shieldcortex 2.17.1 → 2.19.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -24
- package/dashboard/.next/standalone/dashboard/.next/BUILD_ID +1 -1
- package/dashboard/.next/standalone/dashboard/.next/build-manifest.json +2 -2
- package/dashboard/.next/standalone/dashboard/.next/prerender-manifest.json +3 -3
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.html +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_full.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_index.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_global-error.segments/_tree.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_full.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_index.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_not-found/__PAGE__.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_not-found.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/_not-found.segments/_tree.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.rsc +3 -3
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/__PAGE__.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_full.segment.rsc +3 -3
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_head.segment.rsc +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_index.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/index.segments/_tree.segment.rsc +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/app/page_client-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/chunks/ssr/dashboard_25b1b286._.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/pages/404.html +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/pages/500.html +2 -2
- package/dashboard/.next/standalone/dashboard/.next/server/server-reference-manifest.js +1 -1
- package/dashboard/.next/standalone/dashboard/.next/server/server-reference-manifest.json +1 -1
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/1a71c9a52f0c9b16.css +3 -0
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/6bf7d89d34068ecb.js +9 -0
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/d0dcb5e0e04ae015.js +1 -0
- package/dashboard/.next/standalone/dashboard/package.json +1 -1
- package/dist/api/visualization-server.d.ts.map +1 -1
- package/dist/api/visualization-server.js +306 -0
- package/dist/api/visualization-server.js.map +1 -1
- package/dist/cloud/config.d.ts +13 -1
- package/dist/cloud/config.d.ts.map +1 -1
- package/dist/cloud/config.js +28 -3
- package/dist/cloud/config.js.map +1 -1
- package/dist/database/init.d.ts.map +1 -1
- package/dist/database/init.js +77 -0
- package/dist/database/init.js.map +1 -1
- package/dist/defence/__tests__/tool-response-scanner.test.d.ts +8 -0
- package/dist/defence/__tests__/tool-response-scanner.test.d.ts.map +1 -0
- package/dist/defence/__tests__/tool-response-scanner.test.js +106 -0
- package/dist/defence/__tests__/tool-response-scanner.test.js.map +1 -0
- package/dist/defence/audit/export.d.ts +6 -0
- package/dist/defence/audit/export.d.ts.map +1 -0
- package/dist/defence/audit/export.js +43 -0
- package/dist/defence/audit/export.js.map +1 -0
- package/dist/defence/custom-patterns/store.d.ts +52 -0
- package/dist/defence/custom-patterns/store.d.ts.map +1 -0
- package/dist/defence/custom-patterns/store.js +108 -0
- package/dist/defence/custom-patterns/store.js.map +1 -0
- package/dist/defence/custom-rules/store.d.ts +36 -0
- package/dist/defence/custom-rules/store.d.ts.map +1 -0
- package/dist/defence/custom-rules/store.js +57 -0
- package/dist/defence/custom-rules/store.js.map +1 -0
- package/dist/defence/iron-dome/custom-policies.d.ts +31 -0
- package/dist/defence/iron-dome/custom-policies.d.ts.map +1 -0
- package/dist/defence/iron-dome/custom-policies.js +79 -0
- package/dist/defence/iron-dome/custom-policies.js.map +1 -0
- package/dist/defence/iron-dome/index.d.ts +5 -5
- package/dist/defence/iron-dome/index.d.ts.map +1 -1
- package/dist/defence/iron-dome/index.js +55 -6
- package/dist/defence/iron-dome/index.js.map +1 -1
- package/dist/defence/pipeline.d.ts.map +1 -1
- package/dist/defence/pipeline.js +82 -6
- package/dist/defence/pipeline.js.map +1 -1
- package/dist/defence/skill-scanner/deep-scan.d.ts +30 -0
- package/dist/defence/skill-scanner/deep-scan.d.ts.map +1 -0
- package/dist/defence/skill-scanner/deep-scan.js +112 -0
- package/dist/defence/skill-scanner/deep-scan.js.map +1 -0
- package/dist/defence/tool-response-scanner.d.ts +23 -0
- package/dist/defence/tool-response-scanner.d.ts.map +1 -0
- package/dist/defence/tool-response-scanner.js +157 -0
- package/dist/defence/tool-response-scanner.js.map +1 -0
- package/dist/defence/trust/source-scorer.d.ts.map +1 -1
- package/dist/defence/trust/source-scorer.js +2 -1
- package/dist/defence/trust/source-scorer.js.map +1 -1
- package/dist/defence/types.d.ts +13 -2
- package/dist/defence/types.d.ts.map +1 -1
- package/dist/defence/types.js.map +1 -1
- package/dist/index.d.ts +3 -0
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +9 -0
- package/dist/index.js.map +1 -1
- package/dist/lib.d.ts +4 -0
- package/dist/lib.d.ts.map +1 -1
- package/dist/lib.js +4 -0
- package/dist/lib.js.map +1 -1
- package/dist/license/__tests__/feature-gating.test.d.ts +10 -0
- package/dist/license/__tests__/feature-gating.test.d.ts.map +1 -0
- package/dist/license/__tests__/feature-gating.test.js +188 -0
- package/dist/license/__tests__/feature-gating.test.js.map +1 -0
- package/dist/license/cli.d.ts +9 -0
- package/dist/license/cli.d.ts.map +1 -0
- package/dist/license/cli.js +141 -0
- package/dist/license/cli.js.map +1 -0
- package/dist/license/gate.d.ts +38 -0
- package/dist/license/gate.d.ts.map +1 -0
- package/dist/license/gate.js +84 -0
- package/dist/license/gate.js.map +1 -0
- package/dist/license/index.d.ts +13 -0
- package/dist/license/index.d.ts.map +1 -0
- package/dist/license/index.js +12 -0
- package/dist/license/index.js.map +1 -0
- package/dist/license/keys.d.ts +50 -0
- package/dist/license/keys.d.ts.map +1 -0
- package/dist/license/keys.js +30 -0
- package/dist/license/keys.js.map +1 -0
- package/dist/license/store.d.ts +45 -0
- package/dist/license/store.d.ts.map +1 -0
- package/dist/license/store.js +148 -0
- package/dist/license/store.js.map +1 -0
- package/dist/license/types.d.ts +16 -0
- package/dist/license/types.d.ts.map +1 -0
- package/dist/license/types.js +6 -0
- package/dist/license/types.js.map +1 -0
- package/dist/license/validate.d.ts +24 -0
- package/dist/license/validate.d.ts.map +1 -0
- package/dist/license/validate.js +86 -0
- package/dist/license/validate.js.map +1 -0
- package/dist/license/verify.d.ts +18 -0
- package/dist/license/verify.d.ts.map +1 -0
- package/dist/license/verify.js +126 -0
- package/dist/license/verify.js.map +1 -0
- package/dist/memory/store.d.ts.map +1 -1
- package/dist/memory/store.js +18 -16
- package/dist/memory/store.js.map +1 -1
- package/dist/server.d.ts.map +1 -1
- package/dist/server.js +99 -16
- package/dist/server.js.map +1 -1
- package/dist/tools/context.d.ts +5 -5
- package/dist/tools/context.d.ts.map +1 -1
- package/dist/tools/context.js +3 -1
- package/dist/tools/context.js.map +1 -1
- package/dist/tools/forget.d.ts +5 -5
- package/dist/tools/forget.js +1 -1
- package/dist/tools/forget.js.map +1 -1
- package/dist/tools/recall.d.ts +10 -10
- package/dist/tools/recall.js +1 -1
- package/dist/tools/recall.js.map +1 -1
- package/dist/tools/remember.d.ts +7 -7
- package/dist/tools/remember.js +1 -1
- package/dist/tools/remember.js.map +1 -1
- package/dist/worker/brain-worker.d.ts.map +1 -1
- package/dist/worker/brain-worker.js +25 -18
- package/dist/worker/brain-worker.js.map +1 -1
- package/hooks/openclaw/cortex-memory/HOOK.md +7 -7
- package/hooks/openclaw/cortex-memory/handler.ts +1 -1
- package/package.json +2 -1
- package/plugins/openclaw/README.md +8 -8
- package/plugins/openclaw/index.ts +1 -1
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/42d01b77019fd208.js +0 -1
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/61a3c89b08347bc2.js +0 -9
- package/dashboard/.next/standalone/dashboard/.next/static/chunks/c252c4de65df6d09.css +0 -3
- /package/dashboard/.next/standalone/dashboard/.next/static/{H-BGC5Yp6YmPEZGryV6bd → OfvwyqIJFP9N3Qdb23S-6}/_buildManifest.js +0 -0
- /package/dashboard/.next/standalone/dashboard/.next/static/{H-BGC5Yp6YmPEZGryV6bd → OfvwyqIJFP9N3Qdb23S-6}/_clientMiddlewareManifest.json +0 -0
- /package/dashboard/.next/standalone/dashboard/.next/static/{H-BGC5Yp6YmPEZGryV6bd → OfvwyqIJFP9N3Qdb23S-6}/_ssgManifest.js +0 -0
|
@@ -43,13 +43,13 @@ export declare function getIronDomeStatus(): {
|
|
|
43
43
|
externalPatterns?: number;
|
|
44
44
|
};
|
|
45
45
|
/**
|
|
46
|
-
* Get the effective Iron Dome configuration, merging
|
|
46
|
+
* Get the effective Iron Dome configuration, merging policy overrides.
|
|
47
47
|
*
|
|
48
|
-
* Priority: local enabled flag > cloud policy overrides > base profile defaults
|
|
48
|
+
* Priority: local enabled flag > local custom policy (if active) > cloud policy overrides > base profile defaults
|
|
49
49
|
*
|
|
50
|
-
* If
|
|
51
|
-
*
|
|
52
|
-
*
|
|
50
|
+
* If a local custom policy is active (dashboard-managed, SQLite), it takes
|
|
51
|
+
* precedence over cloud policies. Otherwise falls through to cloud policy
|
|
52
|
+
* overrides, then built-in profile defaults.
