guardvibe 1.3.2 → 1.4.0

package/README.md

@@ -311,6 +311,19 @@ Tested on a real 644-file Next.js + Supabase project:
 - False positive rate: **near zero** (comment/string filtering, human-readable text detection)
 - Detection rate: **100%** on known vulnerability patterns
 
+## Security
+
+GuardVibe takes supply chain security seriously:
+
+- **npm provenance** — every published version is cryptographically signed via Sigstore, linking the package to this exact GitHub repo and commit. Verify with `npm audit signatures`
+- **2FA enabled** — npm account protected with two-factor authentication
+- **Branch protection** — force push disabled on main, admin enforcement enabled
+- **Tag protection** — version tags (`v*`) cannot be deleted or force-pushed
+- **Minimal CI permissions** — GitHub Actions workflows use `permissions: contents: read` only
+- **Zero runtime dependencies** — only MCP SDK and Zod (both widely audited)
+
+To report a vulnerability, please email security@goklab.com or open a GitHub issue.
+
 ## License
 
 Apache 2.0 — open source, patent-safe, enterprise-ready. Built by [GokLab](https://github.com/goklab).

package/build/data/compliance-metadata.d.ts

@@ -0,0 +1,24 @@
+/**
+ * Extended compliance metadata for all rules.
+ * Maps rule IDs to GDPR/ISO27001 mappings and exploit/audit descriptions.
+ * This is merged into rules at load time to keep rule files clean.
+ */
+interface ComplianceExtension {
+    gdpr?: string[];
+    iso27001?: string[];
+    exploit?: string;
+    audit?: string;
+}
+export declare const complianceMetadata: Record<string, ComplianceExtension>;
+/**
+ * Apply compliance metadata to a set of rules.
+ * Merges GDPR/ISO27001 mappings into compliance[] and adds exploit/audit fields.
+ */
+export declare function enrichRulesWithCompliance<T extends {
+    id: string;
+    compliance?: string[];
+    exploit?: string;
+    audit?: string;
+}>(rules: T[]): T[];
+export {};
+//# sourceMappingURL=compliance-metadata.d.ts.map

package/build/data/compliance-metadata.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"compliance-metadata.d.ts","sourceRoot":"","sources":["../../src/data/compliance-metadata.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,UAAU,mBAAmB;IAC3B,IAAI,CAAC,EAAE,MAAM,EAAE,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,EAAE,CAAC;IACpB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAGD,eAAO,MAAM,kBAAkB,EAAE,MAAM,CAAC,MAAM,EAAE,mBAAmB,CA8PlE,CAAC;AAEF;;;GAGG;AACH,wBAAgB,yBAAyB,CAAC,CAAC,SAAS;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IAAC,OAAO,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAA;CAAE,EAAE,KAAK,EAAE,CAAC,EAAE,GAAG,CAAC,EAAE,CAc5I"}

