sandstream-kit 1.6.0 → 1.8.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +20 -0
- package/dist/bumblebee.js +23 -7
- package/dist/bumblebee.js.map +1 -1
- package/dist/cli.js +70 -0
- package/dist/cli.js.map +1 -1
- package/dist/config.d.ts +5 -0
- package/dist/config.js +7 -1
- package/dist/config.js.map +1 -1
- package/dist/findings-track.d.ts +23 -0
- package/dist/findings-track.js +45 -0
- package/dist/findings-track.js.map +1 -0
- package/dist/heal.d.ts +53 -0
- package/dist/heal.js +119 -0
- package/dist/heal.js.map +1 -0
- package/dist/memory/db.d.ts +10 -0
- package/dist/memory/db.js +17 -1
- package/dist/memory/db.js.map +1 -1
- package/dist/memory/pal.d.ts +28 -0
- package/dist/memory/pal.js +51 -1
- package/dist/memory/pal.js.map +1 -1
- package/package.json +1 -1
package/README.md
CHANGED
|
@@ -23,6 +23,26 @@ npm i -g sandstream-kit
|
|
|
23
23
|
# echo 'export PATH="$HOME/.npm-global/bin:$PATH"' >> ~/.zshrc && source ~/.zshrc
|
|
24
24
|
```
|
|
25
25
|
|
|
26
|
+
### Run via Docker
|
|
27
|
+
|
|
28
|
+
Prefer a container (no local Node or mise)? The CLI ships as a signed image on
|
|
29
|
+
Docker Hub. Mount your project and point the workdir at it:
|
|
30
|
+
|
|
31
|
+
```bash
|
|
32
|
+
docker run --rm sandstream/kit:latest --version
|
|
33
|
+
docker run --rm -v "$PWD":/work -w /work sandstream/kit:latest check
|
|
34
|
+
```
|
|
35
|
+
|
|
36
|
+
Each release publishes `sandstream/kit` (version + `latest` tags), keyless-signed
|
|
37
|
+
with cosign and shipped with a CycloneDX SBOM. Verify the signature before
|
|
38
|
+
trusting an image:
|
|
39
|
+
|
|
40
|
+
```bash
|
|
41
|
+
cosign verify sandstream/kit:latest \
|
|
42
|
+
--certificate-identity-regexp 'https://github.com/sandstream/kit/\.github/workflows/docker-build\.yml@.*' \
|
|
43
|
+
--certificate-oidc-issuer https://token.actions.githubusercontent.com
|
|
44
|
+
```
|
|
45
|
+
|
|
26
46
|
Then, in a repo:
|
|
27
47
|
|
|
28
48
|
```bash
|
package/dist/bumblebee.js
CHANGED
|
@@ -13,7 +13,7 @@
|
|
|
13
13
|
import { execFile } from "node:child_process";
|
|
14
14
|
import { promisify } from "node:util";
|
|
15
15
|
import { createHash } from "node:crypto";
|
|
16
|
-
import { writeFile, mkdir, mkdtemp, rm, chmod, access, rename, readdir, stat, } from "node:fs/promises";
|
|
16
|
+
import { writeFile, readFile, mkdir, mkdtemp, rm, chmod, access, rename, readdir, stat, } from "node:fs/promises";
|
|
17
17
|
import { homedir } from "node:os";
|
|
18
18
|
import { join } from "node:path";
|
|
19
19
|
const exec = promisify(execFile);
|
|
@@ -82,7 +82,9 @@ async function pathExists(p) {
|
|
|
82
82
|
}
|
|
83
83
|
}
|
|
84
84
|
function cacheParent() {
|
|
85
|
-
|
|
85
|
+
// KIT_BUMBLEBEE_CACHE overrides the cache root (test isolation + CI sandboxes).
|
|
86
|
+
const override = process.env.KIT_BUMBLEBEE_CACHE;
|
|
87
|
+
return override && override.length > 0 ? override : join(homedir(), ".kit", "tools", "bumblebee");
|
|
86
88
|
}
|
|
87
89
|
function cacheRoot(version = BUMBLEBEE_VERSION) {
|
|
88
90
|
return join(cacheParent(), version);
|
|
@@ -133,15 +135,22 @@ export async function ensureBumblebee(opts = {}) {
|
|
|
133
135
|
const root = cacheRoot();
|
|
134
136
|
const binPath = join(root, "bumblebee");
|
|
135
137
|
const catalogDir = join(root, "threat_intel");
|
|
136
|
-
|
|
137
|
-
|
|
138
|
-
//
|
|
138
|
+
const sidecarPath = join(root, "bumblebee.sha256");
|
|
139
|
+
if ((await pathExists(binPath)) && (await pathExists(catalogDir)) && (await pathExists(sidecarPath))) {
|
|
140
|
+
// F3 — re-verify the cached binary against the hash recorded at trusted
|
|
141
|
+
// INSTALL time (the sidecar), NOT the tarball checksum. The pinned
|
|
142
|
+
// TARBALL_CHECKSUMS gate the DOWNLOAD (authoritative supply-chain anchor);
|
|
143
|
+
// the sidecar gates CACHE reuse, catching corruption/tampering of the
|
|
144
|
+
// cached binary since install. (A prior version compared the extracted
|
|
145
|
+
// binary to the *tarball* digest — different artifacts, so it mismatched on
|
|
146
|
+
// every reuse and silently disabled the scanner after first download.)
