projscan 3.4.1 → 3.5.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -20
- package/dist/cli/commands/plugin.js +124 -0
- package/dist/cli/commands/plugin.js.map +1 -1
- package/dist/core/pluginTrust.d.ts +56 -0
- package/dist/core/pluginTrust.js +138 -0
- package/dist/core/pluginTrust.js.map +1 -0
- package/dist/core/plugins.d.ts +1 -1
- package/dist/core/plugins.js +33 -0
- package/dist/core/plugins.js.map +1 -1
- package/dist/core/privacy.js +2 -2
- package/dist/core/privacy.js.map +1 -1
- package/dist/fixes/eslintFix.js +6 -2
- package/dist/fixes/eslintFix.js.map +1 -1
- package/dist/fixes/prettierFix.js +5 -2
- package/dist/fixes/prettierFix.js.map +1 -1
- package/dist/fixes/testFix.js +8 -2
- package/dist/fixes/testFix.js.map +1 -1
- package/dist/mcp/tools/plugin.js +24 -16
- package/dist/mcp/tools/plugin.js.map +1 -1
- package/dist/projscan-sbom.cdx.json +6 -6
- package/dist/tool-manifest.json +3 -3
- package/dist/utils/formatSupport.d.ts +2 -0
- package/dist/utils/formatSupport.js +2 -0
- package/dist/utils/formatSupport.js.map +1 -1
- package/docs/PLUGIN-AUTHORING.md +35 -6
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -9,9 +9,9 @@
|
|
|
9
9
|
|
|
10
10
|
**Agent-first code intelligence.** An MCP server that lets AI coding agents (Claude Code, Codex, Cursor, Gemini, Windsurf, Cline, Continue, Zed — any MCP-aware client) query your codebase — with a CLI for humans and a local plugin layer for team-specific policy and reporting.
|
|
11
11
|
|
|
12
|
-
[AI Agent Quick Start](#ai-agent-integration-mcp) · [CLI Quick Start](#quick-start) · [Commands](#commands) · [Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
12
|
+
[AI Agent Quick Start](#ai-agent-integration-mcp) · [CLI Quick Start](#quick-start) · [Commands](#commands) · [Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/GUIDE.md) · [Roadmap](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/ROADMAP.md)
|
|
13
13
|
|
|
14
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
14
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/projscan-reporter-plugin.png" alt="projscan reporter plugin running in a macOS-style terminal window with a team health summary" width="700">
|
|
15
15
|
|
|
16
16
|
</div>
|
|
17
17
|
|
|
@@ -33,7 +33,7 @@ The local plugin platform lets teams add project-specific findings and render `d
|
|
|
33
33
|
npx projscan
|
|
34
34
|
```
|
|
35
35
|
|
|
36
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
36
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/projscan-reporter-plugin.gif" alt="projscan doctor rendered through a local reporter plugin in a macOS-style terminal window" width="700">
|
|
37
37
|
|
|
38
38
|
Run `projscan doctor` for a focused health check:
|
|
39
39
|
|
|
@@ -41,7 +41,7 @@ Run `projscan doctor` for a focused health check:
|
|
|
41
41
|
npx projscan doctor
|
|
42
42
|
```
|
|
43
43
|
|
|
44
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
44
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20doctor.gif" alt="npx projscan doctor" width="700">
|
|
45
45
|
|
|
46
46
|
## Install
|
|
47
47
|
|
|
@@ -94,9 +94,9 @@ npm run test:trust-smoke
|
|
|
94
94
|
|
|
95
95
|
The full command catalog is below. Most users should start with the five-command path above instead of scanning the catalog.
|
|
96
96
|
|
|
97
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
97
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20--help.gif" alt="npx projscan --help" width="700">
|
|
98
98
|
|
|
99
|
-
For a comprehensive walkthrough, see the **[Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
99
|
+
For a comprehensive walkthrough, see the **[Full Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/GUIDE.md)**.
|
|
100
100
|
|
|
101
101
|
## Repo Understanding
|
|
102
102
|
|
|
@@ -177,31 +177,31 @@ projscan --help
|
|
|
177
177
|
<details>
|
|
178
178
|
<summary><strong>projscan structure</strong> - Directory tree with file counts</summary>
|
|
179
179
|
|
|
180
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
180
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20structure.gif" alt="npx projscan structure" width="700">
|
|
181
181
|
</details>
|
|
182
182
|
|
|
183
183
|
<details>
|
|
184
184
|
<summary><strong>projscan diagram</strong> - Architecture visualization</summary>
|
|
185
185
|
|
|
186
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
186
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20diagram.gif" alt="npx projscan diagram" width="700">
|
|
187
187
|
</details>
|
|
188
188
|
|
|
189
189
|
<details>
|
|
190
190
|
<summary><strong>projscan dependencies</strong> - Dependency analysis</summary>
|
|
191
191
|
|
|
192
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
192
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20dependencies.gif" alt="npx projscan dependencies" width="700">
|
|
193
193
|
</details>
|
|
194
194
|
|
|
195
195
|
<details>
|
|
196
196
|
<summary><strong>projscan explain</strong> - File explanation</summary>
|
|
197
197
|
|
|
198
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
198
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20explain.gif" alt="npx projscan explain" width="700">
|
|
199
199
|
</details>
|
|
200
200
|
|
|
201
201
|
<details>
|
|
202
202
|
<summary><strong>projscan badge</strong> - Health badge generation</summary>
|
|
203
203
|
|
|
204
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
204
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20badge.gif" alt="npx projscan badge" width="700">
|
|
205
205
|
</details>
|
|
206
206
|
|
|
207
207
|
### Output Formats
|
|
@@ -223,7 +223,7 @@ Run `projscan help` for the generated command-by-command support matrix.
|
|
|
223
223
|
|
|
224
224
|
projscan can load local plugins from `.projscan-plugins/` when `PROJSCAN_PLUGINS_PREVIEW=1` is set. The environment flag is kept for explicit local-code opt-in. Analyzer plugins emit normal projscan issues; reporter plugins render supported CLI commands with team-specific output.
|
|
225
225
|
|
|
226
|
-
**2.0 upgrade notes:** migrating from 1.x or authoring plugins? Start with the [2.0 Migration Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
226
|
+
**2.0 upgrade notes:** migrating from 1.x or authoring plugins? Start with the [2.0 Migration Guide](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/2.0-MIGRATION.md), then use [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/PLUGIN-AUTHORING.md), the [Plugin Gallery](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/PLUGIN-GALLERY.md), and the [manifest schema](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/plugin.schema.json) as the stable contract.
|
|
227
227
|
|
|
228
228
|
```bash
|
|
229
229
|
projscan plugin list
|
|
@@ -234,9 +234,9 @@ PROJSCAN_PLUGINS_PREVIEW=1 projscan doctor --reporter team-radar
|
|
|
234
234
|
PROJSCAN_PLUGINS_PREVIEW=1 projscan ci --reporter team-radar --min-score 80
|
|
235
235
|
```
|
|
236
236
|
|
|
237
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
237
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/projscan-reporter-plugin.gif" alt="projscan local reporter plugin rendering a team health report" width="700">
|
|
238
238
|
|
|
239
|
-
Reporter plugins are intentionally CLI-only. MCP tools keep returning structured JSON-compatible payloads so agents can reason over stable data, while humans can get a polished local report for their team. Custom presentation, team-branded summaries, and white-label reports belong in reporter plugins rather than new core HTML theming flags. See [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
239
|
+
Reporter plugins are intentionally CLI-only. MCP tools keep returning structured JSON-compatible payloads so agents can reason over stable data, while humans can get a polished local report for their team. Custom presentation, team-branded summaries, and white-label reports belong in reporter plugins rather than new core HTML theming flags. See [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/PLUGIN-AUTHORING.md) for manifest shape, `render(context)`, validation, and the trust model.
|
|
240
240
|
|
|
241
241
|
### Options
|
|
242
242
|
|
|
@@ -401,7 +401,7 @@ If you read projscan's [Socket report](https://socket.dev/npm/package/projscan),
|
|
|
401
401
|
### Audit it yourself
|
|
402
402
|
|
|
403
403
|
- **Source is open** at [github.com/abhiyoheswaran1/projscan](https://github.com/abhiyoheswaran1/projscan). The npm tarball matches the `dist/` produced by `npm run build` at the matching tag.
|
|
404
|
-
- **Public API surface is locked** by `scripts/check-stability.mjs`, which runs in CI on every PR and fails on any rename or removal of an MCP tool, CLI command, or exit code. See [`docs/STABILITY.md`](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
404
|
+
- **Public API surface is locked** by `scripts/check-stability.mjs`, which runs in CI on every PR and fails on any rename or removal of an MCP tool, CLI command, or exit code. See [`docs/STABILITY.md`](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/STABILITY.md).
|
|
405
405
|
- **Run it offline:** `npm install -g projscan` followed by anything except `audit` and `--mode semantic` works without network.
|
|
406
406
|
- **Drop privilege further:** in CI, run projscan in a sandbox that disallows network egress; everything except `audit` will pass.
|
|
407
407
|
|
|
@@ -452,7 +452,7 @@ projscan ci --changed-only # Gate only on this PR's diff
|
|
|
452
452
|
projscan ci --format sarif > projscan.sarif # SARIF for Code Scanning
|
|
453
453
|
```
|
|
454
454
|
|
|
455
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
455
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20ci%20--min-score%2070.gif" alt="npx projscan ci --min-score 70" width="700">
|
|
456
456
|
|
|
457
457
|
### GitHub Action (recommended)
|
|
458
458
|
|
|
@@ -529,7 +529,7 @@ Fields:
|
|
|
529
529
|
- `hotspots.limit` / `hotspots.since` - defaults for the `hotspots` command
|
|
530
530
|
- `monorepo.importPolicy` - cross-package import allow/deny rules in monorepos *(0.14+)*
|
|
531
531
|
|
|
532
|
-
See [`docs/GUIDE.md` → Configuration](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
532
|
+
See [`docs/GUIDE.md` → Configuration](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/GUIDE.md#configuration-projscanrc) for the full reference (field types, validation behavior, embedding config in `package.json`, monorepo `importPolicy` semantics).
|
|
533
533
|
|
|
534
534
|
## Tracking Health Over Time
|
|
535
535
|
|
|
@@ -542,7 +542,7 @@ projscan diff # Compare against baseline
|
|
|
542
542
|
projscan diff --format markdown # Markdown diff for PRs
|
|
543
543
|
```
|
|
544
544
|
|
|
545
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
545
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/npx%20projscan%20diff%20--save-baseline.gif" alt="npx projscan diff --save-baseline" width="700">
|
|
546
546
|
|
|
547
547
|
## Hotspots - Where to Fix First
|
|
548
548
|
|
|
@@ -631,7 +631,7 @@ Coverage is also automatically joined into `projscan hotspots` when one of those
|
|
|
631
631
|
|
|
632
632
|
**This is the primary way to use projscan.** `projscan mcp` starts an [MCP](https://modelcontextprotocol.io) server over stdio so AI coding agents can query your codebase with real structural accuracy - not regex, not grep.
|
|
633
633
|
|
|
634
|
-
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.
|
|
634
|
+
<img src="https://raw.githubusercontent.com/abhiyoheswaran1/projscan/v3.5.0/docs/projscan-agent-demo.gif" alt="projscan answering two agent questions: what breaks if I rename buildCodeGraph (impact analysis with definitions, direct callers, transitive reach), and where should I fix first (ranked hotspots with cyclomatic complexity)" width="700">
|
|
635
635
|
|
|
636
636
|
Two questions an agent asks; structural answers in milliseconds. *"What breaks if I rename `buildCodeGraph`?"* → 31 direct callers, 97 files reachable. *"Where should I fix first?"* → ranked hotspots with AST cyclomatic complexity, churn, and ownership signals.
|
|
637
637
|
|
|
@@ -830,7 +830,7 @@ Capability is advertised under `experimental.fileChanged` on `initialize` so cli
|
|
|
830
830
|
- **`projscan_apply_fix`** *(1.6)* - mechanically execute the safe fix templates. Default is dry-run; pass `confirm: true` to write. Atomic writes, per-apply rollback record at `.projscan-cache/rollbacks/<id>.json`. Reverse with `action: "rollback", rollback_id: ...`. Six templates supported at this release: `unused-dependency-*`, `missing-test-framework`, `missing-eslint`, `missing-prettier`, `missing-editorconfig`, `missing-readme`.
|
|
831
831
|
- **`projscan_taint`** *(1.6)* - source-to-sink reachability over the per-function call graph. Built-in defaults cover common JS / Python sources (`process.env`, `req.body`, etc.) and sinks (`exec`, `eval`, `db.query`, etc.). Project-specific names go in `.projscanrc.json` `taint`. `projscan_review` automatically diffs taint flows between base and head and **blocks any PR that introduces a new flow**. In 3.0.2, review surfaces hardened `newDataflowRisks`, compact `graphEvidence`, and graph-readiness gates for safer handoff.
|
|
832
832
|
|
|
833
|
-
Analyzer plugins can optionally read graph/dataflow context through `check(rootPath, files, context)` while staying on manifest schema v1. The packaged `graph-context` example shows `context.getSemanticGraph()` and `context.getDataflow()` in a real analyzer. For analyzer and reporter plugin authoring, manifest validation, `--reporter <name>`, and the trust model, see [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.
|
|
833
|
+
Analyzer plugins can optionally read graph/dataflow context through `check(rootPath, files, context)` while staying on manifest schema v1. The packaged `graph-context` example shows `context.getSemanticGraph()` and `context.getDataflow()` in a real analyzer. For analyzer and reporter plugin authoring, manifest validation, `--reporter <name>`, and the trust model, see [Plugin Authoring](https://github.com/abhiyoheswaran1/projscan/blob/v3.5.0/docs/PLUGIN-AUTHORING.md).
|
|
834
834
|
|
|
835
835
|
### Context-window budgeting
|
|
836
836
|
|
|
@@ -3,6 +3,7 @@ import path from 'node:path';
|
|
|
3
3
|
import { program, getRootPath, setupLogLevel, maybeCompactBanner, assertFormatSupported } from '../_shared.js';
|
|
4
4
|
import { PLUGIN_PREVIEW_FLAG, discoverPluginManifests, pluginsEnabled, readPluginManifestFile, } from '../../core/plugins.js';
|
|
5
5
|
import { initPlugin, testPlugin } from '../../core/pluginDx.js';
|
|
6
|
+
import { getPluginTrustStatus, trustPlugin, untrustPlugin, } from '../../core/pluginTrust.js';
|
|
6
7
|
/**
|
|
7
8
|
* `projscan plugin` — list and validate stable local plugins under
|
|
8
9
|
* `<root>/.projscan-plugins/`. Execution is opt-in via
|
|
@@ -44,6 +45,30 @@ export function registerPlugin() {
|
|
|
44
45
|
.action(async (manifest, cmdOpts) => {
|
|
45
46
|
await runTest(manifest, cmdOpts);
|
|
46
47
|
});
|
|
48
|
+
plugin
|
|
49
|
+
.command('trust [name]')
|
|
50
|
+
.description('Approve a plugin module for execution (trust-on-first-use)')
|
|
51
|
+
.option('--all', 'trust every valid discovered plugin')
|
|
52
|
+
.action(async (name, cmdOpts) => {
|
|
53
|
+
await runTrust(name, cmdOpts);
|
|
54
|
+
});
|
|
55
|
+
plugin
|
|
56
|
+
.command('untrust <name>')
|
|
57
|
+
.description('Revoke a previously trusted plugin module')
|
|
58
|
+
.action(async (name) => {
|
|
59
|
+
await runUntrust(name);
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
/** Absolute path to a manifest's module entry point. */
|
|
63
|
+
function moduleEntryPath(entry) {
|
|
64
|
+
return path.resolve(path.dirname(entry.manifestPath), entry.manifest.module);
|
|
65
|
+
}
|
|
66
|
+
function trustGlyph(status) {
|
|
67
|
+
if (status === 'trusted')
|
|
68
|
+
return chalk.green('trusted');
|
|
69
|
+
if (status === 'changed')
|
|
70
|
+
return chalk.yellow('changed — re-approve');
|
|
71
|
+
return chalk.red('untrusted');
|
|
47
72
|
}
|
|
48
73
|
async function runList() {
|
|
49
74
|
setupLogLevel();
|
|
@@ -52,6 +77,15 @@ async function runList() {
|
|
|
52
77
|
const format = assertFormatSupported('plugin list');
|
|
53
78
|
const entries = await discoverPluginManifests(rootPath);
|
|
54
79
|
const enabled = pluginsEnabled();
|
|
80
|
+
// Resolve trust status for every valid manifest so both output formats can
|
|
81
|
+
// show whether a discovered plugin would actually execute.
