@avi770/testteam 3.0.0 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +166 -5
- package/README.md +92 -19
- package/bin/testteam.js +32 -4
- package/dist/agents/01-analyst.d.ts +2 -2
- package/dist/agents/01-analyst.js +1 -1
- package/dist/agents/02-seed-architect.d.ts +2 -2
- package/dist/agents/02-seed-architect.js +2 -2
- package/dist/agents/03-test-generator.d.ts +2 -2
- package/dist/agents/03-test-generator.js +2 -2
- package/dist/agents/04-unit-runner.d.ts +2 -2
- package/dist/agents/04-unit-runner.d.ts.map +1 -1
- package/dist/agents/04-unit-runner.js +12 -3
- package/dist/agents/04-unit-runner.js.map +1 -1
- package/dist/agents/05-browser-crawler.d.ts +2 -2
- package/dist/agents/05-browser-crawler.d.ts.map +1 -1
- package/dist/agents/05-browser-crawler.js +24 -12
- package/dist/agents/05-browser-crawler.js.map +1 -1
- package/dist/agents/06-api-exerciser.d.ts +2 -2
- package/dist/agents/06-api-exerciser.js +2 -2
- package/dist/agents/07-security-scout.d.ts +2 -2
- package/dist/agents/07-security-scout.js +2 -2
- package/dist/agents/08-a11y-guardian.d.ts +2 -2
- package/dist/agents/08-a11y-guardian.d.ts.map +1 -1
- package/dist/agents/08-a11y-guardian.js +9 -5
- package/dist/agents/08-a11y-guardian.js.map +1 -1
- package/dist/agents/09-healer.d.ts +2 -2
- package/dist/agents/09-healer.js +2 -2
- package/dist/agents/10-reporter.d.ts +2 -2
- package/dist/agents/10-reporter.d.ts.map +1 -1
- package/dist/agents/10-reporter.js +55 -27
- package/dist/agents/10-reporter.js.map +1 -1
- package/dist/agents/100-error-handling-auditor.d.ts +63 -0
- package/dist/agents/100-error-handling-auditor.d.ts.map +1 -0
- package/dist/agents/100-error-handling-auditor.js +334 -0
- package/dist/agents/100-error-handling-auditor.js.map +1 -0
- package/dist/agents/101-rate-limit-auditor.d.ts +72 -0
- package/dist/agents/101-rate-limit-auditor.d.ts.map +1 -0
- package/dist/agents/101-rate-limit-auditor.js +295 -0
- package/dist/agents/101-rate-limit-auditor.js.map +1 -0
- package/dist/agents/102-dockerfile-auditor.d.ts +62 -0
- package/dist/agents/102-dockerfile-auditor.d.ts.map +1 -0
- package/dist/agents/102-dockerfile-auditor.js +337 -0
- package/dist/agents/102-dockerfile-auditor.js.map +1 -0
- package/dist/agents/103-ci-workflow-auditor.d.ts +57 -0
- package/dist/agents/103-ci-workflow-auditor.d.ts.map +1 -0
- package/dist/agents/103-ci-workflow-auditor.js +247 -0
- package/dist/agents/103-ci-workflow-auditor.js.map +1 -0
- package/dist/agents/104-n-plus-one-detector.d.ts +57 -0
- package/dist/agents/104-n-plus-one-detector.d.ts.map +1 -0
- package/dist/agents/104-n-plus-one-detector.js +329 -0
- package/dist/agents/104-n-plus-one-detector.js.map +1 -0
- package/dist/agents/105-unbounded-query-auditor.d.ts +50 -0
- package/dist/agents/105-unbounded-query-auditor.d.ts.map +1 -0
- package/dist/agents/105-unbounded-query-auditor.js +284 -0
- package/dist/agents/105-unbounded-query-auditor.js.map +1 -0
- package/dist/agents/106-hardcoded-config-auditor.d.ts +54 -0
- package/dist/agents/106-hardcoded-config-auditor.d.ts.map +1 -0
- package/dist/agents/106-hardcoded-config-auditor.js +251 -0
- package/dist/agents/106-hardcoded-config-auditor.js.map +1 -0
- package/dist/agents/107-open-redirect-detector.d.ts +52 -0
- package/dist/agents/107-open-redirect-detector.d.ts.map +1 -0
- package/dist/agents/107-open-redirect-detector.js +263 -0
- package/dist/agents/107-open-redirect-detector.js.map +1 -0
- package/dist/agents/108-sql-injection-detector.d.ts +51 -0
- package/dist/agents/108-sql-injection-detector.d.ts.map +1 -0
- package/dist/agents/108-sql-injection-detector.js +323 -0
- package/dist/agents/108-sql-injection-detector.js.map +1 -0
- package/dist/agents/109-path-traversal-detector.d.ts +51 -0
- package/dist/agents/109-path-traversal-detector.d.ts.map +1 -0
- package/dist/agents/109-path-traversal-detector.js +244 -0
- package/dist/agents/109-path-traversal-detector.js.map +1 -0
- package/dist/agents/11-fixer.d.ts +4 -2
- package/dist/agents/11-fixer.d.ts.map +1 -1
- package/dist/agents/11-fixer.js +52 -11
- package/dist/agents/11-fixer.js.map +1 -1
- package/dist/agents/110-mass-assignment-detector.d.ts +52 -0
- package/dist/agents/110-mass-assignment-detector.d.ts.map +1 -0
- package/dist/agents/110-mass-assignment-detector.js +199 -0
- package/dist/agents/110-mass-assignment-detector.js.map +1 -0
- package/dist/agents/111-dynamic-eval-detector.d.ts +46 -0
- package/dist/agents/111-dynamic-eval-detector.d.ts.map +1 -0
- package/dist/agents/111-dynamic-eval-detector.js +233 -0
- package/dist/agents/111-dynamic-eval-detector.js.map +1 -0
- package/dist/agents/112-taint-tracker.d.ts +226 -0
- package/dist/agents/112-taint-tracker.d.ts.map +1 -0
- package/dist/agents/112-taint-tracker.js +1273 -0
- package/dist/agents/112-taint-tracker.js.map +1 -0
- package/dist/agents/113-response-contract-auditor.d.ts +92 -0
- package/dist/agents/113-response-contract-auditor.d.ts.map +1 -0
- package/dist/agents/113-response-contract-auditor.js +694 -0
- package/dist/agents/113-response-contract-auditor.js.map +1 -0
- package/dist/agents/114-static-a11y-auditor.d.ts +66 -0
- package/dist/agents/114-static-a11y-auditor.d.ts.map +1 -0
- package/dist/agents/114-static-a11y-auditor.js +377 -0
- package/dist/agents/114-static-a11y-auditor.js.map +1 -0
- package/dist/agents/115-multihop-taint-tracker.d.ts +84 -0
- package/dist/agents/115-multihop-taint-tracker.d.ts.map +1 -0
- package/dist/agents/115-multihop-taint-tracker.js +340 -0
- package/dist/agents/115-multihop-taint-tracker.js.map +1 -0
- package/dist/agents/116-runtime-contract-capture.d.ts +79 -0
- package/dist/agents/116-runtime-contract-capture.d.ts.map +1 -0
- package/dist/agents/116-runtime-contract-capture.js +274 -0
- package/dist/agents/116-runtime-contract-capture.js.map +1 -0
- package/dist/agents/117-aria-rule-engine.d.ts +52 -0
- package/dist/agents/117-aria-rule-engine.d.ts.map +1 -0
- package/dist/agents/117-aria-rule-engine.js +415 -0
- package/dist/agents/117-aria-rule-engine.js.map +1 -0
- package/dist/agents/118-insecure-crypto-auditor.d.ts +48 -0
- package/dist/agents/118-insecure-crypto-auditor.d.ts.map +1 -0
- package/dist/agents/118-insecure-crypto-auditor.js +232 -0
- package/dist/agents/118-insecure-crypto-auditor.js.map +1 -0
- package/dist/agents/119-secrets-scanner.d.ts +44 -0
- package/dist/agents/119-secrets-scanner.d.ts.map +1 -0
- package/dist/agents/119-secrets-scanner.js +242 -0
- package/dist/agents/119-secrets-scanner.js.map +1 -0
- package/dist/agents/12-ux-inspector.d.ts +2 -2
- package/dist/agents/12-ux-inspector.d.ts.map +1 -1
- package/dist/agents/12-ux-inspector.js +8 -4
- package/dist/agents/12-ux-inspector.js.map +1 -1
- package/dist/agents/120-async-safety-auditor.d.ts +48 -0
- package/dist/agents/120-async-safety-auditor.d.ts.map +1 -0
- package/dist/agents/120-async-safety-auditor.js +250 -0
- package/dist/agents/120-async-safety-auditor.js.map +1 -0
- package/dist/agents/13-performance-profiler.d.ts +2 -2
- package/dist/agents/13-performance-profiler.d.ts.map +1 -1
- package/dist/agents/13-performance-profiler.js +5 -4
- package/dist/agents/13-performance-profiler.js.map +1 -1
- package/dist/agents/14-data-integrity-auditor.d.ts +2 -2
- package/dist/agents/14-data-integrity-auditor.js +4 -4
- package/dist/agents/14-data-integrity-auditor.js.map +1 -1
- package/dist/agents/15-regression-sentinel.d.ts +6 -5
- package/dist/agents/15-regression-sentinel.d.ts.map +1 -1
- package/dist/agents/15-regression-sentinel.js +5 -4
- package/dist/agents/15-regression-sentinel.js.map +1 -1
- package/dist/agents/16-chaos-agent.d.ts +2 -2
- package/dist/agents/16-chaos-agent.d.ts.map +1 -1
- package/dist/agents/16-chaos-agent.js +11 -4
- package/dist/agents/16-chaos-agent.js.map +1 -1
- package/dist/agents/17-documentation-validator.d.ts +2 -2
- package/dist/agents/17-documentation-validator.d.ts.map +1 -1
- package/dist/agents/17-documentation-validator.js +5 -2
- package/dist/agents/17-documentation-validator.js.map +1 -1
- package/dist/agents/18-integration-watchdog.d.ts +2 -2
- package/dist/agents/18-integration-watchdog.d.ts.map +1 -1
- package/dist/agents/18-integration-watchdog.js +5 -2
- package/dist/agents/18-integration-watchdog.js.map +1 -1
- package/dist/agents/19-tenant-isolation-auditor.d.ts +2 -2
- package/dist/agents/19-tenant-isolation-auditor.js +4 -4
- package/dist/agents/19-tenant-isolation-auditor.js.map +1 -1
- package/dist/agents/20-workflow-completion-tester.d.ts +2 -2
- package/dist/agents/20-workflow-completion-tester.d.ts.map +1 -1
- package/dist/agents/20-workflow-completion-tester.js +10 -6
- package/dist/agents/20-workflow-completion-tester.js.map +1 -1
- package/dist/agents/21-state-session-tester.d.ts +2 -2
- package/dist/agents/21-state-session-tester.d.ts.map +1 -1
- package/dist/agents/21-state-session-tester.js +15 -5
- package/dist/agents/21-state-session-tester.js.map +1 -1
- package/dist/agents/22-email-notification-verifier.d.ts +2 -2
- package/dist/agents/22-email-notification-verifier.js +2 -2
- package/dist/agents/23-migration-tester.d.ts +2 -2
- package/dist/agents/23-migration-tester.js +1 -1
- package/dist/agents/24-signup-onboarding-tester.d.ts +2 -2
- package/dist/agents/24-signup-onboarding-tester.d.ts.map +1 -1
- package/dist/agents/24-signup-onboarding-tester.js +13 -10
- package/dist/agents/24-signup-onboarding-tester.js.map +1 -1
- package/dist/agents/25-crud-flow-tester.d.ts +2 -2
- package/dist/agents/25-crud-flow-tester.d.ts.map +1 -1
- package/dist/agents/25-crud-flow-tester.js +12 -6
- package/dist/agents/25-crud-flow-tester.js.map +1 -1
- package/dist/agents/26-form-validator.d.ts +2 -2
- package/dist/agents/26-form-validator.d.ts.map +1 -1
- package/dist/agents/26-form-validator.js +12 -6
- package/dist/agents/26-form-validator.js.map +1 -1
- package/dist/agents/27-search-filter-tester.d.ts +2 -2
- package/dist/agents/27-search-filter-tester.d.ts.map +1 -1
- package/dist/agents/27-search-filter-tester.js +12 -6
- package/dist/agents/27-search-filter-tester.js.map +1 -1
- package/dist/agents/28-navigation-routing-tester.d.ts +2 -2
- package/dist/agents/28-navigation-routing-tester.d.ts.map +1 -1
- package/dist/agents/28-navigation-routing-tester.js +12 -6
- package/dist/agents/28-navigation-routing-tester.js.map +1 -1
- package/dist/agents/29-responsive-interaction-tester.d.ts +2 -2
- package/dist/agents/29-responsive-interaction-tester.d.ts.map +1 -1
- package/dist/agents/29-responsive-interaction-tester.js +12 -6
- package/dist/agents/29-responsive-interaction-tester.js.map +1 -1
- package/dist/agents/30-multi-user-scenario-tester.d.ts +2 -2
- package/dist/agents/30-multi-user-scenario-tester.d.ts.map +1 -1
- package/dist/agents/30-multi-user-scenario-tester.js +20 -13
- package/dist/agents/30-multi-user-scenario-tester.js.map +1 -1
- package/dist/agents/31-load-tester.d.ts +2 -2
- package/dist/agents/31-load-tester.js +2 -2
- package/dist/agents/32-memory-leak-detector.d.ts +2 -2
- package/dist/agents/32-memory-leak-detector.d.ts.map +1 -1
- package/dist/agents/32-memory-leak-detector.js +5 -4
- package/dist/agents/32-memory-leak-detector.js.map +1 -1
- package/dist/agents/33-bundle-analyzer.d.ts +2 -2
- package/dist/agents/33-bundle-analyzer.js +1 -1
- package/dist/agents/34-xss-scanner.d.ts +2 -2
- package/dist/agents/34-xss-scanner.d.ts.map +1 -1
- package/dist/agents/34-xss-scanner.js +12 -6
- package/dist/agents/34-xss-scanner.js.map +1 -1
- package/dist/agents/35-csrf-tester.d.ts +2 -2
- package/dist/agents/35-csrf-tester.js +2 -2
- package/dist/agents/36-auth-fuzzer.d.ts +2 -2
- package/dist/agents/36-auth-fuzzer.js +2 -2
- package/dist/agents/37-dependency-scanner.d.ts +2 -2
- package/dist/agents/37-dependency-scanner.js +1 -1
- package/dist/agents/38-secrets-scanner.d.ts +2 -2
- package/dist/agents/38-secrets-scanner.d.ts.map +1 -1
- package/dist/agents/38-secrets-scanner.js +39 -4
- package/dist/agents/38-secrets-scanner.js.map +1 -1
- package/dist/agents/39-api-contract-tester.d.ts +2 -2
- package/dist/agents/39-api-contract-tester.js +2 -2
- package/dist/agents/40-rate-limit-tester.d.ts +2 -2
- package/dist/agents/40-rate-limit-tester.js +2 -2
- package/dist/agents/41-api-pagination-tester.d.ts +2 -2
- package/dist/agents/41-api-pagination-tester.js +2 -2
- package/dist/agents/42-graphql-tester.d.ts +2 -2
- package/dist/agents/42-graphql-tester.js +2 -2
- package/dist/agents/43-data-consistency-checker.d.ts +2 -2
- package/dist/agents/43-data-consistency-checker.js +3 -3
- package/dist/agents/44-backup-recovery-tester.d.ts +2 -2
- package/dist/agents/44-backup-recovery-tester.js +1 -1
- package/dist/agents/45-data-privacy-scanner.d.ts +2 -2
- package/dist/agents/45-data-privacy-scanner.js +3 -3
- package/dist/agents/46-seo-auditor.d.ts +2 -2
- package/dist/agents/46-seo-auditor.d.ts.map +1 -1
- package/dist/agents/46-seo-auditor.js +12 -6
- package/dist/agents/46-seo-auditor.js.map +1 -1
- package/dist/agents/47-social-preview-tester.d.ts +2 -2
- package/dist/agents/47-social-preview-tester.d.ts.map +1 -1
- package/dist/agents/47-social-preview-tester.js +12 -6
- package/dist/agents/47-social-preview-tester.js.map +1 -1
- package/dist/agents/48-lighthouse-auditor.d.ts +2 -2
- package/dist/agents/48-lighthouse-auditor.d.ts.map +1 -1
- package/dist/agents/48-lighthouse-auditor.js +5 -4
- package/dist/agents/48-lighthouse-auditor.js.map +1 -1
- package/dist/agents/49-i18n-tester.d.ts +2 -2
- package/dist/agents/49-i18n-tester.d.ts.map +1 -1
- package/dist/agents/49-i18n-tester.js +12 -6
- package/dist/agents/49-i18n-tester.js.map +1 -1
- package/dist/agents/50-timezone-tester.d.ts +2 -2
