npm - @grc-claw/integration-marketplace - Versions diffs - 0.8.0 - Mend

@grc-claw/integration-marketplace 0.8.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (311) hide show

package/dist/IntegrationMarketplace.d.ts +32 -0
package/dist/IntegrationMarketplace.js +319 -0
package/dist/connectors/ADPConnector.d.ts +12 -0
package/dist/connectors/ADPConnector.js +97 -0
package/dist/connectors/AWSCloudTrailConnector.d.ts +12 -0
package/dist/connectors/AWSCloudTrailConnector.js +77 -0
package/dist/connectors/AWSCloudWatchConnector.d.ts +12 -0
package/dist/connectors/AWSCloudWatchConnector.js +70 -0
package/dist/connectors/AWSGuardDutyConnector.d.ts +12 -0
package/dist/connectors/AWSGuardDutyConnector.js +139 -0
package/dist/connectors/AWSIAMConnector.d.ts +12 -0
package/dist/connectors/AWSIAMConnector.js +90 -0
package/dist/connectors/AWSKMSConnector.d.ts +12 -0
package/dist/connectors/AWSKMSConnector.js +70 -0
package/dist/connectors/AWSLambdaConnector.d.ts +12 -0
package/dist/connectors/AWSLambdaConnector.js +84 -0
package/dist/connectors/AWSRDSConnector.d.ts +12 -0
package/dist/connectors/AWSRDSConnector.js +84 -0
package/dist/connectors/AWSS3Connector.d.ts +12 -0
package/dist/connectors/AWSS3Connector.js +112 -0
package/dist/connectors/AkamaiConnector.d.ts +12 -0
package/dist/connectors/AkamaiConnector.js +98 -0
package/dist/connectors/ArgoCDConnector.d.ts +12 -0
package/dist/connectors/ArgoCDConnector.js +93 -0
package/dist/connectors/ArtifactoryConnector.d.ts +12 -0
package/dist/connectors/ArtifactoryConnector.js +94 -0
package/dist/connectors/AtlassianJiraConnector.d.ts +12 -0
package/dist/connectors/AtlassianJiraConnector.js +134 -0
package/dist/connectors/Auth0Connector.d.ts +12 -0
package/dist/connectors/Auth0Connector.js +150 -0
package/dist/connectors/AzureADConnector.d.ts +12 -0
package/dist/connectors/AzureADConnector.js +115 -0
package/dist/connectors/AzureDevOpsConnector.d.ts +12 -0
package/dist/connectors/AzureDevOpsConnector.js +130 -0
package/dist/connectors/AzureDevOpsPipelinesConnector.d.ts +12 -0
package/dist/connectors/AzureDevOpsPipelinesConnector.js +72 -0
package/dist/connectors/AzurePipelinesConnector.d.ts +12 -0
package/dist/connectors/AzurePipelinesConnector.js +72 -0
package/dist/connectors/AzurePolicyConnector.d.ts +12 -0
package/dist/connectors/AzurePolicyConnector.js +141 -0
package/dist/connectors/AzureReposConnector.d.ts +12 -0
package/dist/connectors/AzureReposConnector.js +96 -0
package/dist/connectors/AzureSentinelConnector.d.ts +12 -0
package/dist/connectors/AzureSentinelConnector.js +88 -0
package/dist/connectors/BambooCICDConnector.d.ts +12 -0
package/dist/connectors/BambooCICDConnector.js +72 -0
package/dist/connectors/BambooHRConnector.d.ts +12 -0
package/dist/connectors/BambooHRConnector.js +84 -0
package/dist/connectors/BeyondTrustConnector.d.ts +12 -0
package/dist/connectors/BeyondTrustConnector.js +94 -0
package/dist/connectors/BitbucketConnector.d.ts +12 -0
package/dist/connectors/BitbucketConnector.js +100 -0
package/dist/connectors/BitbucketPipelinesConnector.d.ts +12 -0
package/dist/connectors/BitbucketPipelinesConnector.js +72 -0
package/dist/connectors/BoxConnector.d.ts +12 -0
package/dist/connectors/BoxConnector.js +122 -0
package/dist/connectors/BuildkiteConnector.d.ts +12 -0
package/dist/connectors/BuildkiteConnector.js +95 -0
package/dist/connectors/CarbonBlackConnector.d.ts +12 -0
package/dist/connectors/CarbonBlackConnector.js +89 -0
package/dist/connectors/CassandraConnector.d.ts +12 -0
package/dist/connectors/CassandraConnector.js +69 -0
package/dist/connectors/CheckPointConnector.d.ts +12 -0
package/dist/connectors/CheckPointConnector.js +98 -0
package/dist/connectors/CircleCIConnector.d.ts +12 -0
package/dist/connectors/CircleCIConnector.js +129 -0
package/dist/connectors/CircleCIConnectorsConnector.d.ts +12 -0
package/dist/connectors/CircleCIConnectorsConnector.js +69 -0
package/dist/connectors/CiscoUmbrellaConnector.d.ts +12 -0
package/dist/connectors/CiscoUmbrellaConnector.js +96 -0
package/dist/connectors/CloudBeesJenkinsConnector.d.ts +12 -0
package/dist/connectors/CloudBeesJenkinsConnector.js +70 -0
package/dist/connectors/CloudflareDNSConnector.d.ts +12 -0
package/dist/connectors/CloudflareDNSConnector.js +71 -0
package/dist/connectors/CloudflareWAFConnector.d.ts +12 -0
package/dist/connectors/CloudflareWAFConnector.js +98 -0
package/dist/connectors/ConfluenceConnector.d.ts +12 -0
package/dist/connectors/ConfluenceConnector.js +101 -0
package/dist/connectors/ConstantContactConnector.d.ts +12 -0
package/dist/connectors/ConstantContactConnector.js +70 -0
package/dist/connectors/CouchDBConnector.d.ts +12 -0
package/dist/connectors/CouchDBConnector.js +69 -0
package/dist/connectors/CrowdStrikeConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeConnector.js +86 -0
