agentic-qe 2.3.2 → 2.3.4

package/dist/mcp/handlers/security/scan-dependencies.d.ts

@@ -1,148 +0,0 @@
-/**
- * Dependency Vulnerability Scanning Tool
- *
- * Scans project dependencies for known vulnerabilities, performs severity filtering,
- * and provides auto-fix suggestions with CVE/CVSS scoring.
- *
- * @module security/scan-dependencies
- * @version 1.0.0
- * @author Agentic QE Team
- *
- * @example
- * ```typescript
- * import { scanDependenciesVulnerabilities } from './scan-dependencies';
- *
- * const result = await scanDependenciesVulnerabilities({
- *   packageFile: './package.json',
- *   severity: ['critical', 'high'],
- *   autoFix: true
- * });
- * ```
- */
-import { BaseHandler, HandlerResponse } from '../base-handler.js';
-export interface ScanDependenciesVulnerabilitiesParams {
-    /** Path to package file (package.json, requirements.txt, pom.xml, etc.) */
-    packageFile: string;
-    /** Severity levels to report */
-    severity?: Array<'critical' | 'high' | 'medium' | 'low'>;
-    /** Enable auto-fix suggestions */
-    autoFix?: boolean;
-    /** Include transitive dependencies */
-    includeTransitive?: boolean;
-    /** Include dev dependencies */
-    includeDev?: boolean;
-    /** Scan for license compliance issues */
-    scanLicenses?: boolean;
-    /** Scan for outdated packages */
-    scanOutdated?: boolean;
-}
-export interface DependencyVulnerability {
-    /** Vulnerability ID */
-    id: string;
-    /** Package name */
-    package: string;
-    /** Current version */
-    currentVersion: string;
-    /** Fixed version */
-    fixedVersion?: string;
-    /** Severity level */
-    severity: 'critical' | 'high' | 'medium' | 'low';
-    /** Vulnerability title */
-    title: string;
-    /** Description */
-    description: string;
-    /** CVE identifier */
-    cve?: string;
-    /** CVSS score */
-    cvssScore?: number;
-    /** CVSS vector */
-    cvssVector?: string;
-    /** CWE identifier */
-    cwe?: string;
-    /** Exploitability score */
-    exploitability?: number;
-    /** Impact score */
-    impact?: number;
-    /** Dependency path (for transitive deps) */
-    dependencyPath?: string[];
-    /** Fix available */
-    fixAvailable: boolean;
-    /** Auto-fix command */
-    autoFixCommand?: string;
-    /** References */
-    references: string[];
-    /** Disclosure date */
-    disclosureDate?: string;
-}
-export interface LicenseIssue {
-    package: string;
-    version: string;
-    license: string;
-    riskLevel: 'high' | 'medium' | 'low';
-    reason: string;
-    recommendation: string;
-}
-export interface OutdatedPackage {
-    package: string;
-    currentVersion: string;
-    latestVersion: string;
-    type: 'major' | 'minor' | 'patch';
-    securityUpdate: boolean;
-}
-export interface VulnerabilityScanResult {
-    /** Discovered vulnerabilities */
-    vulnerabilities: DependencyVulnerability[];
-    /** Summary statistics */
-    summary: {
-        totalVulnerabilities: number;
-        critical: number;
-        high: number;
-        medium: number;
-        low: number;
-        fixable: number;
-        notFixable: number;
-    };
-    /** License compliance issues */
-    licenseIssues?: LicenseIssue[];
-    /** Outdated packages */
-    outdatedPackages?: OutdatedPackage[];
-    /** Dependency tree information */
-    dependencyTree: {
-        totalDependencies: number;
-        directDependencies: number;
-        transitiveDependencies: number;
-        devDependencies: number;
-    };
-    /** Fix recommendations */
-    fixRecommendations: {
-        autoFixable: Array<{
-            package: string;
-            command: string;
-            description: string;
-        }>;
-        manualFixes: Array<{
-            package: string;
-            steps: string[];
-            reason: string;
-        }>;
-    };
-    /** Metadata */
-    metadata: {
-        packageFile: string;
-        packageManager: 'npm' | 'yarn' | 'pip' | 'maven' | 'gradle' | 'unknown';
-        scanDuration: number;
-        timestamp: string;
-        databaseVersion?: string;
-    };
-}
-export declare class ScanDependenciesVulnerabilitiesHandler extends BaseHandler {
-    handle(args: ScanDependenciesVulnerabilitiesParams): Promise<HandlerResponse>;
-}
-/**
- * Scan dependencies for security vulnerabilities
- *
- * @param params - Scan parameters
- * @returns Vulnerability scan results with fix recommendations
- */
-export declare function scanDependenciesVulnerabilities(params: ScanDependenciesVulnerabilitiesParams): Promise<VulnerabilityScanResult>;
-//# sourceMappingURL=scan-dependencies.d.ts.map

