@qulib/core 0.4.1 → 0.4.3

package/dist/index.d.ts

@@ -1,16 +1,18 @@
 export { analyzeApp } from './analyze.js';
-export { detectAuth } from './tools/auth-detector.js';
-export { exploreAuth } from './tools/auth-explorer.js';
-export { addUserProvider, removeUserProvider, listUserProviders } from './tools/user-providers.js';
-export { scanRepo } from './tools/repo-scanner.js';
-export { computeAutomationMaturity } from './tools/automation-maturity.js';
+export { detectAuth, validateStorageState, evaluateStorageStateValidity, preflightStorageStateFile, waitForReturnToOrigin, } from './tools/auth/detect.js';
+export type { StorageStateInvalidReason, StorageStateValidationResult, } from './tools/auth/detect.js';
+export { exploreAuth } from './tools/auth/explore.js';
+export { addUserProvider, removeUserProvider, listUserProviders } from './tools/auth/custom-providers.js';
+export { scanRepo } from './tools/repo/scan.js';
+export { computeAutomationMaturity } from './tools/scoring/automation-maturity.js';
 export { createProvider } from './llm/provider-registry.js';
 export { resolveMaxOutputTokensPerLlmCall } from './schemas/config.schema.js';
-export { resolveScanStateBaseDir } from './harness/state-manager.js';
+export { resolveScanStateBaseDir, resolveReportDir } from './harness/state-manager.js';
 export type { AnalyzeOptions, AnalyzeResult, AnalyzeStatus } from './analyze.js';
 export type { AnalyzeProgressSink } from './harness/progress-log.js';
 export type { TelemetrySink, TelemetryEvent, TelemetryEventKind, } from './telemetry/telemetry.interface.js';
 export { NoopTelemetrySink } from './telemetry/telemetry.interface.js';
+export { redactUrlForTelemetry } from './telemetry/emit.js';
 export type { LlmCallResult, LlmProvider } from './llm/provider.interface.js';
 export type { CallLlmConfigSlice } from './llm/provider.js';
 export type { HarnessConfig, AuthConfig, RouteInventory, GapAnalysis, RepoAnalysis, DetectedAuth, AuthExploration, AuthPath, AuthPathRequirements, CostIntelligence, LlmUsageRecord, RepeatedAiPattern, DeterministicMaturity, PublicSurface, AutomationMaturity, AutomationMaturityDimension, FrameworkDetectionResult, DetectedFrameworkPrimary, } from './schemas/index.js';

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EAAE,UAAU,EAAE,MAAM,0BAA0B,CAAC;AACtD,OAAO,EAAE,WAAW,EAAE,MAAM,0BAA0B,CAAC;AACvD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,2BAA2B,CAAC;AACnG,OAAO,EAAE,QAAQ,EAAE,MAAM,yBAAyB,CAAC;AACnD,OAAO,EAAE,yBAAyB,EAAE,MAAM,gCAAgC,CAAC;AAC3E,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,gCAAgC,EAAE,MAAM,4BAA4B,CAAC;AAC9E,OAAO,EAAE,uBAAuB,EAAE,MAAM,4BAA4B,CAAC;AACrE,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AACjF,YAAY,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AACrE,YAAY,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,GACnB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC9E,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,YAAY,EACV,aAAa,EACb,UAAU,EACV,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,qBAAqB,EACrB,aAAa,EACb,kBAAkB,EAClB,2BAA2B,EAC3B,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,oBAAoB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,UAAU,EAAE,MAAM,cAAc,CAAC;AAC1C,OAAO,EACL,UAAU,EACV,oBAAoB,EACpB,4BAA4B,EAC5B,yBAAyB,EACzB,qBAAqB,GACtB,MAAM,wBAAwB,CAAC;AAChC,YAAY,EACV,yBAAyB,EACzB,4BAA4B,GAC7B,MAAM,wBAAwB,CAAC;AAChC,OAAO,EAAE,WAAW,EAAE,MAAM,yBAAyB,CAAC;AACtD,OAAO,EAAE,eAAe,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,MAAM,kCAAkC,CAAC;AAC1G,OAAO,EAAE,QAAQ,EAAE,MAAM,sBAAsB,CAAC;AAChD,OAAO,EAAE,yBAAyB,EAAE,MAAM,wCAAwC,CAAC;AACnF,OAAO,EAAE,cAAc,EAAE,MAAM,4BAA4B,CAAC;AAC5D,OAAO,EAAE,gCAAgC,EAAE,MAAM,4BAA4B,CAAC;AAC9E,OAAO,EAAE,uBAAuB,EAAE,gBAAgB,EAAE,MAAM,4BAA4B,CAAC;AACvF,YAAY,EAAE,cAAc,EAAE,aAAa,EAAE,aAAa,EAAE,MAAM,cAAc,CAAC;AACjF,YAAY,EAAE,mBAAmB,EAAE,MAAM,2BAA2B,CAAC;AACrE,YAAY,EACV,aAAa,EACb,cAAc,EACd,kBAAkB,GACnB,MAAM,oCAAoC,CAAC;AAC5C,OAAO,EAAE,iBAAiB,EAAE,MAAM,oCAAoC,CAAC;AACvE,OAAO,EAAE,qBAAqB,EAAE,MAAM,qBAAqB,CAAC;AAC5D,YAAY,EAAE,aAAa,EAAE,WAAW,EAAE,MAAM,6BAA6B,CAAC;AAC9E,YAAY,EAAE,kBAAkB,EAAE,MAAM,mBAAmB,CAAC;AAC5D,YAAY,EACV,aAAa,EACb,UAAU,EACV,cAAc,EACd,WAAW,EACX,YAAY,EACZ,YAAY,EACZ,eAAe,EACf,QAAQ,EACR,oBAAoB,EACpB,gBAAgB,EAChB,cAAc,EACd,iBAAiB,EACjB,qBAAqB,EACrB,aAAa,EACb,kBAAkB,EAClB,2BAA2B,EAC3B,wBAAwB,EACxB,wBAAwB,GACzB,MAAM,oBAAoB,CAAC"}

