dotenv-diff 2.3.4 → 2.3.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +28 -0
- package/dist/src/commands/scanUsage.d.ts.map +1 -1
- package/dist/src/commands/scanUsage.js +17 -3
- package/dist/src/commands/scanUsage.js.map +1 -1
- package/dist/src/config/types.d.ts +6 -1
- package/dist/src/config/types.d.ts.map +1 -1
- package/dist/src/config/types.js +2 -0
- package/dist/src/config/types.js.map +1 -1
- package/dist/src/core/envValidator.d.ts +9 -0
- package/dist/src/core/envValidator.d.ts.map +1 -0
- package/dist/src/core/envValidator.js +103 -0
- package/dist/src/core/envValidator.js.map +1 -0
- package/dist/src/core/exampleSecretDetector.d.ts +8 -0
- package/dist/src/core/exampleSecretDetector.d.ts.map +1 -0
- package/dist/src/core/exampleSecretDetector.js +56 -0
- package/dist/src/core/exampleSecretDetector.js.map +1 -0
- package/dist/src/core/processComparisonFile.d.ts +1 -0
- package/dist/src/core/processComparisonFile.d.ts.map +1 -1
- package/dist/src/core/processComparisonFile.js +10 -0
- package/dist/src/core/processComparisonFile.js.map +1 -1
- package/dist/src/core/secretDetectors.d.ts +2 -0
- package/dist/src/core/secretDetectors.d.ts.map +1 -1
- package/dist/src/core/secretDetectors.js +2 -2
- package/dist/src/core/secretDetectors.js.map +1 -1
- package/dist/src/services/codeBaseScanner.js +1 -1
- package/dist/src/services/codeBaseScanner.js.map +1 -1
- package/dist/src/services/scanOutputToConsole.d.ts.map +1 -1
- package/dist/src/services/scanOutputToConsole.js +15 -2
- package/dist/src/services/scanOutputToConsole.js.map +1 -1
- package/dist/src/ui/scan/printEnvWarnings.d.ts +8 -0
- package/dist/src/ui/scan/printEnvWarnings.d.ts.map +1 -0
- package/dist/src/ui/scan/printEnvWarnings.js +20 -0
- package/dist/src/ui/scan/printEnvWarnings.js.map +1 -0
- package/dist/src/ui/scan/printExampleWarnings.d.ts +8 -0
- package/dist/src/ui/scan/printExampleWarnings.d.ts.map +1 -0
- package/dist/src/ui/scan/printExampleWarnings.js +20 -0
- package/dist/src/ui/scan/printExampleWarnings.js.map +1 -0
- package/dist/src/ui/scan/printStats.d.ts +2 -1
- package/dist/src/ui/scan/printStats.d.ts.map +1 -1
- package/dist/src/ui/scan/printStats.js +2 -2
- package/dist/src/ui/scan/printStats.js.map +1 -1
- package/dist/src/ui/shared/printStrictModeError.d.ts +1 -0
- package/dist/src/ui/shared/printStrictModeError.d.ts.map +1 -1
- package/dist/src/ui/shared/printStrictModeError.js +2 -0
- package/dist/src/ui/shared/printStrictModeError.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -82,6 +82,34 @@ You can use the `--strict` flag to treat all warnings as errors. This is useful
|
|
|
82
82
|
dotenv-diff --strict
|
|
83
83
|
```
|
|
84
84
|
|
|
85
|
+
## Sveltekit specific warnings
|
|
86
|
+
|
|
87
|
+
When scanning a SvelteKit project, `dotenv-diff` will warn you about environment variables that are used wrong in sveltekit.
|
|
88
|
+
|
|
89
|
+
for example, if you have `const key = import.meta.env.API_KEY` in a +page.svelte file, you will get a warning to use `VITE_` prefix for client-side usage.
|
|
90
|
+
|
|
91
|
+
You would likely see this waring:
|
|
92
|
+
|
|
93
|
+
```bash
|
|
94
|
+
Environment variable usage issues:
|
|
95
|
+
- PUBLIC_URL (src\routes\+page.ts:1) → Variables accessed through import.meta.env must start with "VITE_"
|
|
96
|
+
```
|
|
97
|
+
|
|
98
|
+
This will help you avoid runtime errors due to misconfigured environment variables in SvelteKit projects.
|
|
99
|
+
|
|
100
|
+
## Detect potential secrets in your .env.example file
|
|
101
|
+
|
|
102
|
+
When you run `dotenv-diff` it will also scan your `.env.example` file for potential secrets, such as API keys or passwords.
|
|
103
|
+
|
|
104
|
+
for example:
|
|
105
|
+
|
|
106
|
+
```bash
|
|
107
|
+
Potential real secrets found in .env.example:
|
|
108
|
+
- API_KEY = "sk_test_4eC39HqLyjWDarjtT1zdp7dc" → Value in .env.example matches a known provider key pattern [high]
|
|
109
|
+
```
|
|
110
|
+
|
|
111
|
+
This helps you avoid accidentally committing sensitive information through your example files.
|
|
112
|
+
|
|
85
113
|
## ignore specific warnings
|
|
86
114
|
|
|
87
115
|
You can use the `dotenv-diff-ignore` comment to ignore specific lines from secret detection. For example:
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanUsage.d.ts","sourceRoot":"","sources":["../../../src/commands/scanUsage.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,gBAAgB,EAGjB,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"scanUsage.d.ts","sourceRoot":"","sources":["../../../src/commands/scanUsage.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EACV,gBAAgB,EAGjB,MAAM,oBAAoB,CAAC;AA4E5B;;;;;;;;;;;GAWG;AACH,wBAAsB,SAAS,CAC7B,IAAI,EAAE,gBAAgB,GACrB,OAAO,CAAC;IAAE,aAAa,EAAE,OAAO,CAAA;CAAE,CAAC,CAiHrC"}
|
|
@@ -6,6 +6,8 @@ import { printMissingExample } from '../ui/scan/printMissingExample.js';
|
|
|
6
6
|
import { processComparisonFile } from '../core/processComparisonFile.js';
|
|
7
7
|
import { printComparisonError } from '../ui/scan/printComparisonError.js';
|
|
8
8
|
import { hasIgnoreComment } from '../core/secretDetectors.js';
|
|
9
|
+
import { validateEnvRules } from '../core/envValidator.js';
|
|
10
|
+
import { detectSecretsInExample } from '../core/exampleSecretDetector.js';
|
|
9
11
|
/**
|
|
10
12
|
* Filters out commented usages from the list.
|
|
11
13
|
* Skipping comments:
|
|
@@ -56,6 +58,7 @@ function calculateStats(scanResult) {
|
|
|
56
58
|
filesScanned: scanResult.stats.filesScanned,
|
|
57
59
|
totalUsages: scanResult.used.length,
|
|
58
60
|
uniqueVariables,
|
|
61
|
+
duration: scanResult.stats.duration,
|
|
59
62
|
};
|
|
60
63
|
return scanResult;
|
|
61
64
|
}
|
|
@@ -80,13 +83,17 @@ export async function scanUsage(opts) {
|
|
|
80
83
|
scanResult.used = skipCommentedUsages(scanResult.used);
|
|
81
84
|
// Measure duration
|
|
82
85
|
const endTime = performance.now();
|
|
83
|
-
scanResult.duration = (endTime - startTime) / 1000; // Convert to seconds
|
|
86
|
+
scanResult.stats.duration = (endTime - startTime) / 1000; // Convert to seconds
|
|
84
87
|
// Recalculate stats after filtering
|
|
85
88
|
calculateStats(scanResult);
|
|
86
89
|
// If user explicitly passed --example flag, but the file doesn't exist:
|
|
87
90
|
if (printMissingExample(opts)) {
|
|
88
91
|
return { exitWithError: true };
|
|
89
92
|
}
|
|
93
|
+
const envWarnings = validateEnvRules(scanResult.used);
|
|
94
|
+
if (envWarnings.length > 0) {
|
|
95
|
+
scanResult.envWarnings = envWarnings;
|
|
96
|
+
}
|
|
90
97
|
// Determine which file to compare against
|
|
91
98
|
const compareFile = determineComparisonFile(opts);
|
|
92
99
|
let envVariables = {};
|
|
@@ -115,6 +122,9 @@ export async function scanUsage(opts) {
|
|
|
115
122
|
removedDuplicates = result.removedDuplicates;
|
|
116
123
|
fixedKeys = result.addedEnv;
|
|
117
124
|
gitignoreUpdated = result.gitignoreUpdated;
|
|
125
|
+
if (result.exampleFull && result.comparedAgainst === '.env.example') {
|
|
126
|
+
scanResult.exampleWarnings = detectSecretsInExample(result.exampleFull);
|
|
127
|
+
}
|
|
118
128
|
}
|
|
119
129
|
}
|
|
120
130
|
// JSON output
|
|
@@ -122,16 +132,20 @@ export async function scanUsage(opts) {
|
|
|
122
132
|
const jsonOutput = createJsonOutput(scanResult, opts, comparedAgainst, Object.keys(envVariables).length);
|
|
123
133
|
console.log(JSON.stringify(jsonOutput, null, 2));
|
|
124
134
|
// Check for high severity secrets
|
|
125
|
-
const hasHighSeveritySecrets = (scanResult.secrets ?? []).some(s => s.severity === 'high');
|
|
135
|
+
const hasHighSeveritySecrets = (scanResult.secrets ?? []).some((s) => s.severity === 'high');
|
|
136
|
+
// Check for high potential secrets in example warnings
|
|
137
|
+
const hasHighSeverityExampleWarnings = (scanResult.exampleWarnings ?? []).some((w) => w.severity === 'high');
|
|
126
138
|
return {
|
|
127
139
|
exitWithError: scanResult.missing.length > 0 ||
|
|
128
140
|
duplicatesFound ||
|
|
129
141
|
hasHighSeveritySecrets ||
|
|
142
|
+
hasHighSeverityExampleWarnings ||
|
|
130
143
|
!!(opts.strict &&
|
|
131
144
|
(scanResult.unused.length > 0 ||
|
|
132
145
|
(scanResult.duplicates?.env?.length ?? 0) > 0 ||
|
|
133
146
|
(scanResult.duplicates?.example?.length ?? 0) > 0 ||
|
|
134
|
-
(scanResult.secrets?.length ?? 0) > 0)
|
|
147
|
+
(scanResult.secrets?.length ?? 0) > 0) ||
|
|
148
|
+
(scanResult.exampleWarnings?.length ?? 0) > 0),
|
|
135
149
|
};
|
|
136
150
|
}
|
|
137
151
|
// Console output
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanUsage.js","sourceRoot":"","sources":["../../../src/commands/scanUsage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAM9D,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AACxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"scanUsage.js","sourceRoot":"","sources":["../../../src/commands/scanUsage.