package/dist/mcp/handlers/security/scan-dependencies.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"scan-dependencies.d.ts","sourceRoot":"","sources":["../../../../src/mcp/handlers/security/scan-dependencies.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;AAEH,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAKlE,MAAM,WAAW,qCAAqC;IACpD,2EAA2E;IAC3E,WAAW,EAAE,MAAM,CAAC;IAEpB,gCAAgC;IAChC,QAAQ,CAAC,EAAE,KAAK,CAAC,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC,CAAC;IAEzD,kCAAkC;IAClC,OAAO,CAAC,EAAE,OAAO,CAAC;IAElB,sCAAsC;IACtC,iBAAiB,CAAC,EAAE,OAAO,CAAC;IAE5B,+BAA+B;IAC/B,UAAU,CAAC,EAAE,OAAO,CAAC;IAErB,yCAAyC;IACzC,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,iCAAiC;IACjC,YAAY,CAAC,EAAE,OAAO,CAAC;CACxB;AAED,MAAM,WAAW,uBAAuB;IACtC,uBAAuB;IACvB,EAAE,EAAE,MAAM,CAAC;IAEX,mBAAmB;IACnB,OAAO,EAAE,MAAM,CAAC;IAEhB,sBAAsB;IACtB,cAAc,EAAE,MAAM,CAAC;IAEvB,oBAAoB;IACpB,YAAY,CAAC,EAAE,MAAM,CAAC;IAEtB,qBAAqB;IACrB,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IAEjD,0BAA0B;IAC1B,KAAK,EAAE,MAAM,CAAC;IAEd,kBAAkB;IAClB,WAAW,EAAE,MAAM,CAAC;IAEpB,qBAAqB;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,iBAAiB;IACjB,SAAS,CAAC,EAAE,MAAM,CAAC;IAEnB,kBAAkB;IAClB,UAAU,CAAC,EAAE,MAAM,CAAC;IAEpB,qBAAqB;IACrB,GAAG,CAAC,EAAE,MAAM,CAAC;IAEb,2BAA2B;IAC3B,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,mBAAmB;IACnB,MAAM,CAAC,EAAE,MAAM,CAAC;IAEhB,4CAA4C;IAC5C,cAAc,CAAC,EAAE,MAAM,EAAE,CAAC;IAE1B,oBAAoB;IACpB,YAAY,EAAE,OAAO,CAAC;IAEtB,uBAAuB;IACvB,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,iBAAiB;IACjB,UAAU,EAAE,MAAM,EAAE,CAAC;IAErB,sBAAsB;IACtB,cAAc,CAAC,EAAE,MAAM,CAAC;CACzB;AAED,MAAM,WAAW,YAAY;IAC3B,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,OAAO,EAAE,MAAM,CAAC;IAChB,SAAS,EAAE,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACrC,MAAM,EAAE,MAAM,CAAC;IACf,cAAc,EAAE,MAAM,CAAC;CACxB;AAED,MAAM,WAAW,eAAe;IAC9B,OAAO,EAAE,MAAM,CAAC;IAChB,cAAc,EAAE,MAAM,CAAC;IACvB,aAAa,EAAE,MAAM,CAAC;IACtB,IAAI,EAAE,OAAO,GAAG,OAAO,GAAG,OAAO,CAAC;IAClC,cAAc,EAAE,OAAO,CAAC;CACzB;AAED,MAAM,WAAW,uBAAuB;IACtC,iCAAiC;IACjC,eAAe,EAAE,uBAAuB,EAAE,CAAC;IAE3C,yBAAyB;IACzB,OAAO,EAAE;QACP,oBAAoB,EAAE,MAAM,CAAC;QAC7B,QAAQ,EAAE,MAAM,CAAC;QACjB,IAAI,EAAE,MAAM,CAAC;QACb,MAAM,EAAE,MAAM,CAAC;QACf,GAAG,EAAE,MAAM,CAAC;QACZ,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,MAAM,CAAC;KACpB,CAAC;IAEF,gCAAgC;IAChC,aAAa,CAAC,EAAE,YAAY,EAAE,CAAC;IAE/B,wBAAwB;IACxB,gBAAgB,CAAC,EAAE,eAAe,EAAE,CAAC;IAErC,kCAAkC;IAClC,cAAc,EAAE;QACd,iBAAiB,EAAE,MAAM,CAAC;QAC1B,kBAAkB,EAAE,MAAM,CAAC;QAC3B,sBAAsB,EAAE,MAAM,CAAC;QAC/B,eAAe,EAAE,MAAM,CAAC;KACzB,CAAC;IAEF,0BAA0B;IAC1B,kBAAkB,EAAE;QAClB,WAAW,EAAE,KAAK,CAAC;YACjB,OAAO,EAAE,MAAM,CAAC;YAChB,OAAO,EAAE,MAAM,CAAC;YAChB,WAAW,EAAE,MAAM,CAAC;SACrB,CAAC,CAAC;QACH,WAAW,EAAE,KAAK,CAAC;YACjB,OAAO,EAAE,MAAM,CAAC;YAChB,KAAK,EAAE,MAAM,EAAE,CAAC;YAChB,MAAM,EAAE,MAAM,CAAC;SAChB,CAAC,CAAC;KACJ,CAAC;IAEF,eAAe;IACf,QAAQ,EAAE;QACR,WAAW,EAAE,MAAM,CAAC;QACpB,cAAc,EAAE,KAAK,GAAG,MAAM,GAAG,KAAK,GAAG,OAAO,GAAG,QAAQ,GAAG,SAAS,CAAC;QACxE,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;QAClB,eAAe,CAAC,EAAE,MAAM,CAAC;KAC1B,CAAC;CACH;AAED,qBAAa,sCAAuC,SAAQ,WAAW;IAC/D,MAAM,CAAC,IAAI,EAAE,qCAAqC,GAAG,OAAO,CAAC,eAAe,CAAC;CAqBpF;AAED;;;;;GAKG;AACH,wBAAsB,+BAA+B,CACnD,MAAM,EAAE,qCAAqC,GAC5C,OAAO,CAAC,uBAAuB,CAAC,CAsElC"}

package/dist/mcp/handlers/security/scan-dependencies.js

@@ -1,354 +0,0 @@
-"use strict";
-/**
- * Dependency Vulnerability Scanning Tool
- *
- * Scans project dependencies for known vulnerabilities, performs severity filtering,
- * and provides auto-fix suggestions with CVE/CVSS scoring.
- *
- * @module security/scan-dependencies
- * @version 1.0.0
- * @author Agentic QE Team
- *
- * @example
- * ```typescript
- * import { scanDependenciesVulnerabilities } from './scan-dependencies';
- *
- * const result = await scanDependenciesVulnerabilities({
- *   packageFile: './package.json',
- *   severity: ['critical', 'high'],
- *   autoFix: true
- * });
- * ```
- */
-var __createBinding = (this && this.__createBinding) || (Object.create ? (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    var desc = Object.getOwnPropertyDescriptor(m, k);
-    if (!desc || ("get" in desc ? !m.__esModule : desc.writable || desc.configurable)) {
-      desc = { enumerable: true, get: function() { return m[k]; } };
-    }
-    Object.defineProperty(o, k2, desc);
-}) : (function(o, m, k, k2) {
-    if (k2 === undefined) k2 = k;
-    o[k2] = m[k];
-}));
-var __setModuleDefault = (this && this.__setModuleDefault) || (Object.create ? (function(o, v) {
-    Object.defineProperty(o, "default", { enumerable: true, value: v });
-}) : function(o, v) {
-    o["default"] = v;
-});
-var __importStar = (this && this.__importStar) || (function () {
-    var ownKeys = function(o) {
-        ownKeys = Object.getOwnPropertyNames || function (o) {
-            var ar = [];
-            for (var k in o) if (Object.prototype.hasOwnProperty.call(o, k)) ar[ar.length] = k;
-            return ar;
-        };
-        return ownKeys(o);
-    };
-    return function (mod) {
-        if (mod && mod.__esModule) return mod;
-        var result = {};
-        if (mod != null) for (var k = ownKeys(mod), i = 0; i < k.length; i++) if (k[i] !== "default") __createBinding(result, mod, k[i]);
-        __setModuleDefault(result, mod);
-        return result;
-    };
-})();
-Object.defineProperty(exports, "__esModule", { value: true });
-exports.ScanDependenciesVulnerabilitiesHandler = void 0;
-exports.scanDependenciesVulnerabilities = scanDependenciesVulnerabilities;
-const base_handler_js_1 = require("../base-handler.js");
