guardvibe 0.4.0

package/build/data/secret-patterns.js

@@ -0,0 +1,87 @@
+export const secretPatterns = [
+    {
+        provider: "AWS Access Key",
+        pattern: /AKIA[0-9A-Z]{16}/g,
+        severity: "critical",
+        fix: "Remove the key and rotate it in AWS IAM console. Use environment variables or AWS SSM Parameter Store.",
+    },
+    {
+        provider: "AWS Secret Key",
+        pattern: /(?:aws)?_?secret_?(?:access)?_?key['"]?\s*[:=]\s*['"][A-Za-z0-9/+=]{40}['"]/gi,
+        severity: "critical",
+        fix: "Remove and rotate immediately. Use IAM roles or environment variables.",
+    },
+    {
+        provider: "GitHub Token",
+        pattern: /(?:ghp|gho|ghu|ghs|ghr)_[A-Za-z0-9_]{36,}/g,
+        severity: "critical",
+        fix: "Revoke the token at github.com/settings/tokens and create a new one with minimal scopes.",
+    },
+    {
+        provider: "OpenAI API Key",
+        pattern: /sk-[A-Za-z0-9]{20,}/g,
+        severity: "critical",
+        fix: "Rotate the key at platform.openai.com/api-keys. Use environment variables.",
+    },
+    {
+        provider: "Stripe Live Key",
+        pattern: /sk_live_[A-Za-z0-9]{20,}/g,
+        severity: "critical",
+        fix: "Rotate the key in the Stripe Dashboard. Never expose live keys in code.",
+    },
+    {
+        provider: "Stripe Publishable Live Key",
+        pattern: /pk_live_[A-Za-z0-9]{20,}/g,
+        severity: "medium",
+        fix: "Publishable keys are less sensitive but should still be in environment variables.",
+    },
+    {
+        provider: "Google API Key",
+        pattern: /AIza[0-9A-Za-z_-]{35}/g,
+        severity: "high",
+        fix: "Restrict the key in Google Cloud Console. Use environment variables.",
+    },
+    {
+        provider: "Slack Token",
+        pattern: /xox[baprs]-[A-Za-z0-9-]{10,}/g,
+        severity: "critical",
+        fix: "Revoke the token in Slack workspace settings. Use environment variables.",
+    },
+    {
+        provider: "Twilio API Key",
+        pattern: /SK[0-9a-fA-F]{32}/g,
+        severity: "high",
+        fix: "Rotate the key in the Twilio Console.",
+    },
+    {
+        provider: "SendGrid API Key",
+        pattern: /SG\.[A-Za-z0-9_-]{22}\.[A-Za-z0-9_-]{43}/g,
+        severity: "critical",
+        fix: "Revoke and recreate the key in SendGrid settings.",
+    },
+    {
+        provider: "Private Key",
+        pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/g,
+        severity: "critical",
+        fix: "Never commit private keys. Use a secrets manager or mount as a volume.",
+    },
+    {
+        provider: "NEXT_PUBLIC_ Secret Exposure",
+        pattern: /NEXT_PUBLIC_[A-Z_]*(?:SECRET|KEY|TOKEN|PASSWORD|CREDENTIAL)[A-Z_]*\s*=/gi,
+        severity: "high",
+        fix: "Remove NEXT_PUBLIC_ prefix — it exposes the value to the browser. Use server-side environment variables instead.",
+    },
+];
+export function calculateEntropy(str) {
+    const freq = new Map();
+    for (const ch of str) {
+        freq.set(ch, (freq.get(ch) || 0) + 1);
+    }
+    let entropy = 0;
+    for (const count of freq.values()) {
+        const p = count / str.length;
+        entropy -= p * Math.log2(p);
+    }
+    return entropy;
+}
+//# sourceMappingURL=secret-patterns.js.map

package/build/data/secret-patterns.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secret-patterns.js","sourceRoot":"","sources":["../../src/data/secret-patterns.ts"],"names":[],"mappings":"AAOA,MAAM,CAAC,MAAM,cAAc,GAAoB;IAC7C;QACE,QAAQ,EAAE,gBAAgB;QAC1B,OAAO,EAAE,mBAAmB;QAC5B,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,wGAAwG;KAC9G;IACD;QACE,QAAQ,EAAE,gBAAgB;QAC1B,OAAO,EAAE,+EAA+E;QACxF,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,wEAAwE;KAC9E;IACD;QACE,QAAQ,EAAE,cAAc;QACxB,OAAO,EAAE,4CAA4C;QACrD,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,0FAA0F;KAChG;IACD;QACE,QAAQ,EAAE,gBAAgB;QAC1B,OAAO,EAAE,sBAAsB;QAC/B,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,4EAA4E;KAClF;IACD;QACE,QAAQ,EAAE,iBAAiB;QAC3B,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,yEAAyE;KAC/E;IACD;QACE,QAAQ,EAAE,6BAA6B;QACvC,OAAO,EAAE,2BAA2B;QACpC,QAAQ,EAAE,QAAQ;QAClB,GAAG,EAAE,mFAAmF;KACzF;IACD;QACE,QAAQ,EAAE,gBAAgB;QAC1B,OAAO,EAAE,wBAAwB;QACjC,QAAQ,EAAE,MAAM;QAChB,GAAG,EAAE,sEAAsE;KAC5E;IACD;QACE,QAAQ,EAAE,aAAa;QACvB,OAAO,EAAE,+BAA+B;QACxC,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,0EAA0E;KAChF;IACD;QACE,QAAQ,EAAE,gBAAgB;QAC1B,OAAO,EAAE,oBAAoB;QAC7B,QAAQ,EAAE,MAAM;QAChB,GAAG,EAAE,uCAAuC;KAC7C;IACD;QACE,QAAQ,EAAE,kBAAkB;QAC5B,OAAO,EAAE,2CAA2C;QACpD,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,mDAAmD;KACzD;IACD;QACE,QAAQ,EAAE,aAAa;QACvB,OAAO,EAAE,gDAAgD;QACzD,QAAQ,EAAE,UAAU;QACpB,GAAG,EAAE,wEAAwE;KAC9E;IACD;QACE,QAAQ,EAAE,8BAA8B;QACxC,OAAO,EAAE,0EAA0E;QACnF,QAAQ,EAAE,MAAM;QAChB,GAAG,EAAE,kHAAkH;KACxH;CACF,CAAC;AAEF,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxC,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC,MAAM,CAAC;QAC7B,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC9B,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC"}

