@avi770/testteam 3.0.0 → 3.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +166 -5
- package/README.md +92 -19
- package/bin/testteam.js +32 -4
- package/dist/agents/01-analyst.d.ts +2 -2
- package/dist/agents/01-analyst.js +1 -1
- package/dist/agents/02-seed-architect.d.ts +2 -2
- package/dist/agents/02-seed-architect.js +2 -2
- package/dist/agents/03-test-generator.d.ts +2 -2
- package/dist/agents/03-test-generator.js +2 -2
- package/dist/agents/04-unit-runner.d.ts +2 -2
- package/dist/agents/04-unit-runner.d.ts.map +1 -1
- package/dist/agents/04-unit-runner.js +12 -3
- package/dist/agents/04-unit-runner.js.map +1 -1
- package/dist/agents/05-browser-crawler.d.ts +2 -2
- package/dist/agents/05-browser-crawler.d.ts.map +1 -1
- package/dist/agents/05-browser-crawler.js +24 -12
- package/dist/agents/05-browser-crawler.js.map +1 -1
- package/dist/agents/06-api-exerciser.d.ts +2 -2
- package/dist/agents/06-api-exerciser.js +2 -2
- package/dist/agents/07-security-scout.d.ts +2 -2
- package/dist/agents/07-security-scout.js +2 -2
- package/dist/agents/08-a11y-guardian.d.ts +2 -2
- package/dist/agents/08-a11y-guardian.d.ts.map +1 -1
- package/dist/agents/08-a11y-guardian.js +9 -5
- package/dist/agents/08-a11y-guardian.js.map +1 -1
- package/dist/agents/09-healer.d.ts +2 -2
- package/dist/agents/09-healer.js +2 -2
- package/dist/agents/10-reporter.d.ts +2 -2
- package/dist/agents/10-reporter.d.ts.map +1 -1
- package/dist/agents/10-reporter.js +55 -27
- package/dist/agents/10-reporter.js.map +1 -1
- package/dist/agents/100-error-handling-auditor.d.ts +63 -0
- package/dist/agents/100-error-handling-auditor.d.ts.map +1 -0
- package/dist/agents/100-error-handling-auditor.js +334 -0
- package/dist/agents/100-error-handling-auditor.js.map +1 -0
- package/dist/agents/101-rate-limit-auditor.d.ts +72 -0
- package/dist/agents/101-rate-limit-auditor.d.ts.map +1 -0
- package/dist/agents/101-rate-limit-auditor.js +295 -0
- package/dist/agents/101-rate-limit-auditor.js.map +1 -0
- package/dist/agents/102-dockerfile-auditor.d.ts +62 -0
- package/dist/agents/102-dockerfile-auditor.d.ts.map +1 -0
- package/dist/agents/102-dockerfile-auditor.js +337 -0
- package/dist/agents/102-dockerfile-auditor.js.map +1 -0
- package/dist/agents/103-ci-workflow-auditor.d.ts +57 -0
- package/dist/agents/103-ci-workflow-auditor.d.ts.map +1 -0
- package/dist/agents/103-ci-workflow-auditor.js +247 -0
- package/dist/agents/103-ci-workflow-auditor.js.map +1 -0
- package/dist/agents/104-n-plus-one-detector.d.ts +57 -0
- package/dist/agents/104-n-plus-one-detector.d.ts.map +1 -0
- package/dist/agents/104-n-plus-one-detector.js +329 -0
- package/dist/agents/104-n-plus-one-detector.js.map +1 -0
- package/dist/agents/105-unbounded-query-auditor.d.ts +50 -0
- package/dist/agents/105-unbounded-query-auditor.d.ts.map +1 -0
- package/dist/agents/105-unbounded-query-auditor.js +284 -0
- package/dist/agents/105-unbounded-query-auditor.js.map +1 -0
- package/dist/agents/106-hardcoded-config-auditor.d.ts +54 -0
- package/dist/agents/106-hardcoded-config-auditor.d.ts.map +1 -0
- package/dist/agents/106-hardcoded-config-auditor.js +251 -0
- package/dist/agents/106-hardcoded-config-auditor.js.map +1 -0
- package/dist/agents/107-open-redirect-detector.d.ts +52 -0
- package/dist/agents/107-open-redirect-detector.d.ts.map +1 -0
- package/dist/agents/107-open-redirect-detector.js +263 -0
- package/dist/agents/107-open-redirect-detector.js.map +1 -0
- package/dist/agents/108-sql-injection-detector.d.ts +51 -0
- package/dist/agents/108-sql-injection-detector.d.ts.map +1 -0
- package/dist/agents/108-sql-injection-detector.js +323 -0
- package/dist/agents/108-sql-injection-detector.js.map +1 -0
- package/dist/agents/109-path-traversal-detector.d.ts +51 -0
- package/dist/agents/109-path-traversal-detector.d.ts.map +1 -0
- package/dist/agents/109-path-traversal-detector.js +244 -0
- package/dist/agents/109-path-traversal-detector.js.map +1 -0
- package/dist/agents/11-fixer.d.ts +4 -2
- package/dist/agents/11-fixer.d.ts.map +1 -1
- package/dist/agents/11-fixer.js +52 -11
- package/dist/agents/11-fixer.js.map +1 -1
- package/dist/agents/110-mass-assignment-detector.d.ts +52 -0
- package/dist/agents/110-mass-assignment-detector.d.ts.map +1 -0
- package/dist/agents/110-mass-assignment-detector.js +199 -0
- package/dist/agents/110-mass-assignment-detector.js.map +1 -0
- package/dist/agents/111-dynamic-eval-detector.d.ts +46 -0
- package/dist/agents/111-dynamic-eval-detector.d.ts.map +1 -0
- package/dist/agents/111-dynamic-eval-detector.js +233 -0
- package/dist/agents/111-dynamic-eval-detector.js.map +1 -0
- package/dist/agents/112-taint-tracker.d.ts +226 -0
- package/dist/agents/112-taint-tracker.d.ts.map +1 -0
- package/dist/agents/112-taint-tracker.js +1273 -0
- package/dist/agents/112-taint-tracker.js.map +1 -0
- package/dist/agents/113-response-contract-auditor.d.ts +92 -0
- package/dist/agents/113-response-contract-auditor.d.ts.map +1 -0
- package/dist/agents/113-response-contract-auditor.js +694 -0
- package/dist/agents/113-response-contract-auditor.js.map +1 -0
- package/dist/agents/114-static-a11y-auditor.d.ts +66 -0
- package/dist/agents/114-static-a11y-auditor.d.ts.map +1 -0
- package/dist/agents/114-static-a11y-auditor.js +377 -0
- package/dist/agents/114-static-a11y-auditor.js.map +1 -0
- package/dist/agents/115-multihop-taint-tracker.d.ts +84 -0
- package/dist/agents/115-multihop-taint-tracker.d.ts.map +1 -0
- package/dist/agents/115-multihop-taint-tracker.js +340 -0
- package/dist/agents/115-multihop-taint-tracker.js.map +1 -0
- package/dist/agents/116-runtime-contract-capture.d.ts +79 -0
- package/dist/agents/116-runtime-contract-capture.d.ts.map +1 -0
- package/dist/agents/116-runtime-contract-capture.js +274 -0
- package/dist/agents/116-runtime-contract-capture.js.map +1 -0
- package/dist/agents/117-aria-rule-engine.d.ts +52 -0
- package/dist/agents/117-aria-rule-engine.d.ts.map +1 -0
- package/dist/agents/117-aria-rule-engine.js +415 -0
- package/dist/agents/117-aria-rule-engine.js.map +1 -0
- package/dist/agents/118-insecure-crypto-auditor.d.ts +48 -0
- package/dist/agents/118-insecure-crypto-auditor.d.ts.map +1 -0
- package/dist/agents/118-insecure-crypto-auditor.js +232 -0
- package/dist/agents/118-insecure-crypto-auditor.js.map +1 -0
- package/dist/agents/119-secrets-scanner.d.ts +44 -0
- package/dist/agents/119-secrets-scanner.d.ts.map +1 -0
- package/dist/agents/119-secrets-scanner.js +242 -0
- package/dist/agents/119-secrets-scanner.js.map +1 -0
- package/dist/agents/12-ux-inspector.d.ts +2 -2
- package/dist/agents/12-ux-inspector.d.ts.map +1 -1
- package/dist/agents/12-ux-inspector.js +8 -4
- package/dist/agents/12-ux-inspector.js.map +1 -1
- package/dist/agents/120-async-safety-auditor.d.ts +48 -0
- package/dist/agents/120-async-safety-auditor.d.ts.map +1 -0
- package/dist/agents/120-async-safety-auditor.js +250 -0
- package/dist/agents/120-async-safety-auditor.js.map +1 -0
- package/dist/agents/13-performance-profiler.d.ts +2 -2
- package/dist/agents/13-performance-profiler.d.ts.map +1 -1
- package/dist/agents/13-performance-profiler.js +5 -4
- package/dist/agents/13-performance-profiler.js.map +1 -1
- package/dist/agents/14-data-integrity-auditor.d.ts +2 -2
- package/dist/agents/14-data-integrity-auditor.js +4 -4
- package/dist/agents/14-data-integrity-auditor.js.map +1 -1
- package/dist/agents/15-regression-sentinel.d.ts +6 -5
- package/dist/agents/15-regression-sentinel.d.ts.map +1 -1
- package/dist/agents/15-regression-sentinel.js +5 -4
- package/dist/agents/15-regression-sentinel.js.map +1 -1
- package/dist/agents/16-chaos-agent.d.ts +2 -2
- package/dist/agents/16-chaos-agent.d.ts.map +1 -1
- package/dist/agents/16-chaos-agent.js +11 -4
- package/dist/agents/16-chaos-agent.js.map +1 -1
- package/dist/agents/17-documentation-validator.d.ts +2 -2
- package/dist/agents/17-documentation-validator.d.ts.map +1 -1
- package/dist/agents/17-documentation-validator.js +5 -2
- package/dist/agents/17-documentation-validator.js.map +1 -1
- package/dist/agents/18-integration-watchdog.d.ts +2 -2
- package/dist/agents/18-integration-watchdog.d.ts.map +1 -1
- package/dist/agents/18-integration-watchdog.js +5 -2
- package/dist/agents/18-integration-watchdog.js.map +1 -1
- package/dist/agents/19-tenant-isolation-auditor.d.ts +2 -2
- package/dist/agents/19-tenant-isolation-auditor.js +4 -4
- package/dist/agents/19-tenant-isolation-auditor.js.map +1 -1
- package/dist/agents/20-workflow-completion-tester.d.ts +2 -2
- package/dist/agents/20-workflow-completion-tester.d.ts.map +1 -1
- package/dist/agents/20-workflow-completion-tester.js +10 -6
- package/dist/agents/20-workflow-completion-tester.js.map +1 -1
- package/dist/agents/21-state-session-tester.d.ts +2 -2
- package/dist/agents/21-state-session-tester.d.ts.map +1 -1
- package/dist/agents/21-state-session-tester.js +15 -5
- package/dist/agents/21-state-session-tester.js.map +1 -1
- package/dist/agents/22-email-notification-verifier.d.ts +2 -2
- package/dist/agents/22-email-notification-verifier.js +2 -2
- package/dist/agents/23-migration-tester.d.ts +2 -2
- package/dist/agents/23-migration-tester.js +1 -1
- package/dist/agents/24-signup-onboarding-tester.d.ts +2 -2
- package/dist/agents/24-signup-onboarding-tester.d.ts.map +1 -1
- package/dist/agents/24-signup-onboarding-tester.js +13 -10
- package/dist/agents/24-signup-onboarding-tester.js.map +1 -1
- package/dist/agents/25-crud-flow-tester.d.ts +2 -2
- package/dist/agents/25-crud-flow-tester.d.ts.map +1 -1
- package/dist/agents/25-crud-flow-tester.js +12 -6
- package/dist/agents/25-crud-flow-tester.js.map +1 -1
- package/dist/agents/26-form-validator.d.ts +2 -2
- package/dist/agents/26-form-validator.d.ts.map +1 -1
- package/dist/agents/26-form-validator.js +12 -6
- package/dist/agents/26-form-validator.js.map +1 -1
- package/dist/agents/27-search-filter-tester.d.ts +2 -2
- package/dist/agents/27-search-filter-tester.d.ts.map +1 -1
- package/dist/agents/27-search-filter-tester.js +12 -6
- package/dist/agents/27-search-filter-tester.js.map +1 -1
- package/dist/agents/28-navigation-routing-tester.d.ts +2 -2
- package/dist/agents/28-navigation-routing-tester.d.ts.map +1 -1
- package/dist/agents/28-navigation-routing-tester.js +12 -6
- package/dist/agents/28-navigation-routing-tester.js.map +1 -1
- package/dist/agents/29-responsive-interaction-tester.d.ts +2 -2
- package/dist/agents/29-responsive-interaction-tester.d.ts.map +1 -1
- package/dist/agents/29-responsive-interaction-tester.js +12 -6
- package/dist/agents/29-responsive-interaction-tester.js.map +1 -1
- package/dist/agents/30-multi-user-scenario-tester.d.ts +2 -2
- package/dist/agents/30-multi-user-scenario-tester.d.ts.map +1 -1
- package/dist/agents/30-multi-user-scenario-tester.js +20 -13
- package/dist/agents/30-multi-user-scenario-tester.js.map +1 -1
- package/dist/agents/31-load-tester.d.ts +2 -2
- package/dist/agents/31-load-tester.js +2 -2
- package/dist/agents/32-memory-leak-detector.d.ts +2 -2
- package/dist/agents/32-memory-leak-detector.d.ts.map +1 -1
- package/dist/agents/32-memory-leak-detector.js +5 -4
- package/dist/agents/32-memory-leak-detector.js.map +1 -1
- package/dist/agents/33-bundle-analyzer.d.ts +2 -2
- package/dist/agents/33-bundle-analyzer.js +1 -1
- package/dist/agents/34-xss-scanner.d.ts +2 -2
- package/dist/agents/34-xss-scanner.d.ts.map +1 -1
- package/dist/agents/34-xss-scanner.js +12 -6
- package/dist/agents/34-xss-scanner.js.map +1 -1
- package/dist/agents/35-csrf-tester.d.ts +2 -2
- package/dist/agents/35-csrf-tester.js +2 -2
- package/dist/agents/36-auth-fuzzer.d.ts +2 -2
- package/dist/agents/36-auth-fuzzer.js +2 -2
