kuzushi 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/LICENSE +21 -0
- package/README.md +410 -0
- package/dist/agent-runtime/claude.d.ts +8 -0
- package/dist/agent-runtime/claude.js +124 -0
- package/dist/agent-runtime/claude.js.map +1 -0
- package/dist/agent-runtime/index.d.ts +9 -0
- package/dist/agent-runtime/index.js +31 -0
- package/dist/agent-runtime/index.js.map +1 -0
- package/dist/agent-runtime/model-spec.d.ts +8 -0
- package/dist/agent-runtime/model-spec.js +17 -0
- package/dist/agent-runtime/model-spec.js.map +1 -0
- package/dist/agent-runtime/pi-ai.d.ts +8 -0
- package/dist/agent-runtime/pi-ai.js +365 -0
- package/dist/agent-runtime/pi-ai.js.map +1 -0
- package/dist/agent-runtime/tools.d.ts +3 -0
- package/dist/agent-runtime/tools.js +330 -0
- package/dist/agent-runtime/tools.js.map +1 -0
- package/dist/agent-runtime/types.d.ts +72 -0
- package/dist/agent-runtime/types.js +2 -0
- package/dist/agent-runtime/types.js.map +1 -0
- package/dist/agents/index.d.ts +7 -0
- package/dist/agents/index.js +24 -0
- package/dist/agents/index.js.map +1 -0
- package/dist/agents/registry.d.ts +14 -0
- package/dist/agents/registry.js +97 -0
- package/dist/agents/registry.js.map +1 -0
- package/dist/agents/scanner-adapter.d.ts +5 -0
- package/dist/agents/scanner-adapter.js +18 -0
- package/dist/agents/scanner-adapter.js.map +1 -0
- package/dist/agents/tasks/augur-analyze.d.ts +22 -0
- package/dist/agents/tasks/augur-analyze.js +418 -0
- package/dist/agents/tasks/augur-analyze.js.map +1 -0
- package/dist/agents/tasks/augur-extraction-agent.d.ts +44 -0
- package/dist/agents/tasks/augur-extraction-agent.js +507 -0
- package/dist/agents/tasks/augur-extraction-agent.js.map +1 -0
- package/dist/agents/tasks/augur-label.d.ts +21 -0
- package/dist/agents/tasks/augur-label.js +627 -0
- package/dist/agents/tasks/augur-label.js.map +1 -0
- package/dist/agents/tasks/augur-preflight.d.ts +36 -0
- package/dist/agents/tasks/augur-preflight.js +471 -0
- package/dist/agents/tasks/augur-preflight.js.map +1 -0
- package/dist/agents/tasks/augur-types.d.ts +111 -0
- package/dist/agents/tasks/augur-types.js +169 -0
- package/dist/agents/tasks/augur-types.js.map +1 -0
- package/dist/agents/tasks/context-gatherer.d.ts +6 -0
- package/dist/agents/tasks/context-gatherer.js +320 -0
- package/dist/agents/tasks/context-gatherer.js.map +1 -0
- package/dist/agents/types.d.ts +28 -0
- package/dist/agents/types.js +2 -0
- package/dist/agents/types.js.map +1 -0
- package/dist/bus/adapters/google-pubsub.d.ts +13 -0
- package/dist/bus/adapters/google-pubsub.js +26 -0
- package/dist/bus/adapters/google-pubsub.js.map +1 -0
- package/dist/bus/adapters/in-process.d.ts +12 -0
- package/dist/bus/adapters/in-process.js +118 -0
- package/dist/bus/adapters/in-process.js.map +1 -0
- package/dist/bus/adapters/index.d.ts +6 -0
- package/dist/bus/adapters/index.js +22 -0
- package/dist/bus/adapters/index.js.map +1 -0
- package/dist/bus/adapters/nats.d.ts +13 -0
- package/dist/bus/adapters/nats.js +26 -0
- package/dist/bus/adapters/nats.js.map +1 -0
- package/dist/bus/adapters/redis.d.ts +13 -0
- package/dist/bus/adapters/redis.js +26 -0
- package/dist/bus/adapters/redis.js.map +1 -0
- package/dist/bus/events.d.ts +295 -0
- package/dist/bus/events.js +2 -0
- package/dist/bus/events.js.map +1 -0
- package/dist/bus/helpers.d.ts +7 -0
- package/dist/bus/helpers.js +16 -0
- package/dist/bus/helpers.js.map +1 -0
- package/dist/bus/index.d.ts +30 -0
- package/dist/bus/index.js +66 -0
- package/dist/bus/index.js.map +1 -0
- package/dist/bus/orchestrator.d.ts +51 -0
- package/dist/bus/orchestrator.js +1350 -0
- package/dist/bus/orchestrator.js.map +1 -0
- package/dist/bus/types.d.ts +23 -0
- package/dist/bus/types.js +2 -0
- package/dist/bus/types.js.map +1 -0
- package/dist/bus/workers/audit-worker.d.ts +9 -0
- package/dist/bus/workers/audit-worker.js +125 -0
- package/dist/bus/workers/audit-worker.js.map +1 -0
- package/dist/bus/workers/poc-harness-worker.d.ts +9 -0
- package/dist/bus/workers/poc-harness-worker.js +96 -0
- package/dist/bus/workers/poc-harness-worker.js.map +1 -0
- package/dist/bus/workers/report-worker.d.ts +11 -0
- package/dist/bus/workers/report-worker.js +235 -0
- package/dist/bus/workers/report-worker.js.map +1 -0
- package/dist/bus/workers/scan-worker.d.ts +13 -0
- package/dist/bus/workers/scan-worker.js +223 -0
- package/dist/bus/workers/scan-worker.js.map +1 -0
- package/dist/bus/workers/store-worker.d.ts +10 -0
- package/dist/bus/workers/store-worker.js +62 -0
- package/dist/bus/workers/store-worker.js.map +1 -0
- package/dist/bus/workers/triage-worker.d.ts +13 -0
- package/dist/bus/workers/triage-worker.js +129 -0
- package/dist/bus/workers/triage-worker.js.map +1 -0
- package/dist/bus/workers/verification-worker.d.ts +9 -0
- package/dist/bus/workers/verification-worker.js +91 -0
- package/dist/bus/workers/verification-worker.js.map +1 -0
- package/dist/cli.d.ts +2 -0
- package/dist/cli.js +513 -0
- package/dist/cli.js.map +1 -0
- package/dist/config.d.ts +17 -0
- package/dist/config.js +866 -0
- package/dist/config.js.map +1 -0
- package/dist/context.d.ts +5 -0
- package/dist/context.js +26 -0
- package/dist/context.js.map +1 -0
- package/dist/deps.d.ts +15 -0
- package/dist/deps.js +18 -0
- package/dist/deps.js.map +1 -0
- package/dist/llm/anthropic.d.ts +3 -0
- package/dist/llm/anthropic.js +21 -0
- package/dist/llm/anthropic.js.map +1 -0
- package/dist/poc-harness.d.ts +49 -0
- package/dist/poc-harness.js +420 -0
- package/dist/poc-harness.js.map +1 -0
- package/dist/report-markdown.d.ts +3 -0
- package/dist/report-markdown.js +197 -0
- package/dist/report-markdown.js.map +1 -0
- package/dist/report-sarif.d.ts +3 -0
- package/dist/report-sarif.js +253 -0
- package/dist/report-sarif.js.map +1 -0
- package/dist/report.d.ts +18 -0
- package/dist/report.js +146 -0
- package/dist/report.js.map +1 -0
- package/dist/retry.d.ts +6 -0
- package/dist/retry.js +25 -0
- package/dist/retry.js.map +1 -0
- package/dist/scanner/claude-adk.d.ts +26 -0
- package/dist/scanner/claude-adk.js +265 -0
- package/dist/scanner/claude-adk.js.map +1 -0
- package/dist/scanner/resolve.d.ts +10 -0
- package/dist/scanner/resolve.js +99 -0
- package/dist/scanner/resolve.js.map +1 -0
- package/dist/scanner.d.ts +47 -0
- package/dist/scanner.js +123 -0
- package/dist/scanner.js.map +1 -0
- package/dist/scanners/agentic.d.ts +11 -0
- package/dist/scanners/agentic.js +71 -0
- package/dist/scanners/agentic.js.map +1 -0
- package/dist/scanners/claude-adk.d.ts +11 -0
- package/dist/scanners/claude-adk.js +74 -0
- package/dist/scanners/claude-adk.js.map +1 -0
- package/dist/scanners/codeql.d.ts +15 -0
- package/dist/scanners/codeql.js +97 -0
- package/dist/scanners/codeql.js.map +1 -0
- package/dist/scanners/finding-selection.d.ts +7 -0
- package/dist/scanners/finding-selection.js +120 -0
- package/dist/scanners/finding-selection.js.map +1 -0
- package/dist/scanners/index.d.ts +4 -0
- package/dist/scanners/index.js +14 -0
- package/dist/scanners/index.js.map +1 -0
- package/dist/scanners/registry.d.ts +12 -0
- package/dist/scanners/registry.js +70 -0
- package/dist/scanners/registry.js.map +1 -0
- package/dist/scanners/resolve-codeql.d.ts +9 -0
- package/dist/scanners/resolve-codeql.js +38 -0
- package/dist/scanners/resolve-codeql.js.map +1 -0
- package/dist/scanners/resolve-semgrep.d.ts +10 -0
- package/dist/scanners/resolve-semgrep.js +96 -0
- package/dist/scanners/resolve-semgrep.js.map +1 -0
- package/dist/scanners/run-agentic.d.ts +33 -0
- package/dist/scanners/run-agentic.js +267 -0
- package/dist/scanners/run-agentic.js.map +1 -0
- package/dist/scanners/run-claude-adk.d.ts +33 -0
- package/dist/scanners/run-claude-adk.js +267 -0
- package/dist/scanners/run-claude-adk.js.map +1 -0
- package/dist/scanners/run-codeql.d.ts +100 -0
