cognium-ai 1.0.0

package/dist/cli.d.ts

@@ -0,0 +1,6 @@
+#!/usr/bin/env node
+/**
+ * cognium-ai CLI - AI-powered static analysis with LLM-enhanced vulnerability detection
+ */
+export {};
+//# sourceMappingURL=cli.d.ts.map

package/dist/cli.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.d.ts","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;GAEG"}

package/dist/cli.js

@@ -0,0 +1,528 @@
+#!/usr/bin/env node
+/**
+ * cognium-ai CLI - AI-powered static analysis with LLM-enhanced vulnerability detection
+ */
+import { readFileSync, writeFileSync, existsSync, statSync, readdirSync } from 'fs';
+import { join, extname, resolve, dirname } from 'path';
+import { createRequire } from 'module';
+import { initAnalyzer, analyze, detectDeadCode, formatDeadCodeReport, scanForSecrets, formatSecretReport, calculateHealthScore, formatHealthReport, analyzeSkillBundle, } from 'circle-ir-ai';
+import { formatResults, formatJSON, formatSARIF } from './formatters.js';
+import { version } from './version.js';
+import { parseArgs, showHelp, showVersion } from './utils/args.js';
+import { spinner } from './utils/spinner.js';
+import { colors } from './utils/colors.js';
+// ---------------------------------------------------------------------------
+// Constants
+// ---------------------------------------------------------------------------
+const TEST_PATTERNS = [
+    /[/\\]test[/\\]/i,
+    /[/\\]tests[/\\]/i,
+    /[/\\]__tests__[/\\]/i,
+    /[/\\]spec[/\\]/i,
+    /[/\\]__mocks__[/\\]/i,
+    /\.test\.[jt]sx?$/i,
+    /\.spec\.[jt]sx?$/i,
+    /Test\.java$/,
+    /Tests\.java$/,
+    /IT\.java$/,
+    /_test\.py$/,
+    /_tests\.py$/,
+    /test_.*\.py$/,
+    /_test\.rs$/,
+];
+const LANG_MAP = {
+    '.java': 'java',
+    '.js': 'javascript',
+    '.mjs': 'javascript',
+    '.ts': 'typescript',
+    '.tsx': 'typescript',
+    '.py': 'python',
+    '.rs': 'rust',
+    '.sh': 'bash',
+    '.bash': 'bash',
+};
+const SINK_SEVERITY = {
+    sql_injection: 'critical',
+    nosql_injection: 'high',
+    command_injection: 'critical',
+    path_traversal: 'high',
+    xss: 'high',
+    xxe: 'critical',
+    deserialization: 'critical',
+    ldap_injection: 'high',
+    xpath_injection: 'high',
+    ssrf: 'high',
+    open_redirect: 'medium',
+    code_injection: 'critical',
+    log_injection: 'medium',
+    weak_random: 'low',
+    weak_hash: 'low',
+    weak_crypto: 'low',
+    insecure_cookie: 'low',
+    trust_boundary: 'medium',
+    external_taint_escape: 'medium',
+};
+const SINK_CWE = {
+    sql_injection: 'CWE-89',
+    nosql_injection: 'CWE-943',
+    command_injection: 'CWE-78',
+    path_traversal: 'CWE-22',
+    xss: 'CWE-79',
+    xxe: 'CWE-611',
+    deserialization: 'CWE-502',
+    ldap_injection: 'CWE-90',
+    xpath_injection: 'CWE-643',
+    ssrf: 'CWE-918',
+    open_redirect: 'CWE-601',
+    code_injection: 'CWE-94',
+    log_injection: 'CWE-117',
+    weak_random: 'CWE-330',
+    weak_hash: 'CWE-327',
+    weak_crypto: 'CWE-327',
+    insecure_cookie: 'CWE-614',
+    trust_boundary: 'CWE-501',
+    external_taint_escape: 'CWE-20',
+};
+// ---------------------------------------------------------------------------
+// Helpers
+// ---------------------------------------------------------------------------
+function isTestFile(filePath) {
+    return TEST_PATTERNS.some((pattern) => pattern.test(filePath));
+}
+function detectLanguage(filePath) {
+    const ext = extname(filePath).toLowerCase();
+    return LANG_MAP[ext] || null;
+}
+function collectFiles(targetPath, language, excludeTests = false) {
+    const files = [];
+    const stat = statSync(targetPath);
+    if (stat.isFile()) {
+        if (excludeTests && isTestFile(targetPath))
+            return files;
+        const lang = language || detectLanguage(targetPath);
+        if (lang)
+            files.push(targetPath);
+    }
+    else if (stat.isDirectory()) {
+        const entries = readdirSync(targetPath, { withFileTypes: true });
+        for (const entry of entries) {
+            if (entry.name.startsWith('.') || entry.name === 'node_modules')
+                continue;
+            if (excludeTests && /^(test|tests|__tests__|spec|__mocks__)$/i.test(entry.name))
+                continue;
+            const fullPath = join(targetPath, entry.name);
+            files.push(...collectFiles(fullPath, language, excludeTests));
+        }
+    }
+    return files;
+}
+/**
+ * Resolve WASM paths for circle-ir initialization.
+ */
+function resolveWasmPaths() {
+    const require = createRequire(import.meta.url);
+    // Resolve circle-ir through circle-ir-ai so we use the same instance
+    const circleIrAiDir = dirname(require.resolve('circle-ir-ai'));
+    const innerRequire = createRequire(join(circleIrAiDir, 'index.js'));
+    const wasmDir = join(dirname(innerRequire.resolve('circle-ir')), 'wasm');
+    const jsWasm = join(wasmDir, 'tree-sitter-javascript.wasm');
+    return {
+        wasmPath: join(wasmDir, 'web-tree-sitter.wasm'),
+        languagePaths: {
+            bash: join(wasmDir, 'tree-sitter-bash.wasm'),
+            java: join(wasmDir, 'tree-sitter-java.wasm'),
+            javascript: jsWasm,
+            typescript: jsWasm, // TypeScript uses the JavaScript grammar
+            python: join(wasmDir, 'tree-sitter-python.wasm'),
+            rust: join(wasmDir, 'tree-sitter-rust.wasm'),
+        },
+    };
+}
+/**
+ * Validate that a path argument exists and resolve to absolute.
+ */
+function resolveTarget(targetPath) {
+    const absPath = resolve(targetPath);
+    if (!existsSync(absPath)) {
+        console.error(colors.red(`Error: path not found: ${absPath}`));
+        process.exit(2);
+    }
+    return absPath;
+}
+/**
+ * Write output to file or stdout.
+ */
+function writeOutput(output, outputPath) {
+    if (outputPath) {
+        writeFileSync(outputPath, output);
+        console.log(colors.green(`Results written to ${outputPath}`));
+    }
+    else if (output.trim()) {
+        console.log(output);
+    }
+}
+// ---------------------------------------------------------------------------
+// Scan command
+// ---------------------------------------------------------------------------
+async function scanFile(filePath, language) {
+    try {
+        const code = readFileSync(filePath, 'utf-8');
+        const result = await analyze(code, filePath, language);
+        const vulnerabilities = (result.taint.flows || []).map((flow) => ({
+            type: flow.sink_type,
+            severity: SINK_SEVERITY[flow.sink_type] ?? 'high',
+            message: `${flow.sink_type} vulnerability: tainted data flows from line ${flow.source_line} to line ${flow.sink_line}`,
+            line: flow.sink_line,
+            cwe: SINK_CWE[flow.sink_type],
+        }));
+        return { file: filePath, vulnerabilities };
+    }
+    catch (error) {
+        return {
+            file: filePath,
+            vulnerabilities: [],
+            error: error instanceof Error ? error.message : 'Unknown error',
+        };
+    }
+}
+async function runScan(targetPath, options) {
+    const spin = options.quiet ? null : spinner('Initializing analyzer...').start();
+    try {
+        // Initialize circle-ir
+        const wasm = resolveWasmPaths();
+        await initAnalyzer({ wasmPath: wasm.wasmPath, languagePaths: wasm.languagePaths });
+        if (spin)
+            spin.text = 'Collecting files...';
+        const absPath = resolveTarget(targetPath);
+        const files = collectFiles(absPath, options.language, options.excludeTests);
+        if (files.length === 0) {
+            if (spin)
+                spin.warn('No supported files found');
+            return;
+        }
+        let mode = 'static';
+        if (!options.noLlm) {
+            const model = process.env.LLM_ENRICHMENT_MODEL || 'cognium/gpt-oss-120b';
+            mode = options.llmDiscovery ? `LLM discovery · ${model}` : `LLM-enhanced · ${model}`;
+        }
+        if (spin)
+            spin.text = `Scanning ${files.length} file(s) [${mode}]...`;
+        const results = [];
+        let processed = 0;
+        // Process files with concurrency
+        const concurrency = options.threads;
+        for (let i = 0; i < files.length; i += concurrency) {
+            const batch = files.slice(i, i + concurrency);
+            const batchResults = await Promise.all(batch.map(async (file) => {
+                const lang = options.language || detectLanguage(file);
+                if (!lang)
+                    return null;
+                return scanFile(file, lang);
+            }));
+            for (const result of batchResults) {
+                if (result)
+                    results.push(result);
+            }
+            processed += batch.length;
+            if (spin)
+                spin.text = `Scanning... (${processed}/${files.length}) [${mode}]`;
+        }
+        if (spin)
+            spin.succeed(`Scanned ${files.length} file(s) [${mode}]`);
+        // Filter by severity
+        const severityOrder = ['low', 'medium', 'high', 'critical'];
+        if (options.severity) {
+            if (options.severity.includes(',')) {
+                const allowedSeverities = options.severity.split(',').map((s) => s.trim().toLowerCase());
+                for (const result of results) {
+                    result.vulnerabilities = result.vulnerabilities.filter((v) => allowedSeverities.includes(v.severity.toLowerCase()));
+                }
+            }
+            else {
+                const minSeverityIndex = severityOrder.indexOf(options.severity.toLowerCase());
+                if (minSeverityIndex === -1) {
+                    throw new Error(`Invalid severity level: ${options.severity}. Must be one of: low, medium, high, critical`);
+                }
+                for (const result of results) {
+                    result.vulnerabilities = result.vulnerabilities.filter((v) => severityOrder.indexOf(v.severity) >= minSeverityIndex);
+                }
+            }
+        }
+        // Filter by excluded CWEs
+        if (options.excludeCwe) {
+            const excludedCwes = options.excludeCwe.split(',').map((c) => c.trim().toUpperCase());
+            for (const result of results) {
+                result.vulnerabilities = result.vulnerabilities.filter((v) => {
+                    if (!v.cwe)
+                        return true;
+                    return !excludedCwes.includes(v.cwe.toUpperCase());
+                });
