vaspera 2.14.0 → 2.16.0

package/dist/eval/fixtures.js

@@ -21,31 +21,33 @@ export const sqlInjectionFixtures = [
                 path: "db.ts",
                 language: "typescript",
                 content: `import { Pool } from 'pg';
+import express from 'express';
 
 const pool = new Pool();
+const app = express();
 
-// VULNERABLE: SQL injection via string concatenation
-export async function getUserByName(name: string) {
+// VULNERABLE: request input concatenated into a SQL query
+app.get('/users', (req, res) => {
+  const name = req.query.name;
   const query = "SELECT * FROM users WHERE name = '" + name + "'";
-  return pool.query(query);
-}
+  pool.query(query).then((r) => res.json(r.rows));
+});
 
-// SAFE: Parameterized query
-export async function getUserById(id: number) {
-  const query = "SELECT * FROM users WHERE id = $1";
-  return pool.query(query, [id]);
-}
+// SAFE: parameterized query
+app.get('/user', (req, res) => {
+  pool.query("SELECT * FROM users WHERE id = $1", [req.query.id]);
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "db.ts",
-                line: 7,
+                line: 12,
                 severity: "critical",
                 category: "sql-injection",
                 cweId: "CWE-89",
-                description: "SQL injection via string concatenation",
+                description: "SQL injection via string concatenation of request input",
                 isVulnerable: true,
             },
         ],
@@ -62,25 +64,29 @@ export async function getUserById(id: number) {
                 path: "search.ts",
                 language: "typescript",
                 content: `import { db } from './connection';
+import express from 'express';
+
+const app = express();
 
-// VULNERABLE: Template literal injection
-export async function searchProducts(term: string) {
+// VULNERABLE: template-literal injection from request input
+app.get('/search', (req, res) => {
+  const term = req.query.term;
   const sql = \`SELECT * FROM products WHERE name LIKE '%\${term}%'\`;
-  return db.query(sql);
-}
+  db.query(sql).then((r) => res.json(r));
+});
 
-// VULNERABLE: Dynamic ORDER BY
-export async function listUsers(sortBy: string) {
-  const sql = \`SELECT * FROM users ORDER BY \${sortBy}\`;
-  return db.query(sql);
-}
+// VULNERABLE: dynamic ORDER BY from request input
+app.get('/list', (req, res) => {
+  const sql = \`SELECT * FROM users ORDER BY \${req.query.sortBy}\`;
+  db.query(sql);
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "search.ts",
-                line: 5,
+                line: 9,
                 severity: "critical",
                 category: "sql-injection",
                 cweId: "CWE-89",
@@ -89,7 +95,7 @@ export async function listUsers(sortBy: string) {
             },
             {
                 file: "search.ts",
-                line: 11,
+                line: 15,
                 severity: "high",
                 category: "sql-injection",
                 cweId: "CWE-89",
@@ -165,46 +171,66 @@ export function SafeProfile({ bio }: Props) {
             {
                 path: "comment.ts",
                 language: "typescript",
-                content: `// VULNERABLE: innerHTML with user input
-export function renderComment(userComment: string) {
-  const container = document.getElementById('comments');
-  if (container) {
-    container.innerHTML = userComment;
-  }
-}
+                content: `import express from 'express';
 
-// VULNERABLE: document.write
-export function writeMessage(message: string) {
-  document.write('<div>' + message + '</div>');
-}
+const app = express();
 
-// SAFE: textContent
-export function renderSafeComment(userComment: string) {
-  const container = document.getElementById('comments');
-  if (container) {
-    container.textContent = userComment;
-  }
-}
+// VULNERABLE: Reflected XSS via res.send with unescaped req.query
+app.get('/comment', (req, res) => {
+  const userComment = req.query.text;
+  res.send('<div>' + userComment + '</div>');
+});
+
+// VULNERABLE: Reflected XSS via res.write with unescaped req.query
+app.get('/message', (req, res) => {
+  const message = req.query.msg;
+  res.write('<div>' + message + '</div>');
+  res.end();
+});
+
+// SAFE: JSON response, not HTML
+app.get('/safe-comment', (req, res) => {
+  const userComment = req.query.text;
+  res.json({ comment: userComment });
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "comment.ts",
-                line: 5,
+                line: 8,
                 severity: "high",
                 category: "xss",
                 cweId: "CWE-79",
-                description: "XSS via innerHTML",
+                description: "Reflected XSS via res.send with unescaped request input",
                 isVulnerable: true,
             },
             {
                 file: "comment.ts",
-                line: 11,
+                line: 8,
+                severity: "high",
+                category: "xss",
+                cweId: "CWE-79",
+                description: "Reflected XSS: unsanitized request input written to HTTP response",
+                isVulnerable: true,
+            },
+            {
+                file: "comment.ts",
+                line: 14,
+                severity: "high",
+                category: "xss",
+                cweId: "CWE-79",
+                description: "Reflected XSS via res.write with unescaped request input",
+                isVulnerable: true,
+            },
+            {
+                file: "comment.ts",
+                line: 14,
                 severity: "high",
                 category: "xss",
                 cweId: "CWE-79",
-                description: "XSS via document.write",
+                description: "Reflected XSS: unsanitized request input streamed to HTTP response",
                 isVulnerable: true,
             },
         ],
@@ -477,46 +503,49 @@ export const pathTraversalFixtures = [
                 path: "files.ts",
                 language: "typescript",
                 content: `import { readFile } from 'fs/promises';
+import { createReadStream } from 'fs';
 import { join } from 'path';
+import express from 'express';
+
+const app = express();
 
