guardrail-cli 1.0.6 → 2.0.0

package/dist/formatters/sarif-enhanced.js

@@ -0,0 +1,144 @@
+"use strict";
+/**
+ * Enhanced SARIF (Static Analysis Results Interchange Format) Output
+ * For vulnerability scanning with OSV integration
+ *
+ * Includes:
+ * - CVSS scores and vectors
+ * - Remediation paths
+ * - Direct vs transitive classification
+ * - Multiple vulnerability sources
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.toSarifVulnerabilitiesEnhanced = toSarifVulnerabilitiesEnhanced;
+function severityToLevel(severity) {
+    switch (severity) {
+        case 'critical':
+        case 'high':
+            return 'error';
+        case 'medium':
+            return 'warning';
+        case 'low':
+            return 'note';
+        default:
+            return 'warning';
+    }
+}
+function getVersion() {
+    try {
+        const pkg = require('../../package.json');
+        return pkg.version || '1.0.0';
+    }
+    catch {
+        return '1.0.0';
+    }
+}
+function toSarifVulnerabilitiesEnhanced(results) {
+    const version = getVersion();
+    const ruleMap = new Map();
+    // Build rules from unique vulnerability IDs
+    for (const finding of results.findings) {
+        for (const vuln of finding.vulnerabilities) {
+            if (!ruleMap.has(vuln.id)) {
+                ruleMap.set(vuln.id, {
+                    id: vuln.id,
+                    name: vuln.title,
+                    shortDescription: { text: vuln.title },
+                    fullDescription: { text: vuln.description || vuln.title },
+                    helpUri: vuln.references[0] || 'https://osv.dev',
+                    defaultConfiguration: { level: severityToLevel(vuln.severity) },
+                    properties: {
+                        severity: vuln.severity,
+                        cvssScore: vuln.cvssScore,
+                        cvssVector: vuln.cvssVector,
+                        cwe: vuln.cwe,
+                        aliases: vuln.aliases,
+                        source: vuln.source,
+                    },
+                });
+            }
+        }
+    }
+    const sarifResults = [];
+    for (const finding of results.findings) {
+        for (const vuln of finding.vulnerabilities) {
+            const remediationText = finding.remediationPath
+                ? `${finding.remediationPath.description}${finding.remediationPath.breakingChange ? ' (Breaking change)' : ''}`
+                : `Upgrade to ${finding.recommendedVersion || 'latest'}`;
+            sarifResults.push({
+                ruleId: vuln.id,
+                level: severityToLevel(vuln.severity),
+                message: {
+                    text: `${vuln.title} in ${finding.package}@${finding.version}. ${remediationText}`,
+                },
+                locations: [{
+                        physicalLocation: {
+                            artifactLocation: {
+                                uri: getManifestFile(results.ecosystem),
+                                uriBaseId: '%SRCROOT%',
+                            },
+                            region: { startLine: 1 },
+                        },
+                    }],
+                fingerprints: {
+                    'guardrail/v1': `${vuln.id}:${finding.package}:${finding.version}`,
+                    'osv/id': vuln.id,
+                },
+                properties: {
+                    package: finding.package,
+                    version: finding.version,
+                    ecosystem: results.ecosystem,
+                    isDirect: finding.isDirect,
+                    severity: vuln.severity,
+                    cvssScore: vuln.cvssScore,
+                    cvssVector: vuln.cvssVector,
+                    cwe: vuln.cwe,
+                    aliases: vuln.aliases,
+                    source: vuln.source,
+                    affectedVersions: vuln.affectedVersions,
+                    patchedVersions: vuln.patchedVersions,
+                    references: vuln.references,
+                    publishedAt: vuln.publishedAt,
+                    updatedAt: vuln.updatedAt,
+                    remediationPath: finding.remediationPath,
+                    recommendedVersion: finding.recommendedVersion,
+                },
+            });
+        }
+    }
+    return {
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        version: '2.1.0',
+        runs: [{
+                tool: {
+                    driver: {
+                        name: 'guardrail-cli',
+                        version,
+                        informationUri: 'https://guardrail.dev',
+                        rules: Array.from(ruleMap.values()),
+                    },
+                },
+                results: sarifResults,
+                invocations: [{
+                        executionSuccessful: true,