package/build/data/compliance-metadata.js

@@ -0,0 +1,274 @@
+/**
+ * Extended compliance metadata for all rules.
+ * Maps rule IDs to GDPR/ISO27001 mappings and exploit/audit descriptions.
+ * This is merged into rules at load time to keep rule files clean.
+ */
+// guardvibe-ignore — this file contains security rule descriptions, not vulnerable code
+export const complianceMetadata = {
+    // === CORE RULES (VG001-VG100) ===
+    VG001: {
+        gdpr: ["GDPR:Art32(1)(a)", "GDPR:Art5(1)(f)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Attacker clones the public repo or decompiles the client bundle to extract hardcoded credentials, then uses them to access backend services, databases, or third-party APIs.",
+        audit: "Search codebase for patterns matching API key/password assignments. Show git history to prove no secrets were ever committed. Demonstrate that a secrets manager or environment variables are used instead.",
+    },
+    VG002: {
+        gdpr: ["GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.8.3", "ISO27001:A.8.24"],
+        exploit: "Attacker sends crafted SQL input through unvalidated form fields or URL parameters to extract, modify, or delete database records.",
+        audit: "Demonstrate that all database queries use parameterized statements or ORM methods. Show code review checklist that includes SQL injection testing.",
+    },
+    VG003: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Attacker injects shell metacharacters into user input that is passed to shell functions, achieving remote code execution on the server.",
+        audit: "Show that no user input is passed to shell functions. Demonstrate use of safe alternatives with argument arrays.",
+    },
+    VG010: {
+        gdpr: ["GDPR:Art32(1)(b)", "GDPR:Art25"],
+        iso27001: ["ISO27001:A.8.3", "ISO27001:A.5.15"],
+        exploit: "Attacker accesses API endpoints or resources without authentication, reading or modifying data belonging to other users.",
+        audit: "Show middleware/auth layer that protects all sensitive endpoints. Demonstrate that unauthenticated requests return 401/403.",
+    },
+    VG042: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Attacker injects malicious JavaScript through user-provided content rendered without sanitization, stealing session cookies or performing actions as the victim.",
+        audit: "Show that all user-generated content is escaped or sanitized before rendering. Demonstrate CSP headers that block inline scripts.",
+    },
+    VG060: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Attacker finds hardcoded JWT secret and forges valid authentication tokens, impersonating any user including admins.",
+        audit: "Show that JWT secrets are stored in environment variables or a secrets manager, never in source code.",
+    },
+    VG062: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Attacker extracts hardcoded API keys from source code or client bundles to access paid services, steal data, or run up costs.",
+        audit: "Scan entire codebase for credential patterns. Verify all sensitive values come from environment variables.",
+    },
+    // === NEXTJS RULES (VG400-VG412) ===
+    VG400: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Server-side secrets in client components are embedded in the JavaScript bundle. Attacker opens browser DevTools to read the secret value directly.",
+        audit: "Run next build and inspect the generated client bundles for any process.env references that are not NEXT_PUBLIC_.",
+    },
+    VG401: {
+        gdpr: ["GDPR:Art32(1)(a)", "GDPR:Art25"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.8.28"],
+        exploit: "Attacker crafts malicious form data (SQL fragments, script tags, oversized values) to exploit the unvalidated Server Action, causing injection or data corruption.",
+        audit: "Show that every Server Action validates input with a schema library (Zod, Yup) before processing.",
+    },
+    VG402: {
+        gdpr: ["GDPR:Art32(1)(b)", "GDPR:Art25"],
+        iso27001: ["ISO27001:A.5.15", "ISO27001:A.8.3"],
+        exploit: "Anyone can POST directly to a Server Action URL without authentication. Attacker discovers the action endpoint and calls it to delete data, modify records, or escalate privileges.",
+        audit: "Verify every exported Server Action checks auth() at the top. Show access control test cases.",
+    },
+    VG403: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.15"],
+        exploit: "With CORS wildcard, any malicious website can make authenticated requests to your API using the victim browser cookies/tokens.",
+        audit: "Show CORS configuration with explicit origin allowlist. Test that cross-origin requests from unlisted domains are rejected.",
+    },
+    VG404: {
+        gdpr: ["GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.5.15", "ISO27001:A.8.3"],
+        exploit: "Overly broad matcher may expose admin or internal routes that were intended to be protected, bypassing access controls.",
+        audit: "Review middleware matcher patterns against actual protected routes. Show that no sensitive routes are accidentally excluded.",
+    },
+    VG405: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.8.20"],
+        exploit: "Without security headers, the app is vulnerable to clickjacking, MIME sniffing, and XSS due to missing X-Frame-Options, X-Content-Type-Options, and CSP.",
+        audit: "Check response headers using browser DevTools or curl. Verify CSP, HSTS, X-Frame-Options, and X-Content-Type-Options are present.",
+    },
+    VG406: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.8.28"],
+        exploit: "Attacker manipulates dynamic route params to access unauthorized records or inject into database queries.",
+        audit: "Show that all route params are validated with Zod/schema before use in queries. Test with malformed param values.",
+    },
+    VG407: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Sensitive data passed as props to client components is serialized into HTML/JSON and visible in page source or network tab.",
+        audit: "Inspect rendered HTML for sensitive data leakage. Verify server-only data never appears in client component props.",
+    },
+    VG408: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Unsafe innerHTML renders unsanitized HTML. If the content includes user input, attacker injects script tags for XSS.",
+        audit: "Grep for unsafe innerHTML usage. Verify that all instances use DOMPurify or equivalent sanitization.",
+    },
+    VG409: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Attacker crafts a URL with redirect parameter pointing to a malicious site, tricking the victim after authentication to enable phishing.",
+        audit: "Show redirect URL validation against a domain allowlist. Test with external URLs to verify they are rejected.",
+    },
+    VG410: {
+        gdpr: ["GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.5.15"],
+        exploit: "Attacker triggers cache revalidation on unauthenticated endpoints, causing stale data to be served or DoS via excessive revalidation.",
+        audit: "Show that revalidation endpoints require authentication. Test unauthenticated calls return 401.",
+    },
+    VG411: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "NEXT_PUBLIC_ variables with secret names are embedded in the client JavaScript bundle. Anyone visiting the site can extract them from the bundle source.",
+        audit: "Search .env files for NEXT_PUBLIC_ with secret keywords. Run next build and search output bundles for leaked values.",
+    },
+    VG412: {
+        gdpr: ["GDPR:Art5(1)(c)", "GDPR:Art25"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Server Action returns full database objects including sensitive fields (passwordHash, internalNotes). Client receives all data in the response.",