|
|
82
|
+
const trustByManifest = new Map();
|
|
83
|
+
await Promise.all(entries.map(async (e) => {
|
|
84
|
+
if (!e.manifest)
|
|
85
|
+
return;
|
|
86
|
+
const status = await getPluginTrustStatus(moduleEntryPath(e));
|
|
87
|
+
trustByManifest.set(e.manifestPath, status.status);
|
|
88
|
+
}));
|
|
55
89
|
if (format === 'json') {
|
|
56
90
|
console.log(JSON.stringify({
|
|
57
91
|
enabled,
|
|
@@ -60,6 +94,7 @@ async function runList() {
|
|
|
60
94
|
manifestPath: e.manifestPath,
|
|
61
95
|
ok: e.manifest !== null,
|
|
62
96
|
manifest: e.manifest,
|
|
97
|
+
trust: trustByManifest.get(e.manifestPath) ?? null,
|
|
63
98
|
error: e.error,
|
|
64
99
|
diagnostic: e.diagnostic,
|
|
65
100
|
})),
|
|
@@ -82,6 +117,8 @@ async function runList() {
|
|
|
82
117
|
console.log(` ${chalk.green('✓')} ${chalk.bold(e.manifest.name)} ${chalk.dim(`(${detail})`)}`);
|
|
83
118
|
console.log(chalk.dim(` ${e.manifestPath}`));
|
|
84
119
|
console.log(chalk.dim(` module: ${e.manifest.module}`));
|
|
120
|
+
const status = trustByManifest.get(e.manifestPath) ?? 'untrusted';
|
|
121
|
+
console.log(` trust: ${trustGlyph(status)}`);
|
|
85
122
|
}
|
|
86
123
|
else {
|
|
87
124
|
console.log(` ${chalk.red('✗')} ${e.manifestPath}`);
|
|
@@ -95,6 +132,93 @@ async function runList() {
|
|
|
95
132
|
console.log('');
|
|
96
133
|
console.log(chalk.dim(` Discovered but inactive. Set ${PLUGIN_PREVIEW_FLAG}=1 in the environment to enable local plugin execution.`));
|
|
97
134
|
}
|
|
135
|
+
const anyUntrusted = [...trustByManifest.values()].some((s) => s !== 'trusted');
|
|
136
|
+
if (anyUntrusted) {
|
|
137
|
+
console.log('');
|
|
138
|
+
console.log(chalk.dim(' Untrusted plugins are never executed. Approve one with `projscan plugin trust <name>` (or `--all`).'));
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
async function runTrust(name, cmdOpts) {
|
|
142
|
+
setupLogLevel();
|
|
143
|
+
maybeCompactBanner();
|
|
144
|
+
const format = assertFormatSupported('plugin trust');
|
|
145
|
+
const rootPath = getRootPath();
|
|
146
|
+
const valid = (await discoverPluginManifests(rootPath)).filter((e) => e.manifest !== null);
|
|
147
|
+
let targets;
|
|
148
|
+
if (cmdOpts.all) {
|
|
149
|
+
targets = valid;
|
|
150
|
+
}
|
|
151
|
+
else if (!name) {
|
|
152
|
+
fail(format, 'plugin trust requires a <name> or --all.');
|
|
153
|
+
return;
|
|
154
|
+
}
|
|
155
|
+
else {
|
|
156
|
+
const match = valid.find((e) => e.manifest.name === name);
|
|
157
|
+
if (!match) {
|
|
158
|
+
fail(format, `No valid plugin named "${name}" under .projscan-plugins/.`);
|
|
159
|
+
return;
|
|
160
|
+
}
|
|
161
|
+
targets = [match];
|
|
162
|
+
}
|
|
163
|
+
if (targets.length === 0) {
|
|
164
|
+
fail(format, 'No valid plugins found under .projscan-plugins/ to trust.');
|
|
165
|
+
return;
|
|
166
|
+
}
|
|
167
|
+
const results = [];
|
|
168
|
+
for (const e of targets) {
|
|
169
|
+
const modulePath = moduleEntryPath(e);
|
|
170
|
+
try {
|
|
171
|
+
const entry = await trustPlugin(modulePath, e.manifest.name);
|
|
172
|
+
results.push({ name: e.manifest.name, ok: true, sha256: entry.sha256 });
|
|
173
|
+
}
|
|
174
|
+
catch (err) {
|
|
175
|
+
results.push({ name: e.manifest.name, ok: false, error: err instanceof Error ? err.message : String(err) });
|
|
176
|
+
}
|
|
177
|
+
}
|
|
178
|
+
if (format === 'json') {
|
|
179
|
+
console.log(JSON.stringify({ ok: results.every((r) => r.ok), trusted: results }, null, 2));
|
|
180
|
+
if (!results.every((r) => r.ok))
|
|
181
|
+
process.exit(1);
|
|
182
|
+
return;
|
|
183
|
+
}
|
|
184
|
+
for (const r of results) {
|
|
185
|
+
if (r.ok) {
|
|
186
|
+
console.log(`${chalk.green('✓')} trusted ${chalk.bold(r.name)} ${chalk.dim(`(sha256:${r.sha256?.slice(0, 12)}…)`)}`);
|
|
187
|
+
}
|
|
188
|
+
else {
|
|
189
|
+
console.error(`${chalk.red('✗')} ${r.name}: ${r.error}`);
|
|
190
|
+
}
|
|
191
|
+
}
|
|
192
|
+
if (!results.every((r) => r.ok))
|
|
193
|
+
process.exit(1);
|
|
194
|
+
}
|
|
195
|
+
async function runUntrust(name) {
|
|
196
|
+
setupLogLevel();
|
|
197
|
+
maybeCompactBanner();
|
|
198
|
+
const format = assertFormatSupported('plugin untrust');
|
|
199
|
+
const rootPath = getRootPath();
|
|
200
|
+
const match = (await discoverPluginManifests(rootPath)).find((e) => e.manifest?.name === name);
|
|
201
|
+
if (!match) {
|
|
202
|
+
fail(format, `No valid plugin named "${name}" under .projscan-plugins/.`);
|
|
203
|
+
return;
|
|
204
|
+
}
|
|
205
|
+
const removed = await untrustPlugin(moduleEntryPath(match));
|
|
206
|
+
if (format === 'json') {
|
|
207
|
+
console.log(JSON.stringify({ ok: true, name, removed }, null, 2));
|
|
208
|
+
return;
|
|
209
|
+
}
|
|
210
|
+
console.log(removed
|
|
211
|
+
? `${chalk.green('✓')} revoked trust for ${chalk.bold(name)}`
|
|
212
|
+
: chalk.dim(` ${name} was not trusted; nothing to revoke.`));
|
|
213
|
+
}
|
|
214
|
+
function fail(format, message) {
|
|
215
|
+
if (format === 'json') {
|
|
216
|
+
console.log(JSON.stringify({ ok: false, error: message }, null, 2));
|
|
217
|
+
}
|
|
218
|
+
else {
|
|
219
|
+
console.error(chalk.red(message));
|
|
220
|
+
}
|
|
221
|
+
process.exit(1);
|
|
98
222
|
}
|
|
99
223
|
async function runValidate(manifestPath) {
|
|
100
224
|
setupLogLevel();
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../../../src/cli/commands/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAC/G,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,cAAc,EACd,sBAAsB,GAEvB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAEhE;;;;GAIG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,MAAM,GAAG,OAAO;SACnB,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,qCAAqC,CAAC;SAClD,MAAM,CAAC,KAAK,IAAI,EAAE;QACjB,MAAM,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,qDAAqD,CAAC;SAClE,MAAM,CAAC,KAAK,IAAI,EAAE;QACjB,MAAM,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,qBAAqB,CAAC;SAC9B,WAAW,CAAC,6DAA6D,CAAC;SAC1E,MAAM,CAAC,KAAK,EAAE,QAAgB,EAAE,EAAE;QACjC,MAAM,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,8CAA8C,CAAC;SAC3D,MAAM,CAAC,eAAe,EAAE,mCAAmC,EAAE,UAAU,CAAC;SACxE,MAAM,CAAC,eAAe,EAAE,aAAa,EAAE,QAAQ,CAAC;SAChD,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QACxB,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,iBAAiB,CAAC;SAC1B,WAAW,CAAC,sFAAsF,CAAC;SACnG,MAAM,CAAC,kBAAkB,EAAE,mCAAmC,CAAC;SAC/D,MAAM,CAAC,WAAW,EAAE,0DAA0D,CAAC;SAC/E,MAAM,CAAC,mBAAmB,EAAE,oDAAoD,CAAC;SACjF,MAAM,CAAC,KAAK,EAAE,QAAgB,EAAE,OAAO,EAAE,EAAE;QAC1C,MAAM,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;AACP,CAAC;AAED,KAAK,UAAU,OAAO;IACpB,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,cAAc,EAAE,CAAC;IACjC,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;YACE,OAAO;YACP,OAAO,EAAE,mBAAmB;YAC5B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,YAAY,EAAE,CAAC,CAAC,YAAY;gBAC5B,EAAE,EAAE,CAAC,CAAC,QAAQ,KAAK,IAAI;gBACvB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,UAAU,EAAE,CAAC,CAAC,UAAU;aACzB,CAAC,CAAC;SACJ,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACF,OAAO;IACT,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CACT,wBAAwB,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,mBAAmB,KAAK,CAAC,EAAE,CACpH,CAAC;IACF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC,CAAC;QACxE,OAAO;IACT,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;YACf,MAAM,MAAM,GACV,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;gBAC5B,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;gBAC9C,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC,CAAC;YAChG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC/D,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;YACrD,IAAI,CAAC,CAAC,UAAU;gBAAE,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;;gBAC3C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CACP,kCAAkC,mBAAmB,yDAAyD,CAC/G,CACF,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,YAAoB;IAC7C,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,iBAAiB,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzE,MAAM,CAAC,GAAG,MAAM,sBAAsB,CAAC,oBAAoB,CAAC,CAAC;IAC7D,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,EACpG,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACF,IAAI,CAAC,CAAC,CAAC,EAAE;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3B,OAAO;IACT,CAAC;IACD,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC;QACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,8BAA8B,CAAC,CAAC,QAAQ,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC;IACvG,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC3D,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,OAAyC;IAC9D,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACxE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;QACtF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACpF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACtE,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC7E,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,YAAoB,EAAE,OAA0E;IACrH,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzE,MAAM,WAAW,GACf,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;QACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC;QACzC,CAAC,CAAC,QAAQ,CAAC;IACf,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,cAAc,KAAK,IAAI,CAAC;IAC5E,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,oBAAoB,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,EAAE;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,OAAO;IACT,CAAC;IACD,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,mCAAmC,CAAC,CAAC,CAAC;YAC/E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,MAAM,CAAC,QAAQ,CAAC,OAAO,iCAAiC,CAAC,CAAC,CAAC;YAC7G,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,iCAAiC,CAAC,CAAC,CAAC;QAC7E,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChF,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7G,CAAC;QACD,OAAO;IACT,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,YAAY,sBAAsB,CAAC,CAAC,CAAC;IAClE,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAC3E,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,UAAU;QAAE,OAAO,KAAK,CAAC;IAC/D,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;IACjE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC,CAAC;IAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAgB,EAAE,YAAoB;IACjE,OAAO,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;AAC7F,CAAC;AAED,SAAS,eAAe,CAAC,UAA4B;IACnD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAC7E,IAAI,UAAU,CAAC,IAAI;QAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;AAClF,CAAC"}
|
|
1
|
+
{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../../../src/cli/commands/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,MAAM,OAAO,CAAC;AAC1B,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,OAAO,EAAE,WAAW,EAAE,aAAa,EAAE,kBAAkB,EAAE,qBAAqB,EAAE,MAAM,eAAe,CAAC;AAC/G,OAAO,EACL,mBAAmB,EACnB,uBAAuB,EACvB,cAAc,EACd,sBAAsB,GAIvB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,UAAU,EAAE,UAAU,EAAE,MAAM,wBAAwB,CAAC;AAChE,OAAO,EACL,oBAAoB,EACpB,WAAW,EACX,aAAa,GAEd,MAAM,2BAA2B,CAAC;AAEnC;;;;GAIG;AACH,MAAM,UAAU,cAAc;IAC5B,MAAM,MAAM,GAAG,OAAO;SACnB,OAAO,CAAC,QAAQ,CAAC;SACjB,WAAW,CAAC,qCAAqC,CAAC;SAClD,MAAM,CAAC,KAAK,IAAI,EAAE;QACjB,MAAM,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,qDAAqD,CAAC;SAClE,MAAM,CAAC,KAAK,IAAI,EAAE;QACjB,MAAM,OAAO,EAAE,CAAC;IAClB,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,qBAAqB,CAAC;SAC9B,WAAW,CAAC,6DAA6D,CAAC;SAC1E,MAAM,CAAC,KAAK,EAAE,QAAgB,EAAE,EAAE;QACjC,MAAM,WAAW,CAAC,QAAQ,CAAC,CAAC;IAC9B,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,MAAM,CAAC;SACf,WAAW,CAAC,8CAA8C,CAAC;SAC3D,MAAM,CAAC,eAAe,EAAE,mCAAmC,EAAE,UAAU,CAAC;SACxE,MAAM,CAAC,eAAe,EAAE,aAAa,EAAE,QAAQ,CAAC;SAChD,MAAM,CAAC,KAAK,EAAE,OAAO,EAAE,EAAE;QACxB,MAAM,OAAO,CAAC,OAAO,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,iBAAiB,CAAC;SAC1B,WAAW,CAAC,sFAAsF,CAAC;SACnG,MAAM,CAAC,kBAAkB,EAAE,mCAAmC,CAAC;SAC/D,MAAM,CAAC,WAAW,EAAE,0DAA0D,CAAC;SAC/E,MAAM,CAAC,mBAAmB,EAAE,oDAAoD,CAAC;SACjF,MAAM,CAAC,KAAK,EAAE,QAAgB,EAAE,OAAO,EAAE,EAAE;QAC1C,MAAM,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IACnC,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,cAAc,CAAC;SACvB,WAAW,CAAC,4DAA4D,CAAC;SACzE,MAAM,CAAC,OAAO,EAAE,qCAAqC,CAAC;SACtD,MAAM,CAAC,KAAK,EAAE,IAAwB,EAAE,OAA0B,EAAE,EAAE;QACrE,MAAM,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEL,MAAM;SACH,OAAO,CAAC,gBAAgB,CAAC;SACzB,WAAW,CAAC,2CAA2C,CAAC;SACxD,MAAM,CAAC,KAAK,EAAE,IAAY,EAAE,EAAE;QAC7B,MAAM,UAAU,CAAC,IAAI,CAAC,CAAC;IACzB,CAAC,CAAC,CAAC;AACP,CAAC;AAED,wDAAwD;AACxD,SAAS,eAAe,CAAC,KAA0D;IACjF,OAAO,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;AAC/E,CAAC;AAED,SAAS,UAAU,CAAC,MAAyB;IAC3C,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IACxD,IAAI,MAAM,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC,MAAM,CAAC,sBAAsB,CAAC,CAAC;IACtE,OAAO,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;AAChC,CAAC;AAED,KAAK,UAAU,OAAO;IACpB,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,OAAO,GAAG,cAAc,EAAE,CAAC;IAEjC,2EAA2E;IAC3E,2DAA2D;IAC3D,MAAM,eAAe,GAAG,IAAI,GAAG,EAA6B,CAAC;IAC7D,MAAM,OAAO,CAAC,GAAG,CACf,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QACtB,IAAI,CAAC,CAAC,CAAC,QAAQ;YAAE,OAAO;QACxB,MAAM,MAAM,GAAG,MAAM,oBAAoB,CAAC,eAAe,CAAC,CAAwD,CAAC,CAAC,CAAC;QACrH,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,EAAE,MAAM,CAAC,MAAM,CAAC,CAAC;IACrD,CAAC,CAAC,CACH,CAAC;IAEF,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ;YACE,OAAO;YACP,OAAO,EAAE,mBAAmB;YAC5B,OAAO,EAAE,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;gBAC3B,YAAY,EAAE,CAAC,CAAC,YAAY;gBAC5B,EAAE,EAAE,CAAC,CAAC,QAAQ,KAAK,IAAI;gBACvB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,IAAI;gBAClD,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,UAAU,EAAE,CAAC,CAAC,UAAU;aACzB,CAAC,CAAC;SACJ,EACD,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACF,OAAO;IACT,CAAC;IACD,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;IAChB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC;IACnC,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,0CAA0C,CAAC,CAAC,CAAC;IACnE,OAAO,CAAC,GAAG,CACT,wBAAwB,OAAO,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,mBAAmB,KAAK,CAAC,EAAE,CACpH,CAAC;IACF,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,+CAA+C,CAAC,CAAC,CAAC;QACxE,OAAO;IACT,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,QAAQ,EAAE,CAAC;YACf,MAAM,MAAM,GACV,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;gBAC5B,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;gBAC9C,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;YAC9D,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,EAAE,CAAC,CAAC;YAChG,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC,CAAC;YAClD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,QAAQ,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;YAC7D,MAAM,MAAM,GAAG,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,YAAY,CAAC,IAAI,WAAW,CAAC;YAClE,OAAO,CAAC,GAAG,CAAC,gBAAgB,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC,CAAC;QACpD,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,GAAG,CAAC,KAAK,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,YAAY,EAAE,CAAC,CAAC;YACrD,IAAI,CAAC,CAAC,UAAU;gBAAE,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;;gBAC3C,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;QAClD,CAAC;IACH,CAAC;IACD,IAAI,CAAC,OAAO,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CACP,kCAAkC,mBAAmB,yDAAyD,CAC/G,CACF,CAAC;IACJ,CAAC;IACD,MAAM,YAAY,GAAG,CAAC,GAAG,eAAe,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;IAChF,IAAI,YAAY,EAAE,CAAC;QACjB,OAAO,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAChB,OAAO,CAAC,GAAG,CACT,KAAK,CAAC,GAAG,CACP,uGAAuG,CACxG,CACF,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,QAAQ,CAAC,IAAwB,EAAE,OAA0B;IAC1E,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,cAAc,CAAC,CAAC;IACrD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,CAAC,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC,CAAC,MAAM,CAC5D,CAAC,CAAC,EAA4D,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,IAAI,CACrF,CAAC;IAEF,IAAI,OAAmE,CAAC;IACxE,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAChB,OAAO,GAAG,KAAK,CAAC;IAClB,CAAC;SAAM,IAAI,CAAC,IAAI,EAAE,CAAC;QACjB,IAAI,CAAC,MAAM,EAAE,0CAA0C,CAAC,CAAC;QACzD,OAAO;IACT,CAAC;SAAM,CAAC;QACN,MAAM,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,IAAI,CAAC,CAAC;QAC1D,IAAI,CAAC,KAAK,EAAE,CAAC;YACX,IAAI,CAAC,MAAM,EAAE,0BAA0B,IAAI,6BAA6B,CAAC,CAAC;YAC1E,OAAO;QACT,CAAC;QACD,OAAO,GAAG,CAAC,KAAK,CAAC,CAAC;IACpB,CAAC;IAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACzB,IAAI,CAAC,MAAM,EAAE,2DAA2D,CAAC,CAAC;QAC1E,OAAO;IACT,CAAC;IAED,MAAM,OAAO,GAA0E,EAAE,CAAC;IAC1F,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,MAAM,UAAU,GAAG,eAAe,CAAC,CAAC,CAAC,CAAC;QACtC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,WAAW,CAAC,UAAU,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC;YAC7D,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC;QAC1E,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QAC9G,CAAC;IACH,CAAC;IAED,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,OAAO,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC3F,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACjD,OAAO;IACT,CAAC;IACD,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC;YACT,OAAO,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,YAAY,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACvH,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,GAAG,KAAK,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,KAAK,EAAE,CAAC,CAAC;QAC3D,CAAC;IACH,CAAC;IACD,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AACnD,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,IAAY;IACpC,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,gBAAgB,CAAC,CAAC;IACvD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,KAAK,GAAG,CAAC,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAC1D,CAAC,CAAC,EAA4D,EAAE,CAAC,CAAC,CAAC,QAAQ,EAAE,IAAI,KAAK,IAAI,CAC3F,CAAC;IACF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,IAAI,CAAC,MAAM,EAAE,0BAA0B,IAAI,6BAA6B,CAAC,CAAC;QAC1E,OAAO;IACT,CAAC;IACD,MAAM,OAAO,GAAG,MAAM,aAAa,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC;IAC5D,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAClE,OAAO;IACT,CAAC;IACD,OAAO,CAAC,GAAG,CACT,OAAO;QACL,CAAC,CAAC,GAAG,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,sBAAsB,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;QAC7D,CAAC,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,IAAI,sCAAsC,CAAC,CAC/D,CAAC;AACJ,CAAC;AAED,SAAS,IAAI,CAAC,MAAc,EAAE,OAAe;IAC3C,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,OAAO,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;IACtE,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC;IACpC,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,KAAK,UAAU,WAAW,CAAC,YAAoB;IAC7C,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,iBAAiB,CAAC,CAAC;IACxD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzE,MAAM,CAAC,GAAG,MAAM,sBAAsB,CAAC,oBAAoB,CAAC,CAAC;IAC7D,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,EACpG,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACF,IAAI,CAAC,CAAC,CAAC,EAAE;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC3B,OAAO;IACT,CAAC;IACD,IAAI,CAAC,CAAC,EAAE,EAAE,CAAC;QACT,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,8BAA8B,CAAC,CAAC,QAAQ,CAAC,aAAa,GAAG,CAAC,CAAC,CAAC;IACvG,CAAC;SAAM,CAAC;QACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,YAAY,KAAK,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAC3D,eAAe,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QAC9B,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,OAAyC;IAC9D,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,IAAI,GAAG,SAAS,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACrC,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,CAAC,IAAI,EAAE,CAAC,CAAC;QACxE,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,GAAG,MAAM,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;YAC9D,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,aAAa,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC;QACtF,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,aAAa,IAAI,CAAC,QAAQ,CAAC,QAAQ,EAAE,MAAM,CAAC,UAAU,CAAC,EAAE,CAAC,CAAC,CAAC;IACpF,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;YACtB,OAAO,CAAC,GAAG,CACT,IAAI,CAAC,SAAS,CACZ,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,EACtE,IAAI,EACJ,CAAC,CACF,CACF,CAAC;QACJ,CAAC;aAAM,CAAC;YACN,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC7E,CAAC;QACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAClB,CAAC;AACH,CAAC;AAED,KAAK,UAAU,OAAO,CAAC,YAAoB,EAAE,OAA0E;IACrH,aAAa,EAAE,CAAC;IAChB,kBAAkB,EAAE,CAAC;IACrB,MAAM,MAAM,GAAG,qBAAqB,CAAC,aAAa,CAAC,CAAC;IACpD,MAAM,QAAQ,GAAG,WAAW,EAAE,CAAC;IAC/B,MAAM,oBAAoB,GAAG,mBAAmB,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;IACzE,MAAM,WAAW,GACf,OAAO,OAAO,CAAC,OAAO,KAAK,QAAQ;QACjC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,OAAO,CAAC,OAAO,CAAC;QACzC,CAAC,CAAC,QAAQ,CAAC;IACf,MAAM,OAAO,GAAG,OAAO,CAAC,OAAO,KAAK,IAAI,IAAI,OAAO,CAAC,cAAc,KAAK,IAAI,CAAC;IAC5E,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,oBAAoB,EAAE,EAAE,WAAW,EAAE,OAAO,EAAE,CAAC,CAAC;IAChF,IAAI,MAAM,KAAK,MAAM,EAAE,CAAC;QACtB,OAAO,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM,CAAC,EAAE;YAAE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,OAAO;IACT,CAAC;IACD,IAAI,MAAM,CAAC,EAAE,EAAE,CAAC;QACd,IAAI,CAAC,MAAM,CAAC,SAAS,CAAC,QAAQ,EAAE,CAAC;YAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,mCAAmC,CAAC,CAAC,CAAC;YAC/E,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,4BAA4B,MAAM,CAAC,QAAQ,CAAC,OAAO,iCAAiC,CAAC,CAAC,CAAC;YAC7G,OAAO;QACT,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,KAAK,CAAC,KAAK,YAAY,iCAAiC,CAAC,CAAC,CAAC;QAC7E,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;QAChF,CAAC;QACD,IAAI,MAAM,CAAC,QAAQ,EAAE,CAAC;YACpB,OAAO,CAAC,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,wBAAwB,MAAM,CAAC,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAC7G,CAAC;QACD,OAAO;IACT,CAAC;IACD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,YAAY,sBAAsB,CAAC,CAAC,CAAC;IAClE,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,WAAW,EAAE,CAAC;QAC5C,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,MAAM,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAC3E,CAAC;IACD,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,SAAS,CAAC,KAAc;IAC/B,IAAI,KAAK,KAAK,UAAU,IAAI,KAAK,KAAK,UAAU;QAAE,OAAO,KAAK,CAAC;IAC/D,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,sBAAsB,MAAM,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,CAAC;IACjE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,qCAAqC,CAAC,CAAC,CAAC;IAChE,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAAC,QAAgB,EAAE,YAAoB;IACjE,OAAO,IAAI,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;AAC7F,CAAC;AAED,SAAS,eAAe,CAAC,UAA4B;IACnD,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,UAAU,UAAU,CAAC,IAAI,KAAK,UAAU,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAC7E,IAAI,UAAU,CAAC,IAAI;QAAE,OAAO,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,eAAe,UAAU,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC;AAClF,CAAC"}
|
|
@@ -0,0 +1,56 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Plugin trust-on-first-use (TOFU) store.