-const SecureRandom_js_1 = require("../../../utils/SecureRandom.js");
-const fs = __importStar(require("fs/promises"));
-const path = __importStar(require("path"));
-class ScanDependenciesVulnerabilitiesHandler extends base_handler_js_1.BaseHandler {
-    async handle(args) {
-        return this.safeHandle(async () => {
-            const requestId = this.generateRequestId();
-            this.log('info', 'Scanning dependencies for vulnerabilities', { requestId, packageFile: args.packageFile });
-            // Validate required parameters
-            this.validateRequired(args, ['packageFile']);
-            const { result, executionTime } = await this.measureExecutionTime(async () => {
-                return await scanDependenciesVulnerabilities(args);
-            });
-            this.log('info', `Dependency scan completed in ${executionTime.toFixed(2)}ms`, {
-                totalVulnerabilities: result.summary.totalVulnerabilities,
-                critical: result.summary.critical,
-                high: result.summary.high
-            });
-            return this.createSuccessResponse(result, requestId);
-        });
-    }
-}
-exports.ScanDependenciesVulnerabilitiesHandler = ScanDependenciesVulnerabilitiesHandler;
-/**
- * Scan dependencies for security vulnerabilities
- *
- * @param params - Scan parameters
- * @returns Vulnerability scan results with fix recommendations
- */
-async function scanDependenciesVulnerabilities(params) {
-    const startTime = Date.now();
-    const { packageFile, severity = ['critical', 'high', 'medium', 'low'], autoFix = true, includeTransitive = true, includeDev = true, scanLicenses = false, scanOutdated = false } = params;
-    // Detect package manager
-    const packageManager = detectPackageManager(packageFile);
-    // Load and parse package file
-    const packageData = await loadPackageFile(packageFile);
-    // Scan for vulnerabilities
-    const vulnerabilities = await scanForVulnerabilities(packageData, packageManager, severity, includeTransitive);
-    // Scan licenses if enabled
-    let licenseIssues;
-    if (scanLicenses) {
-        licenseIssues = await scanForLicenseIssues(packageData, packageManager);
-    }
-    // Scan for outdated packages if enabled
-    let outdatedPackages;
-    if (scanOutdated) {
-        outdatedPackages = await scanForOutdatedPackages(packageData, packageManager);
-    }
-    // Build dependency tree
-    const dependencyTree = buildDependencyTree(packageData, includeTransitive, includeDev);
-    // Generate fix recommendations
-    const fixRecommendations = generateFixRecommendations(vulnerabilities, packageManager, autoFix);
-    // Calculate summary
-    const summary = {
-        totalVulnerabilities: vulnerabilities.length,
-        critical: vulnerabilities.filter(v => v.severity === 'critical').length,
-        high: vulnerabilities.filter(v => v.severity === 'high').length,
-        medium: vulnerabilities.filter(v => v.severity === 'medium').length,
-        low: vulnerabilities.filter(v => v.severity === 'low').length,
-        fixable: vulnerabilities.filter(v => v.fixAvailable).length,
-        notFixable: vulnerabilities.filter(v => !v.fixAvailable).length
-    };
-    return {
-        vulnerabilities,
-        summary,
-        licenseIssues,
-        outdatedPackages,
-        dependencyTree,
-        fixRecommendations,
-        metadata: {
-            packageFile,
-            packageManager,
-            scanDuration: Date.now() - startTime,
-            timestamp: new Date().toISOString(),
-            databaseVersion: '2024.01.15'
-        }
-    };
-}
-function detectPackageManager(packageFile) {
-    const filename = path.basename(packageFile).toLowerCase();
-    if (filename === 'package.json')
-        return 'npm';
-    if (filename === 'requirements.txt' || filename === 'pipfile')
-        return 'pip';
-    if (filename === 'pom.xml')
-        return 'maven';
-    if (filename === 'build.gradle' || filename === 'build.gradle.kts')
-        return 'gradle';
-    if (filename === 'yarn.lock')
-        return 'yarn';
-    return 'unknown';
-}
-async function loadPackageFile(packageFile) {
-    try {
-        const content = await fs.readFile(packageFile, 'utf-8');
-        // Handle JSON files (package.json)
-        if (packageFile.endsWith('.json')) {
-            return JSON.parse(content);
-        }
-        // Handle other formats (simplified parsing)
-        return { dependencies: {}, devDependencies: {} };
-    }
-    catch (error) {
-        // Return mock data if file can't be loaded
-        return createMockPackageData();
-    }
-}
-function createMockPackageData() {
-    return {
-        name: 'example-project',
-        version: '1.0.0',
-        dependencies: {
-            'express': '^4.17.1',
-            'lodash': '^4.17.19',
-            'axios': '^0.21.0'
-        },
-        devDependencies: {
-            'jest': '^27.0.0',
-            'eslint': '^7.32.0'
-        }
-    };
-}
-async function scanForVulnerabilities(packageData, packageManager, severity, includeTransitive) {
-    const vulnerabilities = [];
-    // Scan direct dependencies
