driftdetect-detectors 0.1.0

package/dist/registry/types.d.ts

@@ -0,0 +1,111 @@
+/**
+ * Registry type definitions
+ *
+ * Defines detector metadata types for the detector registry system.
+ * These types are used to describe and categorize detectors.
+ *
+ * @requirements 6.1 - THE Detector_System SHALL define a BaseDetector interface that all detectors implement
+ */
+import type { PatternCategory, Language } from 'driftdetect-core';
+/**
+ * Detection methods supported by the detector system
+ *
+ * - ast: AST-based detection using parsed syntax trees
+ * - regex: Regular expression-based text pattern matching
+ * - semantic: Semantic analysis using type information and symbol resolution
+ * - structural: File/directory structure analysis
+ * - custom: Custom detection logic
+ *
+ * @requirements 6.4 - THE Detector_System SHALL support detection methods: ast, regex, semantic, structural, and custom
+ */
+export type DetectionMethod = 'ast' | 'regex' | 'semantic' | 'structural' | 'custom';
+/**
+ * Array of all valid detection methods for validation
+ */
+export declare const DETECTION_METHODS: DetectionMethod[];
+/**
+ * Detector metadata interface
+ *
+ * Contains all metadata about a detector including its identity,
+ * categorization, and capabilities. This interface is used by the
+ * registry to manage and query detectors.
+ *
+ * @requirements 6.1 - THE Detector_System SHALL define a BaseDetector interface that all detectors implement
+ * @requirements 6.3 - THE Detector SHALL declare its category, supported languages, and detection method
+ */
+export interface DetectorInfo {
+    /** Unique detector identifier (e.g., 'structural/file-naming') */
+    id: string;
+    /** Detector category matching PatternCategory from driftdetect-core */
+    category: PatternCategory;
+    /** Detector subcategory for more specific classification (e.g., 'naming-conventions') */
+    subcategory: string;
+    /** Human-readable name for display (e.g., 'File Naming Convention Detector') */
+    name: string;
+    /** Detailed description of what the detector does */
+    description: string;
+    /** Languages this detector supports */
+    supportedLanguages: Language[];
+    /** How this detector performs detection */
+    detectionMethod: DetectionMethod;
+}
+/**
+ * Detector registration options
+ *
+ * Options that can be provided when registering a detector
+ */
+export interface DetectorRegistrationOptions {
+    /** Whether to override an existing detector with the same ID */
+    override?: boolean;
+    /** Priority for this detector (higher = runs first when multiple detectors match) */
+    priority?: number;
+    /** Whether this detector is enabled by default */
+    enabled?: boolean;
+}
+/**
+ * Registered detector entry in the registry
+ *
+ * Contains the detector info plus registration metadata
+ */
+export interface RegisteredDetector {
+    /** Detector metadata */
+    info: DetectorInfo;
+    /** Registration priority (default: 0) */
+    priority: number;
