@silasfmartins/testhub 1.0.0

package/protect-loader.mjs

@@ -0,0 +1,643 @@
+// AutoCore Protect Loader (Zero-Touch, Offline)
+// Usage: NODE_OPTIONS="--loader ./node_modules/@silasfmartins/testhub/protect-loader.mjs"
+// This loader runs comprehensive offline checks before exposing @silasfmartins/testhub APIs.
+
+// 🚨 CRÍTICO: Interceptar Object.defineProperty IMEDIATAMENTE
+// Isso DEVE acontecer ANTES de qualquer import para evitar:
+// "TypeError: Cannot redefine property: Symbol($$jest-matchers-object)"
+const _originalDefineProperty = Object.defineProperty
+Object.defineProperty = function (obj, prop, descriptor) {
+  // Detectar se é um símbolo Jest/Vitest/matchers
+  const isMatcherSymbol =
+    typeof prop === 'symbol' &&
+    (prop.toString().includes('jest') ||
+      prop.toString().includes('vitest') ||
+      prop.toString().includes('matchers'))
+
+  if (isMatcherSymbol) {
+    // Verificar se já existe no objeto
+    try {
+      const existingDescriptor = Object.getOwnPropertyDescriptor(obj, prop)
+
+      if (existingDescriptor && !existingDescriptor.configurable) {
+        // Já foi definido e não é configurável, ignorar silenciosamente
+        return obj
+      }
+    } catch {
+      // Ignorar erros de getOwnPropertyDescriptor
+    }
+
+    // Forçar configurable: true para permitir futuras redefinições
+    const safeDescriptor = { ...descriptor, configurable: true }
+
+    try {
+      return _originalDefineProperty.call(Object, obj, prop, safeDescriptor)
+    } catch {
+      // Se falhar, simplesmente retornar o objeto sem modificar
+      return obj
+    }
+  }
+
+  // Para outras propriedades, usar comportamento padrão
+  return _originalDefineProperty.call(Object, obj, prop, descriptor)
+}
+
+import { createHash, randomBytes } from 'node:crypto'
+import { existsSync, promises as fs } from 'node:fs'
+import path from 'node:path'
+import { pathToFileURL } from 'node:url'
+
+let checksDone = false
+let degraded = false
+let degradedReason = ''
+let bypassLogged = false // Evitar logs duplicados
+let startupLogged = false
+let stubConfigLogged = false
+
+// Contadores de detecção de automação
+const callCounts = new Map()
+const lastCallTime = new Map()
+const startTime = Date.now()
+
+async function runComprehensiveChecks(initUrl) {
+  if (checksDone) return
+  checksDone = true
+
+  if (!startupLogged) {
+    try {
+      console.log('[protect-loader] AutoCore Protect Loader: starting comprehensive checks. PID=', process.pid)
+    } catch {}
+    startupLogged = true
+  }
+
+  try {
+    // 🔓 BYPASS AUTOMÁTICO: Verificar ambientes de desenvolvimento e CI
+    const environmentBypass =
+      process.env.AUTOCORE_BYPASS_PROTECTION === 'true' ||
+      process.env.NODE_ENV === 'development' ||
+      process.env.NODE_ENV === 'preprod' ||
+      process.env.NODE_ENV === 'prodlike' ||
+      process.env.NODE_ENV === 'esteira1' ||
+      process.env.NODE_ENV === 'esteira2' ||
+      process.env.ENV === 'preprod' ||
+      process.env.ENV === 'prodlike' ||
+      process.env.ENV === 'producao' ||
+      process.env.ENV === 'esteira1' ||
+      process.env.ENV === 'esteira2' ||
+      Boolean(process.env.CI) ||
+      Boolean(process.env.TF_BUILD) ||
+      Boolean(process.env.GITHUB_ACTIONS) ||
+      Boolean(process.env.JENKINS_URL) ||
+      Boolean(process.env.BUILD_SOURCEBRANCH) ||
+      Boolean(process.env.AGENT_NAME) ||
+      Boolean(process.env.SYSTEM_TEAMFOUNDATIONCOLLECTIONURI) ||
+      Boolean(process.env.PLAYWRIGHT_BROWSERS_PATH) ||
+      Boolean(process.env.VSCODE_PID) ||
+      process.argv.includes('--disable-protection') ||
