@qulib/core 0.9.0 → 0.10.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (48) hide show
  1. package/README.md +11 -11
  2. package/dist/baseline/baseline.schema.d.ts +26 -26
  3. package/dist/baseline/baseline.schema.d.ts.map +1 -1
  4. package/dist/baseline/baseline.schema.js +1 -0
  5. package/dist/cli/analyze-diff-run.d.ts +77 -0
  6. package/dist/cli/analyze-diff-run.d.ts.map +1 -0
  7. package/dist/cli/analyze-diff-run.js +266 -0
  8. package/dist/cli/baseline-run.d.ts +55 -0
  9. package/dist/cli/baseline-run.d.ts.map +1 -0
  10. package/dist/cli/baseline-run.js +259 -0
  11. package/dist/cli/confidence-run.d.ts.map +1 -1
  12. package/dist/cli/confidence-run.js +10 -6
  13. package/dist/cli/index.js +4 -0
  14. package/dist/cli/score-automation-run.d.ts.map +1 -1
  15. package/dist/cli/score-automation-run.js +5 -1
  16. package/dist/index.d.ts +5 -0
  17. package/dist/index.d.ts.map +1 -1
  18. package/dist/index.js +5 -0
  19. package/dist/phases/think.d.ts.map +1 -1
  20. package/dist/phases/think.js +4 -1
  21. package/dist/reporters/heatmap.d.ts +55 -0
  22. package/dist/reporters/heatmap.d.ts.map +1 -0
  23. package/dist/reporters/heatmap.js +148 -0
  24. package/dist/reporters/markdown-reporter.d.ts.map +1 -1
  25. package/dist/reporters/markdown-reporter.js +4 -1
  26. package/dist/schemas/confidence.schema.d.ts +2 -2
  27. package/dist/schemas/config.schema.d.ts.map +1 -1
  28. package/dist/schemas/config.schema.js +6 -1
  29. package/dist/schemas/gap-analysis.schema.d.ts +8 -8
  30. package/dist/schemas/gap-analysis.schema.js +1 -1
  31. package/dist/schemas/golden-manifest.schema.d.ts +137 -0
  32. package/dist/schemas/golden-manifest.schema.d.ts.map +1 -0
  33. package/dist/schemas/golden-manifest.schema.js +25 -0
  34. package/dist/schemas/index.d.ts +1 -0
  35. package/dist/schemas/index.d.ts.map +1 -1
  36. package/dist/schemas/index.js +1 -0
  37. package/dist/schemas/public-surface.schema.d.ts +15 -5
  38. package/dist/schemas/public-surface.schema.d.ts.map +1 -1
  39. package/dist/schemas/route-inventory.schema.d.ts +20 -0
  40. package/dist/schemas/route-inventory.schema.d.ts.map +1 -1
  41. package/dist/schemas/route-inventory.schema.js +4 -0
  42. package/dist/schemas/views.schema.d.ts +1 -1
  43. package/dist/tools/scoring/confidence.d.ts.map +1 -1
  44. package/dist/tools/scoring/confidence.js +140 -14
  45. package/dist/tools/scoring/prompt-leakage.d.ts +29 -0
  46. package/dist/tools/scoring/prompt-leakage.d.ts.map +1 -0
  47. package/dist/tools/scoring/prompt-leakage.js +256 -0
  48. package/package.json +8 -4
package/dist/reporters/heatmap.js ADDED
@@ -0,0 +1,148 @@
1
+ /**
2
+ * Per-page coverage heatmap for Markdown reports.
3
+ *
4
+ * buildPageHeatmap() is a pure function — no I/O, no side-effects.
5
+ * It derives a rows × dimensions matrix from GapAnalysis.gaps and sorts
6
+ * rows worst-first (most critical coverage problems bubble to the top).
7
+ *
8
+ * Dimensions map to the GapSchema.category enum values so the heatmap
9
+ * always stays in sync with what the scanner can produce.
10
+ */
11
+ // ---------------------------------------------------------------------------
12
+ // Types
13
+ // ---------------------------------------------------------------------------
14
+ /** The ordered set of gap categories that appear as heatmap columns. */
15
+ export const HEATMAP_DIMENSIONS = [
16
+ 'untested-route',
17
+ 'a11y',
18
+ 'console-error',
19
+ 'broken-link',
20
+ 'coverage',
21
+ 'untested-api-endpoint',
22
+ 'auth-surface',
23
+ 'prompt-leakage',
24
+ ];
25
+ /** Display labels for each dimension column header. */
26
+ export const DIMENSION_LABELS = {
27
+ 'untested-route': 'Untested',
28
+ 'a11y': 'A11y',
29
+ 'console-error': 'Console',
30
+ 'broken-link': 'Links',
31
+ 'coverage': 'Coverage',
32
+ 'untested-api-endpoint': 'API',
33
+ 'auth-surface': 'Auth',
34
+ 'prompt-leakage': 'PromptLeak',
35
+ };
36
+ /** Severity order — higher index = worse. */
37
+ const SEVERITY_ORDER = {
38
+ low: 1,
39
+ medium: 2,
40
+ high: 3,
41
+ critical: 4,
42
+ };
43
+ /** Intensity glyph scale, indexed by SEVERITY_ORDER value (1..4). */
44
+ const SEVERITY_GLYPHS = {
45
+ 0: '·', // no gap on this page for this dimension
46
+ 1: '🟡', // low
47
+ 2: '🟠', // medium
48
+ 3: '🔴', // high
49
+ 4: '🚨', // critical
50
+ };
51
+ // ---------------------------------------------------------------------------
52
+ // Pure builder
53
+ // ---------------------------------------------------------------------------
54
+ /**
55
+ * Build a per-page coverage heatmap from a flat list of gaps.
