@yasserkhanorg/e2e-agents 0.3.2

package/dist/esm/e2e-test-gen/types.js

@@ -0,0 +1,3 @@
+// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
+// See LICENSE.txt for license information.
+export {};

package/dist/esm/index.js

@@ -0,0 +1,16 @@
+// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
+// See LICENSE.txt for license information.
+export { LLMProviderError, UnsupportedCapabilityError } from './provider_interface.js';
+// Provider implementations
+export { AnthropicProvider, checkAnthropicSetup } from './anthropic_provider.js';
+export { OllamaProvider, checkOllamaSetup } from './ollama_provider.js';
+export { OpenAIProvider, checkOpenAISetup } from './openai_provider.js';
+export { CustomProvider } from './custom_provider.js';
+// Factory
+export { LLMProviderFactory, validateProviderSetup } from './provider_factory.js';
+// Agent API (impact, gap, suggest, traceability ingest)
+export { analyzeImpact, findGaps, recommendTests, handoffGeneratedTests, ingestTraceability, captureTraceability } from './api.js';
+export { appendFeedbackAndRecompute, readCalibration } from './agent/feedback.js';
+export { finalizeGeneratedTests } from './agent/handoff.js';
+export { ingestTraceabilityInput } from './agent/traceability_ingest.js';
+export { captureTraceabilityInput } from './agent/traceability_capture.js';

package/dist/esm/logger.js

@@ -0,0 +1,89 @@
+// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
+// See LICENSE.txt for license information.
+/**
+ * Simple structured logging system
+ * Replaces 18 console.log statements with configurable logging
+ * Environment variable: LOG_LEVEL (ERROR, WARN, INFO, DEBUG)
+ */
+export var LogLevel;
+(function (LogLevel) {
+    LogLevel[LogLevel["ERROR"] = 0] = "ERROR";
+    LogLevel[LogLevel["WARN"] = 1] = "WARN";
+    LogLevel[LogLevel["INFO"] = 2] = "INFO";
+    LogLevel[LogLevel["DEBUG"] = 3] = "DEBUG";
+})(LogLevel || (LogLevel = {}));
+/**
+ * Get log level from environment variable
+ */
+function getLogLevelFromEnv() {
+    const level = process.env.LOG_LEVEL?.toUpperCase() || 'INFO';
+    switch (level) {
+        case 'ERROR':
+            return LogLevel.ERROR;
+        case 'WARN':
+            return LogLevel.WARN;
+        case 'INFO':
+            return LogLevel.INFO;
+        case 'DEBUG':
+            return LogLevel.DEBUG;
+        default:
+            return LogLevel.INFO;
+    }
+}
+/**
+ * Convert log level to string
+ */
+function logLevelToString(level) {
+    switch (level) {
+        case LogLevel.ERROR:
+            return 'ERROR';
+        case LogLevel.WARN:
+            return 'WARN';
+        case LogLevel.INFO:
+            return 'INFO';
+        case LogLevel.DEBUG:
+            return 'DEBUG';
+    }
+}
+export class Logger {
+    constructor(minLevel) {
+        this.level = minLevel ?? getLogLevelFromEnv();
+    }
+    error(message, context) {
+        if (this.level >= LogLevel.ERROR) {
+            this.log(LogLevel.ERROR, message, context);
+        }
+    }
+    warn(message, context) {
+        if (this.level >= LogLevel.WARN) {
+            this.log(LogLevel.WARN, message, context);
+        }
+    }
+    info(message, context) {
+        if (this.level >= LogLevel.INFO) {
+            this.log(LogLevel.INFO, message, context);
+        }
+    }
+    debug(message, context) {
+        if (this.level >= LogLevel.DEBUG) {
+            this.log(LogLevel.DEBUG, message, context);
+        }
+    }
+    setLevel(level) {
+        this.level = level;
+    }
+    log(level, message, context) {
+        const timestamp = new Date().toISOString();
+        const levelStr = logLevelToString(level);
+        const contextStr = context ? ` ${JSON.stringify(context)}` : '';
+        const output = `[${timestamp}] [${levelStr}] ${message}${contextStr}`;
+        if (level <= LogLevel.WARN) {
+            console.error(output);
+        }
+        else {
+            console.log(output);
+        }
+    }
+}
+// Global logger instance
+export const logger = new Logger();

package/dist/esm/mcp-server.js

@@ -0,0 +1,465 @@
+// Copyright (c) 2015-present Mattermost, Inc. All Rights Reserved.