package/dist/connectors/CrowdStrikeFalconConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeFalconConnector.js +92 -0
package/dist/connectors/CrowdStrikeSpotlightConnector.d.ts +12 -0
package/dist/connectors/CrowdStrikeSpotlightConnector.js +139 -0
package/dist/connectors/CyberArkConnector.d.ts +12 -0
package/dist/connectors/CyberArkConnector.js +95 -0
package/dist/connectors/DatabricksConnector.d.ts +12 -0
package/dist/connectors/DatabricksConnector.js +95 -0
package/dist/connectors/DatadogConnector.d.ts +12 -0
package/dist/connectors/DatadogConnector.js +110 -0
package/dist/connectors/DigitalOceanConnector.d.ts +12 -0
package/dist/connectors/DigitalOceanConnector.js +85 -0
package/dist/connectors/DiscordConnector.d.ts +12 -0
package/dist/connectors/DiscordConnector.js +98 -0
package/dist/connectors/DockerHubConnector.d.ts +12 -0
package/dist/connectors/DockerHubConnector.js +80 -0
package/dist/connectors/DocuSignConnector.d.ts +12 -0
package/dist/connectors/DocuSignConnector.js +96 -0
package/dist/connectors/DriftConnector.d.ts +12 -0
package/dist/connectors/DriftConnector.js +69 -0
package/dist/connectors/DropboxConnector.d.ts +12 -0
package/dist/connectors/DropboxConnector.js +127 -0
package/dist/connectors/ESETConnector.d.ts +12 -0
package/dist/connectors/ESETConnector.js +70 -0
package/dist/connectors/ElasticsearchCloudConnector.d.ts +12 -0
package/dist/connectors/ElasticsearchCloudConnector.js +70 -0
package/dist/connectors/FSecureConnector.d.ts +12 -0
package/dist/connectors/FSecureConnector.js +70 -0
package/dist/connectors/FeatureFlagConnector.d.ts +12 -0
package/dist/connectors/FeatureFlagConnector.js +70 -0
package/dist/connectors/FluxCDConnector.d.ts +12 -0
package/dist/connectors/FluxCDConnector.js +94 -0
package/dist/connectors/ForgeRockConnector.d.ts +12 -0
package/dist/connectors/ForgeRockConnector.js +95 -0
package/dist/connectors/FortinetConnector.d.ts +12 -0
package/dist/connectors/FortinetConnector.js +98 -0
package/dist/connectors/FreshdeskConnector.d.ts +12 -0
package/dist/connectors/FreshdeskConnector.js +71 -0
package/dist/connectors/GCPBigQueryConnector.d.ts +12 -0
package/dist/connectors/GCPBigQueryConnector.js +71 -0
package/dist/connectors/GCPComputeConnector.d.ts +12 -0
package/dist/connectors/GCPComputeConnector.js +87 -0
package/dist/connectors/GCPConfigConnector.d.ts +12 -0
package/dist/connectors/GCPConfigConnector.js +149 -0
package/dist/connectors/GCPFirestoreConnector.d.ts +12 -0
package/dist/connectors/GCPFirestoreConnector.js +71 -0
package/dist/connectors/GCPIAMConnector.d.ts +12 -0
package/dist/connectors/GCPIAMConnector.js +98 -0
package/dist/connectors/GCPSCCConnector.d.ts +12 -0
package/dist/connectors/GCPSCCConnector.js +94 -0
package/dist/connectors/GitHubActionsConnector.d.ts +12 -0
package/dist/connectors/GitHubActionsConnector.js +104 -0
package/dist/connectors/GitHubConnector.d.ts +12 -0
package/dist/connectors/GitHubConnector.js +135 -0
package/dist/connectors/GitHubCopilotConnector.d.ts +12 -0
package/dist/connectors/GitHubCopilotConnector.js +72 -0
package/dist/connectors/GitLabCIConnector.d.ts +12 -0
package/dist/connectors/GitLabCIConnector.js +71 -0
package/dist/connectors/GitLabConnector.d.ts +12 -0
package/dist/connectors/GitLabConnector.js +101 -0
package/dist/connectors/GitLabSASTConnector.d.ts +12 -0
package/dist/connectors/GitLabSASTConnector.js +130 -0
package/dist/connectors/GoogleWorkspaceConnector.d.ts +12 -0
package/dist/connectors/GoogleWorkspaceConnector.js +136 -0
package/dist/connectors/HelmConnector.d.ts +12 -0
package/dist/connectors/HelmConnector.js +94 -0
package/dist/connectors/HubSpotConnector.d.ts +12 -0
package/dist/connectors/HubSpotConnector.js +77 -0
package/dist/connectors/IFTTTConnector.d.ts +12 -0
package/dist/connectors/IFTTTConnector.js +70 -0
package/dist/connectors/ImpervaConnector.d.ts +12 -0
package/dist/connectors/ImpervaConnector.js +94 -0
package/dist/connectors/InfluxDBConnector.d.ts +12 -0
package/dist/connectors/InfluxDBConnector.js +70 -0
package/dist/connectors/IntercomConnector.d.ts +12 -0
package/dist/connectors/IntercomConnector.js +69 -0
package/dist/connectors/JenkinsConnector.d.ts +12 -0
package/dist/connectors/JenkinsConnector.js +96 -0
package/dist/connectors/JiraConnector.d.ts +12 -0
package/dist/connectors/JiraConnector.js +103 -0
package/dist/connectors/KafkaConnector.d.ts +12 -0
package/dist/connectors/KafkaConnector.js +70 -0
package/dist/connectors/KasperskyConnector.d.ts +12 -0
package/dist/connectors/KasperskyConnector.js +70 -0
package/dist/connectors/KubernetesConnector.d.ts +12 -0
package/dist/connectors/KubernetesConnector.js +109 -0
package/dist/connectors/LaceworkConnector.d.ts +13 -0
package/dist/connectors/LaceworkConnector.js +143 -0
