npm - @qatonic_innovations/qaios - Versions diffs - 0.3.0 → 0.3.1 - Mend

@qatonic_innovations/qaios 0.3.0 → 0.3.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (3) hide show

package/README.md CHANGED Viewed

@@ -123,7 +123,7 @@ Run `qaios <command> --help` for the full option list of any command.
 ```bash
 # Generate API tests from an OpenAPI spec
-qaios test --type api --spec ./openapi.yaml "exercise the /orders endpoints"
+qaios test --type api --api-spec ./openapi.yaml "exercise the /orders endpoints"
 # Run a suite; QAIOS classifies failures and self-heals locator drift
 qaios run

package/dist/index.js CHANGED Viewed

@@ -843,6 +843,14 @@ var McpServerConfig = z.object({
 var QaiosConfig = z.object({
   version: z.literal(1),
   mode: Mode.default("LITE"),
+  // The application under test. `baseUrl` is read by run / snapshot / fix /
+  // test (CLI `--base-url` overrides it per run). OPTIONAL, not defaulted — a
+  // `.default({})` would make `qaios init` serialize an empty `app: {}` stub
+  // into every config, and a user later hand-adding an `app:` block would then
+  // hit a duplicate-key YAML error. Callers use `config?.app?.baseUrl`.
+  app: z.object({
+    baseUrl: z.string().url().optional()
+  }).optional(),
   llm: z.object({
     // Which LLM provider backs every skill. Default stays anthropic so
     // existing projects are unchanged. Set `openai` to use OpenAI instead;
@@ -2673,6 +2681,20 @@ function tempForTier(tier) {
       return 0.1;
   }
 }
+var DEFAULT_LLM_TIMEOUT_MS = 12e4;
+function llmTimeoutMs() {
+  const raw = process.env["QAIOS_LLM_TIMEOUT_MS"];
+  if (raw === void 0) return DEFAULT_LLM_TIMEOUT_MS;
+  const n = Number.parseInt(raw, 10);
+  return Number.isFinite(n) && n >= 0 ? n : DEFAULT_LLM_TIMEOUT_MS;
+}
+function buildCallSignal(cancelSignal) {
+  const ms = llmTimeoutMs();
+  if (ms <= 0) return cancelSignal;
+  const timeout = AbortSignal.timeout(ms);
+  if (cancelSignal === void 0) return timeout;
+  return AbortSignal.any([timeout, cancelSignal]);
+}
 function schemaToJsonSchema(schema) {
   const probe = schema;
   if (typeof probe.toJSONSchema === "function") {
@@ -2742,7 +2764,8 @@ var SkillRunner = class {
           maxTokens: 16384,
           temperature: tempForTier(skill.modelTier)
         };
-        if (ctx.cancelSignal !== void 0) callOpts.signal = ctx.cancelSignal;
+        const signal = buildCallSignal(ctx.cancelSignal);
+        if (signal !== void 0) callOpts.signal = signal;
         response = await ctx.llm.call(callOpts);
       } catch (err) {
         ctx.auditLogger.append({
@@ -10514,6 +10537,13 @@ async function runMcp(opts) {
     if (ownsStorage) storage.close();
   }
 }
+function withTimeout(promise, ms, message) {
+  let timer;
+  const timeout = new Promise((_resolve, reject) => {
+    timer = setTimeout(() => reject(new McpError("qaios.mcp.test_timeout", message)), ms);
+  });
+  return Promise.race([promise, timeout]).finally(() => clearTimeout(timer));
+}
 function listServers(repo, opts, writeOut) {
   const servers = repo.list();
   if (opts.json === true) {
@@ -10653,8 +10683,13 @@ async function testServer(repo, opts, writeOut) {
     servers: [{ ...config, enabled: true }]
   });
   const ownsClient = opts.mcpClient === void 0;
+  const MCP_TEST_TIMEOUT_MS = 15e3;
   try {
-    const tools = await client.listTools(opts.name);
+    const tools = await withTimeout(
+      client.listTools(opts.name),
+      MCP_TEST_TIMEOUT_MS,
+      `MCP server "${opts.name}" did not respond within ${MCP_TEST_TIMEOUT_MS / 1e3}s \u2014 is it a valid MCP server?`
+    );
     writeOut(`\u2713 Connected to "${opts.name}". Tools (${tools.length}):`);
     for (const t of tools) {
       writeOut(`  - ${t.name}${t.description !== void 0 ? ` \u2014 ${t.description}` : ""}`);
@@ -12278,7 +12313,11 @@ function buildProgram() {
     }
     process.exit(result.exitCode);
   });
-  program.command("explore <url>").description("Run an exploratory testing session against a URL").option("--duration <seconds>", "time budget in seconds (default 600)", (v) => parseInt(v, 10)).option("--focus <text>", "optional natural-language focus hint").option("--charter-only", "generate charter and stop; no findings, no defects").option("--no-defects", "skip defect.create + filing for findings").option("--defect-target <target>", "where to file defects: stdout | github | jira").option("--defect-repo <repo>", "github repo (owner/repo) when --defect-target=github").option("--defect-project <project>", "jira project key when --defect-target=jira").action(async (url, cmdOpts, command) => {
+  program.command("explore <url>").description("Run an exploratory testing session against a URL").option(
+    "--duration <seconds>",
+    "time budget in seconds (min 60, default 600)",
+    (v) => parseInt(v, 10)
+  ).option("--focus <text>", "optional natural-language focus hint").option("--charter-only", "generate charter and stop; no findings, no defects").option("--no-defects", "skip defect.create + filing for findings").option("--defect-target <target>", "where to file defects: stdout | github | jira").option("--defect-repo <repo>", "github repo (owner/repo) when --defect-target=github").option("--defect-project <project>", "jira project key when --defect-target=jira").action(async (url, cmdOpts, command) => {
     const globalOpts = command.parent?.opts() ?? {};
     const opts = {
       url,

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@qatonic_innovations/qaios",
-  "version": "0.3.0",
+  "version": "0.3.1",
   "type": "module",
   "description": "AI QA engineer in your terminal — designs, writes, runs, heals, and explores tests for web UI and APIs with audit-grade traceability.",
   "license": "MIT",