import type { SourceClassification, SinkClassification, SinkSeverity } from './classification'; import type { ExpressionReference } from '../analysis/expressionTracer'; export interface TaintSource { nodeName: string; nodeType: string; trustLevel: 'untrusted' | 'semi-trusted'; taintedFields: string[]; classification: SourceClassification; } export interface DangerousParameter { paramPath: string; value: unknown; hasExpressions: boolean; expressions: ExpressionReference[]; } export interface SecuritySink { nodeName: string; nodeType: string; severity: SinkSeverity; riskType: string; dangerousParams: DangerousParameter[]; classification: SinkClassification; } export interface TaintPath { id: string; source: TaintSource; sink: SecuritySink; path: string[]; taintedField: string; sinkParam: string; severity: SinkSeverity; sanitized: boolean; sanitizerNodes: string[]; confidence: 'high' | 'medium' | 'low'; } export interface TaintAnalysisOptions { maxPathsPerPair: number; maxPathDepth: number; includeSanitized: boolean; } export interface TaintFlowCheckResult { flowsToSink: boolean; taintedField: string; sinkParam: string; traceChain: string[]; } export interface SanitizerCheckResult { hasSanitizer: boolean; sanitizerNodes: string[]; } export interface TraceBackResult { reachesSource: boolean; sourceField: string; chain: string[]; } export interface AnalysisError { code: string; message: string; phase: 'parse' | 'graph' | 'taint' | 'unknown'; } export interface AnalysisResult { success: boolean; workflow: { id: string; name: string; nodeCount: number; connectionCount: number; hasCycles: boolean; } | null; analysis: { sources: TaintSource[]; sinks: SecuritySink[]; vulnerablePaths: TaintPath[]; entryPoints: string[]; exitPoints: string[]; duration: number; } | null; errors: AnalysisError[]; warnings: string[]; } export interface AnalysisOptions { maxPathsPerPair?: number; maxPathDepth?: number; includeSanitized?: boolean; categories?: string[]; minSeverity?: SinkSeverity | 'all'; }