project-shield 1.0.0

package/dist/scanner/secrets.js

@@ -0,0 +1,224 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.shannonEntropy = shannonEntropy;
+exports.scanFileSecrets = scanFileSecrets;
+const ignore_js_1 = require("./ignore.js");
+/**
+ * Calculate Shannon entropy of a string.
+ */
+function shannonEntropy(str) {
+    if (str.length === 0)
+        return 0;
+    const freq = new Map();
+    for (const ch of str) {
+        freq.set(ch, (freq.get(ch) ?? 0) + 1);
+    }
+    let entropy = 0;
+    const len = str.length;
+    for (const count of freq.values()) {
+        const p = count / len;
+        if (p > 0) {
+            entropy -= p * Math.log2(p);
+        }
+    }
+    return entropy;
+}
+/**
+ * Mask a matched value: show first 4 chars + ****
+ */
+function maskValue(value) {
+    if (value.length <= 4)
+        return '****';
+    return value.substring(0, 4) + '****';
+}
+/**
+ * Extract tokens (8+ chars) from a line for entropy analysis.
+ */
+function extractTokens(line) {
+    const tokens = [];
+    // Split on whitespace, quotes, backticks, and common delimiters
+    const regex = /[A-Za-z0-9/+=_-]{8,}/g;
+    let match;
+    while ((match = regex.exec(line)) !== null) {
+        tokens.push({ token: match[0], column: match.index });
+    }
+    return tokens;
+}
+/**
+ * Check if a line contains context keywords near a value.
+ */
+function hasContextKeywords(line, keywords) {
+    const lower = line.toLowerCase();
+    return keywords.some(kw => lower.includes(kw.toLowerCase()));
+}
+/**
+ * Check if a file is a .env file.
+ */
+function isEnvFile(filePath) {
+    const name = filePath.replace(/\\/g, '/').split('/').pop() ?? '';
+    return name === '.env' || name.startsWith('.env.') || name.endsWith('.env');
+}
+/**
+ * Check if the line is an assignment (=, :, =>) with a string literal on the right.
+ */
+function isAssignmentLine(line) {
+    return /[=:]/.test(line) || /=>/.test(line);
+}
+/**
+ * Layer 1: Regex pattern matching against ruleset patterns.
+ */
+function regexLayer(line, patterns) {
+    const hits = [];
+    for (const pattern of patterns) {
+        const regex = new RegExp(pattern.regex, 'g');
+        let match;
+        while ((match = regex.exec(line)) !== null) {
+            hits.push({ pattern, match });
+        }
+    }
+    return hits;
+}
+/**
+ * Layer 2: Shannon entropy analysis on tokens.
+ */
+function entropyLayer(line, threshold) {
+    const tokens = extractTokens(line);
+    return tokens
+        .map(t => ({ ...t, entropy: shannonEntropy(t.token) }))
+        .filter(t => t.entropy > threshold);
+}
+/**
+ * Layer 3: Context check for secret-related variable names.
+ */
+function contextLayer(line, filePath, keywords) {
+    // .env files → all values are key candidates
+    if (isEnvFile(filePath))
+        return true;
+    // Check for context keywords
+    if (hasContextKeywords(line, keywords))
+        return true;
+    // Check for assignment with string literal
+    if (isAssignmentLine(line) && hasContextKeywords(line, keywords))
+        return true;
+    return false;
+}
+/**
+ * Determine severity from layer hits.
+ * - 2+ layers hit → critical
+ * - 1 layer hit → warning
+ * - severity_override takes precedence for certain patterns
+ */
+function determineSeverity(pattern, regexHit, entropyVal, entropyThreshold, contextHit) {
+    // Special overrides
+    if (pattern?.severity_override) {
+        return pattern.severity_override;
+    }
+    const layerCount = [
+        regexHit,
+        entropyVal > entropyThreshold,
+        contextHit,
+    ].filter(Boolean).length;
+    if (layerCount >= 2)
+        return 'critical';
+    if (layerCount === 1)
+        return 'warning';
+    return 'info';
+}
+// Known example/placeholder key patterns that should be downgraded
+const EXAMPLE_KEY_SUFFIXES = ['EXAMPLE', 'TESTING', 'CHANGEME', 'PLACEHOLDER'];
+// Patterns that are too broad to be flagged without context (regex alone is not enough)
+const CONTEXT_REQUIRED_PATTERNS = new Set(['aws_secret_key']);
+/**
+ * Check if a matched value looks like a known example/placeholder.
+ */
+function isExampleKey(value) {
+    const upper = value.toUpperCase();
+    return EXAMPLE_KEY_SUFFIXES.some(suffix => upper.endsWith(suffix));
+}
+/**
+ * Scan a single file's content for secrets using 3-layer detection.
+ */
+function scanFileSecrets(content, filePath, ruleset) {
+    const findings = [];
+    const lines = content.split('\n');
+    const { patterns, entropy_threshold, context_keywords } = ruleset.secrets;
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        const lineNum = i + 1;
+        // Skip shield-ignored lines
+        if ((0, ignore_js_1.isLineIgnored)(line))
+            continue;
+        // Layer 1: Regex
+        const regexHits = regexLayer(line, patterns);
+        // Layer 2: Entropy
+        const highEntropyTokens = entropyLayer(line, entropy_threshold);
+        // Layer 3: Context
+        const contextHit = contextLayer(line, filePath, context_keywords);
+        // Process regex hits
+        for (const { pattern, match } of regexHits) {
+            const matchedStr = match[0];
+            const column = (match.index ?? 0) + 1;
+            // Skip context-required patterns when no context is present
+            if (CONTEXT_REQUIRED_PATTERNS.has(pattern.id) && !contextHit) {
+                continue;
+            }
+            // Find the best entropy value for this match
+            const matchEntropy = shannonEntropy(matchedStr);
+            let severity = determineSeverity(pattern, true, matchEntropy, entropy_threshold, contextHit);
+            // Downgrade example/placeholder keys to warning
+            if (isExampleKey(matchedStr) && severity === 'critical') {
+                severity = 'warning';
+            }
+            if (severity !== 'info') {
+                findings.push({
+                    file: filePath,
+                    line: lineNum,
+                    column,
+                    type: pattern.id,
+                    severity,
+                    layers: {
+                        regex: true,
+                        entropy: matchEntropy,
+                        context: contextHit,
+                    },
+                    matched: maskValue(matchedStr),
+                    description: pattern.description,
+                });
+            }
+        }
+        // Process high-entropy tokens without regex match (context required)
+        if (regexHits.length === 0 && highEntropyTokens.length > 0 && contextHit) {
+            for (const token of highEntropyTokens) {
+                // Don't flag tokens that look like common non-secret patterns
+                if (isLikelyNonSecret(token.token))
+                    continue;
+                findings.push({
+                    file: filePath,
+                    line: lineNum,
+                    column: token.column + 1,
+                    type: 'high_entropy_secret',
+                    severity: 'warning',
+                    layers: {
+                        regex: false,
+                        entropy: token.entropy,
+                        context: true,
+                    },
+                    matched: maskValue(token.token),
+                    description: 'High-entropy string in secret context',
+                });
+            }
+        }
+    }
+    return findings;
+}
+/**
+ * Check if a token is likely a non-secret (hash, uuid, etc.)
+ */
+function isLikelyNonSecret(token) {
+    // Pure hex strings of common hash lengths (MD5=32, SHA1=40, SHA256=64)
+    if (/^[0-9a-f]+$/i.test(token) && [32, 40, 64].includes(token.length)) {
+        return true;
+    }
+    return false;
+}
+//# sourceMappingURL=secrets.js.map