+// See LICENSE.txt for license information.
+/**
+ * MCP Server for E2E Agents - SECURITY HARDENED
+ * Exposes tools for Claude and Playwright agents to discover, generate, and heal tests
+ */
+import { spawnSync } from 'child_process';
+import { readFileSync, writeFileSync, existsSync } from 'fs';
+import { resolve } from 'path';
+import { globSync } from 'glob';
+/**
+ * SECURITY: Path validation helper
+ * Prevents directory traversal attacks
+ */
+function validatePathIsWithinRoot(filePath, rootPath) {
+    try {
+        const normalized = resolve(filePath);
+        const normalizedRoot = resolve(rootPath);
+        return normalized.startsWith(normalizedRoot + '/') || normalized === normalizedRoot;
+    }
+    catch {
+        return false;
+    }
+}
+/**
+ * SECURITY: Input validation for shell arguments
+ * Prevents command injection attacks
+ */
+function validatePlaywrightPattern(pattern) {
+    // Allow alphanumeric, dots, dashes, slashes, asterisks, underscores only
+    return /^[a-zA-Z0-9_\-.*\/]+$/.test(pattern) && !pattern.includes('..') && pattern.length < 512;
+}
+/**
+ * SECURITY: Validate git refs to prevent argument injection
+ */
+function validateGitRef(ref) {
+    // Allow standard git ref patterns: branches, tags, commit hashes
+    // Blocks patterns that start with -- (options) or contain spaces
+    return (/^[a-zA-Z0-9_\-./~^]+$/.test(ref) &&
+        !ref.startsWith('--') &&
+        ref.length < 256 &&
+        !ref.includes('\n') &&
+        !ref.includes('\0'));
+}
+/**
+ * SECURITY: Validate browser names against allowlist
+ */
+function validateBrowsers(browsers) {
+    const allowedBrowsers = new Set(['chromium', 'firefox', 'webkit']);
+    return browsers.length > 0 && browsers.length <= 3 && browsers.every((b) => allowedBrowsers.has(b));
+}
+/**
+ * SECURITY: Glob pattern validation
+ * Restricts to test-related patterns to prevent enumeration of sensitive files
+ */
+function validateGlobPattern(pattern) {
+    // Block attempts to enumerate sensitive patterns
+    const blockedPatterns = [/\*\*\/\*\*/, /\.env/, /\.pem/, /\.key/, /aws|credentials|secret|password/i];
+    if (pattern.length > 256)
+        return false;
+    if (blockedPatterns.some((p) => p.test(pattern)))
+        return false;
+    if (pattern.includes('..'))