package/dist/index.js

@@ -1,10 +1,11 @@
 export { analyzeApp } from './analyze.js';
-export { detectAuth } from './tools/auth-detector.js';
-export { exploreAuth } from './tools/auth-explorer.js';
-export { addUserProvider, removeUserProvider, listUserProviders } from './tools/user-providers.js';
-export { scanRepo } from './tools/repo-scanner.js';
-export { computeAutomationMaturity } from './tools/automation-maturity.js';
+export { detectAuth, validateStorageState, evaluateStorageStateValidity, preflightStorageStateFile, waitForReturnToOrigin, } from './tools/auth/detect.js';
+export { exploreAuth } from './tools/auth/explore.js';
+export { addUserProvider, removeUserProvider, listUserProviders } from './tools/auth/custom-providers.js';
+export { scanRepo } from './tools/repo/scan.js';
+export { computeAutomationMaturity } from './tools/scoring/automation-maturity.js';
 export { createProvider } from './llm/provider-registry.js';
 export { resolveMaxOutputTokensPerLlmCall } from './schemas/config.schema.js';
-export { resolveScanStateBaseDir } from './harness/state-manager.js';
+export { resolveScanStateBaseDir, resolveReportDir } from './harness/state-manager.js';
 export { NoopTelemetrySink } from './telemetry/telemetry.interface.js';
+export { redactUrlForTelemetry } from './telemetry/emit.js';

package/dist/phases/act.js

@@ -3,10 +3,10 @@ import { writeJsonReport } from '../reporters/json-reporter.js';
 import { writeMarkdownReport } from '../reporters/markdown-reporter.js';
 import { logDecision } from '../harness/decision-logger.js';
 import { emitTelemetry } from '../telemetry/emit.js';
-import { resolveScanStateBaseDir } from '../harness/state-manager.js';
+import { resolveReportDir, resolveScanStateBaseDir } from '../harness/state-manager.js';
 export async function act(analysis, config, artifacts = { writeArtifacts: true }) {
     const sessionId = artifacts.telemetrySessionId ?? 'none';
-    const reportDir = join(process.cwd(), 'output');
+    const reportDir = resolveReportDir(config.outputDir);
     const logOpts = {
         persist: artifacts.writeArtifacts,
         memory: artifacts.decisionMemory,
@@ -48,7 +48,7 @@ export async function act(analysis, config, artifacts = { writeArtifacts: true }
     if (config.requireHumanReview) {
         log('\n[qulib] Human review required before applying any generated output.');
         if (artifacts.writeArtifacts) {
-            log('  Reports:   output/report.json and output/report.md');
+            log(`  Reports:   ${join(reportDir, 'report.json')} and ${join(reportDir, 'report.md')}`);
             log(`  Decisions: ${join(resolveScanStateBaseDir(config.outputDir), 'decision-log.json')}`);
         }
         else {

package/dist/phases/observe.js

@@ -1,10 +1,10 @@
 import { RouteInventorySchema } from '../schemas/route-inventory.schema.js';
 import { RepoAnalysisSchema } from '../schemas/repo-analysis.schema.js';
-import { createExplorer } from '../tools/explorer-factory.js';
-import { scanRepo } from '../tools/repo-scanner.js';
+import { createExplorer } from '../tools/explorers/factory.js';
+import { scanRepo } from '../tools/repo/scan.js';
 import { StateManager } from '../harness/state-manager.js';
 import { logDecision } from '../harness/decision-logger.js';
-import { emitTelemetry } from '../telemetry/emit.js';
+import { emitTelemetry, redactUrlForTelemetry } from '../telemetry/emit.js';
 export async function observe(baseUrl, repoPath, config, artifacts = { writeArtifacts: true }) {
     const sessionId = artifacts.telemetrySessionId ?? 'none';
     const explorer = createExplorer(config.explorer);
@@ -15,7 +15,7 @@ export async function observe(baseUrl, repoPath, config, artifacts = { writeArti
         outputDir: config.outputDir,
     };
     emitTelemetry(artifacts.telemetry, 'phase.observe.started', sessionId, {
-        baseUrl,
+        baseUrl: redactUrlForTelemetry(baseUrl),
         hasRepoPath: Boolean(repoPath),
     });
     const rawRoutes = await explorer.explore(baseUrl, config, artifacts);
@@ -29,7 +29,7 @@ export async function observe(baseUrl, repoPath, config, artifacts = { writeArti
         decision: 'exploration-complete',
         reason: `Discovered ${routes.routes.length} routes; budgetExceeded=${routes.budgetExceeded}`,
         metadata: {
-            baseUrl,
+            baseUrl: redactUrlForTelemetry(baseUrl),
             scannedRoutes: routes.routes.length,
             budgetExceeded: routes.budgetExceeded,
             pagesSkipped: routes.pagesSkipped,

package/dist/phases/think.js

@@ -1,5 +1,5 @@
 import { GapAnalysisSchema } from '../schemas/gap-analysis.schema.js';
-import { analyzeGaps } from '../tools/gap-engine.js';
+import { analyzeGaps } from '../tools/scoring/gaps.js';
 import { logDecision } from '../harness/decision-logger.js';
 import { finalizeGapAnalysisFromDraft } from './think-finalize.js';
 import { emitTelemetry } from '../telemetry/emit.js';