 // VULNERABLE: Direct user input in path
-export async function getFile(filename: string) {
-  const content = await readFile(filename, 'utf-8');
-  return content;
-}
+app.get('/file', (req, res) => {
+  const filename = req.query.name as string;
+  readFile(filename, 'utf-8').then((content) => res.send(content));
+});
 
-// VULNERABLE: Path traversal possible
-export async function getDocument(docName: string) {
-  const path = './documents/' + docName;
-  return readFile(path, 'utf-8');
-}
+// VULNERABLE: Path traversal via join with user input
+app.get('/document', (req, res) => {
+  const docName = req.query.doc as string;
+  const filePath = join('./documents', docName);
+  createReadStream(filePath).pipe(res);
+});
 
-// SAFE: Basename extraction and validation
-export async function getFileSecure(filename: string) {
-  const basename = require('path').basename(filename);
-  const safePath = join('./uploads', basename);
-  return readFile(safePath, 'utf-8');
-}
+// SAFE: Fixed allowlist of known files, no user input in path
+const ALLOWED_FILES: Record<string, string> = {
+  readme: './uploads/readme.txt',
+  license: './uploads/license.txt',
+};
+app.get('/upload', (req, res) => {
+  const key = req.query.name as string;
+  const safePath = ALLOWED_FILES[key];
+  if (!safePath) {
+    return res.status(404).send('Not found');
+  }
+  readFile(safePath, 'utf-8').then((content) => res.send(content));
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "files.ts",
-                line: 6,
-                severity: "high",
-                category: "path-traversal",
-                cweId: "CWE-22",
-                description: "Path traversal via direct user input",
-                isVulnerable: true,
-            },
-            {
-                file: "files.ts",
-                line: 12,
+                line: 17,
                 severity: "high",
                 category: "path-traversal",
                 cweId: "CWE-22",
-                description: "Path traversal via string concatenation",
+                description: "Path traversal via path.join with unvalidated request input",
                 isVulnerable: true,
             },
         ],
@@ -537,25 +566,28 @@ export const commandInjectionFixtures = [
             {
                 path: "utils/git.ts",
                 language: "typescript",
-                content: `import { exec } from 'child_process';
+                content: `import { exec, spawn } from 'child_process';
+import express from 'express';
 
-// VULNERABLE: User input directly in exec
-export function cloneRepo(repoUrl: string) {
-  exec(\`git clone \${repoUrl}\`);
-}
+const app = express();
 
-// SAFE: Array-based spawn
-import { spawn } from 'child_process';
-export function cloneRepoSafe(repoUrl: string) {
-  spawn('git', ['clone', repoUrl]);
-}
+// VULNERABLE: request input concatenated into a shell command
+app.get('/clone', (req, res) => {
+  const repoUrl = req.query.repo;
+  exec(\`git clone \${repoUrl}\`, (err) => res.sendStatus(err ? 500 : 200));
+});
+
+// SAFE: array-based spawn, no shell interpolation
+app.get('/clone-safe', (req, res) => {
+  spawn('git', ['clone', String(req.query.repo)]);
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "utils/git.ts",
-                line: 5,
+                line: 8,
                 severity: "critical",
                 category: "command-injection",
                 cweId: "CWE-78",
@@ -567,36 +599,40 @@ export function cloneRepoSafe(repoUrl: string) {
     },
     {
         id: "cmd-002",
-        name: "spawn with shell:true",
-        description: "Command injection via spawn with shell option enabled",
+        name: "exec with request input",
+        description: "Command injection via child_process.exec with request input",
         category: "command-injection",
         source: "custom",
         files: [
             {
                 path: "services/deploy.ts",
                 language: "typescript",
-                content: `import { spawn } from 'child_process';
+                content: `import { exec } from 'child_process';
+import express from 'express';
 
-// VULNERABLE: shell: true with user input
-export function runScript(scriptName: string) {
-  spawn(\`./scripts/\${scriptName}.sh\`, { shell: true });
-}
+const app = express();
 
-// SAFE: No shell option
-export function runScriptSafe(scriptName: string) {
-  spawn('./scripts/run.sh', [scriptName]);
-}
+// VULNERABLE: request input flows into exec
+app.post('/run', (req, res) => {
+  const scriptName = req.body.script;
+  exec('./scripts/' + scriptName + '.sh', (err) => res.sendStatus(err ? 500 : 200));
+});
+
+// SAFE: fixed command
+app.post('/run-safe', (_req, res) => {
+  exec('./scripts/run.sh', () => res.sendStatus(200));
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "services/deploy.ts",
-                line: 5,
+                line: 9,
                 severity: "critical",
                 category: "command-injection",
                 cweId: "CWE-78",
-                description: "shell: true enables command injection",
+                description: "Command injection via request input in exec",
                 isVulnerable: true,
             },
         ],
@@ -617,28 +653,32 @@ export const ssrfFixtures = [
             {
                 path: "api/proxy.ts",
                 language: "typescript",
-                content: `// VULNERABLE: Direct user URL in fetch
-export async function proxyRequest(url: string) {
-  const response = await fetch(url);
-  return response.json();
-}
+                content: `import express from 'express';
+
+const app = express();
+
+// VULNERABLE: request-controlled URL passed straight to fetch
+app.get('/proxy', async (req, res) => {
+  const response = await fetch(req.query.url);
+  res.json(await response.json());
+});
 
