@avi770/testteam 1.2.0 → 3.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +53 -1
- package/README.md +72 -7
- package/agents/15-regression-sentinel.ts +3 -2
- package/agents/24-signup-onboarding-tester.ts +429 -0
- package/agents/25-crud-flow-tester.ts +302 -0
- package/agents/26-form-validator.ts +297 -0
- package/agents/27-search-filter-tester.ts +326 -0
- package/agents/28-navigation-routing-tester.ts +425 -0
- package/agents/29-responsive-interaction-tester.ts +350 -0
- package/agents/30-multi-user-scenario-tester.ts +319 -0
- package/agents/31-load-tester.ts +134 -0
- package/agents/32-memory-leak-detector.ts +194 -0
- package/agents/33-bundle-analyzer.ts +132 -0
- package/agents/34-xss-scanner.ts +191 -0
- package/agents/35-csrf-tester.ts +82 -0
- package/agents/36-auth-fuzzer.ts +194 -0
- package/agents/37-dependency-scanner.ts +176 -0
- package/agents/38-secrets-scanner.ts +137 -0
- package/agents/39-api-contract-tester.ts +199 -0
- package/agents/40-rate-limit-tester.ts +94 -0
- package/agents/41-api-pagination-tester.ts +97 -0
- package/agents/42-graphql-tester.ts +222 -0
- package/agents/43-data-consistency-checker.ts +205 -0
- package/agents/44-backup-recovery-tester.ts +152 -0
- package/agents/45-data-privacy-scanner.ts +125 -0
- package/agents/46-seo-auditor.ts +294 -0
- package/agents/47-social-preview-tester.ts +232 -0
- package/agents/48-lighthouse-auditor.ts +213 -0
- package/agents/49-i18n-tester.ts +198 -0
- package/agents/50-timezone-tester.ts +173 -0
- package/agents/51-error-recovery-tester.ts +155 -0
- package/agents/52-offline-mode-tester.ts +180 -0
- package/agents/53-graceful-degradation-tester.ts +156 -0
- package/agents/54-websocket-tester.ts +151 -0
- package/agents/55-realtime-sync-tester.ts +194 -0
- package/agents/56-file-upload-tester.ts +194 -0
- package/agents/57-export-tester.ts +174 -0
- package/agents/58-payment-flow-tester.ts +183 -0
- package/agents/59-ssl-tls-auditor.ts +141 -0
- package/agents/60-dns-cdn-tester.ts +117 -0
- package/agents/61-docker-health-checker.ts +111 -0
- package/agents/62-env-config-validator.ts +152 -0
- package/agents/63-log-quality-auditor.ts +136 -0
- package/agents/64-analytics-tracker-tester.ts +165 -0
- package/agents/65-gdpr-compliance-tester.ts +215 -0
- package/agents/66-soc2-control-validator.ts +210 -0
- package/agents/67-wcag-aaa-tester.ts +241 -0
- package/agents/68-dead-code-detector.ts +135 -0
- package/agents/69-type-safety-auditor.ts +164 -0
- package/agents/70-complexity-analyzer.ts +179 -0
- package/agents/__tests__/24-signup-onboarding-tester.test.ts +274 -0
- package/agents/__tests__/25-crud-flow-tester.test.ts +322 -0
- package/agents/__tests__/26-form-validator.test.ts +345 -0
- package/agents/__tests__/27-search-filter-tester.test.ts +311 -0
- package/agents/__tests__/28-navigation-routing-tester.test.ts +328 -0
- package/agents/__tests__/29-responsive-interaction-tester.test.ts +297 -0
- package/agents/__tests__/30-multi-user-scenario-tester.test.ts +328 -0
- package/agents/__tests__/31-load-tester.test.ts +189 -0
- package/agents/__tests__/32-memory-leak-detector.test.ts +251 -0
- package/agents/__tests__/33-bundle-analyzer.test.ts +237 -0
- package/agents/__tests__/34-xss-scanner.test.ts +258 -0
- package/agents/__tests__/35-csrf-tester.test.ts +200 -0
- package/agents/__tests__/36-auth-fuzzer.test.ts +214 -0
- package/agents/__tests__/37-dependency-scanner.test.ts +266 -0
- package/agents/__tests__/38-secrets-scanner.test.ts +224 -0
- package/agents/__tests__/39-api-contract-tester.test.ts +312 -0
- package/agents/__tests__/40-rate-limit-tester.test.ts +192 -0
- package/agents/__tests__/41-api-pagination-tester.test.ts +198 -0
- package/agents/__tests__/42-graphql-tester.test.ts +252 -0
- package/agents/__tests__/43-data-consistency-checker.test.ts +232 -0
- package/agents/__tests__/44-backup-recovery-tester.test.ts +222 -0
- package/agents/__tests__/45-data-privacy-scanner.test.ts +223 -0
- package/agents/__tests__/46-seo-auditor.test.ts +261 -0
- package/agents/__tests__/47-social-preview-tester.test.ts +245 -0
- package/agents/__tests__/48-lighthouse-auditor.test.ts +276 -0
- package/agents/__tests__/49-i18n-tester.test.ts +201 -0
- package/agents/__tests__/50-timezone-tester.test.ts +172 -0
- package/agents/__tests__/51-error-recovery-tester.test.ts +162 -0
- package/agents/__tests__/52-offline-mode-tester.test.ts +164 -0
- package/agents/__tests__/53-graceful-degradation-tester.test.ts +168 -0
- package/agents/__tests__/54-websocket-tester.test.ts +157 -0
- package/agents/__tests__/55-realtime-sync-tester.test.ts +181 -0
- package/agents/__tests__/56-file-upload-tester.test.ts +172 -0
- package/agents/__tests__/57-export-tester.test.ts +169 -0
- package/agents/__tests__/58-payment-flow-tester.test.ts +182 -0
- package/agents/__tests__/59-ssl-tls-auditor.test.ts +179 -0
- package/agents/__tests__/60-dns-cdn-tester.test.ts +176 -0
- package/agents/__tests__/61-docker-health-checker.test.ts +150 -0
- package/agents/__tests__/62-env-config-validator.test.ts +166 -0
- package/agents/__tests__/63-log-quality-auditor.test.ts +175 -0
- package/agents/__tests__/64-analytics-tracker-tester.test.ts +158 -0
- package/agents/__tests__/65-gdpr-compliance-tester.test.ts +174 -0
- package/agents/__tests__/66-soc2-control-validator.test.ts +183 -0
- package/agents/__tests__/67-wcag-aaa-tester.test.ts +190 -0
- package/agents/__tests__/68-dead-code-detector.test.ts +174 -0
- package/agents/__tests__/69-type-safety-auditor.test.ts +173 -0
- package/agents/__tests__/70-complexity-analyzer.test.ts +177 -0
- package/agents/__tests__/registry.test.ts +13 -13
- package/agents/base-agent.ts +8 -0
- package/agents/registry.ts +171 -28
- package/core/__tests__/integration.test.ts +4 -4
- package/core/__tests__/orchestrator.test.ts +17 -16
- package/core/cli.ts +128 -6
- package/core/license.ts +208 -211
- package/core/orchestrator.ts +78 -5
- package/dist/agents/15-regression-sentinel.d.ts +2 -1
- package/dist/agents/15-regression-sentinel.d.ts.map +1 -1
- package/dist/agents/15-regression-sentinel.js +2 -2
- package/dist/agents/15-regression-sentinel.js.map +1 -1
- package/dist/agents/24-signup-onboarding-tester.d.ts +35 -0
- package/dist/agents/24-signup-onboarding-tester.d.ts.map +1 -0
- package/dist/agents/24-signup-onboarding-tester.js +357 -0
- package/dist/agents/24-signup-onboarding-tester.js.map +1 -0
- package/dist/agents/25-crud-flow-tester.d.ts +11 -0
- package/dist/agents/25-crud-flow-tester.d.ts.map +1 -0
- package/dist/agents/25-crud-flow-tester.js +253 -0
- package/dist/agents/25-crud-flow-tester.js.map +1 -0
- package/dist/agents/26-form-validator.d.ts +12 -0
- package/dist/agents/26-form-validator.d.ts.map +1 -0
- package/dist/agents/26-form-validator.js +257 -0
- package/dist/agents/26-form-validator.js.map +1 -0
- package/dist/agents/27-search-filter-tester.d.ts +20 -0
- package/dist/agents/27-search-filter-tester.d.ts.map +1 -0
- package/dist/agents/27-search-filter-tester.js +267 -0
- package/dist/agents/27-search-filter-tester.js.map +1 -0
- package/dist/agents/28-navigation-routing-tester.d.ts +32 -0
- package/dist/agents/28-navigation-routing-tester.d.ts.map +1 -0