|
|
3
|
+
*
|
|
4
|
+
* The plugin preview (PROJSCAN_PLUGINS_PREVIEW=1) executes JavaScript from the
|
|
5
|
+
* SCANNED repository's `.projscan-plugins/` directory. The env flag is a coarse
|
|
6
|
+
* on/off switch; once a user sets it (e.g. globally in a shell profile), every
|
|
7
|
+
* repo they later scan could silently run attacker-authored code.
|
|
8
|
+
*
|
|
9
|
+
* TOFU narrows that: a plugin module only executes if its exact bytes have been
|
|
10
|
+
* explicitly approved via `projscan plugin trust <name>`. Approval is recorded
|
|
11
|
+
* as a SHA-256 of the module file, keyed by its canonical (realpath) location.
|
|
12
|
+
* If the module's content later changes, it reverts to "changed" (untrusted)
|
|
13
|
+
* and must be re-approved — so a trusted plugin can't be swapped for a hostile
|
|
14
|
+
* payload behind the user's back.
|
|
15
|
+
*
|
|
16
|
+
* SECURITY-CRITICAL: the store lives OUTSIDE any scanned repo (user config dir,
|
|
17
|
+
* overridable for tests via PROJSCAN_PLUGIN_TRUST_HOME). A repo-local store
|
|
18
|
+
* would let a malicious repo ship a pre-seeded trust file that auto-approves
|
|
19
|
+
* its own plugin, defeating the whole mechanism.
|
|
20
|
+
*/
|
|
21
|
+
export declare const PLUGIN_TRUST_HOME_ENV = "PROJSCAN_PLUGIN_TRUST_HOME";
|
|
22
|
+
export type PluginTrustStatus = 'trusted' | 'untrusted' | 'changed';
|
|
23
|
+
export interface PluginTrustEntry {
|
|
24
|
+
/** Canonical (realpath) absolute path of the approved module file. */
|
|
25
|
+
modulePath: string;
|
|
26
|
+
/** SHA-256 of the module file's bytes at the time it was trusted. */
|
|
27
|
+
sha256: string;
|
|
28
|
+
/** Plugin name from the manifest, for human-readable listings. */
|
|
29
|
+
name: string;
|
|
30
|
+
/** ISO timestamp of approval. */
|
|
31
|
+
trustedAt: string;
|
|
32
|
+
}
|
|
33
|
+
export interface PluginTrustResult {
|
|
34
|
+
status: PluginTrustStatus;
|
|
35
|
+
/** Hash of the module file as it exists on disk now; null if unreadable. */
|
|
36
|
+
sha256: string | null;
|
|
37
|
+
/** The stored approval for this module path, if any. */
|
|
38
|
+
entry: PluginTrustEntry | null;
|
|
39
|
+
}
|
|
40
|
+
/** SHA-256 of a file's bytes, or null when the file can't be read. */
|
|
41
|
+
export declare function hashModuleFile(modulePath: string): Promise<string | null>;
|
|
42
|
+
/**
|
|
43
|
+
* Determine whether a plugin module is trusted to execute. Compares the module
|
|
44
|
+
* file's current hash against the approved hash recorded for its canonical path.
|
|
45
|
+
*/
|
|
46
|
+
export declare function getPluginTrustStatus(modulePath: string): Promise<PluginTrustResult>;
|
|
47
|
+
/**
|
|
48
|
+
* Record approval for the module's current bytes. Upserts by canonical path, so
|
|
49
|
+
* re-trusting after a content change replaces the stale hash. Throws if the
|
|
50
|
+
* module file cannot be read (you cannot approve a module that isn't there).
|
|
51
|
+
*/
|
|
52
|
+
export declare function trustPlugin(modulePath: string, name: string): Promise<PluginTrustEntry>;
|
|
53
|
+
/** Remove a module's approval. Returns true if an entry was removed. */
|
|
54
|
+
export declare function untrustPlugin(modulePath: string): Promise<boolean>;
|
|
55
|
+
/** All recorded approvals. */
|
|
56
|
+
export declare function listTrustedPlugins(): Promise<PluginTrustEntry[]>;
|
|
@@ -0,0 +1,138 @@
|
|
|
1
|
+
import crypto from 'node:crypto';
|
|
2
|
+
import fs from 'node:fs/promises';
|
|
3
|
+
import os from 'node:os';
|
|
4
|
+
import path from 'node:path';
|
|
5
|
+
import { atomicWriteFile } from '../utils/atomicWrite.js';
|
|
6
|
+
/**
|
|
7
|
+
* Plugin trust-on-first-use (TOFU) store.
|
|
8
|
+
*
|
|
9
|
+
* The plugin preview (PROJSCAN_PLUGINS_PREVIEW=1) executes JavaScript from the
|
|
10
|
+
* SCANNED repository's `.projscan-plugins/` directory. The env flag is a coarse
|
|
11
|
+
* on/off switch; once a user sets it (e.g. globally in a shell profile), every
|
|
12
|
+
* repo they later scan could silently run attacker-authored code.
|
|
13
|
+
*
|
|
14
|
+
* TOFU narrows that: a plugin module only executes if its exact bytes have been
|
|
15
|
+
* explicitly approved via `projscan plugin trust <name>`. Approval is recorded
|
|
16
|
+
* as a SHA-256 of the module file, keyed by its canonical (realpath) location.
|
|
17
|
+
* If the module's content later changes, it reverts to "changed" (untrusted)
|
|
18
|
+
* and must be re-approved — so a trusted plugin can't be swapped for a hostile
|
|
19
|
+
* payload behind the user's back.
|
|
20
|
+
*
|
|
21
|
+
* SECURITY-CRITICAL: the store lives OUTSIDE any scanned repo (user config dir,
|
|
22
|
+
* overridable for tests via PROJSCAN_PLUGIN_TRUST_HOME). A repo-local store
|
|
23
|
+
* would let a malicious repo ship a pre-seeded trust file that auto-approves
|
|
24
|
+
* its own plugin, defeating the whole mechanism.
|
|
25
|
+
*/
|
|
26
|
+
export const PLUGIN_TRUST_HOME_ENV = 'PROJSCAN_PLUGIN_TRUST_HOME';
|
|
27
|
+
const TRUST_FILE = 'plugin-trust.json';
|
|
28
|
+
const SCHEMA_VERSION = 1;
|
|
29
|
+
function trustHomeDir() {
|
|
30
|
+
const override = process.env[PLUGIN_TRUST_HOME_ENV];
|
|
31
|
+
if (override)
|
|
32
|
+
return path.resolve(override);
|
|
33
|
+
if (process.env.XDG_CONFIG_HOME)
|
|
34
|
+
return path.join(process.env.XDG_CONFIG_HOME, 'projscan');
|
|
35
|
+
return path.join(os.homedir(), '.config', 'projscan');
|
|
36
|
+
}
|
|
37
|
+
function trustFilePath() {
|
|
38
|
+
return path.join(trustHomeDir(), TRUST_FILE);
|
|
39
|
+
}
|
|
40
|
+
/** Canonical key for a module path: realpath if it exists, else resolved. */
|
|
41
|
+
async function canonicalize(modulePath) {
|
|
42
|
+
try {
|
|
43
|
+
return await fs.realpath(modulePath);
|
|
44
|
+
}
|
|
45
|
+
catch {
|
|
46
|
+
return path.resolve(modulePath);
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
/** SHA-256 of a file's bytes, or null when the file can't be read. */
|
|
50
|
+
export async function hashModuleFile(modulePath) {
|
|
51
|
+
try {
|
|
52
|
+
const bytes = await fs.readFile(modulePath);
|
|
53
|
+
return crypto.createHash('sha256').update(bytes).digest('hex');
|
|
54
|
+
}
|
|
55
|
+
catch {
|
|
56
|
+
return null;
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
async function readStore() {
|
|
60
|
+
try {
|
|
61
|
+
const raw = await fs.readFile(trustFilePath(), 'utf-8');
|
|
62
|
+
const parsed = JSON.parse(raw);
|
|
63
|
+
const entries = Array.isArray(parsed.entries)
|
|
64
|
+
? parsed.entries.filter(isWellShapedEntry)
|
|
65
|
+
: [];
|
|
66
|
+
return { schemaVersion: SCHEMA_VERSION, entries };
|
|
67
|
+
}
|
|
68
|
+
catch {
|
|
69
|
+
return { schemaVersion: SCHEMA_VERSION, entries: [] };
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
async function writeStore(store) {
|
|
73
|
+
const dir = trustHomeDir();
|
|
74
|
+
await fs.mkdir(dir, { recursive: true });
|
|
75
|
+
await atomicWriteFile(trustFilePath(), JSON.stringify(store, null, 2) + '\n');
|
|
76
|
+
}
|
|
77
|
+
function isWellShapedEntry(value) {
|
|
78
|
+
if (!value || typeof value !== 'object')
|
|
79
|
+
return false;
|
|
80
|
+
const e = value;
|
|
81
|
+
return (typeof e.modulePath === 'string' &&
|
|
82
|
+
typeof e.sha256 === 'string' &&
|
|
83
|
+
typeof e.name === 'string' &&
|
|
84
|
+
typeof e.trustedAt === 'string');
|
|
85
|
+
}
|
|
86
|
+
/**
|
|
87
|
+
* Determine whether a plugin module is trusted to execute. Compares the module
|
|
88
|
+
* file's current hash against the approved hash recorded for its canonical path.
|
|
89
|
+
*/
|
|
90
|
+
export async function getPluginTrustStatus(modulePath) {
|
|
91
|
+
const key = await canonicalize(modulePath);
|
|
92
|
+
const [store, sha256] = await Promise.all([readStore(), hashModuleFile(modulePath)]);
|
|
93
|
+
const entry = store.entries.find((e) => e.modulePath === key) ?? null;
|
|
94
|
+
if (!entry)
|
|
95
|
+
return { status: 'untrusted', sha256, entry: null };
|
|
96
|
+
if (sha256 !== null && sha256 === entry.sha256)
|
|
97
|
+
return { status: 'trusted', sha256, entry };
|
|
98
|
+
return { status: 'changed', sha256, entry };
|
|
99
|
+
}
|
|
100
|
+
/**
|
|
101
|
+
* Record approval for the module's current bytes. Upserts by canonical path, so
|
|
102
|
+
* re-trusting after a content change replaces the stale hash. Throws if the
|
|
103
|
+
* module file cannot be read (you cannot approve a module that isn't there).
