@datasynx/agentic-ai-cartography 2.9.0 → 2.10.0

package/dist/cli.js

@@ -11,7 +11,7 @@ import {
   runDrift,
   runLocalDiscovery,
   startMcp
-} from "./chunk-LRUWWHMQ.js";
+} from "./chunk-ASCA3UFM.js";
 import {
   entitiesToYaml,
   startApi,

package/dist/index.cjs

@@ -36,6 +36,7 @@ __export(src_exports, {
   AuthorizationError: () => AuthorizationError,
   CLIENTS: () => CLIENTS,
   CONFIDENCE: () => CONFIDENCE,
+  CORRELATION_CONFIDENCE: () => CORRELATION_CONFIDENCE,
   CartographyDB: () => CartographyDB,
   ComplianceReportSchema: () => ComplianceReportSchema,
   ComplianceRuleSchema: () => ComplianceRuleSchema,
@@ -122,6 +123,7 @@ __export(src_exports, {
   computeIdentity: () => computeIdentity,
   connectionsScanner: () => connectionsScanner,
   contentHash: () => contentHash,
+  correlateTopology: () => correlateTopology,
   createBashTool: () => createBashTool,
   createCartographyTools: () => createCartographyTools,
   createClaudeProvider: () => createClaudeProvider,
@@ -169,6 +171,7 @@ __export(src_exports, {
   exportJGF: () => exportJGF,
   exportJSON: () => exportJSON,
   extractListeningPorts: () => extractListeningPorts,
+  extractSignals: () => extractSignals,
   filterBySeverity: () => filterBySeverity,
   findAnonViolations: () => findAnonViolations,
   formatComplianceText: () => formatComplianceText,
@@ -6134,9 +6137,146 @@ async function resolveNlQuery(db, sessionId, search, raw, opts) {
   return executeNlQuery(db, sessionId, search, parseNlQuery(raw), opts);
 }
 