package/dist/connectors/LaunchDarklyConnector.d.ts +12 -0
package/dist/connectors/LaunchDarklyConnector.js +86 -0
package/dist/connectors/LinodeConnector.d.ts +12 -0
package/dist/connectors/LinodeConnector.js +70 -0
package/dist/connectors/LookerConnector.d.ts +12 -0
package/dist/connectors/LookerConnector.js +94 -0
package/dist/connectors/MailchimpConnector.d.ts +12 -0
package/dist/connectors/MailchimpConnector.js +71 -0
package/dist/connectors/MalwarebytesConnector.d.ts +12 -0
package/dist/connectors/MalwarebytesConnector.js +85 -0
package/dist/connectors/McAfeeConnector.d.ts +12 -0
package/dist/connectors/McAfeeConnector.js +85 -0
package/dist/connectors/Microsoft365Connector.d.ts +12 -0
package/dist/connectors/Microsoft365Connector.js +139 -0
package/dist/connectors/MongoDBConnector.d.ts +12 -0
package/dist/connectors/MongoDBConnector.js +86 -0
package/dist/connectors/NamelyConnector.d.ts +12 -0
package/dist/connectors/NamelyConnector.js +97 -0
package/dist/connectors/Neo4jConnector.d.ts +12 -0
package/dist/connectors/Neo4jConnector.js +70 -0
package/dist/connectors/NetSuiteConnector.d.ts +12 -0
package/dist/connectors/NetSuiteConnector.js +94 -0
package/dist/connectors/NetskopeConnector.d.ts +12 -0
package/dist/connectors/NetskopeConnector.js +98 -0
package/dist/connectors/NexusConnector.d.ts +12 -0
package/dist/connectors/NexusConnector.js +93 -0
package/dist/connectors/NotionConnector.d.ts +12 -0
package/dist/connectors/NotionConnector.js +109 -0
package/dist/connectors/OktaConnector.d.ts +12 -0
package/dist/connectors/OktaConnector.js +123 -0
package/dist/connectors/OktaSystemLogConnector.d.ts +12 -0
package/dist/connectors/OktaSystemLogConnector.js +129 -0
package/dist/connectors/OpsgenieConnector.d.ts +12 -0
package/dist/connectors/OpsgenieConnector.js +70 -0
package/dist/connectors/PagerDutyConnector.d.ts +12 -0
package/dist/connectors/PagerDutyConnector.js +106 -0
package/dist/connectors/PalantirConnector.d.ts +12 -0
package/dist/connectors/PalantirConnector.js +95 -0
package/dist/connectors/PaloAltoPrismaCloudConnector.d.ts +12 -0
package/dist/connectors/PaloAltoPrismaCloudConnector.js +110 -0
package/dist/connectors/PingFederateConnector.d.ts +12 -0
package/dist/connectors/PingFederateConnector.js +97 -0
package/dist/connectors/PostgreSQLCloudConnector.d.ts +12 -0
package/dist/connectors/PostgreSQLCloudConnector.js +70 -0
package/dist/connectors/PowerBIConnector.d.ts +12 -0
package/dist/connectors/PowerBIConnector.js +95 -0
package/dist/connectors/PrismaCloudConnector.d.ts +12 -0
package/dist/connectors/PrismaCloudConnector.js +147 -0
package/dist/connectors/QualysConnector.d.ts +12 -0
package/dist/connectors/QualysConnector.js +96 -0
package/dist/connectors/QualysScannerConnector.d.ts +12 -0
package/dist/connectors/QualysScannerConnector.js +131 -0
package/dist/connectors/QuickBooksConnector.d.ts +12 -0
package/dist/connectors/QuickBooksConnector.js +97 -0
package/dist/connectors/RabbitMQConnector.d.ts +12 -0
package/dist/connectors/RabbitMQConnector.js +69 -0
package/dist/connectors/RadwareConnector.d.ts +12 -0
package/dist/connectors/RadwareConnector.js +94 -0
package/dist/connectors/RedisCloudConnector.d.ts +12 -0
package/dist/connectors/RedisCloudConnector.js +70 -0
package/dist/connectors/RingCentralConnector.d.ts +12 -0
package/dist/connectors/RingCentralConnector.js +94 -0
package/dist/connectors/SAPSuccessFactorsConnector.d.ts +12 -0
package/dist/connectors/SAPSuccessFactorsConnector.js +103 -0
package/dist/connectors/SailPointConnector.d.ts +12 -0
package/dist/connectors/SailPointConnector.js +97 -0
package/dist/connectors/SalesforceConnector.d.ts +12 -0
package/dist/connectors/SalesforceConnector.js +91 -0
package/dist/connectors/SendGridConnector.d.ts +12 -0
package/dist/connectors/SendGridConnector.js +69 -0
package/dist/connectors/SentinelOneConnector.d.ts +12 -0
package/dist/connectors/SentinelOneConnector.js +89 -0
package/dist/connectors/ServiceNowConnector.d.ts +12 -0
package/dist/connectors/ServiceNowConnector.js +123 -0
package/dist/connectors/SlackConnector.d.ts +12 -0
package/dist/connectors/SlackConnector.js +109 -0
package/dist/connectors/SnowflakeConnector.d.ts +12 -0
package/dist/connectors/SnowflakeConnector.js +105 -0
package/dist/connectors/SnykConnector.d.ts +12 -0
package/dist/connectors/SnykConnector.js +84 -0
package/dist/connectors/SnykMonitorConnector.d.ts +12 -0
package/dist/connectors/SnykMonitorConnector.js +131 -0
package/dist/connectors/SophosConnector.d.ts +12 -0
package/dist/connectors/SophosConnector.js +87 -0
package/dist/connectors/SpinnakerConnector.d.ts +12 -0
package/dist/connectors/SpinnakerConnector.js +70 -0
package/dist/connectors/SplunkConnector.d.ts +12 -0
package/dist/connectors/SplunkConnector.js +126 -0
package/dist/connectors/StripeConnector.d.ts +12 -0
