@hasna/testers 0.0.39 → 0.0.41

package/dist/cli/index.js

@@ -16937,14 +16937,32 @@ function isCredentialReference(value) {
 var init_secrets_resolver = () => {};
 
 // src/lib/persona-auth.ts
-function areCookiesFresh(persona) {
+function isSessionCookie(cookieName) {
+  return !/(?:csrf|xsrf)/i.test(cookieName);
+}
+function getCookieExpires(cookie) {
+  if (typeof cookie.expires === "number" && Number.isFinite(cookie.expires)) {
+    return cookie.expires;
+  }
+  if (typeof cookie.expires === "string") {
+    const parsed = Number(cookie.expires);
+    return Number.isFinite(parsed) ? parsed : null;
+  }
+  return null;
+}
+function hasFreshAuthCookies(persona) {
   if (!persona.auth?.cookies?.length)
     return false;
   const cookies = persona.auth.cookies;
+  const sessionCookies = cookies.filter((cookie) => ("name" in cookie) && isSessionCookie(String(cookie.name)));
+  if (sessionCookies.length === 0) {
+    return false;
+  }
   const now2 = Date.now() / 1000;
-  const hasFutureExpiry = cookies.some((c) => c.expires && c.expires > now2 + 60);
-  if (hasFutureExpiry)
-    return true;
+  const expiringSessionCookies = sessionCookies.map(getCookieExpires).filter((expires) => expires !== null && expires > 0);
+  if (expiringSessionCookies.length > 0) {
+    return expiringSessionCookies.some((expires) => expires > now2 + 60);
+  }
   const updatedAt = new Date(persona.updatedAt).getTime();
   return Date.now() - updatedAt < COOKIE_MAX_AGE_MS;
 }
@@ -16982,6 +17000,7 @@ async function performLogin(page, persona, baseUrl) {
   const loginUrl = auth.loginPath.startsWith("http") ? auth.loginPath : `${baseUrl.replace(/\/$/, "")}${auth.loginPath}`;
   try {
     await page.goto(loginUrl, { timeout: 30000, waitUntil: "domcontentloaded" });
+    await page.waitForLoadState("networkidle", { timeout: 1e4 }).catch(() => {});
   } catch (err) {
     return { success: false, method: "login", error: `Navigation to login page failed: ${err instanceof Error ? err.message : String(err)}` };
   }
@@ -17038,11 +17057,25 @@ async function performLogin(page, persona, baseUrl) {
   if (!passwordFilled) {
     return { success: false, method: "login", error: "Could not find password field on login page" };
   }
+  await page.waitForFunction(() => {
+    const submits = Array.from(document.querySelectorAll('button[type="submit"], input[type="submit"]'));
+    return submits.length === 0 || submits.some((submit) => {
+      const rect = submit.getBoundingClientRect();
+      const visible = rect.width > 0 || rect.height > 0 || submit.getClientRects().length > 0;
+      return visible && !submit.disabled;
+    });
+  }, null, { timeout: 5000 }).catch(() => {});
   let submitted = false;
   for (const sel of submitSelectors) {
     try {
-      const el = page.locator(sel).first();
-      if (await el.isVisible({ timeout: 2000 })) {
+      const matches = page.locator(sel);
+      const count = await matches.count().catch(() => 0);
+      for (let i = 0;i < Math.min(count, 10); i++) {
+        const el = matches.nth(i);
+        if (!await el.isVisible({ timeout: 500 }).catch(() => false))
+          continue;
+        if (!await el.isEnabled({ timeout: 2000 }).catch(() => false))
+          continue;
         await Promise.all([
           page.waitForNavigation({ timeout: 15000, waitUntil: "domcontentloaded" }).catch(() => {}),
           el.click({ timeout: 5000 })
@@ -17050,6 +17083,8 @@ async function performLogin(page, persona, baseUrl) {
         submitted = true;
         break;
       }
+      if (submitted)
+        break;
     } catch {}
   }
   if (!submitted) {
@@ -17066,6 +17101,11 @@ async function performLogin(page, persona, baseUrl) {
   const currentUrl = page.url();
   const isStillOnLogin = currentUrl.includes(auth.loginPath) || currentUrl.includes("/login") || currentUrl.includes("/signin") || currentUrl.includes("/auth");
   if (isStillOnLogin) {
+    const cookies = await page.context().cookies().catch(() => []);
+    const authCookies = cookies.filter((cookie) => isSessionCookie(cookie.name));
+    if (authCookies.length > 0) {
+      return { success: true, method: "login" };
+    }
     let errorText = "";
     try {
       const errorEl = page.locator('[role="alert"], .error, .alert-error, [data-testid*="error"]').first();
@@ -17112,7 +17152,7 @@ async function ensurePersonaAuthenticated(page, persona, baseUrl) {
   if (!persona.auth) {
     return { success: true, method: "none" };
   }
-  if (areCookiesFresh(persona)) {
+  if (hasFreshAuthCookies(persona)) {
     const restored = await restoreCookies(page, persona);
     if (restored) {
       return { success: true, method: "cookies" };
@@ -93997,7 +94037,7 @@ import chalk6 from "chalk";
 // package.json
 var package_default = {
   name: "@hasna/testers",
-  version: "0.0.39",
+  version: "0.0.41",
   description: "AI-powered QA testing CLI \u2014 spawns cheap AI agents to test web apps with headless browsers",
   type: "module",
   main: "dist/index.js",
@@ -95724,6 +95764,40 @@ function formatProdDebugPlan(plan) {
 `);
 }
 
