midas-mcp 5.43.5 → 5.43.11

package/dist/tools/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tools/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,gBAAgB,EAChB,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGhD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAGvD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG7D,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG5D,OAAO,EACL,OAAO,EACP,aAAa,EACb,aAAa,EACb,mBAAmB,EACnB,YAAY,EACZ,kBAAkB,GACnB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,MAAM,EACN,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,OAAO,EACP,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,SAAS,EACT,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,QAAQ,EACR,cAAc,EACd,OAAO,EACP,aAAa,GACd,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,aAAa,EACb,mBAAmB,GACpB,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,iBAAiB,EACjB,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,gBAAgB,EAChB,UAAU,GACX,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,YAAY,GACb,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,WAAW,EACX,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,EACtB,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,YAAY,EACZ,kBAAkB,EAClB,eAAe,EACf,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,eAAe,EACf,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,qBAAqB,EAErB,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,GACf,MAAM,iBAAiB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/tools/index.ts"],"names":[],"mappings":"AACA,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,gBAAgB,EAChB,cAAc,GACf,MAAM,YAAY,CAAC;AAGpB,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAGhD,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAGvD,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG/D,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG7D,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAG5D,OAAO,EACL,OAAO,EACP,aAAa,EACb,aAAa,EACb,mBAAmB,EACnB,YAAY,EACZ,kBAAkB,GACnB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,MAAM,EACN,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,OAAO,EACP,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,SAAS,EACT,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,QAAQ,EACR,cAAc,EACd,OAAO,EACP,aAAa,GACd,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,aAAa,EACb,mBAAmB,GACpB,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,iBAAiB,EACjB,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,gBAAgB,EAChB,UAAU,GACX,MAAM,WAAW,CAAC;AAGnB,OAAO,EACL,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,YAAY,GACb,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,WAAW,EACX,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,EACtB,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,YAAY,EACZ,kBAAkB,EAClB,eAAe,EACf,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAGrB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,cAAc,CAAC;AAGtB,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,eAAe,EACf,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAGpB,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,qBAAqB,EAErB,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAGxB,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AAGvB,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,GACf,MAAM,iBAAiB,CAAC;AAGzB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,oBAAoB,GACrB,MAAM,gBAAgB,CAAC"}

package/dist/tools/index.js

@@ -42,4 +42,6 @@ realityCheck, realityCheckSchema, realityUpdate, realityUpdateSchema, } from './
 export { analyzeGameplanTool, analyzeGameplanSchema, getGameplanProgressTool, getProgressSchema, } from './gameplan.js';
 // Code complexity analysis and simplification
 export { analyzeComplexity, complexitySchema, analyzeSimplify, simplifySchema, } from './complexity.js';
+// Vulnerability scanning
+export { vulnScan, vulnScanSchema, vulnScanWithRegistry, } from './vuln-scan.js';
 //# sourceMappingURL=index.js.map

package/dist/tools/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/tools/index.ts"],"names":[],"mappings":"AAAA,cAAc;AACd,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,gBAAgB,EAChB,cAAc,GACf,MAAM,YAAY,CAAC;AAEpB,aAAa;AACb,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEhD,kBAAkB;AAClB,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEvD,eAAe;AACf,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE/D,eAAe;AACf,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7D,eAAe;AACf,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE5D,2BAA2B;AAC3B,OAAO,EACL,OAAO,EACP,aAAa,EACb,aAAa,EACb,mBAAmB,EACnB,YAAY,EACZ,kBAAkB,GACnB,MAAM,cAAc,CAAC;AAEtB,sDAAsD;AACtD,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,0CAA0C;AAC1C,OAAO,EACL,MAAM,EACN,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,OAAO,EACP,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,SAAS,EACT,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,QAAQ,EACR,cAAc,EACd,OAAO,EACP,aAAa,GACd,MAAM,aAAa,CAAC;AAErB,wBAAwB;AACxB,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,aAAa,EACb,mBAAmB,GACpB,MAAM,aAAa,CAAC;AAErB,wDAAwD;AACxD,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,iBAAiB,EACjB,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,gBAAgB,EAChB,UAAU,GACX,MAAM,WAAW,CAAC;AAEnB,2CAA2C;AAC3C,OAAO,EACL,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,2DAA2D;AAC3D,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAEvB,iCAAiC;AACjC,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,YAAY,GACb,MAAM,eAAe,CAAC;AAEvB,wDAAwD;AACxD,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,WAAW,EACX,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,EACtB,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,oBAAoB,CAAC;AAE5B,oCAAoC;AACpC,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,YAAY,EACZ,kBAAkB,EAClB,eAAe,EACf,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAErB,oBAAoB;AACpB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,cAAc,CAAC;AAEtB,4CAA4C;AAC5C,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,eAAe,EACf,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAEpB,2CAA2C;AAC3C,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,qBAAqB;AACrB,iCAAiC;AACjC,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAExB,8DAA8D;AAC9D,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AAEvB,8CAA8C;AAC9C,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,GACf,MAAM,iBAAiB,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/tools/index.ts"],"names