circle-ir 3.11.0 → 3.12.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +92 -34
- package/dist/browser/circle-ir.js +40 -2
- package/dist/languages/plugins/java.d.ts +9 -0
- package/dist/languages/plugins/java.js +48 -6
- package/dist/languages/plugins/java.js.map +1 -1
- package/docs/SPEC.md +13 -4
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -1,13 +1,14 @@
|
|
|
1
1
|
# circle-ir
|
|
2
2
|
|
|
3
|
-
A high-performance Static Application Security Testing (SAST) library for detecting security vulnerabilities through taint analysis, and code quality findings through an extensible
|
|
3
|
+
A high-performance Static Application Security Testing (SAST) library for detecting security vulnerabilities through taint analysis, and code quality findings through an extensible 36-pass analysis pipeline. Works in Node.js and browsers.
|
|
4
4
|
|
|
5
5
|
## Features
|
|
6
6
|
|
|
7
7
|
- **Taint Analysis**: Track data flow from sources (user input) to sinks (dangerous operations)
|
|
8
8
|
- **Multi-language Support**: Java, JavaScript/TypeScript, Python, Rust, Bash/Shell
|
|
9
9
|
- **High Accuracy**: 100% on OWASP Benchmark, 100% on Juliet Test Suite, 97.7% TPR on SecuriBench Micro
|
|
10
|
-
- **
|
|
10
|
+
- **36-Pass Pipeline**: 19 security taint passes + 17 reliability/performance/maintainability/architecture quality passes
|
|
11
|
+
- **Metrics Engine**: 24 software quality metrics (cyclomatic complexity, Halstead, CBO, RFC, LCOM, DIT, and 4 composite scores)
|
|
11
12
|
- **Cross-File Analysis**: `analyzeProject()` surfaces taint flows that span multiple files
|
|
12
13
|
- **Universal**: Works in Node.js and browsers with environment-agnostic core
|
|
13
14
|
- **Zero External Dependencies**: Core analysis runs without network calls or external services
|
|
@@ -40,12 +41,20 @@ for (const flow of result.taint.flows || []) {
|
|
|
40
41
|
console.log(` Sink: line ${flow.sink_line}`);
|
|
41
42
|
}
|
|
42
43
|
|
|
43
|
-
// Quality findings from analysis passes
|
|
44
|
+
// Quality findings from all 36 analysis passes
|
|
44
45
|
for (const finding of result.findings || []) {
|
|
45
46
|
console.log(`[${finding.severity}] ${finding.rule_id} at line ${finding.line}`);
|
|
46
47
|
console.log(` ${finding.message}`);
|
|
47
48
|
if (finding.fix) console.log(` Fix: ${finding.fix}`);
|
|
48
49
|
}
|
|
50
|
+
|
|
51
|
+
// Software quality metrics
|
|
52
|
+
const m = result.metrics;
|
|
53
|
+
if (m) {
|
|
54
|
+
console.log(`Cyclomatic complexity: ${m.cyclomatic_complexity}`);
|
|
55
|
+
console.log(`Maintainability index: ${m.maintainability_index}`);
|
|
56
|
+
console.log(`CBO (coupling): ${m.CBO}`);
|
|
57
|
+
}
|
|
49
58
|
```
|
|
50
59
|
|
|
51
60
|
### Browser
|
|
@@ -101,7 +110,8 @@ result.dfg // Data flow graph
|
|
|
101
110
|
result.taint // Taint sources, sinks, flows
|
|
102
111
|
result.imports // Import statements
|
|
103
112
|
result.exports // Exported symbols
|
|
104
|
-
result.findings // SastFinding[] from all
|
|
113
|
+
result.findings // SastFinding[] from all 36 analysis passes
|
|
114
|
+
result.metrics // FileMetrics — 24 software quality metrics (always populated)
|
|
105
115
|
```
|
|
106
116
|
|
|
107
117
|
### `analyzeProject(files, options?)`
|
|
@@ -181,20 +191,29 @@ const pyResult = await analyze(pyCode, 'app.py', 'python');
|
|
|
181
191
|
const rsResult = await analyze(rsCode, 'main.rs', 'rust');
|
|
182
192
|
```
|
|
183
193
|
|
|
184
|
-
## Detected Vulnerabilities
|
|
185
|
-
|
|
186
|
-
| Type | CWE | Description |
|
|
187
|
-
|
|
188
|
-
| SQL Injection | CWE-89 | User input in SQL queries |
|
|
189
|
-
| Command Injection | CWE-78 | User input in system commands |
|
|
190
|
-
|
|
|
191
|
-
|
|
|
192
|
-
|
|
|
193
|
-
|
|
|
194
|
-
|
|
|
195
|
-
| SSRF | CWE-918 | Server-side request forgery |
|
|
196
|
-
|
|
|
197
|
-
|
|
|
194
|
+
## Detected Security Vulnerabilities
|
|
195
|
+
|
|
196
|
+
| Type | CWE | Severity | Description |
|
|
197
|
+
|------|-----|----------|-------------|
|
|
198
|
+
| SQL Injection | CWE-89 | Critical | User input in SQL queries |
|
|
199
|
+
| Command Injection | CWE-78 | Critical | User input in system commands |
|
|
200
|
+
| Deserialization | CWE-502 | Critical | Untrusted deserialization |
|
|
201
|
+
| XXE | CWE-611 | Critical | XML external entity injection |
|
|
202
|
+
| Code Injection | CWE-94 | Critical | Dynamic code execution |
|
|
203
|
+
| XSS | CWE-79 | High | User input in HTML output |
|
|
204
|
+
| Path Traversal | CWE-22 | High | User input in file paths |
|
|
205
|
+
| SSRF | CWE-918 | High | Server-side request forgery |
|
|
206
|
+
| LDAP Injection | CWE-90 | High | User input in LDAP queries |
|
|
207
|
+
| XPath Injection | CWE-643 | High | User input in XPath queries |
|
|
208
|
+
| NoSQL Injection | CWE-943 | High | User input in NoSQL queries |
|
|
209
|
+
| Open Redirect | CWE-601 | Medium | User controls redirect destination |
|
|
210
|
+
| Log Injection | CWE-117 | Medium | User input in logs |
|
|
211
|
+
| Trust Boundary | CWE-501 | Medium | Data crosses trust boundary |
