@mcp-consultant-tools/powerplatform-core 26.0.0 → 27.0.0-beta.1

package/build/utils/flow-url-extractor.js

@@ -0,0 +1,286 @@
+/**
+ * Flow URL Extractor & Secret Detector
+ *
+ * Extracts URL references from Power Automate flow definitions and
+ * detects hardcoded secrets that should use environment variables
+ * or secure inputs instead.
+ */
+// ---------------------------------------------------------------------------
+// Regex for secret-like input keys
+// ---------------------------------------------------------------------------
+const SECRET_KEY_PATTERN = /client_secret|clientSecret|password|api_key|apiKey|secret|authorization/i;
+// ---------------------------------------------------------------------------
+// Internal helpers
+// ---------------------------------------------------------------------------
+/**
+ * Attempt to extract an environment variable name from a Power Automate
+ * parameter expression such as:
+ *   @parameters('new_MyEnvVar')
+ *   @{parameters('new_MyEnvVar')}
+ */
+function extractEnvVarName(expression) {
+    const match = expression.match(/@\{?parameters\(\s*'([^']+)'\s*\)\}?/);
+    return match ? match[1] : undefined;
+}
+/**
+ * Resolve a URL that may be a parameter expression.
+ * Returns the original URL plus optional environment variable metadata.
+ */
+function resolveUrl(url, envVarMap) {
+    if (!url.startsWith('@parameters(') && !url.startsWith('@{parameters(')) {
+        return { url };
+    }
+    const envVarName = extractEnvVarName(url);
+    if (!envVarName) {
+        return { url };
+    }
+    const resolved = envVarMap?.get(envVarName);
+    return {
+        url: resolved ?? url,
+        environmentVariable: envVarName,
+        environmentVariableValue: resolved,
+    };
+}
+/**
+ * Safely read a nested property from an unknown record.
+ */
+function asRecord(value) {
+    if (value !== null && typeof value === 'object' && !Array.isArray(value)) {
+        return value;
+    }
+    return undefined;
+}
+// ---------------------------------------------------------------------------
+// URL extraction
+// ---------------------------------------------------------------------------
+/**
+ * Extract all URL references from a Power Automate flow definition.
+ *
+ * Traverses the definition recursively, following the same nesting pattern
+ * as `complexity-calculator.ts` (scope, foreach, if/else, switch/default).
+ */
+export function extractUrlsFromFlowDefinition(flowDefinition, envVarMap) {
+    const urls = [];
+    try {
+        const properties = asRecord(flowDefinition.properties);
+        const definition = asRecord(properties?.definition);
+        if (!definition)
+            return urls;
+        // --- Triggers -----------------------------------------------------------
+        const triggers = asRecord(definition.triggers);
+        if (triggers) {
+            for (const triggerName of Object.keys(triggers)) {
+                const trigger = asRecord(triggers[triggerName]);
+                if (!trigger)
+                    continue;
+                const inputs = asRecord(trigger.inputs);
+                if (inputs && typeof inputs.uri === 'string') {
+                    const resolved = resolveUrl(inputs.uri, envVarMap);
+                    urls.push({
+                        actionName: triggerName,
+                        source: 'trigger',
+                        ...resolved,
+                    });
+                }
+            }
+        }
+        // --- Parameters (environment variables) ---------------------------------
+        const parameters = asRecord(definition.parameters);
+        if (parameters) {
+            for (const paramName of Object.keys(parameters)) {
+                const param = asRecord(parameters[paramName]);
+                if (!param)
+                    continue;
+                const metadata = asRecord(param.metadata);
+                const schemaId = metadata?.schemaId;
+                if (typeof schemaId === 'string' &&
+                    schemaId.toLowerCase().includes('environmentvariable')) {
+                    const defaultValue = typeof param.defaultValue === 'string'
+                        ? param.defaultValue
+                        : undefined;
+                    const resolvedValue = envVarMap?.get(paramName);
+                    const url = resolvedValue ?? defaultValue;
+                    if (url) {
+                        urls.push({
+                            actionName: paramName,
+                            url,
+                            environmentVariable: paramName,
+                            environmentVariableValue: resolvedValue,
+                            source: 'parameter',
+                        });
+                    }
+                }
+            }
+        }
+        // --- Actions (recursive) ------------------------------------------------
+        const actions = asRecord(definition.actions);
+        if (actions) {
+            processActions(actions, urls, envVarMap);
+        }
+    }
+    catch {
+        // Return partial results on parse errors
+    }
+    return urls;
+}
+/**
+ * Recursively traverse actions, extracting URL references.
