npm - @grc-claw/integration-marketplace - Versions diffs - 0.8.0 - Mend

@grc-claw/integration-marketplace 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (311) hide show

package/dist/IntegrationMarketplace.d.ts +32 -0
package/dist/IntegrationMarketplace.js +319 -0
package/dist/connectors/ADPConnector.d.ts +12 -0
package/dist/connectors/ADPConnector.js +97 -0
package/dist/connectors/AWSCloudTrailConnector.d.ts +12 -0
package/dist/connectors/AWSCloudTrailConnector.js +77 -0
package/dist/connectors/AWSCloudWatchConnector.d.ts +12 -0
package/dist/connectors/AWSCloudWatchConnector.js +70 -0
package/dist/connectors/AWSGuardDutyConnector.d.ts +12 -0
package/dist/connectors/AWSGuardDutyConnector.js +139 -0
package/dist/connectors/AWSIAMConnector.d.ts +12 -0
package/dist/connectors/AWSIAMConnector.js +90 -0
package/dist/connectors/AWSKMSConnector.d.ts +12 -0
package/dist/connectors/AWSKMSConnector.js +70 -0
package/dist/connectors/AWSLambdaConnector.d.ts +12 -0
package/dist/connectors/AWSLambdaConnector.js +84 -0
package/dist/connectors/AWSRDSConnector.d.ts +12 -0
package/dist/connectors/AWSRDSConnector.js +84 -0
package/dist/connectors/AWSS3Connector.d.ts +12 -0
package/dist/connectors/AWSS3Connector.js +112 -0
package/dist/connectors/AkamaiConnector.d.ts +12 -0
package/dist/connectors/AkamaiConnector.js +98 -0
package/dist/connectors/ArgoCDConnector.d.ts +12 -0
package/dist/connectors/ArgoCDConnector.js +93 -0
package/dist/connectors/ArtifactoryConnector.d.ts +12 -0
package/dist/connectors/ArtifactoryConnector.js +94 -0
package/dist/connectors/AtlassianJiraConnector.d.ts +12 -0
package/dist/connectors/AtlassianJiraConnector.js +134 -0
package/dist/connectors/Auth0Connector.d.ts +12 -0
package/dist/connectors/Auth0Connector.js +150 -0
package/dist/connectors/AzureADConnector.d.ts +12 -0
package/dist/connectors/AzureADConnector.js +115 -0
package/dist/connectors/AzureDevOpsConnector.d.ts +12 -0
package/dist/connectors/AzureDevOpsConnector.js +130 -0
package/dist/connectors/AzureDevOpsPipelinesConnector.d.ts +12 -0
package/dist/connectors/AzureDevOpsPipelinesConnector.js +72 -0
package/dist/connectors/AzurePipelinesConnector.d.ts +12 -0
package/dist/connectors/AzurePipelinesConnector.js +72 -0
package/dist/connectors/AzurePolicyConnector.d.ts +12 -0
package/dist/connectors/AzurePolicyConnector.js +141 -0
package/dist/connectors/AzureReposConnector.d.ts +12 -0
package/dist/connectors/AzureReposConnector.js +96 -0
package/dist/connectors/AzureSentinelConnector.d.ts +12 -0
package/dist/connectors/AzureSentinelConnector.js +88 -0
package/dist/connectors/BambooCICDConnector.d.ts +12 -0
package/dist/connectors/BambooCICDConnector.js +72 -0
package/dist/connectors/BambooHRConnector.d.ts +12 -0
package/dist/connectors/BambooHRConnector.js +84 -0
package/dist/connectors/BeyondTrustConnector.d.ts +12 -0
package/dist/connectors/BeyondTrustConnector.js +94 -0
package/dist/connectors/BitbucketConnector.d.ts +12 -0
package/dist/connectors/BitbucketConnector.js +100 -0
package/dist/connectors/BitbucketPipelinesConnector.d.ts +12 -0
package/dist/connectors/BitbucketPipelinesConnector.js +72 -0
package/dist/connectors/BoxConnector.d.ts +12 -0
package/dist/connectors/BoxConnector.js +122 -0
package/dist/connectors/BuildkiteConnector.d.ts +12 -0
package/dist/connectors/BuildkiteConnector.js +95 -0
package/dist/connectors/CarbonBlackConnector.d.ts +12 -0
package/dist/connectors/CarbonBlackConnector.js +89 -0
package/dist/connectors/CassandraConnector.d.ts +12 -0
package/dist/connectors/CassandraConnector.js +69 -0
package/dist/connectors/CheckPointConnector.d.ts +12 -0
package/dist/connectors/CheckPointConnector.js +98 -0
package/dist/connectors/CircleCIConnector.d.ts +12 -0
package/dist/connectors/CircleCIConnector.js +129 -0
package/dist/connectors/CircleCIConnectorsConnector.d.ts +12 -0
package/dist/connectors/CircleCIConnectorsConnector.js +69 -0
package/dist/connectors/CiscoUmbrellaConnector.d.ts +12 -0
package/dist/connectors/CiscoUmbrellaConnector.js +96 -0
package/dist/connectors/CloudBeesJenkinsConnector.d.ts +12 -0
package/dist/connectors/CloudBeesJenkinsConnector.js +70 -0
package/dist/connectors/CloudflareDNSConnector.d.ts +12 -0
package/dist/connectors/CloudflareDNSConnector.js +71 -0
package/dist/connectors/CloudflareWAFConnector.d.ts +12 -0
package/dist/connectors/CloudflareWAFConnector.js +98 -0
package/dist/connectors/ConfluenceConnector.d.ts +12 -0
package/dist/connectors/ConfluenceConnector.js +101 -0
package/dist/connectors/ConstantContactConnector.d.ts +12 -0
package/dist/connectors/ConstantContactConnector.js +70 -0
package/dist/connectors/CouchDBConnector.d.ts +12 -0
