@mcp-consultant-tools/powerplatform-core 26.0.0 → 27.0.0-beta.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (23) hide show
  1. package/build/index.d.ts +2 -2
  2. package/build/index.d.ts.map +1 -1
  3. package/build/index.js +5 -1
  4. package/build/index.js.map +1 -1
  5. package/build/services/IntegrationAuditService.d.ts +68 -6
  6. package/build/services/IntegrationAuditService.d.ts.map +1 -1
  7. package/build/services/IntegrationAuditService.js +226 -160
  8. package/build/services/IntegrationAuditService.js.map +1 -1
  9. package/build/services/index.d.ts +1 -1
  10. package/build/services/index.d.ts.map +1 -1
  11. package/build/utils/audit-report-formatter.d.ts +140 -0
  12. package/build/utils/audit-report-formatter.d.ts.map +1 -0
  13. package/build/utils/audit-report-formatter.js +292 -0
  14. package/build/utils/audit-report-formatter.js.map +1 -0
  15. package/build/utils/flow-url-extractor.d.ts +36 -0
  16. package/build/utils/flow-url-extractor.d.ts.map +1 -0
  17. package/build/utils/flow-url-extractor.js +286 -0
  18. package/build/utils/flow-url-extractor.js.map +1 -0
  19. package/build/utils/index.d.ts +2 -0
  20. package/build/utils/index.d.ts.map +1 -1
  21. package/build/utils/index.js +4 -0
  22. package/build/utils/index.js.map +1 -1
  23. package/package.json +2 -2
package/build/utils/audit-report-formatter.d.ts ADDED
@@ -0,0 +1,140 @@
1
+ /**
2
+ * Standalone markdown report generator for Integration Audit data.
3
+ * Extracted from IntegrationAuditService to allow reuse and testing.
4
+ */
5
+ import type { RiskLevel } from './complexity-calculator.js';
6
+ export interface AuditReportData {
7
+ environment: string;
8
+ endpointsResult: {
9
+ endpoints: {
10
+ name: string;
11
+ url: string;
12
+ contractType: string;
13
+ authType: string;
14
+ messageStepCount: number;
15
+ isManaged: boolean;
16
+ }[];
17
+ summary: {
18
+ total: number;
19
+ byType: Record<string, number>;
20
+ byAuthType: Record<string, number>;
21
+ };
22
+ };
23
+ webhooksResult: {
24
+ webhooks: {
25
+ name: string;
26
+ endpointUrl: string | null;
27
+ triggerEntity: string;
28
+ triggerMessage: string;
29
+ enabled: boolean;
30
+ }[];
31
+ summary: {
32
+ total: number;
33
+ byEntity: Record<string, number>;
34
+ byMessage: Record<string, number>;
35
+ enabledCount: number;
36
+ disabledCount: number;
37
+ };
38
+ };
39
+ complexityResult: {
40
+ flows: {
41
+ name: string;
42
+ complexity: {
43
+ score: number;
44
+ riskLevel: RiskLevel;
45
+ flags: {
46
+ usesHttp: boolean;
47
+ };
48
+ };
49
+ }[];
50
+ summary: {
51
+ total: number;
52
+ byRiskLevel: Record<RiskLevel, number>;
53
+ averageComplexity: number;
54
+ highRiskFlows: string[];
55
+ };
56
+ };
57
+ httpFlows: {
58
+ flowId: string;
59
+ flowName: string;
60
+ connectors: string[];
61
+ targetUrls: string[];
62
+ }[];
63
+ externalTriggerFlows: {
64
+ flowId: string;
65
+ flowName: string;
66
+ triggerType: string;
67
+ }[];
68
+ externalPlugins: {
69
+ assemblyName: string;
70
+ description: string | null;
71
+ isolationMode: string;
72
+ }[];
73
+ pluginAssemblies: {
74
+ totalCount: number;
75
+ assemblies: unknown[];
76
+ };
77
+ riskFactors: {
78
+ factor: string;
79
+ severity: RiskLevel;
80
+ details: string;
81
+ }[];
82
+ recommendations: string[];
83
+ overallRisk: RiskLevel;
84
+ requiredUrlStrings?: string[];
85
+ environmentVariables?: {
86
+ id: string;
87
+ schemaName: string;
88
+ displayName: string;
89
+ type: string;
90
+ currentValue?: string;
91
+ defaultValue?: string;
92
+ effectiveValue?: string;
93
+ description?: string;
94
+ isManaged: boolean;
95
+ isSensitive: boolean;
96
+ maskedValue?: string;
97
+ }[];
98
+ divergingEnvVars?: {
99
+ variable: {
100
+ schemaName: string;
101
+ displayName: string;
102
+ effectiveValue?: string;
103
+ isSensitive: boolean;
104
+ };
105
+ reason: string;
106
+ }[];
107
+ divergingEndpoints?: {
108
+ endpoint: {
109
+ name: string;
110
+ url: string;
111
+ };
112
+ urlIssue: string;
113
+ }[];
114
+ flowSecretWarnings?: {
115
+ flowName: string;
116
+ warnings: {
117
+ actionName: string;
118
+ fieldPath: string;
119
+ warningType: string;
120
+ message: string;
121
+ }[];
122
+ }[];
123
+ flowUrls?: {
124
+ flowName: string;
125
+ urls: {
126
+ actionName: string;
127
+ url: string;
128
+ environmentVariable?: string;
129
+ environmentVariableValue?: string;
130
+ source: string;
131
+ }[];
132
+ }[];
133
+ outputFormat?: 'summary' | 'full';
134
+ }
135
+ /**
136
+ * Generate a complete markdown audit report from structured audit data.
137
+ * Produces either a full report or a summary depending on `data.outputFormat`.
