical',
+        category: 'aws',
+    },
+    // GitHub tokens
+    {
+        id: 'github-pat',
+        name: 'GitHub Personal Access Token',
+        pattern: /\bghp_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+    },
+    {
+        id: 'github-oauth',
+        name: 'GitHub OAuth Token',
+        pattern: /\bgho_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+    },
+    {
+        id: 'github-app-token',
+        name: 'GitHub App Token',
+        pattern: /\bghs_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+    },
+    {
+        id: 'github-user-token',
+        name: 'GitHub User-to-Server Token',
+        pattern: /\bghu_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+    },
+    {
+        id: 'github-refresh-token',
+        name: 'GitHub Refresh Token',
+        pattern: /\bghr_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'github',
+    },
+    // Stripe
+    {
+        id: 'stripe-secret-key',
+        name: 'Stripe Secret Key',
+        pattern: /\bsk_live_[A-Za-z0-9]{24,}\b/g,
+        severity: 'critical',
+        category: 'stripe',
+    },
+    {
+        id: 'stripe-publishable-key',
+        name: 'Stripe Publishable Key',
+        pattern: /\bpk_live_[A-Za-z0-9]{24,}\b/g,
+        severity: 'high',
+        category: 'stripe',
+    },
+    // OpenAI
+    {
+        id: 'openai-api-key',
+        name: 'OpenAI API Key',
+        pattern: /\bsk-[A-Za-z0-9]{48}\b/g,
+        severity: 'critical',
+        category: 'openai',
+    },
+    // Anthropic
+    {
+        id: 'anthropic-api-key',
+        name: 'Anthropic API Key',
+        pattern: /\bsk-ant-[A-Za-z0-9_-]{90,}\b/g,
+        severity: 'critical',
+        category: 'anthropic',
+    },
+    // Slack
+    {
+        id: 'slack-token',
+        name: 'Slack Token',
+        pattern: /\bxox[baprs]-[A-Za-z0-9-]{10,}\b/g,
+        severity: 'critical',
+        category: 'slack',
+    },
+    // Google
+    {
+        id: 'gcp-api-key',
+        name: 'Google Cloud API Key',
+        pattern: /\bAIza[0-9A-Za-z_-]{35}\b/g,
+        severity: 'critical',
+        category: 'gcp',
+    },
+    // JWT
+    {
+        id: 'jwt-token',
+        name: 'JSON Web Token',
+        pattern: /\beyJ[A-Za-z0-9_-]{10,}\.eyJ[A-Za-z0-9_-]{10,}\.[A-Za-z0-9_-]{10,}\b/g,
+        severity: 'critical',
+        category: 'jwt',
+        validator: (match) => {
+            const parts = match.split('.');
+            if (parts.length !== 3)
+                return false;
+            try {
+                const header = JSON.parse(atob(parts[0].replace(/-/g, '+').replace(/_/g, '/')));
+                return header && typeof header === 'object';
+            }
+            catch {
+                return false;
+            }
+        },
+    },
+    // Private Keys
+    {
+        id: 'pem-private-key',
+        name: 'PEM Private Key',
+        pattern: /-----BEGIN (?:RSA |EC |DSA |OPENSSH |PGP )?PRIVATE KEY-----/g,
+        severity: 'critical',
+        category: 'private-key',
+    },
+    // npm
+    {
+        id: 'npm-token',
+        name: 'npm Access Token',
+        pattern: /\bnpm_[A-Za-z0-9]{36}\b/g,
+        severity: 'critical',
+        category: 'npm',
+    },
+];
+/**
+ * Calculate Shannon entropy of a string
+ */
+export function calculateEntropy(str) {
+    const len = str.length;
+    if (len === 0)
+        return 0;
+    const freq = new Map();
+    for (const char of str) {
+        freq.set(char, (freq.get(char) || 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / len;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+//# sourceMappingURL=history-patterns.js.map