+// src/lib/persona-redaction.ts
+function stringKeys(value) {
+  return value ? Object.keys(value).sort() : [];
+}
+function cookieNames(cookies) {
+  if (!cookies)
+    return [];
+  return cookies.map((cookie) => cookie.name).filter((name) => typeof name === "string" && name.length > 0);
+}
+function redactPersona(persona) {
+  if (!persona.auth)
+    return { ...persona, auth: null };
+  const names = cookieNames(persona.auth.cookies);
+  const headerNames = stringKeys(persona.auth.headers);
+  return {
+    ...persona,
+    auth: {
+      emailConfigured: Boolean(persona.auth.email),
+      passwordConfigured: Boolean(persona.auth.password),
+      loginPath: persona.auth.loginPath,
+      strategy: persona.auth.strategy,
+      cookiesConfigured: names.length > 0,
+      cookieCount: names.length,
+      cookieNames: names,
+      headersConfigured: headerNames.length > 0,
+      headerNames,
+      customScriptConfigured: Boolean(persona.auth.customScript)
+    }
+  };
+}
+function redactPersonas(personas) {
+  return personas.map(redactPersona);
+}
+
 // src/cli/index.tsx
 init_projects();
 init_personas();
@@ -97629,6 +97703,7 @@ program2.command("run [url] [description]").alias("test").description("Run test
         process.exit(2);
       }, overallTimeoutMs).unref();
     }
+    const personaIdList = opts.persona ? opts.persona.split(",").map((s2) => s2.trim()).filter(Boolean) : undefined;
     if (!opts.dryRun && !opts.background) {
       const budgetResult = checkBudget(0);
       if (budgetResult.warning) {
@@ -97712,7 +97787,9 @@ program2.command("run [url] [description]").alias("test").description("Run test
         timeout: opts.timeout ? parseInt(opts.timeout, 10) : undefined,
         maxTurns: opts.maxTurns ? parseInt(opts.maxTurns, 10) : undefined,
         projectId,
-        engine: opts.browser
+        engine: opts.browser,
+        personaId: personaIdList?.[0],
+        personaIds: personaIdList && personaIdList.length > 1 ? personaIdList : undefined
       });
       log(chalk6.green(`Run started in background: ${chalk6.bold(runId.slice(0, 8))}`));
       log(chalk6.dim(`  Scenarios: ${scenarioCount}`));
@@ -97836,7 +97913,9 @@ program2.command("run [url] [description]").alias("test").description("Run test
         samples: parseInt(opts.samples ?? "1", 10),
         flakinessThreshold: parseFloat(opts.flakinessThreshold ?? "0.95"),
         a11y: opts.a11y ? typeof opts.a11y === "string" ? { level: opts.a11y } : true : undefined,
-        selfHeal: opts.selfHeal || undefined
+        selfHeal: opts.selfHeal || undefined,
+        personaId: personaIdList?.[0],
+        personaIds: personaIdList && personaIdList.length > 1 ? personaIdList : undefined
       });
       if (opts.json || opts.output) {
         const jsonOutput = formatJSON(run3, results2);
@@ -97924,7 +98003,6 @@ program2.command("run [url] [description]").alias("test").description("Run test
         log(chalk6.yellow("  --diff: git diff failed. Running all scenarios."));
       }
     }
-    const personaIdList = opts.persona ? opts.persona.split(",").map((s2) => s2.trim()).filter(Boolean) : undefined;
     const { run: run2, results } = await runByFilter({
       url: url2,
       tags: opts.tag.length > 0 ? opts.tag : undefined,
@@ -100751,7 +100829,7 @@ personaCmd.command("list").description("List personas").option("--project <id>",
       globalOnly: opts.global ? true : undefined
     });
     if (opts.json) {
-      log(JSON.stringify(personas, null, 2));
+      log(JSON.stringify(redactPersonas(personas), null, 2));
       return;
     }
     if (personas.length === 0) {

