npm - @navinjoseph/web-perf-core - Versions diffs - 1.0.0-beta.3 - Mend

@navinjoseph/web-perf-core 1.0.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (77) hide show

package/dist/audits/accessibility.d.ts +10 -0
package/dist/audits/accessibility.d.ts.map +1 -0
package/dist/audits/accessibility.js +258 -0
package/dist/audits/accessibility.js.map +1 -0
package/dist/audits/best-practices.d.ts +10 -0
package/dist/audits/best-practices.d.ts.map +1 -0
package/dist/audits/best-practices.js +696 -0
package/dist/audits/best-practices.js.map +1 -0
package/dist/audits/constants.d.ts +8 -0
package/dist/audits/constants.d.ts.map +1 -0
package/dist/audits/constants.js +278 -0
package/dist/audits/constants.js.map +1 -0
package/dist/audits/performance.d.ts +11 -0
package/dist/audits/performance.d.ts.map +1 -0
package/dist/audits/performance.js +497 -0
package/dist/audits/performance.js.map +1 -0
package/dist/audits/pwa.d.ts +10 -0
package/dist/audits/pwa.d.ts.map +1 -0
package/dist/audits/pwa.js +396 -0
package/dist/audits/pwa.js.map +1 -0
package/dist/audits/security.d.ts +10 -0
package/dist/audits/security.d.ts.map +1 -0
package/dist/audits/security.js +249 -0
package/dist/audits/security.js.map +1 -0
package/dist/audits/seo.d.ts +10 -0
package/dist/audits/seo.d.ts.map +1 -0
package/dist/audits/seo.js +471 -0
package/dist/audits/seo.js.map +1 -0
package/dist/browser.d.ts +21 -0
package/dist/browser.d.ts.map +1 -0
package/dist/browser.js +178 -0
package/dist/browser.js.map +1 -0
package/dist/dom-collector.d.ts +45 -0
package/dist/dom-collector.d.ts.map +1 -0
package/dist/dom-collector.js +173 -0
package/dist/dom-collector.js.map +1 -0
package/dist/formatter.d.ts +60 -0
package/dist/formatter.d.ts.map +1 -0
package/dist/formatter.js +164 -0
package/dist/formatter.js.map +1 -0
package/dist/id-generator.d.ts +22 -0
package/dist/id-generator.d.ts.map +1 -0
package/dist/id-generator.js +29 -0
package/dist/id-generator.js.map +1 -0
package/dist/index.d.ts +17 -0
package/dist/index.d.ts.map +1 -0
package/dist/index.js +23 -0
package/dist/index.js.map +1 -0
package/dist/orchestrator.d.ts +41 -0
package/dist/orchestrator.d.ts.map +1 -0
package/dist/orchestrator.js +194 -0
package/dist/orchestrator.js.map +1 -0
package/dist/reporters/html.d.ts +6 -0
package/dist/reporters/html.d.ts.map +1 -0
package/dist/reporters/html.js +688 -0
package/dist/reporters/html.js.map +1 -0
package/dist/reporters/index.d.ts +4 -0
package/dist/reporters/index.d.ts.map +1 -0
package/dist/reporters/index.js +17 -0
package/dist/reporters/index.js.map +1 -0
package/dist/reporters/json.d.ts +6 -0
package/dist/reporters/json.d.ts.map +1 -0
package/dist/reporters/json.js +7 -0
package/dist/reporters/json.js.map +1 -0
package/dist/reporters/terminal.d.ts +6 -0
package/dist/reporters/terminal.d.ts.map +1 -0
package/dist/reporters/terminal.js +180 -0
package/dist/reporters/terminal.js.map +1 -0
package/dist/reporters/types.d.ts +2 -0
package/dist/reporters/types.d.ts.map +1 -0
package/dist/reporters/types.js +2 -0
package/dist/reporters/types.js.map +1 -0
package/dist/types.d.ts +80 -0
package/dist/types.d.ts.map +1 -0
package/dist/types.js +36 -0
package/dist/types.js.map +1 -0
package/package.json +54 -0

package/dist/audits/pwa.js ADDED Viewed

@@ -0,0 +1,396 @@
+/**
+ * Check web app manifest
+ */
+async function checkManifest(page) {
+    const issues = [];
+    const document = page.document;
+    const manifestLink = document.querySelector('link[rel="manifest"]');
+    if (!manifestLink) {
+        issues.push({
+            id: `pwa-no-manifest-${Date.now()}`,
+            ruleId: "manifest-missing",
+            severity: "serious",
+            category: "document",
+            message: "Web app manifest not found",
+            description: "A web app manifest is required for Progressive Web Apps. It defines how your app appears to users and enables installation.",
+            helpUrl: "https://web.dev/add-manifest/",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Requirement",
+                description: "Web app manifest must be present",
+            },
+            element: {
+                selector: "head",
+                html: '<link rel="manifest" href="/manifest.json">',
+                failureSummary: "No manifest link found",
+            },
+            fix: {
+                description: "Add a manifest link in the head section",
+                code: '<head>\n  <link rel="manifest" href="/manifest.json">\n</head>',
+                learnMoreUrl: "https://web.dev/add-manifest/",
+            },
+        });