+    /** Whether the detector is enabled */
+    enabled: boolean;
+    /** Timestamp when the detector was registered */
+    registeredAt: Date;
+}
+/**
+ * Query options for finding detectors in the registry
+ */
+export interface DetectorQuery {
+    /** Filter by category */
+    category?: PatternCategory;
+    /** Filter by subcategory */
+    subcategory?: string;
+    /** Filter by supported language */
+    language?: Language;
+    /** Filter by detection method */
+    detectionMethod?: DetectionMethod;
+    /** Filter by enabled status */
+    enabled?: boolean;
+    /** Only return detectors with IDs matching this pattern */
+    idPattern?: string | RegExp;
+}
+/**
+ * Result of a detector query
+ */
+export interface DetectorQueryResult {
+    /** Matching detectors */
+    detectors: RegisteredDetector[];
+    /** Total count of matching detectors */
+    count: number;
+}
+/**
+ * Re-export PatternCategory and Language from driftdetect-core for convenience
+ * so consumers don't need to import from multiple packages
+ */
+export type { PatternCategory, Language } from 'driftdetect-core';
+//# sourceMappingURL=types.d.ts.map

package/dist/registry/types.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/registry/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,KAAK,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AAMlE;;;;;;;;;;GAUG;AACH,MAAM,MAAM,eAAe,GAAG,KAAK,GAAG,OAAO,GAAG,UAAU,GAAG,YAAY,GAAG,QAAQ,CAAC;AAErF;;GAEG;AACH,eAAO,MAAM,iBAAiB,EAAE,eAAe,EAM9C,CAAC;AAMF;;;;;;;;;GASG;AACH,MAAM,WAAW,YAAY;IAC3B,kEAAkE;IAClE,EAAE,EAAE,MAAM,CAAC;IAEX,uEAAuE;IACvE,QAAQ,EAAE,eAAe,CAAC;IAE1B,yFAAyF;IACzF,WAAW,EAAE,MAAM,CAAC;IAEpB,gFAAgF;IAChF,IAAI,EAAE,MAAM,CAAC;IAEb,qDAAqD;IACrD,WAAW,EAAE,MAAM,CAAC;IAEpB,uCAAuC;IACvC,kBAAkB,EAAE,QAAQ,EAAE,CAAC;IAE/B,2CAA2C;IAC3C,eAAe,EAAE,eAAe,CAAC;CAClC;AAMD;;;;GAIG;AACH,MAAM,WAAW,2BAA2B;IAC1C,gEAAgE;IAChE,QAAQ,CAAC,EAAE,OAAO,CAAC;IAEnB,qFAAqF;IACrF,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,kDAAkD;IAClD,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED;;;;GAIG;AACH,MAAM,WAAW,kBAAkB;IACjC,wBAAwB;IACxB,IAAI,EAAE,YAAY,CAAC;IAEnB,yCAAyC;IACzC,QAAQ,EAAE,MAAM,CAAC;IAEjB,sCAAsC;IACtC,OAAO,EAAE,OAAO,CAAC;IAEjB,iDAAiD;IACjD,YAAY,EAAE,IAAI,CAAC;CACpB;AAED;;GAEG;AACH,MAAM,WAAW,aAAa;IAC5B,yBAAyB;IACzB,QAAQ,CAAC,EAAE,eAAe,CAAC;IAE3B,4BAA4B;IAC5B,WAAW,CAAC,EAAE,MAAM,CAAC;IAErB,mCAAmC;IACnC,QAAQ,CAAC,EAAE,QAAQ,CAAC;IAEpB,iCAAiC;IACjC,eAAe,CAAC,EAAE,eAAe,CAAC;IAElC,+BAA+B;IAC/B,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,2DAA2D;IAC3D,SAAS,CAAC,EAAE,MAAM,GAAG,MAAM,CAAC;CAC7B;AAED;;GAEG;AACH,MAAM,WAAW,mBAAmB;IAClC,yBAAyB;IACzB,SAAS,EAAE,kBAAkB,EAAE,CAAC;IAEhC,wCAAwC;IACxC,KAAK,EAAE,MAAM,CAAC;CACf;AAMD;;;GAGG;AACH,YAAY,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC"}

package/dist/registry/types.js

@@ -0,0 +1,19 @@
+/**
+ * Registry type definitions
+ *
+ * Defines detector metadata types for the detector registry system.
+ * These types are used to describe and categorize detectors.