package/build/index.d.ts

@@ -0,0 +1,3 @@
+#!/usr/bin/env node
+export {};
+//# sourceMappingURL=index.d.ts.map

package/build/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":""}

package/build/index.js

@@ -0,0 +1,117 @@
+#!/usr/bin/env node
+import { McpServer } from "@modelcontextprotocol/sdk/server/mcp.js";
+import { StdioServerTransport } from "@modelcontextprotocol/sdk/server/stdio.js";
+import { z } from "zod";
+import { checkCode } from "./tools/check-code.js";
+import { checkProject } from "./tools/check-project.js";
+import { getSecurityDocs } from "./tools/get-security-docs.js";
+import { checkDependencies } from "./tools/check-deps.js";
+import { scanDirectory } from "./tools/scan-directory.js";
+import { scanDependencies } from "./tools/scan-dependencies.js";
+import { scanSecrets } from "./tools/scan-secrets.js";
+const server = new McpServer({
+    name: "guardvibe",
+    version: "0.4.0",
+});
+// Tool 1: Analyze code for security vulnerabilities
+server.tool("check_code", "Analyze code for security vulnerabilities (OWASP Top 10, XSS, SQL injection, insecure patterns). Use this when reviewing or writing code to catch security issues early.", {
+    code: z.string().describe("The code snippet to analyze"),
+    language: z
+        .enum(["javascript", "typescript", "python", "go", "java", "php", "ruby", "html", "sql", "shell"])
+        .describe("Programming language of the code"),
+    framework: z
+        .string()
+        .optional()
+        .describe("Framework context (e.g. express, nextjs, fastapi, react, django)"),
+}, async ({ code, language, framework }) => {
+    const results = checkCode(code, language, framework);
+    return {
+        content: [{ type: "text", text: results }],
+    };
+});
+// Tool 2: Scan entire project for security vulnerabilities
+server.tool("check_project", "Scan multiple files for security vulnerabilities and generate a project-wide security report with a security score. Use this for comprehensive security audits.", {
+    files: z
+        .array(z.object({
+        path: z.string().describe("Relative file path (e.g. src/app.ts)"),
+        content: z.string().describe("File source code"),
+    }))
+        .describe("List of files to scan: [{path, content}]"),
+}, async ({ files }) => {
+    const results = checkProject(files);
+    return {
+        content: [{ type: "text", text: results }],
+    };
+});
+// Tool 3: Get security documentation and best practices (renumbered from Tool 2)
+server.tool("get_security_docs", "Get security best practices and guidance for a specific topic, framework, or vulnerability type. Use this to learn how to write secure code.", {
+    topic: z
+        .string()
+        .describe('Security topic to look up (e.g. "express authentication", "sql injection prevention", "nextjs csrf", "react xss", "owasp top 10")'),
+}, async ({ topic }) => {
+    const docs = getSecurityDocs(topic);
+    return {
+        content: [{ type: "text", text: docs }],
+    };
+});
+// Tool 4: Check dependencies for known vulnerabilities
+const packageSchema = z.object({
+    name: z.string().describe("Package name (e.g. lodash, express, django)"),
+    version: z.string().describe("Package version (e.g. 4.17.20)"),
+    ecosystem: z
+        .enum(["npm", "PyPI", "Go", "crates.io", "Maven", "NuGet", "RubyGems"])
+        .default("npm")
+        .describe("Package ecosystem"),
+});
+server.tool("check_dependencies", "Check npm/python packages for known security vulnerabilities (CVEs) using the OSV database. Use this before adding new dependencies or to audit existing ones.", {
+    packages: z.preprocess((val) => {
+        if (typeof val === "string") {
+            try {
+                return JSON.parse(val);
+            }
+            catch {
+                return val;
+            }
+        }
+        return val;
+    }, z.array(packageSchema)).describe("List of packages to check: [{name, version, ecosystem}]"),
+}, async ({ packages }) => {
+    const results = await checkDependencies(packages);
+    return {
+        content: [{ type: "text", text: results }],
+    };
+});
+// Tool 5: Scan directory for security vulnerabilities (filesystem-native)
+server.tool("scan_directory", "Scan an entire project directory for security vulnerabilities. Reads files directly from the filesystem — no need to pass file contents. Returns a security score (A-F) and detailed findings.", {
+    path: z.string().describe("Directory path to scan (e.g. './src', '.')"),
+    recursive: z.boolean().optional().default(true).describe("Scan subdirectories"),
+    exclude: z.array(z.string()).optional().default([]).describe("Additional directories to exclude"),
+}, async ({ path, recursive, exclude }) => {
+    const results = scanDirectory(path, recursive, exclude);
+    return { content: [{ type: "text", text: results }] };
+});
+// Tool 6: Scan manifest/lockfile for dependency vulnerabilities
+server.tool("scan_dependencies", "Parse a lockfile or manifest (package.json, requirements.txt, go.mod, Gemfile.lock, Cargo.lock) and check all dependencies for known CVEs via the OSV database. Reads the file directly.", {
+    manifest_path: z.string().describe("Path to manifest file (e.g. 'package.json', 'requirements.txt', 'go.mod')"),
+}, async ({ manifest_path }) => {
+    const results = await scanDependencies(manifest_path);
+    return { content: [{ type: "text", text: results }] };
+});
+// Tool 7: Scan for leaked secrets, API keys, and credentials
+server.tool("scan_secrets", "Scan files and directories for leaked secrets, API keys, tokens, and credentials. Checks .env files, config files, and source code. Verifies .gitignore coverage.", {
+    path: z.string().describe("File or directory path to scan"),
+    recursive: z.boolean().optional().default(true).describe("Scan subdirectories"),
+}, async ({ path, recursive }) => {
+    const results = scanSecrets(path, recursive);
+    return { content: [{ type: "text", text: results }] };
+});
+async function main() {
+    const transport = new StdioServerTransport();
+    await server.connect(transport);
+    console.error("GuardVibe Security MCP server running on stdio");
+}
+main().catch((error) => {
+    console.error("Fatal error:", error);
+    process.exit(1);
+});
+//# sourceMappingURL=index.js.map