+ */
+function processActions(actions, urls, envVarMap) {
+    for (const actionName of Object.keys(actions)) {
+        const action = asRecord(actions[actionName]);
+        if (!action)
+            continue;
+        const actionType = action.type || '';
+        // HTTP actions: inputs.uri
+        if (actionType === 'Http') {
+            const inputs = asRecord(action.inputs);
+            if (inputs && typeof inputs.uri === 'string') {
+                const resolved = resolveUrl(inputs.uri, envVarMap);
+                urls.push({
+                    actionName,
+                    source: 'http-action',
+                    ...resolved,
+                });
+            }
+        }
+        // OpenApiConnection actions: inputs.parameters.uri or .url
+        if (actionType === 'OpenApiConnection' ||
+            actionType === 'ApiConnection') {
+            const inputs = asRecord(action.inputs);
+            const params = asRecord(inputs?.parameters);
+            const rawUrl = typeof params?.uri === 'string'
+                ? params.uri
+                : typeof params?.url === 'string'
+                    ? params.url
+                    : undefined;
+            if (rawUrl) {
+                const resolved = resolveUrl(rawUrl, envVarMap);
+                urls.push({
+                    actionName,
+                    source: 'openapi-connection',
+                    ...resolved,
+                });
+            }
+        }
+        // --- Recurse into nested structures ------------------------------------
+        const nested = asRecord(action.actions);
+        if (nested) {
+            processActions(nested, urls, envVarMap);
+        }
+        const thenBranch = asRecord(action.then);
+        if (thenBranch) {
+            processActions(thenBranch, urls, envVarMap);
+        }
+        const elseBranch = asRecord(action.else);
+        if (elseBranch) {
+            processActions(elseBranch, urls, envVarMap);
+        }
+        const cases = asRecord(action.cases);
+        if (cases) {
+            for (const caseName of Object.keys(cases)) {
+                const caseData = asRecord(cases[caseName]);
+                const caseActions = asRecord(caseData?.actions);
+                if (caseActions) {
+                    processActions(caseActions, urls, envVarMap);
+                }
+            }
+        }
+        const defaultBranch = asRecord(action.default);
+        if (defaultBranch) {
+            const defaultActions = asRecord(defaultBranch.actions);
+            if (defaultActions) {
+                processActions(defaultActions, urls, envVarMap);
+            }
+        }
+    }
+}
+// ---------------------------------------------------------------------------
+// Hardcoded secret detection
+// ---------------------------------------------------------------------------
+/**
+ * Scan a flow definition for hardcoded secrets in action inputs.
+ *
+ * Flags literal string values (not expressions starting with `@`) whose
+ * key names match common secret patterns such as `client_secret`,
+ * `password`, `api_key`, `authorization`, etc.
+ */
+export function detectHardcodedSecrets(flowDefinition) {
+    const warnings = [];
+    try {
+        const properties = asRecord(flowDefinition.properties);
+        const definition = asRecord(properties?.definition);
+        const actions = asRecord(definition?.actions);
+        if (actions) {
+            scanActionsForSecrets(actions, warnings);
+        }
+    }
+    catch {
+        // Return partial results on parse errors
+    }
+    return warnings;
+}
+/**
+ * Recursively scan actions for hardcoded secrets.
