guardvibe 1.3.3 → 1.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/build/data/compliance-metadata.d.ts +24 -0
- package/build/data/compliance-metadata.d.ts.map +1 -0
- package/build/data/compliance-metadata.js +274 -0
- package/build/data/compliance-metadata.js.map +1 -0
- package/build/data/rules/api-security.d.ts.map +1 -1
- package/build/data/rules/api-security.js +1 -0
- package/build/data/rules/api-security.js.map +1 -1
- package/build/data/rules/deployment.d.ts.map +1 -1
- package/build/data/rules/deployment.js +6 -0
- package/build/data/rules/deployment.js.map +1 -1
- package/build/data/rules/index.d.ts.map +1 -1
- package/build/data/rules/index.js +3 -2
- package/build/data/rules/index.js.map +1 -1
- package/build/data/rules/payments.d.ts.map +1 -1
- package/build/data/rules/payments.js +3 -0
- package/build/data/rules/payments.js.map +1 -1
- package/build/data/rules/react-native.d.ts.map +1 -1
- package/build/data/rules/react-native.js +3 -0
- package/build/data/rules/react-native.js.map +1 -1
- package/build/data/rules/services.d.ts.map +1 -1
- package/build/data/rules/services.js +5 -0
- package/build/data/rules/services.js.map +1 -1
- package/build/data/rules/types.d.ts +2 -0
- package/build/data/rules/types.d.ts.map +1 -1
- package/build/data/rules/web-security.d.ts.map +1 -1
- package/build/data/rules/web-security.js +8 -0
- package/build/data/rules/web-security.js.map +1 -1
- package/build/index.js +77 -8
- package/build/index.js.map +1 -1
- package/build/tools/audit-config.d.ts +11 -0
- package/build/tools/audit-config.d.ts.map +1 -0
- package/build/tools/audit-config.js +370 -0
- package/build/tools/audit-config.js.map +1 -0
- package/build/tools/compliance-report.d.ts +1 -1
- package/build/tools/compliance-report.d.ts.map +1 -1
- package/build/tools/compliance-report.js +110 -11
- package/build/tools/compliance-report.js.map +1 -1
- package/build/tools/generate-policy.d.ts +2 -0
- package/build/tools/generate-policy.d.ts.map +1 -0
- package/build/tools/generate-policy.js +368 -0
- package/build/tools/generate-policy.js.map +1 -0
- package/build/tools/policy-check.d.ts +3 -0
- package/build/tools/policy-check.d.ts.map +1 -0
- package/build/tools/policy-check.js +208 -0
- package/build/tools/policy-check.js.map +1 -0
- package/build/tools/review-pr.d.ts +3 -0
- package/build/tools/review-pr.d.ts.map +1 -0
- package/build/tools/review-pr.js +179 -0
- package/build/tools/review-pr.js.map +1 -0
- package/build/tools/scan-directory.d.ts +1 -1
- package/build/tools/scan-directory.d.ts.map +1 -1
- package/build/tools/scan-directory.js +121 -7
- package/build/tools/scan-directory.js.map +1 -1
- package/build/tools/scan-secrets-history.d.ts +9 -0
- package/build/tools/scan-secrets-history.d.ts.map +1 -0
- package/build/tools/scan-secrets-history.js +142 -0
- package/build/tools/scan-secrets-history.js.map +1 -0
- package/build/tools/taint-analysis.d.ts +23 -0
- package/build/tools/taint-analysis.d.ts.map +1 -0
- package/build/tools/taint-analysis.js +183 -0
- package/build/tools/taint-analysis.js.map +1 -0
- package/build/utils/config.d.ts +14 -0
- package/build/utils/config.d.ts.map +1 -1
- package/build/utils/config.js +7 -0
- package/build/utils/config.js.map +1 -1
- package/package.json +2 -2
|
@@ -0,0 +1,179 @@
|
|
|
1
|
+
import { execFileSync } from "child_process";
|
|
2
|
+
import { extname, basename } from "path";
|
|
3
|
+
import { analyzeCode } from "./check-code.js";
|
|
4
|
+
const EXTENSION_MAP = {
|
|
5
|
+
".js": "javascript", ".jsx": "javascript", ".mjs": "javascript", ".cjs": "javascript",
|
|
6
|
+
".ts": "typescript", ".tsx": "typescript", ".mts": "typescript", ".cts": "typescript",
|
|
7
|
+
".py": "python", ".go": "go", ".html": "html",
|
|
8
|
+
".sql": "sql", ".sh": "shell", ".bash": "shell",
|
|
9
|
+
".yml": "yaml", ".yaml": "yaml", ".tf": "terraform",
|
|
10
|
+
".toml": "toml", ".json": "json",
|
|
11
|
+
};
|
|
12
|
+
const CONFIG_FILE_MAP = {
|
|
13
|
+
"vercel.json": "vercel-config",
|
|
14
|
+
"next.config.js": "nextjs-config", "next.config.mjs": "nextjs-config", "next.config.ts": "nextjs-config",
|
|
15
|
+
"docker-compose.yml": "docker-compose", "docker-compose.yaml": "docker-compose",
|
|
16
|
+
};
|
|
17
|
+
function execGit(args, cwd) {
|
|
18
|
+
try {
|
|
19
|
+
return execFileSync("git", args, { cwd, encoding: "utf-8", timeout: 15000 });
|
|
20
|
+
}
|
|
21
|
+
catch {
|
|
22
|
+
return "";
|
|
23
|
+
}
|
|
24
|
+
}
|
|
25
|
+
function getChangedFiles(cwd, base) {
|
|
26
|
+
const output = execGit(["diff", "--name-only", base], cwd);
|
|
27
|
+
return output.trim().split("\n").filter(Boolean);
|
|
28
|
+
}
|
|
29
|
+
function getDiffHunks(cwd, base, file) {
|
|
30
|
+
const output = execGit(["diff", "-U0", base, "--", file], cwd);
|
|
31
|
+
const hunks = [];
|
|
32
|
+
const hunkPattern = /@@\s+-\d+(?:,\d+)?\s+\+(\d+)(?:,(\d+))?\s+@@/g;
|
|
33
|
+
let match;
|
|
34
|
+
while ((match = hunkPattern.exec(output)) !== null) {
|
|
35
|
+
const start = parseInt(match[1], 10);
|
|
36
|
+
const count = match[2] ? parseInt(match[2], 10) : 1;
|
|
37
|
+
hunks.push({ startLine: start, lineCount: count });
|
|
38
|
+
}
|
|
39
|
+
return hunks;
|
|
40
|
+
}
|
|
41
|
+
function getFileContent(cwd, file) {
|
|
42
|
+
try {
|
|
43
|
+
return execFileSync("git", ["show", `HEAD:${file}`], { cwd, encoding: "utf-8", timeout: 10000 });
|
|
44
|
+
}
|
|
45
|
+
catch {
|
|
46
|
+
return null;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
function isLineInDiff(line, hunks) {
|
|
50
|
+
return hunks.some(h => line >= h.startLine && line < h.startLine + h.lineCount);
|
|
51
|
+
}
|
|
52
|
+
function detectLanguage(filePath) {
|
|
53
|
+
const ext = extname(filePath).toLowerCase();
|
|
54
|
+
if (EXTENSION_MAP[ext])
|
|
55
|
+
return EXTENSION_MAP[ext];
|
|
56
|
+
if (basename(filePath).startsWith("Dockerfile") || ext === ".dockerfile")
|
|
57
|
+
return "dockerfile";
|
|
58
|
+
return CONFIG_FILE_MAP[basename(filePath)] ?? null;
|
|
59
|
+
}
|
|
60
|
+
function severityToLevel(severity) {
|
|
61
|
+
if (severity === "critical" || severity === "high")
|
|
62
|
+
return "failure";
|
|
63
|
+
if (severity === "medium")
|
|
64
|
+
return "warning";
|
|
65
|
+
return "notice";
|
|
66
|
+
}
|
|
67
|
+
export function reviewPr(cwd = process.cwd(), base = "main", format = "markdown", diffOnly = true, failOn = "high", rules) {
|
|
68
|
+
const changedFiles = getChangedFiles(cwd, base);
|
|
69
|
+
if (changedFiles.length === 0) {
|
|
70
|
+
if (format === "json")
|
|
71
|
+
return JSON.stringify({ summary: { total: 0, files: 0 }, findings: [] });
|
|
72
|
+
if (format === "annotations")
|
|
73
|
+
return JSON.stringify([]);
|
|
74
|
+
return "# GuardVibe PR Review\n\nNo changed files found.";
|
|
75
|
+
}
|
|
76
|
+
const allFindings = [];
|
|
77
|
+
const scannedFiles = [];
|
|
78
|
+
for (const file of changedFiles) {
|
|
79
|
+
const language = detectLanguage(file);
|
|
80
|
+
if (!language)
|
|
81
|
+
continue;
|
|
82
|
+
const content = getFileContent(cwd, file);
|
|
83
|
+
if (!content)
|
|
84
|
+
continue;
|
|
85
|
+
scannedFiles.push(file);
|
|
86
|
+
const hunks = getDiffHunks(cwd, base, file);
|
|
87
|
+
const findings = analyzeCode(content, language, undefined, file, cwd, rules);
|
|
88
|
+
for (const f of findings) {
|
|
89
|
+
const inDiff = isLineInDiff(f.line, hunks);
|
|
90
|
+
allFindings.push({ rule: f.rule, match: f.match, line: f.line, file, inDiff });
|
|
91
|
+
}
|
|
92
|
+
}
|
|
93
|
+
const reportFindings = diffOnly ? allFindings.filter(f => f.inDiff) : allFindings;
|
|
94
|
+
const critical = reportFindings.filter(f => f.rule.severity === "critical").length;
|
|
95
|
+
const high = reportFindings.filter(f => f.rule.severity === "high").length;