package/dist/index.js

@@ -15496,14 +15496,32 @@ function isCredentialReference(value) {
 
 // src/lib/persona-auth.ts
 var COOKIE_MAX_AGE_MS = 60 * 60 * 1000;
-function areCookiesFresh(persona) {
+function isSessionCookie(cookieName) {
+  return !/(?:csrf|xsrf)/i.test(cookieName);
+}
+function getCookieExpires(cookie) {
+  if (typeof cookie.expires === "number" && Number.isFinite(cookie.expires)) {
+    return cookie.expires;
+  }
+  if (typeof cookie.expires === "string") {
+    const parsed = Number(cookie.expires);
+    return Number.isFinite(parsed) ? parsed : null;
+  }
+  return null;
+}
+function hasFreshAuthCookies(persona) {
   if (!persona.auth?.cookies?.length)
     return false;
   const cookies = persona.auth.cookies;
+  const sessionCookies = cookies.filter((cookie) => ("name" in cookie) && isSessionCookie(String(cookie.name)));
+  if (sessionCookies.length === 0) {
+    return false;
+  }
   const now2 = Date.now() / 1000;
-  const hasFutureExpiry = cookies.some((c) => c.expires && c.expires > now2 + 60);
-  if (hasFutureExpiry)
-    return true;
+  const expiringSessionCookies = sessionCookies.map(getCookieExpires).filter((expires) => expires !== null && expires > 0);
+  if (expiringSessionCookies.length > 0) {
+    return expiringSessionCookies.some((expires) => expires > now2 + 60);
+  }
   const updatedAt = new Date(persona.updatedAt).getTime();
   return Date.now() - updatedAt < COOKIE_MAX_AGE_MS;
 }
@@ -15541,6 +15559,7 @@ async function performLogin(page, persona, baseUrl) {
   const loginUrl = auth.loginPath.startsWith("http") ? auth.loginPath : `${baseUrl.replace(/\/$/, "")}${auth.loginPath}`;
   try {
     await page.goto(loginUrl, { timeout: 30000, waitUntil: "domcontentloaded" });
+    await page.waitForLoadState("networkidle", { timeout: 1e4 }).catch(() => {});
   } catch (err) {
     return { success: false, method: "login", error: `Navigation to login page failed: ${err instanceof Error ? err.message : String(err)}` };
   }
@@ -15597,11 +15616,25 @@ async function performLogin(page, persona, baseUrl) {
   if (!passwordFilled) {
     return { success: false, method: "login", error: "Could not find password field on login page" };
   }
+  await page.waitForFunction(() => {
+    const submits = Array.from(document.querySelectorAll('button[type="submit"], input[type="submit"]'));
+    return submits.length === 0 || submits.some((submit) => {
+      const rect = submit.getBoundingClientRect();
+      const visible = rect.width > 0 || rect.height > 0 || submit.getClientRects().length > 0;
+      return visible && !submit.disabled;
+    });
+  }, null, { timeout: 5000 }).catch(() => {});
   let submitted = false;
   for (const sel of submitSelectors) {
     try {
-      const el = page.locator(sel).first();
-      if (await el.isVisible({ timeout: 2000 })) {
+      const matches = page.locator(sel);
+      const count = await matches.count().catch(() => 0);
+      for (let i = 0;i < Math.min(count, 10); i++) {
+        const el = matches.nth(i);
+        if (!await el.isVisible({ timeout: 500 }).catch(() => false))
+          continue;
+        if (!await el.isEnabled({ timeout: 2000 }).catch(() => false))
+          continue;
         await Promise.all([
           page.waitForNavigation({ timeout: 15000, waitUntil: "domcontentloaded" }).catch(() => {}),
           el.click({ timeout: 5000 })
@@ -15609,6 +15642,8 @@ async function performLogin(page, persona, baseUrl) {
         submitted = true;
         break;
       }
+      if (submitted)
+        break;
     } catch {}
   }
   if (!submitted) {
@@ -15625,6 +15660,11 @@ async function performLogin(page, persona, baseUrl) {
   const currentUrl = page.url();
   const isStillOnLogin = currentUrl.includes(auth.loginPath) || currentUrl.includes("/login") || currentUrl.includes("/signin") || currentUrl.includes("/auth");
   if (isStillOnLogin) {
+    const cookies = await page.context().cookies().catch(() => []);
+    const authCookies = cookies.filter((cookie) => isSessionCookie(cookie.name));
+    if (authCookies.length > 0) {
+      return { success: true, method: "login" };
+    }
     let errorText = "";
     try {
       const errorEl = page.locator('[role="alert"], .error, .alert-error, [data-testid*="error"]').first();
@@ -15671,7 +15711,7 @@ async function ensurePersonaAuthenticated(page, persona, baseUrl) {
   if (!persona.auth) {
     return { success: true, method: "none" };
   }
-  if (areCookiesFresh(persona)) {
+  if (hasFreshAuthCookies(persona)) {
     const restored = await restoreCookies(page, persona);
     if (restored) {
       return { success: true, method: "cookies" };

