prscan 1.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.vscode/launch.json +14 -0
- package/README.MD +32 -0
- package/dist/bot/lark.d.ts +2 -0
- package/dist/bot/lark.d.ts.map +1 -0
- package/dist/bot/lark.js +156 -0
- package/dist/bot/lark.js.map +1 -0
- package/dist/cli/cli.d.ts +2 -0
- package/dist/cli/cli.d.ts.map +1 -0
- package/dist/cli/cli.js +77 -0
- package/dist/cli/cli.js.map +1 -0
- package/dist/index.d.ts +2 -0
- package/dist/index.d.ts.map +1 -0
- package/dist/index.js +46 -0
- package/dist/index.js.map +1 -0
- package/dist/report/index.d.ts +7 -0
- package/dist/report/index.d.ts.map +1 -0
- package/dist/report/index.js +45 -0
- package/dist/report/index.js.map +1 -0
- package/dist/tool/prscan.d.ts +72 -0
- package/dist/tool/prscan.d.ts.map +1 -0
- package/dist/tool/prscan.js +477 -0
- package/dist/tool/prscan.js.map +1 -0
- package/dist/util/analyze.d.ts +4 -0
- package/dist/util/analyze.d.ts.map +1 -0
- package/dist/util/analyze.js +213 -0
- package/dist/util/analyze.js.map +1 -0
- package/dist/util/archive.d.ts +34 -0
- package/dist/util/archive.d.ts.map +1 -0
- package/dist/util/archive.js +110 -0
- package/dist/util/archive.js.map +1 -0
- package/dist/util/memory-archive.d.ts +37 -0
- package/dist/util/memory-archive.d.ts.map +1 -0
- package/dist/util/memory-archive.js +128 -0
- package/dist/util/memory-archive.js.map +1 -0
- package/dist/util/npm.d.ts +46 -0
- package/dist/util/npm.d.ts.map +1 -0
- package/dist/util/npm.js +35 -0
- package/dist/util/npm.js.map +1 -0
- package/dist/util/parse.d.ts +18 -0
- package/dist/util/parse.d.ts.map +1 -0
- package/dist/util/parse.js +92 -0
- package/dist/util/parse.js.map +1 -0
- package/dist/util/proxy.d.ts +45 -0
- package/dist/util/proxy.d.ts.map +1 -0
- package/dist/util/proxy.js +143 -0
- package/dist/util/proxy.js.map +1 -0
- package/dist/util/repo.d.ts +103 -0
- package/dist/util/repo.d.ts.map +1 -0
- package/dist/util/repo.js +170 -0
- package/dist/util/repo.js.map +1 -0
- package/package.json +35 -0
- package/report.png +0 -0
- package/src/bot/lark.ts +184 -0
- package/src/cli/cli.ts +80 -0
- package/src/index.ts +67 -0
- package/src/report/index.ts +50 -0
- package/src/tool/prscan.ts +634 -0
- package/src/util/analyze.ts +248 -0
- package/src/util/memory-archive.ts +184 -0
- package/src/util/npm.ts +100 -0
- package/src/util/parse.ts +103 -0
- package/src/util/repo.ts +224 -0
- package/tsconfig.json +43 -0
|
@@ -0,0 +1,477 @@
|
|
|
1
|
+
import { analyzeGlobals } from "../util/analyze.js";
|
|
2
|
+
import { getNpmPackageDownloadStats, getNpmPackageInfo, } from "../util/npm.js";
|
|
3
|
+
import { YarnLockParser, PnpmLockParser } from "../util/parse.js";
|
|
4
|
+
import { GitHubRepo } from "../util/repo.js";
|
|
5
|
+
import semver from "semver";
|
|
6
|
+
import { parse } from "@babel/parser";
|
|
7
|
+
import { extractTarGzFromBuffer } from "../util/memory-archive.js";
|
|
8
|
+
import got from "got";
|
|
9
|
+
export class BaseRisk {
|
|
10
|
+
package;
|
|
11
|
+
info;
|
|
12
|
+
constructor(pkg, info) {
|
|
13
|
+
this.package = pkg;
|
|
14
|
+
this.info = info;
|
|
15
|
+
}
|
|
16
|
+
}
|
|
17
|
+
export class VersionRisk extends BaseRisk {
|
|
18
|
+
desc = "使用了最新或最近发布的版本";
|
|
19
|
+
level = "low";
|
|
20
|
+
static build(pkg, version) {
|
|
21
|
+
const latestVersion = pkg.package["dist-tags"].latest;
|
|
22
|
+
if (semver.eq(version, latestVersion)) {
|
|
23
|
+
const publishedTime = pkg.package.time[latestVersion];
|
|
24
|
+
if (publishedTime) {
|
|
25
|
+
const isRecent = Date.now() - new Date(publishedTime).getTime() <
|
|
26
|
+
1000 * 60 * 60 * 24 * 30; // 30天
|
|
27
|
+
if (isRecent) {
|
|
28
|
+
return new VersionRisk(pkg, `${pkg.package.name} 使用了最新版本: ${version}, 且该版本为30天内发布`);
|
|
29
|
+
}
|
|
30
|
+
}
|
|
31
|
+
}
|
|
32
|
+
// if (version in pkg.package.time) {
|
|
33
|
+
// const publishedTime = pkg.package.time[version];
|
|
34
|
+
// if (publishedTime) {
|
|
35
|
+
// const isRecent =
|
|
36
|
+
// Date.now() - new Date(publishedTime).getTime() <
|
|
37
|
+
// 1000 * 60 * 60 * 24 * 30; // 30天
|
|
38
|
+
// if (isRecent) {
|
|
39
|
+
// return new VersionRisk(
|
|
40
|
+
// pkg,
|
|
41
|
+
// `${pkg.package.name} 使用了30天内发布的版本: ${version}`
|
|
42
|
+
// );
|
|
43
|
+
// }
|
|
44
|
+
// }
|
|
45
|
+
// }
|
|
46
|
