kastell 2.1.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.claude-plugin/marketplace.json +18 -0
- package/.claude-plugin/plugin.json +39 -0
- package/CHANGELOG.md +1266 -1216
- package/LICENSE +201 -201
- package/NOTICE +5 -5
- package/README.md +1 -1
- package/README.tr.md +1 -1
- package/bin/kastell +2 -2
- package/bin/kastell-mcp +5 -5
- package/dist/adapters/coolify.js +92 -92
- package/dist/adapters/dokploy.js +99 -99
- package/dist/adapters/shared.d.ts.map +1 -1
- package/dist/adapters/shared.js +4 -2
- package/dist/adapters/shared.js.map +1 -1
- package/dist/commands/add.d.ts.map +1 -1
- package/dist/commands/add.js +6 -9
- package/dist/commands/add.js.map +1 -1
- package/dist/commands/auth.d.ts.map +1 -1
- package/dist/commands/auth.js +12 -12
- package/dist/commands/auth.js.map +1 -1
- package/dist/commands/doctor.d.ts +1 -0
- package/dist/commands/doctor.d.ts.map +1 -1
- package/dist/commands/doctor.js +23 -8
- package/dist/commands/doctor.js.map +1 -1
- package/dist/commands/evidence.d.ts.map +1 -1
- package/dist/commands/evidence.js +8 -9
- package/dist/commands/evidence.js.map +1 -1
- package/dist/commands/fix.d.ts +1 -0
- package/dist/commands/fix.d.ts.map +1 -1
- package/dist/commands/fix.js +24 -5
- package/dist/commands/fix.js.map +1 -1
- package/dist/commands/init.d.ts.map +1 -1
- package/dist/commands/init.js +4 -7
- package/dist/commands/init.js.map +1 -1
- package/dist/commands/interactive/backup-maintenance.d.ts +8 -0
- package/dist/commands/interactive/backup-maintenance.d.ts.map +1 -0
- package/dist/commands/interactive/backup-maintenance.js +120 -0
- package/dist/commands/interactive/backup-maintenance.js.map +1 -0
- package/dist/commands/interactive/index.d.ts +4 -0
- package/dist/commands/interactive/index.d.ts.map +1 -0
- package/dist/commands/interactive/index.js +94 -0
- package/dist/commands/interactive/index.js.map +1 -0
- package/dist/commands/interactive/menu.d.ts +23 -0
- package/dist/commands/interactive/menu.d.ts.map +1 -0
- package/dist/commands/interactive/menu.js +121 -0
- package/dist/commands/interactive/menu.js.map +1 -0
- package/dist/commands/interactive/monitoring.d.ts +5 -0
- package/dist/commands/interactive/monitoring.d.ts.map +1 -0
- package/dist/commands/interactive/monitoring.js +96 -0
- package/dist/commands/interactive/monitoring.js.map +1 -0
- package/dist/commands/interactive/plugins.d.ts +2 -0
- package/dist/commands/interactive/plugins.d.ts.map +1 -0
- package/dist/commands/interactive/plugins.js +30 -0
- package/dist/commands/interactive/plugins.js.map +1 -0
- package/dist/commands/interactive/security.d.ts +9 -0
- package/dist/commands/interactive/security.d.ts.map +1 -0
- package/dist/commands/interactive/security.js +535 -0
- package/dist/commands/interactive/security.js.map +1 -0
- package/dist/commands/interactive/server-management.d.ts +5 -0
- package/dist/commands/interactive/server-management.d.ts.map +1 -0
- package/dist/commands/interactive/server-management.js +79 -0
- package/dist/commands/interactive/server-management.js.map +1 -0
- package/dist/commands/interactive/shared.d.ts +12 -0
- package/dist/commands/interactive/shared.d.ts.map +1 -0
- package/dist/commands/interactive/shared.js +30 -0
- package/dist/commands/interactive/shared.js.map +1 -0
- package/dist/commands/interactive.d.ts.map +1 -1
- package/dist/commands/interactive.js +29 -0
- package/dist/commands/interactive.js.map +1 -1
- package/dist/commands/lock.js +1 -1
- package/dist/commands/lock.js.map +1 -1
- package/dist/commands/plugin.d.ts +8 -0
- package/dist/commands/plugin.d.ts.map +1 -0
- package/dist/commands/plugin.js +87 -0
- package/dist/commands/plugin.js.map +1 -0
- package/dist/commands/regression.d.ts.map +1 -1
- package/dist/commands/regression.js +1 -2
- package/dist/commands/regression.js.map +1 -1
- package/dist/commands/restart.d.ts.map +1 -1
- package/dist/commands/restart.js +3 -2
- package/dist/commands/restart.js.map +1 -1
- package/dist/commands/schedule.js +2 -2
- package/dist/commands/schedule.js.map +1 -1
- package/dist/core/audit/checkIds.d.ts +516 -0
- package/dist/core/audit/checkIds.d.ts.map +1 -0
- package/dist/core/audit/checkIds.js +515 -0
- package/dist/core/audit/checkIds.js.map +1 -0
- package/dist/core/audit/checks/accounts.d.ts.map +1 -1
- package/dist/core/audit/checks/accounts.js +23 -22
- package/dist/core/audit/checks/accounts.js.map +1 -1
- package/dist/core/audit/checks/auth.d.ts.map +1 -1
- package/dist/core/audit/checks/auth.js +23 -22
- package/dist/core/audit/checks/auth.js.map +1 -1
- package/dist/core/audit/checks/backup.d.ts.map +1 -1
- package/dist/core/audit/checks/backup.js +9 -8
- package/dist/core/audit/checks/backup.js.map +1 -1
- package/dist/core/audit/checks/banners.d.ts.map +1 -1
- package/dist/core/audit/checks/banners.js +7 -6
- package/dist/core/audit/checks/banners.js.map +1 -1
- package/dist/core/audit/checks/boot.d.ts.map +1 -1
- package/dist/core/audit/checks/boot.js +12 -11
- package/dist/core/audit/checks/boot.js.map +1 -1
- package/dist/core/audit/checks/cloudmeta.d.ts.map +1 -1
- package/dist/core/audit/checks/cloudmeta.js +7 -6
- package/dist/core/audit/checks/cloudmeta.js.map +1 -1
- package/dist/core/audit/checks/crypto.d.ts +0 -5
- package/dist/core/audit/checks/crypto.d.ts.map +1 -1
- package/dist/core/audit/checks/crypto.js +20 -19
- package/dist/core/audit/checks/crypto.js.map +1 -1
- package/dist/core/audit/checks/ddos.d.ts.map +1 -1
- package/dist/core/audit/checks/ddos.js +9 -8
- package/dist/core/audit/checks/ddos.js.map +1 -1
- package/dist/core/audit/checks/dns.d.ts.map +1 -1
- package/dist/core/audit/checks/dns.js +9 -8
- package/dist/core/audit/checks/dns.js.map +1 -1
- package/dist/core/audit/checks/docker.d.ts.map +1 -1
- package/dist/core/audit/checks/docker.js +65 -64
- package/dist/core/audit/checks/docker.js.map +1 -1
- package/dist/core/audit/checks/fileintegrity.d.ts.map +1 -1
- package/dist/core/audit/checks/fileintegrity.js +11 -10
- package/dist/core/audit/checks/fileintegrity.js.map +1 -1
- package/dist/core/audit/checks/filesystem.d.ts.map +1 -1
- package/dist/core/audit/checks/filesystem.js +21 -20
- package/dist/core/audit/checks/filesystem.js.map +1 -1
- package/dist/core/audit/checks/firewall.d.ts.map +1 -1
- package/dist/core/audit/checks/firewall.js +18 -17
- package/dist/core/audit/checks/firewall.js.map +1 -1
- package/dist/core/audit/checks/httpHeaders.d.ts.map +1 -1
- package/dist/core/audit/checks/httpHeaders.js +7 -6
- package/dist/core/audit/checks/httpHeaders.js.map +1 -1
- package/dist/core/audit/checks/incidentready.d.ts.map +1 -1
- package/dist/core/audit/checks/incidentready.js +13 -12
- package/dist/core/audit/checks/incidentready.js.map +1 -1
- package/dist/core/audit/checks/kernel.d.ts.map +1 -1
- package/dist/core/audit/checks/kernel.js +32 -31
- package/dist/core/audit/checks/kernel.js.map +1 -1
- package/dist/core/audit/checks/logging.d.ts.map +1 -1
- package/dist/core/audit/checks/logging.js +21 -20
- package/dist/core/audit/checks/logging.js.map +1 -1
- package/dist/core/audit/checks/mac.d.ts.map +1 -1
- package/dist/core/audit/checks/mac.js +11 -10
- package/dist/core/audit/checks/mac.js.map +1 -1
- package/dist/core/audit/checks/malware.d.ts.map +1 -1
- package/dist/core/audit/checks/malware.js +12 -11
- package/dist/core/audit/checks/malware.js.map +1 -1
- package/dist/core/audit/checks/memory.d.ts.map +1 -1
- package/dist/core/audit/checks/memory.js +12 -11
- package/dist/core/audit/checks/memory.js.map +1 -1
- package/dist/core/audit/checks/network.d.ts.map +1 -1
- package/dist/core/audit/checks/network.js +22 -21
- package/dist/core/audit/checks/network.js.map +1 -1
- package/dist/core/audit/checks/nginx.d.ts.map +1 -1
- package/dist/core/audit/checks/nginx.js +17 -16
- package/dist/core/audit/checks/nginx.js.map +1 -1
- package/dist/core/audit/checks/resourcelimits.d.ts.map +1 -1
- package/dist/core/audit/checks/resourcelimits.js +9 -8
- package/dist/core/audit/checks/resourcelimits.js.map +1 -1
- package/dist/core/audit/checks/scheduling.d.ts.map +1 -1
- package/dist/core/audit/checks/scheduling.js +13 -12
- package/dist/core/audit/checks/scheduling.js.map +1 -1
- package/dist/core/audit/checks/secrets.d.ts.map +1 -1
- package/dist/core/audit/checks/secrets.js +16 -15
- package/dist/core/audit/checks/secrets.js.map +1 -1
- package/dist/core/audit/checks/services.d.ts.map +1 -1
- package/dist/core/audit/checks/services.js +26 -25
- package/dist/core/audit/checks/services.js.map +1 -1
- package/dist/core/audit/checks/ssh.d.ts.map +1 -1
- package/dist/core/audit/checks/ssh.js +23 -22
- package/dist/core/audit/checks/ssh.js.map +1 -1
- package/dist/core/audit/checks/supplychain.d.ts.map +1 -1
- package/dist/core/audit/checks/supplychain.js +13 -12
- package/dist/core/audit/checks/supplychain.js.map +1 -1
- package/dist/core/audit/checks/time.d.ts.map +1 -1
- package/dist/core/audit/checks/time.js +10 -9
- package/dist/core/audit/checks/time.js.map +1 -1
- package/dist/core/audit/checks/tls.d.ts.map +1 -1
- package/dist/core/audit/checks/tls.js +9 -8
- package/dist/core/audit/checks/tls.js.map +1 -1
- package/dist/core/audit/checks/updates.d.ts.map +1 -1
- package/dist/core/audit/checks/updates.js +12 -11
- package/dist/core/audit/checks/updates.js.map +1 -1
- package/dist/core/audit/compliance/categories/index.d.ts +3 -0
- package/dist/core/audit/compliance/categories/index.d.ts.map +1 -0
- package/dist/core/audit/compliance/categories/index.js +737 -0
- package/dist/core/audit/compliance/categories/index.js.map +1 -0
- package/dist/core/audit/compliance/helpers.d.ts +17 -0
- package/dist/core/audit/compliance/helpers.d.ts.map +1 -0
- package/dist/core/audit/compliance/helpers.js +40 -0
- package/dist/core/audit/compliance/helpers.js.map +1 -0
- package/dist/core/audit/compliance/mapper.d.ts +4 -16
- package/dist/core/audit/compliance/mapper.d.ts.map +1 -1
- package/dist/core/audit/compliance/mapper.js +3 -776
- package/dist/core/audit/compliance/mapper.js.map +1 -1
- package/dist/core/audit/fix-history.d.ts +16 -7
- package/dist/core/audit/fix-history.d.ts.map +1 -1
- package/dist/core/audit/fix-history.js +25 -2
- package/dist/core/audit/fix-history.js.map +1 -1
- package/dist/core/audit/fix.d.ts +17 -2