- package/dist/agents/37-dependency-scanner.d.ts +2 -2
- package/dist/agents/37-dependency-scanner.js +1 -1
- package/dist/agents/38-secrets-scanner.d.ts +2 -2
- package/dist/agents/38-secrets-scanner.d.ts.map +1 -1
- package/dist/agents/38-secrets-scanner.js +39 -4
- package/dist/agents/38-secrets-scanner.js.map +1 -1
- package/dist/agents/39-api-contract-tester.d.ts +2 -2
- package/dist/agents/39-api-contract-tester.js +2 -2
- package/dist/agents/40-rate-limit-tester.d.ts +2 -2
- package/dist/agents/40-rate-limit-tester.js +2 -2
- package/dist/agents/41-api-pagination-tester.d.ts +2 -2
- package/dist/agents/41-api-pagination-tester.js +2 -2
- package/dist/agents/42-graphql-tester.d.ts +2 -2
- package/dist/agents/42-graphql-tester.js +2 -2
- package/dist/agents/43-data-consistency-checker.d.ts +2 -2
- package/dist/agents/43-data-consistency-checker.js +3 -3
- package/dist/agents/44-backup-recovery-tester.d.ts +2 -2
- package/dist/agents/44-backup-recovery-tester.js +1 -1
- package/dist/agents/45-data-privacy-scanner.d.ts +2 -2
- package/dist/agents/45-data-privacy-scanner.js +3 -3
- package/dist/agents/46-seo-auditor.d.ts +2 -2
- package/dist/agents/46-seo-auditor.d.ts.map +1 -1
- package/dist/agents/46-seo-auditor.js +12 -6
- package/dist/agents/46-seo-auditor.js.map +1 -1
- package/dist/agents/47-social-preview-tester.d.ts +2 -2
- package/dist/agents/47-social-preview-tester.d.ts.map +1 -1
- package/dist/agents/47-social-preview-tester.js +12 -6
- package/dist/agents/47-social-preview-tester.js.map +1 -1
- package/dist/agents/48-lighthouse-auditor.d.ts +2 -2
- package/dist/agents/48-lighthouse-auditor.d.ts.map +1 -1
- package/dist/agents/48-lighthouse-auditor.js +5 -4
- package/dist/agents/48-lighthouse-auditor.js.map +1 -1
- package/dist/agents/49-i18n-tester.d.ts +2 -2
- package/dist/agents/49-i18n-tester.d.ts.map +1 -1
- package/dist/agents/49-i18n-tester.js +12 -6
- package/dist/agents/49-i18n-tester.js.map +1 -1
- package/dist/agents/50-timezone-tester.d.ts +2 -2
- package/dist/agents/50-timezone-tester.d.ts.map +1 -1
- package/dist/agents/50-timezone-tester.js +40 -33
- package/dist/agents/50-timezone-tester.js.map +1 -1
- package/dist/agents/51-error-recovery-tester.d.ts +2 -2
- package/dist/agents/51-error-recovery-tester.d.ts.map +1 -1
- package/dist/agents/51-error-recovery-tester.js +12 -7
- package/dist/agents/51-error-recovery-tester.js.map +1 -1
- package/dist/agents/52-offline-mode-tester.d.ts +2 -2
- package/dist/agents/52-offline-mode-tester.d.ts.map +1 -1
- package/dist/agents/52-offline-mode-tester.js +12 -7
- package/dist/agents/52-offline-mode-tester.js.map +1 -1
- package/dist/agents/53-graceful-degradation-tester.d.ts +2 -2
- package/dist/agents/53-graceful-degradation-tester.d.ts.map +1 -1
- package/dist/agents/53-graceful-degradation-tester.js +10 -3
- package/dist/agents/53-graceful-degradation-tester.js.map +1 -1
- package/dist/agents/54-websocket-tester.d.ts +2 -2
- package/dist/agents/54-websocket-tester.d.ts.map +1 -1
- package/dist/agents/54-websocket-tester.js +12 -6
- package/dist/agents/54-websocket-tester.js.map +1 -1
- package/dist/agents/55-realtime-sync-tester.d.ts +2 -2
- package/dist/agents/55-realtime-sync-tester.d.ts.map +1 -1
- package/dist/agents/55-realtime-sync-tester.js +101 -96
- package/dist/agents/55-realtime-sync-tester.js.map +1 -1
- package/dist/agents/56-file-upload-tester.d.ts +2 -2
- package/dist/agents/56-file-upload-tester.d.ts.map +1 -1
- package/dist/agents/56-file-upload-tester.js +17 -13
- package/dist/agents/56-file-upload-tester.js.map +1 -1
- package/dist/agents/57-export-tester.d.ts +2 -2
- package/dist/agents/57-export-tester.d.ts.map +1 -1
- package/dist/agents/57-export-tester.js +8 -4
- package/dist/agents/57-export-tester.js.map +1 -1
- package/dist/agents/58-payment-flow-tester.d.ts +2 -2
- package/dist/agents/58-payment-flow-tester.d.ts.map +1 -1
- package/dist/agents/58-payment-flow-tester.js +8 -4
- package/dist/agents/58-payment-flow-tester.js.map +1 -1
- package/dist/agents/59-ssl-tls-auditor.d.ts +2 -2
- package/dist/agents/59-ssl-tls-auditor.js +2 -2
- package/dist/agents/60-dns-cdn-tester.d.ts +2 -2
- package/dist/agents/60-dns-cdn-tester.js +2 -2
- package/dist/agents/61-docker-health-checker.d.ts +2 -2
- package/dist/agents/61-docker-health-checker.js +1 -1
- package/dist/agents/62-env-config-validator.d.ts +2 -2
- package/dist/agents/62-env-config-validator.js +1 -1
- package/dist/agents/63-log-quality-auditor.d.ts +2 -2
- package/dist/agents/63-log-quality-auditor.js +1 -1
- package/dist/agents/64-analytics-tracker-tester.d.ts +2 -2
- package/dist/agents/64-analytics-tracker-tester.d.ts.map +1 -1
- package/dist/agents/64-analytics-tracker-tester.js +8 -4
- package/dist/agents/64-analytics-tracker-tester.js.map +1 -1
- package/dist/agents/65-gdpr-compliance-tester.d.ts +2 -2
- package/dist/agents/65-gdpr-compliance-tester.d.ts.map +1 -1
- package/dist/agents/65-gdpr-compliance-tester.js +55 -40
- package/dist/agents/65-gdpr-compliance-tester.js.map +1 -1
- package/dist/agents/66-soc2-control-validator.d.ts +2 -2
- package/dist/agents/66-soc2-control-validator.d.ts.map +1 -1
- package/dist/agents/66-soc2-control-validator.js +29 -21
- package/dist/agents/66-soc2-control-validator.js.map +1 -1
- package/dist/agents/67-wcag-aaa-tester.d.ts +2 -2
- package/dist/agents/67-wcag-aaa-tester.d.ts.map +1 -1
- package/dist/agents/67-wcag-aaa-tester.js +12 -6
- package/dist/agents/67-wcag-aaa-tester.js.map +1 -1
- package/dist/agents/68-dead-code-detector.d.ts +2 -2
- package/dist/agents/68-dead-code-detector.d.ts.map +1 -1
- package/dist/agents/68-dead-code-detector.js +6 -3
- package/dist/agents/68-dead-code-detector.js.map +1 -1
- package/dist/agents/69-type-safety-auditor.d.ts +2 -2
- package/dist/agents/69-type-safety-auditor.js +1 -1
- package/dist/agents/70-complexity-analyzer.d.ts +2 -2
- package/dist/agents/70-complexity-analyzer.js +1 -1
- package/dist/agents/71-unit-testing-agent.d.ts +15 -0
- package/dist/agents/71-unit-testing-agent.d.ts.map +1 -0
- package/dist/agents/71-unit-testing-agent.js +220 -0
- package/dist/agents/71-unit-testing-agent.js.map +1 -0
- package/dist/agents/72-integration-testing-agent.d.ts +13 -0
- package/dist/agents/72-integration-testing-agent.d.ts.map +1 -0
- package/dist/agents/72-integration-testing-agent.js +243 -0
- package/dist/agents/72-integration-testing-agent.js.map +1 -0
- package/dist/agents/73-system-testing-agent.d.ts +11 -0
- package/dist/agents/73-system-testing-agent.d.ts.map +1 -0
- package/dist/agents/73-system-testing-agent.js +175 -0
- package/dist/agents/73-system-testing-agent.js.map +1 -0
- package/dist/agents/74-acceptance-testing-agent.d.ts +13 -0
- package/dist/agents/74-acceptance-testing-agent.d.ts.map +1 -0
- package/dist/agents/74-acceptance-testing-agent.js +254 -0
- package/dist/agents/74-acceptance-testing-agent.js.map +1 -0
- package/dist/agents/75-sanity-testing-agent.d.ts +15 -0
- package/dist/agents/75-sanity-testing-agent.d.ts.map +1 -0
- package/dist/agents/75-sanity-testing-agent.js +240 -0
- package/dist/agents/75-sanity-testing-agent.js.map +1 -0
- package/dist/agents/76-regression-testing-agent.d.ts +14 -0
- package/dist/agents/76-regression-testing-agent.d.ts.map +1 -0
- package/dist/agents/76-regression-testing-agent.js +230 -0
- package/dist/agents/76-regression-testing-agent.js.map +1 -0
- package/dist/agents/77-browser-load-testing-agent.d.ts +11 -0
- package/dist/agents/77-browser-load-testing-agent.d.ts.map +1 -0
- package/dist/agents/77-browser-load-testing-agent.js +128 -0
- package/dist/agents/77-browser-load-testing-agent.js.map +1 -0
- package/dist/agents/78-stress-testing-agent.d.ts +11 -0
- package/dist/agents/78-stress-testing-agent.d.ts.map +1 -0
- package/dist/agents/78-stress-testing-agent.js +146 -0
- package/dist/agents/78-stress-testing-agent.js.map +1 -0
- package/dist/agents/79-endurance-testing-agent.d.ts +12 -0
- package/dist/agents/79-endurance-testing-agent.d.ts.map +1 -0
- package/dist/agents/79-endurance-testing-agent.js +165 -0
- package/dist/agents/79-endurance-testing-agent.js.map +1 -0
- package/dist/agents/80-usability-testing-agent.d.ts +11 -0
- package/dist/agents/80-usability-testing-agent.d.ts.map +1 -0
- package/dist/agents/80-usability-testing-agent.js +196 -0
- package/dist/agents/80-usability-testing-agent.js.map +1 -0
- package/dist/agents/81-compatibility-testing-agent.d.ts +11 -0
- package/dist/agents/81-compatibility-testing-agent.d.ts.map +1 -0
- package/dist/agents/81-compatibility-testing-agent.js +224 -0
- package/dist/agents/81-compatibility-testing-agent.js.map +1 -0
- package/dist/agents/82-exploratory-testing-agent.d.ts +14 -0
- package/dist/agents/82-exploratory-testing-agent.d.ts.map +1 -0
- package/dist/agents/82-exploratory-testing-agent.js +345 -0
- package/dist/agents/82-exploratory-testing-agent.js.map +1 -0
- package/dist/agents/83-static-analysis-agent.d.ts +14 -0
- package/dist/agents/83-static-analysis-agent.d.ts.map +1 -0
- package/dist/agents/83-static-analysis-agent.js +261 -0
- package/dist/agents/83-static-analysis-agent.js.map +1 -0
- package/dist/agents/84-governance-testing-agent.d.ts +28 -0
- package/dist/agents/84-governance-testing-agent.d.ts.map +1 -0
- package/dist/agents/84-governance-testing-agent.js +591 -0
- package/dist/agents/84-governance-testing-agent.js.map +1 -0
- package/dist/agents/85-stagehand-agent.d.ts +22 -0
- package/dist/agents/85-stagehand-agent.d.ts.map +1 -0
- package/dist/agents/85-stagehand-agent.js +81 -0
- package/dist/agents/85-stagehand-agent.js.map +1 -0
- package/dist/agents/86-browser-use-agent.d.ts +31 -0
- package/dist/agents/86-browser-use-agent.d.ts.map +1 -0
- package/dist/agents/86-browser-use-agent.js +121 -0
- package/dist/agents/86-browser-use-agent.js.map +1 -0
- package/dist/agents/87-connection-mapper.d.ts +93 -0
- package/dist/agents/87-connection-mapper.d.ts.map +1 -0
- package/dist/agents/87-connection-mapper.js +658 -0
- package/dist/agents/87-connection-mapper.js.map +1 -0
- package/dist/agents/88-localhost-walkthrough.d.ts +272 -0
- package/dist/agents/88-localhost-walkthrough.d.ts.map +1 -0
- package/dist/agents/88-localhost-walkthrough.js +1203 -0
- package/dist/agents/88-localhost-walkthrough.js.map +1 -0
- package/dist/agents/89-repair-retest.d.ts +63 -0
- package/dist/agents/89-repair-retest.d.ts.map +1 -0
- package/dist/agents/89-repair-retest.js +227 -0
- package/dist/agents/89-repair-retest.js.map +1 -0
- package/dist/agents/90-response-shape-validator.d.ts +35 -0
- package/dist/agents/90-response-shape-validator.d.ts.map +1 -0
- package/dist/agents/90-response-shape-validator.js +156 -0
- package/dist/agents/90-response-shape-validator.js.map +1 -0
- package/dist/agents/91-boundary-fuzzer.d.ts +99 -0
- package/dist/agents/91-boundary-fuzzer.d.ts.map +1 -0
- package/dist/agents/91-boundary-fuzzer.js +0 -0
- package/dist/agents/91-boundary-fuzzer.js.map +1 -0
- package/dist/agents/92-repair-simulator.d.ts +89 -0
- package/dist/agents/92-repair-simulator.d.ts.map +1 -0
- package/dist/agents/92-repair-simulator.js +401 -0
- package/dist/agents/92-repair-simulator.js.map +1 -0
- package/dist/agents/93-env-var-auditor.d.ts +64 -0
- package/dist/agents/93-env-var-auditor.d.ts.map +1 -0
- package/dist/agents/93-env-var-auditor.js +435 -0
- package/dist/agents/93-env-var-auditor.js.map +1 -0
- package/dist/agents/94-schema-validator.d.ts +148 -0
- package/dist/agents/94-schema-validator.d.ts.map +1 -0
- package/dist/agents/94-schema-validator.js +567 -0
- package/dist/agents/94-schema-validator.js.map +1 -0
- package/dist/agents/95-contract-drift.d.ts +87 -0