- package/dist/agents/28-navigation-routing-tester.js +363 -0
- package/dist/agents/28-navigation-routing-tester.js.map +1 -0
- package/dist/agents/29-responsive-interaction-tester.d.ts +26 -0
- package/dist/agents/29-responsive-interaction-tester.d.ts.map +1 -0
- package/dist/agents/29-responsive-interaction-tester.js +272 -0
- package/dist/agents/29-responsive-interaction-tester.js.map +1 -0
- package/dist/agents/30-multi-user-scenario-tester.d.ts +24 -0
- package/dist/agents/30-multi-user-scenario-tester.d.ts.map +1 -0
- package/dist/agents/30-multi-user-scenario-tester.js +254 -0
- package/dist/agents/30-multi-user-scenario-tester.js.map +1 -0
- package/dist/agents/31-load-tester.d.ts +12 -0
- package/dist/agents/31-load-tester.d.ts.map +1 -0
- package/dist/agents/31-load-tester.js +110 -0
- package/dist/agents/31-load-tester.js.map +1 -0
- package/dist/agents/32-memory-leak-detector.d.ts +12 -0
- package/dist/agents/32-memory-leak-detector.d.ts.map +1 -0
- package/dist/agents/32-memory-leak-detector.js +167 -0
- package/dist/agents/32-memory-leak-detector.js.map +1 -0
- package/dist/agents/33-bundle-analyzer.d.ts +10 -0
- package/dist/agents/33-bundle-analyzer.d.ts.map +1 -0
- package/dist/agents/33-bundle-analyzer.js +111 -0
- package/dist/agents/33-bundle-analyzer.js.map +1 -0
- package/dist/agents/34-xss-scanner.d.ts +11 -0
- package/dist/agents/34-xss-scanner.d.ts.map +1 -0
- package/dist/agents/34-xss-scanner.js +164 -0
- package/dist/agents/34-xss-scanner.js.map +1 -0
- package/dist/agents/35-csrf-tester.d.ts +11 -0
- package/dist/agents/35-csrf-tester.d.ts.map +1 -0
- package/dist/agents/35-csrf-tester.js +70 -0
- package/dist/agents/35-csrf-tester.js.map +1 -0
- package/dist/agents/36-auth-fuzzer.d.ts +13 -0
- package/dist/agents/36-auth-fuzzer.d.ts.map +1 -0
- package/dist/agents/36-auth-fuzzer.js +163 -0
- package/dist/agents/36-auth-fuzzer.js.map +1 -0
- package/dist/agents/37-dependency-scanner.d.ts +11 -0
- package/dist/agents/37-dependency-scanner.d.ts.map +1 -0
- package/dist/agents/37-dependency-scanner.js +139 -0
- package/dist/agents/37-dependency-scanner.js.map +1 -0
- package/dist/agents/38-secrets-scanner.d.ts +11 -0
- package/dist/agents/38-secrets-scanner.d.ts.map +1 -0
- package/dist/agents/38-secrets-scanner.js +116 -0
- package/dist/agents/38-secrets-scanner.js.map +1 -0
- package/dist/agents/39-api-contract-tester.d.ts +12 -0
- package/dist/agents/39-api-contract-tester.d.ts.map +1 -0
- package/dist/agents/39-api-contract-tester.js +142 -0
- package/dist/agents/39-api-contract-tester.js.map +1 -0
- package/dist/agents/40-rate-limit-tester.d.ts +12 -0
- package/dist/agents/40-rate-limit-tester.d.ts.map +1 -0
- package/dist/agents/40-rate-limit-tester.js +79 -0
- package/dist/agents/40-rate-limit-tester.js.map +1 -0
- package/dist/agents/41-api-pagination-tester.d.ts +12 -0
- package/dist/agents/41-api-pagination-tester.d.ts.map +1 -0
- package/dist/agents/41-api-pagination-tester.js +79 -0
- package/dist/agents/41-api-pagination-tester.js.map +1 -0
- package/dist/agents/42-graphql-tester.d.ts +13 -0
- package/dist/agents/42-graphql-tester.d.ts.map +1 -0
- package/dist/agents/42-graphql-tester.js +187 -0
- package/dist/agents/42-graphql-tester.js.map +1 -0
- package/dist/agents/43-data-consistency-checker.d.ts +11 -0
- package/dist/agents/43-data-consistency-checker.d.ts.map +1 -0
- package/dist/agents/43-data-consistency-checker.js +176 -0
- package/dist/agents/43-data-consistency-checker.js.map +1 -0
- package/dist/agents/44-backup-recovery-tester.d.ts +11 -0
- package/dist/agents/44-backup-recovery-tester.d.ts.map +1 -0
- package/dist/agents/44-backup-recovery-tester.js +128 -0
- package/dist/agents/44-backup-recovery-tester.js.map +1 -0
- package/dist/agents/45-data-privacy-scanner.d.ts +11 -0
- package/dist/agents/45-data-privacy-scanner.d.ts.map +1 -0
- package/dist/agents/45-data-privacy-scanner.js +100 -0
- package/dist/agents/45-data-privacy-scanner.js.map +1 -0
- package/dist/agents/46-seo-auditor.d.ts +12 -0
- package/dist/agents/46-seo-auditor.d.ts.map +1 -0
- package/dist/agents/46-seo-auditor.js +275 -0
- package/dist/agents/46-seo-auditor.js.map +1 -0
- package/dist/agents/47-social-preview-tester.d.ts +11 -0
- package/dist/agents/47-social-preview-tester.d.ts.map +1 -0
- package/dist/agents/47-social-preview-tester.js +219 -0
- package/dist/agents/47-social-preview-tester.js.map +1 -0
- package/dist/agents/48-lighthouse-auditor.d.ts +11 -0
- package/dist/agents/48-lighthouse-auditor.d.ts.map +1 -0
- package/dist/agents/48-lighthouse-auditor.js +192 -0
- package/dist/agents/48-lighthouse-auditor.js.map +1 -0
- package/dist/agents/49-i18n-tester.d.ts +13 -0
- package/dist/agents/49-i18n-tester.d.ts.map +1 -0
- package/dist/agents/49-i18n-tester.js +172 -0
- package/dist/agents/49-i18n-tester.js.map +1 -0
- package/dist/agents/50-timezone-tester.d.ts +11 -0
- package/dist/agents/50-timezone-tester.d.ts.map +1 -0
- package/dist/agents/50-timezone-tester.js +152 -0
- package/dist/agents/50-timezone-tester.js.map +1 -0
- package/dist/agents/51-error-recovery-tester.d.ts +11 -0
- package/dist/agents/51-error-recovery-tester.d.ts.map +1 -0
- package/dist/agents/51-error-recovery-tester.js +134 -0
- package/dist/agents/51-error-recovery-tester.js.map +1 -0
- package/dist/agents/52-offline-mode-tester.d.ts +12 -0
- package/dist/agents/52-offline-mode-tester.d.ts.map +1 -0
- package/dist/agents/52-offline-mode-tester.js +161 -0
- package/dist/agents/52-offline-mode-tester.js.map +1 -0
- package/dist/agents/53-graceful-degradation-tester.d.ts +12 -0
- package/dist/agents/53-graceful-degradation-tester.d.ts.map +1 -0
- package/dist/agents/53-graceful-degradation-tester.js +130 -0
- package/dist/agents/53-graceful-degradation-tester.js.map +1 -0
- package/dist/agents/54-websocket-tester.d.ts +10 -0
- package/dist/agents/54-websocket-tester.d.ts.map +1 -0
- package/dist/agents/54-websocket-tester.js +132 -0
- package/dist/agents/54-websocket-tester.js.map +1 -0
- package/dist/agents/55-realtime-sync-tester.d.ts +11 -0
- package/dist/agents/55-realtime-sync-tester.d.ts.map +1 -0
- package/dist/agents/55-realtime-sync-tester.js +175 -0
- package/dist/agents/55-realtime-sync-tester.js.map +1 -0
- package/dist/agents/56-file-upload-tester.d.ts +12 -0
- package/dist/agents/56-file-upload-tester.d.ts.map +1 -0
- package/dist/agents/56-file-upload-tester.js +166 -0
- package/dist/agents/56-file-upload-tester.js.map +1 -0
- package/dist/agents/57-export-tester.d.ts +11 -0
- package/dist/agents/57-export-tester.d.ts.map +1 -0
- package/dist/agents/57-export-tester.js +155 -0
- package/dist/agents/57-export-tester.js.map +1 -0
- package/dist/agents/58-payment-flow-tester.d.ts +11 -0
- package/dist/agents/58-payment-flow-tester.d.ts.map +1 -0
- package/dist/agents/58-payment-flow-tester.js +159 -0
- package/dist/agents/58-payment-flow-tester.js.map +1 -0
- package/dist/agents/59-ssl-tls-auditor.d.ts +10 -0
- package/dist/agents/59-ssl-tls-auditor.d.ts.map +1 -0
- package/dist/agents/59-ssl-tls-auditor.js +132 -0
- package/dist/agents/59-ssl-tls-auditor.js.map +1 -0
- package/dist/agents/60-dns-cdn-tester.d.ts +10 -0