- package/dist/core/audit/fix.d.ts.map +1 -1
- package/dist/core/audit/fix.js +115 -42
- package/dist/core/audit/fix.js.map +1 -1
- package/dist/core/audit/formatters/badge.js +20 -20
- package/dist/core/audit/index.d.ts.map +1 -1
- package/dist/core/audit/index.js +3 -2
- package/dist/core/audit/index.js.map +1 -1
- package/dist/core/audit/snapshot.d.ts.map +1 -1
- package/dist/core/audit/snapshot.js +6 -2
- package/dist/core/audit/snapshot.js.map +1 -1
- package/dist/core/audit/types.d.ts +11 -1
- package/dist/core/audit/types.d.ts.map +1 -1
- package/dist/core/audit/watch.d.ts.map +1 -1
- package/dist/core/audit/watch.js +3 -2
- package/dist/core/audit/watch.js.map +1 -1
- package/dist/core/backup.d.ts.map +1 -1
- package/dist/core/backup.js +10 -5
- package/dist/core/backup.js.map +1 -1
- package/dist/core/bot/handlers.d.ts.map +1 -1
- package/dist/core/bot/handlers.js +2 -17
- package/dist/core/bot/handlers.js.map +1 -1
- package/dist/core/completions.d.ts.map +1 -1
- package/dist/core/completions.js +632 -610
- package/dist/core/completions.js.map +1 -1
- package/dist/core/deploy.d.ts.map +1 -1
- package/dist/core/deploy.js +7 -4
- package/dist/core/deploy.js.map +1 -1
- package/dist/core/doctor-fix.d.ts +1 -1
- package/dist/core/doctor-fix.d.ts.map +1 -1
- package/dist/core/doctor-fix.js +17 -2
- package/dist/core/doctor-fix.js.map +1 -1
- package/dist/core/doctor.d.ts.map +1 -1
- package/dist/core/doctor.js +2 -1
- package/dist/core/doctor.js.map +1 -1
- package/dist/core/firewall.d.ts +0 -1
- package/dist/core/firewall.d.ts.map +1 -1
- package/dist/core/firewall.js +2 -13
- package/dist/core/firewall.js.map +1 -1
- package/dist/core/lock/auth.d.ts +7 -0
- package/dist/core/lock/auth.d.ts.map +1 -0
- package/dist/core/lock/auth.js +59 -0
- package/dist/core/lock/auth.js.map +1 -0
- package/dist/core/lock/docker.d.ts +4 -0
- package/dist/core/lock/docker.d.ts.map +1 -0
- package/dist/core/lock/docker.js +28 -0
- package/dist/core/lock/docker.js.map +1 -0
- package/dist/core/lock/index.d.ts +11 -0
- package/dist/core/lock/index.d.ts.map +1 -0
- package/dist/core/lock/index.js +247 -0
- package/dist/core/lock/index.js.map +1 -0
- package/dist/core/lock/monitoring.d.ts +4 -0
- package/dist/core/lock/monitoring.d.ts.map +1 -0
- package/dist/core/lock/monitoring.js +55 -0
- package/dist/core/lock/monitoring.js.map +1 -0
- package/dist/core/lock/network.d.ts +6 -0
- package/dist/core/lock/network.d.ts.map +1 -0
- package/dist/core/lock/network.js +59 -0
- package/dist/core/lock/network.js.map +1 -0
- package/dist/core/lock/ssh.d.ts +5 -0
- package/dist/core/lock/ssh.d.ts.map +1 -0
- package/dist/core/lock/ssh.js +49 -0
- package/dist/core/lock/ssh.js.map +1 -0
- package/dist/core/lock/system.d.ts +9 -0
- package/dist/core/lock/system.d.ts.map +1 -0
- package/dist/core/lock/system.js +80 -0
- package/dist/core/lock/system.js.map +1 -0
- package/dist/core/lock/types.d.ts +41 -0
- package/dist/core/lock/types.d.ts.map +1 -0
- package/dist/core/lock/types.js +2 -0
- package/dist/core/lock/types.js.map +1 -0
- package/dist/core/maintain.d.ts.map +1 -1
- package/dist/core/maintain.js +3 -1
- package/dist/core/maintain.js.map +1 -1
- package/dist/core/manage.d.ts.map +1 -1
- package/dist/core/manage.js +7 -4
- package/dist/core/manage.js.map +1 -1
- package/dist/core/notify.d.ts.map +1 -1
- package/dist/core/notify.js +2 -1
- package/dist/core/notify.js.map +1 -1
- package/dist/core/notifyStore.d.ts.map +1 -1
- package/dist/core/notifyStore.js +3 -1
- package/dist/core/notifyStore.js.map +1 -1
- package/dist/core/plugin.d.ts +23 -0
- package/dist/core/plugin.d.ts.map +1 -0
- package/dist/core/plugin.js +107 -0
- package/dist/core/plugin.js.map +1 -0
- package/dist/core/provision.d.ts.map +1 -1
- package/dist/core/provision.js +9 -4
- package/dist/core/provision.js.map +1 -1
- package/dist/core/scheduleManager.d.ts +2 -1
- package/dist/core/scheduleManager.d.ts.map +1 -1
- package/dist/core/scheduleManager.js +13 -7
- package/dist/core/scheduleManager.js.map +1 -1
- package/dist/index.js +34 -2
- package/dist/index.js.map +1 -1
- package/dist/mcp/index.js +5 -9
- package/dist/mcp/index.js.map +1 -1
- package/dist/mcp/schemas/audit.d.ts +34 -0
- package/dist/mcp/schemas/audit.d.ts.map +1 -0
- package/dist/mcp/schemas/audit.js +23 -0
- package/dist/mcp/schemas/audit.js.map +1 -0
- package/dist/mcp/schemas/common.d.ts +16 -0
- package/dist/mcp/schemas/common.d.ts.map +1 -0
- package/dist/mcp/schemas/common.js +14 -0
- package/dist/mcp/schemas/common.js.map +1 -0
- package/dist/mcp/schemas/health.d.ts +14 -0
- package/dist/mcp/schemas/health.d.ts.map +1 -0
- package/dist/mcp/schemas/health.js +13 -0
- package/dist/mcp/schemas/health.js.map +1 -0
- package/dist/mcp/schemas/index.d.ts +5 -0
- package/dist/mcp/schemas/index.d.ts.map +1 -0
- package/dist/mcp/schemas/index.js +5 -0
- package/dist/mcp/schemas/index.js.map +1 -0
- package/dist/mcp/schemas/server.d.ts +18 -0
- package/dist/mcp/schemas/server.d.ts.map +1 -0
- package/dist/mcp/schemas/server.js +16 -0
- package/dist/mcp/schemas/server.js.map +1 -0
- package/dist/mcp/server.d.ts.map +1 -1
- package/dist/mcp/server.js +71 -40
- package/dist/mcp/server.js.map +1 -1
- package/dist/mcp/tools/serverAudit.d.ts +63 -1
- package/dist/mcp/tools/serverAudit.d.ts.map +1 -1
- package/dist/mcp/tools/serverAudit.js +63 -6
- package/dist/mcp/tools/serverAudit.js.map +1 -1
- package/dist/mcp/tools/serverBackup.d.ts +100 -2
- package/dist/mcp/tools/serverBackup.d.ts.map +1 -1
- package/dist/mcp/tools/serverBackup.handlers.d.ts.map +1 -1
- package/dist/mcp/tools/serverBackup.handlers.js +9 -0
- package/dist/mcp/tools/serverBackup.handlers.js.map +1 -1
- package/dist/mcp/tools/serverBackup.js +74 -0
- package/dist/mcp/tools/serverBackup.js.map +1 -1
- package/dist/mcp/tools/serverCompare.d.ts +33 -0
- package/dist/mcp/tools/serverCompare.d.ts.map +1 -1
- package/dist/mcp/tools/serverCompare.js +45 -2
- package/dist/mcp/tools/serverCompare.js.map +1 -1
- package/dist/mcp/tools/serverDoctor.d.ts +14 -0
- package/dist/mcp/tools/serverDoctor.d.ts.map +1 -1
- package/dist/mcp/tools/serverDoctor.js +16 -1
- package/dist/mcp/tools/serverDoctor.js.map +1 -1
- package/dist/mcp/tools/serverEvidence.d.ts +13 -0
- package/dist/mcp/tools/serverEvidence.d.ts.map +1 -1
- package/dist/mcp/tools/serverEvidence.js +17 -2
- package/dist/mcp/tools/serverEvidence.js.map +1 -1
- package/dist/mcp/tools/serverExplain.d.ts +17 -0
- package/dist/mcp/tools/serverExplain.d.ts.map +1 -1
- package/dist/mcp/tools/serverExplain.js +33 -1
- package/dist/mcp/tools/serverExplain.js.map +1 -1
- package/dist/mcp/tools/serverFix.d.ts +78 -0
- package/dist/mcp/tools/serverFix.d.ts.map +1 -1
- package/dist/mcp/tools/serverFix.js +87 -0
- package/dist/mcp/tools/serverFix.js.map +1 -1
- package/dist/mcp/tools/serverFleet.d.ts +24 -1
- package/dist/mcp/tools/serverFleet.d.ts.map +1 -1
- package/dist/mcp/tools/serverFleet.js +24 -1
- package/dist/mcp/tools/serverFleet.js.map +1 -1
- package/dist/mcp/tools/serverGuard.d.ts +12 -0
- package/dist/mcp/tools/serverGuard.d.ts.map +1 -1
- package/dist/mcp/tools/serverGuard.js +16 -0
- package/dist/mcp/tools/serverGuard.js.map +1 -1
- package/dist/mcp/tools/serverInfo.d.ts +77 -1
- package/dist/mcp/tools/serverInfo.d.ts.map +1 -1
- package/dist/mcp/tools/serverInfo.js +77 -4
- package/dist/mcp/tools/serverInfo.js.map +1 -1
- package/dist/mcp/tools/serverLock.d.ts +10 -0
- package/dist/mcp/tools/serverLock.d.ts.map +1 -1
- package/dist/mcp/tools/serverLock.js +15 -3
- package/dist/mcp/tools/serverLock.js.map +1 -1
- package/dist/mcp/tools/serverLogs.d.ts +43 -0
- package/dist/mcp/tools/serverLogs.d.ts.map +1 -1
- package/dist/mcp/tools/serverLogs.js +28 -0
- package/dist/mcp/tools/serverLogs.js.map +1 -1
- package/dist/mcp/tools/serverMaintain.d.ts +47 -0
- package/dist/mcp/tools/serverMaintain.d.ts.map +1 -1
- package/dist/mcp/tools/serverMaintain.js +75 -41
- package/dist/mcp/tools/serverMaintain.js.map +1 -1
- package/dist/mcp/tools/serverManage.d.ts +50 -0
- package/dist/mcp/tools/serverManage.d.ts.map +1 -1
- package/dist/mcp/tools/serverManage.js +49 -0
- package/dist/mcp/tools/serverManage.js.map +1 -1
- package/dist/mcp/tools/serverPlugin.d.ts +30 -0
- package/dist/mcp/tools/serverPlugin.d.ts.map +1 -0
- package/dist/mcp/tools/serverPlugin.js +47 -0
- package/dist/mcp/tools/serverPlugin.js.map +1 -0
- package/dist/mcp/tools/serverProvision.d.ts +22 -0
- package/dist/mcp/tools/serverProvision.d.ts.map +1 -1
- package/dist/mcp/tools/serverProvision.js +22 -2
- package/dist/mcp/tools/serverProvision.js.map +1 -1
- package/dist/mcp/tools/serverSecure.d.ts +120 -0
- package/dist/mcp/tools/serverSecure.d.ts.map +1 -1
- package/dist/mcp/tools/serverSecure.handlers.d.ts.map +1 -1
- package/dist/mcp/tools/serverSecure.handlers.js +39 -98
- package/dist/mcp/tools/serverSecure.handlers.js.map +1 -1
- package/dist/mcp/tools/serverSecure.js +101 -0
- package/dist/mcp/tools/serverSecure.js.map +1 -1
- package/dist/mcp/utils.d.ts +1 -0
- package/dist/mcp/utils.d.ts.map +1 -1
- package/dist/mcp/utils.js +5 -1
- package/dist/mcp/utils.js.map +1 -1
- package/dist/plugin/loader.d.ts +10 -0
- package/dist/plugin/loader.d.ts.map +1 -0
- package/dist/plugin/loader.js +88 -0
- package/dist/plugin/loader.js.map +1 -0
- package/dist/plugin/registry.d.ts +16 -0
- package/dist/plugin/registry.d.ts.map +1 -0
- package/dist/plugin/registry.js +101 -0
- package/dist/plugin/registry.js.map +1 -0
- package/dist/plugin/sdk/constants.d.ts +3 -0
- package/dist/plugin/sdk/constants.d.ts.map +1 -0
- package/dist/plugin/sdk/constants.js +3 -0
- package/dist/plugin/sdk/constants.js.map +1 -0
- package/dist/plugin/sdk/types.d.ts +29 -0
- package/dist/plugin/sdk/types.d.ts.map +1 -0
- package/dist/plugin/sdk/types.js +2 -0
- package/dist/plugin/sdk/types.js.map +1 -0
- package/dist/plugin/validate.d.ts +3 -0
- package/dist/plugin/validate.d.ts.map +1 -0
- package/dist/plugin/validate.js +31 -0
- package/dist/plugin/validate.js.map +1 -0
- package/dist/providers/base.d.ts.map +1 -1
- package/dist/providers/base.js +2 -1
- package/dist/providers/base.js.map +1 -1
- package/dist/providers/linode.d.ts +1 -0
- package/dist/providers/linode.d.ts.map +1 -1
- package/dist/providers/linode.js +4 -0
- package/dist/providers/linode.js.map +1 -1
