@xera-ai/core 0.4.4 → 0.5.0

package/dist/bin-internal/auth-setup.d.ts

@@ -0,0 +1,2 @@
+export declare function authSetupCmd(argv: string[]): Promise<number>;
+//# sourceMappingURL=auth-setup.d.ts.map

package/dist/bin-internal/auth-setup.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-setup.d.ts","sourceRoot":"","sources":["../../src/bin-internal/auth-setup.ts"],"names":[],"mappings":"AA0BA,wBAAsB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAyFlE"}

package/dist/bin-internal/exec.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../../src/bin-internal/exec.ts"],"names":[],"mappings":"AAWA,wBAAsB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAwH7D"}
+{"version":3,"file":"exec.d.ts","sourceRoot":"","sources":["../../src/bin-internal/exec.ts"],"names":[],"mappings":"AAYA,wBAAsB,OAAO,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAwJ7D"}

package/dist/bin-internal/graph-record.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"graph-record.d.ts","sourceRoot":"","sources":["../../src/bin-internal/graph-record.ts"],"names":[],"mappings":"AA2EA,wBAAsB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAqCnF;AAiFD,wBAAsB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA6FpE"}
+{"version":3,"file":"graph-record.d.ts","sourceRoot":"","sources":["../../src/bin-internal/graph-record.ts"],"names":[],"mappings":"AA2EA,wBAAsB,WAAW,CAAC,QAAQ,EAAE,MAAM,EAAE,MAAM,EAAE,MAAM,GAAG,OAAO,CAAC,MAAM,CAAC,CAqCnF;AAiFD,wBAAsB,cAAc,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAgGpE"}

package/dist/bin-internal/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/bin-internal/index.ts"],"names":[],"mappings":"AAsDA,wBAAsB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAczD"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/bin-internal/index.ts"],"names":[],"mappings":"AAwDA,wBAAsB,GAAG,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAczD"}

package/dist/bin-internal/normalize.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"normalize.d.ts","sourceRoot":"","sources":["../../src/bin-internal/normalize.ts"],"names":[],"mappings":"AAKA,wBAAsB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA4BlE"}
+{"version":3,"file":"normalize.d.ts","sourceRoot":"","sources":["../../src/bin-internal/normalize.ts"],"names":[],"mappings":"AAKA,wBAAsB,YAAY,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAwClE"}

package/dist/bin-internal/report.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"report.d.ts","sourceRoot":"","sources":["../../src/bin-internal/report.ts"],"names":[],"mappings":"AAiBA,wBAAsB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAuF/D"}
+{"version":3,"file":"report.d.ts","sourceRoot":"","sources":["../../src/bin-internal/report.ts"],"names":[],"mappings":"AAuBA,wBAAsB,SAAS,CAAC,IAAI,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CA6K/D"}

package/dist/bin-internal/verify-prompts.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"verify-prompts.d.ts","sourceRoot":"","sources":["../../src/bin-internal/verify-prompts.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;CACjB;AAeD,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,WAAW,EAAE,CA8B7D;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAQvE"}
+{"version":3,"file":"verify-prompts.d.ts","sourceRoot":"","sources":["../../src/bin-internal/verify-prompts.ts"],"names":[],"mappings":"AAGA,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,OAAO,CAAC;IACZ,OAAO,EAAE,MAAM,CAAC;CACjB;AAgBD,wBAAgB,aAAa,CAAC,QAAQ,EAAE,MAAM,GAAG,WAAW,EAAE,CA8B7D;AAED,wBAAsB,gBAAgB,CAAC,KAAK,EAAE,MAAM,EAAE,GAAG,OAAO,CAAC,MAAM,CAAC,CAQvE"}

package/dist/classifier/aggregate.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"aggregate.d.ts","sourceRoot":"","sources":["../../src/classifier/aggregate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAc,sBAAsB,EAAE,MAAM,SAAS,CAAC;AAalF,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,sBAAsB,EAAE,GAAG,cAAc,CAoBtF"}
+{"version":3,"file":"aggregate.d.ts","sourceRoot":"","sources":["../../src/classifier/aggregate.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAc,sBAAsB,EAAE,MAAM,SAAS,CAAC;AAgBlF,wBAAgB,kBAAkB,CAAC,SAAS,EAAE,sBAAsB,EAAE,GAAG,cAAc,CAoBtF"}

package/dist/classifier/auth-expired.d.ts

@@ -0,0 +1,12 @@
+import type { ClassifyResult, HttpCallSummary } from './rate-limited';
+export interface AuthFileSummary {
+    token: string;
+    type: 'bearer' | 'apiKey' | 'basic' | 'cookie';
+    expires_at: string;
+}
+export interface ClassifyAuthExpiredInput {
+    calls: readonly HttpCallSummary[];
+    authFiles: Record<string, AuthFileSummary>;
+}
+export declare function classifyAuthExpired(input: ClassifyAuthExpiredInput): ClassifyResult | null;
+//# sourceMappingURL=auth-expired.d.ts.map

package/dist/classifier/auth-expired.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"auth-expired.d.ts","sourceRoot":"","sources":["../../src/classifier/auth-expired.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,eAAe,EAAE,MAAM,gBAAgB,CAAC;AAEtE,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CAAC;IACd,IAAI,EAAE,QAAQ,GAAG,QAAQ,GAAG,OAAO,GAAG,QAAQ,CAAC;IAC/C,UAAU,EAAE,MAAM,CAAC;CACpB;AAED,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,SAAS,eAAe,EAAE,CAAC;IAClC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,eAAe,CAAC,CAAC;CAC5C;AAiBD,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,wBAAwB,GAAG,cAAc,GAAG,IAAI,CAe1F"}