56
+ *
57
+ * @param gaps The gaps array from GapAnalysis.
58
+ * @returns A PageHeatmap with rows sorted worst-first.
59
+ */
60
+ export function buildPageHeatmap(gaps) {
61
+ const pageMap = new Map();
62
+ for (const gap of gaps) {
63
+ // Only include dimensions the heatmap tracks; skip unknowns gracefully.
64
+ const dim = gap.category;
65
+ if (!HEATMAP_DIMENSIONS.includes(dim))
66
+ continue;
67
+ if (!pageMap.has(gap.path)) {
68
+ pageMap.set(gap.path, new Map());
69
+ }
70
+ const dimMap = pageMap.get(gap.path);
71
+ if (!dimMap.has(dim)) {
72
+ dimMap.set(dim, []);
73
+ }
74
+ dimMap.get(dim).push(gap);
75
+ }
76
+ const rows = [];
77
+ for (const [path, dimMap] of pageMap) {
78
+ const cells = {};
79
+ let worstScore = 0;
80
+ for (const dim of HEATMAP_DIMENSIONS) {
81
+ const dimGaps = dimMap.get(dim) ?? [];
82
+ if (dimGaps.length === 0) {
83
+ cells[dim] = { worstSeverity: null, glyph: SEVERITY_GLYPHS[0], count: 0 };
84
+ }
85
+ else {
86
+ let worst = 'low';
87
+ for (const g of dimGaps) {
88
+ if (SEVERITY_ORDER[g.severity] > SEVERITY_ORDER[worst]) {
89
+ worst = g.severity;
90
+ }
91
+ }
92
+ const score = SEVERITY_ORDER[worst];
93
+ worstScore += score;
94
+ cells[dim] = { worstSeverity: worst, glyph: SEVERITY_GLYPHS[score], count: dimGaps.length };
95
+ }
96
+ }
97
+ rows.push({ path, cells, worstScore });
98
+ }
99
+ // Sort worst-first (highest worstScore first), then alphabetically by path for stability.
100
+ rows.sort((a, b) => {
101
+ if (b.worstScore !== a.worstScore)
102
+ return b.worstScore - a.worstScore;
103
+ return a.path.localeCompare(b.path);
104
+ });
105
+ return {
106
+ rows,
107
+ dimensions: HEATMAP_DIMENSIONS,
108
+ totalGaps: gaps.length,
109
+ };
110
+ }
111
+ // ---------------------------------------------------------------------------
112
+ // Markdown renderer
113
+ // ---------------------------------------------------------------------------
114
+ /**
115
+ * Render a PageHeatmap as a Markdown section string.
116
+ * Returns an empty string when there are no rows (nothing scanned).
117
+ */
118
+ export function renderHeatmapSection(heatmap) {
119
+ if (heatmap.rows.length === 0) {
120
+ return '';
121
+ }
122
+ const dimLabels = heatmap.dimensions.map((d) => DIMENSION_LABELS[d]);
123
+ // Build table header
124
+ const header = `| Page | ${dimLabels.join(' | ')} |`;
125
+ const separator = `|------|${heatmap.dimensions.map(() => ':---:').join('|')}|`;
126
+ const tableRows = heatmap.rows
127
+ .map((row) => {
128
+ const cells = heatmap.dimensions.map((d) => row.cells[d].glyph).join(' | ');
129
+ return `| \`${row.path}\` | ${cells} |`;
130
+ })
131
+ .join('\n');
132
+ const legend = [
133
+ '**Legend:**',
134
+ `🚨 critical`,
135
+ `🔴 high`,
136
+ `🟠 medium`,
137
+ `🟡 low`,
138
+ `· none`,
139
+ ].join(' · ');
140
+ return `## Per-page coverage heatmap
141
+
142
+ ${header}
143
+ ${separator}
144
+ ${tableRows}
145
+
146
+ ${legend}
147
+ `;
148
+ }
package/dist/reporters/markdown-reporter.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"markdown-reporter.d.ts","sourceRoot":"","sources":["../../src/reporters/markdown-reporter.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAErE,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAkEjG"}
1
+ {"version":3,"file":"markdown-reporter.d.ts","sourceRoot":"","sources":["../../src/reporters/markdown-reporter.ts"],"names":[],"mappings":"AAEA,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAGrE,wBAAsB,mBAAmB,CAAC,QAAQ,EAAE,WAAW,EAAE,SAAS,EAAE,MAAM,GAAG,OAAO,CAAC,IAAI,CAAC,CAqEjG"}
package/dist/reporters/markdown-reporter.js CHANGED
@@ -1,5 +1,6 @@
1
1
  import { writeFile, mkdir } from 'node:fs/promises';
2
2
  import { join } from 'node:path';
3
+ import { buildPageHeatmap, renderHeatmapSection } from './heatmap.js';
3
4
  export async function writeMarkdownReport(analysis, outputDir) {
4
5
  await mkdir(outputDir, { recursive: true });
5
6
  const rc = analysis.releaseConfidence;
@@ -16,6 +17,8 @@ export async function writeMarkdownReport(analysis, outputDir) {
16
17
  const scenarioBlocks = analysis.scenarios
17
18
  .map((s) => `### ${s.title}\n${s.description}\n\nSteps:\n${s.steps.map((step) => `- ${step.description}`).join('\n')}\n\nRecommended adapters: ${s.recommendations.map((r) => r.adapter).join(', ')}`)
18
19
  .join('\n\n---\n\n');
20
+ const heatmap = buildPageHeatmap(analysis.gaps);
21
+ const heatmapSection = renderHeatmapSection(heatmap);
19
22