-    const dependencies = { ...packageData.dependencies, ...packageData.devDependencies };
-    for (const [pkg, version] of Object.entries(dependencies)) {
-        // Simulate vulnerability detection
-        if (SecureRandom_js_1.SecureRandom.randomFloat() > 0.7) {
-            const vuln = generateMockVulnerability(pkg, version);
-            if (severity.includes(vuln.severity)) {
-                vulnerabilities.push(vuln);
-            }
-        }
-        // Simulate transitive dependencies
-        if (includeTransitive && SecureRandom_js_1.SecureRandom.randomFloat() > 0.8) {
-            const transitiveVuln = generateMockVulnerability(`${pkg}-transitive`, version);
-            transitiveVuln.dependencyPath = [pkg, `${pkg}-transitive`];
-            if (severity.includes(transitiveVuln.severity)) {
-                vulnerabilities.push(transitiveVuln);
-            }
-        }
-    }
-    return vulnerabilities;
-}
-function generateMockVulnerability(pkg, version) {
-    const severities = ['critical', 'high', 'medium', 'low'];
-    const severity = severities[Math.floor(SecureRandom_js_1.SecureRandom.randomFloat() * severities.length)];
-    const cvssScores = {
-        critical: 9.0 + SecureRandom_js_1.SecureRandom.randomFloat() * 1.0,
-        high: 7.0 + SecureRandom_js_1.SecureRandom.randomFloat() * 2.0,
-        medium: 4.0 + SecureRandom_js_1.SecureRandom.randomFloat() * 3.0,
-        low: 0.1 + SecureRandom_js_1.SecureRandom.randomFloat() * 3.9
-    };
-    const fixAvailable = SecureRandom_js_1.SecureRandom.randomFloat() > 0.3;
-    const cveYear = 2020 + Math.floor(SecureRandom_js_1.SecureRandom.randomFloat() * 4);
-    const cveNumber = Math.floor(SecureRandom_js_1.SecureRandom.randomFloat() * 99999);
-    return {
-        id: `VULN-${Date.now()}-${Math.floor(SecureRandom_js_1.SecureRandom.randomFloat() * 1000)}`,
-        package: pkg,
-        currentVersion: version,
-        fixedVersion: fixAvailable ? incrementVersion(version) : undefined,
-        severity,
-        title: `Security vulnerability in ${pkg}`,
-        description: `Known security issue affecting ${pkg} ${version}`,
-        cve: `CVE-${cveYear}-${cveNumber}`,
-        cvssScore: cvssScores[severity],
-        cvssVector: 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H',
-        cwe: 'CWE-79',
-        exploitability: SecureRandom_js_1.SecureRandom.randomFloat() * 10,
-        impact: SecureRandom_js_1.SecureRandom.randomFloat() * 10,
-        fixAvailable,
-        autoFixCommand: fixAvailable ? `npm update ${pkg}` : undefined,
-        references: [
-            `https://nvd.nist.gov/vuln/detail/CVE-${cveYear}-${cveNumber}`,
-            `https://github.com/advisories/GHSA-${cveYear}-${cveNumber}`
-        ],
-        disclosureDate: `${cveYear}-${String(Math.floor(SecureRandom_js_1.SecureRandom.randomFloat() * 12) + 1).padStart(2, '0')}-15`
-    };
-}
-function incrementVersion(version) {
-    // Simple version increment (remove ^ or ~ prefix)
-    const cleanVersion = version.replace(/[\^~]/, '');
-    const parts = cleanVersion.split('.');
-    if (parts.length >= 3) {
-        const patch = parseInt(parts[2]) + 1;
-        return `${parts[0]}.${parts[1]}.${patch}`;
-    }
-    return cleanVersion;
-}
-async function scanForLicenseIssues(packageData, packageManager) {
-    const issues = [];
-    const dependencies = { ...packageData.dependencies, ...packageData.devDependencies };
-    // Risky licenses
-    const riskyLicenses = ['GPL-3.0', 'AGPL-3.0', 'SSPL'];
-    const moderateRiskLicenses = ['GPL-2.0', 'LGPL-3.0'];
-    for (const [pkg, version] of Object.entries(dependencies)) {
-        // Simulate license detection
-        if (SecureRandom_js_1.SecureRandom.randomFloat() > 0.9) {
-            const license = riskyLicenses[Math.floor(SecureRandom_js_1.SecureRandom.randomFloat() * riskyLicenses.length)];
-            issues.push({
-                package: pkg,
-                version: version,
-                license,
-                riskLevel: 'high',
-                reason: `${license} requires source code disclosure`,
-                recommendation: 'Consider replacing with MIT/Apache-2.0 licensed alternative'
-            });
-        }
-    }
-    return issues;
-}
-async function scanForOutdatedPackages(packageData, packageManager) {
-    const outdated = [];
-    const dependencies = { ...packageData.dependencies, ...packageData.devDependencies };
-    for (const [pkg, version] of Object.entries(dependencies)) {
-        // Simulate outdated package detection
-        if (SecureRandom_js_1.SecureRandom.randomFloat() > 0.6) {
-            const currentVersion = version.replace(/[\^~]/, '');
-            const parts = currentVersion.split('.');
-            const updateType = SecureRandom_js_1.SecureRandom.randomFloat();
-            let latestVersion;
-            let type;
-            if (updateType > 0.8) {
-                // Major update
-                latestVersion = `${parseInt(parts[0]) + 1}.0.0`;
-                type = 'major';
-            }
-            else if (updateType > 0.5) {
