npm - agentic-qe - Versions diffs - 1.4.4 → 1.5.0 - Mend

agentic-qe 1.4.4 → 1.5.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (390) hide show

package/dist/mcp/tools/qe/security/scan-comprehensive.d.ts ADDED Viewed

@@ -0,0 +1,240 @@
+/**
+ * Comprehensive Security Scanning Tool
+ *
+ * Multi-layer security scanning with SAST, DAST, and dependency analysis.
+ * Supports OWASP Top 10, CWE, and SANS Top 25 compliance validation.
+ *
+ * Features:
+ * - Static Application Security Testing (SAST)
+ * - Dynamic Application Security Testing (DAST)
+ * - Dependency vulnerability scanning
+ * - Code pattern analysis with ML-based detection
+ * - Compliance mapping (OWASP, CWE, SANS)
+ * - Severity-based prioritization
+ *
+ * @module security/scan-comprehensive
+ * @version 1.0.0
+ * @author Agentic QE Team - Phase 3
+ * @date 2025-11-09
+ */
+import type { SecurityScanParams, SecurityScanResults, Priority, QEToolResponse, ProgrammingLanguage } from '../shared/types.js';
+/**
+ * Comprehensive security scan result
+ */
+export interface ComprehensiveScanResult {
+    /** Overall scan results */
+    summary: SecurityScanResults;
+    /** SAST findings */
+    sastFindings: SASTFinding[];
+    /** DAST findings */
+    dastFindings: DASTFinding[];
+    /** Dependency vulnerabilities */
+    dependencyVulnerabilities: DependencyVulnerability[];
+    /** Code quality security issues */
+    codeQualityIssues: CodeQualityIssue[];
+    /** Compliance mappings */
+    complianceMappings: ComplianceMapping[];
+    /** Security score (0-100) */
+    securityScore: number;
+    /** Risk level */
+    riskLevel: 'low' | 'medium' | 'high' | 'critical';
+    /** Recommendations */
+    recommendations: SecurityRecommendation[];
+    /** Scan metadata */
+    metadata: ScanMetadata;
+}
+/**
+ * SAST finding (Static Application Security Testing)
+ */
+export interface SASTFinding {
+    /** Finding ID */
+    id: string;
+    /** Vulnerability type */
+    type: 'injection' | 'xss' | 'broken-auth' | 'sensitive-data' | 'xxe' | 'broken-access' | 'security-misconfig' | 'insecure-deserialization' | 'using-components-with-known-vulnerabilities' | 'insufficient-logging';
+    /** Severity */
+    severity: Priority;
+    /** File path */
+    file: string;
+    /** Line number */
+    line: number;
+    /** Column number */
+    column?: number;
+    /** Vulnerable code snippet */
+    codeSnippet: string;
+    /** Description */
+    description: string;
+    /** CWE identifier */
+    cwe: string;
+    /** OWASP category */
+    owaspCategory: string;
+    /** Detection confidence (0-1) */
+    confidence: number;
+    /** Remediation guidance */
+    remediation: string;
+    /** False positive likelihood (0-1) */
+    falsePositiveLikelihood: number;
+}
+/**
+ * DAST finding (Dynamic Application Security Testing)
+ */
+export interface DASTFinding {
+    /** Finding ID */
+    id: string;
+    /** Vulnerability type */
+    type: 'sql-injection' | 'command-injection' | 'path-traversal' | 'open-redirect' | 'csrf' | 'cors-misconfiguration' | 'security-headers-missing';
+    /** Severity */
+    severity: Priority;
+    /** Endpoint URL */
+    endpoint: string;
+    /** HTTP method */
+    method: string;
+    /** Request payload */
+    requestPayload?: string;
+    /** Response evidence */
+    responseEvidence: string;
+    /** Description */