+                        startTimeUtc: new Date().toISOString(),
+                        workingDirectory: { uri: results.projectPath?.replace(/\\/g, '/') || '.' },
+                    }],
+            }],
+    };
+}
+function getManifestFile(ecosystem) {
+    switch (ecosystem) {
+        case 'npm':
+            return 'package.json';
+        case 'PyPI':
+            return 'requirements.txt';
+        case 'RubyGems':
+            return 'Gemfile';
+        case 'Go':
+            return 'go.mod';
+        default:
+            return 'package.json';
+    }
+}
+//# sourceMappingURL=sarif-enhanced.js.map

package/dist/formatters/sarif-enhanced.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sarif-enhanced.js","sourceRoot":"","sources":["../../src/formatters/sarif-enhanced.ts"],"names":[],"mappings":";AAAA;;;;;;;;;GASG;;AA0FH,wEAkGC;AAzHD,SAAS,eAAe,CAAC,QAAgB;IACvC,QAAQ,QAAQ,EAAE,CAAC;QACjB,KAAK,UAAU,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,OAAO,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,SAAS,CAAC;QACnB,KAAK,KAAK;YACR,OAAO,MAAM,CAAC;QAChB;YACE,OAAO,SAAS,CAAC;IACrB,CAAC;AACH,CAAC;AAED,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAC1C,OAAO,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAgB,8BAA8B,CAAC,OAA2B;IACxE,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAI,GAAG,EAAqB,CAAC;IAE7C,4CAA4C;IAC5C,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACvC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;YAC3C,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE;oBACnB,EAAE,EAAE,IAAI,CAAC,EAAE;oBACX,IAAI,EAAE,IAAI,CAAC,KAAK;oBAChB,gBAAgB,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,KAAK,EAAE;oBACtC,eAAe,EAAE,EAAE,IAAI,EAAE,IAAI,CAAC,WAAW,IAAI,IAAI,CAAC,KAAK,EAAE;oBACzD,OAAO,EAAE,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC,IAAI,iBAAiB;oBAChD,oBAAoB,EAAE,EAAE,KAAK,EAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAC/D,UAAU,EAAE;wBACV,QAAQ,EAAE,IAAI,CAAC,QAAQ;wBACvB,SAAS,EAAE,IAAI,CAAC,SAAS;wBACzB,UAAU,EAAE,IAAI,CAAC,UAAU;wBAC3B,GAAG,EAAE,IAAI,CAAC,GAAG;wBACb,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,MAAM,EAAE,IAAI,CAAC,MAAM;qBACpB;iBACF,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAmB,EAAE,CAAC;IAExC,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;QACvC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;YAC3C,MAAM,eAAe,GAAG,OAAO,CAAC,eAAe;gBAC7C,CAAC,CAAC,GAAG,OAAO,CAAC,eAAe,CAAC,WAAW,GAAG,OAAO,CAAC,eAAe,CAAC,cAAc,CAAC,CAAC,CAAC,oBAAoB,CAAC,CAAC,CAAC,EAAE,EAAE;gBAC/G,CAAC,CAAC,cAAc,OAAO,CAAC,kBAAkB,IAAI,QAAQ,EAAE,CAAC;YAE3D,YAAY,CAAC,IAAI,CAAC;gBAChB,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,KAAK,EAAE,eAAe,CAAC,IAAI,CAAC,QAAQ,CAAC;gBACrC,OAAO,EAAE;oBACP,IAAI,EAAE,GAAG,IAAI,CAAC,KAAK,OAAO,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,KAAK,eAAe,EAAE;iBACnF;gBACD,SAAS,EAAE,CAAC;wBACV,gBAAgB,EAAE;4BAChB,gBAAgB,EAAE;gCAChB,GAAG,EAAE,eAAe,CAAC,OAAO,CAAC,SAAS,CAAC;gCACvC,SAAS,EAAE,WAAW;6BACvB;4BACD,MAAM,EAAE,EAAE,SAAS,EAAE,CAAC,EAAE;yBACzB;qBACF,CAAC;gBACF,YAAY,EAAE;oBACZ,cAAc,EAAE,GAAG,IAAI,CAAC,EAAE,IAAI,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE;oBAClE,QAAQ,EAAE,IAAI,CAAC,EAAE;iBAClB;gBACD,UAAU,EAAE;oBACV,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,OAAO,EAAE,OAAO,CAAC,OAAO;oBACxB,SAAS,EAAE,OAAO,CAAC,SAAS;oBAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;oBAC1B,QAAQ,EAAE,IAAI,CAAC,QAAQ;oBACvB,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,GAAG,EAAE,IAAI,CAAC,GAAG;oBACb,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,IAAI,CAAC,MAAM;oBACnB,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;oBACvC,eAAe,EAAE,IAAI,CAAC,eAAe;oBACrC,UAAU,EAAE,IAAI,CAAC,UAAU;oBAC3B,WAAW,EAAE,IAAI,CAAC,WAAW;oBAC7B,SAAS,EAAE,IAAI,CAAC,SAAS;oBACzB,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;iBAC/C;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,gGAAgG;QACzG,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE,CAAC;gBACL,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,eAAe;wBACrB,OAAO;wBACP,cAAc,EAAE,uBAAuB;wBACvC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;qBACpC;iBACF;gBACD,OAAO,EAAE,YAAY;gBACrB,WAAW,EAAE,CAAC;wBACZ,mBAAmB,EAAE,IAAI;wBACzB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACtC,gBAAgB,EAAE,EAAE,GAAG,EAAE,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,GAAG,EAAE;qBAC3E,CAAC;aACH,CAAC;KACH,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,SAAiB;IACxC,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,KAAK;YACR,OAAO,cAAc,CAAC;QACxB,KAAK,MAAM;YACT,OAAO,kBAAkB,CAAC;QAC5B,KAAK,UAAU;YACb,OAAO,SAAS,CAAC;QACnB,KAAK,IAAI;YACP,OAAO,QAAQ,CAAC;QAClB;YACE,OAAO,cAAc,CAAC;IAC1B,CAAC;AACH,CAAC"}

package/dist/formatters/sarif-v2.d.ts

@@ -0,0 +1,121 @@
+/**
+ * SARIF v2.1.0 Output - Enterprise-grade implementation
+ * Compliant with GitHub Code Scanning and Azure DevOps
+ * https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html
+ */