package/dist/connectors/CouchDBConnector.js +69 -0
package/dist/connectors/CrowdStrikeConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeConnector.js +86 -0
package/dist/connectors/CrowdStrikeFalconConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeFalconConnector.js +92 -0
package/dist/connectors/CrowdStrikeSpotlightConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeSpotlightConnector.js +139 -0
package/dist/connectors/CyberArkConnector.d.ts +12 -0
package/dist/connectors/CyberArkConnector.js +95 -0
package/dist/connectors/DatabricksConnector.d.ts +12 -0
package/dist/connectors/DatabricksConnector.js +95 -0
package/dist/connectors/DatadogConnector.d.ts +12 -0
package/dist/connectors/DatadogConnector.js +110 -0
package/dist/connectors/DigitalOceanConnector.d.ts +12 -0
package/dist/connectors/DigitalOceanConnector.js +85 -0
package/dist/connectors/DiscordConnector.d.ts +12 -0
package/dist/connectors/DiscordConnector.js +98 -0
package/dist/connectors/DockerHubConnector.d.ts +12 -0
package/dist/connectors/DockerHubConnector.js +80 -0
package/dist/connectors/DocuSignConnector.d.ts +12 -0
package/dist/connectors/DocuSignConnector.js +96 -0
package/dist/connectors/DriftConnector.d.ts +12 -0
package/dist/connectors/DriftConnector.js +69 -0
package/dist/connectors/DropboxConnector.d.ts +12 -0
package/dist/connectors/DropboxConnector.js +127 -0
package/dist/connectors/ESETConnector.d.ts +12 -0
package/dist/connectors/ESETConnector.js +70 -0
package/dist/connectors/ElasticsearchCloudConnector.d.ts +12 -0
package/dist/connectors/ElasticsearchCloudConnector.js +70 -0
package/dist/connectors/FSecureConnector.d.ts +12 -0
package/dist/connectors/FSecureConnector.js +70 -0
package/dist/connectors/FeatureFlagConnector.d.ts +12 -0
package/dist/connectors/FeatureFlagConnector.js +70 -0
package/dist/connectors/FluxCDConnector.d.ts +12 -0
package/dist/connectors/FluxCDConnector.js +94 -0
package/dist/connectors/ForgeRockConnector.d.ts +12 -0
package/dist/connectors/ForgeRockConnector.js +95 -0
package/dist/connectors/FortinetConnector.d.ts +12 -0
package/dist/connectors/FortinetConnector.js +98 -0
package/dist/connectors/FreshdeskConnector.d.ts +12 -0
package/dist/connectors/FreshdeskConnector.js +71 -0
package/dist/connectors/GCPBigQueryConnector.d.ts +12 -0
package/dist/connectors/GCPBigQueryConnector.js +71 -0
package/dist/connectors/GCPComputeConnector.d.ts +12 -0
package/dist/connectors/GCPComputeConnector.js +87 -0
package/dist/connectors/GCPConfigConnector.d.ts +12 -0
package/dist/connectors/GCPConfigConnector.js +149 -0
package/dist/connectors/GCPFirestoreConnector.d.ts +12 -0
package/dist/connectors/GCPFirestoreConnector.js +71 -0
package/dist/connectors/GCPIAMConnector.d.ts +12 -0
package/dist/connectors/GCPIAMConnector.js +98 -0
package/dist/connectors/GCPSCCConnector.d.ts +12 -0
package/dist/connectors/GCPSCCConnector.js +94 -0
package/dist/connectors/GitHubActionsConnector.d.ts +12 -0
package/dist/connectors/GitHubActionsConnector.js +104 -0
package/dist/connectors/GitHubConnector.d.ts +12 -0
package/dist/connectors/GitHubConnector.js +135 -0
package/dist/connectors/GitHubCopilotConnector.d.ts +12 -0
package/dist/connectors/GitHubCopilotConnector.js +72 -0
package/dist/connectors/GitLabCIConnector.d.ts +12 -0
package/dist/connectors/GitLabCIConnector.js +71 -0
package/dist/connectors/GitLabConnector.d.ts +12 -0
package/dist/connectors/GitLabConnector.js +101 -0
package/dist/connectors/GitLabSASTConnector.d.ts +12 -0
package/dist/connectors/GitLabSASTConnector.js +130 -0
package/dist/connectors/GoogleWorkspaceConnector.d.ts +12 -0
package/dist/connectors/GoogleWorkspaceConnector.js +136 -0
package/dist/connectors/HelmConnector.d.ts +12 -0
package/dist/connectors/HelmConnector.js +94 -0
package/dist/connectors/HubSpotConnector.d.ts +12 -0
package/dist/connectors/HubSpotConnector.js +77 -0
package/dist/connectors/IFTTTConnector.d.ts +12 -0
package/dist/connectors/IFTTTConnector.js +70 -0
package/dist/connectors/ImpervaConnector.d.ts +12 -0
package/dist/connectors/ImpervaConnector.js +94 -0
package/dist/connectors/InfluxDBConnector.d.ts +12 -0
package/dist/connectors/InfluxDBConnector.js +70 -0
package/dist/connectors/IntercomConnector.d.ts +12 -0
package/dist/connectors/IntercomConnector.js +69 -0
package/dist/connectors/JenkinsConnector.d.ts +12 -0
package/dist/connectors/JenkinsConnector.js +96 -0
package/dist/connectors/JiraConnector.d.ts +12 -0
package/dist/connectors/JiraConnector.js +103 -0
package/dist/connectors/KafkaConnector.d.ts +12 -0
package/dist/connectors/KafkaConnector.js +70 -0
package/dist/connectors/KasperskyConnector.d.ts +12 -0
