npm - @grc-claw/integration-marketplace - Versions diffs - 0.8.0 - Mend

@grc-claw/integration-marketplace 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (311) hide show

package/dist/IntegrationMarketplace.d.ts +32 -0
package/dist/IntegrationMarketplace.js +319 -0
package/dist/connectors/ADPConnector.d.ts +12 -0
package/dist/connectors/ADPConnector.js +97 -0
package/dist/connectors/AWSCloudTrailConnector.d.ts +12 -0
package/dist/connectors/AWSCloudTrailConnector.js +77 -0
package/dist/connectors/AWSCloudWatchConnector.d.ts +12 -0
package/dist/connectors/AWSCloudWatchConnector.js +70 -0
package/dist/connectors/AWSGuardDutyConnector.d.ts +12 -0
package/dist/connectors/AWSGuardDutyConnector.js +139 -0
package/dist/connectors/AWSIAMConnector.d.ts +12 -0
package/dist/connectors/AWSIAMConnector.js +90 -0
package/dist/connectors/AWSKMSConnector.d.ts +12 -0
package/dist/connectors/AWSKMSConnector.js +70 -0
package/dist/connectors/AWSLambdaConnector.d.ts +12 -0
package/dist/connectors/AWSLambdaConnector.js +84 -0
package/dist/connectors/AWSRDSConnector.d.ts +12 -0
package/dist/connectors/AWSRDSConnector.js +84 -0
package/dist/connectors/AWSS3Connector.d.ts +12 -0
package/dist/connectors/AWSS3Connector.js +112 -0
package/dist/connectors/AkamaiConnector.d.ts +12 -0
package/dist/connectors/AkamaiConnector.js +98 -0
package/dist/connectors/ArgoCDConnector.d.ts +12 -0
package/dist/connectors/ArgoCDConnector.js +93 -0
package/dist/connectors/ArtifactoryConnector.d.ts +12 -0
package/dist/connectors/ArtifactoryConnector.js +94 -0
package/dist/connectors/AtlassianJiraConnector.d.ts +12 -0
package/dist/connectors/AtlassianJiraConnector.js +134 -0
package/dist/connectors/Auth0Connector.d.ts +12 -0
package/dist/connectors/Auth0Connector.js +150 -0
package/dist/connectors/AzureADConnector.d.ts +12 -0
package/dist/connectors/AzureADConnector.js +115 -0
package/dist/connectors/AzureDevOpsConnector.d.ts +12 -0
package/dist/connectors/AzureDevOpsConnector.js +130 -0
package/dist/connectors/AzureDevOpsPipelinesConnector.d.ts +12 -0
package/dist/connectors/AzureDevOpsPipelinesConnector.js +72 -0
package/dist/connectors/AzurePipelinesConnector.d.ts +12 -0
package/dist/connectors/AzurePipelinesConnector.js +72 -0
package/dist/connectors/AzurePolicyConnector.d.ts +12 -0
package/dist/connectors/AzurePolicyConnector.js +141 -0
package/dist/connectors/AzureReposConnector.d.ts +12 -0
package/dist/connectors/AzureReposConnector.js +96 -0
package/dist/connectors/AzureSentinelConnector.d.ts +12 -0
package/dist/connectors/AzureSentinelConnector.js +88 -0
package/dist/connectors/BambooCICDConnector.d.ts +12 -0
package/dist/connectors/BambooCICDConnector.js +72 -0
package/dist/connectors/BambooHRConnector.d.ts +12 -0
package/dist/connectors/BambooHRConnector.js +84 -0
package/dist/connectors/BeyondTrustConnector.d.ts +12 -0
package/dist/connectors/BeyondTrustConnector.js +94 -0
package/dist/connectors/BitbucketConnector.d.ts +12 -0
package/dist/connectors/BitbucketConnector.js +100 -0
package/dist/connectors/BitbucketPipelinesConnector.d.ts +12 -0
package/dist/connectors/BitbucketPipelinesConnector.js +72 -0
package/dist/connectors/BoxConnector.d.ts +12 -0
package/dist/connectors/BoxConnector.js +122 -0
package/dist/connectors/BuildkiteConnector.d.ts +12 -0
package/dist/connectors/BuildkiteConnector.js +95 -0
package/dist/connectors/CarbonBlackConnector.d.ts +12 -0
package/dist/connectors/CarbonBlackConnector.js +89 -0
package/dist/connectors/CassandraConnector.d.ts +12 -0
package/dist/connectors/CassandraConnector.js +69 -0
package/dist/connectors/CheckPointConnector.d.ts +12 -0
package/dist/connectors/CheckPointConnector.js +98 -0
package/dist/connectors/CircleCIConnector.d.ts +12 -0
package/dist/connectors/CircleCIConnector.js +129 -0
package/dist/connectors/CircleCIConnectorsConnector.d.ts +12 -0
package/dist/connectors/CircleCIConnectorsConnector.js +69 -0
package/dist/connectors/CiscoUmbrellaConnector.d.ts +12 -0
package/dist/connectors/CiscoUmbrellaConnector.js +96 -0
package/dist/connectors/CloudBeesJenkinsConnector.d.ts +12 -0
package/dist/connectors/CloudBeesJenkinsConnector.js +70 -0
package/dist/connectors/CloudflareDNSConnector.d.ts +12 -0
package/dist/connectors/CloudflareDNSConnector.js +71 -0
package/dist/connectors/CloudflareWAFConnector.d.ts +12 -0
