npm - driftdetect-core - Versions diffs - 0.6.1 → 0.7.0 - Mend

driftdetect-core 0.6.1 → 0.7.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (138) hide show

package/dist/constants/analysis/security-scanner.js ADDED Viewed

@@ -0,0 +1,429 @@
+/**
+ * Security Scanner for Constants
+ *
+ * Detects potential hardcoded secrets, credentials, and sensitive
+ * values in constants.
+ */
+/**
+ * Default security scan config
+ */
+export const DEFAULT_SECURITY_SCAN_CONFIG = {
+    enableEntropyDetection: true,
+    entropyThreshold: 4.5,
+    customPatterns: [],
+    allowlistPatterns: [
+        '**/test/**',
+        '**/*.test.*',
+        '**/*.spec.*',
+        '**/mock/**',
+        '**/fixture/**',
+    ],
+    allowlistValues: [
+        /^test/i,
+        /^mock/i,
+        /^fake/i,
+        /^dummy/i,
+        /^example/i,
+        /^placeholder/i,
+        /^xxx+$/i,
+        /^\*+$/,
+    ],
+};
+/**
+ * Built-in secret patterns
+ */
+const BUILTIN_PATTERNS = [
+    // API Keys
+    {
+        name: 'AWS Access Key',
+        valuePattern: /^AKIA[0-9A-Z]{16}$/,
+        type: 'aws_key',
+        severity: 'critical',
+    },
+    {
+        name: 'AWS Secret Key',
+        namePattern: /aws.*secret/i,
+        type: 'aws_key',
+        severity: 'critical',
+    },
+    {
+        name: 'Stripe API Key',
+        valuePattern: /^sk_(?:live|test)_[0-9a-zA-Z]{24,}$/,
+        type: 'stripe_key',
+        severity: 'critical',
+    },
+    {
+        name: 'Stripe Publishable Key',
+        valuePattern: /^pk_(?:live|test)_[0-9a-zA-Z]{24,}$/,
+        type: 'stripe_key',
+        severity: 'medium',
+    },
+    {
+        name: 'GitHub Token',
+        valuePattern: /^gh[pousr]_[A-Za-z0-9_]{36,}$/,
+        type: 'github_token',
+        severity: 'critical',
+    },
+    {
+        name: 'GitHub Personal Access Token',
+        valuePattern: /^github_pat_[A-Za-z0-9_]{22,}$/,
+        type: 'github_token',
+        severity: 'critical',
+    },
+    // Generic patterns by name
+    {
+        name: 'API Key',
+        namePattern: /(?:api[_-]?key|apikey)/i,
+        type: 'api_key',
+        severity: 'high',
+    },
+    {
+        name: 'Secret Key',
+        namePattern: /(?:secret[_-]?key|secretkey)/i,
+        type: 'secret_key',
+        severity: 'high',
+    },
+    {
+        name: 'Password',
+        namePattern: /(?:password|passwd|pwd)/i,
+        type: 'password',
+        severity: 'critical',
+    },
+    {
+        name: 'Private Key',
+        namePattern: /(?:private[_-]?key|privatekey)/i,
+        type: 'private_key',
+        severity: 'critical',
+    },
+    {
+        name: 'Access Token',
+        namePattern: /(?:access[_-]?token|accesstoken)/i,
+        type: 'token',
+        severity: 'high',
+    },
+    {
+        name: 'Auth Token',
+        namePattern: /(?:auth[_-]?token|authtoken)/i,
+        type: 'token',
+        severity: 'high',
+    },
+    {
+        name: 'Bearer Token',
+        namePattern: /(?:bearer[_-]?token|bearertoken)/i,
+        type: 'token',
+        severity: 'high',
+    },
+    {
+        name: 'Refresh Token',
+        namePattern: /(?:refresh[_-]?token|refreshtoken)/i,
+        type: 'token',
+        severity: 'high',
+    },
+    {
+        name: 'Connection String',
+        namePattern: /(?:connection[_-]?string|connstring|conn[_-]?str)/i,
+        type: 'connection_string',
+        severity: 'critical',
+    },
+    {
+        name: 'Database URL',
+        namePattern: /(?:database[_-]?url|db[_-]?url)/i,
+        type: 'connection_string',
+        severity: 'critical',
+    },
+    // Value patterns
+    {
+        name: 'Private Key Block',
+        valuePattern: /-----BEGIN (?:RSA |EC |DSA |OPENSSH )?PRIVATE KEY-----/,