+            }
+        }
+        // Output
+        const totalVulns = results.reduce((sum, r) => sum + r.vulnerabilities.length, 0);
+        const errors = results.filter((r) => r.error).length;
+        const shouldOutput = totalVulns > 0 || errors > 0 || options.verbose || options.output || options.format !== 'text';
+        if (shouldOutput) {
+            let output;
+            switch (options.format) {
+                case 'json':
+                    output = formatJSON(results);
+                    break;
+                case 'sarif':
+                    output = formatSARIF(results);
+                    break;
+                default:
+                    output = formatResults(results, options.verbose);
+            }
+            writeOutput(output, options.output);
+            if (!options.quiet && options.format === 'text') {
+                console.log();
+                if (totalVulns > 0) {
+                    console.log(colors.red(`Found ${totalVulns} vulnerability(ies) in ${files.length} file(s)`));
+                }
+                else if (options.verbose) {
+                    console.log(colors.green(`No vulnerabilities found in ${files.length} file(s)`));
+                }
+                if (errors > 0) {
+                    console.log(colors.yellow(`${errors} file(s) had errors during analysis`));
+                }
+            }
+        }
+        process.exit(totalVulns > 0 ? 1 : 0);
+    }
+    catch (error) {
+        if (spin)
+            spin.fail('Analysis failed');
+        console.error(colors.red(error instanceof Error ? error.message : 'Unknown error'));
+        process.exit(2);
+    }
+}
+// ---------------------------------------------------------------------------
+// Subcommands: dead-code, secrets, health, skill
+// ---------------------------------------------------------------------------
+async function runDeadCode(targetPath, options) {
+    const spin = options.quiet ? null : spinner('Initializing analyzer...').start();
+    try {
+        const wasm = resolveWasmPaths();
+        await initAnalyzer({ wasmPath: wasm.wasmPath, languagePaths: wasm.languagePaths });
+        const absPath = resolveTarget(targetPath);
+        if (spin)
+            spin.text = 'Detecting dead code...';
+        const result = await detectDeadCode({ target: absPath });
+        if (spin)
+            spin.succeed(`Dead code analysis complete (${result.summary.totalMethods} methods analyzed)`);
+        let output;
+        if (options.format === 'json') {
+            output = JSON.stringify(result, null, 2);
+        }
+        else {
+            output = formatDeadCodeReport(result);
+        }
+        writeOutput(output, options.output);
+        process.exit(result.summary.deadMethods > 0 ? 1 : 0);
+    }
+    catch (error) {
+        if (spin)
+            spin.fail('Dead code detection failed');
+        console.error(colors.red(error instanceof Error ? error.message : 'Unknown error'));
+        process.exit(2);
+    }
+}
+async function runSecrets(targetPath, options) {
+    const spin = options.quiet ? null : spinner('Scanning for secrets...').start();
+    try {
+        const absPath = resolveTarget(targetPath);
+        const result = await scanForSecrets(absPath);
+        if (spin)
+            spin.succeed(`Secret scan complete (${result.filesScanned} files scanned)`);
+        let output;
+        if (options.format === 'json') {
+            output = JSON.stringify(result, null, 2);
+        }
+        else {
+            output = formatSecretReport(result);
+        }
+        writeOutput(output, options.output);
+        process.exit(result.secrets.length > 0 ? 1 : 0);
+    }
+    catch (error) {
+        if (spin)
+            spin.fail('Secret scanning failed');
+        console.error(colors.red(error instanceof Error ? error.message : 'Unknown error'));
+        process.exit(2);
+    }
+}
+async function runHealth(targetPath, options) {
+    const spin = options.quiet ? null : spinner('Initializing analyzer...').start();
+    try {
+        const wasm = resolveWasmPaths();
+        await initAnalyzer({ wasmPath: wasm.wasmPath, languagePaths: wasm.languagePaths });
+        const absPath = resolveTarget(targetPath);
+        if (spin)
+            spin.text = 'Calculating health score...';
+        const result = await calculateHealthScore(absPath);
+        if (spin)
+            spin.succeed(`Health analysis complete (score: ${result.overallScore.toFixed(0)}/100)`);
+        let output;
+        if (options.format === 'json') {
+            output = JSON.stringify(result, null, 2);
+        }
+        else {
+            output = formatHealthReport(result);
+        }
+        writeOutput(output, options.output);
+    }
+    catch (error) {
+        if (spin)
+            spin.fail('Health score calculation failed');
+        console.error(colors.red(error instanceof Error ? error.message : 'Unknown error'));
+        process.exit(2);
+    }
+}
+async function runSkill(targetPath, options) {
+    const spin = options.quiet ? null : spinner('Initializing analyzer...').start();
+    try {
+        const wasm = resolveWasmPaths();
+        await initAnalyzer({ wasmPath: wasm.wasmPath, languagePaths: wasm.languagePaths });
+        const absPath = resolveTarget(targetPath);
+        if (spin)
+            spin.text = 'Analyzing skill bundle...';
+        const result = await analyzeSkillBundle(absPath, {
+            enableCrossArtifact: true,
+            enableVerification: true,
+        });
+        if (spin)
+            spin.succeed(`Skill analysis complete (trust score: ${result.score}/100)`);
+        const output = JSON.stringify(result, null, 2);
+        writeOutput(output, options.output);
+        // Exit 1 if findings with high/critical severity
+        const hasHighFindings = result.findings.some((f) => f.severity === 'high' || f.severity === 'critical');
+        process.exit(hasHighFindings ? 1 : 0);
+    }
+    catch (error) {
+        if (spin)
+            spin.fail('Skill analysis failed');
+        console.error(colors.red(error instanceof Error ? error.message : 'Unknown error'));
+        process.exit(2);
+    }
+}
+// ---------------------------------------------------------------------------
+// Init command
+// ---------------------------------------------------------------------------
+function handleInit() {
+    const configPath = 'cognium-ai.config.json';
+    if (existsSync(configPath)) {
+        console.log(colors.yellow('Configuration file already exists'));
+        return;
+    }
+    const config = {
+        include: ['src/**/*.java', 'src/**/*.ts', 'src/**/*.py'],
+        exclude: ['**/test/**', '**/node_modules/**', '**/dist/**'],
+        severity: 'medium',
+        llm: {
+            enabled: true,
+            discovery: false,
+        },
+        rules: {
+            'sql-injection': 'error',
+            'command-injection': 'error',
+            'xss': 'error',
+            'path-traversal': 'error',
+            'ssrf': 'warn',
+            'deserialization': 'warn',
+        },
+    };
+    writeFileSync(configPath, JSON.stringify(config, null, 2));
+    console.log(colors.green(`Created ${configPath}`));
+}
+// ---------------------------------------------------------------------------
+// Main
+// ---------------------------------------------------------------------------
+async function main() {
+    const { command, args, options } = parseArgs(process.argv.slice(2));
+    if (options.help || options.h) {
+        showHelp();
+        return;
+    }
+    if (command === 'version' || options.version || options.V) {
+        showVersion(version);
+        return;
+    }
+    if (command === 'init') {
+        handleInit();
+        return;
+    }
+    // Commands that require a path argument
+    const subOptions = {
+        format: (options.format || options.f || 'text'),
+        output: (options.output || options.o),
+        quiet: options.quiet === true || options.q === true,
+    };
+    if (command === 'scan') {
+        if (args.length === 0) {
+            console.error(colors.red('Error: scan command requires a path argument'));
+            console.log('\nUsage: cognium-ai scan <path> [options]');
+            process.exit(1);
+        }
+        await runScan(args[0], {
+            language: (options.language || options.l),
+            format: subOptions.format,
+            threads: parseInt(options.threads || '4', 10),
+            severity: options.severity,
+            output: subOptions.output,
+            quiet: subOptions.quiet,
+            verbose: options.verbose === true || options.v === true,
+            excludeTests: options['exclude-tests'] === true,
+            excludeCwe: options['exclude-cwe'],
+            noLlm: options['no-llm'] === true,
+            llmDiscovery: options['llm-discovery'] === true,
+        });
+        return;
+    }
+    if (command === 'dead-code') {
+        if (args.length === 0) {
+            console.error(colors.red('Error: dead-code command requires a path argument'));
+            process.exit(1);
+        }
+        await runDeadCode(args[0], subOptions);
+        return;
+    }
+    if (command === 'secrets') {
+        if (args.length === 0) {
+            console.error(colors.red('Error: secrets command requires a path argument'));
+            process.exit(1);
+        }
+        await runSecrets(args[0], subOptions);
+        return;
+    }
+    if (command === 'health') {
+        if (args.length === 0) {
+            console.error(colors.red('Error: health command requires a path argument'));
+            process.exit(1);
+        }
+        await runHealth(args[0], subOptions);
+        return;
+    }
+    if (command === 'skill') {
+        if (args.length === 0) {
+            console.error(colors.red('Error: skill command requires a path argument'));
+            process.exit(1);
+        }
+        await runSkill(args[0], { output: subOptions.output, quiet: subOptions.quiet });
+        return;
+    }
+    if (!command) {
+        showHelp();
+    }
+    else {
+        console.error(colors.red(`Error: Unknown command '${command}'`));
+        console.log("\nRun 'cognium-ai --help' for usage information");
+        process.exit(1);
+    }
+}
+main().catch((error) => {
+    console.error(colors.red('Fatal error:'), error.message);
+    process.exit(2);
+});
+//# sourceMappingURL=cli.js.map

