kuzushi 0.1.0

package/dist/report.js

@@ -0,0 +1,146 @@
+import chalk from "chalk";
+import path from "node:path";
+import { getActionableFindings, getPocHarnessCounts, getTotalCost, getTotalPocHarnessCost, getTotalVerificationCost, getVerificationCounts, getVerdictCounts, } from "./store.js";
+/** Color a verdict string. */
+function colorVerdict(verdict) {
+    switch (verdict) {
+        case "tp":
+            return chalk.red.bold("TRUE POSITIVE");
+        case "fp":
+            return chalk.green("false positive");
+        case "needs_review":
+            return chalk.yellow("needs review");
+    }
+}
+/** Print a progress line for a single triage result. */
+export function printTriageProgress(result, index, total, attempts) {
+    const verdict = colorVerdict(result.verdict);
+    const conf = chalk.dim(`(${(result.confidence * 100).toFixed(0)}%)`);
+    const cost = result.triageCostUsd && result.triageCostUsd > 0
+        ? chalk.dim(`$${result.triageCostUsd.toFixed(4)}`)
+        : "";
+    const retry = attempts && attempts > 1
+        ? chalk.dim(`(retry #${attempts})`)
+        : "";
+    console.log(`  [${index}/${total}] ${verdict} ${conf}${cost ? ` ${cost}` : ""}${retry ? ` ${retry}` : ""} ${chalk.dim(result.fingerprint.slice(0, 12))}...`);
+}
+/** Print the final scan summary to terminal. */
+export function printSummary(db, repo, options = {}) {
+    const counts = getVerdictCounts(db, repo);
+    const totalCostUsd = getTotalCost(db, repo);
+    const verificationCostUsd = getTotalVerificationCost(db, repo);
+    const pocHarnessCostUsd = getTotalPocHarnessCost(db, repo);
+    const verificationCounts = getVerificationCounts(db, repo);
+    const pocHarnessCounts = getPocHarnessCounts(db, repo);
+    const hasVerificationStats = verificationCounts.exploitable + verificationCounts.notExploitable > 0;
+    const hasVerificationSpend = verificationCostUsd > 0;
+    const hasVerificationData = hasVerificationStats || hasVerificationSpend;
+    const hasPocHarnessData = (pocHarnessCounts.generated > 0
+        || pocHarnessCounts.skipped > 0
+        || (options.stats?.pocHarnessErrors ?? 0) > 0
+        || pocHarnessCostUsd > 0);
+    const total = counts.tp + counts.fp + counts.needs_review;
+    const actionable = getActionableFindings(db, repo);
+    console.log("");
+    console.log(chalk.bold("─".repeat(60)));
+    console.log(chalk.bold("  Kuzushi Scan Results"));
+    console.log(chalk.bold("─".repeat(60)));
+    console.log("");
+    console.log(`  ${chalk.dim("Total triaged:")}    ${total}`);
+    console.log(`  ${chalk.red.bold("True positives:")}   ${counts.tp}`);
+    console.log(`  ${chalk.green("False positives:")}  ${counts.fp}`);
+    console.log(`  ${chalk.yellow("Needs review:")}     ${counts.needs_review}`);
+    if ((options.stats?.skippedLowConfidence ?? 0) > 0) {
+        console.log(`  ${chalk.dim("Skipped (low confidence):")} ${options.stats?.skippedLowConfidence}`);
+    }
+    if (hasVerificationData) {
+        console.log("");
+        if (hasVerificationStats) {
+            console.log(`  ${chalk.red.bold("Exploitable:")}      ${verificationCounts.exploitable}`);
+            console.log(`  ${chalk.green("Not exploitable:")}  ${verificationCounts.notExploitable}`);
+        }
+        else {
+            console.log(`  ${chalk.yellow("Verification:")}    errors only`);
+        }
+    }
+    if (hasPocHarnessData) {
+        console.log("");
+        console.log(`  ${chalk.cyan("PoC harnesses generated:")} ${pocHarnessCounts.generated}`);
+        console.log(`  ${chalk.yellow("PoC harnesses skipped:")}   ${pocHarnessCounts.skipped}`);
+        console.log(`  ${chalk.red("PoC harness errors:")}     ${options.stats?.pocHarnessErrors ?? 0}`);
+        if (options.repoRoot) {
+            const pocDir = path.join(options.repoRoot, ".kuzushi", "poc");
+            console.log(`  ${chalk.dim("PoC output dir:")} ${pocDir}/`);
+        }
+    }
+    if (actionable.length > 0) {
+        console.log("");
+        console.log(chalk.bold("  Actionable Findings:"));
+        console.log("");
+        for (const f of actionable) {
+            const verdict = colorVerdict(f.verdict);
+            const location = chalk.cyan(`${f.filePath}:${f.startLine}`);
+            const conf = chalk.dim(`${(f.confidence * 100).toFixed(0)}%`);
+            const severity = f.severity === "ERROR" ? chalk.red(f.severity) : chalk.yellow(f.severity);
+            const scanner = chalk.dim(`[${f.scanner}]`);
+            const verificationBadge = f.verifyExploitable === 1
+                ? chalk.bgRed.white.bold(" EXPLOITABLE ")
+                : f.verifyExploitable === 0
+                    ? chalk.bgGreen.black(" NOT EXPLOITABLE ")
+                    : "";
+            console.log(`  ${verdict} ${conf}  ${severity} ${scanner}${verificationBadge ? ` ${verificationBadge}` : ""}`);
+            console.log(`    ${location}`);
+            console.log(`    ${chalk.dim(f.ruleId)}`);
+            console.log(`    ${f.rationale.slice(0, 120)}${f.rationale.length > 120 ? "..." : ""}`);
+            if (f.verifyExploitable === 1 && f.verifyPocPayload) {
+                const payload = f.verifyPocPayload.length > 80
+                    ? `${f.verifyPocPayload.slice(0, 77)}...`
+                    : f.verifyPocPayload;
+                console.log(`    ${chalk.magenta("PoC:")} ${payload}`);
+            }
+            if (f.verifyAttackVector) {
+                console.log(`    ${chalk.cyan("Vector:")} ${f.verifyAttackVector}`);
+            }
+            if (f.pocHarnessPath) {
+                console.log(`    ${chalk.blue("PoC Harness:")} ${f.pocHarnessPath}`);
+            }
+            else if (f.pocHarnessSkipped === 1) {
+                console.log(`    ${chalk.yellow("PoC Harness:")} skipped (${f.pocHarnessSkipReason ?? "no reason provided"})`);
+            }
+            if (f.pocHarnessParsed === 0 && f.pocHarnessParseError) {
+                console.log(`    ${chalk.red("PoC Parse Error:")} ${f.pocHarnessParseError}`);
+            }
+            console.log("");
+        }
+    }
+    else if (total > 0) {
+        console.log("");
+        console.log(chalk.green.bold("  All findings triaged as false positives. Code looks clean."));
+    }
+    console.log("");
+    console.log(`  ${chalk.dim("Total triage cost:")} $${totalCostUsd.toFixed(4)}`);
+    if (hasVerificationData) {
+        console.log(`  ${chalk.dim("Total verification cost:")} $${verificationCostUsd.toFixed(4)}`);
+    }
+    if (hasPocHarnessData) {
+        console.log(`  ${chalk.dim("Total PoC harness cost:")} $${pocHarnessCostUsd.toFixed(4)}`);
+    }
+    if (options.auditLog && options.repoRoot && options.runId) {
+        const runDir = path.join(options.repoRoot, ".kuzushi", "runs", options.runId);
+        console.log(`  ${chalk.dim("Audit log:")} ${runDir}/`);
+    }
+    console.log(chalk.bold("─".repeat(60)));
+}
+/** Print a short line when starting a scan. */
+export function printScanStart(repoName, findingCount, total, scanners) {
+    console.log("");
+    console.log(chalk.bold(`  Kuzushi v0.1 — scanning ${repoName}`));
+    console.log(`  Scanners: ${scanners.join(", ")}`);
+    console.log(`  ${total} findings, ${findingCount} selected for AI triage`);
+    console.log("");
+}
+/** Print when resuming with skipped findings. */
+export function printResumeInfo(skipped, remaining) {
+    console.log(chalk.dim(`  Skipping ${skipped} already-triaged findings, ${remaining} remaining`));
+}
+//# sourceMappingURL=report.js.map