package/dist/secret-scan/history-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"history-patterns.js","sourceRoot":"","sources":["../../src/secret-scan/history-patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAcH;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAqB;IACrD,MAAM;IACN;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,uBAAuB;QAChC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;KAChB;IAED,gBAAgB;IAChB;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,8BAA8B;QACpC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,oBAAoB;QAC1B,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,6BAA6B;QACnC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IAED,SAAS;IACT;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,wBAAwB;QAC9B,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;KACnB;IAED,SAAS;IACT;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,yBAAyB;QAClC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;KACnB;IAED,YAAY;IACZ;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,OAAO,EAAE,gCAAgC;QACzC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,WAAW;KACtB;IAED,QAAQ;IACR;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;KAClB;IAED,SAAS;IACT;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,sBAAsB;QAC5B,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;KAChB;IAED,MAAM;IACN;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,gBAAgB;QACtB,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACrC,IAAI,CAAC;gBACH,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;gBAChF,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KACF;IAED,eAAe;IACf;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,8DAA8D;QACvE,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;KACxB;IAED,MAAM;IACN;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;KAChB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAExB,MAAM,IAAI,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;QACtB,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/dist/secret-scan/index.d.ts

@@ -1,12 +1,19 @@
 /**
  * Secret Scan Module
  *
- * Provides secret detection capabilities for codebases including:
- * - Pattern-based secret detection (AWS, GitHub, Stripe, etc.)
- * - Git history scanning
- * - Severity classification
- * - .gitignore recommendations
+ * Architecture (refactored):
+ * - Working-tree scanning: Delegates to circle-ir's ScanSecretsPass
+ * - Git history scanning: Uses minimal patterns (circle-ir-ai domain)
+ * - LLM verification: Reduces false positives via context analysis
+ *
+ * This module consumes CircleIR findings for SAST, not reimplementing.
+ */
+export { SecretScanner, scanForSecrets, quickSecretScan, formatSecretReport, type SecretScanOptions, type ScanProgress, type DetectedSecret, type SecretScanResult, type SecretSeverity, } from './scanner.js';
+export { HISTORY_SCAN_PATTERNS, calculateEntropy, type HistoryPattern, } from './history-patterns.js';
+/**
+ * @deprecated Use circle-ir's ScanSecretsPass for SAST detection.
+ * These exports are maintained for backwards compatibility only.
+ * Import from './history-patterns.js' for git history scanning.
  */
-export { SECRET_PATTERNS, calculateEntropy, getPatternsByCategory, getPatternsBySeverity, getPatternCategories, type SecretPattern, type SecretSeverity, } from './patterns.js';
-export { SecretScanner, scanForSecrets, quickSecretScan, formatSecretReport, type SecretScanOptions, type ScanProgress, type DetectedSecret, type SecretScanResult, } from './scanner.js';
+export { SECRET_PATTERNS, getPatternsByCategory, getPatternsBySeverity, getPatternCategories, type SecretPattern, } from './patterns.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/secret-scan/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/secret-scan/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAGH,OAAO,EACL,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,KAAK,aAAa,EAClB,KAAK,cAAc,GACpB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,aAAa,EACb,cAAc,EACd,eAAe,EACf,kBAAkB,EAClB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,gBAAgB,GACtB,MAAM,cAAc,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/secret-scan/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAGH,OAAO,EACL,aAAa,EACb,cAAc,EACd,eAAe,EACf,kBAAkB,EAClB,KAAK,iBAAiB,EACtB,KAAK,YAAY,EACjB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,cAAc,GACpB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,qBAAqB,EACrB,gBAAgB,EAChB,KAAK,cAAc,GACpB,MAAM,uBAAuB,CAAC;AAE/B;;;;GAIG;AACH,OAAO,EACL,eAAe,EACf,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,EACpB,KAAK,aAAa,GACnB,MAAM,eAAe,CAAC"}