+        return false;
+    return /^[a-zA-Z0-9_\-.*\/]+$/.test(pattern);
+}
+/**
+ * SECURITY: Sanitize error messages to prevent information leakage
+ */
+function sanitizeError(error, operation) {
+    if (error instanceof Error) {
+        // Only return safe error message, hide internal details
+        if (error.message.includes('ENOENT')) {
+            return `File not found (${operation})`;
+        }
+        if (error.message.includes('EACCES')) {
+            return `Permission denied (${operation})`;
+        }
+        if (error.message.includes('EISDIR')) {
+            return `Is a directory (${operation})`;
+        }
+        return `Operation failed: ${operation}`;
+    }
+    return 'An unexpected error occurred';
+}
+/**
+ * SECURITY: Rate limiter helper
+ */
+class RateLimiter {
+    constructor(maxRequests = 100, windowMs = 60000) {
+        this.requests = [];
+        this.maxRequests = maxRequests;
+        this.windowMs = windowMs;
+    }
+    isAllowed() {
+        const now = Date.now();
+        this.requests = this.requests.filter((time) => now - time < this.windowMs);
+        if (this.requests.length >= this.maxRequests) {
+            return false;
+        }
+        this.requests.push(now);
+        return true;
+    }
+}
+/**
+ * MCP Server for autonomous test discovery, generation, and healing
+ * Provides tools for Claude to interact with test framework
+ */
+export class E2EAgentsMCPServer {
+    constructor(repoRoot = process.cwd()) {
+        this.repoRoot = repoRoot;
+        this.tools = this.defineTools();
+        this.rateLimiter = new RateLimiter(100, 60000); // 100 requests per minute
+    }
+    defineTools() {
+        return [
+            {
+                name: 'discover_tests',
+                description: 'Discover tests that need to be written based on code changes',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        since: {
+                            type: 'string',
+                            description: 'Git ref to compare against (e.g., HEAD~5, main)',
+                        },
+                        pattern: {
+                            type: 'string',
+                            description: "Test file pattern to search (e.g., '**/*.spec.ts')",
+                        },
+                    },
+                },
+            },
+            {
+                name: 'read_file',
+                description: 'Read a file from the repository',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        path: {
+                            type: 'string',
+                            description: 'File path relative to repo root',
+                        },
+                    },
+                    required: ['path'],
+                },
+            },
+            {
+                name: 'write_file',
+                description: 'Write or create a file in the repository',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        path: {
+                            type: 'string',
+                            description: 'File path relative to repo root',
+                        },
+                        content: {
+                            type: 'string',
+                            description: 'File content to write',
+                        },
+                    },
+                    required: ['path', 'content'],
+                },
+            },
+            {
+                name: 'run_tests',
+                description: 'Run Playwright tests matching a pattern',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        pattern: {
+                            type: 'string',
+                            description: "Test file pattern (e.g., 'tests/**/*.spec.ts')",
+                        },
+                        browsers: {
+                            type: 'array',
+                            items: { type: 'string' },
+                            description: 'Browsers to test (chromium, firefox, webkit)',
+                        },
+                    },
+                },
+            },
+            {
+                name: 'get_git_changes',
+                description: 'Get files changed since a git reference',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        since: {
+                            type: 'string',
+                            description: 'Git ref to compare against (e.g., HEAD~5, main)',
+                        },
+                    },
+                },
+            },
+            {
+                name: 'get_repository_context',
+                description: 'Get repository structure and project metadata',
+                inputSchema: {
+                    type: 'object',
+                    properties: {
+                        include: {
+                            type: 'array',
+                            items: { type: 'string' },
+                            description: 'What to include (package.json, tsconfig, playwright.config, tests)',