|
|
104
|
+
*/
|
|
105
|
+
export async function trustPlugin(modulePath, name) {
|
|
106
|
+
const key = await canonicalize(modulePath);
|
|
107
|
+
const sha256 = await hashModuleFile(modulePath);
|
|
108
|
+
if (sha256 === null) {
|
|
109
|
+
throw new Error(`Cannot trust "${modulePath}": module file is unreadable or missing.`);
|
|
110
|
+
}
|
|
111
|
+
const entry = {
|
|
112
|
+
modulePath: key,
|
|
113
|
+
sha256,
|
|
114
|
+
name,
|
|
115
|
+
trustedAt: new Date().toISOString(),
|
|
116
|
+
};
|
|
117
|
+
const store = await readStore();
|
|
118
|
+
store.entries = store.entries.filter((e) => e.modulePath !== key);
|
|
119
|
+
store.entries.push(entry);
|
|
120
|
+
await writeStore(store);
|
|
121
|
+
return entry;
|
|
122
|
+
}
|
|
123
|
+
/** Remove a module's approval. Returns true if an entry was removed. */
|
|
124
|
+
export async function untrustPlugin(modulePath) {
|
|
125
|
+
const key = await canonicalize(modulePath);
|
|
126
|
+
const store = await readStore();
|
|
127
|
+
const before = store.entries.length;
|
|
128
|
+
store.entries = store.entries.filter((e) => e.modulePath !== key);
|
|
129
|
+
if (store.entries.length === before)
|
|
130
|
+
return false;
|
|
131
|
+
await writeStore(store);
|
|
132
|
+
return true;
|
|
133
|
+
}
|
|
134
|
+
/** All recorded approvals. */
|
|
135
|
+
export async function listTrustedPlugins() {
|
|
136
|
+
return (await readStore()).entries;
|
|
137
|
+
}
|
|
138
|
+
//# sourceMappingURL=pluginTrust.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"pluginTrust.js","sourceRoot":"","sources":["../../src/core/pluginTrust.ts"],"names":[],"mappings":"AAAA,OAAO,MAAM,MAAM,aAAa,CAAC;AACjC,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,EAAE,MAAM,SAAS,CAAC;AACzB,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,eAAe,EAAE,MAAM,yBAAyB,CAAC;AAE1D;;;;;;;;;;;;;;;;;;;GAmBG;AAEH,MAAM,CAAC,MAAM,qBAAqB,GAAG,4BAA4B,CAAC;AAClE,MAAM,UAAU,GAAG,mBAAmB,CAAC;AACvC,MAAM,cAAc,GAAG,CAAC,CAAC;AA4BzB,SAAS,YAAY;IACnB,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,qBAAqB,CAAC,CAAC;IACpD,IAAI,QAAQ;QAAE,OAAO,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC;IAC5C,IAAI,OAAO,CAAC,GAAG,CAAC,eAAe;QAAE,OAAO,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,EAAE,UAAU,CAAC,CAAC;IAC3F,OAAO,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,UAAU,CAAC,CAAC;AACxD,CAAC;AAED,SAAS,aAAa;IACpB,OAAO,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,EAAE,UAAU,CAAC,CAAC;AAC/C,CAAC;AAED,6EAA6E;AAC7E,KAAK,UAAU,YAAY,CAAC,UAAkB;IAC5C,IAAI,CAAC;QACH,OAAO,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;IACvC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC;IAClC,CAAC;AACH,CAAC;AAED,sEAAsE;AACtE,MAAM,CAAC,KAAK,UAAU,cAAc,CAAC,UAAkB;IACrD,IAAI,CAAC;QACH,MAAM,KAAK,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QAC5C,OAAO,MAAM,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,KAAK,UAAU,SAAS;IACtB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,aAAa,EAAE,EAAE,OAAO,CAAC,CAAC;QACxD,MAAM,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAA8B,CAAC;QAC5D,MAAM,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC;YAC3C,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,iBAAiB,CAAC;YAC1C,CAAC,CAAC,EAAE,CAAC;QACP,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,OAAO,EAAE,CAAC;IACpD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,aAAa,EAAE,cAAc,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC;IACxD,CAAC;AACH,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,KAAuB;IAC/C,MAAM,GAAG,GAAG,YAAY,EAAE,CAAC;IAC3B,MAAM,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,MAAM,eAAe,CAAC,aAAa,EAAE,EAAE,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC;AAChF,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAc;IACvC,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACtD,MAAM,CAAC,GAAG,KAAgC,CAAC;IAC3C,OAAO,CACL,OAAO,CAAC,CAAC,UAAU,KAAK,QAAQ;QAChC,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ;QAC5B,OAAO,CAAC,CAAC,IAAI,KAAK,QAAQ;QAC1B,OAAO,CAAC,CAAC,SAAS,KAAK,QAAQ,CAChC,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,oBAAoB,CAAC,UAAkB;IAC3D,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,CAAC,KAAK,EAAE,MAAM,CAAC,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC,SAAS,EAAE,EAAE,cAAc,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC;IACrF,MAAM,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,GAAG,CAAC,IAAI,IAAI,CAAC;IAEtE,IAAI,CAAC,KAAK;QAAE,OAAO,EAAE,MAAM,EAAE,WAAW,EAAE,MAAM,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAChE,IAAI,MAAM,KAAK,IAAI,IAAI,MAAM,KAAK,KAAK,CAAC,MAAM;QAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAC5F,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;AAC9C,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,UAAkB,EAAE,IAAY;IAChE,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,MAAM,cAAc,CAAC,UAAU,CAAC,CAAC;IAChD,IAAI,MAAM,KAAK,IAAI,EAAE,CAAC;QACpB,MAAM,IAAI,KAAK,CAAC,iBAAiB,UAAU,0CAA0C,CAAC,CAAC;IACzF,CAAC;IACD,MAAM,KAAK,GAAqB;QAC9B,UAAU,EAAE,GAAG;QACf,MAAM;QACN,IAAI;QACJ,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;KACpC,CAAC;IACF,MAAM,KAAK,GAAG,MAAM,SAAS,EAAE,CAAC;IAChC,KAAK,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,GAAG,CAAC,CAAC;IAClE,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC1B,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC;IACxB,OAAO,KAAK,CAAC;AACf,CAAC;AAED,wEAAwE;AACxE,MAAM,CAAC,KAAK,UAAU,aAAa,CAAC,UAAkB;IACpD,MAAM,GAAG,GAAG,MAAM,YAAY,CAAC,UAAU,CAAC,CAAC;IAC3C,MAAM,KAAK,GAAG,MAAM,SAAS,EAAE,CAAC;IAChC,MAAM,MAAM,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC;IACpC,KAAK,CAAC,OAAO,GAAG,KAAK,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,UAAU,KAAK,GAAG,CAAC,CAAC;IAClE,IAAI,KAAK,CAAC,OAAO,CAAC,MAAM,KAAK,MAAM;QAAE,OAAO,KAAK,CAAC;IAClD,MAAM,UAAU,CAAC,KAAK,CAAC,CAAC;IACxB,OAAO,IAAI,CAAC;AACd,CAAC;AAED,8BAA8B;AAC9B,MAAM,CAAC,KAAK,UAAU,kBAAkB;IACtC,OAAO,CAAC,MAAM,SAAS,EAAE,CAAC,CAAC,OAAO,CAAC;AACrC,CAAC"}
|
package/dist/core/plugins.d.ts
CHANGED
|
@@ -134,7 +134,7 @@ export declare function renderReporterPlugin(plugin: LoadedReporterPlugin, conte
|
|
|
134
134
|
*/
|
|
135
135
|
export declare function runAnalyzerPlugins(plugins: LoadedPlugin[], rootPath: string, files: FileEntry[], context?: PluginAnalyzerContext): Promise<Issue[]>;
|
|
136
136
|
export interface PluginDiagnostic {
|
|
137
|
-
code: 'invalid-manifest' | 'unsupported-schema-version' | 'invalid-name' | 'unsupported-kind' | 'invalid-module' | 'invalid-category' | 'invalid-commands' | 'invalid-description' | 'invalid-manifest-path' | 'invalid-json' | 'read-error' | 'plugins-disabled' | 'reporter-not-found' | 'reporter-unsupported-command' | 'invalid-reporter-export' | 'reporter-load-error' | 'reporter-render-error';
|
|
137
|
+
code: 'invalid-manifest' | 'unsupported-schema-version' | 'invalid-name' | 'unsupported-kind' | 'invalid-module' | 'invalid-category' | 'invalid-commands' | 'invalid-description' | 'invalid-manifest-path' | 'invalid-json' | 'read-error' | 'plugins-disabled' | 'reporter-not-found' | 'reporter-unsupported-command' | 'invalid-reporter-export' | 'reporter-load-error' | 'reporter-render-error' | 'plugin-untrusted';
|
|
138
138
|
message: string;
|
|
139
139
|
field?: string;
|
|
140
140
|
hint?: string;
|
package/dist/core/plugins.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import fs from 'node:fs/promises';
|
|
2
2
|
import path from 'node:path';
|
|
3
3
|
import { pathToFileURL } from 'node:url';
|
|
4
|
+
import { getPluginTrustStatus } from './pluginTrust.js';
|
|
4
5
|
/**
|
|
5
6
|
* Stable local plugin API (2.0+).
|
|
6
7
|
*
|
|
@@ -118,6 +119,14 @@ export async function loadPlugins(rootPath) {
|
|
|
118
119
|
const modulePath = path.resolve(path.dirname(entry.manifestPath), entry.manifest.module);
|
|
119
120
|
try {
|
|
120
121
|
await assertPluginModuleReadable(entry.manifest.module, modulePath);
|
|
122
|
+
// Trust-on-first-use gate: never import (execute) a module the user
|
|
123
|
+
// hasn't explicitly approved. The preview flag opts a user into the
|
|
124
|
+
// plugin *system*; trust opts them into each specific module's bytes.
|
|
125
|
+
const trust = await getPluginTrustStatus(modulePath);
|
|
126
|
+
if (trust.status !== 'trusted') {
|
|
127
|
+
process.stderr.write(untrustedAnalyzerWarning(entry.manifest.name, trust.status));
|
|
128
|
+
continue;
|
|
129
|
+
}
|
|
121
130
|
const mod = await importPluginModule(modulePath);
|
|
122
131
|
const exportsObj = (mod.default ?? mod);
|
|
123
132
|
if (typeof exportsObj.check !== 'function') {
|
|
@@ -189,6 +198,13 @@ async function loadReporterPlugin(manifest, manifestPath) {
|
|
|
189
198
|
const modulePath = path.resolve(path.dirname(manifestPath), manifest.module);
|
|
190
199
|
try {
|
|
191
200
|
await assertPluginModuleReadable(manifest.module, modulePath);
|
|
201
|
+
// Trust-on-first-use gate — see loadPlugins. Reporters render to stdout,
|
|
202
|
+
// but importing the module still runs its top-level code, so the same
|
|
203
|
+
// approval requirement applies.
|
|
204
|
+
const trust = await getPluginTrustStatus(modulePath);
|
|
205
|
+
if (trust.status !== 'trusted') {
|
|
206
|
+
return pluginRuntimeFail(untrustedReporterDiagnostic(manifest.name, trust.status));
|
|
207
|
+
}
|
|
192
208
|
const mod = await importPluginModule(modulePath);
|
|
193
209
|
const exportsObj = (mod.default ?? mod);
|
|
194
210
|
if (typeof exportsObj.render !== 'function') {
|
|
@@ -267,6 +283,23 @@ function describePluginModuleLoadError(err, manifestModule, modulePath, manifest
|
|
|
267
283
|
}
|
|
268
284
|
return { message: formatError(err) };
|
|
269
285
|
}
|
|
286
|
+
function untrustedAnalyzerWarning(name, status) {
|
|
287
|
+
const reason = status === 'changed'
|
|
288
|
+
? 'module changed since it was trusted'
|
|
289
|
+
: 'module is not trusted';
|
|
290
|
+
const verb = status === 'changed' ? 'Re-run' : 'Run';
|
|
291
|
+
return `[projscan] plugin "${name}" ${reason}; skipped (not executed). ${verb} \`projscan plugin trust ${name}\` to approve this module.\n`;
|
|
292
|
+
}
|
|
293
|
+
function untrustedReporterDiagnostic(name, status) {
|
|
294
|
+
const changed = status === 'changed';
|
|
295
|
+
return {
|
|
296
|
+
code: 'plugin-untrusted',
|
|
297
|
+
message: changed
|
|
298
|
+
? `reporter plugin "${name}" changed since it was trusted; not executed`
|
|
299
|
+
: `reporter plugin "${name}" is not trusted; not executed`,
|
|
300
|
+
hint: `${changed ? 'Re-run' : 'Run'} \`projscan plugin trust ${name}\` to approve this reporter.`,
|
|
301
|
+
};
|
|
302
|
+
}
|
|
270
303
|
function importPluginModule(modulePath) {
|
|
271
304
|
return dynamicImport(pathToFileURL(modulePath).href).catch(async (err) => {
|
|
272
305
|
if (!isMissingDynamicImportCallback(err))
|
package/dist/core/plugins.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugins.js","sourceRoot":"","sources":["../../src/core/plugins.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAIzC;;;;;;;;;;;;;GAaG;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,0BAA0B,CAAC;AAC9D,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC;AACvC,MAAM,CAAC,MAAM,UAAU,GAAG,mBAAmB,CAAC;AAC9C,MAAM,CAAC,MAAM,mBAAmB,GAAG,uBAAuB,CAAC;AAG3D,gFAAgF;AAChF,MAAM,aAAa,GAAG,IAAI,QAAQ,CAAC,WAAW,EAAE,0BAA0B,CAAkB,CAAC;AAK7F,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,CAAU,CAAC;AAsF7E,MAAM,UAAU,cAAc;IAC5B,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAC3C,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,MAAM,CAAC;AACnC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,YAAoB;IAC/D,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/F,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,OAAO;YACf,UAAU,EAAE;gBACV,IAAI,EAAE,YAAY;gBAClB,OAAO;gBACP,IAAI,EAAE,uCAAuC;aAC9C;SACF,CAAC;IACJ,CAAC;IAED,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,iBAAiB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QACpF,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,OAAO;YACf,UAAU,EAAE;gBACV,IAAI,EAAE,cAAc;gBACpB,OAAO;gBACP,IAAI,EAAE,uCAAuC;aAC9C;SACF,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC5C,OAAO,UAAU,CAAC,EAAE;QAClB,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,QAAQ,EAAE;QAC7C,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,UAAU,EAAE,CAAC;AAClF,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,QAAgB;IAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC5C,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC;YAAE,SAAS;QAClD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,YAAY,CAAC,CAAC;QAC1D,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,GAAG,CAAC,IAAI,CAAC;gBACP,YAAY;gBACZ,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,MAAM,CAAC,MAAM;gBACpB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,GAAG,CAAC,IAAI,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAgB;IAChD,IAAI,CAAC,cAAc,EAAE;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAmB,EAAE,CAAC;IAClC,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;QAC/B,IAAI,CAAC,KAAK,CAAC,QAAQ;YAAE,SAAS;QAC9B,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;YAAE,SAAS;QACjD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACzF,IAAI,CAAC;YACH,MAAM,0BAA0B,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACpE,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjD,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAmC,CAAC;YAC1E,IAAI,OAAO,UAAU,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;gBAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sBAAsB,KAAK,CAAC,QAAQ,CAAC,IAAI,mIAAmI,CAC7K,CAAC;gBACF,SAAS;YACX,CAAC;YACD,MAAM,CAAC,IAAI,CAAC;gBACV,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,UAAU;gBACV,OAAO,EAAE,EAAE,KAAK,EAAE,UAAU,CAAC,KAAuC,EAAE;aACvE,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,6BAA6B,CAAC,GAAG,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;YACjG,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sBAAsB,KAAK,CAAC,QAAQ,CAAC,IAAI,qBAAqB,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,cAAc,CAClI,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,QAAgB,EAChB,YAAoB,EACpB,OAA8B;IAE9B,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;QACtB,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,4BAA4B,mBAAmB,IAAI;YAC5D,IAAI,EAAE,OAAO,mBAAmB,mDAAmD;SACpF,CAAC,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAC9B,CAAC,KAAK,EAAwE,EAAE,CAC9E,KAAK,CAAC,QAAQ,EAAE,IAAI,KAAK,UAAU,CACtC,CAAC;IACF,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC;IACtF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,oBAAoB,YAAY,iBAAiB;YAC1D,IAAI,EAAE,gEAAgE;SACvE,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/C,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,oBAAoB,YAAY,+BAA+B,OAAO,GAAG;YAClF,IAAI,EAAE,QAAQ,OAAO,6EAA6E;SACnG,CAAC,CAAC;IACL,CAAC;IAED,OAAO,kBAAkB,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;AAChE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA4B,EAC5B,OAA8B;IAE9B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,OAAO,iBAAiB,CAAC;gBACvB,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,oBAAoB,MAAM,CAAC,QAAQ,CAAC,IAAI,cAAc,OAAO,MAAM,mBAAmB;gBAC/F,IAAI,EAAE,uDAAuD;aAC9D,CAAC,CAAC;QACL,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,uBAAuB;YAC7B,OAAO,EAAE,oBAAoB,MAAM,CAAC,QAAQ,CAAC,IAAI,2BAA2B,WAAW,CAAC,GAAG,CAAC,EAAE;YAC9F,IAAI,EAAE,gEAAgE;SACvE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,QAAgC,EAChC,YAAoB;IAEpB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7E,IAAI,CAAC;QACH,MAAM,0BAA0B,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAC9D,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAmC,CAAC;QAC1E,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC5C,OAAO,iBAAiB,CAAC;gBACvB,IAAI,EAAE,yBAAyB;gBAC/B,OAAO,EAAE,oBAAoB,QAAQ,CAAC,IAAI,oCAAoC;gBAC9E,IAAI,EAAE,mFAAmF;aAC1F,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,IAAI;YACR,MAAM,EAAE;gBACN,QAAQ;gBACR,YAAY;gBACZ,UAAU;gBACV,OAAO,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAyC,EAAE;aAC1E;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,6BAA6B,CAAC,GAAG,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,mBAAmB,CAAC,CAAC;QACpG,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EAAE,oBAAoB,QAAQ,CAAC,IAAI,qBAAqB,MAAM,CAAC,OAAO,EAAE;YAC/E,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,mDAAmD;SACzE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,MAAM,wBAAyB,SAAQ,KAAK;IACrB;IAAiC;IAAtD,YAAqB,cAAsB,EAAW,UAAkB;QACtE,KAAK,CAAC,WAAW,cAAc,sBAAsB,UAAU,EAAE,CAAC,CAAC;QADhD,mBAAc,GAAd,cAAc,CAAQ;QAAW,eAAU,GAAV,UAAU,CAAQ;IAExE,CAAC;CACF;AAED,MAAM,qBAAsB,SAAQ,KAAK;IAClB;IAAiC;IAAtD,YAAqB,cAAsB,EAAW,UAAkB,EAAE,GAAY;QACpF,KAAK,CAAC,WAAW,cAAc,0BAA0B,UAAU,KAAK,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QADzE,mBAAc,GAAd,cAAc,CAAQ;QAAW,eAAU,GAAV,UAAU,CAAQ;IAExE,CAAC;CACF;AAED,KAAK,UAAU,0BAA0B,CAAC,cAAsB,EAAE,UAAkB;IAClF,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,IAAI,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAE,GAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACrH,IAAI,IAAI,KAAK,QAAQ;YAAE,MAAM,IAAI,wBAAwB,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;QACtF,MAAM,IAAI,qBAAqB,CAAC,cAAc,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED,SAAS,6BAA6B,CACpC,GAAY,EACZ,cAAsB,EACtB,UAAkB,EAClB,aAA+C;IAE/C,IAAI,GAAG,YAAY,wBAAwB,EAAE,CAAC;QAC5C,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,IAAI,EAAE,aAAa,aAAa,iBAAiB;SAClD,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,YAAY,qBAAqB,EAAE,CAAC;QACzC,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,IAAI,EAAE,kCAAkC,aAAa,iBAAiB;SACvE,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,YAAY,WAAW,EAAE,CAAC;QAC/B,OAAO;YACL,OAAO,EAAE,2BAA2B,cAAc,MAAM,WAAW,CAAC,GAAG,CAAC,EAAE;YAC1E,IAAI,EAAE,aAAa,UAAU,kCAAkC;SAChE,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;AACvC,CAAC;AAED,SAAS,kBAAkB,CAAC,UAAkB;IAC5C,OAAO,aAAa,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACvE,IAAI,CAAC,8BAA8B,CAAC,GAAG,CAAC;YAAE,MAAM,GAAG,CAAC;QACpD,OAAO,4BAA4B,CAAC,UAAU,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,8BAA8B,CAAC,GAAY;IAClD,OAAO,GAAG,YAAY,SAAS,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,2CAA2C,CAAC,CAAC;AACvG,CAAC;AAED,KAAK,UAAU,4BAA4B,CAAC,UAAkB;IAC5D,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACtD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChF,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,QAAQ,CAAC,WAAW,UAAU,IAAI,CAAC,EAAa,EAAE,CAAC;IAC3E,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,8DAA8D,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;QAClH,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACzB,OAAO,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC;IAC3B,CAAC,CAAC,CAAC;IACH,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,4CAA4C,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE;QAC3F,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACzB,OAAO,SAAS,IAAI,IAAI,CAAC;IAC3B,CAAC,CAAC,CAAC;IACH,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,OAAO,IAAI,QAAQ,CAAC,GAAG,WAAW,cAAc,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAA6B,CAAC;AACtG,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,OAAuB,EACvB,QAAgB,EAChB,KAAkB,EAClB,OAA+B;IAE/B,MAAM,GAAG,GAAY,EAAE,CAAC;IACxB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAChE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sBAAsB,CAAC,CAAC,QAAQ,CAAC,IAAI,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,CAC1I,CAAC;YACF,SAAS;QACX,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,GAAG,EAAE,CAAC;YACxB,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC;gBAAE,SAAS;YACxC,GAAG,CAAC,IAAI,CAAC;gBACP,GAAG,KAAK;gBACR,EAAE,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,EAAE;gBAC3C,QAAQ,EAAE,KAAK,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAoCD,SAAS,cAAc,CAAC,UAA4B;IAClD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,iBAAiB,CAAC,UAA4B;IACrD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,WAAW,CAAC,GAAY;IAC/B,OAAO,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,KAAc;IAC7C,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,gCAAgC;YACzC,IAAI,EAAE,4EAA4E;SACnF,CAAC,CAAC;IACL,CAAC;IACD,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,IAAI,GAAG,CAAC,aAAa,KAAK,qBAAqB,EAAE,CAAC;QAChD,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,4BAA4B;YAClC,KAAK,EAAE,eAAe;YACtB,OAAO,EAAE,6BAA6B,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,cAAc,qBAAqB,EAAE;YACpG,IAAI,EAAE,wBAAwB,qBAAqB,GAAG;SACvD,CAAC,CAAC;IACL,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,+BAA+B,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QACpF,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,cAAc;YACpB,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,yDAAyD;YAClE,IAAI,EAAE,iFAAiF;SACxF,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACvD,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,uCAAuC;YAChD,IAAI,EAAE,kGAAkG;SACzG,CAAC,CAAC;IACL,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,gDAAgD;YACzD,IAAI,EAAE,sFAAsF;SAC7F,CAAC,CAAC;IACL,CAAC;IACD,2EAA2E;IAC3E,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,EAAE,CAAC;QACzF,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,sDAAsD;YAC/D,IAAI,EAAE,qDAAqD;SAC5D,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QACzE,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,qBAAqB;YAC3B,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,4CAA4C;SACtD,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC5B,IAAI,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClE,OAAO,cAAc,CAAC;gBACpB,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,UAAU;gBACjB,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,sFAAsF;aAC7F,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,IAAI;YACR,QAAQ,EAAE;gBACR,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,GAAG,CAAC,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACjF;SACF,CAAC;IACJ,CAAC;IAED,MAAM,iBAAiB,GAAG,wBAAwB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACjE,IAAI,CAAC,iBAAiB,CAAC,EAAE;QAAE,OAAO,iBAAiB,CAAC;IAEpD,OAAO;QACL,EAAE,EAAE,IAAI;QACR,QAAQ,EAAE;YACR,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,iBAAiB,CAAC,QAAQ;YACpC,GAAG,CAAC,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjF;KACF,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAc;IAC9C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,UAAU;YACjB,OAAO,EAAE,yDAAyD;YAClE,IAAI,EAAE,0DAA0D;SACjE,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,EAAyB,CAAC;IAC9C,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,KAAK,IAAI,KAAK,EAAE,CAAC;QAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,UAAU;YACjB,OAAO,EAAE,oCAAoC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACjE,IAAI,EAAE,uDAAuD;SAC9D,CAAC,CAAC;IACL,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa;IACtC,OAAQ,wBAA8C,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAU;IACnC,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9C,MAAM,GAAG,GAAG,CAA4B,CAAC;IACzC,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,IAAI,GAAG,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACpE,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACtD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACnD,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IACxD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,CAAU;IAC5B,OAAO,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,MAAM,CAAC;AAC1D,CAAC"}
|
|
1
|
+
{"version":3,"file":"plugins.js","sourceRoot":"","sources":["../../src/core/plugins.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAC7B,OAAO,EAAE,aAAa,EAAE,MAAM,UAAU,CAAC;AAGzC,OAAO,EAAE,oBAAoB,EAA0B,MAAM,kBAAkB,CAAC;AAEhF;;;;;;;;;;;;;GAaG;AAEH,MAAM,CAAC,MAAM,mBAAmB,GAAG,0BAA0B,CAAC;AAC9D,MAAM,CAAC,MAAM,qBAAqB,GAAG,CAAC,CAAC;AACvC,MAAM,CAAC,MAAM,UAAU,GAAG,mBAAmB,CAAC;AAC9C,MAAM,CAAC,MAAM,mBAAmB,GAAG,uBAAuB,CAAC;AAG3D,gFAAgF;AAChF,MAAM,aAAa,GAAG,IAAI,QAAQ,CAAC,WAAW,EAAE,0BAA0B,CAAkB,CAAC;AAK7F,MAAM,CAAC,MAAM,wBAAwB,GAAG,CAAC,QAAQ,EAAE,SAAS,EAAE,IAAI,CAAU,CAAC;AAsF7E,MAAM,UAAU,cAAc;IAC5B,MAAM,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,CAAC;IAC3C,OAAO,CAAC,KAAK,GAAG,IAAI,CAAC,KAAK,MAAM,CAAC;AACnC,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,sBAAsB,CAAC,YAAoB;IAC/D,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,YAAY,EAAE,OAAO,CAAC,CAAC;IACjD,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,4BAA4B,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QAC/F,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,OAAO;YACf,UAAU,EAAE;gBACV,IAAI,EAAE,YAAY;gBAClB,OAAO;gBACP,IAAI,EAAE,uCAAuC;aAC9C;SACF,CAAC;IACJ,CAAC;IAED,IAAI,MAAe,CAAC;IACpB,IAAI,CAAC;QACH,MAAM,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAC3B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,OAAO,GAAG,iBAAiB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,CAAC;QACpF,OAAO;YACL,EAAE,EAAE,KAAK;YACT,MAAM,EAAE,OAAO;YACf,UAAU,EAAE;gBACV,IAAI,EAAE,cAAc;gBACpB,OAAO;gBACP,IAAI,EAAE,uCAAuC;aAC9C;SACF,CAAC;IACJ,CAAC;IAED,MAAM,UAAU,GAAG,gBAAgB,CAAC,MAAM,CAAC,CAAC;IAC5C,OAAO,UAAU,CAAC,EAAE;QAClB,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,CAAC,QAAQ,EAAE;QAC7C,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,UAAU,EAAE,CAAC;AAClF,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAAC,QAAgB;IAC5D,MAAM,GAAG,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAC5C,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,EAAE,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAClC,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,CAAC;IACZ,CAAC;IACD,MAAM,GAAG,GAA2B,EAAE,CAAC;IACvC,KAAK,MAAM,IAAI,IAAI,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC;QAClC,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,mBAAmB,CAAC;YAAE,SAAS;QAClD,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QAC1C,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,YAAY,CAAC,CAAC;QAC1D,IAAI,CAAC,MAAM,CAAC,EAAE,EAAE,CAAC;YACf,GAAG,CAAC,IAAI,CAAC;gBACP,YAAY;gBACZ,QAAQ,EAAE,IAAI;gBACd,KAAK,EAAE,MAAM,CAAC,MAAM;gBACpB,UAAU,EAAE,MAAM,CAAC,UAAU;aAC9B,CAAC,CAAC;YACH,SAAS;QACX,CAAC;QACD,GAAG,CAAC,IAAI,CAAC,EAAE,YAAY,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,QAAgB;IAChD,IAAI,CAAC,cAAc,EAAE;QAAE,OAAO,EAAE,CAAC;IACjC,MAAM,UAAU,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAC3D,MAAM,MAAM,GAAmB,EAAE,CAAC;IAClC,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;QAC/B,IAAI,CAAC,KAAK,CAAC,QAAQ;YAAE,SAAS;QAC9B,IAAI,KAAK,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;YAAE,SAAS;QACjD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,YAAY,CAAC,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;QACzF,IAAI,CAAC;YACH,MAAM,0BAA0B,CAAC,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACpE,oEAAoE;YACpE,oEAAoE;YACpE,sEAAsE;YACtE,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,CAAC;YACrD,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;gBAC/B,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,wBAAwB,CAAC,KAAK,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;gBAClF,SAAS;YACX,CAAC;YACD,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,CAAC;YACjD,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAmC,CAAC;YAC1E,IAAI,OAAO,UAAU,CAAC,KAAK,KAAK,UAAU,EAAE,CAAC;gBAC3C,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sBAAsB,KAAK,CAAC,QAAQ,CAAC,IAAI,mIAAmI,CAC7K,CAAC;gBACF,SAAS;YACX,CAAC;YACD,MAAM,CAAC,IAAI,CAAC;gBACV,QAAQ,EAAE,KAAK,CAAC,QAAQ;gBACxB,YAAY,EAAE,KAAK,CAAC,YAAY;gBAChC,UAAU;gBACV,OAAO,EAAE,EAAE,KAAK,EAAE,UAAU,CAAC,KAAuC,EAAE;aACvE,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,MAAM,GAAG,6BAA6B,CAAC,GAAG,EAAE,KAAK,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,UAAU,CAAC,CAAC;YACjG,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sBAAsB,KAAK,CAAC,QAAQ,CAAC,IAAI,qBAAqB,MAAM,CAAC,OAAO,GAAG,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,cAAc,CAClI,CAAC;QACJ,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,qBAAqB,CACzC,QAAgB,EAChB,YAAoB,EACpB,OAA8B;IAE9B,IAAI,CAAC,cAAc,EAAE,EAAE,CAAC;QACtB,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,4BAA4B,mBAAmB,IAAI;YAC5D,IAAI,EAAE,OAAO,mBAAmB,mDAAmD;SACpF,CAAC,CAAC;IACL,CAAC;IAED,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IACxD,MAAM,SAAS,GAAG,OAAO,CAAC,MAAM,CAC9B,CAAC,KAAK,EAAwE,EAAE,CAC9E,KAAK,CAAC,QAAQ,EAAE,IAAI,KAAK,UAAU,CACtC,CAAC;IACF,MAAM,KAAK,GAAG,SAAS,CAAC,IAAI,CAAC,CAAC,SAAS,EAAE,EAAE,CAAC,SAAS,CAAC,QAAQ,CAAC,IAAI,KAAK,YAAY,CAAC,CAAC;IACtF,IAAI,CAAC,KAAK,EAAE,CAAC;QACX,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,oBAAoB;YAC1B,OAAO,EAAE,oBAAoB,YAAY,iBAAiB;YAC1D,IAAI,EAAE,gEAAgE;SACvE,CAAC,CAAC;IACL,CAAC;IAED,IAAI,CAAC,KAAK,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QAC/C,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,oBAAoB,YAAY,+BAA+B,OAAO,GAAG;YAClF,IAAI,EAAE,QAAQ,OAAO,6EAA6E;SACnG,CAAC,CAAC;IACL,CAAC;IAED,OAAO,kBAAkB,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,CAAC,YAAY,CAAC,CAAC;AAChE,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,oBAAoB,CACxC,MAA4B,EAC5B,OAA8B;IAE9B,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACpD,IAAI,OAAO,MAAM,KAAK,QAAQ,EAAE,CAAC;YAC/B,OAAO,iBAAiB,CAAC;gBACvB,IAAI,EAAE,uBAAuB;gBAC7B,OAAO,EAAE,oBAAoB,MAAM,CAAC,QAAQ,CAAC,IAAI,cAAc,OAAO,MAAM,mBAAmB;gBAC/F,IAAI,EAAE,uDAAuD;aAC9D,CAAC,CAAC;QACL,CAAC;QACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,MAAM,EAAE,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,uBAAuB;YAC7B,OAAO,EAAE,oBAAoB,MAAM,CAAC,QAAQ,CAAC,IAAI,2BAA2B,WAAW,CAAC,GAAG,CAAC,EAAE;YAC9F,IAAI,EAAE,gEAAgE;SACvE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,QAAgC,EAChC,YAAoB;IAEpB,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;IAC7E,IAAI,CAAC;QACH,MAAM,0BAA0B,CAAC,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;QAC9D,yEAAyE;QACzE,sEAAsE;QACtE,gCAAgC;QAChC,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,CAAC;QACrD,IAAI,KAAK,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC/B,OAAO,iBAAiB,CAAC,2BAA2B,CAAC,QAAQ,CAAC,IAAI,EAAE,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC;QACrF,CAAC;QACD,MAAM,GAAG,GAAG,MAAM,kBAAkB,CAAC,UAAU,CAAC,CAAC;QACjD,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,OAAO,IAAI,GAAG,CAAmC,CAAC;QAC1E,IAAI,OAAO,UAAU,CAAC,MAAM,KAAK,UAAU,EAAE,CAAC;YAC5C,OAAO,iBAAiB,CAAC;gBACvB,IAAI,EAAE,yBAAyB;gBAC/B,OAAO,EAAE,oBAAoB,QAAQ,CAAC,IAAI,oCAAoC;gBAC9E,IAAI,EAAE,mFAAmF;aAC1F,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,IAAI;YACR,MAAM,EAAE;gBACN,QAAQ;gBACR,YAAY;gBACZ,UAAU;gBACV,OAAO,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAyC,EAAE;aAC1E;SACF,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,MAAM,GAAG,6BAA6B,CAAC,GAAG,EAAE,QAAQ,CAAC,MAAM,EAAE,UAAU,EAAE,mBAAmB,CAAC,CAAC;QACpG,OAAO,iBAAiB,CAAC;YACvB,IAAI,EAAE,qBAAqB;YAC3B,OAAO,EAAE,oBAAoB,QAAQ,CAAC,IAAI,qBAAqB,MAAM,CAAC,OAAO,EAAE;YAC/E,IAAI,EAAE,MAAM,CAAC,IAAI,IAAI,mDAAmD;SACzE,CAAC,CAAC;IACL,CAAC;AACH,CAAC;AAED,MAAM,wBAAyB,SAAQ,KAAK;IACrB;IAAiC;IAAtD,YAAqB,cAAsB,EAAW,UAAkB;QACtE,KAAK,CAAC,WAAW,cAAc,sBAAsB,UAAU,EAAE,CAAC,CAAC;QADhD,mBAAc,GAAd,cAAc,CAAQ;QAAW,eAAU,GAAV,UAAU,CAAQ;IAExE,CAAC;CACF;AAED,MAAM,qBAAsB,SAAQ,KAAK;IAClB;IAAiC;IAAtD,YAAqB,cAAsB,EAAW,UAAkB,EAAE,GAAY;QACpF,KAAK,CAAC,WAAW,cAAc,0BAA0B,UAAU,KAAK,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC,CAAC;QADzE,mBAAc,GAAd,cAAc,CAAQ;QAAW,eAAU,GAAV,UAAU,CAAQ;IAExE,CAAC;CACF;AAED,KAAK,UAAU,0BAA0B,CAAC,cAAsB,EAAE,UAAkB;IAClF,IAAI,CAAC;QACH,MAAM,EAAE,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,IAAI,GAAG,OAAO,GAAG,KAAK,QAAQ,IAAI,GAAG,KAAK,IAAI,IAAI,MAAM,IAAI,GAAG,CAAC,CAAC,CAAC,MAAM,CAAE,GAAyB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;QACrH,IAAI,IAAI,KAAK,QAAQ;YAAE,MAAM,IAAI,wBAAwB,CAAC,cAAc,EAAE,UAAU,CAAC,CAAC;QACtF,MAAM,IAAI,qBAAqB,CAAC,cAAc,EAAE,UAAU,EAAE,GAAG,CAAC,CAAC;IACnE,CAAC;AACH,CAAC;AAED,SAAS,6BAA6B,CACpC,GAAY,EACZ,cAAsB,EACtB,UAAkB,EAClB,aAA+C;IAE/C,IAAI,GAAG,YAAY,wBAAwB,EAAE,CAAC;QAC5C,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,IAAI,EAAE,aAAa,aAAa,iBAAiB;SAClD,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,YAAY,qBAAqB,EAAE,CAAC;QACzC,OAAO;YACL,OAAO,EAAE,GAAG,CAAC,OAAO;YACpB,IAAI,EAAE,kCAAkC,aAAa,iBAAiB;SACvE,CAAC;IACJ,CAAC;IACD,IAAI,GAAG,YAAY,WAAW,EAAE,CAAC;QAC/B,OAAO;YACL,OAAO,EAAE,2BAA2B,cAAc,MAAM,WAAW,CAAC,GAAG,CAAC,EAAE;YAC1E,IAAI,EAAE,aAAa,UAAU,kCAAkC;SAChE,CAAC;IACJ,CAAC;IACD,OAAO,EAAE,OAAO,EAAE,