|
|
53
53
|
*/
|
|
54
54
|
export declare function getEffectiveIronDomeConfig(): IronDomeConfig;
|
|
55
55
|
/**
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/defence/iron-dome/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,qBAAqB,EAAE,4BAA4B,EAAE,MAAM,aAAa,CAAC;AAExH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/defence/iron-dome/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,qBAAqB,EAAE,4BAA4B,EAAE,MAAM,aAAa,CAAC;AAExH,OAAO,KAAK,EAAE,gBAAgB,EAAE,MAAM,wBAAwB,CAAC;AAU/D,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAC3E,YAAY,EAAE,cAAc,EAAE,eAAe,EAAE,gBAAgB,EAAE,4BAA4B,EAAE,4BAA4B,EAAE,qBAAqB,EAAE,MAAM,aAAa,CAAC;AAExK,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAC/H,YAAY,EAAE,gBAAgB,EAAE,kBAAkB,EAAE,MAAM,wBAAwB,CAAC;AAGnF,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AACxG,YAAY,EAAE,mBAAmB,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,wBAAwB,CAAC;AAE5H,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AACjE,YAAY,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AAElD,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AACnD,YAAY,EAAE,gBAAgB,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEzE,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAC1C,YAAY,EAAE,cAAc,EAAE,YAAY,EAAE,MAAM,gBAAgB,CAAC;AAEnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AACpD,YAAY,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAEzD,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,YAAY,EAAE,kBAAkB,EAAE,MAAM,YAAY,CAAC;AA4DrD;;GAEG;AACH,wBAAgB,gBAAgB,CAAC,OAAO,CAAC,EAAE,eAAe,GAAG,cAAc,CAyB1E;AAED;;GAEG;AACH,wBAAgB,kBAAkB,IAAI,IAAI,CASzC;AAED;;GAEG;AACH,wBAAgB,iBAAiB,IAAI;IACnC,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,cAAc,CAAC;IACvB,OAAO,CAAC,EAAE,eAAe,CAAC;IAC1B,WAAW,CAAC,EAAE,OAAO,CAAC;IACtB,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B,CAWA;AAED;;;;;;;;GAQG;AACH,wBAAgB,0BAA0B,IAAI,cAAc,CA4G3D;AAID;;GAEG;AACH,wBAAgB,gCAAgC,IAAI,4BAA4B,CAI/E;AAED;;GAEG;AACH,wBAAgB,wBAAwB,IAAI,qBAAqB,CAGhE;AAED;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,MAAM,EAAE,MAAM,EAAE,IAAI,EAAE,gBAAgB,GAAG,IAAI,CAyBnF;AAED;;;GAGG;AACH,wBAAgB,0BAA0B,CAAC,MAAM,EAAE,MAAM,GAAG,OAAO,CA8BlE"}
|
|
@@ -10,7 +10,9 @@ import { getDatabase } from '../../database/init.js';
|
|
|
10
10
|
import { DEFAULT_IRON_DOME_CONFIG, IRON_DOME_PROFILES } from './config.js';
|
|
11
11
|
import { mergeConfirmationProtocol } from './confirmation-gate.js';
|
|
12
12
|
import { logIronDomeAudit } from './audit.js';
|
|
13
|
+
import { isFeatureEnabled } from '../../license/gate.js';
|
|
13
14
|
import { getCloudIronDomeCache } from '../../cloud/iron-dome-sync.js';
|
|
15
|
+
import { isDatabaseInitialized } from '../../database/init.js';
|
|
14
16
|
// ── Re-exports ──
|
|
15
17
|
export { DEFAULT_IRON_DOME_CONFIG, IRON_DOME_PROFILES } from './config.js';
|
|
16
18
|
export { classifyAction, requiresConfirmation, requiresAnnouncement, mergeConfirmationProtocol } from './confirmation-gate.js';
|
|
@@ -130,19 +132,66 @@ export function getIronDomeStatus() {
|
|
|
130
132
|
};
|
|
131
133
|
}
|
|
132
134
|
/**
|
|
133
|
-
* Get the effective Iron Dome configuration, merging
|
|
135
|
+
* Get the effective Iron Dome configuration, merging policy overrides.
|
|
134
136
|
*
|
|
135
|
-
* Priority: local enabled flag > cloud policy overrides > base profile defaults
|
|
137
|
+
* Priority: local enabled flag > local custom policy (if active) > cloud policy overrides > base profile defaults
|
|
136
138
|
*
|
|
137
|
-
* If
|
|
138
|
-
*
|
|
139
|
-
*
|
|
139
|
+
* If a local custom policy is active (dashboard-managed, SQLite), it takes
|
|
140
|
+
* precedence over cloud policies. Otherwise falls through to cloud policy
|
|
141
|
+
* overrides, then built-in profile defaults.
|
|
140
142
|
*/
|
|
141
143
|
export function getEffectiveIronDomeConfig() {
|
|
142
144
|
const localConfig = loadConfig();
|
|
143
|
-
// If Iron Dome isn't enabled locally, don't apply
|
|
145
|
+
// If Iron Dome isn't enabled locally, don't apply any overrides
|
|
144
146
|
if (!localConfig.enabled)
|
|
145
147
|
return localConfig;
|
|
148
|
+
// Custom policies require a Pro licence — return local config
|
|
149
|
+
// (which uses built-in profiles) unchanged for free users
|
|
150
|
+
if (!isFeatureEnabled('custom_iron_dome_policies'))
|
|
151
|
+
return localConfig;
|
|
152
|
+
// Check for active local custom policy (takes precedence over cloud)
|
|
153
|
+
if (isDatabaseInitialized()) {
|
|
154
|
+
try {
|
|
155
|
+
const { getActiveIronDomePolicy } = require('./custom-policies.js');
|
|
156
|
+
const activePolicy = getActiveIronDomePolicy();
|
|
157
|
+
if (activePolicy) {
|
|
158
|
+
const policyConfig = JSON.parse(activePolicy.config);
|
|
159
|
+
// Use the custom policy's base profile, fall back to local
|
|
160
|
+
const profileKey = policyConfig.baseProfile;
|
|
161
|
+
const baseProfile = profileKey ? IRON_DOME_PROFILES[profileKey] : null;
|
|
162
|
+
const merged = {
|
|
163
|
+
...(baseProfile ?? localConfig),
|
|
164
|
+
enabled: true,
|
|
165
|
+
};
|
|
166
|
+
// Apply policy config overrides
|
|
167
|
+
if (policyConfig.trustedChannels && Array.isArray(policyConfig.trustedChannels)) {
|
|
168
|
+
merged.trustedChannels = policyConfig.trustedChannels;
|
|
169
|
+
}
|
|
170
|
+
if (typeof policyConfig.killPhrase === 'string') {
|
|
171
|
+
merged.killPhrase = policyConfig.killPhrase;
|
|
172
|
+
}
|
|
173
|
+
if (policyConfig.requireApproval && Array.isArray(policyConfig.requireApproval)) {
|
|
174
|
+
merged.requireApproval = policyConfig.requireApproval;
|
|
175
|
+
}
|
|
176
|
+
if (policyConfig.autoApprove && Array.isArray(policyConfig.autoApprove)) {
|
|
177
|
+
merged.autoApprove = policyConfig.autoApprove;
|
|
178
|
+
}
|
|
179
|
+
if (policyConfig.piiRules && typeof policyConfig.piiRules === 'object') {
|
|
180
|
+
merged.piiRules = { ...merged.piiRules, ...policyConfig.piiRules };
|
|
181
|
+
}
|
|
182
|
+
if (policyConfig.subAgentRestrictions && typeof policyConfig.subAgentRestrictions === 'object') {
|
|
183
|
+
merged.subAgentRestrictions = { ...merged.subAgentRestrictions, ...policyConfig.subAgentRestrictions };
|
|
184
|
+
}
|
|
185
|
+
if (policyConfig.confirmationProtocol && typeof policyConfig.confirmationProtocol === 'object') {
|
|
186
|
+
merged.confirmationProtocol = { ...merged.confirmationProtocol, ...policyConfig.confirmationProtocol };
|
|
187
|
+
}
|
|
188
|
+
return merged;
|
|
189
|
+
}
|
|
190
|
+
}
|
|
191
|
+
catch {
|
|
192
|
+
// Custom policies store not available — fall through to cloud
|
|
193
|
+
}
|
|
194
|
+
}
|
|
146
195
|
const cache = getCloudIronDomeCache();
|
|
147
196
|
if (!cache?.policy)
|
|
148
197
|