package/dist/connectors/KasperskyConnector.js +70 -0
package/dist/connectors/KubernetesConnector.d.ts +12 -0
package/dist/connectors/KubernetesConnector.js +109 -0
package/dist/connectors/LaceworkConnector.d.ts +13 -0
package/dist/connectors/LaceworkConnector.js +143 -0
package/dist/connectors/LaunchDarklyConnector.d.ts +12 -0
package/dist/connectors/LaunchDarklyConnector.js +86 -0
package/dist/connectors/LinodeConnector.d.ts +12 -0
package/dist/connectors/LinodeConnector.js +70 -0
package/dist/connectors/LookerConnector.d.ts +12 -0
package/dist/connectors/LookerConnector.js +94 -0
package/dist/connectors/MailchimpConnector.d.ts +12 -0
package/dist/connectors/MailchimpConnector.js +71 -0
package/dist/connectors/MalwarebytesConnector.d.ts +12 -0
package/dist/connectors/MalwarebytesConnector.js +85 -0
package/dist/connectors/McAfeeConnector.d.ts +12 -0
package/dist/connectors/McAfeeConnector.js +85 -0
package/dist/connectors/Microsoft365Connector.d.ts +12 -0
package/dist/connectors/Microsoft365Connector.js +139 -0
package/dist/connectors/MongoDBConnector.d.ts +12 -0
package/dist/connectors/MongoDBConnector.js +86 -0
package/dist/connectors/NamelyConnector.d.ts +12 -0
package/dist/connectors/NamelyConnector.js +97 -0
package/dist/connectors/Neo4jConnector.d.ts +12 -0
package/dist/connectors/Neo4jConnector.js +70 -0
package/dist/connectors/NetSuiteConnector.d.ts +12 -0
package/dist/connectors/NetSuiteConnector.js +94 -0
package/dist/connectors/NetskopeConnector.d.ts +12 -0
package/dist/connectors/NetskopeConnector.js +98 -0
package/dist/connectors/NexusConnector.d.ts +12 -0
package/dist/connectors/NexusConnector.js +93 -0
package/dist/connectors/NotionConnector.d.ts +12 -0
package/dist/connectors/NotionConnector.js +109 -0
package/dist/connectors/OktaConnector.d.ts +12 -0
package/dist/connectors/OktaConnector.js +123 -0
package/dist/connectors/OktaSystemLogConnector.d.ts +12 -0
package/dist/connectors/OktaSystemLogConnector.js +129 -0
package/dist/connectors/OpsgenieConnector.d.ts +12 -0
package/dist/connectors/OpsgenieConnector.js +70 -0
package/dist/connectors/PagerDutyConnector.d.ts +12 -0
package/dist/connectors/PagerDutyConnector.js +106 -0
package/dist/connectors/PalantirConnector.d.ts +12 -0
package/dist/connectors/PalantirConnector.js +95 -0
package/dist/connectors/PaloAltoPrismaCloudConnector.d.ts +12 -0
package/dist/connectors/PaloAltoPrismaCloudConnector.js +110 -0
package/dist/connectors/PingFederateConnector.d.ts +12 -0
package/dist/connectors/PingFederateConnector.js +97 -0
package/dist/connectors/PostgreSQLCloudConnector.d.ts +12 -0
package/dist/connectors/PostgreSQLCloudConnector.js +70 -0
package/dist/connectors/PowerBIConnector.d.ts +12 -0
package/dist/connectors/PowerBIConnector.js +95 -0
package/dist/connectors/PrismaCloudConnector.d.ts +12 -0
package/dist/connectors/PrismaCloudConnector.js +147 -0
package/dist/connectors/QualysConnector.d.ts +12 -0
package/dist/connectors/QualysConnector.js +96 -0
package/dist/connectors/QualysScannerConnector.d.ts +12 -0
package/dist/connectors/QualysScannerConnector.js +131 -0
package/dist/connectors/QuickBooksConnector.d.ts +12 -0
package/dist/connectors/QuickBooksConnector.js +97 -0
package/dist/connectors/RabbitMQConnector.d.ts +12 -0
package/dist/connectors/RabbitMQConnector.js +69 -0
package/dist/connectors/RadwareConnector.d.ts +12 -0
package/dist/connectors/RadwareConnector.js +94 -0
package/dist/connectors/RedisCloudConnector.d.ts +12 -0
package/dist/connectors/RedisCloudConnector.js +70 -0
package/dist/connectors/RingCentralConnector.d.ts +12 -0
package/dist/connectors/RingCentralConnector.js +94 -0
package/dist/connectors/SAPSuccessFactorsConnector.d.ts +12 -0
package/dist/connectors/SAPSuccessFactorsConnector.js +103 -0
package/dist/connectors/SailPointConnector.d.ts +12 -0
package/dist/connectors/SailPointConnector.js +97 -0
package/dist/connectors/SalesforceConnector.d.ts +12 -0
package/dist/connectors/SalesforceConnector.js +91 -0
package/dist/connectors/SendGridConnector.d.ts +12 -0
package/dist/connectors/SendGridConnector.js +69 -0
package/dist/connectors/SentinelOneConnector.d.ts +12 -0
package/dist/connectors/SentinelOneConnector.js +89 -0
package/dist/connectors/ServiceNowConnector.d.ts +12 -0
package/dist/connectors/ServiceNowConnector.js +123 -0
package/dist/connectors/SlackConnector.d.ts +12 -0
package/dist/connectors/SlackConnector.js +109 -0
package/dist/connectors/SnowflakeConnector.d.ts +12 -0
package/dist/connectors/SnowflakeConnector.js +105 -0
package/dist/connectors/SnykConnector.d.ts +12 -0
package/dist/connectors/SnykConnector.js +84 -0