package/dist/scanner/secrets.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"secrets.js","sourceRoot":"","sources":["../../src/scanner/secrets.ts"],"names":[],"mappings":";;AAMA,wCAkBC;AAkJD,0CA8FC;AAvQD,2CAA4C;AAE5C;;GAEG;AACH,SAAgB,cAAc,CAAC,GAAW;IACxC,IAAI,GAAG,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,CAAC,CAAC;IAE/B,MAAM,IAAI,GAAG,IAAI,GAAG,EAAkB,CAAC;IACvC,KAAK,MAAM,EAAE,IAAI,GAAG,EAAE,CAAC;QACrB,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IACxC,CAAC;IAED,IAAI,OAAO,GAAG,CAAC,CAAC;IAChB,MAAM,GAAG,GAAG,GAAG,CAAC,MAAM,CAAC;IACvB,KAAK,MAAM,KAAK,IAAI,IAAI,CAAC,MAAM,EAAE,EAAE,CAAC;QAClC,MAAM,CAAC,GAAG,KAAK,GAAG,GAAG,CAAC;QACtB,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACV,OAAO,IAAI,CAAC,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC9B,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,KAAa;IAC9B,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC;QAAE,OAAO,MAAM,CAAC;IACrC,OAAO,KAAK,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC,CAAC,GAAG,MAAM,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,IAAY;IACjC,MAAM,MAAM,GAAwC,EAAE,CAAC;IACvD,gEAAgE;IAChE,MAAM,KAAK,GAAG,uBAAuB,CAAC;IACtC,IAAI,KAA6B,CAAC;IAClC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC3C,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,CAAC,KAAK,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,IAAY,EAAE,QAAkB;IAC1D,MAAM,KAAK,GAAG,IAAI,CAAC,WAAW,EAAE,CAAC;IACjC,OAAO,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,EAAE,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;AAC/D,CAAC;AAED;;GAEG;AACH,SAAS,SAAS,CAAC,QAAgB;IACjC,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC;IACjE,OAAO,IAAI,KAAK,MAAM,IAAI,IAAI,CAAC,UAAU,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AAC9E,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,IAAY;IACpC,OAAO,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC9C,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CACjB,IAAY,EACZ,QAAyB;IAEzB,MAAM,IAAI,GAA0D,EAAE,CAAC;IAEvE,KAAK,MAAM,OAAO,IAAI,QAAQ,EAAE,CAAC;QAC/B,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;QAC7C,IAAI,KAA6B,CAAC;QAClC,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC3C,IAAI,CAAC,IAAI,CAAC,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC,CAAC;QAChC,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CACnB,IAAY,EACZ,SAAiB;IAEjB,MAAM,MAAM,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IACnC,OAAO,MAAM;SACV,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,OAAO,EAAE,cAAc,CAAC,CAAC,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;SACtD,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,GAAG,SAAS,CAAC,CAAC;AACxC,CAAC;AAED;;GAEG;AACH,SAAS,YAAY,CACnB,IAAY,EACZ,QAAgB,EAChB,QAAkB;IAElB,6CAA6C;IAC7C,IAAI,SAAS,CAAC,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAErC,6BAA6B;IAC7B,IAAI,kBAAkB,CAAC,IAAI,EAAE,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAEpD,2CAA2C;IAC3C,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,kBAAkB,CAAC,IAAI,EAAE,QAAQ,CAAC;QAAE,OAAO,IAAI,CAAC;IAE9E,OAAO,KAAK,CAAC;AACf,CAAC;AAED;;;;;GAKG;AACH,SAAS,iBAAiB,CACxB,OAA6B,EAC7B,QAAiB,EACjB,UAAkB,EAClB,gBAAwB,EACxB,