+ */
+function scanActionsForSecrets(actions, warnings) {
+    for (const actionName of Object.keys(actions)) {
+        const action = asRecord(actions[actionName]);
+        if (!action)
+            continue;
+        // Scan inputs for secret-like keys with literal values
+        const inputs = asRecord(action.inputs);
+        if (inputs) {
+            scanObjectForSecrets(inputs, actionName, 'inputs', warnings);
+        }
+        // --- Recurse into nested structures ------------------------------------
+        const nested = asRecord(action.actions);
+        if (nested)
+            scanActionsForSecrets(nested, warnings);
+        const thenBranch = asRecord(action.then);
+        if (thenBranch)
+            scanActionsForSecrets(thenBranch, warnings);
+        const elseBranch = asRecord(action.else);
+        if (elseBranch)
+            scanActionsForSecrets(elseBranch, warnings);
+        const cases = asRecord(action.cases);
+        if (cases) {
+            for (const caseName of Object.keys(cases)) {
+                const caseData = asRecord(cases[caseName]);
+                const caseActions = asRecord(caseData?.actions);
+                if (caseActions)
+                    scanActionsForSecrets(caseActions, warnings);
+            }
+        }
+        const defaultBranch = asRecord(action.default);
+        if (defaultBranch) {
+            const defaultActions = asRecord(defaultBranch.actions);
+            if (defaultActions)
+                scanActionsForSecrets(defaultActions, warnings);
+        }
+    }
+}
+/**
+ * Recursively scan an object's keys and values for hardcoded secrets.
+ */
+function scanObjectForSecrets(obj, actionName, currentPath, warnings) {
+    for (const key of Object.keys(obj)) {
+        const fieldPath = `${currentPath}.${key}`;
+        const value = obj[key];
+        if (SECRET_KEY_PATTERN.test(key) && typeof value === 'string' && !value.startsWith('@')) {
+            warnings.push({
+                actionName,
+                fieldPath,
+                warningType: 'hardcoded-secret',
+                message: `Hardcoded value found for '${key}' in action '${actionName}'. ` +
+                    'Consider using a secure input parameter or environment variable instead.',
+            });
+        }
+        // Recurse into nested objects
+        const nested = asRecord(value);
+        if (nested) {
+            scanObjectForSecrets(nested, actionName, fieldPath, warnings);
+        }
+    }
+}
+//# sourceMappingURL=flow-url-extractor.js.map

package/build/utils/flow-url-extractor.js.map

@@ -0,0 +1 @@