":[],"mappings":"AAAA,cAAc;AACd,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,QAAQ,EACR,cAAc,EACd,gBAAgB,EAChB,cAAc,GACf,MAAM,YAAY,CAAC;AAEpB,aAAa;AACb,OAAO,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,YAAY,CAAC;AAEhD,kBAAkB;AAClB,OAAO,EAAE,SAAS,EAAE,eAAe,EAAE,MAAM,WAAW,CAAC;AAEvD,eAAe;AACf,OAAO,EAAE,gBAAgB,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE/D,eAAe;AACf,OAAO,EAAE,cAAc,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE7D,eAAe;AACf,OAAO,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAE5D,2BAA2B;AAC3B,OAAO,EACL,OAAO,EACP,aAAa,EACb,aAAa,EACb,mBAAmB,EACnB,YAAY,EACZ,kBAAkB,GACnB,MAAM,cAAc,CAAC;AAEtB,sDAAsD;AACtD,OAAO,EACL,aAAa,EACb,iBAAiB,EACjB,iBAAiB,EACjB,gBAAgB,EAChB,aAAa,EACb,mBAAmB,GACpB,MAAM,cAAc,CAAC;AAEtB,0CAA0C;AAC1C,OAAO,EACL,MAAM,EACN,YAAY,EACZ,YAAY,EACZ,kBAAkB,EAClB,OAAO,EACP,aAAa,EACb,UAAU,EACV,gBAAgB,EAChB,SAAS,EACT,eAAe,EACf,eAAe,EACf,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,QAAQ,EACR,cAAc,EACd,OAAO,EACP,aAAa,GACd,MAAM,aAAa,CAAC;AAErB,wBAAwB;AACxB,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,WAAW,EACX,iBAAiB,EACjB,SAAS,EACT,eAAe,EACf,aAAa,EACb,mBAAmB,GACpB,MAAM,aAAa,CAAC;AAErB,wDAAwD;AACxD,OAAO,EACL,YAAY,EACZ,kBAAkB,EAClB,iBAAiB,EACjB,eAAe,EACf,iBAAiB,EACjB,mBAAmB,EACnB,cAAc,EACd,eAAe,EACf,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,gBAAgB,EAChB,UAAU,GACX,MAAM,WAAW,CAAC;AAEnB,2CAA2C;AAC3C,OAAO,EACL,iBAAiB,EACjB,kBAAkB,GACnB,MAAM,mBAAmB,CAAC;AAE3B,2DAA2D;AAC3D,OAAO,EACL,aAAa,EACb,mBAAmB,EACnB,sBAAsB,EACtB,kBAAkB,GACnB,MAAM,eAAe,CAAC;AAEvB,iCAAiC;AACjC,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,YAAY,GACb,MAAM,eAAe,CAAC;AAEvB,wDAAwD;AACxD,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,WAAW,EACX,iBAAiB,EACjB,gBAAgB,EAChB,sBAAsB,EACtB,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,oBAAoB,CAAC;AAE5B,oCAAoC;AACpC,OAAO,EACL,WAAW,EACX,iBAAiB,EACjB,cAAc,EACd,oBAAoB,EACpB,YAAY,EACZ,kBAAkB,EAClB,eAAe,EACf,qBAAqB,GACtB,MAAM,aAAa,CAAC;AAErB,oBAAoB;AACpB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,oBAAoB,EACpB,0BAA0B,GAC3B,MAAM,cAAc,CAAC;AAEtB,4CAA4C;AAC5C,OAAO,EACL,iBAAiB,EACjB,uBAAuB,EACvB,eAAe,EACf,qBAAqB,EACrB,gBAAgB,EAChB,sBAAsB,GACvB,MAAM,YAAY,CAAC;AAEpB,2CAA2C;AAC3C,OAAO,EACL,cAAc,EACd,oBAAoB,EACpB,eAAe,EACf,qBAAqB;AACrB,iCAAiC;AACjC,YAAY,EACZ,kBAAkB,EAClB,aAAa,EACb,mBAAmB,GACpB,MAAM,gBAAgB,CAAC;AAExB,8DAA8D;AAC9D,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,uBAAuB,EACvB,iBAAiB,GAClB,MAAM,eAAe,CAAC;AAEvB,8CAA8C;AAC9C,OAAO,EACL,iBAAiB,EACjB,gBAAgB,EAChB,eAAe,EACf,cAAc,GACf,MAAM,iBAAiB,CAAC;AAEzB,yBAAyB;AACzB,OAAO,EACL,QAAQ,EACR,cAAc,EACd,oBAAoB,GACrB,MAAM,gBAAgB,CAAC"}

package/dist/tools/vuln-scan.d.ts

@@ -0,0 +1,74 @@
+/**
+ * Vulnerability Scanner
+ *
+ * Detects the top 5 reliably-detectable security anti-patterns:
+ * 1. Hardcoded secrets (API keys, tokens, passwords)
+ * 2. SQL injection (string concatenation in queries)
+ * 3. Command injection (exec/spawn with user input)
+ * 4. XSS vulnerabilities (innerHTML, dangerouslySetInnerHTML)
+ * 5. Slopsquatting (AI-hallucinated package names that don't exist)
+ *
+ * Based on Sec-Context research: https://arcanum-sec.github.io/sec-context/
+ */
+import { z } from 'zod';
+export declare const vulnScanSchema: z.ZodObject<{
+    projectPath: z.ZodOptional<z.ZodString>;
+    checkRegistry: z.ZodOptional<z.ZodBoolean>;
+    severity: z.ZodOptional<z.ZodEnum<["all", "critical", "high", "medium"]>>;
+    excludeTests: z.ZodOptional<z.ZodBoolean>;
+    excludePatterns: z.ZodOptional<z.ZodArray<z.ZodString, "many">>;
+}, "strip", z.ZodTypeAny, {
+    projectPath?: string | undefined;
+    severity?: "critical" | "high" | "medium" | "all" | undefined;
+    checkRegistry?: boolean | undefined;
+    excludeTests?: boolean | undefined;
+    excludePatterns?: string[] | undefined;
+}, {
+    projectPath?: string | undefined;
+    severity?: "critical" | "high" | "medium" | "all" | undefined;
+    checkRegistry?: boolean | undefined;
+    excludeTests?: boolean | undefined;
+    excludePatterns?: string[] | undefined;
+}>;
+export type VulnScanInput = z.infer<typeof vulnScanSchema>;
+export type VulnSeverity = 'critical' | 'high' | 'medium' | 'low';
+export type VulnType = 'hardcoded-secret' | 'sql-injection' | 'command-injection' | 'xss' | 'slopsquatting';
+export interface Vulnerability {
+    type: VulnType;
+    severity: VulnSeverity;
+    file: string;
+    line: number;
+    code: string;
+    description: string;
+    recommendation: string;
+}
+export interface SlopsquattingResult {
+    package: string;
+    exists: boolean;
+    similarTo?: string;
+    error?: string;
+}
+export interface VulnScanReport {
+    summary: {
+        filesScanned: number;
+        vulnerabilitiesFound: number;
+        critical: number;
+        high: number;
+        medium: number;
+        low: number;
+    };
+    vulnerabilities: Vulnerability[];
+    slopsquatting: SlopsquattingResult[];
+    suggestedPrompt: string;
+}
+export declare function vulnScan(input: VulnScanInput): VulnScanReport;
+/**
+ * Check if packages exist on npm registry
+ * This requires network access and should be used with checkRegistry: true
+ */
+export declare function checkNpmRegistry(packages: string[]): Promise<SlopsquattingResult[]>;
+/**
+ * Enhanced scan with npm registry verification
+ */
+export declare function vulnScanWithRegistry(input: VulnScanInput): Promise<VulnScanReport>;
+//# sourceMappingURL=vuln-scan.d.ts.map

package/dist/tools/vuln-scan.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"vuln-scan.d.ts","sourceRoot":"","sources":["../../src/tools/vuln-scan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAUxB,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;EAMzB,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AA6B3D,MAAM,MAAM,YAAY,GAAG,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;AAClE,MAAM,MAAM,QAAQ,GAAG,kBAAkB,GAAG,eAAe,GAAG,mBAAmB,GAAG,KAAK,GAAG,eAAe,CAAC;AAE5G,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,QAAQ,CAAC;IACf,QAAQ,EAAE,YAAY,CAAC;IACvB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,mBAAmB;IAClC,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,OAAO,CAAC;IAChB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,OAAO,EAAE;QACP,YAAY,EAAE,MAAM,CAAC;QACrB,oBAAoB,EAAE,MAAM,CAAC;QAC7B,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;KACb,CAAC;IACF,eAAe,EAAE,aAAa,EAAE,CAAC;IACjC,aAAa,EAAE,mBAAmB,EAAE,CAAC;IACrC,eAAe,EAAE,MAAM,CAAC;CACzB;AAgFD,wBAAgB,QAAQ,CAAC,KAAK,EAAE,aAAa,GAAG,cAAc,CA6I7D;AA8MD;;;GAGG;AACH,wBAAsB,gBAAgB,CAAC,QAAQ,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,mBAAmB,EAAE,CAAC,CA6BzF;AAED;;GAEG;AACH,wBAAsB,oBAAoB,CAAC,KAAK,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC,CAmCxF"}