+        type: 'private_key',
+        severity: 'critical',
+    },
+    {
+        name: 'Certificate',
+        valuePattern: /-----BEGIN CERTIFICATE-----/,
+        type: 'certificate',
+        severity: 'high',
+    },
+    {
+        name: 'Connection String with Password',
+        valuePattern: /(?:mongodb|mysql|postgres|redis):\/\/[^:]+:[^@]+@/i,
+        type: 'connection_string',
+        severity: 'critical',
+    },
+    {
+        name: 'Basic Auth Header',
+        valuePattern: /^Basic [A-Za-z0-9+/=]{10,}$/,
+        type: 'token',
+        severity: 'high',
+    },
+    {
+        name: 'Bearer Auth Header',
+        valuePattern: /^Bearer [A-Za-z0-9._-]{10,}$/,
+        type: 'token',
+        severity: 'high',
+    },
+];
+/**
+ * Security scanner for constants
+ */
+export class ConstantSecurityScanner {
+    config;
+    patterns;
+    constructor(config = {}) {
+        this.config = { ...DEFAULT_SECURITY_SCAN_CONFIG, ...config };
+        this.patterns = [...BUILTIN_PATTERNS, ...this.config.customPatterns];
+    }
+    /**
+     * Scan constants for potential secrets
+     */
+    scan(constants) {
+        const startTime = performance.now();
+        const secrets = [];
+        const bySeverity = {
+            info: 0,
+            low: 0,
+            medium: 0,
+            high: 0,
+            critical: 0,
+        };
+        for (const constant of constants) {
+            // Skip allowlisted files
+            if (this.isAllowlistedFile(constant.file)) {
+                continue;
+            }
+            // Skip if value is allowlisted
+            if (this.isAllowlistedValue(constant.value)) {
+                continue;
+            }
+            const secret = this.analyzeConstant(constant);
+            if (secret) {
+                secrets.push(secret);
+                bySeverity[secret.severity]++;
+            }
+        }
+        // Sort by severity (critical first)
+        const severityOrder = ['critical', 'high', 'medium', 'low', 'info'];
+        secrets.sort((a, b) => severityOrder.indexOf(a.severity) - severityOrder.indexOf(b.severity));
+        return {
+            secrets,
+            totalScanned: constants.length,
+            scanTimeMs: performance.now() - startTime,
+            bySeverity,
+        };
+    }
+    /**
+     * Analyze a single constant for secrets
+     */
+    analyzeConstant(constant) {
+        const value = constant.value;
+        const valueStr = typeof value === 'string' ? value : String(value ?? '');
+        // Check against patterns
+        for (const pattern of this.patterns) {
+            // Check name pattern
+            if (pattern.namePattern && pattern.namePattern.test(constant.name)) {
+                // Only flag if value looks like a real secret (not empty/placeholder)
+                if (this.looksLikeRealSecret(valueStr)) {
+                    return this.createSecret(constant, pattern.type, pattern.severity, pattern.name);
+                }
+            }
+            // Check value pattern
+            if (pattern.valuePattern && pattern.valuePattern.test(valueStr)) {
+                return this.createSecret(constant, pattern.type, pattern.severity, pattern.name);
+            }
+        }
+        // Entropy-based detection for string values
+        if (this.config.enableEntropyDetection && typeof value === 'string') {
+            const entropy = this.calculateEntropy(value);
+            if (entropy >= this.config.entropyThreshold && value.length >= 16) {
+                // High entropy string - might be a secret
+                // Check if name suggests it's a secret
+                if (this.nameSuggestsSecret(constant.name)) {