- package/dist/utils/cloudInit.js +58 -58
- package/dist/utils/config.d.ts +3 -0
- package/dist/utils/config.d.ts.map +1 -1
- package/dist/utils/config.js +11 -6
- package/dist/utils/config.js.map +1 -1
- package/dist/utils/encryption.d.ts.map +1 -1
- package/dist/utils/encryption.js +4 -1
- package/dist/utils/encryption.js.map +1 -1
- package/dist/utils/errorMapper.d.ts.map +1 -1
- package/dist/utils/errorMapper.js +2 -1
- package/dist/utils/errorMapper.js.map +1 -1
- package/dist/utils/errors.d.ts +1 -0
- package/dist/utils/errors.d.ts.map +1 -1
- package/dist/utils/errors.js +3 -0
- package/dist/utils/errors.js.map +1 -1
- package/dist/utils/migration.d.ts.map +1 -1
- package/dist/utils/migration.js +25 -14
- package/dist/utils/migration.js.map +1 -1
- package/dist/utils/paths.d.ts +4 -0
- package/dist/utils/paths.d.ts.map +1 -1
- package/dist/utils/paths.js +4 -0
- package/dist/utils/paths.js.map +1 -1
- package/dist/utils/safeMode.d.ts.map +1 -1
- package/dist/utils/safeMode.js +3 -2
- package/dist/utils/safeMode.js.map +1 -1
- package/dist/utils/secureWrite.d.ts.map +1 -1
- package/dist/utils/secureWrite.js +2 -1
- package/dist/utils/secureWrite.js.map +1 -1
- package/dist/utils/securityLogger.d.ts.map +1 -1
- package/dist/utils/securityLogger.js +7 -3
- package/dist/utils/securityLogger.js.map +1 -1
- package/dist/utils/version.d.ts +4 -0
- package/dist/utils/version.d.ts.map +1 -0
- package/dist/utils/version.js +22 -0
- package/dist/utils/version.js.map +1 -0
- package/dist/utils/yamlConfig.d.ts.map +1 -1
- package/dist/utils/yamlConfig.js +3 -2
- package/dist/utils/yamlConfig.js.map +1 -1
- package/kastell-plugin/.claude-plugin/plugin.json +20 -0
- package/kastell-plugin/.mcp.json +8 -0
- package/kastell-plugin/README.md +113 -0
- package/kastell-plugin/agents/.gitkeep +0 -0
- package/kastell-plugin/agents/kastell-auditor.md +77 -0
- package/kastell-plugin/agents/scripts/bucket_mapper.sh +101 -0
- package/kastell-plugin/agents/scripts/trend_report.sh +91 -0
- package/kastell-plugin/hooks/destroy-block.cjs +31 -0
- package/kastell-plugin/hooks/hooks.json +57 -0
- package/kastell-plugin/hooks/pre-commit-audit-guard.cjs +75 -0
- package/kastell-plugin/hooks/session-audit.cjs +86 -0
- package/kastell-plugin/hooks/session-log.cjs +56 -0
- package/kastell-plugin/hooks/stop-quality-check.cjs +72 -0
- package/kastell-plugin/skills/.gitkeep +0 -0
- package/kastell-plugin/skills/kastell-careful/SKILL.md +64 -0
- package/kastell-plugin/skills/kastell-ops/SKILL.md +139 -0
- package/kastell-plugin/skills/kastell-ops/references/commands.md +45 -0
- package/kastell-plugin/skills/kastell-ops/references/mcp-tools.md +50 -0
- package/kastell-plugin/skills/kastell-ops/references/patterns.md +145 -0
- package/kastell-plugin/skills/kastell-ops/references/pitfalls.md +136 -0
- package/kastell-plugin/skills/kastell-ops/scripts/check_coverage.sh +101 -0
- package/kastell-plugin/skills/kastell-ops/scripts/fleet_report.sh +73 -0
- package/kastell-plugin/skills/kastell-ops/scripts/parse_audit.sh +76 -0
- package/kastell-plugin/skills/kastell-research/SKILL.md +90 -0
- package/kastell-plugin/skills/kastell-scaffold/SKILL.md +104 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-audit-check.md +150 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-command.md +80 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-mcp-tool.md +72 -0
- package/kastell-plugin/skills/kastell-scaffold/references/template-provider.md +67 -0
- package/kastell-plugin/skills/kastell-scaffold/scripts/scaffold.sh +180 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/check-test.ts.tpl +27 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/check.ts.tpl +50 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/command-core.ts.tpl +18 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/command-test.ts.tpl +17 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/command.ts.tpl +25 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/mcp-tool-test.ts.tpl +30 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/mcp-tool.ts.tpl +29 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/provider-test.ts.tpl +34 -0
- package/kastell-plugin/skills/kastell-scaffold/templates/provider.ts.tpl +32 -0
- package/package.json +122 -113
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"backup.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/backup.ts"],"names":[],"mappings":"AAAA;;;;GAIG;
|
|
1
|
+
{"version":3,"file":"backup.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/backup.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAa3C,MAAM,aAAa,GAAqB;IACtC;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,oBAAoB;QACzC,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,EAAE,CAAC;gBAC5C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,iDAAiD,EAAE,CAAC;YAC3F,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE,CAAC;gBAC9C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,mDAAmD,EAAE,CAAC;YAC9F,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,qCAAqC,EAAE,CAAC;QAChF,CAAC;QACD,aAAa,EAAE,uEAAuE;QACtF,UAAU,EAAE,yHAAyH;QACrI,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,6MAA6M;KAChN;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,yBAAyB;QAC9C,IAAI,EAAE,0CAA0C;QAChD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2CAA2C;YAC3C,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,qCAAqC,CAAC,CAAC;YAClE,IAAI,CAAC,KAAK,EAAE,CAAC;gBACX,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2CAA2C,EAAE,CAAC;YACtF,CAAC;YACD,MAAM,CAAC,EAAE,IAAI,EAAE,KAAK,CAAC,GAAG,KAAK,CAAC;YAC9B,mCAAmC;YACnC,MAAM,MAAM,GAAG,IAAI,KAAK,KAAK,IAAI,IAAI,KAAK,KAAK,CAAC;YAChD,MAAM,OAAO,GAAG,KAAK,KAAK,MAAM,CAAC;YACjC,MAAM,MAAM,GAAG,MAAM,IAAI,OAAO,CAAC;YACjC,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,iBAAiB,IAAI,aAAa,KAAK,eAAe;oBACxD,CAAC,CAAC,iBAAiB,IAAI,aAAa,KAAK,kCAAkC;aAC9E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,wDAAwD;QACvE,UAAU,EAAE,gFAAgF;QAC5F,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,gMAAgM;KACnM;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,mBAAmB;QACxC,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,wBAAwB,CAAC,EAAE,CAAC;gBAC9C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,uCAAuC,EAAE,CAAC;YACjF,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,8BAA8B,CAAC,EAAE,CAAC;gBACpD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,qCAAqC,EAAE,CAAC;YAChF,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iDAAiD,EAAE,CAAC;QAC5F,CAAC;QACD,aAAa,EAAE,2DAA2D;QAC1E,UAAU,EAAE,8EAA8E;QAC1F,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wKAAwK;KAC3K;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,qBAAqB;QAC1C,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;YAC1D,IAAI,KAAK,EAAE,CAAC;gBACV,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,0BAA0B,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC;YAC9E,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAC,EAAE,CAAC;gBACjD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8CAA8C,EAAE,CAAC;YACzF,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8CAA8C,EAAE,CAAC;QACzF,CAAC;QACD,aAAa,EAAE,qDAAqD;QACpE,UAAU,EAAE,kDAAkD;QAC9D,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,+MAA+M;KAClN;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,eAAe;QACpC,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,uBAAuB,CAAC,EAAE,CAAC;gBAC7C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,uBAAuB,EAAE,CAAC;YACjE,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAC,EAAE,CAAC;gBACjD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,+BAA+B,EAAE,CAAC;YAC1E,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;QAC7F,CAAC;QACD,aAAa,EAAE,iEAAiE;QAChF,UAAU,EAAE,sFAAsF;QAClG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,wKAAwK;KAC3K;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,kBAAkB;QACvC,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAC1C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,qBAAqB,EAAE,CAAC;YAC/D,CAAC;YACD,IAAI,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EAAE,CAAC;gBAC3C,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,kCAAkC,EAAE,CAAC;YAC7E,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,6CAA6C,EAAE,CAAC;QACxF,CAAC;QACD,aAAa,EAAE,wCAAwC;QACvD,UAAU,EAAE,6EAA6E;QACzF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,qMAAqM;KACxM;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,sBAAsB;QAC3C,IAAI,EAAE,4BAA4B;QAClC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,6DAA6D;YAC7D,MAAM,YAAY,GAAG,MAAM,KAAK,MAAM,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC;YAC7F,MAAM,MAAM,GAAG,MAAM,CAAC,IAAI,EAAE,KAAK,MAAM,CAAC;YACxC,qFAAqF;YACrF,OAAO;gBACL,MAAM,EAAE,YAAY,IAAI,MAAM;gBAC9B,YAAY,EAAE,YAAY;oBACxB,CAAC,CAAC,gEAAgE;oBAClE,CAAC,CAAC,kEAAkE;aACvE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,gFAAgF;QAC5F,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,kFAAkF;KACrF;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,0BAA0B;QAC/C,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,6DAA6D;YAC7D,MAAM,UAAU,GAAG,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;YACtD,MAAM,QAAQ,GAAG,CAAC,UAAU,IAAI,CAC9B,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CACjF,CAAC;YACF,OAAO;gBACL,MAAM,EAAE,QAAQ;gBAChB,YAAY,EAAE,QAAQ;oBACpB,CAAC,CAAC,yDAAyD;oBAC3D,CAAC,CAAC,8CAA8C;aACnD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,qDAAqD;QACpE,UAAU,EAAE,2DAA2D;QACvE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,6GAA6G;KAChH;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAgB,CAC5C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC/B,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,gBAAgB;gBAC1B,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,gBAAgB;YAC1B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"banners.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/banners.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA6J5E,eAAO,MAAM,kBAAkB,EAAE,
|
|
1
|
+
{"version":3,"file":"banners.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/banners.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA6J5E,eAAO,MAAM,kBAAkB,EAAE,WAuChC,CAAC"}
|
|
@@ -2,9 +2,10 @@
|
|
|
2
2
|
* Banners security check parser.
|
|
3
3
|
* Checks login banners, MOTD, SSH banner, and OS info disclosure.
