verification-layer 0.24.4 → 0.25.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/README.md +42 -2
- package/dist/ai/cache.js +2 -2
- package/dist/ai/cache.js.map +1 -1
- package/dist/ai/config.d.ts +1 -1
- package/dist/ai/config.js +1 -1
- package/dist/ai/config.js.map +1 -1
- package/dist/ai/rules/prompts/audit-logging.js +1 -1
- package/dist/ai/rules/rule-runner.d.ts.map +1 -1
- package/dist/ai/rules/rule-runner.js.map +1 -1
- package/dist/ai/rules/triage.d.ts.map +1 -1
- package/dist/ai/rules/triage.js +1 -1
- package/dist/ai/rules/triage.js.map +1 -1
- package/dist/ai/scanner.d.ts.map +1 -1
- package/dist/ai/scanner.js +1 -1
- package/dist/ai/scanner.js.map +1 -1
- package/dist/cli.js +77 -13
- package/dist/cli.js.map +1 -1
- package/dist/exclusions.d.ts +13 -0
- package/dist/exclusions.d.ts.map +1 -0
- package/dist/exclusions.js +27 -0
- package/dist/exclusions.js.map +1 -0
- package/dist/index.d.ts +0 -2
- package/dist/index.d.ts.map +1 -1
- package/dist/index.js +0 -1
- package/dist/index.js.map +1 -1
- package/dist/marketplace/installer.d.ts.map +1 -1
- package/dist/marketplace/installer.js +3 -3
- package/dist/marketplace/installer.js.map +1 -1
- package/dist/marketplace/registry.d.ts.map +1 -1
- package/dist/marketplace/registry.js +3 -1
- package/dist/marketplace/registry.js.map +1 -1
- package/dist/reporters/auditor-report.d.ts +2 -1
- package/dist/reporters/auditor-report.d.ts.map +1 -1
- package/dist/reporters/auditor-report.js +203 -16
- package/dist/reporters/auditor-report.js.map +1 -1
- package/dist/reporters/branding.d.ts +39 -0
- package/dist/reporters/branding.d.ts.map +1 -0
- package/dist/reporters/branding.js +124 -0
- package/dist/reporters/branding.js.map +1 -0
- package/dist/reporters/finding-presentation.d.ts +74 -0
- package/dist/reporters/finding-presentation.d.ts.map +1 -0
- package/dist/reporters/finding-presentation.js +172 -0
- package/dist/reporters/finding-presentation.js.map +1 -0
- package/dist/reporters/index.d.ts.map +1 -1
- package/dist/reporters/index.js +50 -40
- package/dist/reporters/index.js.map +1 -1
- package/dist/reporters/scan-pdf-report.d.ts +23 -0
- package/dist/reporters/scan-pdf-report.d.ts.map +1 -0
- package/dist/reporters/scan-pdf-report.js +326 -0
- package/dist/reporters/scan-pdf-report.js.map +1 -0
- package/dist/scan.d.ts +11 -0
- package/dist/scan.d.ts.map +1 -1
- package/dist/scan.js +46 -1
- package/dist/scan.js.map +1 -1
- package/dist/scanners/api-security/index.js +2 -2
- package/dist/scanners/api-security/index.js.map +1 -1
- package/dist/scanners/authentication/index.d.ts.map +1 -1
- package/dist/scanners/authentication/index.js +32 -27
- package/dist/scanners/authentication/index.js.map +1 -1
- package/dist/scanners/configuration/index.js +2 -2
- package/dist/scanners/configuration/index.js.map +1 -1
- package/dist/scanners/credentials/index.d.ts.map +1 -1
- package/dist/scanners/credentials/index.js +9 -4
- package/dist/scanners/credentials/index.js.map +1 -1
- package/dist/scanners/credentials/index.test.js +3 -3
- package/dist/scanners/credentials/patterns.d.ts.map +1 -1
- package/dist/scanners/credentials/patterns.js +4 -4
- package/dist/scanners/credentials/patterns.js.map +1 -1
- package/dist/scanners/errors/index.js +2 -2
- package/dist/scanners/errors/index.js.map +1 -1
- package/dist/scanners/hipaa2026/index.d.ts.map +1 -1
- package/dist/scanners/hipaa2026/index.js +8 -20
- package/dist/scanners/hipaa2026/index.js.map +1 -1
- package/dist/scanners/hipaa2026/index.test.js +2 -2
- package/dist/scanners/hipaa2026/patterns.d.ts.map +1 -1
- package/dist/scanners/hipaa2026/patterns.js +18 -5
- package/dist/scanners/hipaa2026/patterns.js.map +1 -1
- package/dist/scanners/operational/index.d.ts.map +1 -1
- package/dist/scanners/operational/index.js +27 -27
- package/dist/scanners/operational/index.js.map +1 -1
- package/dist/scanners/rbac/index.js +2 -2
- package/dist/scanners/rbac/index.js.map +1 -1
- package/dist/scanners/rbac/index.test.js +3 -0
- package/dist/scanners/rbac/index.test.js.map +1 -1
- package/dist/scanners/rbac/patterns.d.ts.map +1 -1
- package/dist/scanners/rbac/patterns.js +10 -3
- package/dist/scanners/rbac/patterns.js.map +1 -1
- package/dist/scanners/revocation/index.js +2 -2
- package/dist/scanners/revocation/index.js.map +1 -1
- package/dist/scanners/sanitization/index.d.ts.map +1 -1
- package/dist/scanners/sanitization/index.js +2 -3
- package/dist/scanners/sanitization/index.js.map +1 -1
- package/dist/scanners/skills/index.js +1 -1
- package/dist/scanners/skills/index.js.map +1 -1
- package/dist/scanners/skills/patterns.js +3 -3
- package/dist/scanners/skills/patterns.js.map +1 -1
- package/dist/scanners/utils.d.ts +44 -0
- package/dist/scanners/utils.d.ts.map +1 -0
- package/dist/scanners/utils.js +77 -0
- package/dist/scanners/utils.js.map +1 -0
- package/dist/training/index.js +1 -1
- package/dist/training/index.js.map +1 -1
- package/dist/types.d.ts +38 -1
- package/dist/types.d.ts.map +1 -1
- package/dist/utils/scan-history.js +2 -2
- package/dist/utils/scan-history.js.map +1 -1
- package/package.json +2 -2
- package/dist/scan-code.d.ts +0 -12
- package/dist/scan-code.d.ts.map +0 -1
- package/dist/scan-code.js +0 -34
- package/dist/scan-code.js.map +0 -1
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"scan-pdf-report.js","sourceRoot":"","sources":["../../src/reporters/scan-pdf-report.ts"],"names":[],"mappings":"AAAA,OAAO,WAAW,MAAM,QAAQ,CAAC;AACjC,OAAO,EAAE,UAAU,EAAE,MAAM,QAAQ,CAAC;AAEpC,OAAO,EAAE,eAAe,EAAE,eAAe,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAC9E,OAAO,EACL,uBAAuB,EACvB,cAAc,EACd,yBAAyB,EACzB,oBAAoB,GAErB,MAAM,2BAA2B,CAAC;AAEnC,MAAM,MAAM,GAAG;IACb,OAAO,EAAE,SAAS;IAClB,WAAW,EAAE,SAAS;IACtB,IAAI,EAAE,SAAS;IACf,SAAS,EAAE,SAAS;IACpB,KAAK,EAAE,SAAS;IAChB,QAAQ,EAAE,SAAS;IACnB,IAAI,EAAE,SAAS;IACf,MAAM,EAAE,SAAS;IACjB,GAAG,EAAE,SAAS;IACd,IAAI,EAAE,SAAS;IACf,QAAQ,EAAE,SAAS;IACnB,UAAU,EAAE,SAAS;IACrB,MAAM,EAAE,SAAS;IACjB,KAAK,EAAE,SAAS;CACjB,CAAC;AAEF,MAAM,cAAc,GAA6B;IAC/C,QAAQ,EAAE,MAAM,CAAC,QAAQ;IACzB,IAAI,EAAE,MAAM,CAAC,IAAI;IACjB,MAAM,EAAE,MAAM,CAAC,MAAM;IACrB,GAAG,EAAE,MAAM,CAAC,GAAG;IACf,IAAI,EAAE,MAAM,CAAC,IAAI;CAClB,CAAC;AAUF;;;;;;;;;GASG;AACH,MAAM,UAAU,eAAe,CAC7B,MAAkB,EAClB,UAAkB,EAClB,UAAgC,EAAE;IAElC,OAAO,IAAI,OAAO,CAAC,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;QACrC,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC;QAClC,MAAM,UAAU,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC7C,MAAM,UAAU,GAAG,eAAe,CAAC,QAAQ,CAAC,CAAC;QAC7C,MAAM,QAAQ,GAAG,WAAW,CAAC,QAAQ,CAAC,CAAC;QAEvC,MAAM,GAAG,GAAG,IAAI,WAAW,CAAC;YAC1B,IAAI,EAAE,IAAI;YACV,OAAO,EAAE,EAAE,GAAG,EAAE,EAAE,EAAE,MAAM,EAAE,EAAE,EAAE,IAAI,EAAE,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE;YACrD,WAAW,EAAE,IAAI;YACjB,IAAI,EAAE;gBACJ,KAAK,EAAE,yBAAyB;gBAChC,MAAM,EAAE,UAAU;gBAClB,OAAO,EAAE,6BAA6B;gBACtC,OAAO,EAAE,mCAAmC;aAC7C;SACF,CAAC,CAAC;QAEH,MAAM,MAAM,GAAa,EAAE,CAAC;QAC5B,GAAG,CAAC,EAAE,CAAC,MAAM,EAAE,KAAK,CAAC,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;QAC5C,GAAG,CAAC,EAAE,CAAC,KAAK,EAAE,GAAG,EAAE;YACjB,MAAM,MAAM,GAAG,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACrC,MAAM,IAAI,GAAG,UAAU,CAAC,QAAQ,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;YAC/D,OAAO,CAAC,EAAE,MAAM,EAAE,IAAI,EAAE,CAAC,CAAC;QAC5B,CAAC,CAAC,CAAC;QACH,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;QAExB,MAAM,cAAc,GAAG,MAAM,CAAC,QAAQ,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,UAAU,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,CAAC;QAEnF,MAAM,EAAE,OAAO,EAAE,QAAQ,EAAE,WAAW,EAAE,GAAG,yBAAyB,CAAC,cAAc,CAAC,CAAC;QACrF,MAAM,QAAQ,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;QAEnD,IAAI,CAAC;YACH,MAAM,MAAM,GAAG,uBAAuB,CAAC,OAAO,CAAC,CAAC;YAChD,WAAW,CAAC,GAAG,EAAE,MAAM,EAAE,UAAU,EAAE,OAAO,EAAE,UAAU,EAAE,QAAQ,EAAE,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,MAAM,CAAC,CAAC;YAC7G,GAAG,CAAC,OAAO,EAAE,CAAC;YACd,cAAc,CAAC,GAAG,EAAE,MAAM,EAAE,OAAO,CAAC,MAAM,CAAC,CAAC;YAC5C,IAAI,QAAQ,CAAC,MAAM,GAAG,CAAC;gBAAE,qBAAqB,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;YAC9D,YAAY,CAAC,GAAG,EAAE,UAAU,CAAC,CAAC;YAC9B,GAAG,CAAC,GAAG,EAAE,CAAC;QACZ,CAAC;QAAC,OAAO,GAAG,EAAE,CAAC;YACb,MAAM,CAAC,GAAG,YAAY,KAAK,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QAC9D,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC;AAED,MAAM,UAAU,GAAG,CAAC,GAAuB,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,KAAK,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC;AAEhH,SAAS,WAAW,CAClB,GAAuB,EACvB,MAAkB,EAClB,UAAkB,EAClB,OAA6B,EAC7B,UAAkB,EAClB,QAAuB,EACvB,eAA0B,EAC1B,aAAqB,EACrB,aAAqB;IAErB,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IACnC,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAErC,cAAc;IACd,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC,EAAE,GAAG,CAAC,IAAI,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC;IAE7D,iFAAiF;IACjF,IAAI,QAAQ,EAAE,CAAC;QACb,IAAI,CAAC;YACH,GAAG,CAAC,KAAK,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,GAAG,EAAE,CAAC,GAAG,EAAE,EAAE,CAAC,EAAE,CAAC,CAAC;QACpD,CAAC;QAAC,MAAM,CAAC;YACP,4EAA4E;QAC9E,CAAC;IACH,CAAC;IAED,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC;SACxB,IAAI,CAAC,gBAAgB,CAAC;SACtB,QAAQ,CAAC,EAAE,CAAC;SACZ,IAAI,CAAC,yBAAyB,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;IAEvE,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC;SAClB,QAAQ,CAAC,EAAE,CAAC;SACZ,IAAI,CAAC,eAAe,UAAU,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;IAEzE,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACzB,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,YAAY,EAAE,IAAI,EAAE,GAAG,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;IAClF,CAAC;IAED,mBAAmB;IACnB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;IAC3B,MAAM,IAAI,GAAG,GAAG,CAAC;IACjB,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,CAAC;IAChE,GAAG,CAAC,IAAI,CAAC,IAAI,EAAE,IAAI,EAAE,YAAY,EAAE,GAAG,CAAC,CAAC,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;IAE9D,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC9D,IAAI,CAAC,qBAAqB,EAAE,IAAI,GAAG,EAAE,EAAE,IAAI,GAAG,EAAE,CAAC,CAAC;IAErD,MAAM,SAAS,GAA4B;QACzC,CAAC,cAAc,EAAE,UAAU,CAAC;QAC5B,CAAC,eAAe,EAAE,OAAO,CAAC,gBAAgB,IAAI,eAAe,CAAC;QAC9D,CAAC,mBAAmB,EAAE,IAAI,IAAI,EAAE,CAAC,cAAc,EAAE,CAAC;QAClD,CAAC,gBAAgB,EAAE,MAAM,CAAC,MAAM,CAAC,YAAY,CAAC,CAAC;KAChD,CAAC;IAEF,IAAI,CAAC,GAAG,IAAI,GAAG,EAAE,CAAC;IAClB,GAAG,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC;IACjB,KAAK,MAAM,CAAC,KAAK,EAAE,KAAK,CAAC,IAAI,SAAS,EAAE,CAAC;QACvC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,IAAI,CAAC,KAAK,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACtG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,IAAI,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,GAAG,EAAE,EAAE,CAAC,CAAC;QAC7F,CAAC,IAAI,EAAE,CAAC;IACV,CAAC;IAED,qBAAqB;IACrB,MAAM,MAAM,GAAG,GAAG,CAAC;IACnB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC9D,IAAI,CAAC,cAAc,EAAE,IAAI,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;IAC3C,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC3D,IAAI,CAAC,GAAG,eAAe,CAAC,MAAM,4BAA4B,aAAa,UAAU,EAAE,IAAI,GAAG,EAAE,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;IAC9G,IAAI,aAAa,GAAG,CAAC,EAAE,CAAC;QACtB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;aAClE,IAAI,CAAC,KAAK,aAAa,wBAAwB,aAAa,KAAK,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,GAAG,yBAAyB,EAAE,IAAI,GAAG,EAAE,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;IACrI,CAAC;IAED,MAAM,MAAM,GAAG,eAAe,CAAC,eAAe,CAAC,CAAC;IAChD,MAAM,KAAK,GAA2D;QACpE,EAAE,KAAK,EAAE,UAAU,