+{"version":3,"file":"flow-url-extractor.js","sourceRoot":"","sources":["../../src/utils/flow-url-extractor.ts"],"names":[],"mappings":"AAAA;;;;;;GAMG;AAqBH,8EAA8E;AAC9E,mCAAmC;AACnC,8EAA8E;AAE9E,MAAM,kBAAkB,GACtB,0EAA0E,CAAC;AAE7E,8EAA8E;AAC9E,mBAAmB;AACnB,8EAA8E;AAE9E;;;;;GAKG;AACH,SAAS,iBAAiB,CAAC,UAAkB;IAC3C,MAAM,KAAK,GAAG,UAAU,CAAC,KAAK,CAC5B,sCAAsC,CACvC,CAAC;IACF,OAAO,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAC;AACtC,CAAC;AAED;;;GAGG;AACH,SAAS,UAAU,CACjB,GAAW,EACX,SAA+B;IAE/B,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,cAAc,CAAC,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,eAAe,CAAC,EAAE,CAAC;QACxE,OAAO,EAAE,GAAG,EAAE,CAAC;IACjB,CAAC;IAED,MAAM,UAAU,GAAG,iBAAiB,CAAC,GAAG,CAAC,CAAC;IAC1C,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO,EAAE,GAAG,EAAE,CAAC;IACjB,CAAC;IAED,MAAM,QAAQ,GAAG,SAAS,EAAE,GAAG,CAAC,UAAU,CAAC,CAAC;IAC5C,OAAO;QACL,GAAG,EAAE,QAAQ,IAAI,GAAG;QACpB,mBAAmB,EAAE,UAAU;QAC/B,wBAAwB,EAAE,QAAQ;KACnC,CAAC;AACJ,CAAC;AAED;;GAEG;AACH,SAAS,QAAQ,CAAC,KAAc;IAC9B,IAAI,KAAK,KAAK,IAAI,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,KAAK,CAAC,EAAE,CAAC;QACzE,OAAO,KAAgC,CAAC;IAC1C,CAAC;IACD,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,8EAA8E;AAC9E,iBAAiB;AACjB,8EAA8E;AAE9E;;;;;GAKG;AACH,MAAM,UAAU,6BAA6B,CAC3C,cAAuC,EACvC,SAA+B;IAE/B,MAAM,IAAI,GAAuB,EAAE,CAAC;IAEpC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QACpD,IAAI,CAAC,UAAU;YAAE,OAAO,IAAI,CAAC;QAE7B,2EAA2E;QAC3E,MAAM,QAAQ,GAAG,QAAQ,CAAC,UAAU,CAAC,QAAQ,CAAC,CAAC;QAC/C,IAAI,QAAQ,EAAE,CAAC;YACb,KAAK,MAAM,WAAW,IAAI,MAAM,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAChD,MAAM,OAAO,GAAG,QAAQ,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,CAAC;gBAChD,IAAI,CAAC,OAAO;oBAAE,SAAS;gBAEvB,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC;gBACxC,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;oBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;oBACnD,IAAI,CAAC,IAAI,CAAC;wBACR,UAAU,EAAE,WAAW;wBACvB,MAAM,EAAE,SAAS;wBACjB,GAAG,QAAQ;qBACZ,CAAC,CAAC;gBACL,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,CAAC,UAAU,CAAC,CAAC;QACnD,IAAI,UAAU,EAAE,CAAC;YACf,KAAK,MAAM,SAAS,IAAI,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,EAAE,CAAC;gBAChD,MAAM,KAAK,GAAG,QAAQ,CAAC,UAAU,CAAC,SAAS,CAAC,CAAC,CAAC;gBAC9C,IAAI,CAAC,KAAK;oBAAE,SAAS;gBAErB,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC;gBAC1C,MAAM,QAAQ,GAAG,QAAQ,EAAE,QAAQ,CAAC;gBACpC,IACE,OAAO,QAAQ,KAAK,QAAQ;oBAC5B,QAAQ,CAAC,WAAW,EAAE,CAAC,QAAQ,CAAC,qBAAqB,CAAC,EACtD,CAAC;oBACD,MAAM,YAAY,GAChB,OAAO,KAAK,CAAC,YAAY,KAAK,QAAQ;wBACpC,CAAC,CAAC,KAAK,CAAC,YAAY;wBACpB,CAAC,CAAC,SAAS,CAAC;oBAChB,MAAM,aAAa,GAAG,SAAS,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;oBAChD,MAAM,GAAG,GAAG,aAAa,IAAI,YAAY,CAAC;oBAE1C,IAAI,GAAG,EAAE,CAAC;wBACR,IAAI,CAAC,IAAI,CAAC;4BACR,UAAU,EAAE,SAAS;4BACrB,GAAG;4BACH,mBAAmB,EAAE,SAAS;4BAC9B,wBAAwB,EAAE,aAAa;4BACvC,MAAM,EAAE,WAAW;yBACpB,CAAC,CAAC;oBACL,CAAC;gBACH,CAAC;YACH,CAAC;QACH,CAAC;QAED,2EAA2E;QAC3E,MAAM,OAAO,GAAG,QAAQ,CAAC,