package/dist/connectors/CloudflareWAFConnector.js +98 -0
package/dist/connectors/ConfluenceConnector.d.ts +12 -0
package/dist/connectors/ConfluenceConnector.js +101 -0
package/dist/connectors/ConstantContactConnector.d.ts +12 -0
package/dist/connectors/ConstantContactConnector.js +70 -0
package/dist/connectors/CouchDBConnector.d.ts +12 -0
package/dist/connectors/CouchDBConnector.js +69 -0
package/dist/connectors/CrowdStrikeConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeConnector.js +86 -0
package/dist/connectors/CrowdStrikeFalconConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeFalconConnector.js +92 -0
package/dist/connectors/CrowdStrikeSpotlightConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeSpotlightConnector.js +139 -0
package/dist/connectors/CyberArkConnector.d.ts +12 -0
package/dist/connectors/CyberArkConnector.js +95 -0
package/dist/connectors/DatabricksConnector.d.ts +12 -0
package/dist/connectors/DatabricksConnector.js +95 -0
package/dist/connectors/DatadogConnector.d.ts +12 -0
package/dist/connectors/DatadogConnector.js +110 -0
package/dist/connectors/DigitalOceanConnector.d.ts +12 -0
package/dist/connectors/DigitalOceanConnector.js +85 -0
package/dist/connectors/DiscordConnector.d.ts +12 -0
package/dist/connectors/DiscordConnector.js +98 -0
package/dist/connectors/DockerHubConnector.d.ts +12 -0
package/dist/connectors/DockerHubConnector.js +80 -0
package/dist/connectors/DocuSignConnector.d.ts +12 -0
package/dist/connectors/DocuSignConnector.js +96 -0
package/dist/connectors/DriftConnector.d.ts +12 -0
package/dist/connectors/DriftConnector.js +69 -0
package/dist/connectors/DropboxConnector.d.ts +12 -0
package/dist/connectors/DropboxConnector.js +127 -0
package/dist/connectors/ESETConnector.d.ts +12 -0
package/dist/connectors/ESETConnector.js +70 -0
package/dist/connectors/ElasticsearchCloudConnector.d.ts +12 -0
package/dist/connectors/ElasticsearchCloudConnector.js +70 -0
package/dist/connectors/FSecureConnector.d.ts +12 -0
package/dist/connectors/FSecureConnector.js +70 -0
package/dist/connectors/FeatureFlagConnector.d.ts +12 -0
package/dist/connectors/FeatureFlagConnector.js +70 -0
package/dist/connectors/FluxCDConnector.d.ts +12 -0
package/dist/connectors/FluxCDConnector.js +94 -0
package/dist/connectors/ForgeRockConnector.d.ts +12 -0
package/dist/connectors/ForgeRockConnector.js +95 -0
package/dist/connectors/FortinetConnector.d.ts +12 -0
package/dist/connectors/FortinetConnector.js +98 -0
package/dist/connectors/FreshdeskConnector.d.ts +12 -0
package/dist/connectors/FreshdeskConnector.js +71 -0
package/dist/connectors/GCPBigQueryConnector.d.ts +12 -0
package/dist/connectors/GCPBigQueryConnector.js +71 -0
package/dist/connectors/GCPComputeConnector.d.ts +12 -0
package/dist/connectors/GCPComputeConnector.js +87 -0
package/dist/connectors/GCPConfigConnector.d.ts +12 -0
package/dist/connectors/GCPConfigConnector.js +149 -0
package/dist/connectors/GCPFirestoreConnector.d.ts +12 -0
package/dist/connectors/GCPFirestoreConnector.js +71 -0
package/dist/connectors/GCPIAMConnector.d.ts +12 -0
package/dist/connectors/GCPIAMConnector.js +98 -0
package/dist/connectors/GCPSCCConnector.d.ts +12 -0
package/dist/connectors/GCPSCCConnector.js +94 -0
package/dist/connectors/GitHubActionsConnector.d.ts +12 -0
package/dist/connectors/GitHubActionsConnector.js +104 -0
package/dist/connectors/GitHubConnector.d.ts +12 -0
package/dist/connectors/GitHubConnector.js +135 -0
package/dist/connectors/GitHubCopilotConnector.d.ts +12 -0
package/dist/connectors/GitHubCopilotConnector.js +72 -0
package/dist/connectors/GitLabCIConnector.d.ts +12 -0
package/dist/connectors/GitLabCIConnector.js +71 -0
package/dist/connectors/GitLabConnector.d.ts +12 -0
package/dist/connectors/GitLabConnector.js +101 -0
package/dist/connectors/GitLabSASTConnector.d.ts +12 -0
package/dist/connectors/GitLabSASTConnector.js +130 -0
package/dist/connectors/GoogleWorkspaceConnector.d.ts +12 -0
package/dist/connectors/GoogleWorkspaceConnector.js +136 -0
package/dist/connectors/HelmConnector.d.ts +12 -0
package/dist/connectors/HelmConnector.js +94 -0
package/dist/connectors/HubSpotConnector.d.ts +12 -0
package/dist/connectors/HubSpotConnector.js +77 -0
package/dist/connectors/IFTTTConnector.d.ts +12 -0
package/dist/connectors/IFTTTConnector.js +70 -0