UAAmB;IAEnB,oBAAoB;IACpB,IAAI,OAAO,EAAE,iBAAiB,EAAE,CAAC;QAC/B,OAAO,OAAO,CAAC,iBAAiB,CAAC;IACnC,CAAC;IAED,MAAM,UAAU,GAAG;QACjB,QAAQ;QACR,UAAU,GAAG,gBAAgB;QAC7B,UAAU;KACX,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,MAAM,CAAC;IAEzB,IAAI,UAAU,IAAI,CAAC;QAAE,OAAO,UAAU,CAAC;IACvC,IAAI,UAAU,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACvC,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,mEAAmE;AACnE,MAAM,oBAAoB,GAAG,CAAC,SAAS,EAAE,SAAS,EAAE,UAAU,EAAE,aAAa,CAAC,CAAC;AAE/E,wFAAwF;AACxF,MAAM,yBAAyB,GAAG,IAAI,GAAG,CAAC,CAAC,gBAAgB,CAAC,CAAC,CAAC;AAE9D;;GAEG;AACH,SAAS,YAAY,CAAC,KAAa;IACjC,MAAM,KAAK,GAAG,KAAK,CAAC,WAAW,EAAE,CAAC;IAClC,OAAO,oBAAoB,CAAC,IAAI,CAAC,MAAM,CAAC,EAAE,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC;AACrE,CAAC;AAED;;GAEG;AACH,SAAgB,eAAe,CAC7B,OAAe,EACf,QAAgB,EAChB,OAAgB;IAEhB,MAAM,QAAQ,GAAoB,EAAE,CAAC;IACrC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAClC,MAAM,EAAE,QAAQ,EAAE,iBAAiB,EAAE,gBAAgB,EAAE,GAAG,OAAO,CAAC,OAAO,CAAC;IAE1E,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,CAAC;QAEtB,4BAA4B;QAC5B,IAAI,IAAA,yBAAa,EAAC,IAAI,CAAC;YAAE,SAAS;QAElC,iBAAiB;QACjB,MAAM,SAAS,GAAG,UAAU,CAAC,IAAI,EAAE,QAAQ,CAAC,CAAC;QAE7C,mBAAmB;QACnB,MAAM,iBAAiB,GAAG,YAAY,CAAC,IAAI,EAAE,iBAAiB,CAAC,CAAC;QAEhE,mBAAmB;QACnB,MAAM,UAAU,GAAG,YAAY,CAAC,IAAI,EAAE,QAAQ,EAAE,gBAAgB,CAAC,CAAC;QAElE,qBAAqB;QACrB,KAAK,MAAM,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,SAAS,EAAE,CAAC;YAC3C,MAAM,UAAU,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;YAC5B,MAAM,MAAM,GAAG,CAAC,KAAK,CAAC,KAAK,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;YAEtC,4DAA4D;YAC5D,IAAI,yBAAyB,CAAC,GAAG,CAAC,OAAO,CAAC,EAAE,CAAC,IAAI,CAAC,UAAU,EAAE,CAAC;gBAC7D,SAAS;YACX,CAAC;YAED,6CAA6C;YAC7C,MAAM,YAAY,GAAG,cAAc,CAAC,UAAU,CAAC,CAAC;YAEhD,IAAI,QAAQ,GAAG,iBAAiB,CAC9B,OAAO,EACP,IAAI,EACJ,YAAY,EACZ,iBAAiB,EACjB,UAAU,CACX,CAAC;YAEF,gDAAgD;YAChD,IAAI,YAAY,CAAC,UAAU,CAAC,IAAI,QAAQ,KAAK,UAAU,EAAE,CAAC;gBACxD,QAAQ,GAAG,SAAS,CAAC;YACvB,CAAC;YAED,IAAI,QAAQ,KAAK,MAAM,EAAE,CAAC;gBACxB,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,OAAO;oBACb,MAAM;oBACN,IAAI,EAAE,OAAO,CAAC,EAAE;oBAChB,QAAQ;oBACR,MAAM,EAAE;wBACN,KAAK,EAAE,IAAI;wBACX,OAAO,EAAE,YAAY;wBACrB,OAAO,EAAE,UAAU;qBACpB;oBACD,OAAO,EAAE,SAAS,CAAC,UAAU,CAAC;oBAC9B,WAAW,EAAE,OAAO,CAAC,WAAW;iBACjC,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,qEAAqE;QACrE,IAAI,SAAS,CAAC,MAAM,KAAK,CAAC,IAAI,iBAAiB,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,EAAE,CAAC;YACzE,KAAK,MAAM,KAAK,IAAI,iBAAiB,EAAE,CAAC;gBACtC,8DAA8D;gBAC9D,IAAI,iBAAiB,CAAC,KAAK,CAAC,KAAK,CAAC;oBAAE,SAAS;gBAE7C,QAAQ,CAAC,IAAI,CAAC;oBACZ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,OAAO;oBACb,MAAM,EAAE,KAAK,CAAC,MAAM,GAAG,CAAC;oBACxB,IAAI,EAAE,qBAAqB;oBAC3B,QAAQ,EAAE,SAAS;oBACnB,MAAM,EAAE;wBACN,KAAK,EAAE,KAAK;wBACZ,OAAO,EAAE,KAAK,CAAC,OAAO;wBACtB,OAAO,EAAE,IAAI;qBACd;oBACD,OAAO,EAAE,SAAS,CAAC,KAAK,CAAC,KAAK,CAAC;oBAC/B,WAAW,EAAE,uCAAuC;iBACrD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,KAAa;IACtC,uEAAuE;IACvE,IAAI,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,EAAE,CAAC;QACtE,OAAO,IAAI,CAAC;IACd,CAAC;IACD,OAAO,KAAK,CAAC;AACf,CAAC"}