package/dist/tools/vuln-scan.js

@@ -0,0 +1,493 @@
+/**
+ * Vulnerability Scanner
+ *
+ * Detects the top 5 reliably-detectable security anti-patterns:
+ * 1. Hardcoded secrets (API keys, tokens, passwords)
+ * 2. SQL injection (string concatenation in queries)
+ * 3. Command injection (exec/spawn with user input)
+ * 4. XSS vulnerabilities (innerHTML, dangerouslySetInnerHTML)
+ * 5. Slopsquatting (AI-hallucinated package names that don't exist)
+ *
+ * Based on Sec-Context research: https://arcanum-sec.github.io/sec-context/
+ */
+import { z } from 'zod';
+import { existsSync, readFileSync, readdirSync } from 'fs';
+import { join, relative, extname } from 'path';
+import { sanitizePath } from '../security.js';
+import { logger } from '../logger.js';
+// ============================================================================
+// SCHEMAS
+// ============================================================================
+export const vulnScanSchema = z.object({
+    projectPath: z.string().optional().describe('Path to project root'),
+    checkRegistry: z.boolean().optional().describe('Check npm registry for slopsquatting (requires network)'),
+    severity: z.enum(['all', 'critical', 'high', 'medium']).optional().describe('Minimum severity to report'),
+    excludeTests: z.boolean().optional().describe('Exclude test files (default: true)'),
+    excludePatterns: z.array(z.string()).optional().describe('Additional glob patterns to exclude'),
+});
+// ============================================================================
+// EXCLUSION PATTERNS
+// ============================================================================
+// Default patterns to exclude from scanning
+const DEFAULT_EXCLUDE_PATTERNS = [
+    // Scanner itself (self-referential detection is noise)
+    'vuln-scan.ts',
+    'vuln-scan.js',
+];
+// Test file patterns (excluded by default)
+const TEST_FILE_PATTERNS = [
+    /\.test\.[jt]sx?$/,
+    /\.spec\.[jt]sx?$/,
+    /__tests__\//,
+    /\/test\//,
+    /\/tests\//,
+];
+// Inline ignore comment pattern: // midas-ignore or // midas-ignore: reason
+const IGNORE_COMMENT_PATTERN = /\/\/\s*midas-ignore/;
+// ============================================================================
+// DETECTION PATTERNS
+// ============================================================================
+const SECRET_PATTERNS = [
+    // API Keys with common prefixes
+    { pattern: /api[_-]?key\s*[:=]\s*['"][a-zA-Z0-9_\-]{20,}['"]/gi, name: 'API key', severity: 'critical' },
+    { pattern: /secret[_-]?key\s*[:=]\s*['"][a-zA-Z0-9_\-]{20,}['"]/gi, name: 'Secret key', severity: 'critical' },
+    { pattern: /auth[_-]?token\s*[:=]\s*['"][a-zA-Z0-9_\-]{20,}['"]/gi, name: 'Auth token', severity: 'critical' },
+    { pattern: /access[_-]?token\s*[:=]\s*['"][a-zA-Z0-9_\-]{20,}['"]/gi, name: 'Access token', severity: 'critical' },
+    // Specific provider patterns - more flexible matching
+    { pattern: /sk-[a-zA-Z0-9]{32,}/g, name: 'OpenAI API key', severity: 'critical' },
+    { pattern: /ghp_[a-zA-Z0-9]{30,}/g, name: 'GitHub token', severity: 'critical' },
+    { pattern: /gho_[a-zA-Z0-9]{30,}/g, name: 'GitHub OAuth token', severity: 'critical' },
+    { pattern: /github_pat_[a-zA-Z0-9_]{20,}/g, name: 'GitHub PAT', severity: 'critical' },
+    { pattern: /xoxb-[0-9]+-[a-zA-Z0-9]+/g, name: 'Slack bot token', severity: 'critical' },
+    { pattern: /xoxp-[0-9]+-[a-zA-Z0-9]+/g, name: 'Slack user token', severity: 'critical' },
+    { pattern: /AKIA[0-9A-Z]{12,}/g, name: 'AWS access key', severity: 'critical' },
+    { pattern: /-----BEGIN (?:RSA |EC |DSA )?PRIVATE KEY-----/g, name: 'Private key', severity: 'critical' },
+    { pattern: /-----BEGIN OPENSSH PRIVATE KEY-----/g, name: 'SSH private key', severity: 'critical' },
+    // Database passwords
+    { pattern: /(?:password|passwd|pwd)\s*[:=]\s*['"][^'"]{8,}['"]/gi, name: 'Hardcoded password', severity: 'high' },
+    { pattern: /(?:mongodb|postgres|mysql):\/\/[^:]+:[^@]+@/gi, name: 'Database connection with password', severity: 'high' },
+    // JWT secrets
+    { pattern: /jwt[_-]?secret\s*[:=]\s*['"][^'"]{16,}['"]/gi, name: 'JWT secret', severity: 'critical' },
+];
+const SQL_INJECTION_PATTERNS = [
+    // String concatenation in queries - more flexible
+    { pattern: /['"`]SELECT[^'"]*['"]\s*\+\s*(?:req\.|params)/gi, description: 'SQL query with request parameter concatenation' },
+    { pattern: /query\s*\([^)]*\+\s*req\./gi, description: 'SQL query with request parameter' },
+    { pattern: /query\s*\(\s*`[^`]*\$\{[^}]*req\./gi, description: 'SQL query with template literal injection' },
+    { pattern: /execute\s*\(\s*['"`].*\+\s*(?:req\.|params\.|query\.)/gi, description: 'SQL execute with parameter concatenation' },
+    { pattern: /\$queryRaw\s*`[^`]*\$\{/gi, description: 'Prisma raw query with interpolation' },
+    { pattern: /\.raw\s*\(\s*`[^`]*\$\{/gi, description: 'ORM raw query with interpolation' },
+    // Dynamic table/column names
+    { pattern: /query\s*\(\s*['"`]SELECT.*FROM\s*['"`]\s*\+/gi, description: 'Dynamic table name in query' },
+];
+const COMMAND_INJECTION_PATTERNS = [
+    // exec with user input
+    { pattern: /exec\s*\(\s*['"`].*\+\s*(?:req\.|params\.|query\.|input|user)/gi, description: 'exec() with user input concatenation' },
+    { pattern: /exec\s*\(\s*`[^`]*\$\{(?:req\.|params\.|query\.|input|user)/gi, description: 'exec() with template literal injection' },
+    { pattern: /execSync\s*\(\s*['"`].*\+\s*(?:req\.|params\.|query\.|input|user)/gi, description: 'execSync() with user input' },
+    { pattern: /execSync\s*\(\s*`[^`]*\$\{(?:req\.|params\.|query\.|input|user)/gi, description: 'execSync() with template literal' },
+    // spawn with shell
+    { pattern: /spawn\s*\(\s*['"](?:sh|bash|cmd)['"]/gi, description: 'spawn() with shell - potential injection vector' },
+    { pattern: /spawn\s*\([^)]*shell:\s*true/gi, description: 'spawn() with shell: true' },
+    // child_process with user input
+    { pattern: /child_process.*\+\s*(?:req\.|params\.|query\.|input|user)/gi, description: 'child_process with user input' },
+];
+const XSS_PATTERNS = [
+    // React
+    { pattern: /dangerouslySetInnerHTML\s*=\s*\{\s*\{\s*__html:/g, description: 'React dangerouslySetInnerHTML - XSS risk', severity: 'high' },