|
|
212
|
+
| External Taint | CWE-668 | Medium | External input reaches sensitive sink |
|
|
213
|
+
| Weak Random | CWE-330 | Low | Weak random number generator |
|
|
214
|
+
| Weak Hash | CWE-327 | Low | Weak hashing algorithm |
|
|
215
|
+
| Weak Crypto | CWE-327 | Low | Weak cryptographic algorithm |
|
|
216
|
+
| Insecure Cookie | CWE-614 | Low | Cookie without Secure/HttpOnly flags |
|
|
198
217
|
|
|
199
218
|
## Configuration
|
|
200
219
|
|
|
@@ -212,7 +231,7 @@ sources:
|
|
|
212
231
|
|
|
213
232
|
## SAST Findings & Quality Passes
|
|
214
233
|
|
|
215
|
-
The
|
|
234
|
+
The 36-pass pipeline emits `SastFinding[]` via `result.findings`. Each finding is SARIF 2.1.0-aligned:
|
|
216
235
|
|
|
217
236
|
```typescript
|
|
218
237
|
interface SastFinding {
|
|
@@ -230,21 +249,57 @@ interface SastFinding {
|
|
|
230
249
|
}
|
|
231
250
|
```
|
|
232
251
|
|
|
233
|
-
**
|
|
234
|
-
|
|
235
|
-
|
|
|
236
|
-
|
|
237
|
-
|
|
|
238
|
-
|
|
|
239
|
-
|
|
|
240
|
-
|
|
|
241
|
-
|
|
|
242
|
-
|
|
243
|
-
|
|
244
|
-
|
|
245
|
-
|
|
246
|
-
|
|
247
|
-
|
|
252
|
+
**Pass categories** (see [docs/PASSES.md](docs/PASSES.md) for the full registry with all 36 rule IDs and CWEs):
|
|
253
|
+
|
|
254
|
+
| Category | Passes | Example rule_ids |
|
|
255
|
+
|----------|--------|-----------------|
|
|
256
|
+
| `security` (19) | Taint matching, propagation, inter-procedural | _(produces `taint.flows`)_ |
|
|
257
|
+
| `reliability` (16) | Resource management, control flow, exception handling | `null-deref`, `resource-leak`, `infinite-loop`, `double-close`, `use-after-close`, `missing-guard-dom`, `cleanup-verify`, `unhandled-exception`, `broad-catch`, `swallowed-exception` |
|
|
258
|
+
| `performance` (5) | Loop efficiency, async patterns | `n-plus-one`, `redundant-loop-computation`, `unbounded-collection`, `serial-await`, `react-inline-jsx` |
|
|
259
|
+
| `maintainability` (3) | Documentation, markers | `missing-public-doc`, `todo-in-prod`, `stale-doc-ref` |
|
|
260
|
+
| `architecture` (6) | Coupling, inheritance, interface contracts | `circular-dependency`, `orphan-module`, `dependency-fan-out`, `deep-inheritance`, `missing-override`, `unused-interface-method` |
|
|
261
|
+
|
|
262
|
+
## Metrics Engine
|
|
263
|
+
|
|
264
|
+
`result.metrics` is always populated with 24 software quality metrics:
|
|
265
|
+
|
|
266
|
+
```typescript
|
|
267
|
+
interface FileMetrics {
|
|
268
|
+
// Complexity
|
|
269
|
+
cyclomatic_complexity: number; // v(G) per method average
|
|
270
|
+
WMC: number; // Weighted methods per class
|
|
271
|
+
halstead_volume: number; // Halstead volume
|
|
272
|
+
halstead_difficulty: number;
|
|
273
|
+
halstead_effort: number;
|
|
274
|
+
halstead_bugs: number;
|
|
275
|
+
|
|
276
|
+
// Size
|
|
277
|
+
LOC: number; // Lines of code
|
|
278
|
+
NLOC: number; // Non-blank lines
|
|
279
|
+
comment_density: number; // Comment lines / total lines
|
|
280
|
+
function_count: number;
|
|
281
|
+
|
|
282
|
+
// Coupling
|
|
283
|
+
CBO: number; // Coupling between objects
|
|
284
|
+
RFC: number; // Response for a class
|
|
285
|
+
|
|
286
|
+
// Inheritance
|
|
287
|
+
DIT: number; // Depth of inheritance tree
|
|
288
|
+
NOC: number; // Number of children
|
|
289
|
+
|
|
290
|
+
// Cohesion
|
|
291
|
+
LCOM: number; // Lack of cohesion in methods
|
|
292
|
+
|
|
293
|
+
// Documentation
|
|
294
|
+
doc_coverage: number; // Fraction of public APIs documented
|
|
295
|
+
|
|
296
|
+
// Composite scores (0–100)
|
|
297
|
+
maintainability_index: number;
|
|
298
|
+
code_quality_index: number;
|
|
299
|
+
bug_hotspot_score: number;
|
|
300
|
+
refactoring_roi: number;
|
|
301
|
+
}
|
|
302
|
+
```
|
|
248
303
|
|
|
249
304
|
## Key Analysis Features
|
|
250
305
|
|
|
@@ -253,6 +308,9 @@ interface SastFinding {
|
|
|
253
308
|
- **Inter-Procedural Analysis**: Tracks taint across method boundaries
|
|
254
309
|
- **Sanitizer Recognition**: Detects PreparedStatement, ESAPI, escapeHtml, and other sanitizers
|
|
255
310
|
- **Collection Tracking**: Precise taint tracking through List/Map operations with index shifting
|
|
311
|
+
- **Dominator Tree Analysis**: Powers `missing-guard-dom` (CWE-285) and `cleanup-verify` (CWE-772) via post-dominator computation
|
|
312
|
+
- **TypeHierarchy Resolution**: `PreparedStatement.executeQuery()` matches `Statement`-level sink configs — no duplicate config entries needed
|
|
313
|
+
- **Exception Flow Graph**: Tracks try/catch structure for `unhandled-exception`, `broad-catch`, `swallowed-exception`
|
|
256
314
|
|
|
257
315
|
## Benchmark Results
|
|
258
316
|
|
|
@@ -15157,6 +15157,8 @@ var JavaPlugin = class extends BaseLanguagePlugin {
|
|
|
15157
15157
|
tryStatement: ["try_statement", "try_with_resources_statement"],
|
|
15158
15158
|
returnStatement: ["return_statement"]
|
|
15159
15159
|
};
|
|
15160
|
+
/** Cache: maps a parse Tree to its var-name → simple-type map. */
|
|
15161
|
+
_typeMapCache = /* @__PURE__ */ new WeakMap();
|
|
15160
15162
|
/**
|
|
15161
15163
|
* Detect Java frameworks from imports and annotations.
