erosolar-cli 1.7.325 → 1.7.327
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -148
- package/dist/bin/erosolar.js +5 -21
- package/dist/bin/erosolar.js.map +1 -1
- package/dist/capabilities/agentSpawningCapability.d.ts.map +1 -1
- package/dist/capabilities/agentSpawningCapability.js +56 -31
- package/dist/capabilities/agentSpawningCapability.js.map +1 -1
- package/dist/contracts/agent-schemas.json +0 -15
- package/dist/contracts/tools.schema.json +0 -9
- package/dist/core/agent.d.ts +2 -2
- package/dist/core/agent.d.ts.map +1 -1
- package/dist/core/agent.js.map +1 -1
- package/dist/core/customCommands.d.ts +1 -0
- package/dist/core/customCommands.d.ts.map +1 -1
- package/dist/core/customCommands.js +3 -0
- package/dist/core/customCommands.js.map +1 -1
- package/dist/core/hooks.d.ts +113 -0
- package/dist/core/hooks.d.ts.map +1 -0
- package/dist/core/hooks.js +267 -0
- package/dist/core/hooks.js.map +1 -0
- package/dist/core/metricsTracker.d.ts +122 -0
- package/dist/core/metricsTracker.d.ts.map +1 -0
- package/dist/{alpha-zero → core}/metricsTracker.js +2 -5
- package/dist/core/metricsTracker.js.map +1 -0
- package/dist/core/securityAssessment.d.ts +91 -0
- package/dist/core/securityAssessment.d.ts.map +1 -0
- package/dist/core/securityAssessment.js +580 -0
- package/dist/core/securityAssessment.js.map +1 -0
- package/dist/core/toolPreconditions.d.ts.map +1 -1
- package/dist/core/toolPreconditions.js +0 -14
- package/dist/core/toolPreconditions.js.map +1 -1
- package/dist/core/toolRuntime.d.ts +22 -1
- package/dist/core/toolRuntime.d.ts.map +1 -1
- package/dist/core/toolRuntime.js +0 -5
- package/dist/core/toolRuntime.js.map +1 -1
- package/dist/core/toolValidation.d.ts.map +1 -1
- package/dist/core/toolValidation.js +14 -3
- package/dist/core/toolValidation.js.map +1 -1
- package/dist/core/validationRunner.d.ts +1 -3
- package/dist/core/validationRunner.d.ts.map +1 -1
- package/dist/core/validationRunner.js.map +1 -1
- package/dist/core/verification.d.ts +137 -0
- package/dist/core/verification.d.ts.map +1 -0
- package/dist/core/verification.js +323 -0
- package/dist/core/verification.js.map +1 -0
- package/dist/headless/headlessApp.d.ts.map +1 -1
- package/dist/headless/headlessApp.js +21 -0
- package/dist/headless/headlessApp.js.map +1 -1
- package/dist/mcp/sseClient.d.ts.map +1 -1
- package/dist/mcp/sseClient.js +9 -18
- package/dist/mcp/sseClient.js.map +1 -1
- package/dist/plugins/tools/build/buildPlugin.d.ts +0 -6
- package/dist/plugins/tools/build/buildPlugin.d.ts.map +1 -1
- package/dist/plugins/tools/build/buildPlugin.js +4 -10
- package/dist/plugins/tools/build/buildPlugin.js.map +1 -1
- package/dist/plugins/tools/nodeDefaults.d.ts.map +1 -1
- package/dist/plugins/tools/nodeDefaults.js +0 -2
- package/dist/plugins/tools/nodeDefaults.js.map +1 -1
- package/dist/runtime/agentSession.d.ts +2 -2
- package/dist/runtime/agentSession.d.ts.map +1 -1
- package/dist/runtime/agentSession.js +2 -2
- package/dist/runtime/agentSession.js.map +1 -1
- package/dist/shell/interactiveShell.d.ts +16 -7
- package/dist/shell/interactiveShell.d.ts.map +1 -1
- package/dist/shell/interactiveShell.js +235 -164
- package/dist/shell/interactiveShell.js.map +1 -1
- package/dist/shell/shellApp.d.ts +2 -0
- package/dist/shell/shellApp.d.ts.map +1 -1
- package/dist/shell/shellApp.js +40 -9
- package/dist/shell/shellApp.js.map +1 -1
- package/dist/shell/systemPrompt.d.ts.map +1 -1
- package/dist/shell/systemPrompt.js +1 -4
- package/dist/shell/systemPrompt.js.map +1 -1
- package/dist/shell/terminalInput.d.ts +149 -116
- package/dist/shell/terminalInput.d.ts.map +1 -1
- package/dist/shell/terminalInput.js +639 -513
- package/dist/shell/terminalInput.js.map +1 -1
- package/dist/shell/terminalInputAdapter.d.ts +79 -20
- package/dist/shell/terminalInputAdapter.d.ts.map +1 -1
- package/dist/shell/terminalInputAdapter.js +99 -30
- package/dist/shell/terminalInputAdapter.js.map +1 -1
- package/dist/subagents/agentConfig.d.ts +27 -0
- package/dist/subagents/agentConfig.d.ts.map +1 -0
- package/dist/subagents/agentConfig.js +89 -0
- package/dist/subagents/agentConfig.js.map +1 -0
- package/dist/subagents/agentRegistry.d.ts +33 -0
- package/dist/subagents/agentRegistry.d.ts.map +1 -0
- package/dist/subagents/agentRegistry.js +162 -0
- package/dist/subagents/agentRegistry.js.map +1 -0
- package/dist/subagents/taskRunner.d.ts +7 -1
- package/dist/subagents/taskRunner.d.ts.map +1 -1
- package/dist/subagents/taskRunner.js +180 -47
- package/dist/subagents/taskRunner.js.map +1 -1
- package/dist/ui/ShellUIAdapter.d.ts.map +1 -1
- package/dist/ui/ShellUIAdapter.js +13 -12
- package/dist/ui/ShellUIAdapter.js.map +1 -1
- package/dist/ui/display.d.ts +24 -45
- package/dist/ui/display.d.ts.map +1 -1
- package/dist/ui/display.js +140 -259
- package/dist/ui/display.js.map +1 -1
- package/dist/ui/theme.d.ts.map +1 -1
- package/dist/ui/theme.js +6 -8
- package/dist/ui/theme.js.map +1 -1
- package/dist/ui/toolDisplay.d.ts +0 -158
- package/dist/ui/toolDisplay.d.ts.map +1 -1
- package/dist/ui/toolDisplay.js +0 -348
- package/dist/ui/toolDisplay.js.map +1 -1
- package/dist/ui/unified/layout.d.ts +1 -0
- package/dist/ui/unified/layout.d.ts.map +1 -1
- package/dist/ui/unified/layout.js +15 -25
- package/dist/ui/unified/layout.js.map +1 -1
- package/dist/utils/frontmatter.d.ts +10 -0
- package/dist/utils/frontmatter.d.ts.map +1 -0
- package/dist/utils/frontmatter.js +78 -0
- package/dist/utils/frontmatter.js.map +1 -0
- package/package.json +4 -4
- package/dist/alpha-zero/agentWrapper.d.ts +0 -84
- package/dist/alpha-zero/agentWrapper.d.ts.map +0 -1
- package/dist/alpha-zero/agentWrapper.js +0 -171
- package/dist/alpha-zero/agentWrapper.js.map +0 -1
- package/dist/alpha-zero/codeEvaluator.d.ts +0 -25
- package/dist/alpha-zero/codeEvaluator.d.ts.map +0 -1
- package/dist/alpha-zero/codeEvaluator.js +0 -273
- package/dist/alpha-zero/codeEvaluator.js.map +0 -1
- package/dist/alpha-zero/competitiveRunner.d.ts +0 -66
- package/dist/alpha-zero/competitiveRunner.d.ts.map +0 -1
- package/dist/alpha-zero/competitiveRunner.js +0 -224
- package/dist/alpha-zero/competitiveRunner.js.map +0 -1
- package/dist/alpha-zero/index.d.ts +0 -67
- package/dist/alpha-zero/index.d.ts.map +0 -1
- package/dist/alpha-zero/index.js +0 -99
- package/dist/alpha-zero/index.js.map +0 -1
- package/dist/alpha-zero/introspection.d.ts +0 -128
- package/dist/alpha-zero/introspection.d.ts.map +0 -1
- package/dist/alpha-zero/introspection.js +0 -300
- package/dist/alpha-zero/introspection.js.map +0 -1
- package/dist/alpha-zero/metricsTracker.d.ts +0 -71
- package/dist/alpha-zero/metricsTracker.d.ts.map +0 -1
- package/dist/alpha-zero/metricsTracker.js.map +0 -1
- package/dist/alpha-zero/security/core.d.ts +0 -125
- package/dist/alpha-zero/security/core.d.ts.map +0 -1
- package/dist/alpha-zero/security/core.js +0 -271
- package/dist/alpha-zero/security/core.js.map +0 -1
- package/dist/alpha-zero/security/google.d.ts +0 -125
- package/dist/alpha-zero/security/google.d.ts.map +0 -1
- package/dist/alpha-zero/security/google.js +0 -311
- package/dist/alpha-zero/security/google.js.map +0 -1
- package/dist/alpha-zero/security/googleLoader.d.ts +0 -17
- package/dist/alpha-zero/security/googleLoader.d.ts.map +0 -1
- package/dist/alpha-zero/security/googleLoader.js +0 -41
- package/dist/alpha-zero/security/googleLoader.js.map +0 -1
- package/dist/alpha-zero/security/index.d.ts +0 -29
- package/dist/alpha-zero/security/index.d.ts.map +0 -1
- package/dist/alpha-zero/security/index.js +0 -32
- package/dist/alpha-zero/security/index.js.map +0 -1
- package/dist/alpha-zero/security/simulation.d.ts +0 -124
- package/dist/alpha-zero/security/simulation.d.ts.map +0 -1
- package/dist/alpha-zero/security/simulation.js +0 -277
- package/dist/alpha-zero/security/simulation.js.map +0 -1
- package/dist/alpha-zero/selfModification.d.ts +0 -109
- package/dist/alpha-zero/selfModification.d.ts.map +0 -1
- package/dist/alpha-zero/selfModification.js +0 -233
- package/dist/alpha-zero/selfModification.js.map +0 -1
- package/dist/alpha-zero/types.d.ts +0 -170
- package/dist/alpha-zero/types.d.ts.map +0 -1
- package/dist/alpha-zero/types.js +0 -31
- package/dist/alpha-zero/types.js.map +0 -1
- package/dist/capabilities/securityTestingCapability.d.ts +0 -13
- package/dist/capabilities/securityTestingCapability.d.ts.map +0 -1
- package/dist/capabilities/securityTestingCapability.js +0 -25
- package/dist/capabilities/securityTestingCapability.js.map +0 -1
- package/dist/core/aiFlowOptimizer.d.ts +0 -26
- package/dist/core/aiFlowOptimizer.d.ts.map +0 -1
- package/dist/core/aiFlowOptimizer.js +0 -31
- package/dist/core/aiFlowOptimizer.js.map +0 -1
- package/dist/core/aiOptimizationEngine.d.ts +0 -158
- package/dist/core/aiOptimizationEngine.d.ts.map +0 -1
- package/dist/core/aiOptimizationEngine.js +0 -428
- package/dist/core/aiOptimizationEngine.js.map +0 -1
- package/dist/core/aiOptimizationIntegration.d.ts +0 -93
- package/dist/core/aiOptimizationIntegration.d.ts.map +0 -1
- package/dist/core/aiOptimizationIntegration.js +0 -250
- package/dist/core/aiOptimizationIntegration.js.map +0 -1
- package/dist/core/enhancedErrorRecovery.d.ts +0 -100
- package/dist/core/enhancedErrorRecovery.d.ts.map +0 -1
- package/dist/core/enhancedErrorRecovery.js +0 -345
- package/dist/core/enhancedErrorRecovery.js.map +0 -1
- package/dist/core/hooksSystem.d.ts +0 -65
- package/dist/core/hooksSystem.d.ts.map +0 -1
- package/dist/core/hooksSystem.js +0 -273