package/dist/classifier/contract-drift.d.ts

@@ -0,0 +1,35 @@
+import type { ClassifyResult } from './rate-limited';
+export interface OpenAPISchema {
+    type?: 'object' | 'array' | 'string' | 'integer' | 'number' | 'boolean' | 'null';
+    properties?: Record<string, OpenAPISchema>;
+    required?: readonly string[];
+    items?: OpenAPISchema;
+}
+interface OpenAPIOperation {
+    responses?: Record<string, {
+        content?: Record<string, {
+            schema?: OpenAPISchema;
+        }>;
+    }>;
+    requestBody?: {
+        content?: Record<string, {
+            schema?: OpenAPISchema;
+        }>;
+    };
+}
+export interface OpenAPIDocument {
+    paths: Record<string, Partial<Record<'get' | 'post' | 'put' | 'patch' | 'delete', OpenAPIOperation>>>;
+}
+export interface ContractDriftCall {
+    method: string;
+    url: string;
+    status: number;
+    respBody: unknown;
+}
+export interface ClassifyContractDriftInput {
+    calls: readonly ContractDriftCall[];
+    openapi: OpenAPIDocument | null;
+}
+export declare function classifyContractDrift(input: ClassifyContractDriftInput): ClassifyResult | null;
+export {};
+//# sourceMappingURL=contract-drift.d.ts.map

package/dist/classifier/contract-drift.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"contract-drift.d.ts","sourceRoot":"","sources":["../../src/classifier/contract-drift.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,gBAAgB,CAAC;AAErD,MAAM,WAAW,aAAa;IAC5B,IAAI,CAAC,EAAE,QAAQ,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,GAAG,QAAQ,GAAG,SAAS,GAAG,MAAM,CAAC;IACjF,UAAU,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE,aAAa,CAAC,CAAC;IAC3C,QAAQ,CAAC,EAAE,SAAS,MAAM,EAAE,CAAC;IAC7B,KAAK,CAAC,EAAE,aAAa,CAAC;CACvB;AAED,UAAU,gBAAgB;IACxB,SAAS,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,MAAM,CAAC,EAAE,aAAa,CAAA;SAAE,CAAC,CAAA;KAAE,CAAC,CAAC;IACrF,WAAW,CAAC,EAAE;QAAE,OAAO,CAAC,EAAE,MAAM,CAAC,MAAM,EAAE;YAAE,MAAM,CAAC,EAAE,aAAa,CAAA;SAAE,CAAC,CAAA;KAAE,CAAC;CACxE;AAED,MAAM,WAAW,eAAe;IAC9B,KAAK,EAAE,MAAM,CACX,MAAM,EACN,OAAO,CAAC,MAAM,CAAC,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,EAAE,gBAAgB,CAAC,CAAC,CAC/E,CAAC;CACH;AAED,MAAM,WAAW,iBAAiB;IAChC,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;IACf,QAAQ,EAAE,OAAO,CAAC;CACnB;AAED,MAAM,WAAW,0BAA0B;IACzC,KAAK,EAAE,SAAS,iBAAiB,EAAE,CAAC;IACpC,OAAO,EAAE,eAAe,GAAG,IAAI,CAAC;CACjC;AAoCD,wBAAgB,qBAAqB,CAAC,KAAK,EAAE,0BAA0B,GAAG,cAAc,GAAG,IAAI,CA2C9F"}

package/dist/classifier/rate-limited.d.ts

@@ -0,0 +1,15 @@
+import type { Classification } from '../artifact/status';
+export interface HttpCallSummary {
+    method: string;
+    url: string;
+    status: number;
+}
+export interface ClassifyResult {
+    class: Classification;
+    rationale: string;
+}
+export interface ClassifyRateLimitedInput {
+    calls: readonly HttpCallSummary[];
+}
+export declare function classifyRateLimited(input: ClassifyRateLimitedInput): ClassifyResult | null;
+//# sourceMappingURL=rate-limited.d.ts.map

package/dist/classifier/rate-limited.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rate-limited.d.ts","sourceRoot":"","sources":["../../src/classifier/rate-limited.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,cAAc,EAAE,MAAM,oBAAoB,CAAC;AAEzD,MAAM,WAAW,eAAe;IAC9B,MAAM,EAAE,MAAM,CAAC;IACf,GAAG,EAAE,MAAM,CAAC;IACZ,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,cAAc;IAC7B,KAAK,EAAE,cAAc,CAAC;IACtB,SAAS,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,wBAAwB;IACvC,KAAK,EAAE,SAAS,eAAe,EAAE,CAAC;CACnC;AAED,wBAAgB,mBAAmB,CAAC,KAAK,EAAE,wBAAwB,GAAG,cAAc,GAAG,IAAI,CAO1F"}