|
|
4
4
|
*/
|
|
5
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
5
6
|
const BANNERS_CHECKS = [
|
|
6
7
|
{
|
|
7
|
-
id:
|
|
8
|
+
id: CHECK_IDS.BANNERS.BANNER_ISSUE_EXISTS,
|
|
8
9
|
name: "/etc/issue Login Banner Exists",
|
|
9
10
|
severity: "info",
|
|
10
11
|
check: (output) => {
|
|
@@ -26,7 +27,7 @@ const BANNERS_CHECKS = [
|
|
|
26
27
|
explain: "A login banner provides legal notice to potential intruders, which may be required for prosecution in some jurisdictions.",
|
|
27
28
|
},
|
|
28
29
|
{
|
|
29
|
-
id:
|
|
30
|
+
id: CHECK_IDS.BANNERS.BANNER_ISSUE_NET_EXISTS,
|
|
30
31
|
name: "/etc/issue.net Banner Exists",
|
|
31
32
|
severity: "info",
|
|
32
33
|
check: (output) => {
|
|
@@ -46,7 +47,7 @@ const BANNERS_CHECKS = [
|
|
|
46
47
|
explain: "The issue.net file provides a pre-login banner for network services like SSH, serving as a legal deterrent.",
|
|
47
48
|
},
|
|
48
49
|
{
|
|
49
|
-
id:
|
|
50
|
+
id: CHECK_IDS.BANNERS.BANNER_MOTD_EXISTS,
|
|
50
51
|
name: "/etc/motd Message of the Day Exists",
|
|
51
52
|
severity: "info",
|
|
52
53
|
check: (output) => {
|
|
@@ -64,7 +65,7 @@ const BANNERS_CHECKS = [
|
|
|
64
65
|
explain: "The message of the day is shown after login and can remind users of security policies and acceptable use.",
|
|
65
66
|
},
|
|
66
67
|
{
|
|
67
|
-
id:
|
|
68
|
+
id: CHECK_IDS.BANNERS.BANNER_SSH_BANNER,
|
|
68
69
|
name: "SSH Warning Banner Configured",
|
|
69
70
|
severity: "info",
|
|
70
71
|
check: (output) => {
|
|
@@ -87,7 +88,7 @@ const BANNERS_CHECKS = [
|
|
|
87
88
|
explain: "An SSH banner displays a warning message before authentication, providing legal notice and deterring unauthorized access.",
|
|
88
89
|
},
|
|
89
90
|
{
|
|
90
|
-
id:
|
|
91
|
+
id: CHECK_IDS.BANNERS.BANNER_NO_OS_INFO,
|
|
91
92
|
name: "Banners Hide OS Version Info",
|
|
92
93
|
severity: "info",
|
|
93
94
|
check: (output) => {
|
|
@@ -106,7 +107,7 @@ const BANNERS_CHECKS = [
|
|
|
106
107
|
explain: "OS version disclosure in banners helps attackers identify specific vulnerabilities for the server's distribution and version.",
|
|
107
108
|
},
|
|
108
109
|
{
|
|
109
|
-
id:
|
|
110
|
+
id: CHECK_IDS.BANNERS.BNR_ISSUE_NET_SET,
|
|
110
111
|
name: "/etc/issue.net Contains a Warning Banner",
|
|
111
112
|
severity: "info",
|
|
112
113
|
check: (output) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"banners.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/banners.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"banners.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/banners.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAa3C,MAAM,cAAc,GAAsB;IACxC;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,mBAAmB;QACzC,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,YAAY,CAAC;gBAC7C,CAAC,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,MAAM,CAAC,MAAM,GAAG,EAAE,IAAI,CAAC,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;YAChG,0DAA0D;YAC1D,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACzD,MAAM,MAAM,GAAG,SAAS,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;YAC/C,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,oCAAoC;oBACtC,CAAC,CAAC,gCAAgC;aACrC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,sCAAsC;QACrD,UAAU,EACR,mFAAmF;QACrF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,2HAA2H;KAC9H;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,uBAAuB;QAC7C,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC/C,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,aAAa,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACzD,MAAM,MAAM,GAAG,WAAW,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;YAChF,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,0CAA0C;oBAC5C,CAAC,CAAC,oCAAoC;aACzC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EACR,uFAAuF;QACzF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,6GAA6G;KAChH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,kBAAkB;QACxC,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YACpE,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,YAAY,EAAE,OAAO;oBACnB,CAAC,CAAC,yBAAyB;oBAC3B,CAAC,CAAC,+BAA+B;aACpC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,sDAAsD;QACrE,UAAU,EACR,4DAA4D;QAC9D,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,2GAA2G;KAC9G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,iBAAiB;QACvC,IAAI,EAAE,+BAA+B;QACrC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,gDAAgD;YAChD,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,6BAA6B,CAAC,CAAC;YAChE,IAAI,CAAC,WAAW;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2BAA2B,EAAE,CAAC;YACtF,MAAM,UAAU,GAAG,WAAW,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YACzC,MAAM,MAAM,GAAG,UAAU,KAAK,MAAM,IAAI,UAAU,KAAK,EAAE,IAAI,UAAU,KAAK,WAAW,CAAC;YACxF,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,eAAe,UAAU,EAAE;oBAC7B,CAAC,CAAC,qCAAqC;aAC1C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EACR,gFAAgF;QAClF,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,2HAA2H;KAC9H;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,iBAAiB;QACvC,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,UAAU,GACd,2EAA2E,CAAC;YAC9E,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC1C,OAAO;gBACL,MAAM,EAAE,CAAC,SAAS;gBAClB,YAAY,EAAE,SAAS;oBACrB,CAAC,CAAC,8CAA8C;oBAChD,CAAC,CAAC,uCAAuC;aAC5C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oDAAoD;QACnE,UAAU,EACR,gGAAgG;QAClG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,+HAA+H;KAClI;IACD;QACE,EAAE,EAAE,SAAS,CAAC,OAAO,CAAC,iBAAiB;QACvC,IAAI,EAAE,0CAA0C;QAChD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,qDAAqD;YACrD,yDAAyD;YACzD,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC;YAC7C,MAAM,aAAa,GAAG,2EAA2E,CAAC;YAClG,MAAM,OAAO,GAAG,MAAM,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;YACtD,MAAM,MAAM,GAAG,CAAC,SAAS,IAAI,OAAO,CAAC,MAAM,GAAG,EAAE,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;YACjF,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,kDAAkD;oBACpD,CAAC,CAAC,SAAS;wBACT,CAAC,CAAC,2BAA2B;wBAC7B,CAAC,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE;4BACpB,CAAC,CAAC,qCAAqC;4BACvC,CAAC,CAAC,iDAAiD;aAC1D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,oEAAoE;QACnF,UAAU,EAAE,+EAA+E;QAC3F,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,mHAAmH;KACtH;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,kBAAkB,GAAgB,CAC7C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,cAAc,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAChC,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,SAAS;gBACnB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,SAAS;YACnB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"boot.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/boot.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA8P5E,eAAO,MAAM,eAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"boot.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/boot.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA8P5E,eAAO,MAAM,eAAe,EAAE,WA4B7B,CAAC"}
|
|
@@ -2,9 +2,10 @@
|
|
|
2
2
|
* Boot security check parser.
|
|
3
3
|
* Checks bootloader hardening, secure boot, and kernel boot parameters.
|
|
4
4
|
*/
|
|
5
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
5
6
|
const BOOT_CHECKS = [
|
|
6
7
|
{
|
|
7
|
-
id:
|
|
8
|
+
id: CHECK_IDS.BOOT.BOOT_GRUB_PERMS,
|
|
8
9
|
name: "Bootloader Config Restricted",
|
|
9
10
|
severity: "warning",
|
|
10
11
|
vpsIrrelevant: true,
|
|
@@ -26,7 +27,7 @@ const BOOT_CHECKS = [
|
|
|
26
27
|
explain: "A world-readable bootloader config can reveal kernel parameters and system configuration to local attackers.",
|
|
27
28
|
},
|
|
28
29
|
{
|
|
29
|
-
id:
|
|
30
|
+
id: CHECK_IDS.BOOT.BOOT_GRUB_PASSWORD,
|
|
30
31
|
name: "GRUB Password Set",
|
|
31
32
|
severity: "info",
|
|
32
33
|
vpsIrrelevant: true,
|
|
@@ -43,7 +44,7 @@ const BOOT_CHECKS = [
|
|
|
43
44
|
explain: "Without a GRUB password, anyone with physical or console access can modify boot parameters to gain root access.",
|
|
44
45
|
},
|
|
45
46
|
{
|
|
46
|
-
id:
|
|
47
|
+
id: CHECK_IDS.BOOT.BOOT_SECURE_BOOT,
|
|
47
48
|
name: "Secure Boot Status",
|
|
48
49
|
severity: "info",
|
|
49
50
|
vpsIrrelevant: true,
|
|
@@ -63,7 +64,7 @@ const BOOT_CHECKS = [
|
|
|
63
64
|
explain: "Secure Boot prevents loading unsigned kernel modules and bootloaders, protecting against rootkit installation.",
|
|
64
65
|
},
|
|
65
66
|
{
|
|
66
|
-
id:
|
|
67
|
+
id: CHECK_IDS.BOOT.BOOT_CMDLINE_SECURITY,
|
|
67
68
|
name: "Kernel Boot Security Parameters",
|
|
68
69
|
severity: "info",
|
|
69
70
|
check: (output) => {
|
|
@@ -81,7 +82,7 @@ const BOOT_CHECKS = [
|
|
|
81
82
|
explain: "Kernel boot parameters should enable mandatory access control frameworks to enforce security policies.",
|
|
82
83
|
},
|
|
83
84
|
{
|
|
84
|
-
id:
|
|
85
|
+
id: CHECK_IDS.BOOT.BOOT_GRUB_DIR_PERMS,
|
|
85
86
|
name: "GRUB Directory Restricted",
|
|
86
87
|
severity: "warning",
|
|
87
88
|
vpsIrrelevant: true,
|
|
@@ -104,7 +105,7 @@ const BOOT_CHECKS = [
|
|
|
104
105
|
explain: "The GRUB configuration directory contains scripts that run at boot — restricting access prevents unauthorized boot modifications.",
|
|
105
106
|
},
|
|
106
107
|
{
|
|
107
|
-
id:
|
|
108
|
+
id: CHECK_IDS.BOOT.BOOT_BOOT_PARTITION,
|
|
108
109
|
name: "/boot Mount Options",
|
|
109
110
|
severity: "info",
|
|
110
111
|
vpsIrrelevant: true,
|
|
@@ -128,7 +129,7 @@ const BOOT_CHECKS = [
|
|
|
128
129
|
explain: "Restrictive mount options on /boot prevent execution of setuid binaries and device files from the boot partition.",
|
|
129
130
|
},
|
|
130
131
|
{
|
|
131
|
-
id:
|
|
132
|
+
id: CHECK_IDS.BOOT.BOOT_SINGLE_USER_AUTH,
|
|
132
133
|
name: "Single User Mode Authentication",
|
|
133
134
|
severity: "warning",
|
|
134
135
|
vpsIrrelevant: true,
|
|
@@ -147,7 +148,7 @@ const BOOT_CHECKS = [
|
|
|
147
148
|
explain: "Without authentication in single-user mode, anyone with console access gets a root shell without a password.",
|
|
148
149
|
},
|
|
149
150
|
{
|
|
150
|
-
id:
|
|
151
|
+
id: CHECK_IDS.BOOT.BOOT_KERNEL_MODULES,
|
|
151
152
|
name: "Kernel Module Loading Restricted",
|
|
152
153
|
severity: "info",
|
|
153
154
|
check: (output) => {
|
|
@@ -166,7 +167,7 @@ const BOOT_CHECKS = [
|
|
|
166
167
|
explain: "Restricting kernel module loading after boot prevents attackers from loading rootkit kernel modules at runtime.",
|
|
167
168
|
},
|
|
168
169
|
{
|
|
169
|
-
id:
|
|
170
|
+
id: CHECK_IDS.BOOT.BOOT_UEFI_SECURE,
|
|
170
171
|
name: "System Uses UEFI Boot",
|
|
171
172
|
severity: "info",
|
|
172
173
|
vpsIrrelevant: true,
|
|
@@ -183,7 +184,7 @@ const BOOT_CHECKS = [
|
|
|
183
184
|
explain: "UEFI boot supports Secure Boot which verifies bootloader integrity, preventing boot-level rootkits.",
|
|
184
185
|
},
|
|
185
186
|
{
|
|
186
|
-
id:
|
|
187
|
+
id: CHECK_IDS.BOOT.BOOT_RESCUE_AUTH,
|
|
187
188
|
name: "Rescue/Emergency Mode Requires Authentication",
|
|
188
189
|
severity: "warning",
|
|
189
190
|
vpsIrrelevant: true,
|
|
@@ -202,7 +203,7 @@ const BOOT_CHECKS = [
|
|
|
202
203
|
explain: "Without authentication on rescue mode, physical or console access grants immediate root shell.",
|
|
203
204
|
},
|
|
204
205
|
{
|
|
205
|
-
id:
|
|
206
|
+
id: CHECK_IDS.BOOT.BOOT_GRUB_UNRESTRICTED,
|
|
206
207
|
name: "GRUB Bootloader Has Password Authentication",
|
|
207
208
|
severity: "info",
|
|
208
209
|
vpsIrrelevant: true,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"boot.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/boot.ts"],"names":[],"mappings":"AAAA;;;GAGG;
|
|
1
|
+