package/dist/report.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"report.js","sourceRoot":"","sources":["../src/report.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,IAAI,MAAM,WAAW,CAAC;AAK7B,OAAO,EACL,qBAAqB,EACrB,mBAAmB,EACnB,YAAY,EACZ,sBAAsB,EACtB,wBAAwB,EACxB,qBAAqB,EACrB,gBAAgB,GACjB,MAAM,YAAY,CAAC;AAEpB,8BAA8B;AAC9B,SAAS,YAAY,CAAC,OAAgB;IACpC,QAAQ,OAAO,EAAE,CAAC;QAChB,KAAK,IAAI;YACP,OAAO,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;QACzC,KAAK,IAAI;YACP,OAAO,KAAK,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;QACvC,KAAK,cAAc;YACjB,OAAO,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,CAAC;IACxC,CAAC;AACH,CAAC;AAED,wDAAwD;AACxD,MAAM,UAAU,mBAAmB,CACjC,MAAoB,EACpB,KAAa,EACb,KAAa,EACb,QAAiB;IAEjB,MAAM,OAAO,GAAG,YAAY,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;IAC7C,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACrE,MAAM,IAAI,GAAG,MAAM,CAAC,aAAa,IAAI,MAAM,CAAC,aAAa,GAAG,CAAC;QAC3D,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;QAClD,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,KAAK,GAAG,QAAQ,IAAI,QAAQ,GAAG,CAAC;QACpC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,QAAQ,GAAG,CAAC;QACnC,CAAC,CAAC,EAAE,CAAC;IACP,OAAO,CAAC,GAAG,CACT,MAAM,KAAK,IAAI,KAAK,KAAK,OAAO,IAAI,IAAI,GAAG,IAAI,CAAC,CAAC,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC,CAAC,CAAC,EAAE,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,CAChJ,CAAC;AACJ,CAAC;AASD,gDAAgD;AAChD,MAAM,UAAU,YAAY,CAC1B,EAAqB,EACrB,IAAY,EACZ,UAA+B,EAAE;IAEjC,MAAM,MAAM,GAAG,gBAAgB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC1C,MAAM,YAAY,GAAG,YAAY,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC5C,MAAM,mBAAmB,GAAG,wBAAwB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC/D,MAAM,iBAAiB,GAAG,sBAAsB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC3D,MAAM,kBAAkB,GAAG,qBAAqB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAC3D,MAAM,gBAAgB,GAAG,mBAAmB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IACvD,MAAM,oBAAoB,GAAG,kBAAkB,CAAC,WAAW,GAAG,kBAAkB,CAAC,cAAc,GAAG,CAAC,CAAC;IACpG,MAAM,oBAAoB,GAAG,mBAAmB,GAAG,CAAC,CAAC;IACrD,MAAM,mBAAmB,GAAG,oBAAoB,IAAI,oBAAoB,CAAC;IACzE,MAAM,iBAAiB,GAAG,CACxB,gBAAgB,CAAC,SAAS,GAAG,CAAC;WAC3B,gBAAgB,CAAC,OAAO,GAAG,CAAC;WAC5B,CAAC,OAAO,CAAC,KAAK,EAAE,gBAAgB,IAAI,CAAC,CAAC,GAAG,CAAC;WAC1C,iBAAiB,GAAG,CAAC,CACzB,CAAC;IACF,MAAM,KAAK,GAAG,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,EAAE,GAAG,MAAM,CAAC,YAAY,CAAC;IAC1D,MAAM,UAAU,GAAG,qBAAqB,CAAC,EAAE,EAAE,IAAI,CAAC,CAAC;IAEnD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;IACxC,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,gBAAgB,CAAC,OAAO,KAAK,EAAE,CAAC,CAAC;IAC5D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,MAAM,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;IACrE,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,KAAK,MAAM,CAAC,EAAE,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,QAAQ,MAAM,CAAC,YAAY,EAAE,CAAC,CAAC;IAC7E,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,oBAAoB,IAAI,CAAC,CAAC,GAAG,CAAC,EAAE,CAAC;QACnD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,2BAA2B,CAAC,IAAI,OAAO,CAAC,KAAK,EAAE,oBAAoB,EAAE,CAAC,CAAC;IACpG,CAAC;IACD,IAAI,mBAAmB,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,IAAI,oBAAoB,EAAE,CAAC;YACzB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,cAAc,CAAC,SAAS,kBAAkB,CAAC,WAAW,EAAE,CAAC,CAAC;YAC1F,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,kBAAkB,CAAC,KAAK,kBAAkB,CAAC,cAAc,EAAE,CAAC,CAAC;QAC5F,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,CAAC,eAAe,CAAC,iBAAiB,CAAC,CAAC;QACnE,CAAC;IACH,CAAC;IACD,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,IAAI,gBAAgB,CAAC,SAAS,EAAE,CAAC,CAAC;QACzF,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,CAAC,wBAAwB,CAAC,MAAM,gBAAgB,CAAC,OAAO,EAAE,CAAC,CAAC;QACzF,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,qBAAqB,CAAC,QAAQ,OAAO,CAAC,KAAK,EAAE,gBAAgB,IAAI,CAAC,EAAE,CAAC,CAAC;QACjG,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACrB,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,IAAI,MAAM,GAAG,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC,CAAC;QAClD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAEhB,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,MAAM,OAAO,GAAG,YAAY,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;YACxC,MAAM,QAAQ,GAAG,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;YAC5D,MAAM,IAAI,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,GAAG,GAAG,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;YAC9D,MAAM,QAAQ,GAAG,CAAC,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;YAC3F,MAAM,OAAO,GAAG,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,OAAO,GAAG,CAAC,CAAC;YAC5C,MAAM,iBAAiB,GAAG,CAAC,CAAC,iBAAiB,KAAK,CAAC;gBACjD,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC;gBACzC,CAAC,CAAC,CAAC,CAAC,iBAAiB,KAAK,CAAC;oBACzB,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,mBAAmB,CAAC;oBAC1C,CAAC,CAAC,EAAE,CAAC;YAET,OAAO,CAAC,GAAG,CAAC,KAAK,OAAO,IAAI,IAAI,KAAK,QAAQ,IAAI,OAAO,GAAG,iBAAiB,CAAC,CAAC,CAAC,IAAI,iBAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC/G,OAAO,CAAC,GAAG,CAAC,OAAO,QAAQ,EAAE,CAAC,CAAC;YAC/B,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;YAC1C,OAAO,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,GAAG,CAAC,CAAC,SAAS,CAAC,MAAM,GAAG,GAAG,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YACxF,IAAI,CAAC,CAAC,iBAAiB,KAAK,CAAC,IAAI,CAAC,CAAC,gBAAgB,EAAE,CAAC;gBACpD,MAAM,OAAO,GAAG,CAAC,CAAC,gBAAgB,CAAC,MAAM,GAAG,EAAE;oBAC5C,CAAC,CAAC,GAAG,CAAC,CAAC,gBAAgB,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK;oBACzC,CAAC,CAAC,CAAC,CAAC,gBAAgB,CAAC;gBACvB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC,CAAC;YACzD,CAAC;YACD,IAAI,CAAC,CAAC,kBAAkB,EAAE,CAAC;gBACzB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,kBAAkB,EAAE,CAAC,CAAC;YACtE,CAAC;YACD,IAAI,CAAC,CAAC,cAAc,EAAE,CAAC;gBACrB,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC,IAAI,CAAC,CAAC,cAAc,EAAE,CAAC,CAAC;YACvE,CAAC;iBAAM,IAAI,CAAC,CAAC,iBAAiB,KAAK,CAAC,EAAE,CAAC;gBACrC,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,MAAM,CAAC,cAAc,CAAC,aAAa,CAAC,CAAC,oBAAoB,IAAI,oBAAoB,GAAG,CAAC,CAAC;YACjH,CAAC;YACD,IAAI,CAAC,CAAC,gBAAgB,KAAK,CAAC,IAAI,CAAC,CAAC,oBAAoB,EAAE,CAAC;gBACvD,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,kBAAkB,CAAC,IAAI,CAAC,CAAC,oBAAoB,EAAE,CAAC,CAAC;YAChF,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAClB,CAAC;IACH,CAAC;SAAM,IAAI,KAAK,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,IAAI,CAAC,8DAA8D,CAAC,CAAC,CAAC;IAChG,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,oBAAoB,CAAC,KAAK,YAAY,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAChF,IAAI,mBAAmB,EAAE,CAAC;QACxB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,0BAA0B,CAAC,KAAK,mBAAmB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC/F,CAAC;IACD,IAAI,iBAAiB,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,yBAAyB,CAAC,KAAK,iBAAiB,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;IAC5F,CAAC;IACD,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,KAAK,EAAE,CAAC;QAC1D,MAAM,MAAM,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,UAAU,EAAE,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QAC9E,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,YAAY,CAAC,IAAI,MAAM,GAAG,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;AAC1C,CAAC;AAED,+CAA+C;AAC/C,MAAM,UAAU,cAAc,CAC5B,QAAgB,EAChB,YAAoB,EACpB,KAAa,EACb,QAAqB;IAErB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,6BAA6B,QAAQ,EAAE,CAAC,CAAC,CAAC;IACjE,OAAO,CAAC,GAAG,CAAC,eAAe,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAClD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,cAAc,YAAY,yBAAyB,CAAC,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,iDAAiD;AACjD,MAAM,UAAU,eAAe,CAAC,OAAe,EAAE,SAAiB;IAChE,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CAAC,cAAc,OAAO,8BAA8B,SAAS,YAAY,CAAC,CACpF,CAAC;AACJ,CAAC"}