- package/dist/core/hooksSystem.js.map +0 -1
- package/dist/core/memorySystem.d.ts +0 -48
- package/dist/core/memorySystem.d.ts.map +0 -1
- package/dist/core/memorySystem.js +0 -271
- package/dist/core/memorySystem.js.map +0 -1
- package/dist/core/unified/errors.d.ts +0 -189
- package/dist/core/unified/errors.d.ts.map +0 -1
- package/dist/core/unified/errors.js +0 -497
- package/dist/core/unified/errors.js.map +0 -1
- package/dist/core/unified/index.d.ts +0 -19
- package/dist/core/unified/index.d.ts.map +0 -1
- package/dist/core/unified/index.js +0 -68
- package/dist/core/unified/index.js.map +0 -1
- package/dist/core/unified/schema.d.ts +0 -101
- package/dist/core/unified/schema.d.ts.map +0 -1
- package/dist/core/unified/schema.js +0 -350
- package/dist/core/unified/schema.js.map +0 -1
- package/dist/core/unified/toolRuntime.d.ts +0 -179
- package/dist/core/unified/toolRuntime.d.ts.map +0 -1
- package/dist/core/unified/toolRuntime.js +0 -517
- package/dist/core/unified/toolRuntime.js.map +0 -1
- package/dist/core/unified/tools.d.ts +0 -127
- package/dist/core/unified/tools.d.ts.map +0 -1
- package/dist/core/unified/tools.js +0 -1333
- package/dist/core/unified/tools.js.map +0 -1
- package/dist/core/unified/types.d.ts +0 -352
- package/dist/core/unified/types.d.ts.map +0 -1
- package/dist/core/unified/types.js +0 -12
- package/dist/core/unified/types.js.map +0 -1
- package/dist/core/unified/version.d.ts +0 -209
- package/dist/core/unified/version.d.ts.map +0 -1
- package/dist/core/unified/version.js +0 -454
- package/dist/core/unified/version.js.map +0 -1
- package/dist/plugins/tools/security/securityPlugin.d.ts +0 -3
- package/dist/plugins/tools/security/securityPlugin.d.ts.map +0 -1
- package/dist/plugins/tools/security/securityPlugin.js +0 -12
- package/dist/plugins/tools/security/securityPlugin.js.map +0 -1
- package/dist/security/active-stack-security.d.ts +0 -112
- package/dist/security/active-stack-security.d.ts.map +0 -1
- package/dist/security/active-stack-security.js +0 -296
- package/dist/security/active-stack-security.js.map +0 -1
- package/dist/security/advanced-persistence-research.d.ts +0 -92
- package/dist/security/advanced-persistence-research.d.ts.map +0 -1
- package/dist/security/advanced-persistence-research.js +0 -195
- package/dist/security/advanced-persistence-research.js.map +0 -1
- package/dist/security/advanced-targeting.d.ts +0 -119
- package/dist/security/advanced-targeting.d.ts.map +0 -1
- package/dist/security/advanced-targeting.js +0 -233
- package/dist/security/advanced-targeting.js.map +0 -1
- package/dist/security/assessment/vulnerabilityAssessment.d.ts +0 -104
- package/dist/security/assessment/vulnerabilityAssessment.d.ts.map +0 -1
- package/dist/security/assessment/vulnerabilityAssessment.js +0 -315
- package/dist/security/assessment/vulnerabilityAssessment.js.map +0 -1
- package/dist/security/authorization/securityAuthorization.d.ts +0 -88
- package/dist/security/authorization/securityAuthorization.d.ts.map +0 -1
- package/dist/security/authorization/securityAuthorization.js +0 -172
- package/dist/security/authorization/securityAuthorization.js.map +0 -1
- package/dist/security/comprehensive-targeting.d.ts +0 -85
- package/dist/security/comprehensive-targeting.d.ts.map +0 -1
- package/dist/security/comprehensive-targeting.js +0 -438
- package/dist/security/comprehensive-targeting.js.map +0 -1
- package/dist/security/global-security-integration.d.ts +0 -91
- package/dist/security/global-security-integration.d.ts.map +0 -1
- package/dist/security/global-security-integration.js +0 -218
- package/dist/security/global-security-integration.js.map +0 -1
- package/dist/security/index.d.ts +0 -38
- package/dist/security/index.d.ts.map +0 -1
- package/dist/security/index.js +0 -47
- package/dist/security/index.js.map +0 -1
- package/dist/security/persistence-analyzer.d.ts +0 -56
- package/dist/security/persistence-analyzer.d.ts.map +0 -1
- package/dist/security/persistence-analyzer.js +0 -187
- package/dist/security/persistence-analyzer.js.map +0 -1
- package/dist/security/persistence-cli.d.ts +0 -36
- package/dist/security/persistence-cli.d.ts.map +0 -1
- package/dist/security/persistence-cli.js +0 -160
- package/dist/security/persistence-cli.js.map +0 -1
- package/dist/security/persistence-research.d.ts +0 -92
- package/dist/security/persistence-research.d.ts.map +0 -1
- package/dist/security/persistence-research.js +0 -364
- package/dist/security/persistence-research.js.map +0 -1
- package/dist/security/research/persistenceResearch.d.ts +0 -97
- package/dist/security/research/persistenceResearch.d.ts.map +0 -1
- package/dist/security/research/persistenceResearch.js +0 -282
- package/dist/security/research/persistenceResearch.js.map +0 -1
- package/dist/security/security-integration.d.ts +0 -74
- package/dist/security/security-integration.d.ts.map +0 -1
- package/dist/security/security-integration.js +0 -137
- package/dist/security/security-integration.js.map +0 -1
- package/dist/security/security-testing-framework.d.ts +0 -112
- package/dist/security/security-testing-framework.d.ts.map +0 -1
- package/dist/security/security-testing-framework.js +0 -364
- package/dist/security/security-testing-framework.js.map +0 -1
- package/dist/security/simulation/attackSimulation.d.ts +0 -93
- package/dist/security/simulation/attackSimulation.d.ts.map +0 -1
- package/dist/security/simulation/attackSimulation.js +0 -341
- package/dist/security/simulation/attackSimulation.js.map +0 -1
- package/dist/security/strategic-operations.d.ts +0 -100
- package/dist/security/strategic-operations.d.ts.map +0 -1
- package/dist/security/strategic-operations.js +0 -276
- package/dist/security/strategic-operations.js.map +0 -1
- package/dist/security/tool-security-wrapper.d.ts +0 -58
- package/dist/security/tool-security-wrapper.d.ts.map +0 -1
- package/dist/security/tool-security-wrapper.js +0 -156
- package/dist/security/tool-security-wrapper.js.map +0 -1
- package/dist/shell/claudeCodeStreamHandler.d.ts +0 -145
- package/dist/shell/claudeCodeStreamHandler.d.ts.map +0 -1
- package/dist/shell/claudeCodeStreamHandler.js +0 -322
- package/dist/shell/claudeCodeStreamHandler.js.map +0 -1
- package/dist/shell/inputQueueManager.d.ts +0 -144
- package/dist/shell/inputQueueManager.d.ts.map +0 -1
- package/dist/shell/inputQueueManager.js +0 -290
- package/dist/shell/inputQueueManager.js.map +0 -1
- package/dist/shell/metricsTracker.d.ts +0 -60
- package/dist/shell/metricsTracker.d.ts.map +0 -1
- package/dist/shell/metricsTracker.js +0 -119
- package/dist/shell/metricsTracker.js.map +0 -1
- package/dist/shell/streamingOutputManager.d.ts +0 -115
- package/dist/shell/streamingOutputManager.d.ts.map +0 -1
- package/dist/shell/streamingOutputManager.js +0 -225
- package/dist/shell/streamingOutputManager.js.map +0 -1
- package/dist/tools/securityTools.d.ts +0 -22
- package/dist/tools/securityTools.d.ts.map +0 -1
- package/dist/tools/securityTools.js +0 -448
- package/dist/tools/securityTools.js.map +0 -1
- package/dist/ui/persistentPrompt.d.ts +0 -50
- package/dist/ui/persistentPrompt.d.ts.map +0 -1
- package/dist/ui/persistentPrompt.js +0 -92
- package/dist/ui/persistentPrompt.js.map +0 -1
- package/dist/ui/terminalUISchema.d.ts +0 -195
- package/dist/ui/terminalUISchema.d.ts.map +0 -1
- package/dist/ui/terminalUISchema.js +0 -113
- package/dist/ui/terminalUISchema.js.map +0 -1
- package/scripts/deploy-security-capabilities.js +0 -178
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"securityAssessment.d.ts","sourceRoot":"","sources":["../../src/core/securityAssessment.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAMH;;GAEG;AACH,MAAM,WAAW,4BAA4B;IAC3C,4EAA4E;IAC5E,kBAAkB,EAAE,OAAO,CAAC;IAC5B,4DAA4D;IAC5D,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,8BAA8B;IAC9B,YAAY,EAAE,IAAI,CAAC;IACnB,iCAAiC;IACjC,WAAW,EAAE,aAAa,GAAG,iBAAiB,GAAG,kBAAkB,GAAG,KAAK,GAAG,iBAAiB,CAAC;CACjG;AAED;;GAEG;AACH,MAAM,WAAW,oBAAoB;IACnC,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC1D,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE;QACR,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,IAAI,CAAC,EAAE,MAAM,CAAC;QACd,OAAO,CAAC,EAAE,MAAM,CAAC;KAClB,CAAC;IACF,WAAW,EAAE,MAAM,CAAC;IACpB,UAAU,EAAE,MAAM,EAAE,CAAC;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED;;GAEG;AACH,MAAM,WAAW,wBAAwB;IACvC,OAAO,EAAE,OAAO,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,SAAS,EAAE,IAAI,CAAC;IAChB,QAAQ,EAAE,oBAAoB,EAAE,CAAC;IACjC,OAAO,EAAE;QACP,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,IAAI,EAAE,MAAM,CAAC;KACd,CAAC;IACF,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AA+JD;;GAEG;AACH,wBAAgB,mBAAmB,CACjC,OAAO,EAAE,4BAA4B,EACrC,UAAU,EAAE,MAAM,GACjB;IAAE,UAAU,EAAE,OAAO,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAiC1C;AAED;;GAEG;AACH,wBAAgB,cAAc,CAC5B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,4BAA4B,GACpC,wBAAwB,CA6F1B;AAED;;GAEG;AACH,wBAAgB,WAAW,CACzB,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,4BAA4B,GACpC,wBAAwB,CAoG1B;AAED;;GAEG;AACH,wBAAgB,gBAAgB,CAC9B,SAAS,EAAE,MAAM,EACjB,OAAO,EAAE,4BAA4B,GACpC,wBAAwB,CAqG1B;AAuCD;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,wBAAwB,GAAG,MAAM,CAuD/E;AAED;;GAEG;AACH,wBAAgB,0BAA0B,CACxC,KAAK,EAAE,MAAM,EAAE,EACf,WAAW,EAAE,4BAA4B,CAAC,aAAa,CAAC,GACvD,4BAA4B,CAO9B"}
|
|
@@ -0,0 +1,580 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Authorized Security Assessment Framework
|
|
3
|
+
*
|
|
4
|
+
* Ethical security testing that requires explicit authorization.
