tryassay 0.31.0 → 0.33.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/cli.js +55 -0
- package/dist/cli.js.map +1 -1
- package/dist/commands/assess.js +73 -0
- package/dist/commands/assess.js.map +1 -1
- package/dist/commands/bounty-chain.d.ts +1 -0
- package/dist/commands/bounty-chain.js +34 -0
- package/dist/commands/bounty-chain.js.map +1 -0
- package/dist/commands/bounty-check.d.ts +10 -0
- package/dist/commands/bounty-check.js +104 -0
- package/dist/commands/bounty-check.js.map +1 -0
- package/dist/commands/bounty-discover.d.ts +6 -0
- package/dist/commands/bounty-discover.js +45 -0
- package/dist/commands/bounty-discover.js.map +1 -0
- package/dist/commands/bounty-scan.d.ts +7 -0
- package/dist/commands/bounty-scan.js +312 -0
- package/dist/commands/bounty-scan.js.map +1 -0
- package/dist/commands/bounty-watch.d.ts +9 -0
- package/dist/commands/bounty-watch.js +210 -0
- package/dist/commands/bounty-watch.js.map +1 -0
- package/dist/commands/hunt.d.ts +11 -0
- package/dist/commands/hunt.js +216 -0
- package/dist/commands/hunt.js.map +1 -0
- package/dist/hunt/__tests__/deep-dive.test.d.ts +1 -0
- package/dist/hunt/__tests__/deep-dive.test.js +102 -0
- package/dist/hunt/__tests__/deep-dive.test.js.map +1 -0
- package/dist/hunt/__tests__/discovery.test.d.ts +1 -0
- package/dist/hunt/__tests__/discovery.test.js +55 -0
- package/dist/hunt/__tests__/discovery.test.js.map +1 -0
- package/dist/hunt/__tests__/e2e.test.d.ts +1 -0
- package/dist/hunt/__tests__/e2e.test.js +261 -0
- package/dist/hunt/__tests__/e2e.test.js.map +1 -0
- package/dist/hunt/__tests__/matcher.test.d.ts +1 -0
- package/dist/hunt/__tests__/matcher.test.js +63 -0
- package/dist/hunt/__tests__/matcher.test.js.map +1 -0
- package/dist/hunt/__tests__/orchestrator.test.d.ts +1 -0
- package/dist/hunt/__tests__/orchestrator.test.js +73 -0
- package/dist/hunt/__tests__/orchestrator.test.js.map +1 -0
- package/dist/hunt/__tests__/parse-utils.test.d.ts +1 -0
- package/dist/hunt/__tests__/parse-utils.test.js +28 -0
- package/dist/hunt/__tests__/parse-utils.test.js.map +1 -0
- package/dist/hunt/__tests__/state.test.d.ts +1 -0
- package/dist/hunt/__tests__/state.test.js +49 -0
- package/dist/hunt/__tests__/state.test.js.map +1 -0
- package/dist/hunt/__tests__/templates.test.d.ts +1 -0
- package/dist/hunt/__tests__/templates.test.js +32 -0
- package/dist/hunt/__tests__/templates.test.js.map +1 -0
- package/dist/hunt/__tests__/triage.test.d.ts +1 -0
- package/dist/hunt/__tests__/triage.test.js +91 -0
- package/dist/hunt/__tests__/triage.test.js.map +1 -0
- package/dist/hunt/__tests__/types.test.d.ts +1 -0
- package/dist/hunt/__tests__/types.test.js +65 -0
- package/dist/hunt/__tests__/types.test.js.map +1 -0
- package/dist/hunt/deep-dive.d.ts +8 -0
- package/dist/hunt/deep-dive.js +86 -0
- package/dist/hunt/deep-dive.js.map +1 -0
- package/dist/hunt/discovery.d.ts +15 -0
- package/dist/hunt/discovery.js +116 -0
- package/dist/hunt/discovery.js.map +1 -0
- package/dist/hunt/matcher.d.ts +8 -0
- package/dist/hunt/matcher.js +27 -0
- package/dist/hunt/matcher.js.map +1 -0
- package/dist/hunt/orchestrator.d.ts +27 -0
- package/dist/hunt/orchestrator.js +91 -0
- package/dist/hunt/orchestrator.js.map +1 -0
- package/dist/hunt/parse-utils.d.ts +2 -0
- package/dist/hunt/parse-utils.js +17 -0
- package/dist/hunt/parse-utils.js.map +1 -0
- package/dist/hunt/state.d.ts +5 -0
- package/dist/hunt/state.js +35 -0
- package/dist/hunt/state.js.map +1 -0
- package/dist/hunt/templates/auth-bypass.d.ts +2 -0
- package/dist/hunt/templates/auth-bypass.js +80 -0
- package/dist/hunt/templates/auth-bypass.js.map +1 -0
- package/dist/hunt/templates/cors-misconfig.d.ts +2 -0
- package/dist/hunt/templates/cors-misconfig.js +88 -0
- package/dist/hunt/templates/cors-misconfig.js.map +1 -0
- package/dist/hunt/templates/csrf-bypass.d.ts +2 -0
- package/dist/hunt/templates/csrf-bypass.js +65 -0
- package/dist/hunt/templates/csrf-bypass.js.map +1 -0
- package/dist/hunt/templates/index.d.ts +3 -0
- package/dist/hunt/templates/index.js +29 -0
- package/dist/hunt/templates/index.js.map +1 -0
- package/dist/hunt/templates/injection.d.ts +2 -0
- package/dist/hunt/templates/injection.js +103 -0
- package/dist/hunt/templates/injection.js.map +1 -0
- package/dist/hunt/templates/open-redirect.d.ts +2 -0
- package/dist/hunt/templates/open-redirect.js +93 -0
- package/dist/hunt/templates/open-redirect.js.map +1 -0
- package/dist/hunt/templates/path-traversal.d.ts +2 -0
- package/dist/hunt/templates/path-traversal.js +94 -0
- package/dist/hunt/templates/path-traversal.js.map +1 -0
- package/dist/hunt/templates/prototype-pollution.d.ts +2 -0
- package/dist/hunt/templates/prototype-pollution.js +108 -0
- package/dist/hunt/templates/prototype-pollution.js.map +1 -0
- package/dist/hunt/templates/ssrf.d.ts +2 -0
- package/dist/hunt/templates/ssrf.js +75 -0
- package/dist/hunt/templates/ssrf.js.map +1 -0
- package/dist/hunt/templates/timing-attack.d.ts +2 -0
- package/dist/hunt/templates/timing-attack.js +108 -0
- package/dist/hunt/templates/timing-attack.js.map +1 -0
- package/dist/hunt/templates/weak-random.d.ts +2 -0
- package/dist/hunt/templates/weak-random.js +73 -0
- package/dist/hunt/templates/weak-random.js.map +1 -0
- package/dist/hunt/triage.d.ts +8 -0
- package/dist/hunt/triage.js +78 -0
- package/dist/hunt/triage.js.map +1 -0
- package/dist/lib/__tests__/bounty-scan.test.d.ts +1 -0
- package/dist/lib/__tests__/bounty-scan.test.js +15 -0
- package/dist/lib/__tests__/bounty-scan.test.js.map +1 -0
- package/dist/lib/__tests__/chain-analyzer.test.d.ts +1 -0
- package/dist/lib/__tests__/chain-analyzer.test.js +47 -0
- package/dist/lib/__tests__/chain-analyzer.test.js.map +1 -0
- package/dist/lib/__tests__/change-classifier.test.d.ts +1 -0
- package/dist/lib/__tests__/change-classifier.test.js +55 -0
- package/dist/lib/__tests__/change-classifier.test.js.map +1 -0
- package/dist/lib/__tests__/finding-dedup.test.d.ts +1 -0
- package/dist/lib/__tests__/finding-dedup.test.js +30 -0
- package/dist/lib/__tests__/finding-dedup.test.js.map +1 -0
- package/dist/lib/__tests__/learned-rules.test.js +25 -0
- package/dist/lib/__tests__/learned-rules.test.js.map +1 -1
- package/dist/lib/__tests__/novelty-checker.test.d.ts +1 -0
- package/dist/lib/__tests__/novelty-checker.test.js +57 -0
- package/dist/lib/__tests__/novelty-checker.test.js.map +1 -0
- package/dist/lib/__tests__/program-registry.test.d.ts +1 -0
- package/dist/lib/__tests__/program-registry.test.js +40 -0
- package/dist/lib/__tests__/program-registry.test.js.map +1 -0
- package/dist/lib/__tests__/retry.test.d.ts +1 -0
- package/dist/lib/__tests__/retry.test.js +23 -0
- package/dist/lib/__tests__/retry.test.js.map +1 -0
- package/dist/lib/__tests__/watchlist.test.d.ts +1 -0
- package/dist/lib/__tests__/watchlist.test.js +88 -0
- package/dist/lib/__tests__/watchlist.test.js.map +1 -0
- package/dist/lib/chain-analyzer.d.ts +25 -0
- package/dist/lib/chain-analyzer.js +105 -0
- package/dist/lib/chain-analyzer.js.map +1 -0
- package/dist/lib/change-classifier.d.ts +3 -0
- package/dist/lib/change-classifier.js +97 -0
- package/dist/lib/change-classifier.js.map +1 -0
- package/dist/lib/finding-dedup.d.ts +2 -0
- package/dist/lib/finding-dedup.js +9 -0
- package/dist/lib/finding-dedup.js.map +1 -0
- package/dist/lib/issue-reporter.d.ts +13 -0
- package/dist/lib/issue-reporter.js +51 -0
- package/dist/lib/issue-reporter.js.map +1 -0
- package/dist/lib/novelty-checker.d.ts +60 -0
- package/dist/lib/novelty-checker.js +223 -0
- package/dist/lib/novelty-checker.js.map +1 -0
- package/dist/lib/program-registry.d.ts +12 -0
- package/dist/lib/program-registry.js +18 -0
- package/dist/lib/program-registry.js.map +1 -0