package/dist/scoring/lock.d.ts

@@ -0,0 +1,12 @@
+import type { ScanScore, LockStatus } from '../types/index.js';
+/**
+ * Determine lock status and badge eligibility from score.
+ *
+ * F → locked, no badge
+ * D-E → warning badge
+ * C → clean badge
+ * B → good badge
+ * A → excellent badge
+ */
+export declare function getLockStatus(score: ScanScore): LockStatus;
+//# sourceMappingURL=lock.d.ts.map

package/dist/scoring/lock.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"lock.d.ts","sourceRoot":"","sources":["../../src/scoring/lock.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,SAAS,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE/D;;;;;;;;GAQG;AACH,wBAAgB,aAAa,CAAC,KAAK,EAAE,SAAS,GAAG,UAAU,CAgD1D"}

package/dist/scoring/lock.js

@@ -0,0 +1,58 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.getLockStatus = getLockStatus;
+/**
+ * Determine lock status and badge eligibility from score.
+ *
+ * F → locked, no badge
+ * D-E → warning badge
+ * C → clean badge
+ * B → good badge
+ * A → excellent badge
+ */
+function getLockStatus(score) {
+    switch (score.grade) {
+        case 'F':
+            return {
+                isLocked: true,
+                canGenerateBadge: false,
+                canGenerateCleanBadge: false,
+                badgeType: 'locked',
+                message: `Badge generation LOCKED — ${score.lockReason ?? 'Grade F'}. Fix all critical findings first.`,
+            };
+        case 'E':
+        case 'D':
+            return {
+                isLocked: false,
+                canGenerateBadge: true,
+                canGenerateCleanBadge: false,
+                badgeType: 'warning',
+                message: `Grade ${score.grade} (${score.numericScore}/100) — Warning badge available.`,
+            };
+        case 'C':
+            return {
+                isLocked: false,
+                canGenerateBadge: true,
+                canGenerateCleanBadge: true,
+                badgeType: 'clean',
+                message: `Grade C (${score.numericScore}/100) — Clean badge available.`,
+            };
+        case 'B':
+            return {
+                isLocked: false,
+                canGenerateBadge: true,
+                canGenerateCleanBadge: true,
+                badgeType: 'good',
+                message: `Grade B (${score.numericScore}/100) — Good badge available.`,
+            };
+        case 'A':
+            return {
+                isLocked: false,
+                canGenerateBadge: true,
+                canGenerateCleanBadge: true,
+                badgeType: 'excellent',
+                message: `Grade A (${score.numericScore}/100) — Excellent badge available.`,
+            };
+    }
+}
+//# sourceMappingURL=lock.js.map

package/dist/scoring/lock.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"lock.js","sourceRoot":"","sources":["../../src/scoring/lock.ts"],"names":[],"mappings":";;AAWA,sCAgDC;AAzDD;;;;;;;;GAQG;AACH,SAAgB,aAAa,CAAC,KAAgB;IAC5C,QAAQ,KAAK,CAAC,KAAK,EAAE,CAAC;QACpB,KAAK,GAAG;YACN,OAAO;gBACL,QAAQ,EAAE,IAAI;gBACd,gBAAgB,EAAE,KAAK;gBACvB,qBAAqB,EAAE,KAAK;gBAC5B,SAAS,EAAE,QAAQ;gBACnB,OAAO,EAAE,6BAA6B,KAAK,CAAC,UAAU,IAAI,SAAS,oCAAoC;aACxG,CAAC;QAEJ,KAAK,GAAG,CAAC;QACT,KAAK,GAAG;YACN,OAAO;gBACL,QAAQ,EAAE,KAAK;gBACf,gBAAgB,EAAE,IAAI;gBACtB,qBAAqB,EAAE,KAAK;gBAC5B,SAAS,EAAE,SAAS;gBACpB,OAAO,EAAE,SAAS,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,YAAY,kCAAkC;aACvF,CAAC;QAEJ,KAAK,GAAG;YACN,OAAO;gBACL,QAAQ,EAAE,KAAK;gBACf,gBAAgB,EAAE,IAAI;gBACtB,qBAAqB,EAAE,IAAI;gBAC3B,SAAS,EAAE,OAAO;gBAClB,OAAO,EAAE,YAAY,KAAK,CAAC,YAAY,gCAAgC;aACxE,CAAC;QAEJ,KAAK,GAAG;YACN,OAAO;gBACL,QAAQ,EAAE,KAAK;gBACf,gBAAgB,EAAE,IAAI;gBACtB,qBAAqB,EAAE,IAAI;gBAC3B,SAAS,EAAE,MAAM;gBACjB,OAAO,EAAE,YAAY,KAAK,CAAC,YAAY,+BAA+B;aACvE,CAAC;QAEJ,KAAK,GAAG;YACN,OAAO;gBACL,QAAQ,EAAE,KAAK;gBACf,gBAAgB,EAAE,IAAI;gBACtB,qBAAqB,EAAE,IAAI;gBAC3B,SAAS,EAAE,WAAW;gBACtB,OAAO,EAAE,YAAY,KAAK,CAAC,YAAY,oCAAoC;aAC5E,CAAC;IACN,CAAC;AACH,CAAC"}