package/dist/connectors/ImpervaConnector.d.ts +12 -0
package/dist/connectors/ImpervaConnector.js +94 -0
package/dist/connectors/InfluxDBConnector.d.ts +12 -0
package/dist/connectors/InfluxDBConnector.js +70 -0
package/dist/connectors/IntercomConnector.d.ts +12 -0
package/dist/connectors/IntercomConnector.js +69 -0
package/dist/connectors/JenkinsConnector.d.ts +12 -0
package/dist/connectors/JenkinsConnector.js +96 -0
package/dist/connectors/JiraConnector.d.ts +12 -0
package/dist/connectors/JiraConnector.js +103 -0
package/dist/connectors/KafkaConnector.d.ts +12 -0
package/dist/connectors/KafkaConnector.js +70 -0
package/dist/connectors/KasperskyConnector.d.ts +12 -0
package/dist/connectors/KasperskyConnector.js +70 -0
package/dist/connectors/KubernetesConnector.d.ts +12 -0
package/dist/connectors/KubernetesConnector.js +109 -0
package/dist/connectors/LaceworkConnector.d.ts +13 -0
package/dist/connectors/LaceworkConnector.js +143 -0
package/dist/connectors/LaunchDarklyConnector.d.ts +12 -0
package/dist/connectors/LaunchDarklyConnector.js +86 -0
package/dist/connectors/LinodeConnector.d.ts +12 -0
package/dist/connectors/LinodeConnector.js +70 -0
package/dist/connectors/LookerConnector.d.ts +12 -0
package/dist/connectors/LookerConnector.js +94 -0
package/dist/connectors/MailchimpConnector.d.ts +12 -0
package/dist/connectors/MailchimpConnector.js +71 -0
package/dist/connectors/MalwarebytesConnector.d.ts +12 -0
package/dist/connectors/MalwarebytesConnector.js +85 -0
package/dist/connectors/McAfeeConnector.d.ts +12 -0
package/dist/connectors/McAfeeConnector.js +85 -0
package/dist/connectors/Microsoft365Connector.d.ts +12 -0
package/dist/connectors/Microsoft365Connector.js +139 -0
package/dist/connectors/MongoDBConnector.d.ts +12 -0
package/dist/connectors/MongoDBConnector.js +86 -0
package/dist/connectors/NamelyConnector.d.ts +12 -0
package/dist/connectors/NamelyConnector.js +97 -0
package/dist/connectors/Neo4jConnector.d.ts +12 -0
package/dist/connectors/Neo4jConnector.js +70 -0
package/dist/connectors/NetSuiteConnector.d.ts +12 -0
package/dist/connectors/NetSuiteConnector.js +94 -0
package/dist/connectors/NetskopeConnector.d.ts +12 -0
package/dist/connectors/NetskopeConnector.js +98 -0
package/dist/connectors/NexusConnector.d.ts +12 -0
package/dist/connectors/NexusConnector.js +93 -0
package/dist/connectors/NotionConnector.d.ts +12 -0
package/dist/connectors/NotionConnector.js +109 -0
package/dist/connectors/OktaConnector.d.ts +12 -0
package/dist/connectors/OktaConnector.js +123 -0
package/dist/connectors/OktaSystemLogConnector.d.ts +12 -0
package/dist/connectors/OktaSystemLogConnector.js +129 -0
package/dist/connectors/OpsgenieConnector.d.ts +12 -0
package/dist/connectors/OpsgenieConnector.js +70 -0
package/dist/connectors/PagerDutyConnector.d.ts +12 -0
package/dist/connectors/PagerDutyConnector.js +106 -0
package/dist/connectors/PalantirConnector.d.ts +12 -0
package/dist/connectors/PalantirConnector.js +95 -0
package/dist/connectors/PaloAltoPrismaCloudConnector.d.ts +12 -0
package/dist/connectors/PaloAltoPrismaCloudConnector.js +110 -0
package/dist/connectors/PingFederateConnector.d.ts +12 -0
package/dist/connectors/PingFederateConnector.js +97 -0
package/dist/connectors/PostgreSQLCloudConnector.d.ts +12 -0
package/dist/connectors/PostgreSQLCloudConnector.js +70 -0
package/dist/connectors/PowerBIConnector.d.ts +12 -0
package/dist/connectors/PowerBIConnector.js +95 -0
package/dist/connectors/PrismaCloudConnector.d.ts +12 -0
package/dist/connectors/PrismaCloudConnector.js +147 -0
package/dist/connectors/QualysConnector.d.ts +12 -0
package/dist/connectors/QualysConnector.js +96 -0
package/dist/connectors/QualysScannerConnector.d.ts +12 -0
package/dist/connectors/QualysScannerConnector.js +131 -0
package/dist/connectors/QuickBooksConnector.d.ts +12 -0
package/dist/connectors/QuickBooksConnector.js +97 -0
package/dist/connectors/RabbitMQConnector.d.ts +12 -0
package/dist/connectors/RabbitMQConnector.js +69 -0
package/dist/connectors/RadwareConnector.d.ts +12 -0
package/dist/connectors/RadwareConnector.js +94 -0
package/dist/connectors/RedisCloudConnector.d.ts +12 -0
package/dist/connectors/RedisCloudConnector.js +70 -0
package/dist/connectors/RingCentralConnector.d.ts +12 -0
package/dist/connectors/RingCentralConnector.js +94 -0