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,gCAAgC,CAAC;AAM9D,OAAO,EAAE,uBAAuB,EAAE,MAAM,oCAAoC,CAAC;AAC7E,OAAO,EAAE,eAAe,EAAE,MAAM,oCAAoC,CAAC;AACrE,OAAO,EAAE,gBAAgB,EAAE,MAAM,2BAA2B,CAAC;AAC7D,OAAO,EAAE,mBAAmB,EAAE,MAAM,mCAAmC,CAAC;AACxE,OAAO,EAAE,qBAAqB,EAAE,MAAM,kCAAkC,CAAC;AACzE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AAC9D,OAAO,EAAE,gBAAgB,EAAE,MAAM,yBAAyB,CAAC;AAC3D,OAAO,EAAE,sBAAsB,EAAE,MAAM,kCAAkC,CAAC;AAE1E;;;;;;;;;;GAUG;AACH,SAAS,mBAAmB,CAAC,MAAkB;IAC7C,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAC9B,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAE9B,OAAO,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;QACzB,IAAI,CAAC,CAAC,CAAC,OAAO;YAAE,OAAO,IAAI,CAAC;QAC5B,MAAM,IAAI,GAAG,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;QAE9B,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC;YAAE,iBAAiB,GAAG,IAAI,CAAC;QACpD,IAAI,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;YACzB,iBAAiB,GAAG,KAAK,CAAC;YAC1B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,uDAAuD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvE,iBAAiB,GAAG,IAAI,CAAC;YACzB,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,qDAAqD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrE,iBAAiB,GAAG,KAAK,CAAC;YAC1B,OAAO,KAAK,CAAC;QACf,CAAC;QAED,IAAI,iBAAiB;YAAE,OAAO,KAAK,CAAC;QAEpC,OAAO,CACL,CAAC,iBAAiB;YAClB,CAAC,+BAA+B,CAAC,IAAI,CAAC,IAAI,CAAC;YAC3C,CAAC,gBAAgB,CAAC,IAAI,CAAC,CACxB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC;AAED;;;;GAIG;AACH,SAAS,cAAc,CAAC,UAAsB;IAC5C,MAAM,eAAe,GAAG,IAAI,GAAG,CAC7B,UAAU,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAW,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CACjD,CAAC,IAAI,CAAC;IAEP,UAAU,CAAC,KAAK,GAAG;QACjB,YAAY,EAAE,UAAU,CAAC,KAAK,CAAC,YAAY;QAC3C,WAAW,EAAE,UAAU,CAAC,IAAI,CAAC,MAAM;QACnC,eAAe;QACf,QAAQ,EAAE,UAAU,CAAC,KAAK,CAAC,QAAQ;KACpC,CAAC;IAEF,OAAO,UAAU,CAAC;AACpB,CAAC;AAED;;;;;;;;;;;GAWG;AACH,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,IAAsB;IAEtB,wBAAwB;IACxB,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAEpC,oBAAoB;IACpB,IAAI,UAAU,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,CAAC;IAE1C,8BAA8B;IAC9B,UAAU,CAAC,IAAI,GAAG,mBAAmB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IAEvD,mBAAmB;IACnB,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAClC,UAAU,CAAC,KAAK,CAAC,QAAQ,GAAG,CAAC,OAAO,GAAG,SAAS,CAAC,GAAG,IAAI,CAAC,CAAC,qBAAqB;IAE/E,oCAAoC;IACpC,cAAc,CAAC,UAAU,CAAC,CAAC;IAE3B,wEAAwE;IACxE,IAAI,mBAAmB,CAAC,IAAI,CAAC,EAAE,CAAC;QAC9B,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;IACjC,CAAC;IAED,MAAM,WAAW,GAAG,gBAAgB,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC;IACtD,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3B,UAAU,CAAC,WAAW,GAAG,WAAW,CAAC;IACvC,CAAC;IAED,0CAA0C;IAC1C,MAAM,WAAW,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,YAAY,GAAuC,EAAE,CAAC;IAC1D,IAAI,eAAe,GAAG,EAAE,CAAC;IACzB,IAAI,eAAe,GAAG,KAAK,CAAC;IAE5B,iDAAiD;IACjD,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,IAAI,SAAS,GAAa,EAAE,CAAC;IAC7B,IAAI,iBAAiB,GAAa,EAAE,CAAC;IACrC,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAE7B,0CAA0C;IAC1C,0FAA0F;IAC1F,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,MAAM,GAAG,qBAAqB,CAAC,UAAU,EAAE,WAAW,EAAE,IAAI,CAAC,CAAC;QAEpE,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;YACjB,MAAM,EAAE,IAAI,EAAE,GAAG,oBAAoB,CACnC,MAAM,CAAC,KAAK,CAAC,OAAO,EACpB,MAAM,CAAC,KAAK,CAAC,UAAU,EACvB,IAAI,CAAC,IAAI,IAAI,KAAK,CACnB,CAAC;YACF,IAAI,IAAI;gBAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC;QAC3C,CAAC;aAAM,CAAC;YACN,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;YAC/B,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;YACnC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;YACzC,eAAe,GAAG,MAAM,CAAC,eAAe,CAAC;YACzC,UAAU,GAAG,MAAM,CAAC,UAAU,CAAC;YAC/B,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;YAC7C,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC;YAC5B,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;YAE3C,IAAI,MAAM,CAAC,WAAW,IAAI,MAAM,CAAC,eAAe,KAAK,cAAc,EAAE,CAAC;gBACpE,UAAU,CAAC,eAAe,GAAG,sBAAsB,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YAC1E,CAAC;QACH,CAAC;IACH,CAAC;IAED,cAAc;IACd,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;QACd,MAAM,UAAU,GAAG,gBAAgB,CACjC,UAAU,EACV,IAAI,EACJ,eAAe,EACf,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,MAAM,CACjC,CAAC;QACF,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAEjD,kCAAkC;QAClC,MAAM,sBAAsB,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,CAC5D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC7B,CAAC;QAEF,uDAAuD;QACvD,MAAM,8BAA8B,GAAG,CAAC,UAAU,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,IAAI,CAC5E,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC7B,CAAC;QAEF,OAAO;YACL,aAAa,EACX,UAAU,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;gBAC7B,eAAe;gBACf,sBAAsB;gBACtB,8BAA8B;gBAC9B,CAAC,CAAC,CACA,IAAI,CAAC,MAAM;oBACX,CAAC,UAAU,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC;wBAC3B,CAAC,UAAU,CAAC,UAAU,EAAE,GAAG,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;wBAC7C,CAAC,UAAU,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC;wBACjD,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;oBACtC,CAAC,UAAU,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC,CAAC,GAAG,CAAC,CAChD;SACJ,CAAC;IACJ,CAAC;IAED,iBAAiB;IACjB,MAAM,MAAM,GAAG,eAAe,CAAC,UAAU,EAAE,IAAI,EAAE,eAAe,EAAE;QAChE,UAAU;QACV,iBAAiB;QACjB,QAAQ,EAAE,SAAS;QACnB,gBAAgB;KACjB,CAAC,CAAC;IAEH,OAAO,EAAE,aAAa,EAAE,MAAM,CAAC,aAAa,IAAI,eAAe,EAAE,CAAC;AACpE,CAAC"}
|
|
@@ -1,4 +1,6 @@
|
|
|
1
1
|
import { type SecretFinding } from '../core/secretDetectors.js';
|
|
2
|
+
import { type EnvWarning } from '../core/envValidator.js';
|
|
3
|
+
import { type ExampleSecretWarning } from '../core/exampleSecretDetector.js';
|
|
2
4
|
export declare const ALLOWED_CATEGORIES: readonly ["missing", "extra", "empty", "mismatch", "duplicate", "gitignore"];
|
|
3
5
|
export type Category = (typeof ALLOWED_CATEGORIES)[number];
|
|
4
6
|
/** Type representing the options for the comparison
|
|
@@ -119,6 +121,7 @@ export interface ScanResult {
|
|
|
119
121
|
filesScanned: number;
|
|
120
122
|
totalUsages: number;
|
|
121
123
|
uniqueVariables: number;
|
|
124
|
+
duration: number;
|
|
122
125
|
};
|
|
123
126
|
secrets: SecretFinding[];
|
|
124
127
|
duplicates: {
|
|
@@ -131,8 +134,9 @@ export interface ScanResult {
|
|
|
131
134
|
count: number;
|
|
132
135
|
}>;
|
|
133
136
|
};
|
|
134
|
-
duration: number;
|
|
135
137
|
hasCsp?: boolean;
|
|
138
|
+
envWarnings?: EnvWarning[];
|
|
139
|
+
exampleWarnings?: ExampleSecretWarning[];
|
|
136
140
|
}
|
|
137
141
|
/** Options for scanning the codebase for environment variable usage. */
|
|
138
142
|
export interface ScanUsageOptions extends ScanOptions {
|
|
@@ -152,6 +156,7 @@ export interface ScanJsonEntry {
|
|
|
152
156
|
filesScanned: number;
|
|
153
157
|
totalUsages: number;
|
|
154
158
|
uniqueVariables: number;
|
|
159
|
+
duration: number;
|
|
155
160
|
};
|
|
156
161
|
missing: Array<{
|
|
157
162
|
variable: string;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAE,KAAK,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAAE,KAAK,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAG7E,eAAO,MAAM,kBAAkB,8EAOrB,CAAC;AAGX,MAAM,MAAM,QAAQ,GAAG,CAAC,OAAO,kBAAkB,CAAC,CAAC,MAAM,CAAC,CAAC;AAE3D;;GAEG;AACH,MAAM,MAAM,OAAO,GAAG;IACpB,WAAW,EAAE,OAAO,CAAC;IACrB,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE,OAAO,CAAC;IACnB,eAAe,EAAE,OAAO,CAAC;IACzB,GAAG,EAAE,OAAO,CAAC;IACb,IAAI,EAAE,OAAO,CAAC;IACd,OAAO,EAAE,MAAM,GAAG,SAAS,CAAC;IAC5B,WAAW,EAAE,MAAM,GAAG,SAAS,CAAC;IAChC,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,GAAG,EAAE,MAAM,CAAC;IACZ,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,SAAS,EAAE,OAAO,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,OAAO,GAAG,SAAS,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,EAAE,OAAO,CAAC;CACpB,CAAC;AAEF;;GAEG;AACH,MAAM,MAAM,UAAU,GAAG;IACvB,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,EAAE,CAAC,EAAE,OAAO,CAAC;IACb,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,MAAM,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC3B,WAAW,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAChC,IAAI,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACzB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,YAAY,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IACjC,UAAU,CAAC,EAAE,OAAO,CAAC;IACrB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,KAAK,CAAC,EAAE,MAAM,GAAG,MAAM,EAAE,CAAC;IAC1B,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,IAAI,CAAC,EAAE,OAAO,CAAC;CAChB,CAAC;AAEF;;;GAGG;AACH,MAAM,MAAM,gBAAgB,GAAG;IAC7B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,CAAC,EAAE;QAAE,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC;IAC7B,UAAU,CAAC,EAAE;QACX,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,OAAO,CAAC,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,CAAC,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC3E,EAAE,CAAC,EAAE,OAAO,CAAC;CACd,CAAC;AAEF;;GAEG;AACH,MAAM,WAAW,QAAQ;IACvB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EACH,aAAa,GACb,iBAAiB,GACjB,WAAW,GACX,MAAM,GACN,MAAM,GACN,MAAM,GACN,KAAK,CAAC;IACV,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,WAAW;IAC1B,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,OAAO,CAAC,EAAE,OAAO,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,SAAS,CAAC,EAAE,OAAO,CAAC;CACrB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,EAAE,CAAC;IACjB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,UAAU,EAAE;QACV,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB,WAAW,CAAC,EAAE,UAAU,EAAE,CAAC;IAC3B,eAAe,CAAC,EAAE,oBAAoB,EAAE,CAAC;CAC1C;AAED,wEAAwE;AACxE,MAAM,WAAW,gBAAiB,SAAQ,WAAW;IACnD,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACjC,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,EAAE,OAAO,CAAC;IACd,UAAU,EAAE,OAAO,CAAC;IACpB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,aAAa;IAC5B,KAAK,EAAE;QACL,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,eAAe,EAAE,MAAM,CAAC;QACxB,QAAQ,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,KAAK,CAAC;QACb,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,KAAK,CAAC;YACZ,IAAI,EAAE,MAAM,CAAC;YACb,IAAI,EAAE,MAAM,CAAC;YACb,OAAO,EAAE,MAAM,CAAC;YAChB,OAAO,EAAE,MAAM,CAAC;SACjB,CAAC,CAAC;KACJ,CAAC,CAAC;IACH,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,CAAC,EAAE,KAAK,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;IAEH,eAAe,CAAC,EAAE,MAAM,CAAC;IACzB,iBAAiB,CAAC,EAAE,MAAM,CAAC;IAC3B,OAAO,CAAC,EAAE,KAAK,CAAC;QACd,IAAI,EAAE,MAAM,CAAC;QACb,IAAI,EAAE,MAAM,CAAC;QACb,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,MAAM,CAAC;KACjB,CAAC,CAAC;IACH,UAAU,CAAC,EAAE;QACX,GAAG,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;QAC5C,OAAO,CAAC,EAAE,KAAK,CAAC;YAAE,GAAG,EAAE,MAAM,CAAC;YAAC,KAAK,EAAE,MAAM,CAAA;SAAE,CAAC,CAAC;KACjD,CAAC;IACF,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAGD,MAAM,WAAW,cAAc;IAC7B,CAAC,QAAQ,EAAE,MAAM,GAAG,QAAQ,EAAE,CAAC;CAChC;AAED,MAAM,WAAW,iBAAiB;IAChC,WAAW,EAAE,OAAO,CAAC;IACrB,GAAG,EAAE,MAAM,CAAC;IACZ,eAAe,CAAC,EAAE,OAAO,CAAC;IAC1B,GAAG,CAAC,EAAE,OAAO,CAAC;IACd,IAAI,CAAC,EAAE,OAAO,CAAC;IACf,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,CAAC,KAAK,EAAE,gBAAgB,KAAK,IAAI,CAAC;IAC5C,IAAI,CAAC,EAAE,QAAQ,EAAE,CAAC;IAClB,SAAS,CAAC,EAAE,OAAO,CAAC;IACpB,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,MAAM,WAAW,GAAG;IACxB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE;QAAE,GAAG,EAAE,OAAO,CAAC;QAAC,OAAO,EAAE,OAAO,CAAA;KAAE,CAAC;IAC3C,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACrC,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,WAAW,CAAC,EAAE,MAAM,EAAE,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACjC,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CAClC,CAAC;AAEF,MAAM,MAAM,QAAQ,GAAG;IACrB,OAAO,EAAE,MAAM,EAAE,CAAC;IAClB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,EAAE,CAAC;IACjB,UAAU,CAAC,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,MAAM,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACtE,aAAa,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACrD,YAAY,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACpD,cAAc,EAAE;QAAE,MAAM,EAAE,cAAc,GAAG,aAAa,CAAA;KAAE,GAAG,IAAI,CAAC;CACnE,CAAC"}