package/dist/connectors/SnykMonitorConnector.d.ts +12 -0
package/dist/connectors/SnykMonitorConnector.js +131 -0
package/dist/connectors/SophosConnector.d.ts +12 -0
package/dist/connectors/SophosConnector.js +87 -0
package/dist/connectors/SpinnakerConnector.d.ts +12 -0
package/dist/connectors/SpinnakerConnector.js +70 -0
package/dist/connectors/SplunkConnector.d.ts +12 -0
package/dist/connectors/SplunkConnector.js +126 -0
package/dist/connectors/StripeConnector.d.ts +12 -0
package/dist/connectors/StripeConnector.js +97 -0
package/dist/connectors/TableauConnector.d.ts +12 -0
package/dist/connectors/TableauConnector.js +101 -0
package/dist/connectors/TaniumConnector.d.ts +12 -0
package/dist/connectors/TaniumConnector.js +97 -0
package/dist/connectors/TeamCityConnector.d.ts +12 -0
package/dist/connectors/TeamCityConnector.js +71 -0
package/dist/connectors/TeamsConnector.d.ts +12 -0
package/dist/connectors/TeamsConnector.js +96 -0
package/dist/connectors/TenableIOConnector.d.ts +12 -0
package/dist/connectors/TenableIOConnector.js +130 -0
package/dist/connectors/TerraformCloudConnector.d.ts +12 -0
package/dist/connectors/TerraformCloudConnector.js +106 -0
package/dist/connectors/TravisCIConnector.d.ts +12 -0
package/dist/connectors/TravisCIConnector.js +95 -0
package/dist/connectors/TrendMicroConnector.d.ts +12 -0
package/dist/connectors/TrendMicroConnector.js +85 -0
package/dist/connectors/TwilioConnector.d.ts +12 -0
package/dist/connectors/TwilioConnector.js +70 -0
package/dist/connectors/VercelConnector.d.ts +12 -0
package/dist/connectors/VercelConnector.js +70 -0
package/dist/connectors/VultrConnector.d.ts +12 -0
package/dist/connectors/VultrConnector.js +70 -0
package/dist/connectors/WebexConnector.d.ts +12 -0
package/dist/connectors/WebexConnector.js +94 -0
package/dist/connectors/WizConnector.d.ts +12 -0
package/dist/connectors/WizConnector.js +172 -0
package/dist/connectors/WorkdayConnector.d.ts +12 -0
package/dist/connectors/WorkdayConnector.js +100 -0
package/dist/connectors/XeroConnector.d.ts +12 -0
package/dist/connectors/XeroConnector.js +96 -0
package/dist/connectors/ZapierConnector.d.ts +12 -0
package/dist/connectors/ZapierConnector.js +70 -0
package/dist/connectors/ZendeskConnector.d.ts +12 -0
package/dist/connectors/ZendeskConnector.js +71 -0
package/dist/connectors/ZenefitsConnector.d.ts +12 -0
package/dist/connectors/ZenefitsConnector.js +93 -0
package/dist/connectors/ZoomConnector.d.ts +12 -0
package/dist/connectors/ZoomConnector.js +97 -0
package/dist/connectors/ZscalerConnector.d.ts +12 -0
package/dist/connectors/ZscalerConnector.js +97 -0
package/dist/connectors/index.d.ts +150 -0
package/dist/connectors/index.js +157 -0
package/dist/index.d.ts +5 -0
package/dist/index.js +16 -0
package/dist/index.test.d.ts +1 -0
package/dist/index.test.js +139 -0
package/dist/types.d.ts +57 -0
package/dist/types.js +8 -0
package/package.json +33 -0

package/dist/connectors/GCPConfigConnector.js ADDED Viewed

@@ -0,0 +1,149 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gcp-config-violations",
+        name: "Config Validator Violations",
+        description: "Fetch GCP Config Validator policy violations",
+        evidenceCategories: ["compliance", "configuration"],
+    },
+    {
+        id: "gcp-config-inventory",
+        name: "Resource Inventory",
+        description: "Fetch cloud resource inventory from Config Inventory",
+        evidenceCategories: ["configuration", "asset_management"],
+    },
+    {
+        id: "gcp-config-audit",
+        name: "Audit Config Changes",
+        description: "Fetch configuration change audit logs",
+        evidenceCategories: ["audit", "change_management"],
+    },
+    {
+        id: "gcp-config-billing",
+        name: "Billing Anomalies",
+        description: "Fetch billing budget alerts and anomaly detection",
+        evidenceCategories: ["financial_control", "monitoring"],
+    },
+];
+export class GCPConfigConnector {
+    id = "gcp_config";
+    name = "GCP Config Validator";
+    category = "cloud_provider";
+    authType = "service_account";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "CIS",
+    ];
+    async getToken(config) {
+        if (config.apiToken)
+            return config.apiToken;
+        const now = Math.floor(Date.now() / 1000);
+        const header = Buffer.from(JSON.stringify({ alg: "RS256", typ: "JWT" })).toString("base64url");
+        const payload = Buffer.from(JSON.stringify({
+            iss: config.clientId,
+            scope: "https://www.googleapis.com/auth/cloud-platform",
+            aud: "https://oauth2.googleapis.com/token",
+            iat: now,