 // SAFE: URL allowlist
 const ALLOWED_HOSTS = ['api.example.com', 'cdn.example.com'];
-export async function proxyRequestSafe(url: string) {
-  const parsed = new URL(url);
+app.get('/proxy-safe', async (req, res) => {
+  const parsed = new URL(String(req.query.url));
   if (!ALLOWED_HOSTS.includes(parsed.host)) {
-    throw new Error('Host not allowed');
+    return res.status(400).end();
   }
-  return fetch(url);
-}
+  res.json(await (await fetch('https://api.example.com')).json());
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "api/proxy.ts",
-                line: 3,
+                line: 7,
                 severity: "high",
                 category: "ssrf",
                 cweId: "CWE-918",
@@ -659,30 +699,32 @@ export async function proxyRequestSafe(url: string) {
                 path: "services/webhook.ts",
                 language: "typescript",
                 content: `import axios from 'axios';
+import express from 'express';
 
-// VULNERABLE: Following redirects to internal networks
-export async function callWebhook(webhookUrl: string, payload: object) {
-  const response = await axios.post(webhookUrl, payload, {
-    maxRedirects: 5, // Can redirect to internal networks
-  });
-  return response.data;
-}
+const app = express();
 
-// SAFE: Validate URL and disable redirects
-export async function callWebhookSafe(webhookUrl: string, payload: object) {
-  const url = new URL(webhookUrl);
+// VULNERABLE: request-controlled webhook URL
+app.post('/webhook', async (req, res) => {
+  const webhookUrl = req.body.url;
+  const response = await axios.post(webhookUrl, req.body.payload);
+  res.json(response.data);
+});
+
+// SAFE: validate URL against internal ranges first
+app.post('/webhook-safe', async (req, res) => {
+  const url = new URL(String(req.body.url));
   if (url.hostname === 'localhost' || url.hostname.startsWith('192.168.')) {
-    throw new Error('Internal URLs not allowed');
+    return res.status(400).end();
   }
-  return axios.post(webhookUrl, payload, { maxRedirects: 0 });
-}
+  res.json((await axios.post('https://hooks.example.com', req.body.payload)).data);
+});
 `,
             },
         ],
         expectedFindings: [
             {
                 file: "services/webhook.ts",
-                line: 5,
+                line: 9,
                 severity: "high",
                 category: "ssrf",
                 cweId: "CWE-918",

