vaspera 2.9.2 → 2.10.0

package/dist/scanners/logic/endpoint-analyzer.js

@@ -0,0 +1,528 @@
+/**
+ * API Endpoint Analyzer
+ *
+ * Extracts API endpoints from source code for various frameworks.
+ *
+ * @module scanners/logic/endpoint-analyzer
+ */
+import { readFile } from "fs/promises";
+import { join } from "path";
+import { glob } from "glob";
+import { logger } from "../../logger.js";
+/**
+ * Route patterns for different frameworks
+ */
+const ROUTE_PATTERNS = {
+    nextjs: [
+        // App Router: export async function GET/POST/etc
+        { pattern: /export\s+(?:async\s+)?function\s+(GET|POST|PUT|DELETE|PATCH|HEAD|OPTIONS)\s*\(/gi, methodGroup: 1, pathGroup: -1 },
+        // Pages Router: handler switch on method
+        { pattern: /req\.method\s*===?\s*['"`](GET|POST|PUT|DELETE|PATCH)['"`]/gi, methodGroup: 1, pathGroup: -1 },
+    ],
+    express: [
+        // app.get('/path', handler) or router.get('/path', handler)
+        { pattern: /(?:app|router)\.(get|post|put|delete|patch|all)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+        // app.use('/path', router)
+        { pattern: /(?:app|router)\.use\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: -1, pathGroup: 1 },
+    ],
+    fastify: [
+        // fastify.get('/path', handler)
+        { pattern: /fastify\.(get|post|put|delete|patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+        // fastify.route({ method, url })
+        { pattern: /fastify\.route\s*\(\s*\{[^}]*method:\s*['"`](GET|POST|PUT|DELETE|PATCH)['"`][^}]*url:\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    koa: [
+        { pattern: /router\.(get|post|put|delete|patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    hapi: [
+        { pattern: /server\.route\s*\(\s*\{[^}]*method:\s*['"`](GET|POST|PUT|DELETE|PATCH)['"`][^}]*path:\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    nestjs: [
+        // @Get('/path'), @Post('/path'), etc.
+        { pattern: /@(Get|Post|Put|Delete|Patch)\s*\(\s*['"`]?([^'"`)\s]*)['"`]?\s*\)/gi, methodGroup: 1, pathGroup: 2 },
+        // @Controller('/path')
+        { pattern: /@Controller\s*\(\s*['"`]([^'"`]+)['"`]\s*\)/gi, methodGroup: -1, pathGroup: 1 },
+    ],
+    django: [
+        // path('route/', view)
+        { pattern: /path\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: -1, pathGroup: 1 },
+        // @api_view(['GET', 'POST'])
+        { pattern: /@api_view\s*\(\s*\[([^\]]+)\]/gi, methodGroup: 1, pathGroup: -1 },
+    ],
+    flask: [
+        // @app.route('/path', methods=['GET', 'POST'])
+        { pattern: /@(?:app|blueprint)\.route\s*\(\s*['"`]([^'"`]+)['"`](?:[^)]*methods\s*=\s*\[([^\]]+)\])?/gi, methodGroup: 2, pathGroup: 1 },
+    ],
+    fastapi: [
+        // @app.get('/path')
+        { pattern: /@(?:app|router)\.(get|post|put|delete|patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    rails: [
+        // get '/path', to: 'controller#action'
+        { pattern: /(get|post|put|patch|delete)\s+['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+        // resources :users
+        { pattern: /resources?\s+:(\w+)/gi, methodGroup: -1, pathGroup: 1 },
+    ],
+    spring: [
+        // @GetMapping("/path")
+        { pattern: /@(Get|Post|Put|Delete|Patch)Mapping\s*\(\s*(?:value\s*=\s*)?['"`]?([^'"`)\s]*)['"`]?\s*\)/gi, methodGroup: 1, pathGroup: 2 },
+        // @RequestMapping(method = RequestMethod.GET, path = "/path")
+        { pattern: /@RequestMapping\s*\([^)]*method\s*=\s*RequestMethod\.(GET|POST|PUT|DELETE|PATCH)[^)]*(?:path|value)\s*=\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    laravel: [
+        // Route::get('/path', [Controller::class, 'method'])
+        { pattern: /Route::(get|post|put|patch|delete)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    gin: [
+        // r.GET("/path", handler)
+        { pattern: /[rg]\.(GET|POST|PUT|DELETE|PATCH)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    echo: [
+        // e.GET("/path", handler)
+        { pattern: /e\.(GET|POST|PUT|DELETE|PATCH)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    fiber: [
+        // app.Get("/path", handler)
+        { pattern: /app\.(Get|Post|Put|Delete|Patch)\s*\(\s*['"`]([^'"`]+)['"`]/gi, methodGroup: 1, pathGroup: 2 },
+    ],
+    auto: [],
+};
+/**
+ * Patterns to detect authentication middleware
+ */
+const AUTH_MIDDLEWARE_PATTERNS = [
+    /auth(?:enticate|orize)?/i,
+    /requireAuth/i,
+    /isAuthenticated/i,
+    /ensureLoggedIn/i,
+    /protect(?:ed)?Route/i,
+    /jwt(?:Auth|Verify|Guard)?/i,
+    /passport\./,
+    /session\./,
+    /@UseGuards\s*\([^)]*AuthGuard/i,
+    /middleware\s*=\s*\[.*auth/i,
+    /IsAuthenticated\(\)/i,
+    /Depends\s*\(\s*get_current_user/i,
+    /before_action\s+:authenticate/i,
+    /auth:api/i,
+];
+/**
+ * Patterns to detect authorization checks
+ */
+const AUTHZ_CHECK_PATTERNS = [
+    { pattern: /user\.id\s*===?\s*(?:req|request|params|ctx)\.[^;]+/i, type: "ownership" },