  const ci = analysis.costIntelligence;
20
23
  const costSection = ci
21
24
  ? `## Cost Intelligence
@@ -41,7 +44,7 @@ export async function writeMarkdownReport(analysis, outputDir) {
41
44
  - Scan budget exhausted (unfinished queue): ${analysis.coverageBudgetExceeded ? 'yes' : 'no'}
42
45
  ${analysis.coverageWarning ? `- Warning: **${analysis.coverageWarning}**` : '- Warning: none'}
43
46
 
44
- ${costSection}
47
+ ${heatmapSection}${costSection}
45
48
  ## Coverage gaps (${analysis.gaps.length})
46
49
 
47
50
  | Path | Category | Severity | Reason |
package/dist/schemas/confidence.schema.d.ts CHANGED
@@ -476,12 +476,12 @@ export declare const ReleaseConfidenceSchema: z.ZodObject<{
476
476
  level: number;
477
477
  computedAt: string;
478
478
  scoreFormula: string;
479
+ schemaVersion: 1;
479
480
  subject: {
480
481
  kind: "app" | "repo" | "release" | "pr" | "deploy";
481
482
  ref: string;
482
483
  tenantId: string;
483
484
  };
484
- schemaVersion: 1;
485
485
  confidenceScore: number | null;
486
486
  verdict: "ship" | "caution" | "hold" | "block";
487
487
  contributions: {
@@ -501,12 +501,12 @@ export declare const ReleaseConfidenceSchema: z.ZodObject<{
501
501
  level: number;
502
502
  computedAt: string;
503
503
  scoreFormula: string;
504
+ schemaVersion: 1;
504
505
  subject: {
505
506
  kind: "app" | "repo" | "release" | "pr" | "deploy";
506
507
  ref: string;
507
508
  tenantId?: string | undefined;
508
509
  };
509
- schemaVersion: 1;
510
510
  confidenceScore: number | null;
511
511
  verdict: "ship" | "caution" | "hold" | "block";
512
512
  contributions: {
package/dist/schemas/config.schema.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"config.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/config.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,SAAS,CAAC;AACpD,MAAM,MAAM,WAAW,GAAG,YAAY,GAAG,aAAa,GAAG,mBAAmB,GAAG,KAAK,GAAG,eAAe,CAAC;AAEvG,QAAA,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBvB,CAAC;AAEH,QAAA,MAAM,sBAAsB;;;;;;;;;EAG1B,CAAC;AAEH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAA8E,CAAC;AAE5G,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC5E,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE1D,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EA0C9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEhE,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM,CAE9E;AAED,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAcrC,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EASzB,CAAC;AAEH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAoB7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE9D,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAehC,CAAC;AAEH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAC9E,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AACtD,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC"}
1
+ {"version":3,"file":"config.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/config.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,MAAM,MAAM,YAAY,GAAG,YAAY,GAAG,SAAS,CAAC;AACpD,MAAM,MAAM,WAAW,GAAG,YAAY,GAAG,aAAa,GAAG,mBAAmB,GAAG,KAAK,GAAG,eAAe,CAAC;AAEvG,QAAA,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAgBvB,CAAC;AAEH,QAAA,MAAM,sBAAsB;;;;;;;;;EAG1B,CAAC;AAEH,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAA8E,CAAC;AAE5G,MAAM,MAAM,mBAAmB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AACtE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,sBAAsB,CAAC,CAAC;AAC5E,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAE1D,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAiD9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAEhE,wBAAgB,gCAAgC,CAAC,MAAM,EAAE,aAAa,GAAG,MAAM,CAE9E;AAED,eAAO,MAAM,0BAA0B;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAcrC,CAAC;AAEH,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EASzB,CAAC;AAEH,eAAO,MAAM,kBAAkB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAoB7B,CAAC;AAEH,MAAM,MAAM,YAAY,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,kBAAkB,CAAC,CAAC;AAE9D,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAehC,CAAC;AAEH,MAAM,MAAM,oBAAoB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,0BAA0B,CAAC,CAAC;AAC9E,MAAM,MAAM,QAAQ,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,cAAc,CAAC,CAAC;AACtD,MAAM,MAAM,eAAe,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,qBAAqB,CAAC,CAAC"}
package/dist/schemas/config.schema.js CHANGED
