@qulib/core 0.2.1 → 0.3.0

package/dist/tools/oauth-providers.js

@@ -0,0 +1,21 @@
+export const BUILT_IN_OAUTH_PROVIDERS = [
+    { id: 'github', label: 'GitHub', patterns: [/\bgithub\b/i] },
+    { id: 'google', label: 'Google', patterns: [/\bgoogle\b/i, /accounts\.google\.com/i] },
+    { id: 'microsoft', label: 'Microsoft', patterns: [/microsoft/i, /login\.microsoftonline\.com/i] },
+    { id: 'apple', label: 'Apple', patterns: [/sign in with apple/i, /\bapple id\b/i] },
+    { id: 'facebook', label: 'Facebook', patterns: [/facebook/i] },
+    { id: 'twitter', label: 'Twitter/X', patterns: [/twitter\.com/i, /\bsign in with x\b/i] },
+    { id: 'linkedin', label: 'LinkedIn', patterns: [/linkedin/i] },
+    { id: 'auth0', label: 'Auth0', patterns: [/auth0/i] },
+    { id: 'okta', label: 'Okta', patterns: [/\bokta\b/i] },
+    { id: 'onelogin', label: 'OneLogin', patterns: [/onelogin/i] },
+    { id: 'duo', label: 'Duo Security', patterns: [/duo security/i] },
+    { id: 'ping', label: 'Ping Identity', patterns: [/pingidentity/i, /pingone/i] },
+    { id: 'workday', label: 'Workday', patterns: [/workday/i] },
+    { id: 'saml', label: 'SAML SSO', patterns: [/\bsaml\b/i] },
+    { id: 'clever', label: 'Clever', patterns: [/\bclever\b/i, /clever\.com/i] },
+    { id: 'classlink', label: 'ClassLink', patterns: [/classlink/i] },
+    { id: 'schoology', label: 'Schoology', patterns: [/schoology/i] },
+    { id: 'canvas', label: 'Canvas (Instructure)', patterns: [/\bcanvas lms\b/i, /instructure/i] },
+    { id: 'blackboard', label: 'Blackboard', patterns: [/blackboard/i] },
+];

package/dist/tools/playwright-explorer.d.ts

@@ -1,7 +1,8 @@
 import type { AppExplorer } from './explorer.interface.js';
 import { type RouteInventory } from '../schemas/route-inventory.schema.js';
 import type { HarnessConfig } from '../schemas/config.schema.js';
+import type { RunArtifactsOptions } from '../harness/run-options.js';
 export declare class PlaywrightExplorer implements AppExplorer {
-    explore(baseUrl: string, config: HarnessConfig): Promise<RouteInventory>;
+    explore(baseUrl: string, config: HarnessConfig, artifacts?: RunArtifactsOptions): Promise<RouteInventory>;
 }
 //# sourceMappingURL=playwright-explorer.d.ts.map

package/dist/tools/playwright-explorer.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"playwright-explorer.d.ts","sourceRoot":"","sources":["../../src/tools/playwright-explorer.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAE3D,OAAO,EAAwB,KAAK,cAAc,EAAc,MAAM,sCAAsC,CAAC;AAC7G,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAgBjE,qBAAa,kBAAmB,YAAW,WAAW;IAC9C,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,GAAG,OAAO,CAAC,cAAc,CAAC;CAqJ/E"}
+{"version":3,"file":"playwright-explorer.d.ts","sourceRoot":"","sources":["../../src/tools/playwright-explorer.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AAE3D,OAAO,EAAwB,KAAK,cAAc,EAAc,MAAM,sCAAsC,CAAC;AAC7G,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AACjE,OAAO,KAAK,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AAoBrE,qBAAa,kBAAmB,YAAW,WAAW;IAC9C,OAAO,CAAC,OAAO,EAAE,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,SAAS,CAAC,EAAE,mBAAmB,GAAG,OAAO,CAAC,cAAc,CAAC;CAsKhH"}

