projscan 3.0.0 → 3.0.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +24 -24
- package/dist/cli/commands/dataflow.js +6 -1
- package/dist/cli/commands/dataflow.js.map +1 -1
- package/dist/core/agentBrief.js +31 -1
- package/dist/core/agentBrief.js.map +1 -1
- package/dist/core/dataflow.d.ts +4 -0
- package/dist/core/dataflow.js +91 -8
- package/dist/core/dataflow.js.map +1 -1
- package/dist/core/dataflowFilters.d.ts +10 -0
- package/dist/core/dataflowFilters.js +46 -0
- package/dist/core/dataflowFilters.js.map +1 -0
- package/dist/core/graphCorpus.d.ts +5 -0
- package/dist/core/graphCorpus.js +46 -0
- package/dist/core/graphCorpus.js.map +1 -0
- package/dist/core/impact.d.ts +3 -0
- package/dist/core/impact.js +46 -2
- package/dist/core/impact.js.map +1 -1
- package/dist/core/issueEngine.js +25 -1
- package/dist/core/issueEngine.js.map +1 -1
- package/dist/core/ownership.d.ts +3 -0
- package/dist/core/ownership.js +84 -0
- package/dist/core/ownership.js.map +1 -0
- package/dist/core/plugins.d.ts +10 -3
- package/dist/core/plugins.js +2 -2
- package/dist/core/plugins.js.map +1 -1
- package/dist/core/preflight.js +75 -6
- package/dist/core/preflight.js.map +1 -1
- package/dist/core/releaseTrain.js +68 -0
- package/dist/core/releaseTrain.js.map +1 -1
- package/dist/core/review.js +29 -20
- package/dist/core/review.js.map +1 -1
- package/dist/core/reviewDataflow.d.ts +6 -0
- package/dist/core/reviewDataflow.js +21 -0
- package/dist/core/reviewDataflow.js.map +1 -0
- package/dist/core/taint.js +35 -6
- package/dist/core/taint.js.map +1 -1
- package/dist/core/watcher.d.ts +2 -2
- package/dist/core/watcher.js +103 -17
- package/dist/core/watcher.js.map +1 -1
- package/dist/core/workplan.js +6 -6
- package/dist/core/workplan.js.map +1 -1
- package/dist/index.d.ts +3 -2
- package/dist/index.js +1 -0
- package/dist/index.js.map +1 -1
- package/dist/mcp/tools/dataflow.js +12 -1
- package/dist/mcp/tools/dataflow.js.map +1 -1
- package/dist/mcp/tools/impact.js +12 -7
- package/dist/mcp/tools/impact.js.map +1 -1
- package/dist/projscan-sbom.cdx.json +6 -6
- package/dist/tool-manifest.json +10 -2
- package/dist/types.d.ts +50 -2
- package/docs/PLUGIN-AUTHORING.md +11 -3
- package/docs/PLUGIN-GALLERY.md +8 -0
- package/docs/examples/plugins/graph-context.mjs +27 -0
- package/docs/examples/plugins/graph-context.projscan-plugin.json +8 -0
- package/package.json +3 -2
package/README.md
CHANGED
|
@@ -9,9 +9,9 @@
|
|
|
9
9
|
|
|
10
10
|
**Agent-first code intelligence.** An MCP server that lets AI coding agents (Claude Code, Codex, Cursor, Gemini, Windsurf, Cline, Continue, Zed — any MCP-aware client) query your codebase — with a CLI for humans and a local plugin layer for team-specific policy and reporting.
|
|
11
11
|
|
|
12
|
-
[AI Agent Quick Start](#ai-agent-integration-mcp) · [CLI Quick Start](#quick-start) · [Commands](#commands) · [Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
12
|
+
[AI Agent Quick Start](#ai-agent-integration-mcp) · [CLI Quick Start](#quick-start) · [Commands](#commands) · [Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/GUIDE.md) · [Roadmap](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/ROADMAP.md)
|
|
13
13
|
|
|
14
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
14
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/projscan-reporter-plugin.png" alt="projscan reporter plugin running in a macOS-style terminal window with a team health summary" width="700">
|
|
15
15
|
|
|
16
16
|
</div>
|
|
17
17
|
|
|
@@ -33,7 +33,7 @@ Humans get the same thing through the CLI.
|
|
|
33
33
|
npx projscan
|
|
34
34
|
```
|
|
35
35
|
|
|
36
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
36
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/projscan-reporter-plugin.gif" alt="projscan doctor rendered through a local reporter plugin in a macOS-style terminal window" width="700">
|
|
37
37
|
|
|
38
38
|
Run `projscan doctor` for a focused health check:
|
|
39
39
|
|
|
@@ -41,7 +41,7 @@ Run `projscan doctor` for a focused health check:
|
|
|
41
41
|
npx projscan doctor
|
|
42
42
|
```
|
|
43
43
|
|
|
44
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
44
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20doctor.gif" alt="npx projscan doctor" width="700">
|
|
45
45
|
|
|
46
46
|
## Install
|
|
47
47
|
|
|
@@ -76,7 +76,7 @@ projscan preflight --format json # Agent safety gate with supply-chain eviden
|
|
|
76
76
|
projscan doctor # Health check, including security and supply-chain risks
|
|
77
77
|
projscan hotspots # Rank files by risk (churn × complexity × issues × ownership)
|
|
78
78
|
projscan semantic-graph --format json # Stable v3 file/function/package/symbol graph
|
|
79
|
-
projscan dataflow --format json #
|
|
79
|
+
projscan dataflow --format json # Focused direct, propagated, and bridge dataflow risks
|
|
80
80
|
projscan search <query> # BM25-ranked search (content + symbols + path)
|
|
81
81
|
projscan file <path> # Drill into a file - purpose, risk, ownership, issues
|
|
82
82
|
projscan fix # Auto-fix detected issues
|
|
@@ -97,9 +97,9 @@ projscan plugin test .projscan-plugins/policy.projscan-plugin.json
|
|
|
97
97
|
PROJSCAN_PLUGINS_PREVIEW=1 projscan doctor --reporter team-radar
|
|
98
98
|
```
|
|
99
99
|
|
|
100
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
100
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20--help.gif" alt="npx projscan --help" width="700">
|
|
101
101
|
|
|
102
|
-
For a comprehensive walkthrough, see the **[Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
102
|
+
For a comprehensive walkthrough, see the **[Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/GUIDE.md)**.
|
|
103
103
|
|
|
104
104
|
## Commands
|
|
105
105
|
|
|
@@ -121,7 +121,7 @@ For a comprehensive walkthrough, see the **[Full Guide](https://github.com/abhiy
|
|
|
121
121
|
| `projscan preflight` | Agent safety gate - `proceed`, `caution`, or `block` with health, change, plugin, and supply-chain evidence |
|
|
122
122
|
| `projscan hotspots` | Rank files by risk - churn × complexity × issues × ownership |
|
|
123
123
|
| `projscan semantic-graph` | Stable v3 graph contract - files, functions, packages, symbols, imports, exports, definitions, and calls |
|
|
124
|
-
| `projscan dataflow` |
|
|
124
|
+
| `projscan dataflow` | Focused direct, propagated, and bridge source-to-sink dataflow risks |
|
|
125
125
|
| `projscan search <query>` | **BM25-ranked search** - content + symbols + path, with excerpts |
|
|
126
126
|
| `projscan file <path>` | Drill into a file - purpose, risk, ownership, related issues |
|
|
127
127
|
| `projscan fix` | Auto-fix issues (ESLint, Prettier, Vitest, .editorconfig) |
|
|
@@ -155,31 +155,31 @@ projscan --help
|
|
|
155
155
|
<details>
|
|
156
156
|
<summary><strong>projscan structure</strong> - Directory tree with file counts</summary>
|
|
157
157
|
|
|
158
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
158
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20structure.gif" alt="npx projscan structure" width="700">
|
|
159
159
|
</details>
|
|
160
160
|
|
|
161
161
|
<details>
|
|
162
162
|
<summary><strong>projscan diagram</strong> - Architecture visualization</summary>
|
|
163
163
|
|
|
164
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
164
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20diagram.gif" alt="npx projscan diagram" width="700">
|
|
165
165
|
</details>
|
|
166
166
|
|
|
167
167
|
<details>
|
|
168
168
|
<summary><strong>projscan dependencies</strong> - Dependency analysis</summary>
|
|
169
169
|
|
|
170
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
170
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20dependencies.gif" alt="npx projscan dependencies" width="700">
|
|
171
171
|
</details>
|
|
172
172
|
|
|
173
173
|
<details>
|
|
174
174
|
<summary><strong>projscan explain</strong> - File explanation</summary>
|
|
175
175
|
|
|
176
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
176
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20explain.gif" alt="npx projscan explain" width="700">
|
|
177
177
|
</details>
|
|
178
178
|
|
|
179
179
|
<details>
|
|
180
180
|
<summary><strong>projscan badge</strong> - Health badge generation</summary>
|
|
181
181
|
|
|
182
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
182
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20badge.gif" alt="npx projscan badge" width="700">
|
|
183
183
|
</details>
|
|
184
184
|
|
|
185
185
|
### Output Formats
|
|
@@ -201,7 +201,7 @@ Run `projscan help` for the generated command-by-command support matrix.
|
|
|
201
201
|
|
|
202
202
|
projscan can load local plugins from `.projscan-plugins/` when `PROJSCAN_PLUGINS_PREVIEW=1` is set. The environment flag is kept for explicit local-code opt-in. Analyzer plugins emit normal projscan issues; reporter plugins render supported CLI commands with team-specific output.
|
|
203
203
|
|
|
204
|
-
**2.0 upgrade notes:** migrating from 1.x or authoring plugins? Start with the [2.0 Migration Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
204
|
+
**2.0 upgrade notes:** migrating from 1.x or authoring plugins? Start with the [2.0 Migration Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/2.0-MIGRATION.md), then use [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/PLUGIN-AUTHORING.md), the [Plugin Gallery](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/PLUGIN-GALLERY.md), and the [manifest schema](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/plugin.schema.json) as the stable contract.