+
return null;
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
export class NotWidelyUsedRisk extends BaseRisk {
|
|
50
|
+
desc = "使用了不常用的NPM包";
|
|
51
|
+
level = "medium";
|
|
52
|
+
static build(pkg) {
|
|
53
|
+
if (pkg.downloadInfo.downloads < 10000) {
|
|
54
|
+
return new NotWidelyUsedRisk(pkg, `${pkg.package.name}在${pkg.downloadInfo.start} - ${pkg.downloadInfo.end}期间下载量仅有 ${pkg.downloadInfo.downloads} 次`);
|
|
55
|
+
}
|
|
56
|
+
return null;
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
export class RiskyGlobalUsageRisk extends BaseRisk {
|
|
60
|
+
desc = "使用了危险的全局变量";
|
|
61
|
+
level = "high";
|
|
62
|
+
globals;
|
|
63
|
+
constructor(pkg, info, globals) {
|
|
64
|
+
super(pkg, info);
|
|
65
|
+
this.globals = globals;
|
|
66
|
+
}
|
|
67
|
+
static build(pkg, globals) {
|
|
68
|
+
const records = Object.create(null);
|
|
69
|
+
const networkGlobals = [
|
|
70
|
+
"fetch",
|
|
71
|
+
"XMLHttpRequest",
|
|
72
|
+
"ActiveXObject",
|
|
73
|
+
"WebSocket",
|
|
74
|
+
"EventSource",
|
|
75
|
+
"navigator",
|
|
76
|
+
"Image",
|
|
77
|
+
"Script",
|
|
78
|
+
];
|
|
79
|
+
const domGlobals = ["document", "window", "addEventListener"];
|
|
80
|
+
const domCallbacks = [
|
|
81
|
+
"onsearch",
|
|
82
|
+
"onappinstalled",
|
|
83
|
+
"onbeforeinstallprompt",
|
|
84
|
+
"onbeforexrselect",
|
|
85
|
+
"onabort",
|
|
86
|
+
"onbeforeinput",
|
|
87
|
+
"onbeforematch",
|
|
88
|
+
"onbeforetoggle",
|
|
89
|
+
"onblur",
|
|
90
|
+
"oncancel",
|
|
91
|
+
"oncanplay",
|
|
92
|
+
"oncanplaythrough",
|
|
93
|
+
"onchange",
|
|
94
|
+
"onclick",
|
|
95
|
+
"onclose",
|
|
96
|
+
"oncommand",
|
|
97
|
+
"oncontentvisibilityautostatechange",
|
|
98
|
+
"oncontextlost",
|
|
99
|
+
"oncontextmenu",
|
|
100
|
+
"oncontextrestored",
|
|
101
|
+
"oncuechange",
|
|
102
|
+
"ondblclick",
|
|
103
|
+
"ondrag",
|
|
104
|
+
"ondragend",
|
|
105
|
+
"ondragenter",
|
|
106
|
+
"ondragleave",
|
|
107
|
+
"ondragover",
|
|
108
|
+
"ondragstart",
|
|
109
|
+
"ondrop",
|
|
110
|
+
"ondurationchange",
|
|
111
|
+
"onemptied",
|
|
112
|
+
"onended",
|
|
113
|
+
"onerror",
|
|
114
|
+
"onfocus",
|
|
115
|
+
"onformdata",
|
|
116
|
+
"oninput",
|
|
117
|
+
"oninvalid",
|
|
118
|
+
"onkeydown",
|
|
119
|
+
"onkeypress",
|
|
120
|
+
"onkeyup",
|
|
121
|
+
"onload",
|
|
122
|
+
"onloadeddata",
|
|
123
|
+
"onloadedmetadata",
|
|
124
|
+
"onloadstart",
|
|
125
|
+
"onmousedown",
|
|
126
|
+
"onmouseenter",
|
|
127
|
+
"onmouseleave",
|
|
128
|
+
"onmousemove",
|
|
129
|
+
"onmouseout",
|
|
130
|
+
"onmouseover",
|
|
131
|
+
"onmouseup",
|
|
132
|
+
"onmousewheel",
|
|
133
|
+
"onpause",
|
|
134
|
+
"onplay",
|
|
135
|
+
"onplaying",
|
|
136
|
+
"onprogress",
|
|
137
|
+
"onratechange",
|
|
138
|
+
"onreset",
|
|
139
|
+
"onresize",
|
|
140
|
+
"onscroll",
|
|
141
|
+
"onscrollend",
|
|
142
|
+
"onsecuritypolicyviolation",
|
|
143
|
+
"onseeked",
|
|
144
|
+
"onseeking",
|
|
145
|
+
"onselect",
|
|
146
|
+
"onslotchange",
|
|
147
|
+
"onstalled",
|
|
148
|
+
"onsubmit",
|
|
149
|
+
"onsuspend",
|
|
150
|
+
"ontimeupdate",
|
|
151
|
+
"ontoggle",
|
|
152
|
+
"onvolumechange",
|
|
153
|
+
"onwaiting",
|
|
154
|
+
"onwebkitanimationend",
|
|
155
|
+
"onwebkitanimationiteration",
|
|
156
|
+
"onwebkitanimationstart",
|
|
157
|
+
"onwebkittransitionend",
|
|
158
|
+
"onwheel",
|
|
159
|
+
"onauxclick",
|
|
160
|
+
"ongotpointercapture",
|
|
161
|
+
"onlostpointercapture",
|
|
162
|
+
"onpointerdown",
|
|
163
|
+
"onpointermove",
|
|
164
|
+
"onpointerrawupdate",
|
|
165
|
+
"onpointerup",
|
|
166
|
+
"onpointercancel",
|
|
167
|
+
"onpointerover",
|
|
168
|
+
"onpointerout",
|
|
169
|
+
"onpointerenter",
|
|
170
|
+
"onpointerleave",
|
|
171
|
+
"onselectstart",
|
|
172
|
+
"onselectionchange",
|
|
173
|
+
"onanimationend",
|
|
174
|
+
"onanimationiteration",
|
|
175
|
+
"onanimationstart",
|
|
176
|
+
"ontransitionrun",
|
|
177
|
+
"ontransitionstart",
|
|
178
|
+
"ontransitionend",
|
|
179
|
+
"ontransitioncancel",
|
|
180
|
+
"onafterprint",
|
|
181
|
+
"onbeforeprint",
|
|
182
|
+
"onbeforeunload",
|
|
183
|
+
"onhashchange",
|
|
184
|
+
"onlanguagechange",
|
|
185
|
+
"onmessage",
|
|
186
|
+
"onmessageerror",
|
|
187
|
+
"onoffline",
|
|
188
|
+
"ononline",
|
|
189
|
+
"onpagehide",
|
|
190
|
+
"onpageshow",
|
|
191
|
+
"onpopstate",