- package/dist/lib/retry.d.ts +5 -0
- package/dist/lib/retry.js +19 -0
- package/dist/lib/retry.js.map +1 -0
- package/dist/lib/watchlist.d.ts +23 -0
- package/dist/lib/watchlist.js +31 -0
- package/dist/lib/watchlist.js.map +1 -0
- package/dist/runtime/safe-executor.js +1 -1
- package/dist/runtime/safe-executor.js.map +1 -1
- package/dist/runtime/types.d.ts +1 -1
- package/dist/sdk/forward-verify.d.ts +2 -2
- package/dist/sdk/forward-verify.js +31 -2
- package/dist/sdk/forward-verify.js.map +1 -1
- package/dist/sdk/types.d.ts +8 -0
- package/dist/types.d.ts +45 -0
- package/package.json +1 -1
|
@@ -0,0 +1,47 @@
|
|
|
1
|
+
import { describe, it, expect } from 'vitest';
|
|
2
|
+
import { detectChains, CHAIN_PATTERNS } from '../chain-analyzer.js';
|
|
3
|
+
const makeFinding = (file, claim, verdict = 'FAIL') => ({
|
|
4
|
+
file, claimId: 'test-' + Math.random().toString(36).slice(2, 8), claim, verdict, severity: 'high', reasoning: 'test', evidence: file,
|
|
5
|
+
});
|
|
6
|
+
describe('detectChains', () => {
|
|
7
|
+
it('should detect SSRF + CORS chain (CHAIN-001)', () => {
|
|
8
|
+
const findings = [
|
|
9
|
+
makeFinding('src/proxy.ts', 'SSRF: unvalidated fetch target from user-controlled header'),
|
|
10
|
+
makeFinding('src/proxy.ts', 'CORS: Access-Control-Allow-Origin reflects request Origin with credentials'),
|
|
11
|
+
];
|
|
12
|
+
const chains = detectChains(findings);
|
|
13
|
+
expect(chains.length).toBeGreaterThan(0);
|
|
14
|
+
expect(chains[0].chainId).toBe('CHAIN-001');
|
|
15
|
+
});
|
|
16
|
+
it('should NOT detect chains from PARTIAL findings', () => {
|
|
17
|
+
const findings = [
|
|
18
|
+
makeFinding('src/proxy.ts', 'SSRF: unvalidated fetch target', 'PARTIAL'),
|
|
19
|
+
makeFinding('src/proxy.ts', 'CORS origin reflection', 'PARTIAL'),
|
|
20
|
+
];
|
|
21
|
+
const chains = detectChains(findings);
|
|
22
|
+
expect(chains).toHaveLength(0);
|
|
23
|
+
});
|
|
24
|
+
it('should detect same-file correlation for non-template matches', () => {
|
|
25
|
+
const findings = [
|
|
26
|
+
makeFinding('src/auth.ts', 'Authentication bypass via header injection'),
|
|
27
|
+
makeFinding('src/auth.ts', 'Session fixation via cookie manipulation'),
|
|
28
|
+
];
|
|
29
|
+
const chains = detectChains(findings);
|
|
30
|
+
expect(chains.length).toBeGreaterThan(0);
|
|
31
|
+
expect(chains[0].chainId).toBe('SAME-FILE');
|
|
32
|
+
});
|
|
33
|
+
it('should return empty for findings in different files with no template match', () => {
|
|
34
|
+
const findings = [
|
|
35
|
+
makeFinding('src/auth.ts', 'Missing rate limiting on login endpoint'),
|
|
36
|
+
makeFinding('src/upload.ts', 'File size not validated on upload'),
|
|
37
|
+
];
|
|
38
|
+
const chains = detectChains(findings);
|
|
39
|
+
expect(chains).toHaveLength(0);
|
|
40
|
+
});
|
|
41
|
+
});
|
|
42
|
+
describe('CHAIN_PATTERNS', () => {
|
|
43
|
+
it('should have at least 7 defined patterns', () => {
|
|
44
|
+
expect(CHAIN_PATTERNS.length).toBeGreaterThanOrEqual(7);
|
|
45
|
+
});
|
|
46
|
+
});
|
|
47
|
+
//# sourceMappingURL=chain-analyzer.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"chain-analyzer.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/chain-analyzer.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,YAAY,EAAE,cAAc,EAAoB,MAAM,sBAAsB,CAAC;AAEtF,MAAM,WAAW,GAAG,CAAC,IAAY,EAAE,KAAa,EAAE,UAAkB,MAAM,EAAe,EAAE,CAAC,CAAC;IAC3F,IAAI,EAAE,OAAO,EAAE,OAAO,GAAG,IAAI,CAAC,MAAM,EAAE,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,EAAE,MAAM,EAAE,SAAS,EAAE,MAAM,EAAE,QAAQ,EAAE,IAAI;CACrI,CAAC,CAAC;AAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,QAAQ,GAAkB;YAC9B,WAAW,CAAC,cAAc,EAAE,4DAA4D,CAAC;YACzF,WAAW,CAAC,cAAc,EAAE,4EAA4E,CAAC;SAC1G,CAAC;QACF,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,QAAQ,GAAkB;YAC9B,WAAW,CAAC,cAAc,EAAE,gCAAgC,EAAE,SAAS,CAAC;YACxE,WAAW,CAAC,cAAc,EAAE,wBAAwB,EAAE,SAAS,CAAC;SACjE,CAAC;QACF,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8DAA8D,EAAE,GAAG,EAAE;QACtE,MAAM,QAAQ,GAAkB;YAC9B,WAAW,CAAC,aAAa,EAAE,4CAA4C,CAAC;YACxE,WAAW,CAAC,aAAa,EAAE,0CAA0C,CAAC;SACvE,CAAC;QACF,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACzC,MAAM,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4EAA4E,EAAE,GAAG,EAAE;QACpF,MAAM,QAAQ,GAAkB;YAC9B,WAAW,CAAC,aAAa,EAAE,yCAAyC,CAAC;YACrE,WAAW,CAAC,eAAe,EAAE,mCAAmC,CAAC;SAClE,CAAC;QACF,MAAM,MAAM,GAAG,YAAY,CAAC,QAAQ,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACjC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,CAAC,cAAc,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,55 @@
|
|
|
1
|
+
import { describe, it, expect } from 'vitest';
|
|
2
|
+
import { classifyChange, mapExperimentCategory } from '../change-classifier.js';
|
|
3
|
+
describe('classifyChange', () => {
|
|
4
|
+
it('classifies single-quoted string change', () => {
|
|
5
|
+
expect(classifyChange(`"What's on your mind..."`, `"Type your message here..."`, 'src/components/ChatInput.tsx')).toBe('string_literal');
|
|
6
|
+
});
|
|
7
|
+
it('classifies double-quoted string change', () => {
|
|
8
|
+
expect(classifyChange(`return 'just now';`, `return 'moments ago';`, 'src/utils/time.ts')).toBe('string_literal');
|
|
9
|
+
});
|
|
10
|
+
it('classifies template literal with interpolation as logic', () => {
|
|
11
|
+
expect(classifyChange('`Hello ${name}`', '`Welcome ${name}, your score is ${score}`', 'src/utils/greet.ts')).toBe('logic');
|
|
12
|
+
});
|
|
13
|
+
it('classifies comment addition', () => {
|
|
14
|
+
expect(classifyChange('function foo() {', '// Added a comment\nfunction foo() {', 'src/utils/foo.ts')).toBe('comment');
|
|
15
|
+
});
|
|
16
|
+
it('classifies CSS property change', () => {
|
|
17
|
+
expect(classifyChange('minHeight: "60px"', 'minHeight: "80px"', 'src/components/ChatInput.tsx')).toBe('css_style');
|
|
18
|
+
});
|
|
19
|
+
it('classifies numeric constant change', () => {
|
|
20
|
+
expect(classifyChange('Math.min(e.target.scrollHeight, 400)', 'Math.min(e.target.scrollHeight, 300)', 'src/components/ChatInput.tsx')).toBe('numeric_constant');
|
|
21
|
+
});
|
|
22
|
+
it('classifies pagination limit change as numeric', () => {
|
|
23
|
+
expect(classifyChange('const LIMIT = 10;', 'const LIMIT = 20;', 'src/stores/conversations.ts')).toBe('numeric_constant');
|
|
24
|
+
});
|
|
25
|
+
it('classifies import addition', () => {
|
|
26
|
+
expect(classifyChange('', `import { NonExistent } from './non-existent';`, 'src/components/WelcomeView.tsx')).toBe('import_export');
|
|
27
|
+
});
|
|
28
|
+
it('classifies export removal', () => {
|
|
29
|
+
expect(classifyChange('export function useApi() {', 'function useApi() {', 'src/components/ApiContext.tsx')).toBe('import_export');
|
|
30
|
+
});
|
|
31
|
+
it('classifies type change', () => {
|
|
32
|
+
expect(classifyChange('role: MessageRole', 'role: number', 'src/types/conversation.ts')).toBe('type_definition');
|
|
33
|
+
});
|
|
34
|
+
it('classifies interface field deletion', () => {
|
|
35
|
+
expect(classifyChange(' name: string;\n created: number;', ' created: number;', 'src/types/conversation.ts')).toBe('type_definition');
|
|
36
|
+
});
|
|
37
|
+
it('classifies console.log addition as logic', () => {
|
|
38
|
+
expect(classifyChange('export function setDocumentTitle(title?: string) {\n document.title', "export function setDocumentTitle(title?: string) {\n console.log('called');\n document.title", 'src/utils/title.ts')).toBe('logic');
|
|
39
|
+
});
|
|
40
|
+
it('classifies mixed string + import as import_export', () => {
|
|
41
|
+
expect(classifyChange(`import { foo } from './foo';\nconst msg = "hello";`, `import { foo, bar } from './foo';\nconst msg = "world";`, 'src/app.ts')).toBe('import_export');
|
|
42
|
+
});
|
|
43
|
+
it('returns unknown for empty diff', () => {