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,QAAQ,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,QAAQ,EAAE;QAC7E,EAAE,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,IAAI,EAAE;QACjE,EAAE,KAAK,EAAE,QAAQ,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,MAAM,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE;QACvE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,MAAM,CAAC,MAAM,CAAC,GAAG,CAAC,EAAE,KAAK,EAAE,MAAM,CAAC,GAAG,EAAE;KAC/D,CAAC;IAEF,MAAM,GAAG,GAAG,EAAE,CAAC;IACf,MAAM,KAAK,GAAG,CAAC,YAAY,GAAG,GAAG,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC;IAC3C,MAAM,MAAM,GAAG,MAAM,GAAG,EAAE,CAAC;IAC3B,KAAK,CAAC,OAAO,CAAC,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE;QACxB,MAAM,CAAC,GAAG,IAAI,GAAG,CAAC,GAAG,CAAC,KAAK,GAAG,GAAG,CAAC,CAAC;QACnC,GAAG,CAAC,IAAI,CAAC,CAAC,EAAE,MAAM,EAAE,KAAK,EAAE,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QAChD,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;aAC5D,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,EAAE,MAAM,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QACvE,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;aAC/B,IAAI,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,EAAE,MAAM,GAAG,EAAE,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;IACzE,CAAC,CAAC,CAAC;IAEH,mBAAmB;IACnB,IAAI,MAAM,CAAC,eAAe,EAAE,CAAC;QAC3B,MAAM,KAAK,GAAG,MAAM,CAAC,eAAe,CAAC;QACrC,MAAM,MAAM,GAAG,MAAM,GAAG,GAAG,CAAC;QAC5B,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;aAC3D,IAAI,CAAC,qBAAqB,KAAK,CAAC,KAAK,gBAAgB,KAAK,CAAC,KAAK,GAAG,EAAE,IAAI,GAAG,EAAE,EAAE,MAAM,CAAC,CAAC;QAC3F,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;aAC3D,IAAI,CAAC,WAAW,KAAK,CAAC,MAAM,EAAE,EAAE,IAAI,GAAG,EAAE,EAAE,MAAM,GAAG,EAAE,CAAC,CAAC;IAC7D,CAAC;AACH,CAAC;AAED;;;;;GAKG;AACH,SAAS,cAAc,CAAC,GAAuB,EAAE,MAAuB,EAAE,YAAoB;IAC5F,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IACnC,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAErC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC9D,IAAI,CAAC,sBAAsB,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAC5D,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC3D,IAAI,CAAC,GAAG,YAAY,4BAA4B,MAAM,CAAC,MAAM,oDAAoD,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;IAC/I,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAElB,IAAI,MAAM,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QACxB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;aACtD,IAAI,CAAC,kCAAkC,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;QACrE,OAAO;IACT,CAAC;IAED,MAAM,IAAI,GAAG,IAAI,GAAG,EAAE,CAAC;IACvB,MAAM,IAAI,GAAG,YAAY,GAAG,EAAE,CAAC;IAE/B,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC3B,iBAAiB,CAAC,GAAG,EAAE,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;QAC3D,CAAC;aAAM,CAAC;YACN,kBAAkB,CAAC,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,YAAY,EAAE,IAAI,EAAE,IAAI,CAAC,CAAC;QAC7D,CAAC;IACH,CAAC;AACH,CAAC;AAED,sFAAsF;AACtF,SAAS,WAAW,CAAC,GAAuB,EAAE,MAAc;IAC1D,IAAI,GAAG,CAAC,CAAC,GAAG,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,EAAE,CAAC;QAC/D,GAAG,CAAC,OAAO,EAAE,CAAC;QACd,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;aAC9D,IAAI,CAAC,kCAAkC,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;QACzF,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IACpB,CAAC;AACH,CAAC;AAED,SAAS,aAAa,CAAC,GAAuB,EAAE,QAAkB,EAAE,CAAS,EAAE,CAAS,EAAE,KAAK,GAAG,EAAE;IAClG,MAAM,KAAK,GAAG,cAAc,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC;IACtD,GAAG,CAAC,WAAW,CAAC,CAAC,EAAE,CAAC,EAAE,KAAK,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAChD,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;SAC7D,IAAI,CAAC,QAAQ,CAAC,WAAW,EAAE,EAAE,CAAC,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;AACxE,CAAC;AAED,SAAS,iBAAiB,CAAC,GAAuB,EAAE,CAAU,EAAE,IAAY,EAAE,YAAoB;IAChG,MAAM,KAAK,GAAG,IAAI,GAAG,EAAE,CAAC;IACxB,MAAM,KAAK,GAAG,YAAY,GAAG,EAAE,CAAC;IAChC,MAAM,GAAG,GAAG,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;IAC7C,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IACnG,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IACrF,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;IAE/C,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;IAEhB,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC,CAAC;IACxC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;SAC7D,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAC7C,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;SACpD,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IACtF,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;SAC1D,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;IAEjD,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;IACnB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC;AACzG,CAAC;AAED,SAAS,kBAAkB,CACzB,GAAuB,EACvB,CAAgB,EAChB,IAAY,EACZ,YAAoB,EACpB,IAAY,EACZ,IAAY;IAEZ,4DAA4D;IAC5D,MAAM,UAAU,GAAG,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,QAAQ,CAAC,CAAC,OAAO,CAAC,MAAM,oCAAoC,CAAC;IACtH,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,UAAU,EAAE,EAAE,KAAK,EAAE,YAAY,GAAG,EAAE,EAAE,CAAC,CAAC;IACjH,WAAW,CAAC,GAAG,EAAE,IAAI,CAAC,GAAG,CAAC,OAAO,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;IAE7C,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;IACjB,aAAa,CAAC,GAAG,EAAE,CAAC,CAAC,QAAQ,EAAE,IAAI,EAAE,EAAE,CAAC,CAAC;IACzC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC3D,IAAI,CAAC,UAAU,EAAE,IAAI,GAAG,EAAE,EAAE,EAAE,EAAE,EAAE,KAAK,EAAE,YAAY,GAAG,EAAE,EAAE,CAAC,CAAC;IACjE,GAAG,CAAC,CAAC,GAAG,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,EAAE,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC;IAErC,uCAAuC;IACvC,KAAK,MAAM,CAAC,IAAI,CAAC,CAAC,OAAO,EAAE,CAAC;QAC1B,MAAM,KAAK,GAAG,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;QACzD,MAAM,GAAG,GAAG,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;QAC7C,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,cAAc,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAC1F,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QACzF,MAAM,OAAO,GAAG,MAAM,GAAG,IAAI,GAAG,CAAC,CAAC;QAElC,WAAW,CAAC,GAAG,EAAE,OAAO,GAAG,CAAC,CAAC,CAAC;QAC9B,MAAM,EAAE,GAAG,GAAG,CAAC,CAAC,CAAC;QACjB,GAAG,CAAC,SAAS,CAAC,cAAc,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;aAC1F,IAAI,CAAC,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,EAAE,KAAK,EAAE,IAAI,EAAE,EAAE,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;QACzE,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;aACvD,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;QAClC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;aAC1D,IAAI,CAAC,GAAG,EAAE,IAAI,GAAG,EAAE,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,IAAI,GAAG,EAAE,EAAE,CAAC,CAAC;QACzD,GAAG,CAAC,CAAC,GAAG,EAAE,GAAG,OAAO,CAAC;IACvB,CAAC;IAED,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,GAAG,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC;IAC/F,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AACpB,CAAC;AAED;;;;GAIG;AACH,SAAS,qBAAqB,CAAC,GAAuB,EAAE,QAAmB;IACzE,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC;IACnC,MAAM,YAAY,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;IAErC,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClB,WAAW,CAAC,GAAG,EAAE,GAAG,CAAC,CAAC;IACtB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,EAAE,CAAC;SAC/D,IAAI,CAAC,uBAAuB,EAAE,IAAI,EAAE,GAAG,CAAC,CAAC,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;IACvE,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;SACpE,IAAI,CAAC,yCAAyC,EAAE,EAAE,KAAK,EAAE,YAAY,EAAE,CAAC,CAAC;IAC5E,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAClB,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;SAC1D,IAAI,CACH,qMAAqM,EACrM,EAAE,KAAK,EAAE,YAAY,EAAE,CACxB,CAAC;IACJ,GAAG,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;IAElB,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,cAAc,CAAC,CAAC,CAAC,cAAc,CAAC,CAAC;QAC7C,MAAM,KAAK,GAAG,IAAI,GAAG,EAAE,CAAC;QACxB,MAAM,KAAK,GAAG,YAAY,GAAG,EAAE,CAAC;QAChC,MAAM,MAAM,GAAG,GAAG,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,cAAc,CAAC,CAAC,CAAC,KAAK,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACnG,MAAM,IAAI,GAAG,GAAG,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC,CAAC,cAAc,CAAC,GAAG,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACrF,MAAM,MAAM,GAAG,IAAI,CAAC,GAAG,CAAC,MAAM,GAAG,IAAI,GAAG,CAAC,EAAE,EAAE,CAAC,CAAC;QAE/C,WAAW,CAAC,GAAG,EAAE,MAAM,GAAG,CAAC,CAAC,CAAC;QAC7B,MAAM,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC;QAChB,GAAG,CAAC,WAAW,CAAC,IAAI,EAAE,CAAC,EAAE,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QAC1D,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC;aAC7D,IAAI,CAAC,UAAU,EAAE,IAAI,EAAE,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,EAAE,EAAE,KAAK,EAAE,QAAQ,EAAE,CAAC,CAAC;QACjE,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,gBAAgB,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC;aAC7D,IAAI,CAAC,CAAC,CAAC,KAAK,EAAE,KAAK,EAAE,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QAC7C,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,IAAI,CAAC,SAAS,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;aACpD,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,GAAG,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC,CAAC,EAAE,EAAE,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACtF,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;aAC1D,IAAI,CAAC,GAAG,EAAE,KAAK,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,CAAC,CAAC;QACjD,GAAG,CAAC,CAAC,GAAG,CAAC,GAAG,MAAM,CAAC;QACnB,GAAG,CAAC,MAAM,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,GAAG,YAAY,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC,MAAM,EAAE,CAAC;IACzG,CAAC;AACH,CAAC;AAED,oEAAoE;AACpE,SAAS,YAAY,CAAC,GAAuB,EAAE,UAAkB;IAC/D,MAAM,KAAK,GAAG,GAAG,CAAC,iBAAiB,EAAE,CAAC;IACtC,KAAK,IAAI,CAAC,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,GAAG,KAAK,CAAC,KAAK,GAAG,KAAK,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE,CAAC;QAC7D,GAAG,CAAC,YAAY,CAAC,CAAC,CAAC,CAAC;QACpB,yEAAyE;QACzE,qBAAqB;QACrB,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,MAAM,GAAG,CAAC,CAAC;QAE5B,MAAM,KAAK,GAAG,UAAU,CAAC,GAAG,CAAC,CAAC;QAC9B,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,MAAM,GAAG,EAAE,CAAC;QACrC,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC,IAAI,CAAC,WAAW,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;aAC1D,IAAI,CAAC,UAAU,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,EAAE,EAAE,KAAK,EAAE,KAAK,EAAE,QAAQ,EAAE,SAAS,EAAE,KAAK,EAAE,CAAC,CAAC;QAClG,GAAG,CAAC,SAAS,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;aACpC,IAAI,CAAC,QAAQ,CAAC,GAAG,KAAK,CAAC,KAAK,GAAG,CAAC,OAAO,KAAK,CAAC,KAAK,EAAE,EAAE,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,GAAG,EAAE,EAAE;YAC1F,KAAK;YACL,KAAK,EAAE,QAAQ;YACf,SAAS,EAAE,KAAK;SACjB,CAAC,CAAC;IACP,CAAC;AACH,CAAC;AAED,SAAS,eAAe,CAAC,QAAmB;IAC1C,MAAM,MAAM,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IACpE,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;IACrD,CAAC;IACD,OAAO,MAAM,CAAC;AAChB,CAAC"}
|
package/dist/scan.d.ts
CHANGED
|
@@ -1,5 +1,16 @@
|
|
|
1
1
|
import type { ScanOptions, ScanResult, Finding, GroupedFinding } from './types.js';
|
|
2
2
|
export declare function scan(options: ScanOptions): Promise<ScanResult>;
|
|
3
|
+
/**
|
|
4
|
+
* Remove exact-duplicate findings, keyed by ruleId + file + line + normalized
|
|
5
|
+
* snippet. Two findings that share all four are the same real issue surfaced
|
|
6
|
+
* twice (e.g. a scanner that runs under more than one category). The first
|
|
7
|
+
* occurrence is kept; order is preserved.