|
|
192
|
+
"onrejectionhandled",
|
|
193
|
+
"onstorage",
|
|
194
|
+
"onunhandledrejection",
|
|
195
|
+
"onunload",
|
|
196
|
+
"ondevicemotion",
|
|
197
|
+
"ondeviceorientation",
|
|
198
|
+
"ondeviceorientationabsolute",
|
|
199
|
+
"onpageswap",
|
|
200
|
+
"onpagereveal",
|
|
201
|
+
"onscrollsnapchange",
|
|
202
|
+
"onscrollsnapchanging",
|
|
203
|
+
];
|
|
204
|
+
const codeExecGlobals = ["eval"];
|
|
205
|
+
const localStorageGlobals = [
|
|
206
|
+
"localStorage",
|
|
207
|
+
"sessionStorage",
|
|
208
|
+
"IndexedDB",
|
|
209
|
+
"cookies",
|
|
210
|
+
];
|
|
211
|
+
for (const [g, perm] of Object.entries(globals)) {
|
|
212
|
+
if (networkGlobals.includes(g)) {
|
|
213
|
+
records[g] = {
|
|
214
|
+
perm,
|
|
215
|
+
type: "网络请求",
|
|
216
|
+
desc: "发起网络请求, 可能包含恶意行为",
|
|
217
|
+
};
|
|
218
|
+
}
|
|
219
|
+
else if (domGlobals.includes(g) ||
|
|
220
|
+
(domCallbacks.includes(g) && perm === "rw")) {
|
|
221
|
+
records[g] = {
|
|
222
|
+
perm,
|
|
223
|
+
type: "操作DOM",
|
|
224
|
+
desc: "可能读取用户助记词等敏感信息",
|
|
225
|
+
};
|
|
226
|
+
}
|
|
227
|
+
else if (codeExecGlobals.includes(g)) {
|
|
228
|
+
records[g] = {
|
|
229
|
+
perm,
|
|
230
|
+
type: "动态执行代码",
|
|
231
|
+
desc: "可能会执行恶意代码",
|
|
232
|
+
};
|
|
233
|
+
}
|
|
234
|
+
else if (localStorageGlobals.includes(g)) {
|
|
235
|
+
records[g] = {
|
|
236
|
+
perm,
|
|
237
|
+
type: "读取本地储存",
|
|
238
|
+
desc: "可能会读取用户的本地储存数据",
|
|
239
|
+
};
|
|
240
|
+
}
|
|
241
|
+
else if (g === "chrome") {
|
|
242
|
+
records[g] = {
|
|
243
|
+
perm,
|
|
244
|
+
type: "访问chrome扩展API",
|
|
245
|
+
desc: "访问chrome扩展API",
|
|
246
|
+
};
|
|
247
|
+
}
|
|
248
|
+
}
|
|
249
|
+
if (Object.keys(records).length === 0) {
|
|
250
|
+
return null;
|
|
251
|
+
}
|
|
252
|
+
let info = "";
|
|
253
|
+
for (const [g, { perm, type, desc }] of Object.entries(records)) {
|
|
254
|
+
info += `- ${perm === "r" ? "访问" : "读写"} ${g} (${type}): ${desc}\n`;
|
|
255
|
+
}
|
|
256
|
+
return new RiskyGlobalUsageRisk(pkg, info.trim(), records);
|
|
257
|
+
}
|
|
258
|
+
}
|
|
259
|
+
export class ObfuscationRisk extends BaseRisk {
|
|
260
|
+
desc = "代码经过混淆";
|
|
261
|
+
level = "medium";
|
|
262
|
+
static build(pkg, files) {
|
|
263
|
+
let hit = false;
|
|
264
|
+
let info = "";
|
|
265
|
+
// 被混淆过的代码有如下特征
|
|
266
|
+
// 1. 包含特定混淆关键字,如 while(!![]), +-parseInt(
|
|
267
|
+
// 2. 包含典型混淆变量名,如 _0xabc123
|
|
268
|
+
const obfsKeywords = ["while(!![])", "+-parseInt("];
|
|
269
|
+
const obfsIdentifier = /_0x[0-9a-fA-F]{6}/;
|
|
270
|
+
for (const [file, content] of Object.entries(files)) {
|
|
271
|
+
if (obfsKeywords.some((kw) => content.includes(kw))) {
|
|
272
|
+
hit = true;
|
|
273
|
+
}
|
|
274
|
+
else if (obfsIdentifier.test(content)) {
|
|
275
|
+
hit = true;
|
|
276
|
+
}
|
|
277
|
+
info += `- ${file} 被混淆\n`;
|
|
278
|
+
}
|
|
279
|
+
return hit ? new ObfuscationRisk(pkg, info.trim()) : null;
|
|
280
|
+
}
|
|
281
|
+
}
|
|
282
|
+
export class RuleRisk extends BaseRisk {
|
|
283
|
+
desc = "触发关键字规则";
|
|
284
|
+
level = "low";
|
|
285
|
+
static build(pkg, files) {
|
|
286
|
+
let info = "";
|
|
287
|
+
let hit = false;
|
|
288
|
+
for (const [file, content] of Object.entries(files)) {
|
|
289
|
+
if (content.includes("ethereum")) {
|
|
290
|
+
info += `- ${file} 使用了 ethereum\n`;
|
|
291
|
+
hit = true;
|
|
292
|
+
}
|
|
293
|
+
}
|
|
294
|
+
return hit ? new RuleRisk(pkg, info.trim()) : null;
|
|
295
|
+
}
|
|
296
|
+
}
|
|
297
|
+
export async function scanPkgRisks(name, version) {
|
|
298
|
+
console.info(`Scanning ${name}@${version} ...`);
|
|
299
|
+
// 获取NPM包信息
|
|
300
|
+
const packageInfo = await getNpmPackageInfo(name);
|
|
301
|
+
if (packageInfo === null) {
|
|
302
|
+
throw new Error(`Failed to fetch package info for ${name}`);
|
|
303
|
+
}
|
|
304
|
+
if (!packageInfo.versions[version]) {
|
|
305
|
+
throw new Error(`Version ${version} of package ${name} not found in registry`);
|
|
306
|
+
}
|
|
307
|
+
// 获取下载统计信息
|
|
308
|
+
const downloadInfo = await getNpmPackageDownloadStats(name, "last-week");
|
|
309
|
+
if (downloadInfo === null) {
|
|
310
|
+
throw new Error(`Failed to fetch download stats for ${name}`);
|
|
311
|
+
}
|
|
312
|
+
// 下载包文件
|
|
313
|
+
console.info(`Downloading tarball for ${name}@${version}`);
|
|
314
|
+