+ *
+ * @requirements 6.1 - THE Detector_System SHALL define a BaseDetector interface that all detectors implement
+ */
+/**
+ * Array of all valid detection methods for validation
+ */
+export const DETECTION_METHODS = [
+    'ast',
+    'regex',
+    'semantic',
+    'structural',
+    'custom',
+];
+//# sourceMappingURL=types.js.map

package/dist/registry/types.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"types.js","sourceRoot":"","sources":["../../src/registry/types.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAqBH;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAsB;IAClD,KAAK;IACL,OAAO;IACP,UAAU;IACV,YAAY;IACZ,QAAQ;CACT,CAAC"}

package/dist/security/csp-headers.d.ts

@@ -0,0 +1,78 @@
+/**
+ * CSP Headers Detector - Content Security Policy pattern detection
+ *
+ * Detects CSP patterns including:
+ * - CSP header configuration
+ * - CSP meta tags
+ * - Helmet CSP middleware
+ * - Nonce and hash usage
+ * - Directive patterns
+ *
+ * @requirements 16.5 - CSP header patterns
+ */
+import type { Violation, QuickFix, PatternCategory, Language } from 'driftdetect-core';
+import { RegexDetector } from '../base/regex-detector.js';
+import type { DetectionContext, DetectionResult } from '../base/base-detector.js';
+export type CSPHeaderPatternType = 'csp-header' | 'csp-meta' | 'helmet-csp' | 'csp-nonce' | 'csp-hash' | 'csp-directive' | 'report-uri';
+export type CSPViolationType = 'unsafe-inline' | 'unsafe-eval' | 'wildcard-source' | 'missing-csp';
+export interface CSPHeaderPatternInfo {
+    type: CSPHeaderPatternType;
+    file: string;
+    line: number;
+    column: number;
+    matchedText: string;
+    directive?: string | undefined;
+    context?: string | undefined;
+}
+export interface CSPViolationInfo {
+    type: CSPViolationType;
+    file: string;
+    line: number;
+    column: number;
+    matchedText: string;
+    issue: string;
+    suggestedFix?: string | undefined;
+    severity: 'high' | 'medium' | 'low';
+}
+export interface CSPHeaderAnalysis {
+    patterns: CSPHeaderPatternInfo[];
+    violations: CSPViolationInfo[];
+    hasCSP: boolean;
+    usesNonce: boolean;
+    usesHash: boolean;
+    confidence: number;
+}
+export declare const CSP_HEADER_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const CSP_META_PATTERNS: readonly [RegExp, RegExp];
+export declare const HELMET_CSP_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const CSP_NONCE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const CSP_HASH_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const CSP_DIRECTIVE_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp, RegExp];
+export declare const REPORT_URI_PATTERNS: readonly [RegExp, RegExp, RegExp, RegExp];
+export declare const UNSAFE_INLINE_PATTERNS: readonly [RegExp, RegExp];
+export declare const UNSAFE_EVAL_PATTERNS: readonly [RegExp, RegExp];
+export declare const WILDCARD_SOURCE_PATTERNS: readonly [RegExp, RegExp, RegExp];
+export declare function shouldExcludeFile(filePath: string): boolean;
+export declare function detectCSPHeaders(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectCSPMeta(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectHelmetCSP(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectCSPNonce(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectCSPHash(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectCSPDirectives(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectReportURI(content: string, filePath: string): CSPHeaderPatternInfo[];
+export declare function detectUnsafeInlineViolations(content: string, filePath: string): CSPViolationInfo[];
+export declare function detectUnsafeEvalViolations(content: string, filePath: string): CSPViolationInfo[];
+export declare function detectWildcardSourceViolations(content: string, filePath: string): CSPViolationInfo[];