- package/dist/scanners/run-codeql.js +538 -0
- package/dist/scanners/run-codeql.js.map +1 -0
- package/dist/scanners/run-semgrep.d.ts +41 -0
- package/dist/scanners/run-semgrep.js +115 -0
- package/dist/scanners/run-semgrep.js.map +1 -0
- package/dist/scanners/scoring.d.ts +7 -0
- package/dist/scanners/scoring.js +14 -0
- package/dist/scanners/scoring.js.map +1 -0
- package/dist/scanners/semgrep.d.ts +11 -0
- package/dist/scanners/semgrep.js +64 -0
- package/dist/scanners/semgrep.js.map +1 -0
- package/dist/scanners/types.d.ts +36 -0
- package/dist/scanners/types.js +2 -0
- package/dist/scanners/types.js.map +1 -0
- package/dist/scanners.d.ts +25 -0
- package/dist/scanners.js +88 -0
- package/dist/scanners.js.map +1 -0
- package/dist/store.d.ts +106 -0
- package/dist/store.js +609 -0
- package/dist/store.js.map +1 -0
- package/dist/triage.d.ts +74 -0
- package/dist/triage.js +314 -0
- package/dist/triage.js.map +1 -0
- package/dist/types.d.ts +166 -0
- package/dist/types.js +2 -0
- package/dist/types.js.map +1 -0
- package/dist/utils.d.ts +6 -0
- package/dist/utils.js +19 -0
- package/dist/utils.js.map +1 -0
- package/dist/verify.d.ts +56 -0
- package/dist/verify.js +298 -0
- package/dist/verify.js.map +1 -0
- package/package.json +55 -0
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"report-worker.js","sourceRoot":"","sources":["../../../src/bus/workers/report-worker.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EACL,eAAe,EACf,cAAc,EACd,YAAY,EACZ,mBAAmB,GACpB,MAAM,iBAAiB,CAAC;AACzB,OAAO,EAAE,sBAAsB,EAAE,MAAM,0BAA0B,CAAC;AAClE,OAAO,EAAE,mBAAmB,EAAE,MAAM,uBAAuB,CAAC;AAkB5D,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAe5C;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAAe,EAAE,IAAsB;IAC1E,MAAM,QAAQ,GAAG,IAAI,GAAG,EAA0B,CAAC;IAEnD,GAAG,CAAC,SAAS,CAAqB,gBAAgB,EAAE,CAAC,KAAK,EAAE,EAAE;QAC5D,MAAM,KAAK,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9D,KAAK,CAAC,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,IAAI,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC;YAC5F,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,QAAQ,CAAC;YACtC,CAAC,CAAC,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;IACzC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAiB,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE;QACpD,MAAM,KAAK,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9D,KAAK,CAAC,QAAQ,GAAG,CAAC,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAiB,YAAY,EAAE,CAAC,KAAK,EAAE,EAAE;QACpD,IAAI,KAAK,CAAC,OAAO,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;YAC5C,OAAO;QACT,CAAC;QAED,MAAM,KAAK,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9D,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC;QAC/C,QAAQ,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;QACnC,KAAK,CAAC,QAAQ,GAAG,CAAC,GAAG,QAAQ,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAoB,eAAe,EAAE,CAAC,KAAK,EAAE,EAAE;QAC1D,MAAM,KAAK,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9D,KAAK,CAAC,aAAa,GAAG,KAAK,CAAC,OAAO,CAAC,aAAa,CAAC;QAClD,qBAAqB,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAmB,cAAc,EAAE,CAAC,KAAK,EAAE,EAAE;QACxD,MAAM,KAAK,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9D,KAAK,CAAC,iBAAiB,GAAG,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC;QAErD,qBAAqB,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAE7D,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,cAAc,KAAK,CAAC,OAAO,CAAC,YAAY,iBAAiB,KAAK,CAAC,OAAO,CAAC,KAAK,OAAO,CAAC,CAAC;QACnG,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAoB,eAAe,EAAE,CAAC,KAAK,EAAE,EAAE;QAC1D,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QACzD,mBAAmB,CAAC,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAyB,oBAAoB,EAAE,CAAC,KAAK,EAAE,EAAE;QACpE,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,eAAe,KAAK,CAAC,OAAO,CAAC,YAAY,iBAAiB,KAAK,CAAC,OAAO,CAAC,KAAK,OAAO,CAAC,CAAC;QACpG,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAA0B,qBAAqB,EAAE,CAAC,KAAK,EAAE,EAAE;QACtE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QACzD,MAAM,MAAM,GAAG,MAAM,CAAC,WAAW,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,iBAAiB,CAAC;QACtE,MAAM,IAAI,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,GAAG,CAAC;YAC3D,CAAC,CAAC,KAAK,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YACxC,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,WAAW,GAAG,QAAQ,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5E,OAAO,CAAC,GAAG,CAAC,MAAM,KAAK,IAAI,KAAK,KAAK,MAAM,GAAG,IAAI,GAAG,WAAW,IAAI,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,CAAC;IAC5G,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAuB,mBAAmB,EAAE,CAAC,KAAK,EAAE,EAAE;QACjE,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,GAAG,CAAC,EAAE,CAAC;YACnC,OAAO,CAAC,GAAG,CAAC,gBAAgB,KAAK,CAAC,OAAO,CAAC,YAAY,sBAAsB,KAAK,CAAC,OAAO,CAAC,KAAK,OAAO,CAAC,CAAC;QAC1G,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAwB,oBAAoB,EAAE,CAAC,KAAK,EAAE,EAAE;QACnE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QACzD,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,WAAW,CAAC;QACxD,MAAM,MAAM,GAAG,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;QAClF,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,OAAO,GAAG,CAAC;YAC/C,CAAC,CAAC,KAAK,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE;YAClC,CAAC,CAAC,EAAE,CAAC;QACP,MAAM,WAAW,GAAG,QAAQ,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,YAAY,QAAQ,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;QAC5E,OAAO,CAAC,GAAG,CACT,MAAM,KAAK,IAAI,KAAK,KAAK,MAAM,GAAG,MAAM,GAAG,IAAI,GAAG,WAAW,IAAI,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CACtG,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAA2B,uBAAuB,EAAE,CAAC,KAAK,EAAE,EAAE;QACzE,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC;QAEnE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACxC,MAAM,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACnF,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,OAAO,MAAM,EAAE,CAAC,CAAC;YACtC,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,IAAI,MAAM,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,QAAQ,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC3C,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,MAAM,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,MAAM,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAiC,6BAA6B,EAAE,CAAC,KAAK,EAAE,EAAE;QACrF,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC;QAEnE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACxC,MAAM,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACnF,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,OAAO,MAAM,EAAE,CAAC,CAAC;YACtC,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,IAAI,MAAM,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,QAAQ,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC3C,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,MAAM,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,MAAM,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAA+B,4BAA4B,EAAE,CAAC,KAAK,EAAE,EAAE;QAClF,MAAM,MAAM,GAAG,MAAM,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,KAAK,GAAG,CAAC;QAEnE,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,YAAY,EAAE,CAAC;YACxC,MAAM,MAAM,GAAG,kBAAkB,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC;YACnF,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,OAAO,MAAM,EAAE,CAAC,CAAC;YACtC,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,IAAI,CAAC,CAAC;YAClD,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,CAAC,QAAQ,IAAI,MAAM,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,QAAQ,QAAQ,KAAK,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAClE,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,KAAK,eAAe,EAAE,CAAC;YAC3C,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;gBAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,MAAM,