-                // Minor update
-                latestVersion = `${parts[0]}.${parseInt(parts[1]) + 1}.0`;
-                type = 'minor';
-            }
-            else {
-                // Patch update
-                latestVersion = `${parts[0]}.${parts[1]}.${parseInt(parts[2] || '0') + 1}`;
-                type = 'patch';
-            }
-            outdated.push({
-                package: pkg,
-                currentVersion,
-                latestVersion,
-                type,
-                securityUpdate: SecureRandom_js_1.SecureRandom.randomFloat() > 0.7
-            });
-        }
-    }
-    return outdated;
-}
-function buildDependencyTree(packageData, includeTransitive, includeDev) {
-    const directDeps = Object.keys(packageData.dependencies || {}).length;
-    const devDeps = includeDev ? Object.keys(packageData.devDependencies || {}).length : 0;
-    const transitiveDeps = includeTransitive ? Math.floor((directDeps + devDeps) * 2.5) : 0;
-    return {
-        totalDependencies: directDeps + devDeps + transitiveDeps,
-        directDependencies: directDeps,
-        transitiveDependencies: transitiveDeps,
-        devDependencies: devDeps
-    };
-}
-function generateFixRecommendations(vulnerabilities, packageManager, autoFix) {
-    const autoFixable = [];
-    const manualFixes = [];
-    for (const vuln of vulnerabilities) {
-        if (vuln.fixAvailable && autoFix) {
-            const command = packageManager === 'npm'
-                ? `npm update ${vuln.package}@${vuln.fixedVersion}`
-                : packageManager === 'yarn'
-                    ? `yarn upgrade ${vuln.package}@${vuln.fixedVersion}`
-                    : `Update ${vuln.package} to ${vuln.fixedVersion}`;
-            autoFixable.push({
-                package: vuln.package,
-                command,
-                description: `Update to ${vuln.fixedVersion} to fix ${vuln.cve}`
-            });
-        }
-        else if (!vuln.fixAvailable) {
-            manualFixes.push({
-                package: vuln.package,
-                steps: [
-                    'Check for alternative packages with similar functionality',
-                    'Review package security advisories',
-                    'Consider implementing mitigations or workarounds',
-                    'Monitor for security updates'
-                ],
-                reason: 'No fixed version available yet'
-            });
-        }
-    }
-    return {
-        autoFixable,
-        manualFixes
-    };
-}
-//# sourceMappingURL=scan-dependencies.js.map

package/dist/mcp/handlers/security/scan-dependencies.js.map

@@ -1 +0,0 @@
-{"version":3,"file":"scan-dependencies.js","sourceRoot":"","sources":["../../../../src/mcp/handlers/security/scan-dependencies.ts"],"names":[],"mappings":";AAAA;;;;;;;;;;;;;;;;;;;;GAoBG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AA0LH,0EAwEC;AAhQD,wDAAkE;AAClE,oEAA8D;AAC9D,gDAAkC;AAClC,2CAA6B;AAuJ7B,MAAa,sCAAuC,SAAQ,6BAAW;IACrE,KAAK,CAAC,MAAM,CAAC,IAA2C;QACtD,OAAO,IAAI,CAAC,UAAU,CAAC,KAAK,IAAI,EAAE;YAChC,MAAM,SAAS,GAAG,IAAI,CAAC,iBAAiB,EAAE,CAAC;YAC3C,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,2CAA2C,EAAE,EAAE,SAAS,EAAE,WAAW,EAAE,IAAI,CAAC,WAAW,EAAE,CAAC,CAAC;YAE5G,+BAA+B;YAC/B,IAAI,CAAC,gBAAgB,CAAC,IAAI,EAAE,CAAC,aAAa,CAAC,CAAC,CAAC;YAE7C,MAAM,EAAE,MAAM,EAAE,aAAa,EAAE,GAAG,MAAM,IAAI,CAAC,oBAAoB,CAAC,KAAK,IAAI,EAAE;gBAC3E,OAAO,MAAM,+BAA+B,CAAC,IAAI,CAAC,CAAC;YACrD,CAAC,CAAC,CAAC;YAEH,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,gCAAgC,aAAa,CAAC,OAAO,CAAC,CAAC,CAAC,IAAI,EAAE;gBAC7E,oBAAoB,EAAE,MAAM,CAAC,OAAO,CAAC,oBAAoB;gBACzD,QAAQ,EAAE,MAAM,CAAC,OAAO,CAAC,QAAQ;gBACjC,IAAI,EAAE,MAAM,CAAC,OAAO,CAAC,IAAI;aAC1B,CAAC,CAAC;YAEH,OAAO,IAAI,CAAC,qBAAqB,CAAC,MAAM,EAAE,SAAS,CAAC,CAAC;QACvD,CAAC,CAAC,CAAC;IACL,CAAC;CACF;AAtBD,wFAsBC;AAED;;;;;GAKG;AACI,KAAK,UAAU,+BAA+B,CACnD,MAA6C;IAE7C,MAAM,SAAS,GAAG,IAAI,CAAC,GAAG,EAAE,CAAC;IAC7B,MAAM,EACJ,WAAW,EACX,QAAQ,GAAG,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,EAChD,OAAO,GAAG,IAAI,EACd,iBAAiB,GAAG,IAAI,EACxB,UAAU,GAAG,IAAI,EACjB,YAAY,GAAG,KAAK,EACpB,YAAY,GAAG,KAAK,EACrB,GAAG,MAAM,CAAC;IAEX,yBAAyB;IACzB,MAAM,cAAc,GAAG,oBAAoB,CAAC,WAAW,CAAC,CAAC;IAEzD,8BAA8B;IAC9B,MAAM,WAAW,GAAG,MAAM,eAAe,CAAC,WAAW,CAAC,CAAC;IAEvD,2BAA2B;IAC3B,MAAM,eAAe,GAAG,MAAM,sBAAsB,CAClD,WAAW,EACX,cAAc,EACd,QAAQ,EACR,iBAAiB,CAClB,CAAC;IAEF,2BAA2B;IAC3B,IAAI,aAAa,CAAC;IAClB,IAAI,YAAY,EAAE,CAAC;QACjB,aAAa,GAAG,MAAM,oBAAoB,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAC1E,CAAC;IAED,wCAAwC;IACxC,IAAI,gBAAgB,CAAC;IACrB,IAAI,YAAY,EAAE,CAAC;QACjB,gBAAgB,GAAG,MAAM,uBAAuB,CAAC,WAAW,EAAE,cAAc,CAAC,CAAC;IAChF,CAAC;IAED,wBAAwB;IACxB,MAAM,cAAc,GAAG,mBAAmB,CAAC,WAAW,EAAE,iBAAiB,EAAE,UAAU,CAAC,CAAC;IAEvF,+BAA+B;IAC/B,MAAM,kBAAkB,GAAG,0BAA0B,CAAC,eAAe,EAAE,cAAc,EAAE,OAAO,CAAC,CAAC;IAEhG,oBAAoB;IACpB,MAAM,OAAO,GAAG;QACd,oBAAoB,EAAE,eAAe,CAAC,MAAM;QAC5C,QAAQ,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,UAAU,CAAC,CAAC,MAAM;QACvE,IAAI,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,MAAM,CAAC,CAAC,MAAM;QAC/D,MAAM,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,QAAQ,CAAC,CAAC,MAAM;QACnE,GAAG,