@avi770/testteam 2.0.0 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +188 -3
- package/README.md +111 -20
- package/bin/testteam.js +32 -4
- package/dist/agents/01-analyst.d.ts +2 -2
- package/dist/agents/01-analyst.js +1 -1
- package/dist/agents/02-seed-architect.d.ts +2 -2
- package/dist/agents/02-seed-architect.js +2 -2
- package/dist/agents/03-test-generator.d.ts +2 -2
- package/dist/agents/03-test-generator.js +2 -2
- package/dist/agents/04-unit-runner.d.ts +2 -2
- package/dist/agents/04-unit-runner.d.ts.map +1 -1
- package/dist/agents/04-unit-runner.js +12 -3
- package/dist/agents/04-unit-runner.js.map +1 -1
- package/dist/agents/05-browser-crawler.d.ts +2 -2
- package/dist/agents/05-browser-crawler.d.ts.map +1 -1
- package/dist/agents/05-browser-crawler.js +24 -12
- package/dist/agents/05-browser-crawler.js.map +1 -1
- package/dist/agents/06-api-exerciser.d.ts +2 -2
- package/dist/agents/06-api-exerciser.js +2 -2
- package/dist/agents/07-security-scout.d.ts +2 -2
- package/dist/agents/07-security-scout.js +2 -2
- package/dist/agents/08-a11y-guardian.d.ts +2 -2
- package/dist/agents/08-a11y-guardian.d.ts.map +1 -1
- package/dist/agents/08-a11y-guardian.js +9 -5
- package/dist/agents/08-a11y-guardian.js.map +1 -1
- package/dist/agents/09-healer.d.ts +2 -2
- package/dist/agents/09-healer.js +2 -2
- package/dist/agents/10-reporter.d.ts +2 -2
- package/dist/agents/10-reporter.d.ts.map +1 -1
- package/dist/agents/10-reporter.js +55 -27
- package/dist/agents/10-reporter.js.map +1 -1
- package/dist/agents/100-error-handling-auditor.d.ts +63 -0
- package/dist/agents/100-error-handling-auditor.d.ts.map +1 -0
- package/dist/agents/100-error-handling-auditor.js +334 -0
- package/dist/agents/100-error-handling-auditor.js.map +1 -0
- package/dist/agents/101-rate-limit-auditor.d.ts +72 -0
- package/dist/agents/101-rate-limit-auditor.d.ts.map +1 -0
- package/dist/agents/101-rate-limit-auditor.js +295 -0
- package/dist/agents/101-rate-limit-auditor.js.map +1 -0
- package/dist/agents/102-dockerfile-auditor.d.ts +62 -0
- package/dist/agents/102-dockerfile-auditor.d.ts.map +1 -0
- package/dist/agents/102-dockerfile-auditor.js +337 -0
- package/dist/agents/102-dockerfile-auditor.js.map +1 -0
- package/dist/agents/103-ci-workflow-auditor.d.ts +57 -0
- package/dist/agents/103-ci-workflow-auditor.d.ts.map +1 -0
- package/dist/agents/103-ci-workflow-auditor.js +247 -0
- package/dist/agents/103-ci-workflow-auditor.js.map +1 -0
- package/dist/agents/104-n-plus-one-detector.d.ts +57 -0
- package/dist/agents/104-n-plus-one-detector.d.ts.map +1 -0
- package/dist/agents/104-n-plus-one-detector.js +329 -0
- package/dist/agents/104-n-plus-one-detector.js.map +1 -0
- package/dist/agents/105-unbounded-query-auditor.d.ts +50 -0
- package/dist/agents/105-unbounded-query-auditor.d.ts.map +1 -0
- package/dist/agents/105-unbounded-query-auditor.js +284 -0
- package/dist/agents/105-unbounded-query-auditor.js.map +1 -0
- package/dist/agents/106-hardcoded-config-auditor.d.ts +54 -0
- package/dist/agents/106-hardcoded-config-auditor.d.ts.map +1 -0
- package/dist/agents/106-hardcoded-config-auditor.js +251 -0
- package/dist/agents/106-hardcoded-config-auditor.js.map +1 -0
- package/dist/agents/107-open-redirect-detector.d.ts +52 -0
- package/dist/agents/107-open-redirect-detector.d.ts.map +1 -0
- package/dist/agents/107-open-redirect-detector.js +263 -0
- package/dist/agents/107-open-redirect-detector.js.map +1 -0
- package/dist/agents/108-sql-injection-detector.d.ts +51 -0
- package/dist/agents/108-sql-injection-detector.d.ts.map +1 -0
- package/dist/agents/108-sql-injection-detector.js +323 -0
- package/dist/agents/108-sql-injection-detector.js.map +1 -0
- package/dist/agents/109-path-traversal-detector.d.ts +51 -0
- package/dist/agents/109-path-traversal-detector.d.ts.map +1 -0
- package/dist/agents/109-path-traversal-detector.js +244 -0
- package/dist/agents/109-path-traversal-detector.js.map +1 -0
- package/dist/agents/11-fixer.d.ts +4 -2
- package/dist/agents/11-fixer.d.ts.map +1 -1
- package/dist/agents/11-fixer.js +52 -11
- package/dist/agents/11-fixer.js.map +1 -1
- package/dist/agents/110-mass-assignment-detector.d.ts +52 -0
- package/dist/agents/110-mass-assignment-detector.d.ts.map +1 -0
- package/dist/agents/110-mass-assignment-detector.js +199 -0
- package/dist/agents/110-mass-assignment-detector.js.map +1 -0
- package/dist/agents/111-dynamic-eval-detector.d.ts +46 -0
- package/dist/agents/111-dynamic-eval-detector.d.ts.map +1 -0
- package/dist/agents/111-dynamic-eval-detector.js +233 -0
- package/dist/agents/111-dynamic-eval-detector.js.map +1 -0
- package/dist/agents/112-taint-tracker.d.ts +226 -0
- package/dist/agents/112-taint-tracker.d.ts.map +1 -0
- package/dist/agents/112-taint-tracker.js +1273 -0
- package/dist/agents/112-taint-tracker.js.map +1 -0
- package/dist/agents/113-response-contract-auditor.d.ts +92 -0
- package/dist/agents/113-response-contract-auditor.d.ts.map +1 -0
- package/dist/agents/113-response-contract-auditor.js +694 -0
- package/dist/agents/113-response-contract-auditor.js.map +1 -0
- package/dist/agents/114-static-a11y-auditor.d.ts +66 -0
- package/dist/agents/114-static-a11y-auditor.d.ts.map +1 -0
- package/dist/agents/114-static-a11y-auditor.js +377 -0
- package/dist/agents/114-static-a11y-auditor.js.map +1 -0
- package/dist/agents/115-multihop-taint-tracker.d.ts +84 -0
- package/dist/agents/115-multihop-taint-tracker.d.ts.map +1 -0
- package/dist/agents/115-multihop-taint-tracker.js +340 -0
- package/dist/agents/115-multihop-taint-tracker.js.map +1 -0
- package/dist/agents/116-runtime-contract-capture.d.ts +79 -0
- package/dist/agents/116-runtime-contract-capture.d.ts.map +1 -0
- package/dist/agents/116-runtime-contract-capture.js +274 -0
- package/dist/agents/116-runtime-contract-capture.js.map +1 -0
- package/dist/agents/117-aria-rule-engine.d.ts +52 -0
- package/dist/agents/117-aria-rule-engine.d.ts.map +1 -0
- package/dist/agents/117-aria-rule-engine.js +415 -0
- package/dist/agents/117-aria-rule-engine.js.map +1 -0
- package/dist/agents/118-insecure-crypto-auditor.d.ts +48 -0
- package/dist/agents/118-insecure-crypto-auditor.d.ts.map +1 -0
- package/dist/agents/118-insecure-crypto-auditor.js +232 -0
- package/dist/agents/118-insecure-crypto-auditor.js.map +1 -0
- package/dist/agents/119-secrets-scanner.d.ts +44 -0
- package/dist/agents/119-secrets-scanner.d.ts.map +1 -0
- package/dist/agents/119-secrets-scanner.js +242 -0
- package/dist/agents/119-secrets-scanner.js.map +1 -0
- package/dist/agents/12-ux-inspector.d.ts +2 -2
- package/dist/agents/12-ux-inspector.d.ts.map +1 -1
- package/dist/agents/12-ux-inspector.js +8 -4
- package/dist/agents/12-ux-inspector.js.map +1 -1
- package/dist/agents/120-async-safety-auditor.d.ts +48 -0
- package/dist/agents/120-async-safety-auditor.d.ts.map +1 -0
- package/dist/agents/120-async-safety-auditor.js +250 -0
- package/dist/agents/120-async-safety-auditor.js.map +1 -0
- package/dist/agents/13-performance-profiler.d.ts +2 -2
- package/dist/agents/13-performance-profiler.d.ts.map +1 -1
- package/dist/agents/13-performance-profiler.js +5 -4
- package/dist/agents/13-performance-profiler.js.map +1 -1
- package/dist/agents/14-data-integrity-auditor.d.ts +2 -2
- package/dist/agents/14-data-integrity-auditor.js +4 -4
- package/dist/agents/14-data-integrity-auditor.js.map +1 -1
- package/dist/agents/15-regression-sentinel.d.ts +6 -4
- package/dist/agents/15-regression-sentinel.d.ts.map +1 -1
- package/dist/agents/15-regression-sentinel.js +5 -4
- package/dist/agents/15-regression-sentinel.js.map +1 -1
- package/dist/agents/16-chaos-agent.d.ts +2 -2
- package/dist/agents/16-chaos-agent.d.ts.map +1 -1
- package/dist/agents/16-chaos-agent.js +11 -4
- package/dist/agents/16-chaos-agent.js.map +1 -1
- package/dist/agents/17-documentation-validator.d.ts +2 -2
- package/dist/agents/17-documentation-validator.d.ts.map +1 -1
- package/dist/agents/17-documentation-validator.js +5 -2
- package/dist/agents/17-documentation-validator.js.map +1 -1
- package/dist/agents/18-integration-watchdog.d.ts +2 -2
- package/dist/agents/18-integration-watchdog.d.ts.map +1 -1
- package/dist/agents/18-integration-watchdog.js +5 -2
- package/dist/agents/18-integration-watchdog.js.map +1 -1
- package/dist/agents/19-tenant-isolation-auditor.d.ts +2 -2
- package/dist/agents/19-tenant-isolation-auditor.js +4 -4
- package/dist/agents/19-tenant-isolation-auditor.js.map +1 -1
- package/dist/agents/20-workflow-completion-tester.d.ts +2 -2
- package/dist/agents/20-workflow-completion-tester.d.ts.map +1 -1
- package/dist/agents/20-workflow-completion-tester.js +10 -6
- package/dist/agents/20-workflow-completion-tester.js.map +1 -1
- package/dist/agents/21-state-session-tester.d.ts +2 -2
- package/dist/agents/21-state-session-tester.d.ts.map +1 -1
- package/dist/agents/21-state-session-tester.js +15 -5
- package/dist/agents/21-state-session-tester.js.map +1 -1
- package/dist/agents/22-email-notification-verifier.d.ts +2 -2
- package/dist/agents/22-email-notification-verifier.js +2 -2
- package/dist/agents/23-migration-tester.d.ts +2 -2
- package/dist/agents/23-migration-tester.js +1 -1
- package/dist/agents/24-signup-onboarding-tester.d.ts +2 -2
- package/dist/agents/24-signup-onboarding-tester.d.ts.map +1 -1
- package/dist/agents/24-signup-onboarding-tester.js +13 -10
- package/dist/agents/24-signup-onboarding-tester.js.map +1 -1
- package/dist/agents/25-crud-flow-tester.d.ts +2 -2
- package/dist/agents/25-crud-flow-tester.d.ts.map +1 -1
- package/dist/agents/25-crud-flow-tester.js +12 -6
- package/dist/agents/25-crud-flow-tester.js.map +1 -1
- package/dist/agents/26-form-validator.d.ts +2 -2
- package/dist/agents/26-form-validator.d.ts.map +1 -1
- package/dist/agents/26-form-validator.js +12 -6
- package/dist/agents/26-form-validator.js.map +1 -1
- package/dist/agents/27-search-filter-tester.d.ts +2 -2
- package/dist/agents/27-search-filter-tester.d.ts.map +1 -1
- package/dist/agents/27-search-filter-tester.js +12 -6
- package/dist/agents/27-search-filter-tester.js.map +1 -1
- package/dist/agents/28-navigation-routing-tester.d.ts +2 -2
- package/dist/agents/28-navigation-routing-tester.d.ts.map +1 -1
- package/dist/agents/28-navigation-routing-tester.js +12 -6
- package/dist/agents/28-navigation-routing-tester.js.map +1 -1
- package/dist/agents/29-responsive-interaction-tester.d.ts +2 -2
- package/dist/agents/29-responsive-interaction-tester.d.ts.map +1 -1
- package/dist/agents/29-responsive-interaction-tester.js +12 -6
- package/dist/agents/29-responsive-interaction-tester.js.map +1 -1
- package/dist/agents/30-multi-user-scenario-tester.d.ts +2 -2
- package/dist/agents/30-multi-user-scenario-tester.d.ts.map +1 -1
- package/dist/agents/30-multi-user-scenario-tester.js +20 -13
- package/dist/agents/30-multi-user-scenario-tester.js.map +1 -1
- package/dist/agents/31-load-tester.d.ts +2 -2
- package/dist/agents/31-load-tester.js +2 -2
- package/dist/agents/32-memory-leak-detector.d.ts +2 -2
- package/dist/agents/32-memory-leak-detector.d.ts.map +1 -1
- package/dist/agents/32-memory-leak-detector.js +5 -4
- package/dist/agents/32-memory-leak-detector.js.map +1 -1
- package/dist/agents/33-bundle-analyzer.d.ts +2 -2
- package/dist/agents/33-bundle-analyzer.js +1 -1
- package/dist/agents/34-xss-scanner.d.ts +2 -2
- package/dist/agents/34-xss-scanner.d.ts.map +1 -1
- package/dist/agents/34-xss-scanner.js +12 -6
- package/dist/agents/34-xss-scanner.js.map +1 -1
- package/dist/agents/35-csrf-tester.d.ts +2 -2
- package/dist/agents/35-csrf-tester.js +2 -2
- package/dist/agents/36-auth-fuzzer.d.ts +2 -2
- package/dist/agents/36-auth-fuzzer.js +2 -2
- package/dist/agents/37-dependency-scanner.d.ts +2 -2
- package/dist/agents/37-dependency-scanner.js +1 -1
- package/dist/agents/38-secrets-scanner.d.ts +2 -2
- package/dist/agents/38-secrets-scanner.d.ts.map +1 -1
- package/dist/agents/38-secrets-scanner.js +39 -4
- package/dist/agents/38-secrets-scanner.js.map +1 -1
- package/dist/agents/39-api-contract-tester.d.ts +2 -2
- package/dist/agents/39-api-contract-tester.js +2 -2
- package/dist/agents/40-rate-limit-tester.d.ts +2 -2
- package/dist/agents/40-rate-limit-tester.js +2 -2
- package/dist/agents/41-api-pagination-tester.d.ts +2 -2
- package/dist/agents/41-api-pagination-tester.js +2 -2
- package/dist/agents/42-graphql-tester.d.ts +2 -2
- package/dist/agents/42-graphql-tester.js +2 -2
- package/dist/agents/43-data-consistency-checker.d.ts +2 -2
- package/dist/agents/43-data-consistency-checker.js +3 -3
- package/dist/agents/44-backup-recovery-tester.d.ts +2 -2
- package/dist/agents/44-backup-recovery-tester.js +1 -1
- package/dist/agents/45-data-privacy-scanner.d.ts +2 -2
- package/dist/agents/45-data-privacy-scanner.js +3 -3
- package/dist/agents/46-seo-auditor.d.ts +2 -2
- package/dist/agents/46-seo-auditor.d.ts.map +1 -1
- package/dist/agents/46-seo-auditor.js +12 -6
- package/dist/agents/46-seo-auditor.js.map +1 -1
- package/dist/agents/47-social-preview-tester.d.ts +2 -2
- package/dist/agents/47-social-preview-tester.d.ts.map +1 -1
- package/dist/agents/47-social-preview-tester.js +12 -6
- package/dist/agents/47-social-preview-tester.js.map +1 -1
- package/dist/agents/48-lighthouse-auditor.d.ts +2 -2
- package/dist/agents/48-lighthouse-auditor.d.ts.map +1 -1
- package/dist/agents/48-lighthouse-auditor.js +5 -4
- package/dist/agents/48-lighthouse-auditor.js.map +1 -1
- package/dist/agents/49-i18n-tester.d.ts +2 -2
- package/dist/agents/49-i18n-tester.d.ts.map +1 -1
- package/dist/agents/49-i18n-tester.js +12 -6
- package/dist/agents/49-i18n-tester.js.map +1 -1
- package/dist/agents/50-timezone-tester.d.ts +2 -2
- package/dist/agents/50-timezone-tester.d.ts.map +1 -1
- package/dist/agents/50-timezone-tester.js +40 -33
- package/dist/agents/50-timezone-tester.js.map +1 -1
- package/dist/agents/51-error-recovery-tester.d.ts +2 -2
- package/dist/agents/51-error-recovery-tester.d.ts.map +1 -1