+    { pattern: /\.userId\s*===?\s*(?:req|request|session)\.user/i, type: "ownership" },
+    { pattern: /belongsTo|ownedBy|createdBy|authorId/i, type: "ownership" },
+    { pattern: /isOwner|canAccess|hasPermission/i, type: "permission" },
+    { pattern: /user\.role\s*===?\s*['"`]admin['"`]/i, type: "admin" },
+    { pattern: /\.isAdmin|isSuper|isModerator/i, type: "admin" },
+    { pattern: /roles?\.(includes|contains|has)\s*\(/i, type: "role" },
+    { pattern: /@Roles?\s*\(/i, type: "role" },
+    { pattern: /permissions?\.(includes|contains|has)\s*\(/i, type: "permission" },
+    { pattern: /can\s*\(\s*['"`]\w+['"`]/i, type: "permission" },
+    { pattern: /authorize|checkPermission|requireRole/i, type: "custom" },
+];
+/**
+ * Patterns to detect database access
+ */
+const DB_ACCESS_PATTERNS = [
+    { pattern: /\.findOne\s*\(/i, type: "select" },
+    { pattern: /\.findById\s*\(/i, type: "select" },
+    { pattern: /\.findUnique\s*\(/i, type: "select" },
+    { pattern: /\.findFirst\s*\(/i, type: "select" },
+    { pattern: /\.find\s*\(\s*\{/i, type: "select" },
+    { pattern: /\.select\s*\(/i, type: "select" },
+    { pattern: /SELECT\s+.*\s+FROM/i, type: "select" },
+    { pattern: /\.create\s*\(/i, type: "insert" },
+    { pattern: /\.insert\s*\(/i, type: "insert" },
+    { pattern: /INSERT\s+INTO/i, type: "insert" },
+    { pattern: /\.update\s*\(/i, type: "update" },
+    { pattern: /\.updateOne\s*\(/i, type: "update" },
+    { pattern: /\.updateMany\s*\(/i, type: "update" },
+    { pattern: /UPDATE\s+\w+\s+SET/i, type: "update" },
+    { pattern: /\.delete\s*\(/i, type: "delete" },
+    { pattern: /\.deleteOne\s*\(/i, type: "delete" },
+    { pattern: /\.deleteMany\s*\(/i, type: "delete" },
+    { pattern: /DELETE\s+FROM/i, type: "delete" },
+    { pattern: /\.query\s*\(/i, type: "raw" },
+    { pattern: /\.raw\s*\(/i, type: "raw" },
+    { pattern: /\$queryRaw/i, type: "raw" },
+];
+/**
+ * Extract path parameters from route path
+ */
+export function extractPathParams(path) {
+    const params = [];
+    // Express/Fastify style :param
+    const colonParams = path.match(/:(\w+)/g);
+    if (colonParams) {
+        params.push(...colonParams.map((p) => p.slice(1)));
+    }
+    // Next.js/bracket style [param]
+    const bracketParams = path.match(/\[(\w+)\]/g);
+    if (bracketParams) {
+        params.push(...bracketParams.map((p) => p.slice(1, -1)));
+    }
+    // Django/Flask style <param>
+    const angleParams = path.match(/<(\w+)(?::\w+)?>/g);
+    if (angleParams) {
+        params.push(...angleParams.map((p) => p.replace(/<|>|:\w+/g, "")));
+    }
+    // Spring style {param}
+    const curlyParams = path.match(/\{(\w+)\}/g);
+    if (curlyParams) {
+        params.push(...curlyParams.map((p) => p.slice(1, -1)));
+    }
+    return params;
+}
+/**
+ * Detect framework from package.json
+ */
+export async function detectFramework(projectPath) {
+    try {
+        const pkgPath = join(projectPath, "package.json");
+        const pkgContent = await readFile(pkgPath, "utf-8");
+        const pkg = JSON.parse(pkgContent);
+        const deps = { ...pkg.dependencies, ...pkg.devDependencies };
+        // Check in priority order
+        if (deps["next"])
+            return "nextjs";
+        if (deps["@nestjs/core"])
+            return "nestjs";
+        if (deps["fastify"])
+            return "fastify";
+        if (deps["koa"])
+            return "koa";
+        if (deps["@hapi/hapi"])
+            return "hapi";
+        if (deps["express"])
+            return "express";
+        // Check for Python frameworks (look for requirements.txt or pyproject.toml)
+        // This is a simplified check
+        try {
+            const reqPath = join(projectPath, "requirements.txt");
+            const reqContent = await readFile(reqPath, "utf-8");
+            if (reqContent.includes("fastapi"))
+                return "fastapi";
+            if (reqContent.includes("flask"))
+                return "flask";
+            if (reqContent.includes("django"))
+                return "django";
+        }
+        catch {
+            // No requirements.txt
+        }
+        return "auto";
+    }
+    catch {
+        return "auto";
+    }
+}
+/**
+ * Extract API path from Next.js file path
+ */
+function getNextjsApiPath(filePath) {
+    // app/api/users/[id]/route.ts -> /api/users/[id]
+    const appMatch = filePath.match(/app\/(api\/[^/]+(?:\/[^/]+)*?)\/route\.[jt]sx?$/);
+    if (appMatch) {
+        return "/" + appMatch[1];
+    }
+    // pages/api/users/[id].ts -> /api/users/[id]
+    const pagesMatch = filePath.match(/pages\/(api\/[^/]+(?:\/[^/]+)*?)\.[jt]sx?$/);
+    if (pagesMatch) {
+        return "/" + pagesMatch[1];
+    }
+    return "";
+}
+/**
+ * Check if code has authentication middleware
+ */
+function hasAuthMiddleware(content) {
+    return AUTH_MIDDLEWARE_PATTERNS.some((pattern) => pattern.test(content));
