npm - agentic-qe - Versions diffs - 3.8.0 → 3.8.2 - Mend

agentic-qe 3.8.0 → 3.8.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (341) hide show

package/.opencode/tools/qe-full-audit.ts ADDED Viewed

@@ -0,0 +1,81 @@
+import { z } from 'zod';
+export default {
+  name: 'qe-full-audit',
+  description: 'Run comprehensive QE audit: quality assessment + security scan + coverage analysis in sequence',
+  parameters: z.object({
+    target: z.string().describe('Target path to audit (e.g., "src/" or "src/services/")'),
+    includeTests: z.boolean().default(true).describe('Include test files in the audit scope'),
+    runGate: z.boolean().default(true).describe('Run quality gate evaluation to determine pass/fail'),
+    dast: z.boolean().default(false).describe('Include DAST (dynamic) scanning in addition to SAST'),
+  }),
+  execute: async (
+    params: { target: string; includeTests: boolean; runGate: boolean; dast: boolean },
+    ctx: any,
+  ) => {
+    const startTime = Date.now();
+    const results: Record<string, any> = {};
+    const errors: string[] = [];
+    // Step 1: Quality assessment
+    try {
+      results.quality = await ctx.callTool('mcp:agentic-qe:quality_assess', {
+        runGate: params.runGate,
+      });
+    } catch (err: any) {
+      errors.push(`Quality assessment failed: ${err.message}`);
+    }
+    // Step 2: Security scan (SAST + optional DAST)
+    try {
+      results.security = await ctx.callTool('mcp:agentic-qe:security_scan_comprehensive', {
+        target: params.target,
+        sast: true,
+        dast: params.dast,
+      });
+    } catch (err: any) {
+      errors.push(`Security scan failed: ${err.message}`);
+    }
+    // Step 3: Coverage analysis with gap detection
+    try {
+      results.coverage = await ctx.callTool('mcp:agentic-qe:coverage_analyze_sublinear', {
+        target: params.target,
+        detectGaps: true,
+      });
+    } catch (err: any) {
+      errors.push(`Coverage analysis failed: ${err.message}`);
+    }
+    const elapsed = Date.now() - startTime;
+    // Store audit results in memory for tracking
+    try {
+      await ctx.callTool('mcp:agentic-qe:memory_store', {
+        key: `audit/${params.target}/${Date.now()}`,
+        namespace: 'qe-audits',
+        value: {
+          target: params.target,
+          timestamp: new Date().toISOString(),
+          quality: results.quality ?? null,
+          security: results.security ?? null,
+          coverage: results.coverage ?? null,
+          errors,
+          elapsedMs: elapsed,
+        },
+      });
+    } catch {
+      // Non-critical: memory store failure should not fail the audit
+    }
+    return {
+      target: params.target,
+      quality: results.quality ?? { error: 'Assessment failed' },
+      security: results.security ?? { error: 'Scan failed' },
+      coverage: results.coverage ?? { error: 'Analysis failed' },
+      errors: errors.length > 0 ? errors : undefined,
+      elapsedMs: elapsed,
+      summary: `Audit completed in ${elapsed}ms. ${errors.length} errors encountered.`,
+    };
+  },
+};