package/dist/connectors/SAPSuccessFactorsConnector.d.ts +12 -0
package/dist/connectors/SAPSuccessFactorsConnector.js +103 -0
package/dist/connectors/SailPointConnector.d.ts +12 -0
package/dist/connectors/SailPointConnector.js +97 -0
package/dist/connectors/SalesforceConnector.d.ts +12 -0
package/dist/connectors/SalesforceConnector.js +91 -0
package/dist/connectors/SendGridConnector.d.ts +12 -0
package/dist/connectors/SendGridConnector.js +69 -0
package/dist/connectors/SentinelOneConnector.d.ts +12 -0
package/dist/connectors/SentinelOneConnector.js +89 -0
package/dist/connectors/ServiceNowConnector.d.ts +12 -0
package/dist/connectors/ServiceNowConnector.js +123 -0
package/dist/connectors/SlackConnector.d.ts +12 -0
package/dist/connectors/SlackConnector.js +109 -0
package/dist/connectors/SnowflakeConnector.d.ts +12 -0
package/dist/connectors/SnowflakeConnector.js +105 -0
package/dist/connectors/SnykConnector.d.ts +12 -0
package/dist/connectors/SnykConnector.js +84 -0
package/dist/connectors/SnykMonitorConnector.d.ts +12 -0
package/dist/connectors/SnykMonitorConnector.js +131 -0
package/dist/connectors/SophosConnector.d.ts +12 -0
package/dist/connectors/SophosConnector.js +87 -0
package/dist/connectors/SpinnakerConnector.d.ts +12 -0
package/dist/connectors/SpinnakerConnector.js +70 -0
package/dist/connectors/SplunkConnector.d.ts +12 -0
package/dist/connectors/SplunkConnector.js +126 -0
package/dist/connectors/StripeConnector.d.ts +12 -0
package/dist/connectors/StripeConnector.js +97 -0
package/dist/connectors/TableauConnector.d.ts +12 -0
package/dist/connectors/TableauConnector.js +101 -0
package/dist/connectors/TaniumConnector.d.ts +12 -0
package/dist/connectors/TaniumConnector.js +97 -0
package/dist/connectors/TeamCityConnector.d.ts +12 -0
package/dist/connectors/TeamCityConnector.js +71 -0
package/dist/connectors/TeamsConnector.d.ts +12 -0
package/dist/connectors/TeamsConnector.js +96 -0
package/dist/connectors/TenableIOConnector.d.ts +12 -0
package/dist/connectors/TenableIOConnector.js +130 -0
package/dist/connectors/TerraformCloudConnector.d.ts +12 -0
package/dist/connectors/TerraformCloudConnector.js +106 -0
package/dist/connectors/TravisCIConnector.d.ts +12 -0
package/dist/connectors/TravisCIConnector.js +95 -0
package/dist/connectors/TrendMicroConnector.d.ts +12 -0
package/dist/connectors/TrendMicroConnector.js +85 -0
package/dist/connectors/TwilioConnector.d.ts +12 -0
package/dist/connectors/TwilioConnector.js +70 -0
package/dist/connectors/VercelConnector.d.ts +12 -0
package/dist/connectors/VercelConnector.js +70 -0
package/dist/connectors/VultrConnector.d.ts +12 -0
package/dist/connectors/VultrConnector.js +70 -0
package/dist/connectors/WebexConnector.d.ts +12 -0
package/dist/connectors/WebexConnector.js +94 -0
package/dist/connectors/WizConnector.d.ts +12 -0
package/dist/connectors/WizConnector.js +172 -0
package/dist/connectors/WorkdayConnector.d.ts +12 -0
package/dist/connectors/WorkdayConnector.js +100 -0
package/dist/connectors/XeroConnector.d.ts +12 -0
package/dist/connectors/XeroConnector.js +96 -0
package/dist/connectors/ZapierConnector.d.ts +12 -0
package/dist/connectors/ZapierConnector.js +70 -0
package/dist/connectors/ZendeskConnector.d.ts +12 -0
package/dist/connectors/ZendeskConnector.js +71 -0
package/dist/connectors/ZenefitsConnector.d.ts +12 -0
package/dist/connectors/ZenefitsConnector.js +93 -0
package/dist/connectors/ZoomConnector.d.ts +12 -0
package/dist/connectors/ZoomConnector.js +97 -0
package/dist/connectors/ZscalerConnector.d.ts +12 -0
package/dist/connectors/ZscalerConnector.js +97 -0
package/dist/connectors/index.d.ts +150 -0
package/dist/connectors/index.js +157 -0
package/dist/index.d.ts +5 -0
package/dist/index.js +16 -0
package/dist/index.test.d.ts +1 -0
package/dist/index.test.js +139 -0
package/dist/types.d.ts +57 -0
package/dist/types.js +8 -0
package/package.json +33 -0

package/dist/connectors/GitHubConnector.js ADDED Viewed

@@ -0,0 +1,135 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gh-repo-settings",
+        name: "Repository Settings",
+        description: "Fetch repo visibility, default branch, and security settings",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+    {
+        id: "gh-branch-protection",
+        name: "Branch Protection Rules",