138
+ */
139
+ export declare function generateAuditMarkdownReport(data: AuditReportData): string;
140
+ //# sourceMappingURL=audit-report-formatter.d.ts.map
package/build/utils/audit-report-formatter.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"audit-report-formatter.d.ts","sourceRoot":"","sources":["../../src/utils/audit-report-formatter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAEH,OAAO,KAAK,EAAE,SAAS,EAAE,MAAM,4BAA4B,CAAC;AAE5D,MAAM,WAAW,eAAe;IAC9B,WAAW,EAAE,MAAM,CAAC;IACpB,eAAe,EAAE;QACf,SAAS,EAAE;YACT,IAAI,EAAE,MAAM,CAAC;YACb,GAAG,EAAE,MAAM,CAAC;YACZ,YAAY,EAAE,MAAM,CAAC;YACrB,QAAQ,EAAE,MAAM,CAAC;YACjB,gBAAgB,EAAE,MAAM,CAAC;YACzB,SAAS,EAAE,OAAO,CAAC;SACpB,EAAE,CAAC;QACJ,OAAO,EAAE;YAAE,KAAK,EAAE,MAAM,CAAC;YAAC,MAAM,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAAC,UAAU,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAA;SAAE,CAAC;KAChG,CAAC;IACF,cAAc,EAAE;QACd,QAAQ,EAAE;YACR,IAAI,EAAE,MAAM,CAAC;YACb,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;YAC3B,aAAa,EAAE,MAAM,CAAC;YACtB,cAAc,EAAE,MAAM,CAAC;YACvB,OAAO,EAAE,OAAO,CAAC;SAClB,EAAE,CAAC;QACJ,OAAO,EAAE;YACP,KAAK,EAAE,MAAM,CAAC;YACd,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YACjC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;YAClC,YAAY,EAAE,MAAM,CAAC;YACrB,aAAa,EAAE,MAAM,CAAC;SACvB,CAAC;KACH,CAAC;IACF,gBAAgB,EAAE;QAChB,KAAK,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,UAAU,EAAE;gBAAE,KAAK,EAAE,MAAM,CAAC;gBAAC,SAAS,EAAE,SAAS,CAAC;gBAAC,KAAK,EAAE;oBAAE,QAAQ,EAAE,OAAO,CAAA;iBAAE,CAAA;aAAE,CAAA;SAAE,EAAE,CAAC;QAC7G,OAAO,EAAE;YACP,KAAK,EAAE,MAAM,CAAC;YACd,WAAW,EAAE,MAAM,CAAC,SAAS,EAAE,MAAM,CAAC,CAAC;YACvC,iBAAiB,EAAE,MAAM,CAAC;YAC1B,aAAa,EAAE,MAAM,EAAE,CAAC;SACzB,CAAC;KACH,CAAC;IACF,SAAS,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAC;QAAC,UAAU,EAAE,MAAM,EAAE,CAAA;KAAE,EAAE,CAAC;IAC9F,oBAAoB,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAClF,eAAe,EAAE;QAAE,YAAY,EAAE,MAAM,CAAC;QAAC,WAAW,EAAE,MAAM,GAAG,IAAI,CAAC;QAAC,aAAa,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IAC/F,gBAAgB,EAAE;QAAE,UAAU,EAAE,MAAM,CAAC;QAAC,UAAU,EAAE,OAAO,EAAE,CAAA;KAAE,CAAC;IAChE,WAAW,EAAE;QAAE,MAAM,EAAE,MAAM,CAAC;QAAC,QAAQ,EAAE,SAAS,CAAC;QAAC,OAAO,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACxE,eAAe,EAAE,MAAM,EAAE,CAAC;IAC1B,WAAW,EAAE,SAAS,CAAC;IACvB,kBAAkB,CAAC,EAAE,MAAM,EAAE,CAAC;IAC9B,oBAAoB,CAAC,EAAE;QACrB,EAAE,EAAE,MAAM,CAAC;QACX,UAAU,EAAE,MAAM,CAAC;QACnB,WAAW,EAAE,MAAM,CAAC;QACpB,IAAI,EAAE,MAAM,CAAC;QACb,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,YAAY,CAAC,EAAE,MAAM,CAAC;QACtB,cAAc,CAAC,EAAE,MAAM,CAAC;QACxB,WAAW,CAAC,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,OAAO,CAAC;QACnB,WAAW,EAAE,OAAO,CAAC;QACrB,WAAW,CAAC,EAAE,MAAM,CAAC;KACtB,EAAE,CAAC;IACJ,gBAAgB,CAAC,EAAE;QACjB,QAAQ,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAC;YAAC,cAAc,CAAC,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,OAAO,CAAA;SAAE,CAAC;QACrG,MAAM,EAAE,MAAM,CAAC;KAChB,EAAE,CAAC;IACJ,kBAAkB,CAAC,EAAE;QAAE,QAAQ,EAAE;YAAE,IAAI,EAAE,MAAM,CAAC;YAAC,GAAG,EAAE,MAAM,CAAA;SAAE,CAAC;QAAC,QAAQ,EAAE,MAAM,CAAA;KAAE,EAAE,CAAC;IACrF,kBAAkB,CAAC,EAAE;QACnB,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE;YAAE,UAAU,EAAE,MAAM,CAAC;YAAC,SAAS,EAAE,MAAM,CAAC;YAAC,WAAW,EAAE,MAAM,CAAC;YAAC,OAAO,EAAE,MAAM,CAAA;SAAE,EAAE,CAAC;KAC7F,EAAE,CAAC;IACJ,QAAQ,CAAC,EAAE;QACT,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE;YACJ,UAAU,EAAE,MAAM,CAAC;YACnB,GAAG,EAAE,MAAM,CAAC;YACZ,mBAAmB,CAAC,EAAE,MAAM,CAAC;YAC7B,wBAAwB,CAAC,EAAE,MAAM,CAAC;YAClC,MAAM,EAAE,MAAM,CAAC;SAChB,EAAE,CAAC;KACL,EAAE,CAAC;IACJ,YAAY,CAAC,EAAE,SAAS,GAAG,MAAM,CAAC;CACnC;AAED;;;GAGG;AACH,wBAAgB,2BAA2B,CAAC,IAAI,EAAE,eAAe,GAAG,MAAM,CAoCzE"}
package/build/utils/audit-report-formatter.js ADDED
@@ -0,0 +1,292 @@
1
+ /**
2
+ * Standalone markdown report generator for Integration Audit data.