- package/dist/agents/51-error-recovery-tester.js +12 -7
- package/dist/agents/51-error-recovery-tester.js.map +1 -1
- package/dist/agents/52-offline-mode-tester.d.ts +2 -2
- package/dist/agents/52-offline-mode-tester.d.ts.map +1 -1
- package/dist/agents/52-offline-mode-tester.js +12 -7
- package/dist/agents/52-offline-mode-tester.js.map +1 -1
- package/dist/agents/53-graceful-degradation-tester.d.ts +2 -2
- package/dist/agents/53-graceful-degradation-tester.d.ts.map +1 -1
- package/dist/agents/53-graceful-degradation-tester.js +10 -3
- package/dist/agents/53-graceful-degradation-tester.js.map +1 -1
- package/dist/agents/54-websocket-tester.d.ts +2 -2
- package/dist/agents/54-websocket-tester.d.ts.map +1 -1
- package/dist/agents/54-websocket-tester.js +12 -6
- package/dist/agents/54-websocket-tester.js.map +1 -1
- package/dist/agents/55-realtime-sync-tester.d.ts +2 -2
- package/dist/agents/55-realtime-sync-tester.d.ts.map +1 -1
- package/dist/agents/55-realtime-sync-tester.js +101 -96
- package/dist/agents/55-realtime-sync-tester.js.map +1 -1
- package/dist/agents/56-file-upload-tester.d.ts +2 -2
- package/dist/agents/56-file-upload-tester.d.ts.map +1 -1
- package/dist/agents/56-file-upload-tester.js +17 -13
- package/dist/agents/56-file-upload-tester.js.map +1 -1
- package/dist/agents/57-export-tester.d.ts +2 -2
- package/dist/agents/57-export-tester.d.ts.map +1 -1
- package/dist/agents/57-export-tester.js +8 -4
- package/dist/agents/57-export-tester.js.map +1 -1
- package/dist/agents/58-payment-flow-tester.d.ts +2 -2
- package/dist/agents/58-payment-flow-tester.d.ts.map +1 -1
- package/dist/agents/58-payment-flow-tester.js +8 -4
- package/dist/agents/58-payment-flow-tester.js.map +1 -1
- package/dist/agents/59-ssl-tls-auditor.d.ts +2 -2
- package/dist/agents/59-ssl-tls-auditor.js +2 -2
- package/dist/agents/60-dns-cdn-tester.d.ts +2 -2
- package/dist/agents/60-dns-cdn-tester.js +2 -2
- package/dist/agents/61-docker-health-checker.d.ts +2 -2
- package/dist/agents/61-docker-health-checker.js +1 -1
- package/dist/agents/62-env-config-validator.d.ts +2 -2
- package/dist/agents/62-env-config-validator.js +1 -1
- package/dist/agents/63-log-quality-auditor.d.ts +2 -2
- package/dist/agents/63-log-quality-auditor.js +1 -1
- package/dist/agents/64-analytics-tracker-tester.d.ts +2 -2
- package/dist/agents/64-analytics-tracker-tester.d.ts.map +1 -1
- package/dist/agents/64-analytics-tracker-tester.js +8 -4
- package/dist/agents/64-analytics-tracker-tester.js.map +1 -1
- package/dist/agents/65-gdpr-compliance-tester.d.ts +2 -2
- package/dist/agents/65-gdpr-compliance-tester.d.ts.map +1 -1
- package/dist/agents/65-gdpr-compliance-tester.js +55 -40
- package/dist/agents/65-gdpr-compliance-tester.js.map +1 -1
- package/dist/agents/66-soc2-control-validator.d.ts +2 -2
- package/dist/agents/66-soc2-control-validator.d.ts.map +1 -1
- package/dist/agents/66-soc2-control-validator.js +29 -21
- package/dist/agents/66-soc2-control-validator.js.map +1 -1
- package/dist/agents/67-wcag-aaa-tester.d.ts +2 -2
- package/dist/agents/67-wcag-aaa-tester.d.ts.map +1 -1
- package/dist/agents/67-wcag-aaa-tester.js +12 -6
- package/dist/agents/67-wcag-aaa-tester.js.map +1 -1
- package/dist/agents/68-dead-code-detector.d.ts +2 -2
- package/dist/agents/68-dead-code-detector.d.ts.map +1 -1
- package/dist/agents/68-dead-code-detector.js +6 -3
- package/dist/agents/68-dead-code-detector.js.map +1 -1
- package/dist/agents/69-type-safety-auditor.d.ts +2 -2
- package/dist/agents/69-type-safety-auditor.js +1 -1
- package/dist/agents/70-complexity-analyzer.d.ts +2 -2
- package/dist/agents/70-complexity-analyzer.js +1 -1
- package/dist/agents/71-unit-testing-agent.d.ts +15 -0
- package/dist/agents/71-unit-testing-agent.d.ts.map +1 -0
- package/dist/agents/71-unit-testing-agent.js +220 -0
- package/dist/agents/71-unit-testing-agent.js.map +1 -0
- package/dist/agents/72-integration-testing-agent.d.ts +13 -0
- package/dist/agents/72-integration-testing-agent.d.ts.map +1 -0
- package/dist/agents/72-integration-testing-agent.js +243 -0
- package/dist/agents/72-integration-testing-agent.js.map +1 -0
- package/dist/agents/73-system-testing-agent.d.ts +11 -0
- package/dist/agents/73-system-testing-agent.d.ts.map +1 -0
- package/dist/agents/73-system-testing-agent.js +175 -0
- package/dist/agents/73-system-testing-agent.js.map +1 -0
- package/dist/agents/74-acceptance-testing-agent.d.ts +13 -0
- package/dist/agents/74-acceptance-testing-agent.d.ts.map +1 -0
- package/dist/agents/74-acceptance-testing-agent.js +254 -0
- package/dist/agents/74-acceptance-testing-agent.js.map +1 -0
- package/dist/agents/75-sanity-testing-agent.d.ts +15 -0
- package/dist/agents/75-sanity-testing-agent.d.ts.map +1 -0
- package/dist/agents/75-sanity-testing-agent.js +240 -0
- package/dist/agents/75-sanity-testing-agent.js.map +1 -0
- package/dist/agents/76-regression-testing-agent.d.ts +14 -0
- package/dist/agents/76-regression-testing-agent.d.ts.map +1 -0
- package/dist/agents/76-regression-testing-agent.js +230 -0
- package/dist/agents/76-regression-testing-agent.js.map +1 -0
- package/dist/agents/77-browser-load-testing-agent.d.ts +11 -0
- package/dist/agents/77-browser-load-testing-agent.d.ts.map +1 -0
- package/dist/agents/77-browser-load-testing-agent.js +128 -0
- package/dist/agents/77-browser-load-testing-agent.js.map +1 -0
- package/dist/agents/78-stress-testing-agent.d.ts +11 -0
- package/dist/agents/78-stress-testing-agent.d.ts.map +1 -0
- package/dist/agents/78-stress-testing-agent.js +146 -0
- package/dist/agents/78-stress-testing-agent.js.map +1 -0
- package/dist/agents/79-endurance-testing-agent.d.ts +12 -0
- package/dist/agents/79-endurance-testing-agent.d.ts.map +1 -0
- package/dist/agents/79-endurance-testing-agent.js +165 -0
- package/dist/agents/79-endurance-testing-agent.js.map +1 -0
- package/dist/agents/80-usability-testing-agent.d.ts +11 -0
- package/dist/agents/80-usability-testing-agent.d.ts.map +1 -0
- package/dist/agents/80-usability-testing-agent.js +196 -0
- package/dist/agents/80-usability-testing-agent.js.map +1 -0
- package/dist/agents/81-compatibility-testing-agent.d.ts +11 -0
- package/dist/agents/81-compatibility-testing-agent.d.ts.map +1 -0
- package/dist/agents/81-compatibility-testing-agent.js +224 -0
- package/dist/agents/81-compatibility-testing-agent.js.map +1 -0
- package/dist/agents/82-exploratory-testing-agent.d.ts +14 -0
- package/dist/agents/82-exploratory-testing-agent.d.ts.map +1 -0
- package/dist/agents/82-exploratory-testing-agent.js +345 -0
- package/dist/agents/82-exploratory-testing-agent.js.map +1 -0
- package/dist/agents/83-static-analysis-agent.d.ts +14 -0
- package/dist/agents/83-static-analysis-agent.d.ts.map +1 -0
- package/dist/agents/83-static-analysis-agent.js +261 -0
- package/dist/agents/83-static-analysis-agent.js.map +1 -0
- package/dist/agents/84-governance-testing-agent.d.ts +28 -0
- package/dist/agents/84-governance-testing-agent.d.ts.map +1 -0
- package/dist/agents/84-governance-testing-agent.js +591 -0
- package/dist/agents/84-governance-testing-agent.js.map +1 -0
- package/dist/agents/85-stagehand-agent.d.ts +22 -0
- package/dist/agents/85-stagehand-agent.d.ts.map +1 -0
- package/dist/agents/85-stagehand-agent.js +81 -0
- package/dist/agents/85-stagehand-agent.js.map +1 -0
- package/dist/agents/86-browser-use-agent.d.ts +31 -0
- package/dist/agents/86-browser-use-agent.d.ts.map +1 -0
- package/dist/agents/86-browser-use-agent.js +121 -0
- package/dist/agents/86-browser-use-agent.js.map +1 -0
- package/dist/agents/87-connection-mapper.d.ts +93 -0
- package/dist/agents/87-connection-mapper.d.ts.map +1 -0
- package/dist/agents/87-connection-mapper.js +658 -0
- package/dist/agents/87-connection-mapper.js.map +1 -0
- package/dist/agents/88-localhost-walkthrough.d.ts +272 -0
- package/dist/agents/88-localhost-walkthrough.d.ts.map +1 -0
- package/dist/agents/88-localhost-walkthrough.js +1203 -0
- package/dist/agents/88-localhost-walkthrough.js.map +1 -0
- package/dist/agents/89-repair-retest.d.ts +63 -0
- package/dist/agents/89-repair-retest.d.ts.map +1 -0
- package/dist/agents/89-repair-retest.js +227 -0
- package/dist/agents/89-repair-retest.js.map +1 -0
- package/dist/agents/90-response-shape-validator.d.ts +35 -0
- package/dist/agents/90-response-shape-validator.d.ts.map +1 -0
- package/dist/agents/90-response-shape-validator.js +156 -0
- package/dist/agents/90-response-shape-validator.js.map +1 -0
- package/dist/agents/91-boundary-fuzzer.d.ts +99 -0
- package/dist/agents/91-boundary-fuzzer.d.ts.map +1 -0
- package/dist/agents/91-boundary-fuzzer.js +0 -0
- package/dist/agents/91-boundary-fuzzer.js.map +1 -0
- package/dist/agents/92-repair-simulator.d.ts +89 -0
- package/dist/agents/92-repair-simulator.d.ts.map +1 -0
- package/dist/agents/92-repair-simulator.js +401 -0
- package/dist/agents/92-repair-simulator.js.map +1 -0
- package/dist/agents/93-env-var-auditor.d.ts +64 -0
- package/dist/agents/93-env-var-auditor.d.ts.map +1 -0
- package/dist/agents/93-env-var-auditor.js +435 -0
- package/dist/agents/93-env-var-auditor.js.map +1 -0
- package/dist/agents/94-schema-validator.d.ts +148 -0
- package/dist/agents/94-schema-validator.d.ts.map +1 -0
- package/dist/agents/94-schema-validator.js +567 -0
- package/dist/agents/94-schema-validator.js.map +1 -0
- package/dist/agents/95-contract-drift.d.ts +87 -0
- package/dist/agents/95-contract-drift.d.ts.map +1 -0
- package/dist/agents/95-contract-drift.js +335 -0
- package/dist/agents/95-contract-drift.js.map +1 -0
- package/dist/agents/96-cookie-security-auditor.d.ts +86 -0
- package/dist/agents/96-cookie-security-auditor.d.ts.map +1 -0
- package/dist/agents/96-cookie-security-auditor.js +339 -0
- package/dist/agents/96-cookie-security-auditor.js.map +1 -0
- package/dist/agents/97-healthcheck-validator.d.ts +62 -0
- package/dist/agents/97-healthcheck-validator.d.ts.map +1 -0
- package/dist/agents/97-healthcheck-validator.js +204 -0
- package/dist/agents/97-healthcheck-validator.js.map +1 -0
- package/dist/agents/98-cors-csp-auditor.d.ts +70 -0
- package/dist/agents/98-cors-csp-auditor.d.ts.map +1 -0
- package/dist/agents/98-cors-csp-auditor.js +308 -0
- package/dist/agents/98-cors-csp-auditor.js.map +1 -0
- package/dist/agents/99-logging-hygiene-auditor.d.ts +67 -0
- package/dist/agents/99-logging-hygiene-auditor.d.ts.map +1 -0
- package/dist/agents/99-logging-hygiene-auditor.js +325 -0
- package/dist/agents/99-logging-hygiene-auditor.js.map +1 -0
- package/dist/agents/base-agent.d.ts +75 -3
- package/dist/agents/base-agent.d.ts.map +1 -1
- package/dist/agents/base-agent.js +112 -1
- package/dist/agents/base-agent.js.map +1 -1
- package/dist/agents/browser-use-client.d.ts +68 -0
- package/dist/agents/browser-use-client.d.ts.map +1 -0
- package/dist/agents/browser-use-client.js +92 -0
- package/dist/agents/browser-use-client.js.map +1 -0
- package/dist/agents/lib/source-scan.d.ts +53 -0
- package/dist/agents/lib/source-scan.d.ts.map +1 -0
- package/dist/agents/lib/source-scan.js +279 -0
- package/dist/agents/lib/source-scan.js.map +1 -0
- package/dist/agents/registry.d.ts +27 -8
- package/dist/agents/registry.d.ts.map +1 -1
- package/dist/agents/registry.js +365 -151
- package/dist/agents/registry.js.map +1 -1
- package/dist/agents/stagehand-runner.d.ts +104 -0
- package/dist/agents/stagehand-runner.d.ts.map +1 -0
- package/dist/agents/stagehand-runner.js +153 -0
- package/dist/agents/stagehand-runner.js.map +1 -0
- package/dist/bridge/agent-registry.d.ts +21 -0
- package/dist/bridge/agent-registry.d.ts.map +1 -0
- package/dist/bridge/agent-registry.js +224 -0
- package/dist/bridge/agent-registry.js.map +1 -0
- package/dist/bridge/api-contract-reader.d.ts +55 -0
- package/dist/bridge/api-contract-reader.d.ts.map +1 -0
- package/dist/bridge/api-contract-reader.js +103 -0
- package/dist/bridge/api-contract-reader.js.map +1 -0
- package/dist/bridge/compliance-reader.d.ts +47 -0
- package/dist/bridge/compliance-reader.d.ts.map +1 -0
- package/dist/bridge/compliance-reader.js +91 -0
- package/dist/bridge/compliance-reader.js.map +1 -0
- package/dist/bridge/data-integrity-reader.d.ts +77 -0
- package/dist/bridge/data-integrity-reader.d.ts.map +1 -0
- package/dist/bridge/data-integrity-reader.js +110 -0
- package/dist/bridge/data-integrity-reader.js.map +1 -0
- package/dist/bridge/design-reader.d.ts +51 -0
- package/dist/bridge/design-reader.d.ts.map +1 -0
- package/dist/bridge/design-reader.js +105 -0
- package/dist/bridge/design-reader.js.map +1 -0
- package/dist/bridge/file-scanner.d.ts +21 -0
- package/dist/bridge/file-scanner.d.ts.map +1 -0
- package/dist/bridge/file-scanner.js +117 -0
- package/dist/bridge/file-scanner.js.map +1 -0
- package/dist/bridge/finding-normalize.d.ts +24 -0
- package/dist/bridge/finding-normalize.d.ts.map +1 -0
- package/dist/bridge/finding-normalize.js +46 -0
- package/dist/bridge/finding-normalize.js.map +1 -0
- package/dist/bridge/http-client.d.ts +44 -0
- package/dist/bridge/http-client.d.ts.map +1 -0
- package/dist/bridge/http-client.js +130 -0
- package/dist/bridge/http-client.js.map +1 -0
- package/dist/bridge/knowledge-reader.d.ts +10 -0
- package/dist/bridge/knowledge-reader.d.ts.map +1 -0
- package/dist/bridge/knowledge-reader.js +46 -0
- package/dist/bridge/knowledge-reader.js.map +1 -0
- package/dist/bridge/loop-engine-reader.d.ts +77 -0
- package/dist/bridge/loop-engine-reader.d.ts.map +1 -0
- package/dist/bridge/loop-engine-reader.js +73 -0
- package/dist/bridge/loop-engine-reader.js.map +1 -0
- package/dist/bridge/playwright-pool.d.ts +33 -0
- package/dist/bridge/playwright-pool.d.ts.map +1 -0
- package/dist/bridge/playwright-pool.js +89 -0
- package/dist/bridge/playwright-pool.js.map +1 -0
- package/dist/bridge/rate-limiter.d.ts +40 -0
- package/dist/bridge/rate-limiter.d.ts.map +1 -0
- package/dist/bridge/rate-limiter.js +33 -0
- package/dist/bridge/rate-limiter.js.map +1 -0