package/build/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAEtD,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,oDAAoD;AACpD,MAAM,CAAC,IAAI,CACT,YAAY,EACZ,0KAA0K,EAC1K;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IACxD,QAAQ,EAAE,CAAC;SACR,IAAI,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;SACjG,QAAQ,CAAC,kCAAkC,CAAC;IAC/C,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,kEAAkE,CAAC;CAChF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,EAAE,EAAE;IACtC,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IACrD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,2DAA2D;AAC3D,MAAM,CAAC,IAAI,CACT,eAAe,EACf,iKAAiK,EACjK;IACE,KAAK,EAAE,CAAC;SACL,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sCAAsC,CAAC;QACjE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;KACjD,CAAC,CACH;SACA,QAAQ,CAAC,0CAA0C,CAAC;CACxD,EACD,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IACpC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,iFAAiF;AACjF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,8IAA8I,EAC9I;IACE,KAAK,EAAE,CAAC;SACL,MAAM,EAAE;SACR,QAAQ,CACP,mIAAmI,CACpI;CACJ,EACD,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACpC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;KACxC,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,uDAAuD;AACvD,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7B,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6CAA6C,CAAC;IACxE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC9D,SAAS,EAAE,CAAC;SACT,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,EAAE,WAAW,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,CAAC,CAAC;SACtE,OAAO,CAAC,KAAK,CAAC;SACd,QAAQ,CAAC,mBAAmB,CAAC;CACjC,CAAC,CAAC;AAEH,MAAM,CAAC,IAAI,CACT,oBAAoB,EACpB,gKAAgK,EAChK;IACE,QAAQ,EAAE,CAAC,CAAC,UAAU,CACpB,CAAC,GAAG,EAAE,EAAE;QACN,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,GAAG,CAAC;YACb,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CACvB,CAAC,QAAQ,CAAC,yDAAyD,CAAC;CACtE,EACD,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAClD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,0EAA0E;AAC1E,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,gMAAgM,EAChM;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IACvE,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC;IAC/E,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,mCAAmC,CAAC;CAClG,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,EAAE,EAAE;IACrC,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;IACxD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,gEAAgE;AAChE,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,0LAA0L,EAC1L;IACE,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2EAA2E,CAAC;CAChH,EACD,KAAK,EAAE,EAAE,aAAa,EAAE,EAAE,EAAE;IAC1B,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,aAAa,CAAC,CAAC;IACtD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,6DAA6D;AAC7D,MAAM,CAAC,IAAI,CACT,cAAc,EACd,mKAAmK,EACnK;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC3D,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC;CAChF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,EAAE,EAAE;IAC5B,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,SAAS,CAAC,CAAC;IAC7C,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;AAClE,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/build/tools/check-code.d.ts

@@ -0,0 +1,9 @@
+import { type SecurityRule } from "../data/rules/index.js";
+export interface Finding {
+    rule: SecurityRule;
+    match: string;
+    line: number;
+}
+export declare function analyzeCode(code: string, language: string, framework?: string): Finding[];
+export declare function checkCode(code: string, language: string, framework?: string): string;
+//# sourceMappingURL=check-code.d.ts.map

package/build/tools/check-code.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-code.d.ts","sourceRoot":"","sources":["../../src/tools/check-code.ts"],"names":[],"mappings":"AAAA,OAAO,EAAc,KAAK,YAAY,EAAE,MAAM,wBAAwB,CAAC;AAEvE,MAAM,WAAW,OAAO;IACtB,IAAI,EAAE,YAAY,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,MAAM,CAAC;CACd;AAgCD,wBAAgB,WAAW,CACzB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,SAAS,CAAC,EAAE,MAAM,GACjB,OAAO,EAAE,CAyBX;AAED,wBAAgB,SAAS,CACvB,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,MAAM,EAChB,SAAS,CAAC,EAAE,MAAM,GACjB,MAAM,CAQR"}