3
+ * Extracted from IntegrationAuditService to allow reuse and testing.
4
+ */
5
+ /**
6
+ * Generate a complete markdown audit report from structured audit data.
7
+ * Produces either a full report or a summary depending on `data.outputFormat`.
8
+ */
9
+ export function generateAuditMarkdownReport(data) {
10
+ const lines = [];
11
+ const isSummary = data.outputFormat === 'summary';
12
+ lines.push('# Integration Audit Report');
13
+ lines.push('');
14
+ lines.push(`**Generated:** ${new Date().toISOString()}`);
15
+ lines.push(`**Environment:** ${data.environment}`);
16
+ lines.push('');
17
+ appendExecutiveSummary(lines, data);
18
+ appendDivergingEndpoints(lines, data);
19
+ appendDivergingEnvVars(lines, data);
20
+ appendSecurityWarnings(lines, data);
21
+ appendEnvironmentVariables(lines, data);
22
+ appendRiskAssessment(lines, data);
23
+ appendRecommendations(lines, data);
24
+ if (!isSummary) {
25
+ appendOutboundIntegrations(lines, data);
26
+ appendInboundIntegrations(lines, data);
27
+ }
28
+ appendFlowComplexity(lines, data, isSummary);
29
+ if (!isSummary) {
30
+ appendPluginInventory(lines, data);
31
+ appendAllUrlReferences(lines, data);
32
+ }
33
+ lines.push('---');
34
+ lines.push('');
35
+ lines.push('*Generated by MCP Consultant Tools - Integration Audit*');
36
+ return lines.join('\n');
37
+ }
38
+ // --- Section helpers ---
39
+ function appendExecutiveSummary(lines, data) {
40
+ lines.push('## Executive Summary');
41
+ lines.push('');
42
+ lines.push('| Metric | Count |');
43
+ lines.push('|--------|-------|');
44
+ lines.push(`| Power Automate Flows | ${data.complexityResult.summary.total} |`);
45
+ lines.push(`| Plugin Assemblies | ${data.pluginAssemblies.totalCount} |`);
46
+ lines.push(`| Service Endpoints | ${data.endpointsResult.summary.total} |`);
47
+ lines.push(`| Webhook Registrations | ${data.webhooksResult.summary.total} |`);
48
+ lines.push(`| **Overall Risk Level** | **${data.overallRisk}** |`);
49
+ lines.push('');
50
+ }
51
+ function appendDivergingEndpoints(lines, data) {
52
+ if (!data.requiredUrlStrings || !data.divergingEndpoints?.length)
53
+ return;
54
+ const patterns = data.requiredUrlStrings.map((p) => `\`${p}\``).join(', ');
55
+ lines.push('## CRITICAL: Diverging Service Endpoints');
56
+ lines.push('');
57
+ lines.push('The following service endpoints do NOT match any of the required URL patterns:');
58
+ lines.push(`- Required patterns: ${patterns}`);
59
+ lines.push('');
60
+ lines.push('| Name | URL | Issue |');
61
+ lines.push('|------|-----|-------|');
62
+ for (const d of data.divergingEndpoints) {
63
+ lines.push(`| ${d.endpoint.name} | ${d.endpoint.url} | ${d.urlIssue} |`);
64
+ }
65
+ lines.push('');
66
+ }
67
+ function appendDivergingEnvVars(lines, data) {
68
+ if (!data.requiredUrlStrings || !data.divergingEnvVars?.length)
69
+ return;
70
+ const patterns = data.requiredUrlStrings.map((p) => `\`${p}\``).join(', ');
71
+ lines.push('## WARNING: Diverging Environment Variables');
72
+ lines.push('');
73
+ lines.push('The following environment variables contain URLs that do NOT match any required patterns:');
74
+ lines.push(`- Required patterns: ${patterns}`);
75
+ lines.push('');
76
+ lines.push('| Schema Name | Display Name | Value | Reason |');
77
+ lines.push('|-------------|-------------|-------|--------|');
78
+ for (const d of data.divergingEnvVars) {
79
+ const displayValue = d.variable.isSensitive ? '***' : (d.variable.effectiveValue ?? '(none)');
80
+ lines.push(`| ${d.variable.schemaName} | ${d.variable.displayName} | ${displayValue} | ${d.reason} |`);
81
+ }
82
+ lines.push('');
83
+ }
84
+ function appendSecurityWarnings(lines, data) {
85
+ if (!data.flowSecretWarnings?.length)
86
+ return;
87
+ lines.push('## Security Warnings');
88
+ lines.push('');
89
+ lines.push('Hardcoded secrets detected in flow definitions:');
90
+ lines.push('');
91
+ lines.push('| Flow | Action | Field | Warning |');
92
+ lines.push('|------|--------|-------|---------|');
93
+ for (const flow of data.flowSecretWarnings) {
94
+ for (const w of flow.warnings) {
95
+ lines.push(`| ${flow.flowName} | ${w.actionName} | ${w.fieldPath} | ${w.message} |`);
96
+ }
97
+ }
98
+ lines.push('');
99
+ }
100
+ function appendEnvironmentVariables(lines, data) {
101
+ if (!data.environmentVariables?.length)
102
+ return;
103
+ const byType = {};
104
+ let sensitiveCount = 0;
105
+ for (const v of data.environmentVariables) {
106
+ byType[v.type] = (byType[v.type] || 0) + 1;
107
+ if (v.isSensitive)
108
