npm - @agentic-qe/v3 - Versions diffs - 3.0.0-alpha.6 → 3.0.0-alpha.7 - Mend

@agentic-qe/v3 3.0.0-alpha.6 → 3.0.0-alpha.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (609) hide show

package/assets/agents/v3/subagents/v3-qe-code-reviewer.md +339 -0
package/assets/agents/v3/subagents/v3-qe-integration-reviewer.md +344 -0
package/assets/agents/v3/subagents/v3-qe-performance-reviewer.md +351 -0
package/assets/agents/v3/subagents/v3-qe-security-reviewer.md +374 -0
package/assets/agents/v3/subagents/v3-qe-tdd-green.md +334 -0
package/assets/agents/v3/subagents/v3-qe-tdd-red.md +329 -0
package/assets/agents/v3/subagents/v3-qe-tdd-refactor.md +361 -0
package/assets/agents/v3/v3-qe-accessibility-auditor.md +266 -0
package/assets/agents/v3/v3-qe-bdd-generator.md +279 -0
package/assets/agents/v3/v3-qe-chaos-engineer.md +265 -0
package/assets/agents/v3/v3-qe-code-complexity.md +298 -0
package/assets/agents/v3/v3-qe-code-intelligence.md +262 -0
package/assets/agents/v3/v3-qe-contract-validator.md +267 -0
package/assets/agents/v3/v3-qe-coverage-specialist.md +227 -0
package/assets/agents/v3/v3-qe-defect-predictor.md +251 -0
package/assets/agents/v3/v3-qe-dependency-mapper.md +277 -0
package/assets/agents/v3/v3-qe-deployment-advisor.md +275 -0
package/assets/agents/v3/v3-qe-flaky-hunter.md +248 -0
package/assets/agents/v3/v3-qe-fleet-commander.md +293 -0
package/assets/agents/v3/v3-qe-gap-detector.md +260 -0
package/assets/agents/v3/v3-qe-graphql-tester.md +308 -0
package/assets/agents/v3/v3-qe-impact-analyzer.md +299 -0
package/assets/agents/v3/v3-qe-integration-tester.md +238 -0
package/assets/agents/v3/v3-qe-kg-builder.md +273 -0
package/assets/agents/v3/v3-qe-learning-coordinator.md +226 -0
package/assets/agents/v3/v3-qe-load-tester.md +280 -0
package/assets/agents/v3/v3-qe-metrics-optimizer.md +300 -0
package/assets/agents/v3/v3-qe-mutation-tester.md +301 -0
package/assets/agents/v3/v3-qe-parallel-executor.md +240 -0
package/assets/agents/v3/v3-qe-pattern-learner.md +271 -0
package/assets/agents/v3/v3-qe-performance-tester.md +262 -0
package/assets/agents/v3/v3-qe-property-tester.md +247 -0
package/assets/agents/v3/v3-qe-quality-gate.md +218 -0
package/assets/agents/v3/v3-qe-queen-coordinator.md +214 -0
package/assets/agents/v3/v3-qe-qx-partner.md +313 -0
package/assets/agents/v3/v3-qe-regression-analyzer.md +322 -0
package/assets/agents/v3/v3-qe-requirements-validator.md +360 -0
package/assets/agents/v3/v3-qe-responsive-tester.md +311 -0
package/assets/agents/v3/v3-qe-retry-handler.md +256 -0
package/assets/agents/v3/v3-qe-risk-assessor.md +273 -0
package/assets/agents/v3/v3-qe-root-cause-analyzer.md +286 -0
package/assets/agents/v3/v3-qe-security-auditor.md +299 -0
package/assets/agents/v3/v3-qe-security-scanner.md +235 -0
package/assets/agents/v3/v3-qe-tdd-specialist.md +239 -0
package/assets/agents/v3/v3-qe-test-architect.md +233 -0
package/assets/agents/v3/v3-qe-transfer-specialist.md +295 -0
package/assets/agents/v3/v3-qe-visual-tester.md +232 -0
package/assets/skills/accessibility-testing/SKILL.md +216 -0
package/assets/skills/agentdb-advanced/SKILL.md +550 -0
package/assets/skills/agentdb-learning/SKILL.md +545 -0
package/assets/skills/agentdb-memory-patterns/SKILL.md +339 -0
package/assets/skills/agentdb-optimization/SKILL.md +509 -0
package/assets/skills/agentdb-vector-search/SKILL.md +339 -0
package/assets/skills/agentic-jujutsu/SKILL.md +645 -0
package/assets/skills/agentic-quality-engineering/SKILL.md +335 -0
package/assets/skills/api-testing-patterns/SKILL.md +294 -0
package/assets/skills/aqe-v2-v3-migration/skill.md +322 -0
package/assets/skills/brutal-honesty-review/README.md +218 -0
package/assets/skills/brutal-honesty-review/SKILL.md +235 -0
package/assets/skills/brutal-honesty-review/resources/assessment-rubrics.md +295 -0
package/assets/skills/brutal-honesty-review/resources/review-template.md +102 -0
package/assets/skills/brutal-honesty-review/scripts/assess-code.sh +179 -0
package/assets/skills/brutal-honesty-review/scripts/assess-tests.sh +223 -0
package/assets/skills/bug-reporting-excellence/SKILL.md +225 -0
package/assets/skills/chaos-engineering-resilience/SKILL.md +158 -0
package/assets/skills/cicd-pipeline-qe-orchestrator/README.md +304 -0
package/assets/skills/cicd-pipeline-qe-orchestrator/SKILL.md +315 -0
package/assets/skills/cicd-pipeline-qe-orchestrator/resources/workflows/microservice-pipeline.md +239 -0
package/assets/skills/cicd-pipeline-qe-orchestrator/resources/workflows/mobile-pipeline.md +375 -0
package/assets/skills/cicd-pipeline-qe-orchestrator/resources/workflows/monolith-pipeline.md +268 -0
package/assets/skills/code-review-quality/SKILL.md +227 -0
package/assets/skills/compatibility-testing/SKILL.md +205 -0
package/assets/skills/compliance-testing/SKILL.md +225 -0
package/assets/skills/consultancy-practices/SKILL.md +202 -0
package/assets/skills/context-driven-testing/SKILL.md +196 -0
package/assets/skills/contract-testing/SKILL.md +222 -0
package/assets/skills/database-testing/SKILL.md +244 -0
package/assets/skills/exploratory-testing-advanced/SKILL.md +201 -0
package/assets/skills/flow-nexus-neural/SKILL.md +738 -0
package/assets/skills/flow-nexus-platform/SKILL.md +1157 -0
package/assets/skills/flow-nexus-swarm/SKILL.md +610 -0
package/assets/skills/github-code-review/SKILL.md +1140 -0
package/assets/skills/github-multi-repo/SKILL.md +874 -0
package/assets/skills/github-project-management/SKILL.md +1277 -0
package/assets/skills/github-release-management/SKILL.md +1081 -0
package/assets/skills/github-workflow-automation/SKILL.md +1065 -0
package/assets/skills/hive-mind-advanced/SKILL.md +712 -0
package/assets/skills/holistic-testing-pact/SKILL.md +171 -0
package/assets/skills/hooks-automation/SKILL.md +1201 -0
package/assets/skills/localization-testing/SKILL.md +221 -0
package/assets/skills/mobile-testing/SKILL.md +219 -0
package/assets/skills/mutation-testing/SKILL.md +229 -0
package/assets/skills/n8n-expression-testing/SKILL.md +434 -0
package/assets/skills/n8n-integration-testing-patterns/SKILL.md +540 -0
package/assets/skills/n8n-security-testing/SKILL.md +599 -0
package/assets/skills/n8n-trigger-testing-strategies/SKILL.md +541 -0
package/assets/skills/n8n-workflow-testing-fundamentals/SKILL.md +447 -0
package/assets/skills/pair-programming/SKILL.md +1202 -0
package/assets/skills/performance-analysis/SKILL.md +563 -0
package/assets/skills/performance-testing/SKILL.md +310 -0
package/assets/skills/quality-metrics/SKILL.md +225 -0
package/assets/skills/reasoningbank-agentdb/SKILL.md +446 -0
package/assets/skills/reasoningbank-intelligence/SKILL.md +201 -0
package/assets/skills/refactoring-patterns/SKILL.md +205 -0
package/assets/skills/regression-testing/SKILL.md +227 -0
package/assets/skills/risk-based-testing/SKILL.md +206 -0
package/assets/skills/security-testing/SKILL.md +306 -0
package/assets/skills/sherlock-review/SKILL.md +250 -0