+    // Vanilla JS
+    { pattern: /\.innerHTML\s*=\s*(?!['"`]<)/g, description: 'innerHTML assignment with dynamic content', severity: 'high' },
+    { pattern: /\.outerHTML\s*=\s*(?!['"`]<)/g, description: 'outerHTML assignment with dynamic content', severity: 'high' },
+    // Vue
+    { pattern: /v-html\s*=/g, description: 'Vue v-html directive - XSS risk', severity: 'medium' },
+    // jQuery
+    { pattern: /\$\([^)]+\)\.html\s*\([^)]*(?:req\.|params\.|query\.|input|user)/gi, description: 'jQuery .html() with user input', severity: 'high' },
+    // document.write
+    { pattern: /document\.write\s*\(/g, description: 'document.write() - XSS and performance issues', severity: 'medium' },
+    // eval
+    { pattern: /eval\s*\(\s*(?:req\.|params\.|query\.|input|user)/gi, description: 'eval() with user input - critical XSS/RCE', severity: 'critical' },
+];
+const IGNORE_DIRS = ['node_modules', '.git', 'dist', 'build', '.midas', 'coverage', '.next', '__pycache__', 'vendor'];
+const CODE_EXTENSIONS = ['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs', '.py', '.rb', '.php', '.go', '.java'];
+// ============================================================================
+// MAIN SCAN FUNCTION
+// ============================================================================
+export function vulnScan(input) {
+    const projectPath = sanitizePath(input.projectPath);
+    const minSeverity = input.severity || 'all';
+    const excludeTests = input.excludeTests !== false; // Default: true
+    const userExcludePatterns = input.excludePatterns || [];
+    const vulnerabilities = [];
+    const slopsquatting = [];
+    let filesScanned = 0;
+    // Check if a file should be excluded
+    function shouldExclude(filePath, relativePath) {
+        // Check default exclusions (scanner itself)
+        for (const pattern of DEFAULT_EXCLUDE_PATTERNS) {
+            if (relativePath.includes(pattern)) {
+                return true;
+            }
+        }
+        // Check test file exclusions
+        if (excludeTests) {
+            for (const pattern of TEST_FILE_PATTERNS) {
+                if (pattern.test(relativePath)) {
+                    return true;
+                }
+            }
+        }
+        // Check user-specified exclusions
+        for (const pattern of userExcludePatterns) {
+            if (relativePath.includes(pattern)) {
+                return true;
+            }
+        }
+        return false;
+    }
+    // Scan all code files
+    function scanDir(dir, depth = 0) {
+        if (depth > 10)
+            return;
+        try {
+            const entries = readdirSync(dir, { withFileTypes: true });
+            for (const entry of entries) {
+                if (IGNORE_DIRS.includes(entry.name) || entry.name.startsWith('.'))
+                    continue;
+                const fullPath = join(dir, entry.name);
+                const relativePath = relative(projectPath, fullPath);
+                if (entry.isDirectory()) {
+                    scanDir(fullPath, depth + 1);
+                }
+                else if (entry.isFile()) {
+                    const ext = extname(entry.name);
+                    if (CODE_EXTENSIONS.includes(ext)) {
+                        // Check exclusions
+                        if (shouldExclude(fullPath, relativePath)) {
+                            continue;
+                        }
+                        const fileVulns = scanFile(fullPath, projectPath);
+                        vulnerabilities.push(...fileVulns);
+                        filesScanned++;
+                    }
+                }
+            }
+        }
+        catch (error) {
+            logger.debug('Error scanning directory', { dir, error: String(error) });
+        }
+    }
+    scanDir(projectPath);
+    // Check package.json for slopsquatting (sync, no network by default)
+    const pkgPath = join(projectPath, 'package.json');
+    if (existsSync(pkgPath)) {
+        try {
+            const pkg = JSON.parse(readFileSync(pkgPath, 'utf-8'));
+            const allDeps = {
+                ...pkg.dependencies,
+                ...pkg.devDependencies,
+            };
+            // Check for suspicious package names (typosquatting indicators)
+            for (const [name] of Object.entries(allDeps)) {
+                const suspicious = checkSuspiciousPackage(name);
+                if (suspicious) {
+                    slopsquatting.push(suspicious);
+                }
+            }
+        }
+        catch (error) {
+            logger.debug('Error reading package.json', { error: String(error) });
+        }
+    }
+    // Filter by severity
+    const severityOrder = { critical: 0, high: 1, medium: 2, low: 3 };
+    const minSeverityLevel = minSeverity === 'all' ? 3 : severityOrder[minSeverity];
+    const filteredVulns = vulnerabilities.filter(v => severityOrder[v.severity] <= minSeverityLevel);
+    // Sort by severity
+    filteredVulns.sort((a, b) => severityOrder[a.severity] - severityOrder[b.severity]);
+    // Count by severity
+    const critical = filteredVulns.filter(v => v.severity === 'critical').length;
+    const high = filteredVulns.filter(v => v.severity === 'high').length;
+    const medium = filteredVulns.filter(v => v.severity === 'medium').length;
+    const low = filteredVulns.filter(v => v.severity === 'low').length;
+    // Generate suggested prompt
+    let suggestedPrompt = 'No security vulnerabilities detected. Codebase looks secure!';
+    if (critical > 0) {
+        const topCritical = filteredVulns.find(v => v.severity === 'critical');
+        if (topCritical) {
+            suggestedPrompt = `CRITICAL: Fix ${topCritical.type} in ${topCritical.file}:${topCritical.line}. ${topCritical.recommendation}`;
+        }
+    }
+    else if (high > 0) {
+        const topHigh = filteredVulns.find(v => v.severity === 'high');
+        if (topHigh) {
+            suggestedPrompt = `Fix ${topHigh.type} in ${topHigh.file}:${topHigh.line}. ${topHigh.recommendation}`;
+        }
+    }
+    else if (slopsquatting.length > 0) {
+        const sus = slopsquatting[0];
+        suggestedPrompt = `Verify package "${sus.package}" exists on npm. ${sus.similarTo ? `Did you mean "${sus.similarTo}"?` : 'May be AI-hallucinated.'}`;
+    }
+    return {
+        summary: {
+            filesScanned,
+            vulnerabilitiesFound: filteredVulns.length,