+export interface SarifLog {
+    $schema: string;
+    version: string;
+    runs: SarifRun[];
+}
+export interface SarifRun {
+    tool: SarifTool;
+    results: SarifResult[];
+    invocations?: SarifInvocation[];
+    properties?: Record<string, any>;
+}
+export interface SarifTool {
+    driver: SarifToolComponent;
+}
+export interface SarifToolComponent {
+    name: string;
+    version: string;
+    informationUri?: string;
+    rules?: SarifReportingDescriptor[];
+    organization?: string;
+    semanticVersion?: string;
+}
+export interface SarifReportingDescriptor {
+    id: string;
+    name?: string;
+    shortDescription?: SarifMultiformatMessageString;
+    fullDescription?: SarifMultiformatMessageString;
+    help?: SarifMultiformatMessageString;
+    helpUri?: string;
+    defaultConfiguration?: SarifReportingConfiguration;
+    properties?: Record<string, any>;
+}
+export interface SarifMultiformatMessageString {
+    text: string;
+    markdown?: string;
+}
+export interface SarifReportingConfiguration {
+    level: 'error' | 'warning' | 'note' | 'none';
+    enabled?: boolean;
+}
+export interface SarifResult {
+    ruleId: string;
+    ruleIndex?: number;
+    level: 'error' | 'warning' | 'note' | 'none';
+    message: SarifMessage;
+    locations?: SarifLocation[];
+    partialFingerprints?: Record<string, string>;
+    fingerprints?: Record<string, string>;
+    fixes?: SarifFix[];
+    properties?: Record<string, any>;
+}
+export interface SarifMessage {
+    text: string;
+    markdown?: string;
+}
+export interface SarifLocation {
+    physicalLocation?: SarifPhysicalLocation;
+    logicalLocations?: SarifLogicalLocation[];
+}
+export interface SarifPhysicalLocation {
+    artifactLocation: SarifArtifactLocation;
+    region?: SarifRegion;
+    contextRegion?: SarifRegion;
+}
+export interface SarifArtifactLocation {
+    uri: string;
+    uriBaseId?: string;
+}
+export interface SarifRegion {
+    startLine?: number;
+    startColumn?: number;
+    endLine?: number;
+    endColumn?: number;
+    snippet?: SarifArtifactContent;
+}
+export interface SarifArtifactContent {
+    text?: string;
+}
+export interface SarifLogicalLocation {
+    name?: string;
+    fullyQualifiedName?: string;
+    kind?: string;
+}
+export interface SarifFix {
+    description?: SarifMessage;
+    artifactChanges: SarifArtifactChange[];
+}
+export interface SarifArtifactChange {
+    artifactLocation: SarifArtifactLocation;
+    replacements: SarifReplacement[];
+}
+export interface SarifReplacement {
+    deletedRegion: SarifRegion;
+    insertedContent?: SarifArtifactContent;
+}
+export interface SarifInvocation {
+    executionSuccessful: boolean;
+    commandLine?: string;
+    startTimeUtc?: string;
+    endTimeUtc?: string;
+    workingDirectory?: SarifArtifactLocation;
+    exitCode?: number;
+}
+/**
+ * Convert secrets scan results to SARIF v2.1.0
+ */
+export declare function secretsToSarif(results: any): SarifLog;
+/**
+ * Convert vulnerability scan results to SARIF v2.1.0
+ */
+export declare function vulnerabilitiesToSarif(results: any): SarifLog;
+/**
+ * Convert combined scan results to SARIF v2.1.0
+ */
+export declare function combinedToSarif(results: any): SarifLog;
+//# sourceMappingURL=sarif-v2.d.ts.map

package/dist/formatters/sarif-v2.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"sarif-v2.d.ts","sourceRoot":"","sources":["../../src/formatters/sarif-v2.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,MAAM,WAAW,QAAQ;IACvB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,IAAI,EAAE,QAAQ,EAAE,CAAC;CAClB;AAED,MAAM,WAAW,QAAQ;IACvB,IAAI,EAAE,SAAS,CAAC;IAChB,OAAO,EAAE,WAAW,EAAE,CAAC;IACvB,WAAW,CAAC,EAAE,eAAe,EAAE,CAAC;IAChC,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,SAAS;IACxB,MAAM,EAAE,kBAAkB,CAAC;CAC5B;AAED,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,CAAC,EAAE,MAAM,CAAC;IACxB,KAAK,CAAC,EAAE,wBAAwB,EAAE,CAAC;IACnC,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,eAAe,CAAC,EAAE,MAAM,CAAC;CAC1B;AAED,MAAM,WAAW,wBAAwB;IACvC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,gBAAgB,CAAC,EAAE,6BAA6B,CAAC;IACjD,eAAe,CAAC,EAAE,6BAA6B,CAAC;IAChD,IAAI,CAAC,EAAE,6BAA6B,CAAC;IACrC,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,oBAAoB,CAAC,EAAE,2BAA2B,CAAC;IACnD,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,6BAA6B;IAC5C,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,2BAA2B;IAC1C,KAAK,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;IAC7C,OAAO,CAAC,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,WAAW;IAC1B,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,OAAO,GAAG,SAAS,GAAG,MAAM,GAAG,MAAM,CAAC;IAC7C,OAAO,EAAE,YAAY,CAAC;IACtB,SAAS,CAAC,EAAE,aAAa,EAAE,CAAC;IAC5B,mBAAmB,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IAC7C,YAAY,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACtC,KAAK,CAAC,EAAE,QAAQ,EAAE,CAAC;IACnB,