package/assets/skills/shift-left-testing/SKILL.md +225 -0
package/assets/skills/shift-right-testing/SKILL.md +227 -0
package/assets/skills/six-thinking-hats/README.md +190 -0
package/assets/skills/six-thinking-hats/SKILL.md +280 -0
package/assets/skills/six-thinking-hats/resources/examples/api-testing-example.md +345 -0
package/assets/skills/six-thinking-hats/resources/templates/solo-session-template.md +167 -0
package/assets/skills/six-thinking-hats/resources/templates/team-session-template.md +336 -0
package/assets/skills/skill-builder/SKILL.md +910 -0
package/assets/skills/sparc-methodology/SKILL.md +1115 -0
package/assets/skills/stream-chain/SKILL.md +563 -0
package/assets/skills/swarm-advanced/SKILL.md +973 -0
package/assets/skills/swarm-orchestration/SKILL.md +179 -0
package/assets/skills/tdd-london-chicago/SKILL.md +244 -0
package/assets/skills/technical-writing/SKILL.md +178 -0
package/assets/skills/test-automation-strategy/SKILL.md +230 -0
package/assets/skills/test-data-management/SKILL.md +270 -0
package/assets/skills/test-design-techniques/SKILL.md +244 -0
package/assets/skills/test-environment-management/SKILL.md +243 -0
package/assets/skills/test-reporting-analytics/SKILL.md +214 -0
package/assets/skills/testability-scoring/README.md +71 -0
package/assets/skills/testability-scoring/SKILL.md +346 -0
package/assets/skills/testability-scoring/resources/templates/config.template.js +84 -0
package/assets/skills/testability-scoring/resources/templates/testability-scoring.spec.template.js +532 -0
package/assets/skills/testability-scoring/scripts/generate-html-report.js +1007 -0
package/assets/skills/testability-scoring/scripts/run-assessment.sh +70 -0
package/assets/skills/v3-qe-chaos-resilience/SKILL.md +238 -0
package/assets/skills/v3-qe-code-intelligence/SKILL.md +209 -0
package/assets/skills/v3-qe-contract-testing/SKILL.md +218 -0
package/assets/skills/v3-qe-coverage-analysis/SKILL.md +187 -0
package/assets/skills/v3-qe-defect-intelligence/SKILL.md +205 -0
package/assets/skills/v3-qe-learning-optimization/SKILL.md +238 -0
package/assets/skills/v3-qe-quality-assessment/SKILL.md +213 -0
package/assets/skills/v3-qe-requirements-validation/SKILL.md +248 -0
package/assets/skills/v3-qe-test-execution/SKILL.md +182 -0
package/assets/skills/v3-qe-test-generation/SKILL.md +141 -0
package/assets/skills/v3-qe-visual-accessibility/SKILL.md +242 -0
package/assets/skills/verification-quality/SKILL.md +649 -0
package/assets/skills/visual-testing-advanced/SKILL.md +219 -0
package/assets/skills/xp-practices/SKILL.md +229 -0
package/dist/cli/bundle.js +8 -8
package/dist/init/agents-installer.js +4 -4
package/dist/init/agents-installer.js.map +1 -1
package/dist/init/skills-installer.js +4 -4
package/dist/init/skills-installer.js.map +1 -1
package/package.json +7 -1
package/docs/analysis/V3-INIT-REQUIREMENTS-ANALYSIS.md +0 -352
package/implementation/README.md +0 -90
package/implementation/adrs/ADR-030-coherence-gated-quality-gates.md +0 -312
package/implementation/adrs/ADR-031-strange-loop-self-awareness.md +0 -484
package/implementation/adrs/ADR-032-time-crystal-scheduling.md +0 -530
package/implementation/adrs/ADR-033-early-exit-testing.md +0 -634
package/implementation/adrs/ADR-034-neural-topology-optimizer.md +0 -589
package/implementation/adrs/ADR-035-causal-discovery.md +0 -610
package/implementation/adrs/ADR-036-result-persistence.md +0 -326
package/implementation/adrs/ADR-037-v3-qe-agent-naming.md +0 -105
package/implementation/adrs/ADR-038-v3-qe-memory-unification.md +0 -154
package/implementation/adrs/ADR-039-v3-qe-mcp-optimization.md +0 -179
package/implementation/adrs/ADR-040-v3-qe-agentic-flow-integration.md +0 -240
package/implementation/adrs/ADR-041-v3-qe-cli-enhancement.md +0 -296
package/implementation/adrs/ADR-042-v3-qe-token-tracking-integration.md +0 -517
package/implementation/adrs/v3-adrs.md +0 -2783
package/implementation/planning/AQE-V3-MASTER-PLAN.md +0 -815
package/security-scan-report-2026-01-11.md +0 -410
package/security-verification-report-2026-01-11.md +0 -278
package/src/benchmarks/performance-benchmarks.ts +0 -646
package/src/benchmarks/run-benchmarks.ts +0 -324
package/src/causal-discovery/causal-graph.ts +0 -450
package/src/causal-discovery/discovery-engine.ts +0 -438
package/src/causal-discovery/index.ts +0 -117
package/src/causal-discovery/types.ts +0 -456
package/src/causal-discovery/weight-matrix.ts +0 -453
package/src/cli/commands/qe-tools.ts +0 -634
package/src/cli/index.ts +0 -1976
package/src/compatibility/agent-mapper.ts +0 -291
package/src/compatibility/cli-adapter.ts +0 -277
package/src/compatibility/config-migrator.ts +0 -334
package/src/compatibility/index.ts +0 -112
package/src/compatibility/mcp-adapter.ts +0 -248
package/src/compatibility/types.ts +0 -156
package/src/coordination/claims/claim-repository.ts +0 -636
package/src/coordination/claims/claim-service.ts +0 -675
package/src/coordination/claims/handoff-manager.ts +0 -535
package/src/coordination/claims/index.ts +0 -276
package/src/coordination/claims/interfaces.ts +0 -687
package/src/coordination/claims/work-stealing.ts +0 -436
package/src/coordination/cross-domain-router.ts +0 -492
package/src/coordination/index.ts +0 -127
package/src/coordination/interfaces.ts +0 -691
package/src/coordination/protocol-executor.ts +0 -760
package/src/coordination/protocols/code-intelligence-index.ts +0 -855
package/src/coordination/protocols/defect-investigation.ts +0 -1184
package/src/coordination/protocols/index.ts +0 -11
package/src/coordination/protocols/learning-consolidation.ts +0 -1181
package/src/coordination/protocols/morning-sync.ts +0 -1055
package/src/coordination/protocols/quality-gate.ts +0 -1566
package/src/coordination/protocols/security-audit.ts +0 -1587
package/src/coordination/queen-coordinator.ts +0 -1176
package/src/coordination/result-saver.ts +0 -780
package/src/coordination/task-executor.ts +0 -1146
package/src/coordination/workflow-orchestrator.ts +0 -1917
package/src/domains/chaos-resilience/coordinator.ts +0 -1032
package/src/domains/chaos-resilience/index.ts +0 -143
package/src/domains/chaos-resilience/interfaces.ts +0 -659
package/src/domains/chaos-resilience/plugin.ts +0 -691
package/src/domains/chaos-resilience/services/chaos-engineer.ts +0 -1097
package/src/domains/chaos-resilience/services/index.ts +0 -19
package/src/domains/chaos-resilience/services/load-tester.ts +0 -799
package/src/domains/chaos-resilience/services/performance-profiler.ts +0 -792
package/src/domains/code-intelligence/coordinator.ts +0 -631
package/src/domains/code-intelligence/index.ts +0 -86
package/src/domains/code-intelligence/interfaces.ts +0 -162
package/src/domains/code-intelligence/plugin.ts +0 -451
package/src/domains/code-intelligence/services/impact-analyzer.ts +0 -567
package/src/domains/code-intelligence/services/index.ts +0 -26
package/src/domains/code-intelligence/services/knowledge-graph.ts +0 -1067