|
|
96
|
+
const medium = reportFindings.filter(f => f.rule.severity === "medium").length;
|
|
97
|
+
const total = reportFindings.length;
|
|
98
|
+
const failThresholds = { critical: 0, high: 1, medium: 2, low: 3 };
|
|
99
|
+
const failLevel = failThresholds[failOn] ?? -1;
|
|
100
|
+
const severityOrder = { critical: 0, high: 1, medium: 2, low: 3, info: 4 };
|
|
101
|
+
const blocked = failLevel >= 0 && reportFindings.some(f => (severityOrder[f.rule.severity] ?? 4) <= failLevel);
|
|
102
|
+
// --- ANNOTATIONS FORMAT (for GitHub Check Runs) ---
|
|
103
|
+
if (format === "annotations") {
|
|
104
|
+
const annotations = reportFindings.map(f => ({
|
|
105
|
+
path: f.file,
|
|
106
|
+
start_line: f.line,
|
|
107
|
+
end_line: f.line,
|
|
108
|
+
annotation_level: severityToLevel(f.rule.severity),
|
|
109
|
+
message: `${f.rule.description}\n\nFix: ${f.rule.fix}${f.rule.fixCode ? "\n\n" + f.rule.fixCode : ""}`,
|
|
110
|
+
title: `[${f.rule.severity.toUpperCase()}] ${f.rule.name} (${f.rule.id})`,
|
|
111
|
+
}));
|
|
112
|
+
return JSON.stringify(annotations);
|
|
113
|
+
}
|
|
114
|
+
// --- JSON FORMAT ---
|
|
115
|
+
if (format === "json") {
|
|
116
|
+
return JSON.stringify({
|
|
117
|
+
summary: {
|
|
118
|
+
total, critical, high, medium,
|
|
119
|
+
files: scannedFiles.length, changedFiles: changedFiles.length,
|
|
120
|
+
diffOnly, blocked, failOn, base,
|
|
121
|
+
},
|
|
122
|
+
findings: reportFindings.map(f => ({
|
|
123
|
+
id: f.rule.id, name: f.rule.name, severity: f.rule.severity,
|
|
124
|
+
owasp: f.rule.owasp, file: f.file, line: f.line, match: f.match,
|
|
125
|
+
inDiff: f.inDiff, fix: f.rule.fix, fixCode: f.rule.fixCode,
|
|
126
|
+
compliance: f.rule.compliance,
|
|
127
|
+
})),
|
|
128
|
+
});
|
|
129
|
+
}
|
|
130
|
+
// --- MARKDOWN FORMAT (for PR comment) ---
|
|
131
|
+
const existingFindings = diffOnly ? allFindings.filter(f => !f.inDiff) : [];
|
|
132
|
+
const lines = [
|
|
133
|
+
`## GuardVibe PR Security Review`,
|
|
134
|
+
``,
|
|
135
|
+
`**Base:** ${base} | **Files changed:** ${changedFiles.length} | **Scanned:** ${scannedFiles.length}`,
|
|
136
|
+
`**Mode:** ${diffOnly ? "diff-only (new code)" : "full file"}`,
|
|
137
|
+
``,
|
|
138
|
+
];
|
|
139
|
+
if (blocked) {
|
|
140
|
+
lines.push(`> **BLOCKED** — ${failOn}-severity or above findings detected.`, ``);
|
|
141
|
+
}
|
|
142
|
+
if (total === 0) {
|
|
143
|
+
lines.push(`**No security issues in ${diffOnly ? "changed lines" : "changed files"}.** All clear!`);
|
|
144
|
+
if (existingFindings.length > 0) {
|
|
145
|
+
lines.push(``, `*Note: ${existingFindings.length} pre-existing issue(s) in unchanged code.*`);
|
|
146
|
+
}
|
|
147
|
+
return lines.join("\n");
|
|
148
|
+
}
|
|
149
|
+
lines.push(`| Severity | Count |`, `|----------|-------|`);
|
|
150
|
+
if (critical > 0)
|
|
151
|
+
lines.push(`| Critical | ${critical} |`);
|
|
152
|
+
if (high > 0)
|
|
153
|
+
lines.push(`| High | ${high} |`);
|
|
154
|
+
if (medium > 0)
|
|
155
|
+
lines.push(`| Medium | ${medium} |`);
|
|
156
|
+
lines.push(``);
|
|
157
|
+
const byFile = new Map();
|
|
158
|
+
for (const f of reportFindings) {
|
|
159
|
+
const existing = byFile.get(f.file) ?? [];
|
|
160
|
+
existing.push(f);
|
|
161
|
+
byFile.set(f.file, existing);
|
|
162
|
+
}
|
|
163
|
+
for (const [file, findings] of byFile) {
|
|
164
|
+
lines.push(`### \`${file}\``, ``);
|
|
165
|
+
for (const f of findings) {
|
|
166
|
+
const badge = f.rule.severity.toUpperCase();
|
|
167
|
+
lines.push(`- **[${badge}]** ${f.rule.name} (${f.rule.id}) — line ${f.line}`, ` ${f.rule.fix}`);
|
|
168
|
+
if (f.rule.fixCode) {
|
|
169
|
+
lines.push(` \`\`\``, ` ${f.rule.fixCode.split("\n")[0]}`, ` \`\`\``);
|
|
170
|
+
}
|
|
171
|
+
lines.push(``);
|
|
172
|
+
}
|
|
173
|
+
}
|
|
174
|
+
if (existingFindings.length > 0) {
|
|
175
|
+
lines.push(`---`, ``, `*${existingFindings.length} pre-existing issue(s) in unchanged code (not shown).*`);
|
|
176
|
+
}
|
|
177
|
+
return lines.join("\n");
|
|
178
|
+
}
|
|
179
|
+
//# sourceMappingURL=review-pr.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"review-pr.js","sourceRoot":"","sources":["../../src/tools/review-pr.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,MAAM,CAAC;AACzC,OAAO,EAAE,WAAW,EAAgB,MAAM,iBAAiB,CAAC;AAG5D,MAAM,aAAa,GAA2B;IAC5C,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM;IAC7C,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IAC/C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,WAAW;IACnD,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CACjC,CAAC;AAEF,MAAM,eAAe,GAA2B;IAC9C,aAAa,EAAE,eAAe;IAC9B,gBAAgB,EAAE,eAAe,EAAE,iBAAiB,EAAE,eAAe,EAAE,gBAAgB,EAAE,eAAe;IACxG,oBAAoB,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,gBAAgB;CAChF,CAAC;AAwBF,SAAS,OAAO,CAAC,IAAc,EAAE,GAAW;IAC1C,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,GAAW,EAAE,IAAY;IAChD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,aAAa,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;IAC3D,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AACnD,CAAC;AAED,SAAS,YAAY,CAAC,GAAW,EAAE,IAAY,EAAE,IAAY;IAC3D,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,CAAC,EAAE,GAAG,CAAC,CAAC;IAC/D,MAAM,KAAK,GAAe,EAAE,CAAC;IAC7B,MAAM,WAAW,GAAG,+CAA+C,CAAC;IACpE,IAAI,KAAK,CAAC;IACV,OAAO,CAAC,KAAK,GAAG,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QACnD,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QACrC,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpD,KAAK,CAAC,IAAI,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,GAAW,EAAE,IAAY;IAC/C,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,QAAQ,IAAI,EAAE,CAAC,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;IACnG,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,IAAY,EAAE,KAAiB;IACnD,OAAO,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,IAAI,IAAI,CAAC,CAAC,SAAS,IAAI,IAAI,GAAG,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;AAClF,CAAC;AAED,SAAS,cAAc,CAAC,QAAgB;IACtC,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAC5C,IAAI,aAAa,CAAC,GAAG,CAAC;QAAE,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC;IAClD,IAAI,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,aAAa;QAAE,OAAO,YAAY,CAAC;IAC9F,OAAO,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,IAAI,CAAC;AACrD,CAAC;AAED,SAAS,eAAe,CAAC,QAAgB;IACvC,IAAI,QAAQ,KAAK,UAAU,IAAI,QAAQ,KAAK,MAAM;QAAE,OAAO,SAAS,CAAC;IACrE,IAAI,QAAQ,KAAK,QAAQ;QAAE,OAAO,SAAS,CAAC;IAC5C,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,MAAM,UAAU,QAAQ,CACtB,MAAc,OAAO,CAAC,GAAG,EAAE,EAC3B,OAAe,MAAM,EACrB,SAA8C,UAAU,EACxD,WAAoB,IAAI,EACxB,SAA0D,MAAM,EAChE,KAAsB;IAEtB,MAAM,YAAY,GAAG,eAAe,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;IAChD,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9B,IAAI,MAAM,KAAK,MAAM;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;QAChG,IAAI,MAAM,KAAK,aAAa;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,CAAC,CAAC;QACxD,OAAO,kDAAkD,CAAC;IAC5D,CAAC;IAED,MAAM,WAAW,GAAgB,EAAE,CAAC;IACpC,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;QAChC,MAAM,QAAQ,GAAG,cAAc,CAAC,IAAI,CAAC,CAAC;QACtC,IAAI,CAAC,QAAQ;YAAE,SAAS;QAExB,MAAM,OAAO,GAAG,cAAc,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC1C,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACxB,MAAM,KAAK,GAAG,YAAY,CAAC,GAAG,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAC5C,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,IAAI,EAAE,GAAG,EAAE,KAAK,CAAC,CAAC;QAE7E,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,MAAM,GAAG,YAAY,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;YAC3C,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC,CAAC;QACjF,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC;IAElF,MAAM,QAAQ,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACnF,MAAM,IAAI,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC3E,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IAC/E,MAAM,KAAK,GAAG,cAAc,CAAC,MAAM,CAAC;IAEpC,MAAM,cAAc,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IAC3F,MAAM,SAAS,GAAG,cAAc,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;IAC/C,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IACnG,MAAM,OAAO,GAAG,SAAS,IAAI,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,SAAS,CAAC,CAAC;IAE/G,qDAAqD;IACrD,IAAI,MAAM,KAAK,aAAa,EAAE,CAAC;QAC7B,MAAM,WAAW,GAAuB,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC/D,IAAI,EAAE,CAAC,CAAC,IAAI;YACZ,UAAU,EAAE,CAAC,CAAC,IAAI;YAClB,QAAQ,EAAE,CAAC,CAAC,IAAI;YAChB,gBAAgB,EAAE,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC;YAClD,OAAO,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,EAAE;YACtG,KAAK,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG;SAC1E,CAAC,CAAC,CAAC;QACJ,OAAO,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;IACrC,CAAC;IAED,sBAAsB;IACtB,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,OAAO,EAAE;gBACP,KAAK,EAAE,QAAQ,EAAE,IAAI,EAAE,MAAM;gBAC7B,KAAK,EAAE,YAAY,CAAC,MAAM,EAAE,YAAY,EAAE,YAAY,CAAC,MAAM;gBAC7D,QAAQ,EAAE,OAAO,EAAE,MAAM,EAAE,IAAI;aAChC;YACD,QAAQ,EAAE,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACjC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;gBAC3D,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK;gBAC/D,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO;gBAC1D,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU;aAC9B,CAAC,CAAC;SACJ,CAAC,CAAC;IACL,CAAC;IAED,2CAA2C;IAC3C,MAAM,gBAAgB,GAAG,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;IAE5E,MAAM,KAAK,GAAa;QACtB,iCAAiC;QACjC,EAAE;QACF,aAAa,IAAI,yBAAyB,YAAY,CAAC,MAAM,mBAAmB,YAAY,CAAC,MAAM,EAAE;QACrG,aAAa,QAAQ,CAAC,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,WAAW,EAAE;QAC9D,EAAE;KACH,CAAC;IAEF,IAAI,OAAO,EAAE,CAAC;QACZ,KAAK,CAAC,IAAI,CAAC,mBAAmB,MAAM,uCAAuC,EAAE,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,IAAI,KAAK,KAAK,CAAC,EAAE,CAAC;QAChB,KAAK,CAAC,IAAI,CAAC,2BAA2B,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,eAAe,gBAAgB,CAAC,CAAC;QACpG,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,UAAU,gBAAgB,CAAC,MAAM,4CAA4C,CAAC,CAAC;QAChG,CAAC;QACD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,sBAAsB,EAAE,sBAAsB,CAAC,CAAC;IAC3D,IAAI,QAAQ,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,QAAQ,IAAI,CAAC,CAAC;IAC3D,IAAI,IAAI,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,YAAY,IAAI,IAAI,CAAC,CAAC;IAC/C,IAAI,MAAM,GAAG,CAAC;QAAE,KAAK,CAAC,IAAI,CAAC,cAAc,MAAM,IAAI,CAAC,CAAC;IACrD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,MAAM,MAAM,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC9C,KAAK,MAAM,CAAC,IAAI,cAAc,EAAE,CAAC;QAC/B,MAAM,QAAQ,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;QAC1C,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjB,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;IAC/B,CAAC;IAED,KAAK,MAAM,CAAC,IAAI,EAAE,QAAQ,CAAC,IAAI,MAAM,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,SAAS,IAAI,IAAI,EAAE,EAAE,CAAC,CAAC;QAClC,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;YACzB,MAAM,KAAK,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;YAC5C,KAAK,CAAC,IAAI,CACR,QAAQ,KAAK,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,YAAY,CAAC,CAAC,IAAI,EAAE,EACjE,KAAK,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,CAClB,CAAC;YACF,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACnB,KAAK,CAAC,IAAI,CAAC,UAAU,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,UAAU,CAAC,CAAC;YAC3E,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,EAAE,IAAI,gBAAgB,CAAC,MAAM,wDAAwD,CAAC,CAAC;IAC7G,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -1,3 +1,3 @@
|
|
|
1
1
|
import type { SecurityRule } from "../data/rules/types.js";
|
|
2
|
-
export declare function scanDirectory(path: string, recursive?: boolean, exclude?: string[], format?: "markdown" | "json", rules?: SecurityRule[]): string;
|
|
2
|
+
export declare function scanDirectory(path: string, recursive?: boolean, exclude?: string[], format?: "markdown" | "json", rules?: SecurityRule[], baselinePath?: string): string;
|
|
3
3
|
//# sourceMappingURL=scan-directory.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-directory.d.ts","sourceRoot":"","sources":["../../src/tools/scan-directory.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"scan-directory.d.ts","sourceRoot":"","sources":["../../src/tools/scan-directory.ts"],"names":[],"mappings":"AAKA,OAAO,KAAK,EAAE,YAAY,EAAE,MAAM,wBAAwB,CAAC;AA0I3D,wBAAgB,aAAa,CAC3B,IAAI,EAAE,MAAM,EACZ,SAAS,GAAE,OAAc,EACzB,OAAO,GAAE,MAAM,EAAO,EACtB,MAAM,GAAE,UAAU,GAAG,MAAmB,EACxC,KAAK,CAAC,EAAE,YAAY,EAAE,EACtB,YAAY,CAAC,EAAE,MAAM,GACpB,MAAM,CAoNR"}
|
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import { readdirSync, readFileSync, statSync } from "fs";
|
|
2
2
|
import { join, extname, basename, resolve } from "path";
|
|
3
|
-
import {
|
|
3
|
+
import { createHash, randomUUID } from "crypto";
|
|
4
|
+
import { analyzeCode } from "./check-code.js";
|
|
4
5
|
import { loadConfig } from "../utils/config.js";
|
|
5
6
|
const DEFAULT_EXCLUDES = new Set([
|
|
6
7
|
"node_modules", ".git", "build", "dist", "vendor", "__pycache__",
|
|
@@ -27,6 +28,8 @@ const CONFIG_FILE_MAP = {
|
|
|
27
28
|
"render.yaml": "render-config",
|
|
28
29
|
"netlify.toml": "netlify-config",
|
|
29
30
|
};
|
|
31
|
+
// GuardVibe version — used in scan metadata
|
|
32
|
+
const GUARDVIBE_VERSION = "1.4.0";
|
|
30
33
|
function walkDirectory(dir, recursive, excludes, results) {
|
|
31
34
|
let entries;
|
|
32
35
|
try {
|
|
@@ -47,7 +50,6 @@ function walkDirectory(dir, recursive, excludes, results) {
|
|
|
47
50
|
if (EXTENSION_MAP[ext]) {
|
|
48
51
|
results.push(fullPath);
|
|
49
52
|
}
|
|
50
|
-
// Also detect Dockerfiles and config files by name
|
|
51
53
|
if (entry.name.startsWith("Dockerfile") || entry.name.endsWith(".dockerfile")) {
|
|
52
54
|
results.push(fullPath);
|
|
53
55
|
}
|
|
@@ -57,7 +59,39 @@ function walkDirectory(dir, recursive, excludes, results) {
|
|
|
57
59
|
}
|
|
58
60
|
}
|
|
59
61
|
}
|
|
60
|
-
|
|
62
|
+
function hashContent(content) {
|
|
63
|
+
return createHash("sha256").update(content).digest("hex").substring(0, 16);
|
|
64
|
+
}
|
|
65
|
+
function findingsToBaseline(scanResults) {
|
|
66
|
+
const entries = [];
|
|
67
|
+
for (const result of scanResults) {
|
|
68
|
+
for (const f of result.findings) {
|
|
69
|
+
entries.push({
|
|
70
|
+
id: f.rule.id,
|
|
71
|
+
name: f.rule.name,
|
|
72
|
+
severity: f.rule.severity,
|
|
73
|
+
file: result.path,
|
|
74
|
+
line: f.line,
|
|
75
|
+
match: f.match,
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
}
|
|
79
|
+
return entries;
|
|
80
|
+
}
|
|
81
|
+
function computeBaselineDiff(current, previous) {
|
|
82
|
+
const prevKey = (e) => `${e.id}:${e.file}:${e.match}`;
|
|
83
|
+
const currKey = (e) => `${e.id}:${e.file}:${e.match}`;
|
|
84
|
+
const prevSet = new Set(previous.map(prevKey));
|
|
85
|
+
const currSet = new Set(current.map(currKey));
|
|
86
|
+
return {
|
|
87
|
+
new: current.filter(e => !prevSet.has(currKey(e))),
|
|
88
|
+
fixed: previous.filter(e => !currSet.has(prevKey(e))),
|
|
89
|
+
unchanged: current.filter(e => prevSet.has(currKey(e))),
|
|
90
|
+
};
|
|
91
|
+
}
|
|
92
|
+
export function scanDirectory(path, recursive = true, exclude = [], format = "markdown", rules, baselinePath) {
|
|
93
|
+
const startTime = performance.now();
|
|
94
|
+
const scanId = randomUUID();
|
|
61
95
|
const scanRoot = resolve(path);
|
|
62
96
|
const config = loadConfig(scanRoot);
|
|
63
97
|
const excludes = new Set([...DEFAULT_EXCLUDES, ...exclude, ...config.scan.exclude]);
|
|