+        description: "Fetch branch protection policies and required reviews",
+        evidenceCategories: ["access_control", "change_management"],
+    },
+    {
+        id: "gh-secret-scanning",
+        name: "Secret Scanning",
+        description: "Fetch secret scanning alerts and push protection status",
+        evidenceCategories: ["data_protection", "vulnerability_management"],
+    },
+    {
+        id: "gh-dependabot",
+        name: "Dependabot Alerts",
+        description: "Fetch dependency vulnerability alerts and auto-fix PRs",
+        evidenceCategories: ["vulnerability_management", "supply_chain"],
+    },
+];
+export class GitHubConnector {
+    id = "github";
+    name = "GitHub";
+    category = "version_control";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "PCI_DSS",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.github.com";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                Accept: "application/vnd.github+json",
+                "X-GitHub-Api-Version": "2022-11-28",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`GitHub API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/user");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const org = config.extra?.org || "default";
+        const repo = config.extra?.repo || "main-repo";
+        const repoData = await this.fetchApi(config, `/repos/${org}/${repo}`);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gh-repo-settings",
+            timestamp: now,
+            hash: hashEvidence(repoData),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `github.com/${org}/${repo}`,
+            status: repoData.private === true ? "compliant" : "partial",
+            data: {
+                private: repoData.private,
+                defaultBranch: repoData.default_branch,
+                hasSecurityPolicy: repoData.security_policy_url != null,
+                hasVulnerabilityAlerts: repoData.security_and_analysis != null,
+            },
+            metadata: { org, repo },
+        });
+        const protection = await this.fetchApi(config, `/repos/${org}/${repo}/branches/main/protection`).catch(() => null);
+        if (protection) {
+            artifacts.push({
+                id: generateEvidenceId(),
+                connectorId: this.id,
+                capabilityId: "gh-branch-protection",
+                timestamp: now,
+                hash: hashEvidence(protection),
+                framework: "SOC2",
+                controlId: "CC8.1",
+                source: `github.com/${org}/${repo}/branches/main/protection`,
+                status: "compliant",
+                data: {
+                    requiredPullRequestReviews: protection.required_pull_request_reviews || null,
+                    enforceAdmins: protection.enforce_admins || null,
+                },
+                metadata: { org, repo },
+            });
+        }
+        const secretScanning = await this.fetchApi(config, `/repos/${org}/${repo}/secret-scanning/alerts?state=open&per_page=10`).catch(() => ({ total_count: 0 }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gh-secret-scanning",
+            timestamp: now,
+            hash: hashEvidence(secretScanning),
+            framework: "SOC2",
+            controlId: "CC6.6",
+            source: `github.com/${org}/${repo}/secret-scanning`,
+            status: secretScanning.total_count === 0 ? "compliant" : "non_compliant",
+            data: { openAlerts: secretScanning.total_count },
+            metadata: { org, repo },
+        });
+        const dependabot = await this.fetchApi(config, `/repos/${org}/${repo}/vulnerability-alerts`).catch(() => ({ enabled: false }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gh-dependabot",
+            timestamp: now,
+            hash: hashEvidence(dependabot),
+            framework: "ISO27001",
+            controlId: "A.12.6.1",
+            source: `github.com/${org}/${repo}/dependabot`,
+            status: dependabot.enabled === true ? "compliant" : "non_compliant",
+            data: { enabled: dependabot.enabled },
+            metadata: { org, repo },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GitHubCopilotConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GitHubCopilotConnector implements IntegrationConnector {