package/src/domains/code-intelligence/services/semantic-analyzer.ts +0 -901
package/src/domains/contract-testing/coordinator.ts +0 -1038
package/src/domains/contract-testing/index.ts +0 -122
package/src/domains/contract-testing/interfaces.ts +0 -458
package/src/domains/contract-testing/plugin.ts +0 -746
package/src/domains/contract-testing/services/api-compatibility.ts +0 -748
package/src/domains/contract-testing/services/contract-validator.ts +0 -1700
package/src/domains/contract-testing/services/index.ts +0 -19
package/src/domains/contract-testing/services/schema-validator.ts +0 -1102
package/src/domains/coverage-analysis/coordinator.ts +0 -485
package/src/domains/coverage-analysis/index.ts +0 -114
package/src/domains/coverage-analysis/interfaces.ts +0 -142
package/src/domains/coverage-analysis/plugin.ts +0 -172
package/src/domains/coverage-analysis/services/coverage-analyzer.ts +0 -449
package/src/domains/coverage-analysis/services/coverage-embedder.ts +0 -733
package/src/domains/coverage-analysis/services/coverage-parser.ts +0 -753
package/src/domains/coverage-analysis/services/gap-detector.ts +0 -592
package/src/domains/coverage-analysis/services/hnsw-index.ts +0 -728
package/src/domains/coverage-analysis/services/index.ts +0 -61
package/src/domains/coverage-analysis/services/risk-scorer.ts +0 -540
package/src/domains/coverage-analysis/services/sublinear-analyzer.ts +0 -747
package/src/domains/defect-intelligence/coordinator.ts +0 -635
package/src/domains/defect-intelligence/index.ts +0 -83
package/src/domains/defect-intelligence/interfaces.ts +0 -152
package/src/domains/defect-intelligence/plugin.ts +0 -483
package/src/domains/defect-intelligence/services/causal-root-cause-analyzer.ts +0 -494
package/src/domains/defect-intelligence/services/defect-predictor.ts +0 -852
package/src/domains/defect-intelligence/services/index.ts +0 -37
package/src/domains/defect-intelligence/services/pattern-learner.ts +0 -738
package/src/domains/defect-intelligence/services/root-cause-analyzer.ts +0 -637
package/src/domains/domain-interface.ts +0 -77
package/src/domains/index.ts +0 -23
package/src/domains/learning-optimization/coordinator.ts +0 -1215
package/src/domains/learning-optimization/index.ts +0 -127
package/src/domains/learning-optimization/interfaces.ts +0 -570
package/src/domains/learning-optimization/plugin.ts +0 -851
package/src/domains/learning-optimization/services/index.ts +0 -29
package/src/domains/learning-optimization/services/learning-coordinator.ts +0 -972
package/src/domains/learning-optimization/services/metrics-optimizer.ts +0 -915
package/src/domains/learning-optimization/services/production-intel.ts +0 -971
package/src/domains/learning-optimization/services/transfer-specialist.ts +0 -723
package/src/domains/quality-assessment/coherence/gate-controller.ts +0 -549
package/src/domains/quality-assessment/coherence/index.ts +0 -211
package/src/domains/quality-assessment/coherence/lambda-calculator.ts +0 -384
package/src/domains/quality-assessment/coherence/partition-detector.ts +0 -469
package/src/domains/quality-assessment/coherence/types.ts +0 -384
package/src/domains/quality-assessment/coordinator.ts +0 -605
package/src/domains/quality-assessment/index.ts +0 -97
package/src/domains/quality-assessment/interfaces.ts +0 -152
package/src/domains/quality-assessment/plugin.ts +0 -496
package/src/domains/quality-assessment/services/coherence-gate.ts +0 -358
package/src/domains/quality-assessment/services/deployment-advisor.ts +0 -571
package/src/domains/quality-assessment/services/index.ts +0 -34
package/src/domains/quality-assessment/services/quality-analyzer.ts +0 -670
package/src/domains/quality-assessment/services/quality-gate.ts +0 -384
package/src/domains/requirements-validation/coordinator.ts +0 -812
package/src/domains/requirements-validation/index.ts +0 -92
package/src/domains/requirements-validation/interfaces.ts +0 -303
package/src/domains/requirements-validation/plugin.ts +0 -576
package/src/domains/requirements-validation/services/bdd-scenario-writer.ts +0 -676
package/src/domains/requirements-validation/services/index.ts +0 -20
package/src/domains/requirements-validation/services/requirements-validator.ts +0 -559
package/src/domains/requirements-validation/services/testability-scorer.ts +0 -639
package/src/domains/security-compliance/coordinator.ts +0 -757
package/src/domains/security-compliance/index.ts +0 -120
package/src/domains/security-compliance/interfaces.ts +0 -434
package/src/domains/security-compliance/plugin.ts +0 -509
package/src/domains/security-compliance/services/compliance-validator.ts +0 -1226
package/src/domains/security-compliance/services/index.ts +0 -31
package/src/domains/security-compliance/services/security-auditor.ts +0 -2227
package/src/domains/security-compliance/services/security-scanner.ts +0 -2354
package/src/domains/security-compliance/services/semgrep-integration.ts +0 -289
package/src/domains/test-execution/coordinator.ts +0 -426
package/src/domains/test-execution/index.ts +0 -76
package/src/domains/test-execution/interfaces.ts +0 -119
package/src/domains/test-execution/plugin.ts +0 -208
package/src/domains/test-execution/services/flaky-detector.ts +0 -1240
package/src/domains/test-execution/services/index.ts +0 -8
package/src/domains/test-execution/services/retry-handler.ts +0 -820
package/src/domains/test-execution/services/test-executor.ts +0 -885
package/src/domains/test-generation/coordinator.ts +0 -656
package/src/domains/test-generation/index.ts +0 -77
package/src/domains/test-generation/interfaces.ts +0 -118
package/src/domains/test-generation/plugin.ts +0 -397
package/src/domains/test-generation/services/index.ts +0 -23
package/src/domains/test-generation/services/pattern-matcher.ts +0 -1725
package/src/domains/test-generation/services/test-generator.ts +0 -2750
package/src/domains/visual-accessibility/coordinator.ts +0 -860
package/src/domains/visual-accessibility/index.ts +0 -116
package/src/domains/visual-accessibility/interfaces.ts +0 -435
package/src/domains/visual-accessibility/plugin.ts +0 -568
package/src/domains/visual-accessibility/services/accessibility-tester.ts +0 -982
package/src/domains/visual-accessibility/services/axe-core-audit.ts +0 -630
package/src/domains/visual-accessibility/services/index.ts +0 -28
package/src/domains/visual-accessibility/services/responsive-tester.ts +0 -934
package/src/domains/visual-accessibility/services/visual-tester.ts +0 -458
package/src/early-exit/early-exit-controller.ts +0 -490
package/src/early-exit/early-exit-decision.ts +0 -391
package/src/early-exit/index.ts +0 -115
package/src/early-exit/quality-signal.ts +0 -389
package/src/early-exit/speculative-executor.ts +0 -505
package/src/early-exit/types.ts +0 -407
package/src/feedback/coverage-learner.ts +0 -456
package/src/feedback/feedback-loop.ts +0 -426
package/src/feedback/index.ts +0 -72
