circle-ir 3.22.3 → 3.23.1

package/README.md

@@ -1,7 +1,7 @@
 # circle-ir
 
-![Trust Score](https://raw.githubusercontent.com/cogniumhq/circle-ir/badges/trust-badge.svg)
-![Quality Score](https://raw.githubusercontent.com/cogniumhq/circle-ir/badges/quality-badge.svg)
+![Trust Score](https://raw.githubusercontent.com/cogniumhq/cognium-dev/badges/trust-badge.svg)
+![Quality Score](https://raw.githubusercontent.com/cogniumhq/cognium-dev/badges/quality-badge.svg)
 
 A high-performance Static Application Security Testing (SAST) library for detecting security vulnerabilities through taint analysis, and code quality findings through an extensible 36-pass analysis pipeline. Works in Node.js and browsers.
 

package/configs/sinks/code_injection.yaml

@@ -490,49 +490,6 @@
       ],
       "note": "Can define arbitrary classes from bytecode"
     },
-    {
-      "method": "newInstance",
-      "type": "code_injection",
-      "cwe": "CWE-94",
-      "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "readObject",
-      "class": "ObjectInputStream",
-      "type": "code_injection",
-      "cwe": "CWE-94",
-      "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "compile",
-      "class": "XPath",
-      "type": "code_injection",
-      "cwe": "CWE-94",
-      "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "println",
-      "class": "PrintWriter",
-      "type": "code_injection",
-      "cwe": "CWE-94",
-      "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
     {
       "method": "onNewInstance",
       "class": "SandboxInterceptor",

package/configs/sinks/path.yaml

@@ -460,17 +460,6 @@
       ],
       "note": "Auto-mined from CVE analysis"
     },
-    {
-      "method": "compile",
-      "class": "XPath",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
     {
       "method": "FileOutputStream",
       "class": "constructor",
@@ -514,17 +503,6 @@
       ],
       "note": "Auto-mined from CVE analysis"
     },
-    {
-      "method": "println",
-      "class": "PrintWriter",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
     {
       "method": "write",
       "type": "path_traversal",
@@ -546,93 +524,6 @@
       ],
       "note": "Auto-mined from CVE analysis"
     },
-    {
-      "method": "forName",
-      "class": "Class",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "newInstance",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "readObject",
-      "class": "ObjectInputStream",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "execute",
-      "class": "Statement",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "start",
-      "class": "ProcessBuilder",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "print",
-      "class": "PrintWriter",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "executeQuery",
-      "class": "Statement",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
-    {
-      "method": "executeUpdate",
-      "class": "Statement",
-      "type": "path_traversal",
-      "cwe": "CWE-22",
-      "severity": "high",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
-    },
     {
       "method": "child",
       "class": "FilePath",

package/configs/sinks/sql.yaml

@@ -142,69 +142,103 @@
       ]
     },
     {
-      "method": "File",
-      "class": "constructor",
+      "method": "insert",
+      "class": "*Mapper",
       "type": "sql_injection",
       "cwe": "CWE-89",
       "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted fields in entity may be interpolated via ${} syntax"
     },
     {
-      "method": "FileInputStream",
-      "class": "constructor",
+      "method": "insertSelective",
+      "class": "*Mapper",
       "type": "sql_injection",
       "cwe": "CWE-89",
       "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted fields in entity may be interpolated via ${} syntax"
     },
     {
-      "method": "getResource",
+      "method": "update",
+      "class": "*Mapper",
       "type": "sql_injection",
       "cwe": "CWE-89",
       "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted fields in entity may be interpolated via ${} syntax"
     },
     {
-      "method": "openConnection",
-      "class": "URL",
+      "method": "updateByPrimaryKey",
+      "class": "*Mapper",
       "type": "sql_injection",
       "cwe": "CWE-89",
       "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted fields in entity may be interpolated via ${} syntax"
     },
     {
-      "method": "openStream",
-      "class": "URL",
+      "method": "updateByPrimaryKeySelective",
+      "class": "*Mapper",
       "type": "sql_injection",
       "cwe": "CWE-89",
       "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted fields in entity may be interpolated via ${} syntax"
     },
     {
-      "method": "forName",
-      "class": "Class",
+      "method": "delete",
+      "class": "*Mapper",
       "type": "sql_injection",
       "cwe": "CWE-89",
       "severity": "critical",
-      "arg_positions": [
-        0
-      ],
-      "note": "Auto-mined from CVE analysis"
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted parameter may be interpolated via ${} syntax"
+    },
+    {
+      "method": "deleteByPrimaryKey",
+      "class": "*Mapper",
+      "type": "sql_injection",
+      "cwe": "CWE-89",
+      "severity": "critical",
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted parameter may be interpolated via ${} syntax"
+    },
+    {
+      "method": "selectOne",
+      "class": "*Mapper",
+      "type": "sql_injection",
+      "cwe": "CWE-89",
+      "severity": "critical",
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted parameter may be interpolated via ${} syntax"
+    },
+    {
+      "method": "selectList",
+      "class": "*Mapper",
+      "type": "sql_injection",
+      "cwe": "CWE-89",
+      "severity": "critical",
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted parameter may be interpolated via ${} syntax"
+    },
+    {
+      "method": "selectByPrimaryKey",
+      "class": "*Mapper",
+      "type": "sql_injection",
+      "cwe": "CWE-89",
+      "severity": "critical",
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted parameter may be interpolated via ${} syntax"
+    },
+    {
+      "method": "selectByExample",
+      "class": "*Mapper",
+      "type": "sql_injection",
+      "cwe": "CWE-89",
+      "severity": "critical",
+      "arg_positions": [0],
+      "note": "MyBatis ORM - tainted fields in example criteria may be interpolated via ${} syntax"
     }
   ],
   "sanitizers": [