package/dist/retry.d.ts

@@ -0,0 +1,6 @@
+export interface RetryOptions {
+    maxRetries: number;
+    backoffMs: number;
+    multiplier: number;
+}
+export declare function withRetry<T>(fn: () => Promise<T>, options: RetryOptions): Promise<T>;

package/dist/retry.js

@@ -0,0 +1,25 @@
+export async function withRetry(fn, options) {
+    let lastError;
+    for (let attempt = 0; attempt <= options.maxRetries; attempt += 1) {
+        try {
+            return await fn();
+        }
+        catch (error) {
+            lastError = error;
+            if (attempt < options.maxRetries) {
+                const delay = options.backoffMs * Math.pow(options.multiplier, attempt);
+                await sleep(delay);
+            }
+        }
+    }
+    throw lastError;
+}
+function sleep(ms) {
+    if (!Number.isFinite(ms) || ms <= 0) {
+        return Promise.resolve();
+    }
+    return new Promise((resolve) => {
+        setTimeout(resolve, ms);
+    });
+}
+//# sourceMappingURL=retry.js.map

package/dist/retry.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"retry.js","sourceRoot":"","sources":["../src/retry.ts"],"names":[],"mappings":"AAMA,MAAM,CAAC,KAAK,UAAU,SAAS,CAC7B,EAAoB,EACpB,OAAqB;IAErB,IAAI,SAAkB,CAAC;IAEvB,KAAK,IAAI,OAAO,GAAG,CAAC,EAAE,OAAO,IAAI,OAAO,CAAC,UAAU,EAAE,OAAO,IAAI,CAAC,EAAE,CAAC;QAClE,IAAI,CAAC;YACH,OAAO,MAAM,EAAE,EAAE,CAAC;QACpB,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,SAAS,GAAG,KAAK,CAAC;YAClB,IAAI,OAAO,GAAG,OAAO,CAAC,UAAU,EAAE,CAAC;gBACjC,MAAM,KAAK,GAAG,OAAO,CAAC,SAAS,GAAG,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;gBACxE,MAAM,KAAK,CAAC,KAAK,CAAC,CAAC;YACrB,CAAC;QACH,CAAC;IACH,CAAC;IAED,MAAM,SAAS,CAAC;AAClB,CAAC;AAED,SAAS,KAAK,CAAC,EAAU;IACvB,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,IAAI,EAAE,IAAI,CAAC,EAAE,CAAC;QACpC,OAAO,OAAO,CAAC,OAAO,EAAE,CAAC;IAC3B,CAAC;IAED,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,EAAE;QAC7B,UAAU,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;AACL,CAAC"}