WAAW,CAAC,GAAG,CAAC,EAAE,CAAC;AACvC,CAAC;AAED,SAAS,wBAAwB,CAAC,IAAY,EAAE,MAAyB;IACvE,MAAM,MAAM,GACV,MAAM,KAAK,SAAS;QAClB,CAAC,CAAC,qCAAqC;QACvC,CAAC,CAAC,uBAAuB,CAAC;IAC9B,MAAM,IAAI,GAAG,MAAM,KAAK,SAAS,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,CAAC;IACrD,OAAO,sBAAsB,IAAI,KAAK,MAAM,6BAA6B,IAAI,4BAA4B,IAAI,8BAA8B,CAAC;AAC9I,CAAC;AAED,SAAS,2BAA2B,CAAC,IAAY,EAAE,MAAyB;IAC1E,MAAM,OAAO,GAAG,MAAM,KAAK,SAAS,CAAC;IACrC,OAAO;QACL,IAAI,EAAE,kBAAkB;QACxB,OAAO,EAAE,OAAO;YACd,CAAC,CAAC,oBAAoB,IAAI,8CAA8C;YACxE,CAAC,CAAC,oBAAoB,IAAI,gCAAgC;QAC5D,IAAI,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,KAAK,4BAA4B,IAAI,8BAA8B;KAClG,CAAC;AACJ,CAAC;AAED,SAAS,kBAAkB,CAAC,UAAkB;IAC5C,OAAO,aAAa,CAAC,aAAa,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,EAAE,EAAE;QACvE,IAAI,CAAC,8BAA8B,CAAC,GAAG,CAAC;YAAE,MAAM,GAAG,CAAC;QACpD,OAAO,4BAA4B,CAAC,UAAU,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;AACL,CAAC;AAED,SAAS,8BAA8B,CAAC,GAAY;IAClD,OAAO,GAAG,YAAY,SAAS,IAAI,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,2CAA2C,CAAC,CAAC;AACvG,CAAC;AAED,KAAK,UAAU,4BAA4B,CAAC,UAAkB;IAC5D,MAAM,MAAM,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACtD,MAAM,YAAY,GAAG,MAAM,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChF,IAAI,YAAY,EAAE,CAAC;QACjB,MAAM,UAAU,GAAG,YAAY,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,IAAI,EAAE,EAAE,CAAC,CAAC;QAC5D,OAAO,EAAE,OAAO,EAAE,IAAI,QAAQ,CAAC,WAAW,UAAU,IAAI,CAAC,EAAa,EAAE,CAAC;IAC3E,CAAC;IAED,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,IAAI,WAAW,GAAG,MAAM,CAAC,OAAO,CAAC,8DAA8D,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,EAAE;QAClH,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACzB,OAAO,GAAG,IAAI,IAAI,IAAI,EAAE,CAAC;IAC3B,CAAC,CAAC,CAAC;IACH,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,4CAA4C,EAAE,CAAC,EAAE,EAAE,IAAI,EAAE,EAAE;QAC3F,KAAK,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC;QACzB,OAAO,SAAS,IAAI,IAAI,CAAC;IAC3B,CAAC,CAAC,CAAC;IACH,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACrE,CAAC;IACD,OAAO,IAAI,QAAQ,CAAC,GAAG,WAAW,cAAc,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,EAA6B,CAAC;AACtG,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CACtC,OAAuB,EACvB,QAAgB,EAChB,KAAkB,EAClB,OAA+B;IAE/B,MAAM,GAAG,GAAY,EAAE,CAAC;IACxB,KAAK,MAAM,CAAC,IAAI,OAAO,EAAE,CAAC;QACxB,IAAI,GAAY,CAAC;QACjB,IAAI,CAAC;YACH,GAAG,GAAG,CAAC,MAAM,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,QAAQ,EAAE,KAAK,EAAE,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC;QAChE,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO,CAAC,MAAM,CAAC,KAAK,CAClB,sBAAsB,CAAC,CAAC,QAAQ,CAAC,IAAI,yBAAyB,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,2BAA2B,CAC1I,CAAC;YACF,SAAS;QACX,CAAC;QACD,KAAK,MAAM,KAAK,IAAI,GAAG,EAAE,CAAC;YACxB,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC;gBAAE,SAAS;YACxC,GAAG,CAAC,IAAI,CAAC;gBACP,GAAG,KAAK;gBACR,EAAE,EAAE,UAAU,CAAC,CAAC,QAAQ,CAAC,IAAI,IAAI,KAAK,CAAC,EAAE,EAAE;gBAC3C,QAAQ,EAAE,KAAK,CAAC,QAAQ,IAAI,CAAC,CAAC,QAAQ,CAAC,QAAQ;aAChD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAqCD,SAAS,cAAc,CAAC,UAA4B;IAClD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,iBAAiB,CAAC,UAA4B;IACrD,OAAO,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,EAAE,UAAU,CAAC,OAAO,EAAE,UAAU,EAAE,CAAC;AAC/D,CAAC;AAED,SAAS,WAAW,CAAC,GAAY;IAC/B,OAAO,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;AAC1D,CAAC;AAED,MAAM,UAAU,gBAAgB,CAAC,KAAc;IAC7C,IAAI,CAAC,KAAK,IAAI,OAAO,KAAK,KAAK,QAAQ,EAAE,CAAC;QACxC,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,OAAO,EAAE,gCAAgC;YACzC,IAAI,EAAE,4EAA4E;SACnF,CAAC,CAAC;IACL,CAAC;IACD,MAAM,GAAG,GAAG,KAAgC,CAAC;IAC7C,IAAI,GAAG,CAAC,aAAa,KAAK,qBAAqB,EAAE,CAAC;QAChD,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,4BAA4B;YAClC,KAAK,EAAE,eAAe;YACtB,OAAO,EAAE,6BAA6B,MAAM,CAAC,GAAG,CAAC,aAAa,CAAC,cAAc,qBAAqB,EAAE;YACpG,IAAI,EAAE,wBAAwB,qBAAqB,GAAG;SACvD,CAAC,CAAC;IACL,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,IAAI,CAAC,+BAA+B,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC;QACpF,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,cAAc;YACpB,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,yDAAyD;YAClE,IAAI,EAAE,iFAAiF;SACxF,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QACvD,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,uCAAuC;YAChD,IAAI,EAAE,kGAAkG;SACzG,CAAC,CAAC;IACL,CAAC;IACD,IAAI,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,IAAI,GAAG,CAAC,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC9D,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,gDAAgD;YACzD,IAAI,EAAE,sFAAsF;SAC7F,CAAC,CAAC;IACL,CAAC;IACD,2EAA2E;IAC3E,IAAI,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,MAAM,CAAC,IAAI,GAAG,CAAC,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,GAAG,EAAE,EAAE,CAAC,GAAG,KAAK,IAAI,CAAC,EAAE,CAAC;QACzF,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,gBAAgB;YACtB,KAAK,EAAE,QAAQ;YACf,OAAO,EAAE,sDAAsD;YAC/D,IAAI,EAAE,qDAAqD;SAC5D,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,IAAI,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ,EAAE,CAAC;QACzE,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,qBAAqB;YAC3B,KAAK,EAAE,aAAa;YACpB,OAAO,EAAE,4CAA4C;SACtD,CAAC,CAAC;IACL,CAAC;IACD,IAAI,GAAG,CAAC,IAAI,KAAK,UAAU,EAAE,CAAC;QAC5B,IAAI,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ,IAAI,GAAG,CAAC,QAAQ,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAClE,OAAO,cAAc,CAAC;gBACpB,IAAI,EAAE,kBAAkB;gBACxB,KAAK,EAAE,UAAU;gBACjB,OAAO,EAAE,2CAA2C;gBACpD,IAAI,EAAE,sFAAsF;aAC7F,CAAC,CAAC;QACL,CAAC;QACD,OAAO;YACL,EAAE,EAAE,IAAI;YACR,QAAQ,EAAE;gBACR,aAAa,EAAE,GAAG,CAAC,aAAa;gBAChC,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,MAAM,EAAE,GAAG,CAAC,MAAM;gBAClB,QAAQ,EAAE,GAAG,CAAC,QAAQ;gBACtB,GAAG,CAAC,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;aACjF;SACF,CAAC;IACJ,CAAC;IAED,MAAM,iBAAiB,GAAG,wBAAwB,CAAC,GAAG,CAAC,QAAQ,CAAC,CAAC;IACjE,IAAI,CAAC,iBAAiB,CAAC,EAAE;QAAE,OAAO,iBAAiB,CAAC;IAEpD,OAAO;QACL,EAAE,EAAE,IAAI;QACR,QAAQ,EAAE;YACR,aAAa,EAAE,GAAG,CAAC,aAAa;YAChC,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,IAAI,EAAE,GAAG,CAAC,IAAI;YACd,MAAM,EAAE,GAAG,CAAC,MAAM;YAClB,QAAQ,EAAE,iBAAiB,CAAC,QAAQ;YACpC,GAAG,CAAC,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACjF;KACF,CAAC;AACJ,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAc;IAC9C,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,KAAK,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChD,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,UAAU;YACjB,OAAO,EAAE,yDAAyD;YAClE,IAAI,EAAE,0DAA0D;SACjE,CAAC,CAAC;IACL,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,EAAyB,CAAC;IAC9C,MAAM,OAAO,GAAa,EAAE,CAAC;IAC7B,KAAK,MAAM,KAAK,IAAI,KAAK,EAAE,CAAC;QAC1B,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE,CAAC;YAC3D,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;YAC5B,SAAS;QACX,CAAC;QACD,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;IAClB,CAAC;IACD,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,cAAc,CAAC;YACpB,IAAI,EAAE,kBAAkB;YACxB,KAAK,EAAE,UAAU;YACjB,OAAO,EAAE,oCAAoC,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;YACjE,IAAI,EAAE,uDAAuD;SAC9D,CAAC,CAAC;IACL,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,CAAC,GAAG,IAAI,CAAC,EAAE,CAAC;AAC3C,CAAC;AAED,SAAS,iBAAiB,CAAC,KAAa;IACtC,OAAQ,wBAA8C,CAAC,QAAQ,CAAC,KAAK,CAAC,CAAC;AACzE,CAAC;AAED,SAAS,iBAAiB,CAAC,CAAU;IACnC,IAAI,CAAC,CAAC,IAAI,OAAO,CAAC,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAC9C,MAAM,GAAG,GAAG,CAA4B,CAAC;IACzC,IAAI,OAAO,GAAG,CAAC,EAAE,KAAK,QAAQ,IAAI,GAAG,CAAC,EAAE,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,KAAK,CAAC;IACpE,IAAI,OAAO,GAAG,CAAC,KAAK,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IAChD,IAAI,OAAO,GAAG,CAAC,WAAW,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACtD,IAAI,CAAC,UAAU,CAAC,GAAG,CAAC,QAAQ,CAAC;QAAE,OAAO,KAAK,CAAC;IAC5C,IAAI,OAAO,GAAG,CAAC,QAAQ,KAAK,QAAQ;QAAE,OAAO,KAAK,CAAC;IACnD,IAAI,OAAO,GAAG,CAAC,YAAY,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IACxD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,UAAU,CAAC,CAAU;IAC5B,OAAO,CAAC,KAAK,OAAO,IAAI,CAAC,KAAK,SAAS,IAAI,CAAC,KAAK,MAAM,CAAC;AAC1D,CAAC"}
|
package/dist/core/privacy.js
CHANGED
|
@@ -115,8 +115,8 @@ export async function buildPrivacyCheckReport(rootPath, scan, config = {}) {
|
|
|
115
115
|
discoveredManifestCount: pluginManifests.length,
|
|
116
116
|
localCodeExecution: pluginExecutionEnabled,
|
|
117
117
|
note: pluginExecutionEnabled
|
|
118
|
-
? 'Local
|
|
119
|
-
: `Local plugins are disabled unless ${PLUGIN_PREVIEW_FLAG}=1 is
|
|
118
|
+
? 'Local plugin execution is enabled, but each plugin module additionally requires explicit trust-on-first-use approval (`projscan plugin trust <name>`) before it runs.'
|
|
119
|
+
: `Local plugins are disabled unless ${PLUGIN_PREVIEW_FLAG}=1 is set, and each module must then be approved with \`projscan plugin trust\`.`,
|
|
120
120
|
},
|
|
121
121
|
localWrites: {
|
|
122
122
|
surfaces: knownLocalWriteSurfaces(),
|
package/dist/core/privacy.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"privacy.js","sourceRoot":"","sources":["../../src/core/privacy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,uBAAuB,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC5F,OAAO,EAAE,0BAA0B,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAEhF,MAAM,CAAC,MAAM,WAAW,GAAG,kBAAkB,CAAC;AAC9C,MAAM,mBAAmB,GAAG,0BAA0B,CAAC;AAwDvD,MAAM,UAAU,aAAa,CAAC,MAAuB;IACnD,IAAI,MAAM,EAAE,IAAI,EAAE,OAAO,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACvC,OAAO,KAAK,KAAK,GAAG,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,KAAK,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAO,GAAG,aAAa,EAAE;IAC7D,OAAO;QACL;YACE,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,0BAA0B;YACpC,OAAO,EAAE,2BAA2B;YACpC,gBAAgB,EAAE,OAAO;SAC1B;QACD;YACE,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,4BAA4B;YACtC,OAAO,EAAE,mCAAmC;YAC5C,gBAAgB,EAAE,OAAO;SAC1B;QACD;YACE,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,yBAAyB;YACnC,OAAO,EAAE,gBAAgB;YACzB,gBAAgB,EAAE,OAAO;SAC1B;QACD;YACE,IAAI,EAAE,yBAAyB;YAC/B,QAAQ,EAAE,gDAAgD;YAC1D,OAAO,EAAE,mEAAmE;YAC5E,gBAAgB,EAAE,OAAO;SAC1B;KACF,CAAC;AACJ,CAAC;AAGD,MAAM,UAAU,uBAAuB;IACrC,OAAO;QACL;YACE,IAAI,EAAE,aAAa;YACnB,IAAI,EAAE,4BAA4B;YAClC,OAAO,EAAE,uDAAuD;YAChE,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,gBAAgB;YACtB,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,oEAAoE;YAC7E,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,mCAAmC;YACzC,IAAI,EAAE,gCAAgC;YACtC,OAAO,EAAE,sEAAsE;YAC/E,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,gBAAgB;YACtB,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,uDAAuD;YAChE,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,kDAAkD;YAC3D,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,mEAAmE;YAC5E,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,uBAAuB;YAC7B,IAAI,EAAE,sEAAsE;YAC5E,OAAO,EAAE,wDAAwD;YACjE,gBAAgB,EAAE,KAAK;SACxB;KACF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,QAAgB,EAChB,IAAgB,EAChB,SAAyB,EAAE;IAE3B,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,MAAM,kBAAkB,EAAE,CAAC;IAC7C,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,sBAAsB,GAAG,cAAc,EAAE,CAAC;IAChD,OAAO;QACL,SAAS,EAAE;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,WAAW,EAAE,SAAS,CAAC,WAAW;YAClC,WAAW,EAAE,SAAS,CAAC,WAAW;SACnC;QACD,OAAO,EAAE;YACP,OAAO,EAAE,OAAO;YAChB,GAAG,EAAE,WAAW;SACjB;QACD,IAAI,EAAE;YACJ,QAAQ;YACR,MAAM,EAAE,IAAI,CAAC,YAAY,CAAC,MAAM;YAChC,kBAAkB,EAAE,IAAI,CAAC,YAAY,CAAC,kBAAkB;YACxD,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,cAAc;YAChD,gBAAgB,EAAE,IAAI,CAAC,YAAY,CAAC,gBAAgB;YACpD,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B;QACD,kBAAkB,EAAE,MAAM,CAAC,IAAI,EAAE,aAAa,KAAK,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,KAAK,GAAG;QACnG,OAAO,EAAE;YACP,gBAAgB,EAAE,sBAAsB;YACxC,OAAO,EAAE,mBAAmB;YAC5B,uBAAuB,EAAE,eAAe,CAAC,MAAM;YAC/C,kBAAkB,EAAE,sBAAsB;YAC1C,IAAI,EAAE,sBAAsB;gBAC1B,CAAC,CAAC
|
|
1
|
+
{"version":3,"file":"privacy.js","sourceRoot":"","sources":["../../src/core/privacy.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,uBAAuB,EAAE,mBAAmB,EAAE,cAAc,EAAE,MAAM,cAAc,CAAC;AAC5F,OAAO,EAAE,0BAA0B,EAAE,kBAAkB,EAAE,MAAM,gBAAgB,CAAC;AAEhF,MAAM,CAAC,MAAM,WAAW,GAAG,kBAAkB,CAAC;AAC9C,MAAM,mBAAmB,GAAG,0BAA0B,CAAC;AAwDvD,MAAM,UAAU,aAAa,CAAC,MAAuB;IACnD,IAAI,MAAM,EAAE,IAAI,EAAE,OAAO,KAAK,IAAI;QAAE,OAAO,IAAI,CAAC;IAChD,MAAM,KAAK,GAAG,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC;IACvC,OAAO,KAAK,KAAK,GAAG,IAAI,KAAK,KAAK,MAAM,IAAI,KAAK,KAAK,KAAK,CAAC;AAC9D,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,GAAG,CAAC;AACjC,CAAC;AAED,MAAM,UAAU,qBAAqB,CAAC,OAAO,GAAG,aAAa,EAAE;IAC7D,OAAO;QACL;YACE,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,0BAA0B;YACpC,OAAO,EAAE,2BAA2B;YACpC,gBAAgB,EAAE,OAAO;SAC1B;QACD;YACE,IAAI,EAAE,cAAc;YACpB,QAAQ,EAAE,4BAA4B;YACtC,OAAO,EAAE,mCAAmC;YAC5C,gBAAgB,EAAE,OAAO;SAC1B;QACD;YACE,IAAI,EAAE,WAAW;YACjB,QAAQ,EAAE,yBAAyB;YACnC,OAAO,EAAE,gBAAgB;YACzB,gBAAgB,EAAE,OAAO;SAC1B;QACD;YACE,IAAI,EAAE,yBAAyB;YAC/B,QAAQ,EAAE,gDAAgD;YAC1D,OAAO,EAAE,mEAAmE;YAC5E,gBAAgB,EAAE,OAAO;SAC1B;KACF,CAAC;AACJ,CAAC;AAGD,MAAM,UAAU,uBAAuB;IACrC,OAAO;QACL;YACE,IAAI,EAAE,aAAa;YACnB,IAAI,EAAE,4BAA4B;YAClC,OAAO,EAAE,uDAAuD;YAChE,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,gBAAgB;YACtB,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,oEAAoE;YAC7E,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,mCAAmC;YACzC,IAAI,EAAE,gCAAgC;YACtC,OAAO,EAAE,sEAAsE;YAC/E,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,gBAAgB;YACtB,IAAI,EAAE,8BAA8B;YACpC,OAAO,EAAE,uDAAuD;YAChE,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,UAAU;YAChB,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,kDAAkD;YAC3D,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,mBAAmB;YACzB,IAAI,EAAE,yBAAyB;YAC/B,OAAO,EAAE,mEAAmE;YAC5E,gBAAgB,EAAE,IAAI;SACvB;QACD;YACE,IAAI,EAAE,uBAAuB;YAC7B,IAAI,EAAE,sEAAsE;YAC5E,OAAO,EAAE,wDAAwD;YACjE,gBAAgB,EAAE,KAAK;SACxB;KACF,CAAC;AACJ,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,uBAAuB,CAC3C,QAAgB,EAChB,IAAgB,EAChB,SAAyB,EAAE;IAE3B,MAAM,OAAO,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC;IACtC,MAAM,SAAS,GAAG,MAAM,kBAAkB,EAAE,CAAC;IAC7C,MAAM,eAAe,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;IAChE,MAAM,sBAAsB,GAAG,cAAc,EAAE,CAAC;IAChD,OAAO;QACL,SAAS,EAAE;YACT,OAAO,EAAE,SAAS,CAAC,OAAO;YAC1B,WAAW,EAAE,SAAS,CAAC,WAAW;YAClC,WAAW,EAAE,SAAS,CAAC,WAAW;SACnC;QACD,OAAO,EAAE;YACP,OAAO,EAAE,OAAO;YAChB,GAAG,EAAE,WAAW;SACjB;QACD,IAAI,EAAE;YACJ,QAAQ;YACR,MAAM,EAAE,IAAI,CAAC,YAAY,CAAC,MAAM;YAChC,kBAAkB,EAAE,IAAI,CAAC,YAAY,CAAC,kBAAkB;YACxD,cAAc,EAAE,IAAI,CAAC,YAAY,CAAC,cAAc;YAChD,gBAAgB,EAAE,IAAI,CAAC,YAAY,CAAC,gBAAgB;YACpD,UAAU,EAAE,IAAI,CAAC,UAAU;SAC5B;QACD,kBAAkB,EAAE,MAAM,CAAC,IAAI,EAAE,aAAa,KAAK,IAAI,IAAI,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC,KAAK,GAAG;QACnG,OAAO,EAAE;YACP,gBAAgB,EAAE,sBAAsB;YACxC,OAAO,EAAE,mBAAmB;YAC5B,uBAAuB,EAAE,eAAe,CAAC,MAAM;YAC/C,kBAAkB,EAAE,sBAAsB;YAC1C,IAAI,EAAE,sBAAsB;gBAC1B,CAAC,CAAC,uKAAuK;gBACzK,CAAC,CAAC,qCAAqC,mBAAmB,kFAAkF;SAC/I;QACD,WAAW,EAAE;YACX,QAAQ,EAAE,uBAAuB,EAAE;SACpC;QACD,aAAa,EAAE;YACb,cAAc,EAAE,IAAI;YACpB,eAAe,EAAE,IAAI;YACrB,kBAAkB,EAAE,IAAI;YACxB,IAAI,EAAE,iKAAiK;SACxK;QACD,OAAO,EAAE;YACP,SAAS,EAAE,qBAAqB,CAAC,OAAO,CAAC;SAC1C;KACF,CAAC;AACJ,CAAC"}
|
package/dist/fixes/eslintFix.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { execFileSync } from 'node:child_process';
|
|
2
2
|
import fs from 'node:fs/promises';
|
|
3
3
|
import path from 'node:path';
|
|
4
4
|
import { fileExists } from '../utils/fileHelpers.js';
|
|
@@ -13,7 +13,11 @@ export const eslintFix = {
|
|
|
13
13
|
if (hasTypeScript) {
|
|
14
14
|
packages.push('@typescript-eslint/parser', '@typescript-eslint/eslint-plugin');
|
|
15
15
|
}
|
|
16
|
-
|
|
16
|
+
// execFile (no shell) keeps the package names off any shell command line,
|
|
17
|
+
// and `--ignore-scripts` blocks the scanned repo's npm lifecycle scripts —
|
|
18
|
+
// rootPath is potentially untrusted, so a plain `npm install` here would be
|
|
19
|
+
// an RCE vector the moment a user runs `projscan fix`. See testFix.