package/dist/lib/persona-auth.d.ts

@@ -1,10 +1,12 @@
 import type { Page } from "playwright";
 import type { Persona } from "../types/index.js";
+export declare function isSessionCookie(cookieName: string): boolean;
 export interface LoginResult {
     success: boolean;
     method: "cookies" | "login" | "none";
     error?: string;
 }
+export declare function hasFreshAuthCookies(persona: Persona): boolean;
 /**
  * Perform login using a raw AuthConfig (e.g. from scenario.authConfig or an auth preset).
  * Resolves credentials via resolveCredential() supporting @secrets: and $ENV references.

package/dist/lib/persona-auth.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"persona-auth.d.ts","sourceRoot":"","sources":["../../src/lib/persona-auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAMjD,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,SAAS,GAAG,OAAO,GAAG,MAAM,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAoND;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,IAAI,EACV,MAAM,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,EACvG,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,WAAW,CAAC,CAgCtB;AAED;;;;;;;;;GASG;AACH,wBAAsB,0BAA0B,CAC9C,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,WAAW,CAAC,CAsBtB"}
+{"version":3,"file":"persona-auth.d.ts","sourceRoot":"","sources":["../../src/lib/persona-auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,IAAI,EAAE,MAAM,YAAY,CAAC;AACvC,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAMjD,wBAAgB,eAAe,CAAC,UAAU,EAAE,MAAM,GAAG,OAAO,CAE3D;AAED,MAAM,WAAW,WAAW;IAC1B,OAAO,EAAE,OAAO,CAAC;IACjB,MAAM,EAAE,SAAS,GAAG,OAAO,GAAG,MAAM,CAAC;IACrC,KAAK,CAAC,EAAE,MAAM,CAAC;CAChB;AAkBD,wBAAgB,mBAAmB,CAAC,OAAO,EAAE,OAAO,GAAG,OAAO,CAsB7D;AA2ND;;;GAGG;AACH,wBAAsB,mBAAmB,CACvC,IAAI,EAAE,IAAI,EACV,MAAM,EAAE;IAAE,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAAC,SAAS,CAAC,EAAE,MAAM,CAAC;IAAC,KAAK,CAAC,EAAE,MAAM,CAAC;IAAC,WAAW,CAAC,EAAE,MAAM,CAAA;CAAE,EACvG,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,WAAW,CAAC,CAgCtB;AAED;;;;;;;;;GASG;AACH,wBAAsB,0BAA0B,CAC9C,IAAI,EAAE,IAAI,EACV,OAAO,EAAE,OAAO,EAChB,OAAO,EAAE,MAAM,GACd,OAAO,CAAC,WAAW,CAAC,CAsBtB"}