package/dist/scanner/claude-adk.d.ts

@@ -0,0 +1,26 @@
+import type { RawFinding, ScanOpts } from "../types.js";
+interface ClaudeAdkFinding {
+    ruleId: string;
+    filePath: string;
+    startLine: number;
+    severity: string;
+    message: string;
+    confidence: string;
+    subcategory: string[];
+    likelihood: string;
+    impact: string;
+    cwe: string[];
+    evidence: string;
+}
+export interface ClaudeAdkOutput {
+    findings: ClaudeAdkFinding[];
+}
+/** Run the Claude Agent SDK scanner and return structured findings. */
+export declare function runClaudeAdk(repoRoot: string, opts: ScanOpts, model: string, defaultMaxFindings: number): Promise<ClaudeAdkOutput>;
+/** Rank and map Claude ADK findings into normalized RawFinding records. */
+export declare function selectClaudeFindings(output: ClaudeAdkOutput, repoRoot: string, repoName: string, ref: string, maxFindings?: number): RawFinding[];
+/** Parse and normalize structured output from the claude-adk scanner. */
+export declare function parseClaudeAdkOutput(raw: unknown): ClaudeAdkOutput;
+/** Stable fingerprint for claude-adk findings. */
+export declare function computeClaudeAdkFingerprint(repoName: string, ref: string, finding: ClaudeAdkFinding): string;
+export {};

package/dist/scanner/claude-adk.js

@@ -0,0 +1,265 @@
+import { createHash } from "node:crypto";
+import path from "node:path";
+import { query } from "@anthropic-ai/claude-agent-sdk";
+import { scoreFindingMetadata } from "../scanner.js";
+const SEVERITY_LEVELS = new Set(["ERROR", "WARNING", "INFO"]);
+const CONFIDENCE_LEVELS = new Set(["HIGH", "MEDIUM", "LOW"]);
+const SUBCATEGORIES = new Set(["vuln", "audit"]);
+const CLAUDE_ADK_SCHEMA = {
+    type: "object",
+    additionalProperties: false,
+    required: ["findings"],
+    properties: {
+        findings: {
+            type: "array",
+            items: {
+                type: "object",
+                additionalProperties: false,
+                required: ["ruleId", "filePath", "startLine", "severity", "message"],
+                properties: {
+                    ruleId: { type: "string" },
+                    filePath: { type: "string" },
+                    startLine: { type: "integer", minimum: 1 },
+                    severity: { type: "string", enum: ["ERROR", "WARNING", "INFO"] },
+                    message: { type: "string" },
+                    confidence: { type: "string", enum: ["HIGH", "MEDIUM", "LOW"] },
+                    subcategory: {
+                        type: "array",
+                        items: { type: "string", enum: ["vuln", "audit"] },
+                    },
+                    likelihood: { type: "string", enum: ["HIGH", "MEDIUM", "LOW"] },
+                    impact: { type: "string", enum: ["HIGH", "MEDIUM", "LOW"] },
+                    cwe: {
+                        type: "array",
+                        items: { type: "string" },
+                    },
+                    evidence: { type: "string" },
+                },
+            },
+        },
+    },
+};
+/** Run the Claude Agent SDK scanner and return structured findings. */
+export async function runClaudeAdk(repoRoot, opts, model, defaultMaxFindings) {
+    const requestedMax = Math.max(1, opts.maxFindings ?? defaultMaxFindings);
+    const prompt = buildPrompt(opts, requestedMax);
+    let resultText = "";
+    let structuredOutput = undefined;
+    let executionError = null;
+    for await (const message of query({
+        prompt,
+        options: {
+            cwd: repoRoot,
+            model,
+            maxTurns: 20,
+            allowedTools: ["Read", "Glob", "Grep"],
+            permissionMode: "dontAsk",
+            outputFormat: {
+                type: "json_schema",
+                schema: CLAUDE_ADK_SCHEMA,
+            },
+        },
+    })) {
+        if (message.type !== "result")
+            continue;
+        if (message.subtype === "success") {
+            resultText = message.result;
+            structuredOutput = message.structured_output;
+            continue;
+        }
+        executionError = message.errors.join("; ") || message.subtype;
+    }
+    if (executionError) {
+        throw new Error(`claude-adk scanner failed: ${executionError}`);
+    }
+    const parsed = parseClaudeAdkOutput(structuredOutput ?? resultText);
+    return {
+        findings: parsed.findings.slice(0, requestedMax),
+    };
+}
+/** Rank and map Claude ADK findings into normalized RawFinding records. */
+export function selectClaudeFindings(output, repoRoot, repoName, ref, maxFindings) {
+    const deduped = new Map();
+    for (const finding of output.findings) {
+        const filePath = normalizeFilePath(repoRoot, finding.filePath);
+        const fingerprint = computeClaudeAdkFingerprint(repoName, ref, {
+            ...finding,
+            filePath,
+        });
+        const score = scoreFindingMetadata({
+            severity: finding.severity,
+            likelihood: finding.likelihood,
+            impact: finding.impact,
+            subcategory: finding.subcategory,
+        });
+        const rawFinding = {
+            scanner: "claude-adk",
+            fingerprint,
+            ruleId: finding.ruleId,
+            filePath,
+            startLine: finding.startLine,
+            severity: finding.severity,
+            message: finding.message,
+            scannerConfidence: finding.confidence,
+            subcategory: finding.subcategory,
+            likelihood: finding.likelihood,
+            impact: finding.impact,
+            cwe: finding.cwe,
+            score,
+        };
+        const existing = deduped.get(fingerprint);
+        if (!existing || rawFinding.score > existing.score) {
+            deduped.set(fingerprint, rawFinding);
+        }
+    }
+    return [...deduped.values()]
+        .sort((a, b) => b.score - a.score)
+        .slice(0, maxFindings);
+}
+/** Parse and normalize structured output from the claude-adk scanner. */
+export function parseClaudeAdkOutput(raw) {
+    const data = parseRawOutput(raw);
+    if (!isRecord(data) || !Array.isArray(data["findings"])) {
+        throw new Error("claude-adk scanner returned invalid output shape");
+    }
+    const findings = [];
+    for (const item of data["findings"]) {
+        if (!isRecord(item))
+            continue;
+        const ruleId = asString(item["ruleId"], "claude-adk.security.finding");
+        const filePath = asString(item["filePath"], "").trim();
+        if (!filePath)
+            continue;
+        const startLine = asPositiveInt(item["startLine"], 1);
+        const severity = normalizeSeverity(item["severity"], "WARNING");
+        const message = asString(item["message"], "Potential security issue");
+        const confidence = normalizeConfidence(item["confidence"], "MEDIUM");
+        const subcategory = normalizeSubcategory(item["subcategory"]);
+        const likelihood = normalizeConfidence(item["likelihood"], "MEDIUM");
+        const impact = normalizeConfidence(item["impact"], "MEDIUM");
+        const cwe = normalizeStringArray(item["cwe"]);
+        const evidence = asString(item["evidence"], "");
+        findings.push({
+            ruleId,
+            filePath,
+            startLine,
+            severity,
+            message,
+            confidence,
+            subcategory,
+            likelihood,
+            impact,
+            cwe,
+            evidence,
+        });
+    }
+    return { findings };
+}
+/** Stable fingerprint for claude-adk findings. */
+export function computeClaudeAdkFingerprint(repoName, ref, finding) {
+    const source = [
+        repoName,
+        ref,
+        "claude-adk",
+        finding.ruleId,
+        finding.filePath,
+        String(finding.startLine),
+        finding.message,
+        finding.evidence,
+    ].join("|");
+    return createHash("sha256").update(source).digest("hex");
+}
+function buildPrompt(opts, maxFindings) {
+    return [
+        "You are a static analysis security scanner.",
+        "Analyze the repository for concrete application security issues.",
+        "Return only findings with enough evidence in code.",
+        "",
+        `Severity filter: ${opts.severity.join(", ") || "ERROR, WARNING, INFO"}`,
+        `Max findings: ${maxFindings}`,
+        `Exclude paths/globs: ${opts.excludePatterns.join(", ") || "(none)"}`,
+        "",
+        "For each finding return:",
+        "- ruleId (string)",
+        "- filePath (relative path preferred)",
+        "- startLine (1-based integer)",
+        "- severity (ERROR|WARNING|INFO)",
+        "- message (short finding summary)",
+        "- confidence (HIGH|MEDIUM|LOW)",
+        "- subcategory (vuln or audit; default to audit when unsure)",
+        "- likelihood (HIGH|MEDIUM|LOW)",
+        "- impact (HIGH|MEDIUM|LOW)",
+        "- cwe (array of CWE strings, optional)",
+        "- evidence (short evidence snippet)",
+        "",
+        "Do not propose remediations. Do not include non-security style issues.",
+    ].join("\n");
+}
+function parseRawOutput(raw) {
+    if (typeof raw !== "string")
+        return raw;
+    const text = raw.trim();
+    if (!text)
+        return { findings: [] };
+    try {
+        return JSON.parse(text);
+    }
+    catch {
+        const extracted = extractJsonObject(text);
+        return JSON.parse(extracted);
+    }
+}
+function extractJsonObject(text) {
+    const fenceMatch = text.match(/```(?:json)?\s*\n?([\s\S]*?)\n?```/);
+    if (fenceMatch)
+        return fenceMatch[1].trim();
+    const start = text.indexOf("{");
+    const end = text.lastIndexOf("}");
+    if (start !== -1 && end > start) {
+        return text.slice(start, end + 1);
+    }
+    return text;
+}
+function normalizeFilePath(repoRoot, filePath) {
+    if (!path.isAbsolute(filePath))
+        return filePath;
+    const relative = path.relative(repoRoot, filePath);
+    if (relative.startsWith(".."))
+        return filePath;
+    return relative || filePath;
+}
+function normalizeSeverity(value, fallback) {
+    const normalized = asString(value, fallback).toUpperCase();
+    return SEVERITY_LEVELS.has(normalized) ? normalized : fallback;
+}
+function normalizeConfidence(value, fallback) {
+    const normalized = asString(value, fallback).toUpperCase();
+    return CONFIDENCE_LEVELS.has(normalized) ? normalized : fallback;
+}
+function normalizeSubcategory(value) {
+    const items = normalizeStringArray(value).map((v) => v.toLowerCase());
+    const valid = items.filter((v) => SUBCATEGORIES.has(v));
+    return valid.length > 0 ? valid : ["audit"];
+}
+function normalizeStringArray(value) {
+    if (!Array.isArray(value))
+        return [];
+    return value.map((v) => String(v).trim()).filter(Boolean);
+}
+function asPositiveInt(value, fallback) {
+    const numeric = Number(value);
+    if (!Number.isFinite(numeric) || numeric < 1)
+        return fallback;
+    return Math.floor(numeric);
+}
+function asString(value, fallback) {
+    if (typeof value === "string")
+        return value;
+    if (value == null)
+        return fallback;
+    return String(value);
+}
+function isRecord(value) {
+    return value !== null && typeof value === "object";
+}
+//# sourceMappingURL=claude-adk.js.map