return localConfig;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/defence/iron-dome/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAErD,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAE3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/defence/iron-dome/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAEH,OAAO,EAAE,WAAW,EAAE,MAAM,wBAAwB,CAAC;AAErD,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAE3E,OAAO,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AACnE,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,uBAAuB,CAAC;AACzD,OAAO,EAAE,qBAAqB,EAAE,MAAM,+BAA+B,CAAC;AAEtE,OAAO,EAAE,qBAAqB,EAAE,MAAM,wBAAwB,CAAC;AAE/D,mBAAmB;AAEnB,OAAO,EAAE,wBAAwB,EAAE,kBAAkB,EAAE,MAAM,aAAa,CAAC;AAG3E,OAAO,EAAE,cAAc,EAAE,oBAAoB,EAAE,oBAAoB,EAAE,yBAAyB,EAAE,MAAM,wBAAwB,CAAC;AAG/H,OAAO,EAAE,uBAAuB,IAAI,wBAAwB,EAAE,MAAM,wBAAwB,CAAC;AAC7F,OAAO,EAAE,gBAAgB,EAAE,mBAAmB,EAAE,uBAAuB,EAAE,MAAM,wBAAwB,CAAC;AAGxG,OAAO,EAAE,gBAAgB,EAAE,eAAe,EAAE,MAAM,cAAc,CAAC;AAGjE,OAAO,EAAE,eAAe,EAAE,MAAM,kBAAkB,CAAC;AAGnD,OAAO,EAAE,QAAQ,EAAE,MAAM,gBAAgB,CAAC;AAG1C,OAAO,EAAE,gBAAgB,EAAE,MAAM,kBAAkB,CAAC;AAGpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAG9C,mCAAmC;AAEnC,gEAAgE;AAChE,IAAI,YAAY,GAAmB,EAAE,GAAG,wBAAwB,EAAE,CAAC;AAEnE;;GAEG;AACH,SAAS,WAAW;IAClB,IAAI,CAAC;QACH,MAAM,EAAE,GAAG,WAAW,EAAE,CAAC;QACzB,EAAE,CAAC,IAAI,CAAC;;;;;;KAMP,CAAC,CAAC;IACL,CAAC;IAAC,MAAM,CAAC;QACP,+DAA+D;IACjE,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,UAAU;IACjB,IAAI,CAAC;QACH,WAAW,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,WAAW,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,EAAE,CAAC,OAAO,CAAC,kDAAkD,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAkC,CAAC;QAC1H,IAAI,GAAG,EAAE,CAAC;YACR,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC;YACrC,OAAO,YAAY,CAAC;QACtB,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,0BAA0B;IAC5B,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,MAAsB;IACxC,IAAI,CAAC;QACH,WAAW,EAAE,CAAC;QACd,MAAM,EAAE,GAAG,WAAW,EAAE,CAAC;QACzB,EAAE,CAAC,OAAO,CAAC;;;;KAIV,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;IACjC,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,KAAK,CAAC,oCAAoC,EAAE,GAAG,CAAC,CAAC;IAC3D,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,OAAyB;IACxD,IAAI,MAAsB,CAAC;IAE3B,IAAI,OAAO,IAAI,kBAAkB,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3C,MAAM,GAAG;YACP,GAAG,kBAAkB,CAAC,OAAO,CAAC;YAC9B,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;SAAM,CAAC;QACN,MAAM,GAAG;YACP,GAAG,wBAAwB;YAC3B,OAAO,EAAE,IAAI;SACd,CAAC;IACJ,CAAC;IAED,YAAY,GAAG,MAAM,CAAC;IACtB,UAAU,CAAC,MAAM,CAAC,CAAC;IAEnB,gBAAgB,CAAC;QACf,MAAM,EAAE,UAAU;QAClB,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,OAAO,CAAC,CAAC,CAAC,2BAA2B,OAAO,EAAE,CAAC,CAAC,CAAC,+BAA+B;KACzF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,kBAAkB;IAChC,YAAY,GAAG,EAAE,GAAG,wBAAwB,EAAE,OAAO,EAAE,KAAK,EAAE,CAAC;IAC/D,UAAU,CAAC,YAAY,CAAC,CAAC;IAEzB,gBAAgB,CAAC;QACf,MAAM,EAAE,YAAY;QACpB,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,uBAAuB;KAChC,CAAC,CAAC;AACL,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB;IAO/B,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC;IAEtC,OAAO;QACL,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,MAAM;QACN,OAAO,EAAE,MAAM,CAAC,OAAO;QACvB,WAAW,EAAE,CAAC,CAAC,CAAC,KAAK,EAAE,MAAM,CAAC;QAC9B,gBAAgB,EAAE,wBAAwB,EAAE;KAC7C,CAAC;AACJ,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,0BAA0B;IACxC,MAAM,WAAW,GAAG,UAAU,EAAE,CAAC;IAEjC,gEAAgE;IAChE,IAAI,CAAC,WAAW,CAAC,OAAO;QAAE,OAAO,WAAW,CAAC;IAE7C,8DAA8D;IAC9D,0DAA0D;IAC1D,IAAI,CAAC,gBAAgB,CAAC,2BAA2B,CAAC;QAAE,OAAO,WAAW,CAAC;IAEvE,qEAAqE;IACrE,IAAI,qBAAqB,EAAE,EAAE,CAAC;QAC5B,IAAI,CAAC;YACH,MAAM,EAAE,uBAAuB,EAAE,GAAG,OAAO,CAAC,sBAAsB,CAAC,CAAC;YACpE,MAAM,YAAY,GAAG,uBAAuB,EAAE,CAAC;YAC/C,IAAI,YAAY,EAAE,CAAC;gBACjB,MAAM,YAAY,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;gBACrD,2DAA2D;gBAC3D,MAAM,UAAU,GAAG,YAAY,CAAC,WAA8B,CAAC;gBAC/D,MAAM,WAAW,GAAG,UAAU,CAAC,CAAC,CAAC,kBAAkB,CAAC,UAAU,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC;gBACvE,MAAM,MAAM,GAAmB;oBAC7B,GAAG,CAAC,WAAW,IAAI,WAAW,CAAC;oBAC/B,OAAO,EAAE,IAAI;iBACd,CAAC;gBACF,gCAAgC;gBAChC,IAAI,YAAY,CAAC,eAAe,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,eAAe,CAAC,EAAE,CAAC;oBAChF,MAAM,CAAC,eAAe,GAAG,YAAY,CAAC,eAAe,CAAC;gBACxD,CAAC;gBACD,IAAI,OAAO,YAAY,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;oBAChD,MAAM,CAAC,UAAU,GAAG,YAAY,CAAC,UAAU,CAAC;gBAC9C,CAAC;gBACD,IAAI,YAAY,CAAC,eAAe,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,eAAe,CAAC,EAAE,CAAC;oBAChF,MAAM,CAAC,eAAe,GAAG,YAAY,CAAC,eAAe,CAAC;gBACxD,CAAC;gBACD,IAAI,YAAY,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,YAAY,CAAC,WAAW,CAAC,EAAE,CAAC;oBACxE,MAAM,CAAC,WAAW,GAAG,YAAY,CAAC,WAAW,CAAC;gBAChD,CAAC;gBACD,IAAI,YAAY,CAAC,QAAQ,IAAI,OAAO,YAAY,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;oBACvE,MAAM,CAAC,QAAQ,GAAG,EAAE,GAAG,MAAM,CAAC,QAAQ,EAAE,GAAG,YAAY,CAAC,QAAQ,EAAE,CAAC;gBACrE,CAAC;gBACD,IAAI,YAAY,CAAC,oBAAoB,IAAI,OAAO,YAAY,CAAC,oBAAoB,KAAK,QAAQ,EAAE,CAAC;oBAC/F,MAAM,CAAC,oBAAoB,GAAG,EAAE,GAAG,MAAM,CAAC,oBAAoB,EAAE,GAAG,YAAY,CAAC,oBAAoB,EAAE,CAAC;gBACzG,CAAC;gBACD,IAAI,YAAY,CAAC,oBAAoB,IAAI,OAAO,YAAY,CAAC,oBAAoB,KAAK,QAAQ,EAAE,CAAC;oBAC/F,MAAM,CAAC,oBAAoB,GAAG,EAAE,GAAG,MAAM,CAAC,oBAAoB,EAAE,GAAG,YAAY,CAAC,oBAAoB,EAAE,CAAC;gBACzG,CAAC;gBACD,OAAO,MAAM,CAAC;YAChB,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,8DAA8D;QAChE,CAAC;IACH,CAAC;IAED,MAAM,KAAK,GAAG,qBAAqB,EAAE,CAAC;IACtC,IAAI,CAAC,KAAK,EAAE,MAAM;QAAE,OAAO,WAAW,CAAC;IAEvC,MAAM,WAAW,GAAgB,KAAK,CAAC,MAAM,CAAC;IAC9C,MAAM,UAAU,GAAG,WAAW,CAAC,YAA+B,CAAC;IAC/D,MAAM,WAAW,GAAG,kBAAkB,CAAC,UAAU,CAAC,CAAC;IACnD,IAAI,CAAC,WAAW;QAAE,OAAO,WAAW,CAAC;IAErC,oCAAoC;IACpC,MAAM,MAAM,GAAmB;QAC7B,GAAG,WAAW;QACd,OAAO,EAAE,IAAI;KACd,CAAC;IAEF,2CAA2C;IAC3C,MAAM,SAAS,GAAG,WAAW,CAAC,gBAAgB,CAAC;IAC/C,IAAI,SAAS,CAAC,eAAe,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CAAC;QAC1E,MAAM,CAAC,eAAe,GAAG,SAAS,CAAC,eAA2B,CAAC;IACjE,CAAC;IACD,IAAI,OAAO,SAAS,CAAC,UAAU,KAAK,QAAQ,EAAE,CAAC;QAC7C,MAAM,CAAC,UAAU,GAAG,SAAS,CAAC,UAAU,CAAC;IAC3C,CAAC;IACD,IAAI,SAAS,CAAC,eAAe,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,eAAe,CAAC,EAAE,CAAC;QAC1E,MAAM,CAAC,eAAe,GAAG,SAAS,CAAC,eAA2B,CAAC;IACjE,CAAC;IACD,IAAI,SAAS,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,SAAS,CAAC,WAAW,CAAC,EAAE,CAAC;QAClE,MAAM,CAAC,WAAW,GAAG,SAAS,CAAC,WAAuB,CAAC;IACzD,CAAC;IACD,IAAI,SAAS,CAAC,QAAQ,IAAI,OAAO,SAAS,CAAC,QAAQ,KAAK,QAAQ,EAAE,CAAC;QACjE,MAAM,GAAG,GAAG,SAAS,CAAC,QAAmC,CAAC;QAC1D,MAAM,CAAC,QAAQ,GAAG;YAChB,GAAG,MAAM,CAAC,QAAQ;YAClB,GAAG,CAAC,GAAG,CAAC,WAAW,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,EAAE,WAAW,EAAE,GAAG,CAAC,WAAuB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC1G,GAAG,CAAC,GAAG,CAAC,cAAc,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,EAAE,cAAc,EAAE,GAAG,CAAC,cAA0B,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACvH,CAAC;IACJ,CAAC;IACD,IAAI,SAAS,CAAC,oBAAoB,IAAI,OAAO,SAAS,CAAC,oBAAoB,KAAK,QAAQ,EAAE,CAAC;QACzF,MAAM,GAAG,GAAG,SAAS,CAAC,oBAA+C,CAAC;QACtE,MAAM,CAAC,oBAAoB,GAAG;YAC5B,GAAG,MAAM,CAAC,oBAAoB;YAC9B,GAAG,CAAC,GAAG,CAAC,iBAAiB,IAAI,KAAK,CAAC,OAAO,CAAC,GAAG,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,EAAE,iBAAiB,EAAE,GAAG,CAAC,iBAA6B,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAClI,GAAG,CAAC,OAAO,GAAG,CAAC,eAAe,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,eAAe,EAAE,GAAG,CAAC,eAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SAC9F,CAAC;IACJ,CAAC;IACD,IAAI,SAAS,CAAC,oBAAoB,IAAI,OAAO,SAAS,CAAC,oBAAoB,KAAK,QAAQ,EAAE,CAAC;QACzF,MAAM,IAAI,GAAG,SAAS,CAAC,oBAA+C,CAAC;QACvE,MAAM,CAAC,oBAAoB,GAAG;YAC5B,GAAG,MAAM,CAAC,oBAAoB;YAC9B,GAAG,CAAC,IAAI,CAAC,GAAG,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,IAAI,CAAC,GAAe,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7E,GAAG,CAAC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YACrF,GAAG,CAAC,IAAI,CAAC,KAAK,IAAI,KAAK,CAAC,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,IAAI,CAAC,KAAiB,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;SACtF,CAAC;IACJ,