const tarballUrl = packageInfo.versions[version].dist.tarball;
|
|
315
|
+
const tarballResponse = await got(tarballUrl);
|
|
316
|
+
if (tarballResponse.statusCode !== 200) {
|
|
317
|
+
throw new Error(`Failed to download tarball for ${name}@${version}: ${tarballResponse.statusMessage}`);
|
|
318
|
+
}
|
|
319
|
+
const tarballBuffer = tarballResponse.rawBody;
|
|
320
|
+
const files = await extractTarGzFromBuffer(tarballBuffer, {
|
|
321
|
+
filter: (path) => path.endsWith(".js"),
|
|
322
|
+
});
|
|
323
|
+
const fileMap = Object.create(null);
|
|
324
|
+
for (const file of files) {
|
|
325
|
+
fileMap[file.path] = file.content.toString("utf8");
|
|
326
|
+
}
|
|
327
|
+
// 分析代码
|
|
328
|
+
let globalUsage = Object.create(null);
|
|
329
|
+
for (const [file, content] of Object.entries(fileMap)) {
|
|
330
|
+
try {
|
|
331
|
+
const usage = analyzeGlobals(content);
|
|
332
|
+
for (const [g, perm] of Object.entries(usage)) {
|
|
333
|
+
if (g in globalUsage) {
|
|
334
|
+
if (perm === "rw" || globalUsage[g] === "rw") {
|
|
335
|
+
globalUsage[g] = "rw";
|
|
336
|
+
}
|
|
337
|
+
}
|
|
338
|
+
else {
|
|
339
|
+
globalUsage[g] = perm;
|
|
340
|
+
}
|
|
341
|
+
}
|
|
342
|
+
}
|
|
343
|
+
catch (e) {
|
|
344
|
+
console.warn(`Failed to analyze ${name}@${version} - ${file}:`, e);
|
|
345
|
+
}
|
|
346
|
+
}
|
|
347
|
+
const risks = [];
|
|
348
|
+
const relatedPkg = {
|
|
349
|
+
package: packageInfo,
|
|
350
|
+
downloadInfo: downloadInfo,
|
|
351
|
+
};
|
|
352
|
+
const vRisk = VersionRisk.build(relatedPkg, version);
|
|
353
|
+
if (vRisk)
|
|
354
|
+
risks.push(vRisk);
|
|
355
|
+
const uRisk = NotWidelyUsedRisk.build(relatedPkg);
|
|
356
|
+
if (uRisk)
|
|
357
|
+
risks.push(uRisk);
|
|
358
|
+
const gRisk = RiskyGlobalUsageRisk.build(relatedPkg, globalUsage);
|
|
359
|
+
if (gRisk)
|
|
360
|
+
risks.push(gRisk);
|
|
361
|
+
const oRisk = ObfuscationRisk.build(relatedPkg, fileMap);
|
|
362
|
+
if (oRisk)
|
|
363
|
+
risks.push(oRisk);
|
|
364
|
+
const rRisk = RuleRisk.build(relatedPkg, fileMap);
|
|
365
|
+
if (rRisk)
|
|
366
|
+
risks.push(rRisk);
|
|
367
|
+
return {
|
|
368
|
+
risks,
|
|
369
|
+
package: packageInfo,
|
|
370
|
+
downloadInfo: downloadInfo,
|
|
371
|
+
globalUsage: globalUsage,
|
|
372
|
+
};
|
|
373
|
+
}
|
|
374
|
+
export async function scanByFileDiff(files) {
|
|
375
|
+
let changedDeps = new Set();
|
|
376
|
+
const sr = {
|
|
377
|
+
changedDeps: [],
|
|
378
|
+
};
|
|
379
|
+
for (const file of files) {
|
|
380
|
+
if (file.filename.endsWith("pnpm-lock.yaml")) {
|
|
381
|
+
const p1 = new PnpmLockParser(file.oldContent);
|
|
382
|
+
const p2 = new PnpmLockParser(file.newContent);
|
|
383
|
+
const depsNew = PnpmLockParser.deps2Set(p1.getDependencies());
|
|
384
|
+
const depsOld = PnpmLockParser.deps2Set(p2.getDependencies());
|
|
385
|
+
// 对比集合差异, 寻找变更依赖
|
|
386
|
+
changedDeps = changedDeps.union(depsNew.difference(depsOld));
|
|
387
|
+
continue;
|
|
388
|
+
}
|
|
389
|
+
else if (file.filename.endsWith("yarn.lock")) {
|
|
390
|
+
const p1 = new YarnLockParser(file.oldContent);
|
|
391
|
+
const p2 = new YarnLockParser(file.newContent);
|
|
392
|
+
const depsNew = YarnLockParser.deps2Set(p1.getDependencies());
|
|
393
|
+
const depsOld = YarnLockParser.deps2Set(p2.getDependencies());
|
|
394
|
+
// 对比集合差异, 寻找变更依赖
|
|
395
|
+
changedDeps = changedDeps.union(depsNew.difference(depsOld));
|
|
396
|
+
}
|
|
397
|
+
}
|
|
398
|
+
for (const dep of changedDeps) {
|
|
399
|
+
const name = dep.slice(0, dep.lastIndexOf("@"));
|
|
400
|
+
const version = dep.slice(dep.lastIndexOf("@") + 1);
|
|
401
|
+
const pkgScan = await scanPkgRisks(name, version);
|
|
402
|
+
sr.changedDeps.push({
|
|
403
|
+
name,
|
|
404
|
+
version,
|
|
405
|
+
packageInfo: pkgScan.package,
|
|
406
|
+
downloadInfo: pkgScan.downloadInfo,
|
|
407
|
+
analyze: {
|
|
408
|
+
global: pkgScan.globalUsage,
|
|
409
|
+
},
|
|
410
|
+
risks: pkgScan.risks,
|
|
411
|
+
});
|
|
412
|
+
}
|
|
413
|
+
return sr;
|
|
414
|
+
}
|
|
415
|
+
export async function scanPRRisks(owner, repo, pull_no, auth = undefined) {
|
|
416
|
+
const github = new GitHubRepo(auth);
|
|
417
|
+
const prinfo = await github.getPRInfo(owner, repo, pull_no);
|
|
418
|
+
const prfiles = await github.getPRChangedFiles(owner, repo, pull_no, 100);
|
|
419
|
+
if (prinfo === null || prfiles === null) {