|
|
205
205
|
|
|
206
206
|
```bash
|
|
207
207
|
projscan plugin list
|
|
@@ -210,9 +210,9 @@ PROJSCAN_PLUGINS_PREVIEW=1 projscan doctor --reporter team-radar
|
|
|
210
210
|
PROJSCAN_PLUGINS_PREVIEW=1 projscan ci --reporter team-radar --min-score 80
|
|
211
211
|
```
|
|
212
212
|
|
|
213
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
213
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/projscan-reporter-plugin.gif" alt="projscan local reporter plugin rendering a team health report" width="700">
|
|
214
214
|
|
|
215
|
-
Reporter plugins are intentionally CLI-only. MCP tools keep returning structured JSON-compatible payloads so agents can reason over stable data, while humans can get a polished local report for their team. Custom presentation, team-branded summaries, and white-label reports belong in reporter plugins rather than new core HTML theming flags. See [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
215
|
+
Reporter plugins are intentionally CLI-only. MCP tools keep returning structured JSON-compatible payloads so agents can reason over stable data, while humans can get a polished local report for their team. Custom presentation, team-branded summaries, and white-label reports belong in reporter plugins rather than new core HTML theming flags. See [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/PLUGIN-AUTHORING.md) for manifest shape, `render(context)`, validation, and the trust model.
|
|
216
216
|
|
|
217
217
|
### Options
|
|
218
218
|
|
|
@@ -373,7 +373,7 @@ If you read projscan's [Socket report](https://socket.dev/npm/package/projscan),
|
|
|
373
373
|
### Audit it yourself
|
|
374
374
|
|
|
375
375
|
- **Source is open** at [github.com/abhiyoheswaran1/projscan](https://github.com/abhiyoheswaran1/projscan). The npm tarball matches the `dist/` produced by `npm run build` at the matching tag.
|
|
376
|
-
- **Public API surface is locked** by `scripts/check-stability.mjs`, which runs in CI on every PR and fails on any rename or removal of an MCP tool, CLI command, or exit code. See [`docs/STABILITY.md`](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
376
|
+
- **Public API surface is locked** by `scripts/check-stability.mjs`, which runs in CI on every PR and fails on any rename or removal of an MCP tool, CLI command, or exit code. See [`docs/STABILITY.md`](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/STABILITY.md).
|
|
377
377
|
- **Run it offline:** `npm install -g projscan` followed by anything except `audit` and `--mode semantic` works without network.
|
|
378
378
|
- **Drop privilege further:** in CI, run projscan in a sandbox that disallows network egress; everything except `audit` will pass.
|
|
379
379
|
|
|
@@ -411,7 +411,7 @@ projscan ci --changed-only # Gate only on this PR's diff
|
|
|
411
411
|
projscan ci --format sarif > projscan.sarif # SARIF for Code Scanning
|
|
412
412
|
```
|
|
413
413
|
|
|
414
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
414
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20ci%20--min-score%2070.gif" alt="npx projscan ci --min-score 70" width="700">
|
|
415
415
|
|
|
416
416
|
### GitHub Action (recommended)
|
|
417
417
|
|
|
@@ -480,7 +480,7 @@ Fields:
|
|
|
480
480
|
- `hotspots.limit` / `hotspots.since` - defaults for the `hotspots` command
|
|
481
481
|
- `monorepo.importPolicy` - cross-package import allow/deny rules in monorepos *(0.14+)*
|
|
482
482
|
|
|
483
|
-
See [`docs/GUIDE.md` → Configuration](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
483
|
+
See [`docs/GUIDE.md` → Configuration](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/GUIDE.md#configuration-projscanrc) for the full reference (field types, validation behavior, embedding config in `package.json`, monorepo `importPolicy` semantics).
|
|
484
484
|
|
|
485
485
|
## Tracking Health Over Time
|
|
486
486
|
|
|
@@ -493,7 +493,7 @@ projscan diff # Compare against baseline
|
|
|
493
493
|
projscan diff --format markdown # Markdown diff for PRs
|
|
494
494
|
```
|
|
495
495
|
|
|
496
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
496
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/npx%20projscan%20diff%20--save-baseline.gif" alt="npx projscan diff --save-baseline" width="700">
|
|
497
497
|
|
|
498
498
|
## Hotspots - Where to Fix First
|
|
499
499
|
|
|
@@ -582,7 +582,7 @@ Coverage is also automatically joined into `projscan hotspots` when one of those
|
|
|
582
582
|
|
|
583
583
|
**This is the primary way to use projscan.** `projscan mcp` starts an [MCP](https://modelcontextprotocol.io) server over stdio so AI coding agents can query your codebase with real structural accuracy - not regex, not grep.
|
|
584
584
|
|
|
585
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.
|
|
585
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.0.2/docs/projscan-agent-demo.gif" alt="projscan answering two agent questions: what breaks if I rename buildCodeGraph (impact analysis with definitions, direct callers, transitive reach), and where should I fix first (ranked hotspots with cyclomatic complexity)" width="700">
|
|
586
586
|
|
|
587
587
|
Two questions an agent asks; structural answers in milliseconds. *"What breaks if I rename `buildCodeGraph`?"* → 31 direct callers, 97 files reachable. *"Where should I fix first?"* → ranked hotspots with AST cyclomatic complexity, churn, and ownership signals.
|
|
588
588
|
|
|
@@ -731,7 +731,7 @@ Capability is advertised under `experimental.fileChanged` on `initialize` so cli
|
|
|
731
731
|
**Structural (0.6.0 / 0.11 / 0.13 / 0.14 / 0.15 - agent-native):**
|
|
732
732
|
- **`projscan_graph`** - query the AST-based code graph. Directions: `imports`, `exports`, `importers`, `symbol_defs`, `package_importers`. Millisecond responses on a warm cache.
|
|
733
733
|
- **`projscan_semantic_graph`** *(3.0)* - stable v3 semantic graph contract with file, function, package, and symbol nodes plus `defines`, `imports`, `imports_package`, `exports`, and `calls` edges.
|
|
734
|
-
- **`projscan_dataflow`** *(3.0)* - direct, propagated, and bridge source-to-sink dataflow risks.
|
|
734
|
+
- **`projscan_dataflow`** *(3.0)* - focused direct, propagated, and bridge source-to-sink dataflow risks. Defaults suppress test-file paths, broad readFile/writeFile noise, and JavaScript RegExp.exec false positives; opt into those with `include_tests` / `include_broad_file_io` or the matching CLI flags.
|
|
735
735
|
- **`projscan_search`** - fast search across `symbols` (exported names), `files` (path substring), or `content` (source substring with line + excerpt). Sub-file mode (`sub_file: true`) embeds per-function for sharper semantic results *(0.15)*.
|
|
736
736
|
- **`projscan_coupling`** *(0.11)* - per-file fan-in / fan-out / instability + circular-import cycles (Tarjan SCC). Filter by `direction: cycles_only | high_fan_in | high_fan_out`.
|
|
737
737
|
- **`projscan_pr_diff`** *(0.11)* - structural diff between two git refs. Returns added/removed/modified files with explicit lists of exports, imports, and call sites that changed, plus ΔCC and Δfan-in.
|
|
@@ -775,9 +775,9 @@ Capability is advertised under `experimental.fileChanged` on `initialize` so cli
|
|
|
775
775
|
**Operator (1.6):**
|
|
776
776
|
- **`projscan_workspace_graph`** *(1.6)* - cross-repo intelligence over sibling repos registered with `projscan workspace add`. Subactions: `list` (registered repos + parsed-file + export counts), `graph` (every symbol exported by ≥ 2 repos — the candidate refactor / API contract surface), `file_importers` (given a file in one repo, every other repo whose graph imports it). Read-only.
|
|
777
777
|
- **`projscan_apply_fix`** *(1.6)* - mechanically execute the safe fix templates. Default is dry-run; pass `confirm: true` to write. Atomic writes, per-apply rollback record at `.projscan-cache/rollbacks/<id>.json`. Reverse with `action: "rollback", rollback_id: ...`. Six templates supported at this release: `unused-dependency-*`, `missing-test-framework`, `missing-eslint`, `missing-prettier`, `missing-editorconfig`, `missing-readme`.
|
|
778
|
-
- **`projscan_taint`** *(1.6)* - source-to-sink reachability over the per-function call graph. Built-in defaults cover common JS / Python sources (`process.env`, `req.body`, etc.) and sinks (`exec`, `eval`, `db.query`, etc.). Project-specific names go in `.projscanrc.json` `taint`. `projscan_review` automatically diffs taint flows between base and head and **blocks any PR that introduces a new flow**. In 3.0, review
|
|
778
|
+
- **`projscan_taint`** *(1.6)* - source-to-sink reachability over the per-function call graph. Built-in defaults cover common JS / Python sources (`process.env`, `req.body`, etc.) and sinks (`exec`, `eval`, `db.query`, etc.). Project-specific names go in `.projscanrc.json` `taint`. `projscan_review` automatically diffs taint flows between base and head and **blocks any PR that introduces a new flow**. In 3.0.2, review surfaces hardened `newDataflowRisks`, compact `graphEvidence`, and graph-readiness gates for safer handoff.
|
|
779
779
|
|
|
780
|
-
For analyzer and reporter plugin authoring, manifest validation, `--reporter <name>`, and the trust model, see [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.
|
|
780
|
+
Analyzer plugins can optionally read graph/dataflow context through `check(rootPath, files, context)` while staying on manifest schema v1. The packaged `graph-context` example shows `context.getSemanticGraph()` and `context.getDataflow()` in a real analyzer. For analyzer and reporter plugin authoring, manifest validation, `--reporter <name>`, and the trust model, see [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.0.2/docs/PLUGIN-AUTHORING.md).