package/dist/analysis/config-loader.d.ts

@@ -45,3 +45,4 @@ export declare function getDefaultConfig(): TaintConfig;
  * pass code changes required.
  */
 export declare const DEFAULT_HEADER_RULES: HeaderRule[];
+//# sourceMappingURL=config-loader.d.ts.map

package/dist/analysis/config-loader.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"config-loader.d.ts","sourceRoot":"","sources":["../../src/analysis/config-loader.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EACV,YAAY,EACZ,UAAU,EACV,WAAW,EACX,aAAa,EACb,WAAW,EACX,gBAAgB,EAChB,UAAU,EACX,MAAM,oBAAoB,CAAC;AAE5B;;;GAGG;AACH,wBAAgB,WAAW,CAAC,CAAC,EAAE,OAAO,EAAE,MAAM,GAAG,CAAC,CAEjD;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAAC,OAAO,EAAE,YAAY,EAAE,GAAG,aAAa,EAAE,CAiB1E;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG;IACtD,KAAK,EAAE,WAAW,EAAE,CAAC;IACrB,UAAU,EAAE,gBAAgB,EAAE,CAAC;CAChC,CAcA;AAED;;GAEG;AACH,wBAAgB,iBAAiB,CAC/B,cAAc,EAAE,MAAM,EAAE,EACxB,YAAY,EAAE,MAAM,EAAE,GACrB,WAAW,CAQb;AAED;;;GAGG;AACH,eAAO,MAAM,eAAe,EAAE,aAAa,EAwZ1C,CAAC;AAEF,eAAO,MAAM,aAAa,EAAE,WAAW,EAqmCtC,CAAC;AAEF,eAAO,MAAM,kBAAkB,EAAE,gBAAgB,EA6LhD,CAAC;AAEF;;GAEG;AACH,wBAAgB,gBAAgB,IAAI,WAAW,CAM9C;AAMD;;;;;;;;GAQG;AACH,eAAO,MAAM,oBAAoB,EAAE,UAAU,EA8F5C,CAAC"}

package/dist/analysis/constant-propagation/ast-utils.d.ts

@@ -23,3 +23,4 @@ export declare function getNodeText(node: Node, source: string): string;
  * Get 1-based line number of an AST node.
  */
 export declare function getNodeLine(node: Node): number;
+//# sourceMappingURL=ast-utils.d.ts.map

package/dist/analysis/constant-propagation/ast-utils.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"ast-utils.d.ts","sourceRoot":"","sources":["../../../src/analysis/constant-propagation/ast-utils.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,KAAK,EAAE,aAAa,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAE9D;;GAEG;AACH,wBAAgB,OAAO,CAAC,EAAE,EAAE,aAAa,GAAG,OAAO,CAElD;AAED;;GAEG;AACH,wBAAgB,aAAa,CAAC,IAAI,EAAE,MAAM,GAAG,aAAa,CAEzD;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,EACvC,IAAI,EAAE,YAAY,EAClB,IAAI,EAAE,MAAM,GACX,aAAa,CAEf;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,MAAM,GAAG,MAAM,CAE9D;AAED;;GAEG;AACH,wBAAgB,WAAW,CAAC,IAAI,EAAE,IAAI,GAAG,MAAM,CAE9C"}

package/dist/analysis/constant-propagation/evaluator.d.ts

@@ -30,3 +30,4 @@ export declare class ExpressionEvaluator {
     getArgumentValues(argsNode: Node): ConstantValue[];
     private unescapeChar;
 }
+//# sourceMappingURL=evaluator.d.ts.map

package/dist/analysis/constant-propagation/evaluator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"evaluator.d.ts","sourceRoot":"","sources":["../../../src/analysis/constant-propagation/evaluator.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAGhD;;;;;GAKG;AACH,qBAAa,mBAAmB;IAE5B,OAAO,CAAC,MAAM;IACd,OAAO,CAAC,SAAS;gBADT,MAAM,EAAE,MAAM,EACd,SAAS,EAAE,CAAC,IAAI,EAAE,MAAM,KAAK,aAAa,GAAG,SAAS;IAGhE;;OAEG;IACH,QAAQ,CAAC,IAAI,EAAE,IAAI,GAAG,aAAa;IA6EnC,OAAO,CAAC,cAAc;IA8FtB,OAAO,CAAC,aAAa;IA+BrB,OAAO,CAAC,eAAe;IAuBvB,OAAO,CAAC,kBAAkB;IAuE1B,OAAO,CAAC,mBAAmB;IAe3B;;OAEG;IACH,iBAAiB,CAAC,QAAQ,EAAE,IAAI,GAAG,aAAa,EAAE;IAUlD,OAAO,CAAC,YAAY;CAWrB"}

package/dist/analysis/constant-propagation/index.d.ts

@@ -60,3 +60,4 @@ export declare function isCorrelatedPredicateFP(result: ConstantPropagatorResult
         line: number;
     }>;
 }): boolean;
+//# sourceMappingURL=index.d.ts.map