@@ -46,7 +46,12 @@ export const HarnessConfigSchema = z.object({
46
46
  readOnlyMode: z.boolean(),
47
47
  requireHumanReview: z.boolean(),
48
48
  failOnConsoleError: z.boolean(),
49
- explorer: z.enum(['playwright', 'cypress']).default('playwright'),
49
+ explorer: z
50
+ .enum(['playwright', 'cypress'])
51
+ .default('playwright')
52
+ .describe("Browser explorer to use. 'playwright' is the production explorer. " +
53
+ "'cypress' is reserved for future Cypress-driven exploration and is not yet implemented — " +
54
+ 'it will throw at runtime. Always use playwright in production.'),
50
55
  defaultAdapter: z.enum(['playwright', 'cypress-e2e', 'cypress-component', 'api', 'accessibility']).default('playwright'),
51
56
  adapters: z.array(z.enum(['playwright', 'cypress-e2e', 'cypress-component', 'api', 'accessibility'])).default(['playwright']),
52
57
  llmProvider: z.enum(['anthropic']).optional(),
package/dist/schemas/gap-analysis.schema.d.ts CHANGED
@@ -4,7 +4,7 @@ export declare const GapSchema: z.ZodObject<{
4
4
  path: z.ZodString;
5
5
  severity: z.ZodEnum<["critical", "high", "medium", "low"]>;
6
6
  reason: z.ZodString;
7
- category: z.ZodEnum<["untested-route", "a11y", "console-error", "broken-link", "auth-surface", "coverage", "untested-api-endpoint"]>;
7
+ category: z.ZodEnum<["untested-route", "a11y", "console-error", "broken-link", "auth-surface", "coverage", "untested-api-endpoint", "prompt-leakage"]>;
8
8
  description: z.ZodOptional<z.ZodString>;
9
9
  recommendation: z.ZodOptional<z.ZodString>;
10
10
  }, "strip", z.ZodTypeAny, {
@@ -12,7 +12,7 @@ export declare const GapSchema: z.ZodObject<{
12
12
  id: string;
13
13
  severity: "critical" | "high" | "medium" | "low";
14
14
  reason: string;
15
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
15
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
16
16
  recommendation?: string | undefined;
17
17
  description?: string | undefined;
18
18
  }, {
@@ -20,7 +20,7 @@ export declare const GapSchema: z.ZodObject<{
20
20
  id: string;
21
21
  severity: "critical" | "high" | "medium" | "low";
22
22
  reason: string;
23
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
23
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
24
24
  recommendation?: string | undefined;
25
25
  description?: string | undefined;
26
26
  }>;
@@ -163,7 +163,7 @@ export declare const GapAnalysisSchema: z.ZodObject<{
163
163
  path: z.ZodString;
164
164
  severity: z.ZodEnum<["critical", "high", "medium", "low"]>;
165
165
  reason: z.ZodString;
166
- category: z.ZodEnum<["untested-route", "a11y", "console-error", "broken-link", "auth-surface", "coverage", "untested-api-endpoint"]>;
166
+ category: z.ZodEnum<["untested-route", "a11y", "console-error", "broken-link", "auth-surface", "coverage", "untested-api-endpoint", "prompt-leakage"]>;
167
167
  description: z.ZodOptional<z.ZodString>;
168
168
  recommendation: z.ZodOptional<z.ZodString>;
169
169
  }, "strip", z.ZodTypeAny, {
@@ -171,7 +171,7 @@ export declare const GapAnalysisSchema: z.ZodObject<{
171
171
  id: string;
172
172
  severity: "critical" | "high" | "medium" | "low";
173
173
  reason: string;
174
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
174
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
175
175
  recommendation?: string | undefined;
176
176
  description?: string | undefined;
177
177
  }, {
@@ -179,7 +179,7 @@ export declare const GapAnalysisSchema: z.ZodObject<{
179
179
  id: string;
180
180
  severity: "critical" | "high" | "medium" | "low";
181
181
  reason: string;
182
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
182
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
183
183
  recommendation?: string | undefined;
184
184
  description?: string | undefined;
185
185
  }>, "many">;
@@ -445,7 +445,7 @@ export declare const GapAnalysisSchema: z.ZodObject<{
445
445
  id: string;
446
446
  severity: "critical" | "high" | "medium" | "low";
447
447
  reason: string;
448
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
448
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
449
449
  recommendation?: string | undefined;
450
450
  description?: string | undefined;
451
451
  }[];
@@ -524,7 +524,7 @@ export declare const GapAnalysisSchema: z.ZodObject<{
524
524
  id: string;
525
525
  severity: "critical" | "high" | "medium" | "low";
526
526
  reason: string;
527
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
527
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