package/src/feedback/pattern-promotion.ts +0 -373
package/src/feedback/quality-score-calculator.ts +0 -334
package/src/feedback/test-outcome-tracker.ts +0 -450
package/src/feedback/types.ts +0 -497
package/src/index.ts +0 -224
package/src/init/agents-installer.ts +0 -536
package/src/init/index.ts +0 -80
package/src/init/init-wizard.ts +0 -1061
package/src/init/project-analyzer.ts +0 -696
package/src/init/self-configurator.ts +0 -488
package/src/init/skills-installer.ts +0 -467
package/src/init/types.ts +0 -432
package/src/integrations/ruvector/ast-complexity.ts +0 -470
package/src/integrations/ruvector/coverage-router.ts +0 -594
package/src/integrations/ruvector/diff-risk-classifier.ts +0 -759
package/src/integrations/ruvector/fallback.ts +0 -942
package/src/integrations/ruvector/graph-boundaries.ts +0 -809
package/src/integrations/ruvector/index.ts +0 -363
package/src/integrations/ruvector/interfaces.ts +0 -609
package/src/integrations/ruvector/q-learning-router.ts +0 -550
package/src/kernel/agent-coordinator.ts +0 -165
package/src/kernel/agentdb-backend.ts +0 -504
package/src/kernel/event-bus.ts +0 -129
package/src/kernel/hybrid-backend.ts +0 -538
package/src/kernel/index.ts +0 -28
package/src/kernel/interfaces.ts +0 -257
package/src/kernel/kernel.ts +0 -285
package/src/kernel/memory-backend.ts +0 -169
package/src/kernel/memory-factory.ts +0 -293
package/src/kernel/plugin-loader.ts +0 -179
package/src/learning/index.ts +0 -219
package/src/learning/pattern-store.ts +0 -990
package/src/learning/qe-guidance.ts +0 -832
package/src/learning/qe-hooks.ts +0 -644
package/src/learning/qe-patterns.ts +0 -449
package/src/learning/qe-reasoning-bank.ts +0 -951
package/src/learning/real-embeddings.ts +0 -277
package/src/learning/real-qe-reasoning-bank.ts +0 -833
package/src/learning/sqlite-persistence.ts +0 -554
package/src/mcp/entry.ts +0 -59
package/src/mcp/handlers/agent-handlers.ts +0 -285
package/src/mcp/handlers/core-handlers.ts +0 -317
package/src/mcp/handlers/domain-handlers.ts +0 -1444
package/src/mcp/handlers/index.ts +0 -57
package/src/mcp/handlers/memory-handlers.ts +0 -338
package/src/mcp/handlers/task-handlers.ts +0 -363
package/src/mcp/index.ts +0 -30
package/src/mcp/metrics/index.ts +0 -14
package/src/mcp/metrics/metrics-collector.ts +0 -503
package/src/mcp/protocol-server.ts +0 -752
package/src/mcp/security/cve-prevention.ts +0 -742
package/src/mcp/security/index.ts +0 -356
package/src/mcp/security/oauth21-provider.ts +0 -821
package/src/mcp/security/rate-limiter.ts +0 -615
package/src/mcp/security/sampling-server.ts +0 -662
package/src/mcp/security/schema-validator.ts +0 -855
package/src/mcp/server.ts +0 -657
package/src/mcp/tool-registry.ts +0 -391
package/src/mcp/tools/base.ts +0 -399
package/src/mcp/tools/chaos-resilience/inject.ts +0 -699
package/src/mcp/tools/code-intelligence/analyze.ts +0 -745
package/src/mcp/tools/contract-testing/validate.ts +0 -708
package/src/mcp/tools/coverage-analysis/index.ts +0 -770
package/src/mcp/tools/defect-intelligence/predict.ts +0 -466
package/src/mcp/tools/index.ts +0 -214
package/src/mcp/tools/learning-optimization/optimize.ts +0 -772
package/src/mcp/tools/quality-assessment/evaluate.ts +0 -385
package/src/mcp/tools/registry.ts +0 -248
package/src/mcp/tools/requirements-validation/validate.ts +0 -394
package/src/mcp/tools/security-compliance/scan.ts +0 -365
package/src/mcp/tools/test-execution/execute.ts +0 -291
package/src/mcp/tools/test-generation/generate.ts +0 -544
package/src/mcp/tools/visual-accessibility/index.ts +0 -791
package/src/mcp/transport/index.ts +0 -31
package/src/mcp/transport/stdio.ts +0 -318
package/src/mcp/types.ts +0 -543
package/src/neural-optimizer/index.ts +0 -111
package/src/neural-optimizer/replay-buffer.ts +0 -455
package/src/neural-optimizer/swarm-topology.ts +0 -508
package/src/neural-optimizer/topology-optimizer.ts +0 -828
package/src/neural-optimizer/types.ts +0 -481
package/src/neural-optimizer/value-network.ts +0 -351
package/src/optimization/auto-tuner.ts +0 -817
package/src/optimization/index.ts +0 -77
package/src/optimization/metric-collectors.ts +0 -474
package/src/optimization/qe-workers.ts +0 -704
package/src/optimization/tuning-algorithm.ts +0 -401
package/src/optimization/types.ts +0 -314
package/src/routing/index.ts +0 -51
package/src/routing/qe-agent-registry.ts +0 -963
package/src/routing/qe-task-router.ts +0 -564
package/src/routing/routing-feedback.ts +0 -365
package/src/routing/types.ts +0 -406
package/src/shared/embeddings/embedding-cache.ts +0 -157
package/src/shared/embeddings/index.ts +0 -50
package/src/shared/embeddings/nomic-embedder.ts +0 -404
package/src/shared/embeddings/ollama-client.ts +0 -195
package/src/shared/embeddings/types.ts +0 -147
package/src/shared/entities/agent.ts +0 -141
package/src/shared/entities/base-entity.ts +0 -79
package/src/shared/entities/index.ts +0 -6
package/src/shared/events/domain-events.ts +0 -259
package/src/shared/events/index.ts +0 -5
package/src/shared/git/git-analyzer.ts +0 -656
package/src/shared/git/index.ts +0 -11
package/src/shared/http/http-client.ts +0 -420
package/src/shared/http/index.ts +0 -13
package/src/shared/index.ts +0 -41
package/src/shared/io/file-reader.ts +0 -525
package/src/shared/io/index.ts +0 -25
package/src/shared/llm/cache.ts +0 -473
package/src/shared/llm/circuit-breaker.ts +0 -369
package/src/shared/llm/cost-tracker.ts +0 -460
package/src/shared/llm/index.ts +0 -140
package/src/shared/llm/interfaces.ts +0 -629
package/src/shared/llm/provider-manager.ts +0 -685
package/src/shared/llm/providers/claude.ts +0 -524
package/src/shared/llm/providers/index.ts +0 -8
package/src/shared/llm/providers/ollama.ts +0 -575
package/src/shared/llm/providers/openai.ts +0 -609
package/src/shared/metrics/code-metrics.ts +0 -520
package/src/shared/metrics/index.ts +0 -23
package/src/shared/metrics/system-metrics.ts +0 -353
package/src/shared/parsers/index.ts +0 -6
package/src/shared/parsers/typescript-parser.ts +0 -841
package/src/shared/security/compliance-patterns.ts +0 -666
package/src/shared/security/index.ts +0 -30
package/src/shared/security/osv-client.ts +0 -468
package/src/shared/types/index.ts +0 -150
package/src/shared/value-objects/index.ts +0 -273
package/src/strange-loop/healing-controller.ts +0 -833
package/src/strange-loop/index.ts +0 -104
package/src/strange-loop/self-model.ts +0 -494
package/src/strange-loop/strange-loop.ts +0 -446
package/src/strange-loop/swarm-observer.ts +0 -448
package/src/strange-loop/topology-analyzer.ts +0 -565
package/src/strange-loop/types.ts +0 -640
package/src/time-crystal/default-phases.ts +0 -520
package/src/time-crystal/index.ts +0 -164
package/src/time-crystal/oscillator.ts +0 -425
package/src/time-crystal/phase-executor.ts +0 -521
package/src/time-crystal/scheduler.ts +0 -1025
package/src/time-crystal/test-runner.ts +0 -787
package/src/time-crystal/types.ts +0 -421
package/src/workers/base-worker.ts +0 -304