|
|
44
|
+
expect(classifyChange('', '', 'src/foo.ts')).toBe('unknown');
|
|
45
|
+
});
|
|
46
|
+
});
|
|
47
|
+
describe('mapExperimentCategory', () => {
|
|
48
|
+
it('maps string_constant to string_literal', () => { expect(mapExperimentCategory('string_constant')).toBe('string_literal'); });
|
|
49
|
+
it('maps css_styling to css_style', () => { expect(mapExperimentCategory('css_styling')).toBe('css_style'); });
|
|
50
|
+
it('maps console_log to logic', () => { expect(mapExperimentCategory('console_log')).toBe('logic'); });
|
|
51
|
+
it('maps missing_module to import_export', () => { expect(mapExperimentCategory('missing_module')).toBe('import_export'); });
|
|
52
|
+
it('maps type_deletion to type_definition', () => { expect(mapExperimentCategory('type_deletion')).toBe('type_definition'); });
|
|
53
|
+
it('returns unknown for unmapped categories', () => { expect(mapExperimentCategory('something_new')).toBe('unknown'); });
|
|
54
|
+
});
|
|
55
|
+
//# sourceMappingURL=change-classifier.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"change-classifier.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/change-classifier.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,cAAc,EAAE,qBAAqB,EAAuB,MAAM,yBAAyB,CAAC;AAErG,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;IAC9B,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,CAAC,cAAc,CAAC,0BAA0B,EAAE,6BAA6B,EAAE,8BAA8B,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IAC3I,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,CAAC,cAAc,CAAC,oBAAoB,EAAE,uBAAuB,EAAE,mBAAmB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;IACpH,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,yDAAyD,EAAE,GAAG,EAAE;QACjE,MAAM,CAAC,cAAc,CAAC,iBAAiB,EAAE,2CAA2C,EAAE,oBAAoB,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7H,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,CAAC,cAAc,CAAC,kBAAkB,EAAE,sCAAsC,EAAE,kBAAkB,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IACzH,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,CAAC,cAAc,CAAC,mBAAmB,EAAE,mBAAmB,EAAE,8BAA8B,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IACrH,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,CAAC,cAAc,CAAC,sCAAsC,EAAE,sCAAsC,EAAE,8BAA8B,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAClK,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,+CAA+C,EAAE,GAAG,EAAE;QACvD,MAAM,CAAC,cAAc,CAAC,mBAAmB,EAAE,mBAAmB,EAAE,6BAA6B,CAAC,CAAC,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC3H,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,CAAC,cAAc,CAAC,EAAE,EAAE,+CAA+C,EAAE,gCAAgC,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACtI,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,CAAC,cAAc,CAAC,4BAA4B,EAAE,qBAAqB,EAAE,+BAA+B,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IACrI,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;QAChC,MAAM,CAAC,cAAc,CAAC,mBAAmB,EAAE,cAAc,EAAE,2BAA2B,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IACnH,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;QAC7C,MAAM,CAAC,cAAc,CAAC,qCAAqC,EAAE,oBAAoB,EAAE,2BAA2B,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC3I,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;QAClD,MAAM,CAAC,cAAc,CACnB,sEAAsE,EACtE,gGAAgG,EAChG,oBAAoB,CACrB,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACnB,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,CAAC,cAAc,CACnB,oDAAoD,EACpD,yDAAyD,EACzD,YAAY,CACb,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC3B,CAAC,CAAC,CAAC;IACH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,CAAC,cAAc,CAAC,EAAE,EAAE,EAAE,EAAE,YAAY,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;IAC/D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;IACrC,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,CAAC,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACjI,EAAE,CAAC,+BAA+B,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/G,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACvG,EAAE,CAAC,sCAAsC,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC7H,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC/H,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE,GAAG,MAAM,CAAC,qBAAqB,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAC3H,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,30 @@
|
|
|
1
|
+
import { describe, it, expect } from 'vitest';
|
|
2
|
+
import { hashFinding, isDuplicate } from '../finding-dedup.js';
|
|
3
|
+
describe('hashFinding', () => {
|
|
4
|
+
it('should produce consistent hash for same inputs', () => {
|
|
5
|
+
const h1 = hashFinding('https://github.com/org/repo', 'src/auth.ts', 'CSRF bypass in middleware');
|
|
6
|
+
const h2 = hashFinding('https://github.com/org/repo', 'src/auth.ts', 'CSRF bypass in middleware');
|
|
7
|
+
expect(h1).toBe(h2);
|
|
8
|
+
});
|
|
9
|
+
it('should produce different hash for different inputs', () => {
|
|
10
|
+
const h1 = hashFinding('https://github.com/org/repo', 'src/auth.ts', 'CSRF bypass');
|
|
11
|
+
const h2 = hashFinding('https://github.com/org/repo', 'src/cors.ts', 'CORS misconfiguration');
|
|
12
|
+
expect(h1).not.toBe(h2);
|
|
13
|
+
});
|
|
14
|
+
it('should normalize whitespace in claim text', () => {
|
|
15
|
+
const h1 = hashFinding('repo', 'file.ts', 'CSRF bypass in middleware');
|
|
16
|
+
const h2 = hashFinding('repo', 'file.ts', 'CSRF bypass in middleware');
|
|
17
|
+
expect(h1).toBe(h2);
|
|
18
|
+
});
|
|
19
|
+
});
|
|
20
|
+
describe('isDuplicate', () => {
|
|
21
|
+
it('should return true if hash is in reported list', () => {
|
|
22
|
+
const hash = hashFinding('repo', 'file.ts', 'claim');
|
|
23
|
+
expect(isDuplicate(hash, [hash, 'other'])).toBe(true);
|
|
24
|
+
});
|
|
25
|
+
it('should return false if hash is not in reported list', () => {
|
|
26
|
+
const hash = hashFinding('repo', 'file.ts', 'claim');
|
|
27
|
+
expect(isDuplicate(hash, ['other'])).toBe(false);
|
|
28
|
+
});
|
|
29
|
+
});
|
|
30
|
+
//# sourceMappingURL=finding-dedup.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"finding-dedup.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/finding-dedup.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,WAAW,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAE/D,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,EAAE,GAAG,WAAW,CAAC,6BAA6B,EAAE,aAAa,EAAE,2BAA2B,CAAC,CAAC;QAClG,MAAM,EAAE,GAAG,WAAW,CAAC,6BAA6B,EAAE,aAAa,EAAE,2BAA2B,CAAC,CAAC;QAClG,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,MAAM,EAAE,GAAG,WAAW,CAAC,6BAA6B,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;QACpF,MAAM,EAAE,GAAG,WAAW,CAAC,6BAA6B,EAAE,aAAa,EAAE,uBAAuB,CAAC,CAAC;QAC9F,MAAM,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,gCAAgC,CAAC,CAAC;QAC5E,MAAM,EAAE,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,2BAA2B,CAAC,CAAC;QACvE,MAAM,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACtB,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;IAC3B,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,IAAI,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACrD,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qDAAqD,EAAE,GAAG,EAAE;QAC7D,MAAM,IAAI,GAAG,WAAW,CAAC,MAAM,EAAE,SAAS,EAAE,OAAO,CAAC,CAAC;QACrD,MAAM,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACnD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -257,4 +257,29 @@ describe('Full Pipeline (learnFromFinding)', () => {
|
|
|
257
257
|
expect(summary.categories.length).toBeGreaterThan(0);
|
|
258
258
|
});
|
|
259
259
|
});
|
|
260
|
+
// ── LLM-Method Learning Tests ────────────────────────────────
|
|
261
|
+
describe('Learning from LLM-confirmed failures', () => {
|
|
262
|
+
it('should accept LLM-method FAIL verdicts for pattern extraction', () => {
|