- package/dist/agents/50-timezone-tester.d.ts.map +1 -1
- package/dist/agents/50-timezone-tester.js +40 -33
- package/dist/agents/50-timezone-tester.js.map +1 -1
- package/dist/agents/51-error-recovery-tester.d.ts +2 -2
- package/dist/agents/51-error-recovery-tester.d.ts.map +1 -1
- package/dist/agents/51-error-recovery-tester.js +12 -7
- package/dist/agents/51-error-recovery-tester.js.map +1 -1
- package/dist/agents/52-offline-mode-tester.d.ts +2 -2
- package/dist/agents/52-offline-mode-tester.d.ts.map +1 -1
- package/dist/agents/52-offline-mode-tester.js +12 -7
- package/dist/agents/52-offline-mode-tester.js.map +1 -1
- package/dist/agents/53-graceful-degradation-tester.d.ts +2 -2
- package/dist/agents/53-graceful-degradation-tester.d.ts.map +1 -1
- package/dist/agents/53-graceful-degradation-tester.js +10 -3
- package/dist/agents/53-graceful-degradation-tester.js.map +1 -1
- package/dist/agents/54-websocket-tester.d.ts +2 -2
- package/dist/agents/54-websocket-tester.d.ts.map +1 -1
- package/dist/agents/54-websocket-tester.js +12 -6
- package/dist/agents/54-websocket-tester.js.map +1 -1
- package/dist/agents/55-realtime-sync-tester.d.ts +2 -2
- package/dist/agents/55-realtime-sync-tester.d.ts.map +1 -1
- package/dist/agents/55-realtime-sync-tester.js +101 -96
- package/dist/agents/55-realtime-sync-tester.js.map +1 -1
- package/dist/agents/56-file-upload-tester.d.ts +2 -2
- package/dist/agents/56-file-upload-tester.d.ts.map +1 -1
- package/dist/agents/56-file-upload-tester.js +17 -13
- package/dist/agents/56-file-upload-tester.js.map +1 -1
- package/dist/agents/57-export-tester.d.ts +2 -2
- package/dist/agents/57-export-tester.d.ts.map +1 -1
- package/dist/agents/57-export-tester.js +8 -4
- package/dist/agents/57-export-tester.js.map +1 -1
- package/dist/agents/58-payment-flow-tester.d.ts +2 -2
- package/dist/agents/58-payment-flow-tester.d.ts.map +1 -1
- package/dist/agents/58-payment-flow-tester.js +8 -4
- package/dist/agents/58-payment-flow-tester.js.map +1 -1
- package/dist/agents/59-ssl-tls-auditor.d.ts +2 -2
- package/dist/agents/59-ssl-tls-auditor.js +2 -2
- package/dist/agents/60-dns-cdn-tester.d.ts +2 -2
- package/dist/agents/60-dns-cdn-tester.js +2 -2
- package/dist/agents/61-docker-health-checker.d.ts +2 -2
- package/dist/agents/61-docker-health-checker.js +1 -1
- package/dist/agents/62-env-config-validator.d.ts +2 -2
- package/dist/agents/62-env-config-validator.js +1 -1
- package/dist/agents/63-log-quality-auditor.d.ts +2 -2
- package/dist/agents/63-log-quality-auditor.js +1 -1
- package/dist/agents/64-analytics-tracker-tester.d.ts +2 -2
- package/dist/agents/64-analytics-tracker-tester.d.ts.map +1 -1
- package/dist/agents/64-analytics-tracker-tester.js +8 -4
- package/dist/agents/64-analytics-tracker-tester.js.map +1 -1
- package/dist/agents/65-gdpr-compliance-tester.d.ts +2 -2
- package/dist/agents/65-gdpr-compliance-tester.d.ts.map +1 -1
- package/dist/agents/65-gdpr-compliance-tester.js +55 -40
- package/dist/agents/65-gdpr-compliance-tester.js.map +1 -1
- package/dist/agents/66-soc2-control-validator.d.ts +2 -2
- package/dist/agents/66-soc2-control-validator.d.ts.map +1 -1
- package/dist/agents/66-soc2-control-validator.js +29 -21
- package/dist/agents/66-soc2-control-validator.js.map +1 -1
- package/dist/agents/67-wcag-aaa-tester.d.ts +2 -2
- package/dist/agents/67-wcag-aaa-tester.d.ts.map +1 -1
- package/dist/agents/67-wcag-aaa-tester.js +12 -6
- package/dist/agents/67-wcag-aaa-tester.js.map +1 -1
- package/dist/agents/68-dead-code-detector.d.ts +2 -2
- package/dist/agents/68-dead-code-detector.d.ts.map +1 -1
- package/dist/agents/68-dead-code-detector.js +6 -3
- package/dist/agents/68-dead-code-detector.js.map +1 -1
- package/dist/agents/69-type-safety-auditor.d.ts +2 -2
- package/dist/agents/69-type-safety-auditor.js +1 -1
- package/dist/agents/70-complexity-analyzer.d.ts +2 -2
- package/dist/agents/70-complexity-analyzer.js +1 -1
- package/dist/agents/71-unit-testing-agent.d.ts +15 -0
- package/dist/agents/71-unit-testing-agent.d.ts.map +1 -0
- package/dist/agents/71-unit-testing-agent.js +220 -0
- package/dist/agents/71-unit-testing-agent.js.map +1 -0
- package/dist/agents/72-integration-testing-agent.d.ts +13 -0
- package/dist/agents/72-integration-testing-agent.d.ts.map +1 -0
- package/dist/agents/72-integration-testing-agent.js +243 -0
- package/dist/agents/72-integration-testing-agent.js.map +1 -0
- package/dist/agents/73-system-testing-agent.d.ts +11 -0
- package/dist/agents/73-system-testing-agent.d.ts.map +1 -0
- package/dist/agents/73-system-testing-agent.js +175 -0
- package/dist/agents/73-system-testing-agent.js.map +1 -0
- package/dist/agents/74-acceptance-testing-agent.d.ts +13 -0
- package/dist/agents/74-acceptance-testing-agent.d.ts.map +1 -0
- package/dist/agents/74-acceptance-testing-agent.js +254 -0
- package/dist/agents/74-acceptance-testing-agent.js.map +1 -0
- package/dist/agents/75-sanity-testing-agent.d.ts +15 -0
- package/dist/agents/75-sanity-testing-agent.d.ts.map +1 -0
- package/dist/agents/75-sanity-testing-agent.js +240 -0
- package/dist/agents/75-sanity-testing-agent.js.map +1 -0
- package/dist/agents/76-regression-testing-agent.d.ts +14 -0
- package/dist/agents/76-regression-testing-agent.d.ts.map +1 -0
- package/dist/agents/76-regression-testing-agent.js +230 -0
- package/dist/agents/76-regression-testing-agent.js.map +1 -0
- package/dist/agents/77-browser-load-testing-agent.d.ts +11 -0
- package/dist/agents/77-browser-load-testing-agent.d.ts.map +1 -0
- package/dist/agents/77-browser-load-testing-agent.js +128 -0
- package/dist/agents/77-browser-load-testing-agent.js.map +1 -0
- package/dist/agents/78-stress-testing-agent.d.ts +11 -0
- package/dist/agents/78-stress-testing-agent.d.ts.map +1 -0
- package/dist/agents/78-stress-testing-agent.js +146 -0
- package/dist/agents/78-stress-testing-agent.js.map +1 -0
- package/dist/agents/79-endurance-testing-agent.d.ts +12 -0
- package/dist/agents/79-endurance-testing-agent.d.ts.map +1 -0
- package/dist/agents/79-endurance-testing-agent.js +165 -0
- package/dist/agents/79-endurance-testing-agent.js.map +1 -0
- package/dist/agents/80-usability-testing-agent.d.ts +11 -0
- package/dist/agents/80-usability-testing-agent.d.ts.map +1 -0
- package/dist/agents/80-usability-testing-agent.js +196 -0
- package/dist/agents/80-usability-testing-agent.js.map +1 -0
- package/dist/agents/81-compatibility-testing-agent.d.ts +11 -0
- package/dist/agents/81-compatibility-testing-agent.d.ts.map +1 -0
- package/dist/agents/81-compatibility-testing-agent.js +224 -0
- package/dist/agents/81-compatibility-testing-agent.js.map +1 -0
- package/dist/agents/82-exploratory-testing-agent.d.ts +14 -0
- package/dist/agents/82-exploratory-testing-agent.d.ts.map +1 -0
- package/dist/agents/82-exploratory-testing-agent.js +345 -0
- package/dist/agents/82-exploratory-testing-agent.js.map +1 -0
- package/dist/agents/83-static-analysis-agent.d.ts +14 -0
- package/dist/agents/83-static-analysis-agent.d.ts.map +1 -0
- package/dist/agents/83-static-analysis-agent.js +261 -0
- package/dist/agents/83-static-analysis-agent.js.map +1 -0
- package/dist/agents/84-governance-testing-agent.d.ts +28 -0
- package/dist/agents/84-governance-testing-agent.d.ts.map +1 -0
- package/dist/agents/84-governance-testing-agent.js +591 -0
- package/dist/agents/84-governance-testing-agent.js.map +1 -0
- package/dist/agents/85-stagehand-agent.d.ts +22 -0
- package/dist/agents/85-stagehand-agent.d.ts.map +1 -0
- package/dist/agents/85-stagehand-agent.js +81 -0
- package/dist/agents/85-stagehand-agent.js.map +1 -0
- package/dist/agents/86-browser-use-agent.d.ts +31 -0
- package/dist/agents/86-browser-use-agent.d.ts.map +1 -0
- package/dist/agents/86-browser-use-agent.js +121 -0
- package/dist/agents/86-browser-use-agent.js.map +1 -0
- package/dist/agents/87-connection-mapper.d.ts +93 -0
- package/dist/agents/87-connection-mapper.d.ts.map +1 -0
- package/dist/agents/87-connection-mapper.js +658 -0
- package/dist/agents/87-connection-mapper.js.map +1 -0
- package/dist/agents/88-localhost-walkthrough.d.ts +272 -0
- package/dist/agents/88-localhost-walkthrough.d.ts.map +1 -0
- package/dist/agents/88-localhost-walkthrough.js +1203 -0
- package/dist/agents/88-localhost-walkthrough.js.map +1 -0
- package/dist/agents/89-repair-retest.d.ts +63 -0
- package/dist/agents/89-repair-retest.d.ts.map +1 -0
- package/dist/agents/89-repair-retest.js +227 -0
- package/dist/agents/89-repair-retest.js.map +1 -0
- package/dist/agents/90-response-shape-validator.d.ts +35 -0
- package/dist/agents/90-response-shape-validator.d.ts.map +1 -0
- package/dist/agents/90-response-shape-validator.js +156 -0
- package/dist/agents/90-response-shape-validator.js.map +1 -0
- package/dist/agents/91-boundary-fuzzer.d.ts +99 -0
- package/dist/agents/91-boundary-fuzzer.d.ts.map +1 -0
- package/dist/agents/91-boundary-fuzzer.js +0 -0
- package/dist/agents/91-boundary-fuzzer.js.map +1 -0
- package/dist/agents/92-repair-simulator.d.ts +89 -0
- package/dist/agents/92-repair-simulator.d.ts.map +1 -0
- package/dist/agents/92-repair-simulator.js +401 -0
- package/dist/agents/92-repair-simulator.js.map +1 -0
- package/dist/agents/93-env-var-auditor.d.ts +64 -0
- package/dist/agents/93-env-var-auditor.d.ts.map +1 -0
- package/dist/agents/93-env-var-auditor.js +435 -0
- package/dist/agents/93-env-var-auditor.js.map +1 -0
- package/dist/agents/94-schema-validator.d.ts +148 -0
- package/dist/agents/94-schema-validator.d.ts.map +1 -0
- package/dist/agents/94-schema-validator.js +567 -0
- package/dist/agents/94-schema-validator.js.map +1 -0
- package/dist/agents/95-contract-drift.d.ts +87 -0
- package/dist/agents/95-contract-drift.d.ts.map +1 -0
- package/dist/agents/95-contract-drift.js +335 -0
- package/dist/agents/95-contract-drift.js.map +1 -0
- package/dist/agents/96-cookie-security-auditor.d.ts +86 -0
- package/dist/agents/96-cookie-security-auditor.d.ts.map +1 -0
- package/dist/agents/96-cookie-security-auditor.js +339 -0
- package/dist/agents/96-cookie-security-auditor.js.map +1 -0
- package/dist/agents/97-healthcheck-validator.d.ts +62 -0
- package/dist/agents/97-healthcheck-validator.d.ts.map +1 -0
- package/dist/agents/97-healthcheck-validator.js +204 -0
- package/dist/agents/97-healthcheck-validator.js.map +1 -0
- package/dist/agents/98-cors-csp-auditor.d.ts +70 -0
- package/dist/agents/98-cors-csp-auditor.d.ts.map +1 -0
- package/dist/agents/98-cors-csp-auditor.js +308 -0
- package/dist/agents/98-cors-csp-auditor.js.map +1 -0
- package/dist/agents/99-logging-hygiene-auditor.d.ts +67 -0
- package/dist/agents/99-logging-hygiene-auditor.d.ts.map +1 -0
- package/dist/agents/99-logging-hygiene-auditor.js +325 -0
- package/dist/agents/99-logging-hygiene-auditor.js.map +1 -0
- package/dist/agents/base-agent.d.ts +74 -4
- package/dist/agents/base-agent.d.ts.map +1 -1
- package/dist/agents/base-agent.js +106 -1
- package/dist/agents/base-agent.js.map +1 -1
- package/dist/agents/browser-use-client.d.ts +68 -0
- package/dist/agents/browser-use-client.d.ts.map +1 -0
- package/dist/agents/browser-use-client.js +92 -0
- package/dist/agents/browser-use-client.js.map +1 -0
- package/dist/agents/lib/source-scan.d.ts +53 -0
- package/dist/agents/lib/source-scan.d.ts.map +1 -0
- package/dist/agents/lib/source-scan.js +279 -0
- package/dist/agents/lib/source-scan.js.map +1 -0
- package/dist/agents/registry.d.ts +27 -9
- package/dist/agents/registry.d.ts.map +1 -1
- package/dist/agents/registry.js +365 -151
- package/dist/agents/registry.js.map +1 -1
- package/dist/agents/stagehand-runner.d.ts +104 -0
- package/dist/agents/stagehand-runner.d.ts.map +1 -0
- package/dist/agents/stagehand-runner.js +153 -0
- package/dist/agents/stagehand-runner.js.map +1 -0
- package/dist/bridge/agent-registry.d.ts +21 -0
- package/dist/bridge/agent-registry.d.ts.map +1 -0
- package/dist/bridge/agent-registry.js +224 -0
- package/dist/bridge/agent-registry.js.map +1 -0
- package/dist/bridge/api-contract-reader.d.ts +55 -0
- package/dist/bridge/api-contract-reader.d.ts.map +1 -0
- package/dist/bridge/api-contract-reader.js +103 -0
- package/dist/bridge/api-contract-reader.js.map +1 -0
- package/dist/bridge/compliance-reader.d.ts +47 -0
- package/dist/bridge/compliance-reader.d.ts.map +1 -0
- package/dist/bridge/compliance-reader.js +91 -0
- package/dist/bridge/compliance-reader.js.map +1 -0
- package/dist/bridge/data-integrity-reader.d.ts +77 -0
- package/dist/bridge/data-integrity-reader.d.ts.map +1 -0
- package/dist/bridge/data-integrity-reader.js +110 -0
- package/dist/bridge/data-integrity-reader.js.map +1 -0
- package/dist/bridge/design-reader.d.ts +51 -0
- package/dist/bridge/design-reader.d.ts.map +1 -0
- package/dist/bridge/design-reader.js +105 -0
- package/dist/bridge/design-reader.js.map +1 -0
- package/dist/bridge/file-scanner.d.ts +21 -0
- package/dist/bridge/file-scanner.d.ts.map +1 -0
- package/dist/bridge/file-scanner.js +117 -0
- package/dist/bridge/file-scanner.js.map +1 -0
- package/dist/bridge/finding-normalize.d.ts +24 -0
- package/dist/bridge/finding-normalize.d.ts.map +1 -0
- package/dist/bridge/finding-normalize.js +46 -0
- package/dist/bridge/finding-normalize.js.map +1 -0
- package/dist/bridge/http-client.d.ts +44 -0
- package/dist/bridge/http-client.d.ts.map +1 -0
- package/dist/bridge/http-client.js +130 -0
- package/dist/bridge/http-client.js.map +1 -0
- package/dist/bridge/knowledge-reader.d.ts +10 -0
- package/dist/bridge/knowledge-reader.d.ts.map +1 -0
- package/dist/bridge/knowledge-reader.js +46 -0
- package/dist/bridge/knowledge-reader.js.map +1 -0
- package/dist/bridge/loop-engine-reader.d.ts +77 -0
- package/dist/bridge/loop-engine-reader.d.ts.map +1 -0