@@ -66,6 +100,8 @@ export function scanDirectory(path, recursive = true, exclude = [], format = "ma
|
|
|
66
100
|
walkDirectory(scanRoot, recursive, excludes, filePaths);
|
|
67
101
|
const scanResults = [];
|
|
68
102
|
const skippedFiles = [];
|
|
103
|
+
const fileHashes = {};
|
|
104
|
+
const effectiveRules = rules ?? [];
|
|
69
105
|
for (const filePath of filePaths) {
|
|
70
106
|
try {
|
|
71
107
|
const stat = statSync(filePath);
|
|
@@ -74,13 +110,12 @@ export function scanDirectory(path, recursive = true, exclude = [], format = "ma
|
|
|
74
110
|
continue;
|
|
75
111
|
}
|
|
76
112
|
const content = readFileSync(filePath, "utf-8");
|
|
113
|
+
fileHashes[filePath] = hashContent(content);
|
|
77
114
|
const ext = extname(filePath).toLowerCase();
|
|
78
115
|
let language = EXTENSION_MAP[ext];
|
|
79
|
-
// Detect Dockerfile by name
|
|
80
116
|
if (!language && (basename(filePath).startsWith("Dockerfile") || ext === ".dockerfile")) {
|
|
81
117
|
language = "dockerfile";
|
|
82
118
|
}
|
|
83
|
-
// Detect config files by name
|
|
84
119
|
if (!language) {
|
|
85
120
|
language = CONFIG_FILE_MAP[basename(filePath)];
|
|
86
121
|
}
|
|
@@ -95,6 +130,17 @@ export function scanDirectory(path, recursive = true, exclude = [], format = "ma
|
|
|
95
130
|
skippedFiles.push(`${filePath} (read error)`);
|
|
96
131
|
}
|
|
97
132
|
}
|
|
133
|
+
const scanDurationMs = Math.round(performance.now() - startTime);
|
|
134
|
+
const metadata = {
|
|
135
|
+
scanId,
|
|
136
|
+
timestamp: new Date().toISOString(),
|
|
137
|
+
guardvibeVersion: GUARDVIBE_VERSION,
|
|
138
|
+
ruleCount: effectiveRules.length > 0 ? effectiveRules.length : 239,
|
|
139
|
+
scanDurationMs,
|
|
140
|
+
filesScanned: filePaths.length - skippedFiles.length,
|
|
141
|
+
filesSkipped: skippedFiles.length,
|
|
142
|
+
fileHashes,
|
|
143
|
+
};
|
|
98
144
|
// Scoring
|
|
99
145
|
const allFindings = scanResults.flatMap(r => r.findings);
|
|
100
146
|
const totalCritical = allFindings.filter(f => f.rule.severity === "critical").length;
|
|
@@ -103,19 +149,87 @@ export function scanDirectory(path, recursive = true, exclude = [], format = "ma
|
|
|
103
149
|
const totalIssues = totalCritical + totalHigh + totalMedium;
|
|
104
150
|
const score = Math.max(0, Math.min(100, 100 - totalCritical * 25 - totalHigh * 10 - totalMedium * 5));
|
|
105
151
|
const grade = score >= 90 ? "A" : score >= 75 ? "B" : score >= 60 ? "C" : score >= 40 ? "D" : "F";
|
|
152
|
+
// Baseline comparison
|
|
153
|
+
let baselineDiff = null;
|
|
154
|
+
let previousBaseline = null;
|
|
155
|
+
if (baselinePath) {
|
|
156
|
+
try {
|
|
157
|
+
const baselineContent = readFileSync(resolve(baselinePath), "utf-8");
|
|
158
|
+
const parsed = JSON.parse(baselineContent);
|
|
159
|
+
previousBaseline = {
|
|
160
|
+
report: { scanId: parsed.metadata?.scanId ?? "unknown", timestamp: parsed.metadata?.timestamp ?? "unknown" },
|
|
161
|
+
findings: parsed.baseline ?? [],
|
|
162
|
+
};
|
|
163
|
+
const currentEntries = findingsToBaseline(scanResults);
|
|
164
|
+
baselineDiff = computeBaselineDiff(currentEntries, previousBaseline.findings);
|
|
165
|
+
}
|
|
166
|
+
catch {
|
|
167
|
+
// baseline file unreadable, skip comparison
|
|
168
|
+
}
|
|
169
|
+
}
|
|
106
170
|
if (format === "json") {
|
|
107
171
|
const findingsWithFiles = scanResults.flatMap(r => r.findings.map(f => ({ ...f, rule: f.rule, file: r.path })));
|
|
108
|
-
|
|
172
|
+
const baseJson = {
|
|
173
|
+
summary: {
|
|
174
|
+
total: allFindings.length,
|
|
175
|
+
critical: totalCritical, high: totalHigh, medium: totalMedium,
|
|
176
|
+
low: allFindings.filter(f => f.rule.severity === "low").length,
|
|
177
|
+
blocked: totalCritical > 0 || totalHigh > 0,
|
|
178
|
+
grade, score,
|
|
179
|
+
},
|
|
180
|
+
metadata,
|
|
181
|
+
findings: findingsWithFiles.map(f => ({
|
|
182
|
+
id: f.rule.id, name: f.rule.name, severity: f.rule.severity,
|
|
183
|
+
owasp: f.rule.owasp, line: f.line, match: f.match, file: f.file,
|
|
184
|
+
fix: f.rule.fix, fixCode: f.rule.fixCode, compliance: f.rule.compliance,
|
|
185
|
+
})),
|
|
186
|
+
baseline: findingsToBaseline(scanResults),
|
|
187
|
+
};
|
|
188
|
+
if (baselineDiff) {
|
|
189
|
+
baseJson.baselineDiff = {
|
|
190
|
+
previousScanId: previousBaseline?.report.scanId,
|
|
191
|
+
previousTimestamp: previousBaseline?.report.timestamp,
|
|
192
|
+
new: baselineDiff.new.length,
|
|
193
|
+
fixed: baselineDiff.fixed.length,
|
|
194
|
+
unchanged: baselineDiff.unchanged.length,
|
|
195
|
+
newFindings: baselineDiff.new,
|
|
196
|
+
fixedFindings: baselineDiff.fixed,
|
|
197
|
+
};
|
|
198
|
+
}
|
|
199
|
+
return JSON.stringify(baseJson);
|
|
109
200
|
}
|
|
201
|
+
// Markdown output
|
|
110
202
|
const lines = [
|
|
111
203
|
`# GuardVibe Directory Security Report`,
|
|
112
204
|
``,
|
|
205
|
+
`Scan ID: ${scanId}`,
|
|
206
|
+
`Timestamp: ${metadata.timestamp}`,
|
|
113
207
|
`Directory: ${scanRoot}`,
|
|
114
|
-
`Files scanned: ${
|
|
208
|
+
`Files scanned: ${metadata.filesScanned}`,
|
|
115
209
|
`Total issues: ${totalIssues}`,
|
|
116
210
|
`Security Score: ${grade} (${score}/100)`,
|
|
211
|
+
`Scan duration: ${scanDurationMs}ms`,
|
|
212
|
+
`GuardVibe: v${GUARDVIBE_VERSION} (${metadata.ruleCount} rules)`,
|
|
117
213
|
``,
|
|
118
214
|
];
|
|
215
|
+
// Baseline diff section
|
|
216
|
+
if (baselineDiff && previousBaseline) {
|
|
217
|
+
lines.push(`## Baseline Comparison`, ``, `Previous scan: ${previousBaseline.report.scanId} (${previousBaseline.report.timestamp})`, ``, `| Status | Count |`, `|--------|-------|`, `| New findings | ${baselineDiff.new.length} |`, `| Fixed findings | ${baselineDiff.fixed.length} |`, `| Unchanged | ${baselineDiff.unchanged.length} |`, ``);
|
|
218
|
+
if (baselineDiff.new.length > 0) {
|
|
219
|
+
lines.push(`### New Findings`, ``);
|
|
220
|
+
for (const entry of baselineDiff.new) {
|
|
221
|
+
lines.push(`- [${entry.severity.toUpperCase()}] ${entry.name} (${entry.id}) in ${entry.file}:${entry.line}`);
|
|
222
|
+
}
|
|
223
|
+
lines.push(``);
|
|
224
|
+
}
|
|
225
|
+
if (baselineDiff.fixed.length > 0) {
|
|
226
|
+
lines.push(`### Fixed Findings`, ``);
|
|
227
|
+
for (const entry of baselineDiff.fixed) {
|
|
228
|
+
lines.push(`- ~~[${entry.severity.toUpperCase()}] ${entry.name} (${entry.id}) in ${entry.file}:${entry.line}~~`);
|
|
229
|
+
}
|
|
230
|
+
lines.push(``);
|
|
231
|
+
}
|
|
232
|
+
}
|
|
119
233
|
if (totalIssues > 0) {
|
|
120
234
|
lines.push(`## Summary`, ``, `| Severity | Count |`, `|----------|-------|`);
|
|
121
235
|
if (totalCritical > 0)
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan-directory.js","sourceRoot":"","sources":["../../src/tools/scan-directory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,IAAI,CAAC;AACzD,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAAE,WAAW,EAAE,kBAAkB,EAAgB,MAAM,iBAAiB,CAAC;AAChF,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGhD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa;IAChE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK;IACvD,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM;CACtC,CAAC,CAAC;AAEH,MAAM,aAAa,GAA2B;IAC5C,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM;IAC7C,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IAC/C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAC/B,KAAK,EAAE,WAAW;IAClB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CACjC,CAAC;AAEF,MAAM,eAAe,GAA2B;IAC9C,aAAa,EAAE,eAAe;IAC9B,gBAAgB,EAAE,eAAe;IACjC,iBAAiB,EAAE,eAAe;IAClC,gBAAgB,EAAE,eAAe;IACjC,oBAAoB,EAAE,gBAAgB;IACtC,qBAAqB,EAAE,gBAAgB;IACvC,UAAU,EAAE,YAAY;IACxB,aAAa,EAAE,eAAe;IAC9B,cAAc,EAAE,gBAAgB;CACjC,CAAC;AAOF,SAAS,aAAa,CACpB,GAAW,EACX,SAAkB,EAClB,QAAqB,EACrB,OAAiB;IAEjB,IAAI,OAAO,CAAC;IACZ,IAAI,CAAC;QACH,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAEvC,IAAI,KAAK,CAAC,WAAW,EAAE,IAAI,SAAS,EAAE,CAAC;YACrC,aAAa,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;aAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAC9C,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;YACD,mDAAmD;YACnD,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC9E,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;YACD,IAAI,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/D,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,IAAY,EACZ,YAAqB,IAAI,EACzB,UAAoB,EAAE,EACtB,SAA8B,UAAU,EACxC,KAAsB;IAEtB,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,gBAAgB,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACpF,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC;IACxC,MAAM,SAAS,GAAa,EAAE,CAAC;IAC/B,aAAa,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAExD,MAAM,WAAW,GAAiB,EAAE,CAAC;IACrC,MAAM,YAAY,GAAa,EAAE,CAAC;IAElC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,IAAI,GAAG,OAAO,EAAE,CAAC;gBACxB,YAAY,CAAC,IAAI,CAAC,GAAG,QAAQ,gBAAgB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;gBAChF,SAAS;YACX,CAAC;YAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAI,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;YAClC,4BAA4B;YAC5B,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,aAAa,CAAC,EAAE,CAAC;gBACxF,QAAQ,GAAG,YAAY,CAAC;YAC1B,CAAC;YACD,8BAA8B;YAC9B,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;YACjD,CAAC;YACD,IAAI,CAAC,QAAQ;gBAAE,SAAS;YAExB,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YACtF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,YAAY,CAAC,IAAI,CAAC,GAAG,QAAQ,eAAe,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,UAAU;IACV,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACrF,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC7E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,aAAa,GAAG,SAAS,GAAG,WAAW,CAAC;IAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,GAAG,EAAE,GAAG,SAAS,GAAG,EAAE,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC;IACtG,MAAM,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IAElG,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,iBAAiB,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAC5D,CAAC;QACF,OAAO,kBAAkB,CAAC,iBAAiB,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IACjE,CAAC;IAED,MAAM,KAAK,GAAa;QACtB,uCAAuC;QACvC,EAAE;QACF,cAAc,QAAQ,EAAE;QACxB,kBAAkB,SAAS,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM,EAAE;QAC1D,iBAAiB,WAAW,EAAE;QAC9B,mBAAmB,KAAK,KAAK,KAAK,OAAO;QACzC,EAAE;KACH,CAAC;IAEF,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,EAAE,sBAAsB,EAAE,sBAAsB,CAAC,CAAC;QAC7E,IAAI,aAAa,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,aAAa,QAAQ,CAAC,CAAC;QACzE,IAAI,SAAS,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,SAAS,QAAQ,CAAC,CAAC;QACjE,IAAI,WAAW,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,WAAW,QAAQ,CAAC,CAAC;QACrE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACnG,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CACxC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACnB,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG;YACrF,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE;SAC5C,CAAC,CAAC,CACJ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEjD,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5B,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;QAE1B,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,YAAY,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,QAAQ,CAAC,MAAM,UAAU,EAAE,EAAE,CAAC,CAAC;YAC7E,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAChC,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAC3C,KAAK,CAAC,IAAI,CACR,QAAQ,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,EAC7C,cAAc,CAAC,CAAC,IAAI,mBAAmB,CAAC,CAAC,KAAK,IAAI,EAClD,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,EACvB,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,EACxB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EACvF,EAAE,CACH,CAAC;YACJ,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,EAAE,mCAAmC,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC;QACrC,KAAK,MAAM,CAAC,IAAI,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
1
|
+
{"version":3,"file":"scan-directory.js","sourceRoot":"","sources":["../../src/tools/scan-directory.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,WAAW,EAAE,YAAY,EAAE,QAAQ,EAA6B,MAAM,IAAI,CAAC;AACpF,OAAO,EAAE,IAAI,EAAE,OAAO,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAChD,OAAO,EAAE,WAAW,EAAoC,MAAM,iBAAiB,CAAC;AAChF,OAAO,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AAGhD,MAAM,gBAAgB,GAAG,IAAI,GAAG,CAAC;IAC/B,cAAc,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,QAAQ,EAAE,aAAa;IAChE,OAAO,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,KAAK,EAAE,KAAK;IACvD,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM;CACtC,CAAC,CAAC;AAEH,MAAM,aAAa,GAA2B;IAC5C,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY,EAAE,MAAM,EAAE,YAAY;IACrF,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,MAAM;IAC7C,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO;IAC/C,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;IAC/B,KAAK,EAAE,WAAW;IAClB,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,MAAM;CACjC,CAAC;AAEF,MAAM,eAAe,GAA2B;IAC9C,aAAa,EAAE,eAAe;IAC9B,gBAAgB,EAAE,eAAe;IACjC,iBAAiB,EAAE,eAAe;IAClC,gBAAgB,EAAE,eAAe;IACjC,oBAAoB,EAAE,gBAAgB;IACtC,qBAAqB,EAAE,gBAAgB;IACvC,UAAU,EAAE,YAAY;IACxB,aAAa,EAAE,eAAe;IAC9B,cAAc,EAAE,gBAAgB;CACjC,CAAC;AAEF,4CAA4C;AAC5C,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAsClC,SAAS,aAAa,CACpB,GAAW,EACX,SAAkB,EAClB,QAAqB,EACrB,OAAiB;IAEjB,IAAI,OAAO,CAAC;IACZ,IAAI,CAAC;QACH,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACtD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO;IACT,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QACvC,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QAEvC,IAAI,KAAK,CAAC,WAAW,EAAE,IAAI,SAAS,EAAE,CAAC;YACrC,aAAa,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;aAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;YAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;YAC9C,IAAI,aAAa,CAAC,GAAG,CAAC,EAAE,CAAC;gBACvB,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;YACD,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;gBAC9E,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;YACD,IAAI,eAAe,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/D,OAAO,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;YACzB,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,SAAS,WAAW,CAAC,OAAe;IAClC,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,SAAS,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AAC7E,CAAC;AAED,SAAS,kBAAkB,CAAC,WAAyB;IACnD,MAAM,OAAO,GAAoB,EAAE,CAAC;IACpC,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;QACjC,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YAChC,OAAO,CAAC,IAAI,CAAC;gBACX,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE;gBACb,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI;gBACjB,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;gBACzB,IAAI,EAAE,MAAM,CAAC,IAAI;gBACjB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,KAAK,EAAE,CAAC,CAAC,KAAK;aACf,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAwB,EAAE,QAAyB;IAC9E,MAAM,OAAO,GAAG,CAAC,CAAgB,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;IACrE,MAAM,OAAO,GAAG,CAAC,CAAgB,EAAE,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;IAErE,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;IAC/C,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;IAE9C,OAAO;QACL,GAAG,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;QAClD,KAAK,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;QACrD,SAAS,