package/dist/eval/fixtures.js.map

@@ -1 +1 @@
-{"version":3,"file":"fixtures.js","sourceRoot":"","sources":["../../src/eval/fixtures.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAkB;IACjD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,oCAAoC;QAC1C,WAAW,EAAE,gDAAgD;QAC7D,QAAQ,EAAE,eAAe;QACzB,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;CAehB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,wCAAwC;gBACrD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;KACpC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,eAAe;QACzB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;CAahB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,oCAAoC;gBACjD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,kCAAkC;gBAC/C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,kBAAkB,CAAC;KACxC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAkB;IACxC;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,+BAA+B;QACrC,WAAW,EAAE,iDAAiD;QAC9D,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;CAyBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,iCAAiC;gBAC9C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC;KACvC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;CAoBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,mBAAmB;gBAChC,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,wBAAwB;gBACrC,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,SAAS,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAkB;IAC5C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,SAAS;QACnB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;CAYhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,0BAA0B;gBACvC,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,6BAA6B;gBAC1C,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,wBAAwB;gBACrC,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;KACjC;IACD;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,SAAS;QACnB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;CAOhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,uBAAuB;gBACpC,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,sBAAsB;gBACnC,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;KACjC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAkB;IAC/C;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,sCAAsC;QACnD,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,yCAAyC;gBACtD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,8BAA8B;gBAC3C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,YAAY,EAAE,aAAa,CAAC;KACpC;IACD;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;CAUhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,mCAAmC;gBAChD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,yCAAyC;gBACtD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,YAAY,EAAE,cAAc,CAAC;KACrC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,aAAa;gBACvB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,qDAAqD;gBAClE,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,MAAM,EAAE,gBAAgB,CAAC;KACjC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAkB;IAClD;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,6BAA6B;QACnC,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,gBAAgB;QAC1B,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;CAqBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,sCAAsC;gBACnD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,yCAAyC;gBACtD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,gBAAgB,CAAC;KACzC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAkB;IACrD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,oEAAoE;QACjF,QAAQ,EAAE,mBAAmB;QAC7B,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;CAYhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,gDAAgD;gBAC7D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,EAAE,eAAe,CAAC;KACrD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uBAAuB;QAC7B,WAAW,EAAE,uDAAuD;QACpE,QAAQ,EAAE,mBAAmB;QAC7B,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;CAWhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,uCAAuC;gBACpD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,OAAO,CAAC;KAC7B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;CAehB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,uCAAuC;gBACpD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,SAAS,CAAC;KAC1C;IACD;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,qCAAqC;QAC3C,WAAW,EAAE,6DAA6D;QAC1E,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,qBAAqB;gBAC3B,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,qBAAqB;gBAC3B,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,kCAAkC;gBAC/C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;KAC3B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAkB;IACxC;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iDAAiD;QACvD,WAAW,EAAE,2CAA2C;QACxD,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,qCAAqC;gBAClD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,KAAK,EAAE,KAAK,CAAC;KACrC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAkB;IAC5D;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,mCAAmC;QAChD,QAAQ,EAAE,0BAA0B;QACpC,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;CAchB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,iCAAiC;gBAC9C,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,iDAAiD;gBAC9D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,iBAAiB,EAAE,MAAM,CAAC;KAClC;IACD;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,0DAA0D;QACvE,QAAQ,EAAE,0BAA0B;QACpC,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;CAchB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,8CAA8C;gBAC3D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,iBAAiB,EAAE,MAAM,CAAC;KAClC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAkB;IAC9C;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uCAAuC;QAC7C,WAAW,EAAE,iDAAiD;QAC9D,QAAQ,EAAE,YAAY;QACtB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;CAmBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,qDAAqD;gBAClE,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,6CAA6C;gBAC1D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,gBAAgB,EAAE,MAAM,EAAE,eAAe,CAAC;KAClD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sCAAsC;QAC5C,WAAW,EAAE,8CAA8C;QAC3D,QAAQ,EAAE,YAAY;QACtB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2BhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,8CAA8C;gBAC3D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,UAAU,EAAE,KAAK,EAAE,eAAe,CAAC;KAC3C;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC,GAAG,oBAAoB;IACvB,GAAG,WAAW;IACd,GAAG,eAAe;IAClB,GAAG,kBAAkB;IACrB,GAAG,YAAY;IACf,GAAG,qBAAqB;IACxB,GAAG,wBAAwB;IAC3B,GAAG,YAAY;IACf,GAAG,WAAW;IACd,GAAG,+BAA+B;IAClC,GAAG,iBAAiB;CACrB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,EAAU;IACvC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAK7B,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,IAAI,aAAa,GAAG,CAAC,CAAC;IAEtB,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvE,aAAa,IAAI,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC;IACnD,CAAC;IAED,OAAO;QACL,KAAK,EAAE,YAAY,CAAC,MAAM;QAC1B,UAAU;QACV,aAAa;KACd,CAAC;AACJ,CAAC"}
+{"version":3,"file":"fixtures.js","sourceRoot":"","sources":["../../src/eval/fixtures.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAIH;;GAEG;AACH,MAAM,CAAC,MAAM,oBAAoB,GAAkB;IACjD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,oCAAoC;QAC1C,WAAW,EAAE,gDAAgD;QAC7D,QAAQ,EAAE,eAAe;QACzB,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,OAAO;gBACb,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;CAiBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,OAAO;gBACb,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,yDAAyD;gBACtE,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,CAAC;KACpC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,eAAe;QACzB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;CAiBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,oCAAoC;gBACjD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,eAAe;gBACzB,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,kCAAkC;gBAC/C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,kBAAkB,CAAC;KACxC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAkB;IACxC;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,+BAA+B;QACrC,WAAW,EAAE,iDAAiD;QAC9D,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;CAyBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,iCAAiC;gBAC9C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,OAAO,EAAE,KAAK,CAAC;KACvC;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,8BAA8B;QAC3C,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,YAAY;gBAClB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;CAsBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,yDAAyD;gBACtE,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,mEAAmE;gBAChF,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,0DAA0D;gBACvE,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,YAAY;gBAClB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,oEAAoE;gBACjF,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,SAAS,CAAC;KAClB;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,eAAe,GAAkB;IAC5C;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,wCAAwC;QACrD,QAAQ,EAAE,SAAS;QACnB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;CAYhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,0BAA0B;gBACvC,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,6BAA6B;gBAC1C,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,wBAAwB;gBACrC,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;KACjC;IACD;QACE,EAAE,EAAE,aAAa;QACjB,IAAI,EAAE,cAAc;QACpB,WAAW,EAAE,wBAAwB;QACrC,QAAQ,EAAE,SAAS;QACnB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,SAAS;gBACf,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;CAOhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,uBAAuB;gBACpC,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,SAAS;gBACf,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,SAAS;gBACnB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,sBAAsB;gBACnC,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,SAAS,EAAE,aAAa,CAAC;KACjC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAkB;IAC/C;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,oBAAoB;QAC1B,WAAW,EAAE,sCAAsC;QACnD,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,yCAAyC;gBACtD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,aAAa;gBACnB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,QAAQ;gBAClB,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,8BAA8B;gBAC3C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,YAAY,EAAE,aAAa,CAAC;KACpC;IACD;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,WAAW;gBACjB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;CAUhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,mCAAmC;gBAChD,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,WAAW;gBACjB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,KAAK;gBACf,QAAQ,EAAE,aAAa;gBACvB,WAAW,EAAE,yCAAyC;gBACtD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,YAAY,EAAE,cAAc,CAAC;KACrC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,8BAA8B;QACpC,WAAW,EAAE,qCAAqC;QAClD,QAAQ,EAAE,aAAa;QACvB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,aAAa;gBACvB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,qDAAqD;gBAClE,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,MAAM,EAAE,gBAAgB,CAAC;KACjC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAkB;IAClD;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,6BAA6B;QACnC,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,gBAAgB;QAC1B,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAiChB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,UAAU;gBAChB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,gBAAgB;gBAC1B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,6DAA6D;gBAC1E,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,gBAAgB,CAAC;KACzC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,wBAAwB,GAAkB;IACrD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sBAAsB;QAC5B,WAAW,EAAE,oEAAoE;QACjF,QAAQ,EAAE,mBAAmB;QAC7B,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;CAehB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,gDAAgD;gBAC7D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,WAAW,EAAE,eAAe,CAAC;KACrD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,6DAA6D;QAC1E,QAAQ,EAAE,mBAAmB;QAC7B,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,oBAAoB;gBAC1B,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;CAehB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,oBAAoB;gBAC1B,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,mBAAmB;gBAC7B,KAAK,EAAE,QAAQ;gBACf,WAAW,EAAE,6CAA6C;gBAC1D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,WAAW,EAAE,OAAO,CAAC;KAC7B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,gCAAgC;QACtC,WAAW,EAAE,uCAAuC;QACpD,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;CAmBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,uCAAuC;gBACpD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,MAAM,EAAE,SAAS,CAAC;KAC1C;IACD;QACE,EAAE,EAAE,UAAU;QACd,IAAI,EAAE,qCAAqC;QAC3C,WAAW,EAAE,6DAA6D;QAC1E,QAAQ,EAAE,MAAM;QAChB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,qBAAqB;gBAC3B,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;CAoBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,qBAAqB;gBAC3B,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,MAAM;gBAChB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,kCAAkC;gBAC/C,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,MAAM,EAAE,UAAU,CAAC;KAC3B;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,WAAW,GAAkB;IACxC;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,iDAAiD;QACvD,WAAW,EAAE,2CAA2C;QACxD,QAAQ,EAAE,KAAK;QACf,MAAM,EAAE,OAAO;QACf,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,cAAc;gBACpB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;CAkBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,KAAK;gBACf,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,qCAAqC;gBAClD,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,cAAc,EAAE,KAAK,EAAE,KAAK,CAAC;KACrC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,+BAA+B,GAAkB;IAC5D;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,yBAAyB;QAC/B,WAAW,EAAE,mCAAmC;QAChD,QAAQ,EAAE,0BAA0B;QACpC,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,gBAAgB;gBACtB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;CAchB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,iCAAiC;gBAC9C,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,UAAU;gBACpB,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,iDAAiD;gBAC9D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,iBAAiB,EAAE,MAAM,CAAC;KAClC;IACD;QACE,EAAE,EAAE,WAAW;QACf,IAAI,EAAE,kBAAkB;QACxB,WAAW,EAAE,0DAA0D;QACvE,QAAQ,EAAE,0BAA0B;QACpC,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;CAchB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,0BAA0B;gBACpC,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,8CAA8C;gBAC3D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,iBAAiB,EAAE,MAAM,CAAC;KAClC;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,iBAAiB,GAAkB;IAC9C;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,uCAAuC;QAC7C,WAAW,EAAE,iDAAiD;QAC9D,QAAQ,EAAE,YAAY;QACtB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,kBAAkB;gBACxB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;CAmBhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,CAAC;gBACP,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,qDAAqD;gBAClE,YAAY,EAAE,IAAI;aACnB;YACD;gBACE,IAAI,EAAE,kBAAkB;gBACxB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,6CAA6C;gBAC1D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,gBAAgB,EAAE,MAAM,EAAE,eAAe,CAAC;KAClD;IACD;QACE,EAAE,EAAE,SAAS;QACb,IAAI,EAAE,sCAAsC;QAC5C,WAAW,EAAE,8CAA8C;QAC3D,QAAQ,EAAE,YAAY;QACtB,MAAM,EAAE,QAAQ;QAChB,KAAK,EAAE;YACL;gBACE,IAAI,EAAE,iBAAiB;gBACvB,QAAQ,EAAE,YAAY;gBACtB,OAAO,EAAE;;;;;;;;;;;;;;;;;;;;;;;;;;;CA2BhB;aACM;SACF;QACD,gBAAgB,EAAE;YAChB;gBACE,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,EAAE;gBACR,QAAQ,EAAE,MAAM;gBAChB,QAAQ,EAAE,YAAY;gBACtB,KAAK,EAAE,SAAS;gBAChB,WAAW,EAAE,8CAA8C;gBAC3D,YAAY,EAAE,IAAI;aACnB;SACF;QACD,IAAI,EAAE,CAAC,UAAU,EAAE,KAAK,EAAE,eAAe,CAAC;KAC3C;CACF,CAAC;AAEF;;GAEG;AACH,MAAM,CAAC,MAAM,YAAY,GAAkB;IACzC,GAAG,oBAAoB;IACvB,GAAG,WAAW;IACd,GAAG,eAAe;IAClB,GAAG,kBAAkB;IACrB,GAAG,YAAY;IACf,GAAG,qBAAqB;IACxB,GAAG,wBAAwB;IAC3B,GAAG,YAAY;IACf,GAAG,WAAW;IACd,GAAG,+BAA+B;IAClC,GAAG,iBAAiB;CACrB,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,qBAAqB,CAAC,QAAgB;IACpD,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC;AAC7D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,gBAAgB,CAAC,GAAW;IAC1C,OAAO,YAAY,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC;AAC3D,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,cAAc,CAAC,EAAU;IACvC,OAAO,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,EAAE,CAAC,CAAC;AAC/C,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,eAAe;IAK7B,MAAM,UAAU,GAA2B,EAAE,CAAC;IAC9C,IAAI,aAAa,GAAG,CAAC,CAAC;IAEtB,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;QACnC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,UAAU,CAAC,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QACvE,aAAa,IAAI,OAAO,CAAC,gBAAgB,CAAC,MAAM,CAAC;IACnD,CAAC;IAED,OAAO;QACL,KAAK,EAAE,YAAY,CAAC,MAAM;QAC1B,UAAU;QACV,aAAa;KACd,CAAC;AACJ,CAAC"}