package/dist/analysis/constant-propagation/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analysis/constant-propagation/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAC5C,OAAO,KAAK,EAAE,wBAAwB,EAAE,0BAA0B,EAAE,MAAM,YAAY,CAAC;AAIvF,YAAY,EAAE,YAAY,EAAE,aAAa,EAAE,wBAAwB,EAAE,0BAA0B,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAGtI,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,gBAAgB,CAAC;AAGlG,OAAO,EAAE,cAAc,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAG3G,OAAO,EAAE,mBAAmB,EAAE,MAAM,gBAAgB,CAAC;AACrD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iBAAiB,CAAC;AAErD;;;;;;;GAOG;AACH,wBAAgB,0BAA0B,CACxC,IAAI,EAAE,IAAI,EACV,UAAU,EAAE,MAAM,EAClB,OAAO,GAAE,0BAA+B,GACvC,wBAAwB,CAS1B;AAED;;;;;;;GAOG;AACH,wBAAgB,eAAe,CAC7B,MAAM,EAAE,wBAAwB,EAChC,QAAQ,EAAE,MAAM,EAChB,UAAU,EAAE,MAAM,GACjB;IAAE,eAAe,EAAE,OAAO,CAAC;IAAC,MAAM,EAAE,MAAM,GAAG,IAAI,CAAA;CAAE,CAsBrD;AAED;;;;;;;;;;;;;GAaG;AACH,wBAAgB,uBAAuB,CACrC,MAAM,EAAE,wBAAwB,EAChC,IAAI,EAAE;IAAE,MAAM,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAAC,IAAI,EAAE;QAAE,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC;IAAC,IAAI,EAAE,KAAK,CAAC;QAAE,QAAQ,EAAE,MAAM,CAAC;QAAC,IAAI,EAAE,MAAM,CAAA;KAAE,CAAC,CAAA;CAAE,GAC1G,OAAO,CA2CT"}

package/dist/analysis/constant-propagation/patterns.d.ts

@@ -6,3 +6,4 @@ export declare const TAINT_PATTERN_REGEX: RegExp;
 export declare const SANITIZER_METHODS: Set<string>;
 export declare const ANTI_SANITIZER_METHODS: Set<string>;
 export declare const PROPAGATOR_METHODS: Set<string>;
+//# sourceMappingURL=patterns.d.ts.map

package/dist/analysis/constant-propagation/patterns.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/analysis/constant-propagation/patterns.ts"],"names":[],"mappings":"AAAA;;GAEG;AAMH,eAAO,MAAM,cAAc,UAgE1B,CAAC;AAGF,eAAO,MAAM,mBAAmB,QAE/B,CAAC;AAMF,eAAO,MAAM,iBAAiB,aAwC5B,CAAC;AAOH,eAAO,MAAM,sBAAsB,aAoBjC,CAAC;AAOH,eAAO,MAAM,kBAAkB,aAsB7B,CAAC"}

package/dist/analysis/constant-propagation/propagator.d.ts

@@ -178,3 +178,4 @@ export declare class ConstantPropagator {
     isTaintedExpression(node: Node): boolean;
     private checkCollectionTaint;
 }
+//# sourceMappingURL=propagator.d.ts.map

package/dist/analysis/constant-propagation/propagator.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"propagator.d.ts","sourceRoot":"","sources":["../../../src/analysis/constant-propagation/propagator.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,KAAK,EAAE,aAAa,EAAE,wBAAwB,EAAE,gBAAgB,EAAkB,MAAM,YAAY,CAAC;AAK5G;;;;;;;;GAQG;AACH,qBAAa,kBAAkB;IAC7B,OAAO,CAAC,OAAO,CAAyC;IACxD,OAAO,CAAC,OAAO,CAA0B;IACzC,OAAO,CAAC,gBAAgB,CAA0B;IAClD,OAAO,CAAC,kBAAkB,CAAuC;IAEjE,OAAO,CAAC,aAAa,CAA0B;IAC/C,OAAO,CAAC,MAAM,CAAc;IAC5B,OAAO,CAAC,SAAS,CAAuB;IAGxC,OAAO,CAAC,eAAe,CAAgC;IAEvD,OAAO,CAAC,mBAAmB,CAAkB;IAE7C,OAAO,CAAC,qBAAqB,CAA0B;IAEvD,OAAO,CAAC,sBAAsB,CAA0B;IAExD,OAAO,CAAC,sBAAsB,CAAkC;IAEhE,OAAO,CAAC,sBAAsB,CAA0B;IAExD,OAAO,CAAC,uBAAuB,CAAgB;IAE/C,OAAO,CAAC,YAAY,CAA6C;IAEjE,OAAO,CAAC,aAAa,CAA0B;IAE/C,OAAO,CAAC,oBAAoB,CAAuC;IAEnE,OAAO,CAAC,aAAa,CAAuB;IAG5C,OAAO,CAAC,iBAAiB,CAAuC;IAEhE,OAAO,CAAC,cAAc,CAAgB;IAEtC,OAAO,CAAC,cAAc,CAAkC;IAExD,OAAO,CAAC,iBAAiB,CAA0B;IAEnD,OAAO,CAAC,mBAAmB,CAAkB;IAE7C,OAAO,CAAC,eAAe,CAAkC;IAEzD,OAAO,CAAC,WAAW,CAA0B;IAE7C,OAAO,CAAC,qBAAqB,CAA0B;IAEvD,OAAO,CAAC,kBAAkB,CAA0C;IAEpE,OAAO,CAAC,gBAAgB,CAAuB;IAE/C,OAAO,CAAC,aAAa,CAAkB;IAEvC,OAAO,CAAC,yBAAyB,CAAkC;IAEnE;;OAEG;IACH,OAAO,CAAC,IAAI,EAAE,IAAI,EAAE,UAAU,EAAE,MAAM,EAAE,uBAAuB,GAAE,MAAM,EAAO,EAAE,gBAAgB,GAAE,MAAM,EAAO,EAAE,iBAAiB,GAAE,gBAAgB,EAAO,GAAG,wBAAwB;IAmGtL;;OAEG;IACH,kBAAkB,CAAC,IAAI,EAAE,IAAI,GAAG,aAAa;IAI7C;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,MAAM,GAAG,aAAa,GAAG,SAAS;IAIpD;;OAEG;IACH,SAAS,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAInC;;OAEG;IACH,eAAe,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO;IAQtC;;OAEG;IACH,OAAO,CAAC,oBAAoB;IA8H5B,OAAO,CAAC,mBAAmB;IAsD3B,OAAO,CAAC,qBAAqB;IAuD7B,OAAO,CAAC,mBAAmB;IAgB3B,OAAO,CAAC,eAAe;IAqBvB,OAAO,CAAC,+BAA+B;IAuCvC;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAsC1B,OAAO,CAAC,cAAc;IAiBtB,OAAO,CAAC,aAAa;IAYrB,OAAO,CAAC,wBAAwB;IAkDhC,OAAO,CAAC,KAAK;IAkEb;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IA8E/B;;;OAGG;IACH,OAAO,CAAC,aAAa;IAYrB;;;;OAIG;IACH,OAAO,CAAC,YAAY;IAapB,OAAO,CAAC,mBAAmB;IAmD3B,OAAO,CAAC,wBAAwB;IAwBhC;;;OAGG;IACH,OAAO,CAAC,2BAA2B;IAanC;;OAEG;IACH,OAAO,CAAC,wBAAwB;IAYhC,OAAO,CAAC,iBAAiB;IA8BzB,OAAO,CAAC,yBAAyB;IAwDjC,OAAO,CAAC,gBAAgB;IA4FxB,OAAO,CAAC,4BAA4B;IAqCpC,OAAO,CAAC,sBAAsB;IA8C9B,OAAO,CAAC,iBAAiB;IAsGzB;;;OAGG;IACH,OAAO,CAAC,kBAAkB;IAwB1B;;;;OAIG;IACH,OAAO,CAAC,mBAAmB;IAW3B;;;;OAIG;IACH,qBAAqB,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO;IAoB/C,OAAO,CAAC,YAAY;IAwEpB,OAAO,CAAC,aAAa;IAwBrB,OAAO,CAAC,yBAAyB;IAYjC,OAAO,CAAC,eAAe;IAQvB,OAAO,CAAC,iBAAiB;IAYzB,OAAO,CAAC,gBAAgB;IAqBxB;;;OAGG;IACH,qBAAqB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAc1C;;;;OAIG;IACH,mBAAmB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAcxC;;;OAGG;IACH,8BAA8B,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAiCnD;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAoB5B;;;;OAIG;IACH,OAAO,CAAC,uBAAuB;IAiB/B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IA8B3B;;;OAGG;IACH,OAAO,CAAC,uBAAuB;IAe/B,mBAAmB,CAAC,IAAI,EAAE,IAAI,GAAG,OAAO;IAyWxC,OAAO,CAAC,oBAAoB;CA4L7B"}