+            critical,
+            high,
+            medium,
+            low,
+        },
+        vulnerabilities: filteredVulns.slice(0, 50), // Limit output
+        slopsquatting,
+        suggestedPrompt,
+    };
+}
+// ============================================================================
+// FILE SCANNING
+// ============================================================================
+function scanFile(filePath, projectPath) {
+    const vulnerabilities = [];
+    try {
+        const content = readFileSync(filePath, 'utf-8');
+        const lines = content.split('\n');
+        const relativePath = relative(projectPath, filePath);
+        // Helper to check if a line has midas-ignore comment (same line or previous line)
+        function hasIgnoreComment(lineNum) {
+            const line = lines[lineNum - 1] || '';
+            const prevLine = lines[lineNum - 2] || '';
+            return IGNORE_COMMENT_PATTERN.test(line) || IGNORE_COMMENT_PATTERN.test(prevLine);
+        }
+        // Check for hardcoded secrets
+        for (const { pattern, name, severity } of SECRET_PATTERNS) {
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const lineNum = content.slice(0, match.index).split('\n').length;
+                const line = lines[lineNum - 1] || '';
+                // Skip if it's clearly a placeholder or example
+                if (isPlaceholder(match[0]))
+                    continue;
+                // Skip if line has midas-ignore comment
+                if (hasIgnoreComment(lineNum))
+                    continue;
+                vulnerabilities.push({
+                    type: 'hardcoded-secret',
+                    severity,
+                    file: relativePath,
+                    line: lineNum,
+                    code: truncateLine(line),
+                    description: `${name} detected in source code`,
+                    recommendation: 'Move to environment variable or secrets manager. Never commit secrets to version control.',
+                });
+            }
+        }
+        // Check for SQL injection
+        for (const { pattern, description } of SQL_INJECTION_PATTERNS) {
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const lineNum = content.slice(0, match.index).split('\n').length;
+                const line = lines[lineNum - 1] || '';
+                // Skip if line has midas-ignore comment
+                if (hasIgnoreComment(lineNum))
+                    continue;
+                vulnerabilities.push({
+                    type: 'sql-injection',
+                    severity: 'high',
+                    file: relativePath,
+                    line: lineNum,
+                    code: truncateLine(line),
+                    description,
+                    recommendation: 'Use parameterized queries or prepared statements. Never concatenate user input into SQL.',
+                });
+            }
+        }
+        // Check for command injection
+        for (const { pattern, description } of COMMAND_INJECTION_PATTERNS) {
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const lineNum = content.slice(0, match.index).split('\n').length;
+                const line = lines[lineNum - 1] || '';
+                // Skip if line has midas-ignore comment
+                if (hasIgnoreComment(lineNum))
+                    continue;
+                vulnerabilities.push({
+                    type: 'command-injection',
+                    severity: 'critical',
+                    file: relativePath,
+                    line: lineNum,
+                    code: truncateLine(line),
+                    description,
+                    recommendation: 'Avoid shell commands with user input. Use execFile() with explicit arguments, or sanitize/validate input strictly.',
+                });
+            }
+        }
+        // Check for XSS
+        for (const { pattern, description, severity } of XSS_PATTERNS) {
+            let match;
+            while ((match = pattern.exec(content)) !== null) {
+                const lineNum = content.slice(0, match.index).split('\n').length;
+                const line = lines[lineNum - 1] || '';
+                // Skip if line has midas-ignore comment
+                if (hasIgnoreComment(lineNum))
+                    continue;
+                vulnerabilities.push({
+                    type: 'xss',
+                    severity,
+                    file: relativePath,
+                    line: lineNum,
+                    code: truncateLine(line),
+                    description,
+                    recommendation: 'Sanitize HTML content with DOMPurify or similar. Prefer textContent over innerHTML when possible.',
+                });
+            }
+        }
+    }
+    catch (error) {
+        logger.debug('Error scanning file', { filePath, error: String(error) });
+    }
+    return vulnerabilities;
+}
+// ============================================================================
+// HELPER FUNCTIONS
+// ============================================================================
+/**
+ * Check if a string looks like a placeholder rather than a real secret
+ */
+function isPlaceholder(value) {
+    const placeholderPatterns = [
+        /your[_-]?api[_-]?key/i,
+        /xxx+/i,
+        /placeholder/i,
+        /example/i,
+        /test[_-]?key/i,
+        /dummy/i,
+        /fake/i,
+        /\<[^>]+\>/, // <your-key-here>
+        /\[.*\]/, // [API_KEY]
+        /\{.*\}/, // {api_key}
+        /^sk-[x]+$/i, // sk-xxxx...
+    ];
+    return placeholderPatterns.some(p => p.test(value));
+}
+/**
+ * Truncate line for display
+ */
+function truncateLine(line, maxLen = 100) {
+    const trimmed = line.trim();
+    if (trimmed.length <= maxLen)
+        return trimmed;
+    return trimmed.slice(0, maxLen - 3) + '...';
+}
+/**
+ * Check if a package name looks suspicious (potential typosquat/slopsquat)
+ */
+function checkSuspiciousPackage(name) {
+    // Common typosquatting targets and their typos
+    const knownPackages = {
+        'lodash': ['lodahs', 'lodasch', 'loadash', 'lodsh'],
+        'express': ['expresss', 'expres', 'exprss'],
+        'react': ['reacts', 'reactt', 'raect'],
+        'axios': ['axois', 'axio', 'axioss'],
+        'moment': ['momnet', 'momet', 'momen'],
+        'colors': ['colrs', 'colour', 'colorss'],
+        'chalk': ['challk', 'chalks', 'chak'],
+        'request': ['requst', 'requets', 'requet'],