|
package/dist/src/config/types.js
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAsB,MAAM,4BAA4B,CAAC;
|
|
1
|
+
{"version":3,"file":"types.js","sourceRoot":"","sources":["../../../src/config/types.ts"],"names":[],"mappings":"AAAA,OAAO,EAAsB,MAAM,4BAA4B,CAAC;AAChE,OAAO,EAAmB,MAAM,yBAAyB,CAAC;AAC1D,OAAO,EAA6B,MAAM,kCAAkC,CAAC;AAE7E,oCAAoC;AACpC,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,SAAS;IACT,OAAO;IACP,OAAO;IACP,UAAU;IACV,WAAW;IACX,WAAW;CACH,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { EnvUsage } from '../config/types.js';
|
|
2
|
+
export interface EnvWarning {
|
|
3
|
+
variable: string;
|
|
4
|
+
reason: string;
|
|
5
|
+
file: string;
|
|
6
|
+
line: number;
|
|
7
|
+
}
|
|
8
|
+
export declare function validateEnvRules(usages: EnvUsage[]): EnvWarning[];
|
|
9
|
+
//# sourceMappingURL=envValidator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"envValidator.d.ts","sourceRoot":"","sources":["../../../src/core/envValidator.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAEnD,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;CACd;AAED,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,QAAQ,EAAE,GAAG,UAAU,EAAE,CAqHjE"}
|
|
@@ -0,0 +1,103 @@
|
|
|
1
|
+
export function validateEnvRules(usages) {
|
|
2
|
+
const warnings = [];
|
|
3
|
+
for (const u of usages) {
|
|
4
|
+
// import.meta.env needs to start with VITE_
|
|
5
|
+
if (u.pattern === 'import.meta.env') {
|
|
6
|
+
if (!u.variable.startsWith('VITE_')) {
|
|
7
|
+
warnings.push({
|
|
8
|
+
variable: u.variable,
|
|
9
|
+
reason: `Variables accessed through import.meta.env must start with "VITE_"`,
|
|
10
|
+
file: u.file,
|
|
11
|
+
line: u.line,
|
|
12
|
+
});
|
|
13
|
+
}
|
|
14
|
+
continue;
|
|
15
|
+
}
|
|
16
|
+
// process.env cannot start with VITE_
|
|
17
|
+
if (u.pattern === 'process.env') {
|
|
18
|
+
if (u.variable.startsWith('VITE_')) {
|
|
19
|
+
warnings.push({
|
|
20
|
+
variable: u.variable,
|
|
21
|
+
reason: `Variables accessed through process.env cannot start with "VITE_"`,
|
|
22
|
+
file: u.file,
|
|
23
|
+
line: u.line,
|
|
24
|
+
});
|
|
25
|
+
}
|
|
26
|
+
// Check for .svelte files here (before continue)
|
|
27
|
+
if (u.file.endsWith('.svelte')) {
|
|
28
|
+
warnings.push({
|
|
29
|
+
variable: u.variable,
|
|
30
|
+
reason: `Avoid using process.env inside Svelte files — use $env/static/private or $env/static/public`,
|
|
31
|
+
file: u.file,
|
|
32
|
+
line: u.line,
|
|
33
|
+
});
|
|
34
|
+
}
|
|
35
|
+
continue;
|
|
36
|
+
}
|
|
37
|
+
// $env/static/private/* - ALL checks together
|
|
38
|
+
if (u.pattern === 'sveltekit' &&
|
|
39
|
+
u.context.includes('$env/static/private')) {
|
|
40
|
+
// Check 1: VITE_ prefix
|
|
41
|
+
if (u.variable.startsWith('VITE_')) {
|
|
42
|
+
warnings.push({
|
|
43
|
+
variable: u.variable,
|
|
44
|
+
reason: `$env/static/private variables must not start with "VITE_" (private server env)`,
|
|
45
|
+
file: u.file,
|
|
46
|
+
line: u.line,
|
|
47
|
+
});
|
|
48
|
+
}
|
|
49
|
+
// Check 2: Usage in .svelte files
|
|
50
|
+
if (u.file.match(/\.svelte$/)) {
|
|
51
|
+
warnings.push({
|
|
52
|
+
variable: u.variable,
|
|
53
|
+
reason: `Private environment variables cannot be used in Svelte components (.svelte files)`,
|
|
54
|
+
file: u.file,
|
|
55
|
+
line: u.line,
|
|
56
|
+
});
|
|
57
|
+
}
|
|
58
|
+
// Check 3: Usage in +page.ts or +layout.ts
|
|
59
|
+
if (u.file.match(/\+page\.ts$|\+layout\.ts$/)) {
|
|
60
|
+
warnings.push({
|
|
61
|
+
variable: u.variable,
|
|
62
|
+
reason: `Private env vars should only be used in +page.server.ts or +layout.server.ts`,
|
|
63
|
+
file: u.file,
|
|
64
|
+
line: u.line,
|
|
65
|
+
});
|
|
66
|
+
}
|
|
67
|
+
// Check 4: PUBLIC_ prefix in private imports
|
|
68
|
+
if (u.variable.startsWith('PUBLIC_')) {
|
|
69
|
+
warnings.push({
|
|
70
|
+
variable: u.variable,
|
|
71
|
+
reason: `Variables starting with PUBLIC_ may never be used in private env imports`,
|
|
72
|
+
file: u.file,
|
|
73
|
+
line: u.line,
|
|
74
|
+
});
|
|
75
|
+
}
|
|
76
|
+
continue;
|
|
77
|
+
}
|
|
78
|
+
// $env/static/public/*
|
|
79
|
+
if (u.pattern === 'sveltekit' && u.context.includes('$env/static/public')) {
|
|
80
|
+
if (u.variable.startsWith('VITE_')) {
|
|
81
|
+
warnings.push({
|
|
82
|
+
variable: u.variable,
|
|
83
|
+
reason: `$env/static/public variables must not start with "VITE_"`,
|
|
84
|
+
file: u.file,
|
|
85
|
+
line: u.line,
|
|
86
|
+
});
|
|
87
|
+
}
|
|
88
|
+
continue;
|
|
89
|
+
}
|
|
90
|
+
// $env/dynamic/public usage warning
|
|
91
|
+
if (u.pattern === 'sveltekit' &&
|
|
92
|
+
u.context.includes('$env/dynamic/public')) {
|
|
93
|
+
warnings.push({
|
|
94
|
+
variable: u.variable,
|
|
95
|
+
reason: `$env/dynamic/public is strongly discouraged — use $env/static/public instead for build-time safety`,
|
|
96
|
+
file: u.file,
|
|
97
|
+
line: u.line,
|
|
98
|
+
});
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
return warnings;
|
|
102
|
+
}
|
|
103
|
+
//# sourceMappingURL=envValidator.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"envValidator.js","sourceRoot":"","sources":["../../../src/core/envValidator.ts"],"names":[],"mappings":"AASA,MAAM,UAAU,gBAAgB,CAAC,MAAkB;IACjD,MAAM,QAAQ,GAAiB,EAAE,CAAC;IAElC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,4CAA4C;QAC5C,IAAI,CAAC,CAAC,OAAO,KAAK,iBAAiB,EAAE,CAAC;YACpC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACpC,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,oEAAoE;oBAC5E,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YACD,SAAS;QACX,CAAC;QAED,sCAAsC;QACtC,IAAI,CAAC,CAAC,OAAO,KAAK,aAAa,EAAE,CAAC;YAChC,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,kEAAkE;oBAC1E,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YAED,iDAAiD;YACjD,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC/B,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,6FAA6F;oBACrG,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YAED,SAAS;QACX,CAAC;QAED,8CAA8C;QAC9C,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;YACzB,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACzC,CAAC;YACD,wBAAwB;YACxB,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,gFAAgF;oBACxF,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YAED,kCAAkC;YAClC,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC9B,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,mFAAmF;oBAC3F,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YAED,2CAA2C;YAC3C,IAAI,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC;gBAC9C,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,8EAA8E;oBACtF,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YAED,6CAA6C;YAC7C,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBACrC,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,0EAA0E;oBAClF,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YAED,SAAS;QACX,CAAC;QAED,uBAAuB;QACvB,IAAI,CAAC,CAAC,OAAO,KAAK,WAAW,IAAI,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;YAC1E,IAAI,CAAC,CAAC,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,QAAQ,CAAC,IAAI,CAAC;oBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;oBACpB,MAAM,EAAE,0DAA0D;oBAClE,IAAI,EAAE,CAAC,CAAC,IAAI;oBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;iBACb,CAAC,CAAC;YACL,CAAC;YACD,SAAS;QACX,CAAC;QAED,oCAAoC;QACpC,IACE,CAAC,CAAC,OAAO,KAAK,WAAW;YACzB,CAAC,CAAC,OAAO,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACzC,CAAC;YACD,QAAQ,CAAC,IAAI,CAAC;gBACZ,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,MAAM,EAAE,oGAAoG;gBAC5G,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,IAAI,EAAE,CAAC,CAAC,IAAI;aACb,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
export interface ExampleSecretWarning {
|
|
2
|
+
key: string;
|
|
3
|
+
value: string;
|
|
4
|
+
reason: string;
|
|
5
|
+
severity: "high" | "medium" | "low";
|
|
6
|
+
}
|
|
7
|
+
export declare function detectSecretsInExample(env: Record<string, string>): ExampleSecretWarning[];
|
|
8
|
+
//# sourceMappingURL=exampleSecretDetector.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exampleSecretDetector.d.ts","sourceRoot":"","sources":["../../../src/core/exampleSecretDetector.ts"],"names":[],"mappings":"AAMA,MAAM,WAAW,oBAAoB;IACnC,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACrC;AAED,wBAAgB,sBAAsB,CAAC,GAAG,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,oBAAoB,EAAE,CA4D1F"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
import { PROVIDER_PATTERNS, SUSPICIOUS_KEYS } from "./secretDetectors.js";
|
|
2
|
+
import { shannonEntropyNormalized } from "./entropy.js";
|
|
3
|
+
export function detectSecretsInExample(env) {
|
|
4
|
+
const warnings = [];
|
|
5
|
+
for (const [key, rawValue] of Object.entries(env)) {
|
|
6
|
+
if (!rawValue)
|
|
7
|
+
continue;
|
|
8
|
+
const value = rawValue.trim();
|
|
9
|
+
// 1 — Skip placeholders
|
|
10
|
+
if (value === "" ||
|
|
11
|
+
value.toLowerCase() === "example" ||
|
|
12
|
+
value.toLowerCase() === "placeholder" ||
|
|
13
|
+
value.includes("your_") ||
|
|
14
|
+
value.includes("<") ||
|
|
15
|
+
value.includes("CHANGE_ME")) {
|
|
16
|
+
continue;
|
|
17
|
+
}
|
|
18
|
+
// 2 — Check provider patterns (AWS, Stripe, GitHub, JWT etc.)