- package/dist/bridge/reliability-reader.d.ts +67 -0
- package/dist/bridge/reliability-reader.d.ts.map +1 -0
- package/dist/bridge/reliability-reader.js +146 -0
- package/dist/bridge/reliability-reader.js.map +1 -0
- package/dist/bridge/router.d.ts +26 -0
- package/dist/bridge/router.d.ts.map +1 -0
- package/dist/bridge/router.js +137 -0
- package/dist/bridge/router.js.map +1 -0
- package/dist/bridge/run-stream.d.ts +47 -0
- package/dist/bridge/run-stream.d.ts.map +1 -0
- package/dist/bridge/run-stream.js +67 -0
- package/dist/bridge/run-stream.js.map +1 -0
- package/dist/bridge/runs-reader.d.ts +41 -0
- package/dist/bridge/runs-reader.d.ts.map +1 -0
- package/dist/bridge/runs-reader.js +185 -0
- package/dist/bridge/runs-reader.js.map +1 -0
- package/dist/bridge/sentinel-reader.d.ts +55 -0
- package/dist/bridge/sentinel-reader.d.ts.map +1 -0
- package/dist/bridge/sentinel-reader.js +88 -0
- package/dist/bridge/sentinel-reader.js.map +1 -0
- package/dist/bridge/server.d.ts +83 -0
- package/dist/bridge/server.d.ts.map +1 -0
- package/dist/bridge/server.js +1103 -0
- package/dist/bridge/server.js.map +1 -0
- package/dist/bridge/shell-executor.d.ts +49 -0
- package/dist/bridge/shell-executor.d.ts.map +1 -0
- package/dist/bridge/shell-executor.js +181 -0
- package/dist/bridge/shell-executor.js.map +1 -0
- package/dist/bridge/tech-debt-reader.d.ts +57 -0
- package/dist/bridge/tech-debt-reader.d.ts.map +1 -0
- package/dist/bridge/tech-debt-reader.js +119 -0
- package/dist/bridge/tech-debt-reader.js.map +1 -0
- package/dist/bridge/types.d.ts +63 -0
- package/dist/bridge/types.d.ts.map +1 -0
- package/dist/bridge/types.js +7 -0
- package/dist/bridge/types.js.map +1 -0
- package/dist/clients/agent-mvp.d.ts +68 -0
- package/dist/clients/agent-mvp.d.ts.map +1 -0
- package/dist/clients/agent-mvp.js +102 -0
- package/dist/clients/agent-mvp.js.map +1 -0
- package/dist/clients/llm-council.d.ts +47 -0
- package/dist/clients/llm-council.d.ts.map +1 -0
- package/dist/clients/llm-council.js +52 -0
- package/dist/clients/llm-council.js.map +1 -0
- package/dist/clients/total-recall.d.ts +37 -0
- package/dist/clients/total-recall.d.ts.map +1 -0
- package/dist/clients/total-recall.js +239 -0
- package/dist/clients/total-recall.js.map +1 -0
- package/dist/core/agent-contract.d.ts +21 -0
- package/dist/core/agent-contract.d.ts.map +1 -0
- package/dist/core/agent-contract.js +18 -0
- package/dist/core/agent-contract.js.map +1 -0
- package/dist/core/api-contract/api-contract-validator.d.ts +178 -0
- package/dist/core/api-contract/api-contract-validator.d.ts.map +1 -0
- package/dist/core/api-contract/api-contract-validator.js +796 -0
- package/dist/core/api-contract/api-contract-validator.js.map +1 -0
- package/dist/core/api-contract/index.d.ts +16 -0
- package/dist/core/api-contract/index.d.ts.map +1 -0
- package/dist/core/api-contract/index.js +24 -0
- package/dist/core/api-contract/index.js.map +1 -0
- package/dist/core/api-contract/types.d.ts +235 -0
- package/dist/core/api-contract/types.d.ts.map +1 -0
- package/dist/core/api-contract/types.js +27 -0
- package/dist/core/api-contract/types.js.map +1 -0
- package/dist/core/blackboard/blackboard.d.ts +34 -0
- package/dist/core/blackboard/blackboard.d.ts.map +1 -0
- package/dist/core/blackboard/blackboard.js +133 -0
- package/dist/core/blackboard/blackboard.js.map +1 -0
- package/dist/core/blackboard/coordination.d.ts +27 -0
- package/dist/core/blackboard/coordination.d.ts.map +1 -0
- package/dist/core/blackboard/coordination.js +31 -0
- package/dist/core/blackboard/coordination.js.map +1 -0
- package/dist/core/blackboard/direct-channel.d.ts +26 -0
- package/dist/core/blackboard/direct-channel.d.ts.map +1 -0
- package/dist/core/blackboard/direct-channel.js +26 -0
- package/dist/core/blackboard/direct-channel.js.map +1 -0
- package/dist/core/blackboard/index.d.ts +10 -0
- package/dist/core/blackboard/index.d.ts.map +1 -0
- package/dist/core/blackboard/index.js +4 -0
- package/dist/core/blackboard/index.js.map +1 -0
- package/dist/core/blackboard/types.d.ts +36 -0
- package/dist/core/blackboard/types.d.ts.map +1 -0
- package/dist/core/blackboard/types.js +2 -0
- package/dist/core/blackboard/types.js.map +1 -0
- package/dist/core/canvas/schema.d.ts +81 -0
- package/dist/core/canvas/schema.d.ts.map +1 -0
- package/dist/core/canvas/schema.js +144 -0
- package/dist/core/canvas/schema.js.map +1 -0
- package/dist/core/canvas/store.d.ts +41 -0
- package/dist/core/canvas/store.d.ts.map +1 -0
- package/dist/core/canvas/store.js +121 -0
- package/dist/core/canvas/store.js.map +1 -0
- package/dist/core/ci-output.d.ts +1 -1
- package/dist/core/ci-output.d.ts.map +1 -1
- package/dist/core/ci-output.js +2 -0
- package/dist/core/ci-output.js.map +1 -1
- package/dist/core/cli.d.ts +15 -1
- package/dist/core/cli.d.ts.map +1 -1
- package/dist/core/cli.js +416 -35
- package/dist/core/cli.js.map +1 -1
- package/dist/core/compliance/auditor.d.ts +119 -0
- package/dist/core/compliance/auditor.d.ts.map +1 -0
- package/dist/core/compliance/auditor.js +577 -0
- package/dist/core/compliance/auditor.js.map +1 -0
- package/dist/core/compliance/index.d.ts +11 -0
- package/dist/core/compliance/index.d.ts.map +1 -0
- package/dist/core/compliance/index.js +10 -0
- package/dist/core/compliance/index.js.map +1 -0
- package/dist/core/compliance/types.d.ts +174 -0
- package/dist/core/compliance/types.d.ts.map +1 -0
- package/dist/core/compliance/types.js +12 -0
- package/dist/core/compliance/types.js.map +1 -0
- package/dist/core/conductor/conductor.d.ts +37 -0
- package/dist/core/conductor/conductor.d.ts.map +1 -0
- package/dist/core/conductor/conductor.js +96 -0
- package/dist/core/conductor/conductor.js.map +1 -0
- package/dist/core/conductor/index.d.ts +9 -0
- package/dist/core/conductor/index.d.ts.map +1 -0
- package/dist/core/conductor/index.js +3 -0
- package/dist/core/conductor/index.js.map +1 -0
- package/dist/core/conductor/model-router.d.ts +17 -0
- package/dist/core/conductor/model-router.d.ts.map +1 -0
- package/dist/core/conductor/model-router.js +29 -0
- package/dist/core/conductor/model-router.js.map +1 -0
- package/dist/core/conductor/types.d.ts +33 -0
- package/dist/core/conductor/types.d.ts.map +1 -0
- package/dist/core/conductor/types.js +2 -0
- package/dist/core/conductor/types.js.map +1 -0
- package/dist/core/config.d.ts +148 -1
- package/dist/core/config.d.ts.map +1 -1
- package/dist/core/config.js +53 -4
- package/dist/core/config.js.map +1 -1
- package/dist/core/data-integrity/data-integrity.d.ts +291 -0
- package/dist/core/data-integrity/data-integrity.d.ts.map +1 -0
- package/dist/core/data-integrity/data-integrity.js +892 -0
- package/dist/core/data-integrity/data-integrity.js.map +1 -0
- package/dist/core/data-integrity/index.d.ts +16 -0
- package/dist/core/data-integrity/index.d.ts.map +1 -0
- package/dist/core/data-integrity/index.js +17 -0
- package/dist/core/data-integrity/index.js.map +1 -0
- package/dist/core/data-integrity/types.d.ts +236 -0
- package/dist/core/data-integrity/types.d.ts.map +1 -0
- package/dist/core/data-integrity/types.js +14 -0
- package/dist/core/data-integrity/types.js.map +1 -0
- package/dist/core/disaster-recovery/index.d.ts +13 -0
- package/dist/core/disaster-recovery/index.d.ts.map +1 -0
- package/dist/core/disaster-recovery/index.js +3 -0
- package/dist/core/disaster-recovery/index.js.map +1 -0
- package/dist/core/disaster-recovery/simulator.d.ts +158 -0
- package/dist/core/disaster-recovery/simulator.d.ts.map +1 -0
- package/dist/core/disaster-recovery/simulator.js +553 -0
- package/dist/core/disaster-recovery/simulator.js.map +1 -0
- package/dist/core/disaster-recovery/types.d.ts +299 -0
- package/dist/core/disaster-recovery/types.d.ts.map +1 -0
- package/dist/core/disaster-recovery/types.js +33 -0
- package/dist/core/disaster-recovery/types.js.map +1 -0
- package/dist/core/escalation/heal-or-ask.d.ts +20 -0
- package/dist/core/escalation/heal-or-ask.d.ts.map +1 -0
- package/dist/core/escalation/heal-or-ask.js +19 -0
- package/dist/core/escalation/heal-or-ask.js.map +1 -0
- package/dist/core/escalation/index.d.ts +9 -0
- package/dist/core/escalation/index.d.ts.map +1 -0
- package/dist/core/escalation/index.js +3 -0
- package/dist/core/escalation/index.js.map +1 -0
- package/dist/core/escalation/pause-gate.d.ts +48 -0
- package/dist/core/escalation/pause-gate.d.ts.map +1 -0
- package/dist/core/escalation/pause-gate.js +96 -0
- package/dist/core/escalation/pause-gate.js.map +1 -0
- package/dist/core/escalation/types.d.ts +33 -0
- package/dist/core/escalation/types.d.ts.map +1 -0
- package/dist/core/escalation/types.js +9 -0
- package/dist/core/escalation/types.js.map +1 -0
- package/dist/core/evidence.d.ts +32 -1
- package/dist/core/evidence.d.ts.map +1 -1
- package/dist/core/evidence.js +99 -1
- package/dist/core/evidence.js.map +1 -1
- package/dist/core/feature-bdd/fix.d.ts +84 -0
- package/dist/core/feature-bdd/fix.d.ts.map +1 -0
- package/dist/core/feature-bdd/fix.js +121 -0
- package/dist/core/feature-bdd/fix.js.map +1 -0
- package/dist/core/feature-bdd/generate.d.ts +96 -0
- package/dist/core/feature-bdd/generate.d.ts.map +1 -0
- package/dist/core/feature-bdd/generate.js +228 -0
- package/dist/core/feature-bdd/generate.js.map +1 -0
- package/dist/core/feature-bdd/llm-provider.d.ts +92 -0
- package/dist/core/feature-bdd/llm-provider.d.ts.map +1 -0
- package/dist/core/feature-bdd/llm-provider.js +187 -0
- package/dist/core/feature-bdd/llm-provider.js.map +1 -0
- package/dist/core/feature-bdd/run.d.ts +56 -0
- package/dist/core/feature-bdd/run.d.ts.map +1 -0
- package/dist/core/feature-bdd/run.js +175 -0
- package/dist/core/feature-bdd/run.js.map +1 -0
- package/dist/core/feature-bdd/schema.d.ts +111 -0
- package/dist/core/feature-bdd/schema.d.ts.map +1 -0
- package/dist/core/feature-bdd/schema.js +272 -0
- package/dist/core/feature-bdd/schema.js.map +1 -0
- package/dist/core/feature-bdd/store.d.ts +145 -0
- package/dist/core/feature-bdd/store.d.ts.map +1 -0
- package/dist/core/feature-bdd/store.js +470 -0
- package/dist/core/feature-bdd/store.js.map +1 -0
- package/dist/core/finding-correlation.d.ts +55 -0
- package/dist/core/finding-correlation.d.ts.map +1 -0
- package/dist/core/finding-correlation.js +96 -0
- package/dist/core/finding-correlation.js.map +1 -0
- package/dist/core/fix-loop.d.ts +20 -1
- package/dist/core/fix-loop.d.ts.map +1 -1
- package/dist/core/fix-loop.js +34 -0
- package/dist/core/fix-loop.js.map +1 -1
- package/dist/core/governance/calibration.d.ts +31 -0
- package/dist/core/governance/calibration.d.ts.map +1 -0
- package/dist/core/governance/calibration.js +78 -0
- package/dist/core/governance/calibration.js.map +1 -0
- package/dist/core/governance/degradation.d.ts +35 -0
- package/dist/core/governance/degradation.d.ts.map +1 -0
- package/dist/core/governance/degradation.js +25 -0
- package/dist/core/governance/degradation.js.map +1 -0
- package/dist/core/governance/ethical-constraint.d.ts +55 -0
- package/dist/core/governance/ethical-constraint.d.ts.map +1 -0
- package/dist/core/governance/ethical-constraint.js +98 -0
- package/dist/core/governance/ethical-constraint.js.map +1 -0
- package/dist/core/governance/index.d.ts +9 -0
- package/dist/core/governance/index.d.ts.map +1 -0
- package/dist/core/governance/index.js +9 -0
- package/dist/core/governance/index.js.map +1 -0
- package/dist/core/harness/audit-log.d.ts +12 -0
- package/dist/core/harness/audit-log.d.ts.map +1 -0
- package/dist/core/harness/audit-log.js +62 -0
- package/dist/core/harness/audit-log.js.map +1 -0
- package/dist/core/harness/authorization.d.ts +24 -0
- package/dist/core/harness/authorization.d.ts.map +1 -0
- package/dist/core/harness/authorization.js +48 -0
- package/dist/core/harness/authorization.js.map +1 -0
- package/dist/core/harness/harness.d.ts +64 -0
- package/dist/core/harness/harness.d.ts.map +1 -0
- package/dist/core/harness/harness.js +188 -0
- package/dist/core/harness/harness.js.map +1 -0
- package/dist/core/harness/index.d.ts +10 -0
- package/dist/core/harness/index.d.ts.map +1 -0
- package/dist/core/harness/index.js +4 -0
- package/dist/core/harness/index.js.map +1 -0
- package/dist/core/harness/types.d.ts +88 -0
- package/dist/core/harness/types.d.ts.map +1 -0
- package/dist/core/harness/types.js +2 -0
- package/dist/core/harness/types.js.map +1 -0
- package/dist/core/health-check.d.ts +6 -0
- package/dist/core/health-check.d.ts.map +1 -1
- package/dist/core/health-check.js +14 -2
- package/dist/core/health-check.js.map +1 -1
- package/dist/core/init.d.ts.map +1 -1
- package/dist/core/init.js +58 -18
- package/dist/core/init.js.map +1 -1
- package/dist/core/knowledge/cached-map.d.ts +17 -0
- package/dist/core/knowledge/cached-map.d.ts.map +1 -0
- package/dist/core/knowledge/cached-map.js +23 -0
- package/dist/core/knowledge/cached-map.js.map +1 -0
- package/dist/core/knowledge/index.d.ts +10 -0
- package/dist/core/knowledge/index.d.ts.map +1 -0
- package/dist/core/knowledge/index.js +4 -0
- package/dist/core/knowledge/index.js.map +1 -0
- package/dist/core/knowledge/system-map.d.ts +50 -0
- package/dist/core/knowledge/system-map.d.ts.map +1 -0
- package/dist/core/knowledge/system-map.js +121 -0
- package/dist/core/knowledge/system-map.js.map +1 -0
- package/dist/core/knowledge/traversal.d.ts +12 -0
- package/dist/core/knowledge/traversal.d.ts.map +1 -0
- package/dist/core/knowledge/traversal.js +37 -0
- package/dist/core/knowledge/traversal.js.map +1 -0
- package/dist/core/knowledge/types.d.ts +41 -0
- package/dist/core/knowledge/types.d.ts.map +1 -0
- package/dist/core/knowledge/types.js +2 -0
- package/dist/core/knowledge/types.js.map +1 -0
- package/dist/core/license-gen.d.ts +1 -1
- package/dist/core/license-gen.d.ts.map +1 -1
- package/dist/core/license-gen.js +10 -5
- package/dist/core/license-gen.js.map +1 -1
- package/dist/core/license.d.ts +12 -2
- package/dist/core/license.d.ts.map +1 -1