|
|
15162
15164
|
*/
|
|
@@ -15438,6 +15440,42 @@ var JavaPlugin = class extends BaseLanguagePlugin {
|
|
|
15438
15440
|
}
|
|
15439
15441
|
];
|
|
15440
15442
|
}
|
|
15443
|
+
/**
|
|
15444
|
+
* Walk `tree` once and build a map of { variableName → simpleTypeName }.
|
|
15445
|
+
* Covers both field declarations and local variable declarations.
|
|
15446
|
+
* Generics and array brackets are stripped: `List<String>` → `List`, `int[]` → `int`.
|
|
15447
|
+
* Result is cached per Tree instance so subsequent calls are O(1).
|
|
15448
|
+
*/
|
|
15449
|
+
buildVarTypeMap(tree) {
|
|
15450
|
+
const cached = this._typeMapCache.get(tree);
|
|
15451
|
+
if (cached) return cached;
|
|
15452
|
+
const map = /* @__PURE__ */ new Map();
|
|
15453
|
+
const collectDecl = (declNode) => {
|
|
15454
|
+
const typeNode = declNode.childForFieldName("type");
|
|
15455
|
+
if (!typeNode) return;
|
|
15456
|
+
const raw = typeNode.text;
|
|
15457
|
+
const baseType = raw.includes("<") ? raw.substring(0, raw.indexOf("<")).trim() : raw.replace(/\[\]/g, "").trim();
|
|
15458
|
+
for (let i2 = 0; i2 < declNode.childCount; i2++) {
|
|
15459
|
+
const child = declNode.child(i2);
|
|
15460
|
+
if (child?.type === "variable_declarator") {
|
|
15461
|
+
const nameNode = child.childForFieldName("name");
|
|
15462
|
+
if (nameNode) map.set(nameNode.text, baseType);
|
|
15463
|
+
}
|
|
15464
|
+
}
|
|
15465
|
+
};
|
|
15466
|
+
const walk = (node) => {
|
|
15467
|
+
if (node.type === "field_declaration" || node.type === "local_variable_declaration") {
|
|
15468
|
+
collectDecl(node);
|
|
15469
|
+
}
|
|
15470
|
+
for (let i2 = 0; i2 < node.childCount; i2++) {
|
|
15471
|
+
const child = node.child(i2);
|
|
15472
|
+
if (child) walk(child);
|
|
15473
|
+
}
|
|
15474
|
+
};
|
|
15475
|
+
walk(tree.rootNode);
|
|
15476
|
+
this._typeMapCache.set(tree, map);
|
|
15477
|
+
return map;
|
|
15478
|
+
}
|
|
15441
15479
|
/**
|
|
15442
15480
|
* Get receiver type from a method invocation node.
|
|
15443
15481
|
*/
|
|
@@ -15446,8 +15484,8 @@ var JavaPlugin = class extends BaseLanguagePlugin {
|
|
|
15446
15484
|
const receiver = node.childForFieldName("object");
|
|
15447
15485
|
if (!receiver) return void 0;
|
|
15448
15486
|
if (receiver.type === "identifier") {
|
|
15449
|
-
const
|
|
15450
|
-
return
|
|
15487
|
+
const typeMap = this.buildVarTypeMap(context.tree);
|
|
15488
|
+
return typeMap.get(receiver.text);
|
|
15451
15489
|
}
|
|
15452
15490
|
if (receiver.type === "field_access") {
|
|
15453
15491
|
return receiver.text;
|
|
@@ -16,6 +16,8 @@ export declare class JavaPlugin extends BaseLanguagePlugin {
|
|
|
16
16
|
readonly extensions: string[];
|
|
17
17
|
readonly wasmPath = "tree-sitter-java.wasm";
|
|
18
18
|
readonly nodeTypes: LanguageNodeTypes;
|
|
19
|
+
/** Cache: maps a parse Tree to its var-name → simple-type map. */
|
|
20
|
+
private readonly _typeMapCache;
|
|
19
21
|
/**
|
|
20
22
|
* Detect Java frameworks from imports and annotations.
|
|
21
23
|
*/
|
|
@@ -30,6 +32,13 @@ export declare class JavaPlugin extends BaseLanguagePlugin {
|
|
|
30
32
|
* These supplement the YAML configuration.
|
|
31
33
|
*/
|
|
32
34
|
getBuiltinSinks(): TaintSinkPattern[];
|
|
35
|
+
/**
|
|
36
|
+
* Walk `tree` once and build a map of { variableName → simpleTypeName }.