package/dist/config/schema.d.ts

@@ -9,7 +9,7 @@ export declare const XeraConfigSchema: z.ZodObject<{
             attachments: z.ZodDefault<z.ZodString>;
         }, z.core.$strip>;
     }, z.core.$strip>;
-    web: z.ZodObject<{
+    web: z.ZodOptional<z.ZodObject<{
         baseUrl: z.ZodRecord<z.ZodString, z.ZodString>;
         defaultEnv: z.ZodString;
         auth: z.ZodPrefault<z.ZodObject<{
@@ -31,7 +31,33 @@ export declare const XeraConfigSchema: z.ZodObject<{
                 fromAuth: z.ZodString;
             }, z.core.$strip>>>;
         }, z.core.$strip>>;
-    }, z.core.$strip>;
+    }, z.core.$strip>>;
+    http: z.ZodOptional<z.ZodObject<{
+        baseUrl: z.ZodRecord<z.ZodString, z.ZodString>;
+        defaultEnv: z.ZodString;
+        spec: z.ZodOptional<z.ZodString>;
+        auth: z.ZodPrefault<z.ZodObject<{
+            strategy: z.ZodDefault<z.ZodEnum<{
+                custom: "custom";
+                none: "none";
+                bearer: "bearer";
+                apiKey: "apiKey";
+                basic: "basic";
+                "oauth-cc": "oauth-cc";
+            }>>;
+            ttl: z.ZodDefault<z.ZodString>;
+            refreshBuffer: z.ZodDefault<z.ZodString>;
+            roles: z.ZodDefault<z.ZodRecord<z.ZodString, z.ZodObject<{
+                tokenEnv: z.ZodOptional<z.ZodString>;
+                userEnv: z.ZodOptional<z.ZodString>;
+                passEnv: z.ZodOptional<z.ZodString>;
+                tokenUrl: z.ZodOptional<z.ZodString>;
+                clientIdEnv: z.ZodOptional<z.ZodString>;
+                clientSecretEnv: z.ZodOptional<z.ZodString>;
+                scope: z.ZodOptional<z.ZodString>;
+            }, z.core.$strip>>>;
+        }, z.core.$strip>>;
+    }, z.core.$strip>>;
     ai: z.ZodPrefault<z.ZodObject<{
         livePageSnapshot: z.ZodDefault<z.ZodBoolean>;
         confidenceThreshold: z.ZodDefault<z.ZodEnum<{
@@ -66,7 +92,10 @@ export declare const XeraConfigSchema: z.ZodObject<{
             threshold: z.ZodDefault<z.ZodNumber>;
         }, z.core.$strip>>;
     }, z.core.$strip>>>;
-    adapters: z.ZodDefault<z.ZodArray<z.ZodString>>;
+    adapters: z.ZodDefault<z.ZodArray<z.ZodEnum<{
+        web: "web";
+        http: "http";
+    }>>>;
 }, z.core.$strip>;
 export type XeraConfig = z.infer<typeof XeraConfigSchema>;
 //# sourceMappingURL=schema.d.ts.map

package/dist/config/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAkFxB,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAO3B,CAAC;AAEH,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/config/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAiHxB,eAAO,MAAM,gBAAgB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;iBAmBzB,CAAC;AAEL,MAAM,MAAM,UAAU,GAAG,CAAC,CAAC,KAAK,CAAC,OAAO,gBAAgB,CAAC,CAAC"}

package/dist/graph/schema.d.ts

@@ -109,6 +109,9 @@ export declare const EventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
             FLAKY: "FLAKY";
             TEST_BUG: "TEST_BUG";
             TEST_OUTDATED: "TEST_OUTDATED";
+            CONTRACT_DRIFT: "CONTRACT_DRIFT";
+            RATE_LIMITED: "RATE_LIMITED";
+            AUTH_EXPIRED: "AUTH_EXPIRED";
         }>;
         confidence: z.ZodEnum<{
             low: "low";
@@ -132,6 +135,9 @@ export declare const EventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
             FLAKY: "FLAKY";
             TEST_BUG: "TEST_BUG";
             TEST_OUTDATED: "TEST_OUTDATED";
+            CONTRACT_DRIFT: "CONTRACT_DRIFT";
+            RATE_LIMITED: "RATE_LIMITED";
+            AUTH_EXPIRED: "AUTH_EXPIRED";
         }>;
         disputedTo: z.ZodEnum<{
             PASS: "PASS";
@@ -140,6 +146,9 @@ export declare const EventSchema: z.ZodDiscriminatedUnion<[z.ZodObject<{
             FLAKY: "FLAKY";
             TEST_BUG: "TEST_BUG";
             TEST_OUTDATED: "TEST_OUTDATED";
+            CONTRACT_DRIFT: "CONTRACT_DRIFT";
+            RATE_LIMITED: "RATE_LIMITED";
+            AUTH_EXPIRED: "AUTH_EXPIRED";
         }>;
         qaActor: z.ZodString;
         qaReason: z.ZodOptional<z.ZodString>;

package/dist/graph/schema.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/graph/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAsHrC,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2BActB,CAAC;AAEH,wBAAgB,cAAc,CAC5B,KAAK,EAAE,OAAO,GACb;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,KAAK,CAAA;CAAE,GAAG;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAA;CAAE,CAIxE"}
+{"version":3,"file":"schema.d.ts","sourceRoot":"","sources":["../../src/graph/schema.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AACxB,OAAO,KAAK,EAAE,KAAK,EAAE,MAAM,SAAS,CAAC;AAyHrC,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;2BActB,CAAC;AAEH,wBAAgB,cAAc,CAC5B,KAAK,EAAE,OAAO,GACb;IAAE,OAAO,EAAE,IAAI,CAAC;IAAC,IAAI,EAAE,KAAK,CAAA;CAAE,GAAG;IAAE,OAAO,EAAE,KAAK,CAAC;IAAC,KAAK,EAAE,CAAC,CAAC,QAAQ,CAAA;CAAE,CAIxE"}