|
|
19
|
+
for (const rx of PROVIDER_PATTERNS) {
|
|
20
|
+
if (rx.test(value)) {
|
|
21
|
+
warnings.push({
|
|
22
|
+
key,
|
|
23
|
+
value,
|
|
24
|
+
reason: "Value in .env.example matches a known provider key pattern",
|
|
25
|
+
severity: "high"
|
|
26
|
+
});
|
|
27
|
+
continue;
|
|
28
|
+
}
|
|
29
|
+
}
|
|
30
|
+
// 3 — Check suspicious keywords on values
|
|
31
|
+
if (SUSPICIOUS_KEYS.test(key)) {
|
|
32
|
+
if (value.length >= 12) {
|
|
33
|
+
warnings.push({
|
|
34
|
+
key,
|
|
35
|
+
value,
|
|
36
|
+
reason: "Suspicious key name combined with a non-placeholder value",
|
|
37
|
+
severity: "medium"
|
|
38
|
+
});
|
|
39
|
+
}
|
|
40
|
+
}
|
|
41
|
+
// 4 — Check entropy (high randomness → real secret)
|
|
42
|
+
if (value.length >= 24) {
|
|
43
|
+
const entropy = shannonEntropyNormalized(value);
|
|
44
|
+
if (entropy > 0.80) {
|
|
45
|
+
warnings.push({
|
|
46
|
+
key,
|
|
47
|
+
value,
|
|
48
|
+
reason: `High entropy value in .env.example (≈${entropy.toFixed(2)})`,
|
|
49
|
+
severity: entropy > 0.92 ? "high" : "medium"
|
|
50
|
+
});
|
|
51
|
+
}
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
return warnings;
|
|
55
|
+
}
|
|
56
|
+
//# sourceMappingURL=exampleSecretDetector.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"exampleSecretDetector.js","sourceRoot":"","sources":["../../../src/core/exampleSecretDetector.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,iBAAiB,EACjB,eAAe,EAChB,MAAM,sBAAsB,CAAC;AAC9B,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AASxD,MAAM,UAAU,sBAAsB,CAAC,GAA2B;IAChE,MAAM,QAAQ,GAA2B,EAAE,CAAC;IAE5C,KAAK,MAAM,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC;QAClD,IAAI,CAAC,QAAQ;YAAE,SAAS;QAExB,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,EAAE,CAAC;QAE9B,wBAAwB;QACxB,IACE,KAAK,KAAK,EAAE;YACZ,KAAK,CAAC,WAAW,EAAE,KAAK,SAAS;YACjC,KAAK,CAAC,WAAW,EAAE,KAAK,aAAa;YACrC,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC;YACnB,KAAK,CAAC,QAAQ,CAAC,WAAW,CAAC,EAC3B,CAAC;YACD,SAAS;QACX,CAAC;QAED,8DAA8D;QAC9D,KAAK,MAAM,EAAE,IAAI,iBAAiB,EAAE,CAAC;YACnC,IAAI,EAAE,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACnB,QAAQ,CAAC,IAAI,CAAC;oBACZ,GAAG;oBACH,KAAK;oBACL,MAAM,EAAE,4DAA4D;oBACpE,QAAQ,EAAE,MAAM;iBACjB,CAAC,CAAC;gBACH,SAAS;YACX,CAAC;QACH,CAAC;QAED,0CAA0C;QAC1C,IAAI,eAAe,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YAC9B,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;gBACvB,QAAQ,CAAC,IAAI,CAAC;oBACZ,GAAG;oBACH,KAAK;oBACL,MAAM,EAAE,2DAA2D;oBACnE,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,oDAAoD;QACpD,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;YACvB,MAAM,OAAO,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC;YAChD,IAAI,OAAO,GAAG,IAAI,EAAE,CAAC;gBACnB,QAAQ,CAAC,IAAI,CAAC;oBACZ,GAAG;oBACH,KAAK;oBACL,MAAM,EAAE,wCAAwC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG;oBACrE,QAAQ,EAAE,OAAO,GAAG,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;iBAC7C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"processComparisonFile.d.ts","sourceRoot":"","sources":["../../../src/core/processComparisonFile.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEvE,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,UAAU,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACjD,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,OAAO,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,WAAW,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACnD,UAAU,EAAE,OAAO,CAAC;IACpB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,KAAK,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,OAAO,CAAA;KAAE,CAAC;CAClD;AAED;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CACnC,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,EAC3C,IAAI,EAAE,gBAAgB,GACrB,uBAAuB,
|
|
1
|
+
{"version":3,"file":"processComparisonFile.d.ts","sourceRoot":"","sources":["../../../src/core/processComparisonFile.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAEvE,MAAM,WAAW,uBAAuB;IACtC,UAAU,EAAE,UAAU,CAAC;IACvB,YAAY,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,SAAS,CAAC,CAAC;IACjD,eAAe,EAAE,MAAM,CAAC;IACxB,eAAe,EAAE,OAAO,CAAC;IACzB,OAAO,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IAC/C,WAAW,EAAE,KAAK,CAAC;QAAE,GAAG,EAAE,MAAM,CAAC;QAAC,KAAK,EAAE,MAAM,CAAA;KAAE,CAAC,CAAC;IACnD,UAAU,EAAE,OAAO,CAAC;IACpB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,YAAY,EAAE,MAAM,EAAE,CAAC;IACvB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,WAAW,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,SAAS,CAAC;IACjD,KAAK,CAAC,EAAE;QAAE,OAAO,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,OAAO,CAAA;KAAE,CAAC;CAClD;AAED;;;;;;GAMG;AACH,wBAAgB,qBAAqB,CACnC,UAAU,EAAE,UAAU,EACtB,WAAW,EAAE;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAA;CAAE,EAC3C,IAAI,EAAE,gBAAgB,GACrB,uBAAuB,CAgHzB"}
|
|
@@ -23,7 +23,15 @@ export function processComparisonFile(scanResult, compareFile, opts) {
|
|
|
23
23
|
let addedEnv = [];
|
|
24
24
|
let addedExample = [];
|
|
25
25
|
let gitignoreUpdated = false;
|
|
26
|
+
let exampleFull = undefined;
|
|
26
27
|
try {
|
|
28
|
+
// Load .env.example (if exists)
|
|
29
|
+
if (opts.examplePath) {
|
|
30
|
+
const examplePath = resolveFromCwd(opts.cwd, opts.examplePath);
|
|
31
|
+
if (fs.existsSync(examplePath)) {
|
|
32
|
+
exampleFull = parseEnvFile(examplePath);
|
|
33
|
+
}
|
|
34
|
+
}
|
|
27
35
|
// Parse and filter env file
|
|
28
36
|
const envFull = parseEnvFile(compareFile.path);
|
|
29
37
|
const envKeys = filterIgnoredKeys(Object.keys(envFull), opts.ignore, opts.ignoreRegex);
|
|
@@ -85,6 +93,7 @@ export function processComparisonFile(scanResult, compareFile, opts) {
|
|
|
85
93
|
addedEnv,
|
|
86
94
|
addedExample,
|
|
87
95
|
gitignoreUpdated,
|
|
96
|
+
exampleFull,
|
|
88
97
|
error: {
|
|
89
98
|
message: errorMessage,
|
|
90
99
|
shouldExit: opts.isCiMode ?? false,
|
|
@@ -103,6 +112,7 @@ export function processComparisonFile(scanResult, compareFile, opts) {
|
|
|
103
112
|
addedEnv,
|
|
104
113
|
addedExample,
|
|
105
114
|
gitignoreUpdated,
|
|
115
|
+
exampleFull
|
|
106
116
|
};
|
|
107
117
|
}
|
|
108
118
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"processComparisonFile.js","sourceRoot":"","sources":["../../../src/core/processComparisonFile.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;
|
|
1
|
+
{"version":3,"file":"processComparisonFile.js","sourceRoot":"","sources":["../../../src/core/processComparisonFile.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,IAAI,CAAC;AACpB,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACvD,OAAO,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AAC9D,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAmB7D;;;;;;GAMG;AACH,MAAM,UAAU,qBAAqB,CACnC,UAAsB,EACtB,WAA2C,EAC3C,IAAsB;IAEtB,IAAI,YAAY,GAAuC,EAAE,CAAC;IAC1D,IAAI,eAAe,GAAG,EAAE,CAAC;IACzB,IAAI,eAAe,GAAG,KAAK,CAAC;IAC5B,IAAI,OAAO,GAA0C,EAAE,CAAC;IACxD,IAAI,WAAW,GAA0C,EAAE,CAAC;IAC5D,IAAI,UAAU,GAAG,KAAK,CAAC;IACvB,IAAI,iBAAiB,GAAa,EAAE,CAAC;IACrC,IAAI,QAAQ,GAAa,EAAE,CAAC;IAC5B,IAAI,YAAY,GAAa,EAAE,CAAC;IAChC,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAC7B,IAAI,WAAW,GAAuC,SAAS,CAAC;IAEhE,IAAI,CAAC;QACH,gCAAgC;QAChC,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;YACrB,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;YAC/D,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC/B,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC,CAAC;YAC1C,CAAC;QACH,CAAC;QAED,4BAA4B;QAC5B,MAAM,OAAO,GAAG,YAAY,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC;QAC/C,MAAM,OAAO,GAAG,iBAAiB,CAC/B,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EACpB,IAAI,CAAC,MAAM,EACX,IAAI,CAAC,WAAW,CACjB,CAAC;QACF,YAAY,GAAG,MAAM,CAAC,WAAW,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACvE,UAAU,GAAG,mBAAmB,CAAC,UAAU,EAAE,YAAY,CAAC,CAAC;QAC3D,eAAe,GAAG,WAAW,CAAC,IAAI,CAAC;QAEnC,kBAAkB;QAClB,IAAI,CAAC,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1B,MAAM,gBAAgB,GAAG,eAAe,CAAC,WAAW,EAAE,IAAI,CAAC,CAAC;YAC5D,OAAO,GAAG,gBAAgB,CAAC,OAAO,CAAC;YACnC,WAAW,GAAG,gBAAgB,CAAC,WAAW,CAAC;YAC3C,eAAe,GAAG,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,CAAC;QACjE,CAAC;QAED,2DAA2D;QAC3D,IACE,IAAI,CAAC,GAAG;YACR,CAAC,eAAe,IAAI,UAAU,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,CAAC,EAC1D,CAAC;YACD,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,GAAG,UAAU,CAAC;gBACrC,OAAO,EAAE,WAAW,CAAC,IAAI;gBACzB,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC3B,CAAC,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC;oBAC5C,CAAC,CAAC,EAAE;gBACN,WAAW,EAAE,UAAU,CAAC,OAAO;gBAC/B,aAAa,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;gBACxC,eAAe,EAAE,IAAI;aACtB,CAAC,CAAC;YAEH,IAAI,OAAO,EAAE,CAAC;gBACZ,UAAU,GAAG,IAAI,CAAC;gBAClB,iBAAiB,GAAG,MAAM,CAAC,iBAAiB,CAAC;gBAC7C