+ sensitiveCount++;
109
+ }
110
+ const typeBreakdown = Object.entries(byType).map(([t, c]) => `${c} ${t}`).join(', ');
111
+ lines.push('## Environment Variables');
112
+ lines.push('');
113
+ lines.push(`**Total:** ${data.environmentVariables.length} (${typeBreakdown}). **Sensitive (masked):** ${sensitiveCount}`);
114
+ lines.push('');
115
+ if (data.outputFormat === 'summary')
116
+ return;
117
+ lines.push('| Schema Name | Display Name | Type | Effective Value | Managed |');
118
+ lines.push('|-------------|-------------|------|-----------------|---------|');
119
+ for (const v of data.environmentVariables) {
120
+ const displayValue = v.isSensitive
121
+ ? (v.maskedValue ?? '***')
122
+ : (v.effectiveValue ?? v.defaultValue ?? '(none)');
123
+ const managed = v.isManaged ? 'Yes' : 'No';
124
+ lines.push(`| ${v.schemaName} | ${v.displayName} | ${v.type} | ${displayValue} | ${managed} |`);
125
+ }
126
+ lines.push('');
127
+ }
128
+ function appendRiskAssessment(lines, data) {
129
+ if (data.riskFactors.length === 0)
130
+ return;
131
+ lines.push('## Risk Assessment');
132
+ lines.push('');
133
+ lines.push('| Factor | Severity | Details |');
134
+ lines.push('|--------|----------|---------|');
135
+ for (const factor of data.riskFactors) {
136
+ lines.push(`| ${factor.factor} | ${factor.severity} | ${factor.details} |`);
137
+ }
138
+ lines.push('');
139
+ }
140
+ function appendRecommendations(lines, data) {
141
+ if (data.recommendations.length === 0)
142
+ return;
143
+ lines.push('### Recommendations');
144
+ lines.push('');
145
+ for (const rec of data.recommendations) {
146
+ lines.push(`- ${rec}`);
147
+ }
148
+ lines.push('');
149
+ }
150
+ function appendOutboundIntegrations(lines, data) {
151
+ lines.push('## Outbound Integrations (Data Leaving)');
152
+ lines.push('');
153
+ if (data.endpointsResult.endpoints.length > 0) {
154
+ lines.push('### Service Endpoints');
155
+ lines.push('');
156
+ lines.push('| Name | Type | URL | Steps |');
157
+ lines.push('|------|------|-----|-------|');
158
+ for (const ep of data.endpointsResult.endpoints) {
159
+ const urlDisplay = ep.url || '(internal)';
160
+ lines.push(`| ${ep.name} | ${ep.contractType} | ${urlDisplay} | ${ep.messageStepCount} |`);
161
+ }
162
+ lines.push('');
163
+ }
164
+ if (data.httpFlows.length > 0) {
165
+ lines.push('### Flows with HTTP/External Calls');
166
+ lines.push('');
167
+ for (const flow of data.httpFlows) {
168
+ lines.push(`- **${flow.flowName}**`);
169
+ lines.push(` - Connectors: ${flow.connectors.join(', ')}`);
170
+ }
171
+ lines.push('');
172
+ }
173
+ appendFlowUrls(lines, data);
174
+ }
175
+ function appendFlowUrls(lines, data) {
176
+ if (!data.flowUrls?.length)
177
+ return;
178
+ lines.push('### Flow URL References');
179
+ lines.push('');
180
+ lines.push('| Flow | Action | URL | Source | Env Var |');
181
+ lines.push('|------|--------|-----|--------|---------|');
182
+ for (const flow of data.flowUrls) {
183
+ for (const u of flow.urls) {
184
+ const envVar = u.environmentVariable
185
+ ? `${u.environmentVariable} (${u.environmentVariableValue ?? ''})`
186
+ : '';
187
+ lines.push(`| ${flow.flowName} | ${u.actionName} | ${u.url} | ${u.source} | ${envVar} |`);
188
+ }
189
+ }
190
+ lines.push('');
191
+ }
192
+ function appendInboundIntegrations(lines, data) {
193
+ lines.push('## Inbound Integrations (Data Coming In)');
194
+ lines.push('');
195
+ if (data.webhooksResult.webhooks.length > 0) {
196
+ lines.push('### Webhook Registrations');
197
+ lines.push('');
198
+ lines.push('| Name | Entity | Message | Status |');
199
+ lines.push('|------|--------|---------|--------|');
200
+ for (const wh of data.webhooksResult.webhooks) {
201
+ const status = wh.enabled ? 'Enabled' : 'Disabled';
202
+ lines.push(`| ${wh.name} | ${wh.triggerEntity} | ${wh.triggerMessage} | ${status} |`);
203
+ }
204
+ lines.push('');
205
+ }
206
+ if (data.externalTriggerFlows.length > 0) {
207
+ lines.push('### Flows with External Triggers');
208
+ lines.push('');
209
+ for (const flow of data.externalTriggerFlows) {
210
+ lines.push(`- **${flow.flowName}** (${flow.triggerType})`);
211
+ }
212
+ lines.push('');
213
+ }
214
+ }
215
+ function appendFlowComplexity(lines, data, isSummary) {
216
+ lines.push('## Flow Complexity Analysis');
217
+ lines.push('');
218
+ lines.push('| Risk Level | Count |');
219
+ lines.push('|------------|-------|');
220
+ lines.push(`| Low (0-20) | ${data.complexityResult.summary.byRiskLevel.Low} |`);
221