- package/dist/agents/95-contract-drift.d.ts.map +1 -0
- package/dist/agents/95-contract-drift.js +335 -0
- package/dist/agents/95-contract-drift.js.map +1 -0
- package/dist/agents/96-cookie-security-auditor.d.ts +86 -0
- package/dist/agents/96-cookie-security-auditor.d.ts.map +1 -0
- package/dist/agents/96-cookie-security-auditor.js +339 -0
- package/dist/agents/96-cookie-security-auditor.js.map +1 -0
- package/dist/agents/97-healthcheck-validator.d.ts +62 -0
- package/dist/agents/97-healthcheck-validator.d.ts.map +1 -0
- package/dist/agents/97-healthcheck-validator.js +204 -0
- package/dist/agents/97-healthcheck-validator.js.map +1 -0
- package/dist/agents/98-cors-csp-auditor.d.ts +70 -0
- package/dist/agents/98-cors-csp-auditor.d.ts.map +1 -0
- package/dist/agents/98-cors-csp-auditor.js +308 -0
- package/dist/agents/98-cors-csp-auditor.js.map +1 -0
- package/dist/agents/99-logging-hygiene-auditor.d.ts +67 -0
- package/dist/agents/99-logging-hygiene-auditor.d.ts.map +1 -0
- package/dist/agents/99-logging-hygiene-auditor.js +325 -0
- package/dist/agents/99-logging-hygiene-auditor.js.map +1 -0
- package/dist/agents/base-agent.d.ts +74 -4
- package/dist/agents/base-agent.d.ts.map +1 -1
- package/dist/agents/base-agent.js +106 -1
- package/dist/agents/base-agent.js.map +1 -1
- package/dist/agents/browser-use-client.d.ts +68 -0
- package/dist/agents/browser-use-client.d.ts.map +1 -0
- package/dist/agents/browser-use-client.js +92 -0
- package/dist/agents/browser-use-client.js.map +1 -0
- package/dist/agents/lib/source-scan.d.ts +53 -0
- package/dist/agents/lib/source-scan.d.ts.map +1 -0
- package/dist/agents/lib/source-scan.js +279 -0
- package/dist/agents/lib/source-scan.js.map +1 -0
- package/dist/agents/registry.d.ts +27 -9
- package/dist/agents/registry.d.ts.map +1 -1
- package/dist/agents/registry.js +365 -151
- package/dist/agents/registry.js.map +1 -1
- package/dist/agents/stagehand-runner.d.ts +104 -0
- package/dist/agents/stagehand-runner.d.ts.map +1 -0
- package/dist/agents/stagehand-runner.js +153 -0
- package/dist/agents/stagehand-runner.js.map +1 -0
- package/dist/bridge/agent-registry.d.ts +21 -0
- package/dist/bridge/agent-registry.d.ts.map +1 -0
- package/dist/bridge/agent-registry.js +224 -0
- package/dist/bridge/agent-registry.js.map +1 -0
- package/dist/bridge/api-contract-reader.d.ts +55 -0
- package/dist/bridge/api-contract-reader.d.ts.map +1 -0
- package/dist/bridge/api-contract-reader.js +103 -0
- package/dist/bridge/api-contract-reader.js.map +1 -0
- package/dist/bridge/compliance-reader.d.ts +47 -0
- package/dist/bridge/compliance-reader.d.ts.map +1 -0
- package/dist/bridge/compliance-reader.js +91 -0
- package/dist/bridge/compliance-reader.js.map +1 -0
- package/dist/bridge/data-integrity-reader.d.ts +77 -0
- package/dist/bridge/data-integrity-reader.d.ts.map +1 -0
- package/dist/bridge/data-integrity-reader.js +110 -0
- package/dist/bridge/data-integrity-reader.js.map +1 -0
- package/dist/bridge/design-reader.d.ts +51 -0
- package/dist/bridge/design-reader.d.ts.map +1 -0
- package/dist/bridge/design-reader.js +105 -0
- package/dist/bridge/design-reader.js.map +1 -0
- package/dist/bridge/file-scanner.d.ts +21 -0
- package/dist/bridge/file-scanner.d.ts.map +1 -0
- package/dist/bridge/file-scanner.js +117 -0
- package/dist/bridge/file-scanner.js.map +1 -0
- package/dist/bridge/finding-normalize.d.ts +24 -0
- package/dist/bridge/finding-normalize.d.ts.map +1 -0
- package/dist/bridge/finding-normalize.js +46 -0
- package/dist/bridge/finding-normalize.js.map +1 -0
- package/dist/bridge/http-client.d.ts +44 -0
- package/dist/bridge/http-client.d.ts.map +1 -0
- package/dist/bridge/http-client.js +130 -0
- package/dist/bridge/http-client.js.map +1 -0
- package/dist/bridge/knowledge-reader.d.ts +10 -0
- package/dist/bridge/knowledge-reader.d.ts.map +1 -0
- package/dist/bridge/knowledge-reader.js +46 -0
- package/dist/bridge/knowledge-reader.js.map +1 -0
- package/dist/bridge/loop-engine-reader.d.ts +77 -0
- package/dist/bridge/loop-engine-reader.d.ts.map +1 -0
- package/dist/bridge/loop-engine-reader.js +73 -0
- package/dist/bridge/loop-engine-reader.js.map +1 -0
- package/dist/bridge/playwright-pool.d.ts +33 -0
- package/dist/bridge/playwright-pool.d.ts.map +1 -0
- package/dist/bridge/playwright-pool.js +89 -0
- package/dist/bridge/playwright-pool.js.map +1 -0
- package/dist/bridge/rate-limiter.d.ts +40 -0
- package/dist/bridge/rate-limiter.d.ts.map +1 -0
- package/dist/bridge/rate-limiter.js +33 -0
- package/dist/bridge/rate-limiter.js.map +1 -0
- package/dist/bridge/reliability-reader.d.ts +67 -0
- package/dist/bridge/reliability-reader.d.ts.map +1 -0
- package/dist/bridge/reliability-reader.js +146 -0
- package/dist/bridge/reliability-reader.js.map +1 -0
- package/dist/bridge/router.d.ts +26 -0
- package/dist/bridge/router.d.ts.map +1 -0
- package/dist/bridge/router.js +137 -0
- package/dist/bridge/router.js.map +1 -0
- package/dist/bridge/run-stream.d.ts +47 -0
- package/dist/bridge/run-stream.d.ts.map +1 -0
- package/dist/bridge/run-stream.js +67 -0
- package/dist/bridge/run-stream.js.map +1 -0
- package/dist/bridge/runs-reader.d.ts +41 -0
- package/dist/bridge/runs-reader.d.ts.map +1 -0
- package/dist/bridge/runs-reader.js +185 -0
- package/dist/bridge/runs-reader.js.map +1 -0
- package/dist/bridge/sentinel-reader.d.ts +55 -0
- package/dist/bridge/sentinel-reader.d.ts.map +1 -0
- package/dist/bridge/sentinel-reader.js +88 -0
- package/dist/bridge/sentinel-reader.js.map +1 -0
- package/dist/bridge/server.d.ts +83 -0
- package/dist/bridge/server.d.ts.map +1 -0
- package/dist/bridge/server.js +1103 -0
- package/dist/bridge/server.js.map +1 -0
- package/dist/bridge/shell-executor.d.ts +49 -0
- package/dist/bridge/shell-executor.d.ts.map +1 -0
- package/dist/bridge/shell-executor.js +181 -0
- package/dist/bridge/shell-executor.js.map +1 -0
- package/dist/bridge/tech-debt-reader.d.ts +57 -0
- package/dist/bridge/tech-debt-reader.d.ts.map +1 -0
- package/dist/bridge/tech-debt-reader.js +119 -0
- package/dist/bridge/tech-debt-reader.js.map +1 -0
- package/dist/bridge/types.d.ts +63 -0
- package/dist/bridge/types.d.ts.map +1 -0
- package/dist/bridge/types.js +7 -0
- package/dist/bridge/types.js.map +1 -0
- package/dist/clients/agent-mvp.d.ts +3 -1
- package/dist/clients/agent-mvp.d.ts.map +1 -1
- package/dist/clients/agent-mvp.js +16 -5
- package/dist/clients/agent-mvp.js.map +1 -1
- package/dist/clients/llm-council.d.ts +47 -0
- package/dist/clients/llm-council.d.ts.map +1 -0
- package/dist/clients/llm-council.js +52 -0
- package/dist/clients/llm-council.js.map +1 -0
- package/dist/clients/total-recall.d.ts +2 -2
- package/dist/clients/total-recall.d.ts.map +1 -1
- package/dist/clients/total-recall.js +18 -3
- package/dist/clients/total-recall.js.map +1 -1
- package/dist/core/agent-contract.d.ts +21 -0
- package/dist/core/agent-contract.d.ts.map +1 -0
- package/dist/core/agent-contract.js +18 -0
- package/dist/core/agent-contract.js.map +1 -0
- package/dist/core/api-contract/api-contract-validator.d.ts +178 -0
- package/dist/core/api-contract/api-contract-validator.d.ts.map +1 -0
- package/dist/core/api-contract/api-contract-validator.js +796 -0
- package/dist/core/api-contract/api-contract-validator.js.map +1 -0
- package/dist/core/api-contract/index.d.ts +16 -0
- package/dist/core/api-contract/index.d.ts.map +1 -0
- package/dist/core/api-contract/index.js +24 -0
- package/dist/core/api-contract/index.js.map +1 -0
- package/dist/core/api-contract/types.d.ts +235 -0
- package/dist/core/api-contract/types.d.ts.map +1 -0
- package/dist/core/api-contract/types.js +27 -0
- package/dist/core/api-contract/types.js.map +1 -0
- package/dist/core/blackboard/blackboard.d.ts +34 -0
- package/dist/core/blackboard/blackboard.d.ts.map +1 -0
- package/dist/core/blackboard/blackboard.js +133 -0
- package/dist/core/blackboard/blackboard.js.map +1 -0
- package/dist/core/blackboard/coordination.d.ts +27 -0
- package/dist/core/blackboard/coordination.d.ts.map +1 -0
- package/dist/core/blackboard/coordination.js +31 -0
- package/dist/core/blackboard/coordination.js.map +1 -0
- package/dist/core/blackboard/direct-channel.d.ts +26 -0
- package/dist/core/blackboard/direct-channel.d.ts.map +1 -0
- package/dist/core/blackboard/direct-channel.js +26 -0
- package/dist/core/blackboard/direct-channel.js.map +1 -0
- package/dist/core/blackboard/index.d.ts +10 -0
- package/dist/core/blackboard/index.d.ts.map +1 -0
- package/dist/core/blackboard/index.js +4 -0
- package/dist/core/blackboard/index.js.map +1 -0
- package/dist/core/blackboard/types.d.ts +36 -0
- package/dist/core/blackboard/types.d.ts.map +1 -0
- package/dist/core/blackboard/types.js +2 -0
- package/dist/core/blackboard/types.js.map +1 -0
- package/dist/core/canvas/schema.d.ts +81 -0
- package/dist/core/canvas/schema.d.ts.map +1 -0
- package/dist/core/canvas/schema.js +144 -0
- package/dist/core/canvas/schema.js.map +1 -0
- package/dist/core/canvas/store.d.ts +41 -0
- package/dist/core/canvas/store.d.ts.map +1 -0
- package/dist/core/canvas/store.js +121 -0
- package/dist/core/canvas/store.js.map +1 -0
- package/dist/core/ci-output.d.ts +1 -1
- package/dist/core/ci-output.d.ts.map +1 -1
- package/dist/core/ci-output.js +2 -0
- package/dist/core/ci-output.js.map +1 -1
- package/dist/core/cli.d.ts +12 -1
- package/dist/core/cli.d.ts.map +1 -1
- package/dist/core/cli.js +308 -43
- package/dist/core/cli.js.map +1 -1
- package/dist/core/compliance/auditor.d.ts +119 -0
- package/dist/core/compliance/auditor.d.ts.map +1 -0
- package/dist/core/compliance/auditor.js +577 -0
- package/dist/core/compliance/auditor.js.map +1 -0
- package/dist/core/compliance/index.d.ts +11 -0
- package/dist/core/compliance/index.d.ts.map +1 -0
- package/dist/core/compliance/index.js +10 -0
- package/dist/core/compliance/index.js.map +1 -0
- package/dist/core/compliance/types.d.ts +174 -0
- package/dist/core/compliance/types.d.ts.map +1 -0
- package/dist/core/compliance/types.js +12 -0
- package/dist/core/compliance/types.js.map +1 -0
- package/dist/core/conductor/conductor.d.ts +37 -0
- package/dist/core/conductor/conductor.d.ts.map +1 -0
- package/dist/core/conductor/conductor.js +96 -0
- package/dist/core/conductor/conductor.js.map +1 -0
- package/dist/core/conductor/index.d.ts +9 -0
- package/dist/core/conductor/index.d.ts.map +1 -0
- package/dist/core/conductor/index.js +3 -0
- package/dist/core/conductor/index.js.map +1 -0
- package/dist/core/conductor/model-router.d.ts +17 -0
- package/dist/core/conductor/model-router.d.ts.map +1 -0
- package/dist/core/conductor/model-router.js +29 -0
- package/dist/core/conductor/model-router.js.map +1 -0
- package/dist/core/conductor/types.d.ts +33 -0
- package/dist/core/conductor/types.d.ts.map +1 -0
- package/dist/core/conductor/types.js +2 -0
- package/dist/core/conductor/types.js.map +1 -0
- package/dist/core/config.d.ts +148 -1
- package/dist/core/config.d.ts.map +1 -1
- package/dist/core/config.js +53 -4
- package/dist/core/config.js.map +1 -1
- package/dist/core/data-integrity/data-integrity.d.ts +291 -0
- package/dist/core/data-integrity/data-integrity.d.ts.map +1 -0
- package/dist/core/data-integrity/data-integrity.js +892 -0
- package/dist/core/data-integrity/data-integrity.js.map +1 -0
- package/dist/core/data-integrity/index.d.ts +16 -0
- package/dist/core/data-integrity/index.d.ts.map +1 -0
- package/dist/core/data-integrity/index.js +17 -0
- package/dist/core/data-integrity/index.js.map +1 -0
- package/dist/core/data-integrity/types.d.ts +236 -0
- package/dist/core/data-integrity/types.d.ts.map +1 -0
- package/dist/core/data-integrity/types.js +14 -0
- package/dist/core/data-integrity/types.js.map +1 -0