|
|
5
|
+
* Focuses on defensive assessment and remediation guidance.
|
|
6
|
+
*
|
|
7
|
+
* Use cases:
|
|
8
|
+
* - Scanning YOUR OWN code for vulnerabilities
|
|
9
|
+
* - OWASP-style security checklists
|
|
10
|
+
* - Dependency vulnerability analysis
|
|
11
|
+
* - Secret detection in codebases you own
|
|
12
|
+
* - CTF challenge assistance
|
|
13
|
+
*/
|
|
14
|
+
import { readFileSync, readdirSync, statSync } from 'node:fs';
|
|
15
|
+
import { join, extname, relative } from 'node:path';
|
|
16
|
+
import { execSync } from 'node:child_process';
|
|
17
|
+
// Common vulnerability patterns for static analysis
|
|
18
|
+
const VULNERABILITY_PATTERNS = {
|
|
19
|
+
// Injection vulnerabilities
|
|
20
|
+
sqlInjection: {
|
|
21
|
+
patterns: [
|
|
22
|
+
/`.*\$\{.*\}.*`.*(?:SELECT|INSERT|UPDATE|DELETE|FROM|WHERE)/gi,
|
|
23
|
+
/(?:execute|query|prepare)\s*\(\s*[`'"].*\+/gi,
|
|
24
|
+
/\.(?:raw|unsafeRaw)\s*\(/gi,
|
|
25
|
+
],
|
|
26
|
+
severity: 'critical',
|
|
27
|
+
category: 'Injection',
|
|
28
|
+
title: 'Potential SQL Injection',
|
|
29
|
+
cwe: 'CWE-89',
|
|
30
|
+
owasp: 'A03:2021 Injection',
|
|
31
|
+
remediation: 'Use parameterized queries or prepared statements. Never concatenate user input into SQL strings.',
|
|
32
|
+
},
|
|
33
|
+
commandInjection: {
|
|
34
|
+
patterns: [
|
|
35
|
+
/exec(?:Sync)?\s*\(\s*[`'"].*\$\{/gi,
|
|
36
|
+
/spawn(?:Sync)?\s*\(\s*[`'"].*\$\{/gi,
|
|
37
|
+
/child_process.*exec.*\+/gi,
|
|
38
|
+
],
|
|
39
|
+
severity: 'critical',
|
|
40
|
+
category: 'Injection',
|
|
41
|
+
title: 'Potential Command Injection',
|
|
42
|
+
cwe: 'CWE-78',
|
|
43
|
+
owasp: 'A03:2021 Injection',
|
|
44
|
+
remediation: 'Avoid shell commands with user input. Use parameterized APIs or strict input validation.',
|
|
45
|
+
},
|
|
46
|
+
xss: {
|
|
47
|
+
patterns: [
|
|
48
|
+
/innerHTML\s*=\s*[^;]*\$/gi,
|
|
49
|
+
/dangerouslySetInnerHTML/gi,
|
|
50
|
+
/document\.write\s*\(/gi,
|
|
51
|
+
/\.html\s*\(\s*[^)]*\$/gi,
|
|
52
|
+
],
|
|
53
|
+
severity: 'high',
|
|
54
|
+
category: 'XSS',
|
|
55
|
+
title: 'Potential Cross-Site Scripting',
|
|
56
|
+
cwe: 'CWE-79',
|
|
57
|
+
owasp: 'A03:2021 Injection',
|
|
58
|
+
remediation: 'Use safe DOM manipulation methods. Sanitize all user input before rendering.',
|
|
59
|
+
},
|
|
60
|
+
pathTraversal: {
|
|
61
|
+
patterns: [
|
|
62
|
+
/(?:readFile|writeFile|unlink|rmdir).*\+.*(?:req\.|params\.|query\.)/gi,
|
|
63
|
+
/\.\.\/.*\$\{/gi,
|
|
64
|
+
/path\.join\s*\([^)]*(?:req\.|params\.|query\.)/gi,
|
|
65
|
+
],
|
|
66
|
+
severity: 'high',
|
|
67
|
+
category: 'Path Traversal',
|
|
68
|
+
title: 'Potential Path Traversal',
|
|
69
|
+
cwe: 'CWE-22',
|
|
70
|
+
owasp: 'A01:2021 Broken Access Control',
|
|
71
|
+
remediation: 'Validate and sanitize file paths. Use path.resolve() and verify paths stay within expected directories.',
|
|
72
|
+
},
|
|
73
|
+
// Authentication/Authorization
|
|
74
|
+
hardcodedCredentials: {
|
|
75
|
+
patterns: [
|
|
76
|
+
/(?:password|passwd|pwd|secret|api_key|apikey|token)\s*[:=]\s*['"]\w{8,}['"]/gi,
|
|
77
|
+
/(?:BEGIN\s+(?:RSA\s+)?PRIVATE\s+KEY)/gi,
|
|
78
|
+
/(?:aws_access_key_id|aws_secret_access_key)\s*[:=]/gi,
|
|
79
|
+
],
|
|
80
|
+
severity: 'critical',
|
|
81
|
+
category: 'Secrets',
|
|
82
|
+
title: 'Hardcoded Credentials',
|
|
83
|
+
cwe: 'CWE-798',
|
|
84
|
+
owasp: 'A07:2021 Identification and Authentication Failures',
|
|
85
|
+
remediation: 'Use environment variables or secure secret management. Never commit secrets to version control.',
|
|
86
|
+
},
|
|
87
|
+
weakCrypto: {
|
|
88
|
+
patterns: [
|
|
89
|
+
/createHash\s*\(\s*['"](?:md5|sha1)['"]\s*\)/gi,
|
|
90
|
+
/crypto\.(?:createCipher|createDecipher)\s*\(/gi,
|
|
91
|
+
/DES|RC4|Blowfish/gi,
|
|
92
|
+
],
|
|
93
|
+
severity: 'medium',
|
|
94
|
+
category: 'Cryptography',
|
|
95
|
+
title: 'Weak Cryptographic Algorithm',
|
|
96
|
+
cwe: 'CWE-327',
|
|
97
|
+
owasp: 'A02:2021 Cryptographic Failures',
|
|
98
|
+
remediation: 'Use strong algorithms: SHA-256+, AES-256-GCM, bcrypt/argon2 for passwords.',
|
|
99
|
+
},
|
|
100
|
+
// Insecure configuration
|
|
101
|
+
debugEnabled: {
|
|
102
|
+
patterns: [
|
|
103
|
+
/DEBUG\s*[:=]\s*['"]?true['"]?/gi,
|
|
104
|
+
/NODE_ENV\s*[:=]\s*['"]development['"]/gi,
|
|
105
|
+
/console\.(?:log|debug|trace)\s*\([^)]*(?:password|token|secret|key)/gi,
|
|
106
|
+
],
|
|
107
|
+
severity: 'medium',
|
|
108
|
+
category: 'Configuration',
|
|
109
|
+
title: 'Debug Mode / Sensitive Logging',
|
|
110
|
+
cwe: 'CWE-489',
|
|
111
|
+
owasp: 'A05:2021 Security Misconfiguration',
|
|
112
|
+
remediation: 'Disable debug mode in production. Never log sensitive data.',
|
|
113
|
+
},
|
|
114
|
+
corsWildcard: {
|
|
115
|
+
patterns: [
|
|
116
|
+
/Access-Control-Allow-Origin.*\*/gi,
|
|
117
|
+
/cors\s*\(\s*\{[^}]*origin\s*:\s*['"]\*['"]/gi,
|
|
118
|
+
/cors\s*\(\s*\)/gi,
|
|
119
|
+
],
|
|
120
|
+
severity: 'medium',
|
|
121
|
+
category: 'Configuration',
|
|
122
|
+
title: 'Overly Permissive CORS',
|
|
123
|
+
cwe: 'CWE-942',
|
|
124
|
+
owasp: 'A05:2021 Security Misconfiguration',
|
|
125
|
+
remediation: 'Restrict CORS to specific trusted origins. Avoid wildcard (*) in production.',
|
|
126
|
+
},
|
|
127
|
+
// Unsafe patterns
|
|
128
|
+
evalUsage: {
|
|
129
|
+
patterns: [
|
|
130
|
+
/\beval\s*\(/gi,
|
|
131
|
+
/new\s+Function\s*\(/gi,
|
|
132
|
+
/setTimeout\s*\(\s*['"]/gi,
|
|
133
|
+
/setInterval\s*\(\s*['"]/gi,
|
|
134
|
+
],
|
|
135
|
+
severity: 'high',
|
|
136
|
+
category: 'Code Execution',
|
|
137
|
+
title: 'Dynamic Code Execution',
|
|
138
|
+
cwe: 'CWE-95',
|
|
139
|
+
owasp: 'A03:2021 Injection',
|
|
140
|
+
remediation: 'Avoid eval() and new Function(). Use safe alternatives like JSON.parse() for data.',
|
|
141
|
+
},
|
|
142
|
+
prototypePollutiion: {
|
|
143
|
+
patterns: [
|
|
144
|
+
/Object\.assign\s*\([^,]+,\s*(?:req\.|params\.|query\.|body\.)/gi,
|
|
145
|
+
/\[.*\]\s*=.*(?:req\.|params\.|query\.|body\.)/gi,
|
|
146
|
+
/__proto__|constructor\.prototype/gi,
|
|
147
|
+
],
|
|
148
|
+
severity: 'high',
|
|
149
|
+
category: 'Object Manipulation',
|
|
150
|
+
title: 'Potential Prototype Pollution',
|
|
151
|
+
cwe: 'CWE-1321',
|
|
152
|
+
owasp: 'A03:2021 Injection',
|
|
153
|
+
remediation: 'Use Object.create(null) for dictionaries. Validate object keys before assignment.',
|
|
154
|
+
},
|
|
155
|
+
};
|
|
156
|
+
// Secret patterns for detection
|
|
157
|
+
const SECRET_PATTERNS = [
|
|
158
|
+
{ name: 'AWS Access Key', pattern: /AKIA[0-9A-Z]{16}/g },
|
|
159
|
+
{ name: 'AWS Secret Key', pattern: /[A-Za-z0-9/+=]{40}/g },
|
|
160
|
+
{ name: 'GitHub Token', pattern: /gh[pousr]_[A-Za-z0-9_]{36,}/g },
|
|
161
|
+
{ name: 'Slack Token', pattern: /xox[baprs]-[0-9]{10,13}-[0-9]{10,13}-[a-zA-Z0-9]{24}/g },
|
|
162
|
+
{ name: 'Stripe Key', pattern: /sk_live_[0-9a-zA-Z]{24}/g },
|
|
163
|
+
{ name: 'RSA Private Key', pattern: /-----BEGIN RSA PRIVATE KEY-----/g },
|
|
164
|
+
{ name: 'Generic API Key', pattern: /(?:api[_-]?key|apikey)\s*[:=]\s*['"][A-Za-z0-9_\-]{20,}['"]/gi },
|
|
165
|
+
{ name: 'Generic Secret', pattern: /(?:secret|password|passwd)\s*[:=]\s*['"][^'"]{8,}['"]/gi },
|
|
166
|
+
{ name: 'JWT Token', pattern: /eyJ[A-Za-z0-9_-]*\.eyJ[A-Za-z0-9_-]*\.[A-Za-z0-9_-]*/g },
|
|
167
|
+
{ name: 'NPM Token', pattern: /npm_[A-Za-z0-9]{36}/g },
|
|
168
|
+
];
|
|
169
|
+
/**
|
|
170
|
+
* Verify authorization before any security testing
|
|
171
|
+
*/
|
|
172
|
+
export function verifyAuthorization(context, targetPath) {
|
|
173
|
+
if (!context.ownershipConfirmed) {
|
|
174
|
+
return {
|
|
175
|
+
authorized: false,
|
|
176
|
+
reason: 'You must confirm ownership/permission before security testing.',
|
|
177
|
+
};
|
|
178
|
+
}
|
|
179
|
+
// Check if target is within authorized scope
|
|
180
|
+
const isInScope = context.authorizedScope.some((scope) => {
|
|
181
|
+
if (scope.startsWith('/')) {
|
|
182
|
+
return targetPath.startsWith(scope);
|
|
183
|
+
}
|
|
184
|
+
return targetPath.includes(scope);
|
|
185
|
+
});
|
|
186
|
+
if (!isInScope) {
|
|
187
|
+
return {
|
|
188
|
+
authorized: false,
|
|
189
|
+
reason: `Target "${targetPath}" is not within authorized scope: ${context.authorizedScope.join(', ')}`,
|
|
190
|
+
};
|
|
191
|
+
}
|
|
192
|
+
// Check authorization is recent (within 24 hours)
|
|
193
|
+
const hoursSinceAuth = (Date.now() - context.authorizedAt.getTime()) / (1000 * 60 * 60);
|
|
194
|
+
if (hoursSinceAuth > 24) {
|
|
195
|
+
return {
|
|
196
|
+
authorized: false,
|
|
197
|
+
reason: 'Authorization expired. Please re-authorize (valid for 24 hours).',
|
|
198
|
+
};
|
|
199
|
+
}
|
|
200
|
+
return { authorized: true };
|
|
201
|
+
}
|
|
202
|
+
/**
|
|
203
|
+
* Scan source code for vulnerabilities
|
|
204
|
+
*/
|
|
205
|
+
export function scanSourceCode(directory, context) {
|
|
206
|
+
const authCheck = verifyAuthorization(context, directory);
|
|
207
|
+
if (!authCheck.authorized) {
|
|
208
|
+
return {
|
|
209
|
+
success: false,
|
|
210
|
+
scanType: 'source-code',
|
|
211
|
+
scope: [directory],
|
|
212
|
+
timestamp: new Date(),
|
|
213
|
+
findings: [],
|
|
214
|
+
summary: { critical: 0, high: 0, medium: 0, low: 0, info: 0 },
|
|
215
|
+
recommendations: [authCheck.reason ?? 'Authorization failed'],
|
|
216
|
+
};
|
|
217
|
+
}
|
|
218
|
+
const findings = [];
|
|
219
|
+
const extensions = ['.js', '.ts', '.jsx', '.tsx', '.mjs', '.cjs'];
|
|
220
|
+
function scanFile(filePath) {
|
|
221
|
+
const ext = extname(filePath);
|
|
222
|
+
if (!extensions.includes(ext))
|
|
223
|
+
return;
|
|
224
|
+
let content;
|
|
225
|
+
try {
|
|
226
|
+
content = readFileSync(filePath, 'utf-8');
|
|
227
|
+
}
|
|
228
|
+
catch {
|
|
229
|
+
return;
|
|
230
|
+
}
|
|
231
|
+
const lines = content.split('\n');
|
|
232
|
+
for (const [vulnName, vulnConfig] of Object.entries(VULNERABILITY_PATTERNS)) {
|
|
233
|
+
for (const pattern of vulnConfig.patterns) {
|
|
234
|
+
const matches = content.matchAll(new RegExp(pattern.source, pattern.flags));
|
|
235
|
+
for (const match of matches) {
|
|
236
|
+
const lineNumber = content.substring(0, match.index ?? 0).split('\n').length;
|
|
237
|
+
const snippetLine = lines[lineNumber - 1] ?? '';
|
|
238
|
+
findings.push({
|
|
239
|
+
id: `${vulnName}-${filePath}-${lineNumber}`,
|
|
240
|
+
severity: vulnConfig.severity,
|
|
241
|
+
category: vulnConfig.category,
|
|
242
|
+
title: vulnConfig.title,
|
|
243
|
+
description: `Found pattern matching potential ${vulnConfig.title.toLowerCase()}.`,
|
|
244
|
+
location: {
|
|
245
|
+
file: relative(directory, filePath),
|
|
246
|
+
line: lineNumber,
|
|
247
|
+
snippet: snippetLine.trim().substring(0, 100),
|
|
248
|
+
},
|
|
249
|
+
remediation: vulnConfig.remediation,
|
|
250
|
+
references: [
|
|
251
|
+
`https://cwe.mitre.org/data/definitions/${vulnConfig.cwe?.replace('CWE-', '')}.html`,
|
|
252
|
+
],
|
|
253
|
+
cwe: vulnConfig.cwe,
|
|
254
|
+
owasp: vulnConfig.owasp,
|
|
255
|
+
});
|
|
256
|
+
}
|
|
257
|
+
}
|
|
258
|
+
}
|
|
259
|
+
}
|
|
260
|
+
function scanDirectory(dir) {
|
|
261
|
+
const entries = readdirSync(dir);
|
|
262
|
+
for (const entry of entries) {
|
|
263
|
+
if (entry === 'node_modules' || entry === '.git' || entry === 'dist')
|
|
264
|
+
continue;
|
|
265
|
+
const fullPath = join(dir, entry);
|
|
266
|
+
const stat = statSync(fullPath);
|
|
267
|
+
if (stat.isDirectory()) {
|
|
268
|
+
scanDirectory(fullPath);
|
|
269
|
+
}
|
|
270
|
+
else {
|
|
271
|
+
scanFile(fullPath);
|
|
272
|
+
}
|
|
273
|
+
}
|
|
274
|
+
}
|
|
275
|
+
scanDirectory(directory);
|
|
276
|
+
const summary = {
|
|
277
|
+
critical: findings.filter((f) => f.severity === 'critical').length,
|
|
278
|
+
high: findings.filter((f) => f.severity === 'high').length,
|
|
279
|
+
medium: findings.filter((f) => f.severity === 'medium').length,
|
|
280
|
+
low: findings.filter((f) => f.severity === 'low').length,
|
|
281
|
+
info: findings.filter((f) => f.severity === 'info').length,
|
|
282
|
+
};
|
|
283
|
+
return {
|
|
284
|
+
success: true,
|
|
285
|
+
scanType: 'source-code',
|
|
286
|
+
scope: [directory],
|
|
287
|
+
timestamp: new Date(),
|
|
288
|
+
findings,
|
|
289
|
+
summary,
|
|
290
|
+
recommendations: generateRecommendations(findings),
|
|
291
|
+
};
|
|
292
|
+
}
|
|
293
|
+
/**
|
|
294
|
+
* Scan for hardcoded secrets
|
|
295
|
+
*/
|
|
296
|
+
export function scanSecrets(directory, context) {
|
|
297
|
+
const authCheck = verifyAuthorization(context, directory);
|
|
298
|
+
if (!authCheck.authorized) {
|
|
299
|
+
return {
|
|
300
|
+
success: false,
|
|
301
|
+
scanType: 'secret-detection',
|
|
302
|
+
scope: [directory],
|
|
303
|
+
timestamp: new Date(),
|
|
304
|
+
findings: [],
|
|
305
|
+