package/dist/cli.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"cli.js","sourceRoot":"","sources":["../src/cli.ts"],"names":[],"mappings":";AACA;;GAEG;AAEH,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,UAAU,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC;AACpF,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,QAAQ,CAAC;AACvC,OAAO,EACL,YAAY,EACZ,OAAO,EAEP,cAAc,EACd,oBAAoB,EACpB,cAAc,EACd,kBAAkB,EAClB,oBAAoB,EACpB,kBAAkB,EAClB,kBAAkB,GACnB,MAAM,cAAc,CAAC;AACtB,OAAO,EAAE,aAAa,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACzE,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AACvC,OAAO,EAAE,SAAS,EAAE,QAAQ,EAAE,WAAW,EAAE,MAAM,iBAAiB,CAAC;AACnE,OAAO,EAAE,OAAO,EAAE,MAAM,oBAAoB,CAAC;AAC7C,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAE3C,8EAA8E;AAC9E,YAAY;AACZ,8EAA8E;AAE9E,MAAM,aAAa,GAAG;IACpB,iBAAiB;IACjB,kBAAkB;IAClB,sBAAsB;IACtB,iBAAiB;IACjB,sBAAsB;IACtB,mBAAmB;IACnB,mBAAmB;IACnB,aAAa;IACb,cAAc;IACd,WAAW;IACX,YAAY;IACZ,aAAa;IACb,cAAc;IACd,YAAY;CACb,CAAC;AAEF,MAAM,QAAQ,GAA2B;IACvC,OAAO,EAAE,MAAM;IACf,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,MAAM;IACb,KAAK,EAAE,MAAM;IACb,OAAO,EAAE,MAAM;CAChB,CAAC;AAEF,MAAM,aAAa,GAA6B;IAC9C,aAAa,EAAE,UAAU;IACzB,eAAe,EAAE,MAAM;IACvB,iBAAiB,EAAE,UAAU;IAC7B,cAAc,EAAE,MAAM;IACtB,GAAG,EAAE,MAAM;IACX,GAAG,EAAE,UAAU;IACf,eAAe,EAAE,UAAU;IAC3B,cAAc,EAAE,MAAM;IACtB,eAAe,EAAE,MAAM;IACvB,IAAI,EAAE,MAAM;IACZ,aAAa,EAAE,QAAQ;IACvB,cAAc,EAAE,UAAU;IAC1B,aAAa,EAAE,QAAQ;IACvB,WAAW,EAAE,KAAK;IAClB,SAAS,EAAE,KAAK;IAChB,WAAW,EAAE,KAAK;IAClB,eAAe,EAAE,KAAK;IACtB,cAAc,EAAE,QAAQ;IACxB,qBAAqB,EAAE,QAAQ;CAChC,CAAC;AAEF,MAAM,QAAQ,GAA6B;IACzC,aAAa,EAAE,QAAQ;IACvB,eAAe,EAAE,SAAS;IAC1B,iBAAiB,EAAE,QAAQ;IAC3B,cAAc,EAAE,QAAQ;IACxB,GAAG,EAAE,QAAQ;IACb,GAAG,EAAE,SAAS;IACd,eAAe,EAAE,SAAS;IAC1B,cAAc,EAAE,QAAQ;IACxB,eAAe,EAAE,SAAS;IAC1B,IAAI,EAAE,SAAS;IACf,aAAa,EAAE,SAAS;IACxB,cAAc,EAAE,QAAQ;IACxB,aAAa,EAAE,SAAS;IACxB,WAAW,EAAE,SAAS;IACtB,SAAS,EAAE,SAAS;IACpB,WAAW,EAAE,SAAS;IACtB,eAAe,EAAE,SAAS;IAC1B,cAAc,EAAE,SAAS;IACzB,qBAAqB,EAAE,QAAQ;CAChC,CAAC;AAgCF,8EAA8E;AAC9E,UAAU;AACV,8EAA8E;AAE9E,SAAS,UAAU,CAAC,QAAgB;IAClC,OAAO,aAAa,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;AACjE,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB;IACtC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5C,OAAO,QAAQ,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC;AAC/B,CAAC;AAED,SAAS,YAAY,CAAC,UAAkB,EAAE,QAAiB,EAAE,YAAY,GAAG,KAAK;IAC/E,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,IAAI,GAAG,QAAQ,CAAC,UAAU,CAAC,CAAC;IAElC,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClB,IAAI,YAAY,IAAI,UAAU,CAAC,UAAU,CAAC;YAAE,OAAO,KAAK,CAAC;QACzD,MAAM,IAAI,GAAG,QAAQ,IAAI,cAAc,CAAC,UAAU,CAAC,CAAC;QACpD,IAAI,IAAI;YAAE,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACnC,CAAC;SAAM,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;QAC9B,MAAM,OAAO,GAAG,WAAW,CAAC,UAAU,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;QACjE,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,KAAK,cAAc;gBAAE,SAAS;YAC1E,IAAI,YAAY,IAAI,0CAA0C,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC;gBAAE,SAAS;YAC1F,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;YAC9C,KAAK,CAAC,IAAI,CAAC,GAAG,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB;IACvB,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IAC/C,qEAAqE;IACrE,MAAM,aAAa,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC,CAAC;IAC/D,MAAM,YAAY,GAAG,aAAa,CAAC,IAAI,CAAC,aAAa,EAAE,UAAU,CAAC,CAAC,CAAC;IACpE,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,IAAI,CAAC,OAAO,EAAE,6BAA6B,CAAC,CAAC;IAC5D,OAAO;QACL,QAAQ,EAAE,IAAI,CAAC,OAAO,EAAE,sBAAsB,CAAC;QAC/C,aAAa,EAAE;YACb,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,uBAAuB,CAAC;YAC5C,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,uBAAuB,CAAC;YAC5C,UAAU,EAAE,MAAM;YAClB,UAAU,EAAE,MAAM,EAAE,yCAAyC;YAC7D,MAAM,EAAE,IAAI,CAAC,OAAO,EAAE,yBAAyB,CAAC;YAChD,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE,uBAAuB,CAAC;SAC7C;KACF,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,UAAkB;IACvC,MAAM,OAAO,GAAG,OAAO,CAAC,UAAU,CAAC,CAAC;IACpC,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,0BAA0B,OAAO,EAAE,CAAC,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,WAAW,CAAC,MAAc,EAAE,UAAmB;IACtD,IAAI,UAAU,EAAE,CAAC;QACf,aAAa,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC;QAClC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,UAAU,EAAE,CAAC,CAAC,CAAC;IAChE,CAAC;SAAM,IAAI,MAAM,CAAC,IAAI,EAAE,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;IACtB,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,eAAe;AACf,8EAA8E;AAE9E,KAAK,UAAU,QAAQ,CAAC,QAAgB,EAAE,QAAgB;IACxD,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,MAAM,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,QAAyC,CAAC,CAAC;QAExF,MAAM,eAAe,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;YAChE,IAAI,EAAE,IAAI,CAAC,SAAS;YACpB,QAAQ,EAAE,aAAa,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,MAAM;YACjD,OAAO,EAAE,GAAG,IAAI,CAAC,SAAS,gDAAgD,IAAI,CAAC,WAAW,YAAY,IAAI,CAAC,SAAS,EAAE;YACtH,IAAI,EAAE,IAAI,CAAC,SAAS;YACpB,GAAG,EAAE,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC;SAC9B,CAAC,CAAC,CAAC;QAEJ,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC7C,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,OAAO;YACL,IAAI,EAAE,QAAQ;YACd,eAAe,EAAE,EAAE;YACnB,KAAK,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe;SAChE,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,UAAkB,EAAE,OAAoB;IAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,KAAK,EAAE,CAAC;IAEhF,IAAI,CAAC;QACH,uBAAuB;QACvB,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,YAAY,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAEnF,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,GAAG,qBAAqB,CAAC;QAE5C,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAC1C,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,YAAY,CAAC,CAAC;QAE5E,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvB,IAAI,IAAI;gBAAE,IAAI,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;YAChD,OAAO;QACT,CAAC;QAED,IAAI,IAAI,GAAG,QAAQ,CAAC;QACpB,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,CAAC;YACnB,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,oBAAoB,IAAI,sBAAsB,CAAC;YACzE,IAAI,GAAG,OAAO,CAAC,YAAY,CAAC,CAAC,CAAC,mBAAmB,KAAK,EAAE,CAAC,CAAC,CAAC,kBAAkB,KAAK,EAAE,CAAC;QACvF,CAAC;QACD,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,GAAG,YAAY,KAAK,CAAC,MAAM,aAAa,IAAI,MAAM,CAAC;QAEtE,MAAM,OAAO,GAAiB,EAAE,CAAC;QACjC,IAAI,SAAS,GAAG,CAAC,CAAC;QAElB,iCAAiC;QACjC,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC;QACpC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,IAAI,WAAW,EAAE,CAAC;YACnD,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,GAAG,WAAW,CAAC,CAAC;YAC9C,MAAM,YAAY,GAAG,MAAM,OAAO,CAAC,GAAG,CACpC,KAAK,CAAC,GAAG,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE;gBACvB,MAAM,IAAI,GAAG,OAAO,CAAC,QAAQ,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC;gBACtD,IAAI,CAAC,IAAI;oBAAE,OAAO,IAAI,CAAC;gBACvB,OAAO,QAAQ,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YAC9B,CAAC,CAAC,CACH,CAAC;YAEF,KAAK,MAAM,MAAM,IAAI,YAAY,EAAE,CAAC;gBAClC,IAAI,MAAM;oBAAE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnC,CAAC;YAED,SAAS,IAAI,KAAK,CAAC,MAAM,CAAC;YAC1B,IAAI,IAAI;gBAAE,IAAI,CAAC,IAAI,GAAG,gBAAgB,SAAS,IAAI,KAAK,CAAC,MAAM,MAAM,IAAI,GAAG,CAAC;QAC/E,CAAC;QAED,IAAI,IAAI;YAAE,IAAI,CAAC,OAAO,CAAC,WAAW,KAAK,CAAC,MAAM,aAAa,IAAI,GAAG,CAAC,CAAC;QAEpE,qBAAqB;QACrB,MAAM,aAAa,GAAG,CAAC,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QAE5D,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnC,MAAM,iBAAiB,GAAG,OAAO,CAAC,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;gBACzF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAC3D,iBAAiB,CAAC,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CACrD,CAAC;gBACJ,CAAC;YACH,CAAC;iBAAM,CAAC;gBACN,MAAM,gBAAgB,GAAG,aAAa,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,CAAC;gBAC/E,IAAI,gBAAgB,KAAK,CAAC,CAAC,EAAE,CAAC;oBAC5B,MAAM,IAAI,KAAK,CAAC,2BAA2B,OAAO,CAAC,QAAQ,+CAA+C,CAAC,CAAC;gBAC9G,CAAC;gBACD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;oBAC7B,MAAM,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAC3D,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CACtD,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,0BAA0B;QAC1B,IAAI,OAAO,CAAC,UAAU,EAAE,CAAC;YACvB,MAAM,YAAY,GAAG,OAAO,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YACtF,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;gBAC7B,MAAM,CAAC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;oBAC3D,IAAI,CAAC,CAAC,CAAC,GAAG;wBAAE,OAAO,IAAI,CAAC;oBACxB,OAAO,