package/dist/connectors/StripeConnector.js +97 -0
package/dist/connectors/TableauConnector.d.ts +12 -0
package/dist/connectors/TableauConnector.js +101 -0
package/dist/connectors/TaniumConnector.d.ts +12 -0
package/dist/connectors/TaniumConnector.js +97 -0
package/dist/connectors/TeamCityConnector.d.ts +12 -0
package/dist/connectors/TeamCityConnector.js +71 -0
package/dist/connectors/TeamsConnector.d.ts +12 -0
package/dist/connectors/TeamsConnector.js +96 -0
package/dist/connectors/TenableIOConnector.d.ts +12 -0
package/dist/connectors/TenableIOConnector.js +130 -0
package/dist/connectors/TerraformCloudConnector.d.ts +12 -0
package/dist/connectors/TerraformCloudConnector.js +106 -0
package/dist/connectors/TravisCIConnector.d.ts +12 -0
package/dist/connectors/TravisCIConnector.js +95 -0
package/dist/connectors/TrendMicroConnector.d.ts +12 -0
package/dist/connectors/TrendMicroConnector.js +85 -0
package/dist/connectors/TwilioConnector.d.ts +12 -0
package/dist/connectors/TwilioConnector.js +70 -0
package/dist/connectors/VercelConnector.d.ts +12 -0
package/dist/connectors/VercelConnector.js +70 -0
package/dist/connectors/VultrConnector.d.ts +12 -0
package/dist/connectors/VultrConnector.js +70 -0
package/dist/connectors/WebexConnector.d.ts +12 -0
package/dist/connectors/WebexConnector.js +94 -0
package/dist/connectors/WizConnector.d.ts +12 -0
package/dist/connectors/WizConnector.js +172 -0
package/dist/connectors/WorkdayConnector.d.ts +12 -0
package/dist/connectors/WorkdayConnector.js +100 -0
package/dist/connectors/XeroConnector.d.ts +12 -0
package/dist/connectors/XeroConnector.js +96 -0
package/dist/connectors/ZapierConnector.d.ts +12 -0
package/dist/connectors/ZapierConnector.js +70 -0
package/dist/connectors/ZendeskConnector.d.ts +12 -0
package/dist/connectors/ZendeskConnector.js +71 -0
package/dist/connectors/ZenefitsConnector.d.ts +12 -0
package/dist/connectors/ZenefitsConnector.js +93 -0
package/dist/connectors/ZoomConnector.d.ts +12 -0
package/dist/connectors/ZoomConnector.js +97 -0
package/dist/connectors/ZscalerConnector.d.ts +12 -0
package/dist/connectors/ZscalerConnector.js +97 -0
package/dist/connectors/index.d.ts +150 -0
package/dist/connectors/index.js +157 -0
package/dist/index.d.ts +5 -0
package/dist/index.js +16 -0
package/dist/index.test.d.ts +1 -0
package/dist/index.test.js +139 -0
package/dist/types.d.ts +57 -0
package/dist/types.js +8 -0
package/package.json +33 -0

package/dist/connectors/AzureADConnector.js ADDED Viewed

@@ -0,0 +1,115 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "aad-conditional-access",
+        name: "Conditional Access Policies",
+        description: "Fetch Azure AD conditional access policies",
+        evidenceCategories: ["access_control"],
+    },
+    {
+        id: "aad-mfa-enrollment",
+        name: "MFA Enrollment",
+        description: "Fetch MFA enrollment statistics and per-user MFA status",
+        evidenceCategories: ["authentication"],
+    },
+    {
+        id: "aad-app-registrations",
+        name: "App Registrations",
+        description: "Fetch app registrations and service principals",
+        evidenceCategories: ["access_control", "application_security"],
+    },
+];
+export class AzureADConnector {
+    id = "azure-ad";
+    name = "Azure Active Directory";
+    category = "identity";
+    authType = "oauth2";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "HIPAA",
+    ];
+    async getAccessToken(config) {
+        const resp = await fetch(`https://login.microsoftonline.com/${config.tenantId}/oauth2/v2.0/token`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                grant_type: "client_credentials",
+                client_id: config.clientId || "",
+                client_secret: config.clientSecret || "",
+                scope: "https://graph.microsoft.com/.default",
+            }),
+        });
+        if (!resp.ok)
+            throw new Error(`Azure AD token ${resp.status}`);
+        const data = (await resp.json());
+        return data.access_token;
+    }
+    async testConnection(config) {
+        try {
+            const token = await this.getAccessToken(config);
+            const resp = await fetch("https://graph.microsoft.com/v1.0/$metadata", {
+                headers: { Authorization: `Bearer ${token}` },
+            });
+            return resp.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const token = await this.getAccessToken(config);
+        const headers = { Authorization: `Bearer ${token}` };
+        const policies = await fetch("https://graph.microsoft.com/v1.0/identity/conditionalAccess/policies", { headers }).then((r) => r.json());
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "aad-conditional-access",
+            timestamp: now,