|
263
|
+
const input = {
|
|
264
|
+
claim: {
|
|
265
|
+
id: 'CLAIM-001',
|
|
266
|
+
category: 'security',
|
|
267
|
+
severity: 'critical',
|
|
268
|
+
description: 'SQL query built with string concatenation',
|
|
269
|
+
assertion: 'All SQL queries use parameterized inputs',
|
|
270
|
+
},
|
|
271
|
+
verification: {
|
|
272
|
+
verdict: 'FAIL',
|
|
273
|
+
reasoning: 'Found template literal with SQL and interpolation',
|
|
274
|
+
},
|
|
275
|
+
code: 'const query = `SELECT * FROM users WHERE id = ${userId}`',
|
|
276
|
+
language: 'typescript',
|
|
277
|
+
filePath: 'src/db.ts',
|
|
278
|
+
};
|
|
279
|
+
const result = extractPattern(input);
|
|
280
|
+
expect(result.success).toBe(true);
|
|
281
|
+
expect(result.pattern).toBeDefined();
|
|
282
|
+
expect(result.pattern.kind).toBe('regex');
|
|
283
|
+
});
|
|
284
|
+
});
|
|
260
285
|
//# sourceMappingURL=learned-rules.test.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"learned-rules.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/learned-rules.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,mBAAmB,EACnB,UAAU,EACV,WAAW,EACX,gBAAgB,EAChB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,uBAAuB,EACvB,gBAAgB,EAChB,eAAe,EACf,sBAAsB,EACtB,aAAa,GACd,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAEjC,gEAAgE;AAEhE,MAAM,yBAAyB,GAA2B;IACxD,KAAK,EAAE;QACL,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,qDAAqD;KACjE;IACD,YAAY,EAAE;QACZ,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,0DAA0D;KACtE;IACD,IAAI,EAAE;;;EAGN;IACA,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,uBAAuB;CAClC,CAAC;AAEF,MAAM,iBAAiB,GAA2B;IAChD,KAAK,EAAE;QACL,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wEAAwE;QACrF,SAAS,EAAE,sDAAsD;KAClE;IACD,YAAY,EAAE;QACZ,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,0DAA0D;KACtE;IACD,IAAI,EAAE,2DAA2D;IACjE,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,iBAAiB;CAC5B,CAAC;AAEF,MAAM,oBAAoB,GAA2B;IACnD,KAAK,EAAE;QACL,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,qCAAqC;QAClD,SAAS,EAAE,0CAA0C;KACtD;IACD,YAAY,EAAE;QACZ,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,oDAAoD;KAChE;IACD,IAAI,EAAE,2DAA2D;IACjE,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,eAAe;CAC1B,CAAC;AAEF,gEAAgE;AAEhE,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB,EAAE,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,MAAM,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QACzD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,KAAK,GAAG;YACZ,GAAG,yBAAyB;YAC5B,YAAY,EAAE,EAAE,OAAO,EAAE,MAAgB,EAAE,SAAS,EAAE,YAAY,EAAE;SAC3C,CAAC;QAC5B,MAAM,MAAM,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,KAAK,GAA2B;YACpC,KAAK,EAAE;gBACL,EAAE,EAAE,WAAW;gBACf,QAAQ,EAAE,aAAa;gBACvB,QAAQ,EAAE,QAAQ;gBAClB,WAAW,EAAE,kBAAkB;gBAC/B,SAAS,EAAE,4BAA4B;aACxC;YACD,YAAY,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE;YACxD,IAAI,EAAE,0DAA0D;YAChE,QAAQ,EAAE,YAAY;YACtB,QAAQ,EAAE,aAAa;SACxB,CAAC;QACF,MAAM,MAAM,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,EAAE,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QACrD,MAAM,EAAE,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QAC7C,MAAM,CAAC,EAAE,CAAC,OAAQ,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAQ,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,UAAU,GAAG,sBAAsB,EAAE,CAAC;QAC5C,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC/C,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB,EAAE,CAAC;QACtB,gBAAgB,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC/B,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,iBAAiB,CAAC,CAAC;QAEhE,oCAAoC;QACpC,MAAM,OAAO,GAAG,uDAAuD,CAAC;QACxE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QACrE,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE5B,yCAAyC;QACzC,MAAM,QAAQ,GAAG,iDAAiD,CAAC;QACnE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACvE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,kBAAkB,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qBAAqB,EAAE,GAAG,EAAE;QAC7B,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QACpD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAChD,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB,EAAE,CAAC;QACtB,gBAAgB,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,iBAAiB,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,UAAU,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;QACxD,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,oBAAoB,CAAC,CAAC;QACnE,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;QAC7C,MAAM,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACvC,MAAM,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,kCAAkC,EAAE,GAAG,EAAE;IAChD,IAAI,OAAe,CAAC;IAEpB,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,mBAAmB,EAAE,CAAC;QACtB,gBAAgB,EAAE,CAAC;QACnB,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,qBAAqB,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;QACtF,CAAC;QAAC,MAAM,CAAC;YACP,8CAA8C;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,IAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAEnD,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAElE,MAAM,QAAQ,GAAG,MAAM,eAAe,CACpC,OAAO,EACP,6DAA6D,EAC7D,YAAY,CACb,CAAC;QAEF,oEAAoE;QACpE,mEAAmE;QACnE,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAK,CAAC,EAAE,CAAC,CAAC;YACpE,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9C,MAAM,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,MAAM,SAAS,GAAG;YAChB,GAAG,iBAAiB;YACpB,YAAY,EAAE,EAAE,OAAO,EAAE,MAAgB,EAAE,SAAS,EAAE,UAAU,EAAE;SACzC,CAAC;QAC5B,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC1D,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;QACtD,4EAA4E;QAC5E,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
1
|
+
{"version":3,"file":"learned-rules.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/learned-rules.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,mBAAmB,EACnB,UAAU,EACV,WAAW,EACX,gBAAgB,EAChB,cAAc,EACd,gBAAgB,EAChB,YAAY,EACZ,uBAAuB,EACvB,gBAAgB,EAChB,eAAe,EACf,sBAAsB,EACtB,aAAa,GACd,MAAM,2BAA2B,CAAC;AAEnC,OAAO,EAAE,OAAO,EAAE,EAAE,EAAE,MAAM,kBAAkB,CAAC;AAC/C,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AACjC,OAAO,EAAE,MAAM,EAAE,MAAM,SAAS,CAAC;AAEjC,gEAAgE;AAEhE,MAAM,yBAAyB,GAA2B;IACxD,KAAK,EAAE;QACL,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,MAAM;QAChB,WAAW,EAAE,qEAAqE;QAClF,SAAS,EAAE,qDAAqD;KACjE;IACD,YAAY,EAAE;QACZ,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,0DAA0D;KACtE;IACD,IAAI,EAAE;;;EAGN;IACA,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,uBAAuB;CAClC,CAAC;AAEF,MAAM,iBAAiB,GAA2B;IAChD,KAAK,EAAE;QACL,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,wEAAwE;QACrF,SAAS,EAAE,sDAAsD;KAClE;IACD,YAAY,EAAE;QACZ,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,0DAA0D;KACtE;IACD,IAAI,EAAE,2DAA2D;IACjE,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,iBAAiB;CAC5B,CAAC;AAEF,MAAM,oBAAoB,GAA2B;IACnD,KAAK,EAAE;QACL,EAAE,EAAE,WAAW;QACf,QAAQ,EAAE,UAAU;QACpB,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,qCAAqC;QAClD,SAAS,EAAE,0CAA0C;KACtD;IACD,YAAY,EAAE;QACZ,OAAO,EAAE,MAAM;QACf,SAAS,EAAE,oDAAoD;KAChE;IACD,IAAI,EAAE,2DAA2D;IACjE,QAAQ,EAAE,YAAY;IACtB,QAAQ,EAAE,eAAe;CAC1B,CAAC;AAEF,gEAAgE;AAEhE,QAAQ,CAAC,mBAAmB,EAAE,GAAG,EAAE;IACjC,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB,EAAE,CAAC;IACxB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6CAA6C,EAAE,GAAG,EAAE;QACrD,MAAM,MAAM,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QACzD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC;QAC7D,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;QAC9C,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAChE,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACjD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAClD,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACzD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;QACpD,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IACpD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;QACnC,MAAM,KAAK,GAAG;YACZ,GAAG,yBAAyB;YAC5B,YAAY,EAAE,EAAE,OAAO,EAAE,MAAgB,EAAE,SAAS,EAAE,YAAY,EAAE;SAC3C,CAAC;QAC5B,MAAM,MAAM,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACnC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;QACpD,MAAM,KAAK,GAA2B;YACpC,KAAK,EAAE;gBACL,EAAE,EAAE,WAAW;gBACf,QAAQ,EAAE,aAAa;gBACvB,QAAQ,EAAE,QAAQ;gBAClB,WAAW,EAAE,kBAAkB;gBAC/B,SAAS,EAAE,4BAA4B;aACxC;YACD,YAAY,EAAE,EAAE,OAAO,EAAE,MAAM,EAAE,SAAS,EAAE,UAAU,EAAE;YACxD,IAAI,EAAE,0DAA0D;YAChE,QAAQ,EAAE,YAAY;YACtB,QAAQ,EAAE,aAAa;SACxB,CAAC;QACF,MAAM,MAAM,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,EAAE,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QACrD,MAAM,EAAE,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QAC7C,MAAM,CAAC,EAAE,CAAC,OAAQ,CAAC,EAAE,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,OAAQ,CAAC,EAAE,CAAC,CAAC;IAClD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;QACtC,MAAM,UAAU,GAAG,sBAAsB,EAAE,CAAC;QAC5C,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QAC/C,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC1C,MAAM,CAAC,UAAU,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB,EAAE,CAAC;QACtB,gBAAgB,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;QACjD,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACtC,MAAM,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC/B,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QAC5C,MAAM,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;IAC3D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;QAC/C,MAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,iBAAiB,CAAC,CAAC;QAEhE,oCAAoC;QACpC,MAAM,OAAO,GAAG,uDAAuD,CAAC;QACxE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,OAAO,EAAE,YAAY,CAAC,CAAC;QACrE,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAE5B,yCAAyC;QACzC,MAAM,QAAQ,GAAG,iDAAiD,CAAC;QACnE,MAAM,EAAE,KAAK,EAAE,SAAS,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,QAAQ,EAAE,YAAY,CAAC,CAAC;QACvE,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;QACxC,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,EAAE,KAAK,EAAE,GAAG,WAAW,CAAC,IAAI,EAAE,kBAAkB,EAAE,QAAQ,CAAC,CAAC;QAClE,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qBAAqB,EAAE,GAAG,EAAE;QAC7B,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,EAAE,UAAU,CAAC,CAAC;QACpD,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QACzC,MAAM,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,UAAU,GAAG,cAAc,CAAC,yBAAyB,CAAC,CAAC;QAC7D,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,yBAAyB,CAAC,CAAC;QAExE,MAAM,KAAK,GAAG,cAAc,CAAC,IAAI,EAAE,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAChC,MAAM,CAAC,KAAK,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,KAAK,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAEzC,MAAM,UAAU,GAAG,cAAc,CAAC,KAAK,EAAE,KAAK,CAAC,CAAC;QAChD,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,UAAU,CAAC,iBAAiB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;QAC7C,MAAM,CAAC,UAAU,CAAC,kBAAkB,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAChD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;IAClC,UAAU,CAAC,GAAG,EAAE;QACd,mBAAmB,EAAE,CAAC;QACtB,gBAAgB,EAAE,CAAC;IACrB,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;QACnD,MAAM,UAAU,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;QACrD,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,iBAAiB,CAAC,CAAC;QAChE,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;QAC1C,MAAM,UAAU,GAAG,cAAc,CAAC,oBAAoB,CAAC,CAAC;QACxD,MAAM,IAAI,GAAG,UAAU,CAAC,UAAU,CAAC,OAAQ,EAAE,oBAAoB,CAAC,CAAC;QACnE,MAAM,MAAM,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC;QAElC,MAAM,CAAC,MAAM,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IAC5D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAC5B,MAAM,UAAU,GAAG,uBAAuB,EAAE,CAAC;QAC7C,MAAM,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QAC1C,MAAM,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;QACvC,MAAM,CAAC,UAAU,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,kCAAkC,EAAE,GAAG,EAAE;IAChD,IAAI,OAAe,CAAC;IAEpB,UAAU,CAAC,KAAK,IAAI,EAAE;QACpB,mBAAmB,EAAE,CAAC;QACtB,gBAAgB,EAAE,CAAC;QACnB,OAAO,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,MAAM,EAAE,EAAE,qBAAqB,CAAC,CAAC,CAAC;IACjE,CAAC,CAAC,CAAC;IAEH,SAAS,CAAC,KAAK,IAAI,EAAE;QACnB,IAAI,CAAC;YACH,MAAM,EAAE,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,EAAE,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC;QACtF,CAAC;QAAC,MAAM,CAAC;YACP,8CAA8C;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAElE,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,IAAK,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC/C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,MAAM,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAEnD,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;QACtD,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;QAChD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,sBAAsB,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,iBAAiB,CAAC,CAAC;QAElE,MAAM,QAAQ,GAAG,MAAM,eAAe,CACpC,OAAO,EACP,6DAA6D,EAC7D,YAAY,CACb,CAAC;QAEF,oEAAoE;QACpE,mEAAmE;QACnE,IAAI,MAAM,CAAC,OAAO,IAAI,MAAM,CAAC,IAAI,EAAE,CAAC;YAClC,MAAM,UAAU,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,MAAM,KAAK,MAAM,CAAC,IAAK,CAAC,EAAE,CAAC,CAAC;YACpE,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;YAC9C,MAAM,CAAC,UAAW,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAChD,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mCAAmC,EAAE,KAAK,IAAI,EAAE;QACjD,MAAM,SAAS,GAAG;YAChB,GAAG,iBAAiB;YACpB,YAAY,EAAE,EAAE,OAAO,EAAE,MAAgB,EAAE,SAAS,EAAE,UAAU,EAAE;SACzC,CAAC;QAC5B,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAC1D,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4CAA4C,EAAE,KAAK,IAAI,EAAE;QAC1D,MAAM,OAAO,GAAG,MAAM,sBAAsB,CAAC,OAAO,CAAC,CAAC;QACtD,4EAA4E;QAC5E,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACjD,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC;QACpD,MAAM,CAAC,OAAO,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,gEAAgE;AAEhE,QAAQ,CAAC,sCAAsC,EAAE,GAAG,EAAE;IACpD,EAAE,CAAC,+DAA+D,EAAE,GAAG,EAAE;QACvE,MAAM,KAAK,GAA2B;YACpC,KAAK,EAAE;gBACL,EAAE,EAAE,WAAW;gBACf,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,UAAU;gBACpB,WAAW,EAAE,2CAA2C;gBACxD,SAAS,EAAE,0CAA0C;aACtD;YACD,YAAY,EAAE;gBACZ,OAAO,EAAE,MAAM;gBACf,SAAS,EAAE,mDAAmD;aAC/D;YACD,IAAI,EAAE,0DAA0D;YAChE,QAAQ,EAAE,YAAY;YACtB,QAAQ,EAAE,WAAW;SACtB,CAAC;QAEF,MAAM,MAAM,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClC,MAAM,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,OAAQ,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
import { describe, it, expect } from 'vitest';
|
|
2
|
+
import { extractSecurityKeywords, parseGitLogForSecurityFixes, parseGitTags, checkCodeOnMain, } from '../novelty-checker.js';
|
|
3
|
+
describe('extractSecurityKeywords', () => {
|
|
4
|
+
it('should extract security-related words from a claim', () => {
|
|
5
|
+
const keywords = extractSecurityKeywords('CSRF wildcard bypass allows unauthorized Server Action invocation');
|
|
6
|
+
expect(keywords).toContain('csrf');
|
|
7
|
+
expect(keywords).toContain('bypass');
|
|
8
|
+
expect(keywords.length).toBeGreaterThan(0);
|
|
9
|
+
});
|
|
10
|
+
it('should return empty array for non-security claims', () => {
|
|
11
|
+
const keywords = extractSecurityKeywords('Function returns incorrect value');
|
|
12
|
+
expect(Array.isArray(keywords)).toBe(true);
|
|
13
|
+
});
|
|
14
|
+
});
|
|
15
|
+
describe('parseGitLogForSecurityFixes', () => {
|
|
16
|
+