|
|
781
781
|
|
|
782
782
|
### Context-window budgeting
|
|
783
783
|
|
|
@@ -10,6 +10,8 @@ export function registerDataflow() {
|
|
|
10
10
|
.option('--source <name...>', 'add a custom source name (repeatable)')
|
|
11
11
|
.option('--sink <name...>', 'add a custom sink name (repeatable)')
|
|
12
12
|
.option('--max-risks <count>', 'maximum risks to return', parsePositiveInt)
|
|
13
|
+
.option('--include-tests', 'include dataflow risks that touch test files')
|
|
14
|
+
.option('--include-broad-file-io', 'include broad readFile/writeFile-style default risks')
|
|
13
15
|
.action(async (cmdOpts) => {
|
|
14
16
|
setupLogLevel();
|
|
15
17
|
maybeCompactBanner();
|
|
@@ -22,7 +24,10 @@ export function registerDataflow() {
|
|
|
22
24
|
const sources = [...(config.taint?.sources ?? []), ...(cmdOpts.source ?? [])];
|
|
23
25
|
const sinks = [...(config.taint?.sinks ?? []), ...(cmdOpts.sink ?? [])];
|
|
24
26
|
const maxRisks = Math.max(1, Math.min(500, cmdOpts.maxRisks ?? 50));
|
|
25
|
-
const report = computeDataflow(graph, { sources, sinks }
|
|
27
|
+
const report = computeDataflow(graph, { sources, sinks }, {
|
|
28
|
+
includeTests: cmdOpts.includeTests === true,
|
|
29
|
+
includeBroadFileIo: cmdOpts.includeBroadFileIo === true,
|
|
30
|
+
});
|
|
26
31
|
const shaped = {
|
|
27
32
|
...report,
|
|
28
33
|
risks: report.risks.slice(0, maxRisks),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dataflow.js","sourceRoot":"","sources":["../../../src/cli/commands/dataflow.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EACL,qBAAqB,EACrB,WAAW,EACX,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,aAAa,GACd,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAGzD,MAAM,UAAU,gBAAgB;IAC9B,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,qEAAqE,CAAC;SAClF,MAAM,CAAC,oBAAoB,EAAE,uCAAuC,CAAC;SACrE,MAAM,CAAC,kBAAkB,EAAE,qCAAqC,CAAC;SACjE,MAAM,CAAC,qBAAqB,EAAE,yBAAyB,EAAE,gBAAgB,CAAC;SAC1E,MAAM,CAAC,KAAK,EAAE,
|
|
1
|
+
{"version":3,"file":"dataflow.js","sourceRoot":"","sources":["../../../src/cli/commands/dataflow.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAE1B,OAAO,EACL,qBAAqB,EACrB,WAAW,EACX,iBAAiB,EACjB,kBAAkB,EAClB,OAAO,EACP,aAAa,GACd,MAAM,eAAe,CAAC;AACvB,OAAO,EAAE,cAAc,EAAE,MAAM,iCAAiC,CAAC;AACjE,OAAO,EAAE,cAAc,EAAE,MAAM,yBAAyB,CAAC;AACzD,OAAO,EAAE,eAAe,EAAE,MAAM,wBAAwB,CAAC;AAGzD,MAAM,UAAU,gBAAgB;IAC9B,OAAO;SACJ,OAAO,CAAC,UAAU,CAAC;SACnB,WAAW,CAAC,qEAAqE,CAAC;SAClF,MAAM,CAAC,oBAAoB,EAAE,uCAAuC,CAAC;SACrE,MAAM,CAAC,kBAAkB,EAAE,qCAAqC,CAAC;SACjE,MAAM,CAAC,qBAAqB,EAAE,yBAAyB,EAAE,gBAAgB,CAAC;SAC1E,MAAM,CAAC,iBAAiB,EAAE,8CAA8C,CAAC;SACzE,MAAM,CAAC,yBAAyB,EAAE,sDAAsD,CAAC;SACzF,MAAM,CACL,KAAK,EAAE,OAMN,EAAE,EAAE;QACL,aAAa,EAAE,CAAC;QAChB,kBAAkB,EAAE,CAAC;QACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,UAAU,CAAC,CAAC;QAEjD,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;YAC/B,MAAM,MAAM,GAAG,MAAM,iBAAiB,EAAE,CAAC;YACzC,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;YACvE,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;YACzD,MAAM,OAAO,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,OAAO,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;YAC9E,MAAM,KAAK,GAAG,CAAC,GAAG,CAAC,MAAM,CAAC,KAAK,EAAE,KAAK,IAAI,EAAE,CAAC,EAAE,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,EAAE,CAAC,CAAC,CAAC;YACxE,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,GAAG,EAAE,OAAO,CAAC,QAAQ,IAAI,EAAE,CAAC,CAAC,CAAC;YACpE,MAAM,MAAM,GAAG,eAAe,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,EAAE;gBACxD,YAAY,EAAE,OAAO,CAAC,YAAY,KAAK,IAAI;gBAC3C,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,KAAK,IAAI;aACxD,CAAC,CAAC;YACH,MAAM,MAAM,GAAG;gBACb,GAAG,MAAM;gBACT,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC;gBACtC,SAAS,EAAE,MAAM,CAAC,KAAK,CAAC,MAAM,GAAG,QAAQ,IAAI,MAAM,CAAC,SAAS;aAC9D,CAAC;YAEF,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;gBACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;gBAC7C,OAAO;YACT,CAAC;YACD,aAAa,CAAC,MAAM,CAAC,CAAC;QACxB,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;YAC3E,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAClB,CAAC;IACH,CAAC,CACF,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,MAAsB;IAC3C,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC;IAC1C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC,CAAC;IACnE,IAAI,CAAC,MAAM,CAAC,SAAS,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,IAAI,MAAM,CAAC,MAAM,IAAI,aAAa,EAAE,CAAC,CAAC;QACxE,OAAO;IACT,CAAC;IACD,IAAI,MAAM,CAAC,SAAS,KAAK,CAAC,EAAE,CAAC;QAC3B,OAAO,CAAC,GAAG,CAAC,+BAA+B,CAAC,CAAC;QAC7C,OAAO;IACT,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,oBAAoB,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,EAAE,CAAC;QAChC,SAAS,CAAC,IAAI,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,SAAS,SAAS,CAAC,IAAkB;IACnC,MAAM,KAAK,GAAG,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IACxD,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjG,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,IAAI,KAAK,IAAI,CAAC,UAAU,GAAG,CAAC,CAAC;IAC3E,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IAClE,OAAO,CAAC,GAAG,CAAC,OAAO,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,gBAAgB,CAAC,KAAa;IACrC,MAAM,MAAM,GAAG,MAAM,CAAC,QAAQ,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;IAC1C,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,MAAM,IAAI,CAAC,EAAE,CAAC;QAC5C,MAAM,IAAI,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACtD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/core/agentBrief.js
CHANGED
|
@@ -1,4 +1,7 @@
|
|
|
1
1
|
import { analyzeHotspots } from './hotspotAnalyzer.js';
|
|
2
|
+
import { buildCodeGraph } from './codeGraph.js';
|
|
3
|
+
import { computeDataflow } from './dataflow.js';
|
|
4
|
+
import { buildSemanticGraph } from './semanticGraph.js';
|
|
2
5
|
import { collectIssues } from './issueEngine.js';
|
|
3
6
|
import { scanRepository } from './repositoryScanner.js';
|
|
4
7
|
import { buildRiskNow } from './sessionResources.js';
|
|
@@ -12,9 +15,10 @@ export async function computeAgentBrief(rootPath, options = {}) {
|
|
|
12
15
|
const scan = await scanRepository(rootPath, { ignore: configResult.config.ignore });
|
|
13
16
|
const issues = applyConfigToIssues(await collectIssues(rootPath, scan.files), configResult.config);
|
|
14
17
|
const health = calculateScore(issues);
|
|
15
|
-
const [riskNow, hotspots] = await Promise.all([
|
|
18
|
+
const [riskNow, hotspots, graphContext] = await Promise.all([
|
|
16
19
|
safeRiskNow(rootPath),
|
|
17
20
|
safeHotspots(rootPath, scan.files, issues, maxItems),
|
|
21
|
+
safeGraphContext(rootPath, scan.files),
|
|
18
22
|
]);
|
|
19
23
|
const allFocus = rankFocus([
|
|
20
24
|
...issues.slice(0, maxItems * 2).map(issueToFocus),
|
|
@@ -34,6 +38,7 @@ export async function computeAgentBrief(rootPath, options = {}) {
|
|
|
34
38
|
topDirectories: topDirectories(scan.files),
|
|
35
39
|
touchedFiles: riskNow.touchedFiles.slice(0, 12),
|
|
36
40
|
conflicts: riskNow.conflicts.length,
|
|
41
|
+
...(graphContext ? { graph: graphContext } : {}),
|
|
37
42
|
},
|
|
38
43
|
focus,
|
|
39
44
|
guardrails,
|
|
@@ -41,6 +46,31 @@ export async function computeAgentBrief(rootPath, options = {}) {
|
|
|
41
46
|
...(allFocus.length > focus.length || riskNow.touchedFiles.length > 12 ? { truncated: true } : {}),
|
|
42
47
|
};
|
|
43
48
|
}
|
|
49
|
+
async function safeGraphContext(rootPath, files) {
|
|
50
|
+
try {
|
|
51
|
+
const graph = await buildCodeGraph(rootPath, files);
|
|
52
|
+
const semantic = buildSemanticGraph(graph, { maxNodes: 5_000, maxEdges: 10_000 });
|
|
53
|
+
const dataflow = computeDataflow(graph, { sources: [], sinks: [] });
|
|
54
|
+
return {
|
|
55
|
+
schemaVersion: 1,
|
|
56
|
+
totalFunctions: semantic.metrics.totalFunctions,
|
|
57
|
+
totalPackages: semantic.metrics.totalPackages,
|
|
58
|
+
totalCallEdges: semantic.edges.filter((edge) => edge.kind === 'calls').length,
|
|
59
|
+
dataflowRisks: dataflow.riskCount,
|
|
60
|
+
topPackages: topPackagesByImporters(graph),