- package/dist/bridge/loop-engine-reader.js +73 -0
- package/dist/bridge/loop-engine-reader.js.map +1 -0
- package/dist/bridge/playwright-pool.d.ts +33 -0
- package/dist/bridge/playwright-pool.d.ts.map +1 -0
- package/dist/bridge/playwright-pool.js +89 -0
- package/dist/bridge/playwright-pool.js.map +1 -0
- package/dist/bridge/rate-limiter.d.ts +40 -0
- package/dist/bridge/rate-limiter.d.ts.map +1 -0
- package/dist/bridge/rate-limiter.js +33 -0
- package/dist/bridge/rate-limiter.js.map +1 -0
- package/dist/bridge/reliability-reader.d.ts +67 -0
- package/dist/bridge/reliability-reader.d.ts.map +1 -0
- package/dist/bridge/reliability-reader.js +146 -0
- package/dist/bridge/reliability-reader.js.map +1 -0
- package/dist/bridge/router.d.ts +26 -0
- package/dist/bridge/router.d.ts.map +1 -0
- package/dist/bridge/router.js +137 -0
- package/dist/bridge/router.js.map +1 -0
- package/dist/bridge/run-stream.d.ts +47 -0
- package/dist/bridge/run-stream.d.ts.map +1 -0
- package/dist/bridge/run-stream.js +67 -0
- package/dist/bridge/run-stream.js.map +1 -0
- package/dist/bridge/runs-reader.d.ts +41 -0
- package/dist/bridge/runs-reader.d.ts.map +1 -0
- package/dist/bridge/runs-reader.js +185 -0
- package/dist/bridge/runs-reader.js.map +1 -0
- package/dist/bridge/sentinel-reader.d.ts +55 -0
- package/dist/bridge/sentinel-reader.d.ts.map +1 -0
- package/dist/bridge/sentinel-reader.js +88 -0
- package/dist/bridge/sentinel-reader.js.map +1 -0
- package/dist/bridge/server.d.ts +83 -0
- package/dist/bridge/server.d.ts.map +1 -0
- package/dist/bridge/server.js +1103 -0
- package/dist/bridge/server.js.map +1 -0
- package/dist/bridge/shell-executor.d.ts +49 -0
- package/dist/bridge/shell-executor.d.ts.map +1 -0
- package/dist/bridge/shell-executor.js +181 -0
- package/dist/bridge/shell-executor.js.map +1 -0
- package/dist/bridge/tech-debt-reader.d.ts +57 -0
- package/dist/bridge/tech-debt-reader.d.ts.map +1 -0
- package/dist/bridge/tech-debt-reader.js +119 -0
- package/dist/bridge/tech-debt-reader.js.map +1 -0
- package/dist/bridge/types.d.ts +63 -0
- package/dist/bridge/types.d.ts.map +1 -0
- package/dist/bridge/types.js +7 -0
- package/dist/bridge/types.js.map +1 -0
- package/dist/clients/agent-mvp.d.ts +3 -1
- package/dist/clients/agent-mvp.d.ts.map +1 -1
- package/dist/clients/agent-mvp.js +16 -5
- package/dist/clients/agent-mvp.js.map +1 -1
- package/dist/clients/llm-council.d.ts +47 -0
- package/dist/clients/llm-council.d.ts.map +1 -0
- package/dist/clients/llm-council.js +52 -0
- package/dist/clients/llm-council.js.map +1 -0
- package/dist/clients/total-recall.d.ts +2 -2
- package/dist/clients/total-recall.d.ts.map +1 -1
- package/dist/clients/total-recall.js +18 -3
- package/dist/clients/total-recall.js.map +1 -1
- package/dist/core/agent-contract.d.ts +21 -0
- package/dist/core/agent-contract.d.ts.map +1 -0
- package/dist/core/agent-contract.js +18 -0
- package/dist/core/agent-contract.js.map +1 -0
- package/dist/core/api-contract/api-contract-validator.d.ts +178 -0
- package/dist/core/api-contract/api-contract-validator.d.ts.map +1 -0
- package/dist/core/api-contract/api-contract-validator.js +796 -0
- package/dist/core/api-contract/api-contract-validator.js.map +1 -0
- package/dist/core/api-contract/index.d.ts +16 -0
- package/dist/core/api-contract/index.d.ts.map +1 -0
- package/dist/core/api-contract/index.js +24 -0
- package/dist/core/api-contract/index.js.map +1 -0
- package/dist/core/api-contract/types.d.ts +235 -0
- package/dist/core/api-contract/types.d.ts.map +1 -0
- package/dist/core/api-contract/types.js +27 -0
- package/dist/core/api-contract/types.js.map +1 -0
- package/dist/core/blackboard/blackboard.d.ts +34 -0
- package/dist/core/blackboard/blackboard.d.ts.map +1 -0
- package/dist/core/blackboard/blackboard.js +133 -0
- package/dist/core/blackboard/blackboard.js.map +1 -0
- package/dist/core/blackboard/coordination.d.ts +27 -0
- package/dist/core/blackboard/coordination.d.ts.map +1 -0
- package/dist/core/blackboard/coordination.js +31 -0
- package/dist/core/blackboard/coordination.js.map +1 -0
- package/dist/core/blackboard/direct-channel.d.ts +26 -0
- package/dist/core/blackboard/direct-channel.d.ts.map +1 -0
- package/dist/core/blackboard/direct-channel.js +26 -0
- package/dist/core/blackboard/direct-channel.js.map +1 -0
- package/dist/core/blackboard/index.d.ts +10 -0
- package/dist/core/blackboard/index.d.ts.map +1 -0
- package/dist/core/blackboard/index.js +4 -0
- package/dist/core/blackboard/index.js.map +1 -0
- package/dist/core/blackboard/types.d.ts +36 -0
- package/dist/core/blackboard/types.d.ts.map +1 -0
- package/dist/core/blackboard/types.js +2 -0
- package/dist/core/blackboard/types.js.map +1 -0
- package/dist/core/canvas/schema.d.ts +81 -0
- package/dist/core/canvas/schema.d.ts.map +1 -0
- package/dist/core/canvas/schema.js +144 -0
- package/dist/core/canvas/schema.js.map +1 -0
- package/dist/core/canvas/store.d.ts +41 -0
- package/dist/core/canvas/store.d.ts.map +1 -0
- package/dist/core/canvas/store.js +121 -0
- package/dist/core/canvas/store.js.map +1 -0
- package/dist/core/ci-output.d.ts +1 -1
- package/dist/core/ci-output.d.ts.map +1 -1
- package/dist/core/ci-output.js +2 -0
- package/dist/core/ci-output.js.map +1 -1
- package/dist/core/cli.d.ts +12 -1
- package/dist/core/cli.d.ts.map +1 -1
- package/dist/core/cli.js +308 -43
- package/dist/core/cli.js.map +1 -1
- package/dist/core/compliance/auditor.d.ts +119 -0
- package/dist/core/compliance/auditor.d.ts.map +1 -0
- package/dist/core/compliance/auditor.js +577 -0
- package/dist/core/compliance/auditor.js.map +1 -0
- package/dist/core/compliance/index.d.ts +11 -0
- package/dist/core/compliance/index.d.ts.map +1 -0
- package/dist/core/compliance/index.js +10 -0
- package/dist/core/compliance/index.js.map +1 -0
- package/dist/core/compliance/types.d.ts +174 -0
- package/dist/core/compliance/types.d.ts.map +1 -0
- package/dist/core/compliance/types.js +12 -0
- package/dist/core/compliance/types.js.map +1 -0
- package/dist/core/conductor/conductor.d.ts +37 -0
- package/dist/core/conductor/conductor.d.ts.map +1 -0
- package/dist/core/conductor/conductor.js +96 -0
- package/dist/core/conductor/conductor.js.map +1 -0
- package/dist/core/conductor/index.d.ts +9 -0
- package/dist/core/conductor/index.d.ts.map +1 -0
- package/dist/core/conductor/index.js +3 -0
- package/dist/core/conductor/index.js.map +1 -0
- package/dist/core/conductor/model-router.d.ts +17 -0
- package/dist/core/conductor/model-router.d.ts.map +1 -0
- package/dist/core/conductor/model-router.js +29 -0
- package/dist/core/conductor/model-router.js.map +1 -0
- package/dist/core/conductor/types.d.ts +33 -0
- package/dist/core/conductor/types.d.ts.map +1 -0
- package/dist/core/conductor/types.js +2 -0
- package/dist/core/conductor/types.js.map +1 -0
- package/dist/core/config.d.ts +148 -1
- package/dist/core/config.d.ts.map +1 -1
- package/dist/core/config.js +53 -4
- package/dist/core/config.js.map +1 -1
- package/dist/core/data-integrity/data-integrity.d.ts +291 -0
- package/dist/core/data-integrity/data-integrity.d.ts.map +1 -0
- package/dist/core/data-integrity/data-integrity.js +892 -0
- package/dist/core/data-integrity/data-integrity.js.map +1 -0
- package/dist/core/data-integrity/index.d.ts +16 -0
- package/dist/core/data-integrity/index.d.ts.map +1 -0
- package/dist/core/data-integrity/index.js +17 -0
- package/dist/core/data-integrity/index.js.map +1 -0
- package/dist/core/data-integrity/types.d.ts +236 -0
- package/dist/core/data-integrity/types.d.ts.map +1 -0
- package/dist/core/data-integrity/types.js +14 -0
- package/dist/core/data-integrity/types.js.map +1 -0
- package/dist/core/disaster-recovery/index.d.ts +13 -0
- package/dist/core/disaster-recovery/index.d.ts.map +1 -0
- package/dist/core/disaster-recovery/index.js +3 -0
- package/dist/core/disaster-recovery/index.js.map +1 -0
- package/dist/core/disaster-recovery/simulator.d.ts +158 -0
- package/dist/core/disaster-recovery/simulator.d.ts.map +1 -0
- package/dist/core/disaster-recovery/simulator.js +553 -0
- package/dist/core/disaster-recovery/simulator.js.map +1 -0
- package/dist/core/disaster-recovery/types.d.ts +299 -0
- package/dist/core/disaster-recovery/types.d.ts.map +1 -0
- package/dist/core/disaster-recovery/types.js +33 -0
- package/dist/core/disaster-recovery/types.js.map +1 -0
- package/dist/core/escalation/heal-or-ask.d.ts +20 -0
- package/dist/core/escalation/heal-or-ask.d.ts.map +1 -0
- package/dist/core/escalation/heal-or-ask.js +19 -0
- package/dist/core/escalation/heal-or-ask.js.map +1 -0
- package/dist/core/escalation/index.d.ts +9 -0
- package/dist/core/escalation/index.d.ts.map +1 -0
- package/dist/core/escalation/index.js +3 -0
- package/dist/core/escalation/index.js.map +1 -0
- package/dist/core/escalation/pause-gate.d.ts +48 -0
- package/dist/core/escalation/pause-gate.d.ts.map +1 -0
- package/dist/core/escalation/pause-gate.js +96 -0
- package/dist/core/escalation/pause-gate.js.map +1 -0
- package/dist/core/escalation/types.d.ts +33 -0
- package/dist/core/escalation/types.d.ts.map +1 -0
- package/dist/core/escalation/types.js +9 -0
- package/dist/core/escalation/types.js.map +1 -0
- package/dist/core/evidence.d.ts +32 -1
- package/dist/core/evidence.d.ts.map +1 -1
- package/dist/core/evidence.js +99 -1
- package/dist/core/evidence.js.map +1 -1
- package/dist/core/feature-bdd/fix.d.ts +84 -0
- package/dist/core/feature-bdd/fix.d.ts.map +1 -0
- package/dist/core/feature-bdd/fix.js +121 -0
- package/dist/core/feature-bdd/fix.js.map +1 -0
- package/dist/core/feature-bdd/generate.d.ts +96 -0
- package/dist/core/feature-bdd/generate.d.ts.map +1 -0
- package/dist/core/feature-bdd/generate.js +228 -0
- package/dist/core/feature-bdd/generate.js.map +1 -0
- package/dist/core/feature-bdd/llm-provider.d.ts +92 -0
- package/dist/core/feature-bdd/llm-provider.d.ts.map +1 -0
- package/dist/core/feature-bdd/llm-provider.js +187 -0
- package/dist/core/feature-bdd/llm-provider.js.map +1 -0
- package/dist/core/feature-bdd/run.d.ts +56 -0
- package/dist/core/feature-bdd/run.d.ts.map +1 -0
- package/dist/core/feature-bdd/run.js +175 -0
- package/dist/core/feature-bdd/run.js.map +1 -0
- package/dist/core/feature-bdd/schema.d.ts +111 -0
- package/dist/core/feature-bdd/schema.d.ts.map +1 -0
- package/dist/core/feature-bdd/schema.js +272 -0
- package/dist/core/feature-bdd/schema.js.map +1 -0
- package/dist/core/feature-bdd/store.d.ts +145 -0
- package/dist/core/feature-bdd/store.d.ts.map +1 -0
- package/dist/core/feature-bdd/store.js +470 -0
- package/dist/core/feature-bdd/store.js.map +1 -0
- package/dist/core/finding-correlation.d.ts +55 -0
- package/dist/core/finding-correlation.d.ts.map +1 -0
- package/dist/core/finding-correlation.js +96 -0
- package/dist/core/finding-correlation.js.map +1 -0
- package/dist/core/fix-loop.d.ts +20 -1
- package/dist/core/fix-loop.d.ts.map +1 -1
- package/dist/core/fix-loop.js +34 -0
- package/dist/core/fix-loop.js.map +1 -1
- package/dist/core/governance/calibration.d.ts +31 -0
- package/dist/core/governance/calibration.d.ts.map +1 -0
- package/dist/core/governance/calibration.js +78 -0
- package/dist/core/governance/calibration.js.map +1 -0
- package/dist/core/governance/degradation.d.ts +35 -0
- package/dist/core/governance/degradation.d.ts.map +1 -0
- package/dist/core/governance/degradation.js +25 -0
- package/dist/core/governance/degradation.js.map +1 -0
- package/dist/core/governance/ethical-constraint.d.ts +55 -0
- package/dist/core/governance/ethical-constraint.d.ts.map +1 -0
- package/dist/core/governance/ethical-constraint.js +98 -0
- package/dist/core/governance/ethical-constraint.js.map +1 -0
- package/dist/core/governance/index.d.ts +9 -0
- package/dist/core/governance/index.d.ts.map +1 -0
- package/dist/core/governance/index.js +9 -0
- package/dist/core/governance/index.js.map +1 -0
- package/dist/core/harness/audit-log.d.ts +12 -0
- package/dist/core/harness/audit-log.d.ts.map +1 -0
- package/dist/core/harness/audit-log.js +62 -0
- package/dist/core/harness/audit-log.js.map +1 -0
- package/dist/core/harness/authorization.d.ts +24 -0
- package/dist/core/harness/authorization.d.ts.map +1 -0
- package/dist/core/harness/authorization.js +48 -0
- package/dist/core/harness/authorization.js.map +1 -0
- package/dist/core/harness/harness.d.ts +64 -0
- package/dist/core/harness/harness.d.ts.map +1 -0
- package/dist/core/harness/harness.js +188 -0
- package/dist/core/harness/harness.js.map +1 -0
- package/dist/core/harness/index.d.ts +10 -0
- package/dist/core/harness/index.d.ts.map +1 -0
- package/dist/core/harness/index.js +4 -0
- package/dist/core/harness/index.js.map +1 -0
- package/dist/core/harness/types.d.ts +88 -0
- package/dist/core/harness/types.d.ts.map +1 -0
- package/dist/core/harness/types.js +2 -0
- package/dist/core/harness/types.js.map +1 -0
- package/dist/core/health-check.d.ts +6 -0
- package/dist/core/health-check.d.ts.map +1 -1
- package/dist/core/health-check.js +14 -2
- package/dist/core/health-check.js.map +1 -1
- package/dist/core/init.d.ts.map +1 -1
- package/dist/core/init.js +58 -18
- package/dist/core/init.js.map +1 -1
- package/dist/core/knowledge/cached-map.d.ts +17 -0
- package/dist/core/knowledge/cached-map.d.ts.map +1 -0
- package/dist/core/knowledge/cached-map.js +23 -0
- package/dist/core/knowledge/cached-map.js.map +1 -0
- package/dist/core/knowledge/index.d.ts +10 -0
- package/dist/core/knowledge/index.d.ts.map +1 -0
- package/dist/core/knowledge/index.js +4 -0
- package/dist/core/knowledge/index.js.map +1 -0
- package/dist/core/knowledge/system-map.d.ts +50 -0
- package/dist/core/knowledge/system-map.d.ts.map +1 -0
- package/dist/core/knowledge/system-map.js +121 -0