package/dist/graph/types.d.ts

@@ -2,7 +2,7 @@ export declare const SCHEMA_VERSION: 1;
 export type Priority = 'p0' | 'p1' | 'p2';
 export type ScenarioStatus = 'pass' | 'fail';
 export type EdgeKind = 'tests' | 'uses' | 'covers' | 'modifies' | 'jira-linked' | 'similar' | 'ran';
-export type Classification = 'REAL_BUG' | 'TEST_BUG' | 'SELECTOR_DRIFT' | 'FLAKY' | 'PASS' | 'TEST_OUTDATED';
+export type Classification = 'REAL_BUG' | 'TEST_BUG' | 'SELECTOR_DRIFT' | 'FLAKY' | 'PASS' | 'TEST_OUTDATED' | 'CONTRACT_DRIFT' | 'RATE_LIMITED' | 'AUTH_EXPIRED';
 export interface TicketFetchedPayload {
     ticketId: string;
     summary: string;

package/dist/graph/types.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/graph/types.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,cAAc,EAAG,CAAU,CAAC;AAEzC,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AAC1C,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,MAAM,CAAC;AAC7C,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,UAAU,GAAG,aAAa,GAAG,SAAS,GAAG,KAAK,CAAC;AAEpG,MAAM,MAAM,cAAc,GACtB,UAAU,GACV,UAAU,GACV,gBAAgB,GAChB,OAAO,GACP,MAAM,GACN,eAAe,CAAC;AAEpB,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,EAAE,CAAC;IACb,SAAS,EAAE,KAAK,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,SAAS,GAAG,YAAY,CAAC;KAC9D,CAAC,CAAC;IACH,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,EAAE,OAAO,GAAG,QAAQ,CAAC;CAC3B;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,cAAc,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACvC;AAED,MAAM,WAAW,6BAA6B;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,sBAAsB,EAAE,cAAc,CAAC;IACvC,UAAU,EAAE,cAAc,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,gBAAgB,EAAE,oBAAoB,CAAC;IACvC,iBAAiB,EAAE,qBAAqB,CAAC;IACzC,oBAAoB,EAAE,wBAAwB,CAAC;IAC/C,eAAe,EAAE,mBAAmB,CAAC;IACrC,cAAc,EAAE,kBAAkB,CAAC;IACnC,eAAe,EAAE,mBAAmB,CAAC;IACrC,gBAAgB,EAAE,oBAAoB,CAAC;IACvC,yBAAyB,EAAE,6BAA6B,CAAC;IACzD,iBAAiB,EAAE,qBAAqB,CAAC;CAC1C,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC;AAE9C,MAAM,MAAM,KAAK,GAAG;KACjB,CAAC,IAAI,SAAS,GAAG;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,cAAc,EAAE,OAAO,cAAc,CAAC;QACtC,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,CAAC,CAAC;QACR,OAAO,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;KAC7B;CACF,CAAC,SAAS,CAAC,CAAC;AAEb,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,EAAE,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,EAAE,OAAO,GAAG,QAAQ,CAAC;CAC3B;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,cAAc,EAAE,OAAO,cAAc,CAAC;IACtC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACpC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IACxC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,KAAK,EAAE,UAAU,EAAE,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;CAC9C"}
+{"version":3,"file":"types.d.ts","sourceRoot":"","sources":["../../src/graph/types.ts"],"names":[],"mappings":"AAEA,eAAO,MAAM,cAAc,EAAG,CAAU,CAAC;AAEzC,MAAM,MAAM,QAAQ,GAAG,IAAI,GAAG,IAAI,GAAG,IAAI,CAAC;AAC1C,MAAM,MAAM,cAAc,GAAG,MAAM,GAAG,MAAM,CAAC;AAC7C,MAAM,MAAM,QAAQ,GAAG,OAAO,GAAG,MAAM,GAAG,QAAQ,GAAG,UAAU,GAAG,aAAa,GAAG,SAAS,GAAG,KAAK,CAAC;AAEpG,MAAM,MAAM,cAAc,GACtB,UAAU,GACV,UAAU,GACV,gBAAgB,GAChB,OAAO,GACP,MAAM,GACN,eAAe,GACf,gBAAgB,GAChB,cAAc,GACd,cAAc,CAAC;AAEnB,MAAM,WAAW,oBAAoB;IACnC,QAAQ,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,EAAE,CAAC;IACb,SAAS,EAAE,KAAK,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,QAAQ,EAAE,QAAQ,GAAG,YAAY,GAAG,SAAS,GAAG,YAAY,CAAC;KAC9D,CAAC,CAAC;IACH,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,EAAE,CAAC;CACzB;AAED,MAAM,WAAW,qBAAqB;IACpC,QAAQ,EAAE,MAAM,CAAC;IACjB,UAAU,EAAE,MAAM,CAAC;IACnB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,wBAAwB;IACvC