@tracelane/report 0.1.0-alpha.16 → 0.1.0-alpha.17
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/build-report.d.ts +13 -0
- package/dist/build-report.d.ts.map +1 -1
- package/dist/build-report.js +9 -2
- package/dist/build-report.js.map +1 -1
- package/dist/markdown.d.ts +2 -1
- package/dist/markdown.d.ts.map +1 -1
- package/dist/markdown.js +11 -1
- package/dist/markdown.js.map +1 -1
- package/dist/panels.d.ts +12 -1
- package/dist/panels.d.ts.map +1 -1
- package/dist/panels.js +13 -2
- package/dist/panels.js.map +1 -1
- package/dist/report-writer.d.ts +5 -0
- package/dist/report-writer.d.ts.map +1 -1
- package/dist/report-writer.js +9 -2
- package/dist/report-writer.js.map +1 -1
- package/dist/template.d.ts +7 -0
- package/dist/template.d.ts.map +1 -1
- package/dist/template.js +73 -1
- package/dist/template.js.map +1 -1
- package/package.json +3 -2
package/dist/build-report.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { eventWithTime } from '@cubenest/rrweb-core';
|
|
2
|
+
import type { Suppression } from '@tracelane/security';
|
|
2
3
|
import type { ReportMeta } from './types.js';
|
|
3
4
|
/** Options for {@link buildReport}. */
|
|
4
5
|
export interface BuildReportOptions {
|
|
@@ -13,6 +14,18 @@ export interface BuildReportOptions {
|
|
|
13
14
|
* audit A-8).
|
|
14
15
|
*/
|
|
15
16
|
footer?: boolean;
|
|
17
|
+
/**
|
|
18
|
+
* Run the advisory `@tracelane/security` analyzer over the captured stream
|
|
19
|
+
* and surface its findings in the report (Markdown section + collapsed
|
|
20
|
+
* panel). Default true. Pass `false` to skip analysis entirely — `analyze`
|
|
21
|
+
* is not called and nothing security-related is rendered.
|
|
22
|
+
*/
|
|
23
|
+
security?: boolean;
|
|
24
|
+
/**
|
|
25
|
+
* Suppressions forwarded to the analyzer (e.g. silence a known-acceptable
|
|
26
|
+
* signal/url). Ignored when `security` is `false`.
|
|
27
|
+
*/
|
|
28
|
+
securitySuppress?: Suppression[];
|
|
16
29
|
}
|
|
17
30
|
/**
|
|
18
31
|
* Build a self-contained HTML report for one test run.
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-report.d.ts","sourceRoot":"","sources":["../src/build-report.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"build-report.d.ts","sourceRoot":"","sources":["../src/build-report.ts"],"names":[],"mappings":"AAgBA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAG1D,OAAO,KAAK,EAAmB,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAMxE,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,uCAAuC;AACvC,MAAM,WAAW,kBAAkB;IACjC;;;OAGG;IACH,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAC5B;;;;OAIG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;IACjB;;;;;OAKG;IACH,QAAQ,CAAC,EAAE,OAAO,CAAC;IACnB;;;OAGG;IACH,gBAAgB,CAAC,EAAE,WAAW,EAAE,CAAC;CAClC;AAED;;;;;;GAMG;AACH,wBAAgB,WAAW,CACzB,MAAM,EAAE,aAAa,EAAE,EACvB,IAAI,EAAE,UAAU,EAChB,OAAO,GAAE,kBAAuB,GAC/B,MAAM,CA6CR"}
|
package/dist/build-report.js
CHANGED
|
@@ -14,6 +14,7 @@
|
|
|
14
14
|
// exceeds the 25 MB budget (ADR-0005); the report renders a banner when a prune
|
|
15
15
|
// fired so the truncation is visible to the user.
|
|
16
16
|
import { pruneToSizeBudget } from '@tracelane/core';
|
|
17
|
+
import { analyze } from '@tracelane/security';
|
|
17
18
|
import { encodeEventsBlob } from './embed.js';
|
|
18
19
|
import { buildMarkdown, extractActionLog } from './markdown.js';
|
|
19
20
|
import { resolveCiMetadata } from './metadata.js';
|
|
@@ -27,7 +28,7 @@ import { renderReportHtml } from './template.js';
|
|
|
27
28
|
* @returns a complete `.html` document string — write it to disk as-is
|
|
28
29
|
*/
|
|
29
30
|
export function buildReport(events, meta, options = {}) {
|
|
30
|
-
const { enforceSizeBudget = true, footer = true } = options;
|
|
31
|
+
const { enforceSizeBudget = true, footer = true, security = true, securitySuppress = [], } = options;
|
|
31
32
|
// Keep the report within budget; surface a banner if anything was dropped.
|
|
32
33
|
const { events: sized, pruned } = enforceSizeBudget
|
|
33
34
|
? pruneToSizeBudget(events)
|
|
@@ -36,7 +37,12 @@ export function buildReport(events, meta, options = {}) {
|
|
|
36
37
|
const consoleRows = extractConsole(sized);
|
|
37
38
|
const networkRows = extractNetwork(sized);
|
|
38
39
|
const actions = extractActionLog(sized);
|
|
39
|
-
|
|
40
|
+
// Advisory security-hygiene analysis (default on). Runs over the SAME
|
|
41
|
+
// size-pruned events the other extractors consume; skipped when disabled.
|
|
42
|
+
const securityFindings = security
|
|
43
|
+
? analyze(sized, { suppress: securitySuppress })
|
|
44
|
+
: [];
|
|
45
|
+
const markdown = buildMarkdown(resolvedMeta, consoleRows, networkRows, actions, securityFindings);
|
|
40
46
|
// First/last event timestamps drive the hero meta strip's "Events" item,
|
|
41
47
|
// the replay-header session-range label, and the failure marker on the
|
|
42
48
|
// custom timeline strip. `?? 0` fallback covers the crashed-before-
|
|
@@ -49,6 +55,7 @@ export function buildReport(events, meta, options = {}) {
|
|
|
49
55
|
eventsGzB64: encodeEventsBlob(sized),
|
|
50
56
|
console: consoleRows,
|
|
51
57
|
network: networkRows,
|
|
58
|
+
security: securityFindings,
|
|
52
59
|
markdown,
|
|
53
60
|
pruned,
|
|
54
61
|
eventCount: sized.length,
|
package/dist/build-report.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"build-report.js","sourceRoot":"","sources":["../src/build-report.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,EAAE;AACF,yEAAyE;AACzE,8EAA8E;AAC9E,wCAAwC;AACxC,yEAAyE;AACzE,gEAAgE;AAChE,iEAAiE;AACjE,iEAAiE;AACjE,iEAAiE;AACjE,iDAAiD;AACjD,EAAE;AACF,gFAAgF;AAChF,gFAAgF;AAChF,kDAAkD;AAGlD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;
|
|
1
|
+
{"version":3,"file":"build-report.js","sourceRoot":"","sources":["../src/build-report.ts"],"names":[],"mappings":"AAAA,yCAAyC;AACzC,EAAE;AACF,yEAAyE;AACzE,8EAA8E;AAC9E,wCAAwC;AACxC,yEAAyE;AACzE,gEAAgE;AAChE,iEAAiE;AACjE,iEAAiE;AACjE,iEAAiE;AACjE,iDAAiD;AACjD,EAAE;AACF,gFAAgF;AAChF,gFAAgF;AAChF,kDAAkD;AAGlD,OAAO,EAAE,iBAAiB,EAAE,MAAM,iBAAiB,CAAC;AACpD,OAAO,EAAE,OAAO,EAAE,MAAM,qBAAqB,CAAC;AAE9C,OAAO,EAAE,gBAAgB,EAAE,MAAM,YAAY,CAAC;AAC9C,OAAO,EAAE,aAAa,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AAChE,OAAO,EAAE,iBAAiB,EAAE,MAAM,eAAe,CAAC;AAClD,OAAO,EAAE,cAAc,EAAE,cAAc,EAAE,MAAM,aAAa,CAAC;AAC7D,OAAO,EAAE,gBAAgB,EAAE,MAAM,eAAe,CAAC;AA8BjD;;;;;;GAMG;AACH,MAAM,UAAU,WAAW,CACzB,MAAuB,EACvB,IAAgB,EAChB,UAA8B,EAAE;IAEhC,MAAM,EACJ,iBAAiB,GAAG,IAAI,EACxB,MAAM,GAAG,IAAI,EACb,QAAQ,GAAG,IAAI,EACf,gBAAgB,GAAG,EAAE,GACtB,GAAG,OAAO,CAAC;IAEZ,2EAA2E;IAC3E,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,MAAM,EAAE,GAAG,iBAAiB;QACjD,CAAC,CAAC,iBAAiB,CAAC,MAAM,CAAC;QAC3B,CAAC,CAAC,EAAE,MAAM,EAAE,MAAM,EAAE,KAAK,EAAE,CAAC;IAE9B,MAAM,YAAY,GAAG,iBAAiB,CAAC,IAAI,CAAC,CAAC;IAC7C,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,WAAW,GAAG,cAAc,CAAC,KAAK,CAAC,CAAC;IAC1C,MAAM,OAAO,GAAG,gBAAgB,CAAC,KAAK,CAAC,CAAC;IACxC,sEAAsE;IACtE,0EAA0E;IAC1E,MAAM,gBAAgB,GAAsB,QAAQ;QAClD,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,QAAQ,EAAE,gBAAgB,EAAE,CAAC;QAChD,CAAC,CAAC,EAAE,CAAC;IACP,MAAM,QAAQ,GAAG,aAAa,CAAC,YAAY,EAAE,WAAW,EAAE,WAAW,EAAE,OAAO,EAAE,gBAAgB,CAAC,CAAC;IAElG,yEAAyE;IACzE,uEAAuE;IACvE,oEAAoE;IACpE,qEAAqE;IACrE,gEAAgE;IAChE,MAAM,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,EAAE,SAAS,IAAI,CAAC,CAAC;IACzC,MAAM,MAAM,GAAG,KAAK,CAAC,KAAK,CAAC,MAAM,GAAG,CAAC,CAAC,EAAE,SAAS,IAAI,CAAC,CAAC;IAEvD,OAAO,gBAAgB,CAAC;QACtB,IAAI,EAAE,YAAY;QAClB,WAAW,EAAE,gBAAgB,CAAC,KAAK,CAAC;QACpC,OAAO,EAAE,WAAW;QACpB,OAAO,EAAE,WAAW;QACpB,QAAQ,EAAE,gBAAgB;QAC1B,QAAQ;QACR,MAAM;QACN,UAAU,EAAE,KAAK,CAAC,MAAM;QACxB,OAAO;QACP,MAAM;QACN,MAAM;KACP,CAAC,CAAC;AACL,CAAC"}