UAAU,CAAC,OAAO,CAAC,CAAC;QAC7C,IAAI,OAAO,EAAE,CAAC;YACZ,cAAc,CAAC,OAAO,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,yCAAyC;IAC3C,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,cAAc,CACrB,OAAgC,EAChC,IAAwB,EACxB,SAA+B;IAE/B,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9C,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM;YAAE,SAAS;QAEtB,MAAM,UAAU,GAAI,MAAM,CAAC,IAAe,IAAI,EAAE,CAAC;QAEjD,2BAA2B;QAC3B,IAAI,UAAU,KAAK,MAAM,EAAE,CAAC;YAC1B,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACvC,IAAI,MAAM,IAAI,OAAO,MAAM,CAAC,GAAG,KAAK,QAAQ,EAAE,CAAC;gBAC7C,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,CAAC,GAAG,EAAE,SAAS,CAAC,CAAC;gBACnD,IAAI,CAAC,IAAI,CAAC;oBACR,UAAU;oBACV,MAAM,EAAE,aAAa;oBACrB,GAAG,QAAQ;iBACZ,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,2DAA2D;QAC3D,IACE,UAAU,KAAK,mBAAmB;YAClC,UAAU,KAAK,eAAe,EAC9B,CAAC;YACD,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;YACvC,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;YAC5C,MAAM,MAAM,GACV,OAAO,MAAM,EAAE,GAAG,KAAK,QAAQ;gBAC7B,CAAC,CAAC,MAAM,CAAC,GAAG;gBACZ,CAAC,CAAC,OAAO,MAAM,EAAE,GAAG,KAAK,QAAQ;oBAC/B,CAAC,CAAC,MAAM,CAAC,GAAG;oBACZ,CAAC,CAAC,SAAS,CAAC;YAElB,IAAI,MAAM,EAAE,CAAC;gBACX,MAAM,QAAQ,GAAG,UAAU,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;gBAC/C,IAAI,CAAC,IAAI,CAAC;oBACR,UAAU;oBACV,MAAM,EAAE,oBAAoB;oBAC5B,GAAG,QAAQ;iBACZ,CAAC,CAAC;YACL,CAAC;QACH,CAAC;QAED,0EAA0E;QAC1E,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,MAAM,EAAE,CAAC;YACX,cAAc,CAAC,MAAM,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAC1C,CAAC;QAED,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,UAAU,EAAE,CAAC;YACf,cAAc,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,UAAU,EAAE,CAAC;YACf,cAAc,CAAC,UAAU,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;QAC9C,CAAC;QAED,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1C,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAC3C,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAChD,IAAI,WAAW,EAAE,CAAC;oBAChB,cAAc,CAAC,WAAW,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;gBAC/C,CAAC;YACH,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC/C,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,cAAc,GAAG,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,cAAc,EAAE,CAAC;gBACnB,cAAc,CAAC,cAAc,EAAE,IAAI,EAAE,SAAS,CAAC,CAAC;YAClD,CAAC;QACH,CAAC;IACH,CAAC;AACH,CAAC;AAED,8EAA8E;AAC9E,6BAA6B;AAC7B,8EAA8E;AAE9E;;;;;;GAMG;AACH,MAAM,UAAU,sBAAsB,CACpC,cAAuC;IAEvC,MAAM,QAAQ,GAAoB,EAAE,CAAC;IAErC,IAAI,CAAC;QACH,MAAM,UAAU,GAAG,QAAQ,CAAC,cAAc,CAAC,UAAU,CAAC,CAAC;QACvD,MAAM,UAAU,GAAG,QAAQ,CAAC,UAAU,EAAE,UAAU,CAAC,CAAC;QACpD,MAAM,OAAO,GAAG,QAAQ,CAAC,UAAU,EAAE,OAAO,CAAC,CAAC;QAE9C,IAAI,OAAO,EAAE,CAAC;YACZ,qBAAqB,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;QAC3C,CAAC;IACH,CAAC;IAAC,MAAM