+        return issues; // Can't check manifest properties without a manifest
+    }
+    passed.push({
+        id: "pwa-manifest-link",
+        name: "Manifest Link Present",
+        category: "document",
+        description: "Manifest link tag is present",
+    });
+    // In a real implementation, we would fetch and parse the manifest file
+    // For jsdom, we'll check if the link exists and provide guidance
+    issues.push({
+        id: `pwa-manifest-check-${Date.now()}`,
+        ruleId: "manifest-validation",
+        severity: "minor",
+        category: "document",
+        message: "Manifest should be validated",
+        description: "Ensure your manifest.json includes required properties: name, icons (192x192 and 512x512), start_url, display, and theme_color.",
+        helpUrl: "https://web.dev/add-manifest/",
+        wcag: {
+            id: "N/A",
+            level: "AAA",
+            name: "PWA Best Practice",
+            description: "Manifest should have all required properties",
+        },
+        element: {
+            selector: 'link[rel="manifest"]',
+            html: manifestLink.outerHTML,
+            failureSummary: "Manifest properties should be validated",
+        },
+        fix: {
+            description: "Ensure manifest.json has all required properties",
+            code: `{
+  "name": "My Progressive Web App",
+  "short_name": "MyPWA",
+  "start_url": "/",
+  "display": "standalone",
+  "theme_color": "#ffffff",
+  "background_color": "#ffffff",
+  "icons": [
+    {
+      "src": "/icons/icon-192x192.png",
+      "sizes": "192x192",
+      "type": "image/png"
+    },
+    {
+      "src": "/icons/icon-512x512.png",
+      "sizes": "512x512",
+      "type": "image/png"
+    }
+  ]
+}`,
+            learnMoreUrl: "https://web.dev/add-manifest/",
+        },
+    });
+    return issues;
+}
+/**
+ * Check service worker registration
+ */
+function checkServiceWorker(page) {
+    const document = page.document;
+    // Check for service worker registration in inline scripts
+    const scripts = document.querySelectorAll("script:not([src])");
+    let hasServiceWorker = false;
+    scripts.forEach((script) => {
+        const content = script.textContent || "";
+        if (content.includes("navigator.serviceWorker.register")) {
+            hasServiceWorker = true;
+        }
+    });
+    if (!hasServiceWorker) {
+        return {
+            id: `pwa-no-service-worker-${Date.now()}`,
+            ruleId: "service-worker-missing",
+            severity: "serious",
+            category: "technical",
+            message: "Service worker not registered",
+            description: "Service workers enable offline functionality and are a core requirement for Progressive Web Apps. They allow your app to work without a network connection.",
+            helpUrl: "https://web.dev/service-workers-cache-storage/",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Requirement",
+                description: "Service worker should be registered",
+            },
+            element: {
+                selector: "script",
+                html: "<script>",
+                failureSummary: "No service worker registration found",
+            },
+            fix: {
+                description: "Register a service worker",
+                code: `// In your main JavaScript file
+if ('serviceWorker' in navigator) {
+  window.addEventListener('load', () => {
+    navigator.serviceWorker.register('/service-worker.js')
+      .then(registration => {
+        console.log('SW registered:', registration);
+      })
+      .catch(error => {
+        console.log('SW registration failed:', error);
+      });
+  });
+}`,
+                learnMoreUrl: "https://web.dev/service-workers-cache-storage/",
+            },
+        };
+    }
+    return null;
+}
+/**
+ * Check HTTPS
+ */
+function checkHTTPS(page) {
+    const url = page.url;
+    if (!url.startsWith("https://")) {
+        return {
+            id: `pwa-not-https-${Date.now()}`,
+            ruleId: "pwa-requires-https",
+            severity: "critical",
+            category: "technical",
+            message: "PWA requires HTTPS",
+            description: "Progressive Web Apps require HTTPS to ensure security. Service workers and many modern web APIs only work over secure connections.",
+            helpUrl: "https://web.dev/why-https-matters/",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Requirement",
+                description: "Must be served over HTTPS",
+            },
+            element: {
+                selector: "html",