+        audit: "Review Server Action return values. Verify select/pick is used to return only necessary fields.",
+    },
+    // === AUTH RULES (VG420-VG430) ===
+    VG420: {
+        gdpr: ["GDPR:Art32(1)(b)", "GDPR:Art32(1)(d)"],
+        iso27001: ["ISO27001:A.5.15", "ISO27001:A.8.5"],
+        exploit: "Without session expiration, stolen session tokens remain valid indefinitely. Attacker uses a leaked token months later to access the account.",
+        audit: "Show session configuration with maxAge/expiry. Demonstrate that expired sessions are rejected.",
+    },
+    VG421: {
+        gdpr: ["GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.5.15", "ISO27001:A.8.3"],
+        exploit: "Missing CSRF protection allows attacker to trick authenticated users into performing unintended actions via crafted forms on malicious sites.",
+        audit: "Show CSRF token implementation. Test that requests without valid CSRF tokens are rejected.",
+    },
+    VG422: {
+        gdpr: ["GDPR:Art32(1)(a)", "GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.8.5", "ISO27001:A.5.17"],
+        exploit: "Weak password policy allows brute force attacks. Attacker uses common password lists to compromise accounts in minutes.",
+        audit: "Show password policy enforcement (minimum length, complexity). Demonstrate that weak passwords are rejected.",
+    },
+    // === DATABASE RULES ===
+    VG440: {
+        gdpr: ["GDPR:Art32(1)(b)", "GDPR:Art25"],
+        iso27001: ["ISO27001:A.8.3", "ISO27001:A.5.15"],
+        exploit: "Without Supabase RLS, any client with the anon key can read/write all rows in the table directly via the PostgREST API.",
+        audit: "Query pg_policies to verify RLS is enabled on all tables. Test that anon/authenticated roles only access permitted rows.",
+    },
+    VG441: {
+        gdpr: ["GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.5.15", "ISO27001:A.8.3"],
+        exploit: "Supabase service role key in client code bypasses all RLS policies. Attacker extracts it and has full database access.",
+        audit: "Search client bundles for service_role key. Verify it is only used server-side.",
+    },
+    // === PAYMENT RULES ===
+    VG460: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Stripe secret key in client code gives attacker full control over the Stripe account: create charges, issue refunds, access customer data.",
+        audit: "Search for sk_live_ and sk_test_ patterns in client bundles. Verify Stripe keys are server-only.",
+    },
+    VG461: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Without webhook signature verification, attacker sends forged webhook events to grant themselves premium access or trigger refunds.",
+        audit: "Show Stripe constructEvent() call with webhook secret. Test with invalid signatures to verify rejection.",
+    },
+    // === WEB SECURITY RULES ===
+    VG650: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Without signature verification, attacker sends forged webhook payloads to trigger business logic (grant access, process fake payments, delete data).",
+        audit: "Show HMAC/signature verification code in webhook handler. Test with modified payloads to verify rejection.",
+    },
+    VG655: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "NEXT_PUBLIC_ credentials are compiled into client JavaScript. Attacker views page source to extract service keys.",
+        audit: "Audit .env files for NEXT_PUBLIC_ prefix on sensitive vars. Search built client bundles for leaked values.",
+    },
+    VG656: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art33"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Secrets in git history persist even if the file is later deleted. Attacker clones the repo and runs git log to find credentials.",
+        audit: "Run git log on .env files to verify they were never committed. Check .gitignore includes .env patterns.",
+    },
+    // === DEPLOYMENT RULES ===
+    VG500: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "CORS wildcard allows any website to make authenticated API requests using the victim session.",
+        audit: "Inspect vercel.json headers configuration. Test CORS with requests from unauthorized origins.",
+    },
+    VG503: {
+        gdpr: ["GDPR:Art32(1)(b)"],
+        iso27001: ["ISO27001:A.5.15"],
+        exploit: "Without CRON_SECRET verification, attacker discovers the cron endpoint URL and triggers it repeatedly, causing data corruption or excessive costs.",
+        audit: "Show authorization header check in cron handler. Test unauthenticated calls return 401.",
+    },
+    VG506: {
+        gdpr: ["GDPR:Art5(1)(f)", "GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.33"],
+        exploit: "Hardcoded secrets in vercel.json are visible to anyone with repository access, including in git history.",
+        audit: "Scan vercel.json for secret patterns. Verify all sensitive values use Vercel environment variables.",
+    },
+    VG507: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Wildcard remote image pattern allows attacker to use your server as a proxy for SSRF attacks against internal services.",
+        audit: "Review remotePatterns in next.config. Verify only trusted hostnames are allowed.",
+    },
+    // === AI SECURITY RULES ===
+    VG800: {
+        gdpr: ["GDPR:Art32(1)(a)", "GDPR:Art22"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Attacker crafts input that manipulates the LLM into ignoring system instructions, accessing restricted data, or performing unauthorized actions.",
+        audit: "Show input validation/sanitization before LLM calls. Demonstrate prompt injection test cases.",
+    },
+    VG801: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "LLM output rendered without sanitization can contain malicious HTML/JS enabling stored XSS.",
+        audit: "Show that LLM output is sanitized before rendering. Verify safe rendering methods are used with AI output.",
+    },
+    // === SUPPLY CHAIN RULES ===
+    VG950: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.5.19"],
+        exploit: "Malicious postinstall script runs arbitrary code during npm install, stealing env vars, injecting backdoors, or exfiltrating data.",
+        audit: "Review package.json scripts section. Use npm audit and check for suspicious lifecycle scripts in dependencies.",
+    },
+    // === MODERN STACK RULES ===
+    VG960: {
+        gdpr: ["GDPR:Art32(1)(a)", "GDPR:Art25"],
+        iso27001: ["ISO27001:A.8.24", "ISO27001:A.8.28"],
+        exploit: "Without schema validation, attacker sends malformed data that crashes the server, corrupts the database, or bypasses business logic.",
+        audit: "Show Zod/Yup/Valibot schema validation at all API boundaries. Demonstrate that invalid payloads are rejected.",
+    },
+    VG970: {
+        gdpr: ["GDPR:Art32(1)(a)"],
+        iso27001: ["ISO27001:A.8.24"],
+        exploit: "Unrestricted file upload allows attacker to upload malicious executables, web shells, or oversized files that crash the server.",
+        audit: "Show file type validation, size limits, and virus scanning for all upload endpoints.",
+    },
+};
+/**
+ * Apply compliance metadata to a set of rules.
+ * Merges GDPR/ISO27001 mappings into compliance[] and adds exploit/audit fields.
+ */
+export function enrichRulesWithCompliance(rules) {
+    for (const rule of rules) {
+        const meta = complianceMetadata[rule.id];
+        if (!meta)
+            continue;
+        if (meta.gdpr || meta.iso27001) {
+            const existing = rule.compliance ?? [];
+            const additions = [...(meta.gdpr ?? []), ...(meta.iso27001 ?? [])];
+            rule.compliance = [...new Set([...existing, ...additions])];
+        }
+        if (meta.exploit)
+            rule.exploit = meta.exploit;
+        if (meta.audit)
+            rule.audit = meta.audit;
+    }
+    return rules;
+}
+//# sourceMappingURL=compliance-metadata.js.map