- package/dist/agents/60-dns-cdn-tester.d.ts.map +1 -0
- package/dist/agents/60-dns-cdn-tester.js +105 -0
- package/dist/agents/60-dns-cdn-tester.js.map +1 -0
- package/dist/agents/61-docker-health-checker.d.ts +10 -0
- package/dist/agents/61-docker-health-checker.d.ts.map +1 -0
- package/dist/agents/61-docker-health-checker.js +95 -0
- package/dist/agents/61-docker-health-checker.js.map +1 -0
- package/dist/agents/62-env-config-validator.d.ts +10 -0
- package/dist/agents/62-env-config-validator.d.ts.map +1 -0
- package/dist/agents/62-env-config-validator.js +132 -0
- package/dist/agents/62-env-config-validator.js.map +1 -0
- package/dist/agents/63-log-quality-auditor.d.ts +9 -0
- package/dist/agents/63-log-quality-auditor.d.ts.map +1 -0
- package/dist/agents/63-log-quality-auditor.js +121 -0
- package/dist/agents/63-log-quality-auditor.js.map +1 -0
- package/dist/agents/64-analytics-tracker-tester.d.ts +10 -0
- package/dist/agents/64-analytics-tracker-tester.d.ts.map +1 -0
- package/dist/agents/64-analytics-tracker-tester.js +146 -0
- package/dist/agents/64-analytics-tracker-tester.js.map +1 -0
- package/dist/agents/65-gdpr-compliance-tester.d.ts +13 -0
- package/dist/agents/65-gdpr-compliance-tester.d.ts.map +1 -0
- package/dist/agents/65-gdpr-compliance-tester.js +186 -0
- package/dist/agents/65-gdpr-compliance-tester.js.map +1 -0
- package/dist/agents/66-soc2-control-validator.d.ts +14 -0
- package/dist/agents/66-soc2-control-validator.d.ts.map +1 -0
- package/dist/agents/66-soc2-control-validator.js +178 -0
- package/dist/agents/66-soc2-control-validator.js.map +1 -0
- package/dist/agents/67-wcag-aaa-tester.d.ts +13 -0
- package/dist/agents/67-wcag-aaa-tester.d.ts.map +1 -0
- package/dist/agents/67-wcag-aaa-tester.js +207 -0
- package/dist/agents/67-wcag-aaa-tester.js.map +1 -0
- package/dist/agents/68-dead-code-detector.d.ts +9 -0
- package/dist/agents/68-dead-code-detector.d.ts.map +1 -0
- package/dist/agents/68-dead-code-detector.js +116 -0
- package/dist/agents/68-dead-code-detector.js.map +1 -0
- package/dist/agents/69-type-safety-auditor.d.ts +9 -0
- package/dist/agents/69-type-safety-auditor.d.ts.map +1 -0
- package/dist/agents/69-type-safety-auditor.js +148 -0
- package/dist/agents/69-type-safety-auditor.js.map +1 -0
- package/dist/agents/70-complexity-analyzer.d.ts +10 -0
- package/dist/agents/70-complexity-analyzer.d.ts.map +1 -0
- package/dist/agents/70-complexity-analyzer.js +154 -0
- package/dist/agents/70-complexity-analyzer.js.map +1 -0
- package/dist/agents/base-agent.d.ts +3 -1
- package/dist/agents/base-agent.d.ts.map +1 -1
- package/dist/agents/base-agent.js +7 -1
- package/dist/agents/base-agent.js.map +1 -1
- package/dist/agents/registry.d.ts +5 -4
- package/dist/agents/registry.d.ts.map +1 -1
- package/dist/agents/registry.js +170 -29
- package/dist/agents/registry.js.map +1 -1
- package/dist/clients/agent-mvp.d.ts +66 -0
- package/dist/clients/agent-mvp.d.ts.map +1 -0
- package/dist/clients/agent-mvp.js +91 -0
- package/dist/clients/agent-mvp.js.map +1 -0
- package/dist/clients/total-recall.d.ts +37 -0
- package/dist/clients/total-recall.d.ts.map +1 -0
- package/dist/clients/total-recall.js +224 -0
- package/dist/clients/total-recall.js.map +1 -0
- package/dist/core/cli.d.ts +3 -0
- package/dist/core/cli.d.ts.map +1 -1
- package/dist/core/cli.js +122 -6
- package/dist/core/cli.js.map +1 -1
- package/dist/core/license.js +2 -5
- package/dist/core/license.js.map +1 -1
- package/dist/core/orchestrator.d.ts +10 -1
- package/dist/core/orchestrator.d.ts.map +1 -1
- package/dist/core/orchestrator.js +66 -5
- package/dist/core/orchestrator.js.map +1 -1
- package/package.json +2 -2
|
@@ -0,0 +1,159 @@
|
|
|
1
|
+
import { BaseAgent } from './base-agent';
|
|
2
|
+
import { resolveEnvironment } from '../helpers/env-resolver';
|
|
3
|
+
import { login } from '../helpers/navigation';
|
|
4
|
+
/** Routes to check for billing/pricing pages. */
|
|
5
|
+
const BILLING_ROUTES = ['/billing', '/pricing', '/subscription', '/payment', '/plans'];
|
|
6
|
+
/** Selectors for Stripe checkout elements. */
|
|
7
|
+
const STRIPE_SELECTORS = [
|
|
8
|
+
'iframe[src*="stripe"]',
|
|
9
|
+
'[data-stripe]',
|
|
10
|
+
'#card-element',
|
|
11
|
+
'.StripeElement',
|
|
12
|
+
'button:has-text("Subscribe")',
|
|
13
|
+
'button:has-text("Checkout")',
|
|
14
|
+
'button:has-text("Pay")',
|
|
15
|
+
];
|
|
16
|
+
export class PaymentFlowTesterAgent extends BaseAgent {
|
|
17
|
+
agentId = 58;
|
|
18
|
+
agentName = 'Payment Flow Tester';
|
|
19
|
+
baseUrl = '';
|
|
20
|
+
async preFlight() {
|
|
21
|
+
const { env } = await resolveEnvironment(this.config, this.phase);
|
|
22
|
+
this.baseUrl = env.baseUrl;
|
|
23
|
+
}
|
|
24
|
+
async execute() {
|
|
25
|
+
const findings = [];
|
|
26
|
+
// Check config for Stripe integration
|
|
27
|
+
const hasStripe = this.config.integrations.some(i => i.name.toLowerCase().includes('stripe'));
|
|
28
|
+
if (!hasStripe) {
|
|
29
|
+
findings.push({
|
|
30
|
+
id: `${this.agentId}-no-stripe`,
|
|
31
|
+
type: 'test-bug',
|
|
32
|
+
severity: 'low',
|
|
33
|
+
agentId: this.agentId,
|
|
34
|
+
module: 'payment-flow-tester',
|
|
35
|
+
description: 'No Stripe integration configured — payment flow test skipped',
|
|
36
|
+
});
|
|
37
|
+
return findings;
|
|
38
|
+
}
|
|
39
|
+
const rawLoginUrl = this.config.auth.loginUrl ?? '/login';
|
|
40
|
+
const loginUrl = rawLoginUrl.startsWith('http') ? rawLoginUrl : `${this.baseUrl}${rawLoginUrl}`;
|
|
41
|
+
const credentials = this.config.auth.credentials?.['admin'] ??
|
|
42
|
+
Object.values(this.config.auth.credentials ?? {})[0];
|
|
43
|
+
const { chromium } = await import('playwright');
|
|
44
|
+
let browser = null;
|
|
45
|
+
try {
|
|
46
|
+
browser = await chromium.launch({ headless: true });
|
|
47
|
+
const page = await browser.newPage();
|
|
48
|
+
if (credentials) {
|
|
49
|
+
try {
|
|
50
|
+
await login(page, credentials, loginUrl);
|
|
51
|
+
}
|
|
52
|
+
catch {
|
|
53
|
+
findings.push({
|
|
54
|
+
id: `${this.agentId}-login-failed`,
|
|
55
|
+
type: 'infra-issue',
|
|
56
|
+
severity: 'medium',
|
|
57
|
+
agentId: this.agentId,
|
|
58
|
+
module: 'payment-flow-tester',
|
|
59
|
+
description: 'Login failed — continuing anonymously',
|
|
60
|
+
});
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
// Try billing routes
|
|
64
|
+
let billingPageFound = false;
|
|
65
|
+
for (const route of BILLING_ROUTES) {
|
|
66
|
+
const fullUrl = `${this.baseUrl}${route}`;
|
|
67
|
+
try {
|
|
68
|
+
const response = await page.goto(fullUrl, { waitUntil: 'domcontentloaded', timeout: 10_000 });
|
|
69
|
+
if (response && response.ok()) {
|
|
70
|
+
billingPageFound = true;
|
|
71
|
+
// Check for Stripe elements
|
|
72
|
+
const stripeFindings = await this.checkStripeElements(page, route);
|
|
73
|
+
findings.push(...stripeFindings);
|
|
74
|
+
break;
|
|
75
|
+
}
|
|
76
|
+
}
|
|
77
|
+
catch {
|
|
78
|
+
// Route not found — try next
|
|
79
|
+
}
|
|
80
|
+
}
|
|
81
|
+
if (!billingPageFound) {
|
|
82
|
+
findings.push({
|
|
83
|
+
id: `${this.agentId}-no-billing-page`,
|
|
84
|
+
type: 'test-bug',
|
|
85
|
+
severity: 'low',
|
|
86
|
+
agentId: this.agentId,
