@maestro-ai/mcp-server 1.1.0 → 2.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/adapters/skill-adapter.d.ts +57 -0
- package/dist/adapters/skill-adapter.d.ts.map +1 -0
- package/dist/adapters/skill-adapter.js +272 -0
- package/dist/adapters/skill-adapter.js.map +1 -0
- package/dist/content/rules/GEMINI.md +79 -27
- package/dist/content/rules/RULES.md +6 -0
- package/dist/content/skills/specialist-acessibilidade/MCP_INTEGRATION.md +698 -0
- package/dist/content/skills/specialist-acessibilidade/README.md +292 -0
- package/dist/content/skills/specialist-acessibilidade/SKILL.md +202 -0
- package/dist/content/skills/specialist-acessibilidade/mcp_functions/init_accessibility_audit.py +675 -0
- package/dist/content/skills/specialist-acessibilidade/mcp_functions/validate_wcag_compliance.py +587 -0
- package/dist/content/skills/specialist-acessibilidade/resources/checklists/accessibility-validation.md +457 -0
- package/dist/content/skills/specialist-acessibilidade/resources/examples/accessibility-examples.md +863 -0
- package/dist/content/skills/specialist-acessibilidade/resources/reference/wcag-guide.md +359 -0
- package/dist/content/skills/specialist-acessibilidade/resources/templates/checklist-acessibilidade.md +435 -0
- package/dist/content/skills/specialist-acessibilidade/resources/templates/relatorio-acessibilidade.md +490 -0
- package/dist/content/skills/specialist-analise-testes/MCP_INTEGRATION.md +569 -0
- package/dist/content/skills/specialist-analise-testes/README.md +42 -0
- package/dist/content/skills/specialist-analise-testes/SKILL.md +258 -0
- package/dist/content/skills/specialist-analise-testes/mcp_functions/README.md +794 -0
- package/dist/content/skills/specialist-analise-testes/resources/checklists/testing-validation.md +305 -0
- package/dist/content/skills/specialist-analise-testes/resources/examples/testing-examples.md +395 -0
- package/dist/content/skills/specialist-analise-testes/resources/reference/testing-guide.md +1024 -0
- package/dist/content/skills/specialist-arquitetura-avancada/MCP_INTEGRATION.md +440 -0
- package/dist/content/skills/specialist-arquitetura-avancada/README.md +298 -0
- package/dist/content/skills/specialist-arquitetura-avancada/SKILL.md +295 -0
- package/dist/content/skills/specialist-arquitetura-avancada/mcp_functions/README.md +573 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/checklists/architecture-validation.md +385 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/examples/architecture-examples.md +743 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/reference/architecture-guide.md +680 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/templates/bounded-context.md +333 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/templates/cqrs-implementation.md +495 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/templates/event-sourcing.md +571 -0
- package/dist/content/skills/specialist-arquitetura-avancada/resources/templates/microservices-strategy.md +647 -0
- package/dist/content/skills/specialist-arquitetura-software/MCP_INTEGRATION.md +483 -0
- package/dist/content/skills/specialist-arquitetura-software/README.md +306 -0
- package/dist/content/skills/specialist-arquitetura-software/SKILL.md +194 -0
- package/dist/content/skills/specialist-arquitetura-software/mcp_functions/init_architecture.py +137 -0
- package/dist/content/skills/specialist-arquitetura-software/mcp_functions/process_architecture.py +279 -0
- package/dist/content/skills/specialist-arquitetura-software/mcp_functions/validate_architecture.py +302 -0
- package/dist/content/skills/specialist-arquitetura-software/resources/checklists/architecture-validation.md +180 -0
- package/dist/content/skills/specialist-arquitetura-software/resources/examples/architecture-examples.md +239 -0
- package/dist/content/skills/specialist-arquitetura-software/resources/reference/architecture-guide.md +489 -0
- package/dist/content/skills/specialist-arquitetura-software/resources/templates/adr.md +61 -0
- package/dist/content/skills/specialist-arquitetura-software/resources/templates/arquitetura.md +192 -0
- package/dist/content/skills/specialist-arquitetura-software/resources/templates/slo-sli.md +153 -0
- package/dist/content/skills/specialist-banco-dados/MCP_INTEGRATION.md +390 -0
- package/dist/content/skills/specialist-banco-dados/README.md +323 -0
- package/dist/content/skills/specialist-banco-dados/SKILL.md +221 -0
- package/dist/content/skills/specialist-banco-dados/mcp_functions/init_database.py +720 -0
- package/dist/content/skills/specialist-banco-dados/mcp_functions/process_database.py +386 -0
- package/dist/content/skills/specialist-banco-dados/mcp_functions/validate_database.py +551 -0
- package/dist/content/skills/specialist-banco-dados/resources/checklists/database-validation.md +434 -0
- package/dist/content/skills/specialist-banco-dados/resources/examples/database-examples.md +857 -0
- package/dist/content/skills/specialist-banco-dados/resources/reference/database-guide.md +708 -0
- package/dist/content/skills/specialist-banco-dados/resources/templates/constraints.md +935 -0
- package/dist/content/skills/specialist-banco-dados/resources/templates/design-banco.md +509 -0
- package/dist/content/skills/specialist-banco-dados/resources/templates/indices.md +553 -0
- package/dist/content/skills/specialist-banco-dados/resources/templates/migracoes.md +777 -0
- package/dist/content/skills/specialist-contrato-api/MCP_INTEGRATION.md +152 -0
- package/dist/content/skills/specialist-contrato-api/README.md +183 -0
- package/dist/content/skills/specialist-contrato-api/SKILL.md +317 -0
- package/dist/content/skills/specialist-contrato-api/mcp_functions/README.md +17 -0
- package/dist/content/skills/specialist-contrato-api/resources/checklists/api-validation.md +44 -0
- package/dist/content/skills/specialist-contrato-api/resources/examples/api-examples.md +137 -0
- package/dist/content/skills/specialist-contrato-api/resources/reference/api-guide.md +96 -0
- package/dist/content/skills/specialist-contrato-api/resources/templates/contrato-api.md +165 -0
- package/dist/content/skills/specialist-dados-analytics-ia/MCP_INTEGRATION.md +398 -0
- package/dist/content/skills/specialist-dados-analytics-ia/README.md +224 -0
- package/dist/content/skills/specialist-dados-analytics-ia/SKILL.md +160 -0
- package/dist/content/skills/specialist-dados-analytics-ia/mcp_functions/generate_insights_dashboard.py +669 -0
- package/dist/content/skills/specialist-dados-analytics-ia/mcp_functions/init_analytics_pipeline.py +626 -0
- package/dist/content/skills/specialist-dados-analytics-ia/mcp_functions/validate_analytics_quality.py +772 -0
- package/dist/content/skills/specialist-dados-analytics-ia/resources/checklists/analytics-validation.md +519 -0
- package/dist/content/skills/specialist-dados-analytics-ia/resources/examples/analytics-examples.md +646 -0
- package/dist/content/skills/specialist-dados-analytics-ia/resources/reference/analytics-guide.md +1111 -0
- package/dist/content/skills/specialist-dados-analytics-ia/resources/templates/feature.md +419 -0
- package/dist/content/skills/specialist-dados-analytics-ia/resources/templates/requisitos.md +384 -0
- package/dist/content/skills/specialist-dados-analytics-ia/resources/templates/slo-sli.md +381 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/MCP_INTEGRATION.md +340 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/README.md +218 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/SKILL.md +194 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/resources/checklists/debugging-validation.md +319 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/resources/examples/debugging-examples.md +480 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/resources/prompts/analise-bugs.md +527 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/resources/reference/debugging-guide.md +392 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/resources/templates/bug-report.md +192 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/resources/templates/post-mortem.md +241 -0
- package/dist/content/skills/specialist-debugging-troubleshooting/scripts/README.md +64 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/MCP_INTEGRATION.md +98 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/README.md +167 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/SKILL.md +288 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/mcp_functions/README.md +17 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/resources/checklists/backend-validation.md +44 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/resources/examples/backend-examples.md +109 -0
- package/dist/content/skills/specialist-desenvolvimento-backend/resources/reference/backend-guide.md +86 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/MCP_INTEGRATION.md +914 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/README.md +261 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/SKILL.md +220 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/mcp_functions/init_frontend.py +861 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/mcp_functions/process_frontend.py +1003 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/mcp_functions/validate_frontend.py +766 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/resources/checklists/frontend-validation.md +365 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/resources/examples/frontend-examples.md +1125 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/resources/reference/frontend-guide.md +1055 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/resources/templates/component-story.md +530 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/resources/templates/historia-frontend.md +243 -0
- package/dist/content/skills/specialist-desenvolvimento-frontend/resources/templates/ui-guidelines.md +725 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/MCP_INTEGRATION.md +87 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/README.md +149 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/SKILL.md +360 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/mcp_functions/README.md +17 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/checklists/mobile-validation.md +330 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/examples/mobile-examples.md +966 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/reference/android-guide.md +546 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/reference/flutter-guide.md +500 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/reference/ios-guide.md +518 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/reference/mobile-guide.md +76 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/reference/react-native-guide.md +659 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/templates/historia-mobile.md +284 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/templates/mobile-checklist.md +239 -0
- package/dist/content/skills/specialist-desenvolvimento-mobile/resources/templates/platform-selection.md +302 -0
- package/dist/content/skills/specialist-devops-infra/MCP_INTEGRATION.md +471 -0
- package/dist/content/skills/specialist-devops-infra/README.md +234 -0
- package/dist/content/skills/specialist-devops-infra/SKILL.md +162 -0