|
|
8
|
+
*
|
|
9
|
+
* Runs in the results pipeline BEFORE grouping so it applies uniformly to every
|
|
10
|
+
* output format. Aggregate/virtual findings (project-level, ASSET-INVENTORY,
|
|
11
|
+
* PHI-FLOW-MAP) are already deduped upstream and pass through unchanged here.
|
|
12
|
+
*/
|
|
13
|
+
export declare function dedupeFindings(findings: Finding[]): Finding[];
|
|
3
14
|
/**
|
|
4
15
|
* Group findings by severity + normalized title into deduplicated entries with occurrence lists.
|
|
5
16
|
* This collapses all occurrences of the same violation type into one row.
|
package/dist/scan.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,OAAO,EAA0C,cAAc,EAAE,MAAM,YAAY,CAAC;
|
|
1
|
+
{"version":3,"file":"scan.d.ts","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,WAAW,EAAE,UAAU,EAAE,OAAO,EAA0C,cAAc,EAAE,MAAM,YAAY,CAAC;AAyD3H,wBAAsB,IAAI,CAAC,OAAO,EAAE,WAAW,GAAG,OAAO,CAAC,UAAU,CAAC,CAsQpE;AAaD;;;;;;;;;GASG;AACH,wBAAgB,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,OAAO,EAAE,CAY7D;AAED;;;GAGG;AACH,wBAAgB,aAAa,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,cAAc,EAAE,CAiDnE"}
|
package/dist/scan.js
CHANGED
|
@@ -27,6 +27,7 @@ import { batchAnalyzeSemanticContext } from './semantic-analysis.js';
|
|
|
27
27
|
import { calculateComplianceScore } from './compliance-score.js';
|
|
28
28
|
import { triageExistingFindings } from './ai/scanner.js';
|
|
29
29
|
import { isAIAvailable } from './ai/client.js';
|
|
30
|
+
import { DEFAULT_VLAYER_OUTPUT_EXCLUDES } from './exclusions.js';
|
|
30
31
|
import * as fs from 'fs/promises';
|
|
31
32
|
const ALL_CATEGORIES = [
|
|
32
33
|
'phi-exposure',
|
|
@@ -64,8 +65,14 @@ export async function scan(options) {
|
|
|
64
65
|
'**/.git/**',
|
|
65
66
|
'**/coverage/**',
|
|
66
67
|
];
|
|
68
|
+
// Exclude vlayer's own generated outputs by default so the scanner never
|
|
69
|
+
// re-reads (and re-flags) its own reports/baseline. Opt out via
|
|
70
|
+
// `--include-own-artifacts` (CLI) or `includeOwnArtifacts: true` (config).
|
|
71
|
+
const includeOwnArtifacts = options.includeOwnArtifacts ?? config.includeOwnArtifacts ?? false;
|
|
72
|
+
const ownArtifactExcludes = includeOwnArtifacts ? [] : [...DEFAULT_VLAYER_OUTPUT_EXCLUDES];
|
|
67
73
|
const excludePatterns = [
|
|
68
74
|
...defaultExclude,
|
|
75
|
+
...ownArtifactExcludes,
|
|
69
76
|
...(options.exclude ?? []),
|
|
70
77
|
...(config.exclude ?? []),
|
|
71
78
|
];
|
|
@@ -240,13 +247,18 @@ export async function scan(options) {
|
|
|
240
247
|
return f;
|
|
241
248
|
});
|
|
242
249
|
}
|
|
250
|
+
// Collapse exact-duplicate findings (e.g. a scanner registered under two
|
|
251
|
+
// categories firing twice on the same line) BEFORE grouping, so every output
|
|
252
|
+
// format — terminal, JSON, HTML, PDF — sees one entry per real finding.
|
|
253
|
+
const rawFindingCount = processedFindings.length;
|
|
254
|
+
processedFindings = dedupeFindings(processedFindings);
|
|
243
255
|
// Group findings by rule ID + severity
|
|
244
256
|
const groupedFindings = groupFindings(processedFindings);
|
|
245
257
|
// Calculate compliance score
|
|
246
258
|
const result = {
|
|
247
259
|
findings: processedFindings,
|
|
248
260
|
groupedFindings,
|
|
249
|
-
rawFindingsCount:
|
|
261
|
+
rawFindingsCount: rawFindingCount,
|
|
250
262
|
scannedFiles: normalFiles.length,
|
|
251
263
|
scanDuration: Date.now() - startTime,
|
|
252
264
|
stack,
|
|
@@ -257,6 +269,39 @@ export async function scan(options) {
|
|
|
257
269
|
complianceScore,
|
|
258
270
|
};
|
|
259
271
|
}
|
|
272
|
+
/**
|
|
273
|
+
* Normalize a finding's code snippet for dedupe comparison: take the matched
|
|
274
|
+
* context line(s) (or fall back to none), lowercase, trim, collapse whitespace.
|
|
275
|
+
*/
|
|
276
|
+
function normalizeSnippet(finding) {
|
|
277
|
+
if (!finding.context || finding.context.length === 0)
|
|
278
|
+
return '';
|
|
279
|
+
return finding.context
|
|
280
|
+
.map(c => c.content.trim().toLowerCase().replace(/\s+/g, ' '))
|
|
281
|
+
.join('\n');
|
|
282
|
+
}
|
|
283
|
+
/**
|
|
284
|
+
* Remove exact-duplicate findings, keyed by ruleId + file + line + normalized
|
|
285
|
+
* snippet. Two findings that share all four are the same real issue surfaced
|
|
286
|
+
* twice (e.g. a scanner that runs under more than one category). The first
|
|
287
|
+
* occurrence is kept; order is preserved.
|
|
288
|
+
*
|
|
289
|
+
* Runs in the results pipeline BEFORE grouping so it applies uniformly to every
|
|
290
|
+
* output format. Aggregate/virtual findings (project-level, ASSET-INVENTORY,
|
|
291
|
+
* PHI-FLOW-MAP) are already deduped upstream and pass through unchanged here.
|
|
292
|
+
*/
|
|
293
|
+
export function dedupeFindings(findings) {
|
|
294
|
+
const seen = new Set();
|
|
295
|
+
const result = [];
|
|
296
|
+
for (const f of findings) {
|
|
297
|
+
const key = `${f.id}||${f.file}||${f.line ?? ''}||${normalizeSnippet(f)}`;
|
|
298
|
+
if (seen.has(key))
|
|
299
|
+
continue;
|
|
300
|
+
seen.add(key);
|
|
301
|
+
result.push(f);
|
|
302
|
+
}
|
|
303
|
+
return result;
|
|
304
|
+
}
|
|
260
305
|
/**
|
|
261
306
|
* Group findings by severity + normalized title into deduplicated entries with occurrence lists.
|
|
262
307
|
* This collapses all occurrences of the same violation type into one row.
|
package/dist/scan.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAC3E,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAC7E,OAAO,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACnE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,cAAc,GAAyB;IAC3C,cAAc;IACd,YAAY;IACZ,eAAe;IACf,gBAAgB;IAChB,gBAAgB;CACjB,CAAC;AAEF,MAAM,QAAQ,GAAwC;IACpD,cAAc,EAAE,UAAU;IAC1B,YAAY,EAAE,iBAAiB;IAC/B,eAAe,EAAE,YAAY;IAC7B,gBAAgB,EAAE,aAAa;IAC/B,gBAAgB,EAAE,gBAAgB;CACnC,CAAC;AAEF,wDAAwD;AACxD,MAAM,kBAAkB,GAAmD;IACzE,gBAAgB,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,WAAW,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,EAAE,kIAAkI;IACxS,YAAY,EAAE,CAAC,kBAAkB,CAAC,EAAE,2CAA2C;IAC/E,eAAe,EAAE,CAAC,aAAa,EAAE,oBAAoB,CAAC,EAAE,2DAA2D;IACnH,cAAc,EAAE,CAAC,aAAa,CAAC,EAAE,6CAA6C;IAC9E,gBAAgB,EAAE,CAAC,kBAAkB,CAAC,EAAE,+CAA+C;CACxF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,OAAoB;IAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,qBAAqB;IACrB,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IAClE,MAAM,iBAAiB,GAAG,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC;IAEjD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,MAAM,CAAC,UAAU,IAAI,cAAc,CAAC;IAE7E,wBAAwB;IACxB,MAAM,cAAc,GAAG;QACrB,oBAAoB;QACpB,YAAY;QACZ,aAAa;QACb,YAAY;QACZ,gBAAgB;KACjB,CAAC;IAEF,MAAM,eAAe,GAAG;QACtB,GAAG,cAAc;QACjB,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC;QAC1B,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC;KAC1B,CAAC;IAEF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE;QAC/B,GAAG,EAAE,OAAO,CAAC,IAAI;QACjB,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,eAAe;QACvB,QAAQ,EAAE,IAAI;KACf,CAAC,CAAC;IAEH,uCAAuC;IACvC,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IAEnE,8DAA8D;IAC9D,MAAM,UAAU,GAAG,EAAE,CAAC;IACtB,MAAM,aAAa,GAAG,SAAS,CAAC,CAAC,MAAM;IAEvC,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CACjC,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC9B,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CACH,CAAC;IAEF,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACpF,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC;IAC3D,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,CAAC,KAAK,CAAC,qBAAqB,YAAY,0BAA0B,CAAC,CAAC;IAC7E,CAAC;IAED,2CAA2C;IAC3C,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,eAAe,CACtE,OAAO,CAAC,IAAI,EACZ,MAAM,CAAC,eAAe,CACvB,CAAC;IAEF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,qBAAqB,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC;YACjE,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBAClB,OAAO,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;IAErE,KAAK,IAAI,QAAQ,GAAG,CAAC,EAAE,QAAQ,GAAG,YAAY,EAAE,QAAQ,EAAE,EAAE,CAAC;QAC3D,MAAM,UAAU,GAAG,QAAQ,GAAG,UAAU,CAAC;QACzC,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAAC,CAAC;QAE1E,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,KAAK,CAAC,6BAA6B,QAAQ,GAAG,CAAC,IAAI,YAAY,KAAK,UAAU,CAAC,MAAM,YAAY,CAAC,CAAC;QAC7G,CAAC;QAED,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;YAClC,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,gBAAgB,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;gBAC3E,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAC;YACrC,CAAC;YAED,MAAM,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAChD,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,MAAM,YAAY,IAAI,UAAU,EAAE,CAAC;oBACtC,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;oBAC7E,QAAQ,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,cAAc,GAAG,MAAM,mBAAmB,CAAC,UAAU,EAAE,iBAAiB,EAAE,WAAW,CAAC,CAAC;YAC7F,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;QACnC,CAAC;QAED,0BAA0B;QAC1B,IAAI,UAAU,CAAC,EAAE,EAAE,CAAC;YAClB,UAAU,CAAC,EAAE,EAAE,CAAC;QAClB,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,eAAe,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAC,CAAC;IACrF,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC3C,MAAM,oBAAoB,GAAc,EAAE,CAAC;IAE3C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAAE,SAAS;YACzC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;QACD,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED,6CAA6C;IAC7C,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IACpB,QAAQ,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,CAAC;IAEvC,4BAA4B;IAC5B,MAAM,aAAa,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAC3E,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAE/E,uBAAuB;IACvB,MAAM,aAAa,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACtD,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,aAAa,CAAC,CAAC;IAC7D,MAAM,oBAAoB,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IAE5D,MAAM,KAAK,GAAc;QACvB,SAAS,EAAE,aAAa,CAAC,SAAS;QAClC,QAAQ,EAAE,aAAa,CAAC,QAAQ;QAChC,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,gBAAgB,EAAE,iBAAiB,CAAC,SAAS;QAC7C,eAAe,EAAE,iBAAiB,CAAC,QAAQ;QAC3C,WAAW,EAAE,iBAAiB,CAAC,IAAI;QACnC,eAAe,EAAE,oBAAoB;KACtC,CAAC;IAEF,2CAA2C;IAC3C,IAAI,iBAAiB,GAAG,oBAAoB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAE/D,4BAA4B;IAC5B,iBAAiB,GAAG,MAAM,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;IAErE,yDAAyD;IACzD,MAAM,gBAAgB,GAAG,MAAM,2BAA2B,CACxD,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAC5E,CAAC;IAEF,iBAAiB,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE;QAC3D,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAExC,wDAAwD;QACxD,MAAM,YAAY,GAAG,OAAO,CAAC,yBAAyB,KAAK,KAAK,CAAC,CAAC,kBAAkB;QAEpF,6EAA6E;QAC7E,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,YAAY,EAAE,CAAC;YACxC,OAAO;gBACL,GAAG,OAAO;gBACV,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;IAEH,2CAA2C;IAC3C,IAAI,MAAM,CAAC,EAAE,EAAE,YAAY,KAAK,KAAK,IAAI,aAAa,EAAE,EAAE,CAAC;QACzD,IAAI,CAAC;YACH,6DAA6D;YAC7D,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;YAC/C,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;iBACjE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAEvC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACjC,IAAI,IAAI,CAAC,IAAI,GAAG,aAAa;wBAAE,SAAS,CAAC,mBAAmB;oBAC5D,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBACjD,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBAClC,CAAC;gBAAC,MAAM,CAAC;oBACP,gCAAgC;gBAClC,CAAC;YACH,CAAC;YAED,MAAM,eAAe,GAAG,MAAM,sBAAsB,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;YAEtF,yDAAyD;YACzD,IAAI,MAAM,CAAC,EAAE,EAAE,oBAAoB,KAAK,KAAK,EAAE,CAAC;gBAC9C,iBAAiB,GAAG,eAAe,CAAC,MAAM,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,KAAK,gBAAgB,CAC7C,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,+BAA+B;gBAC/B,iBAAiB,GAAG,eAAe,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,oDAAoD;YACpD,OAAO,CAAC,IAAI,CAAC,mBAAmB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QAC9F,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,IAAI,QAAQ,EAAE,CAAC;YACb,iBAAiB,GAAG,aAAa,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACvD,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACxD,iBAAiB,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC5C,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,IAAI,MAAM,CAAC,CAAC;YACvD,iFAAiF;YACjF,IAAI,MAAM,GAAG,QAAQ,EAAE,CAAC;gBACtB,OAAO,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;YACpC,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC,CAAC,CAAC;IACL,CAAC;IAED,uCAAuC;IACvC,MAAM,eAAe,GAAG,aAAa,CAAC,iBAAiB,CAAC,CAAC;IAEzD,6BAA6B;IAC7B,MAAM,MAAM,GAAG;QACb,QAAQ,EAAE,iBAAiB;QAC3B,eAAe;QACf,gBAAgB,EAAE,iBAAiB,CAAC,MAAM;QAC1C,YAAY,EAAE,WAAW,CAAC,MAAM;QAChC,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;QACpC,KAAK;KACN,CAAC;IAEF,MAAM,eAAe,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;IAEzD,OAAO;QACL,GAAG,MAAM;QACT,eAAe;KAChB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,QAAmB;IAC/C,MAAM,MAAM,GAAG,IAAI,GAAG,EAA0B,CAAC;IACjD,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAEnG,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,wDAAwD;QACxD,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,eAAe,EAAE,CAAC;QAEhD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,gGAAgG;YAChG,uFAAuF;YACvF,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE;gBACd,EAAE,EAAE,OAAO;gBACX,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,eAAe,EAAE,CAAC;gBAClB,SAAS,EAAE,CAAC;gBACZ,QAAQ,EAAE,EAAE;gBACZ,WAAW,EAAE,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;QAC/B,KAAK,CAAC,eAAe,EAAE,CAAC;QACxB,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QACpC,KAAK,CAAC,SAAS,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QACnE,kEAAkE;QAClE,MAAM,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;QACpC,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;YACpC,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC;gBAAE,SAAS;YACtC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACxB,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACzB,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC;gBAAE,MAAM;QACxC,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAC9E,CAAC;AACJ,CAAC"}
|
|
1
|
+
{"version":3,"file":"scan.js","sourceRoot":"","sources":["../src/scan.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAE5B,OAAO,EAAE,UAAU,EAAE,aAAa,EAAE,MAAM,aAAa,CAAC;AACxD,OAAO,EAAE,UAAU,EAAE,MAAM,yBAAyB,CAAC;AACrD,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACnE,OAAO,EAAE,YAAY,EAAE,MAAM,2BAA2B,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,eAAe,EAAE,MAAM,8BAA8B,CAAC;AAC/D,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,qBAAqB,EAAE,MAAM,oCAAoC,CAAC;AAC3E,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,aAAa,EAAE,MAAM,4BAA4B,CAAC;AAC3D,OAAO,EAAE,mBAAmB,EAAE,MAAM,kCAAkC,CAAC;AACvE,OAAO,EAAE,iBAAiB,EAAE,MAAM,gCAAgC,CAAC;AACnE,OAAO,EAAE,oBAAoB,EAAE,MAAM,mCAAmC,CAAC;AACzE,OAAO,EAAE,kBAAkB,EAAE,MAAM,kCAAkC,CAAC;AACtE,OAAO,EAAE,kBAAkB,EAAE,MAAM,iCAAiC,CAAC;AACrE,OAAO,EAAE,WAAW,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAC7E,OAAO,EAAE,eAAe,EAAE,MAAM,kCAAkC,CAAC;AACnE,OAAO,EAAE,eAAe,EAAE,mBAAmB,EAAE,MAAM,kBAAkB,CAAC;AACxE,OAAO,EAAE,oBAAoB,EAAE,MAAM,sBAAsB,CAAC;AAC5D,OAAO,EAAE,uBAAuB,EAAE,MAAM,kBAAkB,CAAC;AAC3D,OAAO,EAAE,YAAY,EAAE,aAAa,EAAE,MAAM,eAAe,CAAC;AAC5D,OAAO,EAAE,2BAA2B,EAAE,MAAM,wBAAwB,CAAC;AACrE,OAAO,EAAE,wBAAwB,EAAE,MAAM,uBAAuB,CAAC;AACjE,OAAO,EAAE,sBAAsB,EAAE,MAAM,iBAAiB,CAAC;AACzD,OAAO,EAAE,aAAa,EAAE,MAAM,gBAAgB,CAAC;AAC/C,OAAO,EAAE,8BAA8B,EAAE,MAAM,iBAAiB,CAAC;AACjE,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,cAAc,GAAyB;IAC3C,cAAc;IACd,YAAY;IACZ,eAAe;IACf,gBAAgB;IAChB,gBAAgB;CACjB,CAAC;AAEF,MAAM,QAAQ,GAAwC;IACpD,cAAc,EAAE,UAAU;IAC1B,YAAY,EAAE,iBAAiB;IAC/B,eAAe,EAAE,YAAY;IAC7B,gBAAgB,EAAE,aAAa;IAC/B,gBAAgB,EAAE,gBAAgB;CACnC,CAAC;AAEF,wDAAwD;AACxD,MAAM,kBAAkB,GAAmD;IACzE,gBAAgB,EAAE,CAAC,eAAe,EAAE,aAAa,EAAE,gBAAgB,EAAE,qBAAqB,EAAE,WAAW,EAAE,mBAAmB,EAAE,iBAAiB,EAAE,kBAAkB,CAAC,EAAE,kIAAkI;IACxS,YAAY,EAAE,CAAC,kBAAkB,CAAC,EAAE,2CAA2C;IAC/E,eAAe,EAAE,CAAC,aAAa,EAAE,oBAAoB,CAAC,EAAE,2DAA2D;IACnH,cAAc,EAAE,CAAC,aAAa,CAAC,EAAE,6CAA6C;IAC9E,gBAAgB,EAAE,CAAC,kBAAkB,CAAC,EAAE,+CAA+C;CACxF,CAAC;AAEF,MAAM,CAAC,KAAK,UAAU,IAAI,CAAC,OAAoB;IAC7C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAE7B,qBAAqB;IACrB,MAAM,MAAM,GAAG,MAAM,UAAU,CAAC,OAAO,CAAC,IAAI,EAAE,OAAO,CAAC,UAAU,CAAC,CAAC;IAClE,MAAM,iBAAiB,GAAG,EAAE,GAAG,OAAO,EAAE,MAAM,EAAE,CAAC;IAEjD,MAAM,UAAU,GAAG,OAAO,CAAC,UAAU,IAAI,MAAM,CAAC,UAAU,IAAI,cAAc,CAAC;IAE7E,wBAAwB;IACxB,MAAM,cAAc,GAAG;QACrB,oBAAoB;QACpB,YAAY;QACZ,aAAa;QACb,YAAY;QACZ,gBAAgB;KACjB,CAAC;IAEF,yEAAyE;IACzE,gEAAgE;IAChE,2EAA2E;IAC3E,MAAM,mBAAmB,GAAG,OAAO,CAAC,mBAAmB,IAAI,MAAM,CAAC,mBAAmB,IAAI,KAAK,CAAC;IAC/F,MAAM,mBAAmB,GAAG,mBAAmB,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,GAAG,8BAA8B,CAAC,CAAC;IAE3F,MAAM,eAAe,GAAG;QACtB,GAAG,cAAc;QACjB,GAAG,mBAAmB;QACtB,GAAG,CAAC,OAAO,CAAC,OAAO,IAAI,EAAE,CAAC;QAC1B,GAAG,CAAC,MAAM,CAAC,OAAO,IAAI,EAAE,CAAC;KAC1B,CAAC;IAEF,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,MAAM,EAAE;QAC/B,GAAG,EAAE,OAAO,CAAC,IAAI;QACjB,KAAK,EAAE,IAAI;QACX,MAAM,EAAE,eAAe;QACvB,QAAQ,EAAE,IAAI;KACf,CAAC,CAAC;IAEH,uCAAuC;IACvC,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,EAAE,MAAM,CAAC,CAAC,CAAC;IAEnE,8DAA8D;IAC9D,MAAM,UAAU,GAAG,EAAE,CAAC;IACtB,MAAM,aAAa,GAAG,SAAS,CAAC,CAAC,MAAM;IAEvC,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,GAAG,CACjC,aAAa,CAAC,GAAG,CAAC,KAAK,EAAE,CAAC,EAAE,EAAE;QAC5B,IAAI,CAAC;YACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;YAC9B,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,IAAI,CAAC,IAAI,EAAE,CAAC;QACtC,CAAC;QAAC,MAAM,CAAC;YACP,OAAO,EAAE,IAAI,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;QAC9B,CAAC;IACH,CAAC,CAAC,CACH,CAAC;IAEF,MAAM,WAAW,GAAG,SAAS,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,IAAI,aAAa,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC;IACpF,MAAM,YAAY,GAAG,SAAS,CAAC,MAAM,GAAG,WAAW,CAAC,MAAM,CAAC;IAC3D,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;QACrB,OAAO,CAAC,KAAK,CAAC,qBAAqB,YAAY,0BAA0B,CAAC,CAAC;IAC7E,CAAC;IAED,2CAA2C;IAC3C,MAAM,EAAE,KAAK,EAAE,WAAW,EAAE,MAAM,EAAE,UAAU,EAAE,GAAG,MAAM,eAAe,CACtE,OAAO,CAAC,IAAI,EACZ,MAAM,CAAC,eAAe,CACvB,CAAC;IAEF,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC1B,KAAK,MAAM,KAAK,IAAI,UAAU,EAAE,CAAC;YAC/B,OAAO,CAAC,IAAI,CAAC,qBAAqB,KAAK,CAAC,KAAK,KAAK,KAAK,CAAC,IAAI,GAAG,CAAC,CAAC;YACjE,IAAI,KAAK,CAAC,OAAO,EAAE,CAAC;gBAClB,OAAO,CAAC,IAAI,CAAC,YAAY,KAAK,CAAC,OAAO,EAAE,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,MAAM,QAAQ,GAAc,EAAE,CAAC;IAC/B,MAAM,YAAY,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,CAAC,MAAM,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;IAErE,KAAK,IAAI,QAAQ,GAAG,CAAC,EAAE,QAAQ,GAAG,YAAY,EAAE,QAAQ,EAAE,EAAE,CAAC;QAC3D,MAAM,UAAU,GAAG,QAAQ,GAAG,UAAU,CAAC;QACzC,MAAM,UAAU,GAAG,WAAW,CAAC,KAAK,CAAC,UAAU,EAAE,UAAU,GAAG,UAAU,CAAC,CAAC;QAE1E,IAAI,YAAY,GAAG,CAAC,EAAE,CAAC;YACrB,OAAO,CAAC,KAAK,CAAC,6BAA6B,QAAQ,GAAG,CAAC,IAAI,YAAY,KAAK,UAAU,CAAC,MAAM,YAAY,CAAC,CAAC;QAC7G,CAAC;QAED,KAAK,MAAM,QAAQ,IAAI,UAAU,EAAE,CAAC;YAClC,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,CAAC;YACnC,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,gBAAgB,GAAG,MAAM,OAAO,CAAC,IAAI,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;gBAC3E,QAAQ,CAAC,IAAI,CAAC,GAAG,gBAAgB,CAAC,CAAC;YACrC,CAAC;YAED,MAAM,UAAU,GAAG,kBAAkB,CAAC,QAAQ,CAAC,CAAC;YAChD,IAAI,UAAU,EAAE,CAAC;gBACf,KAAK,MAAM,YAAY,IAAI,UAAU,EAAE,CAAC;oBACtC,MAAM,aAAa,GAAG,MAAM,YAAY,CAAC,IAAI,CAAC,UAAU,EAAE,iBAAiB,CAAC,CAAC;oBAC7E,QAAQ,CAAC,IAAI,CAAC,GAAG,aAAa,CAAC,CAAC;gBAClC,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,WAAW,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;YAC3B,MAAM,cAAc,GAAG,MAAM,mBAAmB,CAAC,UAAU,EAAE,iBAAiB,EAAE,WAAW,CAAC,CAAC;YAC7F,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;QACnC,CAAC;QAED,0BAA0B;QAC1B,IAAI,UAAU,CAAC,EAAE,EAAE,CAAC;YAClB,UAAU,CAAC,EAAE,EAAE,CAAC;QAClB,CAAC;IACH,CAAC;IAED,4EAA4E;IAC5E,MAAM,cAAc,GAAG,IAAI,GAAG,CAAC,CAAC,eAAe,EAAE,iBAAiB,EAAE,cAAc,CAAC,CAAC,CAAC;IACrF,MAAM,gBAAgB,GAAG,IAAI,GAAG,EAAU,CAAC;IAC3C,MAAM,oBAAoB,GAAc,EAAE,CAAC;IAE3C,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,IAAI,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,IAAI,CAAC,EAAE,CAAC;YAC/B,IAAI,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;gBAAE,SAAS;YACzC,gBAAgB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC;QAC7B,CAAC;QACD,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IAC/B,CAAC;IAED,6CAA6C;IAC7C,QAAQ,CAAC,MAAM,GAAG,CAAC,CAAC;IACpB,QAAQ,CAAC,IAAI,CAAC,GAAG,oBAAoB,CAAC,CAAC;IAEvC,4BAA4B;IAC5B,MAAM,aAAa,GAAG,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAC3E,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,GAAG,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,CAAC;IAE/E,uBAAuB;IACvB,MAAM,aAAa,GAAG,MAAM,WAAW,CAAC,OAAO,CAAC,IAAI,CAAC,CAAC;IACtD,MAAM,iBAAiB,GAAG,mBAAmB,CAAC,aAAa,CAAC,CAAC;IAC7D,MAAM,oBAAoB,GAAG,eAAe,CAAC,aAAa,CAAC,CAAC;IAE5D,MAAM,KAAK,GAAc;QACvB,SAAS,EAAE,aAAa,CAAC,SAAS;QAClC,QAAQ,EAAE,aAAa,CAAC,QAAQ;QAChC,IAAI,EAAE,aAAa,CAAC,IAAI;QACxB,gBAAgB,EAAE,iBAAiB,CAAC,SAAS;QAC7C,eAAe,EAAE,iBAAiB,CAAC,QAAQ;QAC3C,WAAW,EAAE,iBAAiB,CAAC,IAAI;QACnC,eAAe,EAAE,oBAAoB;KACtC,CAAC;IAEF,2CAA2C;IAC3C,IAAI,iBAAiB,GAAG,oBAAoB,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;IAE/D,4BAA4B;IAC5B,iBAAiB,GAAG,MAAM,uBAAuB,CAAC,iBAAiB,CAAC,CAAC;IAErE,yDAAyD;IACzD,MAAM,gBAAgB,GAAG,MAAM,2BAA2B,CACxD,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,OAAO,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAC5E,CAAC;IAEF,iBAAiB,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,OAAO,EAAE,KAAK,EAAE,EAAE;QAC3D,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;QAExC,wDAAwD;QACxD,MAAM,YAAY,GAAG,OAAO,CAAC,yBAAyB,KAAK,KAAK,CAAC,CAAC,kBAAkB;QAEpF,6EAA6E;QAC7E,IAAI,CAAC,OAAO,CAAC,UAAU,IAAI,YAAY,EAAE,CAAC;YACxC,OAAO;gBACL,GAAG,OAAO;gBACV,UAAU,EAAE,OAAO,CAAC,UAAU;aAC/B,CAAC;QACJ,CAAC;QACD,OAAO,OAAO,CAAC;IACjB,CAAC,CAAC,CAAC;IAEH,2CAA2C;IAC3C,IAAI,MAAM,CAAC,EAAE,EAAE,YAAY,KAAK,KAAK,IAAI,aAAa,EAAE,EAAE,CAAC;QACzD,IAAI,CAAC;YACH,6DAA6D;YAC7D,MAAM,YAAY,GAAG,IAAI,GAAG,EAAkB,CAAC;YAC/C,MAAM,WAAW,GAAG,CAAC,GAAG,IAAI,GAAG,CAAC,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;iBACjE,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,cAAc,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YAEvC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;gBAC/B,IAAI,CAAC;oBACH,MAAM,IAAI,GAAG,MAAM,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;oBACjC,IAAI,IAAI,CAAC,IAAI,GAAG,aAAa;wBAAE,SAAS,CAAC,mBAAmB;oBAC5D,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;oBACjD,YAAY,CAAC,GAAG,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBAClC,CAAC;gBAAC,MAAM,CAAC;oBACP,gCAAgC;gBAClC,CAAC;YACH,CAAC;YAED,MAAM,eAAe,GAAG,MAAM,sBAAsB,CAAC,iBAAiB,EAAE,YAAY,CAAC,CAAC;YAEtF,yDAAyD;YACzD,IAAI,MAAM,CAAC,EAAE,EAAE,oBAAoB,KAAK,KAAK,EAAE,CAAC;gBAC9C,iBAAiB,GAAG,eAAe,CAAC,MAAM,CACxC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,gBAAgB,KAAK,gBAAgB,CAC7C,CAAC;YACJ,CAAC;iBAAM,CAAC;gBACN,+BAA+B;gBAC/B,iBAAiB,GAAG,eAAe,CAAC;YACtC,CAAC;QACH,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,oDAAoD;YACpD,OAAO,CAAC,IAAI,CAAC,mBAAmB,EAAE,KAAK,YAAY,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,eAAe,CAAC,CAAC;QAC9F,CAAC;IACH,CAAC;IAED,6BAA6B;IAC7B,IAAI,OAAO,CAAC,YAAY,EAAE,CAAC;QACzB,MAAM,QAAQ,GAAG,MAAM,YAAY,CAAC,OAAO,CAAC,YAAY,CAAC,CAAC;QAC1D,IAAI,QAAQ,EAAE,CAAC;YACb,iBAAiB,GAAG,aAAa,CAAC,iBAAiB,EAAE,QAAQ,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,4CAA4C;IAC5C,IAAI,OAAO,CAAC,aAAa,EAAE,CAAC;QAC1B,MAAM,eAAe,GAAG,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QACvD,MAAM,QAAQ,GAAG,eAAe,CAAC,OAAO,CAAC,aAAa,CAAC,CAAC;QACxD,iBAAiB,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC5C,MAAM,MAAM,GAAG,eAAe,CAAC,CAAC,CAAC,UAAU,IAAI,MAAM,CAAC,CAAC;YACvD,iFAAiF;YACjF,IAAI,MAAM,GAAG,QAAQ,EAAE,CAAC;gBACtB,OAAO,EAAE,GAAG,CAAC,EAAE,UAAU,EAAE,IAAI,EAAE,CAAC;YACpC,CAAC;YACD,OAAO,CAAC,CAAC;QACX,CAAC,CAAC,CAAC;IACL,CAAC;IAED,yEAAyE;IACzE,6EAA6E;IAC7E,wEAAwE;IACxE,MAAM,eAAe,GAAG,iBAAiB,CAAC,MAAM,CAAC;IACjD,iBAAiB,GAAG,cAAc,CAAC,iBAAiB,CAAC,CAAC;IAEtD,uCAAuC;IACvC,MAAM,eAAe,GAAG,aAAa,CAAC,iBAAiB,CAAC,CAAC;IAEzD,6BAA6B;IAC7B,MAAM,MAAM,GAAG;QACb,QAAQ,EAAE,iBAAiB;QAC3B,eAAe;QACf,gBAAgB,EAAE,eAAe;QACjC,YAAY,EAAE,WAAW,CAAC,MAAM;QAChC,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;QACpC,KAAK;KACN,CAAC;IAEF,MAAM,eAAe,GAAG,wBAAwB,CAAC,MAAM,CAAC,CAAC;IAEzD,OAAO;QACL,GAAG,MAAM;QACT,eAAe;KAChB,CAAC;AACJ,CAAC;AAED;;;GAGG;AACH,SAAS,gBAAgB,CAAC,OAAgB;IACxC,IAAI,CAAC,OAAO,CAAC,OAAO,IAAI,OAAO,CAAC,OAAO,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO,EAAE,CAAC;IAChE,OAAO,OAAO,CAAC,OAAO;SACnB,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;SAC7D,IAAI,CAAC,IAAI,CAAC,CAAC;AAChB,CAAC;AAED;;;;;;;;;GASG;AACH,MAAM,UAAU,cAAc,CAAC,QAAmB;IAChD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,MAAM,MAAM,GAAc,EAAE,CAAC;IAE7B,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,IAAI,IAAI,EAAE,KAAK,gBAAgB,CAAC,CAAC,CAAC,EAAE,CAAC;QAC1E,IAAI,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC;YAAE,SAAS;QAC5B,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC;QACd,MAAM,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;IACjB,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,aAAa,CAAC,QAAmB;IAC/C,MAAM,MAAM,GAAG,IAAI,GAAG,EAA0B,CAAC;IACjD,MAAM,aAAa,GAA2B,EAAE,QAAQ,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,MAAM,EAAE,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,IAAI,EAAE,CAAC,EAAE,CAAC;IAEnG,KAAK,MAAM,CAAC,IAAI,QAAQ,EAAE,CAAC;QACzB,wDAAwD;QACxD,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,WAAW,EAAE,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;QAC1E,MAAM,GAAG,GAAG,GAAG,CAAC,CAAC,QAAQ,KAAK,eAAe,EAAE,CAAC;QAEhD,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;YACrB,gGAAgG;YAChG,uFAAuF;YACvF,MAAM,OAAO,GAAG,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACvE,MAAM,CAAC,GAAG,CAAC,GAAG,EAAE;gBACd,EAAE,EAAE,OAAO;gBACX,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,QAAQ,EAAE,CAAC,CAAC,QAAQ;gBACpB,KAAK,EAAE,CAAC,CAAC,KAAK;gBACd,WAAW,EAAE,CAAC,CAAC,WAAW;gBAC1B,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,cAAc,EAAE,CAAC,CAAC,cAAc;gBAChC,UAAU,EAAE,CAAC,CAAC,UAAU;gBACxB,eAAe,EAAE,CAAC;gBAClB,SAAS,EAAE,CAAC;gBACZ,QAAQ,EAAE,EAAE;gBACZ,WAAW,EAAE,EAAE;aAChB,CAAC,CAAC;QACL,CAAC;QAED,MAAM,KAAK,GAAG,MAAM,CAAC,GAAG,CAAC,GAAG,CAAE,CAAC;QAC/B,KAAK,CAAC,eAAe,EAAE,CAAC;QACxB,KAAK,CAAC,WAAW,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAED,KAAK,MAAM,KAAK,IAAI,MAAM,CAAC,MAAM,EAAE,EAAE,CAAC;QACpC,KAAK,CAAC,SAAS,GAAG,IAAI,GAAG,CAAC,KAAK,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;QACnE,kEAAkE;QAClE,MAAM,SAAS,GAAG,IAAI,GAAG,EAAU,CAAC;QACpC,KAAK,MAAM,GAAG,IAAI,KAAK,CAAC,WAAW,EAAE,CAAC;YACpC,IAAI,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC;gBAAE,SAAS;YACtC,SAAS,CAAC,GAAG,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;YACxB,KAAK,CAAC,QAAQ,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;YACzB,IAAI,KAAK,CAAC,QAAQ,CAAC,MAAM,IAAI,CAAC;gBAAE,MAAM;QACxC,CAAC;IACH,CAAC;IAED,OAAO,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAC9B,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAC9E,CAAC;AACJ,CAAC"}