package/dist/secret-scan/index.js

@@ -1,14 +1,21 @@
 /**
  * Secret Scan Module
  *
- * Provides secret detection capabilities for codebases including:
- * - Pattern-based secret detection (AWS, GitHub, Stripe, etc.)
- * - Git history scanning
- * - Severity classification
- * - .gitignore recommendations
+ * Architecture (refactored):
+ * - Working-tree scanning: Delegates to circle-ir's ScanSecretsPass
+ * - Git history scanning: Uses minimal patterns (circle-ir-ai domain)
+ * - LLM verification: Reduces false positives via context analysis
+ *
+ * This module consumes CircleIR findings for SAST, not reimplementing.
  */
-// Patterns
-export { SECRET_PATTERNS, calculateEntropy, getPatternsByCategory, getPatternsBySeverity, getPatternCategories, } from './patterns.js';
-// Scanner
+// Scanner (main API)
 export { SecretScanner, scanForSecrets, quickSecretScan, formatSecretReport, } from './scanner.js';
+// History patterns (for git history scanning only)
+export { HISTORY_SCAN_PATTERNS, calculateEntropy, } from './history-patterns.js';
+/**
+ * @deprecated Use circle-ir's ScanSecretsPass for SAST detection.
+ * These exports are maintained for backwards compatibility only.
+ * Import from './history-patterns.js' for git history scanning.
+ */
+export { SECRET_PATTERNS, getPatternsByCategory, getPatternsBySeverity, getPatternCategories, } from './patterns.js';
 //# sourceMappingURL=index.js.map

package/dist/secret-scan/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/secret-scan/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,WAAW;AACX,OAAO,EACL,eAAe,EACf,gBAAgB,EAChB,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,GAGrB,MAAM,eAAe,CAAC;AAEvB,UAAU;AACV,OAAO,EACL,aAAa,EACb,cAAc,EACd,eAAe,EACf,kBAAkB,GAKnB,MAAM,cAAc,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/secret-scan/index.ts"],"names":[],"mappings":"AAAA;;;;;;;;;GASG;AAEH,qBAAqB;AACrB,OAAO,EACL,aAAa,EACb,cAAc,EACd,eAAe,EACf,kBAAkB,GAMnB,MAAM,cAAc,CAAC;AAEtB,mDAAmD;AACnD,OAAO,EACL,qBAAqB,EACrB,gBAAgB,GAEjB,MAAM,uBAAuB,CAAC;AAE/B;;;;GAIG;AACH,OAAO,EACL,eAAe,EACf,qBAAqB,EACrB,qBAAqB,EACrB,oBAAoB,GAErB,MAAM,eAAe,CAAC"}

package/dist/secret-scan/patterns.d.ts

@@ -1,7 +1,20 @@
 /**
  * Secret Detection Pattern Library
  *
- * Patterns for detecting various types of secrets and credentials in code.
+ * @deprecated This file is DEPRECATED. circle-ir's ScanSecretsPass now handles
+ * SAST-level secret detection. This module violated the architectural boundary
+ * by reimplementing SAST logic that belongs in circle-ir.
+ *
+ * For git history scanning (circle-ir-ai's legitimate domain), use
+ * './history-patterns.js' which contains a minimal pattern set.
+ *
+ * This file is maintained only for backwards compatibility. Do not add new
+ * patterns here - contribute them to circle-ir instead.
+ *
+ * Migration:
+ * - Working-tree scanning: Use circle-ir's analyze() → filter hardcoded-credential findings
+ * - Git history scanning: Use HISTORY_SCAN_PATTERNS from './history-patterns.js'
+ * - LLM verification: Use SecretScanner with llmVerify: true
  */
 export type SecretSeverity = 'critical' | 'high' | 'medium' | 'low';
 export interface SecretPattern {