+ lines.push(`| Medium (21-50) | ${data.complexityResult.summary.byRiskLevel.Medium} |`);
222
+ lines.push(`| High (51-100) | ${data.complexityResult.summary.byRiskLevel.High} |`);
223
+ lines.push(`| Critical (>100) | ${data.complexityResult.summary.byRiskLevel.Critical} |`);
224
+ lines.push('');
225
+ lines.push(`**Average Complexity Score:** ${data.complexityResult.summary.averageComplexity}`);
226
+ lines.push('');
227
+ if (isSummary)
228
+ return;
229
+ if (data.complexityResult.summary.highRiskFlows.length > 0) {
230
+ lines.push('### High/Critical Risk Flows');
231
+ lines.push('');
232
+ for (const flowName of data.complexityResult.summary.highRiskFlows) {
233
+ const flow = data.complexityResult.flows.find((f) => f.name === flowName);
234
+ if (flow) {
235
+ lines.push(`- **${flowName}** - Score: ${flow.complexity.score} (${flow.complexity.riskLevel})`);
236
+ }
237
+ }
238
+ lines.push('');
239
+ }
240
+ }
241
+ function appendPluginInventory(lines, data) {
242
+ lines.push('## Plugin Inventory');
243
+ lines.push('');
244
+ lines.push(`**Total Assemblies:** ${data.pluginAssemblies.totalCount}`);
245
+ lines.push('');
246
+ if (data.externalPlugins.length > 0) {
247
+ lines.push('### Plugins with External Access');
248
+ lines.push('');
249
+ for (const plugin of data.externalPlugins) {
250
+ lines.push(`- **${plugin.assemblyName}** (${plugin.isolationMode})`);
251
+ }
252
+ lines.push('');
253
+ }
254
+ }
255
+ function appendAllUrlReferences(lines, data) {
256
+ const rows = [];
257
+ // Service endpoints
258
+ for (const ep of data.endpointsResult.endpoints) {
259
+ if (ep.url) {
260
+ rows.push({ source: 'Service Endpoint', name: ep.name, url: ep.url });
261
+ }
262
+ }
263
+ // Flow HTTP action URLs
264
+ if (data.flowUrls) {
265
+ for (const flow of data.flowUrls) {
266
+ for (const u of flow.urls) {
267
+ rows.push({ source: `Flow: ${flow.flowName}`, name: u.actionName, url: u.url });
268
+ }
269
+ }
270
+ }
271
+ // Environment variables containing URLs (non-sensitive only)
272
+ if (data.environmentVariables) {
273
+ for (const v of data.environmentVariables) {
274
+ if (!v.isSensitive && v.effectiveValue && v.effectiveValue.includes('://')) {
275
+ rows.push({ source: 'Env Variable', name: v.schemaName, url: v.effectiveValue });
276
+ }
277
+ }
278
+ }
279
+ if (rows.length === 0)
280
+ return;
281
+ lines.push('## All URL References');
282
+ lines.push('');
283
+ lines.push(`**Total:** ${rows.length} URL(s) found across all integration points.`);
284
+ lines.push('');
285
+ lines.push('| Source | Name | URL |');
286
+ lines.push('|--------|------|-----|');
287
+ for (const row of rows) {
288
+ lines.push(`| ${row.source} | ${row.name} | ${row.url} |`);
289
+ }
290
+ lines.push('');
291
+ }
292
+ //# sourceMappingURL=audit-report-formatter.js.map
package/build/utils/audit-report-formatter.js.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"audit-report-formatter.js","sourceRoot":"","sources":["../../src/utils/audit-report-formatter.ts"],"names":[],"mappings":"AAAA;;;GAGG;AAqFH;;;GAGG;AACH,MAAM,UAAU,2BAA2B,CAAC,IAAqB;IAC/D,MAAM,KAAK,GAAa,EAAE,CAAC;IAC3B,MAAM,SAAS,GAAG,IAAI,CAAC,YAAY,KAAK,SAAS,CAAC;IAElD,KAAK,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACzC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE,EAAE,CAAC,CAAC;IACzD,KAAK,CAAC,IAAI,CAAC,oBAAoB,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;IACnD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,sBAAsB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACpC,wBAAwB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACtC,sBAAsB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACpC,sBAAsB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACpC,0BAA0B,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAExC,oBAAoB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAClC,qBAAqB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IAEnC,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,0BAA0B,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACxC,yBAAyB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACzC,CAAC;IAED,oBAAoB,CAAC,KAAK,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;IAE7C,IAAI,CAAC,SAAS,EAAE,CAAC;QACf,qBAAqB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;QACnC,sBAAsB,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;IACtC,CAAC;IAED,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IAClB,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yDAAyD,CAAC,CAAC;IAEtE,OAAO,KAAK,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;AAC1B,CAAC;AAED,0BAA0B;AAE1B,SAAS,sBAAsB,CAAC,KAAe,EAAE,IAAqB;IACpE,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,KAAK,CAAC,IAAI,CAAC,4BAA4B,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,yBAAyB,IAAI,CAAC,gBAAgB,CAAC,UAAU,IAAI,CAAC,CAAC;IAC1E,KAAK,CAAC,IAAI,CAAC,yBAAyB,IAAI,CAAC,eAAe,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC;IAC5E,KAAK,CAAC,IAAI,CAAC,6BAA6B,IAAI,CAAC,cAAc,CAAC,OAAO,CAAC,KAAK,IAAI,CAAC,CAAC;IAC/E,KAAK,CAAC,IAAI,CAAC,gCAAgC,IAAI,CAAC,WAAW,MAAM,CAAC,CAAC;IACnE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,wBAAwB,CAAC,KAAe,EAAE,IAAqB;IACtE,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,MAAM;QAAE,OAAO;IAEzE,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE3E,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,gFAAgF,CAAC,CAAC;IAC7F,KAAK,CAAC,IAAI,CAAC,wBAAwB,QAAQ,EAAE,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACrC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,IAAI,MAAM,CAAC,CAAC,QAAQ,CAAC,GAAG,MAAM,CAAC,CAAC,QAAQ,IAAI,CAAC,CAAC;IAC3E,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAe,EAAE,IAAqB;IACpE,IAAI,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,IAAI,CAAC,gBAAgB,EAAE,MAAM;QAAE,OAAO;IAEvE,MAAM,QAAQ,GAAG,IAAI,CAAC,kBAAkB,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAE3E,KAAK,CAAC,IAAI,CAAC,6CAA6C,CAAC,CAAC;IAC1D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,2FAA2F,CAAC,CAAC;IACxG,KAAK,CAAC,IAAI,CAAC,wBAAwB,QAAQ,EAAE,CAAC,CAAC;IAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IAC9D,KAAK,CAAC,IAAI,CAAC,gDAAgD,CAAC,CAAC;IAC7D,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtC,MAAM,YAAY,GAAG,CAAC,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,QAAQ,CAAC,cAAc,IAAI,QAAQ,CAAC,CAAC;QAC9F,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,QAAQ,CAAC,UAAU,MAAM,CAAC,CAAC,QAAQ,CAAC,WAAW,MAAM,YAAY,MAAM,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC;IACzG,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAe,EAAE,IAAqB;IACpE,IAAI,CAAC,IAAI,CAAC,kBAAkB,EAAE,MAAM;QAAE,OAAO;IAE7C,KAAK,CAAC,IAAI,CAAC,sBAAsB,CAAC,CAAC;IACnC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IAC9D,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IAClD,KAAK,CAAC,IAAI,CAAC,qCAAqC,CAAC,CAAC;IAClD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,kBAAkB,EAAE,CAAC;QAC3C,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YAC9B,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,MAAM,CAAC,CAAC,UAAU,MAAM,CAAC,CAAC,SAAS,MAAM,CAAC,CAAC,OAAO,IAAI,CAAC,CAAC;QACvF,CAAC;IACH,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,0BAA0B,CAAC,KAAe,EAAE,IAAqB;IACxE,IAAI,CAAC,IAAI,CAAC,oBAAoB,EAAE,MAAM;QAAE,OAAO;IAE/C,MAAM,MAAM,GAA2B,EAAE,CAAC;IAC1C,IAAI,cAAc,GAAG,CAAC,CAAC;IACvB,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1C,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,GAAG,CAAC,CAAC;QAC3C,IAAI,CAAC,CAAC,WAAW;YAAE,cAAc,EAAE,CAAC;IACtC,CAAC;IACD,MAAM,aAAa,GAAG,MAAM,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;IAErF,KAAK,CAAC,IAAI,CAAC,0BAA0B,CAAC,CAAC;IACvC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,oBAAoB,CAAC,MAAM,KAAK,aAAa,8BAA8B,cAAc,EAAE,CAAC,CAAC;IAC3H,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,IAAI,CAAC,YAAY,KAAK,SAAS;QAAE,OAAO;IAE5C,KAAK,CAAC,IAAI,CAAC,mEAAmE,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,kEAAkE,CAAC,CAAC;IAC/E,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC1C,MAAM,YAAY,GAAG,CAAC,CAAC,WAAW;YAChC,CAAC,CAAC,CAAC,CAAC,CAAC,WAAW,IAAI,KAAK,CAAC;YAC1B,CAAC,CAAC,CAAC,CAAC,CAAC,cAAc,IAAI,CAAC,CAAC,YAAY,IAAI,QAAQ,CAAC,CAAC;QACrD,MAAM,OAAO,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,MAAM,CAAC,CAAC,WAAW,MAAM,CAAC,CAAC,IAAI,MAAM,YAAY,MAAM,OAAO,IAAI,CAAC,CAAC;IAClG,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAe,EAAE,IAAqB;IAClE,IAAI,IAAI,CAAC,WAAW,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE1C,KAAK,CAAC,IAAI,CAAC,oBAAoB,CAAC,CAAC;IACjC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;IAC9C,KAAK,CAAC,IAAI,CAAC,iCAAiC,CAAC,CAAC;IAC9C,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACtC,KAAK,CAAC,IAAI,CAAC,KAAK,MAAM,CAAC,MAAM,MAAM,MAAM,CAAC,QAAQ,MAAM,MAAM,CAAC,OAAO,IAAI,CAAC,CAAC;IAC9E,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAe,EAAE,IAAqB;IACnE,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE9C,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAClC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,MAAM,GAAG,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;QACvC,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,