package/build/tools/check-code.js

@@ -0,0 +1,125 @@
+import { owaspRules } from "../data/rules/index.js";
+function parseSuppressionsFromCode(lines) {
+    const suppressions = [];
+    const pattern = /(?:\/\/|#|<!--)\s*guardvibe-ignore(?:-next-line)?\s*(VG\d+)?\s*(?:-->)?/i;
+    for (let i = 0; i < lines.length; i++) {
+        const match = pattern.exec(lines[i]);
+        if (!match)
+            continue;
+        const ruleId = match[1] || null;
+        const isNextLine = lines[i].includes("guardvibe-ignore-next-line");
+        if (isNextLine) {
+            suppressions.push({ line: i + 2, ruleId }); // next line (1-indexed)
+        }
+        else {
+            suppressions.push({ line: i + 1, ruleId }); // same line (1-indexed)
+        }
+    }
+    return suppressions;
+}
+function isLineSuppressed(suppressions, line, ruleId) {
+    return suppressions.some(s => s.line === line && (s.ruleId === null || s.ruleId === ruleId));
+}
+export function analyzeCode(code, language, framework) {
+    const findings = [];
+    const lines = code.split("\n");
+    const suppressions = parseSuppressionsFromCode(lines);
+    for (const rule of owaspRules) {
+        if (!rule.languages.includes(language))
+            continue;
+        rule.pattern.lastIndex = 0;
+        let match;
+        while ((match = rule.pattern.exec(code)) !== null) {
+            const beforeMatch = code.substring(0, match.index);
+            const lineNumber = beforeMatch.split("\n").length;
+            if (isLineSuppressed(suppressions, lineNumber, rule.id))
+                continue;
+            findings.push({
+                rule,
+                match: match[0].substring(0, 80),
+                line: lineNumber,
+            });
+        }
+    }
+    return findings;
+}
+export function checkCode(code, language, framework) {
+    const findings = analyzeCode(code, language, framework);
+    if (findings.length === 0) {
+        return formatCleanReport(language, framework);
+    }
+    return formatReport(findings, language, framework);
+}
+function formatCleanReport(language, framework) {
+    const ctx = framework ? ` (${framework})` : "";
+    return [
+        `# GuardVibe Security Report`,
+        ``,
+        `**Language:** ${language}${ctx}`,
+        `**Status:** No security issues detected`,
+        ``,
+        `The code looks clean! Here are some general tips:`,
+        `- Keep dependencies updated (\`npm audit\`)`,
+        `- Validate all user input with schemas (zod, joi)`,
+        `- Use environment variables for secrets`,
+        `- Add rate limiting to API endpoints`,
+    ].join("\n");
+}
+function formatReport(findings, language, framework) {
+    const ctx = framework ? ` (${framework})` : "";
+    // Severity ordering
+    const severityOrder = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+    // Group findings by rule.id
+    const grouped = new Map();
+    for (const finding of findings) {
+        const existing = grouped.get(finding.rule.id);
+        if (existing) {
+            existing.push(finding);
+        }
+        else {
+            grouped.set(finding.rule.id, [finding]);
+        }
+    }
+    // Sort groups by severity (critical first)
+    const sortedGroups = Array.from(grouped.entries()).sort(([, aFindings], [, bFindings]) => {
+        return severityOrder[aFindings[0].rule.severity] - severityOrder[bFindings[0].rule.severity];
+    });
+    // Count total findings (deduplicated groups count as 1 issue each for summary)
+    const allFindings = findings;
+    const criticalCount = allFindings.filter((f) => f.rule.severity === "critical").length;
+    const highCount = allFindings.filter((f) => f.rule.severity === "high").length;
+    const mediumCount = allFindings.filter((f) => f.rule.severity === "medium").length;
+    const lines = [
+        `# GuardVibe Security Report`,
+        ``,
+        `**Language:** ${language}${ctx}`,
+        `**Issues found:** ${allFindings.length}`,
+        `**Breakdown:** ${criticalCount} critical, ${highCount} high, ${mediumCount} medium`,
+        ``,
+        `---`,
+        ``,
+    ];
+    for (const [, groupFindings] of sortedGroups) {
+        const first = groupFindings[0];
+        const icon = first.rule.severity === "critical"
+            ? "CRITICAL"
+            : first.rule.severity === "high"
+                ? "HIGH"
+                : first.rule.severity === "medium"
+                    ? "MEDIUM"
+                    : "LOW";
+        if (groupFindings.length > 2) {
+            // Deduplicated grouped format
+            const lineList = groupFindings.map((f) => `~${f.line}`).join(", ");
+            lines.push(`## [${icon}] ${first.rule.name} (${first.rule.id})`, ``, `**OWASP:** ${first.rule.owasp}`, `**Occurrences:** ${groupFindings.length} (lines: ${lineList})`, `**Example match:** \`${first.match}\``, ``, first.rule.description, ``, `**Fix:** ${first.rule.fix}`, ``, `---`, ``);
+        }
+        else {
+            // Individual format for 1-2 matches
+            for (const finding of groupFindings) {
+                lines.push(`## [${icon}] ${finding.rule.name} (${finding.rule.id})`, ``, `**OWASP:** ${finding.rule.owasp}`, `**Line:** ~${finding.line}`, `**Match:** \`${finding.match}\``, ``, finding.rule.description, ``, `**Fix:** ${finding.rule.fix}`, ``, `---`, ``);
+            }
+        }
+    }
+    return lines.join("\n");
+}
+//# sourceMappingURL=check-code.js.map