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,yCAAyC;AAEzC;;GAEG;AACH,MAAM,UAAU,gCAAgC;IAC9C,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,IAAI,GAAG,MAAM,CAAC,oBAAoB,IAAI,wBAAwB,CAAC,oBAAoB,CAAC;IAC1F,OAAO,yBAAyB,CAAC,IAAI,EAAE,MAAM,CAAC,qBAAqB,CAAC,CAAC;AACvE,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,wBAAwB;IACtC,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,OAAO,MAAM,CAAC,qBAAqB,IAAI,EAAE,CAAC;AAC5C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,sBAAsB,CAAC,MAAc,EAAE,IAAsB;IAC3E,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,SAAS,GAAG,MAAM,CAAC,qBAAqB,IAAI,EAAE,CAAC;IAErD,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IAExC,uCAAuC;IACvC,IAAI,SAAS,CAAC,GAAG;QAAE,SAAS,CAAC,GAAG,GAAG,SAAS,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,UAAU,CAAC,CAAC;IAC7F,IAAI,SAAS,CAAC,KAAK;QAAE,SAAS,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,UAAU,CAAC,CAAC;IACnG,IAAI,SAAS,CAAC,KAAK;QAAE,SAAS,CAAC,KAAK,GAAG,SAAS,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,UAAU,CAAC,CAAC;IAEnG,yBAAyB;IACzB,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC;QAAE,SAAS,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;IAC3C,SAAS,CAAC,IAAI,CAAE,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAElC,MAAM,CAAC,qBAAqB,GAAG,SAAS,CAAC;IACzC,YAAY,GAAG,MAAM,CAAC;IACtB,UAAU,CAAC,MAAM,CAAC,CAAC;IAEnB,gBAAgB,CAAC;QACf,MAAM,EAAE,uBAAuB;QAC/B,UAAU,EAAE,UAAU;QACtB,OAAO,EAAE,IAAI;QACb,MAAM,EAAE,UAAU,UAAU,QAAQ,IAAI,CAAC,WAAW,EAAE,OAAO;KAC9D,CAAC,CAAC;AACL,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,0BAA0B,CAAC,MAAc;IACvD,MAAM,MAAM,GAAG,UAAU,EAAE,CAAC;IAC5B,MAAM,SAAS,GAAG,MAAM,CAAC,qBAAqB,CAAC;IAC/C,IAAI,CAAC,SAAS;QAAE,OAAO,KAAK,CAAC;IAE7B,MAAM,UAAU,GAAG,MAAM,CAAC,WAAW,EAAE,CAAC;IACxC,IAAI,KAAK,GAAG,KAAK,CAAC;IAElB,KAAK,MAAM,IAAI,IAAI,CAAC,KAAK,EAAE,OAAO,EAAE,OAAO,CAAU,EAAE,CAAC;QACtD,IAAI,SAAS,CAAC,IAAI,CAAC,EAAE,CAAC;YACpB,MAAM,MAAM,GAAG,SAAS,CAAC,IAAI,CAAE,CAAC,MAAM,CAAC;YACvC,SAAS,CAAC,IAAI,CAAC,GAAG,SAAS,CAAC,IAAI,CAAE,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,WAAW,EAAE,KAAK,UAAU,CAAC,CAAC;YAC/E,IAAI,SAAS,CAAC,IAAI,CAAE,CAAC,MAAM,GAAG,MAAM;gBAAE,KAAK,GAAG,IAAI,CAAC;QACrD,CAAC;IACH,CAAC;IAED,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,CAAC,qBAAqB,GAAG,SAAS,CAAC;QACzC,YAAY,GAAG,MAAM,CAAC;QACtB,UAAU,CAAC,MAAM,CAAC,CAAC;QAEnB,gBAAgB,CAAC;YACf,MAAM,EAAE,uBAAuB;YAC/B,UAAU,EAAE,UAAU;YACtB,OAAO,EAAE,IAAI;YACb,MAAM,EAAE,yBAAyB,UAAU,yBAAyB;SACrE,CAAC,CAAC;IACL,CAAC;IAED,OAAO,KAAK,CAAC;AACf,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../../src/defence/pipeline.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,aAAa,EACb,qBAAqB,EACrB,+BAA+B,EAC/B,aAAa,EAKd,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"pipeline.d.ts","sourceRoot":"","sources":["../../src/defence/pipeline.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,KAAK,EACV,aAAa,EACb,qBAAqB,EACrB,+BAA+B,EAC/B,aAAa,EAKd,MAAM,YAAY,CAAC;AAgBpB,wBAAgB,kBAAkB,CAChC,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,aAAa,EACrB,MAAM,CAAC,EAAE,aAAa,EACtB,OAAO,CAAC,EAAE,MAAM,GACf,qBAAqB,CAoRvB;AAED;;;;;;;;;GASG;AACH,wBAAsB,4BAA4B,CAChD,OAAO,EAAE,MAAM,EACf,KAAK,EAAE,MAAM,EACb,MAAM,EAAE,aAAa,EACrB,MAAM,CAAC,EAAE,aAAa,EACtB,OAAO,CAAC,EAAE,MAAM,GACf,OAAO,CAAC,+BAA+B,CAAC,CAyD1C"}
|
package/dist/defence/pipeline.js
CHANGED
|
@@ -14,7 +14,9 @@ import { logAudit, createContentHash } from './audit/index.js';
|
|
|
14
14
|
import { persistEvent } from '../api/events.js';
|
|
15
15
|
import { syncToCloud } from '../cloud/sync.js';
|
|
16
16
|
import { syncQuarantineToCloud } from '../cloud/quarantine-sync.js';
|
|
17
|
+
import { isFeatureEnabled } from '../license/gate.js';
|
|
17
18
|
import { getDefenceMode } from '../cloud/config.js';
|
|
19
|
+
import { isDatabaseInitialized } from '../database/init.js';
|
|
18
20
|
export function runDefencePipeline(content, title, source, config, project) {
|
|
19
21
|
const cfg = config ?? { ...DEFAULT_DEFENCE_CONFIG, mode: getDefenceMode() };
|
|
20
22
|
const startTime = performance.now();
|
|
@@ -77,6 +79,78 @@ export function runDefencePipeline(content, title, source, config, project) {
|
|
|
77
79
|
allowed = true;
|
|
78
80
|
reason = firewall.reason;
|
|
79
81
|
}
|
|
82
|
+
// 6b. Apply custom firewall rules (Pro feature, additive only — can tighten, never weaken)
|
|
83
|
+
if (allowed && isFeatureEnabled('custom_firewall_rules') && isDatabaseInitialized()) {
|
|
84
|
+
try {
|
|
85
|
+
const { getEnabledFirewallRules } = require('./custom-rules/store.js');
|
|
86
|
+
const customRules = getEnabledFirewallRules();
|
|
87
|
+
for (const rule of customRules) {
|
|
88
|
+
try {
|
|
89
|
+
const regex = new RegExp(rule.condition_value, 'gi');
|
|
90
|
+
if (regex.test(content) || regex.test(title)) {
|
|
91
|
+
if (rule.action === 'block') {
|
|
92
|
+
allowed = false;
|
|
93
|
+
reason = `Blocked by custom rule: ${rule.name}`;
|
|
94
|
+
firewall.result = 'BLOCK';
|
|
95
|
+
if (!firewall.threatIndicators.includes('custom_rule')) {
|
|
96
|
+
firewall.threatIndicators.push('custom_rule');
|
|
97
|
+
}
|
|
98
|
+
break; // Block is final
|
|
99
|
+
}
|
|
100
|
+
else if (rule.action === 'quarantine' && firewall.result !== 'BLOCK') {
|
|
101
|
+
allowed = false;
|
|
102
|
+
reason = `Quarantined by custom rule: ${rule.name}`;
|
|
103
|
+
firewall.result = 'QUARANTINE';
|
|
104
|
+
if (!firewall.threatIndicators.includes('custom_rule')) {
|
|
105
|
+
firewall.threatIndicators.push('custom_rule');
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
// 'allow' action: no-op — custom rules cannot weaken built-in decisions
|
|
109
|
+
}
|
|
110
|
+
}
|
|
111
|
+
catch {
|
|
112
|
+
// Skip invalid regex in custom rules
|
|
113
|
+
}
|
|
114
|
+
}
|
|
115
|
+
}
|
|
116
|
+
catch {
|
|
117
|
+
// Custom rules store not available — skip silently
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
// 6c. Apply custom injection patterns (Pro feature, additive)
|
|
121
|
+
if (allowed && isFeatureEnabled('custom_injection_patterns') && isDatabaseInitialized()) {
|
|
122
|
+
try {
|
|
123
|
+
const { getEnabledCustomPatterns } = require('./custom-patterns/store.js');
|
|
124
|
+
const customPatterns = getEnabledCustomPatterns();
|
|
125
|
+
for (const pattern of customPatterns) {
|
|
126
|
+
try {
|
|
127
|
+
const regex = new RegExp(pattern.regex, 'gi');
|
|
128
|
+
if (regex.test(content) || regex.test(title)) {
|
|
129
|
+
if (pattern.severity === 'critical' || pattern.severity === 'high') {
|
|
130
|
+
allowed = false;
|
|
131
|
+
reason = `Blocked by custom pattern: ${pattern.name} (${pattern.severity})`;
|
|
132
|
+
firewall.result = 'BLOCK';
|
|
133
|
+
}
|
|
134
|
+
else {
|
|
135
|
+
allowed = false;
|
|
136
|
+
reason = `Quarantined by custom pattern: ${pattern.name} (${pattern.severity})`;
|
|
137
|
+
firewall.result = 'QUARANTINE';
|
|
138
|
+
}
|
|
139
|
+
if (!firewall.threatIndicators.includes('custom_pattern')) {
|
|
140
|
+
firewall.threatIndicators.push('custom_pattern');
|
|
141
|
+
}
|
|
142
|
+
break;
|
|
143
|
+
}
|
|
144
|
+
}
|
|
145
|
+
catch {
|
|
146
|
+
// Skip invalid regex in custom patterns
|
|
147
|
+
}
|
|
148
|
+
}
|
|
149
|
+
}
|
|
150
|
+
catch {
|
|
151
|
+
// Custom patterns store not available — skip silently
|
|
152
|
+
}
|
|
153
|
+
}
|
|
80
154
|
// Keep top-level reason and firewall.reason consistent for downstream callers.