+                    return this.createSecret(constant, 'generic_secret', 'medium', `High entropy value (${entropy.toFixed(2)})`);
+                }
+            }
+        }
+        return null;
+    }
+    /**
+     * Create a potential secret object
+     */
+    createSecret(constant, type, severity, _detectedBy) {
+        const value = constant.value;
+        const valueStr = typeof value === 'string' ? value : String(value ?? '');
+        return {
+            constantId: constant.id,
+            name: constant.name,
+            file: constant.file,
+            line: constant.line,
+            maskedValue: this.maskValue(valueStr),
+            secretType: type,
+            severity,
+            recommendation: this.generateRecommendation(type, constant.name),
+            confidence: this.calculateConfidence(constant, type),
+        };
+    }
+    /**
+     * Mask a value for safe display
+     */
+    maskValue(value) {
+        if (value.length <= 8) {
+            return '*'.repeat(value.length);
+        }
+        const visibleChars = Math.min(4, Math.floor(value.length / 4));
+        const start = value.slice(0, visibleChars);
+        const end = value.slice(-visibleChars);
+        const masked = '*'.repeat(Math.min(20, value.length - visibleChars * 2));
+        return `${start}${masked}${end}`;
+    }
+    /**
+     * Generate recommendation for a secret type
+     */
+    generateRecommendation(type, name) {
+        const recommendations = {
+            api_key: `Move '${name}' to environment variables or a secrets manager.`,
+            secret_key: `Move '${name}' to environment variables or a secrets manager.`,
+            password: `Never hardcode passwords. Use environment variables or a secrets manager.`,
+            private_key: `Private keys should never be in source code. Use a secrets manager or key vault.`,
+            connection_string: `Move '${name}' to environment variables. Consider using a secrets manager.`,
+            token: `Move '${name}' to environment variables or implement token refresh.`,
+            certificate: `Certificates should be loaded from files or a certificate store, not hardcoded.`,
+            aws_key: `Use IAM roles or AWS Secrets Manager instead of hardcoded AWS credentials.`,
+            stripe_key: `Move Stripe keys to environment variables. Use restricted keys in production.`,
+            github_token: `Use GitHub Apps or environment variables instead of hardcoded tokens.`,
+            generic_secret: `This value appears to be a secret. Move it to environment variables.`,
+        };
+        return recommendations[type] || `Consider moving '${name}' to a secure configuration.`;
+    }
+    /**
+     * Calculate confidence score for a detection
+     */
+    calculateConfidence(constant, type) {
+        let confidence = 0.5;
+        // Higher confidence for specific patterns
+        if (['aws_key', 'stripe_key', 'github_token'].includes(type)) {
+            confidence = 0.95;
+        }
+        else if (['private_key', 'certificate'].includes(type)) {
+            confidence = 0.9;
+        }
+        else if (['password', 'connection_string'].includes(type)) {
+            confidence = 0.85;
+        }
+        else if (['api_key', 'secret_key', 'token'].includes(type)) {
+            confidence = 0.75;
+        }
+        // Lower confidence if in test file
+        if (this.isTestFile(constant.file)) {
+            confidence *= 0.5;
+        }
+        // Lower confidence if value looks like placeholder
+        const value = String(constant.value ?? '');
+        if (this.looksLikePlaceholder(value)) {
+            confidence *= 0.3;
+        }
+        return Math.min(1, Math.max(0, confidence));
+    }
+    /**
+     * Check if a value looks like a real secret (not placeholder)