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,mBAAmB;IAClC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,EAAE,OAAO,GAAG,QAAQ,CAAC;CAC3B;AAED,MAAM,WAAW,kBAAkB;IACjC,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,CAAC;IACjB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,WAAW,mBAAmB;IAClC,UAAU,EAAE,MAAM,CAAC;IACnB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,MAAM,EAAE,cAAc,CAAC;IACvB,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,OAAO,EAAE,MAAM,CAAC;CACjB;AAED,MAAM,WAAW,oBAAoB;IACnC,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,cAAc,EAAE,cAAc,CAAC;IAC/B,UAAU,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,CAAC;CACvC;AAED,MAAM,WAAW,6BAA6B;IAC5C,KAAK,EAAE,MAAM,CAAC;IACd,UAAU,EAAE,MAAM,CAAC;IACnB,sBAAsB,EAAE,cAAc,CAAC;IACvC,UAAU,EAAE,cAAc,CAAC;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,CAAC,EAAE,MAAM,CAAC;CACnB;AAED,MAAM,WAAW,qBAAqB;IACpC,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;CAChB;AAED,MAAM,MAAM,eAAe,GAAG;IAC5B,gBAAgB,EAAE,oBAAoB,CAAC;IACvC,iBAAiB,EAAE,qBAAqB,CAAC;IACzC,oBAAoB,EAAE,wBAAwB,CAAC;IAC/C,eAAe,EAAE,mBAAmB,CAAC;IACrC,cAAc,EAAE,kBAAkB,CAAC;IACnC,eAAe,EAAE,mBAAmB,CAAC;IACrC,gBAAgB,EAAE,oBAAoB,CAAC;IACvC,yBAAyB,EAAE,6BAA6B,CAAC;IACzD,iBAAiB,EAAE,qBAAqB,CAAC;CAC1C,CAAC;AAEF,MAAM,MAAM,SAAS,GAAG,MAAM,eAAe,CAAC;AAE9C,MAAM,MAAM,KAAK,GAAG;KACjB,CAAC,IAAI,SAAS,GAAG;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,cAAc,EAAE,OAAO,cAAc,CAAC;QACtC,EAAE,EAAE,MAAM,CAAC;QACX,KAAK,EAAE,MAAM,CAAC;QACd,IAAI,EAAE,CAAC,CAAC;QACR,OAAO,EAAE,eAAe,CAAC,CAAC,CAAC,CAAC;KAC7B;CACF,CAAC,SAAS,CAAC,CAAC;AAEb,MAAM,WAAW,UAAU;IACzB,EAAE,EAAE,MAAM,CAAC;IACX,OAAO,EAAE,MAAM,CAAC;IAChB,EAAE,EAAE,MAAM,EAAE,CAAC;IACb,SAAS,EAAE,MAAM,CAAC;IAClB,aAAa,EAAE,MAAM,EAAE,CAAC;IACxB,SAAS,EAAE,MAAM,CAAC;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,YAAY;IAC3B,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,IAAI,EAAE,MAAM,CAAC;IACb,OAAO,EAAE,MAAM,CAAC;IAChB,QAAQ,EAAE,QAAQ,CAAC;IACnB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,MAAM,WAAW,OAAO;IACtB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,EAAE,MAAM,CAAC;IACjB,QAAQ,EAAE,MAAM,CAAC;IACjB,KAAK,EAAE,MAAM,CAAC;IACd,QAAQ,EAAE,MAAM,EAAE,CAAC;IACnB,KAAK,EAAE,OAAO,GAAG,QAAQ,CAAC;CAC3B;AAED,MAAM,WAAW,QAAQ;IACvB,EAAE,EAAE,MAAM,CAAC;CACZ;AAED,MAAM,WAAW,WAAW;IAC1B,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,EAAE,MAAM,CAAC;IACnB,KAAK,EAAE,MAAM,CAAC;IACd,OAAO,CAAC,EAAE,MAAM,CAAC;IACjB,EAAE,EAAE,MAAM,CAAC;IACX,QAAQ,CAAC,EAAE,OAAO,CAAC;CACpB;AAED,MAAM,WAAW,UAAU;IACzB,IAAI,EAAE,QAAQ,CAAC;IACf,IAAI,EAAE,MAAM,CAAC;IACb,EAAE,EAAE,MAAM,CAAC;IACX,UAAU,CAAC,EAAE,MAAM,CAAC;IACpB,MAAM,EAAE,MAAM,CAAC;IACf,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,MAAM,WAAW,QAAQ;IACvB,cAAc,EAAE,OAAO,cAAc,CAAC;IACtC,YAAY,EAAE,MAAM,CAAC;IACrB,WAAW,EAAE,MAAM,CAAC;IACpB,WAAW,EAAE,MAAM,CAAC;IACpB,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,UAAU,CAAC,CAAC;IACpC,SAAS,EAAE,MAAM,CAAC,MAAM,EAAE,YAAY,CAAC,CAAC;IACxC,IAAI,EAAE,MAAM,CAAC,MAAM,EAAE,OAAO,CAAC,CAAC;IAC9B,KAAK,EAAE,MAAM,CAAC,MAAM,EAAE,QAAQ,CAAC,CAAC;IAChC,KAAK,EAAE,UAAU,EAAE,CAAC;IACpB,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,WAAW,CAAC,CAAC;CAC9C"}

package/dist/index.d.ts

@@ -8,6 +8,7 @@ export * from './auth/encrypt';
 export * from './auth/key';
 export * from './auth/refresh';
 export * from './auth/state';
+export type { OpenAPIDocument, OpenAPISchema } from './classifier/contract-drift';
 export * from './config/define';
 export * from './config/load';
 export * from './config/schema';
@@ -17,4 +18,5 @@ export * from './jira/retry';
 export * from './jira/types';
 export * from './lock/file-lock';
 export * from './logging/ndjson-logger';
+export * from './scrub';
 //# sourceMappingURL=index.d.ts.map