package/src/workers/daemon.ts +0 -264
package/src/workers/index.ts +0 -119
package/src/workers/interfaces.ts +0 -393
package/src/workers/worker-manager.ts +0 -424
package/src/workers/workers/compliance-checker.ts +0 -445
package/src/workers/workers/coverage-tracker.ts +0 -344
package/src/workers/workers/defect-predictor.ts +0 -375
package/src/workers/workers/flaky-detector.ts +0 -390
package/src/workers/workers/index.ts +0 -17
package/src/workers/workers/learning-consolidation.ts +0 -442
package/src/workers/workers/performance-baseline.ts +0 -434
package/src/workers/workers/quality-gate.ts +0 -419
package/src/workers/workers/regression-monitor.ts +0 -357
package/src/workers/workers/security-scan.ts +0 -349
package/src/workers/workers/test-health.ts +0 -359
package/tests/integration/code-intelligence/knowledge-graph-real.test.ts +0 -540
package/tests/integration/coordination/cross-domain-router.test.ts +0 -403
package/tests/integration/coordination/protocol-executor.test.ts +0 -454
package/tests/integration/coordination/workflow-orchestrator.test.ts +0 -418
package/tests/integration/feedback/feedback-loop-integration.test.ts +0 -560
package/tests/integration/migration/v2-to-v3-migration.test.ts +0 -471
package/tests/integration/parsers/typescript-parser.test.ts +0 -463
package/tests/integration/security/vulnerability-detection.test.ts +0 -628
package/tests/integration/test-execution/coordinator.test.ts +0 -410
package/tests/integration/test-generation/coordinator.test.ts +0 -361
package/tests/mocks/index.ts +0 -228
package/tests/time-crystal/default-phases.test.ts +0 -476
package/tests/time-crystal/oscillator.test.ts +0 -541
package/tests/time-crystal/phase-executor.test.ts +0 -653
package/tests/time-crystal/scheduler.test.ts +0 -626
package/tests/time-crystal/test-runner.test.ts +0 -594
package/tests/unit/causal-discovery/causal-graph.test.ts +0 -504
package/tests/unit/causal-discovery/causal-root-cause-analyzer.test.ts +0 -347
package/tests/unit/causal-discovery/discovery-engine.test.ts +0 -435
package/tests/unit/causal-discovery/weight-matrix.test.ts +0 -328
package/tests/unit/cli/cli.test.ts +0 -341
package/tests/unit/cli/commands.test.ts +0 -414
package/tests/unit/cli/init-command.test.ts +0 -274
package/tests/unit/cli/migrate-command.test.ts +0 -396
package/tests/unit/coordination/claims/claim-service.test.ts +0 -949
package/tests/unit/coordination/claims/handoff-manager.test.ts +0 -773
package/tests/unit/coordination/claims/work-stealing.test.ts +0 -492
package/tests/unit/coordination/queen-coordinator.test.ts +0 -966
package/tests/unit/coordination/result-saver.test.ts +0 -653
package/tests/unit/coordination/task-executor.test.ts +0 -810
package/tests/unit/domains/chaos-resilience/chaos-engineer.test.ts +0 -484
package/tests/unit/domains/chaos-resilience/load-tester.test.ts +0 -559
package/tests/unit/domains/chaos-resilience/performance-profiler.test.ts +0 -490
package/tests/unit/domains/code-intelligence/impact-analyzer.test.ts +0 -560
package/tests/unit/domains/code-intelligence/knowledge-graph.test.ts +0 -460
package/tests/unit/domains/code-intelligence/semantic-analyzer.test.ts +0 -584
package/tests/unit/domains/contract-testing/api-compatibility.test.ts +0 -483
package/tests/unit/domains/contract-testing/contract-validator.test.ts +0 -370
package/tests/unit/domains/contract-testing/schema-validator.test.ts +0 -610
package/tests/unit/domains/coverage-analysis/coverage-embedder.test.ts +0 -298
package/tests/unit/domains/coverage-analysis/hnsw-index.test.ts +0 -292
package/tests/unit/domains/coverage-analysis/sublinear-analyzer.test.ts +0 -506
package/tests/unit/domains/defect-intelligence/defect-predictor.test.ts +0 -370
package/tests/unit/domains/defect-intelligence/pattern-learner.test.ts +0 -546
package/tests/unit/domains/defect-intelligence/root-cause-analyzer.test.ts +0 -534
package/tests/unit/domains/learning-optimization/learning-coordinator.test.ts +0 -541
package/tests/unit/domains/learning-optimization/metrics-optimizer.test.ts +0 -552
package/tests/unit/domains/learning-optimization/production-intel.test.ts +0 -589
package/tests/unit/domains/learning-optimization/transfer-specialist.test.ts +0 -453
package/tests/unit/domains/quality-assessment/coherence-gate.test.ts +0 -1006
package/tests/unit/domains/quality-assessment/deployment-advisor.test.ts +0 -515
package/tests/unit/domains/quality-assessment/quality-analyzer.test.ts +0 -401
package/tests/unit/domains/quality-assessment/quality-gate.test.ts +0 -324
package/tests/unit/domains/requirements-validation/bdd-scenario-writer.test.ts +0 -479
package/tests/unit/domains/requirements-validation/requirements-validator.test.ts +0 -452
package/tests/unit/domains/requirements-validation/testability-scorer.test.ts +0 -505
package/tests/unit/domains/security-compliance/compliance-validator.test.ts +0 -500
package/tests/unit/domains/security-compliance/security-auditor.test.ts +0 -498
package/tests/unit/domains/security-compliance/security-scanner.test.ts +0 -412
package/tests/unit/domains/visual-accessibility/accessibility-tester.test.ts +0 -432
package/tests/unit/domains/visual-accessibility/responsive-tester.test.ts +0 -506
package/tests/unit/domains/visual-accessibility/visual-tester.test.ts +0 -412
package/tests/unit/early-exit/early-exit-controller.test.ts +0 -548
package/tests/unit/early-exit/early-exit-decision.test.ts +0 -617
package/tests/unit/early-exit/index.test.ts +0 -254
package/tests/unit/early-exit/quality-signal.test.ts +0 -589
package/tests/unit/early-exit/speculative-executor.test.ts +0 -453
package/tests/unit/feedback/coverage-learner.test.ts +0 -288
package/tests/unit/feedback/feedback-loop.test.ts +0 -458
package/tests/unit/feedback/pattern-promotion.test.ts +0 -390
package/tests/unit/feedback/quality-score-calculator.test.ts +0 -364
package/tests/unit/feedback/test-outcome-tracker.test.ts +0 -243
package/tests/unit/init/init-wizard.test.ts +0 -881
package/tests/unit/init/project-analyzer.test.ts +0 -807
package/tests/unit/init/self-configurator.test.ts +0 -493
package/tests/unit/integrations/ruvector/ast-complexity.test.ts +0 -240
package/tests/unit/integrations/ruvector/coverage-router.test.ts +0 -366
package/tests/unit/integrations/ruvector/diff-risk-classifier.test.ts +0 -340
package/tests/unit/integrations/ruvector/graph-boundaries.test.ts +0 -355
package/tests/unit/integrations/ruvector/q-learning-router.test.ts +0 -314
package/tests/unit/kernel/agent-coordinator.test.ts +0 -220
package/tests/unit/kernel/event-bus.test.ts +0 -197
package/tests/unit/learning/qe-reasoning-bank.test.ts +0 -666
package/tests/unit/learning/real-qe-reasoning-bank.benchmark.test.ts +0 -415
package/tests/unit/mcp/mcp-server.test.ts +0 -544
package/tests/unit/mcp/metrics/metrics-collector.test.ts +0 -340
package/tests/unit/mcp/security/cve-prevention.test.ts +0 -512
package/tests/unit/mcp/security/oauth21-provider.test.ts +0 -624