+     */
+    looksLikeRealSecret(value) {
+        if (!value || value.length < 8)
+            return false;
+        // Check for placeholder patterns
+        if (this.looksLikePlaceholder(value))
+            return false;
+        // Check for reasonable entropy
+        const entropy = this.calculateEntropy(value);
+        return entropy >= 2.5;
+    }
+    /**
+     * Check if a value looks like a placeholder
+     */
+    looksLikePlaceholder(value) {
+        const lower = value.toLowerCase();
+        return (lower.includes('xxx') ||
+            lower.includes('placeholder') ||
+            lower.includes('example') ||
+            lower.includes('your_') ||
+            lower.includes('your-') ||
+            lower.includes('<your') ||
+            lower.includes('[your') ||
+            lower.includes('changeme') ||
+            lower.includes('todo') ||
+            lower.includes('fixme') ||
+            /^[a-z]+$/.test(lower) || // Single word
+            /^[x*]+$/.test(lower) // All x's or asterisks
+        );
+    }
+    /**
+     * Check if name suggests it might be a secret
+     */
+    nameSuggestsSecret(name) {
+        const lower = name.toLowerCase();
+        return (lower.includes('key') ||
+            lower.includes('secret') ||
+            lower.includes('token') ||
+            lower.includes('password') ||
+            lower.includes('credential') ||
+            lower.includes('auth'));
+    }
+    /**
+     * Calculate Shannon entropy of a string
+     */
+    calculateEntropy(str) {
+        if (!str || str.length === 0)
+            return 0;
+        const freq = new Map();
+        for (const char of str) {
+            freq.set(char, (freq.get(char) || 0) + 1);
+        }
+        let entropy = 0;
+        const len = str.length;
+        for (const count of freq.values()) {
+            const p = count / len;
+            entropy -= p * Math.log2(p);
+        }
+        return entropy;
+    }
+    /**
+     * Check if file is allowlisted
+     */
+    isAllowlistedFile(filePath) {
+        for (const pattern of this.config.allowlistPatterns) {
+            // Simple glob matching
+            const regex = pattern
+                .replace(/\*\*/g, '.*')
+                .replace(/\*/g, '[^/]*')
+                .replace(/\?/g, '.');
+            if (new RegExp(regex).test(filePath)) {
+                return true;
+            }
+        }
+        return false;
+    }
+    /**
+     * Check if value is allowlisted
+     */
+    isAllowlistedValue(value) {
+        if (typeof value !== 'string')
+            return false;
+        for (const pattern of this.config.allowlistValues) {
+            if (pattern.test(value)) {
+                return true;
+            }
+        }
+        return false;
+    }
+    /**
+     * Check if file is a test file
+     */
+    isTestFile(filePath) {
+        return (filePath.includes('.test.') ||
+            filePath.includes('.spec.') ||
+            filePath.includes('__tests__') ||
+            filePath.includes('__mocks__') ||
+            filePath.includes('/test/') ||
+            filePath.includes('/tests/'));
+    }
+}
+//# sourceMappingURL=security-scanner.js.map