package/dist/scanner/claude-adk.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"claude-adk.js","sourceRoot":"","sources":["../../src/scanner/claude-adk.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,KAAK,EAAE,MAAM,gCAAgC,CAAC;AAEvD,OAAO,EAAE,oBAAoB,EAAE,MAAM,eAAe,CAAC;AAErD,MAAM,eAAe,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,CAAC,CAAC;AAC9D,MAAM,iBAAiB,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC;AAC7D,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC;AAEjD,MAAM,iBAAiB,GAAG;IACxB,IAAI,EAAE,QAAQ;IACd,oBAAoB,EAAE,KAAK;IAC3B,QAAQ,EAAE,CAAC,UAAU,CAAC;IACtB,UAAU,EAAE;QACV,QAAQ,EAAE;YACR,IAAI,EAAE,OAAO;YACb,KAAK,EAAE;gBACL,IAAI,EAAE,QAAQ;gBACd,oBAAoB,EAAE,KAAK;gBAC3B,QAAQ,EAAE,CAAC,QAAQ,EAAE,UAAU,EAAE,WAAW,EAAE,UAAU,EAAE,SAAS,CAAC;gBACpE,UAAU,EAAE;oBACV,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAC1B,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAC5B,SAAS,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,OAAO,EAAE,CAAC,EAAE;oBAC1C,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,OAAO,EAAE,SAAS,EAAE,MAAM,CAAC,EAAE;oBAChE,OAAO,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;oBAC3B,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE;oBAC/D,WAAW,EAAE;wBACX,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,OAAO,CAAC,EAAE;qBACnD;oBACD,UAAU,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE;oBAC/D,MAAM,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,EAAE;oBAC3D,GAAG,EAAE;wBACH,IAAI,EAAE,OAAO;wBACb,KAAK,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;qBAC1B;oBACD,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE;iBAC7B;aACF;SACF;KACF;CACO,CAAC;AAoBX,uEAAuE;AACvE,MAAM,CAAC,KAAK,UAAU,YAAY,CAChC,QAAgB,EAChB,IAAc,EACd,KAAa,EACb,kBAA0B;IAE1B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,WAAW,IAAI,kBAAkB,CAAC,CAAC;IACzE,MAAM,MAAM,GAAG,WAAW,CAAC,IAAI,EAAE,YAAY,CAAC,CAAC;IAC/C,IAAI,UAAU,GAAG,EAAE,CAAC;IACpB,IAAI,gBAAgB,GAAY,SAAS,CAAC;IAC1C,IAAI,cAAc,GAAkB,IAAI,CAAC;IAEzC,IAAI,KAAK,EAAE,MAAM,OAAO,IAAI,KAAK,CAAC;QAChC,MAAM;QACN,OAAO,EAAE;YACP,GAAG,EAAE,QAAQ;YACb,KAAK;YACL,QAAQ,EAAE,EAAE;YACZ,YAAY,EAAE,CAAC,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC;YACtC,cAAc,EAAE,SAAS;YACzB,YAAY,EAAE;gBACZ,IAAI,EAAE,aAAa;gBACnB,MAAM,EAAE,iBAAiB;aAC1B;SACF;KACF,CAAC,EAAE,CAAC;QACH,IAAI,OAAO,CAAC,IAAI,KAAK,QAAQ;YAAE,SAAS;QACxC,IAAI,OAAO,CAAC,OAAO,KAAK,SAAS,EAAE,CAAC;YAClC,UAAU,GAAG,OAAO,CAAC,MAAM,CAAC;YAC5B,gBAAgB,GAAG,OAAO,CAAC,iBAAiB,CAAC;YAC7C,SAAS;QACX,CAAC;QAED,cAAc,GAAG,OAAO,CAAC,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,OAAO,CAAC,OAAO,CAAC;IAChE,CAAC;IAED,IAAI,cAAc,EAAE,CAAC;QACnB,MAAM,IAAI,KAAK,CAAC,8BAA8B,cAAc,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,MAAM,MAAM,GAAG,oBAAoB,CAAC,gBAAgB,IAAI,UAAU,CAAC,CAAC;IACpE,OAAO;QACL,QAAQ,EAAE,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,YAAY,CAAC;KACjD,CAAC;AACJ,CAAC;AAED,2EAA2E;AAC3E,MAAM,UAAU,oBAAoB,CAClC,MAAuB,EACvB,QAAgB,EAChB,QAAgB,EAChB,GAAW,EACX,WAAoB;IAEpB,MAAM,OAAO,GAAG,IAAI,GAAG,EAAsB,CAAC;IAE9C,KAAK,MAAM,OAAO,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;QACtC,MAAM,QAAQ,GAAG,iBAAiB,CAAC,QAAQ,EAAE,OAAO,CAAC,QAAQ,CAAC,CAAC;QAC/D,MAAM,WAAW,GAAG,2BAA2B,CAAC,QAAQ,EAAE,GAAG,EAAE;YAC7D,GAAG,OAAO;YACV,QAAQ;SACT,CAAC,CAAC;QACH,MAAM,KAAK,GAAG,oBAAoB,CAAC;YACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,WAAW,EAAE,OAAO,CAAC,WAAW;SACjC,CAAC,CAAC;QAEH,MAAM,UAAU,GAAe;YAC7B,OAAO,EAAE,YAAY;YACrB,WAAW;YACX,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,QAAQ;YACR,SAAS,EAAE,OAAO,CAAC,SAAS;YAC5B,QAAQ,EAAE,OAAO,CAAC,QAAQ;YAC1B,OAAO,EAAE,OAAO,CAAC,OAAO;YACxB,iBAAiB,EAAE,OAAO,CAAC,UAAU;YACrC,WAAW,EAAE,OAAO,CAAC,WAAW;YAChC,UAAU,EAAE,OAAO,CAAC,UAAU;YAC9B,MAAM,EAAE,OAAO,CAAC,MAAM;YACtB,GAAG,EAAE,OAAO,CAAC,GAAG;YAChB,KAAK;SACN,CAAC;QAEF,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;QAC1C,IAAI,CAAC,QAAQ,IAAI,UAAU,CAAC,KAAK,GAAG,QAAQ,CAAC,KAAK,EAAE,CAAC;YACnD,OAAO,CAAC,GAAG,CAAC,WAAW,EAAE,UAAU,CAAC,CAAC;QACvC,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC;SACzB,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,CAAC;SACjC,KAAK,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC;AAC3B,CAAC;AAED,yEAAyE;AACzE,MAAM,UAAU,oBAAoB,CAAC,GAAY;IAC/C,MAAM,IAAI,GAAG,cAAc,CAAC,GAAG,CAAC,CAAC;IACjC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QACxD,MAAM,IAAI,KAAK,CAAC,kDAAkD,CAAC,CAAC;IACtE,CAAC;IAED,MAAM,QAAQ,GAAuB,EAAE,CAAC;IACxC,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;QACpC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC;YAAE,SAAS;QAE9B,MAAM,MAAM,GAAG,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,6BAA6B,CAAC,CAAC;QACvE,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC;QACvD,IAAI,CAAC,QAAQ;YAAE,SAAS;QAExB,MAAM,SAAS,GAAG,aAAa,CAAC,IAAI,CAAC,WAAW,CAAC,EAAE,CAAC,CAAC,CAAC;QACtD,MAAM,QAAQ,GAAG,iBAAiB,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,SAAS,CAAC,CAAC;QAChE,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,0BAA0B,CAAC,CAAC;QACtE,MAAM,UAAU,GAAG,mBAAmB,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,QAAQ,CAAC,CAAC;QACrE,MAAM,WAAW,GAAG,oBAAoB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC;QAC9D,MAAM,UAAU,GAAG,mBAAmB,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,QAAQ,CAAC,CAAC;QACrE,MAAM,MAAM,GAAG,mBAAmB,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,QAAQ,CAAC,CAAC;QAC7D,MAAM,GAAG,GAAG,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAC9C,MAAM,QAAQ,GAAG,QAAQ,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,EAAE,CAAC,CAAC;QAEhD,QAAQ,CAAC,IAAI,CAAC;YACZ,MAAM;YACN,QAAQ;YACR,SAAS;YACT,QAAQ;YACR,OAAO;YACP,UAAU;YACV,WAAW;YACX,UAAU;YACV,MAAM;YACN,GAAG;YACH,QAAQ;SACT,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,QAAQ,EAAE,CAAC;AACtB,CAAC;AAED,kDAAkD;AAClD,MAAM,UAAU,2BAA2B,CACzC,QAAgB,EAChB,GAAW,EACX,OAAyB;IAEzB,MAAM,MAAM,GAAG;QACb,QAAQ;QACR,GAAG;QACH,YAAY;QACZ,OAAO,CAAC,MAAM;QACd,OAAO,CAAC,QAAQ;QAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC;QACzB,OAAO,CAAC,OAAO;QACf,OAAO,CAAC,QAAQ;KACjB,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACZ,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AAC3D,CAAC;AAED,SAAS,WAAW,CAAC,IAAc,EAAE,WAAmB;IACtD,OAAO;QACL,6CAA6C;QAC7C,kEAAkE;QAClE,oDAAoD;QACpD,EAAE;QACF,oBAAoB,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,sBAAsB,EAAE;QACxE,iBAAiB,WAAW,EAAE;QAC9B,wBAAwB,IAAI,CAAC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,QAAQ,EAAE;QACrE,EAAE;QACF,0BAA0B;QAC1B,mBAAmB;QACnB,sCAAsC;QACtC,+BAA+B;QAC/B,iCAAiC;QACjC,mCAAmC;QACnC,gCAAgC;QAChC,6DAA6D;QAC7D,gCAAgC;QAChC,4BAA4B;QAC5B,wCAAwC;QACxC,qCAAqC;QACrC,EAAE;QACF,wEAAwE;KACzE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACf,CAAC;AAED,SAAS,cAAc,CAAC,GAAY;IAClC,IAAI,OAAO,GAAG,KAAK,QAAQ;QAAE,OAAO,GAAG,CAAC;IACxC,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;IACxB,IAAI,CAAC,IAAI;QAAE,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,CAAC;IAEnC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAC1B,CAAC;IAAC,MAAM,CAAC;QACP,MAAM,SAAS,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;QAC1C,OAAO,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC/B,CAAC;AACH,CAAC;AAED,SAAS,iBAAiB,CAAC,IAAY;IACrC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,oCAAoC,CAAC,CAAC;IACpE,IAAI,UAAU;QAAE,OAAO,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;IAE5C,MAAM,KAAK,GAAG,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAChC,MAAM,GAAG,GAAG,IAAI,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IAClC,IAAI,KAAK,KAAK,CAAC,CAAC,IAAI,GAAG,GAAG,KAAK,EAAE,CAAC;QAChC,OAAO,IAAI,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;IACpC,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,iBAAiB,CAAC,QAAgB,EAAE,QAAgB;IAC3D,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IAChD,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,QAAQ,CAAC,CAAC;IACnD,IAAI,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC/C,OAAO,QAAQ,IAAI,QAAQ,CAAC;AAC9B,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAc,EAAE,QAAgB;IACzD,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3D,OAAO,eAAe,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC;AACjE,CAAC;AAED,SAAS,mBAAmB,CAAC,KAAc,EAAE,QAAgB;IAC3D,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,EAAE,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;IAC3D,OAAO,iBAAiB,CAAC,GAAG,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC,CAAC,QAAQ,CAAC;AACnE,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAc;IAC1C,MAAM,KAAK,GAAG,oBAAoB,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC;IACtE,MAAM,KAAK,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;IACxD,OAAO,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC;AAC9C,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAc;IAC1C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IACrC,OAAO,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;AAC5D,CAAC;AAED,SAAS,aAAa,CAAC,KAAc,EAAE,QAAgB;IACrD,MAAM,OAAO,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC;IAC9B,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,IAAI,OAAO,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAC;IAC9D,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;AAC7B,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc,EAAE,QAAgB;IAChD,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,KAAK,IAAI,IAAI;QAAE,OAAO,QAAQ,CAAC;IACnC,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;AACvB,CAAC;AAED,SAAS,QAAQ,CAAC,KAAc;IAC9B,OAAO,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,CAAC;AACrD,CAAC"}