|
|
139
147
|
try {
|
|
148
|
+
const expected = (await readFile(sidecarPath, "utf8")).trim();
|
|
140
149
|
const actual = await sha256File(binPath);
|
|
141
|
-
if (actual !==
|
|
150
|
+
if (actual !== expected) {
|
|
142
151
|
return {
|
|
143
152
|
kind: "integrity",
|
|
144
|
-
reason: `cached binary checksum mismatch (expected ${
|
|
153
|
+
reason: `cached binary checksum mismatch (expected ${expected}, got ${actual}); clear ~/.kit/tools/bumblebee and retry`,
|
|
145
154
|
};
|
|
146
155
|
}
|
|
147
156
|
}
|
|
@@ -153,6 +162,8 @@ export async function ensureBumblebee(opts = {}) {
|
|
|
153
162
|
}
|
|
154
163
|
return { install: { binPath, catalogDir } };
|
|
155
164
|
}
|
|
165
|
+
// A cached binary with no sidecar is a legacy cache (pre-fix): fall through and
|
|
166
|
+
// re-download to re-establish trust via the pinned tarball checksum.
|
|
156
167
|
if (opts.allowDownload === false) {
|
|
157
168
|
return {
|
|
158
169
|
kind: "network",
|
|
@@ -218,6 +229,11 @@ async function downloadAndInstall(target, root, timeoutMs) {
|
|
|
218
229
|
throw new Error("extracted archive is missing threat_intel catalogs");
|
|
219
230
|
}
|
|
220
231
|
await chmod(stagedBin, 0o755);
|
|
232
|
+
// Record the extracted binary's own SHA-256 so cache reuse (F3) can verify
|
|
233
|
+
// the BINARY — the tarball is discarded after extraction. Authenticity was
|
|
234
|
+
// already proven by the pinned tarball checksum above; this anchors the
|
|
235
|
+
// cached binary to that trusted install.
|
|
236
|
+
await writeFile(join(staging, "bumblebee.sha256"), `${await sha256File(stagedBin)}\n`);
|
|
221
237
|
await rm(tarPath, { force: true });
|
|
222
238
|
await rm(root, { recursive: true, force: true });
|
|
223
239
|
await rename(staging, root);
|
package/dist/bumblebee.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"bumblebee.js","sourceRoot":"","sources":["../src/bumblebee.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,SAAS,EACT,KAAK,EACL,OAAO,EACP,EAAE,EACF,KAAK,EACL,MAAM,EACN,MAAM,EACN,OAAO,EACP,IAAI,GACL,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAEjC,yFAAyF;AACzF,MAAM,OAAO,cAAe,SAAQ,KAAK;IACvC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAWD;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAEzC,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA2B;IACvD,qCAAqC,EACnC,kEAAkE;IACpE,qCAAqC,EACnC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;CACrE,CAAC;AASF;;;GAGG;AACH,MAAM,UAAU,aAAa,CAC3B,WAA4B,OAAO,CAAC,QAAQ,EAC5C,OAAe,OAAO,CAAC,IAAI,EAC3B,UAAkB,iBAAiB;IAEnC,MAAM,EAAE,GACN,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3E,MAAM,CAAC,GAAG,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IACvE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,SAAS,GAAG,aAAa,OAAO,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;IAC3D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC9C,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,IAAyB;IAC9C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzD,CAAC;AAED,gFAAgF;AAChF,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IACrD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,MAAM,EAAE,EAAE;QACzC,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxD,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,CAAS;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,CAAC,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW;IAClB,OAAO,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;AACvD,CAAC;AAED,SAAS,SAAS,CAAC,OAAO,GAAG,iBAAiB;IAC5C,OAAO,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,IAAI,GAAG,WAAW,EAAE,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAClC,CAAC;IACD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAsB,EAAE;IAExB,mEAAmE;IACnE,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC7C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,OAAO;gBACL,IAAI,EAAE,QAAQ;gBACd,MAAM,EAAE,+CAA+C,MAAM,EAAE;aAChE,CAAC;QACJ,CAAC;QACD,MAAM,UAAU,GACd,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,IAAI,CAAC,SAAS,EAAE,EAAE,cAAc,CAAC,CAAC;QACzE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