package/build/tools/check-code.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-code.js","sourceRoot":"","sources":["../../src/tools/check-code.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAqB,MAAM,wBAAwB,CAAC;AAavE,SAAS,yBAAyB,CAAC,KAAe;IAChD,MAAM,YAAY,GAAkB,EAAE,CAAC;IACvC,MAAM,OAAO,GAAG,0EAA0E,CAAC;IAE3F,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;QACrC,IAAI,CAAC,KAAK;YAAE,SAAS;QAErB,MAAM,MAAM,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,IAAI,CAAC;QAChC,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAC;QAEnE,IAAI,UAAU,EAAE,CAAC;YACf,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,wBAAwB;QACtE,CAAC;aAAM,CAAC;YACN,YAAY,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,wBAAwB;QACtE,CAAC;IACH,CAAC;IAED,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,gBAAgB,CAAC,YAA2B,EAAE,IAAY,EAAE,MAAc;IACjF,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,IAAI,IAAI,CAAC,CAAC,CAAC,MAAM,KAAK,IAAI,IAAI,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,CAAC,CAAC;AAC/F,CAAC;AAED,MAAM,UAAU,WAAW,CACzB,IAAY,EACZ,QAAgB,EAChB,SAAkB;IAElB,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,YAAY,GAAG,yBAAyB,CAAC,KAAK,CAAC,CAAC;IAEtD,KAAK,MAAM,IAAI,IAAI,UAAU,EAAE,CAAC;QAC9B,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,QAAQ,CAAC;YAAE,SAAS;QACjD,IAAI,CAAC,OAAO,CAAC,SAAS,GAAG,CAAC,CAAC;QAE3B,IAAI,KAA6B,CAAC;QAClC,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAClD,MAAM,WAAW,GAAG,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC;YACnD,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;YAElD,IAAI,gBAAgB,CAAC,YAAY,EAAE,UAAU,EAAE,IAAI,CAAC,EAAE,CAAC;gBAAE,SAAS;YAElE,QAAQ,CAAC,IAAI,CAAC;gBACZ,IAAI;gBACJ,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC;gBAChC,IAAI,EAAE,UAAU;aACjB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,SAAS,CACvB,IAAY,EACZ,QAAgB,EAChB,SAAkB;IAElB,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAExD,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,iBAAiB,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IAChD,CAAC;IAED,OAAO,YAAY,CAAC,QAAQ,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;AACrD,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB,EAAE,SAAkB;IAC7D,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC/C,OAAO;QACL,6BAA6B;QAC7B,EAAE;QACF,iBAAiB,QAAQ,GAAG,GAAG,EAAE;QACjC,yCAAyC;QACzC,EAAE;QACF,mDAAmD;QACnD,6CAA6C;QAC7C,mDAAmD;QACnD,yCAAyC;QACzC,sCAAsC;KACvC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,YAAY,CACnB,QAAmB,EACnB,QAAgB,EAChB,SAAkB;IAElB,MAAM,GAAG,GAAG,SAAS,CAAC,CAAC,CAAC,KAAK,SAAS,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAE/C,oBAAoB;IACpB,MAAM,aAAa,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAE3E,4BAA4B;IAC5B,MAAM,OAAO,GAAG,IAAI,GAAG,EAAqB,CAAC;IAC7C,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9C,IAAI,QAAQ,EAAE,CAAC;YACb,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QACzB,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;QAC1C,CAAC;IACH,CAAC;IAED,2CAA2C;IAC3C,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE;QACvF,OAAO,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;IAC/F,CAAC,CAAC,CAAC;IAEH,+EAA+E;IAC/E,MAAM,WAAW,GAAG,QAAQ,CAAC;IAC7B,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACvF,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC/E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IAEnF,MAAM,KAAK,GAAG;QACZ,6BAA6B;QAC7B,EAAE;QACF,iBAAiB,QAAQ,GAAG,GAAG,EAAE;QACjC,qBAAqB,WAAW,CAAC,MAAM,EAAE;QACzC,kBAAkB,aAAa,cAAc,SAAS,UAAU,WAAW,SAAS;QACpF,EAAE;QACF,KAAK;QACL,EAAE;KACH,CAAC;IAEF,KAAK,MAAM,CAAC,EAAE,aAAa,CAAC,IAAI,YAAY,EAAE,CAAC;QAC7C,MAAM,KAAK,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QAC/B,MAAM,IAAI,GACR,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU;YAChC,CAAC,CAAC,UAAU;YACZ,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM;gBAC9B,CAAC,CAAC,MAAM;gBACR,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ;oBAChC,CAAC,CAAC,QAAQ;oBACV,CAAC,CAAC,KAAK,CAAC;QAEhB,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC7B,8BAA8B;YAC9B,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnE,KAAK,CAAC,IAAI,CACR,OAAO,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,EAAE,GAAG,EACpD,EAAE,EACF,cAAc,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAChC,oBAAoB,aAAa,CAAC,MAAM,YAAY,QAAQ,GAAG,EAC/D,wBAAwB,KAAK,CAAC,KAAK,IAAI,EACvC,EAAE,EACF,KAAK,CAAC,IAAI,CAAC,WAAW,EACtB,EAAE,EACF,YAAY,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAC5B,EAAE,EACF,KAAK,EACL,EAAE,CACH,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,oCAAoC;YACpC,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;gBACpC,KAAK,CAAC,IAAI,CACR,OAAO,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EACxD,EAAE,EACF,cAAc,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,EAClC,cAAc,OAAO,CAAC,IAAI,EAAE,EAC5B,gBAAgB,OAAO,CAAC,KAAK,IAAI,EACjC,EAAE,EACF,OAAO,CAAC,IAAI,CAAC,WAAW,EACxB,EAAE,EACF,YAAY,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,EAC9B,EAAE,EACF,KAAK,EACL,EAAE,CACH,CAAC;YACJ,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/build/tools/check-deps.d.ts

@@ -0,0 +1,8 @@
+interface PackageInput {
+    name: string;
+    version: string;
+    ecosystem: string;
+}
+export declare function checkDependencies(packages: PackageInput[]): Promise<string>;
+export {};
+//# sourceMappingURL=check-deps.d.ts.map

package/build/tools/check-deps.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-deps.d.ts","sourceRoot":"","sources":["../../src/tools/check-deps.ts"],"names":[],"mappings":"AAEA,UAAU,YAAY;IACpB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,wBAAsB,iBAAiB,CACrC,QAAQ,EAAE,YAAY,EAAE,GACvB,OAAO,CAAC,MAAM,CAAC,CAoEjB"}