package/build/data/compliance-metadata.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"compliance-metadata.js","sourceRoot":"","sources":["../../src/data/compliance-metadata.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AASH,wFAAwF;AACxF,MAAM,CAAC,MAAM,kBAAkB,GAAwC;IACrE,mCAAmC;IACnC,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,iBAAiB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,8KAA8K;QACvL,KAAK,EAAE,6MAA6M;KACrN;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;QAC/C,OAAO,EAAE,oIAAoI;QAC7I,KAAK,EAAE,oJAAoJ;KAC5J;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,yIAAyI;QAClJ,KAAK,EAAE,kHAAkH;KAC1H;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC;QACxC,QAAQ,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;QAC/C,OAAO,EAAE,0HAA0H;QACnI,KAAK,EAAE,6HAA6H;KACrI;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,kKAAkK;QAC3K,KAAK,EAAE,mIAAmI;KAC3I;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,sHAAsH;QAC/H,KAAK,EAAE,uGAAuG;KAC/G;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,+HAA+H;QACxI,KAAK,EAAE,4GAA4G;KACpH;IAED,qCAAqC;IACrC,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,oJAAoJ;QAC7J,KAAK,EAAE,mHAAmH;KAC3H;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC;QACxC,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,oKAAoK;QAC7K,KAAK,EAAE,mGAAmG;KAC3G;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC;QACxC,QAAQ,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;QAC/C,OAAO,EAAE,qLAAqL;QAC9L,KAAK,EAAE,+FAA+F;KACvG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,gIAAgI;QACzI,KAAK,EAAE,6HAA6H;KACrI;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;QAC/C,OAAO,EAAE,yHAAyH;QAClI,KAAK,EAAE,8HAA8H;KACtI;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,0JAA0J;QACnK,KAAK,EAAE,mIAAmI;KAC3I;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,2GAA2G;QACpH,KAAK,EAAE,mHAAmH;KAC3H;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,6HAA6H;QACtI,KAAK,EAAE,oHAAoH;KAC5H;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,sHAAsH;QAC/H,KAAK,EAAE,sGAAsG;KAC9G;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,0IAA0I;QACnJ,KAAK,EAAE,+GAA+G;KACvH;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,uIAAuI;QAChJ,KAAK,EAAE,iGAAiG;KACzG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,0JAA0J;QACnK,KAAK,EAAE,sHAAsH;KAC9H;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,YAAY,CAAC;QACvC,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,iJAAiJ;QAC1J,KAAK,EAAE,iGAAiG;KACzG;IAED,mCAAmC;IACnC,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,kBAAkB,CAAC;QAC9C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;QAC/C,OAAO,EAAE,+IAA+I;QACxJ,KAAK,EAAE,gGAAgG;KACxG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;QAC/C,OAAO,EAAE,+IAA+I;QACxJ,KAAK,EAAE,4FAA4F;KACpG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,kBAAkB,CAAC;QAC9C,QAAQ,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;QAC/C,OAAO,EAAE,yHAAyH;QAClI,KAAK,EAAE,8GAA8G;KACtH;IAED,yBAAyB;IACzB,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC;QACxC,QAAQ,EAAE,CAAC,gBAAgB,EAAE,iBAAiB,CAAC;QAC/C,OAAO,EAAE,yHAAyH;QAClI,KAAK,EAAE,0HAA0H;KAClI;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,gBAAgB,CAAC;QAC/C,OAAO,EAAE,wHAAwH;QACjI,KAAK,EAAE,iFAAiF;KACzF;IAED,wBAAwB;IACxB,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,4IAA4I;QACrJ,KAAK,EAAE,kGAAkG;KAC1G;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,qIAAqI;QAC9I,KAAK,EAAE,0GAA0G;KAClH;IAED,6BAA6B;IAC7B,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,sJAAsJ;QAC/J,KAAK,EAAE,4GAA4G;KACpH;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,mHAAmH;QAC5H,KAAK,EAAE,4GAA4G;KACpH;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,YAAY,CAAC;QACvC,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,kIAAkI;QAC3I,KAAK,EAAE,yGAAyG;KACjH;IAED,2BAA2B;IAC3B,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,+FAA+F;QACxG,KAAK,EAAE,+FAA+F;KACvG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,oJAAoJ;QAC7J,KAAK,EAAE,yFAAyF;KACjG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,iBAAiB,EAAE,kBAAkB,CAAC;QAC7C,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,0GAA0G;QACnH,KAAK,EAAE,qGAAqG;KAC7G;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,yHAAyH;QAClI,KAAK,EAAE,kFAAkF;KAC1F;IAED,4BAA4B;IAC5B,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC;QACxC,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,kJAAkJ;QAC3J,KAAK,EAAE,+FAA+F;KACvG;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,6FAA6F;QACtG,KAAK,EAAE,4GAA4G;KACpH;IAED,6BAA6B;IAC7B,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,oIAAoI;QAC7I,KAAK,EAAE,gHAAgH;KACxH;IAED,6BAA6B;IAC7B,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,EAAE,YAAY,CAAC;QACxC,QAAQ,EAAE,CAAC,iBAAiB,EAAE,iBAAiB,CAAC;QAChD,OAAO,EAAE,sIAAsI;QAC/I,KAAK,EAAE,+GAA+G;KACvH;IACD,KAAK,EAAE;QACL,IAAI,EAAE,CAAC,kBAAkB,CAAC;QAC1B,QAAQ,EAAE,CAAC,iBAAiB,CAAC;QAC7B,OAAO,EAAE,iIAAiI;QAC1I,KAAK,EAAE,sFAAsF;KAC9F;CACF,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,yBAAyB,CAAoF,KAAU;IACrI,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,kBAAkB,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACzC,IAAI,CAAC,IAAI;YAAE,SAAS;QAEpB,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC/B,MAAM,QAAQ,GAAG,IAAI,CAAC,UAAU,IAAI,EAAE,CAAC;YACvC,MAAM,SAAS,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAC;YACnE,IAAI,CAAC,UAAU,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,QAAQ,EAAE,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;QACD,IAAI,IAAI,CAAC,OAAO;YAAE,IAAI,CAAC,OAAO,GAAG,IAAI,CAAC,OAAO,CAAC;QAC9C,IAAI,IAAI,CAAC,KAAK;YAAE,IAAI,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC;IAC1C,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/build/data/rules/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/data/rules/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAwB/C,eAAO,MAAM,UAAU,qCAuBtB,CAAC;AAGF,eAAO,MAAM,YAAY,qCAAa,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/data/rules/index.ts"],"names":[],"mappings":"AAAA,YAAY,EAAE,YAAY,EAAE,MAAM,YAAY,CAAC;AAyB/C,eAAO,MAAM,UAAU,qCAuBrB,CAAC;AAGH,eAAO,MAAM,YAAY,qCAAa,CAAC"}