EAAE,CAAC,CAAC;IACzB,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,0BAA0B,CAAC,KAAe,EAAE,IAAqB;IACxE,KAAK,CAAC,IAAI,CAAC,yCAAyC,CAAC,CAAC;IACtD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,IAAI,CAAC,eAAe,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9C,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;QACpC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC5C,KAAK,CAAC,IAAI,CAAC,+BAA+B,CAAC,CAAC;QAC5C,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;YAChD,MAAM,UAAU,GAAG,EAAE,CAAC,GAAG,IAAI,YAAY,CAAC;YAC1C,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,YAAY,MAAM,UAAU,MAAM,EAAE,CAAC,gBAAgB,IAAI,CAAC,CAAC;QAC7F,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,SAAS,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC9B,KAAK,CAAC,IAAI,CAAC,oCAAoC,CAAC,CAAC;QACjD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;YAClC,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,QAAQ,IAAI,CAAC,CAAC;YACrC,KAAK,CAAC,IAAI,CAAC,mBAAmB,IAAI,CAAC,UAAU,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QAC9D,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,cAAc,CAAC,KAAK,EAAE,IAAI,CAAC,CAAC;AAC9B,CAAC;AAED,SAAS,cAAc,CAAC,KAAe,EAAE,IAAqB;IAC5D,IAAI,CAAC,IAAI,CAAC,QAAQ,EAAE,MAAM;QAAE,OAAO;IAEnC,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACtC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IACzD,KAAK,CAAC,IAAI,CAAC,4CAA4C,CAAC,CAAC;IACzD,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QACjC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,CAAC,CAAC,mBAAmB;gBAClC,CAAC,CAAC,GAAG,CAAC,CAAC,mBAAmB,KAAK,CAAC,CAAC,wBAAwB,IAAI,EAAE,GAAG;gBAClE,CAAC,CAAC,EAAE,CAAC;YACP,KAAK,CAAC,IAAI,CAAC,KAAK,IAAI,CAAC,QAAQ,MAAM,CAAC,CAAC,UAAU,MAAM,CAAC,CAAC,GAAG,MAAM,CAAC,CAAC,MAAM,MAAM,MAAM,IAAI,CAAC,CAAC;QAC5F,CAAC;IACH,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC;AAED,SAAS,yBAAyB,CAAC,KAAe,EAAE,IAAqB;IACvE,KAAK,CAAC,IAAI,CAAC,0CAA0C,CAAC,CAAC;IACvD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,IAAI,CAAC,cAAc,CAAC,QAAQ,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC5C,KAAK,CAAC,IAAI,CAAC,2BAA2B,CAAC,CAAC;QACxC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACnD,KAAK,CAAC,IAAI,CAAC,sCAAsC,CAAC,CAAC;QACnD,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,cAAc,CAAC,QAAQ,EAAE,CAAC;YAC9C,MAAM,MAAM,GAAG,EAAE,CAAC,OAAO,CAAC,CAAC,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC;YACnD,KAAK,CAAC,IAAI,CAAC,KAAK,EAAE,CAAC,IAAI,MAAM,EAAE,CAAC,aAAa,MAAM,EAAE,CAAC,cAAc,MAAM,MAAM,IAAI,CAAC,CAAC;QACxF,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;IAED,IAAI,IAAI,CAAC,oBAAoB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACzC,KAAK,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC7C,KAAK,CAAC,IAAI,CAAC,OAAO,IAAI,CAAC,QAAQ,OAAO,IAAI,CAAC,WAAW,GAAG,CAAC,CAAC;QAC7D,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,oBAAoB,CAAC,KAAe,EAAE,IAAqB,EAAE,SAAkB;IACtF,KAAK,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC1C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,wBAAwB,CAAC,CAAC;IACrC,KAAK,CAAC,IAAI,CAAC,kBAAkB,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,WAAW,CAAC,GAAG,IAAI,CAAC,CAAC;IAChF,KAAK,CAAC,IAAI,CAAC,sBAAsB,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,WAAW,CAAC,MAAM,IAAI,CAAC,CAAC;IACvF,KAAK,CAAC,IAAI,CAAC,qBAAqB,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,WAAW,CAAC,IAAI,IAAI,CAAC,CAAC;IACpF,KAAK,CAAC,IAAI,CAAC,uBAAuB,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,WAAW,CAAC,QAAQ,IAAI,CAAC,CAAC;IAC1F,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,iCAAiC,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,iBAAiB,EAAE,CAAC,CAAC;IAC/F,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,SAAS;QAAE,OAAO;IAEtB,IAAI,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,aAAa,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAC3D,KAAK,CAAC,IAAI,CAAC,8BAA8B,CAAC,CAAC;QAC3C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,MAAM,QAAQ,IAAI,IAAI,CAAC,gBAAgB,CAAC,OAAO,CAAC,aAAa,EAAE,CAAC;YACnE,MAAM,IAAI,GAAG,IAAI,CAAC,gBAAgB,CAAC,KAAK,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC;YAC1E,IAAI,IAAI,EAAE,CAAC;gBACT,KAAK,CAAC,IAAI,CAAC,OAAO,QAAQ,eAAe,IAAI,CAAC,UAAU,CAAC,KAAK,KAAK,IAAI,CAAC,UAAU,CAAC,SAAS,GAAG,CAAC,CAAC;YACnG,CAAC;QACH,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAe,EAAE,IAAqB;IACnE,KAAK,CAAC,IAAI,CAAC,qBAAqB,CAAC,CAAC;IAClC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yBAAyB,IAAI,CAAC,gBAAgB,CAAC,UAAU,EAAE,CAAC,CAAC;IACxE,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEf,IAAI,IAAI,CAAC,eAAe,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QACpC,KAAK,CAAC,IAAI,CAAC,kCAAkC,CAAC,CAAC;QAC/C,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACf,KAAK,MAAM,MAAM,IAAI,IAAI,CAAC,eAAe,EAAE,CAAC;YAC1C,KAAK,CAAC,IAAI,CAAC,OAAO,MAAM,CAAC,YAAY,OAAO,MAAM,CAAC,aAAa,GAAG,CAAC,CAAC;QACvE,CAAC;QACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACjB,CAAC;AACH,CAAC;AAED,SAAS,sBAAsB,CAAC,KAAe,EAAE,IAAqB;IACpE,MAAM,IAAI,GAAoD,EAAE,CAAC;IAEjE,oBAAoB;IACpB,KAAK,MAAM,EAAE,IAAI,IAAI,CAAC,eAAe,CAAC,SAAS,EAAE,CAAC;QAChD,IAAI,EAAE,CAAC,GAAG,EAAE,CAAC;YACX,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,kBAAkB,EAAE,IAAI,EAAE,EAAE,CAAC,IAAI,EAAE,GAAG,EAAE,EAAE,CAAC,GAAG,EAAE,CAAC,CAAC;QACxE,CAAC;IACH,CAAC;IAED,wBAAwB;IACxB,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;QAClB,KAAK,MAAM,IAAI,IAAI,IAAI,CAAC,QAAQ,EAAE,CAAC;YACjC,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,IAAI,EAAE,CAAC;gBAC1B,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,SAAS,IAAI,CAAC,QAAQ,EAAE,EAAE,IAAI,EAAE,CAAC,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;YAClF,CAAC;QACH,CAAC;IACH,CAAC;IAED,6DAA6D;IAC7D,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;QAC9B,KAAK,MAAM,CAAC,IAAI,IAAI,CAAC,oBAAoB,EAAE,CAAC;YAC1C,IAAI,CAAC,CAAC,CAAC,WAAW,IAAI,CAAC,CAAC,cAAc,IAAI,CAAC,CAAC,cAAc,CAAC,QAAQ,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC3E,IAAI,CAAC,IAAI,CAAC,EAAE,MAAM,EAAE,cAAc,EAAE,IAAI,EAAE,CAAC,CAAC,UAAU,EAAE,GAAG,EAAE,CAAC,CAAC,cAAc,EAAE,CAAC,CAAC;YACnF,CAAC;QACH,CAAC;IACH,CAAC;IAED,IAAI,IAAI,CAAC,MAAM,KAAK,CAAC;QAAE,OAAO;IAE9B,KAAK,CAAC,IAAI,CAAC,uBAAuB,CAAC,CAAC;IACpC,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,cAAc,IAAI,CAAC,MAAM,8CAA8C,CAAC,CAAC;IACpF,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IACf,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACtC,KAAK,CAAC,IAAI,CAAC,yBAAyB,CAAC,CAAC;IACtC,KAAK,MAAM,GAAG,IAAI,IAAI,EAAE,CAAC;QACvB,KAAK,CAAC,IAAI,CAAC,KAAK,GAAG,CAAC,MAAM,MAAM,GAAG,CAAC,IAAI,MAAM,GAAG,CAAC,GAAG,IAAI,CAAC,CAAC;IAC7D,CAAC;IACD,KAAK,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;AACjB,CAAC"}
package/build/utils/flow-url-extractor.d.ts ADDED
@@ -0,0 +1,36 @@
1
+ /**
2
+ * Flow URL Extractor & Secret Detector
3
+ *
4
+ * Extracts URL references from Power Automate flow definitions and
5
+ * detects hardcoded secrets that should use environment variables
6
+ * or secure inputs instead.
7
+ */
8
+ export interface FlowUrlReference {
9
+ actionName: string;
10
+ url: string;
11
+ environmentVariable?: string;
12
+ environmentVariableValue?: string;
13
+ source: 'http-action' | 'openapi-connection' | 'trigger' | 'parameter';
14
+ }
15
+ export interface SecretWarning {
16
+ actionName: string;
17
+ fieldPath: string;
18
+ warningType: 'hardcoded-secret';
19
+ message: string;
20
+ }
21
+ /**
22
+ * Extract all URL references from a Power Automate flow definition.
23
+ *
24
+ * Traverses the definition recursively, following the same nesting pattern
25
+ * as `complexity-calculator.ts` (scope, foreach, if/else, switch/default).
26
+ */
27
+ export declare function extractUrlsFromFlowDefinition(flowDefinition: Record<string, unknown>, envVarMap?: Map<string, string>): FlowUrlReference[];
28
+ /**
29
+ * Scan a flow definition for hardcoded secrets in action inputs.
30
+ *
31
+ * Flags literal string values (not expressions starting with `@`) whose
32
+ * key names match common secret patterns such as `client_secret`,
33
+ * `password`, `api_key`, `authorization`, etc.
34
+ */
35
+ export declare function detectHardcodedSecrets(flowDefinition: Record<string, unknown>): SecretWarning[];
36
+ //# sourceMappingURL=flow-url-extractor.d.ts.map
package/build/utils/flow-url-extractor.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"flow-url-extractor.d.ts","sourceRoot":"","sources":["../../src/utils/flow-url-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAMH,MAAM,WAAW,gBAAgB;IAC/B,UAAU,EAAE,MAAM,CAAC;IACnB,GAAG,EAAE,MAAM,CAAC;IACZ,mBAAmB,CAAC,EAAE,MAAM,CAAC;IAC7B,wBAAwB,CAAC,EAAE,MAAM,CAAC;IAClC,MAAM,EAAE,aAAa,GAAG,oBAAoB,GAAG,SAAS,GAAG,WAAW,CAAC;CACxE;AAED,MAAM,WAAW,aAAa;IAC5B,UAAU,EAAE,MAAM,CAAC;IACnB,SAAS,EAAE,MAAM,CAAC;IAClB,WAAW,EAAE,kBAAkB,CAAC;IAChC,OAAO,EAAE,MAAM,CAAC;CACjB;AAiED;;;;;GAKG;AACH,wBAAgB,6BAA6B,CAC3C,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,EACvC,SAAS,CAAC,EAAE,GAAG,CAAC,MAAM,EAAE,MAAM,CAAC,GAC9B,gBAAgB,EAAE,CAsEpB;AA8FD;;;;;;GAMG;AACH,wBAAgB,sBAAsB,CACpC,cAAc,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,GACtC,aAAa,EAAE,CAgBjB"}