+      process.argv.some((arg) => arg.includes('test')) ||
+      process.argv.some((arg) => arg.includes('mobile')) ||
+      process.argv.some((arg) => arg.includes('playwright')) ||
+      process.argv.some((arg) => arg.includes('frontend')) ||
+      process.argv.some((arg) => arg.includes('webactions')) ||
+      process.argv.some((arg) => arg.includes('--ui')) ||
+      process.argv.some((arg) => arg.includes('--debug')) ||
+      process.argv.some((arg) => arg.includes('codegen')) ||
+      process.argv.some((arg) => arg.includes('--project')) ||
+      process.env.npm_lifecycle_event?.includes('test') ||
+      process.env.npm_lifecycle_event?.includes('frontend') ||
+      process.env.npm_lifecycle_event?.includes('dev') ||
+      process.env.npm_lifecycle_event?.includes('ui') ||
+      process.env.npm_lifecycle_event?.includes('debug') ||
+      process.env.npm_lifecycle_event?.includes('codegen')
+
+    // 🔧 MODO DEBUG: Ativar logs detalhados quando --debug presente
+    if (process.argv.includes('--debug')) {
+      process.env.AUTOCORE_DEBUG_LOGS = 'true'
+    }
+
+    // Log único de inicialização para ajudar a rastrear GlobalSetup/logs
+    if (!startupLogged) {
+      try {
+        console.log('[protect-loader] AutoCore Protect Loader initialized. PID=', process.pid)
+      } catch {}
+      startupLogged = true
+    }
+
+    if (environmentBypass) {
+      if (!bypassLogged) {
+        console.log('🔓 AutoCore: Bypass automático ativo para ambiente de desenvolvimento/CI')
+        bypassLogged = true
+      }
+      process.env.AUTOCORE_SECURITY_LOADED = 'true'
+      // 🔧 GARANTIR que modo degradado não seja ativado com bypass
+      process.env.AUTOCORE_DEGRADED_MODE = 'false'
+      degraded = false
+      degradedReason = ''
+      return // Pular todas as verificações
+    }
+    // 1) Verificação de chaves de instalação
+    const home = process.env.HOME || process.env.USERPROFILE || ''
+    const keysDir = home ? path.join(home, '.rbqa', 'keys') : ''
+
+    if (keysDir && existsSync(keysDir)) {
+      // Verificar se arquivos de chave existem
+      const keyFile = path.join(keysDir, 'autocore.key')
+      const idFile = path.join(keysDir, 'install.id')
+
+      if (!(existsSync(keyFile) && existsSync(idFile))) {
+        degraded = true
+        degradedReason ||= 'invalid_keys'
+      }
+    } else {
+      degraded = true
+      degradedReason ||= 'missing_installation_keys'
+    }
+
+    // 2) Verificação de manifesto de integridade
+    try {
+      const pkgRoot = process.cwd()
+      const manifestPath = path.join(
+        pkgRoot,
+        'node_modules',
+        '@rbqa',
+        'autocore',
+        'dist',
+        'security.compact.json',
+      )
+
+      if (existsSync(manifestPath)) {
+        const manifest = JSON.parse(await fs.readFile(manifestPath, 'utf8'))
+
+        // Verificar pelo menos um arquivo crítico
+        if (manifest.f && manifest.f.length > 0) {
+          const indexFile = manifest.f.find((f) => f[0].endsWith('index.js'))
+          if (indexFile) {
+            const [filePath, expectedHash] = indexFile
+            const fullPath = path.join(
+              pkgRoot,
+              'node_modules',
+              '@rbqa',
+              'autocore',
+              'dist',
+              filePath,
+            )
+
+            if (existsSync(fullPath)) {
+              const buf = await fs.readFile(fullPath)
+              const actualHash = createHash('sha512').update(buf).digest('hex')
+
+              if (actualHash !== expectedHash) {
+                degraded = true
+                degradedReason ||= 'integrity_compromised'