- package/dist/core/license.js +104 -28
- package/dist/core/license.js.map +1 -1
- package/dist/core/loop-engine/circuit-breaker.d.ts +24 -0
- package/dist/core/loop-engine/circuit-breaker.d.ts.map +1 -0
- package/dist/core/loop-engine/circuit-breaker.js +48 -0
- package/dist/core/loop-engine/circuit-breaker.js.map +1 -0
- package/dist/core/loop-engine/demo.d.ts +35 -0
- package/dist/core/loop-engine/demo.d.ts.map +1 -0
- package/dist/core/loop-engine/demo.js +71 -0
- package/dist/core/loop-engine/demo.js.map +1 -0
- package/dist/core/loop-engine/event-store.d.ts +8 -0
- package/dist/core/loop-engine/event-store.d.ts.map +1 -0
- package/dist/core/loop-engine/event-store.js +9 -0
- package/dist/core/loop-engine/event-store.js.map +1 -0
- package/dist/core/loop-engine/index.d.ts +11 -0
- package/dist/core/loop-engine/index.d.ts.map +1 -0
- package/dist/core/loop-engine/index.js +11 -0
- package/dist/core/loop-engine/index.js.map +1 -0
- package/dist/core/loop-engine/kernel.d.ts +66 -0
- package/dist/core/loop-engine/kernel.d.ts.map +1 -0
- package/dist/core/loop-engine/kernel.js +196 -0
- package/dist/core/loop-engine/kernel.js.map +1 -0
- package/dist/core/loop-engine/tracing.d.ts +12 -0
- package/dist/core/loop-engine/tracing.d.ts.map +1 -0
- package/dist/core/loop-engine/tracing.js +15 -0
- package/dist/core/loop-engine/tracing.js.map +1 -0
- package/dist/core/loop-engine/types.d.ts +92 -0
- package/dist/core/loop-engine/types.d.ts.map +1 -0
- package/dist/core/loop-engine/types.js +21 -0
- package/dist/core/loop-engine/types.js.map +1 -0
- package/dist/core/messages.d.ts +1 -1
- package/dist/core/messages.d.ts.map +1 -1
- package/dist/core/messages.js +101 -1
- package/dist/core/messages.js.map +1 -1
- package/dist/core/orchestrator.d.ts +87 -7
- package/dist/core/orchestrator.d.ts.map +1 -1
- package/dist/core/orchestrator.js +399 -33
- package/dist/core/orchestrator.js.map +1 -1
- package/dist/core/phase-gate.d.ts +2 -2
- package/dist/core/quality-score/calculator.d.ts +125 -0
- package/dist/core/quality-score/calculator.d.ts.map +1 -0
- package/dist/core/quality-score/calculator.js +489 -0
- package/dist/core/quality-score/calculator.js.map +1 -0
- package/dist/core/quality-score/from-run.d.ts +27 -0
- package/dist/core/quality-score/from-run.d.ts.map +1 -0
- package/dist/core/quality-score/from-run.js +64 -0
- package/dist/core/quality-score/from-run.js.map +1 -0
- package/dist/core/quality-score/index.d.ts +9 -0
- package/dist/core/quality-score/index.d.ts.map +1 -0
- package/dist/core/quality-score/index.js +9 -0
- package/dist/core/quality-score/index.js.map +1 -0
- package/dist/core/quality-score/types.d.ts +225 -0
- package/dist/core/quality-score/types.d.ts.map +1 -0
- package/dist/core/quality-score/types.js +26 -0
- package/dist/core/quality-score/types.js.map +1 -0
- package/dist/core/report-html-script.d.ts +3 -0
- package/dist/core/report-html-script.d.ts.map +1 -0
- package/dist/core/report-html-script.js +47 -0
- package/dist/core/report-html-script.js.map +1 -0
- package/dist/core/report-html-styles.d.ts +3 -0
- package/dist/core/report-html-styles.d.ts.map +1 -0
- package/dist/core/report-html-styles.js +231 -0
- package/dist/core/report-html-styles.js.map +1 -0
- package/dist/core/report-html.d.ts +1 -1
- package/dist/core/report-html.d.ts.map +1 -1
- package/dist/core/report-html.js +5 -280
- package/dist/core/report-html.js.map +1 -1
- package/dist/core/report-upload.d.ts +8 -0
- package/dist/core/report-upload.d.ts.map +1 -1
- package/dist/core/report-upload.js +17 -4
- package/dist/core/report-upload.js.map +1 -1
- package/dist/core/run-counter.d.ts.map +1 -1
- package/dist/core/run-counter.js +25 -1
- package/dist/core/run-counter.js.map +1 -1
- package/dist/core/run-events/emitter.d.ts +112 -0
- package/dist/core/run-events/emitter.d.ts.map +1 -0
- package/dist/core/run-events/emitter.js +234 -0
- package/dist/core/run-events/emitter.js.map +1 -0
- package/dist/core/run-events/frame-sink.d.ts +24 -0
- package/dist/core/run-events/frame-sink.d.ts.map +1 -0
- package/dist/core/run-events/frame-sink.js +32 -0
- package/dist/core/run-events/frame-sink.js.map +1 -0
- package/dist/core/run-events/index.d.ts +7 -0
- package/dist/core/run-events/index.d.ts.map +1 -0
- package/dist/core/run-events/index.js +5 -0
- package/dist/core/run-events/index.js.map +1 -0
- package/dist/core/run-events/loop-event-sink.d.ts +56 -0
- package/dist/core/run-events/loop-event-sink.d.ts.map +1 -0
- package/dist/core/run-events/loop-event-sink.js +60 -0
- package/dist/core/run-events/loop-event-sink.js.map +1 -0
- package/dist/core/run-events/sse.d.ts +47 -0
- package/dist/core/run-events/sse.d.ts.map +1 -0
- package/dist/core/run-events/sse.js +64 -0
- package/dist/core/run-events/sse.js.map +1 -0
- package/dist/core/run-events/types.d.ts +147 -0
- package/dist/core/run-events/types.d.ts.map +1 -0
- package/dist/core/run-events/types.js +17 -0
- package/dist/core/run-events/types.js.map +1 -0
- package/dist/core/run-mode/capture.d.ts +37 -0
- package/dist/core/run-mode/capture.d.ts.map +1 -0
- package/dist/core/run-mode/capture.js +43 -0
- package/dist/core/run-mode/capture.js.map +1 -0
- package/dist/core/run-mode/index.d.ts +9 -0
- package/dist/core/run-mode/index.d.ts.map +1 -0
- package/dist/core/run-mode/index.js +3 -0
- package/dist/core/run-mode/index.js.map +1 -0
- package/dist/core/run-mode/run-mode.d.ts +35 -0
- package/dist/core/run-mode/run-mode.d.ts.map +1 -0
- package/dist/core/run-mode/run-mode.js +51 -0
- package/dist/core/run-mode/run-mode.js.map +1 -0
- package/dist/core/run-mode/types.d.ts +36 -0
- package/dist/core/run-mode/types.d.ts.map +1 -0
- package/dist/core/run-mode/types.js +15 -0
- package/dist/core/run-mode/types.js.map +1 -0
- package/dist/core/run-quota.d.ts +22 -0
- package/dist/core/run-quota.d.ts.map +1 -0
- package/dist/core/run-quota.js +44 -0
- package/dist/core/run-quota.js.map +1 -0
- package/dist/core/security-audit/index.d.ts +9 -0
- package/dist/core/security-audit/index.d.ts.map +1 -0
- package/dist/core/security-audit/index.js +10 -0
- package/dist/core/security-audit/index.js.map +1 -0
- package/dist/core/security-audit/sentinel.d.ts +196 -0
- package/dist/core/security-audit/sentinel.d.ts.map +1 -0
- package/dist/core/security-audit/sentinel.js +725 -0
- package/dist/core/security-audit/sentinel.js.map +1 -0
- package/dist/core/security-audit/types.d.ts +240 -0
- package/dist/core/security-audit/types.d.ts.map +1 -0
- package/dist/core/security-audit/types.js +42 -0
- package/dist/core/security-audit/types.js.map +1 -0
- package/dist/core/tech-debt/index.d.ts +11 -0
- package/dist/core/tech-debt/index.d.ts.map +1 -0
- package/dist/core/tech-debt/index.js +11 -0
- package/dist/core/tech-debt/index.js.map +1 -0
- package/dist/core/tech-debt/tech-debt-tracker.d.ts +46 -0
- package/dist/core/tech-debt/tech-debt-tracker.d.ts.map +1 -0
- package/dist/core/tech-debt/tech-debt-tracker.js +533 -0
- package/dist/core/tech-debt/tech-debt-tracker.js.map +1 -0
- package/dist/core/tech-debt/types.d.ts +263 -0
- package/dist/core/tech-debt/types.d.ts.map +1 -0
- package/dist/core/tech-debt/types.js +2 -0
- package/dist/core/tech-debt/types.js.map +1 -0
- package/dist/core/tester/diff-planner.d.ts +18 -0
- package/dist/core/tester/diff-planner.d.ts.map +1 -0
- package/dist/core/tester/diff-planner.js +37 -0
- package/dist/core/tester/diff-planner.js.map +1 -0
- package/dist/core/tester/honest-report.d.ts +13 -0
- package/dist/core/tester/honest-report.d.ts.map +1 -0
- package/dist/core/tester/honest-report.js +64 -0
- package/dist/core/tester/honest-report.js.map +1 -0
- package/dist/core/tester/index.d.ts +9 -0
- package/dist/core/tester/index.d.ts.map +1 -0
- package/dist/core/tester/index.js +3 -0
- package/dist/core/tester/index.js.map +1 -0
- package/dist/core/tester/types.d.ts +55 -0
- package/dist/core/tester/types.d.ts.map +1 -0
- package/dist/core/tester/types.js +8 -0
- package/dist/core/tester/types.js.map +1 -0
- package/dist/core/triggers/index.d.ts +9 -0
- package/dist/core/triggers/index.d.ts.map +1 -0
- package/dist/core/triggers/index.js +3 -0
- package/dist/core/triggers/index.js.map +1 -0
- package/dist/core/triggers/trigger-bus.d.ts +49 -0
- package/dist/core/triggers/trigger-bus.d.ts.map +1 -0
- package/dist/core/triggers/trigger-bus.js +167 -0
- package/dist/core/triggers/trigger-bus.js.map +1 -0
- package/dist/core/triggers/types.d.ts +56 -0
- package/dist/core/triggers/types.d.ts.map +1 -0
- package/dist/core/triggers/types.js +13 -0
- package/dist/core/triggers/types.js.map +1 -0
- package/dist/core/trust.d.ts +12 -0
- package/dist/core/trust.d.ts.map +1 -0
- package/dist/core/trust.js +13 -0
- package/dist/core/trust.js.map +1 -0
- package/dist/core/types.d.ts +24 -2
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/ui-ux/index.d.ts +12 -0
- package/dist/core/ui-ux/index.d.ts.map +1 -0
- package/dist/core/ui-ux/index.js +13 -0
- package/dist/core/ui-ux/index.js.map +1 -0
- package/dist/core/ui-ux/orchestrator.d.ts +206 -0
- package/dist/core/ui-ux/orchestrator.d.ts.map +1 -0
- package/dist/core/ui-ux/orchestrator.js +672 -0
- package/dist/core/ui-ux/orchestrator.js.map +1 -0
- package/dist/core/ui-ux/types.d.ts +339 -0
- package/dist/core/ui-ux/types.d.ts.map +1 -0
- package/dist/core/ui-ux/types.js +17 -0
- package/dist/core/ui-ux/types.js.map +1 -0
- package/dist/enterprise/audit-trail.d.ts +31 -0
- package/dist/enterprise/audit-trail.d.ts.map +1 -0
- package/dist/enterprise/audit-trail.js +111 -0
- package/dist/enterprise/audit-trail.js.map +1 -0
- package/dist/enterprise/sla.d.ts +26 -0
- package/dist/enterprise/sla.d.ts.map +1 -0
- package/dist/enterprise/sla.js +101 -0
- package/dist/enterprise/sla.js.map +1 -0
- package/dist/helpers/element-discovery.js +1 -1
- package/dist/helpers/element-discovery.js.map +1 -1
- package/dist/helpers/env-resolver.d.ts +2 -2
- package/dist/helpers/quality-gate.d.ts.map +1 -1
- package/dist/helpers/quality-gate.js +21 -3
- package/dist/helpers/quality-gate.js.map +1 -1
- package/dist/helpers/shape-fingerprint.d.ts +18 -0
- package/dist/helpers/shape-fingerprint.d.ts.map +1 -0
- package/dist/helpers/shape-fingerprint.js +40 -0
- package/dist/helpers/shape-fingerprint.js.map +1 -0
- package/dist/sdk/custom-agent.d.ts +51 -0
- package/dist/sdk/custom-agent.d.ts.map +1 -0
- package/dist/sdk/custom-agent.js +94 -0
- package/dist/sdk/custom-agent.js.map +1 -0
- package/dist/sdk/index.d.ts +5 -0
- package/dist/sdk/index.d.ts.map +1 -0
- package/dist/sdk/index.js +3 -0
- package/dist/sdk/index.js.map +1 -0
- package/dist/sdk/loader.d.ts +28 -0
- package/dist/sdk/loader.d.ts.map +1 -0
- package/dist/sdk/loader.js +140 -0
- package/dist/sdk/loader.js.map +1 -0
- package/package.json +46 -20
- package/agents/01-analyst.ts +0 -100
- package/agents/02-seed-architect.ts +0 -59
- package/agents/03-test-generator.ts +0 -191
- package/agents/04-unit-runner.ts +0 -160
- package/agents/05-browser-crawler.ts +0 -790
- package/agents/06-api-exerciser.ts +0 -311
- package/agents/07-security-scout.ts +0 -188
- package/agents/08-a11y-guardian.ts +0 -212
- package/agents/09-healer.ts +0 -228
- package/agents/10-reporter.ts +0 -266
- package/agents/11-fixer.ts +0 -253
- package/agents/12-ux-inspector.ts +0 -444
- package/agents/13-performance-profiler.ts +0 -271
- package/agents/14-data-integrity-auditor.ts +0 -417
- package/agents/15-regression-sentinel.ts +0 -307
- package/agents/16-chaos-agent.ts +0 -228
- package/agents/17-documentation-validator.ts +0 -266
- package/agents/18-integration-watchdog.ts +0 -178
- package/agents/19-tenant-isolation-auditor.ts +0 -199
- package/agents/20-workflow-completion-tester.ts +0 -203
- package/agents/21-state-session-tester.ts +0 -262
- package/agents/22-email-notification-verifier.ts +0 -244
- package/agents/23-migration-tester.ts +0 -80
- package/agents/24-signup-onboarding-tester.ts +0 -429
- package/agents/25-crud-flow-tester.ts +0 -302
- package/agents/26-form-validator.ts +0 -297
- package/agents/27-search-filter-tester.ts +0 -326
- package/agents/28-navigation-routing-tester.ts +0 -425
- package/agents/29-responsive-interaction-tester.ts +0 -350
- package/agents/30-multi-user-scenario-tester.ts +0 -319
- package/agents/31-load-tester.ts +0 -134
- package/agents/32-memory-leak-detector.ts +0 -194
- package/agents/33-bundle-analyzer.ts +0 -132
- package/agents/34-xss-scanner.ts +0 -191
- package/agents/35-csrf-tester.ts +0 -82
- package/agents/36-auth-fuzzer.ts +0 -194
- package/agents/37-dependency-scanner.ts +0 -176
- package/agents/38-secrets-scanner.ts +0 -137
- package/agents/39-api-contract-tester.ts +0 -199
- package/agents/40-rate-limit-tester.ts +0 -94
- package/agents/41-api-pagination-tester.ts +0 -97
- package/agents/42-graphql-tester.ts +0 -222
- package/agents/43-data-consistency-checker.ts +0 -205
- package/agents/44-backup-recovery-tester.ts +0 -152
- package/agents/45-data-privacy-scanner.ts +0 -125
- package/agents/46-seo-auditor.ts +0 -294
- package/agents/47-social-preview-tester.ts +0 -232
- package/agents/48-lighthouse-auditor.ts +0 -213
- package/agents/49-i18n-tester.ts +0 -198
- package/agents/50-timezone-tester.ts +0 -173
- package/agents/51-error-recovery-tester.ts +0 -155
- package/agents/52-offline-mode-tester.ts +0 -180
- package/agents/53-graceful-degradation-tester.ts +0 -156
- package/agents/54-websocket-tester.ts +0 -151
- package/agents/55-realtime-sync-tester.ts +0 -194
- package/agents/56-file-upload-tester.ts +0 -194
- package/agents/57-export-tester.ts +0 -174
- package/agents/58-payment-flow-tester.ts +0 -183
- package/agents/59-ssl-tls-auditor.ts +0 -141
- package/agents/60-dns-cdn-tester.ts +0 -117
- package/agents/61-docker-health-checker.ts +0 -111
- package/agents/62-env-config-validator.ts +0 -152
- package/agents/63-log-quality-auditor.ts +0 -136
- package/agents/64-analytics-tracker-tester.ts +0 -165