|
|
61
|
+
};
|
|
62
|
+
}
|
|
63
|
+
catch {
|
|
64
|
+
return undefined;
|
|
65
|
+
}
|
|
66
|
+
}
|
|
67
|
+
function topPackagesByImporters(graph) {
|
|
68
|
+
return [...graph.packageImporters.entries()]
|
|
69
|
+
.map(([name, importers]) => ({ name, count: importers.size }))
|
|
70
|
+
.sort((a, b) => b.count - a.count || a.name.localeCompare(b.name))
|
|
71
|
+
.slice(0, 5)
|
|
72
|
+
.map((entry) => entry.name);
|
|
73
|
+
}
|
|
44
74
|
async function safeRiskNow(rootPath) {
|
|
45
75
|
try {
|
|
46
76
|
return await buildRiskNow(rootPath);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"agentBrief.js","sourceRoot":"","sources":["../../src/core/agentBrief.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;
|
|
1
|
+
{"version":3,"file":"agentBrief.js","sourceRoot":"","sources":["../../src/core/agentBrief.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,eAAe,EAAE,MAAM,sBAAsB,CAAC;AACvD,OAAO,EAAE,cAAc,EAAkB,MAAM,gBAAgB,CAAC;AAChE,OAAO,EAAE,eAAe,EAAE,MAAM,eAAe,CAAC;AAChD,OAAO,EAAE,kBAAkB,EAAE,MAAM,oBAAoB,CAAC;AACxD,OAAO,EAAE,aAAa,EAAE,MAAM,kBAAkB,CAAC;AACjD,OAAO,EAAE,cAAc,EAAE,MAAM,wBAAwB,CAAC;AACxD,OAAO,EAAE,YAAY,EAAE,MAAM,uBAAuB,CAAC;AACrD,OAAO,EAAE,mBAAmB,EAAE,UAAU,EAAE,MAAM,oBAAoB,CAAC;AACrE,OAAO,EAAE,cAAc,EAAE,MAAM,6BAA6B,CAAC;AAqB7D,MAAM,iBAAiB,GAAG,CAAC,CAAC;AAE5B,MAAM,CAAC,KAAK,UAAU,iBAAiB,CACrC,QAAgB,EAChB,UAAoC,EAAE;IAEtC,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;IAC/C,MAAM,QAAQ,GAAG,YAAY,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAChD,MAAM,YAAY,GAAG,MAAM,UAAU,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,CAAC,EAAE,MAAM,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;IAC1F,MAAM,IAAI,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,EAAE,MAAM,EAAE,YAAY,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC;IACpF,MAAM,MAAM,GAAG,mBAAmB,CAAC,MAAM,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC,EAAE,YAAY,CAAC,MAAM,CAAC,CAAC;IACnG,MAAM,MAAM,GAAG,cAAc,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,CAAC,OAAO,EAAE,QAAQ,EAAE,YAAY,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC;QAC1D,WAAW,CAAC,QAAQ,CAAC;QACrB,YAAY,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,QAAQ,CAAC;QACpD,gBAAgB,CAAC,QAAQ,EAAE,IAAI,CAAC,KAAK,CAAC;KACvC,CAAC,CAAC;IACH,MAAM,QAAQ,GAAG,SAAS,CAAC;QACzB,GAAG,MAAM,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,GAAG,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,CAAC;QAClD,GAAG,OAAO,CAAC,SAAS,CAAC,GAAG,CAAC,eAAe,CAAC;QACzC,GAAG,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;KACrE,CAAC,CAAC;IACH,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;IAC1F,MAAM,UAAU,GAAG,eAAe,CAAC,MAAM,CAAC,CAAC;IAE3C,OAAO;QACL,aAAa,EAAE,CAAC;QAChB,MAAM;QACN,OAAO,EAAE,SAAS,CAAC,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC;QACzC,MAAM;QACN,OAAO,EAAE;YACP,UAAU,EAAE,IAAI,CAAC,UAAU;YAC3B,gBAAgB,EAAE,IAAI,CAAC,gBAAgB;YACvC,cAAc,EAAE,cAAc,CAAC,IAAI,CAAC,KAAK,CAAC;YAC1C,YAAY,EAAE,OAAO,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC;YAC/C,SAAS,EAAE,OAAO,CAAC,SAAS,CAAC,MAAM;YACnC,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjD;QACD,KAAK;QACL,UAAU;QACV,oBAAoB,EAAE,gBAAgB,CAAC,KAAK,EAAE,UAAU,CAAC;QACzD,GAAG,CAAC,QAAQ,CAAC,MAAM,GAAG,KAAK,CAAC,MAAM,IAAI,OAAO,CAAC,YAAY,CAAC,MAAM,GAAG,EAAE,CAAC,CAAC,CAAC,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;KACnG,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,gBAAgB,CAAC,QAAgB,EAAE,KAAkB;IAClE,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,cAAc,CAAC,QAAQ,EAAE,KAAK,CAAC,CAAC;QACpD,MAAM,QAAQ,GAAG,kBAAkB,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,KAAK,EAAE,QAAQ,EAAE,MAAM,EAAE,CAAC,CAAC;QAClF,MAAM,QAAQ,GAAG,eAAe,CAAC,KAAK,EAAE,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC;QACpE,OAAO;YACL,aAAa,EAAE,CAAC;YAChB,cAAc,EAAE,QAAQ,CAAC,OAAO,CAAC,cAAc;YAC/C,aAAa,EAAE,QAAQ,CAAC,OAAO,CAAC,aAAa;YAC7C,cAAc,EAAE,QAAQ,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,MAAM;YAC7E,aAAa,EAAE,QAAQ,CAAC,SAAS;YACjC,WAAW,EAAE,sBAAsB,CAAC,KAAK,CAAC;SAC3C,CAAC;IACJ,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,SAAS,CAAC;IACnB,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAgB;IAC9C,OAAO,CAAC,GAAG,KAAK,CAAC,gBAAgB,CAAC,OAAO,EAAE,CAAC;SACzC,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,SAAS,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,SAAS,CAAC,IAAI,EAAE,CAAC,CAAC;SAC7D,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;SACjE,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC;SACX,GAAG,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,QAAgB;IACzC,IAAI,CAAC;QACH,OAAO,MAAM,YAAY,CAAC,QAAQ,CAAC,CAAC;IACtC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,YAAY,EAAE,EAAE,EAAE,SAAS,EAAE,EAAE,EAAE,CAAC;IAC7C,CAAC;AACH,CAAC;AAED,KAAK,UAAU,YAAY,CACzB,QAAgB,EAChB,KAA4C,EAC5C,MAAe,EACf,KAAa;IAEb,IAAI,CAAC;QACH,OAAO,MAAM,eAAe,CAAC,QAAQ,EAAE,KAAK,EAAE,MAAM,EAAE,EAAE,KAAK,EAAE,CAAC,CAAC;IACnE,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO;YACL,SAAS,EAAE,KAAK;YAChB,MAAM,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;YACxD,MAAM,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,cAAc,EAAE,CAAC,EAAE;YAC1C,QAAQ,EAAE,EAAE;YACZ,gBAAgB,EAAE,CAAC;SACpB,CAAC;IACJ,CAAC;AACH,CAAC;AAED,SAAS,YAAY,CAAC,KAAY;IAChC,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC;IAChC,OAAO;QACL,EAAE,EAAE,YAAY,KAAK,CAAC,EAAE,EAAE;QAC1B,QAAQ,EAAE,gBAAgB,CAAC,KAAK,CAAC,QAAQ,CAAC;QAC1C,KAAK,EAAE,KAAK,CAAC,KAAK;QAClB,GAAG,EAAE,KAAK,CAAC,WAAW;QACtB,KAAK;QACL,QAAQ,EAAE,CAAC,+BAA+B,EAAE,0BAA0B,KAAK,CAAC,EAAE,gBAAgB,CAAC;KAChG,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,QAAyB,EAAE,KAAa;IAC/D,OAAO;QACL,EAAE,EAAE,eAAe,KAAK,GAAG,CAAC,EAAE;QAC9B,QAAQ,EAAE,QAAQ,CAAC,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;QACrD,KAAK,EAAE,+BAA+B;QACtC,GAAG,EAAE,QAAQ,CAAC,OAAO;QACrB,KAAK,EAAE,QAAQ,CAAC,KAAK;QACrB,QAAQ,EAAE,CAAC,wCAAwC,EAAE,oCAAoC,CAAC;KAC3F,CAAC;AACJ,CAAC;AAED,SAAS,cAAc,CAAC,OAAoB;IAC1C,OAAO;QACL,EAAE,EAAE,cAAc,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE;QAC9C,QAAQ,EAAE,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,OAAO,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI;QAChF,KAAK,EAAE,mBAAmB,OAAO,CAAC,YAAY,EAAE;QAChD,GAAG,EAAE,OAAO,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,cAAc,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,EAAE;QACxE,KAAK,EAAE,CAAC,OAAO,CAAC,YAAY,CAAC;QAC7B,QAAQ,EAAE,CAAC,iBAAiB,OAAO,CAAC,YAAY,gBAAgB,EAAE,iCAAiC,CAAC;KACrG,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CAAC,MAAwB;IAC7C,OAAO;QACL,EAAE,EAAE,aAAa;QACjB,QAAQ,EAAE,IAAI;QACd,KAAK,EAAE,sCAAsC;QAC7C,GAAG,EAAE,6CAA6C,MAAM,gEAAgE;QACxH,KAAK,EAAE,EAAE;QACT,QAAQ,EAAE,CAAC,+BAA+B,EAAE,qDAAqD,CAAC;KACnG,CAAC;AACJ,CAAC;AAED,SAAS,eAAe,CAAC,MAAwB;IAC/C,OAAO;QACL;YACE,EAAE,EAAE,qBAAqB;YACzB,KAAK,EAAE,cAAc;YACrB,MAAM,EAAE,yDAAyD;YACjE,OAAO,EAAE,+BAA+B;SACzC;QACD;YACE,EAAE,EAAE,wBAAwB;YAC5B,KAAK,EAAE,iBAAiB;YACxB,MAAM,EAAE,8DAA8D;YACtE,OAAO,EAAE,MAAM,KAAK,SAAS;gBAC3B,CAAC,CAAC,sDAAsD;gBACxD,CAAC,CAAC,qDAAqD;SAC1D;QACD;YACE,EAAE,EAAE,oBAAoB;YACxB,KAAK,EAAE,kBAAkB;YACzB,MAAM,EAAE,iDAAiD;YACzD,OAAO,EAAE,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,wDAAwD,CAAC,CAAC,CAAC,UAAU;SACtG;KACF,CAAC;AACJ,CAAC;AAED,SAAS,SAAS,CAAC,KAAuB;IACxC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,OAAO,KAAK;SACT,MAAM,CAAC,CAAC,IAAI,EAAE,EAAE;QACf,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;YAAE,OAAO,KAAK,CAAC;QACpC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAClB,OAAO,IAAI,CAAC;IACd,CAAC,CAAC;SACD,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,YAAY,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACrG,CAAC;AAED,SAAS,gBAAgB,CACvB,KAAuB,EACvB,UAAiC;IAEjC,OAAO;QACL,GAAG,KAAK,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QACtF,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,SAAS,CAAC,KAAK,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,CAAC,CAAC;KAC3F,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,SAAS,CAAC,MAAwB,EAAE,KAAuB,EAAE,MAAyC;IAC7G,OAAO,gBAAgB,MAAM,QAAQ,KAAK,CAAC,MAAM,0BAA0B,MAAM,CAAC,KAAK,KAAK