package/tests/unit/mcp/security/rate-limiter.test.ts +0 -410
package/tests/unit/mcp/security/sampling-server.test.ts +0 -420
package/tests/unit/mcp/security/schema-validator.test.ts +0 -494
package/tests/unit/mcp/tools/base.test.ts +0 -336
package/tests/unit/mcp/tools/domain-tools.test.ts +0 -759
package/tests/unit/mcp/tools/registry.test.ts +0 -240
package/tests/unit/neural-optimizer/replay-buffer.test.ts +0 -403
package/tests/unit/neural-optimizer/swarm-topology.test.ts +0 -473
package/tests/unit/neural-optimizer/topology-optimizer.test.ts +0 -595
package/tests/unit/neural-optimizer/value-network.test.ts +0 -343
package/tests/unit/optimization/auto-tuner.test.ts +0 -506
package/tests/unit/optimization/metric-collectors.test.ts +0 -352
package/tests/unit/optimization/qe-workers.test.ts +0 -407
package/tests/unit/optimization/tuning-algorithm.test.ts +0 -467
package/tests/unit/routing/qe-agent-registry.test.ts +0 -229
package/tests/unit/routing/qe-task-router.test.ts +0 -390
package/tests/unit/routing/routing-feedback.test.ts +0 -339
package/tests/unit/shared/embeddings/nomic-embedder.test.ts +0 -419
package/tests/unit/shared/http/http-client.test.ts +0 -719
package/tests/unit/shared/io/file-reader.test.ts +0 -511
package/tests/unit/shared/llm/cache.test.ts +0 -391
package/tests/unit/shared/llm/circuit-breaker.test.ts +0 -293
package/tests/unit/shared/llm/cost-tracker.test.ts +0 -431
package/tests/unit/shared/llm/provider-manager.test.ts +0 -550
package/tests/unit/shared/llm/providers.test.ts +0 -532
package/tests/unit/shared/parsers/typescript-parser.test.ts +0 -693
package/tests/unit/shared/value-objects.test.ts +0 -184
package/tests/unit/strange-loop/strange-loop.test.ts +0 -1170
package/tests/unit/workers/base-worker.test.ts +0 -341
package/tests/unit/workers/daemon.test.ts +0 -291
package/tests/unit/workers/worker-manager.test.ts +0 -284
package/tsconfig.json +0 -32
package/vitest.config.ts +0 -27

package/src/mcp/security/cve-prevention.ts DELETED Viewed

@@ -1,742 +0,0 @@
-/**
- * Agentic QE v3 - MCP Security: CVE Prevention Utilities
- * Security utilities for preventing common vulnerabilities (ADR-012)
- *
- * Features:
- * - Path traversal protection (no ../ in paths)
- * - ReDoS prevention with regex escaping
- * - Timing-safe authentication comparison
- * - Input sanitization utilities
- * - Command injection prevention
- */
-import { createHash, timingSafeEqual, randomBytes } from 'crypto';
-// ============================================================================
-// Types and Interfaces
-// ============================================================================
-/**
- * Path validation result
- */
-export interface PathValidationResult {
-  valid: boolean;
-  normalizedPath?: string;
-  error?: string;
-  riskLevel: 'none' | 'low' | 'medium' | 'high' | 'critical';
-}
-/**
- * Regex safety result
- */
-export interface RegexSafetyResult {
-  safe: boolean;
-  pattern?: string;
-  escapedPattern?: string;
-  error?: string;
-  riskyPatterns: string[];
-}
-/**
- * Command validation result
- */
-export interface CommandValidationResult {
-  valid: boolean;
-  sanitizedCommand?: string;
-  error?: string;
-  blockedPatterns: string[];
-}
-/**
- * Input sanitization options
- */
-export interface SanitizationOptions {
-  maxLength?: number;
-  allowedChars?: RegExp;
-  stripHtml?: boolean;
-  stripSql?: boolean;
-  escapeShell?: boolean;
-  trim?: boolean;
-}
-/**
- * Path validation options
- */
-export interface PathValidationOptions {
-  basePath?: string;
-  allowAbsolute?: boolean;
-  allowedExtensions?: string[];
-  deniedExtensions?: string[];
-  maxDepth?: number;
-  maxLength?: number;
-}
-// ============================================================================
-// Path Traversal Protection
-// ============================================================================
-/**
- * Path traversal patterns to detect
- */
-const PATH_TRAVERSAL_PATTERNS = [
-  /\.\./,                    // Basic traversal
-  /%2e%2e/i,                 // URL encoded ..
-  /%252e%252e/i,             // Double URL encoded
-  /\.\.%2f/i,                // Mixed encoding
-  /%2f\.\./i,                // Forward slash + ..
-  /\.\.%5c/i,                // Backslash + ..
-  /\.\.\\/,                  // Windows backslash traversal
-  /%c0%ae/i,                 // UTF-8 overlong encoding
-  /%c0%2f/i,                 // UTF-8 overlong /
-  /%c1%9c/i,                 // UTF-8 overlong \
-  /\0/,                      // Null byte injection
-  /%00/i,                    // URL encoded null
-];
-/**
- * Dangerous path components
- */
-const DANGEROUS_PATH_COMPONENTS = [
-  /^\/etc\//i,
-  /^\/proc\//i,
-  /^\/sys\//i,
-  /^\/dev\//i,
-  /^\/root\//i,
-  /^\/home\/.+\/\./i,
-  /^[A-Z]:\\Windows/i,
-  /^[A-Z]:\\System/i,
-  /^[A-Z]:\\Users\\.+\\AppData/i,
-];
-/**
- * Validate and sanitize a file path to prevent traversal attacks
- */
-export function validatePath(
-  path: string,
-  options: PathValidationOptions = {}
-): PathValidationResult {
-  const {
-    basePath = '',
-    allowAbsolute = false,
-    allowedExtensions = [],
-    deniedExtensions = ['.exe', '.bat', '.cmd', '.sh', '.ps1', '.dll', '.so'],
-    maxDepth = 10,
-    maxLength = 4096,
-  } = options;
-  // Check length
-  if (path.length > maxLength) {
-    return {
-      valid: false,
-      error: `Path exceeds maximum length of ${maxLength}`,
-      riskLevel: 'medium',
-    };
-  }
-  // Check for traversal patterns
-  for (const pattern of PATH_TRAVERSAL_PATTERNS) {
-    if (pattern.test(path)) {
-      return {
-        valid: false,
-        error: 'Path traversal attempt detected',
-        riskLevel: 'critical',
-      };
-    }
-  }
-  // Check for absolute paths
-  if (!allowAbsolute && (path.startsWith('/') || /^[A-Z]:/i.test(path))) {
-    return {
-      valid: false,
-      error: 'Absolute paths are not allowed',
-      riskLevel: 'high',
-    };
-  }
-  // Check for dangerous path components
-  for (const pattern of DANGEROUS_PATH_COMPONENTS) {
-    if (pattern.test(path)) {
-      return {
-        valid: false,
-        error: 'Access to system paths is not allowed',
-        riskLevel: 'critical',
-      };
-    }
-  }
-  // Normalize the path
-  const normalizedPath = normalizePath(path);
-  // Re-check for traversal after normalization
-  if (normalizedPath.includes('..')) {
-    return {
-      valid: false,
-      error: 'Path traversal detected after normalization',
-      riskLevel: 'critical',
-    };
-  }
-  // Check depth
-  const depth = normalizedPath.split('/').filter(Boolean).length;
-  if (depth > maxDepth) {
-    return {
-      valid: false,
-      error: `Path depth exceeds maximum of ${maxDepth}`,
-      riskLevel: 'low',
-    };
-  }
-  // Check extension
-  const ext = getExtension(normalizedPath);
-  if (ext) {
-    const extWithDot = `.${ext.toLowerCase()}`;