- package/agents/65-gdpr-compliance-tester.ts +0 -215
- package/agents/66-soc2-control-validator.ts +0 -210
- package/agents/67-wcag-aaa-tester.ts +0 -241
- package/agents/68-dead-code-detector.ts +0 -135
- package/agents/69-type-safety-auditor.ts +0 -164
- package/agents/70-complexity-analyzer.ts +0 -179
- package/agents/__tests__/01-analyst.test.ts +0 -188
- package/agents/__tests__/02-seed-architect.test.ts +0 -152
- package/agents/__tests__/03-test-generator-full.test.ts +0 -321
- package/agents/__tests__/03-test-generator.test.ts +0 -318
- package/agents/__tests__/04-unit-runner.test.ts +0 -320
- package/agents/__tests__/05-browser-crawler-beta.test.ts +0 -492
- package/agents/__tests__/05-browser-crawler-release.test.ts +0 -412
- package/agents/__tests__/05-browser-crawler-uat.test.ts +0 -578
- package/agents/__tests__/05-browser-crawler.test.ts +0 -518
- package/agents/__tests__/06-api-exerciser.test.ts +0 -619
- package/agents/__tests__/07-security-scout.test.ts +0 -382
- package/agents/__tests__/08-a11y-guardian.test.ts +0 -530
- package/agents/__tests__/09-healer.test.ts +0 -384
- package/agents/__tests__/10-reporter.test.ts +0 -366
- package/agents/__tests__/11-fixer.test.ts +0 -406
- package/agents/__tests__/12-ux-inspector-extended.test.ts +0 -465
- package/agents/__tests__/12-ux-inspector.test.ts +0 -443
- package/agents/__tests__/13-performance-profiler.test.ts +0 -411
- package/agents/__tests__/14-data-integrity-auditor-extended.test.ts +0 -573
- package/agents/__tests__/14-data-integrity-auditor.test.ts +0 -407
- package/agents/__tests__/15-regression-sentinel.test.ts +0 -657
- package/agents/__tests__/16-chaos-agent.test.ts +0 -427
- package/agents/__tests__/17-documentation-validator.test.ts +0 -402
- package/agents/__tests__/18-integration-watchdog.test.ts +0 -263
- package/agents/__tests__/19-tenant-isolation-auditor.test.ts +0 -400
- package/agents/__tests__/20-workflow-completion-tester.test.ts +0 -586
- package/agents/__tests__/21-state-session-tester.test.ts +0 -374
- package/agents/__tests__/22-email-notification-verifier.test.ts +0 -441
- package/agents/__tests__/23-migration-tester.test.ts +0 -145
- package/agents/__tests__/24-signup-onboarding-tester.test.ts +0 -274
- package/agents/__tests__/25-crud-flow-tester.test.ts +0 -322
- package/agents/__tests__/26-form-validator.test.ts +0 -345
- package/agents/__tests__/27-search-filter-tester.test.ts +0 -311
- package/agents/__tests__/28-navigation-routing-tester.test.ts +0 -328
- package/agents/__tests__/29-responsive-interaction-tester.test.ts +0 -297
- package/agents/__tests__/30-multi-user-scenario-tester.test.ts +0 -328
- package/agents/__tests__/31-load-tester.test.ts +0 -189
- package/agents/__tests__/32-memory-leak-detector.test.ts +0 -251
- package/agents/__tests__/33-bundle-analyzer.test.ts +0 -237
- package/agents/__tests__/34-xss-scanner.test.ts +0 -258
- package/agents/__tests__/35-csrf-tester.test.ts +0 -200
- package/agents/__tests__/36-auth-fuzzer.test.ts +0 -214
- package/agents/__tests__/37-dependency-scanner.test.ts +0 -266
- package/agents/__tests__/38-secrets-scanner.test.ts +0 -224
- package/agents/__tests__/39-api-contract-tester.test.ts +0 -312
- package/agents/__tests__/40-rate-limit-tester.test.ts +0 -192
- package/agents/__tests__/41-api-pagination-tester.test.ts +0 -198
- package/agents/__tests__/42-graphql-tester.test.ts +0 -252
- package/agents/__tests__/43-data-consistency-checker.test.ts +0 -232
- package/agents/__tests__/44-backup-recovery-tester.test.ts +0 -222
- package/agents/__tests__/45-data-privacy-scanner.test.ts +0 -223
- package/agents/__tests__/46-seo-auditor.test.ts +0 -261
- package/agents/__tests__/47-social-preview-tester.test.ts +0 -245
- package/agents/__tests__/48-lighthouse-auditor.test.ts +0 -276
- package/agents/__tests__/49-i18n-tester.test.ts +0 -201
- package/agents/__tests__/50-timezone-tester.test.ts +0 -172
- package/agents/__tests__/51-error-recovery-tester.test.ts +0 -162
- package/agents/__tests__/52-offline-mode-tester.test.ts +0 -164
- package/agents/__tests__/53-graceful-degradation-tester.test.ts +0 -168
- package/agents/__tests__/54-websocket-tester.test.ts +0 -157
- package/agents/__tests__/55-realtime-sync-tester.test.ts +0 -181
- package/agents/__tests__/56-file-upload-tester.test.ts +0 -172
- package/agents/__tests__/57-export-tester.test.ts +0 -169
- package/agents/__tests__/58-payment-flow-tester.test.ts +0 -182
- package/agents/__tests__/59-ssl-tls-auditor.test.ts +0 -179
- package/agents/__tests__/60-dns-cdn-tester.test.ts +0 -176
- package/agents/__tests__/61-docker-health-checker.test.ts +0 -150
- package/agents/__tests__/62-env-config-validator.test.ts +0 -166
- package/agents/__tests__/63-log-quality-auditor.test.ts +0 -175
- package/agents/__tests__/64-analytics-tracker-tester.test.ts +0 -158
- package/agents/__tests__/65-gdpr-compliance-tester.test.ts +0 -174
- package/agents/__tests__/66-soc2-control-validator.test.ts +0 -183
- package/agents/__tests__/67-wcag-aaa-tester.test.ts +0 -190
- package/agents/__tests__/68-dead-code-detector.test.ts +0 -174
- package/agents/__tests__/69-type-safety-auditor.test.ts +0 -173
- package/agents/__tests__/70-complexity-analyzer.test.ts +0 -177
- package/agents/__tests__/base-agent.test.ts +0 -188
- package/agents/__tests__/registry.test.ts +0 -218
- package/agents/base-agent.ts +0 -77
- package/agents/registry.ts +0 -277
- package/baselines/api-schemas/.gitkeep +0 -0
- package/baselines/performance/.gitkeep +0 -0
- package/baselines/screenshots/.gitkeep +0 -0
- package/core/__tests__/ci-output.test.ts +0 -430
- package/core/__tests__/cli.test.ts +0 -387
- package/core/__tests__/config.test.ts +0 -78
- package/core/__tests__/cost-tracker.test.ts +0 -158
- package/core/__tests__/evidence.test.ts +0 -265
- package/core/__tests__/fix-loop.test.ts +0 -210
- package/core/__tests__/health-check.test.ts +0 -44
- package/core/__tests__/init.test.ts +0 -609
- package/core/__tests__/integration.test.ts +0 -204
- package/core/__tests__/license-gen.test.ts +0 -227
- package/core/__tests__/license.test.ts +0 -326
- package/core/__tests__/multi-browser.test.ts +0 -278
- package/core/__tests__/orchestrator.test.ts +0 -520
- package/core/__tests__/phase-gate.test.ts +0 -43
- package/core/__tests__/report-html.test.ts +0 -398
- package/core/__tests__/report-upload.test.ts +0 -325
- package/core/__tests__/run-counter.test.ts +0 -234
- package/core/ci-output.ts +0 -240
- package/core/cli.ts +0 -232
- package/core/config.ts +0 -178
- package/core/cost-tracker.ts +0 -59
- package/core/evidence.ts +0 -132
- package/core/fix-loop.ts +0 -85
- package/core/health-check.ts +0 -54
- package/core/init.ts +0 -546
- package/core/license-gen.ts +0 -212
- package/core/license.ts +0 -208
- package/core/messages.ts +0 -67
- package/core/multi-browser.ts +0 -136
- package/core/orchestrator.ts +0 -356
- package/core/phase-gate.ts +0 -55
- package/core/report-html.ts +0 -657
- package/core/report-upload.ts +0 -188
- package/core/run-counter.ts +0 -175
- package/core/types.ts +0 -57
- package/dist/core/multi-browser.d.ts +0 -36
- package/dist/core/multi-browser.d.ts.map +0 -1
- package/dist/core/multi-browser.js +0 -88
- package/dist/core/multi-browser.js.map +0 -1
- package/helpers/__tests__/api-client.test.ts +0 -199
- package/helpers/__tests__/element-discovery.test.ts +0 -202
- package/helpers/__tests__/form-filler-extended.test.ts +0 -212
- package/helpers/__tests__/form-filler.test.ts +0 -99
- package/helpers/__tests__/modal-handler.test.ts +0 -152
- package/helpers/__tests__/navigation.test.ts +0 -214
- package/helpers/__tests__/quality-gate.test.ts +0 -117
- package/helpers/__tests__/screenshot.test.ts +0 -139
- package/helpers/__tests__/seed-validator.test.ts +0 -114
- package/helpers/api-client.ts +0 -111
- package/helpers/element-discovery.ts +0 -105
- package/helpers/env-resolver.ts +0 -69
- package/helpers/form-filler.ts +0 -126
- package/helpers/modal-handler.ts +0 -108
- package/helpers/navigation.ts +0 -100
- package/helpers/quality-gate.ts +0 -180
- package/helpers/screenshot.ts +0 -111
- package/helpers/seed-validator.ts +0 -70
|
@@ -0,0 +1,892 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Data Integrity ("The Notary") — Agent #9 operational layer implementation.
|
|
3
|
+
*
|
|
4
|
+
* This is a CONTINUOUS / COMPOSITE layer. It does NOT re-implement anything that
|
|
5
|
+
* engine agents #14 (DataIntegrityAuditor), #43 (DataConsistencyChecker),
|
|
6
|
+
* #44 (BackupRecoveryTester), or #45 (DataPrivacyScanner) already do. Instead,
|
|
7
|
+
* it COMPOSES their Finding outputs and adds the net-new concerns:
|
|
8
|
+
* - referential-integrity violation detection
|
|
9
|
+
* - cross-store consistency checking
|
|
10
|
+
* - reconciliation engine (ledger-balance, count-match)
|
|
11
|
+
* - backup RPO verification + restore-test enforcement (wraps #44 output shape)
|
|
12
|
+
* - tamper-evident audit log (immudb-style hash-chain, in-process for testing)
|
|
13
|
+
* - data-lineage correlation / corruption tracing
|
|
14
|
+
* - distribution anomaly detection (null-spikes, dup-spikes, count-drift)
|
|
15
|
+
* - read-only proof (the constitution: never mutates production data)
|
|
16
|
+
*
|
|
17
|
+
* Engine-reuse layering boundary:
|
|
18
|
+
* Engine agents (#14/#43/#44/#45) execute live against the real app and return
|
|
19
|
+
* Finding[]. This module ingests those Finding arrays verbatim (see
|
|
20
|
+
* ingestEngineFindings) — it is the AGGREGATION + NET-NEW layer, not a replacement.
|
|
21
|
+
* The integration tests (see __tests__/data-integrity.test.ts) drive the session
|
|
22
|
+
* with Finding objects whose agentId matches the real engine agents (14, 43, 44, 45)
|
|
23
|
+
* to prove the composition contract.
|
|
24
|
+
*
|
|
25
|
+
* Operating principles (load-bearing):
|
|
26
|
+
* - READ-ONLY on production data — never auto-repairs; any repair recommendation
|
|
27
|
+
* routes via the Harness + human approval.
|
|
28
|
+
* - Frugal: all check methods are pure / fixture-driven (no DB connections at this layer).
|
|
29
|
+
* - Honest: no gameable scoring; never round up severity; show-the-math deltas.
|
|
30
|
+
* - Deterministic under fixed inputs (clock is injectable for tests).
|
|
31
|
+
* - FAIL-CLOSED: unknown / thin / ambiguous states BLOCK or are flagged incomplete.
|
|
32
|
+
*
|
|
33
|
+
* Spec: blueprint/agents/09-data-integrity.md
|
|
34
|
+
*/
|
|
35
|
+
import { createHash } from 'node:crypto';
|
|
36
|
+
// ---------------------------------------------------------------------------
|
|
37
|
+
// Internal constants
|
|
38
|
+
// ---------------------------------------------------------------------------
|
|
39
|
+
const GENESIS_HASH = '0'.repeat(64);
|
|
40
|
+
const AGENT_ID = 9;
|
|
41
|
+
const MODULE = 'data-integrity';
|
|
42
|
+
/** Any null-fraction above this threshold signals a null-spike anomaly. */
|
|
43
|
+
const NULL_SPIKE_THRESHOLD = 0.1; // 10 %
|
|
44
|
+
/** Any dup-fraction above this signals a dup-spike anomaly. */
|
|
45
|
+
const DUP_SPIKE_THRESHOLD = 0.05; // 5 %
|
|
46
|
+
// ---------------------------------------------------------------------------
|
|
47
|
+
// Engine-agent composition contract (must-fix #5)
|
|
48
|
+
// ---------------------------------------------------------------------------
|
|
49
|
+
/**
|
|
50
|
+
* The real engine agents this Notary composes — the engine "Data Squad".
|
|
51
|
+
* These ids are registered engine agents (bridge/agent-registry, squad 'data');
|
|
52
|
+
* an integration test asserts they still exist and are grouped as 'data', so an
|
|
53
|
+
* engine renumber/regroup breaks the build rather than silently de-coupling.
|
|
54
|
+
* This module ingests their Finding[] output verbatim — it does NOT re-implement them.
|
|
55
|
+
*/
|
|
56
|
+
export const COMPOSED_ENGINE_AGENTS = {
|
|
57
|
+
dataIntegrityAuditor: 14,
|
|
58
|
+
dataConsistencyChecker: 43,
|
|
59
|
+
backupRecoveryTester: 44,
|
|
60
|
+
dataPrivacyScanner: 45,
|
|
61
|
+
};
|
|
62
|
+
// ---------------------------------------------------------------------------
|
|
63
|
+
// Engine-agent → IntegrityEventType mapping (must-fix #3)
|
|
64
|
+
// ---------------------------------------------------------------------------
|
|
65
|
+
/**
|
|
66
|
+
* Map an ingested engine-agent finding to the correct IntegrityEventType.
|
|
67
|
+
*
|
|
68
|
+
* Must-fix #3: every finding is logged under its true event category, never
|
|
69
|
+
* uniformly mislabelled. Honest mapping (no over-claiming):
|
|
70
|
+
* - #45 DataPrivacyScanner → 'pii-exposure'
|
|
71
|
+
* - #43 DataConsistencyChecker → 'cross-store-inconsistency'
|
|
72
|
+
* - #14 DataIntegrityAuditor → 'ref-integrity-violation'
|
|
73
|
+
* - #44 BackupRecoveryTester → 'engine-finding' (recorded verbatim; we do NOT
|
|
74
|
+
* assume 'backup-missing' — a #44 finding may be a benign skip)
|
|
75
|
+
* - any other agent → 'engine-finding' (honest neutral; NOT a
|
|
76
|
+
* 'ref-integrity-violation' mislabel for an uncategorised source)
|
|
77
|
+
*/
|
|
78
|
+
function engineFindingToEventType(finding) {
|
|
79
|
+
switch (finding.agentId) {
|
|
80
|
+
case COMPOSED_ENGINE_AGENTS.dataPrivacyScanner:
|
|
81
|
+
return 'pii-exposure';
|
|
82
|
+
case COMPOSED_ENGINE_AGENTS.dataConsistencyChecker:
|
|
83
|
+
return 'cross-store-inconsistency';
|
|
84
|
+
case COMPOSED_ENGINE_AGENTS.dataIntegrityAuditor:
|
|
85
|
+
return 'ref-integrity-violation';
|
|
86
|
+
case COMPOSED_ENGINE_AGENTS.backupRecoveryTester:
|
|
87
|
+
default:
|
|
88
|
+
return 'engine-finding';
|
|
89
|
+
}
|
|
90
|
+
}
|
|
91
|
+
// ---------------------------------------------------------------------------
|
|
92
|
+
// Audit-log helpers (hash-chain, no external deps)
|
|
93
|
+
// ---------------------------------------------------------------------------
|
|
94
|
+
/**
|
|
95
|
+
* Deterministic canonical form for an audit entry.