,yBAAyB,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,IAAI,gDAAgD;SAClH,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAE9C,IAAI,CAAC,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC,EAAE,CAAC;QAClE,yEAAyE;QACzE,2EAA2E;QAC3E,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YACzC,IAAI,MAAM,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;gBAC/B,OAAO;oBACL,IAAI,EAAE,WAAW;oBACjB,MAAM,EAAE,6CAA6C,MAAM,CAAC,QAAQ,SAAS,MAAM,2CAA2C;iBAC/H,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,+CAA+C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;aAC1G,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAED,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACjC,OAAO;YACL,IAAI,EAAE,SAAS;YACf,MAAM,EACJ,iEAAiE;SACpE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAC9E,MAAM,CACJ,oDAAoD,iBAAiB,cAAc,CACpF,CAAC;QACF,MAAM,kBAAkB,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,CAAC;QAClE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6EAA6E;QAC7E,+EAA+E;QAC/E,MAAM,WAAW,GAAG,GAAG,YAAY,cAAc,CAAC;QAClD,OAAO;YACL,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iBAAiB,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;SAC7H,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,MAAsB,EACtB,IAAY,EACZ,SAAiB;IAEjB,MAAM,GAAG,GAAG,GAAG,gBAAgB,KAAK,iBAAiB,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;IAE5E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;IAC9D,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;QACxD,CAAC;QACD,0EAA0E;QAC1E,kEAAkE;QAClE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,oDAAoD,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;QACD,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7C,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3B,IAAI,MAAM,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,cAAc,CACtB,yBAAyB,MAAM,CAAC,SAAS,cAAc,MAAM,CAAC,QAAQ,SAAS,MAAM,EAAE,CACxF,CAAC;IACJ,CAAC;IAED,yEAAyE;IACzE,4EAA4E;IAC5E,8CAA8C;IAC9C,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC9B,oFAAoF;QACpF,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAEzE,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC9B,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEnC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,MAAM,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACpE,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAuBD,SAAS,GAAG,CAAC,GAA4B,EAAE,GAAW;IACpD,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACnB,OAAO,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,GAAG,CAAC,CAAU;IACrB,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,MAAc;IAC5C,MAAM,OAAO,GAAgB;QAC3B,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,KAAK;QAClB,QAAQ,EAAE,EAAE;QACZ,eAAe,EAAE,CAAC;KACnB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,IAAI,GAA4B,CAAC;QACjC,IAAI,CAAC;YACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACpB,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,SAAS;gBAC3C,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC;gBACjC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC;gBACrC,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC;gBAChC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC;gBACpE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;gBAC5B,UAAU,EAAE,GAAG,CAAC,GAAG,EAAE,aAAa,CAAC;gBACnC,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,CAAC,WAAW,KAAK,cAAc,EAAE,CAAC;YAC9C,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;YAC3B,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,SAAS,CAAC;YACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,SAAS,KAAK,IAAI,CAAC;YAC1C,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACjD,MAAM,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,GAAG,CAAC,MAA6C,CAAC;YACjE,OAAO,CAAC,eAAe;gBACrB,OAAO,GAAG,UAAU,IAAI,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,QAA4B;IACtD,IAAI,IAAI,GAAkB,IAAI,CAAC;IAC/B,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAI,IAAI,GAAG,QAAQ,EAAE,CAAC;YACpB,QAAQ,GAAG,IAAI,CAAC;YAChB,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAOD,gFAAgF;AAChF,