,CAAC;QACP,yCAAyC;IAC3C,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED;;GAEG;AACH,SAAS,qBAAqB,CAC5B,OAAgC,EAChC,QAAyB;IAEzB,KAAK,MAAM,UAAU,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,EAAE,CAAC;QAC9C,MAAM,MAAM,GAAG,QAAQ,CAAC,OAAO,CAAC,UAAU,CAAC,CAAC,CAAC;QAC7C,IAAI,CAAC,MAAM;YAAE,SAAS;QAEtB,uDAAuD;QACvD,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,MAAM,CAAC,CAAC;QACvC,IAAI,MAAM,EAAE,CAAC;YACX,oBAAoB,CAAC,MAAM,EAAE,UAAU,EAAE,QAAQ,EAAE,QAAQ,CAAC,CAAC;QAC/D,CAAC;QAED,0EAA0E;QAC1E,MAAM,MAAM,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QACxC,IAAI,MAAM;YAAE,qBAAqB,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;QAEpD,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,UAAU;YAAE,qBAAqB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAE5D,MAAM,UAAU,GAAG,QAAQ,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC;QACzC,IAAI,UAAU;YAAE,qBAAqB,CAAC,UAAU,EAAE,QAAQ,CAAC,CAAC;QAE5D,MAAM,KAAK,GAAG,QAAQ,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;QACrC,IAAI,KAAK,EAAE,CAAC;YACV,KAAK,MAAM,QAAQ,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,EAAE,CAAC;gBAC1C,MAAM,QAAQ,GAAG,QAAQ,CAAC,KAAK,CAAC,QAAQ,CAAC,CAAC,CAAC;gBAC3C,MAAM,WAAW,GAAG,QAAQ,CAAC,QAAQ,EAAE,OAAO,CAAC,CAAC;gBAChD,IAAI,WAAW;oBAAE,qBAAqB,CAAC,WAAW,EAAE,QAAQ,CAAC,CAAC;YAChE,CAAC;QACH,CAAC;QAED,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;QAC/C,IAAI,aAAa,EAAE,CAAC;YAClB,MAAM,cAAc,GAAG,QAAQ,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;YACvD,IAAI,cAAc;gBAAE,qBAAqB,CAAC,cAAc,EAAE,QAAQ,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;AACH,CAAC;AAED;;GAEG;AACH,SAAS,oBAAoB,CAC3B,GAA4B,EAC5B,UAAkB,EAClB,WAAmB,EACnB,QAAyB;IAEzB,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC;QACnC,MAAM,SAAS,GAAG,GAAG,WAAW,IAAI,GAAG,EAAE,CAAC;QAC1C,MAAM,KAAK,GAAG,GAAG,CAAC,GAAG,CAAC,CAAC;QAEvB,IAAI,kBAAkB,CAAC,IAAI,CAAC,GAAG,CAAC,IAAI,OAAO,KAAK,KAAK,QAAQ,IAAI,CAAC,KAAK,CAAC,UAAU,CAAC,GAAG,CAAC,EAAE,CAAC;YACxF,QAAQ,CAAC,IAAI,CAAC;gBACZ,UAAU;gBACV,SAAS;gBACT,WAAW,EAAE,kBAAkB;gBAC/B,OAAO,EAAE,8BAA8B,GAAG,gBAAgB,UAAU,KAAK;oBACvE,0EAA0E;aAC7E,CAAC,CAAC;QACL,CAAC;QAED,8BAA8B;QAC9B,MAAM,MAAM,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC;QAC/B,IAAI,MAAM,EAAE,CAAC;YACX,oBAAoB,CAAC,MAAM,EAAE,UAAU,EAAE,SAAS,EAAE,QAAQ,CAAC,CAAC;QAChE,CAAC;IACH,CAAC;AACH,CAAC"}

package/build/utils/index.d.ts

@@ -9,4 +9,6 @@ export { batchExecute, RateLimiter, rateLimiter, type RateLimiterOptions, type R
 export { ATTRIBUTE_DETAILS, ENTITY_OVERVIEW, QUERY_TEMPLATE, RELATIONSHIP_MAP, } from './prompt-templates.js';
 export { getPublisherPrefix, initializePublisherPrefix, isPublisherPrefixConfigured, normalizePrefix, resetPublisherPrefix, } from './publisherConfig.js';