+                html: url,
+                failureSummary: "Page is not served over HTTPS",
+            },
+            fix: {
+                description: "Serve your site over HTTPS",
+                code: "// Use a hosting provider that supports HTTPS\n// Or use Let's Encrypt for free SSL certificates\n// https://letsencrypt.org/",
+                learnMoreUrl: "https://web.dev/why-https-matters/",
+            },
+        };
+    }
+    return null;
+}
+/**
+ * Check viewport meta tag
+ */
+function checkViewport(page) {
+    const document = page.document;
+    const viewport = document.querySelector('meta[name="viewport"]');
+    if (!viewport) {
+        return {
+            id: `pwa-no-viewport-${Date.now()}`,
+            ruleId: "viewport-missing",
+            severity: "serious",
+            category: "document",
+            message: "Viewport meta tag missing",
+            description: "The viewport meta tag is essential for responsive design and PWAs. It ensures your app displays correctly on mobile devices.",
+            helpUrl: "https://web.dev/viewport/",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Requirement",
+                description: "Viewport meta tag must be present",
+            },
+            element: {
+                selector: "head",
+                html: '<meta name="viewport" content="width=device-width, initial-scale=1">',
+                failureSummary: "No viewport meta tag found",
+            },
+            fix: {
+                description: "Add viewport meta tag to the head",
+                code: '<head>\n  <meta name="viewport" content="width=device-width, initial-scale=1">\n</head>',
+                learnMoreUrl: "https://web.dev/viewport/",
+            },
+        };
+    }
+    const content = viewport.getAttribute("content") || "";
+    if (!content.includes("width=device-width")) {
+        return {
+            id: `pwa-viewport-invalid-${Date.now()}`,
+            ruleId: "viewport-invalid",
+            severity: "moderate",
+            category: "document",
+            message: "Viewport meta tag missing width=device-width",
+            description: "The viewport should include width=device-width to ensure proper responsive behavior on mobile devices.",
+            helpUrl: "https://web.dev/viewport/",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Best Practice",
+                description: "Viewport should be properly configured",
+            },
+            element: {
+                selector: 'meta[name="viewport"]',
+                html: viewport.outerHTML,
+                failureSummary: "Viewport missing width=device-width",
+            },
+            fix: {
+                description: "Update viewport content attribute",
+                code: '<meta name="viewport" content="width=device-width, initial-scale=1">',
+                learnMoreUrl: "https://web.dev/viewport/",
+            },
+        };
+    }
+    return null;
+}
+/**
+ * Check Apple touch icon
+ */
+function checkAppleTouchIcon(page) {
+    const document = page.document;
+    const appleTouchIcon = document.querySelector('link[rel="apple-touch-icon"]');
+    if (!appleTouchIcon) {
+        return {
+            id: `pwa-no-apple-icon-${Date.now()}`,
+            ruleId: "apple-touch-icon-missing",
+            severity: "minor",
+            category: "document",
+            message: "Apple touch icon not specified",
+            description: "Apple touch icons ensure your PWA looks good when added to iOS home screens. Recommended size is 180x180px.",
+            helpUrl: "https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Best Practice",
+                description: "Provide Apple touch icon",
+            },
+            element: {
+                selector: "head",
+                html: '<link rel="apple-touch-icon" href="/icons/apple-touch-icon-180x180.png">',
+                failureSummary: "No apple-touch-icon link found",
+            },
+            fix: {
+                description: "Add apple-touch-icon link",
+                code: '<head>\n  <link rel="apple-touch-icon" sizes="180x180" href="/icons/apple-touch-icon-180x180.png">\n</head>',
+                learnMoreUrl: "https://developer.apple.com/library/archive/documentation/AppleApplications/Reference/SafariWebContent/ConfiguringWebApplications/ConfiguringWebApplications.html",
+            },
+        };
+    }
+    return null;
+}
+/**
+ * Check theme color
+ */
+function checkThemeColor(page) {
+    const document = page.document;