summary: { critical: 0, high: 0, medium: 0, low: 0, info: 0 },
|
|
306
|
+
recommendations: [authCheck.reason ?? 'Authorization failed'],
|
|
307
|
+
};
|
|
308
|
+
}
|
|
309
|
+
const findings = [];
|
|
310
|
+
const extensions = ['.js', '.ts', '.jsx', '.tsx', '.json', '.env', '.yml', '.yaml', '.conf', '.config'];
|
|
311
|
+
function scanFile(filePath) {
|
|
312
|
+
const ext = extname(filePath);
|
|
313
|
+
const basename = filePath.split('/').pop() ?? '';
|
|
314
|
+
// Include .env files and config files
|
|
315
|
+
if (!extensions.includes(ext) && !basename.startsWith('.env') && !basename.includes('config')) {
|
|
316
|
+
return;
|
|
317
|
+
}
|
|
318
|
+
let content;
|
|
319
|
+
try {
|
|
320
|
+
content = readFileSync(filePath, 'utf-8');
|
|
321
|
+
}
|
|
322
|
+
catch {
|
|
323
|
+
return;
|
|
324
|
+
}
|
|
325
|
+
const lines = content.split('\n');
|
|
326
|
+
for (const secretPattern of SECRET_PATTERNS) {
|
|
327
|
+
const matches = content.matchAll(new RegExp(secretPattern.pattern.source, secretPattern.pattern.flags));
|
|
328
|
+
for (const match of matches) {
|
|
329
|
+
const lineNumber = content.substring(0, match.index ?? 0).split('\n').length;
|
|
330
|
+
const snippetLine = lines[lineNumber - 1] ?? '';
|
|
331
|
+
// Mask the secret in the output
|
|
332
|
+
const masked = match[0].substring(0, 8) + '...[REDACTED]';
|
|
333
|
+
findings.push({
|
|
334
|
+
id: `secret-${filePath}-${lineNumber}`,
|
|
335
|
+
severity: 'critical',
|
|
336
|
+
category: 'Secrets',
|
|
337
|
+
title: `Potential ${secretPattern.name}`,
|
|
338
|
+
description: `Found what appears to be a ${secretPattern.name} in source code.`,
|
|
339
|
+
location: {
|
|
340
|
+
file: relative(directory, filePath),
|
|
341
|
+
line: lineNumber,
|
|
342
|
+
snippet: snippetLine.replace(match[0], masked).trim().substring(0, 100),
|
|
343
|
+
},
|
|
344
|
+
remediation: 'Remove secret from source code. Use environment variables or a secret management service.',
|
|
345
|
+
references: [
|
|
346
|
+
'https://owasp.org/Top10/A07_2021-Identification_and_Authentication_Failures/',
|
|
347
|
+
],
|
|
348
|
+
cwe: 'CWE-798',
|
|
349
|
+
owasp: 'A07:2021',
|
|
350
|
+
});
|
|
351
|
+
}
|
|
352
|
+
}
|
|
353
|
+
}
|
|
354
|
+
function scanDirectory(dir) {
|
|
355
|
+
const entries = readdirSync(dir);
|
|
356
|
+
for (const entry of entries) {
|
|
357
|
+
if (entry === 'node_modules' || entry === '.git')
|
|
358
|
+
continue;
|
|
359
|
+
const fullPath = join(dir, entry);
|
|
360
|
+
const stat = statSync(fullPath);
|
|
361
|
+
if (stat.isDirectory()) {
|
|
362
|
+
scanDirectory(fullPath);
|
|
363
|
+
}
|
|
364
|
+
else {
|
|
365
|
+
scanFile(fullPath);
|
|
366
|
+
}
|
|
367
|
+
}
|
|
368
|
+
}
|
|
369
|
+
scanDirectory(directory);
|
|
370
|
+
const summary = {
|
|
371
|
+
critical: findings.filter((f) => f.severity === 'critical').length,
|
|
372
|
+
high: findings.filter((f) => f.severity === 'high').length,
|
|
373
|
+
medium: findings.filter((f) => f.severity === 'medium').length,
|
|
374
|
+
low: findings.filter((f) => f.severity === 'low').length,
|
|
375
|
+
info: findings.filter((f) => f.severity === 'info').length,
|
|
376
|
+
};
|
|
377
|
+
return {
|
|
378
|
+
success: true,
|
|
379
|
+
scanType: 'secret-detection',
|
|
380
|
+
scope: [directory],
|
|
381
|
+
timestamp: new Date(),
|
|
382
|
+
findings,
|
|
383
|
+
summary,
|
|
384
|
+
recommendations: generateRecommendations(findings),
|
|
385
|
+
};
|
|
386
|
+
}
|
|
387
|
+
/**
|
|
388
|
+
* Scan npm dependencies for vulnerabilities
|
|
389
|
+
*/
|
|
390
|
+
export function scanDependencies(directory, context) {
|
|
391
|
+
const authCheck = verifyAuthorization(context, directory);
|
|
392
|
+
if (!authCheck.authorized) {
|
|
393
|
+
return {
|
|
394
|
+
success: false,
|
|
395
|
+
scanType: 'dependency-scan',
|
|
396
|
+
scope: [directory],
|
|
397
|
+
timestamp: new Date(),
|
|
398
|
+
findings: [],
|
|
399
|
+
summary: { critical: 0, high: 0, medium: 0, low: 0, info: 0 },
|
|
400
|
+
recommendations: [authCheck.reason ?? 'Authorization failed'],
|
|
401
|
+
};
|
|
402
|
+
}
|
|
403
|
+
const findings = [];
|
|
404
|
+
try {
|
|
405
|
+
const auditOutput = execSync('npm audit --json', {
|
|
406
|
+
cwd: directory,
|
|
407
|
+
encoding: 'utf-8',
|
|
408
|
+
stdio: ['pipe', 'pipe', 'pipe'],
|
|
409
|
+
});
|
|
410
|
+
const audit = JSON.parse(auditOutput);
|
|
411
|
+
if (audit.vulnerabilities) {
|
|
412
|
+
for (const [pkgName, vuln] of Object.entries(audit.vulnerabilities)) {
|
|
413
|
+
const v = vuln;
|
|
414
|
+
findings.push({
|
|
415
|
+
id: `dep-${pkgName}`,
|
|
416
|
+
severity: v.severity,
|
|
417
|
+
category: 'Dependencies',
|
|
418
|
+
title: `Vulnerable Dependency: ${pkgName}`,
|
|
419
|
+
description: v.via
|
|
420
|
+
.filter((x) => typeof x === 'object' && 'title' in x)
|
|
421
|
+
.map((x) => x.title)
|
|
422
|
+
.join(', '),
|
|
423
|
+
location: { file: 'package.json' },
|
|
424
|
+
remediation: v.fixAvailable
|
|
425
|
+
? typeof v.fixAvailable === 'object'
|
|
426
|
+
? `Update to ${v.fixAvailable.name}@${v.fixAvailable.version}`
|
|
427
|
+
: 'Run npm audit fix'
|
|
428
|
+
: 'No fix available - consider finding alternative package',
|
|
429
|
+
references: v.via
|
|
430
|
+
.filter((x) => typeof x === 'object' && 'url' in x)
|
|
431
|
+
.map((x) => x.url),
|
|
432
|
+
cwe: v.via
|
|
433
|
+
.filter((x) => typeof x === 'object' && 'cwe' in x)
|
|
434
|
+
.flatMap((x) => x.cwe)
|
|
435
|
+
.join(', '),
|
|
436
|
+
});
|
|
437
|
+
}
|
|
438
|
+
}
|
|
439
|
+
}
|
|
440
|
+
catch (error) {
|
|
441
|
+
// npm audit returns non-zero if vulnerabilities found
|
|
442
|
+
const message = error instanceof Error ? error.message : String(error);
|
|
443
|
+
if (message.includes('ENOENT') || message.includes('package.json')) {
|
|
444
|
+
return {
|
|
445
|
+
success: false,
|
|
446
|
+
scanType: 'dependency-scan',
|
|
447
|
+
scope: [directory],
|
|
448
|
+
timestamp: new Date(),
|
|
449
|
+
findings: [],
|
|
450
|
+
summary: { critical: 0, high: 0, medium: 0, low: 0, info: 0 },
|
|
451
|
+
recommendations: ['No package.json found in directory'],
|
|
452
|
+
};
|
|
453
|
+
}
|
|
454
|
+
// Try to parse the output anyway
|
|
455
|
+
try {
|
|
456
|
+
const stdout = error.stdout;
|
|
457
|
+
if (stdout) {
|
|
458
|
+
const audit = JSON.parse(stdout);
|
|
459
|
+
// Process audit output...