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;gBACrD,CAAC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,SAAS;QACT,MAAM,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QACjF,MAAM,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC;QACrD,MAAM,YAAY,GAAG,UAAU,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,CAAC;QAEpH,IAAI,YAAY,EAAE,CAAC;YACjB,IAAI,MAAc,CAAC;YACnB,QAAQ,OAAO,CAAC,MAAM,EAAE,CAAC;gBACvB,KAAK,MAAM;oBACT,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,CAAC;oBAC7B,MAAM;gBACR,KAAK,OAAO;oBACV,MAAM,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;oBAC9B,MAAM;gBACR;oBACE,MAAM,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC;YACrD,CAAC;YAED,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAEpC,IAAI,CAAC,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;gBAChD,OAAO,CAAC,GAAG,EAAE,CAAC;gBACd,IAAI,UAAU,GAAG,CAAC,EAAE,CAAC;oBACnB,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,GAAG,CAAC,SAAS,UAAU,0BAA0B,KAAK,CAAC,MAAM,UAAU,CAAC,CAAC,CAAC;gBAC/F,CAAC;qBAAM,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;oBAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,+BAA+B,KAAK,CAAC,MAAM,UAAU,CAAC,CAAC,CAAC;gBACnF,CAAC;gBACD,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC;oBACf,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,GAAG,MAAM,qCAAqC,CAAC,CAAC,CAAC;gBAC7E,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACvC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,iDAAiD;AACjD,8EAA8E;AAE9E,KAAK,UAAU,WAAW,CAAC,UAAkB,EAAE,OAA8D;IAC3G,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,KAAK,EAAE,CAAC;IAEhF,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,YAAY,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAEnF,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,GAAG,wBAAwB,CAAC;QAE/C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,EAAE,MAAM,EAAE,OAAO,EAAE,CAAC,CAAC;QAEzD,IAAI,IAAI;YAAE,IAAI,CAAC,OAAO,CAAC,gCAAgC,MAAM,CAAC,OAAO,CAAC,YAAY,oBAAoB,CAAC,CAAC;QAExG,IAAI,MAAc,CAAC;QACnB,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,oBAAoB,CAAC,MAAM,CAAC,CAAC;QACxC,CAAC;QAED,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAEpC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;QAClD,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,UAAkB,EAAE,OAA8D;IAC1G,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,yBAAyB,CAAC,CAAC,KAAK,EAAE,CAAC;IAE/E,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAE1C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,OAAO,CAAC,CAAC;QAE7C,IAAI,IAAI;YAAE,IAAI,CAAC,OAAO,CAAC,yBAAyB,MAAM,CAAC,YAAY,iBAAiB,CAAC,CAAC;QAEtF,IAAI,MAAc,CAAC;QACnB,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;QAED,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAEpC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAClD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;QAC9C,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,SAAS,CAAC,UAAkB,EAAE,OAA8D;IACzG,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,KAAK,EAAE,CAAC;IAEhF,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,YAAY,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAEnF,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,GAAG,6BAA6B,CAAC;QAEpD,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,OAAO,CAAC,CAAC;QAEnD,IAAI,IAAI;YAAE,IAAI,CAAC,OAAO,CAAC,oCAAoC,MAAM,CAAC,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;QAElG,IAAI,MAAc,CAAC;QACnB,IAAI,OAAO,CAAC,MAAM,KAAK,MAAM,EAAE,CAAC;YAC9B,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,MAAM,GAAG,kBAAkB,CAAC,MAAM,CAAC,CAAC;QACtC,CAAC;QAED,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;IACtC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;QACvD,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,UAAkB,EAAE,OAA6C;IACvF,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,0BAA0B,CAAC,CAAC,KAAK,EAAE,CAAC;IAEhF,IAAI,CAAC;QACH,MAAM,IAAI,GAAG,gBAAgB,EAAE,CAAC;QAChC,MAAM,YAAY,CAAC,EAAE,QAAQ,EAAE,IAAI,CAAC,QAAQ,EAAE,aAAa,EAAE,IAAI,CAAC,aAAa,EAAE,CAAC,CAAC;QAEnF,MAAM,OAAO,GAAG,aAAa,CAAC,UAAU,CAAC,CAAC;QAC1C,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,GAAG,2BAA2B,CAAC;QAElD,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE;YAC/C,mBAAmB,EAAE,IAAI;YACzB,kBAAkB,EAAE,IAAI;SACzB,CAAC,CAAC;QAEH,IAAI,IAAI;YAAE,IAAI,CAAC,OAAO,CAAC,yCAAyC,MAAM,CAAC,KAAK,OAAO,CAAC,CAAC;QAErF,MAAM,MAAM,GAAG,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;QAC/C,WAAW,CAAC,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;QAEpC,iDAAiD;QACjD,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,IAAI,CAC1C,CAAC,CAAuB,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,IAAI,CAAC,CAAC,QAAQ,KAAK,UAAU,CAChF,CAAC;QACF,OAAO,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACxC,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,IAAI,IAAI;YAAE,IAAI,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QAC7C,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC;QACpF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,eAAe;AACf,8EAA8E;AAE9E,SAAS,UAAU;IACjB,MAAM,UAAU,GAAG,wBAAwB,CAAC;IAC5C,IAAI,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC,mCAAmC,CAAC,CAAC,CAAC;QAChE,OAAO;IACT,CAAC;IAED,MAAM,MAAM,GAAG;QACb,OAAO,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,aAAa,CAAC;QACxD,OAAO,EAAE,CAAC,YAAY,EAAE,oBAAoB,EAAE,YAAY,CAAC;QAC3D,QAAQ,EAAE,QAAQ;QAClB,GAAG,EAAE;YACH,OAAO,EAAE,IAAI;YACb,SAAS,EAAE,KAAK;SACjB;QACD,KAAK,EAAE;YACL,eAAe,EAAE,OAAO;YACxB,mBAAmB,EAAE,OAAO;YAC5B,KAAK,EAAE,OAAO;YACd,gBAAgB,EAAE,OAAO;YACzB,MAAM,EAAE,MAAM;YACd,iBAAiB,EAAE,MAAM;SAC1B;KACF,CAAC;IAEF,aAAa,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC3D,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,UAAU,EAAE,CAAC,CAAC,CAAC;AACrD,CAAC;AAED,8EAA8E;AAC9E,OAAO;AACP,8EAA8E;AAE9E,KAAK,UAAU,IAAI;IACjB,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;IAEpE,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,CAAC,EAAE,CAAC;QAC9B,QAAQ,EAAE,CAAC;QACX,OAAO;IACT,CAAC;IAED,IAAI,OAAO,KAAK,SAAS,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,CAAC,EAAE,CAAC;QAC1D,WAAW,CAAC,OAAO,CAAC,CAAC;QACrB,OAAO;IACT,CAAC;IAED,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,UAAU,EAAE,CAAC;QACb,OAAO;IACT,CAAC;IAED,wCAAwC;IACxC,MAAM,UAAU,GAAG;QACjB,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,IAAI,MAAM,CAAW;QACzD,MAAM,EAAE,CAAC,OAAO,CAAC,MAAM,IAAI,OAAO,CAAC,CAAC,CAAuB;QAC3D,KAAK,EAAE,OAAO,CAAC,KAAK,KAAK,IAAI,IAAI,OAAO,CAAC,CAAC,KAAK,IAAI;KACpD,CAAC;IAEF,IAAI,OAAO,KAAK,MAAM,EAAE,CAAC;QACvB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,8CAA8C,CAAC,CAAC,CAAC;YAC1E,OAAO,CAAC,GAAG,CAAC,2CAA2C,CAAC,CAAC;YACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QAED,MAAM,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE;YACrB,QAAQ,EAAE,CAAC,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,CAAC,CAAuB;YAC/D,MAAM,EAAE,UAAU,CAAC,MAAmC;YACtD,OAAO,EAAE,QAAQ,CAAE,OAAO,CAAC,OAAkB,IAAI,GAAG,EAAE,EAAE,CAAC;YACzD,QAAQ,EAAE,OAAO,CAAC,QAA8B;YAChD,MAAM,EAAE,UAAU,CAAC,MAAM;YACzB,KAAK,EAAE,UAAU,CAAC,KAAK;YACvB,OAAO,EAAE,OAAO,CAAC,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,CAAC,KAAK,IAAI;YACvD,YAAY,EAAE,OAAO,CAAC,eAAe,CAAC,KAAK,IAAI;YAC/C,UAAU,EAAE,OAAO,CAAC,aAAa,CAAuB;YACxD,KAAK,EAAE,OAAO,CAAC,QAAQ,CAAC,KAAK,IAAI;YACjC,YAAY,EAAE,OAAO,CAAC,eAAe,CAAC,KAAK,IAAI;SAChD,CAAC,CAAC;QACH,OAAO;IACT,CAAC;IAED,IAAI,OAAO,KAAK,WAAW,EAAE,CAAC;QAC5B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,mDAAmD,CAAC,CAAC,CAAC;YAC/E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;QACvC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,KAAK,SAAS,EAAE,CAAC;QAC1B,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC,CAAC;YAC7E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;QACtC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,KAAK,QAAQ,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC,CAAC;YAC5E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;QACrC,OAAO;IACT,CAAC;IAED,IAAI,OAAO,KAAK,OAAO,EAAE,CAAC;QACxB,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACtB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC,CAAC;YAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;QACD,MAAM,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,KAAK,EAAE,UAAU,CAAC,KAAK,EAAE,CAAC,CAAC;QAChF,OAAO;IACT,CAAC;IAED,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,QAAQ,EAAE,CAAC;IACb,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,OAAO,GAAG,CAAC,CAAC,CAAC;QACjE,OAAO,CAAC,GAAG,CAAC,iDAAiD,CAAC,CAAC;QAC/D,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,cAAc,CAAC,EAAE,KAAK,CAAC,OAAO,CAAC,CAAC;IACzD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/dist/formatters.d.ts