-    const extWithoutDot = ext.toLowerCase();
-    // Check denied extensions (support both .exe and exe formats)
-    if (deniedExtensions.length > 0) {
-      const isDenied = deniedExtensions.some(denied =>
-        denied.toLowerCase() === extWithDot || denied.toLowerCase() === extWithoutDot
-      );
-      if (isDenied) {
-        return {
-          valid: false,
-          error: `File extension '${ext}' is not allowed`,
-          riskLevel: 'high',
-        };
-      }
-    }
-    // Check allowed extensions (support both .ts and ts formats)
-    if (allowedExtensions.length > 0) {
-      const isAllowed = allowedExtensions.some(allowed =>
-        allowed.toLowerCase() === extWithDot || allowed.toLowerCase() === extWithoutDot
-      );
-      if (!isAllowed) {
-        return {
-          valid: false,
-          error: `File extension '${ext}' is not in allowed list`,
-          riskLevel: 'medium',
-        };
-      }
-    }
-  }
-  // Combine with base path if provided
-  const finalPath = basePath
-    ? joinPathsAbsolute(basePath, normalizedPath)
-    : normalizedPath;
-  // Verify final path doesn't escape base (use normalized base for comparison)
-  const normalizedBase = basePath.startsWith('/')
-    ? `/${normalizePath(basePath)}`
-    : normalizePath(basePath);
-  if (basePath && !finalPath.startsWith(normalizedBase)) {
-    return {
-      valid: false,
-      error: 'Path escapes base directory',
-      riskLevel: 'critical',
-    };
-  }
-  return {
-    valid: true,
-    normalizedPath: finalPath,
-    riskLevel: 'none',
-  };
-}
-/**
- * Normalize a path by resolving . and .. components
- */
-export function normalizePath(path: string): string {
-  // Replace backslashes with forward slashes
-  let normalized = path.replace(/\\/g, '/');
-  // Remove multiple consecutive slashes
-  normalized = normalized.replace(/\/+/g, '/');
-  // Split and resolve
-  const parts = normalized.split('/');
-  const result: string[] = [];
-  for (const part of parts) {
-    if (part === '.' || part === '') {
-      continue;
-    }
-    if (part === '..') {
-      // Don't allow going above root
-      if (result.length > 0 && result[result.length - 1] !== '..') {
-        result.pop();
-      }
-    } else {
-      result.push(part);
-    }
-  }
-  return result.join('/');
-}
-/**
- * Safely join path components (strips leading/trailing slashes from all parts)
- */
-export function joinPaths(...paths: string[]): string {
-  if (paths.length === 0) return '';
-  return paths
-    .map(p => p.replace(/^\/+|\/+$/g, ''))
-    .filter(Boolean)
-    .join('/');
-}
-/**
- * Join paths preserving absolute path from first component
- */
-export function joinPathsAbsolute(...paths: string[]): string {
-  if (paths.length === 0) return '';
-  // Check if the first path is absolute
-  const isAbsolute = paths[0].startsWith('/');
-  const result = paths
-    .map(p => p.replace(/^\/+|\/+$/g, ''))
-    .filter(Boolean)
-    .join('/');
-  // Preserve leading slash for absolute paths
-  return isAbsolute ? `/${result}` : result;
-}
-/**
- * Get file extension
- */
-export function getExtension(path: string): string | null {
-  const match = path.match(/\.([^./\\]+)$/);
-  return match ? match[1] : null;
-}
-// ============================================================================
-// ReDoS Prevention
-// ============================================================================
-/**
- * Patterns that can cause ReDoS
- */
-const REDOS_PATTERNS = [
-  /\(\.\*\)\+/,              // (.*)+
-  /\(\.\+\)\+/,              // (.+)+
-  /\([^)]*\?\)\+/,           // (...?)+
-  /\([^)]*\*\)\+/,           // (...*)+
-  /\([^)]*\+\)\+/,           // (...+)+
-  /\(\[.*?\]\+\)\+/,         // ([...]+)+
-  /\(\[.*?\]\*\)\+/,         // ([...]*)+
-  /\(\[.*?\]\?\)\+/,         // ([...]?)+
-  /\(\[.*?\]\*\)\*/,         // ([...]*)*
-  /\.\*\.\*/,                // .*.*
-  /\.\+\.\+/,                // .+.+
-  /\(\.\|\.\)/,              // (.|.)
-];
-/**
- * Maximum allowed regex complexity (nested quantifiers)
- */
-const MAX_REGEX_COMPLEXITY = 3;
-/**
- * Check if a regex pattern is safe from ReDoS
- */
-export function isRegexSafe(pattern: string): RegexSafetyResult {
-  const riskyPatterns: string[] = [];
-  // Check for known ReDoS patterns
-  for (const redosPattern of REDOS_PATTERNS) {
-    if (redosPattern.test(pattern)) {
-      riskyPatterns.push(redosPattern.source);
-    }
-  }
-  // Check nesting depth of quantifiers
-  const quantifierDepth = countQuantifierNesting(pattern);
-  if (quantifierDepth > MAX_REGEX_COMPLEXITY) {
-    riskyPatterns.push(`Quantifier nesting depth: ${quantifierDepth} (max: ${MAX_REGEX_COMPLEXITY})`);
-  }
-  // Check for exponential backtracking potential
-  if (hasExponentialBacktracking(pattern)) {
-    riskyPatterns.push('Exponential backtracking potential detected');
-  }
-  return {
-    safe: riskyPatterns.length === 0,
-    pattern,
-    escapedPattern: escapeRegex(pattern),
-    riskyPatterns,
-    error: riskyPatterns.length > 0 ? 'Pattern may cause ReDoS' : undefined,
-  };
-}
-/**
- * Count nested quantifier depth
- */
-function countQuantifierNesting(pattern: string): number {
-  let maxDepth = 0;
-  let currentDepth = 0;
-  let inGroup = false;
-  let escaped = false;
-  for (let i = 0; i < pattern.length; i++) {
-    const char = pattern[i];
-    if (escaped) {
-      escaped = false;
-      continue;
-    }
-    if (char === '\\') {
-      escaped = true;
-      continue;
-    }
-    if (char === '(') {
-      inGroup = true;
-      continue;
-    }
-    if (char === ')') {
-      inGroup = false;
-      // Check if followed by quantifier
-      const next = pattern[i + 1];
-      if (next === '*' || next === '+' || next === '?' || next === '{') {
-        currentDepth++;
-        maxDepth = Math.max(maxDepth, currentDepth);
-      }
-      continue;
-    }
-    if ((char === '*' || char === '+' || char === '?') && !inGroup) {
-      currentDepth = 1;
-      maxDepth = Math.max(maxDepth, currentDepth);
-    }
-  }
-  return maxDepth;
-}
-/**
- * Check for exponential backtracking potential
- */
-function hasExponentialBacktracking(pattern: string): boolean {
-  // Simplified check for common exponential patterns
-  const dangerous = [
-    /\(\[^\\]*\]\+\)\+/,     // ([...]+)+
-    /\(\[^\\]*\]\*\)\*/,     // ([...]*)*
-    /\([^)]+\|[^)]+\)\+/,    // (a|b)+
-    /\(\.\*\)[*+]/,          // (.*)+, (.*)*
-    /\(\.\+\)[*+]/,          // (.+)+, (.+)*
-  ];
-  return dangerous.some(d => d.test(pattern));
-}
-/**
- * Escape special regex characters in a string
- */
-export function escapeRegex(str: string): string {
-  return str.replace(/[.*+?^${}()|[\]\\]/g, '\\$&');
-}
-/**
- * Create a safe regex with timeout
- */
-export function createSafeRegex(
-  pattern: string,
-  flags?: string,
-  maxLength = 10000
-): RegExp | null {