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;CAClC;AAED,MAAM,WAAW,YAAY;IAC3B,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,aAAa;IAC5B,gBAAgB,CAAC,EAAE,qBAAqB,CAAC;IACzC,gBAAgB,CAAC,EAAE,oBAAoB,EAAE,CAAC;CAC3C;AAED,MAAM,WAAW,qBAAqB;IACpC,gBAAgB,EAAE,qBAAqB,CAAC;IACxC,MAAM,CAAC,EAAE,WAAW,CAAC;IACrB,aAAa,CAAC,EAAE,WAAW,CAAC;CAC7B;AAED,MAAM,WAAW,qBAAqB;IACpC,GAAG,EAAE,MAAM,CAAC;IACZ,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,WAAW;IAC1B,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,OAAO,CAAC,EAAE,oBAAoB,CAAC;CAChC;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,oBAAoB;IACnC,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,kBAAkB,CAAC,EAAE,MAAM,CAAC;IAC5B,IAAI,CAAC,EAAE,MAAM,CAAC;CACf;AAED,MAAM,WAAW,QAAQ;IACvB,WAAW,CAAC,EAAE,YAAY,CAAC;IAC3B,eAAe,EAAE,mBAAmB,EAAE,CAAC;CACxC;AAED,MAAM,WAAW,mBAAmB;IAClC,gBAAgB,EAAE,qBAAqB,CAAC;IACxC,YAAY,EAAE,gBAAgB,EAAE,CAAC;CAClC;AAED,MAAM,WAAW,gBAAgB;IAC/B,aAAa,EAAE,WAAW,CAAC;IAC3B,eAAe,CAAC,EAAE,oBAAoB,CAAC;CACxC;AAED,MAAM,WAAW,eAAe;IAC9B,mBAAmB,EAAE,OAAO,CAAC;IAC7B,WAAW,CAAC,EAAE,MAAM,CAAC;IACrB,YAAY,CAAC,EAAE,MAAM,CAAC;IACtB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,gBAAgB,CAAC,EAAE,qBAAqB,CAAC;IACzC,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAwCD;;GAEG;AACH,wBAAgB,cAAc,CAAC,OAAO,EAAE,GAAG,GAAG,QAAQ,CA+HrD;AAED;;GAEG;AACH,wBAAgB,sBAAsB,CAAC,OAAO,EAAE,GAAG,GAAG,QAAQ,CA+G7D;AAED;;GAEG;AACH,wBAAgB,eAAe,CAAC,OAAO,EAAE,GAAG,GAAG,QAAQ,CAuEtD"}

package/dist/formatters/sarif-v2.js

@@ -0,0 +1,356 @@
+"use strict";
+/**
+ * SARIF v2.1.0 Output - Enterprise-grade implementation
+ * Compliant with GitHub Code Scanning and Azure DevOps
+ * https://docs.oasis-open.org/sarif/sarif/v2.1.0/sarif-v2.1.0.html
+ */
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.secretsToSarif = secretsToSarif;
+exports.vulnerabilitiesToSarif = vulnerabilitiesToSarif;
+exports.combinedToSarif = combinedToSarif;
+const crypto_1 = require("crypto");
+/**
+ * Convert severity to SARIF level
+ */
+function severityToLevel(severity) {
+    switch (severity.toLowerCase()) {
+        case 'critical':
+        case 'high':
+            return 'error';
+        case 'medium':
+            return 'warning';
+        case 'low':
+        case 'info':
+            return 'note';
+        default:
+            return 'warning';
+    }
+}
+/**
+ * Generate stable fingerprint for a finding
+ */
+function generateFingerprint(finding) {
+    const data = `${finding.type || finding.category}:${finding.file}:${finding.line}:${finding.title || finding.match}`;
+    return (0, crypto_1.createHash)('sha256').update(data).digest('hex').substring(0, 16);
+}
+/**
+ * Get package version
+ */
+function getVersion() {
+    try {
+        const pkg = require('../../package.json');
+        return pkg.version || '1.0.0';
+    }
+    catch {
+        return '1.0.0';
+    }
+}
+/**
+ * Convert secrets scan results to SARIF v2.1.0
+ */
+function secretsToSarif(results) {
+    const version = getVersion();
+    const ruleMap = new Map();
+    const ruleIndexMap = new Map();
+    // Build rules from unique finding types
+    for (const finding of results.findings || []) {
+        const ruleId = finding.type || 'secret-detected';
+        if (!ruleMap.has(ruleId)) {
+            const index = ruleMap.size;
+            ruleIndexMap.set(ruleId, index);
+            ruleMap.set(ruleId, {
+                id: ruleId,
+                name: ruleId.replace(/_/g, ' ').replace(/\b\w/g, (c) => c.toUpperCase()),
+                shortDescription: {
+                    text: `Detected ${ruleId.replace(/_/g, ' ')}`,
+                },
+                fullDescription: {
+                    text: finding.recommendation?.reason || `Potential ${ruleId} detected in source code`,
+                },
+                help: {
+                    text: finding.recommendation?.remediation || 'Move secrets to environment variables or secure vault',
+                    markdown: `## Remediation\n\n${finding.recommendation?.remediation || 'Move secrets to environment variables or secure vault'}\n\n[Learn more](https://guardrail.dev/docs/secrets)`,
+                },
+                helpUri: 'https://guardrail.dev/docs/secrets',
+                defaultConfiguration: {
+                    level: severityToLevel(finding.risk || 'high'),
+                    enabled: true,
+                },
+                properties: {
+                    tags: ['security', 'secrets', finding.risk || 'high'],
+                    precision: 'high',
+                },
+            });
+        }
+    }
+    const sarifResults = (results.findings || []).map((f) => {
+        const ruleId = f.type || 'secret-detected';
+        return {
+            ruleId,
+            ruleIndex: ruleIndexMap.get(ruleId),
+            level: severityToLevel(f.risk || 'high'),
+            message: {