+              }
+            }
+          }
+        }
+      } else {
+        // Manifesto ausente é suspeito
+        degraded = true
+        degradedReason ||= 'missing_manifest'
+      }
+    } catch {
+      degraded = true
+      degradedReason ||= 'manifest_read_error'
+    }
+
+    // 3) Verificação de honeypot
+    if (process.env.AUTOCORE_HONEYPOT_TRIPPED === 'true') {
+      degraded = true
+      degradedReason ||= 'honeypot_triggered'
+    }
+
+    // 4) Detecção de ambiente de execução
+    const devVars = [
+      'VSCODE_PID',
+      'VSCODE_HANDLES_UNCAUGHT_ERRORS',
+      'PLAYWRIGHT_BROWSERS_PATH',
+      'APPIUM_HOME',
+      'NODE_ENV',
+      'DEBUG',
+      'TERM',
+      'ENV',
+    ]
+
+    const hasDevEnv = devVars.some((v) => process.env[v])
+    const isInteractive = process.stdout.isTTY || Boolean(process.env.TERM)
+    const isCi = Boolean(
+      process.env.CI ||
+        process.env.GITHUB_ACTIONS ||
+        process.env.JENKINS_URL ||
+        process.env.TF_BUILD || // Azure DevOps
+        process.env.BUILD_SOURCEBRANCH || // Azure DevOps
+        process.env.AGENT_NAME || // Azure DevOps
+        process.env.SYSTEM_TEAMFOUNDATIONCOLLECTIONURI, // Azure DevOps
+    )
+
+    // Suspeito se não tem ambiente dev, não é interativo e não é CI conhecido
+    if (!(hasDevEnv || isInteractive || isCi)) {
+      degraded = true
+      degradedReason ||= 'suspicious_environment'
+    }
+
+    // 5) Proof-of-work opcional
+    const powTarget = Number(process.env.AUTOCORE_POW_DIFFICULTY || '0')
+    if (powTarget > 0 && powTarget <= 3) {
+      const nonce = randomBytes(8).toString('hex')
+      let solved = false
+      const maxAttempts =
+        powTarget === 1 ? 1000 : powTarget === 2 ? 5000 : 10_000
+
+      for (let i = 0; i < maxAttempts; i++) {
+        const hash = createHash('sha256')
+          .update(`loader:${nonce}:${i}`)
+          .digest('hex')
+        if (hash.startsWith('0'.repeat(powTarget))) {
+          solved = true
+          break
+        }
+      }
+
+      if (!solved) {
+        degraded = true
+        degradedReason ||= 'pow_challenge_failed'
+      }
+    }
+
+    // 6) Verificação EULA
+    if (
+      process.env.AUTOCORE_EULA_REQUIRED === 'true' &&
+      process.env.AUTOCORE_EULA_ACCEPTED !== 'true'
+    ) {
+      degraded = true
+      degradedReason ||= 'eula_not_accepted'
+    }
+
+    // 7) Timing de inicialização (detecção de startup muito rápido)
+    const bootTime = Date.now() - startTime
+    if (bootTime < 50) {
+      // Menos de 50ms é suspeito
+      degraded = true
+      degradedReason ||= 'too_fast_initialization'
+    }
+
+    // Marcar estado final
+    if (degraded) {
+      process.env.AUTOCORE_DEGRADED_MODE = 'true'
+      process.env.AUTOCORE_DEGRADED_REASON ||= degradedReason || 'unknown'
+    }
+
+    process.env.AUTOCORE_SECURITY_LOADED = 'true'
+    try {
+      if (degraded) {
+        console.warn('[protect-loader] Security checks completed: DEGRADED -', degradedReason)
+      } else {
+        console.log('[protect-loader] Security checks completed: OK')
+      }
+    } catch {}
+  } catch (error) {
+    // Em caso de erro nas verificações, assumir degradado por segurança
+    degraded = true
+    process.env.AUTOCORE_DEGRADED_MODE = 'true'
+    process.env.AUTOCORE_DEGRADED_REASON ||= 'security_check_failed'
+    try {
+      console.error('[protect-loader] Security checks failed with error:', error && error.message)
+    } catch {}
+  }
+}
+
+// NOTE: persistent file logging was removed to avoid writing files on user's machine.
+// All diagnostics use console output only.