@@ -0,0 +1,20 @@
+/**
+ * Output formatters for CLI results
+ */
+interface Vulnerability {
+    type: string;
+    severity: string;
+    message: string;
+    line: number;
+    cwe?: string;
+}
+interface ScanResult {
+    file: string;
+    vulnerabilities: Vulnerability[];
+    error?: string;
+}
+export declare function formatResults(results: ScanResult[], verbose?: boolean): string;
+export declare function formatJSON(results: ScanResult[]): string;
+export declare function formatSARIF(results: ScanResult[]): string;
+export {};
+//# sourceMappingURL=formatters.d.ts.map

package/dist/formatters.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"formatters.d.ts","sourceRoot":"","sources":["../src/formatters.ts"],"names":[],"mappings":"AAAA;;GAEG;AAIH,UAAU,aAAa;IACrB,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,MAAM,CAAC;IACb,GAAG,CAAC,EAAE,MAAM,CAAC;CACd;AAED,UAAU,UAAU;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,eAAe,EAAE,aAAa,EAAE,CAAC;IACjC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AA+FD,wBAAgB,aAAa,CAAC,OAAO,EAAE,UAAU,EAAE,EAAE,OAAO,CAAC,EAAE,OAAO,GAAG,MAAM,CAyC9E;AAED,wBAAgB,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,MAAM,CAkBxD;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,UAAU,EAAE,GAAG,MAAM,CA8DzD"}

package/dist/formatters.js

@@ -0,0 +1,202 @@
+/**
+ * Output formatters for CLI results
+ */
+import { colors } from './utils/colors.js';
+const VULNERABILITY_HELP = {
+    sql_injection: {
+        description: 'User input is used in SQL query without sanitization',
+        fix: 'Use PreparedStatement with parameterized queries instead of string concatenation',
+    },
+    nosql_injection: {
+        description: 'User input is used in NoSQL query without sanitization',
+        fix: 'Use parameterized queries or properly escape user input before using in queries',
+    },
+    command_injection: {
+        description: 'User input is used in system command without sanitization',
+        fix: 'Avoid Runtime.exec() with user input. Use ProcessBuilder with argument arrays instead',
+    },
+    path_traversal: {
+        description: 'User input is used in file path without validation',
+        fix: 'Validate file paths against allowlist, use canonical paths, and check for ".." sequences',
+    },
+    xss: {
+        description: 'User input is rendered in HTML without proper encoding',
+        fix: 'Use HTML encoding/escaping functions before rendering user input in web pages',
+    },
+    xxe: {
+        description: 'XML parser may process external entities from untrusted input',
+        fix: 'Disable external entity processing in XML parsers',
+    },
+    deserialization: {
+        description: 'Untrusted data is deserialized which can lead to remote code execution',
+        fix: 'Avoid deserializing untrusted data. Use safe formats like JSON instead of Java serialization',
+    },
+    ldap_injection: {
+        description: 'User input is used in LDAP query without sanitization',
+        fix: 'Escape LDAP special characters or use parameterized LDAP queries',
+    },
+    xpath_injection: {
+        description: 'User input is used in XPath query without sanitization',
+        fix: 'Use parameterized XPath queries or properly escape user input',
+    },
+    ssrf: {
+        description: 'Server-Side Request Forgery: user controls URL in server-side request',
+        fix: 'Validate URLs against allowlist of domains, block internal IPs',
+    },
+    open_redirect: {
+        description: 'User input controls redirect destination which can be abused for phishing',
+        fix: 'Validate redirect URLs against allowlist or use relative paths only',
+    },
+    code_injection: {
+        description: 'User input is evaluated as code (eval, script execution, etc.)',
+        fix: 'Never execute user input as code. Use safe alternatives like JSON parsing',
+    },
+    log_injection: {
+        description: 'User input in logs can inject fake log entries or exploit log viewers',
+        fix: 'Sanitize newlines and special characters from user input before logging',
+    },
+    weak_random: {
+        description: 'Cryptographically weak random number generator used for security purposes',
+        fix: 'Use SecureRandom instead of Random for security-sensitive operations',
+    },
+    weak_hash: {
+        description: 'Weak hashing algorithm (MD5, SHA1) used for security purposes',
+        fix: 'Use SHA-256 or stronger hashing algorithms',
+    },
+    weak_crypto: {
+        description: 'Weak cryptographic algorithm or configuration',
+        fix: 'Use strong encryption algorithms (AES-256) and secure configurations',
+    },
+    insecure_cookie: {
+        description: 'Cookie without Secure or HttpOnly flags exposes it to attacks',
+        fix: 'Set Secure and HttpOnly flags on sensitive cookies',
+    },
+    trust_boundary: {
+        description: 'Data crosses trust boundary without validation',
+        fix: 'Validate and sanitize data when crossing trust boundaries',
+    },
+    external_taint_escape: {
+        description: 'External input reaches a sensitive sink without proper validation',
+        fix: 'Validate, sanitize, or escape external input before use in sensitive operations',
+    },
+};
+const SEVERITY_COLORS = {
+    critical: colors.red,
+    high: colors.red,
+    medium: colors.yellow,
+    low: colors.cyan,
+};
+const SEVERITY_ICONS = {
+    critical: '!!!',
+    high: '!!',
+    medium: '!',
+    low: 'i',
+};
+export function formatResults(results, verbose) {
+    const lines = [];
+    for (const result of results) {
+        if (result.error) {
+            lines.push(colors.red(`[ERROR] ${result.file}: ${result.error}`));
+            continue;
+        }
+        if (result.vulnerabilities.length === 0) {
+            if (verbose) {
+                lines.push(colors.green(`[OK] ${result.file}`));
+            }
+            continue;
+        }
+        lines.push(colors.bold(result.file));
+        for (const vuln of result.vulnerabilities) {
+            const colorFn = SEVERITY_COLORS[vuln.severity] || ((text) => text);
+            const icon = SEVERITY_ICONS[vuln.severity] || '?';
+            const cweTag = vuln.cwe ? ` [${vuln.cwe}]` : '';
+            const severityUpper = vuln.severity.charAt(0).toUpperCase() + vuln.severity.slice(1);
+            lines.push(`  ${colorFn(`[${icon}]`)} ${colorFn(vuln.type)} (${severityUpper})${cweTag}`);
+            lines.push(`      Line ${vuln.line}: ${vuln.message}`);
+            const help = VULNERABILITY_HELP[vuln.type];
+            if (help) {
+                lines.push(`      ${help.description}`);
+                lines.push(colors.cyan(`      -> Fix: ${help.fix}`));
+            }
+        }
+        lines.push('');
+    }
+    return lines.join('\n');
+}
+export function formatJSON(results) {
+    const output = {
+        version: '1.0.0',
+        timestamp: new Date().toISOString(),
+        results: results.map((r) => ({
+            file: r.file,
+            vulnerabilities: r.vulnerabilities,
+            error: r.error,
+        })),
+        summary: {
+            filesScanned: results.length,
+            filesWithVulnerabilities: results.filter((r) => r.vulnerabilities.length > 0).length,
+            totalVulnerabilities: results.reduce((sum, r) => sum + r.vulnerabilities.length, 0),
+            errors: results.filter((r) => r.error).length,
+        },
+    };
+    return JSON.stringify(output, null, 2);
+}
+export function formatSARIF(results) {
+    const ruleSet = new Map();
+    const sarifResults = [];
+    for (const result of results) {
+        for (const vuln of result.vulnerabilities) {
+            if (!ruleSet.has(vuln.type)) {
+                ruleSet.set(vuln.type, {
+                    id: vuln.type.replace(/\s+/g, '-').toLowerCase(),
+                    name: vuln.type,
+                    shortDescription: { text: vuln.type },
+                    defaultConfiguration: {
+                        level: vuln.severity === 'critical' || vuln.severity === 'high' ? 'error' : 'warning',
+                    },
+                    properties: {
+                        'security-severity': vuln.severity === 'critical' ? '9.0' :
+                            vuln.severity === 'high' ? '7.0' :
+                                vuln.severity === 'medium' ? '5.0' : '3.0',
+                    },
+                });
+            }
+            sarifResults.push({
+                ruleId: vuln.type.replace(/\s+/g, '-').toLowerCase(),
+                level: vuln.severity === 'critical' || vuln.severity === 'high' ? 'error' : 'warning',
+                message: { text: vuln.message },
+                locations: [
+                    {
+                        physicalLocation: {
+                            artifactLocation: { uri: result.file },
+                            region: { startLine: vuln.line },
+                        },
+                    },
+                ],
+                properties: {
+                    cwe: vuln.cwe,
+                    severity: vuln.severity,
+                },
+            });
+        }
+    }
+    const sarif = {
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        version: '2.1.0',
+        runs: [
+            {
+                tool: {
+                    driver: {
+                        name: 'cognium-ai',
+                        version: '1.0.0',
+                        informationUri: 'https://cognium.dev',
+                        rules: Array.from(ruleSet.values()),
+                    },
+                },
+                results: sarifResults,
+            },
+        ],
+    };
+    return JSON.stringify(sarif, null, 2);
+}
+//# sourceMappingURL=formatters.js.map