package/dist/schemas/automation-maturity.schema.d.ts

@@ -1,22 +1,48 @@
 import { z } from 'zod';
+export declare const AutomationMaturityApplicabilitySchema: z.ZodEnum<["applicable", "not_applicable", "unknown"]>;
+/**
+ * Maturity dimension with explicit applicability so absent capabilities are not silently
+ * awarded partial credit.
+ *
+ * - `applicable`   — Qulib has enough signal to compute a real `score`.
+ * - `not_applicable` — The capability does not apply to this repo (e.g. component-test-ratio
+ *                     with no Cypress detected, auth-test-coverage when no auth signal exists).
+ *                     `score` is reported but excluded from the overall calculation.
+ * - `unknown`      — Qulib could not collect enough signal to score honestly (e.g. zero
+ *                     interactive elements scanned for test-id hygiene). Excluded from overall.
+ *
+ * Overall score formula (in `computeAutomationMaturity`):
+ *   numerator   = Σ score_i * weight_i  for i ∈ applicable dimensions
+ *   denominator = Σ weight_i            for i ∈ applicable dimensions
+ *   overallScore = round(numerator / denominator) when denominator > 0, else 0
+ *
+ * Schema fields stay backward compatible: both `applicability` and `reason` are optional.
+ * Existing consumers that don't read them keep working; honest reports populate them.
+ */
 export declare const AutomationMaturityDimensionSchema: z.ZodObject<{
     dimension: z.ZodEnum<["test-coverage-breadth", "framework-adoption", "test-id-hygiene", "ci-integration", "auth-test-coverage", "component-test-ratio"]>;
     score: z.ZodNumber;
     weight: z.ZodNumber;
     evidence: z.ZodArray<z.ZodString, "many">;
     recommendations: z.ZodArray<z.ZodString, "many">;
+    applicability: z.ZodOptional<z.ZodEnum<["applicable", "not_applicable", "unknown"]>>;
+    reason: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
     recommendations: string[];
     dimension: "test-coverage-breadth" | "framework-adoption" | "test-id-hygiene" | "ci-integration" | "auth-test-coverage" | "component-test-ratio";
     score: number;
     weight: number;
     evidence: string[];
+    reason?: string | undefined;
+    applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
 }, {
     recommendations: string[];
     dimension: "test-coverage-breadth" | "framework-adoption" | "test-id-hygiene" | "ci-integration" | "auth-test-coverage" | "component-test-ratio";
     score: number;
     weight: number;
     evidence: string[];
+    reason?: string | undefined;
+    applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
 }>;
 export declare const AutomationMaturitySchema: z.ZodObject<{
     computedAt: z.ZodString;
@@ -30,20 +56,27 @@ export declare const AutomationMaturitySchema: z.ZodObject<{
         weight: z.ZodNumber;
         evidence: z.ZodArray<z.ZodString, "many">;
         recommendations: z.ZodArray<z.ZodString, "many">;
+        applicability: z.ZodOptional<z.ZodEnum<["applicable", "not_applicable", "unknown"]>>;
+        reason: z.ZodOptional<z.ZodString>;
     }, "strip", z.ZodTypeAny, {
         recommendations: string[];
         dimension: "test-coverage-breadth" | "framework-adoption" | "test-id-hygiene" | "ci-integration" | "auth-test-coverage" | "component-test-ratio";
         score: number;
         weight: number;
         evidence: string[];
+        reason?: string | undefined;
+        applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
     }, {
         recommendations: string[];
         dimension: "test-coverage-breadth" | "framework-adoption" | "test-id-hygiene" | "ci-integration" | "auth-test-coverage" | "component-test-ratio";
         score: number;
         weight: number;
         evidence: string[];
+        reason?: string | undefined;
+        applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
     }>, "many">;
     topRecommendations: z.ZodArray<z.ZodString, "many">;
+    scoreFormula: z.ZodOptional<z.ZodString>;
 }, "strip", z.ZodTypeAny, {
     label: string;
     level: number;
@@ -56,8 +89,11 @@ export declare const AutomationMaturitySchema: z.ZodObject<{
         score: number;
         weight: number;
         evidence: string[];
+        reason?: string | undefined;
+        applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
     }[];
     topRecommendations: string[];
+    scoreFormula?: string | undefined;
 }, {
     label: string;
     level: number;
@@ -70,9 +106,13 @@ export declare const AutomationMaturitySchema: z.ZodObject<{
         score: number;
         weight: number;
         evidence: string[];
+        reason?: string | undefined;
+        applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
     }[];
     topRecommendations: string[];
+    scoreFormula?: string | undefined;
 }>;
+export type AutomationMaturityApplicability = z.infer<typeof AutomationMaturityApplicabilitySchema>;
 export type AutomationMaturityDimension = z.infer<typeof AutomationMaturityDimensionSchema>;
 export type AutomationMaturity = z.infer<typeof AutomationMaturitySchema>;
 //# sourceMappingURL=automation-maturity.schema.d.ts.map

package/dist/schemas/automation-maturity.schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"automation-maturity.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/automation-maturity.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,iCAAiC;;;;;;;;;;;;;;;;;;EAa5C,CAAC;AAEH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAQnC,CAAC;AAEH,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iCAAiC,CAAC,CAAC;AAC5F,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC"}
+{"version":3,"file":"automation-maturity.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/automation-maturity.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,eAAO,MAAM,qCAAqC,wDAIhD,CAAC;AAEH;;;;;;;;;;;;;;;;;;GAkBG;AACH,eAAO,MAAM,iCAAiC;;;;;;;;;;;;;;;;;;;;;;;;EAe5C,CAAC;AAEH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EASnC,CAAC;AAEH,MAAM,MAAM,+BAA+B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qCAAqC,CAAC,CAAC;AACpG,MAAM,MAAM,2BAA2B,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,iCAAiC,CAAC,CAAC;AAC5F,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC"}