package/dist/tools/playwright-explorer.js

@@ -15,8 +15,12 @@ function isInternalHref(href, baseUrlStr) {
         return false;
     }
 }
+function debugMode() {
+    return process.env.QULIB_DEBUG === '1';
+}
 export class PlaywrightExplorer {
-    async explore(baseUrl, config) {
+    async explore(baseUrl, config, artifacts) {
+        const progress = artifacts?.progressLog;
         const browser = await launchBrowser();
         let context;
         try {
@@ -28,7 +32,10 @@ export class PlaywrightExplorer {
         }
         if (config.auth) {
             const label = config.auth.type === 'form-login' ? config.auth.credentials.username : 'storage-state';
-            console.error(`[qulib] authenticated as ${label}`);
+            progress?.info(`Authenticated context: ${label}`);
+            if (!progress) {
+                process.stderr.write(`[qulib] authenticated as ${label}\n`);
+            }
         }
         const visited = new Set();
         const queue = [baseUrl];
@@ -56,10 +63,15 @@ export class PlaywrightExplorer {
                     }
                 });
                 try {
-                    await page.goto(url, {
+                    const navResponse = await page.goto(url, {
                         timeout: config.timeoutMs,
                         waitUntil: 'domcontentloaded',
                     });
+                    const httpStatus = navResponse?.status() ?? 0;
+                    if (debugMode()) {
+                        const html = await page.content();
+                        progress?.debug(`page HTML byteLength=${Buffer.byteLength(html, 'utf8')} url=${normalized}`);
+                    }
                     const pageTitle = await page.title();
                     const formCount = await page.locator('form').count();
                     const buttonLabels = await page.locator('button').allInnerTexts();
@@ -92,6 +104,9 @@ export class PlaywrightExplorer {
                         const axeResults = await new AxeBuilder({ page })
                             .withTags(['wcag2a', 'wcag2aa'])
                             .analyze();
+                        if (debugMode()) {
+                            progress?.debug(`raw axe violations (pre-map) count=${axeResults.violations.length} json=${JSON.stringify(axeResults.violations)}`);
+                        }
                         a11yViolations = axeResults.violations.map((v) => ({
                             id: v.id,
                             impact: v.impact ?? 'unknown',
@@ -103,6 +118,7 @@ export class PlaywrightExplorer {
                         consoleErrors.push(`axe-core failure: ${String(err)}`);
                     }
                     const path = new URL(url).pathname || '/';
+                    progress?.info(`Crawled ${normalized} status=${httpStatus} a11yViolations=${a11yViolations.length}`);
                     routes.push({
                         path,
                         pageTitle,
@@ -112,6 +128,7 @@ export class PlaywrightExplorer {
                         consoleErrors,
                         brokenLinks,
                         a11yViolations,
+                        statusCode: httpStatus,
                     });
                 }
                 catch (err) {
@@ -123,6 +140,7 @@ export class PlaywrightExplorer {
                             return url;
                         }
                     })();
+                    progress?.info(`Crawled ${normalized} status=error a11yViolations=0 err=${String(err).slice(0, 120)}`);
                     routes.push({
                         path,
                         pageTitle: '',

package/dist/tools/public-surface.d.ts

@@ -0,0 +1,5 @@
+import type { RouteInventory } from '../schemas/route-inventory.schema.js';
+import type { Gap } from '../schemas/gap-analysis.schema.js';
+import type { PublicSurface } from '../schemas/public-surface.schema.js';
+export declare function buildPublicSurface(pages: RouteInventory['routes'], gaps: Gap[]): PublicSurface;
+//# sourceMappingURL=public-surface.d.ts.map

package/dist/tools/public-surface.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"public-surface.d.ts","sourceRoot":"","sources":["../../src/tools/public-surface.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,sCAAsC,CAAC;AAC3E,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,mCAAmC,CAAC;AAC7D,OAAO,KAAK,EAAE,aAAa,EAAmD,MAAM,qCAAqC,CAAC;AAE1H,wBAAgB,kBAAkB,CAAC,KAAK,EAAE,cAAc,CAAC,QAAQ,CAAC,EAAE,IAAI,EAAE,GAAG,EAAE,GAAG,aAAa,CAY9F"}

package/dist/tools/public-surface.js

@@ -0,0 +1,13 @@
+export function buildPublicSurface(pages, gaps) {
+    const accessibilityViolations = [];
+    const brokenLinks = [];
+    for (const r of pages) {
+        for (const v of r.a11yViolations) {
+            accessibilityViolations.push({ ...v, path: r.path });
+        }
+        for (const b of r.brokenLinks) {
+            brokenLinks.push({ ...b, path: r.path });
+        }
+    }
+    return { pages, gaps, accessibilityViolations, brokenLinks };
+}