+// src/correlation/signals.ts
+var IPV4 = /\b(?:(?:25[0-5]|2[0-4]\d|1?\d?\d)\.){3}(?:25[0-5]|2[0-4]\d|1?\d?\d)\b/g;
+var DNS = /\b(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.){1,8}[a-z]{2,24}\b/gi;
+var ENDPOINT = /\b((?:[a-z0-9][a-z0-9.-]{0,253})):(\d{1,5})\b/gi;
+function isPrivateIp(ip) {
+  return /^(?:10\.|127\.|169\.254\.|192\.168\.|172\.(?:1[6-9]|2\d|3[01])\.)/.test(ip);
+}
+function sources(node) {
+  const out = [node.id, node.name];
+  const meta = node.metadata;
+  if (meta) {
+    for (const k of ["host", "hostname", "ip", "address", "dns", "dnsName", "endpoint", "fqdn", "publicIp", "privateIp", "url"]) {
+      const v = meta[k];
+      if (typeof v === "string") out.push(v);
+    }
+  }
+  return out;
+}
+var KNOWN_PROVIDERS = /* @__PURE__ */ new Set(["aws", "gcp", "azure", "k8s", "kubernetes", "localhost", "docker"]);
+function parseProvider(id) {
+  const seg = id.split(":");
+  if (seg.length >= 3 && KNOWN_PROVIDERS.has(seg[1])) return seg[1];
+  return void 0;
+}
+function extractSignals(node) {
+  const text = sources(node).join(" \n ");
+  const publicIps = /* @__PURE__ */ new Set();
+  const privateIps = /* @__PURE__ */ new Set();
+  const dnsNames = /* @__PURE__ */ new Set();
+  const endpoints = /* @__PURE__ */ new Set();
+  for (const m of text.matchAll(IPV4)) (isPrivateIp(m[0]) ? privateIps : publicIps).add(m[0]);
+  for (const m of text.matchAll(DNS)) dnsNames.add(m[0].toLowerCase());
+  for (const m of text.matchAll(ENDPOINT)) endpoints.add(`${m[1].toLowerCase()}:${m[2]}`);
+  const provider = parseProvider(node.id);
+  const sortUniq = (s) => [...s].sort();
+  return {
+    ...provider ? { provider } : {},
+    endpoints: sortUniq(endpoints),
+    publicIps: sortUniq(publicIps),
+    privateIps: sortUniq(privateIps),
+    // The DNS regex requires an alphabetic TLD, so pure IPv4s never land here.
+    dnsNames: sortUniq(dnsNames)
+  };
+}
+
+// src/correlation/correlate.ts
+var CORRELATION_CONFIDENCE = {
+  "global-identity": 1,
+  "dns-name": 0.95,
+  "public-ip": 0.9,
+  "endpoint": 0.85,
+  "private-ip": 0.5
+};
+var MERGE_THRESHOLD = 0.85;
+var DSU = class {
+  parent;
+  constructor(n) {
+    this.parent = Array.from({ length: n }, (_, i) => i);
+  }
+  find(x) {
+    while (this.parent[x] !== x) {
+      this.parent[x] = this.parent[this.parent[x]];
+      x = this.parent[x];
+    }
+    return x;
+  }
+  union(a, b) {
+    const ra = this.find(a), rb = this.find(b);
+    if (ra !== rb) this.parent[Math.max(ra, rb)] = Math.min(ra, rb);
+  }
+};
+function correlateTopology(nodes, _edges = []) {
+  const n = nodes.length;
+  const signals = nodes.map(extractSignals);
+  const dsu = new DSU(n);
+  const correlations = [];
+  const merged = /* @__PURE__ */ new Set();
+  const buckets = /* @__PURE__ */ new Map();
+  const add = (sig, val, i) => {
+    const k = `${sig}|${val}`;
+    const arr = buckets.get(k);
+    if (arr) arr.push(i);
+    else buckets.set(k, [i]);
+  };
+  nodes.forEach((node, i) => {
+    if (node.globalId) add("global-identity", node.globalId, i);
+    for (const d of signals[i].dnsNames) add("dns-name", d, i);
+    for (const ip of signals[i].publicIps) add("public-ip", ip, i);
+    for (const e of signals[i].endpoints) add("endpoint", e, i);
+  });
+  const order = ["global-identity", "dns-name", "public-ip", "endpoint"];
+  for (const sig of order) {
+    const conf = CORRELATION_CONFIDENCE[sig];
+    const keys = [...buckets.keys()].filter((k) => k.startsWith(`${sig}|`)).sort();
+    for (const key of keys) {
+      const members = buckets.get(key).slice().sort((x, y) => nodes[x].id.localeCompare(nodes[y].id));
+      const value = key.slice(sig.length + 1);
+      for (let j = 1; j < members.length; j++) {
+        const a = members[0], b = members[j];
+        if (conf < MERGE_THRESHOLD) continue;
+        dsu.union(a, b);
+        merged.add(a);
+        merged.add(b);
+        const [s, t] = [nodes[a].id, nodes[b].id].sort();
+        correlations.push({ sourceId: s, targetId: t, relationship: "same_as", signal: sig, confidence: conf, evidence: `[${sig}] shared ${value}` });
+      }
+    }
+  }
+  const clusters = /* @__PURE__ */ new Map();
+  for (let i = 0; i < n; i++) {
+    const r = dsu.find(i);
+    const arr = clusters.get(r);
+    if (arr) arr.push(i);
+    else clusters.set(r, [i]);
+  }
+  const canonical = [];
+  let crossCloud = 0;
+  for (const idxs of clusters.values()) {
+    const memberNodes = idxs.map((i) => nodes[i]);
+    const members = memberNodes.map((m) => m.id).sort();
+    const providers = [...new Set(idxs.map((i) => signals[i].provider).filter((p) => !!p))].sort();
+    const rep = memberNodes.reduce((a, b) => a.id < b.id ? a : b);
+    const memberIds = new Set(members);
+    const internal = correlations.filter((c) => memberIds.has(c.sourceId) && memberIds.has(c.targetId));
+    const confidence = internal.length ? Math.min(...internal.map((c) => c.confidence)) : 1;
+    if (providers.length > 1) crossCloud += 1;
+    canonical.push({ id: rep.id, type: rep.type, name: rep.name, members, providers, confidence });
+  }
+  canonical.sort((a, b) => a.id.localeCompare(b.id));
+  correlations.sort((a, b) => b.confidence - a.confidence || a.sourceId.localeCompare(b.sourceId) || a.targetId.localeCompare(b.targetId));
+  return {
+    canonical,
+    correlations,
+    summary: { rawNodes: n, canonicalNodes: canonical.length, collapsed: n - canonical.length, crossCloud }
+  };
+}
+
 // src/mcp/server.ts
 var SERVER_NAME = "cartography";
-var SERVER_VERSION = "2.9.0";
+var SERVER_VERSION = "2.10.0";
 var SERVICE_TYPES = NODE_TYPE_GROUPS.web;
 var DATA_TYPES = NODE_TYPE_GROUPS.data;
 var lexicalSearch = async (db, sessionId, query, opts) => db.searchNodes(sessionId, query, { types: opts.types, limit: opts.limit }).map((node) => ({ node }));
@@ -6296,6 +6436,15 @@ function createMcpServer(opts = {}) {
       return json(db.getGraphSummary(sid));
     }
   );
+  server.registerTool(
+    "correlate_topology",
+    { title: "Correlate multi-cloud topology", description: "Collapse the same logical resource discovered across clouds/on-prem (by global identity or a shared DNS name / public IP / endpoint) into canonical entities with confidence-scored same_as links. Read-only, non-destructive (5.1).", inputSchema: {}, annotations: readOnly },
+    () => {
+      const sid = resolveSession();
+      if (!sid) return json({ error: "No discovery session found." });
+      return json(correlateTopology(db.getNodes(sid), db.getEdges(sid)));
+    }
+  );
   server.registerTool(
     "get_cost_summary",
     { title: "Get cost summary", description: "FinOps rollup: cost by domain and owner, currency/period-bucketed (3.3).", inputSchema: {}, annotations: readOnly },
@@ -12220,6 +12369,7 @@ function checkClaudePrerequisites() {
   AuthorizationError,
   CLIENTS,
   CONFIDENCE,
+  CORRELATION_CONFIDENCE,
   CartographyDB,
   ComplianceReportSchema,
   ComplianceRuleSchema,
@@ -12306,6 +12456,7 @@ function checkClaudePrerequisites() {
   computeIdentity,
   connectionsScanner,
   contentHash,
+  correlateTopology,
   createBashTool,
   createCartographyTools,
   createClaudeProvider,
@@ -12353,6 +12504,7 @@ function checkClaudePrerequisites() {
   exportJGF,
   exportJSON,
   extractListeningPorts,
+  extractSignals,
   filterBySeverity,
   findAnonViolations,
   formatComplianceText,