|
|
87
|
+
module: 'payment-flow-tester',
|
|
88
|
+
description: `Stripe configured but no billing page found at: ${BILLING_ROUTES.join(', ')}`,
|
|
89
|
+
});
|
|
90
|
+
}
|
|
91
|
+
await page.close().catch(() => undefined);
|
|
92
|
+
}
|
|
93
|
+
catch (playwrightError) {
|
|
94
|
+
findings.push({
|
|
95
|
+
id: `${this.agentId}-playwright-failure`,
|
|
96
|
+
type: 'infra-issue',
|
|
97
|
+
severity: 'medium',
|
|
98
|
+
agentId: this.agentId,
|
|
99
|
+
module: 'payment-flow-tester',
|
|
100
|
+
description: `Playwright execution failed: ${playwrightError instanceof Error ? playwrightError.message.split('\n')[0] : String(playwrightError)}`,
|
|
101
|
+
});
|
|
102
|
+
}
|
|
103
|
+
finally {
|
|
104
|
+
if (browser)
|
|
105
|
+
await browser.close().catch(() => undefined);
|
|
106
|
+
}
|
|
107
|
+
return findings;
|
|
108
|
+
}
|
|
109
|
+
async checkStripeElements(page, route) {
|
|
110
|
+
const findings = [];
|
|
111
|
+
const selector = STRIPE_SELECTORS.join(', ');
|
|
112
|
+
const stripeCount = await page.locator(selector).count();
|
|
113
|
+
if (stripeCount === 0) {
|
|
114
|
+
findings.push({
|
|
115
|
+
id: `${this.agentId}-no-stripe-elements`,
|
|
116
|
+
type: 'test-bug',
|
|
117
|
+
severity: 'medium',
|
|
118
|
+
agentId: this.agentId,
|
|
119
|
+
module: 'payment-flow-tester',
|
|
120
|
+
description: `Billing page ${route} found but no Stripe checkout elements detected`,
|
|
121
|
+
});
|
|
122
|
+
return findings;
|
|
123
|
+
}
|
|
124
|
+
// Check for Stripe iframe specifically
|
|
125
|
+
const iframeCount = await page.locator('iframe[src*="stripe"]').count();
|
|
126
|
+
if (iframeCount > 0) {
|
|
127
|
+
this.addEvidence({
|
|
128
|
+
type: 'log',
|
|
129
|
+
path: '',
|
|
130
|
+
description: `Stripe iframe detected on ${route}`,
|
|
131
|
+
});
|
|
132
|
+
}
|
|
133
|
+
// Try clicking checkout button
|
|
134
|
+
const checkoutBtn = page.locator('button:has-text("Subscribe"), button:has-text("Checkout"), button:has-text("Pay")');
|
|
135
|
+
if (await checkoutBtn.count() > 0) {
|
|
136
|
+
try {
|
|
137
|
+
await checkoutBtn.first().click();
|
|
138
|
+
await new Promise(resolve => setTimeout(resolve, 3_000));
|
|
139
|
+
// Check if Stripe iframe loaded after click
|
|
140
|
+
const postClickIframeCount = await page.locator('iframe[src*="stripe"]').count();
|
|
141
|
+
if (postClickIframeCount === 0) {
|
|
142
|
+
findings.push({
|
|
143
|
+
id: `${this.agentId}-stripe-iframe-not-loaded`,
|
|
144
|
+
type: 'test-bug',
|
|
145
|
+
severity: 'medium',
|
|
146
|
+
agentId: this.agentId,
|
|
147
|
+
module: 'payment-flow-tester',
|
|
148
|
+
description: `Checkout button clicked on ${route} but Stripe iframe did not load`,
|
|
149
|
+
});
|
|
150
|
+
}
|
|
151
|
+
}
|
|
152
|
+
catch {
|
|
153
|
+
// Click failure — non-critical
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
return findings;
|
|
157
|
+
}
|
|
158
|
+
}
|
|
159
|
+
//# sourceMappingURL=58-payment-flow-tester.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"58-payment-flow-tester.js","sourceRoot":"","sources":["../../agents/58-payment-flow-tester.ts"],"names":[],"mappings":"AAEA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAC7D,OAAO,EAAE,KAAK,EAAE,MAAM,uBAAuB,CAAC;AAE9C,iDAAiD;AACjD,MAAM,cAAc,GAAG,CAAC,UAAU,EAAE,UAAU,EAAE,eAAe,EAAE,UAAU,EAAE,QAAQ,CAAU,CAAC;AAEhG,8CAA8C;AAC9C,MAAM,gBAAgB,GAAG;IACvB,uBAAuB;IACvB,eAAe;IACf,eAAe;IACf,gBAAgB;IAChB,8BAA8B;IAC9B,6BAA6B;IAC7B,wBAAwB;CAChB,CAAC;AAEX,MAAM,OAAO,sBAAuB,SAAQ,SAAS;IAC1C,OAAO,GAAG,EAAE,CAAC;IACb,SAAS,GAAG,qBAAqB,CAAC;IACnC,OAAO,GAAG,EAAE,CAAC;IAEX,KAAK,CAAC,SAAS;QACvB,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;IAC7B,CAAC;IAES,KAAK,CAAC,OAAO;QACrB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,sCAAsC;QACtC,MAAM,SAAS,GAAG,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,IAAI,CAC7C,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAC7C,CAAC;QAEF,IAAI,CAAC,SAAS,EAAE,CAAC;YACf,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,YAAY;gBAC/B,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,qBAAqB;gBAC7B,WAAW,EAAE,8DAA8D;aAC5E,CAAC,CAAC;YACH,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,QAAQ,IAAI,QAAQ,CAAC;QAC1D,MAAM,QAAQ,GAAG,WAAW,CAAC,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,GAAG,IAAI,CAAC,OAAO,GAAG,WAAW,EAAE,CAAC;QAChG,MAAM,WAAW,GACf,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,OAAO,CAAC;YACvC,MAAM,CAAC,MAAM,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,IAAI,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC;QAEvD,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;QAEhD,IAAI,OAAO,GAAmB,IAAI,CAAC;QAEnC,IAAI,CAAC;YACH,OAAO,GAAG,MAAM,QAAQ,CAAC,MAAM,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,CAAC;YACpD,MAAM,IAAI,GAAG,MAAM,OAAO,CAAC,OAAO,EAAE,CAAC;YAErC,IAAI,WAAW,EAAE,CAAC;gBAChB,IAAI,CAAC;oBACH,MAAM,KAAK,CAAC,IAAI,EAAE,WAAW,EAAE,QAAQ,CAAC,CAAC;gBAC3C,CAAC;gBAAC,MAAM,CAAC;oBACP,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,eAAe;wBAClC,IAAI,EAAE,aAAa;wBACnB,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,MAAM,EAAE,qBAAqB;wBAC7B,WAAW,EAAE,uCAAuC;qBACrD,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,qBAAqB;YACrB,IAAI,gBAAgB,GAAG,KAAK,CAAC;YAE7B,KAAK,MAAM,KAAK,IAAI,cAAc,EAAE,CAAC;gBACnC,MAAM,OAAO,GAAG,GAAG,IAAI,CAAC,OAAO,GAAG,KAAK,EAAE,CAAC;gBAE1C,IAAI,CAAC;oBACH,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,IAAI,CAAC,OAAO,EAAE,EAAE,SAAS,EAAE,kBAAkB,EAAE,OAAO,EAAE,MAAM,EAAE,CAAC,CAAC;oBAC9F,IAAI,QAAQ,IAAI,QAAQ,CAAC,EAAE,EAAE,EAAE,CAAC;wBAC9B,gBAAgB,GAAG,IAAI,CAAC;wBAExB,4BAA4B;wBAC5B,MAAM,cAAc,GAAG,MAAM,IAAI,CAAC,mBAAmB,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;wBACnE,QAAQ,CAAC,IAAI,CAAC,GAAG,cAAc,CAAC,CAAC;wBACjC,MAAM;oBACR,CAAC;gBACH,CAAC;gBAAC,MAAM,CAAC;oBACP,6BAA6B;gBAC/B,CAAC;YACH,CAAC;YAED,IAAI,CAAC,gBAAgB,EAAE,CAAC;gBACtB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,kBAAkB;oBACrC,IAAI,EAAE,UAAU;oBAChB,QAAQ,EAAE,KAAK;oBACf,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,qBAAqB;oBAC7B,WAAW,EAAE,mDAAmD,cAAc,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE;iBAC5F,CAAC,CAAC;YACL,CAAC;YAED,MAAM,IAAI,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QAC5C,CAAC;QAAC,OAAO,eAAe,EAAE,CAAC;YACzB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,qBAAqB;gBACxC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,qBAAqB;gBAC7B,WAAW,EAAE,gCAAgC,eAAe,YAAY,KAAK,CAAC,CAAC,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,eAAe,CAAC,EAAE;aACnJ,CAAC,CAAC;QACL,CAAC;gBAAS,CAAC;YACT,IAAI,OAAO;gBAAE,MAAM,OAAO,CAAC,KAAK,EAAE,CAAC,KAAK,CAAC,GAAG,EAAE,CAAC,SAAS,CAAC,CAAC;QAC5D,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,KAAK,CAAC,mBAAmB,CAAC,IAAU,EAAE,KAAa;QACzD,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,MAAM,QAAQ,GAAG,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QAC7C,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,CAAC,KAAK,EAAE,CAAC;QAEzD,IAAI,WAAW,KAAK,CAAC,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,qBAAqB;gBACxC,IAAI,EAAE,UAAU;gBAChB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,qBAAqB;gBAC7B,WAAW,EAAE,gBAAgB,KAAK,iDAAiD;aACpF,CAAC,CAAC;YACH,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,uCAAuC;QACvC,MAAM,WAAW,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,KAAK,EAAE,CAAC;QACxE,IAAI,WAAW,GAAG,CAAC,EAAE,CAAC;YACpB,IAAI,CAAC,WAAW,CAAC;gBACf,IAAI,EAAE,KAAK;gBACX,IAAI,EAAE,EAAE;gBACR,WAAW,EAAE,6BAA6B,KAAK,EAAE;aAClD,CAAC,CAAC;QACL,CAAC;QAED,+BAA+B;QAC/B,MAAM,WAAW,GAAG,IAAI,CAAC,OAAO,CAAC,mFAAmF,CAAC,CAAC;QACtH,IAAI,MAAM,WAAW,CAAC,KAAK,EAAE,GAAG,CAAC,EAAE,CAAC;YAClC,IAAI,CAAC;gBACH,MAAM,WAAW,CAAC,KAAK,EAAE,CAAC,KAAK,EAAE,CAAC;gBAClC,MAAM,IAAI,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC,UAAU,CAAC,OAAO,EAAE,KAAK,CAAC,CAAC,CAAC;gBAEzD,4CAA4C;gBAC5C,MAAM,oBAAoB,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,uBAAuB,CAAC,CAAC,KAAK,EAAE,CAAC;gBACjF,IAAI,oBAAoB,KAAK,CAAC,EAAE,CAAC;oBAC/B,QAAQ,CAAC,IAAI,CAAC;wBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,2BAA2B;wBAC9C,IAAI,EAAE,UAAU;wBAChB,QAAQ,EAAE,QAAQ;wBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;wBACrB,MAAM,EAAE,qBAAqB;wBAC7B,WAAW,EAAE,8BAA8B,KAAK,iCAAiC;qBAClF,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAAC,MAAM,CAAC;gBACP,+BAA+B;YACjC,CAAC;QACH,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { Finding } from '../core/types';
|
|
2
|
+
import { BaseAgent } from './base-agent';
|
|
3
|
+
export declare class SslTlsAuditorAgent extends BaseAgent {
|
|
4
|
+
readonly agentId = 59;
|
|
5
|
+
readonly agentName = "SSL/TLS Auditor";
|
|
6
|
+
private baseUrl;
|
|
7
|
+
protected preFlight(): Promise<void>;
|
|
8
|
+
protected execute(): Promise<Finding[]>;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=59-ssl-tls-auditor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"59-ssl-tls-auditor.d.ts","sourceRoot":"","sources":["../../agents/59-ssl-tls-auditor.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAGzC,qBAAa,kBAAmB,SAAQ,SAAS;IAC/C,QAAQ,CAAC,OAAO,MAAM;IACtB,QAAQ,CAAC,SAAS,qBAAqB;IACvC,OAAO,CAAC,OAAO,CAAM;cAEL,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAK1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;CA8H9C"}
|
|
@@ -0,0 +1,132 @@
|
|
|
1
|
+
import { BaseAgent } from './base-agent';
|
|
2
|
+
import { resolveEnvironment } from '../helpers/env-resolver';
|
|
3
|
+
export class SslTlsAuditorAgent extends BaseAgent {
|
|
4
|
+
agentId = 59;
|
|
5
|
+
agentName = 'SSL/TLS Auditor';
|
|
6
|
+
baseUrl = '';
|
|
7
|
+
async preFlight() {
|
|
8
|
+
const { env } = await resolveEnvironment(this.config, this.phase);
|
|
9
|
+
this.baseUrl = env.baseUrl;
|
|
10
|
+
}
|
|
11
|
+
async execute() {
|
|
12
|
+
const findings = [];
|
|
13
|
+
// Check HSTS header
|
|
14
|
+
try {
|
|
15
|
+
const response = await fetch(this.baseUrl, {
|
|
16
|
+
method: 'HEAD',
|
|
17
|
+
signal: AbortSignal.timeout(10_000),
|
|
18
|
+
});
|
|
19
|
+
const hsts = response.headers.get('strict-transport-security');
|
|
20
|
+
if (!hsts) {
|
|
21
|
+
findings.push({
|
|
22
|
+
id: `${this.agentId}-no-hsts`,
|
|
23
|
+
type: 'code-bug-security',
|
|
24
|
+
severity: 'medium',
|
|
25
|
+
agentId: this.agentId,
|
|
26
|
+
module: 'ssl-tls-auditor',
|
|
27
|
+
description: 'Missing Strict-Transport-Security header',
|
|
28
|
+
suggestedFix: 'Add Strict-Transport-Security header with max-age of at least 31536000',
|
|
29
|
+
});
|
|
30
|
+
}
|
|
31
|
+
else {
|
|
32
|
+
// Check max-age value
|
|
33
|
+
const maxAgeMatch = hsts.match(/max-age=(\d+)/);
|
|
34
|
+
if (maxAgeMatch) {
|
|
35
|
+
const maxAge = parseInt(maxAgeMatch[1], 10);
|
|
36
|
+
if (maxAge < 31_536_000) {
|
|
37
|
+
findings.push({
|
|
38
|
+
id: `${this.agentId}-short-hsts`,
|
|
39
|
+
type: 'code-bug-security',
|
|
40
|
+
severity: 'low',
|
|
41
|
+
agentId: this.agentId,
|
|
42
|
+
module: 'ssl-tls-auditor',
|
|
43
|
+
description: `HSTS max-age is ${maxAge}s (recommended: 31536000+)`,
|
|
44
|
+
});
|
|
45
|
+
}
|
|
46
|
+
}
|
|
47
|
+
}
|
|
48
|
+
}
|
|
49
|
+
catch (fetchError) {
|
|
50
|
+
findings.push({
|
|
51
|
+
id: `${this.agentId}-fetch-failed`,
|
|
52
|
+
type: 'infra-issue',
|
|
53
|
+
severity: 'medium',
|
|
54
|
+
agentId: this.agentId,
|
|
55
|
+
module: 'ssl-tls-auditor',
|
|
56
|
+
description: `Failed to reach ${this.baseUrl}: ${fetchError instanceof Error ? fetchError.message.split('\n')[0] : String(fetchError)}`,
|
|
57
|
+
});
|
|
58
|
+
}
|
|
59
|
+
// Check certificate expiry via https module
|
|
60
|
+
if (this.baseUrl.startsWith('https://')) {
|
|
61
|
+
try {
|
|
62
|
+
const https = await import('node:https');
|
|
63
|
+
const url = new URL(this.baseUrl);
|
|
64
|
+
const certInfo = await new Promise((resolve, reject) => {
|
|
65
|
+
const req = https.get({
|
|
66
|
+
hostname: url.hostname,
|
|
67
|
+
port: url.port || 443,
|
|
68
|
+
path: '/',
|
|
69
|
+
rejectUnauthorized: false,
|
|
70
|
+
timeout: 10_000,
|
|
71
|
+
}, (res) => {
|
|
72
|
+
const socket = res.socket;
|
|
73
|
+
const cert = socket.getPeerCertificate?.();
|
|
74
|
+
resolve({ valid_to: cert?.valid_to, valid_from: cert?.valid_from });
|
|
75
|
+
});
|
|
76
|
+
req.on('error', reject);
|
|
77
|
+
req.on('timeout', () => {
|
|
78
|
+
req.destroy();
|
|
79
|
+
reject(new Error('Certificate check timeout'));
|
|
80
|
+
});
|
|
81
|
+
});
|
|
82
|
+
if (certInfo.valid_to) {
|
|
83
|
+
const expiryDate = new Date(certInfo.valid_to);
|
|
84
|
+
const now = new Date();
|
|
85
|
+
const daysUntilExpiry = Math.floor((expiryDate.getTime() - now.getTime()) / (1000 * 60 * 60 * 24));
|
|
86
|
+
if (daysUntilExpiry < 0) {
|
|
87
|
+
findings.push({
|
|
88
|
+
id: `${this.agentId}-cert-expired`,
|
|
89
|
+
type: 'code-bug-security',
|
|
90
|
+
severity: 'critical',
|
|
91
|
+
agentId: this.agentId,
|
|
92
|
+
module: 'ssl-tls-auditor',
|
|
93
|
+
description: `SSL certificate expired ${Math.abs(daysUntilExpiry)} days ago`,
|
|
94
|
+
});
|
|
95
|
+
}
|
|
96
|
+
else if (daysUntilExpiry < 30) {
|
|
97
|
+
findings.push({
|
|
98
|
+
id: `${this.agentId}-cert-expiring-soon`,
|
|
99
|
+
type: 'code-bug-security',
|
|
100
|
+
severity: 'high',
|
|
101
|
+
agentId: this.agentId,
|
|
102
|
+
module: 'ssl-tls-auditor',
|
|
103
|
+
description: `SSL certificate expires in ${daysUntilExpiry} days`,
|
|
104
|
+
});
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
}
|
|
108
|
+
catch (certError) {
|
|
109
|
+
findings.push({
|
|
110
|
+
id: `${this.agentId}-cert-check-failed`,
|
|
111
|
+
type: 'infra-issue',
|
|
112
|
+
severity: 'low',
|
|
113
|
+
agentId: this.agentId,
|
|
114
|
+
module: 'ssl-tls-auditor',
|
|
115
|
+
description: `Certificate check failed: ${certError instanceof Error ? certError.message.split('\n')[0] : String(certError)}`,
|
|
116
|
+
});
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
else {
|
|
120
|
+
findings.push({
|
|
121
|
+
id: `${this.agentId}-no-https`,
|
|
122
|
+
type: 'code-bug-security',
|
|
123
|
+
severity: 'high',
|
|
124
|
+
agentId: this.agentId,
|
|
125
|
+
module: 'ssl-tls-auditor',
|
|
126
|
+
description: `Base URL ${this.baseUrl} does not use HTTPS`,
|
|
127
|
+
});
|
|
128
|
+
}
|
|
129
|
+
return findings;
|
|
130
|
+
}
|
|
131
|
+
}
|
|
132
|
+