|
|
20
|
+
execFileSync('npm', ['install', '--save-dev', '--ignore-scripts', ...packages], {
|
|
17
21
|
cwd: rootPath,
|
|
18
22
|
stdio: 'pipe',
|
|
19
23
|
timeout: 60_000,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"eslintFix.js","sourceRoot":"","sources":["../../src/fixes/eslintFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"eslintFix.js","sourceRoot":"","sources":["../../src/fixes/eslintFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAC,MAAM,SAAS,GAAQ;IAC5B,EAAE,EAAE,YAAY;IAChB,KAAK,EAAE,8BAA8B;IACrC,WAAW,EAAE,kDAAkD;IAC/D,OAAO,EAAE,gBAAgB;IAEzB,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;QAE7E,MAAM,QAAQ,GAAG,CAAC,QAAQ,CAAC,CAAC;QAC5B,IAAI,aAAa,EAAE,CAAC;YAClB,QAAQ,CAAC,IAAI,CAAC,2BAA2B,EAAE,kCAAkC,CAAC,CAAC;QACjF,CAAC;QAED,0EAA0E;QAC1E,2EAA2E;QAC3E,4EAA4E;QAC5E,oEAAoE;QACpE,YAAY,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,EAAE,GAAG,QAAQ,CAAC,EAAE;YAC9E,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG,aAAa;YAC1B,CAAC,CAAC;gBACE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACjC,MAAM,EAAE,2BAA2B;gBACnC,OAAO,EAAE,CAAC,oBAAoB,CAAC;gBAC/B,OAAO,EAAE,CAAC,oBAAoB,EAAE,uCAAuC,CAAC;gBACxE,aAAa,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE;gBAC9D,KAAK,EAAE,EAAE;aACV;YACH,CAAC,CAAC;gBACE,GAAG,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,MAAM,EAAE,IAAI,EAAE;gBACjC,OAAO,EAAE,CAAC,oBAAoB,CAAC;gBAC/B,aAAa,EAAE,EAAE,WAAW,EAAE,QAAQ,EAAE,UAAU,EAAE,QAAQ,EAAE;gBAC9D,KAAK,EAAE,EAAE;aACV,CAAC;QAEN,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,CAAC,EACrC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACtC,OAAO,CACR,CAAC;IACJ,CAAC;CACF,CAAC"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { execFileSync } from 'node:child_process';
|
|
2
2
|
import fs from 'node:fs/promises';
|
|
3
3
|
import path from 'node:path';
|
|
4
4
|
export const prettierFix = {
|
|
@@ -7,7 +7,10 @@ export const prettierFix = {
|
|
|
7
7
|
description: 'Installs Prettier and creates a configuration file',
|
|
8
8
|
issueId: 'missing-prettier',
|
|
9
9
|
async apply(rootPath) {
|
|
10
|
-
|
|
10
|
+
// `--ignore-scripts`: see testFix — rootPath is untrusted, so block the
|
|
11
|
+
// scanned repo's npm lifecycle scripts (RCE vector). execFile (no shell)
|
|
12
|
+
// avoids putting anything on a shell command line.
|
|
13
|
+
execFileSync('npm', ['install', '--save-dev', '--ignore-scripts', 'prettier'], {
|
|
11
14
|
cwd: rootPath,
|
|
12
15
|
stdio: 'pipe',
|
|
13
16
|
timeout: 60_000,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"prettierFix.js","sourceRoot":"","sources":["../../src/fixes/prettierFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"prettierFix.js","sourceRoot":"","sources":["../../src/fixes/prettierFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAG7B,MAAM,CAAC,MAAM,WAAW,GAAQ;IAC9B,EAAE,EAAE,cAAc;IAClB,KAAK,EAAE,gCAAgC;IACvC,WAAW,EAAE,oDAAoD;IACjE,OAAO,EAAE,kBAAkB;IAE3B,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,wEAAwE;QACxE,yEAAyE;QACzE,mDAAmD;QACnD,YAAY,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,EAAE,UAAU,CAAC,EAAE;YAC7E,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,MAAM,MAAM,GAAG;YACb,IAAI,EAAE,IAAI;YACV,WAAW,EAAE,IAAI;YACjB,aAAa,EAAE,KAAK;YACpB,UAAU,EAAE,GAAG;YACf,QAAQ,EAAE,CAAC;SACZ,CAAC;QAEF,MAAM,EAAE,CAAC,SAAS,CAChB,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,aAAa,CAAC,EAClC,IAAI,CAAC,SAAS,CAAC,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EACtC,OAAO,CACR,CAAC;QAEF,mDAAmD;QACnD,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5B,IAAI,CAAC,GAAG,CAAC,OAAO;gBAAE,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC;YACnC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;gBACxB,GAAG,CAAC,OAAO,CAAC,MAAM,GAAG,oBAAoB,CAAC;gBAC1C,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;YAC5E,CAAC;QACH,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnE,OAAO,CAAC,sCAAsC;YAChD,CAAC;YACD,MAAM,GAAG,CAAC,CAAC,oDAAoD;QACjE,CAAC;IACH,CAAC;CACF,CAAC"}
|
package/dist/fixes/testFix.js
CHANGED
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import {
|
|
1
|
+
import { execFileSync } from 'node:child_process';
|
|
2
2
|
import fs from 'node:fs/promises';
|
|
3
3
|
import path from 'node:path';
|
|
4
4
|
import { fileExists } from '../utils/fileHelpers.js';
|
|
@@ -8,7 +8,13 @@ export const testFix = {
|
|
|
8
8
|
description: 'Installs Vitest and creates a sample test file',
|
|
9
9
|
issueId: 'missing-test-framework',
|
|
10
10
|
async apply(rootPath) {
|
|
11
|
-
|
|
11
|
+
// `--ignore-scripts`: rootPath is the scanned (potentially untrusted) repo.
|
|
12
|
+
// Without it, `npm install` would run that repo's preinstall/install/
|
|
13
|
+
// postinstall/prepare lifecycle scripts — and any installed dependency's
|
|
14
|
+
// install scripts — turning `projscan fix` into arbitrary code execution
|
|
15
|
+
// on a hostile repo. execFile (no shell) also keeps package names off any
|
|
16
|
+
// shell command line.
|
|
17
|
+
execFileSync('npm', ['install', '--save-dev', '--ignore-scripts', 'vitest'], {
|
|
12
18
|
cwd: rootPath,
|
|
13
19
|
stdio: 'pipe',
|
|
14
20
|
timeout: 60_000,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"testFix.js","sourceRoot":"","sources":["../../src/fixes/testFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,
|
|
1
|
+
{"version":3,"file":"testFix.js","sourceRoot":"","sources":["../../src/fixes/testFix.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,MAAM,oBAAoB,CAAC;AAClD,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AAErD,MAAM,CAAC,MAAM,OAAO,GAAQ;IAC1B,EAAE,EAAE,WAAW;IACf,KAAK,EAAE,8BAA8B;IACrC,WAAW,EAAE,gDAAgD;IAC7D,OAAO,EAAE,wBAAwB;IAEjC,KAAK,CAAC,KAAK,CAAC,QAAgB;QAC1B,4EAA4E;QAC5E,sEAAsE;QACtE,yEAAyE;QACzE,yEAAyE;QACzE,0EAA0E;QAC1E,sBAAsB;QACtB,YAAY,CAAC,KAAK,EAAE,CAAC,SAAS,EAAE,YAAY,EAAE,kBAAkB,EAAE,QAAQ,CAAC,EAAE;YAC3E,GAAG,EAAE,QAAQ;YACb,KAAK,EAAE,MAAM;YACb,OAAO,EAAE,MAAM;SAChB,CAAC,CAAC;QAEH,kCAAkC;QAClC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YAChD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAE5B,IAAI,CAAC,GAAG,CAAC,OAAO;gBAAE,GAAG,CAAC,OAAO,GAAG,EAAE,CAAC;YACnC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;gBACtB,GAAG,CAAC,OAAO,CAAC,IAAI,GAAG,YAAY,CAAC;YAClC,CAAC;YACD,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;gBAC/B,GAAG,CAAC,OAAO,CAAC,YAAY,CAAC,GAAG,QAAQ,CAAC;YACvC,CAAC;YAED,MAAM,EAAE,CAAC,SAAS,CAAC,OAAO,EAAE,IAAI,CAAC,SAAS,CAAC,GAAG,EAAE,IAAI,EAAE,CAAC,CAAC,GAAG,IAAI,EAAE,OAAO,CAAC,CAAC;QAC5E,CAAC;QAAC,OAAO,GAAY,EAAE,CAAC;YACtB,IAAI,GAAG,YAAY,KAAK,IAAI,MAAM,IAAI,GAAG,IAAI,GAAG,CAAC,IAAI,KAAK,QAAQ,EAAE,CAAC;gBACnE,OAAO,CAAC,sCAAsC;YAChD,CAAC;YACD,MAAM,GAAG,CAAC,CAAC,oDAAoD;QACjE,CAAC;QAED,yCAAyC;QACzC,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;QAC9C,MAAM,EAAE,CAAC,KAAK,CAAC,QAAQ,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QAE9C,MAAM,aAAa,GAAG,MAAM,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,eAAe,CAAC,CAAC,CAAC;QAC7E,MAAM,GAAG,GAAG,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QAExC,MAAM,UAAU,GAAG;;;;;;;CAOtB,CAAC;QAEE,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,gBAAgB,GAAG,EAAE,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,YAAY,CAAC,CAAC;QAC9C,IAAI,CAAC,MAAM,EAAE,CAAC;YACZ,MAAM,EAAE,CAAC,SAAS,CAAC,YAAY,EAAE,UAAU,EAAE,OAAO,CAAC,CAAC;QACxD,CAAC;IACH,CAAC;CACF,CAAC"}
|
package/dist/mcp/tools/plugin.js
CHANGED
|
@@ -1,6 +1,7 @@
|
|
|
1
1
|
import fs from 'node:fs/promises';
|
|
2
2
|
import path from 'node:path';
|
|
3
3
|
import { PLUGIN_DIR, PLUGIN_MANIFEST_EXT, PLUGIN_PREVIEW_FLAG, discoverPluginManifests, pluginsEnabled, readPluginManifestFile, } from '../../core/plugins.js';
|
|
4
|
+
import { getPluginTrustStatus } from '../../core/pluginTrust.js';
|
|
4
5
|
/**
|
|
5
6
|
* `projscan_plugin` — discover and validate stable local analyzer/reporter
|
|
6
7
|
* plugins under `<root>/.projscan-plugins/*.projscan-plugin.json`.
|
|
@@ -11,7 +12,7 @@ import { PLUGIN_DIR, PLUGIN_MANIFEST_EXT, PLUGIN_PREVIEW_FLAG, discoverPluginMan
|
|
|
11
12
|
*/
|
|
12
13
|
export const pluginTool = {
|
|
13
14
|
name: 'projscan_plugin',
|
|
14
|
-
description: 'Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag
|
|
15
|
+
description: 'Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag AND each module must be approved with trust-on-first-use; the list reports a per-plugin `trust` status (trusted / untrusted / changed). Approving a plugin is a deliberate human action via the `projscan plugin trust <name>` CLI — it is intentionally not exposed here. Use action:"list" to see what is discoverable and whether it would run, action:"validate" to check a manifest before committing it.',
|
|
15
16
|
inputSchema: {
|
|
16
17
|
type: 'object',
|
|
17
18
|
properties: {
|
|
@@ -31,25 +32,32 @@ export const pluginTool = {
|
|
|
31
32
|
switch (action) {
|
|
32
33
|
case 'list': {
|
|
33
34
|
const entries = await discoverPluginManifests(rootPath);
|
|
35
|
+
const plugins = await Promise.all(entries.map(async (e) => {
|
|
36
|
+
if (!e.manifest) {
|
|
37
|
+
return { manifestPath: e.manifestPath, ok: false, error: e.error, diagnostic: e.diagnostic };
|
|
38
|
+
}
|
|
39
|
+
const modulePath = path.resolve(path.dirname(e.manifestPath), e.manifest.module);
|
|
40
|
+
const trust = await getPluginTrustStatus(modulePath);
|
|
41
|
+
return {
|
|
42
|
+
manifestPath: e.manifestPath,
|
|
43
|
+
ok: true,
|
|
44
|
+
name: e.manifest.name,
|
|
45
|
+
kind: e.manifest.kind,
|
|
46
|
+
module: e.manifest.module,
|
|
47
|
+
...(e.manifest.kind === 'analyzer'
|
|
48
|
+
? { category: e.manifest.category }
|
|
49
|
+
: { commands: e.manifest.commands }),
|
|
50
|
+
description: e.manifest.description,
|
|
51
|
+
// Whether this module would actually execute: even with the
|
|
52
|
+
// preview flag on, an untrusted/changed module is skipped.