 export { calculateFlowComplexity, calculateComplexityScore, extractComplexityFactors, extractComplexityFlags, getRiskLevel, type FlowComplexityBreakdown, type FlowComplexityFlags, type FlowComplexityResult, type RiskLevel, } from './complexity-calculator.js';
+export { extractUrlsFromFlowDefinition, detectHardcodedSecrets, type FlowUrlReference, type SecretWarning, } from './flow-url-extractor.js';
+export { generateAuditMarkdownReport, type AuditReportData, } from './audit-report-formatter.js';
 //# sourceMappingURL=index.d.ts.map

package/build/utils/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,WAAW,EACX,WAAW,EACX,KAAK,aAAa,EAClB,KAAK,eAAe,GACrB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,cAAc,EACnB,KAAK,gBAAgB,GACtB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,EACpB,kBAAkB,EAClB,0BAA0B,GAC3B,MAAM,gCAAgC,CAAC;AAGxC,OAAO,EACL,WAAW,EACX,WAAW,EACX,KAAK,cAAc,EACnB,KAAK,gBAAgB,GACtB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,YAAY,EACZ,WAAW,EACX,WAAW,EACX,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,aAAa,GACd,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,gBAAgB,GACjB,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,2BAA2B,EAC3B,eAAe,EACf,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACxB,sBAAsB,EACtB,YAAY,EACZ,KAAK,uBAAuB,EAC5B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,SAAS,GACf,MAAM,4BAA4B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAGH,OAAO,EACL,WAAW,EACX,WAAW,EACX,KAAK,aAAa,EAClB,KAAK,eAAe,GACrB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,sBAAsB,EACtB,KAAK,cAAc,EACnB,KAAK,gBAAgB,GACtB,MAAM,oBAAoB,CAAC;AAG5B,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,EACpB,kBAAkB,EAClB,0BAA0B,GAC3B,MAAM,gCAAgC,CAAC;AAGxC,OAAO,EACL,WAAW,EACX,WAAW,EACX,KAAK,cAAc,EACnB,KAAK,gBAAgB,GACtB,MAAM,kBAAkB,CAAC;AAG1B,OAAO,EACL,YAAY,EACZ,WAAW,EACX,WAAW,EACX,KAAK,kBAAkB,EACvB,KAAK,gBAAgB,EACrB,aAAa,GACd,MAAM,mBAAmB,CAAC;AAG3B,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,gBAAgB,GACjB,MAAM,uBAAuB,CAAC;AAG/B,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,2BAA2B,EAC3B,eAAe,EACf,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAG9B,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACxB,sBAAsB,EACtB,YAAY,EACZ,KAAK,uBAAuB,EAC5B,KAAK,mBAAmB,EACxB,KAAK,oBAAoB,EACzB,KAAK,SAAS,GACf,MAAM,4BAA4B,CAAC;AAGpC,OAAO,EACL,6BAA6B,EAC7B,sBAAsB,EACtB,KAAK,gBAAgB,EACrB,KAAK,aAAa,GACnB,MAAM,yBAAyB,CAAC;AAGjC,OAAO,EACL,2BAA2B,EAC3B,KAAK,eAAe,GACrB,MAAM,6BAA6B,CAAC"}

package/build/utils/index.js

@@ -17,4 +17,8 @@ export { ATTRIBUTE_DETAILS, ENTITY_OVERVIEW, QUERY_TEMPLATE, RELATIONSHIP_MAP, }
 export { getPublisherPrefix, initializePublisherPrefix, isPublisherPrefixConfigured, normalizePrefix, resetPublisherPrefix, } from './publisherConfig.js';
 // Flow complexity calculator
 export { calculateFlowComplexity, calculateComplexityScore, extractComplexityFactors, extractComplexityFlags, getRiskLevel, } from './complexity-calculator.js';