+                text: `${f.type}: ${f.match}${f.isTest ? ' (in test file)' : ''}`,
+            },
+            locations: [{
+                    physicalLocation: {
+                        artifactLocation: {
+                            uri: f.file.replace(/\\/g, '/'),
+                            uriBaseId: '%SRCROOT%',
+                        },
+                        region: {
+                            startLine: f.line,
+                            startColumn: 1,
+                            snippet: {
+                                text: f.match,
+                            },
+                        },
+                    },
+                }],
+            partialFingerprints: {
+                'guardrail/v1': generateFingerprint(f),
+            },
+            fingerprints: {
+                'guardrail/v1': `${f.type}:${f.file}:${f.line}`,
+            },
+            properties: {
+                confidence: f.confidence,
+                entropy: f.entropy,
+                isTest: f.isTest,
+                risk: f.risk,
+            },
+            fixes: f.recommendation?.remediation ? [{
+                    description: {
+                        text: f.recommendation.remediation,
+                    },
+                    artifactChanges: [{
+                            artifactLocation: {
+                                uri: f.file.replace(/\\/g, '/'),
+                                uriBaseId: '%SRCROOT%',
+                            },
+                            replacements: [{
+                                    deletedRegion: {
+                                        startLine: f.line,
+                                        startColumn: 1,
+                                    },
+                                    insertedContent: {
+                                        text: '// TODO: Move to environment variable',
+                                    },
+                                }],
+                        }],
+                }] : undefined,
+        };
+    });
+    return {
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        version: '2.1.0',
+        runs: [{
+                tool: {
+                    driver: {
+                        name: 'Guardrail',
+                        version,
+                        semanticVersion: version,
+                        informationUri: 'https://guardrail.dev',
+                        organization: 'Guardrail Security',
+                        rules: Array.from(ruleMap.values()),
+                    },
+                },
+                results: sarifResults,
+                invocations: [{
+                        executionSuccessful: true,
+                        startTimeUtc: new Date().toISOString(),
+                        endTimeUtc: new Date().toISOString(),
+                        workingDirectory: {
+                            uri: results.projectPath?.replace(/\\/g, '/') || '.',
+                        },
+                        exitCode: 0,
+                    }],
+                properties: {
+                    scanType: 'secrets',
+                    filesScanned: results.filesScanned,
+                    patterns: results.patterns,
+                },
+            }],
+    };
+}
+/**
+ * Convert vulnerability scan results to SARIF v2.1.0
+ */
+function vulnerabilitiesToSarif(results) {
+    const version = getVersion();
+    const rules = [{
+            id: 'vulnerable-dependency',
+            name: 'Vulnerable Dependency',
+            shortDescription: {
+                text: 'Known vulnerability in dependency',
+            },
+            fullDescription: {
+                text: 'A dependency with a known security vulnerability was detected. Update to the fixed version to remediate.',
+            },
+            help: {
+                text: 'Update vulnerable dependencies to their fixed versions',
+                markdown: '## Remediation\n\nUpdate the vulnerable dependency to the version specified in the fix recommendation.\n\n[Learn more](https://guardrail.dev/docs/vulnerabilities)',
+            },
+            helpUri: 'https://guardrail.dev/docs/vulnerabilities',
+            defaultConfiguration: {
+                level: 'error',
+                enabled: true,
+            },
+            properties: {
+                tags: ['security', 'vulnerability', 'dependencies'],
+                precision: 'very-high',
+            },
+        }];
+    const sarifResults = (results.findings || []).map((f) => ({
+        ruleId: 'vulnerable-dependency',
+        ruleIndex: 0,
+        level: severityToLevel(f.severity),
+        message: {
+            text: `${f.cve}: ${f.title} in ${f.package}@${f.version}`,
+            markdown: `**${f.cve}**: ${f.title}\n\n**Package**: \`${f.package}@${f.version}\`\n**Fix**: Upgrade to \`${f.fixedIn}\``,
+        },