,MAAM,CAAC,KAAK,GAAG,CAAC;AAC9G,CAAC;AAED,SAAS,cAAc,CAAC,KAAmC;IACzD,MAAM,MAAM,GAAG,IAAI,GAAG,EAAkB,CAAC;IACzC,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,IAAI,CAAC,SAAS,IAAI,GAAG,CAAC;QAClC,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC;IAC9C,CAAC;IACD,OAAO,CAAC,GAAG,MAAM,CAAC,OAAO,EAAE,CAAC;SACzB,GAAG,CAAC,CAAC,CAAC,SAAS,EAAE,KAAK,CAAC,EAAE,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;SAC1D,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,KAAK,IAAI,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC;SAC3E,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,UAAU,CAAC,KAAY;IAC9B,OAAO,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,KAAK,CAAC,SAAS,IAAI,EAAE,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,EAAE,EAAE,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC;AAChG,CAAC;AAED,SAAS,eAAe,CAAC,KAAmC;IAC1D,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,SAAS,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,WAAW;QAAE,OAAO,KAAK,CAAC;IAC/G,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,SAAS,YAAY,CAAC,KAAyB;IAC7C,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,KAAK,CAAC;QAAE,OAAO,iBAAiB,CAAC;IACnF,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,IAAI,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;AACtD,CAAC;AAED,SAAS,gBAAgB,CAAC,QAA2B;IACnD,IAAI,QAAQ,KAAK,OAAO;QAAE,OAAO,IAAI,CAAC;IACtC,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,IAAI,CAAC;IACxC,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,YAAY,CAAC,QAA0B;IAC9C,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,IAAI,QAAQ,KAAK,IAAI;QAAE,OAAO,CAAC,CAAC;IAChC,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,IAAI,CAAC,KAAa;IACzB,OAAO,KAAK,CAAC,OAAO,CAAC,gBAAgB,EAAE,GAAG,CAAC,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC,WAAW,EAAE,IAAI,MAAM,CAAC;AAC9F,CAAC"}
|
package/dist/core/dataflow.d.ts
CHANGED
|
@@ -3,5 +3,9 @@ import { type TaintConfig } from './taint.js';
|
|
|
3
3
|
import type { DataflowReport } from '../types.js';
|
|
4
4
|
export interface DataflowOptions {
|
|
5
5
|
maxDepth?: number;
|
|
6
|
+
/** Include risks whose path touches test files. Default false for signal. */
|
|
7
|
+
includeTests?: boolean;
|
|
8
|
+
/** Include broad default readFile/writeFile-style risks. Custom sources/sinks still report. */
|
|
9
|
+
includeBroadFileIo?: boolean;
|
|
6
10
|
}
|
|
7
11
|
export declare function computeDataflow(graph: CodeGraph, config?: TaintConfig, options?: DataflowOptions): DataflowReport;
|
package/dist/core/dataflow.js
CHANGED
|
@@ -1,9 +1,19 @@
|
|
|
1
|
+
import { shouldIncludeDataflowRisk } from './dataflowFilters.js';
|
|
1
2
|
import { DEFAULT_TAINT_SINKS, DEFAULT_TAINT_SOURCES, computeTaint, } from './taint.js';
|
|
2
3
|
const DEFAULT_MAX_DEPTH = 12;
|
|
3
4
|
export function computeDataflow(graph, config = { sources: [], sinks: [] }, options = {}) {
|
|
4
|
-
const
|
|
5
|
-
const
|
|
5
|
+
const customSources = new Set(config.sources ?? []);
|
|
6
|
+
const customSinks = new Set(config.sinks ?? []);
|
|
7
|
+
const sources = new Set([...DEFAULT_TAINT_SOURCES, ...customSources]);
|
|
8
|
+
const sinks = new Set([...DEFAULT_TAINT_SINKS, ...customSinks]);
|
|
6
9
|
const index = buildFunctionIndex(graph, sources, sinks);
|
|
10
|
+
const filterContext = {
|
|
11
|
+
graph,
|
|
12
|
+
customSources,
|
|
13
|
+
customSinks,
|
|
14
|
+
includeTests: options.includeTests === true,
|
|
15
|
+
includeBroadFileIo: options.includeBroadFileIo === true,
|
|
16
|
+
};
|
|
7
17
|
if (index.fns.length === 0 || index.totalCallSites === 0) {
|
|
8
18
|
return {
|
|
9
19
|
available: false,
|
|
@@ -24,7 +34,7 @@ export function computeDataflow(graph, config = { sources: [], sinks: [] }, opti
|
|
|
24
34
|
if (seen.has(key))
|
|
25
35
|
continue;
|
|
26
36
|
seen.add(key);
|
|
27
|
-
|
|
37
|
+
const risk = {
|
|
28
38
|
key,
|
|
29
39
|
kind,
|
|
30
40
|
severity: 'error',
|
|
@@ -36,7 +46,9 @@ export function computeDataflow(graph, config = { sources: [], sinks: [] }, opti
|
|
|
36
46
|
path: flow.path,
|
|
37
47
|
pathLength: flow.path.length,
|
|
38
48
|
files: flow.files,
|
|
39
|
-
}
|
|
49
|
+
};
|
|
50
|
+
if (shouldIncludeDataflowRisk(risk, filterContext))
|
|
51
|
+
risks.push(risk);
|
|
40
52
|
}
|
|
41
53
|
}
|
|
42
54
|
const maxDepth = Math.max(1, options.maxDepth ?? DEFAULT_MAX_DEPTH);
|
|
@@ -67,7 +79,7 @@ export function computeDataflow(graph, config = { sources: [], sinks: [] }, opti
|
|
|
67
79
|
...sourcePath.slice(1).map((node) => node.qualName),
|
|
68
80
|
...sinkPath.slice(1).map((node) => node.qualName),
|
|
69
81
|
];
|
|
70
|
-
|
|
82
|
+
const risk = {
|
|
71
83
|
key,
|
|
72
84
|
kind: 'bridge',
|
|
73
85
|
severity: 'error',
|
|
@@ -82,7 +94,9 @@ export function computeDataflow(graph, config = { sources: [], sinks: [] }, opti
|
|
|
82
94
|
sinkPath: sinkPath.map((node) => node.qualName),
|
|
83
95
|
pathLength: Math.max(sourcePath.length, sinkPath.length),
|
|
84
96
|
files,
|
|
85
|
-
}
|
|
97
|
+
};
|
|
98
|
+
if (shouldIncludeDataflowRisk(risk, filterContext, sinkNode.file))
|
|
99
|
+
risks.push(risk);
|
|
86
100
|
}
|
|
87
101
|
risks.sort(compareRisks);
|
|
88
102
|
return {
|
|
@@ -99,6 +113,7 @@ export function computeDataflow(graph, config = { sources: [], sinks: [] }, opti
|
|
|
99
113
|
function buildFunctionIndex(graph, sources, sinks) {
|
|
100
114
|
const fns = [];
|
|
101
115
|
const byBareName = new Map();
|
|
116
|
+
const importedFilesByFile = buildImportedFilesByFile(graph);
|
|
102
117
|
let totalCallSites = 0;
|
|
103
118
|
for (const [file, entry] of graph.files) {
|
|
104
119
|
for (const fn of entry.functions ?? []) {
|
|
@@ -110,7 +125,18 @@ function buildFunctionIndex(graph, sources, sinks) {
|
|
|
110
125
|
byBareName.set(node.bareName, list);
|
|
111
126
|
}
|
|
112
127
|
}
|
|
113
|
-
return { fns, byBareName, totalCallSites };
|
|
128
|
+
return { fns, byBareName, importedFilesByFile, totalCallSites };
|
|
129
|
+
}
|
|
130
|
+
function buildImportedFilesByFile(graph) {
|
|
131
|
+
const importedFilesByFile = new Map();
|
|
132
|
+
for (const [target, importers] of graph.localImporters) {
|
|
133
|
+
for (const importer of importers) {
|
|
134
|
+
const targets = importedFilesByFile.get(importer) ?? new Set();
|
|
135
|
+
targets.add(target);
|
|
136
|
+
importedFilesByFile.set(importer, targets);
|
|
137
|
+
}
|
|
138
|
+
}
|
|
139
|
+
return importedFilesByFile;
|
|
114
140
|
}
|
|
115
141
|
function functionNode(file, fn, sources, sinks) {
|
|
116
142
|
const callees = fn.callSites ?? [];
|
|
@@ -138,7 +164,7 @@ function findReachable(start, index, predicate, maxDepth) {
|
|
|
138
164
|
const next = [];
|
|
139
165
|
for (const entry of frontier) {
|
|
140
166
|
for (const callee of entry.node.callees) {
|
|
141
|
-
const targets =
|
|
167
|
+
const targets = resolveCalleeTargets(entry.node, callee, index);
|
|
142
168
|
for (const target of targets) {
|
|
143
169
|
if (visited.has(target.id))
|
|
144
170
|
continue;
|
|
@@ -156,6 +182,63 @@ function findReachable(start, index, predicate, maxDepth) {
|
|
|
156
182
|
}
|
|
157
183
|
return null;
|
|
158
184
|
}
|
|
185
|
+
function resolveCalleeTargets(from, callee, index) {
|
|
186
|
+
const targets = index.byBareName.get(callee) ?? [];
|
|
187
|
+
if (targets.length === 0)
|
|
188
|
+
return [];
|
|
189
|
+
const sameFile = targets.filter((target) => target.file === from.file);
|
|
190
|
+
if (sameFile.length > 0)
|
|
191
|
+
return sameFile;
|
|
192
|
+
const importedFiles = index.importedFilesByFile.get(from.file);
|
|
193
|
+
if (importedFiles) {
|
|
194
|
+
const importedTargets = targets.filter((target) => importedFiles.has(target.file));
|
|
195
|
+
if (importedTargets.length > 0)
|
|
196
|
+
return importedTargets;
|
|
197
|
+
}
|
|
198
|
+
// Bare call names such as RegExp.exec, parse, get, run, and handler are
|
|
199
|
+
// too collision-prone to join across the whole repository. Keep the
|
|
200
|
+
// conservative global fallback for distinctive names only.