package/build/tools/check-deps.js

@@ -0,0 +1,57 @@
+import { queryOsv, formatVulnerability } from "../utils/osv-client.js";
+export async function checkDependencies(packages) {
+    const results = [
+        `# GuardVibe Dependency Security Report`,
+        ``,
+        `**Packages checked:** ${packages.length}`,
+        `**Database:** OSV (Google Open Source Vulnerabilities)`,
+        ``,
+        `---`,
+        ``,
+    ];
+    let totalVulns = 0;
+    let criticalPackages = [];
+    for (const pkg of packages) {
+        try {
+            const vulns = await queryOsv(pkg.name, pkg.version, pkg.ecosystem);
+            if (vulns.length === 0) {
+                results.push(`## ${pkg.name}@${pkg.version} (${pkg.ecosystem})`);
+                results.push(`No known vulnerabilities found.`);
+                results.push(``);
+            }
+            else {
+                totalVulns += vulns.length;
+                criticalPackages.push(`${pkg.name}@${pkg.version}`);
+                results.push(`## ${pkg.name}@${pkg.version} (${pkg.ecosystem}) - ${vulns.length} vulnerabilities found`);
+                results.push(``);
+                for (const vuln of vulns) {
+                    results.push(formatVulnerability(vuln));
+                    results.push(``);
+                }
+            }
+        }
+        catch (error) {
+            const message = error instanceof Error ? error.message : "Unknown error";
+            results.push(`## ${pkg.name}@${pkg.version} (${pkg.ecosystem})`);
+            results.push(`Error checking package: ${message}`);
+            results.push(``);
+        }
+    }
+    // Summary
+    results.push(`---`);
+    results.push(``);
+    results.push(`## Summary`);
+    if (totalVulns === 0) {
+        results.push(`All ${packages.length} packages are clean. No known vulnerabilities found.`);
+    }
+    else {
+        results.push(`**${totalVulns} vulnerabilities** found in ${criticalPackages.length} packages:`);
+        for (const pkg of criticalPackages) {
+            results.push(`- ${pkg}`);
+        }
+        results.push(``);
+        results.push(`**Action:** Update affected packages to their fixed versions.`);
+    }
+    return results.join("\n");
+}
+//# sourceMappingURL=check-deps.js.map

package/build/tools/check-deps.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-deps.js","sourceRoot":"","sources":["../../src/tools/check-deps.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAQvE,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAwB;IAExB,MAAM,OAAO,GAAa;QACxB,wCAAwC;QACxC,EAAE;QACF,yBAAyB,QAAQ,CAAC,MAAM,EAAE;QAC1C,wDAAwD;QACxD,EAAE;QACF,KAAK;QACL,EAAE;KACH,CAAC;IAEF,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,IAAI,gBAAgB,GAAa,EAAE,CAAC;IAEpC,KAAK,MAAM,GAAG,IAAI,QAAQ,EAAE,CAAC;QAC3B,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,IAAI,EAAE,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;YAEnE,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBACvB,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,KAAK,GAAG,CAAC,SAAS,GAAG,CAAC,CAAC;gBACjE,OAAO,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;gBAChD,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;YACnB,CAAC;iBAAM,CAAC;gBACN,UAAU,IAAI,KAAK,CAAC,MAAM,CAAC;gBAC3B,gBAAgB,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,EAAE,CAAC,CAAC;gBAEpD,OAAO,CAAC,IAAI,CACV,MAAM,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,KAAK,GAAG,CAAC,SAAS,OAAO,KAAK,CAAC,MAAM,wBAAwB,CAC3F,CAAC;gBACF,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAEjB,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;oBACzB,OAAO,CAAC,IAAI,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC;oBACxC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBACnB,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GACX,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,OAAO,KAAK,GAAG,CAAC,SAAS,GAAG,CAAC,CAAC;YACjE,OAAO,CAAC,IAAI,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACnB,CAAC;IACH,CAAC;IAED,UAAU;IACV,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpB,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAE3B,IAAI,UAAU,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,CAAC,IAAI,CACV,OAAO,QAAQ,CAAC,MAAM,sDAAsD,CAC7E,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,IAAI,CACV,KAAK,UAAU,+BAA+B,gBAAgB,CAAC,MAAM,YAAY,CAClF,CAAC;QACF,KAAK,MAAM,GAAG,IAAI,gBAAgB,EAAE,CAAC;YACnC,OAAO,CAAC,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,OAAO,CAAC,IAAI,CACV,+DAA+D,CAChE,CAAC;IACJ,CAAC;IAED,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC"}

package/build/tools/check-project.d.ts

@@ -0,0 +1,7 @@
+interface FileInput {
+    path: string;
+    content: string;
+}
+export declare function checkProject(files: FileInput[]): string;
+export {};
+//# sourceMappingURL=check-project.d.ts.map

package/build/tools/check-project.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-project.d.ts","sourceRoot":"","sources":["../../src/tools/check-project.ts"],"names":[],"mappings":"AAEA,UAAU,SAAS;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB;AAwCD,wBAAgB,YAAY,CAAC,KAAK,EAAE,SAAS,EAAE,GAAG,MAAM,CAgJvD"}