,QAAQ,GAAG,MAAM,CAAC,QAAQ,CAAC;gBAC3B,YAAY,GAAG,MAAM,CAAC,YAAY,CAAC;gBACnC,gBAAgB,GAAG,MAAM,CAAC,gBAAgB,CAAC;gBAE3C,UAAU,CAAC,OAAO,GAAG,EAAE,CAAC;gBACxB,OAAO,GAAG,EAAE,CAAC;gBACb,WAAW,GAAG,EAAE,CAAC;gBACjB,eAAe,GAAG,KAAK,CAAC;YAC1B,CAAC;QACH,CAAC;QAED,0CAA0C;QAC1C,IAAI,eAAe,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;YAClD,IAAI,CAAC,UAAU,CAAC,UAAU;gBAAE,UAAU,CAAC,UAAU,GAAG,EAAE,CAAC;YACvD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC;gBAAE,UAAU,CAAC,UAAU,CAAC,GAAG,GAAG,OAAO,CAAC;YAC5D,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC;gBAAE,UAAU,CAAC,UAAU,CAAC,OAAO,GAAG,WAAW,CAAC;QAC1E,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,YAAY,GAAG,kBAAkB,WAAW,CAAC,IAAI,KAAK,WAAW,CAAC,IAAI,MAAM,KAAK,EAAE,CAAC;QAC1F,OAAO;YACL,UAAU;YACV,YAAY;YACZ,eAAe;YACf,eAAe;YACf,OAAO;YACP,WAAW;YACX,UAAU;YACV,iBAAiB;YACjB,QAAQ;YACR,YAAY;YACZ,gBAAgB;YAChB,WAAW;YACX,KAAK,EAAE;gBACL,OAAO,EAAE,YAAY;gBACrB,UAAU,EAAE,IAAI,CAAC,QAAQ,IAAI,KAAK;aACnC;SACF,CAAC;IACJ,CAAC;IAED,OAAO;QACL,UAAU;QACV,YAAY;QACZ,eAAe;QACf,eAAe;QACf,OAAO;QACP,WAAW;QACX,UAAU;QACV,iBAAiB;QACjB,QAAQ;QACR,YAAY;QACZ,gBAAgB;QAChB,WAAW;KACZ,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CACtB,WAA2C,EAC3C,IAAsB;IAKtB,MAAM,OAAO,GAAG,iBAAiB,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,MAAM,CACxD,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CACV,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;QAC1B,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAC/C,CAAC;IAEF,IAAI,WAAW,GAA0C,EAAE,CAAC;IAE5D,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,MAAM,WAAW,GAAG,cAAc,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC;QAC/D,IAAI,EAAE,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,WAAW,KAAK,WAAW,CAAC,IAAI,EAAE,CAAC;YACnE,WAAW,GAAG,iBAAiB,CAAC,WAAW,CAAC,CAAC,MAAM,CACjD,CAAC,EAAE,GAAG,EAAE,EAAE,EAAE,CACV,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC;gBAC1B,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAC/C,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,CAAC;AAClC,CAAC"}
|
|
@@ -7,6 +7,8 @@ export type SecretFinding = {
|
|
|
7
7
|
snippet: string;
|
|
8
8
|
severity: SecretSeverity;
|
|
9
9
|
};
|
|
10
|
+
export declare const SUSPICIOUS_KEYS: RegExp;
|
|
11
|
+
export declare const PROVIDER_PATTERNS: RegExp[];
|
|
10
12
|
/**
|
|
11
13
|
* Checks if a line has an ignore comment
|
|
12
14
|
* fx: // dotenv-diff-ignore or /* dotenv-diff-ignore *\/ or <!-- dotenv-diff-ignore -->
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretDetectors.d.ts","sourceRoot":"","sources":["../../../src/core/secretDetectors.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAGvD,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,SAAS,GAAG,SAAS,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;CAC1B,CAAC;
|
|
1
|
+
{"version":3,"file":"secretDetectors.d.ts","sourceRoot":"","sources":["../../../src/core/secretDetectors.ts"],"names":[],"mappings":"AAEA,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAGvD,MAAM,MAAM,aAAa,GAAG;IAC1B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,SAAS,GAAG,SAAS,CAAC;IAC5B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,cAAc,CAAC;CAC1B,CAAC;AAGF,eAAO,MAAM,eAAe,QAC6E,CAAC;AAG1G,eAAO,MAAM,iBAAiB,EAAE,MAAM,EAYrC,CAAC;AA6DF;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,MAAM,GAAG,OAAO,CAUtD;AAwFD;;;;;GAKG;AACH,wBAAgB,qBAAqB,CACnC,IAAI,EAAE,MAAM,EACZ,MAAM,EAAE,MAAM,EACd,IAAI,CAAC,EAAE;IAAE,UAAU,CAAC,EAAE,MAAM,EAAE,CAAA;CAAE,GAC/B,aAAa,EAAE,CAwHjB"}
|
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
import { shannonEntropyNormalized } from './entropy.js';
|
|
2
2
|
// Regular expressions for detecting suspicious keys and provider patterns
|
|
3
|
-
const SUSPICIOUS_KEYS = /\b(pass(word)?|secret|token|apikey|api_key|key|auth|bearer|private|client_secret|access[_-]?token)\b/i;
|
|
3
|
+
export const SUSPICIOUS_KEYS = /\b(pass(word)?|secret|token|apikey|api_key|key|auth|bearer|private|client_secret|access[_-]?token)\b/i;
|
|
4
4
|
// Regular expressions for detecting provider patterns
|
|
5
|
-
const PROVIDER_PATTERNS = [
|
|
5
|
+
export const PROVIDER_PATTERNS = [
|
|
6
6
|
/\bAKIA[0-9A-Z]{16}\b/, // AWS access key id
|
|
7
7
|
/\bASIA[0-9A-Z]{16}\b/, // AWS temp key
|
|
8
8
|
/\bghp_[0-9A-Za-z]{30,}\b/, // GitHub token
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"secretDetectors.js","sourceRoot":"","sources":["../../../src/core/secretDetectors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AAcxD,0EAA0E;AAC1E,MAAM,eAAe,
|
|
1
|
+
{"version":3,"file":"secretDetectors.js","sourceRoot":"","sources":["../../../src/core/secretDetectors.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,wBAAwB,EAAE,MAAM,cAAc,CAAC;AAcxD,0EAA0E;AAC1E,MAAM,CAAC,MAAM,eAAe,GAC1B,uGAAuG,CAAC;AAE1G,sDAAsD;AACtD,MAAM,CAAC,MAAM,iBAAiB,GAAa;IACzC,sBAAsB,EAAE,oBAAoB;IAC5C,sBAAsB,EAAE,eAAe;IACvC,0BAA0B,EAAE,eAAe;IAC3C,8BAA8B,EAAE,qBAAqB;IACrD,8BAA8B,EAAE,qBAAqB;IACrD,6BAA6B,EAAE,iBAAiB;IAChD,2BAA2B,EAAE,4BAA4B;IACzD,0CAA0C,EAAE,iBAAiB;IAC7D,uBAAuB,EAAE,mBAAmB;IAC5C,uDAAuD,EAAE,YAAY;IACrE,uBAAuB,EAAE,qBAAqB;CAC/C,CAAC;AAEF,MAAM,YAAY,GAAG,0CAA0C,CAAC;AAEhE,MAAM,aAAa,GAAG,8CAA8C,CAAC;AAErE,0CAA0C;AAC1C,MAAM,aAAa,GAAG;IACpB,sCAAsC;IACtC,kCAAkC;IAClC,iCAAiC;IACjC,mCAAmC;IACnC,iDAAiD,EAAE,gBAAgB;CACpE,CAAC;AAEF;;;;;;GAMG;AACH,SAAS,iBAAiB,CACxB,IAA2B,EAC3B,OAAe,EACf,aAAsB;IAEtB,oCAAoC;IACpC,IAAI,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAC,EAAE,CAAC;QACnD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,uCAAuC;IACvC,IAAI,IAAI,KAAK,SAAS,IAAI,aAAa,IAAI,aAAa,IAAI,EAAE,EAAE,CAAC;QAC/D,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,yCAAyC;IACzC,IAAI,OAAO,CAAC,QAAQ,CAAC,4BAA4B,CAAC,EAAE,CAAC;QACnD,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,sCAAsC;IACtC,IAAI,IAAI,KAAK,SAAS,IAAI,aAAa,IAAI,aAAa,IAAI,EAAE,EAAE,CAAC;QAC/D,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,oBAAoB;IACpB,IAAI,OAAO,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC1C,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,kBAAkB;IAClB,IAAI,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC3C,OAAO,KAAK,CAAC;IACf,CAAC;IAED,0CAA0C;IAC1C,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,IAAY;IAC3C,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAE/B,wDAAwD;IACxD,OAAO,CACL,qCAAqC,CAAC,IAAI,CAAC,UAAU,CAAC;QACtD,2CAA2C,CAAC,IAAI,CAAC,UAAU,CAAC;QAC5D,0CAA0C,CAAC,IAAI,CAAC,UAAU,CAAC;QAC3D,mCAAmC,CAAC,IAAI,CAAC,UAAU,CAAC,CACrD,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,eAAe,CAAC,GAAW,EAAE,UAAqB;IACzD,IAAI,CAAC,UAAU,EAAE,MAAM;QAAE,OAAO,KAAK,CAAC;IAEtC,mCAAmC;IACnC,OAAO,UAAU,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CACjC,GAAG,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,OAAO,CAAC,WAAW,EAAE,CAAC,CAClD,CAAC;AACJ,CAAC;AAGD;;;;GAIG;AACH,SAAS,oBAAoB,CAAC,CAAS;IACrC,OAAO,CACL,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,SAAS;QAC9B,qCAAqC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,YAAY;QAC7D,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,iBAAiB;QACzC,iEAAiE,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,OAAO;QACpF,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,0BAA0B;QAC3D,iCAAiC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,eAAe;QAC5D,qFAAqF,CAAC,IAAI,CACxF,CAAC,CACF,IAAI,gBAAgB;QACrB,4DAA4D,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,gBAAgB;QACxF,+BAA+B,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,aAAa;QACxD,aAAa,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,mBAAmB;KAC3D,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,SAAS,wBAAwB,CAAC,IAAY;IAC5C,2EAA2E;IAC3E,OAAO;IACL,2CAA2C;IAC3C,oCAAoC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC/C,oCAAoC;QACpC,iCAAiC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC5C,+BAA+B;QAC/B,2FAA2F,CAAC,IAAI,CAC9F,IAAI,CACL;QACD,6BAA6B;QAC7B,sCAAsC,CAAC,IAAI,CAAC,IAAI,CAAC,CAClD,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,SAAS,kBAAkB,CAAC,CAAS;IACnC,OAAO,CACL,qDAAqD,CAAC,IAAI,CAAC,CAAC,CAAC;QAC7D,yBAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,CAClC,CAAC;AACJ,CAAC;AAED,2FAA2F;AAC3F,MAAM,wBAAwB,GAAG,IAAa,CAAC;AAE/C;;;;GAIG;AACH,SAAS,aAAa,CAAC,IAAY;IACjC,OAAO,gFAAgF,CAAC,IAAI,CAC1F,IAAI,CACL,CAAC;AACJ,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,qBAAqB,CACnC,IAAY,EACZ,MAAc,EACd,IAAgC;IAEhC,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,wBAAwB,CAAC;IAE7E,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAEpC,IAAI,iBAAiB,GAAG,KAAK,CAAC;IAE9B,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,MAAM,GAAG,CAAC,GAAG,CAAC,CAAC;QACrB,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAE5B,IAAI,uDAAuD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvE,iBAAiB,GAAG,IAAI,CAAC;YACzB,SAAS;QACX,CAAC;QAED,IAAI,qDAAqD