528
528
  recommendation?: string | undefined;
529
529
  description?: string | undefined;
530
530
  }[];
package/dist/schemas/gap-analysis.schema.js CHANGED
@@ -5,7 +5,7 @@ export const GapSchema = z.object({
5
5
  path: z.string(),
6
6
  severity: z.enum(['critical', 'high', 'medium', 'low']),
7
7
  reason: z.string(),
8
- category: z.enum(['untested-route', 'a11y', 'console-error', 'broken-link', 'auth-surface', 'coverage', 'untested-api-endpoint']),
8
+ category: z.enum(['untested-route', 'a11y', 'console-error', 'broken-link', 'auth-surface', 'coverage', 'untested-api-endpoint', 'prompt-leakage']),
9
9
  description: z.string().optional(),
10
10
  recommendation: z.string().optional(),
11
11
  });
package/dist/schemas/golden-manifest.schema.d.ts ADDED
@@ -0,0 +1,137 @@
1
+ import { z } from 'zod';
2
+ /** Partial ground-truth for auth detection — only fields stated with confidence. */
3
+ export declare const GoldenSiteExpectedSchema: z.ZodObject<{
4
+ hasAuth: z.ZodOptional<z.ZodBoolean>;
5
+ type: z.ZodOptional<z.ZodEnum<["none", "form-login", "oauth", "magic-link", "unknown"]>>;
6
+ leaksPrompt: z.ZodOptional<z.ZodBoolean>;
7
+ }, "strict", z.ZodTypeAny, {
8
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
9
+ hasAuth?: boolean | undefined;
10
+ leaksPrompt?: boolean | undefined;
11
+ }, {
12
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
13
+ hasAuth?: boolean | undefined;
14
+ leaksPrompt?: boolean | undefined;
15
+ }>;
16
+ export declare const GoldenSiteSchema: z.ZodObject<{
17
+ id: z.ZodString;
18
+ url: z.ZodString;
19
+ name: z.ZodString;
20
+ rationale: z.ZodOptional<z.ZodString>;
21
+ coverage_tags: z.ZodArray<z.ZodString, "many">;
22
+ expected: z.ZodObject<{
23
+ hasAuth: z.ZodOptional<z.ZodBoolean>;
24
+ type: z.ZodOptional<z.ZodEnum<["none", "form-login", "oauth", "magic-link", "unknown"]>>;
25
+ leaksPrompt: z.ZodOptional<z.ZodBoolean>;
26
+ }, "strict", z.ZodTypeAny, {
27
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
28
+ hasAuth?: boolean | undefined;
29
+ leaksPrompt?: boolean | undefined;
30
+ }, {
31
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
32
+ hasAuth?: boolean | undefined;
33
+ leaksPrompt?: boolean | undefined;
34
+ }>;
35
+ }, "strip", z.ZodTypeAny, {
36
+ expected: {
37
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
38
+ hasAuth?: boolean | undefined;
39
+ leaksPrompt?: boolean | undefined;
40
+ };
41
+ name: string;
42
+ id: string;
43
+ url: string;
44
+ coverage_tags: string[];
45
+ rationale?: string | undefined;
46
+ }, {
47
+ expected: {
48
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
49
+ hasAuth?: boolean | undefined;
50
+ leaksPrompt?: boolean | undefined;
51
+ };
52
+ name: string;
53
+ id: string;
54
+ url: string;
55
+ coverage_tags: string[];
56
+ rationale?: string | undefined;
57
+ }>;
58
+ export declare const GoldenManifestSchema: z.ZodObject<{
59
+ schemaVersion: z.ZodLiteral<1>;
60
+ coverage_tags: z.ZodArray<z.ZodString, "many">;
61
+ sites: z.ZodArray<z.ZodObject<{
62
+ id: z.ZodString;
63
+ url: z.ZodString;
64
+ name: z.ZodString;
65
+ rationale: z.ZodOptional<z.ZodString>;
66
+ coverage_tags: z.ZodArray<z.ZodString, "many">;
67
+ expected: z.ZodObject<{
68
+ hasAuth: z.ZodOptional<z.ZodBoolean>;
69
+ type: z.ZodOptional<z.ZodEnum<["none", "form-login", "oauth", "magic-link", "unknown"]>>;
70
+ leaksPrompt: z.ZodOptional<z.ZodBoolean>;
71
+ }, "strict", z.ZodTypeAny, {
72
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
73
+ hasAuth?: boolean | undefined;
74
+ leaksPrompt?: boolean | undefined;
75
+ }, {
76
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
77
+ hasAuth?: boolean | undefined;
78
+ leaksPrompt?: boolean | undefined;
79
+ }>;
80
+ }, "strip", z.ZodTypeAny, {
81
+ expected: {
82
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
83
+ hasAuth?: boolean | undefined;
84
+ leaksPrompt?: boolean | undefined;
85
+ };
86
+ name: string;
87
+ id: string;
88
+ url: string;
89
+ coverage_tags: string[];
90
+ rationale?: string | undefined;
91
+ }, {
92
+ expected: {
93
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
94
+ hasAuth?: boolean | undefined;
95
+ leaksPrompt?: boolean | undefined;
96
+ };
97
+ name: string;
98
+ id: string;
99
+ url: string;
100
+ coverage_tags: string[];
101
+ rationale?: string | undefined;
102
+ }>, "many">;
103
+ }, "strip", z.ZodTypeAny, {
104
+ coverage_tags: string[];
105
+ schemaVersion: 1;
106