- package/dist/content/skills/specialist-devops-infra/mcp_functions/generate_ci_cd_pipeline.py +870 -0
- package/dist/content/skills/specialist-devops-infra/mcp_functions/init_infrastructure_structure.py +704 -0
- package/dist/content/skills/specialist-devops-infra/mcp_functions/validate_infrastructure_quality.py +745 -0
- package/dist/content/skills/specialist-devops-infra/resources/checklists/devops-validation.md +427 -0
- package/dist/content/skills/specialist-devops-infra/resources/examples/devops-examples.md +652 -0
- package/dist/content/skills/specialist-devops-infra/resources/reference/devops-guide.md +1244 -0
- package/dist/content/skills/specialist-devops-infra/resources/templates/ci-cd-pipeline.yml +40 -0
- package/dist/content/skills/specialist-documentacao-tecnica/MCP_INTEGRATION.md +797 -0
- package/dist/content/skills/specialist-documentacao-tecnica/README.md +304 -0
- package/dist/content/skills/specialist-documentacao-tecnica/SKILL.md +202 -0
- package/dist/content/skills/specialist-documentacao-tecnica/mcp_functions/init_documentation_structure.py +733 -0
- package/dist/content/skills/specialist-documentacao-tecnica/mcp_functions/process_documentation_for_publishing.py +888 -0
- package/dist/content/skills/specialist-documentacao-tecnica/mcp_functions/validate_documentation_quality.py +775 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/checklists/documentation-validation.md +296 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/examples/documentation-examples.md +515 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/reference/documentation-guide.md +798 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/templates/api-docs.md +619 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/templates/design-doc.md +250 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/templates/guia-tecnico.md +383 -0
- package/dist/content/skills/specialist-documentacao-tecnica/resources/templates/readme-template.md +462 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/MCP_INTEGRATION.md +457 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/README.md +295 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/SKILL.md +214 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/mcp_functions/init_requirements.py +152 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/mcp_functions/process_requirements.py +445 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/mcp_functions/validate_requirements.py +475 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/resources/checklists/requirements-validation.md +258 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/resources/examples/requirements-examples.md +316 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/resources/reference/requirements-guide.md +651 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/resources/templates/criterios-aceite.md +484 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/resources/templates/matriz-rastreabilidade.md +246 -0
- package/dist/content/skills/specialist-engenharia-requisitos-ia/resources/templates/requisitos.md +244 -0
- package/dist/content/skills/specialist-exploracao-codebase/MCP_INTEGRATION.md +155 -0
- package/dist/content/skills/specialist-exploracao-codebase/README.md +320 -0
- package/dist/content/skills/specialist-exploracao-codebase/SKILL.md +194 -0
- package/dist/content/skills/specialist-exploracao-codebase/mcp_functions/README.md +39 -0
- package/dist/content/skills/specialist-exploracao-codebase/resources/checklists/exploration-validation.md +51 -0
- package/dist/content/skills/specialist-exploracao-codebase/resources/examples/exploration-examples.md +106 -0
- package/dist/content/skills/specialist-exploracao-codebase/resources/reference/exploration-guide.md +111 -0
- package/dist/content/skills/specialist-exploracao-codebase/resources/templates/codebase-map.md +129 -0
- package/dist/content/skills/specialist-exploracao-codebase/resources/templates/refactoring-plan.md +96 -0
- package/dist/content/skills/specialist-exploracao-codebase/resources/templates/technical-debt-report.md +69 -0
- package/dist/content/skills/specialist-gestao-produto/MCP_INTEGRATION.md +436 -0
- package/dist/content/skills/specialist-gestao-produto/README.md +202 -0
- package/dist/content/skills/specialist-gestao-produto/SKILL.md +174 -0
- package/dist/content/skills/specialist-gestao-produto/resources/checklists/prd-validation.md +165 -0
- package/dist/content/skills/specialist-gestao-produto/resources/examples/prd-examples.md +231 -0
- package/dist/content/skills/specialist-gestao-produto/resources/reference/product-guide.md +416 -0
- package/dist/content/skills/specialist-gestao-produto/resources/templates/PRD.md +212 -0
- package/dist/content/skills/specialist-gestao-produto/scripts/init_prd.py +170 -0
- package/dist/content/skills/specialist-gestao-produto/scripts/process_prd.py +388 -0
- package/dist/content/skills/specialist-gestao-produto/scripts/validate_prd.py +406 -0
- package/dist/content/skills/specialist-migracao-modernizacao/MCP_INTEGRATION.md +17 -0
- package/dist/content/skills/specialist-migracao-modernizacao/README.md +46 -0
- package/dist/content/skills/specialist-migracao-modernizacao/SKILL.md +485 -0
- package/dist/content/skills/specialist-migracao-modernizacao/mcp_functions/README.md +10 -0
- package/dist/content/skills/specialist-migracao-modernizacao/resources/checklists/migration-validation.md +23 -0
- package/dist/content/skills/specialist-migracao-modernizacao/resources/examples/migration-examples.md +30 -0
- package/dist/content/skills/specialist-migracao-modernizacao/resources/reference/migration-guide.md +27 -0
- package/dist/content/skills/specialist-migracao-modernizacao/resources/templates/migration-assessment.md +391 -0
- package/dist/content/skills/specialist-migracao-modernizacao/resources/templates/modernization-roadmap.md +479 -0
- package/dist/content/skills/specialist-migracao-modernizacao/resources/templates/risk-analysis.md +527 -0
- package/dist/content/skills/specialist-mobile-design-avancado/MCP_INTEGRATION.md +17 -0
- package/dist/content/skills/specialist-mobile-design-avancado/README.md +46 -0
- package/dist/content/skills/specialist-mobile-design-avancado/SKILL.md +567 -0
- package/dist/content/skills/specialist-mobile-design-avancado/mcp_functions/README.md +10 -0
- package/dist/content/skills/specialist-mobile-design-avancado/resources/checklists/design-validation.md +23 -0
- package/dist/content/skills/specialist-mobile-design-avancado/resources/examples/design-examples.md +46 -0
- package/dist/content/skills/specialist-mobile-design-avancado/resources/reference/design-guide.md +23 -0
- package/dist/content/skills/specialist-modelagem-dominio/MCP_INTEGRATION.md +336 -0
- package/dist/content/skills/specialist-modelagem-dominio/README.md +314 -0
- package/dist/content/skills/specialist-modelagem-dominio/SKILL.md +241 -0
- package/dist/content/skills/specialist-modelagem-dominio/mcp_functions/init_domain.py +479 -0
- package/dist/content/skills/specialist-modelagem-dominio/mcp_functions/process_domain.py +526 -0
- package/dist/content/skills/specialist-modelagem-dominio/mcp_functions/validate_domain.py +569 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/checklists/domain-validation.md +341 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/examples/domain-examples.md +505 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/reference/domain-guide.md +601 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/reference/domain-modeling-complete-guide.md +1126 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/templates/arquitetura-c4.md +477 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/templates/casos-uso.md +395 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/templates/entidades-relacionamentos.md +368 -0
- package/dist/content/skills/specialist-modelagem-dominio/resources/templates/modelo-dominio.md +311 -0
- package/dist/content/skills/specialist-observabilidade/SKILL.md +462 -0
- package/dist/content/skills/specialist-performance-escalabilidade/SKILL.md +329 -0
- package/dist/content/skills/specialist-plano-execucao-ia/MCP_INTEGRATION.md +371 -0
- package/dist/content/skills/specialist-plano-execucao-ia/README.md +194 -0
- package/dist/content/skills/specialist-plano-execucao-ia/SKILL.md +271 -0
- package/dist/content/skills/specialist-plano-execucao-ia/mcp_functions/README.md +38 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/checklists/planning-validation.md +144 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/examples/planning-examples.md +203 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/reference/planning-guide.md +316 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/templates/backlog.md +146 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/templates/historia-backend.md +157 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/templates/historia-frontend.md +116 -0
- package/dist/content/skills/specialist-plano-execucao-ia/resources/templates/historia-usuario.md +66 -0
- package/dist/content/skills/specialist-prototipagem-stitch/MCP_INTEGRATION.md +533 -0
- package/dist/content/skills/specialist-prototipagem-stitch/README.md +321 -0
- package/dist/content/skills/specialist-prototipagem-stitch/SKILL.md +194 -0
- package/dist/content/skills/specialist-prototipagem-stitch/mcp_functions/README.md +239 -0
- package/dist/content/skills/specialist-prototipagem-stitch/resources/checklists/stitch-validation.md +357 -0
- package/dist/content/skills/specialist-prototipagem-stitch/resources/examples/stitch-examples.md +372 -0
- package/dist/content/skills/specialist-prototipagem-stitch/resources/reference/stitch-guide.md +517 -0
- package/dist/content/skills/specialist-prototipagem-stitch/resources/templates/prompt-stitch.md +429 -0
- package/dist/content/skills/specialist-prototipagem-stitch/resources/templates/prototipo-stitch.md +317 -0
- package/dist/content/skills/specialist-seguranca-informacao/MCP_INTEGRATION.md +466 -0
- package/dist/content/skills/specialist-seguranca-informacao/README.md +245 -0
- package/dist/content/skills/specialist-seguranca-informacao/SKILL.md +343 -0
- package/dist/content/skills/specialist-seguranca-informacao/mcp_functions/init_security.py +405 -0
- package/dist/content/skills/specialist-seguranca-informacao/mcp_functions/process_security.py +611 -0
- package/dist/content/skills/specialist-seguranca-informacao/mcp_functions/validate_security.py +468 -0
- package/dist/content/skills/specialist-seguranca-informacao/resources/checklists/security-validation.md +368 -0
- package/dist/content/skills/specialist-seguranca-informacao/resources/examples/security-examples.md +358 -0
- package/dist/content/skills/specialist-seguranca-informacao/resources/reference/security-guide.md +757 -0
- package/dist/content/skills/specialist-seguranca-informacao/resources/templates/checklist-seguranca.md +383 -0
- package/dist/content/skills/specialist-seguranca-informacao/resources/templates/slo-sli.md +244 -0
- package/dist/content/skills/specialist-seguranca-informacao/resources/templates/threat-modeling.md +161 -0
- package/dist/content/skills/specialist-ux-design/MCP_INTEGRATION.md +294 -0
- package/dist/content/skills/specialist-ux-design/README.md +304 -0