|
|
53
|
+
trust: trust.status,
|
|
54
|
+
};
|
|
55
|
+
}));
|
|
34
56
|
return {
|
|
35
57
|
enabled: pluginsEnabled(),
|
|
36
58
|
envFlag: PLUGIN_PREVIEW_FLAG,
|
|
37
59
|
count: entries.length,
|
|
38
|
-
plugins
|
|
39
|
-
manifestPath: e.manifestPath,
|
|
40
|
-
ok: e.manifest !== null,
|
|
41
|
-
...(e.manifest
|
|
42
|
-
? {
|
|
43
|
-
name: e.manifest.name,
|
|
44
|
-
kind: e.manifest.kind,
|
|
45
|
-
module: e.manifest.module,
|
|
46
|
-
...(e.manifest.kind === 'analyzer'
|
|
47
|
-
? { category: e.manifest.category }
|
|
48
|
-
: { commands: e.manifest.commands }),
|
|
49
|
-
description: e.manifest.description,
|
|
50
|
-
}
|
|
51
|
-
: { error: e.error, diagnostic: e.diagnostic }),
|
|
52
|
-
})),
|
|
60
|
+
plugins,
|
|
53
61
|
};
|
|
54
62
|
}
|
|
55
63
|
case 'validate': {
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../../../src/mcp/tools/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,UAAU,EACV,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,EACvB,cAAc,EACd,sBAAsB,GACvB,MAAM,uBAAuB,CAAC;
|
|
1
|
+
{"version":3,"file":"plugin.js","sourceRoot":"","sources":["../../../src/mcp/tools/plugin.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,MAAM,kBAAkB,CAAC;AAClC,OAAO,IAAI,MAAM,WAAW,CAAC;AAE7B,OAAO,EACL,UAAU,EACV,mBAAmB,EACnB,mBAAmB,EACnB,uBAAuB,EACvB,cAAc,EACd,sBAAsB,GACvB,MAAM,uBAAuB,CAAC;AAC/B,OAAO,EAAE,oBAAoB,EAAE,MAAM,2BAA2B,CAAC;AAEjE;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,UAAU,GAAY;IACjC,IAAI,EAAE,iBAAiB;IACvB,WAAW,EACT,2iBAA2iB;IAC7iB,WAAW,EAAE;QACX,IAAI,EAAE,QAAQ;QACd,UAAU,EAAE;YACV,MAAM,EAAE;gBACN,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;gBAC1B,WAAW,EACT,qJAAqJ;aACxJ;YACD,aAAa,EAAE;gBACb,IAAI,EAAE,QAAQ;gBACd,WAAW,EAAE,iGAAiG;aAC/G;SACF;KACF;IACD,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,QAAQ,EAAE,EAAE;QAChC,MAAM,MAAM,GAAG,OAAO,IAAI,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,CAAC,MAAM,CAAC;QACtE,QAAQ,MAAM,EAAE,CAAC;YACf,KAAK,MAAM,CAAC,CAAC,CAAC;gBACZ,MAAM,OAAO,GAAG,MAAM,uBAAuB,CAAC,QAAQ,CAAC,CAAC;gBACxD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAC/B,OAAO,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;oBACtB,IAAI,CAAC,CAAC,CAAC,QAAQ,EAAE,CAAC;wBAChB,OAAO,EAAE,YAAY,EAAE,CAAC,CAAC,YAAY,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC,UAAU,EAAE,CAAC;oBAC/F,CAAC;oBACD,MAAM,UAAU,GAAG,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;oBACjF,MAAM,KAAK,GAAG,MAAM,oBAAoB,CAAC,UAAU,CAAC,CAAC;oBACrD,OAAO;wBACL,YAAY,EAAE,CAAC,CAAC,YAAY;wBAC5B,EAAE,EAAE,IAAI;wBACR,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;wBACrB,IAAI,EAAE,CAAC,CAAC,QAAQ,CAAC,IAAI;wBACrB,MAAM,EAAE,CAAC,CAAC,QAAQ,CAAC,MAAM;wBACzB,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,KAAK,UAAU;4BAChC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;4BACnC,CAAC,CAAC,EAAE,QAAQ,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC;wBACtC,WAAW,EAAE,CAAC,CAAC,QAAQ,CAAC,WAAW;wBACnC,4DAA4D;wBAC5D,2DAA2D;wBAC3D,KAAK,EAAE,KAAK,CAAC,MAAM;qBACpB,CAAC;gBACJ,CAAC,CAAC,CACH,CAAC;gBACF,OAAO;oBACL,OAAO,EAAE,cAAc,EAAE;oBACzB,OAAO,EAAE,mBAAmB;oBAC5B,KAAK,EAAE,OAAO,CAAC,MAAM;oBACrB,OAAO;iBACR,CAAC;YACJ,CAAC;YACD,KAAK,UAAU,CAAC,CAAC,CAAC;gBAChB,MAAM,CAAC,GAAG,OAAO,IAAI,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC3E,IAAI,CAAC,CAAC;oBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAC;gBAC/E,MAAM,QAAQ,GAAG,MAAM,sBAAsB,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;gBAC3D,IAAI,CAAC,QAAQ,CAAC,EAAE;oBAAE,OAAO,QAAQ,CAAC,OAAO,CAAC;gBAC1C,MAAM,MAAM,GAAG,MAAM,sBAAsB,CAAC,QAAQ,CAAC,YAAY,CAAC,CAAC;gBACnE,OAAO,MAAM,CAAC,EAAE;oBACd,CAAC,CAAC,EAAE,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,MAAM,CAAC,QAAQ,EAAE;oBACzC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC,UAAU,EAAE,CAAC;YACzE,CAAC;YACD;gBACE,MAAM,IAAI,KAAK,CAAC,mBAAmB,MAAM,2BAA2B,CAAC,CAAC;QAC1E,CAAC;IACH,CAAC;CACF,CAAC;AAOF,KAAK,UAAU,sBAAsB,CAAC,QAAgB,EAAE,SAAiB;IACvE,IAAI,IAAI,CAAC,UAAU,CAAC,SAAS,CAAC,EAAE,CAAC;QAC/B,OAAO,mBAAmB,CAAC,oDAAoD,CAAC,CAAC;IACnF,CAAC;IACD,IAAI,SAAS,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,KAAK,IAAI,CAAC,EAAE,CAAC;QACjE,OAAO,mBAAmB,CAAC,mDAAmD,CAAC,CAAC;IAClF,CAAC;IACD,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,mBAAmB,CAAC,EAAE,CAAC;QAC7C,OAAO,mBAAmB,CAAC,+BAA+B,mBAAmB,EAAE,CAAC,CAAC;IACnF,CAAC;IAED,MAAM,QAAQ,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC;IACjF,MAAM,SAAS,GAAG,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,UAAU,CAAC,CAAC;IAClD,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC1E,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,SAAS,CAAC,CAAC;IACpD,IAAI,CAAC,iBAAiB,CAAC,SAAS,EAAE,aAAa,CAAC,EAAE,CAAC;QACjD,OAAO,mBAAmB,CAAC,iCAAiC,UAAU,GAAG,CAAC,CAAC;IAC7E,CAAC;IAED,MAAM,aAAa,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,SAAS,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;IAC1E,IAAI,CAAC,iBAAiB,CAAC,aAAa,EAAE,aAAa,CAAC,EAAE,CAAC;QACrD,OAAO,mBAAmB,CAAC,oCAAoC,UAAU,GAAG,CAAC,CAAC;IAChF,CAAC;IACD,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,YAAY,EAAE,aAAa,EAAE,CAAC;AACnD,CAAC;AAED,SAAS,iBAAiB,CAAC,SAAiB,EAAE,SAAiB;IAC7D,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,SAAS,EAAE,SAAS,CAAC,CAAC;IACrD,OAAO,QAAQ,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;AACzF,CAAC;AAED,SAAS,mBAAmB,CAAC,OAAe;IAC1C,OAAO;QACL,EAAE,EAAE,KAAK;QACT,OAAO,EAAE;YACP,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,OAAO;YACd,UAAU,EAAE;gBACV,IAAI,EAAE,uBAAuB;gBAC7B,OAAO;gBACP,IAAI,EAAE,mBAAmB,UAAU,UAAU,mBAAmB,GAAG;aACpE;SACF;KACF,CAAC;AACJ,CAAC"}
|
|
@@ -1,23 +1,23 @@
|
|
|
1
1
|
{
|
|
2
2
|
"bomFormat": "CycloneDX",
|
|
3
3
|
"specVersion": "1.5",
|
|
4
|
-
"serialNumber": "urn:uuid:
|
|
4
|
+
"serialNumber": "urn:uuid:184f4802-bc14-4e4d-b946-67837b3471f9",
|
|
5
5
|
"version": 1,
|
|
6
6
|
"metadata": {
|
|
7
|
-
"timestamp": "2026-06-
|
|
7
|
+
"timestamp": "2026-06-04T20:31:38.986Z",
|
|
8
8
|
"tools": [
|
|
9
9
|
{
|
|
10
10
|
"vendor": "projscan",
|
|
11
11
|
"name": "projscan-sbom-generator",
|
|
12
|
-
"version": "3.
|
|
12
|
+
"version": "3.5.0"
|
|
13
13
|
}
|
|
14
14
|
],
|
|
15
15
|
"component": {
|
|
16
16
|
"type": "application",
|
|
17
|
-
"bom-ref": "pkg:npm/projscan@3.
|
|
17
|
+
"bom-ref": "pkg:npm/projscan@3.5.0",
|
|
18
18
|
"name": "projscan",
|
|
19
|
-
"version": "3.
|
|
20
|
-
"purl": "pkg:npm/projscan@3.
|
|
19
|
+
"version": "3.5.0",
|
|
20
|
+
"purl": "pkg:npm/projscan@3.5.0"
|
|
21
21
|
}
|
|
22
22
|
},
|
|
23
23
|
"components": [
|
package/dist/tool-manifest.json
CHANGED
|
@@ -1,8 +1,8 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "projscan",
|
|
3
|
-
"version": "3.
|
|
3
|
+
"version": "3.5.0",
|
|
4
4
|
"mcpProtocolVersion": "2025-03-26",
|
|
5
|
-
"generatedAt": "2026-06-
|
|
5
|
+
"generatedAt": "2026-06-04T20:31:44.986Z",
|
|
6
6
|
"toolCount": 41,
|
|
7
7
|
"tools": [
|
|
8
8
|
{
|
|
@@ -778,7 +778,7 @@
|
|
|
778
778
|
},
|
|
779
779
|
{
|
|
780
780
|
"name": "projscan_plugin",
|
|
781
|
-
"description": "Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag
|
|
781
|
+
"description": "Discover and validate stable local analyzer and reporter plugins under .projscan-plugins/. Execution is opt-in via the PROJSCAN_PLUGINS_PREVIEW=1 env flag AND each module must be approved with trust-on-first-use; the list reports a per-plugin `trust` status (trusted / untrusted / changed). Approving a plugin is a deliberate human action via the `projscan plugin trust <name>` CLI — it is intentionally not exposed here. Use action:\"list\" to see what is discoverable and whether it would run, action:\"validate\" to check a manifest before committing it.",
|
|
782
782
|
"inputSchema": {
|
|
783
783
|
"type": "object",
|
|
784
784
|
"properties": {
|
|
@@ -48,6 +48,8 @@ export declare const COMMAND_FORMAT_SUPPORT: {
|
|
|
48
48
|
readonly 'plugin validate': readonly ["console", "json"];
|
|
49
49
|
readonly 'plugin init': readonly ["console", "json"];
|
|
50
50
|
readonly 'plugin test': readonly ["console", "json"];
|
|
51
|
+
readonly 'plugin trust': readonly ["console", "json"];
|
|
52
|
+
readonly 'plugin untrust': readonly ["console", "json"];
|
|
51
53
|
readonly preflight: readonly ["console", "json"];
|
|
52
54
|
readonly 'privacy-check': readonly ["console", "json"];
|
|
53
55
|
readonly 'pr-diff': readonly ["console", "json", "markdown", "html"];
|
|
@@ -47,6 +47,8 @@ export const COMMAND_FORMAT_SUPPORT = {
|
|
|
47
47
|
'plugin validate': ['console', 'json'],
|
|
48
48
|
'plugin init': ['console', 'json'],
|
|
49
49
|
'plugin test': ['console', 'json'],
|
|
50
|
+
'plugin trust': ['console', 'json'],
|
|
51
|
+
'plugin untrust': ['console', 'json'],
|
|
50
52
|
preflight: ['console', 'json'],
|
|
51
53
|
'privacy-check': ['console', 'json'],
|
|
52
54
|
'pr-diff': ['console', 'json', 'markdown', 'html'],
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"formatSupport.js","sourceRoot":"","sources":["../../src/utils/formatSupport.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAA4C,CAAC;AAE1H,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACzD,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC/C,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC7C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACxD,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC9C,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,oBAAoB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,cAAc,EAAE,CAAC,SAAS,CAAC;IAC3B,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAClD,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAClD,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,kBAAkB,EAAE,CAAC,SAAS,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;CAC6B,CAAC;AAI7D,MAAM,UAAU,UAAU,CAAC,UAAmC,cAAc;IAC1E,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,WAAmB;IACzD,OAAQ,sBAAkE,CAAC,WAAW,CAAC,CAAC;AAC1F,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,EAAE,OAA4B;QACrC,OAAO;KACR,CAAC,CAAC,CAAC;AACN,CAAC"}
|
|
1
|
+
{"version":3,"file":"formatSupport.js","sourceRoot":"","sources":["../../src/utils/formatSupport.ts"],"names":[],"mappings":"AAEA,MAAM,CAAC,MAAM,cAAc,GAAG,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAA4C,CAAC;AAE1H,MAAM,CAAC,MAAM,sBAAsB,GAAG;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACzD,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC/C,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,EAAE,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAC5C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC7C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,MAAM,CAAC;IACxD,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC7B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAChD,IAAI,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACrC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC9C,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IACjD,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,IAAI,EAAE,CAAC,SAAS,CAAC;IACjB,oBAAoB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACzC,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,WAAW,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAChC,cAAc,EAAE,CAAC,SAAS,CAAC;IAC3B,GAAG,EAAE,CAAC,SAAS,CAAC;IAChB,YAAY,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACjC,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC3B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,CAAC;IAClD,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,aAAa,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAClC,cAAc,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACnC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAClD,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,EAAE,MAAM,CAAC;IAC/C,MAAM,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACvC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC5B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,iBAAiB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACtC,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACpC,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC1C,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,KAAK,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC1B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC/B,SAAS,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IAC9B,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,kBAAkB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACvC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,mBAAmB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACxC,OAAO,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IACxC,KAAK,EAAE,CAAC,SAAS,CAAC;IAClB,gBAAgB,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;IACrC,eAAe,EAAE,CAAC,SAAS,CAAC;IAC5B,kBAAkB,EAAE,CAAC,SAAS,CAAC;IAC/B,UAAU,EAAE,CAAC,SAAS,EAAE,MAAM,EAAE,UAAU,CAAC;IAC3C,QAAQ,EAAE,CAAC,SAAS,EAAE,MAAM,CAAC;CAC6B,CAAC;AAI7D,MAAM,UAAU,UAAU,CAAC,UAAmC,cAAc;IAC1E,OAAO,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC5B,CAAC;AAED,MAAM,UAAU,uBAAuB,CAAC,WAAmB;IACzD,OAAQ,sBAAkE,CAAC,WAAW,CAAC,CAAC;AAC1F,CAAC;AAED,MAAM,UAAU,iBAAiB;IAC/B,OAAO,MAAM,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC,CAAC;QACzE,OAAO,EAAE,OAA4B;QACrC,OAAO;KACR,CAAC,CAAC,CAAC;AACN,CAAC"}
|
package/docs/PLUGIN-AUTHORING.md
CHANGED
|
@@ -1,12 +1,24 @@
|
|
|
1
1
|
# Plugin Authoring
|
|
2
2
|
|
|
3
3
|
projscan 2.0 stabilizes the local analyzer and reporter plugin contract.
|
|
4
|
-
Plugin execution is
|
|
5
|
-
must explicitly trust local plugin code before it runs.
|
|
4
|
+
Plugin execution is gated by two independent controls:
|
|
6
5
|
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
projscan
|
|
6
|
+
1. **Opt-in flag** — set `PROJSCAN_PLUGINS_PREVIEW=1` to enable the plugin system at all.
|
|
7
|
+
2. **Trust-on-first-use** — even with the flag on, each plugin **module** must be
|
|
8
|
+
explicitly approved with `projscan plugin trust <name>` before projscan will
|
|
9
|
+
execute it. Approval pins the module's SHA-256; if the file later changes, it
|
|
10
|
+
reverts to untrusted and must be re-approved. Untrusted plugins are discovered
|
|
11
|
+
and listed but never run.
|
|
12
|
+
|
|
13
|
+
This means setting the flag globally (e.g. in your shell profile) can't silently
|
|
14
|
+
execute attacker-authored code from a repository you happen to scan — you still
|
|
15
|
+
have to approve each module once. The trust store lives in your user config
|
|
16
|
+
directory (`$XDG_CONFIG_HOME/projscan` or `~/.config/projscan`,
|
|
17
|
+
overridable with `PROJSCAN_PLUGIN_TRUST_HOME`), never inside the scanned repo.
|
|
18
|
+
|
|
19
|
+
Plugins are local code. Approving one means you trust that code in the repository,
|
|
20
|
+
the same way you trust project scripts in `package.json`. projscan does not fetch
|
|
21
|
+
remote plugin code.
|
|
10
22
|
|
|
11
23
|
## Layout
|
|
12
24
|
|
|
@@ -208,11 +220,28 @@ projscan plugin list --format json
|
|
|
208
220
|
```
|
|
209
221
|
|
|
210
222
|
The list command discovers manifests whether or not execution is enabled. It
|
|
211
|
-
shows `enabled:false` until the opt-in flag is set
|
|
223
|
+
shows `enabled:false` until the opt-in flag is set, and a per-plugin `trust`
|
|
224
|
+
status (`trusted` / `untrusted` / `changed`) so you can see what would actually run.
|
|
225
|
+
|
|
226
|
+
## Trust
|
|
227
|
+
|
|
228
|
+
Approve a plugin's current module bytes before it can execute:
|
|
229
|
+
|
|
230
|
+
```sh
|
|
231
|
+
projscan plugin trust policy # approve one plugin by name
|
|
232
|
+
projscan plugin trust --all # approve every valid discovered plugin
|
|
233
|
+
projscan plugin untrust policy # revoke approval
|
|
234
|
+
```
|
|
235
|
+
|
|
236
|
+
Trust is intentionally a human CLI action — it is not exposed over the MCP server,
|
|
237
|
+
so an agent can't approve a plugin on your behalf.
|
|
212
238
|
|
|
213
239
|
## Enable
|
|
214
240
|
|
|
241
|
+
Enabling requires both the opt-in flag and a trusted module:
|
|
242
|
+
|
|
215
243
|
```sh
|
|
244
|
+
projscan plugin trust --all
|
|
216
245
|
PROJSCAN_PLUGINS_PREVIEW=1 projscan doctor
|
|
217
246
|
PROJSCAN_PLUGINS_PREVIEW=1 projscan ci
|
|
218
247
|
PROJSCAN_PLUGINS_PREVIEW=1 projscan analyze
|
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "projscan",
|
|
3
3
|
"mcpName": "io.github.abhiyoheswaran1/projscan",
|
|
4
|
-
"version": "3.
|
|
4
|
+
"version": "3.5.0",
|
|
5
5
|
"description": "Agent-first code intelligence. MCP server (2025-03-26) with AST parsing for JavaScript, TypeScript, Python, Go, Java, Ruby, Rust, PHP, C#, Kotlin, Swift, and C++; repo understanding maps (projscan_understand), stable v3 semantic graph (projscan_semantic_graph), dataflow risk engine with bridge-helper detection (projscan_dataflow), code graph, file + per-function AST cyclomatic complexity, per-function fan-in + fan-out, coupling + cycle detection, structural PR diff with HTML reporter, coverage report with HTML reporter, intent-grounded one-call PR review (projscan_review with optional `intent` arg, new taint flows, contract changes, and newDataflowRisks) and long-running PR-watch mode with structured per-bucket deltas (projscan_review_watch), first-60-seconds workflow orientation (projscan_start), agent workplans (projscan_workplan), bug-hunt queues (projscan_bug_hunt), product-line planning (projscan_release_train), evidence packs (projscan_evidence_pack), regression planning (projscan_regression_plan), agent briefs (projscan_agent_brief), quality scorecards (projscan_quality_scorecard), and preflight with supply-chain IOC evidence, rule-driven fix suggestions + mechanical apply layer with rollback (projscan_apply_fix, projscan_fix_suggest, projscan_explain_issue), source-to-sink taint analysis (projscan_taint) with truncation reporting, transitive blast-radius analysis with cross-repo mode (projscan_impact for files and symbols), cross-repo workspace registration + intelligence (projscan_workspace_graph), per-function semantic search chunks (sub-file embeddings), per-rule confidence + severity drift + cost-summary analytics with live streaming (projscan_cost_summary), stable local analyzer + reporter plugin API (projscan_plugin, CLI --reporter, opt-in via PROJSCAN_PLUGINS_PREVIEW=1), monorepo workspace awareness with cross-package import policy + per-package dependencies / outdated / audit, BM25 + optional semantic search, cursor pagination, progress notifications, context-budgeted output, and a stable-surface CI guard. CLI on the side.",
|
|
6
6
|
"type": "module",
|
|
7
7
|
"main": "./dist/index.js",
|