package/dist/scoring/score.d.ts

@@ -0,0 +1,14 @@
+import type { ScanResult, ScanScore } from '../types/index.js';
+/**
+ * Calculate security score from scan results.
+ *
+ * Deductions:
+ * - Critical (secrets critical + PII confirmed + MCP critical): -25/each
+ * - Warning (secrets warning + MCP warning): -10/each
+ * - Possible (PII possible): -5/each
+ * - Info: -2/each
+ *
+ * Special: Any critical finding → automatic F grade + isLocked=true
+ */
+export declare function calculateScore(result: ScanResult): ScanScore;
+//# sourceMappingURL=score.d.ts.map

package/dist/scoring/score.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"score.d.ts","sourceRoot":"","sources":["../../src/scoring/score.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,mBAAmB,CAAC;AA4B/D;;;;;;;;;;GAUG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,UAAU,GAAG,SAAS,CAmD5D"}

package/dist/scoring/score.js

@@ -0,0 +1,74 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+exports.calculateScore = calculateScore;
+/**
+ * Deduction per finding severity.
+ */
+const DEDUCTIONS = {
+    critical: 25,
+    warning: 10,
+    possible: 5,
+    info: 2,
+};
+/**
+ * Grade thresholds (lower bound inclusive).
+ */
+const GRADE_MAP = [
+    { min: 90, grade: 'A', label: 'Excellent' },
+    { min: 75, grade: 'B', label: 'Good' },
+    { min: 60, grade: 'C', label: 'Pass' },
+    { min: 40, grade: 'D', label: 'Warning' },
+    { min: 20, grade: 'E', label: 'Warning' },
+    { min: 0, grade: 'F', label: 'Locked' },
+];
+/**
+ * Calculate security score from scan results.
+ *
+ * Deductions:
+ * - Critical (secrets critical + PII confirmed + MCP critical): -25/each
+ * - Warning (secrets warning + MCP warning): -10/each
+ * - Possible (PII possible): -5/each
+ * - Info: -2/each
+ *
+ * Special: Any critical finding → automatic F grade + isLocked=true
+ */
+function calculateScore(result) {
+    const criticalCount = result.summary.critical +
+        result.summary.confirmedPii +
+        result.summary.mcpCritical +
+        result.summary.injectionCritical;
+    const warningCount = result.summary.warning +
+        result.summary.mcpWarning +
+        result.summary.injectionWarning;
+    const possibleCount = result.summary.possiblePii;
+    // Count info-level findings
+    const infoCount = result.secrets.filter(s => s.severity === 'info').length +
+        result.pii.filter(p => p.severity === 'info').length;
+    const totalDeduction = criticalCount * DEDUCTIONS.critical +
+        warningCount * DEDUCTIONS.warning +
+        possibleCount * DEDUCTIONS.possible +
+        infoCount * DEDUCTIONS.info;
+    const numericScore = Math.max(0, 100 - totalDeduction);
+    const breakdown = { criticalCount, warningCount, possibleCount, infoCount };
+    // Special rule: any critical → automatic F + locked
+    if (criticalCount > 0) {
+        return {
+            numericScore,
+            grade: 'F',
+            label: 'Locked',
+            isLocked: true,
+            breakdown,
+            lockReason: `${criticalCount} critical finding(s) detected — automatic lock`,
+        };
+    }
+    // Normal grade mapping
+    const entry = GRADE_MAP.find(g => numericScore >= g.min) ?? GRADE_MAP[GRADE_MAP.length - 1];
+    return {
+        numericScore,
+        grade: entry.grade,
+        label: entry.label,
+        isLocked: false,
+        breakdown,
+    };
+}
+//# sourceMappingURL=score.js.map