package/dist/eval/fixtures.test.js

@@ -71,10 +71,12 @@ describe("fixtures", () => {
             expect(reactFixture).toBeDefined();
             expect(reactFixture.files[0].language).toBe("tsx");
         });
-        it("includes DOM manipulation test case", () => {
+        it("includes a reflected-output XSS test case", () => {
             const domFixture = xssFixtures.find((f) => f.id === "xss-002");
             expect(domFixture).toBeDefined();
-            expect(domFixture.files[0].content).toContain("innerHTML");
+            // realistic reflected XSS: request input echoed into the response
+            expect(domFixture.files[0].content).toMatch(/res\.(send|write)/);
+            expect(domFixture.files[0].content).toContain("req.query");
         });
     });
     describe("secretsFixtures", () => {

package/dist/eval/fixtures.test.js.map

@@ -1 +1 @@
-{"version":3,"file":"fixtures.test.js","sourceRoot":"","sources":["../../src/eval/fixtures.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,YAAY,EACZ,qBAAqB,EACrB,qBAAqB,EACrB,gBAAgB,EAChB,cAAc,EACd,eAAe,GAChB,MAAM,eAAe,CAAC;AAEvB,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;IACxB,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAE/C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YAChE,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;YAChC,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;gBACnC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;gBACjC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;gBACnC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;gBAC1C,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;gBACvC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;gBACpC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;gBAChD,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAC;YACjD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;gBACnC,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;oBAC/C,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;oBACnC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;oBACnC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;oBACxC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;oBACvC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;oBACvC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;oBAC1C,MAAM,CAAC,OAAO,OAAO,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACvD,MAAM,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC3E,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;YACpC,MAAM,CAAC,aAAc,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,eAAe,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC7E,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YACtC,MAAM,CAAC,eAAgB,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;YAC1D,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YACjE,MAAM,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,CAAC;YACnC,MAAM,CAAC,YAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC/D,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,CAAC,UAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAClD,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,aAAa,CAAC,CAAC;YAC1E,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;YACpC,MAAM,CAAC,aAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,aAAa,CAAC,CAAC;YACtE,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,CAAC,SAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACrD,MAAM,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YACvE,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,CAAC,UAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YAC5E,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YACtC,MAAM,CAAC,eAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC/C,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YAClE,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACxD,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,WAAW,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YAC3E,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,WAAW,GAAG,qBAAqB,CAAC,eAAe,CAAC,CAAC;YAC3D,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,QAAQ,GAAG,qBAAqB,CAAC,kBAAkB,CAAC,CAAC;YAC3D,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAC;YAC9C,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAChC,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;YACvD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAChD,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;YACtD,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACxD,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,OAAO,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;YAC1C,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;YAC9B,MAAM,CAAC,OAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,OAAO,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;YAC7C,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QAClC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;YACnC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;YAC5E,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzD,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CACvC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,gBAAgB,CAAC,MAAM,EAC3C,CAAC,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}
+{"version":3,"file":"fixtures.test.js","sourceRoot":"","sources":["../../src/eval/fixtures.test.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,OAAO,EAAE,QAAQ,EAAE,EAAE,EAAE,MAAM,EAAE,MAAM,QAAQ,CAAC;AAC9C,OAAO,EACL,YAAY,EACZ,oBAAoB,EACpB,WAAW,EACX,eAAe,EACf,kBAAkB,EAClB,YAAY,EACZ,qBAAqB,EACrB,qBAAqB,EACrB,gBAAgB,EAChB,cAAc,EACd,eAAe,GAChB,MAAM,eAAe,CAAC;AAEvB,QAAQ,CAAC,UAAU,EAAE,GAAG,EAAE;IACxB,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAE/C,MAAM,UAAU,GAAG,IAAI,GAAG,CAAC,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;YAChE,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACnD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACzC,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7C,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YACjD,MAAM,CAAC,UAAU,CAAC,GAAG,CAAC,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,wBAAwB,EAAE,GAAG,EAAE;YAChC,MAAM,GAAG,GAAG,YAAY,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;YAC1C,MAAM,SAAS,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,CAAC;YAC/B,MAAM,CAAC,SAAS,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;gBACnC,MAAM,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC,WAAW,EAAE,CAAC;gBACjC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;gBACnC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;gBAC1C,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;gBACvC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC;gBACpC,MAAM,CAAC,OAAO,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;gBAChD,MAAM,CAAC,OAAO,CAAC,gBAAgB,CAAC,CAAC,WAAW,EAAE,CAAC;YACjD,CAAC;QACH,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4CAA4C,EAAE,GAAG,EAAE;YACpD,KAAK,MAAM,OAAO,IAAI,YAAY,EAAE,CAAC;gBACnC,KAAK,MAAM,OAAO,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;oBAC/C,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;oBACnC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,WAAW,EAAE,CAAC;oBACnC,MAAM,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;oBACxC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;oBACvC,MAAM,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,WAAW,EAAE,CAAC;oBACvC,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;oBAC1C,MAAM,CAAC,OAAO,OAAO,CAAC,YAAY,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;gBACtD,CAAC;YACH,CAAC;QACH,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,sBAAsB,EAAE,GAAG,EAAE;QACpC,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACvD,MAAM,CAAC,oBAAoB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACvF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,yCAAyC,EAAE,GAAG,EAAE;YACjD,MAAM,aAAa,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC3E,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;YACpC,MAAM,CAAC,aAAc,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,sBAAsB,CAAC,CAAC;QAChE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,eAAe,GAAG,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC7E,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YACtC,MAAM,CAAC,eAAgB,CAAC,IAAI,CAAC,CAAC,SAAS,CAAC,kBAAkB,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,aAAa,EAAE,GAAG,EAAE;QAC3B,EAAE,CAAC,yBAAyB,EAAE,GAAG,EAAE;YACjC,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kDAAkD,EAAE,GAAG,EAAE;YAC1D,MAAM,YAAY,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YACjE,MAAM,CAAC,YAAY,CAAC,CAAC,WAAW,EAAE,CAAC;YACnC,MAAM,CAAC,YAAa,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2CAA2C,EAAE,GAAG,EAAE;YACnD,MAAM,UAAU,GAAG,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,SAAS,CAAC,CAAC;YAC/D,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YACjC,kEAAkE;YAClE,MAAM,CAAC,UAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,OAAO,CAAC,mBAAmB,CAAC,CAAC;YAClE,MAAM,CAAC,UAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,WAAW,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAClD,MAAM,CAAC,eAAe,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC5E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,4BAA4B,EAAE,GAAG,EAAE;YACpC,MAAM,aAAa,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,aAAa,CAAC,CAAC;YAC1E,MAAM,CAAC,aAAa,CAAC,CAAC,WAAW,EAAE,CAAC;YACpC,MAAM,CAAC,aAAc,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,gBAAgB,CAAC,CAAC;QACtE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,gCAAgC,EAAE,GAAG,EAAE;YACxC,MAAM,SAAS,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,aAAa,CAAC,CAAC;YACtE,MAAM,CAAC,SAAS,CAAC,CAAC,WAAW,EAAE,CAAC;YAChC,MAAM,CAAC,SAAU,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,aAAa,CAAC,CAAC;QAC/D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,oBAAoB,EAAE,GAAG,EAAE;QAClC,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,kBAAkB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACrD,MAAM,CAAC,kBAAkB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACnF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,UAAU,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YACvE,MAAM,CAAC,UAAU,CAAC,CAAC,WAAW,EAAE,CAAC;YACjC,MAAM,CAAC,UAAW,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,CAAC;QAC1D,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,eAAe,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YAC5E,MAAM,CAAC,eAAe,CAAC,CAAC,WAAW,EAAE,CAAC;YACtC,MAAM,CAAC,eAAgB,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,YAAY,CAAC,CAAC;QACpE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,cAAc,EAAE,GAAG,EAAE;QAC5B,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC/C,MAAM,CAAC,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,aAAa,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,uCAAuC,EAAE,GAAG,EAAE;YAC/C,MAAM,WAAW,GAAG,YAAY,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YAClE,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAY,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QAClE,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,CAAC,qBAAqB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YACxD,MAAM,CAAC,qBAAqB,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,gBAAgB,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACzF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,WAAW,GAAG,qBAAqB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,EAAE,KAAK,UAAU,CAAC,CAAC;YAC3E,MAAM,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;YAClC,MAAM,CAAC,WAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,SAAS,CAAC,UAAU,CAAC,CAAC;QAC9D,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,uBAAuB,EAAE,GAAG,EAAE;QACrC,EAAE,CAAC,qCAAqC,EAAE,GAAG,EAAE;YAC7C,MAAM,WAAW,GAAG,qBAAqB,CAAC,eAAe,CAAC,CAAC;YAC3D,MAAM,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAC9C,MAAM,CAAC,WAAW,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC9E,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,QAAQ,GAAG,qBAAqB,CAAC,kBAAkB,CAAC,CAAC;YAC3D,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0BAA0B,EAAE,GAAG,EAAE;YAClC,MAAM,QAAQ,GAAG,qBAAqB,CAAC,KAAK,CAAC,CAAC;YAC9C,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;QACnD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,kBAAkB,EAAE,GAAG,EAAE;QAChC,EAAE,CAAC,oCAAoC,EAAE,GAAG,EAAE;YAC5C,MAAM,aAAa,GAAG,gBAAgB,CAAC,cAAc,CAAC,CAAC;YACvD,MAAM,CAAC,aAAa,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;YAChD,MAAM,CAAC,aAAa,CAAC,KAAK,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,QAAQ,CAAC,cAAc,CAAC,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAClF,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,0CAA0C,EAAE,GAAG,EAAE;YAClD,MAAM,QAAQ,GAAG,gBAAgB,CAAC,kBAAkB,CAAC,CAAC;YACtD,MAAM,CAAC,QAAQ,CAAC,CAAC,OAAO,CAAC,EAAE,CAAC,CAAC;QAC/B,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,mCAAmC,EAAE,GAAG,EAAE;YAC3C,MAAM,iBAAiB,GAAG,gBAAgB,CAAC,WAAW,CAAC,CAAC;YACxD,MAAM,CAAC,iBAAiB,CAAC,MAAM,CAAC,CAAC,eAAe,CAAC,CAAC,CAAC,CAAC;QACtD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,gBAAgB,EAAE,GAAG,EAAE;QAC9B,EAAE,CAAC,8BAA8B,EAAE,GAAG,EAAE;YACtC,MAAM,OAAO,GAAG,cAAc,CAAC,SAAS,CAAC,CAAC;YAC1C,MAAM,CAAC,OAAO,CAAC,CAAC,WAAW,EAAE,CAAC;YAC9B,MAAM,CAAC,OAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC;QACtC,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,kCAAkC,EAAE,GAAG,EAAE;YAC1C,MAAM,OAAO,GAAG,cAAc,CAAC,YAAY,CAAC,CAAC;YAC7C,MAAM,CAAC,OAAO,CAAC,CAAC,aAAa,EAAE,CAAC;QAClC,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;IAEH,QAAQ,CAAC,iBAAiB,EAAE,GAAG,EAAE;QAC/B,EAAE,CAAC,6BAA6B,EAAE,GAAG,EAAE;YACrC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,CAAC,KAAK,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,YAAY,CAAC,MAAM,CAAC,CAAC;QAChD,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,2BAA2B,EAAE,GAAG,EAAE;YACnC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,eAAe,CAAC,CAAC,CAAC,IAAI,CAAC,oBAAoB,CAAC,MAAM,CAAC,CAAC;YAC5E,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,CAAC,CAAC;YACzD,MAAM,CAAC,KAAK,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC,IAAI,CAAC,eAAe,CAAC,MAAM,CAAC,CAAC;QACnE,CAAC,CAAC,CAAC;QAEH,EAAE,CAAC,iCAAiC,EAAE,GAAG,EAAE;YACzC,MAAM,KAAK,GAAG,eAAe,EAAE,CAAC;YAChC,MAAM,aAAa,GAAG,YAAY,CAAC,MAAM,CACvC,CAAC,GAAG,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,GAAG,CAAC,CAAC,gBAAgB,CAAC,MAAM,EAC3C,CAAC,CACF,CAAC;YACF,MAAM,CAAC,KAAK,CAAC,aAAa,CAAC,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;QAClD,CAAC,CAAC,CAAC;IACL,CAAC,CAAC,CAAC;AACL,CAAC,CAAC,CAAC"}