- package/dist/core/knowledge/system-map.js.map +1 -0
- package/dist/core/knowledge/traversal.d.ts +12 -0
- package/dist/core/knowledge/traversal.d.ts.map +1 -0
- package/dist/core/knowledge/traversal.js +37 -0
- package/dist/core/knowledge/traversal.js.map +1 -0
- package/dist/core/knowledge/types.d.ts +41 -0
- package/dist/core/knowledge/types.d.ts.map +1 -0
- package/dist/core/knowledge/types.js +2 -0
- package/dist/core/knowledge/types.js.map +1 -0
- package/dist/core/license-gen.d.ts +1 -1
- package/dist/core/license-gen.d.ts.map +1 -1
- package/dist/core/license-gen.js +10 -5
- package/dist/core/license-gen.js.map +1 -1
- package/dist/core/license.d.ts +12 -2
- package/dist/core/license.d.ts.map +1 -1
- package/dist/core/license.js +104 -28
- package/dist/core/license.js.map +1 -1
- package/dist/core/loop-engine/circuit-breaker.d.ts +24 -0
- package/dist/core/loop-engine/circuit-breaker.d.ts.map +1 -0
- package/dist/core/loop-engine/circuit-breaker.js +48 -0
- package/dist/core/loop-engine/circuit-breaker.js.map +1 -0
- package/dist/core/loop-engine/demo.d.ts +35 -0
- package/dist/core/loop-engine/demo.d.ts.map +1 -0
- package/dist/core/loop-engine/demo.js +71 -0
- package/dist/core/loop-engine/demo.js.map +1 -0
- package/dist/core/loop-engine/event-store.d.ts +8 -0
- package/dist/core/loop-engine/event-store.d.ts.map +1 -0
- package/dist/core/loop-engine/event-store.js +9 -0
- package/dist/core/loop-engine/event-store.js.map +1 -0
- package/dist/core/loop-engine/index.d.ts +11 -0
- package/dist/core/loop-engine/index.d.ts.map +1 -0
- package/dist/core/loop-engine/index.js +11 -0
- package/dist/core/loop-engine/index.js.map +1 -0
- package/dist/core/loop-engine/kernel.d.ts +66 -0
- package/dist/core/loop-engine/kernel.d.ts.map +1 -0
- package/dist/core/loop-engine/kernel.js +196 -0
- package/dist/core/loop-engine/kernel.js.map +1 -0
- package/dist/core/loop-engine/tracing.d.ts +12 -0
- package/dist/core/loop-engine/tracing.d.ts.map +1 -0
- package/dist/core/loop-engine/tracing.js +15 -0
- package/dist/core/loop-engine/tracing.js.map +1 -0
- package/dist/core/loop-engine/types.d.ts +92 -0
- package/dist/core/loop-engine/types.d.ts.map +1 -0
- package/dist/core/loop-engine/types.js +21 -0
- package/dist/core/loop-engine/types.js.map +1 -0
- package/dist/core/messages.d.ts +1 -1
- package/dist/core/messages.d.ts.map +1 -1
- package/dist/core/messages.js +101 -1
- package/dist/core/messages.js.map +1 -1
- package/dist/core/orchestrator.d.ts +79 -8
- package/dist/core/orchestrator.d.ts.map +1 -1
- package/dist/core/orchestrator.js +340 -33
- package/dist/core/orchestrator.js.map +1 -1
- package/dist/core/phase-gate.d.ts +2 -2
- package/dist/core/quality-score/calculator.d.ts +125 -0
- package/dist/core/quality-score/calculator.d.ts.map +1 -0
- package/dist/core/quality-score/calculator.js +489 -0
- package/dist/core/quality-score/calculator.js.map +1 -0
- package/dist/core/quality-score/from-run.d.ts +27 -0
- package/dist/core/quality-score/from-run.d.ts.map +1 -0
- package/dist/core/quality-score/from-run.js +64 -0
- package/dist/core/quality-score/from-run.js.map +1 -0
- package/dist/core/quality-score/index.d.ts +9 -0
- package/dist/core/quality-score/index.d.ts.map +1 -0
- package/dist/core/quality-score/index.js +9 -0
- package/dist/core/quality-score/index.js.map +1 -0
- package/dist/core/quality-score/types.d.ts +225 -0
- package/dist/core/quality-score/types.d.ts.map +1 -0
- package/dist/core/quality-score/types.js +26 -0
- package/dist/core/quality-score/types.js.map +1 -0
- package/dist/core/report-html-script.d.ts +3 -0
- package/dist/core/report-html-script.d.ts.map +1 -0
- package/dist/core/report-html-script.js +47 -0
- package/dist/core/report-html-script.js.map +1 -0
- package/dist/core/report-html-styles.d.ts +3 -0
- package/dist/core/report-html-styles.d.ts.map +1 -0
- package/dist/core/report-html-styles.js +231 -0
- package/dist/core/report-html-styles.js.map +1 -0
- package/dist/core/report-html.d.ts +1 -1
- package/dist/core/report-html.d.ts.map +1 -1
- package/dist/core/report-html.js +5 -280
- package/dist/core/report-html.js.map +1 -1
- package/dist/core/report-upload.d.ts +8 -0
- package/dist/core/report-upload.d.ts.map +1 -1
- package/dist/core/report-upload.js +17 -4
- package/dist/core/report-upload.js.map +1 -1
- package/dist/core/run-counter.d.ts.map +1 -1
- package/dist/core/run-counter.js +25 -1
- package/dist/core/run-counter.js.map +1 -1
- package/dist/core/run-events/emitter.d.ts +112 -0
- package/dist/core/run-events/emitter.d.ts.map +1 -0
- package/dist/core/run-events/emitter.js +234 -0
- package/dist/core/run-events/emitter.js.map +1 -0
- package/dist/core/run-events/frame-sink.d.ts +24 -0
- package/dist/core/run-events/frame-sink.d.ts.map +1 -0
- package/dist/core/run-events/frame-sink.js +32 -0
- package/dist/core/run-events/frame-sink.js.map +1 -0
- package/dist/core/run-events/index.d.ts +7 -0
- package/dist/core/run-events/index.d.ts.map +1 -0
- package/dist/core/run-events/index.js +5 -0
- package/dist/core/run-events/index.js.map +1 -0
- package/dist/core/run-events/loop-event-sink.d.ts +56 -0
- package/dist/core/run-events/loop-event-sink.d.ts.map +1 -0
- package/dist/core/run-events/loop-event-sink.js +60 -0
- package/dist/core/run-events/loop-event-sink.js.map +1 -0
- package/dist/core/run-events/sse.d.ts +47 -0
- package/dist/core/run-events/sse.d.ts.map +1 -0
- package/dist/core/run-events/sse.js +64 -0
- package/dist/core/run-events/sse.js.map +1 -0
- package/dist/core/run-events/types.d.ts +147 -0
- package/dist/core/run-events/types.d.ts.map +1 -0
- package/dist/core/run-events/types.js +17 -0
- package/dist/core/run-events/types.js.map +1 -0
- package/dist/core/run-mode/capture.d.ts +37 -0
- package/dist/core/run-mode/capture.d.ts.map +1 -0
- package/dist/core/run-mode/capture.js +43 -0
- package/dist/core/run-mode/capture.js.map +1 -0
- package/dist/core/run-mode/index.d.ts +9 -0
- package/dist/core/run-mode/index.d.ts.map +1 -0
- package/dist/core/run-mode/index.js +3 -0
- package/dist/core/run-mode/index.js.map +1 -0
- package/dist/core/run-mode/run-mode.d.ts +35 -0
- package/dist/core/run-mode/run-mode.d.ts.map +1 -0
- package/dist/core/run-mode/run-mode.js +51 -0
- package/dist/core/run-mode/run-mode.js.map +1 -0
- package/dist/core/run-mode/types.d.ts +36 -0
- package/dist/core/run-mode/types.d.ts.map +1 -0
- package/dist/core/run-mode/types.js +15 -0
- package/dist/core/run-mode/types.js.map +1 -0
- package/dist/core/run-quota.d.ts +22 -0
- package/dist/core/run-quota.d.ts.map +1 -0
- package/dist/core/run-quota.js +44 -0
- package/dist/core/run-quota.js.map +1 -0
- package/dist/core/security-audit/index.d.ts +9 -0
- package/dist/core/security-audit/index.d.ts.map +1 -0
- package/dist/core/security-audit/index.js +10 -0
- package/dist/core/security-audit/index.js.map +1 -0
- package/dist/core/security-audit/sentinel.d.ts +196 -0
- package/dist/core/security-audit/sentinel.d.ts.map +1 -0
- package/dist/core/security-audit/sentinel.js +725 -0
- package/dist/core/security-audit/sentinel.js.map +1 -0
- package/dist/core/security-audit/types.d.ts +240 -0
- package/dist/core/security-audit/types.d.ts.map +1 -0
- package/dist/core/security-audit/types.js +42 -0
- package/dist/core/security-audit/types.js.map +1 -0
- package/dist/core/tech-debt/index.d.ts +11 -0
- package/dist/core/tech-debt/index.d.ts.map +1 -0
- package/dist/core/tech-debt/index.js +11 -0
- package/dist/core/tech-debt/index.js.map +1 -0
- package/dist/core/tech-debt/tech-debt-tracker.d.ts +46 -0
- package/dist/core/tech-debt/tech-debt-tracker.d.ts.map +1 -0
- package/dist/core/tech-debt/tech-debt-tracker.js +533 -0
- package/dist/core/tech-debt/tech-debt-tracker.js.map +1 -0
- package/dist/core/tech-debt/types.d.ts +263 -0
- package/dist/core/tech-debt/types.d.ts.map +1 -0
- package/dist/core/tech-debt/types.js +2 -0
- package/dist/core/tech-debt/types.js.map +1 -0
- package/dist/core/tester/diff-planner.d.ts +18 -0
- package/dist/core/tester/diff-planner.d.ts.map +1 -0
- package/dist/core/tester/diff-planner.js +37 -0
- package/dist/core/tester/diff-planner.js.map +1 -0
- package/dist/core/tester/honest-report.d.ts +13 -0
- package/dist/core/tester/honest-report.d.ts.map +1 -0
- package/dist/core/tester/honest-report.js +64 -0
- package/dist/core/tester/honest-report.js.map +1 -0
- package/dist/core/tester/index.d.ts +9 -0
- package/dist/core/tester/index.d.ts.map +1 -0
- package/dist/core/tester/index.js +3 -0
- package/dist/core/tester/index.js.map +1 -0
- package/dist/core/tester/types.d.ts +55 -0
- package/dist/core/tester/types.d.ts.map +1 -0
- package/dist/core/tester/types.js +8 -0
- package/dist/core/tester/types.js.map +1 -0
- package/dist/core/triggers/index.d.ts +9 -0
- package/dist/core/triggers/index.d.ts.map +1 -0
- package/dist/core/triggers/index.js +3 -0
- package/dist/core/triggers/index.js.map +1 -0
- package/dist/core/triggers/trigger-bus.d.ts +49 -0
- package/dist/core/triggers/trigger-bus.d.ts.map +1 -0
- package/dist/core/triggers/trigger-bus.js +167 -0
- package/dist/core/triggers/trigger-bus.js.map +1 -0
- package/dist/core/triggers/types.d.ts +56 -0
- package/dist/core/triggers/types.d.ts.map +1 -0
- package/dist/core/triggers/types.js +13 -0
- package/dist/core/triggers/types.js.map +1 -0
- package/dist/core/trust.d.ts +12 -0
- package/dist/core/trust.d.ts.map +1 -0
- package/dist/core/trust.js +13 -0
- package/dist/core/trust.js.map +1 -0
- package/dist/core/types.d.ts +24 -2
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/ui-ux/index.d.ts +12 -0
- package/dist/core/ui-ux/index.d.ts.map +1 -0
- package/dist/core/ui-ux/index.js +13 -0
- package/dist/core/ui-ux/index.js.map +1 -0
- package/dist/core/ui-ux/orchestrator.d.ts +206 -0
- package/dist/core/ui-ux/orchestrator.d.ts.map +1 -0
- package/dist/core/ui-ux/orchestrator.js +672 -0
- package/dist/core/ui-ux/orchestrator.js.map +1 -0
- package/dist/core/ui-ux/types.d.ts +339 -0
- package/dist/core/ui-ux/types.d.ts.map +1 -0
- package/dist/core/ui-ux/types.js +17 -0
- package/dist/core/ui-ux/types.js.map +1 -0
- package/dist/enterprise/audit-trail.d.ts +31 -0
- package/dist/enterprise/audit-trail.d.ts.map +1 -0
- package/dist/enterprise/audit-trail.js +111 -0
- package/dist/enterprise/audit-trail.js.map +1 -0
- package/dist/enterprise/sla.d.ts +26 -0
- package/dist/enterprise/sla.d.ts.map +1 -0
- package/dist/enterprise/sla.js +101 -0
- package/dist/enterprise/sla.js.map +1 -0
- package/dist/helpers/element-discovery.js +1 -1
- package/dist/helpers/element-discovery.js.map +1 -1
- package/dist/helpers/env-resolver.d.ts +2 -2
- package/dist/helpers/quality-gate.d.ts.map +1 -1
- package/dist/helpers/quality-gate.js +21 -3
- package/dist/helpers/quality-gate.js.map +1 -1
- package/dist/helpers/shape-fingerprint.d.ts +18 -0
- package/dist/helpers/shape-fingerprint.d.ts.map +1 -0
- package/dist/helpers/shape-fingerprint.js +40 -0
- package/dist/helpers/shape-fingerprint.js.map +1 -0
- package/dist/sdk/custom-agent.d.ts +51 -0
- package/dist/sdk/custom-agent.d.ts.map +1 -0
- package/dist/sdk/custom-agent.js +94 -0
- package/dist/sdk/custom-agent.js.map +1 -0
- package/dist/sdk/index.d.ts +5 -0
- package/dist/sdk/index.d.ts.map +1 -0
- package/dist/sdk/index.js +3 -0
- package/dist/sdk/index.js.map +1 -0
- package/dist/sdk/loader.d.ts +28 -0
- package/dist/sdk/loader.d.ts.map +1 -0
- package/dist/sdk/loader.js +140 -0
- package/dist/sdk/loader.js.map +1 -0
- package/package.json +46 -20
- package/agents/01-analyst.ts +0 -100
- package/agents/02-seed-architect.ts +0 -59
- package/agents/03-test-generator.ts +0 -191
- package/agents/04-unit-runner.ts +0 -160
- package/agents/05-browser-crawler.ts +0 -790
- package/agents/06-api-exerciser.ts +0 -311
- package/agents/07-security-scout.ts +0 -188
- package/agents/08-a11y-guardian.ts +0 -212
- package/agents/09-healer.ts +0 -228
- package/agents/10-reporter.ts +0 -266
- package/agents/11-fixer.ts +0 -253
- package/agents/12-ux-inspector.ts +0 -444
- package/agents/13-performance-profiler.ts +0 -271
- package/agents/14-data-integrity-auditor.ts +0 -417
- package/agents/15-regression-sentinel.ts +0 -308
- package/agents/16-chaos-agent.ts +0 -228
- package/agents/17-documentation-validator.ts +0 -266
- package/agents/18-integration-watchdog.ts +0 -178
- package/agents/19-tenant-isolation-auditor.ts +0 -199
- package/agents/20-workflow-completion-tester.ts +0 -203
- package/agents/21-state-session-tester.ts +0 -262
- package/agents/22-email-notification-verifier.ts +0 -244
- package/agents/23-migration-tester.ts +0 -80
- package/agents/24-signup-onboarding-tester.ts +0 -429
- package/agents/25-crud-flow-tester.ts +0 -302
- package/agents/26-form-validator.ts +0 -297
- package/agents/27-search-filter-tester.ts +0 -326
- package/agents/28-navigation-routing-tester.ts +0 -425
- package/agents/29-responsive-interaction-tester.ts +0 -350
- package/agents/30-multi-user-scenario-tester.ts +0 -319
- package/agents/31-load-tester.ts +0 -134
- package/agents/32-memory-leak-detector.ts +0 -194
- package/agents/33-bundle-analyzer.ts +0 -132
- package/agents/34-xss-scanner.ts +0 -191
- package/agents/35-csrf-tester.ts +0 -82
- package/agents/36-auth-fuzzer.ts +0 -194
- package/agents/37-dependency-scanner.ts +0 -176
- package/agents/38-secrets-scanner.ts +0 -137
- package/agents/39-api-contract-tester.ts +0 -199
- package/agents/40-rate-limit-tester.ts +0 -94
- package/agents/41-api-pagination-tester.ts +0 -97
- package/agents/42-graphql-tester.ts +0 -222
- package/agents/43-data-consistency-checker.ts +0 -205
- package/agents/44-backup-recovery-tester.ts +0 -152
- package/agents/45-data-privacy-scanner.ts +0 -125