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAE3C,iGAAiG;AACjG,MAAM,UAAU,cAAc,CAC5B,aAAqB,EACrB,KAAa,EACb,gBAAwB,wBAAwB;IAEhD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,aAAa,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC;IAC9E,OAAO,EAAE,KAAK,EAAE,OAAO,GAAG,aAAa,EAAE,OAAO,EAAE,CAAC;AACrD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,GAAkB,IAAI,CAAC;IACjC,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,SAAS;QACtC,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;YACtC,IAAI,MAAM,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,GAAG,MAAM;gBAAE,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAcD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,GAAgB;IAEhB,MAAM,IAAI,GAAG;QACX,MAAM;QACN,UAAU;QACV,GAAG,CAAC,OAAO;QACX,mBAAmB;QACnB,GAAG,CAAC,OAAO,CAAC,UAAU;QACtB,gBAAgB;QAChB,SAAS;QACT,QAAQ;QACR,eAAe;QACf,GAAG,CAAC,WAAW,IAAI,KAAK;KACzB,CAAC;IACF,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE;YACvD,OAAO,EAAE,GAAG,CAAC,SAAS,IAAI,OAAO;YACjC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,2EAA2E;QAC3E,+CAA+C;QAC/C,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,QAAQ,IAAI,GAAG,EAAE,CAAC;YACtD,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAE,GAA4B,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;YACpF,IAAI,OAAO,CAAC,WAAW;gBAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QAC9C,CAAC;QACD,OAAO;YACL,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;AACH,CAAC"}
|
|
1
|
+
{"version":3,"file":"bumblebee.js","sourceRoot":"","sources":["../src/bumblebee.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;GAWG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,oBAAoB,CAAC;AAC9C,OAAO,EAAE,SAAS,EAAE,MAAM,WAAW,CAAC;AACtC,OAAO,EAAE,UAAU,EAAE,MAAM,aAAa,CAAC;AACzC,OAAO,EACL,SAAS,EACT,QAAQ,EACR,KAAK,EACL,OAAO,EACP,EAAE,EACF,KAAK,EACL,MAAM,EACN,MAAM,EACN,OAAO,EACP,IAAI,GACL,MAAM,kBAAkB,CAAC;AAC1B,OAAO,EAAE,OAAO,EAAE,MAAM,SAAS,CAAC;AAClC,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAEjC,MAAM,IAAI,GAAG,SAAS,CAAC,QAAQ,CAAC,CAAC;AAEjC,yFAAyF;AACzF,MAAM,OAAO,cAAe,SAAQ,KAAK;IACvC,YAAY,OAAe;QACzB,KAAK,CAAC,OAAO,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,GAAG,gBAAgB,CAAC;IAC/B,CAAC;CACF;AAWD;;;GAGG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAG,OAAO,CAAC;AAEzC,MAAM,gBAAgB,GACpB,6DAA6D,CAAC;AAEhE;;;;;;GAMG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAA2B;IACvD,qCAAqC,EACnC,kEAAkE;IACpE,qCAAqC,EACnC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;IACpE,oCAAoC,EAClC,kEAAkE;CACrE,CAAC;AASF;;;GAGG;AACH,MAAM,UAAU,aAAa,CAC3B,WAA4B,OAAO,CAAC,QAAQ,EAC5C,OAAe,OAAO,CAAC,IAAI,EAC3B,UAAkB,iBAAiB;IAEnC,MAAM,EAAE,GACN,QAAQ,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC;IAC3E,MAAM,CAAC,GAAG,IAAI,KAAK,KAAK,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,KAAK,OAAO,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,CAAC;IACvE,IAAI,CAAC,EAAE,IAAI,CAAC,CAAC;QAAE,OAAO,IAAI,CAAC;IAE3B,MAAM,SAAS,GAAG,aAAa,OAAO,IAAI,EAAE,IAAI,CAAC,SAAS,CAAC;IAC3D,MAAM,QAAQ,GAAG,iBAAiB,CAAC,SAAS,CAAC,CAAC;IAC9C,IAAI,CAAC,QAAQ;QAAE,OAAO,IAAI,CAAC;IAE3B,OAAO,EAAE,EAAE,EAAE,IAAI,EAAE,CAAC,EAAE,SAAS,EAAE,QAAQ,EAAE,CAAC;AAC9C,CAAC;AAED,MAAM,UAAU,MAAM,CAAC,IAAyB;IAC9C,OAAO,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;AACzD,CAAC;AAED,gFAAgF;AAChF,KAAK,UAAU,UAAU,CAAC,QAAgB;IACxC,MAAM,EAAE,gBAAgB,EAAE,GAAG,MAAM,MAAM,CAAC,SAAS,CAAC,CAAC;IACrD,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC;IAClC,OAAO,IAAI,OAAO,CAAC,CAAC,WAAW,EAAE,MAAM,EAAE,EAAE;QACzC,MAAM,MAAM,GAAG,gBAAgB,CAAC,QAAQ,CAAC,CAAC;QAC1C,MAAM,CAAC,EAAE,CAAC,MAAM,EAAE,CAAC,KAAK,EAAE,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC;QACjD,MAAM,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;QACxD,MAAM,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;IAC7B,CAAC,CAAC,CAAC;AACL,CAAC;AAED,KAAK,UAAU,UAAU,CAAC,CAAS;IACjC,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,CAAC,CAAC,CAAC;QAChB,OAAO,IAAI,CAAC;IACd,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,KAAK,CAAC;IACf,CAAC;AACH,CAAC;AAED,SAAS,WAAW;IAClB,gFAAgF;IAChF,MAAM,QAAQ,GAAG,OAAO,CAAC,GAAG,CAAC,mBAAmB,CAAC;IACjD,OAAO,QAAQ,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,MAAM,EAAE,OAAO,EAAE,WAAW,CAAC,CAAC;AACpG,CAAC;AAED,SAAS,SAAS,CAAC,OAAO,GAAG,iBAAiB;IAC5C,OAAO,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC;AACtC,CAAC;AAED;;;;;;GAMG;AACH,MAAM,CAAC,KAAK,UAAU,mBAAmB;IACvC,MAAM,IAAI,GAAG,WAAW,EAAE,CAAC;IAC3B,IAAI,CAAC;QACH,MAAM,MAAM,CAAC,IAAI,CAAC,CAAC;IACrB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC;IAClC,CAAC;IACD,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IACjD,OAAO,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,EAAE,CAAC;AACjC,CAAC;AAkBD;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CACnC,OAAsB,EAAE;IAExB,mEAAmE;IACnE,MAAM,MAAM,GAAG,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC;IAC7C,IAAI,MAAM,EAAE,CAAC;QACX,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,MAAM,CAAC,CAAC,EAAE,CAAC;YAChC,OAAO;gBACL,IAAI,EAAE,QAAQ;gBACd,MAAM,EAAE,+CAA+C,MAAM,EAAE;aAChE,CAAC;QACJ,CAAC;QACD,MAAM,UAAU,GACd,OAAO,CAAC,GAAG,CAAC,qBAAqB,IAAI,IAAI,CAAC,SAAS,EAAE,EAAE,cAAc,CAAC,CAAC;QACzE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,UAAU,EAAE,EAAE,CAAC;IACtD,CAAC;IAED,MAAM,MAAM,GAAG,aAAa,EAAE,CAAC;IAC/B,IAAI,CAAC,MAAM,EAAE,CAAC;QACZ,OAAO;YACL,IAAI,EAAE,aAAa;YACnB,MAAM,EAAE,yBAAyB,OAAO,CAAC,QAAQ,IAAI,OAAO,CAAC,IAAI,gDAAgD;SAClH,CAAC;IACJ,CAAC;IAED,MAAM,IAAI,GAAG,SAAS,EAAE,CAAC;IACzB,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;IACxC,MAAM,UAAU,GAAG,IAAI,CAAC,IAAI,EAAE,cAAc,CAAC,CAAC;IAE9C,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,kBAAkB,CAAC,CAAC;IACnD,IAAI,CAAC,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,UAAU,CAAC,CAAC,IAAI,CAAC,MAAM,UAAU,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC;QACrG,wEAAwE;QACxE,mEAAmE;QACnE,2EAA2E;QAC3E,sEAAsE;QACtE,uEAAuE;QACvE,4EAA4E;QAC5E,uEAAuE;QACvE,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,CAAC,MAAM,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAC9D,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,CAAC;YACzC,IAAI,MAAM,KAAK,QAAQ,EAAE,CAAC;gBACxB,OAAO;oBACL,IAAI,EAAE,WAAW;oBACjB,MAAM,EAAE,6CAA6C,QAAQ,SAAS,MAAM,2CAA2C;iBACxH,CAAC;YACJ,CAAC;QACH,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,OAAO;gBACL,IAAI,EAAE,WAAW;gBACjB,MAAM,EAAE,+CAA+C,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;aAC1G,CAAC;QACJ,CAAC;QACD,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IACD,gFAAgF;IAChF,qEAAqE;IAErE,IAAI,IAAI,CAAC,aAAa,KAAK,KAAK,EAAE,CAAC;QACjC,OAAO;YACL,IAAI,EAAE,SAAS;YACf,MAAM,EACJ,iEAAiE;SACpE,CAAC;IACJ,CAAC;IAED,IAAI,CAAC;QACH,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,IAAI,CAAC,CAAC,CAAS,EAAE,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,GAAG,IAAI,CAAC,CAAC,CAAC;QAC9E,MAAM,CACJ,oDAAoD,iBAAiB,cAAc,CACpF,CAAC;QACF,MAAM,kBAAkB,CAAC,MAAM,EAAE,IAAI,EAAE,IAAI,CAAC,SAAS,IAAI,OAAO,CAAC,CAAC;QAClE,OAAO,EAAE,OAAO,EAAE,EAAE,OAAO,EAAE,UAAU,EAAE,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,6EAA6E;QAC7E,+EAA+E;QAC/E,MAAM,WAAW,GAAG,GAAG,YAAY,cAAc,CAAC;QAClD,OAAO;YACL,IAAI,EAAE,WAAW,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,SAAS;YAC3C,MAAM,EAAE,GAAG,WAAW,CAAC,CAAC,CAAC,wBAAwB,CAAC,CAAC,CAAC,iBAAiB,KAAK,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;SAC7H,CAAC;IACJ,CAAC;AACH,CAAC;AAED,KAAK,UAAU,kBAAkB,CAC/B,MAAsB,EACtB,IAAY,EACZ,SAAiB;IAEjB,MAAM,GAAG,GAAG,GAAG,gBAAgB,KAAK,iBAAiB,IAAI,MAAM,CAAC,SAAS,EAAE,CAAC;IAE5E,MAAM,UAAU,GAAG,IAAI,eAAe,EAAE,CAAC;IACzC,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,EAAE,CAAC,UAAU,CAAC,KAAK,EAAE,EAAE,SAAS,CAAC,CAAC;IAC9D,IAAI,GAAW,CAAC;IAChB,IAAI,CAAC;QACH,MAAM,GAAG,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,MAAM,EAAE,UAAU,CAAC,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC,CAAC;QAChF,IAAI,CAAC,GAAG,CAAC,EAAE,EAAE,CAAC;YACZ,MAAM,IAAI,KAAK,CAAC,QAAQ,GAAG,CAAC,MAAM,aAAa,GAAG,EAAE,CAAC,CAAC;QACxD,CAAC;QACD,0EAA0E;QAC1E,kEAAkE;QAClE,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,UAAU,CAAC,QAAQ,CAAC,EAAE,CAAC;YAClC,MAAM,IAAI,KAAK,CAAC,oDAAoD,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;QACjF,CAAC;QACD,GAAG,GAAG,MAAM,CAAC,IAAI,CAAC,MAAM,GAAG,CAAC,WAAW,EAAE,CAAC,CAAC;IAC7C,CAAC;