- package/dist/core/disaster-recovery/index.d.ts +13 -0
- package/dist/core/disaster-recovery/index.d.ts.map +1 -0
- package/dist/core/disaster-recovery/index.js +3 -0
- package/dist/core/disaster-recovery/index.js.map +1 -0
- package/dist/core/disaster-recovery/simulator.d.ts +158 -0
- package/dist/core/disaster-recovery/simulator.d.ts.map +1 -0
- package/dist/core/disaster-recovery/simulator.js +553 -0
- package/dist/core/disaster-recovery/simulator.js.map +1 -0
- package/dist/core/disaster-recovery/types.d.ts +299 -0
- package/dist/core/disaster-recovery/types.d.ts.map +1 -0
- package/dist/core/disaster-recovery/types.js +33 -0
- package/dist/core/disaster-recovery/types.js.map +1 -0
- package/dist/core/escalation/heal-or-ask.d.ts +20 -0
- package/dist/core/escalation/heal-or-ask.d.ts.map +1 -0
- package/dist/core/escalation/heal-or-ask.js +19 -0
- package/dist/core/escalation/heal-or-ask.js.map +1 -0
- package/dist/core/escalation/index.d.ts +9 -0
- package/dist/core/escalation/index.d.ts.map +1 -0
- package/dist/core/escalation/index.js +3 -0
- package/dist/core/escalation/index.js.map +1 -0
- package/dist/core/escalation/pause-gate.d.ts +48 -0
- package/dist/core/escalation/pause-gate.d.ts.map +1 -0
- package/dist/core/escalation/pause-gate.js +96 -0
- package/dist/core/escalation/pause-gate.js.map +1 -0
- package/dist/core/escalation/types.d.ts +33 -0
- package/dist/core/escalation/types.d.ts.map +1 -0
- package/dist/core/escalation/types.js +9 -0
- package/dist/core/escalation/types.js.map +1 -0
- package/dist/core/evidence.d.ts +32 -1
- package/dist/core/evidence.d.ts.map +1 -1
- package/dist/core/evidence.js +99 -1
- package/dist/core/evidence.js.map +1 -1
- package/dist/core/feature-bdd/fix.d.ts +84 -0
- package/dist/core/feature-bdd/fix.d.ts.map +1 -0
- package/dist/core/feature-bdd/fix.js +121 -0
- package/dist/core/feature-bdd/fix.js.map +1 -0
- package/dist/core/feature-bdd/generate.d.ts +96 -0
- package/dist/core/feature-bdd/generate.d.ts.map +1 -0
- package/dist/core/feature-bdd/generate.js +228 -0
- package/dist/core/feature-bdd/generate.js.map +1 -0
- package/dist/core/feature-bdd/llm-provider.d.ts +92 -0
- package/dist/core/feature-bdd/llm-provider.d.ts.map +1 -0
- package/dist/core/feature-bdd/llm-provider.js +187 -0
- package/dist/core/feature-bdd/llm-provider.js.map +1 -0
- package/dist/core/feature-bdd/run.d.ts +56 -0
- package/dist/core/feature-bdd/run.d.ts.map +1 -0
- package/dist/core/feature-bdd/run.js +175 -0
- package/dist/core/feature-bdd/run.js.map +1 -0
- package/dist/core/feature-bdd/schema.d.ts +111 -0
- package/dist/core/feature-bdd/schema.d.ts.map +1 -0
- package/dist/core/feature-bdd/schema.js +272 -0
- package/dist/core/feature-bdd/schema.js.map +1 -0
- package/dist/core/feature-bdd/store.d.ts +145 -0
- package/dist/core/feature-bdd/store.d.ts.map +1 -0
- package/dist/core/feature-bdd/store.js +470 -0
- package/dist/core/feature-bdd/store.js.map +1 -0
- package/dist/core/finding-correlation.d.ts +55 -0
- package/dist/core/finding-correlation.d.ts.map +1 -0
- package/dist/core/finding-correlation.js +96 -0
- package/dist/core/finding-correlation.js.map +1 -0
- package/dist/core/fix-loop.d.ts +20 -1
- package/dist/core/fix-loop.d.ts.map +1 -1
- package/dist/core/fix-loop.js +34 -0
- package/dist/core/fix-loop.js.map +1 -1
- package/dist/core/governance/calibration.d.ts +31 -0
- package/dist/core/governance/calibration.d.ts.map +1 -0
- package/dist/core/governance/calibration.js +78 -0
- package/dist/core/governance/calibration.js.map +1 -0
- package/dist/core/governance/degradation.d.ts +35 -0
- package/dist/core/governance/degradation.d.ts.map +1 -0
- package/dist/core/governance/degradation.js +25 -0
- package/dist/core/governance/degradation.js.map +1 -0
- package/dist/core/governance/ethical-constraint.d.ts +55 -0
- package/dist/core/governance/ethical-constraint.d.ts.map +1 -0
- package/dist/core/governance/ethical-constraint.js +98 -0
- package/dist/core/governance/ethical-constraint.js.map +1 -0
- package/dist/core/governance/index.d.ts +9 -0
- package/dist/core/governance/index.d.ts.map +1 -0
- package/dist/core/governance/index.js +9 -0
- package/dist/core/governance/index.js.map +1 -0
- package/dist/core/harness/audit-log.d.ts +12 -0
- package/dist/core/harness/audit-log.d.ts.map +1 -0
- package/dist/core/harness/audit-log.js +62 -0
- package/dist/core/harness/audit-log.js.map +1 -0
- package/dist/core/harness/authorization.d.ts +24 -0
- package/dist/core/harness/authorization.d.ts.map +1 -0
- package/dist/core/harness/authorization.js +48 -0
- package/dist/core/harness/authorization.js.map +1 -0
- package/dist/core/harness/harness.d.ts +64 -0
- package/dist/core/harness/harness.d.ts.map +1 -0
- package/dist/core/harness/harness.js +188 -0
- package/dist/core/harness/harness.js.map +1 -0
- package/dist/core/harness/index.d.ts +10 -0
- package/dist/core/harness/index.d.ts.map +1 -0
- package/dist/core/harness/index.js +4 -0
- package/dist/core/harness/index.js.map +1 -0
- package/dist/core/harness/types.d.ts +88 -0
- package/dist/core/harness/types.d.ts.map +1 -0
- package/dist/core/harness/types.js +2 -0
- package/dist/core/harness/types.js.map +1 -0
- package/dist/core/health-check.d.ts +6 -0
- package/dist/core/health-check.d.ts.map +1 -1
- package/dist/core/health-check.js +14 -2
- package/dist/core/health-check.js.map +1 -1
- package/dist/core/init.d.ts.map +1 -1
- package/dist/core/init.js +58 -18
- package/dist/core/init.js.map +1 -1
- package/dist/core/knowledge/cached-map.d.ts +17 -0
- package/dist/core/knowledge/cached-map.d.ts.map +1 -0
- package/dist/core/knowledge/cached-map.js +23 -0
- package/dist/core/knowledge/cached-map.js.map +1 -0
- package/dist/core/knowledge/index.d.ts +10 -0
- package/dist/core/knowledge/index.d.ts.map +1 -0
- package/dist/core/knowledge/index.js +4 -0
- package/dist/core/knowledge/index.js.map +1 -0
- package/dist/core/knowledge/system-map.d.ts +50 -0
- package/dist/core/knowledge/system-map.d.ts.map +1 -0
- package/dist/core/knowledge/system-map.js +121 -0
- package/dist/core/knowledge/system-map.js.map +1 -0
- package/dist/core/knowledge/traversal.d.ts +12 -0
- package/dist/core/knowledge/traversal.d.ts.map +1 -0
- package/dist/core/knowledge/traversal.js +37 -0
- package/dist/core/knowledge/traversal.js.map +1 -0
- package/dist/core/knowledge/types.d.ts +41 -0
- package/dist/core/knowledge/types.d.ts.map +1 -0
- package/dist/core/knowledge/types.js +2 -0
- package/dist/core/knowledge/types.js.map +1 -0
- package/dist/core/license-gen.d.ts +1 -1
- package/dist/core/license-gen.d.ts.map +1 -1
- package/dist/core/license-gen.js +10 -5
- package/dist/core/license-gen.js.map +1 -1
- package/dist/core/license.d.ts +12 -2
- package/dist/core/license.d.ts.map +1 -1
- package/dist/core/license.js +104 -28
- package/dist/core/license.js.map +1 -1
- package/dist/core/loop-engine/circuit-breaker.d.ts +24 -0
- package/dist/core/loop-engine/circuit-breaker.d.ts.map +1 -0
- package/dist/core/loop-engine/circuit-breaker.js +48 -0
- package/dist/core/loop-engine/circuit-breaker.js.map +1 -0
- package/dist/core/loop-engine/demo.d.ts +35 -0
- package/dist/core/loop-engine/demo.d.ts.map +1 -0
- package/dist/core/loop-engine/demo.js +71 -0
- package/dist/core/loop-engine/demo.js.map +1 -0
- package/dist/core/loop-engine/event-store.d.ts +8 -0
- package/dist/core/loop-engine/event-store.d.ts.map +1 -0
- package/dist/core/loop-engine/event-store.js +9 -0
- package/dist/core/loop-engine/event-store.js.map +1 -0
- package/dist/core/loop-engine/index.d.ts +11 -0
- package/dist/core/loop-engine/index.d.ts.map +1 -0
- package/dist/core/loop-engine/index.js +11 -0
- package/dist/core/loop-engine/index.js.map +1 -0
- package/dist/core/loop-engine/kernel.d.ts +66 -0
- package/dist/core/loop-engine/kernel.d.ts.map +1 -0
- package/dist/core/loop-engine/kernel.js +196 -0
- package/dist/core/loop-engine/kernel.js.map +1 -0
- package/dist/core/loop-engine/tracing.d.ts +12 -0
- package/dist/core/loop-engine/tracing.d.ts.map +1 -0
- package/dist/core/loop-engine/tracing.js +15 -0
- package/dist/core/loop-engine/tracing.js.map +1 -0
- package/dist/core/loop-engine/types.d.ts +92 -0
- package/dist/core/loop-engine/types.d.ts.map +1 -0
- package/dist/core/loop-engine/types.js +21 -0
- package/dist/core/loop-engine/types.js.map +1 -0
- package/dist/core/messages.d.ts +1 -1
- package/dist/core/messages.d.ts.map +1 -1
- package/dist/core/messages.js +101 -1
- package/dist/core/messages.js.map +1 -1
- package/dist/core/orchestrator.d.ts +79 -8
- package/dist/core/orchestrator.d.ts.map +1 -1
- package/dist/core/orchestrator.js +340 -33
- package/dist/core/orchestrator.js.map +1 -1
- package/dist/core/phase-gate.d.ts +2 -2
- package/dist/core/quality-score/calculator.d.ts +125 -0
- package/dist/core/quality-score/calculator.d.ts.map +1 -0
- package/dist/core/quality-score/calculator.js +489 -0
- package/dist/core/quality-score/calculator.js.map +1 -0
- package/dist/core/quality-score/from-run.d.ts +27 -0
- package/dist/core/quality-score/from-run.d.ts.map +1 -0
- package/dist/core/quality-score/from-run.js +64 -0
- package/dist/core/quality-score/from-run.js.map +1 -0
- package/dist/core/quality-score/index.d.ts +9 -0
- package/dist/core/quality-score/index.d.ts.map +1 -0
- package/dist/core/quality-score/index.js +9 -0
- package/dist/core/quality-score/index.js.map +1 -0
- package/dist/core/quality-score/types.d.ts +225 -0
- package/dist/core/quality-score/types.d.ts.map +1 -0
- package/dist/core/quality-score/types.js +26 -0
- package/dist/core/quality-score/types.js.map +1 -0
- package/dist/core/report-html-script.d.ts +3 -0
- package/dist/core/report-html-script.d.ts.map +1 -0
- package/dist/core/report-html-script.js +47 -0
- package/dist/core/report-html-script.js.map +1 -0
- package/dist/core/report-html-styles.d.ts +3 -0
- package/dist/core/report-html-styles.d.ts.map +1 -0
- package/dist/core/report-html-styles.js +231 -0
- package/dist/core/report-html-styles.js.map +1 -0
- package/dist/core/report-html.d.ts +1 -1
- package/dist/core/report-html.d.ts.map +1 -1
- package/dist/core/report-html.js +5 -280
- package/dist/core/report-html.js.map +1 -1
- package/dist/core/report-upload.d.ts +8 -0
- package/dist/core/report-upload.d.ts.map +1 -1
- package/dist/core/report-upload.js +17 -4
- package/dist/core/report-upload.js.map +1 -1
- package/dist/core/run-counter.d.ts.map +1 -1
- package/dist/core/run-counter.js +25 -1
- package/dist/core/run-counter.js.map +1 -1
- package/dist/core/run-events/emitter.d.ts +112 -0
- package/dist/core/run-events/emitter.d.ts.map +1 -0
- package/dist/core/run-events/emitter.js +234 -0
- package/dist/core/run-events/emitter.js.map +1 -0
- package/dist/core/run-events/frame-sink.d.ts +24 -0
- package/dist/core/run-events/frame-sink.d.ts.map +1 -0
- package/dist/core/run-events/frame-sink.js +32 -0
- package/dist/core/run-events/frame-sink.js.map +1 -0
- package/dist/core/run-events/index.d.ts +7 -0
- package/dist/core/run-events/index.d.ts.map +1 -0
- package/dist/core/run-events/index.js +5 -0
- package/dist/core/run-events/index.js.map +1 -0
- package/dist/core/run-events/loop-event-sink.d.ts +56 -0
- package/dist/core/run-events/loop-event-sink.d.ts.map +1 -0
- package/dist/core/run-events/loop-event-sink.js +60 -0
- package/dist/core/run-events/loop-event-sink.js.map +1 -0
- package/dist/core/run-events/sse.d.ts +47 -0
- package/dist/core/run-events/sse.d.ts.map +1 -0
- package/dist/core/run-events/sse.js +64 -0
- package/dist/core/run-events/sse.js.map +1 -0
- package/dist/core/run-events/types.d.ts +147 -0
- package/dist/core/run-events/types.d.ts.map +1 -0