package/dist/secret-scan/patterns.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/secret-scan/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEpE,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;IACvC,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;CAClC;AAgbD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAgBpD;AAED;;GAEG;AACH,eAAO,MAAM,eAAe,EAAE,aAAa,EAY1C,CAAC;AAEF;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,EAAE,CAEvE;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,cAAc,GAAG,aAAa,EAAE,CAE/E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,EAAE,CAE/C"}
+{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../src/secret-scan/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAEH,MAAM,MAAM,cAAc,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAEpE,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,SAAS,CAAC,EAAE,CAAC,KAAK,EAAE,MAAM,KAAK,OAAO,CAAC;IACvC,qBAAqB,CAAC,EAAE,MAAM,EAAE,CAAC;CAClC;AAgbD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAgBpD;AAED;;GAEG;AACH,eAAO,MAAM,eAAe,EAAE,aAAa,EAY1C,CAAC;AAEF;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,MAAM,GAAG,aAAa,EAAE,CAEvE;AAED;;GAEG;AACH,wBAAgB,qBAAqB,CAAC,QAAQ,EAAE,cAAc,GAAG,aAAa,EAAE,CAE/E;AAED;;GAEG;AACH,wBAAgB,oBAAoB,IAAI,MAAM,EAAE,CAE/C"}

package/dist/secret-scan/patterns.js

@@ -1,7 +1,20 @@
 /**
  * Secret Detection Pattern Library
  *
- * Patterns for detecting various types of secrets and credentials in code.
+ * @deprecated This file is DEPRECATED. circle-ir's ScanSecretsPass now handles
+ * SAST-level secret detection. This module violated the architectural boundary
+ * by reimplementing SAST logic that belongs in circle-ir.
+ *
+ * For git history scanning (circle-ir-ai's legitimate domain), use
+ * './history-patterns.js' which contains a minimal pattern set.
+ *
+ * This file is maintained only for backwards compatibility. Do not add new
+ * patterns here - contribute them to circle-ir instead.
+ *
+ * Migration:
+ * - Working-tree scanning: Use circle-ir's analyze() → filter hardcoded-credential findings
+ * - Git history scanning: Use HISTORY_SCAN_PATTERNS from './history-patterns.js'
+ * - LLM verification: Use SecretScanner with llmVerify: true
  */
 /**
  * AWS Credential Patterns