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;YACrE,CAAC;YACD,OAAO;QACT,CAAC;QAED,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;YAC1B,OAAO,CAAC,GAAG,CAAC,GAAG,MAAM,MAAM,QAAQ,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,EAAE,GAAG,CAAC,EAAE,CAAC,CAAC;QACrE,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAuB,kBAAkB,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QACtE,MAAM,KAAK,GAAG,mBAAmB,CAAC,QAAQ,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC9D,qBAAqB,CAAC,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;QAE7D,IAAI,KAAK,CAAC,aAAa,KAAK,CAAC,EAAE,CAAC;YAC9B,OAAO,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC;QAC/D,CAAC;aAAM,IAAI,CAAC,KAAK,CAAC,iBAAiB,IAAI,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC;YAChD,OAAO,CAAC,GAAG,CAAC,gDAAgD,CAAC,CAAC;QAChE,CAAC;QAED,YAAY,CAAC,IAAI,CAAC,EAAE,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAAE;YACpD,KAAK,EAAE,KAAK,CAAC,OAAO,CAAC,KAAK;YAC1B,KAAK,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK;YACvB,QAAQ,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ;YACxC,QAAQ,EAAE,IAAI,CAAC,MAAM,CAAC,QAAQ,KAAK,IAAI;SACxC,CAAC,CAAC;QAEH,IAAI,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC;YAC7B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;YACzD,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC3B,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC5C,CAAC;YACD,MAAM,QAAQ,GAAG,sBAAsB,CACrC,IAAI,CAAC,EAAE,EACP,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAC9B,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,EACzB,KAAK,CAAC,IAAI,CAAC,KAAK,CACjB,CAAC;YACF,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;YAC3D,OAAO,CAAC,GAAG,CAAC,uBAAuB,IAAI,CAAC,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;QACjE,CAAC;QAED,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC;YAC5B,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;YACxD,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;gBAC3B,SAAS,CAAC,SAAS,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC5C,CAAC;YACD,MAAM,KAAK,GAAG,mBAAmB,CAC/B,IAAI,CAAC,EAAE,EACP,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,EAC9B,KAAK,CAAC,OAAO,CAAC,KAAK,IAAI,EAAE,EACzB,KAAK,CAAC,IAAI,CAAC,KAAK,CACjB,CAAC;YACF,aAAa,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;YACvD,OAAO,CAAC,GAAG,CAAC,6BAA6B,IAAI,CAAC,MAAM,CAAC,WAAW,EAAE,CAAC,CAAC;QACtE,CAAC;QAED,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,iBAAiB,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;YAC/C,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,OAAO;SAC/B,CAAC,CACH,CAAC;QAEF,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,mBAAmB,CAC1B,GAAgC,EAChC,KAAa;IAEb,MAAM,QAAQ,GAAG,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAChC,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,QAAQ,CAAC;IAClB,CAAC;IAED,MAAM,OAAO,GAAmB,EAAE,YAAY,EAAE,KAAK,EAAE,CAAC;IACxD,GAAG,CAAC,GAAG,CAAC,KAAK,EAAE,OAAO,CAAC,CAAC;IACxB,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAqB,EAAE,QAAgB;IACpE,IAAI,KAAK,CAAC,YAAY,EAAE,CAAC;QACvB,OAAO;IACT,CAAC;IAED,IAAI,KAAK,CAAC,aAAa,IAAI,IAAI,IAAI,KAAK,CAAC,iBAAiB,IAAI,IAAI,IAAI,CAAC,KAAK,CAAC,QAAQ,EAAE,CAAC;QACtF,OAAO;IACT,CAAC;IAED,cAAc,CAAC,QAAQ,EAAE,KAAK,CAAC,iBAAiB,EAAE,KAAK,CAAC,aAAa,EAAE,KAAK,CAAC,QAAQ,CAAC,CAAC;IAEvF,IAAI,KAAK,CAAC,iBAAiB,GAAG,KAAK,CAAC,aAAa,EAAE,CAAC;QAClD,eAAe,CAAC,KAAK,CAAC,aAAa,GAAG,KAAK,CAAC,iBAAiB,EAAE,KAAK,CAAC,iBAAiB,CAAC,CAAC;IAC1F,CAAC;IAED,KAAK,CAAC,YAAY,GAAG,IAAI,CAAC;AAC5B,CAAC;AAED,SAAS,kBAAkB,CACzB,QAA4B,EAC5B,SAA8C;IAE9C,MAAM,IAAI,GAAG,QAAQ,IAAI,MAAM,CAAC;IAEhC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,QAAQ,GAAG,QAAQ,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC,IAAI,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACjF,MAAM,OAAO,GAAG,QAAQ,CAAC,SAAS,CAAC,SAAS,CAAC,CAAC,CAAC;IAC/C,MAAM,IAAI,GAAG,QAAQ,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IAEzC,IAAI,IAAI,KAAK,MAAM,IAAI,QAAQ,EAAE,CAAC;QAChC,OAAO,WAAW,QAAQ,EAAE,CAAC;IAC/B,CAAC;IAED,IAAI,IAAI,KAAK,MAAM,IAAI,OAAO,EAAE,CAAC;QAC/B,OAAO,aAAa,OAAO,GAAG,CAAC;IACjC,CAAC;IAED,IAAI,IAAI,KAAK,MAAM,IAAI,IAAI,EAAE,CAAC;QAC5B,OAAO,aAAa,IAAI,GAAG,CAAC;IAC9B,CAAC;IAED,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,GAAG,IAAI,IAAI,QAAQ,EAAE,CAAC;IAC/B,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,QAAQ,CAAC,IAAY,EAAE,GAAW;IACzC,OAAO,IAAI,CAAC,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,GAAG,CAAC,CAAC,KAAK,CAAC;AACpE,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AAClD,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { TaskRegistry } from "../../agents/registry.js";
|
|
2
|
+
import type { ScannerRegistry } from "../../scanners/registry.js";
|
|
3
|
+
import type { KuzushiConfig } from "../../types.js";
|
|
4
|
+
import type { MessageBus } from "../types.js";
|
|
5
|
+
export interface ScanWorkerDeps {
|
|
6
|
+
registry: ScannerRegistry;
|
|
7
|
+
taskRegistry?: TaskRegistry;
|
|
8
|
+
config: KuzushiConfig;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Scan worker: executes scanner plugins (legacy scan:start) and generic tasks (task:start).
|
|
12
|
+
*/
|
|
13
|
+
export declare function registerScanWorker(bus: MessageBus, deps: ScanWorkerDeps): void;
|
|
@@ -0,0 +1,223 @@
|
|
|
1
|
+
import { isRecord, toErrorMessage } from "../../utils.js";
|
|
2
|
+
import { createEvent } from "../helpers.js";
|
|
3
|
+
/**
|
|
4
|
+
* Scan worker: executes scanner plugins (legacy scan:start) and generic tasks (task:start).
|
|
5
|
+
*/
|
|
6
|
+
export function registerScanWorker(bus, deps) {
|
|
7
|
+
bus.subscribe("scan:start", async (event) => {
|
|
8
|
+
const { context, scanners, scanOpts } = event.payload;
|
|
9
|
+
const runId = event.meta.runId;
|
|
10
|
+
try {
|
|
11
|
+
const mode = deps.config.scanMode;
|
|
12
|
+
const counts = [];
|
|
13
|
+
if (mode === "concurrent") {
|
|
14
|
+
const results = await Promise.all(scanners.map((scannerId) => runSingleScanner(bus, deps, runId, context, scanOpts, scannerId)));
|
|
15
|
+
counts.push(...results);
|
|
16
|
+
}
|
|
17
|
+
else {
|
|
18
|
+
for (const scannerId of scanners) {
|
|
19
|
+
const count = await runSingleScanner(bus, deps, runId, context, scanOpts, scannerId);
|
|
20
|
+
counts.push(count);
|
|
21
|
+
}
|
|
22
|
+
}
|
|
23
|
+
const totalFindings = counts.reduce((sum, count) => sum + count, 0);
|
|
24
|
+
await bus.publish(createEvent("scan:complete", runId, {
|
|
25
|
+
context,
|
|
26
|
+
totalFindings,
|
|
27
|
+
}));
|
|
28
|
+
}
|
|
29
|
+
catch (error) {
|
|
30
|
+
await bus.publish(createEvent("pipeline:error", runId, {
|
|
31
|
+
context,
|
|
32
|
+
error: toErrorMessage(error),
|
|
33
|
+
fatal: true,
|
|
34
|
+
}));
|
|
35
|
+
}
|
|
36
|
+
});
|
|
37
|
+
bus.subscribe("task:start", async (event) => {
|
|
38
|
+
if (!deps.taskRegistry) {
|
|
39
|
+
return;
|
|
40
|
+
}
|
|
41
|
+
const { context, taskId, input, upstreamOutputs } = event.payload;
|
|
42
|
+
const runId = event.meta.runId;
|
|
43
|
+
if (!deps.taskRegistry.has(taskId)) {
|
|
44
|
+
return;
|
|
45
|
+
}
|
|
46
|
+
const task = deps.taskRegistry.get(taskId);
|
|
47
|
+
const startedAt = Date.now();
|
|
48
|
+
try {
|
|
49
|
+
const taskConfig = resolveTaskConfig(deps.config, taskId);
|
|
50
|
+
if (task.init) {
|
|
51
|
+
await task.init(taskConfig);
|
|
52
|
+
}
|
|
53
|
+
const taskContext = {
|
|
54
|
+
runId,
|
|
55
|
+
repoRoot: context.repoRoot,
|
|
56
|
+
repoName: context.repoName,
|
|
57
|
+
config: deps.config,
|
|
58
|
+
bus,
|
|
59
|
+
upstreamOutputs,
|
|
60
|
+
};
|
|
61
|
+
const output = await task.run(input, taskContext);
|
|
62
|
+
if (task.outputKind === "findings") {
|
|
63
|
+
const findings = asFindings(output);
|
|
64
|
+
for (const finding of findings) {
|
|
65
|
+
await bus.publish(createEvent("task:progress", runId, {
|
|
66
|
+
context,
|
|
67
|
+
taskId,
|
|
68
|
+
outputKind: task.outputKind,
|
|
69
|
+