package/dist/analysis/constant-propagation/types.d.ts

@@ -61,3 +61,4 @@ export interface ConstantPropagationOptions {
     /** Method parameters to treat as initially tainted (for inter-procedural analysis) */
     taintedParameters?: TaintedParameter[];
 }
+//# sourceMappingURL=types.d.ts.map

package/dist/analysis/constant-propagation/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/analysis/constant-propagation/types.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,MAAM,YAAY,GAAG,QAAQ,GAAG,KAAK,GAAG,OAAO,GAAG,MAAM,GAAG,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;AAE7F,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC;IACxC,IAAI,EAAE,YAAY,CAAC;IACnB,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,wBAAwB;IACvC,6CAA6C;IAC7C,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IACpC,oCAAoC;IACpC,OAAO,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IACrB,kDAAkD;IAClD,gBAAgB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC9B,gEAAgE;IAChE,kBAAkB,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;IAC7C,0FAA0F;IAC1F,oBAAoB,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;IAC/C,yDAAyD;IACzD,aAAa,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC3B,uGAAuG;IACvG,iBAAiB,EAAE,GAAG,CAAC,MAAM,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC;IAC5C,6EAA6E;IAC7E,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,2FAA2F;IAC3F,iBAAiB,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC/B,yFAAyF;IACzF,kBAAkB,EAAE,GAAG,CAAC,MAAM,EAAE,cAAc,CAAC,CAAC;CACjD;AAED,MAAM,WAAW,gBAAgB;IAC/B,kDAAkD;IAClD,UAAU,EAAE,MAAM,CAAC;IACnB,4BAA4B;IAC5B,SAAS,EAAE,MAAM,CAAC;CACnB;AAED;;;GAGG;AACH,MAAM,WAAW,cAAc;IAC7B,iDAAiD;IACjD,SAAS,EAAE,MAAM,CAAC;IAClB,8CAA8C;IAC9C,SAAS,EAAE,MAAM,CAAC;IAClB,iEAAiE;IACjE,WAAW,EAAE,MAAM,CAAC;IACpB,+DAA+D;IAC/D,aAAa,EAAE,MAAM,CAAC;IACtB,yEAAyE;IACzE,SAAS,EAAE,MAAM,CAAC;IAClB,+CAA+C;IAC/C,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,0BAA0B;IACzC,mDAAmD;IACnD,uBAAuB,CAAC,EAAE,MAAM,EAAE,CAAC;IACnC,wDAAwD;IACxD,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,sFAAsF;IACtF,iBAAiB,CAAC,EAAE,gBAAgB,EAAE,CAAC;CACxC"}

package/dist/analysis/constant-propagation.d.ts

@@ -7,3 +7,4 @@
  * @module constant-propagation
  */
 export { type ConstantType, type ConstantValue, type ConstantPropagatorResult, type ConstantPropagationOptions, isKnown, createUnknown, createConstant, getNodeText, getNodeLine, TAINT_PATTERNS, TAINT_PATTERN_REGEX, SANITIZER_METHODS, PROPAGATOR_METHODS, ExpressionEvaluator, ConstantPropagator, analyzeConstantPropagation, isFalsePositive, isCorrelatedPredicateFP, } from './constant-propagation/index.js';
+//# sourceMappingURL=constant-propagation.d.ts.map