package/dist/index.d.ts.map

@@ -1 +1 @@
-{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,OAAO,UAAU,CAAC;AAC/B,mBAAmB,iBAAiB,CAAC;AACrC,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAChC,cAAc,kBAAkB,CAAC;AACjC,cAAc,mBAAmB,CAAC;AAClC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC;AAC3B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,cAAc,iBAAiB,CAAC;AAChC,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAChC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,yBAAyB,CAAC"}
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../src/index.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,OAAO,UAAU,CAAC;AAC/B,mBAAmB,iBAAiB,CAAC;AACrC,cAAc,iBAAiB,CAAC;AAChC,cAAc,iBAAiB,CAAC;AAChC,cAAc,kBAAkB,CAAC;AACjC,cAAc,mBAAmB,CAAC;AAClC,cAAc,gBAAgB,CAAC;AAC/B,cAAc,YAAY,CAAC;AAC3B,cAAc,gBAAgB,CAAC;AAC/B,cAAc,cAAc,CAAC;AAC7B,YAAY,EAAE,eAAe,EAAE,aAAa,EAAE,MAAM,6BAA6B,CAAC;AAClF,cAAc,iBAAiB,CAAC;AAChC,cAAc,eAAe,CAAC;AAC9B,cAAc,iBAAiB,CAAC;AAChC,cAAc,eAAe,CAAC;AAC9B,cAAc,eAAe,CAAC;AAC9B,cAAc,cAAc,CAAC;AAC7B,cAAc,cAAc,CAAC;AAC7B,cAAc,kBAAkB,CAAC;AACjC,cAAc,yBAAyB,CAAC;AACxC,cAAc,SAAS,CAAC"}

package/dist/scrub/index.d.ts

@@ -0,0 +1,2 @@
+export * from './rules';
+//# sourceMappingURL=index.d.ts.map

package/dist/scrub/index.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/scrub/index.ts"],"names":[],"mappings":"AAAA,cAAc,SAAS,CAAC"}

package/dist/scrub/rules.d.ts

@@ -0,0 +1,12 @@
+export declare const SENSITIVE_HEADERS: readonly string[];
+export declare const SENSITIVE_BODY_KEYS: readonly RegExp[];
+export declare const JWT_RE: RegExp;
+export declare const CREDIT_CARD_RE: RegExp;
+export declare const EMAIL_RE: RegExp;
+export declare const PHONE_RE: RegExp;
+export declare const EMAIL_RE_G: RegExp;
+export declare const PHONE_RE_G: RegExp;
+export declare function scrubHeaders(headers: Record<string, string>): Record<string, string>;
+export declare function scrubBodyJson(body: unknown): unknown;
+export declare function scrubFreeText(s: string): string;
+//# sourceMappingURL=rules.d.ts.map

package/dist/scrub/rules.d.ts.map

@@ -0,0 +1 @@
+{"version":3,"file":"rules.d.ts","sourceRoot":"","sources":["../../src/scrub/rules.ts"],"names":[],"mappings":"AAAA,eAAO,MAAM,iBAAiB,EAAE,SAAS,MAAM,EAQ9C,CAAC;AAEF,eAAO,MAAM,mBAAmB,EAAE,SAAS,MAAM,EAYhD,CAAC;AAEF,eAAO,MAAM,MAAM,QAAmE,CAAC;AACvF,eAAO,MAAM,cAAc,QAAgC,CAAC;AAC5D,eAAO,MAAM,QAAQ,QAAuD,CAAC;AAE7E,eAAO,MAAM,QAAQ,QAA8B,CAAC;AAIpD,eAAO,MAAM,UAAU,QAAmC,CAAC;AAC3D,eAAO,MAAM,UAAU,QAAmC,CAAC;AAI3D,wBAAgB,YAAY,CAAC,OAAO,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,GAAG,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAMpF;AAED,wBAAgB,aAAa,CAAC,IAAI,EAAE,OAAO,GAAG,OAAO,CAepD;AAED,wBAAgB,aAAa,CAAC,CAAC,EAAE,MAAM,GAAG,MAAM,CAM/C"}