YAAS,CAAC;QACT,YAAY,CAAC,KAAK,CAAC,CAAC;IACtB,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,CAAC,GAAG,CAAC,CAAC;IAC3B,IAAI,MAAM,KAAK,MAAM,CAAC,QAAQ,EAAE,CAAC;QAC/B,MAAM,IAAI,cAAc,CACtB,yBAAyB,MAAM,CAAC,SAAS,cAAc,MAAM,CAAC,QAAQ,SAAS,MAAM,EAAE,CACxF,CAAC;IACJ,CAAC;IAED,yEAAyE;IACzE,4EAA4E;IAC5E,8CAA8C;IAC9C,MAAM,KAAK,CAAC,WAAW,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IAChD,MAAM,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,WAAW,EAAE,EAAE,OAAO,CAAC,CAAC,CAAC;IAC5D,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,SAAS,CAAC,CAAC;QAChD,MAAM,SAAS,CAAC,OAAO,EAAE,GAAG,CAAC,CAAC;QAC9B,oFAAoF;QACpF,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;QAEzE,MAAM,SAAS,GAAG,IAAI,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;QAC7C,MAAM,aAAa,GAAG,IAAI,CAAC,OAAO,EAAE,cAAc,CAAC,CAAC;QACpD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,SAAS,CAAC,CAAC,EAAE,CAAC;YACnC,MAAM,IAAI,KAAK,CAAC,mDAAmD,CAAC,CAAC;QACvE,CAAC;QACD,IAAI,CAAC,CAAC,MAAM,UAAU,CAAC,aAAa,CAAC,CAAC,EAAE,CAAC;YACvC,MAAM,IAAI,KAAK,CAAC,oDAAoD,CAAC,CAAC;QACxE,CAAC;QACD,MAAM,KAAK,CAAC,SAAS,EAAE,KAAK,CAAC,CAAC;QAC9B,2EAA2E;QAC3E,2EAA2E;QAC3E,wEAAwE;QACxE,yCAAyC;QACzC,MAAM,SAAS,CAAC,IAAI,CAAC,OAAO,EAAE,kBAAkB,CAAC,EAAE,GAAG,MAAM,UAAU,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC;QACvF,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAEnC,MAAM,EAAE,CAAC,IAAI,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QACjD,MAAM,MAAM,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC9B,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,KAAK,CAAC,GAAG,EAAE,GAAE,CAAC,CAAC,CAAC;QACpE,MAAM,GAAG,CAAC;IACZ,CAAC;AACH,CAAC;AAuBD,SAAS,GAAG,CAAC,GAA4B,EAAE,GAAW;IACpD,MAAM,CAAC,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;IACnB,OAAO,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;AACxC,CAAC;AAED,SAAS,GAAG,CAAC,CAAU;IACrB,OAAO,OAAO,CAAC,KAAK,QAAQ,IAAI,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC7D,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,eAAe,CAAC,MAAc;IAC5C,MAAM,OAAO,GAAgB;QAC3B,MAAM,EAAE,SAAS;QACjB,QAAQ,EAAE,KAAK;QACf,WAAW,EAAE,KAAK;QAClB,QAAQ,EAAE,EAAE;QACZ,eAAe,EAAE,CAAC;KACnB,CAAC;IAEF,KAAK,MAAM,IAAI,IAAI,MAAM,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;QAC5B,IAAI,CAAC,OAAO;YAAE,SAAS;QAEvB,IAAI,GAA4B,CAAC;QACjC,IAAI,CAAC;YACH,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAA4B,CAAC;QACvD,CAAC;QAAC,MAAM,CAAC;YACP,SAAS;QACX,CAAC;QAED,IAAI,GAAG,CAAC,WAAW,KAAK,SAAS,EAAE,CAAC;YAClC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC;gBACpB,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC,IAAI,SAAS;gBAC3C,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,YAAY,CAAC;gBACjC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC;gBACrC,SAAS,EAAE,GAAG,CAAC,GAAG,EAAE,WAAW,CAAC;gBAChC,WAAW,EAAE,GAAG,CAAC,GAAG,EAAE,cAAc,CAAC,IAAI,GAAG,CAAC,GAAG,EAAE,iBAAiB,CAAC;gBACpE,OAAO,EAAE,GAAG,CAAC,GAAG,EAAE,SAAS,CAAC;gBAC5B,UAAU,EAAE,GAAG,CAAC,GAAG,EAAE,aAAa,CAAC;gBACnC,QAAQ,EAAE,GAAG,CAAC,GAAG,EAAE,UAAU,CAAC;aAC/B,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,GAAG,CAAC,WAAW,KAAK,cAAc,EAAE,CAAC;YAC9C,OAAO,CAAC,WAAW,GAAG,IAAI,CAAC;YAC3B,OAAO,CAAC,MAAM,GAAG,GAAG,CAAC,GAAG,EAAE,QAAQ,CAAC,IAAI,SAAS,CAAC;YACjD,OAAO,CAAC,QAAQ,GAAG,GAAG,CAAC,SAAS,KAAK,IAAI,CAAC;YAC1C,MAAM,OAAO,GAAG,GAAG,CAAC,GAAG,CAAC,uBAAuB,CAAC,CAAC;YACjD,MAAM,UAAU,GAAG,GAAG,CAAC,GAAG,CAAC,0BAA0B,CAAC,CAAC;YACvD,MAAM,MAAM,GAAG,GAAG,CAAC,MAA6C,CAAC;YACjE,OAAO,CAAC,eAAe;gBACrB,OAAO,GAAG,UAAU,IAAI,GAAG,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;QACjD,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,MAAM,aAAa,GAA2B;IAC5C,QAAQ,EAAE,CAAC;IACX,IAAI,EAAE,CAAC;IACP,MAAM,EAAE,CAAC;IACT,GAAG,EAAE,CAAC;CACP,CAAC;AAEF;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,QAA4B;IACtD,IAAI,IAAI,GAAkB,IAAI,CAAC;IAC/B,IAAI,QAAQ,GAAG,CAAC,CAAC,CAAC;IAClB,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,IAAI,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,CAAC,IAAI,CAAC,CAAC;QAC1D,IAAI,IAAI,GAAG,QAAQ,EAAE,CAAC;YACpB,QAAQ,GAAG,IAAI,CAAC;YAChB,IAAI,GAAG,CAAC,CAAC,QAAQ,CAAC;QACpB,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAOD,gFAAgF;AAChF,MAAM,CAAC,MAAM,wBAAwB,GAAG,EAAE,CAAC;AAE3C,iGAAiG;AACjG,MAAM,UAAU,cAAc,CAC5B,aAAqB,EACrB,KAAa,EACb,gBAAwB,wBAAwB;IAEhD,MAAM,OAAO,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC,KAAK,GAAG,aAAa,CAAC,GAAG,UAAU,CAAC,CAAC,CAAC;IAC9E,OAAO,EAAE,KAAK,EAAE,OAAO,GAAG,aAAa,EAAE,OAAO,EAAE,CAAC;AACrD,CAAC;AAED;;;;GAIG;AACH,MAAM,CAAC,KAAK,UAAU,kBAAkB,CAAC,GAAW;IAClD,IAAI,OAAiB,CAAC;IACtB,IAAI,CAAC;QACH,OAAO,GAAG,MAAM,OAAO,CAAC,GAAG,CAAC,CAAC;IAC/B,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;IACD,IAAI,MAAM,GAAkB,IAAI,CAAC;IACjC,KAAK,MAAM,IAAI,IAAI,OAAO,EAAE,CAAC;QAC3B,IAAI,CAAC,IAAI,CAAC,QAAQ,CAAC,OAAO,CAAC;YAAE,SAAS;QACtC,IAAI,CAAC;YACH,MAAM,CAAC,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,IAAI,CAAC,CAAC,CAAC;YACtC,IAAI,MAAM,KAAK,IAAI,IAAI,CAAC,CAAC,OAAO,GAAG,MAAM;gBAAE,MAAM,GAAG,CAAC,CAAC,OAAO,CAAC;QAChE,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC;AAcD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,OAAO,CAC3B,GAAgB;IAEhB,MAAM,IAAI,GAAG;QACX,MAAM;QACN,UAAU;QACV,GAAG,CAAC,OAAO;QACX,mBAAmB;QACnB,GAAG,CAAC,OAAO,CAAC,UAAU;QACtB,gBAAgB;QAChB,SAAS;QACT,QAAQ;QACR,eAAe;QACf,GAAG,CAAC,WAAW,IAAI,KAAK;KACzB,CAAC;IACF,KAAK,MAAM,IAAI,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;QAC7B,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,IAAI,CAAC,CAAC;IAC3B,CAAC;IAED,IAAI,CAAC;QACH,MAAM,EAAE,MAAM,EAAE,GAAG,MAAM,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,OAAO,EAAE,IAAI,EAAE;YACvD,OAAO,EAAE,GAAG,CAAC,SAAS,IAAI,OAAO;YACjC,SAAS,EAAE,EAAE,GAAG,IAAI,GAAG,IAAI;SAC5B,CAAC,CAAC;QACH,OAAO,EAAE,OAAO,EAAE,eAAe,CAAC,MAAM,CAAC,EAAE,CAAC;IAC9C,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,2EAA2E;QAC3E,+CAA+C;QAC/C,IAAI,GAAG,IAAI,OAAO,GAAG,KAAK,QAAQ,IAAI,QAAQ,IAAI,GAAG,EAAE,CAAC;YACtD,MAAM,OAAO,GAAG,eAAe,CAAC,MAAM,CAAE,GAA4B,CAAC,MAAM,IAAI,EAAE,CAAC,CAAC,CAAC;YACpF,IAAI,OAAO,CAAC,WAAW;gBAAE,OAAO,EAAE,OAAO,EAAE,CAAC;QAC9C,CAAC;QACD,OAAO;YACL,KAAK,EAAE,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC;SACxD,CAAC;IACJ,CAAC;AACH,CAAC"}
|
package/dist/cli.js
CHANGED
|
@@ -8,6 +8,7 @@ import { checkTools } from "./check-tools.js";
|
|
|
8
8
|
import { checkServices } from "./check-services.js";
|
|
9
9
|
import { checkSecrets } from "./check-secrets.js";
|
|
10
10
|
import { checkSecurity } from "./check-security.js";
|
|
11
|
+
import { syncSecurityFindings } from "./findings-track.js";
|
|
11
12
|
import { checkWebSearch } from "./check-web-search.js";
|
|
12
13
|
import { installTools } from "./install.js";
|
|
13
14
|
import { loginServices } from "./login.js";
|
|
@@ -79,6 +80,60 @@ import { parsePkgSpec, installPkg } from "./pkg.js";
|
|
|
79
80
|
import { cmdMemory } from "./commands/memory.js";
|
|
80
81
|
const __dirname = dirname(fileURLToPath(import.meta.url));
|
|
81
82
|
const KIT_VERSION = JSON.parse(readFileSync(join(__dirname, "..", "package.json"), "utf-8")).version;
|
|
83
|
+
/** Map a security finding to a short, actionable PAL title/detail. */
|
|
84
|
+
async function cmdHeal() {
|
|
85
|
+
const dryRun = hasFlag(process.argv, "--dry-run");
|
|
86
|
+
const agent = hasFlag(process.argv, "--agent");
|
|
87
|
+
console.log(`${c.bold}${c.cyan}kit heal${c.reset}${dryRun ? `${c.dim} (dry-run)${c.reset}` : ""}`);
|
|
88
|
+
console.log(`${c.dim}${"─".repeat(50)}${c.reset}\n`);
|
|
89
|
+
const { runHeal } = await import("./heal.js");
|
|
90
|
+
const res = await runHeal({ dryRun });
|
|
91
|
+
if (dryRun) {
|
|
92
|
+
if (res.plannedSafe.length > 0) {
|
|
93
|
+
console.log(`${c.bold}Would auto-fix (safe):${c.reset}`);
|
|
94
|
+
for (const k of res.plannedSafe)
|
|
95
|
+
console.log(` ${c.green}✓${c.reset} ${k}`);
|
|
96
|
+
}
|
|
97
|
+
else {
|
|
98
|
+
console.log(`${c.dim}Nothing to auto-fix.${c.reset}`);
|
|
99
|
+
}
|
|
100
|
+
}
|
|
101
|
+
else if (res.healed.length > 0) {
|
|
102
|
+
console.log(`${c.green}${c.bold}Healed ${res.healed.length}:${c.reset}`);
|
|
103
|
+
for (const k of res.healed)
|
|
104
|
+
console.log(` ${c.green}✓${c.reset} ${k}`);
|
|
105
|
+
}
|
|
106
|
+
// FAIL-CLOSED — loud, never auto-healed.