+}
+/**
+ * Find authorization checks in code
+ */
+function findAuthzChecks(content, filePath) {
+    const checks = [];
+    const lines = content.split("\n");
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const { pattern, type } of AUTHZ_CHECK_PATTERNS) {
+            if (pattern.test(line)) {
+                // Get context (surrounding lines)
+                const contextStart = Math.max(0, i - 2);
+                const contextEnd = Math.min(lines.length, i + 3);
+                const snippet = lines.slice(contextStart, contextEnd).join("\n");
+                checks.push({
+                    type,
+                    location: { file: filePath, line: i + 1 },
+                    snippet,
+                    potentiallyBypassable: checkIfBypassable(snippet, type),
+                    bypassReason: getBypassReason(snippet, type),
+                });
+            }
+        }
+    }
+    return checks;
+}
+/**
+ * Check if authorization check might be bypassable
+ */
+function checkIfBypassable(snippet, type) {
+    // Check for common bypass patterns
+    const bypassPatterns = [
+        /\|\|\s*true/i, // || true
+        /if\s*\(\s*false\s*\)/i, // if (false)
+        /\/\/.*TODO/i, // TODO comments
+        /\/\/.*FIXME/i, // FIXME comments
+        /process\.env\.\w+\s*===?\s*['"`]dev/i, // Dev mode bypass
+        /NODE_ENV\s*===?\s*['"`]development/i, // Dev env bypass
+    ];
+    if (type === "ownership" && !/===/.test(snippet)) {
+        return true; // Loose equality check
+    }
+    return bypassPatterns.some((p) => p.test(snippet));
+}
+/**
+ * Get reason why check might be bypassable
+ */
+function getBypassReason(snippet, type) {
+    if (/\|\|\s*true/i.test(snippet)) {
+        return "Check always passes (|| true)";
+    }
+    if (/\/\/.*TODO/i.test(snippet) || /\/\/.*FIXME/i.test(snippet)) {
+        return "Check marked as incomplete (TODO/FIXME)";
+    }
+    if (/process\.env|NODE_ENV/i.test(snippet)) {
+        return "Check bypassed in development mode";
+    }
+    if (type === "ownership" && /==[^=]/.test(snippet)) {
+        return "Using loose equality (==) instead of strict (===)";
+    }
+    return undefined;
+}
+/**
+ * Find database queries in code
+ */
+function findDbQueries(content, filePath) {
+    const queries = [];
+    const lines = content.split("\n");
+    for (let i = 0; i < lines.length; i++) {
+        const line = lines[i];
+        for (const { pattern, type } of DB_ACCESS_PATTERNS) {
+            if (pattern.test(line)) {
+                // Get context
+                const contextStart = Math.max(0, i - 2);
+                const contextEnd = Math.min(lines.length, i + 3);
+                const snippet = lines.slice(contextStart, contextEnd).join("\n");
+                // Try to extract table name
+                const tableMatch = snippet.match(/(?:from|into|update|delete from|\.)\s*['"` ]?(\w+)['"` ]?/i);
+                queries.push({
+                    type,
+                    table: tableMatch?.[1],
+                    hasOwnershipFilter: hasOwnershipFilter(snippet),
+                    location: { file: filePath, line: i + 1 },
+                    snippet,
+                });
+            }
+        }
+    }
+    return queries;
+}
+/**
+ * Check if query includes ownership filter
+ */
+function hasOwnershipFilter(snippet) {
+    const ownershipPatterns = [
+        /where\s*:?\s*\{[^}]*userId/i,
+        /where\s*:?\s*\{[^}]*user[_.]?id/i,
+        /where\s*:?\s*\{[^}]*owner/i,
+        /where\s*:?\s*\{[^}]*createdBy/i,
+        /userId\s*:\s*(?:req|ctx|user)\.user/i,
+        /\.\s*filter\s*\([^)]*user/i,
+        /AND\s+user_?id\s*=/i,
+        /WHERE\s+user_?id\s*=/i,
+    ];
+    return ownershipPatterns.some((p) => p.test(snippet));
+}
+/**
+ * Extract endpoints from a single file
+ */
+async function extractEndpointsFromFile(filePath, framework, projectPath) {
+    const content = await readFile(filePath, "utf-8");
+    const endpoints = [];
+    const relativeFilePath = filePath.replace(projectPath + "/", "");
+    // Handle Next.js specially since routes are file-based
+    if (framework === "nextjs") {
+        const apiPath = getNextjsApiPath(relativeFilePath);
+        if (apiPath) {
+            // Find exported HTTP methods
+            const methodPattern = /export\s+(?:async\s+)?function\s+(GET|POST|PUT|DELETE|PATCH|HEAD|OPTIONS)\s*\(/gi;
+            let match;
+            const methods = [];
+            while ((match = methodPattern.exec(content)) !== null) {
+                methods.push(match[1].toUpperCase());
+            }
+            // If no explicit methods, it's a Pages API route that handles all methods
+            if (methods.length === 0 && /export\s+default\s+(?:async\s+)?function/.test(content)) {
+                methods.push("GET", "POST", "PUT", "DELETE", "PATCH");
+            }