{"version":3,"file":"boot.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/boot.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAc3C,MAAM,WAAW,GAAmB;IAClC;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,eAAe;QAClC,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kDAAkD;YAClD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,yBAAyB,CAAC,CAAC;YAC1D,IAAI,CAAC,SAAS;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,qCAAqC,EAAE,CAAC;YAC9F,MAAM,KAAK,GAAG,SAAS,CAAC,CAAC,CAAC,CAAC;YAC3B,MAAM,MAAM,GAAG,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,CAAC;YAClD,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,yBAAyB,KAAK,EAAE;aAC/C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kDAAkD;QACjE,UAAU,EAAE,sEAAsE;QAClF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,8GAA8G;KACjH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,kBAAkB;QACrC,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC5E,OAAO;gBACL,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,KAAK,CAAC,CAAC,CAAC,6BAA6B,CAAC,CAAC,CAAC,sBAAsB;aAC7E,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,+DAA+D;QAC9E,UAAU,EAAE,0DAA0D;QACtE,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,iHAAiH;KACpH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,gBAAgB;QACnC,IAAI,EAAE,oBAAoB;QAC1B,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACxD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uCAAuC,EAAE,CAAC;YAClF,CAAC;YACD,MAAM,OAAO,GAAG,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnD,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,wCAAwC;aAC5F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kDAAkD;QACjE,UAAU,EAAE,oEAAoE;QAChF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,gHAAgH;KACnH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,qBAAqB;QACxC,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,YAAY,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC5E,OAAO;gBACL,MAAM,EAAE,WAAW;gBACnB,YAAY,EAAE,WAAW;oBACvB,CAAC,CAAC,+CAA+C;oBACjD,CAAC,CAAC,yCAAyC;aAC9C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kDAAkD;QACjE,UAAU,EACR,uGAAuG;QACzG,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,wGAAwG;KAC3G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,mBAAmB;QACtC,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;QACnB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,sBAAsB;YACtB,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,+BAA+B,CAAC,CAAC;YAC5D,IAAI,CAAC,KAAK;gBAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,wCAAwC,EAAE,CAAC;YAC7F,MAAM,KAAK,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YACvB,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACjD,MAAM,MAAM,GAAG,UAAU,KAAK,CAAC,CAAC;YAChC,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,4BAA4B,KAAK,EAAE;aAClD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yDAAyD;QACxE,UAAU,EAAE,uBAAuB;QACnC,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,mIAAmI;KACtI;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,mBAAmB;QACtC,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC9B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uCAAuC,EAAE,CAAC;YAClF,CAAC;YACD,MAAM,SAAS,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACzC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvC,MAAM,MAAM,GAAG,SAAS,IAAI,QAAQ,CAAC;YACrC,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,qCAAqC;oBACvC,CAAC,CAAC,wCAAwC;aAC7C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6CAA6C;QAC5D,UAAU,EACR,+DAA+D;QACjE,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,mHAAmH;KACtH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,qBAAqB;QACxC,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxC,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,YAAY,EAAE,OAAO;oBACnB,CAAC,CAAC,0CAA0C;oBAC5C,CAAC,CAAC,2CAA2C;aAChD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,yCAAyC;QACxD,UAAU,EACR,8FAA8F;QAChG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,8GAA8G;KACjH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,mBAAmB;QACtC,IAAI,EAAE,kCAAkC;QACxC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,UAAU,GAAG,2BAA2B,CAAC,IAAI,CAAC,MAAM,CAAC;gBACzD,mCAAmC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACnD,OAAO;gBACL,MAAM,EAAE,UAAU;gBAClB,YAAY,EAAE,UAAU;oBACtB,CAAC,CAAC,qCAAqC;oBACvC,CAAC,CAAC,yCAAyC;aAC9C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EACR,kFAAkF;QACpF,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,iHAAiH;KACpH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,gBAAgB;QACnC,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvC,OAAO;gBACL,MAAM,EAAE,MAAM;gBACd,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,uBAAuB,CAAC,CAAC,CAAC,gCAAgC;aAClF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4BAA4B;QAC3C,UAAU,EAAE,0EAA0E;QACtF,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,qGAAqG;KACxG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,gBAAgB;QACnC,IAAI,EAAE,+CAA+C;QACrD,QAAQ,EAAE,SAAS;QACnB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACxC,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,YAAY,EAAE,OAAO;oBACnB,CAAC,CAAC,+DAA+D;oBACjE,CAAC,CAAC,sDAAsD;aAC3D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gEAAgE;QAC/E,UAAU,EACR,+FAA+F;QACjG,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,gGAAgG;KACnG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,IAAI,CAAC,sBAAsB;QACzC,IAAI,EAAE,6CAA6C;QACnD,QAAQ,EAAE,MAAM;QAChB,aAAa,EAAE,IAAI;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,gEAAgE;YAChE,mCAAmC;YACnC,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACtC,MAAM,aAAa,GAAG,iBAAiB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACrD,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClD,MAAM,MAAM,GAAG,CAAC,MAAM,IAAI,CAAC,aAAa,IAAI,SAAS,CAAC,CAAC;YACvD,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,6CAA6C;oBAC/C,CAAC,CAAC,+CAA+C;aACpD,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uDAAuD;QACtE,UAAU,EAAE,+DAA+D;QAC3E,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,oIAAoI;KACvI;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,eAAe,GAAgB,CAC1C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,WAAW,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC7B,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,IAAI;YACnC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,qBAAqB,EAAE;YACxD,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACtB,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,MAAM;YAChB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,GAAG,CAAC,GAAG,CAAC,aAAa,KAAK,SAAS,IAAI,EAAE,aAAa,EAAE,GAAG,CAAC,aAAa,EAAE,CAAC;SAC7E,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cloudmeta.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/cloudmeta.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA2J5E,eAAO,MAAM,oBAAoB,EAAE,
|
|
1
|
+
{"version":3,"file":"cloudmeta.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/cloudmeta.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA2J5E,eAAO,MAAM,oBAAoB,EAAE,WAiClC,CAAC"}
|
|
@@ -5,9 +5,10 @@
|
|
|
5
5
|
* On VPS/cloud environments (IS_VPS sentinel), parses IMDS endpoint accessibility,
|
|
6
6
|
* cloud-init log credential exposure, and IMDSv2 enforcement.
|
|
7
7
|
*/
|
|
8
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
8
9
|
const CLOUDMETA_CHECKS = [
|
|
9
10
|
{
|
|
10
|
-
id:
|
|
11
|
+
id: CHECK_IDS.CLOUDMETA.CLOUDMETA_ENDPOINT_BLOCKED,
|
|
11
12
|
name: "Metadata Endpoint Not Publicly Accessible",
|
|
12
13
|
severity: "critical",
|
|
13
14
|
check: (output) => {
|
|
@@ -27,7 +28,7 @@ const CLOUDMETA_CHECKS = [
|
|
|
27
28
|
explain: "The cloud IMDS (Instance Metadata Service) at 169.254.169.254 exposes IAM credentials, SSH keys, and instance identity tokens. If accessible to all processes, any compromised application can steal cloud credentials. Block with iptables for all non-root processes.",
|
|
28
29
|
},
|
|
29
30
|
{
|
|
30
|
-
id:
|
|
31
|
+
id: CHECK_IDS.CLOUDMETA.CLOUDMETA_INIT_LOG_CLEAN,
|
|
31
32
|
name: "Cloud-Init Logs Free of Credentials",
|
|
32
33
|
severity: "warning",
|
|
33
34
|
check: (output) => {
|
|
@@ -50,7 +51,7 @@ const CLOUDMETA_CHECKS = [
|
|
|
50
51
|
explain: "Cloud-init logs (/var/log/cloud-init.log) can persist bootstrap credentials passed as user-data or config-drive scripts. If user-data included passwords or tokens, they may be readable in these logs by any user with log access.",
|
|
51
52
|
},
|
|
52
53
|
{
|
|
53
|
-
id:
|
|
54
|
+
id: CHECK_IDS.CLOUDMETA.CLOUDMETA_IMDSV2_ENFORCED,
|
|
54
55
|
name: "IMDSv2 Session-Oriented API Enforced (AWS)",
|
|
55
56
|
severity: "warning",
|
|
56
57
|
check: (output) => {
|
|
@@ -70,7 +71,7 @@ const CLOUDMETA_CHECKS = [
|
|
|
70
71
|
explain: "AWS IMDSv1 is vulnerable to SSRF attacks — any application-level SSRF can fetch IAM role credentials from the metadata service. IMDSv2 requires a session token obtained via a PUT request, which SSRF cannot perform due to HTTP redirect restrictions.",
|
|
71
72
|
},
|
|
72
73
|
{
|
|
73
|
-
id:
|
|
74
|
+
id: CHECK_IDS.CLOUDMETA.CLOUDMETA_SENSITIVE_ENV_NOT_IN_CLOUDINIT,
|
|
74
75
|
name: "Sensitive Data Not Passed via Cloud-Init User Data",
|
|
75
76
|
severity: "info",
|
|
76
77
|
check: (output) => {
|
|
@@ -91,7 +92,7 @@ const CLOUDMETA_CHECKS = [
|
|
|
91
92
|
explain: "Embedding secrets directly in cloud-init user data stores them in the instance metadata at /user-data, readable by any process that can access the IMDS endpoint. Use a secrets manager and fetch credentials at runtime instead.",
|
|
92
93
|
},
|
|
93
94
|
{
|
|
94
|
-
id:
|
|
95
|
+
id: CHECK_IDS.CLOUDMETA.CLOUDMETA_VPC_METADATA_FIREWALL,
|
|
95
96
|
name: "VPC Security Group or Firewall Restricts Metadata Access",
|
|
96
97
|
severity: "info",
|
|
97
98
|
check: (output) => {
|
|
@@ -112,7 +113,7 @@ const CLOUDMETA_CHECKS = [
|
|
|
112
113
|
explain: "Even with IMDSv2 enabled, restricting metadata endpoint access by process UID using iptables provides defense-in-depth. This prevents compromised non-root services from enumerating instance metadata or acquiring temporary credentials.",
|
|
113
114
|
},
|
|
114
115
|
{
|
|
115
|
-
id:
|
|
116
|
+
id: CHECK_IDS.CLOUDMETA.CLOUDMETA_IMDSV1_DISABLED,
|
|
116
117
|
name: "IMDSv1 Not Accessible (Only IMDSv2 Works)",
|
|
117
118
|
severity: "info",
|
|
118
119
|
check: (output) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"cloudmeta.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/cloudmeta.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;
|
|
1
|
+
{"version":3,"file":"cloudmeta.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/cloudmeta.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAGH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAa3C,MAAM,gBAAgB,GAAwB;IAC5C;QACE,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,0BAA0B;QAClD,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YACtD,MAAM,YAAY,GAAG,MAAM,CAAC,QAAQ,CAAC,qBAAqB,CAAC,CAAC;YAC5D,IAAI,SAAS,EAAE,CAAC;gBACd,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,2DAA2D,EAAE,CAAC;YACrG,CAAC;YACD,IAAI,YAAY,EAAE,CAAC;gBACjB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oEAAoE,EAAE,CAAC;YAC/G,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iDAAiD,EAAE,CAAC;QAC5F,CAAC;QACD,aAAa,EAAE,6DAA6D;QAC5E,UAAU,EACR,qHAAqH;QACvH,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,yQAAyQ;KAC5Q;IACD;QACE,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,wBAAwB;QAChD,IAAI,EAAE,qCAAqC;QAC3C,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC;YACnD,qDAAqD;YACrD,MAAM,qBAAqB,GAAG,mCAAmC,CAAC;YAClE,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,MAAM,eAAe,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,iBAAiB,CAAC,CAAC,CAAC;YAC7G,IAAI,OAAO,IAAI,eAAe,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC5C,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,oDAAoD,EAAE,CAAC;YAC9F,CAAC;YACD,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBAC/B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2BAA2B,eAAe,CAAC,MAAM,0BAA0B,EAAE,CAAC;YACtH,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,4CAA4C,EAAE,CAAC;QACtF,CAAC;QACD,aAAa,EAAE,8DAA8D;QAC7E,UAAU,EACR,4IAA4I;QAC9I,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,qOAAqO;KACxO;IACD;QACE,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,yBAAyB;QACjD,IAAI,EAAE,4CAA4C;QAClD,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YAC1D,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,oBAAoB,CAAC,CAAC;YAC9D,IAAI,aAAa,EAAE,CAAC;gBAClB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,uDAAuD,EAAE,CAAC;YACjG,CAAC;YACD,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2EAA2E,EAAE,CAAC;YACtH,CAAC;YACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,mCAAmC,EAAE,CAAC;QAC9E,CAAC;QACD,aAAa,EAAE,2DAA2D;QAC1E,UAAU,EACR,6JAA6J;QAC/J,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,0PAA0P;KAC7P;IACD;QACE,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,wCAAwC;QAChE,IAAI,EAAE,oDAAoD;QAC1D,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,MAAM,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAC;YAC9D,MAAM,eAAe,GAAG,MAAM,CAAC,QAAQ,CAAC,4BAA4B,CAAC,CAAC;YACtE,IAAI,OAAO,EAAE,CAAC;gBACZ,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,qEAAqE,EAAE,CAAC;YAC/G,CAAC;YACD,IAAI,eAAe,EAAE,CAAC;gBACpB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,+DAA+D,EAAE,CAAC;YAC1G,CAAC;YACD,iEAAiE;YACjE,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,oEAAoE,EAAE,CAAC;QAC9G,CAAC;QACD,aAAa,EAAE,sEAAsE;QACrF,UAAU,EACR,sIAAsI;QACxI,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,mOAAmO;KACtO;IACD;QACE,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,+BAA+B;QACvD,IAAI,EAAE,0DAA0D;QAChE,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,sBAAsB,CAAC,CAAC;YACvE,MAAM,qBAAqB,GAAG,MAAM,CAAC,QAAQ,CAAC,2BAA2B,CAAC,CAAC;YAC3E,IAAI,sBAAsB,EAAE,CAAC;gBAC3B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,4DAA4D,EAAE,CAAC;YACtG,CAAC;YACD,IAAI,qBAAqB,EAAE,CAAC;gBAC1B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iEAAiE,EAAE,CAAC;YAC5G,CAAC;YACD,0DAA0D;YAC1D,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,oDAAoD,EAAE,CAAC;QAC9F,CAAC;QACD,aAAa,EAAE,6EAA6E;QAC5F,UAAU,EACR,2EAA2E;QAC7E,aAAa,EAAE,MAAM;QACrB,OAAO,EACL,4OAA4O;KAC/O;IACD;QACE,EAAE,EAAE,SAAS,CAAC,SAAS,CAAC,yBAAyB;QACjD,IAAI,EAAE,2CAA2C;QACjD,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YACtD,MAAM,aAAa,GAAG,MAAM,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAAC;YAC1D,MAAM,MAAM,GAAG,SAAS,IAAI,aAAa,CAAC;YAC1C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,SAAS;wBACT,CAAC,CAAC,mDAAmD;wBACrD,CAAC,CAAC,oEAAoE;oBACxE,CAAC,CAAC,6DAA6D;aAClE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6DAA6D;QAC5E,UAAU,EAAE,kGAAkG;QAC9G,aAAa,EAAE,SAAS;QACxB,OAAO,EACL,sHAAsH;KACzH;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,oBAAoB,GAAgB,CAC/C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,uEAAuE;IACvE,qEAAqE;IACrE,IACE,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE;QAC3B,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,QAAQ,CAAC,YAAY,CAAC,EACpC,CAAC;QACD,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,+CAA+C;IAC/C,MAAM,MAAM,GAAG,aAAa,CAAC;IAE7B,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAClC,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,gBAAgB;YAC1B,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1,8 +1,3 @@
|
|
|
1
|
-
/**
|
|
2
|
-
* Crypto security check parser.