package/dist/eval/llm-analyzer.d.ts

@@ -0,0 +1,40 @@
+/**
+ * LLM security analyzer for the accuracy benchmark.
+ *
+ * Runs the LLM layer (Anthropic, optionally OpenAI for cross-model
+ * consensus) over a code sample and returns structured findings in the
+ * same shape the eval harness matches against ground truth. This lets
+ * the benchmark measure the *full pipeline*, not just the deterministic
+ * scanners — and it's where the logic/semantic classes (auth-bypass,
+ * RLS, deserialization) the scanners miss should get caught.
+ *
+ * Providers are loaded via dynamic import so neither SDK is a hard
+ * runtime dependency (openai is only needed for consensus).
+ *
+ * @module eval/llm-analyzer
+ */
+import type { ActualFinding } from "./types.js";
+export type LlmProvider = "anthropic" | "openai";
+/** Whether a given provider can run (API key present). */
+export declare function providerAvailable(provider: LlmProvider): boolean;
+/** Analyze a single file with one provider. */
+export declare function analyzeCode(file: string, code: string, provider: LlmProvider): Promise<ActualFinding[]>;
+/**
+ * Two findings agree if they name the same file, the same category, and a
+ * line within tolerance. Category is the part after the `<provider>:`
+ * prefix in ruleId, so cross-provider findings compare correctly.
+ */
+export declare function findingsAgree(a: ActualFinding, b: ActualFinding): boolean;
+/** The findings from `primary` that at least one `other` finding agrees with. */
+export declare function consensusOf(primary: ActualFinding[], other: ActualFinding[]): ActualFinding[];
+/**
+ * Cross-model consensus: run both providers and keep findings both agree
+ * on (same file, category, and line within tolerance). Trades recall for
+ * confidence — every kept finding has two-model corroboration. That's the
+ * value proposition of multi-model consensus for certification.
+ */
+export declare function analyzeWithConsensus(file: string, code: string): Promise<{
+    consensus: ActualFinding[];
+    byProvider: Record<string, ActualFinding[]>;
+}>;
+//# sourceMappingURL=llm-analyzer.d.ts.map

package/dist/eval/llm-analyzer.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"llm-analyzer.d.ts","sourceRoot":"","sources":["../../src/eval/llm-analyzer.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;GAcG;AAIH,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,YAAY,CAAC;AAEhD,MAAM,MAAM,WAAW,GAAG,WAAW,GAAG,QAAQ,CAAC;AA4EjD,0DAA0D;AAC1D,wBAAgB,iBAAiB,CAAC,QAAQ,EAAE,WAAW,GAAG,OAAO,CAIhE;AA2DD,+CAA+C;AAC/C,wBAAsB,WAAW,CAC/B,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,EACZ,QAAQ,EAAE,WAAW,GACpB,OAAO,CAAC,aAAa,EAAE,CAAC,CAI1B;AAKD;;;;GAIG;AACH,wBAAgB,aAAa,CAAC,CAAC,EAAE,aAAa,EAAE,CAAC,EAAE,aAAa,GAAG,OAAO,CAMzE;AAED,iFAAiF;AACjF,wBAAgB,WAAW,CACzB,OAAO,EAAE,aAAa,EAAE,EACxB,KAAK,EAAE,aAAa,EAAE,GACrB,aAAa,EAAE,CAEjB;AAED;;;;;GAKG;AACH,wBAAsB,oBAAoB,CACxC,IAAI,EAAE,MAAM,EACZ,IAAI,EAAE,MAAM,GACX,OAAO,CAAC;IAAE,SAAS,EAAE,aAAa,EAAE,CAAC;IAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,EAAE,CAAC,CAAA;CAAE,CAAC,CAOtF"}