progress: finding,
|
|
70
|
+
}));
|
|
71
|
+
await bus.publish(createEvent("scan:finding", runId, {
|
|
72
|
+
context,
|
|
73
|
+
finding,
|
|
74
|
+
scannerId: taskId,
|
|
75
|
+
}));
|
|
76
|
+
}
|
|
77
|
+
await bus.publish(createEvent("scan:scanner-complete", runId, {
|
|
78
|
+
context,
|
|
79
|
+
scannerId: taskId,
|
|
80
|
+
findingCount: findings.length,
|
|
81
|
+
durationMs: Date.now() - startedAt,
|
|
82
|
+
}));
|
|
83
|
+
}
|
|
84
|
+
await bus.publish(createEvent("task:complete", runId, {
|
|
85
|
+
context,
|
|
86
|
+
taskId,
|
|
87
|
+
outputKind: task.outputKind,
|
|
88
|
+
output,
|
|
89
|
+
durationMs: Date.now() - startedAt,
|
|
90
|
+
}));
|
|
91
|
+
}
|
|
92
|
+
catch (error) {
|
|
93
|
+
await bus.publish(createEvent("task:error", runId, {
|
|
94
|
+
context,
|
|
95
|
+
taskId,
|
|
96
|
+
outputKind: task.outputKind,
|
|
97
|
+
error: toErrorMessage(error),
|
|
98
|
+
}));
|
|
99
|
+
}
|
|
100
|
+
});
|
|
101
|
+
}
|
|
102
|
+
async function runSingleScanner(bus, deps, runId, context, scanOpts, scannerId) {
|
|
103
|
+
const plugin = deps.registry.get(scannerId);
|
|
104
|
+
const pluginConfig = resolveTaskConfig(deps.config, scannerId);
|
|
105
|
+
const startedAt = Date.now();
|
|
106
|
+
if (plugin.init) {
|
|
107
|
+
await plugin.init(pluginConfig);
|
|
108
|
+
}
|
|
109
|
+
const findings = await plugin.scan(context.repoRoot, scanOpts, pluginConfig);
|
|
110
|
+
for (const finding of findings) {
|
|
111
|
+
await bus.publish(createEvent("task:progress", runId, {
|
|
112
|
+
context,
|
|
113
|
+
taskId: scannerId,
|
|
114
|
+
outputKind: "findings",
|
|
115
|
+
progress: finding,
|
|
116
|
+
}));
|
|
117
|
+
await bus.publish(createEvent("scan:finding", runId, {
|
|
118
|
+
context,
|
|
119
|
+
finding,
|
|
120
|
+
scannerId,
|
|
121
|
+
}));
|
|
122
|
+
}
|
|
123
|
+
await bus.publish(createEvent("scan:scanner-complete", runId, {
|
|
124
|
+
context,
|
|
125
|
+
scannerId,
|
|
126
|
+
findingCount: findings.length,
|
|
127
|
+
durationMs: Date.now() - startedAt,
|
|
128
|
+
}));
|
|
129
|
+
await bus.publish(createEvent("task:complete", runId, {
|
|
130
|
+
context,
|
|
131
|
+
taskId: scannerId,
|
|
132
|
+
outputKind: "findings",
|
|
133
|
+
output: findings,
|
|
134
|
+
durationMs: Date.now() - startedAt,
|
|
135
|
+
}));
|
|
136
|
+
return findings.length;
|
|
137
|
+
}
|
|
138
|
+
function resolveTaskConfig(config, taskId) {
|
|
139
|
+
const raw = config.scannerConfig[taskId];
|
|
140
|
+
if (isRecord(raw)) {
|
|
141
|
+
return raw;
|
|
142
|
+
}
|
|
143
|
+
return {};
|
|
144
|
+
}
|
|
145
|
+
function asFindings(value) {
|
|
146
|
+
if (!Array.isArray(value)) {
|
|
147
|
+
return [];
|
|
148
|
+
}
|
|
149
|
+
const findings = [];
|
|
150
|
+
for (const item of value) {
|
|
151
|
+
if (!isRecord(item)) {
|
|
152
|
+
continue;
|
|
153
|
+
}
|
|
154
|
+
const finding = asFinding(item);
|
|
155
|
+
if (!finding) {
|
|
156
|
+
continue;
|
|
157
|
+
}
|
|
158
|
+
findings.push(finding);
|
|
159
|
+
}
|
|
160
|
+
return findings;
|
|
161
|
+
}
|
|
162
|
+
function asFinding(item) {
|
|
163
|
+
const fingerprint = asString(item["fingerprint"]);
|
|
164
|
+
const ruleId = asString(item["ruleId"]);
|
|
165
|
+
const filePath = asString(item["filePath"]);
|
|
166
|
+
const startLine = asNumber(item["startLine"]);
|
|
167
|
+
const severity = asString(item["severity"]);
|
|
168
|
+
const message = asString(item["message"]);
|
|
169
|
+
const evidence = asString(item["evidence"]);
|
|
170
|
+
const scannerConfidence = asString(item["scannerConfidence"]);
|
|
171
|
+
const subcategory = asStringArray(item["subcategory"]);
|
|
172
|
+
const likelihood = asString(item["likelihood"]);
|
|
173
|
+
const impact = asString(item["impact"]);
|
|
174
|
+
const cwe = asStringArray(item["cwe"]);
|
|
175
|
+
const score = asNumber(item["score"]);
|
|
176
|
+
if (!fingerprint ||
|
|
177
|
+
!ruleId ||
|
|
178
|
+
!filePath ||
|
|
179
|
+
startLine === null ||
|
|
180
|
+
!severity ||
|
|
181
|
+
!message ||
|
|
182
|
+
!scannerConfidence ||
|
|
183
|
+
!subcategory ||
|
|
184
|
+
!likelihood ||
|
|
185
|
+
!impact ||
|
|
186
|
+
!cwe ||
|
|
187
|
+
score === null) {
|
|
188
|
+
return null;
|
|
189
|
+
}
|
|
190
|
+
const scanner = asString(item["scanner"]) ?? "unknown";
|
|
191
|
+
return {
|
|
192
|
+
scanner,
|
|
193
|
+
fingerprint,
|
|
194
|
+
ruleId,
|
|
195
|
+
filePath,
|
|
196
|
+
startLine,
|
|
197
|
+
severity,
|
|
198
|
+
message,
|
|
199
|
+
evidence,
|
|
200
|
+
scannerConfidence,
|
|
201
|
+
subcategory,
|
|
202
|
+
likelihood,
|
|
203
|
+
impact,
|
|
204
|
+
cwe,
|
|
205
|
+
score,
|
|
206
|
+
};
|
|
207
|
+
}
|
|
208
|
+
function asString(value) {
|
|
209
|
+
return typeof value === "string" ? value : null;
|
|
210
|
+
}
|
|
211
|
+
function asNumber(value) {
|
|
212
|
+
return typeof value === "number" && Number.isFinite(value) ? value : null;
|
|
213
|
+
}
|
|
214
|
+
function asStringArray(value) {
|
|
215
|
+
if (!Array.isArray(value)) {
|
|
216
|
+
return null;
|
|
217
|
+
}
|
|
218
|
+
if (!value.every((item) => typeof item === "string")) {
|
|
219
|
+
return null;
|
|
220
|
+
}
|
|
221
|
+
return value;
|
|
222
|
+
}
|
|
223
|
+
//# sourceMappingURL=scan-worker.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-worker.js","sourceRoot":"","sources":["../../../src/bus/workers/scan-worker.ts"],"names":[],"mappings":"AAKA,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAS5C;;GAEG;AACH,MAAM,UAAU,kBAAkB,CAAC,GAAe,EAAE,IAAoB;IACtE,GAAG,CAAC,SAAS,CAAiB,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC1D,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,QAAQ,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QACtD,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QAE/B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC;YAClC,MAAM,MAAM,GAAa,EAAE,CAAC;YAE5B,IAAI,IAAI,KAAK,YAAY,EAAE,CAAC;gBAC1B,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,QAAQ,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,gBAAgB,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC,CAC9F,CAAC;gBACF,MAAM,CAAC,IAAI,CAAC,GAAG,OAAO,CAAC,CAAC;YAC1B,CAAC;iBAAM,CAAC;gBACN,KAAK,MAAM,SAAS,IAAI,QAAQ,EAAE,CAAC;oBACjC,MAAM,KAAK,GAAG,MAAM,gBAAgB,CAAC,GAAG,EAAE,IAAI,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC,CAAC;oBACrF,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;gBACrB,CAAC;YACH,CAAC;YAED,MAAM,aAAa,GAAG,MAAM,CAAC,MAAM,CAAC,CAAC,GAAG,EAAE,KAAK,EAAE,EAAE,CAAC,GAAG,GAAG,KAAK,EAAE,CAAC,CAAC,CAAC;YACpE,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,eAAe,EAAE,KAAK,EAAE;gBAClC,OAAO;gBACP,aAAa;aACd,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,gBAAgB,EAAE,KAAK,EAAE;gBACnC,OAAO;gBACP,KAAK,EAAE,cAAc,CAAC,KAAK,CAAC;gBAC5B,KAAK,EAAE,IAAI;aACZ,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAiB,YAAY,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC1D,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,OAAO;QACT,CAAC;QAED,MAAM,EAAE,OAAO,EAAE,MAAM,EAAE,KAAK,EAAE,eAAe,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QAClE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QAE/B,IAAI,CAAC,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;YACnC,OAAO;QACT,CAAC;QAED,MAAM,IAAI,GAAG,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC3C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;QAE7B,IAAI,CAAC;YACH,MAAM,UAAU,GAAG,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAC1D,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBACd,MAAM,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9B,CAAC;YAED,MAAM,WAAW,GAAgB;gBAC/B,KAAK;gBACL,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,GAAG;gBACH,eAAe;aAChB,CAAC;YAEF,MAAM,MAAM,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,KAAK,EAAE,WAAW,CAAC,CAAC;YAElD,IAAI,IAAI,CAAC,UAAU,KAAK,UAAU,EAAE,CAAC;gBACnC,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC;gBACpC