package/dist/lib/persona-redaction.d.ts

@@ -0,0 +1,19 @@
+import type { Persona } from "../types/index.js";
+export interface RedactedPersonaAuth {
+    emailConfigured: boolean;
+    passwordConfigured: boolean;
+    loginPath: string;
+    strategy: string;
+    cookiesConfigured: boolean;
+    cookieCount: number;
+    cookieNames: string[];
+    headersConfigured: boolean;
+    headerNames: string[];
+    customScriptConfigured: boolean;
+}
+export type RedactedPersona = Omit<Persona, "auth"> & {
+    auth: RedactedPersonaAuth | null;
+};
+export declare function redactPersona(persona: Persona): RedactedPersona;
+export declare function redactPersonas(personas: Persona[]): RedactedPersona[];
+//# sourceMappingURL=persona-redaction.d.ts.map

package/dist/lib/persona-redaction.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"persona-redaction.d.ts","sourceRoot":"","sources":["../../src/lib/persona-redaction.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,mBAAmB,CAAC;AAEjD,MAAM,WAAW,mBAAmB;IAClC,eAAe,EAAE,OAAO,CAAC;IACzB,kBAAkB,EAAE,OAAO,CAAC;IAC5B,SAAS,EAAE,MAAM,CAAC;IAClB,QAAQ,EAAE,MAAM,CAAC;IACjB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,iBAAiB,EAAE,OAAO,CAAC;IAC3B,WAAW,EAAE,MAAM,EAAE,CAAC;IACtB,sBAAsB,EAAE,OAAO,CAAC;CACjC;AAED,MAAM,MAAM,eAAe,GAAG,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,GAAG;IACpD,IAAI,EAAE,mBAAmB,GAAG,IAAI,CAAC;CAClC,CAAC;AAaF,wBAAgB,aAAa,CAAC,OAAO,EAAE,OAAO,GAAG,eAAe,CAoB/D;AAED,wBAAgB,cAAc,CAAC,QAAQ,EAAE,OAAO,EAAE,GAAG,eAAe,EAAE,CAErE"}

package/dist/mcp/index.js

@@ -52,7 +52,7 @@ var package_default;
 var init_package = __esm(() => {
   package_default = {
     name: "@hasna/testers",
-    version: "0.0.39",
+    version: "0.0.41",
     description: "AI-powered QA testing CLI \u2014 spawns cheap AI agents to test web apps with headless browsers",
     type: "module",
     main: "dist/index.js",
@@ -20045,14 +20045,32 @@ function isCredentialReference(value) {
 var init_secrets_resolver = () => {};
 