//# sourceMappingURL=59-ssl-tls-auditor.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"59-ssl-tls-auditor.js","sourceRoot":"","sources":["../../agents/59-ssl-tls-auditor.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAE7D,MAAM,OAAO,kBAAmB,SAAQ,SAAS;IACtC,OAAO,GAAG,EAAE,CAAC;IACb,SAAS,GAAG,iBAAiB,CAAC;IAC/B,OAAO,GAAG,EAAE,CAAC;IAEX,KAAK,CAAC,SAAS;QACvB,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;IAC7B,CAAC;IAES,KAAK,CAAC,OAAO;QACrB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,oBAAoB;QACpB,IAAI,CAAC;YACH,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE;gBACzC,MAAM,EAAE,MAAM;gBACd,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;aACpC,CAAC,CAAC;YAEH,MAAM,IAAI,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,2BAA2B,CAAC,CAAC;YAE/D,IAAI,CAAC,IAAI,EAAE,CAAC;gBACV,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,UAAU;oBAC7B,IAAI,EAAE,mBAAmB;oBACzB,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,iBAAiB;oBACzB,WAAW,EAAE,0CAA0C;oBACvD,YAAY,EAAE,wEAAwE;iBACvF,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,sBAAsB;gBACtB,MAAM,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,eAAe,CAAC,CAAC;gBAChD,IAAI,WAAW,EAAE,CAAC;oBAChB,MAAM,MAAM,GAAG,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;oBAC5C,IAAI,MAAM,GAAG,UAAU,EAAE,CAAC;wBACxB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,aAAa;4BAChC,IAAI,EAAE,mBAAmB;4BACzB,QAAQ,EAAE,KAAK;4BACf,OAAO,EAAE,IAAI,CAAC,OAAO;4BACrB,MAAM,EAAE,iBAAiB;4BACzB,WAAW,EAAE,mBAAmB,MAAM,4BAA4B;yBACnE,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAAC,OAAO,UAAU,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,eAAe;gBAClC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,iBAAiB;gBACzB,WAAW,EAAE,mBAAmB,IAAI,CAAC,OAAO,KAAK,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE;aACxI,CAAC,CAAC;QACL,CAAC;QAED,4CAA4C;QAC5C,IAAI,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;YACxC,IAAI,CAAC;gBACH,MAAM,KAAK,GAAG,MAAM,MAAM,CAAC,YAAY,CAAC,CAAC;gBACzC,MAAM,GAAG,GAAG,IAAI,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;gBAElC,MAAM,QAAQ,GAAG,MAAM,IAAI,OAAO,CAA6C,CAAC,OAAO,EAAE,MAAM,EAAE,EAAE;oBACjG,MAAM,GAAG,GAAG,KAAK,CAAC,GAAG,CACnB;wBACE,QAAQ,EAAE,GAAG,CAAC,QAAQ;wBACtB,IAAI,EAAE,GAAG,CAAC,IAAI,IAAI,GAAG;wBACrB,IAAI,EAAE,GAAG;wBACT,kBAAkB,EAAE,KAAK;wBACzB,OAAO,EAAE,MAAM;qBAChB,EACD,CAAC,GAAG,EAAE,EAAE;wBACN,MAAM,MAAM,GAAG,GAAG,CAAC,MAAsC,CAAC;wBAC1D,MAAM,IAAI,GAAG,MAAM,CAAC,kBAAkB,EAAE,EAAE,CAAC;wBAC3C,OAAO,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,QAAQ,EAAE,UAAU,EAAE,IAAI,EAAE,UAAU,EAAE,CAAC,CAAC;oBACtE,CAAC,CACF,CAAC;oBACF,GAAG,CAAC,EAAE,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC;oBACxB,GAAG,CAAC,EAAE,CAAC,SAAS,EAAE,GAAG,EAAE;wBACrB,GAAG,CAAC,OAAO,EAAE,CAAC;wBACd,MAAM,CAAC,IAAI,KAAK,CAAC,2BAA2B,CAAC,CAAC,CAAC;oBACjD,CAAC,CAAC,CAAC;gBACL,CAAC,CAAC,CAAC;gBAEH,IAAI,QAAQ,CAAC,QAAQ,EAAE,CAAC;oBACtB,MAAM,UAAU,GAAG,IAAI,IAAI,CAAC,QAAQ,CAAC,QAAQ,CAAC,CAAC;oBAC/C,MAAM,GAAG,GAAG,IAAI,IAAI,EAAE,CAAC;oBACvB,MAAM,eAAe,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,CAAC,OAAO,EAAE,GAAG,GAAG,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,IAAI,GAAG,EAAE,GAAG,EAAE,GAAG,EAAE,CAAC,CAAC,CAAC;oBAEnG,IAAI,eAAe,GAAG,CAAC,EAAE,CAAC;wBACxB,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,eAAe;4BAClC,IAAI,EAAE,mBAAmB;4BACzB,QAAQ,EAAE,UAAU;4BACpB,OAAO,EAAE,IAAI,CAAC,OAAO;4BACrB,MAAM,EAAE,iBAAiB;4BACzB,WAAW,EAAE,2BAA2B,IAAI,CAAC,GAAG,CAAC,eAAe,CAAC,WAAW;yBAC7E,CAAC,CAAC;oBACL,CAAC;yBAAM,IAAI,eAAe,GAAG,EAAE,EAAE,CAAC;wBAChC,QAAQ,CAAC,IAAI,CAAC;4BACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,qBAAqB;4BACxC,IAAI,EAAE,mBAAmB;4BACzB,QAAQ,EAAE,MAAM;4BAChB,OAAO,EAAE,IAAI,CAAC,OAAO;4BACrB,MAAM,EAAE,iBAAiB;4BACzB,WAAW,EAAE,8BAA8B,eAAe,OAAO;yBAClE,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;YAAC,OAAO,SAAS,EAAE,CAAC;gBACnB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,oBAAoB;oBACvC,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,KAAK;oBACf,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,iBAAiB;oBACzB,WAAW,EAAE,6BAA6B,SAAS,YAAY,KAAK,CAAC,CAAC,CAAC,SAAS,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,SAAS,CAAC,EAAE;iBAC9H,CAAC,CAAC;YACL,CAAC;QACH,CAAC;aAAM,CAAC;YACN,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,WAAW;gBAC9B,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,iBAAiB;gBACzB,WAAW,EAAE,YAAY,IAAI,CAAC,OAAO,qBAAqB;aAC3D,CAAC,CAAC;QACL,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { Finding } from '../core/types';
|
|
2
|
+
import { BaseAgent } from './base-agent';
|
|
3
|
+
export declare class DnsCdnTesterAgent extends BaseAgent {
|
|
4
|
+
readonly agentId = 60;
|
|
5
|
+
readonly agentName = "DNS & CDN Tester";
|
|
6
|
+
private baseUrl;
|
|
7
|
+
protected preFlight(): Promise<void>;
|
|
8
|
+
protected execute(): Promise<Finding[]>;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=60-dns-cdn-tester.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"60-dns-cdn-tester.d.ts","sourceRoot":"","sources":["../../agents/60-dns-cdn-tester.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAiBzC,qBAAa,iBAAkB,SAAQ,SAAS;IAC9C,QAAQ,CAAC,OAAO,MAAM;IACtB,QAAQ,CAAC,SAAS,sBAAsB;IACxC,OAAO,CAAC,OAAO,CAAM;cAEL,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAK1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;CAwF9C"}
|
|
@@ -0,0 +1,105 @@
|
|
|
1
|
+
import { BaseAgent } from './base-agent';
|
|
2
|
+
import { resolveEnvironment } from '../helpers/env-resolver';
|
|
3
|
+
/** Headers that indicate CDN usage. */
|
|
4
|
+
const CDN_HEADERS = {
|
|
5
|
+
'x-cache': 'Generic CDN',
|
|
6
|
+
'cf-ray': 'Cloudflare',
|
|
7
|
+
'x-vercel-cache': 'Vercel',
|
|
8
|
+
'x-cdn': 'Generic CDN',
|
|
9
|
+
'x-amz-cf-id': 'AWS CloudFront',
|
|
10
|
+
'x-served-by': 'Fastly/Varnish',
|
|
11
|
+
'x-azure-ref': 'Azure CDN',
|
|
12
|
+
};
|
|
13
|
+
/** Max acceptable response time in ms. */
|
|
14
|
+
const MAX_RESPONSE_TIME_MS = 2_000;
|
|
15
|
+
export class DnsCdnTesterAgent extends BaseAgent {
|
|
16
|
+
agentId = 60;
|
|
17
|
+
agentName = 'DNS & CDN Tester';
|
|
18
|
+
baseUrl = '';
|
|
19
|
+
async preFlight() {
|
|
20
|
+
const { env } = await resolveEnvironment(this.config, this.phase);
|
|
21
|
+
this.baseUrl = env.baseUrl;
|
|
22
|
+
}
|
|
23
|
+
async execute() {
|
|
24
|
+
const findings = [];
|
|
25
|
+
try {
|
|
26
|
+
const startTime = Date.now();
|
|
27
|
+
const response = await fetch(this.baseUrl, {
|
|
28
|
+
method: 'GET',
|
|
29
|
+
signal: AbortSignal.timeout(15_000),
|
|
30
|
+
});
|
|
31
|
+
const responseTime = Date.now() - startTime;
|
|
32
|
+
// Check response time
|
|
33
|
+
if (responseTime > MAX_RESPONSE_TIME_MS) {
|
|
34
|
+
findings.push({
|
|
35
|
+
id: `${this.agentId}-slow-response`,
|
|
36
|
+
type: 'infra-issue',
|
|
37
|
+
severity: 'medium',
|
|
38
|
+
agentId: this.agentId,
|
|
39
|
+
module: 'dns-cdn-tester',
|
|
40
|
+
description: `Response time ${responseTime}ms exceeds ${MAX_RESPONSE_TIME_MS}ms threshold`,
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
// Check CDN headers
|
|
44
|
+
let cdnDetected = false;
|
|
45
|
+
for (const [header, cdnName] of Object.entries(CDN_HEADERS)) {
|
|
46
|
+
const value = response.headers.get(header);
|
|
47
|
+
if (value) {
|
|
48
|
+
cdnDetected = true;
|
|
49
|
+
this.addEvidence({
|
|
50
|
+
type: 'log',
|
|
51
|
+
path: '',
|
|
52
|
+
description: `CDN detected: ${cdnName} (header: ${header}=${value})`,