package/dist/scoring/score.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"score.js","sourceRoot":"","sources":["../../src/scoring/score.ts"],"names":[],"mappings":";;AAuCA,wCAmDC;AAxFD;;GAEG;AACH,MAAM,UAAU,GAAG;IACjB,QAAQ,EAAE,EAAE;IACZ,OAAO,EAAE,EAAE;IACX,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;CACC,CAAC;AAEX;;GAEG;AACH,MAAM,SAAS,GAIV;IACH,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,WAAW,EAAE;IAC3C,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE;IACtC,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,MAAM,EAAE;IACtC,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;IACzC,EAAE,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,SAAS,EAAE;IACzC,EAAE,GAAG,EAAE,CAAC,EAAE,KAAK,EAAE,GAAG,EAAE,KAAK,EAAE,QAAQ,EAAE;CACxC,CAAC;AAEF;;;;;;;;;;GAUG;AACH,SAAgB,cAAc,CAAC,MAAkB;IAC/C,MAAM,aAAa,GACjB,MAAM,CAAC,OAAO,CAAC,QAAQ;QACvB,MAAM,CAAC,OAAO,CAAC,YAAY;QAC3B,MAAM,CAAC,OAAO,CAAC,WAAW;QAC1B,MAAM,CAAC,OAAO,CAAC,iBAAiB,CAAC;IAEnC,MAAM,YAAY,GAChB,MAAM,CAAC,OAAO,CAAC,OAAO;QACtB,MAAM,CAAC,OAAO,CAAC,UAAU;QACzB,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC;IAElC,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC;IAEjD,4BAA4B;IAC5B,MAAM,SAAS,GACb,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QACxD,MAAM,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM,CAAC;IAEvD,MAAM,cAAc,GAClB,aAAa,GAAG,UAAU,CAAC,QAAQ;QACnC,YAAY,GAAG,UAAU,CAAC,OAAO;QACjC,aAAa,GAAG,UAAU,CAAC,QAAQ;QACnC,SAAS,GAAG,UAAU,CAAC,IAAI,CAAC;IAE9B,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,GAAG,cAAc,CAAC,CAAC;IAEvD,MAAM,SAAS,GAAG,EAAE,aAAa,EAAE,YAAY,EAAE,aAAa,EAAE,SAAS,EAAE,CAAC;IAE5E,oDAAoD;IACpD,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;QACtB,OAAO;YACL,YAAY;YACZ,KAAK,EAAE,GAAG;YACV,KAAK,EAAE,QAAQ;YACf,QAAQ,EAAE,IAAI;YACd,SAAS;YACT,UAAU,EAAE,GAAG,aAAa,gDAAgD;SAC7E,CAAC;IACJ,CAAC;IAED,uBAAuB;IACvB,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,YAAY,IAAI,CAAC,CAAC,GAAG,CAAC,IAAI,SAAS,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;IAE5F,OAAO;QACL,YAAY;QACZ,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,QAAQ,EAAE,KAAK;QACf,SAAS;KACV,CAAC;AACJ,CAAC"}

package/dist/types/index.d.ts

@@ -0,0 +1,205 @@
+export interface MCPCheckItem {
+    status: 'critical' | 'warning' | 'pass';
+    detail: string;
+}
+export interface MCPFinding {
+    file: string;
+    items: {
+        auth: MCPCheckItem;
+        secrets: MCPCheckItem;
+        toolMeta: MCPCheckItem;
+        permissions: MCPCheckItem;
+        logging: MCPCheckItem;
+    };
+    overallSeverity: 'critical' | 'warning' | 'pass';
+    failedCount: number;
+}
+export interface ScanScore {
+    numericScore: number;
+    grade: 'A' | 'B' | 'C' | 'D' | 'E' | 'F';
+    label: 'Excellent' | 'Good' | 'Pass' | 'Warning' | 'Locked';
+    isLocked: boolean;
+    breakdown: {
+        criticalCount: number;
+        warningCount: number;
+        possibleCount: number;
+        infoCount: number;
+    };
+    lockReason?: string;
+}
+export type BadgeType = 'locked' | 'warning' | 'clean' | 'good' | 'excellent';
+export interface LockStatus {
+    isLocked: boolean;
+    canGenerateBadge: boolean;
+    canGenerateCleanBadge: boolean;
+    badgeType: BadgeType;
+    message: string;
+}
+export interface SealedResult {
+    resultHash: string;
+    timestamp: string;
+    rulesetVersion: string;
+    badgeUUID?: string;
+    verifyURL?: string;
+}
+export interface SecretFinding {
+    file: string;
+    line: number;
+    column: number;
+    type: string;
+    severity: 'critical' | 'warning' | 'info';
+    layers: {
+        regex: boolean;
+        entropy: number;
+        context: boolean;
+    };
+    matched: string;
+    description: string;
+}