package/dist/scanner/resolve.d.ts

@@ -0,0 +1,10 @@
+/**
+ * Resolve the scanner binary path.
+ *
+ * Precedence:
+ * 1. `opengrep` on PATH
+ * 2. `semgrep` on PATH
+ * 3. Previously downloaded binary at ~/.kuzushi/bin/opengrep
+ * 4. Auto-download from GitHub releases
+ */
+export declare function resolveScanner(): Promise<string>;

package/dist/scanner/resolve.js

@@ -0,0 +1,99 @@
+import { execFileSync } from "node:child_process";
+import { createWriteStream, chmodSync, existsSync, mkdirSync } from "node:fs";
+import { pipeline } from "node:stream/promises";
+import { get } from "node:https";
+import path from "node:path";
+import os from "node:os";
+const BIN_DIR = path.join(os.homedir(), ".kuzushi", "bin");
+const GITHUB_RELEASE_URL = "https://api.github.com/repos/opengrep/opengrep/releases/latest";
+/** Map Node's process.platform + process.arch to Opengrep asset name. */
+function getAssetName() {
+    const platform = process.platform;
+    const arch = process.arch;
+    if (platform === "darwin" && arch === "arm64")
+        return "opengrep_osx_arm64";
+    if (platform === "darwin" && arch === "x64")
+        return "opengrep_osx_x86";
+    if (platform === "linux" && arch === "x64")
+        return "opengrep_manylinux_x86";
+    if (platform === "linux" && arch === "arm64")
+        return "opengrep_manylinux_aarch64";
+    if (platform === "win32" && arch === "x64")
+        return "opengrep_windows_x86.exe";
+    throw new Error(`Unsupported platform: ${platform}/${arch}. Install semgrep or opengrep manually.`);
+}
+/** Check if a binary exists on PATH. */
+function which(name) {
+    try {
+        return execFileSync("which", [name], { encoding: "utf-8" }).trim() || null;
+    }
+    catch {
+        return null;
+    }
+}
+/** Follow redirects and return the final response. */
+function httpsGet(url) {
+    return new Promise((resolve, reject) => {
+        get(url, { headers: { "User-Agent": "kuzushi/0.1" } }, (res) => {
+            if (res.statusCode && res.statusCode >= 300 && res.statusCode < 400 && res.headers.location) {
+                httpsGet(res.headers.location).then(resolve, reject);
+                return;
+            }
+            resolve(res);
+        }).on("error", reject);
+    });
+}
+/** Fetch latest release info from GitHub. */
+async function getLatestReleaseDownloadUrl(assetName) {
+    const res = await httpsGet(GITHUB_RELEASE_URL);
+    const chunks = [];
+    for await (const chunk of res)
+        chunks.push(chunk);
+    const body = JSON.parse(Buffer.concat(chunks).toString());
+    const asset = body.assets?.find((a) => a.name === assetName);
+    if (!asset) {
+        throw new Error(`Could not find asset "${assetName}" in latest opengrep release (${body.tag_name}).`);
+    }
+    return asset.browser_download_url;
+}
+/** Download a file from a URL to a local path. */
+async function downloadFile(url, dest) {
+    const res = await httpsGet(url);
+    if (res.statusCode !== 200) {
+        throw new Error(`Download failed: HTTP ${res.statusCode}`);
+    }
+    await pipeline(res, createWriteStream(dest));
+}
+/**
+ * Resolve the scanner binary path.
+ *
+ * Precedence:
+ * 1. `opengrep` on PATH
+ * 2. `semgrep` on PATH
+ * 3. Previously downloaded binary at ~/.kuzushi/bin/opengrep
+ * 4. Auto-download from GitHub releases
+ */
+export async function resolveScanner() {
+    // 1. Check PATH
+    const onPath = which("opengrep") ?? which("semgrep");
+    if (onPath)
+        return onPath;
+    // 2. Check local cache
+    const localBin = path.join(BIN_DIR, process.platform === "win32" ? "opengrep.exe" : "opengrep");
+    if (existsSync(localBin))
+        return localBin;
+    // 3. Download
+    console.log("  No scanner found on PATH. Downloading opengrep...");
+    const assetName = getAssetName();
+    const downloadUrl = await getLatestReleaseDownloadUrl(assetName);
+    if (!existsSync(BIN_DIR))
+        mkdirSync(BIN_DIR, { recursive: true });
+    console.log(`  Downloading ${assetName}...`);
+    await downloadFile(downloadUrl, localBin);
+    if (process.platform !== "win32") {
+        chmodSync(localBin, 0o755);
+    }
+    console.log(`  Installed opengrep to ${localBin}`);
+    return localBin;
+}
+//# sourceMappingURL=resolve.js.map