|
|
37
|
+
* Covers both field declarations and local variable declarations.
|
|
38
|
+
* Generics and array brackets are stripped: `List<String>` → `List`, `int[]` → `int`.
|
|
39
|
+
* Result is cached per Tree instance so subsequent calls are O(1).
|
|
40
|
+
*/
|
|
41
|
+
private buildVarTypeMap;
|
|
33
42
|
/**
|
|
34
43
|
* Get receiver type from a method invocation node.
|
|
35
44
|
*/
|
|
@@ -39,6 +39,8 @@ export class JavaPlugin extends BaseLanguagePlugin {
|
|
|
39
39
|
tryStatement: ['try_statement', 'try_with_resources_statement'],
|
|
40
40
|
returnStatement: ['return_statement'],
|
|
41
41
|
};
|
|
42
|
+
/** Cache: maps a parse Tree to its var-name → simple-type map. */
|
|
43
|
+
_typeMapCache = new WeakMap();
|
|
42
44
|
/**
|
|
43
45
|
* Detect Java frameworks from imports and annotations.
|
|
44
46
|
*/
|
|
@@ -324,6 +326,48 @@ export class JavaPlugin extends BaseLanguagePlugin {
|
|
|
324
326
|
},
|
|
325
327
|
];
|
|
326
328
|
}
|
|
329
|
+
/**
|
|
330
|
+
* Walk `tree` once and build a map of { variableName → simpleTypeName }.
|
|
331
|
+
* Covers both field declarations and local variable declarations.
|
|
332
|
+
* Generics and array brackets are stripped: `List<String>` → `List`, `int[]` → `int`.
|
|
333
|
+
* Result is cached per Tree instance so subsequent calls are O(1).
|
|
334
|
+
*/
|
|
335
|
+
buildVarTypeMap(tree) {
|
|
336
|
+
const cached = this._typeMapCache.get(tree);
|
|
337
|
+
if (cached)
|
|
338
|
+
return cached;
|
|
339
|
+
const map = new Map();
|
|
340
|
+
const collectDecl = (declNode) => {
|
|
341
|
+
const typeNode = declNode.childForFieldName('type');
|
|
342
|
+
if (!typeNode)
|
|
343
|
+
return;
|
|
344
|
+
const raw = typeNode.text;
|
|
345
|
+
const baseType = raw.includes('<')
|
|
346
|
+
? raw.substring(0, raw.indexOf('<')).trim()
|
|
347
|
+
: raw.replace(/\[\]/g, '').trim();
|
|
348
|
+
for (let i = 0; i < declNode.childCount; i++) {
|
|
349
|
+
const child = declNode.child(i);
|
|
350
|
+
if (child?.type === 'variable_declarator') {
|
|
351
|
+
const nameNode = child.childForFieldName('name');
|
|
352
|
+
if (nameNode)
|
|
353
|
+
map.set(nameNode.text, baseType);
|
|
354
|
+
}
|
|
355
|
+
}
|
|
356
|
+
};
|
|
357
|
+
const walk = (node) => {
|
|
358
|
+
if (node.type === 'field_declaration' || node.type === 'local_variable_declaration') {
|
|
359
|
+
collectDecl(node);
|
|
360
|
+
}
|
|
361
|
+
for (let i = 0; i < node.childCount; i++) {
|
|
362
|
+
const child = node.child(i);
|
|
363
|
+
if (child)
|
|
364
|
+
walk(child);
|
|
365
|
+
}
|
|
366
|
+
};
|
|
367
|
+
walk(tree.rootNode);
|
|
368
|
+
this._typeMapCache.set(tree, map);
|
|
369
|
+
return map;
|
|
370
|
+
}
|
|
327
371
|
/**
|
|
328
372
|
* Get receiver type from a method invocation node.
|
|
329
373
|
*/
|
|
@@ -333,14 +377,12 @@ export class JavaPlugin extends BaseLanguagePlugin {
|
|
|
333
377
|
const receiver = node.childForFieldName('object');
|
|
334
378
|
if (!receiver)
|
|
335
379
|
return undefined;
|
|
336
|
-
// If receiver is an identifier,
|
|
380
|
+
// If receiver is an identifier, resolve its declared type from the parse tree
|
|
337
381
|
if (receiver.type === 'identifier') {
|
|
338
|
-
const
|
|
339
|
-
|
|
340
|
-
// This is a simplified lookup - full implementation would use scope analysis
|
|
341
|
-
return undefined; // TODO: Implement type resolution
|
|
382
|
+
const typeMap = this.buildVarTypeMap(context.tree);
|
|
383
|
+
return typeMap.get(receiver.text);
|
|
342
384
|
}
|
|
343
|
-
// If receiver is a field access, return the field
|
|
385
|
+
// If receiver is a field access, return the field text (class or qualified name)
|
|
344
386
|
if (receiver.type === 'field_access') {
|
|
345
387
|
return receiver.text;
|
|
346
388
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"java.js","sourceRoot":"","sources":["../../../src/languages/plugins/java.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAeH,OAAO,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAE/C;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,kBAAkB;IACvC,EAAE,GAAG,MAAe,CAAC;IACrB,IAAI,GAAG,MAAM,CAAC;IACd,UAAU,GAAG,CAAC,OAAO,CAAC,CAAC;IACvB,QAAQ,GAAG,uBAAuB,CAAC;IAEnC,SAAS,GAAsB;QACtC,oBAAoB;QACpB,gBAAgB,EAAE,CAAC,mBAAmB,CAAC;QACvC,oBAAoB,EAAE,CAAC,uBAAuB,CAAC;QAC/C,eAAe,EAAE,CAAC,kBAAkB,CAAC;QACrC,mBAAmB,EAAE,EAAE;QACvB,iBAAiB,EAAE,CAAC,oBAAoB,EAAE,yBAAyB,CAAC;QAEpE,cAAc;QACd,UAAU,EAAE,CAAC,mBAAmB,CAAC;QACjC,YAAY,EAAE,EAAE;QAChB,UAAU,EAAE,CAAC,uBAAuB,CAAC;QACrC,mBAAmB,EAAE,CAAC,4BAA4B,EAAE,mBAAmB,CAAC;QAExE,2BAA2B;QAC3B,SAAS,EAAE,CAAC,kBAAkB,EAAE,kBAAkB,CAAC;QACnD,QAAQ,EAAE,CAAC,eAAe,CAAC;QAE3B,yBAAyB;QACzB,UAAU,EAAE,CAAC,mBAAmB,EAAE,YAAY,CAAC;QAC/C,SAAS,EAAE,EAAE;QAEb,UAAU;QACV,eAAe