+            hash: hashEvidence(policies),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "azure-ad/conditionalAccess/policies",
+            status: (policies.value || []).length > 0 ? "compliant" : "non_compliant",
+            data: { policyCount: (policies.value || []).length, policies: policies.value },
+            metadata: { tenantId: config.tenantId || "" },
+        });
+        const mfaReport = await fetch("https://graph.microsoft.com/v1.0/reports/authenticationMethods/userRegistrationDetails?$select=isMfaRegistered,isMfaCapable", { headers }).then((r) => r.json());
+        const users = (mfaReport.value || []);
+        const mfaRegistered = users.filter((u) => u.isMfaRegistered === true).length;
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "aad-mfa-enrollment",
+            timestamp: now,
+            hash: hashEvidence(mfaReport),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: "azure-ad/authenticationMethods/userRegistrationDetails",
+            status: users.length > 0 && mfaRegistered / users.length > 0.9 ? "compliant" : "partial",
+            data: { totalUsers: users.length, mfaRegistered, mfaCapable: users.filter((u) => u.isMfaCapable === true).length },
+            metadata: { tenantId: config.tenantId || "" },
+        });
+        const apps = await fetch("https://graph.microsoft.com/v1.0/applicationRegistrations", {
+            headers,
+        }).then((r) => r.json());
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "aad-app-registrations",
+            timestamp: now,
+            hash: hashEvidence(apps),
+            framework: "ISO27001",
+            controlId: "A.14.2.5",
+            source: "azure-ad/applicationRegistrations",
+            status: "unknown",
+            data: { appCount: (apps.value || []).length, apps: apps.value },
+            metadata: { tenantId: config.tenantId || "" },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/AzureDevOpsConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class AzureDevOpsConnector implements IntegrationConnector {
+    readonly id = "azure_devops";
+    readonly name = "Azure DevOps";
+    readonly category: "ci_cd";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/AzureDevOpsConnector.js ADDED Viewed

@@ -0,0 +1,130 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "ado-pipelines",
+        name: "Pipeline Definitions",
+        description: "Fetch Azure DevOps pipeline definitions and run history",
+        evidenceCategories: ["ci_cd", "change_management"],
+    },
+    {
+        id: "ado-repos",
+        name: "Repository Settings",
+        description: "Fetch repo branch policies and access control lists",
+        evidenceCategories: ["version_control", "access_control"],
+    },
+    {
+        id: "ado-builds",
+        name: "Build Artifacts",
+        description: "Fetch build artifact integrity and retention policies",
+        evidenceCategories: ["ci_cd", "data_protection"],
+    },
+    {
+        id: "ado-pr",
+        name: "Pull Request Policies",
+        description: "Fetch PR merge policies and required reviewers",
+        evidenceCategories: ["change_management", "access_control"],
+    },
+];
+export class AzureDevOpsConnector {
+    id = "azure_devops";
+    name = "Azure DevOps";
+    category = "ci_cd";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "PCI_DSS",
+    ];
+    async fetchApi(config, endpoint) {
+        const base = config.baseUrl || "https://dev.azure.com";
+        const org = config.extra?.org || "default";
+        const resp = await fetch(`${base}/${org}/_apis${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                Accept: "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Azure DevOps API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            const org = config.extra?.org || "default";
+            await this.fetchApi(config, "/core/teams?api-version=7.0");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const org = config.extra?.org || "default";
+        const project = config.extra?.project || "default";
+        const pipelines = await this.fetchApi(config, `/build/definitions?api-version=7.0&searchFilter=owner&path=/`).catch(() => ({ count: 0, value: [] }));
+        const pipelineList = Array.isArray(pipelines.value) ? pipelines.value : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "ado-pipelines",
+            timestamp: now,
+            hash: hashEvidence({ count: pipelineList.length }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: `azure-devops/${org}/${project}/pipelines`,
+            status: pipelineList.length > 0 ? "compliant" : "partial",
+            data: { pipelineCount: pipelineList.length },
+            metadata: { org, project },
+        });