- package/dist/core/run-events/types.js +17 -0
- package/dist/core/run-events/types.js.map +1 -0
- package/dist/core/run-mode/capture.d.ts +37 -0
- package/dist/core/run-mode/capture.d.ts.map +1 -0
- package/dist/core/run-mode/capture.js +43 -0
- package/dist/core/run-mode/capture.js.map +1 -0
- package/dist/core/run-mode/index.d.ts +9 -0
- package/dist/core/run-mode/index.d.ts.map +1 -0
- package/dist/core/run-mode/index.js +3 -0
- package/dist/core/run-mode/index.js.map +1 -0
- package/dist/core/run-mode/run-mode.d.ts +35 -0
- package/dist/core/run-mode/run-mode.d.ts.map +1 -0
- package/dist/core/run-mode/run-mode.js +51 -0
- package/dist/core/run-mode/run-mode.js.map +1 -0
- package/dist/core/run-mode/types.d.ts +36 -0
- package/dist/core/run-mode/types.d.ts.map +1 -0
- package/dist/core/run-mode/types.js +15 -0
- package/dist/core/run-mode/types.js.map +1 -0
- package/dist/core/run-quota.d.ts +22 -0
- package/dist/core/run-quota.d.ts.map +1 -0
- package/dist/core/run-quota.js +44 -0
- package/dist/core/run-quota.js.map +1 -0
- package/dist/core/security-audit/index.d.ts +9 -0
- package/dist/core/security-audit/index.d.ts.map +1 -0
- package/dist/core/security-audit/index.js +10 -0
- package/dist/core/security-audit/index.js.map +1 -0
- package/dist/core/security-audit/sentinel.d.ts +196 -0
- package/dist/core/security-audit/sentinel.d.ts.map +1 -0
- package/dist/core/security-audit/sentinel.js +725 -0
- package/dist/core/security-audit/sentinel.js.map +1 -0
- package/dist/core/security-audit/types.d.ts +240 -0
- package/dist/core/security-audit/types.d.ts.map +1 -0
- package/dist/core/security-audit/types.js +42 -0
- package/dist/core/security-audit/types.js.map +1 -0
- package/dist/core/tech-debt/index.d.ts +11 -0
- package/dist/core/tech-debt/index.d.ts.map +1 -0
- package/dist/core/tech-debt/index.js +11 -0
- package/dist/core/tech-debt/index.js.map +1 -0
- package/dist/core/tech-debt/tech-debt-tracker.d.ts +46 -0
- package/dist/core/tech-debt/tech-debt-tracker.d.ts.map +1 -0
- package/dist/core/tech-debt/tech-debt-tracker.js +533 -0
- package/dist/core/tech-debt/tech-debt-tracker.js.map +1 -0
- package/dist/core/tech-debt/types.d.ts +263 -0
- package/dist/core/tech-debt/types.d.ts.map +1 -0
- package/dist/core/tech-debt/types.js +2 -0
- package/dist/core/tech-debt/types.js.map +1 -0
- package/dist/core/tester/diff-planner.d.ts +18 -0
- package/dist/core/tester/diff-planner.d.ts.map +1 -0
- package/dist/core/tester/diff-planner.js +37 -0
- package/dist/core/tester/diff-planner.js.map +1 -0
- package/dist/core/tester/honest-report.d.ts +13 -0
- package/dist/core/tester/honest-report.d.ts.map +1 -0
- package/dist/core/tester/honest-report.js +64 -0
- package/dist/core/tester/honest-report.js.map +1 -0
- package/dist/core/tester/index.d.ts +9 -0
- package/dist/core/tester/index.d.ts.map +1 -0
- package/dist/core/tester/index.js +3 -0
- package/dist/core/tester/index.js.map +1 -0
- package/dist/core/tester/types.d.ts +55 -0
- package/dist/core/tester/types.d.ts.map +1 -0
- package/dist/core/tester/types.js +8 -0
- package/dist/core/tester/types.js.map +1 -0
- package/dist/core/triggers/index.d.ts +9 -0
- package/dist/core/triggers/index.d.ts.map +1 -0
- package/dist/core/triggers/index.js +3 -0
- package/dist/core/triggers/index.js.map +1 -0
- package/dist/core/triggers/trigger-bus.d.ts +49 -0
- package/dist/core/triggers/trigger-bus.d.ts.map +1 -0
- package/dist/core/triggers/trigger-bus.js +167 -0
- package/dist/core/triggers/trigger-bus.js.map +1 -0
- package/dist/core/triggers/types.d.ts +56 -0
- package/dist/core/triggers/types.d.ts.map +1 -0
- package/dist/core/triggers/types.js +13 -0
- package/dist/core/triggers/types.js.map +1 -0
- package/dist/core/trust.d.ts +12 -0
- package/dist/core/trust.d.ts.map +1 -0
- package/dist/core/trust.js +13 -0
- package/dist/core/trust.js.map +1 -0
- package/dist/core/types.d.ts +24 -2
- package/dist/core/types.d.ts.map +1 -1
- package/dist/core/ui-ux/index.d.ts +12 -0
- package/dist/core/ui-ux/index.d.ts.map +1 -0
- package/dist/core/ui-ux/index.js +13 -0
- package/dist/core/ui-ux/index.js.map +1 -0
- package/dist/core/ui-ux/orchestrator.d.ts +206 -0
- package/dist/core/ui-ux/orchestrator.d.ts.map +1 -0
- package/dist/core/ui-ux/orchestrator.js +672 -0
- package/dist/core/ui-ux/orchestrator.js.map +1 -0
- package/dist/core/ui-ux/types.d.ts +339 -0
- package/dist/core/ui-ux/types.d.ts.map +1 -0
- package/dist/core/ui-ux/types.js +17 -0
- package/dist/core/ui-ux/types.js.map +1 -0
- package/dist/enterprise/audit-trail.d.ts +31 -0
- package/dist/enterprise/audit-trail.d.ts.map +1 -0
- package/dist/enterprise/audit-trail.js +111 -0
- package/dist/enterprise/audit-trail.js.map +1 -0
- package/dist/enterprise/sla.d.ts +26 -0
- package/dist/enterprise/sla.d.ts.map +1 -0
- package/dist/enterprise/sla.js +101 -0
- package/dist/enterprise/sla.js.map +1 -0
- package/dist/helpers/element-discovery.js +1 -1
- package/dist/helpers/element-discovery.js.map +1 -1
- package/dist/helpers/env-resolver.d.ts +2 -2
- package/dist/helpers/quality-gate.d.ts.map +1 -1
- package/dist/helpers/quality-gate.js +21 -3
- package/dist/helpers/quality-gate.js.map +1 -1
- package/dist/helpers/shape-fingerprint.d.ts +18 -0
- package/dist/helpers/shape-fingerprint.d.ts.map +1 -0
- package/dist/helpers/shape-fingerprint.js +40 -0
- package/dist/helpers/shape-fingerprint.js.map +1 -0
- package/dist/sdk/custom-agent.d.ts +51 -0
- package/dist/sdk/custom-agent.d.ts.map +1 -0
- package/dist/sdk/custom-agent.js +94 -0
- package/dist/sdk/custom-agent.js.map +1 -0
- package/dist/sdk/index.d.ts +5 -0
- package/dist/sdk/index.d.ts.map +1 -0
- package/dist/sdk/index.js +3 -0
- package/dist/sdk/index.js.map +1 -0
- package/dist/sdk/loader.d.ts +28 -0
- package/dist/sdk/loader.d.ts.map +1 -0
- package/dist/sdk/loader.js +140 -0
- package/dist/sdk/loader.js.map +1 -0
- package/package.json +46 -20
- package/agents/01-analyst.ts +0 -100
- package/agents/02-seed-architect.ts +0 -59
- package/agents/03-test-generator.ts +0 -191
- package/agents/04-unit-runner.ts +0 -160
- package/agents/05-browser-crawler.ts +0 -790
- package/agents/06-api-exerciser.ts +0 -311
- package/agents/07-security-scout.ts +0 -188
- package/agents/08-a11y-guardian.ts +0 -212
- package/agents/09-healer.ts +0 -228
- package/agents/10-reporter.ts +0 -266
- package/agents/11-fixer.ts +0 -253
- package/agents/12-ux-inspector.ts +0 -444
- package/agents/13-performance-profiler.ts +0 -271
- package/agents/14-data-integrity-auditor.ts +0 -417
- package/agents/15-regression-sentinel.ts +0 -308
- package/agents/16-chaos-agent.ts +0 -228
- package/agents/17-documentation-validator.ts +0 -266
- package/agents/18-integration-watchdog.ts +0 -178
- package/agents/19-tenant-isolation-auditor.ts +0 -199
- package/agents/20-workflow-completion-tester.ts +0 -203
- package/agents/21-state-session-tester.ts +0 -262
- package/agents/22-email-notification-verifier.ts +0 -244
- package/agents/23-migration-tester.ts +0 -80
- package/agents/24-signup-onboarding-tester.ts +0 -429
- package/agents/25-crud-flow-tester.ts +0 -302
- package/agents/26-form-validator.ts +0 -297
- package/agents/27-search-filter-tester.ts +0 -326
- package/agents/28-navigation-routing-tester.ts +0 -425
- package/agents/29-responsive-interaction-tester.ts +0 -350
- package/agents/30-multi-user-scenario-tester.ts +0 -319
- package/agents/31-load-tester.ts +0 -134
- package/agents/32-memory-leak-detector.ts +0 -194
- package/agents/33-bundle-analyzer.ts +0 -132
- package/agents/34-xss-scanner.ts +0 -191
- package/agents/35-csrf-tester.ts +0 -82
- package/agents/36-auth-fuzzer.ts +0 -194
- package/agents/37-dependency-scanner.ts +0 -176
- package/agents/38-secrets-scanner.ts +0 -137
- package/agents/39-api-contract-tester.ts +0 -199
- package/agents/40-rate-limit-tester.ts +0 -94
- package/agents/41-api-pagination-tester.ts +0 -97
- package/agents/42-graphql-tester.ts +0 -222
- package/agents/43-data-consistency-checker.ts +0 -205
- package/agents/44-backup-recovery-tester.ts +0 -152
- package/agents/45-data-privacy-scanner.ts +0 -125
- package/agents/46-seo-auditor.ts +0 -294
- package/agents/47-social-preview-tester.ts +0 -232
- package/agents/48-lighthouse-auditor.ts +0 -213
- package/agents/49-i18n-tester.ts +0 -198
- package/agents/50-timezone-tester.ts +0 -173
- package/agents/51-error-recovery-tester.ts +0 -155
- package/agents/52-offline-mode-tester.ts +0 -180
- package/agents/53-graceful-degradation-tester.ts +0 -156
- package/agents/54-websocket-tester.ts +0 -151
- package/agents/55-realtime-sync-tester.ts +0 -194
- package/agents/56-file-upload-tester.ts +0 -194
- package/agents/57-export-tester.ts +0 -174
- package/agents/58-payment-flow-tester.ts +0 -183
- package/agents/59-ssl-tls-auditor.ts +0 -141
- package/agents/60-dns-cdn-tester.ts +0 -117
- package/agents/61-docker-health-checker.ts +0 -111
- package/agents/62-env-config-validator.ts +0 -152
- package/agents/63-log-quality-auditor.ts +0 -136
- package/agents/64-analytics-tracker-tester.ts +0 -165
- package/agents/65-gdpr-compliance-tester.ts +0 -215
- package/agents/66-soc2-control-validator.ts +0 -210
- package/agents/67-wcag-aaa-tester.ts +0 -241
- package/agents/68-dead-code-detector.ts +0 -135
- package/agents/69-type-safety-auditor.ts +0 -164
- package/agents/70-complexity-analyzer.ts +0 -179
- package/agents/__tests__/01-analyst.test.ts +0 -188
- package/agents/__tests__/02-seed-architect.test.ts +0 -152
- package/agents/__tests__/03-test-generator-full.test.ts +0 -321
- package/agents/__tests__/03-test-generator.test.ts +0 -318
- package/agents/__tests__/04-unit-runner.test.ts +0 -320
- package/agents/__tests__/05-browser-crawler-beta.test.ts +0 -492
- package/agents/__tests__/05-browser-crawler-release.test.ts +0 -412
- package/agents/__tests__/05-browser-crawler-uat.test.ts +0 -578
- package/agents/__tests__/05-browser-crawler.test.ts +0 -518
- package/agents/__tests__/06-api-exerciser.test.ts +0 -619
- package/agents/__tests__/07-security-scout.test.ts +0 -382
- package/agents/__tests__/08-a11y-guardian.test.ts +0 -530
- package/agents/__tests__/09-healer.test.ts +0 -384
- package/agents/__tests__/10-reporter.test.ts +0 -366
- package/agents/__tests__/11-fixer.test.ts +0 -406
- package/agents/__tests__/12-ux-inspector-extended.test.ts +0 -465
- package/agents/__tests__/12-ux-inspector.test.ts +0 -443
- package/agents/__tests__/13-performance-profiler.test.ts +0 -411
- package/agents/__tests__/14-data-integrity-auditor-extended.test.ts +0 -573
- package/agents/__tests__/14-data-integrity-auditor.test.ts +0 -407
- package/agents/__tests__/15-regression-sentinel.test.ts +0 -657
- package/agents/__tests__/16-chaos-agent.test.ts +0 -427
- package/agents/__tests__/17-documentation-validator.test.ts +0 -402
- package/agents/__tests__/18-integration-watchdog.test.ts +0 -263
- package/agents/__tests__/19-tenant-isolation-auditor.test.ts +0 -400
- package/agents/__tests__/20-workflow-completion-tester.test.ts +0 -586
- package/agents/__tests__/21-state-session-tester.test.ts +0 -374
- package/agents/__tests__/22-email-notification-verifier.test.ts +0 -441
- package/agents/__tests__/23-migration-tester.test.ts +0 -145
- package/agents/__tests__/24-signup-onboarding-tester.test.ts +0 -274
- package/agents/__tests__/25-crud-flow-tester.test.ts +0 -322
- package/agents/__tests__/26-form-validator.test.ts +0 -345
- package/agents/__tests__/27-search-filter-tester.test.ts +0 -311
- package/agents/__tests__/28-navigation-routing-tester.test.ts +0 -328
- package/agents/__tests__/29-responsive-interaction-tester.test.ts +0 -297