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACrE,iBAAiB,GAAG,KAAK,CAAC;YAC1B,SAAS;QACX,CAAC;QAED,8BAA8B;QAC9B,IAAI,iBAAiB;YAAE,SAAS;QAEhC,gBAAgB;QAChB,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAEpC,mCAAmC;QACnC,IAAI,gBAAgB,CAAC,IAAI,CAAC;YAAE,SAAS;QAErC,uBAAuB;QACvB,aAAa,CAAC,SAAS,GAAG,CAAC,CAAC;QAC5B,IAAI,UAAkC,CAAC;QACvC,OAAO,CAAC,UAAU,GAAG,aAAa,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC/C,MAAM,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAChC,IAAI,GAAG,IAAI,CAAC,oBAAoB,CAAC,GAAG,CAAC,EAAE,CAAC;gBACtC,IAAI,eAAe,CAAC,GAAG,EAAE,IAAI,EAAE,UAAU,CAAC;oBAAE,SAAS;gBACrD,MAAM,QAAQ,GAAG,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC;gBAE5D,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI;oBACJ,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,GAAG,QAAQ,4DAA4D;oBAChF,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBAClC,QAAQ,EAAE,QAAQ,KAAK,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK;iBACjD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,wCAAwC;QACxC,IAAI,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,MAAM,CAAC,GAAG,IAAK,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;YAC7C,IACE,CAAC;gBACD,CAAC,CAAC,CAAC,CAAC;gBACJ,CAAC,oBAAoB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC3B,CAAC,wBAAwB,CAAC,IAAI,CAAC;gBAC/B,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,IAAI,EAAE;gBACjB,CAAC,aAAa,CAAC,IAAI,CAAC,EACpB,CAAC;gBACD,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI;oBACJ,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,uDAAuD;oBAChE,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBAClC,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,uBAAuB;QACvB,KAAK,MAAM,EAAE,IAAI,iBAAiB,EAAE,CAAC;YACnC,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBAClB,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI;oBACJ,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,SAAS;oBACf,OAAO,EAAE,oCAAoC;oBAC7C,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBAClC,QAAQ,EAAE,MAAM;iBACjB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,gCAAgC;QAChC,YAAY,CAAC,SAAS,GAAG,CAAC,CAAC;QAC3B,IAAI,EAA0B,CAAC;QAC/B,OAAO,CAAC,EAAE,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YACtC,MAAM,OAAO,GAAG,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC5B,IAAI,oBAAoB,CAAC,OAAO,CAAC;gBAAE,SAAS;YAC5C,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE;gBAAE,SAAS;YAClC,MAAM,GAAG,GAAG,wBAAwB,CAAC,OAAO,CAAC,CAAC;YAC9C,IAAI,GAAG,IAAI,SAAS,EAAE,CAAC;gBACrB,MAAM,OAAO,GAAG,kCAAkC,OAAO,CAAC,MAAM,OAAO,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC;gBACzF,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI;oBACJ,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,SAAS;oBACf,OAAO;oBACP,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC;oBAClC,QAAQ,EAAE,iBAAiB,CAAC,SAAS,EAAE,OAAO,EAAE,OAAO,CAAC,MAAM,CAAC;iBAChE,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IACD,MAAM,cAAc,GAAG,QAAQ,CAAC,MAAM,CACpC,CAAC,CAAC,EAAE,GAAG,EAAE,GAAG,EAAE,EAAE,CACd,GAAG;QACH,GAAG,CAAC,SAAS,CACX,CAAC,KAAK,EAAE,EAAE,CACR,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI;YACrB,KAAK,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI;YACrB,KAAK,CAAC,OAAO,KAAK,CAAC,CAAC,OAAO,CAC9B,CACJ,CAAC;IAEF,OAAO,cAAc,CAAC;AACxB,CAAC"}
|
|
@@ -59,12 +59,12 @@ export async function scanCodebase(opts) {
|
|
|
59
59
|
filesScanned,
|
|
60
60
|
totalUsages: filteredUsages.length,
|
|
61
61
|
uniqueVariables: uniqueVariables.length,
|
|
62
|
+
duration: 0,
|
|
62
63
|
},
|
|
63
64
|
duplicates: {
|
|
64
65
|
env: [],
|
|
65
66
|
example: [],
|
|
66
67
|
},
|
|
67
|
-
duration: 0,
|
|
68
68
|
hasCsp: hasCsp,
|
|
69
69
|
};
|
|
70
70
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"codeBaseScanner.js","sourceRoot":"","sources":["../../../src/services/codeBaseScanner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EACL,qBAAqB,GAEtB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE5C;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAiB;IAClD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE;QACtC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,OAAO,EAAE,CAAC,GAAG,wBAAwB,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,oBAAoB;KACnE,CAAC,CAAC;IAEH,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,MAAM,UAAU,GAAoB,EAAE,CAAC;IAEvC,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAErD,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,MAAM,GAAG,IAAI,CAAC;YAChB,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC3D,SAAS,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;YAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;oBACvD,MAAM,GAAG,GAAG,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;oBAC/D,IAAI,GAAG,CAAC,MAAM;wBAAE,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,iCAAiC;gBACnC,CAAC;YACH,CAAC;YACD,YAAY,EAAE,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,uDAAuD;YACvD,SAAS;QACX,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,KAAK,EAAE,EAAE,CACR,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC;QACrC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAChE,CAAC;IAEF,MAAM,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5E,OAAO;QACL,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,EAAE;QACV,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE;YACL,YAAY;YACZ,WAAW,EAAE,cAAc,CAAC,MAAM;YAClC,eAAe,EAAE,eAAe,CAAC,MAAM;
|
|
1
|
+
{"version":3,"file":"codeBaseScanner.js","sourceRoot":"","sources":["../../../src/services/codeBaseScanner.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,aAAa,CAAC;AAC7B,OAAO,IAAI,MAAM,MAAM,CAAC;AAExB,OAAO,EACL,qBAAqB,GAEtB,MAAM,4BAA4B,CAAC;AACpC,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,wBAAwB,EAAE,MAAM,qBAAqB,CAAC;AAC/D,OAAO,EAAE,QAAQ,EAAE,MAAM,qBAAqB,CAAC;AAC/C,OAAO,EAAE,SAAS,EAAE,MAAM,iBAAiB,CAAC;AAE5C;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,YAAY,CAAC,IAAiB;IAClD,MAAM,KAAK,GAAG,MAAM,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE;QACtC,OAAO,EAAE,IAAI,CAAC,OAAO;QACrB,OAAO,EAAE,CAAC,GAAG,wBAAwB,EAAE,GAAG,IAAI,CAAC,OAAO,CAAC;QACvD,GAAG,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,oBAAoB;KACnE,CAAC,CAAC;IAEH,MAAM,SAAS,GAAe,EAAE,CAAC;IACjC,IAAI,YAAY,GAAG,CAAC,CAAC;IACrB,MAAM,UAAU,GAAoB,EAAE,CAAC;IAEvC,IAAI,MAAM,GAAG,KAAK,CAAC;IAEnB,KAAK,MAAM,QAAQ,IAAI,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAErD,IAAI,CAAC,MAAM,IAAI,cAAc,CAAC,OAAO,CAAC,EAAE,CAAC;gBACvC,MAAM,GAAG,IAAI,CAAC;YAChB,CAAC;YAED,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;YAC3D,SAAS,CAAC,IAAI,CAAC,GAAG,UAAU,CAAC,CAAC;YAC9B,IAAI,IAAI,CAAC,OAAO,EAAE,CAAC;gBACjB,IAAI,CAAC;oBACH,MAAM,YAAY,GAAG,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;oBACvD,MAAM,GAAG,GAAG,qBAAqB,CAAC,YAAY,EAAE,OAAO,EAAE,IAAI,CAAC,CAAC;oBAC/D,IAAI,GAAG,CAAC,MAAM;wBAAE,UAAU,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC;gBAC1C,CAAC;gBAAC,MAAM,CAAC;oBACP,iCAAiC;gBACnC,CAAC;YACH,CAAC;YACD,YAAY,EAAE,CAAC;QACjB,CAAC;QAAC,MAAM,CAAC;YACP,uDAAuD;YACvD,SAAS;QACX,CAAC;IACH,CAAC;IAED,+BAA+B;IAC/B,MAAM,cAAc,GAAG,SAAS,CAAC,MAAM,CACrC,CAAC,KAAK,EAAE,EAAE,CACR,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC;QACrC,CAAC,IAAI,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAChE,CAAC;IAEF,MAAM,eAAe,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;IAE5E,OAAO;QACL,IAAI,EAAE,cAAc;QACpB,OAAO,EAAE,EAAE;QACX,MAAM,EAAE,EAAE;QACV,OAAO,EAAE,UAAU;QACnB,KAAK,EAAE;YACL,YAAY;YACZ,WAAW,EAAE,cAAc,CAAC,MAAM;YAClC,eAAe,EAAE,eAAe,CAAC,MAAM;YACvC,QAAQ,EAAE,CAAC;SACZ;QACD,UAAU,EAAE;YACV,GAAG,EAAE,EAAE;YACP,OAAO,EAAE,EAAE;SACZ;QACD,MAAM,EAAE,MAAM;KACf,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanOutputToConsole.d.ts","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;
|
|
1
|
+
{"version":3,"file":"scanOutputToConsole.d.ts","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,gBAAgB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAiBvE;;;;;;GAMG;AACH,wBAAgB,eAAe,CAC7B,UAAU,EAAE,UAAU,EACtB,IAAI,EAAE,gBAAgB,EACtB,eAAe,EAAE,MAAM,EACvB,UAAU,CAAC,EAAE;IACX,UAAU,EAAE,OAAO,CAAC;IACpB,iBAAiB,EAAE,MAAM,EAAE,CAAC;IAC5B,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,gBAAgB,EAAE,OAAO,CAAC;CAC3B,GACA;IAAE,aAAa,EAAE,OAAO,CAAA;CAAE,CA0J5B"}
|
|
@@ -14,6 +14,8 @@ import { printStrictModeError } from '../ui/shared/printStrictModeError.js';
|
|
|
14
14
|
import { printFixTips } from '../ui/shared/printFixTips.js';
|
|
15
15
|
import { printAutoFix } from '../ui/shared/printAutoFix.js';
|
|
16
16
|
import { printCspWarning } from '../ui/scan/printCspWarning.js';
|
|
17
|
+
import { printEnvWarnings } from '../ui/scan/printEnvWarnings.js';
|
|
18
|
+
import { printExampleWarnings } from '../ui/scan/printExampleWarnings.js';
|
|
17
19
|
/**
|
|
18
20
|
* Outputs the scan results to the console.