package/build/data/rules/index.js

@@ -20,7 +20,8 @@ import { supplyChainRules } from "./supply-chain.js";
 import { cveVersionRules } from "./cve-versions.js";
 import { apiSecurityRules } from "./api-security.js";
 import { modernStackRules } from "./modern-stack.js";
-export const owaspRules = [
+import { enrichRulesWithCompliance } from "../compliance-metadata.js";
+export const owaspRules = enrichRulesWithCompliance([
     ...coreRules,
     ...goRules,
     ...dockerfileRules,
@@ -43,7 +44,7 @@ export const owaspRules = [
     ...cveVersionRules,
     ...apiSecurityRules,
     ...modernStackRules,
-];
+]);
 // Alias for clarity — these are the built-in rules without plugins
 export const builtinRules = owaspRules;
 //# sourceMappingURL=index.js.map

package/build/data/rules/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/data/rules/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AAErD,MAAM,CAAC,MAAM,UAAU,GAAG;IACxB,GAAG,SAAS;IACZ,GAAG,OAAO;IACV,GAAG,eAAe;IAClB,GAAG,SAAS;IACZ,GAAG,cAAc;IACjB,GAAG,WAAW;IACd,GAAG,SAAS;IACZ,GAAG,aAAa;IAChB,GAAG,eAAe;IAClB,GAAG,YAAY;IACf,GAAG,YAAY;IACf,GAAG,gBAAgB;IACnB,GAAG,gBAAgB;IACnB,GAAG,aAAa;IAChB,GAAG,iBAAiB;IACpB,GAAG,UAAU;IACb,GAAG,QAAQ;IACX,GAAG,eAAe;IAClB,GAAG,gBAAgB;IACnB,GAAG,eAAe;IAClB,GAAG,gBAAgB;IACnB,GAAG,gBAAgB;CACpB,CAAC;AAEF,mEAAmE;AACnE,MAAM,CAAC,MAAM,YAAY,GAAG,UAAU,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/data/rules/index.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,aAAa,CAAC;AAC1C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC9C,OAAO,EAAE,iBAAiB,EAAE,MAAM,qBAAqB,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AACxC,OAAO,EAAE,QAAQ,EAAE,MAAM,UAAU,CAAC;AACpC,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,eAAe,EAAE,MAAM,mBAAmB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,gBAAgB,EAAE,MAAM,mBAAmB,CAAC;AACrD,OAAO,EAAE,yBAAyB,EAAE,MAAM,2BAA2B,CAAC;AAEtE,MAAM,CAAC,MAAM,UAAU,GAAG,yBAAyB,CAAC;IAClD,GAAG,SAAS;IACZ,GAAG,OAAO;IACV,GAAG,eAAe;IAClB,GAAG,SAAS;IACZ,GAAG,cAAc;IACjB,GAAG,WAAW;IACd,GAAG,SAAS;IACZ,GAAG,aAAa;IAChB,GAAG,eAAe;IAClB,GAAG,YAAY;IACf,GAAG,YAAY;IACf,GAAG,gBAAgB;IACnB,GAAG,gBAAgB;IACnB,GAAG,aAAa;IAChB,GAAG,iBAAiB;IACpB,GAAG,UAAU;IACb,GAAG,QAAQ;IACX,GAAG,eAAe;IAClB,GAAG,gBAAgB;IACnB,GAAG,eAAe;IAClB,GAAG,gBAAgB;IACnB,GAAG,gBAAgB;CACpB,CAAC,CAAC;AAEH,mEAAmE;AACnE,MAAM,CAAC,MAAM,YAAY,GAAG,UAAU,CAAC"}

package/build/data/rules/types.d.ts

@@ -9,5 +9,7 @@ export interface SecurityRule {
     fix: string;
     fixCode?: string;
     compliance?: string[];
+    exploit?: string;
+    audit?: string;
 }
 //# sourceMappingURL=types.d.ts.map

package/build/data/rules/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/data/rules/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC1D,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../../src/data/rules/types.ts"],"names":[],"mappings":"AAAA,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,GAAG,MAAM,CAAC;IAC1D,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;IACtB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB"}