package/dist/analysis/constant-propagation.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"constant-propagation.d.ts","sourceRoot":"","sources":["../../src/analysis/constant-propagation.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAEL,KAAK,YAAY,EACjB,KAAK,aAAa,EAClB,KAAK,wBAAwB,EAC7B,KAAK,0BAA0B,EAG/B,OAAO,EACP,aAAa,EACb,cAAc,EACd,WAAW,EACX,WAAW,EAGX,cAAc,EACd,mBAAmB,EACnB,iBAAiB,EACjB,kBAAkB,EAGlB,mBAAmB,EACnB,kBAAkB,EAGlB,0BAA0B,EAC1B,eAAe,EACf,uBAAuB,GACxB,MAAM,iCAAiC,CAAC"}

package/dist/analysis/dfg-verifier.d.ts

@@ -103,3 +103,4 @@ export declare function verifyTaintFlow(dfg: DFG, calls: CallInfo[], source: Tai
  * Format verification result for display
  */
 export declare function formatVerificationResult(result: VerificationResult): string;
+//# sourceMappingURL=dfg-verifier.d.ts.map

package/dist/analysis/dfg-verifier.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"dfg-verifier.d.ts","sourceRoot":"","sources":["../../src/analysis/dfg-verifier.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EACV,GAAG,EACH,MAAM,EAGN,QAAQ,EACR,WAAW,EACX,SAAS,EACT,cAAc,EACf,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C;;GAEG;AACH,MAAM,WAAW,kBAAkB;IACjC,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,CAAC,EAAE,gBAAgB,CAAC;IACxB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,gBAAgB,EAAE,CAAC;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,OAAO,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACrB,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,MAAM,GAAG,QAAQ,GAAG,OAAO,CAAC;CACjE;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,QAAQ,CAAC,EAAE,MAAM,CAAC;IAClB,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B,eAAe,CAAC,EAAE,OAAO,CAAC;CAC3B;AAED;;GAEG;AACH,qBAAa,WAAW;IACtB,OAAO,CAAC,KAAK,CAAY;IACzB,OAAO,CAAC,UAAU,CAAmB;IACrC,OAAO,CAAC,MAAM,CAA2B;IACzC,OAAO,CAAC,cAAc,CAAc;gBAGlC,UAAU,EAAE,SAAS,GAAG,GAAG,EAC3B,iBAAiB,EAAE,QAAQ,EAAE,GAAG,cAAc,EAAE,EAChD,kBAAkB,CAAC,EAAE,cAAc,EAAE,GAAG,cAAc,EACtD,MAAM,GAAE,cAAmB;IAkC7B;;OAEG;IACH,MAAM,CAAC,MAAM,EAAE,WAAW,EAAE,IAAI,EAAE,SAAS,GAAG,kBAAkB;IAyDhE;;OAEG;IACH,OAAO,CAAC,QAAQ;IA6HhB;;OAEG;IACH,OAAO,CAAC,WAAW;IA6BnB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA4BzB;;OAEG;IACH,OAAO,CAAC,cAAc;IAWtB;;OAEG;IACH,OAAO,CAAC,eAAe;IASvB;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAuB3B;;OAEG;IACH,SAAS,CACP,OAAO,EAAE,WAAW,EAAE,EACtB,KAAK,EAAE,SAAS,EAAE,GACjB,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC;IAclC;;OAEG;IACH,QAAQ,CAAC,OAAO,EAAE,GAAG,CAAC,MAAM,EAAE,kBAAkB,CAAC,GAAG;QAClD,KAAK,EAAE,MAAM,CAAC;QACd,QAAQ,EAAE,MAAM,CAAC;QACjB,WAAW,EAAE,MAAM,CAAC;QACpB,SAAS,EAAE,MAAM,CAAC;QAClB,aAAa,EAAE,MAAM,CAAC;KACvB;CAyBF;AAED;;GAEG;AACH,wBAAgB,eAAe,CAC7B,GAAG,EAAE,GAAG,EACR,KAAK,EAAE,QAAQ,EAAE,EACjB,MAAM,EAAE,WAAW,EACnB,IAAI,EAAE,SAAS,EACf,UAAU,GAAE,cAAc,EAAO,EACjC,MAAM,GAAE,cAAmB,GAC1B,kBAAkB,CAGpB;AAED;;GAEG;AACH,wBAAgB,wBAAwB,CAAC,MAAM,EAAE,kBAAkB,GAAG,MAAM,CAoB3E"}

package/dist/analysis/findings.d.ts

@@ -9,3 +9,4 @@ import type { TaintSource, TaintSink, DFG, Finding } from '../types/index.js';
  * Generate vulnerability findings from taint analysis results.
  */
 export declare function generateFindings(sources: TaintSource[], sinks: TaintSink[], dfg: DFG, fileName: string): Finding[];
+//# sourceMappingURL=findings.d.ts.map

package/dist/analysis/findings.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"findings.d.ts","sourceRoot":"","sources":["../../src/analysis/findings.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,WAAW,EACX,SAAS,EACT,GAAG,EAEH,OAAO,EAGR,MAAM,mBAAmB,CAAC;AAQ3B;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,WAAW,EAAE,EACtB,KAAK,EAAE,SAAS,EAAE,EAClB,GAAG,EAAE,GAAG,EACR,QAAQ,EAAE,MAAM,GACf,OAAO,EAAE,CA4FX"}

package/dist/analysis/html/html-attribute-security-pass.d.ts

@@ -20,3 +20,4 @@ import type { SastFinding } from '../../types/index.js';
  * Run all HTML attribute security checks.
  */
 export declare function runHtmlAttributeSecurityChecks(rootNode: SyntaxNode, filePath: string): SastFinding[];
+//# sourceMappingURL=html-attribute-security-pass.d.ts.map