package/dist/schemas/automation-maturity.schema.js

@@ -1,4 +1,28 @@
 import { z } from 'zod';
+export const AutomationMaturityApplicabilitySchema = z.enum([
+    'applicable',
+    'not_applicable',
+    'unknown',
+]);
+/**
+ * Maturity dimension with explicit applicability so absent capabilities are not silently
+ * awarded partial credit.
+ *
+ * - `applicable`   — Qulib has enough signal to compute a real `score`.
+ * - `not_applicable` — The capability does not apply to this repo (e.g. component-test-ratio
+ *                     with no Cypress detected, auth-test-coverage when no auth signal exists).
+ *                     `score` is reported but excluded from the overall calculation.
+ * - `unknown`      — Qulib could not collect enough signal to score honestly (e.g. zero
+ *                     interactive elements scanned for test-id hygiene). Excluded from overall.
+ *
+ * Overall score formula (in `computeAutomationMaturity`):
+ *   numerator   = Σ score_i * weight_i  for i ∈ applicable dimensions
+ *   denominator = Σ weight_i            for i ∈ applicable dimensions
+ *   overallScore = round(numerator / denominator) when denominator > 0, else 0
+ *
+ * Schema fields stay backward compatible: both `applicability` and `reason` are optional.
+ * Existing consumers that don't read them keep working; honest reports populate them.
+ */
 export const AutomationMaturityDimensionSchema = z.object({
     dimension: z.enum([
         'test-coverage-breadth',
@@ -12,6 +36,8 @@ export const AutomationMaturityDimensionSchema = z.object({
     weight: z.number().min(0).max(1),
     evidence: z.array(z.string()),
     recommendations: z.array(z.string()),
+    applicability: AutomationMaturityApplicabilitySchema.optional(),
+    reason: z.string().optional(),
 });
 export const AutomationMaturitySchema = z.object({
     computedAt: z.string().datetime(),
@@ -21,4 +47,5 @@ export const AutomationMaturitySchema = z.object({
     label: z.string(),
     dimensions: z.array(AutomationMaturityDimensionSchema),
     topRecommendations: z.array(z.string()),
+    scoreFormula: z.string().optional(),
 });

package/dist/schemas/index.d.ts

@@ -4,6 +4,6 @@ export { RouteInventorySchema, RouteSchema, A11yViolationSchema, BrokenLinkSchem
 export { GapAnalysisSchema, GapSchema, NeutralScenarioSchema, GeneratedTestSchema, TestStepSchema, FrameworkRecommendationSchema, type GapAnalysis, type Gap, type NeutralScenario, type GeneratedTest, type TestStep, type FrameworkRecommendation, } from './gap-analysis.schema.js';
 export { CostIntelligenceSchema, LlmUsageRecordSchema, LlmDataQualitySchema, LlmOperationTypeSchema, RepeatedAiPatternSchema, DeterministicMaturitySchema, type CostIntelligence, type LlmUsageRecord, type LlmDataQuality, type LlmOperationType, type RepeatedAiPattern, type DeterministicMaturity, } from './cost-intelligence.schema.js';
 export { RepoAnalysisSchema, FrameworkDetectionSchema, DetectedFrameworkPrimarySchema, FrameworkDetectionConfidenceSchema, TestFrameworkDetectedSchema, type RepoAnalysis, type FrameworkDetectionResult, type DetectedFrameworkPrimary, } from './repo-analysis.schema.js';
-export { AutomationMaturitySchema, AutomationMaturityDimensionSchema, type AutomationMaturity, type AutomationMaturityDimension, } from './automation-maturity.schema.js';
+export { AutomationMaturitySchema, AutomationMaturityDimensionSchema, AutomationMaturityApplicabilitySchema, type AutomationMaturity, type AutomationMaturityDimension, type AutomationMaturityApplicability, } from './automation-maturity.schema.js';
 export { PublicSurfaceSchema, PublicSurfaceViolationSchema, PublicSurfaceBrokenLinkSchema, type PublicSurface, type PublicSurfaceViolation, type PublicSurfaceBrokenLink, } from './public-surface.schema.js';
 //# sourceMappingURL=index.d.ts.map