|
|
@@ -7,7 +7,7 @@ import * as fs from 'fs/promises';
|
|
|
7
7
|
export const apiSecurityScanner = {
|
|
8
8
|
name: 'API Security Scanner',
|
|
9
9
|
category: 'access-control',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
for (const file of files) {
|
|
13
13
|
// Skip non-code files
|
|
@@ -128,7 +128,7 @@ export const apiSecurityScanner = {
|
|
|
128
128
|
}
|
|
129
129
|
}
|
|
130
130
|
}
|
|
131
|
-
catch
|
|
131
|
+
catch {
|
|
132
132
|
// Skip files that can't be read
|
|
133
133
|
continue;
|
|
134
134
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/api-security/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,sBAAsB;IAC5B,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/api-security/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAC1D,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,sBAAsB;IAC5B,QAAQ,EAAE,gBAAgB;IAE1B,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,KAAK,MAAM,IAAI,IAAI,KAAK,EAAE,CAAC;YACzB,sBAAsB;YACtB,IAAI,CAAC,IAAI,CAAC,KAAK,CAAC,4BAA4B,CAAC,EAAE,CAAC;gBAC9C,SAAS;YACX,CAAC;YAED,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,yBAAyB,EAAE,CAAC;oBAChD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBAEtB,sCAAsC;wBACtC,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;wBAChC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,WAAW,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;4BAChG,SAAS;wBACX,CAAC;wBAED,yCAAyC;wBACzC,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;4BAC9B,wEAAwE;4BACxE,IAAI,CAAC,kDAAkD,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;gCACnE,SAAS;4BACX,CAAC;4BAED,yBAAyB;4BACzB,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BAC1C,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;4BAC7C,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,OAAO,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;4BAE5D,2CAA2C;4BAC3C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;4BAC5D,IAAI,CAAC,OAAO;gCAAE,SAAS;4BAEvB,0BAA0B;4BAC1B,MAAM,sBAAsB,GAAG,YAAY;iCACxC,MAAM,CAAC,CAAC,CAAC,EAAE;gCACV,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;gCACnB,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;4BAC1E,CAAC,CAAC;iCACD,IAAI,CAAC,IAAI,CAAC,CAAC;4BAEd,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;gCAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC1D,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAChC,CAAC;gCACF,IAAI,gBAAgB,EAAE,CAAC;oCACrB,SAAS;gCACX,CAAC;4BACH,CAAC;4BAED,qBAAqB;4BACrB,MAAM,QAAQ,GAAsC,gBAAgB,CAAC;4BAErE,QAAQ,CAAC,IAAI,CAAC;gCACZ,EAAE,EAAE,OAAO,CAAC,EAAE;gCACd,KAAK,EAAE,OAAO,CAAC,IAAI;gCACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;gCAC7D,QAAQ,EAAE,OAAO,CAAC,QAAQ;gCAC1B,QAAQ,EAAE,QAAQ;gCAClB,IAAI;gCACJ,IAAI,EAAE,CAAC,GAAG,CAAC;gCACX,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC;gCACrC,cAAc,EAAE,OAAO,CAAC,cAAc;gCACtC,cAAc,EAAE,OAAO,CAAC,cAAc;gCACtC,UAAU,EAAE,MAAM;6BACnB,CAAC,CAAC;4BAEH,SAAS;wBACX,CAAC;wBAED,yCAAyC;wBACzC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBACzD,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,4CAA4C;wBAC5C,IAAI,YAAsB,CAAC;wBAE3B,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;4BAC9B,yDAAyD;4BACzD,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;4BAClC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;4BAC3C,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;wBACzC,CAAC;6BAAM,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;4BACpC,+EAA+E;4BAC/E,MAAM,KAAK,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BACjC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;4BAC1C,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC;wBACzC,CAAC;6BAAM,CAAC;4BACN,YAAY,GAAG,CAAC,IAAI,CAAC,CAAC;wBACxB,CAAC;wBAED,MAAM,OAAO,GAAG,YAAY,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAExC,mCAAmC;wBACnC,MAAM,sBAAsB,GAAG,OAAO;6BACnC,KAAK,CAAC,IAAI,CAAC;6BACX,MAAM,CAAC,CAAC,CAAC,EAAE;4BACV,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC;4BACnB,OAAO,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;wBAC1E,CAAC,CAAC;6BACD,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,0BAA0B;wBAC1B,IAAI,OAAO,CAAC,gBAAgB,EAAE,CAAC;4BAC7B,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,CAC1D,EAAE,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAChC,CAAC;4BACF,IAAI,gBAAgB,EAAE,CAAC;gCACrB,SAAS;4BACX,CAAC;wBACH,CAAC;wBAED,sCAAsC;wBACtC,IAAI,QAAQ,GAAsC,gBAAgB,CAAC;wBACnE,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;4BAC7B,QAAQ,GAAG,cAAc,CAAC;wBAC5B,CAAC;wBAED,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,QAAQ,EAAE,QAAQ;4BAClB,IAAI;4BACJ,IAAI,EAAE,CAAC,GAAG,CAAC;4BACX,MAAM,EAAE,IAAI,CAAC,OAAO,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,GAAG,CAAC;4BACrC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;gBAChC,SAAS;YACX,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAIpE,eAAO,MAAM,qBAAqB,EAAE,OA2EnC,CAAC"}
|
|
@@ -4,15 +4,14 @@
|
|
|
4
4
|
*/
|
|
5
5
|
import * as fs from 'fs/promises';
|
|
6
6
|
import { ALL_MFA_PATTERNS } from './patterns.js';
|
|
7
|
+
import { isImportLine, findWindowedViolations } from '../utils.js';
|
|
7
8
|
export const authenticationScanner = {
|
|
8
9
|
name: 'Multi-Factor Authentication Scanner',
|
|
9
10
|
category: 'access-control', // Map to existing category for now
|
|
10
|
-
async scan(files,
|
|
11
|
+
async scan(files, _options) {
|
|
11
12
|
const findings = [];
|
|
12
13
|
// Filter to code and config files
|
|
13
14
|
const relevantFiles = files.filter((f) => /\.(js|ts|jsx|tsx|json|yaml|yml|env)$/i.test(f));
|
|
14
|
-
// Common auth config file patterns
|
|
15
|
-
const authConfigFiles = relevantFiles.filter((f) => /(?:auth|clerk|supabase|next-auth).*\.(?:ts|js|json|config)/i.test(f));
|
|
16
15
|
for (const file of relevantFiles) {
|
|
17
16
|
try {
|
|
18
17
|
const content = await fs.readFile(file, 'utf-8');
|
|
@@ -23,34 +22,33 @@ export const authenticationScanner = {
|
|
|
23
22
|
await scanAuthConfig(file, content, lines, pattern, findings);
|
|
24
23
|
continue;
|
|
25
24
|
}
|
|
26
|
-
//
|
|
27
|
-
|
|
28
|
-
|
|
29
|
-
|
|
30
|
-
|
|
31
|
-
|
|
32
|
-
|
|
33
|
-
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
38
|
-
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
42
|
-
|
|
43
|
-
if (isCompliant)
|
|
25
|
+
// Test/spec files legitimately use MFA-bypass helpers in their setup;
|
|
26
|
+
// don't flag bypass code that only exists in tests.
|
|
27
|
+
if (pattern.id === 'MFA-003' && /\.(?:test|spec)\.[jt]sx?$/i.test(file)) {
|
|
28
|
+
continue;
|
|
29
|
+
}
|
|
30
|
+
// Multi-line aware matching with a bidirectional compliance window.
|
|
31
|
+
// `console.*` is removed from the windowed negatives: it only means
|
|
32
|
+
// "this is a log message, not real code" when the violation keyword is
|
|
33
|
+
// ON the console line itself (judged per-anchor below) — not merely
|
|
34
|
+
// present somewhere nearby, which wrongly hid real env-var bypasses.
|
|
35
|
+
const windowedNegatives = (pattern.negativePatterns ?? []).filter((p) => !/console/i.test(p.source));
|
|
36
|
+
const violations = findWindowedViolations(lines, pattern.patterns, windowedNegatives, { skipCommentLines: true, skipImportLines: true });
|
|
37
|
+
for (const v of violations) {
|
|
38
|
+
// The matched keyword sits inside a console.* call → a log/message
|
|
39
|
+
// string, not an actual MFA bypass.
|
|
40
|
+
if (pattern.id === 'MFA-003' &&
|
|
41
|
+
/console\.(?:log|warn|error)/i.test(lines[v.lineIndex])) {
|
|
44
42
|
continue;
|
|
45
|
-
|
|
43
|
+
}
|
|
46
44
|
findings.push({
|
|
47
45
|
id: pattern.id,
|
|
48
46
|
category: 'access-control',
|
|
49
47
|
severity: pattern.severity,
|
|
50
48
|
title: pattern.name,
|
|
51
|
-
description: `${pattern.description}\n\nCode: ${
|
|
49
|
+
description: `${pattern.description}\n\nCode: ${v.code}`,
|
|
52
50
|
file: file,
|
|
53
|
-
line:
|
|
51
|
+
line: v.lineIndex + 1,
|
|
54
52
|
recommendation: pattern.recommendation,
|
|
55
53
|
hipaaReference: pattern.hipaaReference,
|
|
56
54
|
confidence: 'high',
|
|
@@ -58,7 +56,7 @@ export const authenticationScanner = {
|
|
|
58
56
|
}
|
|
59
57
|
}
|
|
60
58
|
}
|
|
61
|
-
catch
|
|
59
|
+
catch {
|
|
62
60
|
// Skip files that can't be read
|
|
63
61
|
}
|
|
64
62
|
}
|
|
@@ -82,14 +80,21 @@ async function scanAuthConfig(file, content, lines, pattern, findings) {
|
|
|
82
80
|
const hasMfaConfig = pattern.negativePatterns?.some((p) => p.test(content));
|
|
83
81
|
if (hasMfaConfig)
|
|
84
82
|
return;
|
|
85
|
-
// Find the line with auth configuration
|
|
86
|
-
|
|
83
|
+
// Find the line with auth configuration. Skip import/require lines — anchoring
|
|
84
|
+
// an "auth config without MFA" finding to an `import { createClient } from
|
|
85
|
+
// '@supabase/...'` line is a false-positive-looking trigger. If the only
|
|
86
|
+
// evidence is an import, don't fire at all.