|
|
81
155
|
firewall.reason = reason;
|
|
82
156
|
// Add credential_leak to threat indicators if any findings (even non-blocking)
|
|
@@ -130,14 +204,16 @@ export function runDefencePipeline(content, title, source, config, project) {
|
|
|
130
204
|
auditId,
|
|
131
205
|
};
|
|
132
206
|
// 8. Sync audit data to cloud (fire-and-forget, never blocks)
|
|
133
|
-
|
|
134
|
-
|
|
135
|
-
|
|
136
|
-
|
|
137
|
-
|
|
207
|
+
if (isFeatureEnabled('cloud_sync')) {
|
|
208
|
+
try {
|
|
209
|
+
syncToCloud(pipelineResult, source, durationMs);
|
|
210
|
+
}
|
|
211
|
+
catch {
|
|
212
|
+
// Cloud sync must never affect local pipeline
|
|
213
|
+
}
|
|
138
214
|
}
|
|
139
215
|
// 9. Sync quarantine content to cloud (fire-and-forget)
|
|
140
|
-
if (firewall.result === 'QUARANTINE') {
|
|
216
|
+
if (isFeatureEnabled('cloud_sync') && firewall.result === 'QUARANTINE') {
|
|
141
217
|
try {
|
|
142
218
|
const indicators = firewall.threatIndicators.map(t => typeof t === 'string' ? t : t.pattern ?? String(t));
|
|
143
219
|
syncQuarantineToCloud({
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"pipeline.js","sourceRoot":"","sources":["../../src/defence/pipeline.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAYH,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,kBAAkB,EAA6B,MAAM,4BAA4B,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AACpE,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEpD,MAAM,UAAU,kBAAkB,CAChC,OAAe,EACf,KAAa,EACb,MAAqB,EACrB,MAAsB,EACtB,OAAgB;IAEhB,MAAM,GAAG,GAAG,MAAM,IAAI,EAAE,GAAG,sBAAsB,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,CAAC;IAC5E,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAEpC,IAAI,CAAC;QACH,iBAAiB;QACjB,MAAM,KAAK,GAAe,WAAW,CAAC,MAAM,CAAC,CAAC;QAE9C,kBAAkB;QAClB,MAAM,QAAQ,GAAqB,eAAe,CAChD,OAAO,EACP,KAAK,EACL,MAAM,EACN,KAAK,CAAC,KAAK,EACX,GAAG,CACJ,CAAC;QAEF,0BAA0B;QAC1B,MAAM,WAAW,GAA8B,mBAAmB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAEnF,wEAAwE;QACxE,IAAI,aAAa,GAAiC,IAAI,CAAC;QACvD,IAAI,GAAG,CAAC,4BAA4B,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YACpE,aAAa,GAAG,oBAAoB,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAC5D,CAAC;QAED,6CAA6C;QAC7C,MAAM,cAAc,GAAyB,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAEzE,8BAA8B;QAC9B,IAAI,OAAgB,CAAC;QACrB,IAAI,MAAc,CAAC;QAEnB,yDAAyD;QACzD,MAAM,iBAAiB,GAAG,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;QAEpF,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YAChC,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC3B,CAAC;aAAM,IAAI,iBAAiB,EAAE,CAAC;YAC7B,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,YAAY,GAAG,cAAc,CAAC,QAAQ;iBACzC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC;iBACnC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC7D,MAAM,GAAG,sCAAsC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAC1E,mDAAmD;YACnD,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC;YAC1B,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBAC3D,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YAC5C,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,gBAAgB,QAAQ,CAAC,MAAM,EAAE,CAAC;QAC7C,CAAC;aAAM,IACL,aAAa,KAAK,IAAI;YACtB,aAAa,CAAC,KAAK,GAAG,GAAG,CAAC,uBAAuB,EACjD,CAAC;YACD,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,oCAAoC,aAAa,CAAC,KAAK,sBAAsB,GAAG,CAAC,uBAAuB,EAAE,CAAC;YACpH,QAAQ,CAAC,MAAM,GAAG,YAAY,CAAC;YAC/B,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;QAC3B,CAAC;aAAM,IAAI,WAAW,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;YAC9C,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,8CAA8C,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAClG,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC;YAC1B,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;YACzB,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAC9D,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,IAAI,CAAC;YACf,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC3B,CAAC;QAED,+EAA+E;QAC/E,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzB,+EAA+E;QAC/E,IAAI,cAAc,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACpF,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;QAE7D,eAAe;QACf,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,OAAO,GAAG,QAAQ,CAAC;YACvB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,OAAO,IAAI,IAAI;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,MAAM,CAAC,IAAI;YACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;YACpC,WAAW,EAAE,KAAK,CAAC,KAAK;YACxB,iBAAiB,EAAE,WAAW,CAAC,KAAK;YACpC,eAAe,EAAE,QAAQ,CAAC,MAAM;YAChC,aAAa,EAAE,QAAQ,CAAC,YAAY;YACpC,iBAAiB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAC5D,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC;YAC1D,MAAM;YACN,mBAAmB,EAAE,aAAa,EAAE,KAAK,IAAI,IAAI;YACjD,oBAAoB,EAAE,UAAU;SACjC,CAAC,CAAC;QAEH,+EAA+E;QAC/E,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YAChC,IAAI,CAAC;gBACH,YAAY,CAAC,eAAe,EAAE;oBAC5B,WAAW,EAAE,MAAM,CAAC,IAAI;oBACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;oBACpC,eAAe,EAAE,QAAQ,CAAC,MAAM;oBAChC,WAAW,EAAE,KAAK,CAAC,KAAK;oBACxB,aAAa,EAAE,QAAQ,CAAC,YAAY;oBACpC,MAAM;oBACN,iBAAiB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;oBAC5D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,mCAAmC;YACrC,CAAC;QACH,CAAC;QAED,MAAM,cAAc,GAA0B;YAC5C,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;YACX,KAAK;YACL,cAAc,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS;YAClE,OAAO;SACR,CAAC;QAEF,8DAA8D;QAC9D,IAAI,CAAC;YACH,WAAW,CAAC,cAAc,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;QAClD,CAAC;QAAC,MAAM,CAAC;YACP,8CAA8C;QAChD,CAAC;QAED,wDAAwD;QACxD,IAAI,QAAQ,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YACrC,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,QAAQ,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CACnD,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,CAA0B,CAAC,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,CAC7E,CAAC;gBACF,qBAAqB,CAAC;oBACpB,gBAAgB,EAAE,OAAO;oBACzB,cAAc,EAAE,KAAK;oBACrB,WAAW,EAAE,MAAM,CAAC,IAAI;oBACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;oBACpC,MAAM;oBACN,iBAAiB,EAAE,UAAU;oBAC7B,aAAa,EAAE,QAAQ,CAAC,YAAY;oBACpC,eAAe,EAAE,QAAQ,CAAC,MAAM;iBACjC,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,mDAAmD;YACrD,CAAC;QACH,CAAC;QAED,OAAO,cAAc,CAAC;IACxB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,uDAAuD;QACvD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;QAC7D,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG,QAAQ,CAAC;YACvB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,OAAO,IAAI,IAAI;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,MAAM,CAAC,IAAI;YACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;YACpC,WAAW,EAAE,CAAC;YACd,iBAAiB,EAAE,YAAY;YAC/B,eAAe,EAAE,OAAO;YACxB,aAAa,EAAE,GAAG;YAClB,iBAAiB,EAAE,oBAAoB;YACvC,gBAAgB,EAAE,IAAI;YACtB,MAAM,EAAE,iCAAiC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC3F,mBAAmB,EAAE,IAAI;YACzB,oBAAoB,EAAE,UAAU;SACjC,CAAC,CAAC;QAEH,OAAO;YACL,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE;gBACR,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,2CAA2C;gBACnD,gBAAgB,EAAE,CAAC,gBAAgB,CAAC;gBACpC,YAAY,EAAE,GAAG;gBACjB,eAAe,EAAE,EAAE;aACpB;YACD,aAAa,EAAE,IAAI;YACnB,WAAW,EAAE;gBACX,KAAK,EAAE,YAAY;gBACnB,UAAU,EAAE,CAAC;gBACb,gBAAgB,EAAE,EAAE;gBACpB,iBAAiB,EAAE,IAAI;aACxB;YACD,KAAK,EAAE;gBACL,KAAK,EAAE,CAAC;gBACR,MAAM;gBACN,SAAS,EAAE,EAAE;aACd;YACD,OAAO;SACR,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,OAAe,EACf,KAAa,EACb,MAAqB,EACrB,MAAsB,EACtB,OAAgB;IAEhB,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAE3E,0EAA0E;IAC1E,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAC/E,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,uCAAuC;IACvC,IAAI,CAAC,WAAW,CAAC,YAAY,IAAI,CAAC,WAAW,CAAC,WAAW,IAAI,CAAC,YAAY,CAAC,aAAa,EAAE,CAAC;QACzF,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAClE,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0BAA0B;IAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IAE9E,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,EAAE,GAAG,MAAM,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,YAAY,CAAC,UAAU,EAAE,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,YAAY,GAAoD;QACpE,EAAE,EAAE,YAAY,CAAC,EAAE;QACnB,MAAM,EAAE,YAAY,CAAC,MAA4C;QACjE,OAAO,EAAE,YAAY,CAAC,OAAO;QAC7B,UAAU,EAAE,YAAY,CAAC,UAAU;QACnC,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;QAC/C,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,IAAI,EAAE,YAAY,CAAC,UAAU;KAC9B,CAAC;IAEF,sFAAsF;IACtF,IACE,YAAY,CAAC,UAAU,KAAK,SAAS;QACrC,YAAY,CAAC,MAAM,KAAK,WAAW;QACnC,YAAY,CAAC,OAAO,KAAK,QAAQ;QACjC,CAAC,YAAY,CAAC,UAAU,IAAI,CAAC,CAAC,IAAI,GAAG;QACrC,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,YAAY,EACvC,CAAC;QACD,YAAY,CAAC,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAC7D,OAAO;YACL,GAAG,MAAM;YACT,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE;gBACR,GAAG,MAAM,CAAC,QAAQ;gBAClB,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,sCAAsC,YAAY,CAAC,UAAU,GAAG;aAClG;YACD,YAAY;SACb,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,GAAG,MAAM,EAAE,YAAY,EAAE,CAAC;AACrC,CAAC"}
|
|
1
|
+
{"version":3,"file":"pipeline.js","sourceRoot":"","sources":["../../src/defence/pipeline.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAYH,OAAO,EAAE,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAEpD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AACtD,OAAO,EAAE,mBAAmB,EAAE,MAAM,wBAAwB,CAAC;AAC7D,OAAO,EAAE,oBAAoB,EAAE,MAAM,0BAA0B,CAAC;AAChE,OAAO,EAAE,kBAAkB,EAA6B,MAAM,4BAA4B,CAAC;AAC3F,OAAO,EAAE,QAAQ,EAAE,iBAAiB,EAAE,MAAM,kBAAkB,CAAC;AAC/D,OAAO,EAAE,YAAY,EAAE,MAAM,kBAAkB,CAAC;AAChD,OAAO,EAAE,WAAW,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,qBAAqB,EAAE,MAAM,6BAA6B,CAAC;AACpE,OAAO,EAAE,gBAAgB,EAAE,MAAM,oBAAoB,CAAC;AACtD,OAAO,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AACpD,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAE5D,MAAM,UAAU,kBAAkB,CAChC,OAAe,EACf,KAAa,EACb,MAAqB,EACrB,MAAsB,EACtB,OAAgB;IAEhB,MAAM,GAAG,GAAG,MAAM,IAAI,EAAE,GAAG,sBAAsB,EAAE,IAAI,EAAE,cAAc,EAAE,EAAE,CAAC;IAC5E,MAAM,SAAS,GAAG,WAAW,CAAC,GAAG,EAAE,CAAC;IAEpC,IAAI,CAAC;QACH,iBAAiB;QACjB,MAAM,KAAK,GAAe,WAAW,CAAC,MAAM,CAAC,CAAC;QAE9C,kBAAkB;QAClB,MAAM,QAAQ,GAAqB,eAAe,CAChD,OAAO,EACP,KAAK,EACL,MAAM,EACN,KAAK,CAAC,KAAK,EACX,GAAG,CACJ,CAAC;QAEF,0BAA0B;QAC1B,MAAM,WAAW,GAA8B,mBAAmB,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC;QAEnF,wEAAwE;QACxE,IAAI,aAAa,GAAiC,IAAI,CAAC;QACvD,IAAI,GAAG,CAAC,4BAA4B,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YACpE,aAAa,GAAG,oBAAoB,CAAC,OAAO,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC;QAC5D,CAAC;QAED,6CAA6C;QAC7C,MAAM,cAAc,GAAyB,kBAAkB,CAAC,OAAO,CAAC,CAAC;QAEzE,8BAA8B;QAC9B,IAAI,OAAgB,CAAC;QACrB,IAAI,MAAc,CAAC;QAEnB,yDAAyD;QACzD,MAAM,iBAAiB,GAAG,cAAc,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC,CAAC;QAEpF,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YAChC,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC3B,CAAC;aAAM,IAAI,iBAAiB,EAAE,CAAC;YAC7B,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,YAAY,GAAG,cAAc,CAAC,QAAQ;iBACzC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,SAAS,CAAC;iBACnC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;YAC7D,MAAM,GAAG,sCAAsC,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAC1E,mDAAmD;YACnD,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC;YAC1B,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;gBAC3D,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;YACpD,CAAC;QACH,CAAC;aAAM,IAAI,QAAQ,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YAC5C,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,gBAAgB,QAAQ,CAAC,MAAM,EAAE,CAAC;QAC7C,CAAC;aAAM,IACL,aAAa,KAAK,IAAI;YACtB,aAAa,CAAC,KAAK,GAAG,GAAG,CAAC,uBAAuB,EACjD,CAAC;YACD,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,oCAAoC,aAAa,CAAC,KAAK,sBAAsB,GAAG,CAAC,uBAAuB,EAAE,CAAC;YACpH,QAAQ,CAAC,MAAM,GAAG,YAAY,CAAC;YAC/B,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;QAC3B,CAAC;aAAM,IAAI,WAAW,CAAC,KAAK,KAAK,YAAY,EAAE,CAAC;YAC9C,OAAO,GAAG,KAAK,CAAC;YAChB,MAAM,GAAG,8CAA8C,WAAW,CAAC,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,GAAG,CAAC;YAClG,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC;YAC1B,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;YACzB,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;gBAC9D,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;YACvD,CAAC;QACH,CAAC;aAAM,CAAC;YACN,OAAO,GAAG,IAAI,CAAC;YACf,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC;QAC3B,CAAC;QAED,2FAA2F;QAC3F,IAAI,OAAO,IAAI,gBAAgB,CAAC,uBAAuB,CAAC,IAAI,qBAAqB,EAAE,EAAE,CAAC;YACpF,IAAI,CAAC;gBACH,MAAM,EAAE,uBAAuB,EAAE,GAAG,OAAO,CAAC,yBAAyB,CAAC,CAAC;gBACvE,MAAM,WAAW,GAAG,uBAAuB,EAAE,CAAC;gBAC9C,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;oBAC/B,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,eAAe,EAAE,IAAI,CAAC,CAAC;wBACrD,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;4BAC7C,IAAI,IAAI,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gCAC5B,OAAO,GAAG,KAAK,CAAC;gCAChB,MAAM,GAAG,2BAA2B,IAAI,CAAC,IAAI,EAAE,CAAC;gCAChD,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC;gCAC1B,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oCACvD,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gCAChD,CAAC;gCACD,MAAM,CAAC,iBAAiB;4BAC1B,CAAC;iCAAM,IAAI,IAAI,CAAC,MAAM,KAAK,YAAY,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;gCACvE,OAAO,GAAG,KAAK,CAAC;gCAChB,MAAM,GAAG,+BAA+B,IAAI,CAAC,IAAI,EAAE,CAAC;gCACpD,QAAQ,CAAC,MAAM,GAAG,YAAY,CAAC;gCAC/B,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,aAAa,CAAC,EAAE,CAAC;oCACvD,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;gCAChD,CAAC;4BACH,CAAC;4BACD,wEAAwE;wBAC1E,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,qCAAqC;oBACvC,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,mDAAmD;YACrD,CAAC;QACH,CAAC;QAED,8DAA8D;QAC9D,IAAI,OAAO,IAAI,gBAAgB,CAAC,2BAA2B,CAAC,IAAI,qBAAqB,EAAE,EAAE,CAAC;YACxF,IAAI,CAAC;gBACH,MAAM,EAAE,wBAAwB,EAAE,GAAG,OAAO,CAAC,4BAA4B,CAAC,CAAC;gBAC3E,MAAM,cAAc,GAAG,wBAAwB,EAAE,CAAC;gBAClD,KAAK,MAAM,OAAO,IAAI,cAAc,EAAE,CAAC;oBACrC,IAAI,CAAC;wBACH,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;wBAC9C,IAAI,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;4BAC7C,IAAI,OAAO,CAAC,QAAQ,KAAK,UAAU,IAAI,OAAO,CAAC,QAAQ,KAAK,MAAM,EAAE,CAAC;gCACnE,OAAO,GAAG,KAAK,CAAC;gCAChB,MAAM,GAAG,8BAA8B,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,QAAQ,GAAG,CAAC;gCAC5E,QAAQ,CAAC,MAAM,GAAG,OAAO,CAAC;4BAC5B,CAAC;iCAAM,CAAC;gCACN,OAAO,GAAG,KAAK,CAAC;gCAChB,MAAM,GAAG,kCAAkC,OAAO,CAAC,IAAI,KAAK,OAAO,CAAC,QAAQ,GAAG,CAAC;gCAChF,QAAQ,CAAC,MAAM,GAAG,YAAY,CAAC;4BACjC,CAAC;4BACD,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,gBAAgB,CAAC,EAAE,CAAC;gCAC1D,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;4BACnD,CAAC;4BACD,MAAM;wBACR,CAAC;oBACH,CAAC;oBAAC,MAAM,CAAC;wBACP,wCAAwC;oBAC1C,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,sDAAsD;YACxD,CAAC;QACH,CAAC;QAED,+EAA+E;QAC/E,QAAQ,CAAC,MAAM,GAAG,MAAM,CAAC;QAEzB,+EAA+E;QAC/E,IAAI,cAAc,CAAC,MAAM,IAAI,CAAC,QAAQ,CAAC,gBAAgB,CAAC,QAAQ,CAAC,iBAAiB,CAAC,EAAE,CAAC;YACpF,QAAQ,CAAC,gBAAgB,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;QACpD,CAAC;QAED,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;QAE7D,eAAe;QACf,MAAM,YAAY,GAAG,iBAAiB,CAAC,OAAO,CAAC,CAAC;QAChD,MAAM,OAAO,GAAG,QAAQ,CAAC;YACvB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,OAAO,IAAI,IAAI;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,MAAM,CAAC,IAAI;YACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;YACpC,WAAW,EAAE,KAAK,CAAC,KAAK;YACxB,iBAAiB,EAAE,WAAW,CAAC,KAAK;YACpC,eAAe,EAAE,QAAQ,CAAC,MAAM;YAChC,aAAa,EAAE,QAAQ,CAAC,YAAY;YACpC,iBAAiB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;YAC5D,gBAAgB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,eAAe,CAAC;YAC1D,MAAM;YACN,mBAAmB,EAAE,aAAa,EAAE,KAAK,IAAI,IAAI;YACjD,oBAAoB,EAAE,UAAU;SACjC,CAAC,CAAC;QAEH,+EAA+E;QAC/E,IAAI,QAAQ,CAAC,MAAM,KAAK,OAAO,EAAE,CAAC;YAChC,IAAI,CAAC;gBACH,YAAY,CAAC,eAAe,EAAE;oBAC5B,WAAW,EAAE,MAAM,CAAC,IAAI;oBACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;oBACpC,eAAe,EAAE,QAAQ,CAAC,MAAM;oBAChC,WAAW,EAAE,KAAK,CAAC,KAAK;oBACxB,aAAa,EAAE,QAAQ,CAAC,YAAY;oBACpC,MAAM;oBACN,iBAAiB,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,gBAAgB,CAAC;oBAC5D,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;iBACpC,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,mCAAmC;YACrC,CAAC;QACH,CAAC;QAED,MAAM,cAAc,GAA0B;YAC5C,OAAO;YACP,QAAQ;YACR,aAAa;YACb,WAAW;YACX,KAAK;YACL,cAAc,EAAE,cAAc,CAAC,MAAM,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,SAAS;YAClE,OAAO;SACR,CAAC;QAEF,8DAA8D;QAC9D,IAAI,gBAAgB,CAAC,YAAY,CAAC,EAAE,CAAC;YACnC,IAAI,CAAC;gBACH,WAAW,CAAC,cAAc,EAAE,MAAM,EAAE,UAAU,CAAC,CAAC;YAClD,CAAC;YAAC,MAAM,CAAC;gBACP,8CAA8C;YAChD,CAAC;QACH,CAAC;QAED,wDAAwD;QACxD,IAAI,gBAAgB,CAAC,YAAY,CAAC,IAAI,QAAQ,CAAC,MAAM,KAAK,YAAY,EAAE,CAAC;YACvE,IAAI,CAAC;gBACH,MAAM,UAAU,GAAG,QAAQ,CAAC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CACnD,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAE,CAA0B,CAAC,OAAO,IAAI,MAAM,CAAC,CAAC,CAAC,CAC7E,CAAC;gBACF,qBAAqB,CAAC;oBACpB,gBAAgB,EAAE,OAAO;oBACzB,cAAc,EAAE,KAAK;oBACrB,WAAW,EAAE,MAAM,CAAC,IAAI;oBACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;oBACpC,MAAM;oBACN,iBAAiB,EAAE,UAAU;oBAC7B,aAAa,EAAE,QAAQ,CAAC,YAAY;oBACpC,eAAe,EAAE,QAAQ,CAAC,MAAM;iBACjC,CAAC,CAAC;YACL,CAAC;YAAC,MAAM,CAAC;gBACP,mDAAmD;YACrD,CAAC;QACH,CAAC;QAED,OAAO,cAAc,CAAC;IACxB,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,uDAAuD;QACvD,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC,CAAC;QAC7D,OAAO,CAAC,KAAK,CAAC,2CAA2C,EAAE,GAAG,CAAC,CAAC;QAEhE,MAAM,OAAO,GAAG,QAAQ,CAAC;YACvB,SAAS,EAAE,IAAI;YACf,OAAO,EAAE,OAAO,IAAI,IAAI;YACxB,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,WAAW,EAAE,MAAM,CAAC,IAAI;YACxB,iBAAiB,EAAE,MAAM,CAAC,UAAU;YACpC,WAAW,EAAE,CAAC;YACd,iBAAiB,EAAE,YAAY;YAC/B,eAAe,EAAE,OAAO;YACxB,aAAa,EAAE,GAAG;YAClB,iBAAiB,EAAE,oBAAoB;YACvC,gBAAgB,EAAE,IAAI;YACtB,MAAM,EAAE,iCAAiC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,CAAC,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE;YAC3F,mBAAmB,EAAE,IAAI;YACzB,oBAAoB,EAAE,UAAU;SACjC,CAAC,CAAC;QAEH,OAAO;YACL,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE;gBACR,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,2CAA2C;gBACnD,gBAAgB,EAAE,CAAC,gBAAgB,CAAC;gBACpC,YAAY,EAAE,GAAG;gBACjB,eAAe,EAAE,EAAE;aACpB;YACD,aAAa,EAAE,IAAI;YACnB,WAAW,EAAE;gBACX,KAAK,EAAE,YAAY;gBACnB,UAAU,EAAE,CAAC;gBACb,gBAAgB,EAAE,EAAE;gBACpB,iBAAiB,EAAE,IAAI;aACxB;YACD,KAAK,EAAE;gBACL,KAAK,EAAE,CAAC;gBACR,MAAM;gBACN,SAAS,EAAE,EAAE;aACd;YACD,OAAO;SACR,CAAC;IACJ,CAAC;AACH,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,CAAC,KAAK,UAAU,4BAA4B,CAChD,OAAe,EACf,KAAa,EACb,MAAqB,EACrB,MAAsB,EACtB,OAAgB;IAEhB,MAAM,MAAM,GAAG,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,CAAC,CAAC;IAE3E,0EAA0E;IAC1E,MAAM,EAAE,cAAc,EAAE,eAAe,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAC/E,MAAM,YAAY,GAAG,eAAe,EAAE,CAAC;IACvC,MAAM,WAAW,GAAG,cAAc,EAAE,CAAC;IAErC,uCAAuC;IACvC,IAAI,CAAC,WAAW,CAAC,YAAY,IAAI,CAAC,WAAW,CAAC,WAAW,IAAI,CAAC,YAAY,CAAC,aAAa,EAAE,CAAC;QACzF,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,IAAI,CAAC,YAAY,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;QAClE,OAAO,MAAM,CAAC;IAChB,CAAC;IAED,0BAA0B;IAC1B,MAAM,EAAE,kBAAkB,EAAE,GAAG,MAAM,MAAM,CAAC,oBAAoB,CAAC,CAAC;IAClE,MAAM,YAAY,GAAG,MAAM,kBAAkB,CAAC,OAAO,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC;IAE9E,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,OAAO,EAAE,GAAG,MAAM,EAAE,YAAY,EAAE,EAAE,EAAE,EAAE,CAAC,EAAE,MAAM,EAAE,SAAS,EAAE,IAAI,EAAE,YAAY,CAAC,UAAU,EAAE,EAAE,CAAC;IAClG,CAAC;IAED,MAAM,YAAY,GAAoD;QACpE,EAAE,EAAE,YAAY,CAAC,EAAE;QACnB,MAAM,EAAE,YAAY,CAAC,MAA4C;QACjE,OAAO,EAAE,YAAY,CAAC,OAAO;QAC7B,UAAU,EAAE,YAAY,CAAC,UAAU;QACnC,gBAAgB,EAAE,YAAY,CAAC,gBAAgB;QAC/C,MAAM,EAAE,YAAY,CAAC,MAAM;QAC3B,IAAI,EAAE,YAAY,CAAC,UAAU;KAC9B,CAAC;IAEF,sFAAsF;IACtF,IACE,YAAY,CAAC,UAAU,KAAK,SAAS;QACrC,YAAY,CAAC,MAAM,KAAK,WAAW;QACnC,YAAY,CAAC,OAAO,KAAK,QAAQ;QACjC,CAAC,YAAY,CAAC,UAAU,IAAI,CAAC,CAAC,IAAI,GAAG;QACrC,MAAM,CAAC,QAAQ,CAAC,MAAM,KAAK,YAAY,EACvC,CAAC;QACD,YAAY,CAAC,sBAAsB,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC;QAC7D,OAAO;YACL,GAAG,MAAM;YACT,OAAO,EAAE,KAAK;YACd,QAAQ,EAAE;gBACR,GAAG,MAAM,CAAC,QAAQ;gBAClB,MAAM,EAAE,OAAO;gBACf,MAAM,EAAE,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,sCAAsC,YAAY,CAAC,UAAU,GAAG;aAClG;YACD,YAAY;SACb,CAAC;IACJ,CAAC;IAED,OAAO,EAAE,GAAG,MAAM,EAAE,YAAY,EAAE,CAAC;AACrC,CAAC"}
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Deep Skill Scanner — enhanced multi-file analysis (Pro feature).
|
|
3
|
+
*
|
|
4
|
+
* Performs cross-file correlation and semantic intent analysis.
|
|
5
|
+
* Degrades gracefully when embedding model is unavailable.
|
|
6
|
+
*/
|
|
7
|
+
import type { SkillScanResult } from './scan-skill.js';
|
|
8
|
+
export interface DeepScanCorrelation {
|
|
9
|
+
files: string[];
|
|
10
|
+
finding: string;
|
|
11
|
+
severity: 'critical' | 'high' | 'medium';
|
|
12
|
+
}
|
|
13
|
+
export interface DeepScanResult {
|
|
14
|
+
correlations: DeepScanCorrelation[];
|
|
15
|
+
intentBreakdown: Record<string, number>;
|
|
16
|
+
recommendations: string[];
|
|
17
|
+
scanResults: SkillScanResult[];
|
|
18
|
+
degraded: boolean;
|
|
19
|
+
degradedReason?: string;
|
|
20
|
+
}
|
|
21
|
+
/**
|
|
22
|
+
* Run deep scan on multiple skill file contents.
|
|
23
|
+
* Cross-correlates findings across files and analyses intent patterns.
|
|
24
|
+
*/
|
|
25
|
+
export declare function runDeepScan(files: Array<{
|
|
26
|
+
name: string;
|
|
27
|
+
content: string;
|
|
28
|
+
format?: string;
|
|
29
|
+
}>): Promise<DeepScanResult>;
|
|
30
|
+
//# sourceMappingURL=deep-scan.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"deep-scan.d.ts","sourceRoot":"","sources":["../../../src/defence/skill-scanner/deep-scan.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAGH,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,iBAAiB,CAAC;AAGvD,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,EAAE,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;CAC1C;AAED,MAAM,WAAW,cAAc;IAC7B,YAAY,EAAE,mBAAmB,EAAE,CAAC;IACpC,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;IACxC,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,EAAE,eAAe,EAAE,CAAC;IAC/B,QAAQ,EAAE,OAAO,CAAC;IAClB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED;;;GAGG;AACH,wBAAsB,WAAW,CAAC,KAAK,EAAE,KAAK,CAAC;IAAE,IAAI,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAC;IAAC,MAAM,CAAC,EAAE,MAAM,CAAA;CAAE,CAAC,GAAG,OAAO,CAAC,cAAc,CAAC,CAyH3H"}
|
|
@@ -0,0 +1,112 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Deep Skill Scanner — enhanced multi-file analysis (Pro feature).
|
|
3
|
+
*
|
|
4
|
+
* Performs cross-file correlation and semantic intent analysis.
|
|
5
|
+
* Degrades gracefully when embedding model is unavailable.
|
|
6
|
+
*/
|
|
7
|
+
import { scanSkillContent } from './scan-skill.js';
|
|
8
|
+
/**
|
|
9
|
+
* Run deep scan on multiple skill file contents.
|
|
10
|
+
* Cross-correlates findings across files and analyses intent patterns.