|
package/dist/markdown.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { eventWithTime } from '@cubenest/rrweb-core';
|
|
2
|
+
import type { SecurityFinding } from '@tracelane/security';
|
|
2
3
|
import type { ConsoleEntry, NetworkEntry } from './panels.js';
|
|
3
4
|
import type { ReportMeta } from './types.js';
|
|
4
5
|
/** Max console messages included in the prompt (P1 PRD §F.3: "last 30"). */
|
|
@@ -18,5 +19,5 @@ export interface ActionEntry {
|
|
|
18
19
|
*/
|
|
19
20
|
export declare function extractActionLog(events: readonly eventWithTime[]): ActionEntry[];
|
|
20
21
|
/** Build the Markdown prompt (P1 PRD §F.3). */
|
|
21
|
-
export declare function buildMarkdown(meta: ReportMeta, consoleRows: readonly ConsoleEntry[], networkRows: readonly NetworkEntry[], actions: readonly ActionEntry[]): string;
|
|
22
|
+
export declare function buildMarkdown(meta: ReportMeta, consoleRows: readonly ConsoleEntry[], networkRows: readonly NetworkEntry[], actions: readonly ActionEntry[], securityFindings?: readonly SecurityFinding[]): string;
|
|
22
23
|
//# sourceMappingURL=markdown.d.ts.map
|
package/dist/markdown.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"markdown.d.ts","sourceRoot":"","sources":["../src/markdown.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,4EAA4E;AAC5E,eAAO,MAAM,oBAAoB,KAAK,CAAC;AACvC,uEAAuE;AACvE,eAAO,MAAM,WAAW,KAAK,CAAC;AAE9B,oEAAoE;AACpE,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAqBD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,SAAS,aAAa,EAAE,GAAG,WAAW,EAAE,CAsBhF;AAMD,+CAA+C;AAC/C,wBAAgB,aAAa,CAC3B,IAAI,EAAE,UAAU,EAChB,WAAW,EAAE,SAAS,YAAY,EAAE,EACpC,WAAW,EAAE,SAAS,YAAY,EAAE,EACpC,OAAO,EAAE,SAAS,WAAW,EAAE,
|
|
1
|
+
{"version":3,"file":"markdown.d.ts","sourceRoot":"","sources":["../src/markdown.ts"],"names":[],"mappings":"AAQA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAC3D,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,4EAA4E;AAC5E,eAAO,MAAM,oBAAoB,KAAK,CAAC;AACvC,uEAAuE;AACvE,eAAO,MAAM,WAAW,KAAK,CAAC;AAE9B,oEAAoE;AACpE,MAAM,WAAW,WAAW;IAC1B,WAAW,EAAE,MAAM,CAAC;IACpB,SAAS,EAAE,MAAM,CAAC;CACnB;AAqBD;;;;;GAKG;AACH,wBAAgB,gBAAgB,CAAC,MAAM,EAAE,SAAS,aAAa,EAAE,GAAG,WAAW,EAAE,CAsBhF;AAMD,+CAA+C;AAC/C,wBAAgB,aAAa,CAC3B,IAAI,EAAE,UAAU,EAChB,WAAW,EAAE,SAAS,YAAY,EAAE,EACpC,WAAW,EAAE,SAAS,YAAY,EAAE,EACpC,OAAO,EAAE,SAAS,WAAW,EAAE,EAC/B,gBAAgB,GAAE,SAAS,eAAe,EAAO,GAChD,MAAM,CAuDR"}
|
package/dist/markdown.js
CHANGED
|
@@ -54,7 +54,7 @@ function bullet(line) {
|
|
|
54
54
|
return `- ${line}`;
|
|
55
55
|
}
|
|
56
56
|
/** Build the Markdown prompt (P1 PRD §F.3). */
|
|
57
|
-
export function buildMarkdown(meta, consoleRows, networkRows, actions) {
|
|
57
|
+
export function buildMarkdown(meta, consoleRows, networkRows, actions, securityFindings = []) {
|
|
58
58
|
const out = [];
|
|
59
59
|
out.push('## Failing test');
|
|
60
60
|
out.push(bullet(`Spec: ${meta.spec ?? '(unknown)'}`));
|
|
@@ -96,6 +96,16 @@ export function buildMarkdown(meta, consoleRows, networkRows, actions) {
|
|
|
96
96
|
else {
|
|
97
97
|
lastActions.forEach((a, i) => out.push(`${i + 1}. ${a.description}`));
|
|
98
98
|
}
|
|
99
|
+
// Advisory security-hygiene section — additive, omitted entirely when there
|
|
100
|
+
// are no findings (Task 10). These are observations, NOT a security audit.
|
|
101
|
+
if (securityFindings.length > 0) {
|
|
102
|
+
out.push('');
|
|
103
|
+
out.push('## Security hygiene (advisory)');
|
|
104
|
+
out.push('_Observed during the test run — advisory hygiene signals, not a security audit._');
|
|
105
|
+
for (const s of securityFindings) {
|
|
106
|
+
out.push(bullet(`[${s.severity}] ${s.title} — ${s.evidence}`));
|
|
107
|
+
}
|
|
108
|
+
}
|
|
99
109
|
return `${out.join('\n')}\n`;
|
|
100
110
|
}
|
|
101
111
|
//# sourceMappingURL=markdown.js.map
|
package/dist/markdown.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"markdown.js","sourceRoot":"","sources":["../src/markdown.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,EAAE;AACF,+EAA+E;AAC/E,2EAA2E;AAC3E,0EAA0E;AAC1E,4EAA4E;AAE5E,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"markdown.js","sourceRoot":"","sources":["../src/markdown.ts"],"names":[],"mappings":"AAAA,qEAAqE;AACrE,EAAE;AACF,+EAA+E;AAC/E,2EAA2E;AAC3E,0EAA0E;AAC1E,4EAA4E;AAE5E,OAAO,EAAE,SAAS,EAAE,iBAAiB,EAAE,iBAAiB,EAAE,MAAM,sBAAsB,CAAC;AAMvF,4EAA4E;AAC5E,MAAM,CAAC,MAAM,oBAAoB,GAAG,EAAE,CAAC;AACvC,uEAAuE;AACvE,MAAM,CAAC,MAAM,WAAW,GAAG,EAAE,CAAC;AAiB9B,MAAM,uBAAuB,GAA2B;IACtD,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE,OAAO;IAClC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,EAAE,cAAc;IAC5C,CAAC,iBAAiB,CAAC,WAAW,CAAC,EAAE,aAAa;IAC9C,CAAC,iBAAiB,CAAC,KAAK,CAAC,EAAE,OAAO;IAClC,CAAC,iBAAiB,CAAC,IAAI,CAAC,EAAE,MAAM;IAChC,CAAC,iBAAiB,CAAC,UAAU,CAAC,EAAE,OAAO;IACvC,CAAC,iBAAiB,CAAC,QAAQ,CAAC,EAAE,WAAW;CAC1C,CAAC;AAEF;;;;;GAKG;AACH,MAAM,UAAU,gBAAgB,CAAC,MAAgC;IAC/D,MAAM,OAAO,GAAkB,EAAE,CAAC;IAClC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,MAAM,EAAE,CAAC;YAChC,MAAM,IAAI,GAAG,CAAC,CAAC,IAAqB,CAAC;YACrC,IAAI,IAAI,CAAC,GAAG,KAAK,eAAe,EAAE,CAAC;gBACjC,MAAM,GAAG,GAAG,OAAO,IAAI,CAAC,OAAO,EAAE,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC,CAAC,WAAW,CAAC;gBACnF,OAAO,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,eAAe,GAAG,EAAE,EAAE,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;YAC9E,CAAC;YACD,SAAS;QACX,CAAC;QACD,IAAI,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,mBAAmB;YAAE,SAAS;QACvD,MAAM,IAAI,GAAG,CAAC,CAAC,IAAuB,CAAC;QACvC,IAAI,IAAI,CAAC,MAAM,KAAK,iBAAiB,CAAC,gBAAgB,EAAE,CAAC;YACvD,MAAM,IAAI,GAAG,OAAO,IAAI,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;YAC5D,MAAM,KAAK,GAAG,uBAAuB,CAAC,IAAI,CAAC,CAAC;YAC5C,IAAI,KAAK;gBAAE,OAAO,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,KAAK,EAAE,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QAC1E,CAAC;aAAM,IAAI,IAAI,CAAC,MAAM,KAAK,iBAAiB,CAAC,KAAK,EAAE,CAAC;YACnD,OAAO,CAAC,IAAI,CAAC,EAAE,WAAW,EAAE,YAAY,EAAE,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;QACtE,CAAC;IACH,CAAC;IACD,OAAO,OAAO,CAAC;AACjB,CAAC;AAED,SAAS,MAAM,CAAC,IAAY;IAC1B,OAAO,KAAK,IAAI,EAAE,CAAC;AACrB,CAAC;AAED,+CAA+C;AAC/C,MAAM,UAAU,aAAa,CAC3B,IAAgB,EAChB,WAAoC,EACpC,WAAoC,EACpC,OAA+B,EAC/B,mBAA+C,EAAE;IAEjD,MAAM,GAAG,GAAa,EAAE,CAAC;IAEzB,GAAG,CAAC,IAAI,CAAC,iBAAiB,CAAC,CAAC;IAC5B,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,SAAS,IAAI,CAAC,IAAI,IAAI,WAAW,EAAE,CAAC,CAAC,CAAC;IACtD,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACzC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC;IAC3C,IAAI,IAAI,CAAC,WAAW,EAAE,CAAC;QACrB,GAAG,CAAC,IAAI,CACN,MAAM,CAAC,YAAY,CAAC,IAAI,CAAC,WAAW,EAAE,IAAI,CAAC,cAAc,CAAC,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,EAAE,CAAC,CACxF,CAAC;IACJ,CAAC;IACD,IAAI,IAAI,CAAC,SAAS;QAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,WAAW,IAAI,CAAC,SAAS,EAAE,CAAC,CAAC,CAAC;IAClE,IAAI,IAAI,CAAC,KAAK;QAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,UAAU,IAAI,CAAC,KAAK,EAAE,CAAC,CAAC,CAAC;IACzD,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEb,MAAM,WAAW,GAAG,WAAW,CAAC,KAAK,CAAC,CAAC,oBAAoB,CAAC,CAAC;IAC7D,GAAG,CAAC,IAAI,CAAC,WAAW,WAAW,CAAC,MAAM,mBAAmB,CAAC,CAAC;IAC3D,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,WAAW;YAAE,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,KAAK,KAAK,CAAC,CAAC,OAAO,EAAE,CAAC,CAAC,CAAC;IAC7E,CAAC;IACD,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEb,GAAG,CAAC,IAAI,CAAC,4BAA4B,CAAC,CAAC;IACvC,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,GAAG,CAAC,IAAI,CAAC,kBAAkB,CAAC,CAAC;IAC/B,CAAC;SAAM,CAAC;QACN,KAAK,MAAM,CAAC,IAAI,WAAW,EAAE,CAAC;YAC5B,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC,MAAM,IAAI,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC;QAC5E,CAAC;IACH,CAAC;IACD,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;IAEb,MAAM,WAAW,GAAG,OAAO,CAAC,KAAK,CAAC,CAAC,WAAW,CAAC,CAAC;IAChD,GAAG,CAAC,IAAI,CAAC,iDAAiD,CAAC,CAAC;IAC5D,IAAI,WAAW,CAAC,MAAM,KAAK,CAAC,EAAE,CAAC;QAC7B,GAAG,CAAC,IAAI,CAAC,6BAA6B,CAAC,CAAC;IAC1C,CAAC;SAAM,CAAC;QACN,WAAW,CAAC,OAAO,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,GAAG,CAAC,IAAI,CAAC,GAAG,CAAC,GAAG,CAAC,KAAK,CAAC,CAAC,WAAW,EAAE,CAAC,CAAC,CAAC;IACxE,CAAC;IAED,4EAA4E;IAC5E,2EAA2E;IAC3E,IAAI,gBAAgB,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChC,GAAG,CAAC,IAAI,CAAC,EAAE,CAAC,CAAC;QACb,GAAG,CAAC,IAAI,CAAC,gCAAgC,CAAC,CAAC;QAC3C,GAAG,CAAC,IAAI,CAAC,kFAAkF,CAAC,CAAC;QAC7F,KAAK,MAAM,CAAC,IAAI,gBAAgB,EAAE,CAAC;YACjC,GAAG,CAAC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,CAAC,QAAQ,KAAK,CAAC,CAAC,KAAK,MAAM,CAAC,CAAC,QAAQ,EAAE,CAAC,CAAC,CAAC;QACjE,CAAC;IACH,CAAC;IAED,OAAO,GAAG,GAAG,CAAC,IAAI,CAAC,IAAI,CAAC,IAAI,CAAC;AAC/B,CAAC"}
|
package/dist/panels.d.ts
CHANGED
|
@@ -24,12 +24,23 @@ export declare const NETWORK_PLUGIN: "rrweb/network@1";
|
|
|
24
24
|
export declare const NETWORK_EVENT_TAG = "tracelane.test.network-error";
|
|
25
25
|
/** console.error prefix for the v1 network fallback (P1 PRD §E.2). */
|
|
26
26
|
export declare const NETWORK_CONSOLE_PREFIX = "[tracelane.net]";
|
|
27
|
+
/**
|
|
28
|
+
* console.error prefix the capture layer uses for privacy-safe response
|
|
29
|
+
* metadata consumed by `@tracelane/security`. Like the network-scrape lines,
|
|
30
|
+
* these are a non-console signal and are filtered OUT of the console panel —
|
|
31
|
+
* the security analyzer surfaces them as advisory findings instead. Defined
|
|
32
|
+
* locally (mirroring {@link NETWORK_CONSOLE_PREFIX}) rather than imported from
|
|
33
|
+
* `@tracelane/security` just for a string constant.
|
|
34
|
+
*/
|
|
35
|
+
export declare const SEC_CONSOLE_PREFIX = "[tracelane.sec]";
|
|
27
36
|
/**
|
|
28
37
|
* Extract console panel rows. Drops the CDP network-scrape lines
|
|
29
38
|
* ('[tracelane.net] …'): they are a *network* signal that `extractNetwork`
|
|
30
39
|
* already surfaces as structured rows in the Network panel. Letting them
|
|
31
40
|
* through here double-renders the same failure as a raw console string,
|
|
32
|
-
* inconsistently with the structured row (audit A-4).
|
|
41
|
+
* inconsistently with the structured row (audit A-4). Also drops the
|
|
42
|
+
* '[tracelane.sec] …' response-metadata lines: those are a *security* signal
|
|
43
|
+
* the analyzer turns into advisory findings, not console output (Task 9).
|
|
33
44
|
*/
|
|
34
45
|
export declare function extractConsole(events: readonly eventWithTime[]): ConsoleEntry[];
|
|
35
46
|
/**
|
package/dist/panels.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"panels.d.ts","sourceRoot":"","sources":["../src/panels.ts"],"names":[],"mappings":"AAoBA,OAAO,KAAK,EAAuC,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAE/F,2BAA2B;AAC3B,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,iCAAiC;AACjC,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,8CAA8C;AAC9C,eAAO,MAAM,cAAc,oBAAoB,CAAC;AAChD;;;;GAIG;AACH,eAAO,MAAM,cAAc,mBAAsB,CAAC;AAClD,qEAAqE;AACrE,eAAO,MAAM,iBAAiB,iCAAiC,CAAC;AAChE,sEAAsE;AACtE,eAAO,MAAM,sBAAsB,oBAAoB,CAAC;AA+
|
|
1
|
+
{"version":3,"file":"panels.d.ts","sourceRoot":"","sources":["../src/panels.ts"],"names":[],"mappings":"AAoBA,OAAO,KAAK,EAAuC,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAE/F,2BAA2B;AAC3B,MAAM,WAAW,YAAY;IAC3B,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,iCAAiC;AACjC,MAAM,WAAW,YAAY;IAC3B,MAAM,CAAC,EAAE,MAAM,CAAC;IAChB,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,8CAA8C;AAC9C,eAAO,MAAM,cAAc,oBAAoB,CAAC;AAChD;;;;GAIG;AACH,eAAO,MAAM,cAAc,mBAAsB,CAAC;AAClD,qEAAqE;AACrE,eAAO,MAAM,iBAAiB,iCAAiC,CAAC;AAChE,sEAAsE;AACtE,eAAO,MAAM,sBAAsB,oBAAoB,CAAC;AACxD;;;;;;;GAOG;AACH,eAAO,MAAM,kBAAkB,oBAAoB,CAAC;AA+EpD;;;;;;;;GAQG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,SAAS,aAAa,EAAE,GAAG,YAAY,EAAE,CAK/E;AAkGD;;;;;;;;;;;;;;;;;;;GAmBG;AACH,wBAAgB,cAAc,CAAC,MAAM,EAAE,SAAS,aAAa,EAAE,GAAG,YAAY,EAAE,CAmD/E"}
|
package/dist/panels.js
CHANGED
|
@@ -29,6 +29,15 @@ export const NETWORK_PLUGIN = NETWORK_PLUGIN_NAME;
|
|
|
29
29
|
export const NETWORK_EVENT_TAG = 'tracelane.test.network-error';
|
|
30
30
|
/** console.error prefix for the v1 network fallback (P1 PRD §E.2). */
|
|
31
31
|
export const NETWORK_CONSOLE_PREFIX = '[tracelane.net]';
|
|
32
|
+
/**
|
|
33
|
+
* console.error prefix the capture layer uses for privacy-safe response
|
|
34
|
+
* metadata consumed by `@tracelane/security`. Like the network-scrape lines,
|
|
35
|
+
* these are a non-console signal and are filtered OUT of the console panel —
|
|
36
|
+
* the security analyzer surfaces them as advisory findings instead. Defined
|
|
37
|
+
* locally (mirroring {@link NETWORK_CONSOLE_PREFIX}) rather than imported from
|
|
38
|
+
* `@tracelane/security` just for a string constant.