package/dist/formatters.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"formatters.js","sourceRoot":"","sources":["../src/formatters.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAgB3C,MAAM,kBAAkB,GAAyD;IAC/E,aAAa,EAAE;QACb,WAAW,EAAE,sDAAsD;QACnE,GAAG,EAAE,kFAAkF;KACxF;IACD,eAAe,EAAE;QACf,WAAW,EAAE,wDAAwD;QACrE,GAAG,EAAE,iFAAiF;KACvF;IACD,iBAAiB,EAAE;QACjB,WAAW,EAAE,2DAA2D;QACxE,GAAG,EAAE,uFAAuF;KAC7F;IACD,cAAc,EAAE;QACd,WAAW,EAAE,oDAAoD;QACjE,GAAG,EAAE,0FAA0F;KAChG;IACD,GAAG,EAAE;QACH,WAAW,EAAE,wDAAwD;QACrE,GAAG,EAAE,+EAA+E;KACrF;IACD,GAAG,EAAE;QACH,WAAW,EAAE,+DAA+D;QAC5E,GAAG,EAAE,mDAAmD;KACzD;IACD,eAAe,EAAE;QACf,WAAW,EAAE,wEAAwE;QACrF,GAAG,EAAE,8FAA8F;KACpG;IACD,cAAc,EAAE;QACd,WAAW,EAAE,uDAAuD;QACpE,GAAG,EAAE,kEAAkE;KACxE;IACD,eAAe,EAAE;QACf,WAAW,EAAE,wDAAwD;QACrE,GAAG,EAAE,+DAA+D;KACrE;IACD,IAAI,EAAE;QACJ,WAAW,EAAE,uEAAuE;QACpF,GAAG,EAAE,gEAAgE;KACtE;IACD,aAAa,EAAE;QACb,WAAW,EAAE,2EAA2E;QACxF,GAAG,EAAE,qEAAqE;KAC3E;IACD,cAAc,EAAE;QACd,WAAW,EAAE,gEAAgE;QAC7E,GAAG,EAAE,2EAA2E;KACjF;IACD,aAAa,EAAE;QACb,WAAW,EAAE,uEAAuE;QACpF,GAAG,EAAE,yEAAyE;KAC/E;IACD,WAAW,EAAE;QACX,WAAW,EAAE,2EAA2E;QACxF,GAAG,EAAE,sEAAsE;KAC5E;IACD,SAAS,EAAE;QACT,WAAW,EAAE,+DAA+D;QAC5E,GAAG,EAAE,4CAA4C;KAClD;IACD,WAAW,EAAE;QACX,WAAW,EAAE,+CAA+C;QAC5D,GAAG,EAAE,sEAAsE;KAC5E;IACD,eAAe,EAAE;QACf,WAAW,EAAE,+DAA+D;QAC5E,GAAG,EAAE,oDAAoD;KAC1D;IACD,cAAc,EAAE;QACd,WAAW,EAAE,gDAAgD;QAC7D,GAAG,EAAE,2DAA2D;KACjE;IACD,qBAAqB,EAAE;QACrB,WAAW,EAAE,mEAAmE;QAChF,GAAG,EAAE,iFAAiF;KACvF;CACF,CAAC;AAEF,MAAM,eAAe,GAA6C;IAChE,QAAQ,EAAE,MAAM,CAAC,GAAG;IACpB,IAAI,EAAE,MAAM,CAAC,GAAG;IAChB,MAAM,EAAE,MAAM,CAAC,MAAM;IACrB,GAAG,EAAE,MAAM,CAAC,IAAI;CACjB,CAAC;AAEF,MAAM,cAAc,GAA2B;IAC7C,QAAQ,EAAE,KAAK;IACf,IAAI,EAAE,IAAI;IACV,MAAM,EAAE,GAAG;IACX,GAAG,EAAE,GAAG;CACT,CAAC;AAEF,MAAM,UAAU,aAAa,CAAC,OAAqB,EAAE,OAAiB;IACpE,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,WAAW,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;YAClE,SAAS;QACX,CAAC;QAED,IAAI,MAAM,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACxC,IAAI,OAAO,EAAE,CAAC;gBACZ,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,QAAQ,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAClD,CAAC;YACD,SAAS;QACX,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QAErC,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAY,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC;YAC3E,MAAM,IAAI,GAAG,cAAc,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,GAAG,CAAC;YAClD,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;YAChD,MAAM,aAAa,GAAG,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAErF,KAAK,CAAC,IAAI,CACR,KAAK,OAAO,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,aAAa,IAAI,MAAM,EAAE,CAC9E,CAAC;YAEF,KAAK,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,OAAO,EAAE,CAAC,CAAC;YAEvD,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC3C,IAAI,IAAI,EAAE,CAAC;gBACT,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;gBACxC,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,iBAAiB,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,MAAM,UAAU,UAAU,CAAC,OAAqB;IAC9C,MAAM,MAAM,GAAG;QACb,OAAO,EAAE,OAAO;QAChB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC3B,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,eAAe,EAAE,CAAC,CAAC,eAAe;YAClC,KAAK,EAAE,CAAC,CAAC,KAAK;SACf,CAAC,CAAC;QACH,OAAO,EAAE;YACP,YAAY,EAAE,OAAO,CAAC,MAAM;YAC5B,wBAAwB,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,MAAM;YACpF,oBAAoB,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC;YACnF,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,MAAM;SAC9C;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACzC,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,OAAqB;IAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,EAAmC,CAAC;IAC3D,MAAM,YAAY,GAA8B,EAAE,CAAC;IAEnD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;YAC1C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC5B,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE;oBACrB,EAAE,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE;oBAChD,IAAI,EAAE,IAAI,CAAC,IAAI;oBACf,gBAAgB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE;oBACrC,oBAAoB,EAAE;wBACpB,KAAK,EAAE,IAAI,CAAC,QAAQ,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;qBACtF;oBACD,UAAU,EAAE;wBACV,mBAAmB,EACjB,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;4BACtC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC;gCAClC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK;qBAC7C;iBACF,CAAC,CAAC;YACL,CAAC;YAED,YAAY,CAAC,IAAI,CAAC;gBAChB,MAAM,EAAE,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC,WAAW,EAAE;gBACpD,KAAK,EAAE,IAAI,CAAC,QAAQ,KAAK,UAAU,IAAI,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS;gBACrF,OAAO,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,OAAO,EAAE;gBAC/B,SAAS,EAAE;oBACT;wBACE,gBAAgB,EAAE;4BAChB,gBAAgB,EAAE,EAAE,GAAG,EAAE,MAAM,CAAC,IAAI,EAAE;4BACtC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,CAAC,IAAI,EAAE;yBACjC;qBACF;iBACF;gBACD,UAAU,EAAE;oBACV,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,QAAQ,EAAE,IAAI,CAAC,QAAQ;iBACxB;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG;QACZ,OAAO,EAAE,gGAAgG;QACzG,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE;YACJ;gBACE,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,YAAY;wBAClB,OAAO,EAAE,OAAO;wBAChB,cAAc,EAAE,qBAAqB;wBACrC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;qBACpC;iBACF;gBACD,OAAO,EAAE,YAAY;aACtB;SACF;KACF,CAAC;IAEF,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;AACxC,CAAC"}

package/dist/index.d.ts

@@ -0,0 +1,9 @@
+/**
+ * cognium-ai - AI-powered static analysis
+ *
+ * Re-exports circle-ir-ai APIs for programmatic use.
+ * For CLI usage, run `cognium-ai` directly.
+ */
+export { version } from './version.js';
+export { analyzeFile, scanDirectory, detectDeadCode, scanForSecrets, calculateHealthScore, analyzeSkillBundle, initAnalyzer, analyze, } from 'circle-ir-ai';
+//# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAGvC,OAAO,EACL,WAAW,EACX,aAAa,EACb,cAAc,EACd,cAAc,EACd,oBAAoB,EACpB,kBAAkB,EAClB,YAAY,EACZ,OAAO,GACR,MAAM,cAAc,CAAC"}