+            if (methods.length > 0) {
+                endpoints.push({
+                    file: relativeFilePath,
+                    line: 1,
+                    method: methods.length === 1 ? methods[0] : methods,
+                    path: apiPath,
+                    framework: "nextjs",
+                    pathParams: extractPathParams(apiPath),
+                    hasAuth: hasAuthMiddleware(content),
+                    authzChecks: findAuthzChecks(content, relativeFilePath),
+                    hasDbAccess: DB_ACCESS_PATTERNS.some(({ pattern }) => pattern.test(content)),
+                    dbQueries: findDbQueries(content, relativeFilePath),
+                });
+            }
+        }
+        return endpoints;
+    }
+    // Use framework-specific patterns
+    const patterns = ROUTE_PATTERNS[framework] || [];
+    for (const { pattern, methodGroup, pathGroup } of patterns) {
+        let match;
+        const regex = new RegExp(pattern.source, pattern.flags);
+        while ((match = regex.exec(content)) !== null) {
+            const method = methodGroup > 0 ? match[methodGroup]?.toUpperCase() : "GET";
+            const path = pathGroup > 0 ? match[pathGroup] : "";
+            if (path) {
+                // Find the line number
+                const linesBefore = content.slice(0, match.index).split("\n");
+                const line = linesBefore.length;
+                endpoints.push({
+                    file: relativeFilePath,
+                    line,
+                    method,
+                    path,
+                    framework,
+                    pathParams: extractPathParams(path),
+                    hasAuth: hasAuthMiddleware(content),
+                    authzChecks: findAuthzChecks(content, relativeFilePath),
+                    hasDbAccess: DB_ACCESS_PATTERNS.some(({ pattern }) => pattern.test(content)),
+                    dbQueries: findDbQueries(content, relativeFilePath),
+                });
+            }
+        }
+    }
+    return endpoints;
+}
+/**
+ * Get file patterns to search for endpoints
+ */
+function getSearchPatterns(framework) {
+    switch (framework) {
+        case "nextjs":
+            return [
+                "**/app/api/**/route.{ts,js,tsx,jsx}",
+                "**/pages/api/**/*.{ts,js,tsx,jsx}",
+            ];
+        case "express":
+        case "fastify":
+        case "koa":
+        case "hapi":
+            return [
+                "**/routes/**/*.{ts,js}",
+                "**/router/**/*.{ts,js}",
+                "**/api/**/*.{ts,js}",
+                "**/controllers/**/*.{ts,js}",
+            ];
+        case "nestjs":
+            return ["**/*.controller.{ts,js}"];
+        case "django":
+            return ["**/views.py", "**/urls.py", "**/api/**/*.py"];
+        case "flask":
+        case "fastapi":
+            return ["**/routes/**/*.py", "**/routers/**/*.py", "**/api/**/*.py", "**/*_router.py"];
+        case "rails":
+            return ["**/routes.rb", "**/controllers/**/*.rb"];
+        case "spring":
+            return ["**/*Controller.java", "**/*RestController.java"];
+        case "laravel":
+            return ["**/routes/*.php", "**/Http/Controllers/**/*.php"];
+        case "gin":
+        case "echo":
+        case "fiber":
+            return ["**/routes/**/*.go", "**/handlers/**/*.go", "**/api/**/*.go"];
+        default:
+            return [
+                "**/routes/**/*.{ts,js}",
+                "**/api/**/*.{ts,js,py,go,java,php,rb}",
+                "**/controllers/**/*.{ts,js,py,go,java,php,rb}",
+            ];
+    }
+}
+/**
+ * Extract all endpoints from a project
+ */
+export async function extractEndpoints(projectPath, options) {
+    const framework = options?.framework || (await detectFramework(projectPath));
+    const searchPatterns = options?.include || getSearchPatterns(framework);
+    const exclude = options?.exclude || ["**/node_modules/**", "**/dist/**", "**/build/**", "**/.next/**"];
+    logger.info("endpoint_analyzer.extract", { projectPath, framework, patterns: searchPatterns });
+    const endpoints = [];
+    for (const pattern of searchPatterns) {
+        try {
+            const files = await glob(pattern, {
+                cwd: projectPath,
+                ignore: exclude,
+                absolute: true,
+            });
+            for (const file of files) {
+                try {
+                    const fileEndpoints = await extractEndpointsFromFile(file, framework, projectPath);
+                    endpoints.push(...fileEndpoints);
+                }
+                catch (error) {
+                    logger.debug("endpoint_analyzer.file_error", { file, error: String(error) });
+                }
+            }
+        }
+        catch (error) {
+            logger.debug("endpoint_analyzer.glob_error", { pattern, error: String(error) });
+        }
+    }