package/dist/schemas/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/schemas/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,gCAAgC,EAChC,gBAAgB,EAChB,kBAAkB,EAClB,0BAA0B,EAC1B,cAAc,EACd,qBAAqB,EACrB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,EAC3B,KAAK,UAAU,EACf,KAAK,aAAa,EAClB,KAAK,YAAY,EACjB,KAAK,oBAAoB,EACzB,KAAK,QAAQ,EACb,KAAK,eAAe,GACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,GACtB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,oBAAoB,EACpB,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,cAAc,EACnB,KAAK,KAAK,GACX,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,SAAS,EACT,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,6BAA6B,EAC7B,KAAK,WAAW,EAChB,KAAK,GAAG,EACR,KAAK,eAAe,EACpB,KAAK,aAAa,EAClB,KAAK,QAAQ,EACb,KAAK,uBAAuB,GAC7B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,GAC3B,MAAM,+BAA+B,CAAC;AACvC,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,8BAA8B,EAC9B,kCAAkC,EAClC,2BAA2B,EAC3B,KAAK,YAAY,EACjB,KAAK,wBAAwB,EAC7B,KAAK,wBAAwB,GAC9B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,wBAAwB,EACxB,iCAAiC,EACjC,KAAK,kBAAkB,EACvB,KAAK,2BAA2B,GACjC,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,mBAAmB,EACnB,4BAA4B,EAC5B,6BAA6B,EAC7B,KAAK,aAAa,EAClB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,GAC7B,MAAM,4BAA4B,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/schemas/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,gCAAgC,EAChC,gBAAgB,EAChB,kBAAkB,EAClB,0BAA0B,EAC1B,cAAc,EACd,qBAAqB,EACrB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,EAC3B,KAAK,UAAU,EACf,KAAK,aAAa,EAClB,KAAK,YAAY,EACjB,KAAK,oBAAoB,EACzB,KAAK,QAAQ,EACb,KAAK,eAAe,GACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,GACtB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,oBAAoB,EACpB,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,cAAc,EACnB,KAAK,KAAK,GACX,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,SAAS,EACT,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,6BAA6B,EAC7B,KAAK,WAAW,EAChB,KAAK,GAAG,EACR,KAAK,eAAe,EACpB,KAAK,aAAa,EAClB,KAAK,QAAQ,EACb,KAAK,uBAAuB,GAC7B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,GAC3B,MAAM,+BAA+B,CAAC;AACvC,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,8BAA8B,EAC9B,kCAAkC,EAClC,2BAA2B,EAC3B,KAAK,YAAY,EACjB,KAAK,wBAAwB,EAC7B,KAAK,wBAAwB,GAC9B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,wBAAwB,EACxB,iCAAiC,EACjC,qCAAqC,EACrC,KAAK,kBAAkB,EACvB,KAAK,2BAA2B,EAChC,KAAK,+BAA+B,GACrC,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,mBAAmB,EACnB,4BAA4B,EAC5B,6BAA6B,EAC7B,KAAK,aAAa,EAClB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,GAC7B,MAAM,4BAA4B,CAAC"}

package/dist/schemas/index.js

@@ -4,5 +4,5 @@ export { RouteInventorySchema, RouteSchema, A11yViolationSchema, BrokenLinkSchem
 export { GapAnalysisSchema, GapSchema, NeutralScenarioSchema, GeneratedTestSchema, TestStepSchema, FrameworkRecommendationSchema, } from './gap-analysis.schema.js';
 export { CostIntelligenceSchema, LlmUsageRecordSchema, LlmDataQualitySchema, LlmOperationTypeSchema, RepeatedAiPatternSchema, DeterministicMaturitySchema, } from './cost-intelligence.schema.js';
 export { RepoAnalysisSchema, FrameworkDetectionSchema, DetectedFrameworkPrimarySchema, FrameworkDetectionConfidenceSchema, TestFrameworkDetectedSchema, } from './repo-analysis.schema.js';
-export { AutomationMaturitySchema, AutomationMaturityDimensionSchema, } from './automation-maturity.schema.js';
+export { AutomationMaturitySchema, AutomationMaturityDimensionSchema, AutomationMaturityApplicabilitySchema, } from './automation-maturity.schema.js';
 export { PublicSurfaceSchema, PublicSurfaceViolationSchema, PublicSurfaceBrokenLinkSchema, } from './public-surface.schema.js';

package/dist/schemas/repo-analysis.schema.d.ts

@@ -104,6 +104,7 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
         coveredPaths: string[];
     }>, "many">;
     missingTestIds: z.ZodArray<z.ZodString, "many">;
+    interactiveTsxFilesScanned: z.ZodOptional<z.ZodNumber>;
     cypressStructure: z.ZodObject<{
         detected: z.ZodBoolean;
         e2eFolder: z.ZodOptional<z.ZodString>;
@@ -160,20 +161,27 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
             weight: z.ZodNumber;
             evidence: z.ZodArray<z.ZodString, "many">;
             recommendations: z.ZodArray<z.ZodString, "many">;
+            applicability: z.ZodOptional<z.ZodEnum<["applicable", "not_applicable", "unknown"]>>;
+            reason: z.ZodOptional<z.ZodString>;
         }, "strip", z.ZodTypeAny, {
             recommendations: string[];
             dimension: "test-coverage-breadth" | "framework-adoption" | "test-id-hygiene" | "ci-integration" | "auth-test-coverage" | "component-test-ratio";
             score: number;
             weight: number;
             evidence: string[];
+            reason?: string | undefined;
+            applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
         }, {
             recommendations: string[];
             dimension: "test-coverage-breadth" | "framework-adoption" | "test-id-hygiene" | "ci-integration" | "auth-test-coverage" | "component-test-ratio";
             score: number;
             weight: number;
             evidence: string[];
+            reason?: string | undefined;
+            applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
         }>, "many">;
         topRecommendations: z.ZodArray<z.ZodString, "many">;
+        scoreFormula: z.ZodOptional<z.ZodString>;
     }, "strip", z.ZodTypeAny, {
         label: string;
         level: number;
@@ -186,8 +194,11 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
             score: number;
             weight: number;
             evidence: string[];
+            reason?: string | undefined;
+            applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
         }[];
         topRecommendations: string[];
+        scoreFormula?: string | undefined;
     }, {
         label: string;
         level: number;
@@ -200,8 +211,11 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
             score: number;
             weight: number;
             evidence: string[];
+            reason?: string | undefined;
+            applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
         }[];
         topRecommendations: string[];
+        scoreFormula?: string | undefined;
     }>>;
 }, "strip", z.ZodTypeAny, {
     scannedAt: string;
@@ -227,6 +241,7 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
         fixturesFolder?: string | undefined;
         supportFolder?: string | undefined;
     };
+    interactiveTsxFilesScanned?: number | undefined;
     framework?: {
         confidence: "high" | "medium" | "low";
         evidence: string[];
@@ -245,8 +260,11 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
             score: number;
             weight: number;
             evidence: string[];
+            reason?: string | undefined;
+            applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
         }[];
         topRecommendations: string[];
+        scoreFormula?: string | undefined;
     } | undefined;
 }, {
     scannedAt: string;
@@ -272,6 +290,7 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
         fixturesFolder?: string | undefined;
         supportFolder?: string | undefined;
     };
+    interactiveTsxFilesScanned?: number | undefined;
     framework?: {
         confidence: "high" | "medium" | "low";
         evidence: string[];
@@ -290,8 +309,11 @@ export declare const RepoAnalysisSchema: z.ZodObject<{
             score: number;
             weight: number;
             evidence: string[];
+            reason?: string | undefined;
+            applicability?: "unknown" | "applicable" | "not_applicable" | undefined;
         }[];
         topRecommendations: string[];
+        scoreFormula?: string | undefined;
     } | undefined;
 }>;
 export type RepoAnalysis = z.infer<typeof RepoAnalysisSchema>;