+// Flow URL extraction and secret detection
+export { extractUrlsFromFlowDefinition, detectHardcodedSecrets, } from './flow-url-extractor.js';
+// Audit report formatter
+export { generateAuditMarkdownReport, } from './audit-report-formatter.js';
 //# sourceMappingURL=index.js.map

package/build/utils/index.js.map

@@ -1 +1 @@
-{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,gBAAgB;AAChB,OAAO,EACL,WAAW,EACX,WAAW,GAGZ,MAAM,kBAAkB,CAAC;AAE1B,4BAA4B;AAC5B,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,sBAAsB,GAGvB,MAAM,oBAAoB,CAAC;AAE5B,4BAA4B;AAC5B,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,EACpB,kBAAkB,EAClB,0BAA0B,GAC3B,MAAM,gCAAgC,CAAC;AAExC,kBAAkB;AAClB,OAAO,EACL,WAAW,EACX,WAAW,GAGZ,MAAM,kBAAkB,CAAC;AAE1B,gBAAgB;AAChB,OAAO,EACL,YAAY,EACZ,WAAW,EACX,WAAW,EAGX,aAAa,GACd,MAAM,mBAAmB,CAAC;AAE3B,mBAAmB;AACnB,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,gBAAgB,GACjB,MAAM,uBAAuB,CAAC;AAE/B,0BAA0B;AAC1B,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,2BAA2B,EAC3B,eAAe,EACf,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAE9B,6BAA6B;AAC7B,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACxB,sBAAsB,EACtB,YAAY,GAKb,MAAM,4BAA4B,CAAC"}
+{"version":3,"file":"index.js","sourceRoot":"","sources":["../../src/utils/index.ts"],"names":[],"mappings":"AAAA;;GAEG;AAEH,gBAAgB;AAChB,OAAO,EACL,WAAW,EACX,WAAW,GAGZ,MAAM,kBAAkB,CAAC;AAE1B,4BAA4B;AAC5B,OAAO,EACL,cAAc,EACd,sBAAsB,EACtB,sBAAsB,GAGvB,MAAM,oBAAoB,CAAC;AAE5B,4BAA4B;AAC5B,OAAO,EACL,yBAAyB,EACzB,uBAAuB,EACvB,oBAAoB,EACpB,kBAAkB,EAClB,0BAA0B,GAC3B,MAAM,gCAAgC,CAAC;AAExC,kBAAkB;AAClB,OAAO,EACL,WAAW,EACX,WAAW,GAGZ,MAAM,kBAAkB,CAAC;AAE1B,gBAAgB;AAChB,OAAO,EACL,YAAY,EACZ,WAAW,EACX,WAAW,EAGX,aAAa,GACd,MAAM,mBAAmB,CAAC;AAE3B,mBAAmB;AACnB,OAAO,EACL,iBAAiB,EACjB,eAAe,EACf,cAAc,EACd,gBAAgB,GACjB,MAAM,uBAAuB,CAAC;AAE/B,0BAA0B;AAC1B,OAAO,EACL,kBAAkB,EAClB,yBAAyB,EACzB,2BAA2B,EAC3B,eAAe,EACf,oBAAoB,GACrB,MAAM,sBAAsB,CAAC;AAE9B,6BAA6B;AAC7B,OAAO,EACL,uBAAuB,EACvB,wBAAwB,EACxB,wBAAwB,EACxB,sBAAsB,EACtB,YAAY,GAKb,MAAM,4BAA4B,CAAC;AAEpC,2CAA2C;AAC3C,OAAO,EACL,6BAA6B,EAC7B,sBAAsB,GAGvB,MAAM,yBAAyB,CAAC;AAEjC,yBAAyB;AACzB,OAAO,EACL,2BAA2B,GAE5B,MAAM,6BAA6B,CAAC"}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@mcp-consultant-tools/powerplatform-core",
-  "version": "26.0.0",
+  "version": "27.0.0-beta.1",
   "description": "Shared core infrastructure for PowerPlatform MCP packages - authentication, HTTP client, and modular services",
   "type": "module",
   "main": "./build/index.js",
@@ -55,7 +55,7 @@
   "dependencies": {
     "@azure/identity": "^4.13.0",
     "@azure/msal-node": "^3.3.0",
-    "@mcp-consultant-tools/core": "^22.0.0",
+    "@mcp-consultant-tools/core": "27.0.0-beta.1",
     "axios": "^1.8.3",
     "open": "^10.1.0"
   },