,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;oBAC/B,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,eAAe,EAAE,KAAK,EAAE;wBAClC,OAAO;wBACP,MAAM;wBACN,UAAU,EAAE,IAAI,CAAC,UAAU;wBAC3B,QAAQ,EAAE,OAAO;qBAClB,CAAC,CACH,CAAC;oBAEF,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,cAAc,EAAE,KAAK,EAAE;wBACjC,OAAO;wBACP,OAAO;wBACP,SAAS,EAAE,MAAM;qBAClB,CAAC,CACH,CAAC;gBACJ,CAAC;gBAED,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,uBAAuB,EAAE,KAAK,EAAE;oBAC1C,OAAO;oBACP,SAAS,EAAE,MAAM;oBACjB,YAAY,EAAE,QAAQ,CAAC,MAAM;oBAC7B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;iBACnC,CAAC,CACH,CAAC;YACJ,CAAC;YAED,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,eAAe,EAAE,KAAK,EAAE;gBAClC,OAAO;gBACP,MAAM;gBACN,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,MAAM;gBACN,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;aACnC,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,YAAY,EAAE,KAAK,EAAE;gBAC/B,OAAO;gBACP,MAAM;gBACN,UAAU,EAAE,IAAI,CAAC,UAAU;gBAC3B,KAAK,EAAE,cAAc,CAAC,KAAK,CAAC;aAC7B,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,gBAAgB,CAC7B,GAAe,EACf,IAAoB,EACpB,KAAa,EACb,OAA6C,EAC7C,QAA+C,EAC/C,SAAoB;IAEpB,MAAM,MAAM,GAAG,IAAI,CAAC,QAAQ,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IAC5C,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;IAC/D,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;QAChB,MAAM,MAAM,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IAClC,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;IAE7E,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,eAAe,EAAE,KAAK,EAAE;YAClC,OAAO;YACP,MAAM,EAAE,SAAS;YACjB,UAAU,EAAE,UAAU;YACtB,QAAQ,EAAE,OAAO;SAClB,CAAC,CACH,CAAC;QAEF,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,cAAc,EAAE,KAAK,EAAE;YACjC,OAAO;YACP,OAAO;YACP,SAAS;SACV,CAAC,CACH,CAAC;IACJ,CAAC;IAED,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,uBAAuB,EAAE,KAAK,EAAE;QAC1C,OAAO;QACP,SAAS;QACT,YAAY,EAAE,QAAQ,CAAC,MAAM;QAC7B,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;KACnC,CAAC,CACH,CAAC;IAEF,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,eAAe,EAAE,KAAK,EAAE;QAClC,OAAO;QACP,MAAM,EAAE,SAAS;QACjB,UAAU,EAAE,UAAU;QACtB,MAAM,EAAE,QAAQ;QAChB,UAAU,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;KACnC,CAAC,CACH,CAAC;IAEF,OAAO,QAAQ,CAAC,MAAM,CAAC;AACzB,CAAC;AAED,SAAS,iBAAiB,CAAC,MAAqB,EAAE,MAAc;IAC9D,MAAM,GAAG,GAAG,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;IACzC,IAAI,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;QAClB,OAAO,GAAG,CAAC;IACb,CAAC;IACD,OAAO,EAAE,CAAC;AACZ,CAAC;AAED,SAAS,UAAU,CAAC,KAAc;IAChC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACpB,SAAS;QACX,CAAC;QAED,MAAM,OAAO,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC;QAChC,IAAI,CAAC,OAAO,EAAE,CAAC;YACb,SAAS;QACX,CAAC;QAED,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,SAAS,CAAC,IAA6B;IAC9C,MAAM,WAAW,GAAG,QAAQ,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IAClD,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACxC,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,MAAM,SAAS,GAAG,QAAQ,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC;IAC9C,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IAC1C,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,CAAC;IAC5C,MAAM,iBAAiB,GAAG,QAAQ,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,CAAC;IAC9D,MAAM,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;IACvD,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC,CAAC;IAChD,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;IACxC,MAAM,GAAG,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IACvC,MAAM,KAAK,GAAG,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAEtC,IACE,CAAC,WAAW;QACZ,CAAC,MAAM;QACP,CAAC,QAAQ;QACT,SAAS,KAAK,IAAI;QAClB,CAAC,QAAQ;QACT,CAAC,OAAO;QACR,CAAC,iBAAiB;QAClB,CAAC,WAAW;QACZ,CAAC,UAAU;QACX,CAAC,MAAM;QACP,CAAC,GAAG;QACJ,KAAK,KAAK,IAAI,EACd,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,SAAS,CAAC;IAEvD,OAAO;QACL,OAAO;QACP,WAAW;QACX,MAAM;QACN,QAAQ;QACR,SAAS;QACT,QAAQ;QACR,OAAO;QACP,QAAQ;QACR,iBAAiB;QACjB,WAAW;QACX,UAAU;QACV,MAAM;QACN,GAAG;QACH,KAAK;KACN,CAAC;AACJ,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,OAAO,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AAClD,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,OAAO,KAAK,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;AAC5E,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,EAAE,CAAC;QACrD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type Database from "better-sqlite3";
|
|
2
|
+
import type { MessageBus } from "../types.js";
|
|
3
|
+
export interface StoreWorkerDeps {
|
|
4
|
+
db: Database.Database;
|
|
5
|
+
ref?: string;
|
|
6
|
+
}
|
|
7
|
+
/**
|
|
8
|
+
* Store worker: persists triage results into SQLite.
|
|
9
|
+
*/
|
|
10
|
+
export declare function registerStoreWorker(bus: MessageBus, deps: StoreWorkerDeps): void;
|
|
@@ -0,0 +1,62 @@
|
|
|
1
|
+
import { updatePocHarnessCost, updatePocHarnessResult, updateVerificationCost, updateVerificationResult, upsertFinding, } from "../../store.js";
|
|
2
|
+
import { createEvent } from "../helpers.js";
|
|
3
|
+
/**
|
|
4
|
+
* Store worker: persists triage results into SQLite.
|
|
5
|
+
*/
|
|
6
|
+
export function registerStoreWorker(bus, deps) {
|
|
7
|
+
bus.subscribe("triage:result", async (event) => {
|
|
8
|
+
const { context, finding, result, costUsd } = event.payload;
|
|
9
|
+
if (result.triageCostUsd === undefined && typeof costUsd === "number") {
|
|
10
|
+
result.triageCostUsd = costUsd;
|
|
11
|
+
}
|
|
12
|
+
upsertFinding(deps.db, finding, result, context.repoName, deps.ref ?? "HEAD");
|
|
13
|
+
await bus.publish(createEvent("store:upserted", event.meta.runId, {
|
|
14
|
+
context,
|
|
15
|
+
fingerprint: result.fingerprint,
|
|
16
|
+
verdict: result.verdict,
|
|
17
|
+
}));
|
|
18
|
+
});
|
|
19
|
+
bus.subscribe("verification:result", async (event) => {
|
|
20
|
+
const { context, finding, result, costUsd } = event.payload;
|
|
21
|
+
if (result.verifyCostUsd === undefined && typeof costUsd === "number") {
|
|
22
|
+
result.verifyCostUsd = costUsd;
|
|
23
|
+
}
|
|
24
|
+
updateVerificationResult(deps.db, finding.fingerprint, result);
|
|
25
|
+
await bus.publish(createEvent("store:upserted", event.meta.runId, {
|
|
26
|
+
context,
|
|
27
|
+
fingerprint: finding.fingerprint,
|
|
28
|
+
verdict: event.payload.triageResult.verdict,
|
|
29
|
+
}));
|
|
30
|
+
});
|
|
31
|
+
bus.subscribe("verification:error", (event) => {
|
|
32
|
+
const { context, finding, triageResult, costUsd } = event.payload;
|
|
33
|
+
if (typeof costUsd !== "number" || !Number.isFinite(costUsd) || costUsd < 0) {
|
|
34
|
+
return;
|
|
35
|
+
}
|
|
36
|
+
// Ensure the row exists even if persistence ordering is delayed.
|
|
37
|
+
upsertFinding(deps.db, finding, triageResult, context.repoName, deps.ref ?? "HEAD");
|
|
38
|
+
updateVerificationCost(deps.db, finding.fingerprint, costUsd);
|
|
39
|
+
});
|
|
40
|
+
bus.subscribe("poc-harness:result", async (event) => {
|
|
41
|
+
const { context, finding, triageResult, result, costUsd } = event.payload;
|
|
42
|
+
if (result.costUsd === undefined && typeof costUsd === "number") {
|
|
43
|
+
result.costUsd = costUsd;
|
|
44
|
+
}
|
|
45
|
+
updatePocHarnessResult(deps.db, finding.fingerprint, result);
|
|
46
|
+
await bus.publish(createEvent("store:upserted", event.meta.runId, {
|
|
47
|
+
context,
|
|
48
|
+
fingerprint: finding.fingerprint,
|
|
49
|
+
verdict: triageResult.verdict,
|
|
50
|
+
}));
|
|
51
|
+
});
|
|
52
|
+
bus.subscribe("poc-harness:error", (event) => {
|
|
53
|
+
const { context, finding, triageResult, costUsd } = event.payload;
|
|
54
|
+
if (typeof costUsd !== "number" || !Number.isFinite(costUsd) || costUsd < 0) {
|
|
55
|
+
return;
|
|
56
|
+
}
|
|
57
|
+
// Ensure the row exists even if persistence ordering is delayed.