+    description: string;
+    /** CWE identifier */
+    cwe: string;
+    /** Exploitation difficulty */
+    exploitationDifficulty: 'easy' | 'medium' | 'hard';
+    /** Remediation guidance */
+    remediation: string;
+}
+/**
+ * Dependency vulnerability
+ */
+export interface DependencyVulnerability {
+    /** Package name */
+    package: string;
+    /** Installed version */
+    installedVersion: string;
+    /** Vulnerable version range */
+    vulnerableRange: string;
+    /** Patched version */
+    patchedVersion?: string;
+    /** CVE identifiers */
+    cves: string[];
+    /** Severity */
+    severity: Priority;
+    /** CVSS score */
+    cvssScore: number;
+    /** Description */
+    description: string;
+    /** Exploit available */
+    exploitAvailable: boolean;
+    /** Remediation */
+    remediation: string;
+    /** Dependency chain */
+    dependencyChain: string[];
+}
+/**
+ * Code quality security issue
+ */
+export interface CodeQualityIssue {
+    /** Issue type */
+    type: 'hardcoded-secret' | 'weak-crypto' | 'insecure-random' | 'unsafe-reflection' | 'mass-assignment';
+    /** Severity */
+    severity: Priority;
+    /** File path */
+    file: string;
+    /** Line number */
+    line: number;
+    /** Description */
+    description: string;
+    /** Secret type (if applicable) */
+    secretType?: 'api-key' | 'password' | 'token' | 'certificate' | 'private-key';
+    /** Remediation */
+    remediation: string;
+}
+/**
+ * Compliance mapping
+ */
+export interface ComplianceMapping {
+    /** Standard name */
+    standard: 'OWASP' | 'CWE' | 'SANS';
+    /** Category/item identifier */
+    identifier: string;
+    /** Category name */
+    name: string;
+    /** Compliance status */
+    status: 'compliant' | 'non-compliant' | 'partial';
+    /** Findings count */
+    findingsCount: number;
+    /** Severity distribution */
+    severityDistribution: Record<Priority, number>;
+}
+/**
+ * Security recommendation
+ */
+export interface SecurityRecommendation {
+    /** Priority */
+    priority: Priority;
+    /** Category */
+    category: 'immediate' | 'short-term' | 'long-term';
+    /** Title */
+    title: string;
+    /** Description */
+    description: string;
+    /** Implementation steps */
+    steps: string[];
+    /** Estimated effort (hours) */
+    estimatedEffort: number;
+    /** Risk reduction (0-1) */
+    riskReduction: number;
+    /** Affected findings */
+    affectedFindings: string[];
+}
+/**
+ * Scan metadata
+ */
+export interface ScanMetadata {
+    /** Scan ID */
+    scanId: string;
+    /** Target path/URL */
+    target: string;
+    /** Scan type */
+    scanType: 'sast' | 'dast' | 'dependency' | 'comprehensive';
+    /** Scan depth */
+    depth: 'basic' | 'standard' | 'deep';
+    /** Programming language */
+    language?: ProgrammingLanguage;
+    /** Start timestamp */
+    startTime: string;
+    /** End timestamp */
+    endTime: string;
+    /** Duration (ms) */
+    duration: number;
+    /** Files scanned */
+    filesScanned: number;
+    /** Lines of code analyzed */
+    linesOfCode: number;
+    /** Scanner versions */
+    scannerVersions: Record<string, string>;
+}
+/**
+ * Perform comprehensive security scan
+ *
+ * Executes multi-layer security scanning including SAST, DAST, dependency analysis,
+ * and compliance validation.