+        locations: [{
+                physicalLocation: {
+                    artifactLocation: {
+                        uri: 'package.json',
+                        uriBaseId: '%SRCROOT%',
+                    },
+                    region: {
+                        startLine: 1,
+                    },
+                },
+            }],
+        partialFingerprints: {
+            'guardrail/v1': generateFingerprint(f),
+        },
+        fingerprints: {
+            'guardrail/v1': `${f.cve}:${f.package}:${f.version}`,
+        },
+        properties: {
+            cve: f.cve,
+            package: f.package,
+            version: f.version,
+            fixedIn: f.fixedIn,
+            severity: f.severity,
+        },
+        fixes: [{
+                description: {
+                    text: `Upgrade ${f.package} to ${f.fixedIn}`,
+                },
+                artifactChanges: [{
+                        artifactLocation: {
+                            uri: 'package.json',
+                            uriBaseId: '%SRCROOT%',
+                        },
+                        replacements: [{
+                                deletedRegion: {
+                                    startLine: 1,
+                                },
+                                insertedContent: {
+                                    text: `"${f.package}": "${f.fixedIn}"`,
+                                },
+                            }],
+                    }],
+            }],
+    }));
+    return {
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        version: '2.1.0',
+        runs: [{
+                tool: {
+                    driver: {
+                        name: 'Guardrail',
+                        version,
+                        semanticVersion: version,
+                        informationUri: 'https://guardrail.dev',
+                        organization: 'Guardrail Security',
+                        rules,
+                    },
+                },
+                results: sarifResults,
+                invocations: [{
+                        executionSuccessful: true,
+                        startTimeUtc: new Date().toISOString(),
+                        endTimeUtc: new Date().toISOString(),
+                        workingDirectory: {
+                            uri: results.projectPath?.replace(/\\/g, '/') || '.',
+                        },
+                        exitCode: 0,
+                    }],
+                properties: {
+                    scanType: 'vulnerabilities',
+                    packagesScanned: results.packagesScanned,
+                    auditSource: results.auditSource,
+                },
+            }],
+    };
+}
+/**
+ * Convert combined scan results to SARIF v2.1.0
+ */
+function combinedToSarif(results) {
+    const version = getVersion();
+    const allRules = [];
+    const allResults = [];
+    const ruleIndexMap = new Map();
+    // Add secrets rules and results
+    if (results.secrets) {
+        const secretsSarif = secretsToSarif(results.secrets);
+        const secretsRun = secretsSarif.runs[0];
+        for (const rule of secretsRun.tool.driver.rules || []) {
+            ruleIndexMap.set(rule.id, allRules.length);
+            allRules.push(rule);
+        }
+        for (const result of secretsRun.results) {
+            allResults.push({
+                ...result,
+                ruleIndex: ruleIndexMap.get(result.ruleId),
+            });
+        }
+    }
+    // Add vulnerability rules and results
+    if (results.vulnerabilities) {
+        const vulnSarif = vulnerabilitiesToSarif(results.vulnerabilities);
+        const vulnRun = vulnSarif.runs[0];
+        for (const rule of vulnRun.tool.driver.rules || []) {
+            if (!ruleIndexMap.has(rule.id)) {
+                ruleIndexMap.set(rule.id, allRules.length);
+                allRules.push(rule);
+            }
+        }
+        for (const result of vulnRun.results) {
+            allResults.push({
+                ...result,
+                ruleIndex: ruleIndexMap.get(result.ruleId),
+            });
+        }
+    }
+    return {
+        $schema: 'https://raw.githubusercontent.com/oasis-tcs/sarif-spec/master/Schemata/sarif-schema-2.1.0.json',
+        version: '2.1.0',
+        runs: [{
+                tool: {
+                    driver: {
+                        name: 'Guardrail',
+                        version,
+                        semanticVersion: version,
+                        informationUri: 'https://guardrail.dev',
+                        organization: 'Guardrail Security',
+                        rules: allRules,
+                    },
+                },
+                results: allResults,
+                invocations: [{
+                        executionSuccessful: true,
+                        startTimeUtc: new Date().toISOString(),