package/dist/analysis/html/html-attribute-security-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"html-attribute-security-pass.d.ts","sourceRoot":"","sources":["../../../src/analysis/html/html-attribute-security-pass.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;GAeG;AAEH,OAAO,KAAK,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAGxD;;GAEG;AACH,wBAAgB,8BAA8B,CAC5C,QAAQ,EAAE,UAAU,EACpB,QAAQ,EAAE,MAAM,GACf,WAAW,EAAE,CAIf"}

package/dist/analysis/html/html-extractor.d.ts

@@ -67,3 +67,4 @@ declare function findChildByType(node: SyntaxNode, type: string): SyntaxNode | n
  */
 declare function stripQuotes(text: string): string;
 export { getAttributeValue, getTagName, findChildByType, stripQuotes };
+//# sourceMappingURL=html-extractor.d.ts.map

package/dist/analysis/html/html-extractor.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"html-extractor.d.ts","sourceRoot":"","sources":["../../../src/analysis/html/html-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,IAAI,IAAI,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE1D;;GAEG;AACH,MAAM,WAAW,eAAe;IAC9B,sDAAsD;IACtD,IAAI,EAAE,MAAM,CAAC;IACb,uEAAuE;IACvE,UAAU,EAAE,MAAM,CAAC;IACnB,uEAAuE;IACvE,IAAI,EAAE,QAAQ,GAAG,cAAc,CAAC;IAChC,kEAAkE;IAClE,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,uDAAuD;IACvD,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,+DAA+D;IAC/D,IAAI,EAAE,MAAM,CAAC;IACb,gDAAgD;IAChD,SAAS,EAAE,MAAM,CAAC;IAClB,qDAAqD;IACrD,IAAI,EAAE,MAAM,CAAC;IACb,8CAA8C;IAC9C,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,YAAY,EAAE,eAAe,EAAE,CAAC;IAChC,aAAa,EAAE,gBAAgB,EAAE,CAAC;CACnC;AAcD;;;;;;GAMG;AACH,wBAAgB,kBAAkB,CAAC,QAAQ,EAAE,UAAU,GAAG,oBAAoB,CAO7E;AAoGD;;GAEG;AACH,iBAAS,UAAU,CAAC,IAAI,EAAE,UAAU,GAAG,MAAM,CAa5C;AAED;;GAEG;AACH,iBAAS,iBAAiB,CAAC,GAAG,EAAE,UAAU,GAAG,IAAI,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAenF;AAED;;GAEG;AACH,iBAAS,eAAe,CAAC,IAAI,EAAE,UAAU,EAAE,IAAI,EAAE,MAAM,GAAG,UAAU,GAAG,IAAI,CAM1E;AAED;;GAEG;AACH,iBAAS,WAAW,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAMzC;AAGD,OAAO,EAAE,iBAAiB,EAAE,UAAU,EAAE,eAAe,EAAE,WAAW,EAAE,CAAC"}

package/dist/analysis/html/html-merge.d.ts

@@ -20,3 +20,4 @@ export interface ScriptBlockResult {
  * @param attributeFindings - SastFindings from attribute-level security checks
  */
 export declare function mergeHtmlResults(htmlMeta: Meta, scriptResults: ScriptBlockResult[], attributeFindings: SastFinding[]): CircleIR;
+//# sourceMappingURL=html-merge.d.ts.map

package/dist/analysis/html/html-merge.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"html-merge.d.ts","sourceRoot":"","sources":["../../../src/analysis/html/html-merge.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAEH,OAAO,KAAK,EACV,QAAQ,EACR,IAAI,EAeJ,WAAW,EACZ,MAAM,sBAAsB,CAAC;AAE9B,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,QAAQ,CAAC;IACb,UAAU,EAAE,MAAM,CAAC;CACpB;AAED;;;;;;GAMG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,IAAI,EACd,aAAa,EAAE,iBAAiB,EAAE,EAClC,iBAAiB,EAAE,WAAW,EAAE,GAC/B,QAAQ,CAiKV"}

package/dist/analysis/html/index.d.ts

@@ -9,3 +9,4 @@
 export { extractHtmlContent, type HtmlScriptBlock, type HtmlEventHandler, type HtmlExtractionResult, } from './html-extractor.js';
 export { runHtmlAttributeSecurityChecks } from './html-attribute-security-pass.js';
 export { mergeHtmlResults, type ScriptBlockResult, } from './html-merge.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/analysis/html/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analysis/html/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EACL,kBAAkB,EAClB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,oBAAoB,GAC1B,MAAM,qBAAqB,CAAC;AAE7B,OAAO,EAAE,8BAA8B,EAAE,MAAM,mCAAmC,CAAC;AAEnF,OAAO,EACL,gBAAgB,EAChB,KAAK,iBAAiB,GACvB,MAAM,iBAAiB,CAAC"}