+    const themeColor = document.querySelector('meta[name="theme-color"]');
+    if (!themeColor) {
+        return {
+            id: `pwa-no-theme-color-${Date.now()}`,
+            ruleId: "theme-color-missing",
+            severity: "minor",
+            category: "document",
+            message: "Theme color not specified",
+            description: "The theme-color meta tag customizes the browser UI color on mobile devices, providing a more native app-like experience.",
+            helpUrl: "https://web.dev/themed-omnibox/",
+            wcag: {
+                id: "N/A",
+                level: "AAA",
+                name: "PWA Best Practice",
+                description: "Provide theme color",
+            },
+            element: {
+                selector: "head",
+                html: '<meta name="theme-color" content="#ffffff">',
+                failureSummary: "No theme-color meta tag found",
+            },
+            fix: {
+                description: "Add theme-color meta tag",
+                code: '<head>\n  <meta name="theme-color" content="#1a73e8">\n</head>',
+                learnMoreUrl: "https://web.dev/themed-omnibox/",
+            },
+        };
+    }
+    return null;
+}
+const passed = [];
+/**
+ * Run PWA (Progressive Web App) audit
+ */
+export async function auditPWA(page) {
+    const issues = [];
+    const passed = [];
+    // Web app manifest
+    const manifestIssues = await checkManifest(page);
+    manifestIssues.forEach((issue) => issues.push(issue));
+    if (manifestIssues.length === 0) {
+        passed.push({
+            id: "pwa-manifest",
+            name: "Web App Manifest",
+            category: "document",
+            description: "Valid web app manifest is present",
+        });
+    }
+    // Service worker
+    const swIssue = checkServiceWorker(page);
+    if (swIssue) {
+        issues.push(swIssue);
+    }
+    else {
+        passed.push({
+            id: "pwa-service-worker",
+            name: "Service Worker",
+            category: "technical",
+            description: "Service worker is registered",
+        });
+    }
+    // HTTPS
+    const httpsIssue = checkHTTPS(page);
+    if (httpsIssue) {
+        issues.push(httpsIssue);
+    }
+    else {
+        passed.push({
+            id: "pwa-https",
+            name: "HTTPS",
+            category: "technical",
+            description: "Page is served over HTTPS",
+        });
+    }
+    // Viewport
+    const viewportIssue = checkViewport(page);
+    if (viewportIssue) {
+        issues.push(viewportIssue);
+    }
+    else {
+        passed.push({
+            id: "pwa-viewport",
+            name: "Viewport Meta Tag",
+            category: "document",
+            description: "Viewport meta tag is properly configured",
+        });
+    }
+    // Apple touch icon
+    const appleTouchIconIssue = checkAppleTouchIcon(page);
+    if (appleTouchIconIssue) {
+        issues.push(appleTouchIconIssue);
+    }
+    else {
+        passed.push({
+            id: "pwa-apple-icon",
+            name: "Apple Touch Icon",
+            category: "document",
+            description: "Apple touch icon is specified",
+        });
+    }
+    // Theme color
+    const themeColorIssue = checkThemeColor(page);
+    if (themeColorIssue) {
+        issues.push(themeColorIssue);
+    }
+    else {
+        passed.push({
+            id: "pwa-theme-color",
+            name: "Theme Color",
+            category: "document",
+            description: "Theme color is specified",
+        });
+    }
+    return { issues, passed };
+}
+//# sourceMappingURL=pwa.js.map

package/dist/audits/pwa.js.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"pwa.js","sourceRoot":"","sources":["../../src/audits/pwa.ts"],"names":[],"mappings":"AAGA;;GAEG;AACH,KAAK,UAAU,aAAa,CAAC,IAAiB;IAC5C,MAAM,MAAM,GAAY,EAAE,CAAC;IAC3B,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;IAE/B,MAAM,YAAY,GAAG,QAAQ,CAAC,aAAa,CAAC,sBAAsB,CAAC,CAAC;IAEpE,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,mBAAmB,IAAI,CAAC,GAAG,EAAE,EAAE;YACnC,MAAM,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,4BAA4B;YACrC,WAAW,EACT,6HAA6H;YAC/H,OAAO,EAAE,+BAA+B;YACxC,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,kCAAkC;aAChD;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,6CAA6C;gBACnD,cAAc,EAAE,wBAAwB;aACzC;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,yCAAyC;gBACtD,IAAI,EAAE,gEAAgE;gBACtE,YAAY,EAAE,+BAA+B;aAC9C;SACF,CAAC,CAAC;QACH,OAAO,MAAM,CAAC,CAAC,qDAAqD;IACtE,CAAC;IAED,MAAM,CAAC,IAAI,CAAC;QACV,EAAE,EAAE,mBAAmB;QACvB,IAAI,EAAE,uBAAuB;QAC