- package/dist/content/skills/specialist-ux-design/SKILL.md +212 -0
- package/dist/content/skills/specialist-ux-design/mcp_functions/init_ux.py +126 -0
- package/dist/content/skills/specialist-ux-design/mcp_functions/process_ux.py +408 -0
- package/dist/content/skills/specialist-ux-design/mcp_functions/validate_ux.py +379 -0
- package/dist/content/skills/specialist-ux-design/resources/checklists/ux-validation.md +77 -0
- package/dist/content/skills/specialist-ux-design/resources/examples/ux-examples.md +161 -0
- package/dist/content/skills/specialist-ux-design/resources/reference/ux-guide.md +184 -0
- package/dist/content/skills/specialist-ux-design/resources/templates/design-doc.md +160 -0
- package/dist/content/skills/specialist-ux-design/resources/templates/jornada-usuario.md +126 -0
- package/dist/content/skills/specialist-ux-design/resources/templates/wireframes.md +155 -0
- package/dist/core/adr/ADRGenerator.d.ts +28 -0
- package/dist/core/adr/ADRGenerator.d.ts.map +1 -0
- package/dist/core/adr/ADRGenerator.js +63 -0
- package/dist/core/adr/ADRGenerator.js.map +1 -0
- package/dist/core/adr/index.d.ts +2 -0
- package/dist/core/adr/index.d.ts.map +1 -0
- package/dist/core/adr/index.js +2 -0
- package/dist/core/adr/index.js.map +1 -0
- package/dist/core/architecture/FitnessFunctions.d.ts +67 -0
- package/dist/core/architecture/FitnessFunctions.d.ts.map +1 -0
- package/dist/core/architecture/FitnessFunctions.js +292 -0
- package/dist/core/architecture/FitnessFunctions.js.map +1 -0
- package/dist/core/architecture/index.d.ts +3 -0
- package/dist/core/architecture/index.d.ts.map +1 -0
- package/dist/core/architecture/index.js +3 -0
- package/dist/core/architecture/index.js.map +1 -0
- package/dist/core/architecture/types.d.ts +42 -0
- package/dist/core/architecture/types.d.ts.map +1 -0
- package/dist/core/architecture/types.js +5 -0
- package/dist/core/architecture/types.js.map +1 -0
- package/dist/core/atam/ATAMAnalyzer.d.ts +19 -0
- package/dist/core/atam/ATAMAnalyzer.d.ts.map +1 -0
- package/dist/core/atam/ATAMAnalyzer.js +206 -0
- package/dist/core/atam/ATAMAnalyzer.js.map +1 -0
- package/dist/core/atam/ATAMReporter.d.ts +16 -0
- package/dist/core/atam/ATAMReporter.d.ts.map +1 -0
- package/dist/core/atam/ATAMReporter.js +175 -0
- package/dist/core/atam/ATAMReporter.js.map +1 -0
- package/dist/core/atam/QualityScenarios.d.ts +16 -0
- package/dist/core/atam/QualityScenarios.d.ts.map +1 -0
- package/dist/core/atam/QualityScenarios.js +149 -0
- package/dist/core/atam/QualityScenarios.js.map +1 -0
- package/dist/core/atam/RiskRegistry.d.ts +21 -0
- package/dist/core/atam/RiskRegistry.d.ts.map +1 -0
- package/dist/core/atam/RiskRegistry.js +83 -0
- package/dist/core/atam/RiskRegistry.js.map +1 -0
- package/dist/core/atam/index.d.ts +6 -0
- package/dist/core/atam/index.d.ts.map +1 -0
- package/dist/core/atam/index.js +6 -0
- package/dist/core/atam/index.js.map +1 -0
- package/dist/core/atam/types.d.ts +86 -0
- package/dist/core/atam/types.d.ts.map +1 -0
- package/dist/core/atam/types.js +5 -0
- package/dist/core/atam/types.js.map +1 -0
- package/dist/core/authority/AuthorityManager.d.ts +19 -0
- package/dist/core/authority/AuthorityManager.d.ts.map +1 -0
- package/dist/core/authority/AuthorityManager.js +66 -0
- package/dist/core/authority/AuthorityManager.js.map +1 -0
- package/dist/core/authority/index.d.ts +2 -0
- package/dist/core/authority/index.d.ts.map +1 -0
- package/dist/core/authority/index.js +2 -0
- package/dist/core/authority/index.js.map +1 -0
- package/dist/core/autofix/AutoFixEngine.d.ts +17 -0
- package/dist/core/autofix/AutoFixEngine.d.ts.map +1 -0
- package/dist/core/autofix/AutoFixEngine.js +46 -0
- package/dist/core/autofix/AutoFixEngine.js.map +1 -0
- package/dist/core/autofix/index.d.ts +2 -0
- package/dist/core/autofix/index.d.ts.map +1 -0
- package/dist/core/autofix/index.js +2 -0
- package/dist/core/autofix/index.js.map +1 -0
- package/dist/core/automation/AutoExecutor.d.ts +20 -0
- package/dist/core/automation/AutoExecutor.d.ts.map +1 -0
- package/dist/core/automation/AutoExecutor.js +38 -0
- package/dist/core/automation/AutoExecutor.js.map +1 -0
- package/dist/core/automation/index.d.ts +2 -0
- package/dist/core/automation/index.d.ts.map +1 -0
- package/dist/core/automation/index.js +2 -0
- package/dist/core/automation/index.js.map +1 -0
- package/dist/core/checkpoint/CheckpointManager.d.ts +43 -0
- package/dist/core/checkpoint/CheckpointManager.d.ts.map +1 -0
- package/dist/core/checkpoint/CheckpointManager.js +158 -0
- package/dist/core/checkpoint/CheckpointManager.js.map +1 -0
- package/dist/core/checkpoint/RollbackEngine.d.ts +31 -0
- package/dist/core/checkpoint/RollbackEngine.d.ts.map +1 -0
- package/dist/core/checkpoint/RollbackEngine.js +176 -0
- package/dist/core/checkpoint/RollbackEngine.js.map +1 -0
- package/dist/core/checkpoint/index.d.ts +4 -0
- package/dist/core/checkpoint/index.d.ts.map +1 -0
- package/dist/core/checkpoint/index.js +4 -0
- package/dist/core/checkpoint/index.js.map +1 -0
- package/dist/core/checkpoint/types.d.ts +33 -0
- package/dist/core/checkpoint/types.d.ts.map +1 -0
- package/dist/core/checkpoint/types.js +2 -0
- package/dist/core/checkpoint/types.js.map +1 -0
- package/dist/core/consistency/ConsistencyAnalyzer.d.ts +12 -0
- package/dist/core/consistency/ConsistencyAnalyzer.d.ts.map +1 -0
- package/dist/core/consistency/ConsistencyAnalyzer.js +79 -0
- package/dist/core/consistency/ConsistencyAnalyzer.js.map +1 -0
- package/dist/core/consistency/index.d.ts +3 -0
- package/dist/core/consistency/index.d.ts.map +1 -0
- package/dist/core/consistency/index.js +3 -0
- package/dist/core/consistency/index.js.map +1 -0
- package/dist/core/consistency/types.d.ts +43 -0
- package/dist/core/consistency/types.d.ts.map +1 -0
- package/dist/core/consistency/types.js +5 -0
- package/dist/core/consistency/types.js.map +1 -0
- package/dist/core/context/ContextDetector.d.ts +14 -0
- package/dist/core/context/ContextDetector.d.ts.map +1 -0
- package/dist/core/context/ContextDetector.js +58 -0
- package/dist/core/context/ContextDetector.js.map +1 -0
- package/dist/core/context/index.d.ts +3 -0
- package/dist/core/context/index.d.ts.map +1 -0
- package/dist/core/context/index.js +3 -0
- package/dist/core/context/index.js.map +1 -0
- package/dist/core/context/types.d.ts +41 -0
- package/dist/core/context/types.d.ts.map +1 -0
- package/dist/core/context/types.js +5 -0
- package/dist/core/context/types.js.map +1 -0
- package/dist/core/decision/AlternativeGenerator.d.ts +32 -0
- package/dist/core/decision/AlternativeGenerator.d.ts.map +1 -0
- package/dist/core/decision/AlternativeGenerator.js +155 -0
- package/dist/core/decision/AlternativeGenerator.js.map +1 -0
- package/dist/core/decision/ConfidenceCalculator.d.ts +42 -0
- package/dist/core/decision/ConfidenceCalculator.d.ts.map +1 -0
- package/dist/core/decision/ConfidenceCalculator.js +114 -0
- package/dist/core/decision/ConfidenceCalculator.js.map +1 -0
- package/dist/core/decision/DecisionEngine.d.ts +42 -0
- package/dist/core/decision/DecisionEngine.d.ts.map +1 -0
- package/dist/core/decision/DecisionEngine.js +144 -0
- package/dist/core/decision/DecisionEngine.js.map +1 -0
- package/dist/core/decision/DecisionMatrix.d.ts +29 -0
- package/dist/core/decision/DecisionMatrix.d.ts.map +1 -0
- package/dist/core/decision/DecisionMatrix.js +66 -0
- package/dist/core/decision/DecisionMatrix.js.map +1 -0
- package/dist/core/decision/index.d.ts +6 -0
- package/dist/core/decision/index.d.ts.map +1 -0
- package/dist/core/decision/index.js +6 -0
- package/dist/core/decision/index.js.map +1 -0
- package/dist/core/decision/types.d.ts +40 -0
- package/dist/core/decision/types.d.ts.map +1 -0
- package/dist/core/decision/types.js +5 -0
- package/dist/core/decision/types.js.map +1 -0
- package/dist/core/discovery/CodebaseDiscovery.d.ts +19 -0
- package/dist/core/discovery/CodebaseDiscovery.d.ts.map +1 -0
- package/dist/core/discovery/CodebaseDiscovery.js +83 -0
- package/dist/core/discovery/CodebaseDiscovery.js.map +1 -0
- package/dist/core/discovery/index.d.ts +2 -0
- package/dist/core/discovery/index.d.ts.map +1 -0
- package/dist/core/discovery/index.js +2 -0
- package/dist/core/discovery/index.js.map +1 -0
- package/dist/core/feedback/FeedbackLoop.d.ts +21 -0
- package/dist/core/feedback/FeedbackLoop.d.ts.map +1 -0
- package/dist/core/feedback/FeedbackLoop.js +45 -0
- package/dist/core/feedback/FeedbackLoop.js.map +1 -0
- package/dist/core/feedback/index.d.ts +2 -0
- package/dist/core/feedback/index.d.ts.map +1 -0
- package/dist/core/feedback/index.js +2 -0
- package/dist/core/feedback/index.js.map +1 -0
- package/dist/core/growth/GrowthProjector.d.ts +12 -0
- package/dist/core/growth/GrowthProjector.d.ts.map +1 -0
- package/dist/core/growth/GrowthProjector.js +93 -0
- package/dist/core/growth/GrowthProjector.js.map +1 -0
- package/dist/core/growth/index.d.ts +3 -0
- package/dist/core/growth/index.d.ts.map +1 -0
- package/dist/core/growth/index.js +3 -0
- package/dist/core/growth/index.js.map +1 -0
- package/dist/core/growth/types.d.ts +40 -0
- package/dist/core/growth/types.d.ts.map +1 -0
- package/dist/core/growth/types.js +5 -0
- package/dist/core/growth/types.js.map +1 -0
- package/dist/core/impact/ImpactAnalyzer.d.ts +22 -0
- package/dist/core/impact/ImpactAnalyzer.d.ts.map +1 -0
- package/dist/core/impact/ImpactAnalyzer.js +43 -0
- package/dist/core/impact/ImpactAnalyzer.js.map +1 -0
- package/dist/core/impact/index.d.ts +2 -0
- package/dist/core/impact/index.d.ts.map +1 -0
- package/dist/core/impact/index.js +2 -0
- package/dist/core/impact/index.js.map +1 -0
- package/dist/core/knowledge/ADRManager.d.ts +22 -0
- package/dist/core/knowledge/ADRManager.d.ts.map +1 -0
- package/dist/core/knowledge/ADRManager.js +82 -0
- package/dist/core/knowledge/ADRManager.js.map +1 -0
- package/dist/core/knowledge/ContextLoader.d.ts +18 -0
- package/dist/core/knowledge/ContextLoader.d.ts.map +1 -0
- package/dist/core/knowledge/ContextLoader.js +48 -0
- package/dist/core/knowledge/ContextLoader.js.map +1 -0
- package/dist/core/knowledge/KnowledgeBase.d.ts +35 -0
- package/dist/core/knowledge/KnowledgeBase.d.ts.map +1 -0
- package/dist/core/knowledge/KnowledgeBase.js +143 -0
- package/dist/core/knowledge/KnowledgeBase.js.map +1 -0
- package/dist/core/knowledge/PatternRegistry.d.ts +22 -0
- package/dist/core/knowledge/PatternRegistry.d.ts.map +1 -0
- package/dist/core/knowledge/PatternRegistry.js +56 -0
- package/dist/core/knowledge/PatternRegistry.js.map +1 -0
- package/dist/core/knowledge/index.d.ts +6 -0
- package/dist/core/knowledge/index.d.ts.map +1 -0
- package/dist/core/knowledge/index.js +6 -0
- package/dist/core/knowledge/index.js.map +1 -0
- package/dist/core/knowledge/types.d.ts +60 -0
- package/dist/core/knowledge/types.d.ts.map +1 -0
- package/dist/core/knowledge/types.js +2 -0
- package/dist/core/knowledge/types.js.map +1 -0
- package/dist/core/metrics/MetricsCollector.d.ts +21 -0
- package/dist/core/metrics/MetricsCollector.d.ts.map +1 -0
- package/dist/core/metrics/MetricsCollector.js +20 -0
- package/dist/core/metrics/MetricsCollector.js.map +1 -0
- package/dist/core/metrics/index.d.ts +2 -0
- package/dist/core/metrics/index.d.ts.map +1 -0
- package/dist/core/metrics/index.js +2 -0