+export interface PIIFinding {
+    file: string;
+    line: number;
+    column: number;
+    type: string;
+    severity: 'confirmed' | 'possible' | 'info';
+    layers: {
+        regex: boolean;
+        checksum: boolean | null;
+    };
+    matched: string;
+    description: string;
+    locale: 'kr' | 'global';
+}
+export interface InjectionFinding {
+    file: string;
+    line: number;
+    type: 'direct' | 'indirect' | 'encoded' | 'structural';
+    severity: 'critical' | 'warning' | 'info';
+    layers: {
+        keyword: boolean;
+        structure: boolean;
+    };
+    pattern: string;
+    context: string;
+    description: string;
+}
+export interface FixitGuide {
+    title: string;
+    steps: string[];
+    code?: string;
+    severity: 'critical' | 'warning';
+    references?: string[];
+}
+export interface EvidencePack {
+    generatedAt: string;
+    toolVersion: string;
+    rulesetVersion: string;
+    scanTarget: string;
+    filesScanned: number;
+    filesExcluded: number;
+    scanDuration: string;
+    score: ScanScore;
+    lockStatus: LockStatus;
+    findings: {
+        secrets: SecretFinding[];
+        pii: PIIFinding[];
+        mcp: MCPFinding[];
+        injection: InjectionFinding[];
+    };
+    fixitSummary: {
+        totalIssues: number;
+        criticalIssues: number;
+        fixitGuidesAvailable: number;
+    };
+    integrity: {
+        rulesetHash: string;
+        resultHash: string;
+        badgeUUID?: string;
+        verifyURL?: string;
+    };
+    disclaimer: string;
+}
+export interface ScanResult {
+    secrets: SecretFinding[];
+    pii: PIIFinding[];
+    mcp: MCPFinding[];
+    injection: InjectionFinding[];
+    summary: {
+        filesScanned: number;
+        filesExcluded: number;
+        timeMs: number;
+        critical: number;
+        warning: number;
+        confirmedPii: number;
+        possiblePii: number;
+        mcpCritical: number;
+        mcpWarning: number;
+        injectionCritical: number;
+        injectionWarning: number;
+    };
+}
+export interface ScanConfig {
+    targetPath: string;
+    format: 'terminal' | 'json';
+    ignorePath?: string;
+    rulesetPath?: string;
+}
+export interface SecretPattern {
+    id: string;
+    name: string;
+    regex: string;
+    description: string;
+    severity_override?: 'critical' | 'warning';
+}
+export interface PIIPattern {
+    id: string;
+    name: string;
+    regex: string;
+    description: string;
+    locale: 'kr' | 'global';
+    has_checksum: boolean;
+}
+export interface MCPPattern {
+    id: string;
+    name: string;
+    type: 'auth_field' | 'dangerous_tool' | 'permission_pattern' | 'logging_field';
+    values: string[];
+    description: string;
+}
+export interface InjectionPattern {
+    id: string;
+    name: string;
+    regex: string;
+    type: 'direct' | 'indirect';
+    description: string;
+}
+export interface Ruleset {
+    version: string;
+    sha256: string;
+    secrets: {
+        patterns: SecretPattern[];
+        entropy_threshold: number;
+        context_keywords: string[];
+    };
+    pii: {
+        patterns: PIIPattern[];
+    };
+    mcp: {
+        config_files: string[];
+        auth_fields: string[];
+        dangerous_tool_keywords: string[];
+        permission_patterns: MCPPattern[];
+        logging_fields: string[];
+    };
+    injection: {
+        direct_patterns: InjectionPattern[];
+        indirect_patterns: InjectionPattern[];
+        structural: {
+            html_comment_regex: string;
+            markdown_comment_regex: string;
+            zero_width_chars: string[];
+            tool_length_multiplier: number;
+        };
+    };
+}
+//# sourceMappingURL=index.d.ts.map