|
|
96
|
+
* Fixed-tuple — key-order changes cannot weaken the chain.
|
|
97
|
+
*/
|
|
98
|
+
function canonicalAuditTuple(entry) {
|
|
99
|
+
return JSON.stringify([
|
|
100
|
+
entry.seq,
|
|
101
|
+
entry.at,
|
|
102
|
+
entry.eventType,
|
|
103
|
+
entry.subject,
|
|
104
|
+
entry.severity,
|
|
105
|
+
entry.summary,
|
|
106
|
+
entry.prevHash,
|
|
107
|
+
]);
|
|
108
|
+
}
|
|
109
|
+
function hashAuditEntry(entry) {
|
|
110
|
+
return createHash('sha256').update(canonicalAuditTuple(entry)).digest('hex');
|
|
111
|
+
}
|
|
112
|
+
// ---------------------------------------------------------------------------
|
|
113
|
+
// TamperEvidentLog — in-process immudb-style hash chain
|
|
114
|
+
// ---------------------------------------------------------------------------
|
|
115
|
+
/**
|
|
116
|
+
* Append-only, hash-chained audit log. Each entry's hash commits to its
|
|
117
|
+
* predecessor's hash. `verify()` re-derives every hash end-to-end; any
|
|
118
|
+
* tampering (seq mutation, field edit, insertion, deletion) breaks the chain.
|
|
119
|
+
*/
|
|
120
|
+
export class TamperEvidentLog {
|
|
121
|
+
entries = [];
|
|
122
|
+
now;
|
|
123
|
+
constructor(options) {
|
|
124
|
+
this.now = options?.clock ?? (() => Date.now());
|
|
125
|
+
}
|
|
126
|
+
append(eventType, subject, severity, summary) {
|
|
127
|
+
const seq = this.entries.length;
|
|
128
|
+
const prevHash = seq === 0 ? GENESIS_HASH : this.entries[seq - 1].hash;
|
|
129
|
+
const at = new Date(this.now()).toISOString();
|
|
130
|
+
const partial = {
|
|
131
|
+
seq,
|
|
132
|
+
at,
|
|
133
|
+
eventType,
|
|
134
|
+
subject,
|
|
135
|
+
severity,
|
|
136
|
+
summary,
|
|
137
|
+
prevHash,
|
|
138
|
+
};
|
|
139
|
+
const entry = { ...partial, hash: hashAuditEntry(partial) };
|
|
140
|
+
this.entries.push(entry);
|
|
141
|
+
return entry;
|
|
142
|
+
}
|
|
143
|
+
get log() {
|
|
144
|
+
return this.entries.slice();
|
|
145
|
+
}
|
|
146
|
+
get length() {
|
|
147
|
+
return this.entries.length;
|
|
148
|
+
}
|
|
149
|
+
/**
|
|
150
|
+
* Hash of the latest entry — commits transitively to the whole chain (or the
|
|
151
|
+
* genesis hash for an empty log). Capture {length, headHash} as an anchor to
|
|
152
|
+
* detect later tail-truncation (which `verify()` alone cannot — see below).
|
|
153
|
+
*/
|
|
154
|
+
get headHash() {
|
|
155
|
+
return this.entries.length === 0
|
|
156
|
+
? GENESIS_HASH
|
|
157
|
+
: this.entries[this.entries.length - 1].hash;
|
|
158
|
+
}
|
|
159
|
+
/**
|
|
160
|
+
* Recompute every hash end-to-end. Returns `false` if any entry's seq, prevHash,
|
|
161
|
+
* or content was altered (edit / reorder / insertion).
|
|
162
|
+
*
|
|
163
|
+
* LIMITATION (honest): deleting the NEWEST entries leaves a shorter chain that
|
|
164
|
+
* still verifies — `verify()` cannot detect tail-truncation on its own. Use
|
|
165
|
+
* `verifyAgainstAnchor` with a previously captured {length, headHash} to catch it.
|
|
166
|
+
*/
|
|
167
|
+
verify() {
|
|
168
|
+
let prev = GENESIS_HASH;
|
|
169
|
+
for (let i = 0; i < this.entries.length; i++) {
|
|
170
|
+
const entry = this.entries[i];
|
|
171
|
+
if (entry.seq !== i || entry.prevHash !== prev)
|
|
172
|
+
return false;
|
|
173
|
+
const { hash, ...partial } = entry;
|
|
174
|
+
if (hashAuditEntry(partial) !== hash)
|
|
175
|
+
return false;
|
|
176
|
+
prev = hash;
|
|
177
|
+
}
|
|
178
|
+
return true;
|
|
179
|
+
}
|
|
180
|
+
/**
|
|
181
|
+
* Detect tampering INCLUDING tail-truncation by comparing against a previously
|
|
182
|
+
* captured anchor. Returns true only when the chain verifies AND the length and
|
|
183
|
+
* head hash exactly match the anchor — so any dropped/added/edited entry fails.
|
|
184
|
+
*/
|
|
185
|
+
verifyAgainstAnchor(anchor) {
|
|
186
|
+
return this.verify() && this.length === anchor.length && this.headHash === anchor.headHash;
|
|
187
|
+
}
|
|
188
|
+
}
|
|
189
|
+
// ---------------------------------------------------------------------------
|
|
190
|
+
// Referential-integrity checks
|
|
191
|
+
// ---------------------------------------------------------------------------
|
|
192
|
+
/**
|
|
193
|
+
* Given a set of ref-integrity assertions and a lookup function that returns
|
|
194
|
+
* `true` when the referenced target EXISTS, return all violations.
|
|
195
|
+
*
|
|
196
|
+
* The lookup is synchronous and provided by the caller (never touches DB here).
|
|
197
|
+
* In production tests, the caller wraps the engine-agent snapshot.
|
|
198
|
+
*
|
|
199
|
+
* @param assertions Assertions to validate.
|
|
200
|
+
* @param keyExists Pure: returns true iff targetEntity has an entry for key.
|
|
201
|
+
* @param keys The set of keys to verify (from the source collection sample).
|
|
202
|
+
*/
|
|
203
|
+
export function detectRefIntegrityViolations(assertions, keyExists, keys, clock = Date.now) {
|
|
204
|
+
const violations = [];
|
|
205
|
+
for (const assertion of assertions) {
|
|
206
|
+
const keysToCheck = keys.get(assertion.description) ?? [];
|
|
207
|
+
for (const key of keysToCheck) {
|
|
208
|
+
if (!keyExists(assertion.targetEntity, key)) {
|
|
209
|
+
violations.push({
|
|
210
|
+
assertion,
|
|
211
|
+
orphanedKey: key,
|
|
212
|
+
detectedAtMs: clock(),
|
|
213
|
+
});
|
|
214
|
+
}
|
|
215
|
+
}
|
|
216
|
+
}
|
|
217
|
+
return violations;
|
|
218
|
+
}
|
|
219
|
+
// ---------------------------------------------------------------------------
|
|
220
|
+
// Cross-store consistency checks
|
|
221
|
+
// ---------------------------------------------------------------------------
|
|
222
|
+
/**
|
|
223
|
+
* Compare a list of cross-store check results and return those that are inconsistent.
|
|
224
|
+
* "Consistent" means `JSON.stringify(primary)` equals `JSON.stringify(secondary)`.
|
|
225
|
+
* This deterministic serialisation comparison is intentionally conservative:
|
|
226
|
+
* structural differences in types (number vs string "42") ARE flagged.
|
|
227
|
+
*/
|
|
228
|
+
export function detectCrossStoreInconsistencies(checks, clock = Date.now) {
|
|
229
|
+
const inconsistencies = [];
|
|
230
|
+
for (const check of checks) {
|
|
231
|
+
const primary = JSON.stringify(check.primaryValue);
|
|
232
|
+
const secondary = JSON.stringify(check.secondaryValue);
|
|
233
|
+
if (primary !== secondary) {
|
|
234
|
+
inconsistencies.push({ check, detectedAtMs: clock() });
|
|
235
|
+
}
|
|
236
|
+
}
|
|
237
|
+
return inconsistencies;
|
|
238
|
+
}
|
|
239
|
+
// ---------------------------------------------------------------------------
|
|
240
|
+
// Reconciliation engine
|
|
241
|
+
// ---------------------------------------------------------------------------
|
|
242
|
+
/**
|
|
243
|
+
* Evaluate a reconciliation assertion by comparing expected vs observed values.
|
|
244
|
+
* The `tolerance` parameter is the maximum allowed absolute delta (default 0 —
|
|
245
|
+
* exact match required for financial values).
|
|
246
|
+
*
|
|
247
|
+
* Never rounds the delta: show-the-math transparency.
|
|
248
|
+
*/
|
|
249
|
+
export function reconcile(assertion, expectedValue, observedValue, toleranceAbsolute = 0, clock = Date.now) {
|
|
250
|
+
// Fail-closed on non-finite inputs: a NaN/Infinity expected or observed value is
|
|
251
|
+
// an unknown/ambiguous state and must be treated as a BREAK, never silently passed
|
|
252
|
+
// (NaN > tolerance === false would let a corrupt reconciliation slip through).
|
|
253
|
+
const bothFinite = Number.isFinite(expectedValue) && Number.isFinite(observedValue);
|
|
254
|
+
const delta = bothFinite ? Math.abs(expectedValue - observedValue) : NaN;
|
|
255
|
+
// Never round delta — the caller sees the exact number.
|
|
256
|
+
return {
|
|
257
|
+
assertion,
|
|
258
|
+
expectedValue,
|
|
259
|
+
observedValue,
|
|
260
|
+
delta,
|
|
261
|
+
isBreak: !bothFinite || delta > toleranceAbsolute,
|
|
262
|
+
capturedAtMs: clock(),
|
|
263
|
+
};
|
|
264
|
+
}
|
|
265
|
+
// ---------------------------------------------------------------------------
|
|
266
|
+
// Backup / RPO verification (must-fix #2)
|
|
267
|
+
// ---------------------------------------------------------------------------
|
|
268
|
+
/**
|
|
269
|
+
* Verify a backup against an RPO target.
|
|
270
|
+
*
|
|
271
|
+
* Must-fix #2: a backup is only fully verified when a restore-test has been
|
|
272
|
+
* performed. A backup with status='verified' but no restoreTestedAtMs is flagged
|
|
273
|
+
* as restoreVerified=false — the Notary cannot assume a backup is usable until
|
|
274
|
+
* restore has been confirmed.
|
|
275
|
+
*
|
|
276
|
+
* @param name Logical backup name.
|
|
277
|
+
* @param backupTimestampMs When the backup was taken (epoch ms), or undefined if unknown.
|
|
278
|
+
* @param status The status resolved by engine agent #44 or the caller.
|
|
279
|
+
* @param rpoTargetMs Recovery-point objective in milliseconds.
|
|
280
|
+
* @param restoreTestedAtMs Optional: when a restore-test was last confirmed (epoch ms).
|
|
281
|
+
* When absent the backup is NOT considered restore-verified.
|
|
282
|
+
* @param clock Injectable for deterministic tests.
|
|
283
|
+
*/
|
|
284
|
+
export function verifyBackup(name, backupTimestampMs, status, rpoTargetMs, restoreTestedAtMs, clock = Date.now) {
|
|
285
|
+
const nowMs = clock();
|
|
286
|
+
let rpoSatisfied;
|
|
287
|
+
if (status !== 'verified' || backupTimestampMs === undefined) {
|
|
288
|
+
rpoSatisfied = false;
|
|
289
|
+
}
|
|
290
|
+
else {
|
|
291
|
+
const ageMs = nowMs - backupTimestampMs;
|
|
292
|
+
rpoSatisfied = ageMs <= rpoTargetMs;
|
|
293
|
+
}
|
|
294
|
+
// must-fix #2: restoreVerified requires BOTH rpoSatisfied AND a confirmed restore-test.
|
|
295
|
+
// A backup with no restoreTestedAtMs is fail-closed — we cannot assume it is restorable.
|
|
296
|
+
const restoreVerified = rpoSatisfied && restoreTestedAtMs !== undefined && restoreTestedAtMs <= nowMs;
|
|
297
|
+
return {
|
|
298
|
+
name,
|
|
299
|
+
status,
|
|
300
|
+
backupTimestampMs,
|
|
301
|
+
rpoTargetMs,
|
|
302
|
+
rpoSatisfied,
|
|
303
|
+
verifiedAtMs: nowMs,
|
|
304
|
+
restoreVerified,
|
|
305
|
+
...(restoreTestedAtMs !== undefined ? { restoreTestedAtMs } : {}),
|
|
306
|
+
};
|
|
307
|
+
}
|
|
308
|
+
// ---------------------------------------------------------------------------
|
|
309
|
+
// Distribution anomaly detection
|
|
310
|
+
// ---------------------------------------------------------------------------
|
|
311
|
+
/**
|
|
312
|
+
* Analyse field-level distribution stats and return anomalies found.
|
|
313
|
+
* Never modifies the input; purely derives anomalies from the stats.
|
|
314
|
+
*/
|
|
315
|
+
export function detectDistributionAnomalies(stats, options, clock = Date.now) {
|
|
316
|
+
const nullThresh = options?.nullSpikeThreshold ?? NULL_SPIKE_THRESHOLD;
|
|
317
|
+
const dupThresh = options?.dupSpikeThreshold ?? DUP_SPIKE_THRESHOLD;
|
|
318
|
+
const expectedCounts = options?.expectedCountsByField;
|
|
319
|
+
const driftTolerance = options?.countDriftToleranceFraction ?? 0.05;
|
|
320
|
+
const anomalies = [];
|
|
321
|
+
const nowMs = clock();
|
|
322
|
+
for (const stat of stats) {
|
|
323
|
+
if (stat.totalCount > 0 && stat.nullFraction > nullThresh) {
|
|
324
|
+
anomalies.push({
|
|
325
|
+
stats: stat,
|
|
326
|
+
anomalyType: 'null-spike',
|
|
327
|
+
detail: `${stat.field} on ${stat.entityType}: null fraction ${(stat.nullFraction * 100).toFixed(2)}% ` +
|
|
328
|
+
`exceeds threshold ${(nullThresh * 100).toFixed(2)}%`,
|
|
329
|
+
detectedAtMs: nowMs,
|
|
330
|
+
});
|
|
331
|
+
}
|
|
332
|
+
if (stat.totalCount > 0 && stat.dupFraction > dupThresh) {
|
|
333
|
+
anomalies.push({
|
|
334
|
+
stats: stat,
|
|
335
|
+
anomalyType: 'dup-spike',
|
|
336
|
+
detail: `${stat.field} on ${stat.entityType}: duplicate fraction ${(stat.dupFraction * 100).toFixed(2)}% ` +
|
|
337
|
+
`exceeds threshold ${(dupThresh * 100).toFixed(2)}%`,
|
|
338
|
+
detectedAtMs: nowMs,
|
|
339
|
+
});
|
|
340
|
+
}
|
|
341
|
+
if (expectedCounts !== undefined) {
|
|
342
|
+
const expectedCount = expectedCounts.get(stat.field);
|
|
343
|
+
if (expectedCount !== undefined && expectedCount > 0) {
|
|
344
|
+
const driftFraction = Math.abs(stat.totalCount - expectedCount) / expectedCount;
|
|
345
|
+
if (driftFraction > driftTolerance) {
|
|
346
|
+
anomalies.push({
|
|
347
|
+
stats: stat,
|
|
348
|
+
anomalyType: 'count-drift',
|
|
349
|
+
detail: `${stat.field} on ${stat.entityType}: count ${stat.totalCount} vs expected ${expectedCount} ` +
|
|
350
|
+
`(${(driftFraction * 100).toFixed(2)}% drift, tolerance ${(driftTolerance * 100).toFixed(2)}%)`,
|
|
351
|
+
detectedAtMs: nowMs,
|
|
352
|
+
});
|
|
353
|
+
}
|
|
354
|
+
}
|
|
355
|
+
}
|
|
356
|
+
}
|
|
357
|
+
return anomalies;
|
|
358
|
+
}
|
|
359
|
+
// ---------------------------------------------------------------------------
|
|
360
|
+
// Data lineage — corruption tracing (must-fix #6)
|
|
361
|
+
// ---------------------------------------------------------------------------
|
|
362
|
+
/**
|
|
363
|
+
* Trace a corruption (observed at `corruptedNodeId`) back to its most-upstream
|
|
364
|
+
* source(s) in the lineage graph via breadth-first traversal.