+ sites: {
107
+ expected: {
108
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
109
+ hasAuth?: boolean | undefined;
110
+ leaksPrompt?: boolean | undefined;
111
+ };
112
+ name: string;
113
+ id: string;
114
+ url: string;
115
+ coverage_tags: string[];
116
+ rationale?: string | undefined;
117
+ }[];
118
+ }, {
119
+ coverage_tags: string[];
120
+ schemaVersion: 1;
121
+ sites: {
122
+ expected: {
123
+ type?: "unknown" | "form-login" | "oauth" | "magic-link" | "none" | undefined;
124
+ hasAuth?: boolean | undefined;
125
+ leaksPrompt?: boolean | undefined;
126
+ };
127
+ name: string;
128
+ id: string;
129
+ url: string;
130
+ coverage_tags: string[];
131
+ rationale?: string | undefined;
132
+ }[];
133
+ }>;
134
+ export type GoldenSiteExpected = z.infer<typeof GoldenSiteExpectedSchema>;
135
+ export type GoldenSite = z.infer<typeof GoldenSiteSchema>;
136
+ export type GoldenManifest = z.infer<typeof GoldenManifestSchema>;
137
+ //# sourceMappingURL=golden-manifest.schema.d.ts.map
package/dist/schemas/golden-manifest.schema.d.ts.map ADDED
@@ -0,0 +1 @@
1
+ {"version":3,"file":"golden-manifest.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/golden-manifest.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,oFAAoF;AACpF,eAAO,MAAM,wBAAwB;;;;;;;;;;;;EAM1B,CAAC;AAEZ,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAU3B,CAAC;AAEH,eAAO,MAAM,oBAAoB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAI/B,CAAC;AAEH,MAAM,MAAM,kBAAkB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,wBAAwB,CAAC,CAAC;AAC1E,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC;AAC1D,MAAM,MAAM,cAAc,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,oBAAoB,CAAC,CAAC"}
package/dist/schemas/golden-manifest.schema.js ADDED
@@ -0,0 +1,25 @@
1
+ import { z } from 'zod';
2
+ /** Partial ground-truth for auth detection — only fields stated with confidence. */
3
+ export const GoldenSiteExpectedSchema = z
4
+ .object({
5
+ hasAuth: z.boolean().optional(),
6
+ type: z.enum(['none', 'form-login', 'oauth', 'magic-link', 'unknown']).optional(),
7
+ leaksPrompt: z.boolean().optional(),
8
+ })
9
+ .strict();
10
+ export const GoldenSiteSchema = z.object({
11
+ id: z
12
+ .string()
13
+ .min(1)
14
+ .regex(/^[a-z0-9]+(?:-[a-z0-9]+)*$/, 'site id must be kebab-case'),
15
+ url: z.string().url(),
16
+ name: z.string().min(1),
17
+ rationale: z.string().min(1).optional(),
18
+ coverage_tags: z.array(z.string().min(1)).min(1),
19
+ expected: GoldenSiteExpectedSchema,
20
+ });
21
+ export const GoldenManifestSchema = z.object({
22
+ schemaVersion: z.literal(1),
23
+ coverage_tags: z.array(z.string().min(1)).min(1),
24
+ sites: z.array(GoldenSiteSchema),
25
+ });
package/dist/schemas/index.d.ts CHANGED
@@ -1,3 +1,4 @@
1
+ export { GoldenManifestSchema, GoldenSiteSchema, GoldenSiteExpectedSchema, type GoldenManifest, type GoldenSite, type GoldenSiteExpected, } from './golden-manifest.schema.js';
1
2
  export { HarnessConfigSchema, resolveMaxOutputTokensPerLlmCall, AuthConfigSchema, DetectedAuthSchema, AuthPathRequirementsSchema, AuthPathSchema, AuthExplorationSchema, type ExplorerType, type AdapterType, type FormLoginAuthConfig, type StorageStateAuthConfig, type AuthConfig, type HarnessConfig, type DetectedAuth, type AuthPathRequirements, type AuthPath, type AuthExploration, } from './config.schema.js';
2
3
  export { DecisionLogEntrySchema, type DecisionLogEntry, } from './decision-log.schema.js';
3
4
  export { RouteInventorySchema, RouteSchema, A11yViolationSchema, BrokenLinkSchema, type RouteInventory, type Route, } from './route-inventory.schema.js';
package/dist/schemas/index.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/schemas/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,mBAAmB,EACnB,gCAAgC,EAChC,gBAAgB,EAChB,kBAAkB,EAClB,0BAA0B,EAC1B,cAAc,EACd,qBAAqB,EACrB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,EAC3B,KAAK,UAAU,EACf,KAAK,aAAa,EAClB,KAAK,YAAY,EACjB,KAAK,oBAAoB,EACzB,KAAK,QAAQ,EACb,KAAK,eAAe,GACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,GACtB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,oBAAoB,EACpB,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,cAAc,EACnB,KAAK,KAAK,GACX,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,SAAS,EACT,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,6BAA6B,EAC7B,KAAK,WAAW,EAChB,KAAK,GAAG,EACR,KAAK,eAAe,EACpB,KAAK,aAAa,EAClB,KAAK,QAAQ,EACb,KAAK,uBAAuB,GAC7B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