+        'commander': ['comander', 'comanderr', 'commnder'],
+        'dotenv': ['dotenvv', 'dotnev', 'dotev'],
+    };
+    // Check if it's a known typo
+    for (const [correct, typos] of Object.entries(knownPackages)) {
+        if (typos.includes(name)) {
+            return {
+                package: name,
+                exists: false,
+                similarTo: correct,
+            };
+        }
+    }
+    // Check for suspicious patterns
+    const suspiciousPatterns = [
+        /^[a-z]+-[a-z]+-[a-z]+-[a-z]+$/, // Too many dashes (often AI-generated)
+        /^[a-z]{20,}$/, // Very long single word
+        /@[a-z]+\/[a-z]+-v\d+$/, // Fake scoped package with version
+    ];
+    for (const pattern of suspiciousPatterns) {
+        if (pattern.test(name)) {
+            return {
+                package: name,
+                exists: false, // Unknown
+                error: 'Unusual package name pattern - verify it exists',
+            };
+        }
+    }
+    return null;
+}
+// ============================================================================
+// ASYNC REGISTRY CHECK (for network-enabled scanning)
+// ============================================================================
+/**
+ * Check if packages exist on npm registry
+ * This requires network access and should be used with checkRegistry: true
+ */
+export async function checkNpmRegistry(packages) {
+    const results = [];
+    for (const pkg of packages.slice(0, 20)) { // Limit to 20 packages
+        try {
+            const response = await fetch(`https://registry.npmjs.org/${encodeURIComponent(pkg)}`, {
+                method: 'HEAD',
+                signal: AbortSignal.timeout(5000),
+            });
+            if (response.status === 404) {
+                results.push({
+                    package: pkg,
+                    exists: false,
+                    error: 'Package does not exist on npm - may be AI-hallucinated',
+                });
+            }
+            else if (response.ok) {
+                // Package exists, no issue
+            }
+        }
+        catch (error) {
+            results.push({
+                package: pkg,
+                exists: false,
+                error: `Could not verify: ${String(error)}`,
+            });
+        }
+    }
+    return results;
+}
+/**
+ * Enhanced scan with npm registry verification
+ */
+export async function vulnScanWithRegistry(input) {
+    const basicReport = vulnScan(input);
+    if (!input.checkRegistry) {
+        return basicReport;
+    }
+    // Get all dependencies
+    const projectPath = sanitizePath(input.projectPath);
+    const pkgPath = join(projectPath, 'package.json');
+    if (existsSync(pkgPath)) {
+        try {
+            const pkg = JSON.parse(readFileSync(pkgPath, 'utf-8'));
+            const allDeps = Object.keys({
+                ...pkg.dependencies,
+                ...pkg.devDependencies,
+            });
+            const registryResults = await checkNpmRegistry(allDeps);
+            basicReport.slopsquatting.push(...registryResults);
+            // Update suggested prompt if slopsquatting found
+            if (registryResults.length > 0 && basicReport.summary.critical === 0) {
+                const firstMissing = registryResults.find(r => !r.exists);
+                if (firstMissing) {
+                    basicReport.suggestedPrompt = `Package "${firstMissing.package}" not found on npm. Remove or replace with correct package name.`;
+                }
+            }
+        }
+        catch (error) {
+            logger.debug('Error checking npm registry', { error: String(error) });
+        }
+    }
+    return basicReport;
+}
+//# sourceMappingURL=vuln-scan.js.map

package/dist/tools/vuln-scan.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"vuln-scan.js","sourceRoot":"","sources":["../../src/tools/vuln-scan.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,EAAE,UAAU,EAAE,YAAY,EAAE,WAAW,EAAE,MAAM,IAAI,CAAC;AAC3D,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAC/C,OAAO,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAC9C,OAAO,EAAE,MAAM,EAAE,MAAM,cAAc,CAAC;AAEtC,+EAA+E;AAC/E,UAAU;AACV,+EAA+E;AAE/E,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,CAAC,MAAM,CAAC;IACrC,WAAW,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,sBAAsB,CAAC;IACnE,aAAa,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,yDAAyD,CAAC;IACzG,QAAQ,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,4BAA4B,CAAC;IACzG,YAAY,EAAE,CAAC,CAAC,OAAO,EAAE,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,oCAAoC,CAAC;IACnF,eAAe,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,QAAQ,CAAC,qCAAqC,CAAC;CAChG,CAAC,CAAC;AAIH,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,4CAA4C;AAC5C,MAAM,wBAAwB,GAAG;IAC/B,uDAAuD;IACvD,cAAc;IACd,cAAc;CACf,CAAC;AAEF,2CAA2C;AAC3C,MAAM,kBAAkB,GAAG;IACzB,kBAAkB;IAClB,kBAAkB;IAClB,aAAa;IACb,UAAU;IACV,WAAW;CACZ,CAAC;AAEF,4EAA4E;AAC5E,MAAM,sBAAsB,GAAG,qBAAqB,CAAC;AAwCrD,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,MAAM,eAAe,GAAqE;IACxF,gCAAgC;IAChC,EAAE,OAAO,EAAE,oDAAoD,EAAE,IAAI,EAAE,SAAS,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxG,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC9G,EAAE,OAAO,EAAE,uDAAuD,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC9G,EAAE,OAAO,EAAE,yDAAyD,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE;IAElH,sDAAsD;IACtD,EAAE,OAAO,EAAE,sBAAsB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACjF,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,cAAc,EAAE,QAAQ,EAAE,UAAU,EAAE;IAChF,EAAE,OAAO,EAAE,uBAAuB,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACtF,EAAE,OAAO,EAAE,+BAA+B,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;IACtF,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACvF,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,kBAAkB,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxF,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,gBAAgB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAC/E,EAAE,OAAO,EAAE,gDAAgD,EAAE,IAAI,EAAE,aAAa,EAAE,QAAQ,EAAE,UAAU,EAAE;IACxG,EAAE,OAAO,EAAE,sCAAsC,EAAE,IAAI,EAAE,iBAAiB,EAAE,QAAQ,EAAE,UAAU,EAAE;IAElG,qBAAqB;IACrB,EAAE,OAAO,EAAE,sDAAsD,EAAE,IAAI,EAAE,oBAAoB,EAAE,QAAQ,EAAE,MAAM,EAAE;IACjH,EAAE,OAAO,EAAE,+CAA+C,EAAE,IAAI,EAAE,mCAAmC,EAAE,QAAQ,EAAE,MAAM,EAAE;IAEzH,cAAc;IACd,EAAE,OAAO,EAAE,8CAA8C,EAAE,IAAI,EAAE,YAAY,EAAE,QAAQ,EAAE,UAAU,EAAE;CACtG,CAAC;AAEF,MAAM,sBAAsB,GAAoD;IAC9E,kDAAkD;IAClD,EAAE,OAAO,EAAE,iDAAiD,EAAE,WAAW,EAAE