- package/dist/core/metrics/index.js.map +1 -0
- package/dist/core/notification/NotificationManager.d.ts +20 -0
- package/dist/core/notification/NotificationManager.d.ts.map +1 -0
- package/dist/core/notification/NotificationManager.js +16 -0
- package/dist/core/notification/NotificationManager.js.map +1 -0
- package/dist/core/notification/index.d.ts +2 -0
- package/dist/core/notification/index.d.ts.map +1 -0
- package/dist/core/notification/index.js +2 -0
- package/dist/core/notification/index.js.map +1 -0
- package/dist/core/risk/RiskEvaluator.d.ts +11 -0
- package/dist/core/risk/RiskEvaluator.d.ts.map +1 -0
- package/dist/core/risk/RiskEvaluator.js +83 -0
- package/dist/core/risk/RiskEvaluator.js.map +1 -0
- package/dist/core/risk/index.d.ts +3 -0
- package/dist/core/risk/index.d.ts.map +1 -0
- package/dist/core/risk/index.js +3 -0
- package/dist/core/risk/index.js.map +1 -0
- package/dist/core/risk/types.d.ts +19 -0
- package/dist/core/risk/types.d.ts.map +1 -0
- package/dist/core/risk/types.js +2 -0
- package/dist/core/risk/types.js.map +1 -0
- package/dist/core/roadmap/RoadmapManager.d.ts +14 -0
- package/dist/core/roadmap/RoadmapManager.d.ts.map +1 -0
- package/dist/core/roadmap/RoadmapManager.js +81 -0
- package/dist/core/roadmap/RoadmapManager.js.map +1 -0
- package/dist/core/roadmap/index.d.ts +3 -0
- package/dist/core/roadmap/index.d.ts.map +1 -0
- package/dist/core/roadmap/index.js +3 -0
- package/dist/core/roadmap/index.js.map +1 -0
- package/dist/core/roadmap/types.d.ts +64 -0
- package/dist/core/roadmap/types.d.ts.map +1 -0
- package/dist/core/roadmap/types.js +5 -0
- package/dist/core/roadmap/types.js.map +1 -0
- package/dist/core/strangler/StranglerOrchestrator.d.ts +14 -0
- package/dist/core/strangler/StranglerOrchestrator.d.ts.map +1 -0
- package/dist/core/strangler/StranglerOrchestrator.js +87 -0
- package/dist/core/strangler/StranglerOrchestrator.js.map +1 -0
- package/dist/core/strangler/index.d.ts +3 -0
- package/dist/core/strangler/index.d.ts.map +1 -0
- package/dist/core/strangler/index.js +3 -0
- package/dist/core/strangler/index.js.map +1 -0
- package/dist/core/strangler/types.d.ts +70 -0
- package/dist/core/strangler/types.d.ts.map +1 -0
- package/dist/core/strangler/types.js +5 -0
- package/dist/core/strangler/types.js.map +1 -0
- package/dist/core/testing/TestRunner.d.ts +17 -0
- package/dist/core/testing/TestRunner.d.ts.map +1 -0
- package/dist/core/testing/TestRunner.js +22 -0
- package/dist/core/testing/TestRunner.js.map +1 -0
- package/dist/core/testing/index.d.ts +2 -0
- package/dist/core/testing/index.d.ts.map +1 -0
- package/dist/core/testing/index.js +2 -0
- package/dist/core/testing/index.js.map +1 -0
- package/dist/core/tradeoff/TradeoffAnalyzer.d.ts +24 -0
- package/dist/core/tradeoff/TradeoffAnalyzer.d.ts.map +1 -0
- package/dist/core/tradeoff/TradeoffAnalyzer.js +51 -0
- package/dist/core/tradeoff/TradeoffAnalyzer.js.map +1 -0
- package/dist/core/tradeoff/index.d.ts +2 -0
- package/dist/core/tradeoff/index.d.ts.map +1 -0
- package/dist/core/tradeoff/index.js +2 -0
- package/dist/core/tradeoff/index.js.map +1 -0
- package/dist/core/validation/DependencyValidator.d.ts +28 -0
- package/dist/core/validation/DependencyValidator.d.ts.map +1 -0
- package/dist/core/validation/DependencyValidator.js +188 -0
- package/dist/core/validation/DependencyValidator.js.map +1 -0
- package/dist/core/validation/SecurityValidator.d.ts +44 -0
- package/dist/core/validation/SecurityValidator.d.ts.map +1 -0
- package/dist/core/validation/SecurityValidator.js +248 -0
- package/dist/core/validation/SecurityValidator.js.map +1 -0
- package/dist/core/validation/ValidationPipeline.d.ts +62 -0
- package/dist/core/validation/ValidationPipeline.d.ts.map +1 -0
- package/dist/core/validation/ValidationPipeline.js +216 -0
- package/dist/core/validation/ValidationPipeline.js.map +1 -0
- package/dist/core/validation/index.d.ts +4 -0
- package/dist/core/validation/index.d.ts.map +1 -0
- package/dist/core/validation/index.js +4 -0
- package/dist/core/validation/index.js.map +1 -0
- package/dist/core/validation/layers/ArchitectureValidator.d.ts +21 -0
- package/dist/core/validation/layers/ArchitectureValidator.d.ts.map +1 -0
- package/dist/core/validation/layers/ArchitectureValidator.js +226 -0
- package/dist/core/validation/layers/ArchitectureValidator.js.map +1 -0
- package/dist/core/validation/layers/QualityValidator.d.ts +23 -0
- package/dist/core/validation/layers/QualityValidator.d.ts.map +1 -0
- package/dist/core/validation/layers/QualityValidator.js +259 -0
- package/dist/core/validation/layers/QualityValidator.js.map +1 -0
- package/dist/core/validation/layers/SecurityValidatorWrapper.d.ts +12 -0
- package/dist/core/validation/layers/SecurityValidatorWrapper.d.ts.map +1 -0
- package/dist/core/validation/layers/SecurityValidatorWrapper.js +54 -0
- package/dist/core/validation/layers/SecurityValidatorWrapper.js.map +1 -0
- package/dist/core/validation/layers/SemanticValidator.d.ts +21 -0
- package/dist/core/validation/layers/SemanticValidator.d.ts.map +1 -0
- package/dist/core/validation/layers/SemanticValidator.js +182 -0
- package/dist/core/validation/layers/SemanticValidator.js.map +1 -0
- package/dist/core/validation/layers/SyntacticValidator.d.ts +17 -0
- package/dist/core/validation/layers/SyntacticValidator.d.ts.map +1 -0
- package/dist/core/validation/layers/SyntacticValidator.js +194 -0
- package/dist/core/validation/layers/SyntacticValidator.js.map +1 -0
- package/dist/core/validation/types.d.ts +90 -0
- package/dist/core/validation/types.d.ts.map +1 -0
- package/dist/core/validation/types.js +24 -0
- package/dist/core/validation/types.js.map +1 -0
- package/dist/frontend-first/contract-generator.d.ts +47 -0
- package/dist/frontend-first/contract-generator.d.ts.map +1 -0
- package/dist/frontend-first/contract-generator.js +312 -0
- package/dist/frontend-first/contract-generator.js.map +1 -0
- package/dist/frontend-first/mock-generator.d.ts +23 -0
- package/dist/frontend-first/mock-generator.d.ts.map +1 -0
- package/dist/frontend-first/mock-generator.js +186 -0
- package/dist/frontend-first/mock-generator.js.map +1 -0
- package/dist/index.js +4 -4
- package/dist/index.js.map +1 -1
- package/dist/optimization/batch-prompts.d.ts +27 -0
- package/dist/optimization/batch-prompts.d.ts.map +1 -0
- package/dist/optimization/batch-prompts.js +178 -0
- package/dist/optimization/batch-prompts.js.map +1 -0
- package/dist/optimization/context-cache.d.ts +45 -0
- package/dist/optimization/context-cache.d.ts.map +1 -0
- package/dist/optimization/context-cache.js +149 -0
- package/dist/optimization/context-cache.js.map +1 -0
- package/dist/optimization/smart-validation.d.ts +43 -0
- package/dist/optimization/smart-validation.d.ts.map +1 -0
- package/dist/optimization/smart-validation.js +137 -0
- package/dist/optimization/smart-validation.js.map +1 -0
- package/dist/resources/index.d.ts.map +1 -1
- package/dist/resources/index.js +9 -9
- package/dist/resources/index.js.map +1 -1
- package/dist/stdio.js +189 -1
- package/dist/stdio.js.map +1 -1
- package/dist/tasks/task-manager.d.ts +30 -0
- package/dist/tasks/task-manager.d.ts.map +1 -0
- package/dist/tasks/task-manager.js +290 -0
- package/dist/tasks/task-manager.js.map +1 -0
- package/dist/tools/atualizar-tarefa.d.ts +17 -0
- package/dist/tools/atualizar-tarefa.d.ts.map +1 -0
- package/dist/tools/atualizar-tarefa.js +200 -0
- package/dist/tools/atualizar-tarefa.js.map +1 -0
- package/dist/tools/configurar-modo.d.ts +10 -0
- package/dist/tools/configurar-modo.d.ts.map +1 -0
- package/dist/tools/configurar-modo.js +121 -0
- package/dist/tools/configurar-modo.js.map +1 -0
- package/dist/tools/contexto.d.ts.map +1 -1
- package/dist/tools/contexto.js +35 -4
- package/dist/tools/contexto.js.map +1 -1
- package/dist/tools/criar-tarefa.d.ts +17 -0
- package/dist/tools/criar-tarefa.d.ts.map +1 -0
- package/dist/tools/criar-tarefa.js +132 -0
- package/dist/tools/criar-tarefa.js.map +1 -0
- package/dist/tools/fase1/checkpoint.tools.d.ts +150 -0
- package/dist/tools/fase1/checkpoint.tools.d.ts.map +1 -0
- package/dist/tools/fase1/checkpoint.tools.js +165 -0
- package/dist/tools/fase1/checkpoint.tools.js.map +1 -0
- package/dist/tools/fase1/knowledge.tools.d.ts +265 -0
- package/dist/tools/fase1/knowledge.tools.d.ts.map +1 -0
- package/dist/tools/fase1/knowledge.tools.js +209 -0
- package/dist/tools/fase1/knowledge.tools.js.map +1 -0
- package/dist/tools/fase1/misc.tools.d.ts +113 -0
- package/dist/tools/fase1/misc.tools.d.ts.map +1 -0
- package/dist/tools/fase1/misc.tools.js +99 -0
- package/dist/tools/fase1/misc.tools.js.map +1 -0
- package/dist/tools/fase1/validation.tools.d.ts +103 -0
- package/dist/tools/fase1/validation.tools.d.ts.map +1 -0
- package/dist/tools/fase1/validation.tools.js +174 -0
- package/dist/tools/fase1/validation.tools.js.map +1 -0
- package/dist/tools/gerar-contrato-api.d.ts +15 -0
- package/dist/tools/gerar-contrato-api.d.ts.map +1 -0
- package/dist/tools/gerar-contrato-api.js +216 -0
- package/dist/tools/gerar-contrato-api.js.map +1 -0
- package/dist/tools/iniciar-projeto.d.ts +12 -0
- package/dist/tools/iniciar-projeto.d.ts.map +1 -1
- package/dist/tools/iniciar-projeto.js +51 -17
- package/dist/tools/iniciar-projeto.js.map +1 -1
- package/dist/tools/listar-tarefas.d.ts +16 -0
- package/dist/tools/listar-tarefas.d.ts.map +1 -0
- package/dist/tools/listar-tarefas.js +215 -0
- package/dist/tools/listar-tarefas.js.map +1 -0
- package/dist/tools/phase2/architecture.tools.d.ts +37 -0
- package/dist/tools/phase2/architecture.tools.d.ts.map +1 -0
- package/dist/tools/phase2/architecture.tools.js +51 -0
- package/dist/tools/phase2/architecture.tools.js.map +1 -0
- package/dist/tools/phase2/decision.tools.d.ts +61 -0
- package/dist/tools/phase2/decision.tools.d.ts.map +1 -0
- package/dist/tools/phase2/decision.tools.js +69 -0
- package/dist/tools/phase2/decision.tools.js.map +1 -0
- package/dist/tools/phase2/index.d.ts +8 -0
- package/dist/tools/phase2/index.d.ts.map +1 -0
- package/dist/tools/phase2/index.js +16 -0
- package/dist/tools/phase2/index.js.map +1 -0
- package/dist/tools/phase2/validation.tools.d.ts +40 -0
- package/dist/tools/phase2/validation.tools.d.ts.map +1 -0
- package/dist/tools/phase2/validation.tools.js +43 -0
- package/dist/tools/phase2/validation.tools.js.map +1 -0
- package/dist/tools/phase3/atam.tools.d.ts +26 -0
- package/dist/tools/phase3/atam.tools.d.ts.map +1 -0
- package/dist/tools/phase3/atam.tools.js +48 -0
- package/dist/tools/phase3/atam.tools.js.map +1 -0
- package/dist/tools/phase3/consistency.tools.d.ts +15 -0
- package/dist/tools/phase3/consistency.tools.d.ts.map +1 -0
- package/dist/tools/phase3/consistency.tools.js +20 -0
- package/dist/tools/phase3/consistency.tools.js.map +1 -0
- package/dist/tools/phase3/context.tools.d.ts +25 -0
- package/dist/tools/phase3/context.tools.d.ts.map +1 -0
- package/dist/tools/phase3/context.tools.js +32 -0
- package/dist/tools/phase3/context.tools.js.map +1 -0
- package/dist/tools/phase3/growth.tools.d.ts +28 -0
- package/dist/tools/phase3/growth.tools.d.ts.map +1 -0
- package/dist/tools/phase3/growth.tools.js +32 -0
- package/dist/tools/phase3/growth.tools.js.map +1 -0
- package/dist/tools/phase3/index.d.ts +10 -0