|
|
19
21
|
* @param scanResult - The result of the scan.
|
|
@@ -27,7 +29,7 @@ export function outputToConsole(scanResult, opts, comparedAgainst, fixContext) {
|
|
|
27
29
|
const isJson = opts.json ?? false;
|
|
28
30
|
printHeader(comparedAgainst);
|
|
29
31
|
// Show stats if requested
|
|
30
|
-
printStats(scanResult.stats, isJson, opts.showStats ?? true
|
|
32
|
+
printStats(scanResult.stats, isJson, opts.showStats ?? true);
|
|
31
33
|
// Show used variables if any found
|
|
32
34
|
if (scanResult.stats.uniqueVariables > 0) {
|
|
33
35
|
// Show unique variables found
|
|
@@ -39,6 +41,10 @@ export function outputToConsole(scanResult, opts, comparedAgainst, fixContext) {
|
|
|
39
41
|
if (printMissing(scanResult.missing, scanResult.used, comparedAgainst, opts.isCiMode ?? false, isJson)) {
|
|
40
42
|
exitWithError = true;
|
|
41
43
|
}
|
|
44
|
+
if (scanResult.envWarnings && scanResult.envWarnings.length > 0) {
|
|
45
|
+
printEnvWarnings(scanResult.envWarnings, isJson);
|
|
46
|
+
}
|
|
47
|
+
printExampleWarnings(scanResult.exampleWarnings ?? [], isJson);
|
|
42
48
|
// Unused
|
|
43
49
|
printUnused(scanResult.unused, comparedAgainst, opts.showUnused ?? false, isJson);
|
|
44
50
|
// Duplicates
|
|
@@ -48,10 +54,16 @@ export function outputToConsole(scanResult, opts, comparedAgainst, fixContext) {
|
|
|
48
54
|
// CSP warning
|
|
49
55
|
printCspWarning(scanResult.hasCsp, isJson);
|
|
50
56
|
// Check for high severity secrets - ALWAYS exit with error
|
|
51
|
-
const hasHighSeveritySecrets = (scanResult.secrets ?? []).some(s => s.severity === 'high');
|
|
57
|
+
const hasHighSeveritySecrets = (scanResult.secrets ?? []).some((s) => s.severity === 'high');
|
|
52
58
|
if (hasHighSeveritySecrets) {
|
|
53
59
|
exitWithError = true;
|
|
54
60
|
}
|
|
61
|
+
// Check for high severity example secrets - ALWAYS exit with error
|
|
62
|
+
const hasHighSeverityExampleSecrets = (scanResult.exampleWarnings ?? [])
|
|
63
|
+
.some((w) => w.severity === 'high');
|
|
64
|
+
if (hasHighSeverityExampleSecrets) {
|
|
65
|
+
exitWithError = true;
|
|
66
|
+
}
|
|
55
67
|
// Success message for env file comparison
|
|
56
68
|
if (comparedAgainst &&
|
|
57
69
|
scanResult.missing.length === 0 &&
|
|
@@ -77,6 +89,7 @@ export function outputToConsole(scanResult, opts, comparedAgainst, fixContext) {
|
|
|
77
89
|
duplicatesEnv: scanResult.duplicates?.env?.length ?? 0,
|
|
78
90
|
duplicatesEx: scanResult.duplicates?.example?.length ?? 0,
|
|
79
91
|
secrets: scanResult.secrets?.length ?? 0,
|
|
92
|
+
exampleSecrets: scanResult.exampleWarnings?.length ?? 0,
|
|
80
93
|
hasGitignoreIssue,
|
|
81
94
|
}, isJson);
|
|
82
95
|
if (exit)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scanOutputToConsole.js","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"scanOutputToConsole.js","sourceRoot":"","sources":["../../../src/services/scanOutputToConsole.ts"],"names":[],"mappings":"AAAA,OAAO,IAAI,MAAM,MAAM,CAAC;AACxB,OAAO,EAAE,oBAAoB,EAAE,MAAM,UAAU,CAAC;AAChD,OAAO,EAAE,qBAAqB,EAAE,MAAM,gCAAgC,CAAC;AAEvE,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAC1E,OAAO,EAAE,cAAc,EAAE,MAAM,8BAA8B,CAAC;AAC9D,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,WAAW,EAAE,MAAM,2BAA2B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,iCAAiC,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,MAAM,4BAA4B,CAAC;AAC1D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,oBAAoB,EAAE,MAAM,sCAAsC,CAAC;AAC5E,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,YAAY,EAAE,MAAM,8BAA8B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,+BAA+B,CAAC;AAChE,OAAO,EAAE,gBAAgB,EAAE,MAAM,gCAAgC,CAAC;AAClE,OAAO,EAAE,oBAAoB,EAAE,MAAM,oCAAoC,CAAC;AAE1E;;;;;;GAMG;AACH,MAAM,UAAU,eAAe,CAC7B,UAAsB,EACtB,IAAsB,EACtB,eAAuB,EACvB,UAKC;IAED,IAAI,aAAa,GAAG,KAAK,CAAC;IAE1B,+CAA+C;IAC/C,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,IAAI,KAAK,CAAC;IAElC,WAAW,CAAC,eAAe,CAAC,CAAC;IAE7B,0BAA0B;IAC1B,UAAU,CAAC,UAAU,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,SAAS,IAAI,IAAI,CAAC,CAAC;IAE7D,mCAAmC;IACnC,IAAI,UAAU,CAAC,KAAK,CAAC,eAAe,GAAG,CAAC,EAAE,CAAC;QACzC,8BAA8B;QAC9B,oBAAoB,CAAC,UAAU,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;QACvD,sCAAsC;QACtC,cAAc,CAAC,UAAU,CAAC,IAAI,EAAE,IAAI,CAAC,SAAS,IAAI,KAAK,EAAE,MAAM,CAAC,CAAC;IACnE,CAAC;IAED,uDAAuD;IACvD,IACE,YAAY,CACV,UAAU,CAAC,OAAO,EAClB,UAAU,CAAC,IAAI,EACf,eAAe,EACf,IAAI,CAAC,QAAQ,IAAI,KAAK,EACtB,MAAM,CACP,EACD,CAAC;QACD,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,IAAI,UAAU,CAAC,WAAW,IAAI,UAAU,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChE,gBAAgB,CAAC,UAAU,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;IACnD,CAAC;IAED,oBAAoB,CAAC,UAAU,CAAC,eAAe,IAAI,EAAE,EAAE,MAAM,CAAC,CAAC;IAE/D,SAAS;IACT,WAAW,CACT,UAAU,CAAC,MAAM,EACjB,eAAe,EACf,IAAI,CAAC,UAAU,IAAI,KAAK,EACxB,MAAM,CACP,CAAC;IAEF,aAAa;IACb,eAAe,CACb,eAAe,IAAI,MAAM,EACzB,cAAc,EACd,UAAU,CAAC,UAAU,EAAE,GAAG,IAAI,EAAE,EAChC,UAAU,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE,EACpC,MAAM,CACP,CAAC;IAEF,gCAAgC;IAChC,YAAY,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,EAAE,MAAM,CAAC,CAAC;IAE/C,cAAc;IACd,eAAe,CAAC,UAAU,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAE3C,2DAA2D;IAC3D,MAAM,sBAAsB,GAAG,CAAC,UAAU,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,IAAI,CAC5D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAC7B,CAAC;IAEF,IAAI,sBAAsB,EAAE,CAAC;QAC3B,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IAED,mEAAmE;IACrE,MAAM,6BAA6B,GAAG,CAAC,UAAU,CAAC,eAAe,IAAI,EAAE,CAAC;SACrE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;IAEtC,IAAI,6BAA6B,EAAE,CAAC;QAClC,aAAa,GAAG,IAAI,CAAC;IACvB,CAAC;IAEC,0CAA0C;IAC1C,IACE,eAAe;QACf,UAAU,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC;QAC/B,CAAC,UAAU,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC,CAAC,KAAK,CAAC;QACvC,UAAU,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,EAC1B,CAAC;QACD,YAAY,CACV,MAAM,EACN,MAAM,EACN,eAAe,EACf,UAAU,CAAC,MAAM,EACjB,IAAI,CAAC,UAAU,IAAI,IAAI,CACxB,CAAC;IACJ,CAAC;IAED,kBAAkB;IAClB,MAAM,cAAc,GAAG,oBAAoB,CAAC;QAC1C,GAAG,EAAE,IAAI,CAAC,GAAG;QACb,OAAO,EAAE,MAAM;KAChB,CAAC,CAAC;IAEH,IAAI,cAAc,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QACjC,qBAAqB,CAAC;YACpB,OAAO,EAAE,MAAM;YACf,MAAM,EAAE,cAAc,CAAC,MAAM;SAC9B,CAAC,CAAC;IACL,CAAC;IAED,MAAM,iBAAiB,GAAG,cAAc,KAAK,IAAI,CAAC;IAElD,IAAI,IAAI,CAAC,MAAM,EAAE,CAAC;QAChB,MAAM,IAAI,GAAG,oBAAoB,CAC/B;YACE,MAAM,EAAE,UAAU,CAAC,MAAM,CAAC,MAAM;YAChC,aAAa,EAAE,UAAU,CAAC,UAAU,EAAE,GAAG,EAAE,MAAM,IAAI,CAAC;YACtD,YAAY,EAAE,UAAU,CAAC,UAAU,EAAE,OAAO,EAAE,MAAM,IAAI,CAAC;YACzD,OAAO,EAAE,UAAU,CAAC,OAAO,EAAE,MAAM,IAAI,CAAC;YACxC,cAAc,EAAE,UAAU,CAAC,eAAe,EAAE,MAAM,IAAI,CAAC;YACvD,iBAAiB;SAClB,EACD,MAAM,CACP,CAAC;QAEF,IAAI,IAAI;YAAE,aAAa,GAAG,IAAI,CAAC;IACjC,CAAC;IAED,IAAI,IAAI,CAAC,GAAG,IAAI,UAAU,EAAE,CAAC;QAC3B,YAAY,CACV,UAAU,CAAC,UAAU,EACrB;YACE,iBAAiB,EAAE,UAAU,CAAC,iBAAiB;YAC/C,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,YAAY,EAAE,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE;SAC1D,EACD,eAAe,IAAI,MAAM,EACzB,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,cAAc,EACnE,MAAM,EACN,UAAU,CAAC,gBAAgB,CAC5B,CAAC;IACJ,CAAC;IAED,gCAAgC;IAChC,YAAY,CACV;QACE,OAAO,EAAE,UAAU,CAAC,OAAO;QAC3B,aAAa,EAAE,UAAU,CAAC,UAAU,EAAE,GAAG,IAAI,EAAE;QAC/C,YAAY,EAAE,UAAU,CAAC,UAAU,EAAE,OAAO,IAAI,EAAE;QAClD,cAAc,EAAE,iBAAiB,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,aAAa,EAAE,CAAC,CAAC,CAAC,IAAI;KACrE,EACD,iBAAiB,EACjB,MAAM,EACN,IAAI,CAAC,GAAG,IAAI,KAAK,CAClB,CAAC;IAEF,OAAO,EAAE,aAAa,EAAE,CAAC;AAC3B,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { EnvWarning } from '../../core/envValidator.js';
|
|
2
|
+
/**
|
|
3
|
+
* Prints environment variable usage warnings to the console.