package/build/index.js

@@ -14,12 +14,14 @@ import { complianceReport } from "./tools/compliance-report.js";
 import { exportSarif } from "./tools/export-sarif.js";
 import { checkPackageHealth } from "./tools/check-package-health.js";
 import { fixCode } from "./tools/fix-code.js";
+import { auditConfig } from "./tools/audit-config.js";
+import { generatePolicy } from "./tools/generate-policy.js";
 import { discoverPlugins } from "./plugins/loader.js";
 import { builtinRules } from "./data/rules/index.js";
 import { loadConfig } from "./utils/config.js";
 const server = new McpServer({
     name: "guardvibe",
-    version: "1.3.2",
+    version: "1.4.0",
 });
 // Tool 1: Analyze code for security vulnerabilities
 server.tool("check_code", "Analyze code for security vulnerabilities (OWASP Top 10, XSS, SQL injection, insecure patterns). Use this when reviewing or writing code to catch security issues early.", {
@@ -94,14 +96,15 @@ server.tool("check_dependencies", "Check npm, PyPI, or Go packages for known sec
     };
 });
 // Tool 5: Scan directory for security vulnerabilities (filesystem-native)
-server.tool("scan_directory", "Scan an entire project directory for security vulnerabilities. Reads files directly from the filesystem — no need to pass file contents. Returns a security score (A-F) and detailed findings.", {
+server.tool("scan_directory", "Scan an entire project directory for security vulnerabilities. Reads files directly from the filesystem — no need to pass file contents. Returns a security score (A-F) and detailed findings. Includes scan metadata (ID, timestamp, duration, file hashes) for audit trails. Use baseline to compare with a previous scan.", {
     path: z.string().describe("Directory path to scan (e.g. './src', '.')"),
     recursive: z.boolean().optional().default(true).describe("Scan subdirectories"),
     exclude: z.array(z.string()).optional().default([]).describe("Additional directories to exclude"),
     format: z.enum(["markdown", "json"]).default("markdown").describe("Output format: markdown (human) or json (machine-readable for agents)"),
-}, async ({ path, recursive, exclude, format }) => {
+    baseline: z.string().optional().describe("Path to a previous scan JSON output file for baseline comparison (new/fixed/unchanged findings)"),
+}, async ({ path, recursive, exclude, format, baseline }) => {
     const rules = globalThis.__guardvibe_rules;
-    const results = scanDirectory(path, recursive, exclude, format, rules);
+    const results = scanDirectory(path, recursive, exclude, format, rules, baseline);
     return { content: [{ type: "text", text: results }] };
 });
 // Tool 6: Scan manifest/lockfile for dependency vulnerabilities
@@ -130,13 +133,14 @@ server.tool("scan_staged", "Scan git-staged files for security vulnerabilities b
     return { content: [{ type: "text", text: results }] };
 });
 // Tool 9: Generate compliance-focused security report
-server.tool("compliance_report", "Generate a compliance-focused security report mapped to SOC2, PCI-DSS, or HIPAA controls. Scans a directory and groups findings by compliance control.", {
+server.tool("compliance_report", "Generate a compliance-focused security report mapped to SOC2, PCI-DSS, HIPAA, GDPR, or ISO27001 controls. Scans a directory and groups findings by compliance control. Includes exploit scenarios and audit evidence for each finding. Use mode=executive for a C-level summary.", {
     path: z.string().describe("Directory to scan"),
-    framework: z.enum(["SOC2", "PCI-DSS", "HIPAA", "all"]).describe("Compliance framework"),
+    framework: z.enum(["SOC2", "PCI-DSS", "HIPAA", "GDPR", "ISO27001", "all"]).describe("Compliance framework"),
     format: z.enum(["markdown", "json"]).default("markdown").describe("Output format: markdown (human) or json (machine-readable for agents)"),
-}, async ({ path, framework, format }) => {
+    mode: z.enum(["full", "executive"]).default("full").describe("Report mode: full (detailed) or executive (C-level summary)"),
+}, async ({ path, framework, format, mode }) => {
     const rules = globalThis.__guardvibe_rules;
-    const results = complianceReport(path, framework, format, rules);
+    const results = complianceReport(path, framework, format, rules, mode);
     return { content: [{ type: "text", text: results }] };
 });
 // Tool 10: Export scan results in SARIF v2.1.0 format
@@ -173,6 +177,22 @@ server.tool("fix_code", "Analyze code for security vulnerabilities and return fi
         content: [{ type: "text", text: results }],
     };
 });
+// Tool 13: Cross-file configuration security audit
+server.tool("audit_config", "Audit project configuration files (next.config, middleware/proxy, .env, vercel.json) together for cross-file security issues. Detects gaps that single-file scanning misses: missing security headers, unprotected routes, exposed secrets, middleware/route mismatches.", {
+    path: z.string().describe("Project root directory to audit"),
+    format: z.enum(["markdown", "json"]).default("markdown").describe("Output format"),
+}, async ({ path, format }) => {
+    const results = auditConfig(path, format);
+    return { content: [{ type: "text", text: results }] };
+});
+// Tool 14: Generate security policies based on detected stack
+server.tool("generate_policy", "Scan a project to detect its stack (Next.js, Supabase, Stripe, etc.) and generate tailored security policies: CSP headers, CORS config, Supabase RLS suggestions, rate limiting config, and security headers.", {
+    path: z.string().describe("Project root directory to scan"),
+    format: z.enum(["markdown", "json"]).default("markdown").describe("Output format"),
+}, async ({ path, format }) => {
+    const results = generatePolicy(path, format);
+    return { content: [{ type: "text", text: results }] };
+});
 async function main() {
     // Load plugins
     const config = loadConfig(process.cwd());