|
|
365
|
+
*
|
|
366
|
+
* Must-fix #6: when multiple source nodes (upstreamIds.length === 0) are reachable,
|
|
367
|
+
* ALL candidates are returned in `rootCauseCandidates`. The `rootCauseNode` field
|
|
368
|
+
* is a DETERMINISTIC HEURISTIC (lexicographically first candidate id) — it is
|
|
369
|
+
* explicitly NOT an authoritative single-root determination. Callers must inspect
|
|
370
|
+
* `rootCauseCandidates` for the full picture in branching lineage graphs.
|
|
371
|
+
*
|
|
372
|
+
* Returns `undefined` if `corruptedNodeId` is not found in the graph.
|
|
373
|
+
*/
|
|
374
|
+
export function traceCorruption(graph, corruptedNodeId) {
|
|
375
|
+
const nodeById = new Map();
|
|
376
|
+
for (const node of graph.nodes) {
|
|
377
|
+
nodeById.set(node.id, node);
|
|
378
|
+
}
|
|
379
|
+
const startNode = nodeById.get(corruptedNodeId);
|
|
380
|
+
if (startNode === undefined)
|
|
381
|
+
return undefined;
|
|
382
|
+
// BFS upstream: follow upstreamIds edges
|
|
383
|
+
const visited = new Set();
|
|
384
|
+
const queue = [startNode];
|
|
385
|
+
const pathOrder = [];
|
|
386
|
+
while (queue.length > 0) {
|
|
387
|
+
// Pop the front (BFS — deterministic processing order)
|
|
388
|
+
const current = queue.shift();
|
|
389
|
+
if (visited.has(current.id))
|
|
390
|
+
continue;
|
|
391
|
+
visited.add(current.id);
|
|
392
|
+
pathOrder.push(current);
|
|
393
|
+
// Sort upstream ids for deterministic traversal
|
|
394
|
+
const upstreams = [...current.upstreamIds].sort();
|
|
395
|
+
for (const upId of upstreams) {
|
|
396
|
+
const up = nodeById.get(upId);
|
|
397
|
+
if (up && !visited.has(up.id)) {
|
|
398
|
+
queue.push(up);
|
|
399
|
+
}
|
|
400
|
+
}
|
|
401
|
+
}
|
|
402
|
+
// Collect ALL source nodes (no upstream) — these are the candidates.
|
|
403
|
+
const rootCauseCandidates = pathOrder
|
|
404
|
+
.filter((n) => n.upstreamIds.length === 0)
|
|
405
|
+
.sort((a, b) => (a.id < b.id ? -1 : a.id > b.id ? 1 : 0));
|
|
406
|
+
// Deterministic heuristic tie-break: lex-first candidate.
|
|
407
|
+
// HEURISTIC: not authoritative in branching graphs; see rootCauseCandidates.
|
|
408
|
+
const rootCauseNode = rootCauseCandidates.length > 0 ? rootCauseCandidates[0] : startNode;
|
|
409
|
+
// The lineage path is ordered most-upstream first
|
|
410
|
+
const lineagePath = [...pathOrder].reverse();
|
|
411
|
+
return {
|
|
412
|
+
observedAt: corruptedNodeId,
|
|
413
|
+
lineagePath,
|
|
414
|
+
rootCauseNode,
|
|
415
|
+
rootCauseCandidates,
|
|
416
|
+
};
|
|
417
|
+
}
|
|
418
|
+
// ---------------------------------------------------------------------------
|
|
419
|
+
// Summary builder
|
|
420
|
+
// ---------------------------------------------------------------------------
|
|
421
|
+
/**
|
|
422
|
+
* Canonical severity-by-class — the single documented source of truth for the
|
|
423
|
+
* Notary-layer violation classes. These classes carry an inherent risk level (a
|
|
424
|
+
* referential-integrity break or cross-store divergence IS a high-severity data
|
|
425
|
+
* hazard; a reconciliation break IS critical; a backup that fails RPO OR is within
|
|
426
|
+
* RPO but never restore-tested IS high). Ingested engine findings keep their OWN
|
|
427
|
+
* severity (assigned by the engine agent), never overridden here.
|
|
428
|
+
*/
|
|
429
|
+
const SEVERITY_BY_CLASS = {
|
|
430
|
+
refViolation: 'high',
|
|
431
|
+
crossStoreInconsistency: 'high',
|
|
432
|
+
reconciliationBreak: 'critical',
|
|
433
|
+
backupRpoFail: 'high',
|
|
434
|
+
backupRestoreUntested: 'high',
|
|
435
|
+
distributionAnomaly: 'medium',
|
|
436
|
+
};
|
|
437
|
+
function buildSummary(refViolations, crossStoreInconsistencies, reconciliationBreaks, backupVerifications, distributionAnomalies, engineFindings) {
|
|
438
|
+
const counts = {
|
|
439
|
+
critical: 0,
|
|
440
|
+
high: 0,
|
|
441
|
+
medium: 0,
|
|
442
|
+
low: 0,
|
|
443
|
+
info: 0,
|
|
444
|
+
};
|
|
445
|
+
for (const _ of refViolations)
|
|
446
|
+
counts[SEVERITY_BY_CLASS.refViolation] += 1;
|
|
447
|
+
for (const _ of crossStoreInconsistencies)
|
|
448
|
+
counts[SEVERITY_BY_CLASS.crossStoreInconsistency] += 1;
|
|
449
|
+
// reconciliationBreaks is already the isBreak-filtered list (see buildReport).
|
|
450
|
+
for (const _ of reconciliationBreaks)
|
|
451
|
+
counts[SEVERITY_BY_CLASS.reconciliationBreak] += 1;
|
|
452
|
+
// must-fix #2: a backup that fails RPO OR is within RPO but never restore-tested is a
|
|
453
|
+
// violation and MUST roll up to escalation — restore-untested no longer scores 0.
|
|
454
|
+
let backupViolations = 0;
|
|
455
|
+
for (const bv of backupVerifications) {
|
|
456
|
+
if (!bv.rpoSatisfied) {
|
|
457
|
+
counts[SEVERITY_BY_CLASS.backupRpoFail] += 1;
|
|
458
|
+
backupViolations += 1;
|
|
459
|
+
}
|
|
460
|
+
else if (!bv.restoreVerified) {
|
|
461
|
+
counts[SEVERITY_BY_CLASS.backupRestoreUntested] += 1;
|
|
462
|
+
backupViolations += 1;
|
|
463
|
+
}
|
|
464
|
+
}
|
|
465
|
+
for (const _ of distributionAnomalies)
|
|
466
|
+
counts[SEVERITY_BY_CLASS.distributionAnomaly] += 1;
|
|
467
|
+
// Ingested engine findings keep their own (engine-assigned) severity.
|
|
468
|
+
for (const f of engineFindings) {
|
|
469
|
+
counts[f.severity] += 1;
|
|
470
|
+
}
|
|
471
|
+
const totalViolations = refViolations.length +
|
|
472
|
+
crossStoreInconsistencies.length +
|
|
473
|
+
reconciliationBreaks.length +
|
|
474
|
+
backupViolations +
|
|
475
|
+
distributionAnomalies.length +
|
|
476
|
+
engineFindings.length;
|
|
477
|
+
return {
|
|
478
|
+
totalViolations,
|
|
479
|
+
critical: counts.critical,
|
|
480
|
+
high: counts.high,
|
|
481
|
+
medium: counts.medium,
|
|
482
|
+
low: counts.low,
|
|
483
|
+
requiresEscalation: counts.critical > 0 || counts.high > 0,
|
|
484
|
+
};
|
|
485
|
+
}
|
|
486
|
+
// ---------------------------------------------------------------------------
|
|
487
|
+
// Read-only guard + proof (must-fix #1 / AC-5)
|
|
488
|
+
// ---------------------------------------------------------------------------
|
|
489
|
+
/**
|
|
490
|
+
* Wrap a caller-supplied data source in a read-only Proxy. Any write — property
|
|
491
|
+
* set, delete, or defineProperty — is RECORDED (the attempt count increments) and
|
|
492
|
+
* then THROWN, so production data cannot be mutated through the handle. This is the
|
|
493
|
+
* real enforcement primitive behind the Notary's read-only proof: `mutated` is
|
|
494
|
+
* COMPUTED from observed write attempts, not asserted as a hardcoded literal.
|
|
495
|
+
*/
|
|
496
|
+
export function createReadOnlyGuard(target, onAttempt) {
|
|
497
|
+
let attempts = 0;
|
|
498
|
+
const block = (operation) => {
|
|
499
|
+
attempts += 1;
|
|
500
|
+
onAttempt?.(operation);
|
|
501
|
+
throw new TypeError(`[Notary] read-only violation: ${operation} is forbidden on guarded production data`);
|
|
502
|
+
};
|
|
503
|
+
const handle = new Proxy(target, {
|
|
504
|
+
set: (_t, prop) => block(`set ${String(prop)}`),
|
|
505
|
+
deleteProperty: (_t, prop) => block(`delete ${String(prop)}`),
|
|
506
|
+
defineProperty: (_t, prop) => block(`defineProperty ${String(prop)}`),
|
|
507
|
+
});
|
|
508
|
+
return { handle, mutationAttempts: () => attempts };
|
|
509
|
+
}
|
|
510
|
+
/**
|
|
511
|
+
* Build the read-only proof from the number of write attempts the session observed
|
|
512
|
+
* through its guard(s). `mutated` is true iff a write was attempted (and blocked);
|
|
513
|
+
* the object is frozen so the proof itself cannot be altered after the fact.
|
|
514
|
+
*/
|
|
515
|
+
function makeReadOnlyProof(mutationAttempts) {
|
|
516
|
+
const proof = {
|
|
517
|
+
mutated: mutationAttempts > 0,
|
|
518
|
+
mutationAttempts,
|
|
519
|
+
frozen: true,
|
|
520
|
+
};
|
|
521
|
+
Object.freeze(proof);
|
|
522
|
+
return proof;
|
|
523
|
+
}
|
|
524
|
+
/**
|
|
525
|
+
* A single data-integrity assessment session.
|
|
526
|
+
*
|
|
527
|
+
* Design intent:
|
|
528
|
+
* - The session is the "composing layer": callers feed it the outputs of engine
|
|
529
|
+
* agents (#14/#43/#44/#45) plus domain-specific fixtures/snapshots.
|
|
530
|
+
* - The session itself is pure / event-driven — it holds no database connections.
|
|
531
|
+
* - All methods are read-only with respect to production data. The session
|
|
532
|
+
* accumulates observations then produces a final report.
|
|
533
|
+
*
|
|
534
|
+
* Read-only contract: every method observes but does not write. The `readOnlyProof`
|
|
535
|
+
* on the report is a frozen object — any runtime mutation attempt throws.
|
|
536
|
+
*
|
|
537
|
+
* Engine-reuse boundary: callers (or integration tests) supply Finding[] from the
|
|
538
|
+
* real engine agents via ingestEngineFindings(). This module composes, not replaces.
|
|
539
|
+
*/
|
|
540
|
+
export class DataIntegritySession {
|
|
541
|
+
sessionId;
|
|
542
|
+
startedAtMs;
|
|
543
|
+
clock;
|
|
544
|
+
auditLog;
|
|
545
|
+
// Accumulated observations
|
|
546
|
+
_refViolations = [];
|
|
547
|
+
_crossStoreInconsistencies = [];
|
|
548
|
+
_reconciliationSnapshots = [];
|
|
549
|
+
_backupVerifications = [];
|
|
550
|
+
_distributionAnomalies = [];
|
|
551
|
+
_engineFindings = [];
|
|
552
|
+
_corruptionTraces = [];
|
|
553
|
+
/** Count of write attempts observed (and blocked) through guard() — backs the read-only proof. */
|
|
554
|
+
_mutationAttempts = 0;
|
|
555
|
+
constructor(options) {
|
|
556
|
+
this.clock = options?.clock ?? (() => Date.now());
|
|
557
|
+
this.sessionId = options?.sessionId ?? `notary-${this.clock()}`;
|
|
558
|
+
this.startedAtMs = this.clock();
|
|
559
|
+
this.auditLog = new TamperEvidentLog({ clock: this.clock });
|
|
560
|
+
}
|
|
561
|
+
// ------------------------------------------------------------------
|
|
562
|
+
// Ingest engine-agent findings (composition — not re-implementation)
|
|
563
|
+
// ------------------------------------------------------------------
|
|
564
|
+
/**
|
|
565
|
+
* Ingest Finding[] from engine agents #14, #43, #44, or #45.
|
|
566
|
+
* Findings are never mutated; they are stored by reference and
|
|
567
|
+
* surfaced verbatim in the report.
|
|
568
|
+
*
|
|
569
|
+
* Must-fix #3: each finding is logged under its correct IntegrityEventType
|
|
570
|
+
* based on the source engine agent's ID, not uniformly as 'ref-integrity-violation'.
|
|
571
|
+
*
|
|
572
|
+
* Engine-reuse proof: the agentId on each finding must match the originating
|
|
573
|
+
* engine agent (14, 43, 44, or 45). The audit log records the correct category.
|
|
574
|
+
*/
|
|
575
|
+
ingestEngineFindings(findings) {
|
|
576
|
+
for (const f of findings) {
|
|
577
|
+
this._engineFindings.push(f);
|
|
578
|
+
const eventType = engineFindingToEventType(f);
|
|
579
|
+
this.auditLog.append(eventType, `agent:${f.agentId}:${f.id}`, f.severity, f.description);
|
|
580
|
+
}
|
|
581
|
+
}
|
|
582
|
+
/**
|
|
583
|
+
* Wrap a live production data source in a read-only guard before the session reads
|
|
584
|
+
* from it. Any write attempted through the returned handle is blocked (throws) and
|
|
585
|
+
* recorded — surfacing as readOnlyProof.mutated=true on the report. The Notary
|
|
586
|
+
* itself never writes, so a clean run reports mutated=false honestly.
|
|
587
|
+
*/
|
|
588
|
+
guard(source) {
|
|
589
|
+
return createReadOnlyGuard(source, () => {
|
|
590
|
+
this._mutationAttempts += 1;
|
|
591
|
+
}).handle;
|
|
592
|
+
}
|
|
593
|
+
// ------------------------------------------------------------------
|
|
594
|
+
// Ref-integrity
|
|
595
|
+
// ------------------------------------------------------------------
|
|
596
|
+
checkRefIntegrity(assertions, keyExists, keys) {
|
|
597
|
+
const violations = detectRefIntegrityViolations(assertions, keyExists, keys, this.clock);
|
|
598
|
+
for (const v of violations) {
|
|
599
|
+
this._refViolations.push(v);
|
|
600
|
+
this.auditLog.append('ref-integrity-violation', `${v.assertion.sourceEntity}.${v.assertion.sourceField}=${v.orphanedKey}`, 'high', `Orphaned key "${v.orphanedKey}" has no matching ${v.assertion.targetEntity} record`);
|
|
601
|
+
}
|
|
602
|
+
return violations;
|
|
603
|
+
}
|
|
604
|
+
// ------------------------------------------------------------------
|
|
605
|
+
// Cross-store consistency
|
|
606
|
+
// ------------------------------------------------------------------
|
|
607
|
+
checkCrossStoreConsistency(checks) {
|
|
608
|
+
const inconsistencies = detectCrossStoreInconsistencies(checks, this.clock);
|
|
609
|
+
for (const inc of inconsistencies) {
|
|
610
|
+
this._crossStoreInconsistencies.push(inc);
|
|
611
|
+
this.auditLog.append('cross-store-inconsistency', `${inc.check.entityType}:${inc.check.entityId} vs ${inc.check.secondaryStore}`, 'high', `Primary and secondary store values differ for entity ${inc.check.entityId}`);
|
|
612
|
+
}
|
|
613
|
+
return inconsistencies;
|
|
614
|
+
}
|
|
615
|
+
// ------------------------------------------------------------------
|
|
616
|
+
// Reconciliation
|
|
617
|
+
// ------------------------------------------------------------------
|
|
618
|
+
runReconciliation(assertion, expectedValue, observedValue, toleranceAbsolute = 0) {
|
|
619
|
+
const snapshot = reconcile(assertion, expectedValue, observedValue, toleranceAbsolute, this.clock);
|
|
620
|
+
this._reconciliationSnapshots.push(snapshot);
|
|
621
|
+
if (snapshot.isBreak) {
|
|
622
|
+
this.auditLog.append('reconciliation-break', assertion.label, 'critical', `Reconciliation break: expected=${expectedValue} observed=${observedValue} delta=${snapshot.delta}`);
|
|
623
|
+
}
|
|
624
|
+
return snapshot;
|
|
625
|
+
}
|
|
626
|
+
// ------------------------------------------------------------------
|
|
627
|
+
// Backup verification (must-fix #2)
|
|
628
|
+
// ------------------------------------------------------------------
|
|
629
|
+
/**
|
|
630
|
+
* Verify a backup against RPO and restore-test requirements.
|
|
631
|
+
*
|
|
632
|
+
* Must-fix #2: if no restoreTestedAtMs is provided, the backup is logged as
|
|
633
|
+
* 'backup-restore-untested' in the audit trail regardless of status. A backup
|
|
634
|
+
* with no confirmed restore-test is NOT considered fully verified.