package/dist/constants/analysis/security-scanner.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"security-scanner.js","sourceRoot":"","sources":["../../../src/constants/analysis/security-scanner.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAyCH;;GAEG;AACH,MAAM,CAAC,MAAM,4BAA4B,GAAuB;IAC9D,sBAAsB,EAAE,IAAI;IAC5B,gBAAgB,EAAE,GAAG;IACrB,cAAc,EAAE,EAAE;IAClB,iBAAiB,EAAE;QACjB,YAAY;QACZ,aAAa;QACb,aAAa;QACb,YAAY;QACZ,eAAe;KAChB;IACD,eAAe,EAAE;QACf,QAAQ;QACR,QAAQ;QACR,QAAQ;QACR,SAAS;QACT,WAAW;QACX,eAAe;QACf,SAAS;QACT,OAAO;KACR;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,gBAAgB,GAAoB;IACxC,WAAW;IACX;QACE,IAAI,EAAE,gBAAgB;QACtB,YAAY,EAAE,oBAAoB;QAClC,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,WAAW,EAAE,cAAc;QAC3B,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,gBAAgB;QACtB,YAAY,EAAE,qCAAqC;QACnD,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,wBAAwB;QAC9B,YAAY,EAAE,qCAAqC;QACnD,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,QAAQ;KACnB;IACD;QACE,IAAI,EAAE,cAAc;QACpB,YAAY,EAAE,+BAA+B;QAC7C,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,8BAA8B;QACpC,YAAY,EAAE,gCAAgC;QAC9C,IAAI,EAAE,cAAc;QACpB,QAAQ,EAAE,UAAU;KACrB;IAED,2BAA2B;IAC3B;QACE,IAAI,EAAE,SAAS;QACf,WAAW,EAAE,yBAAyB;QACtC,IAAI,EAAE,SAAS;QACf,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,+BAA+B;QAC5C,IAAI,EAAE,YAAY;QAClB,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,UAAU;QAChB,WAAW,EAAE,0BAA0B;QACvC,IAAI,EAAE,UAAU;QAChB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,WAAW,EAAE,iCAAiC;QAC9C,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,mCAAmC;QAChD,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,+BAA+B;QAC5C,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,mCAAmC;QAChD,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,eAAe;QACrB,WAAW,EAAE,qCAAqC;QAClD,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,WAAW,EAAE,oDAAoD;QACjE,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,kCAAkC;QAC/C,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,UAAU;KACrB;IAED,iBAAiB;IACjB;QACE,IAAI,EAAE,mBAAmB;QACzB,YAAY,EAAE,wDAAwD;QACtE,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,aAAa;QACnB,YAAY,EAAE,6BAA6B;QAC3C,IAAI,EAAE,aAAa;QACnB,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,iCAAiC;QACvC,YAAY,EAAE,oDAAoD;QAClE,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,UAAU;KACrB;IACD;QACE,IAAI,EAAE,mBAAmB;QACzB,YAAY,EAAE,6BAA6B;QAC3C,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,MAAM;KACjB;IACD;QACE,IAAI,EAAE,oBAAoB;QAC1B,YAAY,EAAE,8BAA8B;QAC5C,IAAI,EAAE,OAAO;QACb,QAAQ,EAAE,MAAM;KACjB;CACF,CAAC;AAgBF;;GAEG;AACH,MAAM,OAAO,uBAAuB;IAC1B,MAAM,CAAqB;IAC3B,QAAQ,CAAkB;IAElC,YAAY,SAAsC,EAAE;QAClD,IAAI,CAAC,MAAM,GAAG,EAAE,GAAG,4BAA4B,EAAE,GAAG,MAAM,EAAE,CAAC;QAC7D,IAAI,CAAC,QAAQ,GAAG,CAAC,GAAG,gBAAgB,EAAE,GAAG,IAAI,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACvE,CAAC;IAED;;OAEG;IACH,IAAI,CAAC,SAA+B;QAClC,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;QACpC,MAAM,OAAO,GAAsB,EAAE,CAAC;QACtC,MAAM,UAAU,GAAkC;YAChD,IAAI,EAAE,CAAC;YACP,GAAG,EAAE,CAAC;YACN,MAAM,EAAE,CAAC;YACT,IAAI,EAAE,CAAC;YACP,QAAQ,EAAE,CAAC;SACZ,CAAC;QAEF,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,yBAAyB;YACzB,IAAI,IAAI,CAAC,iBAAiB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBAC1C,SAAS;YACX,CAAC;YAED,+BAA+B;YAC/B,IAAI,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5C,SAAS;YACX,CAAC;YAED,MAAM,MAAM,GAAG,IAAI,CAAC,eAAe,CAAC,QAAQ,CAAC,CAAC;YAC9C,IAAI,MAAM,EAAE,CAAC;gBACX,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;gBACrB,UAAU,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC;YAChC,CAAC;QACH,CAAC;QAED,oCAAoC;QACpC,MAAM,aAAa,GAAoB,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,CAAC;QACrF,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CACpB,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CACtE,CAAC;QAEF,OAAO;YACL,OAAO;YACP,YAAY,EAAE,SAAS,CAAC,MAAM;YAC9B,UAAU,EAAE,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS;YACzC,UAAU;SACX,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,eAAe,CAAC,QAA4B;QAClD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QAEzE,yBAAyB;QACzB,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACpC,qBAAqB;YACrB,IAAI,OAAO,CAAC,WAAW,IAAI,OAAO,CAAC,WAAW,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACnE,sEAAsE;gBACtE,IAAI,IAAI,CAAC,mBAAmB,CAAC,QAAQ,CAAC,EAAE,CAAC;oBACvC,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;gBACnF,CAAC;YACH,CAAC;YAED,sBAAsB;YACtB,IAAI,OAAO,CAAC,YAAY,IAAI,OAAO,CAAC,YAAY,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAChE,OAAO,IAAI,CAAC,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;YACnF,CAAC;QACH,CAAC;QAED,4CAA4C;QAC5C,IAAI,IAAI,CAAC,MAAM,CAAC,sBAAsB,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;YACpE,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;YAC7C,IAAI,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,KAAK,CAAC,MAAM,IAAI,EAAE,EAAE,CAAC;gBAClE,0CAA0C;gBAC1C,uCAAuC;gBACvC,IAAI,IAAI,CAAC,kBAAkB,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;oBAC3C,OAAO,IAAI,CAAC,YAAY,CACtB,QAAQ,EACR,gBAAgB,EAChB,QAAQ,EACR,uBAAuB,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAC7C,CAAC;gBACJ,CAAC;YACH,CAAC;QACH,CAAC;QAED,OAAO,IAAI,CAAC;IACd,CAAC;IAED;;OAEG;IACK,YAAY,CAClB,QAA4B,EAC5B,IAAgB,EAChB,QAAuB,EACvB,WAAmB;QAEnB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC;QAC7B,MAAM,QAAQ,GAAG,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QAEzE,OAAO;YACL,UAAU,EAAE,QAAQ,CAAC,EAAE;YACvB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,IAAI,EAAE,QAAQ,CAAC,IAAI;YACnB,WAAW,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC;YACrC,UAAU,EAAE,IAAI;YAChB,QAAQ;YACR,cAAc,EAAE,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,CAAC;YAChE,UAAU,EAAE,IAAI,CAAC,mBAAmB,CAAC,QAAQ,EAAE,IAAI,CAAC;SACrD,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,SAAS,CAAC,KAAa;QAC7B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;YACtB,OAAO,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QAClC,CAAC;QAED,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;QAC/D,MAAM,KAAK,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC,CAAC;QAC3C,MAAM,GAAG,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC;QACvC,MAAM,MAAM,GAAG,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,CAAC,MAAM,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC,CAAC;QAEzE,OAAO,GAAG,KAAK,GAAG,MAAM,GAAG,GAAG,EAAE,CAAC;IACnC,CAAC;IAED;;OAEG;IACK,sBAAsB,CAAC,IAAgB,EAAE,IAAY;QAC3D,MAAM,eAAe,GAA+B;YAClD,OAAO,EAAE,SAAS,IAAI,kDAAkD;YACxE,UAAU,EAAE,SAAS,IAAI,kDAAkD;YAC3E,QAAQ,EAAE,2EAA2E;YACrF,WAAW,EAAE,kFAAkF;YAC/F,iBAAiB,EAAE,SAAS,IAAI,+DAA+D;YAC/F,KAAK,EAAE,SAAS,IAAI,wDAAwD;YAC5E,WAAW,EAAE,iFAAiF;YAC9F,OAAO,EAAE,4EAA4E;YACrF,UAAU,EAAE,+EAA+E;YAC3F,YAAY,EAAE,uEAAuE;YACrF,cAAc,EAAE,sEAAsE;SACvF,CAAC;QAEF,OAAO,eAAe,CAAC,IAAI,CAAC,IAAI,oBAAoB,IAAI,8BAA8B,CAAC;IACzF,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,QAA4B,EAAE,IAAgB;QACxE,IAAI,UAAU,GAAG,GAAG,CAAC;QAErB,0CAA0C;QAC1C,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE,cAAc,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7D,UAAU,GAAG,IAAI,CAAC;QACpB,CAAC;aAAM,IAAI,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACzD,UAAU,GAAG,GAAG,CAAC;QACnB,CAAC;aAAM,IAAI,CAAC,UAAU,EAAE,mBAAmB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC5D,UAAU,GAAG,IAAI,CAAC;QACpB,CAAC;aAAM,IAAI,CAAC,SAAS,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC7D,UAAU,GAAG,IAAI,CAAC;QACpB,CAAC;QAED,mCAAmC;QACnC,IAAI,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACnC,UAAU,IAAI,GAAG,CAAC;QACpB,CAAC;QAED,mDAAmD;QACnD,MAAM,KAAK,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;QAC3C,IAAI,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC,EAAE,CAAC;YACrC,UAAU,IAAI,GAAG,CAAC;QACpB,CAAC;QAED,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC,CAAC;IAC9C,CAAC;IAED;;OAEG;IACK,mBAAmB,CAAC,KAAa;QACvC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,KAAK,CAAC;QAE7C,iCAAiC;QACjC,IAAI,IAAI,CAAC,oBAAoB,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QAEnD,+BAA+B;QAC/B,MAAM,OAAO,