|
|
58
|
+
upsertFinding(deps.db, finding, triageResult, context.repoName, deps.ref ?? "HEAD");
|
|
59
|
+
updatePocHarnessCost(deps.db, finding.fingerprint, costUsd);
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
//# sourceMappingURL=store-worker.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"store-worker.js","sourceRoot":"","sources":["../../../src/bus/workers/store-worker.ts"],"names":[],"mappings":"AACA,OAAO,EACL,oBAAoB,EACpB,sBAAsB,EACtB,sBAAsB,EACtB,wBAAwB,EACxB,aAAa,GACd,MAAM,gBAAgB,CAAC;AAQxB,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAQ5C;;GAEG;AACH,MAAM,UAAU,mBAAmB,CAAC,GAAe,EAAE,IAAqB;IACxE,GAAG,CAAC,SAAS,CAAoB,eAAe,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAChE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QAC5D,IAAI,MAAM,CAAC,aAAa,KAAK,SAAS,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YACtE,MAAM,CAAC,aAAa,GAAG,OAAO,CAAC;QACjC,CAAC;QAED,aAAa,CACX,IAAI,CAAC,EAAE,EACP,OAAO,EACP,MAAM,EACN,OAAO,CAAC,QAAQ,EAChB,IAAI,CAAC,GAAG,IAAI,MAAM,CACnB,CAAC;QAEF,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,gBAAgB,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;YAC9C,OAAO;YACP,WAAW,EAAE,MAAM,CAAC,WAAW;YAC/B,OAAO,EAAE,MAAM,CAAC,OAAO;SACxB,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAA0B,qBAAqB,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC5E,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QAC5D,IAAI,MAAM,CAAC,aAAa,KAAK,SAAS,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YACtE,MAAM,CAAC,aAAa,GAAG,OAAO,CAAC;QACjC,CAAC;QAED,wBAAwB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAE/D,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,gBAAgB,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;YAC9C,OAAO;YACP,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,OAAO,EAAE,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,OAAO;SAC5C,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAyB,oBAAoB,EAAE,CAAC,KAAK,EAAE,EAAE;QACpE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QAClE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAC5E,OAAO;QACT,CAAC;QAED,iEAAiE;QACjE,aAAa,CACX,IAAI,CAAC,EAAE,EACP,OAAO,EACP,YAAY,EACZ,OAAO,CAAC,QAAQ,EAChB,IAAI,CAAC,GAAG,IAAI,MAAM,CACnB,CAAC;QACF,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAwB,oBAAoB,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QACzE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QAC1E,IAAI,MAAM,CAAC,OAAO,KAAK,SAAS,IAAI,OAAO,OAAO,KAAK,QAAQ,EAAE,CAAC;YAChE,MAAM,CAAC,OAAO,GAAG,OAAO,CAAC;QAC3B,CAAC;QAED,sBAAsB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC;QAE7D,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,gBAAgB,EAAE,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE;YAC9C,OAAO;YACP,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,OAAO,EAAE,YAAY,CAAC,OAAO;SAC9B,CAAC,CACH,CAAC;IACJ,CAAC,CAAC,CAAC;IAEH,GAAG,CAAC,SAAS,CAAuB,mBAAmB,EAAE,CAAC,KAAK,EAAE,EAAE;QACjE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,OAAO,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QAClE,IAAI,OAAO,OAAO,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC,EAAE,CAAC;YAC5E,OAAO;QACT,CAAC;QAED,iEAAiE;QACjE,aAAa,CACX,IAAI,CAAC,EAAE,EACP,OAAO,EACP,YAAY,EACZ,OAAO,CAAC,QAAQ,EAChB,IAAI,CAAC,GAAG,IAAI,MAAM,CACnB,CAAC;QACF,oBAAoB,CAAC,IAAI,CAAC,EAAE,EAAE,OAAO,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -0,0 +1,13 @@
|
|
|
1
|
+
import type { TaskRegistry } from "../../agents/registry.js";
|
|
2
|
+
import type { ScannerRegistry } from "../../scanners/registry.js";
|
|
3
|
+
import type { KuzushiConfig } from "../../types.js";
|
|
4
|
+
import type { MessageBus } from "../types.js";
|
|
5
|
+
export interface TriageWorkerDeps {
|
|
6
|
+
registry: ScannerRegistry;
|
|
7
|
+
taskRegistry?: TaskRegistry;
|
|
8
|
+
config: KuzushiConfig;
|
|
9
|
+
}
|
|
10
|
+
/**
|
|
11
|
+
* Triage worker: invokes an agentic triage pass per finding.
|
|
12
|
+
*/
|
|
13
|
+
export declare function registerTriageWorker(bus: MessageBus, deps: TriageWorkerDeps): void;
|
|
@@ -0,0 +1,129 @@
|
|
|
1
|
+
import { withRetry } from "../../retry.js";
|
|
2
|
+
import { triageFindingWithAgent } from "../../triage.js";
|
|
3
|
+
import { isRecord, normalizeCostUsd, toErrorMessage } from "../../utils.js";
|
|
4
|
+
import { createEvent } from "../helpers.js";
|
|
5
|
+
/**
|
|
6
|
+
* Triage worker: invokes an agentic triage pass per finding.
|
|
7
|
+
*/
|
|
8
|
+
export function registerTriageWorker(bus, deps) {
|
|
9
|
+
const triageConfigProvider = createTriageConfigProvider(deps.registry, deps.taskRegistry);
|
|
10
|
+
bus.subscribe("triage:finding-queued", async (event) => {
|
|
11
|
+
const { context, finding, repoContext, index, total } = event.payload;
|
|
12
|
+
const runId = event.meta.runId;
|
|
13
|
+
let attempts = 0;
|
|
14
|
+
try {
|
|
15
|
+
const { result, costUsd } = await withRetry(async () => {
|
|
16
|
+
attempts += 1;
|
|
17
|
+
return triageFindingWithAgent(triageConfigProvider, finding, context.repoRoot, context.repoName, deps.config.triageModel ?? deps.config.model, deps.config.triageMaxTurns, asRepoContext(repoContext), {
|
|
18
|
+
activityCallback: async (activity) => {
|
|
19
|
+
await bus.publish(createEvent("triage:agent-activity", runId, {
|
|
20
|
+
context,
|
|
21
|
+
fingerprint: finding.fingerprint,
|
|
22
|
+
kind: activity.kind,
|
|
23
|
+
toolName: activity.toolName,
|
|
24
|
+
toolInput: activity.toolInput,
|
|
25
|
+
summary: activity.summary,
|
|
26
|
+
elapsedSeconds: activity.elapsedSeconds,
|
|
27
|
+
index,
|
|
28
|
+
total,
|
|
29
|
+
}));
|
|
30
|
+
},
|
|
31
|
+
});
|
|
32
|
+
}, {
|
|
33
|
+
maxRetries: deps.config.maxTriageRetries ?? 2,
|
|
34
|
+
backoffMs: deps.config.retryBackoffMs ?? 5000,
|
|
35
|
+
multiplier: deps.config.retryBackoffMultiplier ?? 2,
|
|
36
|
+
});
|
|
37
|
+
result.triageCostUsd = costUsd;
|
|
38
|
+
await bus.publish(createEvent("triage:result", runId, {
|
|
39
|
+
context,
|
|
40
|
+
finding,
|
|
41
|
+
result,
|
|
42
|
+
costUsd,
|
|
43
|
+
attempts,
|
|
44
|
+
index,
|
|
45
|
+
total,
|
|
46
|
+
}));
|
|
47
|
+
}
|
|
48
|
+
catch (error) {
|
|
49
|
+
const costUsd = getErrorCostUsd(error);
|
|
50
|
+
await bus.publish(createEvent("triage:error", runId, {
|
|
51
|
+
context,
|
|
52
|
+
finding,
|
|
53
|
+
error: toErrorMessage(error),
|
|
54
|
+
costUsd,
|
|
55
|
+
attempts,
|
|
56
|
+
index,
|
|
57
|
+
total,
|
|
58
|
+
}));
|
|
59
|
+
}
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
function createTriageConfigProvider(registry, taskRegistry) {
|
|
63
|
+
return {
|
|
64
|
+
has(id) {
|
|
65
|
+
if (registry.has(id)) {
|
|
66
|
+
return true;
|
|
67
|
+
}
|
|
68
|
+
if (!taskRegistry || !taskRegistry.has(id)) {
|
|
69
|
+
return false;
|
|
70
|
+
}
|
|
71
|
+
return typeof taskRegistry.get(id).triageAgentConfig === "function";
|
|
72
|
+
},
|
|
73
|
+
get(id) {
|
|
74
|
+
if (registry.has(id)) {
|
|
75
|
+
return registry.get(id);
|
|
76
|
+
}
|
|
77
|
+
if (!taskRegistry || !taskRegistry.has(id)) {
|
|
78
|
+
throw new Error(`Unknown triage provider: ${id}`);
|
|
79
|
+
}
|
|
80
|
+
const task = taskRegistry.get(id);
|
|
81
|
+
const triageAgentConfig = task.triageAgentConfig;
|
|
82
|
+
if (typeof triageAgentConfig !== "function") {
|
|
83
|
+
throw new Error(`Task "${id}" does not define triageAgentConfig`);
|
|
84
|
+
}
|
|
85
|
+
return {
|
|
86
|
+
triageAgentConfig: (finding, repoName) => triageAgentConfig(finding, repoName),