+    readonly id = "github-copilot";
+    readonly name = "GitHub Copilot";
+    readonly category: "version_control";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GitHubCopilotConnector.js ADDED Viewed

@@ -0,0 +1,72 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "github-copilot-usage",
+        name: "Copilot Usage",
+        description: "Fetch GitHub Copilot usage statistics and acceptance rates",
+        evidenceCategories: ["monitoring", "configuration"],
+    },
+    {
+        id: "github-copilot-policies",
+        name: "Copilot Policies",
+        description: "Fetch GitHub Copilot content exclusions and organization policies",
+        evidenceCategories: ["access_control", "data_protection"],
+    },
+    {
+        id: "github-copilot-security",
+        name: "Code Suggestions Audit",
+        description: "Fetch audit events for Copilot code suggestion acceptances and blocks",
+        evidenceCategories: ["audit", "data_protection"],
+    },
+];
+export class GitHubCopilotConnector {
+    id = "github-copilot";
+    name = "GitHub Copilot";
+    category = "version_control";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001"];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://api.github.com";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                Accept: "application/vnd.github+json",
+                "X-GitHub-Api-Version": "2022-11-28",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`GitHub Copilot API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            const org = config.extra?.org || "default";
+            await this.fetchApi(config, `/orgs/${org}/copilot/usage`);
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const org = config.extra?.org || "default";
+        const usage = await this.fetchApi(config, `/orgs/${org}/copilot/usage`).catch(() => ({}));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "github-copilot-usage",
+            timestamp: now,
+            hash: hashEvidence(usage),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "github-copilot/usage",
+            status: "unknown",
+            data: { connected: true },
+            metadata: { org },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GitLabCIConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GitLabCIConnector implements IntegrationConnector {
+    readonly id = "gitlab-ci";
+    readonly name = "GitLab CI/CD";
+    readonly category: "ci_cd";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GitLabCIConnector.js ADDED Viewed

@@ -0,0 +1,71 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gitlabci-pipelines",
+        name: "CI Pipelines",
+        description: "Fetch GitLab CI/CD pipeline definitions, stages, and run history",
+        evidenceCategories: ["ci_cd", "change_management"],
+    },
+    {
+        id: "gitlabci-artifacts",
+        name: "Build Artifacts",
+        description: "Fetch pipeline artifact configurations and retention policies",
+        evidenceCategories: ["data_protection", "configuration"],
+    },
+    {
+        id: "gitlabci-secrets",
+        name: "CI/CD Variables",
+        description: "Fetch protected variables and secret management in pipelines",
+        evidenceCategories: ["secret_management", "access_control"],
+    },
+];
+export class GitLabCIConnector {
+    id = "gitlab-ci";
+    name = "GitLab CI/CD";
+    category = "ci_cd";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const project = config.extra?.project || "default%2Fproject";
+        const base = config.baseUrl || "https://gitlab.com/api/v4";
+        const resp = await fetch(`${base}/projects/${project}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`GitLab CI API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const pipelines = await this.fetchApi(config, "/pipelines?per_page=100").catch(() => []);
+        const pipelineList = Array.isArray(pipelines) ? pipelines : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gitlabci-pipelines",
+            timestamp: now,
+            hash: hashEvidence({ pipelineCount: pipelineList.length }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: "gitlab-ci/pipelines",
+            status: "unknown",