|
|
3
|
-
* Parses OpenSSL version, SSH cipher/MAC/KEX config, LUKS disk, TLS protocol,
|
|
4
|
-
* and certificate expiry data into 10 security checks.
|
|
5
|
-
*/
|
|
6
1
|
import type { CheckParser } from "../types.js";
|
|
7
2
|
export declare const parseCryptoChecks: CheckParser;
|
|
8
3
|
//# sourceMappingURL=crypto.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/crypto.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"crypto.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/crypto.ts"],"names":[],"mappings":"AAOA,OAAO,KAAK,EAAa,WAAW,EAAoB,MAAM,aAAa,CAAC;AA8c5E,eAAO,MAAM,iBAAiB,EAAE,WAuC/B,CAAC"}
|
|
@@ -3,10 +3,11 @@
|
|
|
3
3
|
* Parses OpenSSL version, SSH cipher/MAC/KEX config, LUKS disk, TLS protocol,
|
|
4
4
|
* and certificate expiry data into 10 security checks.
|
|
5
5
|
*/
|
|
6
|
+
import { CHECK_IDS } from "../checkIds.js";
|
|
6
7
|
import { WEAK_CIPHERS, WEAK_MACS, WEAK_KEX } from "../../../constants.js";
|
|
7
8
|
const CRYPTO_CHECKS = [
|
|
8
9
|
{
|
|
9
|
-
id:
|
|
10
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_OPENSSL_INSTALLED,
|
|
10
11
|
name: "OpenSSL Installed",
|
|
11
12
|
severity: "info",
|
|
12
13
|
check: (output) => {
|
|
@@ -22,7 +23,7 @@ const CRYPTO_CHECKS = [
|
|
|
22
23
|
explain: "OpenSSL provides the cryptographic library used by most services for TLS and certificate operations.",
|
|
23
24
|
},
|
|
24
25
|
{
|
|
25
|
-
id:
|
|
26
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_SSH_WEAK_CIPHERS,
|
|
26
27
|
name: "SSH No Weak Ciphers",
|
|
27
28
|
severity: "warning",
|
|
28
29
|
check: (output) => {
|
|
@@ -43,7 +44,7 @@ const CRYPTO_CHECKS = [
|
|
|
43
44
|
explain: "Weak SSH ciphers (arcfour, 3DES, Blowfish) are vulnerable to known cryptographic attacks including SWEET32 and related attacks.",
|
|
44
45
|
},
|
|
45
46
|
{
|
|
46
|
-
id:
|
|
47
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_SSH_WEAK_MACS,
|
|
47
48
|
name: "SSH No Weak MACs",
|
|
48
49
|
severity: "warning",
|
|
49
50
|
check: (output) => {
|
|
@@ -64,7 +65,7 @@ const CRYPTO_CHECKS = [
|
|
|
64
65
|
explain: "Weak SSH MACs like HMAC-MD5 and HMAC-SHA1-96 provide insufficient integrity protection and are vulnerable to collision attacks.",
|
|
65
66
|
},
|
|
66
67
|
{
|
|
67
|
-
id:
|
|
68
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_SSH_WEAK_KEX,
|
|
68
69
|
name: "SSH No Weak Key Exchange",
|
|
69
70
|
severity: "warning",
|
|
70
71
|
check: (output) => {
|
|
@@ -85,7 +86,7 @@ const CRYPTO_CHECKS = [
|
|
|
85
86
|
explain: "Weak Diffie-Hellman group1 and group14 key exchanges are susceptible to Logjam attack, allowing MitM decryption of SSH sessions.",
|
|
86
87
|
},
|
|
87
88
|
{
|
|
88
|
-
id:
|
|
89
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_SSH_ED25519_KEY,
|
|
89
90
|
name: "SSH ED25519 Host Key Present",
|
|
90
91
|
severity: "info",
|
|
91
92
|
check: (output) => {
|
|
@@ -101,7 +102,7 @@ const CRYPTO_CHECKS = [
|
|
|
101
102
|
explain: "ED25519 host keys use modern elliptic curve cryptography offering stronger security and better performance than RSA keys.",
|
|
102
103
|
},
|
|
103
104
|
{
|
|
104
|
-
id:
|
|
105
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_LUKS_DISK,
|
|
105
106
|
name: "Disk Encryption (LUKS) Present",
|
|
106
107
|
severity: "info",
|
|
107
108
|
check: (output) => {
|
|
@@ -117,7 +118,7 @@ const CRYPTO_CHECKS = [
|
|
|
117
118
|
explain: "LUKS disk encryption protects data at rest against physical theft or unauthorized access to storage media.",
|
|
118
119
|
},
|
|
119
120
|
{
|
|
120
|
-
id:
|
|
121
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_TLS_MIN_PROTOCOL,
|
|
121
122
|
name: "TLS Minimum Protocol Version",
|
|
122
123
|
severity: "warning",
|
|
123
124
|
check: (output) => {
|
|
@@ -142,7 +143,7 @@ const CRYPTO_CHECKS = [
|
|
|
142
143
|
explain: "Setting a minimum TLS protocol version prevents clients from negotiating insecure TLS 1.0 or 1.1 connections.",
|
|
143
144
|
},
|
|
144
145
|
{
|
|
145
|
-
id:
|
|
146
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_CERT_NOT_EXPIRED,
|
|
146
147
|
name: "TLS Certificate Not Expired",
|
|
147
148
|
severity: "warning",
|
|
148
149
|
check: (output) => {
|
|
@@ -178,7 +179,7 @@ const CRYPTO_CHECKS = [
|
|
|
178
179
|
explain: "Expired TLS certificates cause browser warnings and trust errors, disrupting service and indicating poor certificate lifecycle management.",
|
|
179
180
|
},
|
|
180
181
|
{
|
|
181
|
-
id:
|
|
182
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_NO_SSLV3,
|
|
182
183
|
name: "SSLv3 Disabled",
|
|
183
184
|
severity: "warning",
|
|
184
185
|
check: (output) => {
|
|
@@ -195,7 +196,7 @@ const CRYPTO_CHECKS = [
|
|
|
195
196
|
explain: "SSLv3 is vulnerable to the POODLE attack which allows an attacker to decrypt encrypted communications in an active MitM scenario.",
|
|
196
197
|
},
|
|
197
198
|
{
|
|
198
|
-
id:
|
|
199
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_OPENSSL_MODERN,
|
|
199
200
|
name: "OpenSSL Modern Version",
|
|
200
201
|
severity: "info",
|
|
201
202
|
check: (output) => {
|
|
@@ -220,7 +221,7 @@ const CRYPTO_CHECKS = [
|
|
|
220
221
|
explain: "OpenSSL 1.0.x and earlier have known vulnerabilities including Heartbleed (1.0.1) and lack modern cipher support.",
|
|
221
222
|
},
|
|
222
223
|
{
|
|
223
|
-
id:
|
|
224
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_WEAK_SSH_KEYS,
|
|
224
225
|
name: "No Weak DSA SSH Host Keys",
|
|
225
226
|
severity: "warning",
|
|
226
227
|
check: (output) => {
|
|
@@ -236,7 +237,7 @@ const CRYPTO_CHECKS = [
|
|
|
236
237
|
explain: "DSA host keys use fixed 1024-bit key length which is cryptographically weak by modern standards.",
|
|
237
238
|
},
|
|
238
239
|
{
|
|
239
|
-
id:
|
|
240
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_HOST_KEY_PERMS,
|
|
240
241
|
name: "SSH Host Key Permissions Restrictive",
|
|
241
242
|
severity: "critical",
|
|
242
243
|
check: (output) => {
|
|
@@ -267,7 +268,7 @@ const CRYPTO_CHECKS = [
|
|
|
267
268
|
explain: "World-readable SSH host private keys allow any local user to impersonate the server.",
|
|
268
269
|
},
|
|
269
270
|
{
|
|
270
|
-
id:
|
|
271
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_NO_WEAK_OPENSSL_CIPHERS,
|
|
271
272
|
name: "No Excessive Weak OpenSSL Ciphers",
|
|
272
273
|
severity: "warning",
|
|
273
274
|
check: (output) => {
|
|
@@ -302,7 +303,7 @@ const CRYPTO_CHECKS = [
|
|
|
302
303
|
explain: "Weak ciphers in the OpenSSL configuration can be exploited through protocol downgrade attacks.",
|
|
303
304
|
},
|
|
304
305
|
{
|
|
305
|
-
id:
|
|
306
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_MIN_PROTOCOL,
|
|
306
307
|
name: "OpenSSL Minimum TLS Protocol",
|
|
307
308
|
severity: "warning",
|
|
308
309
|
check: (output) => {
|
|
@@ -323,7 +324,7 @@ const CRYPTO_CHECKS = [
|
|
|
323
324
|
explain: "TLS versions below 1.2 have known cryptographic weaknesses and are deprecated by NIST and PCI-DSS.",
|
|
324
325
|
},
|
|
325
326
|
{
|
|
326
|
-
id:
|
|
327
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_LUKS_KEY_SIZE,
|
|
327
328
|
name: "LUKS Encryption Present or Info",
|
|
328
329
|
severity: "info",
|
|
329
330
|
check: (output) => {
|
|
@@ -339,7 +340,7 @@ const CRYPTO_CHECKS = [
|
|
|
339
340
|
explain: "LUKS disk encryption protects data at rest; key size should be >= 256 bits for strong protection.",
|
|
340
341
|
},
|
|
341
342
|
{
|
|
342
|
-
id:
|
|
343
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_DH_PARAMS_SIZE,
|
|
343
344
|
name: "DH Parameters Are Adequate Size",
|
|
344
345
|
severity: "warning",
|
|
345
346
|
check: (output) => {
|
|
@@ -363,7 +364,7 @@ const CRYPTO_CHECKS = [
|
|
|
363
364
|
explain: "DH parameters smaller than 2048 bits are vulnerable to Logjam attacks that allow passive TLS decryption.",
|
|
364
365
|
},
|
|
365
366
|
{
|
|
366
|
-
id:
|
|
367
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_NO_WORLD_READABLE_KEYS,
|
|
367
368
|
name: "No World-Readable TLS Private Keys",
|
|
368
369
|
severity: "critical",
|
|
369
370
|
check: (output) => {
|
|
@@ -389,7 +390,7 @@ const CRYPTO_CHECKS = [
|
|
|
389
390
|
explain: "World-readable TLS private keys allow any local user to impersonate the server or decrypt intercepted traffic.",
|
|
390
391
|
},
|
|
391
392
|
{
|
|
392
|
-
id:
|
|
393
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_CERT_COUNT,
|
|
393
394
|
name: "CA Certificate Store Populated",
|
|
394
395
|
severity: "info",
|
|
395
396
|
check: (output) => {
|
|
@@ -424,7 +425,7 @@ const CRYPTO_CHECKS = [
|
|
|
424
425
|
explain: "A populated CA certificate store is required for TLS verification; empty stores cause all HTTPS connections to fail or bypass validation.",
|
|
425
426
|
},
|
|
426
427
|
{
|
|
427
|
-
id:
|
|
428
|
+
id: CHECK_IDS.CRYPTO.CRYPTO_NGINX_TLS_MODERN,
|
|
428
429
|
name: "Nginx TLS Protocols Are Modern",
|
|
429
430
|
severity: "warning",
|
|
430
431
|
check: (output) => {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/crypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAGH,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAc1E,MAAM,aAAa,GAAqB;IACtC;QACE,EAAE,EAAE,0BAA0B;QAC9B,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACtF,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,mBAAmB,CAAC,CAAC,CAAC,uBAAuB;aACrH,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,sBAAsB;QACrC,UAAU,EAAE,wBAAwB;QACpC,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,sGAAsG;KAChH;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAChE,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oCAAoC,EAAE,CAAC;YAC/E,CAAC;YACD,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YAChF,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvF,OAAO;gBACL,MAAM,EAAE,SAAS,CAAC,MAAM,KAAK,CAAC;gBAC9B,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,4BAA4B;aAC5G,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4DAA4D;QAC3E,UAAU,EAAE,4NAA4N;QACxO,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,iIAAiI;KAC3I;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC1D,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iCAAiC,EAAE,CAAC;YAC5E,CAAC;YACD,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YAC1E,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACjF,OAAO;gBACL,MAAM,EAAE,SAAS,CAAC,MAAM,KAAK,CAAC;gBAC9B,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,yBAAyB;aACtG,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4CAA4C;QAC3D,UAAU,EAAE,0JAA0J;QACtK,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,iIAAiI;KAC3I;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,0BAA0B;QAChC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAClE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iCAAiC,EAAE,CAAC;YAC5E,CAAC;YACD,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YACxE,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/E,OAAO;gBACL,MAAM,EAAE,SAAS,CAAC,MAAM,KAAK,CAAC;gBAC9B,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,wBAAwB;aACpG,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,8DAA8D;QAC7E,UAAU,EAAE,sMAAsM;QAClN,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,kIAAkI;KAC5I;IACD;QACE,EAAE,EAAE,wBAAwB;QAC5B,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvD,OAAO;gBACL,MAAM,EAAE,UAAU;gBAClB,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,4BAA4B;aACrF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,wFAAwF;QACpG,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,2HAA2H;KACrI;IACD;QACE,EAAE,EAAE,kBAAkB;QACtB,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvE,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC,CAAC,iCAAiC;aAC5F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EAAE,qGAAqG;QACjH,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,4GAA4G;KACtH;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACtE,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,yCAAyC;gBACzC,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAChC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iDAAiD,EAAE,CAAC;gBAC5F,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2CAA2C,EAAE,CAAC;YACtF,CAAC;YACD,MAAM,KAAK,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,MAAM,GAAG,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,SAAS,CAAC;YAC1