package/dist/secret-scan/patterns.js.map

@@ -1 +1 @@
-{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/secret-scan/patterns.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAgBH;;GAEG;AACH,MAAM,WAAW,GAAoB;IACnC;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,wEAAwE;QACjF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC;KAClF;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC;KAC5B;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC;KACtC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,wCAAwC;QACrD,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,2CAA2C;QACxD,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,aAAa,CAAC;KAC1B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,wDAAwD;QACrE,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,gDAAgD;QAC7D,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC;QACxB,qBAAqB,EAAE;YACrB,UAAU;YACV,cAAc;YACd,uBAAuB;YACvB,OAAO;YACP,MAAM;YACN,KAAK;SACN;KACF;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,qBAAqB,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC;QAClD,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yCAAyC;YACzC,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAC9C,iEAAiE;YACjE,OAAO,KAAK,CAAC,MAAM,IAAI,EAAE,CAAC;QAC5B,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,GAAoB;IACnC;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,gBAAgB;QAC7B,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,KAAK,CAAC;QACjB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yBAAyB;YACzB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACrC,IAAI,CAAC;gBACH,kCAAkC;gBAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;gBAChF,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoB;IACxC;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,6CAA6C;QAC1D,OAAO,EAAE,wFAAwF;QACjG,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC;QACnE,qBAAqB,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,CAAC;KACrE;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,oCAAoC;QACjD,OAAO,EAAE,sHAAsH;QAC/H,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,CAAC;QAC7D,qBAAqB,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,CAAC;KAChE;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAoB;IAC1C;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,+EAA+E;QACxF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,2BAA2B,CAAC;KACxC;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,sBAAsB,CAAC;KACnC;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,mFAAmF;QAC5F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAAoB;IACrC;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,OAAO,CAAC;KACpB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,SAAS,CAAC;KAC7C;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,iCAAiC;QAC9C,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,0BAA0B,EAAE,YAAY,CAAC;KACrD;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAoB;IAC7C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,yBAAyB;QACtC,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;KACxD;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,iBAAiB,CAAC;KAC9B;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,8BAA8B;QAC3C,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;KACjC;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gBAAgB;QAC7B,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,IAAI,CAAC;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,KAAK,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAoB;IACvC;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,QAAQ,CAAC;KACrB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,yBAAyB;QACtC,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,KAAK,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAoB;IAC3C;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,+DAA+D;QAC5E,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,gBAAgB;YAChB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,4BAA4B;YAC5B,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtC,sDAAsD;YACtD,OAAO,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC3C,CAAC;KACF;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,4DAA4D;QACzE,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtC,4CAA4C;YAC5C,OAAO,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC3C,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAExB,MAAM,IAAI,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;QACtB,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C,GAAG,WAAW;IACd,GAAG,cAAc;IACjB,GAAG,cAAc;IACjB,GAAG,cAAc;IACjB,GAAG,WAAW;IACd,GAAG,gBAAgB;IACnB,GAAG,kBAAkB;IACrB,GAAG,aAAa;IAChB,GAAG,qBAAqB;IACxB,GAAG,eAAe;IAClB,GAAG,mBAAmB;CACvB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAwB;IAC5D,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC"}
+{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../src/secret-scan/patterns.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;GAiBG;AAgBH;;GAEG;AACH,MAAM,WAAW,GAAoB;IACnC;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,wEAAwE;QACjF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,CAAC;KAClF;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,sFAAsF;QAC/F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,QAAQ,EAAE,KAAK,CAAC;KAC5B;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,2EAA2E;QACpF,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC;KACtC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,YAAY;QAChB,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,wCAAwC;QACrD,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,0BAA0B;QACnC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,2CAA2C;QACxD,OAAO,EAAE,iDAAiD;QAC1D,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,aAAa,CAAC;KAC1B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,wBAAwB;QAC9B,WAAW,EAAE,wDAAwD;QACrE,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,UAAU,CAAC;KACvB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,cAAc,GAAoB;IACtC;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,gDAAgD;QAC7D,OAAO,EAAE,kEAAkE;QAC3E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