package/dist/schemas/repo-analysis.schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"repo-analysis.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/repo-analysis.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,eAAO,MAAM,8BAA8B,8HAUzC,CAAC;AAEH,eAAO,MAAM,kCAAkC,sCAAoC,CAAC;AAEpF,eAAO,MAAM,2BAA2B,0FAOtC,CAAC;AAEH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;EAKnC,CAAC;AAEH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AACtF,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAEhF,eAAO,MAAM,eAAe;;;;;;;;;;;;EAI1B,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;;;;;;EAIzB,CAAC;AAEH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;EASjC,CAAC;AAEH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAS7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAC9D,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC"}
+{"version":3,"file":"repo-analysis.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/repo-analysis.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAGxB,eAAO,MAAM,8BAA8B,8HAUzC,CAAC;AAEH,eAAO,MAAM,kCAAkC,sCAAoC,CAAC;AAEpF,eAAO,MAAM,2BAA2B,0FAOtC,CAAC;AAEH,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;EAKnC,CAAC;AAEH,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,8BAA8B,CAAC,CAAC;AACtF,MAAM,MAAM,wBAAwB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAEhF,eAAO,MAAM,eAAe;;;;;;;;;;;;EAI1B,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;;;;;;EAIzB,CAAC;AAEH,eAAO,MAAM,sBAAsB;;;;;;;;;;;;;;;;;;;;;;;;;;;EASjC,CAAC;AAEH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAU7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAC9D,MAAM,MAAM,gBAAgB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC"}

package/dist/schemas/repo-analysis.schema.js

@@ -52,6 +52,7 @@ export const RepoAnalysisSchema = z.object({
     routes: z.array(RepoRouteSchema),
     testFiles: z.array(TestFileSchema),
     missingTestIds: z.array(z.string()),
+    interactiveTsxFilesScanned: z.number().int().min(0).optional(),
     cypressStructure: CypressStructureSchema,
     framework: FrameworkDetectionSchema.optional(),
     automationMaturity: AutomationMaturitySchema.optional(),

package/dist/telemetry/emit.d.ts

@@ -1,3 +1,25 @@
 import type { TelemetryEvent, TelemetryEventKind, TelemetrySink } from './telemetry.interface.js';
 export declare function emitTelemetry(sink: TelemetrySink | undefined, kind: TelemetryEventKind, sessionId: string, metadata: TelemetryEvent['metadata'], durationMs?: number): void;
+/**
+ * Strip the query string and fragment from a URL before emitting it in telemetry.
+ *
+ * Telemetry must not carry credentials, share tokens, or any other secret-shaped
+ * material that callers may embed in query strings (e.g. `?token=...`, `?key=...`).
+ * Returns `origin + pathname` only for valid `http:` / `https:` URLs, and additionally
+ * strips any `user:pass@` userinfo from the origin.
+ *
+ * If the input is not a valid `http(s)` URL, this helper returns the literal string
+ * `'[redacted-non-url]'` rather than echoing the original input. Two reasons:
+ *
+ *  1. `new URL(...)` parses many `scheme:rest` shapes that are not real URLs
+ *     (e.g. `mailto:`, custom `user:pass@host`, `data:`). Those still produce a
+ *     non-empty `origin + pathname` and would echo the right-hand side back.
+ *  2. The exported helper makes no assumption about caller provenance: a non-URL
+ *     string passed in may itself be secret-shaped (a raw token, a path with
+ *     embedded credentials, etc.), so the only safe fallback is to discard the
+ *     value entirely.
+ *
+ * Telemetry never throws on malformed input.
+ */
+export declare function redactUrlForTelemetry(url: string): string;
 //# sourceMappingURL=emit.d.ts.map

package/dist/telemetry/emit.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"emit.d.ts","sourceRoot":"","sources":["../../src/telemetry/emit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAElG,wBAAgB,aAAa,CAC3B,IAAI,EAAE,aAAa,GAAG,SAAS,EAC/B,IAAI,EAAE,kBAAkB,EACxB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,cAAc,CAAC,UAAU,CAAC,EACpC,UAAU,CAAC,EAAE,MAAM,GAClB,IAAI,CASN"}
+{"version":3,"file":"emit.d.ts","sourceRoot":"","sources":["../../src/telemetry/emit.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,kBAAkB,EAAE,aAAa,EAAE,MAAM,0BAA0B,CAAC;AAElG,wBAAgB,aAAa,CAC3B,IAAI,EAAE,aAAa,GAAG,SAAS,EAC/B,IAAI,EAAE,kBAAkB,EACxB,SAAS,EAAE,MAAM,EACjB,QAAQ,EAAE,cAAc,CAAC,UAAU,CAAC,EACpC,UAAU,CAAC,EAAE,MAAM,GAClB,IAAI,CASN;AAED;;;;;;;;;;;;;;;;;;;;GAoBG;AACH,wBAAgB,qBAAqB,CAAC,GAAG,EAAE,MAAM,GAAG,MAAM,CAczD"}