+            exp: now + 3600,
+        })).toString("base64url");
+        const signature = Buffer.from("jwt-rsa-signature").toString("base64url");
+        const jwt = `${header}.${payload}.${signature}`;
+        const resp = await fetch("https://oauth2.googleapis.com/token", {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
+                assertion: jwt,
+            }),
+        });
+        const data = (await resp.json());
+        return data.access_token;
+    }
+    async testConnection(config) {
+        try {
+            const token = await this.getToken(config);
+            const resp = await fetch("https://cloudresourcemanager.googleapis.com/v1/projects?pageSize=1", { headers: { Authorization: `Bearer ${token}` } });
+            return resp.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const token = await this.getToken(config);
+        const projectId = config.extra?.projectId || "default-project";
+        const violations = await fetch(`https://configvalidator.googleapis.com/v1/projects/${projectId}/violations?pageSize=50`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ violations: [] }));
+        const violationList = Array.isArray(violations.violations) ? violations.violations : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcp-config-violations",
+            timestamp: now,
+            hash: hashEvidence(violations),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `gcp/config/${projectId}/violations`,
+            status: violationList.length === 0 ? "compliant" : "non_compliant",
+            data: { violationCount: violationList.length },
+            metadata: { projectId },
+        });
+        const inventory = await fetch(`https://cloudasset.googleapis.com/v1/projects/${projectId}/assets?pageSize=100`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ assets: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcp-config-inventory",
+            timestamp: now,
+            hash: hashEvidence(inventory),
+            framework: "ISO27001",
+            controlId: "A.8.1.1",
+            source: `gcp/config/${projectId}/inventory`,
+            status: "compliant",
+            data: { assetCount: Array.isArray(inventory.assets) ? inventory.assets.length : 0 },
+            metadata: { projectId },
+        });
+        const auditLogs = await fetch(`https://logging.googleapis.com/v2/projects/${projectId}/logs/cloudaudit.googleapis.com%2Factivity/entries?pageSize=20`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ entries: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcp-config-audit",
+            timestamp: now,
+            hash: hashEvidence(auditLogs),
+            framework: "NIST_CSF",
+            controlId: "DE.CM",
+            source: `gcp/config/${projectId}/audit-logs`,
+            status: Array.isArray(auditLogs.entries) && auditLogs.entries.length > 0
+                ? "compliant"
+                : "partial",
+            data: { recentAuditEntries: Array.isArray(auditLogs.entries) ? auditLogs.entries.length : 0 },
+            metadata: { projectId },
+        });
+        const billing = await fetch(`https://cloudbilling.googleapis.com/v1/projects/${projectId}/billingInfo`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ billingEnabled: false }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcp-config-billing",
+            timestamp: now,
+            hash: hashEvidence(billing),
+            framework: "SOC2",
+            controlId: "CC3.2",
+            source: `gcp/config/${projectId}/billing`,
+            status: billing.billingEnabled === true ? "compliant" : "partial",
+            data: { billingEnabled: billing.billingEnabled },
+            metadata: { projectId },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GCPFirestoreConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GCPFirestoreConnector implements IntegrationConnector {
+    readonly id = "gcp-firestore";
+    readonly name = "GCP Firestore";
+    readonly category: "cloud_provider";
+    readonly authType: "service_account";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GCPFirestoreConnector.js ADDED Viewed

@@ -0,0 +1,71 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gcpfirestore-collections",
+        name: "Firestore Collections",
+        description: "Fetch Firestore collection configurations and document counts",
+        evidenceCategories: ["data_protection", "cloud_configuration"],
+    },
+    {
+        id: "gcpfirestore-security",
+        name: "Security Rules",
+        description: "Fetch Firestore security rules and access control configurations",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+    {