- package/agents/__tests__/30-multi-user-scenario-tester.test.ts +0 -328
- package/agents/__tests__/31-load-tester.test.ts +0 -189
- package/agents/__tests__/32-memory-leak-detector.test.ts +0 -251
- package/agents/__tests__/33-bundle-analyzer.test.ts +0 -237
- package/agents/__tests__/34-xss-scanner.test.ts +0 -258
- package/agents/__tests__/35-csrf-tester.test.ts +0 -200
- package/agents/__tests__/36-auth-fuzzer.test.ts +0 -214
- package/agents/__tests__/37-dependency-scanner.test.ts +0 -266
- package/agents/__tests__/38-secrets-scanner.test.ts +0 -224
- package/agents/__tests__/39-api-contract-tester.test.ts +0 -312
- package/agents/__tests__/40-rate-limit-tester.test.ts +0 -192
- package/agents/__tests__/41-api-pagination-tester.test.ts +0 -198
- package/agents/__tests__/42-graphql-tester.test.ts +0 -252
- package/agents/__tests__/43-data-consistency-checker.test.ts +0 -232
- package/agents/__tests__/44-backup-recovery-tester.test.ts +0 -222
- package/agents/__tests__/45-data-privacy-scanner.test.ts +0 -223
- package/agents/__tests__/46-seo-auditor.test.ts +0 -261
- package/agents/__tests__/47-social-preview-tester.test.ts +0 -245
- package/agents/__tests__/48-lighthouse-auditor.test.ts +0 -276
- package/agents/__tests__/49-i18n-tester.test.ts +0 -201
- package/agents/__tests__/50-timezone-tester.test.ts +0 -172
- package/agents/__tests__/51-error-recovery-tester.test.ts +0 -162
- package/agents/__tests__/52-offline-mode-tester.test.ts +0 -164
- package/agents/__tests__/53-graceful-degradation-tester.test.ts +0 -168
- package/agents/__tests__/54-websocket-tester.test.ts +0 -157
- package/agents/__tests__/55-realtime-sync-tester.test.ts +0 -181
- package/agents/__tests__/56-file-upload-tester.test.ts +0 -172
- package/agents/__tests__/57-export-tester.test.ts +0 -169
- package/agents/__tests__/58-payment-flow-tester.test.ts +0 -182
- package/agents/__tests__/59-ssl-tls-auditor.test.ts +0 -179
- package/agents/__tests__/60-dns-cdn-tester.test.ts +0 -176
- package/agents/__tests__/61-docker-health-checker.test.ts +0 -150
- package/agents/__tests__/62-env-config-validator.test.ts +0 -166
- package/agents/__tests__/63-log-quality-auditor.test.ts +0 -175
- package/agents/__tests__/64-analytics-tracker-tester.test.ts +0 -158
- package/agents/__tests__/65-gdpr-compliance-tester.test.ts +0 -174
- package/agents/__tests__/66-soc2-control-validator.test.ts +0 -183
- package/agents/__tests__/67-wcag-aaa-tester.test.ts +0 -190
- package/agents/__tests__/68-dead-code-detector.test.ts +0 -174
- package/agents/__tests__/69-type-safety-auditor.test.ts +0 -173
- package/agents/__tests__/70-complexity-analyzer.test.ts +0 -177
- package/agents/__tests__/base-agent.test.ts +0 -188
- package/agents/__tests__/registry.test.ts +0 -218
- package/agents/base-agent.ts +0 -85
- package/agents/registry.ts +0 -279
- package/baselines/api-schemas/.gitkeep +0 -0
- package/baselines/performance/.gitkeep +0 -0
- package/baselines/screenshots/.gitkeep +0 -0
- package/core/__tests__/ci-output.test.ts +0 -430
- package/core/__tests__/cli.test.ts +0 -387
- package/core/__tests__/config.test.ts +0 -78
- package/core/__tests__/cost-tracker.test.ts +0 -158
- package/core/__tests__/evidence.test.ts +0 -265
- package/core/__tests__/fix-loop.test.ts +0 -210
- package/core/__tests__/health-check.test.ts +0 -44
- package/core/__tests__/init.test.ts +0 -609
- package/core/__tests__/integration.test.ts +0 -204
- package/core/__tests__/license-gen.test.ts +0 -227
- package/core/__tests__/license.test.ts +0 -326
- package/core/__tests__/multi-browser.test.ts +0 -278
- package/core/__tests__/orchestrator.test.ts +0 -520
- package/core/__tests__/phase-gate.test.ts +0 -43
- package/core/__tests__/report-html.test.ts +0 -398
- package/core/__tests__/report-upload.test.ts +0 -325
- package/core/__tests__/run-counter.test.ts +0 -234
- package/core/ci-output.ts +0 -240
- package/core/cli.ts +0 -354
- package/core/config.ts +0 -178
- package/core/cost-tracker.ts +0 -59
- package/core/evidence.ts +0 -132
- package/core/fix-loop.ts +0 -85
- package/core/health-check.ts +0 -54
- package/core/init.ts +0 -546
- package/core/license-gen.ts +0 -212
- package/core/license.ts +0 -208
- package/core/messages.ts +0 -67
- package/core/multi-browser.ts +0 -136
- package/core/orchestrator.ts +0 -427
- package/core/phase-gate.ts +0 -55
- package/core/report-html.ts +0 -657
- package/core/report-upload.ts +0 -188
- package/core/run-counter.ts +0 -175
- package/core/types.ts +0 -57
- package/dist/core/multi-browser.d.ts +0 -36
- package/dist/core/multi-browser.d.ts.map +0 -1
- package/dist/core/multi-browser.js +0 -88
- package/dist/core/multi-browser.js.map +0 -1
- package/helpers/__tests__/api-client.test.ts +0 -199
- package/helpers/__tests__/element-discovery.test.ts +0 -202
- package/helpers/__tests__/form-filler-extended.test.ts +0 -212
- package/helpers/__tests__/form-filler.test.ts +0 -99
- package/helpers/__tests__/modal-handler.test.ts +0 -152
- package/helpers/__tests__/navigation.test.ts +0 -214
- package/helpers/__tests__/quality-gate.test.ts +0 -117
- package/helpers/__tests__/screenshot.test.ts +0 -139
- package/helpers/__tests__/seed-validator.test.ts +0 -114
- package/helpers/api-client.ts +0 -111
- package/helpers/element-discovery.ts +0 -105
- package/helpers/env-resolver.ts +0 -69
- package/helpers/form-filler.ts +0 -126
- package/helpers/modal-handler.ts +0 -108
- package/helpers/navigation.ts +0 -100
- package/helpers/quality-gate.ts +0 -180
- package/helpers/screenshot.ts +0 -111
- package/helpers/seed-validator.ts +0 -70
|
@@ -0,0 +1,52 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Open-Redirect Detector — static scan for redirects whose target is
|
|
3
|
+
* derived from request input without validation. An attacker crafts
|
|
4
|
+
* `?next=https://evil.example` and your `res.redirect(req.query.next)`
|
|
5
|
+
* bounces the victim (or their OAuth token) to a site they control.
|
|
6
|
+
* OWASP "Unvalidated Redirects and Forwards".
|
|
7
|
+
*
|
|
8
|
+
* Detected sinks:
|
|
9
|
+
* - res.redirect(<tainted>) (Express / NestJS)
|
|
10
|
+
* - redirect(<tainted>) (Next.js server actions / RR)
|
|
11
|
+
* - res.setHeader('Location', <tainted>) / writeHead(302, { Location })
|
|
12
|
+
* - ctx.redirect(<tainted>) (Koa)
|
|
13
|
+
*
|
|
14
|
+
* "Tainted" = the redirect argument references request-controlled input:
|
|
15
|
+
* `req.` / `request.` / a `.query` / `.params` / `.body` member access.
|
|
16
|
+
*
|
|
17
|
+
* To cut false positives, a redirect whose argument is checked against an
|
|
18
|
+
* allowlist on the SAME line/expression (startsWith('/'), an includes()
|
|
19
|
+
* guard, a leading-slash-only literal) is not flagged.
|
|
20
|
+
*
|
|
21
|
+
* Findings:
|
|
22
|
+
* - 107-open-redirect high code-bug-security
|
|
23
|
+
* - 107-clean / 107-summary info
|
|
24
|
+
*
|
|
25
|
+
* Persists `evidence/open-redirect-audit.json`. Read-only, parallel-safe,
|
|
26
|
+
* static analysis only.
|
|
27
|
+
*/
|
|
28
|
+
import type { Finding } from '../core/types.js';
|
|
29
|
+
import { BaseAgent } from './base-agent.js';
|
|
30
|
+
export interface OpenRedirectHit {
|
|
31
|
+
file: string;
|
|
32
|
+
line: number;
|
|
33
|
+
sink: string;
|
|
34
|
+
snippet: string;
|
|
35
|
+
}
|
|
36
|
+
export interface OpenRedirectAudit {
|
|
37
|
+
version: 1;
|
|
38
|
+
generatedAt: string;
|
|
39
|
+
projectRoot: string;
|
|
40
|
+
filesScanned: number;
|
|
41
|
+
hits: OpenRedirectHit[];
|
|
42
|
+
}
|
|
43
|
+
/** Scan a file for redirect sinks fed by request-controlled input. */
|
|
44
|
+
export declare function scanOpenRedirect(content: string): Array<Omit<OpenRedirectHit, 'file'>>;
|
|
45
|
+
export declare class OpenRedirectDetectorAgent extends BaseAgent {
|
|
46
|
+
readonly agentId = 107;
|
|
47
|
+
readonly agentName = "Open-Redirect Detector";
|
|
48
|
+
protected preFlight(): Promise<void>;
|
|
49
|
+
protected execute(): Promise<Finding[]>;
|
|
50
|
+
private persistAudit;
|
|
51
|
+
}
|
|
52
|
+
//# sourceMappingURL=107-open-redirect-detector.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"107-open-redirect-detector.d.ts","sourceRoot":"","sources":["../../agents/107-open-redirect-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAwBzC,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,CAAC,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,eAAe,EAAE,CAAC;CACzB;AA4DD,sEAAsE;AACtE,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,CAuCtF;AAED,qBAAa,yBAA0B,SAAQ,SAAS;IACtD,QAAQ,CAAC,OAAO,OAAO;IACvB,QAAQ,CAAC,SAAS,4BAA4B;cAE9B,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAO1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IAwE7C,OAAO,CAAC,YAAY;CAyBrB"}
|
|
@@ -0,0 +1,263 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Open-Redirect Detector — static scan for redirects whose target is
|
|
3
|
+
* derived from request input without validation. An attacker crafts
|
|
4
|
+
* `?next=https://evil.example` and your `res.redirect(req.query.next)`
|
|
5
|
+
* bounces the victim (or their OAuth token) to a site they control.
|
|
6
|
+
* OWASP "Unvalidated Redirects and Forwards".
|
|
7
|
+
*
|
|
8
|
+
* Detected sinks:
|
|
9
|
+
* - res.redirect(<tainted>) (Express / NestJS)
|
|
10
|
+
* - redirect(<tainted>) (Next.js server actions / RR)
|
|
11
|
+
* - res.setHeader('Location', <tainted>) / writeHead(302, { Location })
|
|
12
|
+
* - ctx.redirect(<tainted>) (Koa)
|
|
13
|
+
*
|
|
14
|
+
* "Tainted" = the redirect argument references request-controlled input:
|
|
15
|
+
* `req.` / `request.` / a `.query` / `.params` / `.body` member access.
|
|
16
|
+
*
|
|
17
|
+
* To cut false positives, a redirect whose argument is checked against an
|
|
18
|
+
* allowlist on the SAME line/expression (startsWith('/'), an includes()
|
|
19
|
+
* guard, a leading-slash-only literal) is not flagged.
|
|
20
|
+
*
|
|
21
|
+
* Findings:
|
|
22
|
+
* - 107-open-redirect high code-bug-security
|
|
23
|
+
* - 107-clean / 107-summary info
|
|
24
|
+
*
|
|
25
|
+
* Persists `evidence/open-redirect-audit.json`. Read-only, parallel-safe,
|
|
26
|
+
* static analysis only.
|
|
27
|
+
*/
|
|
28
|
+
import * as fs from 'node:fs';
|
|
29
|
+
import * as path from 'node:path';
|
|
30
|
+
import { BaseAgent } from './base-agent.js';
|
|
31
|
+
import { maskNonCode, isTestPath } from './lib/source-scan.js';
|
|
32
|
+
const SRC_EXTENSIONS = new Set(['.ts', '.tsx', '.js', '.jsx', '.mjs', '.cjs']);
|
|
33
|
+
const SKIP_DIRS = new Set([
|
|
34
|
+
'node_modules', '.git', 'dist', 'build', '.next', '.nuxt', 'coverage', 'reports', 'baselines', 'evidence',
|
|
35
|
+
]);
|
|
36
|
+
/** Request-controlled input references inside a redirect target. */
|
|
37
|
+
// `(?!\s*\()` on the `.query|params|body` accessor excludes same-named method calls
|
|
38
|
+
// (TypeORM `queryRunner.query(...)`) from being treated as request input. Mirrors agents/112.
|
|
39
|
+
const TAINT_RE = /\b(?:req|request)\b|\.(?:query|params|body)\b(?!\s*\(|\s*\?\.\s*\()|\bquery\.[A-Za-z_$]|\bparams\.[A-Za-z_$]|\bbody\.[A-Za-z_$]|\b(?:nextUrl|searchParams)\b/;
|
|
40
|
+
/** Same-line guards that suggest the target is validated → suppress. */
|
|
41
|
+
const GUARD_RE = /startsWith\s*\(\s*['"`]\//;
|
|
42
|
+
/**
|
|
43
|
+
* The redirect target is a literal relative path → same-origin, can't be
|
|
44
|
+
* navigated off-site, so interpolated request input can't make it an open
|
|
45
|
+
* redirect. Covers both the direct form `redirect(`/${x}/bar`)` and the Next.js
|
|
46
|
+
* `redirect(new URL(`/login`, req.url))` idiom (where req.url is only the base).
|
|
47
|
+
* Protocol-relative "//host" is excluded — the browser treats it as absolute.