- package/agents/46-seo-auditor.ts +0 -294
- package/agents/47-social-preview-tester.ts +0 -232
- package/agents/48-lighthouse-auditor.ts +0 -213
- package/agents/49-i18n-tester.ts +0 -198
- package/agents/50-timezone-tester.ts +0 -173
- package/agents/51-error-recovery-tester.ts +0 -155
- package/agents/52-offline-mode-tester.ts +0 -180
- package/agents/53-graceful-degradation-tester.ts +0 -156
- package/agents/54-websocket-tester.ts +0 -151
- package/agents/55-realtime-sync-tester.ts +0 -194
- package/agents/56-file-upload-tester.ts +0 -194
- package/agents/57-export-tester.ts +0 -174
- package/agents/58-payment-flow-tester.ts +0 -183
- package/agents/59-ssl-tls-auditor.ts +0 -141
- package/agents/60-dns-cdn-tester.ts +0 -117
- package/agents/61-docker-health-checker.ts +0 -111
- package/agents/62-env-config-validator.ts +0 -152
- package/agents/63-log-quality-auditor.ts +0 -136
- package/agents/64-analytics-tracker-tester.ts +0 -165
- package/agents/65-gdpr-compliance-tester.ts +0 -215
- package/agents/66-soc2-control-validator.ts +0 -210
- package/agents/67-wcag-aaa-tester.ts +0 -241
- package/agents/68-dead-code-detector.ts +0 -135
- package/agents/69-type-safety-auditor.ts +0 -164
- package/agents/70-complexity-analyzer.ts +0 -179
- package/agents/__tests__/01-analyst.test.ts +0 -188
- package/agents/__tests__/02-seed-architect.test.ts +0 -152
- package/agents/__tests__/03-test-generator-full.test.ts +0 -321
- package/agents/__tests__/03-test-generator.test.ts +0 -318
- package/agents/__tests__/04-unit-runner.test.ts +0 -320
- package/agents/__tests__/05-browser-crawler-beta.test.ts +0 -492
- package/agents/__tests__/05-browser-crawler-release.test.ts +0 -412
- package/agents/__tests__/05-browser-crawler-uat.test.ts +0 -578
- package/agents/__tests__/05-browser-crawler.test.ts +0 -518
- package/agents/__tests__/06-api-exerciser.test.ts +0 -619
- package/agents/__tests__/07-security-scout.test.ts +0 -382
- package/agents/__tests__/08-a11y-guardian.test.ts +0 -530
- package/agents/__tests__/09-healer.test.ts +0 -384
- package/agents/__tests__/10-reporter.test.ts +0 -366
- package/agents/__tests__/11-fixer.test.ts +0 -406
- package/agents/__tests__/12-ux-inspector-extended.test.ts +0 -465
- package/agents/__tests__/12-ux-inspector.test.ts +0 -443
- package/agents/__tests__/13-performance-profiler.test.ts +0 -411
- package/agents/__tests__/14-data-integrity-auditor-extended.test.ts +0 -573
- package/agents/__tests__/14-data-integrity-auditor.test.ts +0 -407
- package/agents/__tests__/15-regression-sentinel.test.ts +0 -657
- package/agents/__tests__/16-chaos-agent.test.ts +0 -427
- package/agents/__tests__/17-documentation-validator.test.ts +0 -402
- package/agents/__tests__/18-integration-watchdog.test.ts +0 -263
- package/agents/__tests__/19-tenant-isolation-auditor.test.ts +0 -400
- package/agents/__tests__/20-workflow-completion-tester.test.ts +0 -586
- package/agents/__tests__/21-state-session-tester.test.ts +0 -374
- package/agents/__tests__/22-email-notification-verifier.test.ts +0 -441
- package/agents/__tests__/23-migration-tester.test.ts +0 -145
- package/agents/__tests__/24-signup-onboarding-tester.test.ts +0 -274
- package/agents/__tests__/25-crud-flow-tester.test.ts +0 -322
- package/agents/__tests__/26-form-validator.test.ts +0 -345
- package/agents/__tests__/27-search-filter-tester.test.ts +0 -311
- package/agents/__tests__/28-navigation-routing-tester.test.ts +0 -328
- package/agents/__tests__/29-responsive-interaction-tester.test.ts +0 -297
- package/agents/__tests__/30-multi-user-scenario-tester.test.ts +0 -328
- package/agents/__tests__/31-load-tester.test.ts +0 -189
- package/agents/__tests__/32-memory-leak-detector.test.ts +0 -251
- package/agents/__tests__/33-bundle-analyzer.test.ts +0 -237
- package/agents/__tests__/34-xss-scanner.test.ts +0 -258
- package/agents/__tests__/35-csrf-tester.test.ts +0 -200
- package/agents/__tests__/36-auth-fuzzer.test.ts +0 -214
- package/agents/__tests__/37-dependency-scanner.test.ts +0 -266
- package/agents/__tests__/38-secrets-scanner.test.ts +0 -224
- package/agents/__tests__/39-api-contract-tester.test.ts +0 -312
- package/agents/__tests__/40-rate-limit-tester.test.ts +0 -192
- package/agents/__tests__/41-api-pagination-tester.test.ts +0 -198
- package/agents/__tests__/42-graphql-tester.test.ts +0 -252
- package/agents/__tests__/43-data-consistency-checker.test.ts +0 -232
- package/agents/__tests__/44-backup-recovery-tester.test.ts +0 -222
- package/agents/__tests__/45-data-privacy-scanner.test.ts +0 -223
- package/agents/__tests__/46-seo-auditor.test.ts +0 -261
- package/agents/__tests__/47-social-preview-tester.test.ts +0 -245
- package/agents/__tests__/48-lighthouse-auditor.test.ts +0 -276
- package/agents/__tests__/49-i18n-tester.test.ts +0 -201
- package/agents/__tests__/50-timezone-tester.test.ts +0 -172
- package/agents/__tests__/51-error-recovery-tester.test.ts +0 -162
- package/agents/__tests__/52-offline-mode-tester.test.ts +0 -164
- package/agents/__tests__/53-graceful-degradation-tester.test.ts +0 -168
- package/agents/__tests__/54-websocket-tester.test.ts +0 -157
- package/agents/__tests__/55-realtime-sync-tester.test.ts +0 -181
- package/agents/__tests__/56-file-upload-tester.test.ts +0 -172
- package/agents/__tests__/57-export-tester.test.ts +0 -169
- package/agents/__tests__/58-payment-flow-tester.test.ts +0 -182
- package/agents/__tests__/59-ssl-tls-auditor.test.ts +0 -179
- package/agents/__tests__/60-dns-cdn-tester.test.ts +0 -176
- package/agents/__tests__/61-docker-health-checker.test.ts +0 -150
- package/agents/__tests__/62-env-config-validator.test.ts +0 -166
- package/agents/__tests__/63-log-quality-auditor.test.ts +0 -175
- package/agents/__tests__/64-analytics-tracker-tester.test.ts +0 -158
- package/agents/__tests__/65-gdpr-compliance-tester.test.ts +0 -174
- package/agents/__tests__/66-soc2-control-validator.test.ts +0 -183
- package/agents/__tests__/67-wcag-aaa-tester.test.ts +0 -190
- package/agents/__tests__/68-dead-code-detector.test.ts +0 -174
- package/agents/__tests__/69-type-safety-auditor.test.ts +0 -173
- package/agents/__tests__/70-complexity-analyzer.test.ts +0 -177
- package/agents/__tests__/base-agent.test.ts +0 -188
- package/agents/__tests__/registry.test.ts +0 -218
- package/agents/base-agent.ts +0 -85
- package/agents/registry.ts +0 -279
- package/baselines/api-schemas/.gitkeep +0 -0
- package/baselines/performance/.gitkeep +0 -0
- package/baselines/screenshots/.gitkeep +0 -0
- package/core/__tests__/ci-output.test.ts +0 -430
- package/core/__tests__/cli.test.ts +0 -387
- package/core/__tests__/config.test.ts +0 -78
- package/core/__tests__/cost-tracker.test.ts +0 -158
- package/core/__tests__/evidence.test.ts +0 -265
- package/core/__tests__/fix-loop.test.ts +0 -210
- package/core/__tests__/health-check.test.ts +0 -44
- package/core/__tests__/init.test.ts +0 -609
- package/core/__tests__/integration.test.ts +0 -204
- package/core/__tests__/license-gen.test.ts +0 -227
- package/core/__tests__/license.test.ts +0 -326
- package/core/__tests__/multi-browser.test.ts +0 -278
- package/core/__tests__/orchestrator.test.ts +0 -520
- package/core/__tests__/phase-gate.test.ts +0 -43
- package/core/__tests__/report-html.test.ts +0 -398
- package/core/__tests__/report-upload.test.ts +0 -325
- package/core/__tests__/run-counter.test.ts +0 -234
- package/core/ci-output.ts +0 -240
- package/core/cli.ts +0 -354
- package/core/config.ts +0 -178
- package/core/cost-tracker.ts +0 -59
- package/core/evidence.ts +0 -132
- package/core/fix-loop.ts +0 -85
- package/core/health-check.ts +0 -54
- package/core/init.ts +0 -546
- package/core/license-gen.ts +0 -212
- package/core/license.ts +0 -208
- package/core/messages.ts +0 -67
- package/core/multi-browser.ts +0 -136
- package/core/orchestrator.ts +0 -427
- package/core/phase-gate.ts +0 -55
- package/core/report-html.ts +0 -657
- package/core/report-upload.ts +0 -188
- package/core/run-counter.ts +0 -175
- package/core/types.ts +0 -57
- package/dist/core/multi-browser.d.ts +0 -36
- package/dist/core/multi-browser.d.ts.map +0 -1
- package/dist/core/multi-browser.js +0 -88
- package/dist/core/multi-browser.js.map +0 -1
- package/helpers/__tests__/api-client.test.ts +0 -199
- package/helpers/__tests__/element-discovery.test.ts +0 -202
- package/helpers/__tests__/form-filler-extended.test.ts +0 -212
- package/helpers/__tests__/form-filler.test.ts +0 -99
- package/helpers/__tests__/modal-handler.test.ts +0 -152
- package/helpers/__tests__/navigation.test.ts +0 -214
- package/helpers/__tests__/quality-gate.test.ts +0 -117
- package/helpers/__tests__/screenshot.test.ts +0 -139
- package/helpers/__tests__/seed-validator.test.ts +0 -114
- package/helpers/api-client.ts +0 -111
- package/helpers/element-discovery.ts +0 -105
- package/helpers/env-resolver.ts +0 -69
- package/helpers/form-filler.ts +0 -126
- package/helpers/modal-handler.ts +0 -108
- package/helpers/navigation.ts +0 -100
- package/helpers/quality-gate.ts +0 -180
- package/helpers/screenshot.ts +0 -111
- package/helpers/seed-validator.ts +0 -70
|
@@ -0,0 +1,337 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Dockerfile Auditor — static scan of Dockerfiles for the most common
|
|
3
|
+
* container security / reproducibility mistakes. Completes the deploy-
|
|
4
|
+
* readiness theme started by #97 (healthcheck routes): #97 checks the app
|
|
5
|
+
* exposes probes, #102 checks the container that runs it is hardened.
|
|
6
|
+
*
|
|
7
|
+
* Checks (on the FINAL build stage, which is what actually ships):
|
|
8
|
+
* - 102-runs-as-root high code-bug-security
|
|
9
|
+
* No USER directive, or the last USER is root / 0. A compromised
|
|
10
|
+
* process then has root in the container.
|
|
11
|
+
* - 102-latest-base-tag medium infra-issue
|
|
12
|
+
* FROM image with no tag or `:latest` — non-reproducible builds,
|
|
13
|
+
* surprise upgrades.
|
|
14
|
+
* - 102-secret-in-env high code-bug-security
|
|
15
|
+
* ENV / ARG with a secret-shaped name AND a literal value baked into
|
|
16
|
+
* the image (readable via `docker history`).
|
|
17
|
+
* - 102-no-healthcheck low infra-issue
|
|
18
|
+
* No HEALTHCHECK directive — orchestrators can't tell if the
|
|
19
|
+
* container is actually serving.
|
|
20
|
+
* - 102-summary info
|
|
21
|
+
*
|
|
22
|
+
* Persists `evidence/dockerfile-audit.json`. Read-only, parallel-safe,
|
|
23
|
+
* static analysis only.
|
|
24
|
+
*/
|
|
25
|
+
import * as fs from 'node:fs';
|
|
26
|
+
import * as path from 'node:path';
|
|
27
|
+
import { BaseAgent } from './base-agent.js';
|
|
28
|
+
const SKIP_DIRS = new Set([
|
|
29
|
+
'node_modules', '.git', 'dist', 'build', '.next', '.nuxt', 'coverage', 'reports', 'baselines', 'evidence',
|
|
30
|
+
]);
|
|
31
|
+
/** Secret-shaped ENV/ARG key fragments. */
|
|
32
|
+
const SECRET_KEY_RE = /(password|passwd|secret|api[_-]?key|access[_-]?key|private[_-]?key|token|credential)/i;
|
|
33
|
+
/** Values that are obviously placeholders, not real secrets. */
|
|
34
|
+
const PLACEHOLDER_VALUE_RE = /^(?:|changeme|placeholder|xxx+|<.*>|\$\{.*\}|your[_-].*|example|test|dummy|none|null)$/i;
|
|
35
|
+
function isDockerfileName(name) {
|
|
36
|
+
return name === 'Dockerfile' || /\.dockerfile$/i.test(name) || /^dockerfile\./i.test(name);
|
|
37
|
+
}
|
|
38
|
+
function findDockerfiles(root, results = [], depth = 0) {
|
|
39
|
+
if (depth > 4 || !fs.existsSync(root))
|
|
40
|
+
return results;
|
|
41
|
+
let entries;
|
|
42
|
+
try {
|
|
43
|
+
entries = fs.readdirSync(root, { withFileTypes: true });
|
|
44
|
+
}
|
|
45
|
+
catch {
|
|
46
|
+
return results;
|
|
47
|
+
}
|
|
48
|
+
for (const entry of entries) {
|
|
49
|
+
if (SKIP_DIRS.has(entry.name))
|
|
50
|
+
continue;
|
|
51
|
+
const full = path.join(root, entry.name);
|
|
52
|
+
if (entry.isDirectory()) {
|
|
53
|
+
findDockerfiles(full, results, depth + 1);
|
|
54
|
+
}
|
|
55
|
+
else if (entry.isFile() && isDockerfileName(entry.name)) {
|
|
56
|
+
results.push(full);
|
|
57
|
+
}
|
|
58
|
+
}
|
|
59
|
+
return results;
|
|
60
|
+
}
|
|
61
|
+
function relativise(absPath, root) {
|
|
62
|
+
return path.relative(root, absPath).split(path.sep).join('/');
|
|
63
|
+
}
|
|
64
|
+
/** Join Dockerfile line continuations (`\`) and drop comments/blanks. */
|
|
65
|
+
export function logicalLines(content) {
|
|
66
|
+
const rawLines = content.split(/\r?\n/);
|
|
67
|
+
const out = [];
|
|
68
|
+
let buffer = '';
|
|
69
|
+
let startLine = 0;
|
|
70
|
+
for (let i = 0; i < rawLines.length; i++) {
|
|
71
|
+
const raw = rawLines[i];
|
|
72
|
+
const trimmed = raw.trim();
|
|
73
|
+
if (buffer === '' && (trimmed === '' || trimmed.startsWith('#')))
|
|
74
|
+
continue;
|
|
75
|
+
if (buffer === '')
|
|
76
|
+
startLine = i + 1;
|
|
77
|
+
if (trimmed.endsWith('\\')) {
|
|
78
|
+
buffer += trimmed.slice(0, -1).trim() + ' ';
|
|
79
|
+
}
|
|
80
|
+
else {
|
|
81
|
+
buffer += trimmed;
|
|
82
|
+
out.push({ text: buffer.trim(), line: startLine });
|
|
83
|
+
buffer = '';
|
|
84
|
+
}
|
|
85
|
+
}
|
|
86
|
+
if (buffer.trim() !== '')
|
|
87
|
+
out.push({ text: buffer.trim(), line: startLine });
|
|
88
|
+
return out;
|
|
89
|
+
}
|
|
90
|
+
/**
|
|
91
|
+
* Audit a single Dockerfile's content. Splits into build stages on FROM and
|
|
92
|
+
* applies the root / healthcheck checks to the FINAL stage (the shipped
|
|
93
|
+
* image); base-tag and secret checks apply across all stages.
|
|
94
|
+
*/
|
|
95
|
+
export function auditDockerfile(content) {
|
|
96
|
+
const hits = [];
|
|
97
|
+
const lines = logicalLines(content);
|
|
98
|
+
// Track stage boundaries (FROM ...). Each stage = directives until next FROM.