|
|
460
|
+
}
|
|
461
|
+
}
|
|
462
|
+
catch {
|
|
463
|
+
// Ignore parse errors
|
|
464
|
+
}
|
|
465
|
+
}
|
|
466
|
+
const summary = {
|
|
467
|
+
critical: findings.filter((f) => f.severity === 'critical').length,
|
|
468
|
+
high: findings.filter((f) => f.severity === 'high').length,
|
|
469
|
+
medium: findings.filter((f) => f.severity === 'medium').length,
|
|
470
|
+
low: findings.filter((f) => f.severity === 'low').length,
|
|
471
|
+
info: findings.filter((f) => f.severity === 'info').length,
|
|
472
|
+
};
|
|
473
|
+
return {
|
|
474
|
+
success: true,
|
|
475
|
+
scanType: 'dependency-scan',
|
|
476
|
+
scope: [directory],
|
|
477
|
+
timestamp: new Date(),
|
|
478
|
+
findings,
|
|
479
|
+
summary,
|
|
480
|
+
recommendations: generateRecommendations(findings),
|
|
481
|
+
};
|
|
482
|
+
}
|
|
483
|
+
/**
|
|
484
|
+
* Generate remediation recommendations
|
|
485
|
+
*/
|
|
486
|
+
function generateRecommendations(findings) {
|
|
487
|
+
const recommendations = [];
|
|
488
|
+
if (findings.some((f) => f.category === 'Secrets')) {
|
|
489
|
+
recommendations.push('Immediately rotate all exposed secrets and remove from source code.');
|
|
490
|
+
recommendations.push('Use environment variables or a secret management service (e.g., AWS Secrets Manager, HashiCorp Vault).');
|
|
491
|
+
recommendations.push('Add .env files to .gitignore to prevent future commits.');
|
|
492
|
+
}
|
|
493
|
+
if (findings.some((f) => f.category === 'Injection')) {
|
|
494
|
+
recommendations.push('Review all database queries and use parameterized queries exclusively.');
|
|
495
|
+
recommendations.push('Implement input validation on all user-controlled data.');
|
|
496
|
+
recommendations.push('Use ORMs with built-in SQL injection protection.');
|
|
497
|
+
}
|
|
498
|
+
if (findings.some((f) => f.category === 'XSS')) {
|
|
499
|
+
recommendations.push('Implement Content Security Policy (CSP) headers.');
|
|
500
|
+
recommendations.push('Use templating engines with automatic escaping.');
|
|
501
|
+
recommendations.push('Sanitize all user input before rendering in the DOM.');
|
|
502
|
+
}
|
|
503
|
+
if (findings.some((f) => f.category === 'Dependencies')) {
|
|
504
|
+
recommendations.push('Run npm audit fix to automatically fix vulnerabilities.');
|
|
505
|
+
recommendations.push('Update outdated dependencies regularly.');
|
|
506
|
+
recommendations.push('Consider using npm ci in CI/CD pipelines for reproducible builds.');
|
|
507
|
+
}
|
|
508
|
+
if (recommendations.length === 0) {
|
|
509
|
+
recommendations.push('No immediate actions required. Continue regular security reviews.');
|
|
510
|
+
}
|
|
511
|
+
return recommendations;
|
|
512
|
+
}
|
|
513
|
+
/**
|
|
514
|
+
* Format assessment results for display
|
|
515
|
+
*/
|
|
516
|
+
export function formatAssessmentReport(result) {
|
|
517
|
+
const lines = [];
|
|
518
|
+
lines.push('');
|
|
519
|
+
lines.push('='.repeat(60));
|
|
520
|
+
lines.push(' SECURITY ASSESSMENT REPORT');
|
|
521
|
+
lines.push('='.repeat(60));
|
|
522
|
+
lines.push('');
|
|
523
|
+
lines.push(`Scan Type: ${result.scanType}`);
|
|
524
|
+
lines.push(`Scope: ${result.scope.join(', ')}`);
|
|
525
|
+
lines.push(`Timestamp: ${result.timestamp.toISOString()}`);
|
|
526
|
+
lines.push('');
|
|
527
|
+
lines.push('-'.repeat(60));
|
|
528
|
+
lines.push(' SUMMARY');
|
|
529
|
+
lines.push('-'.repeat(60));
|
|
530
|
+
lines.push(` Critical: ${result.summary.critical}`);
|
|
531
|
+
lines.push(` High: ${result.summary.high}`);
|
|
532
|
+
lines.push(` Medium: ${result.summary.medium}`);
|
|
533
|
+
lines.push(` Low: ${result.summary.low}`);
|
|
534
|
+
lines.push(` Info: ${result.summary.info}`);
|
|
535
|
+
lines.push('');
|
|
536
|
+
if (result.findings.length > 0) {
|
|
537
|
+
lines.push('-'.repeat(60));
|
|
538
|
+
lines.push(' FINDINGS');
|
|
539
|
+
lines.push('-'.repeat(60));
|
|
540
|
+
for (const finding of result.findings) {
|
|
541
|
+
lines.push('');
|
|
542
|
+
lines.push(` [${finding.severity.toUpperCase()}] ${finding.title}`);
|
|
543
|
+
lines.push(` Category: ${finding.category}`);
|
|
544
|
+
if (finding.location.file) {
|
|
545
|
+
lines.push(` Location: ${finding.location.file}:${finding.location.line}`);
|
|
546
|
+
}
|
|
547
|
+
if (finding.location.snippet) {
|
|
548
|
+
lines.push(` Snippet: ${finding.location.snippet}`);
|
|
549
|
+
}
|
|
550
|
+
lines.push(` ${finding.description}`);
|
|
551
|
+
lines.push(` Remediation: ${finding.remediation}`);
|
|
552
|
+
if (finding.cwe)
|
|
553
|
+
lines.push(` CWE: ${finding.cwe}`);
|
|
554
|
+
if (finding.owasp)
|
|
555
|
+
lines.push(` OWASP: ${finding.owasp}`);
|
|
556
|
+
}
|
|
557
|
+
}
|
|
558
|
+
lines.push('');
|
|
559
|
+
lines.push('-'.repeat(60));
|
|
560
|
+
lines.push(' RECOMMENDATIONS');
|
|
561
|
+
lines.push('-'.repeat(60));
|
|
562
|
+
for (const rec of result.recommendations) {
|
|
563
|
+
lines.push(` * ${rec}`);
|
|
564
|
+
}
|
|
565
|
+
lines.push('');
|
|
566
|
+
lines.push('='.repeat(60));
|
|
567
|
+
return lines.join('\n');
|
|
568
|
+
}
|
|
569
|
+
/**
|
|
570
|
+
* Create authorization context (requires user confirmation)
|
|
571
|
+
*/
|
|
572
|
+
export function createAuthorizationContext(scope, testingType) {
|
|
573
|
+
return {
|
|
574
|
+
ownershipConfirmed: true, // User must explicitly call this
|
|
575
|
+
authorizedScope: scope,
|
|
576
|
+
authorizedAt: new Date(),
|
|
577
|
+
testingType,
|
|
578
|
+
};
|
|
579
|
+
}
|
|
580
|
+
//# sourceMappingURL=securityAssessment.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"securityAssessment.js","sourceRoot":"","sources":["../../src/core/securityAssessment.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;GAYG;AAEH,OAAO,EAAE,YAAY,EAAc,WAAW,EAAE,QAAQ,EAAE,MAAM,SAAS,CAAC;AAC1E,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,WAAW,CAAC;AACpD,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAuD9C,oDAAoD;AACpD,MAAM,sBAAsB,GAAG;IAC7B,4BAA4B;IAC5B,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,8DAA8D;YAC9D,8CAA8C;YAC9C,4BAA4B;SAC7B;QACD,QAAQ,EAAE,UAAmB;QAC7B,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,yBAAyB;QAChC,GAAG,EAAE,QAAQ;QACb,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,kGAAkG;KAChH;IACD,gBAAgB,EAAE;QAChB,QAAQ,EAAE;YACR,oCAAoC;YACpC,qCAAqC;YACrC,2BAA2B;SAC5B;QACD,QAAQ,EAAE,UAAmB;QAC7B,QAAQ,EAAE,WAAW;QACrB,KAAK,EAAE,6BAA6B;QACpC,GAAG,EAAE,QAAQ;QACb,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,0FAA0F;KACxG;IACD,GAAG,EAAE;QACH,QAAQ,EAAE;YACR,2BAA2B;YAC3B,2BAA2B;YAC3B,wBAAwB;YACxB,yBAAyB;SAC1B;QACD,QAAQ,EAAE,MAAe;QACzB,QAAQ,EAAE,KAAK;QACf,KAAK,EAAE,gCAAgC;QACvC,GAAG,EAAE,QAAQ;QACb,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,8EAA8E;KAC5F;IACD,aAAa,EAAE;QACb,QAAQ,EAAE;YACR,uEAAuE;YACvE,gBAAgB;YAChB,kDAAkD;SACnD;QACD,QAAQ,EAAE,MAAe;QACzB,QAAQ,EAAE,gBAAgB;QAC1B,KAAK,EAAE,0BAA0B;QACjC,GAAG,EAAE,QAAQ;QACb,KAAK,EAAE,gCAAgC;QACvC,WAAW,EAAE,yGAAyG;KACvH;IAED,+BAA+B;IAC/B,oBAAoB,EAAE;QACpB,QAAQ,EAAE;YACR,+EAA+E;YAC/E,wCAAwC;YACxC,sDAAsD;SACvD;QACD,QAAQ,EAAE,UAAmB;QAC7B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,uBAAuB;QAC9B,GAAG,EAAE,SAAS;QACd,KAAK,EAAE,qDAAqD;QAC5D,WAAW,EAAE,iGAAiG;KAC/G;IACD,UAAU,EAAE;QACV,QAAQ,EAAE;YACR,+CAA+C;YAC/C,gDAAgD;YAChD,oBAAoB;SACrB;QACD,QAAQ,EAAE,QAAiB;QAC3B,QAAQ,EAAE,cAAc;QACxB,KAAK,EAAE,8BAA8B;QACrC,GAAG,EAAE,SAAS;QACd,KAAK,EAAE,iCAAiC;QACxC,WAAW,EAAE,4EAA4E;KAC1F;IAED,yBAAyB;IACzB,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,iCAAiC;YACjC,yCAAyC;YACzC,uEAAuE;SACxE;QACD,QAAQ,EAAE,QAAiB;QAC3B,QAAQ,EAAE,eAAe;QACzB,KAAK,EAAE,gCAAgC;QACvC,GAAG,EAAE,SAAS;QACd,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EAAE,6DAA6D;KAC3E;IACD,YAAY,EAAE;QACZ,QAAQ,EAAE;YACR,mCAAmC;YACnC,8CAA8C;YAC9C,kBAAkB;SACnB;QACD,QAAQ,EAAE,QAAiB;QAC3B,QAAQ,EAAE,eAAe;QACzB,KAAK,EAAE,wBAAwB;QAC/B,GAAG,EAAE,SAAS;QACd,KAAK,EAAE,oCAAoC;QAC3C,WAAW,EAAE,8EAA8E;KAC5F;IAED,kBAAkB;IAClB,SAAS,EAAE;QACT,QAAQ,EAAE;YACR,eAAe;YACf,uBAAuB;YACvB,0BAA0B;YAC1B,2BAA2B;SAC5B;QACD,QAAQ,EAAE,MAAe;QACzB,QAAQ,EAAE,gBAAgB;QAC1B,KAAK,EAAE,wBAAwB;QAC/B,GAAG,EAAE,QAAQ;QACb,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,oFAAoF;KAClG;IACD,mBAAmB,EAAE;QACnB,QAAQ,EAAE;YACR,iEAAiE;YACjE,iDAAiD;YACjD,oCAAoC;SACrC;QACD,QAAQ,EAAE,MAAe;QACzB,QAAQ,EAAE,qBAAqB;QAC/B,KAAK,EAAE,+BAA+B;QACtC,GAAG,EAAE,UAAU;QACf,KAAK,EAAE,oBAAoB;QAC3B,WAAW,EAAE,mFAAmF;KACjG;CACF,CAAC;AAEF,gCAAgC;AAChC,MAAM,eAAe,GAAG;IACtB,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,mBAAmB,EAAE;IACxD,