+                        },
+                    },
+                },
+            },
+        ];
+    }
+    /**
+     * Handle tool calls from Claude/Playwright agents
+     * SECURITY: Rate limiting enforced
+     */
+    async callTool(name, args) {
+        // SECURITY: Rate limiting
+        if (!this.rateLimiter.isAllowed()) {
+            return JSON.stringify({ error: 'Rate limit exceeded. Too many requests.' });
+        }
+        switch (name) {
+            case 'discover_tests':
+                return this.discoverTests(args);
+            case 'read_file':
+                return this.readFile(args);
+            case 'write_file':
+                return this.writeFile(args);
+            case 'run_tests':
+                return this.runTests(args);
+            case 'get_git_changes':
+                return this.getGitChanges(args);
+            case 'get_repository_context':
+                return this.getRepositoryContext(args);
+            default:
+                return JSON.stringify({ error: 'Unknown tool' });
+        }
+    }
+    discoverTests(args) {
+        try {
+            const since = args.since || 'HEAD~5';
+            const pattern = args.pattern || '**/*.spec.ts';
+            // SECURITY: Validate inputs
+            if (!validateGitRef(since)) {
+                return JSON.stringify({ error: 'Invalid git reference format' });
+            }
+            if (!validateGlobPattern(pattern)) {
+                return JSON.stringify({ error: 'Invalid pattern format' });
+            }
+            // Get changed files
+            const changedFiles = this.getChangedFiles(since);
+            // Find test files that might need updating
+            const testFiles = globSync(pattern, { cwd: this.repoRoot });
+            return JSON.stringify({
+                changedFiles,
+                existingTests: testFiles,
+                recommendedTests: this.analyzeChangesForTests(changedFiles, testFiles),
+            });
+        }
+        catch (error) {
+            return JSON.stringify({ error: sanitizeError(error, 'discover_tests') });
+        }
+    }
+    readFile(args) {
+        try {
+            // SECURITY: Path traversal prevention
+            const filePath = resolve(this.repoRoot, args.path);
+            if (!validatePathIsWithinRoot(filePath, this.repoRoot)) {
+                return JSON.stringify({ error: 'Access denied' });
+            }
+            if (!existsSync(filePath)) {
+                return JSON.stringify({ error: 'File not found' });
+            }
+            const content = readFileSync(filePath, 'utf-8');
+            return JSON.stringify({ path: args.path, content });
+        }
+        catch (error) {
+            return JSON.stringify({ error: sanitizeError(error, 'read_file') });
+        }
+    }
+    writeFile(args) {
+        try {
+            // SECURITY: Path traversal prevention
+            const filePath = resolve(this.repoRoot, args.path);
+            if (!validatePathIsWithinRoot(filePath, this.repoRoot)) {
+                return JSON.stringify({ error: 'Access denied' });
+            }
+            // SECURITY: Size limit to prevent resource exhaustion
+            if (args.content.length > 10 * 1024 * 1024) {
+                // 10MB limit
+                return JSON.stringify({ error: 'File too large' });
+            }
+            writeFileSync(filePath, args.content, 'utf-8');
+            return JSON.stringify({ success: true, path: args.path });
+        }
+        catch (error) {
+            return JSON.stringify({ error: sanitizeError(error, 'write_file') });
+        }
+    }
+    runTests(args) {
+        try {
+            const pattern = args.pattern || '**/*.spec.ts';
+            const browsers = args.browsers || ['chromium'];
+            // SECURITY: Validate inputs
+            if (!validatePlaywrightPattern(pattern)) {
+                return JSON.stringify({ error: 'Invalid test pattern' });
+            }
+            if (!validateBrowsers(browsers)) {
+                return JSON.stringify({ error: 'Invalid browser specification' });
+            }
+            const projectArgs = browsers.flatMap((browser) => ['--project', browser]);
+            // SECURITY: Use -- to separate playwright options from test args
+            const result = spawnSync('npx', [
+                'playwright',
+                'test',
+                ...projectArgs,
+                '--',
+                pattern,
+            ], {
+                cwd: this.repoRoot,
+                encoding: 'utf-8',
+                timeout: 300000, // 5 minute timeout
+                maxBuffer: 1024 * 1024, // 1MB output limit
+            });
+            if (result.error) {
+                return JSON.stringify({
+                    success: false,
+                    error: 'Test execution failed',
+                });
+            }
+            // SECURITY: Don't leak full stdout/stderr, summarize instead