+            data: { pipelineCount: pipelineList.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GitLabConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GitLabConnector implements IntegrationConnector {
+    readonly id = "gitlab";
+    readonly name = "GitLab";
+    readonly category: "version_control";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GitLabConnector.js ADDED Viewed

@@ -0,0 +1,101 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gl-project-settings",
+        name: "Project Settings",
+        description: "Fetch project visibility, push rules, and container protection",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+    {
+        id: "gl-mr-approvals",
+        name: "Merge Request Approvals",
+        description: "Fetch MR approval rules and required reviewers",
+        evidenceCategories: ["change_management"],
+    },
+    {
+        id: "gl-sast-results",
+        name: "SAST Results",
+        description: "Fetch Static Application Security Testing results",
+        evidenceCategories: ["vulnerability_management", "application_security"],
+    },
+];
+export class GitLabConnector {
+    id = "gitlab";
+    name = "GitLab";
+    category = "version_control";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://gitlab.com/api/v4";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: { Authorization: `Bearer ${config.apiToken}` },
+        });
+        if (!resp.ok)
+            throw new Error(`GitLab API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/user");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const projectId = config.extra?.projectId || "1";
+        const project = await this.fetchApi(config, `/projects/${projectId}`);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-project-settings",
+            timestamp: now,
+            hash: hashEvidence(project),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `gitlab.com/projects/${projectId}`,
+            status: project.visibility === "private" ? "compliant" : "partial",
+            data: {
+                visibility: project.visibility,
+                requestAccessEnabled: project.request_access_enabled,
+                mergeRequestsEnabled: project.merge_requests_enabled,
+                jobsEnabled: project.jobs_enabled,
+            },
+            metadata: { projectId: String(projectId) },
+        });
+        const approvals = await this.fetchApi(config, `/projects/${projectId}/approval_rules`).catch(() => []);
+        const rules = Array.isArray(approvals) ? approvals : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-mr-approvals",
+            timestamp: now,
+            hash: hashEvidence({ rules }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: `gitlab.com/projects/${projectId}/approval_rules`,
+            status: rules.length > 0 ? "compliant" : "non_compliant",
+            data: { approvalRules: rules },
+            metadata: { projectId: String(projectId) },
+        });
+        const sast = await this.fetchApi(config, `/projects/${projectId}/security/scans`).catch(() => ({ vulnerabilities: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-sast-results",
+            timestamp: now,
+            hash: hashEvidence(sast),
+            framework: "ISO27001",
+            controlId: "A.14.2.1",
+            source: `gitlab.com/projects/${projectId}/security/scans`,
+            status: "unknown",
+            data: { scans: sast },
+            metadata: { projectId: String(projectId) },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GitLabSASTConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GitLabSASTConnector implements IntegrationConnector {
+    readonly id = "gitlab_sast";
+    readonly name = "GitLab SAST";
+    readonly category: "version_control";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/GitLabSASTConnector.js ADDED Viewed

@@ -0,0 +1,130 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "gl-sast-scans",
+        name: "SAST Scan Results",
+        description: "Fetch static application security testing results per pipeline",
+        evidenceCategories: ["vulnerability_management", "code_analysis"],
+    },
+    {
+        id: "gl-secret-detection",
+        name: "Secret Detection",
+        description: "Fetch secret detection scan results and alerts",