,KAAK,EAAE,KAAK,CAAC;QACxB,qBAAqB,EAAE;YACrB,UAAU;YACV,cAAc;YACd,uBAAuB;YACvB,OAAO;YACP,MAAM;YACN,KAAK;SACN;KACF;IACD;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,6BAA6B;QAC1C,OAAO,EAAE,uCAAuC;QAChD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,QAAQ,CAAC;QACpB,qBAAqB,EAAE,CAAC,UAAU,EAAE,MAAM,EAAE,KAAK,CAAC;QAClD,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yCAAyC;YACzC,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;YAC9C,iEAAiE;YACjE,OAAO,KAAK,CAAC,MAAM,IAAI,EAAE,CAAC;QAC5B,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,GAAoB;IACnC;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,WAAW;QACjB,WAAW,EAAE,gBAAgB;QAC7B,OAAO,EAAE,oEAAoE;QAC7E,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,KAAK,CAAC;QACjB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,yBAAyB;YACzB,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAC/B,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC;gBAAE,OAAO,KAAK,CAAC;YACrC,IAAI,CAAC;gBACH,kCAAkC;gBAClC,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC;gBAChF,OAAO,MAAM,IAAI,OAAO,MAAM,KAAK,QAAQ,CAAC;YAC9C,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,KAAK,CAAC;YACf,CAAC;QACH,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoB;IACxC;QACE,EAAE,EAAE,cAAc;QAClB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,6CAA6C;QAC1D,OAAO,EAAE,wFAAwF;QACjG,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,OAAO,EAAE,SAAS,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,CAAC;QACnE,qBAAqB,EAAE,CAAC,WAAW,EAAE,cAAc,EAAE,cAAc,CAAC;KACrE;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,oCAAoC;QACjD,OAAO,EAAE,sHAAsH;QAC/H,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,CAAC;QAC7D,qBAAqB,EAAE,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,EAAE,WAAW,CAAC;KAChE;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAAoB;IAC1C;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,+EAA+E;QACxF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,2BAA2B,CAAC;KACxC;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,sBAAsB,CAAC;KACnC;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,iBAAiB;QAC9B,OAAO,EAAE,uEAAuE;QAChF,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,iBAAiB;QACvB,WAAW,EAAE,uBAAuB;QACpC,OAAO,EAAE,mFAAmF;QAC5F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,aAAa;QACvB,QAAQ,EAAE,CAAC,uBAAuB,CAAC;KACpC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,aAAa,GAAoB;IACrC;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,+BAA+B;QAC5C,OAAO,EAAE,4BAA4B;QACrC,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,MAAM,CAAC;KACnB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,KAAK;QACf,QAAQ,EAAE,CAAC,OAAO,CAAC;KACpB;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,YAAY,EAAE,OAAO,EAAE,SAAS,CAAC;KAC7C;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,iCAAiC;QAC9C,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,0BAA0B,EAAE,YAAY,CAAC;KACrD;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,qBAAqB,GAAoB;IAC7C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,yBAAyB;QACtC,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,CAAC;KACxD;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,4BAA4B;QACzC,OAAO,EAAE,oFAAoF;QAC7F,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,CAAC,iBAAiB,CAAC;KAC9B;IACD;QACE,EAAE,EAAE,eAAe;QACnB,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,8BAA8B;QAC3C,OAAO,EAAE,gEAAgE;QACzE,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,SAAS;KACpB;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,qBAAqB;QAClC,OAAO,EAAE,qEAAqE;QAC9E,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,SAAS;QACnB,QAAQ,EAAE,CAAC,SAAS,EAAE,SAAS,CAAC;KACjC;IACD;QACE,EAAE,EAAE,gBAAgB;QACpB,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,gBAAgB;QAC7B,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,IAAI,CAAC;KACjB;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,kBAAkB;QAC/B,OAAO,EAAE,+CAA+C;QACxD,QAAQ,EAAE,MAAM;QAChB,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,CAAC,KAAK,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,eAAe,GAAoB;IACvC;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,2BAA2B;QACxC,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,QAAQ,CAAC;KACrB;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,qBAAqB;QAC3B,WAAW,EAAE,yBAAyB;QACtC,OAAO,EAAE,qCAAqC;QAC9C,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,CAAC,KAAK,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,mBAAmB,GAAoB;IAC3C;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,4BAA4B;QAClC,WAAW,EAAE,+DAA+D;QAC5E,OAAO,EAAE,mCAAmC;QAC5C,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,gBAAgB;YAChB,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,4BAA4B;YAC5B,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtC,sDAAsD;YACtD,OAAO,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC3C,CAAC;KACF;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,4DAA4D;QACzE,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,QAAQ;QAClB,QAAQ,EAAE,cAAc;QACxB,SAAS,EAAE,CAAC,KAAa,EAAE,EAAE;YAC3B,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,OAAO,GAAG,gBAAgB,CAAC,GAAG,CAAC,CAAC;YACtC,4CAA4C;YAC5C,OAAO,OAAO,GAAG,GAAG,IAAI,GAAG,CAAC,MAAM,IAAI,EAAE,CAAC;QAC3C,CAAC;KACF;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,IAAI,GAAG,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAExB,MAAM,IAAI,GAAwB,IAAI,GAAG,EAAE,CAAC;IAC5C,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;QACvB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC5C,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;QACtB,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAoB;IAC9C,GAAG,WAAW;IACd,GAAG,cAAc;IACjB,GAAG,cAAc;IACjB,GAAG,cAAc;IACjB,GAAG,WAAW;IACd,GAAG,gBAAgB;IACnB,GAAG,kBAAkB;IACrB,GAAG,aAAa;IAChB,GAAG,qBAAqB;IACxB,GAAG,eAAe;IAClB,GAAG,mBAAmB;CACvB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAwB;IAC5D,OAAO,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAChE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,oBAAoB;IAClC,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;AAC9D,CAAC"}