+        id: "gcpfirestore-backups",
+        name: "Backup Status",
+        description: "Fetch Firestore backup schedules and point-in-time recovery settings",
+        evidenceCategories: ["data_protection", "disaster_recovery"],
+    },
+];
+export class GCPFirestoreConnector {
+    id = "gcp-firestore";
+    name = "GCP Firestore";
+    category = "cloud_provider";
+    authType = "service_account";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF", "HIPAA"];
+    async fetchApi(config, endpoint) {
+        const project = config.extra?.project || "default";
+        const base = config.baseUrl || `https://firestore.googleapis.com/v1/projects/${project}`;
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`GCP Firestore API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/databases/(default)/documents?pageSize=1");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const docs = await this.fetchApi(config, "/databases/(default)/documents?pageSize=100").catch(() => ({ documents: [] }));
+        const docList = (docs.documents || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcpfirestore-collections",
+            timestamp: now,
+            hash: hashEvidence({ documentCount: docList.length }),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "gcp-firestore/documents",
+            status: "unknown",
+            data: { documentCount: docList.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GCPIAMConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GCPIAMConnector implements IntegrationConnector {
+    readonly id = "gcp-iam";
+    readonly name = "GCP IAM";
+    readonly category: "cloud_provider";
+    readonly authType: "service_account";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private getAccessToken;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GCPIAMConnector.js ADDED Viewed

@@ -0,0 +1,98 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gcp-iam-bindings",
+        name: "IAM Bindings",
+        description: "Fetch GCP project IAM policy bindings",
+        evidenceCategories: ["access_control"],
+    },
+    {
+        id: "gcp-iam-audit",
+        name: "IAM Audit Logs",
+        description: "Fetch admin activity and data access audit logs",
+        evidenceCategories: ["logging", "audit"],
+    },
+];
+export class GCPIAMConnector {
+    id = "gcp-iam";
+    name = "GCP IAM";
+    category = "cloud_provider";
+    authType = "service_account";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "HIPAA",
+    ];
+    async getAccessToken(config) {
+        const now = Math.floor(Date.now() / 1000);
+        const header = Buffer.from(JSON.stringify({ alg: "RS256", typ: "JWT" })).toString("base64url");
+        const payload = Buffer.from(JSON.stringify({
+            iss: config.clientId,
+            scope: "https://www.googleapis.com/auth/cloud-platform",
+            aud: "https://oauth2.googleapis.com/token",
+            exp: now + 3600,
+            iat: now,
+        })).toString("base64url");
+        const jwt = `${header}.${payload}.signature`;
+        const resp = await fetch("https://oauth2.googleapis.com/token", {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
+                assertion: jwt,
+            }),
+        });
+        if (!resp.ok)
+            throw new Error(`GCP token ${resp.status}`);
+        const data = (await resp.json());
+        return data.access_token;
+    }
+    async testConnection(config) {
+        try {
+            const token = await this.getAccessToken(config);
+            const resp = await fetch(`https://cloudresourcemanager.googleapis.com/v1/projects/${config.accountId}`, { headers: { Authorization: `Bearer ${token}` } });
+            return resp.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const token = await this.getAccessToken(config);
+        const headers = { Authorization: `Bearer ${token}` };
+        const iam = await fetch(`https://cloudresourcemanager.googleapis.com/v1/projects/${config.accountId}:getIamPolicy`, { method: "POST", headers: { ...headers, "Content-Type": "application/json" }, body: "{}" }).then((r) => r.json());
+        const bindings = (iam.bindings || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcp-iam-bindings",
+            timestamp: now,
+            hash: hashEvidence(iam),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `gcp/${config.accountId}/getIamPolicy`,
+            status: bindings.length > 0 ? "compliant" : "non_compliant",
+            data: { bindingCount: bindings.length, bindings },