|
|
48
|
+
*/
|
|
49
|
+
const RELATIVE_PATH_RE = /^[\s(]*(?:new\s+URL\s*\(\s*)?['"`]\/(?!\/)/;
|
|
50
|
+
function walk(dir, results = []) {
|
|
51
|
+
if (!fs.existsSync(dir))
|
|
52
|
+
return results;
|
|
53
|
+
let entries;
|
|
54
|
+
try {
|
|
55
|
+
entries = fs.readdirSync(dir, { withFileTypes: true });
|
|
56
|
+
}
|
|
57
|
+
catch {
|
|
58
|
+
return results;
|
|
59
|
+
}
|
|
60
|
+
for (const entry of entries) {
|
|
61
|
+
if (SKIP_DIRS.has(entry.name))
|
|
62
|
+
continue;
|
|
63
|
+
const full = path.join(dir, entry.name);
|
|
64
|
+
if (entry.isDirectory()) {
|
|
65
|
+
walk(full, results);
|
|
66
|
+
}
|
|
67
|
+
else if (entry.isFile() && SRC_EXTENSIONS.has(path.extname(entry.name))) {
|
|
68
|
+
results.push(full);
|
|
69
|
+
}
|
|
70
|
+
}
|
|
71
|
+
return results;
|
|
72
|
+
}
|
|
73
|
+
function relativise(absPath, root) {
|
|
74
|
+
return path.relative(root, absPath).split(path.sep).join('/');
|
|
75
|
+
}
|
|
76
|
+
function readParens(content, openIdx) {
|
|
77
|
+
if (content[openIdx] !== '(')
|
|
78
|
+
return null;
|
|
79
|
+
let depth = 0;
|
|
80
|
+
let inString = null;
|
|
81
|
+
let escape = false;
|
|
82
|
+
for (let i = openIdx; i < content.length; i++) {
|
|
83
|
+
const ch = content[i];
|
|
84
|
+
if (escape) {
|
|
85
|
+
escape = false;
|
|
86
|
+
continue;
|
|
87
|
+
}
|
|
88
|
+
if (inString) {
|
|
89
|
+
if (ch === '\\')
|
|
90
|
+
escape = true;
|
|
91
|
+
else if (ch === inString)
|
|
92
|
+
inString = null;
|
|
93
|
+
continue;
|
|
94
|
+
}
|
|
95
|
+
if (ch === '"' || ch === "'" || ch === '`') {
|
|
96
|
+
inString = ch;
|
|
97
|
+
continue;
|
|
98
|
+
}
|
|
99
|
+
if (ch === '(')
|
|
100
|
+
depth++;
|
|
101
|
+
else if (ch === ')') {
|
|
102
|
+
depth--;
|
|
103
|
+
if (depth === 0)
|
|
104
|
+
return { text: content.slice(openIdx, i + 1), end: i };
|
|
105
|
+
}
|
|
106
|
+
}
|
|
107
|
+
return null;
|
|
108
|
+
}
|
|
109
|
+
function lineOf(content, index) {
|
|
110
|
+
return content.slice(0, index).split('\n').length;
|
|
111
|
+
}
|
|
112
|
+
function snippetOf(content, index) {
|
|
113
|
+
const start = content.lastIndexOf('\n', index) + 1;
|
|
114
|
+
let end = content.indexOf('\n', index);
|
|
115
|
+
if (end === -1)
|
|
116
|
+
end = content.length;
|
|
117
|
+
return content.slice(start, end).trim().slice(0, 160);
|
|
118
|
+
}
|
|
119
|
+
/** Scan a file for redirect sinks fed by request-controlled input. */
|
|
120
|
+
export function scanOpenRedirect(content) {
|
|
121
|
+
const hits = [];
|
|
122
|
+
const seen = new Set();
|
|
123
|
+
// Strip comments so sink patterns in doc examples don't fire. Strings are
|
|
124
|
+
// kept intact because the `setHeader('Location', …)` sink keys off the
|
|
125
|
+
// literal header name. Line numbers/snippets come from the original source.
|
|
126
|
+
const masked = maskNonCode(content, { maskStrings: false });
|
|
127
|
+
const pushIfTainted = (argText, callIdx, sink) => {
|
|
128
|
+
if (!TAINT_RE.test(argText))
|
|
129
|
+
return;
|
|
130
|
+
if (GUARD_RE.test(argText))
|
|
131
|
+
return; // validated against a leading-slash allowlist
|
|
132
|
+
if (RELATIVE_PATH_RE.test(argText))
|
|
133
|
+
return; // literal relative path → same-origin, safe
|
|
134
|
+
const line = lineOf(content, callIdx);
|
|
135
|
+
if (seen.has(line))
|
|
136
|
+
return;
|
|
137
|
+
seen.add(line);
|
|
138
|
+
hits.push({ line, sink, snippet: snippetOf(content, callIdx) });
|
|
139
|
+
};
|
|
140
|
+
// .redirect( ... ) — res.redirect / ctx.redirect / bare redirect(
|
|
141
|
+
const redirectRe = /(?:\b\w+\.)?\bredirect\s*\(/g;
|
|
142
|
+
let m;
|
|
143
|
+
while ((m = redirectRe.exec(masked)) !== null) {
|
|
144
|
+
const paren = m.index + m[0].length - 1;
|
|
145
|
+
const args = readParens(masked, paren);
|
|
146
|
+
if (!args)
|
|
147
|
+
continue;
|
|
148
|
+
pushIfTainted(args.text, m.index, 'redirect()');
|
|
149
|
+
}
|
|
150
|
+
// setHeader('Location', <tainted>)
|
|
151
|
+
const locationRe = /setHeader\s*\(\s*['"`]location['"`]\s*,/gi;
|
|
152
|
+
while ((m = locationRe.exec(masked)) !== null) {
|
|
153
|
+
// grab the rest of the call args
|
|
154
|
+
const paren = masked.lastIndexOf('(', m.index + m[0].length - 1);
|
|
155
|
+
const args = readParens(masked, paren);
|
|
156
|
+
if (!args)
|
|
157
|
+
continue;
|
|
158
|
+
pushIfTainted(args.text, m.index, "setHeader('Location')");
|
|
159
|
+
}
|
|
160
|
+
return hits;
|
|
161
|
+
}
|
|
162
|
+
export class OpenRedirectDetectorAgent extends BaseAgent {
|
|
163
|
+
agentId = 107;
|
|
164
|
+
agentName = 'Open-Redirect Detector';
|
|
165
|
+
async preFlight() {
|
|
166
|
+
const root = this.config.projectRoot ?? process.cwd();
|
|
167
|
+
if (!fs.existsSync(root)) {
|
|
168
|
+
throw new Error(`projectRoot does not exist: ${root}`);
|
|
169
|
+
}
|
|
170
|
+
}
|
|
171
|
+
async execute() {
|
|
172
|
+
const findings = [];
|
|
173
|
+
const projectRoot = this.config.projectRoot ?? process.cwd();
|
|
174
|
+
const sourceFiles = new Set();
|
|
175
|
+
const mapPath = path.join(this.runDir, 'evidence', 'connection-map.json');
|
|
176
|
+
try {
|
|
177
|
+
const map = JSON.parse(fs.readFileSync(mapPath, 'utf-8'));
|
|
178
|
+
for (const f of map.files) {
|
|
179
|
+
if (!f.isTest)
|
|
180
|
+
sourceFiles.add(path.join(projectRoot, f.path));
|
|
181
|
+
}
|
|
182
|
+
}
|
|
183
|
+
catch {
|
|
184
|
+
for (const f of walk(projectRoot))
|
|
185
|
+
sourceFiles.add(f);
|
|
186
|
+
}
|
|
187
|
+
const allHits = [];
|
|
188
|
+
let filesScanned = 0;
|
|
189
|
+
for (const file of sourceFiles) {
|
|
190
|
+
if (isTestPath(file, projectRoot))
|
|
191
|
+
continue;
|
|
192
|
+
let content;
|
|
193
|
+
try {
|
|
194
|
+
content = fs.readFileSync(file, 'utf-8');
|
|
195
|
+
}
|
|
196
|
+
catch {
|
|
197
|
+
continue;
|
|
198
|
+
}
|
|
199
|
+
filesScanned++;
|
|
200
|
+
const rel = relativise(file, projectRoot);
|
|
201
|
+
for (const hit of scanOpenRedirect(content)) {
|
|
202
|
+
allHits.push({ ...hit, file: rel });
|
|
203
|
+
}
|
|
204
|
+
}
|
|
205
|
+
if (allHits.length === 0) {
|
|
206
|
+
findings.push({
|
|
207
|
+
id: `${this.agentId}-clean`,
|
|
208
|
+
type: 'infra-issue',
|
|
209
|
+
severity: 'info',
|
|
210
|
+
agentId: this.agentId,
|
|
211
|
+
module: 'open-redirect-detector',
|
|
212
|
+
description: `Scanned ${filesScanned} non-test file(s) — no redirects fed by unvalidated request input.`,
|
|
213
|
+
});
|
|
214
|
+
this.persistAudit(projectRoot, filesScanned, allHits);
|
|
215
|
+
return findings;
|
|
216
|
+
}
|
|
217
|
+
for (const hit of allHits.slice(0, 100)) {
|
|
218
|
+
findings.push({
|
|
219
|
+
id: `${this.agentId}-open-redirect-${hit.file.replace(/[^\w]/g, '_')}-${hit.line}`,
|
|
220
|
+
type: 'code-bug-security',
|
|
221
|
+
severity: 'high',
|
|
222
|
+
agentId: this.agentId,
|
|
223
|
+
module: 'open-redirect-detector',
|
|
224
|
+
description: `Redirect target at ${hit.file}:${hit.line} (${hit.sink}) is derived from request input with no visible allowlist — open redirect. An attacker can craft a link that bounces the victim (and any token on the redirect) to a site they control. Validate against an allowlist or only permit same-origin / leading-slash paths. \`${hit.snippet}\``,
|
|
225
|
+
file: hit.file,
|
|
226
|
+
line: hit.line,
|
|
227
|
+
});
|
|
228
|
+
}
|
|
229
|
+
this.persistAudit(projectRoot, filesScanned, allHits);
|
|
230
|
+
findings.push({
|
|
231
|
+
id: `${this.agentId}-summary`,
|
|
232
|
+
type: 'infra-issue',
|
|
233
|
+
severity: 'info',
|
|
234
|
+
agentId: this.agentId,
|
|
235
|
+
module: 'open-redirect-detector',
|
|
236
|
+
description: `Open-redirect audit: ${allHits.length} unvalidated redirect sink(s) across ${filesScanned} file(s).`,
|
|
237
|
+
});
|
|
238
|
+
return findings;
|
|
239
|
+
}
|
|
240
|
+
persistAudit(projectRoot, filesScanned, hits) {
|
|
241
|
+
const audit = {
|
|
242
|
+
version: 1,
|
|
243
|
+
generatedAt: new Date().toISOString(),
|
|
244
|
+
projectRoot,
|
|
245
|
+
filesScanned,
|
|
246
|
+
hits,
|
|
247
|
+
};
|
|
248
|
+
try {
|
|
249
|
+
const evidenceDir = path.join(this.runDir, 'evidence');
|
|
250
|
+
fs.mkdirSync(evidenceDir, { recursive: true });
|
|
251
|
+
fs.writeFileSync(path.join(evidenceDir, 'open-redirect-audit.json'), JSON.stringify(audit, null, 2), 'utf-8');
|
|
252
|
+
this.addEvidence({
|
|
253
|
+
type: 'report',
|
|
254
|
+
path: 'evidence/open-redirect-audit.json',
|
|
255
|
+
description: `Open-redirect audit: ${hits.length} sink(s) across ${filesScanned} file(s)`,
|
|
256
|
+
});
|
|
257
|
+
}
|
|
258
|
+
catch {
|
|
259
|
+
// non-fatal
|
|
260
|
+
}
|
|
261
|
+
}
|
|
262
|
+
}
|
|
263
|
+
//# sourceMappingURL=107-open-redirect-detector.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"107-open-redirect-detector.js","sourceRoot":"","sources":["../../agents/107-open-redirect-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;;;GA0BG;AAEH,OAAO,KAAK,EAAE,MAAM,SAAS,CAAC;AAC9B,OAAO,KAAK,IAAI,MAAM,WAAW,CAAC;AAElC,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAEzC,OAAO,EAAE,WAAW,EAAE,UAAU,EAAE,MAAM,mBAAmB,CAAC;AAE5D,MAAM,cAAc,GAAwB,IAAI,GAAG,CAAC,CAAC,KAAK,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC;AACpG,MAAM,SAAS,GAAwB,IAAI,GAAG,CAAC;IAC7C,cAAc,EAAE,MAAM,EAAE,MAAM,EAAE,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,WAAW,EAAE,UAAU;CAC1G,CAAC,CAAC;AAEH,oEAAoE;AACpE,oFAAoF;AACpF,8FAA8F;AAC9F,MAAM,QAAQ,GAAG,8JAA8J,CAAC;AAChL,wEAAwE;AACxE,MAAM,QAAQ,GAAG,2BAA2B,CAAC;AAC7C;;;;;;GAMG;AACH,MAAM,gBAAgB,GAAG,4CAA4C,CAAC;AAiBtE,SAAS,IAAI,CAAC,GAAW,EAAE,UAAoB,EAAE;IAC/C,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,GAAG,CAAC;QAAE,OAAO,OAAO,CAAC;IACxC,IAAI,OAAoB,CAAC;IACzB,IAAI,CAAC;QACH,OAAO,GAAG,EAAE,CAAC,WAAW,CAAC,GAAG,EAAE,EAAE,aAAa,EAAE,IAAI,EAAE,CAAC,CAAC;IACzD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,OAAO,CAAC;IACjB,CAAC;IACD,KAAK,MAAM,KAAK,IAAI,OAAO,EAAE,CAAC;QAC5B,IAAI,SAAS,CAAC,GAAG,CAAC,KAAK,CAAC,IAAI,CAAC;YAAE,SAAS;QACxC,MAAM,IAAI,GAAG,IAAI,CAAC,IAAI,CAAC,GAAG,EAAE,KAAK,CAAC,IAAI,CAAC,CAAC;QACxC,IAAI,KAAK,CAAC,WAAW,EAAE,EAAE,CAAC;YACxB,IAAI,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;QACtB,CAAC;aAAM,IAAI,KAAK,CAAC,MAAM,EAAE,IAAI,cAAc,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,EAAE,CAAC;YAC1E,OAAO,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;QACrB,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,IAAY;IAC/C,OAAO,IAAI,CAAC,QAAQ,