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAC7C,OAAO,OAAO,IAAI,GAAG,CAAC;IACxB,CAAC;IAED;;OAEG;IACK,oBAAoB,CAAC,KAAa;QACxC,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;QAClC,OAAO,CACL,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;YACrB,KAAK,CAAC,QAAQ,CAAC,aAAa,CAAC;YAC7B,KAAK,CAAC,QAAQ,CAAC,SAAS,CAAC;YACzB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC1B,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC;YACtB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,cAAc;YACxC,SAAS,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,uBAAuB;SAC9C,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,IAAY;QACrC,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;QACjC,OAAO,CACL,KAAK,CAAC,QAAQ,CAAC,KAAK,CAAC;YACrB,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACxB,KAAK,CAAC,QAAQ,CAAC,OAAO,CAAC;YACvB,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC;YAC1B,KAAK,CAAC,QAAQ,CAAC,YAAY,CAAC;YAC5B,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CACvB,CAAC;IACJ,CAAC;IAED;;OAEG;IACK,gBAAgB,CAAC,GAAW;QAClC,IAAI,CAAC,GAAG,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,CAAC,CAAC;QAEvC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;QACvC,KAAK,MAAM,IAAI,IAAI,GAAG,EAAE,CAAC;YACvB,IAAI,CAAC,GAAG,CAAC,IAAI,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;QAC5C,CAAC;QAED,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;QACvB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;YAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;YACtB,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9B,CAAC;QAED,OAAO,OAAO,CAAC;IACjB,CAAC;IAED;;OAEG;IACK,iBAAiB,CAAC,QAAgB;QACxC,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,iBAAiB,EAAE,CAAC;YACpD,uBAAuB;YACvB,MAAM,KAAK,GAAG,OAAO;iBAClB,OAAO,CAAC,OAAO,EAAE,IAAI,CAAC;iBACtB,OAAO,CAAC,KAAK,EAAE,OAAO,CAAC;iBACvB,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;YACvB,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACrC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,kBAAkB,CAAC,KAAmD;QAC5E,IAAI,OAAO,KAAK,KAAK,QAAQ;YAAE,OAAO,KAAK,CAAC;QAE5C,KAAK,MAAM,OAAO,IAAI,IAAI,CAAC,MAAM,CAAC,eAAe,EAAE,CAAC;YAClD,IAAI,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBACxB,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QACD,OAAO,KAAK,CAAC;IACf,CAAC;IAED;;OAEG;IACK,UAAU,CAAC,QAAgB;QACjC,OAAO,CACL,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC3B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC3B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC9B,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC;YAC9B,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAC3B,QAAQ,CAAC,QAAQ,CAAC,SAAS,CAAC,CAC7B,CAAC;IACJ,CAAC;CACF"}

package/dist/constants/extractors/base-extractor.d.ts ADDED Viewed

@@ -0,0 +1,97 @@
+/**
+ * Base Constant Extractor
+ *
+ * Abstract base class for hybrid constant extractors that combine
+ * tree-sitter (primary) with regex fallback for enterprise-grade coverage.
+ *
+ * Follows the same pattern as call-graph/extractors/hybrid-extractor-base.ts
+ */
+import type { ConstantLanguage, FileConstantResult, ConstantExtractionQuality, ConstantHybridConfig } from '../types.js';
+import type { BaseConstantRegexExtractor } from './regex/base-regex.js';
+/**
+ * Abstract base class for hybrid constant extractors
+ */
+export declare abstract class BaseConstantExtractor {
+    /** Language this extractor handles */
+    abstract readonly language: ConstantLanguage;
+    /** File extensions this extractor handles */
+    abstract readonly extensions: string[];
+    /** Configuration */
+    protected config: Required<ConstantHybridConfig>;
+    /** Regex fallback extractor */
+    protected abstract regexExtractor: BaseConstantRegexExtractor;
+    constructor(config?: ConstantHybridConfig);