|
|
99
|
+
const stageStartIdx = [];
|
|
100
|
+
lines.forEach((l, idx) => {
|
|
101
|
+
if (/^FROM\s+/i.test(l.text))
|
|
102
|
+
stageStartIdx.push(idx);
|
|
103
|
+
});
|
|
104
|
+
// --- base-tag check: every FROM ---
|
|
105
|
+
for (const l of lines) {
|
|
106
|
+
const m = l.text.match(/^FROM\s+(\S+)(?:\s+AS\s+\S+)?/i);
|
|
107
|
+
if (!m)
|
|
108
|
+
continue;
|
|
109
|
+
const image = m[1];
|
|
110
|
+
if (image.startsWith('$'))
|
|
111
|
+
continue; // build-arg image ref — can't judge
|
|
112
|
+
// scratch is intentionally tagless
|
|
113
|
+
if (image === 'scratch')
|
|
114
|
+
continue;
|
|
115
|
+
// A stage referencing a previous stage name (multi-stage) — skip tag check.
|
|
116
|
+
const tagPart = image.includes('/') ? image.split('/').pop() : image;
|
|
117
|
+
const hasColon = tagPart.includes(':') || image.includes('@sha256:');
|
|
118
|
+
const isLatest = /:latest$/i.test(image);
|
|
119
|
+
if (!hasColon || isLatest) {
|
|
120
|
+
// If it's referencing a named stage (FROM builder), there'd be no registry
|
|
121
|
+
// path and it'd match a prior "AS <name>" — skip those.
|
|
122
|
+
const namedStages = lines
|
|
123
|
+
.map((x) => x.text.match(/^FROM\s+\S+\s+AS\s+(\S+)/i)?.[1])
|
|
124
|
+
.filter((x) => !!x);
|
|
125
|
+
if (namedStages.includes(image))
|
|
126
|
+
continue;
|
|
127
|
+
hits.push({
|
|
128
|
+
kind: 'latest-base-tag',
|
|
129
|
+
line: l.line,
|
|
130
|
+
detail: `FROM ${image}`,
|
|
131
|
+
});
|
|
132
|
+
}
|
|
133
|
+
}
|
|
134
|
+
// --- secret-in-env check: ENV / ARG with secret-shaped name + real value ---
|
|
135
|
+
for (const l of lines) {
|
|
136
|
+
const m = l.text.match(/^(ENV|ARG)\s+(.+)$/i);
|
|
137
|
+
if (!m)
|
|
138
|
+
continue;
|
|
139
|
+
const directive = m[1].toUpperCase();
|
|
140
|
+
const rest = m2pairs(m[2]);
|
|
141
|
+
for (const { key, value } of rest) {
|
|
142
|
+
if (!SECRET_KEY_RE.test(key))
|
|
143
|
+
continue;
|
|
144
|
+
// ARG with no default is fine (injected at build); ENV with a value is baked.
|
|
145
|
+
if (value === null)
|
|
146
|
+
continue;
|
|
147
|
+
if (PLACEHOLDER_VALUE_RE.test(value))
|
|
148
|
+
continue;
|
|
149
|
+
hits.push({
|
|
150
|
+
kind: 'secret-in-env',
|
|
151
|
+
line: l.line,
|
|
152
|
+
detail: `${directive} ${key}`,
|
|
153
|
+
});
|
|
154
|
+
}
|
|
155
|
+
}
|
|
156
|
+
// --- final-stage checks: root + healthcheck ---
|
|
157
|
+
if (stageStartIdx.length > 0) {
|
|
158
|
+
const finalStart = stageStartIdx[stageStartIdx.length - 1];
|
|
159
|
+
const finalStage = lines.slice(finalStart);
|
|
160
|
+
// USER: find the last USER in the final stage.
|
|
161
|
+
let lastUser = null;
|
|
162
|
+
let healthcheckSeen = false;
|
|
163
|
+
for (const l of finalStage) {
|
|
164
|
+
const u = l.text.match(/^USER\s+(\S+)/i);
|
|
165
|
+
if (u)
|
|
166
|
+
lastUser = u[1];
|
|
167
|
+
if (/^HEALTHCHECK\s+/i.test(l.text))
|
|
168
|
+
healthcheckSeen = true;
|
|
169
|
+
}
|
|
170
|
+
// Also honour a HEALTHCHECK in any stage? No — only the final image runs it.
|
|
171
|
+
// Distroless / `:nonroot` base images run as a non-root user by default with
|
|
172
|
+
// no explicit USER directive — so "no USER" there isn't running as root.
|
|
173
|
+
const finalImage = finalStage[0]?.text.match(/^FROM\s+(\S+)/i)?.[1] ?? '';
|
|
174
|
+
const baseIsNonRoot = /:nonroot\b|[/-]nonroot\b/i.test(finalImage);
|
|
175
|
+
if ((lastUser === null && !baseIsNonRoot) || lastUser === 'root' || lastUser === '0') {
|
|
176
|
+
hits.push({
|
|
177
|
+
kind: 'runs-as-root',
|
|
178
|
+
line: lines[finalStart].line,
|
|
179
|
+
detail: lastUser === null ? 'no USER directive' : `USER ${lastUser}`,
|
|
180
|
+
});
|
|
181
|
+
}
|
|
182
|
+
if (!healthcheckSeen) {
|
|
183
|
+
hits.push({
|
|
184
|
+
kind: 'no-healthcheck',
|
|
185
|
+
line: lines[finalStart].line,
|
|
186
|
+
detail: 'no HEALTHCHECK directive',
|
|
187
|
+
});
|
|
188
|
+
}
|
|
189
|
+
}
|
|
190
|
+
return hits;
|
|
191
|
+
}
|
|
192
|
+
/** Parse the operands of an ENV/ARG directive into key/value pairs. */
|
|
193
|
+
function m2pairs(rest) {
|
|
194
|
+
const out = [];
|
|
195
|
+
const trimmed = rest.trim();
|
|
196
|
+
// `ENV KEY=val KEY2=val2` form (has `=`).
|
|
197
|
+
if (/^\S+=/.test(trimmed)) {
|
|
198
|
+
// Split on spaces that aren't inside quotes.
|
|
199
|
+
const tokens = trimmed.match(/(?:[^\s"']+|"[^"]*"|'[^']*')+/g) ?? [];
|
|
200
|
+
for (const tok of tokens) {
|
|
201
|
+
const eq = tok.indexOf('=');
|
|
202
|
+
if (eq <= 0)
|
|
203
|
+
continue;
|
|
204
|
+
const key = tok.slice(0, eq);
|
|
205
|
+
let value = tok.slice(eq + 1);
|
|
206
|
+
value = value.replace(/^['"]|['"]$/g, '');
|
|
207
|
+
out.push({ key, value });
|
|
208
|
+
}
|
|
209
|
+
return out;
|
|
210
|
+
}
|
|
211
|
+
// `ENV KEY value...` form (legacy, space-separated) or `ARG KEY` (no value).
|
|
212
|
+
const firstSpace = trimmed.indexOf(' ');
|
|
213
|
+
if (firstSpace === -1) {
|
|
214
|
+
out.push({ key: trimmed, value: null });
|
|
215
|
+
}
|
|
216
|
+
else {
|
|
217
|
+
const key = trimmed.slice(0, firstSpace);
|
|
218
|
+
const value = trimmed.slice(firstSpace + 1).trim().replace(/^['"]|['"]$/g, '');
|
|
219
|
+
out.push({ key, value });
|
|
220
|
+
}
|
|
221
|
+
return out;
|
|
222
|
+
}
|
|
223
|
+
export class DockerfileAuditorAgent extends BaseAgent {
|
|
224
|
+
agentId = 102;
|
|
225
|
+
agentName = 'Dockerfile Auditor';
|
|
226
|
+
async preFlight() {
|
|
227
|
+
const root = this.config.projectRoot ?? process.cwd();
|
|
228
|
+
if (!fs.existsSync(root)) {
|
|
229
|
+
throw new Error(`projectRoot does not exist: ${root}`);
|
|
230
|
+
}
|
|
231
|
+
}
|
|
232
|
+
async execute() {
|
|
233
|
+
const findings = [];
|
|
234
|
+
const projectRoot = this.config.projectRoot ?? process.cwd();
|
|
235
|
+
const dockerfiles = findDockerfiles(projectRoot);
|
|
236
|
+
if (dockerfiles.length === 0) {
|
|
237
|
+
findings.push({
|
|
238
|
+
id: `${this.agentId}-no-dockerfile`,
|
|
239
|
+
type: 'infra-issue',
|
|
240
|
+
severity: 'info',
|
|
241
|
+
agentId: this.agentId,
|
|
242
|
+
module: 'dockerfile-auditor',
|
|
243
|
+
description: 'No Dockerfile found — nothing to audit (not a containerised project, or build is image-based).',
|
|
244
|
+
});
|
|
245
|
+
this.persistAudit(projectRoot, [], []);
|
|
246
|
+
return findings;
|
|
247
|
+
}
|
|
248
|
+
const allHits = [];
|
|
249
|
+
for (const file of dockerfiles) {
|
|
250
|
+
let content;
|
|
251
|
+
try {
|
|
252
|
+
content = fs.readFileSync(file, 'utf-8');
|
|
253
|
+
}
|
|
254
|
+
catch {
|
|
255
|
+
continue;
|
|
256
|
+
}
|
|
257
|
+
const rel = relativise(file, projectRoot);
|
|
258
|
+
for (const hit of auditDockerfile(content)) {
|
|
259
|
+
allHits.push({ ...hit, file: rel });
|
|
260
|
+
}
|
|
261
|
+
}
|
|
262
|
+
for (const hit of allHits.slice(0, 100)) {
|
|
263
|
+
findings.push(this.toFinding(hit));
|
|
264
|
+
}
|
|
265
|
+
this.persistAudit(projectRoot, dockerfiles.map((d) => relativise(d, projectRoot)), allHits);
|
|
266
|
+
findings.push({
|
|
267
|
+
id: `${this.agentId}-summary`,
|
|
268
|
+
type: 'infra-issue',
|
|
269
|
+
severity: 'info',
|
|
270
|
+
agentId: this.agentId,
|
|
271
|
+
module: 'dockerfile-auditor',
|
|
272
|
+
description: `Dockerfile audit: ${dockerfiles.length} file(s), ${allHits.length} issue(s) (${allHits.filter((h) => h.kind === 'runs-as-root').length} root, ${allHits.filter((h) => h.kind === 'secret-in-env').length} baked secret, ${allHits.filter((h) => h.kind === 'latest-base-tag').length} latest-tag, ${allHits.filter((h) => h.kind === 'no-healthcheck').length} no-healthcheck).`,
|
|
273
|
+
});
|
|
274
|
+
return findings;
|
|
275
|
+
}
|
|
276
|
+
toFinding(hit) {
|
|
277
|
+
const slug = `${hit.file.replace(/[^\w]/g, '_')}-${hit.line}`;
|
|
278
|
+
const base = { agentId: this.agentId, module: 'dockerfile-auditor', file: hit.file, line: hit.line };
|
|
279
|
+
switch (hit.kind) {
|
|
280
|
+
case 'runs-as-root':
|
|
281
|
+
return {
|
|
282
|
+
...base,
|
|
283
|
+
id: `${this.agentId}-runs-as-root-${slug}`,
|
|
284
|
+
type: 'code-bug-security',
|
|
285
|
+
severity: 'high',
|
|
286
|
+
description: `${hit.file} final stage runs as root (${hit.detail}). A compromised process gets root inside the container — add a non-root \`USER\` before the entrypoint.`,
|
|
287
|
+
};
|
|
288
|
+
case 'secret-in-env':
|
|
289
|
+
return {
|
|
290
|
+
...base,
|
|
291
|
+
id: `${this.agentId}-secret-in-env-${slug}`,
|
|
292
|
+
type: 'code-bug-security',
|
|
293
|
+
severity: 'high',
|
|
294
|
+
description: `${hit.file}:${hit.line} bakes a secret into the image (${hit.detail}) — it's readable via \`docker history\` / image layers. Pass secrets at runtime (env, mounted file, secret store) instead.`,
|
|
295
|
+
};
|
|
296
|
+
case 'latest-base-tag':
|
|
297
|
+
return {
|
|
298
|
+
...base,
|
|
299
|
+
id: `${this.agentId}-latest-base-tag-${slug}`,
|
|
300
|
+
type: 'infra-issue',
|
|
301
|
+
severity: 'medium',
|
|
302
|
+
description: `${hit.file}:${hit.line} uses an untagged or \`:latest\` base image (${hit.detail}) — builds aren't reproducible and a base push can silently change behaviour. Pin a specific version (ideally a digest).`,
|
|
303
|
+
};
|
|
304
|
+
case 'no-healthcheck':
|
|
305
|
+
return {
|
|
306
|
+
...base,
|
|
307
|
+
id: `${this.agentId}-no-healthcheck-${slug}`,
|
|
308
|
+
type: 'infra-issue',
|
|
309
|
+
severity: 'low',
|
|
310
|
+
description: `${hit.file} has no HEALTHCHECK directive — orchestrators can't detect a wedged container. Add a HEALTHCHECK hitting one of the app's liveness routes (see #97).`,
|
|
311
|
+
};
|
|
312
|
+
}
|
|
313
|
+
}
|
|
314
|
+
persistAudit(projectRoot, dockerfiles, hits) {
|
|
315
|
+
const audit = {
|
|
316
|
+
version: 1,
|
|
317
|
+
generatedAt: new Date().toISOString(),
|
|
318
|
+
projectRoot,
|
|
319
|
+
dockerfiles,
|
|
320
|
+
hits,
|
|
321
|
+
};
|
|
322
|
+
try {
|
|
323
|
+
const evidenceDir = path.join(this.runDir, 'evidence');
|
|
324
|
+
fs.mkdirSync(evidenceDir, { recursive: true });
|
|
325
|
+
fs.writeFileSync(path.join(evidenceDir, 'dockerfile-audit.json'), JSON.stringify(audit, null, 2), 'utf-8');
|
|
326
|
+
this.addEvidence({
|
|
327
|
+
type: 'report',
|
|
328
|
+
path: 'evidence/dockerfile-audit.json',
|
|
329
|
+
description: `Dockerfile audit: ${hits.length} issue(s) across ${dockerfiles.length} file(s)`,
|
|
330
|
+
});
|
|
331
|
+
}
|
|
332
|
+
catch {
|
|
333
|
+
// non-fatal
|
|
334
|
+
}
|
|
335
|
+
}
|
|
336
|
+
}
|
|
337
|
+
//# sourceMappingURL=102-dockerfile-auditor.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"102-dockerfile-auditor.js","sourceRoot":"","sources":["../../agents/102-dockerfile-auditor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,MAAM,SAAS,GAAwB,IAAI,GAAG,CAAC;IAC7C,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU;CAC1G,CAAC,CAAC;AAEH,2CAA2C;AAC3C,MAAM,aAAa,GAAG,uFAAuF,CAAC;AAC9G,gEAAgE;AAChE,MAAM,oBAAoB,GAAG,yFAAyF,CAAC;AAuBvH,SAAS,gBAAgB,CAAC,IAAY;IACpC,OAAO,IAAI,KAAK,YAAY,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,gBAAgB,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC7F,CAAC;AAED,SAAS,eAAe,CAAC,IAAY,EAAE,UAAoB,EAAE,EAAE,KAAK,GAAG,CAAC;IACtE,IAAI,KAAK,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC;QAAE,OAAO,OAAO,CAAC;IACtD,IAAI,OAAoB,CAAC;IACzB,IAAI,CAAC;QACH,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,IAAI,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1D,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QACxC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,eAAe,CAAC,IAAI,EAAE,OAAO,EAAE,KAAK,GAAG,CAAC,CAAC,CAAC;QAC5C,CAAC;aAAM,IAAI,KAAK,CAAC,MAAM,EAAE,IAAI,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC;YAC1D,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,IAAY;IAC/C,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChE,CAAC;AAOD,yEAAyE;AACzE,MAAM,UAAU,YAAY,CAAC,OAAe;IAC1C,MAAM,QAAQ,GAAG,OAAO,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACxC,MAAM,GAAG,GAAkB,EAAE,CAAC;IAC9B,IAAI,MAAM,GAAG,EAAE,CAAC;IAChB,IAAI,SAAS,GAAG,CAAC,CAAC;IAClB,KAAK,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,GAAG,QAAQ,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QACzC,MAAM,GAAG,GAAG,QAAQ,CAAC,CAAC,CAAC,CAAC;QACxB,MAAM,OAAO,GAAG,GAAG,CAAC,IAAI,EAAE,CAAC;QAC3B,IAAI,MAAM,KAAK,EAAE,IAAI,CAAC,OAAO,KAAK,EAAE,IAAI,OAAO,CAAC,UAAU,CAAC,GAAG,CAAC,CAAC;YAAE,SAAS;QAC3E,IAAI,MAAM,KAAK,EAAE;YAAE,SAAS,GAAG,CAAC,GAAG,CAAC,CAAC;QACrC,IAAI,OAAO,CAAC,QAAQ,CAAC,IAAI,CAAC,EAAE,CAAC;YAC3B,MAAM,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE,GAAG,GAAG,CAAC;QAC9C,CAAC;aAAM,CAAC;YACN,MAAM,IAAI,OAAO,CAAC;YAClB,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;YACnD,MAAM,GAAG,EAAE,CAAC;QACd,CAAC;IACH,CAAC;IACD,IAAI,MAAM,CAAC,IAAI,EAAE,KAAK,EAAE;QAAE,GAAG,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,MAAM,CAAC,IAAI,EAAE,EAAE,IAAI,EAAE,SAAS,EAAE,CAAC,CAAC;IAC7E,OAAO,GAAG,CAAC;AACb,CAAC;AAED;;;;GAIG;AACH,MAAM,UAAU,eAAe,CAAC,OAAe;IAC7C,MAAM,IAAI,GAAuC,EAAE,CAAC;IACpD,MAAM,KAAK,GAAG,YAAY,CAAC,OAAO,CAAC,CAAC;IAEpC,8EAA8E;IAC9E,MAAM,aAAa,GAAa,EAAE,CAAC;IACnC,KAAK,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,GAAG,EAAE,EAAE;QACvB,IAAI,WAAW,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;YAAE,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;IACxD,CAAC,CAAC,CAAC;IAEH,qCAAqC;IACrC,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gCAAgC,CAAC,CAAC;QACzD,IAAI,CAAC,CAAC;YAAE,SAAS;QACjB,MAAM,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;QACnB,IAAI,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC;YAAE,SAAS,CAAC,oCAAoC;QACzE,mCAAmC;QACnC,IAAI,KAAK,KAAK,SAAS;YAAE,SAAS;QAClC,4EAA4E;QAC5E,MAAM,OAAO,GAAG,KAAK,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,KAAK,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC,GAAG,EAAG,CAAC,CAAC,CAAC,KAAK,CAAC;QACtE,MAAM,QAAQ,GAAG,OAAO,CAAC,QAAQ,CAAC,GAAG,CAAC,IAAI,KAAK,CAAC,QAAQ,CAAC,UAAU,CAAC,CAAC;QACrE,MAAM,QAAQ,GAAG,WAAW,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACzC,IAAI,CAAC,QAAQ,IAAI,QAAQ,EAAE,CAAC;YAC1B,2EAA2E;YAC3E,wDAAwD;YACxD,MAAM,WAAW,GAAG,KAAK;iBACtB,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,2BAA2B,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC;iBAC1D,MAAM,CAAC,CAAC,CAAC,EAAe,EAAE,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YACnC,IAAI,WAAW,CAAC,QAAQ,CAAC,KAAK,CAAC;gBAAE,SAAS;YAC1C,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,iBAAiB;gBACvB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,MAAM,EAAE,QAAQ,KAAK,EAAE;aACxB,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,8EAA8E;IAC9E,KAAK,MAAM,CAAC,IAAI,KAAK,EAAE,CAAC;QACtB,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,qBAAqB,CAAC,CAAC;QAC9C,IAAI,CAAC,CAAC;YAAE,SAAS;QACjB,MAAM,SAAS,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,EAAE,CAAC;QACrC,MAAM,IAAI,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QAC3B,KAAK,MAAM,EAAE,GAAG,EAAE,KAAK,EAAE,IAAI,IAAI,EAAE,CAAC;YAClC,IAAI,CAAC,aAAa,CAAC,IAAI,CAAC,GAAG,CAAC;gBAAE,SAAS;YACvC,8EAA8E;YAC9E,IAAI,KAAK,KAAK,IAAI;gBAAE,SAAS;YAC7B,IAAI,oBAAoB,CAAC,IAAI,CAAC,KAAK,CAAC;gBAAE,SAAS;YAC/C,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,eAAe;gBACrB,IAAI,EAAE,CAAC,CAAC,IAAI;gBACZ,MAAM,EAAE,GAAG,SAAS,IAAI,GAAG,EAAE;aAC9B,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,iDAAiD;IACjD,IAAI,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC7B,MAAM,UAAU,GAAG,aAAa,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QAC3D,MAAM,UAAU,GAAG,KAAK,CAAC,KAAK,CAAC,UAAU,CAAC,CAAC;QAE3C,+CAA+C;QAC/C,IAAI,QAAQ,GAAkB,IAAI,CAAC;QACnC,IAAI,eAAe,GAAG,KAAK,CAAC;QAC5B,KAAK,MAAM,CAAC,IAAI,UAAU,EAAE,CAAC;YAC3B,MAAM,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,CAAC;YACzC,IAAI,CAAC;gBAAE,QAAQ,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC;YACvB,IAAI,kBAAkB,CAAC,IAAI,CAAC,CAAC,CAAC,IAAI,CAAC;gBAAE,eAAe,GAAG,IAAI,CAAC;QAC9D,CAAC;QACD,6EAA6E;QAE7E,6EAA6E;QAC7E,yEAAyE;QACzE,MAAM,UAAU,GAAG,UAAU,CAAC,CAAC,CAAC,EAAE,IAAI,CAAC,KAAK,CAAC,gBAAgB,CAAC,EAAE,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC;QAC1E,MAAM,aAAa,GAAG,2BAA2B,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;QAEnE,IAAI,CAAC,QAAQ,KAAK,IAAI,IAAI,CAAC,aAAa,CAAC,IAAI,QAAQ,KAAK,MAAM,IAAI,QAAQ,KAAK,GAAG,EAAE,CAAC;YACrF,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,cAAc;gBACpB,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI;gBAC5B,MAAM,EAAE,QAAQ,KAAK,IAAI,CAAC,CAAC,CAAC,mBAAmB,CAAC,CAAC,CAAC,QAAQ,QAAQ,EAAE;aACrE,CAAC,CAAC;QACL,CAAC;QACD,IAAI,CAAC,eAAe,EAAE,CAAC;YACrB,IAAI,CAAC,IAAI,CAAC;gBACR,IAAI,EAAE,gBAAgB;gBACtB,IAAI,EAAE,KAAK,CAAC,UAAU,CAAC,CAAC,IAAI;gBAC5B,MAAM,EAAE,0BAA0B;aACnC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,uEAAuE;AACvE,SAAS,OAAO,CAAC,IAAY;IAC3B,MAAM,GAAG,GAAiD,EAAE,CAAC;IAC7D,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,EAAE,CAAC;IAC5B,0CAA0C;IAC1C,IAAI,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC1B,6CAA6C;QAC7C,MAAM,MAAM,GAAG,OAAO,CAAC,KAAK,CAAC,gCAAgC,CAAC,IAAI,EAAE,CAAC;QACrE,KAAK,MAAM,GAAG,IAAI,MAAM,EAAE,CAAC;YACzB,MAAM,EAAE,GAAG,GAAG,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;YAC5B,IAAI,EAAE,IAAI,CAAC;gBAAE,SAAS;YACtB,MAAM,GAAG,GAAG,GAAG,CAAC,KAAK,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC;YAC7B,IAAI,KAAK,GAAG,GAAG,CAAC,KAAK,CAAC,EAAE,GAAG,CAAC,CAAC,CAAC;YAC9B,KAAK,GAAG,KAAK,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;YAC1C,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC;QAC3B,CAAC;QACD,OAAO,GAAG,CAAC;IACb,CAAC;IACD,6EAA6E;IAC7E,MAAM,UAAU,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IACxC,IAAI,UAAU,KAAK,CAAC,CAAC,EAAE,CAAC;QACtB,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,OAAO,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,MAAM,GAAG,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,UAAU,CAAC,CAAC;QACzC,MAAM,KAAK,GAAG,OAAO,CAAC,KAAK,CAAC,UAAU,GAAG,CAAC,CAAC,CAAC,IAAI,EAAE,CAAC,OAAO,CAAC,cAAc,EAAE,EAAE,CAAC,CAAC;QAC/E,GAAG,CAAC,IAAI,CAAC,EAAE,GAAG,EAAE,KAAK,EAAE,CAAC,CAAC;IAC3B,CAAC;IACD,OAAO,GAAG,CAAC;AACb,CAAC;AAED,MAAM,OAAO,sBAAuB,SAAQ,SAAS;IAC1C,OAAO,GAAG,GAAG,CAAC;IACd,SAAS,GAAG,oBAAoB,CAAC;IAEhC,KAAK,CAAC,SAAS;QACvB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QACtD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,+BAA+B,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAES,KAAK,CAAC,OAAO;QACrB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAE7D,MAAM,WAAW,GAAG,eAAe,CAAC,WAAW,CAAC,CAAC;QACjD,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YAC7B,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,gBAAgB;gBACnC,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,oBAAoB;gBAC5B,WAAW,EAAE,gGAAgG;aAC9G,CAAC,CAAC;YACH,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,EAAE,EAAE,EAAE,CAAC,CAAC;YACvC,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,OAAO,GAAoB,EAAE,CAAC;QACpC,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,OAAe,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC3C,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YAC1C,KAAK,MAAM,GAAG,IAAI,eAAe,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC3C,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,SAAS,CAAC,GAAG,CAAC,CAAC,CAAC;QACrC,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,UAAU,CAAC,CAAC,EAAE,WAAW,CAAC,CAAC,EAAE,OAAO,CAAC,CAAC;QAE5F,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,UAAU;YAC7B,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE,oBAAoB;YAC5B,WAAW,EAAE,qBAAqB,WAAW,CAAC,MAAM,aAAa,OAAO,CAAC,MAAM,cAAc,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,cAAc,CAAC,CAAC,MAAM,UAAU,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,eAAe,CAAC,CAAC,MAAM,kBAAkB,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,iBAAiB,CAAC,CAAC,MAAM,gBAAgB,OAAO,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,gBAAgB,CAAC,CAAC,MAAM,mBAAmB;SAC/X,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,SAAS,CAAC,GAAkB;QAClC,MAAM,IAAI,GAAG,GAAG,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,EAAE,CAAC;QAC9D,MAAM,IAAI,GAAG,EAAE,OAAO,EAAE,IAAI,CAAC,OAAO,EAAE,MAAM,EAAE,oBAAoB,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,IAAI,EAAE,GAAG,CAAC,IAAI,EAAE,CAAC;QACrG,QAAQ,GAAG,CAAC,IAAI,EAAE,CAAC;YACjB,KAAK,cAAc;gBACjB,OAAO;oBACL,GAAG,IAAI;oBACP,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,iBAAiB,IAAI,EAAE;oBAC1C,IAAI,EAAE,mBAAmB;oBACzB,QAAQ,EAAE,MAAM;oBAChB,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,8BAA8B,GAAG,CAAC,MAAM,0GAA0G;iBAC3K,CAAC;YACJ,KAAK,eAAe;gBAClB,OAAO;oBACL,GAAG,IAAI;oBACP,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,kBAAkB,IAAI,EAAE;oBAC3C,IAAI,EAAE,mBAAmB;oBACzB,QAAQ,EAAE,MAAM;oBAChB,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,mCAAmC,GAAG,CAAC,MAAM,6HAA6H;iBAC/M,CAAC;YACJ,KAAK,iBAAiB;gBACpB,OAAO;oBACL,GAAG,IAAI;oBACP,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,oBAAoB,IAAI,EAAE;oBAC7C,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,QAAQ;oBAClB,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,gDAAgD,GAAG,CAAC,MAAM,0HAA0H;iBACzN,CAAC;YACJ,KAAK,gBAAgB;gBACnB,OAAO;oBACL,GAAG,IAAI;oBACP,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,mBAAmB,IAAI,EAAE;oBAC5C,IAAI,EAAE,aAAa;oBACnB,QAAQ,EAAE,KAAK;oBACf,WAAW,EAAE,GAAG,GAAG,CAAC,IAAI,sJAAsJ;iBAC/K,CAAC;QACN,CAAC;IACH,CAAC;IAEO,YAAY,CAAC,WAAmB,EAAE,WAAqB,EAAE,IAAqB;QACpF,MAAM,KAAK,GAAoB;YAC7B,OAAO,EAAE,CAAC;YACV,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,WAAW;YACX,WAAW;YACX,IAAI;SACL,CAAC;QACF,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACvD,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,uBAAuB,CAAC,EAC/C,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC9B,OAAO,CACR,CAAC;YACF,IAAI,CAAC,WAAW,CAAC;gBACf,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,gCAAgC;gBACtC,WAAW,EAAE,qBAAqB,IAAI,CAAC,MAAM,oBAAoB,WAAW,CAAC,MAAM,UAAU;aAC9F,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CI Workflow Auditor — static scan of GitHub Actions workflows for the
|
|
3
|
+
* supply-chain and secret-exposure mistakes that turn CI into an attack
|
|
4
|
+
* surface. CI runs with repo secrets in scope, so a misconfigured
|
|
5
|
+
* workflow is a credential-exfiltration or RCE path.
|
|
6
|
+
*
|
|
7
|
+
* Checks (.github/workflows/*.{yml,yaml}):
|
|
8
|
+
* - 103-pull-request-target-checkout critical code-bug-security
|
|
9
|
+
* `on: pull_request_target` combined with `actions/checkout` of the
|
|
10
|
+
* PR head ref. pull_request_target runs with secrets AND write token;
|
|
11
|
+
* checking out untrusted PR code then running it is the classic
|
|
12
|
+
* "pwn request" — full secret exfiltration from a forked PR.
|
|
13
|
+
* - 103-unpinned-action medium infra-issue
|
|
14
|
+
* `uses: owner/action@<branch-or-tag>` instead of a full commit SHA.
|
|
15
|
+
* Tags/branches are mutable — a compromised action upstream runs in
|
|
16
|
+
* your CI with your secrets.
|
|
17
|
+
* - 103-broad-token-permissions medium code-bug-security
|
|
18
|
+
* No top-level `permissions:` block — the GITHUB_TOKEN defaults to
|
|
19
|
+
* broad write scopes. Set least-privilege permissions.
|
|
20
|
+
* - 103-plaintext-secret high code-bug-security
|
|
21
|
+
* A secret-shaped `KEY: value` literal in the workflow (an actual
|
|
22
|
+
* credential committed, not a `${{ secrets.X }}` reference).
|
|
23
|
+
* - 103-summary info
|
|
24
|
+
*
|
|
25
|
+
* Persists `evidence/ci-workflow-audit.json`. Read-only, parallel-safe,
|
|
26
|
+
* static analysis only — does not run workflows.
|
|
27
|
+
*/
|
|
28
|
+
import type { Finding } from '../core/types.js';
|
|
29
|
+
import { BaseAgent } from './base-agent.js';
|
|
30
|
+
export type CiIssueKind = 'pull-request-target-checkout' | 'unpinned-action' | 'broad-token-permissions' | 'plaintext-secret';
|
|
31
|
+
export interface CiWorkflowHit {
|
|
32
|
+
kind: CiIssueKind;
|
|
33
|
+
file: string;
|
|
34
|
+
line: number;
|
|
35
|
+
detail: string;
|
|
36
|
+
}
|
|
37
|
+
export interface CiWorkflowAudit {
|
|
38
|
+
version: 1;
|
|
39
|
+
generatedAt: string;
|
|
40
|
+
projectRoot: string;
|
|
41
|
+
workflows: string[];
|
|
42
|
+
hits: CiWorkflowHit[];
|
|
43
|
+
}
|
|
44
|
+
/**
|
|
45
|
+
* Audit one workflow's YAML text. Line-based — good enough for the
|
|
46
|
+
* structural signals we care about without a YAML parser.
|
|
47
|
+
*/
|
|
48
|
+
export declare function auditWorkflow(content: string): Array<Omit<CiWorkflowHit, 'file'>>;
|
|
49
|
+
export declare class CiWorkflowAuditorAgent extends BaseAgent {
|
|
50
|
+
readonly agentId = 103;
|
|
51
|
+
readonly agentName = "CI Workflow Auditor";
|
|
52
|
+
protected preFlight(): Promise<void>;
|
|
53
|
+
protected execute(): Promise<Finding[]>;
|
|
54
|
+
private toFinding;
|
|
55
|
+
private persistAudit;
|
|
56
|
+
}
|
|
57
|
+
//# sourceMappingURL=103-ci-workflow-auditor.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"103-ci-workflow-auditor.d.ts","sourceRoot":"","sources":["../../agents/103-ci-workflow-auditor.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AA8BzC,MAAM,MAAM,WAAW,GACnB,8BAA8B,GAC9B,iBAAiB,GACjB,yBAAyB,GACzB,kBAAkB,CAAC;AAEvB,MAAM,WAAW,aAAa;IAC5B,IAAI,EAAE,WAAW,CAAC;IAClB,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,CAAC,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,EAAE,CAAC;IACpB,IAAI,EAAE,aAAa,EAAE,CAAC;CACvB;AAoBD;;;GAGG;AACH,wBAAgB,aAAa,CAAC,OAAO,EAAE,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,aAAa,EAAE,MAAM,CAAC,CAAC,CA2DjF;AAED,qBAAa,sBAAuB,SAAQ,SAAS;IACnD,QAAQ,CAAC,OAAO,OAAO;IACvB,QAAQ,CAAC,SAAS,yBAAyB;cAE3B,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAO1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAmD7C,OAAO,CAAC,SAAS;IAuCjB,OAAO,CAAC,YAAY;CAyBrB"}
|
|
@@ -0,0 +1,247 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* CI Workflow Auditor — static scan of GitHub Actions workflows for the
|
|
3
|
+
* supply-chain and secret-exposure mistakes that turn CI into an attack
|
|
4
|
+
* surface. CI runs with repo secrets in scope, so a misconfigured
|
|
5
|
+
* workflow is a credential-exfiltration or RCE path.