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,CAAC;AAChE,CAAC;AAED,SAAS,UAAU,CAAC,OAAe,EAAE,OAAe;IAClD,IAAI,OAAO,CAAC,OAAO,CAAC,KAAK,GAAG;QAAE,OAAO,IAAI,CAAC;IAC1C,IAAI,KAAK,GAAG,CAAC,CAAC;IACd,IAAI,QAAQ,GAA2B,IAAI,CAAC;IAC5C,IAAI,MAAM,GAAG,KAAK,CAAC;IACnB,KAAK,IAAI,CAAC,GAAG,OAAO,EAAE,CAAC,GAAG,OAAO,CAAC,MAAM,EAAE,CAAC,EAAE,EAAE,CAAC;QAC9C,MAAM,EAAE,GAAG,OAAO,CAAC,CAAC,CAAC,CAAC;QACtB,IAAI,MAAM,EAAE,CAAC;YAAC,MAAM,GAAG,KAAK,CAAC;YAAC,SAAS;QAAC,CAAC;QACzC,IAAI,QAAQ,EAAE,CAAC;YACb,IAAI,EAAE,KAAK,IAAI;gBAAE,MAAM,GAAG,IAAI,CAAC;iBAC1B,IAAI,EAAE,KAAK,QAAQ;gBAAE,QAAQ,GAAG,IAAI,CAAC;YAC1C,SAAS;QACX,CAAC;QACD,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YAAC,QAAQ,GAAG,EAAE,CAAC;YAAC,SAAS;QAAC,CAAC;QACxE,IAAI,EAAE,KAAK,GAAG;YAAE,KAAK,EAAE,CAAC;aACnB,IAAI,EAAE,KAAK,GAAG,EAAE,CAAC;YACpB,KAAK,EAAE,CAAC;YACR,IAAI,KAAK,KAAK,CAAC;gBAAE,OAAO,EAAE,IAAI,EAAE,OAAO,CAAC,KAAK,CAAC,OAAO,EAAE,CAAC,GAAG,CAAC,CAAC,EAAE,GAAG,EAAE,CAAC,EAAE,CAAC;QAC1E,CAAC;IACH,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED,SAAS,MAAM,CAAC,OAAe,EAAE,KAAa;IAC5C,OAAO,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,KAAK,CAAC,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,MAAM,CAAC;AACpD,CAAC;AAED,SAAS,SAAS,CAAC,OAAe,EAAE,KAAa;IAC/C,MAAM,KAAK,GAAG,OAAO,CAAC,WAAW,CAAC,IAAI,EAAE,KAAK,CAAC,GAAG,CAAC,CAAC;IACnD,IAAI,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,IAAI,EAAE,KAAK,CAAC,CAAC;IACvC,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,GAAG,GAAG,OAAO,CAAC,MAAM,CAAC;IACrC,OAAO,OAAO,CAAC,KAAK,CAAC,KAAK,EAAE,GAAG,CAAC,CAAC,IAAI,EAAE,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AACxD,CAAC;AAED,sEAAsE;AACtE,MAAM,UAAU,gBAAgB,CAAC,OAAe;IAC9C,MAAM,IAAI,GAAyC,EAAE,CAAC;IACtD,MAAM,IAAI,GAAG,IAAI,GAAG,EAAU,CAAC;IAC/B,0EAA0E;IAC1E,uEAAuE;IACvE,4EAA4E;IAC5E,MAAM,MAAM,GAAG,WAAW,CAAC,OAAO,EAAE,EAAE,WAAW,EAAE,KAAK,EAAE,CAAC,CAAC;IAE5D,MAAM,aAAa,GAAG,CAAC,OAAe,EAAE,OAAe,EAAE,IAAY,EAAQ,EAAE;QAC7E,IAAI,CAAC,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO;QACpC,IAAI,QAAQ,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO,CAAC,8CAA8C;QAClF,IAAI,gBAAgB,CAAC,IAAI,CAAC,OAAO,CAAC;YAAE,OAAO,CAAC,4CAA4C;QACxF,MAAM,IAAI,GAAG,MAAM,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QACtC,IAAI,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC;YAAE,OAAO;QAC3B,IAAI,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC;QACf,IAAI,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,IAAI,EAAE,OAAO,EAAE,SAAS,CAAC,OAAO,EAAE,OAAO,CAAC,EAAE,CAAC,CAAC;IAClE,CAAC,CAAC;IAEF,mEAAmE;IACnE,MAAM,UAAU,GAAG,8BAA8B,CAAC;IAClD,IAAI,CAAyB,CAAC;IAC9B,OAAO,CAAC,CAAC,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC9C,MAAM,KAAK,GAAG,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC;QACxC,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,EAAE,YAAY,CAAC,CAAC;IAClD,CAAC;IAED,mCAAmC;IACnC,MAAM,UAAU,GAAG,2CAA2C,CAAC;IAC/D,OAAO,CAAC,CAAC,GAAG,UAAU,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC,KAAK,IAAI,EAAE,CAAC;QAC9C,iCAAiC;QACjC,MAAM,KAAK,GAAG,MAAM,CAAC,WAAW,CAAC,GAAG,EAAE,CAAC,CAAC,KAAK,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC;QACjE,MAAM,IAAI,GAAG,UAAU,CAAC,MAAM,EAAE,KAAK,CAAC,CAAC;QACvC,IAAI,CAAC,IAAI;YAAE,SAAS;QACpB,aAAa,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC,CAAC,KAAK,EAAE,uBAAuB,CAAC,CAAC;IAC7D,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,OAAO,yBAA0B,SAAQ,SAAS;IAC7C,OAAO,GAAG,GAAG,CAAC;IACd,SAAS,GAAG,wBAAwB,CAAC;IAEpC,KAAK,CAAC,SAAS;QACvB,MAAM,IAAI,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QACtD,IAAI,CAAC,EAAE,CAAC,UAAU,CAAC,IAAI,CAAC,EAAE,CAAC;YACzB,MAAM,IAAI,KAAK,CAAC,+BAA+B,IAAI,EAAE,CAAC,CAAC;QACzD,CAAC;IACH,CAAC;IAES,KAAK,CAAC,OAAO;QACrB,MAAM,QAAQ,GAAc,EAAE,CAAC;QAC/B,MAAM,WAAW,GAAG,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,OAAO,CAAC,GAAG,EAAE,CAAC;QAE7D,MAAM,WAAW,GAAG,IAAI,GAAG,EAAU,CAAC;QACtC,MAAM,OAAO,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,EAAE,qBAAqB,CAAC,CAAC;QAC1E,IAAI,CAAC;YACH,MAAM,GAAG,GAAG,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC,YAAY,CAAC,OAAO,EAAE,OAAO,CAAC,CAAkB,CAAC;YAC3E,KAAK,MAAM,CAAC,IAAI,GAAG,CAAC,KAAK,EAAE,CAAC;gBAC1B,IAAI,CAAC,CAAC,CAAC,MAAM;oBAAE,WAAW,CAAC,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC;YACjE,CAAC;QACH,CAAC;QAAC,MAAM,CAAC;YACP,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,WAAW,CAAC;gBAAE,WAAW,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC;QACxD,CAAC;QAED,MAAM,OAAO,GAAsB,EAAE,CAAC;QACtC,IAAI,YAAY,GAAG,CAAC,CAAC;QACrB,KAAK,MAAM,IAAI,IAAI,WAAW,EAAE,CAAC;YAC/B,IAAI,UAAU,CAAC,IAAI,EAAE,WAAW,CAAC;gBAAE,SAAS;YAC5C,IAAI,OAAe,CAAC;YACpB,IAAI,CAAC;gBACH,OAAO,GAAG,EAAE,CAAC,YAAY,CAAC,IAAI,EAAE,OAAO,CAAC,CAAC;YAC3C,CAAC;YAAC,MAAM,CAAC;gBACP,SAAS;YACX,CAAC;YACD,YAAY,EAAE,CAAC;YACf,MAAM,GAAG,GAAG,UAAU,CAAC,IAAI,EAAE,WAAW,CAAC,CAAC;YAC1C,KAAK,MAAM,GAAG,IAAI,gBAAgB,CAAC,OAAO,CAAC,EAAE,CAAC;gBAC5C,OAAO,CAAC,IAAI,CAAC,EAAE,GAAG,GAAG,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YACtC,CAAC;QACH,CAAC;QAED,IAAI,OAAO,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;YACzB,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,QAAQ;gBAC3B,IAAI,EAAE,aAAa;gBACnB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,wBAAwB;gBAChC,WAAW,EAAE,WAAW,YAAY,oEAAoE;aACzG,CAAC,CAAC;YACH,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;YACtD,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;YACxC,QAAQ,CAAC,IAAI,CAAC;gBACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,kBAAkB,GAAG,CAAC,IAAI,CAAC,OAAO,CAAC,QAAQ,EAAE,GAAG,CAAC,IAAI,GAAG,CAAC,IAAI,EAAE;gBAClF,IAAI,EAAE,mBAAmB;gBACzB,QAAQ,EAAE,MAAM;gBAChB,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,MAAM,EAAE,wBAAwB;gBAChC,WAAW,EAAE,sBAAsB,GAAG,CAAC,IAAI,IAAI,GAAG,CAAC,IAAI,KAAK,GAAG,CAAC,IAAI,6QAA6Q,GAAG,CAAC,OAAO,IAAI;gBAChW,IAAI,EAAE,GAAG,CAAC,IAAI;gBACd,IAAI,EAAE,GAAG,CAAC,IAAI;aACf,CAAC,CAAC;QACL,CAAC;QAED,IAAI,CAAC,YAAY,CAAC,WAAW,EAAE,YAAY,EAAE,OAAO,CAAC,CAAC;QAEtD,QAAQ,CAAC,IAAI,CAAC;YACZ,EAAE,EAAE,GAAG,IAAI,CAAC,OAAO,UAAU;YAC7B,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,MAAM;YAChB,OAAO,EAAE,IAAI,CAAC,OAAO;YACrB,MAAM,EAAE,wBAAwB;YAChC,WAAW,EAAE,wBAAwB,OAAO,CAAC,MAAM,wCAAwC,YAAY,WAAW;SACnH,CAAC,CAAC;QAEH,OAAO,QAAQ,CAAC;IAClB,CAAC;IAEO,YAAY,CAAC,WAAmB,EAAE,YAAoB,EAAE,IAAuB;QACrF,MAAM,KAAK,GAAsB;YAC/B,OAAO,EAAE,CAAC;YACV,WAAW,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACrC,WAAW;YACX,YAAY;YACZ,IAAI;SACL,CAAC;QACF,IAAI,CAAC;YACH,MAAM,WAAW,GAAG,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YACvD,EAAE,CAAC,SAAS,CAAC,WAAW,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;YAC/C,EAAE,CAAC,aAAa,CACd,IAAI,CAAC,IAAI,CAAC,WAAW,EAAE,0BAA0B,CAAC,EAClD,IAAI,CAAC,SAAS,CAAC,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,EAC9B,OAAO,CACR,CAAC;YACF,IAAI,CAAC,WAAW,CAAC;gBACf,IAAI,EAAE,QAAQ;gBACd,IAAI,EAAE,mCAAmC;gBACzC,WAAW,EAAE,wBAAwB,IAAI,CAAC,MAAM,mBAAmB,YAAY,UAAU;aAC1F,CAAC,CAAC;QACL,CAAC;QAAC,MAAM,CAAC;YACP,YAAY;QACd,CAAC;IACH,CAAC;CACF"}
|
|
@@ -0,0 +1,51 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SQL Injection Detector — static scan for raw SQL built by string
|
|
3
|
+
* interpolation or concatenation. OWASP #1. Parameterized queries are
|
|
4
|
+
* safe; a query string with `${userInput}` spliced in is not.
|
|
5
|
+
*
|
|
6
|
+
* Flagged sinks:
|
|
7
|
+
* - Prisma: $queryRawUnsafe(...) / $executeRawUnsafe(...) with ANY
|
|
8
|
+
* interpolation or `+` concat. (The *Unsafe variants take a plain
|
|
9
|
+
* string — the safe $queryRaw tagged template is parameterized and is
|
|
10
|
+
* never flagged. So "Unsafe + dynamic" is textbook injection.)
|
|
11
|
+
* - Generic: .query(...) / .execute(...) / .raw(...) / sequelize.query(...)
|
|
12
|
+
* whose argument is a template literal with `${...}` OR a `+` concat,
|
|
13
|
+
* AND references request input (req / request / .query / .params /
|
|
14
|
+
* .body). The request-input gate keeps false positives down on the
|
|
15
|
+
* generic sinks (a `.query()` with an interpolated constant is fine).
|
|
16
|
+
*
|
|
17
|
+
* Findings:
|
|
18
|
+
* - 108-sql-injection critical code-bug-security
|
|
19
|
+
* - 108-clean / 108-summary info
|
|
20
|
+
*
|
|
21
|
+
* Persists `evidence/sql-injection-audit.json`. Read-only, parallel-safe,
|
|
22
|
+
* static analysis only.
|
|
23
|
+
*/
|
|
24
|
+
import type { Finding } from '../core/types.js';
|
|
25
|
+
import { BaseAgent } from './base-agent.js';
|
|
26
|
+
export interface SqlInjectionHit {
|
|
27
|
+
file: string;
|
|
28
|
+
line: number;
|
|
29
|
+
sink: string;
|
|
30
|
+
snippet: string;
|
|
31
|
+
/** True when the interpolated value is request-derived (a real injection);
|
|
32
|
+
* false for dynamic-but-not-tainted input (e.g. a constant table name). */
|
|
33
|
+
tainted: boolean;
|
|
34
|
+
}
|
|
35
|
+
export interface SqlInjectionAudit {
|
|
36
|
+
version: 1;
|
|
37
|
+
generatedAt: string;
|
|
38
|
+
projectRoot: string;
|
|
39
|
+
filesScanned: number;
|
|
40
|
+
hits: SqlInjectionHit[];
|
|
41
|
+
}
|
|
42
|
+
/** Scan a file for injectable raw-SQL sinks. */
|
|
43
|
+
export declare function scanSqlInjection(content: string): Array<Omit<SqlInjectionHit, 'file'>>;
|
|
44
|
+
export declare class SqlInjectionDetectorAgent extends BaseAgent {
|
|
45
|
+
readonly agentId = 108;
|
|
46
|
+
readonly agentName = "SQL Injection Detector";
|
|
47
|
+
protected preFlight(): Promise<void>;
|
|
48
|
+
protected execute(): Promise<Finding[]>;
|
|
49
|
+
private persistAudit;
|
|
50
|
+
}
|
|
51
|
+
//# sourceMappingURL=108-sql-injection-detector.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"108-sql-injection-detector.d.ts","sourceRoot":"","sources":["../../agents/108-sql-injection-detector.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;GAsBG;AAIH,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,eAAe,CAAC;AAC7C,OAAO,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAczC,MAAM,WAAW,eAAe;IAC9B,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB;gFAC4E;IAC5E,OAAO,EAAE,OAAO,CAAC;CAClB;AAED,MAAM,WAAW,iBAAiB;IAChC,OAAO,EAAE,CAAC,CAAC;IACX,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,YAAY,EAAE,MAAM,CAAC;IACrB,IAAI,EAAE,eAAe,EAAE,CAAC;CACzB;AAwHD,gDAAgD;AAChD,wBAAgB,gBAAgB,CAAC,OAAO,EAAE,MAAM,GAAG,KAAK,CAAC,IAAI,CAAC,eAAe,EAAE,MAAM,CAAC,CAAC,CA0CtF;AAED,qBAAa,yBAA0B,SAAQ,SAAS;IACtD,QAAQ,CAAC,OAAO,OAAO;IACvB,QAAQ,CAAC,SAAS,4BAA4B;cAE9B,SAAS,IAAI,OAAO,CAAC,IAAI,CAAC;cAO1B,OAAO,IAAI,OAAO,CAAC,OAAO,EAAE,CAAC;IA0E7C,OAAO,CAAC,YAAY;CAyBrB"}
|