package/build/tools/check-project.js

@@ -0,0 +1,134 @@
+import { analyzeCode } from "./check-code.js";
+const extensionMap = {
+    ".js": "javascript",
+    ".jsx": "javascript",
+    ".ts": "typescript",
+    ".tsx": "typescript",
+    ".py": "python",
+    ".go": "go",
+    ".java": "java",
+    ".php": "php",
+    ".rb": "ruby",
+    ".html": "html",
+    ".sql": "sql",
+    ".sh": "shell",
+    ".bash": "shell",
+};
+function detectLanguage(filePath) {
+    const ext = filePath.match(/\.[^.]+$/)?.[0]?.toLowerCase();
+    return ext ? extensionMap[ext] ?? null : null;
+}
+function calculateScore(critical, high, medium) {
+    return Math.max(0, Math.min(100, 100 - critical * 25 - high * 10 - medium * 5));
+}
+function scoreToGrade(score) {
+    if (score >= 90)
+        return "A";
+    if (score >= 75)
+        return "B";
+    if (score >= 60)
+        return "C";
+    if (score >= 40)
+        return "D";
+    return "F";
+}
+export function checkProject(files) {
+    const results = [];
+    const skippedFiles = [];
+    for (const file of files) {
+        const language = detectLanguage(file.path);
+        if (!language) {
+            skippedFiles.push(file.path);
+            continue;
+        }
+        const findings = analyzeCode(file.content, language);
+        if (findings.length > 0) {
+            results.push({ path: file.path, findings });
+        }
+    }
+    const scannedCount = files.length - skippedFiles.length;
+    const allFindings = results.flatMap((r) => r.findings);
+    const totalCritical = allFindings.filter((f) => f.rule.severity === "critical").length;
+    const totalHigh = allFindings.filter((f) => f.rule.severity === "high").length;
+    const totalMedium = allFindings.filter((f) => f.rule.severity === "medium").length;
+    const totalIssues = totalCritical + totalHigh + totalMedium;
+    const score = calculateScore(totalCritical, totalHigh, totalMedium);
+    const grade = scoreToGrade(score);
+    const lines = [
+        `# GuardVibe Project Security Report`,
+        ``,
+        `Files scanned: ${scannedCount}`,
+        `Total issues: ${totalIssues}`,
+        `Security Score: ${grade} (${score}/100)`,
+        ``,
+    ];
+    if (totalIssues > 0) {
+        lines.push(`## Summary`, ``);
+        lines.push(`| Severity | Count |`);
+        lines.push(`|----------|-------|`);
+        if (totalCritical > 0)
+            lines.push(`| Critical | ${totalCritical}     |`);
+        if (totalHigh > 0)
+            lines.push(`| High     | ${totalHigh}     |`);
+        if (totalMedium > 0)
+            lines.push(`| Medium   | ${totalMedium}     |`);
+        lines.push(``);
+        // Top issues sorted by severity
+        const severityOrder = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
+        const allIssues = results.flatMap((r) => r.findings.map((f) => ({
+            severity: f.rule.severity,
+            order: severityOrder[f.rule.severity] ?? 99,
+            text: `[${f.rule.severity.toUpperCase()}] ${f.rule.name} in ${r.path} (${f.rule.id})`,
+        })));
+        allIssues.sort((a, b) => a.order - b.order);
+        if (allIssues.length > 0) {
+            lines.push(`## Top Issues`);
+            const topN = allIssues.slice(0, 10);
+            topN.forEach((issue, i) => {
+                lines.push(`${i + 1}. ${issue.text}`);
+            });
+            lines.push(``);
+        }
+        lines.push(`---`, ``);
+        // Per-file details
+        for (const r of results) {
+            const fileIssueCount = r.findings.length;
+            lines.push(`## File: ${r.path} (${fileIssueCount} issues)`, ``);
+            // Group findings by rule.id to match check-code formatting
+            const grouped = new Map();
+            for (const finding of r.findings) {
+                const existing = grouped.get(finding.rule.id);
+                if (existing) {
+                    existing.push(finding);
+                }
+                else {
+                    grouped.set(finding.rule.id, [finding]);
+                }
+            }
+            const sortedGroups = Array.from(grouped.entries()).sort(([, aFindings], [, bFindings]) => {
+                return (severityOrder[aFindings[0].rule.severity] ?? 99) - (severityOrder[bFindings[0].rule.severity] ?? 99);
+            });
+            for (const [, groupFindings] of sortedGroups) {
+                const first = groupFindings[0];
+                const icon = first.rule.severity.toUpperCase();
+                if (groupFindings.length > 2) {
+                    const lineList = groupFindings.map((f) => `~${f.line}`).join(", ");
+                    lines.push(`## [${icon}] ${first.rule.name} (${first.rule.id})`, ``, `**OWASP:** ${first.rule.owasp}`, `**Occurrences:** ${groupFindings.length} (lines: ${lineList})`, `**Example match:** \`${first.match}\``, ``, first.rule.description, ``, `**Fix:** ${first.rule.fix}`, ``, `---`, ``);
+                }
+                else {
+                    for (const finding of groupFindings) {
+                        lines.push(`## [${icon}] ${finding.rule.name} (${finding.rule.id})`, ``, `**OWASP:** ${finding.rule.owasp}`, `**Line:** ~${finding.line}`, `**Match:** \`${finding.match}\``, ``, finding.rule.description, ``, `**Fix:** ${finding.rule.fix}`, ``, `---`, ``);
+                    }
+                }
+            }
+        }
+    }
+    else {
+        lines.push(`## No Issues Found`, ``, `All ${scannedCount} files passed security checks. Great job!`, ``, `**Tips to stay secure:**`, `- Keep dependencies updated`, `- Validate all user input with schemas`, `- Use environment variables for secrets`, `- Add rate limiting to API endpoints`);
+    }
+    if (skippedFiles.length > 0) {
+        lines.push(``, `*Skipped ${skippedFiles.length} files with unsupported extensions.*`);
+    }
+    return lines.join("\n");
+}
+//# sourceMappingURL=check-project.js.map