package/dist/index.js

@@ -0,0 +1,10 @@
+/**
+ * cognium-ai - AI-powered static analysis
+ *
+ * Re-exports circle-ir-ai APIs for programmatic use.
+ * For CLI usage, run `cognium-ai` directly.
+ */
+export { version } from './version.js';
+// Re-export key circle-ir-ai APIs
+export { analyzeFile, scanDirectory, detectDeadCode, scanForSecrets, calculateHealthScore, analyzeSkillBundle, initAnalyzer, analyze, } from 'circle-ir-ai';
+//# sourceMappingURL=index.js.map

package/dist/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,OAAO,EAAE,MAAM,cAAc,CAAC;AAEvC,kCAAkC;AAClC,OAAO,EACL,WAAW,EACX,aAAa,EACb,cAAc,EACd,cAAc,EACd,oBAAoB,EACpB,kBAAkB,EAClB,YAAY,EACZ,OAAO,GACR,MAAM,cAAc,CAAC"}

package/dist/utils/args.d.ts

@@ -0,0 +1,12 @@
+/**
+ * Lightweight argument parser
+ */
+export interface ParsedArgs {
+    command?: string;
+    args: string[];
+    options: Record<string, string | boolean>;
+}
+export declare function parseArgs(argv: string[]): ParsedArgs;
+export declare function showHelp(): void;
+export declare function showVersion(version: string): void;
+//# sourceMappingURL=args.d.ts.map

package/dist/utils/args.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"args.d.ts","sourceRoot":"","sources":["../../src/utils/args.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,WAAW,UAAU;IACzB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,EAAE,CAAC;IACf,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,CAAC;CAC3C;AAED,wBAAgB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,UAAU,CAyCpD;AAED,wBAAgB,QAAQ,IAAI,IAAI,CAuD/B;AAED,wBAAgB,WAAW,CAAC,OAAO,EAAE,MAAM,GAAG,IAAI,CAGjD"}

package/dist/utils/args.js

@@ -0,0 +1,109 @@
+/**
+ * Lightweight argument parser
+ */
+export function parseArgs(argv) {
+    const args = [];
+    const options = {};
+    let command;
+    for (let i = 0; i < argv.length; i++) {
+        const arg = argv[i];
+        if (arg.startsWith('--')) {
+            const key = arg.slice(2);
+            if (key.includes('=')) {
+                const [k, v] = key.split('=', 2);
+                options[k] = v;
+            }
+            else {
+                const nextArg = argv[i + 1];
+                if (nextArg && !nextArg.startsWith('-')) {
+                    options[key] = nextArg;
+                    i++;
+                }
+                else {
+                    options[key] = true;
+                }
+            }
+        }
+        else if (arg.startsWith('-') && arg.length === 2) {
+            const key = arg.slice(1);
+            const nextArg = argv[i + 1];
+            if (nextArg && !nextArg.startsWith('-')) {
+                options[key] = nextArg;
+                i++;
+            }
+            else {
+                options[key] = true;
+            }
+        }
+        else {
+            if (!command) {
+                command = arg;
+            }
+            else {
+                args.push(arg);
+            }
+        }
+    }
+    return { command, args, options };
+}
+export function showHelp() {
+    console.log(`
+cognium-ai - AI-powered static analysis with LLM-enhanced vulnerability detection
+
+USAGE:
+  cognium-ai <command> [options]
+
+COMMANDS:
+  scan <path>         Scan for security vulnerabilities (LLM-enhanced by default)
+  dead-code <path>    Detect dead/unreachable code
+  secrets <path>      Scan for secrets and credentials
+  health <path>       Calculate codebase health score
+  skill <path>        Analyze AI skill bundle security
+  init                Initialize a configuration file
+  version             Display version information
+
+SCAN OPTIONS:
+  -l, --language <lang>      Force language (bash|java|javascript|typescript|python|rust)
+  -f, --format <format>      Output format (text|json|sarif) [default: text]
+  --threads <n>              Parallel analysis threads [default: 4]
+  --severity <level>         Filter by severity (low|medium|high|critical)
+  --exclude-tests            Exclude test files and directories
+  --exclude-cwe <cwes>       Exclude specific CWEs (comma-separated)
+  -o, --output <file>        Write results to file
+  -q, --quiet                Suppress progress output
+  -v, --verbose              Show detailed output
+  --no-llm                   Static SAST only (no LLM enrichment)
+  --llm-discovery            Enable LLM discovery mode (deeper analysis)
+
+DEAD-CODE / SECRETS / HEALTH OPTIONS:
+  -f, --format <format>      Output format (text|json) [default: text]
+  -o, --output <file>        Write results to file
+  -q, --quiet                Suppress progress output
+
+SKILL OPTIONS:
+  -o, --output <file>        Write results to file
+
+LLM CONFIGURATION:
+  Set these environment variables for LLM-enhanced analysis:
+    LLM_API_KEY              API key for LLM provider
+    LLM_BASE_URL             LLM API base URL
+    LLM_ENRICHMENT_MODEL     Model to use (default: cognium/gpt-oss-120b)
+
+EXAMPLES:
+  cognium-ai scan src/                          # LLM-enhanced scan
+  cognium-ai scan src/ --no-llm                 # Static-only scan
+  cognium-ai scan app.java -f json -o out.json  # JSON output to file
+  cognium-ai scan . --severity high             # High+ severity only
+  cognium-ai dead-code src/                     # Find dead code
+  cognium-ai secrets .                          # Find secrets
+  cognium-ai health src/                        # Health score
+  cognium-ai skill ./my-mcp-server              # Analyze AI skill
+
+For more information, visit: https://cognium.dev
+`);
+}
+export function showVersion(version) {
+    console.log(`cognium-ai v${version}`);
+    console.log(`Powered by Cognium Labs (circle-ir + circle-ir-ai)`);
+}
+//# sourceMappingURL=args.js.map

package/dist/utils/args.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"args.js","sourceRoot":"","sources":["../../src/utils/args.ts"],"names":[],"mappings":"AAAA;;GAEG;AAQH,MAAM,UAAU,SAAS,CAAC,IAAc;IACtC,MAAM,IAAI,GAAa,EAAE,CAAC;IAC1B,MAAM,OAAO,GAAqC,EAAE,CAAC;IACrD,IAAI,OAA2B,CAAC;IAEhC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACrC,MAAM,GAAG,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC;QAEpB,IAAI,GAAG,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACzB,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtB,MAAM,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;gBACjC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACN,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;gBAC5B,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;oBACxC,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC;oBACvB,CAAC,EAAE,CAAC;gBACN,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;gBACtB,CAAC;YACH,CAAC;QACH,CAAC;aAAM,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACnD,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACzB,MAAM,OAAO,GAAG,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;YAC5B,IAAI,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACxC,OAAO,CAAC,GAAG,CAAC,GAAG,OAAO,CAAC;gBACvB,CAAC,EAAE,CAAC;YACN,CAAC;iBAAM,CAAC;gBACN,OAAO,CAAC,GAAG,CAAC,GAAG,IAAI,CAAC;YACtB,CAAC;QACH,CAAC;aAAM,CAAC;YACN,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,GAAG,GAAG,CAAC;YAChB,CAAC;iBAAM,CAAC;gBACN,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACjB,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;AACpC,CAAC;AAED,MAAM,UAAU,QAAQ;IACtB,OAAO,CAAC,GAAG,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAqDb,CAAC,CAAC;AACH,CAAC;AAED,MAAM,UAAU,WAAW,CAAC,OAAe;IACzC,OAAO,CAAC,GAAG,CAAC,eAAe,OAAO,EAAE,CAAC,CAAC;IACtC,OAAO,CAAC,GAAG,CAAC,oDAAoD,CAAC,CAAC;AACpE,CAAC"}

package/dist/utils/colors.d.ts

@@ -0,0 +1,14 @@
+/**
+ * Lightweight ANSI color utilities
+ */
+export declare const colors: {
+    red: (text: string) => string;
+    green: (text: string) => string;
+    yellow: (text: string) => string;
+    blue: (text: string) => string;
+    cyan: (text: string) => string;
+    magenta: (text: string) => string;
+    bold: (text: string) => string;
+    dim: (text: string) => string;
+};
+//# sourceMappingURL=colors.d.ts.map

package/dist/utils/colors.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"colors.d.ts","sourceRoot":"","sources":["../../src/utils/colors.ts"],"names":[],"mappings":"AAAA;;GAEG;AAYH,eAAO,MAAM,MAAM;gBACL,MAAM;kBACJ,MAAM;mBACL,MAAM;iBACR,MAAM;iBACN,MAAM;oBACH,MAAM;iBACT,MAAM;gBACP,MAAM;CACnB,CAAC"}

package/dist/utils/colors.js

@@ -0,0 +1,22 @@
+/**
+ * Lightweight ANSI color utilities
+ */
+const RESET = '\x1b[0m';
+const BOLD = '\x1b[1m';
+const RED = '\x1b[91m';
+const GREEN = '\x1b[92m';
+const YELLOW = '\x1b[93m';
+const BLUE = '\x1b[94m';
+const CYAN = '\x1b[96m';
+const MAGENTA = '\x1b[95m';
+export const colors = {
+    red: (text) => `${RED}${text}${RESET}`,
+    green: (text) => `${GREEN}${text}${RESET}`,
+    yellow: (text) => `${YELLOW}${text}${RESET}`,
+    blue: (text) => `${BLUE}${text}${RESET}`,
+    cyan: (text) => `${CYAN}${text}${RESET}`,
+    magenta: (text) => `${MAGENTA}${text}${RESET}`,
+    bold: (text) => `${BOLD}${text}${RESET}`,
+    dim: (text) => text,
+};
+//# sourceMappingURL=colors.js.map