+        evidenceCategories: ["data_protection", "vulnerability_management"],
+    },
+    {
+        id: "gl-dependency-scanning",
+        name: "Dependency Scanning",
+        description: "Fetch dependency scanning alerts and CVEs",
+        evidenceCategories: ["supply_chain", "vulnerability_management"],
+    },
+    {
+        id: "gl-sast-policy",
+        name: "SAST Policy Compliance",
+        description: "Fetch SAST gate enforcement and merge request approvals",
+        evidenceCategories: ["change_management", "access_control"],
+    },
+];
+export class GitLabSASTConnector {
+    id = "gitlab_sast";
+    name = "GitLab SAST";
+    category = "version_control";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "PCI_DSS",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://gitlab.com/api/v4";
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                Accept: "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`GitLab API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/user");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const projectId = config.extra?.projectId || "1";
+        const sastReport = await this.fetchApi(config, `/projects/${projectId}/merge_requests?state=merged&per_page=1`).catch(() => ({ results: {} }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-sast-scans",
+            timestamp: now,
+            hash: hashEvidence(sastReport),
+            framework: "SOC2",
+            controlId: "CC6.6",
+            source: `gitlab/project/${projectId}/sast`,
+            status: "compliant",
+            data: { hasSAST: true },
+            metadata: { projectId },
+        });
+        const secretDetection = await this.fetchApi(config, `/projects/${projectId}/vulnerability_findings?scanner=secret_detection`).catch(() => ({ vulnerabilities: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-secret-detection",
+            timestamp: now,
+            hash: hashEvidence(secretDetection),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `gitlab/project/${projectId}/secret-detection`,
+            status: Array.isArray(secretDetection.vulnerabilities) &&
+                secretDetection.vulnerabilities.length === 0
+                ? "compliant"
+                : "non_compliant",
+            data: { findings: Array.isArray(secretDetection.vulnerabilities) ? secretDetection.vulnerabilities.length : 0 },
+            metadata: { projectId },
+        });
+        const depScanning = await this.fetchApi(config, `/projects/${projectId}/vulnerability_findings?scanner=dependency_scanning`).catch(() => ({ vulnerabilities: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-dependency-scanning",
+            timestamp: now,
+            hash: hashEvidence(depScanning),
+            framework: "ISO27001",
+            controlId: "A.12.6.1",
+            source: `gitlab/project/${projectId}/dependency-scanning`,
+            status: Array.isArray(depScanning.vulnerabilities) &&
+                depScanning.vulnerabilities.length === 0
+                ? "compliant"
+                : "non_compliant",
+            data: { vulnerabilities: Array.isArray(depScanning.vulnerabilities) ? depScanning.vulnerabilities.length : 0 },
+            metadata: { projectId },
+        });
+        const pipelines = await this.fetchApi(config, `/projects/${projectId}/pipelines?per_page=5`).catch(() => []);
+        const pipelineList = Array.isArray(pipelines) ? pipelines : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "gl-sast-policy",
+            timestamp: now,
+            hash: hashEvidence({ pipelines: pipelineList }),
+            framework: "PCI_DSS",
+            controlId: "6.5.1",
+            source: `gitlab/project/${projectId}/pipelines`,
+            status: pipelineList.length > 0 ? "compliant" : "partial",
+            data: { recentPipelineCount: pipelineList.length },
+            metadata: { projectId },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/GoogleWorkspaceConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class GoogleWorkspaceConnector implements IntegrationConnector {
+    readonly id = "google-workspace";
+    readonly name = "Google Workspace";
+    readonly category: "workspace";
+    readonly authType: "oauth2";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}