|
|
11
|
+
*/
|
|
12
|
+
export async function runDeepScan(files) {
|
|
13
|
+
const scanResults = [];
|
|
14
|
+
const correlations = [];
|
|
15
|
+
const intentCounts = {};
|
|
16
|
+
const recommendations = [];
|
|
17
|
+
let degraded = false;
|
|
18
|
+
let degradedReason;
|
|
19
|
+
// Scan each file individually
|
|
20
|
+
for (const file of files) {
|
|
21
|
+
try {
|
|
22
|
+
const result = scanSkillContent(file.content, undefined, file.format, file.name);
|
|
23
|
+
scanResults.push(result);
|
|
24
|
+
}
|
|
25
|
+
catch {
|
|
26
|
+
// Skip files that fail to scan
|
|
27
|
+
}
|
|
28
|
+
}
|
|
29
|
+
// Cross-file correlation: look for conflicting declarations
|
|
30
|
+
const allFindings = scanResults.flatMap((r, i) => r.findings.map(f => ({ ...f, fileIndex: i, fileName: files[i]?.name || `file-${i}` })));
|
|
31
|
+
// Detect permission escalation across files (match on pattern name)
|
|
32
|
+
const permissionFiles = allFindings.filter(f => f.pattern === 'tool_injection' || f.pattern === 'privilege_escalation');
|
|
33
|
+
if (permissionFiles.length > 1) {
|
|
34
|
+
const uniqueFiles = [...new Set(permissionFiles.map(f => f.fileName))];
|
|
35
|
+
if (uniqueFiles.length > 1) {
|
|
36
|
+
correlations.push({
|
|
37
|
+
files: uniqueFiles,
|
|
38
|
+
finding: 'Multiple files contain permission escalation or tool abuse patterns',
|
|
39
|
+
severity: 'high',
|
|
40
|
+
});
|
|
41
|
+
}
|
|
42
|
+
}
|
|
43
|
+
// Detect data exfiltration patterns across files
|
|
44
|
+
const exfilFiles = allFindings.filter(f => f.pattern === 'data_exfiltration' || f.pattern === 'exfiltration');
|
|
45
|
+
if (exfilFiles.length > 0) {
|
|
46
|
+
const uniqueFiles = [...new Set(exfilFiles.map(f => f.fileName))];
|
|
47
|
+
correlations.push({
|
|
48
|
+
files: uniqueFiles,
|
|
49
|
+
finding: 'Data exfiltration patterns detected across skill files',
|
|
50
|
+
severity: 'critical',
|
|
51
|
+
});
|
|
52
|
+
}
|
|
53
|
+
// Detect contradictory patterns (one file says read-only, another writes)
|
|
54
|
+
const readOnlyFiles = allFindings.filter(f => f.matchedText?.toLowerCase().includes('read-only') || f.matchedText?.toLowerCase().includes('readonly'));
|
|
55
|
+
const writeFiles = allFindings.filter(f => f.pattern === 'tool_injection' && (f.matchedText?.includes('write') || f.matchedText?.includes('exec')));
|
|
56
|
+
if (readOnlyFiles.length > 0 && writeFiles.length > 0) {
|
|
57
|
+
correlations.push({
|
|
58
|
+
files: [...new Set([...readOnlyFiles, ...writeFiles].map(f => f.fileName))],
|
|
59
|
+
finding: 'Contradiction: skill declares read-only access but contains write/exec patterns',
|
|
60
|
+
severity: 'high',
|
|
61
|
+
});
|
|
62
|
+
}
|
|
63
|
+
// Intent breakdown from findings
|
|
64
|
+
for (const finding of allFindings) {
|
|
65
|
+
const cat = finding.pattern || 'unknown';
|
|
66
|
+
intentCounts[cat] = (intentCounts[cat] || 0) + 1;
|
|
67
|
+
}
|
|
68
|
+
// Semantic analysis via embeddings (optional — degrades gracefully)
|
|
69
|
+
try {
|
|
70
|
+
const { generateEmbedding } = await import('../../embeddings/index.js');
|
|
71
|
+
// Test with a simple string to verify model is loaded
|
|
72
|
+
await generateEmbedding('test');
|
|
73
|
+
// If embeddings work, analyse semantic intent
|
|
74
|
+
for (const file of files) {
|
|
75
|
+
try {
|
|
76
|
+
const embedding = await generateEmbedding(file.content.slice(0, 1000));
|
|
77
|
+
if (embedding) {
|
|
78
|
+
intentCounts['Semantic analysis'] = (intentCounts['Semantic analysis'] || 0) + 1;
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
catch {
|
|
82
|
+
// Individual file embedding failure is non-fatal
|
|
83
|
+
}
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
catch {
|
|
87
|
+
degraded = true;
|
|
88
|
+
degradedReason = 'Embedding model unavailable — showing pattern-based analysis only';
|
|
89
|
+
}
|
|
90
|
+
// Generate recommendations
|
|
91
|
+
if (correlations.some(c => c.severity === 'critical')) {
|
|
92
|
+
recommendations.push('Review files with critical cross-file correlations immediately');
|
|
93
|
+
}
|
|
94
|
+
if (permissionFiles.length > 0) {
|
|
95
|
+
recommendations.push('Restrict filesystem and process execution permissions in skill manifests');
|
|
96
|
+
}
|
|
97
|
+
if (exfilFiles.length > 0) {
|
|
98
|
+
recommendations.push('Add explicit network permission declarations and restrict outbound URLs');
|
|
99
|
+
}
|
|
100
|
+
if (scanResults.some(r => r.findings.length > 5)) {
|
|
101
|
+
recommendations.push('Consider splitting complex skill files to reduce attack surface');
|
|
102
|
+
}
|
|
103
|
+
return {
|
|
104
|
+
correlations,
|
|
105
|
+
intentBreakdown: intentCounts,
|
|
106
|
+
recommendations,
|
|
107
|
+
scanResults,
|
|
108
|
+
degraded,
|
|
109
|
+
degradedReason,
|
|
110
|
+
};
|
|
111
|
+
}
|
|
112
|
+
//# sourceMappingURL=deep-scan.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"deep-scan.js","sourceRoot":"","sources":["../../../src/defence/skill-scanner/deep-scan.ts"],"names":[],"mappings":"AAAA;;;;;GAKG;AAEH,OAAO,EAAE,gBAAgB,EAAE,MAAM,iBAAiB,CAAC;AAmBnD;;;GAGG;AACH,MAAM,CAAC,KAAK,UAAU,WAAW,CAAC,KAAgE;IAChG,MAAM,WAAW,GAAsB,EAAE,CAAC;IAC1C,MAAM,YAAY,GAA0B,EAAE,CAAC;IAC/C,MAAM,YAAY,GAA2B,EAAE,CAAC;IAChD,MAAM,eAAe,GAAa,EAAE,CAAC;IACrC,IAAI,QAAQ,GAAG,KAAK,CAAC;IACrB,IAAI,cAAkC,CAAC;IAEvC,8BAA8B;IAC9B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;QACzB,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,gBAAgB,CAC7B,IAAI,CAAC,OAAO,EACZ,SAAS,EACT,IAAI,CAAC,MAAiC,EACtC,IAAI,CAAC,IAAI,CACV,CAAC;YACF,WAAW,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC3B,CAAC;QAAC,MAAM,CAAC;YACP,+BAA+B;QACjC,CAAC;IACH,CAAC;IAED,4DAA4D;IAC5D,MAAM,WAAW,GAAG,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAC/C,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC,CAAC,EAAE,IAAI,IAAI,QAAQ,CAAC,EAAE,EAAE,CAAC,CAAC,CACvF,CAAC;IAEF,oEAAoE;IACpE,MAAM,eAAe,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC7C,CAAC,CAAC,OAAO,KAAK,gBAAgB,IAAI,CAAC,CAAC,OAAO,KAAK,sBAAsB,CACvE,CAAC;IACF,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,eAAe,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QACvE,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,YAAY,CAAC,IAAI,CAAC;gBAChB,KAAK,EAAE,WAAW;gBAClB,OAAO,EAAE,qEAAqE;gBAC9E,QAAQ,EAAE,MAAM;aACjB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACxC,CAAC,CAAC,OAAO,KAAK,mBAAmB,IAAI,CAAC,CAAC,OAAO,KAAK,cAAc,CAClE,CAAC;IACF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC;QAClE,YAAY,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,WAAW;YAClB,OAAO,EAAE,wDAAwD;YACjE,QAAQ,EAAE,UAAU;SACrB,CAAC,CAAC;IACL,CAAC;IAED,0EAA0E;IAC1E,MAAM,aAAa,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAC3C,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,WAAW,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,WAAW,EAAE,CAAC,QAAQ,CAAC,UAAU,CAAC,CACxG,CAAC;IACF,MAAM,UAAU,GAAG,WAAW,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CACxC,CAAC,CAAC,OAAO,KAAK,gBAAgB,IAAI,CAAC,CAAC,CAAC,WAAW,EAAE,QAAQ,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC,CACxG,CAAC;IACF,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACtD,YAAY,CAAC,IAAI,CAAC;YAChB,KAAK,EAAE,CAAC,GAAG,IAAI,GAAG,CAAC,CAAC,GAAG,aAAa,EAAE,GAAG,UAAU,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YAC3E,OAAO,EAAE,iFAAiF;YAC1F,QAAQ,EAAE,MAAM;SACjB,CAAC,CAAC;IACL,CAAC;IAED,iCAAiC;IACjC,KAAK,MAAM,OAAO,IAAI,WAAW,EAAE,CAAC;QAClC,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,IAAI,SAAS,CAAC;QACzC,YAAY,CAAC,GAAG,CAAC,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACnD,CAAC;IAED,oEAAoE;IACpE,IAAI,CAAC;QACH,MAAM,EAAE,iBAAiB,EAAE,GAAG,MAAM,MAAM,CAAC,2BAA2B,CAAC,CAAC;QACxE,sDAAsD;QACtD,MAAM,iBAAiB,CAAC,MAAM,CAAC,CAAC;QAEhC,8CAA8C;QAC9C,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,IAAI,CAAC;gBACH,MAAM,SAAS,GAAG,MAAM,iBAAiB,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,IAAI,CAAC,CAAC,CAAC;gBACvE,IAAI,SAAS,EAAE,CAAC;oBACd,YAAY,CAAC,mBAAmB,CAAC,GAAG,CAAC,YAAY,CAAC,mBAAmB,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;gBACnF,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,iDAAiD;YACnD,CAAC;QACH,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,QAAQ,GAAG,IAAI,CAAC;QAChB,cAAc,GAAG,mEAAmE,CAAC;IACvF,CAAC;IAED,2BAA2B;IAC3B,IAAI,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,EAAE,CAAC;QACtD,eAAe,CAAC,IAAI,CAAC,gEAAgE,CAAC,CAAC;IACzF,CAAC;IACD,IAAI,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC/B,eAAe,CAAC,IAAI,CAAC,0EAA0E,CAAC,CAAC;IACnG,CAAC;IACD,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,eAAe,CAAC,IAAI,CAAC,yEAAyE,CAAC,CAAC;IAClG,CAAC;IACD,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,CAAC;QACjD,eAAe,CAAC,IAAI,CAAC,iEAAiE,CAAC,CAAC;IAC1F,CAAC;IAED,OAAO;QACL,YAAY;QACZ,eAAe,EAAE,YAAY;QAC7B,eAAe;QACf,WAAW;QACX,QAAQ;QACR,cAAc;KACf,CAAC;AACJ,CAAC"}
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Tool Response Scanner
|
|
3
|
+
*
|
|
4
|
+
* Lightweight defence scanner for MCP tool outputs (read-path).
|
|
5
|
+
* Runs injection detection + credential leak scanning (2 of 6 layers).
|
|
6
|
+
* Skips fragmentation, sensitivity, and trust scoring (write-path concerns).
|
|
7
|
+
*
|
|
8
|
+
* Advisory by default: logs threats but never blocks tool responses.
|
|
9
|
+
*/
|
|
10
|
+
import type { ToolResponseScanResult } from './types.js';
|
|
11
|
+
/**
|
|
12
|
+
* Check if a tool's response should be scanned.
|
|
13
|
+
* Unknown tools (e.g. external MCP servers) default to scanned.
|
|
14
|
+
*/
|
|
15
|
+
export declare function shouldScanToolResponse(toolName: string): boolean;
|
|
16
|
+
/**
|
|
17
|
+
* Scan a tool response for threats.
|
|
18
|
+
*
|
|
19
|
+
* Runs injection scanning (40+ patterns) + credential leak detection (25+ providers).
|
|
20
|
+
* In advisory mode, threats are logged but the response is never blocked.
|
|
21
|
+
*/
|
|
22
|
+
export declare function scanToolResponse(toolName: string, content: string, mode?: 'advisory' | 'enforce'): ToolResponseScanResult;
|
|
23
|
+
//# sourceMappingURL=tool-response-scanner.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"tool-response-scanner.d.ts","sourceRoot":"","sources":["../../src/defence/tool-response-scanner.ts"],"names":[],"mappings":"AAAA;;;;;;;;GAQG;AAOH,OAAO,KAAK,EAAmB,sBAAsB,EAAE,MAAM,YAAY,CAAC;AAwB1E;;;GAGG;AACH,wBAAgB,sBAAsB,CAAC,QAAQ,EAAE,MAAM,GAAG,OAAO,CAIhE;AAED;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAC9B,QAAQ,EAAE,MAAM,EAChB,OAAO,EAAE,MAAM,EACf,IAAI,CAAC,EAAE,UAAU,GAAG,SAAS,GAC5B,sBAAsB,CA4GxB"}
|