 // src/lib/persona-auth.ts
-function areCookiesFresh(persona) {
+function isSessionCookie(cookieName) {
+  return !/(?:csrf|xsrf)/i.test(cookieName);
+}
+function getCookieExpires(cookie) {
+  if (typeof cookie.expires === "number" && Number.isFinite(cookie.expires)) {
+    return cookie.expires;
+  }
+  if (typeof cookie.expires === "string") {
+    const parsed = Number(cookie.expires);
+    return Number.isFinite(parsed) ? parsed : null;
+  }
+  return null;
+}
+function hasFreshAuthCookies(persona) {
   if (!persona.auth?.cookies?.length)
     return false;
   const cookies = persona.auth.cookies;
+  const sessionCookies = cookies.filter((cookie) => ("name" in cookie) && isSessionCookie(String(cookie.name)));
+  if (sessionCookies.length === 0) {
+    return false;
+  }
   const now2 = Date.now() / 1000;
-  const hasFutureExpiry = cookies.some((c) => c.expires && c.expires > now2 + 60);
-  if (hasFutureExpiry)
-    return true;
+  const expiringSessionCookies = sessionCookies.map(getCookieExpires).filter((expires) => expires !== null && expires > 0);
+  if (expiringSessionCookies.length > 0) {
+    return expiringSessionCookies.some((expires) => expires > now2 + 60);
+  }
   const updatedAt = new Date(persona.updatedAt).getTime();
   return Date.now() - updatedAt < COOKIE_MAX_AGE_MS;
 }
@@ -20090,6 +20108,7 @@ async function performLogin(page, persona, baseUrl) {
   const loginUrl = auth.loginPath.startsWith("http") ? auth.loginPath : `${baseUrl.replace(/\/$/, "")}${auth.loginPath}`;
   try {
     await page.goto(loginUrl, { timeout: 30000, waitUntil: "domcontentloaded" });
+    await page.waitForLoadState("networkidle", { timeout: 1e4 }).catch(() => {});
   } catch (err) {
     return { success: false, method: "login", error: `Navigation to login page failed: ${err instanceof Error ? err.message : String(err)}` };
   }
@@ -20146,11 +20165,25 @@ async function performLogin(page, persona, baseUrl) {
   if (!passwordFilled) {
     return { success: false, method: "login", error: "Could not find password field on login page" };
   }
+  await page.waitForFunction(() => {
+    const submits = Array.from(document.querySelectorAll('button[type="submit"], input[type="submit"]'));
+    return submits.length === 0 || submits.some((submit) => {
+      const rect = submit.getBoundingClientRect();
+      const visible = rect.width > 0 || rect.height > 0 || submit.getClientRects().length > 0;
+      return visible && !submit.disabled;
+    });
+  }, null, { timeout: 5000 }).catch(() => {});
   let submitted = false;
   for (const sel of submitSelectors) {
     try {
-      const el = page.locator(sel).first();
-      if (await el.isVisible({ timeout: 2000 })) {
+      const matches = page.locator(sel);
+      const count = await matches.count().catch(() => 0);
+      for (let i = 0;i < Math.min(count, 10); i++) {
+        const el = matches.nth(i);
+        if (!await el.isVisible({ timeout: 500 }).catch(() => false))
+          continue;
+        if (!await el.isEnabled({ timeout: 2000 }).catch(() => false))
+          continue;
         await Promise.all([
           page.waitForNavigation({ timeout: 15000, waitUntil: "domcontentloaded" }).catch(() => {}),
           el.click({ timeout: 5000 })
@@ -20158,6 +20191,8 @@ async function performLogin(page, persona, baseUrl) {
         submitted = true;
         break;
       }
+      if (submitted)
+        break;
     } catch {}
   }
   if (!submitted) {
@@ -20174,6 +20209,11 @@ async function performLogin(page, persona, baseUrl) {
   const currentUrl = page.url();
   const isStillOnLogin = currentUrl.includes(auth.loginPath) || currentUrl.includes("/login") || currentUrl.includes("/signin") || currentUrl.includes("/auth");
   if (isStillOnLogin) {
+    const cookies = await page.context().cookies().catch(() => []);
+    const authCookies = cookies.filter((cookie) => isSessionCookie(cookie.name));
+    if (authCookies.length > 0) {
+      return { success: true, method: "login" };
+    }
     let errorText = "";
     try {
       const errorEl = page.locator('[role="alert"], .error, .alert-error, [data-testid*="error"]').first();
@@ -20220,7 +20260,7 @@ async function ensurePersonaAuthenticated(page, persona, baseUrl) {
   if (!persona.auth) {
     return { success: true, method: "none" };
   }
-  if (areCookiesFresh(persona)) {
+  if (hasFreshAuthCookies(persona)) {
     const restored = await restoreCookies(page, persona);
     if (restored) {
       return { success: true, method: "cookies" };
@@ -53435,6 +53475,40 @@ var init_workflow_agent = __esm(() => {
   init_runner();
 });
 