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC;KACxD,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,aAAa,CAC3B,IAAY,EACZ,YAAqB,IAAI,EACzB,UAAoB,EAAE,EACtB,SAA8B,UAAU,EACxC,KAAsB,EACtB,YAAqB;IAErB,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IACpC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,QAAQ,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC/B,MAAM,MAAM,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IACpC,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,gBAAgB,EAAE,GAAG,OAAO,EAAE,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACpF,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC;IACxC,MAAM,SAAS,GAAa,EAAE,CAAC;IAC/B,aAAa,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;IAExD,MAAM,WAAW,GAAiB,EAAE,CAAC;IACrC,MAAM,YAAY,GAAa,EAAE,CAAC;IAClC,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,MAAM,cAAc,GAAG,KAAK,IAAI,EAAE,CAAC;IAEnC,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;QACjC,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YAChC,IAAI,IAAI,CAAC,IAAI,GAAG,OAAO,EAAE,CAAC;gBACxB,YAAY,CAAC,IAAI,CAAC,GAAG,QAAQ,gBAAgB,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC;gBAChF,SAAS;YACX,CAAC;YAED,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;YAChD,UAAU,CAAC,QAAQ,CAAC,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC;YAE5C,MAAM,GAAG,GAAG,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;YAC5C,IAAI,QAAQ,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC;YAClC,IAAI,CAAC,QAAQ,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,UAAU,CAAC,YAAY,CAAC,IAAI,GAAG,KAAK,aAAa,CAAC,EAAE,CAAC;gBACxF,QAAQ,GAAG,YAAY,CAAC;YAC1B,CAAC;YACD,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,QAAQ,GAAG,eAAe,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,CAAC;YACjD,CAAC;YACD,IAAI,CAAC,QAAQ;gBAAE,SAAS;YAExB,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,EAAE,QAAQ,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;YACtF,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACxB,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;YACjD,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,YAAY,CAAC,IAAI,CAAC,GAAG,QAAQ,eAAe,CAAC,CAAC;QAChD,CAAC;IACH,CAAC;IAED,MAAM,cAAc,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;IAEjE,MAAM,QAAQ,GAAiB;QAC7B,MAAM;QACN,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;QACnC,gBAAgB,EAAE,iBAAiB;QACnC,SAAS,EAAE,cAAc,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG;QAClE,cAAc;QACd,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,YAAY,CAAC,MAAM;QACpD,YAAY,EAAE,YAAY,CAAC,MAAM;QACjC,UAAU;KACX,CAAC;IAEF,UAAU;IACV,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IACzD,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IACrF,MAAM,SAAS,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAC7E,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACjF,MAAM,WAAW,GAAG,aAAa,GAAG,SAAS,GAAG,WAAW,CAAC;IAC5D,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,GAAG,EAAE,GAAG,SAAS,GAAG,EAAE,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC;IACtG,MAAM,KAAK,GAAG,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC;IAElG,sBAAsB;IACtB,IAAI,YAAY,GAAwB,IAAI,CAAC;IAC7C,IAAI,gBAAgB,GAAiE,IAAI,CAAC;IAC1F,IAAI,YAAY,EAAE,CAAC;QACjB,IAAI,CAAC;YACH,MAAM,eAAe,GAAG,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,OAAO,CAAC,CAAC;YACrE,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;YAC3C,gBAAgB,GAAG;gBACjB,MAAM,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,IAAI,SAAS,EAAE,SAAS,EAAE,MAAM,CAAC,QAAQ,EAAE,SAAS,IAAI,SAAS,EAAE;gBAC5G,QAAQ,EAAE,MAAM,CAAC,QAAQ,IAAI,EAAE;aAChC,CAAC;YACF,MAAM,cAAc,GAAG,kBAAkB,CAAC,WAAW,CAAC,CAAC;YACvD,YAAY,GAAG,mBAAmB,CAAC,cAAc,EAAE,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAChF,CAAC;QAAC,MAAM,CAAC;YACP,4CAA4C;QAC9C,CAAC;IACH,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,MAAM,iBAAiB,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAChD,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAC5D,CAAC;QACF,MAAM,QAAQ,GAA4B;YACxC,OAAO,EAAE;gBACP,KAAK,EAAE,WAAW,CAAC,MAAM;gBACzB,QAAQ,EAAE,aAAa,EAAE,IAAI,EAAE,SAAS,EAAE,MAAM,EAAE,WAAW;gBAC7D,GAAG,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;gBAC9D,OAAO,EAAE,aAAa,GAAG,CAAC,IAAI,SAAS,GAAG,CAAC;gBAC3C,KAAK,EAAE,KAAK;aACb;YACD,QAAQ;YACR,QAAQ,EAAE,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBACpC,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,QAAQ;gBAC3D,KAAK,EAAE,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,IAAI,EAAG,CAAS,CAAC,IAAI;gBACxE,GAAG,EAAE,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC,CAAC,IAAI,CAAC,UAAU;aACxE,CAAC,CAAC;YACH,QAAQ,EAAE,kBAAkB,CAAC,WAAW,CAAC;SAC1C,CAAC;QAEF,IAAI,YAAY,EAAE,CAAC;YACjB,QAAQ,CAAC,YAAY,GAAG;gBACtB,cAAc,EAAE,gBAAgB,EAAE,MAAM,CAAC,MAAM;gBAC/C,iBAAiB,EAAE,gBAAgB,EAAE,MAAM,CAAC,SAAS;gBACrD,GAAG,EAAE,YAAY,CAAC,GAAG,CAAC,MAAM;gBAC5B,KAAK,EAAE,YAAY,CAAC,KAAK,CAAC,MAAM;gBAChC,SAAS,EAAE,YAAY,CAAC,SAAS,CAAC,MAAM;gBACxC,WAAW,EAAE,YAAY,CAAC,GAAG;gBAC7B,aAAa,EAAE,YAAY,CAAC,KAAK;aAClC,CAAC;QACJ,CAAC;QAED,OAAO,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;IAClC,CAAC;IAED,kBAAkB;IAClB,MAAM,KAAK,GAAa;QACtB,uCAAuC;QACvC,EAAE;QACF,YAAY,MAAM,EAAE;QACpB,cAAc,QAAQ,CAAC,SAAS,EAAE;QAClC,cAAc,QAAQ,EAAE;QACxB,kBAAkB,QAAQ,CAAC,YAAY,EAAE;QACzC,iBAAiB,WAAW,EAAE;QAC9B,mBAAmB,KAAK,KAAK,KAAK,OAAO;QACzC,kBAAkB,cAAc,IAAI;QACpC,eAAe,iBAAiB,KAAK,QAAQ,CAAC,SAAS,SAAS;QAChE,EAAE;KACH,CAAC;IAEF,wBAAwB;IACxB,IAAI,YAAY,IAAI,gBAAgB,EAAE,CAAC;QACrC,KAAK,CAAC,IAAI,CACR,wBAAwB,EACxB,EAAE,EACF,kBAAkB,gBAAgB,CAAC,MAAM,CAAC,MAAM,KAAK,gBAAgB,CAAC,MAAM,CAAC,SAAS,GAAG,EACzF,EAAE,EACF,oBAAoB,EACpB,oBAAoB,EACpB,oBAAoB,YAAY,CAAC,GAAG,CAAC,MAAM,IAAI,EAC/C,sBAAsB,YAAY,CAAC,KAAK,CAAC,MAAM,IAAI,EACnD,iBAAiB,YAAY,CAAC,SAAS,CAAC,MAAM,IAAI,EAClD,EAAE,CACH,CAAC;QAEF,IAAI,YAAY,CAAC,GAAG,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAChC,KAAK,CAAC,IAAI,CAAC,kBAAkB,EAAE,EAAE,CAAC,CAAC;YACnC,KAAK,MAAM,KAAK,IAAI,YAAY,CAAC,GAAG,EAAE,CAAC;gBACrC,KAAK,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,EAAE,QAAQ,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC;YAC/G,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;QAED,IAAI,YAAY,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,CAAC,CAAC;YACrC,KAAK,MAAM,KAAK,IAAI,YAAY,CAAC,KAAK,EAAE,CAAC;gBACvC,KAAK,CAAC,IAAI,CAAC,QAAQ,KAAK,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,KAAK,CAAC,IAAI,KAAK,KAAK,CAAC,EAAE,QAAQ,KAAK,CAAC,IAAI,IAAI,KAAK,CAAC,IAAI,IAAI,CAAC,CAAC;YACnH,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACjB,CAAC;IACH,CAAC;IAED,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,EAAE,sBAAsB,EAAE,sBAAsB,CAAC,CAAC;QAC7E,IAAI,aAAa,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,aAAa,QAAQ,CAAC,CAAC;QACzE,IAAI,SAAS,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,SAAS,QAAQ,CAAC,CAAC;QACjE,IAAI,WAAW,GAAG,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,gBAAgB,WAAW,QAAQ,CAAC,CAAC;QACrE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAEf,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QACnG,MAAM,SAAS,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CACxC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YACnB,IAAI,EAAE,IAAI,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG;YACrF,KAAK,EAAE,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE;SAC5C,CAAC,CAAC,CACJ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;QAEjD,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QAC5B,SAAS,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;QACvE,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC;QAE1B,KAAK,MAAM,MAAM,IAAI,WAAW,EAAE,CAAC;YACjC,KAAK,CAAC,IAAI,CAAC,YAAY,MAAM,CAAC,IAAI,KAAK,MAAM,CAAC,QAAQ,CAAC,MAAM,UAAU,EAAE,EAAE,CAAC,CAAC;YAC7E,KAAK,MAAM,CAAC,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAChC,MAAM,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC;gBAC3C,KAAK,CAAC,IAAI,CACR,QAAQ,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,CAAC,EAAE,GAAG,EAC7C,cAAc,CAAC,CAAC,IAAI,mBAAmB,CAAC,CAAC,KAAK,IAAI,EAClD,GAAG,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,EACvB,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,EAAE,EACxB,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,kBAAkB,EAAE,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,EACvF,EAAE,CACH,CAAC;YACJ,CAAC;YACD,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;QACxB,CAAC;IACH,CAAC;SAAM,CAAC;QACN,KAAK,CAAC,IAAI,CAAC,oBAAoB,EAAE,EAAE,EAAE,mCAAmC,CAAC,CAAC;IAC5E,CAAC;IAED,IAAI,YAAY,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5B,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,oBAAoB,CAAC,CAAC;QACrC,KAAK,MAAM,CAAC,IAAI,YAAY;YAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACrD,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import { type SecretFinding } from "./scan-secrets.js";