,GAC3B,MAAM,+BAA+B,CAAC;AACvC,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,8BAA8B,EAC9B,kCAAkC,EAClC,2BAA2B,EAC3B,KAAK,YAAY,EACjB,KAAK,wBAAwB,EAC7B,KAAK,wBAAwB,GAC9B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,wBAAwB,EACxB,iCAAiC,EACjC,qCAAqC,EACrC,KAAK,kBAAkB,EACvB,KAAK,2BAA2B,EAChC,KAAK,+BAA+B,GACrC,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,mBAAmB,EACnB,4BAA4B,EAC5B,6BAA6B,EAC7B,KAAK,aAAa,EAClB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,GAC7B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,KAAK,QAAQ,EACb,KAAK,YAAY,GAClB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,EACvB,4BAA4B,EAC5B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,YAAY,EACjB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,GACvB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,gBAAgB,EAChB,KAAK,oBAAoB,EACzB,KAAK,aAAa,EAClB,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,WAAW,EAChB,KAAK,UAAU,GAChB,MAAM,mBAAmB,CAAC"}
1
+ {"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/schemas/index.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,oBAAoB,EACpB,gBAAgB,EAChB,wBAAwB,EACxB,KAAK,cAAc,EACnB,KAAK,UAAU,EACf,KAAK,kBAAkB,GACxB,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,mBAAmB,EACnB,gCAAgC,EAChC,gBAAgB,EAChB,kBAAkB,EAClB,0BAA0B,EAC1B,cAAc,EACd,qBAAqB,EACrB,KAAK,YAAY,EACjB,KAAK,WAAW,EAChB,KAAK,mBAAmB,EACxB,KAAK,sBAAsB,EAC3B,KAAK,UAAU,EACf,KAAK,aAAa,EAClB,KAAK,YAAY,EACjB,KAAK,oBAAoB,EACzB,KAAK,QAAQ,EACb,KAAK,eAAe,GACrB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,sBAAsB,EACtB,KAAK,gBAAgB,GACtB,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,oBAAoB,EACpB,WAAW,EACX,mBAAmB,EACnB,gBAAgB,EAChB,KAAK,cAAc,EACnB,KAAK,KAAK,GACX,MAAM,6BAA6B,CAAC;AACrC,OAAO,EACL,iBAAiB,EACjB,SAAS,EACT,qBAAqB,EACrB,mBAAmB,EACnB,cAAc,EACd,6BAA6B,EAC7B,KAAK,WAAW,EAChB,KAAK,GAAG,EACR,KAAK,eAAe,EACpB,KAAK,aAAa,EAClB,KAAK,QAAQ,EACb,KAAK,uBAAuB,GAC7B,MAAM,0BAA0B,CAAC;AAClC,OAAO,EACL,sBAAsB,EACtB,oBAAoB,EACpB,oBAAoB,EACpB,sBAAsB,EACtB,uBAAuB,EACvB,2BAA2B,EAC3B,KAAK,gBAAgB,EACrB,KAAK,cAAc,EACnB,KAAK,cAAc,EACnB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,qBAAqB,GAC3B,MAAM,+BAA+B,CAAC;AACvC,OAAO,EACL,kBAAkB,EAClB,wBAAwB,EACxB,8BAA8B,EAC9B,kCAAkC,EAClC,2BAA2B,EAC3B,KAAK,YAAY,EACjB,KAAK,wBAAwB,EAC7B,KAAK,wBAAwB,GAC9B,MAAM,2BAA2B,CAAC;AACnC,OAAO,EACL,wBAAwB,EACxB,iCAAiC,EACjC,qCAAqC,EACrC,KAAK,kBAAkB,EACvB,KAAK,2BAA2B,EAChC,KAAK,+BAA+B,GACrC,MAAM,iCAAiC,CAAC;AACzC,OAAO,EACL,mBAAmB,EACnB,4BAA4B,EAC5B,6BAA6B,EAC7B,KAAK,aAAa,EAClB,KAAK,sBAAsB,EAC3B,KAAK,uBAAuB,GAC7B,MAAM,4BAA4B,CAAC;AACpC,OAAO,EACL,cAAc,EACd,kBAAkB,EAClB,KAAK,QAAQ,EACb,KAAK,YAAY,GAClB,MAAM,oBAAoB,CAAC;AAC5B,OAAO,EACL,wBAAwB,EACxB,kBAAkB,EAClB,uBAAuB,EACvB,qBAAqB,EACrB,sBAAsB,EACtB,uBAAuB,EACvB,4BAA4B,EAC5B,uBAAuB,EACvB,KAAK,kBAAkB,EACvB,KAAK,YAAY,EACjB,KAAK,iBAAiB,EACtB,KAAK,eAAe,EACpB,KAAK,gBAAgB,EACrB,KAAK,iBAAiB,EACtB,KAAK,sBAAsB,EAC3B,KAAK,iBAAiB,GACvB,MAAM,wBAAwB,CAAC;AAChC,OAAO,EACL,0BAA0B,EAC1B,mBAAmB,EACnB,eAAe,EACf,gBAAgB,EAChB,iBAAiB,EACjB,gBAAgB,EAChB,KAAK,oBAAoB,EACzB,KAAK,aAAa,EAClB,KAAK,SAAS,EACd,KAAK,UAAU,EACf,KAAK,WAAW,EAChB,KAAK,UAAU,GAChB,MAAM,mBAAmB,CAAC"}
package/dist/schemas/index.js CHANGED
@@ -1,3 +1,4 @@
1
+ export { GoldenManifestSchema, GoldenSiteSchema, GoldenSiteExpectedSchema, } from './golden-manifest.schema.js';
1
2
  export { HarnessConfigSchema, resolveMaxOutputTokensPerLlmCall, AuthConfigSchema, DetectedAuthSchema, AuthPathRequirementsSchema, AuthPathSchema, AuthExplorationSchema, } from './config.schema.js';
2
3
  export { DecisionLogEntrySchema, } from './decision-log.schema.js';
3
4
  export { RouteInventorySchema, RouteSchema, A11yViolationSchema, BrokenLinkSchema, } from './route-inventory.schema.js';
package/dist/schemas/public-surface.schema.d.ts CHANGED
@@ -74,6 +74,8 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
74
74
  nodeCount: number;
75
75
  }>, "many">;
76
76
  statusCode: z.ZodOptional<z.ZodNumber>;
77
+ headers: z.ZodOptional<z.ZodRecord<z.ZodString, z.ZodString>>;
78
+ bodySnippet: z.ZodOptional<z.ZodString>;
77
79
  }, "strip", z.ZodTypeAny, {
78
80
  path: string;
79
81
  pageTitle: string;
@@ -93,6 +95,8 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
93
95
  nodeCount: number;
94
96
  }[];
95
97
  statusCode?: number | undefined;
98
+ headers?: Record<string, string> | undefined;
99
+ bodySnippet?: string | undefined;
96
100
  }, {
97
101
  path: string;
98
102
  pageTitle: string;