+export declare function analyzeCSPHeaders(content: string, filePath: string): CSPHeaderAnalysis;
+export declare class CSPHeadersDetector extends RegexDetector {
+    readonly id = "security/csp-headers";
+    readonly name = "CSP Headers Detector";
+    readonly description = "Detects Content Security Policy patterns and identifies potential weaknesses";
+    readonly category: PatternCategory;
+    readonly subcategory = "csp-headers";
+    readonly supportedLanguages: Language[];
+    detect(context: DetectionContext): Promise<DetectionResult>;
+    generateQuickFix(_violation: Violation): QuickFix | null;
+}
+export declare function createCSPHeadersDetector(): CSPHeadersDetector;
+//# sourceMappingURL=csp-headers.d.ts.map

package/dist/security/csp-headers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"csp-headers.d.ts","sourceRoot":"","sources":["../../src/security/csp-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,QAAQ,EAAE,eAAe,EAAE,QAAQ,EAAE,MAAM,kBAAkB,CAAC;AACvF,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,KAAK,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,0BAA0B,CAAC;AAMlF,MAAM,MAAM,oBAAoB,GAC5B,YAAY,GACZ,UAAU,GACV,YAAY,GACZ,WAAW,GACX,UAAU,GACV,eAAe,GACf,YAAY,CAAC;AAEjB,MAAM,MAAM,gBAAgB,GACxB,eAAe,GACf,aAAa,GACb,iBAAiB,GACjB,aAAa,CAAC;AAElB,MAAM,WAAW,oBAAoB;IACnC,IAAI,EAAE,oBAAoB,CAAC;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAC/B,OAAO,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;CAC9B;AAED,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,gBAAgB,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,WAAW,EAAE,MAAM,CAAC;IACpB,KAAK,EAAE,MAAM,CAAC;IACd,YAAY,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IAClC,QAAQ,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;CACrC;AAED,MAAM,WAAW,iBAAiB;IAChC,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IACjC,UAAU,EAAE,gBAAgB,EAAE,CAAC;IAC/B,MAAM,EAAE,OAAO,CAAC;IAChB,SAAS,EAAE,OAAO,CAAC;IACnB,QAAQ,EAAE,OAAO,CAAC;IAClB,UAAU,EAAE,MAAM,CAAC;CACpB;AAMD,eAAO,MAAM,mBAAmB,mDAMtB,CAAC;AAEX,eAAO,MAAM,iBAAiB,2BAGpB,CAAC;AAEX,eAAO,MAAM,mBAAmB,mDAMtB,CAAC;AAEX,eAAO,MAAM,kBAAkB,mDAMrB,CAAC;AAEX,eAAO,MAAM,iBAAiB,2DAOpB,CAAC;AAEX,eAAO,MAAM,sBAAsB,2IAiBzB,CAAC;AAEX,eAAO,MAAM,mBAAmB,2CAKtB,CAAC;AAEX,eAAO,MAAM,sBAAsB,2BAGzB,CAAC;AAEX,eAAO,MAAM,oBAAoB,2BAGvB,CAAC;AAEX,eAAO,MAAM,wBAAwB,mCAI3B,CAAC;AAMX,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAU3D;AAED,wBAAgB,gBAAgB,CAC9B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAuBxB;AAED,wBAAgB,aAAa,CAC3B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAuBxB;AAED,wBAAgB,eAAe,CAC7B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAuBxB;AAED,wBAAgB,cAAc,CAC5B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAuBxB;AAED,wBAAgB,aAAa,CAC3B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAuBxB;AAED,wBAAgB,mBAAmB,CACjC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAwBxB;AAED,wBAAgB,eAAe,CAC7B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,oBAAoB,EAAE,CAuBxB;AAED,wBAAgB,4BAA4B,CAC1C,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,gBAAgB,EAAE,CAyBpB;AAED,wBAAgB,0BAA0B,CACxC,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,gBAAgB,EAAE,CAyBpB;AAED,wBAAgB,8BAA8B,CAC5C,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,gBAAgB,EAAE,CAyBpB;AAED,wBAAgB,iBAAiB,CAC/B,OAAO,EAAE,MAAM,EACf,QAAQ,EAAE,MAAM,GACf,iBAAiB,CA4CnB;AAMD,qBAAa,kBAAmB,SAAQ,aAAa;IACnD,QAAQ,CAAC,EAAE,0BAA0B;IACrC,QAAQ,CAAC,IAAI,0BAA0B;IACvC,QAAQ,CAAC,WAAW,kFAC6D;IACjF,QAAQ,CAAC,QAAQ,EAAE,eAAe,CAAc;IAChD,QAAQ,CAAC,WAAW,iBAAiB;IACrC,QAAQ,CAAC,kBAAkB,EAAE,QAAQ,EAAE,CAA0C;IAE3E,MAAM,CAAC,OAAO,EAAE,gBAAgB,GAAG,OAAO,CAAC,eAAe,CAAC;IAsBjE,gBAAgB,CAAC,UAAU,EAAE,SAAS,GAAG,QAAQ,GAAG,IAAI;CAGzD;AAED,wBAAgB,wBAAwB,IAAI,kBAAkB,CAE7D"}

package/dist/security/csp-headers.js

@@ -0,0 +1,401 @@
+/**
+ * CSP Headers Detector - Content Security Policy pattern detection
+ *
+ * Detects CSP patterns including:
+ * - CSP header configuration
+ * - CSP meta tags
+ * - Helmet CSP middleware
+ * - Nonce and hash usage
+ * - Directive patterns
+ *
+ * @requirements 16.5 - CSP header patterns
+ */
+import { RegexDetector } from '../base/regex-detector.js';
+// ============================================================================
+// Constants
+// ============================================================================
+export const CSP_HEADER_PATTERNS = [
+    /Content-Security-Policy/gi,
+    /contentSecurityPolicy/gi,
+    /['"`]Content-Security-Policy['"`]\s*[=:]/gi,
+    /res\.setHeader\s*\(\s*['"`]Content-Security-Policy['"`]/gi,
+    /response\.headers\s*\[\s*['"`]Content-Security-Policy['"`]\s*\]/gi,
+];
+export const CSP_META_PATTERNS = [
+    /<meta[^>]*http-equiv\s*=\s*['"`]Content-Security-Policy['"`]/gi,
+    /httpEquiv\s*[=:]\s*['"`]Content-Security-Policy['"`]/gi,
+];
+export const HELMET_CSP_PATTERNS = [
+    /helmet\.contentSecurityPolicy\s*\(/gi,
+    /helmet\s*\(\s*\{[^}]*contentSecurityPolicy/gi,
+    /contentSecurityPolicy\s*:\s*\{/gi,
+    /import.*helmet/gi,
+    /require\s*\(\s*['"`]helmet['"`]\s*\)/gi,
+];
+export const CSP_NONCE_PATTERNS = [
+    /nonce-[a-zA-Z0-9+/=]+/gi,
+    /'nonce-/gi,
+    /nonce\s*[=:]\s*['"`][^'"`]+['"`]/gi,
+    /generateNonce\s*\(/gi,
+    /cspNonce/gi,
+];
+export const CSP_HASH_PATTERNS = [
+    /sha256-[a-zA-Z0-9+/=]+/gi,
+    /sha384-[a-zA-Z0-9+/=]+/gi,
+    /sha512-[a-zA-Z0-9+/=]+/gi,
+    /'sha256-/gi,
+    /'sha384-/gi,
+    /'sha512-/gi,
+];
+export const CSP_DIRECTIVE_PATTERNS = [
+    /default-src\s+/gi,
+    /script-src\s+/gi,
+    /style-src\s+/gi,
+    /img-src\s+/gi,
+    /font-src\s+/gi,
+    /connect-src\s+/gi,
+    /frame-src\s+/gi,
+    /object-src\s+/gi,
+    /media-src\s+/gi,
+    /child-src\s+/gi,
+    /worker-src\s+/gi,
+    /frame-ancestors\s+/gi,
+    /form-action\s+/gi,
+    /base-uri\s+/gi,
+    /upgrade-insecure-requests/gi,
+    /block-all-mixed-content/gi,
+];
+export const REPORT_URI_PATTERNS = [
+    /report-uri\s+/gi,
+    /report-to\s+/gi,
+    /reportUri\s*[=:]/gi,
+    /reportTo\s*[=:]/gi,
+];
+export const UNSAFE_INLINE_PATTERNS = [
+    /'unsafe-inline'/gi,
+    /unsafe-inline/gi,
+];
+export const UNSAFE_EVAL_PATTERNS = [
+    /'unsafe-eval'/gi,
+    /unsafe-eval/gi,
+];
+export const WILDCARD_SOURCE_PATTERNS = [
+    /\*\s*;/gi,
+    /['"`]\*['"`]/gi,
+    /src\s*[=:]\s*\*/gi,
+];
+// ============================================================================
+// Analysis Functions
+// ============================================================================
+export function shouldExcludeFile(filePath) {
+    const excludePatterns = [
+        /\.test\.[jt]sx?$/,
+        /\.spec\.[jt]sx?$/,
+        /__tests__\//,
+        /\.d\.ts$/,
+        /node_modules\//,
+        /\.min\.[jt]s$/,
+    ];
+    return excludePatterns.some((p) => p.test(filePath));
+}
+export function detectCSPHeaders(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of CSP_HEADER_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'csp-header',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectCSPMeta(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of CSP_META_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'csp-meta',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectHelmetCSP(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of HELMET_CSP_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'helmet-csp',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectCSPNonce(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of CSP_NONCE_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'csp-nonce',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectCSPHash(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of CSP_HASH_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'csp-hash',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectCSPDirectives(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of CSP_DIRECTIVE_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'csp-directive',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    directive: match[0].trim(),