|
|
635
|
+
*/
|
|
636
|
+
verifyBackup(name, backupTimestampMs, status, rpoTargetMs, restoreTestedAtMs) {
|
|
637
|
+
const result = verifyBackup(name, backupTimestampMs, status, rpoTargetMs, restoreTestedAtMs, this.clock);
|
|
638
|
+
this._backupVerifications.push(result);
|
|
639
|
+
if (restoreTestedAtMs === undefined && status === 'verified') {
|
|
640
|
+
// Fail-closed: backup claims to be verified but was never restore-tested.
|
|
641
|
+
// Log as an explicit warning — this is an incomplete verification.
|
|
642
|
+
this.auditLog.append('backup-restore-untested', `backup:${name}`, 'high', `Backup "${name}" status=verified but NO restore-test has been performed. ` +
|
|
643
|
+
`RPO verification is INCOMPLETE without a confirmed restore.`);
|
|
644
|
+
}
|
|
645
|
+
else {
|
|
646
|
+
const eventType = status === 'verified'
|
|
647
|
+
? 'backup-verified'
|
|
648
|
+
: status === 'missing'
|
|
649
|
+
? 'backup-missing'
|
|
650
|
+
: 'backup-stale';
|
|
651
|
+
this.auditLog.append(eventType, `backup:${name}`, result.rpoSatisfied ? 'info' : 'high', result.rpoSatisfied
|
|
652
|
+
? `Backup "${name}" verified and within RPO (${rpoTargetMs}ms)`
|
|
653
|
+
: `Backup "${name}" FAILS RPO — status=${status}`);
|
|
654
|
+
}
|
|
655
|
+
return result;
|
|
656
|
+
}
|
|
657
|
+
// ------------------------------------------------------------------
|
|
658
|
+
// Distribution anomalies
|
|
659
|
+
// ------------------------------------------------------------------
|
|
660
|
+
checkDistribution(stats, options) {
|
|
661
|
+
const anomalies = detectDistributionAnomalies(stats, options, this.clock);
|
|
662
|
+
for (const anomaly of anomalies) {
|
|
663
|
+
this._distributionAnomalies.push(anomaly);
|
|
664
|
+
this.auditLog.append('distribution-anomaly', `${anomaly.stats.entityType}.${anomaly.stats.field}`, 'medium', anomaly.detail);
|
|
665
|
+
}
|
|
666
|
+
return anomalies;
|
|
667
|
+
}
|
|
668
|
+
// ------------------------------------------------------------------
|
|
669
|
+
// Lineage / corruption tracing
|
|
670
|
+
// ------------------------------------------------------------------
|
|
671
|
+
traceCorruption(graph, corruptedNodeId) {
|
|
672
|
+
const trace = traceCorruption(graph, corruptedNodeId);
|
|
673
|
+
if (trace !== undefined) {
|
|
674
|
+
this._corruptionTraces.push(trace);
|
|
675
|
+
const candidateIds = trace.rootCauseCandidates.map((n) => n.id).join(', ');
|
|
676
|
+
this.auditLog.append('lineage-corruption-traced', corruptedNodeId, 'critical', `Corruption at "${corruptedNodeId}" traced; root-cause candidates: [${candidateIds}]. ` +
|
|
677
|
+
`Heuristic primary: "${trace.rootCauseNode.id}"`);
|
|
678
|
+
}
|
|
679
|
+
return trace;
|
|
680
|
+
}
|
|
681
|
+
// ------------------------------------------------------------------
|
|
682
|
+
// Audit-chain integrity check
|
|
683
|
+
// ------------------------------------------------------------------
|
|
684
|
+
/**
|
|
685
|
+
* Verify the internal hash chain. Returns `true` if intact.
|
|
686
|
+
* Call this after all checks to detect any in-process tampering.
|
|
687
|
+
*/
|
|
688
|
+
verifyAuditChain() {
|
|
689
|
+
return this.auditLog.verify();
|
|
690
|
+
}
|
|
691
|
+
/**
|
|
692
|
+
* Expose the raw audit log entries (for tests and dashboards).
|
|
693
|
+
*/
|
|
694
|
+
get auditEntries() {
|
|
695
|
+
return this.auditLog.log;
|
|
696
|
+
}
|
|
697
|
+
/**
|
|
698
|
+
* Expose the TamperEvidentLog instance for direct tampering in tests.
|
|
699
|
+
* Must-fix #4: integration tests need to tamper a REAL audit entry and
|
|
700
|
+
* assert buildReport().auditChainIntact === false.
|
|
701
|
+
*/
|
|
702
|
+
get _auditLog() {
|
|
703
|
+
return this.auditLog;
|
|
704
|
+
}
|
|
705
|
+
// ------------------------------------------------------------------
|
|
706
|
+
// Report
|
|
707
|
+
// ------------------------------------------------------------------
|
|
708
|
+
/**
|
|
709
|
+
* Finalise the session and return the integrity report.
|
|
710
|
+
*
|
|
711
|
+
* The returned report is a snapshot. It is deeply immutable by convention:
|
|
712
|
+
* all arrays are sliced, and `readOnlyProof` is a frozen object with mutated:false.
|
|
713
|
+
*
|
|
714
|
+
* Must-fix #1: readOnlyProof is produced by makeReadOnlyProof() which freezes the
|
|
715
|
+
* object — runtime write attempts throw in strict mode.
|
|
716
|
+
*
|
|
717
|
+
* Escalation guidance:
|
|
718
|
+
* - If `report.summary.requiresEscalation` is true, route to the Harness.
|
|
719
|
+
* - NEVER auto-repair; the Notary only observes and alerts.
|
|
720
|
+
*/
|
|
721
|
+
buildReport() {
|
|
722
|
+
const reconciliationBreaks = this._reconciliationSnapshots.filter((s) => s.isBreak);
|
|
723
|
+
const summary = buildSummary(this._refViolations, this._crossStoreInconsistencies, reconciliationBreaks, this._backupVerifications, this._distributionAnomalies, this._engineFindings);
|
|
724
|
+
// Read-only proof computed from observed (and blocked) write attempts — frozen.
|
|
725
|
+
const readOnlyProof = makeReadOnlyProof(this._mutationAttempts);
|
|
726
|
+
return {
|
|
727
|
+
sessionId: this.sessionId,
|
|
728
|
+
startedAtMs: this.startedAtMs,
|
|
729
|
+
completedAtMs: this.clock(),
|
|
730
|
+
refViolations: this._refViolations.slice(),
|
|
731
|
+
crossStoreInconsistencies: this._crossStoreInconsistencies.slice(),
|
|
732
|
+
reconciliationSnapshots: this._reconciliationSnapshots.slice(),
|
|
733
|
+
backupVerifications: this._backupVerifications.slice(),
|
|
734
|
+
distributionAnomalies: this._distributionAnomalies.slice(),
|
|
735
|
+
engineFindings: this._engineFindings.slice(),
|
|
736
|
+
corruptionTraces: this._corruptionTraces.slice(),
|
|
737
|
+
auditChainIntact: this.verifyAuditChain(),
|
|
738
|
+
readOnlyProof,
|
|
739
|
+
summary,
|
|
740
|
+
};
|
|
741
|
+
}
|
|
742
|
+
}
|
|
743
|
+
// ---------------------------------------------------------------------------
|
|
744
|
+
// Tamper-detection helper for external audit logs
|
|
745
|
+
// ---------------------------------------------------------------------------
|
|
746
|
+
/**
|
|
747
|
+
* Re-verify an externally provided audit-log snapshot (e.g. loaded from immudb
|
|
748
|
+
* or serialised from a previous run). Returns `false` if any entry was altered.
|
|
749
|
+
*
|
|
750
|
+
* This function is pure: it has no side effects and makes no mutations.
|
|
751
|
+
*/
|
|
752
|
+
export function verifyAuditLogSnapshot(entries, expectedAnchor) {
|
|
753
|
+
let prev = GENESIS_HASH;
|
|
754
|
+
for (let i = 0; i < entries.length; i++) {
|
|
755
|
+
const entry = entries[i];
|
|
756
|
+
if (entry.seq !== i || entry.prevHash !== prev)
|
|
757
|
+
return false;
|
|
758
|
+
const { hash, ...partial } = entry;
|
|
759
|
+
if (hashAuditEntry(partial) !== hash)
|
|
760
|
+
return false;
|
|
761
|
+
prev = hash;
|
|
762
|
+
}
|
|
763
|
+
// Anchor check catches tail-truncation (a shorter still-valid chain) and head drift
|
|
764
|
+
// that the per-entry loop alone cannot detect.
|
|
765
|
+
if (expectedAnchor !== undefined) {
|
|
766
|
+
const headHash = entries.length === 0 ? GENESIS_HASH : entries[entries.length - 1].hash;
|
|
767
|
+
if (entries.length !== expectedAnchor.length || headHash !== expectedAnchor.headHash) {
|
|
768
|
+
return false;
|
|
769
|
+
}
|
|
770
|
+
}
|
|
771
|
+
return true;
|
|
772
|
+
}
|
|
773
|
+
// ---------------------------------------------------------------------------
|
|
774
|
+
// Finding builder (for integration with the Finding pipeline)
|
|
775
|
+
// ---------------------------------------------------------------------------
|
|
776
|
+
/**
|
|
777
|
+
* Convert a DataIntegrityReport into a flat Finding[] for ingestion into the
|
|
778
|
+
* pipeline's standard reporting layer (#1 dashboard, #7 financial, #25 knowledge).
|
|
779
|
+
*
|
|
780
|
+
* Only violations / breaks / failures generate findings; "all-clear" observations
|
|
781
|
+
* are omitted to keep the findings list signal-only.
|
|
782
|
+
*/
|
|
783
|
+
export function reportToFindings(report) {
|
|
784
|
+
const findings = [];
|
|
785
|
+
for (const v of report.refViolations) {
|
|
786
|
+
findings.push({
|
|
787
|
+
id: `${AGENT_ID}-ref-violation-${v.orphanedKey}`,
|
|
788
|
+
type: 'code-bug-logic',
|
|
789
|
+
severity: 'high',
|
|
790
|
+
agentId: AGENT_ID,
|
|
791
|
+
module: MODULE,
|
|
792
|
+
description: `Referential-integrity violation: ${v.assertion.sourceEntity}.${v.assertion.sourceField} ` +
|
|
793
|
+
`"${v.orphanedKey}" has no matching ${v.assertion.targetEntity} record`,
|
|
794
|
+
suggestedFix: 'Identify and remediate orphaned foreign-key references via the Harness (gated, human-approved).',
|
|
795
|
+
});
|
|
796
|
+
}
|
|
797
|
+
for (const inc of report.crossStoreInconsistencies) {
|
|
798
|
+
findings.push({
|
|
799
|
+
id: `${AGENT_ID}-cross-store-${inc.check.entityType}-${inc.check.entityId}-${inc.check.secondaryStore}`,
|
|
800
|
+
type: 'code-bug-logic',
|
|
801
|
+
severity: 'high',
|
|
802
|
+
agentId: AGENT_ID,
|
|
803
|
+
module: MODULE,
|
|
804
|
+
description: `Cross-store inconsistency: ${inc.check.entityType} id=${inc.check.entityId} ` +
|
|
805
|
+
`differs between primary and ${inc.check.secondaryStore}`,
|
|
806
|
+
suggestedFix: 'Investigate cache/index invalidation; do not auto-repair without human approval via the Harness.',
|
|
807
|
+
});
|
|
808
|
+
}
|
|
809
|
+
for (const snap of report.reconciliationSnapshots) {
|
|
810
|
+
if (!snap.isBreak)
|
|
811
|
+
continue;
|
|
812
|
+
findings.push({
|
|
813
|
+
id: `${AGENT_ID}-reconciliation-break-${snap.assertion.label}`,
|
|
814
|
+
type: 'code-bug-logic',
|
|
815
|
+
severity: 'critical',
|
|
816
|
+
agentId: AGENT_ID,
|
|
817
|
+
module: MODULE,
|
|
818
|
+
description: `Reconciliation break on "${snap.assertion.label}": ` +
|
|
819
|
+
`expected=${snap.expectedValue} observed=${snap.observedValue} delta=${snap.delta}`,
|
|
820
|
+
suggestedFix: 'Route to financial reconciliation agent #7 and escalate via the Harness for human review.',
|
|
821
|
+
});
|
|
822
|
+
}
|
|
823
|
+
for (const bv of report.backupVerifications) {
|
|
824
|
+
if (bv.rpoSatisfied && bv.restoreVerified)
|
|
825
|
+
continue;
|
|
826
|
+
if (!bv.rpoSatisfied) {
|
|
827
|
+
findings.push({
|
|
828
|
+
id: `${AGENT_ID}-backup-rpo-${bv.name}`,
|
|
829
|
+
type: 'infra-issue',
|
|
830
|
+
severity: 'high',
|
|
831
|
+
agentId: AGENT_ID,
|
|
832
|
+
module: MODULE,
|
|
833
|
+
description: `Backup "${bv.name}" fails RPO: status=${bv.status} rpoTarget=${bv.rpoTargetMs}ms`,
|
|
834
|
+
suggestedFix: 'Verify backup pipeline and confirm restore-test. Escalate to DR agent #23 via the Harness.',
|
|
835
|
+
});
|
|
836
|
+
}
|
|
837
|
+
else if (!bv.restoreVerified) {
|
|
838
|
+
// must-fix #2: RPO is satisfied but no restore-test was performed
|
|
839
|
+
findings.push({
|
|
840
|
+
id: `${AGENT_ID}-backup-restore-untested-${bv.name}`,
|
|
841
|
+
type: 'infra-issue',
|
|
842
|
+
severity: 'high',
|
|
843
|
+
agentId: AGENT_ID,
|
|
844
|
+
module: MODULE,
|
|
845
|
+
description: `Backup "${bv.name}" is within RPO but has no confirmed restore-test. ` +
|
|
846
|
+
`Cannot assert recoverability without a restore-test.`,
|
|
847
|
+
suggestedFix: 'Perform a restore-test to a timestamped snapshot. Confirm the restore via DR agent #23.',
|
|
848
|
+
});
|
|
849
|
+
}
|
|
850
|
+
}
|
|
851
|
+
for (const anomaly of report.distributionAnomalies) {
|
|
852
|
+
findings.push({
|
|
853
|
+
id: `${AGENT_ID}-distribution-${anomaly.anomalyType}-${anomaly.stats.entityType}-${anomaly.stats.field}`,
|
|
854
|
+
type: 'code-bug-logic',
|
|
855
|
+
severity: 'medium',
|
|
856
|
+
agentId: AGENT_ID,
|
|
857
|
+
module: MODULE,
|
|
858
|
+
description: anomaly.detail,
|
|
859
|
+
suggestedFix: 'Investigate data pipelines for the affected field; review recent migrations or ingestion jobs.',
|
|
860
|
+
});
|
|
861
|
+
}
|
|
862
|
+
for (const trace of report.corruptionTraces) {
|
|
863
|
+
const candidateNote = trace.rootCauseCandidates.length > 1
|
|
864
|
+
? ` (${trace.rootCauseCandidates.length} candidates: ${trace.rootCauseCandidates.map((n) => n.id).join(', ')}; heuristic primary selected)`
|
|
865
|
+
: '';
|
|
866
|
+
findings.push({
|
|
867
|
+
id: `${AGENT_ID}-lineage-corruption-${trace.observedAt}`,
|
|
868
|
+
type: 'code-bug-logic',
|
|
869
|
+
severity: 'critical',
|
|
870
|
+
agentId: AGENT_ID,
|
|
871
|
+
module: MODULE,
|
|
872
|
+
description: `Data corruption at "${trace.observedAt}" traced to root-cause node "${trace.rootCauseNode.id}"` +
|
|
873
|
+
`${candidateNote} via ${trace.lineagePath.length}-step lineage path`,
|
|
874
|
+
suggestedFix: `Investigate data origin node "${trace.rootCauseNode.label}". ` +
|
|
875
|
+
'Route remediation through the Harness with human approval.',
|
|
876
|
+
});
|
|
877
|
+
}
|
|
878
|
+
if (!report.auditChainIntact) {
|
|
879
|
+
findings.push({
|
|
880
|
+
id: `${AGENT_ID}-audit-tampering`,
|
|
881
|
+
type: 'code-bug-security',
|
|
882
|
+
severity: 'critical',
|
|
883
|
+
agentId: AGENT_ID,
|
|
884
|
+
module: MODULE,
|
|
885
|
+
description: 'AUDIT LOG TAMPERING DETECTED: the hash chain is broken. ' +
|
|
886
|
+
'One or more audit entries have been altered since they were written.',
|
|
887
|
+
suggestedFix: 'Immediately escalate to security (#2/#18). Preserve the raw log for forensic analysis.',
|
|
888
|
+
});
|
|
889
|
+
}
|
|
890
|
+
return findings;
|
|
891
|
+
}
|
|
892
|
+
//# sourceMappingURL=data-integrity.js.map
|