,gDAAgD,EAAE;IAC7H,EAAE,OAAO,EAAE,6BAA6B,EAAE,WAAW,EAAE,kCAAkC,EAAE;IAC3F,EAAE,OAAO,EAAE,qCAAqC,EAAE,WAAW,EAAE,2CAA2C,EAAE;IAC5G,EAAE,OAAO,EAAE,yDAAyD,EAAE,WAAW,EAAE,0CAA0C,EAAE;IAC/H,EAAE,OAAO,EAAE,2BAA2B,EAAE,WAAW,EAAE,qCAAqC,EAAE;IAC5F,EAAE,OAAO,EAAE,2BAA2B,EAAE,WAAW,EAAE,kCAAkC,EAAE;IACzF,6BAA6B;IAC7B,EAAE,OAAO,EAAE,+CAA+C,EAAE,WAAW,EAAE,6BAA6B,EAAE;CACzG,CAAC;AAEF,MAAM,0BAA0B,GAAoD;IAClF,uBAAuB;IACvB,EAAE,OAAO,EAAE,iEAAiE,EAAE,WAAW,EAAE,sCAAsC,EAAE;IACnI,EAAE,OAAO,EAAE,+DAA+D,EAAE,WAAW,EAAE,wCAAwC,EAAE;IACnI,EAAE,OAAO,EAAE,qEAAqE,EAAE,WAAW,EAAE,4BAA4B,EAAE;IAC7H,EAAE,OAAO,EAAE,mEAAmE,EAAE,WAAW,EAAE,kCAAkC,EAAE;IACjI,mBAAmB;IACnB,EAAE,OAAO,EAAE,wCAAwC,EAAE,WAAW,EAAE,iDAAiD,EAAE;IACrH,EAAE,OAAO,EAAE,gCAAgC,EAAE,WAAW,EAAE,0BAA0B,EAAE;IACtF,gCAAgC;IAChC,EAAE,OAAO,EAAE,6DAA6D,EAAE,WAAW,EAAE,+BAA+B,EAAE;CACzH,CAAC;AAEF,MAAM,YAAY,GAA4E;IAC5F,QAAQ;IACR,EAAE,OAAO,EAAE,kDAAkD,EAAE,WAAW,EAAE,0CAA0C,EAAE,QAAQ,EAAE,MAAM,EAAE;IAC1I,aAAa;IACb,EAAE,OAAO,EAAE,+BAA+B,EAAE,WAAW,EAAE,2CAA2C,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxH,EAAE,OAAO,EAAE,+BAA+B,EAAE,WAAW,EAAE,2CAA2C,EAAE,QAAQ,EAAE,MAAM,EAAE;IACxH,MAAM;IACN,EAAE,OAAO,EAAE,aAAa,EAAE,WAAW,EAAE,iCAAiC,EAAE,QAAQ,EAAE,QAAQ,EAAE;IAC9F,SAAS;IACT,EAAE,OAAO,EAAE,oEAAoE,EAAE,WAAW,EAAE,gCAAgC,EAAE,QAAQ,EAAE,MAAM,EAAE;IAClJ,iBAAiB;IACjB,EAAE,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,+CAA+C,EAAE,QAAQ,EAAE,QAAQ,EAAE;IACtH,OAAO;IACP,EAAE,OAAO,EAAE,qDAAqD,EAAE,WAAW,EAAE,2CAA2C,EAAE,QAAQ,EAAE,UAAU,EAAE;CACnJ,CAAC;AAEF,MAAM,WAAW,GAAG,CAAC,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,UAAU,EAAE,OAAO,EAAE,aAAa,EAAE,QAAQ,CAAC,CAAC;AACtH,MAAM,eAAe,GAAG,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC;AAE7G,+EAA+E;AAC/E,qBAAqB;AACrB,+EAA+E;AAE/E,MAAM,UAAU,QAAQ,CAAC,KAAoB;IAC3C,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,WAAW,GAAG,KAAK,CAAC,QAAQ,IAAI,KAAK,CAAC;IAC5C,MAAM,YAAY,GAAG,KAAK,CAAC,YAAY,KAAK,KAAK,CAAC,CAAC,gBAAgB;IACnE,MAAM,mBAAmB,GAAG,KAAK,CAAC,eAAe,IAAI,EAAE,CAAC;IAExD,MAAM,eAAe,GAAoB,EAAE,CAAC;IAC5C,MAAM,aAAa,GAA0B,EAAE,CAAC;IAChD,IAAI,YAAY,GAAG,CAAC,CAAC;IAErB,qCAAqC;IACrC,SAAS,aAAa,CAAC,QAAgB,EAAE,YAAoB;QAC3D,4CAA4C;QAC5C,KAAK,MAAM,OAAO,IAAI,wBAAwB,EAAE,CAAC;YAC/C,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,6BAA6B;QAC7B,IAAI,YAAY,EAAE,CAAC;YACjB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;gBACzC,IAAI,OAAO,CAAC,IAAI,CAAC,YAAY,CAAC,EAAE,CAAC;oBAC/B,OAAO,IAAI,CAAC;gBACd,CAAC;YACH,CAAC;QACH,CAAC;QAED,kCAAkC;QAClC,KAAK,MAAM,OAAO,IAAI,mBAAmB,EAAE,CAAC;YAC1C,IAAI,YAAY,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;gBACnC,OAAO,IAAI,CAAC;YACd,CAAC;QACH,CAAC;QAED,OAAO,KAAK,CAAC;IACf,CAAC;IAED,sBAAsB;IACtB,SAAS,OAAO,CAAC,GAAW,EAAE,KAAK,GAAG,CAAC;QACrC,IAAI,KAAK,GAAG,EAAE;YAAE,OAAO;QAEvB,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;YAC1D,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;gBAC5B,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC;oBAAE,SAAS;gBAE7E,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;gBACvC,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;gBAErD,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;oBACxB,OAAO,CAAC,QAAQ,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;gBAC/B,CAAC;qBAAM,IAAI,KAAK,CAAC,MAAM,EAAE,EAAE,CAAC;oBAC1B,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;oBAChC,IAAI,eAAe,CAAC,QAAQ,CAAC,GAAG,CAAC,EAAE,CAAC;wBAClC,mBAAmB;wBACnB,IAAI,aAAa,CAAC,QAAQ,EAAE,YAAY,CAAC,EAAE,CAAC;4BAC1C,SAAS;wBACX,CAAC;wBAED,MAAM,SAAS,GAAG,QAAQ,CAAC,QAAQ,EAAE,WAAW,CAAC,CAAC;wBAClD,eAAe,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC;wBACnC,YAAY,EAAE,CAAC;oBACjB,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,0BAA0B,EAAE,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;IAED,OAAO,CAAC,WAAW,CAAC,CAAC;IAErB,qEAAqE;IACrE,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAClD,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;YACvD,MAAM,OAAO,GAAG;gBACd,GAAG,GAAG,CAAC,YAAY;gBACnB,GAAG,GAAG,CAAC,eAAe;aACvB,CAAC;YAEF,gEAAgE;YAChE,KAAK,MAAM,CAAC,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC7C,MAAM,UAAU,GAAG,sBAAsB,CAAC,IAAI,CAAC,CAAC;gBAChD,IAAI,UAAU,EAAE,CAAC;oBACf,aAAa,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;gBACjC,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,4BAA4B,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,qBAAqB;IACrB,MAAM,aAAa,GAAiC,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;IAChG,MAAM,gBAAgB,GAAG,WAAW,KAAK,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,WAA2B,CAAC,CAAC;IAEhG,MAAM,aAAa,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,gBAAgB,CAAC,CAAC;IAEjG,mBAAmB;IACnB,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAEpF,oBAAoB;IACpB,MAAM,QAAQ,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM,CAAC;IAC7E,MAAM,IAAI,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IACrE,MAAM,MAAM,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM,CAAC;IACzE,MAAM,GAAG,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM,CAAC;IAEnE,4BAA4B;IAC5B,IAAI,eAAe,GAAG,8DAA8D,CAAC;IAErF,IAAI,QAAQ,GAAG,CAAC,EAAE,CAAC;QACjB,MAAM,WAAW,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC;QACvE,IAAI,WAAW,EAAE,CAAC;YAChB,eAAe,GAAG,iBAAiB,WAAW,CAAC,IAAI,OAAO,WAAW,CAAC,IAAI,IAAI,WAAW,CAAC,IAAI,KAAK,WAAW,CAAC,cAAc,EAAE,CAAC;QAClI,CAAC;IACH,CAAC;SAAM,IAAI,IAAI,GAAG,CAAC,EAAE,CAAC;QACpB,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC;QAC/D,IAAI,OAAO,EAAE,CAAC;YACZ,eAAe,GAAG,OAAO,OAAO,CAAC,IAAI,OAAO,OAAO,CAAC,IAAI,IAAI,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,cAAc,EAAE,CAAC;QACxG,CAAC;IACH,CAAC;SAAM,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,CAAC;QAC7B,eAAe,GAAG,mBAAmB,GAAG,CAAC,OAAO,oBAAoB,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,iBAAiB,GAAG,CAAC,SAAS,IAAI,CAAC,CAAC,CAAC,yBAAyB,EAAE,CAAC;IACvJ,CAAC;IAED,OAAO;QACL,OAAO,EAAE;YACP,YAAY;YACZ,oBAAoB,EAAE,aAAa,CAAC,MAAM;YAC1C,QAAQ;YACR,IAAI;YACJ,MAAM;YACN,GAAG;SACJ;QACD,eAAe,EAAE,aAAa,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,eAAe;QAC5D,aAAa;QACb,eAAe;KAChB,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,gBAAgB;AAChB,+EAA+E;AAE/E,SAAS,QAAQ,CAAC,QAAgB,EAAE,WAAmB;IACrD,MAAM,eAAe,GAAoB,EAAE,CAAC;IAE5C,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,YAAY,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAChD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,YAAY,GAAG,QAAQ,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;QAErD,kFAAkF;QAClF,SAAS,gBAAgB,CAAC,OAAe;YACvC,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YACtC,MAAM,QAAQ,