+ *
+ * @param params - Security scan parameters
+ * @returns Promise resolving to comprehensive scan results
+ *
+ * @example
+ * ```typescript
+ * const result = await scanComprehensiveSecurity({
+ *   scanType: 'comprehensive',
+ *   target: '/workspace/my-app',
+ *   depth: 'deep',
+ *   includeFingerprinting: true,
+ *   complianceStandards: ['OWASP', 'CWE', 'SANS']
+ * });
+ *
+ * console.log(`Security score: ${result.securityScore}/100`);
+ * console.log(`Risk level: ${result.riskLevel}`);
+ * console.log(`Total vulnerabilities: ${result.summary.vulnerabilities.length}`);
+ * ```
+ */
+export declare function scanComprehensiveSecurity(params: SecurityScanParams): Promise<QEToolResponse<ComprehensiveScanResult>>;
+//# sourceMappingURL=scan-comprehensive.d.ts.map

package/dist/mcp/tools/qe/security/scan-comprehensive.d.ts.map ADDED Viewed

@@ -0,0 +1 @@

+ {"version":3,"file":"scan-comprehensive.d.ts","sourceRoot":"","sources":["../../../../../src/mcp/tools/qe/security/scan-comprehensive.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;GAkBG;AAEH,OAAO,KAAK,EACV,kBAAkB,EAClB,mBAAmB,EAEnB,QAAQ,EACR,cAAc,EAEd,mBAAmB,EACpB,MAAM,oBAAoB,CAAC;AAI5B;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,2BAA2B;IAC3B,OAAO,EAAE,mBAAmB,CAAC;IAE7B,oBAAoB;IACpB,YAAY,EAAE,WAAW,EAAE,CAAC;IAE5B,oBAAoB;IACpB,YAAY,EAAE,WAAW,EAAE,CAAC;IAE5B,iCAAiC;IACjC,yBAAyB,EAAE,uBAAuB,EAAE,CAAC;IAErD,mCAAmC;IACnC,iBAAiB,EAAE,gBAAgB,EAAE,CAAC;IAEtC,0BAA0B;IAC1B,kBAAkB,EAAE,iBAAiB,EAAE,CAAC;IAExC,6BAA6B;IAC7B,aAAa,EAAE,MAAM,CAAC;IAEtB,iBAAiB;IACjB,SAAS,EAAE,KAAK,GAAG,QAAQ,GAAG,MAAM,GAAG,UAAU,CAAC;IAElD,sBAAsB;IACtB,eAAe,EAAE,sBAAsB,EAAE,CAAC;IAE1C,oBAAoB;IACpB,QAAQ,EAAE,YAAY,CAAC;CACxB;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,iBAAiB;IACjB,EAAE,EAAE,MAAM,CAAC;IAEX,yBAAyB;IACzB,IAAI,EAAE,WAAW,GAAG,KAAK,GAAG,aAAa,GAAG,gBAAgB,GAAG,KAAK,GAAG,eAAe,GAAG,oBAAoB,GAAG,0BAA0B,GAAG,6CAA6C,GAAG,sBAAsB,CAAC;IAEpN,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IAEnB,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IAEb,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,oBAAoB;IACpB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,8BAA8B;IAC9B,WAAW,EAAE,MAAM,CAAC;IAEpB,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,qBAAqB;IACrB,GAAG,EAAE,MAAM,CAAC;IAEZ,qBAAqB;IACrB,aAAa,EAAE,MAAM,CAAC;IAEtB,iCAAiC;IACjC,UAAU,EAAE,MAAM,CAAC;IAEnB,2BAA2B;IAC3B,WAAW,EAAE,MAAM,CAAC;IAEpB,sCAAsC;IACtC,uBAAuB,EAAE,MAAM,CAAC;CACjC;AAED;;GAEG;AACH,MAAM,WAAW,WAAW;IAC1B,iBAAiB;IACjB,EAAE,EAAE,MAAM,CAAC;IAEX,yBAAyB;IACzB,IAAI,EAAE,eAAe,GAAG,mBAAmB,GAAG,gBAAgB,GAAG,eAAe,GAAG,MAAM,GAAG,uBAAuB,GAAG,0BAA0B,CAAC;IAEjJ,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IAEnB,mBAAmB;IACnB,QAAQ,EAAE,MAAM,CAAC;IAEjB,kBAAkB;IAClB,MAAM