package/dist/telemetry/emit.js

@@ -9,3 +9,40 @@ export function emitTelemetry(sink, kind, sessionId, metadata, durationMs) {
         ...(durationMs !== undefined && { durationMs }),
     });
 }
+/**
+ * Strip the query string and fragment from a URL before emitting it in telemetry.
+ *
+ * Telemetry must not carry credentials, share tokens, or any other secret-shaped
+ * material that callers may embed in query strings (e.g. `?token=...`, `?key=...`).
+ * Returns `origin + pathname` only for valid `http:` / `https:` URLs, and additionally
+ * strips any `user:pass@` userinfo from the origin.
+ *
+ * If the input is not a valid `http(s)` URL, this helper returns the literal string
+ * `'[redacted-non-url]'` rather than echoing the original input. Two reasons:
+ *
+ *  1. `new URL(...)` parses many `scheme:rest` shapes that are not real URLs
+ *     (e.g. `mailto:`, custom `user:pass@host`, `data:`). Those still produce a
+ *     non-empty `origin + pathname` and would echo the right-hand side back.
+ *  2. The exported helper makes no assumption about caller provenance: a non-URL
+ *     string passed in may itself be secret-shaped (a raw token, a path with
+ *     embedded credentials, etc.), so the only safe fallback is to discard the
+ *     value entirely.
+ *
+ * Telemetry never throws on malformed input.
+ */
+export function redactUrlForTelemetry(url) {
+    let parsed;
+    try {
+        parsed = new URL(url);
+    }
+    catch {
+        return '[redacted-non-url]';
+    }
+    if (parsed.protocol !== 'http:' && parsed.protocol !== 'https:') {
+        return '[redacted-non-url]';
+    }
+    // Strip any user:pass@ from the origin. `URL.origin` already omits userinfo,
+    // but rebuilding from `protocol + host` makes the intent explicit and removes
+    // any chance of credentials leaking through future Node URL changes.
+    return `${parsed.protocol}//${parsed.host}${parsed.pathname}`;
+}

package/dist/telemetry/telemetry.interface.d.ts

@@ -1,4 +1,4 @@
-export type TelemetryEventKind = 'scan.started' | 'scan.completed' | 'scan.blocked' | 'phase.observe.started' | 'phase.observe.completed' | 'phase.think.started' | 'phase.think.completed' | 'phase.act.started' | 'phase.act.completed' | 'llm.call.started' | 'llm.call.completed' | 'llm.call.failed' | 'gap.detected' | 'auth.detected' | 'repo.scanned';
+export type TelemetryEventKind = 'scan.started' | 'scan.completed' | 'scan.blocked' | 'phase.observe.started' | 'phase.observe.completed' | 'phase.think.started' | 'phase.think.completed' | 'phase.act.started' | 'phase.act.completed' | 'llm.call.started' | 'llm.call.completed' | 'llm.call.failed' | 'gap.detected' | 'auth.detected' | 'auth.storage-state.validated' | 'repo.scanned';
 export interface TelemetryEvent {
     kind: TelemetryEventKind;
     timestamp: string;

package/dist/telemetry/telemetry.interface.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"telemetry.interface.d.ts","sourceRoot":"","sources":["../../src/telemetry/telemetry.interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,kBAAkB,GAC1B,cAAc,GACd,gBAAgB,GAChB,cAAc,GACd,uBAAuB,GACvB,yBAAyB,GACzB,qBAAqB,GACrB,uBAAuB,GACvB,mBAAmB,GACnB,qBAAqB,GACrB,kBAAkB,GAClB,oBAAoB,GACpB,iBAAiB,GACjB,cAAc,GACd,eAAe,GACf,cAAc,CAAC;AAEnB,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,kBAAkB,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC,CAAC;CAC5D;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,KAAK,EAAE,cAAc,GAAG,IAAI,CAAC;CACnC;AAED,eAAO,MAAM,iBAAiB,EAAE,aAE/B,CAAC"}
+{"version":3,"file":"telemetry.interface.d.ts","sourceRoot":"","sources":["../../src/telemetry/telemetry.interface.ts"],"names":[],"mappings":"AAAA,MAAM,MAAM,kBAAkB,GAC1B,cAAc,GACd,gBAAgB,GAChB,cAAc,GACd,uBAAuB,GACvB,yBAAyB,GACzB,qBAAqB,GACrB,uBAAuB,GACvB,mBAAmB,GACnB,qBAAqB,GACrB,kBAAkB,GAClB,oBAAoB,GACpB,iBAAiB,GACjB,cAAc,GACd,eAAe,GACf,8BAA8B,GAC9B,cAAc,CAAC;AAEnB,MAAM,WAAW,cAAc;IAC7B,IAAI,EAAE,kBAAkB,CAAC;IACzB,SAAS,EAAE,MAAM,CAAC;IAClB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,OAAO,GAAG,IAAI,CAAC,CAAC;CAC5D;AAED,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,KAAK,EAAE,cAAc,GAAG,IAAI,CAAC;CACnC;AAED,eAAO,MAAM,iBAAiB,EAAE,aAE/B,CAAC"}

package/dist/tools/apply-auth.d.ts

@@ -0,0 +1,4 @@
+import type { Browser, BrowserContext } from '@playwright/test';
+import type { AuthConfig } from '../schemas/config.schema.js';
+export declare function createAuthenticatedContext(browser: Browser, auth: AuthConfig | undefined, timeoutMs: number): Promise<BrowserContext>;
+//# sourceMappingURL=apply-auth.d.ts.map

package/dist/tools/apply-auth.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"apply-auth.d.ts","sourceRoot":"","sources":["../../src/tools/apply-auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEhE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,6BAA6B,CAAC;AAE9D,wBAAsB,0BAA0B,CAC9C,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,UAAU,GAAG,SAAS,EAC5B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,cAAc,CAAC,CAsCzB"}

package/dist/tools/apply-auth.js

@@ -0,0 +1,35 @@
+import { resolve } from 'node:path';
+export async function createAuthenticatedContext(browser, auth, timeoutMs) {
+    if (!auth) {
+        return browser.newContext();
+    }
+    if (auth.type === 'storage-state') {
+        const storagePath = resolve(process.cwd(), auth.path);
+        return browser.newContext({ storageState: storagePath });
+    }
+    const context = await browser.newContext();
+    const page = await context.newPage();
+    try {
+        await page.goto(auth.loginUrl, { timeout: timeoutMs, waitUntil: 'domcontentloaded' });
+        await page.fill(auth.selectors.username, auth.credentials.username);
+        await page.fill(auth.selectors.password, auth.credentials.password);
+        await page.click(auth.selectors.submit);
+        const urlFragment = auth.successIndicator.urlContains;
+        if (urlFragment) {
+            await page.waitForURL((url) => url.toString().includes(urlFragment), {
+                timeout: timeoutMs,
+            });
+        }
+        const visibleSelector = auth.successIndicator.selectorVisible;
+        if (visibleSelector) {
+            await page.waitForSelector(visibleSelector, {
+                timeout: timeoutMs,
+                state: 'visible',
+            });
+        }
+    }
+    finally {
+        await page.close();
+    }
+    return context;
+}

package/dist/tools/auth/apply.d.ts

@@ -0,0 +1,4 @@
+import type { Browser, BrowserContext } from '@playwright/test';
+import type { AuthConfig } from '../../schemas/config.schema.js';
+export declare function createAuthenticatedContext(browser: Browser, auth: AuthConfig | undefined, timeoutMs: number): Promise<BrowserContext>;
+//# sourceMappingURL=apply.d.ts.map

package/dist/tools/auth/apply.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"apply.d.ts","sourceRoot":"","sources":["../../../src/tools/auth/apply.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,cAAc,EAAE,MAAM,kBAAkB,CAAC;AAEhE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,gCAAgC,CAAC;AAEjE,wBAAsB,0BAA0B,CAC9C,OAAO,EAAE,OAAO,EAChB,IAAI,EAAE,UAAU,GAAG,SAAS,EAC5B,SAAS,EAAE,MAAM,GAChB,OAAO,CAAC,cAAc,CAAC,CAsCzB"}

package/dist/tools/auth/apply.js

@@ -0,0 +1,35 @@
+import { resolve } from 'node:path';
+export async function createAuthenticatedContext(browser, auth, timeoutMs) {
+    if (!auth) {
+        return browser.newContext();
+    }
+    if (auth.type === 'storage-state') {
+        const storagePath = resolve(process.cwd(), auth.path);
+        return browser.newContext({ storageState: storagePath });
+    }
+    const context = await browser.newContext();
+    const page = await context.newPage();
+    try {
+        await page.goto(auth.loginUrl, { timeout: timeoutMs, waitUntil: 'domcontentloaded' });
+        await page.fill(auth.selectors.username, auth.credentials.username);
+        await page.fill(auth.selectors.password, auth.credentials.password);
+        await page.click(auth.selectors.submit);
+        const urlFragment = auth.successIndicator.urlContains;
+        if (urlFragment) {
+            await page.waitForURL((url) => url.toString().includes(urlFragment), {
+                timeout: timeoutMs,
+            });
+        }
+        const visibleSelector = auth.successIndicator.selectorVisible;
+        if (visibleSelector) {
+            await page.waitForSelector(visibleSelector, {
+                timeout: timeoutMs,
+                state: 'visible',
+            });
+        }
+    }
+    finally {
+        await page.close();
+    }
+    return context;
+}

package/dist/tools/auth/block-gap.d.ts

@@ -0,0 +1,9 @@
+import type { Gap } from '../../schemas/gap-analysis.schema.js';
+import type { StorageStateInvalidReason } from './detector.js';
+export declare function buildAuthBlockGap(url: string): Gap;
+export declare function buildStorageStateInvalidGap(input: {
+    url: string;
+    reasonCode: StorageStateInvalidReason;
+    reason: string;
+}): Gap;
+//# sourceMappingURL=block-gap.d.ts.map

package/dist/tools/auth/block-gap.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"block-gap.d.ts","sourceRoot":"","sources":["../../../src/tools/auth/block-gap.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,GAAG,EAAE,MAAM,sCAAsC,CAAC;AAChE,OAAO,KAAK,EAAE,yBAAyB,EAAE,MAAM,eAAe,CAAC;AAmB/D,wBAAgB,iBAAiB,CAAC,GAAG,EAAE,MAAM,GAAG,GAAG,CAYlD;AAED,wBAAgB,2BAA2B,CAAC,KAAK,EAAE;IACjD,GAAG,EAAE,MAAM,CAAC;IACZ,UAAU,EAAE,yBAAyB,CAAC;IACtC,MAAM,EAAE,MAAM,CAAC;CAChB,GAAG,GAAG,CAqBN"}