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectReportURI(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of REPORT_URI_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'report-uri',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    context: line.trim(),
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectUnsafeInlineViolations(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of UNSAFE_INLINE_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'unsafe-inline',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    issue: 'unsafe-inline in CSP weakens XSS protection',
+                    suggestedFix: 'Use nonces or hashes instead of unsafe-inline',
+                    severity: 'medium',
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectUnsafeEvalViolations(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of UNSAFE_EVAL_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'unsafe-eval',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    issue: 'unsafe-eval in CSP allows eval() and similar functions',
+                    suggestedFix: 'Remove unsafe-eval and refactor code to avoid eval',
+                    severity: 'high',
+                });
+            }
+        }
+    }
+    return results;
+}
+export function detectWildcardSourceViolations(content, filePath) {
+    const results = [];
+    const lines = content.split('\n');
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const pattern of WILDCARD_SOURCE_PATTERNS) {
+            const regex = new RegExp(pattern.source, pattern.flags);
+            let match;
+            while ((match = regex.exec(line)) !== null) {
+                results.push({
+                    type: 'wildcard-source',
+                    file: filePath,
+                    line: i + 1,
+                    column: match.index + 1,
+                    matchedText: match[0],
+                    issue: 'Wildcard source in CSP allows loading from any origin',
+                    suggestedFix: 'Specify explicit allowed origins instead of wildcard',
+                    severity: 'medium',
+                });
+            }
+        }
+    }
+    return results;
+}
+export function analyzeCSPHeaders(content, filePath) {
+    if (shouldExcludeFile(filePath)) {
+        return {
+            patterns: [],
+            violations: [],
+            hasCSP: false,
+            usesNonce: false,
+            usesHash: false,
+            confidence: 1.0,
+        };
+    }
+    const patterns = [
+        ...detectCSPHeaders(content, filePath),
+        ...detectCSPMeta(content, filePath),
+        ...detectHelmetCSP(content, filePath),
+        ...detectCSPNonce(content, filePath),
+        ...detectCSPHash(content, filePath),
+        ...detectCSPDirectives(content, filePath),
+        ...detectReportURI(content, filePath),
+    ];
+    const violations = [
+        ...detectUnsafeInlineViolations(content, filePath),
+        ...detectUnsafeEvalViolations(content, filePath),
+        ...detectWildcardSourceViolations(content, filePath),
+    ];
+    const hasCSP = patterns.some((p) => p.type === 'csp-header' || p.type === 'csp-meta' || p.type === 'helmet-csp');
+    const usesNonce = patterns.some((p) => p.type === 'csp-nonce');
+    const usesHash = patterns.some((p) => p.type === 'csp-hash');
+    const confidence = hasCSP ? (usesNonce || usesHash ? 0.95 : 0.85) : 0.7;
+    return {
+        patterns,
+        violations,
+        hasCSP,
+        usesNonce,
+        usesHash,
+        confidence,
+    };
+}
+// ============================================================================