package/.opencode/tools/qe-learning-report.ts ADDED Viewed

@@ -0,0 +1,74 @@
+import { z } from 'zod';
+export default {
+  name: 'qe-learning-report',
+  description: 'Query AQE memory for learned patterns and generate a comprehensive learning summary report',
+  parameters: z.object({
+    namespace: z.string().default('default').describe('Memory namespace to query'),
+    pattern: z.string().default('*').describe('Key pattern to match (glob syntax)'),
+    includeSemanticSearch: z.boolean().default(false).describe('Use HNSW semantic search'),
+    semanticQuery: z.string().optional().describe('Natural language query for semantic search'),
+    limit: z.number().default(50).describe('Maximum number of entries to retrieve'),
+  }),
+  execute: async (
+    params: {
+      namespace: string;
+      pattern: string;
+      includeSemanticSearch: boolean;
+      semanticQuery?: string;
+      limit: number;
+    },
+    ctx: any,
+  ) => {
+    const startTime = Date.now();
+    const results: Record<string, any> = {};
+    // Step 1: Pattern-based memory query
+    try {
+      results.patterns = await ctx.callTool('mcp:agentic-qe:memory_query', {
+        pattern: params.pattern,
+        namespace: params.namespace,
+      });
+    } catch (err: any) {
+      results.patterns = { error: `Pattern query failed: ${err.message}` };
+    }
+    // Step 2: Semantic search (if requested)
+    if (params.includeSemanticSearch && params.semanticQuery) {
+      try {
+        results.semantic = await ctx.callTool('mcp:agentic-qe:memory_query', {
+          pattern: params.semanticQuery,
+          namespace: params.namespace,
+          semantic: true,
+        });
+      } catch (err: any) {
+        results.semantic = { error: `Semantic search failed: ${err.message}` };
+      }
+    }
+    // Step 3: Get memory usage stats
+    try {
+      results.usage = await ctx.callTool('mcp:agentic-qe:memory_usage', {});
+    } catch (err: any) {
+      results.usage = { error: `Memory usage query failed: ${err.message}` };
+    }
+    const elapsed = Date.now() - startTime;
+    // Compile summary
+    const patternCount = Array.isArray(results.patterns?.data)
+      ? results.patterns.data.length
+      : 0;
+    const semanticCount = Array.isArray(results.semantic?.data)
+      ? results.semantic.data.length
+      : 0;
+    return {
+      patterns: results.patterns,
+      semanticResults: results.semantic,
+      memoryUsage: results.usage,
+      elapsedMs: elapsed,
+      summary: `Learning report: ${patternCount} pattern matches, ${semanticCount} semantic matches. Generated in ${elapsed}ms.`,
+    };
+  },
+};

package/.opencode/tools/qe-test-and-verify.ts ADDED Viewed

@@ -0,0 +1,97 @@
+import { z } from 'zod';
+export default {
+  name: 'qe-test-and-verify',
+  description: 'Generate tests for source code, execute them, and analyze coverage gaps in one pipeline',
+  parameters: z.object({
+    sourceCode: z.string().describe('Source code or file path to generate tests for'),
+    language: z.string().default('typescript').describe('Programming language of the source'),
+    testType: z
+      .enum(['unit', 'integration', 'e2e'])
+      .default('unit')
+      .describe('Type of tests to generate'),
+    coverageTarget: z.number().default(80).describe('Target coverage percentage'),
+    parallel: z.boolean().default(true).describe('Execute tests in parallel'),
+  }),
+  execute: async (
+    params: {
+      sourceCode: string;
+      language: string;
+      testType: 'unit' | 'integration' | 'e2e';
+      coverageTarget: number;
+      parallel: boolean;
+    },
+    ctx: any,
+  ) => {
+    const startTime = Date.now();
+    const results: Record<string, any> = {};
+    // Step 1: Generate tests
+    try {
+      results.generated = await ctx.callTool('mcp:agentic-qe:test_generate_enhanced', {
+        sourceCode: params.sourceCode,
+        language: params.language,
+        testType: params.testType,
+      });
+    } catch (err: any) {
+      return {
+        error: `Test generation failed: ${err.message}`,
+        phase: 'generate',
+      };
+    }
+    // Step 2: Execute generated tests
+    const testFiles = results.generated?.testFiles ?? [];
+    if (testFiles.length > 0) {
+      try {
+        results.execution = await ctx.callTool('mcp:agentic-qe:test_execute_parallel', {
+          testFiles,
+          parallel: params.parallel,
+        });
+      } catch (err: any) {
+        results.execution = { error: `Test execution failed: ${err.message}` };
+      }
+    }
+    // Step 3: Analyze coverage gaps
+    try {
+      results.coverage = await ctx.callTool('mcp:agentic-qe:coverage_analyze_sublinear', {
+        target: params.sourceCode,
+        detectGaps: true,
+      });
+    } catch (err: any) {
+      results.coverage = { error: `Coverage analysis failed: ${err.message}` };
+    }
+    const elapsed = Date.now() - startTime;
+    const coverageMet =
+      results.coverage?.summary?.statements?.percentage >= params.coverageTarget;
+    // Store results for learning
+    try {
+      await ctx.callTool('mcp:agentic-qe:memory_store', {
+        key: `test-verify/${Date.now()}`,
+        namespace: 'qe-test-results',
+        value: {
+          source: params.sourceCode,
+          testType: params.testType,
+          testsGenerated: testFiles.length,
+          coverageMet,
+          timestamp: new Date().toISOString(),
+        },
+      });
+    } catch {
+      // Non-critical
+    }
+    return {
+      generated: results.generated,
+      execution: results.execution,
+      coverage: results.coverage,
+      coverageTarget: params.coverageTarget,
+      coverageMet,
+      elapsedMs: elapsed,
+      summary: `Generated ${testFiles.length} test files. Coverage target ${params.coverageTarget}%: ${coverageMet ? 'MET' : 'NOT MET'}.`,
+    };
+  },
+};