package/dist/utils/colors.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"colors.js","sourceRoot":"","sources":["../../src/utils/colors.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,KAAK,GAAG,SAAS,CAAC;AACxB,MAAM,IAAI,GAAG,SAAS,CAAC;AAEvB,MAAM,GAAG,GAAG,UAAU,CAAC;AACvB,MAAM,KAAK,GAAG,UAAU,CAAC;AACzB,MAAM,MAAM,GAAG,UAAU,CAAC;AAC1B,MAAM,IAAI,GAAG,UAAU,CAAC;AACxB,MAAM,IAAI,GAAG,UAAU,CAAC;AACxB,MAAM,OAAO,GAAG,UAAU,CAAC;AAE3B,MAAM,CAAC,MAAM,MAAM,GAAG;IACpB,GAAG,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,GAAG,GAAG,IAAI,GAAG,KAAK,EAAE;IAC9C,KAAK,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,KAAK,GAAG,IAAI,GAAG,KAAK,EAAE;IAClD,MAAM,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,MAAM,GAAG,IAAI,GAAG,KAAK,EAAE;IACpD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,KAAK,EAAE;IAChD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,KAAK,EAAE;IAChD,OAAO,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,OAAO,GAAG,IAAI,GAAG,KAAK,EAAE;IACtD,IAAI,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,GAAG,IAAI,GAAG,IAAI,GAAG,KAAK,EAAE;IAChD,GAAG,EAAE,CAAC,IAAY,EAAE,EAAE,CAAC,IAAI;CAC5B,CAAC"}

package/dist/utils/spinner.d.ts

@@ -0,0 +1,19 @@
+/**
+ * Lightweight spinner utility
+ */
+export declare class Spinner {
+    private _text;
+    private frameIndex;
+    private intervalId?;
+    private isSpinning;
+    constructor(text: string);
+    start(): this;
+    stop(): this;
+    succeed(text?: string): this;
+    fail(text?: string): this;
+    warn(text?: string): this;
+    set text(value: string);
+    get text(): string;
+}
+export declare function spinner(text: string): Spinner;
+//# sourceMappingURL=spinner.d.ts.map

package/dist/utils/spinner.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"spinner.d.ts","sourceRoot":"","sources":["../../src/utils/spinner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAOH,qBAAa,OAAO;IAClB,OAAO,CAAC,KAAK,CAAS;IACtB,OAAO,CAAC,UAAU,CAAK;IACvB,OAAO,CAAC,UAAU,CAAC,CAAiB;IACpC,OAAO,CAAC,UAAU,CAAS;gBAEf,IAAI,EAAE,MAAM;IAIxB,KAAK,IAAI,IAAI;IAiBb,IAAI,IAAI,IAAI;IAgBZ,OAAO,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI;IAO5B,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI;IAOzB,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,GAAG,IAAI;IAOzB,IAAI,IAAI,CAAC,KAAK,EAAE,MAAM,EAErB;IAED,IAAI,IAAI,IAAI,MAAM,CAEjB;CACF;AAED,wBAAgB,OAAO,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAE7C"}

package/dist/utils/spinner.js

@@ -0,0 +1,69 @@
+/**
+ * Lightweight spinner utility
+ */
+const SPINNER_FRAMES = ['\u280B', '\u2819', '\u2839', '\u2838', '\u283C', '\u2834', '\u2826', '\u2827', '\u2807', '\u280F'];
+const CHECKMARK = '\u2714';
+const CROSS = '\u2716';
+const WARNING = '\u26A0';
+export class Spinner {
+    _text;
+    frameIndex = 0;
+    intervalId;
+    isSpinning = false;
+    constructor(text) {
+        this._text = text;
+    }
+    start() {
+        if (this.isSpinning)
+            return this;
+        this.isSpinning = true;
+        this.frameIndex = 0;
+        process.stdout.write('\x1b[?25l');
+        this.intervalId = setInterval(() => {
+            const frame = SPINNER_FRAMES[this.frameIndex];
+            this.frameIndex = (this.frameIndex + 1) % SPINNER_FRAMES.length;
+            process.stdout.write(`\r\x1b[K${frame} ${this._text}`);
+        }, 80);
+        return this;
+    }
+    stop() {
+        if (!this.isSpinning)
+            return this;
+        if (this.intervalId) {
+            clearInterval(this.intervalId);
+            this.intervalId = undefined;
+        }
+        this.isSpinning = false;
+        process.stdout.write('\r\x1b[K');
+        process.stdout.write('\x1b[?25h');
+        return this;
+    }
+    succeed(text) {
+        this.stop();
+        const message = text || this._text;
+        console.log(`\x1b[32m${CHECKMARK}\x1b[0m ${message}`);
+        return this;
+    }
+    fail(text) {
+        this.stop();
+        const message = text || this._text;
+        console.log(`\x1b[31m${CROSS}\x1b[0m ${message}`);
+        return this;
+    }
+    warn(text) {
+        this.stop();
+        const message = text || this._text;
+        console.log(`\x1b[33m${WARNING}\x1b[0m ${message}`);
+        return this;
+    }
+    set text(value) {
+        this._text = value;
+    }
+    get text() {
+        return this._text;
+    }
+}
+export function spinner(text) {
+    return new Spinner(text);
+}
+//# sourceMappingURL=spinner.js.map

package/dist/utils/spinner.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"spinner.js","sourceRoot":"","sources":["../../src/utils/spinner.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,MAAM,cAAc,GAAG,CAAC,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;AAC5H,MAAM,SAAS,GAAG,QAAQ,CAAC;AAC3B,MAAM,KAAK,GAAG,QAAQ,CAAC;AACvB,MAAM,OAAO,GAAG,QAAQ,CAAC;AAEzB,MAAM,OAAO,OAAO;IACV,KAAK,CAAS;IACd,UAAU,GAAG,CAAC,CAAC;IACf,UAAU,CAAkB;IAC5B,UAAU,GAAG,KAAK,CAAC;IAE3B,YAAY,IAAY;QACtB,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC;IACpB,CAAC;IAED,KAAK;QACH,IAAI,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAEjC,IAAI,CAAC,UAAU,GAAG,IAAI,CAAC;QACvB,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;QAEpB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAElC,IAAI,CAAC,UAAU,GAAG,WAAW,CAAC,GAAG,EAAE;YACjC,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9C,IAAI,CAAC,UAAU,GAAG,CAAC,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC,GAAG,cAAc,CAAC,MAAM,CAAC;YAChE,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,KAAK,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC;QACzD,CAAC,EAAE,EAAE,CAAC,CAAC;QAEP,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI;QACF,IAAI,CAAC,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAElC,IAAI,IAAI,CAAC,UAAU,EAAE,CAAC;YACpB,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/B,IAAI,CAAC,UAAU,GAAG,SAAS,CAAC;QAC9B,CAAC;QAED,IAAI,CAAC,UAAU,GAAG,KAAK,CAAC;QAExB,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACjC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAElC,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,CAAC,IAAa;QACnB,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,WAAW,SAAS,WAAW,OAAO,EAAE,CAAC,CAAC;QACtD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,IAAa;QAChB,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,WAAW,KAAK,WAAW,OAAO,EAAE,CAAC,CAAC;QAClD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,IAAa;QAChB,IAAI,CAAC,IAAI,EAAE,CAAC;QACZ,MAAM,OAAO,GAAG,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC;QACnC,OAAO,CAAC,GAAG,CAAC,WAAW,OAAO,WAAW,OAAO,EAAE,CAAC,CAAC;QACpD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,IAAI,CAAC,KAAa;QACpB,IAAI,CAAC,KAAK,GAAG,KAAK,CAAC;IACrB,CAAC;IAED,IAAI,IAAI;QACN,OAAO,IAAI,CAAC,KAAK,CAAC;IACpB,CAAC;CACF;AAED,MAAM,UAAU,OAAO,CAAC,IAAY;IAClC,OAAO,IAAI,OAAO,CAAC,IAAI,CAAC,CAAC;AAC3B,CAAC"}

package/dist/version.d.ts

@@ -0,0 +1,2 @@
+export declare const version = "1.0.0";
+//# sourceMappingURL=version.d.ts.map

package/dist/version.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.d.ts","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,OAAO,UAAU,CAAC"}

package/dist/version.js

@@ -0,0 +1,2 @@
+export const version = '1.0.0';
+//# sourceMappingURL=version.js.map

package/dist/version.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"version.js","sourceRoot":"","sources":["../src/version.ts"],"names":[],"mappings":"AAAA,MAAM,CAAC,MAAM,OAAO,GAAG,OAAO,CAAC"}

package/package.json

@@ -0,0 +1,52 @@
+{
+  "name": "cognium-ai",
+  "version": "1.0.0",
+  "description": "AI-powered static analysis CLI with LLM-enhanced vulnerability detection",
+  "main": "dist/index.js",
+  "types": "dist/index.d.ts",
+  "bin": {
+    "cognium-ai": "dist/cli.js"
+  },
+  "type": "module",
+  "scripts": {
+    "build": "tsc",
+    "prepare": "npm run build",
+    "prepublishOnly": "npm run build",
+    "dev": "tsx src/cli.ts",
+    "test": "vitest run",
+    "typecheck": "tsc --noEmit",
+    "clean": "rm -rf dist *.tsbuildinfo"
+  },
+  "keywords": [
+    "security",
+    "sast",
+    "static-analysis",
+    "vulnerability",
+    "cli",
+    "ai",
+    "llm",
+    "taint-analysis"
+  ],
+  "author": {
+    "name": "Cognium Labs",
+    "url": "https://cognium.dev"
+  },
+  "license": "MIT",
+  "engines": {
+    "node": ">=18.0.0"
+  },
+  "files": [
+    "dist",
+    "README.md",
+    "LICENSE"
+  ],
+  "dependencies": {
+    "circle-ir-ai": "file:../circle-ir-ai"
+  },
+  "devDependencies": {
+    "@types/node": "^22.0.0",
+    "tsx": "^4.19.0",
+    "typescript": "^5.9.3",
+    "vitest": "^3.0.0"
+  }
+}