package/build/tools/check-project.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"check-project.js","sourceRoot":"","sources":["../../src/tools/check-project.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAgB,MAAM,iBAAiB,CAAC;AAY5D,MAAM,YAAY,GAA2B;IAC3C,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,YAAY;IACnB,MAAM,EAAE,YAAY;IACpB,KAAK,EAAE,QAAQ;IACf,KAAK,EAAE,IAAI;IACX,OAAO,EAAE,MAAM;IACf,MAAM,EAAE,KAAK;IACb,KAAK,EAAE,MAAM;IACb,OAAO,EAAE,MAAM;IACf,MAAM,EAAE,KAAK;IACb,KAAK,EAAE,OAAO;IACd,OAAO,EAAE,OAAO;CACjB,CAAC;AAEF,SAAS,cAAc,CAAC,QAAgB;IACtC,MAAM,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,CAAC;IAC3D,OAAO,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;AAChD,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB,EAAE,IAAY,EAAE,MAAc;IACpE,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,QAAQ,GAAG,EAAE,GAAG,IAAI,GAAG,EAAE,GAAG,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC;AAClF,CAAC;AAED,SAAS,YAAY,CAAC,KAAa;IACjC,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,IAAI,KAAK,IAAI,EAAE;QAAE,OAAO,GAAG,CAAC;IAC5B,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,UAAU,YAAY,CAAC,KAAkB;IAC7C,MAAM,OAAO,GAAiB,EAAE,CAAC;IACjC,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3C,IAAI,CAAC,QAAQ,EAAE,CAAC;YACd,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,SAAS;QACX,CAAC;QACD,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QACrD,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACxB,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC;QAC9C,CAAC;IACH,CAAC;IAED,MAAM,YAAY,GAAG,KAAK,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM,CAAC;IACxD,MAAM,WAAW,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACvD,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACvF,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC/E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACnF,MAAM,WAAW,GAAG,aAAa,GAAG,SAAS,GAAG,WAAW,CAAC;IAC5D,MAAM,KAAK,GAAG,cAAc,CAAC,aAAa,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;IACpE,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,CAAC;IAElC,MAAM,KAAK,GAAa;QACtB,qCAAqC;QACrC,EAAE;QACF,kBAAkB,YAAY,EAAE;QAChC,iBAAiB,WAAW,EAAE;QAC9B,mBAAmB,KAAK,KAAK,KAAK,OAAO;QACzC,EAAE;KACH,CAAC;IAEF,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,CAAC,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACnC,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;QACnC,IAAI,aAAa,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,aAAa,QAAQ,CAAC,CAAC;QACzE,IAAI,SAAS,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,SAAS,QAAQ,CAAC,CAAC;QACjE,IAAI,WAAW,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,WAAW,QAAQ,CAAC,CAAC;QACrE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,gCAAgC;QAChC,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACnG,MAAM,SAAS,GAAG,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE,CACtC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACrB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;YACzB,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE;YAC3C,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG;SACtF,CAAC,CAAC,CACJ,CAAC;QACF,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC;QAE5C,IAAI,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YACzB,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;YAC5B,MAAM,IAAI,GAAG,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACpC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;gBACxB,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YACxC,CAAC,CAAC,CAAC;YACH,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QAEtB,mBAAmB;QACnB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;YACxB,MAAM,cAAc,GAAG,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC;YACzC,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,IAAI,KAAK,cAAc,UAAU,EAAE,EAAE,CAAC,CAAC;YAEhE,2DAA2D;YAC3D,MAAM,OAAO,GAAG,IAAI,GAAG,EAAqB,CAAC;YAC7C,KAAK,MAAM,OAAO,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;gBACjC,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;gBAC9C,IAAI,QAAQ,EAAE,CAAC;oBACb,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBACzB,CAAC;qBAAM,CAAC;oBACN,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,EAAE,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC;gBAC1C,CAAC;YACH,CAAC;YAED,MAAM,YAAY,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,SAAS,CAAC,EAAE,CAAC,EAAE,SAAS,CAAC,EAAE,EAAE;gBACvF,OAAO,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC,aAAa,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC,CAAC;YAC/G,CAAC,CAAC,CAAC;YAEH,KAAK,MAAM,CAAC,EAAE,aAAa,CAAC,IAAI,YAAY,EAAE,CAAC;gBAC7C,MAAM,KAAK,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;gBAC/B,MAAM,IAAI,GAAG,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAE/C,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;oBAC7B,MAAM,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACnE,KAAK,CAAC,IAAI,CACR,OAAO,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,KAAK,CAAC,IAAI,CAAC,EAAE,GAAG,EACpD,EAAE,EACF,cAAc,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAChC,oBAAoB,aAAa,CAAC,MAAM,YAAY,QAAQ,GAAG,EAC/D,wBAAwB,KAAK,CAAC,KAAK,IAAI,EACvC,EAAE,EACF,KAAK,CAAC,IAAI,CAAC,WAAW,EACtB,EAAE,EACF,YAAY,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,EAC5B,EAAE,EACF,KAAK,EACL,EAAE,CACH,CAAC;gBACJ,CAAC;qBAAM,CAAC;oBACN,KAAK,MAAM,OAAO,IAAI,aAAa,EAAE,CAAC;wBACpC,KAAK,CAAC,IAAI,CACR,OAAO,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,EACxD,EAAE,EACF,cAAc,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,EAClC,cAAc,OAAO,CAAC,IAAI,EAAE,EAC5B,gBAAgB,OAAO,CAAC,KAAK,IAAI,EACjC,EAAE,EACF,OAAO,CAAC,IAAI,CAAC,WAAW,EACxB,EAAE,EACF,YAAY,OAAO,CAAC,IAAI,CAAC,GAAG,EAAE,EAC9B,EAAE,EACF,KAAK,EACL,EAAE,CACH,CAAC;oBACJ,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CACR,oBAAoB,EACpB,EAAE,EACF,OAAO,YAAY,2CAA2C,EAC9D,EAAE,EACF,0BAA0B,EAC1B,6BAA6B,EAC7B,wCAAwC,EACxC,yCAAyC,EACzC,sCAAsC,CACvC,CAAC;IACJ,CAAC;IAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,YAAY,YAAY,CAAC,MAAM,sCAAsC,CAAC,CAAC;IACxF,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}

package/build/tools/get-security-docs.d.ts

@@ -0,0 +1,2 @@
+export declare function getSecurityDocs(topic: string): string;
+//# sourceMappingURL=get-security-docs.d.ts.map

package/build/tools/get-security-docs.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"get-security-docs.d.ts","sourceRoot":"","sources":["../../src/tools/get-security-docs.ts"],"names":[],"mappings":"AAEA,wBAAgB,eAAe,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAoErD"}