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,qBAAqB,EAAE;IAC1D,EAAE,IAAI,EAAE,cAAc,EAAE,OAAO,EAAE,8BAA8B,EAAE;IACjE,EAAE,IAAI,EAAE,aAAa,EAAE,OAAO,EAAE,uDAAuD,EAAE;IACzF,EAAE,IAAI,EAAE,YAAY,EAAE,OAAO,EAAE,0BAA0B,EAAE;IAC3D,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,kCAAkC,EAAE;IACxE,EAAE,IAAI,EAAE,iBAAiB,EAAE,OAAO,EAAE,+DAA+D,EAAE;IACrG,EAAE,IAAI,EAAE,gBAAgB,EAAE,OAAO,EAAE,yDAAyD,EAAE;IAC9F,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,uDAAuD,EAAE;IACvF,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,sBAAsB,EAAE;CACvD,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,mBAAmB,CACjC,OAAqC,EACrC,UAAkB;IAElB,IAAI,CAAC,OAAO,CAAC,kBAAkB,EAAE,CAAC;QAChC,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,MAAM,EAAE,gEAAgE;SACzE,CAAC;IACJ,CAAC;IAED,6CAA6C;IAC7C,MAAM,SAAS,GAAG,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;QACvD,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YAC1B,OAAO,UAAU,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC;QACtC,CAAC;QACD,OAAO,UAAU,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,MAAM,EAAE,WAAW,UAAU,qCAAqC,OAAO,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;SACvG,CAAC;IACJ,CAAC;IAED,kDAAkD;IAClD,MAAM,cAAc,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC,YAAY,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC;IACxF,IAAI,cAAc,GAAG,EAAE,EAAE,CAAC;QACxB,OAAO;YACL,UAAU,EAAE,KAAK;YACjB,MAAM,EAAE,kEAAkE;SAC3E,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;AAC9B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAC5B,SAAiB,EACjB,OAAqC;IAErC,MAAM,SAAS,GAAG,mBAAmB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAC1D,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAC1B,OAAO;YACL,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,aAAa;YACvB,KAAK,EAAE,CAAC,SAAS,CAAC;YAClB,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YAC7D,eAAe,EAAE,CAAC,SAAS,CAAC,MAAM,IAAI,sBAAsB,CAAC;SAC9D,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAA2B,EAAE,CAAC;IAC5C,MAAM,UAAU,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IAElE,SAAS,QAAQ,CAAC,QAAgB;QAChC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9B,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC;YAAE,OAAO;QAEtC,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,MAAM,CAAC,QAAQ,EAAE,UAAU,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,EAAE,CAAC;YAC5E,KAAK,MAAM,OAAO,IAAI,UAAU,CAAC,QAAQ,EAAE,CAAC;gBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;gBAC5E,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;oBAC5B,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;oBAC7E,MAAM,WAAW,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;oBAEhD,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,GAAG,QAAQ,IAAI,QAAQ,IAAI,UAAU,EAAE;wBAC3C,QAAQ,EAAE,UAAU,CAAC,QAAQ;wBAC7B,QAAQ,EAAE,UAAU,CAAC,QAAQ;wBAC7B,KAAK,EAAE,UAAU,CAAC,KAAK;wBACvB,WAAW,EAAE,oCAAoC,UAAU,CAAC,KAAK,CAAC,WAAW,EAAE,GAAG;wBAClF,QAAQ,EAAE;4BACR,IAAI,EAAE,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC;4BACnC,IAAI,EAAE,UAAU;4BAChB,OAAO,EAAE,WAAW,CAAC,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;yBAC9C;wBACD,WAAW,EAAE,UAAU,CAAC,WAAW;wBACnC,UAAU,EAAE;4BACV,0CAA0C,UAAU,CAAC,GAAG,EAAE,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,OAAO;yBACrF;wBACD,GAAG,EAAE,UAAU,CAAC,GAAG;wBACnB,KAAK,EAAE,UAAU,CAAC,KAAK;qBACxB,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,SAAS,aAAa,CAAC,GAAW;QAChC,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QACjC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,KAAK,KAAK,cAAc,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,MAAM;gBAAE,SAAS;YAC/E,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAClC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvB,aAAa,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,aAAa,CAAC,SAAS,CAAC,CAAC;IAEzB,MAAM,OAAO,GAAG;QACd,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;QAClE,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QAC1D,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;QAC9D,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;QACxD,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;KAC3D,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,aAAa;QACvB,KAAK,EAAE,CAAC,SAAS,CAAC;QAClB,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ;QACR,OAAO;QACP,eAAe,EAAE,uBAAuB,CAAC,QAAQ,CAAC;KACnD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,WAAW,CACzB,SAAiB,EACjB,OAAqC;IAErC,MAAM,SAAS,GAAG,mBAAmB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAC1D,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAC1B,OAAO;YACL,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,kBAAkB;YAC5B,KAAK,EAAE,CAAC,SAAS,CAAC;YAClB,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YAC7D,eAAe,EAAE,CAAC,SAAS,CAAC,MAAM,IAAI,sBAAsB,CAAC;SAC9D,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAA2B,EAAE,CAAC;IAC5C,MAAM,UAAU,GAAG,CAAC,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,SAAS,CAAC,CAAC;IAExG,SAAS,QAAQ,CAAC,QAAgB;QAChC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC9B,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;QAEjD,sCAAsC;QACtC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;YAC9F,OAAO;QACT,CAAC;QAED,IAAI,OAAe,CAAC;QACpB,IAAI,CAAC;YACH,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC5C,CAAC;QAAC,MAAM,CAAC;YACP,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAElC,KAAK,MAAM,aAAa,IAAI,eAAe,EAAE,CAAC;YAC5C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,MAAM,EAAE,aAAa,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC;YACxG,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,MAAM,UAAU,GAAG,OAAO,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBAC7E,MAAM,WAAW,GAAG,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEhD,gCAAgC;gBAChC,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,eAAe,CAAC;gBAE1D,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,UAAU,QAAQ,IAAI,UAAU,EAAE;oBACtC,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,SAAS;oBACnB,KAAK,EAAE,aAAa,aAAa,CAAC,IAAI,EAAE;oBACxC,WAAW,EAAE,8BAA8B,aAAa,CAAC,IAAI,kBAAkB;oBAC/E,QAAQ,EAAE;wBACR,IAAI,EAAE,QAAQ,CAAC,SAAS,EAAE,QAAQ,CAAC;wBACnC,IAAI,EAAE,UAAU;wBAChB,OAAO,EAAE,WAAW,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC,SAAS,CAAC,CAAC,EAAE,GAAG,CAAC;qBACxE;oBACD,WAAW,EACT,2FAA2F;oBAC7F,UAAU,EAAE;wBACV,8EAA8E;qBAC/E;oBACD,GAAG,EAAE,SAAS;oBACd,KAAK,EAAE,UAAU;iBAClB,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,SAAS,aAAa,CAAC,GAAW;QAChC,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC;QACjC,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;YAC5B,IAAI,KAAK,KAAK,cAAc,IAAI,KAAK,KAAK,MAAM;gBAAE,SAAS;YAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,CAAC;YAClC,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,WAAW,EAAE,EAAE,CAAC;gBACvB,aAAa,CAAC,QAAQ,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,aAAa,CAAC,SAAS,CAAC,CAAC;IAEzB,MAAM,OAAO,GAAG;QACd,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;QAClE,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QAC1D,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;QAC9D,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;QACxD,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;KAC3D,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,kBAAkB;QAC5B,KAAK,EAAE,CAAC,SAAS,CAAC;QAClB,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ;QACR,OAAO;QACP,eAAe,EAAE,uBAAuB,CAAC,QAAQ,CAAC;KACnD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAC9B,SAAiB,EACjB,OAAqC;IAErC,MAAM,SAAS,GAAG,mBAAmB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAC1D,IAAI,CAAC,SAAS,CAAC,UAAU,EAAE,CAAC;QAC1B,OAAO;YACL,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE,iBAAiB;YAC3B,KAAK,EAAE,CAAC,SAAS,CAAC;YAClB,SAAS,EAAE,IAAI,IAAI,EAAE;YACrB,QAAQ,EAAE,EAAE;YACZ,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;YAC7D,eAAe,EAAE,CAAC,SAAS,CAAC,MAAM,IAAI,sBAAsB,CAAC;SAC9D,CAAC;IACJ,CAAC;IAED,MAAM,QAAQ,GAA2B,EAAE,CAAC;IAE5C,IAAI,CAAC;QACH,MAAM,WAAW,GAAG,QAAQ,CAAC,kBAAkB,EAAE;YAC/C,GAAG,EAAE,SAAS;YACd,QAAQ,EAAE,OAAO;YACjB,KAAK,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;SAChC,CAAC,CAAC;QAEH,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAEtC,IAAI,KAAK,CAAC,eAAe,EAAE,CAAC;YAC1B,KAAK,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC;gBACpE,MAAM,CAAC,GAAG,IAIT,CAAC;gBAEF,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,OAAO,OAAO,EAAE;oBACpB,QAAQ,EAAE,CAAC,CAAC,QAA4C;oBACxD,QAAQ,EAAE,cAAc;oBACxB,KAAK,EAAE,0BAA0B,OAAO,EAAE;oBAC