- package/dist/tools/phase3/index.d.ts.map +1 -0
- package/dist/tools/phase3/index.js +10 -0
- package/dist/tools/phase3/index.js.map +1 -0
- package/dist/tools/phase3/roadmap.tools.d.ts +41 -0
- package/dist/tools/phase3/roadmap.tools.d.ts.map +1 -0
- package/dist/tools/phase3/roadmap.tools.js +44 -0
- package/dist/tools/phase3/roadmap.tools.js.map +1 -0
- package/dist/tools/phase3/strangler.tools.d.ts +37 -0
- package/dist/tools/phase3/strangler.tools.d.ts.map +1 -0
- package/dist/tools/phase3/strangler.tools.js +44 -0
- package/dist/tools/phase3/strangler.tools.js.map +1 -0
- package/dist/tools/proximo.d.ts.map +1 -1
- package/dist/tools/proximo.js +45 -8
- package/dist/tools/proximo.js.map +1 -1
- package/dist/tools/status.d.ts.map +1 -1
- package/dist/tools/status.js +28 -5
- package/dist/tools/status.js.map +1 -1
- package/dist/tools/validar-gate.d.ts.map +1 -1
- package/dist/tools/validar-gate.js +14 -0
- package/dist/tools/validar-gate.js.map +1 -1
- package/dist/types/config.d.ts +46 -0
- package/dist/types/config.d.ts.map +1 -0
- package/dist/types/config.js +162 -0
- package/dist/types/config.js.map +1 -0
- package/dist/types/index.d.ts +38 -0
- package/dist/types/index.d.ts.map +1 -1
- package/dist/types/index.js.map +1 -1
- package/dist/types/tasks.d.ts +100 -0
- package/dist/types/tasks.d.ts.map +1 -0
- package/dist/types/tasks.js +2 -0
- package/dist/types/tasks.js.map +1 -0
- package/dist/utils/__tests__/prompt-mapper.test.d.ts +2 -0
- package/dist/utils/__tests__/prompt-mapper.test.d.ts.map +1 -0
- package/dist/utils/__tests__/prompt-mapper.test.js +184 -0
- package/dist/utils/__tests__/prompt-mapper.test.js.map +1 -0
- package/dist/utils/content-injector.d.ts +1 -0
- package/dist/utils/content-injector.d.ts.map +1 -1
- package/dist/utils/content-injector.js +122 -2
- package/dist/utils/content-injector.js.map +1 -1
- package/dist/utils/files.d.ts +16 -16
- package/dist/utils/files.d.ts.map +1 -1
- package/dist/utils/files.js +59 -115
- package/dist/utils/files.js.map +1 -1
- package/dist/utils/history.d.ts +10 -0
- package/dist/utils/history.d.ts.map +1 -1
- package/dist/utils/history.js +12 -1
- package/dist/utils/history.js.map +1 -1
- package/dist/utils/prompt-mapper.d.ts +46 -0
- package/dist/utils/prompt-mapper.d.ts.map +1 -1
- package/dist/utils/prompt-mapper.js +100 -0
- package/dist/utils/prompt-mapper.js.map +1 -1
- package/package.json +5 -5
- package/dist/content/examples/Exemplo de Fluxo Completo com Java e Spring Boot.md +0 -250
- package/dist/content/examples/Exemplo de Fluxo Completo com Laravel e Filament.md +0 -278
- package/dist/content/examples/Exemplo de Fluxo Completo com Laravel e Livewire.md +0 -261
- package/dist/content/examples/Exemplo de Fluxo Completo com Node e NestJS.md +0 -258
- package/dist/content/guides/Cat/303/241logo de Stacks para Cloud Moderna.md" +0 -119
- package/dist/content/guides/Cat/303/241logo de Stacks para Hospedagem Compartilhada.md" +0 -147
- package/dist/content/guides/Checklist Mestre de Entrega.md +0 -68
- package/dist/content/guides/Gates de Qualidade.md +0 -209
- package/dist/content/guides/Guia de Adi/303/247/303/243o de Novas Funcionalidades.md" +0 -355
- package/dist/content/guides/Guia de Chaos Engineering.md +0 -267
- package/dist/content/guides/Guia de Estrat/303/251gias de Cache.md" +0 -352
- package/dist/content/guides/Guia de Migrations Zero-Downtime.md +0 -311
- package/dist/content/guides/Guia de Multi-tenancy.md +0 -368
- package/dist/content/guides/Guia de Otimiza/303/247/303/243o de Custos Cloud.md" +0 -195
- package/dist/content/guides/Guia de Refatora/303/247/303/243o de C/303/263digo Legado com IA.md" +0 -162
- package/dist/content/guides/Guia de SLOs e Error Budgets.md +0 -315
- package/dist/content/guides/M/303/251tricas de Efici/303/252ncia do Desenvolvimento com IA.md" +0 -93
- package/dist/content/guides/Rules base.md +0 -90
- package/dist/content/playbook/Playbook de Desenvolvimento com IA.md +0 -364
- package/dist/content/prompts/README.md +0 -203
- package/dist/content/prompts/acessibilidade/analise-acessibilidade.md +0 -257
- package/dist/content/prompts/apis/design-api-rest.md +0 -303
- package/dist/content/prompts/apis/idempotencia.md +0 -254
- package/dist/content/prompts/apis/versionamento.md +0 -313
- package/dist/content/prompts/arquitetura/arquitetura-c4-completo.md +0 -190
- package/dist/content/prompts/arquitetura/clean-architecture.md +0 -151
- package/dist/content/prompts/arquitetura/multi-tenancy.md +0 -235
- package/dist/content/prompts/database/migrations-zero-downtime.md +0 -192
- package/dist/content/prompts/database/otimizacao-queries.md +0 -296
- package/dist/content/prompts/desenvolvimento/code-review.md +0 -301
- package/dist/content/prompts/desenvolvimento/gerar-servico.md +0 -271
- package/dist/content/prompts/devops/docker-compose.md +0 -336
- package/dist/content/prompts/devops/feature-flags.md +0 -374
- package/dist/content/prompts/devops/kubernetes-deploy.md +0 -460
- package/dist/content/prompts/devops/pipeline-cicd.md +0 -358
- package/dist/content/prompts/devops/terraform-iac.md +0 -502
- package/dist/content/prompts/escalabilidade/analise-performance.md +0 -240
- package/dist/content/prompts/escalabilidade/analise-performance.txt +0 -94
- package/dist/content/prompts/escalabilidade/caching.md +0 -255
- package/dist/content/prompts/observabilidade/chaos-testing.md +0 -237
- package/dist/content/prompts/observabilidade/estrategia-observabilidade.md +0 -263
- package/dist/content/prompts/observabilidade/estrategia-observabilidade.txt +0 -134
- package/dist/content/prompts/observabilidade/slos.md +0 -215
- package/dist/content/prompts/produto/discovery-inicial.md +0 -203
- package/dist/content/prompts/produto/discovery-inicial.txt +0 -33
- package/dist/content/prompts/requisitos/refinar-requisitos.md +0 -232
- package/dist/content/prompts/requisitos/refinar-requisitos.txt +0 -40
- package/dist/content/prompts/seguranca/analise-seguranca.md +0 -243
- package/dist/content/prompts/seguranca/pentest-checklist.md +0 -333
- package/dist/content/prompts/seguranca/rate-limiting.md +0 -356
- package/dist/content/prompts/seguranca/revisao-lgpd.md +0 -227
- package/dist/content/prompts/seguranca/threat-modeling.md +0 -224
- package/dist/content/prompts/testes/contract-testing.md +0 -340
- package/dist/content/prompts/testes/gerar-testes-unitarios.md +0 -474
- package/dist/content/prompts/testes/testes-e2e.md +0 -460
- package/dist/content/prompts/testes/testes-integracao.md +0 -418
- package/dist/content/prompts/testes/testes-performance.md +0 -458
- package/dist/content/prompts/ux/gerar-ui-stitch.md +0 -151
- package/dist/content/specialists/Especialista em Acessibilidade.md +0 -266
- package/dist/content/specialists/Especialista em An/303/241lise de Testes.md" +0 -434
- package/dist/content/specialists/Especialista em Arquitetura Avan/303/247ada.md" +0 -358
- package/dist/content/specialists/Especialista em Arquitetura de Software.md +0 -177
- package/dist/content/specialists/Especialista em Banco de Dados.md +0 -260
- package/dist/content/specialists/Especialista em Contrato de API.md +0 -172
- package/dist/content/specialists/Especialista em Dados e Analytics com IA.md +0 -246
- package/dist/content/specialists/Especialista em Debugging e Troubleshooting.md +0 -191
- package/dist/content/specialists/Especialista em Desenvolvimento Frontend.md +0 -477
- package/dist/content/specialists/Especialista em Desenvolvimento Mobile.md +0 -241
- package/dist/content/specialists/Especialista em Desenvolvimento e Vibe Coding Estruturado.md +0 -417
- package/dist/content/specialists/Especialista em DevOps e Infraestrutura.md +0 -294
- package/dist/content/specialists/Especialista em Documenta/303/247/303/243o T/303/251cnica.md" +0 -227
- package/dist/content/specialists/Especialista em Engenharia de Requisitos com IA.md +0 -299
- package/dist/content/specialists/Especialista em Explora/303/247/303/243o de Codebase.md" +0 -179
- package/dist/content/specialists/Especialista em Gest/303/243o de Produto.md" +0 -179
- package/dist/content/specialists/Especialista em Migra/303/247/303/243o e Moderniza/303/247/303/243o.md" +0 -410
- package/dist/content/specialists/Especialista em Modelagem e Arquitetura de Dom/303/255nio com IA.md" +0 -248
- package/dist/content/specialists/Especialista em Observabilidade.md +0 -415
- package/dist/content/specialists/Especialista em Performance e Escalabilidade.md +0 -373
- package/dist/content/specialists/Especialista em Plano de Execu/303/247/303/243o com IA.md" +0 -341
- package/dist/content/specialists/Especialista em Prototipagem R/303/241pida com Google Stitch.md" +0 -419
- package/dist/content/specialists/Especialista em Seguran/303/247a da Informa/303/247/303/243o.md" +0 -508
- package/dist/content/specialists/Especialista em UX Design.md +0 -453
- package/dist/content/specialists/INDEX.md +0 -43
- package/dist/content/templates/PRD.md +0 -165
- package/dist/content/templates/README.md +0 -65
- package/dist/content/templates/adr.md +0 -103
- package/dist/content/templates/arquitetura.md +0 -279
- package/dist/content/templates/backlog.md +0 -185
- package/dist/content/templates/checklist-seguranca.md +0 -180
- package/dist/content/templates/contexto.md +0 -120
- package/dist/content/templates/criterios-aceite.md +0 -99
- package/dist/content/templates/design-banco.md +0 -270
- package/dist/content/templates/design-doc.md +0 -240
- package/dist/content/templates/feature.md +0 -88
- package/dist/content/templates/historia-backend.md +0 -84
- package/dist/content/templates/historia-frontend.md +0 -75
- package/dist/content/templates/historia-usuario.md +0 -125
- package/dist/content/templates/mapa-navegacao.md +0 -133
- package/dist/content/templates/matriz-rastreabilidade.md +0 -121
- package/dist/content/templates/modelo-dominio.md +0 -219
- package/dist/content/templates/plano-testes.md +0 -199
- package/dist/content/templates/prototipo-stitch.md +0 -138
- package/dist/content/templates/requisitos.md +0 -162
- package/dist/content/templates/slo-sli.md +0 -197
- /package/dist/content/{guides/Guia de Debugging com IA.md → skills/specialist-debugging-troubleshooting/resources/reference/debugging-ai-guide.md} +0 -0
- /package/dist/content/{prompts/arquitetura → skills/specialist-modelagem-dominio/resources/prompts}/ddd-bounded-contexts.md +0 -0
- /package/dist/content/{prompts/arquitetura → skills/specialist-modelagem-dominio/resources/prompts}/ddd-cqrs.md +0 -0
- /package/dist/content/{prompts/arquitetura → skills/specialist-modelagem-dominio/resources/prompts}/modelo-dominio.md +0 -0
package/dist/content/skills/specialist-seguranca-informacao/resources/reference/security-guide.md
ADDED
|
@@ -0,0 +1,757 @@
|
|
|
1
|
+
# 📚 Guia Completo de Segurança da Informação
|
|
2
|
+
|
|
3
|
+
## 🎯 Visão Geral
|
|
4
|
+
|
|
5
|
+
Guia abrangente para implementação de segurança em sistemas modernos, cobrindo OWASP Top 10, compliance regulatório, threat modeling e melhores práticas da indústria.
|
|
6
|
+
|
|
7
|
+
## 🏗️ Fundamentos de Segurança
|
|
8
|
+
|
|
9
|
+
### Princípios Core
|
|
10
|
+
|
|
11
|
+
#### 1. Principle of Least Privilege
|
|
12
|
+
```text
|
|
13
|
+
Cada usuário/sistema deve ter apenas o acesso mínimo necessário para executar suas funções.