package/dist/src/index.js

@@ -113,7 +113,10 @@ var ClassificationEnum = z2.enum([
   "SELECTOR_DRIFT",
   "FLAKY",
   "TEST_BUG",
-  "TEST_OUTDATED"
+  "TEST_OUTDATED",
+  "CONTRACT_DRIFT",
+  "RATE_LIMITED",
+  "AUTH_EXPIRED"
 ]);
 var ResultEnum = z2.enum(["PASS", "FAIL"]);
 var ConfidenceEnum = z2.enum(["low", "medium", "high"]);
@@ -297,6 +300,32 @@ var WebSchema = z4.object({
   message: "defaultEnv must exist in baseUrl map",
   path: ["defaultEnv"]
 });
+var HttpAuthRoleSchema = z4.object({
+  tokenEnv: z4.string().optional(),
+  userEnv: z4.string().optional(),
+  passEnv: z4.string().optional(),
+  tokenUrl: z4.string().url().optional(),
+  clientIdEnv: z4.string().optional(),
+  clientSecretEnv: z4.string().optional(),
+  scope: z4.string().optional()
+});
+var HttpAuthSchema = z4.object({
+  strategy: z4.enum(["bearer", "apiKey", "basic", "oauth-cc", "custom", "none"]).default("none"),
+  ttl: z4.string().default("8h"),
+  refreshBuffer: z4.string().default("30m"),
+  roles: z4.record(z4.string(), HttpAuthRoleSchema).default({})
+});
+var HttpSchema = z4.object({
+  baseUrl: z4.record(z4.string(), z4.string().url()).refine((m) => Object.keys(m).length > 0, {
+    message: "baseUrl must have at least one environment"
+  }),
+  defaultEnv: z4.string(),
+  spec: z4.string().optional(),
+  auth: HttpAuthSchema.prefault({})
+}).refine((h) => h.baseUrl[h.defaultEnv] !== undefined, {
+  message: "defaultEnv must exist in baseUrl map",
+  path: ["defaultEnv"]
+});
 var JiraSchema = z4.object({
   baseUrl: z4.string().url(),
   projectKeys: z4.array(z4.string().min(1)).min(1),
@@ -332,11 +361,17 @@ var RunSchema = z4.object({
 }).prefault({});
 var XeraConfigSchema = z4.object({
   jira: JiraSchema,
-  web: WebSchema,
+  web: WebSchema.optional(),
+  http: HttpSchema.optional(),
   ai: AISchema,
   reporting: ReportingSchema,
   run: RunSchema.prefault({}),
-  adapters: z4.array(z4.string().min(1)).min(1).default(["web"])
+  adapters: z4.array(z4.enum(["web", "http"])).min(1).default(["web"])
+}).refine((c) => c.web !== undefined || c.http !== undefined, {
+  message: "At least one of `web` or `http` must be configured"
+}).refine((c) => c.adapters.every((a) => (a === "web" ? c.web : c.http) !== undefined), {
+  message: "Every adapter in `adapters` must have a corresponding config block",
+  path: ["adapters"]
 });
 
 // src/config/load.ts
@@ -585,7 +620,66 @@ class NdjsonLogger {
 `).map((line) => JSON.parse(line));
   }
 }
-
+// src/scrub/rules.ts
+var SENSITIVE_HEADERS = [
+  "authorization",
+  "cookie",
+  "set-cookie",
+  "x-api-key",
+  "x-auth-token",
+  "x-csrf-token",
+  "proxy-authorization"
+];
+var SENSITIVE_BODY_KEYS = [
+  /password/i,
+  /passwd/i,
+  /token/i,
+  /secret/i,
+  /api[-_]?key/i,
+  /access[-_]?key/i,
+  /private[-_]?key/i,
+  /authorization/i,
+  /credit[-_]?card/i,
+  /card[-_]?number/i,
+  /cvv/i
+];
+var JWT_RE = /\beyJ[A-Za-z0-9_-]{7,}\.[A-Za-z0-9_-]{8,}\.[A-Za-z0-9_-]{5,}\b/;
+var CREDIT_CARD_RE = /\b(?:\d{4}[-\s]?){3}\d{4}\b/;
+var EMAIL_RE = /\b[A-Za-z0-9._%+-]+@[A-Za-z0-9.-]+\.[A-Za-z]{2,}\b/;
+var PHONE_RE = /(?:\+?\d[\d\s().-]{6,}\d)/;
+var JWT_RE_G = new RegExp(JWT_RE.source, "g");
+var CREDIT_CARD_RE_G = new RegExp(CREDIT_CARD_RE.source, "g");
+var EMAIL_RE_G = new RegExp(EMAIL_RE.source, "g");
+var PHONE_RE_G = new RegExp(PHONE_RE.source, "g");
+var REDACTED = "[REDACTED]";
+function scrubHeaders(headers) {
+  const out = {};
+  for (const [k, v] of Object.entries(headers)) {
+    out[k] = SENSITIVE_HEADERS.includes(k.toLowerCase()) ? REDACTED : v;
+  }
+  return out;
+}
+function scrubBodyJson(body) {
+  if (Array.isArray(body))
+    return body.map(scrubBodyJson);
+  if (body && typeof body === "object") {
+    const out = {};
+    for (const [k, v] of Object.entries(body)) {
+      if (SENSITIVE_BODY_KEYS.some((re) => re.test(k))) {
+        out[k] = REDACTED;
+      } else {
+        out[k] = scrubBodyJson(v);
+      }
+    }
+    return out;
+  }
+  if (typeof body === "string")
+    return scrubFreeText(body);
+  return body;
+}
+function scrubFreeText(s) {
+  return s.replace(JWT_RE_G, REDACTED).replace(CREDIT_CARD_RE_G, REDACTED).replace(EMAIL_RE_G, REDACTED).replace(PHONE_RE_G, REDACTED);
+}
 // src/index.ts
 var VERSION2 = "0.1.0";
 export {
@@ -594,6 +688,9 @@ export {
   writeAuthState,
   withRetry,
   updateMeta,
+  scrubHeaders,
+  scrubFreeText,
+  scrubBodyJson,
   resolveAuthKey,
   resolveArtifactPaths,
   releaseLock,
@@ -621,9 +718,17 @@ export {
   XeraConfigSchema,
   VERSION2 as VERSION,
   StatusJsonSchema,
+  SENSITIVE_HEADERS,
+  SENSITIVE_BODY_KEYS,
+  PHONE_RE_G,
+  PHONE_RE,
   NdjsonLogger,
   MetaJsonSchema,
+  JWT_RE,
   HistoryEntrySchema,
+  EMAIL_RE_G,
+  EMAIL_RE,
+  CREDIT_CARD_RE,
   AuthStateEntrySchema,
   AUTH_KEY_ENV
 };