package/build/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,oDAAoD;AACpD,MAAM,CAAC,IAAI,CACT,YAAY,EACZ,0KAA0K,EAC1K;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IACxD,QAAQ,EAAE,CAAC;SACR,IAAI,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SAC1H,QAAQ,CAAC,kCAAkC,CAAC;IAC/C,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,kEAAkE,CAAC;IAC/E,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IAC9C,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC1F,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,2DAA2D;AAC3D,MAAM,CAAC,IAAI,CACT,eAAe,EACf,iKAAiK,EACjK;IACE,KAAK,EAAE,CAAC;SACL,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sCAAsC,CAAC;QACjE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;KACjD,CAAC,CACH;SACA,QAAQ,CAAC,0CAA0C,CAAC;IACvD,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE;IAC1B,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACnD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,iFAAiF;AACjF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,8IAA8I,EAC9I;IACE,KAAK,EAAE,CAAC;SACL,MAAM,EAAE;SACR,QAAQ,CACP,mIAAmI,CACpI;CACJ,EACD,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACpC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;KACxC,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,uDAAuD;AACvD,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7B,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6CAA6C,CAAC;IACxE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC9D,SAAS,EAAE,CAAC;SACT,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;SAC3B,OAAO,CAAC,KAAK,CAAC;SACd,QAAQ,CAAC,mBAAmB,CAAC;CACjC,CAAC,CAAC;AAEH,MAAM,CAAC,IAAI,CACT,oBAAoB,EACpB,sKAAsK,EACtK;IACE,QAAQ,EAAE,CAAC,CAAC,UAAU,CACpB,CAAC,GAAG,EAAE,EAAE;QACN,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,GAAG,CAAC;YACb,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CACvB,CAAC,QAAQ,CAAC,yDAAyD,CAAC;CACtE,EACD,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAClD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,0EAA0E;AAC1E,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,gMAAgM,EAChM;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IACvE,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC;IAC/E,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,mCAAmC,CAAC;IACjG,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,EAAE,EAAE;IAC7C,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACvE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,gEAAgE;AAChE,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,mLAAmL,EACnL;IACE,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2EAA2E,CAAC;IAC/G,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,EAAE,EAAE;IAClC,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;IAC9D,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,6DAA6D;AAC7D,MAAM,CAAC,IAAI,CACT,cAAc,EACd,mKAAmK,EACnK;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC3D,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC;IAC/E,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IACpC,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IACrD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,kDAAkD;AAClD,MAAM,CAAC,IAAI,CACT,aAAa,EACb,+KAA+K,EAC/K;IACE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;IACnB,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACzD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,sDAAsD;AACtD,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,wJAAwJ,EACxJ;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC;IAC9C,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC;IACvF,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IACpC,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACjE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,sDAAsD;AACtD,MAAM,CAAC,IAAI,CACT,cAAc,EACd,uIAAuI,EACvI;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC;CAC/C,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACzC,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,mDAAmD;AACnD,MAAM,CAAC,IAAI,CACT,sBAAsB,EACtB,8KAA8K,EAC9K;IACE,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,2EAA2E,CAAC;IACnH,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE;IAC7B,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC3D,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,6CAA6C;AAC7C,MAAM,CAAC,IAAI,CACT,UAAU,EACV,oPAAoP,EACpP;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,qCAAqC,CAAC;IAChE,QAAQ,EAAE,CAAC;SACR,IAAI,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SAC1H,QAAQ,CAAC,kCAAkC,CAAC;IAC/C,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,kEAAkE,CAAC;IAC/E,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,qEAAqE,CAAC;CACrI,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IAC9C,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC7E,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,eAAe;IACf,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAErE,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,CAAC,MAAM,CAAC,MAAM,eAAe,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvG,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,+BAA+B,GAAG,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,gCAAgC;IAChC,MAAM,QAAQ,GAAmB,CAAC,GAAG,YAAY,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAErE,wBAAwB;IACxB,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAa,EAClB,KAAK,EAAE,KAAU,EAAE,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YACzC,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;QAChE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,uCAAuC;IACtC,UAAkB,CAAC,iBAAiB,GAAG,QAAQ,CAAC;IAEjD,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;AAClE,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":";AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AACpE,OAAO,EAAE,oBAAoB,EAAE,MAAM,2CAA2C,CAAC;AACjF,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,SAAS,EAAE,MAAM,uBAAuB,CAAC;AAClD,OAAO,EAAE,YAAY,EAAE,MAAM,0BAA0B,CAAC;AACxD,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,iBAAiB,EAAE,MAAM,uBAAuB,CAAC;AAC1D,OAAO,EAAE,aAAa,EAAE,MAAM,2BAA2B,CAAC;AAC1D,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,8BAA8B,CAAC;AAChE,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AAErD,OAAO,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/C,MAAM,MAAM,GAAG,IAAI,SAAS,CAAC;IAC3B,IAAI,EAAE,WAAW;IACjB,OAAO,EAAE,OAAO;CACjB,CAAC,CAAC;AAEH,oDAAoD;AACpD,MAAM,CAAC,IAAI,CACT,YAAY,EACZ,0KAA0K,EAC1K;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6BAA6B,CAAC;IACxD,QAAQ,EAAE,CAAC;SACR,IAAI,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SAC1H,QAAQ,CAAC,kCAAkC,CAAC;IAC/C,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,kEAAkE,CAAC;IAC/E,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IAC9C,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC1F,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,2DAA2D;AAC3D,MAAM,CAAC,IAAI,CACT,eAAe,EACf,iKAAiK,EACjK;IACE,KAAK,EAAE,CAAC;SACL,KAAK,CACJ,CAAC,CAAC,MAAM,CAAC;QACP,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,sCAAsC,CAAC;QACjE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,kBAAkB,CAAC;KACjD,CAAC,CACH;SACA,QAAQ,CAAC,0CAA0C,CAAC;IACvD,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,EAAE;IAC1B,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,YAAY,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACnD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,iFAAiF;AACjF,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,8IAA8I,EAC9I;IACE,KAAK,EAAE,CAAC;SACL,MAAM,EAAE;SACR,QAAQ,CACP,mIAAmI,CACpI;CACJ,EACD,KAAK,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;IAClB,MAAM,IAAI,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;IACpC,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;KACxC,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