|
|
14
|
+
```
|
|
15
|
+
|
|
16
|
+
**Implementação:**
|
|
17
|
+
- RBAC (Role-Based Access Control)
|
|
18
|
+
- ABAC (Attribute-Based Access Control)
|
|
19
|
+
- Segregação de duties
|
|
20
|
+
- Revisão periódica de permissões
|
|
21
|
+
|
|
22
|
+
#### 2. Defense in Depth
|
|
23
|
+
```text
|
|
24
|
+
Múltiplas camadas de segurança para proteção em profundidade.
|
|
25
|
+
```
|
|
26
|
+
|
|
27
|
+
**Camadas:**
|
|
28
|
+
- **Network:** Firewalls, WAF, DDoS protection
|
|
29
|
+
- **Application:** Input validation, authentication, authorization
|
|
30
|
+
- **Data:** Encryption, masking, access controls
|
|
31
|
+
- **Physical:** Data center security, access controls
|
|
32
|
+
|
|
33
|
+
#### 3. Secure by Default
|
|
34
|
+
```text
|
|
35
|
+
Sistemas devem ser seguros por padrão, sem configuração manual.
|
|
36
|
+
```
|
|
37
|
+
|
|
38
|
+
**Práticas:**
|
|
39
|
+
- Configurações seguras out-of-the-box
|
|
40
|
+
- Headers de segurança automáticos
|
|
41
|
+
- Criptografia habilitada por padrão
|
|
42
|
+
- Logging de segurança ativo
|
|
43
|
+
|
|
44
|
+
## 🔒 OWASP Top 10 2025 - Guia Detalhado
|
|
45
|
+
|
|
46
|
+
### 1. Broken Access Control
|
|
47
|
+
|
|
48
|
+
#### Identificação
|
|
49
|
+
```python
|
|
50
|
+
# Exemplo de vulnerabilidade
|
|
51
|
+
@app.get("/admin/users/{user_id}")
|
|
52
|
+
def get_user(user_id: int, current_user: User):
|
|
53
|
+
# VULNERABILIDADE: Qualquer usuário pode acessar qualquer usuário
|
|
54
|
+
return get_user_by_id(user_id)
|
|
55
|
+
```
|
|
56
|
+
|
|
57
|
+
#### Mitigação
|
|
58
|
+
```python
|
|
59
|
+
# Exemplo seguro
|
|
60
|
+
@app.get("/admin/users/{user_id}")
|
|
61
|
+
def get_user(user_id: int, current_user: User):
|
|
62
|
+
# MITIGAÇÃO: Verificar permissão
|
|
63
|
+
if not has_permission(current_user, "read_user", user_id):
|
|
64
|
+
raise HTTPException(403, "Forbidden")
|
|
65
|
+
return get_user_by_id(user_id)
|
|
66
|
+
|
|
67
|
+
def has_permission(user: User, action: str, resource_id: int) -> bool:
|
|
68
|
+
return any(
|
|
69
|
+
perm.action == action and
|
|
70
|
+
(perm.resource_id is None or perm.resource_id == resource_id)
|
|
71
|
+
for perm in user.permissions
|
|
72
|
+
)
|
|
73
|
+
```
|
|
74
|
+
|
|
75
|
+
#### Best Practices
|
|
76
|
+
- Implementar RBAC em todas as camadas
|
|
77
|
+
- Validar autorização em cada request
|
|
78
|
+
- Usar deny-by-default
|
|
79
|
+
- Implementar rate limiting
|
|
80
|
+
|
|
81
|
+
### 2. Cryptographic Failures
|
|
82
|
+
|
|
83
|
+
#### Identificação
|
|
84
|
+
```python
|
|
85
|
+
# Exemplo vulnerável
|
|
86
|
+
def encrypt_password(password: str) -> str:
|
|
87
|
+
# VULNERABILIDADE: MD5 é quebrado
|
|
88
|
+
import hashlib
|
|
89
|
+
return hashlib.md5(password.encode()).hexdigest()
|
|
90
|
+
```
|
|
91
|
+
|
|
92
|
+
#### Mitigação
|
|
93
|
+
```python
|
|
94
|
+
# Exemplo seguro
|
|
95
|
+
def hash_password(password: str) -> str:
|
|
96
|
+
# MITIGAÇÃO: Argon2id com salt
|
|
97
|
+
import argon2
|
|
98
|
+
hasher = argon2.PasswordHasher()
|
|
99
|
+
return hasher.hash(password)
|
|
100
|
+
|
|
101
|
+
def verify_password(hash: str, password: str) -> bool:
|
|
102
|
+
try:
|
|
103
|
+
import argon2
|
|
104
|
+
hasher = argon2.PasswordHasher()
|
|
105
|
+
return hasher.verify(hash, password)
|
|
106
|
+
except:
|
|
107
|
+
return False
|
|
108
|
+
```
|
|
109
|
+
|
|
110
|
+
#### Best Practices
|
|
111
|
+
- Usar algoritmos modernos (Argon2id, bcrypt, scrypt)
|
|
112
|
+
- Implementar TLS 1.3+ em trânsito
|
|
113
|
+
- Usar AES-256-GCM para dados em repouso
|
|
114
|
+
- Gerenciamento seguro de chaves
|
|
115
|
+
|
|
116
|
+
### 3. Injection
|
|
117
|
+
|
|
118
|
+
#### Identificação
|
|
119
|
+
```python
|
|
120
|
+
# Exemplo vulnerável
|
|
121
|
+
def get_user_by_email(email: str):
|
|
122
|
+
# VULNERABILIDADE: SQL injection
|
|
123
|
+
query = f"SELECT * FROM users WHERE email = '{email}'"
|
|
124
|
+
return db.execute(query)
|
|
125
|
+
```
|
|
126
|
+
|
|
127
|
+
#### Mitigação
|
|
128
|
+
```python
|
|
129
|
+
# Exemplo seguro
|
|
130
|
+
def get_user_by_email(email: str):
|
|
131
|
+
# MITIGAÇÃO: Parameterized query
|
|
132
|
+
query = "SELECT * FROM users WHERE email = %s"
|
|
133
|
+
return db.execute(query, (email,))
|
|
134
|
+
|
|
135
|
+
# Ou usando ORM
|
|
136
|
+
def get_user_by_email(email: str):
|
|
137
|
+
# MITIGAÇÃO: ORM com proteção built-in
|
|
138
|
+
return User.objects.filter(email=email).first()
|
|
139
|
+
```
|
|
140
|
+
|
|
141
|
+
#### Best Practices
|
|
142
|
+
- Usar ORMs com parameterized queries
|
|
143
|
+
- Validar todos os inputs
|
|
144
|
+
- Implementar input sanitization
|
|
145
|
+
- Usar stored procedures quando possível
|
|
146
|
+
|
|
147
|
+
### 4. Insecure Design
|
|
148
|
+
|
|
149
|
+
#### Identificação
|
|
150
|
+
```python
|
|
151
|
+
# Exemplo vulnerável
|
|
152
|
+
class BankTransfer:
|
|
153
|
+
def transfer(self, from_account, to_account, amount):
|
|
154
|
+
# VULNERABILIDADE: Não valida limite diário
|
|
155
|
+
if from_account.balance >= amount:
|
|
156
|
+
from_account.balance -= amount
|
|
157
|
+
to_account.balance += amount
|
|
158
|
+
return True
|
|
159
|
+
return False
|
|
160
|
+
```
|
|
161
|
+
|
|
162
|
+
#### Mitigação
|
|
163
|
+
```python
|
|
164
|
+
# Exemplo seguro
|
|
165
|
+
class BankTransfer:
|
|
166
|
+
def __init__(self):
|
|
167
|
+
self.daily_limits = {}
|
|
168
|
+
|
|
169
|
+
def transfer(self, from_account, to_account, amount):
|
|
170
|
+
# MITIGAÇÃO: Validar limite diário
|
|
171
|
+
daily_total = self.daily_limits.get(from_account.id, 0)
|
|
172
|
+
if daily_total + amount > from_account.daily_limit:
|
|
173
|
+
raise ValueError("Daily limit exceeded")
|
|
174
|
+
|
|
175
|
+
if from_account.balance >= amount:
|
|
176
|
+
from_account.balance -= amount
|
|
177
|
+
to_account.balance += amount
|
|
178
|
+
self.daily_limits[from_account.id] = daily_total + amount
|
|
179
|
+
return True
|
|
180
|
+
return False
|
|
181
|
+
```
|
|
182
|
+
|
|
183
|
+
#### Best Practices
|
|
184
|
+
- Implementar threat modeling
|
|
185
|
+
- Usar secure-by-default patterns
|
|
186
|
+
- Validar business logic
|
|
187
|
+
- Implementar rate limiting
|
|
188
|
+
|
|
189
|
+
### 5. Security Misconfiguration
|
|
190
|
+
|
|
191
|
+
#### Identificação
|
|
192
|
+
```yaml
|
|
193
|
+
# Exemplo vulnerável (docker-compose.yml)
|
|
194
|
+
version: '3.8'
|
|
195
|
+
services:
|
|
196
|
+
app:
|
|
197
|
+
image: myapp:latest
|
|
198
|
+
ports:
|
|
199
|
+
- "80:80" # VULNERABILIDADE: Porta admin exposta
|
|
200
|
+
environment:
|
|
201
|
+
- DEBUG=true # VULNERABILIDADE: Debug em produção
|
|
202
|
+
- SECRET_KEY=secret123 # VULNERABILIDADE: Hardcoded secret
|
|
203
|
+
```
|
|
204
|
+
|
|
205
|
+
#### Mitigação
|
|
206
|
+
```yaml
|
|
207
|
+
# Exemplo seguro
|
|
208
|
+
version: '3.8'
|
|
209
|
+
services:
|
|
210
|
+
app:
|
|
211
|
+
image: myapp:${VERSION}
|
|
212
|
+
ports:
|
|
213
|
+
- "127.0.0.1:8080:80" # MITIGAÇÃO: Apenas localhost
|
|
214
|
+
environment:
|
|
215
|
+
- DEBUG=false # MITIGAÇÃO: Debug desabilitado
|
|
216
|
+
- SECRET_KEY_FILE=/run/secrets/app_secret # MITIGAÇÃO: Secret do Docker
|
|
217
|
+
secrets:
|
|
218
|
+
- app_secret
|
|
219
|
+
secrets:
|
|
220
|
+
app_secret:
|
|
221
|
+
external: true
|
|
222
|
+
```
|
|
223
|
+
|
|
224
|
+
#### Best Practices
|
|
225
|
+
- Remover defaults e features desnecessárias
|
|
226
|
+
- Implementar hardening de servidores
|
|
227
|
+
- Usar secrets management
|
|
228
|
+
- Configurar headers de segurança
|
|
229
|
+
|
|
230
|
+
### 6. Vulnerable Components
|
|
231
|
+
|
|
232
|
+
#### Identificação
|
|
233
|
+
```json
|
|
234
|
+
// package.json vulnerável
|
|
235
|
+
{
|
|
236
|
+
"dependencies": {
|
|
237
|
+
"express": "4.16.0", // VULNERABILIDADE: Versão antiga
|
|
238
|
+
"lodash": "4.17.10", // VULNERABILIDADE: Versão com CVE
|
|
239
|
+
"request": "2.88.0" // VULNERABILIDADE: Biblioteca depreciada
|
|
240
|
+
}
|
|
241
|
+
}
|
|
242
|
+
```
|
|
243
|
+
|
|
244
|
+
#### Mitigação
|
|
245
|
+
```json
|
|
246
|
+
// package.json seguro
|
|
247
|
+
{
|
|
248
|
+
"dependencies": {
|
|
249
|
+
"express": "^4.18.2", // MITIGAÇÃO: Versão atual
|
|
250
|
+
"lodash": "^4.17.21", // MITIGAÇÃO: Versão sem CVEs
|
|
251
|
+
"axios": "^1.6.0" // MITIGAÇÃO: Biblioteca mantida
|
|
252
|
+
},
|
|
253
|
+
"scripts": {
|
|
254
|
+
"audit": "npm audit && npm audit fix",
|
|
255