+// src/lib/persona-redaction.ts
+function stringKeys(value) {
+  return value ? Object.keys(value).sort() : [];
+}
+function cookieNames(cookies) {
+  if (!cookies)
+    return [];
+  return cookies.map((cookie) => cookie.name).filter((name21) => typeof name21 === "string" && name21.length > 0);
+}
+function redactPersona(persona) {
+  if (!persona.auth)
+    return { ...persona, auth: null };
+  const names = cookieNames(persona.auth.cookies);
+  const headerNames = stringKeys(persona.auth.headers);
+  return {
+    ...persona,
+    auth: {
+      emailConfigured: Boolean(persona.auth.email),
+      passwordConfigured: Boolean(persona.auth.password),
+      loginPath: persona.auth.loginPath,
+      strategy: persona.auth.strategy,
+      cookiesConfigured: names.length > 0,
+      cookieCount: names.length,
+      cookieNames: names,
+      headersConfigured: headerNames.length > 0,
+      headerNames,
+      customScriptConfigured: Boolean(persona.auth.customScript)
+    }
+  };
+}
+function redactPersonas(personas) {
+  return personas.map(redactPersona);
+}
+
 // src/db/environments.ts
 var exports_environments = {};
 __export(exports_environments, {
@@ -86911,7 +86985,7 @@ function buildServer() {
         authPassword,
         authLoginPath
       });
-      return json3(persona);
+      return json3(redactPersona(persona));
     } catch (error40) {
       return errorResponse(error40);
     }
@@ -86923,7 +86997,7 @@ function buildServer() {
   }, async ({ projectId, enabled, globalOnly }) => {
     try {
       const personas = listPersonas({ projectId, enabled, globalOnly });
-      return json3({ items: personas, total: personas.length });
+      return json3({ items: redactPersonas(personas), total: personas.length });
     } catch (error40) {
       return errorResponse(error40);
     }
@@ -86938,7 +87012,7 @@ function buildServer() {
       const db2 = getDatabase();
       const scenarioRows = db2.query("SELECT id, short_id, name FROM scenarios WHERE persona_id = ?").all(persona.id);
       return json3({
-        ...persona,
+        ...redactPersona(persona),
         usedByScenarios: scenarioRows.map((r2) => ({ id: r2.id, shortId: r2.short_id, name: r2.name }))
       });
     } catch (error40) {
@@ -86961,7 +87035,7 @@ function buildServer() {
   }, async ({ id, version: version2, ...updates }) => {
     try {
       const persona = updatePersona(id, updates, version2);
-      return json3(persona);
+      return json3(redactPersona(persona));
     } catch (error40) {
       return errorResponse(error40, {
         fetchCurrent: () => getPersona(id)
@@ -86992,7 +87066,7 @@ function buildServer() {
       if (!scenario)
         return errorResponse(notFoundErr(scenarioId, "Scenario"));
       const updated = updateScenario(scenario.id, { personaId: persona.id }, scenario.version);
-      return json3({ ...updated, attachedPersona: persona });
+      return json3({ ...updated, attachedPersona: redactPersona(persona) });
     } catch (error40) {
       return errorResponse(error40);
     }
@@ -87390,7 +87464,7 @@ function buildServer() {
         projectId: scenario.projectId ?? undefined,
         personaId: persona.id
       });
-      return json3({ ...clone2, attachedPersona: persona, clonedFrom: scenario.id });
+      return json3({ ...clone2, attachedPersona: redactPersona(persona), clonedFrom: scenario.id });
     } catch (e2) {
       return errorResponse(e2);
     }
@@ -87655,7 +87729,7 @@ Context: ${context2}` : ""}`,
       const updated = syncPersonaFromContact2(persona.id);
       if (!updated)
         return json3({ synced: false, message: "No linked contact found or no changes needed" });
-      return json3({ synced: true, persona: updated });
+      return json3({ synced: true, persona: redactPersona(updated) });
     } catch (e2) {
       return errorResponse(e2);
     }

package/dist/mcp/server.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAgHpE,wBAAgB,WAAW,IAAI,SAAS,CA2+EvC"}
+{"version":3,"file":"server.d.ts","sourceRoot":"","sources":["../../src/mcp/server.ts"],"names":[],"mappings":";AAGA,OAAO,EAAE,SAAS,EAAE,MAAM,yCAAyC,CAAC;AAiHpE,wBAAgB,WAAW,IAAI,SAAS,CA2+EvC"}

package/dist/server/index.js

@@ -46910,7 +46910,7 @@ import { join as join14 } from "path";
 // package.json
 var package_default = {
   name: "@hasna/testers",
-  version: "0.0.39",
+  version: "0.0.41",
   description: "AI-powered QA testing CLI \u2014 spawns cheap AI agents to test web apps with headless browsers",
   type: "module",
   main: "dist/index.js",
@@ -48540,14 +48540,32 @@ function resolveCredential(value) {
 