package/CHANGELOG.md CHANGED Viewed

@@ -5,6 +5,38 @@ All notable changes to the Agentic QE project will be documented in this file.
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+## [3.8.2] - 2026-03-17
+### Fixed
+- **YAML frontmatter validation** — Removed blank lines inside frontmatter delimiters across 114 SKILL.md files that caused parsers to fail. ([#360](https://github.com/proffesor-for-testing/agentic-qe/issues/360))
+- **OpenCode installer path resolution** — `aqe init --with-opencode` now resolves source paths relative to the package installation directory instead of CWD, fixing 0-agent installs for global npm users. ([#361](https://github.com/proffesor-for-testing/agentic-qe/issues/361))
+- **Settings permissions overwrite** — `aqe init --upgrade` now union-merges AQE permissions into existing `settings.json` instead of replacing the entire permissions array, preserving user-added entries. ([#362](https://github.com/proffesor-for-testing/agentic-qe/issues/362))
+- **Hook path fallback** — Brain-checkpoint and statusline hook commands now use a hardcoded absolute path fallback (resolved at install time) instead of `pwd`, which could resolve incorrectly outside the project root. ([#363](https://github.com/proffesor-for-testing/agentic-qe/issues/363))
+- **Agent updated date** — `aqe init --upgrade` now bumps the `updated:` field in agent frontmatter when overlays modify content. ([#365](https://github.com/proffesor-for-testing/agentic-qe/issues/365))
+- **Validation pipeline docs** — Fixed `--steps` parameter documentation to consistently describe comma-separated format. ([#367](https://github.com/proffesor-for-testing/agentic-qe/issues/367))
+### Added
+- **Validation pipeline helper** — New `.claude/helpers/validation-pipeline.cjs` implements the 13-step requirements validation pipeline with sequential execution, gate enforcement, per-step scoring, and weighted category rollup. ([#364](https://github.com/proffesor-for-testing/agentic-qe/issues/364))
+### Changed
+- **Security scanner dependency** — `qe-security-scanner` dependency on `qe-dependency-mapper` changed from `hard` to `soft`, allowing security scans to start immediately without waiting for the full dependency graph. ([#366](https://github.com/proffesor-for-testing/agentic-qe/issues/366))
+- **Ruflo rebrand** — Completed `claude-flow` to `ruflo` rename across all remaining skills, helpers, and TypeScript bridge modules with `resolveCliPackage()` for consistent CLI resolution.
+- **CI stability** — Resolved CI timeouts, cancellations, and test failures from PR #350.
+## [3.8.1] - 2026-03-17
+### Fixed
+- **MCP tool prefix mismatch** — 8 agent definition files referenced tools using `mcp__agentic_qe_v3__` prefix instead of the correct `mcp__agentic-qe__` matching the registered MCP server name. This caused agent subagents to fail tool invocations and `claude -p` to hang waiting for permission approval. ([#357](https://github.com/proffesor-for-testing/agentic-qe/issues/357))
+- **Permission pattern mismatch** — `.claude/settings.json` and `settings-merge.ts` used underscore variant `mcp__agentic_qe__*` instead of the hyphenated `mcp__agentic-qe__*`, preventing automatic permission matching for MCP tool calls.
+### Changed
+- **v3.8.0 release notes** — Added real benchmark data collected during RuVector integration development (150x HNSW speedup, 9.2x MicroLoRA WASM acceleration, 4x memory reduction).
 ## [3.8.0] - 2026-03-16
 ### Added

package/assets/agents/v3/qe-message-broker-tester.md CHANGED Viewed

@@ -95,7 +95,7 @@ Coordination:
 ### Query Known Messaging Patterns BEFORE Testing
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "messaging/patterns",
   namespace: "learning"
 })
@@ -105,7 +105,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store Message Broker Testing Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "message-broker-tester/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -154,7 +154,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "message-broker-testing-complete",
   priority: "p1",
   payload: {

package/assets/agents/v3/qe-middleware-validator.md CHANGED Viewed

@@ -92,7 +92,7 @@ Coordination:
 ### Query Known Middleware Patterns BEFORE Testing
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "middleware/patterns",
   namespace: "learning"
 })
@@ -102,7 +102,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store Middleware Validation Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "middleware-validator/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -150,7 +150,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "middleware-validation-complete",
   priority: "p1",
   payload: {