|
|
87
|
+
let configLine = 0;
|
|
87
88
|
for (let i = 0; i < lines.length; i++) {
|
|
89
|
+
if (isImportLine(lines[i]))
|
|
90
|
+
continue;
|
|
88
91
|
if (pattern.patterns.some((p) => p.test(lines[i]))) {
|
|
89
92
|
configLine = i + 1;
|
|
90
93
|
break;
|
|
91
94
|
}
|
|
92
95
|
}
|
|
96
|
+
if (configLine === 0)
|
|
97
|
+
return;
|
|
93
98
|
// Create finding for auth config without MFA
|
|
94
99
|
findings.push({
|
|
95
100
|
id: pattern.id,
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,gBAAgB,EAAmB,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/authentication/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,gBAAgB,EAAmB,MAAM,eAAe,CAAC;AAClE,OAAO,EAAE,YAAY,EAAE,sBAAsB,EAAE,MAAM,aAAa,CAAC;AAEnE,MAAM,CAAC,MAAM,qBAAqB,GAAY;IAC5C,IAAI,EAAE,qCAAqC;IAC3C,QAAQ,EAAE,gBAAgB,EAAE,mCAAmC;IAE/D,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,kCAAkC;QAClC,MAAM,aAAa,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACvC,uCAAuC,CAAC,IAAI,CAAC,CAAC,CAAC,CAChD,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,aAAa,EAAE,CAAC;YACjC,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,gBAAgB,EAAE,CAAC;oBACvC,mDAAmD;oBACnD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,EAAE,CAAC;wBAC7B,MAAM,cAAc,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,EAAE,OAAO,EAAE,QAAQ,CAAC,CAAC;wBAC9D,SAAS;oBACX,CAAC;oBAED,sEAAsE;oBACtE,oDAAoD;oBACpD,IAAI,OAAO,CAAC,EAAE,KAAK,SAAS,IAAI,4BAA4B,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;wBACxE,SAAS;oBACX,CAAC;oBAED,oEAAoE;oBACpE,oEAAoE;oBACpE,uEAAuE;oBACvE,oEAAoE;oBACpE,qEAAqE;oBACrE,MAAM,iBAAiB,GAAG,CAAC,OAAO,CAAC,gBAAgB,IAAI,EAAE,CAAC,CAAC,MAAM,CAC/D,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CAClC,CAAC;oBACF,MAAM,UAAU,GAAG,sBAAsB,CACvC,KAAK,EACL,OAAO,CAAC,QAAQ,EAChB,iBAAiB,EACjB,EAAE,gBAAgB,EAAE,IAAI,EAAE,eAAe,EAAE,IAAI,EAAE,CAClD,CAAC;oBAEF,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;wBAC3B,mEAAmE;wBACnE,oCAAoC;wBACpC,IACE,OAAO,CAAC,EAAE,KAAK,SAAS;4BACxB,8BAA8B,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,EACvD,CAAC;4BACD,SAAS;wBACX,CAAC;wBACD,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,gBAAgB;4BAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,CAAC,CAAC,IAAI,EAAE;4BACxD,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,CAAC,CAAC,SAAS,GAAG,CAAC;4BACrB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,KAAK,UAAU,cAAc,CAC3B,IAAY,EACZ,OAAe,EACf,KAAe,EACf,OAAmB,EACnB,QAAmB;IAEnB,wCAAwC;IACxC,MAAM,UAAU,GACd,oCAAoC,CAAC,IAAI,CAAC,IAAI,CAAC;QAC/C,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAEhD,IAAI,CAAC,UAAU;QAAE,OAAO;IAExB,oDAAoD;IACpD,MAAM,aAAa,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IACpE,IAAI,CAAC,aAAa;QAAE,OAAO;IAE3B,6BAA6B;IAC7B,MAAM,YAAY,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC,CAAC;IAC5E,IAAI,YAAY;QAAE,OAAO;IAEzB,+EAA+E;IAC/E,2EAA2E;IAC3E,yEAAyE;IACzE,4CAA4C;IAC5C,IAAI,UAAU,GAAG,CAAC,CAAC;IACnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,IAAI,YAAY,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YAAE,SAAS;QACrC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC;YACnD,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;YACnB,MAAM;QACR,CAAC;IACH,CAAC;IAED,IAAI,UAAU,KAAK,CAAC;QAAE,OAAO;IAE7B,6CAA6C;IAC7C,QAAQ,CAAC,IAAI,CAAC;QACZ,EAAE,EAAE,OAAO,CAAC,EAAE;QACd,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ,EAAE,OAAO,CAAC,QAAQ;QAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;QACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,iEAAiE;QACpG,IAAI,EAAE,IAAI;QACV,IAAI,EAAE,UAAU;QAChB,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,cAAc,EAAE,OAAO,CAAC,cAAc;QACtC,UAAU,EAAE,MAAM;KACnB,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_CONFIGURATION_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const configurationScanner = {
|
|
8
8
|
name: 'Configuration Security Scanner',
|
|
9
9
|
category: 'audit-logging',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(ts|tsx|js|jsx)$/.test(f));
|
|
@@ -76,7 +76,7 @@ export const configurationScanner = {
|
|
|
76
76
|
}
|
|
77
77
|
}
|
|
78
78
|
}
|
|
79
|
-
catch
|
|
79
|
+
catch {
|
|
80
80
|
// Skip files that can't be read
|
|
81
81
|
}
|
|
82
82
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/configuration/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,0BAA0B,EAAE,MAAM,eAAe,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAAY;IAC3C,IAAI,EAAE,gCAAgC;IACtC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/configuration/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,0BAA0B,EAAE,MAAM,eAAe,CAAC;AAE3D,MAAM,CAAC,MAAM,oBAAoB,GAAY;IAC3C,IAAI,EAAE,gCAAgC;IACtC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAC7B,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,8CAA8C;gBAC9C,MAAM,UAAU,GAAG,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;oBAEzB,0CAA0C;oBAC1C,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAE1D,oBAAoB;oBACpB,KAAK,MAAM,OAAO,IAAI,0BAA0B,EAAE,CAAC;wBACjD,uCAAuC;wBACvC,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,IAAI,UAAU;4BAAE,SAAS;wBAExD,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAEnE,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,0BAA0B;wBAC1B,MAAM,aAAa,GAAG,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;4BACjC,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAC3D,MAAM,YAAY,GAAG,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;4BACjC,OAAO,CAAC,EAAE,KAAK,YAAY,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;wBAE1D,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,aAAa,CAAC,CAAC;wBACpD,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,YAAY,GAAG,CAAC,CAAC,CAAC;wBAChE,MAAM,YAAY,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC;wBAE3D,wCAAwC;wBACxC,MAAM,eAAe,GAAG,YAAY;6BACjC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC;6BAC5E,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEd,kDAAkD;wBAClD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;4BACtD,4DAA4D;4BAC5D,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;gCAChC,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,+DAA+D;4BAC/D,IAAI,OAAO,CAAC,EAAE,KAAK,YAAY,EAAE,CAAC;gCAChC,OAAO,KAAK,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;4BACrC,CAAC;4BAED,sEAAsE;4BACtE,OAAO,KAAK,CAAC;wBACf,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,MAAM,OAAO,GAAY;4BACvB,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC;wBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,oBAAoB,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/credentials/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAMpE,eAAO,MAAM,kBAAkB,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/credentials/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAGH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAMpE,eAAO,MAAM,kBAAkB,EAAE,OAsGhC,CAAC"}
|
|
@@ -7,10 +7,15 @@ import { ALL_CREDENTIAL_PATTERNS, } from './patterns.js';
|
|
|
7
7
|
export const credentialsScanner = {
|
|
8
8
|
name: 'Credential Security Scanner',
|
|
9
9
|
category: 'encryption',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
|
-
// Filter to code and config files
|
|
13
|
-
|
|
12
|
+
// Filter to code and config files. `.env` plus its variants
|
|
13
|
+
// (.env.local, .env.production, …) are where secrets actually live, so
|
|
14
|
+
// match them explicitly — a plain `env$` extension test misses them.
|
|
15
|
+
const codeFiles = files.filter((f) => /\.(js|ts|jsx|tsx|py|java|go|rb|php|cs|yml|yaml|json)$/i.test(f) ||
|
|
16
|
+
/(?:^|[\\/])\.env(?:\.[\w-]+)*$/i.test(f) || // .env, .env.local, .env.production
|
|
17
|
+
/\.env$/i.test(f) // foo.env
|
|
18
|
+
);
|
|
14
19
|
for (const file of codeFiles) {
|
|
15
20
|
try {
|
|
16
21
|
const content = await fs.readFile(file, 'utf-8');
|
|
@@ -74,7 +79,7 @@ export const credentialsScanner = {
|
|
|
74
79
|
}
|
|
75
80
|
}
|
|
76
81
|
}
|
|
77
|
-
catch
|
|
82
|
+
catch {
|
|
78
83
|
// Skip files that can't be read
|
|
79
84
|
}
|
|
80
85
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/credentials/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EACL,uBAAuB,GAExB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,6BAA6B;IACnC,QAAQ,EAAE,YAAY;IAEtB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/credentials/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EACL,uBAAuB,GAExB,MAAM,eAAe,CAAC;AAEvB,MAAM,CAAC,MAAM,kBAAkB,GAAY;IACzC,IAAI,EAAE,6BAA6B;IACnC,QAAQ,EAAE,YAAY;IAEtB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,4DAA4D;QAC5D,uEAAuE;QACvE,qEAAqE;QACrE,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,wDAAwD,CAAC,IAAI,CAAC,CAAC,CAAC;YAChE,iCAAiC,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,oCAAoC;YACjF,SAAS,CAAC,IAAI,CAAC,CAAC,CAAC,CAA4B,UAAU;SACxD,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,KAAK,MAAM,OAAO,IAAI,uBAAuB,EAAE,CAAC;oBAC9C,wDAAwD;oBACxD,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;wBAC9B,MAAM,uBAAuB,CAC3B,IAAI,EACJ,OAAO,EACP,KAAK,EACL,OAAO,EACP,QAAQ,CACT,CAAC;wBACF,SAAS;oBACX,CAAC;oBAED,sDAAsD;oBACtD,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;wBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;wBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;wBAEzB,gCAAgC;wBAChC,IAAI,0BAA0B,CAAC,IAAI,CAAC,IAAI,CAAC;4BAAE,SAAS;wBAEpD,0CAA0C;wBAC1C,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAC3D,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iDAAiD;wBACjD,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE;4BAClD,yCAAyC;4BACzC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC;gCAAE,OAAO,IAAI,CAAC;4BAE9B,wDAAwD;4BACxD,IAAI,OAAO,CAAC,EAAE,KAAK,UAAU,EAAE,CAAC;gCAC9B,mCAAmC;gCACnC,MAAM,UAAU,GAAG,IAAI,CAAC,KAAK,CAAC,4BAA4B,CAAC,CAAC;gCAC5D,IAAI,UAAU,EAAE,CAAC;oCACf,MAAM,KAAK,GAAG,UAAU,CAAC,CAAC,CAAC,CAAC;oCAC5B,0CAA0C;oCAC1C,IACE,uFAAuF,CAAC,IAAI,CAC1F,KAAK,CACN,EACD,CAAC;wCACD,OAAO,IAAI,CAAC;oCACd,CAAC;oCACD,yCAAyC;oCACzC,IACE,KAAK,CAAC,MAAM,GAAG,CAAC;wCAChB,wCAAwC,CAAC,IAAI,CAAC,KAAK,CAAC,EACpD,CAAC;wCACD,OAAO,IAAI,CAAC;oCACd,CAAC;gCACH,CAAC;4BACH,CAAC;4BAED,OAAO,KAAK,CAAC;wBACf,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,YAAY;4BACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF;;GAEG;AACH,KAAK,UAAU,uBAAuB,CACpC,IAAY,EACZ,OAAe,EACf,KAAe,EACf,OAA0B,EAC1B,QAAmB;IAEnB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;QACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;QAEzB,gBAAgB;QAChB,IAAI,wBAAwB,CAAC,IAAI,CAAC,IAAI,CAAC;YAAE,SAAS;QAElD,sCAAsC;QACtC,MAAM,WAAW,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;QAC/D,IAAI,CAAC,WAAW;YAAE,SAAS;QAE3B,iFAAiF;QACjF,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;QACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAEjE,+CAA+C;QAC/C,MAAM,iBAAiB,GACrB,sCAAsC,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;QAEvD,yEAAyE;QACzE,MAAM,aAAa,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CACzD,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,CAChB,CAAC;QAEF,IAAI,aAAa;YAAE,SAAS;QAE5B,+DAA+D;QAC/D,MAAM,gBAAgB,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CACrD,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,0BAA0B,CAAC,IAAI,CAAC,CAAC,CAAC,MAAM,CAAC,CACjE,CAAC;QAEF,IAAI,gBAAgB;YAAE,SAAS;QAE/B,4CAA4C;QAC5C,IAAI,iBAAiB,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,OAAO,CAAC,EAAE;gBACd,QAAQ,EAAE,YAAY;gBACtB,QAAQ,EAAE,OAAO,CAAC,QAAQ;gBAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;gBACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,+DAA+D;gBAC1H,IAAI,EAAE,IAAI;gBACV,IAAI,EAAE,UAAU;gBAChB,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,cAAc,EAAE,OAAO,CAAC,cAAc;gBACtC,UAAU,EAAE,MAAM;aACnB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;AACH,CAAC"}
|
|
@@ -147,7 +147,7 @@ const config = {
|
|
|
147
147
|
});
|
|
148
148
|
it('should detect hardcoded API key', async () => {
|
|
149
149
|
const file = await createTestFile('api.ts', `
|
|
150
|
-
const apiKey = '
|
|
150
|
+
const apiKey = 'k7Jp2Qx9Lm4Rt6Wz0Bn3Vc8Df1Hs5Ya';
|
|
151
151
|
`);
|
|
152
152
|
const findings = await credentialsScanner.scan([file], scanOptions);
|
|
153
153
|
const credFindings = findings.filter((f) => f.id === 'CRED-002');
|
|
@@ -155,7 +155,7 @@ const apiKey = 'fake_key_ABCDEFGH1234567890XXXXXX';
|
|
|
155
155
|
});
|
|
156
156
|
it('should detect hardcoded secret', async () => {
|
|
157
157
|
const file = await createTestFile('secrets.ts', `
|
|
158
|
-
export const JWT_SECRET = '
|
|
158
|
+
export const JWT_SECRET = '9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15b0f00a08';
|
|
159
159
|
`);
|
|
160
160
|
const findings = await credentialsScanner.scan([file], scanOptions);
|
|
161
161
|
const credFindings = findings.filter((f) => f.id === 'CRED-002');
|
|
@@ -179,7 +179,7 @@ const connectionString = 'postgresql://user:password@localhost:5432/mydb';
|
|
|
179
179
|
});
|
|
180
180
|
it('should detect Bearer token', async () => {
|
|
181
181
|
const file = await createTestFile('bearer.ts', `
|
|
182
|
-
const token = 'Bearer
|
|
182
|
+
const token = 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiI5ODc2NTQzMjEwIn0';
|
|
183
183
|
`);
|
|
184
184
|
const findings = await credentialsScanner.scan([file], scanOptions);
|
|
185
185
|
const credFindings = findings.filter((f) => f.id === 'CRED-002');
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/scanners/credentials/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,EAAE,iBAqChC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,qBAAqB,EAAE,
|
|
1
|
+
{"version":3,"file":"patterns.d.ts","sourceRoot":"","sources":["../../../src/scanners/credentials/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,MAAM,WAAW,iBAAiB;IAChC,EAAE,EAAE,MAAM,CAAC;IACX,IAAI,EAAE,MAAM,CAAC;IACb,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,CAAC;IACzC,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,gBAAgB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC5B,cAAc,EAAE,MAAM,CAAC;IACvB,QAAQ,EAAE,MAAM,CAAC;CAClB;AAED;;;GAGG;AACH,eAAO,MAAM,kBAAkB,EAAE,iBAqChC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,qBAAqB,EAAE,iBAsDnC,CAAC;AAEF;;;GAGG;AACH,eAAO,MAAM,mBAAmB,EAAE,iBAqDjC,CAAC;AAEF,eAAO,MAAM,uBAAuB,EAAE,iBAAiB,EAItD,CAAC"}
|
|
@@ -60,7 +60,7 @@ export const HARDCODED_CREDENTIALS = {
|
|
|
60
60
|
// Connection strings
|
|
61
61
|
/(?:connection[-_]?string|connectionstring|database[-_]?url)\s*[:=]\s*['"`][^'"`]{10,}['"`]/i,
|
|
62
62
|
// Bearer tokens
|
|
63
|
-
/['"`]Bearer\s+[A-Za-z0-9_
|
|
63
|
+
/['"`]Bearer\s+[A-Za-z0-9_\-.]{16,}['"`]/i,
|
|
64
64
|
// AWS/Service keys
|
|
65
65
|
/(?:aws|service|client)[-_]?(?:key|secret)\s*[:=]\s*['"`][A-Za-z0-9+/]{20,}['"`]/i,
|
|
66
66
|
],
|
|
@@ -80,9 +80,9 @@ export const HARDCODED_CREDENTIALS = {
|
|
|
80
80
|
// Empty or template strings
|
|
81
81
|
/['"]\s*['"]/i,
|
|
82
82
|
/\$\{/i, // Template literals
|
|
83
|
-
//
|
|
84
|
-
|
|
85
|
-
|
|
83
|
+
// NOTE: no `//` / `/*` comment negatives here. Comment-only lines are
|
|
84
|
+
// already skipped before matching (see index.ts), and a bare `//` wrongly
|
|
85
|
+
// suppressed real secrets in URL connection strings (e.g. postgresql://…).