+    /**
+     * Check if this extractor can handle a file
+     */
+    canHandle(filePath: string): boolean;
+    /**
+     * Extract constants with hybrid approach: tree-sitter first, regex fallback
+     */
+    extract(source: string, filePath: string): FileConstantResult;
+    /**
+     * Extract using tree-sitter (implemented by subclass)
+     */
+    protected abstract extractWithTreeSitter(source: string, filePath: string): FileConstantResult | null;
+    /**
+     * Check if tree-sitter is available for this language
+     */
+    protected abstract isTreeSitterAvailable(): boolean;
+    /**
+     * Extract with regex fallback, merging with tree-sitter results
+     */
+    private extractWithFallback;
+    /**
+     * Extract using regex only
+     */
+    private extractWithRegexOnly;
+    /**
+     * Merge tree-sitter and regex results
+     */
+    private mergeResults;
+    /**
+     * Merge constants, avoiding duplicates
+     */
+    private mergeUniqueConstants;
+    /**
+     * Merge enums, avoiding duplicates
+     */
+    private mergeUniqueEnums;
+    /**
+     * Merge references, avoiding duplicates
+     */
+    private mergeUniqueReferences;
+    /**
+     * Check if extraction result has good coverage
+     */
+    private hasGoodCoverage;
+    /**
+     * Create quality metrics for tree-sitter extraction
+     */
+    private createTreeSitterQuality;
+    /**
+     * Create merged quality metrics
+     */
+    private createMergedQuality;
+    /**
+     * Create error result
+     */
+    private createErrorResult;
+    /**
+     * Create empty result
+     */
+    private createEmptyResult;
+    /**
+     * Get file extension
+     */
+    protected getExtension(filePath: string): string;
+    /**
+     * Generate constant ID
+     */
+    protected generateConstantId(file: string, name: string, line: number): string;
+    /**
+     * Create default quality metrics
+     */
+    protected createDefaultQuality(): ConstantExtractionQuality;
+}
+//# sourceMappingURL=base-extractor.d.ts.map

package/dist/constants/extractors/base-extractor.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"base-extractor.d.ts","sourceRoot":"","sources":["../../../src/constants/extractors/base-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EACV,gBAAgB,EAChB,kBAAkB,EAIlB,yBAAyB,EACzB,oBAAoB,EACrB,MAAM,aAAa,CAAC;AAKrB,OAAO,KAAK,EAAE,0BAA0B,EAAE,MAAM,uBAAuB,CAAC;AAExE;;GAEG;AACH,8BAAsB,qBAAqB;IACzC,sCAAsC;IACtC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,gBAAgB,CAAC;IAE7C,6CAA6C;IAC7C,QAAQ,CAAC,QAAQ,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC;IAEvC,oBAAoB;IACpB,SAAS,CAAC,MAAM,EAAE,QAAQ,CAAC,oBAAoB,CAAC,CAAC;IAEjD,+BAA+B;IAC/B,SAAS,CAAC,QAAQ,CAAC,cAAc,EAAE,0BAA0B,CAAC;gBAElD,MAAM,CAAC,EAAE,oBAAoB;IAIzC;;OAEG;IACH,SAAS,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO;IAKpC;;OAEG;IACH,OAAO,CAAC,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,MAAM,GAAG,kBAAkB;IAgD7D;;OAEG;IACH,SAAS,CAAC,QAAQ,CAAC,qBAAqB,CACtC,MAAM,EAAE,MAAM,EACd,QAAQ,EAAE,MAAM,GACf,kBAAkB,GAAG,IAAI;IAE5B;;OAEG;IACH,SAAS,CAAC,QAAQ,CAAC,qBAAqB,IAAI,OAAO;IAEnD;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAwB3B;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAuB5B;;OAEG;IACH,OAAO,CAAC,YAAY;IAepB;;OAEG;IACH,OAAO,CAAC,oBAAoB;IAkB5B;;OAEG;IACH,OAAO,CAAC,gBAAgB;IAkBxB;;OAEG;IACH,OAAO,CAAC,qBAAqB;IAkB7B;;OAEG;IACH,OAAO,CAAC,eAAe;IAUvB;;OAEG;IACH,OAAO,CAAC,uBAAuB;IAmB/B;;OAEG;IACH,OAAO,CAAC,mBAAmB;IAwB3B;;OAEG;IACH,OAAO,CAAC,iBAAiB;IA2BzB;;OAEG;IACH,OAAO,CAAC,iBAAiB;IAqBzB;;OAEG;IACH,SAAS,CAAC,YAAY,CAAC,QAAQ,EAAE,MAAM,GAAG,MAAM;IAKhD;;OAEG;IACH,SAAS,CAAC,kBAAkB,CAAC,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,GAAG,MAAM;IAI9E;;OAEG;IACH,SAAS,CAAC,oBAAoB,IAAI,yBAAyB;CAY5D"}