+    logger.info("endpoint_analyzer.complete", { endpoints: endpoints.length });
+    return endpoints;
+}
+/**
+ * Infer resource type from endpoint path
+ */
+export function inferResourceType(path) {
+    // Common RESTful resource patterns
+    const resourcePatterns = [
+        /\/api\/v?\d*\/?(\w+)(?:\/|$)/i, // /api/v1/users or /api/users
+        /\/(\w+)(?:\/|$)/i, // /users
+    ];
+    for (const pattern of resourcePatterns) {
+        const match = path.match(pattern);
+        if (match) {
+            const resource = match[1].toLowerCase();
+            // Singularize common patterns
+            if (resource.endsWith("ies")) {
+                return resource.slice(0, -3) + "y";
+            }
+            // Handle words ending in "ses" like "addresses" -> "address"
+            if (resource.endsWith("ses") && resource.length > 4) {
+                return resource.slice(0, -2);
+            }
+            // Handle words ending in "es" like "boxes" -> "box", "statuses" -> "status"
+            if (resource.endsWith("xes") || resource.endsWith("ches") || resource.endsWith("shes")) {
+                return resource.slice(0, -2);
+            }
+            if (resource.endsWith("s") && !resource.endsWith("ss")) {
+                return resource.slice(0, -1);
+            }
+            return resource;
+        }
+    }
+    return undefined;
+}
+//# sourceMappingURL=endpoint-analyzer.js.map

package/dist/scanners/logic/endpoint-analyzer.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"endpoint-analyzer.js","sourceRoot":"","sources":["../../../src/scanners/logic/endpoint-analyzer.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAEH,OAAO,EAAE,QAAQ,EAAE,MAAM,aAAa,CAAC;AACvC,OAAO,EAAE,IAAI,EAAW,MAAM,MAAM,CAAC;AACrC,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,MAAM,EAAE,MAAM,iBAAiB,CAAC;AAUzC;;GAEG;AACH,MAAM,cAAc,GAQhB;IACF,MAAM,EAAE;QACN,iDAAiD;QACjD,EAAE,OAAO,EAAE,kFAAkF,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE;QAC9H,yCAAyC;QACzC,EAAE,OAAO,EAAE,8DAA8D,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE;KAC3G;IACD,OAAO,EAAE;QACP,4DAA4D;QAC5D,EAAE,OAAO,EAAE,8EAA8E,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;QACzH,2BAA2B;QAC3B,EAAE,OAAO,EAAE,kDAAkD,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC/F;IACD,OAAO,EAAE;QACP,gCAAgC;QAChC,EAAE,OAAO,EAAE,mEAAmE,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;QAC9G,iCAAiC;QACjC,EAAE,OAAO,EAAE,+GAA+G,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC3J;IACD,GAAG,EAAE;QACH,EAAE,OAAO,EAAE,kEAAkE,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC9G;IACD,IAAI,EAAE;QACJ,EAAE,OAAO,EAAE,+GAA+G,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC3J;IACD,MAAM,EAAE;QACN,sCAAsC;QACtC,EAAE,OAAO,EAAE,qEAAqE,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;QAChH,uBAAuB;QACvB,EAAE,OAAO,EAAE,+CAA+C,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC5F;IACD,MAAM,EAAE;QACN,uBAAuB;QACvB,EAAE,OAAO,EAAE,mCAAmC,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;QAC/E,6BAA6B;QAC7B,EAAE,OAAO,EAAE,iCAAiC,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,CAAC,EAAE;KAC9E;IACD,KAAK,EAAE;QACL,+CAA+C;QAC/C,EAAE,OAAO,EAAE,4FAA4F,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KACxI;IACD,OAAO,EAAE;QACP,oBAAoB;QACpB,EAAE,OAAO,EAAE,2EAA2E,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KACvH;IACD,KAAK,EAAE;QACL,uCAAuC;QACvC,EAAE,OAAO,EAAE,qDAAqD,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;QAChG,mBAAmB;QACnB,EAAE,OAAO,EAAE,uBAAuB,EAAE,WAAW,EAAE,CAAC,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KACpE;IACD,MAAM,EAAE;QACN,uBAAuB;QACvB,EAAE,OAAO,EAAE,6FAA6F,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;QACxI,8DAA8D;QAC9D,EAAE,OAAO,EAAE,iIAAiI,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC7K;IACD,OAAO,EAAE;QACP,qDAAqD;QACrD,EAAE,OAAO,EAAE,iEAAiE,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC7G;IACD,GAAG,EAAE;QACH,0BAA0B;QAC1B,EAAE,OAAO,EAAE,gEAAgE,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC5G;IACD,IAAI,EAAE;QACJ,0BAA0B;QAC1B,EAAE,OAAO,EAAE,6DAA6D,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KACzG;IACD,KAAK,EAAE;QACL,4BAA4B;QAC5B,EAAE,OAAO,EAAE,+DAA+D,EAAE,WAAW,EAAE,CAAC,EAAE,SAAS,EAAE,CAAC,EAAE;KAC3G;IACD,IAAI,EAAE,EAAE;CACT,CAAC;AAEF;;GAEG;AACH,MAAM,wBAAwB,GAAG;IAC/B,0BAA0B;IAC1B,cAAc;IACd,kBAAkB;IAClB,iBAAiB;IACjB,sBAAsB;IACtB,4BAA4B;IAC5B,YAAY;IACZ,WAAW;IACX,gCAAgC;IAChC,4BAA4B;IAC5B,sBAAsB;IACtB,kCAAkC;IAClC,gCAAgC;IAChC,WAAW;CACZ,CAAC;AAEF;;GAEG;AACH,MAAM,oBAAoB,GAGrB;IACH,EAAE,OAAO,EAAE,sDAAsD,EAAE,IAAI,EAAE,WAAW,EAAE;IACtF,EAAE,OAAO,EAAE,kDAAkD,EAAE,IAAI,EAAE,WAAW,EAAE;IAClF,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,WAAW,EAAE;IACvE,EAAE,OAAO,EAAE,kCAAkC,EAAE,IAAI,EAAE,YAAY,EAAE;IACnE,EAAE,OAAO,EAAE,sCAAsC,EAAE,IAAI,EAAE,OAAO,EAAE;IAClE,EAAE,OAAO,EAAE,gCAAgC,EAAE,IAAI,EAAE,OAAO,EAAE;IAC5D,EAAE,OAAO,EAAE,uCAAuC,EAAE,IAAI,EAAE,MAAM,EAAE;IAClE,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,MAAM,EAAE;IAC