package/assets/agents/v3/qe-odata-contract-tester.md CHANGED Viewed

@@ -99,7 +99,7 @@ Coordination:
 ### Query Known OData Patterns BEFORE Validation
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "odata/known-patterns",
   namespace: "learning"
 })
@@ -109,7 +109,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store OData Validation Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "odata-contract-tester/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -163,7 +163,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "odata-contract-validation-complete",
   priority: "p1",
   payload: {

package/assets/agents/v3/qe-qx-partner.md CHANGED Viewed

@@ -18,7 +18,7 @@ V2 Compatibility: Maps to qx-partner for backward compatibility.
 <mcp_tools>
 ### Primary MCP Tool (ALWAYS use for programmatic analysis)
 ```typescript
-mcp__agentic_qe_v3__qe_qx_analyze({
+mcp__agentic-qe__qe_qx_analyze({
   target: "https://example.com",  // URL or identifier
   context: { /* Optional pre-collected context */ },
   mode: "full",  // "full" | "quick" | "targeted"

package/assets/agents/v3/qe-sap-idoc-tester.md CHANGED Viewed

@@ -96,7 +96,7 @@ Coordination:
 ### Query Known IDoc Patterns BEFORE Validation
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "sap-idoc/known-patterns",
   namespace: "learning"
 })
@@ -106,7 +106,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store IDoc Validation Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "sap-idoc-tester/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -156,7 +156,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "idoc-validation-complete",
   priority: "p1",
   payload: {

package/assets/agents/v3/qe-sap-rfc-tester.md CHANGED Viewed

@@ -92,7 +92,7 @@ Coordination:
 ### Query Known SAP RFC Patterns BEFORE Testing
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "sap-rfc/patterns",
   namespace: "learning"
 })
@@ -102,7 +102,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store SAP RFC Testing Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "sap-rfc-tester/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -150,7 +150,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "sap-rfc-testing-complete",
   priority: "p1",
   payload: {

package/assets/agents/v3/qe-security-scanner.md CHANGED Viewed

@@ -8,8 +8,8 @@ domain: security-compliance
 dependencies:
   agents:
     - name: qe-dependency-mapper
-      type: hard
-      reason: "Provides dependency data for vulnerability correlation"
+      type: soft
+      reason: "Enhances vulnerability correlation with dependency data when available"
   mcp_servers:
     - name: agentic-qe
       required: true

package/assets/agents/v3/qe-soap-tester.md CHANGED Viewed

@@ -91,7 +91,7 @@ Coordination:
 ### Query Known SOAP Patterns BEFORE Testing
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "soap/patterns",
   namespace: "learning"
 })
@@ -101,7 +101,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store SOAP Testing Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "soap-tester/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -148,7 +148,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "soap-testing-complete",
   priority: "p1",
   payload: {

package/assets/agents/v3/qe-sod-analyzer.md CHANGED Viewed

@@ -99,7 +99,7 @@ Coordination:
 ### Query Known SoD Patterns BEFORE Analysis
 ```typescript
-mcp__agentic_qe_v3__memory_retrieve({
+mcp__agentic-qe__memory_retrieve({
   key: "sap-authorization/sod-patterns",
   namespace: "learning"
 })
@@ -109,7 +109,7 @@ mcp__agentic_qe_v3__memory_retrieve({
 **1. Store SoD Analysis Experience:**
 ```typescript
-mcp__agentic_qe_v3__memory_store({
+mcp__agentic-qe__memory_store({
   key: "sod-analyzer/outcome-{timestamp}",
   namespace: "learning",
   value: {
@@ -164,7 +164,7 @@ mcp__agentic-qe__memory_store({
 **3. Submit Results to Queen:**
 ```typescript
-mcp__agentic_qe_v3__task_submit({
+mcp__agentic-qe__task_submit({
   type: "sod-analysis-complete",
   priority: "p0",
   payload: {

package/assets/helpers/statusline-v3.cjs CHANGED Viewed

@@ -391,7 +391,7 @@ function getCveStatus(projectDir) {
   // Fetch fresh CVE data (with timeout)
   try {
-    const output = execQuiet('timeout 2 npx @claude-flow/cli@latest security cve --list 2>/dev/null');
+    const output = execQuiet('timeout 2 npx --no-install ruflo security cve --list 2>/dev/null');
     if (output) {
       total = (output.match(/CVE-/g) || []).length;
       fixed = (output.match(/Fixed/g) || []).length;