|
|
39
|
+
*/
|
|
40
|
+
export const SEC_CONSOLE_PREFIX = '[tracelane.sec]';
|
|
32
41
|
function isPlugin(e) {
|
|
33
42
|
return e.type === EventType.Plugin;
|
|
34
43
|
}
|
|
@@ -94,10 +103,12 @@ function extractConsoleRows(events) {
|
|
|
94
103
|
* ('[tracelane.net] …'): they are a *network* signal that `extractNetwork`
|
|
95
104
|
* already surfaces as structured rows in the Network panel. Letting them
|
|
96
105
|
* through here double-renders the same failure as a raw console string,
|
|
97
|
-
* inconsistently with the structured row (audit A-4).
|
|
106
|
+
* inconsistently with the structured row (audit A-4). Also drops the
|
|
107
|
+
* '[tracelane.sec] …' response-metadata lines: those are a *security* signal
|
|
108
|
+
* the analyzer turns into advisory findings, not console output (Task 9).
|
|
98
109
|
*/
|
|
99
110
|
export function extractConsole(events) {
|
|
100
|
-
return extractConsoleRows(events).filter((row) => !row.message.includes(NETWORK_CONSOLE_PREFIX));
|
|
111
|
+
return extractConsoleRows(events).filter((row) => !row.message.includes(NETWORK_CONSOLE_PREFIX) && !row.message.includes(SEC_CONSOLE_PREFIX));
|
|
101
112
|
}
|
|
102
113
|
/** Parse a '[tracelane.net] <METHOD> <STATUS> <URL>' console line, if it is one. */
|
|
103
114
|
function parseNetConsoleLine(message, timestamp) {
|
package/dist/panels.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"panels.js","sourceRoot":"","sources":["../src/panels.ts"],"names":[],"mappings":"AAAA,kDAAkD;AAClD,EAAE;AACF,8EAA8E;AAC9E,0EAA0E;AAC1E,2EAA2E;AAC3E,6EAA6E;AAC7E,EAAE;AACF,qEAAqE;AACrE,6EAA6E;AAC7E,6EAA6E;AAC7E,8EAA8E;AAC9E,+DAA+D;AAC/D,yEAAyE;AACzE,4DAA4D;AAC5D,6EAA6E;AAC7E,0EAA0E;AAC1E,0EAA0E;AAC1E,mCAAmC;AAEnC,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAkBtE,8CAA8C;AAC9C,MAAM,CAAC,MAAM,cAAc,GAAG,iBAAiB,CAAC;AAChD;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,mBAAmB,CAAC;AAClD,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,8BAA8B,CAAC;AAChE,sEAAsE;AACtE,MAAM,CAAC,MAAM,sBAAsB,GAAG,iBAAiB,CAAC;
|
|
1
|
+
{"version":3,"file":"panels.js","sourceRoot":"","sources":["../src/panels.ts"],"names":[],"mappings":"AAAA,kDAAkD;AAClD,EAAE;AACF,8EAA8E;AAC9E,0EAA0E;AAC1E,2EAA2E;AAC3E,6EAA6E;AAC7E,EAAE;AACF,qEAAqE;AACrE,6EAA6E;AAC7E,6EAA6E;AAC7E,8EAA8E;AAC9E,+DAA+D;AAC/D,yEAAyE;AACzE,4DAA4D;AAC5D,6EAA6E;AAC7E,0EAA0E;AAC1E,0EAA0E;AAC1E,mCAAmC;AAEnC,OAAO,EAAE,SAAS,EAAE,mBAAmB,EAAE,MAAM,sBAAsB,CAAC;AAkBtE,8CAA8C;AAC9C,MAAM,CAAC,MAAM,cAAc,GAAG,iBAAiB,CAAC;AAChD;;;;GAIG;AACH,MAAM,CAAC,MAAM,cAAc,GAAG,mBAAmB,CAAC;AAClD,qEAAqE;AACrE,MAAM,CAAC,MAAM,iBAAiB,GAAG,8BAA8B,CAAC;AAChE,sEAAsE;AACtE,MAAM,CAAC,MAAM,sBAAsB,GAAG,iBAAiB,CAAC;AACxD;;;;;;;GAOG;AACH,MAAM,CAAC,MAAM,kBAAkB,GAAG,iBAAiB,CAAC;AAmBpD,SAAS,QAAQ,CAAC,CAAgB;IAChC,OAAO,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,MAAM,CAAC;AACrC,CAAC;AACD,SAAS,QAAQ,CAAC,CAAgB;IAChC,OAAO,CAAC,CAAC,IAAI,KAAK,SAAS,CAAC,MAAM,CAAC;AACrC,CAAC;AAED,0EAA0E;AAC1E,SAAS,aAAa,CAAC,OAAgB;IACrC,IAAI,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,EAAE,CAAC;QAC3B,OAAO,OAAO;aACX,GAAG,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,QAAQ,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC,aAAa,CAAC,CAAC,CAAC,CAAC,CAAC;aACvE,IAAI,CAAC,GAAG,CAAC,CAAC;IACf,CAAC;IACD,OAAO,OAAO,OAAO,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,CAAC,CAAC,aAAa,CAAC,OAAO,CAAC,CAAC;AACxE,CAAC;AAED,4EAA4E;AAC5E,qEAAqE;AACrE,SAAS,WAAW,CAAC,CAAS;IAC5B,IAAI,CAAC,CAAC,MAAM,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,KAAK,GAAG,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,GAAG,CAAC,CAAC,KAAK,GAAG,EAAE,CAAC;QAC7D,IAAI,CAAC;YACH,MAAM,MAAM,GAAY,IAAI,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC;YACtC,IAAI,OAAO,MAAM,KAAK,QAAQ;gBAAE,OAAO,MAAM,CAAC;QAChD,CAAC;QAAC,MAAM,CAAC;YACP,0BAA0B;QAC5B,CAAC;IACH,CAAC;IACD,OAAO,CAAC,CAAC;AACX,CAAC;AAED,SAAS,aAAa,CAAC,KAAc;IACnC,IAAI,CAAC;QACH,OAAO,IAAI,CAAC,SAAS,CAAC,KAAK,CAAC,IAAI,MAAM,CAAC,KAAK,CAAC,CAAC;IAChD,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,MAAM,CAAC,KAAK,CAAC,CAAC;IACvB,CAAC;AACH,CAAC;AAED;;;;;;GAMG;AACH,SAAS,kBAAkB,CAAC,MAAgC;IAC1D,MAAM,IAAI,GAAmB,EAAE,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YAAE,SAAS;QAC3B,MAAM,IAAI,GAAG,CAAC,CAAC,IAAuB,CAAC;QACvC,IAAI,IAAI,CAAC,MAAM,KAAK,cAAc;YAAE,SAAS;QAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,OAA2C,CAAC;QACjE,MAAM,KAAK,GAAG,OAAO,OAAO,EAAE,KAAK,KAAK,QAAQ,CAAC,CAAC,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,CAAC,KAAK,CAAC;QACzE,MAAM,OAAO,GAAG,aAAa,CAAC,OAAO,EAAE,OAAO,CAAC,CAAC;QAChD,IAAI,CAAC,IAAI,CAAC,EAAE,KAAK,EAAE,OAAO,EAAE,SAAS,EAAE,CAAC,CAAC,SAAS,EAAE,CAAC,CAAC;IACxD,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC;AAED;;;;;;;;GAQG;AACH,MAAM,UAAU,cAAc,CAAC,MAAgC;IAC7D,OAAO,kBAAkB,CAAC,MAAM,CAAC,CAAC,MAAM,CACtC,CAAC,GAAG,EAAE,EAAE,CACN,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,sBAAsB,CAAC,IAAI,CAAC,GAAG,CAAC,OAAO,CAAC,QAAQ,CAAC,kBAAkB,CAAC,CAC7F,CAAC;AACJ,CAAC;AAED,oFAAoF;AACpF,SAAS,mBAAmB,CAAC,OAAe,EAAE,SAAiB;IAC7D,MAAM,GAAG,GAAG,OAAO,CAAC,OAAO,CAAC,sBAAsB,CAAC,CAAC;IACpD,IAAI,GAAG,KAAK,CAAC,CAAC;QAAE,OAAO,SAAS,CAAC;IACjC,MAAM,IAAI,GAAG,OAAO,CAAC,KAAK,CAAC,GAAG,GAAG,sBAAsB,CAAC,MAAM,CAAC,CAAC,IAAI,EAAE,CAAC;IACvE,2CAA2C;IAC3C,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,kCAAkC,CAAC,CAAC;IACzD,IAAI,CAAC,CAAC;QAAE,OAAO,SAAS,CAAC;IACzB,OAAO;QACL,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QAC/C,MAAM,EAAE,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;QACpB,GAAG,EAAE,CAAC,CAAC,CAAC,CAAC,IAAI,EAAE;QACf,SAAS;KACV,CAAC;AACJ,CAAC;AAED;;;;GAIG;AACH,MAAM,qBAAqB,GAAG,IAAI,GAAG,CAAC,CAAC,OAAO,EAAE,gBAAgB,CAAC,CAAC,CAAC;AAEnE;;;;;;;;;;;;;;;;;GAiBG;AACH,SAAS,eAAe,CAAC,GAA2B;IAClD,MAAM,SAAS,GAAG,OAAO,GAAG,CAAC,aAAa,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC,CAAC,CAAC,SAAS,CAAC;IACxF,IAAI,SAAS,KAAK,SAAS;QAAE,OAAO,qBAAqB,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC;IACzE,yEAAyE;IACzE,wEAAwE;IACxE,OAAO,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,CAAC;AACxC,CAAC;AAED;;;;;;;;;;;;;;;;GAgBG;AACH,SAAS,+BAA+B,CACtC,GAA2B,EAC3B,UAAkB;IAElB,MAAM,MAAM,GAAG,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,CAAC,CAAC,SAAS,CAAC;IACvE,4EAA4E;IAC5E,wEAAwE;IACxE,0EAA0E;IAC1E,6EAA6E;IAC7E,uEAAuE;IACvE,wEAAwE;IACxE,MAAM,QAAQ,GACZ,CAAC,MAAM,KAAK,CAAC,IAAI,eAAe,CAAC,GAAG,CAAC,CAAC,IAAI,CAAC,MAAM,KAAK,SAAS,IAAI,MAAM,IAAI,GAAG,CAAC,CAAC;IACpF,IAAI,CAAC,QAAQ;QAAE,OAAO,SAAS,CAAC;IAEhC,MAAM,EAAE,GAAG,OAAO,GAAG,CAAC,SAAS,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,SAAS,CAAC,CAAC,CAAC,UAAU,CAAC;IAC1E,MAAM,GAAG,GAAG,OAAO,GAAG,CAAC,IAAI,KAAK,QAAQ,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC;IACzD,OAAO;QACL,GAAG,CAAC,OAAO,GAAG,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,GAAG,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;QACjE,GAAG;QACH,MAAM,EAAE,MAAM,IAAI,CAAC;QACnB,SAAS,EAAE,EAAE;KACd,CAAC;AACJ,CAAC;AAED,+EAA+E;AAC/E,SAAS,UAAU,CAAC,GAAW;IAC7B,OAAO,GAAG,CAAC,OAAO,CAAC,MAAM,EAAE,EAAE,CAAC,CAAC,OAAO,CAAC,KAAK,EAAE,EAAE,CAAC,CAAC;AACpD,CAAC;AAED;;;;;;;;;;;;;;;;;;;GAmBG;AACH,MAAM,UAAU,cAAc,CAAC,MAAgC;IAC7D,4EAA4E;IAC5E,MAAM,UAAU,GAAmB,EAAE,CAAC;IACtC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YAAE,SAAS;QAC3B,MAAM,IAAI,GAAG,CAAC,CAAC,IAAuB,CAAC;QACvC,IAAI,IAAI,CAAC,MAAM,KAAK,cAAc;YAAE,SAAS;QAC7C,MAAM,OAAO,GAAG,IAAI,CAAC,OAAkC,CAAC;QACxD,IAAI,CAAC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,OAAO,CAAC,QAAQ,CAAC;YAAE,SAAS;QAC3D,KAAK,MAAM,GAAG,IAAI,OAAO,CAAC,QAAQ,EAAE,CAAC;YACnC,MAAM,KAAK,GAAG,+BAA+B,CAAC,GAAG,EAAE,CAAC,CAAC,SAAS,CAAC,CAAC;YAChE,IAAI,KAAK;gBAAE,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;QACpC,CAAC;IACH,CAAC;IAED,wEAAwE;IACxE,4EAA4E;IAC5E,MAAM,OAAO,GAAmB,EAAE,CAAC;IACnC,KAAK,MAAM,GAAG,IAAI,kBAAkB,CAAC,MAAM,CAAC,EAAE,CAAC;QAC7C,MAAM,MAAM,GAAG,mBAAmB,CAAC,GAAG,CAAC,OAAO,EAAE,GAAG,CAAC,SAAS,CAAC,CAAC;QAC/D,IAAI,MAAM;YAAE,OAAO,CAAC,IAAI,CAAC,MAAM,CAAC,CAAC;IACnC,CAAC;IAED,IAAI,UAAU,CAAC,MAAM,GAAG,CAAC,IAAI,OAAO,CAAC,MAAM,GAAG,CAAC,EAAE,CAAC;QAChD,0EAA0E;QAC1E,sEAAsE;QACtE,MAAM,KAAK,GAAG,IAAI,GAAG,EAAwB,CAAC;QAC9C,KAAK,MAAM,KAAK,IAAI,UAAU;YAAE,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QACxE,KAAK,MAAM,KAAK,IAAI,OAAO;YAAE,KAAK,CAAC,GAAG,CAAC,UAAU,CAAC,KAAK,CAAC,GAAG,CAAC,EAAE,KAAK,CAAC,CAAC;QACrE,OAAO,CAAC,GAAG,KAAK,CAAC,MAAM,EAAE,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,SAAS,GAAG,CAAC,CAAC,SAAS,CAAC,CAAC;IACvE,CAAC;IAED,gEAAgE;IAChE,MAAM,IAAI,GAAmB,EAAE,CAAC;IAChC,KAAK,MAAM,CAAC,IAAI,MAAM,EAAE,CAAC;QACvB,IAAI,CAAC,QAAQ,CAAC,CAAC,CAAC;YAAE,SAAS;QAC3B,MAAM,IAAI,GAAG,CAAC,CAAC,IAAuB,CAAC;QACvC,IAAI,IAAI,CAAC,GAAG,KAAK,iBAAiB;YAAE,SAAS;QAC7C,MAAM,CAAC,GAAG,CAAC,IAAI,CAAC,OAAO,IAAI,EAAE,CAI5B,CAAC;QACF,IAAI,CAAC,IAAI,CAAC;YACR,GAAG,CAAC,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,EAAE,MAAM,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,CAAC,CAAC,EAAE,CAAC;YAC7D,GAAG,EAAE,OAAO,CAAC,CAAC,GAAG,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE;YAC3C,MAAM,EAAE,OAAO,CAAC,CAAC,MAAM,KAAK,QAAQ,CAAC,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC;YACnD,SAAS,EAAE,CAAC,CAAC,SAAS;SACvB,CAAC,CAAC;IACL,CAAC;IACD,OAAO,IAAI,CAAC;AACd,CAAC"}
|
package/dist/report-writer.d.ts
CHANGED
|
@@ -1,4 +1,5 @@
|
|
|
1
1
|
import type { eventWithTime } from '@cubenest/rrweb-core';
|
|
2
|
+
import type { Suppression } from '@tracelane/security';
|
|
2
3
|
import type { ReportMeta } from './types.js';
|
|
3
4
|
/** Inputs for {@link writeReport}. */
|
|
4
5
|
export interface WriteReportInput {
|
|
@@ -12,6 +13,10 @@ export interface WriteReportInput {
|
|
|
12
13
|
meta: ReportMeta;
|
|
13
14
|
/** Render the report's "Generated by tracelane" footer. Default true. */
|
|
14
15
|
footer?: boolean | undefined;
|
|
16
|
+
/** Run the advisory security analyzer + render its findings. Default true. */
|
|
17
|
+
security?: boolean | undefined;
|
|
18
|
+
/** Suppressions forwarded to the analyzer. Ignored when `security` is false. */
|
|
19
|
+
securitySuppress?: Suppression[] | undefined;
|
|
15
20
|
}
|
|
16
21
|
/**
|
|
17
22
|
* Turn an arbitrary spec path / test title into a filesystem-safe slug:
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report-writer.d.ts","sourceRoot":"","sources":["../src/report-writer.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;
|
|
1
|
+
{"version":3,"file":"report-writer.d.ts","sourceRoot":"","sources":["../src/report-writer.ts"],"names":[],"mappings":"AAWA,OAAO,KAAK,EAAE,aAAa,EAAE,MAAM,sBAAsB,CAAC;AAC1D,OAAO,KAAK,EAAE,WAAW,EAAE,MAAM,qBAAqB,CAAC;AAEvD,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,sCAAsC;AACtC,MAAM,WAAW,gBAAgB;IAC/B,6CAA6C;IAC7C,MAAM,EAAE,MAAM,CAAC;IACf,qHAAqH;IACrH,GAAG,CAAC,EAAE,MAAM,GAAG,SAAS,CAAC;IACzB,mCAAmC;IACnC,MAAM,EAAE,aAAa,EAAE,CAAC;IACxB,kEAAkE;IAClE,IAAI,EAAE,UAAU,CAAC;IACjB,yEAAyE;IACzE,MAAM,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC;IAC7B,8EAA8E;IAC9E,QAAQ,CAAC,EAAE,OAAO,GAAG,SAAS,CAAC;IAC/B,gFAAgF;IAChF,gBAAgB,CAAC,EAAE,WAAW,EAAE,GAAG,SAAS,CAAC;CAC9C;AAED;;;GAGG;AACH,wBAAgB,OAAO,CAAC,KAAK,EAAE,MAAM,GAAG,MAAM,CAO7C;AAED;;;GAGG;AACH,wBAAgB,cAAc,CAAC,IAAI,EAAE,UAAU,EAAE,GAAG,CAAC,EAAE,MAAM,GAAG,MAAM,CAKrE;AAED;;;;;GAKG;AACH,wBAAgB,QAAQ,CAAC,IAAI,EAAE,MAAM,GAAG,MAAM,CAG7C;AAED;;;GAGG;AACH,wBAAgB,WAAW,CAAC,KAAK,EAAE,gBAAgB,GAAG,MAAM,CAa3D"}
|
package/dist/report-writer.js
CHANGED
|
@@ -46,8 +46,15 @@ export function specSlug(spec) {
|
|
|
46
46
|
* Returns the absolute-or-relative path written (as `join` produced it).