it('should detect security fix commits', () => {
|
|
17
|
+
const gitLog = [
|
|
18
|
+
'abc1234 fix: patch CSRF wildcard bypass',
|
|
19
|
+
'def5678 feat: add new feature',
|
|
20
|
+
'ghi9012 security: fix XSS in header parsing',
|
|
21
|
+
].join('\n');
|
|
22
|
+
const result = parseGitLogForSecurityFixes(gitLog, ['csrf', 'wildcard']);
|
|
23
|
+
expect(result.hasSecurityFixes).toBe(true);
|
|
24
|
+
expect(result.matchingCommits.length).toBeGreaterThan(0);
|
|
25
|
+
expect(result.matchingCommits[0]).toContain('csrf');
|
|
26
|
+
});
|
|
27
|
+
it('should return no matches for unrelated commits', () => {
|
|
28
|
+
const gitLog = [
|
|
29
|
+
'abc1234 feat: add new button',
|
|
30
|
+
'def5678 docs: update readme',
|
|
31
|
+
].join('\n');
|
|
32
|
+
const result = parseGitLogForSecurityFixes(gitLog, ['csrf', 'injection']);
|
|
33
|
+
expect(result.hasSecurityFixes).toBe(false);
|
|
34
|
+
expect(result.matchingCommits).toHaveLength(0);
|
|
35
|
+
});
|
|
36
|
+
it('should handle empty git log', () => {
|
|
37
|
+
const result = parseGitLogForSecurityFixes('', ['csrf']);
|
|
38
|
+
expect(result.hasSecurityFixes).toBe(false);
|
|
39
|
+
});
|
|
40
|
+
});
|
|
41
|
+
describe('parseGitTags', () => {
|
|
42
|
+
it('should parse tag names from git output', () => {
|
|
43
|
+
const output = 'v16.2.0\nv16.1.6\nv16.1.5\n';
|
|
44
|
+
const tags = parseGitTags(output);
|
|
45
|
+
expect(tags).toEqual(['v16.2.0', 'v16.1.6', 'v16.1.5']);
|
|
46
|
+
});
|
|
47
|
+
it('should handle empty output', () => {
|
|
48
|
+
expect(parseGitTags('')).toEqual([]);
|
|
49
|
+
});
|
|
50
|
+
});
|
|
51
|
+
describe('checkCodeOnMain', () => {
|
|
52
|
+
it('should report exists=false when file has been deleted', () => {
|
|
53
|
+
const result = checkCodeOnMain(process.cwd(), 'nonexistent-file-that-was-deleted.ts');
|
|
54
|
+
expect(result.exists).toBe(false);
|
|
55
|
+
});
|
|
56
|
+
});
|
|
57
|
+
//# sourceMappingURL=novelty-checker.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"novelty-checker.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/novelty-checker.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,uBAAuB,EACvB,2BAA2B,EAC3B,YAAY,EACZ,eAAe,GAChB,MAAM,uBAAuB,CAAC;AAE/B,QAAQ,CAAC,yBAAyB,EAAE,GAAG,EAAE;IACvC,EAAE,CAAC,oDAAoD,EAAE,GAAG,EAAE;QAC5D,MAAM,QAAQ,GAAG,uBAAuB,CACtC,mEAAmE,CACpE,CAAC;QACF,MAAM,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;QACnC,MAAM,CAAC,QAAQ,CAAC,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC;QACrC,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,mDAAmD,EAAE,GAAG,EAAE;QAC3D,MAAM,QAAQ,GAAG,uBAAuB,CAAC,kCAAkC,CAAC,CAAC;QAC7E,MAAM,CAAC,KAAK,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,6BAA6B,EAAE,GAAG,EAAE;IAC3C,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;QAC5C,MAAM,MAAM,GAAG;YACb,yCAAyC;YACzC,+BAA+B;YAC/B,6CAA6C;SAC9C,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,MAAM,MAAM,GAAG,2BAA2B,CAAC,MAAM,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC,CAAC;QACzE,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC3C,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACzD,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC;IACtD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gDAAgD,EAAE,GAAG,EAAE;QACxD,MAAM,MAAM,GAAG;YACb,8BAA8B;YAC9B,6BAA6B;SAC9B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEb,MAAM,MAAM,GAAG,2BAA2B,CAAC,MAAM,EAAE,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC,CAAC;QAC1E,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAC5C,MAAM,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACjD,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;QACrC,MAAM,MAAM,GAAG,2BAA2B,CAAC,EAAE,EAAE,CAAC,MAAM,CAAC,CAAC,CAAC;QACzD,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAC9C,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,MAAM,GAAG,6BAA6B,CAAC;QAC7C,MAAM,IAAI,GAAG,YAAY,CAAC,MAAM,CAAC,CAAC;QAClC,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,EAAE,SAAS,EAAE,SAAS,CAAC,CAAC,CAAC;IAC1D,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;QACpC,MAAM,CAAC,YAAY,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;IAC/B,EAAE,CAAC,uDAAuD,EAAE,GAAG,EAAE;QAC/D,MAAM,MAAM,GAAG,eAAe,CAAC,OAAO,CAAC,GAAG,EAAE,EAAE,sCAAsC,CAAC,CAAC;QACtF,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACpC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,40 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
|
|
2
|
+
import { writeFile, rm, mkdir } from 'node:fs/promises';
|
|
3
|
+
import { resolve } from 'node:path';
|
|
4
|
+
import { loadPrograms, findNewRepos } from '../program-registry.js';
|
|
5
|
+
const TMP = resolve('/tmp/program-registry-test-' + Date.now());
|
|
6
|
+
beforeEach(async () => { await mkdir(TMP, { recursive: true }); });
|
|
7
|
+
afterEach(async () => { await rm(TMP, { recursive: true, force: true }); });
|
|
8
|
+
describe('loadPrograms', () => {
|
|
9
|
+
it('should load programs from registry file', async () => {
|
|
10
|
+
const registry = {
|
|
11
|
+
programs: [{
|
|
12
|
+
handle: 'cloudflare',
|
|
13
|
+
name: 'Cloudflare',
|
|
14
|
+
repos: ['https://github.com/cloudflare/workers-sdk'],
|
|
15
|
+
asset: '*.cloudflare.com',
|
|
16
|
+
}],
|
|
17
|
+
};
|
|
18
|
+
await writeFile(resolve(TMP, 'programs.json'), JSON.stringify(registry));
|
|
19
|
+
const result = await loadPrograms(resolve(TMP, 'programs.json'));
|
|
20
|
+
expect(result.programs).toHaveLength(1);
|
|
21
|
+
expect(result.programs[0].handle).toBe('cloudflare');
|
|
22
|
+
});
|
|
23
|
+
});
|
|
24
|
+
describe('findNewRepos', () => {
|
|
25
|
+
it('should identify repos not in watchlist', () => {
|
|
26
|
+
const programs = {
|
|
27
|
+
programs: [{
|
|
28
|
+
handle: 'cloudflare',
|
|
29
|
+
name: 'Cloudflare',
|
|
30
|
+
repos: ['https://github.com/cloudflare/workers-sdk', 'https://github.com/cloudflare/wrangler2'],
|
|
31
|
+
asset: '*.cloudflare.com',
|
|
32
|
+
}],
|
|
33
|
+
};
|
|
34
|
+
const existingUrls = ['https://github.com/cloudflare/workers-sdk'];
|
|
35
|
+
const newRepos = findNewRepos(programs, existingUrls);
|
|
36
|
+
expect(newRepos).toHaveLength(1);
|
|
37
|
+
expect(newRepos[0].url).toBe('https://github.com/cloudflare/wrangler2');
|
|
38
|
+
});
|
|
39
|
+
});
|
|
40
|
+
//# sourceMappingURL=program-registry.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"program-registry.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/program-registry.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EAAE,YAAY,EAAE,YAAY,EAAwB,MAAM,wBAAwB,CAAC;AAE1F,MAAM,GAAG,GAAG,OAAO,CAAC,6BAA6B,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;AAEhE,UAAU,CAAC,KAAK,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnE,SAAS,CAAC,KAAK,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAE5E,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,EAAE,CAAC,yCAAyC,EAAE,KAAK,IAAI,EAAE;QACvD,MAAM,QAAQ,GAAoB;YAChC,QAAQ,EAAE,CAAC;oBACT,MAAM,EAAE,YAAY;oBACpB,IAAI,EAAE,YAAY;oBAClB,KAAK,EAAE,CAAC,2CAA2C,CAAC;oBACpD,KAAK,EAAE,kBAAkB;iBAC1B,CAAC;SACH,CAAC;QACF,MAAM,SAAS,CAAC,OAAO,CAAC,GAAG,EAAE,eAAe,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,QAAQ,CAAC,CAAC,CAAC;QACzE,MAAM,MAAM,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,GAAG,EAAE,eAAe,CAAC,CAAC,CAAC;QACjE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACxC,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACvD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;IAC5B,EAAE,CAAC,wCAAwC,EAAE,GAAG,EAAE;QAChD,MAAM,QAAQ,GAAoB;YAChC,QAAQ,EAAE,CAAC;oBACT,MAAM,EAAE,YAAY;oBACpB,IAAI,EAAE,YAAY;oBAClB,KAAK,EAAE,CAAC,2CAA2C,EAAE,yCAAyC,CAAC;oBAC/F,KAAK,EAAE,kBAAkB;iBAC1B,CAAC;SACH,CAAC;QACF,MAAM,YAAY,GAAG,CAAC,2CAA2C,CAAC,CAAC;QACnE,MAAM,QAAQ,GAAG,YAAY,CAAC,QAAQ,EAAE,YAAY,CAAC,CAAC;QACtD,MAAM,CAAC,QAAQ,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACjC,MAAM,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IAC1E,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,23 @@