1C,EAAE,OAAO,EAAE,6CAA6C,EAAE,IAAI,EAAE,YAAY,EAAE;IAC9E,EAAE,OAAO,EAAE,2BAA2B,EAAE,IAAI,EAAE,YAAY,EAAE;IAC5D,EAAE,OAAO,EAAE,wCAAwC,EAAE,IAAI,EAAE,QAAQ,EAAE;CACtE,CAAC;AAEF;;GAEG;AACH,MAAM,kBAAkB,GAGnB;IACH,EAAE,OAAO,EAAE,iBAAiB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC9C,EAAE,OAAO,EAAE,kBAAkB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC/C,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,QAAQ,EAAE;IACjD,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAChD,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAChD,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAClD,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAChD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,QAAQ,EAAE;IACjD,EAAE,OAAO,EAAE,qBAAqB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAClD,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,mBAAmB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAChD,EAAE,OAAO,EAAE,oBAAoB,EAAE,IAAI,EAAE,QAAQ,EAAE;IACjD,EAAE,OAAO,EAAE,gBAAgB,EAAE,IAAI,EAAE,QAAQ,EAAE;IAC7C,EAAE,OAAO,EAAE,eAAe,EAAE,IAAI,EAAE,KAAK,EAAE;IACzC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,KAAK,EAAE;IACvC,EAAE,OAAO,EAAE,aAAa,EAAE,IAAI,EAAE,KAAK,EAAE;CACxC,CAAC;AAEF;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,MAAM,MAAM,GAAa,EAAE,CAAC;IAE5B,+BAA+B;IAC/B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC;IAC1C,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,gCAAgC;IAChC,MAAM,aAAa,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC/C,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAC3D,CAAC;IAED,6BAA6B;IAC7B,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,mBAAmB,CAAC,CAAC;IACpD,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC;IACrE,CAAC;IAED,uBAAuB;IACvB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,YAAY,CAAC,CAAC;IAC7C,IAAI,WAAW,EAAE,CAAC;QAChB,MAAM,CAAC,IAAI,CAAC,GAAG,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IACzD,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,eAAe,CAAC,WAAmB;IACvD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;QAClD,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACpD,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QACnC,MAAM,IAAI,GAAG,EAAE,GAAG,GAAG,CAAC,YAAY,EAAE,GAAG,GAAG,CAAC,eAAe,EAAE,CAAC;QAE7D,0BAA0B;QAC1B,IAAI,IAAI,CAAC,MAAM,CAAC;YAAE,OAAO,QAAQ,CAAC;QAClC,IAAI,IAAI,CAAC,cAAc,CAAC;YAAE,OAAO,QAAQ,CAAC;QAC1C,IAAI,IAAI,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;QACtC,IAAI,IAAI,CAAC,KAAK,CAAC;YAAE,OAAO,KAAK,CAAC;QAC9B,IAAI,IAAI,CAAC,YAAY,CAAC;YAAE,OAAO,MAAM,CAAC;QACtC,IAAI,IAAI,CAAC,SAAS,CAAC;YAAE,OAAO,SAAS,CAAC;QAEtC,4EAA4E;QAC5E,6BAA6B;QAC7B,IAAI,CAAC;YACH,MAAM,OAAO,GAAG,IAAI,CAAC,WAAW,EAAE,kBAAkB,CAAC,CAAC;YACtD,MAAM,UAAU,GAAG,MAAM,QAAQ,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;YACpD,IAAI,UAAU,CAAC,QAAQ,CAAC,SAAS,CAAC;gBAAE,OAAO,SAAS,CAAC;YACrD,IAAI,UAAU,CAAC,QAAQ,CAAC,OAAO,CAAC;gBAAE,OAAO,OAAO,CAAC;YACjD,IAAI,UAAU,CAAC,QAAQ,CAAC,QAAQ,CAAC;gBAAE,OAAO,QAAQ,CAAC;QACrD,CAAC;QAAC,MAAM,CAAC;YACP,sBAAsB;QACxB,CAAC;QAED,OAAO,MAAM,CAAC;IAChB,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC;IAChB,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,gBAAgB,CAAC,QAAgB;IACxC,iDAAiD;IACjD,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,iDAAiD,CAAC,CAAC;IACnF,IAAI,QAAQ,EAAE,CAAC;QACb,OAAO,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;IAC3B,CAAC;IAED,6CAA6C;IAC7C,MAAM,UAAU,GAAG,QAAQ,CAAC,KAAK,CAAC,4CAA4C,CAAC,CAAC;IAChF,IAAI,UAAU,EAAE,CAAC;QACf,OAAO,GAAG,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;IAC7B,CAAC;IAED,OAAO,EAAE,CAAC;AACZ,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAAe;IACxC,OAAO,wBAAwB,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AAC3E,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,OAAe,EAAE,QAAgB;IACxD,MAAM,MAAM,GAAyB,EAAE,CAAC;IACxC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,oBAAoB,EAAE,CAAC;YACrD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,kCAAkC;gBAClC,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEjE,MAAM,CAAC,IAAI,CAAC;oBACV,IAAI;oBACJ,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE;oBACzC,OAAO;oBACP,qBAAqB,EAAE,iBAAiB,CAAC,OAAO,EAAE,IAAI,CAAC;oBACvD,YAAY,EAAE,eAAe,CAAC,OAAO,EAAE,IAAI,CAAC;iBAC7C,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,OAAe,EAAE,IAAY;IACtD,mCAAmC;IACnC,MAAM,cAAc,GAAG;QACrB,cAAc,EAAqB,UAAU;QAC7C,uBAAuB,EAAW,aAAa;QAC/C,aAAa,EAAsB,gBAAgB;QACnD,cAAc,EAAqB,iBAAiB;QACpD,sCAAsC,EAAE,kBAAkB;QAC1D,qCAAqC,EAAG,iBAAiB;KAC1D,CAAC;IAEF,IAAI,IAAI,KAAK,WAAW,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACjD,OAAO,IAAI,CAAC,CAAC,uBAAuB;IACtC,CAAC;IAED,OAAO,cAAc,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACrD,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,OAAe,EAAE,IAAY;IACpD,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACjC,OAAO,+BAA+B,CAAC;IACzC,CAAC;IACD,IAAI,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,cAAc,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAChE,OAAO,yCAAyC,CAAC;IACnD,CAAC;IACD,IAAI,wBAAwB,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3C,OAAO,oCAAoC,CAAC;IAC9C,CAAC;IACD,IAAI,IAAI,KAAK,WAAW,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QACnD,OAAO,mDAAmD,CAAC;IAC7D,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,OAAe,EAAE,QAAgB;IACtD,MAAM,OAAO,GAAoB,EAAE,CAAC;IACpC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;IAElC,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QAEtB,KAAK,MAAM,EAAE,OAAO,EAAE,IAAI,EAAE,IAAI,kBAAkB,EAAE,CAAC;YACnD,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvB,cAAc;gBACd,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;gBACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAEjE,4BAA4B;gBAC5B,MAAM,UAAU,GAAG,OAAO,CAAC,KAAK,CAAC,4DAA4D,CAAC,CAAC;gBAE/F,OAAO,CAAC,IAAI,CAAC;oBACX,IAAI;oBACJ,KAAK,EAAE,UAAU,EAAE,CAAC,CAAC,CAAC;oBACtB,kBAAkB,EAAE,kBAAkB,CAAC,OAAO,CAAC;oBAC/C,QAAQ,EAAE,EAAE,IAAI,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE;oBACzC,OAAO;iBACR,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,OAAO,CAAC;AACjB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,OAAe;IACzC,MAAM,iBAAiB,GAAG;QACxB,6BAA6B;QAC7B,kCAAkC;QAClC,4BAA4B;QAC5B,gCAAgC;QAChC,sCAAsC;QACtC,4BAA4B;QAC5B,qBAAqB;QACrB,uBAAuB;KACxB,CAAC;IAEF,OAAO,iBAAiB,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;AACxD,CAAC;AAED;;GAEG;AACH,KAAK,UAAU,wBAAwB,CACrC,QAAgB,EAChB,SAAuB,EACvB,WAAmB;IAEnB,MAAM,OAAO,GAAG,MAAM,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;IAClD,MAAM,SAAS,GAAkB,EAAE,CAAC;IACpC,MAAM,gBAAgB,GAAG,QAAQ,CAAC,OAAO,CAAC,WAAW,GAAG,GAAG,EAAE,EAAE,CAAC,CAAC;IAEjE,uDAAuD;IACvD,IAAI,SAAS,KAAK,QAAQ,EAAE,CAAC;QAC3B,MAAM,OAAO,GAAG,gBAAgB,CAAC,gBAAgB,CAAC,CAAC;QACnD,IAAI,OAAO,EAAE,CAAC;YACZ,6BAA6B;YAC7B,MAAM,aAAa,GAAG,kFAAkF,CAAC;YACzG,IAAI,KAAK,CAAC;YACV,MAAM,OAAO,GAAiB,EAAE,CAAC;YAEjC,OAAO,CAAC,KAAK,GAAG,aAAa,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;gBACtD,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAgB,CAAC,CAAC;YACrD,CAAC;YAED,0EAA0E;YAC1E,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,IAAI,0CAA0C,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;gBACrF,OAAO,CAAC,IAAI,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,QAAQ,EAAE,OAAO,CAAC,CAAC;YACxD,CAAC;YAED,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACvB,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,gBAAgB;oBACtB,IAAI,EAAE,CAAC;oBACP,MAAM,EAAE,OAAO,CAAC,MAAM,KAAK,CAAC,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,OAAO;oBACnD,IAAI,EAAE,OAAO;oBACb,SAAS,EAAE,QAAQ;oBACnB,UAAU,EAAE,iBAAiB,CAAC,OAAO,CAAC;oBACtC,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC;oBACnC,WAAW,EAAE,eAAe,CAAC,OAAO,EAAE,gBAAgB,CAAC;oBACvD,WAAW,EAAE,kBAAkB,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBAC5E,SAAS,EAAE,aAAa,CAAC,OAAO,EAAE,gBAAgB,CAAC;iBACpD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QACD,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,kCAAkC;IAClC,MAAM,QAAQ,GAAG,cAAc,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IAEjD,KAAK,MAAM,EAAE,OAAO,EAAE,WAAW,EAAE,SAAS,EAAE,IAAI,QAAQ,EAAE,CAAC;QAC3D,IAAI,KAAK,CAAC;QACV,MAAM,KAAK,GAAG,IAAI,MAAM,CAAC,OAAO,CAAC,MAAM,EAAE,OAAO,CAAC,KAAK,CAAC,CAAC;QAExD,OAAO,CAAC,KAAK,GAAG,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;YAC9C,MAAM,MAAM,GAAG,WAAW,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,WAAW,CAAC,EAAE,WAAW,EAAgB,CAAC,CAAC,CAAC,KAAK,CAAC;YACzF,MAAM,IAAI,GAAG,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YAEnD,IAAI,IAAI,EAAE,CAAC;gBACT,uBAAuB;gBACvB,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAC9D,MAAM,IAAI,GAAG,WAAW,CAAC,MAAM,CAAC;gBAEhC,SAAS,CAAC,IAAI,CAAC;oBACb,IAAI,EAAE,gBAAgB;oBACtB,IAAI;oBACJ,MAAM;oBACN,IAAI;oBACJ,SAAS;oBACT,UAAU,EAAE,iBAAiB,CAAC,IAAI,CAAC;oBACnC,OAAO,EAAE,iBAAiB,CAAC,OAAO,CAAC;oBACnC,WAAW,EAAE,eAAe,CAAC,OAAO,EAAE,gBAAgB,CAAC;oBACvD,WAAW,EAAE,kBAAkB,CAAC,IAAI,CAAC,CAAC,EAAE,OAAO,EAAE,EAAE,EAAE,CAAC,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBAC5E,SAAS,EAAE,aAAa,CAAC,OAAO,EAAE,gBAAgB,CAAC;iBACpD,CAAC,CAAC;YACL,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,SAAS,iBAAiB,CAAC,SAAuB;IAChD,QAAQ,SAAS,EAAE,CAAC;QAClB,KAAK,QAAQ;YACX,OAAO;gBACL,qCAAqC;gBACrC,mCAAmC;aACpC,CAAC;QACJ,KAAK,SAAS,CAAC;QACf,KAAK,SAAS,CAAC;QACf,KAAK,KAAK,CAAC;QACX,KAAK,MAAM;YACT,OAAO;gBACL,wBAAwB;gBACxB,wBAAwB;gBACxB,qBAAqB;gBACrB,6BAA6B;aAC9B,CAAC;QACJ,KAAK,QAAQ;YACX,OAAO,CAAC,yBAAyB,CAAC,CAAC;QACrC,KAAK,QAAQ;YACX,OAAO,CAAC,aAAa,EAAE,YAAY,EAAE,gBAAgB,CAAC,CAAC;QACzD,KAAK,OAAO,CAAC;QACb,KAAK,SAAS;YACZ,OAAO,CAAC,mBAAmB,EAAE,oBAAoB,EAAE,gBAAgB,EAAE,gBAAgB,CAAC,CAAC;QACzF,KAAK,OAAO;YACV,OAAO,CAAC,cAAc,EAAE,wBAAwB,CAAC,CAAC;QACpD,KAAK,QAAQ;YACX,OAAO,CAAC,qBAAqB,EAAE,yBAAyB,CAAC,CAAC;QAC5D,KAAK,SAAS;YACZ,OAAO,CAAC,iBAAiB,EAAE,8BAA8B,CAAC,CAAC;QAC7D,KAAK,KAAK,CAAC;QACX,KAAK,MAAM,CAAC;QACZ,KAAK,OAAO;YACV,OAAO,CAAC,mBAAmB,EAAE,qBAAqB,EAAE,gBAAgB,CAAC,CAAC;QACxE;YACE,OAAO;gBACL,wBAAwB;gBACxB,uCAAuC;gBACvC,+CAA+C;aAChD,CAAC;IACN,CAAC;AACH,CAAC;AAED;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,gBAAgB,CACpC,WAAmB,EACnB,OAIC;IAED,MAAM,SAAS,GAAG,OAAO,EAAE,SAAS,IAAI,CAAC,MAAM,eAAe,CAAC,WAAW,CAAC,CAAC,CAAC;IAC7E,MAAM,cAAc,GAAG,OAAO,EAAE,OAAO,IAAI,iBAAiB,CAAC,SAAS,CAAC,CAAC;IACxE,MAAM,OAAO,GAAG,OAAO,EAAE,OAAO,IAAI,CAAC,oBAAoB,EAAE,YAAY,EAAE,aAAa,EAAE,aAAa,CAAC,CAAC;IAEvG,MAAM,CAAC,IAAI,CAAC,2BAA2B,EAAE,EAAE,WAAW,EAAE,SAAS,EAAE,QAAQ,EAAE,cAAc,EAAE,CAAC,CAAC;IAE/F,MAAM,SAAS,GAAkB,EAAE,CAAC;IAEpC,KAAK,MAAM,OAAO,IAAI,cAAc,EAAE,CAAC;QACrC,IAAI,CAAC;YACH,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,OAAO,EAAE;gBAChC,GAAG,EAAE,WAAW;gBAChB,MAAM,EAAE,OAAO;gBACf,QAAQ,EAAE,IAAI;aACf,CAAC,CAAC;YAEH,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;gBACzB,IAAI,CAAC;oBACH,MAAM,aAAa,GAAG,MAAM,wBAAwB,CAAC,IAAI,EAAE,SAAS,EAAE,WAAW,CAAC,CAAC;oBACnF,SAAS,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,CAAC;gBACnC,CAAC;gBAAC,OAAO,KAAK,EAAE,CAAC;oBACf,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,EAAE,IAAI,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;gBAC/E,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,MAAM,CAAC,KAAK,CAAC,8BAA8B,EAAE,EAAE,OAAO,EAAE,KAAK,EAAE,MAAM,CAAC,KAAK,CAAC,EAAE,CAAC,CAAC;QAClF,CAAC;IACH,CAAC;IAED,MAAM,CAAC,IAAI,CAAC,4BAA4B,EAAE,EAAE,SAAS,EAAE,SAAS,CAAC,MAAM,EAAE,CAAC,CAAC;IAE3E,OAAO,SAAS,CAAC;AACnB,CAAC;AAED;;GAEG;AACH,MAAM,UAAU,iBAAiB,CAAC,IAAY;IAC5C,mCAAmC;IACnC,MAAM,gBAAgB,GAAG;QACvB,+BAA+B,EAAI,8BAA8B;QACjE,kBAAkB,EAAkB,SAAS;KAC9C,CAAC;IAEF,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;QACvC,MAAM,KAAK,GAAG,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAClC,IAAI,KAAK,EAAE,CAAC;YACV,MAAM,QAAQ,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;YACxC,8BAA8B;YAC9B,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC7B,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,GAAG,CAAC;YACrC,CAAC;YACD,6DAA6D;YAC7D,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;gBACpD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,4EAA4E;YAC5E,IAAI,QAAQ,CAAC,QAAQ,CAAC,KAAK,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,IAAI,QAAQ,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;gBACvF,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,IAAI,QAAQ,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;gBACvD,OAAO,QAAQ,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;YAC/B,CAAC;YACD,OAAO,QAAQ,CAAC;QAClB,CAAC;IACH,CAAC;IAED,OAAO,SAAS,CAAC;AACnB,CAAC"}

package/dist/scanners/logic/index.d.ts

@@ -0,0 +1,41 @@
+/**
+ * Business Logic Scanner Module
+ *
+ * Detects BOLA, IDOR, BFLA, and other authorization vulnerabilities
+ * through static analysis of API endpoints.
+ *
+ * @module scanners/logic
+ */
+import type { Severity } from "../../certification/types.js";
+import type { LogicScanOptions, LogicScanResult, LogicVulnType } from "./types.js";
+export * from "./types.js";
+export { extractEndpoints, detectFramework, extractPathParams, inferResourceType, } from "./endpoint-analyzer.js";
+export { analyzeAuthorizationFlow, analyzeEndpoints, } from "./auth-flow-analyzer.js";
+/**
+ * Run logic vulnerability scan
+ */
+export declare function runLogicScan(projectPath: string, options?: LogicScanOptions): Promise<LogicScanResult>;
+/**
+ * Format logic scan results for display
+ */
+export declare function formatLogicResults(result: LogicScanResult): string;
+/**
+ * Get vulnerability description
+ */
+export declare function getVulnerabilityDescription(vulnType: LogicVulnType): {
+    name: string;
+    description: string;
+    cweIds: string[];
+    owaspRefs: string[];
+    severity: Severity;
+};
+/**
+ * Quick check for common authorization issues
+ */
+export declare function quickAuthCheck(projectPath: string): Promise<{
+    hasAuthMiddleware: boolean;
+    hasOwnershipChecks: boolean;
+    hasRoleChecks: boolean;
+    potentialIssues: string[];
+}>;
+//# sourceMappingURL=index.d.ts.map

package/dist/scanners/logic/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/logic/index.ts"],"names":[],"mappings":"AAAA;;;;;;;GAOG;AAGH,OAAO,KAAK,EAAE,QAAQ,EAAE,MAAM,8BAA8B,CAAC;AAC7D,OAAO,KAAK,EACV,gBAAgB,EAChB,eAAe,EAKf,aAAa,EACd,MAAM,YAAY,CAAC;AAkBpB,cAAc,YAAY,CAAC;AAG3B,OAAO,EACL,gBAAgB,EAChB,eAAe,EACf,iBAAiB,EACjB,iBAAiB,GAClB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,wBAAwB,EACxB,gBAAgB,GACjB,MAAM,yBAAyB,CAAC;AA0BjC;;GAEG;AACH,wBAAsB,YAAY,CAChC,WAAW,EAAE,MAAM,EACnB,OAAO,GAAE,gBAAqB,GAC7B,OAAO,CAAC,eAAe,CAAC,CAoG1B;AAED;;GAEG;AACH,wBAAgB,kBAAkB,CAAC,MAAM,EAAE,eAAe,GAAG,MAAM,CA8ElE;AAED;;GAEG;AACH,wBAAgB,2BAA2B,CAAC,QAAQ,EAAE,aAAa,GAAG;IACpE,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,EAAE,CAAC;IACjB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,QAAQ,EAAE,QAAQ,CAAC;CACpB,CAoCA;AAED;;GAEG;AACH,wBAAsB,cAAc,CAClC,WAAW,EAAE,MAAM,GAClB,OAAO,CAAC;IACT,iBAAiB,EAAE,OAAO,CAAC;IAC3B,kBAAkB,EAAE,OAAO,CAAC;IAC5B,aAAa,EAAE,OAAO,CAAC;IACvB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B,CAAC,CA8BD"}