|
|
53
|
+
});
|
|
54
|
+
}
|
|
55
|
+
}
|
|
56
|
+
if (!cdnDetected) {
|
|
57
|
+
findings.push({
|
|
58
|
+
id: `${this.agentId}-no-cdn`,
|
|
59
|
+
type: 'infra-issue',
|
|
60
|
+
severity: 'low',
|
|
61
|
+
agentId: this.agentId,
|
|
62
|
+
module: 'dns-cdn-tester',
|
|
63
|
+
description: 'No CDN detected — consider using a CDN for improved performance',
|
|
64
|
+
});
|
|
65
|
+
}
|
|
66
|
+
// Check cache-control header
|
|
67
|
+
const cacheControl = response.headers.get('cache-control');
|
|
68
|
+
if (!cacheControl) {
|
|
69
|
+
findings.push({
|
|
70
|
+
id: `${this.agentId}-no-cache-control`,
|
|
71
|
+
type: 'infra-issue',
|
|
72
|
+
severity: 'low',
|
|
73
|
+
agentId: this.agentId,
|
|
74
|
+
module: 'dns-cdn-tester',
|
|
75
|
+
description: 'Missing Cache-Control header — caching policy not defined',
|
|
76
|
+
});
|
|
77
|
+
}
|
|
78
|
+
else if (cacheControl.includes('no-store') || cacheControl.includes('no-cache')) {
|
|
79
|
+
this.addEvidence({
|
|
80
|
+
type: 'log',
|
|
81
|
+
path: '',
|
|
82
|
+
description: `Cache-Control: ${cacheControl} — caching is disabled`,
|
|
83
|
+
});
|
|
84
|
+
}
|
|
85
|
+
// Log response details
|
|
86
|
+
this.addEvidence({
|
|
87
|
+
type: 'log',
|
|
88
|
+
path: '',
|
|
89
|
+
description: `Response time: ${responseTime}ms, Status: ${response.status}`,
|
|
90
|
+
});
|
|
91
|
+
}
|
|
92
|
+
catch (fetchError) {
|
|
93
|
+
findings.push({
|
|
94
|
+
id: `${this.agentId}-fetch-failed`,
|
|
95
|
+
type: 'infra-issue',
|
|
96
|
+
severity: 'medium',
|
|
97
|
+
agentId: this.agentId,
|
|
98
|
+
module: 'dns-cdn-tester',
|
|
99
|
+
description: `Failed to reach ${this.baseUrl}: ${fetchError instanceof Error ? fetchError.message.split('\n')[0] : String(fetchError)}`,
|
|
100
|
+
});
|
|
101
|
+
}
|
|
102
|
+
return findings;
|
|
103
|
+
}
|
|
104
|
+
}
|
|
105
|
+
//# sourceMappingURL=60-dns-cdn-tester.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"60-dns-cdn-tester.js","sourceRoot":"","sources":["../../agents/60-dns-cdn-tester.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AACzC,OAAO,EAAE,kBAAkB,EAAE,MAAM,yBAAyB,CAAC;AAE7D,uCAAuC;AACvC,MAAM,WAAW,GAA2B;IAC1C,SAAS,EAAE,aAAa;IACxB,QAAQ,EAAE,YAAY;IACtB,gBAAgB,EAAE,QAAQ;IAC1B,OAAO,EAAE,aAAa;IACtB,aAAa,EAAE,gBAAgB;IAC/B,aAAa,EAAE,gBAAgB;IAC/B,aAAa,EAAE,WAAW;CAC3B,CAAC;AAEF,0CAA0C;AAC1C,MAAM,oBAAoB,GAAG,KAAK,CAAC;AAEnC,MAAM,OAAO,iBAAkB,SAAQ,SAAS;IACrC,OAAO,GAAG,EAAE,CAAC;IACb,SAAS,GAAG,kBAAkB,CAAC;IAChC,OAAO,GAAG,EAAE,CAAC;IAEX,KAAK,CAAC,SAAS;QACvB,MAAM,EAAE,GAAG,EAAE,GAAG,MAAM,kBAAkB,CAAC,IAAI,CAAC,MAAM,EAAE,IAAI,CAAC,KAAK,CAAC,CAAC;QAClE,IAAI,CAAC,OAAO,GAAG,GAAG,CAAC,OAAO,CAAC;IAC7B,CAAC;IAES,KAAK,CAAC,OAAO;QACrB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,IAAI,CAAC;YACH,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;YAE7B,MAAM,QAAQ,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,OAAO,EAAE;gBACzC,MAAM,EAAE,KAAK;gBACb,MAAM,EAAE,WAAW,CAAC,OAAO,CAAC,MAAM,CAAC;aACpC,CAAC,CAAC;YAEH,MAAM,YAAY,GAAG,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS,CAAC;YAE5C,sBAAsB;YACtB,IAAI,YAAY,GAAG,oBAAoB,EAAE,CAAC;gBACxC,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,gBAAgB;oBACnC,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,QAAQ;oBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,gBAAgB;oBACxB,WAAW,EAAE,iBAAiB,YAAY,cAAc,oBAAoB,cAAc;iBAC3F,CAAC,CAAC;YACL,CAAC;YAED,oBAAoB;YACpB,IAAI,WAAW,GAAG,KAAK,CAAC;YACxB,KAAK,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,WAAW,CAAC,EAAE,CAAC;gBAC5D,MAAM,KAAK,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC;gBAC3C,IAAI,KAAK,EAAE,CAAC;oBACV,WAAW,GAAG,IAAI,CAAC;oBACnB,IAAI,CAAC,WAAW,CAAC;wBACf,IAAI,EAAE,KAAK;wBACX,IAAI,EAAE,EAAE;wBACR,WAAW,EAAE,iBAAiB,OAAO,aAAa,MAAM,IAAI,KAAK,GAAG;qBACrE,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;YAED,IAAI,CAAC,WAAW,EAAE,CAAC;gBACjB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,SAAS;oBAC5B,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,KAAK;oBACf,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,gBAAgB;oBACxB,WAAW,EAAE,iEAAiE;iBAC/E,CAAC,CAAC;YACL,CAAC;YAED,6BAA6B;YAC7B,MAAM,YAAY,GAAG,QAAQ,CAAC,OAAO,CAAC,GAAG,CAAC,eAAe,CAAC,CAAC;YAC3D,IAAI,CAAC,YAAY,EAAE,CAAC;gBAClB,QAAQ,CAAC,IAAI,CAAC;oBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,mBAAmB;oBACtC,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,KAAK;oBACf,OAAO,EAAE,IAAI,CAAC,OAAO;oBACrB,MAAM,EAAE,gBAAgB;oBACxB,WAAW,EAAE,2DAA2D;iBACzE,CAAC,CAAC;YACL,CAAC;iBAAM,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,IAAI,YAAY,CAAC,QAAQ,CAAC,UAAU,CAAC,EAAE,CAAC;gBAClF,IAAI,CAAC,WAAW,CAAC;oBACf,IAAI,EAAE,KAAK;oBACX,IAAI,EAAE,EAAE;oBACR,WAAW,EAAE,kBAAkB,YAAY,wBAAwB;iBACpE,CAAC,CAAC;YACL,CAAC;YAED,uBAAuB;YACvB,IAAI,CAAC,WAAW,CAAC;gBACf,IAAI,EAAE,KAAK;gBACX,IAAI,EAAE,EAAE;gBACR,WAAW,EAAE,kBAAkB,YAAY,eAAe,QAAQ,CAAC,MAAM,EAAE;aAC5E,CAAC,CAAC;QACL,CAAC;QAAC,OAAO,UAAU,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,eAAe;gBAClC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,gBAAgB;gBACxB,WAAW,EAAE,mBAAmB,IAAI,CAAC,OAAO,KAAK,UAAU,YAAY,KAAK,CAAC,CAAC,CAAC,UAAU,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,UAAU,CAAC,EAAE;aACxI,CAAC,CAAC;QACL,CAAC;QAED,OAAO,QAAQ,CAAC;IAClB,CAAC;CACF"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { Finding } from '../core/types';
|
|
2
|
+
import { BaseAgent } from './base-agent';
|
|
3
|
+
export declare class DockerHealthCheckerAgent extends BaseAgent {
|
|
4
|
+
readonly agentId = 61;
|
|
5
|
+
readonly agentName = "Docker Health Checker";
|
|
6
|
+
protected preFlight(): Promise<void>;
|
|
7
|
+
protected execute(): Promise<Finding[]>;
|
|
8
|
+
private findLastDirective;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=61-docker-health-checker.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"61-docker-health-checker.d.ts","sourceRoot":"","sources":["../../agents/61-docker-health-checker.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,qBAAa,wBAAyB,SAAQ,SAAS;IACrD,QAAQ,CAAC,OAAO,MAAM;IACtB,QAAQ,CAAC,SAAS,2BAA2B;cAE7B,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAI1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAkF7C,OAAO,CAAC,iBAAiB;CAe1B"}
|
|
@@ -0,0 +1,95 @@
|
|
|
1
|
+
import * as fs from 'node:fs';
|
|
2
|
+
import * as path from 'node:path';
|
|
3
|
+
import { BaseAgent } from './base-agent';
|
|
4
|
+
export class DockerHealthCheckerAgent extends BaseAgent {
|
|
5
|
+
agentId = 61;
|
|
6
|
+
agentName = 'Docker Health Checker';
|
|
7
|
+
async preFlight() {
|
|
8
|
+
// No network dependencies — file-based agent
|
|
9
|
+
}
|
|
10
|
+
async execute() {
|
|
11
|
+
const findings = [];
|
|
12
|
+
const projectRoot = this.config.projectRoot ?? process.cwd();
|
|
13
|
+
// Check Dockerfile
|
|
14
|
+
const dockerfilePath = path.join(projectRoot, 'Dockerfile');
|
|
15
|
+
const dockerfileExists = fs.existsSync(dockerfilePath);
|
|
16
|
+
if (!dockerfileExists) {
|
|
17
|
+
findings.push({
|
|
18
|
+
id: `${this.agentId}-no-dockerfile`,
|
|
19
|
+
type: 'infra-issue',
|
|
20
|
+
severity: 'low',
|
|
21
|
+
agentId: this.agentId,
|
|
22
|
+
module: 'docker-health-checker',
|
|
23
|
+
description: 'No Dockerfile found in project root',
|
|
24
|
+
});
|
|
25
|