|
|
|
1
|
+
import { describe, it, expect } from 'vitest';
|
|
2
|
+
import { retryWithBackoff } from '../retry.js';
|
|
3
|
+
describe('retryWithBackoff', () => {
|
|
4
|
+
it('should return result on first success', async () => {
|
|
5
|
+
const result = await retryWithBackoff(() => Promise.resolve('ok'));
|
|
6
|
+
expect(result).toBe('ok');
|
|
7
|
+
});
|
|
8
|
+
it('should retry on failure and succeed', async () => {
|
|
9
|
+
let attempt = 0;
|
|
10
|
+
const result = await retryWithBackoff(() => {
|
|
11
|
+
attempt++;
|
|
12
|
+
if (attempt < 3)
|
|
13
|
+
throw new Error('fail');
|
|
14
|
+
return Promise.resolve('recovered');
|
|
15
|
+
}, { maxRetries: 3, baseDelayMs: 1 });
|
|
16
|
+
expect(result).toBe('recovered');
|
|
17
|
+
expect(attempt).toBe(3);
|
|
18
|
+
});
|
|
19
|
+
it('should throw after max retries', async () => {
|
|
20
|
+
await expect(retryWithBackoff(() => Promise.reject(new Error('always fails')), { maxRetries: 2, baseDelayMs: 1 })).rejects.toThrow('always fails');
|
|
21
|
+
});
|
|
22
|
+
});
|
|
23
|
+
//# sourceMappingURL=retry.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"retry.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/retry.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,aAAa,CAAC;AAE/C,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;IAChC,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,GAAG,EAAE,CAAC,OAAO,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,CAAC;QACnE,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAC5B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,qCAAqC,EAAE,KAAK,IAAI,EAAE;QACnD,IAAI,OAAO,GAAG,CAAC,CAAC;QAChB,MAAM,MAAM,GAAG,MAAM,gBAAgB,CAAC,GAAG,EAAE;YACzC,OAAO,EAAE,CAAC;YACV,IAAI,OAAO,GAAG,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,MAAM,CAAC,CAAC;YACzC,OAAO,OAAO,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC;QACtC,CAAC,EAAE,EAAE,UAAU,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAAC,CAAC;QACtC,MAAM,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC;QACjC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC1B,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,MAAM,CAAC,gBAAgB,CAC3B,GAAG,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,IAAI,KAAK,CAAC,cAAc,CAAC,CAAC,EAC/C,EAAE,UAAU,EAAE,CAAC,EAAE,WAAW,EAAE,CAAC,EAAE,CAClC,CAAC,CAAC,OAAO,CAAC,OAAO,CAAC,cAAc,CAAC,CAAC;IACrC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
export {};
|
|
@@ -0,0 +1,88 @@
|
|
|
1
|
+
import { describe, it, expect, beforeEach, afterEach } from 'vitest';
|
|
2
|
+
import { writeFile, rm, mkdir } from 'node:fs/promises';
|
|
3
|
+
import { resolve } from 'node:path';
|
|
4
|
+
import { loadWatchlist, loadScanState, saveScanState, addRepo, removeRepo, } from '../watchlist.js';
|
|
5
|
+
const TMP = resolve('/tmp/watchlist-test-' + Date.now());
|
|
6
|
+
beforeEach(async () => { await mkdir(TMP, { recursive: true }); });
|
|
7
|
+
afterEach(async () => { await rm(TMP, { recursive: true, force: true }); });
|
|
8
|
+
describe('loadWatchlist', () => {
|
|
9
|
+
it('should load repos from watchlist.json', async () => {
|
|
10
|
+
const config = {
|
|
11
|
+
repos: [{
|
|
12
|
+
url: 'https://github.com/cloudflare/workers-sdk',
|
|
13
|
+
program: 'cloudflare',
|
|
14
|
+
asset: '*.cloudflare.com',
|
|
15
|
+
source: 'seed',
|
|
16
|
+
priority: 'normal',
|
|
17
|
+
}],
|
|
18
|
+
};
|
|
19
|
+
await writeFile(resolve(TMP, 'watchlist.json'), JSON.stringify(config));
|
|
20
|
+
const result = await loadWatchlist(resolve(TMP, 'watchlist.json'));
|
|
21
|
+
expect(result.repos).toHaveLength(1);
|
|
22
|
+
expect(result.repos[0].program).toBe('cloudflare');
|
|
23
|
+
});
|
|
24
|
+
});
|
|
25
|
+
describe('ScanState', () => {
|
|
26
|
+
it('should return empty state when file does not exist', async () => {
|
|
27
|
+
const state = await loadScanState(resolve(TMP, 'scan-state.json'));
|
|
28
|
+
expect(state.repoStates).toEqual({});
|
|
29
|
+
expect(state.reportedFindings).toEqual([]);
|
|
30
|
+
});
|
|
31
|
+
it('should round-trip save and load', async () => {
|
|
32
|
+
const path = resolve(TMP, 'scan-state.json');
|
|
33
|
+
const state = {
|
|
34
|
+
repoStates: {
|
|
35
|
+
'https://github.com/cloudflare/workers-sdk': {
|
|
36
|
+
lastSha: 'abc123',
|
|
37
|
+
lastScanned: '2026-03-16T10:00:00Z',
|
|
38
|
+
},
|
|
39
|
+
},
|
|
40
|
+
reportedFindings: ['hash1', 'hash2'],
|
|
41
|
+
};
|
|
42
|
+
await saveScanState(path, state);
|
|
43
|
+
const loaded = await loadScanState(path);
|
|
44
|
+
expect(loaded.repoStates['https://github.com/cloudflare/workers-sdk'].lastSha).toBe('abc123');
|
|
45
|
+
expect(loaded.reportedFindings).toEqual(['hash1', 'hash2']);
|
|
46
|
+
});
|
|
47
|
+
});
|
|
48
|
+
describe('addRepo', () => {
|
|
49
|
+
it('should add a repo to the watchlist', async () => {
|
|
50
|
+
const configPath = resolve(TMP, 'watchlist.json');
|
|
51
|
+
await writeFile(configPath, JSON.stringify({ repos: [] }));
|
|
52
|
+
await addRepo(configPath, {
|
|
53
|
+
url: 'https://github.com/vercel/next.js',
|
|
54
|
+
program: 'vercel',
|
|
55
|
+
asset: '*.vercel.com',
|
|
56
|
+
source: 'seed',
|
|
57
|
+
priority: 'normal',
|
|
58
|
+
});
|
|
59
|
+
const loaded = await loadWatchlist(configPath);
|
|
60
|
+
expect(loaded.repos).toHaveLength(1);
|
|
61
|
+
});
|
|
62
|
+
it('should not add duplicate repos', async () => {
|
|
63
|
+
const configPath = resolve(TMP, 'watchlist.json');
|
|
64
|
+
const repo = {
|
|
65
|
+
url: 'https://github.com/vercel/next.js',
|
|
66
|
+
program: 'vercel',
|
|
67
|
+
asset: '*.vercel.com',
|
|
68
|
+
source: 'seed',
|
|
69
|
+
priority: 'normal',
|
|
70
|
+
};
|
|
71
|
+
await writeFile(configPath, JSON.stringify({ repos: [repo] }));
|
|
72
|
+
await addRepo(configPath, repo);
|
|
73
|
+
const loaded = await loadWatchlist(configPath);
|
|
74
|
+
expect(loaded.repos).toHaveLength(1);
|
|
75
|
+
});
|
|
76
|
+
});
|
|
77
|
+
describe('removeRepo', () => {
|
|
78
|
+
it('should remove a repo by URL', async () => {
|
|
79
|
+
const configPath = resolve(TMP, 'watchlist.json');
|
|
80
|
+
await writeFile(configPath, JSON.stringify({
|
|
81
|
+
repos: [{ url: 'https://github.com/vercel/next.js', program: 'vercel', asset: '*.vercel.com', source: 'seed', priority: 'normal' }],
|
|
82
|
+
}));
|
|
83
|
+
await removeRepo(configPath, 'https://github.com/vercel/next.js');
|
|
84
|
+
const loaded = await loadWatchlist(configPath);
|
|
85
|
+
expect(loaded.repos).toHaveLength(0);
|
|
86
|
+
});
|
|
87
|
+
});
|
|
88
|
+