D,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,KAAK,EAAE,CAAC,CAAC,CAAC,iBAAiB,KAAK,YAAY;aACrF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0DAA0D;QACzE,UAAU,EAAE,4KAA4K;QACxL,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,+GAA+G;KACzH;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kDAAkD;YAClD,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,wCAAwC,EAAE,CAAC;YAClF,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACpD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,8DAA8D;gBAC9D,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC3B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kCAAkC,EAAE,CAAC;gBAC5E,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,wCAAwC,EAAE,CAAC;YACnF,CAAC;YACD,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,0BAA0B,UAAU,EAAE,EAAE,CAAC;YACjF,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,OAAO,GAAG,GAAG,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,2BAA2B,UAAU,EAAE;oBACzC,CAAC,CAAC,0BAA0B,UAAU,EAAE;aAC3C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,oFAAoF;QAChG,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,4IAA4I;KACtJ;IACD;QACE,EAAE,EAAE,iBAAiB;QACrB,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,yDAAyD;YACzD,MAAM,YAAY,GAAG,yBAAyB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC5D,OAAO;gBACL,MAAM,EAAE,CAAC,YAAY;gBACrB,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,sCAAsC,CAAC,CAAC,CAAC,mBAAmB;aAC1F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kCAAkC;QACjD,UAAU,EAAE,mFAAmF;QAC/F,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,mIAAmI;KAC7I;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uBAAuB,EAAE,CAAC;YAClE,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8BAA8B,EAAE,CAAC;YACzE,CAAC;YACD,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YACxE,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC1E,OAAO;gBACL,MAAM,EAAE,QAAQ,IAAI,CAAC,QAAQ;gBAC7B,YAAY,EAAE,WAAW,OAAO,EAAE;aACnC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,2CAA2C;QAC1D,UAAU,EAAE,qDAAqD;QACjE,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,mHAAmH;KAC7H;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClD,OAAO;gBACL,MAAM,EAAE,CAAC,SAAS;gBAClB,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,sCAAsC,CAAC,CAAC,CAAC,wBAAwB;aAC5F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,kGAAkG;QAC9G,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,kGAAkG;KAC5G;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,iDAAiD;YACjD,8CAA8C;YAC9C,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,IAAI,EAAE,CAAC;YACvF,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9B,sCAAsC;gBACtC,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC3B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8CAA8C,EAAE,CAAC;gBACzF,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,mCAAmC,EAAE,CAAC;YAC9E,CAAC;YACD,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1C,OAAO,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,CAAC;YAC5C,CAAC,CAAC,CAAC;YACH,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAC7B,YAAY,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;oBACjC,CAAC,CAAC,gDAAgD;oBAClD,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,0CAA0C;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EAAE,mCAAmC;QAC/C,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,sFAAsF;KAChG;IACD;QACE,EAAE,EAAE,gCAAgC;QACpC,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2EAA2E;YAC3E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,IAAI,SAAS,GAAkB,IAAI,CAAC;YACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC5B,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBAClC,yDAAyD;oBACzD,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBAC1B,SAAS,GAAG,GAAG,CAAC;wBAChB,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oCAAoC,EAAE,CAAC;YAC/E,CAAC;YACD,MAAM,MAAM,GAAG,SAAS,GAAG,CAAC,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,GAAG,SAAS,sCAAsC;oBACpD,CAAC,CAAC,GAAG,SAAS,8CAA8C;aAC/D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EAAE,qFAAqF;QACjG,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,gGAAgG;KAC1G;IACD;QACE,EAAE,EAAE,qBAAqB;QACzB,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACtE,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2CAA2C,EAAE,CAAC;YACtF,CAAC;YACD,MAAM,KAAK,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,MAAM,GAAG,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,SAAS,CAAC;YAC1D,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,KAAK,EAAE,CAAC,CAAC,CAAC,iBAAiB,KAAK,kBAAkB;aAC3F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kCAAkC;QACjD,UAAU,EAAE,2EAA2E;QACvF,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,oGAAoG;KAC9G;IACD;QACE,EAAE,EAAE,sBAAsB;QAC1B,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvE,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC,CAAC,uCAAuC;aAClG,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uCAAuC;QACtD,UAAU,EAAE,0DAA0D;QACtE,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,mGAAmG;KAC7G;IACD;QACE,EAAE,EAAE,uBAAuB;QAC3B,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;YAC5F,CAAC;YACD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;YACpE,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,sDAAsD,EAAE,CAAC;YAChG,CAAC;YACD,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxC,MAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC;YAC5B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,kBAAkB,IAAI,oBAAoB,CAAC,CAAC,CAAC,kBAAkB,IAAI,mBAAmB;aAC9G,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,qDAAqD;QACpE,UAAU,EAAE,iDAAiD;QAC7D,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,0GAA0G;KACpH;IACD;QACE,EAAE,EAAE,+BAA+B;QACnC,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,8EAA8E;YAC9E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBAClC,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzB,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC1G,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,MAAM,CAAC,CAAC;YACtD,MAAM,MAAM,GAAG,MAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;YAC/C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,8BAA8B;oBAChC,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,2CAA2C;aAClE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,wDAAwD;QACvE,UAAU,EAAE,0EAA0E;QACtF,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,gHAAgH;KAC1H;IACD;QACE,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,mEAAmE;YACnE,+EAA+E;YAC/E,8DAA8D;YAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,IAAI,SAAS,GAAkB,IAAI,CAAC;YACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC5B,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBAClC,uDAAuD;oBACvD,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,GAAG,IAAI,EAAE,CAAC;wBAC3B,SAAS,GAAG,GAAG,CAAC;wBAChB,sEAAsE;oBACxE,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oCAAoC,EAAE,CAAC;YAC/E,CAAC;YACD,MAAM,MAAM,GAAG,SAAS,GAAG,CAAC,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,GAAG,SAAS,8BAA8B,CAAC,CAAC,CAAC,6CAA6C;aAClH,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EAAE,uDAAuD;QACnE,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,2IAA2I;KACrJ;IACD;QACE,EAAE,EAAE,yBAAyB;QAC7B,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,sCAAsC,EAAE,CAAC;YAChF,CAAC;YACD,8CAA8C;YAC9C,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAC/D,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;YAC5F,CAAC;YACD,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACjD,MAAM,SAAS,GAAG,yBAAyB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5D,OAAO;gBACL,MAAM,EAAE,CAAC,SAAS;gBAClB,YAAY,EAAE,SAAS;oBACrB,CAAC,CAAC,gDAAgD,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE;oBAC3E,CAAC,CAAC,mCAAmC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6CAA6C;QAC5D,UAAU,EAAE,8CAA8C;QAC1D,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,0GAA0G;KACpH;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAgB,CAC5C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC/B,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAE1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAE1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"crypto.js","sourceRoot":"","sources":["../../../../src/core/audit/checks/crypto.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AACH,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAG3C,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,QAAQ,EAAE,MAAM,uBAAuB,CAAC;AAa1E,MAAM,aAAa,GAAqB;IACtC;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,wBAAwB;QAC7C,IAAI,EAAE,mBAAmB;QACzB,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,qBAAqB,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACtF,OAAO;gBACL,MAAM,EAAE,SAAS;gBACjB,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,sBAAsB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,mBAAmB,CAAC,CAAC,CAAC,uBAAuB;aACrH,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,sBAAsB;QACrC,UAAU,EAAE,wBAAwB;QACpC,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,sGAAsG;KAChH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,uBAAuB;QAC5C,IAAI,EAAE,qBAAqB;QAC3B,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,WAAW,GAAG,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAChE,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oCAAoC,EAAE,CAAC;YAC/E,CAAC;YACD,MAAM,aAAa,GAAG,WAAW,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YAChF,MAAM,SAAS,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACvF,OAAO;gBACL,MAAM,EAAE,SAAS,CAAC,MAAM,KAAK,CAAC;gBAC9B,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,iBAAiB,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,4BAA4B;aAC5G,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4DAA4D;QAC3E,UAAU,EAAE,4NAA4N;QACxO,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,iIAAiI;KAC3I;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,oBAAoB;QACzC,IAAI,EAAE,kBAAkB;QACxB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,QAAQ,GAAG,MAAM,CAAC,KAAK,CAAC,eAAe,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC1D,IAAI,CAAC,QAAQ,EAAE,CAAC;gBACd,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iCAAiC,EAAE,CAAC;YAC5E,CAAC;YACD,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YAC1E,MAAM,SAAS,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACjF,OAAO;gBACL,MAAM,EAAE,SAAS,CAAC,MAAM,KAAK,CAAC;gBAC9B,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,cAAc,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,yBAAyB;aACtG,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,4CAA4C;QAC3D,UAAU,EAAE,0JAA0J;QACtK,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,iIAAiI;KAC3I;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,mBAAmB;QACxC,IAAI,EAAE,0BAA0B;QAChC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAClE,IAAI,CAAC,OAAO,EAAE,CAAC;gBACb,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iCAAiC,EAAE,CAAC;YAC5E,CAAC;YACD,MAAM,SAAS,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC;YACxE,MAAM,SAAS,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC/E,OAAO;gBACL,MAAM,EAAE,SAAS,CAAC,MAAM,KAAK,CAAC;gBAC9B,YAAY,EAAE,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,aAAa,SAAS,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC,wBAAwB;aACpG,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,8DAA8D;QAC7E,UAAU,EAAE,sMAAsM;QAClN,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,kIAAkI;KAC5I;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,sBAAsB;QAC3C,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvD,OAAO;gBACL,MAAM,EAAE,UAAU;gBAClB,YAAY,EAAE,UAAU,CAAC,CAAC,CAAC,0BAA0B,CAAC,CAAC,CAAC,4BAA4B;aACrF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,wFAAwF;QACpG,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,2HAA2H;KACrI;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,gBAAgB;QACrC,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvE,OAAO;gBACL,MAAM,EAAE,OAAO;gBACf,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC,CAAC,iCAAiC;aAC5F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EAAE,qGAAqG;QACjH,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,4GAA4G;KACtH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,uBAAuB;QAC5C,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACtE,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,yCAAyC;gBACzC