|
|
87
|
+
};
|
|
88
|
+
},
|
|
89
|
+
};
|
|
90
|
+
}
|
|
91
|
+
function getErrorCostUsd(error) {
|
|
92
|
+
if (!isRecord(error)) {
|
|
93
|
+
return undefined;
|
|
94
|
+
}
|
|
95
|
+
const raw = error["costUsd"];
|
|
96
|
+
if (typeof raw !== "number" || !Number.isFinite(raw) || raw < 0) {
|
|
97
|
+
return undefined;
|
|
98
|
+
}
|
|
99
|
+
return normalizeCostUsd(raw);
|
|
100
|
+
}
|
|
101
|
+
function asRepoContext(value) {
|
|
102
|
+
if (!isRecord(value)) {
|
|
103
|
+
return undefined;
|
|
104
|
+
}
|
|
105
|
+
const repoContext = {
|
|
106
|
+
languages: asStringArray(value["languages"]),
|
|
107
|
+
frameworks: asStringArray(value["frameworks"]),
|
|
108
|
+
authPatterns: asStringArray(value["authPatterns"]),
|
|
109
|
+
sanitizationLibs: asStringArray(value["sanitizationLibs"]),
|
|
110
|
+
ormOrDb: asStringArray(value["ormOrDb"]),
|
|
111
|
+
entryPoints: asStringArray(value["entryPoints"]),
|
|
112
|
+
};
|
|
113
|
+
const hasAnyValue = (repoContext.languages.length > 0
|
|
114
|
+
|| repoContext.frameworks.length > 0
|
|
115
|
+
|| repoContext.authPatterns.length > 0
|
|
116
|
+
|| repoContext.sanitizationLibs.length > 0
|
|
117
|
+
|| repoContext.ormOrDb.length > 0
|
|
118
|
+
|| repoContext.entryPoints.length > 0);
|
|
119
|
+
return hasAnyValue ? repoContext : undefined;
|
|
120
|
+
}
|
|
121
|
+
function asStringArray(value) {
|
|
122
|
+
if (!Array.isArray(value)) {
|
|
123
|
+
return [];
|
|
124
|
+
}
|
|
125
|
+
return value
|
|
126
|
+
.map((item) => (typeof item === "string" ? item.trim() : ""))
|
|
127
|
+
.filter(Boolean);
|
|
128
|
+
}
|
|
129
|
+
//# sourceMappingURL=triage-worker.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"triage-worker.js","sourceRoot":"","sources":["../../../src/bus/workers/triage-worker.ts"],"names":[],"mappings":"AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAC3C,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AAEzD,OAAO,EAAE,QAAQ,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAE5E,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAS5C;;GAEG;AACH,MAAM,UAAU,oBAAoB,CAAC,GAAe,EAAE,IAAsB;IAC1E,MAAM,oBAAoB,GAAG,0BAA0B,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,YAAY,CAAC,CAAC;IAE1F,GAAG,CAAC,SAAS,CAA2B,uBAAuB,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC/E,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QACtE,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QAC/B,IAAI,QAAQ,GAAG,CAAC,CAAC;QAEjB,IAAI,CAAC;YACH,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CACzC,KAAK,IAAI,EAAE;gBACT,QAAQ,IAAI,CAAC,CAAC;gBACd,OAAO,sBAAsB,CAC3B,oBAAoB,EACpB,OAAO,EACP,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,QAAQ,EAChB,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EAC5C,IAAI,CAAC,MAAM,CAAC,cAAc,EAC1B,aAAa,CAAC,WAAW,CAAC,EAC1B;oBACE,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE;wBACnC,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,uBAAuB,EAAE,KAAK,EAAE;4BAC1C,OAAO;4BACP,WAAW,EAAE,OAAO,CAAC,WAAW;4BAChC,IAAI,EAAE,QAAQ,CAAC,IAAI;4BACnB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;4BAC3B,SAAS,EAAE,QAAQ,CAAC,SAAS;4BAC7B,OAAO,EAAE,QAAQ,CAAC,OAAO;4BACzB,cAAc,EAAE,QAAQ,CAAC,cAAc;4BACvC,KAAK;4BACL,KAAK;yBACN,CAAC,CACH,CAAC;oBACJ,CAAC;iBACF,CACF,CAAC;YACJ,CAAC,EACD;gBACE,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,CAAC;gBAC7C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,IAAI;gBAC7C,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB,IAAI,CAAC;aACpD,CACF,CAAC;YACF,MAAM,CAAC,aAAa,GAAG,OAAO,CAAC;YAE/B,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,eAAe,EAAE,KAAK,EAAE;gBAClC,OAAO;gBACP,OAAO;gBACP,MAAM;gBACN,OAAO;gBACP,QAAQ;gBACR,KAAK;gBACL,KAAK;aACN,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,eAAe,CAAC,KAAK,CAAC,CAAC;YACvC,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,cAAc,EAAE,KAAK,EAAE;gBACjC,OAAO;gBACP,OAAO;gBACP,KAAK,EAAE,cAAc,CAAC,KAAK,CAAC;gBAC5B,OAAO;gBACP,QAAQ;gBACR,KAAK;gBACL,KAAK;aACN,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,0BAA0B,CACjC,QAAyB,EACzB,YAA2B;IAK3B,OAAO;QACL,GAAG,CAAC,EAAU;YACZ,IAAI,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;gBACrB,OAAO,IAAI,CAAC;YACd,CAAC;YAED,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC3C,OAAO,KAAK,CAAC;YACf,CAAC;YAED,OAAO,OAAO,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC,iBAAiB,KAAK,UAAU,CAAC;QACtE,CAAC;QACD,GAAG,CAAC,EAAU;YACZ,IAAI,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;gBACrB,OAAO,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAC1B,CAAC;YAED,IAAI,CAAC,YAAY,IAAI,CAAC,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,EAAE,CAAC;gBAC3C,MAAM,IAAI,KAAK,CAAC,4BAA4B,EAAE,EAAE,CAAC,CAAC;YACpD,CAAC;YAED,MAAM,IAAI,GAAG,YAAY,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;YAClC,MAAM,iBAAiB,GAAG,IAAI,CAAC,iBAAiB,CAAC;YACjD,IAAI,OAAO,iBAAiB,KAAK,UAAU,EAAE,CAAC;gBAC5C,MAAM,IAAI,KAAK,CAAC,SAAS,EAAE,qCAAqC,CAAC,CAAC;YACpE,CAAC;YAED,OAAO;gBACL,iBAAiB,EAAE,CAAC,OAAgB,EAAE,QAAgB,EAAE,EAAE,CAAC,iBAAiB,CAAC,OAAO,EAAE,QAAQ,CAAC;aAChG,CAAC;QACJ,CAAC;KACF,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,KAAc;IACrC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,GAAG,GAAG,KAAK,CAAC,SAAS,CAAC,CAAC;IAC7B,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,GAAG,GAAG,CAAC,EAAE,CAAC;QAChE,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,OAAO,gBAAgB,CAAC,GAAG,CAAC,CAAC;AAC/B,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,WAAW,GAAgB;QAC/B,SAAS,EAAE,aAAa,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC5C,UAAU,EAAE,aAAa,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC9C,YAAY,EAAE,aAAa,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAClD,gBAAgB,EAAE,aAAa,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAC1D,OAAO,EAAE,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACxC,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;KACjD,CAAC;IAEF,MAAM,WAAW,GAAG,CAClB,WAAW,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;WAC7B,WAAW,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;WACjC,WAAW,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC;WACnC,WAAW,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;WACvC,WAAW,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;WAC9B,WAAW,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CACtC,CAAC;IAEF,OAAO,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;AAC/C,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,KAAK;SACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SAC5D,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC"}
|
|
@@ -0,0 +1,9 @@
|
|
|
1
|
+
import type { KuzushiConfig } from "../../types.js";
|
|
2
|
+
import type { MessageBus } from "../types.js";
|
|
3
|
+
export interface VerificationWorkerDeps {
|
|
4
|
+
config: KuzushiConfig;
|
|
5
|
+
}
|
|
6
|
+
/**
|
|
7
|
+
* Verification worker: validates exploitability with concrete source-to-sink analysis.
|
|
8
|
+
*/
|
|
9
|
+
export declare function registerVerificationWorker(bus: MessageBus, deps: VerificationWorkerDeps): void;
|
|
@@ -0,0 +1,91 @@
|
|
|
1
|
+
import { verifyFindingWithAgent, VerificationExecutionError } from "../../verify.js";
|
|
2
|
+
import { withRetry } from "../../retry.js";
|
|
3
|
+
import { isRecord, toErrorMessage } from "../../utils.js";
|
|
4
|
+
import { createEvent } from "../helpers.js";
|
|
5
|
+
/**
|
|
6
|
+
* Verification worker: validates exploitability with concrete source-to-sink analysis.