+
+// Detecta padrões de automação por frequência de chamadas
+function detectAutomationPattern(specifier) {
+  const now = Date.now()
+  const count = callCounts.get(specifier) || 0
+  const lastCall = lastCallTime.get(specifier) || 0
+
+  // Rate limiting: máximo 20 imports por segundo
+  if (now - lastCall < 50) {
+    // < 50ms entre imports
+    callCounts.set(specifier, count + 1)
+    if (count > 20) {
+      degraded = true
+      degradedReason ||= 'automation_pattern_detected'
+      process.env.AUTOCORE_DEGRADED_MODE = 'true'
+      process.env.AUTOCORE_DEGRADED_REASON ||= degradedReason
+    }
+  } else {
+    callCounts.set(specifier, 1)
+  }
+
+  lastCallTime.set(specifier, now)
+}
+
+// Node ESM Loader hooks
+export async function resolve(specifier, context, nextResolve) {
+  // Detectar padrões de automação
+  detectAutomationPattern(specifier)
+
+  // Detectar se a resolução vem do transform do Playwright (ele transforma TS configs)
+  const parent = context && context.parentURL
+  const isPlaywrightTransform =
+    typeof parent === 'string' &&
+    (parent.includes('playwright/lib/transform') || parent.includes('@playwright/test/lib/transform'))
+
+  // Se o Playwright está tentando resolver o playwright.config.ts do projeto,
+  // deixe o Node/Playwright resolver/carregar o arquivo (não retornar stub).
+  if (
+    isPlaywrightTransform &&
+    typeof specifier === 'string' &&
+    specifier.includes('playwright.config.ts')
+  ) {
+    try {
+      return nextResolve(specifier, context)
+    } catch (e) {
+      // Se resolver falhar aqui, continuar com o fluxo normal (fallback mais adiante)
+    }
+  }
+
+  // Interceptar playwright.config.ts ANTES de tentar resolver
+  if (
+    typeof parent === 'string' &&
+    parent.includes('playwright/lib/transform/transform.js') &&
+    typeof specifier === 'string' &&
+    (specifier.endsWith('playwright.config.ts') || specifier.includes('/playwright.config.ts'))
+  ) {
+    // Prefer an existing compiled JS config if present so Playwright can run the real config/globalSetup.
+    try {
+      const cwd = process.cwd()
+      const candidates = ['playwright.config.js', 'playwright.config.cjs', 'playwright.config.mjs']
+      for (const cand of candidates) {
+        const fp = path.join(cwd, cand)
+        if (existsSync(fp)) {
+          // Let Node/Playwright load the compiled config instead of stubbing
+          return nextResolve(pathToFileURL(fp).href, context)
+        }
+      }
+    } catch (e) {
+      // ignore and fall back to stub
+    }
+
+    // Intercepting playwright.config.ts to provide a safe stub for Playwright's transform.
+    // Intentionally silent to avoid noisy repeated logs during Playwright's internal transforms.
+    const stubConfig = `
+      // AutoCore: stub config para evitar parse de TypeScript
+      // Provide a minimal project so Playwright can read projects[i].use
+      const defaultProject = {
+        name: 'autocore-stub',
+        use: {
+          actionTimeout: 0,
+          navigationTimeout: 30000,
+        }
+      };
+
+      export default {
+        timeout: 30000,
+        use: {
+          actionTimeout: 0,
+          navigationTimeout: 30000,
+        },
+        projects: [defaultProject]
+      };
+
+      export const projects = [defaultProject];
+    `
+    const encodedConfig = Buffer.from(stubConfig, 'utf8').toString('base64')
+    if (!stubConfigLogged) {
+      try {
+        console.log('[protect-loader] Intercepting playwright.config.ts - returning safe stub to avoid TS transform')
+      } catch {}
+      stubConfigLogged = true
+    }
+    return {
+      format: 'module',
+      shortCircuit: true,
+      url: `data:text/javascript;base64,${encodedConfig}`,
+    }
+  }
+
+  // Expor SyncSignal como um sub-módulo virtual de @silasfmartins/testhub
+  if (
+    specifier === '@silasfmartins/testhub/sync-signal' ||
+    specifier === '@silasfmartins/testhub/SyncSignal' ||
+    specifier === '@silasfmartins/testhub/syncsignal'
+  ) {
+    // Do not intercept: let Node resolve via package.json exports (./sync-signal -> sync-signal.js)
+    return nextResolve(specifier, context)
+  }
+
+  // Verificações principais na primeira resolução do pacote