|
+
"audit-ci": "npm audit --audit-level moderate"
|
|
256
|
+
}
|
|
257
|
+
}
|
|
258
|
+
```
|
|
259
|
+
|
|
260
|
+
#### Best Practices
|
|
261
|
+
- Scannear dependências regularmente
|
|
262
|
+
- Usar lock files
|
|
263
|
+
- Implementar SBOM
|
|
264
|
+
- Manter dependências atualizadas
|
|
265
|
+
|
|
266
|
+
### 7. Identification and Authentication Failures
|
|
267
|
+
|
|
268
|
+
#### Identificação
|
|
269
|
+
```python
|
|
270
|
+
# Exemplo vulnerável
|
|
271
|
+
@app.post("/login")
|
|
272
|
+
def login(username: str, password: str):
|
|
273
|
+
user = get_user(username)
|
|
274
|
+
# VULNERABILIDADE: Senha em plaintext
|
|
275
|
+
if user and user.password == password:
|
|
276
|
+
return {"token": generate_token(user.id)}
|
|
277
|
+
return {"error": "Invalid credentials"}
|
|
278
|
+
```
|
|
279
|
+
|
|
280
|
+
#### Mitigação
|
|
281
|
+
```python
|
|
282
|
+
# Exemplo seguro
|
|
283
|
+
@app.post("/login")
|
|
284
|
+
def login(username: str, password: str, totp_code: str = None):
|
|
285
|
+
user = get_user(username)
|
|
286
|
+
|
|
287
|
+
# MITIGAÇÃO: Rate limiting
|
|
288
|
+
if is_rate_limited(username):
|
|
289
|
+
raise HTTPException(429, "Too many attempts")
|
|
290
|
+
|
|
291
|
+
# MITIGAÇÃO: Password hashing
|
|
292
|
+
if not user or not verify_password(user.password_hash, password):
|
|
293
|
+
increment_failed_attempts(username)
|
|
294
|
+
raise HTTPException(401, "Invalid credentials")
|
|
295
|
+
|
|
296
|
+
# MITIGAÇÃO: MFA
|
|
297
|
+
if user.mfa_enabled and not verify_totp(user.totp_secret, totp_code):
|
|
298
|
+
raise HTTPException(401, "Invalid MFA code")
|
|
299
|
+
|
|
300
|
+
reset_failed_attempts(username)
|
|
301
|
+
return {"token": generate_token(user.id)}
|
|
302
|
+
```
|
|
303
|
+
|
|
304
|
+
#### Best Practices
|
|
305
|
+
- Implementar MFA
|
|
306
|
+
- Usar password hashing forte
|
|
307
|
+
- Implementar rate limiting
|
|
308
|
+
- Monitorar tentativas de login
|
|
309
|
+
|
|
310
|
+
### 8. Software and Data Integrity Failures
|
|
311
|
+
|
|
312
|
+
#### Identificação
|
|
313
|
+
```bash
|
|
314
|
+
# Exemplo vulnerável
|
|
315
|
+
curl -X POST https://api.example.com/webhook \
|
|
316
|
+
-H "Content-Type: application/json" \
|
|
317
|
+
-d '{"event": "payment", "data": {...}}'
|
|
318
|
+
# VULNERABILIDADE: Sem verificação de assinatura
|
|
319
|
+
```
|
|
320
|
+
|
|
321
|
+
#### Mitigação
|
|
322
|
+
```python
|
|
323
|
+
# Exemplo seguro
|
|
324
|
+
@app.post("/webhook")
|
|
325
|
+
def webhook(request: Request):
|
|
326
|
+
# MITIGAÇÃO: Verificar assinatura
|
|
327
|
+
signature = request.headers.get("X-Signature")
|
|
328
|
+
if not verify_webhook_signature(request.body, signature):
|
|
329
|
+
raise HTTPException(401, "Invalid signature")
|
|
330
|
+
|
|
331
|
+
# MITIGAÇÃO: Validar timestamp
|
|
332
|
+
timestamp = request.headers.get("X-Timestamp")
|
|
333
|
+
if not is_recent_timestamp(timestamp):
|
|
334
|
+
raise HTTPException(401, "Expired request")
|
|
335
|
+
|
|
336
|
+
return process_webhook(request.json())
|
|
337
|
+
|
|
338
|
+
def verify_webhook_signature(payload: bytes, signature: str) -> bool:
|
|
339
|
+
secret = get_webhook_secret()
|
|
340
|
+
expected = hmac.new(secret, payload, hashlib.sha256).hexdigest()
|
|
341
|
+
return hmac.compare_digest(expected, signature)
|
|
342
|
+
```
|
|
343
|
+
|
|
344
|
+
#### Best Practices
|
|
345
|
+
- Implementar code signing
|
|
346
|
+
- Verificar integridade de pacotes
|
|
347
|
+
- Usar checksums
|
|
348
|
+
- Implementar CI/CD seguro
|
|
349
|
+
|
|
350
|
+
### 9. Security Logging and Monitoring Failures
|
|
351
|
+
|
|
352
|
+
#### Identificação
|
|
353
|
+
```python
|
|
354
|
+
# Exemplo vulnerável
|
|
355
|
+
@app.post("/transfer")
|
|
356
|
+
def transfer(from_account: int, to_account: int, amount: float):
|
|
357
|
+
# VULNERABILIDADE: Sem logging de segurança
|
|
358
|
+
if from_account.balance >= amount:
|
|
359
|
+
from_account.balance -= amount
|
|
360
|
+
to_account.balance += amount
|
|
361
|
+
return {"success": True}
|
|
362
|
+
return {"error": "Insufficient funds"}
|
|
363
|
+
```
|
|
364
|
+
|
|
365
|
+
#### Mitigação
|
|
366
|
+
```python
|
|
367
|
+
# Exemplo seguro
|
|
368
|
+
import structlog
|
|
369
|
+
|
|
370
|
+
logger = structlog.get_logger()
|
|
371
|
+
|
|
372
|
+
@app.post("/transfer")
|
|
373
|
+
def transfer(from_account: int, to_account: int, amount: float, current_user: User):
|
|
374
|
+
# MITIGAÇÃO: Logging estruturado
|
|
375
|
+
logger.info(
|
|
376
|
+
"transfer_initiated",
|
|
377
|
+
user_id=current_user.id,
|
|
378
|
+
from_account=from_account,
|
|
379
|
+
to_account=to_account,
|
|
380
|
+
amount=amount,
|
|
381
|
+
ip_address=request.client.host
|
|
382
|
+
)
|
|
383
|
+
|
|
384
|
+
if from_account.balance >= amount:
|
|
385
|
+
from_account.balance -= amount
|
|
386
|
+
to_account.balance += amount
|
|
387
|
+
|
|
388
|
+
# MITIGAÇÃO: Log de sucesso
|
|
389
|
+
logger.info(
|
|
390
|
+
"transfer_completed",
|
|
391
|
+
user_id=current_user.id,
|
|
392
|
+
transaction_id=generate_transaction_id(),
|
|
393
|
+
amount=amount
|
|
394
|
+
)
|
|
395
|
+
|
|
396
|
+
return {"success": True}
|
|
397
|
+
|
|
398
|
+
# MITIGAÇÃO: Log de falha
|
|
399
|
+
logger.warning(
|
|
400
|
+
"transfer_failed",
|
|
401
|
+
user_id=current_user.id,
|
|
402
|
+
reason="insufficient_funds",
|
|
403
|
+
amount=amount,
|
|
404
|
+
balance=from_account.balance
|
|
405
|
+
)
|
|
406
|
+
|
|
407
|
+
return {"error": "Insufficient funds"}
|
|
408
|
+
```
|
|
409
|
+
|
|
410
|
+
#### Best Practices
|
|
411
|
+
- Logar eventos de segurança
|
|
412
|
+
- Usar logging estruturado
|
|
413
|
+
- Implementar alerting
|
|
414
|
+
- Centralizar logs
|
|
415
|
+
|
|
416
|
+
### 10. Server-Side Request Forgery (SSRF)
|
|
417
|
+
|
|
418
|
+
#### Identificação
|
|
419
|
+
```python
|
|
420
|
+
# Exemplo vulnerável
|
|
421
|
+
@app.get("/fetch-url")
|
|
422
|
+
def fetch_url(url: str):
|
|
423
|
+
# VULNERABILIDADE: Permite qualquer URL
|
|
424
|
+
response = requests.get(url)
|
|
425
|
+
return response.json()
|
|
426
|
+
```
|
|
427
|
+
|
|
428
|
+
#### Mitigação
|
|
429
|
+
```python
|
|
430
|
+
# Exemplo seguro
|
|
431
|
+
import ipaddress
|
|
432
|
+
from urllib.parse import urlparse
|
|
433
|
+
|
|
434
|
+
ALLOWED_DOMAINS = ["api.example.com", "cdn.example.com"]
|
|
435
|
+
|
|
436
|
+
@app.get("/fetch-url")
|
|
437
|
+
def fetch_url(url: str):
|
|
438
|
+
# MITIGAÇÃO: Validar URL
|
|
439
|
+
parsed = urlparse(url)
|
|
440
|
+
|
|
441
|
+
# Validar protocolo
|
|
442
|
+
if parsed.scheme not in ["http", "https"]:
|
|
443
|
+
raise HTTPException(400, "Invalid protocol")
|
|
444
|
+
|
|
445
|
+
# Validar domínio
|
|
446
|
+
if parsed.netloc not in ALLOWED_DOMAINS:
|
|
447
|
+
raise HTTPException(400, "Domain not allowed")
|
|
448
|
+
|
|
449
|
+
# Validar IP (prevenir DNS rebinding)
|
|
450
|
+
try:
|
|
451
|
+
ip = ipaddress.ip_address(parsed.hostname)
|
|
452
|
+
if ip.is_private or ip.is_loopback:
|
|
453
|
+
raise HTTPException(400, "Private IP not allowed")
|
|
454
|
+
except ValueError:
|
|
455
|
+
pass # Hostname, validado acima
|
|
456
|
+
|
|
457
|
+
# MITIGAÇÃO: Timeout e validação
|
|
458
|
+
response = requests.get(url, timeout=10)
|
|
459
|
+
return response.json()
|
|
460
|
+
```
|
|
461
|
+
|
|
462
|
+
#### Best Practices
|
|
463
|
+
- Implementar allowlist de domínios
|
|
464
|
+
- Validar endereços IP
|
|
465
|
+
- Usar timeouts
|
|
466
|
+
- Implementar network segmentation
|
|
467
|
+
|
|
468
|
+
## 🛡️ Supply Chain Security
|
|
469
|
+
|
|
470
|
+
### Dependency Management
|
|
471
|
+
|
|
472
|
+
#### Scanning Automatizado
|
|
473
|
+
```yaml
|
|
474
|
+
# .github/workflows/security.yml
|
|
475
|
+
name: Security Scan
|
|
476
|
+
on: [push, pull_request]
|
|
477
|
+
|
|
478
|
+
jobs:
|
|
479
|
+
security:
|
|
480
|
+
runs-on: ubuntu-latest
|
|
481
|
+
steps:
|
|
482
|
+
- uses: actions/checkout@v4
|
|
483
|
+
|
|
484
|
+
- name: Node.js audit
|
|
485
|
+
run: |
|
|
486
|
+
npm audit --audit-level moderate
|
|
487
|
+
npm audit fix
|
|
488
|
+
|
|
489
|
+
- name: Python security scan
|
|
490
|
+
run: |
|
|
491
|
+
pip-audit
|
|
492
|
+
safety check
|
|
493
|
+
|
|
494
|
+
- name: Generate SBOM
|
|
495
|
+
run: |
|
|
496
|
+
syft dir:. -o spdx-json > sbom.json
|
|
497
|
+
|
|
498
|
+
- name: Container scan
|
|
499
|
+
run: |
|
|
500
|
+
docker build -t myapp .