|
|
7
|
+
*/
|
|
8
|
+
export function registerVerificationWorker(bus, deps) {
|
|
9
|
+
bus.subscribe("verification:finding-queued", async (event) => {
|
|
10
|
+
const { context, finding, triageResult, repoContext, index, total } = event.payload;
|
|
11
|
+
const runId = event.meta.runId;
|
|
12
|
+
let attempts = 0;
|
|
13
|
+
try {
|
|
14
|
+
const { result, costUsd } = await withRetry(async () => {
|
|
15
|
+
attempts += 1;
|
|
16
|
+
return verifyFindingWithAgent(finding, triageResult, context.repoRoot, context.repoName, deps.config.verifyModel ?? deps.config.triageModel ?? deps.config.model, deps.config.verifyMaxTurns ?? 15, asRepoContext(repoContext), {
|
|
17
|
+
activityCallback: async (activity) => {
|
|
18
|
+
await bus.publish(createEvent("verification:agent-activity", runId, {
|
|
19
|
+
context,
|
|
20
|
+
fingerprint: finding.fingerprint,
|
|
21
|
+
kind: activity.kind,
|
|
22
|
+
toolName: activity.toolName,
|
|
23
|
+
toolInput: activity.toolInput,
|
|
24
|
+
summary: activity.summary,
|
|
25
|
+
elapsedSeconds: activity.elapsedSeconds,
|
|
26
|
+
index,
|
|
27
|
+
total,
|
|
28
|
+
}));
|
|
29
|
+
},
|
|
30
|
+
});
|
|
31
|
+
}, {
|
|
32
|
+
maxRetries: deps.config.maxVerifyRetries ?? 2,
|
|
33
|
+
backoffMs: deps.config.retryBackoffMs ?? 5000,
|
|
34
|
+
multiplier: deps.config.retryBackoffMultiplier ?? 2,
|
|
35
|
+
});
|
|
36
|
+
result.verifyCostUsd = costUsd;
|
|
37
|
+
await bus.publish(createEvent("verification:result", runId, {
|
|
38
|
+
context,
|
|
39
|
+
finding,
|
|
40
|
+
triageResult,
|
|
41
|
+
result,
|
|
42
|
+
costUsd,
|
|
43
|
+
attempts,
|
|
44
|
+
index,
|
|
45
|
+
total,
|
|
46
|
+
}));
|
|
47
|
+
}
|
|
48
|
+
catch (error) {
|
|
49
|
+
const costUsd = error instanceof VerificationExecutionError ? error.costUsd : undefined;
|
|
50
|
+
await bus.publish(createEvent("verification:error", runId, {
|
|
51
|
+
context,
|
|
52
|
+
finding,
|
|
53
|
+
triageResult,
|
|
54
|
+
error: toErrorMessage(error),
|
|
55
|
+
costUsd,
|
|
56
|
+
attempts,
|
|
57
|
+
index,
|
|
58
|
+
total,
|
|
59
|
+
}));
|
|
60
|
+
}
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
function asRepoContext(value) {
|
|
64
|
+
if (!isRecord(value)) {
|
|
65
|
+
return undefined;
|
|
66
|
+
}
|
|
67
|
+
const repoContext = {
|
|
68
|
+
languages: asStringArray(value["languages"]),
|
|
69
|
+
frameworks: asStringArray(value["frameworks"]),
|
|
70
|
+
authPatterns: asStringArray(value["authPatterns"]),
|
|
71
|
+
sanitizationLibs: asStringArray(value["sanitizationLibs"]),
|
|
72
|
+
ormOrDb: asStringArray(value["ormOrDb"]),
|
|
73
|
+
entryPoints: asStringArray(value["entryPoints"]),
|
|
74
|
+
};
|
|
75
|
+
const hasAnyValue = (repoContext.languages.length > 0
|
|
76
|
+
|| repoContext.frameworks.length > 0
|
|
77
|
+
|| repoContext.authPatterns.length > 0
|
|
78
|
+
|| repoContext.sanitizationLibs.length > 0
|
|
79
|
+
|| repoContext.ormOrDb.length > 0
|
|
80
|
+
|| repoContext.entryPoints.length > 0);
|
|
81
|
+
return hasAnyValue ? repoContext : undefined;
|
|
82
|
+
}
|
|
83
|
+
function asStringArray(value) {
|
|
84
|
+
if (!Array.isArray(value)) {
|
|
85
|
+
return [];
|
|
86
|
+
}
|
|
87
|
+
return value
|
|
88
|
+
.map((item) => (typeof item === "string" ? item.trim() : ""))
|
|
89
|
+
.filter(Boolean);
|
|
90
|
+
}
|
|
91
|
+
//# sourceMappingURL=verification-worker.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"verification-worker.js","sourceRoot":"","sources":["../../../src/bus/workers/verification-worker.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,sBAAsB,EAAE,0BAA0B,EAAE,MAAM,iBAAiB,CAAC;AACrF,OAAO,EAAE,SAAS,EAAE,MAAM,gBAAgB,CAAC;AAE3C,OAAO,EAAE,QAAQ,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAE1D,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAO5C;;GAEG;AACH,MAAM,UAAU,0BAA0B,CACxC,GAAe,EACf,IAA4B;IAE5B,GAAG,CAAC,SAAS,CAAiC,6BAA6B,EAAE,KAAK,EAAE,KAAK,EAAE,EAAE;QAC3F,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,YAAY,EAAE,WAAW,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,KAAK,CAAC,OAAO,CAAC;QACpF,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC;QAC/B,IAAI,QAAQ,GAAG,CAAC,CAAC;QAEjB,IAAI,CAAC;YACH,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,GAAG,MAAM,SAAS,CACzC,KAAK,IAAI,EAAE;gBACT,QAAQ,IAAI,CAAC,CAAC;gBACd,OAAO,sBAAsB,CAC3B,OAAO,EACP,YAAY,EACZ,OAAO,CAAC,QAAQ,EAChB,OAAO,CAAC,QAAQ,EAChB,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,IAAI,CAAC,MAAM,CAAC,KAAK,EACvE,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,EAAE,EAChC,aAAa,CAAC,WAAW,CAAC,EAC1B;oBACE,gBAAgB,EAAE,KAAK,EAAE,QAAQ,EAAE,EAAE;wBACnC,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,6BAA6B,EAAE,KAAK,EAAE;4BAChD,OAAO;4BACP,WAAW,EAAE,OAAO,CAAC,WAAW;4BAChC,IAAI,EAAE,QAAQ,CAAC,IAAI;4BACnB,QAAQ,EAAE,QAAQ,CAAC,QAAQ;4BAC3B,SAAS,EAAE,QAAQ,CAAC,SAAS;4BAC7B,OAAO,EAAE,QAAQ,CAAC,OAAO;4BACzB,cAAc,EAAE,QAAQ,CAAC,cAAc;4BACvC,KAAK;4BACL,KAAK;yBACN,CAAC,CACH,CAAC;oBACJ,CAAC;iBACF,CACF,CAAC;YACJ,CAAC,EACD;gBACE,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,gBAAgB,IAAI,CAAC;gBAC7C,SAAS,EAAE,IAAI,CAAC,MAAM,CAAC,cAAc,IAAI,IAAI;gBAC7C,UAAU,EAAE,IAAI,CAAC,MAAM,CAAC,sBAAsB,IAAI,CAAC;aACpD,CACF,CAAC;YACF,MAAM,CAAC,aAAa,GAAG,OAAO,CAAC;YAE/B,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,qBAAqB,EAAE,KAAK,EAAE;gBACxC,OAAO;gBACP,OAAO;gBACP,YAAY;gBACZ,MAAM;gBACN,OAAO;gBACP,QAAQ;gBACR,KAAK;gBACL,KAAK;aACN,CAAC,CACH,CAAC;QACJ,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,OAAO,GAAG,KAAK,YAAY,0BAA0B,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC;YACxF,MAAM,GAAG,CAAC,OAAO,CACf,WAAW,CAAC,oBAAoB,EAAE,KAAK,EAAE;gBACvC,OAAO;gBACP,OAAO;gBACP,YAAY;gBACZ,KAAK,EAAE,cAAc,CAAC,KAAK,CAAC;gBAC5B,OAAO;gBACP,QAAQ;gBACR,KAAK;gBACL,KAAK;aACN,CAAC,CACH,CAAC;QACJ,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;QACrB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,WAAW,GAAgB;QAC/B,SAAS,EAAE,aAAa,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;QAC5C,UAAU,EAAE,aAAa,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;QAC9C,YAAY,EAAE,aAAa,CAAC,KAAK,CAAC,cAAc,CAAC,CAAC;QAClD,gBAAgB,EAAE,aAAa,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC;QAC1D,OAAO,EAAE,aAAa,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;QACxC,WAAW,EAAE,aAAa,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC;KACjD,CAAC;IAEF,MAAM,WAAW,GAAG,CAClB,WAAW,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC;WAC7B,WAAW,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC;WACjC,WAAW,CAAC,YAAY,CAAC,MAAM,GAAG,CAAC;WACnC,WAAW,CAAC,gBAAgB,CAAC,MAAM,GAAG,CAAC;WACvC,WAAW,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC;WAC9B,WAAW,CAAC,WAAW,CAAC,MAAM,GAAG,CAAC,CACtC,CAAC;IAEF,OAAO,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS,CAAC;AAC/C,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QAC1B,OAAO,EAAE,CAAC;IACZ,CAAC;IAED,OAAO,KAAK;SACT,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,OAAO,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;SAC5D,MAAM,CAAC,OAAO,CAAC,CAAC;AACrB,CAAC"}
|
package/dist/cli.d.ts
ADDED