@@ -112,13 +116,15 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
112
116
  nodeCount: number;
113
117
  }[];
114
118
  statusCode?: number | undefined;
119
+ headers?: Record<string, string> | undefined;
120
+ bodySnippet?: string | undefined;
115
121
  }>, "many">;
116
122
  gaps: z.ZodArray<z.ZodObject<{
117
123
  id: z.ZodString;
118
124
  path: z.ZodString;
119
125
  severity: z.ZodEnum<["critical", "high", "medium", "low"]>;
120
126
  reason: z.ZodString;
121
- category: z.ZodEnum<["untested-route", "a11y", "console-error", "broken-link", "auth-surface", "coverage", "untested-api-endpoint"]>;
127
+ category: z.ZodEnum<["untested-route", "a11y", "console-error", "broken-link", "auth-surface", "coverage", "untested-api-endpoint", "prompt-leakage"]>;
122
128
  description: z.ZodOptional<z.ZodString>;
123
129
  recommendation: z.ZodOptional<z.ZodString>;
124
130
  }, "strip", z.ZodTypeAny, {
@@ -126,7 +132,7 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
126
132
  id: string;
127
133
  severity: "critical" | "high" | "medium" | "low";
128
134
  reason: string;
129
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
135
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
130
136
  recommendation?: string | undefined;
131
137
  description?: string | undefined;
132
138
  }, {
@@ -134,7 +140,7 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
134
140
  id: string;
135
141
  severity: "critical" | "high" | "medium" | "low";
136
142
  reason: string;
137
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
143
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
138
144
  recommendation?: string | undefined;
139
145
  description?: string | undefined;
140
146
  }>, "many">;
@@ -181,7 +187,7 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
181
187
  id: string;
182
188
  severity: "critical" | "high" | "medium" | "low";
183
189
  reason: string;
184
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
190
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
185
191
  recommendation?: string | undefined;
186
192
  description?: string | undefined;
187
193
  }[];
@@ -210,6 +216,8 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
210
216
  nodeCount: number;
211
217
  }[];
212
218
  statusCode?: number | undefined;
219
+ headers?: Record<string, string> | undefined;
220
+ bodySnippet?: string | undefined;
213
221
  }[];
214
222
  accessibilityViolations: {
215
223
  path: string;
@@ -224,7 +232,7 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
224
232
  id: string;
225
233
  severity: "critical" | "high" | "medium" | "low";
226
234
  reason: string;
227
- category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint";
235
+ category: "untested-route" | "a11y" | "console-error" | "broken-link" | "auth-surface" | "coverage" | "untested-api-endpoint" | "prompt-leakage";
228
236
  recommendation?: string | undefined;
229
237
  description?: string | undefined;
230
238
  }[];
@@ -253,6 +261,8 @@ export declare const PublicSurfaceSchema: z.ZodObject<{
253
261
  nodeCount: number;
254
262
  }[];
255
263
  statusCode?: number | undefined;
264
+ headers?: Record<string, string> | undefined;
265
+ bodySnippet?: string | undefined;
256
266
  }[];
257
267
  accessibilityViolations: {
258
268
  path: string;
package/dist/schemas/public-surface.schema.d.ts.map CHANGED
@@ -1 +1 @@
1
- {"version":3,"file":"public-surface.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/public-surface.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;EAEvC,CAAC;AAEH,eAAO,MAAM,6BAA6B;;;;;;;;;;;;;;;;EAExC,CAAC;AAEH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAK9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAChE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;AAClF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,6BAA6B,CAAC,CAAC"}
1
+ {"version":3,"file":"public-surface.schema.d.ts","sourceRoot":"","sources":["../../src/schemas/public-surface.schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAIxB,eAAO,MAAM,4BAA4B;;;;;;;;;;;;;;;;;;;EAEvC,CAAC;AAEH,eAAO,MAAM,6BAA6B;;;;;;;;;;;;;;;;EAExC,CAAC;AAEH,eAAO,MAAM,mBAAmB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;EAK9B,CAAC;AAEH,MAAM,MAAM,aAAa,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,mBAAmB,CAAC,CAAC;AAChE,MAAM,MAAM,sBAAsB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,4BAA4B,CAAC,CAAC;AAClF,MAAM,MAAM,uBAAuB,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,6BAA6B,CAAC,CAAC"}