+
return findings;
|
|
26
|
+
}
|
|
27
|
+
const dockerfileContent = fs.readFileSync(dockerfilePath, 'utf-8');
|
|
28
|
+
const lines = dockerfileContent.split('\n');
|
|
29
|
+
// Check 1: USER root at end (security risk)
|
|
30
|
+
const lastUserLine = this.findLastDirective(lines, 'USER');
|
|
31
|
+
if (lastUserLine !== null && lastUserLine.toLowerCase().includes('root')) {
|
|
32
|
+
findings.push({
|
|
33
|
+
id: `${this.agentId}-user-root`,
|
|
34
|
+
type: 'code-bug-security',
|
|
35
|
+
severity: 'high',
|
|
36
|
+
agentId: this.agentId,
|
|
37
|
+
module: 'docker-health-checker',
|
|
38
|
+
file: dockerfilePath,
|
|
39
|
+
description: 'Dockerfile runs as root user — security risk',
|
|
40
|
+
suggestedFix: 'Add a non-root USER directive at the end of the Dockerfile',
|
|
41
|
+
});
|
|
42
|
+
}
|
|
43
|
+
// Check 2: Missing HEALTHCHECK
|
|
44
|
+
const hasHealthcheck = lines.some(line => line.trim().toUpperCase().startsWith('HEALTHCHECK'));
|
|
45
|
+
if (!hasHealthcheck) {
|
|
46
|
+
findings.push({
|
|
47
|
+
id: `${this.agentId}-no-healthcheck`,
|
|
48
|
+
type: 'infra-issue',
|
|
49
|
+
severity: 'medium',
|
|
50
|
+
agentId: this.agentId,
|
|
51
|
+
module: 'docker-health-checker',
|
|
52
|
+
file: dockerfilePath,
|
|
53
|
+
description: 'Dockerfile missing HEALTHCHECK instruction',
|
|
54
|
+
suggestedFix: 'Add HEALTHCHECK CMD curl -f http://localhost:PORT/health || exit 1',
|
|
55
|
+
});
|
|
56
|
+
}
|
|
57
|
+
// Check 3: Missing .dockerignore
|
|
58
|
+
const dockerignorePath = path.join(projectRoot, '.dockerignore');
|
|
59
|
+
if (!fs.existsSync(dockerignorePath)) {
|
|
60
|
+
findings.push({
|
|
61
|
+
id: `${this.agentId}-no-dockerignore`,
|
|
62
|
+
type: 'infra-issue',
|
|
63
|
+
severity: 'low',
|
|
64
|
+
agentId: this.agentId,
|
|
65
|
+
module: 'docker-health-checker',
|
|
66
|
+
description: 'Missing .dockerignore file — build context may include unnecessary files',
|
|
67
|
+
suggestedFix: 'Create .dockerignore to exclude node_modules, .git, .env, etc.',
|
|
68
|
+
});
|
|
69
|
+
}
|
|
70
|
+
// Log Dockerfile size
|
|
71
|
+
const stats = fs.statSync(dockerfilePath);
|
|
72
|
+
this.addEvidence({
|
|
73
|
+
type: 'log',
|
|
74
|
+
path: dockerfilePath,
|
|
75
|
+
description: `Dockerfile: ${lines.length} lines, ${stats.size} bytes`,
|
|
76
|
+
});
|
|
77
|
+
return findings;
|
|
78
|
+
}
|
|
79
|
+
findLastDirective(lines, directive) {
|
|
80
|
+
const upper = directive.toUpperCase();
|
|
81
|
+
for (let i = lines.length - 1; i >= 0; i--) {
|
|
82
|
+
const trimmed = lines[i].trim();
|
|
83
|
+
if (trimmed.toUpperCase().startsWith(upper)) {
|
|
84
|
+
return trimmed;
|
|
85
|
+
}
|
|
86
|
+
// Skip empty lines and comments
|
|
87
|
+
if (trimmed.length > 0 && !trimmed.startsWith('#')) {
|
|
88
|
+
// Found a non-matching, non-empty, non-comment line
|
|
89
|
+
// Keep searching
|
|
90
|
+
}
|
|
91
|
+
}
|
|
92
|
+
return null;
|
|
93
|
+
}
|
|
94
|
+
}
|
|
95
|
+
//# sourceMappingURL=61-docker-health-checker.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"61-docker-health-checker.js","sourceRoot":"","sources":["../../agents/61-docker-health-checker.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,MAAM,OAAO,wBAAyB,SAAQ,SAAS;IAC5C,OAAO,GAAG,EAAE,CAAC;IACb,SAAS,GAAG,uBAAuB,CAAC;IAEnC,KAAK,CAAC,SAAS;QACvB,6CAA6C;IAC/C,CAAC;IAES,KAAK,CAAC,OAAO;QACrB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAE/B,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAE7D,mBAAmB;QACnB,MAAM,cAAc,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;QAC5D,MAAM,gBAAgB,GAAG,EAAE,CAAC,UAAU,CAAC,cAAc,CAAC,CAAC;QAEvD,IAAI,CAAC,gBAAgB,EAAE,CAAC;YACtB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,gBAAgB;gBACnC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,uBAAuB;gBAC/B,WAAW,EAAE,qCAAqC;aACnD,CAAC,CAAC;YACH,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,iBAAiB,GAAG,EAAE,CAAC,YAAY,CAAC,cAAc,EAAE,OAAO,CAAC,CAAC;QACnE,MAAM,KAAK,GAAG,iBAAiB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC;QAE5C,4CAA4C;QAC5C,MAAM,YAAY,GAAG,IAAI,CAAC,iBAAiB,CAAC,KAAK,EAAE,MAAM,CAAC,CAAC;QAC3D,IAAI,YAAY,KAAK,IAAI,IAAI,YAAY,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,MAAM,CAAC,EAAE,CAAC;YACzE,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,YAAY;gBAC/B,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,uBAAuB;gBAC/B,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,8CAA8C;gBAC3D,YAAY,EAAE,4DAA4D;aAC3E,CAAC,CAAC;QACL,CAAC;QAED,+BAA+B;QAC/B,MAAM,cAAc,GAAG,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CACvC,IAAI,CAAC,IAAI,EAAE,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,aAAa,CAAC,CACpD,CAAC;QAEF,IAAI,CAAC,cAAc,EAAE,CAAC;YACpB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,iBAAiB;gBACpC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,QAAQ;gBAClB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,uBAAuB;gBAC/B,IAAI,EAAE,cAAc;gBACpB,WAAW,EAAE,4CAA4C;gBACzD,YAAY,EAAE,oEAAoE;aACnF,CAAC,CAAC;QACL,CAAC;QAED,iCAAiC;QACjC,MAAM,gBAAgB,GAAG,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,eAAe,CAAC,CAAC;QACjE,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,gBAAgB,CAAC,EAAE,CAAC;YACrC,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,kBAAkB;gBACrC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,KAAK;gBACf,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,uBAAuB;gBAC/B,WAAW,EAAE,0EAA0E;gBACvF,YAAY,EAAE,gEAAgE;aAC/E,CAAC,CAAC;QACL,CAAC;QAED,sBAAsB;QACtB,MAAM,KAAK,GAAG,EAAE,CAAC,QAAQ,CAAC,cAAc,CAAC,CAAC;QAC1C,IAAI,CAAC,WAAW,CAAC;YACf,IAAI,EAAE,KAAK;YACX,IAAI,EAAE,cAAc;YACpB,WAAW,EAAE,eAAe,KAAK,CAAC,MAAM,WAAW,KAAK,CAAC,IAAI,QAAQ;SACtE,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,iBAAiB,CAAC,KAAe,EAAE,SAAiB;QAC1D,MAAM,KAAK,GAAG,SAAS,CAAC,WAAW,EAAE,CAAC;QACtC,KAAK,IAAI,CAAC,GAAG,KAAK,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC,IAAI,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC;YAC3C,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;YAChC,IAAI,OAAO,CAAC,WAAW,EAAE,CAAC,UAAU,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC5C,OAAO,OAAO,CAAC;YACjB,CAAC;YACD,gCAAgC;YAChC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;gBACnD,oDAAoD;gBACpD,iBAAiB;YACnB,CAAC;QACH,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;CACF"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { Finding } from '../core/types';
|
|
2
|
+
import { BaseAgent } from './base-agent';
|
|
3
|
+
export declare class EnvConfigValidatorAgent extends BaseAgent {
|
|
4
|
+
readonly agentId = 62;
|
|
5
|
+
readonly agentName = "Env Config Validator";
|
|
6
|
+
protected preFlight(): Promise<void>;
|
|
7
|
+
protected execute(): Promise<Finding[]>;
|
|
8
|
+
private parseEnvFile;
|
|
9
|
+
}
|
|
10
|
+
//# sourceMappingURL=62-env-config-validator.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"62-env-config-validator.d.ts","sourceRoot":"","sources":["../../agents/62-env-config-validator.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAsBzC,qBAAa,uBAAwB,SAAQ,SAAS;IACpD,QAAQ,CAAC,OAAO,MAAM;IACtB,QAAQ,CAAC,SAAS,0BAA0B;cAE5B,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAI1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAoG7C,OAAO,CAAC,YAAY;CAkBrB"}
|