1C,WAAW,EAAE,CAAC,CAAC,GAAG;yBACf,MAAM,CAAC,CAAC,CAAC,EAA0B,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,OAAO,IAAI,CAAC,CAAC;yBAC5E,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC;yBACnB,IAAI,CAAC,IAAI,CAAC;oBACb,QAAQ,EAAE,EAAE,IAAI,EAAE,cAAc,EAAE;oBAClC,WAAW,EAAE,CAAC,CAAC,YAAY;wBACzB,CAAC,CAAC,OAAO,CAAC,CAAC,YAAY,KAAK,QAAQ;4BAClC,CAAC,CAAC,aAAa,CAAC,CAAC,YAAY,CAAC,IAAI,IAAI,CAAC,CAAC,YAAY,CAAC,OAAO,EAAE;4BAC9D,CAAC,CAAC,mBAAmB;wBACvB,CAAC,CAAC,yDAAyD;oBAC7D,UAAU,EAAE,CAAC,CAAC,GAAG;yBACd,MAAM,CAAC,CAAC,CAAC,EAAwB,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,KAAK,IAAI,CAAC,CAAC;yBACxE,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;oBACpB,GAAG,EAAE,CAAC,CAAC,GAAG;yBACP,MAAM,CAAC,CAAC,CAAC,EAA0B,EAAE,CAAC,OAAO,CAAC,KAAK,QAAQ,IAAI,KAAK,IAAI,CAAC,CAAC;yBAC1E,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC;yBACrB,IAAI,CAAC,IAAI,CAAC;iBACd,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,sDAAsD;QACtD,MAAM,OAAO,GAAG,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACvE,IAAI,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,cAAc,CAAC,EAAE,CAAC;YACnE,OAAO;gBACL,OAAO,EAAE,KAAK;gBACd,QAAQ,EAAE,iBAAiB;gBAC3B,KAAK,EAAE,CAAC,SAAS,CAAC;gBAClB,SAAS,EAAE,IAAI,IAAI,EAAE;gBACrB,QAAQ,EAAE,EAAE;gBACZ,OAAO,EAAE,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE;gBAC7D,eAAe,EAAE,CAAC,oCAAoC,CAAC;aACxD,CAAC;QACJ,CAAC;QACD,iCAAiC;QACjC,IAAI,CAAC;YACH,MAAM,MAAM,GAAI,KAA6B,CAAC,MAAM,CAAC;YACrD,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;gBACjC,0BAA0B;YAC5B,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;IACH,CAAC;IAED,MAAM,OAAO,GAAG;QACd,QAAQ,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;QAClE,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QAC1D,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;QAC9D,GAAG,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;QACxD,IAAI,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;KAC3D,CAAC;IAEF,OAAO;QACL,OAAO,EAAE,IAAI;QACb,QAAQ,EAAE,iBAAiB;QAC3B,KAAK,EAAE,CAAC,SAAS,CAAC;QAClB,SAAS,EAAE,IAAI,IAAI,EAAE;QACrB,QAAQ;QACR,OAAO;QACP,eAAe,EAAE,uBAAuB,CAAC,QAAQ,CAAC;KACnD,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,uBAAuB,CAAC,QAAgC;IAC/D,MAAM,eAAe,GAAa,EAAE,CAAC;IAErC,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,EAAE,CAAC;QACnD,eAAe,CAAC,IAAI,CAAC,qEAAqE,CAAC,CAAC;QAC5F,eAAe,CAAC,IAAI,CAAC,wGAAwG,CAAC,CAAC;QAC/H,eAAe,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;IAClF,CAAC;IAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,WAAW,CAAC,EAAE,CAAC;QACrD,eAAe,CAAC,IAAI,CAAC,wEAAwE,CAAC,CAAC;QAC/F,eAAe,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;QAChF,eAAe,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;IAC3E,CAAC;IAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,EAAE,CAAC;QAC/C,eAAe,CAAC,IAAI,CAAC,kDAAkD,CAAC,CAAC;QACzE,eAAe,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;QACxE,eAAe,CAAC,IAAI,CAAC,sDAAsD,CAAC,CAAC;IAC/E,CAAC;IAED,IAAI,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,cAAc,CAAC,EAAE,CAAC;QACxD,eAAe,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;QAChF,eAAe,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QAChE,eAAe,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IAC5F,CAAC;IAED,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACjC,eAAe,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IAC5F,CAAC;IAED,OAAO,eAAe,CAAC;AACzB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAgC;IACrE,MAAM,KAAK,GAAa,EAAE,CAAC;IAE3B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,GAAG,CAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;IAC3C,KAAK,CAAC,IAAI,CAAC,GAAG,CAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5B,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IAC5C,KAAK,CAAC,IAAI,CAAC,UAAU,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IAC3D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACxB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACjD,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC,CAAC;IACnD,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IAChD,KAAK,CAAC,IAAI,CAAC,eAAe,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;IACjD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,MAAM,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAC3B,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;QACzB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;QAE3B,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACtC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACf,KAAK,CAAC,IAAI,CAAC,MAAM,OAAO,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;YACrE,KAAK,CAAC,IAAI,CAAC,eAAe,OAAO,CAAC,QAAQ,EAAE,CAAC,CAAC;YAC9C,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;gBAC1B,KAAK,CAAC,IAAI,CAAC,eAAe,OAAO,CAAC,QAAQ,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YAC9E,CAAC;YACD,IAAI,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC;gBAC7B,KAAK,CAAC,IAAI,CAAC,cAAc,OAAO,CAAC,QAAQ,CAAC,OAAO,EAAE,CAAC,CAAC;YACvD,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,KAAK,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;YACvC,KAAK,CAAC,IAAI,CAAC,kBAAkB,OAAO,CAAC,WAAW,EAAE,CAAC,CAAC;YACpD,IAAI,OAAO,CAAC,GAAG;gBAAE,KAAK,CAAC,IAAI,CAAC,UAAU,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;YACrD,IAAI,OAAO,CAAC,KAAK;gBAAE,KAAK,CAAC,IAAI,CAAC,YAAY,OAAO,CAAC,KAAK,EAAE,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IAChC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAC3B,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QACzC,KAAK,CAAC,IAAI,CAAC,OAAO,GAAG,EAAE,CAAC,CAAC;IAC3B,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,GAAG,CAAE,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC;IAE5B,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,0BAA0B,CACxC,KAAe,EACf,WAAwD;IAExD,OAAO;QACL,kBAAkB,EAAE,IAAI,EAAE,iCAAiC;QAC3D,eAAe,EAAE,KAAK;QACtB,YAAY,EAAE,IAAI,IAAI,EAAE;QACxB,WAAW;KACZ,CAAC;AACJ,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"toolPreconditions.d.ts","sourceRoot":"","sources":["../../src/core/toolPreconditions.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IACnD,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAGD,eAAO,MAAM,2BAA2B;;;;;;;;;;CA+B9B,CAAC;AAEX;;;;;;;;;GASG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,gBAAgB,EAAE,CAsKpB;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,WAAW,EAAE,SAAS;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,EAAE,GAC1E,gBAAgB,EAAE,
|
|
1
|
+
{"version":3,"file":"toolPreconditions.d.ts","sourceRoot":"","sources":["../../src/core/toolPreconditions.ts"],"names":[],"mappings":"AAGA;;;GAGG;AACH,MAAM,WAAW,gBAAgB;IAC/B,QAAQ,CAAC,IAAI,EAAE,MAAM,CAAC;IACtB,QAAQ,CAAC,OAAO,EAAE,MAAM,CAAC;IACzB,QAAQ,CAAC,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IACnD,QAAQ,CAAC,UAAU,EAAE,MAAM,CAAC;CAC7B;AAGD,eAAO,MAAM,2BAA2B;;;;;;;;;;CA+B9B,CAAC;AAEX;;;;;;;;;GASG;AACH,wBAAgB,yBAAyB,CACvC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GAC5B,gBAAgB,EAAE,CAsKpB;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CACpC,QAAQ,EAAE,MAAM,EAChB,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EAC7B,WAAW,EAAE,SAAS;IAAE,QAAQ,EAAE,MAAM,CAAC;IAAC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAA;CAAE,EAAE,GAC1E,gBAAgB,EAAE,CAqEpB"}
|
|
@@ -197,20 +197,6 @@ export function validateToolPreconditions(toolName, args) {
|
|
|
197
197
|
export function validateAIFlowPatterns(toolName, args, toolHistory) {
|
|
198
198
|
const warnings = [];
|
|
199
199
|
const toolLower = toolName.toLowerCase();
|
|
200
|
-
// Pattern: Sequential file reads without parallel execution
|
|
201
|
-
if (toolLower === 'read' || toolLower === 'read_file') {
|
|
202
|
-
const currentFile = (args['file_path'] || args['path']);
|
|
203
|
-
// Get recent read operations (last 5 in history)
|
|
204
|
-
const recentReads = toolHistory
|
|
205
|
-
.slice(-5)
|
|
206
|
-
.filter((call) => {
|
|
207
|
-
const callLower = call.toolName.toLowerCase();
|
|
208
|
-
return callLower === 'read' || callLower === 'read_file';
|
|
209
|
-
});
|
|
210
|
-
// Sequential read optimization warning disabled - too noisy and not actionable
|
|
211
|
-
// The AI can decide when parallel reads are appropriate without constant reminders
|
|
212
|
-
void recentReads; // Suppress unused variable warning
|
|
213
|
-
}
|
|
214
200
|
// Pattern: Edit without prior Read
|
|
215
201
|
if (toolLower === 'edit') {
|
|
216
202
|
const oldString = typeof args['old_string'] === 'string' ? args['old_string'] : undefined;
|