 // src/lib/persona-auth.ts
 var COOKIE_MAX_AGE_MS = 60 * 60 * 1000;
-function areCookiesFresh(persona) {
+function isSessionCookie(cookieName) {
+  return !/(?:csrf|xsrf)/i.test(cookieName);
+}
+function getCookieExpires(cookie) {
+  if (typeof cookie.expires === "number" && Number.isFinite(cookie.expires)) {
+    return cookie.expires;
+  }
+  if (typeof cookie.expires === "string") {
+    const parsed = Number(cookie.expires);
+    return Number.isFinite(parsed) ? parsed : null;
+  }
+  return null;
+}
+function hasFreshAuthCookies(persona) {
   if (!persona.auth?.cookies?.length)
     return false;
   const cookies = persona.auth.cookies;
+  const sessionCookies = cookies.filter((cookie) => ("name" in cookie) && isSessionCookie(String(cookie.name)));
+  if (sessionCookies.length === 0) {
+    return false;
+  }
   const now2 = Date.now() / 1000;
-  const hasFutureExpiry = cookies.some((c) => c.expires && c.expires > now2 + 60);
-  if (hasFutureExpiry)
-    return true;
+  const expiringSessionCookies = sessionCookies.map(getCookieExpires).filter((expires) => expires !== null && expires > 0);
+  if (expiringSessionCookies.length > 0) {
+    return expiringSessionCookies.some((expires) => expires > now2 + 60);
+  }
   const updatedAt = new Date(persona.updatedAt).getTime();
   return Date.now() - updatedAt < COOKIE_MAX_AGE_MS;
 }
@@ -48585,6 +48603,7 @@ async function performLogin(page, persona, baseUrl) {
   const loginUrl = auth.loginPath.startsWith("http") ? auth.loginPath : `${baseUrl.replace(/\/$/, "")}${auth.loginPath}`;
   try {
     await page.goto(loginUrl, { timeout: 30000, waitUntil: "domcontentloaded" });
+    await page.waitForLoadState("networkidle", { timeout: 1e4 }).catch(() => {});
   } catch (err) {
     return { success: false, method: "login", error: `Navigation to login page failed: ${err instanceof Error ? err.message : String(err)}` };
   }
@@ -48641,11 +48660,25 @@ async function performLogin(page, persona, baseUrl) {
   if (!passwordFilled) {
     return { success: false, method: "login", error: "Could not find password field on login page" };
   }
+  await page.waitForFunction(() => {
+    const submits = Array.from(document.querySelectorAll('button[type="submit"], input[type="submit"]'));
+    return submits.length === 0 || submits.some((submit) => {
+      const rect = submit.getBoundingClientRect();
+      const visible = rect.width > 0 || rect.height > 0 || submit.getClientRects().length > 0;
+      return visible && !submit.disabled;
+    });
+  }, null, { timeout: 5000 }).catch(() => {});
   let submitted = false;
   for (const sel of submitSelectors) {
     try {
-      const el = page.locator(sel).first();
-      if (await el.isVisible({ timeout: 2000 })) {
+      const matches = page.locator(sel);
+      const count = await matches.count().catch(() => 0);
+      for (let i = 0;i < Math.min(count, 10); i++) {
+        const el = matches.nth(i);
+        if (!await el.isVisible({ timeout: 500 }).catch(() => false))
+          continue;
+        if (!await el.isEnabled({ timeout: 2000 }).catch(() => false))
+          continue;
         await Promise.all([
           page.waitForNavigation({ timeout: 15000, waitUntil: "domcontentloaded" }).catch(() => {}),
           el.click({ timeout: 5000 })
@@ -48653,6 +48686,8 @@ async function performLogin(page, persona, baseUrl) {
         submitted = true;
         break;
       }
+      if (submitted)
+        break;
     } catch {}
   }
   if (!submitted) {
@@ -48669,6 +48704,11 @@ async function performLogin(page, persona, baseUrl) {
   const currentUrl = page.url();
   const isStillOnLogin = currentUrl.includes(auth.loginPath) || currentUrl.includes("/login") || currentUrl.includes("/signin") || currentUrl.includes("/auth");
   if (isStillOnLogin) {
+    const cookies = await page.context().cookies().catch(() => []);
+    const authCookies = cookies.filter((cookie) => isSessionCookie(cookie.name));
+    if (authCookies.length > 0) {
+      return { success: true, method: "login" };
+    }
     let errorText = "";
     try {
       const errorEl = page.locator('[role="alert"], .error, .alert-error, [data-testid*="error"]').first();
@@ -48715,7 +48755,7 @@ async function ensurePersonaAuthenticated(page, persona, baseUrl) {
   if (!persona.auth) {
     return { success: true, method: "none" };
   }
-  if (areCookiesFresh(persona)) {
+  if (hasFreshAuthCookies(persona)) {
     const restored = await restoreCookies(page, persona);
     if (restored) {
       return { success: true, method: "cookies" };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@hasna/testers",
-  "version": "0.0.39",
+  "version": "0.0.41",
   "description": "AI-powered QA testing CLI — spawns cheap AI agents to test web apps with headless browsers",
   "type": "module",
   "main": "dist/index.js",