|
|
201
|
+
if (isCollisionProneCallee(callee))
|
|
202
|
+
return [];
|
|
203
|
+
return targets.length === 1 ? targets : [];
|
|
204
|
+
}
|
|
205
|
+
const COLLISION_PRONE_CALLEES = new Set([
|
|
206
|
+
'add',
|
|
207
|
+
'build',
|
|
208
|
+
'check',
|
|
209
|
+
'close',
|
|
210
|
+
'compare',
|
|
211
|
+
'create',
|
|
212
|
+
'delete',
|
|
213
|
+
'exec',
|
|
214
|
+
'execute',
|
|
215
|
+
'filter',
|
|
216
|
+
'find',
|
|
217
|
+
'get',
|
|
218
|
+
'handle',
|
|
219
|
+
'handler',
|
|
220
|
+
'init',
|
|
221
|
+
'load',
|
|
222
|
+
'main',
|
|
223
|
+
'map',
|
|
224
|
+
'open',
|
|
225
|
+
'parse',
|
|
226
|
+
'read',
|
|
227
|
+
'reduce',
|
|
228
|
+
'remove',
|
|
229
|
+
'resolve',
|
|
230
|
+
'run',
|
|
231
|
+
'save',
|
|
232
|
+
'set',
|
|
233
|
+
'start',
|
|
234
|
+
'stop',
|
|
235
|
+
'update',
|
|
236
|
+
'validate',
|
|
237
|
+
'write',
|
|
238
|
+
]);
|
|
239
|
+
function isCollisionProneCallee(callee) {
|
|
240
|
+
return COLLISION_PRONE_CALLEES.has(callee) || callee.length <= 2;
|
|
241
|
+
}
|
|
159
242
|
function pickHit(values, set) {
|
|
160
243
|
for (const value of values) {
|
|
161
244
|
if (set.has(value))
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"dataflow.js","sourceRoot":"","sources":["../../src/core/dataflow.ts"],"names":[],"mappings":"AAEA,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,YAAY,GAEb,MAAM,YAAY,CAAC;AA2BpB,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,MAAM,UAAU,eAAe,CAC7B,KAAgB,EAChB,SAAsB,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAChD,UAA2B,EAAE;IAE7B,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,qBAAqB,EAAE,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IAC/E,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,mBAAmB,EAAE,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACzE,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IACxD,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,cAAc,KAAK,CAAC,EAAE,CAAC;QACzD,OAAO;YACL,SAAS,EAAE,KAAK;YAChB,MAAM,EACJ,qFAAqF;YACvF,SAAS,EAAE,CAAC;YACZ,KAAK,EAAE,EAAE;YACT,gBAAgB,EAAE,CAAC,GAAG,OAAO,CAAC;YAC9B,cAAc,EAAE,CAAC,GAAG,KAAK,CAAC;SAC3B,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAmB,EAAE,CAAC;IACjC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QACpB,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC;YAC9D,MAAM,GAAG,GAAG,GAAG,IAAI,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACzG,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,KAAK,CAAC,IAAI,CAAC;gBACT,GAAG;gBACH,IAAI;gBACJ,QAAQ,EAAE,OAAO;gBACjB,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBACrD,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;gBAC5B,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,QAAQ,IAAI,iBAAiB,CAAC,CAAC;IACpE,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,GAAG,EAAE,CAAC;QAC/B,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,OAAO;YAAE,SAAS;QACjD,MAAM,UAAU,GAAG,aAAa,CAC9B,MAAM,EACN,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,EACxB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,UAAU;YAAE,SAAS;QAC1B,MAAM,QAAQ,GAAG,aAAa,CAC5B,MAAM,EACN,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,EACtB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,QAAQ;YAAE,SAAS;QACxB,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/C,IAAI,UAAU,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE;YAAE,SAAS;QAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QACjC,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC3B,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI;YAAE,SAAS;QAC/B,MAAM,GAAG,GAAG,UAAU,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;QACpF,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,GAAG,UAAU,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACjF,MAAM,IAAI,GAAG;YACX,MAAM,CAAC,QAAQ;YACf,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YACnD,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;SAClD,CAAC;QACF,KAAK,CAAC,IAAI,CAAC;YACT,GAAG;YACH,IAAI,EAAE,QAAQ;YACd,QAAQ,EAAE,OAAO;YACjB,UAAU,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;YAChF,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,MAAM,EAAE,QAAQ,CAAC,QAAQ;YACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,MAAM;YACN,IAAI;YACJ,IAAI;YACJ,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YACnD,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC/C,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC;YACxD,KAAK;SACN,CAAC,CAAC;IACL,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACzB,OAAO;QACL,SAAS,EAAE,IAAI;QACf,SAAS,EAAE,KAAK,CAAC,MAAM;QACvB,KAAK;QACL,gBAAgB,EAAE,CAAC,GAAG,OAAO,CAAC;QAC9B,cAAc,EAAE,CAAC,GAAG,KAAK,CAAC;QAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;QACxC,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,KAAgB,EAChB,OAAoB,EACpB,KAAkB;IAElB,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC/C,IAAI,cAAc,GAAG,CAAC,CAAC;IACvB,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QACxC,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;YACvC,MAAM,IAAI,GAAG,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;YACpD,cAAc,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;YACtC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACf,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACjD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAChB,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,cAAc,EAAE,CAAC;AAC7C,CAAC;AAED,SAAS,YAAY,CACnB,IAAY,EACZ,EAAgB,EAChB,OAAoB,EACpB,KAAkB;IAElB,MAAM,OAAO,GAAG,EAAE,CAAC,SAAS,IAAI,EAAE,CAAC;IACnC,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,IAAI,EAAE,CAAC;IACvC,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,OAAO,EAAE,GAAG,UAAU,CAAC,EAAE,OAAO,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO;QACL,EAAE,EAAE,GAAG,IAAI,KAAK,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,EAAE;QACpC,QAAQ,EAAE,EAAE,CAAC,IAAI;QACjB,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC;QAC3B,IAAI;QACJ,IAAI,EAAE,EAAE,CAAC,IAAI;QACb,OAAO;QACP,UAAU;QACV,MAAM;QACN,IAAI;QACJ,SAAS,EAAE,MAAM,KAAK,IAAI;QAC1B,OAAO,EAAE,IAAI,KAAK,IAAI;KACvB,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CACpB,KAAa,EACb,KAAc,EACd,SAAoC,EACpC,QAAgB;IAGhB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,IAAI,QAAQ,GAAoB,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACjE,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,QAAQ,EAAE,KAAK,EAAE,EAAE,CAAC;QAC9C,MAAM,IAAI,GAAoB,EAAE,CAAC;QACjC,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC7B,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACxC,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;gBACnD,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;oBAC7B,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;wBAAE,SAAS;oBACrC,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACrC,IAAI,SAAS,CAAC,MAAM,CAAC;wBAAE,OAAO,IAAI,CAAC;oBACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;oBACvB,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,QAAQ,GAAG,IAAI,CAAC;IAClB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,OAAO,CAAC,MAAgB,EAAE,GAAgB;IACjD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;IACnC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,QAAQ,CAAC,SAAiB;IACjC,MAAM,GAAG,GAAG,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,WAAW,CAAC,KAAe;IAClC,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAC7B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACf,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAe,EAAE,CAAe;IACpD,MAAM,aAAa,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;IAC/C,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC5E,IAAI,aAAa,KAAK,CAAC;QAAE,OAAO,aAAa,CAAC;IAC9C,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACxD,IAAI,SAAS,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACtC,IAAI,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,UAAU;QAAE,OAAO,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC;IACtE,OAAO,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC"}
|
|
1
|
+