+            const stdout = result.stdout ? result.stdout.substring(0, 5000) : '';
+            const stderr = result.stderr ? result.stderr.substring(0, 5000) : '';
+            return JSON.stringify({
+                success: result.status === 0,
+                summary: `Exit code: ${result.status}`,
+                testsPassed: stdout.includes('passed'),
+                testsFailed: stdout.includes('failed'),
+            });
+        }
+        catch (error) {
+            return JSON.stringify({
+                success: false,
+                error: 'Test execution error',
+            });
+        }
+    }
+    getGitChanges(args) {
+        try {
+            const since = args.since || 'HEAD~5';
+            // SECURITY: Validate git ref
+            if (!validateGitRef(since)) {
+                return JSON.stringify({ error: 'Invalid git reference format' });
+            }
+            // SECURITY: Use -- to separate git options from refs
+            const result = spawnSync('git', ['diff', '--name-only', '--', `${since}..HEAD`], {
+                cwd: this.repoRoot,
+                encoding: 'utf-8',
+                timeout: 30000,
+            });
+            if (result.error) {
+                return JSON.stringify({ error: 'Git operation failed' });
+            }
+            const changedFiles = result.stdout.trim().split('\n').filter((f) => f);
+            return JSON.stringify({ changedFiles });
+        }
+        catch (error) {
+            return JSON.stringify({ error: 'Git operation error' });
+        }
+    }
+    getRepositoryContext(args) {
+        try {
+            const defaultInclude = ['package.json', 'tsconfig.json', 'playwright.config.ts', 'playwright.config.js'];
+            const include = args.include || defaultInclude;
+            // SECURITY: Limit to allowed filenames
+            const allowedFiles = new Set([
+                'package.json',
+                'tsconfig.json',
+                'tsconfig.base.json',
+                'playwright.config.ts',
+                'playwright.config.js',
+                'jest.config.js',
+                '.npmrc',
+                'README.md',
+            ]);
+            const context = {};
+            for (const file of include) {
+                // SECURITY: Validate each path
+                if (!allowedFiles.has(file)) {
+                    continue; // Skip non-allowed files
+                }
+                const filePath = resolve(this.repoRoot, file);
+                if (!validatePathIsWithinRoot(filePath, this.repoRoot)) {
+                    continue;
+                }
+                if (existsSync(filePath)) {
+                    try {
+                        context[file] = readFileSync(filePath, 'utf-8');
+                    }
+                    catch {
+                        // Ignore read errors for individual files
+                    }
+                }
+            }
+            // Add test structure with safe globbing
+            const testFiles = globSync('**/*.spec.ts', {
+                cwd: this.repoRoot,
+                ignore: 'node_modules/**',
+                maxDepth: 5,
+            });
+            context.testFiles = testFiles.slice(0, 100); // Limit to 100 files
+            return JSON.stringify(context);
+        }
+        catch (error) {
+            return JSON.stringify({ error: sanitizeError(error, 'get_repository_context') });
+        }
+    }
+    getChangedFiles(since) {
+        try {
+            // SECURITY: Validate git ref before use
+            if (!validateGitRef(since)) {
+                return [];
+            }
+            // SECURITY: Use -- separator
+            const result = spawnSync('git', ['diff', '--name-only', '--', `${since}..HEAD`], {
+                cwd: this.repoRoot,
+                encoding: 'utf-8',
+                timeout: 30000,
+            });
+            if (result.error) {
+                return [];
+            }
+            return result.stdout.trim().split('\n').filter((f) => f);
+        }
+        catch {
+            return [];
+        }
+    }
+    analyzeChangesForTests(changedFiles, existingTests) {
+        // Simple heuristic: if a source file changed, suggest a test for it
+        return changedFiles
+            .filter((f) => !f.endsWith('.spec.ts') && !f.endsWith('.test.ts'))
+            .slice(0, 10) // Limit results
+            .map((f) => {
+            const testFile = f.replace(/\.(ts|js)$/, '.spec.ts');
+            return testFile;
+        });
+    }
+    /**
+     * Get all available tools
+     */
+    getTools() {
+        return this.tools;
+    }
+}
+/**
+ * Start MCP server
+ * Usage: node dist/mcp-server.js
+ */
+if (require.main === module) {
+    const server = new E2EAgentsMCPServer();
+    console.log('E2E Agents MCP Server started');
+    console.log('Tools:', server.getTools().map((t) => t.name).join(', '));
+}
+export default E2EAgentsMCPServer;