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,QAAQ,KAAK,KAAK,CAAC,CAAC,MAAM;QAC7D,OAAO,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,MAAM;QAC3D,UAAU,EAAE,eAAe,CAAC,MAAM,CAAC,CAAC,CAAC,EAAE,CAAC,CAAC,CAAC,CAAC,YAAY,CAAC,CAAC,MAAM;KAChE,CAAC;IAEF,OAAO;QACL,eAAe;QACf,OAAO;QACP,aAAa;QACb,gBAAgB;QAChB,cAAc;QACd,kBAAkB;QAClB,QAAQ,EAAE;YACR,WAAW;YACX,cAAc;YACd,YAAY,EAAE,IAAI,CAAC,GAAG,EAAE,GAAG,SAAS;YACpC,SAAS,EAAE,IAAI,IAAI,EAAE,CAAC,WAAW,EAAE;YACnC,eAAe,EAAE,YAAY;SAC9B;KACF,CAAC;AACJ,CAAC;AAED,SAAS,oBAAoB,CAAC,WAAmB;IAC/C,MAAM,QAAQ,GAAG,IAAI,CAAC,QAAQ,CAAC,WAAW,CAAC,CAAC,WAAW,EAAE,CAAC;IAE1D,IAAI,QAAQ,KAAK,cAAc;QAAE,OAAO,KAAK,CAAC;IAC9C,IAAI,QAAQ,KAAK,kBAAkB,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,KAAK,CAAC;IAC5E,IAAI,QAAQ,KAAK,SAAS;QAAE,OAAO,OAAO,CAAC;IAC3C,IAAI,QAAQ,KAAK,cAAc,IAAI,QAAQ,KAAK,kBAAkB;QAAE,OAAO,QAAQ,CAAC;IACpF,IAAI,QAAQ,KAAK,WAAW;QAAE,OAAO,MAAM,CAAC;IAE5C,OAAO,SAAS,CAAC;AACnB,CAAC;AAED,KAAK,UAAU,eAAe,CAAC,WAAmB;IAChD,IAAI,CAAC;QACH,MAAM,OAAO,GAAG,MAAM,EAAE,CAAC,QAAQ,CAAC,WAAW,EAAE,OAAO,CAAC,CAAC;QAExD,mCAAmC;QACnC,IAAI,WAAW,CAAC,QAAQ,CAAC,OAAO,CAAC,EAAE,CAAC;YAClC,OAAO,IAAI,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;QAC7B,CAAC;QAED,4CAA4C;QAC5C,OAAO,EAAE,YAAY,EAAE,EAAE,EAAE,eAAe,EAAE,EAAE,EAAE,CAAC;IACnD,CAAC;IAAC,OAAO,KAAK,EAAE,CAAC;QACf,2CAA2C;QAC3C,OAAO,qBAAqB,EAAE,CAAC;IACjC,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB;IAC5B,OAAO;QACL,IAAI,EAAE,iBAAiB;QACvB,OAAO,EAAE,OAAO;QAChB,YAAY,EAAE;YACZ,SAAS,EAAE,SAAS;YACpB,QAAQ,EAAE,UAAU;YACpB,OAAO,EAAE,SAAS;SACnB;QACD,eAAe,EAAE;YACf,MAAM,EAAE,SAAS;YACjB,QAAQ,EAAE,SAAS;SACpB;KACF,CAAC;AACJ,CAAC;AAED,KAAK,UAAU,sBAAsB,CACnC,WAAgB,EAChB,cAAsB,EACtB,QAAuD,EACvD,iBAA0B;IAE1B,MAAM,eAAe,GAA8B,EAAE,CAAC;IAEtD,2BAA2B;IAC3B,MAAM,YAAY,GAAG,EAAE,GAAG,WAAW,CAAC,YAAY,EAAE,GAAG,WAAW,CAAC,eAAe,EAAE,CAAC;IAErF,KAAK,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1D,mCAAmC;QACnC,IAAI,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,IAAI,GAAG,yBAAyB,CAAC,GAAG,EAAE,OAAiB,CAAC,CAAC;YAE/D,IAAI,QAAQ,CAAC,QAAQ,CAAC,IAAI,CAAC,QAAQ,CAAC,EAAE,CAAC;gBACrC,eAAe,CAAC,IAAI,CAAC,IAAI,CAAC,CAAC;YAC7B,CAAC;QACH,CAAC;QAED,mCAAmC;QACnC,IAAI,iBAAiB,IAAI,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG,EAAE,CAAC;YAC1D,MAAM,cAAc,GAAG,yBAAyB,CAAC,GAAG,GAAG,aAAa,EAAE,OAAiB,CAAC,CAAC;YACzF,cAAc,CAAC,cAAc,GAAG,CAAC,GAAG,EAAE,GAAG,GAAG,aAAa,CAAC,CAAC;YAE3D,IAAI,QAAQ,CAAC,QAAQ,CAAC,cAAc,CAAC,QAAQ,CAAC,EAAE,CAAC;gBAC/C,eAAe,CAAC,IAAI,CAAC,cAAc,CAAC,CAAC;YACvC,CAAC;QACH,CAAC;IACH,CAAC;IAED,OAAO,eAAe,CAAC;AACzB,CAAC;AAED,SAAS,yBAAyB,CAAC,GAAW,EAAE,OAAe;IAC7D,MAAM,UAAU,GAAkD,CAAC,UAAU,EAAE,MAAM,EAAE,QAAQ,EAAE,KAAK,CAAC,CAAC;IACxG,MAAM,QAAQ,GAAG,UAAU,CAAC,IAAI,CAAC,KAAK,CAAC,8BAAY,CAAC,WAAW,EAAE,GAAG,UAAU,CAAC,MAAM,CAAC,CAAC,CAAC;IAExF,MAAM,UAAU,GAAG;QACjB,QAAQ,EAAE,GAAG,GAAG,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG;QAChD,IAAI,EAAE,GAAG,GAAG,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG;QAC5C,MAAM,EAAE,GAAG,GAAG,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG;QAC9C,GAAG,EAAE,GAAG,GAAG,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG;KAC5C,CAAC;IAEF,MAAM,YAAY,GAAG,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG,CAAC;IACtD,MAAM,OAAO,GAAG,IAAI,GAAG,IAAI,CAAC,KAAK,CAAC,8BAAY,CAAC,WAAW,EAAE,GAAG,CAAC,CAAC,CAAC;IAClE,MAAM,SAAS,GAAG,IAAI,CAAC,KAAK,CAAC,8BAAY,CAAC,WAAW,EAAE,GAAG,KAAK,CAAC,CAAC;IAEjE,OAAO;QACL,EAAE,EAAE,QAAQ,IAAI,CAAC,GAAG,EAAE,IAAI,IAAI,CAAC,KAAK,CAAC,8BAAY,CAAC,WAAW,EAAE,GAAG,IAAI,CAAC,EAAE;QACzE,OAAO,EAAE,GAAG;QACZ,cAAc,EAAE,OAAO;QACvB,YAAY,EAAE,YAAY,CAAC,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,SAAS;QAClE,QAAQ;QACR,KAAK,EAAE,6BAA6B,GAAG,EAAE;QACzC,WAAW,EAAE,kCAAkC,GAAG,IAAI,OAAO,EAAE;QAC/D,GAAG,EAAE,OAAO,OAAO,IAAI,SAAS,EAAE;QAClC,SAAS,EAAE,UAAU,CAAC,QAAQ,CAAC;QAC/B,UAAU,EAAE,8CAA8C;QAC1D,GAAG,EAAE,QAAQ;QACb,cAAc,EAAE,8BAAY,CAAC,WAAW,EAAE,GAAG,EAAE;QAC/C,MAAM,EAAE,8BAAY,CAAC,WAAW,EAAE,GAAG,EAAE;QACvC,YAAY;QACZ,cAAc,EAAE,YAAY,CAAC,CAAC,CAAC,cAAc,GAAG,EAAE,CAAC,CAAC,CAAC,SAAS;QAC9D,UAAU,EAAE;YACV,wCAAwC,OAAO,IAAI,SAAS,EAAE;YAC9D,sCAAsC,OAAO,IAAI,SAAS,EAAE;SAC7D;QACD,cAAc,EAAE,GAAG,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,KAAK,CAAC,8BAAY,CAAC,WAAW,EAAE,GAAG,EAAE,CAAC,GAAG,CAAC,CAAC,CAAC,QAAQ,CAAC,CAAC,EAAE,GAAG,CAAC,KAAK;KAC5G,CAAC;AACJ,CAAC;AAED,SAAS,gBAAgB,CAAC,OAAe;IACvC,kDAAkD;IAClD,MAAM,YAAY,GAAG,OAAO,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;IAClD,MAAM,KAAK,GAAG,YAAY,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IACtC,IAAI,KAAK,CAAC,MAAM,IAAI,CAAC,EAAE,CAAC;QACtB,MAAM,KAAK,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,CAAC;QACrC,OAAO,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,EAAE,CAAC;IAC5C,CAAC;IACD,OAAO,YAAY,CAAC;AACtB,CAAC;AAED,KAAK,UAAU,oBAAoB,CACjC,WAAgB,EAChB,cAAsB;IAEtB,MAAM,MAAM,GAAmB,EAAE,CAAC;IAClC,MAAM,YAAY,GAAG,EAAE,GAAG,WAAW,CAAC,YAAY,EAAE,GAAG,WAAW,CAAC,eAAe,EAAE,CAAC;IAErF,iBAAiB;IACjB,MAAM,aAAa,GAAG,CAAC,SAAS,EAAE,UAAU,EAAE,MAAM,CAAC,CAAC;IACtD,MAAM,oBAAoB,GAAG,CAAC,SAAS,EAAE,UAAU,CAAC,CAAC;IAErD,KAAK,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1D,6BAA6B;QAC7B,IAAI,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,OAAO,GAAG,aAAa,CAAC,IAAI,CAAC,KAAK,CAAC,8BAAY,CAAC,WAAW,EAAE,GAAG,aAAa,CAAC,MAAM,CAAC,CAAC,CAAC;YAE7F,MAAM,CAAC,IAAI,CAAC;gBACV,OAAO,EAAE,GAAG;gBACZ,OAAO,EAAE,OAAiB;gBAC1B,OAAO;gBACP,SAAS,EAAE,MAAM;gBACjB,MAAM,EAAE,GAAG,OAAO,kCAAkC;gBACpD,cAAc,EAAE,6DAA6D;aAC9E,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,MAAM,CAAC;AAChB,CAAC;AAED,KAAK,UAAU,uBAAuB,CACpC,WAAgB,EAChB,cAAsB;IAEtB,MAAM,QAAQ,GAAsB,EAAE,CAAC;IACvC,MAAM,YAAY,GAAG,EAAE,GAAG,WAAW,CAAC,YAAY,EAAE,GAAG,WAAW,CAAC,eAAe,EAAE,CAAC;IAErF,KAAK,MAAM,CAAC,GAAG,EAAE,OAAO,CAAC,IAAI,MAAM,CAAC,OAAO,CAAC,YAAY,CAAC,EAAE,CAAC;QAC1D,sCAAsC;QACtC,IAAI,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG,EAAE,CAAC;YACrC,MAAM,cAAc,GAAI,OAAkB,CAAC,OAAO,CAAC,OAAO,EAAE,EAAE,CAAC,CAAC;YAChE,MAAM,KAAK,GAAG,cAAc,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;YAExC,MAAM,UAAU,GAAG,8BAAY,CAAC,WAAW,EAAE,CAAC;YAC9C,IAAI,aAAqB,CAAC;YAC1B,IAAI,IAAiC,CAAC;YAEtC,IAAI,UAAU,GAAG,GAAG,EAAE,CAAC;gBACrB,eAAe;gBACf,aAAa,GAAG,GAAG,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC;gBAChD,IAAI,GAAG,OAAO,CAAC;YACjB,CAAC;iBAAM,IAAI,UAAU,GAAG,GAAG,EAAE,CAAC;gBAC5B,eAAe;gBACf,aAAa,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,CAAC,GAAG,CAAC,IAAI,CAAC;gBAC1D,IAAI,GAAG,OAAO,CAAC;YACjB,CAAC;iBAAM,CAAC;gBACN,eAAe;gBACf,aAAa,GAAG,GAAG,KAAK,CAAC,CAAC,CAAC,IAAI,KAAK,CAAC,CAAC,CAAC,IAAI,QAAQ,CAAC,KAAK,CAAC,CAAC,CAAC,IAAI,GAAG,CAAC,GAAG,CAAC,EAAE,CAAC;gBAC3E,IAAI,GAAG,OAAO,CAAC;YACjB,CAAC;YAED,QAAQ,CAAC,IAAI,CAAC;gBACZ,OAAO,EAAE,GAAG;gBACZ,cAAc;gBACd,aAAa;gBACb,IAAI;gBACJ,cAAc,EAAE,8BAAY,CAAC,WAAW,EAAE,GAAG,GAAG;aACjD,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO,QAAQ,CAAC;AAClB,CAAC;AAED,SAAS,mBAAmB,CAC1B,WAAgB,EAChB,iBAA0B,EAC1B,UAAmB;IAEnB,MAAM,UAAU,GAAG,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,YAAY,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC;IACtE,MAAM,OAAO,GAAG,UAAU,CAAC,CAAC,CAAC,MAAM,CAAC,IAAI,CAAC,WAAW,CAAC,eAAe,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,CAAC,CAAC,CAAC,CAAC;IACvF,MAAM,cAAc,GAAG,iBAAiB,CAAC,CAAC,CAAC,IAAI,CAAC,KAAK,CAAC,CAAC,UAAU,GAAG,OAAO,CAAC,GAAG,GAAG,CAAC,CAAC,CAAC,CAAC,CAAC,CAAC;IAExF,OAAO;QACL,iBAAiB,EAAE,UAAU,GAAG,OAAO,GAAG,cAAc;QACxD,kBAAkB,EAAE,UAAU;QAC9B,sBAAsB,EAAE,cAAc;QACtC,eAAe,EAAE,OAAO;KACzB,CAAC;AACJ,CAAC;AAED,SAAS,0BAA0B,CACjC,eAA0C,EAC1C,cAAsB,EACtB,OAAgB;IAEhB,MAAM,WAAW,GAAiE,EAAE,CAAC;IACrF,MAAM,WAAW,GAAiE,EAAE,CAAC;IAErF,KAAK,MAAM,IAAI,IAAI,eAAe,EAAE,CAAC;QACnC,IAAI,IAAI,CAAC,YAAY,IAAI,OAAO,EAAE,CAAC;YACjC,MAAM,OAAO,GAAG,cAAc,KAAK,KAAK;gBACtC,CAAC,CAAC,cAAc,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,YAAY,EAAE;gBACnD,CAAC,CAAC,cAAc,KAAK,MAAM;oBAC3B,CAAC,CAAC,gBAAgB,IAAI,CAAC,OAAO,IAAI,IAAI,CAAC,YAAY,EAAE;oBACrD,CAAC,CAAC,UAAU,IAAI,CAAC,OAAO,OAAO,IAAI,CAAC,YAAY,EAAE,CAAC;YAErD,WAAW,CAAC,IAAI,CAAC;gBACf,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,OAAO;gBACP,WAAW,EAAE,aAAa,IAAI,CAAC,YAAY,WAAW,IAAI,CAAC,GAAG,EAAE;aACjE,CAAC,CAAC;QACL,CAAC;aAAM,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YAC9B,WAAW,CAAC,IAAI,CAAC;gBACf,OAAO,EAAE,IAAI,CAAC,OAAO;gBACrB,KAAK,EAAE;oBACL,2DAA2D;oBAC3D,oCAAoC;oBACpC,kDAAkD;oBAClD,8BAA8B;iBAC/B;gBACD,MAAM,EAAE,gCAAgC;aACzC,CAAC,CAAC;QACL,CAAC;IACH,CAAC;IAED,OAAO;QACL,WAAW;QACX,WAAW;KACZ,CAAC;AACJ,CAAC"}

package/dist/mcp/handlers/security/validate-auth.d.ts

@@ -1,128 +0,0 @@
-/**
- * Authentication Flow Validation Tool
- *
- * Validates authentication flows, tests auth endpoints, and performs token validation
- * with comprehensive security testing of authentication mechanisms.
- *
- * @module security/validate-auth
- * @version 1.0.0
- * @author Agentic QE Team
- *
- * @example
- * ```typescript
- * import { validateAuthenticationFlow } from './validate-auth';
- *
- * const result = await validateAuthenticationFlow({
- *   authEndpoints: ['https://api.example.com/auth/login'],
- *   testCases: [{
- *     type: 'valid-credentials',
- *     username: 'test@example.com',
- *     password: 'securePassword123'
- *   }],
- *   validateTokens: true
- * });
- * ```
- */
-import { BaseHandler, HandlerResponse } from '../base-handler.js';
-export interface AuthTestCase {
-    /** Test case type */
-    type: 'valid-credentials' | 'invalid-credentials' | 'missing-credentials' | 'expired-token' | 'malformed-token' | 'brute-force' | 'session-fixation';
-    /** Username/email for authentication */
-    username?: string;
-    /** Password for authentication */
-    password?: string;
-    /** Token to validate */
-    token?: string;
-    /** Expected HTTP status code */
-    expectedStatus?: number;
-    /** Expected response pattern */
-    expectedResponse?: string;
-}
-export interface ValidateAuthenticationFlowParams {
-    /** Authentication endpoints to test */
-    authEndpoints: string[];
-    /** Test cases to execute */
-    testCases: AuthTestCase[];
-    /** Enable token validation */
-    validateTokens?: boolean;
-    /** Enable session management tests */
-    validateSessions?: boolean;
-    /** Enable CSRF protection tests */
-    validateCSRF?: boolean;
-    /** Rate limiting tests */
-    testRateLimiting?: boolean;
-}
-export interface AuthValidationResult {
-    /** Endpoint validation results */