+                        endTimeUtc: new Date().toISOString(),
+                        exitCode: 0,
+                    }],
+                properties: {
+                    scanType: 'combined',
+                    duration: results.duration,
+                },
+            }],
+    };
+}
+//# sourceMappingURL=sarif-v2.js.map

package/dist/formatters/sarif-v2.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"sarif-v2.js","sourceRoot":"","sources":["../../src/formatters/sarif-v2.ts"],"names":[],"mappings":";AAAA;;;;GAIG;;AAuKH,wCA+HC;AAKD,wDA+GC;AAKD,0CAuEC;AApeD,mCAAoC;AA4HpC;;GAEG;AACH,SAAS,eAAe,CAAC,QAAgB;IACvC,QAAQ,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC;QAC/B,KAAK,UAAU,CAAC;QAChB,KAAK,MAAM;YACT,OAAO,OAAO,CAAC;QACjB,KAAK,QAAQ;YACX,OAAO,SAAS,CAAC;QACnB,KAAK,KAAK,CAAC;QACX,KAAK,MAAM;YACT,OAAO,MAAM,CAAC;QAChB;YACE,OAAO,SAAS,CAAC;IACrB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,OAAY;IACvC,MAAM,IAAI,GAAG,GAAG,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,KAAK,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;IACrH,OAAO,IAAA,mBAAU,EAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC1E,CAAC;AAED;;GAEG;AACH,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,OAAO,CAAC,oBAAoB,CAAC,CAAC;QAC1C,OAAO,GAAG,CAAC,OAAO,IAAI,OAAO,CAAC;IAChC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAgB,cAAc,CAAC,OAAY;IACzC,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,OAAO,GAAG,IAAI,GAAG,EAAoC,CAAC;IAC5D,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE/C,wCAAwC;IACxC,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,QAAQ,IAAI,EAAE,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,OAAO,CAAC,IAAI,IAAI,iBAAiB,CAAC;QACjD,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC;YAC3B,YAAY,CAAC,GAAG,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;YAChC,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE;gBAClB,EAAE,EAAE,MAAM;gBACV,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAS,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;gBAChF,gBAAgB,EAAE;oBAChB,IAAI,EAAE,YAAY,MAAM,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,EAAE;iBAC9C;gBACD,eAAe,EAAE;oBACf,IAAI,EAAE,OAAO,CAAC,cAAc,EAAE,MAAM,IAAI,aAAa,MAAM,0BAA0B;iBACtF;gBACD,IAAI,EAAE;oBACJ,IAAI,EAAE,OAAO,CAAC,cAAc,EAAE,WAAW,IAAI,uDAAuD;oBACpG,QAAQ,EAAE,qBAAqB,OAAO,CAAC,cAAc,EAAE,WAAW,IAAI,uDAAuD,sDAAsD;iBACpL;gBACD,OAAO,EAAE,oCAAoC;gBAC7C,oBAAoB,EAAE;oBACpB,KAAK,EAAE,eAAe,CAAC,OAAO,CAAC,IAAI,IAAI,MAAM,CAAC;oBAC9C,OAAO,EAAE,IAAI;iBACd;gBACD,UAAU,EAAE;oBACV,IAAI,EAAE,CAAC,UAAU,EAAE,SAAS,EAAE,OAAO,CAAC,IAAI,IAAI,MAAM,CAAC;oBACrD,SAAS,EAAE,MAAM;iBAClB;aACF,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAkB,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE;QAC1E,MAAM,MAAM,GAAG,CAAC,CAAC,IAAI,IAAI,iBAAiB,CAAC;QAC3C,OAAO;YACL,MAAM;YACN,SAAS,EAAE,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC;YACnC,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,IAAI,MAAM,CAAC;YACxC,OAAO,EAAE;gBACP,IAAI,EAAE,GAAG,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,iBAAiB,CAAC,CAAC,CAAC,EAAE,EAAE;aAClE;YACD,SAAS,EAAE,CAAC;oBACV,gBAAgB,EAAE;wBAChB,gBAAgB,EAAE;4BAChB,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;4BAC/B,SAAS,EAAE,WAAW;yBACvB;wBACD,MAAM,EAAE;4BACN,SAAS,EAAE,CAAC,CAAC,IAAI;4BACjB,WAAW,EAAE,CAAC;4BACd,OAAO,EAAE;gCACP,IAAI,EAAE,CAAC,CAAC,KAAK;6BACd;yBACF;qBACF;iBACF,CAAC;YACF,mBAAmB,EAAE;gBACnB,cAAc,EAAE,mBAAmB,CAAC,CAAC,CAAC;aACvC;YACD,YAAY,EAAE;gBACZ,cAAc,EAAE,GAAG,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE;aAChD;YACD,UAAU,EAAE;gBACV,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,OAAO,EAAE,CAAC,CAAC,OAAO;gBAClB,MAAM,EAAE,CAAC,CAAC,MAAM;gBAChB,IAAI,EAAE,CAAC,CAAC,IAAI;aACb;YACD,KAAK,EAAE,CAAC,CAAC,cAAc,EAAE,WAAW,CAAC,CAAC,CAAC,CAAC;oBACtC,WAAW,EAAE;wBACX,IAAI,EAAE,CAAC,CAAC,cAAc,CAAC,WAAW;qBACnC;oBACD,eAAe,EAAE,CAAC;4BAChB,gBAAgB,EAAE;gCAChB,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC;gCAC/B,SAAS,EAAE,WAAW;6BACvB;4BACD,YAAY,EAAE,CAAC;oCACb,aAAa,EAAE;wCACb,SAAS,EAAE,CAAC,CAAC,IAAI;wCACjB,WAAW,EAAE,CAAC;qCACf;oCACD,eAAe,EAAE;wCACf,IAAI,EAAE,uCAAuC;qCAC9C;iCACF,CAAC;yBACH,CAAC;iBACH,CAAC,CAAC,CAAC,CAAC,SAAS;SACf,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,OAAO;QACL,OAAO,EAAE,gGAAgG;QACzG,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE,CAAC;gBACL,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,WAAW;wBACjB,OAAO;wBACP,eAAe,EAAE,OAAO;wBACxB,cAAc,EAAE,uBAAuB;wBACvC,YAAY,EAAE,oBAAoB;wBAClC,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;qBACpC;iBACF;gBACD,OAAO,EAAE,YAAY;gBACrB,WAAW,EAAE,CAAC;wBACZ,mBAAmB,EAAE,IAAI;wBACzB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACtC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACpC,gBAAgB,EAAE;4BAChB,GAAG,EAAE,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,GAAG;yBACrD;wBACD,QAAQ,EAAE,CAAC;qBACZ,CAAC;gBACF,UAAU,EAAE;oBACV,QAAQ,EAAE,SAAS;oBACnB,YAAY,EAAE,OAAO,CAAC,YAAY;oBAClC,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B;aACF,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,sBAAsB,CAAC,OAAY;IACjD,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAE7B,MAAM,KAAK,GAA+B,CAAC;YACzC,EAAE,EAAE,uBAAuB;YAC3B,IAAI,EAAE,uBAAuB;YAC7B,gBAAgB,EAAE;gBAChB,IAAI,EAAE,mCAAmC;aAC1C;YACD,eAAe,EAAE;gBACf,IAAI,EAAE,0GAA0G;aACjH;YACD,IAAI,EAAE;gBACJ,IAAI,EAAE,wDAAwD;gBAC9D,QAAQ,EAAE,oKAAoK;aAC/K;YACD,OAAO,EAAE,4CAA4C;YACrD,oBAAoB,EAAE;gBACpB,KAAK,EAAE,OAAO;gBACd,OAAO,EAAE,IAAI;aACd;YACD,UAAU,EAAE;gBACV,IAAI,EAAE,CAAC,UAAU,EAAE,eAAe,EAAE,cAAc,CAAC;gBACnD,SAAS,EAAE,WAAW;aACvB;SACF,CAAC,CAAC;IAEH,MAAM,YAAY,GAAkB,CAAC,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,CAAM,EAAE,EAAE,CAAC,CAAC;QAC5E,MAAM,EAAE,uBAAuB;QAC/B,SAAS,EAAE,CAAC;QACZ,KAAK,EAAE,eAAe,CAAC,CAAC,CAAC,QAAQ,CAAC;QAClC,OAAO,EAAE;YACP,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC,CAAC,KAAK,OAAO,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,EAAE;YACzD,QAAQ,EAAE,KAAK,CAAC,CAAC,GAAG,OAAO,CAAC,CAAC,KAAK,sBAAsB,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,6BAA6B,CAAC,CAAC,OAAO,IAAI;SACzH;QACD,SAAS,EAAE,CAAC;gBACV,gBAAgB,EAAE;oBAChB,gBAAgB,EAAE;wBAChB,GAAG,EAAE,cAAc;wBACnB,SAAS,EAAE,WAAW;qBACvB;oBACD,MAAM,EAAE;wBACN,SAAS,EAAE,CAAC;qBACb;iBACF;aACF,CAAC;QACF,mBAAmB,EAAE;YACnB,cAAc,EAAE,mBAAmB,CAAC,CAAC,CAAC;SACvC;QACD,YAAY,EAAE;YACZ,cAAc,EAAE,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC,OAAO,EAAE;SACrD;QACD,UAAU,EAAE;YACV,GAAG,EAAE,CAAC,CAAC,GAAG;YACV,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,OAAO,EAAE,CAAC,CAAC,OAAO;YAClB,QAAQ,EAAE,CAAC,CAAC,QAAQ;SACrB;QACD,KAAK,EAAE,CAAC;gBACN,WAAW,EAAE;oBACX,IAAI,EAAE,WAAW,CAAC,CAAC,OAAO,OAAO,CAAC,CAAC,OAAO,EAAE;iBAC7C;gBACD,eAAe,EAAE,CAAC;wBAChB,gBAAgB,EAAE;4BAChB,GAAG,EAAE,cAAc;4BACnB,SAAS,EAAE,WAAW;yBACvB;wBACD,YAAY,EAAE,CAAC;gCACb,aAAa,EAAE;oCACb,SAAS,EAAE,CAAC;iCACb;gCACD,eAAe,EAAE;oCACf,IAAI,EAAE,IAAI,CAAC,CAAC,OAAO,OAAO,CAAC,CAAC,OAAO,GAAG;iCACvC;6BACF,CAAC;qBACH,CAAC;aACH,CAAC;KACH,CAAC,CAAC,CAAC;IAEJ,OAAO;QACL,OAAO,EAAE,gGAAgG;QACzG,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE,CAAC;gBACL,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,WAAW;wBACjB,OAAO;wBACP,eAAe,EAAE,OAAO;wBACxB,cAAc,EAAE,uBAAuB;wBACvC,YAAY,EAAE,oBAAoB;wBAClC,KAAK;qBACN;iBACF;gBACD,OAAO,EAAE,YAAY;gBACrB,WAAW,EAAE,CAAC;wBACZ,mBAAmB,EAAE,IAAI;wBACzB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACtC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACpC,gBAAgB,EAAE;4BAChB,GAAG,EAAE,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,IAAI,GAAG;yBACrD;wBACD,QAAQ,EAAE,CAAC;qBACZ,CAAC;gBACF,UAAU,EAAE;oBACV,QAAQ,EAAE,iBAAiB;oBAC3B,eAAe,EAAE,OAAO,CAAC,eAAe;oBACxC,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC;aACF,CAAC;KACH,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAAC,OAAY;IAC1C,MAAM,OAAO,GAAG,UAAU,EAAE,CAAC;IAC7B,MAAM,QAAQ,GAA+B,EAAE,CAAC;IAChD,MAAM,UAAU,GAAkB,EAAE,CAAC;IACrC,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;IAE/C,gCAAgC;IAChC,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,YAAY,GAAG,cAAc,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC;QACrD,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAExC,KAAK,MAAM,IAAI,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACtD,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC3C,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtB,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,UAAU,CAAC,OAAO,EAAE,CAAC;YACxC,UAAU,CAAC,IAAI,CAAC;gBACd,GAAG,MAAM;gBACT,SAAS,EAAE,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC;aAC3C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,sCAAsC;IACtC,IAAI,OAAO,CAAC,eAAe,EAAE,CAAC;QAC5B,MAAM,SAAS,GAAG,sBAAsB,CAAC,OAAO,CAAC,eAAe,CAAC,CAAC;QAClE,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAElC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,EAAE,CAAC;YACnD,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC/B,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;gBAC3C,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACtB,CAAC;QACH,CAAC;QAED,KAAK,MAAM,MAAM,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;YACrC,UAAU,CAAC,IAAI,CAAC;gBACd,GAAG,MAAM;gBACT,SAAS,EAAE,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,MAAM,CAAC;aAC3C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,OAAO,EAAE,gGAAgG;QACzG,OAAO,EAAE,OAAO;QAChB,IAAI,EAAE,CAAC;gBACL,IAAI,EAAE;oBACJ,MAAM,EAAE;wBACN,IAAI,EAAE,WAAW;wBACjB,OAAO;wBACP,eAAe,EAAE,OAAO;wBACxB,cAAc,EAAE,uBAAuB;wBACvC,YAAY,EAAE,oBAAoB;wBAClC,KAAK,EAAE,QAAQ;qBAChB;iBACF;gBACD,OAAO,EAAE,UAAU;gBACnB,WAAW,EAAE,CAAC;wBACZ,mBAAmB,EAAE,IAAI;wBACzB,YAAY,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACtC,UAAU,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;wBACpC,QAAQ,EAAE,CAAC;qBACZ,CAAC;gBACF,UAAU,EAAE;oBACV,QAAQ,EAAE,UAAU;oBACpB,QAAQ,EAAE,OAAO,CAAC,QAAQ;iBAC3B;aACF,CAAC;KACH,CAAC;AACJ,CAAC"}