{"version":3,"file":"dataflow.js","sourceRoot":"","sources":["../../src/core/dataflow.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,yBAAyB,EAAkC,MAAM,sBAAsB,CAAC;AACjG,OAAO,EACL,mBAAmB,EACnB,qBAAqB,EACrB,YAAY,GAEb,MAAM,YAAY,CAAC;AAgCpB,MAAM,iBAAiB,GAAG,EAAE,CAAC;AAE7B,MAAM,UAAU,eAAe,CAC7B,KAAgB,EAChB,SAAsB,EAAE,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,EAChD,UAA2B,EAAE;IAE7B,MAAM,aAAa,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC,CAAC;IACpD,MAAM,WAAW,GAAG,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,qBAAqB,EAAE,GAAG,aAAa,CAAC,CAAC,CAAC;IACtE,MAAM,KAAK,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,mBAAmB,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC;IAChE,MAAM,KAAK,GAAG,kBAAkB,CAAC,KAAK,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;IACxD,MAAM,aAAa,GAA8B;QAC/C,KAAK;QACL,aAAa;QACb,WAAW;QACX,YAAY,EAAE,OAAO,CAAC,YAAY,KAAK,IAAI;QAC3C,kBAAkB,EAAE,OAAO,CAAC,kBAAkB,KAAK,IAAI;KACxD,CAAC;IACF,IAAI,KAAK,CAAC,GAAG,CAAC,MAAM,KAAK,CAAC,IAAI,KAAK,CAAC,cAAc,KAAK,CAAC,EAAE,CAAC;QACzD,OAAO;YACL,SAAS,EAAE,KAAK;YAChB,MAAM,EACJ,qFAAqF;YACvF,SAAS,EAAE,CAAC;YACZ,KAAK,EAAE,EAAE;YACT,gBAAgB,EAAE,CAAC,GAAG,OAAO,CAAC;YAC9B,cAAc,EAAE,CAAC,GAAG,KAAK,CAAC;SAC3B,CAAC;IACJ,CAAC;IAED,MAAM,KAAK,GAAmB,EAAE,CAAC;IACjC,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;IAC1C,IAAI,KAAK,CAAC,SAAS,EAAE,CAAC;QACpB,KAAK,MAAM,IAAI,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;YAC/B,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC;YAC9D,MAAM,GAAG,GAAG,GAAG,IAAI,IAAI,IAAI,CAAC,QAAQ,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,MAAM,IAAI,IAAI,CAAC,IAAI,IAAI,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;YACzG,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;gBAAE,SAAS;YAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;YACd,MAAM,IAAI,GAAiB;gBACzB,GAAG;gBACH,IAAI;gBACJ,QAAQ,EAAE,OAAO;gBACjB,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;gBACrD,QAAQ,EAAE,IAAI,CAAC,QAAQ;gBACvB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,MAAM,EAAE,IAAI,CAAC,MAAM;gBACnB,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,IAAI,EAAE,IAAI,CAAC,IAAI;gBACf,UAAU,EAAE,IAAI,CAAC,IAAI,CAAC,MAAM;gBAC5B,KAAK,EAAE,IAAI,CAAC,KAAK;aAClB,CAAC;YACF,IAAI,yBAAyB,CAAC,IAAI,EAAE,aAAa,CAAC;gBAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvE,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,OAAO,CAAC,QAAQ,IAAI,iBAAiB,CAAC,CAAC;IACpE,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,GAAG,EAAE,CAAC;QAC/B,IAAI,MAAM,CAAC,SAAS,IAAI,MAAM,CAAC,OAAO;YAAE,SAAS;QACjD,MAAM,UAAU,GAAG,aAAa,CAC9B,MAAM,EACN,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,SAAS,EACxB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,UAAU;YAAE,SAAS;QAC1B,MAAM,QAAQ,GAAG,aAAa,CAC5B,MAAM,EACN,KAAK,EACL,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,OAAO,EACtB,QAAQ,CACT,CAAC;QACF,IAAI,CAAC,QAAQ;YAAE,SAAS;QACxB,MAAM,UAAU,GAAG,UAAU,CAAC,UAAU,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACrD,MAAM,QAAQ,GAAG,QAAQ,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC/C,IAAI,UAAU,CAAC,EAAE,KAAK,QAAQ,CAAC,EAAE;YAAE,SAAS;QAC5C,MAAM,MAAM,GAAG,UAAU,CAAC,MAAM,CAAC;QACjC,MAAM,IAAI,GAAG,QAAQ,CAAC,IAAI,CAAC;QAC3B,IAAI,CAAC,MAAM,IAAI,CAAC,IAAI;YAAE,SAAS;QAC/B,MAAM,GAAG,GAAG,UAAU,MAAM,CAAC,EAAE,IAAI,UAAU,CAAC,EAAE,IAAI,QAAQ,CAAC,EAAE,IAAI,MAAM,IAAI,IAAI,EAAE,CAAC;QACpF,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,MAAM,KAAK,GAAG,WAAW,CAAC,CAAC,GAAG,UAAU,EAAE,GAAG,QAAQ,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QACjF,MAAM,IAAI,GAAG;YACX,MAAM,CAAC,QAAQ;YACf,GAAG,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YACnD,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;SAClD,CAAC;QACF,MAAM,IAAI,GAAiB;YACzB,GAAG;YACH,IAAI,EAAE,QAAQ;YACd,QAAQ,EAAE,OAAO;YACjB,UAAU,EAAE,UAAU,CAAC,MAAM,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ;YAChF,QAAQ,EAAE,UAAU,CAAC,QAAQ;YAC7B,MAAM,EAAE,QAAQ,CAAC,QAAQ;YACzB,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,MAAM;YACN,IAAI;YACJ,IAAI;YACJ,UAAU,EAAE,UAAU,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YACnD,QAAQ,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC;YAC/C,UAAU,EAAE,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC;YACxD,KAAK;SACN,CAAC;QACF,IAAI,yBAAyB,CAAC,IAAI,EAAE,aAAa,EAAE,QAAQ,CAAC,IAAI,CAAC;YAAE,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACtF,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACzB,OAAO;QACL,SAAS,EAAE,IAAI;QACf,SAAS,EAAE,KAAK,CAAC,MAAM;QACvB,KAAK;QACL,gBAAgB,EAAE,CAAC,GAAG,OAAO,CAAC;QAC9B,cAAc,EAAE,CAAC,GAAG,KAAK,CAAC;QAC1B,SAAS,EAAE,KAAK,CAAC,SAAS;QAC1B,gBAAgB,EAAE,KAAK,CAAC,gBAAgB;QACxC,QAAQ;KACT,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CACzB,KAAgB,EAChB,OAAoB,EACpB,KAAkB;IAElB,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,MAAM,UAAU,GAAG,IAAI,GAAG,EAAoB,CAAC;IAC/C,MAAM,mBAAmB,GAAG,wBAAwB,CAAC,KAAK,CAAC,CAAC;IAC5D,IAAI,cAAc,GAAG,CAAC,CAAC;IACvB,KAAK,MAAM,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,KAAK,CAAC,KAAK,EAAE,CAAC;QACxC,KAAK,MAAM,EAAE,IAAI,KAAK,CAAC,SAAS,IAAI,EAAE,EAAE,CAAC;YACvC,MAAM,IAAI,GAAG,YAAY,CAAC,IAAI,EAAE,EAAE,EAAE,OAAO,EAAE,KAAK,CAAC,CAAC;YACpD,cAAc,IAAI,IAAI,CAAC,OAAO,CAAC,MAAM,CAAC;YACtC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACf,MAAM,IAAI,GAAG,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,CAAC;YACjD,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAChB,UAAU,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;QACtC,CAAC;IACH,CAAC;IACD,OAAO,EAAE,GAAG,EAAE,UAAU,EAAE,mBAAmB,EAAE,cAAc,EAAE,CAAC;AAClE,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAgB;IAChD,MAAM,mBAAmB,GAAG,IAAI,GAAG,EAAuB,CAAC;IAC3D,KAAK,MAAM,CAAC,MAAM,EAAE,SAAS,CAAC,IAAI,KAAK,CAAC,cAAc,EAAE,CAAC;QACvD,KAAK,MAAM,QAAQ,IAAI,SAAS,EAAE,CAAC;YACjC,MAAM,OAAO,GAAG,mBAAmB,CAAC,GAAG,CAAC,QAAQ,CAAC,IAAI,IAAI,GAAG,EAAU,CAAC;YACvE,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;YACpB,mBAAmB,CAAC,GAAG,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC7C,CAAC;IACH,CAAC;IACD,OAAO,mBAAmB,CAAC;AAC7B,CAAC;AAED,SAAS,YAAY,CACnB,IAAY,EACZ,EAAgB,EAChB,OAAoB,EACpB,KAAkB;IAElB,MAAM,OAAO,GAAG,EAAE,CAAC,SAAS,IAAI,EAAE,CAAC;IACnC,MAAM,UAAU,GAAG,EAAE,CAAC,UAAU,IAAI,EAAE,CAAC;IACvC,MAAM,MAAM,GAAG,OAAO,CAAC,CAAC,GAAG,OAAO,EAAE,GAAG,UAAU,CAAC,EAAE,OAAO,CAAC,CAAC;IAC7D,MAAM,IAAI,GAAG,OAAO,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;IACrC,OAAO;QACL,EAAE,EAAE,GAAG,IAAI,KAAK,EAAE,CAAC,IAAI,IAAI,EAAE,CAAC,IAAI,EAAE;QACpC,QAAQ,EAAE,EAAE,CAAC,IAAI;QACjB,QAAQ,EAAE,QAAQ,CAAC,EAAE,CAAC,IAAI,CAAC;QAC3B,IAAI;QACJ,IAAI,EAAE,EAAE,CAAC,IAAI;QACb,OAAO;QACP,UAAU;QACV,MAAM;QACN,IAAI;QACJ,SAAS,EAAE,MAAM,KAAK,IAAI;QAC1B,OAAO,EAAE,IAAI,KAAK,IAAI;KACvB,CAAC;AACJ,CAAC;AAED,SAAS,aAAa,CACpB,KAAa,EACb,KAAc,EACd,SAAoC,EACpC,QAAgB;IAGhB,MAAM,OAAO,GAAG,IAAI,GAAG,CAAS,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC,CAAC;IAC5C,IAAI,QAAQ,GAAoB,CAAC,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;IACjE,KAAK,IAAI,KAAK,GAAG,CAAC,EAAE,KAAK,GAAG,QAAQ,EAAE,KAAK,EAAE,EAAE,CAAC;QAC9C,MAAM,IAAI,GAAoB,EAAE,CAAC;QACjC,KAAK,MAAM,KAAK,IAAI,QAAQ,EAAE,CAAC;YAC7B,KAAK,MAAM,MAAM,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE,CAAC;gBACxC,MAAM,OAAO,GAAG,oBAAoB,CAAC,KAAK,CAAC,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,CAAC;gBAChE,KAAK,MAAM,MAAM,IAAI,OAAO,EAAE,CAAC;oBAC7B,IAAI,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC;wBAAE,SAAS;oBACrC,MAAM,IAAI,GAAG,CAAC,GAAG,KAAK,CAAC,IAAI,EAAE,MAAM,CAAC,CAAC;oBACrC,IAAI,SAAS,CAAC,MAAM,CAAC;wBAAE,OAAO,IAAI,CAAC;oBACnC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;oBACvB,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;QACH,CAAC;QACD,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;YAAE,OAAO,IAAI,CAAC;QACnC,QAAQ,GAAG,IAAI,CAAC;IAClB,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAY,EAAE,MAAc,EAAE,KAAc;IACxE,MAAM,OAAO,GAAG,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,CAAC;IACnD,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAEpC,MAAM,QAAQ,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,KAAK,IAAI,CAAC,IAAI,CAAC,CAAC;IACvE,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;QAAE,OAAO,QAAQ,CAAC;IAEzC,MAAM,aAAa,GAAG,KAAK,CAAC,mBAAmB,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC/D,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,eAAe,GAAG,OAAO,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,EAAE,CAAC,aAAa,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACnF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC;YAAE,OAAO,eAAe,CAAC;IACzD,CAAC;IAED,wEAAwE;IACxE,oEAAoE;IACpE,2DAA2D;IAC3D,IAAI,sBAAsB,CAAC,MAAM,CAAC;QAAE,OAAO,EAAE,CAAC;IAC9C,OAAO,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC;AAC7C,CAAC;AAED,MAAM,uBAAuB,GAAG,IAAI,GAAG,CAAC;IACtC,KAAK;IACL,OAAO;IACP,OAAO;IACP,OAAO;IACP,SAAS;IACT,QAAQ;IACR,QAAQ;IACR,MAAM;IACN,SAAS;IACT,QAAQ;IACR,MAAM;IACN,KAAK;IACL,QAAQ;IACR,SAAS;IACT,MAAM;IACN,MAAM;IACN,MAAM;IACN,KAAK;IACL,MAAM;IACN,OAAO;IACP,MAAM;IACN,QAAQ;IACR,QAAQ;IACR,SAAS;IACT,KAAK;IACL,MAAM;IACN,KAAK;IACL,OAAO;IACP,MAAM;IACN,QAAQ;IACR,UAAU;IACV,OAAO;CACR,CAAC,CAAC;AAEH,SAAS,sBAAsB,CAAC,MAAc;IAC5C,OAAO,uBAAuB,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,MAAM,CAAC,MAAM,IAAI,CAAC,CAAC;AACnE,CAAC;AAED,SAAS,OAAO,CAAC,MAAgB,EAAE,GAAgB;IACjD,KAAK,MAAM,KAAK,IAAI,MAAM,EAAE,CAAC;QAC3B,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;IACnC,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,QAAQ,CAAC,SAAiB;IACjC,MAAM,GAAG,GAAG,SAAS,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACvC,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,SAAS,CAAC,KAAK,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,WAAW,CAAC,KAAe;IAClC,MAAM,GAAG,GAAa,EAAE,CAAC;IACzB,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,SAAS;QAC7B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACf,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACjB,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,SAAS,YAAY,CAAC,CAAe,EAAE,CAAe;IACpD,MAAM,aAAa,GAAG,EAAE,KAAK,EAAE,CAAC,EAAE,OAAO,EAAE,CAAC,EAAE,CAAC;IAC/C,MAAM,SAAS,GAAG,EAAE,MAAM,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,UAAU,EAAE,CAAC,EAAE,CAAC;IAC1D,MAAM,aAAa,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC;IAC5E,IAAI,aAAa,KAAK,CAAC;QAAE,OAAO,aAAa,CAAC;IAC9C,MAAM,SAAS,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACxD,IAAI,SAAS,KAAK,CAAC;QAAE,OAAO,SAAS,CAAC;IACtC,IAAI,CAAC,CAAC,UAAU,KAAK,CAAC,CAAC,UAAU;QAAE,OAAO,CAAC,CAAC,UAAU,GAAG,CAAC,CAAC,UAAU,CAAC;IACtE,OAAO,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;AACpC,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { CodeGraph } from './codeGraph.js';
|
|
2
|
+
import type { DataflowRisk } from '../types.js';
|
|
3
|
+
export interface DataflowRiskFilterContext {
|
|
4
|
+
graph: CodeGraph;
|
|
5
|
+
customSources: Set<string>;
|
|
6
|
+
customSinks: Set<string>;
|
|
7
|
+
includeTests: boolean;
|
|
8
|
+
includeBroadFileIo: boolean;
|
|
9
|
+
}
|
|
10
|
+
export declare function shouldIncludeDataflowRisk(risk: DataflowRisk, context: DataflowRiskFilterContext, sinkFile?: string): boolean;
|
|
@@ -0,0 +1,46 @@
|
|
|
1
|
+
const BROAD_FILE_IO_DATAFLOW_SOURCES = new Set(['readFile', 'readFileSync']);
|
|
2
|
+
const BROAD_FILE_IO_DATAFLOW_SINKS = new Set(['writeFile', 'writeFileSync', 'unlink', 'rm', 'rmSync']);
|
|
3
|
+
const JAVASCRIPT_CHILD_PROCESS_SINKS = new Set(['exec', 'execSync', 'spawn', 'spawnSync']);
|
|
4
|
+
export function shouldIncludeDataflowRisk(risk, context, sinkFile = risk.files[risk.files.length - 1]) {
|
|
5
|
+
if (!context.includeTests && risk.files.some(isTestLikePath))
|
|
6
|
+
return false;
|
|
7
|
+
if (!context.includeBroadFileIo && isDefaultBroadFileIoRisk(risk, context))
|
|
8
|
+
return false;
|
|
9
|
+
if (isDefaultMisidentifiedJavaScriptShellSink(risk, context, sinkFile))
|
|
10
|
+
return false;
|
|
11
|
+
return true;
|
|
12
|
+
}
|
|
13
|
+
function isDefaultBroadFileIoRisk(risk, context) {
|
|
14
|
+
const defaultSource = !context.customSources.has(risk.source);
|
|
15
|
+
const defaultSink = !context.customSinks.has(risk.sink);
|
|
16
|
+
if (!defaultSource || !defaultSink)
|
|
17
|
+
return false;
|
|
18
|
+
return (BROAD_FILE_IO_DATAFLOW_SOURCES.has(risk.source) ||
|
|
19
|
+
BROAD_FILE_IO_DATAFLOW_SINKS.has(risk.sink));
|
|
20
|
+
}
|
|
21
|
+
function isDefaultMisidentifiedJavaScriptShellSink(risk, context, sinkFile) {
|
|
22
|
+
if (!sinkFile)
|
|
23
|
+
return false;
|
|
24
|
+
if (context.customSinks.has(risk.sink))
|
|
25
|
+
return false;
|
|
26
|
+
if (!JAVASCRIPT_CHILD_PROCESS_SINKS.has(risk.sink))
|
|
27
|
+
return false;
|
|
28
|
+
const entry = context.graph.files.get(sinkFile);
|
|
29
|
+
if (!entry || !isJavaScriptLikeFile(sinkFile, entry.adapterId))
|
|
30
|
+
return false;
|
|
31
|
+
return !entry.imports.some((imp) => (imp.source === 'node:child_process' || imp.source === 'child_process') &&
|
|
32
|
+
(imp.specifiers.includes(risk.sink) || imp.specifiers.length === 0));
|
|
33
|
+
}
|
|
34
|
+
function isJavaScriptLikeFile(file, adapterId) {
|
|
35
|
+
return adapterId === 'javascript' || /\.(?:cjs|mjs|js|jsx|ts|tsx)$/.test(file);
|
|
36
|
+
}
|
|
37
|
+
function isTestLikePath(file) {
|
|
38
|
+
const normalized = file.replace(/\\/g, '/');
|
|
39
|
+
return (normalized.startsWith('test/') ||
|
|
40
|
+
normalized.startsWith('tests/') ||
|
|
41
|
+
normalized.includes('/test/') ||
|
|
42
|
+
normalized.includes('/tests/') ||
|
|
43
|
+
normalized.includes('/__tests__/') ||
|
|
44
|
+
/\.(test|spec)\.[^/]+$/.test(normalized));
|
|
45
|
+
}
|
|
46
|
+
//# sourceMappingURL=dataflowFilters.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"dataflowFilters.js","sourceRoot":"","sources":["../../src/core/dataflowFilters.ts"],"names":[],"mappings":"AAWA,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAC,CAAC,UAAU,EAAE,cAAc,CAAC,CAAC,CAAC;AAC7E,MAAM,4BAA4B,GAAG,IAAI,GAAG,CAAC,CAAC,WAAW,EAAE,eAAe,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,CAAC,CAAC,CAAC;AACvG,MAAM,8BAA8B,GAAG,IAAI,GAAG,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC,CAAC;AAE3F,MAAM,UAAU,yBAAyB,CACvC,IAAkB,EAClB,OAAkC,EAClC,QAAQ,GAAG,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC;IAE5C,IAAI,CAAC,OAAO,CAAC,YAAY,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,cAAc,CAAC;QAAE,OAAO,KAAK,CAAC;IAC3E,IAAI,CAAC,OAAO,CAAC,kBAAkB,IAAI,wBAAwB,CAAC,IAAI,EAAE,OAAO,CAAC;QAAE,OAAO,KAAK,CAAC;IACzF,IAAI,yCAAyC,CAAC,IAAI,EAAE,OAAO,EAAE,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IACrF,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,wBAAwB,CAAC,IAAkB,EAAE,OAAkC;IACtF,MAAM,aAAa,GAAG,CAAC,OAAO,CAAC,aAAa,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IAC9D,MAAM,WAAW,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxD,IAAI,CAAC,aAAa,IAAI,CAAC,WAAW;QAAE,OAAO,KAAK,CAAC;IACjD,OAAO,CACL,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC;QAC/C,4BAA4B,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,CAC5C,CAAC;AACJ,CAAC;AAED,SAAS,yCAAyC,CAChD,IAAkB,EAClB,OAAkC,EAClC,QAA4B;IAE5B,IAAI,CAAC,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC5B,IAAI,OAAO,CAAC,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACrD,IAAI,CAAC,8BAA8B,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC;QAAE,OAAO,KAAK,CAAC;IACjE,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IAChD,IAAI,CAAC,KAAK,IAAI,CAAC,oBAAoB,CAAC,QAAQ,EAAE,KAAK,CAAC,SAAS,CAAC;QAAE,OAAO,KAAK,CAAC;IAC7E,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,IAAI,CACxB,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,GAAG,CAAC,MAAM,KAAK,oBAAoB,IAAI,GAAG,CAAC,MAAM,KAAK,eAAe,CAAC;QACvE,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,GAAG,CAAC,UAAU,CAAC,MAAM,KAAK,CAAC,CAAC,CACtE,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,IAAY,EAAE,SAAkB;IAC5D,OAAO,SAAS,KAAK,YAAY,IAAI,8BAA8B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AACjF,CAAC;AAED,SAAS,cAAc,CAAC,IAAY;IAClC,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;IAC5C,OAAO,CACL,UAAU,CAAC,UAAU,CAAC,OAAO,CAAC;QAC9B,UAAU,CAAC,UAAU,CAAC,QAAQ,CAAC;QAC/B,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;QAC7B,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC;QAC9B,UAAU,CAAC,QAAQ,CAAC,aAAa,CAAC;QAClC,uBAAuB,CAAC,IAAI,CAAC,UAAU,CAAC,CACzC,CAAC;AACJ,CAAC"}
|