|
|
4
|
+
* @param warnings - List of environment variable warnings
|
|
5
|
+
* @param json - Whether to output in JSON format
|
|
6
|
+
*/
|
|
7
|
+
export declare function printEnvWarnings(warnings: EnvWarning[], json: boolean): void;
|
|
8
|
+
//# sourceMappingURL=printEnvWarnings.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"printEnvWarnings.d.ts","sourceRoot":"","sources":["../../../../src/ui/scan/printEnvWarnings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,4BAA4B,CAAC;AAE7D;;;;GAIG;AACH,wBAAgB,gBAAgB,CAAC,QAAQ,EAAE,UAAU,EAAE,EAAE,IAAI,EAAE,OAAO,QAiBrE"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import chalk from 'chalk';
|
|
2
|
+
/**
|
|
3
|
+
* Prints environment variable usage warnings to the console.
|
|
4
|
+
* @param warnings - List of environment variable warnings
|
|
5
|
+
* @param json - Whether to output in JSON format
|
|
6
|
+
*/
|
|
7
|
+
export function printEnvWarnings(warnings, json) {
|
|
8
|
+
if (!warnings || warnings.length === 0)
|
|
9
|
+
return;
|
|
10
|
+
if (json) {
|
|
11
|
+
console.log(JSON.stringify({ envWarnings: warnings }, null, 2));
|
|
12
|
+
return;
|
|
13
|
+
}
|
|
14
|
+
console.log(chalk.yellow('⚠️ Environment variable usage issues:'));
|
|
15
|
+
for (const w of warnings) {
|
|
16
|
+
console.log(chalk.yellow(` - ${w.variable} (${w.file}:${w.line}) → ${w.reason}`));
|
|
17
|
+
}
|
|
18
|
+
console.log();
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=printEnvWarnings.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"printEnvWarnings.js","sourceRoot":"","sources":["../../../../src/ui/scan/printEnvWarnings.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B;;;;GAIG;AACH,MAAM,UAAU,gBAAgB,CAAC,QAAsB,EAAE,IAAa;IACpE,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE/C,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,WAAW,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAChE,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,wCAAwC,CAAC,CAAC,CAAC;IAEpE,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,CAAC,MAAM,EAAE,CAAC,CACvE,CAAC;IACJ,CAAC;IAED,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC"}
|
|
@@ -0,0 +1,8 @@
|
|
|
1
|
+
import type { ExampleSecretWarning } from '../../core/exampleSecretDetector';
|
|
2
|
+
/**
|
|
3
|
+
* Prints example file secret warnings to the console.
|
|
4
|
+
* @param warnings - List of example file secret warnings
|
|
5
|
+
* @param json - Whether to output in JSON format
|
|
6
|
+
*/
|
|
7
|
+
export declare function printExampleWarnings(warnings: ExampleSecretWarning[], json: boolean): void;
|
|
8
|
+
//# sourceMappingURL=printExampleWarnings.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"printExampleWarnings.d.ts","sourceRoot":"","sources":["../../../../src/ui/scan/printExampleWarnings.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,oBAAoB,EAAE,MAAM,kCAAkC,CAAC;AAE7E;;;;GAIG;AACH,wBAAgB,oBAAoB,CAClC,QAAQ,EAAE,oBAAoB,EAAE,EAChC,IAAI,EAAE,OAAO,QAgBd"}
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
import chalk from 'chalk';
|
|
2
|
+
/**
|
|
3
|
+
* Prints example file secret warnings to the console.
|
|
4
|
+
* @param warnings - List of example file secret warnings
|
|
5
|
+
* @param json - Whether to output in JSON format
|
|
6
|
+
*/
|
|
7
|
+
export function printExampleWarnings(warnings, json) {
|
|
8
|
+
if (!warnings || warnings.length === 0)
|
|
9
|
+
return;
|
|
10
|
+
if (json) {
|
|
11
|
+
console.log(JSON.stringify({ exampleWarnings: warnings }, null, 2));
|
|
12
|
+
return;
|
|
13
|
+
}
|
|
14
|
+
console.log(chalk.yellow('🚨 Potential real secrets found in .env.example:'));
|
|
15
|
+
for (const w of warnings) {
|
|
16
|
+
console.log(chalk.yellow(` - ${w.key} = "${w.value}" → ${w.reason} [${w.severity}]`));
|
|
17
|
+
}
|
|
18
|
+
console.log();
|
|
19
|
+
}
|
|
20
|
+
//# sourceMappingURL=printExampleWarnings.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"printExampleWarnings.js","sourceRoot":"","sources":["../../../../src/ui/scan/printExampleWarnings.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAG1B;;;;GAIG;AACH,MAAM,UAAU,oBAAoB,CAClC,QAAgC,EAChC,IAAa;IAEb,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE/C,IAAI,IAAI,EAAE,CAAC;QACT,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,eAAe,EAAE,QAAQ,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QACpE,OAAO;IACT,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,kDAAkD,CAAC,CAAC,CAAC;IAC9E,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,KAAK,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,QAAQ,GAAG,CAAC,CAC3E,CAAC;IACJ,CAAC;IACD,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC"}
|
|
@@ -2,6 +2,7 @@ export interface ScanStats {
|
|
|
2
2
|
filesScanned: number;
|
|
3
3
|
totalUsages: number;
|
|
4
4
|
uniqueVariables: number;
|
|
5
|
+
duration: number;
|
|
5
6
|
}
|
|
6
7
|
/**
|
|
7
8
|
* Print scan statistics for codebase scanning.
|
|
@@ -9,5 +10,5 @@ export interface ScanStats {
|
|
|
9
10
|
* @param json Whether to output in JSON format
|
|
10
11
|
* @param showStats Whether to show statistics
|
|
11
12
|
*/
|
|
12
|
-
export declare function printStats(stats: ScanStats, json: boolean, showStats: boolean
|
|
13
|
+
export declare function printStats(stats: ScanStats, json: boolean, showStats: boolean): void;
|
|
13
14
|
//# sourceMappingURL=printStats.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"printStats.d.ts","sourceRoot":"","sources":["../../../../src/ui/scan/printStats.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,SAAS;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;
|
|
1
|
+
{"version":3,"file":"printStats.d.ts","sourceRoot":"","sources":["../../../../src/ui/scan/printStats.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,SAAS;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC;IACxB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;;;GAKG;AACH,wBAAgB,UAAU,CACxB,KAAK,EAAE,SAAS,EAChB,IAAI,EAAE,OAAO,EACb,SAAS,EAAE,OAAO,QAWnB"}
|
|
@@ -5,14 +5,14 @@ import chalk from 'chalk';
|
|
|
5
5
|
* @param json Whether to output in JSON format
|
|
6
6
|
* @param showStats Whether to show statistics
|
|
7
7
|
*/
|
|
8
|
-
export function printStats(stats, json, showStats
|
|
8
|
+
export function printStats(stats, json, showStats) {
|
|
9
9
|
if (json || !showStats)
|
|
10
10
|
return;
|
|
11
11
|
console.log(chalk.magenta('📊 Scan Statistics:'));
|
|
12
12
|
console.log(chalk.magenta.dim(` Files scanned: ${stats.filesScanned}`));
|
|
13
13
|
console.log(chalk.magenta.dim(` Total usages found: ${stats.totalUsages}`));
|
|
14
14
|
console.log(chalk.magenta.dim(` Unique variables: ${stats.uniqueVariables}`));
|
|
15
|
-
console.log(chalk.magenta.dim(` Scan duration: ${duration.toFixed(2)}s`));
|
|
15
|
+
console.log(chalk.magenta.dim(` Scan duration: ${stats.duration.toFixed(2)}s`));
|
|
16
16
|
console.log();
|
|
17
17
|
}
|
|
18
18
|
//# sourceMappingURL=printStats.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"printStats.js","sourceRoot":"","sources":["../../../../src/ui/scan/printStats.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"printStats.js","sourceRoot":"","sources":["../../../../src/ui/scan/printStats.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAS1B;;;;;GAKG;AACH,MAAM,UAAU,UAAU,CACxB,KAAgB,EAChB,IAAa,EACb,SAAkB;IAElB,IAAI,IAAI,IAAI,CAAC,SAAS;QAAE,OAAO;IAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,qBAAqB,CAAC,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;IAC1E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,0BAA0B,KAAK,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IAC9E,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,wBAAwB,KAAK,CAAC,eAAe,EAAE,CAAC,CACnE,CAAC;IACF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,qBAAqB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAClF,OAAO,CAAC,GAAG,EAAE,CAAC;AAChB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"printStrictModeError.d.ts","sourceRoot":"","sources":["../../../../src/ui/shared/printStrictModeError.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,iBAAiB,EAAE,OAAO,CAAC;CAC5B;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,iBAAiB,EACtB,IAAI,EAAE,OAAO,GACZ,OAAO,
|
|
1
|
+
{"version":3,"file":"printStrictModeError.d.ts","sourceRoot":"","sources":["../../../../src/ui/shared/printStrictModeError.ts"],"names":[],"mappings":"AAEA,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,iBAAiB,EAAE,OAAO,CAAC;CAC5B;AAED;;;;;;GAMG;AACH,wBAAgB,oBAAoB,CAClC,GAAG,EAAE,iBAAiB,EACtB,IAAI,EAAE,OAAO,GACZ,OAAO,CAoBT"}
|
|
@@ -18,6 +18,8 @@ export function printStrictModeError(ctx, json) {
|
|
|
18
18
|
warnings.push('duplicate keys in example');
|
|
19
19
|
if (ctx.secrets > 0)
|
|
20
20
|
warnings.push('potential secrets');
|
|
21
|
+
if (ctx.exampleSecrets > 0)
|
|
22
|
+
warnings.push('secrets in .env.example');
|
|
21
23
|
if (ctx.hasGitignoreIssue)
|
|
22
24
|
warnings.push('.env not ignored by git');
|
|
23
25
|
if (warnings.length === 0)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"printStrictModeError.js","sourceRoot":"","sources":["../../../../src/ui/shared/printStrictModeError.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;
|
|
1
|
+
{"version":3,"file":"printStrictModeError.js","sourceRoot":"","sources":["../../../../src/ui/shared/printStrictModeError.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAW1B;;;;;;GAMG;AACH,MAAM,UAAU,oBAAoB,CAClC,GAAsB,EACtB,IAAa;IAEb,IAAI,IAAI;QAAE,OAAO,KAAK,CAAC;IAEvB,MAAM,QAAQ,GAAa,EAAE,CAAC;IAE9B,IAAI,GAAG,CAAC,MAAM,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IACtD,IAAI,GAAG,CAAC,aAAa,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IAClE,IAAI,GAAG,CAAC,YAAY,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;IACrE,IAAI,GAAG,CAAC,OAAO,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACxD,IAAI,GAAG,CAAC,cAAc,GAAG,CAAC;QAAE,QAAQ,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACrE,IAAI,GAAG,CAAC,iBAAiB;QAAE,QAAQ,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IAEpE,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IAExC,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CAAC,uCAAuC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CACxE,CAAC;IACF,OAAO,CAAC,GAAG,EAAE,CAAC;IAEd,OAAO,IAAI,CAAC;AACd,CAAC"}
|