+        const repos = await this.fetchApi(config, `/git/repositories?api-version=7.0`).catch(() => ({ count: 0, value: [] }));
+        const repoList = Array.isArray(repos.value) ? repos.value : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "ado-repos",
+            timestamp: now,
+            hash: hashEvidence({ count: repoList.length }),
+            framework: "ISO27001",
+            controlId: "A.12.1.1",
+            source: `azure-devops/${org}/${project}/repos`,
+            status: repoList.length > 0 ? "compliant" : "partial",
+            data: { repositoryCount: repoList.length },
+            metadata: { org, project },
+        });
+        const builds = await this.fetchApi(config, `/build/builds?api-version=7.0&top=10&resultFilter=succeeded,failed`).catch(() => ({ count: 0, value: [] }));
+        const buildList = Array.isArray(builds.value) ? builds.value : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "ado-builds",
+            timestamp: now,
+            hash: hashEvidence({ count: buildList.length }),
+            framework: "NIST_CSF",
+            controlId: "PR.DS",
+            source: `azure-devops/${org}/${project}/builds`,
+            status: buildList.length > 0 ? "compliant" : "partial",
+            data: { recentBuilds: buildList.length },
+            metadata: { org, project },
+        });
+        const prPolicies = await this.fetchApi(config, `/git/policies/configurations?api-version=7.0`).catch(() => ({ count: 0, value: [] }));
+        const prList = Array.isArray(prPolicies.value) ? prPolicies.value : [];
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "ado-pr",
+            timestamp: now,
+            hash: hashEvidence({ count: prList.length }),
+            framework: "PCI_DSS",
+            controlId: "6.5.2",
+            source: `azure-devops/${org}/${project}/pr-policies`,
+            status: prList.length > 0 ? "compliant" : "partial",
+            data: { policyCount: prList.length },
+            metadata: { org, project },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/AzureDevOpsPipelinesConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class AzureDevOpsPipelinesConnector implements IntegrationConnector {
+    readonly id = "azuredevops-pipelines";
+    readonly name = "Azure DevOps Pipelines";
+    readonly category: "ci_cd";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/AzureDevOpsPipelinesConnector.js ADDED Viewed

@@ -0,0 +1,72 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "azuredevops-pipelines",
+        name: "Build Pipelines",
+        description: "Fetch Azure DevOps pipeline definitions and run history",
+        evidenceCategories: ["ci_cd", "change_management"],
+    },
+    {
+        id: "azuredevops-releases",
+        name: "Release Pipelines",
+        description: "Fetch release pipeline configurations and deployment approvals",
+        evidenceCategories: ["ci_cd", "access_control"],
+    },
+    {
+        id: "azuredevops-security",
+        name: "Pipeline Security",
+        description: "Fetch pipeline permissions, service connections, and variable groups",
+        evidenceCategories: ["access_control", "secret_management"],
+    },
+];
+export class AzureDevOpsPipelinesConnector {
+    id = "azuredevops-pipelines";
+    name = "Azure DevOps Pipelines";
+    category = "ci_cd";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const org = config.extra?.org || "default";
+        const base = config.baseUrl || `https://dev.azure.com/${org}`;
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Azure DevOps API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/_apis/projects?api-version=7.0&$top=1");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const project = config.extra?.project || "default";
+        const pipelines = await this.fetchApi(config, `/${project}/_apis/pipelines?api-version=7.0`).catch(() => ({ value: [] }));
+        const pipelineList = (pipelines.value || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "azuredevops-pipelines",
+            timestamp: now,
+            hash: hashEvidence({ pipelineCount: pipelineList.length }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: "azuredevops/pipelines",
+            status: pipelineList.length > 0 ? "compliant" : "unknown",
+            data: { pipelineCount: pipelineList.length },
+            metadata: { project },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/AzurePipelinesConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class AzurePipelinesConnector implements IntegrationConnector {
+    readonly id = "azure-pipelines";
+    readonly name = "Azure Pipelines";
+    readonly category: "ci_cd";
+    readonly authType: "bearer_token";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/AzurePipelinesConnector.js ADDED Viewed