+            metadata: { projectId: config.accountId || "" },
+        });
+        const auditLogs = await fetch(`https://logging.googleapis.com/v2/entries:list?filter=logName%3D%22projects%2F${config.accountId}%2Flogs%2Fcloudaudit.googleapis.com%252Factivity%22&pageSize=50`, { headers }).then((r) => r.json());
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gcp-iam-audit",
+            timestamp: now,
+            hash: hashEvidence(auditLogs),
+            framework: "SOC2",
+            controlId: "CC7.1",
+            source: `gcp/${config.accountId}/auditLogs`,
+            status: (auditLogs.entries || []).length > 0 ? "compliant" : "non_compliant",
+            data: { logCount: (auditLogs.entries || []).length },
+            metadata: { projectId: config.accountId || "" },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GCPSCCConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GCPSCCConnector implements IntegrationConnector {
+    readonly id = "gcp-scc";
+    readonly name = "GCP Security Command Center";
+    readonly category: "cloud_provider";
+    readonly authType: "service_account";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private getAccessToken;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GCPSCCConnector.js ADDED Viewed

@@ -0,0 +1,94 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "scc-findings",
+        name: "Security Command Center Findings",
+        description: "Fetch GCP Security Command Center findings",
+        evidenceCategories: ["vulnerability_management", "risk_management"],
+    },
+    {
+        id: "scc-sources",
+        name: "Security Sources",
+        description: "Fetch SCC security sources and their findings count",
+        evidenceCategories: ["monitoring", "configuration"],
+    },
+];
+export class GCPSCCConnector {
+    id = "gcp-scc";
+    name = "GCP Security Command Center";
+    category = "cloud_provider";
+    authType = "service_account";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async getAccessToken(config) {
+        const now = Math.floor(Date.now() / 1000);
+        const header = Buffer.from(JSON.stringify({ alg: "RS256", typ: "JWT" })).toString("base64url");
+        const payload = Buffer.from(JSON.stringify({
+            iss: config.clientId,
+            scope: "https://www.googleapis.com/auth/cloud-platform",
+            aud: "https://oauth2.googleapis.com/token",
+            exp: now + 3600,
+            iat: now,
+        })).toString("base64url");
+        const jwt = `${header}.${payload}.signature`;
+        const resp = await fetch("https://oauth2.googleapis.com/token", {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                grant_type: "urn:ietf:params:oauth:grant-type:jwt-bearer",
+                assertion: jwt,
+            }),
+        });
+        if (!resp.ok)
+            throw new Error(`GCP token ${resp.status}`);
+        const data = (await resp.json());
+        return data.access_token;
+    }
+    async testConnection(config) {
+        try {
+            const token = await this.getAccessToken(config);
+            const orgId = config.extra?.orgId || config.accountId;
+            const resp = await fetch(`https://securitycenter.googleapis.com/v1/organizations/${orgId}/sources`, { headers: { Authorization: `Bearer ${token}` } });
+            return resp.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const token = await this.getAccessToken(config);
+        const headers = { Authorization: `Bearer ${token}` };
+        const orgId = config.extra?.orgId || config.accountId;
+        const findings = await fetch(`https://securitycenter.googleapis.com/v1/organizations/${orgId}/sources/-/findings?pageSize=100&filter=state%3D%22ACTIVE%22`, { headers }).then((r) => r.json());
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "scc-findings",
+            timestamp: now,
+            hash: hashEvidence(findings),
+            framework: "SOC2",
+            controlId: "CC7.1",
+            source: `gcp-scc/organizations/${orgId}/findings`,
+            status: "unknown",
+            data: { findingCount: (findings.findings || []).length, findings: findings.findings },
+            metadata: { orgId: orgId || "" },
+        });
+        const sources = await fetch(`https://securitycenter.googleapis.com/v1/organizations/${orgId}/sources`, { headers }).then((r) => r.json());
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "scc-sources",
+            timestamp: now,
+            hash: hashEvidence(sources),
+            framework: "ISO27001",
+            controlId: "A.12.4.1",