package/dist/scanner/resolve.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"resolve.js","sourceRoot":"","sources":["../../src/scanner/resolve.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,iBAAiB,EAAE,SAAS,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,SAAS,CAAC;AAC9E,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,GAAG,EAAE,MAAM,YAAY,CAAC;AACjC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,MAAM,SAAS,CAAC;AAGzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,UAAU,EAAE,KAAK,CAAC,CAAC;AAC3D,MAAM,kBAAkB,GACtB,gEAAgE,CAAC;AAEnE,yEAAyE;AACzE,SAAS,YAAY;IACnB,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;IAClC,MAAM,IAAI,GAAG,OAAO,CAAC,IAAI,CAAC;IAE1B,IAAI,QAAQ,KAAK,QAAQ,IAAI,IAAI,KAAK,OAAO;QAAE,OAAO,oBAAoB,CAAC;IAC3E,IAAI,QAAQ,KAAK,QAAQ,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,kBAAkB,CAAC;IACvE,IAAI,QAAQ,KAAK,OAAO,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,wBAAwB,CAAC;IAC5E,IAAI,QAAQ,KAAK,OAAO,IAAI,IAAI,KAAK,OAAO;QAAE,OAAO,4BAA4B,CAAC;IAClF,IAAI,QAAQ,KAAK,OAAO,IAAI,IAAI,KAAK,KAAK;QAAE,OAAO,0BAA0B,CAAC;IAE9E,MAAM,IAAI,KAAK,CACb,yBAAyB,QAAQ,IAAI,IAAI,yCAAyC,CACnF,CAAC;AACJ,CAAC;AAED,wCAAwC;AACxC,SAAS,KAAK,CAAC,IAAY;IACzB,IAAI,CAAC;QACH,OAAO,YAAY,CAAC,OAAO,EAAE,CAAC,IAAI,CAAC,EAAE,EAAE,QAAQ,EAAE,OAAO,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,IAAI,CAAC;IAC7E,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,sDAAsD;AACtD,SAAS,QAAQ,CAAC,GAAW;IAC3B,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,GAAG,CAAC,GAAG,EAAE,EAAE,OAAO,EAAE,EAAE,YAAY,EAAE,aAAa,EAAE,EAAE,EAAE,CAAC,GAAG,EAAE,EAAE;YAC7D,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,CAAC,UAAU,IAAI,GAAG,IAAI,GAAG,CAAC,UAAU,GAAG,GAAG,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,EAAE,CAAC;gBAC5F,QAAQ,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;gBACrD,OAAO;YACT,CAAC;YACD,OAAO,CAAC,GAAG,CAAC,CAAC;QACf,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;AACL,CAAC;AAED,6CAA6C;AAC7C,KAAK,UAAU,2BAA2B,CAAC,SAAiB;IAC1D,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,kBAAkB,CAAC,CAAC;IAE/C,MAAM,MAAM,GAAa,EAAE,CAAC;IAC5B,IAAI,KAAK,EAAE,MAAM,KAAK,IAAI,GAAG;QAAE,MAAM,CAAC,IAAI,CAAC,KAAe,CAAC,CAAC;IAC5D,MAAM,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC;IAE1D,MAAM,KAAK,GAAG,IAAI,CAAC,MAAM,EAAE,IAAI,CAC7B,CAAC,CAAmB,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,SAAS,CAC9C,CAAC;IACF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,MAAM,IAAI,KAAK,CACb,yBAAyB,SAAS,iCAAiC,IAAI,CAAC,QAAQ,IAAI,CACrF,CAAC;IACJ,CAAC;IAED,OAAO,KAAK,CAAC,oBAAoB,CAAC;AACpC,CAAC;AAED,kDAAkD;AAClD,KAAK,UAAU,YAAY,CAAC,GAAW,EAAE,IAAY;IACnD,MAAM,GAAG,GAAG,MAAM,QAAQ,CAAC,GAAG,CAAC,CAAC;IAChC,IAAI,GAAG,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;QAC3B,MAAM,IAAI,KAAK,CAAC,yBAAyB,GAAG,CAAC,UAAU,EAAE,CAAC,CAAC;IAC7D,CAAC;IACD,MAAM,QAAQ,CAAC,GAAG,EAAE,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC;AAC/C,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,CAAC,KAAK,UAAU,cAAc;IAClC,gBAAgB;IAChB,MAAM,MAAM,GAAG,KAAK,CAAC,UAAU,CAAC,IAAI,KAAK,CAAC,SAAS,CAAC,CAAC;IACrD,IAAI,MAAM;QAAE,OAAO,MAAM,CAAC;IAE1B,uBAAuB;IACvB,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,OAAO,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;IAChG,IAAI,UAAU,CAAC,QAAQ,CAAC;QAAE,OAAO,QAAQ,CAAC;IAE1C,cAAc;IACd,OAAO,CAAC,GAAG,CAAC,qDAAqD,CAAC,CAAC;IACnE,MAAM,SAAS,GAAG,YAAY,EAAE,CAAC;IACjC,MAAM,WAAW,GAAG,MAAM,2BAA2B,CAAC,SAAS,CAAC,CAAC;IAEjE,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC;QAAE,SAAS,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAElE,OAAO,CAAC,GAAG,CAAC,iBAAiB,SAAS,KAAK,CAAC,CAAC;IAC7C,MAAM,YAAY,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;IAE1C,IAAI,OAAO,CAAC,QAAQ,KAAK,OAAO,EAAE,CAAC;QACjC,SAAS,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;IAC7B,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,2BAA2B,QAAQ,EAAE,CAAC,CAAC;IACnD,OAAO,QAAQ,CAAC;AAClB,CAAC"}