//# sourceMappingURL=watchlist.test.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"watchlist.test.js","sourceRoot":"","sources":["../../../src/lib/__tests__/watchlist.test.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,MAAM,QAAQ,CAAC;AACrE,OAAO,EAAE,SAAS,EAAE,EAAE,EAAE,KAAK,EAAE,MAAM,kBAAkB,CAAC;AACxD,OAAO,EAAE,OAAO,EAAE,MAAM,WAAW,CAAC;AACpC,OAAO,EACL,aAAa,EACb,aAAa,EACb,aAAa,EACb,OAAO,EACP,UAAU,GAGX,MAAM,iBAAiB,CAAC;AAEzB,MAAM,GAAG,GAAG,OAAO,CAAC,sBAAsB,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC;AAEzD,UAAU,CAAC,KAAK,IAAI,EAAE,GAAG,MAAM,KAAK,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AACnE,SAAS,CAAC,KAAK,IAAI,EAAE,GAAG,MAAM,EAAE,CAAC,GAAG,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;AAE5E,QAAQ,CAAC,eAAe,EAAE,GAAG,EAAE;IAC7B,EAAE,CAAC,uCAAuC,EAAE,KAAK,IAAI,EAAE;QACrD,MAAM,MAAM,GAAoB;YAC9B,KAAK,EAAE,CAAC;oBACN,GAAG,EAAE,2CAA2C;oBAChD,OAAO,EAAE,YAAY;oBACrB,KAAK,EAAE,kBAAkB;oBACzB,MAAM,EAAE,MAAM;oBACd,QAAQ,EAAE,QAAQ;iBACnB,CAAC;SACH,CAAC;QACF,MAAM,SAAS,CAAC,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,EAAE,IAAI,CAAC,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC;QACxE,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC,CAAC;QACnE,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACrC,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,CAAC;IACrD,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,WAAW,EAAE,GAAG,EAAE;IACzB,EAAE,CAAC,oDAAoD,EAAE,KAAK,IAAI,EAAE;QAClE,MAAM,KAAK,GAAG,MAAM,aAAa,CAAC,OAAO,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC,CAAC;QACnE,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QACrC,MAAM,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;IAC7C,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,iCAAiC,EAAE,KAAK,IAAI,EAAE;QAC/C,MAAM,IAAI,GAAG,OAAO,CAAC,GAAG,EAAE,iBAAiB,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAc;YACvB,UAAU,EAAE;gBACV,2CAA2C,EAAE;oBAC3C,OAAO,EAAE,QAAQ;oBACjB,WAAW,EAAE,sBAAsB;iBACpC;aACF;YACD,gBAAgB,EAAE,CAAC,OAAO,EAAE,OAAO,CAAC;SACrC,CAAC;QACF,MAAM,aAAa,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;QACjC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,CAAC;QACzC,MAAM,CAAC,MAAM,CAAC,UAAU,CAAC,2CAA2C,CAAC,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,CAAC;QAC9F,MAAM,CAAC,MAAM,CAAC,gBAAgB,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC,CAAC;IAC9D,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,SAAS,EAAE,GAAG,EAAE;IACvB,EAAE,CAAC,oCAAoC,EAAE,KAAK,IAAI,EAAE;QAClD,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAClD,MAAM,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC;QAC3D,MAAM,OAAO,CAAC,UAAU,EAAE;YACxB,GAAG,EAAE,mCAAmC;YACxC,OAAO,EAAE,QAAQ;YACjB,KAAK,EAAE,cAAc;YACrB,MAAM,EAAE,MAAM;YACd,QAAQ,EAAE,QAAQ;SACnB,CAAC,CAAC;QACH,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;IAEH,EAAE,CAAC,gCAAgC,EAAE,KAAK,IAAI,EAAE;QAC9C,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAClD,MAAM,IAAI,GAAG;YACX,GAAG,EAAE,mCAAmC;YACxC,OAAO,EAAE,QAAQ;YACjB,KAAK,EAAE,cAAc;YACrB,MAAM,EAAE,MAAe;YACvB,QAAQ,EAAE,QAAiB;SAC5B,CAAC;QACF,MAAM,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC,EAAE,KAAK,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,CAAC;QAC/D,MAAM,OAAO,CAAC,UAAU,EAAE,IAAI,CAAC,CAAC;QAChC,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC;AAEH,QAAQ,CAAC,YAAY,EAAE,GAAG,EAAE;IAC1B,EAAE,CAAC,6BAA6B,EAAE,KAAK,IAAI,EAAE;QAC3C,MAAM,UAAU,GAAG,OAAO,CAAC,GAAG,EAAE,gBAAgB,CAAC,CAAC;QAClD,MAAM,SAAS,CAAC,UAAU,EAAE,IAAI,CAAC,SAAS,CAAC;YACzC,KAAK,EAAE,CAAC,EAAE,GAAG,EAAE,mCAAmC,EAAE,OAAO,EAAE,QAAQ,EAAE,KAAK,EAAE,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,QAAQ,EAAE,QAAQ,EAAE,CAAC;SACpI,CAAC,CAAC,CAAC;QACJ,MAAM,UAAU,CAAC,UAAU,EAAE,mCAAmC,CAAC,CAAC;QAClE,MAAM,MAAM,GAAG,MAAM,aAAa,CAAC,UAAU,CAAC,CAAC;QAC/C,MAAM,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;IACvC,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
export interface ScanFinding {
|
|
2
|
+
file: string;
|
|
3
|
+
claimId: string;
|
|
4
|
+
claim: string;
|
|
5
|
+
verdict: string;
|
|
6
|
+
severity: string;
|
|
7
|
+
reasoning: string;
|
|
8
|
+
evidence: string;
|
|
9
|
+
}
|
|
10
|
+
export interface ChainPattern {
|
|
11
|
+
id: string;
|
|
12
|
+
halfA: RegExp[];
|
|
13
|
+
halfB: RegExp[];
|
|
14
|
+
impact: string;
|
|
15
|
+
upgradedSeverity: string;
|
|
16
|
+
}
|
|
17
|
+
export interface DetectedChain {
|
|
18
|
+
chainId: string;
|
|
19
|
+
findingA: ScanFinding;
|
|
20
|
+
findingB: ScanFinding;
|
|
21
|
+
impact: string;
|
|
22
|
+
upgradedSeverity: string;
|
|
23
|
+
}
|
|
24
|
+
export declare const CHAIN_PATTERNS: ChainPattern[];
|
|
25
|
+
export declare function detectChains(findings: ScanFinding[]): DetectedChain[];
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
export const CHAIN_PATTERNS = [
|
|
2
|
+
{
|
|
3
|
+
id: 'CHAIN-001',
|
|
4
|
+
halfA: [/ssrf/i, /fetch.*target/i, /server.?side.*request/i],
|
|
5
|
+
halfB: [/cors.*origin/i, /access.control.allow.origin/i, /cors.*reflect/i],
|
|
6
|
+
impact: 'Cross-origin exfiltration of internal services',
|
|
7
|
+
upgradedSeverity: 'critical',
|
|
8
|
+
},
|
|
9
|
+
{
|
|
10
|
+
id: 'CHAIN-002',
|
|
11
|
+
halfA: [/open.*redirect/i, /redirect.*unvalidat/i, /location.*header.*unvalidat/i],
|
|
12
|
+
halfB: [/oauth.*callback/i, /oauth.*redirect/i, /authorization.*code/i],
|
|
13
|
+
impact: 'Token theft via redirect manipulation',
|
|
14
|
+
upgradedSeverity: 'critical',
|
|
15
|
+
},
|
|
16
|
+
{
|
|
17
|
+
id: 'CHAIN-003',
|
|
18
|
+
halfA: [/csrf.*miss/i, /csrf.*bypass/i, /no.*csrf/i],
|
|
19
|
+
halfB: [/state.?chang/i, /mutati/i, /delete|update|create/i],
|
|
20
|
+
impact: 'Unauthorized actions via victim session',
|
|
21
|
+
upgradedSeverity: 'high',
|
|
22
|
+
},
|
|
23
|
+
{
|
|
24
|
+
id: 'CHAIN-004',
|
|
25
|
+
halfA: [/auth.*bypass/i, /authenticat.*miss/i, /authenticat.*skip/i],
|
|
26
|
+
halfB: [/admin/i, /privilege/i, /role.*check/i],
|
|
27
|
+
impact: 'Privilege escalation',
|
|
28
|
+
upgradedSeverity: 'critical',
|
|
29
|
+
},
|
|
30
|
+
{
|
|
31
|
+
id: 'CHAIN-005',
|
|
32
|
+
halfA: [/race.*condition/i, /toctou/i, /concurren/i],
|
|
33
|
+
halfB: [/balance/i, /counter/i, /credit/i, /quantity/i],
|
|
34
|
+
impact: 'Double-spend or resource exhaustion',
|
|
35
|
+
upgradedSeverity: 'high',
|
|
36
|
+
},
|
|
37
|
+
{
|
|
38
|
+
id: 'CHAIN-006',
|
|
39
|
+
halfA: [/path.*traversal/i, /directory.*traversal/i, /\.\.\//i],
|
|
40
|
+
halfB: [/file.*read/i, /file.*include/i, /require.*unvalidat/i],
|
|
41
|
+
impact: 'Arbitrary file disclosure or RCE',
|
|
42
|
+
upgradedSeverity: 'critical',
|
|
43
|
+
},
|
|
44
|
+
{
|
|
45
|
+
id: 'CHAIN-007',
|
|
46
|
+
halfA: [/xss/i, /cross.?site.*script/i, /script.*inject/i],
|
|
47
|
+
halfB: [/csp.*nonce/i, /csp.*weak/i, /unsafe.?inline/i, /content.?security.?policy/i],
|
|
48
|
+
impact: 'CSP bypass leading to full script execution',
|
|
49
|
+
upgradedSeverity: 'critical',
|
|
50
|
+
},
|
|
51
|
+
];
|
|
52
|
+
function matchesHalf(finding, patterns) {
|
|
53
|
+
const text = `${finding.claim} ${finding.reasoning}`;
|
|
54
|
+
return patterns.some(p => p.test(text));
|
|
55
|
+
}
|
|
56
|
+
export function detectChains(findings) {
|
|
57
|
+
const failFindings = findings.filter(f => f.verdict === 'FAIL');
|
|
58
|
+
const chains = [];
|
|
59
|
+
const used = new Set();
|
|
60
|
+
for (const pattern of CHAIN_PATTERNS) {
|
|
61
|
+
for (const a of failFindings) {
|
|
62
|
+
if (used.has(a.claimId))
|
|
63
|
+
continue;
|
|
64
|
+
if (!matchesHalf(a, pattern.halfA))
|
|
65
|
+
continue;
|
|
66
|
+
for (const b of failFindings) {
|
|
67
|
+
if (a === b || used.has(b.claimId))
|
|
68
|
+
continue;
|
|
69
|
+
if (!matchesHalf(b, pattern.halfB))
|
|
70
|
+
continue;
|
|
71
|
+
chains.push({
|
|
72
|
+
chainId: pattern.id,
|
|
73
|
+
findingA: a,
|
|
74
|
+
findingB: b,
|
|
75
|
+
impact: pattern.impact,
|
|
76
|
+
upgradedSeverity: pattern.upgradedSeverity,
|
|
77
|
+
});
|
|
78
|
+
used.add(a.claimId);
|
|
79
|
+
used.add(b.claimId);
|
|
80
|
+
break;
|
|
81
|
+
}
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
const byFile = new Map();
|
|
85
|
+
for (const f of failFindings) {
|
|
86
|
+
if (used.has(f.claimId))
|
|
87
|
+
continue;
|
|
88
|
+
const existing = byFile.get(f.file) ?? [];
|
|
89
|
+
existing.push(f);
|
|
90
|
+
byFile.set(f.file, existing);
|
|
91
|
+
}
|
|
92
|
+
for (const [, fileFails] of byFile) {
|
|
93
|
+
if (fileFails.length >= 2) {
|
|
94
|
+
chains.push({
|
|
95
|
+
chainId: 'SAME-FILE',
|
|
96
|
+
findingA: fileFails[0],
|
|
97
|
+
findingB: fileFails[1],
|
|
98
|
+
impact: 'Multiple vulnerabilities in same module may compose',
|
|
99
|
+
upgradedSeverity: 'high',
|
|
100
|
+
});
|
|
101
|
+
}
|
|
102
|
+
}
|
|
103
|
+
return chains;
|
|
104
|
+
}
|
|
105
|
+
//# sourceMappingURL=chain-analyzer.js.map
|