package/dist/tools/user-providers.d.ts

@@ -0,0 +1,15 @@
+import type { OAuthProvider } from './oauth-providers.js';
+export interface SerializedProvider {
+    id: string;
+    label: string;
+    patterns: string[];
+}
+export declare function loadUserProviders(): OAuthProvider[];
+export declare function addUserProvider(input: {
+    id: string;
+    label: string;
+    pattern: string;
+}): void;
+export declare function removeUserProvider(id: string): boolean;
+export declare function listUserProviders(): SerializedProvider[];
+//# sourceMappingURL=user-providers.d.ts.map

package/dist/tools/user-providers.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"user-providers.d.ts","sourceRoot":"","sources":["../../src/tools/user-providers.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAI1D,MAAM,WAAW,kBAAkB;IACjC,EAAE,EAAE,MAAM,CAAC;IACX,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;CACpB;AAED,wBAAgB,iBAAiB,IAAI,aAAa,EAAE,CAOnD;AAED,wBAAgB,eAAe,CAAC,KAAK,EAAE;IAAE,EAAE,EAAE,MAAM,CAAC;IAAC,KAAK,EAAE,MAAM,CAAC;IAAC,OAAO,EAAE,MAAM,CAAA;CAAE,GAAG,IAAI,CAc3F;AAED,wBAAgB,kBAAkB,CAAC,EAAE,EAAE,MAAM,GAAG,OAAO,CAStD;AAED,wBAAgB,iBAAiB,IAAI,kBAAkB,EAAE,CAExD"}

package/dist/tools/user-providers.js

@@ -0,0 +1,62 @@
+import { existsSync, mkdirSync, readFileSync, writeFileSync } from 'node:fs';
+import { dirname, join } from 'node:path';
+import { homedir } from 'node:os';
+const USER_PROVIDERS_PATH = join(homedir(), '.qulib', 'providers.json');
+export function loadUserProviders() {
+    const raw = loadSerialized();
+    return raw.map((p) => ({
+        id: p.id,
+        label: p.label,
+        patterns: p.patterns.map((src) => new RegExp(src, 'i')),
+    }));
+}
+export function addUserProvider(input) {
+    const existing = loadSerialized();
+    const idx = existing.findIndex((p) => p.id === input.id);
+    if (idx >= 0) {
+        const p = existing[idx];
+        if (!p.patterns.includes(input.pattern)) {
+            p.patterns.push(input.pattern);
+        }
+        p.label = input.label;
+    }
+    else {
+        existing.push({ id: input.id, label: input.label, patterns: [input.pattern] });
+    }
+    ensureDir();
+    writeFileSync(USER_PROVIDERS_PATH, JSON.stringify(existing, null, 2), 'utf-8');
+}
+export function removeUserProvider(id) {
+    const existing = loadSerialized();
+    const filtered = existing.filter((p) => p.id !== id);
+    if (filtered.length === existing.length) {
+        return false;
+    }
+    ensureDir();
+    writeFileSync(USER_PROVIDERS_PATH, JSON.stringify(filtered, null, 2), 'utf-8');
+    return true;
+}
+export function listUserProviders() {
+    return loadSerialized();
+}
+function loadSerialized() {
+    if (!existsSync(USER_PROVIDERS_PATH)) {
+        return [];
+    }
+    try {
+        const parsed = JSON.parse(readFileSync(USER_PROVIDERS_PATH, 'utf-8'));
+        if (!Array.isArray(parsed)) {
+            return [];
+        }
+        return parsed;
+    }
+    catch {
+        return [];
+    }
+}
+function ensureDir() {
+    const dir = dirname(USER_PROVIDERS_PATH);
+    if (!existsSync(dir)) {
+        mkdirSync(dir, { recursive: true });
+    }
+}

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@qulib/core",
-  "version": "0.2.1",
+  "version": "0.3.0",
   "description": "Qulib — analyze deployed web apps for honest quality gaps (CLI + programmatic API)",
   "license": "MIT",
   "author": "Tapesh Nagarwal",
@@ -37,7 +37,11 @@
     "dev": "tsx src/cli/index.ts",
     "analyze": "tsx src/cli/index.ts analyze",
     "clean": "tsx src/cli/index.ts clean",
-    "build": "tsc"
+    "build": "tsc",
+    "test": "node --import tsx/esm --test src/llm/cost-intelligence.test.ts src/tools/gap-engine.test.ts src/tools/auth-block-gap.test.ts",
+    "test:integration": "node --import tsx/esm --test src/analyze.integration.test.ts",
+    "smoke": "tsx src/cli/index.ts analyze --url https://example.com --ephemeral",
+    "cost-doctor": "tsx src/cli/index.ts cost doctor"
   },
   "dependencies": {
     "@axe-core/playwright": "^4.9.0",