|
|
2
|
+
export interface HistorySecretFinding extends SecretFinding {
|
|
3
|
+
commit: string;
|
|
4
|
+
commitDate: string;
|
|
5
|
+
author: string;
|
|
6
|
+
status: "active" | "removed";
|
|
7
|
+
}
|
|
8
|
+
export declare function scanSecretsHistory(path: string, maxCommits?: number, format?: "markdown" | "json"): string;
|
|
9
|
+
//# sourceMappingURL=scan-secrets-history.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-secrets-history.d.ts","sourceRoot":"","sources":["../../src/tools/scan-secrets-history.ts"],"names":[],"mappings":"AAEA,OAAO,EAAe,KAAK,aAAa,EAAE,MAAM,mBAAmB,CAAC;AAEpE,MAAM,WAAW,oBAAqB,SAAQ,aAAa;IACzD,MAAM,EAAE,MAAM,CAAC;IACf,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,MAAM,CAAC;IACf,MAAM,EAAE,QAAQ,GAAG,SAAS,CAAC;CAC9B;AAsDD,wBAAgB,kBAAkB,CAChC,IAAI,EAAE,MAAM,EACZ,UAAU,GAAE,MAAY,EACxB,MAAM,GAAE,UAAU,GAAG,MAAmB,GACvC,MAAM,CAoHR"}
|
|
@@ -0,0 +1,142 @@
|
|
|
1
|
+
import { execFileSync } from "child_process";
|
|
2
|
+
import { resolve } from "path";
|
|
3
|
+
import { scanContent } from "./scan-secrets.js";
|
|
4
|
+
function execGit(args, cwd) {
|
|
5
|
+
try {
|
|
6
|
+
return execFileSync("git", args, { cwd, encoding: "utf-8", timeout: 30000 });
|
|
7
|
+
}
|
|
8
|
+
catch {
|
|
9
|
+
return "";
|
|
10
|
+
}
|
|
11
|
+
}
|
|
12
|
+
function getCommitList(cwd, maxCommits) {
|
|
13
|
+
const output = execGit(["log", `--max-count=${maxCommits}`, "--format=%H|||%aI|||%an", "--all"], cwd);
|
|
14
|
+
return output.trim().split("\n").filter(Boolean).map(line => {
|
|
15
|
+
const [hash, date, author] = line.split("|||");
|
|
16
|
+
return { hash, date, author };
|
|
17
|
+
});
|
|
18
|
+
}
|
|
19
|
+
function getCommitDiff(cwd, commitHash) {
|
|
20
|
+
return execGit(["diff-tree", "--no-commit-id", "-r", "--diff-filter=ACMR", "--name-only", commitHash], cwd);
|
|
21
|
+
}
|
|
22
|
+
function getFileAtCommit(cwd, commitHash, filePath) {
|
|
23
|
+
try {
|
|
24
|
+
return execFileSync("git", ["show", `${commitHash}:${filePath}`], {
|
|
25
|
+
cwd, encoding: "utf-8", timeout: 10000,
|
|
26
|
+
});
|
|
27
|
+
}
|
|
28
|
+
catch {
|
|
29
|
+
return null;
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
function fileExistsAtHead(cwd, filePath) {
|
|
33
|
+
const result = execGit(["cat-file", "-e", `HEAD:${filePath}`], cwd);
|
|
34
|
+
// cat-file -e returns empty on success, error message on failure
|
|
35
|
+
return result === "";
|
|
36
|
+
}
|
|
37
|
+
function getFileAtHead(cwd, filePath) {
|
|
38
|
+
try {
|
|
39
|
+
return execFileSync("git", ["show", `HEAD:${filePath}`], {
|
|
40
|
+
cwd, encoding: "utf-8", timeout: 10000,
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
catch {
|
|
44
|
+
return null;
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
export function scanSecretsHistory(path, maxCommits = 100, format = "markdown") {
|
|
48
|
+
const cwd = resolve(path);
|
|
49
|
+
const commits = getCommitList(cwd, maxCommits);
|
|
50
|
+
if (commits.length === 0) {
|
|
51
|
+
if (format === "json")
|
|
52
|
+
return JSON.stringify({ summary: { total: 0, commits: 0 }, findings: [] });
|
|
53
|
+
return "# GuardVibe Git History Secret Scan\n\nNo git history found.";
|
|
54
|
+
}
|
|
55
|
+
const allFindings = [];
|
|
56
|
+
const seenKeys = new Set();
|
|
57
|
+
// Scan secrets introduced in each commit's changed files
|
|
58
|
+
for (const commit of commits) {
|
|
59
|
+
const changedFiles = getCommitDiff(cwd, commit.hash).trim().split("\n").filter(Boolean);
|
|
60
|
+
for (const file of changedFiles) {
|
|
61
|
+
// Only scan files likely to contain secrets
|
|
62
|
+
if (/\.(png|jpg|gif|ico|woff|ttf|eot|svg|mp4|webm|zip|tar|gz|lock)$/i.test(file))
|
|
63
|
+
continue;
|
|
64
|
+
const content = getFileAtCommit(cwd, commit.hash, file);
|
|
65
|
+
if (!content || content.length > 500_000)
|
|
66
|
+
continue;
|
|
67
|
+
const findings = scanContent(content, file);
|
|
68
|
+
for (const f of findings) {
|
|
69
|
+
const key = `${f.provider}:${file}:${f.match}`;
|
|
70
|
+
if (seenKeys.has(key))
|
|
71
|
+
continue;
|
|
72
|
+
seenKeys.add(key);
|
|
73
|
+
// Check if this secret still exists at HEAD
|
|
74
|
+
const headContent = getFileAtHead(cwd, file);
|
|
75
|
+
const stillPresent = headContent ? headContent.includes(f.match.replace("...", "")) : false;
|
|
76
|
+
allFindings.push({
|
|
77
|
+
...f,
|
|
78
|
+
commit: commit.hash.substring(0, 8),
|
|
79
|
+
commitDate: commit.date,
|
|
80
|
+
author: commit.author,
|
|
81
|
+
status: stillPresent ? "active" : "removed",
|
|
82
|
+
});
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
// Sort: active first, then by severity
|
|
87
|
+
const severityOrder = { critical: 0, high: 1, medium: 2 };
|
|
88
|
+
allFindings.sort((a, b) => {
|
|
89
|
+
if (a.status !== b.status)
|
|
90
|
+
return a.status === "active" ? -1 : 1;
|
|
91
|
+
return (severityOrder[a.severity] ?? 3) - (severityOrder[b.severity] ?? 3);
|
|
92
|
+
});
|
|
93
|
+
const activeCount = allFindings.filter(f => f.status === "active").length;
|
|
94
|
+
const removedCount = allFindings.filter(f => f.status === "removed").length;
|
|
95
|
+
if (format === "json") {
|
|
96
|
+
return JSON.stringify({
|
|
97
|
+
summary: {
|
|
98
|
+
total: allFindings.length,
|
|
99
|
+
active: activeCount,
|
|
100
|
+
removed: removedCount,
|
|
101
|
+
commitsScanned: commits.length,
|
|
102
|
+
critical: allFindings.filter(f => f.severity === "critical").length,
|
|
103
|
+
high: allFindings.filter(f => f.severity === "high").length,
|
|
104
|
+
},
|
|
105
|
+
findings: allFindings.map(f => ({
|
|
106
|
+
provider: f.provider, severity: f.severity, file: f.file,
|
|
107
|
+
line: f.line, match: f.match, fix: f.fix,
|
|
108
|
+
commit: f.commit, commitDate: f.commitDate, author: f.author,
|
|
109
|
+
status: f.status,
|
|
110
|
+
})),
|
|
111
|
+
});
|
|
112
|
+
}
|
|
113
|
+
const lines = [
|
|
114
|
+
`# GuardVibe Git History Secret Scan`,
|
|
115
|
+
``,
|
|
116
|
+
`Commits scanned: ${commits.length}`,
|
|
117
|
+
`Secrets found: ${allFindings.length}`,
|
|
118
|
+
`Active (still in code): ${activeCount}`,
|
|
119
|
+
`Removed (in git history only): ${removedCount}`,
|
|
120
|
+
``,
|
|
121
|
+
];
|
|
122
|
+
if (allFindings.length === 0) {
|
|
123
|
+
lines.push(`No secrets found in git history. Clean!`);
|
|
124
|
+
return lines.join("\n");
|
|
125
|
+
}
|
|
126
|
+
if (activeCount > 0) {
|
|
127
|
+
lines.push(`## Active Secrets (URGENT — still in codebase)`, ``);
|
|
128
|
+
for (const f of allFindings.filter(f => f.status === "active")) {
|
|
129
|
+
lines.push(`### [${f.severity.toUpperCase()}] ${f.provider}`, `**File:** ${f.file}:${f.line}`, `**Match:** \`${f.match}\``, `**Introduced:** ${f.commit} (${f.commitDate.split("T")[0]}) by ${f.author}`, `**Fix:** ${f.fix}`, ``);