|
|
501
|
+
trivy image --severity HIGH,CRITICAL myapp
|
|
502
|
+
```
|
|
503
|
+
|
|
504
|
+
#### Private Registry
|
|
505
|
+
```bash
|
|
506
|
+
# Configurar npm private registry
|
|
507
|
+
npm config set @company:registry https://npm.company.com
|
|
508
|
+
npm config set //npm.company.com/:_authToken ${NPM_TOKEN}
|
|
509
|
+
|
|
510
|
+
# Configurar Python private registry
|
|
511
|
+
pip config set global.index-url https://pypi.company.com/simple
|
|
512
|
+
pip config set global.extra-index-url https://pypi.org/simple
|
|
513
|
+
```
|
|
514
|
+
|
|
515
|
+
### Code Signing
|
|
516
|
+
|
|
517
|
+
#### GPG Signing
|
|
518
|
+
```bash
|
|
519
|
+
# Assinar commits
|
|
520
|
+
git config user.signingkey YOUR_GPG_KEY_ID
|
|
521
|
+
git config commit.gpgsign true
|
|
522
|
+
|
|
523
|
+
# Assinar tags
|
|
524
|
+
git tag -s v1.0.0 -m "Release v1.0.0"
|
|
525
|
+
```
|
|
526
|
+
|
|
527
|
+
#### Container Signing
|
|
528
|
+
```bash
|
|
529
|
+
# Assinar imagem Docker
|
|
530
|
+
COSIGN_EXPERIMENTAL=1 cosign sign \
|
|
531
|
+
--key cosign.key \
|
|
532
|
+
myapp:latest
|
|
533
|
+
|
|
534
|
+
# Verificar assinatura
|
|
535
|
+
cosign verify \
|
|
536
|
+
--key cosign.pub \
|
|
537
|
+
myapp:latest
|
|
538
|
+
```
|
|
539
|
+
|
|
540
|
+
## 📊 Compliance Regulatório
|
|
541
|
+
|
|
542
|
+
### LGPD (Lei Geral de Proteção de Dados)
|
|
543
|
+
|
|
544
|
+
#### Requisitos Principais
|
|
545
|
+
- **Base legal:** Identificar base legal para tratamento
|
|
546
|
+
- **Consentimento:** Obter consentimento explícito
|
|
547
|
+
- **Direitos dos titulares:** Implementar direitos LGPD
|
|
548
|
+
- **Data Protection Officer:** Designar DPO
|
|
549
|
+
- **Incident response:** Plano para vazamento de dados
|
|
550
|
+
|
|
551
|
+
#### Implementação
|
|
552
|
+
```python
|
|
553
|
+
# Sistema de consentimento LGPD
|
|
554
|
+
class ConsentManager:
|
|
555
|
+
def __init__(self):
|
|
556
|
+
self.consents = {}
|
|
557
|
+
|
|
558
|
+
def record_consent(self, user_id: int, purpose: str, consent: bool):
|
|
559
|
+
self.consents[user_id] = self.consents.get(user_id, {})
|
|
560
|
+
self.consents[user_id][purpose] = {
|
|
561
|
+
"consent": consent,
|
|
562
|
+
"timestamp": datetime.now(),
|
|
563
|
+
"ip_address": request.client.host,
|
|
564
|
+
"user_agent": request.headers.get("User-Agent")
|
|
565
|
+
}
|
|
566
|
+
|
|
567
|
+
def has_consent(self, user_id: int, purpose: str) -> bool:
|
|
568
|
+
return self.consents.get(user_id, {}).get(purpose, {}).get("consent", False)
|
|
569
|
+
|
|
570
|
+
def delete_user_data(self, user_id: int):
|
|
571
|
+
# Direito ao esquecimento
|
|
572
|
+
User.objects.filter(id=user_id).delete()
|
|
573
|
+
self.consents.pop(user_id, None)
|
|
574
|
+
```
|
|
575
|
+
|
|
576
|
+
### PCI-DSS
|
|
577
|
+
|
|
578
|
+
#### Requisitos Principais
|
|
579
|
+
- **Network security:** Firewall configurado
|
|
580
|
+
- **Data protection:** Criptografia de dados de cartão
|
|
581
|
+
- **Vulnerability management:** Scanning regular
|
|
582
|
+
- **Access control:** Controle de acesso restrito
|
|
583
|
+
- **Monitoring:** Logging e monitoramento
|
|
584
|
+
|
|
585
|
+
#### Implementação
|
|
586
|
+
```python
|
|
587
|
+
# Tokenização de dados de cartão
|
|
588
|
+
class PaymentTokenizer:
|
|
589
|
+
def __init__(self):
|
|
590
|
+
self.vault = PaymentVault()
|
|
591
|
+
|
|
592
|
+
def tokenize_card(self, card_number: str, expiry: str, cvv: str) -> str:
|
|
593
|
+
# Armazenar dados seguros no vault
|
|
594
|
+
token = self.vault.store_card({
|
|
595
|
+
"number": card_number,
|
|
596
|
+
"expiry": expiry,
|
|
597
|
+
"cvv": cvv
|
|
598
|
+
})
|
|
599
|
+
return token
|
|
600
|
+
|
|
601
|
+
def detokenize_card(self, token: str) -> dict:
|
|
602
|
+
return self.vault.retrieve_card(token)
|
|
603
|
+
|
|
604
|
+
# Processamento de pagamento seguro
|
|
605
|
+
@app.post("/payment")
|
|
606
|
+
def process_payment(token: str, amount: float, current_user: User):
|
|
607
|
+
# Usar token em vez de dados brutos
|
|
608
|
+
card_data = tokenizer.detokenize_card(token)
|
|
609
|
+
|
|
610
|
+
# Processar pagamento via gateway seguro
|
|
611
|
+
result = payment_gateway.charge(card_data, amount)
|
|
612
|
+
|
|
613
|
+
# Log sem dados sensíveis
|
|
614
|
+
logger.info(
|
|
615
|
+
"payment_processed",
|
|
616
|
+
user_id=current_user.id,
|
|
617
|
+
amount=amount,
|
|
618
|
+
token=token[:8] + "...", # Token mascarado
|
|
619
|
+
result=result["status"]
|
|
620
|
+
)
|
|
621
|
+
|
|
622
|
+
return result
|
|
623
|
+
```
|
|
624
|
+
|
|
625
|
+
## 🔍 Threat Modeling
|
|
626
|
+
|
|
627
|
+
### STRIDE Model
|
|
628
|
+
|
|
629
|
+
#### Spoofing
|
|
630
|
+
- **Identificação:** Alguém se passando por outro usuário/sistema
|
|
631
|
+
- **Mitigação:** Autenticação forte, MFA, certificados digitais
|
|
632
|
+
|
|
633
|
+
#### Tampering
|
|
634
|
+
- **Identificação:** Modificação não autorizada de dados
|
|
635
|
+
- **Mitigação:** Integridade de dados, assinaturas digitais, checksums
|
|
636
|
+
|
|
637
|
+
#### Repudiation
|
|
638
|
+
- **Identificação:** Negação de ações realizadas
|
|
639
|
+
- **Mitigação:** Audit trails completos, não-repúdio, logging
|
|
640
|
+
|
|
641
|
+
#### Information Disclosure
|
|
642
|
+
- **Identificação:** Exposição não autorizada de informações
|
|
643
|
+
- **Mitigação:** Criptografia, controle de acesso, data masking
|
|
644
|
+
|
|
645
|
+
#### Denial of Service
|
|
646
|
+
- **Identificação:** Indisponibilidade do serviço
|
|
647
|
+
- **Mitigação:** Rate limiting, DDoS protection, redundância
|
|
648
|
+
|
|
649
|
+
#### Elevation of Privilege
|
|
650
|
+
- **Identificação:** Escalonamento de privilégios não autorizado
|
|
651
|
+
- **Mitigação:** Principle of least privilege, validação de permissões
|
|
652
|
+
|
|
653
|
+
### Processo de Threat Modeling
|
|
654
|
+
|
|
655
|
+
#### 1. Identificar Assets
|
|
656
|
+
```text
|
|
657
|
+
Assets críticos:
|
|
658
|
+
- Dados de clientes (PII)
|
|
659
|
+
- Informações financeiras
|
|
660
|
+
- Propriedade intelectual
|
|
661
|
+
- Credenciais de acesso
|
|
662
|
+
```
|
|
663
|
+
|
|
664
|
+
#### 2. Mapear Fluxos de Dados
|
|
665
|
+
```mermaid
|
|
666
|
+
graph TD
|
|
667
|
+
A[Cliente] --> B[Load Balancer]
|
|
668
|
+
B --> C[API Gateway]
|
|
669
|
+
C --> D[Microserviço]
|
|
670
|
+
D --> E[Database]
|
|
671
|
+
D --> F[Cache]
|
|
672
|
+
D --> G[External API]
|
|
673
|
+
```
|
|
674
|
+
|
|
675
|
+
#### 3. Identificar Threats
|
|
676
|
+
```text
|
|
677
|
+
Para cada componente:
|
|
678
|
+
- Quais são as possíveis ameaças?
|
|
679
|
+
- Qual o impacto de cada ameaça?
|
|
680
|
+
- Qual a probabilidade de ocorrência?
|
|
681
|
+
```
|
|
682
|
+
|
|
683
|
+
#### 4. Definir Mitigações
|
|
684
|
+
```text
|
|
685
|
+
Para cada ameaça:
|
|
686
|
+
- Controles preventivos
|
|
687
|
+
- Controles detectivos
|
|
688
|
+
- Controles corretivos
|
|
689
|
+
```
|
|
690
|
+
|
|
691
|
+
## 📈 Security Metrics
|
|
692
|
+
|
|
693
|
+
### KPIs de Segurança
|
|
694
|
+
|
|
695
|
+
#### Technical Metrics
|
|
696
|
+
- **MTTD (Mean Time to Detect):** Tempo médio para detectar incidentes
|
|
697
|
+
- **MTTR (Mean Time to Respond):** Tempo médio para responder
|
|
698
|
+
- **Vulnerability Coverage:** Percentual de vulnerabilidades mitigadas
|
|
699
|
+
- **Patch Time:** Tempo para aplicar patches críticos
|
|
700
|
+
|
|
701
|
+
#### Business Metrics
|
|
702
|
+
- **Security Incidents:** Número de incidentes por mês
|
|
703
|
+
- **Data Breach Cost:** Custo médio de vazamento de dados
|
|
704
|
+
- **Compliance Score:** Percentual de conformidade
|
|
705
|
+
- **Security ROI:** Retorno sobre investimento em segurança
|
|
706
|
+
|
|
707
|
+
### Dashboard Example
|
|
708
|
+
```json
|
|
709
|
+
{
|
|
710
|
+
"security_dashboard": {
|
|
711
|
+
"overview": {
|
|
712
|
+
"security_score": 92,
|
|
713
|
+
"active_incidents": 2,
|
|
714
|
+
"open_vulnerabilities": 15,
|
|
715
|
+
"compliance_status": "98%"
|
|
716
|
+
},
|
|
717
|
+
"metrics": {
|
|
718
|
+
"mttp": "4.2 hours",
|
|
719
|
+
"mttr": "1.8 hours",
|
|
720
|
+
"patch_coverage": "96%",
|
|
721
|
+
"false_positive_rate": "2.1%"
|
|
722
|
+
},
|
|
723
|
+
"trends": {
|
|
724
|
+
"incidents_trend": "down",
|
|
725
|
+
"vulnerabilities_trend": "stable",
|
|
726
|
+
"compliance_trend": "up"
|
|
727
|
+
}
|
|
728
|
+
}
|
|
729
|
+
}
|
|
730
|
+
```
|
|
731
|
+
|
|
732
|
+
## 🚀 Best Practices Summary
|
|
733
|
+
|
|
734
|
+
### Development
|
|
735
|
+
- ✅ Secure coding practices
|
|
736
|
+
- ✅ Code reviews com foco em segurança
|
|
737
|
+
- ✅ Automated security testing
|
|
738
|
+
- ✅ Dependency scanning
|
|
739
|
+
|
|
740
|
+
### Operations
|
|
741
|
+
- ✅ Infrastructure as code seguro
|
|
742
|
+
- ✅ Immutable infrastructure
|
|
743
|
+
- ✅ Zero trust architecture
|
|
744
|
+
- ✅ Continuous monitoring
|
|
745
|
+
|
|
746
|
+
### Compliance
|
|
747
|
+
- ✅ Privacy by design
|
|
748
|
+
- ✅ Data minimization
|
|
749
|
+
- ✅ Regular audits
|
|
750
|
+
- ✅ Documentation completa
|
|
751
|
+
|
|
752
|
+
---
|
|
753
|
+
|
|
754
|
+
**Versão:** 2.0
|
|
755
|
+
**Framework:** Security Best Practices 2025
|
|
756
|
+
**Status:** ✅ Produção Ready
|
|
757
|
+
**Última atualização:** 2026-01-29
|