|
|
420
|
+
throw new Error(`Failed to fetch PR info or files for #${pull_no}`);
|
|
421
|
+
}
|
|
422
|
+
let changedDeps = new Set();
|
|
423
|
+
const sr = {
|
|
424
|
+
changedDeps: [],
|
|
425
|
+
};
|
|
426
|
+
for (const file of prfiles) {
|
|
427
|
+
if (file.status === "removed") {
|
|
428
|
+
continue; // 跳过已删除的文件
|
|
429
|
+
}
|
|
430
|
+
if (file.filename === "yarn.lock" ||
|
|
431
|
+
file.filename === "pnpm-lock.yaml") {
|
|
432
|
+
if (file.status !== "added") {
|
|
433
|
+
const yarnNew = await github.getTextFileContent(owner, repo, file.filename, prinfo.head.sha);
|
|
434
|
+
const yarnOld = await github.getTextFileContent(owner, repo, file.filename, prinfo.base.sha);
|
|
435
|
+
if (yarnNew === null || yarnOld === null) {
|
|
436
|
+
throw new Error(`Failed to fetch ${file.filename} content`);
|
|
437
|
+
continue;
|
|
438
|
+
}
|
|
439
|
+
// 构建依赖版本号集合
|
|
440
|
+
const parserNew = new YarnLockParser(yarnNew);
|
|
441
|
+
const parserOld = new YarnLockParser(yarnOld);
|
|
442
|
+
const depsNew = YarnLockParser.deps2Set(parserNew.getDependencies());
|
|
443
|
+
const depsOld = YarnLockParser.deps2Set(parserOld.getDependencies());
|
|
444
|
+
// 对比集合差异, 寻找变更依赖
|
|
445
|
+
changedDeps = changedDeps.union(depsNew.difference(depsOld));
|
|
446
|
+
}
|
|
447
|
+
else {
|
|
448
|
+
const yarnNew = await github.getTextFileContent(owner, repo, file.filename, prinfo.head.sha);
|
|
449
|
+
if (yarnNew === null) {
|
|
450
|
+
throw new Error(`Failed to fetch ${file.filename} content`);
|
|
451
|
+
continue;
|
|
452
|
+
}
|
|
453
|
+
// 构建依赖版本号集合
|
|
454
|
+
const parserNew = new YarnLockParser(yarnNew);
|
|
455
|
+
const depsNew = YarnLockParser.deps2Set(parserNew.getDependencies());
|
|
456
|
+
changedDeps = changedDeps.union(depsNew);
|
|
457
|
+
}
|
|
458
|
+
}
|
|
459
|
+
}
|
|
460
|
+
for (const dep of changedDeps) {
|
|
461
|
+
const name = dep.slice(0, dep.lastIndexOf("@"));
|
|
462
|
+
const version = dep.slice(dep.lastIndexOf("@") + 1);
|
|
463
|
+
const pkgScan = await scanPkgRisks(name, version);
|
|
464
|
+
sr.changedDeps.push({
|
|
465
|
+
name,
|
|
466
|
+
version,
|
|
467
|
+
packageInfo: pkgScan.package,
|
|
468
|
+
downloadInfo: pkgScan.downloadInfo,
|
|
469
|
+
analyze: {
|
|
470
|
+
global: pkgScan.globalUsage,
|
|
471
|
+
},
|
|
472
|
+
risks: pkgScan.risks,
|
|
473
|
+
});
|
|
474
|
+
}
|
|
475
|
+
return sr;
|
|
476
|
+
}
|
|
477
|
+
//# sourceMappingURL=prscan.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"prscan.js","sourceRoot":"","sources":["../../src/tool/prscan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,cAAc,EAAuB,MAAM,oBAAoB,CAAC;AACzE,OAAO,EACH,0BAA0B,EAC1B,iBAAiB,GAGpB,MAAM,gBAAgB,CAAC;AACxB,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAElE,OAAO,EAAE,UAAU,EAAE,MAAM,iBAAiB,CAAC;AAE7C,OAAO,MAAM,MAAM,QAAQ,CAAC;AAC5B,OAAO,EAAE,KAAK,EAAE,MAAM,eAAe,CAAC;AACtC,OAAO,EAAE,sBAAsB,EAAE,MAAM,2BAA2B,CAAC;AAGnE,OAAO,GAAG,MAAM,KAAK,CAAC;AAOtB,MAAM,OAAgB,QAAQ;IAGnB,OAAO,CAAiB;IACxB,IAAI,CAAS;IAEpB,YAAY,GAAmB,EAAE,IAAY;QACzC,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC;QACnB,IAAI,CAAC,IAAI,GAAG,IAAI,CAAC;IACrB,CAAC;CACJ;AAED,MAAM,OAAO,WAAY,SAAQ,QAAQ;IAC9B,IAAI,GAAW,eAAe,CAAC;IAC/B,KAAK,GAA8B,KAAK,CAAC;IAEhD,MAAM,CAAC,KAAK,CAAC,GAAmB,EAAE,OAAe;QAC7C,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,MAAM,CAAC;QACtD,IAAI,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,aAAa,CAAC,EAAE,CAAC;YACpC,MAAM,aAAa,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;YACtD,IAAI,aAAa,EAAE,CAAC;gBAChB,MAAM,QAAQ,GACV,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,IAAI,CAAC,aAAa,CAAC,CAAC,OAAO,EAAE;oBAC9C,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,MAAM;gBACpC,IAAI,QAAQ,EAAE,CAAC;oBACX,OAAO,IAAI,WAAW,CAClB,GAAG,EACH,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,aAAa,OAAO,eAAe,CACzD,CAAC;gBACN,CAAC;YACL,CAAC;QACL,CAAC;QAED,qCAAqC;QACrC,uDAAuD;QACvD,2BAA2B;QAC3B,2BAA2B;QAC3B,+DAA+D;QAC/D,+CAA+C;QAC/C,0BAA0B;QAC1B,sCAAsC;QACtC,uBAAuB;QACvB,iEAAiE;QACjE,iBAAiB;QACjB,YAAY;QACZ,QAAQ;QACR,IAAI;QACJ,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ;AAED,MAAM,OAAO,iBAAkB,SAAQ,QAAQ;IACpC,IAAI,GAAW,aAAa,CAAC;IAC7B,KAAK,GAA8B,QAAQ,CAAC;IAEnD,MAAM,CAAC,KAAK,CAAC,GAAmB;QAC5B,IAAI,GAAG,CAAC,YAAY,CAAC,SAAS,GAAG,KAAK,EAAE,CAAC;YACrC