+// Detector Class
+// ============================================================================
+export class CSPHeadersDetector extends RegexDetector {
+    id = 'security/csp-headers';
+    name = 'CSP Headers Detector';
+    description = 'Detects Content Security Policy patterns and identifies potential weaknesses';
+    category = 'security';
+    subcategory = 'csp-headers';
+    supportedLanguages = ['typescript', 'javascript', 'python'];
+    async detect(context) {
+        if (!this.supportsLanguage(context.language)) {
+            return this.createEmptyResult();
+        }
+        const analysis = analyzeCSPHeaders(context.content, context.file);
+        if (analysis.patterns.length === 0 && analysis.violations.length === 0) {
+            return this.createEmptyResult();
+        }
+        return this.createResult([], [], analysis.confidence, {
+            custom: {
+                patterns: analysis.patterns,
+                violations: analysis.violations,
+                hasCSP: analysis.hasCSP,
+                usesNonce: analysis.usesNonce,
+                usesHash: analysis.usesHash,
+            },
+        });
+    }
+    generateQuickFix(_violation) {
+        return null;
+    }
+}
+export function createCSPHeadersDetector() {
+    return new CSPHeadersDetector();
+}
+//# sourceMappingURL=csp-headers.js.map

package/dist/security/csp-headers.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"csp-headers.js","sourceRoot":"","sources":["../../src/security/csp-headers.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAGH,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAoD1D,+EAA+E;AAC/E,YAAY;AACZ,+EAA+E;AAE/E,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,2BAA2B;IAC3B,yBAAyB;IACzB,4CAA4C;IAC5C,2DAA2D;IAC3D,mEAAmE;CAC3D,CAAC;AAEX,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,gEAAgE;IAChE,wDAAwD;CAChD,CAAC;AAEX,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,sCAAsC;IACtC,8CAA8C;IAC9C,kCAAkC;IAClC,kBAAkB;IAClB,wCAAwC;CAChC,CAAC;AAEX,MAAM,CAAC,MAAM,kBAAkB,GAAG;IAChC,yBAAyB;IACzB,WAAW;IACX,oCAAoC;IACpC,sBAAsB;IACtB,YAAY;CACJ,CAAC;AAEX,MAAM,CAAC,MAAM,iBAAiB,GAAG;IAC/B,0BAA0B;IAC1B,0BAA0B;IAC1B,0BAA0B;IAC1B,YAAY;IACZ,YAAY;IACZ,YAAY;CACJ,CAAC;AAEX,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,kBAAkB;IAClB,iBAAiB;IACjB,gBAAgB;IAChB,cAAc;IACd,eAAe;IACf,kBAAkB;IAClB,gBAAgB;IAChB,iBAAiB;IACjB,gBAAgB;IAChB,gBAAgB;IAChB,iBAAiB;IACjB,sBAAsB;IACtB,kBAAkB;IAClB,eAAe;IACf,6BAA6B;IAC7B,2BAA2B;CACnB,CAAC;AAEX,MAAM,CAAC,MAAM,mBAAmB,GAAG;IACjC,iBAAiB;IACjB,gBAAgB;IAChB,oBAAoB;IACpB,mBAAmB;CACX,CAAC;AAEX,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,mBAAmB;IACnB,iBAAiB;CACT,CAAC;AAEX,MAAM,CAAC,MAAM,oBAAoB,GAAG;IAClC,iBAAiB;IACjB,eAAe;CACP,CAAC;AAEX,MAAM,CAAC,MAAM,wBAAwB,GAAG;IACtC,UAAU;IACV,gBAAgB;IAChB,mBAAmB;CACX,CAAC;AAEX,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,MAAM,UAAU,iBAAiB,CAAC,QAAgB;IAChD,MAAM,eAAe,GAAG;QACtB,kBAAkB;QAClB,kBAAkB;QAClB,aAAa;QACb,UAAU;QACV,gBAAgB;QAChB,eAAe;KAChB,CAAC;IACF,OAAO,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;AACvD,CAAC;AAED,MAAM,UAAU,gBAAgB,CAC9B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,eAAe,CAC7B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,cAAc,CAC5B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;YACzC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,WAAW;oBACjB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,iBAAiB,EAAE,CAAC;YACxC,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,UAAU;oBAChB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,mBAAmB,CACjC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,sBAAsB,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,eAAe;oBACrB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,SAAS,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;oBAC1B,