|
|
47
47
|
*/
|
|
48
48
|
export function writeReport(input) {
|
|
49
|
-
const { outDir, cid, events, meta, footer } = input;
|
|
50
|
-
const
|
|
49
|
+
const { outDir, cid, events, meta, footer, security, securitySuppress } = input;
|
|
50
|
+
const buildOptions = {};
|
|
51
|
+
if (footer === false)
|
|
52
|
+
buildOptions.footer = false;
|
|
53
|
+
if (security !== undefined)
|
|
54
|
+
buildOptions.security = security;
|
|
55
|
+
if (securitySuppress !== undefined)
|
|
56
|
+
buildOptions.securitySuppress = securitySuppress;
|
|
57
|
+
const html = buildReport(events, meta, buildOptions);
|
|
51
58
|
if (!existsSync(outDir)) {
|
|
52
59
|
mkdirSync(outDir, { recursive: true });
|
|
53
60
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"report-writer.js","sourceRoot":"","sources":["../src/report-writer.ts"],"names":[],"mappings":"AAAA,oEAAoE;AACpE,EAAE;AACF,8EAA8E;AAC9E,6EAA6E;AAC7E,8EAA8E;AAC9E,8EAA8E;AAC9E,2EAA2E;AAC3E,yBAAyB;AAEzB,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;
|
|
1
|
+
{"version":3,"file":"report-writer.js","sourceRoot":"","sources":["../src/report-writer.ts"],"names":[],"mappings":"AAAA,oEAAoE;AACpE,EAAE;AACF,8EAA8E;AAC9E,6EAA6E;AAC7E,8EAA8E;AAC9E,8EAA8E;AAC9E,2EAA2E;AAC3E,yBAAyB;AAEzB,OAAO,EAAE,UAAU,EAAE,SAAS,EAAE,aAAa,EAAE,MAAM,SAAS,CAAC;AAC/D,OAAO,EAAE,IAAI,EAAE,MAAM,WAAW,CAAC;AAGjC,OAAO,EAA2B,WAAW,EAAE,MAAM,mBAAmB,CAAC;AAqBzE;;;GAGG;AACH,MAAM,UAAU,OAAO,CAAC,KAAa;IACnC,MAAM,IAAI,GAAG,KAAK;SACf,WAAW,EAAE;SACb,OAAO,CAAC,aAAa,EAAE,GAAG,CAAC;SAC3B,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAC3B,6EAA6E;IAC7E,OAAO,CAAC,IAAI,IAAI,QAAQ,CAAC,CAAC,KAAK,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;AAC1C,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,cAAc,CAAC,IAAgB,EAAE,GAAY;IAC3D,MAAM,QAAQ,GAAG,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,QAAQ,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC,CAAC,CAAC,MAAM,CAAC;IAC1D,MAAM,SAAS,GAAG,OAAO,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC;IACtC,MAAM,OAAO,GAAG,GAAG,CAAC,CAAC,CAAC,GAAG,OAAO,CAAC,GAAG,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,CAAC;IAC9C,OAAO,GAAG,QAAQ,KAAK,SAAS,KAAK,OAAO,GAAG,IAAI,CAAC,GAAG,EAAE,OAAO,CAAC;AACnE,CAAC;AAED;;;;;GAKG;AACH,MAAM,UAAU,QAAQ,CAAC,IAAY;IACnC,MAAM,IAAI,GAAG,IAAI,CAAC,OAAO,CAAC,UAAU,EAAE,EAAE,CAAC,CAAC;IAC1C,OAAO,OAAO,CAAC,IAAI,CAAC,OAAO,CAAC,wCAAwC,EAAE,EAAE,CAAC,CAAC,CAAC;AAC7E,CAAC;AAED;;;GAGG;AACH,MAAM,UAAU,WAAW,CAAC,KAAuB;IACjD,MAAM,EAAE,MAAM,EAAE,GAAG,EAAE,MAAM,EAAE,IAAI,EAAE,MAAM,EAAE,QAAQ,EAAE,gBAAgB,EAAE,GAAG,KAAK,CAAC;IAChF,MAAM,YAAY,GAAuB,EAAE,CAAC;IAC5C,IAAI,MAAM,KAAK,KAAK;QAAE,YAAY,CAAC,MAAM,GAAG,KAAK,CAAC;IAClD,IAAI,QAAQ,KAAK,SAAS;QAAE,YAAY,CAAC,QAAQ,GAAG,QAAQ,CAAC;IAC7D,IAAI,gBAAgB,KAAK,SAAS;QAAE,YAAY,CAAC,gBAAgB,GAAG,gBAAgB,CAAC;IACrF,MAAM,IAAI,GAAG,WAAW,CAAC,MAAM,EAAE,IAAI,EAAE,YAAY,CAAC,CAAC;IACrD,IAAI,CAAC,UAAU,CAAC,MAAM,CAAC,EAAE,CAAC;QACxB,SAAS,CAAC,MAAM,EAAE,EAAE,SAAS,EAAE,IAAI,EAAE,CAAC,CAAC;IACzC,CAAC;IACD,MAAM,QAAQ,GAAG,IAAI,CAAC,MAAM,EAAE,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC,CAAC;IACzD,aAAa,CAAC,QAAQ,EAAE,IAAI,CAAC,CAAC;IAC9B,OAAO,QAAQ,CAAC;AAClB,CAAC"}
|
package/dist/template.d.ts
CHANGED
|
@@ -1,3 +1,4 @@
|
|
|
1
|
+
import type { SecurityFinding } from '@tracelane/security';
|
|
1
2
|
import type { ConsoleEntry, NetworkEntry } from './panels.js';
|
|
2
3
|
import type { ReportMeta } from './types.js';
|
|
3
4
|
/** Everything `renderReportHtml` needs; build-report.ts prepares it. */
|
|
@@ -9,6 +10,12 @@ export interface ReportTemplateData {
|
|
|
9
10
|
console: ConsoleEntry[];
|
|
10
11
|
/** Extracted network panel rows (Task 2.10). */
|
|
11
12
|
network: NetworkEntry[];
|
|
13
|
+
/**
|
|
14
|
+
* Advisory security-hygiene findings (Task 12). Rendered as a collapsed
|
|
15
|
+
* panel; the panel + its tab are OMITTED entirely when this is empty (no
|
|
16
|
+
* zero-state). Advisory only — NOT a security audit.