@@ -0,0 +1,72 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "azurepipelines-builds",
+        name: "Build Pipelines",
+        description: "Fetch Azure Pipelines build definitions and execution history",
+        evidenceCategories: ["ci_cd", "change_management"],
+    },
+    {
+        id: "azurepipelines-releases",
+        name: "Release Pipelines",
+        description: "Fetch release pipeline configurations and approval gates",
+        evidenceCategories: ["ci_cd", "access_control"],
+    },
+    {
+        id: "azurepipelines-service-connections",
+        name: "Service Connections",
+        description: "Fetch service connection authorizations and shared variables",
+        evidenceCategories: ["access_control", "secret_management"],
+    },
+];
+export class AzurePipelinesConnector {
+    id = "azure-pipelines";
+    name = "Azure Pipelines";
+    category = "ci_cd";
+    authType = "bearer_token";
+    capabilities = capabilities;
+    frameworks = ["SOC2", "ISO27001", "NIST_CSF"];
+    async fetchApi(config, endpoint) {
+        const org = config.extra?.org || "default";
+        const project = config.extra?.project || "default";
+        const base = config.baseUrl || `https://dev.azure.com/${org}/${project}/_apis`;
+        const resp = await fetch(`${base}${endpoint}`, {
+            headers: {
+                Authorization: `Bearer ${config.apiToken}`,
+                "Content-Type": "application/json",
+            },
+        });
+        if (!resp.ok)
+            throw new Error(`Azure Pipelines API ${resp.status}: ${resp.statusText}`);
+        return (await resp.json());
+    }
+    async testConnection(config) {
+        try {
+            await this.fetchApi(config, "/build/builds?api-version=7.0&$top=1");
+            return true;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const builds = await this.fetchApi(config, "/build/builds?api-version=7.0&$top=100").catch(() => ({ value: [] }));
+        const buildList = (builds.value || []);
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "azurepipelines-builds",
+            timestamp: now,
+            hash: hashEvidence({ buildCount: buildList.length }),
+            framework: "SOC2",
+            controlId: "CC8.1",
+            source: "azure-pipelines/builds",
+            status: "unknown",
+            data: { buildCount: buildList.length },
+            metadata: {},
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/AzurePolicyConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class AzurePolicyConnector implements IntegrationConnector {
+    readonly id = "azure_policy";
+    readonly name = "Azure Policy";
+    readonly category: "cloud_provider";
+    readonly authType: "oauth2";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private getToken;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}

package/dist/connectors/AzurePolicyConnector.js ADDED Viewed

@@ -0,0 +1,141 @@
+import { hashEvidence, generateEvidenceId } from "../types.js";
+const capabilities = [
+    {
+        id: "az-policy-compliance",
+        name: "Policy Compliance State",
+        description: "Fetch Azure Policy compliance state per scope",
+        evidenceCategories: ["compliance", "configuration"],
+    },
+    {
+        id: "az-policy-assignments",
+        name: "Policy Assignments",
+        description: "Fetch assigned policies and initiatives across management groups",
+        evidenceCategories: ["configuration", "access_control"],
+    },
+    {
+        id: "az-policy-remediation",
+        name: "Remediation Tasks",
+        description: "Fetch policy remediation task status and non-compliant resources",
+        evidenceCategories: ["change_management", "compliance"],
+    },
+    {
+        id: "az-policy-deny",
+        name: "Deny Effect Evaluations",
+        description: "Fetch deny-effect policy evaluation results",
+        evidenceCategories: ["access_control", "configuration"],
+    },
+];
+export class AzurePolicyConnector {
+    id = "azure_policy";
+    name = "Azure Policy";
+    category = "cloud_provider";
+    authType = "oauth2";
+    capabilities = capabilities;
+    frameworks = [
+        "SOC2",
+        "ISO27001",
+        "NIST_CSF",
+        "HIPAA",
+        "CIS",
+    ];
+    async getToken(config) {
+        if (config.apiToken)
+            return config.apiToken;
+        const resp = await fetch(`https://login.microsoftonline.com/${config.tenantId}/oauth2/v2.0/token`, {
+            method: "POST",
+            headers: { "Content-Type": "application/x-www-form-urlencoded" },
+            body: new URLSearchParams({
+                grant_type: "client_credentials",
+                client_id: config.clientId || "",