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,eAAe,CAC7B,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAA2B,EAAE,CAAC;IAC3C,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,OAAO,EAAE,IAAI,CAAC,IAAI,EAAE;iBACrB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,4BAA4B,CAC1C,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,sBAAsB,EAAE,CAAC;YAC7C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,eAAe;oBACrB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,KAAK,EAAE,6CAA6C;oBACpD,YAAY,EAAE,+CAA+C;oBAC7D,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,0BAA0B,CACxC,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,oBAAoB,EAAE,CAAC;YAC3C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,aAAa;oBACnB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,KAAK,EAAE,wDAAwD;oBAC/D,YAAY,EAAE,oDAAoD;oBAClE,QAAQ,EAAE,MAAM;iBACjB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,8BAA8B,CAC5C,OAAe,EACf,QAAgB;IAEhB,MAAM,OAAO,GAAuB,EAAE,CAAC;IACvC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAE,CAAC;QACvB,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;YAC/C,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;YACxD,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI,EAAE,iBAAiB;oBACvB,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,CAAC,GAAG,CAAC;oBACX,MAAM,EAAE,KAAK,CAAC,KAAK,GAAG,CAAC;oBACvB,WAAW,EAAE,KAAK,CAAC,CAAC,CAAC;oBACrB,KAAK,EAAE,uDAAuD;oBAC9D,YAAY,EAAE,sDAAsD;oBACpE,QAAQ,EAAE,QAAQ;iBACnB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,UAAU,iBAAiB,CAC/B,OAAe,EACf,QAAgB;IAEhB,IAAI,iBAAiB,CAAC,QAAQ,CAAC,EAAE,CAAC;QAChC,OAAO;YACL,QAAQ,EAAE,EAAE;YACZ,UAAU,EAAE,EAAE;YACd,MAAM,EAAE,KAAK;YACb,SAAS,EAAE,KAAK;YAChB,QAAQ,EAAE,KAAK;YACf,UAAU,EAAE,GAAG;SAChB,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAA2B;QACvC,GAAG,gBAAgB,CAAC,OAAO,EAAE,QAAQ,CAAC;QACtC,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC;QACnC,GAAG,eAAe,CAAC,OAAO,EAAE,QAAQ,CAAC;QACrC,GAAG,cAAc,CAAC,OAAO,EAAE,QAAQ,CAAC;QACpC,GAAG,aAAa,CAAC,OAAO,EAAE,QAAQ,CAAC;QACnC,GAAG,mBAAmB,CAAC,OAAO,EAAE,QAAQ,CAAC;QACzC,GAAG,eAAe,CAAC,OAAO,EAAE,QAAQ,CAAC;KACtC,CAAC;IAEF,MAAM,UAAU,GAAuB;QACrC,GAAG,4BAA4B,CAAC,OAAO,EAAE,QAAQ,CAAC;QAClD,GAAG,0BAA0B,CAAC,OAAO,EAAE,QAAQ,CAAC;QAChD,GAAG,8BAA8B,CAAC,OAAO,EAAE,QAAQ,CAAC;KACrD,CAAC;IAEF,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAC1B,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,YAAY,IAAI,CAAC,CAAC,IAAI,KAAK,UAAU,IAAI,CAAC,CAAC,IAAI,KAAK,YAAY,CACnF,CAAC;IACF,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,WAAW,CAAC,CAAC;IAC/D,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,UAAU,CAAC,CAAC;IAE7D,MAAM,UAAU,GAAG,MAAM,CAAC,CAAC,CAAC,CAAC,SAAS,IAAI,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC;IAExE,OAAO;QACL,QAAQ;QACR,UAAU;QACV,MAAM;QACN,SAAS;QACT,QAAQ;QACR,UAAU;KACX,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,iBAAiB;AACjB,+EAA+E;AAE/E,MAAM,OAAO,kBAAmB,SAAQ,aAAa;IAC1C,EAAE,GAAG,sBAAsB,CAAC;IAC5B,IAAI,GAAG,sBAAsB,CAAC;IAC9B,WAAW,GAClB,8EAA8E,CAAC;IACxE,QAAQ,GAAoB,UAAU,CAAC;IACvC,WAAW,GAAG,aAAa,CAAC;IAC5B,kBAAkB,GAAe,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,CAAC,CAAC;IAEjF,KAAK,CAAC,MAAM,CAAC,OAAyB;QACpC,IAAI,CAAC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC7C,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClC,CAAC;QAED,MAAM,QAAQ,GAAG,iBAAiB,CAAC,OAAO,CAAC,OAAO,EAAE,OAAO,CAAC,IAAI,CAAC,CAAC;QAElE,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACvE,OAAO,IAAI,CAAC,iBAAiB,EAAE,CAAC;QAClC,CAAC;QAED,OAAO,IAAI,CAAC,YAAY,CAAC,EAAE,EAAE,EAAE,EAAE,QAAQ,CAAC,UAAU,EAAE;YACpD,MAAM,EAAE;gBACN,QAAQ,EAAE,QAAQ,CAAC,QAAQ;gBAC3B,UAAU,EAAE,QAAQ,CAAC,UAAU;gBAC/B,MAAM,EAAE,QAAQ,CAAC,MAAM;gBACvB,SAAS,EAAE,QAAQ,CAAC,SAAS;gBAC7B,QAAQ,EAAE,QAAQ,CAAC,QAAQ;aAC5B;SACF,CAAC,CAAC;IACL,CAAC;IAED,gBAAgB,CAAC,UAAqB;QACpC,OAAO,IAAI,CAAC;IACd,CAAC;CACF;AAED,MAAM,UAAU,wBAAwB;IACtC,OAAO,IAAI,kBAAkB,EAAE,CAAC;AAClC,CAAC"}