7B,QAAQ,EAAE,UAAU;QACpB,WAAW,EAAE,8BAA8B;KAC5C,CAAC,CAAC;IAEH,uEAAuE;IACvE,iEAAiE;IACjE,MAAM,CAAC,IAAI,CAAC;QACV,EAAE,EAAE,sBAAsB,IAAI,CAAC,GAAG,EAAE,EAAE;QACtC,MAAM,EAAE,qBAAqB;QAC7B,QAAQ,EAAE,OAAO;QACjB,QAAQ,EAAE,UAAU;QACpB,OAAO,EAAE,8BAA8B;QACvC,WAAW,EACT,iIAAiI;QACnI,OAAO,EAAE,+BAA+B;QACxC,IAAI,EAAE;YACJ,EAAE,EAAE,KAAK;YACT,KAAK,EAAE,KAAK;YACZ,IAAI,EAAE,mBAAmB;YACzB,WAAW,EAAE,8CAA8C;SAC5D;QACD,OAAO,EAAE;YACP,QAAQ,EAAE,sBAAsB;YAChC,IAAI,EAAE,YAAY,CAAC,SAAS;YAC5B,cAAc,EAAE,yCAAyC;SAC1D;QACD,GAAG,EAAE;YACH,WAAW,EAAE,kDAAkD;YAC/D,IAAI,EAAE;;;;;;;;;;;;;;;;;;;EAmBV;YACI,YAAY,EAAE,+BAA+B;SAC9C;KACF,CAAC,CAAC;IAEH,OAAO,MAAM,CAAC;AAChB,CAAC;AAED;;GAEG;AACH,SAAS,kBAAkB,CAAC,IAAiB;IAC3C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;IAE/B,0DAA0D;IAC1D,MAAM,OAAO,GAAG,QAAQ,CAAC,gBAAgB,CAAC,mBAAmB,CAAC,CAAC;IAC/D,IAAI,gBAAgB,GAAG,KAAK,CAAC;IAE7B,OAAO,CAAC,OAAO,CAAC,CAAC,MAAM,EAAE,EAAE;QACzB,MAAM,OAAO,GAAG,MAAM,CAAC,WAAW,IAAI,EAAE,CAAC;QACzC,IAAI,OAAO,CAAC,QAAQ,CAAC,kCAAkC,CAAC,EAAE,CAAC;YACzD,gBAAgB,GAAG,IAAI,CAAC;QAC1B,CAAC;IACH,CAAC,CAAC,CAAC;IAEH,IAAI,CAAC,gBAAgB,EAAE,CAAC;QACtB,OAAO;YACL,EAAE,EAAE,yBAAyB,IAAI,CAAC,GAAG,EAAE,EAAE;YACzC,MAAM,EAAE,wBAAwB;YAChC,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,WAAW;YACrB,OAAO,EAAE,+BAA+B;YACxC,WAAW,EACT,6JAA6J;YAC/J,OAAO,EAAE,gDAAgD;YACzD,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,qCAAqC;aACnD;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,QAAQ;gBAClB,IAAI,EAAE,UAAU;gBAChB,cAAc,EAAE,sCAAsC;aACvD;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,2BAA2B;gBACxC,IAAI,EAAE;;;;;;;;;;;EAWZ;gBACM,YAAY,EAAE,gDAAgD;aAC/D;SACF,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,UAAU,CAAC,IAAiB;IACnC,MAAM,GAAG,GAAG,IAAI,CAAC,GAAG,CAAC;IAErB,IAAI,CAAC,GAAG,CAAC,UAAU,CAAC,UAAU,CAAC,EAAE,CAAC;QAChC,OAAO;YACL,EAAE,EAAE,iBAAiB,IAAI,CAAC,GAAG,EAAE,EAAE;YACjC,MAAM,EAAE,oBAAoB;YAC5B,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,WAAW;YACrB,OAAO,EAAE,oBAAoB;YAC7B,WAAW,EACT,oIAAoI;YACtI,OAAO,EAAE,oCAAoC;YAC7C,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,2BAA2B;aACzC;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,GAAG;gBACT,cAAc,EAAE,+BAA+B;aAChD;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,4BAA4B;gBACzC,IAAI,EAAE,+HAA+H;gBACrI,YAAY,EAAE,oCAAoC;aACnD;SACF,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,aAAa,CAAC,IAAiB;IACtC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC/B,MAAM,QAAQ,GAAG,QAAQ,CAAC,aAAa,CAAC,uBAAuB,CAAC,CAAC;IAEjE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO;YACL,EAAE,EAAE,mBAAmB,IAAI,CAAC,GAAG,EAAE,EAAE;YACnC,MAAM,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,SAAS;YACnB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,2BAA2B;YACpC,WAAW,EACT,8HAA8H;YAChI,OAAO,EAAE,2BAA2B;YACpC,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,iBAAiB;gBACvB,WAAW,EAAE,mCAAmC;aACjD;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,sEAAsE;gBAC5E,cAAc,EAAE,4BAA4B;aAC7C;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,mCAAmC;gBAChD,IAAI,EAAE,yFAAyF;gBAC/F,YAAY,EAAE,2BAA2B;aAC1C;SACF,CAAC;IACJ,CAAC;IAED,MAAM,OAAO,GAAG,QAAQ,CAAC,YAAY,CAAC,SAAS,CAAC,IAAI,EAAE,CAAC;IACvD,IAAI,CAAC,OAAO,CAAC,QAAQ,CAAC,oBAAoB,CAAC,EAAE,CAAC;QAC5C,OAAO;YACL,EAAE,EAAE,wBAAwB,IAAI,CAAC,GAAG,EAAE,EAAE;YACxC,MAAM,EAAE,kBAAkB;YAC1B,QAAQ,EAAE,UAAU;YACpB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,8CAA8C;YACvD,WAAW,EACT,wGAAwG;YAC1G,OAAO,EAAE,2BAA2B;YACpC,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE,wCAAwC;aACtD;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,uBAAuB;gBACjC,IAAI,EAAE,QAAQ,CAAC,SAAS;gBACxB,cAAc,EAAE,qCAAqC;aACtD;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,mCAAmC;gBAChD,IAAI,EAAE,sEAAsE;gBAC5E,YAAY,EAAE,2BAA2B;aAC1C;SACF,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,mBAAmB,CAAC,IAAiB;IAC5C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC/B,MAAM,cAAc,GAAG,QAAQ,CAAC,aAAa,CAAC,8BAA8B,CAAC,CAAC;IAE9E,IAAI,CAAC,cAAc,EAAE,CAAC;QACpB,OAAO;YACL,EAAE,EAAE,qBAAqB,IAAI,CAAC,GAAG,EAAE,EAAE;YACrC,MAAM,EAAE,0BAA0B;YAClC,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,gCAAgC;YACzC,WAAW,EACT,6GAA6G;YAC/G,OAAO,EACL,mKAAmK;YACrK,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE,0BAA0B;aACxC;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,0EAA0E;gBAChF,cAAc,EAAE,gCAAgC;aACjD;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,2BAA2B;gBACxC,IAAI,EAAE,6GAA6G;gBACnH,YAAY,EACV,mKAAmK;aACtK;SACF,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;GAEG;AACH,SAAS,eAAe,CAAC,IAAiB;IACxC,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC;IAC/B,MAAM,UAAU,GAAG,QAAQ,CAAC,aAAa,CAAC,0BAA0B,CAAC,CAAC;IAEtE,IAAI,CAAC,UAAU,EAAE,CAAC;QAChB,OAAO;YACL,EAAE,EAAE,sBAAsB,IAAI,CAAC,GAAG,EAAE,EAAE;YACtC,MAAM,EAAE,qBAAqB;YAC7B,QAAQ,EAAE,OAAO;YACjB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,2BAA2B;YACpC,WAAW,EACT,0HAA0H;YAC5H,OAAO,EAAE,iCAAiC;YAC1C,IAAI,EAAE;gBACJ,EAAE,EAAE,KAAK;gBACT,KAAK,EAAE,KAAK;gBACZ,IAAI,EAAE,mBAAmB;gBACzB,WAAW,EAAE,qBAAqB;aACnC;YACD,OAAO,EAAE;gBACP,QAAQ,EAAE,MAAM;gBAChB,IAAI,EAAE,6CAA6C;gBACnD,cAAc,EAAE,+BAA+B;aAChD;YACD,GAAG,EAAE;gBACH,WAAW,EAAE,0BAA0B;gBACvC,IAAI,EAAE,gEAAgE;gBACtE,YAAY,EAAE,iCAAiC;aAChD;SACF,CAAC;IACJ,CAAC;IAED,OAAO,IAAI,CAAC;AACd,CAAC;AAED,MAAM,MAAM,GAAmB,EAAE,CAAC;AAElC;;GAEG;AACH,MAAM,CAAC,KAAK,UAAU,QAAQ,CAAC,IAAiB;IAI9C,MAAM,MAAM,GAAY,EAAE,CAAC;IAC3B,MAAM,MAAM,GAAmB,EAAE,CAAC;IAElC,mBAAmB;IACnB,MAAM,cAAc,GAAG,MAAM,aAAa,CAAC,IAAI,CAAC,CAAC;IACjD,cAAc,CAAC,OAAO,CAAC,CAAC,KAAK,EAAE,EAAE,CAAC,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC;IACtD,IAAI,cAAc,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAChC,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,mCAAmC;SACjD,CAAC,CAAC;IACL,CAAC;IAED,iBAAiB;IACjB,MAAM,OAAO,GAAG,kBAAkB,CAAC,IAAI,CAAC,CAAC;IACzC,IAAI,OAAO,EAAE,CAAC;QACZ,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,CAAC;IACvB,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,oBAAoB;YACxB,IAAI,EAAE,gBAAgB;YACtB,QAAQ,EAAE,WAAW;YACrB,WAAW,EAAE,8BAA8B;SAC5C,CAAC,CAAC;IACL,CAAC;IAED,QAAQ;IACR,MAAM,UAAU,GAAG,UAAU,CAAC,IAAI,CAAC,CAAC;IACpC,IAAI,UAAU,EAAE,CAAC;QACf,MAAM,CAAC,IAAI,CAAC,UAAU,CAAC,CAAC;IAC1B,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,WAAW;YACf,IAAI,EAAE,OAAO;YACb,QAAQ,EAAE,WAAW;YACrB,WAAW,EAAE,2BAA2B;SACzC,CAAC,CAAC;IACL,CAAC;IAED,WAAW;IACX,MAAM,aAAa,GAAG,aAAa,CAAC,IAAI,CAAC,CAAC;IAC1C,IAAI,aAAa,EAAE,CAAC;QAClB,MAAM,CAAC,IAAI,CAAC,aAAa,CAAC,CAAC;IAC7B,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,cAAc;YAClB,IAAI,EAAE,mBAAmB;YACzB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,0CAA0C;SACxD,CAAC,CAAC;IACL,CAAC;IAED,mBAAmB;IACnB,MAAM,mBAAmB,GAAG,mBAAmB,CAAC,IAAI,CAAC,CAAC;IACtD,IAAI,mBAAmB,EAAE,CAAC;QACxB,MAAM,CAAC,IAAI,CAAC,mBAAmB,CAAC,CAAC;IACnC,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,gBAAgB;YACpB,IAAI,EAAE,kBAAkB;YACxB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,+BAA+B;SAC7C,CAAC,CAAC;IACL,CAAC;IAED,cAAc;IACd,MAAM,eAAe,GAAG,eAAe,CAAC,IAAI,CAAC,CAAC;IAC9C,IAAI,eAAe,EAAE,CAAC;QACpB,MAAM,CAAC,IAAI,CAAC,eAAe,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,MAAM,CAAC,IAAI,CAAC;YACV,EAAE,EAAE,iBAAiB;YACrB,IAAI,EAAE,aAAa;YACnB,QAAQ,EAAE,UAAU;YACpB,WAAW,EAAE,0BAA0B;SACxC,CAAC,CAAC;IACL,CAAC;IAED,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,CAAC;AAC5B,CAAC"}

package/dist/audits/security.d.ts ADDED Viewed

@@ -0,0 +1,10 @@
+import { Issue, PendingCheck } from "../types.js";
+import { BrowserPage } from "../browser.js";
+/**
+ * Run security audit
+ */
+export declare function auditSecurity(page: BrowserPage): Promise<{
+    issues: Issue[];
+    passed: PendingCheck[];
+}>;
+//# sourceMappingURL=security.d.ts.map

package/dist/audits/security.d.ts.map ADDED Viewed

	@@ -0,0 +1 @@
1	+ {"version":3,"file":"security.d.ts","sourceRoot":"","sources":["../../src/audits/security.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,KAAK,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAClD,OAAO,EAAE,WAAW,EAAE,MAAM,eAAe,CAAC;AAG5C;;GAEG;AACH,wBAAsB,aAAa,CAAC,IAAI,EAAE,WAAW,GAAG,OAAO,CAAC;IAC9D,MAAM,EAAE,KAAK,EAAE,CAAC;IAChB,MAAM,EAAE,YAAY,EAAE,CAAC;CACxB,CAAC,CAqDD"}

package/dist/audits/security.js ADDED Viewed

@@ -0,0 +1,249 @@
+import fetch from "node-fetch";
+/**
+ * Run security audit
+ */
+export async function auditSecurity(page) {
+    const issues = [];
+    const passed = [];
+    // Check HTTPS
+    const httpsCheck = checkHTTPS(page);
+    if (httpsCheck)
+        issues.push(httpsCheck);
+    else
+        passed.push({
+            id: "sec-https",
+            name: "HTTPS Enabled",
+            category: "technical",
+            description: "Page is served over HTTPS",
+        });
+    // Check mixed content
+    const mixedCheck = checkMixedContent(page);
+    mixedCheck.forEach((issue) => issues.push(issue));
+    if (mixedCheck.length === 0)
+        passed.push({
+            id: "sec-mixed",
+            name: "No Mixed Content",
+            category: "technical",
+            description: "No HTTP resources on HTTPS page",
+        });
+    // Check security headers
+    const headerChecks = await checkSecurityHeaders(page);
+    headerChecks.forEach((issue) => issues.push(issue));
+    // Check for password fields over HTTP