|
|
17
|
+
*/
|
|
18
|
+
security: SecurityFinding[];
|
|
12
19
|
/** Pre-rendered "Copy as Markdown for AI paste" payload (Task 2.12). */
|
|
13
20
|
markdown: string;
|
|
14
21
|
/** Whether the events were pruned to fit the size budget (ADR-0005 banner). */
|
package/dist/template.d.ts.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"template.d.ts","sourceRoot":"","sources":["../src/template.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"template.d.ts","sourceRoot":"","sources":["../src/template.ts"],"names":[],"mappings":"AAUA,OAAO,KAAK,EAAE,eAAe,EAAE,MAAM,qBAAqB,CAAC;AAW3D,OAAO,KAAK,EAAE,YAAY,EAAE,YAAY,EAAE,MAAM,aAAa,CAAC;AAC9D,OAAO,KAAK,EAAE,UAAU,EAAE,MAAM,YAAY,CAAC;AAE7C,wEAAwE;AACxE,MAAM,WAAW,kBAAkB;IACjC,IAAI,EAAE,UAAU,CAAC;IACjB,kEAAkE;IAClE,WAAW,EAAE,MAAM,CAAC;IACpB,gDAAgD;IAChD,OAAO,EAAE,YAAY,EAAE,CAAC;IACxB,gDAAgD;IAChD,OAAO,EAAE,YAAY,EAAE,CAAC;IACxB;;;;OAIG;IACH,QAAQ,EAAE,eAAe,EAAE,CAAC;IAC5B,wEAAwE;IACxE,QAAQ,EAAE,MAAM,CAAC;IACjB,+EAA+E;IAC/E,MAAM,EAAE,OAAO,CAAC;IAChB,uDAAuD;IACvD,UAAU,EAAE,MAAM,CAAC;IACnB,kEAAkE;IAClE,OAAO,EAAE,MAAM,CAAC;IAChB;yEACqE;IACrE,MAAM,EAAE,MAAM,CAAC;IACf;;;OAGG;IACH,MAAM,CAAC,EAAE,OAAO,CAAC;CAClB;AA86BD,qDAAqD;AACrD,wBAAgB,gBAAgB,CAAC,IAAI,EAAE,kBAAkB,GAAG,MAAM,CAqJjE"}
|
package/dist/template.js
CHANGED
|
@@ -434,6 +434,27 @@ main.investigation {
|
|
|
434
434
|
.row.row-net .lvl.st-5 { color: var(--amber); }
|
|
435
435
|
.row.row-net .lvl.st-0 { color: var(--amber); } /* net error */
|
|
436
436
|
|
|
437
|
+
/* Advisory security findings: not time-synced (no seek), so not clickable. */
|
|
438
|
+
.row.row-sec { cursor: default; grid-template-columns: max-content 1fr; }
|
|
439
|
+
.row.row-sec.sev-high .lvl { color: var(--amber); }
|
|
440
|
+
.row.row-sec.sev-medium .lvl { color: var(--warn); }
|
|
441
|
+
.row.row-sec.sev-low .lvl { color: var(--muted-strong); }
|
|
442
|
+
.row.row-sec .sec-detail {
|
|
443
|
+
color: var(--muted);
|
|
444
|
+
font-size: 10.5px;
|
|
445
|
+
margin-top: 3px;
|
|
446
|
+
white-space: pre-wrap;
|
|
447
|
+
}
|
|
448
|
+
|
|
449
|
+
/* Security panel subtitle (advisory framing) shown in its toolbar. */
|
|
450
|
+
.panel-toolbar-sec { flex-direction: column; align-items: stretch; gap: 8px; }
|
|
451
|
+
.panel-subtitle {
|
|
452
|
+
color: var(--muted);
|
|
453
|
+
font-size: 11px;
|
|
454
|
+
font-style: italic;
|
|
455
|
+
line-height: 1.5;
|
|
456
|
+
}
|
|
457
|
+
|
|
437
458
|
/* "Coming soon" pane content (Actions / Timeline tabs reserved for follow-ups) */
|
|
438
459
|
.coming-soon {
|
|
439
460
|
padding: 32px 16px;
|
|
@@ -681,8 +702,37 @@ const BOOTSTRAP = `
|
|
|
681
702
|
}
|
|
682
703
|
}
|
|
683
704
|
|
|
705
|
+
// Advisory security-hygiene findings (Task 12). Unlike console/network rows
|
|
706
|
+
// these are NOT time-synced (a finding has no single moment in the replay) —
|
|
707
|
+
// each renders as a static, always-visible row: "[severity] title — evidence"
|
|
708
|
+
// with the detail as muted secondary text. The container is only present in
|
|
709
|
+
// the DOM when there are findings (the tab + pane are omitted when empty).
|
|
710
|
+
function renderSecurity(container, findings) {
|
|
711
|
+
if (!container) return;
|
|
712
|
+
if (!findings.length) {
|
|
713
|
+
container.appendChild(el('div', 'panel-empty', 'No advisory security findings.'));
|
|
714
|
+
return;
|
|
715
|
+
}
|
|
716
|
+
for (var i = 0; i < findings.length; i++) {
|
|
717
|
+
var f = findings[i];
|
|
718
|
+
var sev = (f.severity || 'low').toLowerCase();
|
|
719
|
+
var row = el('div', 'row row-sec sev-' + sev);
|
|
720
|
+
row.appendChild(el('span', 'lvl', sev));
|
|
721
|
+
var msg = el('span', 'msg');
|
|
722
|
+
msg.appendChild(document.createTextNode(f.title + ' — ' + f.evidence));
|
|
723
|
+
if (f.detail) {
|
|
724
|
+
msg.appendChild(el('div', 'sec-detail', f.detail));
|
|
725
|
+
}
|
|
726
|
+
row.appendChild(msg);
|
|
727
|
+
var text = (sev + ' ' + f.title + ' ' + f.evidence + ' ' + (f.detail || '')).toLowerCase();
|
|
728
|
+
row.setAttribute('data-text', text);
|
|
729
|
+
container.appendChild(row);
|
|
730
|
+
}
|
|
731
|
+
}
|
|
732
|
+
|
|
684
733
|
renderConsole(document.getElementById('console-rows'), CONSOLE, FIRST_TS);
|
|
685
734
|
renderNetwork(document.getElementById('network-rows'), NETWORK, FIRST_TS);
|
|
735
|
+
renderSecurity(document.getElementById('security-rows'), SECURITY);
|
|
686
736
|
|
|
687
737
|
// ---- Time-sync: reveal rows as playback advances ----------------------
|
|
688
738
|
// TODO(perf): re-queries DOM and re-parses data-time on every tick (~30 Hz).
|
|
@@ -894,7 +944,7 @@ function formatRelativeMs(ms) {
|
|
|
894
944
|
}
|
|
895
945
|
/** Compose the full self-contained HTML document. */
|
|
896
946
|
export function renderReportHtml(data) {
|
|
897
|
-
const { meta, eventsGzB64, console: consoleRows, network, markdown, pruned, eventCount, firstTs, lastTs, footer = true, } = data;
|
|
947
|
+
const { meta, eventsGzB64, console: consoleRows, network, security, markdown, pruned, eventCount, firstTs, lastTs, footer = true, } = data;
|
|
898
948
|
const title = `tracelane — ${meta.spec ?? '(no spec)'} :: ${meta.title} (${meta.status})`;
|
|
899
949
|
// Banner only when the events were pruned to fit the size cap (ADR-0005).
|
|
900
950
|
const banner = pruned
|
|
@@ -902,11 +952,30 @@ export function renderReportHtml(data) {
|
|
|
902
952
|
: '';
|
|
903
953
|
const consoleCount = consoleRows.length;
|
|
904
954
|
const networkCount = network.length;
|
|
955
|
+
const securityCount = security.length;
|
|
956
|
+
// Advisory security tab + pane — rendered ONLY when there are findings
|
|
957
|
+
// (no zero-state; the analyzer is advisory). Mirrors the Console/Network
|
|
958
|
+
// panel markup but without time-sync (findings have no replay moment).
|
|
959
|
+
const securityTab = securityCount > 0
|
|
960
|
+
? `<button class="tab" type="button" role="tab" id="tab-security" aria-selected="false" aria-controls="pane-security" data-pane="pane-security">
|
|
961
|
+
Security <span class="count-total">${securityCount}</span>
|
|
962
|
+
</button>`
|
|
963
|
+
: '';
|
|
964
|
+
const securityPane = securityCount > 0
|
|
965
|
+
? `<div class="panel-pane" id="pane-security" role="tabpanel" aria-labelledby="tab-security">
|
|
966
|
+
<div class="panel-toolbar panel-toolbar-sec">
|
|
967
|
+
<span class="panel-subtitle">Observed during the test run — advisory hygiene signals, not a security audit.</span>
|
|
968
|
+
<input type="text" class="panel-filter" placeholder="Filter findings…" aria-label="Filter security findings" />
|
|
969
|
+
</div>
|
|
970
|
+
<div id="security-rows" class="panel-content"></div>
|
|
971
|
+
</div>`
|
|
972
|
+
: '';
|
|
905
973
|
// Data payloads embedded as JS consts, all escaped for inline-script safety.