|
|
107
|
+
if (res.failClosed.length > 0) {
|
|
108
|
+
console.log(`\n${c.red}${c.bold}⚠ FAIL-CLOSED — not auto-healed (possible tampering):${c.reset}`);
|
|
109
|
+
for (const r of res.failClosed) {
|
|
110
|
+
console.log(` ${c.red}✗${c.reset} ${r.name}: ${r.detail}`);
|
|
111
|
+
if (r.suggestion)
|
|
112
|
+
console.log(` ${c.dim}${r.suggestion}${c.reset}`);
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
// GATED — proposed, never auto-run by kit.
|
|
116
|
+
if (res.gated.length > 0) {
|
|
117
|
+
console.log(`\n${c.yellow}${c.bold}Gated — needs you (kit won't auto-run these):${c.reset}`);
|
|
118
|
+
for (const g of res.gated) {
|
|
119
|
+
console.log(` ${c.yellow}!${c.reset} ${g.name}: ${g.issue}`);
|
|
120
|
+
console.log(` ${c.dim}→ ${g.action}${c.reset}`);
|
|
121
|
+
}
|
|
122
|
+
if (agent) {
|
|
123
|
+
console.log(`\n${c.dim}# agent: each command below still hits the elevation gate + audit log${c.reset}`);
|
|
124
|
+
for (const g of res.gated)
|
|
125
|
+
console.log(g.action);
|
|
126
|
+
}
|
|
127
|
+
}
|
|
128
|
+
const green = res.failClosed.length === 0 && res.gated.length === 0;
|
|
129
|
+
console.log();
|
|
130
|
+
if (!dryRun) {
|
|
131
|
+
console.log(green
|
|
132
|
+
? `${c.green}${c.bold}All findings healed or clean ✓${c.reset}`
|
|
133
|
+
: `${c.yellow}Auto-heal done; items above need you.${c.reset}`);
|
|
134
|
+
}
|
|
135
|
+
return green;
|
|
136
|
+
}
|
|
82
137
|
async function cmdCheck() {
|
|
83
138
|
const jsonMode = hasFlag(process.argv, "--json");
|
|
84
139
|
const enforceTests = hasFlag(process.argv, "--enforce-tests");
|
|
@@ -134,6 +189,19 @@ async function cmdCheck() {
|
|
|
134
189
|
securityOk &&
|
|
135
190
|
testsOk &&
|
|
136
191
|
lockOk;
|
|
192
|
+
// Track security findings in the PAL ledger (cross-session reminders +
|
|
193
|
+
// auto-close on a clean re-scan). Opt out with [memory] track_findings = false.
|
|
194
|
+
if (config.memory?.track_findings !== false) {
|
|
195
|
+
const r = await syncSecurityFindings(securityResults);
|
|
196
|
+
if (!jsonMode && r && (r.added || r.closed.length || r.reopened)) {
|
|
197
|
+
const parts = [`+${r.added} tracked`];
|
|
198
|
+
if (r.reopened)
|
|
199
|
+
parts.push(`${r.reopened} reopened`);
|
|
200
|
+
if (r.closed.length)
|
|
201
|
+
parts.push(`−${r.closed.length} auto-closed`);
|
|
202
|
+
console.log(`${c.dim}PAL: ${parts.join(" · ")}${c.reset}`);
|
|
203
|
+
}
|
|
204
|
+
}
|
|
137
205
|
if (jsonMode) {
|
|
138
206
|
const checks = [
|
|
139
207
|
...toolResults.map((t) => ({
|
|
@@ -3246,6 +3314,7 @@ const COMMAND_HELP = {
|
|
|
3246
3314
|
setup: "Full pipeline: install → login → secrets → agent config → verify",
|
|
3247
3315
|
"setup --recommended": "Opinionated profile: setup + memory hooks + git secret-scan/context-check gates",
|
|
3248
3316
|
fix: "Auto-fix what is possible",
|
|
3317
|
+
heal: "Loop: auto-fix safe findings, re-scan until green; gate destructive, fail-closed on tamper (--dry-run, --agent)",
|
|
3249
3318
|
escalate: "List what needs human action",
|
|
3250
3319
|
governance: "View governance status and agent access controls",
|
|
3251
3320
|
skills: "Check status of agent skills",
|
|
@@ -3779,6 +3848,7 @@ async function main() {
|
|
|
3779
3848
|
setup: cmdSetup,
|
|
3780
3849
|
skills: cmdSkills,
|
|
3781
3850
|
fix: cmdFix,
|
|
3851
|
+
heal: cmdHeal,
|
|
3782
3852
|
escalate: cmdEscalate,
|
|
3783
3853
|
governance: cmdGovernance,
|
|
3784
3854
|
"agent-config": cmdAgentConfig,
|