+    const pwCheck = checkPasswordFieldsSecurity(page);
+    if (pwCheck)
+        issues.push(pwCheck);
+    else
+        passed.push({
+            id: "sec-password",
+            name: "Password Fields Secure",
+            category: "technical",
+            description: "Password fields are on HTTPS",
+        });
+    // Check for external links
+    const extLinkCheck = checkExternalLinks(page);
+    if (extLinkCheck)
+        issues.push(extLinkCheck);
+    else
+        passed.push({
+            id: "sec-ext-links",
+            name: "External Links Secure",
+            category: "technical",
+            description: "External links have security attributes",
+        });
+    return { issues, passed };
+}
+function checkHTTPS(page) {
+    if (!page.url.startsWith("https://")) {
+        return {
+            id: `sec-https-${Date.now()}`,
+            ruleId: "sec-https",
+            severity: "critical",
+            category: "technical",
+            message: "Page is not served over HTTPS",
+            description: "HTTPS encrypts data between browser and server",
+            helpUrl: "https://developers.google.com/web/fundamentals/security/encrypt-in-transit",
+            wcag: {
+                id: "4.1.1",
+                level: "A",
+                name: "Parsing",
+                description: "Security is maintained",
+            },
+            element: {
+                selector: "body",
+                html: "<body>...</body>",
+                failureSummary: `URL: ${page.url}`,
+            },
+            fix: {
+                description: "Enable HTTPS on your web server",
+                code: "RewriteEngine On\nRewriteCond %{HTTPS} off\nRewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]",
+                learnMoreUrl: "https://developers.google.com/web/fundamentals/security/encrypt-in-transit",
+            },
+        };
+    }
+    return null;
+}
+function checkMixedContent(page) {
+    const issues = [];
+    const mixedElements = [
+        ...page.document.querySelectorAll('script[src^="http://"]'),
+        ...page.document.querySelectorAll('link[href^="http://"]'),
+        ...page.document.querySelectorAll('img[src^="http://"]'),
+        ...page.document.querySelectorAll('iframe[src^="http://"]'),
+    ];
+    if (page.url.startsWith("https://") && mixedElements.length > 0) {
+        issues.push({
+            id: `sec-mixed-${Date.now()}`,
+            ruleId: "sec-mixed",
+            severity: "serious",
+            category: "technical",
+            message: `Found ${mixedElements.length} HTTP resource(s) on HTTPS page`,
+            description: "Mixed content weakens HTTPS security",
+            helpUrl: "https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content",
+            wcag: {
+                id: "4.1.1",
+                level: "A",
+                name: "Parsing",
+                description: "Security is maintained",
+            },
+            element: {
+                selector: "body",
+                html: "<body>...</body>",
+                failureSummary: `${mixedElements.length} mixed content resources`,
+            },
+            fix: {
+                description: "Update all resource URLs to use HTTPS",
+                code: '<!-- Change from -->\n<script src="http://example.com/script.js"></script>\n<!-- To -->\n<script src="https://example.com/script.js"></script>',
+                learnMoreUrl: "https://developer.mozilla.org/en-US/docs/Web/Security/Mixed_content",
+            },
+        });
+    }
+    return issues;
+}
+async function checkSecurityHeaders(page) {
+    const issues = [];
+    const headers = [
+        { name: "Content-Security-Policy", severity: "serious" },
+        { name: "Strict-Transport-Security", severity: "serious" },
+        { name: "X-Frame-Options", severity: "serious" },
+        { name: "X-Content-Type-Options", severity: "moderate" },
+    ];
+    try {
+        const response = await fetch(page.url, { method: "HEAD" });
+        for (const header of headers) {
+            if (!response.headers.get(header.name)) {
+                issues.push({
+                    id: `sec-header-${header.name.toLowerCase()}-${Date.now()}`,
+                    ruleId: `sec-header-${header.name.toLowerCase()}`,
+                    severity: header.severity,
+                    category: "technical",
+                    message: `Missing ${header.name} header`,
+                    description: `The ${header.name} header helps protect against security vulnerabilities`,