|
|
86
86
|
],
|
|
87
87
|
recommendation: 'Move credentials to environment variables. Use process.env.PASSWORD or a secure secrets manager. Never commit credentials to source control. Add credentials to .gitignore.',
|
|
88
88
|
category: 'encryption',
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/credentials/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAsB;IACnD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,0CAA0C;IAChD,WAAW,EACT,6GAA6G;IAC/G,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,sDAAsD;IACtE,QAAQ,EAAE;QACR,uDAAuD;QACvD,uEAAuE;QAEvE,wCAAwC;QACxC,oCAAoC;QAEpC,gDAAgD;QAChD,mDAAmD;QACnD,8CAA8C;KAC/C;IACD,gBAAgB,EAAE;QAChB,oBAAoB;QACpB,SAAS;QACT,SAAS;QACT,SAAS;QACT,SAAS;QAET,qCAAqC;QACrC,0CAA0C;QAC1C,0CAA0C;QAE1C,mDAAmD;QACnD,WAAW;QACX,aAAa;QACb,YAAY;KACb;IACD,cAAc,EACZ,mLAAmL;IACrL,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,gCAAgC;IACtC,WAAW,EACT,qIAAqI;IACvI,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,uDAAuD;IACvE,QAAQ,EAAE;QACR,qDAAqD;QACrD,wDAAwD;QAExD,WAAW;QACX,uDAAuD;QAEvD,UAAU;QACV,sEAAsE;QAEtE,SAAS;QACT,2EAA2E;QAE3E,qBAAqB;QACrB,6FAA6F;QAE7F,gBAAgB;QAChB,
|
|
1
|
+
{"version":3,"file":"patterns.js","sourceRoot":"","sources":["../../../src/scanners/credentials/patterns.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAcH;;;GAGG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAsB;IACnD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,0CAA0C;IAChD,WAAW,EACT,6GAA6G;IAC/G,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,sDAAsD;IACtE,QAAQ,EAAE;QACR,uDAAuD;QACvD,uEAAuE;QAEvE,wCAAwC;QACxC,oCAAoC;QAEpC,gDAAgD;QAChD,mDAAmD;QACnD,8CAA8C;KAC/C;IACD,gBAAgB,EAAE;QAChB,oBAAoB;QACpB,SAAS;QACT,SAAS;QACT,SAAS;QACT,SAAS;QAET,qCAAqC;QACrC,0CAA0C;QAC1C,0CAA0C;QAE1C,mDAAmD;QACnD,WAAW;QACX,aAAa;QACb,YAAY;KACb;IACD,cAAc,EACZ,mLAAmL;IACrL,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,qBAAqB,GAAsB;IACtD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,gCAAgC;IACtC,WAAW,EACT,qIAAqI;IACvI,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,uDAAuD;IACvE,QAAQ,EAAE;QACR,qDAAqD;QACrD,wDAAwD;QAExD,WAAW;QACX,uDAAuD;QAEvD,UAAU;QACV,sEAAsE;QAEtE,SAAS;QACT,2EAA2E;QAE3E,qBAAqB;QACrB,6FAA6F;QAE7F,gBAAgB;QAChB,0CAA0C;QAE1C,mBAAmB;QACnB,kFAAkF;KACnF;IACD,gBAAgB,EAAE;QAChB,wBAAwB;QACxB,eAAe;QACf,oBAAoB;QACpB,QAAQ;QACR,QAAQ;QACR,SAAS;QAET,eAAe;QACf,yCAAyC;QACzC,4CAA4C;QAC5C,WAAW;QACX,0BAA0B;QAC1B,kBAAkB;QAElB,4BAA4B;QAC5B,cAAc;QACd,OAAO,EAAE,oBAAoB;QAC7B,sEAAsE;QACtE,0EAA0E;QAC1E,2EAA2E;KAC5E;IACD,cAAc,EACZ,6KAA6K;IAC/K,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF;;;GAGG;AACH,MAAM,CAAC,MAAM,mBAAmB,GAAsB;IACpD,EAAE,EAAE,UAAU;IACd,IAAI,EAAE,mDAAmD;IACzD,WAAW,EACT,kGAAkG;IACpG,QAAQ,EAAE,UAAU;IACpB,cAAc,EAAE,uDAAuD;IACvE,QAAQ,EAAE;QACR,qBAAqB;QACrB,qBAAqB;QAErB,mBAAmB;QACnB,qBAAqB;QAErB,wBAAwB;QACxB,0BAA0B;QAE1B,2BAA2B;QAC3B,2BAA2B;QAE3B,qBAAqB;QACrB,uBAAuB;QAEvB,wBAAwB;QACxB,yBAAyB;QAEzB,uBAAuB;QACvB,uBAAuB;QAEvB,sBAAsB;QACtB,uBAAuB;KACxB;IACD,gBAAgB,EAAE;QAChB,yBAAyB;QACzB,mEAAmE;QACnE,6BAA6B;QAC7B,4BAA4B;QAE5B,0CAA0C;QAC1C,qDAAqD;QAErD,sBAAsB;QACtB,qDAAqD;QAErD,gBAAgB;QAChB,uBAAuB;QAEvB,gCAAgC;QAChC,qCAAqC;KACtC;IACD,cAAc,EACZ,8PAA8P;IAChQ,QAAQ,EAAE,YAAY;CACvB,CAAC;AAEF,MAAM,CAAC,MAAM,uBAAuB,GAAwB;IAC1D,kBAAkB;IAClB,qBAAqB;IACrB,mBAAmB;CACpB,CAAC"}
|
|
@@ -7,7 +7,7 @@ import { ALL_ERROR_PATTERNS } from './patterns.js';
|
|
|
7
7
|
export const errorsScanner = {
|
|
8
8
|
name: 'Error Handling Security Scanner',
|
|
9
9
|
category: 'audit-logging',
|
|
10
|
-
async scan(files,
|
|
10
|
+
async scan(files, _options) {
|
|
11
11
|
const findings = [];
|
|
12
12
|
// Filter to code files
|
|
13
13
|
const codeFiles = files.filter((f) => /\.(ts|tsx|js|jsx)$/.test(f));
|
|
@@ -67,7 +67,7 @@ export const errorsScanner = {
|
|
|
67
67
|
}
|
|
68
68
|
}
|
|
69
69
|
}
|
|
70
|
-
catch
|
|
70
|
+
catch {
|
|
71
71
|
// Skip files that can't be read
|
|
72
72
|
}
|
|
73
73
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/errors/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,iCAAiC;IACvC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,
|
|
1
|
+
{"version":3,"file":"index.js","sourceRoot":"","sources":["../../../src/scanners/errors/index.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,MAAM,aAAa,CAAC;AAElC,OAAO,EAAE,kBAAkB,EAAE,MAAM,eAAe,CAAC;AAEnD,MAAM,CAAC,MAAM,aAAa,GAAY;IACpC,IAAI,EAAE,iCAAiC;IACvC,QAAQ,EAAE,eAAe;IAEzB,KAAK,CAAC,IAAI,CAAC,KAAe,EAAE,QAAqB;QAC/C,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,uBAAuB;QACvB,MAAM,SAAS,GAAG,KAAK,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CACnC,oBAAoB,CAAC,IAAI,CAAC,CAAC,CAAC,CAC7B,CAAC;QAEF,KAAK,MAAM,IAAI,IAAI,SAAS,EAAE,CAAC;YAC7B,IAAI,CAAC;gBACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;gBACjD,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;gBAElC,gDAAgD;gBAChD,MAAM,UAAU,GAAG,2BAA2B,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;gBAE1D,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;oBACtC,MAAM,IAAI,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC;oBACtB,MAAM,UAAU,GAAG,CAAC,GAAG,CAAC,CAAC;oBAEzB,mBAAmB;oBACnB,IAAI,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC;wBAAE,SAAS;oBAEjC,oBAAoB;oBACpB,KAAK,MAAM,OAAO,IAAI,kBAAkB,EAAE,CAAC;wBACzC,oCAAoC;wBACpC,MAAM,OAAO,GAAG,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC;wBAEnE,IAAI,CAAC,OAAO;4BAAE,SAAS;wBAEvB,iCAAiC;wBACjC,IAAI,OAAO,CAAC,EAAE,KAAK,WAAW,IAAI,UAAU;4BAAE,SAAS;wBAEvD,qDAAqD;wBACrD,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,CAAC,CAAC,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBACxC,MAAM,UAAU,GAAG,IAAI,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC;wBACjD,MAAM,OAAO,GAAG,KAAK,CAAC,KAAK,CAAC,YAAY,EAAE,UAAU,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAEjE,kDAAkD;wBAClD,6EAA6E;wBAC7E,2EAA2E;wBAC3E,MAAM,MAAM,GAAG,OAAO,CAAC,gBAAgB,EAAE,IAAI,CAAC,CAAC,KAAK,EAAE,EAAE;4BACtD,MAAM,UAAU,GAAG,KAAK,CAAC,MAAM,CAAC;4BAChC,iEAAiE;4BACjE,IACE,wDAAwD,CAAC,IAAI,CAC3D,UAAU,CACX,EACD,CAAC;gCACD,OAAO,KAAK,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;4BAC7B,CAAC;4BACD,6CAA6C;4BAC7C,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;wBAC1B,CAAC,CAAC,CAAC;wBAEH,IAAI,MAAM;4BAAE,SAAS;wBAErB,iBAAiB;wBACjB,MAAM,OAAO,GAAY;4BACvB,EAAE,EAAE,OAAO,CAAC,EAAE;4BACd,QAAQ,EAAE,OAAO,CAAC,QAAe;4BACjC,QAAQ,EAAE,OAAO,CAAC,QAAQ;4BAC1B,KAAK,EAAE,OAAO,CAAC,IAAI;4BACnB,WAAW,EAAE,GAAG,OAAO,CAAC,WAAW,aAAa,IAAI,CAAC,IAAI,EAAE,EAAE;4BAC7D,IAAI,EAAE,IAAI;4BACV,IAAI,EAAE,UAAU;4BAChB,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,cAAc,EAAE,OAAO,CAAC,cAAc;4BACtC,UAAU,EAAE,MAAM;yBACnB,CAAC;wBAEF,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;oBACzB,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,gCAAgC;YAClC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF,CAAC;AAEF,eAAe,aAAa,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAoRpE,eAAO,MAAM,gBAAgB,EAAE,
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/scanners/hipaa2026/index.ts"],"names":[],"mappings":"AAAA;;;;GAIG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAwB,MAAM,gBAAgB,CAAC;AAoRpE,eAAO,MAAM,gBAAgB,EAAE,OA8H9B,CAAC"}
|