,EAAE,MAAM,CAAC;IAEf,sBAAsB;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,wBAAwB;IACxB,gBAAgB,EAAE,MAAM,CAAC;IAEzB,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,qBAAqB;IACrB,GAAG,EAAE,MAAM,CAAC;IAEZ,8BAA8B;IAC9B,sBAAsB,EAAE,MAAM,GAAG,QAAQ,GAAG,MAAM,CAAC;IAEnD,2BAA2B;IAC3B,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,uBAAuB;IACtC,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAEhB,wBAAwB;IACxB,gBAAgB,EAAE,MAAM,CAAC;IAEzB,+BAA+B;IAC/B,eAAe,EAAE,MAAM,CAAC;IAExB,sBAAsB;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,sBAAsB;IACtB,IAAI,EAAE,MAAM,EAAE,CAAC;IAEf,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IAEnB,iBAAiB;IACjB,SAAS,EAAE,MAAM,CAAC;IAElB,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,wBAAwB;IACxB,gBAAgB,EAAE,OAAO,CAAC;IAE1B,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,uBAAuB;IACvB,eAAe,EAAE,MAAM,EAAE,CAAC;CAC3B;AAED;;GAEG;AACH,MAAM,WAAW,gBAAgB;IAC/B,iBAAiB;IACjB,IAAI,EAAE,kBAAkB,GAAG,aAAa,GAAG,iBAAiB,GAAG,mBAAmB,GAAG,iBAAiB,CAAC;IAEvG,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IAEnB,gBAAgB;IAChB,IAAI,EAAE,MAAM,CAAC;IAEb,kBAAkB;IAClB,IAAI,EAAE,MAAM,CAAC;IAEb,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,kCAAkC;IAClC,UAAU,CAAC,EAAE,SAAS,GAAG,UAAU,GAAG,OAAO,GAAG,aAAa,GAAG,aAAa,CAAC;IAE9E,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;CACrB;AAED;;GAEG;AACH,MAAM,WAAW,iBAAiB;IAChC,oBAAoB;IACpB,QAAQ,EAAE,OAAO,GAAG,KAAK,GAAG,MAAM,CAAC;IAEnC,+BAA+B;IAC/B,UAAU,EAAE,MAAM,CAAC;IAEnB,oBAAoB;IACpB,IAAI,EAAE,MAAM,CAAC;IAEb,wBAAwB;IACxB,MAAM,EAAE,WAAW,GAAG,eAAe,GAAG,SAAS,CAAC;IAElD,qBAAqB;IACrB,aAAa,EAAE,MAAM,CAAC;IAEtB,4BAA4B;IAC5B,oBAAoB,EAAE,MAAM,CAAC,QAAQ,EAAE,MAAM,CAAC,CAAC;CAChD;AAED;;GAEG;AACH,MAAM,WAAW,sBAAsB;IACrC,eAAe;IACf,QAAQ,EAAE,QAAQ,CAAC;IAEnB,eAAe;IACf,QAAQ,EAAE,WAAW,GAAG,YAAY,GAAG,WAAW,CAAC;IAEnD,YAAY;IACZ,KAAK,EAAE,MAAM,CAAC;IAEd,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,2BAA2B;IAC3B,KAAK,EAAE,MAAM,EAAE,CAAC;IAEhB,+BAA+B;IAC/B,eAAe,EAAE,MAAM,CAAC;IAExB,2BAA2B;IAC3B,aAAa,EAAE,MAAM,CAAC;IAEtB,wBAAwB;IACxB,gBAAgB,EAAE,MAAM,EAAE,CAAC;CAC5B;AAED;;GAEG;AACH,MAAM,WAAW,YAAY;IAC3B,cAAc;IACd,MAAM,EAAE,MAAM,CAAC;IAEf,sBAAsB;IACtB,MAAM,EAAE,MAAM,CAAC;IAEf,gBAAgB;IAChB,QAAQ,EAAE,MAAM,GAAG,MAAM,GAAG,YAAY,GAAG,eAAe,CAAC;IAE3D,iBAAiB;IACjB,KAAK,EAAE,OAAO,GAAG,UAAU,GAAG,MAAM,CAAC;IAErC,2BAA2B;IAC3B,QAAQ,CAAC,EAAE,mBAAmB,CAAC;IAE/B,sBAAsB;IACtB,SAAS,EAAE,MAAM,CAAC;IAElB,oBAAoB;IACpB,OAAO,EAAE,MAAM,CAAC;IAEhB,oBAAoB;IACpB,QAAQ,EAAE,MAAM,CAAC;IAEjB,oBAAoB;IACpB,YAAY,EAAE,MAAM,CAAC;IAErB,6BAA6B;IAC7B,WAAW,EAAE,MAAM,CAAC;IAEpB,uBAAuB;IACvB,eAAe,EAAE,MAAM,CAAC,MAAM,EAAE,MAAM,CAAC,CAAC;CACzC;AAscD;;;;;;;;;;;;;;;;;;;;;;;GAuBG;AACH,wBAAsB,yBAAyB,CAC7C,MAAM,EAAE,kBAAkB,GACzB,OAAO,CAAC,cAAc,CAAC,uBAAuB,CAAC,CAAC,CA+IlD"}