+  if (specifier === '@silasfmartins/testhub' && !checksDone) {
+    await runComprehensiveChecks(import.meta.url)
+
+    // 🔧 VERIFICAR se bypass está ativo antes de aplicar modo degradado
+    const bypassActive =
+      process.env.AUTOCORE_BYPASS_PROTECTION === 'true' ||
+      process.env.NODE_ENV === 'development' ||
+      process.env.NODE_ENV === 'preprod' ||
+      process.env.NODE_ENV === 'prodlike' ||
+      process.env.NODE_ENV === 'esteira1' ||
+      process.env.NODE_ENV === 'esteira2' ||
+      process.env.ENV === 'preprod' ||
+      process.env.ENV === 'prodlike' ||
+      process.env.ENV === 'esteira1' ||
+      process.env.ENV === 'esteira2' ||
+      Boolean(process.env.CI) ||
+      Boolean(process.env.PLAYWRIGHT_BROWSERS_PATH) ||
+      Boolean(process.env.VSCODE_PID) ||
+      process.argv.some((arg) => arg.includes('test')) ||
+      process.argv.some((arg) => arg.includes('playwright')) ||
+      process.argv.some((arg) => arg.includes('frontend')) ||
+      process.argv.some((arg) => arg.includes('--ui')) ||
+      process.argv.some((arg) => arg.includes('--debug')) ||
+      process.argv.some((arg) => arg.includes('codegen')) ||
+      process.argv.some((arg) => arg.includes('--project')) ||
+      process.env.npm_lifecycle_event?.includes('test') ||
+      process.env.npm_lifecycle_event?.includes('ui') ||
+      process.env.npm_lifecycle_event?.includes('debug') ||
+      process.env.npm_lifecycle_event?.includes('codegen')
+
+    if (bypassActive) {
+      // 🔧 Com bypass ativo, nunca usar modo degradado
+      degraded = false
+      process.env.AUTOCORE_DEGRADED_MODE = 'false'
+    }
+
+    // Se a resolução veio do transform do Playwright, não retorne o stub degradado:
+    if (isPlaywrightTransform) {
+      degraded = false
+      process.env.AUTOCORE_DEGRADED_MODE = 'false'
+    }
+
+    if (degraded) {
+      // Retornar stub completo quando degradado
+      const stubModule = `
+        // AutoCore Security: Modo Degradado Ativo
+        const noop = () => {}
+        const proxy = new Proxy(noop, {
+          apply: () => undefined,
+          get: () => proxy,
+          set: () => true
+        })
+
+        // Logger stub
+        export const Logger = {
+          info: noop, warn: noop, error: noop, success: noop,
+          bloco: noop, debug: noop
+        }
+
+        // Actions stubs
+        export const WebActions = proxy
+        export const Actions = proxy // Alias para compatibilidade
+        export const MobileActions = proxy
+        export const MobileConnection = proxy
+        export const ApiActions = proxy
+        export const BancoActions = proxy
+        export const BancoHelper = proxy
+        export const ConexaoTestHelper = proxy
+        export const SSHActions = proxy
+        export const SSHClient = proxy
+
+        // Test framework stubs
+        export const TestContext = proxy
+        export const UnifiedReportManager = proxy
+        export const TestAnnotations = proxy
+
+        // Annotation functions (sempre retornam decorator vazio)
+        export const Api = () => () => {}
+        export const Frontend = () => () => {}
+        export const Front = () => () => {}
+        export const Mobile = () => () => {}
+        export const SSH = () => () => {}
+        export const Banco = () => () => {}
+        export const Mixed = () => () => {}
+        export const Auto = () => () => {}
+
+        // Utils stubs
+        export const DataStore = {
+          set: noop, get: () => null, has: () => false,
+          remove: () => false, clear: noop
+        }
+        export const cleanupEnvLock = noop
+
+        // JsonResponse stub
+        export const JsonResponse = function() {
+          return {
+            get: () => null, getString: () => '',
+            getArray: () => [], raw: () => ({})
+          }
+        }
+
+        // Default export
+        const AutoCoreUnified = {
+          Logger, WebActions, Actions, MobileActions, MobileConnection,
+          ApiActions, TestContext, DataStore
+        }
+        export default AutoCoreUnified
+
+        // Modo degradado silencioso - não quebra o código do usuário
+        console.warn('AutoCore: Modo de proteção ativo. Algumas funcionalidades podem estar limitadas.')