,OAAO,IAAI,iBAAiB,CACxB,GAAG,EACH,GAAG,GAAG,CAAC,OAAO,CAAC,IAAI,IAAI,GAAG,CAAC,YAAY,CAAC,KAAK,MAAM,GAAG,CAAC,YAAY,CAAC,GAAG,WAAW,GAAG,CAAC,YAAY,CAAC,SAAS,IAAI,CACnH,CAAC;QACN,CAAC;QACD,OAAO,IAAI,CAAC;IAChB,CAAC;CACJ;AAeD,MAAM,OAAO,oBAAqB,SAAQ,QAAQ;IAC9C,IAAI,GAAW,YAAY,CAAC;IAC5B,KAAK,GAA8B,MAAM,CAAC;IAEnC,OAAO,CAAa;IAE3B,YAAY,GAAmB,EAAE,IAAY,EAAE,OAAmB;QAC9D,KAAK,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC;QACjB,IAAI,CAAC,OAAO,GAAG,OAAO,CAAC;IAC3B,CAAC;IAED,MAAM,CAAC,KAAK,CAAC,GAAmB,EAAE,OAAmC;QACjE,MAAM,OAAO,GAAe,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QAEhD,MAAM,cAAc,GAAG;YACnB,OAAO;YACP,gBAAgB;YAChB,eAAe;YACf,WAAW;YACX,aAAa;YACb,WAAW;YACX,OAAO;YACP,QAAQ;SACX,CAAC;QACF,MAAM,UAAU,GAAG,CAAC,UAAU,EAAE,QAAQ,EAAE,kBAAkB,CAAC,CAAC;QAC9D,MAAM,YAAY,GAAG;YACjB,UAAU;YACV,gBAAgB;YAChB,uBAAuB;YACvB,kBAAkB;YAClB,SAAS;YACT,eAAe;YACf,eAAe;YACf,gBAAgB;YAChB,QAAQ;YACR,UAAU;YACV,WAAW;YACX,kBAAkB;YAClB,UAAU;YACV,SAAS;YACT,SAAS;YACT,WAAW;YACX,oCAAoC;YACpC,eAAe;YACf,eAAe;YACf,mBAAmB;YACnB,aAAa;YACb,YAAY;YACZ,QAAQ;YACR,WAAW;YACX,aAAa;YACb,aAAa;YACb,YAAY;YACZ,aAAa;YACb,QAAQ;YACR,kBAAkB;YAClB,WAAW;YACX,SAAS;YACT,SAAS;YACT,SAAS;YACT,YAAY;YACZ,SAAS;YACT,WAAW;YACX,WAAW;YACX,YAAY;YACZ,SAAS;YACT,QAAQ;YACR,cAAc;YACd,kBAAkB;YAClB,aAAa;YACb,aAAa;YACb,cAAc;YACd,cAAc;YACd,aAAa;YACb,YAAY;YACZ,aAAa;YACb,WAAW;YACX,cAAc;YACd,SAAS;YACT,QAAQ;YACR,WAAW;YACX,YAAY;YACZ,cAAc;YACd,SAAS;YACT,UAAU;YACV,UAAU;YACV,aAAa;YACb,2BAA2B;YAC3B,UAAU;YACV,WAAW;YACX,UAAU;YACV,cAAc;YACd,WAAW;YACX,UAAU;YACV,WAAW;YACX,cAAc;YACd,UAAU;YACV,gBAAgB;YAChB,WAAW;YACX,sBAAsB;YACtB,4BAA4B;YAC5B,wBAAwB;YACxB,uBAAuB;YACvB,SAAS;YACT,YAAY;YACZ,qBAAqB;YACrB,sBAAsB;YACtB,eAAe;YACf,eAAe;YACf,oBAAoB;YACpB,aAAa;YACb,iBAAiB;YACjB,eAAe;YACf,cAAc;YACd,gBAAgB;YAChB,gBAAgB;YAChB,eAAe;YACf,mBAAmB;YACnB,gBAAgB;YAChB,sBAAsB;YACtB,kBAAkB;YAClB,iBAAiB;YACjB,mBAAmB;YACnB,iBAAiB;YACjB,oBAAoB;YACpB,cAAc;YACd,eAAe;YACf,gBAAgB;YAChB,cAAc;YACd,kBAAkB;YAClB,WAAW;YACX,gBAAgB;YAChB,WAAW;YACX,UAAU;YACV,YAAY;YACZ,YAAY;YACZ,YAAY;YACZ,oBAAoB;YACpB,WAAW;YACX,sBAAsB;YACtB,UAAU;YACV,gBAAgB;YAChB,qBAAqB;YACrB,6BAA6B;YAC7B,YAAY;YACZ,cAAc;YACd,oBAAoB;YACpB,sBAAsB;SACzB,CAAC;QACF,MAAM,eAAe,GAAG,CAAC,MAAM,CAAC,CAAC;QACjC,MAAM,mBAAmB,GAAG;YACxB,cAAc;YACd,gBAAgB;YAChB,WAAW;YACX,SAAS;SACZ,CAAC;QAEF,KAAK,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9C,IAAI,cAAc,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;gBAC7B,OAAO,CAAC,CAAC,CAAC,GAAG;oBACT,IAAI;oBACJ,IAAI,EAAE,MAAM;oBACZ,IAAI,EAAE,kBAAkB;iBAC3B,CAAC;YACN,CAAC;iBAAM,IACH,UAAU,CAAC,QAAQ,CAAC,CAAC,CAAC;gBACtB,CAAC,YAAY,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,IAAI,KAAK,IAAI,CAAC,EAC7C,CAAC;gBACC,OAAO,CAAC,CAAC,CAAC,GAAG;oBACT,IAAI;oBACJ,IAAI,EAAE,OAAO;oBACb,IAAI,EAAE,gBAAgB;iBACzB,CAAC;YACN,CAAC;iBAAM,IAAI,eAAe,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;gBACrC,OAAO,CAAC,CAAC,CAAC,GAAG;oBACT,IAAI;oBACJ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,WAAW;iBACpB,CAAC;YACN,CAAC;iBAAM,IAAI,mBAAmB,CAAC,QAAQ,CAAC,CAAC,CAAC,EAAE,CAAC;gBACzC,OAAO,CAAC,CAAC,CAAC,GAAG;oBACT,IAAI;oBACJ,IAAI,EAAE,QAAQ;oBACd,IAAI,EAAE,gBAAgB;iBACzB,CAAC;YACN,CAAC;iBAAM,IAAI,CAAC,KAAK,QAAQ,EAAE,CAAC;gBACxB,OAAO,CAAC,CAAC,CAAC,GAAG;oBACT,IAAI;oBACJ,IAAI,EAAE,eAAe;oBACrB,IAAI,EAAE,eAAe;iBACxB,CAAC;YACN,CAAC;QACL,CAAC;QAED,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACpC,OAAO,IAAI,CAAC;QAChB,CAAC;QAED,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,KAAK,MAAM,CAAC,CAAC,EAAE,EAAE,IAAI,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;YAC9D,IAAI,IAAI,KACJ,IAAI,KAAK,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAC1B,IAAI,CAAC,KAAK,IAAI,MAAM,IAAI,IAAI,CAAC;QACjC,CAAC;QAED,OAAO,IAAI,oBAAoB,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,EAAE,OAAO,CAAC,CAAC;IAC/D,CAAC;CACJ;AAED,MAAM,OAAO,eAAgB,SAAQ,QAAQ;IAClC,IAAI,GAAW,QAAQ,CAAC;IACxB,KAAK,GAA8B,QAAQ,CAAC;IAEnD,MAAM,CAAC,KAAK,CACR,GAAmB,EACnB,KAA6B;QAE7B,IAAI,GAAG,GAAG,KAAK,CAAC;QAChB,IAAI,IAAI,GAAG,EAAE,CAAC;QAEd,eAAe;QACf,0CAA0C;QAC1C,2BAA2B;QAC3B,MAAM,YAAY,GAAG,CAAC,aAAa,EAAE,aAAa,CAAC,CAAC;QACpD,MAAM,cAAc,GAAG,mBAAmB,CAAC;QAC3C,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAClD,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,EAAE,EAAE,EAAE,CAAC,OAAO,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,EAAE,CAAC;gBAClD,GAAG,GAAG,IAAI,CAAC;YACf,CAAC;iBAAM,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACtC,GAAG,GAAG,IAAI,CAAC;YACf,CAAC;YAED,IAAI,IAAI,KAAK,IAAI,QAAQ,CAAC;QAC9B,CAAC;QAED,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,eAAe,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IAC9D,CAAC;CACJ;AAED,MAAM,OAAO,QAAS,SAAQ,QAAQ;IAC3B,IAAI,GAAW,SAAS,CAAC;IACzB,KAAK,GAA8B,KAAK,CAAC;IAEhD,MAAM,CAAC,KAAK,CACR,GAAmB,EACnB,KAA6B;QAE7B,IAAI,IAAI,GAAG,EAAE,CAAC;QACd,IAAI,GAAG,GAAG,KAAK,CAAC;QAChB,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;YAClD,IAAI,OAAO,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAC/B,IAAI,IAAI,KAAK,IAAI,iBAAiB,CAAC;gBACnC,GAAG,GAAG,IAAI,CAAC;YACf,CAAC;QACL,CAAC;QACD,OAAO,GAAG,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,GAAG,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;IACvD,CAAC;CACJ;AAsBD,MAAM,CAAC,KAAK,UAAU,YAAY,CAC9B,IAAY,EACZ,OAAe;IAOf,OAAO,CAAC,IAAI,CAAC,YAAY,IAAI,IAAI,OAAO,MAAM,CAAC,CAAC;IAChD,WAAW;IACX,MAAM,WAAW,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAClD,IAAI,WAAW,KAAK,IAAI,EAAE,CAAC;QACvB,MAAM,IAAI,KAAK,CAAC,oCAAoC,IAAI,EAAE,CAAC,CAAC;IAChE,CAAC;IAED,IAAI,CAAC,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,MAAM,IAAI,KAAK,CACX,WAAW,OAAO,eAAe,IAAI,wBAAwB,CAChE,CAAC;IACN,CAAC;IAED,WAAW;IACX,MAAM,YAAY,GAAG,MAAM,0BAA0B,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACzE,IAAI,YAAY,KAAK,IAAI,EAAE,CAAC;QACxB,MAAM,IAAI,KAAK,CAAC,sCAAsC,IAAI,EAAE,CAAC,CAAC;IAClE,CAAC;IAED,QAAQ;IACR,OAAO,CAAC,IAAI,CAAC,2BAA2B,IAAI,IAAI,OAAO,EAAE,CAAC,CAAC;IAC3D,MAAM,UAAU,GAAG,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAE,CAAC,IAAI,CAAC,OAAO,CAAC;IAC/D,MAAM,eAAe,GAAG,MAAM,GAAG,CAAC,UAAU,CAAC,CAAC;IAC9C,IAAI,eAAe,CAAC,UAAU,KAAK,GAAG,EAAE,CAAC;QACrC,MAAM,IAAI,KAAK,CACX,kCAAkC,IAAI,IAAI,OAAO,KAAK,eAAe,CAAC,aAAa,EAAE,CACxF,CAAC;IACN,CAAC;IAED,MAAM,aAAa,GAAG,eAAe,CAAC,OAAO,CAAC;IAE9C,MAAM,KAAK,GAAG,MAAM,sBAAsB,CAAC,aAAa,EAAE;QACtD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,CAAC,IAAI,CAAC,QAAQ,CAAC,KAAK,CAAC;KACzC,CAAC,CAAC;IACH,MAAM,OAAO,GAA2B,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAE5D,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC;IACvD,CAAC;IAED,OAAO;IACP,IAAI,WAAW,GAAmB,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IACtD,KAAK,MAAM,CAAC,IAAI,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QACpD,IAAI,CAAC;YACD,MAAM,KAAK,GAAG,cAAc,CAAC,OAAO,CAAC,CAAC;YACtC,KAAK,MAAM,CAAC,CAAC,EAAE,IAAI,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5C,IAAI,CAAC,IAAI,WAAW,EAAE,CAAC;oBACnB,IAAI,IAAI,KAAK,IAAI,IAAI,WAAW,CAAC,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;wBAC3C,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;oBAC1B,CAAC;gBACL,CAAC;qBAAM,CAAC;oBACJ,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC;gBAC1B,CAAC;YACL,CAAC;QACL,CAAC;QAAC,OAAO,CAAC,EAAE,CAAC;YACT,OAAO,CAAC,IAAI,CAAC,qBAAqB,IAAI,IAAI,OAAO,MAAM,IAAI,GAAG,EAAE,CAAC,CAAC,CAAC;QACvE,CAAC;IACL,CAAC;IAED,MAAM,KAAK,GAAW,EAAE,CAAC;IAEzB,MAAM,UAAU,GAAmB;QAC/B,OAAO,EAAE,WAAW;QACpB,YAAY,EAAE,YAAY;KAC7B,CAAC;IAEF,MAAM,KAAK,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACrD,IAAI,KAAK;QAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAE7B,MAAM,KAAK,GAAG,iBAAiB,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;IAClD,IAAI,KAAK;QAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAE7B,MAAM,KAAK,GAAG,oBAAoB,CAAC,KAAK,CAAC,UAAU,EAAE,WAAW,CAAC,CAAC;IAClE,IAAI,KAAK;QAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAE7B,MAAM,KAAK,GAAG,eAAe,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IACzD,IAAI,KAAK;QAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAE7B,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;IAClD,IAAI,KAAK;QAAE,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAE7B,OAAO;QACH,KAAK;QACL,OAAO,EAAE,WAAW;QACpB,YAAY,EAAE,YAAY;QAC1B,WAAW,EAAE,WAAW;KAC3B,CAAC;AACN,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,cAAc,CAChC,KAIE;IAEF,IAAI,WAAW,GAAgB,IAAI,GAAG,EAAE,CAAC;IACzC,MAAM,EAAE,GAAiB;QACrB,WAAW,EAAE,EAAE;KAClB,CAAC;IACF,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACvB,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;YAC3C,MAAM,EAAE,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/C,MAAM,EAAE,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/C,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC;YAC9D,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC;YAE9D,iBAAiB;YACjB,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;YAC7D,SAAS;QACb,CAAC;aAAM,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,EAAE,CAAC;YAC7C,MAAM,EAAE,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/C,MAAM,EAAE,GAAG,IAAI,cAAc,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC/C,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC;YAC9D,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC,eAAe,EAAE,CAAC,CAAC;YAE9D,iBAAiB;YACjB,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;QACjE,CAAC;IACL,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QAChD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAEpD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAClD,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC;YAChB,IAAI;YACJ,OAAO;YACP,WAAW,EAAE,OAAO,CAAC,OAAO;YAC5B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,OAAO,EAAE;gBACL,MAAM,EAAE,OAAO,CAAC,WAAW;aAC9B;YACD,KAAK,EAAE,OAAO,CAAC,KAAK;SACvB,CAAC,CAAC;IACP,CAAC;IAED,OAAO,EAAE,CAAC;AACd,CAAC;AAED,MAAM,CAAC,KAAK,UAAU,WAAW,CAC7B,KAAa,EACb,IAAY,EACZ,OAAe,EACf,OAA2B,SAAS;IAEpC,MAAM,MAAM,GAAG,IAAI,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,MAAM,MAAM,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,CAAC,CAAC;IAC5D,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,iBAAiB,CAAC,KAAK,EAAE,IAAI,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC;IAC1E,IAAI,MAAM,KAAK,IAAI,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;QACtC,MAAM,IAAI,KAAK,CAAC,yCAAyC,OAAO,EAAE,CAAC,CAAC;IACxE,CAAC;IAED,IAAI,WAAW,GAAgB,IAAI,GAAG,EAAE,CAAC;IAEzC,MAAM,EAAE,GAAiB;QACrB,WAAW,EAAE,EAAE;KAClB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QACzB,IAAI,IAAI,CAAC,MAAM,KAAK,SAAS,EAAE,CAAC;YAC5B,SAAS,CAAC,WAAW;QACzB,CAAC;QAED,IACI,IAAI,CAAC,QAAQ,KAAK,WAAW;YAC7B,IAAI,CAAC,QAAQ,KAAK,gBAAgB,EACpC,CAAC;YACC,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gBAC1B,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAC3C,KAAK,EACL,IAAI,EACJ,IAAI,CAAC,QAAQ,EACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAClB,CAAC;gBAEF,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAC3C,KAAK,EACL,IAAI,EACJ,IAAI,CAAC,QAAQ,EACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAClB,CAAC;gBAEF,IAAI,OAAO,KAAK,IAAI,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;oBACvC,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,CAAC,QAAQ,UAAU,CAAC,CAAC;oBAC5D,SAAS;gBACb,CAAC;gBAED,YAAY;gBACZ,MAAM,SAAS,GAAG,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;gBAC9C,MAAM,SAAS,GAAG,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;gBAC9C,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CACnC,SAAS,CAAC,eAAe,EAAE,CAC9B,CAAC;gBACF,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CACnC,SAAS,CAAC,eAAe,EAAE,CAC9B,CAAC;gBAEF,iBAAiB;gBACjB,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC,CAAC;YACjE,CAAC;iBAAM,CAAC;gBACJ,MAAM,OAAO,GAAG,MAAM,MAAM,CAAC,kBAAkB,CAC3C,KAAK,EACL,IAAI,EACJ,IAAI,CAAC,QAAQ,EACb,MAAM,CAAC,IAAI,CAAC,GAAG,CAClB,CAAC;gBAEF,IAAI,OAAO,KAAK,IAAI,EAAE,CAAC;oBACnB,MAAM,IAAI,KAAK,CAAC,mBAAmB,IAAI,CAAC,QAAQ,UAAU,CAAC,CAAC;oBAC5D,SAAS;gBACb,CAAC;gBAED,YAAY;gBACZ,MAAM,SAAS,GAAG,IAAI,cAAc,CAAC,OAAO,CAAC,CAAC;gBAC9C,MAAM,OAAO,GAAG,cAAc,CAAC,QAAQ,CACnC,SAAS,CAAC,eAAe,EAAE,CAC9B,CAAC;gBAEF,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;YAC7C,CAAC;QACL,CAAC;IACL,CAAC;IAED,KAAK,MAAM,GAAG,IAAI,WAAW,EAAE,CAAC;QAC5B,MAAM,IAAI,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC;QAChD,MAAM,OAAO,GAAG,GAAG,CAAC,KAAK,CAAC,GAAG,CAAC,WAAW,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC;QAEpD,MAAM,OAAO,GAAG,MAAM,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QAClD,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC;YAChB,IAAI;YACJ,OAAO;YACP,WAAW,EAAE,OAAO,CAAC,OAAO;YAC5B,YAAY,EAAE,OAAO,CAAC,YAAY;YAClC,OAAO,EAAE;gBACL,MAAM,EAAE,OAAO,CAAC,WAAW;aAC9B;YACD,KAAK,EAAE,OAAO,CAAC,KAAK;SACvB,CAAC,CAAC;IACP,CAAC;IAED,OAAO,EAAE,CAAC;AACd,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"analyze.d.ts","sourceRoot":"","sources":["../../src/util/analyze.ts"],"names":[],"mappings":"AAQA,MAAM,MAAM,cAAc,GAAG,MAAM,CAAC,MAAM,EAAE,GAAG,GAAG,IAAI,CAAC,CAAC;AAExD,eAAO,MAAM,WAAW,UA+DvB,CAAC;AAqBF,wBAAgB,cAAc,CAAC,IAAI,EAAE,MAAM,GAAG,cAAc,CAyJ3D"}
|