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
if (removedCount > 0) {
|
|
133
|
+
lines.push(`## Removed Secrets (still in git history — rotate these!)`, ``);
|
|
134
|
+
lines.push(`> These secrets were removed from the codebase but remain in git history.`);
|
|
135
|
+
lines.push(`> Anyone with repo access can find them. **Rotate all of these immediately.**`, ``);
|
|
136
|
+
for (const f of allFindings.filter(f => f.status === "removed")) {
|
|
137
|
+
lines.push(`- **[${f.severity.toUpperCase()}] ${f.provider}** in \`${f.file}\` — commit ${f.commit} (${f.commitDate.split("T")[0]})`, ` Match: \`${f.match}\` | Fix: ${f.fix}`, ``);
|
|
138
|
+
}
|
|
139
|
+
}
|
|
140
|
+
return lines.join("\n");
|
|
141
|
+
}
|
|
142
|
+
//# sourceMappingURL=scan-secrets-history.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-secrets-history.js","sourceRoot":"","sources":["../../src/tools/scan-secrets-history.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/B,OAAO,EAAE,WAAW,EAAsB,MAAM,mBAAmB,CAAC;AAepE,SAAS,OAAO,CAAC,IAAc,EAAE,GAAW;IAC1C,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,IAAI,EAAE,EAAE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;IAC/E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAW,EAAE,UAAkB;IACpD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,KAAK,EAAE,eAAe,UAAU,EAAE,EAAE,yBAAyB,EAAE,OAAO,CAAC,EAAE,GAAG,CAAC,CAAC;IACtG,OAAO,MAAM,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE;QAC1D,MAAM,CAAC,IAAI,EAAE,IAAI,EAAE,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC;QAC/C,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAChC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa,CAAC,GAAW,EAAE,UAAkB;IACpD,OAAO,OAAO,CAAC,CAAC,WAAW,EAAE,gBAAgB,EAAE,IAAI,EAAE,oBAAoB,EAAE,aAAa,EAAE,UAAU,CAAC,EAAE,GAAG,CAAC,CAAC;AAC9G,CAAC;AAED,SAAS,eAAe,CAAC,GAAW,EAAE,UAAkB,EAAE,QAAgB;IACxE,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,GAAG,UAAU,IAAI,QAAQ,EAAE,CAAC,EAAE;YAChE,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK;SACvC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,gBAAgB,CAAC,GAAW,EAAE,QAAgB;IACrD,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,UAAU,EAAE,IAAI,EAAE,QAAQ,QAAQ,EAAE,CAAC,EAAE,GAAG,CAAC,CAAC;IACpE,iEAAiE;IACjE,OAAO,MAAM,KAAK,EAAE,CAAC;AACvB,CAAC;AAED,SAAS,aAAa,CAAC,GAAW,EAAE,QAAgB;IAClD,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,QAAQ,QAAQ,EAAE,CAAC,EAAE;YACvD,GAAG,EAAE,QAAQ,EAAE,OAAO,EAAE,OAAO,EAAE,KAAK;SACvC,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,MAAM,UAAU,kBAAkB,CAChC,IAAY,EACZ,aAAqB,GAAG,EACxB,SAA8B,UAAU;IAExC,MAAM,GAAG,GAAG,OAAO,CAAC,IAAI,CAAC,CAAC;IAC1B,MAAM,OAAO,GAAG,aAAa,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;IAE/C,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,IAAI,MAAM,KAAK,MAAM;YAAE,OAAO,IAAI,CAAC,SAAS,CAAC,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC,CAAC;QAClG,OAAO,8DAA8D,CAAC;IACxE,CAAC;IAED,MAAM,WAAW,GAA2B,EAAE,CAAC;IAC/C,MAAM,QAAQ,GAAG,IAAI,GAAG,EAAU,CAAC;IAEnC,yDAAyD;IACzD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;QAC7B,MAAM,YAAY,GAAG,aAAa,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAExF,KAAK,MAAM,IAAI,IAAI,YAAY,EAAE,CAAC;YAChC,4CAA4C;YAC5C,IAAI,iEAAiE,CAAC,IAAI,CAAC,IAAI,CAAC;gBAAE,SAAS;YAE3F,MAAM,OAAO,GAAG,eAAe,CAAC,GAAG,EAAE,MAAM,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;YACxD,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,MAAM,GAAG,OAAO;gBAAE,SAAS;YAEnD,MAAM,QAAQ,GAAG,WAAW,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;YAC5C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;gBACzB,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,QAAQ,IAAI,IAAI,IAAI,CAAC,CAAC,KAAK,EAAE,CAAC;gBAC/C,IAAI,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAChC,QAAQ,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;gBAElB,4CAA4C;gBAC5C,MAAM,WAAW,GAAG,aAAa,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;gBAC7C,MAAM,YAAY,GAAG,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC;gBAE5F,WAAW,CAAC,IAAI,CAAC;oBACf,GAAG,CAAC;oBACJ,MAAM,EAAE,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC;oBACnC,UAAU,EAAE,MAAM,CAAC,IAAI;oBACvB,MAAM,EAAE,MAAM,CAAC,MAAM;oBACrB,MAAM,EAAE,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,SAAS;iBAC5C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,uCAAuC;IACvC,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,CAAC;IAClF,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE;QACxB,IAAI,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,MAAM;YAAE,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACjE,OAAO,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC;IAC7E,CAAC,CAAC,CAAC;IAEH,MAAM,WAAW,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IAC1E,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC,MAAM,CAAC;IAE5E,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,IAAI,CAAC,SAAS,CAAC;YACpB,OAAO,EAAE;gBACP,KAAK,EAAE,WAAW,CAAC,MAAM;gBACzB,MAAM,EAAE,WAAW;gBACnB,OAAO,EAAE,YAAY;gBACrB,cAAc,EAAE,OAAO,CAAC,MAAM;gBAC9B,QAAQ,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;gBACnE,IAAI,EAAE,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;aAC5D;YACD,QAAQ,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;gBAC9B,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI;gBACxD,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG;gBACxC,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM;gBAC5D,MAAM,EAAE,CAAC,CAAC,MAAM;aACjB,CAAC,CAAC;SACJ,CAAC,CAAC;IACL,CAAC;IAED,MAAM,KAAK,GAAa;QACtB,qCAAqC;QACrC,EAAE;QACF,oBAAoB,OAAO,CAAC,MAAM,EAAE;QACpC,kBAAkB,WAAW,CAAC,MAAM,EAAE;QACtC,2BAA2B,WAAW,EAAE;QACxC,kCAAkC,YAAY,EAAE;QAChD,EAAE;KACH,CAAC;IAEF,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,KAAK,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;QACtD,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAED,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;QACpB,KAAK,CAAC,IAAI,CAAC,gDAAgD,EAAE,EAAE,CAAC,CAAC;QACjE,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,EAAE,CAAC;YAC/D,KAAK,CAAC,IAAI,CACR,QAAQ,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,QAAQ,EAAE,EACjD,aAAa,CAAC,CAAC,IAAI,IAAI,CAAC,CAAC,IAAI,EAAE,EAC/B,gBAAgB,CAAC,CAAC,KAAK,IAAI,EAC3B,mBAAmB,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,MAAM,EAAE,EAC5E,YAAY,CAAC,CAAC,GAAG,EAAE,EACnB,EAAE,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,KAAK,CAAC,IAAI,CAAC,2DAA2D,EAAE,EAAE,CAAC,CAAC;QAC5E,KAAK,CAAC,IAAI,CAAC,2EAA2E,CAAC,CAAC;QACxF,KAAK,CAAC,IAAI,CAAC,+EAA+E,EAAE,EAAE,CAAC,CAAC;QAChG,KAAK,MAAM,CAAC,IAAI,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,EAAE,CAAC;YAChE,KAAK,CAAC,IAAI,CACR,QAAQ,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,CAAC,CAAC,QAAQ,WAAW,CAAC,CAAC,IAAI,eAAe,CAAC,CAAC,MAAM,KAAK,CAAC,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,GAAG,EACzH,cAAc,CAAC,CAAC,KAAK,aAAa,CAAC,CAAC,GAAG,EAAE,EACzC,EAAE,CACH,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Basic taint analysis — tracks user input flowing into dangerous sinks.
|
|
3
|
+
* Not a full AST/CFG analysis, but follows variable assignments through lines.
|
|
4
|
+
*/
|
|
5
|
+
export interface TaintFinding {
|
|
6
|
+
source: {
|
|
7
|
+
type: string;
|
|
8
|
+
line: number;
|
|
9
|
+
variable: string;
|
|
10
|
+
};
|
|
11
|
+
sink: {
|
|
12
|
+
type: string;
|
|
13
|
+
line: number;
|
|
14
|
+
code: string;
|
|
15
|
+
};
|
|
16
|
+
chain: string[];
|
|
17
|
+
severity: "critical" | "high" | "medium";
|
|
18
|
+
description: string;
|
|
19
|
+
fix: string;
|
|
20
|
+
}
|
|
21
|
+
export declare function analyzeTaint(code: string, language: string): TaintFinding[];
|
|
22
|
+
export declare function formatTaintFindings(findings: TaintFinding[], format: "markdown" | "json"): string;
|
|
23
|
+
//# sourceMappingURL=taint-analysis.d.ts.map
|