-  const safety = isRegexSafe(pattern);
-  if (!safety.safe) {
-    return null;
-  }
-  if (pattern.length > maxLength) {
-    return null;
-  }
-  try {
-    return new RegExp(pattern, flags);
-  } catch {
-    return null;
-  }
-}
-// ============================================================================
-// Timing-Safe Comparison
-// ============================================================================
-/**
- * Perform a timing-safe string comparison
- */
-export function timingSafeCompare(a: string, b: string): boolean {
-  // Pad shorter string to prevent length-based timing attacks
-  const maxLen = Math.max(a.length, b.length);
-  const paddedA = a.padEnd(maxLen, '\0');
-  const paddedB = b.padEnd(maxLen, '\0');
-  try {
-    return timingSafeEqual(Buffer.from(paddedA), Buffer.from(paddedB));
-  } catch {
-    return false;
-  }
-}
-/**
- * Timing-safe comparison for hashed values
- */
-export function timingSafeHashCompare(value: string, expectedHash: string): boolean {
-  const hash = createHash('sha256').update(value).digest('hex');
-  return timingSafeCompare(hash, expectedHash);
-}
-/**
- * Generate a secure random token
- */
-export function generateSecureToken(length = 32): string {
-  return randomBytes(length)
-    .toString('base64')
-    .replace(/\+/g, '-')
-    .replace(/\//g, '_')
-    .replace(/=/g, '');
-}
-/**
- * Hash a value securely
- */
-export function secureHash(value: string, salt?: string): string {
-  const data = salt ? `${salt}:${value}` : value;
-  return createHash('sha256').update(data).digest('hex');
-}
-// ============================================================================
-// Input Sanitization
-// ============================================================================
-/**
- * HTML escape characters
- */
-const HTML_ESCAPE_MAP: Record<string, string> = {
-  '&': '&amp;',
-  '<': '&lt;',
-  '>': '&gt;',
-  '"': '&quot;',
-  "'": '&#x27;',
-  '/': '&#x2F;',
-  '`': '&#x60;',
-  '=': '&#x3D;',
-};
-/**
- * SQL injection patterns
- */
-const SQL_INJECTION_PATTERNS = [
-  /('|")\s*;\s*--/i,
-  /'\s*OR\s+'1'\s*=\s*'1/i,
-  /"\s*OR\s+"1"\s*=\s*"1/i,
-  /UNION\s+SELECT/i,
-  /INSERT\s+INTO/i,
-  /DROP\s+TABLE/i,
-  /DELETE\s+FROM/i,
-  /UPDATE\s+.*\s+SET/i,
-  /EXEC(\s+|\()sp_/i,
-  /xp_cmdshell/i,
-];
-/**
- * Shell metacharacters (excludes parentheses which are common in normal text)
- */
-const SHELL_METACHARACTERS = /[|;&$`<>{}[\]!#*?~]/g;
-/**
- * Sanitize input string
- */
-export function sanitizeInput(input: string, options: SanitizationOptions = {}): string {
-  const {
-    maxLength = 10000,
-    allowedChars,
-    stripHtml = true,
-    stripSql = true,
-    escapeShell = true,
-    trim = true,
-  } = options;
-  let result = input;
-  // Trim
-  if (trim) {
-    result = result.trim();
-  }
-  // Max length
-  if (result.length > maxLength) {
-    result = result.substring(0, maxLength);
-  }
-  // Strip HTML
-  if (stripHtml) {
-    result = stripHtmlTags(result);
-  }
-  // Strip SQL injection attempts
-  if (stripSql) {
-    for (const pattern of SQL_INJECTION_PATTERNS) {
-      result = result.replace(pattern, '');
-    }
-  }
-  // Escape shell metacharacters
-  if (escapeShell) {
-    result = result.replace(SHELL_METACHARACTERS, '');
-  }
-  // Filter to allowed characters
-  if (allowedChars) {
-    // Filter character by character to respect the provided regex
-    result = result.split('').filter(char => allowedChars.test(char)).join('');
-  }
-  return result;
-}
-/**
- * Escape HTML special characters
- */
-export function escapeHtml(str: string): string {
-  return str.replace(/[&<>"'`=/]/g, char => HTML_ESCAPE_MAP[char] || char);
-}
-/**
- * Strip HTML tags from a string
- */
-export function stripHtmlTags(str: string): string {
-  return str.replace(/<[^>]*>/g, '');
-}
-// ============================================================================
-// Command Injection Prevention
-// ============================================================================
-/**
- * Allowed commands whitelist
- */
-const DEFAULT_ALLOWED_COMMANDS = [
-  'ls', 'cat', 'echo', 'grep', 'find', 'head', 'tail', 'wc',
-  'npm', 'node', 'yarn', 'pnpm',
-  'git', 'jest', 'vitest', 'playwright',
-];
-/**
- * Blocked command patterns
- */
-const BLOCKED_COMMAND_PATTERNS = [
-  /;/,                       // Command chaining with semicolon
-  /&&/,                      // Command chaining with AND
-  /\|\|/,                    // Command chaining with OR
-  /\|/,                      // Piping
-  /`.*`/,                    // Backtick command substitution
-  /\$\(.*\)/,                // $() command substitution
-  />\s*\/dev\/sd/i,          // Writing to block devices
-  />\s*\/etc\//i,            // Writing to /etc
-];
-/**
- * Validate and sanitize a command
- */
-export function validateCommand(
-  command: string,
-  allowedCommands: string[] = DEFAULT_ALLOWED_COMMANDS
-): CommandValidationResult {
-  const blockedPatterns: string[] = [];
-  // Check for blocked patterns
-  for (const pattern of BLOCKED_COMMAND_PATTERNS) {
-    if (pattern.test(command)) {
-      blockedPatterns.push(pattern.source);
-    }
-  }
-  if (blockedPatterns.length > 0) {
-    return {
-      valid: false,
-      error: 'Command contains blocked patterns',
-      blockedPatterns,
-    };
-  }
-  // Extract base command
-  const parts = command.trim().split(/\s+/);
-  const baseCommand = parts[0].split('/').pop() || '';
-  // Check against whitelist
-  if (!allowedCommands.includes(baseCommand)) {
-    return {
-      valid: false,
-      error: `Command '${baseCommand}' is not in the allowed list`,
-      blockedPatterns: [],
-    };
-  }
-  // Sanitize arguments
-  const sanitizedParts = parts.map((part, i) => {
-    if (i === 0) return part;
-    // Remove shell metacharacters from arguments
-    return part.replace(SHELL_METACHARACTERS, '');
-  });
-  return {
-    valid: true,
-    sanitizedCommand: sanitizedParts.join(' '),
-    blockedPatterns: [],
-  };
-}
-/**
- * Escape a string for safe shell usage
- */
-export function escapeShellArg(arg: string): string {
-  // Wrap in single quotes and escape any internal single quotes
-  return `'${arg.replace(/'/g, "'\\''")}'`;
-}
-// ============================================================================
-// Export Utilities Object
-// ============================================================================
-export const CVEPrevention = {
-  // Path traversal
-  validatePath,
-  normalizePath,
-  joinPaths,
-  joinPathsAbsolute,
-  getExtension,
-  // ReDoS
-  isRegexSafe,
-  escapeRegex,
-  createSafeRegex,
-  // Timing-safe
-  timingSafeCompare,
-  timingSafeHashCompare,
-  generateSecureToken,
-  secureHash,
-  // Input sanitization
-  sanitizeInput,
-  escapeHtml,
-  stripHtmlTags,
-  // Command injection
-  validateCommand,
-  escapeShellArg,
-};
-export default CVEPrevention;