package/dist/analysis/index.d.ts

@@ -11,3 +11,4 @@ export { analyzeConstantPropagation, isFalsePositive, isCorrelatedPredicateFP, C
 export { PathFinder, findTaintPaths, formatTaintPath, type TaintHop, type TaintPath, type PathFinderResult, type PathFinderConfig, } from './path-finder.js';
 export { DFGVerifier, verifyTaintFlow, type VerificationResult, type VerificationPath, type VerificationStep, type VerifierConfig, } from './dfg-verifier.js';
 export { parseVersion, compareVersions, semverSatisfies, isVersionVulnerable, type ParsedVersion, } from './semver.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/analysis/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/analysis/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,eAAe,EACf,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,aAAa,EACb,kBAAkB,GACnB,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,YAAY,GACb,MAAM,oBAAoB,CAAC;AAE5B,OAAO,EACL,gBAAgB,GACjB,MAAM,iBAAiB,CAAC;AAEzB,OAAO,EACL,gBAAgB,GACjB,MAAM,eAAe,CAAC;AAEvB,OAAO,EACL,cAAc,EACd,KAAK,sBAAsB,EAC3B,KAAK,eAAe,EACpB,KAAK,SAAS,GACf,MAAM,wBAAwB,CAAC;AAEhC,OAAO,EACL,sBAAsB,EACtB,yBAAyB,EACzB,gBAAgB,EAChB,mBAAmB,EACnB,SAAS,EACT,SAAS,EACT,eAAe,EACf,KAAK,qBAAqB,EAC1B,KAAK,UAAU,EACf,KAAK,QAAQ,GACd,MAAM,sBAAsB,CAAC;AAE9B,OAAO,EACL,0BAA0B,EAC1B,eAAe,EACf,uBAAuB,EACvB,kBAAkB,EAClB,OAAO,EACP,aAAa,EACb,cAAc,EACd,WAAW,EACX,WAAW,EACX,KAAK,aAAa,EAClB,KAAK,YAAY,EACjB,KAAK,wBAAwB,EAC7B,KAAK,0BAA0B,GAChC,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EACL,UAAU,EACV,cAAc,EACd,eAAe,EACf,KAAK,QAAQ,EACb,KAAK,SAAS,EACd,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,GACtB,MAAM,kBAAkB,CAAC;AAE1B,OAAO,EACL,WAAW,EACX,eAAe,EACf,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,KAAK,gBAAgB,EACrB,KAAK,cAAc,GACpB,MAAM,mBAAmB,CAAC;AAE3B,OAAO,EACL,YAAY,EACZ,eAAe,EACf,eAAe,EACf,mBAAmB,EACnB,KAAK,aAAa,GACnB,MAAM,aAAa,CAAC"}

package/dist/analysis/interprocedural.d.ts

@@ -101,3 +101,4 @@ export declare function findTaintBridges(result: InterproceduralResult): string[
  * Get taint flow paths through methods.
  */
 export declare function getMethodTaintPaths(result: InterproceduralResult, maxDepth?: number): string[][];
+//# sourceMappingURL=interprocedural.d.ts.map

package/dist/analysis/interprocedural.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"interprocedural.d.ts","sourceRoot":"","sources":["../../src/analysis/interprocedural.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EACV,QAAQ,EACR,QAAQ,EAER,GAAG,EAGH,WAAW,EACX,SAAS,EACT,cAAc,EAGf,MAAM,mBAAmB,CAAC;AAC3B,OAAO,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AAE9C;;GAEG;AACH,MAAM,WAAW,UAAU;IACzB,yBAAyB;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,iDAAiD;IACjD,GAAG,EAAE,MAAM,CAAC;IACZ,wCAAwC;IACxC,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,gCAAgC;IAChC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;IAC3B,UAAU,EAAE,cAAc,EAAE,CAAC;IAC7B,cAAc,EAAE,OAAO,CAAC;IACxB,eAAe,EAAE,MAAM,GAAG,IAAI,CAAC;IAC/B,wFAAwF;IACxF,uBAAuB,EAAE,MAAM,EAAE,GAAG,IAAI,CAAC;IACzC,SAAS,EAAE,MAAM,CAAC;IAClB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED;;GAEG;AACH,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,SAAS,EAAE,MAAM,GAAG,IAAI,CAAC;IACzB,UAAU,EAAE,MAAM,GAAG,IAAI,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,YAAY,EAAE,MAAM,CAAC;IACrB,YAAY,EAAE,MAAM,CAAC;IACrB,QAAQ,EAAE,MAAM,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;CACvB;AAED;;GAEG;AACH,MAAM,WAAW,qBAAqB;IACpC,WAAW,EAAE,GAAG,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACrC,SAAS,EAAE,QAAQ,EAAE,CAAC;IACtB,cAAc,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;IAC5B,cAAc,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACpC,eAAe,EAAE,SAAS,EAAE,CAAC;CAC9B;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,oGAAoG;IACpG,gBAAgB,CAAC,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;CAChC;AAED;;;;;GAKG;AACH,wBAAgB,sBAAsB,CACpC,YAAY,EAAE,SAAS,GAAG,QAAQ,EAAE,EACpC,cAAc,EAAE,QAAQ,EAAE,GAAG,WAAW,EAAE,EAC1C,UAAU,EAAE,GAAG,GAAG,SAAS,EAAE,EAC7B,mBAAmB,EAAE,WAAW,EAAE,GAAG,cAAc,EAAE,EACrD,cAAc,CAAC,EAAE,SAAS,EAAE,GAAG,sBAAsB,EACrD,aAAa,CAAC,EAAE,cAAc,EAAE,EAChC,UAAU,GAAE,sBAA2B,GACtC,qBAAqB,CA8NvB;AAqTD;;GAEG;AACH,wBAAgB,yBAAyB,CAAC,MAAM,EAAE,qBAAqB,GAAG;IACxE,YAAY,EAAE,MAAM,CAAC;IACrB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,EAAE,MAAM,CAAC;IAClB,qBAAqB,EAAE,MAAM,CAAC;CAC/B,CAOA;AAED;;;GAGG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAcnF;AAED;;GAEG;AACH,wBAAgB,SAAS,CAAC,MAAM,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,GAAG,UAAU,GAAG,SAAS,CAclG;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,MAAM,EAAE,qBAAqB,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAezF;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,qBAAqB,GAAG,MAAM,EAAE,CAaxE;AAED;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,MAAM,EAAE,qBAAqB,EAC7B,QAAQ,GAAE,MAAU,GACnB,MAAM,EAAE,EAAE,CAmDZ"}

package/dist/analysis/metrics/index.d.ts

@@ -1,2 +1,3 @@
 export { MetricRunner } from './metric-runner.js';
 export type { MetricPass, MetricContext } from './metric-pass.js';
+//# sourceMappingURL=index.d.ts.map

package/dist/analysis/metrics/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/analysis/metrics/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,YAAY,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/analysis/metrics/metric-pass.d.ts