|
|
906
974
|
const dataScript = `const META = ${serializeForScript(meta)};\n` +
|
|
907
975
|
`const EVENTS_GZ_B64 = "${eventsGzB64}";\n` +
|
|
908
976
|
`const CONSOLE = ${serializeForScript(consoleRows)};\n` +
|
|
909
977
|
`const NETWORK = ${serializeForScript(network)};\n` +
|
|
978
|
+
`const SECURITY = ${serializeForScript(security)};\n` +
|
|
910
979
|
`const MARKDOWN = ${serializeForScript(markdown)};\n` +
|
|
911
980
|
`const FIRST_TS = ${firstTs};\n` +
|
|
912
981
|
`const LAST_TS = ${lastTs};`;
|
|
@@ -941,6 +1010,7 @@ ${banner}
|
|
|
941
1010
|
<button class="tab" type="button" role="tab" id="tab-network" aria-selected="false" aria-controls="pane-network" data-pane="pane-network">
|
|
942
1011
|
Network <span class="count">0</span><span class="count-total">/ ${networkCount}</span>
|
|
943
1012
|
</button>
|
|
1013
|
+
${securityTab}
|
|
944
1014
|
<button class="tab" type="button" role="tab" id="tab-actions" aria-selected="false" aria-controls="pane-actions" data-pane="pane-actions">
|
|
945
1015
|
Actions <span class="soon-pill">soon</span>
|
|
946
1016
|
</button>
|
|
@@ -967,6 +1037,8 @@ ${banner}
|
|
|
967
1037
|
<div class="panel-pending" id="network-pending" role="status" aria-live="polite">Network errors will appear during playback.</div>
|
|
968
1038
|
</div>
|
|
969
1039
|
|
|
1040
|
+
${securityPane}
|
|
1041
|
+
|
|
970
1042
|
<div class="panel-pane" id="pane-actions" role="tabpanel" aria-labelledby="tab-actions">
|
|
971
1043
|
<div class="coming-soon">
|
|
972
1044
|
<strong>Actions panel — coming soon</strong>
|
package/dist/template.js.map
CHANGED
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"template.js","sourceRoot":"","sources":["../src/template.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,gCAAgC;AAChC,EAAE;AACF,8EAA8E;AAC9E,+EAA+E;AAC/E,4EAA4E;AAC5E,0EAA0E;AAC1E,4EAA4E;AAC5E,8CAA8C;
|
|
1
|
+
{"version":3,"file":"template.js","sourceRoot":"","sources":["../src/template.ts"],"names":[],"mappings":"AAAA,wEAAwE;AACxE,gCAAgC;AAChC,EAAE;AACF,8EAA8E;AAC9E,+EAA+E;AAC/E,4EAA4E;AAC5E,0EAA0E;AAC1E,4EAA4E;AAC5E,8CAA8C;AAG9C,OAAO,EACL,sBAAsB,EACtB,kBAAkB,EAClB,kBAAkB,EAClB,uBAAuB,EACvB,aAAa,EACb,aAAa,GACd,MAAM,aAAa,CAAC;AACrB,OAAO,EAAE,UAAU,EAAE,kBAAkB,EAAE,MAAM,WAAW,CAAC;AAC3D,OAAO,EAAE,UAAU,EAAE,MAAM,eAAe,CAAC;AAqC3C;;;;;;;;;;;GAWG;AACH,SAAS,aAAa;IACpB,MAAM,cAAc,GAAG,kBAAkB,EAAE,CAAC;IAC5C,MAAM,cAAc,GAAG,kBAAkB,EAAE,CAAC;IAC5C,MAAM,YAAY,GAAG,uBAAuB,EAAE,CAAC;IAE/C,+EAA+E;IAC/E,2EAA2E;IAC3E,0EAA0E;IAC1E,uEAAuE;IACvE,MAAM,SAAS,GAAG;;;;;;oCAMgB,cAAc;;;;;;;oCAOd,cAAc;;;;;;;oCAOd,YAAY;EAC9C,CAAC;IAED,6EAA6E;IAC7E,MAAM,MAAM,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAkgBhB,CAAC;IAEA,OAAO,SAAS,GAAG,MAAM,CAAC;AAC5B,CAAC;AAED;;;;;;;GAOG;AACH,MAAM,SAAS,GAAG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CAuVjB,CAAC;AAEF;;;;;;;;;;GAUG;AACH,MAAM,WAAW,GACf,yBAAyB;IACzB,0SAA0S;IAC1S,WAAW,CAAC;AAEd,SAAS,gBAAgB,CAAC,EAAU;IAClC,MAAM,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;IACpB,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,EAAE,CAAC,CAAC;IAC7B,MAAM,CAAC,GAAG,IAAI,CAAC,KAAK,CAAC,CAAC,GAAG,CAAC,GAAG,EAAE,CAAC,CAAC;IACjC,OAAO,GAAG,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,EAAE,GAAG,CAAC,EAAE,CAAC;AACzC,CAAC;AAED,qDAAqD;AACrD,MAAM,UAAU,gBAAgB,CAAC,IAAwB;IACvD,MAAM,EACJ,IAAI,EACJ,WAAW,EACX,OAAO,EAAE,WAAW,EACpB,OAAO,EACP,QAAQ,EACR,QAAQ,EACR,MAAM,EACN,UAAU,EACV,OAAO,EACP,MAAM,EACN,MAAM,GAAG,IAAI,GACd,GAAG,IAAI,CAAC;IAET,MAAM,KAAK,GAAG,eAAe,IAAI,CAAC,IAAI,IAAI,WAAW,OAAO,IAAI,CAAC,KAAK,KAAK,IAAI,CAAC,MAAM,GAAG,CAAC;IAE1F,0EAA0E;IAC1E,MAAM,MAAM,GAAG,MAAM;QACnB,CAAC,CAAC,qHAAqH;QACvH,CAAC,CAAC,EAAE,CAAC;IAEP,MAAM,YAAY,GAAG,WAAW,CAAC,MAAM,CAAC;IACxC,MAAM,YAAY,GAAG,OAAO,CAAC,MAAM,CAAC;IACpC,MAAM,aAAa,GAAG,QAAQ,CAAC,MAAM,CAAC;IAEtC,uEAAuE;IACvE,yEAAyE;IACzE,uEAAuE;IACvE,MAAM,WAAW,GACf,aAAa,GAAG,CAAC;QACf,CAAC,CAAC;6CACqC,aAAa;gBAC1C;QACV,CAAC,CAAC,EAAE,CAAC;IACT,MAAM,YAAY,GAChB,aAAa,GAAG,CAAC;QACf,CAAC,CAAC;;;;;;WAMG;QACL,CAAC,CAAC,EAAE,CAAC;IAET,6EAA6E;IAC7E,MAAM,UAAU,GACd,gBAAgB,kBAAkB,CAAC,IAAI,CAAC,KAAK;QAC7C,0BAA0B,WAAW,MAAM;QAC3C,mBAAmB,kBAAkB,CAAC,WAAW,CAAC,KAAK;QACvD,mBAAmB,kBAAkB,CAAC,OAAO,CAAC,KAAK;QACnD,oBAAoB,kBAAkB,CAAC,QAAQ,CAAC,KAAK;QACrD,oBAAoB,kBAAkB,CAAC,QAAQ,CAAC,KAAK;QACrD,oBAAoB,OAAO,KAAK;QAChC,mBAAmB,MAAM,GAAG,CAAC;IAE/B,MAAM,gBAAgB,GACpB,OAAO,IAAI,MAAM,IAAI,MAAM,GAAG,OAAO;QACnC,CAAC,CAAC,YAAY,gBAAgB,CAAC,MAAM,GAAG,OAAO,CAAC,MAAM,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS;QACjG,CAAC,CAAC,GAAG,UAAU,CAAC,cAAc,CAAC,OAAO,CAAC,SAAS,CAAC;IAErD,OAAO;;;;;SAKA,UAAU,CAAC,KAAK,CAAC;SACjB,aAAa,EAAE;SACf,aAAa,EAAE;;;EAGtB,UAAU,CAAC,IAAI,EAAE,UAAU,CAAC;EAC5B,MAAM;;;;;gCAKwB,UAAU,CAAC,gBAAgB,CAAC;;;;;;;0EAOc,YAAY;;;0EAGZ,YAAY;;QAE9E,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;MA2Bb,YAAY;;;;;;;;;;;;;;;;;;;;;;;;;UAyBR,sBAAsB,EAAE;UACxB,aAAa,EAAE;UACf,UAAU;UACV,SAAS;EACjB,MAAM,CAAC,CAAC,CAAC,WAAW,CAAC,CAAC,CAAC,EAAE;;QAEnB,CAAC;AACT,CAAC"}
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@tracelane/report",
|
|
3
|
-
"version": "0.1.0-alpha.
|
|
3
|
+
"version": "0.1.0-alpha.17",
|
|
4
4
|
"description": "Self-contained, offline HTML report builder for tracelane. Embeds the rrweb player and a gzipped event blob into a single .html file.",
|
|
5
5
|
"keywords": [
|
|
6
6
|
"tracelane",
|
|
@@ -35,7 +35,8 @@
|
|
|
35
35
|
"fflate": "^0.8.2",
|
|
36
36
|
"rrweb-player": "1.0.0-alpha.4",
|
|
37
37
|
"@cubenest/rrweb-core": "0.1.0-alpha.6",
|
|
38
|
-
"@tracelane/core": "0.1.0-alpha.
|
|
38
|
+
"@tracelane/core": "0.1.0-alpha.15",
|
|
39
|
+
"@tracelane/security": "0.1.0-alpha.1"
|
|
39
40
|
},
|
|
40
41
|
"devDependencies": {
|
|
41
42
|
"jsdom": "^25.0.1"
|