+                client_secret: config.clientSecret || "",
+                scope: "https://management.azure.com/.default",
+            }),
+        });
+        const data = (await resp.json());
+        return data.access_token;
+    }
+    async testConnection(config) {
+        try {
+            const token = await this.getToken(config);
+            const resp = await fetch("https://management.azure.com/subscriptions?api-version=2020-01-01", { headers: { Authorization: `Bearer ${token}` } });
+            return resp.ok;
+        }
+        catch {
+            return false;
+        }
+    }
+    async collectEvidence(config) {
+        const artifacts = [];
+        const now = new Date().toISOString();
+        const token = await this.getToken(config);
+        const subscriptionId = config.extra?.subscriptionId || "default";
+        const scope = `/subscriptions/${subscriptionId}`;
+        const complianceState = await fetch(`https://management.azure.com${scope}/providers/Microsoft.PolicyInsights/policyStates/latest/summarizeByPolicyGroup?api-version=2021-10-01`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ value: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "az-policy-compliance",
+            timestamp: now,
+            hash: hashEvidence(complianceState),
+            framework: "SOC2",
+            controlId: "CC6.1",
+            source: `azure/policy/${subscriptionId}/compliance`,
+            status: "compliant",
+            data: { policyGroups: Array.isArray(complianceState.value) ? complianceState.value.length : 0 },
+            metadata: { subscriptionId },
+        });
+        const assignments = await fetch(`https://management.azure.com${scope}/providers/Microsoft.Authorization/policyAssignments?api-version=2021-06-01`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ value: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "az-policy-assignments",
+            timestamp: now,
+            hash: hashEvidence(assignments),
+            framework: "ISO27001",
+            controlId: "A.12.1.1",
+            source: `azure/policy/${subscriptionId}/assignments`,
+            status: Array.isArray(assignments.value) && assignments.value.length > 0
+                ? "compliant"
+                : "partial",
+            data: { assignmentCount: Array.isArray(assignments.value) ? assignments.value.length : 0 },
+            metadata: { subscriptionId },
+        });
+        const remediations = await fetch(`https://management.azure.com${scope}/providers/Microsoft.PolicyInsights/remediations?api-version=2021-10-01`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ value: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "az-policy-remediation",
+            timestamp: now,
+            hash: hashEvidence(remediations),
+            framework: "NIST_CSF",
+            controlId: "ID.RA",
+            source: `azure/policy/${subscriptionId}/remediations`,
+            status: "compliant",
+            data: { remediationCount: Array.isArray(remediations.value) ? remediations.value.length : 0 },
+            metadata: { subscriptionId },
+        });
+        const denyEvaluations = await fetch(`https://management.azure.com${scope}/providers/Microsoft.PolicyInsights/policyStates/latest/summarize?api-version=2021-10-01&$filter=PolicyDefinitionAction%20eq%20'deny'`, { headers: { Authorization: `Bearer ${token}` } })
+            .then((r) => r.json())
+            .catch(() => ({ value: [] }));
+        artifacts.push({
+            id: generateEvidenceId(),
+            connectorId: this.id,
+            capabilityId: "az-policy-deny",
+            timestamp: now,
+            hash: hashEvidence(denyEvaluations),
+            framework: "CIS",
+            controlId: "2.1",
+            source: `azure/policy/${subscriptionId}/deny-evaluations`,
+            status: "compliant",
+            data: { evaluationCount: Array.isArray(denyEvaluations.value) ? denyEvaluations.value.length : 0 },
+            metadata: { subscriptionId },
+        });
+        return artifacts;
+    }
+}

package/dist/connectors/AzureReposConnector.d.ts ADDED Viewed

@@ -0,0 +1,12 @@
+import type { IntegrationConnector, ConnectorConfig, EvidenceArtifact, IntegrationCapability, ComplianceFramework } from "../types.js";
+export declare class AzureReposConnector implements IntegrationConnector {
+    readonly id = "azure-repos";
+    readonly name = "Azure Repos";
+    readonly category: "version_control";
+    readonly authType: "api_key";
+    readonly capabilities: IntegrationCapability[];
+    readonly frameworks: ComplianceFramework[];
+    private fetchApi;
+    testConnection(config: ConnectorConfig): Promise<boolean>;
+    collectEvidence(config: ConnectorConfig): Promise<EvidenceArtifact[]>;
+}