+      `
+
+      const encoded = Buffer.from(stubModule, 'utf8').toString('base64')
+      return {
+        format: 'module',
+        shortCircuit: true,
+        url: `data:text/javascript;base64,${encoded}`,
+      }
+    }
+  }
+
+  try {
+    return await nextResolve(specifier, context)
+  } catch (err) {
+    // Módulos conhecidos que têm problemas de ESM resolution (CommonJS legacy)
+    // Silenciar erros para estes pois o webdriverio/playwright lidam com fallback interno
+    const knownEsmIssues = ['jszip', 'archiver', 'pako', 'setimmediate']
+    const isKnownIssue = knownEsmIssues.some((mod) => 
+      (typeof specifier === 'string' && specifier.includes(mod)) ||
+      (err?.message && err.message.includes(mod))
+    )
+
+    if (!isKnownIssue) {
+      // Resolver falhou (módulo não encontrado etc). Em vez de quebrar, retornar stub module
+      console.error('[protect-loader] resolve ERROR for', specifier, ':', err && err.message)
+    }
+
+    // Criar stub JS mínimo que exporta objetos vazios para evitar que o processo quebre
+    const stub = `export const __autoCoreStub = true; export default {};`
+    const encoded = Buffer.from(stub, 'utf8').toString('base64')
+    return {
+      format: 'module',
+      shortCircuit: true,
+      url: `data:text/javascript;base64,${encoded}`,
+    }
+  }
+}
+
+export async function load(url, context, nextLoad) {
+  // Interceptar playwright.config.ts ANTES de tentar carregar/parsear
+  // para evitar SyntaxError quando transform do Playwright tenta carregar arquivo TypeScript
+  if (typeof url === 'string' && url.includes('playwright.config.ts')) {
+    const stubConfig = `
+      // AutoCore: stub config para evitar parse de TypeScript
+      const defaultProject = {
+        name: 'autocore-stub',
+        use: { actionTimeout: 0, navigationTimeout: 30000 }
+      };
+
+      export default {
+        timeout: 30000,
+        use: { actionTimeout: 0, navigationTimeout: 30000 },
+        projects: [defaultProject]
+      };
+      export const projects = [defaultProject];
+    `
+    if (!stubConfigLogged) {
+      try {
+        console.log('[protect-loader] load() intercept: returning safe playwright.config.ts stub')
+      } catch {}
+      stubConfigLogged = true
+    }
+    return {
+      format: 'module',
+      shortCircuit: true,
+      source: stubConfig,
+    }
+  }
+
+  // Detectar acesso a honeypots
+  if (
+    url.includes('/internal/fakes/') ||
+    url.includes('__honeypot__') ||
+    url.includes('__forbidden__') ||
+    url.includes('__fake-actions__')
+  ) {
+    process.env.AUTOCORE_HONEYPOT_TRIPPED = 'true'
+    degraded = true
+    degradedReason ||= 'honeypot_module_accessed'
+    process.env.AUTOCORE_DEGRADED_MODE = 'true'
+    process.env.AUTOCORE_DEGRADED_REASON ||= degradedReason
+  }
+
+  try {
+    const result = await nextLoad(url, context)
+    return result
+  } catch (err) {
+    // Log de erro apenas quando falhar (mantém logs importantes)
+    console.error('[protect-loader] ERROR loading', url, ':', err && err.message)
+
+    // Se o erro for SyntaxError e o arquivo terminar em .ts, retornar stub
+    if (err && err.name === 'SyntaxError' && typeof url === 'string' && url.endsWith('.ts')) {
+      console.error('[protect-loader] Interceptando arquivo TypeScript que causou SyntaxError')
+      const stub = `const defaultProject = { name: 'autocore-stub', use: { actionTimeout: 0 } }; export default { use: {}, projects: [defaultProject] }; export const projects = [defaultProject];`
+      return {
+        format: 'module',
+        shortCircuit: true,
+        source: stub,
+      }
+    }
+
+    throw err
+  }
+}