package/dist/types/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":"AACA,MAAM,WAAW,YAAY;IAC3B,MAAM,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IACxC,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE;QACL,IAAI,EAAE,YAAY,CAAC;QACnB,OAAO,EAAE,YAAY,CAAC;QACtB,QAAQ,EAAE,YAAY,CAAC;QACvB,WAAW,EAAE,YAAY,CAAC;QAC1B,OAAO,EAAE,YAAY,CAAC;KACvB,CAAC;IACF,eAAe,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IACjD,WAAW,EAAE,MAAM,CAAC;CACrB;AAGD,MAAM,WAAW,SAAS;IACxB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,GAAG,CAAC;IACzC,KAAK,EAAE,WAAW,GAAG,MAAM,GAAG,MAAM,GAAG,SAAS,GAAG,QAAQ,CAAC;IAC5D,QAAQ,EAAE,OAAO,CAAC;IAClB,SAAS,EAAE;QACT,aAAa,EAAE,MAAM,CAAC;QACtB,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC;QACtB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;IACF,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAGD,MAAM,MAAM,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,OAAO,GAAG,MAAM,GAAG,WAAW,CAAC;AAE9E,MAAM,WAAW,UAAU;IACzB,QAAQ,EAAE,OAAO,CAAC;IAClB,gBAAgB,EAAE,OAAO,CAAC;IAC1B,qBAAqB,EAAE,OAAO,CAAC;IAC/B,SAAS,EAAE,SAAS,CAAC;IACrB,OAAO,EAAE,MAAM,CAAC;CACjB;AAGD,MAAM,WAAW,YAAY;IAC3B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,cAAc,EAAE,MAAM,CAAC;IACvB,SAAS,CAAC,EAAE,MAAM,CAAC;IACnB,SAAS,CAAC,EAAE,MAAM,CAAC;CACpB;AAGD,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IAC1C,MAAM,EAAE;QACN,KAAK,EAAE,OAAO,CAAC;QACf,OAAO,EAAE,MAAM,CAAC;QAChB,OAAO,EAAE,OAAO,CAAC;KAClB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB;AAGD,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,QAAQ,EAAE,WAAW,GAAG,UAAU,GAAG,MAAM,CAAC;IAC5C,MAAM,EAAE;QACN,KAAK,EAAE,OAAO,CAAC;QACf,QAAQ,EAAE,OAAO,GAAG,IAAI,CAAC;KAC1B,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,IAAI,GAAG,QAAQ,CAAC;CACzB;AAGD,MAAM,WAAW,gBAAgB;IAC/B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,QAAQ,GAAG,UAAU,GAAG,SAAS,GAAG,YAAY,CAAC;IACvD,QAAQ,EAAE,UAAU,GAAG,SAAS,GAAG,MAAM,CAAC;IAC1C,MAAM,EAAE;QACN,OAAO,EAAE,OAAO,CAAC;QACjB,SAAS,EAAE,OAAO,CAAC;KACpB,CAAC;IACF,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,WAAW,EAAE,MAAM,CAAC;CACrB;AAGD,MAAM,WAAW,UAAU;IACzB,KAAK,EAAE,MAAM,CAAC;IACd,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,UAAU,GAAG,SAAS,CAAC;IACjC,UAAU,CAAC,EAAE,MAAM,EAAE,CAAC;CACvB;AAGD,MAAM,WAAW,YAAY;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,cAAc,EAAE,MAAM,CAAC;IACvB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;IACrB,aAAa,EAAE,MAAM,CAAC;IACtB,YAAY,EAAE,MAAM,CAAC;IACrB,KAAK,EAAE,SAAS,CAAC;IACjB,UAAU,EAAE,UAAU,CAAC;IACvB,QAAQ,EAAE;QACR,OAAO,EAAE,aAAa,EAAE,CAAC;QACzB,GAAG,EAAE,UAAU,EAAE,CAAC;QAClB,GAAG,EAAE,UAAU,EAAE,CAAC;QAClB,SAAS,EAAE,gBAAgB,EAAE,CAAC;KAC/B,CAAC;IACF,YAAY,EAAE;QACZ,WAAW,EAAE,MAAM,CAAC;QACpB,cAAc,EAAE,MAAM,CAAC;QACvB,oBAAoB,EAAE,MAAM,CAAC;KAC9B,CAAC;IACF,SAAS,EAAE;QACT,WAAW,EAAE,MAAM,CAAC;QACpB,UAAU,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;QACnB,SAAS,CAAC,EAAE,MAAM,CAAC;KACpB,CAAC;IACF,UAAU,EAAE,MAAM,CAAC;CACpB;AAGD,MAAM,WAAW,UAAU;IACzB,OAAO,EAAE,aAAa,EAAE,CAAC;IACzB,GAAG,EAAE,UAAU,EAAE,CAAC;IAClB,GAAG,EAAE,UAAU,EAAE,CAAC;IAClB,SAAS,EAAE,gBAAgB,EAAE,CAAC;IAC9B,OAAO,EAAE;QACP,YAAY,EAAE,MAAM,CAAC;QACrB,aAAa,EAAE,MAAM,CAAC;QACtB,MAAM,EAAE,MAAM,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,YAAY,EAAE,MAAM,CAAC;QACrB,WAAW,EAAE,MAAM,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC;QACpB,UAAU,EAAE,MAAM,CAAC;QACnB,iBAAiB,EAAE,MAAM,CAAC;QAC1B,gBAAgB,EAAE,MAAM,CAAC;KAC1B,CAAC;CACH;AAGD,MAAM,WAAW,UAAU;IACzB,UAAU,EAAE,MAAM,CAAC;IACnB,MAAM,EAAE,UAAU,GAAG,MAAM,CAAC;IAC5B,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,WAAW,CAAC,EAAE,MAAM,CAAC;CACtB;AAGD,MAAM,WAAW,aAAa;IAC5B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,iBAAiB,CAAC,EAAE,UAAU,GAAG,SAAS,CAAC;CAC5C;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,IAAI,GAAG,QAAQ,CAAC;IACxB,YAAY,EAAE,OAAO,CAAC;CACvB;AAED,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,YAAY,GAAG,gBAAgB,GAAG,oBAAoB,GAAG,eAAe,CAAC;IAC/E,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,gBAAgB;IAC/B,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,UAAU,CAAC;IAC5B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,OAAO,EAAE,MAAM,CAAC;IAChB,MAAM,EAAE,MAAM,CAAC;IACf,OAAO,EAAE;QACP,QAAQ,EAAE,aAAa,EAAE,CAAC;QAC1B,iBAAiB,EAAE,MAAM,CAAC;QAC1B,gBAAgB,EAAE,MAAM,EAAE,CAAC;KAC5B,CAAC;IACF,GAAG,EAAE;QACH,QAAQ,EAAE,UAAU,EAAE,CAAC;KACxB,CAAC;IACF,GAAG,EAAE;QACH,YAAY,EAAE,MAAM,EAAE,CAAC;QACvB,WAAW,EAAE,MAAM,EAAE,CAAC;QACtB,uBAAuB,EAAE,MAAM,EAAE,CAAC;QAClC,mBAAmB,EAAE,UAAU,EAAE,CAAC;QAClC,cAAc,EAAE,MAAM,EAAE,CAAC;KAC1B,CAAC;IACF,SAAS,EAAE;QACT,eAAe,EAAE,gBAAgB,EAAE,CAAC;QACpC,iBAAiB,EAAE,gBAAgB,EAAE,CAAC;QACtC,UAAU,EAAE;YACV,kBAAkB,EAAE,MAAM,CAAC;YAC3B,sBAAsB,EAAE,MAAM,CAAC;YAC/B,gBAAgB,EAAE,MAAM,EAAE,CAAC;YAC3B,sBAAsB,EAAE,MAAM,CAAC;SAChC,CAAC;KACH,CAAC;CACH"}

package/dist/types/index.js

@@ -0,0 +1,3 @@
+"use strict";
+Object.defineProperty(exports, "__esModule", { value: true });
+//# sourceMappingURL=index.js.map

package/dist/types/index.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/types/index.ts"],"names":[],"mappings":""}