@@ -25,3 +25,4 @@ export interface MetricPass {
     readonly name: string;
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=metric-pass.d.ts.map

package/dist/analysis/metrics/metric-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metric-pass.d.ts","sourceRoot":"","sources":["../../../src/analysis/metrics/metric-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAElE;;;;;;GAMG;AACH,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,QAAQ,CAAC;IACb,mDAAmD;IACnD,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,wDAAwD;IACxD,WAAW,EAAE,WAAW,EAAE,CAAC;CAC5B;AAED;;;;;;GAMG;AACH,MAAM,WAAW,UAAU;IACzB,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE,CAAC;CACxC"}

package/dist/analysis/metrics/metric-runner.d.ts

@@ -19,3 +19,4 @@ export declare class MetricRunner {
      */
     run(ir: CircleIR, code: string, language: string): MetricValue[];
 }
+//# sourceMappingURL=metric-runner.d.ts.map

package/dist/analysis/metrics/metric-runner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"metric-runner.d.ts","sourceRoot":"","sources":["../../../src/analysis/metrics/metric-runner.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,sBAAsB,CAAC;AAYlE;;;;;;;;;;GAUG;AACH,qBAAa,YAAY;IACvB,OAAO,CAAC,QAAQ,CAAC,MAAM,CAUrB;IAEF;;;;OAIG;IACH,GAAG,CAAC,EAAE,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,WAAW,EAAE;CAQjE"}

package/dist/analysis/metrics/passes/cohesion-metrics-pass.d.ts

@@ -19,3 +19,4 @@ export declare class CohesionMetricsPass implements MetricPass {
     readonly name = "cohesion-metrics";
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=cohesion-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/cohesion-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cohesion-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/cohesion-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;;;;;;;;;;GAcG;AACH,qBAAa,mBAAoB,YAAW,UAAU;IACpD,QAAQ,CAAC,IAAI,sBAAsB;IAEnC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;CA0FvC"}

package/dist/analysis/metrics/passes/complexity-metrics-pass.d.ts

@@ -13,3 +13,4 @@ export declare class ComplexityMetricsPass implements MetricPass {
     readonly name = "complexity-metrics";
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=complexity-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/complexity-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"complexity-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/complexity-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;;;;GAQG;AACH,qBAAa,qBAAsB,YAAW,UAAU;IACtD,QAAQ,CAAC,IAAI,wBAAwB;IAErC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;CA0EvC"}

package/dist/analysis/metrics/passes/composite-metrics-pass.d.ts

@@ -15,3 +15,4 @@ export declare class CompositeMetricsPass implements MetricPass {
     readonly name = "composite-metrics";
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=composite-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/composite-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"composite-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/composite-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;;;;;;GAUG;AACH,qBAAa,oBAAqB,YAAW,UAAU;IACrD,QAAQ,CAAC,IAAI,uBAAuB;IAEpC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;CAyEvC"}

package/dist/analysis/metrics/passes/coupling-metrics-pass.d.ts

@@ -17,3 +17,4 @@ export declare class CouplingMetricsPass implements MetricPass {
     readonly name = "coupling-metrics";
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=coupling-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/coupling-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"coupling-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/coupling-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;;;;;;;;GAYG;AACH,qBAAa,mBAAoB,YAAW,UAAU;IACpD,QAAQ,CAAC,IAAI,sBAAsB;IAEnC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;CAsFvC"}

package/dist/analysis/metrics/passes/data-flow-metrics-pass.d.ts

@@ -12,3 +12,4 @@ export declare class DataFlowMetricsPass implements MetricPass {
     readonly name = "data-flow-metrics";
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=data-flow-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/data-flow-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"data-flow-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/data-flow-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;;;GAOG;AACH,qBAAa,mBAAoB,YAAW,UAAU;IACpD,QAAQ,CAAC,IAAI,uBAAuB;IAEpC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;CAavC"}

package/dist/analysis/metrics/passes/documentation-metrics-pass.d.ts

@@ -13,3 +13,4 @@ export declare class DocumentationMetricsPass implements MetricPass {
     readonly name = "documentation-metrics";
     run(ctx: MetricContext): MetricValue[];
 }
+//# sourceMappingURL=documentation-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/documentation-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"documentation-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/documentation-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEnE;;;;;;;;GAQG;AACH,qBAAa,wBAAyB,YAAW,UAAU;IACzD,QAAQ,CAAC,IAAI,2BAA2B;IAExC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;CAyDvC"}

package/dist/analysis/metrics/passes/halstead-metrics-pass.d.ts

@@ -14,3 +14,4 @@ export declare class HalsteadMetricsPass implements MetricPass {
     run(ctx: MetricContext): MetricValue[];
     private emitZero;
 }
+//# sourceMappingURL=halstead-metrics-pass.d.ts.map

package/dist/analysis/metrics/passes/halstead-metrics-pass.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"halstead-metrics-pass.d.ts","sourceRoot":"","sources":["../../../../src/analysis/metrics/passes/halstead-metrics-pass.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,KAAK,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAsBnE;;;;;;;;GAQG;AACH,qBAAa,mBAAoB,YAAW,UAAU;IACpD,QAAQ,CAAC,IAAI,sBAAsB;IAEnC,GAAG,CAAC,GAAG,EAAE,aAAa,GAAG,WAAW,EAAE;IAoEtC,OAAO,CAAC,QAAQ;CAQjB"}