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;YAC1C,OAAO,sBAAsB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,sBAAsB,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QACpF,CAAC;QAED,8BAA8B;QAC9B,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,eAAe,EAAE,CAAC;YAC1D,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBACjE,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEtC,gDAAgD;gBAChD,IAAI,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;oBAAE,SAAS;gBAEtC,wCAAwC;gBACxC,IAAI,gBAAgB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAExC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,kBAAkB;oBACxB,QAAQ;oBACR,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC;oBACxB,WAAW,EAAE,GAAG,IAAI,0BAA0B;oBAC9C,cAAc,EAAE,2FAA2F;iBAC5G,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,0BAA0B;QAC1B,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,sBAAsB,EAAE,CAAC;YAC9D,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBACjE,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEtC,wCAAwC;gBACxC,IAAI,gBAAgB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAExC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,eAAe;oBACrB,QAAQ,EAAE,MAAM;oBAChB,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC;oBACxB,WAAW;oBACX,cAAc,EAAE,0FAA0F;iBAC3G,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,8BAA8B;QAC9B,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,IAAI,0BAA0B,EAAE,CAAC;YAClE,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBACjE,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEtC,wCAAwC;gBACxC,IAAI,gBAAgB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAExC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,mBAAmB;oBACzB,QAAQ,EAAE,UAAU;oBACpB,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC;oBACxB,WAAW;oBACX,cAAc,EAAE,oHAAoH;iBACrI,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,gBAAgB;QAChB,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,QAAQ,EAAE,IAAI,YAAY,EAAE,CAAC;YAC9D,IAAI,KAAK,CAAC;YACV,OAAO,CAAC,KAAK,GAAG,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;gBACjE,MAAM,IAAI,GAAG,KAAK,CAAC,OAAO,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gBAEtC,wCAAwC;gBACxC,IAAI,gBAAgB,CAAC,OAAO,CAAC;oBAAE,SAAS;gBAExC,eAAe,CAAC,IAAI,CAAC;oBACnB,IAAI,EAAE,KAAK;oBACX,QAAQ;oBACR,IAAI,EAAE,YAAY;oBAClB,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,YAAY,CAAC,IAAI,CAAC;oBACxB,WAAW;oBACX,cAAc,EAAE,mGAAmG;iBACpH,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IAEH,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,MAAM,CAAC,KAAK,CAAC,qBAAqB,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAC1E,CAAC;IAED,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,+EAA+E;AAC/E,mBAAmB;AACnB,+EAA+E;AAE/E;;GAEG;AACH,SAAS,aAAa,CAAC,KAAa;IAClC,MAAM,mBAAmB,GAAG;QAC1B,uBAAuB;QACvB,OAAO;QACP,cAAc;QACd,UAAU;QACV,eAAe;QACf,QAAQ;QACR,OAAO;QACP,WAAW,EAAG,kBAAkB;QAChC,QAAQ,EAAM,YAAY;QAC1B,QAAQ,EAAM,YAAY;QAC1B,YAAY,EAAE,aAAa;KAC5B,CAAC;IAEF,OAAO,mBAAmB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;AACtD,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CAAC,IAAY,EAAE,MAAM,GAAG,GAAG;IAC9C,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5B,IAAI,OAAO,CAAC,MAAM,IAAI,MAAM;QAAE,OAAO,OAAO,CAAC;IAC7C,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,MAAM,GAAG,CAAC,CAAC,GAAG,KAAK,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,SAAS,sBAAsB,CAAC,IAAY;IAC1C,+CAA+C;IAC/C,MAAM,aAAa,GAA6B;QAC9C,QAAQ,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,SAAS,EAAE,OAAO,CAAC;QACnD,SAAS,EAAE,CAAC,UAAU,EAAE,QAAQ,EAAE,QAAQ,CAAC;QAC3C,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,OAAO,CAAC;QACtC,OAAO,EAAE,CAAC,OAAO,EAAE,MAAM,EAAE,QAAQ,CAAC;QACpC,QAAQ,EAAE,CAAC,QAAQ,EAAE,OAAO,EAAE,OAAO,CAAC;QACtC,QAAQ,EAAE,CAAC,OAAO,EAAE,QAAQ,EAAE,SAAS,CAAC;QACxC,OAAO,EAAE,CAAC,QAAQ,EAAE,QAAQ,EAAE,MAAM,CAAC;QACrC,SAAS,EAAE,CAAC,QAAQ,EAAE,SAAS,EAAE,QAAQ,CAAC;QAC1C,WAAW,EAAE,CAAC,UAAU,EAAE,WAAW,EAAE,UAAU,CAAC;QAClD,QAAQ,EAAE,CAAC,SAAS,EAAE,QAAQ,EAAE,OAAO,CAAC;KACzC,CAAC;IAEF,6BAA6B;IAC7B,KAAK,MAAM,CAAC,OAAO,EAAE,KAAK,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,aAAa,CAAC,EAAE,CAAC;QAC7D,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,KAAK;gBACb,SAAS,EAAE,OAAO;aACnB,CAAC;QACJ,CAAC;IACH,CAAC;IAED,gCAAgC;IAChC,MAAM,kBAAkB,GAAG;QACzB,+BAA+B,EAAG,uCAAuC;QACzE,cAAc,EAAqB,wBAAwB;QAC3D,uBAAuB,EAAW,mCAAmC;KACtE,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YACvB,OAAO;gBACL,OAAO,EAAE,IAAI;gBACb,MAAM,EAAE,KAAK,EAAE,UAAU;gBACzB,KAAK,EAAE,iDAAiD;aACzD,CAAC;QACJ,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,+EAA+E;AAC/E,sDAAsD;AACtD,+EAA+E;AAE/E;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CAAC,QAAkB;IACvD,MAAM,OAAO,GAA0B,EAAE,CAAC;IAE1C,KAAK,MAAM,GAAG,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC,uBAAuB;QAChE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,8BAA8B,kBAAkB,CAAC,GAAG,CAAC,EAAE,EAAE;gBACpF,MAAM,EAAE,MAAM;gBACd,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC;aAClC,CAAC,CAAC;YAEH,IAAI,QAAQ,CAAC,MAAM,KAAK,GAAG,EAAE,CAAC;gBAC5B,OAAO,CAAC,IAAI,CAAC;oBACX,OAAO,EAAE,GAAG;oBACZ,MAAM,EAAE,KAAK;oBACb,KAAK,EAAE,wDAAwD;iBAChE,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC;gBACvB,2BAA2B;YAC7B,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,OAAO,CAAC,IAAI,CAAC;gBACX,OAAO,EAAE,GAAG;gBACZ,MAAM,EAAE,KAAK;gBACb,KAAK,EAAE,qBAAqB,MAAM,CAAC,KAAK,CAAC,EAAE;aAC5C,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,KAAoB;IAC7D,MAAM,WAAW,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;IAEpC,IAAI,CAAC,KAAK,CAAC,aAAa,EAAE,CAAC;QACzB,OAAO,WAAW,CAAC;IACrB,CAAC;IAED,uBAAuB;IACvB,MAAM,WAAW,GAAG,YAAY,CAAC,KAAK,CAAC,WAAW,CAAC,CAAC;IACpD,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAElD,IAAI,UAAU,CAAC,OAAO,CAAC,EAAE,CAAC;QACxB,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;YACvD,MAAM,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC;gBAC1B,GAAG,GAAG,CAAC,YAAY;gBACnB,GAAG,GAAG,CAAC,eAAe;aACvB,CAAC,CAAC;YAEH,MAAM,eAAe,GAAG,MAAM,gBAAgB,CAAC,OAAO,CAAC,CAAC;YACxD,WAAW,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,eAAe,CAAC,CAAC;YAEnD,iDAAiD;YACjD,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,IAAI,WAAW,CAAC,OAAO,CAAC,QAAQ,KAAK,CAAC,EAAE,CAAC;gBACrE,MAAM,YAAY,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC;gBAC1D,IAAI,YAAY,EAAE,CAAC;oBACjB,WAAW,CAAC,eAAe,GAAG,YAAY,YAAY,CAAC,OAAO,kEAAkE,CAAC;gBACnI,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,6BAA6B,EAAE,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,OAAO,WAAW,CAAC;AACrB,CAAC"}