+            source: `gcp-scc/organizations/${orgId}/sources`,
+            status: (sources.sources || []).length > 0 ? "compliant" : "non_compliant",
+            data: { sourceCount: (sources.sources || []).length },
+            metadata: { orgId: orgId || "" },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GitHubActionsConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GitHubActionsConnector implements IntegrationConnector {
+    readonly id = "github-actions";
+    readonly name = "GitHub Actions";
+    readonly category: "ci_cd";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GitHubActionsConnector.js ADDED Viewed

@@ -0,0 +1,104 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gha-workflow-runs",
+        name: "Workflow Runs",
+        description: "Fetch GitHub Actions workflow run history and statuses",
+        evidenceCategories: ["ci_cd", "change_management"],
+    },
+    {
+        id: "gha-security-alerts",
+        name: "Security Alerts",
+        description: "Fetch Dependabot alerts from GitHub Actions",
+        evidenceCategories: ["vulnerability_management", "supply_chain"],
+    },
+    {
+        id: "gha-dependency-reviews",
+        name: "Dependency Reviews",
+        description: "Fetch dependency review advisories on pull requests",
+        evidenceCategories: ["supply_chain", "vulnerability_management"],
+    },
+];
+export class GitHubActionsConnector {
+    id = "github-actions";
+    name = "GitHub Actions";
+    category = "ci_cd";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.github.com";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                Accept: "application/vnd.github+json",
+                "X-GitHub-Api-Version": "2022-11-28",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`GitHub API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/user");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const org = config.extra?.org || "default";
+        const repo = config.extra?.repo || "main-repo";
+        const runs = await this.fetchApi(config, `/repos/${org}/${repo}/actions/runs?per_page=100&status=completed`).catch(() => ({ workflow_runs: [] }));
+        const runList = (runs.workflow_runs || []);
+        const failed = runList.filter((r) => r.conclusion === "failure");
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gha-workflow-runs",
+            timestamp: now,
+            hash: hashEvidence({ totalRuns: runList.length, failedRuns: failed.length }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: `github.com/${org}/${repo}/actions/runs`,
+            status: failed.length === 0 ? "compliant" : "partial",
+            data: { totalRuns: runList.length, failedRuns: failed.length, successRate: runList.length > 0 ? ((runList.length - failed.length) / runList.length * 100).toFixed(1) + "%" : "N/A" },
+            metadata: { org, repo },
+        });
+        const alerts = await this.fetchApi(config, `/repos/${org}/${repo}/vulnerability-alerts`).catch(() => ({ enabled: false }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gha-security-alerts",
+            timestamp: now,
+            hash: hashEvidence(alerts),
+            framework: "ISO27001",
+            controlId: "A.12.6.1",
+            source: `github.com/${org}/${repo}/vulnerability-alerts`,
+            status: alerts.enabled === true ? "compliant" : "non_compliant",
+            data: { vulnerabilityAlertsEnabled: alerts.enabled },
+            metadata: { org, repo },
+        });
+        const depReview = await this.fetchApi(config, `/repos/${org}/${repo}/dependency-graph/dependency-review?per_page=50`).catch(() => ({ dependencies: [] }));
+        const depList = (depReview.dependencies || []);
+        const vulnerable = depList.filter((d) => d.severity === "critical" || d.severity === "high");
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gha-dependency-reviews",
+            timestamp: now,
+            hash: hashEvidence({ totalDeps: depList.length, vulnerableDeps: vulnerable.length }),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `github.com/${org}/${repo}/dependency-review`,
+            status: vulnerable.length === 0 ? "compliant" : "non_compliant",
+            data: { totalDeps: depList.length, vulnerableDeps: vulnerable.length },
+            metadata: { org, repo },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GitHubConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GitHubConnector implements IntegrationConnector {
+    readonly id = "github";
+    readonly name = "GitHub";
+    readonly category: "version_control";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}