,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAChC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,iDAAiD,EAAE,CAAC;gBAC5F,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2CAA2C,EAAE,CAAC;YACtF,CAAC;YACD,MAAM,KAAK,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,MAAM,GAAG,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,SAAS,CAAC;YAC1D,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,KAAK,EAAE,CAAC,CAAC,CAAC,iBAAiB,KAAK,YAAY;aACrF,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0DAA0D;QACzE,UAAU,EAAE,4KAA4K;QACxL,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,+GAA+G;KACzH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,uBAAuB;QAC5C,IAAI,EAAE,6BAA6B;QACnC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,kDAAkD;YAClD,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,wCAAwC,EAAE,CAAC;YAClF,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACpD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,8DAA8D;gBAC9D,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC3B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kCAAkC,EAAE,CAAC;gBAC5E,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,wCAAwC,EAAE,CAAC;YACnF,CAAC;YACD,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC1C,MAAM,OAAO,GAAG,IAAI,IAAI,CAAC,UAAU,CAAC,CAAC;YACrC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC,EAAE,CAAC;gBAC7B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,0BAA0B,UAAU,EAAE,EAAE,CAAC;YACjF,CAAC;YACD,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;YACvB,MAAM,MAAM,GAAG,OAAO,GAAG,GAAG,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,2BAA2B,UAAU,EAAE;oBACzC,CAAC,CAAC,0BAA0B,UAAU,EAAE;aAC3C,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,oFAAoF;QAChG,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,4IAA4I;KACtJ;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,eAAe;QACpC,IAAI,EAAE,gBAAgB;QACtB,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,yDAAyD;YACzD,MAAM,YAAY,GAAG,yBAAyB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAC5D,OAAO;gBACL,MAAM,EAAE,CAAC,YAAY;gBACrB,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,sCAAsC,CAAC,CAAC,CAAC,mBAAmB;aAC1F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kCAAkC;QACjD,UAAU,EAAE,mFAAmF;QAC/F,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,mIAAmI;KAC7I;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,qBAAqB;QAC1C,IAAI,EAAE,wBAAwB;QAC9B,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,eAAe,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBACjC,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,uBAAuB,EAAE,CAAC;YAClE,CAAC;YACD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;YACzD,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8BAA8B,EAAE,CAAC;YACzE,CAAC;YACD,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC;YAChC,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YACxE,MAAM,QAAQ,GAAG,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC;YAC1E,OAAO;gBACL,MAAM,EAAE,QAAQ,IAAI,CAAC,QAAQ;gBAC7B,YAAY,EAAE,WAAW,OAAO,EAAE;aACnC,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,2CAA2C;QAC1D,UAAU,EAAE,qDAAqD;QACjE,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,mHAAmH;KAC7H;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,oBAAoB;QACzC,IAAI,EAAE,2BAA2B;QACjC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,SAAS,GAAG,kBAAkB,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YAClD,OAAO;gBACL,MAAM,EAAE,CAAC,SAAS;gBAClB,YAAY,EAAE,SAAS,CAAC,CAAC,CAAC,sCAAsC,CAAC,CAAC,CAAC,wBAAwB;aAC5F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,0CAA0C;QACzD,UAAU,EAAE,kGAAkG;QAC9G,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,kGAAkG;KAC5G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,qBAAqB;QAC1C,IAAI,EAAE,sCAAsC;QAC5C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,iDAAiD;YACjD,8CAA8C;YAC9C,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,6CAA6C,CAAC,IAAI,EAAE,CAAC;YACvF,IAAI,YAAY,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;gBAC9B,sCAAsC;gBACtC,IAAI,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;oBAC3B,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,8CAA8C,EAAE,CAAC;gBACzF,CAAC;gBACD,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,mCAAmC,EAAE,CAAC;YAC9E,CAAC;YACD,MAAM,QAAQ,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;gBAC5C,MAAM,KAAK,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC;gBAC1C,OAAO,KAAK,KAAK,KAAK,IAAI,KAAK,KAAK,KAAK,CAAC;YAC5C,CAAC,CAAC,CAAC;YACH,OAAO;gBACL,MAAM,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;gBAC7B,YAAY,EAAE,QAAQ,CAAC,MAAM,KAAK,CAAC;oBACjC,CAAC,CAAC,gDAAgD;oBAClD,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,0CAA0C;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,gDAAgD;QAC/D,UAAU,EAAE,mCAAmC;QAC/C,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,sFAAsF;KAChG;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,8BAA8B;QACnD,IAAI,EAAE,mCAAmC;QACzC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,2EAA2E;YAC3E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,IAAI,SAAS,GAAkB,IAAI,CAAC;YACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC5B,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBAClC,yDAAyD;oBACzD,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,GAAG,GAAG,EAAE,CAAC;wBAC1B,SAAS,GAAG,GAAG,CAAC;wBAChB,MAAM;oBACR,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oCAAoC,EAAE,CAAC;YAC/E,CAAC;YACD,MAAM,MAAM,GAAG,SAAS,GAAG,CAAC,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,GAAG,SAAS,sCAAsC;oBACpD,CAAC,CAAC,GAAG,SAAS,8CAA8C;aAC/D,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EAAE,qFAAqF;QACjG,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,gGAAgG;KAC1G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,mBAAmB;QACxC,IAAI,EAAE,8BAA8B;QACpC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,iCAAiC,CAAC,CAAC;YACtE,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,2CAA2C,EAAE,CAAC;YACtF,CAAC;YACD,MAAM,KAAK,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;YAC/B,MAAM,MAAM,GAAG,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,SAAS,CAAC;YAC1D,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,iBAAiB,KAAK,EAAE,CAAC,CAAC,CAAC,iBAAiB,KAAK,kBAAkB;aAC3F,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,kCAAkC;QACjD,UAAU,EAAE,2EAA2E;QACvF,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,oGAAoG;KAC9G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,oBAAoB;QACzC,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,MAAM,OAAO,GAAG,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;YACvE,OAAO;gBACL,MAAM,EAAE,IAAI;gBACZ,YAAY,EAAE,OAAO,CAAC,CAAC,CAAC,+BAA+B,CAAC,CAAC,CAAC,uCAAuC;aAClG,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,uCAAuC;QACtD,UAAU,EAAE,0DAA0D;QACtE,aAAa,EAAE,SAAS;QACxB,OAAO,EAAE,mGAAmG;KAC7G;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,qBAAqB;QAC1C,IAAI,EAAE,iCAAiC;QACvC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,cAAc,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAChC,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;YAC5F,CAAC;YACD,MAAM,SAAS,GAAG,MAAM,CAAC,KAAK,CAAC,mCAAmC,CAAC,CAAC;YACpE,IAAI,CAAC,SAAS,EAAE,CAAC;gBACf,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,sDAAsD,EAAE,CAAC;YAChG,CAAC;YACD,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxC,MAAM,MAAM,GAAG,IAAI,IAAI,IAAI,CAAC;YAC5B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,kBAAkB,IAAI,oBAAoB,CAAC,CAAC,CAAC,kBAAkB,IAAI,mBAAmB;aAC9G,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,qDAAqD;QACpE,UAAU,EAAE,iDAAiD;QAC7D,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,0GAA0G;KACpH;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,6BAA6B;QAClD,IAAI,EAAE,oCAAoC;QAC1C,QAAQ,EAAE,UAAU;QACpB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,0EAA0E;YAC1E,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,8EAA8E;YAC9E,MAAM,QAAQ,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE;gBAClC,MAAM,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBACzB,OAAO,CAAC,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,IAAI,OAAO,CAAC,UAAU,CAAC,WAAW,CAAC,CAAC,IAAI,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC1G,CAAC,CAAC,CAAC;YACH,MAAM,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,KAAK,MAAM,CAAC,CAAC;YACtD,MAAM,MAAM,GAAG,MAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC;YAC/C,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM;oBAClB,CAAC,CAAC,8BAA8B;oBAChC,CAAC,CAAC,GAAG,QAAQ,CAAC,MAAM,2CAA2C;aAClE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,wDAAwD;QACvE,UAAU,EAAE,0EAA0E;QACtF,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,gHAAgH;KAC1H;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,iBAAiB;QACtC,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,MAAM;QAChB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,mEAAmE;YACnE,+EAA+E;YAC/E,8DAA8D;YAC9D,MAAM,KAAK,GAAG,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;YACjC,IAAI,SAAS,GAAkB,IAAI,CAAC;YACpC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC5B,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;oBAC1B,MAAM,GAAG,GAAG,QAAQ,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;oBAClC,uDAAuD;oBACvD,IAAI,GAAG,IAAI,CAAC,IAAI,GAAG,GAAG,IAAI,EAAE,CAAC;wBAC3B,SAAS,GAAG,GAAG,CAAC;wBAChB,sEAAsE;oBACxE,CAAC;gBACH,CAAC;YACH,CAAC;YACD,IAAI,SAAS,KAAK,IAAI,EAAE,CAAC;gBACvB,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,YAAY,EAAE,oCAAoC,EAAE,CAAC;YAC/E,CAAC;YACD,MAAM,MAAM,GAAG,SAAS,GAAG,CAAC,CAAC;YAC7B,OAAO;gBACL,MAAM;gBACN,YAAY,EAAE,MAAM,CAAC,CAAC,CAAC,GAAG,SAAS,8BAA8B,CAAC,CAAC,CAAC,6CAA6C;aAClH,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,iDAAiD;QAChE,UAAU,EAAE,uDAAuD;QACnE,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,2IAA2I;KACrJ;IACD;QACE,EAAE,EAAE,SAAS,CAAC,MAAM,CAAC,uBAAuB;QAC5C,IAAI,EAAE,gCAAgC;QACtC,QAAQ,EAAE,SAAS;QACnB,KAAK,EAAE,CAAC,MAAM,EAAE,EAAE;YAChB,IAAI,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC;gBAC5B,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,sCAAsC,EAAE,CAAC;YAChF,CAAC;YACD,8CAA8C;YAC9C,MAAM,aAAa,GAAG,MAAM,CAAC,KAAK,CAAC,0BAA0B,CAAC,CAAC;YAC/D,IAAI,CAAC,aAAa,EAAE,CAAC;gBACnB,OAAO,EAAE,MAAM,EAAE,IAAI,EAAE,YAAY,EAAE,kDAAkD,EAAE,CAAC;YAC5F,CAAC;YACD,MAAM,SAAS,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACjD,MAAM,SAAS,GAAG,yBAAyB,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;YAC5D,OAAO;gBACL,MAAM,EAAE,CAAC,SAAS;gBAClB,YAAY,EAAE,SAAS;oBACrB,CAAC,CAAC,gDAAgD,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE;oBAC3E,CAAC,CAAC,mCAAmC,aAAa,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,EAAE;aACjE,CAAC;QACJ,CAAC;QACD,aAAa,EAAE,6CAA6C;QAC5D,UAAU,EAAE,8CAA8C;QAC1D,aAAa,EAAE,MAAM;QACrB,OAAO,EAAE,0GAA0G;KACpH;CACF,CAAC;AAEF,MAAM,CAAC,MAAM,iBAAiB,GAAgB,CAC5C,aAAqB,EACrB,SAAiB,EACH,EAAE;IAChB,MAAM,IAAI,GACR,CAAC,aAAa;QACd,aAAa,CAAC,IAAI,EAAE,KAAK,KAAK;QAC9B,aAAa,CAAC,IAAI,EAAE,KAAK,EAAE,CAAC;IAC9B,MAAM,MAAM,GAAG,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC;IAEzC,OAAO,aAAa,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,EAAE;QAC/B,IAAI,IAAI,EAAE,CAAC;YACT,OAAO;gBACL,EAAE,EAAE,GAAG,CAAC,EAAE;gBACV,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,MAAM,EAAE,KAAK;gBACb,YAAY,EAAE,qBAAqB;gBACnC,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,UAAU,EAAE,GAAG,CAAC,UAAU;gBAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,OAAO,EAAE,GAAG,CAAC,OAAO;aACrB,CAAC;QACJ,CAAC;QACD,MAAM,EAAE,MAAM,EAAE,YAAY,EAAE,GAAG,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;QACnD,OAAO;YACL,EAAE,EAAE,GAAG,CAAC,EAAE;YACV,QAAQ,EAAE,QAAQ;YAClB,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,QAAQ,EAAE,GAAG,CAAC,QAAQ;YACtB,MAAM;YACN,YAAY;YACZ,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,UAAU,EAAE,GAAG,CAAC,UAAU;YAC1B,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,OAAO,EAAE,GAAG,CAAC,OAAO;SACrB,CAAC;IACJ,CAAC,CAAC,CAAC;AACL,CAAC,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"ddos.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/ddos.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAc,WAAW,EAAE,MAAM,aAAa,CAAC;
|
|
1
|
+
{"version":3,"file":"ddos.d.ts","sourceRoot":"","sources":["../../../../src/core/audit/checks/ddos.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAEH,OAAO,KAAK,EAAc,WAAW,EAAE,MAAM,aAAa,CAAC;AAM3D,eAAO,MAAM,eAAe,EAAE,WA0L7B,CAAC"}
|