,EAAE,CAAC,oBAAoB,CAAC;QAEvC,eAAe;QACf,WAAW,EAAE,CAAC,cAAc,CAAC;QAC7B,YAAY,EAAE,CAAC,eAAe,EAAE,wBAAwB,CAAC;QACzD,cAAc,EAAE,CAAC,iBAAiB,CAAC;QACnC,YAAY,EAAE,CAAC,eAAe,EAAE,8BAA8B,CAAC;QAC/D,eAAe,EAAE,CAAC,kBAAkB,CAAC;KACtC,CAAC;IAEF;;OAEG;IACH,eAAe,CAAC,OAA0B;QACxC,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,IAAI,SAA6B,CAAC;QAClC,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,uCAAuC;QACvC,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YAClC,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,aAAa,CAAC;YAEnD,mBAAmB;YACnB,IAAI,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAC3C,SAAS,GAAG,QAAQ,CAAC;gBACrB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;gBACvC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;YAED,uBAAuB;YACvB,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7D,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC7B,SAAS,GAAG,SAAS,IAAI,SAAS,CAAC;oBACnC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;oBACvC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3B,SAAS,GAAG,QAAQ,CAAC;oBACrB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;oBACxC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,SAAS;YACT,IAAI,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBACzC,SAAS,GAAG,QAAQ,CAAC;gBACrB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACxC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;YAED,UAAU;YACV,IAAI,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,SAAS,GAAG,SAAS,CAAC;gBACtB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACxC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC;QACrD,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;OAGG;IACH,iBAAiB;QACf,OAAO;YACL,yBAAyB;YACzB;gBACE,UAAU,EAAE,cAAc;gBAC1B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,aAAa;gBACzB,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,cAAc;gBAC1B,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,eAAe;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,aAAa;gBACzB,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,gBAAgB;gBAC5B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YAED,qBAAqB;YACrB;gBACE,UAAU,EAAE,YAAY;gBACxB,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,aAAa;gBACzB,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YAED,cAAc;YACd;gBACE,MAAM,EAAE,cAAc;gBACtB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,oBAAoB;gBAC5B,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,WAAW;gBACnB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,YAAY;gBACpB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,gBAAgB;gBACxB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,WAAW;gBACnB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;SACF,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,eAAe;QACb,OAAO;YACL,gBAAgB;YAChB;gBACE,MAAM,EAAE,cAAc;gBACtB,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,eAAe;gBACrB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,eAAe;gBACvB,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,eAAe;gBACrB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,SAAS;gBACjB,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,eAAe;gBACrB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,oBAAoB;YACpB;gBACE,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,SAAS;gBAChB,IAAI,EAAE,mBAAmB;gBACzB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,OAAO;gBACf,KAAK,EAAE,gBAAgB;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,EAAE,EAAG,iCAAiC;aACrD;YAED,iBAAiB;YACjB;gBACE,MAAM,EAAE,iBAAiB;gBACzB,IAAI,EAAE,gBAAgB;gBACtB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,kBAAkB;gBAC1B,IAAI,EAAE,gBAAgB;gBACtB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,MAAM;YACN;gBACE,MAAM,EAAE,OAAO;gBACf,KAAK,EAAE,aAAa;gBACpB,IAAI,EAAE,KAAK;gBACX,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,SAAS;gBACjB,KAAK,EAAE,aAAa;gBACpB,IAAI,EAAE,KAAK;gBACX,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,iBAAiB;YACjB;gBACE,MAAM,EAAE,QAAQ;gBAChB,KAAK,EAAE,YAAY;gBACnB,IAAI,EAAE,gBAAgB;gBACtB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;aACrB;YAED,kBAAkB;YAClB;gBACE,MAAM,EAAE,UAAU;gBAClB,KAAK,EAAE,OAAO;gBACd,IAAI,EAAE,iBAAiB;gBACvB,GAAG,EAAE,SAAS;gBACd,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,kBAAkB;YAClB;gBACE,MAAM,EAAE,YAAY;gBACpB,KAAK,EAAE,mBAAmB;gBAC1B,IAAI,EAAE,iBAAiB;gBACvB,GAAG,EAAE,SAAS;gBACd,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,EAAE;aACjB;SACF,CAAC;IACJ,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAgB,EAAE,OAA0B;QAC1D,IAAI,IAAI,CAAC,IAAI,KAAK,mBAAmB;YAAE,OAAO,SAAS,CAAC;QAExD,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ;YAAE,OAAO,SAAS,CAAC;QAEhC,iDAAiD;QACjD,IAAI,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACnC,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC3B,+CAA+C;YAC/C,6EAA6E;YAC7E,OAAO,SAAS,CAAC,CAAE,kCAAkC;QACvD,CAAC;QAED,uDAAuD;QACvD,IAAI,QAAQ,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;YACrC,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAgB;QAC9B,OAAO,IAAI,CAAC,IAAI,KAAK,gBAAgB,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,IAAgB;QAC7B,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;YAAE,OAAO,SAAS,CAAC;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;QACvB,4BAA4B;QAC5B,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,+DAA+D;IAC/D,8DAA8D;IAE9D,YAAY,CAAC,OAA0B;QACrC,kCAAkC;QAClC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,YAAY,CAAC,OAA0B;QACrC,kCAAkC;QAClC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,cAAc,CAAC,OAA0B;QACvC,kCAAkC;QAClC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,cAAc,CAAC,OAA0B;QACvC,mCAAmC;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QAC9E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;QAE5C,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QACpC,CAAC;QAED,iDAAiD;QACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC/B,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,mBAAmB,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,EAAE,CAAC;gBACjF,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}
|
|
1
|
+
{"version":3,"file":"java.js","sourceRoot":"","sources":["../../../src/languages/plugins/java.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAeH,OAAO,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAE/C;;GAEG;AACH,MAAM,OAAO,UAAW,SAAQ,kBAAkB;IACvC,EAAE,GAAG,MAAe,CAAC;IACrB,IAAI,GAAG,MAAM,CAAC;IACd,UAAU,GAAG,CAAC,OAAO,CAAC,CAAC;IACvB,QAAQ,GAAG,uBAAuB,CAAC;IAEnC,SAAS,GAAsB;QACtC,oBAAoB;QACpB,gBAAgB,EAAE,CAAC,mBAAmB,CAAC;QACvC,oBAAoB,EAAE,CAAC,uBAAuB,CAAC;QAC/C,eAAe,EAAE,CAAC,kBAAkB,CAAC;QACrC,mBAAmB,EAAE,EAAE;QACvB,iBAAiB,EAAE,CAAC,oBAAoB,EAAE,yBAAyB,CAAC;QAEpE,cAAc;QACd,UAAU,EAAE,CAAC,mBAAmB,CAAC;QACjC,YAAY,EAAE,EAAE;QAChB,UAAU,EAAE,CAAC,uBAAuB,CAAC;QACrC,mBAAmB,EAAE,CAAC,4BAA4B,EAAE,mBAAmB,CAAC;QAExE,2BAA2B;QAC3B,SAAS,EAAE,CAAC,kBAAkB,EAAE,kBAAkB,CAAC;QACnD,QAAQ,EAAE,CAAC,eAAe,CAAC;QAE3B,yBAAyB;QACzB,UAAU,EAAE,CAAC,mBAAmB,EAAE,YAAY,CAAC;QAC/C,SAAS,EAAE,EAAE;QAEb,UAAU;QACV,eAAe,EAAE,CAAC,oBAAoB,CAAC;QAEvC,eAAe;QACf,WAAW,EAAE,CAAC,cAAc,CAAC;QAC7B,YAAY,EAAE,CAAC,eAAe,EAAE,wBAAwB,CAAC;QACzD,cAAc,EAAE,CAAC,iBAAiB,CAAC;QACnC,YAAY,EAAE,CAAC,eAAe,EAAE,8BAA8B,CAAC;QAC/D,eAAe,EAAE,CAAC,kBAAkB,CAAC;KACtC,CAAC;IAEF,kEAAkE;IACjD,aAAa,GAAG,IAAI,OAAO,EAA6B,CAAC;IAE1E;;OAEG;IACH,eAAe,CAAC,OAA0B;QACxC,MAAM,UAAU,GAAa,EAAE,CAAC;QAChC,IAAI,SAA6B,CAAC;QAClC,IAAI,UAAU,GAAG,CAAC,CAAC;QAEnB,uCAAuC;QACvC,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YAClC,MAAM,IAAI,GAAG,GAAG,CAAC,YAAY,IAAI,GAAG,CAAC,aAAa,CAAC;YAEnD,mBAAmB;YACnB,IAAI,IAAI,CAAC,UAAU,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAC3C,SAAS,GAAG,QAAQ,CAAC;gBACrB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;gBACvC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;YAED,uBAAuB;YACvB,IAAI,IAAI,CAAC,UAAU,CAAC,UAAU,CAAC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC7D,IAAI,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;oBAC7B,SAAS,GAAG,SAAS,IAAI,SAAS,CAAC;oBACnC,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,GAAG,CAAC,CAAC;oBACvC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;gBACD,IAAI,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC3B,SAAS,GAAG,QAAQ,CAAC;oBACrB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;oBACxC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;gBACrC,CAAC;YACH,CAAC;YAED,SAAS;YACT,IAAI,IAAI,CAAC,UAAU,CAAC,mBAAmB,CAAC,EAAE,CAAC;gBACzC,SAAS,GAAG,QAAQ,CAAC;gBACrB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACxC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;YAED,UAAU;YACV,IAAI,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,EAAE,CAAC;gBAClC,SAAS,GAAG,SAAS,CAAC;gBACtB,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;gBACxC,UAAU,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC;YACrC,CAAC;QACH,CAAC;QAED,IAAI,SAAS,EAAE,CAAC;YACd,OAAO,EAAE,IAAI,EAAE,SAAS,EAAE,UAAU,EAAE,UAAU,EAAE,CAAC;QACrD,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;;OAGG;IACH,iBAAiB;QACf,OAAO;YACL,yBAAyB;YACzB;gBACE,UAAU,EAAE,cAAc;gBAC1B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,aAAa;gBACzB,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,cAAc;gBAC1B,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,eAAe;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,aAAa;gBACzB,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,gBAAgB;gBAC5B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YAED,qBAAqB;YACrB;gBACE,UAAU,EAAE,YAAY;gBACxB,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,WAAW;gBACvB,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,UAAU,EAAE,aAAa;gBACzB,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YAED,cAAc;YACd;gBACE,MAAM,EAAE,cAAc;gBACtB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,oBAAoB;gBAC5B,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,WAAW;gBACnB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,YAAY;gBACpB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,GAAG;gBACf,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,gBAAgB;gBACxB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;YACD;gBACE,MAAM,EAAE,WAAW;gBACnB,KAAK,EAAE,oBAAoB;gBAC3B,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,MAAM;gBAChB,UAAU,EAAE,IAAI;gBAChB,aAAa,EAAE,IAAI;aACpB;SACF,CAAC;IACJ,CAAC;IAED;;;OAGG;IACH,eAAe;QACb,OAAO;YACL,gBAAgB;YAChB;gBACE,MAAM,EAAE,cAAc;gBACtB,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,eAAe;gBACrB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,eAAe;gBACvB,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,eAAe;gBACrB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,SAAS;gBACjB,KAAK,EAAE,WAAW;gBAClB,IAAI,EAAE,eAAe;gBACrB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,oBAAoB;YACpB;gBACE,MAAM,EAAE,MAAM;gBACd,KAAK,EAAE,SAAS;gBAChB,IAAI,EAAE,mBAAmB;gBACzB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,OAAO;gBACf,KAAK,EAAE,gBAAgB;gBACvB,IAAI,EAAE,mBAAmB;gBACzB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,EAAE,EAAG,iCAAiC;aACrD;YAED,iBAAiB;YACjB;gBACE,MAAM,EAAE,iBAAiB;gBACzB,IAAI,EAAE,gBAAgB;gBACtB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,kBAAkB;gBAC1B,IAAI,EAAE,gBAAgB;gBACtB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,MAAM;YACN;gBACE,MAAM,EAAE,OAAO;gBACf,KAAK,EAAE,aAAa;gBACpB,IAAI,EAAE,KAAK;gBACX,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YACD;gBACE,MAAM,EAAE,SAAS;gBACjB,KAAK,EAAE,aAAa;gBACpB,IAAI,EAAE,KAAK;gBACX,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,iBAAiB;YACjB;gBACE,MAAM,EAAE,QAAQ;gBAChB,KAAK,EAAE,YAAY;gBACnB,IAAI,EAAE,gBAAgB;gBACtB,GAAG,EAAE,QAAQ;gBACb,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,EAAE,CAAC,CAAC;aACrB;YAED,kBAAkB;YAClB;gBACE,MAAM,EAAE,UAAU;gBAClB,KAAK,EAAE,OAAO;gBACd,IAAI,EAAE,iBAAiB;gBACvB,GAAG,EAAE,SAAS;gBACd,QAAQ,EAAE,MAAM;gBAChB,YAAY,EAAE,CAAC,CAAC,CAAC;aAClB;YAED,kBAAkB;YAClB;gBACE,MAAM,EAAE,YAAY;gBACpB,KAAK,EAAE,mBAAmB;gBAC1B,IAAI,EAAE,iBAAiB;gBACvB,GAAG,EAAE,SAAS;gBACd,QAAQ,EAAE,UAAU;gBACpB,YAAY,EAAE,EAAE;aACjB;SACF,CAAC;IACJ,CAAC;IAED;;;;;OAKG;IACK,eAAe,CAAC,IAAU;QAChC,MAAM,MAAM,GAAG,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QAC5C,IAAI,MAAM;YAAE,OAAO,MAAM,CAAC;QAE1B,MAAM,GAAG,GAAG,IAAI,GAAG,EAAkB,CAAC;QAEtC,MAAM,WAAW,GAAG,CAAC,QAAoB,EAAQ,EAAE;YACjD,MAAM,QAAQ,GAAG,QAAQ,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;YACpD,IAAI,CAAC,QAAQ;gBAAE,OAAO;YACtB,MAAM,GAAG,GAAG,QAAQ,CAAC,IAAI,CAAC;YAC1B,MAAM,QAAQ,GAAG,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAChC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE;gBAC3C,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YAEpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;gBAC7C,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAChC,IAAI,KAAK,EAAE,IAAI,KAAK,qBAAqB,EAAE,CAAC;oBAC1C,MAAM,QAAQ,GAAG,KAAK,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;oBACjD,IAAI,QAAQ;wBAAE,GAAG,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;gBACjD,CAAC;YACH,CAAC;QACH,CAAC,CAAC;QAEF,MAAM,IAAI,GAAG,CAAC,IAAgB,EAAQ,EAAE;YACtC,IAAI,IAAI,CAAC,IAAI,KAAK,mBAAmB,IAAI,IAAI,CAAC,IAAI,KAAK,4BAA4B,EAAE,CAAC;gBACpF,WAAW,CAAC,IAAI,CAAC,CAAC;YACpB,CAAC;YACD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;gBACzC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;gBAC5B,IAAI,KAAK;oBAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YACzB,CAAC;QACH,CAAC,CAAC;QAEF,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACpB,IAAI,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;QAClC,OAAO,GAAG,CAAC;IACb,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAgB,EAAE,OAA0B;QAC1D,IAAI,IAAI,CAAC,IAAI,KAAK,mBAAmB;YAAE,OAAO,SAAS,CAAC;QAExD,MAAM,QAAQ,GAAG,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,CAAC;QAClD,IAAI,CAAC,QAAQ;YAAE,OAAO,SAAS,CAAC;QAEhC,8EAA8E;QAC9E,IAAI,QAAQ,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACnC,MAAM,OAAO,GAAG,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;YACnD,OAAO,OAAO,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;QACpC,CAAC;QAED,iFAAiF;QACjF,IAAI,QAAQ,CAAC,IAAI,KAAK,cAAc,EAAE,CAAC;YACrC,OAAO,QAAQ,CAAC,IAAI,CAAC;QACvB,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;IAED;;OAEG;IACH,eAAe,CAAC,IAAgB;QAC9B,OAAO,IAAI,CAAC,IAAI,KAAK,gBAAgB,CAAC;IACxC,CAAC;IAED;;OAEG;IACH,cAAc,CAAC,IAAgB;QAC7B,IAAI,IAAI,CAAC,IAAI,KAAK,gBAAgB;YAAE,OAAO,SAAS,CAAC;QACrD,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC;QACvB,4BAA4B;QAC5B,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;YAC/C,OAAO,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,+DAA+D;IAC/D,8DAA8D;IAE9D,YAAY,CAAC,OAA0B;QACrC,kCAAkC;QAClC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,YAAY,CAAC,OAA0B;QACrC,kCAAkC;QAClC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,cAAc,CAAC,OAA0B;QACvC,kCAAkC;QAClC,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,cAAc,CAAC,OAA0B;QACvC,mCAAmC;QACnC,MAAM,QAAQ,GAAG,IAAI,CAAC,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,EAAE,qBAAqB,CAAC,CAAC;QAC9E,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,SAAS,CAAC;QAE5C,MAAM,OAAO,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC;QACnD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;QACpC,CAAC;QAED,iDAAiD;QACjD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC,EAAE,EAAE,CAAC;YAC5C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAC/B,IAAI,KAAK,IAAI,CAAC,KAAK,CAAC,IAAI,KAAK,mBAAmB,IAAI,KAAK,CAAC,IAAI,KAAK,YAAY,CAAC,EAAE,CAAC;gBACjF,OAAO,IAAI,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC;YACjC,CAAC;QACH,CAAC;QAED,OAAO,SAAS,CAAC;IACnB,CAAC;CACF"}
|
package/docs/SPEC.md
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
# Circle-IR 3.0 Specification
|
|
2
2
|
|
|
3
3
|
**Status**: Living Document
|
|
4
|
-
**Last Updated**: 2026-03-
|
|
4
|
+
**Last Updated**: 2026-03-28
|
|
5
5
|
**Implementation**: Python (reference) → TypeScript (target)
|
|
6
6
|
|
|
7
7
|
---
|
|
@@ -28,7 +28,13 @@
|
|
|
28
28
|
| DFG Chains | ⬜ | ⬜ | Pending |
|
|
29
29
|
| Project-Level (`analyzeProject`) | ⬜ | ✅ | Done |
|
|
30
30
|
| SAST Findings (`SastFinding[]`) | ⬜ | ✅ | Done (v3.9.1) |
|
|
31
|
-
|
|
|
31
|
+
| Software Metrics (`FileMetrics`, 24 metrics) | ⬜ | ✅ | Done (v3.9.5) |
|
|
32
|
+
| Reliability passes (null-deref, resource-leak, unchecked-return, dead-code, variable-shadowing, leaked-global, unused-variable, missing-await, sync-io-async, string-concat-loop, infinite-loop, double-close, use-after-close, unhandled-exception, broad-catch, swallowed-exception) | ⬜ | ✅ | Done (v3.9.0–3.9.9) |
|
|
33
|
+
| Performance passes (n-plus-one, redundant-loop-computation, unbounded-collection, serial-await, react-inline-jsx) | ⬜ | ✅ | Done (v3.9.0–3.9.8) |
|
|
34
|
+
| Maintainability passes (missing-public-doc, todo-in-prod, stale-doc-ref) | ⬜ | ✅ | Done (v3.9.0–3.9.8) |
|
|
35
|
+
| Architecture passes (circular-dependency, orphan-module, dependency-fan-out, deep-inheritance, missing-override, unused-interface-method) | ⬜ | ✅ | Done (v3.9.0–3.11.0) |
|
|
36
|
+
| TypeHierarchy resolver (polymorphic sink matching) | ⬜ | ✅ | Done (v3.11.0) |
|
|
37
|
+
| Dominator-tree passes (missing-guard-dom, cleanup-verify) | ⬜ | ✅ | Done (v3.11.0) |
|
|
32
38
|
|
|
33
39
|
---
|
|
34
40
|
|
|
@@ -47,12 +53,15 @@ Circle-IR produces JSON with this top-level structure:
|
|
|
47
53
|
"imports": [ ],
|
|
48
54
|
"exports": [ ],
|
|
49
55
|
"findings": [ ],
|
|
56
|
+
"metrics": { },
|
|
50
57
|
"unresolved": [ ],
|
|
51
58
|
"enriched": { }
|
|
52
59
|
}
|
|
53
60
|
```
|
|
54
61
|
|
|
55
|
-
`findings` is a `SastFinding[]` populated by the
|
|
62
|
+
`findings` is a `SastFinding[]` populated by the 36-pass `AnalysisPipeline` (19 security taint passes + 17 quality passes). Each finding is SARIF 2.1.0-aligned with `rule_id`, `category` (`PassCategory`), `severity`, `level` (`SarifLevel`), `file`, `line`, `cwe?`, `fix?`, and `evidence?`. See [docs/PASSES.md](PASSES.md) for the full pass registry.
|
|
63
|
+
|
|
64
|
+
`metrics` is a `FileMetrics` object always populated with 24 software quality metrics (cyclomatic complexity, Halstead suite, CK metrics, composite scores). See the Metrics section below.
|
|
56
65
|
|
|
57
66
|
---
|
|
58
67
|
|
|
@@ -64,7 +73,7 @@ File metadata and version information.
|
|
|
64
73
|
interface Meta {
|
|
65
74
|
circle_ir: "3.0";
|
|
66
75
|
file: string;
|
|
67
|
-
language: "java" | "
|
|
76
|
+
language: "java" | "javascript" | "typescript" | "python" | "rust" | "bash";
|
|
68
77
|
loc: number;
|
|
69
78
|
hash: string; // SHA256 prefix (16 chars)
|
|
70
79
|
package?: string; // PENDING: Add to implementation
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "circle-ir",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.12.0",
|
|
4
4
|
"description": "High-performance Static Application Security Testing (SAST) library for detecting security vulnerabilities through taint analysis",
|
|
5
5
|
"main": "dist/index.js",
|
|
6
6
|
"module": "dist/index.js",
|