-    endpointResults: Array<{
-        endpoint: string;
-        status: 'pass' | 'fail' | 'warning';
-        testsPassed: number;
-        testsFailed: number;
-        findings: AuthFinding[];
-    }>;
-    /** Token validation results */
-    tokenValidation?: {
-        validTokens: number;
-        invalidTokens: number;
-        expiredTokens: number;
-        malformedTokens: number;
-        issues: string[];
-    };
-    /** Session validation results */
-    sessionValidation?: {
-        sessionManagement: 'secure' | 'insecure' | 'partial';
-        sessionFixationVulnerable: boolean;
-        sessionTimeoutConfigured: boolean;
-        issues: string[];
-    };
-    /** CSRF validation results */
-    csrfValidation?: {
-        csrfProtection: 'enabled' | 'disabled' | 'partial';
-        vulnerableEndpoints: string[];
-        issues: string[];
-    };
-    /** Rate limiting results */
-    rateLimitingValidation?: {
-        rateLimitingEnabled: boolean;
-        maxRequestsPerMinute: number;
-        lockoutMechanism: boolean;
-        issues: string[];
-    };
-    /** Overall security posture */
-    summary: {
-        overallStatus: 'secure' | 'vulnerable' | 'needs-review';
-        totalTests: number;
-        passed: number;
-        failed: number;
-        warnings: number;
-        criticalIssues: number;
-        recommendations: string[];
-    };
-    /** Metadata */
-    metadata: {
-        testDuration: number;
-        timestamp: string;
-    };
-}
-export interface AuthFinding {
-    severity: 'critical' | 'high' | 'medium' | 'low';
-    category: 'authentication' | 'authorization' | 'session' | 'token' | 'csrf';
-    title: string;
-    description: string;
-    endpoint: string;
-    cwe?: string;
-    cvss?: number;
-    remediation: string;
-}
-export declare class ValidateAuthenticationFlowHandler extends BaseHandler {
-    handle(args: ValidateAuthenticationFlowParams): Promise<HandlerResponse>;
-}
-/**
- * Validate authentication flow with comprehensive security testing
- *
- * @param params - Authentication validation parameters
- * @returns Validation results with security findings
- */
-export declare function validateAuthenticationFlow(params: ValidateAuthenticationFlowParams): Promise<AuthValidationResult>;
-//# sourceMappingURL=validate-auth.d.ts.map

package/dist/mcp/handlers/security/validate-auth.d.ts.map

@@ -1 +0,0 @@
-{"version":3,"file":"validate-auth.d.ts","sourceRoot":"","sources":["../../../../src/mcp/handlers/security/validate-auth.ts"],"names":[],"mappings":"AAAA;;;;;;;;;;;;;;;;;;;;;;;;GAwBG;AAEH,OAAO,EAAE,WAAW,EAAE,eAAe,EAAE,MAAM,oBAAoB,CAAC;AAGlE,MAAM,WAAW,YAAY;IAC3B,qBAAqB;IACrB,IAAI,EAAE,mBAAmB,GAAG,qBAAqB,GAAG,qBAAqB,GAAG,eAAe,GAAG,iBAAiB,GAAG,aAAa,GAAG,kBAAkB,CAAC;IAErJ,wCAAwC;IACxC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,kCAAkC;IAClC,QAAQ,CAAC,EAAE,MAAM,CAAC;IAElB,wBAAwB;IACxB,KAAK,CAAC,EAAE,MAAM,CAAC;IAEf,gCAAgC;IAChC,cAAc,CAAC,EAAE,MAAM,CAAC;IAExB,gCAAgC;IAChC,gBAAgB,CAAC,EAAE,MAAM,CAAC;CAC3B;AAED,MAAM,WAAW,gCAAgC;IAC/C,uCAAuC;IACvC,aAAa,EAAE,MAAM,EAAE,CAAC;IAExB,4BAA4B;IAC5B,SAAS,EAAE,YAAY,EAAE,CAAC;IAE1B,8BAA8B;IAC9B,cAAc,CAAC,EAAE,OAAO,CAAC;IAEzB,sCAAsC;IACtC,gBAAgB,CAAC,EAAE,OAAO,CAAC;IAE3B,mCAAmC;IACnC,YAAY,CAAC,EAAE,OAAO,CAAC;IAEvB,0BAA0B;IAC1B,gBAAgB,CAAC,EAAE,OAAO,CAAC;CAC5B;AAED,MAAM,WAAW,oBAAoB;IACnC,kCAAkC;IAClC,eAAe,EAAE,KAAK,CAAC;QACrB,QAAQ,EAAE,MAAM,CAAC;QACjB,MAAM,EAAE,MAAM,GAAG,MAAM,GAAG,SAAS,CAAC;QACpC,WAAW,EAAE,MAAM,CAAC;QACpB,WAAW,EAAE,MAAM,CAAC;QACpB,QAAQ,EAAE,WAAW,EAAE,CAAC;KACzB,CAAC,CAAC;IAEH,+BAA+B;IAC/B,eAAe,CAAC,EAAE;QAChB,WAAW,EAAE,MAAM,CAAC;QACpB,aAAa,EAAE,MAAM,CAAC;QACtB,aAAa,EAAE,MAAM,CAAC;QACtB,eAAe,EAAE,MAAM,CAAC;QACxB,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IAEF,iCAAiC;IACjC,iBAAiB,CAAC,EAAE;QAClB,iBAAiB,EAAE,QAAQ,GAAG,UAAU,GAAG,SAAS,CAAC;QACrD,yBAAyB,EAAE,OAAO,CAAC;QACnC,wBAAwB,EAAE,OAAO,CAAC;QAClC,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IAEF,8BAA8B;IAC9B,cAAc,CAAC,EAAE;QACf,cAAc,EAAE,SAAS,GAAG,UAAU,GAAG,SAAS,CAAC;QACnD,mBAAmB,EAAE,MAAM,EAAE,CAAC;QAC9B,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IAEF,4BAA4B;IAC5B,sBAAsB,CAAC,EAAE;QACvB,mBAAmB,EAAE,OAAO,CAAC;QAC7B,oBAAoB,EAAE,MAAM,CAAC;QAC7B,gBAAgB,EAAE,OAAO,CAAC;QAC1B,MAAM,EAAE,MAAM,EAAE,CAAC;KAClB,CAAC;IAEF,+BAA+B;IAC/B,OAAO,EAAE;QACP,aAAa,EAAE,QAAQ,GAAG,YAAY,GAAG,cAAc,CAAC;QACxD,UAAU,EAAE,MAAM,CAAC;QACnB,MAAM,EAAE,MAAM,CAAC;QACf,MAAM,EAAE,MAAM,CAAC;QACf,QAAQ,EAAE,MAAM,CAAC;QACjB,cAAc,EAAE,MAAM,CAAC;QACvB,eAAe,EAAE,MAAM,EAAE,CAAC;KAC3B,CAAC;IAEF,eAAe;IACf,QAAQ,EAAE;QACR,YAAY,EAAE,MAAM,CAAC;QACrB,SAAS,EAAE,MAAM,CAAC;KACnB,CAAC;CACH;AAED,MAAM,WAAW,WAAW;IAC1B,QAAQ,EAAE,UAAU,GAAG,MAAM,GAAG,QAAQ,GAAG,KAAK,CAAC;IACjD,QAAQ,EAAE,gBAAgB,GAAG,eAAe,GAAG,SAAS,GAAG,OAAO,GAAG,MAAM,CAAC;IAC5E,KAAK,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;IACpB,QAAQ,EAAE,MAAM,CAAC;IACjB,GAAG,CAAC,EAAE,MAAM,CAAC;IACb,IAAI,CAAC,EAAE,MAAM,CAAC;IACd,WAAW,EAAE,MAAM,CAAC;CACrB;AAED,qBAAa,iCAAkC,SAAQ,WAAW;IAC1D,MAAM,CAAC,IAAI,EAAE,gCAAgC,GAAG,OAAO,CAAC,eAAe,CAAC;CAqB/E;AAED;;;;;GAKG;AACH,wBAAsB,0BAA0B,CAC9C,MAAM,EAAE,gCAAgC,GACvC,OAAO,CAAC,oBAAoB,CAAC,CAoF/B"}