,uDAAuD;AACvD,MAAM,aAAa,GAAG,CAAC,CAAC,MAAM,CAAC;IAC7B,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,6CAA6C,CAAC;IACxE,OAAO,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC9D,SAAS,EAAE,CAAC;SACT,IAAI,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,IAAI,CAAC,CAAC;SAC3B,OAAO,CAAC,KAAK,CAAC;SACd,QAAQ,CAAC,mBAAmB,CAAC;CACjC,CAAC,CAAC;AAEH,MAAM,CAAC,IAAI,CACT,oBAAoB,EACpB,sKAAsK,EACtK;IACE,QAAQ,EAAE,CAAC,CAAC,UAAU,CACpB,CAAC,GAAG,EAAE,EAAE;QACN,IAAI,OAAO,GAAG,KAAK,QAAQ,EAAE,CAAC;YAC5B,IAAI,CAAC;gBACH,OAAO,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YACzB,CAAC;YAAC,MAAM,CAAC;gBACP,OAAO,GAAG,CAAC;YACb,CAAC;QACH,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC,EACD,CAAC,CAAC,KAAK,CAAC,aAAa,CAAC,CACvB,CAAC,QAAQ,CAAC,yDAAyD,CAAC;CACtE,EACD,KAAK,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE;IACrB,MAAM,OAAO,GAAG,MAAM,iBAAiB,CAAC,QAAQ,CAAC,CAAC;IAClD,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,0EAA0E;AAC1E,MAAM,CAAC,IAAI,CACT,gBAAgB,EAChB,8TAA8T,EAC9T;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,4CAA4C,CAAC;IACvE,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC;IAC/E,OAAO,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,mCAAmC,CAAC;IACjG,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;IAC1I,QAAQ,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,iGAAiG,CAAC;CAC5I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,EAAE,EAAE;IACvD,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;IACjF,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,gEAAgE;AAChE,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,mLAAmL,EACnL;IACE,aAAa,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,2EAA2E,CAAC;IAC/G,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,aAAa,EAAE,MAAM,EAAE,EAAE,EAAE;IAClC,MAAM,OAAO,GAAG,MAAM,gBAAgB,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC;IAC9D,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,6DAA6D;AAC7D,MAAM,CAAC,IAAI,CACT,cAAc,EACd,mKAAmK,EACnK;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC3D,SAAS,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,QAAQ,CAAC,qBAAqB,CAAC;IAC/E,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IACpC,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC;IACrD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,kDAAkD;AAClD,MAAM,CAAC,IAAI,CACT,aAAa,EACb,+KAA+K,EAC/K;IACE,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE;IACnB,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IACzD,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,sDAAsD;AACtD,MAAM,CAAC,IAAI,CACT,mBAAmB,EACnB,kRAAkR,EAClR;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC;IAC9C,SAAS,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC,CAAC,QAAQ,CAAC,sBAAsB,CAAC;IAC3G,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;IAC1I,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,6DAA6D,CAAC;CAC5H,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,IAAI,EAAE,EAAE,EAAE;IAC1C,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,gBAAgB,CAAC,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,CAAC,CAAC;IACvE,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,sDAAsD;AACtD,MAAM,CAAC,IAAI,CACT,cAAc,EACd,uIAAuI,EACvI;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,mBAAmB,CAAC;CAC/C,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE;IACjB,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACzC,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,mDAAmD;AACnD,MAAM,CAAC,IAAI,CACT,sBAAsB,EACtB,8KAA8K,EAC9K;IACE,QAAQ,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,2EAA2E,CAAC;IACnH,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,uEAAuE,CAAC;CAC3I,EACD,KAAK,EAAE,EAAE,QAAQ,EAAE,MAAM,EAAE,EAAE,EAAE;IAC7B,MAAM,OAAO,GAAG,MAAM,kBAAkB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAC3D,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,6CAA6C;AAC7C,MAAM,CAAC,IAAI,CACT,UAAU,EACV,oPAAoP,EACpP;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,qCAAqC,CAAC;IAChE,QAAQ,EAAE,CAAC;SACR,IAAI,CAAC,CAAC,YAAY,EAAE,YAAY,EAAE,QAAQ,EAAE,IAAI,EAAE,YAAY,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,WAAW,CAAC,CAAC;SAC1H,QAAQ,CAAC,kCAAkC,CAAC;IAC/C,SAAS,EAAE,CAAC;SACT,MAAM,EAAE;SACR,QAAQ,EAAE;SACV,QAAQ,CAAC,kEAAkE,CAAC;IAC/E,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,QAAQ,CAAC,qEAAqE,CAAC;CACrI,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,EAAE,EAAE,EAAE;IAC9C,MAAM,KAAK,GAAI,UAAkB,CAAC,iBAA+C,CAAC;IAClF,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,EAAE,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;IAC7E,OAAO;QACL,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC;KAC3C,CAAC;AACJ,CAAC,CACF,CAAC;AAEF,mDAAmD;AACnD,MAAM,CAAC,IAAI,CACT,cAAc,EACd,0QAA0Q,EAC1Q;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,iCAAiC,CAAC;IAC5D,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;CACnF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,OAAO,GAAG,WAAW,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC1C,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,8DAA8D;AAC9D,MAAM,CAAC,IAAI,CACT,iBAAiB,EACjB,+MAA+M,EAC/M;IACE,IAAI,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,gCAAgC,CAAC;IAC3D,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,UAAU,EAAE,MAAM,CAAC,CAAC,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,QAAQ,CAAC,eAAe,CAAC;CACnF,EACD,KAAK,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,EAAE,EAAE;IACzB,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;IAC7C,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;AACxD,CAAC,CACF,CAAC;AAEF,KAAK,UAAU,IAAI;IACjB,eAAe;IACf,MAAM,MAAM,GAAG,UAAU,CAAC,OAAO,CAAC,GAAG,EAAE,CAAC,CAAC;IACzC,MAAM,OAAO,GAAG,MAAM,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,MAAM,CAAC,OAAO,CAAC,CAAC;IAErE,IAAI,OAAO,CAAC,MAAM,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,OAAO,CAAC,KAAK,CAAC,sBAAsB,OAAO,CAAC,MAAM,CAAC,MAAM,eAAe,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACvG,CAAC;IACD,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,MAAM,EAAE,CAAC;QACjC,OAAO,CAAC,KAAK,CAAC,+BAA+B,GAAG,EAAE,CAAC,CAAC;IACtD,CAAC;IAED,gCAAgC;IAChC,MAAM,QAAQ,GAAmB,CAAC,GAAG,YAAY,EAAE,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC;IAErE,wBAAwB;IACxB,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QACjC,MAAM,CAAC,IAAI,CACT,IAAI,CAAC,IAAI,EACT,IAAI,CAAC,WAAW,EAChB,IAAI,CAAC,MAAa,EAClB,KAAK,EAAE,KAAU,EAAE,EAAE;YACnB,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC;YACzC,OAAO,EAAE,OAAO,EAAE,CAAC,EAAE,IAAI,EAAE,MAAe,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;QAChE,CAAC,CACF,CAAC;IACJ,CAAC;IAED,uCAAuC;IACtC,UAAkB,CAAC,iBAAiB,GAAG,QAAQ,CAAC;IAEjD,MAAM,SAAS,GAAG,IAAI,oBAAoB,EAAE,CAAC;IAC7C,MAAM,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;IAChC,OAAO,CAAC,KAAK,CAAC,gDAAgD,CAAC,CAAC;AAClE,CAAC;AAED,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,KAAK,EAAE,EAAE;IACrB,OAAO,CAAC,KAAK,CAAC,cAAc,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC,CAAC,CAAC"}

package/build/tools/audit-config.d.ts

@@ -0,0 +1,11 @@
+export interface ConfigIssue {
+    id: string;
+    severity: "critical" | "high" | "medium" | "low";
+    category: string;
+    title: string;
+    description: string;
+    fix: string;
+    files: string[];
+}
+export declare function auditConfig(path: string, format?: "markdown" | "json"): string;
+//# sourceMappingURL=audit-config.d.ts.map

package/build/tools/audit-config.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"audit-config.d.ts","sourceRoot":"","sources":["../../src/tools/audit-config.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,GAAG,EAAE,MAAM,CAAC;IACZ,KAAK,EAAE,MAAM,EAAE,CAAC;CACjB;AAoUD,wBAAgB,WAAW,CACzB,IAAI,EAAE,MAAM,EACZ,MAAM,GAAE,UAAU,GAAG,MAAmB,GACvC,MAAM,CAsFR"}