|
|
6
|
+
*
|
|
7
|
+
* Checks (.github/workflows/*.{yml,yaml}):
|
|
8
|
+
* - 103-pull-request-target-checkout critical code-bug-security
|
|
9
|
+
* `on: pull_request_target` combined with `actions/checkout` of the
|
|
10
|
+
* PR head ref. pull_request_target runs with secrets AND write token;
|
|
11
|
+
* checking out untrusted PR code then running it is the classic
|
|
12
|
+
* "pwn request" — full secret exfiltration from a forked PR.
|
|
13
|
+
* - 103-unpinned-action medium infra-issue
|
|
14
|
+
* `uses: owner/action@<branch-or-tag>` instead of a full commit SHA.
|
|
15
|
+
* Tags/branches are mutable — a compromised action upstream runs in
|
|
16
|
+
* your CI with your secrets.
|
|
17
|
+
* - 103-broad-token-permissions medium code-bug-security
|
|
18
|
+
* No top-level `permissions:` block — the GITHUB_TOKEN defaults to
|
|
19
|
+
* broad write scopes. Set least-privilege permissions.
|
|
20
|
+
* - 103-plaintext-secret high code-bug-security
|
|
21
|
+
* A secret-shaped `KEY: value` literal in the workflow (an actual
|
|
22
|
+
* credential committed, not a `${{ secrets.X }}` reference).
|
|
23
|
+
* - 103-summary info
|
|
24
|
+
*
|
|
25
|
+
* Persists `evidence/ci-workflow-audit.json`. Read-only, parallel-safe,
|
|
26
|
+
* static analysis only — does not run workflows.
|
|
27
|
+
*/
|
|
28
|
+
import * as fs from 'node:fs';
|
|
29
|
+
import * as path from 'node:path';
|
|
30
|
+
import { BaseAgent } from './base-agent.js';
|
|
31
|
+
const SECRET_KEY_RE = /(password|passwd|secret|api[_-]?key|access[_-]?key|private[_-]?key|token|credential)/i;
|
|
32
|
+
/** A value that is a GitHub expression / placeholder — not a literal secret. */
|
|
33
|
+
const SAFE_VALUE_RE = /\$\{\{|^''$|^""$|^\s*$|^<.*>$|changeme|placeholder|example/i;
|
|
34
|
+
/**
|
|
35
|
+
* Well-known throwaway/default values used for CI service-container test DBs
|
|
36
|
+
* and dev defaults (`MYSQL_PASSWORD: password`, `POSTGRES_PASSWORD: postgres`,
|
|
37
|
+
* `MYSQL_ROOT_PASSWORD: admin`). These are not real committed secrets — every
|
|
38
|
+
* repo that spins up a test DB in CI uses them — so flagging them is noise. A
|
|
39
|
+
* real secret is high-entropy and won't be in this dictionary.
|
|
40
|
+
*/
|
|
41
|
+
const WEAK_PLACEHOLDER_VALUES = new Set([
|
|
42
|
+
'admin', 'administrator', 'password', 'passwd', 'pass', 'pwd', 'root', 'toor',
|
|
43
|
+
'postgres', 'mysql', 'mariadb', 'mongo', 'mongodb', 'redis', 'rabbitmq', 'guest',
|
|
44
|
+
'test', 'testing', 'dev', 'development', 'local', 'user', 'username', 'demo', 'sample',
|
|
45
|
+
'secret', 'dummy', 'none', 'null', 'nil', 'string', 'foo', 'bar', 'baz', 'qwerty',
|
|
46
|
+
'1234', '12345', '123456', '1234567', '12345678', 'password123', 'admin123', 'test123',
|
|
47
|
+
// SQL Server / MSSQL service containers reject weak passwords, so CI uses these
|
|
48
|
+
// canonical "strong-looking" test defaults — still throwaway, not real secrets.
|
|
49
|
+
'admin12345', 'password1', 'passw0rd', 'p@ssw0rd', 'yourstrong(!)password',
|
|
50
|
+
'yourstrong!passw0rd', 'strongpassword', 'sqlserver', 'mssql', 'sa',
|
|
51
|
+
]);
|
|
52
|
+
/** True for an obvious default/placeholder credential value (quotes stripped). */
|
|
53
|
+
function isWeakPlaceholder(value) {
|
|
54
|
+
const v = value.trim().replace(/^['"]|['"]$/g, '').toLowerCase();
|
|
55
|
+
return WEAK_PLACEHOLDER_VALUES.has(v);
|
|
56
|
+
}
|
|
57
|
+
function relativise(absPath, root) {
|
|
58
|
+
return path.relative(root, absPath).split(path.sep).join('/');
|
|
59
|
+
}
|
|
60
|
+
function findWorkflows(projectRoot) {
|
|
61
|
+
const dir = path.join(projectRoot, '.github', 'workflows');
|
|
62
|
+
if (!fs.existsSync(dir))
|
|
63
|
+
return [];
|
|
64
|
+
let entries;
|
|
65
|
+
try {
|
|
66
|
+
entries = fs.readdirSync(dir, { withFileTypes: true });
|
|
67
|
+
}
|
|
68
|
+
catch {
|
|
69
|
+
return [];
|
|
70
|
+
}
|
|
71
|
+
return entries
|
|
72
|
+
.filter((e) => e.isFile() && /\.ya?ml$/i.test(e.name))
|
|
73
|
+
.map((e) => path.join(dir, e.name));
|
|
74
|
+
}
|
|
75
|
+
/**
|
|
76
|
+
* Audit one workflow's YAML text. Line-based — good enough for the
|
|
77
|
+
* structural signals we care about without a YAML parser.
|
|
78
|
+
*/
|
|
79
|
+
export function auditWorkflow(content) {
|
|
80
|
+
const hits = [];
|
|
81
|
+
const lines = content.split(/\r?\n/);
|
|
82
|
+
const usesPullRequestTarget = /(^|\s)pull_request_target(\s|:|$)/m.test(content);
|
|
83
|
+
// Does the workflow check out a PR-controlled ref? Heuristic: a checkout
|
|
84
|
+
// step with a `ref:` mentioning head.sha / head.ref / event.pull_request.
|
|
85
|
+
const checksOutPrRef = /uses:\s*actions\/checkout/.test(content) &&
|
|
86
|
+
/ref:\s*\$\{\{\s*github\.event\.pull_request\.head\.(?:sha|ref)/.test(content);
|
|
87
|
+
if (usesPullRequestTarget && checksOutPrRef) {
|
|
88
|
+
const idx = lines.findIndex((l) => /pull_request_target/.test(l));
|
|
89
|
+
hits.push({
|
|
90
|
+
kind: 'pull-request-target-checkout',
|
|
91
|
+
line: idx >= 0 ? idx + 1 : 1,
|
|
92
|
+
detail: 'pull_request_target + checkout of PR head ref',
|
|
93
|
+
});
|
|
94
|
+
}
|
|
95
|
+
// Top-level permissions block? Look for a `permissions:` at column 0.
|
|
96
|
+
const hasTopLevelPermissions = lines.some((l) => /^permissions\s*:/.test(l));
|
|
97
|
+
if (!hasTopLevelPermissions) {
|
|
98
|
+
hits.push({
|
|
99
|
+
kind: 'broad-token-permissions',
|
|
100
|
+
line: 1,
|
|
101
|
+
detail: 'no top-level permissions: block (GITHUB_TOKEN defaults to broad write scopes)',
|
|
102
|
+
});
|
|
103
|
+
}
|
|
104
|
+
lines.forEach((raw, i) => {
|
|
105
|
+
const line = raw.trim();
|
|
106
|
+
if (line.startsWith('#'))
|
|
107
|
+
return;
|
|
108
|
+
// Unpinned action: uses: owner/repo@ref where ref is not a 40-char SHA.
|
|
109
|
+
const uses = line.match(/uses:\s*([^\s#]+)/);
|
|
110
|
+
if (uses) {
|
|
111
|
+
const ref = uses[1];
|
|
112
|
+
// Local actions (./.github/...) and docker:// refs are exempt.
|
|
113
|
+
if (!ref.startsWith('./') && !ref.startsWith('docker://') && ref.includes('@')) {
|
|
114
|
+
const afterAt = ref.split('@')[1];
|
|
115
|
+
const isSha = /^[0-9a-f]{40}$/i.test(afterAt);
|
|
116
|
+
if (!isSha) {
|
|
117
|
+
hits.push({ kind: 'unpinned-action', line: i + 1, detail: ref });
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
}
|
|
121
|
+
// Plaintext secret: KEY: value where KEY is secret-shaped and value is literal.
|
|
122
|
+
const kv = line.match(/^([A-Za-z0-9_]+)\s*:\s*(.+)$/);
|
|
123
|
+
if (kv && SECRET_KEY_RE.test(kv[1])) {
|
|
124
|
+
const value = kv[2].trim().replace(/\s+#.*$/, ''); // strip inline comment
|
|
125
|
+
if (!SAFE_VALUE_RE.test(value) && !isWeakPlaceholder(value)) {
|
|
126
|
+
hits.push({ kind: 'plaintext-secret', line: i + 1, detail: kv[1] });
|
|
127
|
+
}
|
|
128
|
+
}
|
|
129
|
+
});
|
|
130
|
+
return hits;
|
|
131
|
+
}
|
|
132
|
+
export class CiWorkflowAuditorAgent extends BaseAgent {
|
|
133
|
+
agentId = 103;
|
|
134
|
+
agentName = 'CI Workflow Auditor';
|
|
135
|
+
async preFlight() {
|
|
136
|
+
const root = this.config.projectRoot ?? process.cwd();
|
|
137
|
+
if (!fs.existsSync(root)) {
|
|
138
|
+
throw new Error(`projectRoot does not exist: ${root}`);
|
|
139
|
+
}
|
|
140
|
+
}
|
|
141
|
+
async execute() {
|
|
142
|
+
const findings = [];
|
|
143
|
+
const projectRoot = this.config.projectRoot ?? process.cwd();
|
|
144
|
+
const workflows = findWorkflows(projectRoot);
|
|
145
|
+
if (workflows.length === 0) {
|
|
146
|
+
findings.push({
|
|
147
|
+
id: `${this.agentId}-no-workflows`,
|
|
148
|
+
type: 'infra-issue',
|
|
149
|
+
severity: 'info',
|
|
150
|
+
agentId: this.agentId,
|
|
151
|
+
module: 'ci-workflow-auditor',
|
|
152
|
+
description: 'No .github/workflows/*.yml found — no CI workflows to audit.',
|
|
153
|
+
});
|
|
154
|
+
this.persistAudit(projectRoot, [], []);
|
|
155
|
+
return findings;
|
|
156
|
+
}
|
|
157
|
+
const allHits = [];
|
|
158
|
+
for (const file of workflows) {
|
|
159
|
+
let content;
|
|
160
|
+
try {
|
|
161
|
+
content = fs.readFileSync(file, 'utf-8');
|
|
162
|
+
}
|
|
163
|
+
catch {
|
|
164
|
+
continue;
|
|
165
|
+
}
|
|
166
|
+
const rel = relativise(file, projectRoot);
|
|
167
|
+
for (const hit of auditWorkflow(content)) {
|
|
168
|
+
allHits.push({ ...hit, file: rel });
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
for (const hit of allHits.slice(0, 100)) {
|
|
172
|
+
findings.push(this.toFinding(hit));
|
|
173
|
+
}
|
|
174
|
+
this.persistAudit(projectRoot, workflows.map((w) => relativise(w, projectRoot)), allHits);
|
|
175
|
+
const count = (k) => allHits.filter((h) => h.kind === k).length;
|
|
176
|
+
findings.push({
|
|
177
|
+
id: `${this.agentId}-summary`,
|
|
178
|
+
type: 'infra-issue',
|
|
179
|
+
severity: 'info',
|
|
180
|
+
agentId: this.agentId,
|
|
181
|
+
module: 'ci-workflow-auditor',
|
|
182
|
+
description: `CI workflow audit: ${workflows.length} workflow(s), ${allHits.length} issue(s) (${count('pull-request-target-checkout')} pwn-request, ${count('plaintext-secret')} plaintext secret, ${count('unpinned-action')} unpinned action, ${count('broad-token-permissions')} broad-perms).`,
|
|
183
|
+
});
|
|
184
|
+
return findings;
|
|
185
|
+
}
|
|
186
|
+
toFinding(hit) {
|
|
187
|
+
const slug = `${hit.file.replace(/[^\w]/g, '_')}-${hit.line}`;
|
|
188
|
+
const base = { agentId: this.agentId, module: 'ci-workflow-auditor', file: hit.file, line: hit.line };
|
|
189
|
+
switch (hit.kind) {
|
|
190
|
+
case 'pull-request-target-checkout':
|
|
191
|
+
return {
|
|
192
|
+
...base,
|
|
193
|
+
id: `${this.agentId}-pull-request-target-checkout-${slug}`,
|
|
194
|
+
type: 'code-bug-security',
|
|
195
|
+
severity: 'critical',
|
|
196
|
+
description: `${hit.file} uses pull_request_target AND checks out the PR head ref. pull_request_target runs with repo secrets and a write token; running untrusted forked code in that context is the "pwn request" pattern — a forked PR can exfiltrate every secret. Build untrusted PRs with on: pull_request (no secrets) instead.`,
|
|
197
|
+
};
|
|
198
|
+
case 'plaintext-secret':
|
|
199
|
+
return {
|
|
200
|
+
...base,
|
|
201
|
+
id: `${this.agentId}-plaintext-secret-${slug}`,
|
|
202
|
+
type: 'code-bug-security',
|
|
203
|
+
severity: 'high',
|
|
204
|
+
description: `${hit.file}:${hit.line} appears to commit a literal secret (${hit.detail}) into the workflow. Move it to repo/org secrets and reference it via \${{ secrets.${hit.detail} }}.`,
|
|
205
|
+
};
|
|
206
|
+
case 'unpinned-action':
|
|
207
|
+
return {
|
|
208
|
+
...base,
|
|
209
|
+
id: `${this.agentId}-unpinned-action-${slug}`,
|
|
210
|
+
type: 'infra-issue',
|
|
211
|
+
severity: 'medium',
|
|
212
|
+
description: `${hit.file}:${hit.line} pins an action to a mutable tag/branch (${hit.detail}). A compromised upstream tag would run in CI with your token/secrets — pin to a full commit SHA.`,
|
|
213
|
+
};
|
|
214
|
+
case 'broad-token-permissions':
|
|
215
|
+
return {
|
|
216
|
+
...base,
|
|
217
|
+
id: `${this.agentId}-broad-token-permissions-${slug}`,
|
|
218
|
+
type: 'code-bug-security',
|
|
219
|
+
severity: 'medium',
|
|
220
|
+
description: `${hit.file} has no top-level permissions: block, so GITHUB_TOKEN gets broad default scopes. Add a least-privilege permissions: block (e.g. contents: read).`,
|
|
221
|
+
};
|
|
222
|
+
}
|
|
223
|
+
}
|
|
224
|
+
persistAudit(projectRoot, workflows, hits) {
|
|
225
|
+
const audit = {
|
|
226
|
+
version: 1,
|
|
227
|
+
generatedAt: new Date().toISOString(),
|
|
228
|
+
projectRoot,
|
|
229
|
+
workflows,
|
|
230
|
+
hits,
|
|
231
|
+
};
|
|
232
|
+
try {
|
|
233
|
+
const evidenceDir = path.join(this.runDir, 'evidence');
|
|
234
|
+
fs.mkdirSync(evidenceDir, { recursive: true });
|
|
235
|
+
fs.writeFileSync(path.join(evidenceDir, 'ci-workflow-audit.json'), JSON.stringify(audit, null, 2), 'utf-8');
|
|
236
|
+
this.addEvidence({
|
|
237
|
+
type: 'report',
|
|
238
|
+
path: 'evidence/ci-workflow-audit.json',
|
|
239
|
+
description: `CI workflow audit: ${hits.length} issue(s) across ${workflows.length} workflow(s)`,
|
|
240
|
+
});
|
|
241
|
+
}
|
|
242
|
+
catch {
|
|
243
|
+
// non-fatal
|
|
244
|
+
}
|
|
245
|
+
}
|
|
246
|
+
}
|
|
247
|
+
//# sourceMappingURL=103-ci-workflow-auditor.js.map
|