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@xera-ai/core",
-  "version": "0.4.4",
+  "version": "0.5.0",
   "type": "module",
   "main": "./dist/index.js",
   "types": "./dist/index.d.ts",
@@ -25,12 +25,13 @@
     "bin"
   ],
   "scripts": {
-    "build": "bun build ./src/index.ts ./bin/internal.ts --outdir ./dist --target bun --external @playwright/test --external @xera-ai/web --external zod",
+    "build": "bun build ./src/index.ts ./bin/internal.ts --outdir ./dist --target bun --external @playwright/test --external @xera-ai/web --external @xera-ai/http --external zod",
     "typecheck": "tsc --noEmit"
   },
   "dependencies": {
     "zod": "4.4.3",
-    "@xera-ai/web": "^0.2.0",
+    "@xera-ai/web": "^0.3.0",
+    "@xera-ai/http": "^0.1.0",
     "@playwright/test": "1.60.0",
     "fflate": "0.8.3",
     "yaml": "2.9.0"

package/src/artifact/status.ts

@@ -9,6 +9,9 @@ const ClassificationEnum = z.enum([
   'FLAKY',
   'TEST_BUG',
   'TEST_OUTDATED',
+  'CONTRACT_DRIFT',
+  'RATE_LIMITED',
+  'AUTH_EXPIRED',
 ]);
 const ResultEnum = z.enum(['PASS', 'FAIL']);
 const ConfidenceEnum = z.enum(['low', 'medium', 'high']);

package/src/bin-internal/auth-setup.ts

@@ -0,0 +1,116 @@
+import { existsSync } from 'node:fs';
+import { join } from 'node:path';
+import { pathToFileURL } from 'node:url';
+import { loadConfig } from '../config/load';
+
+interface AuthSetupOpts {
+  role?: string;
+  shape: 'web' | 'http' | 'all';
+}
+
+function parseOpts(argv: string[]): AuthSetupOpts {
+  const opts: AuthSetupOpts = { shape: 'all' };
+  for (let i = 0; i < argv.length; i++) {
+    const a = argv[i];
+    const next = argv[i + 1];
+    if (a === '--role' && next) {
+      opts.role = next;
+      i++;
+    } else if (a === '--shape' && next) {
+      if (next === 'web' || next === 'http' || next === 'all') opts.shape = next;
+      i++;
+    }
+  }
+  return opts;
+}
+
+export async function authSetupCmd(argv: string[]): Promise<number> {
+  const opts = parseOpts(argv);
+  const cwd = process.cwd();
+  const config = await loadConfig(cwd);
+
+  const authSetupScript = join(cwd, 'shared', 'auth-setup.ts');
+  if (!existsSync(authSetupScript)) {
+    console.error(
+      `[xera:auth-setup] auth-setup.ts not found at ${authSetupScript}. Run 'bunx @xera-ai/cli init' first.`,
+    );
+    return 1;
+  }
+
+  const mod = (await import(pathToFileURL(authSetupScript).href)) as {
+    web?: unknown;
+    http?: unknown;
+  };
+
+  let exitCode = 0;
+
+  // Web roles
+  if (
+    (opts.shape === 'all' || opts.shape === 'web') &&
+    config.web &&
+    typeof mod.web === 'function'
+  ) {
+    const { runAuthSetup } = await import('@xera-ai/web');
+    const { chromium } = await import('@playwright/test');
+    const browser = await chromium.launch();
+    try {
+      for (const [roleName, roleCreds] of Object.entries(config.web.auth.roles)) {
+        if (opts.role && roleName !== opts.role) continue;
+        const email = process.env[roleCreds.envEmail];
+        const password = process.env[roleCreds.envPassword];
+        if (!email || !password) {
+          console.error(
+            `[xera:auth-setup] missing env vars ${roleCreds.envEmail} / ${roleCreds.envPassword} for role '${roleName}'`,
+          );
+          exitCode = 1;
+          continue;
+        }
+        try {
+          await runAuthSetup({
+            role: roleName,
+            creds: { email, password },
+            setupScriptPath: authSetupScript,
+            authDir: join(cwd, '.xera', '.auth'),
+            browser,
+          });
+          console.log(`[xera:auth-setup] ✓ ${roleName}.json (web)`);
+        } catch (e) {
+          console.error(`[xera:auth-setup] ✗ web/${roleName}: ${(e as Error).message}`);
+          exitCode = 1;
+        }
+      }
+    } finally {
+      await browser.close();
+    }
+  }
+
+  // Http roles
+  if (
+    (opts.shape === 'all' || opts.shape === 'http') &&
+    config.http &&
+    typeof mod.http === 'function'
+  ) {
+    // The auth-setup.ts template reads config via globalThis; set it for the user's function.
+    (globalThis as Record<string, unknown>).__XERA_HTTP_CONFIG__ = config.http;
+
+    const { runHttpAuthSetup } = await import('@xera-ai/http');
+    for (const roleName of Object.keys(config.http.auth.roles)) {
+      if (opts.role && roleName !== opts.role) continue;
+      try {
+        await runHttpAuthSetup({
+          authDir: join(cwd, '.xera', '.auth'),
+          role: roleName,
+          config: config.http,
+          setupFn: mod.http as Parameters<typeof runHttpAuthSetup>[0]['setupFn'],
+          creds: { email: '', password: '' },
+        });
+        console.log(`[xera:auth-setup] ✓ http/${roleName}.json`);
+      } catch (e) {
+        console.error(`[xera:auth-setup] ✗ http/${roleName}: ${(e as Error).message}`);
+        exitCode = 1;
+      }
+    }
+  }
+
+  return exitCode;
+}