+                    helpUrl: "https://owasp.org/www-project-secure-headers/",
+                    wcag: {
+                        id: "4.1.1",
+                        level: "A",
+                        name: "Parsing",
+                        description: "Security headers are set",
+                    },
+                    element: {
+                        selector: "body",
+                        html: "<body>...</body>",
+                        failureSummary: `${header.name} not found`,
+                    },
+                    fix: {
+                        description: `Add the ${header.name} header to your server configuration`,
+                        code: getHeaderFixCode(header.name),
+                        learnMoreUrl: "https://owasp.org/www-project-secure-headers/",
+                    },
+                });
+            }
+        }
+    }
+    catch (error) {
+        // Silent fail - can't check headers
+    }
+    return issues;
+}
+function getHeaderFixCode(headerName) {
+    switch (headerName) {
+        case "Content-Security-Policy":
+            return `Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self' 'unsafe-inline'`;
+        case "Strict-Transport-Security":
+            return `Strict-Transport-Security: max-age=31536000; includeSubDomains`;
+        case "X-Frame-Options":
+            return `X-Frame-Options: DENY`;
+        case "X-Content-Type-Options":
+            return `X-Content-Type-Options: nosniff`;
+        default:
+            return "";
+    }
+}
+function checkPasswordFieldsSecurity(page) {
+    const passwordFields = page.document.querySelectorAll('input[type="password"]');
+    if (passwordFields.length > 0 && page.url.startsWith("http://")) {
+        return {
+            id: `sec-password-http-${Date.now()}`,
+            ruleId: "sec-password-http",
+            severity: "critical",
+            category: "technical",
+            message: "Password fields on non-HTTPS page",
+            description: "Password fields should never be on HTTP pages",
+            helpUrl: "https://owasp.org/www-project-web-security-testing-guide/",
+            wcag: {
+                id: "4.1.1",
+                level: "A",
+                name: "Parsing",
+                description: "Security is maintained",
+            },
+            element: {
+                selector: 'input[type="password"]',
+                html: passwordFields[0].outerHTML,
+                failureSummary: "Password field over HTTP",
+            },
+            fix: {
+                description: "Enable HTTPS for all pages with password fields",
+                code: "RewriteEngine On\nRewriteCond %{HTTPS} off\nRewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]",
+                learnMoreUrl: "https://owasp.org/www-project-web-security-testing-guide/",
+            },
+        };
+    }
+    return null;
+}
+function checkExternalLinks(page) {
+    const externalLinks = Array.from(page.document.querySelectorAll('a[target="_blank"]')).filter((link) => {
+        if (!(link instanceof page.window.HTMLAnchorElement))
+            return false;
+        const rel = link.getAttribute("rel") || "";
+        return !rel.includes("noopener") || !rel.includes("noreferrer");
+    });
+    if (externalLinks.length > 0) {
+        return {
+            id: `sec-ext-links-${Date.now()}`,
+            ruleId: "sec-ext-links",
+            severity: "moderate",
+            category: "technical",
+            message: `${externalLinks.length} external link(s) missing rel="noopener noreferrer"`,
+            description: 'Links with target="_blank" should prevent reverse tabnabbing',
+            helpUrl: "https://owasp.org/www-community/attacks/Reverse_Tabnabbing",
+            wcag: {
+                id: "4.1.2",
+                level: "A",
+                name: "Name, Role, Value",
+                description: "Links are safe",
+            },
+            element: {
+                selector: 'a[target="_blank"]',
+                html: externalLinks[0]?.outerHTML || "",
+                failureSummary: `${externalLinks.length} unsafe external links`,
+            },
+            fix: {
+                description: 'Add rel="noopener noreferrer" to all target="_blank" links',
+                code: '<a href="https://example.com" target="_blank" rel="noopener noreferrer">Link</a>',
+                learnMoreUrl: "https://owasp.org/www-community/attacks/Reverse_Tabnabbing",
+            },
+        };
+    }
+    return null;
+}
+//# sourceMappingURL=security.js.map